diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/action/libraries.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/action/libraries.md deleted file mode 100644 index 304868c07b..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/action/libraries.md +++ /dev/null @@ -1,61 +0,0 @@ -# Action Libraries - -When creating a new action on a job, you have the ability to load action tasks that have been -preconfigured with table input, script body, and parameters. This helps you: - -- Perform operations that are not available in one of the out of the box action modules -- Build custom action workflows to satisfy common use cases -- Build custom remediation workflows, such as: - - - PowerShell Script / Action Body - - Table references - - Parameters - -On the job's **Configure** > **Action** node, the **Add from Library** option opens the Libraries -window with the available Action Libraries and operations: - -![Libraries window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/libraries.webp) - -When a specific operation within a library is chosen, the action is added in the disabled state to -the job. The Action Properties page opens, which has a description, action module, and source table -with relevant filters applied. - -When you click the **Configure Action** link, the action module's wizard opens. - -![PowerShell Action Module Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershellmodulewizard.webp) - -The following Action Libraries and Templates leverage the PowerShell Action module for running -actions within the specific environment: - -- Active Directory -- Azure Active Directory -- ServiceNow -- SharePoint Online -- Windows - -Prerequisite information for each of the PowerShell scripts is included as part of the script -comments. Typically, a script requires necessary cmdlets available and installed, as well as -parameter inputs configured. - -## Create a Custom Action Library - -You can also create and maintain custom libraries of action tasks for easy reference and use. Once -you configure an action task as desired, follow the steps to add it to an Action Library. - -**Step 1 –** From within the Action Selections view where the custom action tasks exists, -right-click and copy the task. - -**Step 2 –** Click the **Add from Library** link to open the Libraries window. - -**Step 3 –** Click the green plus sign on the top left to add a new library. - -![Add custom library on Libraries window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/librariescustom.webp) - -**Step 4 –** In the pop-up window, specify a name for the library and click **OK**. - -![Libraries window paste button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/librariescustompaste.webp) - -**Step 5 –** Select the new library and paste the copied action task. - -The custom action task is now available for use in other jobs through the **Add from Library** -option. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/action/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/action/overview.md deleted file mode 100644 index 97eec6e596..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/action/overview.md +++ /dev/null @@ -1,141 +0,0 @@ -# Action Modules - -This guide describes the **Actions** node and the various action modules available for use in -Enterprise Auditor. This overview topic describes the basic procedure for creating and executing an -action module as well the initial steps to take when configuring an action. Each action module is -described in detail in the relevant topics. - -The Enterprise Auditor actions are capable of changing users, permissions, files, and objects from a -variety of environments. Action modules are assigned to a job at the **Configure** > **Actions** -node. See the -[Actions Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information on the Action Selection view. - -![Action Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/actionselection.webp) - -Configure the action through the Action Properties page. Navigate to the job’s **Configure** > -**Actions** node. Select **Create Action** to add a new action task to a job. Select an existing -action and click **Action Properties** to modify its configuration. The Action Properties page opens -for either option. Pre-configured action tasks can be added from the Action Library. See the -[Action Libraries](/docs/accessanalyzer/11.6/accessanalyzer/admin/action/libraries.md) -topic for additional information. - -Most action modules are available with a special Enterprise Auditor License. The following table -provides brief descriptions of the action modules available in Enterprise Auditor. - -| Action Module | Description | -| ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Active Directory | Make changes to Active Directory such as deleting objects, creating users, and changing group membership. See the [Active Directory Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) for additional information. | -| File System | Change attributes and permissions, as well as copy, delete, move, and rename file system contents. See the [File System Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) for additional information. | -| Mailbox | Add/change permissions, remove permissions, add/remove delegates, remove zombie SIDS, and delete mailbox content. See the [Mailbox Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) for additional information. | -| PowerShell | Run PowerShell scripts on the local machine or on remote hosts. See the [PowerShell Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/powershell.md) for additional information. | -| PublicFolder | Make changes to Exchange Public Folders. See the [PublicFolder Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md) for additional information. | -| Registry | Make changes to the system registry. See the [Registry Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/registry.md) for additional information. | -| SendMail | Communicate with target audiences to supply users with dynamic content from selected audit data. See the [SendMail Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/send-mail.md) for additional information. | -| ServiceNow | Creates incidents in ServiceNow. See the [ServiceNow Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/service-now.md) for additional information. | -| SharePoint | Add/remove trustees from sites, lists, or libraries in SharePoint on-premise, apply sensitivity labels, and move files. | -| Survey | Solicit feedback from users to expedite and aid in the decision making process. See the [Survey Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) for additional information. | -| Web Request | Sends data to Threat Manager. See the [WebRequest Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/web-request.md) for additional information. | - -## Basic Procedure - -Actions perform operations on data tables. They reside within a job node and are associated with -that job. Enterprise Auditor provides many action modules and each has its own set of operations -that can be applied to selected columns in a selected data table. - -For example, the Active Directory Action Module automates specified Active Directory operations -while the SendMail Action Module can send an email to a dynamic list of users. - -The basic procedure consists of the following steps. - -**Step 1 –** Create a data table containing the target objects to be modified and exclude any -extraneous columns. - -**Step 2 –** Configure an action task using the configuration wizard for the selected action module. -Target the selected objects and apply selected operations to the data. - -**Step 3 –** Execute the action. - -### Executing Actions - -Actions with the checkbox next to their name selected in the Action Selection view are executed -automatically as part of the job’s execution. The actions are executed in the order in which they -appear in the Selection table. You can also manually execute selected actions without running the -job by clicking on the **Action Execute** link on the Action Selection view. - -## Caution on Action Modules - -**CAUTION:** Enterprise Auditor action modules apply bulk changes to targeted objects within the -target environment. Actions perform operations on selected objects listed in each row of the source -table. Exercise caution to ensure the action applies only the desired changes and only to the -desired target objects. - -**_RECOMMENDED:_** Prior to configuring the action module, scope the source data table to include -only the desired data. It is also recommended to run the action in a test environment before making -changes to a production environment. - -## Action Properties Page - -Use this page to view or specify properties for a selected action, including the name, description, -action module, and source table. Access this page via the Action Selection view. - -![Action Properties page for new action](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/actionproperties.webp) - -**_RECOMMENDED:_** Provide unique and descriptive names and action task descriptions to all user -created action tasks. - -- Name – Action task name. For new actions, an editable default name displays. -- Description – Action task description. For new actions, this editable field is blank. -- Action Module – Drop-down menu of available action modules - - - Configure Action – Opens the configuration wizard for the selected action module - -- Source Table – Table with objects the action task acts upon. For new actions, this field is blank. - Specify a source table on which to perform the action. -- Show tables from current job only – Restricts the list of source tables available to only those - tables generated by the job where the action task resides. Deselect the checkbox to list all - available data tables. -- ID – Unique identifier, or GUID, of the action task generated by the application. With this ID, - the database can distinguish actions, even those with identical configurations. -- Data Grid – Displays a sample of the selected Source table. This data grid functions the same as - all data grids within Enterprise Auditor. Data can be filtered, and columns can be regrouped. See - the - [Data Grid Functionality](/docs/accessanalyzer/11.6/administration/navigation.md) - topic for additional information. - -### Source Table Configuration - -All Enterprise Auditor actions require a source data table. The source table must contain, at a -minimum, the following columns. Include these columns in addition to any other columns required by -the action module being used. Otherwise, errors may occur upon execution of the action and with -analysis and reports downstream. - -| Required Columns | Description | -| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Host | Name of the target server | -| SA_HOST | This column determines the Enterprise Auditor server to which the data belongs in the event multiple Enterprise Auditor consoles are connected to a single database | -| JobRunTimeKey | Contains the run time and date for the job. If history is active, Enterprise Auditor can identify data collected during a specific collection execution. | -| rowGUID | Identifies each data row as unique. The datatype in the table is uniqueidentifier (GUID). | -| RowKey | Identifies each data row as unique. Sometimes the value is a GUID, but the datatype in the table is a varchar (text string). | - -_Remember,_ the individual action modules may have their own column requirements in addition to the -above. - -#### Data Tables - -Enterprise Auditor native data tables generally contain all of the above columns. However, if all -required columns are not present by default, add them manually. - -**CAUTION:** Do not use native data tables in action modules. Source data tables in actions should -include only the data desired for the operation. Scope the data tables to include only the required -columns prior to configuring the action. - -#### Module-Specific Source Table Requirements - -Enterprise Auditor action modules contain one or more selectable operations, many of which have -their own column requirements. Thus, in addition to excluding extraneous columns from the data -tables, include in the tables any columns required by the selected operation. The columns can have -any name, but they must contain the data required by the operation. - -For example, in the Active Directory Action Module, the Create Groups operation requires a column -containing the group name. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/autoaction.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/autoaction.md deleted file mode 100644 index 5dbf4f2cfc..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/autoaction.md +++ /dev/null @@ -1,22 +0,0 @@ -# AutoAction Analysis Module - -The Auto Action analysis module executes a pre-configured action as part of the analysis task -execution. To add an action to an analysis via the Auto Action analysis module, the action must -already exist and it must reside within the current job. - -**NOTE:** The Actions node can also automatically execute actions. See the -[Action Modules](/docs/accessanalyzer/11.6/accessanalyzer/admin/action/overview.md) -topic for additional information. - -## Select Action Window - -The Select Action window lists the actions that currently exist within the Job that can be selected -to automatically run upon job execution. - -![Select Action Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/autoaction.webp) - -Select an action from the list. Click **OK** to exit the window, and then click **Save** to preserve -the changes made to the analysis module. The action now executes as part of the analysis task. If no -actions were selected, it is best practice to click **Cancel** to close the Select Action window to -ensure no accidental selections are saved. Actions only display if they exist within the Actions -node of the current Job. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/overview.md deleted file mode 100644 index 72428815bc..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/overview.md +++ /dev/null @@ -1,92 +0,0 @@ -# Analysis Modules - -The Enterprise Auditor analysis modules are capable of finding unique data and notifying users of -its location from a variety of environments. Analysis modules are assigned to a job at the -**Configure** > **Analysis** node. See the -[Analysis Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for information on the Analysis Selection view. - -![Configure an analysis](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/configure.webp) - -Analysis tasks are configured through the Analysis Properties page. Navigate to the job’s -**Configure** > Analysis node. The Analysis Properties page is opened from the Analysis Selection -page by either of the following options: - -- Select **Create Analysis** to add a new analysis task to a job -- Select an existing analysis and click **Analysis Properties** to modify its configuration - -See the [Analysis Selection Page](#analysis-selection-page) and -[Analysis Properties Page](#analysis-properties-page) topics for additional information. - -The following table provides brief descriptions of the analysis modules available in Enterprise -Auditor. - -| Analysis Module | Description | -| --------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | -| [AutoAction Analysis Module](/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/autoaction.md) | Performs a specified action at the conclusion of an analysis task’s execution | -| [Business Rules Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/business-rules.md) | Finds data that does not match user expectations for the target environment | -| [Change Detection Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md) | Notifies when a change occurs in the results of a job and identifies the location of the change | -| [Notification Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) | Sends notifications to specified recipients when a specified event occurs | -| [SQLscripting Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/scripting.md) | Executes free-form SQL scripts | -| SQLTrend | Legacy action module | -| [SQLViewCreation Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) | Provides a scripting wizard for creating SQL tables or views | -| [VBscripting Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/scripting.md) | Executes free-form VB scripts | - -## Executing Analyses - -Analysis tasks execute automatically if enabled through the Analysis Selection page for jobs with -analysis modules configured. Analysis tasks can be enabled or disabled by selecting the checkbox -next to the analysis tasks. Analysis tasks execute in the order shown in the Analysis Selection -window. Tasks can be manually executed without running the job by right-clicking on the task and -selecting **Execute Analyses** from the dropdown menu. - -## Analysis Selection Page - -Analysis tasks can be created, deleted, and configured through the Analysis Selection page. For jobs -with existing analysis tasks, the Analysis Selection page is used to change the order in which tasks -are run, as well as enabling or disabling tasks. - -![Analysis Selection Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/analysisselectionpage.webp) - -The Analysis Selection page has the following options: - -- Create Analysis – Opens the Analysis Properties page for a newly created task -- Delete Analysis – Deletes the selected analysis task in the Analysis Selection list -- Analysis Properties – Opens the Analysis Properties page for the selected existing analysis task -- Analysis Configuration – Opens the configuration wizard for the analysis task -- Select the checkbox next to an analysis task to enable it, or clear the checkbox to disable it -- Move Up/Move Down – Moves the selected analysis tasks up or down the Analysis Selection task list. - Moving tasks up or down the list changes the order in which the task is run when the job is - executed. - - **NOTE:** Tasks can be drag-and-dropped to change position in the list. - -- Select All – Enables/disables all tasks in the list -- The **Validate**, **Validate Selected**, and **Edit Rules** buttons are specific to the Business - Rules Analysis Module. See the - [Business Rules Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/business-rules.md) - topic for additional information on these buttons. - -## Analysis Properties Page - -Configure task properties through the Analysis Properties page. The Analysis Properties page is -accessed through the Analysis Selection page. - -![Analysis Properties Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/analysispropertiespage.webp) - -The Analysis Properties page has the following options: - -- Name – Name of the analysis task. Default names can be changed. -- Description – Description of the analysis task. Analysis tasks for default solutions reference - associate data tables. Descriptions for new tasks are blank by default. -- Analysis Module – Click the drop-down to select an analysis module for the task -- Configure Analysis – Click to access the configuration wizard for the selected analysis module -- ID – Unique identifying number of the analysis task. The database uses distinct IDs to distinguish - between analysis tasks, even those with identical configurations. -- Enable execution of this task when the job is run – Select this option to automatically execute - the task as part of the job execution. This box can also be selected through the Analysis - Selection page. -- View XML – Opens the XML Text window to display the `DataAnalysisTasks.XML` file for the selected - job. The file is stored in the job’s directory. -- Cancel – Return to the Analysis Selection page without saving changes -- Save – Save changes and return to the Analysis Selection page diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/overview.md deleted file mode 100644 index 027248b8e3..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/overview.md +++ /dev/null @@ -1,35 +0,0 @@ -# DiskInfo Data Collector - -The DiskInfo Data Collector provides enumeration of disks and their associated properties. When -targeting the local host for a DiskInfo query, it is necessary to select the **Systems Default** -option as the connection profile. This data collector is a core component of Enterprise Auditor and -is available with all Enterprise Auditor licenses. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the local Administrators group - -## DiskInfo Query Configuration - -The DiskInfo Data Collector is configured through the Disk Info wizard, which contains the following -wizard pages: - -- Welcome -- [DiskInfo: Target Disks](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/targetdisks.md) -- [DiskInfo: Results](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/results.md) -- [DiskInfo: Summary](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/summary.md) - -![Disk Info wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/results.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/results.md deleted file mode 100644 index b540011bb4..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/results.md +++ /dev/null @@ -1,26 +0,0 @@ -# DiskInfo: Results - -The Results page provides a checklist of the data that is available for return by the query. Any -number of options can be selected at once, but at least one must be selected in order to complete -the wizard. - -![Disk Info wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually, or you can use the **Select all** and **Clear all** -buttons. The table below describes the available options. - -| Checklist Result | Description | -| ----------------------------- | ------------------------------------------------------------------------------------------------------------------- | -| DriveLetter | Drive Letter of the drive being scanned | -| GBDiskFreeSpace | Total amount of free space on the scanned drive in GB | -| GBDiskSize | Total size of scanned disk in GB | -| MBDiskFreeSpace | Total amount of free space on the scanned drive in MB | -| MBDiskSize | Total size of scanned disk in MB | -| PercentFree | Percentage of the scanned drive that is free | -| VolumeLabel | Name of drive (if it exists) | -| FileSystemType | Type of FileSystem configuration. This can include NTFS, FAT(12, 16, 32) and others | -| DiskType | Kind of disk that is being used. These can include fixed, removable, shared, and so on. | -| ClusterSizer | If scanning a disk that is part of a cluster, this indicates the total size of the cluster that the disk is part of | -| FilePercentFragmentation | Percent of used disk space that shows fragmentation | -| FreeSpacePercentFragmentation | Percentage of free space on the disk that shows fragmentation | -| TotalPercentFragmentation | Percentage of total disk space that shows fragmentation | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/summary.md deleted file mode 100644 index 16f315167d..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# DiskInfo: Summary - -The Summary page displays a summary of the configured query. - -![Disk Info wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Disk Info Data Collector Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/targetdisks.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/targetdisks.md deleted file mode 100644 index 5424a30780..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/diskinfo/targetdisks.md +++ /dev/null @@ -1,48 +0,0 @@ -# DiskInfo: Target Disks - -The Target Disks page provides a selection of storage devices from which to return data from the -target host after a query. - -![Disk Info wizard Target Disks page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/targetdisks.webp) - -Use the options to select the desired target disk. - -- The Enumerate all storage devices – Allows all internal drives to be scanned. In order to expand - the scan, two sub-options can be included together, separately, or not at all. - - - Include removable storage devices – Scans removable devices that are plugged into the target - host - - Include network storage devices – Scans mapped drives that exist through a connected network - -- Single drive letter – Allows information to be collected from a single drive (`A:` through `Z:`) - during a single query. This option includes both operating system drives and removable disks. -- Enumerate all mount points (available for Windows 2003+ systems) – Targets any drive letter on the - target host that points to a mapped share drive -- Registry lookup – Provides the path of connection to gather information from the Enterprise - Auditor Registry Browser. By default, the local host will be targeted unless modified. The - Registry value are instructions for the data found within the subfolders of the registry. - - - The browse button **(…)** under the Registry lookup option opens the Enterprise Auditor - Registry Browser window. Use the registry browser to find registry keys and values that are on - a target host in the environment. See the - [DiskInfo: Registry Browser](#diskinfo-registry-browser) topic for additional information. - -## DiskInfo: Registry Browser - -Clicking the browse button on the Target Disks wizard page opens the Enterprise Auditor Registry -Browser. Use this page to find registry keys and values that exist on a target host in the -environment. - -![Registry Browser](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/registrybrowser.webp) - -The configurable options on the Registry Browser are: - -- Sample from Host – Host for which the Registry will be browsed. If this box is left blank, the - Registry on the local host is used. -- 64-bit view – Default view is 32-bit. Select the 64-bit checkbox to switch to a 64-bit view. -- Connect – Click **Connect** to browse the Registry -- Table Columns – Select the Registry from the navigation pane to view keys in the table - - - Name – Registry key value - - Type – Key value type - - Data – Key value path diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/category.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/category.md deleted file mode 100644 index 2013806c77..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/category.md +++ /dev/null @@ -1,45 +0,0 @@ -# DNS: Category - -The DNS Data Collector Category page contains the following query categories, sub-divided by -auditing focus: - -![Domain Name System Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -- DNS Configuration – Collect data from the DNS configuration - - - Cache – DNS Cache information - - Server – DNS Server Configuration information - - RootHints – Root Hints stored in the cache file - - Statistics – Statistics collected - - Zone – DNS Zone information - -- DNS Record Types – Collect data on the individual DNS records - - - AFSDB – Andrew File System database server (AFSDB) resource records - - ATMA – ATM address to name (ATMA) records - - CNAME – Canonical Name (CNAME) records - - A – Host address (A) resource records - - HINFO – Host Information (HINFO) records - - AAAA – IPv6 address (AAAA) resource records - - ISDN – ISDN resource records - - KEY – KEY resource records - - MD – Mail Agent for domain (MD) records - - MB – Mailbox (MB) records - - MX – Mail Exchanger (MX) records - - MF – Mail Forwarding Agent (MF) records - - MG – Mail Group (MG) resource records - - MINFO – Mail Information (MINFO) records - - MR – Mailbox Rename (MR) records - - NXT – Next (NXT) resource records - - NS – Name Server (NS) records - - PTR – Pointer (PTR) records - - RP – Responsible person (RP) records - - RT – Route through (RT) records - - SOA – Start of authority (SOA) records - - SRV – Service (SRV) records - - SIG – Signature (SIG) resource records - - TXT – Text (TXT) records - - WKS – Well-known service (WKS) records - - WINS – Windows Internet Name Service (WINS) records - - WINSR – Windows Internet Name Service (WINS) reverse lookup records - - X25 – X.25 records diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/overview.md deleted file mode 100644 index 8e9f7b31d6..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/overview.md +++ /dev/null @@ -1,33 +0,0 @@ -# DNS Data Collector - -The DNS Data Collector provides information regarding DNS configuration and records. It is available -with the Active Directory Solution. Both this data collector and the solution are available with a -special Enterprise Auditor license. - -Protocols - -- RPC - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Domain Administrators group - -## DNS Query Configuration - -The DNS Data Collector is configured through the Domain Name System Data Collector Wizard, which -contains the following wizard pages: - -- Welcome -- [DNS: Category](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/category.md) -- [DNS: Results](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/results.md) -- [DNS: Summary](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/summary.md) - -![Domain Name System Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the Do not display this page the next time checkbox when -the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/results.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/results.md deleted file mode 100644 index 8d1f537f2b..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/results.md +++ /dev/null @@ -1,10 +0,0 @@ -# DNS: Results - -The Results page is where DNS properties to be gathered are selected. It is a wizard page for all -categories. - -![Domain Name System Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Available properties can be selected individually, or the **Select All**, **Clear All**, and **Reset -to defaults** buttons can be used. All selected properties are gathered. Available properties vary -based on the category selected. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/summary.md deleted file mode 100644 index 41774f262e..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/dns/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# DNS: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all categories. - -![Domain Name System Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Domain Name System Data Collector Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/eventlog.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/eventlog.md deleted file mode 100644 index 43a8782acd..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/eventlog.md +++ /dev/null @@ -1,97 +0,0 @@ -# EventLog Data Collector - -The EventLog Data Collector provides search and extraction of details from event logs on target -systems. This data collector is a core component of Enterprise Auditor and is available with all -Enterprise Auditor licenses. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group -- Member of the Domain Administrators group (if targeting domain controllers) - -## EventLog Query Configuration - -The EventLog Data Collector is configured through the Event Log Browser window. - -![Event Log Browser window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/eventlogbrowser.webp) - -Sample - -In the Sample section, select from the following options: - -- From log - - - Host – Enter a sample host that contains a log with the type of events desired for the query. - Click **Connect** to generate a list of logs available for extraction. - - Log name – Select a log from the drop-down list. Events from the selected log are populated in - the table. - -- From file - - - Click the folder icon next to the File name box to open the Log sample browser window and - select a log, or manually enter the log path in the box - -- Show – Click to preview the elements in the event log file for log paths manually entered in the - File path box - - **NOTE:** A preview displays automatically if the folder icons is used to navigate to the log. - -- Lookup user name – Select this checkbox to resolve SID or GUID values to friendly display values - -Search Criteria - -In the Search Criteria section, add a search filter to the table by configuring the following -criteria: - -- Event Source – Select the event source from the drop-down list. Typically, select **Any Source**. -- Even Type – Select the event type from the drop-down list. Typically, select **Any Type**. -- Event ID – Enter the event ID for the type of event to search - -Once the information above has been entered, click **Add** to add the configured event to the query. -Add as many events as desired. - -- Latest event only – Select this checkbox to only search the latest event - -Click the **Add** button to add the search filters to the table. Click the **Remove** button to -remove search criteria from the filters. - -- Event Date/Time – Enter the last number of hours the event time must be in. A value of `0` can be - used to specify any time. -- Retrieve oldest event – Select this checkbox to retrieve the oldest event -- Retrieve latest event – Select this checkbox to retrieve the latest event - -Click **Apply Filter** to filter the list of sample events to the search criteria. - -Options - -In the Options section, select the desired processing options: - -- Process offline logs only – Select this checkbox to process only offline logs -- Process offline logs if required – Select this checkbox to process offline logs if needed -- Specify explicit path\mask for archives – Enabled if the **Process offline logs only** or - **Process offline logs if required** checkboxes are selected. Specify the path and name of the - archive. - -Available Properties - -In the Available Properties section, select which properties will be collected by the browser. - -- Add Icon – Add properties from those available in the list to add the properties to the search - - - The Description properties provide the ability to extract the bracketed pieces of information - found within the description and display each bracketed piece of information in its own column - -- Remove Icon – Use to remove properties from the search - -Once all options have been configured, click **OK** to save changes and exit the browser. Click -**Cancel** to exit without saving. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/category.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/category.md deleted file mode 100644 index 879c406c90..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/category.md +++ /dev/null @@ -1,15 +0,0 @@ -# File: Category - -Use the Category page to identify the type of information to retrieve in this query. - -![File Search Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The categories are: - -- Calculate Group Size (Files Only) – Scans of disk space for the amount used by files in each - folder location. This option scopes the query to files so that any information involving the - folders that hold the files is not retrieved. -- File or Folder Properties – Scans the target host for specific attributes and properties - associated with certain files and folders in the environment. This option is selected by default. -- File or Folder Permissions – Scans files or folders for permission settings and effective - permission results for both users and groups diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/overview.md deleted file mode 100644 index fb2a739fb6..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/overview.md +++ /dev/null @@ -1,47 +0,0 @@ -# File Data Collector - -The File Data Collector provides file and folder enumeration, properties, and permissions. It is -used to find files and folders on a target host. The File Data Collector finds one or more files on -the target hosts. It can target any file extension. This data collector is a core component of -Enterprise Auditor and is available with all Enterprise Auditor licenses. - -**NOTE:** For enhanced file system data collections, use the -[FileSystemAccess Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md). - -Supported Platforms - -This data collector can target the same servers supported for the FileSystemAccess Data Collector. -See the -[File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for a full list of supported platforms. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports -- Optional TCP 445 - -Permissions - -- Member of the Local Administrators group - -## File Query Configuration - -The **File** Data Collector is configured through the File Search Wizard, which contains the -following wizard pages: - -- Welcome -- [File: Category](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/category.md) -- [File: Target Files](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/targetfiles.md) -- [File: Results](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/results.md) -- [File: Summary](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/summary.md) - -![File Search Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/results.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/results.md deleted file mode 100644 index c5cc24465e..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/results.md +++ /dev/null @@ -1,31 +0,0 @@ -# File: Results - -The Results page provides a list of available properties to be searched for and returned by the job -execution. The properties selected display as table columns in the results of the query. It is a -wizard page for all of the categories. - -![File Search Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or in groups with the **Select All** or **Clear All** -buttons. The properties available vary based on the category selected. - -**NOTE:** When the **Calculate Group Size (Files Only)** category is selected, the properties and -options on the Results page are grayed out. - -- Disable properties that require opening file – Disables properties that require opening files that - trigger the last accessed date timestamp - - - This option is available for the **File or Folder Properties** category - -- Only return permissions for the following user(s) – Defines users for the query. Enter the desired - users in the textbox. - - - This option is available for the **File or Folder Permissions** category - -- Only return permissions for the following group(s) – Defines groups for the query. Enter the - desired users in the textbox. - - - This option is available for the **File or Folder Permissions** category - -- Size Units – Identifies the unit in which the values will be displayed. The options are: - **Bytes**, **Kb**, **Mb**, or **Gb**. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/summary.md deleted file mode 100644 index decd2c5c79..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# File: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![File Search Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the File Data Collector Wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/targetfiles.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/targetfiles.md deleted file mode 100644 index cd86fd5e87..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/file/targetfiles.md +++ /dev/null @@ -1,115 +0,0 @@ -# File: Target Files - -The Target Files page provides filters to scope the data collection. This can provide better search -results for the specific folder or file. It is a wizard page for all of the categories. - -![File Search Wizard Target Files page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/inifile/targetfiles.webp) - -Within the Target files configuration page, select the desired method to refine the query. - -**NOTE:** Some options are grayed out depending on the option selected. - -Where is the file or folder? - -This section supplies options for using a fixed path (wildcards and system variables) or registry -lookup values that are supported by the data collector. This header is available for all Category -selections. - -For either option, enter the path in the text box or click the browse button (**…**) to select from -the popup windows. - -**CAUTION:** When selecting a **Fixed path**, avoid using file paths from network drives or from the -network neighborhoods which begin with `\\`. - -- Fixed path – Specify a specific path to the target files. Use the following format: - `drive\filepath` (for example, `C:\WINNT\System32`). The browse button (**…**) opens the Remote - Folder Explorer window. - - **NOTE:** Further information for the Fixed path option is provided by clicking the tooltip - button (**?**). - -- System environment variables – Supply a traditional system root or previously defined variable - that maps to a physical path within the file system. This is typically used when the system root - is installed on a secondary volume. The following are variables that can be entered at the - beginning of the file path: - - - `%SYSTEMROOT%\Temp` – Expands to `C:\WINNT\Temp` on some target hosts - - `%WibnDir%\System32` – Expands to `C:\WINDOWS\System32` on some target hosts - - `%ProgramFiles%` – Expands to `C:\Program Files` on some target hosts - -- Registry Lookup – Find registry keys and values that exist on a target host in the environment. - Click the browse button (**…**) to open the Enterprise Auditor Registry Browser window. - - - Enterprise Auditor Registry – Connect to a host, then select a registry key and path to be - used for the lookup by the query - - - Registry Value – This value is automatically populated from the registry key - - Levels – After a registry path has been selected, the Levels slider can be used to - truncate the path for the key value in the Adjust Path dialog box - - Current Value – Displays the type of data each registry value contains - - Query 32-bit View – Select this checkbox to query a 32-bit view - - Query 64-bit View – Select this checkbox to query a 64-bit view - - When a **Fixed path** or **Registry Lookup** is mapped, select options to better refine - the search. Select one, none, or both. - -- Include network drives – Includes all mapped shared drives in the network in the query - - **CAUTION:** Including subfolders may result in hundreds of thousands of files being returned - depending on the environment being targeted. - -- Include subfolders – Searches all subfolders within the environment - -What is the file or folder name? - -The options in this section limit the search to folders or files with a specified name against the -targeted host. When the **I am looking for folders** option is selected, more options become -available for further refinement. - -**NOTE:** The **I am looking for folders** option and it's associated options are unavailable -(grayed out) when the **Calculate Group Size (Files Only)** category is selected. - -- I am looking for files – Identifies files that exist on the target location and returning property - information on these files -- I am looking for folders – Identifies folders that exist on the target location and returning - property information on these folders - - - Include root folder in results – Returns all information within the root folder - - Only include root folder – Returns information only for the root folder. This checkbox is - enabled when the **Include root folder in results** checkbox is selected. - -- With this name – Specific name of a file or folder. A wildcard is used to match any file or folder - to a specific naming convention. When searching for multiple objects, use a semicolon (`;`) to - separate the objects in the list. - -Last Modification Time Filter - -Last Modification Time Filter is an additional filtration clause. It filters the information -provided in the **Where is the file or folder** and **What is the file or folder name** criteria by -a specific time frames. The following options are available: - -- None – No time filter is applied. This option is selected by default. -- Between – Manually enter start and end dates in the following format (`MM/DD/YYYY`) or use the - dropdown calendar to set the date. By default, the date range is set for the current day. Select - **Today** to set the filter to the current date or **Clear** to reset the dates to a blank box. -- Most recent file – Filter the selected criteria by the most recent files since last modification -- Oldest file – Filter the **With this name** and selected fixed path or registry value by the - oldest files available -- In the last – Filter the selected criteria for the specified number of desired **days** or - **hours** - -File Size Filter - -The File Size Filter option is only available when the **Calculate Group Size (Files Only)** -category is selected. Select an option to activate the filter and narrow the query. - -- None – No file size filter is applied. This option is selected by default. -- Below – Filter to files smaller than the specified values - - - Enter the number in the first text box and then select the size (**Bytes**, **Kb**, **Mb**, or - **Gb**) from the dropdown menu - -- Above – Filter to files larger than the specified values - - - Enter the number in the first text box and then select the size (**Bytes**, **Kb**, **Mb**, or - **Gb**) from the dropdown menu diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/category.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/category.md deleted file mode 100644 index 27cf733132..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/category.md +++ /dev/null @@ -1,22 +0,0 @@ -# GroupPolicy: Category - -On the GroupPolicy Data Collector Category page, select the required query category to be executed. - -![Group Policy Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The available categories are: - -- Group Policy Objects – Retrieves the GPO’s list in the domain and where each is linked -- Policies State – Provides the ability to return information on configured policies and policy - parts from the individual policies which have been selected - - - For example, selecting **Account Policies** > **Policy Password** will result in **Account - Policies** > **Policy Password** being returned for the targeted domains - -- Policies State for all GPOs – Provides the ability to return information on selected policy parts - from all policies within the domain - - - For example, selecting **Account Policies** > **Password Policy** will result in **Password - Policy** being returned for all policies in the targeted domains - -- Local policies – Returns effective security policies in effect at the individual workstation diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/options.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/options.md deleted file mode 100644 index 22ccc7f7e5..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/options.md +++ /dev/null @@ -1,26 +0,0 @@ -# GroupPolicy: Options - -The Options page is used to configure how to return multi-valued properties and how policy results -are presented. It is a wizard page for all categories. - -![Group Policy Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -The configurable options are: - -- Result Presentation – Select one of the following options. This section is not available for the - Group Policy Objects category. - - - Each part of each policy on a new row - - All parts of each policy on the same row - - **_RECOMMENDED:_** Use the Each part of each policy on a new row for best results - -- Multi-Valued Properties – Select one of the following options: - - - Concatenated – Specify the delimiter to use in the Delimiter box - - First value only - - Each value on a new row - - **_RECOMMENDED:_** Use the Each value on a new row option for best results. - -The available options vary based on the category selected. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/overview.md deleted file mode 100644 index 04244548a9..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/overview.md +++ /dev/null @@ -1,50 +0,0 @@ -# GroupPolicy Data Collector - -The GroupPolicy Data Collector provides the ability to retrieve the GPO’s list in the domain and -where they are linked, return information on configured policies and policy parts from the -individual policies that have been selected, return information on selected policy parts from all -policies within the domain, and return effective security policies in effect at the individual -workstation. - -The GroupPolicy Data Collector is a core component of Enterprise Auditor, but it has been -preconfigured within the Active Directory Solution and the Windows Solution. While the data -collector is available with all Enterprise Auditor license options, the Windows Solution is only -available with a special Enterprise Auditor licenses. See the following topics for additional -information: - -- [Active Directory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -- [Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) - -Protocols - -- LDAP -- RPC - -Ports - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Domain Administrators group (if targeting domain controllers) -- Member of the Local Administrators group - -## GroupPolicy Query Configuration - -The GroupPolicy Data Collector is configured through the Group Policy Data Collector Wizard. The -available pages change based upon the query category selected. It contains the following wizard -pages: - -- Welcome -- [GroupPolicy: Category](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/category.md) -- [GroupPolicy: Target](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/target.md) -- [GroupPolicy: Policies List](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/policieslist.md) -- [GroupPolicy: Options](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/options.md) -- [GroupPolicy: Summary](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/summary.md) - -![Group Policy Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/policieslist.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/policieslist.md deleted file mode 100644 index 1236868e90..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/policieslist.md +++ /dev/null @@ -1,21 +0,0 @@ -# GroupPolicy: Policies List - -The Policies List page is where the policies from the desired GPOs to be queried are selected. It is -a wizard page for the categories of: - -- Policies State -- Policies State for all GPOs -- Local Policies - -![Group Policy Data Collector Wizard Policies List page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/policieslist.webp) - -Select the policies or policy parts to be audited. The category dictates how this selection is -applied across the domain or local host. - -To search parts of a policy, drill into the policy and select the desired policy parts. Click -**Check all** to select all properties, and click **Uncheck all** to deselect all properties. Search -for a policy by entering a policy name in the Search box and clicking **Search**. - -**NOTE:** The policy parts returned may have multiple values. - -At least one policy or policy part must be selected in order to proceed to the next wizard page. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/summary.md deleted file mode 100644 index e68f52a9c6..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# GroupPolicy: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all categories. - -![Group Policy Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Group Policy Data Collector Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/overview.md deleted file mode 100644 index 75e466adba..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/overview.md +++ /dev/null @@ -1,34 +0,0 @@ -# INIFile Data Collector - -The INIFile Data Collector provides options to configure a task to collect information about log -entries on target hosts. This data collector is a core component of Enterprise Auditor and is -available with all Enterprise Auditor licenses. - -Protocols - -- RPC - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports -- Optional TCP 445 - -Permissions - -- Member of the Local Administrators group - -## INIFile Query Configuration - -The INIFile Data Collector is configured through the INI File Data Collector Wizard. It contains the -following wizard pages: - -- Welcome -- [INIFile: Target Files](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/targetfiles.md) -- [INIFile: Properties](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/properties.md) -- [INIFile: Summary](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/summary.md) - -![INI File Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/properties.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/properties.md deleted file mode 100644 index 6514307205..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/properties.md +++ /dev/null @@ -1,24 +0,0 @@ -# INIFile: Properties - -The Properties page identifies data about the INI file for auditing. - -![INI File Data Collector Wizard Properties page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/properties.webp) - -Use the following options to determine which data to adult: - -- All contents – Collect all contents from the INI file - - **NOTE:** `*` can be used for matching wildcard or single characters. - - - Section name – Collect data matching section name from the INI file - - Key name – Collect data matching key name from the INI file - -- Differences from standard – Select a master control file to compare the current target against - - - Click the ellipses (**…**) to open a file explorer window - - Select an appropriate .INI file - -- Properties – Select a checkbox next to any desired properties. **Select All** or **Clear All** can - also be used. - - If **Differences from standard** is selected, all properties are selected and cannot be altered. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/summary.md deleted file mode 100644 index a84ca7f6e8..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# INIFile: Summary - -The Summary page is where the selected configuration settings are listed. - -![INI File Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the INIFile Data Collector Wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/targetfiles.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/targetfiles.md deleted file mode 100644 index a244d5fb8a..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/inifile/targetfiles.md +++ /dev/null @@ -1,21 +0,0 @@ -# INIFile: Target Files - -The Target Files page identifies the location and name of the INI file from which to collect -information. - -![INI File Data Collector Wizard Target Files page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/inifile/targetfiles.webp) - -Configure the Target Files options: - -- Fixed path – Path to the INI file. Fixed paths are typically entered using the following format: - `drive:\filepath` -- Registry Lookup – Select this option to obtain a path from a registry key that exists on the - target host in the environment. Click the ellipsis (**…**) to open the Enterprise Auditor Registry - Browser and connect to a host to select a registry key and path to be used for the lookup. - - - Registry Value – This value is automatically populated from the registry key - - Levels – The Levels slider can be used to truncate the path for the key value in the Adjust - Path dialog box - - Current value – Displays the current value for the registry key - -- INI File Name – Name of the INI file diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/category.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/category.md deleted file mode 100644 index 08a0eb15ea..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/category.md +++ /dev/null @@ -1,18 +0,0 @@ -# NIS: Category - -The Category page is used to identify which type of NIS information to retrieve. - -![NIS Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The NIS Data Collector contains two query categories: - -- Scan NIS Users and Groups – Scans a NIS domain for user and group information, map them to - Windows-style SIDS, and import the information into SQL server creating the standard reference - tables. This task is also responsible for maintaining the schema for tables and views. This is the - standard option for this data collector. -- Custom NIS Scan –Scan and parse a specified NIS map and import the information into the SQL Server - database creating tables specific to the job configuration - -The Scan NIS Users and Groups category is the pre-configured setting for the .NIS Inventory job -group. To use the Custom NIS Scan category, create a query in a new job using the NIS Data Collector -and configure the query as desired. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/configurejob.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/configurejob.md deleted file mode 100644 index 4a67cde5e0..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/configurejob.md +++ /dev/null @@ -1,53 +0,0 @@ -# Unix Connection Profile & Host List - -The NIS Data Collector requires a custom Connection Profile and host list be created and assigned to -the job or job group conducting the data collection. The host inventory option during host list -creation makes it necessary to configure the Connection Profile first. - -## Connection Profile - -Creating the Connection Profile requires having an account with access to the targeted NIS server. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Unix Account -- User name – Enter user name -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Password/Confirm - - - If not using a private key, enter the **Password** and re-type in the **Confirm** field - - If using a private key, then the password is not needed. Provide the private key information - in the **Use the following private key when connecting** field. - -- Use the following port/ports(CSV) for SSH - - - The SSH port needs to be opened in software and hardware firewalls - - If desired, select this option and provide the port value - -- Use the following private key when connecting - - - This option uses the authentication method of an SSH Private Key - - Supported Key types: - - - Open SSH - - PuTTY Private Key - - - If desired, select this option and provide the key value - -Once the Connection Profile is created, it is time to create the custom host list. See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -## Custom Host List - -The custom host list only needs to include a single NIS server in the targeted NIS domain. Follow -the steps in the -[Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for instructions on how to create a custom static host list. - -See the -[Recommended Configuration for the .NIS Inventory Solution](/docs/accessanalyzer/11.6/solutions/cross-platform/nis-inventory.md) -topic for information on where to assign the Connection Profile and host list. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/overview.md deleted file mode 100644 index c1784c120e..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/overview.md +++ /dev/null @@ -1,39 +0,0 @@ -# NIS Data Collector - -The NIS Data Collector inventories a NIS domain for user and group information, mapping to -Windows-style SIDs. This data collector is a core component of Enterprise Auditor and has been -preconfigured within the .NIS Inventory Solution. Both this data collector and the solution are -available with all Enterprise Auditor license options. See the -[.NIS Inventory Solution](/docs/accessanalyzer/11.6/solutions/cross-platform/nis-inventory.md) -topic for additional information. - -Protocols - -- NIS - -Ports - -- TCP 111 or UDP 111 -- Randomly allocated high TCP ports - -Permissions - -- No special permissions are needed aside from access to a NIS server - -## NIS Query Configuration - -The NIS Data Collector is configured through the NIS Data Collector Wizard, which contains the -following wizard pages: - -- Welcome -- [NIS: Category](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/category.md) -- [NIS: NIS Settings](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/settings.md) -- [NIS: SID Mappings](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/sidmappings.md) -- [NIS: NIS Query](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/query.md) -- [NIS: Results](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/results.md) -- [NIS: Summary](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/summary.md) - -![NIS Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/query.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/query.md deleted file mode 100644 index 95f208115b..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/query.md +++ /dev/null @@ -1,26 +0,0 @@ -# NIS: NIS Query - -The NIS Query page is where the NIS query regular expressions are configured and tested. It is a -wizard page for the category of: - -- Custom NIS Scan - -![NIS Data Collector Wizard NIS Query page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/query.webp) - -The Data Source configuration options are: - -- NIS Map – Specify the name of the NIS map to query -- Load Data – Fetches the first 50 rows of data of the specified NIS map from the test host -- Paste Data – Uses text from the clipboard as the test data source -- Open File – Allows using a text file as test data. The test data is shown in the preview box. - -The Query Expressions configuration options are: - -- Per-Row Query – A regular expression that is evaluated once per source row, and the - sub-expressions returned make up the first columns of the result rows -- Per-Value Query – This value is evaluated multiple times per source row, generating one result row - for each evaluation -- Use map key as first column of results – When selected, this option sets the map key as the first - column in the data table -- Insert row when there is no per-value match – When selected, this option generates a blank row for - evaluations that return no per-value match diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/results.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/results.md deleted file mode 100644 index 8bd2a9f5eb..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/results.md +++ /dev/null @@ -1,14 +0,0 @@ -# NIS: Results - -The Results page is where properties from Unix to be gathered are selected. It is a wizard page for -both categories. - -![NIS Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Available properties have checkboxes that can be selected individually, or you can use the **Select -All**, **Clear All**, and **Reset to defaults** buttons. All selected properties are gathered. -Available properties vary based on the category selected. - -This information is not available within the standard reference tables and views. Instead, this -information can be viewed in the `SA_[Job Name]_DEFAULT` table, which is created when any of these -properties are selected. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/sidmappings.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/sidmappings.md deleted file mode 100644 index 88113b1763..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/sidmappings.md +++ /dev/null @@ -1,12 +0,0 @@ -# NIS: SID Mappings - -The SID Mappings page is where the Windows-style SID mappings for the Unix User ID and Group ID are -specified. It is a wizard page for the category of: - -- Scan NIS User and Groups - -![NIS Data Collector Wizard SID Mappings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/sidmappings.webp) - -The default settings work for most environments. Use this page to **Add**, **Edit**, or **Remove** -ID Mappings. Multiple entries are allowed. For each range of User ID or Group ID entered, the offset -is added to the ID and the resulting SID is the format with `%d` replaced by the ID. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/summary.md deleted file mode 100644 index da0f96148e..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# NIS: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for both -categories. - -![NIS Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the NIS Data Collector Wizard to ensure that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/overview.md deleted file mode 100644 index 06270746d3..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/overview.md +++ /dev/null @@ -1,149 +0,0 @@ -# Data Collectors - -This topic covers the configuration wizards that are unique to each data collector. See the -[Jobs Tree](/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/overview.md) topic -for additional information on job configuration. - -## Query Selection - -The Enterprise Auditor data collectors can collect information from a wide range of environments. -Data collection tasks are assigned to jobs at the **Configure** > **Queries** node level. See the -[Queries Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -![Query Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/queryselection.webp) - -The Query Selection page is split into the Tables and Queries sections. The Tables section has the -following options: - -- Table – Select a pre-configured table or select DEFAULT to create a new one -- Add Table – Add a new table to the Table dropdown list -- Rename Table – Rename the current table selected -- Delete Table – Delete the current table selected - -The Queries section is where the Data Collectors are configured. The Queries section has the -following options: - -- Add from Library – Opens the Libraries window. Add a pre-built query from the Enterprise Auditor - library. See the [Add Query from Library](#add-query-from-library) topic for additional - information. -- Create Query – Click **Create Query** to add a new query task to a job. See the - [Create or Modify a Query](#create-or-modify-a-query) topic for additional information. -- Delete Query – Delete the currently selected query -- Query Properties – Select an existing query and click **Query Properties** to modify its - configuration - -### Add Query from Library - -Pre-built queries can be added to the Data Collector job through the Libraries window. - -![Libraries window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addqueryfromlibrary.webp) - -The Libraries window toolbar has the following options: - -- Create New Library – Create a new library entry. The new Library will be added to the Library - dropdown menu. -- Delete Library – Deletes the currently selected library -- Cut – Cut the selected task in the library to the clipboard -- Copy – Copy the selected task in the library to the clipboard -- Paste – Paste cut or copied item from the clipboard into the currently selected library -- Delete Selected Task – Deletes the currently selected task - -Click **Add** to confirm the query selection and add it to the Queries list on the Query Selection -page. If no selection is needed or intended, click **Cancel** to close the Libraries window without -adding a pre-built query into the Queries list. - -### Create or Modify a Query - -To open the Query Properties window, click **Create Query** for a new query or **Query Properties** -for an existing query. There are three tabs in the Query Properties window where queries can be -configured. These tabs are:. - -- [General Tab](#general-tab) -- [Data Source Tab](#data-source-tab) -- [Filters Tab](#filters-tab) - -To access the XML Text version of the Query Properties window, click **View XML**. This applies to -all three tabs listed. - -#### General Tab - -Use the General tab to modify the name or description of the query. - -![General tab of the Query Properties window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesgeneral.webp) - -The General tab displays: - -- Name – Name of the query supplied by the creator of the query -- Description – Description of the query supplied by the creator of the query -- Table – Name of the native data table for this query - - The table name is supplied by the creator in the Query Selection view - - Tables are named DEFAULT, unless modified - - Within the SQL database, the table name will be prefaced with `SA_[Job Name]_` -- ID – Query GUID generated by Enterprise Auditor for this query task. - - - The query GUID is referenced by the **SMARTLog** Data Collector, **ExchangeMetrics** Data - Collector, and the **PowerShell** Data Collector. - - When using the **SMARTLog** Data Collector or the **ExchangeMetrics** Data Collector, the - `state` file for the query’s Persist log state feature can be found in the SA_CommonData - folder in the Enterprise Auditor installation directory: - - …/STEALTHbits/StealthAUDIT/Jobs/SA_CommonData/[Data Collector]/[Query GUID]/[Target - Host]/state - -When creating a new query, provide a unique, descriptive **Name** and **Description**. This -information displays in the table on the Query Selection view. See the -[Queries Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -#### Data Source Tab - -Use the Data Source tab to configure the data collector and query. - -| ![Data Source tab of Query Properties for new Query](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatasourcenew.webp) | ![Data Source tab of Query Properties for existing Query](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatasourceexisting.webp) | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| New Query | Existing Query | - -The Data Source tab displays: - -- Data Collector – Data collector selected from the drop-down menu. -- Query – Query configuration string. -- Configure – Opens the wizard for the selected data collector. Each Data Collector task has its own - Configuration Wizard. -- Properties – Configured query properties. - -When creating a new query, expand the **Data Collector** drop-down menu, which provides a list of -all licensed data collectors in alphabetical order. The **Query** and **Property** sections are -auto-filled according to the configuration. The buttons at the bottom of the Property section are -for advanced features to manipulate the query. The **+** and **–** buttons manually add or remove -individual properties from the query. The script button opens the VBScript Editor window for query -manipulation scripts. - -**_RECOMMENDED:_** Use the Data Collector Configuration wizards for basic query modifications. For -more complex modifications, contact [Netwrix Support](https://www.netwrix.com/support.html). - -See the individual data collector section for configuration wizard page information. - -#### Filters Tab - -Use the Filters tab to include filters into the data collection process. - -| ![Filters tab of Query Properties window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatafilters.webp) | ![Filters tab of Query Properties window with a new filter](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatafilterswithfilter.webp) | -| ----------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| No FIlter | With FIlter | - -The Filter tab has the following items: - -- Filter – Sort through a list of filters that are applied to the current query - - Use the **+** and **–** buttons to add and remove filters from the query -- Key – Labels identifying the configurable value in the filter -- Value – When applicable, add a new value to the filter using the dropdown menu. Otherwise, create - a new one by typing in the desired value. - -**_RECOMMENDED:_** Use the default settings for filters. Filters can be used to substitute or delete -data values during data collection. For more information on the impacts of adding filters to -queries, contact [Netwrix Support](https://www.netwrix.com/support.html). - -Click **OK** to save changes and exist the Query Properties window. If no changes were made or -intended, it is best practice to click **Cancel** to exit the Query Properties window to ensure -unintended changes are not saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/category.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/category.md deleted file mode 100644 index bc5b1550e2..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/category.md +++ /dev/null @@ -1,14 +0,0 @@ -# PasswordSecurity: Category - -This Category page in the Password Security Data Collection Wizard identifies the kind of password -information retrieved during a scan of the Active Directory. - -![Password Security Data Collection Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The Password Security Data Collection contains the following type of scan: - -- WeakPasswordScan – Scans an Active Directory for weak passwords. Returns password information per - the configurable scan options including clear-text passwords. For additional information on scan - options, see - the[PasswordSecurity: Options](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/options.md) - topic. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.md deleted file mode 100644 index 2fe68695e5..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.md +++ /dev/null @@ -1,145 +0,0 @@ -# PasswordSecurity: Dictionaries - -The Dictionaries page provides configuration settings for storing passwords to be used as a -reference for the scan. - -![Password Security Data Collection Wizard Dictionary options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.webp) - -The configurable dictionary options are: - -- Use Stealthbits dictionary (> 100,000 passwords) – If enabled, compares passwords against - out-of-the-box dictionary comprised of commonly used password hashes -- Automatically update the Stealthbits dictionary – Checks for the latest version of the Stealthbits - dictionary file when the job is executed, and downloads the latest version from the - [Netwrix website](https://www.netwrix.com/) - - - If the Enterprise Auditor server does not have an internet connection, the Stealthbits - dictionary can be downloaded directly from the - [My Products](https://www.netwrix.com/my_products.html) page of the Netwrix website. - -- Update Dictionary – Checks for the latest version of the dictionary file, and updates if necessary -- Add – Add a custom dictionary file in one of the following formats: - - - Plaintext – Line separated in a text file - - NLTM Hashes – Can be added with hashes or sorted hashes. The haveibeenpwned dictionary can be - used. See the - [Download and Configure the Have I Been Pwnd (HIBP) Hash List](#download-and-configure-the-have-i-been-pwnd-hibp-hash-list) - topic for additional information. - - **_RECOMMENDED:_** Use the sorted hash dictionary if adding an NLTM format - -- Remove – Removes a custom dictionary file from the query scope - -## Download the Stealthbits dictionary - -**Step 1 –** If the Enterprise Auditor server does not have an internet connection, the Stealthbits -dictionary can be downloaded directly from the -[My Products](https://www.netwrix.com/my_products.html) page of the Netwrix website. - -**Step 2 –** After downloading the dictionary file manually do one the following: - -- If an internet connection exists on the Enterprise Auditor server: - - - Place the `dictionary.dat` file in the following location: - `%sainstalldir%\Jobs\SA_CommonData\PasswordSecurity\Dictionaries` - - Rename the file to `sadictionary_hashed_sorted.dat` - -- If no internet connection exists on the Enterprise Auditor server: - - - Copy the file to the Enterprise Auditor server and put it in a location of your choosing. The - default location is `%sainstalldir%\Jobs\SA_CommonData\PasswordSecurity\Dictionaries` - - Open the PasswordSecurity data collector configuration for the **AD_WeakPasswords** job - - On the Dictionaries page, deselect the **Use STEALTHbits dictionary** checkbox - - On the Dictionaries page, click **Add...** and select the previously downloaded - `dictionary.dat` file - -## Download and Configure the Have I Been Pwnd (HIBP) Hash List - -If you don't have internet access on the Netwrix Enterprise Auditor server or want to download the -files from another location that has internet access, you can do so by using the Pwnd Passwords -Downloader. - -The Pwnd Passwords Downloader is a Dotnet tool used to download all Pwned Passwords hash ranges and -save them offline so they can be used without a dependency on the k-anonymity API. Use this tool to -get the latest breached hashes from the Have I Been Pwnd (HIBP) database. - -**NOTE:** The -[](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader)[Pwnd Passwords Downloader](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader) -is a third party, open source tool, created by the HaveIBeenPwned team and distributed under a BSD -3-Clause License. You might experience issues during the hash download process, depending on your -threading settings or the load on the CloudFlare backend. The Pwnd Passwords Downloader tool will -automatically retry to continue downloading the hashes until it fully completes the download -process. - -### Prerequisites - -The Pwnd Passwords Downloader has the following prerequisite: - -- Install .NET 6 before installing the - [Pwnd Passwords Downloader ](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader)tool. You - can download .NET 6 from Microsoft: - [https://dotnet.microsoft.com/en-us/download/dotnet/6.0](https://dotnet.microsoft.com/en-us/download/dotnet/6.0) - -The HIBP database takes up additional space on the machine where it is copied (approximately 13 GB, -but subject to change). The Have I Been Pwnd database (HIBP) hashes can take up to 30 GB. Make sure -that you have enough free space on your disk in your Netwrix Enterprise Auditor install directory -(`%sainstalldir%`). - -### Install the Pwnd Passwords Downloader - -Follow the steps to install the Pwnd Passwords Downloader. - -**Step 3 –** Open command prompt, and navigate to your .NET install folder (for example, -`C:\Program Files (x86)\dotnet`). - -**Step 4 –** Run the following command: - -``` -dotnet tool install --global haveibeenpwned-downloader -``` - -![hibp_installation_0](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_0.webp) - -**Step 5 –** Close the command prompt. - -### Update an Installed Pwnd Passwords Downloader - -Follow the steps to update an installed Pwnd Passwords Downloader. - -**Step 1 –** Open the command prompt. - -**Step 2 –** Run the following command: - -``` -dotnet tool update --global haveibeenpwned-downloader -``` - -![hibp_installation_1](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_1.webp) - -### Download NTML Hashes with the Pwnd Passwords Downloader - -Follow the steps to download NTLM hashes. - -**Step 1 –** Navigate to the folder where you want to download the hashes. - -**Step 2 –** Download all NTLM hashes to a single txt file, called for example -`pwnedpasswords_ntlm.txt`. - -Run: - -``` -haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm -``` - -![hibp_installation_3](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_3.webp) - -This screenshot shows the completed download. - -**Step 3 –** To overwrite an existing hash list, run: - -``` -haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm -o -``` - -For a complete list of available parameters, please check the -[Pwnd Passwords Downloader GitHub page](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader). diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/options.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/options.md deleted file mode 100644 index 71dfffc194..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/options.md +++ /dev/null @@ -1,19 +0,0 @@ -# PasswordSecurity: Options - -The Options page provides format options for returned data. - -![Password Security Data Collection Wizard Scan options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -The configurable scan options are: - -- Encrypt communications with Active Directory (SSL) – Enables communication to the domain - controller over SSL -- Analyze historical passwords – Scans historical passwords that have been stored in Active - Directory - - **CAUTION:** Enabling the following option will return clear text passwords to be stored in the - Enterprise Auditor database for the following exceptions: **Clear Text Password**, **Potential - Keytab Password**, and **Weak Password** (when leveraging a plaintext password dictionary). - -- Return cleartext passwords when possible – Returns stored clear-text passwords to the Enterprise - Auditor database diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/overview.md deleted file mode 100644 index 3286cb9796..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/overview.md +++ /dev/null @@ -1,41 +0,0 @@ -# PasswordSecurity Data Collector - -The PasswordSecurity Data Collector compares passwords stored in Active Directory to known, breached -passwords in the Netwrix dictionary or custom dictionaries. The PasswordSecurity Data Collector also -checks for common misconfigurations with passwords in Active Directory. - -The PasswordSecurity Data Collector is a core component of Enterprise Auditor, but it has been -preconfigured within the Active Directory Solution. While the data collector is available with all -Enterprise Auditor license options, the Active Directory Solution is only available with a special -Enterprise Auditor license. See the -[Active Directory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -topic for additional information. - -Protocols - -- LDAP - -Ports - -- TCP 389/636 - -Permissions - -- At the domain level: - - - Read - - Replicating Directory Changes - - Replicating Directory Changes All - - Replicating Directory Changes in a Filtered Set - - Replication Synchronization - -## PasswordSecurity Query Configuration - -The PasswordSecurity Data Collector is configured through the Password Security Data Collector -Wizard, which contains the following wizard pages: - -- [PasswordSecurity: Category](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/category.md) -- [PasswordSecurity: Options](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/options.md) -- [PasswordSecurity: Dictionaries](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.md) -- [PasswordSecurity: Results](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/results.md) -- [PasswordSecurity: Summary](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/summary.md) diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/results.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/results.md deleted file mode 100644 index 17d27563f5..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/results.md +++ /dev/null @@ -1,8 +0,0 @@ -# PasswordSecurity: Results - -The Results page is where Active Directory properties to be gathered are selected. - -![Password Security Data Collection Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or by using the **Select All** or **Clear All** buttons. All -selected properties are gathered. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/summary.md deleted file mode 100644 index 319c769b54..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# PasswordSecurity: Summary - -The Summary page displays a summary of the configured query. - -![Password Security Data Collection Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Data Collector Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/permissionmatrix.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/permissionmatrix.md deleted file mode 100644 index 06ef41b54e..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/permissionmatrix.md +++ /dev/null @@ -1,53 +0,0 @@ -# Permissions by Data Collector (Matrix) - -The Enterprise Auditor data collectors are capable of collecting information from a variety of -sources. Each data collector requires specific protocols, ports, and permissions for the collection -of data to occur. - -Many data collectors are included as core components. However, some data collectors require specific -license features. The following table provides a quick reference for each data collector. - -| Data Collector | Description | Protocols | Ports Used | Recommended Permissions | -| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| ActiveDirectory _\*requires license_ | The ActiveDirectory Data Collector audits objects published in Active Directory. | - ADSI - LDAP - RPC | - TCP 389/636 - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Domain Administrators group | -| ADActivity _\*requires license_ | The ADActivity Data Collector integrates with the Netwrix Activity Monitor by reading the Active Directory activity log files. | - HTTP - RPC | - TCP 4494 (configurable within the Netwrix Activity Monitor) | - Netwrix Activity Monitor API Access activity data - Netwrix Activity Monitor API Read - Read access to the Netwrix Activity Monitor Log Archive location | -| ADInventory | The ADInventory Data Collector is designed as a highly scalable and useful data collection mechanism to catalogue user, group, and computer object information that can be used by other solutions within Enterprise Auditor. | - LDAP | - TCP 389 - TCP 135-139 - Randomly allocated high TCP ports | - Read access to directory tree - List Contents & Read Property on the Deleted Objects Container **NOTE:** See the Microsoft [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) article and the Microsoft [Dsacls]() article for additional information. | -| ADPermissions _\*requires license_ | The ADPermissions Data Collector collects the advanced security permissions of objects in AD. | - ADSI - LDAP - RPC | - TCP 389 - TCP 135 – 139 - Randomly allocated high TCP ports | - LDAP Read permissions - Read on all AD objects - Read permissions on all AD Objects | -| AWS | The AWS Data Collector collects IAM users, groups, roles, and policies, as well as S3 permissions, content, and sensitive data from the target Amazon Web Services (AWS) accounts. | - HTTPS | - 443 | - To collect details about the AWS Organization, the following permission is required: - organizations:DescribeOrganization - To collect details regarding IAM, the following permissions are required: - iam:GenerateCredentialReport - iam:GenerateServiceLastAccessedDetails - iam:Get\* - iam:List\* - iam:Simulate\* - sts:GetAccessKeyInfo - To collect details related to S3 buckets and objects, the following permissions are required: - s3:Describe\* - s3:Get\* - s3:HeadBucket - s3:List\* | -| AzureADInventory | The AzureADInventory Data Collector catalogs user and group object information from Microsoft Entra ID, formerly Azure Active Directory. This data collector is a core component of Enterprise Auditor and is preconfigured in the .Entra ID Inventory Solution. | - HTTP - HTTPS - REST | - TCP 80 and 443 | - Microsoft Graph API - Application Permissions: - AuditLog.Read.All – Read all audit log data - Directory.Read.All – Read directory data - Delegated Permissions: - Group.Read.All – Read all groups - User.Read.All – Read all users' full profiles - Access URLs - https://login.windows.net - https://graph.windows.net - https://login.microsoftonline.com - https://graph.microsoft.com - All sub-directories of the access URLs listed | -| Box _\*requires license_ | The Box Data Collector audits access, group membership, and content within a Box enterprise. | - HTTP - HTTPS | - TCP 80 - TCP 443 | - Box Enterprise Administrator | -| CommandLineUtility | The CommandLineUtility Data Collector provides the ability to remotely spawn, execute, and extract data provided by a Microsoft native or third-party command line utility. | - Remote Registry - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the local Administrators group | -| DiskInfo | The DiskInfo Data Collector provides enumeration of disks and their associated properties. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the local Administrators group | -| DNS _\*requires license_ | The DNS Data Collector provides information regarding DNS configuration and records. | - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Domain Administrators group | -| DropboxAccess _\*requires license_ | The DropboxAccess Data Collector audits access, group membership, and content within a Dropbox environment. | - HTTP - HTTPS | - TCP 80 - TCP443 | - Dropbox Team Administrator | -| EventLog | The EventLog Data Collector provides search and extraction of details from event logs on target systems. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the Local Administrators group - Member of the Domain Administrators group (if targeting domain controllers) | -| EWSMailbox _\*requires license_ | The EWSMailbox Data Collector provides configuration options to scan mailbox contents, permissions, and sensitive data, and is preconfigured within the Exchange Solution. | - HTTPS - ADSI - LDAP | - TCP 389 - TCP 443 | For Exchange servers: - Exchange Admin Role - Discovery Management Role - Application Impersonation Role - Exchange Online License For Exchange Online: - Exchange Admin Role - Discovery Management Role - Exchange Online License | -| EWSPublicFolder _\*requires license_ | The EWSPublicFolder Data Collector provides configuration options to extract public folder contents, permissions, and sensitive data, and is preconfigured within the Exchange Solution. | - HTTPS - ADSI - LDAP | - TCP 389 - TCP 443 | For Exchange servers: - Exchange Admin Role - Discovery Management Role - Application Impersonation Role - Exchange Online License with a mailbox For Exchange Online: - Exchange Admin Role - Discovery Management Role - Exchange Online License with a mailbox | -| Exchange2K _\*requires license_ | The Exchange2K Data Collector extracts configuration details from Exchange organizations for versions 2003 and later. | - LDAP - MAPI - PowerShell - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports - TCP 389 - Optional TCP 445 | - Member of the Exchange Administrator group - Domain Admin for AD property collection - Public Folder Management | -| ExchangeMailbox _\*requires license_ | The ExchangeMailbox Data Collector extracts configuration details from the Exchange Store to provide statistical, content, permission, and sensitive data reporting on mailboxes. | - MAPI - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Exchange Administrator group - Organization Management - Discovery Management | -| ExchangeMetrics _\*requires license_ | The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking Logs on the Exchange servers. Some examples of this include server volume and message size statistics. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the local Administrator group on the targeted Exchange server(s) | -| ExchangePS _\*requires license_ | The ExchangePS Data Collector utilizes the Exchange CMDlets to return information about the Exchange environment utilizing PowerShell. This data collector has been designed to work with Exchange 2010 and newer. | - PowerShell | - TCP 135 - Randomly allocated high TCP ports | For Exchange servers: - Remote PowerShell enabled on a single Exchange server - Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server where Remote PowerShell has been enabled - View-Only Organization Management Role Group - Discovery Search Management Role Group - Public Folder Management Role Group - Mailbox Search Role For Exchange Online: - Discovery Management Role - Organization Management Role | -| ExchangePublicFolder _\*requires license_ | The ExchangePublicFolder Data Collector audits an Exchange Public Folder, including contents, permissions, ownership, and replicas. | - MAPI - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Exchange Administrator group - Organization Management | -| File | The File Data Collector provides file and folder enumeration, properties, and permissions. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports - Optional TCP 445 | - Member of the Local Administrators group | -| FileSystemAccess (FSAA) _\*requires license_ | The FileSystemAccess (FSAA) Data Collector collects permissions, content, and activity, and sensitive data information for Windows and NAS file systems. | - Remote Registry - WMI | - Ports vary based on the Scan Mode Option selected. See the [File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) topic for additional information. | - Permissions vary based on the Scan Mode Option selected. See the [File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) topic for additional information. | -| GroupPolicy | The GroupPolicy Data Collector provides the ability to retrieve the GPO’s list in the domain and where they are linked, return information on configured policies and policy parts from the individual policies that have been selected, return information on selected policy parts from all policies within the domain, and return effective security policies in effect at the individual workstation. | - LDAP - RPC | - TCP 389 - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the Local Administrators group | -| INIFile | The INIFile Data Collector provides options to configure a task to collect information about log entries on target hosts. | - RPC | - TCP 135-139 - Randomly allocated high TCP ports - Optional TCP 445 | - Member of the Local Administrators group | -| LDAP | The LDAP Data Collector uses LDAP to query Active Directory returning the specified objects and attributes. | - LDAP | - TCP 389 | - Member of the Domain Administrators group | -| NIS | The NIS Data Collector inventories a NIS domain for user and group information, mapping to Windows-style SIDs. | - NIS | - TCP 111 or UDP 111 - Randomly allocated high TCP ports | - No special permissions are needed aside from access to a NIS server | -| NoSQL | The NoSQL Data Collector for MongoDB provides information on MongoDB Cluster configuration, limited user permissions, scans collections for sensitive data, and identifies who has access to sensitive data. | - TCP/IP | - MongoDB Cluster - Default port is 27017 (A custom port can be configured) | - Read Only access to ALL databases in the MongoDB Cluster including: - Admin databases - Config databases - Local databases - Read Only access to any user databases is required for sensitive data discovery - Read access to NOSQL instance - Read access to MongoDB instance - Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard page | -| ODBC | Queries ODBC compliant databases for tables and table properties | - OCBC | - TCP 1433 | - Database Read access | -| PasswordSecurity | The PasswordSecurity Data Collector compares passwords stored in Active Directory to known, breached passwords in the Netwrix dictionary or custom dictionaries. The PasswordSecurity Data Collector also checks for common misconfigurations with passwords in Active Directory. | - LDAP | - TCP 389/636 | - At the domain level: - Read - Replicating Directory Changes - Replicating Directory Changes All - Replicating Directory Changes in a Filtered Set - Replication Synchronization | -| PatchCheck | Provides patch verification and optional automatic bulletin downloads from Microsoft | - HTTP - ICMP - RPC | - TCP 135-139 - Randomly allocated high TCP ports - TCP 80 - TCP 7 | - Member of the Local Administrators group | -| Perfmon | Provides performance monitor counter data samples | - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | -| PowerShell | The PowerShell Data Collector provides PowerShell script exit from Enterprise Auditor. | - PowerShell | - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the Local Administrators group | -| Registry | The Registry Data Collector queries the registry and returns keys, key values, and permissions on the keys. | - Remote Registry - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | -| Script | The Script Data Collector provides VB Script exit from Enterprise Auditor. | - VB Script | - Randomly allocated high TCP ports | - Member of the Local Administrators group - Member of the Domain Administrators group (if targeting domain controllers) | -| Services | The Services Data Collector enumerates status and settings from remote services. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | -| SharePointAccess (SPAA) _\*requires license_ | The SharePointAccess (SPAA) Data Collector audits access, group membership, and content within a SharePoint on-premises and SharePoint Online environment. The SPAA Data Collector has been preconfigured within the SharePoint Solution. | - MS SQL - Remote Registry - SP CSOM (Web Services via HTTP & HTTPS) - SP Server API - WCF AUTH via TCP (configurable) | - Ports vary based on the Scan Mode selected and target environment. See the [SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) topic for additional information. | - Permissions vary based on the Scan Mode selected and target environment. See the [SharePoint Support](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) topic for additional information. | -| SMARTLog | The SMARTLog Data Collector provides search and extraction of details from Windows Event Logs (online or offline) and Microsoft Exchange Internet Information Server (IIS) logs. | - Log - Remote Event - RPC | - TCP 135 - TCP 445 - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the local Administrators group | -| SQL _\*requires license_ | The SQL Data Collector provides information on database configuration, permissions, data extraction, application name of the application responsible for activity events, an IP Address or Host name of the client server, and sensitive data reports. This data collector also provides information on Oracle databases including infrastructure and operations. | TCP | For Db2 Target: - Specified by Instances table (default is 5000) For MySQL Target: - Specified by Instances table (default is 3306) For Oracle Target: - Specified by Instances table (default is 1521) For PostgreSQL Target: - Specified by Instances table (default is 5432) For SQL Target: - Specified by Instances table (default is 1433) | For MySQL Target: - Read access to MySQL instance to include all databases contained within each instance - Windows Only — Domain Admin or Local Admin privilege For Oracle Target: - User with SYSDBA role - Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or Unix operating systems For PostgreSQL Target: - Read access to all the databases in PostgreSQL cluster or instance - Windows Only — Domain Admin or Local Admin privilege For Redshift Target: - Read-access to the following tables: - pg_tables - pg_user For SQL Target: - For Instance Discovery, local rights on the target SQL Servers: - Local group membership to Remote Management Users - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` - For permissions for data collection: - Read access to SQL instance - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the target SQL instance(s) when using the **Scan full rows for sensitive data** option on the Options wizard page - Grant Authenticate Server to [DOMAIN\USER] - Grant Connect SQL to [DOMAIN\USER] - Grant View any database to [DOMAIN\USER] - Grant View any definition to [DOMAIN\USER] - Grant View server state to [DOMAIN\USER] - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) | -| SystemInfo | The SystemInfo Data Collector extracts information from the target system based on the selected category. | - Remote Registry - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | -| TextSearch | The TextSearch Data Collector enables searches through text based log files. | - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | -| Unix _\*requires license_ | The Unix Data collector provides host inventory, software inventory, and logical volume inventory on UNIX & Linux platforms. | - SSH | - TCP 22 - User configurable | - Root permissions in Unix/Linux | -| UserGroups _\*requires license_ | The UsersGroups Data Collector audits user and group accounts for both local and domain, extracting system policies. | - RPC - SMBV2 - WMI | - TCP 135-139 - Randomly allocated high TCP ports - 445 | - Member of the Local Administrators group - If a less-privileged option is required, you can use a regular domain user that has been added to the **Network access: Restrict clients allowed to make remote calls to SAM** Local Security Policy - Member of the Domain Administrators group (if targeting domain controllers) | -| WMICollector | The WMICollector Data Collector identifies data for certain types of WMI classes and namespaces. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/registry.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/registry.md deleted file mode 100644 index 3ef7602074..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/registry.md +++ /dev/null @@ -1,75 +0,0 @@ -# Registry Data Collector - -The Registry Data Collector queries the registry and returns keys, key values, and permissions on -the keys. The data in the native tables returned by the Registry Data Collector is dependent upon -the query configuration. For example, a query could be configured to only show permissions on -registry keys in a 32-bit view. Another query could be configured to show a listing of all keys and -key values in a 64-bit view. Wildcards can also be used in query configurations. - -The Registry Data Collector is a core component of Enterprise Auditor, but it has been preconfigured -within both the Active Directory Solution and the Windows Solution. While the data collector is -available with all Enterprise Auditor license options, these solutions are only available with a -special Enterprise Auditor licenses. See the following topics for additional information: - -- [Active Directory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -- [Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) - -Protocols - -- Remote Registry -- RPC - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group - -## Registry Query Configuration - -The Registry Data Collector is configured through the Registry Browser window. - -![Registry Browser window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/browser.webp) - -The configurable options are: - -- Sample Host – The host to connect to. If this box is left blank, the connection is to the local - host. -- 64-bit view – The default view is 32-bit. Select the **64-bit view** checkbox to switch to a - 64-bit view. -- Connect – Connect to host’s registry. If no host is specified in the Sample Host box, the - connection is to the local host’s registry. -- Query 32-bit view – Select this checkbox to query the 32-bit view of the registry -- Query 64-bit view – Select this checkbox to query the 64-bit view of the registry -- Name – The key value. Key values can be added to the Selected Properties list by pressing the - **ctrl** key, selecting the keys to add, and then clicking the **Add currently selected value** - button. -- Type – The key value type -- Data – The key value path -- Root Path – The path to the selected key -- Enumerate child nodes – Select this checkbox to do a recursive search of all child nodes - -The button bar provides additional options for selecting keys. See the [Button Bar](#button-bar) -topic for additional information. - -### Button Bar - -The button bar is located right above the Selected Properties window. The button bar enables users -to do the following: - -![Button Bar](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/buttonbar.webp) - -| Icon | Name | -| -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------- | -| ![Select all peer keys for this node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/selectall.webp) | Select all peer keys for this node | -| ![Add name of currently selected key](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addname.webp) | Add name of currently selected key | -| ![Add full path of the currently selected key](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addpath.webp) | Add full path of the currently selected key | -| ![Add last write date/time of currently selected key](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adddatetime.webp) | Add last write date/time of currently selected key | -| ![Add security properties for selected key](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addproperties.webp) | Add security properties for selected key | -| ![Enumerate all values for this key](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/enumeratevalues.webp) | Enumerate all values for this key | -| ![Add currently selected value](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addvalue.webp) | Add currently selected value | -| ![Delete properties from selection](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/delete.webp) | Delete properties from selection | -| ![Go to selected key](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/goto.webp) | Go to selected key | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/services.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/services.md deleted file mode 100644 index fbf6ef4ae0..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/services.md +++ /dev/null @@ -1,41 +0,0 @@ -# Services Data Collector - -The Services Data Collector enumerates status and settings from remote services. The Services Data -Collector is a core component of Enterprise Auditor, but it has been preconfigured within the -Windows Solution. While the data collector is available with all Enterprise Auditor license options, -the Windows Solution is only available with a special Enterprise Auditor license. See the -[Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) -topic for additional information. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group - -## Services Query Configuration - -The Services Data Collector is configured through the Service Browser window. - -![Service Browser window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/servicebrowser.webp) - -- Host – Enter a sample host which contains all of the services desired for the query -- All Services – Select this option to build the query to extract information from all services on - the target host -- Specific Services – Select this option to build the query to extract information from specific - services on the target host. Select the checkboxes next to the desired services for the query - after clicking **Connect**. -- Connect – Click **Connect** to connect to the host and display a list of all services found -- Available Properties – Select the properties to be returned - -**NOTE:** In cases where the query does not find the selected services on the target host, the -`InternalName` column that is returned reflects the `DisplayName` column and no other values are -retrieved. If the services are found on the host, the `DisplayName` value in the table is resolved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/collectionmethod.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/collectionmethod.md deleted file mode 100644 index 7147e35da4..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/collectionmethod.md +++ /dev/null @@ -1,28 +0,0 @@ -# SMARTLog: Collection Method - -The Collection Method page is used to select the collection method employed by the data collector. -It is a wizard page for all log types. - -![SMART Log DC Wizard Collection Method page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/collectionmethod.webp) - -Select the collection method from the following options to set how the collection routine is -executed to collect the data from the target. - -- Using network query – Connects to the target log over the network via RPC and reads events -- Using server side applet – Deploys a remote executable to the target host and then runs as a - process on the target host. It connects to the log, retrieves information, and returns it to the - Enterprise Auditor Console. - - **NOTE:** The applet cannot be used to target the local host. - -- Copy the log locally and process (Not available for all query scenarios) – Extract events from an - offline log by moving the log to the Enterprise Auditor Console and having it processed on the - local host instead of the target host. In order to use this option, the log type selected for the - query must be **Windows Event Log (Archived)**. - -The Applet Options section is only visible when the **Using server side applet** collection method -is selected. - -- Connection retries count – The number of times to retry a failed connection. The default is 15. -- Retry delay (ms) – The time between retries of a failed connection. The default is 5000 - milliseconds (5 seconds). diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/criteria.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/criteria.md deleted file mode 100644 index f34039f151..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/criteria.md +++ /dev/null @@ -1,41 +0,0 @@ -# SMARTLog: Criteria - -The Criteria page is used to specify the search criteria. A test query can be run with the sample -host entered on the Sample Host page to confirm the results that will be returned by the query. It -is a wizard page for all log types. - -![SMART Log DC Wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The **Limit number of records to** setting has a default of `1000`. - -Follow the steps to configure the search criteria. - -![Filter button on Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/criteriafilter.webp) - -**Step 1 –** Click **Filter** to add a condition or a group to the root of the query. - -- Click the ellipsis (**…**) to add a new condition or group under an existing group - -![Configure search](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/criteriarecordnumber.webp) - -**Step 2 –** Click **RecordNumber** to configure the search to look for specific events or a range -of events. - -**Step 3 –** Click **equals** and **``** to further configure the condition as required. - -**Step 4 –** (Optional) At the root or group level, click **AND** to change the logical operator for -that level. The available options are **AND**, **OR**, **NOT AND**, and **NOT OR**. - -**Step 5 –** Repeat steps 1 to 4 to configure all necessary criteria. - -- To remove a row (condition or group), click the ellipsis (**…**) on the row and select **Remove - Row** -- To remove all currently configured criteria, click **Filter** and select **Clear All** - -**Step 6 –** Click **Show data** to run a test query and sample the data that will be returned that -is connected to a target log based upon the configured criteria. The data is displayed in the -Records found table. - -The search criteria has now been configured and the results it returns tested. Configure the -criteria further if the returned results are not as expected, or click **Next** to continue to the -next wizard page. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/eventlogoptions.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/eventlogoptions.md deleted file mode 100644 index 6784e16dac..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/eventlogoptions.md +++ /dev/null @@ -1,11 +0,0 @@ -# SMARTLog: Event Log Options - -The Event Log Options page is used to configure additional options. It is a wizard page for all log -types. - -![SMART Log DC Wizard Event Log Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/eventlogoptions.webp) - -The following additional options can be selected: - -- Lookup user name – Resolves SIDs found in the event descriptions to friendly display name values -- Resolve GUIDs – Resolves GUIDs found in the event descriptions to friendly display name values diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/logstate.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/logstate.md deleted file mode 100644 index 42d506ed4e..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/logstate.md +++ /dev/null @@ -1,11 +0,0 @@ -# SMARTLog: Log State - -The Log State page is used to configure how to search the log. It is a wizard page for all log -types. - -![SMART Log DC Wizard Log State page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/logstate.webp) - -Select the **Persist log state** checkbox to search the log from where the search last left off. A -state file is created for each host configured in the query. State files can be viewed within -Enterprise Auditor and are named by the query GUID. State files display the record the search last -left off on, the event log, and the date of the last entry. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/logtype.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/logtype.md deleted file mode 100644 index 02ddd8e6d7..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/logtype.md +++ /dev/null @@ -1,37 +0,0 @@ -# SMARTLog: Log Type - -The Log Type page is used to select the log type to be processed. - -![SMART Log DC Wizard Log Type page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/logtype.webp) - -The log types are: - -- Windows Event Log – Connects to and extract information from any Windows event log made available - on the target host -- Windows Event Log (Archived) – Extract events from an offline log by moving the log to the - Enterprise Auditor Console and having it processed on the local host instead of the target host -- Internet Information Server Log – An Exchange query that returns information from Outlook Web - Access IIS logs found on CAS servers - - - The IIS log must be configured to generate specific columns in order for the SMARTLog Data - Collector to audit them. See the - [IIS Log Auditing Requirements](#iis-log-auditing-requirements) topic for additional - information. - -- File Change Detection Log – This is a legacy option. It should not be selected. - -## IIS Log Auditing Requirements - -The SMARTLog Data Collector needs the IIS logs to generate the following columns: - -- Date (date) -- Time (time) -- ClientIP (c-ip) -- UserName (cs-username) -- UriSteam (cs-uri-stem) -- UriQuery (cs-uri-query) -- Protocol Status (HttpStatus) -- Protocol substatus (HttpSubStatus) -- BytesSent (sc-bytes) -- BytesRecv (cs-bytes) -- UserAgent (cs(User-Agent)) diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/overview.md deleted file mode 100644 index ecd4621f7c..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/overview.md +++ /dev/null @@ -1,57 +0,0 @@ -# SMARTLog Data Collector - -The SMARTLog Data Collector provides search and extraction of details from Windows Event Logs -(online or offline) and Microsoft Exchange Internet Information Server (IIS) logs. - -The SMARTLog Data Collector is a core component of Enterprise Auditor, but it has been preconfigured -within the Active Directory Solution, Exchange Solution, SQL Solution, and the Windows Solution. -While the data collector is available with all Enterprise Auditor license options, these solutions -are only available with a special Enterprise Auditor licenses. See following sections for additional -information: - -- [Active Directory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -- [Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -- [SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) -- [Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) - -Protocols - -- Log -- Remote Event -- RPC - -Ports - -- TCP 135 -- TCP 445 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Domain Administrators group (if targeting domain controllers) -- Member of the local Administrators group - -See the -[Exchange Remote Connections Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information related to permissions required for targeting Exchange servers. - -## SMARTLog Query Configuration - -The SMARTLog Data Collector is configured through the SMART Log DC Wizard, which contains the -following wizard pages: - -- Welcome -- [SMARTLog: Log Type](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/logtype.md) -- [SMARTLog: Sample Host](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/samplehost.md) -- [SMARTLog: Target Log](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlog.md) -- [SMARTLog: Results](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/results.md) -- [SMARTLog: Criteria](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/criteria.md) -- [SMARTLog: Collection Method](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/collectionmethod.md) -- [SMARTLog: Log State](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/logstate.md) -- [SMARTLog: Event Log Options](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/eventlogoptions.md) -- [SMARTLog: Summary](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/summary.md) - -![SMART Log DC Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -There are no configurable settings on the Welcome page. Click **Next** to proceed to the Log Type -page. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/results.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/results.md deleted file mode 100644 index 10558a86ae..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/results.md +++ /dev/null @@ -1,11 +0,0 @@ -# SMARTLog: Results - -The Results page is where the events to be returned by the query are selected. It is a wizard page -for all log types. The description strings within the log records can also be selected for the -query. - -![SMART Log DC Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Click **Check all** to select all properties, **Uncheck all** to deselect all properties, or **Reset -Defaults** to return to the default settings. Available properties vary based on the category -selected. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/samplehost.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/samplehost.md deleted file mode 100644 index 31bab05a85..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/samplehost.md +++ /dev/null @@ -1,54 +0,0 @@ -# SMARTLog: Sample Host - -The Sample Host page is used to configure the host. It is a wizard page for all log types. - -![SMART Log DC Wizard Sample Host page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/samplehost.webp) - -Select a host for running a test query on the Criteria page from the following radio buttons: - -- Local Computer – localhost -- Another computer – If selecting another computer for the host, click the ellipsis to open the - Select Computer window. See the [Select Computer Window](#select-computer-window) topic for - additional information. - -## Select Computer Window - -![Select Computer window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindow.webp) - -If selecting another computer for the host, click the ellipsis to open the Select Computer window -and select a computer. The options in the Select Computer window are: - -- Object Types – Either enter the object type name in the textbox or click **Object Types** to - select the types of objects to find. The default is **Computer**. -- Locations – Click to select the location to search. The default is **Entire Directory**. -- Enter the object name to select – Manually enter objects into the text field - - - Click the **examples** link to access the Microsoft - [Object Picker UI]() - article for additional information - -- Check Names – Click to verify the object names in the text field -- Advanced – Opens a window to perform advanced configurations of the Select Computer function - -![Advanced Select Computer window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp) - -The Common Queries section is included on the advanced Select Computer window in addition to object -type and location in the original Select Computer window. - -- Name – Select a qualifier from the drop-down menu and enter a name of an object in the associated - text box -- Description – Select a qualifier from the drop-down menu and enter a description in the associated - text box -- Select the **Disabled accounts** checkbox to include disabled accounts in the search -- Select the **Non-expiring password** checkbox to include non-expiring passwords in the search -- Select the number of **Days since last logon** from the drop-down menu -- Click the **Columns** button to open the Choose Columns window - - ![Choose Columns window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/choosecolumnswindow.webp) - - Select a column from the Columns available or Columns shown lists and click **Add** or - **Remove** to add or remove them from each column - -- Click **Find Now** to run a search for items matching the selected criteria in the location of the - object selected -- Click **Stop** to stop a search in progress diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/summary.md deleted file mode 100644 index a91d947f8f..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/summary.md +++ /dev/null @@ -1,8 +0,0 @@ -# SMARTLog: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all log types. - -![SMART Log DC Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the SMART Log DC Wizard to ensure that no accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlog.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlog.md deleted file mode 100644 index 0013d2a9e0..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlog.md +++ /dev/null @@ -1,27 +0,0 @@ -# SMARTLog: Target Log - -The Target Log page is where logs are selected to be collected. There are three versions of this -wizard page that change based on log type. This version is a wizard page for the log types of: - -- Windows Event Log (Archived) -- Internet Information Server Log - -See the -[SMARTLog: Target Log for Windows Event Log Type](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/windowseventlog.md) -and -[SMARTLog: Target Log for File Detection Log Type](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md) -topics for information on the other versions of this wizard page. - -![SMART Log DC Wizard Target Log page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/targetlog.webp) - -The configurable options are: - -- Path – Enter or browse to the path to the log -- File mask – Enter file names to limit the file names to return from the path entered. Asterisks - can be used for wildcards. For example, `u_ex*.log` would match **u_ex170530.log**. When no mask - is set, all files from the listed path are returned. -- Log files to be processed – Select from the following options: - - - All - - Today - - For the last – Select the number of days or hours diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md deleted file mode 100644 index f35676832a..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md +++ /dev/null @@ -1,15 +0,0 @@ -# SMARTLog: Target Log for File Detection Log Type - -The Target Log page is where logs are selected to be collected. This version is a wizard page for -the File Change Detection log type. - -![SMART Log DC Wizard Target Log page for File Change Detection Log](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp) - -In the Exec server section, identify the server that will run the data collection by selecting one -of the following options: - -- Automatic (Local for NAS device hosts, Remote for Windows hosts) -- Local Enterprise Auditor Server -- Specific Remote Server – If selected, enter the server name in the Server textbox - -In the Log files to be processed section, set the filter criteria. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/windowseventlog.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/windowseventlog.md deleted file mode 100644 index 7e5b30c126..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/windowseventlog.md +++ /dev/null @@ -1,9 +0,0 @@ -# SMARTLog: Target Log for Windows Event Log Type - -The Target Log page is where logs are selected to be collected. This version is a wizard page for -the log type of Windows Event Log. - -![SMART Log DC Wizard Target Log page for Windows Event Log](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp) - -Only one log can be targeted per query task. The selected log is displayed at the bottom of the -wizard page. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.md deleted file mode 100644 index bb47bafe27..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.md +++ /dev/null @@ -1,24 +0,0 @@ -# TextSearch: Advanced Criteria - -The Advanced Criteria page is displayed if the **Use advanced criteria (instead of simple -criteria)** checkbox is selected on the Search Criteria page. This page provides configuration -options to specify the text to search for across the entire row of each file or within the specified -column in each row. - -![Text Search Data Collector Wizard Advanced Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.webp) - -The configurable options are: - -- Return Multiple Columns – Return data values in multiple columns -- Load Sample Data – Click this button to browse for sample data to test the filters entered. If the - sample data file is large, it is recommended to sample an excerpt of the file to reduce the amount - of time it takes to load the data. -- Customize – Click this button to open the Filter builder - - ![Filter builder window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/filterbuilder.webp) - - See the - [Filtration Dialog](/docs/accessanalyzer/11.6/administration/navigation.md#filtration-dialog) - topic for information on using the Filter builder. - -The filter section cannot be blank. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/overview.md deleted file mode 100644 index 4960a3193d..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/overview.md +++ /dev/null @@ -1,38 +0,0 @@ -# TextSearch Data Collector - -The TextSearch Data Collector enables searches through text based log files. The TextSearch Data -Collector is a core component of Enterprise Auditor, but it has been preconfigured within the -Windows Solution. While the data collector is available with all Enterprise Auditor license options, -the Windows Solution is only available with a special Enterprise Auditor license. See the -[Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) -topic for additional information. - -Protocols - -- RPC - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group - -## TextSearch Query Configuration - -The TextSearch Data Collector is configured through the Text Search Data Collector Wizard, which -contains the following wizard pages: - -- Welcome -- [TextSearch: Source Files](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/sourcefiles.md) -- [TextSearch: Search Criteria](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/searchcriteria.md) -- [TextSearch: Advanced Criteria](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.md) -- [TextSearch: Results](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/results.md) -- [TextSearch: Summary](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/summary.md) - -![Text Search Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/results.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/results.md deleted file mode 100644 index 28ee979a8f..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/results.md +++ /dev/null @@ -1,18 +0,0 @@ -# TextSearch: Results - -The Results page is where properties that will be gathered are selected. - -![Text Search Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Check all**, **Uncheck All**, and **Reset to -Defaults** buttons can be used. All selected properties are gathered. Available properties vary -based on the category selected. - -- Size units – Select from the following: - - - Bytes - - KBytes - - MBytes - - GBytes - -- Only return results for files with at least one match diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/searchcriteria.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/searchcriteria.md deleted file mode 100644 index 828f333215..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/searchcriteria.md +++ /dev/null @@ -1,18 +0,0 @@ -# TextSearch: Search Criteria - -The Search Criteria page provides configuration options to specify the text to search for across the -entire row of each file. - -![Text Search Data Collector Wizard Search Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/searchcriteria.webp) - -The configurable functions are: - -- Use advanced criteria (instead of simple criteria) – Select this checkbox to display the Advanced - Criteria page and configure the search with additional filtering options. Advanced search criteria - is configured on the Advanced Criteria page. See the - [TextSearch: Advanced Criteria](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.md) topic - for additional information. -- Simple Criteria - - - Text to match – Find files that contain the text string entered - - Exact match – Select this option to find files that contain only the exact text string entered diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/sourcefiles.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/sourcefiles.md deleted file mode 100644 index 42802adf17..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/sourcefiles.md +++ /dev/null @@ -1,82 +0,0 @@ -# TextSearch: Source Files - -The Source Files page provides options to specify which files to search. - -![Text Search Data Collector Wizard Source Files page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/sourcefiles.webp) - -Location - -The Location section provides options to scope the search. - -- Fixed path – Supply a fixed path or use wildcards and system variables. Fixed paths are typically - entered in the following format: `drive\filepath` (for example, `C:\WINNT\System32`). Click the - ellipsis to open the Remote Folder Explorer and browse to add file paths to the search scope. See - the [Remote Folder Explorer](#remote-folder-explorer) topic for additional information. -- Current Job Directory – Search the job’s root folder for the specified file -- Registry Lookup – Select this option to programmatically obtain a file path from a registry key - that exists on the target host in the environment. Click the ellipsis to open the Enterprise - Auditor Registry Browser and connect to a host to select a registry key and path to be used for - the lookup. - - - Value Name – This value is automatically populated from the registry key - - Levels – The Levels slider can be used to truncate the path for the key value in the Adjust - Path dialog box - - Current value data – Displays the current value for the registry key - - Query 32-bit – Select this checkbox to query a 32-bit view - - Query 64-bit – Select this checkbox to query a 64-bit view - -Files - -The Files section provides options to define the object or set of objects to find. - -- File name – Enter file names to search in the following format: `filename.extension`. Separate - multiple file names with a semicolon and no spaces between the names. Wild cards can be used. -- File type – Select the extension type of the file name entered above to tell the collection - routine how the data within the underlying file is structured and should be handled: - - - Autodetect – Select this when the data type is unknown. The data collection routine will - attempt to figure out what type of data it is and handle it appropriately. - - Plain Text - - CSV - - TSV - - Binary - - Space Separated Text - -- First line is header captions line – Enabled when CSV, TSV, or Space Separated Text is selected - -Options - -The Options section provides options to scope the search. - -- Ignore files larger than [number]MB -- Include subfolders - -Last Modification Time Filter - -The Last Modification Time Filter section provides options to apply time filters to the search. - -- None -- Oldest file -- Most recent file -- Between [date] and [date] -- In the last [number] [days] or [hours] - -## Remote Folder Explorer - -Clicking the ellipsis in the Location section of the Source Files page opens the Remote Folder -Explorer search window. In the Remote Folder Explorer window, navigate to the file folder location -and add the path to the scope. Multiple paths can be added to the scope. - -![Remote Folder Explorer window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/remotefolderexplorer.webp) - -The Remote Folder Explorer functions are: - -- Sample from host (path) – If the desired file does not exist on the local Enterprise Auditor - Console, enter the name of the host that contains the file and click **Connect** to browse that - host -- Selected Path – Displays the path selected in the box above -- Add path – Click **Add path** to add the selected path to the Path box. This adds the path to the - search scope. -- Delete path – Select a path in the Path box and click **Delete path** to delete the path from the - search scope -- Path – Displays the paths that have been added to the search scope diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/summary.md deleted file mode 100644 index 6653162dec..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# TextSearch: Summary - -The Summary page displays a summary of the configured query. - -![Text Search Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Text Search Data Collector Wizard ensuring that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/editscript.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/editscript.md deleted file mode 100644 index e313ed810d..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/editscript.md +++ /dev/null @@ -1,9 +0,0 @@ -# Unix: Edit Script - -The Edit Script page allows the script to be customized. - -![Unix Data Collector Wizard Edit Script page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/editscript.webp) - -Edit the shell script in the textbox if desired. - -Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/input.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/input.md deleted file mode 100644 index 65d8ab3b11..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/input.md +++ /dev/null @@ -1,25 +0,0 @@ -# Unix: Input - -The Input page configures the source for input data. - -![Unix Data Collector Wizard Input page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/input.webp) - -The configurable options are: - -- Use SQL table for scoping input – Select the checkbox to enable scoping options -- Input Table - - - Name – Select the SQL table from the drop-down menu - - Filter Nulls – Select the checkbox to ignore blank rows in the table - - Filter Duplicates – Select the checkbox to ignore duplicate rows in the table - - Filter by host column – Select the checkbox to sort rows by host - -- Columns – Select the desired rows from the SQL table -- Data Input Method - - - Run command once per table row - - Send table data via standard input - -- Column Separator – Specify the column delimiter - -Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/overview.md deleted file mode 100644 index d215cbb63a..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/overview.md +++ /dev/null @@ -1,36 +0,0 @@ -# Unix Data Collector - -The Unix Data collector provides host inventory, software inventory, and logical volume inventory on -UNIX & Linux platforms. The Unix Data Collector has been preconfigured within the Unix Solution. -Both this data collector and the solution are available with a special Enterprise Auditor license. -See the -[Unix Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/overview.md) -topic for additional information. - -Protocols - -- SSH - -Ports - -- TCP 22 -- User configurable - -Permissions - -- Root permissions in Unix/Linux - -If the Root permission is unavailable, a least privileged model can be used. See the -[Least Privilege Model](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md#least-privilege-model) -topic additional information. - -## Unix Query Configuration - -The Unix Data Collector is configured through the Unix Data Collector Wizard. It is designed to scan -and import information from UNIX / Linux systems. The Unix Data Collector has these pages: - -- [Unix: Settings](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/settings.md) -- [Unix: Input](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/input.md) -- [Unix: Edit Script](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/editscript.md) -- [Unix: Parsing](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/parsing.md) -- [Unix: Results](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/results.md) diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/parsing.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/parsing.md deleted file mode 100644 index 786642697d..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/parsing.md +++ /dev/null @@ -1,31 +0,0 @@ -# Unix: Parsing - -The Parsing Configuration page configures the columns to return from the remote command and the -parameters used to parse that output into those columns. - -![Unix Data Collector Wizard Parsing Configuration page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/parsing.webp) - -The configurable options are: - -- Parse Columns – Select the checkbox to enable the parsing parameters options - - - Delimiter – Specify the delimiter - - Ignore duplicate delimiters – Check the checkbox to enable - - Delimiter Type – Select one of the following options: - - - Split on any delimiter character - - Split on entire delimiter string - - Split on delimiter regular expression - - - Handle additional delimited fields by – Select one of the following options: - - - Ignoring them - - Inserting them as the last column in additional rows - - Including them in the last column - -- Columns – Use the buttons to add or remove columns - - - **Add** – Opens the New Column window. Enter a new column name and click **OK**. - - **Remove** – Removes the selected column - -Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/results.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/results.md deleted file mode 100644 index f1221a9f98..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/results.md +++ /dev/null @@ -1,15 +0,0 @@ -# Unix: Results - -On the Results page, select which properties will be gathered out of those available for the query. -Additionally select properties based on which ROWKEY will be built. - -![Unix Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -The configurable options are: - -- Properties to return – Select the desired columns -- ROWKEY's components – Select the desired columns - -Click **Finish** to save the configuration changes, or **Back** to return to the previous page. If -no changes were made, it is a best practice to click **Cancel** to close the Unix Data Collector -Wizard to make sure that no accidental settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/settings.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/settings.md deleted file mode 100644 index 22ead643df..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/settings.md +++ /dev/null @@ -1,36 +0,0 @@ -# Unix: Settings - -The Settings page configures the Unix Data Collector settings. - -![Unix Data Collector Wizard Settings page](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) - -The configurable options are: - -- Time Out Settings - - - Connection Timeout – Set the connection timeout - - Processing Timeout – Set the processing timeout - -- Pre-Execution File Copy - - The Unix Data Collector can use SCP to copy a file from the Enterprise Auditor console to the - target system before running the script command. - - - Enable pre-execution file copy – Select the checkbox to enable - - - Source File – Enter a file path or click the ellipsis (…) to browse to the file location - - Target Location – Enter the file path to copy the file to - -- Credential Selection Settings - - - Only use Unix Account type credentials from connection profile - - Use both Unix Account and Active Directory Account type credentials from connection profile - - - AD Account user name format – Select from the dropdown the format of the user name from - the following: - - - username - - domain\username - - username@domain - -Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/groups.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/groups.md deleted file mode 100644 index cdf7721e4a..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/groups.md +++ /dev/null @@ -1,43 +0,0 @@ -# UsersGroups: Groups Category - -The Groups Query category collects information for groups in different contexts. - -![Users and Groups Browser wizard Results page for Groups category](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/groups.webp) - -In the Groups section, select from the following options: - -- All groups -- All global groups -- All local groups -- All groups containing the following users – Click the ellipsis (**…**) to open the Find a User - browser screen and select users. See the [Find a Group/User Browser](#find-a-groupuser-browser) - topic for additional information. -- These groups – Click the ellipsis (**…**) to open the Find a Group browser window and select - groups. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic for additional - information. - -In the Additional Properties section, select the **What rights does this group have?** checkbox to -return rights for the selected groups. - -**CAUTION:** The number of offline Groups can significantly increase the time for a scan. - -**_RECOMMENDED:_** For large networks, configure the length of time for a scan when Groups are -offline. - -- Retry Attempts [number] -- Retry Interval [number] seconds - -## Find a Group/User Browser - -Clicking the ellipses for the **All groups containing the following users** and the **These groups** -options opens the Find a Group or Find a User browser. - -![Find a group window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/findagroup.webp) - -The Find a Group and Find a User browsers display a list of groups or users, depending on which one -is being used, that can be selected for the option. Select from a specific host using the Sample -from host option, or leave the text field blank and click **Connect** to retrieve all user groups or -users that are selectable. - -Select a group or user by selecting the checkbox next to it, and click **OK** to confirm selection. -Click **Cancel** to leave the window without a selection. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/security.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/security.md deleted file mode 100644 index 707f130677..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/security.md +++ /dev/null @@ -1,27 +0,0 @@ -# UsersGroups: Security Category - -This Security policy is used to audit security policies. - -![Users and Groups Browser wizard Results page Security category](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/security.webp) - -Select from the following options for what data will be returned: - -- Security Policy (User Rights Assignment) – Identifies user rights assignment for each individual - policy part that grants or removes rights - - - Resolve Nested Group Membership – Returns nested group membership - - Find all users and groups who have the following right – Select the checkboxes next to the - rights desired for the query - -- Password Policy – Returns a password policy audit for the target -- Audit Policy – Returns an audit policy audit for the target -- Account Lockout Policy – Returns an account lockout policy audit for the target - -**CAUTION:** The number of offline hosts with policies can significantly increase the time for a -scan. - -**_RECOMMENDED:_** For large networks, configure the length of time for a scan when hosts with -policies are offline. - -- Retry Attempts [number] -- Retry Interval [number] seconds diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/users.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/users.md deleted file mode 100644 index 39d4bfed87..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/users.md +++ /dev/null @@ -1,61 +0,0 @@ -# UsersGroups: Users Category - -The Users Query category collects information for users in different contexts. - -![Users and Groups Browser wizard Results page Users category](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/users.webp) - -In the Users section, select from the following options: - -- All users – All users found on the target host -- All users in the following groups – Click the ellipsis (**…**) to open the Find a Group browser - window and specify a group. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic - for additional information. A specific group can also be entered manually into the text field. -- These users – Click the ellipsis (**…**) to open the Find a User browser window and specify one or - more users. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic for additional - information. A specific user can also be entered manually into the text field. -- Special users – The users found can be flagged as special users in the following categories: - - - Administrator - - Guest - - Check if account has been renamed – Select this checkbox to check if the Administrator or - Guest account has been renamed - - Resolve nested group membership – Returns nested group membership - - Include every occurrence of a user – Show every group in which the user is a member - -In the Additional Properties section, select from the following checkboxes to return additional -information on user objects: - -- Is the user account enabled? -- Is the user account locked out? -- Can the user change their password? -- Does the user’s password expire? -- What rights does the user have? -- Does the user require a password? -- When was this user’s password last changed? -- What is this user’s password age in days? -- When did this user last logon? - -Click **Select all** to select all properties. Click **Clear all** to deselect all properties - -**CAUTION:** The number of offline Users can significantly increase the time for a scan. - -**_RECOMMENDED:_** For large networks, configure the length of time for a scan when Users are -offline. - -- Retry Attempts [number] -- Retry Interval [number] seconds - -## Find a Group/User Browser - -Clicking the ellipses for the **All users in the following groups** and the **These users** options -opens the Find a Group or Find a User browser. - -![Find a group window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/findagroup.webp) - -The Find a Group and Find a User browsers display a list of groups or users, depending on which one -is being used, that can be selected for the option. Select from a specific host using the Sample -from host option, or leave the text field blank and click **Connect** to retrieve all user groups or -users that are selectable. - -Select a group or user by selecting the checkbox next to it, and click **OK** to confirm selection. -Click **Cancel** to leave the window without a selection. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/overview.md deleted file mode 100644 index d7e2338c16..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/overview.md +++ /dev/null @@ -1,45 +0,0 @@ -# UsersGroups Data Collector - -The UsersGroups Data Collector audits user and group accounts for both local and domain, extracting -system policies. - -The UsersGroups Data Collector has been preconfigured within the Windows Solution. Both this data -collector and the solution are available with a special Enterprise Auditor license. See the -[Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) -topic for additional information. - -Protocols - -- RPC -- SMBV2 -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports -- 445 - -Permissions - -- Member of the Local Administrators group - - - If a less-privileged option is required, you can use a regular domain user that has been added - to the **Network access: Restrict clients allowed to make remote calls to SAM** Local Security - Policy - -- Member of the Domain Administrators group (if targeting domain controllers) - -## UsersGroups Query Configuration - -The UsersGroups Data Collector is configured through the Users and Groups Browser wizard, which -contains the following wizard pages: - -- Welcome -- [UsersGroups: Results](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/results.md) -- [UsersGroups: Summary](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/summary.md) - -![Users and Groups Browser wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/results.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/results.md deleted file mode 100644 index f31e4b22ff..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/results.md +++ /dev/null @@ -1,12 +0,0 @@ -# UsersGroups: Results - -The Results page is where the type of data to be returned is configured. Each type has a different -set of options. - -![Users and Groups Browser wizard Results page Category selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Choose from the following query categories: - -- [UsersGroups: Users Category](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/users.md) -- [UsersGroups: Groups Category](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/groups.md) -- [UsersGroups: Security Category](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/category/security.md) diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/summary.md deleted file mode 100644 index 8195188489..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# UsersGroups: Summary - -The Summary page displays a summary of the configured query. - -![Users and Groups Browser wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Users and Groups Browser wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/classes.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/classes.md deleted file mode 100644 index 96fa35db64..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/classes.md +++ /dev/null @@ -1,9 +0,0 @@ -# WMICollector: Classes - -On the Classes page, configure the WMICollector namespaces and classes to use as a data source. - -![WMI Browser wizard Classes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/classes.webp) - -Select the **Namespace** and **Class** from the drop-down lists to use as a data source. The default -namespace, **root\CIMV2**, is typically what should be used. Select the **Win32 classes only** -checkbox to use only Win32 classes. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/overview.md deleted file mode 100644 index ecbb6852d1..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/overview.md +++ /dev/null @@ -1,39 +0,0 @@ -# WMICollector Data Collector - -The WMICollector Data Collector identifies data for certain types of WMI classes and namespaces. The -WMICollector Data Collector is a core component of Enterprise Auditor, but it has been preconfigured -within the Windows Solution. While the data collector is available with all Enterprise Auditor -license options, the Windows Solution is only available with a special Enterprise Auditor license. -See the -[Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) -topic for additional information. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group - -## WMICollector Query Configuration - -The WMICollector Data Collector is configured through the WMI Browser wizard, which contains the -following wizard pages: - -- Welcome -- [WMICollector: Sample Host](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/samplehost.md) -- [WMICollector: Classes](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/classes.md) -- [WMICollector: Properties](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/properties.md) -- [WMICollector: Summary (Results)](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/summary.md) - -![WMI Browser wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/samplehost.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/samplehost.md deleted file mode 100644 index 66f695d328..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/samplehost.md +++ /dev/null @@ -1,10 +0,0 @@ -# WMICollector: Sample Host - -On the Sample Host page, enter a sample host to populate options for the query. - -![WMI Browser wizard Sample Host page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/samplehost.webp) - -On the Sample Host page, if the desired classes and namespaces to audit reside on the local host, -click **Next**. (The local host is represented by `.` in the **Sample host name** box). If a -different sample host is needed to populate the namespace and class options, enter the name for the -remote host and click **Next**. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/summary.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/summary.md deleted file mode 100644 index 71f6ce0b95..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/summary.md +++ /dev/null @@ -1,8 +0,0 @@ -# WMICollector: Summary (Results) - -The Summary page, or Results page, displays a summary of the configured query. - -![WMI Browser wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the WMI Browser wizard ensuring that no accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/features.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/features.md deleted file mode 100644 index 0f30f24ae0..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/features.md +++ /dev/null @@ -1,102 +0,0 @@ -# Special Features & Functions - -There are several special features and functions available for jobs and job components with which -Enterprise Auditor users should be familiar. - -View XML Files - -Job, query, analysis, and action property windows all have the **View XML** option. These provide -the ability to edit through an XML text window. - -Open Explore Folder - -Enterprise Auditor users can directly open a selected job or job group folder from the Jobs tree -using the **Explore Folder** option in the right-click menu. - -Publish Reports after Report Generation - -Reports that have been generated but not published can be sent to the Web Console using the -**Publish** option in the right-click menu from the selected Jobs tree, job group, or job node. See -the [Publish Reports Window](#publish-reports-window) topic for additional information. - -Job Configuration Change Tracking - -Jobs configuration changes can be tracked using the **Changes** option in the right-click menu from -the selected Jobs tree, job group, or job node. See the -[Changes Window](/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/overview.md#changes-window) -topic for additional information. - -Job Export - -Jobs can be exported to a ZIP file using the **Export** option in the right-click menu from the -selected job group or job node. See the -[Export Job to Zip Archive Window](#export-job-to-zip-archive-window) topic for additional -information. - -See the -[Jobs Tree Right-click Menus](/docs/accessanalyzer/11.6/administration/navigation.md#jobs-tree-right-click-menus) -section for additional features. - -## Export Job to Zip Archive Window - -The Export Job to Zip Archive window opens from the **Export** option in the right-click menu from -the selected job group or job node. - -![Export from Jobs Tree menu](/img/versioned_docs/directorymanager_11.0/directorymanager/portal/export.webp) - -Select **Export** from the right-click menu to open the Export Group to Zip Archive window. - -![Export Group to Zip Archive window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/exportgrouptoziparchive.webp) - -The **Include all job components** option will zip the job’s directory, the reports, the job log, -and the SA_Debug log. The **Select specific components to export** option allows Enterprise Auditor -users to select which components to include in the ZIP file. - -There are two options for where to save the ZIP file: - -- Save in the exported folder – Saves the file in the job’s directory, for example - `%sainstalldir%Jobs\GROUP_.Active Directory Inventory\.Active Directory Inventory.zip` -- Save in the following location – Allows you to either type or browse to the desired save location - -The **Email this archive**checkbox provides the opportunity to send an email notification with the -attached ZIP file. - -![Support Email window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/supportemail.webp) - -When the archive has been created, the Enterprise Auditor Support Email window opens. By default, -the recipient is set to [Netwrix Support](https://www.netwrix.com/support.html) but it can be -modified prior to sending. Additional recipients can be added, and the Subject and email body can be -modified. - -## Publish Reports Window - -The **Publish Reports** wizard allows you to better manage the list of reports published to the Web -Console. - -When you right-click on a job group or job and select **Publish**, the Publish Reports wizard opens. -You can choose the list of reports to be published or removed from the Web Console. - -Follow the steps to publish the reports. - -**Step 1 –** Right-click on a job group or job and select **Publish** from the drop-down list. - -![Publish Reports wizard Action Type page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/publishreportsactiontype.webp) - -**Step 2 –** On the Action Type page, select the type of action to be performed on the reports and -click **Next**: - -- Publish Reports -- Delete Reports - -![Publish Reports wizard Report Tree page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/publishreportsreporttree.webp) - -**Step 3 –** On the Report Tree page, select the reports to be published or removed (depending on -the Action Type selected in the previous step). Click **Next** to proceed with the action. - -**Step 4 –** The Progress page shows you the status of the action. When it has completed, click -**Finish** to exit the wizard. - -Published reports can be viewed under the **[Job]** > **Results** node or through the Web Console. -See the -[Reporting](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/overview.md) topic -for additional information. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/instantiate.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/instantiate.md deleted file mode 100644 index 7b915bd350..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/instantiate.md +++ /dev/null @@ -1,63 +0,0 @@ -# Instantiating Jobs into the Jobs Tree - -Enterprise Auditor jobs and solutions are comprised of files contained within the file system of the -installation directory. All jobs and job groups contained within the Jobs tree are housed in the -Jobs directory. The default location is: - -…\STEALTHbits\StealthAUDIT\Jobs - -![Explore Folder option from Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/explorefolder.webp) - -The folder is opened from within the Enterprise Auditor Console by right-clicking on the desired -**Jobs** node and selecting **Explore Folder**. - -![Jobs folder in File Explorer](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/explorefolderfileexplorer.webp) - -The naming convention of the folders controls what is visible in the Jobs tree. `GROUP_` is the -prefix for all job groups. `JOB_` is the prefix for all jobs. Changing the prefix removes the object -from the Jobs tree without deleting it. - -Instantiating new, external jobs is as easy as copying and pasting the job or job group into this -location. However, copying an existing job within the Jobs directory is not supported. If the job -already exists within the Enterprise Auditor Console server, copying outside of the console may -result in reporting issues. - -**CAUTION:** Do not use these steps to copy an existing job. - -There is no need to close the Enterprise Auditor application to instantiate a new job. Follow the -steps to instantiate a new job into the Enterprise Auditor Jobs tree: - -**Step 1 –** Obtain the job or job group to be instantiated. If it has been sent by Netwrix, a -colleague, or other entity, it is most likely in one of two formats: - -- Archive (.zip, .rar, and so on) -- Folder containing the job content (JOB*[name of job] or GROUP*[name of job group]) - -**Step 2 –** Open the Jobs directory. The default location is: - -…\STEALTHbits\StealthAUDIT\Jobs - -**Step 3 –** Place the job or job group into the Jobs directory. - -![Extract zip file contents to the Jobs folder](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantiateextract.webp) - -- If in archive format, extract the desired content to the Jobs directory - - - Use the default path or specify a specific path using the browse button (…) - - Select whether to **Show extracted files when complete**. This option is selected by default. - -- If in a folder format, copy and paste the job or job group folder into the Jobs directory - -![New job added in the Jobs folder ](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantiatefileexplorer.webp) - -The new job or job group should be visible in the Jobs directory, and the naming convention should -match that of the jobs or job groups that are already there. - -![Refresh Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/refreshtree.webp) - -**Step 4 –** In the Enterprise Auditor Console, right-click on the **Jobs** node and select -**Refresh Tree**. - -![Job displayed in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantiatejobstree.webp) - -The new job or job group now displays in the **Jobs** tree in alphanumeric order. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/overview.md deleted file mode 100644 index 6b74cf4e2f..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/overview.md +++ /dev/null @@ -1,109 +0,0 @@ -# Jobs Tree - -Jobs are the fundamental unit of Enterprise Auditor. It is through jobs that all data collection -queries, analysis tasks, notification tasks, action tasks, and report generation occur. Jobs are -housed within the Jobs tree of the Navigation pane. - -The Jobs Tree is located in the Navigation Pane on the Enterprise Auditor Console. - -![Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobstreeoverview.webp) - -Clicking on the arrow next to the Jobs node will expand it. The Jobs tree is organized -alphanumerically, first by job groups and then by any jobs that are independent of job groups. - -Each component within the Jobs tree has an icon for quick reference. The icons are: - -| Icon Description | Description | -| --------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | -| ![jobgroup](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobgroup.webp) | Job Group | -| ![modifiedjobgroup](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/modifiedjobgroup.webp) | Modified Job Group | -| ![settings](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) | Settings node for a Job Group/ Configure node for a job | -| ![job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job.webp) | Job | -| ![modifiedjob](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/modifiedjob.webp) | Modified Job | -| ![lockedjob](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/lockedjob.webp) | Locked Job (Only applicable to Role Based Access feature) | -| ![status](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/status.webp) | Status node for a Job | -| ![connectstatus](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/connectstatus.webp) | Job’s ConnectStatus Node | -| ![jobstatus](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobstatus.webp) | Job Status for a Job | -| ![taskstatus](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/taskstatus.webp) | Task Status for a Job | -| ![results](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) | Results node for a Job | -| ![messages](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/messages.webp) | Job’s Messages table | -| ![jobsdata](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobsdata.webp) | Job’s Data Table or View | -| ![jobsreport](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobsreport.webp) | Job’s Report | - -A green checkmark over a Job or Job Group icon indicates a configuration change has been made to the -job or job group. The global settings configured under the Settings node are inherited down through -the Jobs tree to the job unless inheritance is broken in a job group’s Settings node, a job’s -Configure node, or a job’s Properties window. See the -[Navigating the Console](/docs/accessanalyzer/11.6/administration/navigation.md) -for additional information. - -## Job Execution Options - -Enterprise Auditor is designed to execute jobs one at a time in the order assigned. If a job group -is run, the jobs execute in the order listed within the job group. Job groups are designed to run -data collection jobs before running analysis and reporting jobs. If multiple jobs are independently -triggered to run, the jobs execute in the order triggered. - -Jobs execution options include: - -- Manual or Ad Hoc - - Applies logged in user’s credentials to execute the job on the Enterprise Auditor Console - server - - Job progress can be monitored through the **Running Instances** node - - Order of job execution can be manipulated on the **Running Instances** node - - Closing the Enterprise Auditor Console terminates the running job and clear the jobs queue -- Schedule - - Applies Schedule Service Account credentials to execute the job through Windows Task Scheduler - - Each scheduled task independently employs the Enterprise Auditor application, allowing - unrelated tasks to run simultaneously - - Runs on schedule whether a user is logged in or not - -## Changes Window - -The Changes window is where jobs are created by customers or professional services engineers. Custom -jobs can be enabled to track changes to configuration settings. When enabled, configuration changes -are tracked in change logs stored within the job folder. Changes can also be viewed within this -window. - -Remember, custom jobs are not shipped with Enterprise Auditor but instead user created. - -The Changes window opens from the **Changes** option in the right-click menu from the selected Jobs -tree, job group, or job node. - -![Changes Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/changeswindow.webp) - -Select **Enabled** from the drop-down menu in the upper-left corner to turn on change tracking of -configuration settings. Select a modification from the table and click **Undo** to revert the -change. - -The window columns display the following information: - -- Job Path – Path to the job where the configuration change occurred, only visible when viewed at - the Jobs tree or job group level -- Component – Component of the job where the configuration change occurred, for example Job, Query, - or Analysis -- Modification – Type of change that was made, for example Add or Update -- Task – Name of the analysis or action task modified, only populated when the change occurred to an - Analysis or Action component -- Setting – A changed setting -- Value – New setting value. If the modification was an update, this displays both the old and the - new setting value. - -Select a modification from the table and click **Undo** to revert the change. - -If configuration change tracking is **Disabled**, configuration changes are only written directly to -the job’s XML file. If the configuration change tracking feature was previously enabled and then -disabled at a later time, an option is provided to merge changes back into the job’s XML file. - -![Change Window Merge Changes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/changeswindowmerge.webp) - -To merge the changes into the job’s XML file without disabling the configuration change tracking -feature, click **Merge** on the bottom left corner of the Changes window and then click **Yes** on -the Enterprise Auditor pop-up window to confirm the merge. - -![Changes Window Locked](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/changeswindowlocked.webp) - -Changes between releases are tracked. Only jobs that are locked can be upgraded. - -**NOTE:** Jobs that are included in Enterprise Auditor are locked and changes cannot be made to -those jobs. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/maintenance/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/maintenance/overview.md deleted file mode 100644 index b964317c98..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/maintenance/overview.md +++ /dev/null @@ -1,10 +0,0 @@ -# Application Maintenance and Best Practices - -The following topics contain information needed for application maintenance and troubleshooting for -the Enterprise Auditor Console: - -- [Antivirus Exclusions](/docs/accessanalyzer/11.6/administration/maintenance/antivirus-exclusions.md) -- [Updating Passwords](/docs/accessanalyzer/11.6/administration/maintenance/update-passwords.md) -- [Backup and Recovery](/docs/accessanalyzer/11.6/administration/maintenance/backup-recovery.md) -- [Troubleshooting](/docs/accessanalyzer/11.6/administration/maintenance/troubleshooting.md) -- [Best Practices](/docs/accessanalyzer/11.6/administration/maintenance/best-practices.md) diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/overview.md deleted file mode 100644 index c9b9b15149..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/overview.md +++ /dev/null @@ -1,73 +0,0 @@ -# Administration - -The Enterprise Auditor application is the power behind the solutions. It has the automation, -management, and integration building blocks that ensure the solutions’ advanced data collection and -analysis deliver meaningful results to an organization’s infrastructure and other technologies. -Users manage and control access to unstructured and structured data, systems, and critical -applications with the application. - -## Data Collectors Overview - -Enterprise Auditor leverages a wide variety of APIs and protocols to connect to and communicate with -the systems and applications in an organization’s environment. From MAPI to PowerShell, WMI, LDAP, -CIFS, and more. It uses the best, most appropriate data collection methodology for every data -collection task. The majority of Enterprise Auditor data comes from agentless scans and log -collection. This enables remote collection of thousands of data points across dozens of system and -application types. - -Though Enterprise Auditor does use applets and kernel-level drivers for certain data collection -requirements, e.g. real-time file level activity monitoring, these agent-based advanced data -collection methods allow the kind of deep rich information, which can usually be obtained only by -substantial manual effort. - -See the -[Data Collectors](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/overview.md) -topic for additional information. - -## Analysis Modules Overview - -Enterprise Auditor employs a series of powerful, yet easy-to-use Analysis Modules which provide -end-users with the ability to perform very simple and sophisticated data analysis routines with -ease: - -- Correlation – Easily correlate data from multiple datasets to create meaningful views -- Policy – Create rules and policies which automatically categorize your data output, i.e. Severity, - Classifications, etc. -- Change – Turn on change detection to see exactly what has changed between time periods -- Trend – See what is happening over time and when thresholds will be met -- Conformance – Create a baseline or designate a “golden” image to see what deviates from the - organization’s desired standards -- Notification – Get alerts based upon any condition within any dataset, with control over how and - how often alerts are generated - -See the -[Analysis Modules](/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/overview.md) -topic for additional information. - -## Action Modules Overview - -The Enterprise Auditor Action Module framework enables administrators to make bulk changes across -various system and application resources such as File Systems, Exchange Mailboxes, Public Folders, -Distribution Lists, SharePoint sites, and Windows Registry. The Mail and Survey Action Modules work -in conjunction with other Action Modules and datasets to instantiate workflows involving end-users -such as data custodians to obtain answers and verifications. - -See the -[Action Modules](/docs/accessanalyzer/11.6/accessanalyzer/admin/action/overview.md) -topic for additional information. - -## Reporting Overview - -The Enterprise Auditor custom report authoring engine, dashboards, and open data views provide -information to multiple audiences within an organization, both technical and non-technical. Its -reporting capabilities include a distribution and viewing mechanism allowing reports to be -automatically distributed via email or posted to one or more network locations and/or websites for -simple, secure, and on-demand access to information. The Enterprise Auditor Report Index provides -access to published Enterprise Auditor reports through a web-based console, granting access to -reports without requiring access to the Enterprise Auditor Console. It is accessed through the -Stealthbits Web Console, which is created during the installation of Enterprise Auditor. The Web -Console can also provide access to the Access Information Center, and other Stealthbits products. - -See the -[Reporting](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/overview.md) topic -for additional information. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/cleanup.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/report/cleanup.md deleted file mode 100644 index d49254c70c..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/cleanup.md +++ /dev/null @@ -1,40 +0,0 @@ -# Report Cleanup when Deleting a Job or Job Group - -When deleting a job or job group, the Delete Job and Delete Group wizards allow you to delete any -published reports contained in the jobs that are being deleted. Follow the steps to delete a job or -job group that contains published reports. - -**CAUTION:** Deleted objects cannot be restored. - -![Delete Group on right-click menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -**Step 1 –** In the Jobs tree, right-click on the job or group that you want to delete and select -**Delete Job/Group**. - -![Delete Group wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/deletegroup.webp) - -**Step 2 –** On the Delete Job/Group page of the wizard, confirm it shows the correct job or group -that you want to delete, then click **Next**. - -**NOTE:** If there are no published reports, clicking **Next** starts the deletion (skip to step 4). - -![Delete Published Reports wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reporttree.webp) - -**Step 3 –** The Delete Published Reports page of the wizard shows the tree of published reports. -Select the checkboxes next to all the reports you want to delete. You can also select reports by job -group or job. Click **Next** to proceed with the deletion. - -![Progress wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/progress.webp) - -**Step 4 –** The Progress page shows you the status of the deletion process. When it has completed, -click **Finish** to exit the wizard. - -The job or job group and all of the selected published reports have been deleted. If you chose not -to delete any of the published reports contained in any of the deleted jobs, then those remaining -reports can still be viewed in the Web Console, even though the parent has been removed from the -Enterprise Auditor Console. - -![Delete Published Reports page with a report from previous deletion](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reportfrompreviousdeletion.webp) - -The remaining published reports that weren't deleted are shown in the wizard if you are deleting the -parent group of the previously deleted job or group. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/report/overview.md deleted file mode 100644 index a3834f99ec..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/overview.md +++ /dev/null @@ -1,25 +0,0 @@ -# Reporting - -Enterprise Auditor provides the ability to report on collected data in multiple ways such as tables, -views, graphs, and emails. Depending on the type of data collected, different reporting methods can -simplify how to present and understand the information. - -![Reports node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reports.webp) - -The Reports node, contained within a job’s Configure node, lists any reports that are configured for -the job. The page contains options to create a report, configure existing reports, and a link to -view generated reports. The configuration of reports vary by use case, but they contain the same -elements. The layout and elements of a report are configured using the -[Report Configuration Wizard](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/overview.md). - -In addition, there are various ways to view and interact with generated reports. Generated reports -can be viewed in the Enterprise Auditor Console or in the Web Console. Reports can also be -configured to be downloaded as a CSV file, or sent as an email in various forms. See the -[Viewing Generated Reports](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md) -topic for additional information. - -The global settings configured under the Settings node are inherited down through the Jobs tree to -the job unless inheritance is broken in a job group’s Settings node, a job’s Properties window, or -in the Report Configuration Wizard. See the -[Reporting](/docs/accessanalyzer/11.6/administration/settings/reporting.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md deleted file mode 100644 index 0543028957..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md +++ /dev/null @@ -1,54 +0,0 @@ -# Viewing Generated Reports - -Reports can be viewed either in the Enterprise Auditor Console in the Results Node of the related -job, or published reports can be viewed in the Web Console. - -- [Results Node](#results-node) – All reports generated by a job are always accessible under the - job’s Results node -- [Web Console](#web-console) – All published reports generated by all jobs appear in the Published - Reports Web Console - -## Results Node - -Each job contains a results node where reports generated by that job can be viewed. Even if the -report is unpublished, the report is still displayed here. - -![Report in the Results node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/viewresultsnode.webp) - -Select the desired report to be viewed. The report displays in the Results pane of the console. - -![Access report from configure page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/viewconfigure.webp) - -You can also access the report from the **Configure** > **Reports** page for the job. Click the -report title to view the report. - -## Web Console - -The most common place to view reports is the Web Console. For information on how to access the Web -Console, see the -[Log into the Web Console](/docs/accessanalyzer/11.6/installation/reports-configuration/security.md#log-into-the-web-console) -topic. - -![Web Console Home page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolehome.webp) - -On the home page of the Web Console, select a solution to view a list of all published reports for -that solution’s job group. This list includes reports with changed Publish Path locations. - -![Web Console .Active Directory Inventory](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/webconsolesolutioninventory.webp) - -Clicking a report name link opens the selected report, or navigate through the folders to select a -report. - -From within the Web Console, reports cannot be edited or deleted. However, the interactive grid -functions are enabled. See the -[Interactive Grids](/docs/accessanalyzer/11.6/administration/reporting/interactive-grids.md) -topic for additional information. An additional feature available within the Web Console is the -option to download data as a CSV file, which can be enabled for grid elements. This exports the data -within tables, both interactive grid and plain HTML tables. See the -[Grid](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/widgets.md#grid) -topic for additional information. - -**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See -the -[Configure JavaScript Settings for the Web Console](/docs/accessanalyzer/11.6/administration/settings/reporting.md#configure-javascript-settings-for-the-web-console) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/authoring.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/authoring.md deleted file mode 100644 index 4a463543a1..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/authoring.md +++ /dev/null @@ -1,65 +0,0 @@ -# Authoring Page - -On the Authoring page of the Report Configuration wizard, you can configure the name, header -information, and publish settings for the report. - -![Report Configuration wizard Authoring page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/authoring.webp) - -Configure the following settings as required: - -![name](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/name.webp) - -- Name – The name used for the report in the Enterprise Auditor console and Web Console. - -Header Options - -![header](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/header.webp) - -- Title – The title of the report as displayed at the top of the generated report -- Author – Name of the person or group who created the report. This is displayed at the top of the - generated report. -- Tags – Use the tag editor to add and remove tags, see the - [Add Tags to a Report](#add-tags-to-a-report) topic below for more information. Tags are displayed - in the header of the generated reported. -- Description – A description of the report content. It is displayed beneath the report Title in the - generated report. - -Publish Options - -- Publish Report – Select an option to configure if the report should be published to the Web - Console when it is generated. - - Use default setting – Applies the Global report settings, or the settings configured at the - job group or job levels if inheritance has been broken. (See the - [Publish Option](/docs/accessanalyzer/11.6/administration/settings/reporting.md#publish-option), - [Reporting Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md), - and - [Report Settings Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topics for additional information.) - - Publish report – Select this option to publish the report - - Do not publish report – Select this option to not publish the report -- Publish State – Shows the current publish state of the report. If the report is already published, - you can click the link to open the report in the Web Console. - -## Add Tags to a Report - -You can add tags to reports to describe the content and use cases of the report (see the -[Tags](/docs/accessanalyzer/11.6/administration/reporting/tags.md) topic for -additional information). The Tag Editor allows you to select the tags for a report, including -creating new ones to select. - -Follow the steps to select tags using the Tag Editor. - -**Step 1 –** On the Authoring page of the Report Configuration wizard, click the **Edit** button -located next to the Tags text box. - -![Tag Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/tageditor.webp) - -**Step 2 –** In the Tag editor, select the checkbox next to the tags that should be applied to the -report. - -- In addition to selecting existing tags, you can also add new tags to be selected. To create a tag, - enter the desired tag name in the text box and click **Add**. - -**Step 3 –** Click **OK**. - -The selected tags are now shown in the Tags field as a comma separated list. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/email.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/email.md deleted file mode 100644 index 8be81945cc..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/email.md +++ /dev/null @@ -1,55 +0,0 @@ -# E-mail Page - -The E-mail page of the Report Configuration wizard gives you the option to break inheritance and -select report specific settings for emailing the report. - -![Report Configuration wizard E-mail page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/email.webp) - -The default setting for new and included reports is **Use default setting**, which keeps the -inheritance from the global, job group, or job settings (see the -[Email Report Options](/docs/accessanalyzer/11.6/administration/settings/reporting.md#email-report-options), -[Reporting Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md), -and -[Report Settings Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topics for additional information). If you want to keep the default, then you can skip this page of -the wizard by clicking **Next**. - -**NOTE:** In order for reports to be emailed, the SMTP server information must be configured in the -**Settings** > **Notification** node. See the -[Notification](/docs/accessanalyzer/11.6/administration/settings/notifications.md) -topic for additional information. - -To configure the setting for the report, use the Settings drop-down menu to select one of the -following options: - -- Use default setting – The default option. Applies the Global notification settings, or whatever - settings have been configured at the job group or job levels if inheritance has been broken. If - **Email this report** is enabled by default, then using this option sends the report to the - recipients configured at the parent level where the inheritance begins. -- Email this report – Select this option if you want to email the report and the inherited setting - is **Do not email this report**, or if you want to configure specific email settings for the - report. If it is selected, you must then configure the additional fields below. -- Do not email this report – Select this option to not email the report - -![Settings configured to email the report](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/emailconfigured.webp) - -If the **Email this report** setting is selected, then the following fields are enabled for you to -configure: - -- Format – Select the format of the report to be contained in the email. - - Web Link – Sends an email notice that the report has been published and provides the recipient - with a link to it in the Web console - - Embedded HTML – Sends the report embedded inside the email using HTML format - - Data Tables as CSV (No Charts) – Attaches the complete data set (as configured within the - report, without row limit) to an email as a CSV file, excluding any charts - - PDF – Attaches the report to an email as a PDF file -- Subject – The subject line of the e-mail. By default it is - `Netwrix Enterprise Auditor Report: [ReportName]`, with the `[ReportName]`variable being - automatically populated. -- Send-To / Send-Cc / Send-Bcc – Enter the email addresses of the required recipients for the email - notification. Use a semicolon (;) to separate multiple recipients. -- Do not e-mail this report if blank – Select this checkbox to not email the report if all elements - of it are blank when it is generated - - A blank report can occur if there is an error in data collection or if the report is - configured for data which might not always be present (for example, new computer objects - created since last scan) diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/layout.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/layout.md deleted file mode 100644 index 72e1b517df..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/layout.md +++ /dev/null @@ -1,31 +0,0 @@ -# Layout Page - -The Layout page allows you to configure the layout of the report's content. - -![layout](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/layout.webp) - -Follow the steps to select the layout: - -**Step 1 –** Click the **Select the number of rows** drop-down menu and select an option from: 1 -row, 2 rows, or 3 rows. - -**Step 2 –** Click on the layout tile you want for the report. - -The layout for the report has been selected. Each box on the selected tile corresponds to a separate -widget that you next need to configure on the -[Widgets Page](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/widgets.md) -page of the Report Configuration wizard. - -## Element Downgrade Editor - -If you are editing an existing report and you select a layout that has fewer elements than the -number of already configured widgets, then the Element Downgrade Editor automatically displays. - -![Element Downgrade Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/elementdowngradeeditor.webp) - -The maximum number of elements allowed by the correctly selected layout is specified at the top of -the editor. Select the checkboxes next to the title of all the configured widgets you want to keep -up to this limit, then click **OK**. Any widgets not selected will be removed from the report. - -**NOTE:** You can click **Cancel** to return to the layout page to select a different layout with -more elements. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/overview.md deleted file mode 100644 index 259d047909..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/overview.md +++ /dev/null @@ -1,46 +0,0 @@ -# Report Configuration Wizard - -You can use the Report Configuration Wizard to configure reports. The wizard can be launched for an -existing report or when creating a new report. See the -[Creating a Report](/docs/accessanalyzer/11.6/administration/reporting/create-reports.md) -and -[Editing Existing Reports](/docs/accessanalyzer/11.6/administration/reporting/edit-reports.md) -topics for additional information. - -Follow the steps to configure a report using the wizard. - -**NOTE:** Skip any sections or pages that do not require changes to the existing configuration. - -**Step 1 –** Create a new report or open the Report Configuration wizard for an existing report. - -**Step 2 –** Configure the settings on the -[Authoring Page](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/authoring.md) -page. These include Name, Header information, and publish settings. Click **Next**. - -**Step 3 –** On the -[E-mail Page](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/email.md) -page, use the inherited settings or configure report specific settings. Click **Next**. - -**Step 4 –** The -[Publish Security Page](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/publishsecurity.md) -page is only enabled if role-based access is configured for the Enterprise Auditor console. On this -page you can view and configure accounts with permissions to view the report. If you are not using -role-based access, you can skip this page. Click **Next**. - -**Step 5 –** On the -[Layout Page](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/layout.md) -page, select the number of rows using the dropdown menu. Then select the desired pre-defined layout -from the options displayed. Click **Next**. - -**Step 6 –** On the -[Widgets Page](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/widgets.md) -page, configure widgets for each element of the layout. - -**Step 7 –** Click **Finish** to save your changes. - -- If you do not want to save your changes or have not made any changes, click **Cancel** on any page - to exit the wizard without saving your changes. - -Your configuration has been saved. For information on how to view your report, see the -[Viewing Generated Reports](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md) -topic. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/publishsecurity.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/publishsecurity.md deleted file mode 100644 index cec5143f41..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/publishsecurity.md +++ /dev/null @@ -1,35 +0,0 @@ -# Publish Security Page - -The Publish Security page of the Report Configuration wizard contains the account names of users -with inherited permissions to view the generated report. - -**NOTE:** This page is only enabled if Role Based Access is configured for the Enterprise Auditor -Console. See the -[Role Based Access](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topic for additional information. - -![Publish Security page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/publishsecurity.webp) - -Roles assigned at the global level are inherited down to the report configuration. Additional report -viewer privileges can also be added at the job group or job levels. - -De-select the Include Report Reviewers from this object's parent checkbox to remove all inherited -accounts with the Report Viewer role. - -You can add additional users, groups, and service accounts with the Report Viewer role at the Report -level. This gives them the permission to view the specific report in the Web Console. Follow the -steps to add an account. - -**Step 1 –** Click **Add**. - -![Select User, Service Account, or Group window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/addreportviewer.webp) - -**Step 2 –** On the Select User, Service Account or Group window, select the desired account and -then click **OK**. - -![Report Viewer user added in wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/reportviewer.webp) - -The selected account is added to the list with a Role of Report Viewer. - -**NOTE:** The permission for accounts that are not Inherited can also be removed using the wizard. -To remove an account, select it and then click **Remove**. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/widgets.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/widgets.md deleted file mode 100644 index ab88612988..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/widgets.md +++ /dev/null @@ -1,312 +0,0 @@ -# Widgets Page - -The Widgets page of the Report Configuration wizard allows you to configure the tables, charts, and -text that form the report. - -![Widgets page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgets.webp) - -At the top of the page the selected layout is described. The table contains the available element -locations where widgets need to be configured. - -![Configure widgets](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetsconfigure.webp) - -To add a new widget to an empty element, click **Configure** and select the desired widget type from -the drop-down menu. The following widgets are available: - -- [Grid](#grid) -- [Chart](#chart) -- [Text](#text) - -The editor for the selected widget opens. See the relevant section below for information about -configuring it. - -![Table with configured widgets](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetsconfigured.webp) - -For configured widgets the table shows the title, type, and data source. You can perform the -following actions by selecting a row and clicking the relevant button: - -- Configure – Opens the editor for the configured widget -- Clear – Deletes the configured widget from the selected element -- Up / Down – Moves the widget up or down to the next element of the selected layout. If another - widget is already configured in the element you are moving it to, the two widgets exchange places. - -## Grid - -The Grid widget type allows you to configure a table to be displayed on generated reports. - -![Grid configuration window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgrid.webp) - -### Options - -The Options section allows you to configure the title and data source for the Grid element. - -![Options section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgridoptions.webp) - -The section contains the following options: - -- Element Title – Enter a title for the element in the text box. This will be displayed in the - element's header on the generated report. - -DataSource Options - -In order to generate results, a location must first be selected as the source of the data. - -- Table – Use the drop-down to select the required data source. The drop-down contains the list of - jobs within Enterprise Auditor that have been executed. -- Current job only – Select this checkbox to only display data from the current job. This option is - selected by default. -- Include all SA nodes data – Select this checkbox to display data from all Enterprise Auditor data - tables -- Show Historical Data – If there is historical data, selecting this option displays all - collections. It is keyed off of the Job Runtime column. -- Limit maximum number of displayed rows to [number] – Limits the number of rows of data displayed - to less than or equal to the number chosen. By default it is set to **1000**. - - **NOTE:** Limits that are larger than the default may slow down the run time. - -Export CSV Options - -You can configure the table to allow the data to be exported as a CSV file. - -- Export table data as CSV – Select this option to enable a report’s table section to be exportable - as a CSV file from the generated report - - When it is configured, you can click the **All Data** button on the table section of the - report to save the report as a CSV file. See the - [Interactive Grids](/docs/accessanalyzer/11.6/administration/reporting/interactive-grids.md) - topic for more information. -- Rows – Limits the amount of rows exported to the CSV file. The default is **Visible**. - - Visible – Only includes the amount of rows set by the **Limit Maximum number of displayed rows - to** option in the DataSource Options section - - All – Includes all rows of the data set -- Columns – Limits the amount of columns exported to the CSV file. The default is **Visible**. - - Visible – Only exports the visible columns (excludes any columns removed using the Column - Chooser) - - All – Includes all columns, including those in the Column Chooser - -### Table Properties - -The Table Properties section allows you to configure the display features of the grid. - -![Table Properties section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgridtableproperties.webp) - -There are two types of grid displays: - -- Interactive grid – Allows the viewer to interact with the table in the generated report. See the - [Interactive Grids](/docs/accessanalyzer/11.6/administration/reporting/interactive-grids.md) - topic for additional information. -- Non Interactive grid – Creates a report with fixed settings and stationary elements. This option - disables all the fields within the Table Properties section. - - **NOTE:** In order to view user configured Grouping in emailed reports, the report must be - emailed as a **Non Interactive Grid**. - -The following settings are available when Interactive grid is selected: - -Grid Properties - -- Treat interactive grid contents as plain text (not HTML) – Enables interactive grid functionality. - This option is selected by default. -- Enable Paging – Enables Paging in reports. Paging allows users to interact with large sets of data - more efficiently when viewing, filtering, and sorting generated report tables by limiting the - amount of data being displayed at a given time. Paging is enabled by default. See the - [Paging](/docs/accessanalyzer/11.6/administration/reporting/interactive-grids.md) - topic for additional information. - -Column Properties - -- Group Column – Arranges the table to be grouped by the attributes of the selected column - - **NOTE:** Paging and grouping are not compatible. When Paging is enabled, the Grouping options - are disabled in the Table Properties section and in the generated report. - -- Enum Column – Groups the data in tables based on the selected column -- Color Column – Colors a column data displayed on the report’s table section -- Icon Column – Creates an icon that appears next to column name on the report’s table section -- Path Column – Creates a column that displays the attack path within the report - -### Data - -The selected data for the table is shown in the section at the bottom of the window. This section -allows you to configure the data to be displayed in the table. - -![Data display](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgriddata.webp) - -The buttons above the column names provide you options for configuring the table arrangement. - -- Clear Sorting – Restores columns to the default placement -- Column Chooser – Opens a pane where you can remove unwanted columns or add hidden columns -- Filter Editor – Opens the Filter Editor which allows you to add custom filters with conditional - statements and logical connectives -- Best Fit (all columns) –  Adjusts the width of the columns to display all the data within the - cells - -## Chart - -Chart widgets allow you to create various chart types to represent data. A Chart Section can only -display one chart type at a time. - -![Chart configuration window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchart.webp) - -### Options - -The Options section allows you to configure the title and data source for the Chart element. - -![Chart Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartoptions.webp) - -The section contains the following options: - -- Element Title – Enter a title for the element in the text box. This will be displayed in the - element's header on the generated report. - -DataSource Options - -In order to generate results, a location must first be selected as the source of the data. - -- Table – Use the drop-down to select the required data source. The drop-down contains the list of - jobs within Enterprise Auditor that have been executed. -- Current job only – Select this checkbox to only display data from the current job. This option is - selected by default. -- Include all SA nodes data – Select this checkbox to display data from all Enterprise Auditor data - tables -- Show Historical Data – If there is historical data, selecting this option displays all - collections. It is keyed off of the Job Runtime column. -- Limit maximum number of displayed rows to [number] – Limits the number of rows of data displayed - to less than or equal to the number chosen. By default it is set to **1000**. - - **NOTE:** Limits that are larger than the default may slow down the run time. - -### Chart Properties - -The Chart Properties section allows you to select the type of chart you want to create. - -![Chart Properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartproperties.webp) - -The following options are the available in the Chart Properties: - -- Chart Type – Select from the following chart types: - - - Area – Shaded region beneath line to indicate a group’s proportion within a column - - Bar – Horizontal rectangles that represent discrete units of measurement - - Column – Vertical bar chart - - Line – Vertical line chart - - Pie – Circular statistical graphic that demonstrates numerical proportion. First grouped - column can be numeric or string, but the second column should always be numeric. - - Stacked – Consolidated bar chart for comparing values - - **NOTE:** Negative numbers cannot be plotted. - -- Show Data Labels – Displays the column name for each section within a chart -- Enum Column – Groups the data in chart by the selected column name -- Assign color for pie slice – Available only for pie charts. Allow you to customize the color for - each slice. Select the column header name from the drop-down menu, then use the color selector - window to choose the desired color. - -### Link - -The Link option allows you to add a hyperlink to the report to connect to other reports. - -![Link Published Reports Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartlink.webp) - -To add a link, click **Published Reports**. On the Published Report Tree window, select the required -report to link to and click **Ok**. - -### Data - -The table of data for the chart is displayed in the middle of the window. This table allows you to -customize the data that is to be shown in the chart. - -![Data table](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartdata.webp) - -The buttons above the column names provide you the following options for configuring the table -arrangement: - -- Filter Editor – Opens the Filter Editor which allows you to add custom filters with conditional - statements and logical connectives -- Best Fit (all columns) –  Adjusts the width of the columns to display all the data within the - cells - -You can group the table by a column by dragging the column header to the bar above the header row. -If grouping is already applied, you can right-click on the grouping bar to expand or collapse all -the groups, or clear the grouping. - -The pane to the right of the table allows you to filter which columns are displayed on the chart. -Select the checkbox next to the columns you want to include in the chart. - -### Chart Preview - -At the bottom of the page a preview of the currently configured chart is displayed. - -![Chart Preview](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartpreview.webp) - -## Text - -There are two types of text editor that allow you to configure a text element on a report. - -- Basic Text Editor – Provides basic functionality like font size and style. Works with HTML script. -- Advanced Text Editor – Provides advanced functionality like document formatting, inserting tables, - and adding hyperlinks - -![Text Editor selection window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/texteditorselection.webp) - -When you first configure a new text element, a dialog displays allowing you to select the type of -Text Editor. On this dialog, select either the Basic or Advanced Text Editor and click **Open -Editor**. The selected editor then opens. - -**NOTE:** Once a Text Editor is selected for a Text element, it cannot be changed. - -### Basic Text Editor - -![Basic Text Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/basictexteditor.webp) - -The Basic Text Editor has the following options: - -- Element Title – Enter a title for the element in the text box. This will be displayed in the - element's header on the generated report. -- Editor / Preview tabs – You can switch between the Editor and Preview tabs. The Editor tab allows - you to edit the text and apply formatting. The Preview tab shows you how the formatted text will - look in the generated report.. -- Convert Carriage Returns to HTML – This checkbox is selected by default. When selected, text - displays on a new line in the generated output where a carriage return has been used. If it is not - selected, the text continues on the same line. - -The icons listed in the table below are available in the Basic Editor (and Advanced Editor) to -provide basic editing options for text entries. - -| Icon | Description | -| -------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | -| ![Undo](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/undo.webp) | Undo a change to the text | -| ![Redo](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/redo.webp) | Redo a change to the text | -| ![Paste](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/paste.webp) | Paste the contents of the clipboard | -| ![Paste Special](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/pastespecial.webp) | Paste as either formatted text, unformatted text, or metafile | -| ![Cut](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/cut.webp) | Cut the selected text and put it on the clipboard | -| ![Find](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/find.webp) | Find and replace specified text | -| ![Font](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/font.webp) | Change the font face | -| ![Font Size](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/fontsize.webp) | Change the font size | - -### Advanced Text Editor - -![Advanced Text Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/advancedtexteditor.webp) - -The Advanced Text Editor has the following options: - -- Element Title – Enter a title for the element in the text box. This will be displayed in the - element's header on the generated report. -- Editor / Preview tabs – You can switch between the Editor and Preview tabs. The Editor tab allows - you to edit the text and apply formatting. The Preview tab shows you how the formatted text will - look in the generated report.. - -The Advanced Editor contains all the icons from the Basic Editor, see above. In addition to these, -it has the icons with higher level editing options for text entries that are listed in the table -below. - -| Icon | Description | -| ------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------- | -| ![Bold](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/bold.webp) | Makes the selected text bold | -| ![Italic](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/italic.webp) | Italicize the selected text | -| ![Decrease Indent](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/decreaseindent.webp) | Decrease the indent level of the paragraph | -| ![Increase Indent](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/increaseindent.webp) | Increase the indent level of the paragraph | -| ![Hyperlink](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/hyperlink.webp) | Create a link to a Web page, picture, email address, or program | -| ![Multilevel List](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/multilevel.webp) | Start a multilevel list | -| ![Numbering](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/numbering.webp) | Start a numbered list | -| ![Bullets](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/bullets.webp) | Start a bulleted list | -| ![Table](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/table.webp) | Insert a table | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/access/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/access/overview.md deleted file mode 100644 index fef3e636c0..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/access/overview.md +++ /dev/null @@ -1,24 +0,0 @@ -# Access - -Configure what applications, users, and groups have access to Enterprise Auditor using the Access -node - -![Access Window](/img/versioned_docs/directorymanager_11.0/directorymanager/admincenter/datasource/excel_-_one_drive.webp) - -The first type of access that can be granted is Role Based Access for a user or group accessing the -Enterprise Auditor Console. The second type of access grants access to an application accessing data -remotely through the Web Service using the REST API. See these sections for additional information: - -- [Role Based Access](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -- [Web Service REST API for Applications Accessing Data Remotely](/docs/accessanalyzer/11.6/administration/access-control/rest-api.md) - -The Enterprise Auditor vault provides enhanced security through enhanced encryption to various -credentials stored by the Enterprise Auditor application. See the -[Application](/docs/accessanalyzer/11.6/administration/settings/application.md) -topic for additional information. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Roles view. These buttons -are enabled when modifications are made to the Roles global setting. - -Whenever changes are made at the global level, click **Save** and then **OK** to confirm the -changes. Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md deleted file mode 100644 index 57b6646ca8..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md +++ /dev/null @@ -1,94 +0,0 @@ -# History - -The History node is where the history retention of job data and job logs are configured. The setting -specified here at the global level applies to all jobs in the Jobs tree unless specifically changed -at the job group or job level. See the -[History Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) -and -[History Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topics for additional information. - -![History Global Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/history.webp) - -The Data Retention Period settings are for configuring the job data history retention within the -database. There are three options: - -- Never retain previous job data -- Retain previous job data for [number] [time period] -- Always retain previous job data - -Set the Data Retention Period at the global level to **Never retain previous job data**. This allows -for more control over the quantity of data by applying history retention at the job group or job -level. All jobs run with this default setting only keep the most current record set. - -**CAUTION:** It is important to understand that some pre-configured jobs require history retention -while others do not support it. Changing the history retention settings at the global level can -cause issues with data analysis and reporting on jobs that don't support it. See the relevant job -group and job descriptions for additional information. - -The Diagnostics Retention Period settings determine how long this data is retained for all jobs that -do not have an explicit setting. Setting the retention period for a specific job overrides the -default setting. There are two settings: - -- Logs and Messages - - - Retain previous application logs, job logs, and messages for [number] [time period] – Controls - how long the messages for previous job executions are stored in the SA_Messages table for each - job. Older job execution messages are cleared. - - The default value is 7 Times. With this setting, the messages are stored for the previous - seven job executions. - -- Job Statistics - - - Retain job statistics in database for [number] [time period] – Controls how long job - statistics history is stored within the Enterprise Auditor database in the following two - tables: - - - SA_JobStatsTbl - - SA_JobTaskStatsTbl - - - This setting is only available at the global settings level. The default value is 100 days. - This directly affects each job’s **Status** node. See the - [Status Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. - -For both the **Logs and Messages** and **Job Statistics** options above: - -- Enter a number in the first textbox and select the desired time period from the drop-down menu in - the second box. Retention can be set to a specific number of **Days**, **Weeks**, **Months**, or - **Times** for both. -- All jobs run with this setting add the newly collected data set or job logs on top of the - previously collected record sets or logs. Any record sets or logs outside the specified historical - retention limit are dropped. - -The **Cancel** and **Save** buttons are in the lower-right corner of the History view. These buttons -become enabled when modifications are made to the History global settings. Whenever changes are made -at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, click -**Cancel** if no changes were intended. - -## Job Data History Retention & Database Size Concerns - -A major concern around job data history retention is the impact it can have on database size. The -following scenario explains a common concern. - -- The **Retain previous application logs, job logs, and message for** or **Retain job statistics in - database for** setting is set to an extended time period and the database size is unmanageable - - - To reduce data retention periods, navigate to the **Settings** > **History** node. Change the - time period to a smaller interval, for example 90 days. Click **Save** and rerun the jobs. - - All of the record sets outside the new retention limit are dropped, and the database size is - back down where it belongs - -## Job Logs - -The job logs are stored within the output folder of each job. They can be read in the Enterprise -Auditor Console within the job’s **Status** > **Messages** table. To access the logs within the -job’s directory, right-click on the job’s node in the Navigation pane and select **Explore Folder**. - -![Job Logs in the job's Output folder in File Explorer](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/historyjoblogs.webp) - -The most recent log is open. Older jobs are stored as zip files, according to the Log Retention -Period setting. Each log is named in the following format: - -- Open/Latest Log Name – `[Jobname]_Log.tsv` -- Older/Zipped Log Name – `[Jobname]_Log_[Date]_[Time].zip` diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostdiscovery.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostdiscovery.md deleted file mode 100644 index 716e2cb2e8..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostdiscovery.md +++ /dev/null @@ -1,63 +0,0 @@ -# Host Discovery - -The Host Discovery node is for configuring the settings which dictate how Enterprise Auditor handles -newly discovered hosts, what information is logged during the host discovery process, and how long -the logged information is stored. - -![Host Discovery page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostdiscovery.webp) - -In the Host Discovery Options section at the top is a checkbox for the **Perform the first inventory -right away for newly discovered hosts** option. This option is selected by default. - -- If selected, Enterprise Auditor retrieves information about a host as soon as it is discovered -- If deselected, the host inventory information can be obtained later according to the Host - Inventory node options - -The configurable options in the Discovery Log section are: - -- Retention period – Determines how long the Host Discovery query log is kept. This is set by - default to 14 days which is based on average Enterprise Auditor usage. -- Log level – Determines what information is stored in the Host Discover query log - -![Log level options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostdiscoveryloglevels.webp) - -The log levels are: - -- Debug – Records everything that happens during the host discovery process, most verbose level of - logging - - - Records all Info level information - - If files are referenced or updated during the process of running the query then the path to - the affected file is shown - - Helps [Netwrix Support](https://www.netwrix.com/support.html) to assist in diagnosing issues - which may be causing host inventories to fail - - Creates the largest file - -- Info – Records information on the steps which occur during the host discovery process, in addition - to warnings and errors - - - Records all Warning level information - - Records start actions of each query - - Records end actions of each query - -- Warning – Records all warnings which occur during the host discovery process - - - Records all Error level information - - When Enterprise Auditor encounters a host which only grants partial access - - When Enterprise Auditor encounters something which allows for only partial data gathering - - When Enterprise Auditor encounters something which causes it to produce a larger log file - -- Error – Records all errors which occur during the host discovery process - - **_RECOMMENDED:_** Set the Log Level to Error. The default setting is Info, but it is - recommended that the setting for daily use be set to Error. The other log levels are designed to - assist with troubleshooting host discovery and host inventory issues. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Host Discovery view. These -buttons become enabled when modifications are made to the Host Discovery global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -![Host Discovery Log under Host Discovery node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostdiscoverylog.webp) - -The Host Discovery Log is located under the **Host Discovery** node. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostinventory.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostinventory.md deleted file mode 100644 index ab4c83c1eb..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostinventory.md +++ /dev/null @@ -1,168 +0,0 @@ -# Host Inventory - -The Host Inventory node is for selecting what information to collect from the target host during the -host inventory process, for allocating console resources to the host inventory process, and for -setting what out-of-the box host lists are visible in the Host Management node. - -![Host Inventory Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostinventory.webp) - -In the Inventory Items section, there are four program property groups: - -- Operating System – Includes 7 Items -- Application – Includes 7 Items -- Network – Includes 6 Items -- Hardware – Includes 4 Items - -Each of these groups brings back the properties enumerated in the list below the group title. These -collected properties correspond to the columns in the Host Management tables. Deselecting a checkbox -prevents that information from being collected for target hosts. However, some solutions require -this information. - -**_RECOMMENDED:_** Leave the default setting of all the groups selected. Consult with -[Netwrix Support](https://www.netwrix.com/support.html) prior to turning off any of these property -groups. - -In the Performance Tuning section, there are five settings which allocate console resources to the -host inventory process: - -- Threads – Indicates the number of job threads that are employed during the host inventory process - - - The default setting is 20 Threads - - Maximum thread count is 100. Thread count will revert back to 100 if values over 100 are - entered. - - Restart Enterprise Auditor if thread count is changed for changes to take place - -- Thread timeout [in seconds] – Indicates the time a thread will spend in retrieving information - from a host - - - Default setting is 1200 seconds - - If thread cannot receive an active response from target host, the thread will move on to the - next host in the queue - -- Stop on Failed Ping – If the Stop on Failed Ping checkbox is selected, hosts that do not respond - to pings are not queried. Otherwise, hosts will be queried regardless. -- PING timeout [in seconds] – Indicates the time a thread will spend pinging a host - - - Default setting is 4 seconds - - If thread cannot connect with a host, the host will be designated as being offline and the - thread will move on to the next host in the queue - -- Only refresh inventory items older than [time selected] – Indicates the time that needs to pass - before the host inventory process is automatically refreshed - - - Default setting is 60 days - - The number textbox has a five-character limit - - The drop-down menu includes the time-units of: - - - Hours - - Days - - Weeks - - Months - - - This setting affects the Inventory page options on the Host Discovery Wizard. See the - [Host Discovery Wizard](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - topic for additional information. - -The Desired Host List Views section at the bottom contains all available host lists, both -out-of-the-box lists and custom-created lists. There are seven Default Hosts Lists which correspond -to the solutions that target them. During the host inventory process, hosts which meet the filter -criteria for these default lists are automatically populated into that host list. A checkmark in -front of the host list indicates that the list is visible in the **Host Management** > **All Hosts** -node. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Host Inventory view. These -buttons become enabled when modifications are made to the Host Inventory global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -## Default Host Lists - -The seven default lists are auto-populated during the host inventory process based on specific -filter criteria. These lists correspond to the pre-configured solution jobs which target them. - -### AD Host List - -The **AD** Host List can be expanded and contains five sub-groups utilized by the Active Directory -Solution and the Active Directory Inventory Solution: - -![AD Host List](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/ad.webp) - -The sub-groups are: - -- ALL DNS SERVERS -- ALL DOMAIN CONTROLLERS -- ALL GLOBAL CATALOG SERVERS -- ONE DOMAIN CONTROLLER PER DOMAIN -- ONE GLOBAL CATALOG SERVER PER DOMAIN - -### ALL WINDOWS HOSTS Host List - -The **ALL WINDOWS HOSTS** Host List is utilized primarily by the Windows Solution. - -![ALL WINDOWS HOSTS Host List](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/allwindowshosts.webp) - -There are no sub-groups for ALL WINDOWS HOSTS. - -### DG Host List - -The **DG** Host List can be expanded and contains three sub-groups utilized by the Data Access -Governance for File System Solution. - -![DG Host List](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/dg.webp) - -The sub-groups are: - -- ALL CELERA SERVERS -- ALL INTERNET INFORMATION SERVERS -- ALL NETAPP SERVERS - -### EXCHANGE Host List - -The **EXCHANGE** Host List can be expanded and contains six sub-groups utilized by the Exchange -Solution. Four of these sub-groups can also be expand. - -![EXCHANGE Host List](/img/versioned_docs/directorymanager_11.0/directorymanager/configureentraid/register/exchange.webp) - -The sub-groups are: - -- EXCHANGE GENERAL - - - ALL EXCHANGE SERVERS (ACTIVE HOSTS) - - ALL EXCHANGE SERVERS (ALL HOSTS) - - EXCHANGE CAS SERVERS - - EXCHANGE HUB SERVERS - - EXCHANGE MB SERVERS - -- EXCHANGE 2016 - -### SQL Servers Host List - -The **SQL SERVERS** Host List is utilized primarily by the SQL Solution. - -![SQL Servers Host List](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sqlservers.webp) - -There are no sub-groups for SQL SERVERS. - -### Windows Server Host List - -The **Windows Server** Host List can be expanded and contains three sub-groups utilized by the -Windows Solution. - -![Windows Server Host List](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/windowsserver.webp) - -The sub-groups are: - -- ALL WINDOWS SERVERS (ACTIVE HOSTS) -- ALL WINDOWS SERVERS (ALL HOSTS) -- ALL WINDOWS SERVERS (NO DCS) - -### Work Station Host List - -The **Work Station** Host List can be expanded and contains one sub-group utilized by the Windows -Solution. - -![Work Station Host List](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/workstation.webp) - -The single sub-group is: - -- ALL WINDOWS WORKSTATIONS diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/overview.md deleted file mode 100644 index d6f4377448..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/overview.md +++ /dev/null @@ -1,83 +0,0 @@ -# Global Settings - -The global settings have an overall impact on the running ofEnterprise Auditor jobs. Settings are -inherited through a parent-child structure from the Settings node through the Jobs tree to the -individual jobs unless inheritance is broken by direct assignment at either the job group or the -individual job level. - -![Configuration Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/globalsettings.webp) - -Some of these settings are configured during the initial launching of theEnterprise Auditor Console. -Others are configured as desired by the end-user. Expand the Settings node in the Navigation pane to -select a global setting to configure: - -- [Access](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/access/overview.md) - - Configure what applications users, and groups have access to Enterprise Auditor - - Configure Role Based Access control of Enterprise Auditor and the Web Console - - Configure REST API -- [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - - Configure the Enterprise Auditor application logging level - - Configure profile security - - Configure options to connecting to host targets - - Configure grid view parameters for data tables and views - - Configure database cleanup options - - Configure the Enterprise Auditor application’s exit options -- [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - - Optional configuration during the initial launch, but required for host inventory query - execution and job execution - - Provide credential sets with adequate permissions to remotely contact and gather information - from target hosts - - Creating a Connection Profile requires credentials with appropriate levels of permissions - according to the data collector being used -- [Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) - - Required for auditing an organization’s Exchange environment - - Only enabled for configuration once the Enterprise Auditor for Exchange Solution prerequisites - are installed - - Configure Microsoft Exchange server connections and requires Exchange server versions and - names - - The ExchangeMailbox, Exchange2K, ExchangePS, and ExchangePublicFolder Data Collectors utilize - these global settings -- [History](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md) - - Configure job data retention period settings - - Configure diagnostics retention period settings -- [Host Discovery](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostdiscovery.md) - - Configure host discovery settings - - Configure discovery log settings -- [Host Inventory](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostinventory.md) - - Configure inventory items, performance tuning, and desired host list views -- [Notification](/docs/accessanalyzer/11.6/administration/settings/notifications.md) - - Required for the Enterprise Auditor application to send email - - Provide SMTP server information and sender information - - Configuration requires an organization’s SMTP server name and authentication credentials (if - applicable) - - Encryption Options can be configured -- [Reporting](/docs/accessanalyzer/11.6/administration/settings/reporting.md) - - Required for report publishing - - Configure settings for publishing reports outside of the Enterprise Auditor Console (e.g. - distribution via email, posting to an internal share, or posting to the Report Index) - - Use information to configure accessing published reports via the Web Console -- [Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) - - Optional configuration during the initial launch if Windows authentication is used with the - Storage Profile - - Required in order to schedule host inventory, job, analysis task, and action task execution - - Provide credentials used against the Enterprise Auditor Console server to execute scheduled - jobs with the Windows Task Scheduler - - Creating a Schedule Service Account requires credentials on the Enterprise Auditor Console - server - - Multiple Schedule Service Accounts can be configured -- [Sensitive Data](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - - Flag locations which are known to contain false positive criteria matches to be filtered out - of Sensitive Data Discovery reports -- [ServiceNow](/docs/accessanalyzer/11.6/administration/settings/service-now.md) - - Required for integration between Enterprise Auditor and ServiceNow® - - Configure the ServiceNow Action Module authentication credentials - - Configuration requires an organization’s ServiceNow instance name and authentication - credentials -- [Storage](/docs/accessanalyzer/11.6/administration/settings/storage.md) - - Required configuration during the initial launch - - Create profiles for storing output data from queries - - Creating a Storage Profiles requires Microsoft® SQL® Server information - -See the -[Getting Started](/docs/accessanalyzer/11.6/getting-started/quick-start.md) topic -for additional information. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/install/application/otherlanguages.md b/docs/accessanalyzer/11.6/accessanalyzer/install/application/otherlanguages.md deleted file mode 100644 index 4519d799a9..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/install/application/otherlanguages.md +++ /dev/null @@ -1,142 +0,0 @@ -# Non-English Language Environments - -There are specific SQL Server requirements when installing Enterprise Auditor in a non-English -Language environment, specifically when the environment uses a non-Latin alphabet. - -## Requirements - -The following collation requirements need to be met prior to the Enterprise Auditor installation. - -### Database & Server Collation Settings - -The collation settings at the database level must match what is set at the server level. - -Symptoms - -Common errors that occur are: - -- Implicit conversion of VARCHAR value to VARCHAR cannot be performed because the collation of the - value is unresolved due to a collation conflict. - - Could not find stored procedure `#SA_ImportObject` - - Cannot drop the procedure `#SA_ImportObject`, because it does not exist or lack of permission -- Cannot resolve the collation conflict between **SQL_Latin1_General_CP1_CI_AS** and - **French_CI_AS** in the equal to operation. - -Cause - -These errors occur because the Enterprise Auditor solutions use many temporary functions and -procedures which in turn use the collation at the server level. Temporary tables created within a -stored procedure use the TEMPDB database’s collation instead of the current user database’s -collation. Therefore, there will be issues in analysis due to the mismatch. - -Resolution - -The following is a work-around which we use to avoid collation errors. However, when making changes -at the SQL Server level, use caution as it actually rebuilds all user/system database objects. If -there are schema bound objects (i.e. Constraints), the whole operation will fail. Make sure to have -all of the information or scripts needed to recreate the Enterprise Auditor user’s databases and all -of the objects in them. Customers should use a localized version of the SQL Server, and this should -not be done in production environments. - -#### Change Collation at the Database Level - -Follow the steps to change the collation at the database level. - -**Step 1 –** Access the Database Properties in SQL Server Management Studio. - -![SQL Server Management Studio Database Properties window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/databasepropertiescollation.webp) - -**Step 2 –** Select **Options** and set the collation. - -Now that the collations match, proceed with Enterprise Auditor installation. - -#### Change Collation at the SQL Server Level - -Follow the steps to change the collation at the SQL Server level. - -![SQL Server Configuration Manager](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/sqlserverconfigurationmanager.webp) - -**Step 1 –** Stop the SQL Server service from the Configuration Manager. - -**Step 2 –** Open CMD console as Administrator, and go to the following path (or the path where the -binary files are): - -``` -…\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn   -``` - -**Step 3 –** Execute the following command (or whichever collation is needed): - -``` -sqlservr.exe  -m -T4022 -T3659 -q "French _CS_AS" -``` - -See the Microsoft -[Collation and Unicode support](https://learn.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support) -article for collation matches. - -**Step 4 –** Wait until it finishes and start the SQL Server service again. - -Now that the collations match, proceed with Enterprise Auditor installation. - -### Case Sensitive Collation - -Enterprise Auditor does not support case sensitive collation settings. Case insensitive collations -are notated by having **CI** in the collation, for example **Latin1_General_CI_AS**. - -Cause - -For example, `SYS.INDEXES` will be unable to be found if there was an English install of SQL Server -but a Turkish collation which is case sensitive. So `'SYS.INDEXES != 'sys.indexes' `in the -environment. - -Resolution - -All collation settings must be case insensitive. - -## Troubleshooting - -The following are possible problems for future consideration. - -During comparison or joining of columns, collation conflict error occurs in two cases if collation -of one column does not match with collation of another column: - -This can be generated by the following script: - -``` -CREATE TABLE TestTab -(PrimaryKey int PRIMARY KEY, -CharCol char(10) COLLATE French_CI_AS, -CharCol2 char(10) COLLATE greek_ci_as -) -INSERT INTO TestTab VALUES (1, 'abc', 'abc')  -SELECT * FROM TestTab WHERE CharCol = CharCol2 -``` - -- Error Returned – Cannot resolve the collation conflict between **Greek_CI_AS** and - **French_CI_AS** in the equal to operation. -- Resolution – If the select statement is changed as below, then it would run successfully. - - ``` - SELECT * FROM TestTab WHERE CharCol = CharCol2 COLLATE Albanian_CI_AI - ``` - -**NOTE:** Explicit collation (Albanian_CI_AI) is not one of any column, but after that it will -complete successfully. The collation of two columns have not been matched, instead the third rule of -collation precedence was implemented. See the Microsoft -[Collation Precedence](https://learn.microsoft.com/en-us/sql/t-sql/statements/collation-precedence-transact-sql) -article for additional information. - -### Resources - -The following articles may be of assistance: - -- Microsoft - [Collation and Unicode support](https://learn.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support) - article -- Microsoft - [Collation Precedence](https://learn.microsoft.com/en-us/sql/t-sql/statements/collation-precedence-transact-sql) - article -- Microsoft - [Set or change the server collation](https://learn.microsoft.com/en-us/sql/relational-databases/collations/set-or-change-the-server-collation) - article diff --git a/docs/accessanalyzer/11.6/accessanalyzer/install/filesystemproxy/silentinstall.md b/docs/accessanalyzer/11.6/accessanalyzer/install/filesystemproxy/silentinstall.md deleted file mode 100644 index 9a342169f2..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/install/filesystemproxy/silentinstall.md +++ /dev/null @@ -1,76 +0,0 @@ -# Silent Installer Option for Proxy - -It is possible to use one of the following methods to complete a silent installation of the File -System Proxy Service. - -**CAUTION:** For all Active Directory versions, aside from Windows 2012 R2, the silent installer -does not prompt an error message if a duplicate SPN value exists in the targeted domain for -[Option 1: Run as LocalSystem](#option-1-run-as-localsystem). Having duplicate SPN’s in the targeted -Active Directory environment prohibits connection to the proxy service, resulting in a failed scan. - -If a desired SPN already exists in a Windows 2012 R2 domain, the silent installer displays the -following message: - -> _There is a problem with this Windows Installer package. A script required for this install to -> complete could not be run. Contact your support personnel or package vendor_. - -To resolve the problem, remove the duplicate SPN value and rerun the installer to complete -installation. For any additional issues, verbose logging is included in the silent installer and -creates an `install.txt` file on the desktop. - -## Option 1: Run as LocalSystem - -Follow the steps to install the File System Proxy Service on the targeted proxy servers with a -silent installer. - -**Step 1 –** Copy the `FileSystemProxy.msi` executable to the desktop of the server designated as -the proxy server. - -**Step 2 –** Run the following command: - -``` -msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=SYSTEM -``` - -- To add a non-default install directory, append `PRODUCTDIR="[path]"` to the command. - - - `path` – The path to the desired installation directory and must include - `...\STEALTHbits\StealthAUDIT\FSAA\...` - - For example: - - ``` - msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=SYSTEM PRODUCTDIR="E:\STEALTHbits\StealthAUDIT\FSAA" - ``` - -The SPN value is automatically added to the computer object in Active Directory with this option. - -## Option 2: Run as a Service Account - -Follow the steps to install the File System Proxy Service on the targeted proxy servers with a -silent installer. - -**Step 1 –** Copy the `FileSystemProxy.exe` executable to the desktop of the server designated as -the proxy server. - -**Step 2 –** Run the following command: - -``` -msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=DOMAIN SVC_USERNAME=DOMAIN\USERNAME SVC_PASSWORD="secret" -``` - -- `DOMAIN\USERNAME` – The service account credentials, which need to be a member the Local - Administrators group and have the**Log on as a service** local policy  (**Local Policies** > - **User Rights Assignment**) -- `secret` – The password for the credentials provided above (within quotes) - -- To add a non-default install directory, append `PRODUCTDIR="[path]"` to the command. - - - `path` – The path to the desired installation directory and must include - `...\STEALTHbits\StealthAUDIT\FSAA\...` - - For example: - - ``` - msiexec /i FileSystemProxy.msi/qb /l*v install.log SVC_ACCOUNT_TYPE=DOMAIN SVC_USERNAME=DOMAIN\USERNAME SVC_PASSWORD="secret" PRODUCTDIR="E:\STEALTHbits\StealthAUDIT\FSAA" - ``` diff --git a/docs/accessanalyzer/11.6/accessanalyzer/install/filesystemproxy/uninstall.md b/docs/accessanalyzer/11.6/accessanalyzer/install/filesystemproxy/uninstall.md deleted file mode 100644 index 009b46a406..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/install/filesystemproxy/uninstall.md +++ /dev/null @@ -1,18 +0,0 @@ -# Uninstall Proxy Service Process - -The process to properly uninstall the File System Proxy Service is completed through the -uninstalling of the Enterprise Auditor File System Scanning Proxy program. - -**Step 1 –** Open Control Panel and select **Programs** > **Uninstall a program**. - -![Programs and Features](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/uninstall.webp) - -**Step 2 –** Select Netwrix Enterprise Auditor File System Scanning Proxy and click **Uninstall**. - -**NOTE:** If the installation was configured to use the LocalSystem account to run the RPC service -the two SPN values are removed for that machine in Active Directory. If the service is running with -a supplied account, the SPN values would need to be manually removed for that machine in Active -Directory (unless the uninstall was completed as part of the -[Upgrade Proxy Service Procedure](/docs/accessanalyzer/11.6/installation/filesystem-proxy/upgrade.md)). - -When the uninstall process is complete, this program is removed from the list. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md deleted file mode 100644 index 65b59f7dbe..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md +++ /dev/null @@ -1,44 +0,0 @@ -# Sensitive Data Discovery Add-On - -The Sensitive Data Discovery Add-On allows Enterprise Auditor to scan file content for matches to -the sensitive data criteria. There are several pre-defined criteria, but you can also customize -existing criteria or create new criteria. - -The Sensitive Data Discovery Add-on can be used with any of the following Enterprise Auditor -solutions: - -- AWS Solution -- Dropbox Solution -- Database Solutions - - - Azure SQL Solution - - Db2 Solution - - MongoDB Solution - - MySQL Solution - - Oracle Solution - - PostgreSQL Solution - - Redshift Solution - - SQL Solution - -- Exchange Solution – Only with specific data collectors: - - - EWSMailbox Data Collector - - EWSPublicFolder Data Collector - - ExchangeMailbox Data Collector - -- File System Solution -- SharePoint Solution - -**NOTE:** Changes made in the Sensitive Data Criteria Editor are global for Sensitive Data Discovery -in Enterprise Auditor. In other words, any changes to criteria affects all solutions using the -Sensitive Data Discovery Add-on. - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for installation information and prerequisites. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md deleted file mode 100644 index 175f935f70..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md +++ /dev/null @@ -1,28 +0,0 @@ -# 0-AzureSQL_InstanceDiscovery Job - -The Azure SQL Instance Discovery job is responsible for enumerating a list of Azure SQL Server -Instances from target endpoints and populating the necessary instance connection information which -will be used throughout the solution set. - -## Queries for the 0-AzureSQL_InstanceDiscovery Job - -The 0-AzureSQL_InstanceDiscovery job uses the SQL Data Collector for the following query: - -![Query Selection - Instance Discovery](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/instancediscquery.webp) - -- Azure SQL Instance Discovery — Collects the list of Azure SQL Server Instances from target - endpoints and populates the necessary instance connection information - -## Analysis Tasks for the 0-AzureSQL_InstanceDiscovery Job - -Navigate to the **Databases** > **0.Collection** > **AzureSQL** > **0-AzureSQL_InstanceDiscovery** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/instancediscanalysis.webp) - -The default analysis tasks is: - -- SQL Instances — Brings SA_SQL_Instances table to view diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md deleted file mode 100644 index 17d2100943..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md +++ /dev/null @@ -1,28 +0,0 @@ -# 2-AzureSQL_SensitiveDataScan Job - -The 2-AzureSQL_SensitiveDataScan Job is designed to discover sensitive data in the Azure SQL -instances and databases based on pre-defined or user-defined search criteria. - -## Queries for the 2–AzureSQL_SensitiveDataScan Job - -The 2–AzureSQL_SensitiveDataScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascanjob.webp) - -- Sensitive Data Scan — Collects sensitive data from targeted instances - -### Analysis Task for 2-AzureSQL_SensitiveDataScan Job - -Navigate to the **Databases** > **0.Collection** > **AzureSQL** > **2–AzureSQL_SensitiveDataScan** > -**Configure** node and select Analysis to view the analysis task. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp) - -The default analysis tasks are: - -- Azure SQL SSD Matches View — Brings the Azure SQL SSD Matches View to the SA console -- Azure SQL SSD Match Hits View — Brings the Azure SQL SSD Match Hits View to the SA Console -- AIC Impot SSD — Imports Azure SQL SSD to the AIC diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/3-azuresql_activityscan.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/3-azuresql_activityscan.md deleted file mode 100644 index 2289e05145..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/3-azuresql_activityscan.md +++ /dev/null @@ -1,26 +0,0 @@ -# 3-AzureSQL_ActivityScan Job - -The 3–AzureSQL_ActivityScan job captures user activity from all targeted Azure SQL instances and -databases. - -## Queries for the 3–AzureSQL_ActivityScan Job - -The 3–AzureSQL_ActivityScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/activityscanjob.webp) - -- Activity — Collects activity events for Azure SQL - -## Analysis Task for the 3–AzureSQL_ActivityScan Job - -Navigate to the **Databases** > **0.Collection** > **Azure SQL** > -**3–AzureSQL_ActivityScan** > **Configure** node and select **Analysis** to view the analysis task. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![3-AzureSQL_ActivityScan Job - Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/activityscanjobanalysis.webp) - -The default analysis task is: - -- AIC Import – Activity — Imports Azure SQL Activity to the AIC diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/4-azuresql_serversettings.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/4-azuresql_serversettings.md deleted file mode 100644 index 3a2d317204..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/4-azuresql_serversettings.md +++ /dev/null @@ -1,33 +0,0 @@ -# 4-AzureSQL_ServerSettings Job - -The 4–AzureSQL_ServerSettings Job is designed to collect Azure SQL instance and database -configuration settings so they can be evaluated against recommended best practices. - -## Queries for the 4–AzureSQL_ServerSettings Job - -The 4–AzureSQL_ServerSettings Job uses the SQL Data Collector for the following query: - -![0.Collection_4–AzureSQL_ServerSettings Job - Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/serversettings.webp) - -- Database Sizing— Returns details on database sizing -- Server Details — Collects Azure SQL Server properties -- Configuration Details— Collects database configuration properties -- Table Row Counts— Returns Azure SQL table row counts for additional data points in the sensitive - data reports -- Standalone Database Sizing— Returns the size of Azure standalone databases - -## Analysis Tasks for the 4–AzureSQL_ServerSettings Job - -Navigate to the **Databases** > **0.Collection** > **Azure SQL** > -**4–AzureSQL_ServerSettings** > **Configure** node and select **Analysis** to view the analysis -task. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/serversettingsanalysis.webp) - -The default analysis tasks are: - -- Update Database Sizing — Updates the database sizing table with the data from the standalone - database sizing table diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/azuresql_permissionscan.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/azuresql_permissionscan.md deleted file mode 100644 index 60ecae6bea..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/azuresql_permissionscan.md +++ /dev/null @@ -1,5 +0,0 @@ -# AzureSQL_PermissionsScan Job - -This job uses the -[SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -to scan Azure SQL database permissions. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/overview.md deleted file mode 100644 index 3eede27c65..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/overview.md +++ /dev/null @@ -1,35 +0,0 @@ -# 0.Collection > Azure SQL Job Group - -The 0.Collection Job Group, located at **Databases** > **0.Collection** > **AzureSQL** collects -high–level summary information from targeted Azure SQL Instances. This information is used by other -jobs in the Azure SQL solution further analysis and for producing respective reports. - -![0.Collection Job Group - Azure SQL](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/collectionjobmenu.webp) - -The jobs in 0.Collection Jobs Group are: - -- 0-AzureSQL_InstanceDiscovery Job — Enumerates a list of Azure SQL Server Instances from target - endpoints and populates the necessary instance connection information which is used throughout the - solution set -- [1-AzureSQL_PermissionScan Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/azuresql_permissionscan-1.md) - — Collects Azure SQL database level permissions from all targeted Azure SQL database servers -- [2-AzureSQL_SensitiveDataScan Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md) - — Discovers sensitive data in Azure SQL databases across all targeted Azure SQL database servers - based on pre-defined or user-defined search criteria -- [3-AzureSQL_ActivityScan Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/3-azuresql_activityscan.md) - — Captures user activity from all targeted Azure SQL instances and databases -- [4-AzureSQL_ServerSettings Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/4-azuresql_serversettings.md) - — Collects Azure SQL instances and database configuration settings to evaluate them against - recommended best practices - -Workflow - -1. Prerequisite: - 1. Successful execution of the .Active Directory Inventory Job Group - 2. For the 1-AzureSQL_PermissionScan Job, configure SQL Server Audit and SQL Server Audit - Specifications on target SQL Server Databases. -2. (Optional) Configure the queries for the jobs in the 0.Collection Job Group -3. Schedule the 0.Collection Job Group to run daily or as desired - - **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the - Azure SQL solution diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/overview.md deleted file mode 100644 index 8733eb7b95..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/overview.md +++ /dev/null @@ -1,54 +0,0 @@ -# Databases Solutions - -Enterprise Auditor Databases Solution Set is a comprehensive set of pre-configured audit jobs and -reports that provide visibility into various aspects of supported databases: - -- [Db2 Solution](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) - – Db2 Solution is a comprehensive set of pre-configured audit jobs and reports that provide - visibility into various aspects of Db2, such as Data Collection, Configuration, user Permissions, - and Sensitive Data. -- [MongoDB Solution](/docs/accessanalyzer/11.6/solutions/databases/mongodb-analysis.md) - – Enterprise Auditorfor MongoDB automates the process of understanding where MongoDB databases - exist and provides an overview of the MongoDB environment in order to answer questions around data - access. -- [MySQL Solution](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md) - – Enterprise Auditor for MySQL automates the process of understanding where MySQL databases exist - and provides an overview of the MySQL environment in order to answer questions around data access. -- [Oracle Solution](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – Enterprise Auditor for Oracle automates the process of understanding where Oracle databases - exist and provides an overview of the Oracle environment in order to answer questions around data - access. -- [PostgreSQL Solution](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md) - – Enterprise Auditor for PostgreSQL automates the process of understanding where - PostgreSQL databases exist and provides an overview of the PostgreSQL environment in order to - answer questions around data access. -- [Redshift Solution](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - – Redshift Solution Set is a comprehensive set of pre-configured audit jobs and reports that - provide visibility into various aspects of Redshift: Data Collection, Configuration, and Sensitive - Data. -- [SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – SQL Job Group is a comprehensive set of pre-configured audit jobs and reports that provide - information on users and roles, activity, permissions, configuration, sensitive data, and overall - security assessment for both the SQL 0.Collection Job Group and Azure SQL 0.Collection Job Group. - -The Database Solution license includes all supported database platforms supported by Enterprise -Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database -content for sensitive data. - -The following table identifies the type of audit functionality for each supported database platform: - -| Database Platforms | Instance Discovery | Permission Audit | Activity Audit | Sensitive Data Discovery | Configuration Audit | -| ------------------ | ------------------ | --------------------- | --------------- | ------------------------ | ----------------------- | -| SQL Server | Fully Supported | Fully Supported | Fully Supported | Fully Supported | Fully Supported | -| Oracle | Fully Supported | Fully Supported | Fully Supported | Fully Supported | Fully Supported | -| DB2 | | Fully Supported | | Fully Supported | \*\*Partially Supported | -| MongoDB | | | | Fully Supported | \*\*Partially Supported | -| MySQL | | \*Partially Supported | | Fully Supported | \*\*Partially Supported | -| PostgreSQL | | \*Partially Supported | | Fully Supported | \*\*Partially Supported | -| Redshift | | \*Partially Supported | | Fully Supported | \*\*Partially Supported | - -In the above table: - -- \*Partially Supported, "Permission Audit" means the permissions as solely collected at the table - level. -- \*\*Partially Supported, "Permission Audit" means only the database size information is collected. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/ex_dbinfo.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/ex_dbinfo.md deleted file mode 100644 index e3783f88fd..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/ex_dbinfo.md +++ /dev/null @@ -1,28 +0,0 @@ -# 1.Local > EX_DBInfo Job - -The EX_DBInfo job utilizes Exchange PowerShell to gather 2010/2013 Mailbox Size information. - -![1.Local > EX_DBInfo Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/localjobstree.webp) - -The EX_DBInfo job is located in the 1.Local job group. - -**NOTE:** An actual CAS name is required for the data collection. When targeting Exchange 2013 or -2016, it is possible for the **Settings** > **Exchange** node to have been configured with a web -address instead of an actual server. See the -[ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/11.6/solutions/exchange/recommended-reports.md) -topic for additional information. - -## Queries for the EX_DBInfo Job - -The EX_DBInfo Job uses the ExchangePS Data Collector. - -![Queries for the EX_DBInfo Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/dbinfoquery.webp) - -The following query is included in the EX_DBInfo Job: - -- Exchange 2010 Store Size – Collects mailbox size information - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#scope-the-exchangeps-data-collector) - topic for additional information diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/ex_pfinfo.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/ex_pfinfo.md deleted file mode 100644 index 12918b1607..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/ex_pfinfo.md +++ /dev/null @@ -1,20 +0,0 @@ -# 2.PF > EX_PFInfo Job - -The EX_PFInfo job utilizes MAPI to gather Public Folder Database Information focusing on database -sizing, growth, and trends. - -![2.PF > EX_PFInfo Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/pfjobstree.webp) - -The EX_PFInfo job is located in the 2.PF job group. - -## Queries for the EX_PFInfo Job - -The EX_PFInfo Job uses the Exchange2K Data Collector for the query. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Queries for the EX_PFInfo Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/pfinfoquery.webp) - -The following query is included in the EX_PFInfo Job: - -- Exchange Public Store Information – Collects Exchange Public Store information diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/overview.md deleted file mode 100644 index 2dd85648c0..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/overview.md +++ /dev/null @@ -1,14 +0,0 @@ -# 0.Collection Job Group - -The 0.Collection Job Group is comprised of data collection, analysis, and reports that focus on -database sizing, growth, and trends. - -![0.Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The jobs in the 0.Collection Job Group are: - -- [1.Local > EX_DBInfo Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/ex_dbinfo.md) - – Utilizes Exchange PowerShell to gather 2010/2013 Mailbox Size Information -- [2.PF > EX_PFInfo Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/ex_pfinfo.md) - – Utilizes MAPI to gather Public Folder Database Information focusing on database sizing, growth, - and trends diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/ex_dbsizing.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/ex_dbsizing.md deleted file mode 100644 index 584a33a8be..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/ex_dbsizing.md +++ /dev/null @@ -1,54 +0,0 @@ -# EX_DBSizing Job - -The EX_DBSizing Job provides visibility into current database sizes, growth statistics, and -historical sizing information. - -## Analysis Tasks for the EX_DBSizing Job - -View the analysis tasks by navigating to the **Exchange** > **3. Databases** > **EX_DBSizing** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_DBSizing Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/dbsizinganalysis.webp) - -The following analysis tasks are selected by default: - -- 2. Database Size History – Creates the SA_EX_DBSizing_SizeHist table, accessible under the job’s - Results node -- SET HISTORY RETENTION – Sets retention period in months - - - The default is 6 months. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#exchange-history-retention) - topic for additional information - -- 3. Database details table – Creates the SA_EX_DBSizing_StoreDetails table, accessible under the - job’s Results node -- 4. 30 day Database growth table – Creates the SA_EX_DBSizing_30DayGrowth table, accessible under - the job’s Results node -- 5. 7 day Database growth table – Creates the SA_EX_DBSizing_7DayGrowth table, accessible under - the job’s Results node - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 1. Deletes all Stored Data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_DBSizing Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Details (Storage Group Details) | This report provides the details of Mailbox Stores grouped by Server, then Storage Group. This report helps administrators locate Storage Groups that may be growing out of control. If a storage group with very few users is extremely large, further investigation may be required. | None | This report is comprised of two elements: - Bar Chart – Displays database sizes - Table – Provides details on database sizes | -| Database Growth Statistics | This report displays the top 10 Databases that grew over the last 30 days in pure MB. This report is filtered on the Rank Column for Top 10 and may be modified to fit any desired Top outcome. | None | This report is comprised of four elements: - Stacked Bar Chart – Displays store size growth - Stacked Bar Chart – Displays WhiteSpace growth - Table – Provides details on store size growth - Table – Provides details on WhiteSpace growth | -| Historical Database Information | This report shows the history of the store size, white space, mailbox count, and hard drive space on all targeted servers. | None | This report is comprised of one element: - Table – Displays details on historical store information | -| Mailbox Counts by Database | This report graphically displays the number of Mailboxes by Database.  It provides an overall picture of the Exchange Mailbox Environment. Having a clear break down of the number of mailboxes per database allows for better planning of architecture in the future. | None | This report is comprised of two elements: - Bar Chart – Displays mailbox counts by database - Table – Provides details on mailbox counts by database | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/ex_dbtrending.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/ex_dbtrending.md deleted file mode 100644 index 4332fb31db..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/ex_dbtrending.md +++ /dev/null @@ -1,33 +0,0 @@ -# EX_DBTrending - -The EX_DBTrending Job creates trend projections for mailbox and public folder databases for the -entire organization. - -## Analysis Tasks for the EX_DBTrending Job - -View the analysis tasks by navigating to the **Exchange** > **3. Databases** > **EX_DBTrending** > -**Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_DBTrending Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/dbtrendinganalysis.webp) - -The following analysis tasks are selected by default: - -- 0. Drop tables – Drops tables from previous runs -- 1. Store size history – Creates the SA_EX_DBTrending_History table, accessible under the job’s - Results node -- 2. Trend Mailbox Database – Creates the SA_EX_DBTrending_MBTREND table, accessible under the - job’s Results node -- 3. Trend Public Store – Creates the SA_EX_DBTrending_PFTREND table, accessible under the job’s - Results node -- 4. Modify Runtime to be Date – Modifies the runtime for the SA_EX_DBTrending_MBTREND table and - the SA_EX_DBTrending_PFTREND table, to be set to a month/day/year (mdy) date format - -In addition to the tables and views created by the analysis tasks, the EX_DBTrending Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------- | -| Capacity Planning - Databases | This report displays the growth rate trend of your private stores and the growth rate trend of your public stores.  The trend is projected for two months. These reports help identify bad trends in growth on Exchange servers for hard drive space usage is key in avoiding running out of space. | None | This report is comprised of two elements: - Line Chart – Displays private store trend - Line Chart – Displays public store trend | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/overview.md deleted file mode 100644 index dacdf44639..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/overview.md +++ /dev/null @@ -1,26 +0,0 @@ -# 3.Databases Job Group - -The 3. Databases Job Group is comprised of data collection, analyses, and reports that focus on -database sizing, growth, and trends. - -![3.Databases Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following comprise the 3. Databases Job Group: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/collection/overview.md) - – Comprised of data collection, analysis, and reports that focus on database sizing, growth, and - trends -- [EX_DBSizing Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/ex_dbsizing.md) - – Comprised of analyses and reports which provide information on current database sizes, growth - statistics, and historical sizing information -- [EX_DBTrending](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/ex_dbtrending.md) - – Creates trend projections for mailbox and public folder databases for the entire organization - -The 3. Databases Job Group uses a MAPI-based data collector, Exchange2K. Therefore, it requires both -Enterprise Auditor MAPI CDO and Microsoft Exchange MAPI CDO to be installed on the Enterprise -Auditor Console server. Once these have been installed, the **Settings** > **Exchange** node must be -configured for proper connection to the Exchange server. - -See the -[Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/ex_useroverview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/ex_useroverview.md deleted file mode 100644 index 0f2f55e73d..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/ex_useroverview.md +++ /dev/null @@ -1,71 +0,0 @@ -# EX_UserOverview Job - -The EX_UserOverview job provides correlation from multiple data collection points to show -information for each user about their mailbox size, mailbox access rights, mail flow metrics and -remote connectivity to the Exchange environment. These reports provide user impact analysis on the -environment. - -![EX_UserOverview Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailflowuseroverviewjobstree.webp) - -Dependencies - -The following job groups need to be successfully run prior to this job: - -- **.Active Directory Inventory** Job Group -- **.Entra ID Inventory** Job Group -- **Exchange** > **1. HUB Metrics** Job Group -- **Exchange** > **2. CAS Metrics** Job Group -- **Exchange** > **4. Mailboxes** > **Permissions** Job Group -- **Exchange** > **4.Mailboxes** > **Sizing** Job Group -- **Exchange** > **5. Public Folders** Job Group - -Schedule Frequency - -It is recommended to run this job daily after running its dependencies, but it can be scheduled to -run as desired. - -## Analysis Tasks for the EX_Mailflow_UserOverview Job - -View the analysis task by navigating to the **Exchange** > **EX_UserOverview** > **Configure** node -and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailflow_UserOverview Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailflowuseroverviewanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. User Overview – Creates the SA_EX_UserOverview_Permissions table, accessible under the job’s - Results node -- 2. Add delegate Information to Overview – Adds Delegates to the SA_EX_UserOverview_Permissions - table -- 3. Mailbox Access – Adds Mailbox Rights to the SA_EX_UserOverview_Permissions table -- 4. Send As – Adds Send As Rights to the SA_EX_UserOverview_Permissions table -- 5. Public Folders – Adds Public Folder Permissions to the SA_EX_UserOverview_Permissions table -- 6. DL Membership – Adds DL Membership to the SA_EX_UserOverview_Permissions table -- 7. Mailbox Size – Adds Mailbox Size to the SA_EX_UserOverview_Permissions table -- 8. Permission Listing – Creates a listing of each user and their access rights in the - environment -- 9. Rank by Total Permissions – Adds Ranks to the SA_EX_UserOverview_Permissions table -- 10. Summarize User Message Traffic – Creates the SA_EX_UserOverview_MessageTraffic table, - accessible under the job’s Results node -- 11. Active Sync Devices – Updates table with User ActiveSync Devices -- 12. Message Traffic Date Ranges – Creates the SA_EX_MessageTraffic_DateRange table, accessible - under the job’s Results node -- 13. Summarize User Message Volume – Creates the SA_EX_UserOverview_DataVolume table, accessible - under the job’s Results node -- 14. RPC Volume – Updates SA_EX_UserOverview_Datavolume table with RPC volume -- 15. OWA Volume – Updates SA_EX_UserOverview_Datavolume table with OWA volume -- 16. ActiveSync Volume – Updates SA_EX_UserOverview_Datavolume table with ActiveSync volume -- 17. Data Volume Date Ranges – Creates the SA_EX_TrafficOverview_DateRange table, accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the EX_UserOverview job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Top Users by Message Traffic | This report shows the top users of Exchange based on the past 30 days of message count. | None | This report is comprised of two elements: - Bar Chart– Displays top users by 30 day message traffic - Table – Provides details on top users by 30 day message traffic | -| Top Users by Message Volume | This report shows the top users of Exchange based on the past 30 days of message volume. All statistics are in megabytes | None | This report is comprised of two elements: - Bar Chart – Displays top users by message volume - Table – Provides details on top users by message volume | -| Top Users by Permissions (Exchange User Access) | This report identifies users with a broad range of access across the exchange environment. | None | This report is comprised of three elements: - Bar Chart – Displays top users by permission count - Table – Provides details on top users by permission count - Table – Provides details on permission listing by user | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow.md deleted file mode 100644 index 641913b3ac..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow.md +++ /dev/null @@ -1,112 +0,0 @@ -# 0. Collection > EX_Mailflow Job - -The EX_Mailflow job collects message trace data from Office 365. - -![0. Collection > EX_Mailflow Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The EX_Mailflow job is located in the **Mailflow** > **0. Collection** job group. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The EX_Mailflow job has the following configurable parameter: - -- Number of months to keep - -See the [Analysis Tasks for the EX_Mailflow Job](#analysis-tasks-for-the-ex_mailflow-job) topic for -additional information. - -## Queries for the EX_Mailflow Job - -The EX_Mailflow job uses the ExchangePS Data Collector. - -![Queries for the EX_Mailflow Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowqueries.webp) - -The following queries are included in the EX_Mailflow job: - -- MailFlow – Collects Message Tracking data - - - The default is the **Last 7 Days**. It can be modified to a shorter date range - - See the - [Configure the ExchangePS Data Collector for Mail Flow Metrics](#configure-the-exchangeps-data-collector-for-mail-flow-metrics) - topic for additional information - -- LocalDomains – Collects domains local to the Office 365 environment - - **CAUTION:** Do not modify this query. The query is preconfigured for this job. - - - See the - [ExchangePS Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - topic for additional information - -### Configure the ExchangePS Data Collector for Mail Flow Metrics - -The ExchangePS Data Collector configured with the Mail Flow Metrics category can be scoped to -specific report dates. By default, the MailFlow Query is set to report on the Last 7 Days. - -Follow the steps to modify the query configuration: - -**Step 1 –** Navigate to the **Exchange** > **8. Exchange Online** > **0. Collection** > -**EX_Mailflow** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query -Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The ExchangePS Data Collector -Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. - -![ExchangePS Data Collector Wizard Mail Flow page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp) - -**Step 4 –** To modify the report dates, navigate to the Mail Flow page. Set the report data range -as desired. See the -[ExchangePS Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -_Remember,_ the date range must be 7 days or less. - -**Step 5 –** Navigate to the Summary page. Click **Finish**. - -The job applies the modification to future job executions. - -## Analysis Tasks for the EX_Mailflow Job - -View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > **0. -Collection** > **EX_Mailflow** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailflow Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowanalysis.webp) - -The following analysis tasks are selected by default: - -- 01.EX_Mailflow_History – Creates the SA_EX_Mailflow_History table, accessible under the job's - Results node -- 02.Update History Table – Updates the SA_EX_Mailflow_History table, with data from the .Active - Directory Inventory and .Entra ID Inventory solutions to determine local users and distribution - lists -- 3. SET HISTORY RETENTION – Sets retention period in months - - - By default, retention is set to 6 months. This period can be modified. See the - [Parameter Configuration](#parameter-configuration) topic for additional information. - - Alternatively, the `@Months` parameter can be modified in the SQL Script Editor. See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. Deletes all Stored Data - LEAVE UNCHECKED – Deletes all historical data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#troubleshooting-data-collection) - topic for additional information diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_dl.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_dl.md deleted file mode 100644 index 62ec929e88..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_dl.md +++ /dev/null @@ -1,28 +0,0 @@ -# EX_Mailflow_DL Job - -The EX_Mailflow_DL job provides information around distribution list usage. - -## Analysis Tasks for the EX_Mailflow_DL Job - -View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > -**EX_Mailflow_DL** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailflow_DL Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowdlanalysis.webp) - -The following analysis tasks are selected by default: - -- Azure Groups Direct Member Count – Creates the EX\_ MailFlow_DL_AzureMemberCount table, accessible - under the job’s Results node. Provides a direct member count for distribution lists from Azure - groups. -- DLs by Count – Creates the EX\_ Mailflow_DLsByCount table, accessible under the job’s Results - node. Lists of all distribution lists and how much mail-flow they have received. - -In addition to the tables and views created by the analysis tasks, the EX_Mailflow_DL Jjb produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Top DLs by Received Count | The top distribution lists by total messages received. | None | This report is comprised of two elements: - Bar Chart – Displays top five distribution lists by received count - Table – Provides details on the top five distribution lists by received count | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_domain.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_domain.md deleted file mode 100644 index 231759d772..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_domain.md +++ /dev/null @@ -1,48 +0,0 @@ -# EX_Mailflow_Domain Job - -The EX_Mailflow_Domain job provides information about which domain’s mail-flow is going to and -coming from. This job is set to analyze the last 30 days. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The EX_Mailflow_Domain job has the following configurable parameter: - -- Number of days to show in tables and reports - -See the -[Analysis Tasks for the EX_Mailflow_Domain Job](#analysis-tasks-for-the-ex_mailflow_domain-job) -topic for additional information. - -## Analysis Tasks for the EX_Mailflow_Domain Job - -View the analysis task by navigating to the **Exchange** > **8. Exchange Online** > -**EX_Mailflow_Domain** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_Mailflow_Domain Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp) - -The following analysis task is selected by default: - -- Mailflow Domain – Creates the EX_MailFlow_Domain table, accessible under the job’s Results node. - It provides counts for messages sent and received from external domains. - - - By default, the number of days to show in tables and reports is set to 30. This can be - modified. See the [Parameter Configuration](#parameter-configuration) topic for additional - information. - - Alternatively, the `@Days` parameter can be modified in the SQL Script Editor. See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information - -In addition to the tables and views created by the analysis task, the EX_Mailflow_Domain job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ---------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------- | -| Top Domains By Count | Displays top domains by recipient count. | None | This report is comprised of two elements: - Bar Chart – Displays top domains - Table – Provides details on top domains | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md deleted file mode 100644 index 73a16e98b7..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md +++ /dev/null @@ -1,62 +0,0 @@ -# EX_Mailflow_Mailbox Job - -The EX_Mailflow_Mailbox job provides information around each user’s mail flow in the organization. -This job is set to analyze the last 30 days. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The EX_Mailflow_Mailbox job has the following configurable parameter: - -- Number of days to collect counts for – Sets the number of days for the **User Mailboxes By Message - Count** and **User Mailboxes by Message Size** analysis tasks. The default is **30** days. - -See the -[Analysis Tasks for the EX_Mailflow_Mailbox Job](#analysis-tasks-for-the-ex_mailflow_mailbox-job) -topic for additional information. - -## Analysis Tasks for the EX_Mailflow_Mailbox Job - -View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > -**EX_Mailflow_Mailbox** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailflow_Mailbox Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp) - -The following analysis tasks are selected by default: - -- User Message Metrics By Day – Creates the EX_MailFlow_UserByDay table, accessible under the job’s - Results node -- User Mailboxes By Message Count – Creates the EX_MailFlow_UserByCount table, accessible under the - job’s Results node - - - By default, counts are collected for the last 30 days. The number of days can be modified with - the `@Days` parameter. - - See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information - -- User Mailboxes by Message Size – Creates the EX_MailFlow_UserBySize table, accessible under the - job’s Results node - - - By default, sizes are selected for the last 30 days. The number of days can be modified with - the `@Days` parameter. - - See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_Mailflow_Mailbox job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------------------------------------------- | ------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Top Users Message Count by Message ID (Top User Traffic By Message ID) | Displays message counts for users by Message ID. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic by message ID - Table – Provides details on the last 30 days user traffic by message ID | -| Top Users Message Count By Recipient (Top Users Traffic By Recipient) | Displays message counts for users by recipient. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic by recipient - Table – Provides details on the last 30 days user traffic by recipient | -| Top Users Message Size By Message ID (Top Users Traffic Size By Message ID) | Displays message sizes for users by Message ID. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic size by message ID - Table –Details on the last 30 days user traffic size by recipient | -| Top Users Message Size By Recipient (Top Users Traffic Size By Recipient) | Displays message sizes for users by recipient. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic size by recipient - Table – Provides details on the last 30 days user traffic size by recipient | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md deleted file mode 100644 index f49bf91794..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md +++ /dev/null @@ -1,45 +0,0 @@ -# EX_Mailflow_OrgOverview Job - -The EX_Mailflow_OrgOverview job provides information around overall traffic in the organization. -This job is set to analyze the last 30 days. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The EX_Mailflow_OrgOverview job has the following configurable parameter: - -- Number of days of data to display - -See the -[Analysis Tasks for the EX_Mailflow_OrgOverview Job](#analysis-tasks-for-the-ex_mailflow_orgoverview-job) -topic for additional information. - -## Analysis Tasks for the EX_Mailflow_OrgOverview Job - -View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > -**EX_OrgOverview_Mailbox** > **Configure** node and select **Analysis**. - -![Analysis Tasks for the EX_Mailflow_OrgOverview Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp) - -The following analysis task is selected by default: - -- Organization Overview – Creates the EX_MailFlow_OrgOverview table, accessible under the job’s - Results node - - - By default, data for 30 days is displayed. This number of days can be modified by a parameter. - See the [Parameter Configuration](#parameter-configuration) topic for additional information. - - Alternatively, the `@Days` parameter can be modified in the SQL Script Editor. See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. - -In addition to the tables and views created by the analysis task, the EX_Mailflow_OrgOverview job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Trend By MessageID (Organization Overview) | This report shows an overview of sent and received message statuses for the organization. | None | This report is comprised of two elements: - Line Chart – Displays the last 7 days trend by message ID - Table – Provides details on the last 30 days total traffic by message ID | -| Trend By Recipient | This report shows the trend of sent/received and total traffic by recipient. | None | This report is comprised of two elements: - Line Chart – Displays the last 7 days trend by recipient - Table – Provides details on the last 30 days traffic by recipient | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/overview.md deleted file mode 100644 index 4f95aa56e5..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/overview.md +++ /dev/null @@ -1,23 +0,0 @@ -# Mailflow Job Group - -The Mailbox job group is comprised of jobs that process and analyze the Message Tracking Logs in the -Office 365 environment. This job group parses message tracking and stores the data for analysis and -reporting in the Enterprise Auditor database. - -![Mailflow Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowjobstree.webp) - -The jobs in the Mailflow job group are: - -- [0. Collection > EX_Mailflow Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow.md) - – Collects message trace data from an Office 365 server -- [EX_Mailflow_DL Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_dl.md) - – Comprised of analysis and reports which provide information around distribution list usage -- [EX_Mailflow_Domain Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_domain.md) - – Comprised of analysis and reports which provide information about which domains mail flow is - going to and coming from -- [EX_Mailflow_Mailbox Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md) - – Comprised of analysis and reports which provide information around each user's mail-flow in the - organization -- [EX_Mailflow_OrgOverview Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md) - – Comprised of analysis and reports which provide information around the overall traffic in the - organization diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/overview.md deleted file mode 100644 index a4480df6d4..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/overview.md +++ /dev/null @@ -1,12 +0,0 @@ -# 8.Exchange Online Job Group - -The 8. Exchange Online job group collects message trace data from Office 365. - -![8.Exchange Online Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The job group in the 8. Exchange Online job group is: - -- [Mailflow Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/mailflow/overview.md) - – Comprised of Jobs that process and analyze the Message Tracking Logs in the Office 365 - environment. This job group parses message tracking and stores the data for analysis and reporting - in the Enterprise Auditor database. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md deleted file mode 100644 index 0e6c55655d..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md +++ /dev/null @@ -1,111 +0,0 @@ -# Exchange Solution - -The Exchange Solution provides auditing and reporting on multiple aspects of the Exchange -environment to assist with identifying risk, understanding usage, and decreasing bloat. Areas of -focus include Audit and Compliance, Maintenance and Cleanup, Metrics and Capacity, Operations and -Health, Public Folders and Configuration Baseline. Sensitive Data Discovery searches mailboxes and -public folders to discover where sensitive information of any type exists. This requires the -Sensitive Data Discovery Add-on. - -Supported Platforms - -- Exchange Online (Limited) - -- Exchange 2019 (Limited) -- Exchange 2016 (Limited) -- Exchange 2013 -- Exchange 2010 (Limited) - -See the -[Exchange Support and Permissions Explained](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -Requirements, Permissions, and Ports - -See the -[Target Exchange Servers Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -and -[Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topics for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans.If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host.For example, if the job is configured to scan 8 hosts at a time , then -an extra 16 GB of RAM are required (8x2=16). - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Location - -The Exchange Solution requires a special Enterprise Auditor license. It can be installed from the -Enterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to -the solution: **Jobs** > **Exchange**. - -Each job group within the solution collects data, analyzes the data, and reports on the target -Exchange environment, with the exception of the 6. Distribution Lists job group that only analyzes -data and generates reports. The EX_UserOverview job runs analysis on the collected data and -generates reports. - -## Job Groups - -The Exchange Solution is divided into categories based upon what is being audited. - -![Exchange Job Group Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The following job groups comprise the Exchange Solution: - -- [1.HUB Metrics Job Group](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Comprised of data collection, analysis and reports that focus on mail-flow activity occurring - within your organization. This job group goes out to each server that contains the Message - Tracking Logs and parses the log to return the data to the Enterprise Auditor database. -- [2.CAS Metrics Job Group](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Comprised of data collection, analysis and reports that focus on remote connections (Outlook Web - Access, ActiveSync, and Outlook Anywhere Access) occurring within your organization. This job - group goes out to each server that contains the IIS Logs and parses the log to return the data to - the Enterprise Auditor database. -- [3.Databases Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/databases/overview.md) - – Comprised of data collection, analysis and reports that focus on database sizing, growth, and - trends -- [4.Mailboxes Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Comprised of data collection, analyses, and reports around mailbox features, logons, - permissions, and sizing - - **CAUTION:** It is not recommended to run this job group at this job group level. - - - See the - [Recommended Configurations for the 4. Mailboxes Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - topic for this job group. All jobs within this group are compatible with the Office 365 - environment. - -- [5. Public Folders Job Group](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Comprised of data collection, analysis and reports that focus on public folder sizing, content - aging, entitlement, ownership, and the identification of each public folder’s Most Probable Owner. - The Most Probable Owner is a unique algorithm built into the public folder data collector that is - determined based on folder ownership, content posted, and size of content posted. -- [6. Distribution Lists Job Group](/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md) - – Lists the direct and effective membership to distribution lists in addition to providing context - around potentially stale distribution lists -- [7.Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/exchange/sensitive-data.md) - – Comprised of jobs which locate sensitive data found in mailboxes and public folders in the - Exchange environment -- [8.Exchange Online Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/online/overview.md) - – Comprised of jobs that locate sensitive data found in mailboxes and public folders in the - Exchange environment -- [EX_UserOverview Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/ex_useroverview.md) - – provides correlation from multiple data collection points to show information for each user - about their mailbox size, mailbox access rights, mail-flow metrics and remote connectivity to the - Exchange environment. These reports provide user impact analysis on the environment. This job - depends upon multiple job groups. - -The MAPI-based data collectors require both Enterprise Auditor MAPI CDO and Microsoft Exchange MAPI -CDO to be installed on the Enterprise Auditor Console server. Once these have been installed, -configure the **Settings** > **Exchange** node for proper connection to the Exchange server. See the -[Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/overview.md deleted file mode 100644 index 7d0639bed5..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/overview.md +++ /dev/null @@ -1,51 +0,0 @@ -# Unix Solution - -The Unix Solution reports on areas of administrative concern for Unix and Linux systems. Attention -is given to users and group details, privileged access rights, and NFS and Samba sharing -configurations. - -Supported Platforms - -- AIX® 4+ -- Solaris™ 8+ -- Red Hat® Enterprise Linux® 4+ -- Red Hat® Linux® 5.2+ -- HP-UX® 11+ -- CentOS® 7+ -- SUSE® 10+ - -Requirements, Permissions, and Ports - -See the -[Target Unix Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Location - -The Unix Solution requires a special Enterprise Auditor license. It can be installed from the -Enterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to -the solution: **Jobs** > **Unix**. - -## Job Groups - -The Unix solution is a set of audit jobs and reports that provide visibility into important Unix and -Linux administration concepts. - -![Unix Solution Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The job groups in the Unix Solution are: - -- [1.Users and Groups Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/overview.md) - – The jobs within this group provide visibility into users and groups, helping to pinpoint - potential areas of administrative concern -- [2.Privileged Access Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/overview.md) - – The jobs within this group provide visibility into privileged users within audited Unix and - Linux environments by identifying all rights granted via sudoers and the owners of critical files - such as passwd, shadow, sudoers, hosts.deny, and more -- [3.Sharing Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/overview.md) - – Provides information on NFS and Samba share configuration, and highlights potentially high-risk - shares - -Each job group within the Unix Solution is designed to run independently. See the -[Recommended Configurations for the Unix Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/recommended.md) -topic for information on frequency and job group settings. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/overview.md deleted file mode 100644 index 2439e5eaf7..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/overview.md +++ /dev/null @@ -1,16 +0,0 @@ -# 2.Privileged Access Job Group - -The 2.Privileged Access job group contains jobs that provide visibility into privileged users within -audited Unix and Linux environments by identifying all rights granted via sudoers and the owners of -critical files such as passwd, shadow, sudoers, hosts.deny, and more. - -![2.Privileged Access Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 2.Privileged Access job group are: - -- [ Sudoers Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/overview.md) - – The jobs in this job group provide visibility into all rights granted via sudoers within audited - Unix and Linux environments -- [UX_CriticalFiles Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/ux_criticalfiles.md) - – This job provides visibility into owners of critical files within audited Unix and Linux - environments such as passwd, shadow, sudoers, hosts.deny, and more diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/overview.md deleted file mode 100644 index 3d162c3b50..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/overview.md +++ /dev/null @@ -1,14 +0,0 @@ -# 0.Collection Job Group - -The 0.Collection job group collects details on all rights granted via sudoers within audited Unix -and Linux Environments. - -![0.Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The jobs in the 0.Collection job group are: - -- [UX_MakeDirectory Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md) - – This job creates a temporary Enterprise Auditor directory on target Unix and Linux environments - to be used by the UX_ParseSudoers job -- [UX_ParseSudeors Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md) - – This job parses all rights granted via sudoers in the audited environment diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md deleted file mode 100644 index d1bb50c69d..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md +++ /dev/null @@ -1,14 +0,0 @@ -# UX_MakeDirectory Job - -The UX_MakeDirectory job creates a temporary Enterprise Auditor directory on the target host to be -used by the UX_ParseSudoers job. - -## Queries for the UX_MakeDirectory Job - -The UX_MakeDirectory job uses the Unix Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the UX_MakeDirectory Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp) - -- MakeDirectory – Makes a directory for the sudoers.pl file on the target host diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md deleted file mode 100644 index 64b3c865d8..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md +++ /dev/null @@ -1,15 +0,0 @@ -# UX_ParseSudeors Job - -The UX_ParseSudoers job parses all rights granted via sudoers in the audited environments. - -## Queries for the UX_ParseSudoers Job - -The UX_ParseSudoers job uses the Unix Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the UX_ParseSudoers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp) - -The query for the UX_ParseSudoers job is: - -- ParseSudoers – Parses the sudoers file on the target host diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/overview.md deleted file mode 100644 index 0455e6cf89..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/overview.md +++ /dev/null @@ -1,14 +0,0 @@ -# Sudoers Job Group - -The Sudoers job group provides visibility into all rights granted via sudoers within audited Unix -and Linux environments. - -![Sudoers Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp) - -The jobs in the Sudoers job group are: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/overview.md) - – This group collects details on all rights granted via sudoers within audited Unix and Linux - environments -- [UX_Sudoers Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md) - – This job details all rights granted via sudoers in the audited environment diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md deleted file mode 100644 index 94bbb20024..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md +++ /dev/null @@ -1,30 +0,0 @@ -# UX_Sudoers Job - -The UX_Sudoers job provides visibility into all rights granted via sudoers within audited Unix and -Linux environments. - -## Analysis Tasks for the UX_Sudoers Job - -Navigate to the **Unix** > **2.Privileged Access** > **Sudoers** > **UX_Sudoers** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_Sudoers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp) - -The default analysis tasks are: - -- Summarize number of provisioned users by host – Creates an interim processing table in the - database for use by downstream analysis and report generation -- Determine highly provisioned users – Creates an interim processing table in the database for use - by downstream analysis and report generation -- List sudoers entries across the environment – Creates the SA_UX_Sudoers_Details table accessible - under the job’s Results node - -In addition to the table and views created by the analysis tasks, the UX_Sudoers job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | --------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sudo Rights by Host | This report details all rights granted via sudoers across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays Hosts With Most Provisioning - Table – Provides details on Provisioning by Host - Table – Provides information on Sudoers Details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/ux_criticalfiles.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/ux_criticalfiles.md deleted file mode 100644 index fed55b3e96..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/privilegedaccess/ux_criticalfiles.md +++ /dev/null @@ -1,42 +0,0 @@ -# UX_CriticalFiles Job - -The UX_CriticalFiles job provides visibility into owners of critical files within audited Unix and -Linux environments such as passwd, shadow, sudoers, hosts.deny, and more. - -## Queries for the UX_CriticalFiles Job - -The UX_CriticalFIles job uses the Unix Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the UX_CriticalFiles Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesquery.webp) - -The query for the UX_CriticalFiles job is: - -- Critical File Owners – Finds critical file ownership - -## Analysis Tasks for the UX_CriticalFiles Job - -Navigate to the **Unix** > **2.Privileged Access** > **UX_CriticalFiles** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_CriticalFiles Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesanalysis.webp) - -The default analysis task is: - -- Details critical file ownership, highlights top users - - - Creates SA_UX_PrivilegedAccess_CriticalFileOwnership table accessible under the job’s Results - node - - Creates SA_UX_PrivilegedAccess_CriticalFileOwners table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis task, the UX_CriticalFiles job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Critical File Ownership | This report lists the ownership of critical files across the audited environment. The top non-root users and groups with critical file ownership are highlighted. | None | This report is comprised of three elements: - Table – Provides details on Top 5 Critical File Owners (Users) - Table – Provides details on Top 5 Critical File Owners (Groups) - Table – Provides information on Critical File Ownership Details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/recommended.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/recommended.md deleted file mode 100644 index 85b5ee274a..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/recommended.md +++ /dev/null @@ -1,61 +0,0 @@ -# Recommended Configurations for the Unix Job Group - -The Unix job group has been configured by default to run with the default settings. It can be run -directly or scheduled. - -Dependencies - -If applicable, the **.NIS Inventory** job group can be run to enable reporting on users and groups -from NIS environments. - -Target Host(s) - -All Unix Servers. Create a custom host list in Host Management that contains all Unix servers that -are in scope to be auditing with the Unix solution. - -The Unix job group has been configured to inherit the host list assignment from the solution level. -The host list assignment should be assigned under the **Unix** > **Settings** > **Host List -Assignment** node. Select the UNIX servers host list created previously. - -Connection Profile - -Set a Connection Profile on the Unix job group with root permissions for Unix/Linux. - -If the Root permission is unavailable, a least privileged model can be used. See the -[Least Privilege Model](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md#least-privilege-model) -topic for permissions needed to target the supported platforms for data collection. - -Schedule Frequency - -Schedule the Unix Solution or individual job groups to run as desired. - -History Retention - -This is not supported in this job group and should be turned off. - -Run at the Job Group Level - -It is a common practice to run the job in the **1.Users and Groups** job group by running the entire -job group, instead of the individual jobs. - -Query Configuration - -The queries in this job group are preconfigured to run with the default configurations. - -Analysis Configuration - -The analysis tasks in this job group are preconfigured to run with the default configurations. - -Workflow - -**Step 1 –** Run a Host Discovery Query to create a host list with All Unix Servers, and assign that -host list under the **Unix** > **Settings** > **Host List Assignment** node. - -**Step 2 –** (Optional) If applicable, run the **.NIS Inventory** job group run to enable reporting -on users and groups from NIS environments. - -**Step 3 –** Set a Connection Profile on the Unix job group. - -**Step 4 –** Schedule the Unix solution or individual job groups to run as desired. - -**Step 5 –** Review the reports generated by the Unix Solution. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/overview.md deleted file mode 100644 index fe852c7e2a..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/overview.md +++ /dev/null @@ -1,15 +0,0 @@ -# 0.Collection Job Group - -The jobs within this group collect NFS and Samba configuration information which will be further -analyzed to identify and categorize risk within audited Unix and Linux environments. - -![0.Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The jobs in the 0.Collection job group are: - -- [UX_NFSConfiguration Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/ux_nfsconfiguration.md) - – Collects NFS configuration information which will be further analyzed to identify and categorize - risk within audited Unix and Linux environments -- [UX_NFSConfiguration Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/ux_nfsconfiguration.md) - – Collects Samba configuration information which will be further analyzed to identify and - categorize risk within audited Unix and Linux environments diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/ux_nfsconfiguration.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/ux_nfsconfiguration.md deleted file mode 100644 index fda67998a9..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/ux_nfsconfiguration.md +++ /dev/null @@ -1,32 +0,0 @@ -# UX_NFSConfiguration Job - -The **0.Collection** > **UX_NFSConfiguration** job collects NFS configuration information which will -be further analyzed to identify and categorize risk within audited Unix and Linux environments. - -## Queries for the UX_NFSConfiguration Job - -The UX_NFSConfiguration job uses the Unix Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the UX_NFSConfiguration Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationqueries.webp) - -The queries for the UX_NFSConfiguration job are: - -- NFS Config – NFS Configuration -- Host OS – Gets the operating system of the target hosts - -## Analysis Tasks for the UX_NFSConfiguration Job - -Navigate to the **Unix** > **3.Sharing** > **0.Collection** > **UX_NFSConfiguration** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the UX_NFSConfiguration Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp) - -The default analysis task is: - -- Create NFS Options table – Creates the SA_UX_Sharing_NFSOptions table accessible under the job’s - Results node diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/ux_sambaconfiguration.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/ux_sambaconfiguration.md deleted file mode 100644 index 4b0561ddfb..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/ux_sambaconfiguration.md +++ /dev/null @@ -1,32 +0,0 @@ -# UX_SambaConfiguration Job - -The **0.Collection** > **UX_SambaConfiguration** job collects Samba configuration information which -will be further analyzed to identify and categorize risk within audited Unix and Linux environments. - -## Queries for the UX_SambaConfiguration Job - -The UX_SambaConfiguration job uses the Unix Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the UX_SambaConfiguration Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationqueries.webp) - -The queries for the UX_SambaConfiguration Job are: - -- Samba Configuration – Uses the Unix Data Collector to parse the smb.conf file -- Host OS – Gets the operating system of the target hosts - -## Analysis Tasks for the UX_SambaConfiguration Job - -Navigate to the **Unix** > **3.Sharing** > **0.Collection** > **UX_SambaConfiguration** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the UX_SambaConfiguration Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp) - -The default analysis task is: - -- Creates Samba Parameters table from scan results – Creates the SA_UX_Sharing_SambaParameters table - accessible under the job’s Results node diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/overview.md deleted file mode 100644 index 3db4954470..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/overview.md +++ /dev/null @@ -1,17 +0,0 @@ -# 3.Sharing Job Group - -The 3.Sharing job group highlights potentially insecure share configurations on Unix hosts. - -![3.Sharing Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 3.Sharing job group are: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/collection/overview.md) - - Collects NFS and Samba configuration information which will be further analyzed to identify and - categorize risk within audited Unix and Linux environments -- [UX_NFS Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/ux_nfs.md) - – This job identifies potentially insecure NFS share options which are categorized by their risk - level. Separate lists of options are checked based on target operating system. -- [UX_Samba Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/ux_samba.md) - – This job identifies potentially insecure Samba share configurations which are categorized by - their risk level diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/ux_nfs.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/ux_nfs.md deleted file mode 100644 index 847306c431..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/ux_nfs.md +++ /dev/null @@ -1,28 +0,0 @@ -# UX_NFS Job - -The UX_NFS job identifies potentially insecure NFS share options which are categorized by their risk -level. Separate lists of options are checked based on target operating system. - -## Analysis Tasks for the UX_NFS Job - -Navigate to the **Unix** > **3.Sharing** > **UX_NFS** > **Configure** node and select **Analysis** -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_NFS Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/nfsanalysis.webp) - -The default analysis tasks are: - -- Lists high risk NFS share options – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Highlights hosts with a large number of risky shares – Creates an interim processing table in the - database for use by downstream analysis and report generation - -In addition to the tables and views created by the analysis task, the UX_NFS job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------------------- | ---------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| NFS Shares with Potentially Insecure Options | This report identifies NFS shares with options which may lead to open access | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Potentially Insecure Shares - Table – Provides details on Top Hosts by Potentially Insecure Shares bar chart - Table – Provides details on List of Potentially Insecure Share Options | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/ux_samba.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/ux_samba.md deleted file mode 100644 index c15813d544..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/sharing/ux_samba.md +++ /dev/null @@ -1,28 +0,0 @@ -# UX_Samba Job - -The UX_Samba job identifies potentially insecure Samba share configurations which are categorized by -their risk level. - -## Analysis Tasks for the UX_Samba Job - -View the analysis tasks by navigating to the **Unix** > **3.Sharing** > **UX_Samba** > **Configure** -node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_Samba Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/sambaanalysis.webp) - -The default analysis tasks are: - -- Lists high risk Samba share configurations – Creates the SA_UX_Samba_HighRiskSambaShares table - accessible under the job’s Results node -- Highlights hosts with a large number of risky shares – Creates an interim processing table in the - database for use by downstream analysis and report generation - -In addition to the tables and views created by the analysis task, the UX_NFS job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------------- | --------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Samba Shares with Potentially Insecure Configurations | This report identifies Samba shares with parameters which may lead to open access | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Potentially Insecure Shares - Table – Provides details on Top Hosts by Potentially Insecure Shares bar chart - Table – Provides details on List of Potentially Insecure Share Configurations | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/overview.md deleted file mode 100644 index d6f8d0fba5..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/overview.md +++ /dev/null @@ -1,29 +0,0 @@ -# 1.Users and Groups Job Group - -The jobs within the 1.Users and Groups job group provide visibility into users and groups, helping -to pinpoint potential areas of administrative concern. - -![1.Users and Groups Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 1.Users and Groups job group are: - -- [0.Collection > UX_UsersAndGroups Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_usersandgroups.md) - – Collects user and group related information from /etc/shadow and their equivalents in order to - provide details on user and group conditions to help pinpoint areas of administrative concerns -- [UX_DuplicateGroups Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_duplicategroups.md) - – This job identifies duplicate groups within the audited Unix or Linux environment. Duplicate - groups contain the same group membership as one another and are suitable candidates for cleanup. -- [UX_EmptyGroups Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_emptygroups.md) - – This job identifies empty groups found within the audited Unix or Linux environment. These are - suitable candidates for consolidation or cleanup. -- [UX_LargeGroups Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_largegroups.md) - – This job identifies groups with large member counts. These types of groups may cause - administrative overhead and burden in being able to easily understand who is getting access to - resources, or how much access is being granted to resources through these groups. -- [UX_LocalGroups Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_localgroups.md) - – This job provides an overview of all local groups within the audited Unix and Linux environments -- [UX_LocalUsers Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_localusers.md) - – This job provides an overview of all local users within the audited Unix and Linux environments -- [UX_PasswordSettings Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_passwordsettings.md) - – This job provides visibility into user passwords and system password configurations within - audited Unix and Linux environments diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_duplicategroups.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_duplicategroups.md deleted file mode 100644 index 6b8e40f54b..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_duplicategroups.md +++ /dev/null @@ -1,29 +0,0 @@ -# UX_DuplicateGroups Job - -The UX_DuplicateGroups job identifies duplicate groups within the audited Unix or Linux environment. -Duplicate groups contain the same group membership as one another and are suitable candidates for -cleanup. - -## Analysis Tasks for the UX_DuplicateGroups Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_DuplicateGroups** > **Configure** node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_DuplicateGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/duplicategroupsanalysis.webp) - -The default analysis tasks are: - -- Finds duplicate groups – Creates the SA_UX_DuplicateGroups_Details table accessible under the - job’s Results node -- Summarizes duplicate groups – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the table and views created by the analysis tasks, the UX_DuplicateGroups job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | -| Duplicate Groups | This report identifies duplicate groups within the audited domains | None | This report is comprised of two elements: - Bar Chart – Displays Largest Groups with Duplicates - Table – Provides details on Duplicate Group Details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_emptygroups.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_emptygroups.md deleted file mode 100644 index 597920c7f1..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_emptygroups.md +++ /dev/null @@ -1,28 +0,0 @@ -# UX_EmptyGroups Job - -The UX_EmptyGroups job identifies empty groups found within the audited Unix or Linux environment. -These are suitable candidates for consolidation or cleanup. - -## Analysis Tasks for the UX_EmptyGroups Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_EmptyGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_EmptyGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) - -The default analysis tasks are: - -- Finds empty groups – Creates the SA_UX_EmptyGroups_Details table accessible under the job’s - Results node -- Summarizes empty groups – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the table and views created by the analysis tasks, the UX_EmptyGroups job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | -------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Empty Groups | This report identifies empty groups within the audited domains | None | This report is comprised of three elements: - Bar Chart – Displays Empty Groups by Type - Table – Provides details on Empty Groups by Type bar chart - Table – Provides information on Empty Group Details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_largegroups.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_largegroups.md deleted file mode 100644 index 9d49d19f61..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_largegroups.md +++ /dev/null @@ -1,43 +0,0 @@ -# UX_LargeGroups Job - -The UX_LargeGroups job identifies groups with large member counts. These types of groups may cause -administrative overhead and burden in being able to easily understand who is getting access to -resources, or how much access is being granted to resources through these groups. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The UX_LargeGroups job has the following customizable parameter: - -- Minimum size for a group to be considered large – Sets the threshold used by the Find large groups - analysis task to determine if a group is considered to be large. The default is 5. - -## Analysis Tasks for the UX_LargeGroups Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_LargeGroups** > **Configure** node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the UX_LargeGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/largegroupsanalysis.webp) - -The default analysis task is: - -- Finds large groups. The parameter determining the minimum size for a large group can be configured - in the SQL scripting module. – Creates the UX_LargeGroups_Details table accessible under the job’s - Results node - - - The threshold value used to determine if a group is considered large can be customized. See - the [Parameter Configuration](#parameter-configuration) for additional information. - -In addition to the table and views created by the analysis tasks, the UX_LargeGroups job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | -------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | -| Large Groups | This report identifies large groups within the audited domains | None | This report is comprised of two elements: - Bar Chart – Displays Top 5 Large Groups - Table – Provides information on Large Group Details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_localgroups.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_localgroups.md deleted file mode 100644 index 55483990dd..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_localgroups.md +++ /dev/null @@ -1,28 +0,0 @@ -# UX_LocalGroups Job - -The UX_LocalGroups job provides an overview of all local groups within the audited Unix and Linux -environments. - -## Analysis Tasks for the UX_LocalGroups Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_LocalGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_LocalGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/localgroupsanalysis.webp) - -The default analysis tasks are: - -- Creates local groups table – Creates the SA_UX_LocalGroups_Details table accessible under the - job’s Results node -- Creates local groups summary table – Creates an interim processing table in the database for use - by downstream analysis and report generation - -In addition to the table and views created by the analysis tasks, the UX_LocalGroups job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------- | -| Local Groups | This report summarizes local groups in the audited environment. Hosts with large numbers of local groups are highlighted, as are local groups with large memberships. | None | This report is comprised of two elements: - Bar Chart – Displays Top Hosts by Local Group Count - Table – Provides details on All Local Groups | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_localusers.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_localusers.md deleted file mode 100644 index e59e24a66a..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_localusers.md +++ /dev/null @@ -1,28 +0,0 @@ -# UX_LocalUsers Job - -The UX_LocalUsers job provides an overview of all local users within the audited Unix and Linux -environments. - -## Analysis Tasks for the UX_LocalUsers Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_LocalUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_LocalUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/localusersanalysis.webp) - -The default analysis tasks are: - -- Creates local users table – Creates the SA_UX_LocalUsers_Details table accessible under the job’s - Results node -- Creates local users summary table – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the table and views created by the analysis tasks, the UX_LocalUsers job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | ----------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Local Users | This report summarizes local users in the audited environment. Hosts with large numbers of local users are highlighted. | None | This report is comprised of three elements: - Bar Chart – Displays Top 5 Hosts by Local User Count - Table – Provides details on Top 5 Local User Count bar chart - Table – Provides details on All Local Users | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_passwordsettings.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_passwordsettings.md deleted file mode 100644 index 14b56ceb23..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_passwordsettings.md +++ /dev/null @@ -1,29 +0,0 @@ -# UX_PasswordSettings Job - -The UX_PasswordSettings job provides visibility into user passwords and system password -configurations within audited Unix and Linux environments. - -## Analysis Tasks for the UX_PasswordSettings Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_PasswordSettings** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_PasswordSettings Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/passwordsettingsanalysis.webp) - -The default analysis tasks are: - -- Gives information about local user passwords – Creates SA_UX_PasswordSettings_UserDetails table - accessible under the job’s Results node -- Gives information about system password settings – Creates SA_UX_PasswordSettings_SystemDetails - table accessible under the job’s Results node - -In addition to the table and views created by the analysis tasks, the UX_PasswordSettings job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | -------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------- | -| Local User Passwords | This report outlines password information for each local user on each host | None | This report is comprised of one element: - Table – Provides details on User Password Settings | -| Password Security Setting | This report lists password security settings for each audited host | None | This report is comprised of one element: - Table – Provides details on Password Settings | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_usersandgroups.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_usersandgroups.md deleted file mode 100644 index 3689eff59a..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/usersgroups/ux_usersandgroups.md +++ /dev/null @@ -1,49 +0,0 @@ -# 0.Collection > UX_UsersAndGroups Job - -The UX_UsersAndGroups job collects user and group information from /etc/passwd, /etc/shadow, and -their equivalents in order to provide details on user and group conditions to help pinpoint -potential areas of administrative concern. - -![0.Collection > UX_UsersAndGroups Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The UX_UsersAndGroups job is located in the 0.Collection job group. - -## Queries for the UX_UsersAndGroups Job - -The UX_UsersandGroups job uses the Unix Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the UX_UsersAndGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/usersandgroupsqueries.webp) - -The queries for the UX_UsersAndGroups job are: - -- UX_LocalUsers – Obtains local user information from /etc/passwd -- UX_LocalGroups – Obtains local group information from /etc/group -- UX_LocalGroupMembers – Obtains local group membership information from /etc/group -- UX_UserPasswords_AIX – Gets shadow file information on AIX hosts -- UX_UserPasswords_Linux – Gets shadow file information on RHEL, CentOS, Debian, SuSE, and Solaris - hosts -- UX_PasswordSettings_AIX – Gets system password settings from /etc/security/user -- UX_PasswordSettings_Linux – Gets system password settings from /etc/login.defs -- UX_PasswordSettings_Solaris – Gets system password settings from /etc/default/passwd -- UX_UserPasswords_AIX_LastUpdate – Gets passwd file information on AIX hosts - -## Analysis Tasks for the UX_UsersAndGroups Job - -Navigate to the **Unix** > **1.Users and Groups** > **0.Collection** > **UX_UsersAndGroups** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_UsersAndGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/usersandgroupsanalysis.webp) - -The default analysis tasks are: - -- Creates UX_Users from LDAP_Users, NIS_Users, and UX_LocalUsers – Creates the UX_Users table - accessible under the job’s Results node -- Creates UX_Groups from LDAP_Groups, NIS_Groups, and UX_LocalGroups – Creates the UX_Groups table - accessible under the job’s Results node -- Creates UX_GroupMembers – Creates the UX_GroupMembers table accessible under the job’s Results - node diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/overview.md deleted file mode 100644 index 776fc75f64..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/overview.md +++ /dev/null @@ -1,16 +0,0 @@ -# Applications Job Group - -The Applications job group tracks various aspects of installed application management, identifying -installed software and utilization, unauthorized programs and rogue systems, and more. - -![Applications Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the Applications job group are: - -- [SG_InstalledApplications Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_installedapplications.md) - – This job identifies installed applications on all targeted hosts, highlighting the most common - applications installed across the audited environment -- [SG_RunAtBoot Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_runatboot.md) - – This job lists applications which are set to **Run** or **Run Once** on all targeted hosts -- [SG_ScheduledTasks Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_scheduledtasks.md) - – This job lists scheduled task details on all targeted hosts diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_installedapplications.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_installedapplications.md deleted file mode 100644 index a96f5f5b55..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_installedapplications.md +++ /dev/null @@ -1,43 +0,0 @@ -# SG_InstalledApplications Job - -The SG_InstalledApplications job identifies installed applications on all targeted hosts. - -## Queries for the SG_InstalledApplications Job - -The SG_InstalledApplications job uses the WMICollector Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_InstalledApplications Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/installedapplicationsquery.webp) - -The query for the SG_InstalledApplications job are: - -- Installed Applications – Targets all Windows servers known to Enterprise Auditor to determine - installed applications - -## Analysis Tasks for the SG_InstalledApplications Job - -Navigate to the **Windows** > **Applications** > **SG_InstalledApplications** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_InstalledApplications Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/installedapplicationsanalysis.webp) - -The default analysis tasks are: - -- All Installed Applications - Change Tracking – Creates the - SA_SG_InstalledApplications_ChangeTracking table accessible under the job’s Results node -- All Installed Applications - Details – Creates the SA_SG_InstalledApplications_Details table - accessible under the job’s Results node -- MS Applications - Details – Creates the SA_SG_InstalledApplications_MSDetails table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SG_InstalledApplications job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------ | -| All Installed Applications | This report details all installed applications, and highlights the most common installed applications across the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays top installed applications - Table – Provides details on installed applications | -| MS Office Applications | This report provides host-level details on which Microsoft Office applications are installed. | None | This report is comprised of two elements: - Bar Chart – Displays top MS Office applications - Table – Provides details on MS Office applications | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_runatboot.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_runatboot.md deleted file mode 100644 index e8b13a017f..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_runatboot.md +++ /dev/null @@ -1,46 +0,0 @@ -# SG_RunAtBoot Job - -The SG_RunAtBoot job lists applications which are set to **Run** or **Run Once** on all targeted -hosts. - -## Queries for the SG_RunAtBoot Job - -The SG_RunAtBoot job uses the Registry Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the SG_RunAtBoot Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/runatbootqueries.webp) - -The queries for the SG_RunAtBoot job are: - -- Run – Targets all Windows servers known to Enterprise Auditor to run at boot applications -- Run Once – Targets all Windows servers known to Enterprise Auditor to run once at boot - applications - -## Analysis Tasks for the SG_RunAtBoot Job - -Navigate to the **Windows** > **Applications** > **SG_RunAtBoot** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_RunAtBoot Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/runatbootanalysis.webp) - -The default analysis tasks are: - -- Track Changes – Creates the SA_SG_RunAtBoot_ChangeTracking table accessible under the job’s - Results node -- List application details – Creates the SA_SG_RunAtBoot_Details table accessible under the job’s - Results node -- Summarize details by host – Creates the SA_SG_RunAtBoot_HostSummary table accessible under the - job’s Results node -- Summarize details by application – Creates the SA_SG_RunAtBoot_AppSummary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SG_RunAtBoot job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------- | ------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Run at Boot | This report enumerates applications which are set to run at boot across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Applications Run at Boot - Table – Provides details on Top Hosts by Applications Run at Boot bar chart - Table – Provides details on Run / Run Once Applications | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_scheduledtasks.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_scheduledtasks.md deleted file mode 100644 index 887bf1a259..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/sg_scheduledtasks.md +++ /dev/null @@ -1,44 +0,0 @@ -# SG_ScheduledTasks Job - -The SG_ScheduledTasks job lists scheduled task details on all targeted hosts. - -## Queries for the SG_ScheduledTasks Job - -The SG_ScheduledTasks job uses the SystemInfo Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_ScheduledTasks Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/scheduledtasksquery.webp) - -The query for the SG_ScheduledTasks job is: - -- Scheduled tasks – Targets all Windows servers known to Enterprise Auditor to determine scheduled - tasks - -## Analysis Tasks for the SG_ScheduledTasks Job - -Navigate to the **Windows** > **Applications** > **SG_ScheduledTasks** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_ScheduledTasks Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/scheduledtasksanalysis.webp) - -The default analysis tasks are: - -- Track Changes – Creates the SA_SG_ScheduledTasks_ChangeTracking table accessible under the job’s - Results node -- List scheduled task details – Creates the SA_SG_ScheduledTasks_Details table accessible under the - job’s Results node -- Domain user summary – Creates the SA_SG_ScheduledTasks_DomainUsers table accessible under the - job’s Results node -- Host summary – Creates the SA_SG_ScheduledTasks_HostSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the SG_ScheduledTasks job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Scheduled Tasks | This report highlights scheduled tasks across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Hosts with Most Scheduled Tasks - Table – Provides details on Hosts with Most Scheduled Tasks bar chart - Table – Provides details on Scheduled Tasks | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/overview.md deleted file mode 100644 index ef5a0ca922..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/overview.md +++ /dev/null @@ -1,24 +0,0 @@ -# Authentication Job Group - -The Authentication job group provides information on authentication settings within audited systems -to help identify potential security vulnerabilities and reduce risk within the environment. - -![Authentication Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the Authentication job group are: - -- [SG_LSASettings Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_lsasettings.md) - – This job lists LSA settings on all targeted hosts. In particular, the RunAsPPL, - RestrictAnonymous, and ValidateKdcPacSignature keys are examined. If these keys are not set to 1, - a host is vulnerable to mimikatz and other exploitation tools. See the Microsoft - [Configuring Additional LSA Protection]() - article for additional ininformation. -- [SG_SecuritySupportProviders Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_securitysupportproviders.md) - – This job identifies security support providers on all targeted hosts, highlighting potentially - malicious SSPs -- [SG_WDigestSettings Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_wdigestsettings.md) - – This job lists WDigest settings on all targeted hosts. In particular, the UseLogonCredentials - key is examined. If the KB is not installed, and this key is not set properly for a given host, - cleartext passwords will be stored in memory. See the - [Microsoft Security Advisory](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) - article for more information. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_lsasettings.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_lsasettings.md deleted file mode 100644 index 20ffbbb899..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_lsasettings.md +++ /dev/null @@ -1,55 +0,0 @@ -# SG_LSASettings Job - -The SG_LASettings job lists settings on all targeted hosts. In particular, the RunAsPPL, -RestrictAnonymous, and ValidateKdcPacSignature keys are examined. If these keys are not set to 1, a -host is vulnerable to mimikatz and other exploitation tools. See the Microsoft -[Configuring Additional LSA Protection]() -article for additional information. - -## Queries for the SG_LSASettings Job - -The SG_LSASettings job uses the Registry Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the SG_LSASettings Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/lsasettingsqueries.webp) - -The queries for the SG_LSASettings Job are: - -- Check LSA registry keys – Checks LSA registry keys -- PAC Validation – Provides PAC Validation - -## Analysis Tasks for the SG_LSASettings Job - -Navigate to the **Windows** > **Authentication** > **SG_LSASettings** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_LSASettings Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/lsasettingsanalysis.webp) - -The default analysis tasks are: - -- TrackRunAsPPL changes – Creates the SG_LSASettings_RunAsPPLChangeTracking table accessible under - the job’s Results node -- List RunAsPPL setting details – Creates the SG_LSASettings_RunAsPPLDetails table accessible under - the job’s Results node -- Summarize RunAsPPL settings – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Track RestrictAnonymous changes – Creates the SG_LSASettings_RestrictAnonymousChangeTracking table - accessible under the job’s Results node -- List RestrictAnonymous setting details – Creates the SG_LSASettings_RestrictAnonymousDetails table - accessible under the job’s Results node -- Summarize RestrictAnonymous settings – Creates an interim processing table in the database for use - by downstream analysis and report generation -- PAC – Creates the SG_LSASettings_PACStatus table accessible under the job’s Results node - -In addition to the tables created by the data collector, the SG_LSASettings job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Additional LSA Protection | This report summarizes RunAsPPL registry settings on targeted hosts. This key governs whether or not additional LSA protection is enabled. See the Microsoft [Configuring Additional LSA Protection]() article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays additional LSA protection by host - Table – Provides additional LSA Protection Details | -| PAC Validation | This report indicates whether or not PAC Validation is enabled on all targeted hosts. This is governed by the ValidateKdcPacSignature key. Default behavior in the event of this key's absence depends on the Windows version installed. See the Microsoft [Understanding Microsoft Kerberos PAC Validation](https://learn.microsoft.com/en-gb/archive/blogs/openspecification/understanding-microsoft-kerberos-pac-validation) article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays PAC validation status - Table – Provides PAC validation details | -| Restrict Anonymous Access | This report summarizes RestrictAnonymous registry settings on targeted hosts. This key governs whether or not access over anonymous connections is enabled. See the Microsoft [Restrict Anonymous check]() article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays anonymous access by host - Table – Provides anonymous access details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_securitysupportproviders.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_securitysupportproviders.md deleted file mode 100644 index e838a1b2d1..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_securitysupportproviders.md +++ /dev/null @@ -1,50 +0,0 @@ -# SG_SecuritySupportProviders Job - -The SG_SecuritySupportProviders job identifies security support providers on all targeted hosts, -highlighting potentially malicious SSPs. - -## Queries for the SG_SecuritySupportProviders Job - -The SG_SecuritySupportProviders job uses the Registry Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the SG_SecuritySupportProviders Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/securitysupportprovidersqueries.webp) - -The queries for the SG_SecuritySupportProviders job are: - -- Security Support Providers LSA – Determines security support providers in the LSA Key -- Security Support Providers OSConfig – Determines security support providers in the OSConfig key - -## Analysis Tasks for the SG_SecuritySupportProviders Job - -Navigate to the **Windows** > **Authentication** > **SG_SecuritySupportProviders** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_SecuritySupportProviders Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/securitysupportprovidersanalysis.webp) - -The default analysis tasks are: - -- Track changes – Creates the SG_SecuritySupportProviders_ChangeTracking table accessible under the - job’s Results node -- List security support provider details – Creates the SG_SecuritySupportProviders_Details table - accessible under the job’s Results node -- Summarize security support provider details – Creates an interim processing table in the database - for use by downstream analysis and report generation - -The optional analysis tasks are: - -- Bring changes from last run to console – Creates the SG_SecuritySupportProviders_LastRun table - accessible under the job’s Results node -- Notify on changes – Creates the SG_SecuritySupportProviders_LastRun_NOTIFICATION table accessible - under the job’s Results node - -In addition to the tables created by the data collector, the SG_SecuritySupportProviders job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Security Support Providers | This report lists non-standard security support providers in the audited environment. | None | This report is comprised of two elements: - Pie Chart – Displays malicious security support providers by host - Table – Provides malicious security support providers details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_wdigestsettings.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_wdigestsettings.md deleted file mode 100644 index 258ff0bef3..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/sg_wdigestsettings.md +++ /dev/null @@ -1,48 +0,0 @@ -# SG_WDigestSettings Job - -The SG_WDigestSettings job lists WDigest settings on all targeted hosts. In particular, the -UseLogonCredentials key is examined. If this key is not set properly for a given host, cleartext -passwords will be stored in memory. See the -[Microsoft Security Advisory](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) -article for more information. - -## Queries for the SG_WDigestSettings Job - -The SG_WDigestSettings job uses the Registry and WMICollector Data Collectors for the following -queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the SG_WDigestSettings Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/wdigestsettingsqueries.webp) - -The queries for the SG_WDigestSettings job are: - -- Check WDigest registry keys – Checks WDigest registry keys -- Installed Hotfixes – Returns all hotfixes installed -- OS Versions – Returns OS versions - -## Analysis Tasks for the SG_WDigestSettings Job - -Navigate to the **Windows** > **Authentication** > **SG_WDigestSettings** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_WDigestSettings Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/wdigestsettingsanalysis.webp) - -The default analysis tasks are: - -- Track changes – Creates the SG_WDigestSettings_ChangeTracking table accessible under the job’s - Results node -- List WDigest setting details – Creates the SG_WDigestSettings_Details table accessible under the - job’s Results node -- Summarize WDigest Settings – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables created by the data collector, the SG_WDigestSettings job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------ | -| WDigest Settings | This report summarizes WDigest registry settings on targeted hosts. See the [Microsoft Security Advisory](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) article for additional details. | None | This report is comprised of two elements: - Pie Chart – Displays WDigest settings by host - Table – Provides WDigest setting details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/openaccess/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/openaccess/overview.md deleted file mode 100644 index a58a98abe4..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/openaccess/overview.md +++ /dev/null @@ -1,10 +0,0 @@ -# Open Access Job Group - -The Open Access job group identifies instances of open access in the audited environment. - -![Open Access Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The job in the Open Access job group is: - -- [SG_OpenFolders Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/openaccess/sg_openfolders.md) - – This job enumerates folders with open access across the audited environment diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/openaccess/sg_openfolders.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/openaccess/sg_openfolders.md deleted file mode 100644 index cb9c733907..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/openaccess/sg_openfolders.md +++ /dev/null @@ -1,71 +0,0 @@ -# SG_OpenFolders Job - -The SG_OpenFolders job enumerates folders with open access across the audited environment. - -## Queries for the SG_OpenFolders Job - -The SG_OpenFolders job uses the SystemInfo Data Collector for the following query: - -![Queries for the SG_OpenFolders Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/openfoldersquery.webp) - -The query for the SG_OpenFolders job is: - -- OpenAccess – Checks for folders with open access - - - (Optional) By default, the OpenAccess query used in this job has a search depth of 0 and will - return share-level information. If needed, the subfolder depth can be increased in the query - configuration. See the [Configure the OpenAccess Query](#configure-the-openaccess-query) topic - for additional information. - -### Configure the OpenAccess Query - -The OpenAccess query has been preconfigured to run with the default settings. However, the subfolder -depth can optionally be increased on the Options page in the System Info Data Collector Wizard. -Follow the steps to customize the query. See the -[SystemInfo Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -**Step 1 –** Navigate to the **Jobs** > **Windows** > **Open Access** > **SG_OpenFolders** > -**Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The System Info Data Collector -Wizard opens. - -![System Info Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/configuresubfolderdepth.webp) - -**Step 4 –** Navigate to the Options page and select the **Enumerate subfolders within shared -folder** checkbox and then the **Limit returned subfolders depth to** checkbox. - -**Step 5 –** Select the desired subfolders depth level using the arrows. Click **Next**. - -**Step 6 –** On the Summary page, click **Finish** to save the changes. - -The subfolders depth is now saved to the configured level. - -## Analysis Tasks for the SG_OpenFolders Job - -Navigate to the **Windows** > **OpenAccess** > **SG_OpenFolders** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_OpenFolders Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/openfoldersanalysis.webp) - -The default analysis tasks are: - -- Enumerates open folders across the audited environment – Creates an interim processing table in - the database for use by downstream analysis and report generation -- Enumerates hosts with open folders across the audited environment – Creates interim processing - tables in the database for use by downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the SG_OpenFolders job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | -| Open Access By Host | This report enumerates hosts with openly accessible folders. | None | This report is comprised of two elements: - Line Chart – Displays hosts with open folders - Table – Provides an open folder count by host | -| Open Folders | This report enumerates folders with open access across the audited environment. | None | This report is comprised of two elements: - Line Chart – Displays open folders over time - Table – Provides details on all open folders | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md deleted file mode 100644 index aac9c1a6a0..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md +++ /dev/null @@ -1,64 +0,0 @@ -# Windows Solution - -The Windows Solution is designed to provide both high-level and granular views into any sized -organization's infrastructure. Systems are a critical business asset. In order to optimally support -and benefit the business, these systems must be running optimally and be fully secured. The Windows -Solution allows organizations to quickly inventory, assess, and secure their Windows desktop and -server infrastructure from a central location. Key capabilities include privileged account -discovery, security configuration and vulnerability assessment, compliance reporting, and asset -inventory. - -Supported Platforms - -- Windows 7 and higher -- Windows Server 2016 and later - -Requirements, Permissions, and Ports - -See the -[Target Windows Server and Desktop Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Location - -The Windows Solution requires a special Enterprise Auditor license. It can be installed from the -Instant Job Wizard. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. Once it has been installed in the Jobs tree, navigate to the -solution: **Jobs** > **Windows**. - -![Windows Solution in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Each job group works independently from the other job groups. All of the job groups have their own -collections that are used to analyze and report on data specific to the groups function. The -SG_SecurityAssessment job summarizes security related results from the Windows solution. - -## Job Groups - -The Windows Solution provides both high-level and granular views into any sized organization’s -infrastructure. - -![Windows Solution Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The jobs and job groups in the Windows Solution are: - -- [Applications Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/overview.md) - – The jobs in this group track various aspects of installed application management, highlighting - installed software and utilization, unauthorized programs, rogue systems, and more -- [Authentication Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/overview.md) - – This group offers insight into authentication settings within audited systems to help identify - potential security vulnerabilities and reduce risk within the environment -- [Open Access Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/openaccess/overview.md) - – This group highlights instances of open access across the audited environment -- [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/overview.md) - – Vital to security is the ability to accurately assess who has administrative privileges to each - system and how. This group provides the collection and correlation capabilities needed to unravel - complex access assignments, including local administrator membership, users with remote logon - rights, and service accounts. -- [Security Utilities Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/overview.md) - – This group provides a series of security element checks across the audited environment -- [SG_SecurityAssessment Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/sg_securityassessment.md) - – This job performs checks against Windows security best practices in order to proactively - identify critical security configurations that leave the environment vulnerable to attack. The - result is a report which provides a listing of findings by severity and category with - corresponding details that can be used to prioritize and remediate security issues. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/overview.md deleted file mode 100644 index 04f5f36879..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/overview.md +++ /dev/null @@ -1,21 +0,0 @@ -# Local Administrators Job Group - -![Local Administrators Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the Local Administrators group are: - -- [SG_LocalAdmins Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md) - – This job identifies the effective membership for all local administrator groups to gain an - understanding of what accounts within the environment are privileged and should be monitored - closely -- [SG_MicrosoftLAPS Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md) - – This job assesses the LAPS (Local Administrator Password Solution) local policies on all - targeted hosts. This offers insight into LAPS enablement and configuration across an environment. - LAPS allows for centralized local administrator password management within Active Directory. See - the Microsoft - [Local Administrator Password Solution]() - article for additional information. -- [SG_Sessions Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md) - – This job lists sessions and logged on users from all targeted hosts. These active sessions and - logged on users may have their hashes stored in memory on the target machine, which could be - leveraged in a Pass the Hash attack. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md deleted file mode 100644 index 6c57d7e685..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md +++ /dev/null @@ -1,56 +0,0 @@ -# SG_LocalAdmins Job - -The SG_LocalAdmins job identifies the effective membership for all local administrator groups. The -purpose of this job is to gain an understanding of what accounts within the environment are -privileged and should be monitored closely. - -## Queries for the SG_LocalAdmins Job - -The SG_LocalAdmins job uses the UsersGroups Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_LocalAdmins Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp) - -The query for the SG_LocalAdmins job is: - -- Direct Membership – Returns direct membership from targeted hosts - -## Analysis Tasks for the SG_LocalAdmins Job - -Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > -**SG_LocalAdmins** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_LocalAdmins Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp) - -The default analysis tasks are: - -- Expand Effective Membership – Creates the SA_SG_LocalAdmins_Details table accessible under the - job’s Results node -- Membership Summary – Creates the SA_SG_LocalAdmins_MembershipSummary table accessible under the - job’s Results node -- Privileged Accounts – Creates the SA_SG_LocalAdmins_PrivilegedAccounts table accessible under the - job’s Results node -- Track Changes – Creates the SA_SG_LocalAdmins_Changes table accessible under the job’s Results - node - -In addition to the tables created by the analysis tasks, the SG_LocalAdmins job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ---------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Local Administrators | This report identifies servers with the largest local administrator groups in the environment. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Chart – Displays largest local administrator groups - Table – Provides membership details - Table – Provides a local administrator groups summary | -| Membership Changes | This report identifies changes in effective membership between two scans of the environment. | None | This report is comprised of one element: - Table – Displays membership changes | -| Privileged Accounts | This report highlights user accounts with a large number of local administrator rights. | None | This report is comprised of two elements: - Stacked Chart – Displays top trustees by administrator rights - Table – Provides details on privileged accounts | - -## Least Privilege Model - -The SG_LocalAdmins job typically uses an account that is a member of the Local Administrators group -on the target host. However if a less-privileged option is required, you can instead use a regular -domain user that has been added to the **Network access: Restrict clients allowed to make remote -calls to SAM** Local Security Policy. - -![User added to the Local Securtiy Policy](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp) diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md deleted file mode 100644 index 8763701be2..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md +++ /dev/null @@ -1,42 +0,0 @@ -# SG_MicrosoftLAPS Job - -The SG_MicrosoftLAPS job assesses the Local Administrator Password Solution (LAPS) local policies on -all targeted hosts. This offers insight into LAPS enablement and configuration across an -environment. LAPS allows for centralized local administrator password management within Active -Directory. See the Microsoft -[Local Administrator Password Solution]() -article for additional information. - -## Queries for the SG_MicrosoftLAPS Job - -The SG_MicrosoftLAPS job uses the Registry Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_MicrosoftLAPS Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp) - -The query for the SG_MicrosoftLAPS job is: - -- Registry Check – Checks for LAPS related registry keys - -## Analysis Tasks for the SG_MicrosoftLAPS Job - -Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > -**SG_MicrosoftLAPS** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SG_MicrosoftLAPS Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp) - -The default analysis task is: - -- List LAPS details – Creates the SG_MicrosoftLAPS_Details table accessible under the job’s Results - node - -In addition to the tables created by the analysis tasks, the SG_MicrosoftLAPS job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | -| Microsoft LAPS Overview | This report gives an overview of LAPS policies in the audited environment. LAPS allows for centralized local administrator password management within Active Directory. | None | This report is comprised of two elements: - Pie Chart – Displays LAPS status by host - Table – Provides LAPS policy details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md deleted file mode 100644 index feaf80fc88..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md +++ /dev/null @@ -1,44 +0,0 @@ -# SG_Sessions Job - -The SG_Sessions job lists sessions and logged on users from all targeted hosts. These active -sessions and logged on users may have their hashes stored in memory on the target machine, which -could be leveraged in a Pass the Hash attack. - -## Queries for the SG_Sessions Job - -The SG_Sessions job uses the SystemInfo Data Collector for the following queries: - -**CAUTION:** The queries) are preconfigured for this job. Never modify the queries. - -![Queries for the SG_Sessions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp) - -The queries for the SG_Sessions job are: - -- Logged on Users – Returns info for logged on users of local and remote machines -- Sessions – Returns info for local and remote sessions - -## Analysis Tasks for the SG_Sessions Job - -Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > **SG_Sessions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the SG_Sessions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp) - -The default analysis tasks are: - -- Active Sessions – Lists all sessions and logged on users for local and remote machines. Creates - the SA_SG_Sessions_Details table accessible under the job’s Results node. -- Active Sessions Summary – Summarizes active sessions by host and user -- Logged on Users – Analyzes and retains logged on user data. Creates the SA_SG_Sessions_UserLogons - table accessible under the job’s Results node. -- Logged on Users Summary – Summarizes user logon activity by host and admins -- LoggonOnUsers and Sessions – Joins LoggedOnUsers and Sessions data. Creates the - SA_SG_Sessions_AdminSessions table accessible under the job’s Results node. -- Sessions Scope – Summarizes the scope of the SG_Sessions job - -In addition to the tables created by the analysis tasks, the SG_Sessions job produces the following -pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------- | --------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sessions | This report identifies domain administrators that may have credentials in memory on member servers. | CCPA, GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of four elements: - Table – Details the scope of the SG_Sessions job - Pie Chart – Displays LAPS status by host - Table – Provides LAPS policy details - Table – Provides details on all sessions | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/overview.md deleted file mode 100644 index faafd0c086..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/overview.md +++ /dev/null @@ -1,18 +0,0 @@ -# Collection Job Group - -The Collection job group collects group policy settings, local users, and local group membership -information from Windows servers which will be further analyzed to provide insight into privileged -users within the environment. - -![Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The jobs in the Collection job group are: - -- [SG_GroupPolicy Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md) - – This job collects policy assignments from all targeted servers. In particular, **Allow log on - locally**, **Log on as a batch job**, **Allow log on through Remote Desktop Services**, and **Log - on as a service** are audited. -- [SG_LocalMembership Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md) - – This job collects local group membership details from all targeted servers -- [SG_LocalUsers Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md) - – This job collects local user accounts from all targeted servers diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md deleted file mode 100644 index 45f36e7e17..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md +++ /dev/null @@ -1,21 +0,0 @@ -# SG_GroupPolicy Job - -The SG_GroupPolicy job collects policy assignments from all targeted servers. The following policy -assignments are audited: - -- Allow log on locally -- Log on as a batch job -- Allow log on through Remote Desktop Services -- Log on as a service - -## Queries for the SG_GroupPolicy Job - -The SG_GroupPolicy job uses the GroupPolicy Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_GroupPolicy Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyquery.webp) - -The query for the SG_GroupPolicy job is: - -- GroupPolicy – Collects group policy information diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md deleted file mode 100644 index 51b40669fb..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md +++ /dev/null @@ -1,30 +0,0 @@ -# SG_LocalMembership Job - -The SG_LocalMembership job collects local group membership from all targeted servers. - -## Queries for the SG_LocalMembership Job - -The SG_LocalMembership job uses the UsersGroups Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_LocalMembership Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp) - -The query for the SG_LocalMembership job is: - -- LocalMembers – Collects local membership information - -## Analysis Tasks for the SG_LocalMembership Job - -Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **Collection** > -**SG_LocalMembership** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SG_LocalMembership Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp) - -The default analysis task is: - -- Update LocalMembers – Creates an interim processing table in the database for use by downstream - analysis and report generation diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md deleted file mode 100644 index 9d4382a201..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md +++ /dev/null @@ -1,30 +0,0 @@ -# SG_LocalUsers Job - -The SG_LocalUsers job audits local user accounts from all targeted hosts. - -## Queries for the SG_LocalUsers Job - -The SG_LocalMembership job uses the UsersGroups Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_LocalUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp) - -The query for the SG_LocalUsers job is: - -- LocalUsers – Collects local user information - -## Analysis Tasks for the SG_LocalUsers Job - -Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **Collection** > -**SG_LocalUsers** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SG_LocalUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/localusersanalysis.webp) - -The default analysis tasks is: - -- Update LocalUsers – Creates an interim processing table in the database for use by downstream - analysis and report generation diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/overview.md deleted file mode 100644 index 124d9a989e..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/overview.md +++ /dev/null @@ -1,18 +0,0 @@ -# Logon Rights Job Group - -The Logon Rights job group collects local policy information and reports on privileged users. - -![Logon Rights Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs and job groups in the Logon Rights job group are: - -- [Collection Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/overview.md) - – The jobs within this group collect group policy settings, local users, and local group - membership from Windows servers which will be further analyzed to provide insight into privileged - users within the environment -- [SG_AccountPrivileges Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md) - – This job highlights account privileges across the audited environment, filtering out default - privileges present on Windows servers -- [SG_LocalPolicies Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md) - – This job identifies privileged accounts across the audited environments, based on the number of - local security policies assigned diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md deleted file mode 100644 index b049125b70..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md +++ /dev/null @@ -1,41 +0,0 @@ -# SG_AccountPrivileges Job - -The SG_AccountPrivileges job identifies accounts privileges on hosts in the targeted environment. - -Targeted Hosts - -All Windows Hosts - -## Queries for the SG_AccountPrivileges Job - -The SG_AccountPrivileges job uses the PowerShell Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_AccountPrivileges Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp) - -The query for the SG_AccountPrivileges job is: - -- Account Privilege Check – Determines account privileges on local hosts - -## Analysis Tasks for the SG_AccountPrivileges Job - -Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > -**SG_AccountPrivileges** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SG_AccountPrivileges Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp) - -The default analysis task is: - -- List all assigned privileges – Creates the SA_SG_AccountPrivileges_Details table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the SG_AccountPrivileges job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------- | -| Account Privilege Details | This report highlights account privileges on hosts in the targeted environment. Default privileges present on all Windows hosts have been filtered. | None | This report is comprised of one element: - Table – Provides account privilege details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md deleted file mode 100644 index 0c1224528d..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md +++ /dev/null @@ -1,35 +0,0 @@ -# SG_LocalPolicies Job - -The SG_LocalPolicies job identifies privileged accounts with high levels of server access. - -## Analysis Tasks for the SG_LocalPolicies Job - -Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **SG_LocalPolicies** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_LocalPolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp) - -The default analysis tasks are: - -- Local Policies Summary – Creates the SA_SG_LocalPolicies_Details table accessible under the job’s - Results node -- Policy User Rank – Creates the SA_SG_LocalPolicies_PolicyUserRank table accessible under the job’s - Results node. Also creates an interim processing table in the database for use by downstream - analysis and report generation. -- Trustee Rank – Creates the SA_SG_LocalPolicies_TrusteeRank table accessible under the job’s - Results node. Also creates an interim processing table in the database for use by downstream - analysis and report generation. -- Calculate local amount policy details – Creates an interim processing table in the database for - use by downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the SG_LocalPolicies job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Local Account Network Access | This report highlights whether or not the **Local accounts** and **Local account and member of Administrators group** principals can be used to access a given host across the network. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a local accounts access enterprise summary - Table – Provides local account network access details | -| Local Security Policies | This report identifies effective local security policy assignments. In particular, **Allow log on locally**, **Log on as a batch job**, **Allow log on through Remote Desktop Services**, and **Log on as a service** are considered. Special attention is paid to policies with a large number of trustee assignments. It displays Largest Policies by Number of Domain User Accounts in a graph format, and Trustee Details in a table format. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays largest policies by number of domain user accounts - Table – Provides details largest policies by number of domain user accounts - Table – Provides trustee details | -| Privileged Accounts | This report highlights user accounts with a large number of rights. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top trustees by logon rights - Table – Provides details on all trustees | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/overview.md deleted file mode 100644 index 9bf3cc59f0..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/overview.md +++ /dev/null @@ -1,21 +0,0 @@ -# Privileged Accounts Job Group - -Vital to security is the ability to accurately assess who has administrative privileges to each -system and how. The Privileged Accounts job group provides the collection and correlation -capabilities needed to unravel complex access assignments, including local administrator membership, -users with remote logon rights, and service accounts. - -![Privileged Accounts Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The job groups in the Privileged Accounts job group are: - -- [Local Administrators Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/overview.md) - – This group identifies the effective membership for all local administrator groups along with - LAPS local policies configured on the target hosts to provide an understanding of what accounts - within the environment are privileged and how they are being secured -- [Logon Rights Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/overview.md) - – The jobs within this group collect local policy information to provide insight into privileged - users within the environment -- [Service Accounts > SG_ServiceAccounts Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/sg_serviceaccounts.md) - – This job indicates which domain accounts are being used to run services on member servers, - highlighting password age and settings diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/sg_serviceaccounts.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/sg_serviceaccounts.md deleted file mode 100644 index ded54779ba..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/sg_serviceaccounts.md +++ /dev/null @@ -1,48 +0,0 @@ -# Service Accounts > SG_ServiceAccounts Job - -The SG_ServiceAccounts job determines which domain accounts are being used to run services on member -servers, identifying password age and settings. - -![Service Accounts > SG_ServiceAccounts Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp) - -The SG_ServiceAccounts job is located in the Service Account job group. - -## Queries for the SG_ServiceAccounts Job - -The SG_ServiceAccounts job uses the Services Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_ServiceAccounts Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsquery.webp) - -The query for the SG_ServiceAccounts job is: - -- Service Accounts – Collects information on service accounts - -See the -[Services Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/services.md) -topic for additional information. - -## Analysis Tasks for the SG_ServiceAccounts Job - -Navigate to the **Jobs** > **Windows** > **Privileged Accounts** > **Service Accounts** > -**SG_ServiceAccounts** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_ServiceAccounts Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/serviceaccountsanalysis.webp) - -The default analysis tasks are: - -- Domain Service Accounts – Creates the SA_SG_ServiceAccounts_Details table accessible under the - job’s Results node -- Domain Summary – Creates the SA_SG_ServiceAccounts_DomainSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the SG_ServiceAccounts job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | --------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Service Accounts | This report identifies domain accounts being used for services. | None | This report is comprised of three elements: - Bar Chart – Displays domains by service accounts found - Table – Provides domains by service accounts found - Table – Provides service details | diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/recommended.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/recommended.md deleted file mode 100644 index 8778381f36..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/recommended.md +++ /dev/null @@ -1,34 +0,0 @@ -# Recommended Configurations for the Windows Solution - -Dependencies - -The .Active Directory Inventory job group needs to be executed prior to running the Windows -Solution. - -See individual sub-groups and jobs for the dependencies. - -Target Hosts - -See individual sub-groups and jobs for host list designations. - -Connection Profile - -The Connection Profile used for this job needs to have local administrator privileges. By default, -this job group's Connection Profile is set to **Use Default Profile (Inherit from the parent group, -if any, or the global Default setting)**. See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -History Retention - -See individual sub-groups and jobs for history support. Use Default Settings unless instructed -otherwise. - -Additional Notes - -Some jobs in the Windows Job Group use custom SQL scripts to render views on collected data. SQL -views are used to populate report element tables and graphs. Changing or modifying the group, job, -or tables names will result in no data displayed within the reports. - -See the Recommended Configurations topic for each job group for additional information on frequency -and job group settings. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/overview.md deleted file mode 100644 index 52cacc07fd..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/overview.md +++ /dev/null @@ -1,18 +0,0 @@ -# OpenPortScan Job Group - -The OpenPortScan job group reveals all open ports along with the associated executable on the -targeted systems leveraging the jobs within this group. This is accomplished through remotely -executing a netstat command on the target hosts and collecting the results for reporting. - -![OpenPortScan Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp) - -_Remember,_ both jobs need to be assigned the same host list under the Host List Assignments node in -the OpenPortScan job group’s settings. - -The jobs in the OpenPortScan job group are: - -- [RemoteOpenPort Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenport.md) - – This job remotely executes `netstat -a -b -n` command to gather information about the available - port on the targeted hosts -- [RetrieveNetstat Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/retrievenetstat.md) - – This job reveals all open ports along with the associated executable on  targeted systems diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenport.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenport.md deleted file mode 100644 index 24dcab0924..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenport.md +++ /dev/null @@ -1,31 +0,0 @@ -# RemoteOpenPort Job - -The RemoteOpenPort job remotely executes a `netstat -a -b -n` command to gather information about -the available ports on the targeted hosts. - -## Queries for the RemoteOpenPort Job - -The RemoteOpenPort job uses the Script Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the RemoteOpenPort Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp) - -The query for the RemoteOpenPort job is: - -- Remote Execution of NETSTAT – Runs VBScript on a remote host to run NETSTAT and gather information - about the available ports on the targeted hosts - -## Analysis Tasks for the RemoteOpenPort Job - -Navigate to the **Windows** > **Security Utilities** > **OpenPortScan** > **RemoteOpenPort** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the RemoteOpenPort Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp) - -The default analysis task is: - -- 1. Impose 30 Second Wait Timer – Slows processing down to allow remote command to complete diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/overview.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/overview.md deleted file mode 100644 index ec75a87b0f..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/overview.md +++ /dev/null @@ -1,17 +0,0 @@ -# Security Utilities Job Group - -The Security Utilities job group is designed to reveal all open ports along with the associated -executable on the targeted systems. The job remotely executes a netstat command on the target hosts -and collects the results for reporting. - -![Security Utilities Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs and job groups in the Security Utilities job group are: - -- [OpenPortScan Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/overview.md) - – Reveals all open ports along with the associated executable on the targeted systems leveraging - the jobs within this group. This is accomplished through remotely executing a netstat command on - the target hosts and collecting the results for reporting. -- [SG_PowerShellCommands Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/sg_powershellcommands.md) - – This job highlights instances where suspicious PowerShell commands have been found in a host’s - PowerShell log diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/sg_powershellcommands.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/sg_powershellcommands.md deleted file mode 100644 index 51a229241d..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/sg_powershellcommands.md +++ /dev/null @@ -1,125 +0,0 @@ -# SG_PowerShellCommands Job - -The SG_PowerShellCommands job lists suspicious PowerShell commands on all targeted hosts. The list -of commands considered can be customized by configuring the Check PowerShell Log query. - -## Queries for the SG_PowerShellCommands Job - -The SG_PowerShellCommands job uses the SmartLog Data Collector for the following queries: - -**CAUTION:** The Check PowerShell Operations log query is preconfigured for this job. Never modify -the query. - -![Queries for the SG_PowerShellCommands Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsqueries.webp) - -The queries for the SG_PowerShellCommands job are: - -- Check PowerShell log – Checks the PowerShell log - - - (Optional) This query can be configured. See the - [Configure the Check PowerShell log Query](#configure-the-check-powershell-log-query) topic - for additional information. - -- Check PowerShell Operations log – Checks the PowerShell Operational log - -### Configure the Check PowerShell log Query - -The Check PowerShell log query has been preconfigured to run with the default settings. However, the -new criteria can optionally be added on the Criteria page in the Smart Log Data Collector Wizard. - -**Step 1 –** Navigate to the **Jobs** > **Windows** > **Security Utilities** > -**SG_PowerShellCommands** > **Configure** node and select **Queries**. Select the **Check PowerShell -log** query. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Smart Log Data Collector -Wizard opens. - -**Step 4 –** If the **Criteria** tab is grayed out, click **Next** through the windows until the tab -is accessible. - -![Smart Log Data Collector Wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp) - -**Step 5 –** On the Criteria page, click the **press the button to add a new condition** box. - -**Step 6 –** Enter the desired conditions. - -**Step 7 –** Click **Next** to navigate to the Summary page and click **Finish**. - -The Check PowerShell log query has now been saved with the new conditions. - -## Analysis Tasks for the SG_PowerShellCommands Job - -View the analysis tasks by navigating to the **Windows** > **Security Utilities** > -**SG_PowerShellCommands** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_PowerShellCommands Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsanalysis.webp) - -The default analysis tasks are: - -- List PowerShell command details – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Summarize PowerShell commands – Creates the SA_PowerShellCommands_HostSummary table accessible - under the job’s Results node - -The optional analysis tasks is: - -- Notify on suspicious commands – Enable this analysis task and the select Analysis Configuration to - open the Notification Data Analysis Module Wizard to configure it to send notifications on - suspicious commands. See the - [Configure the Notify on Suspicious Commands Analysis Task](#configure-the-notify-on-suspicious-commands-analysis-task) - topic for additional information. - -In addition to the tables and views created by the analysis tasks, the EX_DeliveryTimes job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | ----------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Suspicious PowerShell Commands | This report highlights instances where suspicious PowerShell commands have been found in a host's PowerShell log. | None | This report is comprised of three elements: - Bar Chart – Displays suspicious commands by host - Table – Provides details on suspicious commands by host - Table – Provides command details | - -### Configure the Notify on Suspicious Commands Analysis Task - -Follow these steps to configure the notification analysis task. - -**Step 1 –** Navigate to the **Jobs** > **Windows** > **Security Utilities** > -**SG_PowerShellCommands** > **Configure** node and select **Analysis**. - -**Step 2 –** In the Analysis Selection view, select the **Notify on suspicious commands** analysis -task and click **Analysis Configuration**. The Notification Data Analysis Module opens. - -![Notification Data Analysis Module wizard SMTP properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp) - -**Step 3 –** Use the **Next** button to navigate to the SMTP page. Do not make changes to the -preceding pages. - -![Recipients section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp) - -**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully -qualified address) for those who are to receive this notification. Multiple addresses can be -provided. You can use the following options: - -- Add – Add an email address to the E-mail field -- Remove – Remove an email address from the Recipients list -- Combine multiple messages into single message – Sends one email for all objects in the record set - instead of one email per object to all recipients - -![Message section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp) - -**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any -parameters. Then, customize the email content in the textbox to provide an explanation of the -notification to the recipients. - -**Step 6 –** To save these configuration changes, use the **Next** to navigate to the Summary page. -Do not make changes to any other pages. Click **Finish**. The Notification Data Analysis Module -window closes. - -**Step 7 –** This notification analysis task is now configured to send emails. In the Analysis -Selection view, select this task so that notifications can be sent automatically during the -execution of the SG_PowerShellCommands job. - -The Notify on suspicious commands analysis task is now configured to send notifications. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/sg_securityassessment.md b/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/sg_securityassessment.md deleted file mode 100644 index b8ac40e33f..0000000000 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/sg_securityassessment.md +++ /dev/null @@ -1,75 +0,0 @@ -# SG_SecurityAssessment Job - -The SG_SecurityAssessment job performs checks against Windows security best practices in order to -proactively identify critical security configurations that leave the environment vulnerable to -attack. The result is a report which provides a listing of findings by severity and category with -corresponding details that can be used to prioritize and remediate security issues. - -![SG_SecurityAssessment Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/securityassessmentjobstree.webp) - -## Recommended Configurations for the SG_SecurityAssessment Job - -Dependencies - -One or more of the following jobs must be run to generate data for the report: - -- Authentication - - - **SG_LSASettings** - - **SG_SecuritySupportProviders** - - **SG_WDigestSettings** - -- Open Access > **SG_OpenFolders** -- Privileged Accounts - - - Local Administrators - - - **SG_LocalAdmins** - - **SG_MicrosoftLAPS** - - - Logon Rights - - - **SG_AccountPrivileges** - - **SG_LocalPolicies** - - - Service Accounts > **SG_ServiceAccounts** - -- Security Utilities > **SG_PowerShellCommands** - -Targeted Hosts - -None - -Schedule Frequency - -This job can be scheduled to run as desired. - -Workflow - -**Step 1 –** Run one or more of the jobs needed to generate data for this report. - -**Step 2 –** Schedule the SG_SecurityAssessment job to run as desired. - -**Step 3 –** Review the report generated by the job. - -## Analysis Tasks for the SG_SecurityAssessment Job - -Navigate to the **Windows** > **SG_SecurityAssessment** > **Configure** node and select **Analysis** -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SG_SecurityAssessment Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/securityassessmentanalysis.webp) - -The default analysis task is: - -- Summarize Audit Findings – Creates the SG_SecurityAssessment_Results table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the SG_SecurityAssessment job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ------------------------------------------------------------------------------ | --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Systems Security Assessment | This report summarizes security related results from the Windows solution set. | GDPR, SOX, PCI, HIPAA | This report is comprised of four elements: - Pie Chart – Displays a findings by severity - Table – Provides scope of audit details - Table – Displays details on security assessment results - Table – Provides details on findings by category | diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations.md new file mode 100644 index 0000000000..80ae6461fa --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations.md @@ -0,0 +1,46 @@ +# Active Directory Action Operations + +Use Operations page to select one or more operations for the action to perform on the targeted +Active Directory objects. Some operations have wizard pages to specify the configuration settings. + +![Active Directory Action Module Wizard Operations page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) + +The Operations drop-down menu contains the following operations: + +- [Clear/Set SID History ](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/sidhistory.md) +- [Computer Details](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/computerdetails.md) +- [Disable/Enable Computers](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenablecomputers.md) +- [Create Groups](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/creategroups.md) +- [Create Users](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/createusers.md) +- [Delete Objects](#delete-objects) +- [Disable/Enable Users](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenableusers.md) +- [Group Details](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupdetails.md) +- [Group Membership](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupmembership.md) +- [Groups Remove All Members ](#groups-remove-all-members) +- [Move Objects](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/moveobjects.md) +- [Set/Reset Users Password ](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/setresetpassword.md) +- [Unlock Users ](#unlock-users) +- [Users Details ](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/usersdetails.md) + +Select an operation from the drop-down list and then click **Add**. The selection appears in the +Selections pane as well as the navigation pane if there is an associated configuration page. If +performing multiple operations, the action executes the operations in the order in which they appear +here. To change the order, select an operation and use the **Down** and **Up** buttons. + +## Delete Objects + +**CAUTION:** Once deleted, objects from Active Directory cannot be restored. + +Select this operation to delete objects from Active Directory, such as users, groups, or computers. +The source table determines which objects are deleted from the Active Directory. Therefore, this +operation does not possess its own wizard window. + +## Groups Remove All Members + +Select this operation to remove all members from groups located in the source table. There is not a +wizard window associated with this operation. No configuration is required. + +## Unlock Users + +Select this operation to unlock the account of the specified users in the source table. There is not +a wizard window associated with this operation. No configuration is required. diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/computerdetails.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/computerdetails.md new file mode 100644 index 0000000000..419130ec3e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/computerdetails.md @@ -0,0 +1,56 @@ +# Computer Details + +Use the Computers Details page to select computer attributes to change. + +![Active Directory Action Module Wizard Computer Details page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/computerdetails.webp) + +Highlight the attribute to edit: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then click + the blue arrow to insert the item into the Value box. The executed action replaces the AD Object + property with the specified value from the source table. +- Add Attribute – Adds a custom attribute to the Computer Details attribute list +- Remove Attribute – Removes a selected attribute Computer Details attribute list +- Edit Attribute – Click this icon to change the name of the selected custom attribute +- Import Attribute – Opens the Import Custom Attributes Import Wizard where one or more custom + attributes can be imported. See the + [Custom Attribute Import Wizard](#custom-attribute-import-wizard) topic for additional + information. +- Value – This field contains selections from the Insert field. If the Manager attribute is + selected, click the ellipsis (…) to access the Select User, Contact, or Group window to populate + this field. +- Select the checkboxes next to the computer attributes to enable them for editing when running the + action. + +## Custom Attribute Import Wizard + +The Custom Attributes Import Wizard is used to import a list of custom attributes. Follow the steps +to use the Custom Attributes Import Wizard. + +**Step 1 –** On the Computer Details page of the Active Directory Action Module Wizard, click +**Import**. The Custom Attribute Import Wizard opens. + +![Custom Attributes Import Wizard Credentials page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/credentials.webp) + +**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting +one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in +which the Enterprise Auditor Console server resides. Then set the credentials for reading the +attributes list from the domain: + +- Authenticate as the logged in user – Applies the user account running Enterprise Auditor +- Use the following credentials to authenticate – Applies the account supplied in the **User Name** + and **Password** fields. + +**Step 3 –** Click **Next**. + +![Custom Attributes Import Wizard Attributes page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/attributescomputer.webp) + +**Step 4 –** The wizard populates available attributes from the domain specified on the Attributes +page. Expand the desired object class and select the checkboxes for the custom attributes to be +imported. Then click **Next**. + +![Custom Attributes Import Wizard Completion page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/completionpage.webp) + +**Step 5 –** On the Completion page, click **Finish**. + +The selected attributes have been added to the attribute list on the Computer Details page. diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/creategroups.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/creategroups.md new file mode 100644 index 0000000000..9e31a47fe0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/creategroups.md @@ -0,0 +1,30 @@ +# Create Groups + +Use the Create Groups page to configure the action to create groups on the selected target. + +![Active Directory Action Module Wizard Create Groups page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/creategroups.webp) + +Use the following options to configure the action: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the OU, Group name, or Group name (pre Windows 2000) + boxes. +- OU – The organizational unit that contains the group + + - Create target OU location if it does not already exist – Select this checkbox to create the + target OU + +- Group Name – The name of the group that being created. This field is required. +- Group name (pre Windows 2000) – The name of the group being created +- Group scope – The scope of the group being created. Select from the following: + + - Universal + - Global + - DomainLocal + - SqlField – Enter a value from the drop-down list + +- Group type – The type of group being created. Select from the following: + + - Security + - Distribution + - SqlField – Enter a value from the drop-down list diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/createusers.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/createusers.md new file mode 100644 index 0000000000..c1353cdb61 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/createusers.md @@ -0,0 +1,30 @@ +# Create Users + +Use the Create Users page to create users on the selected target. + +![Active Directory Action Module Wizard Create Users page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/createusers.webp) + +Use the following options to configure the action: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the selected box. +- OU – The organizational unit in which to create the user + + - Create target OU location if it does not already exist - Select this checkbox to create the + target OU. + +- First Name – The first name of the user being created +- Initials – The initials of the user being created +- Last Name – The last name of the user being created +- Full Name – The full name of the user being created. This field is required. +- User logon name – The user logon name and domain for the user being created +- User logon name (pre Windows 2000) – The domain and user logon name for the user being created +- Password – The password for the user being created. This field is required. + +Optionally, select from the following checkboxes: + +- User must change password at next logon – Require the user to change the password at the next + logon +- User cannot change password +- Password never expires +- Account is disabled diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenablecomputers.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenablecomputers.md new file mode 100644 index 0000000000..4159f126d3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenablecomputers.md @@ -0,0 +1,11 @@ +# Disable/Enable Computers + +Use the (Disable/Enable Computers page to configure the action to enable or disable users' operation +options on target computers. + +![Active Directory Action Module Wizard Disable/Enable Computers page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenablecomputers.webp) + +Select the radio button for the desired option: + +- Enable – Enables users' operation options +- Disable – Disables users' operation options diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenableusers.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenableusers.md new file mode 100644 index 0000000000..c03d7fb9fa --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenableusers.md @@ -0,0 +1,10 @@ +# Disable/Enable Users + +Use the Disable/Enable Users page to enable or disable target users. + +![Active Directory Action Module Wizard Disable/Enable Users page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenableusers.webp) + +Select the radio button for the desired option: + +- Disable – Select this radio button to disable users' operation options +- Enable – Select this radio button to enable users' operation options diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupdetails.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupdetails.md new file mode 100644 index 0000000000..0c17d94c30 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupdetails.md @@ -0,0 +1,59 @@ +# Group Details + +Use Groups Details page to edit selected group attributes. + +![Active Directory Action Module Wizard Group Details page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupdetails.webp) + +Highlight the attribute to edit. Add or delete attributes using the buttons to the right of Insert +field. + +**NOTE:** The options at the bottom of the page vary based on the highlighted attribute. + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the Value box. +- Add Attribute – Adds a custom attribute to the Computer Details attribute list +- Remove Attribute – Removes a selected attribute from the action +- Edit Attribute – Click this icon to change the name of the selected custom attribute +- Import Attribute – Opens the Import Custom Attributes Import Wizard where current attributes for + an object is viewed and can be imported for editing. See the + [Custom Attribute Import Wizard](#custom-attribute-import-wizard) topic for additional + information. +- Value/Name – This field derives its name from selections made on the page. It can contain + selections from the Insert field or you can click the ellipsis (…) to access the Select User, + Contact, or Group window, via which you can populate this field. + +Select the checkboxes next to the group details attributes to enable them for editing when running +the action. + +## Custom Attribute Import Wizard + +The Custom Attributes Import Wizard is used to import a list of custom attributes. Follow the steps +to use the Custom Attributes Import Wizard. + +**Step 1 –** On the Group Details page of the Active Directory Action Module Wizard, click +**Import**. The Custom Attribute Import Wizard opens. + +![Custom Attributes Import Wizard Credentials page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/credentials.webp) + +**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting +one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in +which the Enterprise Auditor Console server resides. Then set the credentials for reading the +attributes list from the domain: + +- Authenticate as the logged in user – Applies the user account running Enterprise Auditor +- Use the following credentials to authenticate – Applies the account supplied in the **User Name** + and **Password** fields. + +**Step 3 –** Click **Next**. + +![Custom Attributes Import Wizard Attributes page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/attributesgroup.webp) + +**Step 4 –** The wizard populates available attributes from the domain specified on the Attributes +page. Expand the desired object class and select the checkboxes for the custom attributes to be +imported. Then click **Next**. + +![Custom Attributes Import Wizard Completion page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/completionpage.webp) + +**Step 5 –** On the Completion page, click **Finish**. On the Completion page, click **Finish**. + +The selected attributes have been added to the attribute list on the Group Details page. diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupmembership.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupmembership.md new file mode 100644 index 0000000000..4fd5e4d5a9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupmembership.md @@ -0,0 +1,33 @@ +# Group Membership + +Use the Groups Membership page to add or remove group members. Values from the source table can also +be used to specify if the object will be added or removed. + +![Active Directory Action Module Wizard Group Membership page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupmembership.webp) + +Use the following options to configure the action: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the selected box. +- Select one of the following: + + - Target Group by OU + - Target Group by NT Style Name + +- OU – The organizational unit that contains the group. This field is required. + + - Create target OU location if it does not already exist – Select this checkbox to create the + target OU. + +- Group (CN, not a pre-Windows 2000 name) – The group to create. This field is required. + + - Create target Group if it does not already exist + +- Select one of the following: + + - Add members + - Remove members + - Add/Remove members – Enables the ChangeType Column drop down list + +- ChangeType Column – The value to use from the source table to specify if the object is added or + removed. The contents of the ChangeType column should be a 0 for Add or a 1 for Remove. diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/moveobjects.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/moveobjects.md new file mode 100644 index 0000000000..2edb0cc943 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/moveobjects.md @@ -0,0 +1,14 @@ +# Move Objects + +Use the Move Objects page to specify the OU in which to move objects. + +![Active Directory Action Module Wizard Move Objects page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/moveobject.webp) + +Use the following options to configure the action: + +- Insert Field – Contains available values from populated from the source table +- OU – Use the drop-down list to select a field (column) from the source table. Then, click the blue + arrow to insert the item into the OU box. + + - Create target OU location if it does not already exist – Select this checkbox to create the + target OU diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/setresetpassword.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/setresetpassword.md new file mode 100644 index 0000000000..c200e69166 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/setresetpassword.md @@ -0,0 +1,14 @@ +# Set/Reset Users Password + +Use the Set/Reset Users Password page to set or reset user passwords with the specified value. + +![Active Directory Action Module Wizard Set/Reset Users Password page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/setresetpassword.webp) + +Use the following options to configure the action: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the Password box. +- Password – The field with the passwords to set or reset. This field is required. + + - User must change password at next logon – Select this checkbox to require the user to change + the password at the next logon diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/sidhistory.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/sidhistory.md new file mode 100644 index 0000000000..6b4202b91f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/sidhistory.md @@ -0,0 +1,29 @@ +# Clear/Set SID History + +Use the Clear/Set SID History page to overwrite or append to the SID history for targeted objects. +Please review the restrictions for this operation in the Notes box. + +The source table used for this operation must contain a column with the following information: + +- SID History data + +![Active Directory Action Module Wizard Clear/Set SID History page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/sidhistory.webp) + +Configure the action with the following options: + +- Overwrite – Overwrites the SID History +- Append – Adds to the SID History +- Clear – Clears the SID History +- Insert Field – This drop-down list is enabled when the Overwrite or Append radio buttons are + selected. Use the drop-down list to select a field (column) from the source table. Then, click the + blue arrow to insert the item into the SID History box. The SID history is overwritten with the + selected fields or appended to with the selected fields depending on the selected radio button. +- SID History – This box is enabled by selecting the Overwrite or Append radio buttons. The SID + history is overwritten or appended to with the inserted fields, depending on the selected radio + button. Populate the SID History box using either of the following methods: + + - Select one or more fields at the Insert Field drop-down menu + - Click the **ellipsis (…)** to access the Select Users or Groups window to populate this field + +- Reference link – Accesses a Microsoft web page called Using DsAddSidHistory containing important + information on SID history diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/usersdetails.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/usersdetails.md new file mode 100644 index 0000000000..c0efca6b56 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/operations/usersdetails.md @@ -0,0 +1,11 @@ +# Users Details + +Use the Users Details page to edit user attributes. + +![Active Directory Action Module Wizard Users Details page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/usersdetails.webp) + +Highlight the attribute to edit. The highlighted user attribute in the Selections pane determines +the configuration options available at the bottom of the page. + +Select the checkboxes next to the user details attributes to enable them for editing when running +the action. diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/options.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/options.md new file mode 100644 index 0000000000..03bc6e944e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/options.md @@ -0,0 +1,14 @@ +# Active Directory Action Options + +The Options page provides the option to select to use the default domain or specific a domain to +use. + +![Active Directory Action Module Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +Use the following options to configure the action: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the **Specify domain (controller) to use** box. +- Use default domain (controller) – Use the default domain controller for the action +- Specify domain (controller) to use – Click the ellipsis to open the Browse for Domain window and + select a domain for the action diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/overview.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/overview.md new file mode 100644 index 0000000000..1c268ba3ce --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/overview.md @@ -0,0 +1,62 @@ +# Active Directory Action Module + +Use the Active Directory Action Module to make bulk changes to objects in Microsoft Active Directory +(AD) such as deleting users or changing group memberships. It is available with a special Enterprise +Auditor license. + +**CAUTION:** Be careful when using this action module. Make sure that only the changes required are +applied and only to those target systems desired. Actions perform their functions on all rows in a +table. + +Enterprise Auditor action modules contain one or more selectable operations. Each operation performs +its function on a single object per row from the source table defined in the action. + +## Source Table Configuration + +Individual action modules, including the Active Directory Action Module, may have their own +requirements for the type of data contained in the columns in the source table. To take action on an +Active Directory object, group, user, or computer, the source table columns must contain values that +uniquely identify each Active Directory object referenced. Active Directory objects correspond to +rows in a Enterprise Auditor source table. Active Directory object attributes correspond to columns. +Once the source table has been scoped, use the Target page to specify the field that identifies the +target objects along with the field type to indicate the type of data contained in the field. + +The Operations page lists the operations that may be performed by the Active Directory Action +Module. Each operation may have its own source table column requirements as follows: + +| Operation | Requirements | +| ----------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Clear/Set SID History | Column containing SID History information | +| Computer Details | No specific columns required | +| Disable/Enable Computers | No specific columns required | +| Create Groups | No specific columns required | +| Create Users | Column containing the user logon name **_RECOMMENDED:_** It is recommended that the source table has columns containing the following information: - First Name - Last name - Initials - Full name - Password - OU in which to create the user (This can also be created on the Create Users page) | +| Delete Objects (Users, Groups, Computers, etc.) | No specific columns required | +| Disable/Enable Users | No specific columns required | +| Group Details | No specific columns required | +| Group Membership | Column containing the target group OU or the target group NT style name | +| Groups Remove All Members | No specific columns required | +| Move Objects | Column containing an OU (Alternatively, type in the OU or click the ellipsis (…) to select an OU) | +| Set/Reset Users Password | No specific columns required | +| Unlock Users | No specific columns required | +| User Details | No specific columns required | + +## Configuration + +The Active Directory Action module is configured through the Active Directory Action Module Wizard, +which contains the following wizard pages: + +- Welcome +- [Active Directory Action Target](/docs/accessanalyzer/11.6/admin/action/activedirectory/target.md) +- [Active Directory Action Operations](/docs/accessanalyzer/11.6/admin/action/activedirectory/operations.md) +- [Active Directory Action Options](/docs/accessanalyzer/11.6/admin/action/activedirectory/options.md) +- [Active Directory Action Summary](/docs/accessanalyzer/11.6/admin/action/activedirectory/summary.md) + +The Welcome page displays first in the Active Directory Action Module Wizard. Review the +introductory and caution information about the Active Directory Action Module. + +![Active Directory Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The navigation pane contains links to the pages in the wizard. Note that the operations added on the +Operations page will affect the list of pages in the navigation pane. Several operations have +associated configuration pages. diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/summary.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/summary.md new file mode 100644 index 0000000000..7c8f0dddd1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/summary.md @@ -0,0 +1,9 @@ +# Active Directory Action Summary + +The Summary page displays a summary of the configured settings for the action. + +![Active Directory Action Module Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Action Module Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/action/activedirectory/target.md b/docs/accessanalyzer/11.6/admin/action/activedirectory/target.md new file mode 100644 index 0000000000..d7f0b6501c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/activedirectory/target.md @@ -0,0 +1,31 @@ +# Active Directory Action Target + +Use the Target (Identification Criteria) page to select one or more fields (columns) in the +Enterprise Auditor source table that uniquely identifies the target Active Directory objects upon +which to perform the action. This process enables Enterprise Auditor to locate those objects within +Active Directory. Added fields are displayed in the textbox. + +![Active Directory Action Module Wizard Target page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/target.webp) + +Use the following options to configure the action: + +- Add – Adds the selected field and field type to the Selections pane +- Delete – Removes the highlighted operation from the Selection pane +- Field – The name of the column in the Enterprise Auditor source table. Select the field that + uniquely identifies the target AD objects (represented by rows in the Enterprise Auditor table). + The drop-down list displays the fields from the source data table specified on the Action + Properties page. The list excludes any default fields such as HOSTSTATUS, on which actions cannot + be performed. +- Field Type – The type of data contained in the specified field. Enterprise Auditor must know the + data type of the field selected above. Otherwise, errors may appear upon execution of the action + and report results may be incomplete. The drop-down list contains the following field types: + + - Distinguished Name or DN + - GUID + - SID + - WindowsID + - E-Mail + - Employee (employeeID) + +**NOTE:** While one field is usually sufficient to identify AD objects, if specifying multiple +fields, each field type can only be used once. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/action.md b/docs/accessanalyzer/11.6/admin/action/filesystem/action.md new file mode 100644 index 0000000000..75509223a1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/action.md @@ -0,0 +1,18 @@ +# File System Action: Action + +On the Action page, select the type of action to be configured, define a new action, and additional +capabilities. + +![File System Action Module Wizard Action page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/action.webp) + +The following options are available: + +- Define a new action – Enables the Operation page where operations are selected on which the action + is based +- Rollback a previously executed action – Enables the Prior Actions page where lists of previously + executed actions and rollback actions can be selected. Not all operations support rollback. Enable + the Support Rollback option prior to execution for the action in order to perform a rollback. +- Remove the applet service from a host – If an executed action installs an applet service on a host + from a Enterprise Auditor Console, it remains installed after the action is completed for other + Enterprise Auditor consoles to perform actions using the same applet service. This setting removes + the action’s applet service from that host. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/appletsettings.md b/docs/accessanalyzer/11.6/admin/action/filesystem/appletsettings.md new file mode 100644 index 0000000000..bf65ae0358 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/appletsettings.md @@ -0,0 +1,30 @@ +# File System Action: Applet Settings + +Use the Applet Settings page to specify the machines on which to execute the selected operation. + +![File System Action Module Wizard Applet Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.webp) + +Specify how the operations will be executed: + +- Automatic – Get host data from the Host Management +- Local Enterprise Auditor server +- Specific remote server: + + - Fields – Use the drop-down list to select a field (column) from the source table, then click + the blue arrow to insert the item into the **Remote server** field + - Environment Variables – Select an item from the drop-down list, then click the blue arrow to + insert the item into the **Remote Server** field + - Remote Server – Enter the path to the server + - Click the **ellipsis (…)** to browse for server + - Click the **tick** icon to show a preview of the path + - Click the **Help** icon for additional information + +- Preview – Shows what the compound path specified will be resolved in to. The text here is used to + initialize the path specification selection dialog. +- Specific remote servers – Click the **ellipsis (…)** to browse for servers + + - Click **Add** to add the server + - Click **Remove** to remove the server + +- Fall back to the local Enterprise Auditor server if an applet cannot start – Check to enable this + option diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/destination.md b/docs/accessanalyzer/11.6/admin/action/filesystem/destination.md new file mode 100644 index 0000000000..540f47fbc6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/destination.md @@ -0,0 +1,35 @@ +# File System Action: Destination + +The Destination page is available only if the following operations are selected: + +- Copy +- Move +- Rename + +Define the destination location of the files that will be copied, moved, or renamed by building the +destination path using the Fields and Environment Variables options as needed. + +![File System Action Module Wizard Destination page](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/destination.webp) + +Use the fields provided to select destination items and hosts from the drop-down lists and populate +the Destination field, or edit the field manually. The Preview field updates based on the contents +of the Destination field. + +- Fields – Use the drop-down list to select a field (column) from the source table, then click the + blue arrow to insert the item into the **Destination** field +- Environment Variables – Select an item from the drop-down list, then click the blue arrow to + insert the item into the **Destination** field +- Target Items – Enter the path to the target file or folder + + - Click the **ellipsis (…)** to browse for pattern path specification + - Click the **tick** icon to show a preview of the specified path + - Click the **Help** icon for additional information + +- Host – Select the field that identifies the systems or manually type the host destination +- Use path type – Choose from the following options: + + - Local – Uses the local path + - UNC – Uses the UNC path + +- Preview – Shows what the compound path specified will be resolved in to. The text here is used to + initialize the file specification selection dialog. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/environment.md b/docs/accessanalyzer/11.6/admin/action/filesystem/environment.md new file mode 100644 index 0000000000..57f4c9669d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/environment.md @@ -0,0 +1,16 @@ +# File System Action: Environment + +The Environment (Environment Variables) page is available only if the selected operation requires +the selection of a sample host. + +Use this page to select and connect to a sample host, via which a set of remote environment +variables for use in scoping the action are loaded. Then, on the Target page, use the environment +variables to build dynamic file path locations for the selected operation. + +**NOTE:** The environment variables from the local system load by default. + +![File System Action Module Wizard Environment page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/environment.webp) + +The connection status displays next to the Host field. To browse for another host, click the +ellipsis (**…**) to open the Browse for Computer window. Once a host name appears in the field, +click the check mark button to attempt to connect to the selected host. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/operation.md b/docs/accessanalyzer/11.6/admin/action/filesystem/operation.md new file mode 100644 index 0000000000..acb91718cd --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/operation.md @@ -0,0 +1,25 @@ +# File System Action: Operation + +The Operation page is available when **Define a new action** is selected on the Action page. On the +Operation page, define the action by selecting an operation from the drop-down list. + +![File System Action Module Wizard Operation page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/operation.webp) + +At the Available Operations drop-down selection list, choose the operation for the action to +perform. The selection determines which pages are available in the wizard. The following operations +are available: + +- Change attributes +- Change permissions and Auditing +- Change permission inheritance +- Change Share permissions +- Copy +- Delete +- Launch Remote Process +- Move +- Remove permissions +- Remove Share permissions +- Rename +- Add tags +- Remove tags +- Change Owner diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/options.md b/docs/accessanalyzer/11.6/admin/action/filesystem/options.md new file mode 100644 index 0000000000..a4e76eb790 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/options.md @@ -0,0 +1,54 @@ +# File System Action: Options + +The Options page provides access to additional options for the action. Based on the selection on the +Operation page and other choices made within the wizard, not all options on this page may be +available. + +![File System Action Module Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +Select from the following additional operations: + +- Delete locked files on reboot – Files that are locked can be queued to be deleted at the next + system start up +- Overwrite existing files – Files in the destination location are overwritten. This action cannot + be undone. +- Terminate associated process – Files that are locked cannot be actively moved, renamed or deleted + without stopping the associated process. If selected, this may cause an interruption to any users + of that target system and service. +- Create shortcuts to the moved files in the source directory – A shortcut will be created in the + source directory that points to the new location of a moved file +- Preserve file access – Copy the file ACL from the source directory to the destination to preserve + file access. Child objects, with inherited permissions or broken inheritance, targeted by copy or + move actions retain their permissions. Parent folders with inherited permissions are changed to + explicit. +- Enable SACL modification – Request system security access when opening files in order to make SACL + changes +- Retry failed rows – Enter the following information: + + - Number of times to retry + - Do not retry error codes – Rows of data with error codes listed within this textbox are + excluded from the action performed. Common errors are included for certain actions, and may be + customized to add or remove error codes. See the Microsoft + [System Error Codes](https://docs.microsoft.com/en-us/windows/desktop/Debug/system-error-codes) + article for additional information. + - Delay between retries + +- Enable batching – (For big data sets) Enabling batching breaks the data set into batches so the + action does not attempt to execute all lines at once. Actions performed on tables with a large + number of input rows may fail due to network failure, and it is difficult to determine the actions + that were executed before the failure. + + - Batch size – Specify the batch size. + +Start Process + +Select the desired start process. + +**CAUTION:** Due to system security limitations, some applications and programs cannot be restarted +or run remotely using this option. Additionally, starting interactive processes (such as Word, +Excel, and so on) will load them into memory, but may not make them available for interaction by the +end user. + +Use the fields provided to select target items and hosts from the drop-down lists and populate the +Set working directory field, or edit the field manually. The Preview field updates based on the +contents of the Set working directory field. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/overview.md b/docs/accessanalyzer/11.6/admin/action/filesystem/overview.md new file mode 100644 index 0000000000..d00d776043 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/overview.md @@ -0,0 +1,113 @@ +# File System Action Module + +The File System Action Module allows Enterprise Auditor Administrators to automate the process of +remediating and modifying Windows file system attributes and properties. The File System Action +Module provides options for changing attributes and permissions, as well as copying, deleting, +moving, and renaming file system contents. It is available with a special Enterprise Auditor +license. + +**CAUTION:** Be careful when using this Action Module. Make sure that only the changes required are +applied and only to those target systems desired. Actions perform their functions on all rows in a +table. + +Enterprise Auditor action modules contain one or more selectable operations. Each operation performs +its function on a single object per row from the source table defined in the action. + +## Permissions + +The File System Action Module requires a Enterprise Auditor connection profile and privileged access +to file system devices. The Enterprise Auditor connection profile may be configured to have a Task +account type. The following are the least privileged access model required for Share Permission +Changes: + +- Windows – User credential must be member of Power Users group +- NetApp Data ONTAP 7-Mode Device – User credential must be member of Power Users group +- NetApp Data ONTAP Cluster-Mode Device – User credential must have role on SVM that has permission + to modify share permissions + + **NOTE:** Enter the following syntax to create role: + + ``` + ‑security login role create ‑role [DESIRED_ROLE_NAME] ‑cmddirname “vserver cifs share access-control” ‑vserver [VSERVER_NAME] ‑access all + ``` + + Replace the `[DESIRED_ROLE_NAME]` and `[VSERVER_NAME]` variables with the required information. + For example: + + ``` + ‑security login role create ‑role netwrix ‑cmddirname “vserver cifs share access-control” ‑vserver testserver ‑access all + ``` + +## Applet Deployment + +The File System Action Module deploys an applet the first time an action is executed. Applets are +installed within the Enterprise Auditor Installation Directory if the `%SAInstallDir%` environment +is present. Otherwise, applets are deployed to `C:\Program Files (x86)\STEALTHbits\StealthAUDIT`. + +## Source Table Configuration + +Individual action modules, including File System Action Module, may have their own column +requirements. To take action on a file system resource, the source table must contain a column with +values to uniquely identify it. File System resources correspond to rows in a Enterprise Auditor +table. File System attributes correspond to columns. Once the source table has been scoped, use the +Target page to specify the field that identifies the target attribute along with any environmental +variables. + +These columns are required to use the File System Action Module. Otherwise, errors may occur upon +execution of the action and with analysis and reports downstream. + +| Required Columns | Description | +| ---------------- | ---------------------------------------------------------------------------------------------------------------------------- | +| rowGUID | Identifies each data row as unique. The datatype in the table is uniqueidentifier (GUID). | +| RowKey | Identifies each data row as unique. Sometimes the value is a GUID, but the datatype in the table is a varchar (text string). | + +_Remember,_ the individual File System actions may have their own column requirements in addition to +the above. These columns are made available through the File System Action Module wizard. + +The Operations page lists the operations that may be performed by the File System Action Module. +Each operation has its own source table column requirements as follows: + +| Operation | Column requirements | +| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | +| Change attributes | Columns containing: - Object to change attributes for - UNC path or local path (files or folders) | +| Change permissions and Auditing | Columns containing: - Object to change permissions for - UNC path or local path - (Optional) Permission values to change (files or folders) | +| Change permission inheritance | Columns containing: - Object to change permission inheritance for - UNC path or local path (files or folders) | +| Change Share permissions | Columns containing: - Share to change permissions for - UNC path or local path (shares) | +| Copy | Columns containing: - Object to copy - Location to copy the object to - UNC path or local path | +| Delete | Columns containing: - Object to delete - UNC Path or local path | +| Launch Remote Process | No specific columns required | +| Move | Columns containing: - Object to move - Location to move the object to - UNC path or local path | +| Remove permissions | Columns containing: - Object to remove permissions for - UNC path or local path (files or folders) | +| Remove Share permissions | Columns containing: - Object to remove Share permissions for - UNC path or local path (shares) | +| Rename | Columns containing: - Object to rename - New name of the object - UNC path or local path | +| Add tags | Columns containing: - Object to add tags to - UNC path or local path (files) | +| Remove tags | Columns containing: - Object to remove tags from - UNC path or local path (files) | +| Change Owner | Columns containing: - Object to change ownership for - UNC path or local path (folders) | + +## Configuration + +The File System Action module is configured through the File System Action Module Wizard, which +contains the following wizard pages: + +**NOTE:** Depending on the selections on the various pages, not all pages may be accessible. + +- Welcome +- [File System Action: Action](/docs/accessanalyzer/11.6/admin/action/filesystem/action.md) +- [File System Action: Operation](/docs/accessanalyzer/11.6/admin/action/filesystem/operation.md) +- [File System Action: Prior Actions](/docs/accessanalyzer/11.6/admin/action/filesystem/prioractions.md) +- [File System Action: Environment](/docs/accessanalyzer/11.6/admin/action/filesystem/environment.md) +- [File System Action: Target](/docs/accessanalyzer/11.6/admin/action/filesystem/target.md) +- [File System Action: Parameters](/docs/accessanalyzer/11.6/admin/action/filesystem/parameters.md) +- [File System Action: Destination](/docs/accessanalyzer/11.6/admin/action/filesystem/destination.md) +- [File System Action: Rollback](/docs/accessanalyzer/11.6/admin/action/filesystem/rollback.md) +- [File System Action: Options](/docs/accessanalyzer/11.6/admin/action/filesystem/options.md) +- [File System Action: Applet Settings](/docs/accessanalyzer/11.6/admin/action/filesystem/appletsettings.md) +- [File System Action: Summary](/docs/accessanalyzer/11.6/admin/action/filesystem/summary.md) + +The Welcome page displays first and gives an overview of the action module. The navigation pane +contains links to the pages in the wizard, which may change based on the Action selected on the +Action page. + +![File System Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/parameters.md b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters.md new file mode 100644 index 0000000000..0025d8546b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters.md @@ -0,0 +1,20 @@ +# File System Action: Parameters + +The Parameters page is available for some of the selections on the Operation page. The list of +operations below provides access to the operation-specific versions of the Parameters page for this +wizard. Click on an operation to view its associated Parameters page. + +- [Change Attributes](/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeattributes.md) +- [Change Permissions and Auditing](/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissionsauditing.md) +- [Change Permission Inheritance](/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissioninheritance.md) +- [Change Share Permissions](/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changesharepermissions.md) +- [Remove File Permissions](/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removefilepermissions.md) +- [Remove Share Permissions](/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removesharepermissions.md) +- [Add Tags](/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addtags.md) +- [Remove Tags](/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removetags.md) +- [Change Owner](/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeowner.md) + +![File System Action Module Wizard Change File Attributes Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/changeattributes.webp) + +The Navigation pane will list this as the Parameters page, but the title for each version indicates +the type of parameter to be configured. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addtags.md b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addtags.md new file mode 100644 index 0000000000..eb229beb8e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addtags.md @@ -0,0 +1,39 @@ +# Add Tags + +Use the Parameters page to specify the file tags the action adds. + +![File System Action Module Wizard Add Tags Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addtags.webp) + +Use the fields provided to select tags from the drop-down lists and populate the Tag field, or edit +the field manually. The Preview field updates based on the contents of the Tag field. + +- Add Mode: + + - Append to existing tags - Adds new tags to the existing list of tags + - Overwrite existing tags - Removes all existing tags before adding newly configured tags + +**NOTE:** If choosing the option to overwrite tags, the action module will clear out both normal +tags and Boldon James tags and then proceed to apply the tags configured for overwrite. If choosing +the option to remove all tags, the action module will clear out both normal tags and Boldon James +tags. + +- Fields – Use the drop-down list to select a field (column) from the source table, then click the + blue arrow to insert the item into the **Tag** field +- Environment Variables – Select an item from the drop-down list, then click the blue arrow to + insert the item into the **Tag** field +- Preview – Shows what the compound path specified will be resolved in to +- Click **Add** to add the tag field to the list +- Click **Remove** to remove the tag field from the list + +![Boldon James Column on Add Tags Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addremovetagsboldonjames.webp) + +- Type - Select which type of tag to add. The two types of tags that can be added are: + + - Regular - Configure new tag as a regular tag + - Boldon James - Configure new tag as a Boldon James tag + + **NOTE:** The Boldon James column indicates whether a file tag is a regular tag or a Boldon + James tag. Regular tags will be identified with **0**. Boldon James tags will be identified + with **1**. + +A list of supported file types appears at the bottom of the page. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeattributes.md b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeattributes.md new file mode 100644 index 0000000000..f012d8b23c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeattributes.md @@ -0,0 +1,21 @@ +# Change Attributes + +Use the Change File Attributes Parameters page to change the attribute for one or more of the target +systems or data. + +![File System Action Module Wizard Change File Attributes Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/changeattributes.webp) + +Select from the following options: + +- Read-only – Set the file / folder to read only +- Archive – Archive the file / folder +- System – Stop / start a system process +- Hidden – Set the file / folder to hidden +- Compress – Compress the file / folder +- Encrypt – Encrypt the file / folder + +Attribute change options are: + +- Set – Applies the attribute +- Clear – Removes the attribute +- Leave intact – Leaves the attribute unchanged diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeowner.md b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeowner.md new file mode 100644 index 0000000000..13dcb68cb3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeowner.md @@ -0,0 +1,12 @@ +# Change Owner + +Use the Change Owner Parameters page to select a trustee to be the new owner. + +![File System Action Module Wizard Change Owner Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeowner.webp) + +Use the options to enter the trustees: + +- Insert field – Use the drop-down list to select a field (column) from the source table, then click + the blue arrow +- Alternatively click **Select** to select a user or group object +- Replace owner on all child objects – Check to enable diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissioninheritance.md b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissioninheritance.md new file mode 100644 index 0000000000..8673d7e868 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissioninheritance.md @@ -0,0 +1,8 @@ +# Change Permission Inheritance + +Use the Change Permission Inheritance Parameters page to specify how to change inherited +permissions. + +![File System Action Module Wizard Change Permissions Inheritance Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissionsinheritance.webp) + +Select the desired options for adding or removing inheritance. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissionsauditing.md b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissionsauditing.md new file mode 100644 index 0000000000..24937d7013 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissionsauditing.md @@ -0,0 +1,30 @@ +# Change Permissions and Auditing + +Use the Change Permissions and Auditing Parameters page to specify the permissions and auditing +settings the action changes. + +![File System Action Module Wizard Change Permissions and Auditing Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissionsauditing.webp) + +Use the following options to enter the Permissions: + +- Insert field – Use the drop-down list to select a field (column) from the source table, then click + the blue arrow +- Group or user names: + + - Click **Add** to select a user or group object + - Click **Remove** to remove a user or group object + - Dynamic – Uses the host id to retrieve the applicable permissions + +In the table, select from the following options: + +- Permission – Permissions for the selected user or group object +- Action – Modify the attribute for the selected permission +- Action Apply To – Select the files or folders to apply the action to. +- Audit – Report the status of the change to the attribute +- Audit Apply To - Select the files or folders to report the status on + +Select from the following options (Multiple options can be selected): + +- Overwrite existing file explicit permissions (target object only) +- Replace permission entries on all child objects +- Apply these permissions to objects within the target container only diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changesharepermissions.md b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changesharepermissions.md new file mode 100644 index 0000000000..72a81c3830 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changesharepermissions.md @@ -0,0 +1,8 @@ +# Change Share Permissions + +Use the Change Share Permissions Parameters page to specify the permission status for what group or +users are to be changed. + +![File System Action Module Wizard Change Share Permissions Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changesharepermissions.webp) + +Select the desired options for changing the permissions control of the selected group or users. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removefilepermissions.md b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removefilepermissions.md new file mode 100644 index 0000000000..eee67bfd11 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removefilepermissions.md @@ -0,0 +1,20 @@ +# Remove File Permissions + +Use the Remove File Permissions Parameters page to specify whose file permissions the action +removes. + +![File System Action Module Wizard Remove File Permissions Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removefilepermissions.webp) + +Use the options to enter the Permissions: + +- Insert field – Use the drop-down list to select a field (column) from the source table, then click + the blue arrow +- Group or user names: +- Click **Add** to select a user or group object +- Click **Remove** to remove a user or group object + +Specify how to change inherited permissions Select from the following options: + +- Copy others – Make them explicit +- Remove others – Remove all +- Leave all intact – Delete explicit permissions only diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removesharepermissions.md b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removesharepermissions.md new file mode 100644 index 0000000000..c33af11c0e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removesharepermissions.md @@ -0,0 +1,15 @@ +# Remove Share Permissions + +Use the Remove Share Permissions Parameters page to specify whose share permissions the action +removes. + +![File System Action Module Wizard Remove Share Permissions Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removesharepermissions.webp) + +Use the options to enter the Permissions: + +- Insert field – Use the drop-down list to select a field (column) from the source table, then click + the blue arrow +- Group or user names: + + - Click **Add** to select a user or group object + - Click **Remove** to remove a user or group object diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removetags.md b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removetags.md new file mode 100644 index 0000000000..3fc2cbbb6b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removetags.md @@ -0,0 +1,39 @@ +# Remove Tags + +Use the Parameter page to specify the file tags the action removes. + +![File System Action Module Wizard Remove Tags Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removetags.webp) + +Use the fields provided to select tags from the drop-down lists and populate the Tag field, or edit +the field manually. The Preview field updates based on the contents of the Tag field. + +- Remove Mode: + + - Remove specified tags - Remove specified tags from the existing list of tags + - Remove all tags - Remove all existing tags + +**NOTE:** If choosing the option to overwrite tags, the action module will clear out both normal +tags and Boldon James tags and then proceed to apply the tags configured for overwrite. If choosing +the option to remove all tags, the action module will clear out both normal tags and Boldon James +tags. + +- Fields – Use the drop-down list to select a field (column) from the source table, then click the + blue arrow to insert the item into the **Tag** field +- Environment Variables – Select an item from the drop-down list, then click the blue arrow to + insert the item into the **Tag** field +- Preview – Shows what the compound path specified will be resolved in to +- Click **Add** to add the tag field to the list for removal +- Click **Remove** to remove the tag field from the list for removal + +![Boldon James Column on Remove Tags Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addremovetagsboldonjames.webp) + +- Type - Select which type of tag to remove. The two types of tags that can be removed are: + + - Regular - Specify a regular tag for removal + - Boldon James - Specify a Boldon James tag for removal + + **NOTE:** The Boldon James column indicates whether a file tag is a regular tag or a Boldon + James tag. Regular tags will be identified with **0**. Boldon James tags will be identified + with **1**. + +A list of supported file types appears at the bottom of the page. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/prioractions.md b/docs/accessanalyzer/11.6/admin/action/filesystem/prioractions.md new file mode 100644 index 0000000000..b0c9e0451a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/prioractions.md @@ -0,0 +1,8 @@ +# File System Action: Prior Actions + +The Prior Actions page is available when **Rollback a previously executed action** is selected on +the Action page . + +![File System Action Module Wizard Prior Actions page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/prioractions.webp) + +Any previously executed actions appear in the table. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/rollback.md b/docs/accessanalyzer/11.6/admin/action/filesystem/rollback.md new file mode 100644 index 0000000000..e1563bf6c8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/rollback.md @@ -0,0 +1,14 @@ +# File System Action: Rollback + +Use the Rollback page to apply rollback support to the action. This option provides the ability to +undo failed actions and reapply the original action settings when the action continues from where it +left off. + +**NOTE:** Not all actions support Rollback. + +![File System Action Module Wizard Rollback page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/rollback.webp) + +Use the following options: + +- Support rollback – Check to enable rollback of this action +- Add comments to be saved with this rollback – Enter a brief description to identify this rollback diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/summary.md b/docs/accessanalyzer/11.6/admin/action/filesystem/summary.md new file mode 100644 index 0000000000..4fd5e4de4a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/summary.md @@ -0,0 +1,9 @@ +# File System Action: Summary + +The Summary page displays a summary of the configured action. + +![File System Action Module Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the File System Action Module Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/action/filesystem/target.md b/docs/accessanalyzer/11.6/admin/action/filesystem/target.md new file mode 100644 index 0000000000..c359dd7fa3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/filesystem/target.md @@ -0,0 +1,32 @@ +# File System Action: Target + +Use the Target page to point the action module towards a file path on the specified host. +Environmental variables (for example, Program Files, SystemRoot, SAInstallDir, and so on) can be +used when creating a path as well as fields in the raw table output to populate the **Target items** +field. + +![File System Action Module Wizard Target page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/target.webp) + +Use the fields provided to select target items and hosts from the drop-down lists and populate the +Target items field, or edit the field manually. The Preview field updates based on the contents of +the Target items field. + +- Fields – Use the drop-down list to select a field (column) from the source table, then click the + blue arrow to insert the item into the **Target items** field +- Environment Variables – Select an item from the drop-down list, then click the blue arrow to + insert the item into the Target items field +- Target items – Enter the path to the target file or folder + + - Click the **ellipsis (…)** to browse for pattern path specification + - Click the **tick** icon to show a preview of the specified path + - Click the **Help** icon for additional information + +- Host – Select the field that identifies the systems or manually type the host to take action + against +- Use path type – Choose from the following options: + + - Local – Uses the local path + - UNC – Uses the UNC path + +- Preview – Shows what the compound path specified will be resolved in to. The text here is used to + initialize the file specification selection dialog. diff --git a/docs/accessanalyzer/11.6/admin/action/libraries.md b/docs/accessanalyzer/11.6/admin/action/libraries.md new file mode 100644 index 0000000000..9b67735b99 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/libraries.md @@ -0,0 +1,61 @@ +# Action Libraries + +When creating a new action on a job, you have the ability to load action tasks that have been +preconfigured with table input, script body, and parameters. This helps you: + +- Perform operations that are not available in one of the out of the box action modules +- Build custom action workflows to satisfy common use cases +- Build custom remediation workflows, such as: + + - PowerShell Script / Action Body + - Table references + - Parameters + +On the job's **Configure** > **Action** node, the **Add from Library** option opens the Libraries +window with the available Action Libraries and operations: + +![Libraries window](/img/product_docs/accessanalyzer/11.6/admin/action/libraries.webp) + +When a specific operation within a library is chosen, the action is added in the disabled state to +the job. The Action Properties page opens, which has a description, action module, and source table +with relevant filters applied. + +When you click the **Configure Action** link, the action module's wizard opens. + +![PowerShell Action Module Wizard](/img/product_docs/accessanalyzer/11.6/admin/action/powershellmodulewizard.webp) + +The following Action Libraries and Templates leverage the PowerShell Action module for running +actions within the specific environment: + +- Active Directory +- Azure Active Directory +- ServiceNow +- SharePoint Online +- Windows + +Prerequisite information for each of the PowerShell scripts is included as part of the script +comments. Typically, a script requires necessary cmdlets available and installed, as well as +parameter inputs configured. + +## Create a Custom Action Library + +You can also create and maintain custom libraries of action tasks for easy reference and use. Once +you configure an action task as desired, follow the steps to add it to an Action Library. + +**Step 1 –** From within the Action Selections view where the custom action tasks exists, +right-click and copy the task. + +**Step 2 –** Click the **Add from Library** link to open the Libraries window. + +**Step 3 –** Click the green plus sign on the top left to add a new library. + +![Add custom library on Libraries window](/img/product_docs/accessanalyzer/11.6/admin/action/librariescustom.webp) + +**Step 4 –** In the pop-up window, specify a name for the library and click **OK**. + +![Libraries window paste button](/img/product_docs/accessanalyzer/11.6/admin/action/librariescustompaste.webp) + +**Step 5 –** Select the new library and paste the copied action task. + +The custom action task is now available for use in other jobs through the **Add from Library** +option. diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/affectedmailboxes.md b/docs/accessanalyzer/11.6/admin/action/mailbox/affectedmailboxes.md new file mode 100644 index 0000000000..b282641183 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/affectedmailboxes.md @@ -0,0 +1,40 @@ +# Mailbox: Affected Mailboxes + +Use the Affected Mailboxes page to select the mailboxes to target for the action. It is a wizard +page for the following operations: + +- Add/Change Permissions +- Remove Permissions +- Add Delegates, Remove Delegates +- Remove Stale SIDs + +![New Mailbox Action Wizard Affected Mailboxes page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/affectedmailboxes.webp) + +Select mailboxes to process using the following options: + +- Users found in the following column – Select this option to identify users via a data table column + + - Use the drop-down menu to select a data table column containing either the Mailbox display + name or email address + - Select a data type for the selected field using the following options: + + - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data + types: + + - Legacy Exchange DN + - Display Name + + - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active + Directory Data Collector with the following data types: + + - User DN + - Account Name + - SID + - SMTP Email Address + +- The list of users – Identifies users in one of the following ways: + + - Click **Select** to choose from the global address list (GAL) + - Manually enter a user name and click **Add**. Repeat for additional users. + - To restore anonymous permissions to folders, enter `anonymous` and click **Add** + - To remove a user, select it and click **Remove** diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/criteriaselection.md b/docs/accessanalyzer/11.6/admin/action/mailbox/criteriaselection.md new file mode 100644 index 0000000000..c3250d2792 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/criteriaselection.md @@ -0,0 +1,16 @@ +# Mailbox: Criteria Selection + +Use the Criteria Selection page to choose search criteria saved in a previous Exchange Mailbox Data +Collector query or define new criteria. It is a wizard page for the Delete Mailbox Contents +operation. + +![New Mailbox Action Wizard Criteria Selection page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/criteriaselection.webp) + +Choose whether to use existing Mailbox Search criteria or determine new criteria: + +- Use the following criteria specified in the task – Applies a predetermined search criteria + + - Use the dropdown menu to select existing Mailbox search criteria (if any) + - Select the checkbox to modify Content Conditions of existing search criteria + +- Define a new criteria – Proceed while establishing new criteria diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/delegaterights.md b/docs/accessanalyzer/11.6/admin/action/mailbox/delegaterights.md new file mode 100644 index 0000000000..f9ba3cb083 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/delegaterights.md @@ -0,0 +1,39 @@ +# Mailbox: Delegate Rights + +Use the Delegate Rights page to specify folder permissions for the selected delegates. A permission +level can be specified for each folder on the page. It is a wizard page for the Add Delegates +operation. + +![New Mailbox Action Wizard Delegate Rights page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/delegaterights.webp) + +Set delegate rights using the following options: + +- The following delegate rights can be chosen to access each mailbox folder: + + - None + - Reviewer + - Contributor + - Nonediting Author + - Author + - Editor + - Publishing Author + - Publishing Editor + - Owner + +- Select a right from the drop-down menu of any desired mailbox folder, including: + + - Calendar + + **NOTE:** If Editor or a higher rights level is selected, the **Delegate receives copies of + meeting-related messages sent to me** option is enabled for selection. + + - Tasks + - Inbox + - Contacts + - Notes + - Journal + +- Propagate permissions to child folders – Select the checkbox to Propagate permissions to the child + folders of the selected folders +- Delegate can see my private items – Select the checkbox to allow a delegate to access your + personal items of the selected folders diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/folderconditions.md b/docs/accessanalyzer/11.6/admin/action/mailbox/folderconditions.md new file mode 100644 index 0000000000..4c9b0cc8a5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/folderconditions.md @@ -0,0 +1,84 @@ +# Mailbox: Folder Conditions + +Use the Folder Conditions page to customize folder search filter conditions. It is a wizard page for +the **No, the query results do not contain a mailbox identification** column option on the Folder +Identification page. + +![New Mailbox Action Wizard Folder Conditions page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) + +Customize folder search conditions using the following options: + +- Select conditions – Select the checkbox next to any of the following filter conditions to apply + them to the search and add them to the Edit conditions box. Folder Conditions include: + + - With specific folder type + - With search terms in the folder name + - With specific folder(s) to include/exclude + +- Edit conditions – Any selected conditions populate here. To modify filter conditions, click the + underlined portion of the condition, which opens a corresponding window. + +## Folder Type Window + +Use the Folder Type window to select which folder types to run the action against. The Folder Type +window opens if **specific** in **with specific folder type** is selected in the Edit Conditions +box. . + +![Folder Type Window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) + +Select the checkbox next to any desired folder type to include it in the search criteria, including: + +- Calendar +- Contact +- Journal +- Mail +- Notes +- Task +- Reminder +- RSS Feed + +## Search Terms Window + +Use the Search Terms window to select terms contained in folder names to run the action against.The +Search Terms window opens if **search terms** is selected in the Edit Conditions box. + +![Search Terms Window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) + +Edit the search terms using the following options: + +- To add a term to the search, enter the desired term into the upper text box and click **Add** +- To remove a term from the search, select a term in the lower text box and click **Remove** +- Click **Clear** to clear all terms from the lower box +- Select a qualifier option: + + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing one or + more of the search terms + +- Click **Import CSV** to open a file explorer and select a CSV file to import + +## Folder Inclusion/Exclusion Window + +Use the Folder Inclusion/Exclusion window to select individual folders to add to or remove from the +action. The Folder Inclusion/Exclusion window opens if **specific** in **with specific folder(s) to +include/exclude** is selected in the Edit Conditions box. + +![Folder Inclusion/Exclusion Window](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderinclusionexclusionwindow.webp) + +Include/Exclude folders using the following options: + +- Click **Add** to populate a field to add a folder path + + ![New field added on Folder Inclusion/Exclusion window](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderinclusionexclusionwindownew.webp) + +- Click the ellipsis (**…**) or enter the path to the desired folder in the text box +- Scope auto-populates with **This folder**. Click **This folder** to reveal a drop-down menu to + select from the following scope options: + + - This folder + - This folder and subfolders + - Subfolders only + +- The Remove button becomes enabled once a folder is added to either section. To remove a folder + from the scope, select it and click **Remove**. diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/folderidentification.md b/docs/accessanalyzer/11.6/admin/action/mailbox/folderidentification.md new file mode 100644 index 0000000000..3206ee6935 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/folderidentification.md @@ -0,0 +1,24 @@ +# Mailbox: Folder Identification + +Use the Folder Identification page to specify folders to target. It is a wizard page for the Delete +Mailbox Contents operation. + +![New Mailbox Action Wizard Folder Identification page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderidentification.webp) + +Select whether the query results contain a mailbox identification column using the following +options: + +- Yes, the query results contain a mailbox folder identification column + + - Select the mailbox identification column using the drop-down menu + - Folder Identifier Type – Choose which mailbox identifier the selected column uses: + + - Folder Path and Name – Select this option if the specified field contains a fully + qualified path + - Entry ID – Select this option if the selected field is an EntryID that is a unique + identifier for a folder + +- No, the query results do not contain a mailbox folder identification column – Selecting this + enables the Folder Conditions page, used to identify specific folders to target. See the + [Mailbox: Folder Conditions](/docs/accessanalyzer/11.6/admin/action/mailbox/folderconditions.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/identification.md b/docs/accessanalyzer/11.6/admin/action/mailbox/identification.md new file mode 100644 index 0000000000..d9a2aeac37 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/identification.md @@ -0,0 +1,38 @@ +# Mailbox: Mailbox Identification + +The Mailbox Identification page specifies the mailboxes the action targets. It is a wizard page for +the Delete Mailbox Contents operation. + +Depending on the data in the source table, users must specify a data table column containing either +the Mailbox display name or email address. + +![New Mailbox Action Wizard Mailbox Identification page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/identification.webp) + +Select which mailboxes to target using the following options: + +- Users found in the following column – Select this option to identify users via a data table column + + - Use the drop-down menu to select a data table column containing either the Mailbox display + name or email address + - Select a data type for the selected field using the following options: + + - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data + types: + + - Legacy Exchange DN + - Display Name + + - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active + Directory Data Collector with the following data types: + + - User DN + - Account Name + - SID + - SMTP Email Address + +- The list of users – Identifies users in one of the following ways: + + - Click **Select** to choose from the global address list (GAL) + - Manually enter a user name and click **Add**. Repeat for additional users. + - To restore anonymous permissions to folders, enter `anonymous` and click **Add** + - To remove a user, select it and click **Remove** diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/messageactions.md b/docs/accessanalyzer/11.6/admin/action/mailbox/messageactions.md new file mode 100644 index 0000000000..dbde34be52 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/messageactions.md @@ -0,0 +1,34 @@ +# Mailbox: Message Actions + +Use the Message Actions page to specify the action to take with the messages that meet the search +criteria. It is a wizard page for the **Delete Mailbox Contents** operation. + +![New Mailbox Action Wizard Message Actions page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageactions.webp) + +To select a message action, use the following options: + +- Select an action – Select the checkbox next to a message action to apply it to the search. The + selected action displays in the Edit Actions box. Possible actions include: + + - Delete – Items can be recovered via the Deleted Contents table (folder dumpster) + - Permanent Delete – Items are not recoverable + - Move to Deleted Items folder + - Delete Attachment (Append Text Options) – Deletes attachment and adds **Append Text Options** + to the Edit Conditions box + - Delete Body Text (Append Text Options) – Deletes body text and adds **Append Text Options** to + the Edit Conditions box + +- Edit conditions – Any selected conditions populate here + + - To edit a filter condition, click the underlined portion of the condition to open the + corresponding window + +## Options Window + +Use the Options window to add an appended text. The Options window opens if **Append Text Options** +is selected in the Edit Conditions box. + +![Options Window](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/optionswindow.webp) + +To append text to the attachment or body, select the checkbox to enable editing and enter the +desired text to append in the textbox. diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/messageconditions.md b/docs/accessanalyzer/11.6/admin/action/mailbox/messageconditions.md new file mode 100644 index 0000000000..785baf6898 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/messageconditions.md @@ -0,0 +1,111 @@ +# Mailbox: Message Conditions + +Use the Message Conditions page to customize message search filter conditions. It is a wizard page +for the Delete Mailbox Contents operation. + +![New Mailbox Action Wizard Mailbox Message Conditions page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) + +Customize the folder search conditions using the following options: + +- Message Category – Use the drop-down menu to select a message category + + **NOTE:** Each selection may populate various conditions in the Select Conditions section. + +- Select conditions – Select the checkbox next to any desired filter conditions to apply them to the + search. The selected conditions then show in the Edit conditions box. Message Conditions include: + + - with specific message classes + - that is created in specific date + - with search terms in the subject + - with search terms in the body + - with search terms in the subject or body + - with search terms in the message header + - with search terms in the recipient’s address + - with search terms in the sender’s address + - that has an attachment + - that is received in specific date + - with specific message ID + - that occurs in specific date + +- Edit conditions – Any selected conditions populate here + + - To edit filter conditions, click the underlined portion of the condition. This opens a + corresponding window to configure the condition, with the exception of **has attachment(s)**. + + - Clicking **has attachment(s)** changes it to **has no attachment(s** and vice versa + +## MessageClasses Window + +Use the MessageClasses window to select a message class to apply to the scope of the action. The +MessageClasses window opens if **specific** in **with specific message classes** is selected in the +Edit Conditions box. + +![MessageClasses Window](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageclasseswindow.webp) + +Modify message classes using the following options: + +- Click **Add** to populate a field to add a message class + + ![New class added in MessageClasses Window](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageclasseswindownew.webp) + +- Click the ellipsis (**…**) or enter the path to the desired folder in the text box +- Matching Strategy auto-populates with **Exact Match**. Click **Exact Match** to reveal a drop-down + menu to select from the following scope options: + + - Exact Match + - Starts With + - Contains + +- To remove a message class, select it and click **Remove** +- Click **Import CSV** to open a file explorer and select a CSV file to import + +## Data Range Selection Window + +Use the Date Range Selection window to determine a time period to scope. The Date Range Selection +window opens if **in specific date** in either the **that is created in specific date** or **that is +received in specific date** conditions is selected in the Edit condition box. + +![Data Range Selection Window](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/datarangeselectionwindow.webp) + +To specify a date range, use the following options: + +- Select one of the following qualifier options: + + - Over + - Last + - Before + - After + - Between + +- Configure the date range using the textbox or drop-down menus for the selected option + +## Search Terms Window + +Use the Search Terms window to select terms in messages to run the action against. The Search Terms +window opens if **search terms** in any condition is selected in the Edit Conditions box. + +![Search Terms Window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) + +Edit the search terms using the following options: + +- To add a term to the search, enter the desired term into the upper text box and click **Add** +- To remove a term from the search, select a term in the lower text box and click **Remove** +- Click **Clear** to clear all terms from the lower box +- Specify a qualifier option: + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing any one or + more of the search terms +- Click **Import CSV** to open a file explorer and select a CSV file to import + +## Values Window + +Use the Values window to add or remove values to or from the search. The Values window opens if +**specific** in **with specific Message ID** is selected in the Edit Conditions box. + +![Values Window](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/valueswindow.webp) + +- To add a term to the search, enter the desired term into the upper text box and click **Add** +- To remove a term from the search, select a term in the lower text box and click **Remove** +- Click **Clear** to clear all terms from the lower box +- Click **Import CSV** to open a file explorer and select a CSV file to import diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/operations.md b/docs/accessanalyzer/11.6/admin/action/mailbox/operations.md new file mode 100644 index 0000000000..5d34a3109a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/operations.md @@ -0,0 +1,16 @@ +# Mailbox: Operations + +Use the Operations page to specify the operation to be performed as part of the action. + +![New Mailbox Action Wizard Operations page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) + +Select from the following operations: + +- Delete Mailbox Contents +- Add/Change Permissions +- Remove Permissions +- Add Delegates +- Remove Delegates +- Remove Stale SIDS + +**NOTE:** The Operation selected alters the subsequent steps displayed by the wizard. diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/overview.md b/docs/accessanalyzer/11.6/admin/action/mailbox/overview.md new file mode 100644 index 0000000000..43637b7157 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/overview.md @@ -0,0 +1,40 @@ +# Mailbox Action Module + +The Mailbox action module allows you to perform bulk operations on Microsoft Exchange mailboxes, for +example deleting mailbox content and modifying permissions and delegates. + +**CAUTION:** This action module can add, change, or remove permissions and delegates from an +environment. Always verify the data and target mailboxes prior to executing any action. + +## Mailbox Action Source Table Configuration + +All data tables used in Enterprise Auditor action modules require the presence of certain data +columns. In addition, individual action modules including Mailbox may have their own column +requirements. The Mailbox action module requires a column containing mailbox names. + +## Configuration + +Use the New Mailbox Action Wizard to target mailboxes or folders and to define the operation to +perform against the selected objects. The wizard has the following pages: + +- Welcome +- [Mailbox: Operations](/docs/accessanalyzer/11.6/admin/action/mailbox/operations.md) +- [Mailbox: Criteria Selection](/docs/accessanalyzer/11.6/admin/action/mailbox/criteriaselection.md) +- [Mailbox: Sampling Host](/docs/accessanalyzer/11.6/admin/action/mailbox/samplinghost.md) +- [Mailbox: Mailbox Identification](/docs/accessanalyzer/11.6/admin/action/mailbox/identification.md) +- [Mailbox: Folder Identification](/docs/accessanalyzer/11.6/admin/action/mailbox/folderidentification.md) +- [Mailbox: Folder Conditions](/docs/accessanalyzer/11.6/admin/action/mailbox/folderconditions.md) +- [Mailbox: Message Conditions](/docs/accessanalyzer/11.6/admin/action/mailbox/messageconditions.md) +- [Mailbox: Message Actions](/docs/accessanalyzer/11.6/admin/action/mailbox/messageactions.md) +- [Mailbox: Permissions](/docs/accessanalyzer/11.6/admin/action/mailbox/permissions.md) +- [Mailbox: Affected Mailboxes](/docs/accessanalyzer/11.6/admin/action/mailbox/affectedmailboxes.md) +- [Mailbox: Trusted Users](/docs/accessanalyzer/11.6/admin/action/mailbox/trustedusers.md) +- [Mailbox: Delegate Rights](/docs/accessanalyzer/11.6/admin/action/mailbox/delegaterights.md) +- [Mailbox: Summary](/docs/accessanalyzer/11.6/admin/action/mailbox/summary.md) + +The Welcome page gives an overview of the action module. The steps navigation pane contains links to +the pages in the wizard, which change based on the operation selected on the Operations page. + +![New Mailbox Action Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/permissions.md b/docs/accessanalyzer/11.6/admin/action/mailbox/permissions.md new file mode 100644 index 0000000000..b47bb29208 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/permissions.md @@ -0,0 +1,133 @@ +# Mailbox: Permissions + +Use the Permissions page to determine which permissions to remove. It is a wizard page for the +**Add/Change Permissions** and **Remove Permissions** operations. + +![New Mailbox Action Wizard Permissions page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp) + +Use the following options to add, change or remove Permissions: + +- User – Specifies user permissions to add or change. To select different users, click the + down-arrow to display the User window. See the [User Window](#user-window) topic for additional + information. +- Folder – Specifies the folder for which to change permissions. Click the down-arrow to display the + Folder window. See the [Folder Window](#folder-window) topic for additional information. +- Permission – Selects a permission to assign. Click the down-arrow to display the Permission + window. See the [Permission Window](#permission-window) topic for additional information. +- Propagate permissions to child folders – Propagates permissions to the child folders of the + selected folders +- Once User, Folder, and Permission are selected, click **Add** to add them to the summary of the + action to be taken +- To remove an added Permission, select it in the panel and click **Remove** + +## User Window + +Use the User window to select a user. The User window opens when the **User** down-arrow is selected +on the Permissions page. + +![User Window](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/userwindow.webp) + +Select a user using the following options: + +- Users found in the following column – Select this option to identify users via a data table column + + - Use the drop-down menu to select a data table column containing either the Mailbox display + name or email address + - Select a data type for the selected field using the following options: + + - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data + types: + + - Legacy Exchange DN + - Display Name + + - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active + Directory Data Collector with the following data types: + + - User DN + - Account Name + - SID + - SMTP Email Address + +- The list of users – Identifies users in one of the following ways: + + - Click **Select** to choose from the global address list (GAL) + - Manually enter a user name and click **Add**. Repeat for additional users. + - To restore anonymous permissions to folders, enter `anonymous` and click **Add** + - To remove a user, select it and click **Remove** + +## Folder Window + +Use the Folder window to select folders. The Folder window opens when the **Folder** down-arrow is +selected on the Permissions page. + +![Folder Window](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderwindow.webp) + +Select a folder using the following options: + +- Folder names in the following column – Select from folder names present in the column + + - Click the down arrow and select either the folder path or the Entry ID column for that folder + - Select the appropriate folder identifier type: + + - Folder Path + - Entry ID + +- The list of folders – Select one of the default folders + + - Select a folder from the drop-down menu and click **Add** + - To remove a folder, select it and click **Remove** + +## Permission Window + +Use the Permission window to specify permissions. The Permission window opens when the +**Permission** down-arrow is selected on the Permissions page. + +![Permission Window](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissionwindow.webp) + +Specify permissions using the following options: + +- Permissions Level – Each permission level has a set of default selections. If a setting is + changed, the Permissions Level field changes to **Custom**. Permission levels are associated with + the different permissions available for assignment through Outlook. Options include: + + - None + - Contributor + - Reviewer + - Nonediting Author + - Author + - Publishing Author + - Editor + - Publishing Editor + - Owner + +- Read – Choose the read permissions from the following: + + - None + - Full Details + +- Write – Select any desired write permissions from the following: + + - Create Items + - Create subfolders + - Edit Own + - Edit all + +- Delete Items – Choose delete permissions from the following: + + - None + - Own + - All + +- Other – Select any other permissions to apply from the following: + + - Folder owner – User has all permissions for the folder + - Folder Contact – User receives automated messages about the folder such as replication + conflict messages, requests from users for additional permissions, and other changes to folder + status + - Folder visible – User can see the folder but cannot read or edit the items within + +- To add anonymous permissions, choose **None** + + - To re-add Anonymous to the folder but not assign any access, select a permission level to + assign diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/samplinghost.md b/docs/accessanalyzer/11.6/admin/action/mailbox/samplinghost.md new file mode 100644 index 0000000000..b74c9a5a28 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/samplinghost.md @@ -0,0 +1,26 @@ +# Mailbox: Sampling Host + +Use the Sampling Host page to specify the Exchange server to target. It is a wizard page for all +operation types. + +![New Mailbox Action Wizard Sampling Host page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/samplinghost.webp) + +Select an Exchange server to target using the following options: + +- Select the **Use Global Setting** checkbox to query the global Exchange setting +- Use the radio buttons to select a specific host +- System Attendant (2003 & 2007) – Audits Microsoft Exchange 2007 or older versions +- Use the mailbox associated with the Windows account that Enterprise Auditor is run with – Uses + either the account logged into the Enterprise Auditor Console server or the account set to run the + Enterprise Auditor application to access the Exchange mailbox +- Exchange Mailbox (2010 and newer) – Allows Exhange Mailbox Alias to be specified for MAPI + connections + + - When Exchange Mailbox (2010 and newer) is selected, the textbox is enabled. Enter the Alias + name in the textbox. The Alias needs to be an Exchange 2010 or newer mailbox, not a + mail-enabled service account. However, this mailbox does not need rights on the Exchange + Organization; it only needs to reside within it. + - Client Access Server – Enter the name of the physical CAS in the textbox. This server can be + part of an array, but do enter the name of a CAS Array. This should also be the Exchange CAS + where both Remote PowerShell and Windows Authentication on the PowerShell Virtual Directory + have been enabled. diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/summary.md b/docs/accessanalyzer/11.6/admin/action/mailbox/summary.md new file mode 100644 index 0000000000..3a4bf22a3a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/summary.md @@ -0,0 +1,7 @@ +# Mailbox: Summary + +The Summary page summarizes the configuration of the action. + +![New Mailbox Action Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes and exit, or **Cancel** to exit with saving. diff --git a/docs/accessanalyzer/11.6/admin/action/mailbox/trustedusers.md b/docs/accessanalyzer/11.6/admin/action/mailbox/trustedusers.md new file mode 100644 index 0000000000..890e06eec5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/mailbox/trustedusers.md @@ -0,0 +1,47 @@ +# Mailbox: Trusted Users + +Use the Trusted Users page to select delegates to add. Users can be added individually or from a +server with a mailbox environment. It is a wizard page for the following operations: + +- Add Delegates +- Remove Delegates + +![New Mailbox Action Wizard Trusted Users page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/trustedusers.webp) + +Select Trusted User delegates using the following options: + +- Users found in the following column – Select this option to identify users via a data table column + + - Use the drop-down menu to select a data table column containing either the Mailbox display + name or email address + - Select a data type for the selected field using the following options: + + - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data + types: + + - Legacy Exchange DN + - Display Name + + - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active + Directory Data Collector with the following data types: + + - User DN + - Account Name + - SID + - SMTP Email Address + +- The list of users – Identifies users in one of the following ways: + + - Click **Select** to choose from the global address list (GAL) + - Manually enter a user name and click **Add**. Repeat for additional users. + - To restore anonymous permissions to folders, enter `anonymous` and click **Add** + - To remove a user, select it and click **Remove** + +The following additional options are available for the Remove Delegates operation: + +- Remove Permissions for Delegate – Remove Mailbox permissions in addition to removing delegate + rights +- Remove Permissions from Child Folders – Removes permissions from child folders + + **NOTE:** This option is only enabled if the **Remove Permissions for Delegate** option is + selected. diff --git a/docs/accessanalyzer/11.6/admin/action/overview.md b/docs/accessanalyzer/11.6/admin/action/overview.md new file mode 100644 index 0000000000..46c7c3bc5c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/overview.md @@ -0,0 +1,141 @@ +# Action Modules + +This guide describes the **Actions** node and the various action modules available for use in +Enterprise Auditor. This overview topic describes the basic procedure for creating and executing an +action module as well the initial steps to take when configuring an action. Each action module is +described in detail in the relevant topics. + +The Enterprise Auditor actions are capable of changing users, permissions, files, and objects from a +variety of environments. Action modules are assigned to a job at the **Configure** > **Actions** +node. See the +[Actions Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/actions.md) +topic for additional information on the Action Selection view. + +![Action Selection page](/img/product_docs/accessanalyzer/11.6/admin/action/actionselection.webp) + +Configure the action through the Action Properties page. Navigate to the job’s **Configure** > +**Actions** node. Select **Create Action** to add a new action task to a job. Select an existing +action and click **Action Properties** to modify its configuration. The Action Properties page opens +for either option. Pre-configured action tasks can be added from the Action Library. See the +[Action Libraries](/docs/accessanalyzer/11.6/admin/action/libraries.md) +topic for additional information. + +Most action modules are available with a special Enterprise Auditor License. The following table +provides brief descriptions of the action modules available in Enterprise Auditor. + +| Action Module | Description | +| ---------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Active Directory | Make changes to Active Directory such as deleting objects, creating users, and changing group membership. See the [Active Directory Action Module](/docs/accessanalyzer/11.6/admin/action/activedirectory/overview.md) for additional information. | +| File System | Change attributes and permissions, as well as copy, delete, move, and rename file system contents. See the [File System Action Module](/docs/accessanalyzer/11.6/admin/action/filesystem/overview.md) for additional information. | +| Mailbox | Add/change permissions, remove permissions, add/remove delegates, remove zombie SIDS, and delete mailbox content. See the [Mailbox Action Module](/docs/accessanalyzer/11.6/admin/action/mailbox/overview.md) for additional information. | +| PowerShell | Run PowerShell scripts on the local machine or on remote hosts. See the [PowerShell Action Module](/docs/accessanalyzer/11.6/admin/action/powershell/overview.md) for additional information. | +| PublicFolder | Make changes to Exchange Public Folders. See the [PublicFolder Action Module](/docs/accessanalyzer/11.6/admin/action/publicfolder/overview.md) for additional information. | +| Registry | Make changes to the system registry. See the [Registry Action Module](/docs/accessanalyzer/11.6/admin/action/registry/overview.md) for additional information. | +| SendMail | Communicate with target audiences to supply users with dynamic content from selected audit data. See the [SendMail Action Module](/docs/accessanalyzer/11.6/admin/action/sendmail/overview.md) for additional information. | +| ServiceNow | Creates incidents in ServiceNow. See the [ServiceNow Action Module](/docs/accessanalyzer/11.6/admin/action/servicenow/overview.md) for additional information. | +| SharePoint | Add/remove trustees from sites, lists, or libraries in SharePoint on-premise, apply sensitivity labels, and move files. | +| Survey | Solicit feedback from users to expedite and aid in the decision making process. See the [Survey Action Module](/docs/accessanalyzer/11.6/admin/action/survey/overview.md) for additional information. | +| Web Request | Sends data to Threat Manager. See the [WebRequest Action Module](/docs/accessanalyzer/11.6/admin/action/webrequest/overview.md) for additional information. | + +## Basic Procedure + +Actions perform operations on data tables. They reside within a job node and are associated with +that job. Enterprise Auditor provides many action modules and each has its own set of operations +that can be applied to selected columns in a selected data table. + +For example, the Active Directory Action Module automates specified Active Directory operations +while the SendMail Action Module can send an email to a dynamic list of users. + +The basic procedure consists of the following steps. + +**Step 1 –** Create a data table containing the target objects to be modified and exclude any +extraneous columns. + +**Step 2 –** Configure an action task using the configuration wizard for the selected action module. +Target the selected objects and apply selected operations to the data. + +**Step 3 –** Execute the action. + +### Executing Actions + +Actions with the checkbox next to their name selected in the Action Selection view are executed +automatically as part of the job’s execution. The actions are executed in the order in which they +appear in the Selection table. You can also manually execute selected actions without running the +job by clicking on the **Action Execute** link on the Action Selection view. + +## Caution on Action Modules + +**CAUTION:** Enterprise Auditor action modules apply bulk changes to targeted objects within the +target environment. Actions perform operations on selected objects listed in each row of the source +table. Exercise caution to ensure the action applies only the desired changes and only to the +desired target objects. + +**_RECOMMENDED:_** Prior to configuring the action module, scope the source data table to include +only the desired data. It is also recommended to run the action in a test environment before making +changes to a production environment. + +## Action Properties Page + +Use this page to view or specify properties for a selected action, including the name, description, +action module, and source table. Access this page via the Action Selection view. + +![Action Properties page for new action](/img/product_docs/accessanalyzer/11.6/admin/action/actionproperties.webp) + +**_RECOMMENDED:_** Provide unique and descriptive names and action task descriptions to all user +created action tasks. + +- Name – Action task name. For new actions, an editable default name displays. +- Description – Action task description. For new actions, this editable field is blank. +- Action Module – Drop-down menu of available action modules + + - Configure Action – Opens the configuration wizard for the selected action module + +- Source Table – Table with objects the action task acts upon. For new actions, this field is blank. + Specify a source table on which to perform the action. +- Show tables from current job only – Restricts the list of source tables available to only those + tables generated by the job where the action task resides. Deselect the checkbox to list all + available data tables. +- ID – Unique identifier, or GUID, of the action task generated by the application. With this ID, + the database can distinguish actions, even those with identical configurations. +- Data Grid – Displays a sample of the selected Source table. This data grid functions the same as + all data grids within Enterprise Auditor. Data can be filtered, and columns can be regrouped. See + the + [Data Grid Functionality](/docs/accessanalyzer/11.6/admin/navigate/datagrid.md) + topic for additional information. + +### Source Table Configuration + +All Enterprise Auditor actions require a source data table. The source table must contain, at a +minimum, the following columns. Include these columns in addition to any other columns required by +the action module being used. Otherwise, errors may occur upon execution of the action and with +analysis and reports downstream. + +| Required Columns | Description | +| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Host | Name of the target server | +| SA_HOST | This column determines the Enterprise Auditor server to which the data belongs in the event multiple Enterprise Auditor consoles are connected to a single database | +| JobRunTimeKey | Contains the run time and date for the job. If history is active, Enterprise Auditor can identify data collected during a specific collection execution. | +| rowGUID | Identifies each data row as unique. The datatype in the table is uniqueidentifier (GUID). | +| RowKey | Identifies each data row as unique. Sometimes the value is a GUID, but the datatype in the table is a varchar (text string). | + +_Remember,_ the individual action modules may have their own column requirements in addition to the +above. + +#### Data Tables + +Enterprise Auditor native data tables generally contain all of the above columns. However, if all +required columns are not present by default, add them manually. + +**CAUTION:** Do not use native data tables in action modules. Source data tables in actions should +include only the data desired for the operation. Scope the data tables to include only the required +columns prior to configuring the action. + +#### Module-Specific Source Table Requirements + +Enterprise Auditor action modules contain one or more selectable operations, many of which have +their own column requirements. Thus, in addition to excluding extraneous columns from the data +tables, include in the tables any columns required by the selected operation. The columns can have +any name, but they must contain the data required by the operation. + +For example, in the Active Directory Action Module, the Create Groups operation requires a column +containing the group name. diff --git a/docs/accessanalyzer/11.6/admin/action/powershell/executionoptions.md b/docs/accessanalyzer/11.6/admin/action/powershell/executionoptions.md new file mode 100644 index 0000000000..53b58da6bd --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/powershell/executionoptions.md @@ -0,0 +1,24 @@ +# PowerShell Action: Execution Options + +Specify the execution options for the PowerShell script using the Execution Options page. + +![PowerShell Action Module Wizard Execution Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/executionoptions.webp) + +The options on the Execution Options page are: + +- Execute script locally on the Enterprise Auditor server – Enable this to execute the PowerShell + script on the Enterprise Auditor server + + - Use the same PowerShell session for each row – Select to enable using the same PowerShell + session to run multiple rows + +- Execute script remotely on a target server – Enable this to execute the PowerShell script on a + remote target server + + - Use the **Remote host** dropdown to select the database column that will be used as the target + server name or type in a network host name + - Select the **Fall back to the local Enterprise Auditor server if the remote execution fails** + option to use the Enterprise Auditor server if remote execution fails + +- Use impersonation within server executable – Select this option to use impersonation when + executing the PowerShell script diff --git a/docs/accessanalyzer/11.6/admin/action/powershell/overview.md b/docs/accessanalyzer/11.6/admin/action/powershell/overview.md new file mode 100644 index 0000000000..28f60c2d2b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/powershell/overview.md @@ -0,0 +1,27 @@ +# PowerShell Action Module + +The PowerShell action module provides methods of running PowerShell scripts on the local machine or +on remote hosts. Define PowerShell scripting actions using the PowerShell Action Module Wizard. + +**CAUTION:** Ensure that only the changes required are applied and only to those target systems +desired. + +Enterprise Auditor action modules contain one or more selectable operations. Each operation performs +its function on a single object per row from the source table defined in the action. + +## Configuration + +The PowerShell action module is configured through the PowerShell Action Module Wizard, which +contains the following wizard pages: + +- Welcome +- [PowerShell Action: Script](/docs/accessanalyzer/11.6/admin/action/powershell/script.md) +- [PowerShell Action: Execution Options](/docs/accessanalyzer/11.6/admin/action/powershell/executionoptions.md) +- [PowerShell Action: Summary](/docs/accessanalyzer/11.6/admin/action/powershell/summary.md) + +The Welcome page displays first and gives an overview of the action module. The navigation pane +contains links to the pages in the wizard. + +![PowerShell Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/action/powershell/script.md b/docs/accessanalyzer/11.6/admin/action/powershell/script.md new file mode 100644 index 0000000000..e0bc0b5b2b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/powershell/script.md @@ -0,0 +1,79 @@ +# PowerShell Action: Script + +The Script page enables you to input the PowerShell script that will be used to perform the +requested action. Built-in variables are available for use in the script. + +![PowerShell Action Module Wizard Script page](/img/product_docs/accessanalyzer/11.6/admin/action/powershell/script.webp) + +The PowerShell script can be entered manually into the Script window at the top of the Script page. +To open a pre-existing PowerShell script from a file, click **Open** to select the script file. + +At the bottom of the page are three tabs that can be used to configure the PowerShell action module +further. The tabs are: + +- [Columns](#columns) +- [Parameters](#parameters) +- [Input Data](#input-data) + +## Columns + +Use the Columns tab to select the available columns. + +![Columns tab](/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptcolumns.webp) + +The table in the Columns tab displays the Columns that can be used for the PowerShell script. To use +a Column, select the checkbox under the **Use** column. + +![Right-click menu](/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptrightclickoption.webp) + +Right-clicking any of the variable names brings up a **Copy variable name** option that enables +users to paste the variable name into the PowerShell script. + +## Parameters + +The Parameters tab contains options to add, edit, or delete user-made PowerShell parameters. + +![Parameters tab](/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptparamters.webp) + +The options are: + +- Add – Clicking **Add** opens the Add/Edit Variable window. See the + [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. +- Edit – Select an existing parameter and click **Edit** to open the Add/Edit Variable window. See + the [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. + + - Double-clicking an existing parameter also opens the **Add/Edit Variable** window + +- Delete – Delete a selected parameter + +**NOTE:** The built-in default parameters cannot be edited or deleted. + +### Add/Edit Variable Window + +Configure options for a new or existing parameter using the Add/Edit Variable window. + +![Add/Edit Variable Window](/img/product_docs/accessanalyzer/11.6/admin/action/powershell/addeditvariable.webp) + +The options are: + +- Name – Enter or edit the name for the custom parameter +- Description – Enter or edit the description for the custom parameter +- Type – Select the Type from a dropdown list. The options are: + + - String + - List + - Filepath + - Boolean + - Long + - Double + +- Value – Enter or edit the value for the custom parameter + +## Input Data + +Preview how the input data will look in the Input Data tab. + +![Input Data tab](/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptinputdata.webp) + +Information in the Input Data tab varies depending on which source table the PowerShell action +module is configured to pull data from. diff --git a/docs/accessanalyzer/11.6/admin/action/powershell/summary.md b/docs/accessanalyzer/11.6/admin/action/powershell/summary.md new file mode 100644 index 0000000000..d1836edf80 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/powershell/summary.md @@ -0,0 +1,8 @@ +# PowerShell Action: Summary + +View a summary of configured options on the Summary page. + +![PowerShell Action Module Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save changes and exit the PowerShell Action Module Wizard. Click **Cancel** to +exit the wizard without saving. diff --git a/docs/accessanalyzer/11.6/admin/action/publicfolder/action.md b/docs/accessanalyzer/11.6/admin/action/publicfolder/action.md new file mode 100644 index 0000000000..e85e409d61 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/publicfolder/action.md @@ -0,0 +1,18 @@ +# Public Folder: Action + +The Action page specifies the basic action to perform on public folders. The pages available for +selection in the Steps pane adjust based on this selection. + +**NOTE:** Once an action is selected and saved, and the wizard is closed, this page is no longer +available and the selection cannot be altered. + +![Public Folder Action Module Wizard Action page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/action.webp) + +Choose from the following actions: + +- Define a new action – Enables the Operation page where the operation on which the action is based + is selected +- Rollback a previously executed action – Enables the Prior Actions page where a list of previously + executed actions is displayed and a selected action may be rolled back. Not all operations support + rollback, and the Support Rollback option must be enabled prior to execution for the action to be + eligible for rollback. diff --git a/docs/accessanalyzer/11.6/admin/action/publicfolder/folders.md b/docs/accessanalyzer/11.6/admin/action/publicfolder/folders.md new file mode 100644 index 0000000000..e8e1752a2c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/publicfolder/folders.md @@ -0,0 +1,20 @@ +# Public Folder: Folders + +The Folders page identifies which public folders are targeted by this action. + +![Public Folder Action Module Wizard Folders page](/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/folders.webp) + +The options on this page are: + +- Public folder identifier – Select a field using the dropdown menu + + - Field – Column names + + **NOTE:** The displayed fields vary depending on the Source Table selected during the + creation of the new action + +- Folder identifier type – Select a folder type option + + - Entry ID – Select this option if the field contains an Entry ID + - Folder path and name – Select this option if the field contains a fully qualified path and + name diff --git a/docs/accessanalyzer/11.6/admin/action/publicfolder/mapisettings.md b/docs/accessanalyzer/11.6/admin/action/publicfolder/mapisettings.md new file mode 100644 index 0000000000..bb2f74a3e3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/publicfolder/mapisettings.md @@ -0,0 +1,15 @@ +# Public Folder: MAPI Settings + +Use the MAPI Settings page to specify the proper MAPI settings. + +![Public Folder Action Module Wizard MAPI Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/mapisettings.webp) + +Use the following options to configure the action: + +- Use Global setting – The default setting in the Exchange Global Settings displays +- System Attendant (2003 & 2007) +- Use the mailbox associated with the Windows account on which Enterprise Auditor is run +- Exchange Mailbox (2010 and newer) – If targeting a 2010 Exchange Server, specify the CAS server. + This is also where the MAPI setting is selected. + + - Client Access Server – Enter the Domain Name in this field diff --git a/docs/accessanalyzer/11.6/admin/action/publicfolder/operations.md b/docs/accessanalyzer/11.6/admin/action/publicfolder/operations.md new file mode 100644 index 0000000000..901049dc6c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/publicfolder/operations.md @@ -0,0 +1,171 @@ +# Public Folder: Operations + +Use the Operations page to specify the operations to perform as part of the action. + +![Public Folder Action Module Wizard Operations page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) + +The **Add operation** drop-down menu lists the operations that can be performed. Each operation +opens a corresponding window. Operations include: + +- Rename – See the [Rename Folder Window](#rename-folder-window) topic for additional information +- Change permissions – See the [Change Permissions Window](#change-permissions-window) topic for + additional information +- Custom attributes – See the [Custom Attributes Window](#custom-attributes-window) topic for + additional information +- Replicas – See the [Replicas Window](#replicas-window) topic for additional information +- Limits – See the [Limits Window](#limits-window) topic for additional information +- Delete – See the [Delete Folder Window](#delete-folder-window) topic for additional information + +The buttons to the right of the drop-down control the operations in the field: + +- Edit – Allows you to alter operation settings +- Add – Places selected operation one step above its current position +- Down – Places selected operation one step below its current position +- Delete – Removes a selected operation + +## Rename Folder Window + +Use the Rename Folder window to rename selected folders. It is a wizard page for the Rename +operation. + +![Rename Folder Window](/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/renamefolder.webp) + +Rename folders using the following options: + +- Select a field from the dropdown menu and click **Add** to add it to the list below + + **NOTE:** The available fields vary based on the source table. + +- New name – Enter the name to replace an existing folder name + +## Change Permissions Window + +Use the Change Permissions window to change the permissions. It is a wizard page for the Change +permissions operation. + +![Change Permissions Window](/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/changepermissions.webp) + +Change permissions using the following options: + +- Username – Select a user or create a list of users to edit permissions for + + - To add a user, type in the field to search for a user, select it, and click **Add** + - Click **Select** to open a list with usernames to select from + - To delete a user, select an added user and click **Delete** + +- Dynamic users – Select a user using the dropdown menu +- Mode – Select whether to change or remove permissions +- Permissions – Determine Permission level and assign permissions to the user + + - Permission level – Use the drop-down menu to select a permission level from the following: + + - Reviewer + - Contributor + - Nonediting Author + - Author + - Editor + - Publishing Author + - Publishing Editor + - Owner + - Custom + + - Select the checkbox to assign a permission to any of the following: + + - Create items – User can create items + - Read items – User can read items + - Create Subfolders – User can create subfolders + - Folder owner – User can view and move the public folder, create subfolders, and set + permissions for the folder, but cannot read, edit, delete, or create items + - Folder contact – Set user as the contact for the specified public folder + - Folder visible – User can view the specified public folder but cannot read or edit the + items within + + **NOTE:** Different permissions become automatically selected based on which permission + level is selected. To override this default, select the checkbox of the unwanted permission + to deselect it. If a desired checkbox is blocked by a black square, click the square to + unblock the checkbox. The checkbox can then be selected or unselected. + + - Edit items – Use the drop-down menu to determine user editing permissions from the following: + + - No change + - None + - Allow own + - Deny any + - Own only + - All + + - Delete items – Use the drop-down menu to determine user deletion permissions from the + following: + + - No change + - None + - Allow own + - Deny any + - Own only + - All + +- Overwrite folder permissions with these conditions +- Remove unresolved SIDs + +## Custom Attributes Window + +Use the Custom Attributes window to select custom attributes. It is a wizard page for the Custom +Attributes operation. + +![Custom Attributes Window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.webp) + +Select attributes using the following options: + +- Select a checkbox to set any custom attribute list +- Select a Field from the dropdown list and click **Add** to add the field to the custom attribute + + **NOTE:** Multiple fields may be added to a custom attribute. Fields added to a custom attribute + can be modified or deleted manually. + +## Replicas Window + +Use the Replicas window to replicate servers. It is a wizard page for the Replicas operation. + +![Replicas Window](/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/replicas.webp) + +Replicate servers using the following options: + +- Select a server from the dropdown menu and click **Add**. The servers listed will be replicated. +- Select a server from the list and click **Delete** to remove it from the list of replicated + servers +- Select the **Remove last replica** option to delete the replica created when the action was last + run + +## Limits Window + +Use the Limits window to select limits to the action. It is a wizard page for the Limits operation. + +![Limits Window](/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/limits.webp) + +Use the options to select any changes for the categories. If applicable, use the dropdown to select +desired values related to the corresponding option. + +- Issue warning +- Prohibit post +- Maximum Item Size +- Deletion settings +- Age limits + +## Delete Folder Window + +Use the Delete Folder window to select deletion settings for the action. It is a wizard page for the +Delete operation. + +![Delete Folder Window](/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/deletefolder.webp) + +Select deletion settings using the following options: + +- Select the delete method + + - Soft – Delete the folder but retain a backup copy for a defined period of time + - Hard – Delete the folder permanently, without retaining a backup + +- Optionally, select a checkbox to apply any exception + + - Do not delete folders with subfolders + - Do not delete folders with content diff --git a/docs/accessanalyzer/11.6/admin/action/publicfolder/options.md b/docs/accessanalyzer/11.6/admin/action/publicfolder/options.md new file mode 100644 index 0000000000..b48bebff1e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/publicfolder/options.md @@ -0,0 +1,14 @@ +# Public Folder: Options + +Use the Options page to edit the thread settings. + +**CAUTION:** Increasing the thread count increases the processing load on the servers. + +![Public Folder Action Module Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +Use the following options to configure the operations: + +- Number of threads per server – Adjust the number of threads the server processes at a time. The + default is set to one. +- Number of servers to process in parallel – Adjust the number of servers to process at a time. The + default is set to two. diff --git a/docs/accessanalyzer/11.6/admin/action/publicfolder/overview.md b/docs/accessanalyzer/11.6/admin/action/publicfolder/overview.md new file mode 100644 index 0000000000..0fa26c57eb --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/publicfolder/overview.md @@ -0,0 +1,39 @@ +# PublicFolder Action Module + +The Public Folder action module allows users to make bulk changes to selected Microsoft Exchange +public folders by adding, changing, or removing folders and permissions from the environment. Use +the Pubic Folder Action Module Wizard to choose the data table column that identifies the folders +and to configure the operations performed against the selected folders. + +Prior to configuring the Pubic Folder Action Module Wizard, scope the source data table to ensure +the actions apply only to the desired folders. + +**CAUTION:** Be careful when using this action module. Make sure that only the changes required are +applied and only to those target folders desired. Always verify the data prior to execution of any +action. + +**_RECOMMENDED:_** Although rollbacks for some actions are available, having to use one should be +avoided + +## Configuration + +The Public Folder action module is configured through the Public Folder Action Module Wizard, which +contains the following wizard pages: + +- Welcome +- [Public Folder: Action](/docs/accessanalyzer/11.6/admin/action/publicfolder/action.md) +- [Public Folder: Prior Actions](/docs/accessanalyzer/11.6/admin/action/publicfolder/prioractions.md) +- [Public Folder: Folders](/docs/accessanalyzer/11.6/admin/action/publicfolder/folders.md) +- [Public Folder: MAPI Settings](/docs/accessanalyzer/11.6/admin/action/publicfolder/mapisettings.md) +- [Public Folder: Operations](/docs/accessanalyzer/11.6/admin/action/publicfolder/operations.md) +- [Public Folder: Rollback](/docs/accessanalyzer/11.6/admin/action/publicfolder/rollback.md) +- [Public Folder: Options](/docs/accessanalyzer/11.6/admin/action/publicfolder/options.md) +- [Public Folder: Summary](/docs/accessanalyzer/11.6/admin/action/publicfolder/summary.md) + +The Welcome page gives an overview of the action module. The navigation pane contains links to the +pages in the wizard. Review the introductory and caution information about the Public Folder Action +Module before proceeding. + +![Public Folder Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/action/publicfolder/prioractions.md b/docs/accessanalyzer/11.6/admin/action/publicfolder/prioractions.md new file mode 100644 index 0000000000..e6add62467 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/publicfolder/prioractions.md @@ -0,0 +1,14 @@ +# Public Folder: Prior Actions + +The Prior Actions page selects previously executed actions for rollback. It is a wizard page when +**Rollback a previously executed action** is selected on the Action page. + +**NOTE:** Once an action is selected and saved, and the wizard is closed, this page is no longer +available and the selection cannot be altered. + +![Public Folder Action Module Wizard Prior Actions page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/prioractions.webp) + +The options on this page are: + +- Select a previously executed action (if available) to rollback +- Click **Clear rollback record** to remove all actions from the list diff --git a/docs/accessanalyzer/11.6/admin/action/publicfolder/rollback.md b/docs/accessanalyzer/11.6/admin/action/publicfolder/rollback.md new file mode 100644 index 0000000000..b7c83474c6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/publicfolder/rollback.md @@ -0,0 +1,12 @@ +# Public Folder: Rollback + +Use the Rollback page to enable rollback capabilities for the action. If rollback isn’t selected at +this step, the applied operations cannot be rolled back after execution of the action module. + +![Public Folder Action Module Wizard Rollback page](/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/rollback.webp) + +The options on this page are: + +- Support rollback – Select to enable rollback of this action +- Add additional comments to be saved with this rollback – Optionally, enter a brief description to + identify this rollback diff --git a/docs/accessanalyzer/11.6/admin/action/publicfolder/summary.md b/docs/accessanalyzer/11.6/admin/action/publicfolder/summary.md new file mode 100644 index 0000000000..8ebcf8399f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/publicfolder/summary.md @@ -0,0 +1,9 @@ +# Public Folder: Summary + +The Summary page summarizes the configuration of the action. + +![Public Folder Action Module Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Public Folder Action Module Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/action/registry/operations.md b/docs/accessanalyzer/11.6/admin/action/registry/operations.md new file mode 100644 index 0000000000..1a2a645129 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/registry/operations.md @@ -0,0 +1,137 @@ +# Registry: Operations + +Use the Operations page to select the operations to apply to the target hosts. See the +[Registry: Target Hosts](/docs/accessanalyzer/11.6/admin/action/registry/targethosts.md) topic +for additional information. + +![Registry Action Module Wizard Operations page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) + +Select and configure the operations using the following options: + +- Add operation – Use the drop-down menu to select an operation to perform on the target host. This + opens a corresponding window for configuration. Operations include: + + **NOTE:** Window options vary based on the operation selected from the drop-down menu. + + - New Registry Value – Used to add a new registry value to the list + - Modify registry value – Used to modify an existing registry value in the list + - Delete registry value – Used to delete an existing registry value + - New registry key – Used to add a new registry key to the list + - Rename registry key – Used to rename a registry key in the list + - Delete registry key – Used to delete a registry key from the list + - Change registry permissions – Used to alter registry permissions + +- Edit – Accesses the editing window for the selected operation +- Up – Moves the selected operation up in the list +- Down – Moves the selected operation up in the list +- Delete – Deletes the selected operation + +## Registry Browser Window + +Use the Registry Browser window to navigate a computer’s registry and select a key. + +![Registry Browser Window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/registrybrowser.webp) + +Select a key using the following options: + +- Computer name – By default, the Registry browser connects to the local machine + + - If the desired registry item is on the local machine, browse the registry, and select the item + - To connect to the registry of another machine: + + - Enter the hostname in the **Computer name** textbox + - Click **Connect**, then browse the registry of that machine + - Select the desired registry item + +- Connect – Attempts to connect to the registry of the machine specified in the **Computer name** + field +- 64-bit view – The default view is 32-bit. Select the **64-bit view** checkbox to switch to a + 64-bit view. + +## Select Users or Groups Window + +Use the Select Users or Groups window to select a user, group, or built-in security principal. + +![Select Users or Groups Window](/img/product_docs/accessanalyzer/11.6/admin/action/registry/selectusersgroups.webp) + +The options are: + +- Select this object type – Displays types that are queried against + + - Click **Object Types** to open the Object Types window and select the types to query against. + See the [Object Types Window](#object-types-window) topic for additional information. + +- From this location – Displays the location the intended objects are found + + - Click **Locations** to open the Locations window and set the location to be queried. See the + [Locations Window](#locations-window) topic for additional information. + +- Enter the object names to select – Select names of objects to query + + - Click **Check Names** to confirm the selected manually-entered object name is viable + +- Advanced – Click **Advanced** to open an advanced version of the Select Users and Groups Window + and further configure the query. See the + [Advanced Select Users and Groups Window](#advanced-select-users-and-groups-window) topic for + additional information. + +### Object Types Window + +Use the Object Types window to select which types of objects to query. + +![Object Types Window](/img/product_docs/accessanalyzer/11.6/admin/action/registry/objecttypes.webp) + +Select any of the following objects: + +- Built-in security principals +- Groups +- Users + +### Locations Window + +Use the Locations window to select a location. + +![Locations Window](/img/product_docs/accessanalyzer/11.6/admin/action/registry/locations.webp) + +Select a location using the explorer. + +### Advanced Select Users and Groups Window + +Use the Advanced Select Users and Groups window to search for items with a finer focus. + +![Advanced Select Users and Groups Window](/img/product_docs/accessanalyzer/11.6/admin/action/registry/advancedselectusersgroups.webp) + +This window contains the same options as the main Select Users or Groups window, but with the +following additional options: + +- Common Queries + + - Name – Select a name of a user, group, or security principal to search for + + - Select a qualifier from the dropdown + + - Starts with + - Is exactly + + - Manually enter the name + +- Columns – Click **Columns** to open the Choose Columns window. See the + [Choose Columns Window](#choose-columns-window) topic for additional information. +- Find now – Click **Find Now** to search for objects matching the selected criteria +- Stop – While a search is running , the **Stop** button is available. Click **Stop** to halt the + search before it is completed. +- Search Results – Displays results from a search + +#### Choose Columns Window + +Use this window to select columns. The columns available varies based on the source table originally +selected. + +![Choose Columns Window](/img/product_docs/accessanalyzer/11.6/admin/action/registry/choosecolumns.webp) + +Choose columns using the following options: + +- To add an available column, select it in **Columns available** and click **Add** to place it in + **Columns shown** +- To remove a column, select it in **Columns shown** and click **Remove** to place it in **Columns + available** diff --git a/docs/accessanalyzer/11.6/admin/action/registry/overview.md b/docs/accessanalyzer/11.6/admin/action/registry/overview.md new file mode 100644 index 0000000000..e7372a6972 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/registry/overview.md @@ -0,0 +1,40 @@ +# Registry Action Module + +The Registry action module allows users to make bulk changes to the Microsoft Windows Registry. Use +the Registry Action Module Wizard to choose the data table column that identifies the folders and to +configure the operations performed against the selected folders. The Registry action module requires +a column containing the hosts to be targeted. + +Prior to configuring the Registry Action Module Wizard, scope the source data table to ensure the +actions apply only to the desired hosts. + +**CAUTION:** Unexpected values in the registry can cause major system failures when deleting or +modifying registry items. + +**_RECOMMENDED:_** Backup the system registry before making changes using the Registry action +module. + +## Registry Action Source Table Configuration + +All data tables used in Enterprise Auditor action modules require the presence of certain data +columns. In addition, individual action modules including Registry may have their own column +requirements. The Registry action module requires a column containing the hosts that are going to be +targeted. + +## Configuration + +The Registry action module is configured through the Registry Action Module Wizard, which contains +the following wizard pages: + +- Welcome +- [Registry: Target Hosts](/docs/accessanalyzer/11.6/admin/action/registry/targethosts.md) +- [Registry: Operations](/docs/accessanalyzer/11.6/admin/action/registry/operations.md) +- [Registry: Summary](/docs/accessanalyzer/11.6/admin/action/registry/summary.md) + +The Welcome page gives an overview of the Registry Action Module Wizard. The steps navigation pane +contains links to the pages in the wizard. Review the introductory and caution information about the +Registry Action Module before proceeding. + +![Registry Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +To proceed, click Next or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/action/registry/summary.md b/docs/accessanalyzer/11.6/admin/action/registry/summary.md new file mode 100644 index 0000000000..4f4486cfdc --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/registry/summary.md @@ -0,0 +1,9 @@ +# Registry: Summary + +The Summary page summarizes the configuration of the action. + +![Registry Action Module Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +When done configuring the action, click **Finish**. If no changes were made, it is a best practice +to click **Cancel** to close the Registry Action Module Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/action/registry/targethosts.md b/docs/accessanalyzer/11.6/admin/action/registry/targethosts.md new file mode 100644 index 0000000000..395da331fe --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/registry/targethosts.md @@ -0,0 +1,10 @@ +# Registry: Target Hosts + +Use the Target Hosts page to identify the target hosts whose registries the action examines or +alters. + +![Registry Action Module Wizard Target hosts page](/img/product_docs/accessanalyzer/11.6/admin/action/registry/targethosts.webp) + +Use the drop-down menu to select the field that identifies the systems to be targeted. The list +displays columns from the specified source table. The action applies the specified operations to all +systems in the field. diff --git a/docs/accessanalyzer/11.6/admin/action/sendmail/message.md b/docs/accessanalyzer/11.6/admin/action/sendmail/message.md new file mode 100644 index 0000000000..aeb0900b7e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/sendmail/message.md @@ -0,0 +1,79 @@ +# SendMail Action: Message + +Use the Message page to specify the text of the email. + +![Send Mail Action Module Wizard Message page](/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/message.webp) + +Use the following fields to specify the text of the email: + +- Subject – Specify a subject for the email. The contents of this field displays as the subject line + of the delivered email. Enter text directly and optionally use the Insert field to insert one or + more data fields. This is a required field. +- Insert Field – Inserts a data field into the subject or body of the email. The drop-down menu + displays a list of available fields. Once a selection displays in the field, click on the blue Up + and Down arrows to insert the field into the body or the subject, respectively. This field is + optional. +- Show sample input source data – To display a table of sample source data, click the icon next to + the blue arrows. +- Show dialog to set SMTP options – To override the global SMTP settings, click the icon next to the + blue arrows to display the SMTP Options dialog box +- Preview – Displays the Message Preview window containing a preview of the current SendMail. Click + **Send** to send a single message to the addresses in the Recipient field in the Message Preview + window. The Preview button is active only if the Recipients field is populated on the Properties + page of the Send Mail Action Module Wizard. See the + [Messages Preview Window](#messages-preview-window) topic for additional information. +- Clear Template – Clears any content from the Subject and Text Entry box +- Load from template – Accesses a list of message templates. This field is optional. The following + templates are available: + + - Active Directory Cleanup + - Distribution List Cleanup + - Mailbox Cleanup + - Open Shares Lockdown + - Public Folder Cleanup + - Sensitive Group Review + - Shared Folder Cleanup + - Unauthorized Software Cleanup + +- Message templates include sample email text describing the reason for the message and the next + steps requested of, or required by, the user. They may also include dynamic content taken from the + specified table, for example the user name. + + - Save to template – Saves the current email subject and content to a template. If an existing + template name appears in the Load from template field, clicking this button updates that + template. If the Load from template field is empty or contains a name other than one of the + existing templates, clicking this button opens the Save SendMail Template window and saves the + changes to a new template. Templates reside locally on the host computer as XML files, in the + `Actions/SM_Templates` folder. + +## Text Entry Box + +The Text Entry box allows you to compose a message. A Microsoft Word-style editor provides +formatting options including the ability to insert dynamic text from the specified table (such as a +username) through the Insert field option. Use the editor to personalize the content and appearance +of each message. + +Example: + +Assume the source table includes a column containing the names of intended recipients. Place the +cursor in the greeting section of the email. Next, select that field from the Insert field drop-down +list and click the down arrow to insert a dynamic field. The column name appears in the Text Entry +box, enclosed by brackets: + +Dear [ProbableOwner]; + +You are approaching your Mailbox storage quota. Please clean up any unneeded items. + +Thank you, + +The Messaging Team + +## Messages Preview Window + +The Messages Preview window displays a preview of the email, including any dynamic fields. This +window displays after clicking the **Preview** button. + +![Messages preview window](/img/product_docs/accessanalyzer/11.6/admin/action/survey/messagespreview.webp) + +- Blue arrow buttons – Click to view other recipients +- Send – Sends a single message to the addresses in the Recipients field diff --git a/docs/accessanalyzer/11.6/admin/action/sendmail/overview.md b/docs/accessanalyzer/11.6/admin/action/sendmail/overview.md new file mode 100644 index 0000000000..44de79e87a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/sendmail/overview.md @@ -0,0 +1,37 @@ +# SendMail Action Module + +Use this action module to send dynamic and static content from selected audit data to targeted +audiences. + +The SendMail Action Module has multiple uses, for example: + +- Send notifications of important IT initiatives or planned service outages +- In combination with other Enterprise Auditor action modules such as Survey, create an end-to-end + workflow to contact clients and solicit feedback for use in the decision-making process + +**CAUTION:** This module sends one or more electronic messages to a selected audience. Prior to +executing the action, ensure the audience consists of only the desired members. + +## Source Table Configuration + +All data tables used in Enterprise Auditor action modules require the presence of certain data +columns. In addition, individual action modules including SendMail may have their own column +requirements. The SendMail Action Module requires a column containing well-formatted email addresses +(for example, `hfinn@netwrix.com`) for your recipients. + +## Configuration + +The SendMail Action module is configured through the SendMail Action Module Wizard, which contains +the following wizard pages: + +- Welcome +- [SendMail Action: Properties](/docs/accessanalyzer/11.6/admin/action/sendmail/properties.md) +- [SendMail Action: Message](/docs/accessanalyzer/11.6/admin/action/sendmail/message.md) +- [SendMail Action: Summary](/docs/accessanalyzer/11.6/admin/action/sendmail/summary.md) + +The Welcome page displays first and gives an overview of the action module. The navigation pane +contains links to the pages in the wizard. + +![Send Mail Action Module Wizard Welcome page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overview.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/action/sendmail/properties.md b/docs/accessanalyzer/11.6/admin/action/sendmail/properties.md new file mode 100644 index 0000000000..73a551c6d2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/sendmail/properties.md @@ -0,0 +1,22 @@ +# SendMail Action: Properties + +Use the Properties page to specify the recipients of the email. + +![Send Mail Action Module Wizard Properties page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/properties.webp) + +Use the following fields to specify the recipient information: + +- Recipient column – Use the drop-down menu to specify the column from the data table containing + intended recipients, for example a column containing email addresses +- Recipient type – Use the drop-down menu to specify the data type of the Recipient column, for + example SMTP mail address +- Carbon copy (CC) – Optionally, specify one or more additional email addresses to receive a + carbon-copy of the SendMail message, for example an address not included in the source table. + + - Use the following email address – Enter one or more additional email addresses. Separate + multiple addresses with a semi-colon and a space. + - Use a column from the table – Use the drop-down menu to specify a column from the data table + +- Combine multiple messages into a single message when all recipients are the same – Select this + checkbox to send only one message to each recipient as a result of this action (even recipients + who appear more than once in the job results) diff --git a/docs/accessanalyzer/11.6/admin/action/sendmail/summary.md b/docs/accessanalyzer/11.6/admin/action/sendmail/summary.md new file mode 100644 index 0000000000..8e2c849e7b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/sendmail/summary.md @@ -0,0 +1,13 @@ +# SendMail Action: Summary + +The Summary page displays the SendMail configuration. + +![Send Mail Action Module Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Send Mail Action Module Wizard to ensure that no accidental clicks are +saved. + +To view the status of executed SendMail actions, see the +[Viewing the Status of SendMail Actions](/docs/accessanalyzer/11.6/admin/action/sendmail/viewstatus.md) +for additional information. diff --git a/docs/accessanalyzer/11.6/admin/action/sendmail/viewstatus.md b/docs/accessanalyzer/11.6/admin/action/sendmail/viewstatus.md new file mode 100644 index 0000000000..c755158cb5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/sendmail/viewstatus.md @@ -0,0 +1,38 @@ +# Viewing the Status of SendMail Actions + +Follow the steps to view the status of an executed SendMail action: + +![Analysis Properties page for SendMail View Status Analysis task](/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusanalysisproperties.webp) + +**Step 1 –** Create a new SQLViewCreation analysis and choose **Configure Analysis**. The View and +Table Creation Analysis Module wizard opens. + +![Input Source wizard page](/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusinputsource.webp) + +**Step 2 –** On the Input Source page, choose the original source table for the SendMail action as +the first table and `tablename_ActionStatus` as the second table. For example, if the source table +is `MailEnabledPF`, then select `MailEnabledPF_ActionStatus` as the second table. + +![Join Columns wizard page](/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusjoincolumns.webp) + +**Step 3 –** For **Table 1 join property**, specify the column recipient of the SendMail action. For +example, if sent to SMTP address, specify **SMTPaddress** as the column. For **Table 2 join +property**, select **srcRowKey**. Leave everything else at the default settings. + +![Result Columns wizard page](/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusresultcolumns.webp) + +**Step 4 –** On the Results Columns page, select the columns to return from each table. Leave all +other settings at their default. + +![Result Type wizard page](/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusresulttype.webp) + +**Step 5 –** On the Result Type page, leave it as a table and provide a descriptive name, for +example `SendMailStatus`. + +![Results Sample wizard page](/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusresultsample.webp) + +**Step 6 –** Click through the rest of the options. On the Result Sample page, click **Show +Preview** to display the columns selected within the Columns page. Click **Summary** to navigate to +the Summary page and click **Finish** to exit the wizard. + +This analysis now reports the status of the SendMail action. diff --git a/docs/accessanalyzer/11.6/admin/action/servicenow/authentication.md b/docs/accessanalyzer/11.6/admin/action/servicenow/authentication.md new file mode 100644 index 0000000000..8e370c1b8d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/servicenow/authentication.md @@ -0,0 +1,20 @@ +# ServiceNow Action: Authentication + +The Authentication page implements signing into a ServiceNow account. + +A ServiceNow account must be set up and configured to determine which incidents will be visible on +the Incident Creation page. + +![ServiceNow Action Module wizard Authentication page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/authentication.webp) + +Use the following options to log into a ServiceNow account: + +- Select the **Use global ServiceNow credentials** to access the ServiceNow credentials entered into + the Enterprise Auditor console’s global setting +- To break inheritance, deselect the checkbox and enter information into the following fields: + + - Instance – Domain name for the ServiceNow account + - User Name/Password – Specify the credentials to access the ServiceNow account + +**NOTE:** ServiceNow accounts must have an administrator role to modify incidents on the +configuration page. diff --git a/docs/accessanalyzer/11.6/admin/action/servicenow/description.md b/docs/accessanalyzer/11.6/admin/action/servicenow/description.md new file mode 100644 index 0000000000..0d5abfd488 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/servicenow/description.md @@ -0,0 +1,32 @@ +# ServiceNow Action: Description + +The Description page provides details on the incidents entered into a field on the Incident Creation +page. A description of the incident and related comments are included with the incident’s report to +provide additional feedback to the system administrator, and may be saved to a template. + +![ServiceNow Action Module wizard Description page](/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/description.webp) + +Create a report using the following options: + +- Short Description – Displays entered words or phrases used to summarize the incident +- Insert Field – Use the drop-down menu to select a field (column) from the source table + + - Click the **blue down arrow** to insert the item into the Short Description section + - Click the **blue up arrow** to insert the item in to the Comments section + - Click the file icon with the magnifying glass to preview the sourced table for values. The + default is 1000 rows. + + ![Sample Source Data window](/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/samplesourcedata.webp) + +- Click the **Clear Template** button to remove content from the Short Description section and + Comments section +- Comments – Displays entered information that may be helpful to resolve an incident +- Load from Template – Displays preconfigured Short Description and Comments section by name of + template + + - Click the **Save to Template** link to preserve the Short Description and Comments sections + for later use under a template name. + + ![Save ServiceNow Template window](/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/savetemplate.webp) + + Enter a name for the template, and click **OK**. diff --git a/docs/accessanalyzer/11.6/admin/action/servicenow/incidentcreation.md b/docs/accessanalyzer/11.6/admin/action/servicenow/incidentcreation.md new file mode 100644 index 0000000000..5354330bc2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/servicenow/incidentcreation.md @@ -0,0 +1,16 @@ +# ServiceNow Action: Incident Creation + +The Incident Creation page is available once the ServiceNow credentials are approved. Incidents on +this page belong to two fields: Mandatory and Optional. The type of field and its incidents are +chosen within ServiceNow’s configuration page. Selecting a field and entering a value will include +the incident within ServiceNow’s incident report. + +![ServiceNow Action Module wizard New Incident page](/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/incidentcreation.webp) + +At the New Incident field list section, enter the fields for which incident to include on +ServiceNow’s incident report. The ServiceNow account entered on the Authentication page determines +which incidents are available within the fields on the Incidents Creation page and are adjusted in +ServiceNow. + +Fields with a drop-down menu have a set of preconfigured options to select. Fields with ellipsis +choose members from a preconfigured list. diff --git a/docs/accessanalyzer/11.6/admin/action/servicenow/overview.md b/docs/accessanalyzer/11.6/admin/action/servicenow/overview.md new file mode 100644 index 0000000000..20ea104ec3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/servicenow/overview.md @@ -0,0 +1,94 @@ +# ServiceNow Action Module + +The ServiceNow Action Module is primarily intended to allow for the automated creation of ServiceNow +incidents from data collected by the Netwrix suite of data security tools. By facilitating +communication between tools like Enterprise Auditor and ServiceNow’s incident management capability, +security risks in an organization’s environment can not only be identified, but presented to admins, +managers, and other stakeholders in a familiar way, with respect to chains of command and approval +as dictated by employee relationships and business workflows implemented in ServiceNow. + +When account lockouts occur, the Active Directory Inventory Data Collector makes that information +available. From the Enterprise Auditor console, the ServiceNow Action Module transmits customized +information regarding the locked out accounts directly to those responsible for account management, +alerting them of the issue and requesting that appropriate action is taken to re-enable user +accounts before effected users are aware of the problem. + +This section describes the following pages in the configuration wizard. + +## Dependencies + +The ServiceNow Action Module requires an active ServiceNow account with: + +- Import Multiple Web Service Plugin +- Web Service Import Sets +- System Web Service plugins enabled +- An instance of Enterprise Auditor with the Stealthbits ServiceNow Action Module enabled + +## Permissions + +The following permissions are required to utilize Enterprise Auditor’s ServiceNow Action Module: + +- ServiceNow admin account – An Administrator Role by an organization’s ServiceNow administrator +- The **Settings** > **ServiceNow** node at the global level can be configured with a credential + provisioned to create incidents as Callers in the **Assigned to** field, and any other ServiceNow + incident field that references the sys_user table. + +## Connecting ServiceNow with Enterprise Auditor + +The following instructions can only be performed with a ServiceNow admin account and access to the +ServiceNow Action Module XML file. + +![ServiceNow Action Module XML file in Windows file explorer](/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/actionmodulexmlfile.webp) + +**Step 1 –** Navigate to the file path …\STEALTHbits\StealthAUDIT\Actions to access the +`STEALTHbits SN Action Module v1.0_merged_rev2.0` file to use on ServiceNow’s website. + +**Step 2 –** Visit servicenow.com, sign into the administrator account, expand **System Update +Sets**, and click on **Retrieved Update Sets**. + +**Step 3 –** Under **Related Links**, click on **Import Update Set from XML**. + +**Step 4 –** Attach the `STEALTHbits SN Action Module v1.0_merged_rev2.0` file, and then click +**Upload**. + +**Step 5 –** After the file is uploaded, click on the **STEALTHbits SN Action Module** within the +list of updated sets. + +**Step 6 –** Click on the **Preview Update Set** button. Wait until the update set preview is +finished and then click **Commit Update Set**. Then, close the Update Set Commit window. + +**Step 7 –** On the navigation page, expand **System Definitions** and click **Plugins**. Then click +on the **Insert Multiple Web Service plugin** + +**Step 8 –** Under **Related Links**, click on **Activate/Upgrade** and click **Activate** on the +Activate Plugin window. When the Activation is complete, click **Close** to close the window. + +**Step 9 –** Click **Reload** on the System Plugin page and confirm the Status is Active. + +Enterprise Auditor is now connected with the ServiceNow platform. + +## Source Table Configuration + +Individual action modules, including the ServiceNow Action Module, may have their own column +requirements. To take action on a resource, the source table must contain columns with RowGUID +values to uniquely identify them. + +## Configuration + +The ServiceNow Action module is configured through the ServiceNow Action Module Wizard, which +contains the following wizard pages: + +- Welcome +- [ServiceNow Action: Authentication](/docs/accessanalyzer/11.6/admin/action/servicenow/authentication.md) +- [ServiceNow Action: Incident Creation](/docs/accessanalyzer/11.6/admin/action/servicenow/incidentcreation.md) +- [ServiceNow Action: Description](/docs/accessanalyzer/11.6/admin/action/servicenow/description.md) +- [ServiceNow Action: Summary](/docs/accessanalyzer/11.6/admin/action/servicenow/summary.md) + +**NOTE:** Not all pages may be accessible unless the user has a configured ServiceNow account. + +The Welcome page displays first in the ServiceNow Action Module Wizard. Review the introductory and +caution information about the ServiceNow Action Module. + +![ServiceNow Action Module wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/action/servicenow/summary.md b/docs/accessanalyzer/11.6/admin/action/servicenow/summary.md new file mode 100644 index 0000000000..54e1bf2e1b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/servicenow/summary.md @@ -0,0 +1,9 @@ +# ServiceNow Action: Summary + +The Summary page displays a summary of the configured query. + +![ServiceNow Action Module wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the ServiceNow Action Module Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/action/survey/htmlstyle.md b/docs/accessanalyzer/11.6/admin/action/survey/htmlstyle.md new file mode 100644 index 0000000000..7f9138e72e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/survey/htmlstyle.md @@ -0,0 +1,12 @@ +# Survey HTML Style + +Choose an HTML style from the HTML Styles list. The Sample pane displays a preview of the style. + +![Survey Action Module Wizard HTML Style page](/img/product_docs/accessanalyzer/11.6/admin/action/survey/htmlstyle.webp) + +The configurable options are: + +- HTML Style List – Select which HTML Style is used for Surveys using the HTML Style list. An + example of the style shows in the Sample box at the bottom of the wizard. +- Hide and Lock Previous Responses – Select the checkbox to prevent users from changing their survey + responses once they exit the survey diff --git a/docs/accessanalyzer/11.6/admin/action/survey/introduction.md b/docs/accessanalyzer/11.6/admin/action/survey/introduction.md new file mode 100644 index 0000000000..e63d6dae13 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/survey/introduction.md @@ -0,0 +1,27 @@ +# Survey: Introduction + +Use this page to specify web page introductory text (if any) for the web page specified on the Web +Server page. See the +[Survey: Web Server](/docs/accessanalyzer/11.6/admin/action/survey/webserver.md) +topic for additional information. The introductory text appears on the landing page when recipients +click on the survey link in the email. + +![Survey Action Module Wizard Introduction Page](/img/product_docs/accessanalyzer/11.6/admin/action/survey/introduction.webp) + +The configurable options are: + +- Insert Field – Inserts a dynamic field into the message content. Dynamic fields such as + **username** can personalize the survey for each recipient. The options available at this field + are limited to data from the SQL table specified at the Source Table field on the Action + Properties page. + + Place the cursor in the text where a field should appear. Next, click on the drop-down and + select a field from the list. When a selection appears in the field, click the blue down arrow. + The field appears in the text. + +## Text Entry Box + +Use the Text Entry box to compose an introductory message. Above the text box is a tool bar +containing various Microsoft Word-style editing tools. Use the editor to personalize the content and +appearance of each message. Use the Insert field option to insert dynamic text from the specified +data table. diff --git a/docs/accessanalyzer/11.6/admin/action/survey/mailmessage.md b/docs/accessanalyzer/11.6/admin/action/survey/mailmessage.md new file mode 100644 index 0000000000..a0fdfa21f1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/survey/mailmessage.md @@ -0,0 +1,55 @@ +# Survey: Mail – Message + +Use this page to specify the text of the email. When first accessing this page, the cursor appears +in the **Load from template** field. Survey templates are a legacy feature and Netwrix recommends +not using them. + +![Survey Action Module Wizard Mail – Message page](/img/product_docs/accessanalyzer/11.6/admin/action/survey/mailmessage.webp) + +Placeholder text displays in the Message box. This text includes a hyperlink to the web page hosting +the survey. Placeholder text can be modified but the link cannot be removed. The link does not +activate until the message is sent. + +Use the following fields to specify the text of the email: + +- Subject – Specify subject text for the email. The contents of this field displays as the Subject + line of the delivered email. Enter text directly and use the **Insert field** to insert one or + more data fields. This is a required field. +- Insert Field – Inserts a data field into the subject or body of the email. The drop-down menu + displays a list of available fields. Once a selection displays in the field, click on the blue + Down and Up arrows to insert the field into the body or the subject, respectively. This field is + optional. +- The following are buttons appearing on a bar below the Subject field: + + - Show sample input source data – To display a table of sample source data, click the icon next + to the blue arrows + - Show dialog to set SMTP options – To override the global SMTP settings, click the icon next to + the blue arrows to display the SMTP Options dialog box + - Preview – Displays the Messages Preview window containing a preview of the current email + message. Click **Send** to send a single message to the addresses in the Recipient field in + the Message Preview window. The Preview button is active only if the Recipients field is + populated. See the [Messages Preview Window](#messages-preview-window) topic for additional + information. + - Clear Template – Clears any content from the Subject and Text Entry box + +- Load from template – Survey templates are a legacy feature. It is strongly recommended not use + templates when creating surveys. +- Save to template – Saves the current email subject and content to a template. If an existing + template name appears in the **Load from template** field, clicking this button updates that + template. If the **Load from template** field is empty or contains a name other than one of the + existing templates, clicking this button accesses the Save SendMail Template window and changes + can be saved to a new template. Templates reside locally on the host computer as XML files, in the + `Actions/SM_Templates` folder. + +## Messages Preview Window + +The Messages preview window opens when you click **Preview** on the Mail – Message page of the +Survey Action Module Wizard. This window displays a preview of the email, including any dynamic +fields. + +![Messages preview window](/img/product_docs/accessanalyzer/11.6/admin/action/survey/messagespreview.webp) + +The window has the following options: + +- Blue arrow buttons – Click to view other recipients +- Send – Sends a single message to the addresses in the **Recipients** field diff --git a/docs/accessanalyzer/11.6/admin/action/survey/mailproperties.md b/docs/accessanalyzer/11.6/admin/action/survey/mailproperties.md new file mode 100644 index 0000000000..e6f3613e1a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/survey/mailproperties.md @@ -0,0 +1,21 @@ +# Survey: Mail – Properties + +Use this page to specify the email recipients. + +![Survey Action Module Wizard Mail – Properties page](/img/product_docs/accessanalyzer/11.6/admin/action/survey/mailproperties.webp) + +Use the following fields to specify the recipient information: + +- Recipient column – Specify the data table columns containing intended recipient information + + - For example, a column containing email addresses. The drop-down menu displays a list of + possible column types. + +- Recipient type – Specify the data type of the Recipient column. The drop-down menu displays a list + of recipient types, for example **SMTP email address**. +- Carbon copy (CC) – (Optional) Specify one or more additional email addresses to receive a + carbon-copy of the SendMail message, for example an address not included in the source table. + Separate multiple address with a semi-colon and a space. +- Combine multiple messages to a recipient into one message when all recipients are the same – + Select this option to send only one message to each recipient as a result of this action (even + recipients who appear more than once in the job results) diff --git a/docs/accessanalyzer/11.6/admin/action/survey/overview.md b/docs/accessanalyzer/11.6/admin/action/survey/overview.md new file mode 100644 index 0000000000..b6ba8b5e5c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/survey/overview.md @@ -0,0 +1,44 @@ +# Survey Action Module + +Use this action module to create surveys and make them available to targeted recipients via email. +For example, a survey can solicit feedback from clients or poll employees on company issues. + +The Survey Action Module Wizard builds customizable, web-based surveys containing questions created +by the user. Once the survey is defined, a list of recipients can then be specified. When executing +the action, the process simultaneously sends an email to the recipients containing a link to the +survey and creates a web page to host the survey. + +**CAUTION:** This module sends one or more electronic messages to a selected audience. Prior to +executing the action, ensure the audience consists of only the desired members. Netwrix recommends +using this and all other Enterprise Auditor actions with caution. + +## Survey Action Source Table Configuration + +All data tables used in Enterprise Auditor action modules require the presence of certain data +columns. In addition, individual action modules including Survey may have their own column +requirements. The Survey action module requires a column containing well-formatted email addresses +(for example, `hfinn@netwrix.com`) for your recipients. + +## Survey Action Module Wizard + +The Survey action module is configured through the Survey Action Module Wizard, which contains the +following wizard pages: + +- Welcome +- [Survey: Template](/docs/accessanalyzer/11.6/admin/action/survey/template.md) + (Legacy feature) +- [Survey: Introduction](/docs/accessanalyzer/11.6/admin/action/survey/introduction.md) +- [Survey: Questions](/docs/accessanalyzer/11.6/admin/action/survey/questions.md) +- [Survey HTML Style](/docs/accessanalyzer/11.6/admin/action/survey/htmlstyle.md) +- [Survey: Web Server](/docs/accessanalyzer/11.6/admin/action/survey/webserver.md) +- [Survey: Mail – Properties](/docs/accessanalyzer/11.6/admin/action/survey/mailproperties.md) +- [Survey: Mail – Message](/docs/accessanalyzer/11.6/admin/action/survey/mailmessage.md) +- [Survey: Test Survey](/docs/accessanalyzer/11.6/admin/action/survey/testsurvey.md) +- [Survey: Summary](/docs/accessanalyzer/11.6/admin/action/survey/summary.md) + +The Welcome page displays first and gives an overview of the action module. The navigation pane +contains links to the pages in the wizard. + +![Survey Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/action/survey/questions.md b/docs/accessanalyzer/11.6/admin/action/survey/questions.md new file mode 100644 index 0000000000..3a89fb0de4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/survey/questions.md @@ -0,0 +1,64 @@ +# Survey: Questions + +Use this page to specify the questions on the survey. Configure the following for each question: + +- The text of the question + + - Example: `Are you the owner of the following stale AD objects?` + +- The subject of the question – The subject is the object to which the question is directed, such as + a user who has access to AD objects. Specify the subject via a dynamic field. + + - Example: **UserName** + - The data table must contain a column with the subject of each question on the survey + +- A name for the answer column in the result table. This column stores the answers to the survey + question. +- The question type (**Yes/No**, **Text**, or **Multiple Choice**) +- Any additional descriptive text to include for the question + +![Survey Action Module Wizard Questions page](/img/product_docs/accessanalyzer/11.6/admin/action/survey/questions.webp) + +The configurable options are: + +- Questions List – Any existing questions appear in the Question List box. The following buttons are + available: + + - Add new question – Adds a new question to the Questions list. Use the Question Details section + to customize the question. + - Remove question – Remove selected question from the Questions list + - Up and Down arrows – Re-order questions + +- Question Details – Use this section to define your survey questions. The following options are + available: + + - Text – Specify the survey question + - Subjects – Click on the ellipses (**…**) to open the Select subjects window. Specify the + object to which a question is directed. The selected subjects show in the Subjects field. See + the [Select Subjects Window](#select-subjects-window) topic for additional information. + - Answer Column Name – The Survey action module inserts the results of the survey directly into + the SQL table on which a survey is based, creating an answer column for each question in the + survey. Give each column a unique name that corresponds to the associated survey question. + - Question type – Specify a question type. The options are: + + - Yes/No + - Text + - Multiple Choice – If this option is selected, the **Answers** button activates. Click this + button to open the Answers window and specify the response options to the multiple choice + question via the **Add** button. + + - Answers – This button activates if Multiple Choice in the Question Type field is selected. + Click to access the Answers window. + - Description – Specify any additional explanation of the survey question. The text appears on + the survey below the associated question. + +## Select Subjects Window + +Select which subjects to use for the Survey question using the Select subjects window. + +![Select subjects window](/img/product_docs/accessanalyzer/11.6/admin/action/survey/selectsubjects.webp) + +Select a subject from the Available subjects list, then click the **Right Arrow** to move it into +the Selected Subjects list. Remove a subject from the Selected Subjects list by selecting a subject +and clicking the **Left Arrow**. Change the priority of the subjects in the Selected Subjects list +by using the **Up and Down Arrows**. diff --git a/docs/accessanalyzer/11.6/admin/action/survey/summary.md b/docs/accessanalyzer/11.6/admin/action/survey/summary.md new file mode 100644 index 0000000000..49d12138dc --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/survey/summary.md @@ -0,0 +1,13 @@ +# Survey: Summary + +A summary of the survey configuration displays. + +![Survey Action Module Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Save Template** to access the Save Survey Template window. + +![Save Survey Template window](/img/product_docs/accessanalyzer/11.6/admin/action/survey/savesurveytemplate.webp) + +Specify a name for the survey for future use. Click **OK** to return to the Summary page. + +When done, click **Finish** to finalize survey configurations. diff --git a/docs/accessanalyzer/11.6/admin/action/survey/template.md b/docs/accessanalyzer/11.6/admin/action/survey/template.md new file mode 100644 index 0000000000..c8bf9d8b09 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/survey/template.md @@ -0,0 +1,6 @@ +# Survey: Template + +Survey templates require customization to meet the customer's business needs. Contact +[Netwrix Support](https://www.netwrix.com/support.html) for additional information. + +![Survey Action Module Wizard Survey Template page](/img/product_docs/accessanalyzer/11.6/admin/action/survey/surveytemplate.webp) diff --git a/docs/accessanalyzer/11.6/admin/action/survey/testsurvey.md b/docs/accessanalyzer/11.6/admin/action/survey/testsurvey.md new file mode 100644 index 0000000000..34c146e44e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/survey/testsurvey.md @@ -0,0 +1,12 @@ +# Survey: Test Survey + +Use this page to test a survey and verify proper configuration. + +![Survey Action Module Wizard Test Survey page](/img/product_docs/accessanalyzer/11.6/admin/action/survey/testsurvey.webp) + +The configurable options are: + +- Start test – Click to test your survey configuration +- Survey full test – Once the survey configuration test passes inspection, a full survey can be + tested against a single user (for example, your own email account) to verify a survey matches + design criteria diff --git a/docs/accessanalyzer/11.6/admin/action/survey/webserver.md b/docs/accessanalyzer/11.6/admin/action/survey/webserver.md new file mode 100644 index 0000000000..d7eb5f4df7 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/survey/webserver.md @@ -0,0 +1,16 @@ +# Survey: Web Server + +Use this page to specify information about the web server hosting the survey website. + +![Survey Action Module Wizard Web Server page](/img/product_docs/accessanalyzer/11.6/admin/action/survey/webserver.webp) + +The configurable options are: + +- Web Server Name – Specify the name of the server hosting the survey +- Web server path (Survey root path) – Specify the root path to the folder on the web server + containing the scripts used to build and operate the survey web page + + - Click the ellipses (**...**) to open the Browse For Folder window to navigate to the folder on + the web server containing the scripts used to build and operate the survey web page + +- URL (Survey root path) – Specify the root path of the web page location diff --git a/docs/accessanalyzer/11.6/admin/action/webrequest/destination.md b/docs/accessanalyzer/11.6/admin/action/webrequest/destination.md new file mode 100644 index 0000000000..4b22492d2c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/webrequest/destination.md @@ -0,0 +1,65 @@ +# Web Request: Destination + +Use the Destination page to specify all settings for the destination of the web request. + +![Web Request Action Module Wizard Destination page](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/destination.webp) + +Use the following categories to establish the location of the web request: + +- Insert field – Select a field using the drop-down menu + + **NOTE:** The fields available varies based on the source table columns. + +Destination Information + +- Method – Use the dropdown to select a method from the following: + + - GET + - POST + - PUT + - DELETE + - HEAD + - OPTIONS + - PATCH + - MERGE + - COPY + +- Follow Redirects – Enables the web request to follow redirects +- Combine SQL rows into single request – Enables bulk insertion of the number of rows specified into + a single web request + + - Rows – Select the number of rows to combine. The default is 50. + +- Resource – URL destination to send the data via the web request + + - Select a field using the drop-down menu, place the cursor in the Resource textbox, and click + the blue down-arrow to add it to the Resource box + - Manually enter a resource in the textbox + + **NOTE:** A red circle with an x indicates that the Resource field cannot be empty. + +- Authentication – Select an authentication method from the following: + + - None – No authentication + - Basic – Basic authentication + - JWT – JSON Web Token, a URL-safe authentication method + + Basic and JWT authentications are pulled from the credential profile set in the job. It inserts + that data into the authentication header of the web request with the proper format expected (for + example, Basic [Base64 encoded credentials] or Bearer [JWT token] for Basic and JWT + authentication respectively). + +Test Connection + +- Drop-down menu – Select a method to test. Currently locked to GET. +- URI textbox – Input the resource to receive the test message + + - Select a field using the drop-down menu, place the cursor in text area, and click the blue + down-arrow to add it to the URI textbox + - Manually enter a resource in the field + + **NOTE:** Red circle with x indicates + `Invalid URI: The format of the URI could not be determined`. + +- Test – Tests the connection for the request using the first row of the source table +- Text box – Shows log messages from the connection test diff --git a/docs/accessanalyzer/11.6/admin/action/webrequest/header.md b/docs/accessanalyzer/11.6/admin/action/webrequest/header.md new file mode 100644 index 0000000000..82fbff7f6a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/webrequest/header.md @@ -0,0 +1,22 @@ +# Web Request: Header + +Use the Header page to enter the header values for the request. + +![Web Request Action Module Wizard Header page](/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/header.webp) + +Use the following options to enter header values: + +- Insert field – Select a field to include in the request using the drop-down menu + + **NOTE:** The fields available varies based on the source table columns. + +- Use the radio buttons to indicate: + + - Parameters – Key value pairs to insert in the headers field of the web request + - Raw edit – Disabled for headers + +- Key / Value fields – The name or value of the attribute + + - Select a field using the drop-down menu, place the cursor in the cell of the desired Key or + Value, and click the blue down-arrow to add it to the selected cell + - Manually enter a field in the cell diff --git a/docs/accessanalyzer/11.6/admin/action/webrequest/overview.md b/docs/accessanalyzer/11.6/admin/action/webrequest/overview.md new file mode 100644 index 0000000000..7cc96c0699 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/webrequest/overview.md @@ -0,0 +1,27 @@ +# WebRequest Action Module + +The Web Request action module provides methods of applying bulk changes to REST endpoints. At this +stage, target endpoints should be identified to invoke web requests against. This wizard allows the +definition of requests to perform. + +**CAUTION:** Ensure that only the changes required are applied and only those target systems desired +when using this action module. + +## Configuration + +The Web Request action module is configured through the Web Request Action Module Wizard, which +contains the following wizard pages: + +- Welcome +- [Web Request: Destination](/docs/accessanalyzer/11.6/admin/action/webrequest/destination.md) +- [Web Request: Header](/docs/accessanalyzer/11.6/admin/action/webrequest/header.md) +- [Web Request: Parameters](/docs/accessanalyzer/11.6/admin/action/webrequest/parameters.md) +- [Web Request: Settings](/docs/accessanalyzer/11.6/admin/action/webrequest/settings.md) +- [Web Request: Summary](/docs/accessanalyzer/11.6/admin/action/webrequest/summary.md) + +The Welcome page gives an overview of the action module. The navigation pane contains links to the +pages in the wizard. + +![Web Request Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/action/webrequest/parameters.md b/docs/accessanalyzer/11.6/admin/action/webrequest/parameters.md new file mode 100644 index 0000000000..fde4576cb0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/webrequest/parameters.md @@ -0,0 +1,61 @@ +# Web Request: Parameters + +Use the Parameters page to enter the parameter values. + +![Web Request Action Module Wizard Parameters page](/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/parameters.webp) + +Enter parameter values using the following options: + +- Insert Field – Select a field to include in the request from the drop-down menu. + + **NOTE:** The fields available varies based on the source table. + +- Green circle with plus sign – Add a custom attribute. This opens the Custom Attribute Editor + Window. See the [Custom Attribute Editor Window](#custom-attribute-editor-window) topic for + additional information. +- Red circle with minus sign – Remove a custom attribute + + - Select a cell or row to remove the custom attributes + +- Paper and pencil – Edit a custom attribute. This opens the Custom Attribute Editor Window. See the + [Custom Attribute Editor Window](#custom-attribute-editor-window) topic for additional + information. +- Use the radio buttons to indicate: + + - Parameters – Key value pairs to insert in the headers field of the web request + - Raw edit – Disabled for Parameters + +- Key / Value Fields – The name or value of the attribute + + - Select a field using the drop-down menu, place the cursor in the cell of the desired Key or + Value, and click the blue down-arrow to add it to the selected cell + - Select a cell and click the green circle with plus sign to open the Custom Attribute Editor + window and add the attribute to the cell + - Manually enter a field in the cell + +### Custom Attribute Editor Window + +Use the Custom Attribute Editor window to create a custom attribute using the existing attributes +and advanced functions. + +![Custom Attribute Editor Window](/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/customattributeeditor.webp) + +Create custom attributes using the following options: + +- Insert field – Select a field to insert using the drop-down menu +- Unique name – Name of the custom attribute that will be created + + - Select a field using the drop-down menu, place the cursor in the Unique name textbox, and + click the blue down-arrow to add it to the Unique name textbox + - Manually enter the name + +- Data – The actual value of the custom attribute (can be database value or manually specified) + + - Select a field using the drop-down menu, place the cursor in the Data textbox, and click the + blue down-arrow to add it to the Data textbox + - Manually enter the data + +- Advanced Functions + + - Split on – Split the data on the character specified in the text box. The default is comma + `,`. diff --git a/docs/accessanalyzer/11.6/admin/action/webrequest/settings.md b/docs/accessanalyzer/11.6/admin/action/webrequest/settings.md new file mode 100644 index 0000000000..59955ae140 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/webrequest/settings.md @@ -0,0 +1,16 @@ +# Web Request: Settings + +Use the settings page to specify the settings for the web request. + +![Web Request Action Module Wizard Settings page](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) + +Establish the settings using the following options: + +- Insert field – not applicable on this page +- Input Table Rowkey – Select the column to use as the Enterprise Auditor key for reporting and + built-in Enterprise Auditor functions +- Include response in output table – When enabled, it records the body of the server’s response + message in the actions output table +- Execute multiple requests asynchronously – use a thread pool to manage requests + + - Request count – Select the number of asynchronous requests to run simultaneously diff --git a/docs/accessanalyzer/11.6/admin/action/webrequest/summary.md b/docs/accessanalyzer/11.6/admin/action/webrequest/summary.md new file mode 100644 index 0000000000..a0cf87d3d7 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/action/webrequest/summary.md @@ -0,0 +1,9 @@ +# Web Request: Summary + +The Summary page displays a summary of the configured action. + +![Web Request Action Module Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Web Request Action Module Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/analysis/autoaction.md b/docs/accessanalyzer/11.6/admin/analysis/autoaction.md new file mode 100644 index 0000000000..6b92ef7988 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/autoaction.md @@ -0,0 +1,22 @@ +# AutoAction Analysis Module + +The Auto Action analysis module executes a pre-configured action as part of the analysis task +execution. To add an action to an analysis via the Auto Action analysis module, the action must +already exist and it must reside within the current job. + +**NOTE:** The Actions node can also automatically execute actions. See the +[Action Modules](/docs/accessanalyzer/11.6/admin/action/overview.md) +topic for additional information. + +## Select Action Window + +The Select Action window lists the actions that currently exist within the Job that can be selected +to automatically run upon job execution. + +![Select Action Window](/img/product_docs/accessanalyzer/11.6/admin/analysis/autoaction.webp) + +Select an action from the list. Click **OK** to exit the window, and then click **Save** to preserve +the changes made to the analysis module. The action now executes as part of the analysis task. If no +actions were selected, it is best practice to click **Cancel** to close the Select Action window to +ensure no accidental selections are saved. Actions only display if they exist within the Actions +node of the current Job. diff --git a/docs/accessanalyzer/11.6/admin/analysis/businessrules/appliesto.md b/docs/accessanalyzer/11.6/admin/analysis/businessrules/appliesto.md new file mode 100644 index 0000000000..0919624f3e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/businessrules/appliesto.md @@ -0,0 +1,30 @@ +# Applies To Tab + +Use the Applies To tab to specify the scope for application of the analysis rules. Rules are applied +to data collected from all hosts, from specific hosts, or from the specific host running the job +(local data). Data is filtered based on a specified time window. + +![Edit Rules window Applies To tab](/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/appliesto.webp) + +The Applies To tab provides the following options: + +- Source and Time Window – Specify whether to exclude data from outside of the Enterprise Auditor + console and apply a filter to the time window of the data + + - All Source Data – Select this option to run the action using all data + - Source Data from this Console only – Select this option to run the action specifically using + data from only this Enterprise Auditor console + - Time Window for source table – Use the drop-down menu to specify a time window from the + following options: + + - Most recent data – Use only the most recently collected data + - Cumulative data for offline hosts – Use data collected from offline hosts + - Most recent data filtering duplicate and offline hosts – Use most recent data excluding + duplicate and offline hosts + - Do not filter data – Use unfiltered data + +- Hosts Filtering – Specify source hosts + + - Apply to All Hosts – Select this checkbox to use all hosts to query + - Host List – Select any desired hosts to query. If **Apply to All Hosts** is selected, the list + is unavailable. diff --git a/docs/accessanalyzer/11.6/admin/analysis/businessrules/logic.md b/docs/accessanalyzer/11.6/admin/analysis/businessrules/logic.md new file mode 100644 index 0000000000..e0678bcf86 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/businessrules/logic.md @@ -0,0 +1,121 @@ +# Logic Tab + +Use the Logic tab to specify conditions and actions for the Business Rule. + +![Edit Rules window Logic tab](/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/logic.webp) + +The Logic tab contains the following sections and options: + +- Rule Details – Create a title for the rule and select a source table: + + - Rule Name – The field defaults with the name on the Analysis Properties page and is manually + editable + - Table – Select a table from the drop-down menu containing the baseline values to evaluate + + - To view data from a selected table, click the ellipsis (**…**) to open the Sample Data + Viewer window, or select a table within the viewer. See the + [Sample Data Viewer Window](#sample-data-viewer-window) topic for additional information. + +- Conditions – Apply conditions to the table + + - Click **Add Condition** to open the EditConditionsForm window and add a condition to the + Conditions list. See the [EditConditionsForm Window](#editconditionsform-window) topic for + additional information. + - Exceptions textbox – Lists added conditions. By default, it says `Add Exception to Scorecard` + but updates with any conditions selected. + - To check the SQL statement executed, click the green checkmark SQL symbol. This opens the SQL + Extract Preview window. See the + [SQL Extract Preview Window](#sql-extract-preview-window) topic for additional information. + +- Actions – Add exceptions to the scorecard action + + - Select **Edit Action** or double click **Add Exception To Scorecard** to open the Configure + Scorecard Action window. See the + [Configure Scorecard Action Window](#configure-scorecard-action-window) topic for additional + information. + +## Sample Data Viewer Window + +Use the Sample Data Viewer window to examine data in a selected table. + +![Sample Data Viewer Window](/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/sampledataviewer.webp) + +The Sample Data Viewer window provides the following options: + +- Use the drop-down menu to select a table to view the table’s data. The field defaults with the + table selected in the Logic tab if previously selected. +- Show First [Number] rows – Adjusts the presentation of the number of rows of the selected table. + The default value is 50. It can be manually adjusted with values between 0 and all. + +## EditConditionsForm Window + +Use the EditConditionsForm to configure conditions to be applied to the table. + +![EditConditionsForm Window](/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/editconditionsform.webp) + +The EditConditionsForm contains the following options: + +- Column – Use the drop-down menu to select a column from the table selected in the Logic tab +- Operator – Use the dropdown to select an operator: + + - `<` – Search for items in the selected column with values less than a selected value + - `>` – Search for items in the selected column with values greater than a selected value + - `=` – Search for items in the selected column of equal value to the selected value + - `!=` – Search for items in the selected column not equal to the selected value + - `like` – Search for items in the selected column of similar or value to the selected value + +- Value – Manually set a comparator value. The default is 0. + +## SQL Extract Preview Window + +The SQL Extract Preview window previews results of the conditions added to the table in the +Conditions section. + +![SQL Extract Preview Window](/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/sqlextractpreviewwindow.webp) + +The SQL script requires the table have these columns: `HOST`, `SA_Host`, and `JobRunTimeKey`. If +there is a mismatch between table and SQL script, a SQL Syntax Check window describes any detected +issue. + +![SQL Syntax Check window](/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/sqlsyntaxcheck.webp) + +For example, this SQL Syntax Check window is reporting an error of missing information of an object +or column. + +## Configure Scorecard Action Window + +Use this window to add exceptions to the scorecard. + +![Configure Scorecard Action Window](/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/configurescorecardaction.webp) + +The Configure Scorecard Options window provides the following options: + +- Scorecard Action Description – Use this section to label the scorecard action + + - Action Name – Enter a name for the action + - Description – Enter a description for the action + +- Action Classification – This section allows you to group scorecard action results for reporting + purposes + + - Category – Enter a desired category name in the field or use the dropdown to select from + previously titled categories + - Index – Enter a desired index value for the scorecard action + +- Action Score – This section allows you to rank the action’s importance relative to other scorecard + actions + + - Score – Enter a desired score value for the scorecard action + - Severity – Enter a desired severity value or use the dropdown to select from previously + selected values + +- Knowledge – This section provides information that may assist with resolving this issue + + - Knowledge – Enter information to assist issue resolution, for example a website URL + +- Captured Values – This section allows you to select up to five optional properties whose values + will be captured and stored with the scorecard entry. For each property selected, a name column + and value column appear in the scorecard. + + - Property [1-5] – Select a property from the selected table using the drop-down menu to capture + and store its values with the scorecard diff --git a/docs/accessanalyzer/11.6/admin/analysis/businessrules/overview.md b/docs/accessanalyzer/11.6/admin/analysis/businessrules/overview.md new file mode 100644 index 0000000000..948f1d1ef1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/businessrules/overview.md @@ -0,0 +1,28 @@ +# Business Rules Analysis Module + +The Business Rules analysis module measures and evaluates a configured value from an object (the +baseline value) and compares it against a stated value (the business rule) to find an exception or +deviation. Any deviations or differences found the execution of a business rule appear in a +resultant table called a scorecard. + +Create one or more jobs to collect the data to be analyzed. Then configure one or business rules to +analyze the data. Examine the scoreboard to determine how an object is performing with regard to its +original baseline expectations. + +## Scorecard + +Business Rules analysis module results are displayed in a table called a scorecard. The scorecard +determines which of the rules are applied, and in what order. A scorecard table contains only +exceptions and deviations from the business rule criteria when compared to a baseline value. The +table does not include matches to the criteria. All scorecard table names are suffixed with +`_SCORECARD` for easy identification. + +## Edit Rules Window + +To access and modify the Business Rules analysis module, navigate to the Job's **Configure** > +**Analysis** node and click **Configure Analysis** to open the Edit Rules window. The Edit Rules +window has the following tabs: + +- [Logic Tab](/docs/accessanalyzer/11.6/admin/analysis/businessrules/logic.md) +- [Variables Tab](/docs/accessanalyzer/11.6/admin/analysis/businessrules/variables.md) +- [Applies To Tab](/docs/accessanalyzer/11.6/admin/analysis/businessrules/appliesto.md) diff --git a/docs/accessanalyzer/11.6/admin/analysis/businessrules/variables.md b/docs/accessanalyzer/11.6/admin/analysis/businessrules/variables.md new file mode 100644 index 0000000000..7499c7de8d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/businessrules/variables.md @@ -0,0 +1,16 @@ +# Variables Tab + +Use the Variables tab to specify values to substitute in the rule logic at run time. + +![Edit Rules window Variables tab](/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/variables.webp) + +This tab contains the following options: + +- Sort by Variable or Value in descending order by clicking the preferred column header. To sort by + ascending Value, click the column header again. The default is by ascending Value. +- To delete a variable, select it and click **Delete** + + ![JobVariables TSV file](/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/jobvariablestsv.webp) + +- Click **View all variables for this job** to open the `JobVariables.TSV` file containing any + variables for the current job diff --git a/docs/accessanalyzer/11.6/admin/analysis/changedetection/additionalfields.md b/docs/accessanalyzer/11.6/admin/analysis/changedetection/additionalfields.md new file mode 100644 index 0000000000..068113844c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/changedetection/additionalfields.md @@ -0,0 +1,16 @@ +# Change Detection: Additional Fields + +Use the Additional Fields page to choose any additional fields to include with the change analysis. +These fields do not detect change, but may provide additional information to help diagnose and +analyze the changes reported. + +![Change Detection Data Analysis Module wizard Additional Fields page](/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/additionalfields.webp) + +Choose any additional fields to be collected with change analysis using the following options: + +- Select the checkbox of any desired fields +- Check All – Select all fields in the table +- Uncheck All – Clear all fields in the table +- Hide system columns – Hide columns +- Checked – Order the list by selected items +- Column Name – Name of the field diff --git a/docs/accessanalyzer/11.6/admin/analysis/changedetection/fields.md b/docs/accessanalyzer/11.6/admin/analysis/changedetection/fields.md new file mode 100644 index 0000000000..a5155c7972 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/changedetection/fields.md @@ -0,0 +1,16 @@ +# Change Detection: Fields + +Use the Change Detection Fields page to select the columns on which to report changes. + +![Change Detection Data Analysis Module wizard Fields page](/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/fields.webp) + +Choose which fields change detection analyzes using the following options: + +- Select the checkbox next to any desired fields +- Check All – Select all fields in the table +- Uncheck All – Clear all fields in the table +- Hide system columns – Hide columns +- Checked – Order the list by selected items +- Column Name – Name of the field +- Combine multiple changes into a single change record – Select to combine multiple changes into a + single change record diff --git a/docs/accessanalyzer/11.6/admin/analysis/changedetection/input.md b/docs/accessanalyzer/11.6/admin/analysis/changedetection/input.md new file mode 100644 index 0000000000..33d48026f1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/changedetection/input.md @@ -0,0 +1,12 @@ +# Change Detection: Input + +Use the Input Data Source page to choose a data source to analyze for changes. + +![Change Detection Data Analysis Module wizard Input Data Source page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/input.webp) + +The configurable option is: + +- Please select a data source – Select a data source table from the list + + **NOTE:** The selectable data sources change based on which option is selected on the Input + Scope page. diff --git a/docs/accessanalyzer/11.6/admin/analysis/changedetection/inputscope.md b/docs/accessanalyzer/11.6/admin/analysis/changedetection/inputscope.md new file mode 100644 index 0000000000..a7c197ad09 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/changedetection/inputscope.md @@ -0,0 +1,14 @@ +# Change Detection: Input Scope + +Use the Input Scope page to specify the input scope of the data source. + +![Change Detection Data Analysis Module wizard Input Scope page](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/inputscope.webp) + +Identify the scope of the data source from the following options: + +- Tables from Current Job – Select tables from only the currently selected job +- All Enterprise Auditor Tables – Select from all Enterprise Auditor tables within the SQL Server + database +- All tables in the database – Select all tables within the SQL Server database + +**NOTE:** This selection affects the tables that are available for selection on the Input page. diff --git a/docs/accessanalyzer/11.6/admin/analysis/changedetection/options.md b/docs/accessanalyzer/11.6/admin/analysis/changedetection/options.md new file mode 100644 index 0000000000..274024db26 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/changedetection/options.md @@ -0,0 +1,13 @@ +# Change Detection: Options + +Use the Options page to specify whether to save history, including a running tally of all changes +made within a certain time period, or only changes between the last two runs of the source set. + +![Change Detection Data Analysis Module wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +Configure the additional options using the following: + +- Save change detection results for xx days – Modify the number of days that results for the Change + Detection task are saved for +- Only save most recent change (per unique key) – Select the checkbox to only save changes between + the last two runs of the source set diff --git a/docs/accessanalyzer/11.6/admin/analysis/changedetection/overview.md b/docs/accessanalyzer/11.6/admin/analysis/changedetection/overview.md new file mode 100644 index 0000000000..7c1f05f9bf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/changedetection/overview.md @@ -0,0 +1,35 @@ +# Change Detection Analysis Module + +Use the Change Detection analysis module to track changes within a specific Enterprise Auditor view +or table for use in reporting and notifications. This module tracks additional, changed, or missing +selected data items and compares result rows from previous collection activity with rows from the +most recent collection. + +This module compares values collected for two different query instances. Therefore, as change +detection depends on the existence of a **JobRunTimeKey**, history must be enabled and data +collected at least twice to produce the desired results. Configure History settings under the job’s +**Settings** > **History** node. See the +[History](/docs/accessanalyzer/11.6/admin/settings/history.md) topic +for additional information. + +## Configuration + +The Change Detection Data Analysis Module wizard has the following pages: + +- Welcome +- [Change Detection: Input Scope](/docs/accessanalyzer/11.6/admin/analysis/changedetection/inputscope.md) +- [Change Detection: Input](/docs/accessanalyzer/11.6/admin/analysis/changedetection/input.md) +- [Change Detection: Unique Key](/docs/accessanalyzer/11.6/admin/analysis/changedetection/uniquekey.md) +- [Change Detection: Fields](/docs/accessanalyzer/11.6/admin/analysis/changedetection/fields.md) +- [Change Detection: Additional Fields](/docs/accessanalyzer/11.6/admin/analysis/changedetection/additionalfields.md) +- [Change Detection: Options](/docs/accessanalyzer/11.6/admin/analysis/changedetection/options.md) +- [Change Detection: Result Sample](/docs/accessanalyzer/11.6/admin/analysis/changedetection/resultsample.md) +- [Change Detection: Summary](/docs/accessanalyzer/11.6/admin/analysis/changedetection/summary.md) + +The Welcome page gives an overview of the action module. The navigation pane contains links to the +pages in the wizard. + +![Change Detection Data Analysis Module wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +There are no configurable settings on the Welcome page. To proceed, click **Next** or use the Steps +navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/analysis/changedetection/resultsample.md b/docs/accessanalyzer/11.6/admin/analysis/changedetection/resultsample.md new file mode 100644 index 0000000000..9b1d7ecadf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/changedetection/resultsample.md @@ -0,0 +1,9 @@ +# Change Detection: Result Sample + +The Result Sample page generates a preview of the output based on the configurations selected on the +previous pages. + +![Change Detection Data Analysis Module wizard Result Sample page](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultsample.webp) + +Click **Show Preview** to generate a preview of the results, which may take several minutes to +populate. diff --git a/docs/accessanalyzer/11.6/admin/analysis/changedetection/summary.md b/docs/accessanalyzer/11.6/admin/analysis/changedetection/summary.md new file mode 100644 index 0000000000..848477d73f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/changedetection/summary.md @@ -0,0 +1,8 @@ +# Change Detection: Summary + +The Summary page summarizes the configuration of the action. + +![Change Detection Data Analysis Module wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, click **Cancel** to close +the Change Detection Data Analysis Module wizard to ensure no accidental configurations are saved. diff --git a/docs/accessanalyzer/11.6/admin/analysis/changedetection/uniquekey.md b/docs/accessanalyzer/11.6/admin/analysis/changedetection/uniquekey.md new file mode 100644 index 0000000000..fe77d6830c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/changedetection/uniquekey.md @@ -0,0 +1,11 @@ +# Change Detection: Unique Key + +Use the Unique Key page to select one or more columns that, when put together as a ROWKEY, uniquely +identify each row of data in the source table. Available fields vary based on data source selected +on the Input page. See the +[Change Detection: Input](/docs/accessanalyzer/11.6/admin/analysis/changedetection/input.md) topic +for additional information. + +![Change Detection Data Analysis Module wizard Unique Key page](/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/uniquekey.webp) + +Select one or more fields to form a unique key for the selected table and its columns. diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/changetype.md b/docs/accessanalyzer/11.6/admin/analysis/notification/changetype.md new file mode 100644 index 0000000000..070576d20b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/changetype.md @@ -0,0 +1,16 @@ +# Notification: Change Type + +Use the Select Change Type page to choose the types of changes for which to trigger a notification. +The selections on this page are optional. This page is only active if Change Detection Table is +selected on the Table Type page. + +![Notification Data Analysis Module wizard Select Change Type page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/changetype.webp) + +The following options are available: + +- Notify me when a property changes – Used to watch for changes in settings, such as a change to a + registry value or a service user account assignment change +- Notify me when something new is detected – Used to watch for something new, such as a new + permissions assignment or someone being added to a group +- Notify me when something is removed – Used to watch for something being removed, such as a user + being removed from a group or an application uninstalled diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/commandline.md b/docs/accessanalyzer/11.6/admin/analysis/notification/commandline.md new file mode 100644 index 0000000000..f703d115ce --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/commandline.md @@ -0,0 +1,17 @@ +# Notification: Command Line + +The Command Line properties page is available when the Command-line Executable notification type is +selected on the Type page. + +![Notification Data Analysis Module wizard Command Line properties page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/commandline.webp) + +The following options are available: + +- Application – Specify an application to receive the notification. Click the ellipsis (**…**) to + view and select from a list of executable files. +- Arguments – If required, specify command line inputs for the application in the text box. If the + argument must come from a value in the database (for example, a timeout value), insert it here via + the Fields drop-down menu above. + + - Fields – To pass one or more fields into the command line arguments, click the drop-down menu, + select a field from the lists, and click **Add** diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/criteria.md b/docs/accessanalyzer/11.6/admin/analysis/notification/criteria.md new file mode 100644 index 0000000000..dd85c39f32 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/criteria.md @@ -0,0 +1,17 @@ +# Notification: Criteria + +Use the Notification Criteria page to specify criteria to trigger a notification. + +![Notification Data Analysis Module wizard Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +The following options are available: + +- No Criteria – Set no criteria to trigger a notification if any property changes. If selected, any + row will trigger the notification. +- Simple Criteria – Select criteria to send a notification based on the value of a specific property + or column in the database. The trigger can be if the property or column value is greater than, + equal to, or less than the value provided. +- Advanced Criteria – Use the Filter Builder to create custom triggers when a value meets the + defined conditions. See the + [Advanced Search](/docs/accessanalyzer/11.6/admin/navigate/datagrid.md#advanced-search) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/eventlog.md b/docs/accessanalyzer/11.6/admin/analysis/notification/eventlog.md new file mode 100644 index 0000000000..645efee155 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/eventlog.md @@ -0,0 +1,24 @@ +# Notification: Event Log + +The Event Log properties page is available when the Event log notification type is selected on the +Type page. Use this page to specify the type of event, the event ID, and the description for the +event. + +![Notification Data Analysis Module wizard Event Log properties page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/eventlog.webp) + +The following options are available: + +- Log – The event log name is Enterprise Auditor +- Type – Specify the log type. The drop-down menu displays the following options: + + - Information + - Warning + - Error + - FailureAudit + - SuccessAudit + +- Event ID – Specify the event ID +- Description – Enter a description of the event + + - Fields – To pass fields into the description, click on the drop-down list, select a field from + the list, then click **Add** diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/frequency.md b/docs/accessanalyzer/11.6/admin/analysis/notification/frequency.md new file mode 100644 index 0000000000..a2a95339b5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/frequency.md @@ -0,0 +1,10 @@ +# Notification: Frequency + +Use the Notification Frequency page to specify the frequency by which to generate the notifications. + +![Notification Data Analysis Module wizard Notification Frequency page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/frequency.webp) + +The following options are available: + +- Generate notifications immediately +- Delay notifications until conditions have been met – Set the frequency condition diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/hosts.md b/docs/accessanalyzer/11.6/admin/analysis/notification/hosts.md new file mode 100644 index 0000000000..cc76886de9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/hosts.md @@ -0,0 +1,20 @@ +# Notification: Hosts + +Use the Select Hosts page to scope hosts and to select specific hosts to target. + +![Notification Data Analysis Module wizard Select Hosts page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/hosts.webp) + +The following options are available: + +- I want notification sent for all hosts +- I want notifications sent only for the hosts listed below +- I want notifications sent for all hosts except the ones listed below + +If the first option is selected, the host list selection window is not enabled. If either the second +or third option is selected, the following options are enabled: + +- Show me all host lists – Activates the host list selection window, from which individual host + lists can be selected +- Enter hosts manually – Manually enter specific host names. Once the name is entered, click the add + (**+**) button to add it to the selection box. Ensure the checkbox next to the host name is + selected to include it in the list of hosts. diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/overview.md b/docs/accessanalyzer/11.6/admin/analysis/notification/overview.md new file mode 100644 index 0000000000..2631f019d8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/overview.md @@ -0,0 +1,43 @@ +# Notification Analysis Module + +The Notification Data analysis module provides the ability to send an email or command-line +notification to selected targets based on the values contains in any table. + +The Notification Data Analysis Module has the following prerequisites: + +- Configure the **Notification** node in the global settings + + - See the + [Notification](/docs/accessanalyzer/11.6/admin/settings/notification.md) + topic for additional information + +- Enable History for the table specified as the source + + - Only required if configuring Frequency or Time Window, or when using the Change Detection + table as a source on the Table Type page + +## Configuration + +The Notification analysis module is configured through the Notification Data Analysis Module wizard, +which contains the following wizard pages: + +- Welcome +- [Notification: Table Type](/docs/accessanalyzer/11.6/admin/analysis/notification/tabletype.md) +- [Notification: Select Table](/docs/accessanalyzer/11.6/admin/analysis/notification/selecttable.md) +- [Notification: Change Type](/docs/accessanalyzer/11.6/admin/analysis/notification/changetype.md) +- [Notification: Criteria](/docs/accessanalyzer/11.6/admin/analysis/notification/criteria.md) +- [Notification: Hosts](/docs/accessanalyzer/11.6/admin/analysis/notification/hosts.md) +- [Notification: Type](/docs/accessanalyzer/11.6/admin/analysis/notification/type.md) +- [Notification: SMTP](/docs/accessanalyzer/11.6/admin/analysis/notification/smtp.md) +- [Notification: Command Line](/docs/accessanalyzer/11.6/admin/analysis/notification/commandline.md) +- [Notification: Event Log](/docs/accessanalyzer/11.6/admin/analysis/notification/eventlog.md) +- [Notification: Frequency](/docs/accessanalyzer/11.6/admin/analysis/notification/frequency.md) +- [Notification: Time Window](/docs/accessanalyzer/11.6/admin/analysis/notification/timewindow.md) +- [Notification: Summary](/docs/accessanalyzer/11.6/admin/analysis/notification/summary.md) + +The Welcome page lists the prerequisites needed for the Notification Analysis Module to function +properly. + +![Notification Data Analysis Module wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +There are no configurable settings on the Welcome page. To proceed, click **Next**. diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/selecttable.md b/docs/accessanalyzer/11.6/admin/analysis/notification/selecttable.md new file mode 100644 index 0000000000..3447b10d0c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/selecttable.md @@ -0,0 +1,14 @@ +# Notification: Select Table + +Select the table containing data on which to trigger a notification. The selection on the Table Type +page determines the options available on this page. See the +[Notification: Table Type](/docs/accessanalyzer/11.6/admin/analysis/notification/tabletype.md) topic +for additional information. + +![Notification Data Analysis Module wizard Select Table page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/selecttable.webp) + +The Select table page has the following options: + +- Show All Tables – All tables within the SQL Server database +- Show All SA Tables – All Enterprise Auditor tables within the SQL Server database +- Show only tables for this job diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/smtp.md b/docs/accessanalyzer/11.6/admin/analysis/notification/smtp.md new file mode 100644 index 0000000000..4519284987 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/smtp.md @@ -0,0 +1,45 @@ +# Notification: SMTP + +The SMTP properties page is available when the Email notification type is selected on the Type page. +Use this page to specify SMTP notification properties, including recipients, subject line, and email +body. + +![Notification Data Analysis Module wizard SMTP properties page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/smtp.webp) + +The following options are available: + +- E-mail – Enter an email address to add to the notification list + + - Add – Add an email address to the E-mail field + - Remove – Remove an email address from the Recipients list + - Combine multiple messages into single message – Sends one email for all objects in the record + set instead of one email per object to all recipients + +- Subject – Specify a subject for the email. The subject can include field variables. + + **_RECOMMENDED:_** If configuring a Notification analysis module for a pre-configured job, it is + recommended not to change the existing field variables. + +- Insert Field – Select a source data column to add to the message body or subject line. Click the + drop-down to see a list of columns. Once the column displays in the field, click an arrow to + insert the field. + + - Down arrow – Adds the selected source column to the message text + - Up arrow – Adds the selected source column to the subject text + +- Embed HTML Report – Embed a HTML report in the notification email. Click the Embed HTML Report + button to navigate to the HTML file. +- Show sample input source data – Opens the Sample Source Data window, containing sample input + source data as it currently exists in the database +- Show dialog to set SMTP options – Opens the SMTP Options window, where SMTP global settings can be + overwritten through manual configuration +- Preview – Displays a preview of the email. + + **NOTE:** The preview may not show any or all of the filters applied in previous steps. + +- Clear Template – Clears all data from the subject and message boxes. Does not clear e-mail + addresses. +- Text Box – Specify the text of the email message. The toolbar above the text box contains various + icons providing access to text editing and formatting tools. To insert fields from Enterprise + Auditor, choose a field from the drop-down menu and click the Down arrow. Block tag formatting is + supported. diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/summary.md b/docs/accessanalyzer/11.6/admin/analysis/notification/summary.md new file mode 100644 index 0000000000..d865c3d23e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/summary.md @@ -0,0 +1,10 @@ +# Notification: Summary + +The Summary Page displays all the information input in each of the configured options from the +previous pages of the wizard. + +![Notification Data Analysis Module wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is best practice to +click **Cancel** to close the Notification Data Analysis Module wizard to ensure no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/tabletype.md b/docs/accessanalyzer/11.6/admin/analysis/notification/tabletype.md new file mode 100644 index 0000000000..95f91aa342 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/tabletype.md @@ -0,0 +1,30 @@ +# Notification: Table Type + +Use the Source Table Selection page to choose the type of table to use as the data source for +notifications. + +![Notification Data Analysis Module wizard Source Table Selection page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/tabletype.webp) + +The following options are available: + +- Change Detection Table – Sends notifications when changes are detected in the data. When selected, + the option of **Show only tables for this job** becomes the default selection on the Select Table + page. This option targets only change detection tables within the current job. Possible tables (if + any) display on the Select Table page. See the + [Notification: Select Table](/docs/accessanalyzer/11.6/admin/analysis/notification/selecttable.md) topic + for additional information. + + **NOTE:** Change Detection Table also locks selections to tables on the Select Table page that + are selected through Other. To select tables outside of **Show only tables for this job**, + select Other on the Table Type page, then select either **Show All Tables** or **Show All SA + Tables**, then click back to return to the Table Type page. Now selecting Change Detection Table + and proceeding defaults the selection on the Select Table page to whichever was previously + selected through Other. + +- Other – Sends a notification based on a value within a selected table. Selecting this option + enables the following options on the Select Table page, each of which lists a specific set of + tables available for selection: + + - Show All Tables + - Show All SA Tables + - Show only tables for this job diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/timewindow.md b/docs/accessanalyzer/11.6/admin/analysis/notification/timewindow.md new file mode 100644 index 0000000000..e87a4bd006 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/timewindow.md @@ -0,0 +1,13 @@ +# Notification: Time Window + +Use this page to specify whether to include only rows collected in the last execution. + +![Notification Data Analysis Module wizard Time window page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/timewindow.webp) + +The following option is available: + +- Only include rows from most recent run for `[]` – Select the checkbox to scope the + task to the most recent data + + **NOTE:** The checkbox is only enabled if the table selected on the Select Table page has a + Enterprise Auditor **JobRunTimeKey** property. Otherwise, the checkbox is cleared by default. diff --git a/docs/accessanalyzer/11.6/admin/analysis/notification/type.md b/docs/accessanalyzer/11.6/admin/analysis/notification/type.md new file mode 100644 index 0000000000..a408cc5f57 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/notification/type.md @@ -0,0 +1,26 @@ +# Notification: Type + +Use the Notification Type page to specify one or more notification types. + +![Notification Data Analysis Module wizard Notification Type page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/type.webp) + +The following options are available: + +- Email – Sends a notification email to specified addresses defined on the SMTP page. See the + [Notification: SMTP](/docs/accessanalyzer/11.6/admin/analysis/notification/smtp.md) topic + for additional information. +- Command-line Executable – Runs a command-line program such as a batch file. On the Command Line + page, define the specific application to run and any flags or arguments that must be set at + runtime. See the + [Notification: Command Line](/docs/accessanalyzer/11.6/admin/analysis/notification/commandline.md) topic + for additional information. +- Event Log – Creates a Windows Event Log item on the Enterprise Auditor Event Log. On the Event Log + page, define the following: + + - Type of event (Information, Warning, Error, SuccessAudit, FailureAudit) + - Event ID + - Description of the event + + See the + [Notification: Event Log](/docs/accessanalyzer/11.6/admin/analysis/notification/eventlog.md) topic + for additional information. diff --git a/docs/accessanalyzer/11.6/admin/analysis/overview.md b/docs/accessanalyzer/11.6/admin/analysis/overview.md new file mode 100644 index 0000000000..caf61c6f6e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/overview.md @@ -0,0 +1,92 @@ +# Analysis Modules + +The Enterprise Auditor analysis modules are capable of finding unique data and notifying users of +its location from a variety of environments. Analysis modules are assigned to a job at the +**Configure** > **Analysis** node. See the +[Analysis Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysis.md) +topic for information on the Analysis Selection view. + +![Configure an analysis](/img/product_docs/accessanalyzer/11.6/admin/analysis/configure.webp) + +Analysis tasks are configured through the Analysis Properties page. Navigate to the job’s +**Configure** > Analysis node. The Analysis Properties page is opened from the Analysis Selection +page by either of the following options: + +- Select **Create Analysis** to add a new analysis task to a job +- Select an existing analysis and click **Analysis Properties** to modify its configuration + +See the [Analysis Selection Page](#analysis-selection-page) and +[Analysis Properties Page](#analysis-properties-page) topics for additional information. + +The following table provides brief descriptions of the analysis modules available in Enterprise +Auditor. + +| Analysis Module | Description | +| --------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | +| [AutoAction Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/autoaction.md) | Performs a specified action at the conclusion of an analysis task’s execution | +| [Business Rules Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/businessrules/overview.md) | Finds data that does not match user expectations for the target environment | +| [Change Detection Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/changedetection/overview.md) | Notifies when a change occurs in the results of a job and identifies the location of the change | +| [Notification Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/notification/overview.md) | Sends notifications to specified recipients when a specified event occurs | +| [SQLscripting Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/sqlscripting.md) | Executes free-form SQL scripts | +| SQLTrend | Legacy action module | +| [SQLViewCreation Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/overview.md) | Provides a scripting wizard for creating SQL tables or views | +| [VBscripting Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/vbscripting.md) | Executes free-form VB scripts | + +## Executing Analyses + +Analysis tasks execute automatically if enabled through the Analysis Selection page for jobs with +analysis modules configured. Analysis tasks can be enabled or disabled by selecting the checkbox +next to the analysis tasks. Analysis tasks execute in the order shown in the Analysis Selection +window. Tasks can be manually executed without running the job by right-clicking on the task and +selecting **Execute Analyses** from the dropdown menu. + +## Analysis Selection Page + +Analysis tasks can be created, deleted, and configured through the Analysis Selection page. For jobs +with existing analysis tasks, the Analysis Selection page is used to change the order in which tasks +are run, as well as enabling or disabling tasks. + +![Analysis Selection Page](/img/product_docs/accessanalyzer/11.6/admin/analysis/analysisselectionpage.webp) + +The Analysis Selection page has the following options: + +- Create Analysis – Opens the Analysis Properties page for a newly created task +- Delete Analysis – Deletes the selected analysis task in the Analysis Selection list +- Analysis Properties – Opens the Analysis Properties page for the selected existing analysis task +- Analysis Configuration – Opens the configuration wizard for the analysis task +- Select the checkbox next to an analysis task to enable it, or clear the checkbox to disable it +- Move Up/Move Down – Moves the selected analysis tasks up or down the Analysis Selection task list. + Moving tasks up or down the list changes the order in which the task is run when the job is + executed. + + **NOTE:** Tasks can be drag-and-dropped to change position in the list. + +- Select All – Enables/disables all tasks in the list +- The **Validate**, **Validate Selected**, and **Edit Rules** buttons are specific to the Business + Rules Analysis Module. See the + [Business Rules Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/businessrules/overview.md) + topic for additional information on these buttons. + +## Analysis Properties Page + +Configure task properties through the Analysis Properties page. The Analysis Properties page is +accessed through the Analysis Selection page. + +![Analysis Properties Page](/img/product_docs/accessanalyzer/11.6/admin/analysis/analysispropertiespage.webp) + +The Analysis Properties page has the following options: + +- Name – Name of the analysis task. Default names can be changed. +- Description – Description of the analysis task. Analysis tasks for default solutions reference + associate data tables. Descriptions for new tasks are blank by default. +- Analysis Module – Click the drop-down to select an analysis module for the task +- Configure Analysis – Click to access the configuration wizard for the selected analysis module +- ID – Unique identifying number of the analysis task. The database uses distinct IDs to distinguish + between analysis tasks, even those with identical configurations. +- Enable execution of this task when the job is run – Select this option to automatically execute + the task as part of the job execution. This box can also be selected through the Analysis + Selection page. +- View XML – Opens the XML Text window to display the `DataAnalysisTasks.XML` file for the selected + job. The file is stored in the job’s directory. +- Cancel – Return to the Analysis Selection page without saving changes +- Save – Save changes and return to the Analysis Selection page diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlscripting.md b/docs/accessanalyzer/11.6/admin/analysis/sqlscripting.md new file mode 100644 index 0000000000..e5683a4498 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlscripting.md @@ -0,0 +1,108 @@ +# SQLscripting Analysis Module + +Use the SQLscripting analysis module to apply SQL scripting to the selected job. + +![SQL Script Editor](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlscripteditor.webp) + +The SQLscripting analysis module evaluates the Enterprise Auditor user’s permission level to +determine whether to allow the connected user to run the scripted command. Since this evaluation is +based on specific SQL database permissions and is not always under Enterprise Auditor’s control, +some scripts with correct syntax may fail due to insufficient permissions. + +The SQL Script Editor window has the following options: + +- Save and Close – Saves script and closes window +- Parameters – Establishes parameters for SQL scripts in the editor + + - Clicking **Parameters** opens the Parameters interface. See the [Parameters](#parameters) + topic for additional information. + +- Syntax Check – Checks SQL script syntax + + - Syntax Check does not identify logic errors, only instances where syntax is incorrect. Click + **Syntax Check** to open the Script Errors window which identifies syntax errors. + - Syntax Check reports back syntax errors starting from the beginning of the script to the end. + Syntax Check does not return a list of errors. + +- Load file – Opens a File Explorer which can be used to navigate to a SQL file +- Save to File – Saves the currently configured script into a SQL file +- Undo – Undo the previous changes made to script (Ctrl+Z) +- Redo – Redo the previous changes made to script (Ctrl+Y) +- Cut – Cuts the highlighted script from the SQL script editor (Ctrl+X) +- Copy – Copies the highlighted script into the SQL script editor (Ctrl+C) +- Paste – Pastes cut or copied script into the SQL script editor (Ctrl+V) +- Online SQL Language Reference – Opens the Microsoft + [Transact-SQL Reference](https://learn.microsoft.com/en-us/previous-versions/sql/sql-server-2005/ms189826(v=sql.90)) + article + +Click **Save and Close** to return to the Analysis Properties page. If no changes were made or +intended, it is best practice to click **Cancel** to close the SQL Script Editor wizard to ensure no +accidental changes are saved. + +## Parameters + +Use the Parameters window to add, edit, and delete temporary variables and tables defined by +SQLscripting and users. The window only displays when **Parameters** is clicked. + +![Parameters window](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlscriptparameters.webp) + +**CAUTION:** not modify any parameters where the Value states `Created during execution`. + +The Parameters window has the following options: + +- Add Variable – Adds a new variable + + - Double-click in the **Name**, **Description**, and **Value** fields to enter custom labels + - Select the variable **Type** from the dropdown menu + - Variable names must begin with the `@` sign + +- Add Table – Adds a new table +- Edit Table – Opens the Edit Table window. See the [Edit Table](#edit-table) topic for additional + information. +- Delete – Deletes the selected variable or table + +The parameters have the following properties: + +- Name – Name of the variable or table +- Type – Type of variable or table + + - String variables utilize a text string input + - Integers and floats are able to handle invalid inputs + - Boolean variables only take True/False input, in SQL they are 1/0 + - Percentages only take whole numbers 0-100, converted to 0.0 to 1.0 in SQL + - Temporary and Variable Tables + +- Description – Description of the variable or table. See the [Edit Table](#edit-table) topic for + additional information. +- Value – Input value + +### Edit Table + +Click **Edit Table** to open the Edit Table window to modify parameters for the selected table. + +![Edit Table window](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlscriptedittablewindow.webp) + +The Edit table window has the following options: + +- Name – Use the Parameters window to edit the table name. + + - If the name begins with a `#` it is a temporary table + - If the name begins with a `@` it is a table variable + + - In SQLCommand, these can be passed in as structured table parameters + + - If neither is specified, Enterprise Auditor assumes it is a temporary table + +- Description – Use the Parameters window to edit the description +- Values – Add, edit, and remove values from the table + + - Add – Select from the dropdown to either **Add New Row** or **Add New Column** to the table + - Edit a value – Edits the selected value + - Delete – Deletes the selected value + - Up/Down – Changes the value position higher or lower + +A CSV file is created under the job’s directory when a parameter table is added to the analysis. A +pre-existing CSV file can also be uploaded to populate the table. + +Click **OK** to confirm changes to the table. If no changes were made or intended, click **Cancel** +to close the Edit Table window to ensure no accidental changes are saved. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/columns.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/columns.md new file mode 100644 index 0000000000..4cc66590c5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/columns.md @@ -0,0 +1,53 @@ +# SQLViewCreations: Columns + +The Result Columns page lists the tables selected on the Input Select page. + +![View and Table Creation Analysis Module wizard Result Columns page](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/columns.webp) + +Expand the table to show its columns. Then, select the checkbox next to the column to include it in +the resulting table or view. If two data tables are being joined, the resulting table displays at +the bottom of the grid. Use the scroll bar to view any hidden tables or data points. + +The grid provides the following options for formatting the resulting table or view: + +- Check All – Selects all checkboxes in the Checked column +- Uncheck All – Clears all checkboxes in the Checked column +- Add Column – Opens the New Trend Column window, where columns can be added to the table +- Delete – Deletes a selected column + + - Original columns cannot be deleted. Only columns that have been added by users can be deleted. + +- Show All Columns/Hide Unchecked Columns – Hides rows that are not currently selected ,or if + columns are currently hidden, displays all columns in the table +- Checked – Selects data columns for inclusion in the resulting table or view +- Column Name – Displays the data column name +- Group Operation – Accesses the available group operations that can be applied to individual data + points. Click on a cell in this column to display the drop-down arrow. The following operations + are available: + + - (none) + - Average + - Count + - Maximum + - Minimum + - Sum + - Variance + +- Data Label – Displays any data label for the associated data point. Data labels override the + column name on the materialized table or view. If applying a group operation, a default data label + shows. To apply a custom label, click in the cell and enter the label. +- Order By Operation – Accesses the available order-by operations that can be applied to individual + data points. Click on a cell in this column to display the drop-down arrow. The following + operations are available: + + - None + - Ascending + - Descending + +**NOTE:** If at least one columns is sorted by value, the **With ties** option is enabled on the +Result Constraints page. See the +[SQLViewCreation: Result Constraints](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultconstraints.md) topic +for additional information. + +After selecting the columns to include in the resulting table or view, click **Next** to further +filter the sourced data. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/export.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/export.md new file mode 100644 index 0000000000..7af9f0eb7c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/export.md @@ -0,0 +1,26 @@ +# SQLViewCreation: Export + +Use the Export settings page to specify data export settings. + +![View and Table Creation Analysis Module wizard Export page](/img/versioned_docs/directorymanager_11.0/directorymanager/portal/export.webp) + +Select the **Export results data** checkbox to enable the settings. The following options control +the file type and destination of the exported data: + +- Format – Use the drop-down menu to select the file format of the exported data + + - MS Excel file – Converts file to Microsoft Excel format. If Excel is not installed on the + console, a warning message shows and another export file format needs to be selected. + - CSV file – Converts file to Comma-Separated Values format. Includes the option to compress the + file to a zip file. + - ML file – Converts file to Extensible Markup Language format. Includes the option to compress + the file to a zip file. + +- Location – Displays the export location path. To edit this field, clear the **Use the job output + folder** checkbox. Click the ellipsis (**…**) to browse for a location, or edit the field + directly. +- Use the job output folder – Use the default export location and displays the path within the + **Location** field. To specify a different location, clear the checkbox and edit the **Location** + field. + +Once the options are selected, click **Next**. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/filter.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/filter.md new file mode 100644 index 0000000000..af9653fdb0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/filter.md @@ -0,0 +1,17 @@ +# SQLViewCreation: Filter + +Use this page to add custom filters to the table using the Filter Builder. + +![View and Table Creation Analysis Module wizard Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.webp) + +Filters reduce the amount of data visible in a column imported to the resulting table or view. By +default, when the filter page is blank, all the data within each column is included. Use the +following options to add and remove filters: + +- Edit – Opens the Filter window + + - See the + [Advanced Search](/docs/accessanalyzer/11.6/admin/navigate/datagrid.md#advanced-search) + topic for additional information + +- Clear – Clears any specified filters diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/input.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/input.md new file mode 100644 index 0000000000..478b5fca88 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/input.md @@ -0,0 +1,17 @@ +# SQLViewCreation: Input Source + +Use the Input Source page to select the source tables or views, containing data, to join or +aggregate into a resulting table or view. + +![View and Table Creation Analysis Module wizard Input Source page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/input.webp) + +At the first drop-down, select a table. The drop-down lists on this page are determined by the +selection made on the Input Scope page. To join or aggregate data from two tables, select a second +table at the second drop-down menu. To remove the second table from the field, click the **X** +button. + +**NOTE:** It is important to choose tables that are compatible with one another or share similar +columns. + +When the two sources of data are selected, click **Next** to create a joint column within the +resulting table or view. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/inputscope.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/inputscope.md new file mode 100644 index 0000000000..b5f72f0909 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/inputscope.md @@ -0,0 +1,15 @@ +# SQLViewCreation: Input Scope + +Use the Input Selection page to scope the source data tables. This option affects the tables +available for selection on the subsequent pages. + +![View and Table Creation Analysis Module wizard Input Selection page](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/inputscope.webp) + +Select the source data to be used from the following options: + +- Tables from Current Job – Targets all tables generated by the current job within the SQL Server + database +- All Enterprise Auditor Tables – Targets tables within the SQL Server database that begin with `SA` +- All tables in the database – Targets all tables within the SQL Server database + +After selecting the initial scope for the data sources, click **Next**. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/joincolumns.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/joincolumns.md new file mode 100644 index 0000000000..b737a052d3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/joincolumns.md @@ -0,0 +1,42 @@ +# SQLViewCreations: Join Columns + +Use the Join Columns page to select a column from each source table to join together on the +resulting table or view. The options on this page are only enabled if two tables are selected on the +Input Source page. + +**NOTE:** The SQLViewCreation analysis module can join two tables, using a simple equi-join +condition of two predicates. For composite joins with two or more tables using a conjunction of +predicates, use the SQLscripting analysis module. See the +[SQLscripting Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/sqlscripting.md) topic +for additional information. + +![View and Table Creation Analysis Module wizard Join Columns page](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/joincolumns.webp) + +Use the **Table 1 join property** and **Table 2 join property** fields to select join predicates +from both tables. Join predicates are columns containing analogous values that are used to match +records in referenced tables. + +Next, specify how to join these tables. To automatically select the appropriate join type, select +one or more of the checkboxes. The selection in the **Join Type** field updates based on user +selections. + +To manually select, use the **Join Type** field. The selection here may update the above checkboxes. +The following options are available: + +- Join Type – Select a join type from the drop-down: + + **NOTE:** Left is the first table referenced, right is the second table. + + - Inner Join – Returns records that have matching values in both tables + - Right Outer Join – Returns all records from the left table, and the matched records from the + right table + - Left Outer Join – Return all records from the right table, and the matched records from the + left table + - Full Outer Join – Return all records when there is a match in either left or right table + +**NOTE:** The join property is the column found within both tables. The two columns can have +different names. However, in the results set, everywhere a value in the first column matches the +value in the second column, rows from the respective tables are joined together. + +After selecting a column from each data source to join, click **Next** to select columns to transfer +to the resulting table or view. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/overview.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/overview.md new file mode 100644 index 0000000000..db4f132183 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/overview.md @@ -0,0 +1,36 @@ +# SQLViewCreation Analysis Module + +The SQLViewCreation analysis module provides the ability to create new views or tables that are used +in Enterprise Auditor actions and reports. These views or tables are re-created during job +execution. + +**CAUTION:** Consider the impact on storage and performance when choosing to create views versus +tables. Tables require more storage space in the database. + +## Configuration + +This analysis module provides the View and Table Creation Analysis Module wizard to assist in +configuring the module. Before the wizard, collect the desired data for manipulation. + +The wizard contains the following pages: + +- Welcome +- [SQLViewCreation: Input Scope](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/inputscope.md) +- [SQLViewCreation: Input Source](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/input.md) +- [SQLViewCreations: Join Columns](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/joincolumns.md) +- [SQLViewCreations: Columns](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/columns.md) +- [SQLViewCreation: Filter](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/filter.md) +- [SQLViewCreation: Time Window](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/timewindow.md) +- [SQLViewCreation: Result Constraints](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultconstraints.md) +- [SQLViewCreation: Result Type](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/result.md) +- [SQLViewCreation: Result Sample](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultsample.md) +- [SQLViewCreation: Export](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/export.md) +- [SQLViewCreation: Summary](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/summary.md) + +The Welcome page provides an overview of the analysis module. + +![View and Table Creation Analysis Module wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +There are no configurable settings on the Welcome page. Click **Next** to begin configuring a custom +table or view using two formatted data sources, or use the Steps navigation pane to open another +page in the wizard. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/result.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/result.md new file mode 100644 index 0000000000..858c60f2ab --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/result.md @@ -0,0 +1,18 @@ +# SQLViewCreation: Result Type + +Use the Result Type page to choose a SQL database table or view for the result’s output. + +![View and Table Creation Analysis Module wizard Result Type page](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resulttype.webp) + +The options on this page determine the visual representation and name of the combined data from the +two sourced tables. Select from the following two options: + +- Create Table – Creates a table output for the resulting dataset +- Create View – Creates a view output for the resulting dataset + +A default name of `SA_[job name]_Result` is provided in the name field. You can customize this name +for the resulting table or view. + +The name must start with `SA` to be recognized as a Enterprise Auditor table or view. + +After selecting the resulting table or view’s visual representation and name, click **Next**. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultconstraints.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultconstraints.md new file mode 100644 index 0000000000..91a84c8d8b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultconstraints.md @@ -0,0 +1,44 @@ +# SQLViewCreation: Result Constraints + +Use the Result Constraints page to impose restraints on the dataset. + +![View and Table Creation Analysis Module wizard Result constraints page](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultconstraints.webp) + +Select one of the following options to choose if and how much data should be returned: + +- Duplicate rows can appear in the result set +- Only unique rows can appear in the result set +- Return only [number] [unit] of the rows – Select this checkbox to specify a numeric value and unit + of measurement to return for the rows that appear in the resulting table or view + + - With ties – Include all instances of identical values in the sorted columns with the results. + To include only one instance of identical values, do not select this option.. See the + [With Ties Example](#with-ties-example) topic for additional information. + + **NOTE:** This field is enabled by sorting at least one column in the table by value (for + SQL, only a sorted column can contain ties). To sort columns, use the **Order By Operation** + field on the Columns page. See the + [SQLViewCreations: Columns](/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/columns.md) + topic for additional information. + +## With Ties Example + +The following example explains how the **With ties** option works. + +![cid:image027.webp@01D4CF75.96F2E110](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/examplefull.webp) + +Consider a table that has ten rows with one repeating entry under the value column. + +![cid:image025.webp@01D4CF74.8A56D750](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/examplereduced.webp) + +If the table is sorted by the value column in ascending order and the **Return only** option is set +to **40 percent**, then there should be four rows visible in the resulting table or view output. + +![cid:image026.webp@01D4CF74.8A56D750](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/examplereducedwithties.webp) + +However, if the first three values in the sort column are unique but the fourth value matches the +fifth, selecting the **With ties** option returns the first three rows as well as both the fourth +and fifth rows for a total of five rows. + +**NOTE:** If sorting multiple columns, **With ties** evaluates all sorted columns to determine ties +between columns with the same inputs. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultsample.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultsample.md new file mode 100644 index 0000000000..c5979c4d20 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultsample.md @@ -0,0 +1,13 @@ +# SQLViewCreation: Result Sample + +Use this page to preview a sampling of the completed data manipulation. + +![View and Table Creation Analysis Module wizard Result Sample page](/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultsample.webp) + +Click **Show Preview** to populate the window with the selections from the previous pages. If the +window does not populate, check the configurations for errors and try again. + +**NOTE:** The **Show Preview** option does not always apply the filter conditions specified within +the wizard, but the resulting table or view applies all filters. + +If the preview is satisfactory, click **Next** to continue. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/summary.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/summary.md new file mode 100644 index 0000000000..efb386c76c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/summary.md @@ -0,0 +1,9 @@ +# SQLViewCreation: Summary + +This page provides an overview of all the settings configured in the wizard. + +![View and Table Creation Analysis Module wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the View and Table Creation Analysis Module wizard to ensure that no +accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/timewindow.md b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/timewindow.md new file mode 100644 index 0000000000..58ea1af195 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/timewindow.md @@ -0,0 +1,23 @@ +# SQLViewCreation: Time Window + +Use the Source and Time Window page to specify which data to access if using multiple Enterprise +Auditor Consoles or history is enabled. + +![View and Table Creation Analysis Module wizard Source and Time Window page](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/timewindow.webp) + +Use the following options to select which sources of data to permit and the time frame in which the +data was collected: + +- Source Data Details – Choose a data source. This option is for when the selected tables are from + two separate Enterprise Auditor Consoles using tables generated by the same job. + + **NOTE:** This section is enabled after selecting **All Enterprise Auditor Tables** or **All + tables in the database** on the Input Scope page. + + - All data – Uses all data available from the selected option on the Input Scope page and merges + the data + - Data from this Enterprise Auditor Console only – Uses only data from the Enterprise Auditor + Console generating the current analysis module + +- Time Window – Select a time window for each table in the analysis. The drop-down menu selections + vary based on each table's history settings. diff --git a/docs/accessanalyzer/11.6/admin/analysis/vbscripting.md b/docs/accessanalyzer/11.6/admin/analysis/vbscripting.md new file mode 100644 index 0000000000..03c04c1515 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/analysis/vbscripting.md @@ -0,0 +1,27 @@ +# VBscripting Analysis Module + +Use the VBscripting analysis module to access the VBScript Editor and apply VB scripting to the +current analysis. + +![VBScript Editor](/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/vbscripteditor.webp) + +The VBScript Editor has the following options: + +- Save and Close – Saves the script and closes the window +- Syntax Check – Checks VB script syntax + + - Syntax Check does not identify logic errors, only instances where syntax is incorrect. Click + **Syntax Check** to open the Script Errors window which identifies syntax errors. + - Syntax Check reports back syntax errors starting from the beginning of the script to the end. + Syntax Check does not return a list of errors. + +- Load file – Opens a File Explorer which can be used to navigate to a VBS file +- Save to File – Saves the currently configured script into a VBS file +- Undo – Undo the previous changes made to script (Ctrl+Z) +- Redo – Redo the previous changes made to script (Ctrl+Y) +- Cut – Cuts the highlighted script from the VB script editor (Ctrl+X) +- Copy – Copies the highlighted script in the VB script editor (Ctrl+C) +- Paste – Pastes cut or copied script into the VB script editor (Ctrl+V) + +When done using the editor, click **Save and Close** to return to the Analysis Properties page. Make +sure to save the analysis. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/category.md b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/category.md new file mode 100644 index 0000000000..f706901fca --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/category.md @@ -0,0 +1,57 @@ +# ActiveDirectory: Category + +The ActiveDirectory Data Collector Category page contains the following query categories, +sub-divided by auditing focus: + +![Active Directory Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The categories are: + +- Domains + + - Domains – Domains in an organization’s forest + - Trusted Domains – List of domains and their trust relationships + - FSMO Role Holders – FSMO Role Holders (Significant Domain Controllers) + - Domain Object Counts – Number of users and servers with each Domain + +- Directory Objects By Domain + + - Containers – Containers under given scope + - Organizational Units – Organizational units under given scope + - Computers – List of computer objects under scope + - Shared Folders – Shared folders under the scope + - Printers – Printer objects + - Users – All user objects under the scope + - Contacts – Contact objects + - Groups – Domain/global/universal distribution groups + +- Sites and Topology + + - Sites – List of AD sites + - Servers – Servers list + - Site Object Counts – Number of users and servers within each AD Site + +- Inter-site transports + + - Transports – Inter-site transports in AD + - SiteLinks – Connections between two sites + - SiteLinkBridges – Object for tracking transitively connected site links + +- DNS Services + + - Subnets – Known subnets list + - DNS Zones – DNS zone objects list + +- Directory Security + + - Extended Control Access Rights – Extended rights dump + - Security Principals – Well-known security principals from external sources + +- Directory Schema + + - Schema Attributes – Dumps all defined attributes in Active Directory + - Schema Classes – Dumps all defined classes in Active Directory + +- AD Replication + + - AD Replication Links – Active Directory replication links diff --git a/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/directoryscope.md b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/directoryscope.md new file mode 100644 index 0000000000..68de0f8a04 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/directoryscope.md @@ -0,0 +1,19 @@ +# ActiveDirectory: Directory Scope + +The Directory Scope page provides configuration settings for the directory connection and the scope +for the query. It is a wizard page for the category of **Directory Objects by Domain**. + +![Active Directory Data Collector Wizard Directory Scope page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/directoryscope.webp) + +The Directory Scope page has the following options: + +- Connect to – Identifies the target domain + + - Default domain – Domain in which the Enterprise Auditor Console server resides + - This domain – Domain specified in the textbox + +- Connect – Connects to the target domain to provide a list of directories +- Add – Add an OU to the query scope +- Remove – Removes an OU from the query scope +- Scope – List of OUs to be scanned +- Sub tree – Sub-OUs included in the scan if checked diff --git a/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/options.md b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/options.md new file mode 100644 index 0000000000..f2ff30ba76 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/options.md @@ -0,0 +1,24 @@ +# ActiveDirectory: Options + +The Options page provides format options for returned data. It is a wizard page for all categories. + +![Active Directory Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +- How to format collected results – Select from the following options: + + - Return data as collected + - Return data in a separate row for each property set in the following group + + - Select the group from the drop-down menu + + - Return each value of the following property in a separate row + + - Select the property from the drop-down menu + +- How to return multi-valued properties in one cell – Select from the following options: + + - Concatenated – All values are listed in one cell using the delimiter specified + + - Delimiter – Symbol used to separate values in the cell + + - First value only – Only the first value is listed in the cell diff --git a/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/overview.md new file mode 100644 index 0000000000..a58529bef9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/overview.md @@ -0,0 +1,40 @@ +# ActiveDirectory Data Collector + +The ActiveDirectory Data Collector audits objects published in Active Directory. It has been +preconfigured within the Active Directory Solution. Both this data collector and the solution are +available with a special Enterprise Auditor license. See the +[Active Directory Solution](/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md) +topic for additional information. + +Protocols + +- ADSI +- LDAP +- RPC + +Ports + +- TCP 389/636 +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Domain Administrators group + +## ActiveDirectory Query Configuration + +The ActiveDirectory Data Collector is configured through the Active Directory Data Collector Wizard, +which contains the following wizard pages: + +- Welcome +- [ActiveDirectory: Category](/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/category.md) +- [ActiveDirectory: Directory Scope](/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/directoryscope.md) +- [ActiveDirectory: Results](/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/results.md) +- [ActiveDirectory: Options](/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/options.md) +- [ActiveDirectory: Summary](/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/summary.md) + +![Active Directory Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/results.md b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/results.md new file mode 100644 index 0000000000..e682c19e62 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/results.md @@ -0,0 +1,10 @@ +# ActiveDirectory: Results + +The Results page is where Active Directory object properties to be gathered are selected. It is a +wizard page for all categories. + +![Active Directory Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or the **Check all**, **Uncheck all**, and **Reset to +defaults** buttons can be used. All selected properties are gathered. Available properties vary +based on the category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/summary.md new file mode 100644 index 0000000000..7250f0760b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/summary.md @@ -0,0 +1,9 @@ +# ActiveDirectory: Summary + +The Summary page displays a summary of the configured query. It wizard page for all categories. + +![Active Directory Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adactivity/category.md b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/category.md new file mode 100644 index 0000000000..9c26213ec6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/category.md @@ -0,0 +1,14 @@ +# ADActivity: Category + +Use the Category page to identify how activity data is retrieved or removed. + +![Active Directory Activity DC wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The ADActivity Data Collector Category page contains three query categories: + +- Import From SAM – Import activity from a Netwrix Activity Monitor archive +- Import From Share – Import activity from a network share +- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for + troubleshooting. When this option is selected, the next wizard page is the Summary page. See the + [Clear ADActivity Tables](/docs/accessanalyzer/11.6/admin/datacollector/adactivity/cleartables.md) + topic for more information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adactivity/cleartables.md b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/cleartables.md new file mode 100644 index 0000000000..cf6bc02838 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/cleartables.md @@ -0,0 +1,22 @@ +# Clear ADActivity Tables + +Sometimes when troubleshooting an ADActivity issue, it becomes necessary to clear the standard +reference tables. Follow the steps. + +**Step 1 –** Create a new job and assign a query using the ADActivity Data Collector. + +![Active Directory Activity DC wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/categoryremovetables.webp) + +**Step 2 –** In the Active Directory Activity DC Wizard on the Category page, select the **Remove +Tables** category task. + +![Active Directory Activity DC wizard Results page for Remove Tables category](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/resultsremovetables.webp) + +**Step 3 –** Click **Next** to go to the Results page. Optionally, select the **Success** checkbox +to display a confirmation of successful removal in the results after the job is run. + +**Step 4 –** Click **Next** and then Click **Finish** to close the Active Directory Activity DC +Wizard. Click **OK** to close the Query Properties window. + +**CAUTION:** When the job is run, all of the ADActivity standard reference tables are removed from +the database. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adactivity/connection.md b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/connection.md new file mode 100644 index 0000000000..1e5aed914b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/connection.md @@ -0,0 +1,30 @@ +# ADActivity: SAM Connection + +The SAM connection page is where the port number is configured to send Active Directory data from +Netwrix Activity Monitor. It is a wizard page for the category of: + +- Import from SAM + +![Active Directory Activity DC wizard SAM connection settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/namconnection.webp) + +The following connection setting can be configured to connect to the Netwrix Activity Monitor +archive via an API Server: + +- Port – Enter the API server port. The default is 4494. +- Encrypt communication with target server (SSL) – Allows the Active Directory Activity Data + Collector to communicate with the SAM API Server over a secure channel + + - Ignore certificate errors? – Ignores untrusted certificate authority errors and allows the + scan to continue + +- Test SAM host – Enter the Activity Monitor API server name in a qualified domain name format. + Click Connect to test the connection. A successful result populates the section underneath with a + Refresh token. +- Exclude – Select archives to be ignored by the Active Directory Activity DC scan + + **CAUTION:** Save the Refresh token to a Text Editor for later use. The Refresh token resets + each time the Test SAM host option is connected to. It must be replaced in the Connection + profile if it is regenerated. + +- Refresh token – After generation, it must replace the old Access Token from the SAM API Server + configuration in the Connection Profiles required to connect to the API Server diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adactivity/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/overview.md new file mode 100644 index 0000000000..f41a15f9ec --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/overview.md @@ -0,0 +1,35 @@ +# ADActivity Data Collector + +The ADActivity Data Collector integrates with the Netwrix Activity Monitor by reading the Active +Directory activity log files. It has been preconfigured within the Active Directory Solution. Both +this data collector and the solution are available with a special Enterprise Auditor license. See +the +[Active Directory Solution](/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md) +topic for additional information. + +Protocols + +- HTTP +- RPC + +Ports + +- TCP 4494 (configurable within the Netwrix Activity Monitor) + +Permissions + +- Netwrix Activity Monitor API Access activity data +- Netwrix Activity Monitor API Read +- Read access to the Netwrix Activity Monitor Log Archive location + +## ADActivity Query Configuration + +The ADActivity Data Collector is configured through the Active Directory Activity DC wizard, which +contains the following wizard pages, which change based up on the query category selected: + +- [ADActivity: Category](/docs/accessanalyzer/11.6/admin/datacollector/adactivity/category.md) +- [ADActivity: SAM Connection](/docs/accessanalyzer/11.6/admin/datacollector/adactivity/connection.md) +- [ADActivity: Share](/docs/accessanalyzer/11.6/admin/datacollector/adactivity/share.md) +- [ADActivity: Scope](/docs/accessanalyzer/11.6/admin/datacollector/adactivity/scope.md) +- [ADActivity: Results](/docs/accessanalyzer/11.6/admin/datacollector/adactivity/results.md) +- [ADActivity: Summary](/docs/accessanalyzer/11.6/admin/datacollector/adactivity/summary.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adactivity/results.md b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/results.md new file mode 100644 index 0000000000..e2f2df1725 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/results.md @@ -0,0 +1,9 @@ +# ADActivity: Results + +The Results page is where the properties to be gathered are selected. It is a wizard page for all of +the categories. + +![Active Directory Activity DC wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or the **Select All** and **Clear All** buttons can be used. +All selected properties are gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adactivity/scope.md b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/scope.md new file mode 100644 index 0000000000..e16cd0f373 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/scope.md @@ -0,0 +1,31 @@ +# ADActivity: Scope + +Use the Scoping and Retention page to configure additional settings. This page is a wizard page for +the categories of: + +- Import From SAM +- Import From Share + +![Active Directory Activity DC wizard Scoping and Retention page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +The Timespan is defined according to the following two elements: + +- Relative Timespan – Number of days AD Activity is collected when the scan is run +- Absolute Timespan – Set the date range for the scan to collect AD Activity + + **_RECOMMENDED:_** The threshold should be set for after the Netwrix Activity Monitor collects + and archives its data but before they are deleted after a set retention period. + +The Retention section sets what event type is collected and how many days Enterprise Auditor keeps +the collected data in its SQL database. The table has the following columns: + +- Event Type – The event type that may be enabled for the scan. The event types are: + + - AD Change + - AD Replication + - Authentication + - LDAP + - Process Injection + +- Days to Store – Specify the number of days to store the collected data for the event type +- Enable Collection – When selected, the corresponding event type is collected diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adactivity/share.md b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/share.md new file mode 100644 index 0000000000..dcc4efc39e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/share.md @@ -0,0 +1,20 @@ +# ADActivity: Share + +The Share page provides options for configuring share settings. It is a wizard page for the category +of: + +- Import from Share + +![Active Directory Activity DC wizard Share settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/share.webp) + +The following connection setting can be configured to connect to the AD activity archives that must +be located on a Domain Controller share: + +- UNC Path – Enter the path of the share that stores AD Activity from the AD Agent(s). The ellipsis + (**…**) opens a file explorer where the path can be navigated to and selected. + + - _Remember,_ all AD Agent logs must be archived to this location or the AD Activity data is not + queried by Enterprise Auditor + +- Include Sub-Directories – Select to include sub-directories on the targeted share. Use this option + if there are multiple archives in the same location. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adactivity/standardtables.md b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/standardtables.md new file mode 100644 index 0000000000..e07a22fef8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/standardtables.md @@ -0,0 +1,46 @@ +# Standard Reference Tables & Views for the ADActivity Data Collector + +The ADActivity Data Collector gathers essential user and group activity information into standard +reference tables. Unlike other Enterprise Auditor data collectors, the ADActivity Data Collector +writes data to these tables regardless of the job executing the query. + +These tables and their associated views are outlined below: + +| Table | Details | +| -------------------------------- | --------------------------------------------------------------------- | +| SA_ADActivity_AuthTypes | Contains Active Directory authentication protocol types | +| SA_ADActivity_Classes | Contains Active Directory classes (for example, user, computer) | +| SA_ADActivity_DesiredAccess | Contains desired access level of each activity event | +| SA_ADActivity_DesiredAccessNames | Contains dictionary of desired access names | +| SA_ADActivity_EventErrorCodes | Contains dictionary of event error codes | +| SA_ADActivity_EventNames | Contains dictionary of event names | +| SA_ADActivity_Events | Contains Active Directory event details | +| SA_ADActivity_FilesImported | Contains lists of imported audit files | +| SA_ADActivity_From | Contains lists of the sources of activity events | +| SA_ADActivity_HostInfo | Contains lists of scanned hosts | +| SA_ADActivity_LDAPEvents | Contains lists of Lightweight Directory Access Protocol (LDAP) events | +| SA_ADActivity_LDAPFilters | Contains lists of LDAP filters provided | +| SA_ADActivity_ObjectNames | Contains dictionary of object  names | +| SA_ADActivity_Objects | Contains lists of Active Directory objects found in the activity log | +| SA_ADActivity_PAC | Contains lists of relative IDs (RIDs) for each collected event | +| SA_ADActivity_ProcessEvents | Contains lists of activity events by process | +| SA_ADActivity_ProcessNames | Contains dictionary of process names | +| SA_ADActivity_Protocols | Enumerates network protocols found | +| SA_ADActivity_Sources | Contains lists of sources of activity events | +| SA_ADActivity_SPNs | Contains a unique identifier for each logon account | + +Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the +ADActivity Data Collector. They contain additional information for building queries easily. The +following is an explanation of the corresponding views created for some of the tables generated by +the ADActivity Data Collector: + +| Views | Details | +| -------------------------------------------- | ------------------------------------------------------------------------ | +| SA_ADActivity_ADEventsAttributesView | Contains detailed view of attribute events (changes) | +| SA_ADActivity_ADEventsView | Contains detailed view of activity events | +| SA_ADActivity_AuthEventsPACView | Contains detailed view of authentication events referencing relative IDs | +| SA_ADActivity_AuthEventsView | Contains detailed authentication event view | +| SA_ADActivity_EventsView | Contains detailed activity event view | +| SA_ADActivity_LDAPEventsView | Contains LDAP view | +| SA_ADActivity_ProcessEventsDesiredAccessView | Contains detailed process event view with desired access references | +| SA_ADActivity_ProcessEventsView | Contains detailed process event view | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adactivity/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/summary.md new file mode 100644 index 0000000000..5fc300759b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adactivity/summary.md @@ -0,0 +1,10 @@ +# ADActivity: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![Active Directory Activity DC wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Activity DC wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.md b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.md new file mode 100644 index 0000000000..93420a9383 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.md @@ -0,0 +1,22 @@ +# ADInventory: Category + +Use the category page to identify which Active Directory task to perform. + +![Active Directory Inventory DC Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The categories include the following tasks: + +- Scan Active Directory – Scans Active Directory objects and imports the information into SQL Server + database, creating the standard reference tables. This task is also responsible for maintaining + the schema for tables and views. This is the standard option for this data collector. +- Update SQL Indexes – Reorganizes or rebuilds indexes in the Enterprise Auditor SQL storage + database. When this option is selected, the next wizard page is the Results page. +- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for + troubleshooting. When this option is selected, the next wizard page is the Summary page. See the + [Clear ADInventory Tables](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/cleartables.md) + topic for more information. +- Drop Domain – Remove host domain related data from SQL server + +**NOTE:** The Scan Active Directory category is the pre-configured setting for the .Active Directory +Inventory Job Group. Therefore, accessing the Active Directory Inventory DC Wizard from the query +within that job group does not display the Category wizard page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adinventory/cleartables.md b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/cleartables.md new file mode 100644 index 0000000000..c71df081e0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/cleartables.md @@ -0,0 +1,25 @@ +# Clear ADInventory Tables + +Sometimes when troubleshooting an ADInventory issue, it becomes necessary to clear the standard +reference tables. Follow the steps. + +**CAUTION:** Be careful when using this query task. It will result in the deletion of collected +data. + +**Step 1 –** Create a new job and assign a query using the **ADInventory** Data Collector. + +![Remove Tables task selected on Active Directory Inventory DC Wizard Category page ](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/categoryremovetables.webp) + +**Step 2 –** In the Active Directory Inventory DC Wizard on the Category page, select the **Remove +Tables** category task. + +**Step 3 –** Click **Next** and then **Finish** to close the Active Directory Inventory DC Wizard. +Click **OK** to close the Query Properties window. + +When the job is run, all of the ADInventory standard reference tables are removed from the database. + +**CAUTION:** Never leave the query task selected after job execution. Accidental data loss can +occur. + +_Remember,_ this job deletes data from the Enterprise Auditor database. Check the job has been +configured correctly prior to job execution. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.md b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.md new file mode 100644 index 0000000000..8cb79db0b9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.md @@ -0,0 +1,87 @@ +# ADInventory: Custom Attributes + +The Custom Attributes page provides ability to add Active Directory attributes that are unique to +the environment or not collected by default to be gathered. It is a wizard page for the category of +Scan Active Directory. + +The +[Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/standardtables.md) +topic provides information on what is collected by default. Custom attributes added on this page are +stored in the **SA_ADInventory_ExtendedAttributes** table. + +![Active Directory Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.webp) + +The Custom Attribute is defined according to the following three elements: + +- Domain Filter – Short or fully qualified name +- Object Class – User, Group, or Computer +- Attribute Name – As listed within Active Directory + +Use the **Add**, **Edit**, and **Remove** buttons at the bottom of the window to configure the +custom attributes to be gathered by the scan. See the +[Manually Add Custom Attributes](#manually-add-custom-attributes) topic for additional information. + +The **Import** button opens the Custom Attributes Import Wizard. See the +[Custom Attributes Import Wizard](#custom-attributes-import-wizard) topic for additional +information. + +Microsoft Active Directory Schema is detailed in the Microsoft +[Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) +article. + +#### Manually Add Custom Attributes + +The **Add** and **Edit** buttons on the Custom Attributes page open the Custom Attribute window. +Follow the steps to manually add custom attributes. + +**Step 1 –** On the Custom Attributes page of the Active Directory Inventory DC Wizard, click +**Add**. The Custom Attribute window opens. + +![Custom Attribute window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesadd.webp) + +**Step 2 –** Enter the **Domain Filter**. This can be entered either as the short domain name or the +fully qualified domain name. + +**Step 3 –** Select the checkbox for the desired **Object Class**. + +**Step 4 –** Enter the **Attribute Name** as it appears in Active Directory. + +**Step 5 –** Click **OK**. The Custom Attribute window closes and the specified attribute is added +in the Custom Attributes page. + +Repeat this process until all desired Custom Attributes have been included. + +#### Custom Attributes Import Wizard + +The Custom Attributes Import Wizard is used to import a list of custom attributes into the +ADInventory Data Collector configurations. Follow the steps to use the Custom Attributes Import +Wizard. + +**Step 1 –** On the Custom Attributes page of the Active Directory Inventory DC Wizard, click +**Import**. The Custom Attribute Import Wizard opens. + +![Custom Attributes Import Wizard Credentials page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesimportcredentials.webp) + +**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting +one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in +which the Enterprise Auditor Console server resides. Then set the credentials for reading the +attributes list from the domain: + +- Authenticate as the logged in user – Applies the user account running Enterprise Auditor +- Use the following credentials to authenticate – Applies the account supplied in the **User Name** + and **Password** fields + +Click **Next** to continue. + +![Custom Attributes Import Wizard Attributes page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesimportattributes.webp) + +**Step 3 –** The wizard populates available attributes from the domain specified on the Attributes +page. Expand the desired object class and select the checkboxes for the custom attributes to be +imported. Then click **Next**. + +![Custom Attributes Import Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesimportsummary.webp) + +**Step 4 –** On the Summary page, click **Finish**. + +The selected attributes are added on the Custom Attributes page of the Active Directory Inventory DC +Wizard. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adinventory/domains.md b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/domains.md new file mode 100644 index 0000000000..4dacb6d233 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/domains.md @@ -0,0 +1,8 @@ +# ADInventory: Domains + +The Domains page removes host domain-related data from the SQL server for the selected domains. + +![Active Directory Inventory DC Wizard Domains page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/domains.webp) + +Select the checkbox next to a domain to remove host-related data from the SQL server for that +domain. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adinventory/indexupdateoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/indexupdateoptions.md new file mode 100644 index 0000000000..84b6551f84 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/indexupdateoptions.md @@ -0,0 +1,22 @@ +# ADInventory: Index Update Options + +Configure options for maintaining SQL Server indexes while running queries using the Index Update +Options page. + +![Active Directory Inventory DC Wizard Index Update Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/indexupdateoptions.webp) + +The options on the Index Update Options page are: + +- SQL Index Update Options: + + - Maximum Degree of Parallelism – Set the maximum limit of the Degree of Parallelism used for + the query. Default is **1**. + - Minimum Index Reorganization Threshold – Set the minimum index reorganization threshold that + is performed while running the query. Default is **5** percent. + - Minimum Index Rebuilding Threshold – Set the minimum index rebuilding threshold that is + performed while running the query. Default is **31** percent. + +- Select Data Collector Schemas– Select which schemas to maintain when running the query by + selecting them from the table. Enable a schema for indexing by selecting the checkbox next to it. + Right-click in the table to show options for **Check All**, **Clear All**, **Check All Selected + Items**, and **Clear All Selected Items**. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adinventory/options.md b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/options.md new file mode 100644 index 0000000000..6d4276c401 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/options.md @@ -0,0 +1,46 @@ +# ADInventory: Options + +The Options page provides options for Active Directory data collection. It is a wizard page for the +category of Scan Active Directory. + +![Active Directory Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +The Options page has the following configuration options: + +- Encrypt communication with Active Directory (SSL) – Allows the ADInventory Data Collector to + communicate with Active Directory over a secure channel + + - Ignore certificate errors? (For testing only) – Ignores untrusted certificate authority errors + and allows the scan to continue. This option is for testing purposes only. + +- Collect SID History from domain migrations – During a domain migration, the new infrastructure is + created alongside the old infrastructure. The old account SID is typically added to the SID + history attribute for the new account. The option to collect SID history is made available within + the ADInventory Data Collector to assist resolving SIDs for domain migrations. +- Collect only updates since the last scan (recommended) – Default setting for differential + scanning. The updates collected are any changes to: group membership, attributes on user objects, + attributes on group objects, and so on. + + - Track changes into Change tracking tables – Records all changes since the last scan in + separate tables + - Limit Last Logon TimeStamp Changes – When selected, changes to the Last Logon TimeStamp + Attribute are not recorded + + **_RECOMMENDED:_** If tracking changes, use the Limit Last Logon TimeStamp Changes option. + + - Number of days you want to keep changes in the database – Use the arrow buttons or manually + enter a number to set the number of days to keep changes + - Target previously scanned domain controller – Collects updated information from the last + domain controller targeted to reduce the scan time. Below are some considerations: + + - If the last domain controller is unavailable, the targeted domain controller is the + specified domain controller from the host list. If using the domain name, it attempts to + find the last scanned domain controller. + - If that domain controller is determined to be unavailable, then it runs a full scan on the + next domain controller that responds. Then, it will scan the new domain controller for + changes going forward. + + Selecting the **Track changes into Change tracking tables** option enables the **Number of days + you want to keep changes in the database** box. This allows for changes in Active Directory to + be tracked. When change tracking is enabled, notification analysis tasks can be used to send + alerts. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md new file mode 100644 index 0000000000..bcd0cb5da5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md @@ -0,0 +1,59 @@ +# ADInventory Data Collector + +The extraction and correlation of user, group, and computer attributes drastically transforms the +meaning of data collected across the many systems and applications that are linked to Active +Directory. The ADInventory Data Collector is designed as a highly scalable and useful data +collection mechanism to catalogue user, group, and computer object information that can be used by +other solutions within Enterprise Auditor. + +The ADInventory Data Collector is a core component of Enterprise Auditor and has been preconfigured +to be used within the .Active Directory Inventory Solution. Both this data collector and the +solution are available with all Enterprise Auditor license options. See the +[.Active Directory Inventory Solution](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/overview.md) +topic for additional information. + +Protocols + +- LDAP + +Ports + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +## Functional Design of the ADInventory Data Collector + +The ADInventory Data Collector has been designed to update incrementally. Once it has run against a +domain controller, additional collections gather changes made since the last scan. This enables the +ADInventory Data Collector to function efficiently within large environments. Each time it is run +against different domain controllers, it restarts the cycle. + +## ADInventory Query Configuration + +The ADInventory Data Collector is configured through the Active Directory Inventory DC Wizard, which +contains the following wizard pages: + +- Welcome +- [ADInventory: Category](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.md) +- [ADInventory: Results](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.md) +- [ADInventory: Options](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/options.md) +- [ADInventory: Index Update Options](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/indexupdateoptions.md) +- [ADInventory: Custom Attributes](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.md) +- [ADInventory: Summary](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.md) + +![Active Directory Inventory DC Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.md b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.md new file mode 100644 index 0000000000..0742797458 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.md @@ -0,0 +1,13 @@ +# ADInventory: Results + +The Results page is where properties from Active Directory to be gathered are selected. It is a +wizard page for the category of Scan Active Directory. + +![Active Directory Inventory DC Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or the **Select All** or **Clear All** buttons can be used. +All selected properties are gathered. + +This information is not available within the standard reference tables and views. Instead, this +information can be viewed in the SA_ADInventory_DEFAULT table, which is created when any of these +properties are selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adinventory/standardtables.md b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/standardtables.md new file mode 100644 index 0000000000..eff26eef41 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/standardtables.md @@ -0,0 +1,59 @@ +# Standard Reference Tables & Views for the ADInventory Data Collector + +The ADInventory Data Collector gathers essential user and group inventory information into standard +reference tables. Unlike other Enterprise Auditor data collectors, the ADInventory Data Collector +writes data to these tables regardless of the job executing the query. + +These tables and their associated views are outlined below: + +| Table | Details | AD Object Reference Article | +| ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_ADInventory_AttributeChanges | Contains a list of principal identifiers and their corresponding attribute changes for each differential scan that is performed against a domain. | [Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) | +| SA_ADInventory_Computers | Contains extended information about computers, operating systems, service packs, etc. | [Computer class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-computer) | +| SA_ADInventory_DistinguishedNames | Contains every distinguished name collected from principals and group membership. | [Attribute distinguishedName](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-ada1/56da5a9b-485d-4d7c-a226-1a54a43d9013) | +| SA_ADInventory_Domains | Contains information about the domain such as its naming context and when it was last scanned. | [Domain class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-domain) | +| SA_ADInventory_EffectiveGroupMembers | Contains expanded group membership which includes a flattened representation of members. | | +| SA_ADInventory_Exceptions | Contains information about security issues and concerns. **NOTE:** See the [AD Exception Types Translated](#ad-exception-types-translated) topic for an explanation of Exception Types. | | +| SA_ADInventory_ExceptionTypes | Identifies how many instances of exceptions exist on the audited domain. **NOTE:** See the [AD Exception Types Translated](#ad-exception-types-translated) topic for an explanation of Exception Types. | | +| SA_ADInventory_Exchange | Contains information about the Exchange Server, each database and storage group, and the HomeMDB property. | [ms-Exch-Home-MDB Attribute](https://learn.microsoft.com/en-us/previous-versions/office/developer/exchange-server-2003/ms980583(v=exchg.65)) | +| SA_ADInventory_ExtendedAttributes | Contains information gathered by the custom attributes component of the query configuration. | [Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) | +| SA_ADInventory_GroupMemberChanges | Contains a list of group principal identifiers and their corresponding membership changes for each differential scan that is performed against a domain. | [Member attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-member) | +| SA_ADInventory_GroupMembers | Contains a map of groups to member distinguished names. | [Member attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-member) | +| SA_ADInventory_Groups | Contains extended information about groups, group type, managed by, etc. | [Group class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-group) | +| SA_ADInventory_ImportHistory | Contains a list of all imports performed against a particular domain along with when the import happened and the GUID of the domain controller that was scanned. | | +| SA_ADInventory_Principals | Contains common attributes for users, groups, and computers as well as references to their primary distinguished name and security identifiers. | [Security-Principal class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-securityprincipal) | +| SA_ADInventory_SecurityIdentifiers | Contains every SID collected from the principals, including historical identifiers. | [Security-Identifier attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-securityidentifier) | +| SA_ADInventory_Users | Contains extended information about users, department, title, etc. | [User class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-user) | + +Views are the recommended way for you to obtain the information gathered by the ADInventory Data +Collector. They contain additional information for building queries easily. + +The following is an explanation of the corresponding views created for some of the tables generated +by the ADInventory Data Collector: + +| Views | Details | +| ---------------------------------------- | ---------------------------------------------------------------------------------------- | +| SA_ADInventory_AttributeChangesView | Contains attribute change information | +| SA_ADInventory_ComputersView | Contains computer information | +| SA_ADInventory_EffectiveGroupMembersView | Contains effective group membership information | +| SA_ADInventory_ExceptionsView | Contains principals that are identified to have security concerns | +| SA_ADInventory_GroupMemberChangesView | Contains group membership change information | +| SA_ADInventory_GroupMembersView | Contains group membership information | +| SA_ADInventory_GroupsView | Contains group level information | +| SA_ADInventory_PrincipalsView | Contains common attributes from the principals table including additional domain details | +| SA_ADInventory_UsersView | Contains user information | + +### AD Exception Types Translated + +The following table translates the Type of Exceptions that can found. + +| Type | Exception | Description | +| ---- | -------------------- | ------------------------------------------------------------------------- | +| 1 | Large Groups | Groups with a large amount of effective members | +| 2 | Deeply Nested | Groups with deep levels of membership nesting | +| 3 | Circular Nesting | Groups with circular references in their effective membership | +| 4 | Empty Groups | Groups with no membership | +| 5 | Single Member Groups | Groups with a single direct member | +| 6 | Stale Users | Users that have not logged onto the domain for an extended period of time | +| 7 | Stale Membership | Groups with a high percentage of effective members that are stale users | +| 8 | Large Token | Users with a large amount of authorization groups in their token | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.md new file mode 100644 index 0000000000..f0ec4899d0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.md @@ -0,0 +1,10 @@ +# ADInventory: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![Active Directory Inventory DC Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Inventory DC Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/category.md b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/category.md new file mode 100644 index 0000000000..224ce0ffb9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/category.md @@ -0,0 +1,14 @@ +# ADPermissions: Category + +The ADPermissions Data Collector Category page identifies what kind of information to retrieve using +the Category wizard page. + +![ADPermissions Data Collector wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The categories on the ADPermissions Category page are: + +- Scan Active Directory Permissions – Scan permissions applied to objects +- Scan Active Directory Audits – Scan audits applied to objects +- Remove Tables – Remove all tables and views from SQL server. See the + [Remove ADPermissions Tables](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/removetables.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/customfilter.md b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/customfilter.md new file mode 100644 index 0000000000..9452af30ec --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/customfilter.md @@ -0,0 +1,28 @@ +# ADPermissions: Custom Filter + +The Custom Filter page provides options to configure settings for object permission collection. It +is only available if the Custom Filter option is checked on the Scope page. It is a wizard page for +the categories of: + +- Scan Active Directory Permissions +- Scan Active Directory Audits + +![ADPermissions Data Collector wizard Custom Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/customfilter.webp) + +The configurable options are: + +- Root Path – Enter the AD root path + + - Select the distinguished name from the drop-down menu to the right of the Root Path + - Click **Preview** to show an example of the complete path + +- LDAP Filter – Enter a custom filter string +- Scope – Select an option from the drop-down menu: + + - Base – Limits the scope to the base object. The maximum number of objects returned is always + one. + - One Level – Restricted to the immediate children of a base object, but excludes the base + object itself + - Sub tree – (or a deep scope) includes all child objects as well as the base object + +- Click **Add** to add the filter criteria to the list. Multiple filters can be used. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/options.md b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/options.md new file mode 100644 index 0000000000..523fd75001 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/options.md @@ -0,0 +1,23 @@ +# ADPermissions: Options + +The Options page is provides additional options for collecting the Active Directory information. It +is a wizard page for the categories of: + +- Scan Active Directory Permissions +- Scan Active Directory Audits + +![ADPermissions Data Collector wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +The configurable options are: + +- Encrypt communication with Active Directory (SSL) – Enables SSL encryption + + - Ignore Certificate errors – Select to ignore errors for testing only + +- Collect only updates since the last scan – Enables differential scanning + + - Target previously scanned domain controller – Select to use the same domain controller as the + previous scan + - Track changes into change tracking tables – Enable to track changes + - Number of days you want to keep changes in the database – Set the number of days to keep + changes in the database diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md new file mode 100644 index 0000000000..2384bc4cdb --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md @@ -0,0 +1,38 @@ +# ADPermissions Data Collector + +The ADPermissions Data Collector collects the advanced security permissions of objects in AD. It is +preconfigured within the Active Directory Permissions Analyzer Solution. Both this data collector +and the solution are available with a special Enterprise Auditor license. See the +[Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/overview.md) +topic for additional information. + +Protocols + +- ADSI +- LDAP +- RPC + +Ports + +- TCP 389 +- TCP 135 – 139 +- Randomly allocated high TCP ports + +Permissions + +- LDAP Read permissions +- Read on all AD objects +- Read permissions on all AD Objects + +## ADPermissions Query Configuration + +The ADPermissions Data Collector is configured through the Active Directory Permissions Data +Collector Wizard. The wizard contains the following pages, which change based upon the query +category selected: + +- [ADPermissions: Category](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/category.md) +- [ADPermissions: Scope](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/scope.md) +- [ADPermissions: Custom Filter](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/customfilter.md) +- [ADPermissions: Options](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/options.md) +- [ADPermissions: Results](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/results.md) +- [ADPermissions: Summary](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/summary.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/removetables.md b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/removetables.md new file mode 100644 index 0000000000..f887a6d516 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/removetables.md @@ -0,0 +1,28 @@ +# Remove ADPermissions Tables + +If it becomes necessary to clear the ADPermissions Data Collector tables and views to resolve an +issue, create a new job using it as the query source and select the Remove Tables category. The +Connection Profile applied should be the same as the one used for the associated **Active Directory +Permissions Analyzer** > **0.Collection** Job. Follow the steps. + +**CAUTION:** Using this query task results in the deletion of collected data. + +**Step 1 –** Create a new job and assign a query using the **ADPermissions** Data Collector. + +**Step 2 –** In the Active Directory Permissions Data Collector Wizard, on the Category page select +the **Remove Tables** category and click **Next**. + +**Step 3 –** On the Results page, make sure all the Available Properties are selected and click +**Next**. + +**Step 4 –** Click **Finish** to close the Active Directory Permissions Data Collector Wizard. Click +**OK** to close the Query Properties window. + +When the job is run, all of the ADPermissions standard reference tables are removed from the +database. + +_Remember,_ this job deletes data from the Enterprise Auditor database. Ensure the job has been +configured correctly prior to executing the job. + +**CAUTION:** Never leave the query task selected after the job has been executed. Accidental data +loss can occur. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/results.md b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/results.md new file mode 100644 index 0000000000..c511f0e84d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/results.md @@ -0,0 +1,9 @@ +# ADPermissions: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +of the categories. + +![ADPermissions Data Collector wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Available properties vary based on the category selected. Properties can be selected individually or +the **Select All** and **Clear All** buttons can be used. All selected properties are gathered. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/scope.md b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/scope.md new file mode 100644 index 0000000000..0ac1078474 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/scope.md @@ -0,0 +1,38 @@ +# ADPermissions: Scope + +The Scope page is where the scope for the Active Directory permissions scan is configured. It is a +wizard page for the categories of: + +- Scan Active Directory Permissions +- Scan Active Directory Audits + +![ADPermissions Data Collector wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +The configurable options are: + +- Built-in: + + - Computers – Computer objects under scope + - Contacts – Contact objects + - Containers – Containers under given scope + - DNS Zones – DNS zone object list + - Domains – Domains in an organizations forest + - Extended Control Access Rights – Access control rights list + - Foreign Security Principals – Well known security principles from external sources + - Group – Domain, global, universal distribution groups + - Organizational Units – Organizational units under given scope + - Printer – Printer objects + - Schema Attributes – All defined attributes in Active Directory + - Schema Classes – All defined classes in Active Directory + - Servers – Server objects + - Shared Folders – Shared folders under the scope + - Site Link Bridges – Object for tracking transitively connected site links + - Site links – Connections between sites + - Site Transports – Inter-site transports in Active Directory + - Sites – List of Active Directory sites + - Subnets – Known subnet objects + - Users – All user objects under the scope + +- Custom: + + - Custom Filter – Custom filter for collecting objects diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/standardtables.md b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/standardtables.md new file mode 100644 index 0000000000..5e35de60c8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/standardtables.md @@ -0,0 +1,36 @@ +# Standard Reference Tables & Views + +The ADPermissions Data Collector gathers essential user and group inventory information into +standard reference tables. Unlike other Enterprise Auditor data collectors, the ADPermissions Data +Collector writes data to these tables regardless of the job executing the query. + +These tables and their associated views are outlined below: + +| Table | Details | +| -------------------------------------- | ------------------------------------------------- | +| SA_ADPerms_ACLs | Access Control List entries | +| SA_ADPerms_ACLTypes | Types of Access Control List entries | +| SA_ADPerms_Domains | Targeted domains | +| SA_ADPerms_EffectiveChildren | Linked lists of inheritance in Active Directory | +| SA_ADPerms_EffectivePermissionChildren | Linked lists of inheritance for permissions | +| SA_ADPerms_ImportHistory | History of all ADPermissions scans | +| SA_ADPerms_Inheritance | Permission inheritance | +| SA_ADPerms_ObjectChanges | Changes to Active Directory object permissions | +| SA_ADPerms_Objects | Active Directory objects | +| SA_ADPerms_Permissions | Active Directory permissions | +| SA_ADPerms_Sets | Junction table to associate permissions with ACLs | + +Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the +ADPermissions Data Collector. They contain additional information for building queries easily. The +following is an explanation of the corresponding views created for some of the tables generated by +the ADPermissions Data Collector: + +| Views | Details | +| --------------------------------- | -------------------------------------------------------------- | +| SA_ADPerms_AuditChangesView | The view of changes to audits that were applied to the objects | +| SA_ADPerms_AuditsExtView | The extended view of audits applied to the objects | +| SA_ADPerms_AuditsView | The view of object audits | +| SA_ADPerms_OwnershipChangesView | The view of object ownership changes | +| SA_ADPerms_PermissionsChangesView | The view of changes to permissions applied to the objects | +| SA_ADPerms_PermissionsExtView | The extended view of permissions applied to the objects | +| SA_ADPerms_PermissionsView | The view of object permissions | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/summary.md new file mode 100644 index 0000000000..86041a7904 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/summary.md @@ -0,0 +1,10 @@ +# ADPermissions: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![ADPermissions Data Collector wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Permissions Data Collector Wizard ensuring that no +accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/aws/category.md b/docs/accessanalyzer/11.6/admin/datacollector/aws/category.md new file mode 100644 index 0000000000..39c62e3182 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/aws/category.md @@ -0,0 +1,22 @@ +# AWS: Category + +Use the Category page to select the type of scan for the targeted AWS instance or maintenance task +to perform. + +![AWS Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The options on the Category page are: + +- AWS scan jobs + + - Collect Org data – Collects all organization info from an AWS instance + - Collect IAM data – Collects all users, groups, and roles from an AWS instance + - Collect S3 – Collects S3 data + - Collect SDD data – Scans S3 objects for potentially sensitive data + +- Maintenance + + - Drop AWS DC Tables – Removes AWS data collector data and tables from the Enterprise Auditor + database. See the + [Drop AWS Tables](/docs/accessanalyzer/11.6/admin/datacollector/aws/droptables.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/aws/criteria.md b/docs/accessanalyzer/11.6/admin/datacollector/aws/criteria.md new file mode 100644 index 0000000000..de1374927c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/aws/criteria.md @@ -0,0 +1,31 @@ +# AWS: Criteria + +The Criteria (Select DLP criteria for this scan) page is where criteria to be used for discovering +sensitive data during a scan is configured. It is a wizard page for the category of Collect SDD +Data. + +This page requires the Sensitive Data Discovery Add-On to be been installed on the Enterprise +Auditor Console to define the criteria and enable the Criteria Editor. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +![AWS Query SDD Criteria](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +Default criteria is set at the **Global Settings** > **Sensitive Data** node. Choose between the +**Use Global Criteria** Selection and the **Use the Following Selected Criteria** radio buttons. + +For custom criteria, select the checkbox for the criteria to be used to search for sensitive data. +There are **Select All** and **Clear All** buttons that can be used. + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + +**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System +Criteria and User Criteria nodes are visible in the table. + +User-defined criteria is created in the Criteria Editor, accessed through the **Global Settings** > +**Sensitive Data** node. See the +[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/aws/droptables.md b/docs/accessanalyzer/11.6/admin/datacollector/aws/droptables.md new file mode 100644 index 0000000000..6f61b1a961 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/aws/droptables.md @@ -0,0 +1,24 @@ +# Drop AWS Tables + +Sometimes when troubleshooting an AWS issue, it becomes necessary to clear the AWS DC data and +tables from the Enterprise Auditor database. Follow the steps to configure a job to remove tables. + +**Step 1 –** Create a new job. + +**Step 2 –** Configure the target host as **Local host**. + +**Step 3 –** Assign a query using the **AWS** Data Collector. + +![Drop AWS DC Tables option on Amazon Web Services Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/droptables.webp) + +**Step 4 –** In the Amazon Web Services Data Collector Wizard on the Category page, select the +**Drop AWS DC Tables** category task. Click **Next**. + +**Step 5 –** Click **Next** and then click **Finish** to close the Amazon Web Services Data +Collector Wizard. Click **OK** to close the Query Properties window. + +**CAUTION:** When the job is run, all of the AWS DC data and tables are removed from the database. + +The job is now configured and ready to run. + +**NOTE:** An AWS connection profile is not required for the Drop AWS DC Tables task. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.md b/docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.md new file mode 100644 index 0000000000..ceedaff665 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.md @@ -0,0 +1,40 @@ +# AWS: Filter S3 Objects + +The Filter S3 Objects page provides the options to filter which objects stored in S3 should be +queried for permissions and sensitive data. It is a wizard page for the categories of: + +- Collect S3 +- Collect SDD Data + +![Filter S3 Objects page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.webp) + +Use the buttons to customize the filter list: + +- Add – Opens the Select a bucket window. See the [Add Filter](#add-filter) topic for additional + information. +- Add Custom Filter – Create a custom filter. See the [Add Custom Filter](#add-custom-filter) topic + for additional information. +- Remove – Remove a filter from the list + +## Add Filter + +The Select a Bucket window shows the available buckets in the AWS instance. + +![Select a bucket window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/selectabucket.webp) + +Select from the available buckets and click **OK** to add them to the Filter S3 Objects page. + +## Add Custom Filter + +The Add Custom Filter window allows a custom filter to be configured. + +![Add Custom Filter window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/customfilter.webp) + +Configure a custom filter using the following format: + +- The characters `*` and `?` are wildcards + - `*` – matches any number of characters + - `?` – matches a single character +- ARN should follow the format: `arn:aws:s3:::/` + +Click **Save** to add the custom filter to the Filter S3 Objects page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.md b/docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.md new file mode 100644 index 0000000000..9dda5bfc31 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.md @@ -0,0 +1,23 @@ +# AWS: Login Roles + +The Login Roles page is where the previously created AWS Roles are added. It is a wizard page for +the categories of: + +- Collect Org data +- Collect IAM data +- Collect S3 + +![AWS Query Login Roles](/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.webp) + +Add the login roles that will allow Enterprise Auditor to scan the AWS accounts. See the +[Configure AWS for Scans](/docs/accessanalyzer/11.6/requirements/target/config/aws.md) +topic for additional information. The page has the following options: + +- Import From File – Browse to the location of a CSV file from which to import the roles +- Role Name – Enter the name of the role +- Add – Add the role from the Role Name textbox to the list +- Remove – Remove the selected role from the list +- Clear – Remove all roles from the list +- Max Session Duration (hours) – Specify the maximum time the account can be logged in for. This + value should not exceed the SessionDuration configured for the role in AWS. The default value is 1 + and the maximum value is 12. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/aws/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/aws/overview.md new file mode 100644 index 0000000000..ce44356612 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/aws/overview.md @@ -0,0 +1,59 @@ +# AWS Data Collector + +The AWS Data Collector collects IAM users, groups, roles, and policies, as well as S3 permissions, +content, and sensitive data from the target Amazon Web Services (AWS) accounts. The AWS Data +Collector has been preconfigured for the AWS Solution. Both this data collector and the solution are +available with a special Enterprise Auditor license. See the +[AWS Solution](/docs/accessanalyzer/11.6/solutions/aws/overview.md) +topic for additional information. + +Protocols + +- 443 + +Ports + +- 443 + +Permissions + +- To collect details about the AWS Organization, the following permission is required: + + - organizations:DescribeOrganization + +- To collect details regarding IAM, the following permissions are required: + + - iam:GenerateCredentialReport + - iam:GenerateServiceLastAccessedDetails + - iam:Get\* + - iam:List\* + - iam:Simulate\* + - sts:GetAccessKeyInfo + +- To collect details related to S3 buckets and objects, the following permissions are required: + + - s3:Describe\* + - s3:Get\* + - s3:HeadBucket + - s3:List\* + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +## AWS Query Configuration + +The AWS Data Collector is configured through the Amazon Web Services Data Collector Wizard. The +wizard contains the following pages, which change based up on the query category selected: + +- [AWS: Category](/docs/accessanalyzer/11.6/admin/datacollector/aws/category.md) +- [AWS: Login Roles](/docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.md) +- [AWS: Filter S3 Objects](/docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.md) +- [AWS: Sensitive Data Settings](/docs/accessanalyzer/11.6/admin/datacollector/aws/sensitivedata.md) +- [AWS: Criteria ](/docs/accessanalyzer/11.6/admin/datacollector/aws/criteria.md) +- [AWS: Results](/docs/accessanalyzer/11.6/admin/datacollector/aws/results.md) +- [AWS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/aws/summary.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/aws/results.md b/docs/accessanalyzer/11.6/admin/datacollector/aws/results.md new file mode 100644 index 0000000000..4282ac6816 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/aws/results.md @@ -0,0 +1,9 @@ +# AWS: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +of the categories. + +![Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be checked individually or the **Select All** or **Clear All** buttons can be used. +All checked properties are gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/aws/sensitivedata.md b/docs/accessanalyzer/11.6/admin/datacollector/aws/sensitivedata.md new file mode 100644 index 0000000000..03f3e62796 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/aws/sensitivedata.md @@ -0,0 +1,52 @@ +# AWS: Sensitive Data Settings + +The Sensitive Data Settings page is where sensitive data discovery settings are configured. It is a +wizard page for the category of Collect SDD Data. + +![Sensitive Data Settings page](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/sensitivedata.webp) + +Configure the following options: + +- Don’t process files larger than: [number] MB – Limits the files to be scanned for sensitive + content to only files smaller than the specified size +- Include offline files (this may significantly increase scan times) – Includes offline files in the + scan +- Perform Optical Character Recognition for image files – Enables the data collector to scan for + sensitive data within digital images of physical documents + + **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents + directly converted to images, with standard fonts. It will not work for scanning photos of + documents and may not be able to recognize text on images of credit cards, driver's licenses, or + other identity cards. + +- Store discovered sensitive data – Stores discovered sensitive data in the database +- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria + for discovered sensitive data +- Use the radio buttons to select the File types to scan: + + - Scan all file types – Scans everything in a given environment + - Scan custom file types – Select the checkboxes from the list of file and document types that + are included in a sensitive data scan. The table contains the following categories and their + sub-options: + + - Compressed Archive files + - Documents + - Email + - Image files + - Presentations + - Spreadsheets + - Text/Markup files + +- Perform differential scan of – Enables you to choose whether to employ incremental scanning: + + - Files modified since last scan – Scans only files modified since the last scan + - Files modified since [date] – Only scans files modified after the specified date + - Files modified since the last [number] days – Scans files modified within the specified number + of days + +- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn + as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU + threads available. + +_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to be +been installed on the Enterprise Auditor Console. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/aws/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/aws/summary.md new file mode 100644 index 0000000000..2efd6e01c6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/aws/summary.md @@ -0,0 +1,9 @@ +# AWS: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all categories. + +![summary](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Amazon Web Services Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/category.md b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/category.md new file mode 100644 index 0000000000..a5167b5cbb --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/category.md @@ -0,0 +1,19 @@ +# AzureADInventory: Category + +The Category page identifies which Inventory task to perform. + +![Entra ID Inventory DC Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The two categories are: + +- Scan Entra ID – Scans Microsoft Entra ID objects and imports the information into the SQL Server + database, creating the standard reference tables. This task also maintains the schema for tables + and views. This is the standard option for this data collector. +- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for + troubleshooting. When this option is selected, the next wizard page is the Summary page. See the + [Troubleshooting AzureADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/troubleshooting.md) + topic for more information. + +The Scan Entra ID category is the pre-configured setting for the .Entra ID Inventory Job Group. +Therefore, accessing the Entra ID Inventory DC Wizard from the query within that job group does not +display the Category wizard page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/configurejob.md b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/configurejob.md new file mode 100644 index 0000000000..6917584d68 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/configurejob.md @@ -0,0 +1,47 @@ +# Microsoft Entra ID Connection Profile & Host List + +The AzureADInventory Data Collector requires a custom Connection Profile and host list to be created +and assigned to the job or job group conducting the data collection. The host inventory option +during host list creation makes it necessary to configure the Connection Profile first. + +## Connection Profile + +Creating the Connection Profile requires having the Client ID and Key that was generated when +Enterprise Auditor was registered as a web application with Microsoft Entra ID. See the +[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/11.6/config/entraid/access.md) +for additional information. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Azure Active Directory +- Client ID – Application (client) ID of the Enterprise Auditor application registered with + Microsoft Entra ID. See the + [Identify the Client ID](/docs/accessanalyzer/11.6/config/entraid/access.md#identify-the-client-id) + topic for additional information. +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Key – Client secret value for the Enterprise Auditor application registered with Microsoft Entra + ID. See the + [Generate the Client Secret Key](/docs/accessanalyzer/11.6/config/entraid/access.md#generate-the-client-secret-key) + topic for additional information. + +Once the Connection Profile is created, it is time to create the custom host list. See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +## Custom Host List + +The custom host list should include: + +- All Microsoft Entra ID tenants to be targeted. If there are multiple tenants, the Connection + Profile should contain a credential for each. +- The host name must be the domain name of the tenant, for example `company.onmicrosoft.com`. See + the + [Identify the Client ID](/docs/accessanalyzer/11.6/config/entraid/access.md#identify-the-client-id) + topic for additional information. + +See the +[Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) +topic for instructions on creating a custom static host list. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributes.md b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributes.md new file mode 100644 index 0000000000..b0d22cd97b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributes.md @@ -0,0 +1,104 @@ +# AzureADInventory: Custom Attributes + +Use the Custom Attributes wizard page to define custom attributes that will be used in the Microsoft +Entra ID scan. + +![Entra ID Inventory Data Collector Wizard Custom Attributes page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.webp) + +Configuration options for Custom Attributes include: + +- Collect Open Extensions – If enabled, data collector will perform a full scan and collect all + extension attributes for Microsoft Entra ID objects + + - Enabling this option will increase the time it takes for the data collector to complete the + scan. Disabling this option will configure the data collector run a differential scan, which + will only scan changes since the last scan was performed. + + **CAUTION:** A full scan is required when new attributes are added or removed. + +- Add – Adds a manually entered attribute that is included in the scan. This option opens the Custom + Attribute window. +- Edit – Make changes to a previously added attribute. This option opens the Custom Attribute + window. +- Remove – Deletes the attribute from the table and therefore the scan +- Import – Use the Azure Connection Profile credentials or manually inputted credentials to import + custom attributes for the scan using a valid tenant name. This option opens up the Custom + Attributes Import Wizard. + +Use the **Add**, **Edit**, and **Remove** buttons at the bottom of the window to configure the +custom attributes to be gathered by the scan. Use the **Add** button to open the +[Custom Attribute Window](#custom-attribute-window). The **Import** button opens the +[Custom Attributes Import Wizard](#custom-attributes-import-wizard). + +#### Custom Attribute Window + +Input custom attributes from Microsoft Entra ID environments using the Custom Attribute pop-up +window. + +![Custom Attribute Window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributewindow.webp) + +The options on the Custom Attributes window are: + +- Tenant Filter – Use a Tenant Name or wildcard to target the desired environment. Wildcards (\*) + can be used. +- Object Class – One or more object class for the attribute can be selected: + - User + - Group + - Contact +- Attribute Name – Microsoft Entra ID attribute name +- Collect all sub-attributes – Allows the collection of sub-attributes + - Sub-Attribute Name – Define the sub-attribute name. Wildcards (\*) can be used. + +Repeat this process until all desired Custom Attributes have been included. Click **OK** to save the +attribute. + +#### Custom Attributes Import Wizard + +The Custom Attributes Import wizard adds a list of custom schema and application attributes from the +targeted tenant environment into the AzureADInventory Data Collector configurations. Follow the +steps to use this window: + +**Step 1 –** On the Custom Attributes page of the Entra Inventory DC wizard, click **Import**. The +Custom Attributes Import Wizard opens. + +![Custom Attributes Import Wizard](/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributesimportwizard.webp) + +**Step 2 –** On the Connection page, enter the Tenant Name of the instance of Microsoft Entra ID to +be targeted, and then select the method of supplying credentials for the specified tenant instance: + +- Use the following connection profile entry – Select an Azure Connection Profile from the dropdown + list +- Use the following credentials to authenticate – Enter the credentials to use + - App Id –Client ID + - App key – Client Secret Key + +**_RECOMMENDED:_** Add a valid Azure Connection Profile to the **Jobs** > **.Entra ID Inventory** > +**Settings** > **Connection** settings as a user defined profile. This ensures the connection +profile displays in the dropdown menu. + +See the +[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/11.6/config/entraid/access.md) +or the +[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/configurejob.md) +topics for additional information. + +**Step 3 –** Click **Test Connection** in order to connect to the tenant with the supplied +credentials. If they are correct, the Schema Attributes and Application Attributes pages become +available. Click **Next** to navigate to them. + +| | | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ![customattributesimportwizardschema](/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributesimportwizardschema.webp) | ![customattributesimportwizardapplication](/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp) | +| Schema Extended Attributes page | Application Extended Attributes page | + +**Step 4 –** On the Schema and Application Attributes pages, the wizard populates with the available +attributes from the Azure tenant. Expand the object classes and select the checkboxes next to the +required attributes to import the custom attributes. Click Next to continue. + +- Load More – Adds additional object classes from the Microsoft Entra ID tenant environment that are + not located in the current list +- Refresh Nodes – Wipes selections from all object class folders + +**Step 5 –** On the Summary page, review your selections and click **Finish**. + +The selected attributes display on the Custom Attributes page of the Entra ID Inventory DC wizard. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/options.md b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/options.md new file mode 100644 index 0000000000..b408258798 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/options.md @@ -0,0 +1,13 @@ +# AzureADInventory: Options + +The Options page provides scan options to use when gathering Microsoft Entra ID information. It is a +wizard page for the Scan Entra ID category. + +![Entra ID Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +Scan options for collecting Microsoft Entra ID information include: + +- Collect only updates since the last scan +- Collect sign-in activity with scan + - This option is required to collect the LastLogonTimestamp attribute of user objects +- Collect directory audit events diff --git a/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/overview.md new file mode 100644 index 0000000000..cd181997e8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/overview.md @@ -0,0 +1,60 @@ +# AzureADInventory Data Collector + +The AzureADInventory Data Collector catalogs user and group object information from Microsoft Entra +ID, formerly Azure Active Directory. This data collector is a core component of Enterprise Auditor +and is preconfigured in the .Entra ID Inventory Solution. + +Both this data collector and the solution are available with all Enterprise Auditor license options. +See the +[.Entra ID Inventory Solution](/docs/accessanalyzer/11.6/solutions/entraidinventory/overview.md) +topic for additional information. + +Protocols + +- HTTP +- HTTPS +- REST + +Ports + +- TCP 80 and 443 + +Permissions + +- Microsoft Graph API + + - Application Permissions: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + + - Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +- Access URLs + + - https://login.windows.net + - https://graph.windows.net + - https://login.microsoftonline.com + - https://graph.microsoft.com + + - All sub-directories of the access URLs listed + +## AzureADInventory Query Configuration + +The AzureADInventory Data Collector is configured through the Entra ID Inventory DC Wizard, which +contains the following wizard pages: + +- Welcome +- [AzureADInventory: Category](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/category.md) +- [AzureADInventory: Options](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/options.md) +- [AzureADInventory: Custom Attributes](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributes.md) +- [AzureADInventory: Results](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/results.md) +- [AzureADInventory: Summary](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/summary.md) + +![Entra ID Inventory Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +Hide the Welcome page the next time this data collected is accessed by selecting the **Do not +display this page the next time** checkbox. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/results.md b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/results.md new file mode 100644 index 0000000000..dba7fc867b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/results.md @@ -0,0 +1,11 @@ +# AzureADInventory: Results + +The Results page is where the properties from Microsoft Entra ID to be gathered are selected. It is +a wizard page for the category of Scan Entra ID. + +![Entra ID Inventory DC Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be checked individually or the **Select All** and **Clear All** buttons can be used. +All checked properties are collected. This information is not available within the standard +reference tables and views. Instead, this information can be viewed in the +**SA_AzureADInventory_DEFAULT** table, which is created when any of these properties are selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/standardtables.md b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/standardtables.md new file mode 100644 index 0000000000..54e27fd8c4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/standardtables.md @@ -0,0 +1,51 @@ +# Standard Reference Tables & Views for the AzureADInventory Data Collector + +The AzureADInventory Data Collector collects essential user and group inventory information into +standard reference tables. Unlike other Enterprise Auditor data collectors, the AzureADInventory +Data Collector writes data to these tables regardless of the job executing the query. + +These tables and their associated views are outlined below: + +| Table | Details | +| ----------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_AzureADInventory_Contacts | Contains a list of principal identifiers and their corresponding Department and Job Title | +| SA_AzureADInventory_Domains | Contains information about the domain such as last updated date and time | +| SA_AzureADInventory_EffectiveGroupMembers | Contains expanded group membership which includes a flattened representation of members and nesting levels | +| SA_AzureADInventory_Exceptions | Contains information about security issues and concerns See the [AzureADInventory Exception Types Translated](#azureadinventory-exception-types-translated) section for an explanation of Exception Types | +| SA_AzureADInventory_ExceptionTypes | Contains more detailed information about each security issues and concerns See the [AzureADInventory Exception Types Translated](#azureadinventory-exception-types-translated) section for an explanation of Exception Types | +| SA_AzureADInventory_ExtendedAttributes | Contains information gathered by the custom attributes component of the query configuration | +| SA_AzureADInventory_GroupMembers | Contains a map of groups to member Identifiers | +| SA_AzureADInventory_GroupOwners | Contains a map of groups to owner Identifiers | +| SA_AzureADInventory_Groups | Contains extended information about groups, mail enabled, security enabled, and so on | +| SA_AzureADInventory_Principals | Contains common attributes for users, groups, and computers as well as references to their primary display name and mail addresses | +| SA_AzureADInventory_Users | Contains extended information about users, department, title, and so on | + +Views are the recommended way for you to obtain the information gathered by the AzureADInventory +Data Collector. They contain additional information for building queries easily. The following is an +explanation of the corresponding views created for some of the tables generated by the +AzureADInventory Data Collector: + +| Views | Details | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | +| SA_AzureADInventory_EffectiveGroupMembersView | Contains effective group membership information | +| SA_AzureADInventory_ExceptionsView | Contains principals that are identified to have security concerns as well as detailed security concern information | +| SA_AzureADInventory_GroupMembersView | Contains group membership information | +| SA_AzureADInventory_GroupOwnersView | Contains group owner information | +| SA_AzureADInventory_GroupsView | Contains group level information | +| SA_AzureADInventory_PrincipalsView | Contains common attributes from the principals table including additional domain details | +| SA_AzureADInventory_UsersView | Contains user information | + +### AzureADInventory Exception Types Translated + +The following table translates the Type of Exceptions that can found. + +| Type | Exception | Description | +| ---- | -------------------- | ------------------------------------------------------------------------- | +| 1 | Large Groups | Groups with a large amount of effective members | +| 2 | Deeply Nested | Groups with deep levels of membership nesting | +| 3 | Circular Nesting | Groups with circular references in their effective membership | +| 4 | Empty Groups | Groups with no membership | +| 5 | Single Member Groups | Groups with a single direct member | +| 6 | Stale Users | Users that have not logged onto the domain for an extended period of time | +| 7 | Stale Membership | Groups with a high percentage of effective members that are stale users | +| 8 | Large Token | Users with a large amount of authorization groups in their token | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/summary.md new file mode 100644 index 0000000000..b2c9a2f954 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/summary.md @@ -0,0 +1,10 @@ +# AzureADInventory: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for both of the +categories. + +![Entra ID Inventory DC Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Entra ID Inventory DC Wizard to ensure that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/troubleshooting.md b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/troubleshooting.md new file mode 100644 index 0000000000..7eedd994c1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/troubleshooting.md @@ -0,0 +1,34 @@ +# Troubleshooting AzureADInventory Data Collector + +## Clear AzureADInventory Tables + +Sometimes when troubleshooting an AzureADInventory issue, it becomes necessary to clear the standard +reference tables. Follow the steps. + +**Step 1 –** Create a new job and assign a query using the **AZUREADINVENTORY** Data Collector. + +**Step 2 –** In the Entra ID Inventory DC Wizard on the Category page, select the **Remove Tables** +category task. + +**Step 3 –** Click **Next** and then **Finish** to close the Entra ID Inventory DC Wizard. Click +**OK** to close the Query Properties window. + +When the job is run, all of the AzureADInventory standard reference tables are removed from the +database. + +## Troubleshooting Error Messages + +Change the XML parameters to address the following errors: + +Error: Microsoft.Graph.ServiceException: Code: timeout Message: The request timed out + +Update the `` parameter to update the number of retries to run the query. +The default is 3. + +Error: An existing connection was forcible closed by the remote host + +Update the `` parameter to update the max delta token age. The default is 6. + +See the +[View Job XML File](/docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxml.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/activityoperationscope.md b/docs/accessanalyzer/11.6/admin/datacollector/box/activityoperationscope.md new file mode 100644 index 0000000000..da774e59ae --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/activityoperationscope.md @@ -0,0 +1,23 @@ +# Box: Activity Operation Scope + +The Activity Operation Scope page (ActivityOperationScope) is where Box Enterprise events can be +selected or unselected for scans. It is a wizard page for the Scan Box Activity category. + +![Box DC Wizard Activity Operation Scope page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/activityoperation.webp) + +Event filters can be selected by group or the group may be expanded and the filters selected +individually. All selected filters are gathered from the Box environment. + +Event filters include: + +- Collaboration +- File Activity +- Group +- Login +- Metadata +- Misc +- Security +- Sharing +- Task +- Users +- Workflow diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/activitytimeframescope.md b/docs/accessanalyzer/11.6/admin/datacollector/box/activitytimeframescope.md new file mode 100644 index 0000000000..5a8726a0c4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/activitytimeframescope.md @@ -0,0 +1,23 @@ +# Box: Activity Timeframe Scope + +The Activity Timespan Scope page (ActivityTimeframeScope) is where Box activity data collection is +configured. It is a wizard page for the Scan Box Activity category. + +![Box DC Wizard Activity Timespan Scope page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/activitytimeframe.webp) + +Select one of the following options to configure the timeframe for Box data collection: + +- Relative Timespan – Collects activity from a set number of days relative to the present + + - Collect activity from the last [number] Days – Enter the number of days for which activity + data collection is required. The default is 180. The maximum timespan is 365 days. + - Data retention settings – Select a preferred retention setting + + - Within timespan – Deletes all data outside of the selected timespan + - Retain all data – Retains all data collected inside or outside of the selected timespan + +- Absolute Timespan – Enter the interval of days for which activity data collection is required. The + default End Date is the current day. + + **NOTE:** Choosing an absolute timespan will not affect activity data during relative timespan + scans. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/additionalscoping.md b/docs/accessanalyzer/11.6/admin/datacollector/box/additionalscoping.md new file mode 100644 index 0000000000..3463340be6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/additionalscoping.md @@ -0,0 +1,15 @@ +# Box: Additional Scoping + +The Additional Scoping page is where the scan can be limited by depth of the scan. It is a wizard +page for the Scan Box Permissions category. + +![Box DC Wizard Additional Scoping page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/additionalscoping.webp) + +Configure the scan depth level: + +- Limit scanned depth to: [number] level – Select the checkbox and set the scan depth level to the + desired depth. If this checkbox is not selected, then the entire Box environment will be scanned, + according to the + [Box: Exclusions Page](/docs/accessanalyzer/11.6/admin/datacollector/box/exclusions.md) + settings. If the scoping depth is set to **0** then only root will be scanned. Each increment will + add another level of depth from root level. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/authenticate.md b/docs/accessanalyzer/11.6/admin/datacollector/box/authenticate.md new file mode 100644 index 0000000000..d03848a209 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/authenticate.md @@ -0,0 +1,15 @@ +# Box: Authenticate + +The Authenticate page is where connection to the Box environment is configured. It is a wizard page +for all categories. + +![Box DC Wizard Authentication page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/authentication.webp) + +Click **Authorize** to launch the BoxLogin window and generate an authorization code. This code will +allow Enterprise Auditor to report on the Box Enterprise. + +![BoxLogin window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/boxlogin.webp) + +Enter an email address and password for an account with Enterprise Admin credentials in the targeted +Box environment. Then click **Authorize** to grant access to Box and generate the code. The **Use +Single Sign On (SSO)** option is an alternative log in method. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/category.md b/docs/accessanalyzer/11.6/admin/datacollector/box/category.md new file mode 100644 index 0000000000..8aecf7ac3c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/category.md @@ -0,0 +1,17 @@ +# Box: Category + +Use the Category page to select the type of scan or import for the Box Enterprise targeted. + +![Box DC Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The Box Data Collector contains the following query categories: + +- Box Activity Audit – Scan Box activity + + - Scan Box Activity – Performs an audit of Box activity + - Bulk Import Box Activity – Performs a bulk import of Box activity + +- Box Permission Audit – Scan Box permissions + + - Scan Box Permissions – Performs an audit for Box permissions + - Import Box Permissions – Performs an import of Box permissions diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/exclusions.md b/docs/accessanalyzer/11.6/admin/datacollector/box/exclusions.md new file mode 100644 index 0000000000..ce5123803c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/exclusions.md @@ -0,0 +1,20 @@ +# Box: Exclusions Page + +The Exclude or Include folders page (ExclusionsPage) is where the scan can be limited to include or +to exclude folders within the Box Enterprise. It is a wizard page for of Scan Box Permissions +category. + +![Box DC Wizard Exclude or Include folders page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/exclusions.webp) + +The options on the Exclusions Page are: + +- Add as inclusion – Type the path of a folder in the text box to include in the scan. The folder + path must not include a slash at the end. + + - Example format: `/All Files/Folder/SubFolder` + - Incorrect format: `/All Files/Folder/SubFolder/` + +- Add as exclusion – Type the path of a folder in the text box to exclude from the scan + +The **Remove** option will delete a selected folder from the list. The **Clear List** option will +remove all folders from the list. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/box/overview.md new file mode 100644 index 0000000000..87f1dcfb10 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/overview.md @@ -0,0 +1,51 @@ +# Box Data Collector + +The Box Data Collector audits access, group membership, and content within a Box enterprise. + +**NOTE:** If the Box Data Collector is used in a new job, outside of the Box Solution, it is +necessary to deselect the **Skip Hosts that do not respond to PING** option on the job’s +**Properties** > **Performance** tab. + +The Box Data Collector has been preconfigured within the Box Solution. Both this data collector and +the solution are available with a special Enterprise Auditor license. See the +[Box Solution](/docs/accessanalyzer/11.6/solutions/box/overview.md) +topic for additional information. + +Protocols + +- HTTP +- HTTPS + +Ports + +- TCP 80 +- TCP 443 + +Permissions + +- Box Enterprise Administrator + +## Box Query Configuration + +The Box Data Collector is configured through the Box Data Collector Wizard. The wizard contains the +following pages, which change based up on the query category selected: + +- Welcome +- [Box: Category](/docs/accessanalyzer/11.6/admin/datacollector/box/category.md) +- [Box: Exclusions Page](/docs/accessanalyzer/11.6/admin/datacollector/box/exclusions.md) +- [Box: Scope by User Page](/docs/accessanalyzer/11.6/admin/datacollector/box/scopebyuser.md) +- [Box: Additional Scoping](/docs/accessanalyzer/11.6/admin/datacollector/box/additionalscoping.md) +- [Box: Activity Timeframe Scope](/docs/accessanalyzer/11.6/admin/datacollector/box/activitytimeframescope.md) +- [Box: Activity Operation Scope](/docs/accessanalyzer/11.6/admin/datacollector/box/activityoperationscope.md) +- [Box: Authenticate](/docs/accessanalyzer/11.6/admin/datacollector/box/authenticate.md) +- [Box: Results](/docs/accessanalyzer/11.6/admin/datacollector/box/results.md) +- [Box: Summary](/docs/accessanalyzer/11.6/admin/datacollector/box/summary.md) + +The Welcome page gives an overview of the data collector. To proceed through the pages, click +**Next** or use the Steps navigation pane to open another page in the wizard. Review the +introductory and caution information about the Box Data Collector before proceeding. + +![Box DC Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by checking the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/results.md b/docs/accessanalyzer/11.6/admin/datacollector/box/results.md new file mode 100644 index 0000000000..4b486b50c6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/results.md @@ -0,0 +1,9 @@ +# Box: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +categories. + +![Box DC Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or the **Select All** or **Clear All** buttons can be used. +All selected properties will be gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/scopebyuser.md b/docs/accessanalyzer/11.6/admin/datacollector/box/scopebyuser.md new file mode 100644 index 0000000000..8cd649e666 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/scopebyuser.md @@ -0,0 +1,16 @@ +# Box: Scope by User Page + +The User Scope Settings page (ScopeByUserPage) is where the scope of the scan can be limited to +specified users and the resulting scan will only scan for the specified users. It is a wizard page +for the Scan Box Permissions category. + +![Box DC Wizard User Scope Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/scopebyuser.webp) + +Select whether to scan **All Users** or **Limited Users**. If scanning for **Limited Users**, click +**Browse** and navigate to the path of the CSV file that contains the email addresses of users to be +included in the scan. The CSV file should have one email address per row. + +**NOTE:** The query will collect information related to User names and Group membership for all +users in a target environment. However, if the query is scoped to specific users, no additional +information is collected for users outside out of the scope. User names and group membership for the +target environment is necessary to generate the Box Solution reports. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/standardtables.md b/docs/accessanalyzer/11.6/admin/datacollector/box/standardtables.md new file mode 100644 index 0000000000..240ee80e1d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/standardtables.md @@ -0,0 +1,34 @@ +# Standard Reference Tables & Views For the Box Data Collector + +The Box Data Collector gathers essential user and group inventory information into standard +reference tables. These tables and their associated views are outlined below: + +| Table | Details | +| -------------------------- | ----------------------------------------------------------------------------------------------------------------------- | +| SA_Box_Collaborations | Contains all of the trustees who have access on folders and defines the access type | +| SA_Box_Enterprises | Contains information on the enterprises within the Box environment | +| SA_Box_EventNames | Contains information on the names of events within the Box environment | +| SA_Box_Events | Contains information on the type of events within the Box environment | +| SA_Box_ExternalUsers | Contains one row per user and displays information on external users over the past 30 days | +| SA_Box_FileDetails | Contains one row per file and displays file-specific details | +| SA_Box_FolderDetails | Contains one row per folder and displays folder-specific details | +| SA_Box_GroupMembers | Contains unique row for each trustee per group and defines the access type of each member | +| SA_Box_Groups | Contains all of the enterprise-created groups and has a unique row for each group | +| SA_Box_Hosts | Contains the name and ID of all Box enterprises that have been scanned for permissions | +| SA_Box_Resources | Contains information about all audited resources, which can be files or folders. It contains a unique row per resource. | +| SA_Box_TaskStatus | Displays the tasks which have been completed and the corresponding USN value | +| SA_Box_Trustees | Contains basic information about all of the users and groups | +| SA_Box_UnusualUserActivity | Contains information about suspicious activity on user accounts | +| SA_Box_Users | Contains one row per user and displays information on users of any teams present | + +Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the +Box Data Collector. They contain additional information for building queries easily. The following +is an explanation of the corresponding views created for some of the tables generated by the Box +Data Collector: + +| Views | Details | +| ------------------------- | ------------------------------------------------------------------------------------------------------------ | +| SA_Box_CollaborationsView | Displays the collaborations applied to shared folders and the access type for the trustee | +| SA_Box_ExternalUsersView | Displays external user activity which has occurred over the past 30 days | +| SA_Box_GroupMembersView | Displays all of the users, which groups they are members of, and the access type on the group | +| SA_Box_ResourceEventsView | Displays all of the events, which users created it, the source of that event, and the name and type of event | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/box/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/box/summary.md new file mode 100644 index 0000000000..576ccaff8c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/box/summary.md @@ -0,0 +1,10 @@ +# Box: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![Box DC Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Box Data Collector Wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/definefields.md b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/definefields.md new file mode 100644 index 0000000000..4a19e8c872 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/definefields.md @@ -0,0 +1,9 @@ +# CLU: Define Fields + +The Define Fields page provides options to define and configure fields for the Command Line Utility +output. It is a wizard page for the **Edit Profile** and **Create a New Profile** profile types. + +![Command Line Utility Data Collector Wizard Define Fields page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/definefields.webp) + +**CAUTION:** Do not modify this page without guidance from Netwrix or the data may not be processed +by Enterprise Auditor. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/executionoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/executionoptions.md new file mode 100644 index 0000000000..e695adb2e5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/executionoptions.md @@ -0,0 +1,51 @@ +# CLU: Execution Options + +The Execution Options page provides options to define the mode of execution. It is a wizard page for +the **Edit Profile** and **Create a New Profile** selections on the Profile Type page. + +![Command Line Utility Data Collector Wizard Execution Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/executionoptions.webp) + +The available options on the page vary depending on the selected profile type. The possible options +are as follows: + +Execution Type + +The Execution Type section identifies the mode of execution: + +- Local – Execute the utility within the Enterprise Auditor Console +- Remote – Execute the utility on the target host + +Output options + +The output options include: + +- Write Output to a text file – Writes task output to a text file which is thenprocessed to collect + properties +- Preserve Output file – Stores the output file on the local machine +- .Exe Present in Installed CLU Directory – Select the checkbox if the .exe utility is present in + the installed CLU directory. The path on the Profile Parameters page should be the utility name + instead of the full path. See the + [CLU: Profile Parameters](/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profileparameters.md) topic + for additional information. + +Remote Execution Options + +The Remote Execution Options apply to the Remote mode of execution: + +- Copy .exe to remote host – Copies the executable from the local machine to the remote machine + before executing it +- Leave .exe on remote host – Keeps the executable on the remote machine after execution + +Other Settings + +The Other Settings section provides additional options: + +- Ignore Error Code – Error code to skip while executing the command line utility using the task + scheduler + + - The `0` code is always skipped during execution + - If no error code is required, enter `0` + +- Timeout – Timeout limit in seconds for the task to finish + + - The default value is 1200 seconds, or 20 minutes diff --git a/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/overview.md new file mode 100644 index 0000000000..d3dbf78422 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/overview.md @@ -0,0 +1,41 @@ +# CommandLineUtility Data Collector + +The CommandLineUtility Data Collector provides the ability to remotely spawn, execute, and extract +data provided by a Microsoft native or third-party command line utility. It allows users to easily +execute a command line utility and capture its output as Enterprise Auditor data. This data +collector is a core component of Enterprise Auditor and is available with all Enterprise Auditor +licenses. + +Protocols + +- Remote Registry +- RPC + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the local Administrators group + +## CommandLineUtility Query Configuration + +The CommandLineUtility Data Collector executes a command line utility and captures the output. It is +configured through the Command Line Utility Data Collector Wizard, which contains the following +pages: + +- Welcome +- [CLU: Profile Type](/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profiletype.md) +- [CLU: Profile Parameters](/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profileparameters.md) +- [CLU: Execution Options](/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/executionoptions.md) +- [CLU: Define Fields](/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/definefields.md) +- [CLU: Script Editor](/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/scripteditor.md) +- [CLU: Results](/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/results.md) +- [CLU: Summary](/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/summary.md) + +![Command Line Utility Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profileparameters.md b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profileparameters.md new file mode 100644 index 0000000000..ab03d31894 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profileparameters.md @@ -0,0 +1,24 @@ +# CLU: Profile Parameters + +The Profile Parameters page provides settings to configure the parameters for the profile. It is a +wizard page for the **Edit Profile** or **Create a New Profile** selections on the Profile Type +page. + +![Command Line Utility Data Collector Wizard Profile Parameters page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profileparameters.webp) + +Profile parameters include: + +- Profile Name – Name of the profile. If **Edit Profile** was selected on the Profile Type page, + then this is the name of an existing profile to be edited. If **Create a New Profile** was + selected, then this is the name of a new profile. +- Path – Path of the utility (.exe) from the local or remote machine. If stored on the local + machine, give the local path. If the utility is located on multiple paths in the same machine, + each can be entered on a new line in this field. If the .exe file is present in the installed CLU + directory, then enter the utility name rather than the full path. +- Start in path for task (Optional) – Working directory for the command line that executes the + program or script. This should be either the path to the program or script file, or the path to + the files that are used by the executable file. +- Command Line – Command that the utility executes. If the utility is self-executable and does not + need a command, leave this field blank. +- Output File Name – Enter the desired name for the output file. By default, the output file name + matches the profile name. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profiletype.md b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profiletype.md new file mode 100644 index 0000000000..d1f627ff52 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profiletype.md @@ -0,0 +1,15 @@ +# CLU: Profile Type + +The Profile Type page contains options to select a new or existing profile. + +![Command Line Utility Data Collector Wizard Profile Type page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profiletype.webp) + +The options on the Profile Type page are: + +- Select Profile – Allows you to change the properties of a profile from the results page +- Edit Profile – Allows you to edit a profile's execution options and properties. Enables the Define + Fields and Script Editor pages. +- Create a New Profile – Allows you to create a new profile. Enables the Define Fields and Script + Editor pages. + +The profile type selected may alter the availability of the subsequent wizard steps. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/results.md b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/results.md new file mode 100644 index 0000000000..fa6df1159f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/results.md @@ -0,0 +1,10 @@ +# CLU: Results + +The Results page is where the properties to be returned as columns in the results table are +selected. It is a wizard page for all profile types. + +![Command Line Utility Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Select one or more properties to be returned as columns in the results table. Click **Select All** +to select all of the properties, or click **Clear All** to clear all the currently selected +properties. The available properties vary based on the selections on previous wizard pages. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/scripteditor.md b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/scripteditor.md new file mode 100644 index 0000000000..d8a2aebadd --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/scripteditor.md @@ -0,0 +1,11 @@ +# CLU: Script Editor + +The Script Editor page provides options to create or edit a Visual Basic script that is used to +parse the output file created by the data collector after execution. The Script Editor page is +enabled when **Edit Profile** or **Create a New Profile** is selected on the Profile Type page. The +page is disabled when the **Select Profile** option is selected on the Profile Type page. + +![Command Line Utility Data Collector Wizard Script Editor page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/scripteditor.webp) + +**CAUTION:** Do not modify this page without guidance from Netwrix or the data may not be processed +by Enterprise Auditor. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/summary.md new file mode 100644 index 0000000000..446db299e8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/summary.md @@ -0,0 +1,10 @@ +# CLU: Summary + +The Summary page provides a summary of the query that has been created or edited. It is a wizard +page for all profile types. + +![Command Line Utility Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Command Line Utility Data Collector Wizard to ensure that no +accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/overview.md new file mode 100644 index 0000000000..02593f0185 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/overview.md @@ -0,0 +1,35 @@ +# DiskInfo Data Collector + +The DiskInfo Data Collector provides enumeration of disks and their associated properties. When +targeting the local host for a DiskInfo query, it is necessary to select the **Systems Default** +option as the connection profile. This data collector is a core component of Enterprise Auditor and +is available with all Enterprise Auditor licenses. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the local Administrators group + +## DiskInfo Query Configuration + +The DiskInfo Data Collector is configured through the Disk Info wizard, which contains the following +wizard pages: + +- Welcome +- [DiskInfo: Target Disks](/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/targetdisks.md) +- [DiskInfo: Results](/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/results.md) +- [DiskInfo: Summary](/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/summary.md) + +![Disk Info wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/results.md b/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/results.md new file mode 100644 index 0000000000..f13b7a93f1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/results.md @@ -0,0 +1,26 @@ +# DiskInfo: Results + +The Results page provides a checklist of the data that is available for return by the query. Any +number of options can be selected at once, but at least one must be selected in order to complete +the wizard. + +![Disk Info wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually, or you can use the **Select all** and **Clear all** +buttons. The table below describes the available options. + +| Checklist Result | Description | +| ----------------------------- | ------------------------------------------------------------------------------------------------------------------- | +| DriveLetter | Drive Letter of the drive being scanned | +| GBDiskFreeSpace | Total amount of free space on the scanned drive in GB | +| GBDiskSize | Total size of scanned disk in GB | +| MBDiskFreeSpace | Total amount of free space on the scanned drive in MB | +| MBDiskSize | Total size of scanned disk in MB | +| PercentFree | Percentage of the scanned drive that is free | +| VolumeLabel | Name of drive (if it exists) | +| FileSystemType | Type of FileSystem configuration. This can include NTFS, FAT(12, 16, 32) and others | +| DiskType | Kind of disk that is being used. These can include fixed, removable, shared, and so on. | +| ClusterSizer | If scanning a disk that is part of a cluster, this indicates the total size of the cluster that the disk is part of | +| FilePercentFragmentation | Percent of used disk space that shows fragmentation | +| FreeSpacePercentFragmentation | Percentage of free space on the disk that shows fragmentation | +| TotalPercentFragmentation | Percentage of total disk space that shows fragmentation | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/summary.md new file mode 100644 index 0000000000..e188dc4a77 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/summary.md @@ -0,0 +1,9 @@ +# DiskInfo: Summary + +The Summary page displays a summary of the configured query. + +![Disk Info wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Disk Info Data Collector Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/targetdisks.md b/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/targetdisks.md new file mode 100644 index 0000000000..3d712eaa27 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/diskinfo/targetdisks.md @@ -0,0 +1,48 @@ +# DiskInfo: Target Disks + +The Target Disks page provides a selection of storage devices from which to return data from the +target host after a query. + +![Disk Info wizard Target Disks page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/targetdisks.webp) + +Use the options to select the desired target disk. + +- The Enumerate all storage devices – Allows all internal drives to be scanned. In order to expand + the scan, two sub-options can be included together, separately, or not at all. + + - Include removable storage devices – Scans removable devices that are plugged into the target + host + - Include network storage devices – Scans mapped drives that exist through a connected network + +- Single drive letter – Allows information to be collected from a single drive (`A:` through `Z:`) + during a single query. This option includes both operating system drives and removable disks. +- Enumerate all mount points (available for Windows 2003+ systems) – Targets any drive letter on the + target host that points to a mapped share drive +- Registry lookup – Provides the path of connection to gather information from the Enterprise + Auditor Registry Browser. By default, the local host will be targeted unless modified. The + Registry value are instructions for the data found within the subfolders of the registry. + + - The browse button **(…)** under the Registry lookup option opens the Enterprise Auditor + Registry Browser window. Use the registry browser to find registry keys and values that are on + a target host in the environment. See the + [DiskInfo: Registry Browser](#diskinfo-registry-browser) topic for additional information. + +## DiskInfo: Registry Browser + +Clicking the browse button on the Target Disks wizard page opens the Enterprise Auditor Registry +Browser. Use this page to find registry keys and values that exist on a target host in the +environment. + +![Registry Browser](/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/registrybrowser.webp) + +The configurable options on the Registry Browser are: + +- Sample from Host – Host for which the Registry will be browsed. If this box is left blank, the + Registry on the local host is used. +- 64-bit view – Default view is 32-bit. Select the 64-bit checkbox to switch to a 64-bit view. +- Connect – Click **Connect** to browse the Registry +- Table Columns – Select the Registry from the navigation pane to view keys in the table + + - Name – Registry key value + - Type – Key value type + - Data – Key value path diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dns/category.md b/docs/accessanalyzer/11.6/admin/datacollector/dns/category.md new file mode 100644 index 0000000000..859369e4ea --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dns/category.md @@ -0,0 +1,45 @@ +# DNS: Category + +The DNS Data Collector Category page contains the following query categories, sub-divided by +auditing focus: + +![Domain Name System Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +- DNS Configuration – Collect data from the DNS configuration + + - Cache – DNS Cache information + - Server – DNS Server Configuration information + - RootHints – Root Hints stored in the cache file + - Statistics – Statistics collected + - Zone – DNS Zone information + +- DNS Record Types – Collect data on the individual DNS records + + - AFSDB – Andrew File System database server (AFSDB) resource records + - ATMA – ATM address to name (ATMA) records + - CNAME – Canonical Name (CNAME) records + - A – Host address (A) resource records + - HINFO – Host Information (HINFO) records + - AAAA – IPv6 address (AAAA) resource records + - ISDN – ISDN resource records + - KEY – KEY resource records + - MD – Mail Agent for domain (MD) records + - MB – Mailbox (MB) records + - MX – Mail Exchanger (MX) records + - MF – Mail Forwarding Agent (MF) records + - MG – Mail Group (MG) resource records + - MINFO – Mail Information (MINFO) records + - MR – Mailbox Rename (MR) records + - NXT – Next (NXT) resource records + - NS – Name Server (NS) records + - PTR – Pointer (PTR) records + - RP – Responsible person (RP) records + - RT – Route through (RT) records + - SOA – Start of authority (SOA) records + - SRV – Service (SRV) records + - SIG – Signature (SIG) resource records + - TXT – Text (TXT) records + - WKS – Well-known service (WKS) records + - WINS – Windows Internet Name Service (WINS) records + - WINSR – Windows Internet Name Service (WINS) reverse lookup records + - X25 – X.25 records diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dns/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/dns/overview.md new file mode 100644 index 0000000000..a0f6070868 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dns/overview.md @@ -0,0 +1,33 @@ +# DNS Data Collector + +The DNS Data Collector provides information regarding DNS configuration and records. It is available +with the Active Directory Solution. Both this data collector and the solution are available with a +special Enterprise Auditor license. + +Protocols + +- RPC + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Domain Administrators group + +## DNS Query Configuration + +The DNS Data Collector is configured through the Domain Name System Data Collector Wizard, which +contains the following wizard pages: + +- Welcome +- [DNS: Category](/docs/accessanalyzer/11.6/admin/datacollector/dns/category.md) +- [DNS: Results](/docs/accessanalyzer/11.6/admin/datacollector/dns/results.md) +- [DNS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/dns/summary.md) + +![Domain Name System Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the Do not display this page the next time checkbox when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dns/results.md b/docs/accessanalyzer/11.6/admin/datacollector/dns/results.md new file mode 100644 index 0000000000..820bd60bf9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dns/results.md @@ -0,0 +1,10 @@ +# DNS: Results + +The Results page is where DNS properties to be gathered are selected. It is a wizard page for all +categories. + +![Domain Name System Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Available properties can be selected individually, or the **Select All**, **Clear All**, and **Reset +to defaults** buttons can be used. All selected properties are gathered. Available properties vary +based on the category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dns/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/dns/summary.md new file mode 100644 index 0000000000..3bb35f61f8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dns/summary.md @@ -0,0 +1,9 @@ +# DNS: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all categories. + +![Domain Name System Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Domain Name System Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/category.md b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/category.md new file mode 100644 index 0000000000..9a0a70aa6b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/category.md @@ -0,0 +1,20 @@ +# DropboxAccess: Category + +Use the Category Selection Page to identify the type of information to retrieve. The DropboxAccess +Data Collector contains the following query categories, sub-divided by auditing focus: + +![Dropbox Access Auditor Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +- The Dropbox Access Audits scans for Dropbox access information: + + - Scan Dropbox Access – Performs a Dropbox access audit to collection permissions information + - Bulk Import Access Scan Results – Imports Dropbox access scan results into the Enterprise + Auditor database and creates SQL views + +- The Sensitive Content scans for sensitive data information: + + - Scan for Sensitive Content – Scans for sensitive data content on Dropbox + - Bulk Import Sensitive Content Scan Results – Imports sensitive content scan results into the + Enterprise Auditor database and creates SQL views + +The selection made on the Category Selection Page determines the wizard pages available. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/completion.md b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/completion.md new file mode 100644 index 0000000000..0b90d0cb37 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/completion.md @@ -0,0 +1,16 @@ +# DropboxAccess: Summary (Completion) + +The Completion page, is where configuration settings are summarized. This page is a wizard page for +all categories. + +![Dropbox Access Auditor Data Collector Wizard Completion page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/completion.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Dropbox Access Auditor Data Collector Wizard ensuring that no +accidental clicks are saved. + +_Remember,_ if an Access Token was generated, use it as the credential within the Connection +Profile. Then assign it to the job group or job which will be scanning the targeted Dropbox +environment. See the +[Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/configurejob.md) topic +for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/configurejob.md b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/configurejob.md new file mode 100644 index 0000000000..fe991d388b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/configurejob.md @@ -0,0 +1,31 @@ +# Custom Dropbox Connection Profile & Host List + +The DropboxAccess Data Collector requires a custom Connection Profile to be created and assigned to +the job or job group conducting the data collection. + +## Connection Profile + +Creating the Connection Profile requires an access token. The access token is generated on the Scan +Options page of the Dropbox Access Auditor Data Collector Wizard. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Dropbox +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Access Token – Copy and paste the Access Token after it has been generated from the Scan Options + page of the Dropbox Access Auditor Data Collector Wizard. See the + [DropboxAccess: Scan Options](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.md) topic + for additional information. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +## Host List + +The host list should be set to: + +- Local host diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/dlpauditsettings.md b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/dlpauditsettings.md new file mode 100644 index 0000000000..6785b8d1e5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/dlpauditsettings.md @@ -0,0 +1,40 @@ +# DropboxAccess: DLP Audit Settings + +Use the DLP Audit Settings page to configure sensitive data discovery settings. This page is a +wizard page for the Scan for Sensitive Content category. + +![Dropbox Access Auditor Data Collector Wizard DLP Audit Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/dlpauditsettings.webp) + +Configure the DLP audit settings: + +- Scan Performance: + + - Don’t process files larger than – Limits the files to be scanned for sensitive content to + files smaller than the specified size + +- File types to scan: + + - Scan typical documents (recommended, fastest) – Scans most common file types + - Scan all document types (slower) – Scans all file types except those excluded + +- Store Match Hits –  Choose whether to store copies of potentially sensitive data discovered during + the scan: + + - Store discovered sensitive data – Stores a copy of any potentially sensitive data that matches + the selected criteria in the Enterprise Auditor database. This copy can be used to check for + false positives, data that matches the selected criteria but is not actually sensitive. + - Limit stored matches per criteria to [number] – Identifies the number of potentially sensitive + data matches that are copied to the database. The default is 5 matches. This option is + available only if the **Store discovered sensitive data** option is selected. + +- Perform differential scan of – Enables users to choose whether to employ incremental scanning: + + - Files modified since last scan – Scans only files modified since the last scan + - Files modified since [date] – Only scans files modified after the specified date + - Files modified since the last [number] days – Scans files modified within the specified number + of days + +_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to have +been installed on the Enterprise Auditor Console. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/overview.md new file mode 100644 index 0000000000..0e81ce6af3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/overview.md @@ -0,0 +1,50 @@ +# DropboxAccess Data Collector + +The DropboxAccess Data Collector audits access, group membership, and content within a Dropbox +environment. Dropbox can scan the contents of over 400 file types to discover which files contain +sensitive data using the Sensitive Data Discovery Add-on. The DropboxAccess Data Collector has been +preconfigured within the Dropbox Solution. Both this data collector and the solution are available +with a special Enterprise Auditor license. See the +[Dropbox Solution](/docs/accessanalyzer/11.6/solutions/dropbox/overview.md) +topic for additional information. + +Protocols + +- HTTP +- HTTPS + +Ports + +- TCP 80 +- TCP443 + +Permissions + +- Dropbox Team Administrator + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +## Query Configuration + +The DropboxAccess Data Collector is configured through the Dropbox Access Auditor Data Collector +Wizard. The wizard contains the following pages, which change based upon the query category +selected: + +- Welcome +- [DropboxAccess: Category](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/category.md) +- [DropboxAccess: Scan Options](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.md) +- [DropboxAccess: Scoping](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scoping.md) +- [DropboxAccess: DLP Audit Settings](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/dlpauditsettings.md) +- [DropboxAccess: Select DLP Criteria](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/selectdlpcriteria.md) +- [DropboxAccess: Summary (Completion)](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/completion.md) + +![Dropbox Access Auditor Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.md new file mode 100644 index 0000000000..d9f8ea9eda --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.md @@ -0,0 +1,36 @@ +# DropboxAccess: Scan Options + +Use the Scan Options page to authorize Enterprise Auditor to generate an Access Token allowing the +DropboxAccess Data Collector to access and scan an organization’s Dropbox environment. The Access +Token is used as the credential in the Connection Profile. + +**NOTE:** The Access Token needs to be generated only once, prior to the first execution of any job +in which the DropboxAccess Data Collector is used in a query. + +The Scan Options page is a wizard page for the following categories: + +- Scan Dropbox Access +- Scan for Sensitive Content + +Follow the steps to create the Access Token: + +![Dropbox Access Auditor Data Collector Wizard Scan Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.webp) + +**Step 1 –** Click the **Authorize** button to access the Dropbox Authentication page. + +![Dropbox Log in page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp) + +**Step 2 –** On the Dropbox Authentication page, log in as the Team Administrator. + +![Copy Access Token](/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp) + +**Step 3 –** Once the Access Token has been generated, click **Copy to Clipboard**. Click **Next** +to finish choosing the configuration options or click **Cancel** to close the Dropbox Access Auditor +Data Collector Wizard. + +Create a Connection Profile using this access token as the credential. See the +[Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/configurejob.md) +topic for additional information on configuring the Dropbox credential. + +_Remember,_ assign this Connection Profile to the job group or job where the host assignment for the +Dropbox environment to be targeted has been assigned. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scoping.md b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scoping.md new file mode 100644 index 0000000000..a0f38d9c36 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scoping.md @@ -0,0 +1,22 @@ +# DropboxAccess: Scoping + +The Scoping page configures the data collector to scan either the entire Dropbox environment or +limit the scan to specific users. The page is a wizard page for the following categories: + +- Scan Dropbox Access +- Scan for Sensitive Content + +![Dropbox Access Auditor Data Collector Wizard Scoping Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scoping.webp) + +Use the scoping options to select the depth of the scan: + +- User Scoping: + + - All Users – Scans all users in the Dropbox environment + - Limited Users – Click **Browse** and navigate to the path of the CSV file that contains the + email addresses of users to include in the scan. The CSV file should have one email address + per row. + +- File Permissions: + + - Collect File Level Permissions – Select the checkbox to collect permissions at the file level diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/selectdlpcriteria.md b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/selectdlpcriteria.md new file mode 100644 index 0000000000..af99630529 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/selectdlpcriteria.md @@ -0,0 +1,28 @@ +# DropboxAccess: Select DLP Criteria + +Use the Select DLP criteria for this scan page to configure criteria to use for discovering +sensitive data. This page requires the Sensitive Data Discovery Add-On to be been installed on the +Enterprise Auditor Console to define the criteria and enable the Criteria Editor. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +The Select DLP Criteria for this scan page is a wizard page for the Scan for Sensitive Content +category. + +![Dropbox Access Auditor Data Collector Wizard Select DLP criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/selectdlpcriteria.webp) + +Select the checkbox next to each criteria to be included in the search for sensitive data. You can +also use the **Select All** and **Clear All** buttons. + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + +**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System +Criteria and User Criteria nodes are visible in the table. + +Use the **Edit** button to access the Criteria Editor where user-defined criteria can be created or +customized. See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/standardtables.md b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/standardtables.md new file mode 100644 index 0000000000..621bbea064 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/standardtables.md @@ -0,0 +1,53 @@ +# Standard Reference Tables & Views for the DropboxAccess Data Collector + +The DropboxAccess Data Collector gathers essential user and group inventory information into +standard reference tables. Unlike most of the other Enterprise Auditor data collectors, the +DropboxAccess Data Collector writes data to these tables regardless of the job executing the query. + +## Dropbox Access Auditing Tables & Views + +These tables and their associated views are outlined below: + +| Table | Details | +| --------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | +| SA_Dropbox_DocumentMetadata | Contains one row per document collected and displays file details such as size and last time modified | +| SA_Dropbox_GroupMembers | Contains a unique row for each trustee per group and defines the access type of each member | +| SA_Dropbox_Groups | Contains all of the team-created groups and should have a unique row for each group | +| SA_Dropbox_Resources | Contains information about all audited resources, which can be files or folders. It should contain a unique row per resource. | +| SA_Dropbox_Rights | Contains all of the trustees who have access on shared folders and defines the access type | +| SA_Dropbox_SharedFolders | Contains all of the shared folders with corresponding OwnerID and access type along with the shared link policy | +| SA_Dropbox_TeamMembers | Contains one row per team member and displays information on members of any teams present | +| SA_Dropbox_Teams | Contains information on the teams within the Dropbox environment | +| SA_Dropbox_Trustees | Contains information about any trustee, group, or team that has been assigned permissions | + +Views are the recommended way for you to obtain the information gathered by the DropboxAccess Data +Collector. They contain additional information for building queries easily. The following is an +explanation of the corresponding views created for some of the tables generated by the DropboxAccess +Data Collector: + +| Views | Details | +| ------------------------------- | ------------------------------------------------------------------------------------------------ | +| SA_Dropbox_DocumentMetadataView | Displays the location and file details of all audited files | +| SA_Dropbox_GroupMembersView | Displays all of the team members, which groups they are members of, and access type on the group | +| SA_Dropbox_RightsView | Displays the rights applied to shared folders and the access type for the trustee | +| SA_Dropbox_SharedFoldersView | Displays shared folders, their owners, and whether the owner is a team member | + +## Dropbox Sensitive Data Discovery Auditing (SEEK) Tables & Views + +These tables and their associated views are outlined below: + +| Table | Details | +| -------------------- | ------------------------------------------------------------------------------------------------------------------------ | +| SA_Dropbox_Criteria | Contains the sensitive data criteria which are selected for collection by the scan engine (data collector configuration) | +| SA_Dropbox_Matches | Contains rolled up aggregate counts of the sensitive data criteria matches found during the scan | +| SA_Dropbox_MatchHits | Contains the actual sensitive data discovered within files which matched selected criteria | + +Views are the recommended way for you to obtain the information gathered by the DropboxAccess Data +Collector. They contain additional information for building queries easily. The following is an +explanation of the corresponding views created for some of the tables generated by the DropboxAccess +Data Collector: + +| Views | Details | +| ------------------------ | ------------------------------------------------------------------------------------------ | +| SA_Dropbox_MatchesView | Surfaces all relevant data about the files, its location, and the type of criteria found | +| SA_Dropbox_MatchHitsView | Surfaces all actual sensitive data discovered within files which matched selected criteria | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/eventlog.md b/docs/accessanalyzer/11.6/admin/datacollector/eventlog.md new file mode 100644 index 0000000000..1281662289 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/eventlog.md @@ -0,0 +1,97 @@ +# EventLog Data Collector + +The EventLog Data Collector provides search and extraction of details from event logs on target +systems. This data collector is a core component of Enterprise Auditor and is available with all +Enterprise Auditor licenses. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group +- Member of the Domain Administrators group (if targeting domain controllers) + +## EventLog Query Configuration + +The EventLog Data Collector is configured through the Event Log Browser window. + +![Event Log Browser window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/eventlogbrowser.webp) + +Sample + +In the Sample section, select from the following options: + +- From log + + - Host – Enter a sample host that contains a log with the type of events desired for the query. + Click **Connect** to generate a list of logs available for extraction. + - Log name – Select a log from the drop-down list. Events from the selected log are populated in + the table. + +- From file + + - Click the folder icon next to the File name box to open the Log sample browser window and + select a log, or manually enter the log path in the box + +- Show – Click to preview the elements in the event log file for log paths manually entered in the + File path box + + **NOTE:** A preview displays automatically if the folder icons is used to navigate to the log. + +- Lookup user name – Select this checkbox to resolve SID or GUID values to friendly display values + +Search Criteria + +In the Search Criteria section, add a search filter to the table by configuring the following +criteria: + +- Event Source – Select the event source from the drop-down list. Typically, select **Any Source**. +- Even Type – Select the event type from the drop-down list. Typically, select **Any Type**. +- Event ID – Enter the event ID for the type of event to search + +Once the information above has been entered, click **Add** to add the configured event to the query. +Add as many events as desired. + +- Latest event only – Select this checkbox to only search the latest event + +Click the **Add** button to add the search filters to the table. Click the **Remove** button to +remove search criteria from the filters. + +- Event Date/Time – Enter the last number of hours the event time must be in. A value of `0` can be + used to specify any time. +- Retrieve oldest event – Select this checkbox to retrieve the oldest event +- Retrieve latest event – Select this checkbox to retrieve the latest event + +Click **Apply Filter** to filter the list of sample events to the search criteria. + +Options + +In the Options section, select the desired processing options: + +- Process offline logs only – Select this checkbox to process only offline logs +- Process offline logs if required – Select this checkbox to process offline logs if needed +- Specify explicit path\mask for archives – Enabled if the **Process offline logs only** or + **Process offline logs if required** checkboxes are selected. Specify the path and name of the + archive. + +Available Properties + +In the Available Properties section, select which properties will be collected by the browser. + +- Add Icon – Add properties from those available in the list to add the properties to the search + + - The Description properties provide the ability to extract the bracketed pieces of information + found within the description and display each bracketed piece of information in its own column + +- Remove Icon – Use to remove properties from the search + +Once all options have been configured, click **OK** to save changes and exit the browser. Click +**Cancel** to exit without saving. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/category.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/category.md new file mode 100644 index 0000000000..69c2e1793d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/category.md @@ -0,0 +1,25 @@ +# EWSMailbox: Category + +The Category page identifies which type of EWSMailbox information is retrieved during the scan. + +![EWS Mailbox Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +Identify the EWS mailbox information type using the following options: + +- Mailbox contents + + - MailboxContent – Scan contents of mailboxes + +- Mailbox permissions + + - MailboxPermissions – Scan permissions of mailboxes + +- Sensitive Data + + - SDDScan – Scan mailboxes for sensitive data + +- Mailbox search + + - MailboxSearchMailboxes – Search for mailboxes containing messages + - MailboxSearchFolders – Search for folders containing messages + - MailboxSearchMessages – Search for messages diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.md new file mode 100644 index 0000000000..0bb8cd105c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.md @@ -0,0 +1,37 @@ +# EWSMailbox: Criteria + +The Select DLP criteria for this scan page is where to select the criteria to use for the sensitive +data scan are selected. It is a wizard page for the Sensitive Data category. + +This page requires the Sensitive Data Discovery Add-On to be been installed on the Enterprise +Auditor Console to define the criteria and enable the Criteria Editor. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +![EWS Mailbox Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +The options on the Criteria page are: + +- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings + from the **Settings** > **Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md) + topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for +- Select All - Click **Select All** to enable all sensitive data criteria for scanning +- Clear All - Click **Clear All** to remove all selections from the table +- Select the checkboxes next to the sensitive data criteria options to enable it to be scanned for + during job execution + +The table contains the following types of criteria: + +**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System +Criteria and User Criteria nodes are visible in the table. + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit + user-defined criteria. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.md new file mode 100644 index 0000000000..27dd43ecb9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.md @@ -0,0 +1,25 @@ +# EWSMailbox: Filter + +The Filter settings page provides options to filter folders and attachments. It is a wizard page for +the categories of: + +- Mailbox Contents +- Mailbox permissions +- Sensitive data + +![EWS Mailbox Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.webp) + +All folders and attachments are scanned by default. Scope the scan for specific folders and +attachments: + +- Include Folders – Type the folder paths to filter the scan to specific mailbox folders +- Include Attachments – Type the attachment file names to filter to specific attachments +- Exclude Folders – Type the folder paths to exclude mailbox folders from the scan +- Exclude Attachments – Type the file names for the attachments to exclude attachments from the scan + +Use `*` and `?` for matching wildcard and single characters. + +- Limit message size to [numerical value] – Select to limit message size and define the threshold + for maximum size of a message. The default value is 20000 KB. +- Limit attachments size to [numerical value] – Select to limit attachment size and define a + threshold for maximum size of an attachment returned in the scan. The default value is 20000 KB. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.md new file mode 100644 index 0000000000..2bea10717f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.md @@ -0,0 +1,11 @@ +# EWSMailbox FW: BodyOptions + +Use the BodyOptions page to select the size unit of messages. + +![Filter Wizard BodyOptions page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp) + +Select the desired message size unit: + +- KB +- MB +- GB diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/folderconditions.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/folderconditions.md new file mode 100644 index 0000000000..7e8ebbfc9d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/folderconditions.md @@ -0,0 +1,54 @@ +# EWSMailbox FW: Folder Conditions + +Use the Folder Conditions page to apply folder-related filter criteria to the search. + +![Filter Wizard Folder Conditions page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) + +Customize folder search conditions using the following options: + +- Select conditions – To add it to the search, select any of the following conditions: + + - with specific folder type + - with search terms in the folder name + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click **specific** in the Edit conditions box to open the Folder Type Window. See the + [Folder Type Window](#folder-type-window) topic for additional information. + - Click **search terms** to open the Search Terms Window. See the + [Search Terms Window](#search-terms-window) topic for additional information. + +## Folder Type Window + +Use the Folder Type window to determine folder types to search for. The Folder Type window opens if +**specific** is selected in the Edit Conditions box on the Folder Conditions page. + +![Folder Type window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) + +Select the checkbox next to any folder type to include it in the search filter. + +## Search Terms Window + +Use the Search Terms window to determine terms for the search. The Search Terms window opens if +**search terms** is selected in the Edit Conditions box. + +![Search Terms window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) + +Determine terms for the search using the following options: + +- Type the desired term into the upper text box and click **Add** to add the term to the lower text + box, which adds the term to the search +- Select a term in the lower text box, and click **Remove** to remove the term from the search +- Click **Clear** to clear all terms from the lower box +- Select the desired qualifier option: + + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing any one or + more of the search terms + +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageconditions.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageconditions.md new file mode 100644 index 0000000000..22dbe78093 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageconditions.md @@ -0,0 +1,116 @@ +# EWSMailbox FW: Message Conditions + +Use the Message Conditions page to apply filters to the message category part of the search. + +![Filter Wizard Message Conditions page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) + +Customize message search filter conditions using the following options: + +- Message category – Select a message category using the dropdown menu from the following: + + - Common + - Email + - Appointment + - Schedule + - Contact + - Task + - Journal + - Note + - Post + - RSS Feed + - Unified Messaging + +- Select conditions – To add it to the search, select any of the following conditions: + + **NOTE:** The conditions that are available in the Select Conditions box depends on the selected + **Message category**. + + - with specific message classes + - that is created in specific date + - with search terms in the subject + - with search terms in the body + - with search terms in the subject or body + - with search terms in the message header + - with search terms in the recipient’s address + - with search terms in the sender’s address + - that has an attachment + - that is received in specific date + - with specific Message ID + - that occurs in specific date + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click **specific** to open the MessageClasses Window. See the + [MessageClasses Window (Message Conditions)](#messageclasses-window-message-conditions) topic + for additional information. + - Click **in specific date** to open the Date Range Selection Window. See the + [Date Range Selection Window](#date-range-selection-window) topic for additional information. + - Click **search terms** to open the Search Terms Window. See the + [Search Terms Window (Message Conditions)](#search-terms-window-message-conditions) topic for + additional information. + - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice + versa + +## MessageClasses Window (Message Conditions) + +Use the MessageClasses window to alter criteria related to message class. The Message Classes window +opens if **specific** is clicked in the Edit Conditions box on the Message Conditions page. + +![MessagesClasses window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp) + +Determine MessageClass-related criteria using the following options: + +- To add a class, click **Add** +- Enter the desired Message Class in the corresponding textbox +- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy + and select the preferred option: + + - Exact Match + - Starts With + - Contains + +- To remove a message class, select it and click **Remove** +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms + +## Date Range Selection Window + +Use the Date Range Selection window to select a time period or range for the search. The Date Range +Selection window opens if **in specific date** is clicked in the Edit Conditions box on the Message +Conditions page. + +![Date Range Selection window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp) + +Determine the time period or range of the search using the following options: + +- Over [Number] [Time Period] ago +- Last [Number] [Time Period] +- Before [Date] +- After [Date] +- Between [Date] and [Date] + +## Search Terms Window (Message Conditions) + +Use the Search Terms window to determine terms for the search. The Search Terms window opens if +**search terms** is selected in the Edit Conditions box. + +![Search Terms window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) + +Determine terms for the search using the following options: + +- Type the desired term into the upper text box and click **Add** to add the term to the lower text + box, which adds the term to the search +- Select a term in the lower text box, and click **Remove** to remove the term from the search +- Click **Clear** to clear all terms from the lower box +- Select the desired qualifier option: + + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing any one or + more of the search terms + +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/savefilter.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/savefilter.md new file mode 100644 index 0000000000..3d6bb7fe28 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/savefilter.md @@ -0,0 +1,10 @@ +# EWSMailbox FW: Save Filter + +Use the Save Filter Page to name and describe the custom filter created in the wizard. + +![Filter Wizard Save Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp) + +Label the custom filter using the following options: + +- Enter a name for the filter in the Filter Name textbox +- Enter any desired description for the filter in the Description textbox diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchfilter.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchfilter.md new file mode 100644 index 0000000000..a815533333 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchfilter.md @@ -0,0 +1,65 @@ +# EWSMailbox FW: Search Filter + +Use the Search Filter page to choose a filter template for the search. + +![Filter Wizard Search Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/searchfilter.webp) + +Customize folder search conditions using the following options: + +- Select template – Select any of the following template options: + + - Blank + - All non-archived items over 90 days ago + - All calendar items that contains attachment that occurred over 90 days ago + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click either **IPM.Note** or **IPM.Appointment**, to open the MessageClasses Window with + IPM.Note or IPM.Appointment class populated, respectively. See the + [MessageClasses Window ](#messageclasses-window) topic for additional information. + - Click **over 90 Day ago** to open the Date Range Selection Window. See the + [Date Range Selection Window](#date-range-selection-window) topic for additional information. + - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice + versa + +## MessageClasses Window + +Use the MessageClasses window to alter criteria related to message class. The Message Classes window +opens if **Ipm.Note** or **Ipm.Appointment** is clicked in the Edit Conditions box on the Search +Filter page. + +![MessagesClasses window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp) + +Determine MessageClass-related criteria using the following options: + +- To add a class, click **Add** +- Enter the desired Message Class in the corresponding textbox +- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy + and select the preferred option: + + - Exact Match + - Starts With + - Contains + +- To remove a message class, select it and click **Remove** +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms + +## Date Range Selection Window + +Use the Date Range Selection window to select a time period or range for the search. The Date Range +Selection window opens if **over 90 Day ago** is clicked in the Edit Conditions box on the Search +Filter page. + +![Date Range Selection window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp) + +Determine the time period or range of the search using the following options: + +- Over [Number] [Time Period] ago +- Last [Number] [Time Period] +- Before [Date] +- After [Date] +- Between [Date] and [Date] diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/options.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/options.md new file mode 100644 index 0000000000..6010ef4641 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/options.md @@ -0,0 +1,27 @@ +# EWSMailbox: Options + +The Scan options page provides general scan options. It is a wizard page for all categories. + +![EWS Mailbox Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +Select the checkboxes to apply any desired scan options: + +- Ignore certificate errors – Ignores certificate errors when connecting to Exchange Web Services +- Match job host against autodiscovered host – Matches the name of the job host against the host + name returned from autodiscover + + **_RECOMMENDED:_** Use this option when scanning multiple Exchange environments with a single + job and the Connection Profile has multiple credentials in it. + +- Scan options + + - Scan archives – Scans for archived mailbox data + - Scan recoverable items – Scans for recoverable items + +- Authentication – Select an Authentication type from the drop down: + + - Negotiate + - Basic + - NTLM + - Kerberos + - Digest diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/overview.md new file mode 100644 index 0000000000..f75b1f59ed --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/overview.md @@ -0,0 +1,51 @@ +# EWSMailbox Data Collector + +The EWSMailbox Data Collector provides configuration options to scan mailbox contents, permissions, +and sensitive data, and is preconfigured within the Exchange Solution. Both this data collector and +the solution are available with a special Enterprise Auditor license. See the +[Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +topic for additional information. + +Protocols + +- HTTPS +- ADSI +- LDAP + +Ports + +- TCP 389 +- TCP 443 + +Permissions + +- Exchange Admin Role +- Discovery Management Role +- Application Impersonation Role +- Exchange Online License + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +## EWSMailbox Query Configuration + +The EWSMailbox Data Collector is configured through the Exchange Mailbox Data Collector Wizard, +which contains the following wizard pages: + +**NOTE:** The Category selected may alter the subsequent steps displayed by the wizard. + +- [EWSMailbox: Category](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/category.md) +- [EWSMailbox: Options](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/options.md) +- [EWSMailbox: Scope](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scope.md) +- [EWSMailbox: Scope Select](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scopeselect.md) +- [EWSMailbox: SDD Options](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.md) +- [EWSMailbox: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.md) +- [EWSMailbox: Filter](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.md) +- [EWSMailbox: Search Filter](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/searchfilter.md) +- [EWSMailbox: Results](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/results.md) +- [EWSMailbox: Summary](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/summary.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/results.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/results.md new file mode 100644 index 0000000000..9e7b5caab1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/results.md @@ -0,0 +1,16 @@ +# EWSMailbox: Results + +Use the Results page to select which properties are gathered out of those available for the +category. It is a wizard page for all of the categories. + +![EWS Mailbox Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Select criteria using the following options: + +- Select the checkbox of any property to include it in the summary. All selected properties will be + gathered. + + **NOTE:** Available properties vary based on the category selected. + +- Click **Select All** to select all properties +- Click **Clear All** to clear all selected properties diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scope.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scope.md new file mode 100644 index 0000000000..2152620a81 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scope.md @@ -0,0 +1,13 @@ +# EWSMailbox: Scope + +The Mailbox scope settings page is used to select which mailboxes are searched by the scan. It is a +wizard page for all categories. + +![EWS Mailbox Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +Select an option to specify which mailboxes are searched: + +- All mailboxes – Search all mailboxes +- Select mailboxes from list – Search only specific selected mailboxes. This option enables the + [EWSMailbox: Scope Select](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scopeselect.md) + page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scopeselect.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scopeselect.md new file mode 100644 index 0000000000..afd8153ea2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scopeselect.md @@ -0,0 +1,17 @@ +# EWSMailbox: Scope Select + +The Scope select page is used to select specific mailboxes to scan. It is a wizard page for all +categories when the **Select mailboxes from list** option is selected on the +[EWSMailbox: Scope](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scope.md) +page. + +![EWS Mailbox Data Collector Wizard Scope select page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scopeselect.webp) + +Use the following options to scope the scan to specific mailboxes: + +- Retrieve – Loads the list of mailboxes available for scanning in the Available box +- Add – Select mailboxes from the Available list and click to add them to the Selected box to be + scanned +- Select All – Selects all mailboxes in the list +- Deselect All – Deselects all selected mailboxes from the list +- Remove – Select mailboxes from the Selected box and click to remove them from the list diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.md new file mode 100644 index 0000000000..6a5a5761d0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.md @@ -0,0 +1,18 @@ +# EWSMailbox: SDD Options + +The Sensitive data scan options page is where options to be used for discovering sensitive data are +configured. It is a wizard page for the Sensitive Data category. + +The Sensitive Data Discovery Add-on is required to use the sensitive data collection option. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +![EWS Mailbox Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.webp) + +Select the applicable Sensitive data scan options: + +- Store discovered sensitive data – Stores discovered sensitive data in the database +- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria + for discovered sensitive data + + **NOTE:** This option is only available if **Store discovered sensitive data** is selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/searchfilter.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/searchfilter.md new file mode 100644 index 0000000000..521e6e148a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/searchfilter.md @@ -0,0 +1,18 @@ +# EWSMailbox: Search Filter + +The Search filter settings page applies a filter used to search mailboxes in the environment. It is +a wizard page for the Mailbox Search categories. + +![EWS Mailbox Data Collector Wizard Search filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/searchfilter.webp) + +Click **Add Filter** to open the Filter Wizard. + +## EWSMailbox Filter Wizard (FW) + +The Filter Wizard manages properties of the search filter. The Filter Wizard pages are: + +- [EWSMailbox FW: Search Filter](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchfilter.md) +- [EWSMailbox FW: Folder Conditions](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/folderconditions.md) +- [EWSMailbox FW: Message Conditions](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageconditions.md) +- [EWSMailbox FW: BodyOptions](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.md) +- [EWSMailbox FW: Save Filter](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/savefilter.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/summary.md new file mode 100644 index 0000000000..9d4ce6fecc --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/summary.md @@ -0,0 +1,9 @@ +# EWSMailbox: Summary + +The Summary page displays a summary of the configured query. It wizard page for all categories. + +![EWS Mailbox Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the EWS Mailbox Data Collector Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/category.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/category.md new file mode 100644 index 0000000000..766a258ccf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/category.md @@ -0,0 +1,24 @@ +# EWSPublicFolder: Category + +The Category page contains the following Exchange Web Service categories to search: + +![EWS Public Folder Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +Select which type of EWS public folder information to retrieve from the following: + +- Public Folder contents + + - PublicFolderContent – Scan contents of public folders + +- Public Folder permissions + + - PublicFolderPermissions – Scan permissions of public folders + +- Sensitive Data + + - SDDScan – Scan public folders for sensitive data + +- Public folder search + + - PublicFolderSearchFolders – Search for folders containing messages + - PublicFolderSearchMessages – Search for messages diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/critieria.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/critieria.md new file mode 100644 index 0000000000..b752a321ee --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/critieria.md @@ -0,0 +1,37 @@ +# EWSPublicFolder: Critieria + +Use the Select DLP criteria for this scan page to select criteria for the sensitive data scan. It is +a wizard page for the Sensitive Data category. + +The Sensitive Data Discovery Add-on is required to use the sensitive data collection option and +enable the Criteria Editor. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +for additional information. + +![EWS Public Folder Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +The options on the Criteria page are: + +- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings + from the **Settings** > **Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md) + topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for +- Select All - Click **Select All** to enable all sensitive data criteria for scanning +- Clear All - Click **Clear All** to remove all selections from the table +- Select the checkboxes next to the sensitive data criteria options to enable it to be scanned for + during job execution + +The table contains the following types of criteria: + +**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System +Criteria and User Criteria nodes are visible in the table. + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit + user-defined criteria. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filter.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filter.md new file mode 100644 index 0000000000..490676a99f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filter.md @@ -0,0 +1,42 @@ +# EWSPublicFolder: Filter + +The Filter settings page provides options to filter folders and attachments. It is a wizard page for +the categories of: + +- Public Folder contents +- Public Folder permissions +- Sensitive Data + +![EWS Public Folder Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.webp) + +All folders and attachments are scanned by default. Scope the scan for specific folders and +attachments: + +- Include Folders – Type the folder paths to filter the scan to specific mailbox folders +- Include Attachments – Type the attachment file names to filter to specific attachments +- Exclude Folders – Type the folder paths to exclude mailbox folders from the scan +- Exclude Attachments – Type the file names for the attachments to exclude attachments from the scan + +Use `*` and `?` for matching wildcard and single characters. + +- Limit message size to [numerical value] – Select to limit message size and define the threshold + for maximum size of a message. The default value is 20000 KB. +- Limit attachments size to [numerical value] – Select to limit attachment size and define a + threshold for maximum size of an attachment returned in the scan. The default value is 20000 KB. + +Public folders can also be included or excluded from the scan by retrieving a list of public folders +and selecting the desired folders. + +Follow the steps to filter the scan by selecting public folders from a list. + +![Choose folder to include window on Filter settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterpublicfolders.webp) + +**Step 1 –** Click the **+** button to the right of the Include Folders or Exclude Folders box to +open the Choose folders to include or Choose folders to exclude window. + +**Step 2 –** Click **Retrieve** to load the list of public folders that can be selected. + +**Step 3 –** Select the desired public folders and click **Add** to add the folders to the Include +Folders or Exclude Folders list. + +After the configuration changes are saved, scans are filtered by the selected public folders. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/bodyoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/bodyoptions.md new file mode 100644 index 0000000000..9405edeaa6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/bodyoptions.md @@ -0,0 +1,11 @@ +# EWSPublicFolder FW: BodyOptions + +The BodyOptions page is where the size of messages is selected. + +![Filter Wizard BodyOptions page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp) + +Select the desired message size unit: + +- KB +- MB +- GB diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/folderconditions.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/folderconditions.md new file mode 100644 index 0000000000..a9b106717a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/folderconditions.md @@ -0,0 +1,54 @@ +# EWSPublicFolder FW: Folder Conditions + +The Folder Conditions page is where folder-related filter criteria can be applied to the search. + +![Filter Wizard Folder Conditions page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) + +Customize folder search conditions using the following options: + +- Select conditions – To add it to the search, select any of the following conditions: + + - with specific folder type + - with search terms in the folder name + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click **specific** in the Edit conditions box to open the Folder Type Window. See the + [Folder Type Window](#folder-type-window)topic for additional information + - Click **search terms** to open the Search Terms Window. See the + [Search Terms Window](#search-terms-window) topic for additional information + +## Folder Type Window + +Use the Folder Type window to determine folder types to search for. The Folder Type window opens if +**specific** is selected in the Edit Conditions box on the Folder Conditions page. + +![Folder Type window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) + +Select the checkbox next to any folder type to include it in the search filter. + +## Search Terms Window + +Use the Search Terms window to determine terms for the search. The Search Terms window opens if +**search terms** is selected in the Edit Conditions box. + +![Search Terms window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) + +Determine terms for the search using the following options: + +- Type the desired term into the upper text box and click **Add** to add the term to the lower text + box, which adds the term to the search +- Select a term in the lower text box, and click **Remove** to remove the term from the search +- Click **Clear** to clear all terms from the lower box +- Select the desired qualifier option: + + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing any one or + more of the search terms + +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/messageconditions.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/messageconditions.md new file mode 100644 index 0000000000..3a8213ad5d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/messageconditions.md @@ -0,0 +1,114 @@ +# EWSPublicFolder FW: Message Conditions + +Use the Message Conditions page to apply filters to the message category part of the search. + +![Filter Wizard Message Conditions page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) + +Customize message search filter conditions using the following options: + +- Message category – Select a message category using the dropdown menu from the following: + + - Common + - Email + - Appointment + - Schedule + - Contact + - Task + - Journal + - Note + - Post + - RSS Feed + - Unified Messaging + +- Select conditions – To add it to the search, select any of the following conditions: + + **NOTE:** The conditions that are available in the Select Conditions box depends on the selected + **Message category**. + + - with specific message classes + - that is created in specific date + - with search terms in the subject + - with search terms in the body + - with search terms in the subject or body + - with search terms in the message header + - with search terms in the recipient’s address + - with search terms in the sender’s address + - that has an attachment + - that is received in specific date + - with specific Message ID + - that occurs in specific date + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click **specific** to open the MessageClasses Window. See the + [MessageClasses Window](#messageclasses-window) topic for additional information. + - Click **in specific date** to open the Date Range Selection Window. See the + [Date Range Selection Window](#date-range-selection-window) topic for additional information. + - Click **search terms** to open the Search Terms Window. See the + [Search Terms Window](#search-terms-window) topic for additional information. + - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice + versa + +## MessageClasses Window + +Use the MessageClasses window to alter criteria related to message class. The Message Classes window +opens if **specific** is clicked in the Edit Conditions box on the Message Conditions page. + +![MessagesClasses window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp) + +Determine MessageClass-related criteria using the following options: + +- To add a class, click **Add** +- Enter the desired Message Class in the corresponding textbox +- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy + and select the preferred option: + + - Exact Match + - Starts With + - Contains + +- To remove a message class, select it and click **Remove** +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms + +## Date Range Selection Window + +Use the Date Range Selection window to select a time period or range for the search. The Date Range +Selection window opens if **in specific date** is clicked in the Edit Conditions box on the Message +Conditions page. + +![Date Range Selection window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp) + +Determine the time period or range of the search using the following options: + +- Over [Number] [Time Period] ago +- Last [Number] [Time Period] +- Before [Date] +- After [Date] +- Between [Date] and [Date] + +## Search Terms Window + +Use the Search Terms window to determine terms for the search. The Search Terms window opens if +**search terms** is selected in the Edit Conditions box. + +![Search Terms window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) + +Determine terms for the search using the following options: + +- Type the desired term into the upper text box and click **Add** to add the term to the lower text + box, which adds the term to the search +- Select a term in the lower text box, and click **Remove** to remove the term from the search +- Click **Clear** to clear all terms from the lower box +- Select the desired qualifier option: + + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing any one or + more of the search terms + +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/savefilter.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/savefilter.md new file mode 100644 index 0000000000..907af49091 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/savefilter.md @@ -0,0 +1,10 @@ +# EWSPublicFolder FW: Save Filter + +Use the Save Filter Page to name and describe the custom filter created in the wizard. + +![Filter Wizard Save Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp) + +Label the custom filter using the following options: + +- Enter a name for the filter in the Filter Name textbox +- Enter any desired description for the filter in the Description textbox diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/searchfilter.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/searchfilter.md new file mode 100644 index 0000000000..fce608caaf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/searchfilter.md @@ -0,0 +1,65 @@ +# EWSPublicFolder FW: Search Filter + +Use the Search Filter page to choose a filter template for the search. + +![Filter Wizard Search Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/searchfilter.webp) + +Customize folder search conditions using the following options: + +- Select template – Select any of the following template options: + + - Blank + - All non-archived items over 90 days ago + - All calendar items that contains attachment that occurred over 90 days ago + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click either **IPM.Note** or **IPM.Appointment**, to open the MessageClasses Window with + IPM.Note or IPM.Appointment class populated, respectively. See the + [MessageClasses Window](#messageclasses-window) topic for additional information. + - Click **over 90 Day ago** to open the Date Range Selection Window. See the + [Date Range Selection Window](#date-range-selection-window) + - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice + versa + +## MessageClasses Window + +Use the MessageClasses window to alter criteria related to message class. The Message Classes window +opens if **Ipm.Note** or **Ipm.Appointment** is clicked in the Edit Conditions box on the Search +Filter page. + +![MessagesClasses window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp) + +Determine MessageClass-related criteria using the following options: + +- To add a class, click **Add** +- Enter the desired Message Class in the corresponding textbox +- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy + and select the preferred option: + + - Exact Match + - Starts With + - Contains + +- To remove a message class, select it and click **Remove** +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms + +## Date Range Selection Window + +Use the Date Range Selection window to select a time period or range for the search. The Date Range +Selection window opens if **over 90 Day ago** is clicked in the Edit Conditions box on the Search +Filter page. + +![Date Range Selection window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp) + +Determine the time period or range of the search using the following options: + +- Over [Number] [Time Period] ago +- Last [Number] [Time Period] +- Before [Date] +- After [Date] +- Between [Date] and [Date] diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/options.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/options.md new file mode 100644 index 0000000000..cbf2d302e3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/options.md @@ -0,0 +1,22 @@ +# EWSPublicFolder: Options + +The Scan options page provides general scan options. It is a wizard page for all of the categories. + +![options](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +Select any desired scan options: + +- Ignore certificate errors – Ignores certificate errors when connecting to Exchange Web Services +- Match job host against autodiscovered host – Matches the name of the job host against the host + name returned from autodiscover + + **_RECOMMENDED:_** Use this option when scanning multiple Exchange environments with a single + job and the Connection Profile has multiple credentials in it. + +- Authentication – Select an Authentication type from the drop down: + + - Negotiate + - Basic + - NTLM + - Kerberos + - Digest diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/overview.md new file mode 100644 index 0000000000..c76106df46 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/overview.md @@ -0,0 +1,49 @@ +# EWSPublicFolder Data Collector + +The EWSPublicFolder Data Collector provides configuration options to extract public folder contents, +permissions, and sensitive data, and is preconfigured within the Exchange Solution. Both this data +collector and the solution are available with a special Enterprise Auditor license. See the +[Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +topic for additional information. + +Protocols + +- HTTPS +- ADSI +- LDAP + +Ports + +- TCP 389 +- TCP 443 + +Permissions + +- Exchange Admin Role +- Discovery Management Role +- Application Impersonation Role +- Exchange Online License with a mailbox + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +## EWSPublicFolder Query Configuration + +The EWSPublicFolder Data Collector is configured through the Exchange Public Folder Data Collector +Wizard. The wizard contains the following pages: + +**NOTE:** The Category selected may alter the subsequent steps displayed by the wizard. + +- [EWSPublicFolder: Category](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/category.md) +- [EWSPublicFolder: Options](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/options.md) +- [EWSPublicFolder: SDD Options](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/sddoptions.md) +- [EWSPublicFolder: Critieria](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/critieria.md) +- [EWSPublicFolder: Filter](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filter.md) +- [EWSPublicFolder: Search Filter](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/searchfilter.md) +- [EWSPublicFolder: Results](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/results.md) +- [EWSPublicFolder: Summary](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/summary.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/results.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/results.md new file mode 100644 index 0000000000..0f2578b29f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/results.md @@ -0,0 +1,16 @@ +# EWSPublicFolder: Results + +The Results page is used to select which properties will be gathered out of those available for the +category. It is a wizard page for all of the categories. + +![EWS Public Folder Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Select criteria using the following options: + +- Select the checkbox of any property to include it in the summary. All selected properties will be + gathered. + + **NOTE:** Available properties vary based on the category selected. + +- Click **Select All** to select all properties +- Click **Clear All** to clear all selected properties diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/sddoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/sddoptions.md new file mode 100644 index 0000000000..e98a69d3b2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/sddoptions.md @@ -0,0 +1,18 @@ +# EWSPublicFolder: SDD Options + +Use the Sensitive data scan options page to configure options to for discovering sensitive data. It +is a wizard page for the Sensitive Data category. + +The Sensitive Data Discovery Add-on is required to use the sensitive data collection option. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +![EWS Public Folder Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.webp) + +Select the applicable Sensitive data scan options: + +- Store discovered sensitive data – Stores discovered sensitive data in the database +- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria + for discovered sensitive data + + **NOTE:** This option is only available if **Store discovered sensitive data** is selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/searchfilter.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/searchfilter.md new file mode 100644 index 0000000000..7f24bd4cd1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/searchfilter.md @@ -0,0 +1,20 @@ +# EWSPublicFolder: Search Filter + +The Search filter settings page applies a filter used to search mailboxes in the environment. It is +a wizard page for the category of: + +- PublicFolder search + +![EWS Public Folder Data Collector Wizard Search Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/searchfilter.webp) + +Click **Add Filter** to open the Filter Wizard + +## EWSPublicFolder Filter Wizard (FW) + +The Filter Wizard manages properties of the search filter. The Filter Wizard pages are: + +- [EWSPublicFolder FW: Search Filter](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/searchfilter.md) +- [EWSPublicFolder FW: Folder Conditions](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/folderconditions.md) +- [EWSPublicFolder FW: Message Conditions](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/messageconditions.md) +- [EWSPublicFolder FW: BodyOptions](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/bodyoptions.md) +- [EWSPublicFolder FW: Save Filter](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterwizard/savefilter.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/summary.md new file mode 100644 index 0000000000..b7fc6b5674 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/summary.md @@ -0,0 +1,9 @@ +# EWSPublicFolder: Summary + +The Summary page displays a summary of the configured query. It wizard page for all categories. + +![EWS Public Folder Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the EWS Public Folder Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/category.md b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/category.md new file mode 100644 index 0000000000..d0241e34c5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/category.md @@ -0,0 +1,104 @@ +# Exchange2K: Category + +The Exchange2K Data Collector contains the following query categories, sub-divided by auditing +focus: + +![Exchange 2K+ Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +- Exchange Organization + + - Organization – Exchange organization properties + - Administrative Groups + - Exchange Servers + - Storage Groups + - Exchange 2007/2010 Users – User properties from PowerShell commands + - Users – Mail-enabled and mailbox-enabled user + - Groups – Mail-enabled groups + - Contacts + - QBDGs – Query-Based Distribution Groups + +- Exchange Server Configuration + + - Recipient Update Services + - Message Delivery – System-wide message settings + - Instant Messaging – Instant messaging settings + - Exchange Mailbox Store Logons – The users currently logged on to Microsoft Exchange 2007 and + 2010 + +- Exchange 2007/2010 Hub Transport Configuration + + - Accepted Domains + - Remote Domains + - Transport Rules + - Journaling + +- Exchange 2007 CCR/SCR + + - Server Status + - CCR Storage Group Status + - SCR Storage Group Status + - Replication Health + +- Exchange 2007/2010 Unified Messaging + + - Dial plans + - IP gateways + - Mailbox policies + - Auto attendants + +- Exchange 2010 DAG + + - Exchange 2010 Mailbox Database Copy Status + - Exchange 2010 Data Availability Group + - Replication Health + +- Connectors + + - SMTP Connectors + - Exchange 2007/2010 Receive Connectors + - Exchange 2007/2010 Send Connectors + - Routing Group Connectors + - TCPX 400 Connectors + - X25X 400 Connectors + +- Protocols + + - HTTP Virtual Servers + - IMAP4 Virtual Servers + - NNTP Virtual Servers + - POP3 Virtual Servers + - SMTP Virtual Servers + - X400 Protocol + - Exchange 2007/2010 IMAP4 protocol + - Exchange 2007/2010 POP3 protocol + - Exchange 2007/2010 ActiveSync Protocols + +- Queues + + - Exchange Queues + - Exchange 2007/2010 Queries + +- Policies + + - Recipient Policies + - Exchange Server Policies + - Exchange 2007/2010 Email Policies + - Mailbox Store Policies + - Public Store Policies + - Exchange 2007/2010 ActiveSync Mailbox Policies + - Exchange 2010 Throttling Policies + +- Address Lists + + - Address Lists + - Global Address Lists + - Offline Address Lists + +- Internet Message Formats +- Mailbox Stores +- Public Stores +- Public Folders +- Anti-Virus Software +- OrphanedMailboxes +- OrphanedPublicFolders +- Exchange 2007/2010 ActiveSync Mobile Devices diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/mapisettings.md b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/mapisettings.md new file mode 100644 index 0000000000..05c4566a19 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/mapisettings.md @@ -0,0 +1,31 @@ +# Exchange2K: MAPI Settings + +The MAPI Settings page is used to enter configurations to connect to target Exchange servers. By +default, Enterprise Auditor connects to Exchange using System Attendant. For Exchange 2010 and 2013, +a mailbox and a client access server need to be entered in order to make a MAPI connection. These +settings only need to be configured if not configured at the Global Settings level. It is a wizard +page for the categories of: + +- Exchange Organization > Users +- Mailbox Stores +- Public Folders +- OrphanedMailboxes +- OrphanedPublicFolders + +![Exchange 2K+ Data Collector Wizard MAPI Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/mapisettings.webp) + +Configure the Connection Setting by selecting from the following: + +- Use Global settings: +- System Attendant (2003 & 2007) +- Use the mailbox associated with the Windows account that Enterprise Auditor is run with +- Exchange Mailbox (2010 and newer) +- Client Access Server + +Enter a server to Test Connection Setting: + +- Exchange Server – Enter the Exchange Mailbox Server to use to test the connection setting to make + sure that there is access to the server entered +- Test connection setting – Click to test the connection to the Exchange server + +The box at the bottom of the page displays information regarding the test connection in progress. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/options.md b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/options.md new file mode 100644 index 0000000000..a767d89948 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/options.md @@ -0,0 +1,32 @@ +# Exchange2K: Options + +The Options page provides additional configuration options for the query. Available options vary +depending on the category selected. It is a wizard page for all of the categories. + +![Exchange 2K+ Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +Configure the Options step using the following options: + +- How to format collected – Select how the table will be formatted according to the return data + + - Return data as collected + - Return each value of the following property in a separate row – Enabled for specific + properties selected on the Results page + - Return data in a separate row for each property set in the following group – Enabled for + specific properties selected on the Results page + +- How to return multi-valued properties – Select how the table will be formatted when the return + data contains multi-valued properties + + - Concatenated – Return the data in a continuous string without gaps + + - Delimiter – Enter the desired delimiter to be used between values + + - First-value only – Only display the first value + +- Message size units – Available for the Exchange Organization > Users, Mailbox Stores, and Public + Stores categories. Choose between: + + - KB + - MB + - GB diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/overview.md new file mode 100644 index 0000000000..5d0b751af5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/overview.md @@ -0,0 +1,51 @@ +# Exchange2K Data Collector + +The Exchange2K Data Collector extracts configuration details from Exchange organizations for +versions 2003 and later. This is a MAPI-based data collector which requires the **Settings** > +**Exchange** node to be enabled and configured. See the +[Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) +topic for additional information. + +The Exchange2K Data Collector has been preconfigured within the Exchange Solution. Both this data +collector and the solution are available with a special Enterprise Auditor license. See the +[Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +topic for additional information. + +Protocols + +- LDAP +- MAPI +- PowerShell +- RPC +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports +- TCP 389 +- Optional TCP 445 + +Permissions + +- Member of the Exchange Administrator group +- Domain Admin for AD property collection +- Public Folder Management + +## Exchange2K Query Configuration + +The Exchange2K Data Collector is configured through the Exchange 2K+ Data Collector Wizard, which +contains the following wizard pages: + +- Welcome +- [Exchange2K: Category](/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/category.md) +- [Exchange2K: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/scope.md) +- [Exchange2K: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/results.md) +- [Exchange2K: MAPI Settings](/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/mapisettings.md) +- [Exchange2K: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/options.md) +- [Exchange2K: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/summary.md) + +![Exchange 2K+ Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not show this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/results.md b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/results.md new file mode 100644 index 0000000000..a36329b33c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/results.md @@ -0,0 +1,11 @@ +# Exchange2K: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for +all. + +![Exchange 2K+ Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or the **Check All**, **Uncheck All**, or **Reset Defaults** +buttons can be used. All Selected properties will be gathered. Click **Expand All** to expand all +properties, or **Collapse All** to collapse all properties. Available properties vary based on the +category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/scope.md b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/scope.md new file mode 100644 index 0000000000..63bde133cc --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/scope.md @@ -0,0 +1,19 @@ +# Exchange2K: Scope + +The Scope page is used to define where to search. It is a wizard page for the categories of: + +- Exchange Organization > Users +- Exchange Organization > Groups +- Exchange Organization > Contacts +- Exchange Organization > QBDGs + +![Exchange 2K+ Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +Select where to connect for the search and click **Connect** to add the domain or server: + +- Default domain – Select this option to search the default domain +- This domain or server – Click the ellipsis to open the Browse for Domain window and select a + domain or server. + +Click **Add** to add the OUs highlighted in the top box to the scope. Click **Remove** to remove the +selected OU. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/summary.md new file mode 100644 index 0000000000..7f3b09c218 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/summary.md @@ -0,0 +1,10 @@ +# Exchange2K: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all of the +categories. + +![Exchange 2K+ Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Exchange 2K+ Data Collector Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/category.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/category.md new file mode 100644 index 0000000000..503c91c568 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/category.md @@ -0,0 +1,17 @@ +# ExchangeMailbox: Category + +The Exchange Mailbox Data Collector contains the following Exchange Mailbox categories for +searching: + +![Exchange Mailbox Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The Category page contains a list of objects the query searches for: + +- Mailboxes +- Mailbox contents +- Mailbox permissions +- Mailbox sensitive data discovery +- Mailbox search – Enables the Return data options: + + - Per mailbox + - Per folder diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/options.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/options.md new file mode 100644 index 0000000000..9ce14b70ff --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/options.md @@ -0,0 +1,44 @@ +# ExchangeMailbox: Options + +The Options page provides different configuration options for the search. It is a wizard page for +the following categories: + +- Mailboxes +- Mailbox contents +- Mailbox permissions +- Mailbox sensitive data discovery + +![Exchange Mailbox Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +The following options can be configured: + +**NOTE:** Options available vary based upon the category selected. + +- Message size units: + + - KB + - MB + +- Folders + + - All Folders – Select to include all folders in the query. When deselected, the other options + of the category become available. + - Include root folder – Include root folders of the selected folders in the query + + - - – Enter the name of a folder to include and click **+** to add it to the list of + included folders + - - – Select a folder from the list of included folders ad click **–** to remove it + + - Include subfolders in message counters – Include messages contained in subfolders of the + selected folders in the message count + +- Attachment Types + + - Count attachment types – Counts attachment types as part of the query. When selected, this + enables the following options: + + - Add New – Adds another line to the list of attachment types which is manually edited + - Load Defaults – Reverts the list to default attachment types + - Remove – Remove selected attachment type from the list + +- Large Attachment Threshold (KB) – Default is 500 diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/overview.md new file mode 100644 index 0000000000..09fd7f6c18 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/overview.md @@ -0,0 +1,81 @@ +# ExchangeMailbox Data Collector + +The ExchangeMailbox Data Collector extracts configuration details from the Exchange Store to provide +statistical, content, permission, and sensitive data reporting on mailboxes. This is a MAPI-based +data collector which requires the **Settings** > **Exchange** node to be enabled and configured. See +the [Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) +topic for additional information. + +The ExchangeMailbox Data Collector is available with a special Enterprise Auditor license. See the +[Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +topic for additional information. + +Protocols + +- MAPI +- RPC + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Exchange Administrator group +- Organization Management +- Discovery Management + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +## ExchangeMailbox Query Configuration + +The ExchangeMailbox Data Collector is configured through the Exchange Mailbox Data Collector Wizard, +which contains the following wizard pages: + +- Welcome +- [ExchangeMailbox: Category](/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/category.md) +- [ExchangeMailbox: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scope.md) +- [ExchangeMailbox: Properties](/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/properties.md) +- [ExchangeMailbox: SDD Criteria](/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/sddcriteria.md) +- [ExchangeMailbox: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/options.md) +- [ExchangeMailbox: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/summary.md) + +The query requires special permissions to connect to target Exchange servers. Assign these +permissions on the Welcome page. + +![Exchange Mailbox Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +Connection Setting + +Select one of the following options for the connection setting: + +- Use Global setting – The configured Global Setting is displayed next to this checkbox. Select the + checkbox to use the global setting. +- System Attendant (2003 & 2007) – Enabled when the **Use Global Setting** checkbox is not selected. + Select this option to use System Attendant (2003 & 2007) for the connection. +- Use the mailbox associated with the Windows account that Enterprise Auditor is run with – Enabled + when the **Use Global Setting** checkbox is not selected. Select this option to use the mailbox + associated with the Windows account that Enterprise Auditor is run with for the connection. +- Exchange Mailbox (2010 and newer) – Enabled when the **Use Global Setting** checkbox is not + selected. Select this option to use an Exchange Mailbox (2010 and newer) for the connection. The + Client Access Server must be entered unless specified in the Global Settings. + + - Client Access Server – A private store server is needed if the Exchange server only has public + stores + +Test Connection Setting + +Enter a server to test the connection string: + +- Exchange Server – Enter the Exchange Mailbox Server to use to test the connection setting to make + sure that there is access to the server entered +- Test – Click **Test** to test the connection to the Exchange server + +The box at the bottom of the page displays information regarding the test connection in progress. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/properties.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/properties.md new file mode 100644 index 0000000000..890eac04f6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/properties.md @@ -0,0 +1,16 @@ +# ExchangeMailbox: Properties + +The Properties page is where properties that will be gathered are selected. The available properties +depend on the category selected. It is a wizard page for all of the categories. + +![Exchange Mailbox Data Collector Wizard Properties page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/properties.webp) + +Properties can be selected individually or you can use the Select All, Clear All, and Reset All +buttons. All selected properties will be gathered. Click **Message Classes** to open the Message +classes filters window. + +![Message classes filters window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp) + +The wildcard (`*`) returns all message class filters. Enter the name of the class filter and click +**Add** to add it to the list. **Delete** will remove the selected class filter from the list. The +**Load defaults** option will restore the class filter default settings. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scope.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scope.md new file mode 100644 index 0000000000..9769bcbcb0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scope.md @@ -0,0 +1,34 @@ +# ExchangeMailbox: Scope + +The Scope page is used to define which mailboxes are to be queried. It is a wizard page for all of +the categories. + +![Exchange Mailbox Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +At the top, configure the mailboxes to be queried. The selected option changes how the mailboxes are +identified for scoping. + +- All mailboxes – Searches all mailboxes +- Selected mailboxes from server – Retrieves all mailboxes in the Exchange organization, making them + visible within the **Available mailboxes on connected server** list. The following options + display: + + ![Scope page with Selected mailboxes from server selected](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp) + + - Retrieve – Enter the server and select Retrieve to display the list of mailboxes on that + server + - Add – Select the desired mailboxes to add to the query. The added mailboxes display in the + **Selected mailboxes** list. + - Remove – Deletes selected mailboxes from the list + - Select All – Click the Select All icon to select all mailboxes in the list + - Clear All – Click the Clear All icon to clear all current selections in the list + +- Selected table – Populates the **Available tables** list with tables from the Enterprise Auditor + database + + ![Scope page with Selected table selected](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp) + + - Table – Filters this list by tables. Select the table which hosts the list of mailboxes for + which this query will be scoped. + - Field containing EmailAddressDNs – This list will be populated with columns from the selected + table. Select the appropriate column from the list. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/sddcriteria.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/sddcriteria.md new file mode 100644 index 0000000000..4f1b51e50c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/sddcriteria.md @@ -0,0 +1,33 @@ +# ExchangeMailbox: SDD Criteria + +The SDD Criteria page is where criteria to be used for discovering sensitive data are configured. It +is a wizard page for the Mailbox sensitive data discovery category. This page requires the Sensitive +Data Discovery Add-On to be been installed on the Enterprise Auditor Console to define the criteria +and enable the Criteria Editor. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +![Exchange Mailbox Data Collector Wizard SDD Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sddcriteria.webp) + +Select the checkbox for the criteria to be used to search for sensitive data. Criteria can also be +selected using the **Select All** and **Select None** buttons. + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + **NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the + System Criteria and User Criteria nodes will be visible in the table. + +- Edit – Click this button to access the Criteria Editor where user-defined criteria can be created + or customized. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. +- Store discovered sensitive data – Stores the potentially sensitive data that matches the selected + criteria in the Enterprise Auditor database. Select this checkbox to store a copy of the criteria + match data. This copy can be used to check for false positives, data that matches the selected + criteria but is not actually sensitive. +- Limit stored matches per criteria to [number] – Identifies the number of potentially sensitive + data matches that are copied to the database. The default is 5 matches. This option is only + available if the **Store discovered sensitive data** option is selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/summary.md new file mode 100644 index 0000000000..ff9b39a299 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/summary.md @@ -0,0 +1,9 @@ +# ExchangeMailbox: Summary + +The Summary page displays a summary of the configured query. It wizard page for all categories. + +![Exchange Mailbox Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Exchange Mailbox Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/category.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/category.md new file mode 100644 index 0000000000..8ff582d700 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/category.md @@ -0,0 +1,35 @@ +# ExchangeMetrics: Category + +The Category page is used to identify the type of Exchange Metrics information to retrieve. + +![Exchange Metrics Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The ExchangeMetrics Data Collector contains the following query categories: + +- Exchange Metrics Queries + + - Server Volume – Summary metrics by server for all messages sent and received inside and + outside of the Exchange organization + - Internal Traffic Summary – Summary metrics by server for all messages sent and received inside + of the Exchange organization + - Internet Traffic Summary – Summary metrics by external domain for messages sent and received + outside of the Exchange organization + - Delivery Time – Summary metrics by server for all messages delivered within specified delivery + time window + - Delivery Time Custom – Summary metrics by server for all messages delivered within delivery + time windows + - User Statistics – Summary metrics by user for all messages sent and received by each user + - DL Statistics – Summary metrics by distribution list (DL) for all messages received by each DL + - Hour Statistics – Summary metrics by server for all messages delivered within specified hour + slot + - Message Size Statistics – Summary metrics by server for all messages of specified sizes + - Message Size Statistics Custom – Summary metrics by serer for message size windows + - User’s Message Activity – Message activity per user + - User’s Message Activity Per Hour – Message activity per user per hour + +- Exchange Metrics Applet Maintenance + + - Deploy or Change Applet Settings – Deploys a data collector applet to an Exchange Server, or + update its settings + - Check Applet State – Information about a deployed data collector applet + - Remove Applet Settings – Removes a deployed data collector applet from an Exchange Server diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/collectmode.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/collectmode.md new file mode 100644 index 0000000000..c74aea6486 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/collectmode.md @@ -0,0 +1,31 @@ +# ExchangeMetrics: Collect Mode + +The Collect Mode page is where to set the collection mode. It is a wizard page for the categories +of: + +- Server Volume +- Internal Traffic Summary +- Internet Traffic Summary +- Delivery Time +- Delivery Time Custom +- User Statistics +- DL Statistics +- Hour Statistics +- Message Size Statistics +- Message Size Statistics Custom +- User’s Message Activity +- User’s Message Activity Per Hour + +![Exchange Metrics Data Collector Wizard Collect Mode page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/collectmode.webp) + +There are two types of collection modes: + +- Query Summary Data Only – In this mode, the applet gathers only existing summary data and returns + it to the Enterprise Auditor Console. In order to process Exchange tracking log files, another + instance of the applet must be configured. +- Process Exchange Tracking Logs and Query Summary Data – In this mode, the applet processes missing + summary data and returns it to the Enterprise Auditor Console. This mode includes an additional + setting for **Summary data path**. Choose between: + + - Default location + - Specific location – Specify the folder location diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messageactivityfilter.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messageactivityfilter.md new file mode 100644 index 0000000000..58849fa726 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messageactivityfilter.md @@ -0,0 +1,30 @@ +# ExchangeMetrics: Message Activity Filter + +The Message Activity Filter page configures which domains the data collector should return mail flow +from specific senders and to specific recipients. For example, if `@netwrix.com` is entered in the +Senders list and `@netwrix.com` in the Recipients list, message activity will be returned only for +mail sent to and received from an `@netwrix.com` address. It is a wizard page for the categories of: + +- User’s Message Activity +- User’s Message Activity Per Hour + +![Exchange Metrics Data Collector Wizard Message Activity Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messageactivityfilter.webp) + +Configure the Message Activity Filter using the following options: + +- Add – To add a filter to the desired category, click **Add** in the desired category to add an + entry to that category +- Select **Exact Match** in the added filter to reveal a drop-down list with the following condition + options: + + - Exact matches + - Contains + - Begins with + - Ends with + +- Kind – Select **(Custom…)** to open the Custom Filter menu. The Custom Filter menu provides + options to create and configure other filters. +- Value – Type the filter to be applied + +The columns in the entry tables can be sorted and or filtered, using the same sorting and filtering +methods of Enterprise Auditor data grids. The **Remove** option will delete a selected filter. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messagesizes.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messagesizes.md new file mode 100644 index 0000000000..41ab014770 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messagesizes.md @@ -0,0 +1,26 @@ +# ExchangeMetrics: Message Sizes + +The Message Sizes page is used to configure message size frames for which to return summary metrics +by server. It is a wizard page for the category of: + +- Message Size Statistics Custom. + +![Exchange Metrics Data Collector Wizard Message Sizes page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messagesizes.webp) + +Configure the desired message size frames using the following options: + +- Frame name – Name the configured message size parameters. Can either be entered manually or a + default will populate when query limits are set. +- Start – Specify the lower limit of the message sizes (in MB) +- End – Specify the upper limit of the message sizes (in MB) + +For example, a **Start** value of **1** and an **End** value of **2** returns messages between 1 and +2 megabytes. + +- Infinite – Select the checkbox to remove the **End** value from the scan. For example, a **Start** + value of **5** with the **Infinite** checkbox selected retrieves all messages which are 5 + megabytes or larger. + +Once the frame is configured, click **Add**. The configured message size frame will appear in the +list. Multiple frames can be configured. Select a frame and click **Replace** to modify an existing +frame. Use **Remove** to delete an existing frame. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/options.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/options.md new file mode 100644 index 0000000000..a2067cb8e4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/options.md @@ -0,0 +1,57 @@ +# ExchangeMetrics: Options + +The Options page provides additional configuration options for the query. Options vary depending on +the category selected. It is a wizard page for the categories of: + +- Server Volume +- Internal Traffic Summary +- Internet Traffic Summary +- Delivery Time +- Delivery Time Custom +- User Statistics +- DL Statistics +- Hour Statistics +- Message Size Statistics +- Message Size Statistics Custom +- User’s Message Activity +- User’s Message Activity Per Hour +- Deploy or Change Applet Settings +- Remove Applet Settings + +![Exchange Metrics Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +Select the checkbox of any of the following options to configure the query: + +**NOTE:** Available options vary depending on Category selected. + +- Host-side Cleanup + + - Remove applet after task is completed + - Remove all summary data after task is completed (Not recommended) + - Remove summary data older than [number] days + - Remove AD database after task is completed + +- Applet Logging + + - Enable Logging – Enables the applet to log + - Applet log level – Select the desired log level using the dropdown list: + + - None + - Debug + - Information + - Warning + - Error + + - Set Default – Returns the Applet log level to the default of **Error** + +- Applet History + + - Enable Persistent Log State – Search the log from where the previous search left off. A state + file is created for each host configured in the query. State files can be viewed within + Enterprise Auditor and are named by the query GUID. State files display the record the + previous search left off on, the event log, and the date of the last entry. + +- AD Database Creation + + - Recreate AD DB if existing DB is older than [number] days + - Create AD DB locally diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/overview.md new file mode 100644 index 0000000000..ef8366939f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/overview.md @@ -0,0 +1,54 @@ +# ExchangeMetrics Data Collector + +The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking +Logs on the Exchange servers. Some examples of this include server volume and message size +statistics. This data collector runs as an applet over RPC connection to process and collect +summarized metrics from the Message Tracking Log. See the +[Exchange Support and Permissions Explained](/docs/accessanalyzer/11.6/requirements/solutions/exchange/support.md) +topic for a complete list of supported platforms. + +The ExchangeMetrics Data Collector has been preconfigured within the Exchange Solution. Both this +data collector and the solution are available with a special Enterprise Auditor license. See the +[Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +topic for additional information. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the local Administrator group on the targeted Exchange server(s) + +See the +[Exchange Mail-Flow Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/mailflow.md) +topic for additional information. + +## ExchangeMetrics Query Configuration + +The ExchangeMetrics Data Collector is configured through the Exchange Metrics Data Collector Wizard, +which contains the following wizard pages: + +- Welcome +- [ExchangeMetrics: Category](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/category.md) +- [ExchangeMetrics: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/scope.md) +- [ExchangeMetrics: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/results.md) +- [ExchangeMetrics: Collect Mode](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/collectmode.md) +- [ExchangeMetrics: Time Frames](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/timeframes.md) +- [ExchangeMetrics: Message Sizes](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messagesizes.md) +- [ExchangeMetrics: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/options.md) +- [ExchangeMetrics: Message Activity Filter](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messageactivityfilter.md) +- [ExchangeMetrics: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/summary.md) + + **NOTE:** Pages available vary depending on the Category selected. + +![Exchange Metrics Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by checking the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/results.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/results.md new file mode 100644 index 0000000000..9811d10e7e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/results.md @@ -0,0 +1,10 @@ +# ExchangeMetrics: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +of the categories. + +![Exchange Metrics Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or the **Check All**, **Uncheck All**, or **Reset Defaults** +buttons can be used. Click **Expand All** to expand all property categories. All selected properties +will be gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/scope.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/scope.md new file mode 100644 index 0000000000..8047a4900e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/scope.md @@ -0,0 +1,46 @@ +# ExchangeMetrics: Scope + +The Scope page is used to define where to search. It is a wizard page for the categories of: + +- Server Volume +- Internal Traffic Summary +- Internet Traffic Summary +- Delivery Time +- Delivery Time Custom +- User Statistics +- DL Statistics +- Hour Statistics +- Message Size Statistics +- Message Size Statistics Custom +- User’s Message Activity +- User’s Message Activity Per Hour +- Deploy or Change Applet Settings + +![Exchange Metrics Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +Define the scope of the query using the following options: + +- Return data for section – Select the time period for which data will be collected. GMT time is + used by Exchange Metrics to calculate the result. + + - Today + - Yesterday + - This Week (from last Sunday till today) + - Last Week (from Sunday till Saturday) + - This Month + - Last Month + - Last [number] days + - Within time frame: + - From [calendar date] to [calendar date] – Use the drop-down arrows to select calendar dates. + +- Return results section – Select the table design for the collected data + + - One row for – Use the drop-down list to select one of the following options: + + - All period + - Day + - Week + - Month + + - Add summary values as last row – Select this checkbox to add summary values as the last row. + This option is enabled when **Day**, **Week**, or **Month** are selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/summary.md new file mode 100644 index 0000000000..397188bd39 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/summary.md @@ -0,0 +1,10 @@ +# ExchangeMetrics: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all of the +categories. + +![Exchange Metrics Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Exchange Metrics Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/timeframes.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/timeframes.md new file mode 100644 index 0000000000..3580bf0d05 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/timeframes.md @@ -0,0 +1,31 @@ +# ExchangeMetrics: Time Frames + +The Time Frames page is used to configure message delivery time frames for which to return summary +metrics by server. It is a wizard page for the category of: + +- Delivery Time Custom. + +![Exchange Metrics Data Collector Wizard Time Frames page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/timeframes.webp) + +Configure the desired time frames using the following options: + +- Frame name – Name the configured time frame. Can either be entered manually or a default will + populate when frame limits are set. +- Start – Specify the lower limit of the delivery time frame +- End – Specify the upper limit of the delivery time frame +- Select the time unit of the time frame: + + - Seconds + - Minutes + - Hours + +For example, a **Start** value of **1** and an **End** value of **2** with the **Minutes** unit +selected returns messages delivered in 1 to 2 minutes. + +- Infinite – Select the checkbox to eliminate the **End** value from the scan. For example, a + **Start** value of **2** with the **Infinite** checkbox selected retrieves all messages that took + 2 seconds/minutes/hours or longer to deliver. + +Once the frame is configured, click **Add**. The configured message time frame will appear in the +list. Multiple time frames can be configured. Select a frame and click **Replace** to modify an +existing frame. Use **Remove** to delete an existing frame. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/category.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/category.md new file mode 100644 index 0000000000..5ae7a978c2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/category.md @@ -0,0 +1,334 @@ +# ExchangePS: Category + +The Category page contains a connection section where connection options are defined. It is also +where the query category is selected. The available query categories are sub-divided by auditing +focus. + +![ExchangePS Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +## Connection + +In the Connection section, select the method for connecting to the target Exchange environment: + +- Use Global setting – Reads from the global configuration from the **Settings** > **Exchange** + node, specifically the **Client Access Server** (CAS) field + + - See the + [Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) + topic for additional information on these settings + +- Use specific server – Use a different server from what is set in core + + - Exchange 2010 Servers – Can use the CAS server set in the global configuration (**Settings** > + **Exchange** node) + - Exchange 2013 & 2016 – Require an actual CAS server name: + + - If the **Settings** > **Exchange** node was configured for MAPI over HTTP, then an actual + CAS server name was supplied and will be used by the ExchangePS Data Collector + - If the **Settings** > **Exchange** node was configured for MAPI over HTTPS, then the + global configuration will have a web address instead of an actual server. Therefore, each + query requires the CAS server to be set as the specific server on the Category page. + +- Use Office 365 – Connect to Office 365 +- Use pipelined PowerShell – Processes each mailbox object in turn. When selected, the data + collector streams data to the database instead of transferring batches of data. + + - This option uses less memory but is more sensitive to network conditions + - Only available for Exchange 2013+ target environments + +## Query Categories + +The ExchangePS Data Collector contains the following query categories, sub-divided by auditing +focus: + +- Mailbox Information + + - Mailboxes – Collects mailbox information + - Mailbox Permissions – Collects permissions on mailbox folders (Exchange 2010 or later) + - Mailbox Databases – Collects information on mailbox databases + + **NOTE:** This option is not available for Office 365 target environments + + - Mailbox Rights – Collects information on mailbox rights + - Mailbox AD Rights – Collects information on mailbox Active Directory rights + - Mailbox Search – Search mailboxes (Exchange 2010 or later) + - Mailbox Access Logons – Collects information on mailbox access logons + +- Exchange Organization + + - Exchange Users – Collects Exchange user properties + +- Exchange ActiveSync + + - Exchange ActiveSync Mobile Devices – Collects Exchange ActiveSync for mobile devices + +- Public Folder Information + + - Public Folder Content – Collects general statistics and sizing for the public folder + environment + - Public Folder Permissions – Collects permission information for the public folder environment + +- Office 365 – Only available for Office 365 target environments + + - Mail Flow Metrics – Collects information about mail flow in the Exchange Online environment + +- Domain Information + + - Domains – Collects information about Domains in the Exchange environment + +Each category has specific requirements and capabilities per auditing focus: + +- [Mailbox Information](#mailbox-information) +- [Exchange Organization](#exchange-organization) +- [Exchange ActiveSync](#exchange-activesync) +- [Public Folder Information](#public-folder-information) +- [Office 365](#office-365) +- [Domain Information](#domain-information) + +### Mailbox Information + +Mailbox Information audit focus contains the following categories: + +Mailboxes + +This category gathers high-level statistics about the Mailboxes in the environment. It can be run +with quick properties or all properties. The quick properties are the first 14 properties and +significantly reduce the time it takes to return the information. The PowerShell queries this +category runs are as follows: + +``` +Get-Mailbox +Get-MailboxStatistics +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +Mailbox Permissions + +This category returns Mailbox Folder permissions and folder level statistics about the mailboxes. +The PowerShell queries this category runs are as follows: + +``` +Get-Mailbox +Get-MailboxFolderPermission +Get-MailboxStatistics +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +Mailbox Databases + +This category returns information about the Mailbox Databases which reside in the organization. The +PowerShell query this category runs is as follows: + +``` +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +Mailbox Rights + +This category returns Mailbox Rights assigned to each Mailbox, such as Full Mailbox Access. The +PowerShell query this category runs is as follows: + +``` +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +Mailbox AD Rights + +This category returns information about the Mailbox Databases which reside in the organization. The +PowerShell query this category runs is as follows: + +``` +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +Mailbox Search + +This category provides the capability to search the Mailbox for any criteria configured inside the +data collector. The PowerShell queries this category runs are as follows: + +``` +Search-Mailbox +Get-Mailbox +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Filter by Message](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/filtermessage.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +Mailbox Access Logons + +This category returns the Mailbox Access Auditing log details. Mailbox Access Auditing does need to +be enabled on the Mailboxes in order for this job to return any information. The PowerShell queries +this category runs are as follows: + +``` +Search-MailboxAuditLog +Get-Mailbox +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Mailbox Logons](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailboxlogons.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +### Exchange Organization + +Exchange Organization audit focus contains the following category: + +Exchange Users + +This category returns information about the Mail-Enabled Users in the Exchange environment. The +PowerShell queries this category runs are as follows: + +``` +Get-User +Get-CASMailbox +Get-Mailbox +Get-ThrottlingPolicyAssociation +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +### Exchange ActiveSync + +Exchange ActiveSync audit focus contains the following category: + +Exchange ActiveSync Mobile Devices + +This category returns ActiveSync device properties and the Exchange Mailboxes they are associated +to. The PowerShell queries this category runs are as follows: + +``` +Get-ActiveSyncDeviceStatistics +Get-Mailbox +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +### Public Folder Information + +Public Folder Information audit focus contains the following categories: + +Public Folder Content + +This category returns general statistics and sizing for the public folder environment. When it is +selected, the following ExchangePS Data Collector Wizard pages are available for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +Public Folder Permissions + +This category returns permissions information for the public folder environment. When it is +selected, the following ExchangePS Data Collector Wizard pages are available for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +### Office 365 + +Office 365 audit focus contains the following category: + +Mail Flow Metrics + +This category returns information about mail flow in the target Exchange Online environment. When it +is selected, the following ExchangePS Data Collector Wizard pages are available for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Mail Flow](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailflow.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +### Domain Information + +Domain Information audit focus contains the following category: + +Domains + +This category returns information about domains in the Exchange environment. When it is selected, +the following ExchangePS Data Collector Wizard pages are available for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/configurejob.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/configurejob.md new file mode 100644 index 0000000000..48b424e245 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/configurejob.md @@ -0,0 +1,82 @@ +# Exchange Custom Connection Profile & Host List + +The ExchangePS Data Collector requires a custom Connection Profile and host list to be created and +assigned to the job conducting the data collection. The host inventory option during host list +creation makes it necessary to configure the Connection Profile first. + +**NOTE:** It is not possible to target both Exchange Online and on-premises Exchange environments +from the same job. Therefore, the Connection Profile should only contain the credentials for one +type of environment. + +## Exchange On-Premises + +This section describes the process to configure the Connection Profile and host list for Exchange +on-premises environments. + +### Exchange On-Premise Credential for a Connection Profile + +The provisioned credential used should be an Active Directory account. Create a Connection Profile +and set the following information on the User Credentials window: + +- Select Account Type – Active Directory Account +- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain + name in the textbox or select a domain from the menu. +- User name – Type the user name +- Password Storage – Choose the for credential password storage: + + - Application – Uses the configured Profile Security setting as selected at the **Settings** > + **Application** node + - CyberArk – Uses the CyberArk Enterprise Password Vault + +- Password – Type the password +- Confirm – Re-type the password + +### Exchange On-Premise Host List + +The ExchangePS Data Collector should be set to run against: + +- Local host + +## Exchange Online + +This section describes the process to configure the Connection Profile and custom host list for +Exchange Online. + +### Exchange Online Credential for a Connection Profile + +The provisioned credential must be created with the Exchange Modern Authentication account type. +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Exchange Modern Authentication +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Organization – The primary domain name of the Microsoft Entra tenant being leveraged to make the + connection. See the + [Identify the Tenant's Name](/docs/accessanalyzer/11.6/config/exchangeonline/access.md#identify-the-tenants-name) + topic for additional information. +- Email Address – The email address for the mailbox to be leveraged in Exchange Online environment + scans. The mailbox must belong to the primary domain used in the Organization field. +- AppID – Application (client) ID of the Enterprise Auditor application registered with Microsoft + Entra ID. See the + [Identify the Client ID](/docs/accessanalyzer/11.6/config/exchangeonline/access.md#identify-the-client-id) + topic for additional information. +- Certificate Thumbprint – The thumbprint value of the certificate uploaded to the Microsoft Entra + ID application. See the + [Upload Self-Signed Certificate](/docs/accessanalyzer/11.6/config/exchangeonline/access.md#upload-self-signed-certificate) + topic for additional information. + +### Exchange Online Host List + +Exchange Online requires a custom host list. The host list should include the tenant name of the +Microsoft Entra tenant used to connect to Exchange Online. + +- The host name must be the domain name of the tenant, for example `company.onmicrosoft.com`. See + the + [Identify the Tenant's Name](/docs/accessanalyzer/11.6/config/exchangeonline/access.md#identify-the-tenants-name) + topic for additional information. + +See the +[Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) +topic for instructions on creating a custom host list. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md new file mode 100644 index 0000000000..cd65dfac15 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md @@ -0,0 +1,16 @@ +# ExchangePS: Error Logging + +The Error Logging page is used to configure how long to keep the PowerShell logs. It is a wizard +page for all of the categories. + +![ExchangePS Data Collector Wizard Error Logging page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.webp) + +Select from the following options: + +- Remove all log files – Removes the PowerShell logs when data collection completes +- Keep log files newer than [number] days – Removes PowerShell logs older than the specified age + when data collection completes + +These log files are stored in the following location on the target host: + +…\STEALTHbits\StealthAUDIT\ExchangePS diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/filtermessage.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/filtermessage.md new file mode 100644 index 0000000000..a9166860e4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/filtermessage.md @@ -0,0 +1,79 @@ +# ExchangePS: Filter by Message + +The Filter by Message page is used to define the filter conditions of the search. It is a wizard +page for the category of: + +- Mailbox Search + +![ExchangePS Data Collector Wizard Filter by Message Conditions page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/filtermessage.webp) + +In the Select Conditions section, choose the filter logic: + +- All Conditions – All selected conditions must be met +- Any condition – Any of the selected conditions must be met + +Available conditions to select from include: + +- date when message expires according to policy – If selected, specify date range through the Date + Range Selection window +- with specific words in the retention policy – If selected, specify words through the Words window +- with specific words in the subject – If selected, specify words through the Words window +- with specific words in the body – If selected, specify words through the Words window +- with specific words in the subject or body – If selected, specify words through the Words window +- with specific words in the recipient’s address – If selected, specify words through the Words + window +- with specific words in the sender’s address – If selected, specify words through the Words window +- that was received in a specific date range – If selected, specify date range through the Date + Range Selection window +- with specific words in the attachment – If selected, specify words through the Words window + +See the [Date Range Selection Window](#date-range-selection-window) and +[Words Window](#words-window) topics for additional information. + +In the Select Search Mailbox Parameters section, select the desired filter parameters: + +- Do not Include Archive +- Include Unsearchable Items +- Search Dumpster +- Search Dumpster Only + +#### Date Range Selection Window + +The Date Range Selection window is opened by the **Specify Date Range...** option for a date related +filter on the Filter by Message page. + +![Date Range Selection window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/daterangeselectionwindow.webp) + +Select the range category on the left and configure the range setting in the enabled fields: + +- Over – Select the number and time units. The available time units are: **Days**, **Months**, or + **Years**. +- Last – Select the number and time units. The available time units are: **Days**, **Months**, or + **Years**. +- Before – Drop-down menu opens a calendar selection view, choose the end date +- After – Drop-down menu opens a calendar selection view, choose the start date +- Between (Date) – Drop-down menus open calendar selection view, choose the start and end dates +- Between – Select the numbers for the lower and upper range boundary, and the desired time units. + The available time units are: **Days**, **Months**, or **Years**. + +When the date range is specified, click **OK**. The selected date range shows as a filter on the +Filter by Message page. Click the filter to open the Date Range Selection window to modify the date +range. + +#### Words Window + +The Words window is opened by the **Specify words...** option for a word related filter on the +Filter by Message page. + +![Words window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/wordswindow.webp) + +In the Search property section, choose the filter logic: + +- All Words – All selected word filters must be met +- Any Words – Any of the selected word filters must be met + +Then, configure the required words in the filter list. Enter the word in the textbox and click +**Add**. To delete a word from the filter list, select the word and click **Remove**. + +When the word list is complete, click **OK**. The specified words show as a filter on the Filter by +Message page. Click the filter to open the Words window to modify the list. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailboxlogons.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailboxlogons.md new file mode 100644 index 0000000000..8714eb5dc4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailboxlogons.md @@ -0,0 +1,21 @@ +# ExchangePS: Mailbox Logons + +The Mailbox Logons page is used to define the type of mailbox logon events to return, as well as the +date range to be returned. It is a wizard page for the category of Mailbox Information > Mailbox +Access Logons. + +![ExchangePS Data Collector Wizard Mailbox Logons page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailboxlogons.webp) + +Select the desired checkboxes to indicate which logons to audit: + +- Delegate +- Admin +- Owner + +Specify the date range for the logons: + +- Last – Select the number and time units + + **NOTE:** Available units are **Days**, **Months**, or **Years**. + +- Between (Date) – Use the drop-down menus to open calendars to select the start and end dates diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailflow.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailflow.md new file mode 100644 index 0000000000..d56ecd65c1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailflow.md @@ -0,0 +1,16 @@ +# ExchangePS: Mail Flow + +The Mail Flow page returns permissions information for the public folder environment. It is a wizard +page for the category of: + +- Office 365 > Mail Flow Metrics + +![ExchangePS Data Collector Wizard Mail Flow page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailflow.webp) + +Select and configure a date range from the following options: + +**NOTE:** Date range must be 7 days or less. + +- Last – Select the number of days +- Between (Date) – Use the drop-down menus to open the calendar selection view to choose the start + and end dates diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md new file mode 100644 index 0000000000..fdec59a688 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md @@ -0,0 +1,31 @@ +# ExchangePS: Options + +The Options page is used to configure additional options. It is a wizard page for all of the +categories. + +![ExchangePS Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +The following options can be configured: + +- Message size units - Select the message size for the query: + + - KB + - MB + - GB + +- How to format collected results – Select how table will be formatted according to the return data: + + - Return data as collected + - Return each value of the following property in a separate row – Enabled for specific + properties selected on the Results page + - Return data in a separate row for each property set in the following group – Enabled for + specific properties selected on the Results page + +- How to return multi-valued properties – Select how the table will be formatted when the return + data contains multi-valued properties: + + - Concatenated + + - Delimiter – Enter the desired delimiter to be used between values + + - First-value only diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/overview.md new file mode 100644 index 0000000000..e01a742940 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/overview.md @@ -0,0 +1,87 @@ +# ExchangePS Data Collector + +The ExchangePS Data Collector utilizes the Exchange CMDlets to return information about the Exchange +environment utilizing PowerShell. This data collector has been designed to work with Exchange 2010 +and newer. The ExchangePS Data Collector has been preconfigured within the Exchange Solution. Both +this data collector and the solution are available with a special Enterprise Auditor license. See +the +[Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +topic for additional information. + +Protocols + +- PowerShell + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Remote PowerShell enabled on a single Exchange server +- Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server + where Remote PowerShell has been enabled +- View-Only Organization Management Role Group +- Discovery Search Management Role Group +- Public Folder Management Role Group +- Mailbox Search Role + +- Discovery Management Role +- Organization Management Role + +See the +[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) +topic for additional information. + +## Remote PowerShell + +The ExchangePS Data Collector will utilize Remote PowerShell when connecting to Exchange 2010 or +newer. This behavior simulates what the Exchange Management Shell does when loading. The below +PowerShell syntax is an example of how the connection is loaded through PowerShell. + +``` +$JobUserName = '{insert domain\username}' +$JobPassword = '{insert password}' +$secpasswd = ConvertTo-SecureString $JobPassword -AsPlainText -Force +$JobCredential = New-Object System.Management.Automation.PSCredential ($JobUserName, $secpasswd) +$relaxed=New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck +$sess=New-PSSession -ConnectionUri 'https://{exchangeserver}/powershell?serializationLevel=Full' -ConfigurationName 'Microsoft.Exchange' -AllowRedirection -Authentication Negotiate -Credential $JobCredential -SessionOption $relaxed  +Import-PSSession $sess +``` + +See the +[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) +topic for instructions on enabling Remote PowerShell. + +## The Exchange Applet + +The Exchange Applet will run on the Exchange server by the ExchangePS Data Collector in the +following circumstances: + +- An actual Client Access Server (CAS) server is not specified either in the global configuration + (**Settings** > **Exchange** node) or on the Category page of the ExchangePS Data Collector Wizard +- Remote PowerShell has not been enabled for targeting Exchange 2010 + +The following Exchange Snap-in is used when the applet is utilized: + +- Add-pssnapin Microsoft.Exchange.Management.Powershell.E2010 + +## ExchangePS Query Configuration + +The ExchangePS Data Collector is configured through the ExchangePS Data Collector Wizard, which +contains the following wizard pages: + +- [ExchangePS: Category](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/category.md) +- [ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Scope by DB](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopedatabases.md) +- [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopemailboxes.md) +- [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfolders.md) +- [ExchangePS: Filter by Message](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/filtermessage.md) +- [ExchangePS: Mailbox Logons](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailboxlogons.md) +- [ExchangePS: Results](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) + +Available pages vary according to selections made throughout the wizard. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md new file mode 100644 index 0000000000..c9eecafc92 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.md @@ -0,0 +1,9 @@ +# ExchangePS: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +of the categories. + +![ExchangePS Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or the **Select All** and **Clear All** buttons can be used. +All selected properties will be gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md new file mode 100644 index 0000000000..c9372d687f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md @@ -0,0 +1,48 @@ +# ExchangePS: Scope + +The Scope page establishes how mailboxes are scoped. It is a wizard page for all of the categories. + +![ExchangePS Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +Available scoping options vary based on the category selected. Scoping options include: + +- No Scoping Target Host: Local Host – Returns all results for the entire targeted Exchange + Organization + + - If this option is selected, then the data collector should be run against the host specified + on the Summary page. See the + [ExchangePS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md) topic + for additional information. + - When using the applet, the data collector gathers information about the Exchange Forest in + which the Enterprise Auditor Console currently resides + - For Remote PowerShell, the data collector gathers information about the Exchange Organization + to which the Remote PowerShell connection was made. This refers to the server entered in the + Client Access Server (CAS) field of the global configuration from the **Settings** > + **Exchange** node or on the this page. + +- Scope by Database Target Host: Local Host – Scope query to return results for specific databases. + If this option is selected, the Scope by Database page is enabled in the wizard. See the + [ExchangePS: Scope by DB](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopedatabases.md) topic + for additional information. +- Scope by Mailbox Target Host: Local Host – Scope query to return results for specific mailboxes. + If this option is selected, the Scope by Mailboxes page is enabled in the wizard. See the + [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopemailboxes.md) topic + for additional information. +- Scope by Server Target Host: Exchange MB Server – Scope query to return results for specific + servers selected in the job’s **Configure** > **Hosts** node + + - When using the applet, the data collector deploys a process to the targeted host to run the + PowerShell on that server + - For Remote PowerShell, the data collector does not deploy anapplet and utilizes the WinRM + protocol to gather information about the objects on that server. See the + [Remote PowerShell](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/overview.md#remote-powershell) + and + [The Exchange Applet](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/overview.md#the-exchange-applet) + topics for additional information. + +- Scope by Public Folder – Scope query to return results for specific Public Folders. If this option + is selected, the Scope by Public Folders page is enabled in the wizard. See the + [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfolders.md) topic + for additional information. +- View entire forest when querying for objects – Select this checkbox to scan the entire forest when + querying for objects diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopedatabases.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopedatabases.md new file mode 100644 index 0000000000..70c3f086c7 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopedatabases.md @@ -0,0 +1,19 @@ +# ExchangePS: Scope by DB + +The Scope by Databases page is used to define specific databases to search. This page is enabled +when **Scope by Database Target Host: Local Host** option is selected on the Scope page. See the +[ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) topic +for additional information. + +When using the applet, the data collector returns databases for the Exchange Organization in which +the Enterprise Auditor Console currently resides, and only returns information about those +databases. For Remote PowerShell, the data collector returns databases for the Exchange Forest and +only returns information about those databases. + +![ExchangePS Data Collector Wizard Scope by Databases page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopedatabases.webp) + +Click **Retrieve** to return all databases in the Exchange Organization and populate them in the +Available Databases list. Select the desired databases from Available Databases and click **Add**. +The selected databases are added in the Selected Databases list. To remove undesired databases from +Selected Databases, select them and click **Remove**. The Select All and Clear All buttons can be +used for quick selection. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopemailboxes.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopemailboxes.md new file mode 100644 index 0000000000..eee44877e0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopemailboxes.md @@ -0,0 +1,19 @@ +# ExchangePS: Scope by Mailboxes + +The Scope by Mailboxes page is used to define specific mailboxes to search. This page is enabled +when the **Scope by Mailbox Target Host: Local Host** option is selected on the Scope page. See the +[ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) topic +for additional information. + +When using the applet, the data collector will return mailboxes for the Exchange Forest in which the +Enterprise Auditor Console currently resides, and only return information about those mailboxes. For +Remote PowerShell, the data collector will return mailboxes for the Exchange Forest as well as +return information about those mailboxes. + +![ExchangePS Data Collector Wizard Scope by Mailboxes page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopemailboxes.webp) + +Click **Retrieve** to return all mailboxes in the Exchange Organization and populate them in the +Available Mailboxes list. Select desired mailboxes from the Available Mailboxes list and click +**Add**. The selected mailboxes are added in the Selected Mailboxes list. To remove undesired +mailboxes from Selected Mailboxes, select them and click **Remove**. The Select All and Clear All +buttons can be used for quick selection. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfolders.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfolders.md new file mode 100644 index 0000000000..e09e68f543 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfolders.md @@ -0,0 +1,40 @@ +# ExchangePS: Scope by Public Folders + +The Scope by Public Folders page is used to define specific public folders to search. This page is +enabled when the **Scope by Public Folder** option is selected on the Scope page. See the +[ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) topic +for additional information. + +Configure the **Scope** option using the drop-down. The available options are: + +- Selected Public Folder +- Selected Table + +The option selected changes how the public folders are identified for scoping. + +## Selected Public Folder + +The **Selected Public Folders** scope option retrieves all public folders in the Exchange +organization, populating them in the Available list. + +![ExchangePS Data Collector Wizard Scope by Public Folders page with Selected Public Folders option](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfolders.webp) + +The **Search** feature filters this list. Select the desired public folders and click **Add**. The +selected public folders are added to the Selected list. Use the **Remove** option to delete selected +public folders from the list. The Select All or Deselect All buttons can be used for quick +selection. Additional scoping options include: + +- Return only these folders – Audits only the selected public folders +- Return all children – Audits the selected public folders and all sub-folders +- Return only direct children – Audits the selected public folders and one folder deeper + +## Selected Table + +The **Selected Table** scope option populates the Available tables list with tables from the +Enterprise Auditor database. + +![ExchangePS Data Collector Wizard Scope by Public Folders page with Selected Table option](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp) + +The **Search** feature filters this list. Select the table that houses the list of public folders +for which this query will be scoped. The Field containing EntryIDs list is populated with columns +from the selected table. Select the appropriate column from the list. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md new file mode 100644 index 0000000000..4f4d7cd923 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.md @@ -0,0 +1,10 @@ +# ExchangePS: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![ExchangePS Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the ExchangePS Data Collector Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/category.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/category.md new file mode 100644 index 0000000000..d4c9137806 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/category.md @@ -0,0 +1,12 @@ +# ExchangePublicFolder: Category + +The Category page is used to select the objects to search. + +![Exchange Public Folder Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The ExchangePublicFolder Data Collector contains the following query categories: + +- Contents – Returns information on the contents of each folder within the scope +- Permissions – Returns permissions on the each folder within the scope +- Ownership – Returns trustees which have the owner permission role +- Replicas – Returns a listing for each folder within the scope, including the replicas diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/options.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/options.md new file mode 100644 index 0000000000..3387ce06ba --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/options.md @@ -0,0 +1,33 @@ +# ExchangePublicFolder: Options + +The Options page provides additional configuration options for the query. It is a wizard page for +all of the categories. Available options vary based on the category selected. + +![Exchange Public Folder Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +The Options page contains the following options: + +- Process folders that physically reside on the target server only – This option will limit + extraction to only the subset of public folders which reside on this server when selected. Clear + this option if targeting the Exchange 2010 Public Folder Server. The ability to scope to the + targeted server is not available for Exchange 2010. The entire public folder hierarchy is + returned. +- Message size units: + + - KB + - MB + +- Include subfolders in message counters – This option is only available for the Contents category. + When this option is selected, it will include subfolders in message counters, according to the + Scope page settings. See the + [ExchangeMetrics: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/scope.md) topic + for additional information. +- Large attachment threshold (Kb) – Configure the desired size limit for attachments. The default + value is 500. + +In the Attachment types section, configure attachment count types. + +- Count attachment types – Selecting this option enables the Content Types settings +- Add New – Add classifications and provide the file extensions for those classifications +- Load Defaults – Resets the **Attachment types** configuration to its original settings +- Remove – Deletes a selected classification from the filter list diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/overview.md new file mode 100644 index 0000000000..563b586bc0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/overview.md @@ -0,0 +1,73 @@ +# ExchangePublicFolder Data Collector + +The ExchangePublicFolder Data Collector audits an Exchange Public Folder, including contents, +permissions, ownership, and replicas. This is a MAPI-based data collector which requires the +**Settings > Exchange** node to be enabled and configured. See the +[Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) +topic for additional information. + +The ExchangePublicFolder Data Collector has been preconfigured within the Exchange Solution. Both +this data collector and the solution are available with a special Enterprise Auditor license. See +the +[Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +topic for additional information. + +Protocols + +- MAPI +- RPC + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Exchange Administrator group +- Organization Management + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +## ExchangePublicFolder Query Configuration + +The ExchangePublicFolder Data Collector is configured through the Exchange Public Folder Data +Collector Wizard, which contains the following wizard pages: + +- Welcome +- [ExchangePublicFolder: Category](/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/category.md) +- [ExchangePublicFolder: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scope.md) +- [ExchangePublicFolder: Properties](/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/properties.md) +- [ExchangePublicFolder: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/options.md) +- [ExchangePublicFolder: Probable Owner](/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableowner.md) +- [ExchangePublicFolder: Summary](/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/summary.md) + +The query requires special permissions to connect to target Exchange servers. Configure these +permissions on the Welcome page. + +![Exchange Public Folder Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +In the Connection Setting section, choose to either maintain the global inheritance, or configure +query specific settings. + +The **Use Global setting** option specifies what setting is being inherited. Clear this option to +break inheritance, and then select one of the following options: + +- System Attendant (2003 & 2007) +- Use the maibox associated with the Windows account that Enterprise Auditor is run with +- Exchange Mailbox (2010 and newer) – Enter the Exchange mailbox +- Client Access Server – Enter the CAS + +See the +[Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) +topic for additional information. + +In the Sampling server section, enter the Exchange server in the textbox to be used to test the +connection settings. Click **Test sampling server** to ensure there is access to the server. The box +at the bottom of the page displays information regarding the test connection in progress. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableowner.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableowner.md new file mode 100644 index 0000000000..c1ffa36df8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableowner.md @@ -0,0 +1,56 @@ +# ExchangePublicFolder: Probable Owner + +The Probable Owner Settings page provides configuration options to determine an owner. It is enabled +when the Probable Owner property is selected on the Properties page. See the +[ExchangePublicFolder: Properties](/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/properties.md) topic +for additional information. + +![Exchange Public Folder Data Collector Wizard Probable Owner page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableowner.webp) + +In the Determine owner section, select the desired option to specify what setting to use to +determine an owner: + +- Determine owner from folder hierarchy – Select to determine the probable owner with a weight of + one hundred percent on file hierarchy +- Determine owner from content count – Select to determine the probable owner with a weight of one + hundred percent of content count +- Determine owner from content size – Select to determine the probable owner with weight of 100 + percent on content size +- Use custom weights – Select to enable the **Result weights** option to assign custom weights to + the ownership categories + + ![Probable Owner Settings window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp) + +- Result weights – This option is enabled when the **Use custom weights** option is selected. Click + the ellipses to open the Probable Owner Settings window and assign ownership weights to distribute + between the parameters. + +In the Exclusions section, select one or more of the following checkboxes to specify exclusions: + +- Exclude locked out users +- Exclude disabled users +- Exclude Zombie Owners +- Exclude users from analysis – Select this checkbox to enable the Exclude users list and add users + for exclusion. + + - Add user – Enter a user in the box and click **Add user** to add the user to the exclusion + list + - Import from file – Click **Import from file** to open the Import File Dialog page and browse + for a file to import + - Select from GAL – Click **Select from GAL** to select a user from the Global Address Book + - Clear list – Click **Clear list** to remove all users from the Exclude users list + - Remove selected – Select a user or users to remove from the Exclude users list and click + **Remove selected** to remove the users + +In the Output Options section, select the desired output option: + +- Get one most probable owner – Return one probable owner +- Get probable owners with relative deviation to the most probable owner – Return probable owners + based on the deviation from percentage from the most probable owner + + - Maximum deviation [number] percents – Use the arrow buttonss to enter the desired percent of + deviation from the most probable owner from which to return probable owners + +- Get multiple probable owners – Return multiple probable owners + + - Count – Use the arrow buttons to enter the desired number of probable owners to return diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/properties.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/properties.md new file mode 100644 index 0000000000..786ab08d7a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/properties.md @@ -0,0 +1,16 @@ +# ExchangePublicFolder: Properties + +The Properties page is where properties that will be gathered are selected. It is a wizard page for +all of the categories. + +![Exchange Public Folder Data Collector Wizard Properties page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/properties.webp) + +Properties can be selected individually or you can use the **Select All**, **Clear All**, or **Reset +All** buttons. All selected properties will be gathered. The **Message Classes** button opens the +Message classes filters window. + +![Message classes filters window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp) + +The wildcard (`*`) returns all message class filters. Enter the name of a class filter and click +**Add** to add it to the list. **Delete** will remove the selected class filter from the list. The +**Load defaults** option will restore the class filter default settings. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scope.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scope.md new file mode 100644 index 0000000000..ef8456402a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scope.md @@ -0,0 +1,71 @@ +# ExchangePublicFolder: Scope + +The Scope page is used to define which folders will be included will be searched by this query. It +is a wizard page for all of the categories. + +![Exchange Public Folder Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +In the Choose Type of Public Folders to be queried section, select either: + +- Default Public Folders – User can access these folders directly with client applications such as + Microsoft Outlook. In its default configuration, Exchange System Manager displays these folders + when a public folder tree is expanded. +- System Public Folders – Users cannot access these folders directly. Client applications, such as + Microsoft Outlook, use these folders to store information such as free and busy data, offline + address lists, and organizational forms. Other folders hold configuration information that is used + by custom applications or by Exchange itself. The Public Folders tree contains extra system + folders, such as the EFORMS REGISTRY folder, that do not exist in general-purpose public folder + trees. + +In the Choose Scope of Public Folders to be queried section, select one of the following options: + +- All Public Folders – Returns all public folders within the targeted environment +- Selected Public Folders – Returns only those public folders specified on the Scope page of the + query + + - See the [Scope to the Selected Public Folders](#scope-to-the-selected-public-folders) topic + for additional information + +- Selected Table – Returns only those public folders within the table and field name specified on + the Scope page of the query + + - See the [Scope to Selected Table](#scope-to-selected-table) topic for additional information. + +## Scope to the Selected Public Folders + +When Scope to **Selected Public Folders** is selected on the Scope page, the options to specify the +desired folders are enabled. + +![Scope page with Selected Public Folders option selected](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp) + +Configure the scope of the selected public folders to be queried: + +- Select public folders from – Enter the name of the server hosting the desired public folders and + click **Retrieve**. The box will populate with available public folders. +- Add – Adds the selected folders +- Add Recursive – Adds the selected folders and all child folders. Not adding recursive folders will + add only the selected folder without its child folders. +- Highlight selected host folders – Highlights all the folders that are physically housed on the + selected host. If enabled, physically housed folders show in bold text in the list that is + returned after clicking **Retrieve**. + +The selected public folders are added in the table at the bottom. Click **Remove** to delete a +selected word from the filter list. + +## Scope to Selected Table + +When Scope to **Selected Table** is selected on the Scope page, the options to specify the desired +tables are enabled. + +![Scope page with Selected Table option selected](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp) + +Configure the selected tables to be queried: + +- Table Name – retrieves the list of selected public folders from a Enterprise Auditor database + table. Click **Retrieve** to populate the Table name box with all available tables within the + database. + + - The Table name box can be filtered by entering a name in the textbox and clicking **Retrieve** + +- Field name – Select the desired table and the available fields will populate the Field names box. + Select the field containing the public folder names. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/summary.md new file mode 100644 index 0000000000..697a1867fe --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/summary.md @@ -0,0 +1,10 @@ +# ExchangePublicFolder: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all of the +categories. + +![Exchange Public Folder Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Exchange Public Folder Data Collector Wizard to ensure that no +accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/file/category.md b/docs/accessanalyzer/11.6/admin/datacollector/file/category.md new file mode 100644 index 0000000000..26a768f3cc --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/file/category.md @@ -0,0 +1,15 @@ +# File: Category + +Use the Category page to identify the type of information to retrieve in this query. + +![File Search Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The categories are: + +- Calculate Group Size (Files Only) – Scans of disk space for the amount used by files in each + folder location. This option scopes the query to files so that any information involving the + folders that hold the files is not retrieved. +- File or Folder Properties – Scans the target host for specific attributes and properties + associated with certain files and folders in the environment. This option is selected by default. +- File or Folder Permissions – Scans files or folders for permission settings and effective + permission results for both users and groups diff --git a/docs/accessanalyzer/11.6/admin/datacollector/file/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/file/overview.md new file mode 100644 index 0000000000..d96b6bf6b3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/file/overview.md @@ -0,0 +1,47 @@ +# File Data Collector + +The File Data Collector provides file and folder enumeration, properties, and permissions. It is +used to find files and folders on a target host. The File Data Collector finds one or more files on +the target hosts. It can target any file extension. This data collector is a core component of +Enterprise Auditor and is available with all Enterprise Auditor licenses. + +**NOTE:** For enhanced file system data collections, use the +[FileSystemAccess Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/overview.md). + +Supported Platforms + +This data collector can target the same servers supported for the FileSystemAccess Data Collector. +See the +[File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) +topic for a full list of supported platforms. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports +- Optional TCP 445 + +Permissions + +- Member of the Local Administrators group + +## File Query Configuration + +The **File** Data Collector is configured through the File Search Wizard, which contains the +following wizard pages: + +- Welcome +- [File: Category](/docs/accessanalyzer/11.6/admin/datacollector/file/category.md) +- [File: Target Files](/docs/accessanalyzer/11.6/admin/datacollector/file/targetfiles.md) +- [File: Results](/docs/accessanalyzer/11.6/admin/datacollector/file/results.md) +- [File: Summary](/docs/accessanalyzer/11.6/admin/datacollector/file/summary.md) + +![File Search Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/file/results.md b/docs/accessanalyzer/11.6/admin/datacollector/file/results.md new file mode 100644 index 0000000000..58ac68fadc --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/file/results.md @@ -0,0 +1,31 @@ +# File: Results + +The Results page provides a list of available properties to be searched for and returned by the job +execution. The properties selected display as table columns in the results of the query. It is a +wizard page for all of the categories. + +![File Search Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or in groups with the **Select All** or **Clear All** +buttons. The properties available vary based on the category selected. + +**NOTE:** When the **Calculate Group Size (Files Only)** category is selected, the properties and +options on the Results page are grayed out. + +- Disable properties that require opening file – Disables properties that require opening files that + trigger the last accessed date timestamp + + - This option is available for the **File or Folder Properties** category + +- Only return permissions for the following user(s) – Defines users for the query. Enter the desired + users in the textbox. + + - This option is available for the **File or Folder Permissions** category + +- Only return permissions for the following group(s) – Defines groups for the query. Enter the + desired users in the textbox. + + - This option is available for the **File or Folder Permissions** category + +- Size Units – Identifies the unit in which the values will be displayed. The options are: + **Bytes**, **Kb**, **Mb**, or **Gb**. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/file/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/file/summary.md new file mode 100644 index 0000000000..d3752cfa4b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/file/summary.md @@ -0,0 +1,10 @@ +# File: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![File Search Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the File Data Collector Wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/file/targetfiles.md b/docs/accessanalyzer/11.6/admin/datacollector/file/targetfiles.md new file mode 100644 index 0000000000..8a3b2075f9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/file/targetfiles.md @@ -0,0 +1,115 @@ +# File: Target Files + +The Target Files page provides filters to scope the data collection. This can provide better search +results for the specific folder or file. It is a wizard page for all of the categories. + +![File Search Wizard Target Files page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/inifile/targetfiles.webp) + +Within the Target files configuration page, select the desired method to refine the query. + +**NOTE:** Some options are grayed out depending on the option selected. + +Where is the file or folder? + +This section supplies options for using a fixed path (wildcards and system variables) or registry +lookup values that are supported by the data collector. This header is available for all Category +selections. + +For either option, enter the path in the text box or click the browse button (**…**) to select from +the popup windows. + +**CAUTION:** When selecting a **Fixed path**, avoid using file paths from network drives or from the +network neighborhoods which begin with `\\`. + +- Fixed path – Specify a specific path to the target files. Use the following format: + `drive\filepath` (for example, `C:\WINNT\System32`). The browse button (**…**) opens the Remote + Folder Explorer window. + + **NOTE:** Further information for the Fixed path option is provided by clicking the tooltip + button (**?**). + +- System environment variables – Supply a traditional system root or previously defined variable + that maps to a physical path within the file system. This is typically used when the system root + is installed on a secondary volume. The following are variables that can be entered at the + beginning of the file path: + + - `%SYSTEMROOT%\Temp` – Expands to `C:\WINNT\Temp` on some target hosts + - `%WibnDir%\System32` – Expands to `C:\WINDOWS\System32` on some target hosts + - `%ProgramFiles%` – Expands to `C:\Program Files` on some target hosts + +- Registry Lookup – Find registry keys and values that exist on a target host in the environment. + Click the browse button (**…**) to open the Enterprise Auditor Registry Browser window. + + - Enterprise Auditor Registry – Connect to a host, then select a registry key and path to be + used for the lookup by the query + + - Registry Value – This value is automatically populated from the registry key + - Levels – After a registry path has been selected, the Levels slider can be used to + truncate the path for the key value in the Adjust Path dialog box + - Current Value – Displays the type of data each registry value contains + - Query 32-bit View – Select this checkbox to query a 32-bit view + - Query 64-bit View – Select this checkbox to query a 64-bit view + + When a **Fixed path** or **Registry Lookup** is mapped, select options to better refine + the search. Select one, none, or both. + +- Include network drives – Includes all mapped shared drives in the network in the query + + **CAUTION:** Including subfolders may result in hundreds of thousands of files being returned + depending on the environment being targeted. + +- Include subfolders – Searches all subfolders within the environment + +What is the file or folder name? + +The options in this section limit the search to folders or files with a specified name against the +targeted host. When the **I am looking for folders** option is selected, more options become +available for further refinement. + +**NOTE:** The **I am looking for folders** option and it's associated options are unavailable +(grayed out) when the **Calculate Group Size (Files Only)** category is selected. + +- I am looking for files – Identifies files that exist on the target location and returning property + information on these files +- I am looking for folders – Identifies folders that exist on the target location and returning + property information on these folders + + - Include root folder in results – Returns all information within the root folder + - Only include root folder – Returns information only for the root folder. This checkbox is + enabled when the **Include root folder in results** checkbox is selected. + +- With this name – Specific name of a file or folder. A wildcard is used to match any file or folder + to a specific naming convention. When searching for multiple objects, use a semicolon (`;`) to + separate the objects in the list. + +Last Modification Time Filter + +Last Modification Time Filter is an additional filtration clause. It filters the information +provided in the **Where is the file or folder** and **What is the file or folder name** criteria by +a specific time frames. The following options are available: + +- None – No time filter is applied. This option is selected by default. +- Between – Manually enter start and end dates in the following format (`MM/DD/YYYY`) or use the + dropdown calendar to set the date. By default, the date range is set for the current day. Select + **Today** to set the filter to the current date or **Clear** to reset the dates to a blank box. +- Most recent file – Filter the selected criteria by the most recent files since last modification +- Oldest file – Filter the **With this name** and selected fixed path or registry value by the + oldest files available +- In the last – Filter the selected criteria for the specified number of desired **days** or + **hours** + +File Size Filter + +The File Size Filter option is only available when the **Calculate Group Size (Files Only)** +category is selected. Select an option to activate the filter and narrow the query. + +- None – No file size filter is applied. This option is selected by default. +- Below – Filter to files smaller than the specified values + + - Enter the number in the first text box and then select the size (**Bytes**, **Kb**, **Mb**, or + **Gb**) from the dropdown menu + +- Above – Filter to files larger than the specified values + + - Enter the number in the first text box and then select the size (**Bytes**, **Kb**, **Mb**, or + **Gb**) from the dropdown menu diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/activitysettings.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/activitysettings.md new file mode 100644 index 0000000000..eab9f473a0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/activitysettings.md @@ -0,0 +1,90 @@ +# FSAA: Activity Settings + +The File System Activity Auditor Scan Filter Settings page is where activity scan filter settings +are configured. It is a wizard page for the category of File System Activity Scan. + +![FSAA Data Collector Wizard Activity Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/activitysettings.webp) + +In the Scan Filters section, choose from the following options: + +- Set Scan Filter for Detailed Activity – Enables the **Days** number box. Select the number of past + days for activity details to be collected. +- Set Filter for Statistics of Activity – Enables the **Days** number box. Select the number of past + days for activity statistics to be collected. + +In the Log Parsing Limits section, choose from the following option: + +- Number of Threads – Number of parsing threads FSAC can use at any given time. The default is four + threads. + +In the Scan Limit section, configure the following: + +- Set Log Processing Limit – Stops the scan after the set number of MB or GB of log files are + processed and the threshold number is reached + +These filters affect what data is collected from the activity logs. However, enabling these filters +also causes the corresponding bulk import query to purge the database of selected activity +information older than the time filter specified here. + +If either is left deselected, all available log files are collected and stored. This has a direct +impact on both scan time and database size. + +_Remember,_ the file activity options require the Activity Monitor to be deployed, configured, and +services running. + +In the Host Mapping section, configure the following: + +- Host Mapping – Provides a mapping between the target host and the hosts where activity logs + reside. Select **Configure Query** to open the File System Activity Scan Host Mapping page. This + feature requires advanced SQL scripting knowledge to build the query. See the + [Host Mapping](#host-mapping) topic for additional information. + +## Host Mapping + +If desired, enable the host mapping feature and select **Configure Query** to open the Host Mapping +Query window. + +![Host Mapping Query window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/hostmappingquery.webp) + +When the Enable host mapping checkbox is selected, the query textbox is enabled. The SQL query +provided by a user should return a set of log locations, target hosts, and host names of the +Monitored Hosts in the Activity Monitor. The target tables must reside within the Enterprise Auditor +database and contain at least the following columns: + +- LogLocation – Name of the hosts where activity logs reside. The required column name is case + sensitive and must be exactly `LogLocation`. +- HostName – Name of the configured HOST value in the Activity Monitor. The required column name is + case sensitive and must be exactly `HostName`. + + - Format must match exactly how the host is known to the Activity Monitor, on the Monitored Host + tab + +- Host – Name of the host being targeted in the FSAC scan and Bulk Import which the activity events + will be mapped to + +Enter the SQL query by clicking Sample Query then replacing the sample text in the textbox, as shown +above. The SQL query must target tables that have the required columns populated with the host +mapping. + +(Optional) Enter a host in the **Host parameter value (@host)** textbox to test the query to +retrieve the data for that host. + +Select **Test Query** to open a preview of the results in the Query Results window. Ensure that the +data being retrieved by the query is expected. When this option is selected, the data collector runs +against the target table. + +### Host-Agent Mapping + +Enterprise Auditor can be configured via the Host Mapping feature to support the use of Multiple +Activity Monitor Agents for a single targeted Host. See the examples below: + +Single-Host Single-Agent Example: + +![Query Results window for single agent example](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp) + +Single-Host Multiple-Agent Example: + +![Query Results window for multiple agent example](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp) + +**NOTE:** For multiple-agent setup, the configured Host Mapping table must have the same value for +HostName and Host, as shown in the Single-Host Multiple-Agent example. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md new file mode 100644 index 0000000000..7ea8e2c24b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md @@ -0,0 +1,124 @@ +# FSAA: Applet Settings + +The Applet Settings page is where the Applet Launch Mechanism and Applet Settings are configured. It +is a wizard page for the categories of: + +- File System Access/Permission Auditing Scan +- File System Activity Scan +- Sensitive Data Scan + +**NOTE:** This wizard page identifies options associated with the scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +![FSAA Data Collector Wizard Applet Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.webp) + +In the Applet Launch Mechanism section, choose one of three radio buttons: + +- MSTask Task Scheduler – Creates a scheduled task on the target host that runs the applet +- Windows Service – Automatically installs the FSAA Applet as a proxy service + - The Applet service runs as a Connection Profile credential unless the Local System checkbox is + selected in the Applet Settings options below. Then it runs the service in Local mode. +- Require applet to be running as a service on target (does not deploy or launch applet) + - See the + [File System Proxy Service Installation](/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md) + topic for additional information. + - It requires the `FSAAAppletServer.exe` to run as a service on the proxy host in order to run a + successful scan. When this radio button is selected, Enterprise Auditor does not deploy an + applet on the target or proxy machine. Therefore, if the File System Proxy service is not + running, the FSAA scan will fail. + - To avoid a failed scan when an applet cannot be deployed or the File System Proxy service is + not running, the Applet Gathering Settings page contains the **Fallback to local mode if + applet can’t start** option. This option allows the scan to run in local mode when an applet + cannot be deployed or the service is not running. + +![Applet Settings section of the Applet Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettingsappletsettings.webp) + +In the Applet Settings section, configure the following options: + +- Port number – Default port number is 8766 + - See + [Custom Parameters for File System Proxy Service](/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md#custom-parameters-for-file-system-proxy-service) + topic for additional information. +- Applet Log level – The type of log created on the target host. Checking the box to Enable Logging + enables the Applet log level drop-down menu. The **Set To Default** button resets the log level to + **Information**. + - Debug – Most verbose logging method, records everything that happens while the applet is + processing + - Information – Records the steps the applet takes while processing as well as errors and + warnings + - Warning – Record when the applet encounters both errors and warnings while processing + - Error – Least verbose logging method, only records when the applet encounters an error while + processing +- Keep log files for last [number] scan(s) – Data retention period. The default is set to **15**. +- Run service as Local System (only applies to Windows Service) + - When this checkbox is selected, the applet is deployed to run as a service on the target host. + The credentials in the Connection Profile are used to deploy and run the service unless + **System Default** is selected as the Connection Profile. + - This option is active when the Windows Service radio button in the Applet Launch Mechanism + section is selected +- Strong proxy affinity (only run scans on last proxy to scan host, unless no longer in proxy host + list) + - This is an optional setting when using proxy architecture + - If this checkbox is selected and a host was previously scanned with a given proxy, it will + only be rescanned with that same proxy. If that proxy is unreachable for any reason and no + connection can be made, Enterprise Auditor will not try another proxy on the host list and + will fail to scan that host. However, if that proxy is no longer on the host list, it will + choose another proxy on the list and rescan. + - If unchecked, proxy affinity is still considered, though rather than the scan failing if the + proxy is unreachable, a new proxy will be chosen and will scan the host + - If a host has not yet been scanned by a proxy server, the data collector should choose the + least loaded proxy at that time. After that host has been scanned, it will follow the proxy + affinity mapped out above. +- Maximum concurrent scans [number] – This option dictates a set limit to the number of simultaneous + scans allowed to run on a proxy host regardless of max threads set on the job + - For example, if there are two proxy servers with max concurrent scans set to ten per proxy and + one proxy is offline, the remaining proxy should never exceed the value set in the query + configuration for this option, even if the job is configured with 20 threads +- Strong proxy affinity timeout [number] minute(s) – This option determines the time a host waits, + while the proxy server is busy, before it gets pushed into the job engine queue +- Applet communication timeout: [number] minute(s) – This option determines the length of time (in + minutes) the Enterprise Auditor Console attempts to reach the proxy before giving up. Depending on + the job configuration, the data collector behaves in one of three ways after the timeout value has + been exceeded: + - If a communication timeout is reached and the **Stop scan on applet communication timeout** + option is unchecked, the scan continues running. When the proxy is available again, the data + collector gets the database files on the next scan of that host. It will either bring the + database files back, if the scan has finished, or display the current state of the scan in a + **Running Job** node if it is still running. + - If the communication timeout is reached and the **Stop scan on applet communication timeout** + option is checked, the remote scan is either automatically suspended or canceled. If the + **Restart incomplete scans after (0 always restarts) [number] days** option or the **Rescan + unimported hosts after (0 always rescans) [number] days** option on the Applet Gathering + Settings page are both set to zero or unchecked, the scan cancels. + - If either of these options on the Applet Gathering Settings page are checked with values + higher than zero, the scan is suspended after the communication timeout value has been + exceeded +- Scan cancellation timeout: [number] minute(s) – When checked, this option will timeout the applet + if there is an attempt to pause the scan and the applet does not respond + +![Certificate Exchange Options section of the Applet Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp) + +In the Certificate Exchange Options section, configure the following options: + +- Mechanism – Select one of the following options: + + - Automatic – Certificate exchange is handled automatically by the FSAA Data Collector. This is + the default option. + - Manual – The FSSA Data Collector and applet server expect all certificates to be valid and in + their respective stores beforehand. See the + [FSAA Manual Certificate Configuration](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/manualcertificate.md) + topic for additional information. + + **NOTE:** If the FSAA Data Collector and the applet server are on separate domains without a + trust, this option must be used. + + - Provide Certificate Authority – Enables the **Select** button, which allows you to upload an + existing certificate + +- Port – Select the checkbox to specify the port number for certificate exchange. The Default port + number is 8767. + +See the +[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/certificatemanagement.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/azuretenantmapping.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/azuretenantmapping.md new file mode 100644 index 0000000000..cbecc295b8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/azuretenantmapping.md @@ -0,0 +1,25 @@ +# FSAA: Azure Tenant Mapping + +The Azure Tenant Mapping page is where the target domain or Tenant ID are configured for Azure +Information Protection (AIP) scanning. It is a wizard page for the categories of: + +- File System Access/Permission Auditing Scan +- File System SDD Scan + +Remember, select the **Enable scanning of files protected by Azure Information Protection** checkbox +on the +[FSAA: Scan Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.md) +page to enable this page in the data collector wizard. In order for FSAA to scan files protected by +AIP, ensure that the prerequisites are met and an Azure Connection Profile is successfully created. +See the +[Azure Information Protection Target Requirements](/docs/accessanalyzer/11.6/requirements/target/config/azureinformationprotection.md) +topic for additional information on configuring the File System solution to scan for AIP labels. + +![FSAA Data Collector Wizard Azure Tenant Mapping page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/azuretenantmapping.webp) + +Populate this page with the App ID (created during prerequisites) and a domain name or Tenant ID for +an Azure environment. These values must be associated with each application ID in the Azure +Connection Profile. + +Use the **Add** and **Remove** buttons and manually enter or **Paste** into the textbox the required +information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/bulkimport.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/bulkimport.md new file mode 100644 index 0000000000..69d50ca1bd --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/bulkimport.md @@ -0,0 +1,14 @@ +# FSAA: Bulk Import Settings + +The Bulk Import Settings page is where the bulk import process settings are configured. It is a +wizard page for the categories of: + +- Bulk Import File System Access/Permission Auditing +- Bulk Import File System Activity +- Bulk Import Sensitive Data + +![FSAA Data Collector Wizard Bulk Import Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/bulkimport.webp) + +Select the **Import incomplete scan data** checkbox to enable imports of partial scan data. If the +scan is stopped before successful completion, this option must be checked in order to bulk import +the data from a partially scanned host. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/certificatemanagement.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/certificatemanagement.md new file mode 100644 index 0000000000..8cffaf6704 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/certificatemanagement.md @@ -0,0 +1,62 @@ +# FSAA Applet Certificate Management Overview + +Communication between the FSAA Data Collector and the FSAA Applet is secure by default using HTTPS. +For authentication, at least three certificates are required and need to be stored in the correct +certificate store managed by the FSAA Data Collector. These three certificates are: + +- The certificate authority (stored in the FSAA Certificate Authority Store) +- The server certificate (stored in the FSAA Server Certificate Store) +- The client certificate (stored in the FSAA Client Certificate Store) + +**NOTE:** The FSAA Data Collector and Applet server support certificates in both the user’s +certificate store and the computer’s certificate store. It is recommended to store certificates in +the user's certificate store that is running the FSAA Data Collector or Applet server because +administrative access is required for the computer's certificate store. When certificates are +generated using the Automatic option below, they are stored in the user’s certificate store. + +![Certificate Exchange Options section of the Applet Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp) + +There are three Certificate Exchange Options provided by the FSAA Data collector: + +- Automatic (Default Option) – The creation of a self-signed certificate and certificate exchange + between the FSAA Data Collector and Applet are handled entirely by the FSAA Data Collector and + Applet server + + - The self-signed CA generated will be valid for two years and the FSAA Data Collector and + Applet server will also manage expired certificates and remove certificates that are no longer + valid from the FSAA stores + +- Manual – The FSAA Data Collector will expect all certificates to be valid and in their respective + certificate stores prior to running a scan + + - To create and store certificates, the `FSAACertificateManager.exe` tool can be used. This + application was created to simplify the process of creating certificates and will store the + certificates in the location that the FSAA Data Collector and Applet server expect them to be + stored. See the + [FSAA Manual Certificate Configuration](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/manualcertificate.md) + topic for additional information. + + The `FSAACertificateManager.exe` tool is located in the + `StealthAUDIT\PrivateAssemblies\FILESYSTEMACCESS\Applet` directory. For complete + instructions and examples on how to use the tool, run `FSAACertificateExchangeManager.exe` + with the `-help` command. + + **NOTE:** If the FSAA Data Collector and Applet are on separate domains without a trust, this + option must be used. + +- Provide Certificate Authority – The certificate exchange process is the same as with the Automatic + option. However, instead of creating a self-signed certificate, the FSAA Data Collector uses a + certificate you provide through the FSAA Data Collector Wizard. The provided certificate is stored + in the FSAA Certificate Authority Store. + + **NOTE:** If the provided certificate is not self-signed as the Certificate Authority, the root + certificate and the Certificate Authority’s certificate chain must also be stored in the FSAA + Certificate Authority Store on both the client and server hosts. + + **CAUTION:** The FSAA Applet does not support password-protected certificates. Certificates + generated when the Automatic option is selected have no password. When manually creating a + certificate for use with the FSAA Applet the password parameter should be omitted. + +Additionally, the port used for secure certificate exchange can be configured by selecting the +Specify certificate exchange port checkbox on the Applet Settings page of the FSAA Data Collector +Wizard. The default port is 8767. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions.md new file mode 100644 index 0000000000..2c6a646462 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions.md @@ -0,0 +1,17 @@ +# FSAA: Default Scoping Options + +The Default Scoping Options page is where scan settings, file details, and file properties settings +can be configured for every resource in the targeted environment by the data collector. The settings +assigned on this page are used by all resources involved in the scan. It is a wizard page for the +categories of: + +- File System Access/Permission Auditing Scan +- Sensitive Data Scan + +![FSAA Data Collector Wizard Default Scoping Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.webp) + +See the Scoping Options tab setting topics to target individual resources for the scan: + +- [Scan Settings Tab](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md) +- [File Details Tab](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md) +- [File Properties (Folder Summary) Tab](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md new file mode 100644 index 0000000000..41a54f5bbf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md @@ -0,0 +1,46 @@ +# File Details Tab + +The File Details tab allows configuration of settings for file detail collection. + +![FSAA Data Collector Wizard Default Scoping Options page File Details tab](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp) + +Select the desired settings for additional scoping: + +- Scan file-level details – Turns on file-level scanning and collects a full list of files, file + size, last modified, and last accessed +- Scan file permissions – Turns on file permission scanning and collects a full list of who has + access to which files + +File tag metadata collection + +- Collect tags/keywords from file metadata properties – Enables the collection of file Microsoft + Office metadata tags and stores the tags into the tables when the **Scan file-level details** + checkbox and the **Collect File Metadata Tags** checkbox are selected on the page. It only scans + the files that satisfy the scan filter settings. +- Include offline files – Include offline files in the scan +- Only collect tags/keywords with the following comma-separated values (case-insensitive) – Collects + tags from the files and stores the tags into the tables. Filters results to only collect from + files with extensions matching to the list of file types entered. + - This option is enabled when the **Scan file-level details** and the **Collect tags/keywords + from file metadata properties** checkboxes are selected. + +The FSAA scan collects the tags from the files and stores the information at the folder level, which +provides a count for the number of occurrences of each tag. + +Scan filter settings + +The Scan filter settings options are enabled if the **Scan file-level details** checkbox is +selected. + +- Only files larger than [number] [size unit] – Filters the results to only collect file data on + files larger than the set value. If this option is not set, all file sizes are collected. +- Only files last modified more than [number] [time period] ago – Filters results to only collect + file data on files modified older than the set value +- Only files last modified less than [number] [time period] ago – Filters results to only collect + file data on files modified younger than the set value +- Only files matching one of these comma-separated types (without leading dots) – Filters results to + only collect files with extensions matching to the list of file types entered. If this option is + not set, all file types are collected. + +**CAUTION:** Be careful when configuring these settings. If no filters are applied when file detail +scanning has been enabled, it can result in returning large amounts of data to the database. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md new file mode 100644 index 0000000000..1f3c4c5e7e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md @@ -0,0 +1,28 @@ +# File Properties (Folder Summary) Tab + +The File Properties (Folder Summary) tab is where file property collection settings for the scan is +configured. + +![FSAA Data Collector Wizard Default Scoping Options page File Properties (Folder Summary) tab](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp) + +- Scan for probable owners – Gathers file ownership information to determine the most probable owner + of every resource + - Limit maximum number of probable owners to return per folder [number] – Stops the collection + of probable owners when the number provided is reached +- Scan for File Types – Gathers file type information within the audited folders + - Limit maximum number of file types to return per folder [number] – Stops the collection of + file types when the number provided is reached per folder + - Only return file types with these comma-separated values (without leading dots) – Enter the + file types that will be returned from the scan. Any types not provided are ignored. +- Collect tags/keywords from file metadata properties (this may significantly increase scan times) – + Scans the files and collects metadata tags from Microsoft Office files + - Include offline files – Scans network files that have the offline files feature enabled + - Include AIP Protected Files – Scans for files protected by Azure Information Protection (AIP) + that have protection labels + - This option is only available when the Enable scanning of files protected by Azure + Information Protection checkbox is enabled on the Scan Settings page + - Only collect tags/keywords with these comma-separated values (case-insensitive) – scopes the + scan to only collect tags from the files with the tags specified by comma-separated values + +The FSAA scan collects the tags from the files and stores the information at the folder level, which +provides a count for the number of occurrences of each tag. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md new file mode 100644 index 0000000000..3d143427da --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md @@ -0,0 +1,65 @@ +# Scan Settings Tab + +The Scan Settings tab allows configuration of data collection settings. + +![FSAA Data Collector Wizard Default Scoping Options page Scan Settings tab](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.webp) + +The Scan Settings tab has the following configurable options: + +- Limit returned subfolder depth to: [number] level – Value indicates the depth of the scan + + - Higher numbers increases scan time but return more thorough data + +- Exclude snapshot directories on NetApp server – Excludes folders on NetApp Filers that begin with + ~snapshot +- Exclude system shares – Part of the OS that most users don’t have access to so its hidden by + Microsoft +- Exclude hidden shares – Excludes shares with names ending with $ +- Last Access Time (LAT) preservation – Preserves Data Access timestamp attribute on files that are + scanned for Metadata tags and sensitive data + + - Warn if unable to preserve Last Access Time – Scan throws a warning if the LAT cannot be + preserved. The file is still scanned unless the Skip file if unable to preserve Last Access + Time checkbox is also selected. + - Skip file if unable to preserve Last Access Time – Scan skips the file if the LAT cannot be + preserved + +Selecting the **Last Access Time (LAT) preservation** checkbox enables the **Action on failure to +enable LAT preservation** and **Action on changed LAT after scan** dropdown menus. + +![Action on failure to enable LAT preservation dropdown options](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp) + +- Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to enable + an operating system feature to preserve the LAT when accessing the file. This operation may fail + for a variety of reasons, which include but are not limited to: the operating system or file + system where the file is located does not support LAT preservation, or insufficient permissions + from the service account trying to access the file. The following configuration addresses a + failure to enable the LAT preservation mode: + + - Continue to scan file silently – FSAA scans the file with the possibility that LAT + preservation is not possible. No warning will be shown. + - Continue to scan file with warning – FSAA scans the file with the possibility that LAT will + not be preserved. A warning will be shown for this file. + - Skip file silently – FSAA will not scan the file. No warning will be shown. + - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating the + file was skipped. + - Abort the scan – FSAA will abort the scan. No further files will be processed. + +![Action on changed LAT after scan dropdown options](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp) + +- Action on changed LAT After scan – Before scanning each file, the LAT of the current file is + recorded. After scanning, it is verified whether the LAT has changed since then (likely scenarios + are either that the LAT preservation mechanism failed to function as intended, or that the file + was accessed by someone while the scan was occurring). The following configuration addresses a + changed LAT: + + - Continue scan silently – The scan will move on to the next file while updating the LAT for the + processed file. No warning will be shown. + - Continue scan with warning – The scan will continue on to the next file. LAT will be updated + for the processed file. A warning will be shown. + - Force-reset file LAT silently – The scan will reset the file's LAT to its original state + before processing. No warning will be shown. The scan will proceed to the next file. + - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original state + before processing. A warning will be shown. The scan will proceed to the next file. + - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No + other files will be processed diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/manualcertificate.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/manualcertificate.md new file mode 100644 index 0000000000..d655d056a8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/manualcertificate.md @@ -0,0 +1,181 @@ +# FSAA Manual Certificate Configuration + +To create and store the certificates needed to set up FSAA scans using manual certificate exchange, +use the `FSAACertificateManager.exe` tool. The `FSAACertificateManager.exe` tool is located in the +`StealthAUDIT\PrivateAssemblies\FILESYSTEMACCESS\Applet` directory. All commands in the tool are +case-sensitive. + +Follow the steps to use the tool to create and store the required certificates. + +**NOTE:** In these steps, some commands need to be run on the Enterprise Auditor console and some on +the Proxy host. In the provided example commands: + +- All files that are generated by the Certificate Manager or copied to the Enterprise Auditor + console are placed in the + `%SAInstallDir%\PrivateAssemblies\FILESYSTEMACCESS\Applet\My Certificates` directory. This folder + is created by the tool if it does not already exist. +- When operating on the proxy host, files are placed into the root of the **FSAA** folder + +_Remember,_ all commands in the `FSAACertificateManager.exe` tool are case-sensitive. + +**Step 1 –** Create a Certificate Authority (CA). The CA is a self signed certificate that will be +used to sign the client and server certificates. On the Enterprise Auditor console, run the +following command: + +``` +.\FSAACertificateManager.exe -createCertificate -subjectDN CN=FSAA CA NEAConsole.my.domain.com -purpose CertificateAuthority -friendlyName FSAA_CA -outputPath ".\My Certificates" -name MyFSAACA +``` + +- Replace the Common Name (CN) in this example command (`FSAA CA NEAConsole.my.domain.com`) with a + unique and descriptive name +- The output file is stored at the specified output path `.\My Certificates` + +The following message is returned when the command completes successfully: + +``` +Successfully wrote certificate to .\My Certificates\MyFSAACA.pfx +``` + +**Step 2 –** Create a client certificate using the CA from the previous step. On the Enterprise +Auditor console, run the following command: + +``` +.\FSAACertificateManager.exe -createCertificate -issuer ".\My Certificates\MyFSAACA.pfx" -subjectDN CN=NEAConsole.my.domain.com -purpose ClientAuth -subjectAlternativeNames NEAConsole -friendlyName FSAA_Client_Auth -outputPath ".\My Certificates" -name MyFSAAClientCert +``` + +- Replace the CN (`NEAConsole.my.domain.com`) with the fully qualified domain name (FQDN) of your + Enterprise Auditor console +- Replace the alternate subject name (`NEAConsole`) with the short name for the Enterprise Auditor + console +- The output file is stored at the specified output path `.\My Certificates` + +The following message is returned when the command completes successfully: + +``` +Successfully wrote certificate to .\My Certificates\MyFSAAClientCert.pfx +``` + +**Step 3 –** Store the CA in an FSAA managed certificate store. As the user that runs the Enterprise +Auditor console, run the following command on the Enterprise Auditor console: + +``` +.\FSAACertificateManager.exe -storeCertificate -certificate ".\My Certificates\MyFSAACA.pfx" -store CertificateAuthority -location CurrentUser +``` + +The following message is returned when the command completes successfully: + +``` +Successfully added FSAA_CA to CertificateAuthority +``` + +**Step 4 –** Store the client certificate in an FSAA managed certificates store. As the user that +runs the Enterprise Auditor console, run the following command on the Enterprise Auditor console: + +``` +.\FSAACertificateManager.exe -storeCertificate -certificate ".\My Certificates\MyFSAAClientCert.pfx" -store Client -location CurrentUser +``` + +The following message is returned when the command completes successfully: + +``` +Successfully added FSAA_Client_Auth to Client +``` + +**Step 5 –** Convert the CA from a PFX file to a CER file. On the Enterprise Auditor console, run +the following command: + +**NOTE:** This conversion to a CER file is necessary so that the private key of the CA is not +shared. + +``` +.\FSAACertificateManager.exe -createCER -certificate ".\My Certificates\MyFSAACA.pfx" -outputPath ".\My Certificates" -name MyFSAACA +``` + +The following message is returned when the command completes successfully: + +``` +Successfully wrote CER certificate to .\My Certificates\MyFSAACA.cer +``` + +**Step 6 –** Copy `FSAACertficateManager.exe` and the CA CER file (`.\My Certificates\MyFSAACA.cer`) +to the proxy host that will be running `FSAAAppletServer.exe`. These files must be copied to the +same directory. + +**NOTE:** These copied files will be deleted from the destination directory later in Step 12. + +**Step 7 –** Generate the server certificate signing request and key on the Proxy host. On the proxy +host, run the following command out of the FSAA folder where the `FSAACertificateManager.exe` was +copied to: + +``` +.\FSAACertificateManager.exe -createCertificateSigningRequest -subjectDN CN=proxy01.my.domain.com -subjectAlternativeNames Proxy01 -outputPath . -name Proxy01 +``` + +- Replace the CN (`proxy01.my.domain.com`) with the FQDN of the proxy host +- Replace the alternate subject name (`proxy01`) with the short name for the proxy host +- The generated certificate signing request and key are stored in the same directory as + `FSAACertificateManager.exe` on the proxy host + +The following message is returned when the command completes successfully: + +``` +Successfully wrote certificate signing request to .\Proxy01.csr +Successfully wrote certificate key to .\Proxy01.key +``` + +**Step 8 –** Store the CA on the proxy host in an FSAA managed certificate store. As the user that +runs the proxy scanner (`FSAAAppletServer.exe`), run the following command on the proxy host: + +``` +.\FSAACertificateManager.exe -storeCertificate -certificate .\MyFSAACA.cer -store CertificateAuthority -location CurrentUser +``` + +The following message is returned when the command completes successfully: + +``` +Successfully added FSAA_CA to CertificateAuthority +``` + +**Step 9 –** Complete the server certificate signing request on the Enterprise Auditor console. Copy +the CSR file from the proxy host to the **My Certificates** directory on the Enterprise Auditor +console (where the original CA PFX file is located), then run the following command on the +Enterprise Auditor console: + +``` +.\FSAACertificateManager.exe -completeCertificateSigningRequest -certificateSigningRequest ".\My Certificates\Proxy01.csr" -purpose ServerAuth -issuer ".\My Certificates\MyFSAACA.pfx" -days 365 -outputPath ".\My Certificates" -name Proxy01 +``` + +The following message is returned when the command completes successfully: + +``` +Successfully completed certificate signing request to .\My Certificates\Proxy01.cer +``` + +**Step 10 –** Store the server certificate on the proxy host in an FSAA managed certificate store. +Copy the Proxy CER file back to the proxy host from the Enterprise Auditor console. Then, as the +user that runs the proxy scanner (`FSAAAppletServer.exe`), run the following command on the proxy +host: + +``` +.\FSAACertificateManager.exe -storeCertificate -certificate .\Proxy01.cer -key .\Proxy01.key -friendlyName FSAA_Server_Auth -store Server -location CurrentUser +``` + +The following message is returned when the command completes successfully: + +``` +Successfully added FSAA_Server_Auth to Server +``` + +**Step 11 –** Repeat Steps 6-10 for each proxy host. + +**Step 12 –** Delete all the PFX, CER, and Key files that were generated or copied in the above +steps from the output locations. + +All of the required FSAA certificates have been stored in the FSAA managed certificate stores. The +FSAA queries need to be configured to use the **Manual** certificate exchange option. This option +can be found under Applet Settings in the FSAA Data Collector Wizard. See the +[FSAA: Applet Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md) +topic for additional information. + +For additional information on how to use the `FSAACertificateManager.exe` tool, run the +`.\FSAACertificateManager.exe -help` command. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/overview.md new file mode 100644 index 0000000000..037f5c7090 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/overview.md @@ -0,0 +1,57 @@ +# FileSystemAccess Data Collector + +The FileSystemAccess (FSAA) Data Collector collects permissions, content, and activity, and +sensitive data information for Windows and NAS file systems. The FSAA Data Collector has been +preconfigured within the File System Solution. Both this data collector and the solution are +available with a special Enterprise Auditor license. See the +[File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/overview.md) +topic for additional information. + +Protocols + +- Remote Registry +- WMI + +Ports + +- Ports vary based on the Scan Mode Option selected. See the + [File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) + topic for additional information. + +Permissions + +- Permissions vary based on the Scan Mode Option selected. See the + [File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) + topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. By default, SDD scans are configured to run two concurrent threads. +For example, if the job is configured to scan 8 hosts at a time with two concurrent SDD threads, +then an extra 32 GB of RAM are required (8x2x2=32). + +_Remember,_ if employing either of the File System Proxy Mode as a Service scan mode options, it is +also necessary for the Sensitive Data Discovery Add-on to be installed on the server where the proxy +service is installed. + +## FSAA Query Configuration + +The FSAA Data Collector is configured through the File System Access Auditor Data Collector Wizard. +The wizard contains the following pages, which change based up on the query category selected: + +- [FSAA: Query Selection](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselection.md) +- [FSAA: Applet Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md) +- [FSAA: Scan Server Selection](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scanserverselection.md) +- [FSAA: Scan Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.md) +- [FSAA: Azure Tenant Mapping](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/azuretenantmapping.md) +- [FSAA: Activity Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/activitysettings.md) +- [FSAA: Default Scoping Options](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions.md) +- [FSAA: Scoping Options](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptions.md) +- [FSAA: Scoping Queries](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueries.md) +- [FSAA: Sensitive Data Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/sensitivedatasettings.md) +- [FSAA: SDD Criteria Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/sddcriteria.md) +- [FSAA: Bulk Import Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/bulkimport.md) +- [FSAA: FSAA Update Service Setting](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/updateservicesettings.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselection.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselection.md new file mode 100644 index 0000000000..2317d9a531 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselection.md @@ -0,0 +1,84 @@ +# FSAA: Query Selection + +The FSAA Data Collector Query Selection page contains the following query categories, sub-divided by +auditing focus: + +![FSAA Data Collector Wizard Query Selection page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/queryselection.webp) + +- The File System Access/Permission Auditing options scan hosts for file system information, and + there are two categories to choose from: + - Scan – Scans file systems for permission information, ownership, and content profiling + - Bulk import– Imports access scan data into the SQL database +- The File System Activity options runs user and group activity and inactivity related queries based + on FSAC data, and there are two categories to choose from: + - Scan – Performs file system activity scan for the target host + - Bulk import – Imports File System Activity scan data into the SQL database +- The Sensitive Data options scan hosts for sensitive data, and there are two categories to choose + from: + - Scan – Scans file system content for sensitive information + - Bulk import – Imports SDD scan data into the SQL database +- The DFS options collect Distributed File System information, and there is one category: + + - Scan and import – Collects Distributed File System information + + **NOTE:** Starting with v8.1, DFS Audits are completed with a streaming method and do not + require a bulk import query following the scan query. + +- The Maintenance options perform maintenance for the FSAA Data Collector, and there are three + categories to choose from: + + - Remove scan executables and data – Removes file system access audit scan applet and data from + the remote server + - Upgrade proxy service – Update FSAA binaries for hosts running the File System Proxy Service + + **NOTE:** The Upgrade proxy service category only applies to updating a v8.0+ File System + Proxy installation to a newer version. Manual updating is necessary for v7.x File System + Proxy installations. + + - Remove Host Data – Removes host from all SQL tables created by the FSAA Data Collector and + deletes StrucMap (removes host assigned to job where query exists) + +_Remember,_ the Sensitive Data category options require the Sensitive Data Discovery Add-On to be +installed on the Enterprise Auditor Console before the FSAA Data Collector can collect sensitive +data. + +Once a query scan using the FSAA DC has been executed, the **Maintenance** button is enabled to +allow troubleshooting of scan errors that may have occurred. + +**CAUTION:** Do not use the Maintenance button unless instructed by +[Netwrix Support](https://www.netwrix.com/support.html). It is possible to cause corruption of the +database and loss of data to occur. + +## Maintenance Wizard + +The Maintenance Wizard is opened by clicking the **Maintenance** button on the Query Selection page +of the FSAA Data Collector Wizard. You can use the wizard to reset hosts or repair file system data +errors. + +![Maintenance Wizard Maintenance Selection page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maintenancewizardselection.webp) + +The Maintenance Selection page allows you to select the type of maintenance to be performed: + +- Reset Hosts – Resets the Access GUID column value in the SA_FSAA_Hosts table for the Hosts + selected. Allows data to be bulk imported when there is a GUID mismatch. +- Repair – Resets the MinResourceID and MinTrusteeID column values to 0. Removes duplicate and data + consistency issues, including resources with nonexistent parents. Deletes StrucMap database. + +Select the required option and click **Next**. The subsequent wizard page is determined by the +selection made. + +- If Reset Hosts was selected, the Reset Hosts page displays: + + ![Maintenance Wizard Reset Hosts page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maintenancewizardresethosts.webp) + + Select the desired hosts to reset the SQL data for, and click **Reset Hosts** to perform the + maintenance. + +- If Repair was selected, the Repair Tool page displays: + + ![Maintenance Wizard Repair Tool page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maintenancewizardrepair.webp) + + Select the desired hosts to repair the SQL data for, and click **Run** to perform the + maintenance. + +Click **Finish** to close the wizard when you have completed the required maintenance. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scanserverselection.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scanserverselection.md new file mode 100644 index 0000000000..21e5fb8344 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scanserverselection.md @@ -0,0 +1,59 @@ +# FSAA: Scan Server Selection + +The Scan Server Selection page is where the server that executes the scan is configured. It is a +wizard page for the categories of: + +- File System Access/Permission Auditing Scan +- File System Activity Scan +- Sensitive Data Scan + +![FSAA Data Collector Wizard Scan Server Selection page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scanserverselection.webp) + +Using the radio buttons, select where the execution of the applet will take place: + +- Automatic (Local for NAS device hosts, Remote for Windows hosts) – Applet is deployed to all + targeted Windows servers. Other targeted devices, for example NAS, are scanned locally by the + Enterprise Auditor Console server. + + - The scan identifies Windows servers through the host inventory field OSType + +- Local Server – Assigns all scanning to the Enterprise Auditor Console server +- Specific Remote Server – Assign a specified server for scanning by entering a server name in the + textbox. This option uses proxy architecture and requires the targeted server to have the File + System Proxy deployed. + + - See the + [File System Proxy Service Installation](/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md) + topic for additional information + +- Specific Remote Servers by Host List – Assign hosts from a custom created host list for scanning. + This option uses proxy architecture and requires the targeted servers to have the File System + Proxy deployed + + - See the + [File System Proxy Service Installation](/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md) + topic for additional information + + ![Select Host Lists window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/selecthostlists.webp) + +- Select Host Lists – Opens the Select Host Lists window displaying all the available hosts to + choose from. If more than one list is selected, scanning is distributed across each host. + +**_RECOMMENDED:_** + +It is best practice in global implementations to utilize a specific remote server or proxy scanner +that is located in the same data center as the target hosts. This is particularly beneficial if the +Enterprise Auditor Console server is in a different data center. See the +[Proxy Scanning Architecture](/docs/accessanalyzer/11.6/install/filesystemproxy/overview.md#proxy-scanning-architecture) +topic for additional information. + +In the bottom section, the checkbox options affect the execution of the applet: + +- Fallback to local mode if applet can't start – If the applet cannot be deployed on the target + host, it is deployed locally on the same server as the Enterprise Auditor Console and the scan + collects data across the network +- Run remote applet with normal priority (non-proxy applet server uses background priority by + default) – Select this option to run the applet with normal priority. Running at low-priority + allows other normal priority applications to take precedent over the scan when consuming + processing power and system resources. Running at low priority allows the scan to run with little + or no impact on the applet host. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.md new file mode 100644 index 0000000000..6ddeb58d7e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.md @@ -0,0 +1,140 @@ +# FSAA: Scan Settings + +The Scan Settings page is where additional scan protocols and settings are configured. It is a +wizard page for the categories of: + +- System Access/Permission Auditing Scan +- Sensitive Data + +![FSAA Data Collector Wizard Scan Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.webp) + +In the Scan Protocols section, select the desired checkboxes for including certain types of shared +folders: + +- Scan Windows (SMB/CIFS) shares – Includes types of Windows and NAS shares +- Scan NFS exports (shares) – Includes this type of UNIX and NAS shares + +In the middle section, select the desired checkboxes for additional settings: + +- Enable file system scan streaming – Sends the streamed data directly to the Enterprise Auditor + database. A bulk import query is not required when this option is selected +- Enable scanning of files protected by Azure Information Protection – Adds additional options to + this wizard to scan for protection labels and encrypted files for sensitive data + + - See the + [Azure Information Protection Target Requirements](/docs/accessanalyzer/11.6/requirements/target/config/azureinformationprotection.md) + for additional information. + +- Use SQL query to manually specify shares – For advanced SQL users. This option provides a least + privileged model for enumerating shares. It bypasses share permission requirements and eliminates + the need for the Connection Profile credentials to have local Administrator or Power User + permissions. Click **Configure Query** to open the Manual Shares Query window. See the + [Enable the Use SQL Query to Manually Specify Shares](#enable-the-use-sql-query-to-manually-specify-shares) + topic for additional information. +- NetApp communication security – This option provides the ability to choose levels of encryption + and authentication applied during Access Auditing scans of NetApp devices + + ![NetApp communication security options](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettingsnetapp.webp) + + - HTTPS – Encrypts communication and verifies the targeted server's SSL certificate + - HTTPS, Ignore Certificate Errors – Encrypts communication but ignores certificate errors + + - This option is primarily used for troubleshooting + - Alternative use for this option would be for access scans within a trusted and secured + network + + - HTTP – Applies no encryption or authentication of communication + + The HTTPS options require Enterprise Auditor to have access to the targeted server's SSL + certificate. Enterprise Auditor ships with a file containing trusted certificates from a trusted + Certification Authority (`cacert.pem`). If the organization uses a self-signed certificate, see + the HTTPS Encryption Certificate for FSAA & NetApp Communication topic for information on adding + the organization's certificate. + +The bottom section is only available for the File System Access/Permission Auditing Scan and +Sensitive Data Scan categories and contains the following options: + +- Restart incomplete scans after (0 always restarts) [number] days – Determines when the saved + progress should be discarded and the scan restarted +- Rescan unimported hosts after (0 always rescans) [number] days – Controls when the host is + rescanned even if its data has not been imported yet + + - When this option is enabled, set to a value higher than zero, and results in a host not being + scanned, a warning message is logged + - The Messages table records the + `No need to scan, Tier 2 DB USN > Tier 1 DB USN, needs to bulk import` warning + +## Enable the Use SQL Query to Manually Specify Shares + +If desired, enable this feature and click **Configure Query** to open the Manual Share Query window. + +![Maual Shares Query window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maualsharesquery.webp) + +The SQL query provided by a user should return a list of all shares in the target environment. The +target tables must reside within the Enterprise Auditor database and contain at least the following +columns for all shares in the target environment: + +- Host – Name of host where the share resides matching the Host Master table Name field value + + **_RECOMMENDED:_** Use this column but it is not required. + +- Share – Name of the share +- Folder – Landing folder path of the share on the host +- ShareType – Integer representing the protocol for the type of share: + + - 0 = CIFS share + - 1 = NFS share + +For example, if the share has a path of `\\cec-fs01\Documentation`, then the columns are populated +in this way: + +- Host – `cec-fs01` +- Share – `Documentation` +- Folder – `C:\Documentation` +- ShareType – `0` + +**CAUTION:** If the FSAA Data Collector has identified a share in a previous scan, but that share is +not in a table targeted by this query, then it is marked as a deleted share. + +Enter the SQL query by replacing the sample text in the textbox. The SQL query must target tables +that have the required columns populated with the list of all shares in the target environment. + +_(Optional)_ Enter a host in the Host parameter value (@host) textbox to test the query to retrieve +the data for that host. + +Select **Test Query** to open a preview of the results in the Query Results window. Ensure that the +data being retrieved by the query is expected. + +When this option is selected, the data collector runs against the target table to enumerate shares +in the environment. + +_Remember,_ if a share is not in the target table, the data collector assumes that the share does +not exist and marks it as deleted. + +## HTTPS Encryption Certificate for FSAA & NetApp Communication + +The HTTPS encryption options for the NetApp communication security setting of the global Remote Data +Collection Configuration page in the File System Access Auditor Data Collector Wizard requires a +certificate. If the organization uses a self-signed certificate, it is necessary to add this +certificate to enable HTTPS encryption of Enterprise Auditor communications. + +The certificate (`cacert.pem`) which is shipped with Enterprise Auditor is in the DC folder of the +installation directory. The default location is: + +…\STEALTHbits\StealthAUDIT\DC + +If employing remote applet mode or proxy servers, then the certificate (`cacert.pem`) must exist in +the FSAA folder where the `FSAAAppletServer.exe` process is running (applet/proxy host). Therefore, +it is necessary to also copy it to the FSAA folder on the target hosts andr proxy servers. This is +done at runtime when using remote applet mode, but any updates or custom certificates must be copied +manually. The default location is: + +…\STEALTHbits\StealthAUDIT\FSAA + +**_RECOMMENDED:_** Do not overwrite this certificate. It is fully trusted by Netwrix. Instead, add +an underscore (_) character to the start of the file name. Then copy the organization's self-signed +certificate to this location with the name `cacert.pem`. + +There is another `cacert.perm` file within the Enterprise Auditor installation directory used by the +Notification SSL encryption options. While these files have the same name, they serve different +purposes and are stored in different locations. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptions.md new file mode 100644 index 0000000000..5d5a5003d7 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptions.md @@ -0,0 +1,179 @@ +# FSAA: Scoping Options + +The Scoping Options page is where scan settings, file details, and file properties settings can be +configured for a specified resource in the targeted environment. It is a wizard page for the +following categories: + +- File System Access/Permission Auditing Scan +- Sensitive Data + +![FSAA Data Collector Wizard Scoping Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptions.webp) + +The Scoping Options buttons have the following: + +- Add – Add a resource to be included or excluded in the scan. Opens the Scoping Configuration + window. +- View/Edit – Make changes to a previously added resource. Opens the Scoping Configuration window. +- Remove – Deletes the resource from the table and therefore the scan +- Increase Priority – Sets a lower numerical value to the resource, which sets a higher priority + when conflicting settings occur with one resource +- Decrease Priority – Sets a higher value to the resource, which sets a lower priority when + conflicting settings occur with one resource +- Import – Import scoping options from a `.fsaascope` file. + + - If a conflict arises between an existing configured scoping option and an option that is being + imported, the user will be prompted to resolve the conflict by either keeping the existing + configuration or importing the new one, which will overwrite the scoping option. + +- Export – Take the currently configured scoping options in the job and export it to a `.fsaascope` + file + +By default, priority is assigned in the order it is added to the table. Priority can also be +manually assigned with the Increase Priority and Decrease Priority buttons or in the +[Scoping Configuration Window](#scoping-configuration-window). If there is a conflict between an +inclusion scoping option and an exclusion scoping option with the same priority, the inclusion takes +precedence. + +See the [Common Scoping Scenarios](#common-scoping-scenarios) section for example configurations of +scoping options and the expected results. + +## Scoping Configuration Window + +The Scoping Configuration Window allows a specific share or folder to be included or excluded from +the scan. Only included resources require additional scoping. Remember, these settings override the +default scoping settings for the selected resource. + +![Scoping Configuration Window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingconfigurationwindow.webp) + +Set the Resource Name and Host Name: + +- Resource Name – Specify a local path or individual share to the target folder or the share name +- Host Name – Apply scoping options to a specific target host. If a host name is not supplied, all + hosts targeted by the job have the scoping options applied. + +Both the Resource Name and Host Name textboxes support regular expressions and pattern matching. + +- For wildcards – Use the `?` or `*` as the share or folder name. Example of Wildcard Support: You + have three shares named `Share1`, `Share2`, and `MyShare`. You want to include `Share1` and + `Share2`. You can enter into this field: + + - `share*` + - `share?` + - `Share*` + - `SHARE?` + +- For regular expressions – Use the prefix `RE:` and escape the backslash characters. Example of + Regular Expression: To provide an expression that would include all shares or files that start + with the letter `A`: + + **NOTE:** This option is case sensitive. + + - `RE:\\\\[^\\[+\\A` + +Then set Scoping Type and Priority: + +- Scoping Type – Choose from the dropdown menu the type of resource to scan: + + - Share Include – Provided share name is included in the scan. All scoping options must match or + it is excluded. + - Share Exclude – Provided share is excluded from the scan + - Folder Include – Provided folder name is included in the scan. All scoping options must match + or the scan ignores the resource. + - Folder Exclude – Provided folder is excluded from the scan. All scoping options must match or + it is excluded. + + **NOTE:** Any included files or folders inherit all options previously checked in the + [FSAA: Default Scoping Options](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions.md) + page. Manually apply new options if the default ones are not desired in this scan. + +- Priority – Numerical value that determines which options are used in the case of more than one + scoping option overlaps for a particular resource. Lower numerical values have a higher priority + for this scan. When multiple scoping options are added to a single resource, and there is no + conflict, the scoping options are merged. However, in some instances, the settings conflict. Below + are some known conflicts and their results: + - Conflict between two options for a single resource – Higher priority takes precedence + - Folder scoping option conflicts with a share scoping option – Folder takes precedence + - Conflict between two scoping options with the same priority – Path determines which option is + used. The scoping option with the child takes precedence over the parent. +- Enable Button – Adds the scoping option to the scan criteria + +See the +[Scan Settings Tab](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md), +[File Details Tab](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md), +and +[File Properties (Folder Summary) Tab](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md) +tabs for more detail on these scoping options. + +## Common Scoping Scenarios + +The following examples show some common configurations of scoping options and the expected results. + +Scenario 1 + +Scan for all shares except one. + +![Common Scoping Options example Scenario 1](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp) + +All shares included except for the ProbableOwner share. + +Scenario 2 + +Scan for one share and exclude all others. + +![Common Scoping Options example Scenario 2](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp) + +The ProbableOwner Share is included. All other shares are excluded. Share Inclusion must have a +priority that is greater than or equal to the Share Exclusion. + +Scenario 3 + +Scan all folders except one. + +![Common Scoping Options example Scenario 3](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp) + +All Shares are scanned and all folders are included except for C:\ProbableOwner\DifferentOwner. + +Scenario 4 + +Scan one folder and exclude all others. + +![Common Scoping Options example Scenario 4](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp) + +The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner +Share, Folder path C:\ProbableOwner\DifferentOwner is included. All other folder paths are excluded. + +Scenario 5 + +Scan one folder and all of its children and exclude all others. + +![Common Scoping Options example Scenario 5](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp) + +The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner +Share, Folder path C:\ProbableOwner\DifferentOwner is included along with all of its children +(Notice the \\\* at the end of folder include path). All other folder paths are excluded. + +Scenario 6 + +Scan for all content within a folder except one sub-folder. + +![Common Scoping Options example Scenario 6](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp) + +The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner +Share, Folder path C:\ProbableOwner\DifferentOwner is included along with all of its children +(Notice the \\\* at the end of folder include path). Within the DifferentOwner folder the path +C:\ProbableOwner\DifferentOwner\Test2 is excluded (Notice the higher priority for the exclusion). +All other folder paths are excluded. + +Additional Considerations + +The scoping options listed above can be used to scope for SMB shares and NFS exports but NFS exports +are enumerated differently. The include/exclude logic outlined above should be the same for both, +but when scoping for NFS exports the Resource Name should be the full path to the export. + +For example, in the scenario below, the NFS export named NFS_Export is included. All other exports +are excluded. Within the NFS_Export export, folder path \ifs\NFS_Export\Test_Folder is included. All +other folder paths are excluded. + +![FSAA Scoping Options NFS export example](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp) + +Note the different slash types for exports compared to folders. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueries.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueries.md new file mode 100644 index 0000000000..0556dfcd9e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueries.md @@ -0,0 +1,105 @@ +# FSAA: Scoping Queries + +Use the Scoping Queries page to query the SQL database and return exclude and include resources from +a specified host. This feature bypasses share permission requirements and eliminates the need for +the Connection Profile credentials to have local Administrator or Power User permissions. It is a +wizard page for the following categories: + +- File System Access/Permission Auditing Scan +- Sensitive Data + +![FSAA Data Collector Wizard Scoping Queries page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueries.webp) + +The Scoping Queries buttons have the following functionality: + +- Add – Add a resource to be included or excluded in the scoping query. Opens the Scoping Query + Configuration window. See the + [Scoping Query Configuration Window](#scoping-query-configuration-window) topic for additional + information. +- View / Edit – Make changes to a previously added scoping query. Opens the Scoping Query + Configuration window. See the + [Scoping Query Configuration Window](#scoping-query-configuration-window) topic for additional + information. +- Remove – Deletes the resource from the table and therefore the scan +- Migrate Scan Resource Filters – Migrates configured scan resource filters from the + `FSAAConfig.xml` file and imports them into the FSAA data collector + + - There are two Scan Resource Filters migrated by default: + + - DFS Shares + + - Scoping Query that will query the SQL database and return a list of Distributed File + System (DFS) Shares from the targeted host to include in the Scan + - Requires the 0-FSDFS System Scans, 1-FSAA System Scans, and 2-FSAA Bulk Import jobs to + have been run as a prerequisite + + - DG Open Shares + + - Scoping Query that will query the SQL database and return a list of Open Shares as + identified by the 3-FSAA Exceptions job + - Requires the 1-FSAA System Scans, 2-FSAA Bulk Import, and 3-FSAA Exceptions jobs to + have been run as a prerequisite + +**NOTE:** These two Scan Resource Filters are both Share Include queries by default. To restrict the +scan to only Open Shares or only DFS Shares it is necessary to also configure the Scoping Options on +the previous page of the wizard to exclude all other shares. + +For example, to restrict the scan to only Open Shares and exclude all other shares, the Scoping +Options page should be configured as shown: + +![FSAA Data Collector Wizard Scoping Options page Open shares configuration](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptionsopenshares.webp) + +The Scoping Queries page should be configured as shown: + +![FSAA Data Collector Wizard Scoping Queries page Open shares configuration](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueriesopenshares.webp) + +See the +[FSAA: Scoping Options](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptions.md) +topic for additional information and common scoping scenarios. + +## Scoping Query Configuration Window + +The Scoping Query Configuration window allows you to create a custom Scoping Query to specify shares +and folders to be included in or excluded from the scan. + +![Scoping Query Configuration window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueryconfiguration.webp) + +Configure the following fields: + +- Name – Enter a unique name for the scoping query +- Scoping Type – Choose from the dropdown menu the type of resource to scan +- Configure Query – Select **Configure Query** to open the Advanced Scoping Options Query + Configuration window. See the + [Advanced Scoping Options Query Configuration Window](#advanced-scoping-options-query-configuration-window) topic + for additional information. + +**_RECOMMENDED:_** Provide a descriptive Comment on the Scoping Queries page. + +### Advanced Scoping Options Query Configuration Window + +Clicking **Configure Query** on the Scoping Query Configuration Window brings up the Advanced +Scoping Options Query Configuration window. + +![Advanced Scoping Options Query Configuration window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp) + +Follow the steps to configure a query. + +**Step 1 –** Enter a SQL Query that will return a list of resources to be included in or excluded +from the scan. + +**NOTE:** The target tables must reside within the Enterprise Auditor database and the result must +return at least the following columns: + +- Name +- Priority + +**Step 2 –** (Optional) Enter a host in the Host parameter value (@host) textbox to test the query +to retrieve the data for that host. + +**Step 3 –** Select **Test Query** to open a preview of the results in the Query Results window. +Ensure that the data being retrieved by the query is expected. + +**Step 4 –** Click **OK**. + +When a query configuration is enabled, the data collector runs against the target table to configure +scoping for shares or folders in the environment. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/sddcriteria.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/sddcriteria.md new file mode 100644 index 0000000000..b0ca10a1f5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/sddcriteria.md @@ -0,0 +1,37 @@ +# FSAA: SDD Criteria Settings + +The SDD Criteria Settings page is where criteria to be used for discovering sensitive data during a +scan is configured. It is a wizard page for the category of Sensitive Data Scan. + +This page requires the Sensitive Data Discovery Add-On to be been installed on the Enterprise +Auditor Console to define the criteria and enable the Sensitive Data Criteria Editor. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +![FSAA Data Collector Wizard SDD Criteria Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sddcriteria.webp) + +The options on the SDD Criteria Settings page are: + +- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings + from the **Settings** > **Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md) + topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for +- Select All - Click **Select All** to enable all sensitive data criteria for scanning +- Clear All - Click **Clear All** to remove all selections from the table +- Select the checkboxes next to the sensitive data criteria options to enable them to be scanned for + during job execution + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in the **Settings** > **Sensitive Data** to create and + edit user-defined criteria. See the + [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) + topic for additional information. + +**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System +Criteria and User Criteria nodes are visible in the table. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/sensitivedatasettings.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/sensitivedatasettings.md new file mode 100644 index 0000000000..f3310a66d4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/sensitivedatasettings.md @@ -0,0 +1,57 @@ +# FSAA: Sensitive Data Settings + +The Sensitive Data Settings page is where sensitive data discovery settings are configured. It is a +wizard page for the category of Sensitive Data Scan. + +![FSAA Data Collector Wizard Sensitive Data Settings page](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/sensitivedata.webp) + +- Don’t process files larger than: [number] MB – Limits the files to be scanned for sensitive + content to only files smaller than the specified size +- Include offline files (this may significantly increase scan times) – Includes offline files in the + scan +- Perform Optical Character Recognition for image files – Enables the data collector to scan for + sensitive data within digital images of physical documents + + **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents + directly converted to images, with standard fonts. It will not work for scanning photos of + documents and may not be able to recognize text on images of credit cards, driver's licenses, or + other identity cards. + +- Store discovered sensitive data – Stores discovered sensitive data in the database +- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria + for discovered sensitive data + +Use the radio buttons to select the File types to scan: + +- Scan all file types – Scans everything in a given environment +- Scan custom file types – Select the checkboxes from the list of file and document types that are + included in a sensitive data scan. The table contains the following categories and their + sub-options available: + + - Compressed Archive files + - Documents + - Email + - Image files + - Presentations + - Spreadsheets + - Text/Markup files + +- Perform differential scan of – Enables users to choose whether to employ incremental scanning: + + - Files modified or newly discovered since last scan – Scans newly discovered files and files + with a modified date after the previous scan date + - Files modified since [date] – Only scans files with a modified date after the specified date + - Files modified within the last [number] days – Only scans files with a modified date within + the specified date range + +_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to be +been installed on the Enterprise Auditor Console. + +The Performance Options section allows the user to modulate the efficiency of SDD scans. + +- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn + as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU + threads available. + + **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host + should be 1 to 2 times the number of CPU threads available. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/standardtables.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/standardtables.md new file mode 100644 index 0000000000..d5d44c64a5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/standardtables.md @@ -0,0 +1,176 @@ +# Standard Reference Tables & Views for the FSAA Data Collector + +The FSAA Data Collector gathers essential File System information into standard reference tables. +Unlike most of the other Enterprise Auditor data collectors, the FSAA Data Collector writes data to +these tables regardless of the job executing the query. + +## File System Access Auditing Tables & Views + +The tables and their associated views are grouped by types. + +Structure Tables + +| Tables | Details | +| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| SA_FSAA_Hosts | Contains the name and ID of all File System hosts that have been scanned for permissions | +| SA_FSAA_ImportHistory | Contains historical information about the import process for each host that is imported | +| SA_FSAA_Resources | Contains information about all audited resources, which can be file shares or folders. This provides information on the hierarchy relationship and references to the name and rights applied to that folder. | + +Trustee Tables + +| Tables | Details | +| -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_FSAA_Trustees | Contains information about any domain user, group, or security principal that has been assigned permissions. This table does not contain local users and groups since none of the trustees in this table are specific to any one host. | +| SA_FSAA_LocalTrustees | Contains information about any trustees that do not belong to a domain, primarily local users and local groups | +| SA_FSAA_TrusteeEquivalence | Contains information about Local Group membership. The trustees described can be found in the SA_FSAA_LocalTrustees table. | + +Access Calculation Tables + +| Tables | Details | +| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| SA_FSAA_Rights | Contains information about the actual permissions that have been granted to folders. Each entry summarizes the rights assigned to every trustee that would appear in the DACL of a folder. If a trustee is entered twice in a DACL, then that trustee’s rights will be summarized into a single row in this table. | +| SA_FSAA_Gates | Contains information about all gates, or access points, to shared data. This includes shared folders, administrative shares, and policies. | +| SA_FSAA_GatesProxy | Allows for quick determination of the shares through which a folder can be accessed as well as the child folders that can be accessed from a single share. The combination of ID and GateID is unique by host. | +| SA_FSAA_Policies | Contains information about what trustees are allowed or denied through the policies described in the SA_FSAA_Gates table | +| SA_FSAA_UnixRights | Contains information about permissions as they exist within the targeted Unix environment | + +Calculated Tables + +| Tables | Details | +| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_FSAA_Exceptions | Contains information about security issues and concerns. One out-of-box exception stored inside this table is the Open Shares exception. This exception identifies where resources which are open to Everyone, Authenticated Users, or Domain users are located. | +| SA_FSAA_ExceptionTypes | Identifies how many instances of exceptions exist on the audited hosts. This table will contain a row for each exception type for each host. Exceptions are specific conditions set forth by Enterprise Auditor that are considered to be issues, such as folders with open access. | + +Folder Content Tables + +| Tables | Details | +| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_FSAA_FileAges | Contains information about the age of files within folders by looking at the created timestamp | +| SA_FSAA_FileSizes | Contains information about the size of the files stored within audited folders. This table will tell the total size of every folder and the number of files within it. | +| SA_FSAA_FileTags | Contains file tag information at the folder level | +| SA_FSAA_FileTypes | Contains information about the types of files stored within audited folders by their extensions. This table will tell how many files of particular extension types exist within a folder. | +| SA_FSAA_ProbableOwners | Contains information about the owners of the files stored within audited folders. This table will tell what trustees own the most files and, therefore, may be the owners of the entire folder. | +| SA_FSAA_TagKeys | Contains the unique combination of the tags and ID | +| SA_FSAA_TagProxies | Contains the unique combination of the TagID and TagProxyID | +| SA_FSAA_Tags | Contains file tags and the unique ID | + +System Tables + +| Tables | Details | +| ------------------- | -------------------------------------------------------------- | +| SA_FSAA_ScanHistory | Track the history of the scans for troubleshooting purposes | +| SA_FSAA_SchemaVer | Tracks the schema version of the tables for upgrading purposes | + +Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the +FSAA Data Collector. They contain additional information for building queries easily. The following +is an explanation of the corresponding views created for some of the tables generated by the FSAA +Data Collector: + +Permission Views + +| Views | Details | +| -------------------------------- | ----------------------------------------------------------------------------------------------------------------------- | +| SA_FSAA_PermissionsView | Contains any folder or share permission, regardless of whether they have been made directly to folders or are inherited | +| SA_FSAA_DirectPermissionsView | Contains only permissions which are directly applied to resources | +| SA_FSAA_ExpandedPermissionsView | Contains an expansion of any domain groups that are assigned rights | +| SA_FSAA_InheritedPermissionsView | Contains only the inherited permission values for the folder, share, or audited object | +| SA_FSAA_EffectiveAccessView | Correlates share folder permissions and group membership | +| SA_FSAA_ExceptionsView | Contains how many instances of exceptions exist on the audited hosts | + +Resources Views + +| Views | Details | +| --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_FSAA_ResourcesView | Contains information about file shares or folders | +| SA_FSAA_SharesTraversalView | Contains information about shared folders. It also provides useful information for the locations of these resources, including the local and network paths. Additionally, mount/junction points will show as a normal path traversal, unless the mount/junction point has system and hidden attributes set. | +| SA_FSAA_Paths | Contains information about the full paths to every distinct folder location for which permissions have been scanned and child folders exist | + +Additional Views + +| Views | Details | +| ----------------------------- | --------------------------------------------------------------------------------------------- | +| SA_FSAA_LocalGroupMembersView | Contains information on the local groups present on each host and the members of those groups | + +## File System Activity Auditing Tables & Views + +The tables and their associated views are grouped by types. + +Activity Changes Tables (FSAC) + +| Tables | Details | +| -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_FSAC_ActivityEvents | Contains all of the logged activity events | +| SA_FSAC_DailyActivity | Contains roll-up information of the number of operations that have been performed by a trustee on a file or folder. This information is date-wise. | +| SA_FSAC_Exceptions | Contains information about security issues and concerns | +| SA_FSAC_ExceptionTypes | Identifies how many instances of exceptions exist on the audited hosts | +| SA_FSAC_OwnerChanges | Contains information about ownership changes on folders and files | +| SA_FSAC_PermissionChanges | Contains details around permission changes events for an activity | +| SA_FSAC_ProcessNames | Contains process names by which user have performed activity | +| SA_FSAC_RenameTargets | Contains the target path for rename operations | +| SA_FSAC_UserExceptions | Contains information about user security issues and concerns | +| SA_FSAC_UserExceptionTypes | Identifies how many instances of user exceptions exist on the audited hosts | + +Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the +FSAA Data Collector. They contain additional information for building queries easily. The following +is an explanation of the corresponding views created for some of the tables generated by the FSAA +Data Collector: + +Activity Change Views (FSAC) + +| Views | Details | +| --------------------------------- | ------------------------------------------------------------------------- | +| SA_FSAC_ActivityEventsView | Contains detailed activity event information | +| SA_FSAC_DailyActivityView | Contains the daily rollup statistics for activity events per day | +| SA_FSAC_DailyResourceActivityView | Contains the daily rollup statistics per folder | +| SA_FSAC_DailyUserActivityView | Contains the daily rollup statistics for activity events per user | +| SA_FSAC_ExceptionsView | Contains how many instances of exceptions exist on the audited hosts | +| SA_FSAC_PermissionChangesView | Contains detailed permission changes event information | +| SA_FSAC_UserExceptionsView | Contains how many instances of user exceptions exist on the audited hosts | + +## File System DFS Auditing Tables & Views + +The tables and their associated views are grouped by types. + +FSDFS Tables + +| Tables | Details | +| ------------------- | -------------------------------------------------------------------------------------------------------------- | +| SA_FSDFS_Links | Contains information on links | +| SA_FSDFS_Namespaces | Contains a list of all of the domain and server namespaces with corresponding links to the SA_FSAA_Hosts table | + +Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the +FSAA Data Collector. They contain additional information for building queries easily. The following +is an explanation of the corresponding views created for some of the tables generated by the FSAA +Data Collector: + +FSDFS Views + +| Views | Details | +| -------------------------------- | ------------------------------------- | +| SA_FSDFS_NamespacesTraversalView | Expands all of the scanned namespaces | + +## File System Sensitive Data Discovery Auditing (SEEK) Tables & Views + +The tables and their associated views are grouped by types. + +FSDLP Tables + +| Tables | Details | +| --------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | +| SA_FSDLP_Criteria | Contains the sensitive data criteria which are selected for collection by the scan engine (data collector configuration) | +| SA_FSDLP_ImportHistory | Contains historical information about the import process for each host that is imported | +| SA_FSDLP_Matches | Contains rolled up aggregate counts of the sensitive data criteria matches found during the scan | +| SA_FSDLP_MatchHits | Contains the actual sensitive data discovered within files which matched selected criteria | +| SA_FSDLP_MatchHits_SubjectProfile | Contains the actual sensitive data within files that matched selected criteria for subject profiles | + +Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the +FSAA Data Collector. They contain additional information for building queries easily. The following +is an explanation of the corresponding views created for some of the tables generated by the FSAA +Data Collector: + +FSDLP Views + +| Views | Details | +| ---------------------- | ------------------------------------------------------------------------------------------ | +| SA_FSDLP_MatchesView | Surfaces all relevant data about the files, its location, and the type of criteria found | +| SA_FSDLP_MatchHitsView | Surfaces all actual sensitive data discovered within files which matched selected criteria | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/updateservicesettings.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/updateservicesettings.md new file mode 100644 index 0000000000..e97e42b04b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/updateservicesettings.md @@ -0,0 +1,22 @@ +# FSAA: FSAA Update Service Setting + +The FSAA Update Service Setting page is where the File System Proxy Service can be automatically +updated on hosts where the service has already been installed. It requires the File System Proxy +Service to be v8.0 or later prior to using this feature. It is a wizard page for the category of +Update Proxy Service. + +![FSAA Data Collector Wizard FSAA Update Service Setting page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/updateservice.webp) + +Configure the settings for the targeted File System Proxy Service: + +- Port number – The default port number is 8766 +- Applet communication timeout: [number] minute(s) – This option determines the length of time (in + minutes) the Enterprise Auditor Console attempts to reach the proxy before giving up. Depending on + the job configuration, the data collector behaves in one of three ways after the timeout value has + been exceeded. +- Scan cancellation timeout: [number] minute(s) – When selected, this option will timeout the applet + if there is an attempt to pause the scan and the applet does not respond + +See the +[FSAA: Applet Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/fsaa/workflows.md b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/workflows.md new file mode 100644 index 0000000000..d1caa2351c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/fsaa/workflows.md @@ -0,0 +1,245 @@ +# Additional FSAA Workflows + +The following FSAA Data Collector query categories that provide additional functionality: + +- Remove scan executables and data – Removes file system access audit scan applet and data from + remote server +- Update proxy service – Update FSAA binaries for hosts running the File System Proxy Service + + **NOTE:** Requires the existing File System Proxy Service to be v8.0 or later. + +- Remove host data – Removes host from all SQL tables created by the FSAA Data Collector and deletes + StrucMap (removes host assigned to job where query exists) + +Additional workflows include: + +- Remove Host and Criteria SDD Data – Removes SDD data for a host or a criteria from the SQL tables +- Drop Tables & Views – Drops the standard reference tables and views + +_Remember,_ the FSAA Data Collector always records data in Standard Reference Tables, no matter what +job it is applied to. + +## Remove File System Access Scan Category + +The FSAA Data Collector can be used to clean-up or troubleshoot the applet and proxy scanning +servers. This would need to be done through a new job’s query. Set the host list and Connection +Profile to target the desired applet and proxy servers. + +Follow these steps to build a new query using the FSAA Data Collector with the Remove scan +executables and data category. + +**Step 1 –** Navigate to the **Configure** node of a new or chosen job and select the **Queries** +node. + +**Step 2 –** In the Query Selection view, click the **Create Query** link. The Query Properties +window displays. + +**Step 3 –** Select the **Data Source** tab. From the **Data Collector** drop-down menu, select +**FILESYSTEMACCESS** and then click the **Configure** button. The File System Access Auditor Data +Collector Wizard opens. + +![FSAA Data Collector Wizard Query Selection page with Remove scan executables and data option selected](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp) + +**Step 4 –** On the Query Selection page, select the **Remove scan executables and data** category. + +**Step 5 –** Click **Finish** to save the selection and close the wizard. Then click **OK** to close +the Query Properties window. + +This job has now been configured to run the FSAA Data Collector to remove the file system access +audit scan applet and data from the target server. Run the job to clean-up the targeted hosts. + +## Update Proxy Service Category + +The FSAA Data Collector can be used to upgrade the File System Proxy Service already installed on +proxy servers. The FS_UpdateProxy Job is preconfigured to run with the default settings with the +category of Update proxy service. It is available through the Instant Job Library under the File +System library. + +The Update Proxy Service category option enables users with the ability to update v8.0+ File System +Proxy Service installations to newer versions. When this query is employed, the job compresses the +updated binaries and deploy them to the proxy server. Once the proxy server has no active sessions, +the Netwrix Enterprise Auditor FSAA Proxy Scanner service shuts down and the components are updated. +Finally, the service restarts itself. + +**NOTE:** This option is not for updating v7.x File System Proxy installations. Those must be +manually updated to at least v8.0 on the proxy server before this query can be used to automate the +process. + +Follow the +[Upgrade Proxy Service Procedure](/docs/accessanalyzer/11.6/install/filesystemproxy/upgrade.md) +and use the FS_UpdateProxy Job. + +## Remove Host Category + +The FSAA Data Collector can be used to clean-up the Standard Reference Tables by removing data for +particular hosts. This would need to be done through a new job’s query. The host to be removed is +set as the host list for the new job. The Connection Profile applied should be the same as the one +used for the associated **FileSystem** > **0.Collection** > … **Bulk Import** Job. + +**CAUTION:** Be careful when applying this query task, as it results in the deletion of collected +data. Ensure proper configuration prior to job execution. + +**_RECOMMENDED:_** Manually enter individual hosts into the host list executing this query. + +Follow the steps to build a new query using the FSAA Data Collector with the Remove host data +category. + +**Step 1 –** Navigate to the **Configure** node of a new or chosen job and select the **Queries** +node. + +**Step 2 –** In the Query Selection view, click the **Create Query** link. The Query Properties +window displays. + +**Step 3 –** Select the **Data Source** tab. From the **Data Collector** drop-down menu, select +**FILESYSTEMACCESS** and then click **Configure**. The File System Access Auditor Data Collector +Wizard opens. + +![FSAA Data Collector Wizard Query Selection page with Remove host data option selected](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselectionremovehostdata.webp) + +**Step 4 –** On the Query Selection page, select the **Remove host data** category. + +**Step 5 –** Click **Finish** to save the selection and close the wizard. Then click **OK** to close +the Query Properties window. + +This job has now been configured to run the FSAA Data Collector to remove the host identified in the +job’s **Configure** > **Hosts** node. Run the job to clean-up the targeted hosts. + +_Remember,_ this job deletes data from the Enterprise Auditor database. Use caution and ensure +proper configuration prior to job execution. + +## Remove Host and Criteria SDD Data + +The FS_SDD_DELETE job removes host and criteria sensitive data matches from the Tier 1 database. It +is preconfigured to run analysis tasks with temporary tables that requires modification prior to job +execution. It is available through the Instant Job Library under the File System library. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. + +![FS_SDD_DELETE Job in Job's Tree](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddelete.webp) + +The 0.Collection Job Group must be run before executing the FS_SDD_DELETE Job. + +### Analysis Tasks for the FS_SDD_DELETE Job + +The analysis tasks are deselected by default. View the analysis tasks by navigating to the +**Jobs** > **FS_SDD_DELETE** > **Configure** node and select **Analysis**. + +**CAUTION:** Applying these analysis tasks result in the deletion of collected data. + +![FS_SDD_DELETE Job Analysis Selection page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddeleteanalysistasks.webp) + +- Delete Criteria – Remove all SDD Data for a Specified Criteria +- Delete Host – Remove all SDD Data Related to a Host +- Remove Host & Criteria – Remove all SDD Data for a Specific Host and Criteria Combination + +### Configure the FS_SDD_DELETE Analysis Tasks + +Follow the steps to configure and run the analysis tasks. + +**Step 1 –** Prior to job execution, modify the desired analysis tasks using the +[Customizable Analysis Parameters for FS_SDD_DELETE Job](#customizable-analysis-parameters-for-fs_sdd_delete-job) +instructions. + +**Step 2 –** In the Analysis Selection Pane, check the type of analysis task that will be run. + +**Step 3 –** Right-click the **FS_SDD_DELETE** Job and select **Run Job**. The analysis execution +status is visible from the **Running Instances** node. + +**Step 4 –** When the job has completed, return to the Analysis Selection Pane and deselect all +analysis tasks. + +**CAUTION:** Do not leave these analysis tasks checked in order to avoid accidental data loss. + +All of these tables have been dropped from the SQL Server database and the data is no longer +available. + +### Customizable Analysis Parameters for FS_SDD_DELETE Job + +A customizable parameter enables Enterprise Auditor users to set the sensitive data values that will +be deleted during this job’s analysis. + +| Analysis Task | Customizable Parameter Name | Value Indicates | +| ---------------------- | --------------------------- | --------------------------------------------- | +| Delete Host | #hosts | List of Host Names to be removed | +| Delete Criteria | #Criteria | List of Criteria to be removed | +| Remove Host & Criteria | #Criteria #hosts | List of Criteria and Host Names to be removed | + +The parameters that can be customized are listed in a section at the bottom of the SQL Script +Editor. Follow the steps to customize analysis task parameters. + +**Step 1 –** Navigate to the **FS_SDD_DELETE** > **Configure** node and select **Analysis**. + +**Step 2 –** In the Analysis Selection view, select the desired analysis task and click on +**Analysis Configuration**. The SQL Script Editor opens. + +![ FS_SDD_DELETE Job Analysis Task in SQL Script Editor](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp) + +**Step 3 –** In the Parameters section at the bottom of the editor, select either the **#Criteria** +or **#hosts** row, depending on the analysis task chosen, and then **Edit Table**. The Edit Table +window opens. + +**CAUTION:** Do not change any parameters where the Value states `Created during execution`. + +![SQL Script Editor Edit Table window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp) + +**Step 4 –** Use the **Add New Item** button to enter host names or criteria to the temporary table +list manually, or select the **Browse** button to upload a list of hosts in CSV format. Click **OK** +to save any changes. Other Edit Table buttons include: + +- Edit a Value +- Delete this row/column +- Move up +- Move down + +**Step 5 –** Click Save and Close to finalize the customization and close the SQL Script Editor. + +The job is now ready to be executed. + +## Drop Tables & Views + +If it becomes necessary to clear the FSAA Data Collector tables and views to resolve an issue, the +FS_DropTables Job is preconfigured to run analysis tasks that drop functions and views for the File +System Solution as well as the standard tables and views generated by the FSAA Data Collector. + +It is available through the Instant Job Library under the File System library. Since this job does +not require a host to target, select Local host on the Hosts page of the Instant Job Wizard. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. + +![FS_DropTables Job in Job's Tree](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/droptables.webp) + +The 0.Collection Job Group must be run before executing the FS_DropTables Job. + +### Analysis Tasks for the FS_DropTables Job + +The analysis tasks are deselected by default. View the analysis tasks by navigating to the +**Jobs** > **FS_DropTables** > **Configure** node and select **Analysis**. + +**CAUTION:** Applying these analysis tasks result in the deletion of collected data. + +![FS_DropTables Job Analysis Selection page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/droptablesanalysistasks.webp) + +- 1. Drop FSAA functions – Removes all functions and views from previous runs of the File System + Solution +- 2. Drop FSAC tables – Drops the File System Activity Auditing tables imported from the previous + runs +- 3. Drop FSDLP Tables – Drops the File System Sensitive Data Discovery Auditing tables imported + from the previous runs +- 4. Drop FSDFS Tables – Drops the File System DFS Auditing tables imported from the previous runs +- 5. Drop FSAA Tables – Drops File System Access Auditing tables imported from the previous runs + +Do not try to run these tasks separately, as they are designed to work together. Follow these steps +to run the analysis tasks: + +**Step 1 –** In the Analysis Selection Pane, click **Select All**. All tasks will be checked. + +**Step 2 –** Right-click the **FS_DropTables** Job and select **Run Job**. The analysis execution +status is visible from the **Running Job** node. + +**Step 3 –** When the job has completed, return to the Analysis Selection Pane and click **Select +All** to deselect these analysis tasks. + +**CAUTION:** Do not leave these analysis tasks checked in order to avoid accidental data loss. + +All of these tables have been dropped from the SQL Server database and the data is no longer +available. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/category.md b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/category.md new file mode 100644 index 0000000000..7ebdffd2f2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/category.md @@ -0,0 +1,22 @@ +# GroupPolicy: Category + +On the GroupPolicy Data Collector Category page, select the required query category to be executed. + +![Group Policy Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The available categories are: + +- Group Policy Objects – Retrieves the GPO’s list in the domain and where each is linked +- Policies State – Provides the ability to return information on configured policies and policy + parts from the individual policies which have been selected + + - For example, selecting **Account Policies** > **Policy Password** will result in **Account + Policies** > **Policy Password** being returned for the targeted domains + +- Policies State for all GPOs – Provides the ability to return information on selected policy parts + from all policies within the domain + + - For example, selecting **Account Policies** > **Password Policy** will result in **Password + Policy** being returned for all policies in the targeted domains + +- Local policies – Returns effective security policies in effect at the individual workstation diff --git a/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/options.md b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/options.md new file mode 100644 index 0000000000..6a6db6ac3e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/options.md @@ -0,0 +1,26 @@ +# GroupPolicy: Options + +The Options page is used to configure how to return multi-valued properties and how policy results +are presented. It is a wizard page for all categories. + +![Group Policy Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +The configurable options are: + +- Result Presentation – Select one of the following options. This section is not available for the + Group Policy Objects category. + + - Each part of each policy on a new row + - All parts of each policy on the same row + + **_RECOMMENDED:_** Use the Each part of each policy on a new row for best results + +- Multi-Valued Properties – Select one of the following options: + + - Concatenated – Specify the delimiter to use in the Delimiter box + - First value only + - Each value on a new row + + **_RECOMMENDED:_** Use the Each value on a new row option for best results. + +The available options vary based on the category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/overview.md new file mode 100644 index 0000000000..2640e2a9e9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/overview.md @@ -0,0 +1,50 @@ +# GroupPolicy Data Collector + +The GroupPolicy Data Collector provides the ability to retrieve the GPO’s list in the domain and +where they are linked, return information on configured policies and policy parts from the +individual policies that have been selected, return information on selected policy parts from all +policies within the domain, and return effective security policies in effect at the individual +workstation. + +The GroupPolicy Data Collector is a core component of Enterprise Auditor, but it has been +preconfigured within the Active Directory Solution and the Windows Solution. While the data +collector is available with all Enterprise Auditor license options, the Windows Solution is only +available with a special Enterprise Auditor licenses. See the following topics for additional +information: + +- [Active Directory Solution](/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md) +- [Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) + +Protocols + +- LDAP +- RPC + +Ports + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Domain Administrators group (if targeting domain controllers) +- Member of the Local Administrators group + +## GroupPolicy Query Configuration + +The GroupPolicy Data Collector is configured through the Group Policy Data Collector Wizard. The +available pages change based upon the query category selected. It contains the following wizard +pages: + +- Welcome +- [GroupPolicy: Category](/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/category.md) +- [GroupPolicy: Target](/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/target.md) +- [GroupPolicy: Policies List](/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/policieslist.md) +- [GroupPolicy: Options](/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/options.md) +- [GroupPolicy: Summary](/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/summary.md) + +![Group Policy Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/policieslist.md b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/policieslist.md new file mode 100644 index 0000000000..5ae57a6b5a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/policieslist.md @@ -0,0 +1,21 @@ +# GroupPolicy: Policies List + +The Policies List page is where the policies from the desired GPOs to be queried are selected. It is +a wizard page for the categories of: + +- Policies State +- Policies State for all GPOs +- Local Policies + +![Group Policy Data Collector Wizard Policies List page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/policieslist.webp) + +Select the policies or policy parts to be audited. The category dictates how this selection is +applied across the domain or local host. + +To search parts of a policy, drill into the policy and select the desired policy parts. Click +**Check all** to select all properties, and click **Uncheck all** to deselect all properties. Search +for a policy by entering a policy name in the Search box and clicking **Search**. + +**NOTE:** The policy parts returned may have multiple values. + +At least one policy or policy part must be selected in order to proceed to the next wizard page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/summary.md new file mode 100644 index 0000000000..c97d9f8f96 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/summary.md @@ -0,0 +1,9 @@ +# GroupPolicy: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all categories. + +![Group Policy Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Group Policy Data Collector Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/target.md b/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/target.md similarity index 100% rename from docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/target.md rename to docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/target.md diff --git a/docs/accessanalyzer/11.6/admin/datacollector/inifile/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/inifile/overview.md new file mode 100644 index 0000000000..a9fefc88bc --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/inifile/overview.md @@ -0,0 +1,34 @@ +# INIFile Data Collector + +The INIFile Data Collector provides options to configure a task to collect information about log +entries on target hosts. This data collector is a core component of Enterprise Auditor and is +available with all Enterprise Auditor licenses. + +Protocols + +- RPC + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports +- Optional TCP 445 + +Permissions + +- Member of the Local Administrators group + +## INIFile Query Configuration + +The INIFile Data Collector is configured through the INI File Data Collector Wizard. It contains the +following wizard pages: + +- Welcome +- [INIFile: Target Files](/docs/accessanalyzer/11.6/admin/datacollector/inifile/targetfiles.md) +- [INIFile: Properties](/docs/accessanalyzer/11.6/admin/datacollector/inifile/properties.md) +- [INIFile: Summary](/docs/accessanalyzer/11.6/admin/datacollector/inifile/summary.md) + +![INI File Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/inifile/properties.md b/docs/accessanalyzer/11.6/admin/datacollector/inifile/properties.md new file mode 100644 index 0000000000..282cd2279f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/inifile/properties.md @@ -0,0 +1,24 @@ +# INIFile: Properties + +The Properties page identifies data about the INI file for auditing. + +![INI File Data Collector Wizard Properties page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/properties.webp) + +Use the following options to determine which data to adult: + +- All contents – Collect all contents from the INI file + + **NOTE:** `*` can be used for matching wildcard or single characters. + + - Section name – Collect data matching section name from the INI file + - Key name – Collect data matching key name from the INI file + +- Differences from standard – Select a master control file to compare the current target against + + - Click the ellipses (**…**) to open a file explorer window + - Select an appropriate .INI file + +- Properties – Select a checkbox next to any desired properties. **Select All** or **Clear All** can + also be used. + + If **Differences from standard** is selected, all properties are selected and cannot be altered. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/inifile/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/inifile/summary.md new file mode 100644 index 0000000000..9415b16f1c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/inifile/summary.md @@ -0,0 +1,9 @@ +# INIFile: Summary + +The Summary page is where the selected configuration settings are listed. + +![INI File Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the INIFile Data Collector Wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/inifile/targetfiles.md b/docs/accessanalyzer/11.6/admin/datacollector/inifile/targetfiles.md new file mode 100644 index 0000000000..939d756469 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/inifile/targetfiles.md @@ -0,0 +1,21 @@ +# INIFile: Target Files + +The Target Files page identifies the location and name of the INI file from which to collect +information. + +![INI File Data Collector Wizard Target Files page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/inifile/targetfiles.webp) + +Configure the Target Files options: + +- Fixed path – Path to the INI file. Fixed paths are typically entered using the following format: + `drive:\filepath` +- Registry Lookup – Select this option to obtain a path from a registry key that exists on the + target host in the environment. Click the ellipsis (**…**) to open the Enterprise Auditor Registry + Browser and connect to a host to select a registry key and path to be used for the lookup. + + - Registry Value – This value is automatically populated from the registry key + - Levels – The Levels slider can be used to truncate the path for the key value in the Adjust + Path dialog box + - Current value – Displays the current value for the registry key + +- INI File Name – Name of the INI file diff --git a/docs/accessanalyzer/11.6/admin/datacollector/ldap.md b/docs/accessanalyzer/11.6/admin/datacollector/ldap.md new file mode 100644 index 0000000000..e5de8e7d78 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/ldap.md @@ -0,0 +1,147 @@ +# LDAP Data Collector + +The LDAP Data Collector uses LDAP to query Active Directory returning the specified objects and +attributes. For example, a query can be configured to return all user objects at the selected level. +Another query can be configured to return a master list of all user objects found within the target +domain. Wildcards and LDAP filters can be applied to the query configurations. + +The LDAP Data Collector is a core component of Enterprise Auditor, but it has been preconfigured +within the Active Directory Solution. While the data collector is available with all Enterprise +Auditor license options, the Active Directory Solution is only available with a special Enterprise +Auditor license. See the +[Active Directory Solution](/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md) +topic for additional information. + +Protocols + +- LDAP + +Ports + +- TCP 389 + +Permissions + +- Member of the Domain Administrators group + +## LDAP Query Configuration + +The LDAP Data Collector is configured through the LDAP template form. The LDAP template form has the +following configuration options: + +![LDAP template form](/img/product_docs/accessanalyzer/11.6/admin/datacollector/templateform.webp) + +- Connect to the server – Use the default domain controller entered in the box, or enter an + alternate server +- Naming context – Select a directory partition from the drop-down list: **Default Context**, + **Configuration Context**, or **Schema Context** +- Connect – Connects to the domain specified. The root folder of the domain is displayed in the left + pane of the window. + + **NOTE:** Before clicking **Connect**, the server port must be configured. To configure the + server port, click **Options** to open the Options window and configure the server port as + described in the Options Window section. + +- Options – Opens the Options window to configure connection options and multi-value results + options. See the [Options Window](#options-window) topic for additional information. +- List of attributes – Table in the upper right corner lists attributes for the object selected in + the left pane +- Root path – The Root path textbox is populated with the path to the highlighted attributes to be + collected +- LDAP filter – The LDAP filter textbox shows the filters applied to the objects. Click the ellipses + (**…**) to open the Filter Options window. See the [Filter Options Window](#filter-options-window) + topic for additional information. + +The button bar provides additional options for selecting objects and attributes. See the +[Button Bar](#button-bar) topic for additional information. + +### Options Window + +The Options window contains configure connection options and multi-value results options. Click the +**Options** button located in the upper right corner of the LDAP template form to open it. + +![Options Window](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +- Connect Securely with TL/SSL – Connect using TLS/SSL. If the checkbox is selected, the server port + defaults to `636`. +- Ignore Certificate Errors – Ignores certificate errors during connection when encrypted + communication is enabled +- Server Port + + - If the Connect Securely with TLS/SSL option is selected, use Server Port `686` + - If the Connect Securely with TLS/SSL option is not selected, use Server Port `389` + +- Authentication Type + + - Negotiate – Default authentication type + - Simple + +- TreeView Node Limit – Typically set to 500 +- Multi-valued attributes – Indicates how multi-valued properties are returned + + - Concatenated – All values are listed in one cell using the delimiter specified + + - Delimiter – Symbol used to separate values in the cell + + - First Value Only – Only the first value is listed in the cell + +### Filter Options Window + +The Filter Options window is where to add filters to the query. Click the ellipses (**…**) button +located to the right of the **LDAP filter** box in the LDAP template form to open this window. + +![filteroptions](/img/product_docs/accessanalyzer/11.6/admin/datacollector/filteroptions.webp) + +- Extract all objects (no filter) – No filters applied +- Extract only objects of the following classes – Applies class filter for selected classes + + - Users + - Groups + - Contacts + - Computers + - Printers + - Shared Folders + +- Custom Filter – Applies a custom filter configured in the Custom Filter window. See the + [Custom Filter Window](#custom-filter-window) topic for additional information. + +#### Custom Filter Window + +The Custom Filter window provides options for creating a complex filter. + +![Custom Filter window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/customfilter.webp) + +Select a **Field** and **Condition** from the drop-down lists. Enter a **Value** for the condition. +Click **Add** to add the filter to the Filter Lines table. + +- Filter Lines will be combined with a logical – Select the **AND** or **OR** option. **AND** is + selected by default. +- Edit Raw Filter – Opens the Raw Filter Edit window + + ![Raw Filter Edit window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/rawfilteredit.webp) + + Enter the entire LDAP filter in the textbox. Click **Verify** to confirm the filter, and then + **OK** to add it to the custom filter list. + +- Clear Filter – Deletes the selected filter + +Click **OK** to save the changes and close the Custom Filter window. + +### Button Bar + +The button bar provides several options for configuring the query. + +![buttonbar](/img/product_docs/accessanalyzer/11.6/admin/datacollector/buttonbar.webp) + +| Button | Name | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------- | ------------------------------------------------------------------------- | +| ![Include sublevels button](/img/product_docs/accessanalyzer/11.6/admin/datacollector/sublevels.webp) | Include sublevels | Include sublevel folders of the selected folder. | +| ![Org wildcard button](/img/product_docs/accessanalyzer/11.6/admin/datacollector/orgwildcard.webp) | Org wildcard | Search for the attribute across multiple domains. | +| ![Wildcard the level button](/img/product_docs/accessanalyzer/11.6/admin/datacollector/wildcard.webp) | Wildcard the level | Search everything on the selected level. | +| ![Unwildcard all levels button](/img/product_docs/accessanalyzer/11.6/admin/datacollector/unwildcard.webp) | Unwildcard all levels | Removes the wildcard and returns the search scope to the selected domain. | +| ![Include a HostName Tag button](/img/product_docs/accessanalyzer/11.6/admin/datacollector/includehostname.webp) | Include a HostName Tag | Replaces the OU with a HostName Tag. | +| ![Remove all HostName Tags button](/img/product_docs/accessanalyzer/11.6/admin/datacollector/removehostname.webp) | Remove all HostName Tags | Removes the HostName Tag. | +| ![Add Security Properties for Selected Key button](/img/product_docs/accessanalyzer/11.6/admin/datacollector/addsecurityproperties.webp) | Add Security Properties for Selected Key | Adds the list of security properties. | +| ![Select Highlighted Attributes button](/img/product_docs/accessanalyzer/11.6/admin/datacollector/addattributes.webp) | Select Highlighted Attributes | Adds the highlighted attributes to the list. | +| ![Delete the Highlighted Selected Attributes button](/img/product_docs/accessanalyzer/11.6/admin/datacollector/deleteattributes.webp) | Delete the Highlighted Selected Attributes | Deletes the highlighted attributes from the list. | +| ![Find the Root Path in the Directory Objects button](/img/product_docs/accessanalyzer/11.6/admin/datacollector/rootpath.webp) | Find the Root Path in the Directory Objects | Returns the root path to the selected root. | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nis/category.md b/docs/accessanalyzer/11.6/admin/datacollector/nis/category.md new file mode 100644 index 0000000000..ab57d5fc4f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nis/category.md @@ -0,0 +1,18 @@ +# NIS: Category + +The Category page is used to identify which type of NIS information to retrieve. + +![NIS Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The NIS Data Collector contains two query categories: + +- Scan NIS Users and Groups – Scans a NIS domain for user and group information, map them to + Windows-style SIDS, and import the information into SQL server creating the standard reference + tables. This task is also responsible for maintaining the schema for tables and views. This is the + standard option for this data collector. +- Custom NIS Scan –Scan and parse a specified NIS map and import the information into the SQL Server + database creating tables specific to the job configuration + +The Scan NIS Users and Groups category is the pre-configured setting for the .NIS Inventory job +group. To use the Custom NIS Scan category, create a query in a new job using the NIS Data Collector +and configure the query as desired. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nis/configurejob.md b/docs/accessanalyzer/11.6/admin/datacollector/nis/configurejob.md new file mode 100644 index 0000000000..8c9806b067 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nis/configurejob.md @@ -0,0 +1,53 @@ +# Unix Connection Profile & Host List + +The NIS Data Collector requires a custom Connection Profile and host list be created and assigned to +the job or job group conducting the data collection. The host inventory option during host list +creation makes it necessary to configure the Connection Profile first. + +## Connection Profile + +Creating the Connection Profile requires having an account with access to the targeted NIS server. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Unix Account +- User name – Enter user name +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Password/Confirm + + - If not using a private key, enter the **Password** and re-type in the **Confirm** field + - If using a private key, then the password is not needed. Provide the private key information + in the **Use the following private key when connecting** field. + +- Use the following port/ports(CSV) for SSH + + - The SSH port needs to be opened in software and hardware firewalls + - If desired, select this option and provide the port value + +- Use the following private key when connecting + + - This option uses the authentication method of an SSH Private Key + - Supported Key types: + + - Open SSH + - PuTTY Private Key + + - If desired, select this option and provide the key value + +Once the Connection Profile is created, it is time to create the custom host list. See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +## Custom Host List + +The custom host list only needs to include a single NIS server in the targeted NIS domain. Follow +the steps in the +[Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) +topic for instructions on how to create a custom static host list. + +See the +[Recommended Configuration for the .NIS Inventory Solution](/docs/accessanalyzer/11.6/solutions/nisinventory/recommended.md) +topic for information on where to assign the Connection Profile and host list. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nis/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/nis/overview.md new file mode 100644 index 0000000000..c2b4b5baa1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nis/overview.md @@ -0,0 +1,39 @@ +# NIS Data Collector + +The NIS Data Collector inventories a NIS domain for user and group information, mapping to +Windows-style SIDs. This data collector is a core component of Enterprise Auditor and has been +preconfigured within the .NIS Inventory Solution. Both this data collector and the solution are +available with all Enterprise Auditor license options. See the +[.NIS Inventory Solution](/docs/accessanalyzer/11.6/solutions/nisinventory/overview.md) +topic for additional information. + +Protocols + +- NIS + +Ports + +- TCP 111 or UDP 111 +- Randomly allocated high TCP ports + +Permissions + +- No special permissions are needed aside from access to a NIS server + +## NIS Query Configuration + +The NIS Data Collector is configured through the NIS Data Collector Wizard, which contains the +following wizard pages: + +- Welcome +- [NIS: Category](/docs/accessanalyzer/11.6/admin/datacollector/nis/category.md) +- [NIS: NIS Settings](/docs/accessanalyzer/11.6/admin/datacollector/nis/settings.md) +- [NIS: SID Mappings](/docs/accessanalyzer/11.6/admin/datacollector/nis/sidmappings.md) +- [NIS: NIS Query](/docs/accessanalyzer/11.6/admin/datacollector/nis/query.md) +- [NIS: Results](/docs/accessanalyzer/11.6/admin/datacollector/nis/results.md) +- [NIS: Summary](/docs/accessanalyzer/11.6/admin/datacollector/nis/summary.md) + +![NIS Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nis/query.md b/docs/accessanalyzer/11.6/admin/datacollector/nis/query.md new file mode 100644 index 0000000000..1fa6e579af --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nis/query.md @@ -0,0 +1,26 @@ +# NIS: NIS Query + +The NIS Query page is where the NIS query regular expressions are configured and tested. It is a +wizard page for the category of: + +- Custom NIS Scan + +![NIS Data Collector Wizard NIS Query page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/query.webp) + +The Data Source configuration options are: + +- NIS Map – Specify the name of the NIS map to query +- Load Data – Fetches the first 50 rows of data of the specified NIS map from the test host +- Paste Data – Uses text from the clipboard as the test data source +- Open File – Allows using a text file as test data. The test data is shown in the preview box. + +The Query Expressions configuration options are: + +- Per-Row Query – A regular expression that is evaluated once per source row, and the + sub-expressions returned make up the first columns of the result rows +- Per-Value Query – This value is evaluated multiple times per source row, generating one result row + for each evaluation +- Use map key as first column of results – When selected, this option sets the map key as the first + column in the data table +- Insert row when there is no per-value match – When selected, this option generates a blank row for + evaluations that return no per-value match diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nis/results.md b/docs/accessanalyzer/11.6/admin/datacollector/nis/results.md new file mode 100644 index 0000000000..dc09a984a0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nis/results.md @@ -0,0 +1,14 @@ +# NIS: Results + +The Results page is where properties from Unix to be gathered are selected. It is a wizard page for +both categories. + +![NIS Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Available properties have checkboxes that can be selected individually, or you can use the **Select +All**, **Clear All**, and **Reset to defaults** buttons. All selected properties are gathered. +Available properties vary based on the category selected. + +This information is not available within the standard reference tables and views. Instead, this +information can be viewed in the `SA_[Job Name]_DEFAULT` table, which is created when any of these +properties are selected. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/settings.md b/docs/accessanalyzer/11.6/admin/datacollector/nis/settings.md similarity index 100% rename from docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/settings.md rename to docs/accessanalyzer/11.6/admin/datacollector/nis/settings.md diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nis/sidmappings.md b/docs/accessanalyzer/11.6/admin/datacollector/nis/sidmappings.md new file mode 100644 index 0000000000..ce51e83f1e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nis/sidmappings.md @@ -0,0 +1,12 @@ +# NIS: SID Mappings + +The SID Mappings page is where the Windows-style SID mappings for the Unix User ID and Group ID are +specified. It is a wizard page for the category of: + +- Scan NIS User and Groups + +![NIS Data Collector Wizard SID Mappings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/sidmappings.webp) + +The default settings work for most environments. Use this page to **Add**, **Edit**, or **Remove** +ID Mappings. Multiple entries are allowed. For each range of User ID or Group ID entered, the offset +is added to the ID and the resulting SID is the format with `%d` replaced by the ID. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/standardtables.md b/docs/accessanalyzer/11.6/admin/datacollector/nis/standardtables.md similarity index 100% rename from docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/standardtables.md rename to docs/accessanalyzer/11.6/admin/datacollector/nis/standardtables.md diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nis/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/nis/summary.md new file mode 100644 index 0000000000..64c9c6e7bf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nis/summary.md @@ -0,0 +1,10 @@ +# NIS: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for both +categories. + +![NIS Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the NIS Data Collector Wizard to ensure that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nosql/category.md b/docs/accessanalyzer/11.6/admin/datacollector/nosql/category.md new file mode 100644 index 0000000000..09c7b45dce --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nosql/category.md @@ -0,0 +1,35 @@ +# NoSQL: Category + +The Category page in the NoSQL Data Collector Wizard lists the following query categories, +sub-divided by auditing focus: + +![NoSQL Data Collector Wizard Category Page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The query categories are: + +- Sensitive Data + + - Sensitive Data Collection – Scan databases for sensitive data + + - The Sensitive Data category options require the Sensitive Data Discovery Add-on to be + installed on the Enterprise Auditor Console before the NoSQL Data Collector can collect + sensitive data. See the + [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) + topic for additional information. + +- MongoDB + + - Utilities + + - Remove Storage Tables — Removes the tables created for the MongoDB Data Collector + + - Database Sizing + + - Database Sizing — Determines MongoDB database size + +- NoSQL + + - NoSQL Utilities + + - Remove NoSQL Storage Tables — All connection related and filter data will be removed for + NoSQL databases diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nosql/configurejob.md b/docs/accessanalyzer/11.6/admin/datacollector/nosql/configurejob.md new file mode 100644 index 0000000000..600efed59c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nosql/configurejob.md @@ -0,0 +1,64 @@ +# NoSQL Custom Connection Profile & Host List + +The NoSQL Data Collector requires a custom connection profile and host list. + +## Connection Profile + +The credential used for MongoDB Server auditing can be either an Active Directory account or a SQL +account. Create a Connection Profile and set the following information on the User Credentials +window. + +Active Directory + +For an Active Directory account, set the following on the User Credentials window: + +- Select Account Type – Active Directory Account +- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain + name in the textbox or select a domain from the menu. +- User name – Type the user name +- Password Storage – Choose the option for credential password storage: + + - Application – Uses the configured Profile Security setting as selected at the **Settings** > + **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information. + - CyberArk – Uses the CyberArk Enterprise Password Vault. See the + [CyberArk Integration](/docs/accessanalyzer/11.6/admin/settings/connection/cyberarkintegration.md) + topic for additional information. The password fields do not apply for CyberArk password + storage. + +- Password – Type the password +- Confirm – Re-type the password + +SQL + +For a SQL account, set the following on the User Credentials window: + +- Select Account Type – SQL Authentication +- User name – Enter user name +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Password – Type the password +- Confirm – Re-type the password + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +and +[Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) +topics for additional information. + +## Host List + +Jobs using the NoSQL Data Collector must create a host list with the servers containing the target +databases. Setup the list of MongoDB hosts that needs to be monitored. Be sure to use a specific +host name (if forcing the connection to a secondary host) or just the cluster name if connecting to +the cluster. See the +[Host Management](/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md) +topic for additional information. + +Additionally, the database clusters / instances must be added to the Filter page in the query +configuration. See the +[NoSQL: Filter](/docs/accessanalyzer/11.6/admin/datacollector/nosql/filter.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nosql/criteria.md b/docs/accessanalyzer/11.6/admin/datacollector/nosql/criteria.md new file mode 100644 index 0000000000..01c667308a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nosql/criteria.md @@ -0,0 +1,42 @@ +# NoSQL: Criteria + +The Criteria page is where the criteria to be used for discovering sensitive data is configured. It +is a wizard page for the category of Sensitive Data Collection. + +This page requires the Sensitive Data Discovery Add-On to be installed on the Enterprise Auditor +Console to define the criteria and enable the Criteria Editor. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +![NoSQL Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +The options on the Criteria page are: + +- Use Global Criteria Selection – Select this option to inherit sensitive data criteria settings + from the **Settings** > **Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md) + topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for + + - Select All – Click **Select All** to enable all sensitive data criteria for scanning + - Clear All – Click **Clear All** to remove all selections from the table + - Select the checkboxes next to the sensitive data criteria options to enable it to be scanned + for during job execution + +The table contains the following types of criteria: + +**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System +Criteria and User Criteria nodes are visible in the table. + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit + user-defined criteria. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. + +**NOTE:** Adding unnecessary criteria can adversely impact the scanner performance and can cause the +scanning job to take a long time. If performance is adversely affected, revisit the sensitive data +scanning criteria and remove criteria that is not required. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nosql/filter.md b/docs/accessanalyzer/11.6/admin/datacollector/nosql/filter.md new file mode 100644 index 0000000000..dd25ee1ade --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nosql/filter.md @@ -0,0 +1,101 @@ +# NoSQL: Filter + +The Filter page is where the query can be scoped to target specific databases or instances. It is a +wizard page for the Sensitive Data Collection category. + +It is necessary to populate the available Mongo databases/instances before the query can be scoped. +See the [Manage Connections Window](#manage-connections-window) topic for additional information. + +![NoSQL Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.webp) + +The Filter page has the following buttons: + +- Connections — Opens the Manage Connections window to add or modify database instances. See the + [Manage Connections Window](#manage-connections-window) topic for additional information. +- Retrieve — Click to populate the Server pane with the database instances added in the Manage + Connections window +- Validate Selections — Validate the include /exclude filters shown in the Selections pane +- Find — Select an item in the Servers list and click find to search for any objects that match the + search string +- Save — Click to save the selected filters +- Orientation — Alternate between a vertical and horizontal split + +The configurable filter options are: + +- Servers — Displays known databases and instances for query scoping. Click **Retrieve** to + populate. Right click to open context menu: + + - Exclude — Excludes selected databases/instances and displays them in red + - Include — Reverts an exclusion. By default, all sub tables are included. + - Build Pattern — Opens the Build Pattern dialogue to build a custom filter to be applied to the + selected database objects. See the [Build or Edit Pattern](#build-or-edit-pattern) topic for + additional information. + +- Selections — Displays selected database objects for which the query has been scoped. Right click + to open context menu: + + - Remove Pattern — Selected database/instance will be removed from the query + - Edit Pattern — Opens the Edit Pattern dialogue with the following options (See the + [Build or Edit Pattern](#build-or-edit-pattern) topic for additional information): + + - Exclude — Excludes selected databases/instances and displays them in red + - Include — Reverts an exclusion. By default, all sub tables are included. + - Pattern — Build a custom filter to be applied to the selected database objects + +## Manage Connections Window + +The Manage Connections window enables users to add MongoDB database instances to search for +sensitive data. Click **Connections** to open the window. + +![Manage Connections window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/manageconnections.webp) + +The Manage Connections table lists the previously added database instances and their attributes. + +Select a row in the table to edit that instance, or create a new instance to add to the table. For +additional information on how to connect to a MongoDB database, see the MongoDB +[Get Connection String](https://docs.mongodb.com/guides/server/drivers/) article. + +- Is Active — Select the checkbox to include the database on the Servers Pane on the Filter page +- Server Label — The name of the server +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the database. The default port is 27017. If a non-default port is + being used, it should be specified in the Port Number section. +- Auth Database — The database used for authorization. Typically it is the **admin** database. +- Read Preference — Read preference describes how MongoDB clients route read operations to the + members of a replica set by default, an application directs its read operations to the primary + member in a replica set (that is, read preference mode **primary**). Howevert, clients can specify + a read preference to send read operations to secondaries. Click the link for additional + information. +- Mongo SRV — Specifies that the information entered is for clusters or shards + +In the Manage Connections table, the following information is also listed: + +- Was Inspected — Indicates whether information for a connection was validated. **Y** indicates the + information has been validated. **N** indicates the information has not been validated. +- Last Inspected — Indicates the date and time of when the connection information was last + inspected. If blank, the connection information has not yet been validated. +- Enable Impersonation – Impersonation does not apply to MongoDB and this column will be blank. + +The Manage Connections window has the following buttons: + +- Test Connection — Click to verify the connection to the database with the connection profile + applied to the job group +- Edit Connection — Click to edit information for the selected connection +- Delete Connection — Click to delete the selected connection +- Create New — Click to create a new connection + +#### Build or Edit Pattern + +The Build / Edit Pattern window enables users to apply a custom scoping filter to the query. + +![Edit Existing Pattern window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/editpattern.webp) + +The Build / Edit Pattern window has the following features: + +- Selected Location — The location within the database / collection +- Exclude — Excludes selected database / instances and displays them in red +- Include — Reverts an exclusion. By default, all sub tables are included. +- Pattern — Build a custom filter to be applied to the selected database objects + + **NOTE:** Color-coding indicating Excluded and Included objects does not display until after a + selection is validated using the **Validate Selections** button on the Filter page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nosql/options.md b/docs/accessanalyzer/11.6/admin/datacollector/nosql/options.md new file mode 100644 index 0000000000..822e1fe88b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nosql/options.md @@ -0,0 +1,49 @@ +# NoSQL: Options + +Use the Sensitive Data Scan Settings (Options) page to configure additional settings for the +sensitive data scan. It is a wizard page for the Sensitive Data Collection category. + +![NoSQL Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +The sensitive data scan settings are: + +Scan Options + +- Data Settings: + + - Scan all documents for sensitive data — Scan all the documents in a collection in the targeted + database or cluster + - Limit of documents to scan — Scan limited number of documents in each database or cluster. + This option is ideal when discovering sensitive data and has minimal impact on the MongoDB + cluster performance. However, if the Subject Profile Request feature is being leveraged, then + all the documents in all the database or cluster need to be scanned. + - Scan documents randomly — Enterprise Auditor requests a set of documents from each database + when scanning for sensitive data. The database engine does not return random data from a + collection. Instead, Enterprise Auditor returns sequential documents in a collection. In order + to ensure a statistical discrete uniform distribution of data being scanned, this option can + be selected. When selected, the Enterprise Auditor sensitive data scanner requests randomized + documents from each collection in all the targeted databases. + +- Scan database names for sensitive data – Scans database names for sensitive data if the database + names are included as part of the keyword list in the scanning criteria +- Scan collection names for sensitive data – Scans collection names within the database for + sensitive data if the collection names are included as part of the keyword list in the scanning + criteria + +DLP Options + +- Store discovered sensitive data – Stores potentially sensitive data in the Enterprise Auditor + database. Any sampled sensitive data discovered based on the matched criteria is stored in the + Enterprise Auditor database. This functionality can be disabled by clearing this checkbox. + + **NOTE:** The **Store discovered sensitive data** option is required to view Content Audit + reports in the Access Information Center for MongoDB data. + + **CAUTION:** Changing scan options, criteria, or filters when resuming a scan may prevent the + scan from resuming properly. + +- Resume scan from last point on error — Resumes scan from where the previous scan left off when the + scan was stopped as a result of an error + +_Remember,_ the Sensitive Data Discovery Add-on is required to use the sensitive data collection +option. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nosql/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/nosql/overview.md new file mode 100644 index 0000000000..946295864b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nosql/overview.md @@ -0,0 +1,54 @@ +# NoSQL Data Collector + +The NoSQL Data Collector for MongoDB provides information on MongoDB Cluster configuration, limited +user permissions, scans collections for sensitive data, and identifies who has access to sensitive +data. It also supports the execution of custom queries against all targeted MongoDB cluster nodes. + +The NoSQL Data Collector has been preconfigured within the MongoDB Solution. Both this data +collector and the solution are available with a special Enterprise Auditor license. See the +[MongoDB Solution](/docs/accessanalyzer/11.6/solutions/databases/mongodb/overview.md) +topic for additional information. + +Protocols + +- TCP/IP + +Ports + +- MongoDB Cluster +- Default port is 27017 (A custom port can be configured) + +Permissions + +- Read Only access to ALL databases in the MongoDB Cluster including: + + - Admin databases + - Config databases + - Local databases + +- Read Only access to any user databases is required for sensitive data discovery +- Read access to NOSQL instance +- Read access to MongoDB instance +- Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target + NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard + page + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +## NoSQL Query Configuration + +The NoSQL Data Collector is configured through the NoSQL Data Collector Wizard. The wizard contains +the following pages, which change based upon the query category selected: + +- [NoSQL: Category](/docs/accessanalyzer/11.6/admin/datacollector/nosql/category.md) +- [NoSQL: Options](/docs/accessanalyzer/11.6/admin/datacollector/nosql/options.md) +- [NoSQL: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/nosql/criteria.md) +- [NoSQL: Filter](/docs/accessanalyzer/11.6/admin/datacollector/nosql/filter.md) +- [NoSQL: Results](/docs/accessanalyzer/11.6/admin/datacollector/nosql/results.md) +- [NoSQL: Summary](/docs/accessanalyzer/11.6/admin/datacollector/nosql/summary.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nosql/results.md b/docs/accessanalyzer/11.6/admin/datacollector/nosql/results.md new file mode 100644 index 0000000000..b7a8a94578 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nosql/results.md @@ -0,0 +1,10 @@ +# NoSQL: Results + +The Results page is where the properties that will be gathered are selected. It is a wizard page for +all of the categories. + +![NoSQL Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually, or the **Select All**, **Clear All**, and **Reset to +Defaults** buttons can be used. All selected properties are gathered. Available properties vary +based on the category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/nosql/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/nosql/summary.md new file mode 100644 index 0000000000..af8ee55ced --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/nosql/summary.md @@ -0,0 +1,10 @@ +# NoSQL: Summary + +The Summary page is where the configuration settings are summarized. It is a wizard page for all of +the categories. + +![NoSQL Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the NoSQL Data Collector Wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/overview.md new file mode 100644 index 0000000000..7942e7f1ca --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/overview.md @@ -0,0 +1,149 @@ +# Data Collectors + +This topic covers the configuration wizards that are unique to each data collector. See the +[Jobs Tree](/docs/accessanalyzer/11.6/admin/jobs/overview.md) topic +for additional information on job configuration. + +## Query Selection + +The Enterprise Auditor data collectors can collect information from a wide range of environments. +Data collection tasks are assigned to jobs at the **Configure** > **Queries** node level. See the +[Queries Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/queries.md) +topic for additional information. + +![Query Selection page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/queryselection.webp) + +The Query Selection page is split into the Tables and Queries sections. The Tables section has the +following options: + +- Table – Select a pre-configured table or select DEFAULT to create a new one +- Add Table – Add a new table to the Table dropdown list +- Rename Table – Rename the current table selected +- Delete Table – Delete the current table selected + +The Queries section is where the Data Collectors are configured. The Queries section has the +following options: + +- Add from Library – Opens the Libraries window. Add a pre-built query from the Enterprise Auditor + library. See the [Add Query from Library](#add-query-from-library) topic for additional + information. +- Create Query – Click **Create Query** to add a new query task to a job. See the + [Create or Modify a Query](#create-or-modify-a-query) topic for additional information. +- Delete Query – Delete the currently selected query +- Query Properties – Select an existing query and click **Query Properties** to modify its + configuration + +### Add Query from Library + +Pre-built queries can be added to the Data Collector job through the Libraries window. + +![Libraries window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/addqueryfromlibrary.webp) + +The Libraries window toolbar has the following options: + +- Create New Library – Create a new library entry. The new Library will be added to the Library + dropdown menu. +- Delete Library – Deletes the currently selected library +- Cut – Cut the selected task in the library to the clipboard +- Copy – Copy the selected task in the library to the clipboard +- Paste – Paste cut or copied item from the clipboard into the currently selected library +- Delete Selected Task – Deletes the currently selected task + +Click **Add** to confirm the query selection and add it to the Queries list on the Query Selection +page. If no selection is needed or intended, click **Cancel** to close the Libraries window without +adding a pre-built query into the Queries list. + +### Create or Modify a Query + +To open the Query Properties window, click **Create Query** for a new query or **Query Properties** +for an existing query. There are three tabs in the Query Properties window where queries can be +configured. These tabs are:. + +- [General Tab](#general-tab) +- [Data Source Tab](#data-source-tab) +- [Filters Tab](#filters-tab) + +To access the XML Text version of the Query Properties window, click **View XML**. This applies to +all three tabs listed. + +#### General Tab + +Use the General tab to modify the name or description of the query. + +![General tab of the Query Properties window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesgeneral.webp) + +The General tab displays: + +- Name – Name of the query supplied by the creator of the query +- Description – Description of the query supplied by the creator of the query +- Table – Name of the native data table for this query + - The table name is supplied by the creator in the Query Selection view + - Tables are named DEFAULT, unless modified + - Within the SQL database, the table name will be prefaced with `SA_[Job Name]_` +- ID – Query GUID generated by Enterprise Auditor for this query task. + + - The query GUID is referenced by the **SMARTLog** Data Collector, **ExchangeMetrics** Data + Collector, and the **PowerShell** Data Collector. + - When using the **SMARTLog** Data Collector or the **ExchangeMetrics** Data Collector, the + `state` file for the query’s Persist log state feature can be found in the SA_CommonData + folder in the Enterprise Auditor installation directory: + + …/STEALTHbits/StealthAUDIT/Jobs/SA_CommonData/[Data Collector]/[Query GUID]/[Target + Host]/state + +When creating a new query, provide a unique, descriptive **Name** and **Description**. This +information displays in the table on the Query Selection view. See the +[Queries Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/queries.md) +topic for additional information. + +#### Data Source Tab + +Use the Data Source tab to configure the data collector and query. + +| ![Data Source tab of Query Properties for new Query](/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatasourcenew.webp) | ![Data Source tab of Query Properties for existing Query](/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatasourceexisting.webp) | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| New Query | Existing Query | + +The Data Source tab displays: + +- Data Collector – Data collector selected from the drop-down menu. +- Query – Query configuration string. +- Configure – Opens the wizard for the selected data collector. Each Data Collector task has its own + Configuration Wizard. +- Properties – Configured query properties. + +When creating a new query, expand the **Data Collector** drop-down menu, which provides a list of +all licensed data collectors in alphabetical order. The **Query** and **Property** sections are +auto-filled according to the configuration. The buttons at the bottom of the Property section are +for advanced features to manipulate the query. The **+** and **–** buttons manually add or remove +individual properties from the query. The script button opens the VBScript Editor window for query +manipulation scripts. + +**_RECOMMENDED:_** Use the Data Collector Configuration wizards for basic query modifications. For +more complex modifications, contact [Netwrix Support](https://www.netwrix.com/support.html). + +See the individual data collector section for configuration wizard page information. + +#### Filters Tab + +Use the Filters tab to include filters into the data collection process. + +| ![Filters tab of Query Properties window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatafilters.webp) | ![Filters tab of Query Properties window with a new filter](/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatafilterswithfilter.webp) | +| ---------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| No FIlter | With FIlter | + +The Filter tab has the following items: + +- Filter – Sort through a list of filters that are applied to the current query + - Use the **+** and **–** buttons to add and remove filters from the query +- Key – Labels identifying the configurable value in the filter +- Value – When applicable, add a new value to the filter using the dropdown menu. Otherwise, create + a new one by typing in the desired value. + +**_RECOMMENDED:_** Use the default settings for filters. Filters can be used to substitute or delete +data values during data collection. For more information on the impacts of adding filters to +queries, contact [Netwrix Support](https://www.netwrix.com/support.html). + +Click **OK** to save changes and exist the Query Properties window. If no changes were made or +intended, it is best practice to click **Cancel** to exit the Query Properties window to ensure +unintended changes are not saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/category.md b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/category.md new file mode 100644 index 0000000000..096d2dc146 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/category.md @@ -0,0 +1,14 @@ +# PasswordSecurity: Category + +This Category page in the Password Security Data Collection Wizard identifies the kind of password +information retrieved during a scan of the Active Directory. + +![Password Security Data Collection Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The Password Security Data Collection contains the following type of scan: + +- WeakPasswordScan – Scans an Active Directory for weak passwords. Returns password information per + the configurable scan options including clear-text passwords. For additional information on scan + options, see + the[PasswordSecurity: Options](/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/options.md) + topic. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/dictionaries.md b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/dictionaries.md new file mode 100644 index 0000000000..3cfbed1648 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/dictionaries.md @@ -0,0 +1,145 @@ +# PasswordSecurity: Dictionaries + +The Dictionaries page provides configuration settings for storing passwords to be used as a +reference for the scan. + +![Password Security Data Collection Wizard Dictionary options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/dictionaries.webp) + +The configurable dictionary options are: + +- Use Stealthbits dictionary (> 100,000 passwords) – If enabled, compares passwords against + out-of-the-box dictionary comprised of commonly used password hashes +- Automatically update the Stealthbits dictionary – Checks for the latest version of the Stealthbits + dictionary file when the job is executed, and downloads the latest version from the + [Netwrix website](https://www.netwrix.com/) + + - If the Enterprise Auditor server does not have an internet connection, the Stealthbits + dictionary can be downloaded directly from the + [My Products](https://www.netwrix.com/my_products.html) page of the Netwrix website. + +- Update Dictionary – Checks for the latest version of the dictionary file, and updates if necessary +- Add – Add a custom dictionary file in one of the following formats: + + - Plaintext – Line separated in a text file + - NLTM Hashes – Can be added with hashes or sorted hashes. The haveibeenpwned dictionary can be + used. See the + [Download and Configure the Have I Been Pwnd (HIBP) Hash List](#download-and-configure-the-have-i-been-pwnd-hibp-hash-list) + topic for additional information. + + **_RECOMMENDED:_** Use the sorted hash dictionary if adding an NLTM format + +- Remove – Removes a custom dictionary file from the query scope + +## Download the Stealthbits dictionary + +**Step 1 –** If the Enterprise Auditor server does not have an internet connection, the Stealthbits +dictionary can be downloaded directly from the +[My Products](https://www.netwrix.com/my_products.html) page of the Netwrix website. + +**Step 2 –** After downloading the dictionary file manually do one the following: + +- If an internet connection exists on the Enterprise Auditor server: + + - Place the `dictionary.dat` file in the following location: + `%sainstalldir%\Jobs\SA_CommonData\PasswordSecurity\Dictionaries` + - Rename the file to `sadictionary_hashed_sorted.dat` + +- If no internet connection exists on the Enterprise Auditor server: + + - Copy the file to the Enterprise Auditor server and put it in a location of your choosing. The + default location is `%sainstalldir%\Jobs\SA_CommonData\PasswordSecurity\Dictionaries` + - Open the PasswordSecurity data collector configuration for the **AD_WeakPasswords** job + - On the Dictionaries page, deselect the **Use STEALTHbits dictionary** checkbox + - On the Dictionaries page, click **Add...** and select the previously downloaded + `dictionary.dat` file + +## Download and Configure the Have I Been Pwnd (HIBP) Hash List + +If you don't have internet access on the Netwrix Enterprise Auditor server or want to download the +files from another location that has internet access, you can do so by using the Pwnd Passwords +Downloader. + +The Pwnd Passwords Downloader is a Dotnet tool used to download all Pwned Passwords hash ranges and +save them offline so they can be used without a dependency on the k-anonymity API. Use this tool to +get the latest breached hashes from the Have I Been Pwnd (HIBP) database. + +**NOTE:** The +[](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader)[Pwnd Passwords Downloader](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader) +is a third party, open source tool, created by the HaveIBeenPwned team and distributed under a BSD +3-Clause License. You might experience issues during the hash download process, depending on your +threading settings or the load on the CloudFlare backend. The Pwnd Passwords Downloader tool will +automatically retry to continue downloading the hashes until it fully completes the download +process. + +### Prerequisites + +The Pwnd Passwords Downloader has the following prerequisite: + +- Install .NET 6 before installing the + [Pwnd Passwords Downloader ](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader)tool. You + can download .NET 6 from Microsoft: + [https://dotnet.microsoft.com/en-us/download/dotnet/6.0](https://dotnet.microsoft.com/en-us/download/dotnet/6.0) + +The HIBP database takes up additional space on the machine where it is copied (approximately 13 GB, +but subject to change). The Have I Been Pwnd database (HIBP) hashes can take up to 30 GB. Make sure +that you have enough free space on your disk in your Netwrix Enterprise Auditor install directory +(`%sainstalldir%`). + +### Install the Pwnd Passwords Downloader + +Follow the steps to install the Pwnd Passwords Downloader. + +**Step 3 –** Open command prompt, and navigate to your .NET install folder (for example, +`C:\Program Files (x86)\dotnet`). + +**Step 4 –** Run the following command: + +``` +dotnet tool install --global haveibeenpwned-downloader +``` + +![hibp_installation_0](/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_0.webp) + +**Step 5 –** Close the command prompt. + +### Update an Installed Pwnd Passwords Downloader + +Follow the steps to update an installed Pwnd Passwords Downloader. + +**Step 1 –** Open the command prompt. + +**Step 2 –** Run the following command: + +``` +dotnet tool update --global haveibeenpwned-downloader +``` + +![hibp_installation_1](/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_1.webp) + +### Download NTML Hashes with the Pwnd Passwords Downloader + +Follow the steps to download NTLM hashes. + +**Step 1 –** Navigate to the folder where you want to download the hashes. + +**Step 2 –** Download all NTLM hashes to a single txt file, called for example +`pwnedpasswords_ntlm.txt`. + +Run: + +``` +haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm +``` + +![hibp_installation_3](/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_3.webp) + +This screenshot shows the completed download. + +**Step 3 –** To overwrite an existing hash list, run: + +``` +haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm -o +``` + +For a complete list of available parameters, please check the +[Pwnd Passwords Downloader GitHub page](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader). diff --git a/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/options.md b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/options.md new file mode 100644 index 0000000000..a87aa5cf7e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/options.md @@ -0,0 +1,19 @@ +# PasswordSecurity: Options + +The Options page provides format options for returned data. + +![Password Security Data Collection Wizard Scan options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +The configurable scan options are: + +- Encrypt communications with Active Directory (SSL) – Enables communication to the domain + controller over SSL +- Analyze historical passwords – Scans historical passwords that have been stored in Active + Directory + + **CAUTION:** Enabling the following option will return clear text passwords to be stored in the + Enterprise Auditor database for the following exceptions: **Clear Text Password**, **Potential + Keytab Password**, and **Weak Password** (when leveraging a plaintext password dictionary). + +- Return cleartext passwords when possible – Returns stored clear-text passwords to the Enterprise + Auditor database diff --git a/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/overview.md new file mode 100644 index 0000000000..3b4a5db5db --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/overview.md @@ -0,0 +1,41 @@ +# PasswordSecurity Data Collector + +The PasswordSecurity Data Collector compares passwords stored in Active Directory to known, breached +passwords in the Netwrix dictionary or custom dictionaries. The PasswordSecurity Data Collector also +checks for common misconfigurations with passwords in Active Directory. + +The PasswordSecurity Data Collector is a core component of Enterprise Auditor, but it has been +preconfigured within the Active Directory Solution. While the data collector is available with all +Enterprise Auditor license options, the Active Directory Solution is only available with a special +Enterprise Auditor license. See the +[Active Directory Solution](/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md) +topic for additional information. + +Protocols + +- LDAP + +Ports + +- TCP 389/636 + +Permissions + +- At the domain level: + + - Read + - Replicating Directory Changes + - Replicating Directory Changes All + - Replicating Directory Changes in a Filtered Set + - Replication Synchronization + +## PasswordSecurity Query Configuration + +The PasswordSecurity Data Collector is configured through the Password Security Data Collector +Wizard, which contains the following wizard pages: + +- [PasswordSecurity: Category](/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/category.md) +- [PasswordSecurity: Options](/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/options.md) +- [PasswordSecurity: Dictionaries](/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/dictionaries.md) +- [PasswordSecurity: Results](/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/results.md) +- [PasswordSecurity: Summary](/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/summary.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/results.md b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/results.md new file mode 100644 index 0000000000..2d8ba42708 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/results.md @@ -0,0 +1,8 @@ +# PasswordSecurity: Results + +The Results page is where Active Directory properties to be gathered are selected. + +![Password Security Data Collection Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or by using the **Select All** or **Clear All** buttons. All +selected properties are gathered. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/summary.md new file mode 100644 index 0000000000..95a01c6baf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/summary.md @@ -0,0 +1,9 @@ +# PasswordSecurity: Summary + +The Summary page displays a summary of the configured query. + +![Password Security Data Collection Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/permissionmatrix.md b/docs/accessanalyzer/11.6/admin/datacollector/permissionmatrix.md new file mode 100644 index 0000000000..4a8f54506c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/permissionmatrix.md @@ -0,0 +1,53 @@ +# Permissions by Data Collector (Matrix) + +The Enterprise Auditor data collectors are capable of collecting information from a variety of +sources. Each data collector requires specific protocols, ports, and permissions for the collection +of data to occur. + +Many data collectors are included as core components. However, some data collectors require specific +license features. The following table provides a quick reference for each data collector. + +| Data Collector | Description | Protocols | Ports Used | Recommended Permissions | +| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| ActiveDirectory _\*requires license_ | The ActiveDirectory Data Collector audits objects published in Active Directory. | - ADSI - LDAP - RPC | - TCP 389/636 - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Domain Administrators group | +| ADActivity _\*requires license_ | The ADActivity Data Collector integrates with the Netwrix Activity Monitor by reading the Active Directory activity log files. | - HTTP - RPC | - TCP 4494 (configurable within the Netwrix Activity Monitor) | - Netwrix Activity Monitor API Access activity data - Netwrix Activity Monitor API Read - Read access to the Netwrix Activity Monitor Log Archive location | +| ADInventory | The ADInventory Data Collector is designed as a highly scalable and useful data collection mechanism to catalogue user, group, and computer object information that can be used by other solutions within Enterprise Auditor. | - LDAP | - TCP 389 - TCP 135-139 - Randomly allocated high TCP ports | - Read access to directory tree - List Contents & Read Property on the Deleted Objects Container **NOTE:** See the Microsoft [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) article and the Microsoft [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for additional information. | +| ADPermissions _\*requires license_ | The ADPermissions Data Collector collects the advanced security permissions of objects in AD. | - ADSI - LDAP - RPC | - TCP 389 - TCP 135 – 139 - Randomly allocated high TCP ports | - LDAP Read permissions - Read on all AD objects - Read permissions on all AD Objects | +| AWS | The AWS Data Collector collects IAM users, groups, roles, and policies, as well as S3 permissions, content, and sensitive data from the target Amazon Web Services (AWS) accounts. | - HTTPS | - 443 | - To collect details about the AWS Organization, the following permission is required: - organizations:DescribeOrganization - To collect details regarding IAM, the following permissions are required: - iam:GenerateCredentialReport - iam:GenerateServiceLastAccessedDetails - iam:Get\* - iam:List\* - iam:Simulate\* - sts:GetAccessKeyInfo - To collect details related to S3 buckets and objects, the following permissions are required: - s3:Describe\* - s3:Get\* - s3:HeadBucket - s3:List\* | +| AzureADInventory | The AzureADInventory Data Collector catalogs user and group object information from Microsoft Entra ID, formerly Azure Active Directory. This data collector is a core component of Enterprise Auditor and is preconfigured in the .Entra ID Inventory Solution. | - HTTP - HTTPS - REST | - TCP 80 and 443 | - Microsoft Graph API - Application Permissions: - AuditLog.Read.All – Read all audit log data - Directory.Read.All – Read directory data - Delegated Permissions: - Group.Read.All – Read all groups - User.Read.All – Read all users' full profiles - Access URLs - https://login.windows.net - https://graph.windows.net - https://login.microsoftonline.com - https://graph.microsoft.com - All sub-directories of the access URLs listed | +| Box _\*requires license_ | The Box Data Collector audits access, group membership, and content within a Box enterprise. | - HTTP - HTTPS | - TCP 80 - TCP 443 | - Box Enterprise Administrator | +| CommandLineUtility | The CommandLineUtility Data Collector provides the ability to remotely spawn, execute, and extract data provided by a Microsoft native or third-party command line utility. | - Remote Registry - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the local Administrators group | +| DiskInfo | The DiskInfo Data Collector provides enumeration of disks and their associated properties. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the local Administrators group | +| DNS _\*requires license_ | The DNS Data Collector provides information regarding DNS configuration and records. | - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Domain Administrators group | +| DropboxAccess _\*requires license_ | The DropboxAccess Data Collector audits access, group membership, and content within a Dropbox environment. | - HTTP - HTTPS | - TCP 80 - TCP443 | - Dropbox Team Administrator | +| EventLog | The EventLog Data Collector provides search and extraction of details from event logs on target systems. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the Local Administrators group - Member of the Domain Administrators group (if targeting domain controllers) | +| EWSMailbox _\*requires license_ | The EWSMailbox Data Collector provides configuration options to scan mailbox contents, permissions, and sensitive data, and is preconfigured within the Exchange Solution. | - HTTPS - ADSI - LDAP | - TCP 389 - TCP 443 | For Exchange servers: - Exchange Admin Role - Discovery Management Role - Application Impersonation Role - Exchange Online License For Exchange Online: - Exchange Admin Role - Discovery Management Role - Exchange Online License | +| EWSPublicFolder _\*requires license_ | The EWSPublicFolder Data Collector provides configuration options to extract public folder contents, permissions, and sensitive data, and is preconfigured within the Exchange Solution. | - HTTPS - ADSI - LDAP | - TCP 389 - TCP 443 | For Exchange servers: - Exchange Admin Role - Discovery Management Role - Application Impersonation Role - Exchange Online License with a mailbox For Exchange Online: - Exchange Admin Role - Discovery Management Role - Exchange Online License with a mailbox | +| Exchange2K _\*requires license_ | The Exchange2K Data Collector extracts configuration details from Exchange organizations for versions 2003 and later. | - LDAP - MAPI - PowerShell - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports - TCP 389 - Optional TCP 445 | - Member of the Exchange Administrator group - Domain Admin for AD property collection - Public Folder Management | +| ExchangeMailbox _\*requires license_ | The ExchangeMailbox Data Collector extracts configuration details from the Exchange Store to provide statistical, content, permission, and sensitive data reporting on mailboxes. | - MAPI - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Exchange Administrator group - Organization Management - Discovery Management | +| ExchangeMetrics _\*requires license_ | The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking Logs on the Exchange servers. Some examples of this include server volume and message size statistics. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the local Administrator group on the targeted Exchange server(s) | +| ExchangePS _\*requires license_ | The ExchangePS Data Collector utilizes the Exchange CMDlets to return information about the Exchange environment utilizing PowerShell. This data collector has been designed to work with Exchange 2010 and newer. | - PowerShell | - TCP 135 - Randomly allocated high TCP ports | For Exchange servers: - Remote PowerShell enabled on a single Exchange server - Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server where Remote PowerShell has been enabled - View-Only Organization Management Role Group - Discovery Search Management Role Group - Public Folder Management Role Group - Mailbox Search Role For Exchange Online: - Discovery Management Role - Organization Management Role | +| ExchangePublicFolder _\*requires license_ | The ExchangePublicFolder Data Collector audits an Exchange Public Folder, including contents, permissions, ownership, and replicas. | - MAPI - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Exchange Administrator group - Organization Management | +| File | The File Data Collector provides file and folder enumeration, properties, and permissions. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports - Optional TCP 445 | - Member of the Local Administrators group | +| FileSystemAccess (FSAA) _\*requires license_ | The FileSystemAccess (FSAA) Data Collector collects permissions, content, and activity, and sensitive data information for Windows and NAS file systems. | - Remote Registry - WMI | - Ports vary based on the Scan Mode Option selected. See the [File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) topic for additional information. | - Permissions vary based on the Scan Mode Option selected. See the [File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) topic for additional information. | +| GroupPolicy | The GroupPolicy Data Collector provides the ability to retrieve the GPO’s list in the domain and where they are linked, return information on configured policies and policy parts from the individual policies that have been selected, return information on selected policy parts from all policies within the domain, and return effective security policies in effect at the individual workstation. | - LDAP - RPC | - TCP 389 - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the Local Administrators group | +| INIFile | The INIFile Data Collector provides options to configure a task to collect information about log entries on target hosts. | - RPC | - TCP 135-139 - Randomly allocated high TCP ports - Optional TCP 445 | - Member of the Local Administrators group | +| LDAP | The LDAP Data Collector uses LDAP to query Active Directory returning the specified objects and attributes. | - LDAP | - TCP 389 | - Member of the Domain Administrators group | +| NIS | The NIS Data Collector inventories a NIS domain for user and group information, mapping to Windows-style SIDs. | - NIS | - TCP 111 or UDP 111 - Randomly allocated high TCP ports | - No special permissions are needed aside from access to a NIS server | +| NoSQL | The NoSQL Data Collector for MongoDB provides information on MongoDB Cluster configuration, limited user permissions, scans collections for sensitive data, and identifies who has access to sensitive data. | - TCP/IP | - MongoDB Cluster - Default port is 27017 (A custom port can be configured) | - Read Only access to ALL databases in the MongoDB Cluster including: - Admin databases - Config databases - Local databases - Read Only access to any user databases is required for sensitive data discovery - Read access to NOSQL instance - Read access to MongoDB instance - Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard page | +| ODBC | Queries ODBC compliant databases for tables and table properties | - OCBC | - TCP 1433 | - Database Read access | +| PasswordSecurity | The PasswordSecurity Data Collector compares passwords stored in Active Directory to known, breached passwords in the Netwrix dictionary or custom dictionaries. The PasswordSecurity Data Collector also checks for common misconfigurations with passwords in Active Directory. | - LDAP | - TCP 389/636 | - At the domain level: - Read - Replicating Directory Changes - Replicating Directory Changes All - Replicating Directory Changes in a Filtered Set - Replication Synchronization | +| PatchCheck | Provides patch verification and optional automatic bulletin downloads from Microsoft | - HTTP - ICMP - RPC | - TCP 135-139 - Randomly allocated high TCP ports - TCP 80 - TCP 7 | - Member of the Local Administrators group | +| Perfmon | Provides performance monitor counter data samples | - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | +| PowerShell | The PowerShell Data Collector provides PowerShell script exit from Enterprise Auditor. | - PowerShell | - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the Local Administrators group | +| Registry | The Registry Data Collector queries the registry and returns keys, key values, and permissions on the keys. | - Remote Registry - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | +| Script | The Script Data Collector provides VB Script exit from Enterprise Auditor. | - VB Script | - Randomly allocated high TCP ports | - Member of the Local Administrators group - Member of the Domain Administrators group (if targeting domain controllers) | +| Services | The Services Data Collector enumerates status and settings from remote services. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | +| SharePointAccess (SPAA) _\*requires license_ | The SharePointAccess (SPAA) Data Collector audits access, group membership, and content within a SharePoint on-premises and SharePoint Online environment. The SPAA Data Collector has been preconfigured within the SharePoint Solution. | - MS SQL - Remote Registry - SP CSOM (Web Services via HTTP & HTTPS) - SP Server API - WCF AUTH via TCP (configurable) | - Ports vary based on the Scan Mode selected and target environment. See the [SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) topic for additional information. | - Permissions vary based on the Scan Mode selected and target environment. See the [SharePoint Support](/docs/accessanalyzer/11.6/requirements/target/sharepoint.md) topic for additional information. | +| SMARTLog | The SMARTLog Data Collector provides search and extraction of details from Windows Event Logs (online or offline) and Microsoft Exchange Internet Information Server (IIS) logs. | - Log - Remote Event - RPC | - TCP 135 - TCP 445 - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the local Administrators group | +| SQL _\*requires license_ | The SQL Data Collector provides information on database configuration, permissions, data extraction, application name of the application responsible for activity events, an IP Address or Host name of the client server, and sensitive data reports. This data collector also provides information on Oracle databases including infrastructure and operations. | TCP | For Db2 Target: - Specified by Instances table (default is 5000) For MySQL Target: - Specified by Instances table (default is 3306) For Oracle Target: - Specified by Instances table (default is 1521) For PostgreSQL Target: - Specified by Instances table (default is 5432) For SQL Target: - Specified by Instances table (default is 1433) | For MySQL Target: - Read access to MySQL instance to include all databases contained within each instance - Windows Only — Domain Admin or Local Admin privilege For Oracle Target: - User with SYSDBA role - Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or Unix operating systems For PostgreSQL Target: - Read access to all the databases in PostgreSQL cluster or instance - Windows Only — Domain Admin or Local Admin privilege For Redshift Target: - Read-access to the following tables: - pg_tables - pg_user For SQL Target: - For Instance Discovery, local rights on the target SQL Servers: - Local group membership to Remote Management Users - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` - For permissions for data collection: - Read access to SQL instance - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the target SQL instance(s) when using the **Scan full rows for sensitive data** option on the Options wizard page - Grant Authenticate Server to [DOMAIN\USER] - Grant Connect SQL to [DOMAIN\USER] - Grant View any database to [DOMAIN\USER] - Grant View any definition to [DOMAIN\USER] - Grant View server state to [DOMAIN\USER] - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) | +| SystemInfo | The SystemInfo Data Collector extracts information from the target system based on the selected category. | - Remote Registry - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | +| TextSearch | The TextSearch Data Collector enables searches through text based log files. | - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | +| Unix _\*requires license_ | The Unix Data collector provides host inventory, software inventory, and logical volume inventory on UNIX & Linux platforms. | - SSH | - TCP 22 - User configurable | - Root permissions in Unix/Linux | +| UserGroups _\*requires license_ | The UsersGroups Data Collector audits user and group accounts for both local and domain, extracting system policies. | - RPC - SMBV2 - WMI | - TCP 135-139 - Randomly allocated high TCP ports - 445 | - Member of the Local Administrators group - If a less-privileged option is required, you can use a regular domain user that has been added to the **Network access: Restrict clients allowed to make remote calls to SAM** Local Security Policy - Member of the Domain Administrators group (if targeting domain controllers) | +| WMICollector | The WMICollector Data Collector identifies data for certain types of WMI classes and namespaces. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.md b/docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.md new file mode 100644 index 0000000000..3134a0970b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.md @@ -0,0 +1,76 @@ +# PowerShell: Edit Query + +The Edit Query page provides a screen to edit the query to execute. Users can import PowerShell +script as well as use an input table to create and edit the PowerShell script. + +![PowerShell Data Collector Wizard Edit Query page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.webp) + +The options on the Edit Query page are: + +- Open – Click to import and open a PowerShell script +- Script Editor – Input PowerShell script to use for the configured job +- Parameters – The Parameters tab located on the right-hand side of the Edit Query page is used to + bring up the Parameters window. See the [Parameters](#parameters) topic for additional + information. +- Use table input for PowerShell script – select the checkbox to bring up the Input options for the + PowerShell script. See the [Input Options](#input-options) topic for additional information. + +## Parameters + +Add, edit, and delete parameters for the PowerShell data collector using the Parameters window. + +![Parameters Window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryparameters.webp) + +The options in the Parameters Window are: + +- Add – Add a parameter by opening the Add/Edit Variable Window. See the + [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. +- Edit – Edit the selected parameter by opening the Add/Edit Variable Window. See the + [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. +- Delete – Delete a parameter + +**NOTE:** Only user created parameters can be edited or deleted. Pre-configured parameters cannot be +edited or deleted. + +### Add/Edit Variable Window + +Use the Add/Edit Variable Window to add and edit parameters for the PowerShell Data Collector. + +![Add/Edit Variable Window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryvariable.webp) + +The options in the Add/Edit Variable window are: + +- Name – Enter or edit the name for the custom parameter +- Description – (Optional) Enter or edit the description for the custom parameter +- Type – Select the Type from the dropdown list. The options are: + + - String + - List + - Filepath + - Boolean + - Long + - Double + +- Value – Enter or edit the value for the custom parameter + +## Input Options + +When the Use table input for PowerShell script option is selected on the Edit Query page, additional +options display to define the source for input data. + +![Edit Query page input options](/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryinput.webp) + +The input options are: + +- Please select name – Select the input table to be used from the drop-down menu +- Filter nulls – Excludes values that are null from input +- Filter duplicates – Excludes any values that are duplicate from input +- Text Box – Displays an example of how the input can be used in a PowerShell script +- Columns – Displays the columns in the selected input table. If applicable, select the checkbox to + include the column in the input. +- Input Data – Preview how the input data will look in the Input Data tab + +![Text Box and the Columns tab populated with information](/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryinputtable.webp) + +Selecting an input table in the **Please select name** dropdown populates the Text Box and the +Columns tab with information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/powershell/options.md b/docs/accessanalyzer/11.6/admin/datacollector/powershell/options.md new file mode 100644 index 0000000000..c0c759a27d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/powershell/options.md @@ -0,0 +1,16 @@ +# PowerShell: Options + +The Options page provides the option to execute the script remotely on the target host. + +![PowerShell Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +The configurable options are: + +- Execute remotely – Remotely executes the script on the target host. If this checkbox is not + selected, the script will be executed from the Enterprise Auditor Console server. +- Use impersonation within server executable – Executes the script with the job credentials + +For cmdlets requiring explicit credentials, a single credential set from the job's Connection +Profile can be referenced using `Get-Credential` or the `$JobCredential` variable, a `PSCredential` +type object. All credentials from the job’s Connection Profile may be accessed via the +`$JobCredentials` array. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md new file mode 100644 index 0000000000..107451c604 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md @@ -0,0 +1,35 @@ +# PowerShell Data Collector + +The PowerShell Data Collector provides PowerShell script exit from Enterprise Auditor. It has +configuration options for creating and configuring a PowerShell query. This data collector is a core +component of Enterprise Auditor and is available with all Enterprise Auditor licenses. + +Protocols + +- PowerShell + +Ports + +- Randomly allocated high TCP ports + +Permissions + +- Member of the Domain Administrators group (if targeting domain controllers) +- Member of the Local Administrators group + +## PowerShell Query Configuration + +The PowerShell Data Collector is configured through the PowerShell Data Collector Wizard, which +contains the following pages: + +- Welcome +- [PowerShell: Edit Query](/docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.md) +- [PowerShell: Options](/docs/accessanalyzer/11.6/admin/datacollector/powershell/options.md) +- [PowerShell: Sample Server](/docs/accessanalyzer/11.6/admin/datacollector/powershell/sampleserver.md) +- [PowerShell: Results](/docs/accessanalyzer/11.6/admin/datacollector/powershell/results.md) +- [PowerShell: Summary](/docs/accessanalyzer/11.6/admin/datacollector/powershell/summary.md) + +![PowerShell Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by checking the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/powershell/results.md b/docs/accessanalyzer/11.6/admin/datacollector/powershell/results.md new file mode 100644 index 0000000000..9515607ef1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/powershell/results.md @@ -0,0 +1,11 @@ +# PowerShell: Results + +The Results page provides configuration settings for the Properties to return and ROWKEY's +components. + +![PowerShell Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +The Results page options are: + +- Properties to return – List of available properties which can be gathered for the PowerShell query +- ROWKEY's components – List of available properties based on which ROWKEY will be built diff --git a/docs/accessanalyzer/11.6/admin/datacollector/powershell/sampleserver.md b/docs/accessanalyzer/11.6/admin/datacollector/powershell/sampleserver.md new file mode 100644 index 0000000000..a76caa6f74 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/powershell/sampleserver.md @@ -0,0 +1,16 @@ +# PowerShell: Sample Server + +The Sample Server page provides a box to select a server to generate the result columns. + +![PowerShell Data Collector Wizard Select Server page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/selectserver.webp) + +The Select Server page options are: + +- Server name – Server to be used during configuration +- Validate – Validates the script results and retrieves result columns. Validation must be run in + order to populate and enable the Results page. + +The server selected here replaces any `[SAHOSTNAME]` tokens in the PowerShell script. During +execution, the `[SAHOSTNAME]` tokens are replaced in turn by each host in the host list. If no +`[SAHOSTHAME]` tokens exist in the PowerShell script, then the server name and the hosts in the host +list have no effect. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/powershell/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/powershell/summary.md new file mode 100644 index 0000000000..8252135947 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/powershell/summary.md @@ -0,0 +1,10 @@ +# PowerShell: Summary + +The Summary page summarizes the selected configurations from the previous pages in the PowerShell +Data Collector Wizard. + +![PowerShell Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the PowerShell Data Collector Wizard ensuring that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/registry.md b/docs/accessanalyzer/11.6/admin/datacollector/registry.md new file mode 100644 index 0000000000..fe604a11e2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/registry.md @@ -0,0 +1,75 @@ +# Registry Data Collector + +The Registry Data Collector queries the registry and returns keys, key values, and permissions on +the keys. The data in the native tables returned by the Registry Data Collector is dependent upon +the query configuration. For example, a query could be configured to only show permissions on +registry keys in a 32-bit view. Another query could be configured to show a listing of all keys and +key values in a 64-bit view. Wildcards can also be used in query configurations. + +The Registry Data Collector is a core component of Enterprise Auditor, but it has been preconfigured +within both the Active Directory Solution and the Windows Solution. While the data collector is +available with all Enterprise Auditor license options, these solutions are only available with a +special Enterprise Auditor licenses. See the following topics for additional information: + +- [Active Directory Solution](/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md) +- [Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) + +Protocols + +- Remote Registry +- RPC + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group + +## Registry Query Configuration + +The Registry Data Collector is configured through the Registry Browser window. + +![Registry Browser window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/browser.webp) + +The configurable options are: + +- Sample Host – The host to connect to. If this box is left blank, the connection is to the local + host. +- 64-bit view – The default view is 32-bit. Select the **64-bit view** checkbox to switch to a + 64-bit view. +- Connect – Connect to host’s registry. If no host is specified in the Sample Host box, the + connection is to the local host’s registry. +- Query 32-bit view – Select this checkbox to query the 32-bit view of the registry +- Query 64-bit view – Select this checkbox to query the 64-bit view of the registry +- Name – The key value. Key values can be added to the Selected Properties list by pressing the + **ctrl** key, selecting the keys to add, and then clicking the **Add currently selected value** + button. +- Type – The key value type +- Data – The key value path +- Root Path – The path to the selected key +- Enumerate child nodes – Select this checkbox to do a recursive search of all child nodes + +The button bar provides additional options for selecting keys. See the [Button Bar](#button-bar) +topic for additional information. + +### Button Bar + +The button bar is located right above the Selected Properties window. The button bar enables users +to do the following: + +![Button Bar](/img/product_docs/accessanalyzer/11.6/admin/datacollector/buttonbar.webp) + +| Icon | Name | +| ------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------- | +| ![Select all peer keys for this node](/img/product_docs/accessanalyzer/11.6/admin/datacollector/selectall.webp) | Select all peer keys for this node | +| ![Add name of currently selected key](/img/product_docs/accessanalyzer/11.6/admin/datacollector/addname.webp) | Add name of currently selected key | +| ![Add full path of the currently selected key](/img/product_docs/accessanalyzer/11.6/admin/datacollector/addpath.webp) | Add full path of the currently selected key | +| ![Add last write date/time of currently selected key](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adddatetime.webp) | Add last write date/time of currently selected key | +| ![Add security properties for selected key](/img/product_docs/accessanalyzer/11.6/admin/datacollector/addproperties.webp) | Add security properties for selected key | +| ![Enumerate all values for this key](/img/product_docs/accessanalyzer/11.6/admin/datacollector/enumeratevalues.webp) | Enumerate all values for this key | +| ![Add currently selected value](/img/product_docs/accessanalyzer/11.6/admin/datacollector/addvalue.webp) | Add currently selected value | +| ![Delete properties from selection](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/delete.webp) | Delete properties from selection | +| ![Go to selected key](/img/product_docs/accessanalyzer/11.6/admin/datacollector/goto.webp) | Go to selected key | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/script/add.md b/docs/accessanalyzer/11.6/admin/datacollector/script/add.md new file mode 100644 index 0000000000..91f0932df1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/script/add.md @@ -0,0 +1,22 @@ +# Add a Script to an Existing Query + +The Query Properties window provides the ability to add a script to an existing query. Typically, a +script is used to augment a query providing services such as conversion of returned data. + +Follow the steps to add a script. + +**Step 1 –** Navigate to the job's **Configure** node and select **Queries**. + +**Step 2 –** Click **Create Query** to open the Query Properties window. + +**Step 3 –** Select the **Data Source** tab and select the desired data collector in the Data +Collector drop-down menu. + +![Query Properties window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/querypropertiesexisting.webp) + +**Step 4 –** Click the **Browse Data Source** button to open the VBScript Editor page and add the +script to run after data collection. + +See the +[VBScript Editor](/docs/accessanalyzer/11.6/admin/datacollector/script/editor.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/script/editor.md b/docs/accessanalyzer/11.6/admin/datacollector/script/editor.md new file mode 100644 index 0000000000..856a399090 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/script/editor.md @@ -0,0 +1,31 @@ +# VBScript Editor + +The VBScript Editor window provides the means to add a script. The window is ideal for editing small +scripts and for pasting larger scripts from external scripting tools. + +![VBScript Editor window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/vbscripteditor.webp) + +The options in the VBScript Editor are: + +- Save and Close – Use this option to save the script and close the window +- Syntax Check – Use this option to check the syntax of your script. This does not identify logic + errors, only cases where the script syntax is incorrect. It helps reduce the overhead of debugging + a script. When selected, a Script Errors window opens and a syntax check is performed. Any + syntactical errors are displayed within the window. +- Load from file – Use this option to load a VB script from a .vbs file +- Save to file – Use this option to save the current script in the Editor +- Undo – Undo previous changes made to the script (Shortcut is Ctrl+Z) +- Redo – Redo previous changes made to the script (Shortcut is Shift+Ctrl+Z) +- Cut – Cut the highlighted text +- Copy – Copy the highlighted text +- Paste – Paste cut or copied text into the VB Script Editor +- Online VBScript Language Reference – Opens internet browser to the Microsoft Technical + Documentation website from where documentation for Visual Basic Script can be navigated to + +After adding or modifying a script, click **Save and close**. + +See the +[Script Example 1: Conversion of Data](/docs/accessanalyzer/11.6/admin/datacollector/script/example1.md) +and +[Script Example 2: Command Query](/docs/accessanalyzer/11.6/admin/datacollector/script/example2.md) +topics for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/script/example1.md b/docs/accessanalyzer/11.6/admin/datacollector/script/example1.md new file mode 100644 index 0000000000..c46d2f2227 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/script/example1.md @@ -0,0 +1,62 @@ +# Script Example 1: Conversion of Data + +This script example demonstrates how to perform a query and modify returned data. The script +provides the data collector with the information that would have been provided if the user interface +had been used to design the query. However, in this case it is all done through script. The data +collector returns a value that is then converted and stored by Enterprise Auditor. + +This script starts by defining a query using the Perfmon Data Collector. Notice that the +**WorkingQuery** object is used, not the Query object. This is done to preserve the Query object, +since the Query object will be used to store the results that are different from what the data +collector is providing. + +The script then issues the query by calling `WorkingQuery.Execute`. When the query completes, +**WorkingQuery** is set to view the first row of results by setting the **ResultRow** property. The +value within the **System Up Time** property is then transferred into the `REMAINDER` variable so +that it can be more easily manipulated. + +The script then takes the value of `REMAINDER`, which is in seconds, and converts it to days, hours, +minutes, and seconds. These values are then recorded in the Query object so that Enterprise Auditor +can store this data. + +**NOTE:** In this task, the hours, minutes, and seconds properties were specified manually using the +task dialog. See the +[Script Properties](/docs/accessanalyzer/11.6/admin/datacollector/script/properties.md) +topic for additional information. + +## Example of Conversion of Data Script + +The conversation of data script example is: + +``` +Sub Task() +Dim DAYS +Dim HRS +Dim MINS +Dim SECS +Dim REMAINDER  +WorkingQuery.Host=Query.Host +WorkingQuery.Source="Perfmon" +WorkingQuery.Paths=1 +WorkingQuery.Path(0)="System\System Up Time" +WorkingQuery.AddProperty  "NAME=System Up Time,DATATYPE=NUMERIC,VALUE=,COLUMN=UPTIME" +WorkingQuery.Execute +WorkingQuery.ResultRow=0 +REMAINDER=WorkingQuery.ResultData("System Up Time")  +Query.ResultRows=1 +Query.ResultRow=0  +'Calculate days/hrs/mins/secs +DAYS=INT(REMAINDER/86400) +REMAINDER=REMAINDER-(DAYS*86400) +HRS=INT(REMAINDER/3600) +REMAINDER=REMAINDER-(HRS*3600) +MINS=INT(REMAINDER/60) +SECS=INT(REMAINDER-(MINS*60))  +Query.ResultData("SecondsElapsed")=INT(WorkingQuery.ResultData("System Up Time")) +Query.ResultData("Days")=DAYS +Query.ResultData("Hrs")=HRS +Query.ResultData("Mins")=MINS +Query.ResultData("Secs")=SECS +End Sub + +``` diff --git a/docs/accessanalyzer/11.6/admin/datacollector/script/example2.md b/docs/accessanalyzer/11.6/admin/datacollector/script/example2.md new file mode 100644 index 0000000000..f4217905f7 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/script/example2.md @@ -0,0 +1,102 @@ +# Script Example 2: Command Query + +The following example illustrates the use of scripts within Enterprise Auditor. This script reads a +database list from SQL Server and then proceeds to the File System Data Collector for the size of +the database file, essentially inventorying the installed databases, their paths, and sizes. + +**NOTE:** Because the object instances are not thread-safe, scripts like these that use objects +external to Enterprise Auditor should be run with only one thread. + +In this example, a connection is opened with a SQL server. The SQL server name is provided by +Enterprise Auditor during the query. Enterprise Auditor provides the active host to the script using +the **Query.Host** property. + +The script then queries the Master database, requesting a **recordset** containing all databases and +proceeds to get the row count. Setting the **Query.ResultRows** property creates a row of storage +for each record in the recordset. It then proceeds to read data from each row by looping row by row. +For each row, the database name, filename, and ID are captured. The script then calls a function to +get the size of the file. The **FileSize** function uses the database filename to construct a query +to the File System Data Collector, which ultimately returns the size of the file. + +The data for each database is stored in the Query object. + +Finally, the SQL objects are freed. + +## Example of Compound Query Script + +The compound query script example is: + +``` +Sub Task()  +Const adOpenStatic = 3 +Const adLockPessimistic = 2  +Dim cnnSQL +Dim rstSQL +Dim I +Dim sFilespec, sPath, sFile  +' CONNECT TO THE DATABASE +' **** NOTE ***** +' Set Uid and pwd to username and password +' OR set both to blank for trusted connections  +Set cnnSQL = CreateObject("ADODB.Connection") +cnnSQL.Open "Driver={SQL Server};" & _  +"Server=" & Query.Host & ";" & _ +"Database=Master;" & _ +"Uid=SA;" & _  +"Pwd=" +Set rstSQL = CreateObject("ADODB.Recordset") +rstSQL.Open "SELECT dbid, name, filename FROM sysdatabases;", cnnSQL, _ +adOpenStatic, adLockPessimistic  +' AS LONG AS RECORDS CAME BACK, PROCEED TO CAPTURE DATABASE INFO  +If NOT(rstSQL.EOF) Then +Query.ResultRows=rstSQL.RecordCount +rstSQL.MoveFirst +For i=0 to Query.ResultRows-1 +Query.ResultRow=i +Query.ResultData("DbId")=rstSQL.Fields("dbid") +Query.ResultData("Name")=rstSQL.Fields("name") +sFilespec=rstSQL.Fields("filename") +SplitPath sFileSpec, sPath, sFile +Query.ResultData("Path")=sPath  +'GET DB SIZE  +iSize=GetFileSize(Query.Host, sPath, sFile) +Query.ResultData("Size")=iSize  +'MOVE TO NEXT DB +rstSQL.MoveNext  +Next  +End If  +' CLEAN UP  +rstSQL.Close +Set rstSQL = Nothing  +cnnSQL.Close +Set cnnSQL = Nothing  +End Sub  +'---------------------------------------------------------------------  +Function GetFileSize (sHost, sPath, sFile)  +sFile=Chr(34) & sFile & Chr(34) +sPath=Chr(34) & sPath & Chr(34) +WorkingQuery.Reset +WorkingQuery.Host=Query.Host +WorkingQuery.Source="FILE" +sQueryPath="Type=FILEPATH?FilePath=" & sPath & _ +"?Target=FILES?FileSpec=" & sFile & _ +"?SubFolders=FALSE?GroupSize=FALSE?Units=Mb" +WorkingQuery.Paths1 +WorkingQuery.Path(0)=sQueryPath +WorkingQuery.AddProperty("NAME=Size,DATATYPE=NUMERIC,VALUE=") +WorkingQuery.Execute +WorkingQuery.ResultRow=0  +GetFileSize=WorkingQuery.ResultData("Size")  +End Function  +'---------------------------------------------------------------------  +Sub SplitPath(sFileSpec, ByRef sPath, ByRef sFile) +Dim iPos +If sFileSpec<>"" then +iPos=instrRev(sFileSpec,"\") +sPath=mid(sFileSpec,1,iPos-1) +sFile=mid(sFileSpec,iPos+1) +End If +End Sub +'--------------------------------------------------------------------- + +``` diff --git a/docs/accessanalyzer/11.6/admin/datacollector/script/methodsproperties.md b/docs/accessanalyzer/11.6/admin/datacollector/script/methodsproperties.md new file mode 100644 index 0000000000..e0b1c0b65a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/script/methodsproperties.md @@ -0,0 +1,26 @@ +# Script Methods and Properties + +The Query and Working Query objects support the following methods and properties. + +## Supported Methods + +| Methods | Description | +| -------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Execute | Executes the object query. Use this to perform the query after setting the source, path, and properties. | +| Reset | Resets the object’s properties to their original values. Use this if the source, path, or properties have been modified, but the original values are desired. | +| AddProperty (attributes : string) | Adds a property to the query. Using the following format: `NAME=;COLUMN=;VALUE=;DATATYPE=;SIZE=;KEY=` | +| DeleteProperty (propertyname : string) | Removes a property from a query. | + +## Supported Properties + +| Pproperties | Description | +| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Host : string | Sets or retrieves the current host | +| Source : string | Sets or retrieves the data source | +| Path : sting | Sets or retrieves the path | +| Paths : integer | Sets or retrieves the current path for multi-path tasks | +| ResultData (Property : string) : Variant | Sets or retrieves the value for the property specified | +| ResultData (PropertyIndex : integer) : Variant | Sets ResultRow to the desired row before accessing this property | +| ResultRow : integer | Sets or retrieves the current row. For non-enumerated tasks, ResultRow will always be 0. | +| ResultRows : integer | Sets or returns the count of rows. Use this to determine the number of rows returned after an enumerated task is executed. Set this property to create a multi-row return value. | +| Message (index : integer, type : string) | Sets or returns a message in the indicated position. Use MessageCount to determine the number of messages. These messages appear in the job MessageLog. | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/script/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/script/overview.md new file mode 100644 index 0000000000..95d8560806 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/script/overview.md @@ -0,0 +1,39 @@ +# Script Data Collector + +The Script Data Collector provides VB Script exit from Enterprise Auditor. Static queries are +sometimes inadequate for demanding auditing tasks. The Script Data Collector provides a means to add +a custom script to a query. Enterprise Auditor implements Microsoft Visual Basic Script (VB Script) +with extensions that provide script writers the ability to interface directly with Enterprise +Auditor. + +The following examples describe situations where using a script may be useful: + +- Conversions – One of the most frequent uses of a scriptis for converting a value from one thing to + another, for example `build1230` to `at risk`. See the + [Script Example 1: Conversion of Data](/docs/accessanalyzer/11.6/admin/datacollector/script/example1.md) + topic for additional information. +- Compound Queries – This is a query that cannot be performed using a single query. See the + [Script Example 2: Command Query](/docs/accessanalyzer/11.6/admin/datacollector/script/example2.md) + topic for additional information. +- Interfacing with External Systems – This is a query that requires access to external data. For + example, the query needs to access a corporate database to obtain a location code. + +The Script Data Collector is a core component of Enterprise Auditor, but it has been preconfigured +within the Windows Solution. While the data collector is available with all Enterprise Auditor +license options, the Windows Solution is only available with a special Enterprise Auditor license. +See the +[Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) +topic for additional information. + +Protocols + +- VB Script + +Ports + +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group +- Member of the Domain Administrators group (if targeting domain controllers) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/script/properties.md b/docs/accessanalyzer/11.6/admin/datacollector/script/properties.md new file mode 100644 index 0000000000..4cb8139769 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/script/properties.md @@ -0,0 +1,58 @@ +# Script Properties + +The Data Source tab is used to select the data collector to be used. The configurable options are: + +- Source – Used to select data collector +- Path – Displays the returned path from the data collector + + **CAUTION:** Editing the path is considered an advanced operation. Entering an incorrect value + may render the query inoperable. + + - The path is used to identify the selection from within the data collector. The path + essentially tells the data collector where the data is and depending on the data collector, + may define selected options. It is sometimes convenient to edit the path manually. + - For example: If defining a file system query using the File System Data Collector, the path + would automatically be filled in with the selected details. A minor change like changing the + file location can be done manually by editing the path. + +- Properties – As the Path is used to define where the target data is, the properties are used to + define what data is desired. Each property has a series of attributes including: + + - Name – Identifies the target data. Modifying this affects what data the data collector + returns. + - Column – Specifies the column name within the result data. Use this to specify the column name + that will be used within the report output. This is set by default to match the **Name** + attribute. + - DataType – Used to determine the format of the data for reporting purposes. It affects sorting + order and the ability to graph content. In some cases, the data collector is unable to + determine the correct data type for the returned data. + + **CAUTION:** Setting this value manually to an incorrect data type may render your results + invalid and inaccessible by Enterprise Auditor. + + - For example: Querying the registry for a value stored as **REG_SZ** returns a string, as + **REG_SZ** is a string type in the registry. However, sometimes numbers are recorded in + **REG_SZ** entries. If you determine that the content returned could always be interpreted as + numeric, you could override the default `STRING` value and set it to `NUMERIC`. This provides + proper sorting and charting ability. + +- Size – Used to determine the width of the field used to hold String data. Setting the size smaller + than the actual returned data will cause Enterprise Auditor to truncate the data in the view. + However, the actual stored data in the result table will contain the full result. +- Value – Reserved for internal use +- Key – Used to identify a key property. A key property is used to identify the property that + contains a unique value for enumerated tasks. A Key value is required for Change Detection and + Conformance Management on enumerated tasks. To identify a property that uniquely identifies each + row, set the Key attribute to `YES`. + +## Adding and Removing Properties Manually + +Although the property list is automatically populated by the data collectors, additional properties +may be added manually. Doing so allocates storage within Enterprise Auditor during data collection +and creates corresponding columns in the output table. Use a script to reference and populate these +properties. + +![Properties on the Query Properties window](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/properties.webp) + +To add properties manually, click the plus (**+**) button at the bottom of the property window. To +remove properties, click the minus (-) button. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/script/reference.md b/docs/accessanalyzer/11.6/admin/datacollector/script/reference.md new file mode 100644 index 0000000000..9f3a2cf075 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/script/reference.md @@ -0,0 +1,21 @@ +# Script Reference + +Enterprise Auditor provides extensions to standard Visual Basic Script. These extensions allow +access to and manipulation of task data, in addition to invoking queries. They are implemented +through two objects. + +Query Object + +The Query object provides access to the current query configuration and data. Use this to examine +the results of a query or to manipulate the query before it is executed. Changing properties of this +object will change the way the task is executed by Enterprise Auditor. + +Working Query Object + +The Working Query object is identical to the Query object. This object supports the same methods and +properties as the Query object but its properties and methods do not access the current query. Think +of this object as allowing the ability to create a task on the fly. Use this object to perform +queries, while leaving the original task undisturbed. This is valuable when performing compound +queries isneeded. See the +[Script Example 2: Command Query](/docs/accessanalyzer/11.6/admin/datacollector/script/example2.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/script/run.md b/docs/accessanalyzer/11.6/admin/datacollector/script/run.md new file mode 100644 index 0000000000..43fffd33ff --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/script/run.md @@ -0,0 +1,22 @@ +# Run a Stand-Alone Script + +Some situations require a script to be used exclusively without defining a data source. The Query +Properties window provides the ability to add and run a script. + +Follow the steps to add a script. + +**Step 1 –** Go to the job's **Configure** node and select **Queries**. + +**Step 2 –** Click **Create Query** to open the Query Properties window. + +**Step 3 –** Select the **Data Source** tab, and select **SCRIPT** in the Data Collector drop-down +menu. + +![Query Properties window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/querypropertiesstandalone.webp) + +**Step 4 –** Click **Configure** or the **Browse Data Source** button to open the VBScript Editor +page and add the script to run. + +See the +[VBScript Editor](/docs/accessanalyzer/11.6/admin/datacollector/script/editor.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/services.md b/docs/accessanalyzer/11.6/admin/datacollector/services.md new file mode 100644 index 0000000000..3e95d193d0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/services.md @@ -0,0 +1,41 @@ +# Services Data Collector + +The Services Data Collector enumerates status and settings from remote services. The Services Data +Collector is a core component of Enterprise Auditor, but it has been preconfigured within the +Windows Solution. While the data collector is available with all Enterprise Auditor license options, +the Windows Solution is only available with a special Enterprise Auditor license. See the +[Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) +topic for additional information. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group + +## Services Query Configuration + +The Services Data Collector is configured through the Service Browser window. + +![Service Browser window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/servicebrowser.webp) + +- Host – Enter a sample host which contains all of the services desired for the query +- All Services – Select this option to build the query to extract information from all services on + the target host +- Specific Services – Select this option to build the query to extract information from specific + services on the target host. Select the checkboxes next to the desired services for the query + after clicking **Connect**. +- Connect – Click **Connect** to connect to the host and display a list of all services found +- Available Properties – Select the properties to be returned + +**NOTE:** In cases where the query does not find the selected services on the target host, the +`InternalName` column that is returned reflects the `DisplayName` column and no other values are +retrieved. If the services are found on the host, the `DisplayName` value in the table is resolved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/collectionmethod.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/collectionmethod.md new file mode 100644 index 0000000000..33ba6d536f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/collectionmethod.md @@ -0,0 +1,28 @@ +# SMARTLog: Collection Method + +The Collection Method page is used to select the collection method employed by the data collector. +It is a wizard page for all log types. + +![SMART Log DC Wizard Collection Method page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/collectionmethod.webp) + +Select the collection method from the following options to set how the collection routine is +executed to collect the data from the target. + +- Using network query – Connects to the target log over the network via RPC and reads events +- Using server side applet – Deploys a remote executable to the target host and then runs as a + process on the target host. It connects to the log, retrieves information, and returns it to the + Enterprise Auditor Console. + + **NOTE:** The applet cannot be used to target the local host. + +- Copy the log locally and process (Not available for all query scenarios) – Extract events from an + offline log by moving the log to the Enterprise Auditor Console and having it processed on the + local host instead of the target host. In order to use this option, the log type selected for the + query must be **Windows Event Log (Archived)**. + +The Applet Options section is only visible when the **Using server side applet** collection method +is selected. + +- Connection retries count – The number of times to retry a failed connection. The default is 15. +- Retry delay (ms) – The time between retries of a failed connection. The default is 5000 + milliseconds (5 seconds). diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteria.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteria.md new file mode 100644 index 0000000000..a9a3a145a3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteria.md @@ -0,0 +1,41 @@ +# SMARTLog: Criteria + +The Criteria page is used to specify the search criteria. A test query can be run with the sample +host entered on the Sample Host page to confirm the results that will be returned by the query. It +is a wizard page for all log types. + +![SMART Log DC Wizard Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +The **Limit number of records to** setting has a default of `1000`. + +Follow the steps to configure the search criteria. + +![Filter button on Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteriafilter.webp) + +**Step 1 –** Click **Filter** to add a condition or a group to the root of the query. + +- Click the ellipsis (**…**) to add a new condition or group under an existing group + +![Configure search](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteriarecordnumber.webp) + +**Step 2 –** Click **RecordNumber** to configure the search to look for specific events or a range +of events. + +**Step 3 –** Click **equals** and **``** to further configure the condition as required. + +**Step 4 –** (Optional) At the root or group level, click **AND** to change the logical operator for +that level. The available options are **AND**, **OR**, **NOT AND**, and **NOT OR**. + +**Step 5 –** Repeat steps 1 to 4 to configure all necessary criteria. + +- To remove a row (condition or group), click the ellipsis (**…**) on the row and select **Remove + Row** +- To remove all currently configured criteria, click **Filter** and select **Clear All** + +**Step 6 –** Click **Show data** to run a test query and sample the data that will be returned that +is connected to a target log based upon the configured criteria. The data is displayed in the +Records found table. + +The search criteria has now been configured and the results it returns tested. Configure the +criteria further if the returned results are not as expected, or click **Next** to continue to the +next wizard page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/eventlogoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/eventlogoptions.md new file mode 100644 index 0000000000..289ef5de78 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/eventlogoptions.md @@ -0,0 +1,11 @@ +# SMARTLog: Event Log Options + +The Event Log Options page is used to configure additional options. It is a wizard page for all log +types. + +![SMART Log DC Wizard Event Log Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/eventlogoptions.webp) + +The following additional options can be selected: + +- Lookup user name – Resolves SIDs found in the event descriptions to friendly display name values +- Resolve GUIDs – Resolves GUIDs found in the event descriptions to friendly display name values diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/logstate.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/logstate.md new file mode 100644 index 0000000000..2fed87d09c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/logstate.md @@ -0,0 +1,11 @@ +# SMARTLog: Log State + +The Log State page is used to configure how to search the log. It is a wizard page for all log +types. + +![SMART Log DC Wizard Log State page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/logstate.webp) + +Select the **Persist log state** checkbox to search the log from where the search last left off. A +state file is created for each host configured in the query. State files can be viewed within +Enterprise Auditor and are named by the query GUID. State files display the record the search last +left off on, the event log, and the date of the last entry. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/logtype.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/logtype.md new file mode 100644 index 0000000000..e5acaee8e1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/logtype.md @@ -0,0 +1,37 @@ +# SMARTLog: Log Type + +The Log Type page is used to select the log type to be processed. + +![SMART Log DC Wizard Log Type page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/logtype.webp) + +The log types are: + +- Windows Event Log – Connects to and extract information from any Windows event log made available + on the target host +- Windows Event Log (Archived) – Extract events from an offline log by moving the log to the + Enterprise Auditor Console and having it processed on the local host instead of the target host +- Internet Information Server Log – An Exchange query that returns information from Outlook Web + Access IIS logs found on CAS servers + + - The IIS log must be configured to generate specific columns in order for the SMARTLog Data + Collector to audit them. See the + [IIS Log Auditing Requirements](#iis-log-auditing-requirements) topic for additional + information. + +- File Change Detection Log – This is a legacy option. It should not be selected. + +## IIS Log Auditing Requirements + +The SMARTLog Data Collector needs the IIS logs to generate the following columns: + +- Date (date) +- Time (time) +- ClientIP (c-ip) +- UserName (cs-username) +- UriSteam (cs-uri-stem) +- UriQuery (cs-uri-query) +- Protocol Status (HttpStatus) +- Protocol substatus (HttpSubStatus) +- BytesSent (sc-bytes) +- BytesRecv (cs-bytes) +- UserAgent (cs(User-Agent)) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/overview.md new file mode 100644 index 0000000000..6b6f6cd074 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/overview.md @@ -0,0 +1,57 @@ +# SMARTLog Data Collector + +The SMARTLog Data Collector provides search and extraction of details from Windows Event Logs +(online or offline) and Microsoft Exchange Internet Information Server (IIS) logs. + +The SMARTLog Data Collector is a core component of Enterprise Auditor, but it has been preconfigured +within the Active Directory Solution, Exchange Solution, SQL Solution, and the Windows Solution. +While the data collector is available with all Enterprise Auditor license options, these solutions +are only available with a special Enterprise Auditor licenses. See following sections for additional +information: + +- [Active Directory Solution](/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md) +- [Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +- [SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/overview.md) +- [Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) + +Protocols + +- Log +- Remote Event +- RPC + +Ports + +- TCP 135 +- TCP 445 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Domain Administrators group (if targeting domain controllers) +- Member of the local Administrators group + +See the +[Exchange Remote Connections Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/remoteconnections.md) +topic for additional information related to permissions required for targeting Exchange servers. + +## SMARTLog Query Configuration + +The SMARTLog Data Collector is configured through the SMART Log DC Wizard, which contains the +following wizard pages: + +- Welcome +- [SMARTLog: Log Type](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/logtype.md) +- [SMARTLog: Sample Host](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/samplehost.md) +- [SMARTLog: Target Log](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlog.md) +- [SMARTLog: Results](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/results.md) +- [SMARTLog: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteria.md) +- [SMARTLog: Collection Method](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/collectionmethod.md) +- [SMARTLog: Log State](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/logstate.md) +- [SMARTLog: Event Log Options](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/eventlogoptions.md) +- [SMARTLog: Summary](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/summary.md) + +![SMART Log DC Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +There are no configurable settings on the Welcome page. Click **Next** to proceed to the Log Type +page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/results.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/results.md new file mode 100644 index 0000000000..18ddae90a8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/results.md @@ -0,0 +1,11 @@ +# SMARTLog: Results + +The Results page is where the events to be returned by the query are selected. It is a wizard page +for all log types. The description strings within the log records can also be selected for the +query. + +![SMART Log DC Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Click **Check all** to select all properties, **Uncheck all** to deselect all properties, or **Reset +Defaults** to return to the default settings. Available properties vary based on the category +selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/samplehost.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/samplehost.md new file mode 100644 index 0000000000..a88dbfd123 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/samplehost.md @@ -0,0 +1,54 @@ +# SMARTLog: Sample Host + +The Sample Host page is used to configure the host. It is a wizard page for all log types. + +![SMART Log DC Wizard Sample Host page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/samplehost.webp) + +Select a host for running a test query on the Criteria page from the following radio buttons: + +- Local Computer – localhost +- Another computer – If selecting another computer for the host, click the ellipsis to open the + Select Computer window. See the [Select Computer Window](#select-computer-window) topic for + additional information. + +## Select Computer Window + +![Select Computer window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/selectcomputerwindow.webp) + +If selecting another computer for the host, click the ellipsis to open the Select Computer window +and select a computer. The options in the Select Computer window are: + +- Object Types – Either enter the object type name in the textbox or click **Object Types** to + select the types of objects to find. The default is **Computer**. +- Locations – Click to select the location to search. The default is **Entire Directory**. +- Enter the object name to select – Manually enter objects into the text field + + - Click the **examples** link to access the Microsoft + [Object Picker UI](https://docs.microsoft.com/en-us/previous-versions/orphan-topics/ws.11/dn789205(v=ws.11)?redirectedfrom=MSDN) + article for additional information + +- Check Names – Click to verify the object names in the text field +- Advanced – Opens a window to perform advanced configurations of the Select Computer function + +![Advanced Select Computer window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp) + +The Common Queries section is included on the advanced Select Computer window in addition to object +type and location in the original Select Computer window. + +- Name – Select a qualifier from the drop-down menu and enter a name of an object in the associated + text box +- Description – Select a qualifier from the drop-down menu and enter a description in the associated + text box +- Select the **Disabled accounts** checkbox to include disabled accounts in the search +- Select the **Non-expiring password** checkbox to include non-expiring passwords in the search +- Select the number of **Days since last logon** from the drop-down menu +- Click the **Columns** button to open the Choose Columns window + + ![Choose Columns window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/choosecolumnswindow.webp) + + Select a column from the Columns available or Columns shown lists and click **Add** or + **Remove** to add or remove them from each column + +- Click **Find Now** to run a search for items matching the selected criteria in the location of the + object selected +- Click **Stop** to stop a search in progress diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/summary.md new file mode 100644 index 0000000000..4ead7d2b27 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/summary.md @@ -0,0 +1,8 @@ +# SMARTLog: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all log types. + +![SMART Log DC Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the SMART Log DC Wizard to ensure that no accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlog.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlog.md new file mode 100644 index 0000000000..489deec80b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlog.md @@ -0,0 +1,27 @@ +# SMARTLog: Target Log + +The Target Log page is where logs are selected to be collected. There are three versions of this +wizard page that change based on log type. This version is a wizard page for the log types of: + +- Windows Event Log (Archived) +- Internet Information Server Log + +See the +[SMARTLog: Target Log for Windows Event Log Type](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/windowseventlog.md) +and +[SMARTLog: Target Log for File Detection Log Type](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md) +topics for information on the other versions of this wizard page. + +![SMART Log DC Wizard Target Log page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlog.webp) + +The configurable options are: + +- Path – Enter or browse to the path to the log +- File mask – Enter file names to limit the file names to return from the path entered. Asterisks + can be used for wildcards. For example, `u_ex*.log` would match **u_ex170530.log**. When no mask + is set, all files from the listed path are returned. +- Log files to be processed – Select from the following options: + + - All + - Today + - For the last – Select the number of days or hours diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md new file mode 100644 index 0000000000..2b56cb35f8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md @@ -0,0 +1,15 @@ +# SMARTLog: Target Log for File Detection Log Type + +The Target Log page is where logs are selected to be collected. This version is a wizard page for +the File Change Detection log type. + +![SMART Log DC Wizard Target Log page for File Change Detection Log](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp) + +In the Exec server section, identify the server that will run the data collection by selecting one +of the following options: + +- Automatic (Local for NAS device hosts, Remote for Windows hosts) +- Local Enterprise Auditor Server +- Specific Remote Server – If selected, enter the server name in the Server textbox + +In the Log files to be processed section, set the filter criteria. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/windowseventlog.md b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/windowseventlog.md new file mode 100644 index 0000000000..16ea448f03 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/windowseventlog.md @@ -0,0 +1,9 @@ +# SMARTLog: Target Log for Windows Event Log Type + +The Target Log page is where logs are selected to be collected. This version is a wizard page for +the log type of Windows Event Log. + +![SMART Log DC Wizard Target Log page for Windows Event Log](/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp) + +Only one log can be targeted per query task. The selected log is displayed at the bottom of the +wizard page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/activitydatescope.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/activitydatescope.md new file mode 100644 index 0000000000..a02be3fff9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/activitydatescope.md @@ -0,0 +1,24 @@ +# SPAA: Activity Date Scope + +The Activity Date Scope page is where the range of dates for which the SharePoint activity scan will +collect data is configured. It is a wizard page for the category of Scan SharePoint Activity. + +![Activity Date Scope page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/activitydatescope.webp) + +Use the radio buttons to select the **Scan Filters**. + +- Relative Timespan + - Collect Activity from the last 180 days – The number of days to collect activity can be + configured with the up and down arrows + - Retain data – The timespan for data retention. Select from the drop-down list: + - within timespan + - forever +- Absolute Timespan + + - Start date – Click the down arrow to access the calendar and select the start date for data + collection + - End date – Click the down arrow to access the calendar and select the end date for data + collection + + **NOTE:** Selecting Absolute Timespan will not affect activity data collected during Relative + Timespan scans. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/activityloglocations.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/activityloglocations.md new file mode 100644 index 0000000000..5270d1ac7d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/activityloglocations.md @@ -0,0 +1,38 @@ +# SPAA: Activity Log Locations + +The Activity Log Locations page is where to manually configure log locations to avoid requiring +remote registry access to locate the activity event log files. It is a wizard page for the category +of Scan SharePoint Activity. + +![Activity Log Locations page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/activityloglocations.webp) + +The options in the Activity Log Locations page are: + +- Add – Opens the Customize Activity Log UNC Paths location window to add a new host +- Add Default – Opens the Customize Activity Log UNC Paths location window for the default host +- Edit – Opens the Customize Activity Log UNC Paths window for the selected host. If edits are made, + click **OK** to save the changes. +- Remove – Removes the selected host + +![Customize Activity Log UNC Paths Window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/customizeactivityloguncpaths.webp) + +The options in the Customize Activity Log UNC Paths Window are: + +- Host name – Host name of the targeted SharePoint On-Premises server or SharePoint Online tenant +- SBTFileMon.ini UNC path – UNC path to the location of the **SBTFileMon.ini** file (as configured + in **Activity Monitor** > **Monitored Hosts**) +- Activity log UNC path – UNC path to the location of the **SBTFileMon_Logs** folder containing the + Activity Logs (as configured in **Activity Monitor** > **Monitored Hosts**) + + **NOTE:** For On-Premises environments you do not need to specify an Activity Log UNC path as + the Data Collector will default to finding the log locations via the registry. + +- Activity archive UNC path – UNC path to the archive location of Activity Logs (as configured in + **Activity Monitor** > **Agents**). If archiving is not enabled in Activity Monitor this can be + left blank. + +**NOTE:** In any UNC paths, `%HOST%` will be replaced with the host name. + +See the Getting Started with SharePoint & SharePoint Online Activity Monitor topic in the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/additionalscoping.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/additionalscoping.md new file mode 100644 index 0000000000..b30dc1aa64 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/additionalscoping.md @@ -0,0 +1,26 @@ +# SPAA: Additional Scoping + +The Additional Scoping page is where the scan can be limited by depth of the scan. It is a wizard +page for the categories of: + +- Scan SharePoint Access +- Scan For Sensitive Content + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +![Additional Scoping page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/additionalscoping.webp) + +If checked, set the **Limit scanned depth to: [number] level(s)** option to the desired depth. If +this option is not checked then the entire farm is scanned. If the scoping depth is set to **0** +then only root site collections are scanned. Each increment to the depth adds an additional level of +depth from that point. + +Check the **Perform differential scan** box to enable the job to run a differential scan. +Differential scanning is enabled by default. When this option is enabled, SPAA scan will only parse +files for content/SDD if it has been modified since the last scan. + +**NOTE:** This option only applies to Tag collection and Sensitive data collection. Files will be +still be scanned for permissions regardless of whether this option is checked or not. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/agentsettings.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/agentsettings.md new file mode 100644 index 0000000000..6fe4bf057f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/agentsettings.md @@ -0,0 +1,19 @@ +# SPAA: Agent Settings + +The Agent Settings page is where the SharePoint Agent Service is configured. It is a wizard page for +the category of Scan SharePoint Access. + +![Agent Settings page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/windowsagent.webp) + +The **Enable Agent Service Scans** checkbox enables collecting SharePoint data through the agent +services instead of directly from SharePoint. This option requires a **Network Port** to be entered. +Agent Service Identity radio buttons are: + +- Use Job Credentials when job has same credentials as agent services +- Use Custom Identity for other agent service credential scenarios + - Specify identity in the format `spn:name` or `upn:name` + - The token `%HOST%` may be substituted for the host name + +This option requires the SharePoint Agent to be installed on the application server. See the +[SharePoint Agent Installation](/docs/accessanalyzer/11.6/install/sharepointagent/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.md new file mode 100644 index 0000000000..a5cf836e8e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.md @@ -0,0 +1,14 @@ +# SPAA: Bulk Import Settings + +The Bulk Import Settings page is where the bulk import process settings are configured. It is a +wizard page for the categories of: + +- Bulk Import Access Scan Results +- Bulk Import Sensitive Content Scan Results + +![Bulk Import Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.webp) + +Subsequent hosts in job lists will get host IDs incremented by 1. The Host Identifier may require an +offset to avoid overlapping IDs in collected data. If the **Set Host ID** checkbox is left +unchecked, then Enterprise Auditor assigns values starting from 1 to every host. This feature is +intended only for SQL Server Replication. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/category.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/category.md new file mode 100644 index 0000000000..6f6dc67c3e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/category.md @@ -0,0 +1,28 @@ +# SPAA: Category + +The SPAA Data Collector Category page contains the following query categories, sub-divided by +auditing focus: + +![Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The options on the Category page are: + +- The **SharePoint Access Audits** category scans hosts for SharePoint access information and has + two selections to choose from: + - Scan SharePoint Access – Performs SharePoint access audits + - Bulk Import Access Scan Results – Imports SharePoint access scan results into the Enterprise + Auditor database +- The **Sensitive Content** category scans hosts for sensitive data information and has two + selections to choose from: + - Scan for Sensitive Content – Scans for sensitive content on SharePoint + - Bulk Import Sensitive Content Scan Results – Imports sensitive content scan results into the + Enterprise Auditor database +- The **SharePoint Activity Audits** category scans hosts for SharePoint activity information and + has two selections to choose from: + - Scan SharePoint Activity – Scans SharePoint activity log files + - Bulk Import SharePoint Activity Scan Results – Imports SharePoint activity into the Enterprise + Auditor database + +_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to be +installed on the Enterprise Auditor Console. If the SharePoint Agent is used, then it must also be +installed on the application server that hosts the Central Administration component. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/configurejob.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/configurejob.md new file mode 100644 index 0000000000..338f05a619 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/configurejob.md @@ -0,0 +1,109 @@ +# SharePoint Custom Connection Profile & Host List + +The SPAA Data Collector requires a custom Connection Profile and a custom host list to be created +and assigned to the job conducting the data collection. The host inventory option during host list +creation makes it necessary to configure the Connection Profile first. While SharePoint on-premises +uses the Active Directory account type for the credential within a Connection Profile, it is +necessary for online credentials to be listed first in the credentials list within a Connection +Profile housing credentials to both environments. + +## SharePoint Farm + +This section describes the process to configure the Connection Profile and custom host list for +scanning SharePoint On-Premises. + +### SharePoint Farm Credential for a Connection Profile + +The provisioned credential used should be an Active Directory account. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Active Directory Account +- Domain – Drop-down menu with available trusted domains displays. Either type the short domain name + in the textbox or select a domain from the menu. +- User name – Type the user name +- Password Storage – Choose the for credential password storage: + - Application – Uses Enterprise Auditor’s configured Profile Security setting as selected at the + **Settings** > **Application** node + - CyberArk – Uses the CyberArk Enterprise Password Vault +- Password – Type the password +- Confirm – Re-type the password + +Once the Connection Profile is created, it is time to create the custom host list. See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +### SharePoint Farm Host in a Custom Host List + +The custom host list should include: + +- One application server per farm +- Host name without a domain suffix, this means the host name should not contain a period character + +See the +[Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) +section for instruction on creating a custom static host list. + +## SharePoint Online + +This section describes the process to configure the Connection Profile and custom host list for +scanning SharePoint Online using Modern Authentication. + +### SharePoint Online Credential for a Connection Profile using Modern Authentication + +The provisioned credential should be an Microsoft Entra ID Application. See the +[SharePoint Online Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/sharepointonline/access.md) +topic for instructions on registering and provisioning the Microsoft Entra ID Application manually +or via the SP_RegisterAzureAppAuth Instant Job. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Azure Active Directory +- Client ID – Application (client) ID of the Enterprise Auditor application registered with + Microsoft Entra ID +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Key – The comma delimited string containing the path to the certificate PFX file, certificate + password, and the Microsoft Entra ID environment identifier ( + `CertPath,CertPassword,AzureEnvironment`) + + The `AzureEnvironment` is typically 0 for the default Azure Production Environment. Other + possible values are: + + - 1 – PPE + - 2 – China + - 3 – Germany + - 4 – US Government + - 5 – US Government-High + - 6 – US Government-DoD + + An example string matching the configuration from above is: + + C:\Program Files + (x86)\STEALTHbits\StealthAUDIT\PrivateAssemblies\spaa_cert_myorg.pfx,PasswordGoesHere,0 + + **NOTE:** `PasswordGoesHere` should be replaced with the password used when generating the + self-signed X.509 certificate if the Microsoft Entra ID Application was Registered and + Provisioned manually or the $appPassword parameter used in the SP_RegisterAzureAppAuth Instant + Job if that method was used. + +Once the Connection Profile is created, it is time to create the custom host list. See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +### SharePoint Online Host in a Custom Host List + +The custom host list should include: + +- Web or cloud hosts should be specified using the full web DNS part of the site URL, for example an + Office 365 site with the URL http://TestSite.sharepoint.com should be added as a host with name + TestSite.sharepoint.com +- Do not use the admin site, for example TestSite-admin.sharepoint.com +- Do not use IP Addresses +- Host name must be in DNS format + +See the +[Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) +topic for instructions on creating a custom static host list. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/dlpauditsettings.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/dlpauditsettings.md new file mode 100644 index 0000000000..e4c7e612c8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/dlpauditsettings.md @@ -0,0 +1,44 @@ +# SPAA: DLP Audit Settings + +The DLP Audit Settings page is where sensitive data discovery settings are configured. It is a +wizard page for the category of Scan For Sensitive Content. + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +![DLP Audit Settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/dlpauditsettings.webp) + +Configure the **Scan Performance** options: + +- Don’t process files larger than: Size Limit [number] MB – Limits the files to be scanned for + sensitive content to only files smaller than the specified size. The checkbox is selected by + default. The default size is 2 MB. +- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn + as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU + threads available. + +Use the radio buttons to select the **File types to scan**: + +- Scan typical documents (recommended, fastest) – Scans most common file types +- Scan all document types (slower) – Scans all file types except those excluded +- Scan image files for OCR content – Use optical character recognition to scan image files for + sensitive data content + + **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents + directly converted to images, with standard fonts. It will not work for scanning photos of + documents and may not be able to recognize text on images of credit cards, driver's licenses, or + other identity cards. + +Use the checkboxes to select to **Store Match Hits**: + +- Store discovered sensitive data – Stores match hits for sensitive data in the SPAA Tier 2 + database. If this option is not selected, then the match hits for sensitive data are still + reported but the data columns are masked in the database. +- Limit stored matches per criteria to [number] – Enabled when the Store discovered sensitive data + checkbox is selected. Limits the number of stored matches per criteria to the specified number. + +_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to be +installed on the Enterprise Auditor Console. If the SharePoint Agent is used, then it must also be +installed on the application server that hosts the Central Administration component. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/droptables.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/droptables.md new file mode 100644 index 0000000000..f0c59c44f1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/droptables.md @@ -0,0 +1,46 @@ +# SPAA Drop Tables & Views Workflow + +If it becomes necessary to clear the SPAA Data Collector tables and views to resolve an issue, the +SP_DropTables Job is preconfigured to run analysis tasks that drop functions and views for the +SharePoint Solution as well as the standard tables and views generated by the **SPAA** Data +Collector. It is available through the Instant Job Library under the SharePoint library. Since this +job does not require a host to target, select **Local host** on the Hosts page of the Enterprise +Auditor Instant Job Wizard. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. + +## Analysis Tasks for the SP_DropTables Job + +Navigate to the **Jobs** > **SP_DropTables** > **Configure** node and select **Analysis** to view +the analysis tasks. + +**CAUTION:** Applying these analysis tasks will result in the deletion of collected data. + +![SP_DropTables Job Analysis tasks](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/droptablesanalysis.webp) + +The default analysis tasks are: + +- 1. Drop SPAA functions – Removes all functions and views from previous runs of the SharePoint + Solution +- 2. Drop SPAC imports – Drops the SharePoint Activity Auditing tables imported from the previous + runs +- 3. Drop SPDLP Tables – Drops the SharePoint Sensitive Data Discovery Auditing (SEEK) tables + imported from the previous runs +- 4. Drop SPAA Tables – Drops the SharePoint Access Auditing tables imported from the previous + runs + +Do not try to run these tasks separately, as they are designed to work together. Follow these steps +to run the analysis tasks: + +**Step 1 –** In the Analysis Selection Pane, click **Select All**. All tasks will be checked. + +**Step 2 –** Right-click the **SP_DropTables** Job and select **Run Job**. The analysis execution +status will be visible from the **Running Jobs** node. + +**Step 3 –** When the job has completed, return to the Analysis Selection Pane and click **Select +All** to deselect these analysis tasks. + +**_RECOMMENDED:_** Do not leave these analysis tasks checked in order to avoid accidental data loss. + +All of these tables have been dropped from the SQL Server database and the data is no longer +available. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/overview.md new file mode 100644 index 0000000000..09fd7c0b10 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/overview.md @@ -0,0 +1,65 @@ +# SharePointAccess Data Collector + +The SharePointAccess (SPAA) Data Collector audits access, group membership, and content within a +SharePoint on-premises and SharePoint Online environment. The SPAA Data Collector has been +preconfigured within the SharePoint Solution. Both this data collector and the solution are +available with a special Enterprise Auditor license. See the +[SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/overview.md) +topic for additional information. The SPAA Data Collector has the following requirements: + +Protocols + +- MS SQL +- Remote Registry +- SP CSOM (Web Services via HTTP & HTTPS) +- SP Server API +- WCF AUTH via TCP (configurable) + +Ports + +- Ports vary based on the Scan Mode selected and target environment. See the + [SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) + topic for additional information. + +Permissions + +- Permissions vary based on the Scan Mode selected and target environment. See the + [SharePoint Support](/docs/accessanalyzer/11.6/requirements/target/sharepoint.md) + topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +_Remember,_ if employing the Enterprise Auditor SharePoint Agent, it is also necessary for the +Sensitive Data Discovery Add-on to be installed on the server where the agent is installed. + +## SPAA Query Configuration + +The SharePointAccess Data Collector is configured through the SharePoint Access Auditor Data +Collector Wizard. The wizard contains the following pages, which change based up on the query +Category selected: + +- Welcome +- [SPAA: Category](/docs/accessanalyzer/11.6/admin/datacollector/spaa/category.md) +- [SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/settings.md) +- [SPAA: Scan Scoping Options](/docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.md) +- [SPAA: Additional Scoping](/docs/accessanalyzer/11.6/admin/datacollector/spaa/additionalscoping.md) +- [SPAA: Agent Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/agentsettings.md) +- [SPAA: Bulk Import Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.md) +- [SPAA: DLP Audit Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/dlpauditsettings.md) +- [SPAA: Select DLP Criteria](/docs/accessanalyzer/11.6/admin/datacollector/spaa/selectdlpcriteria.md) +- [SPAA: Activity Date Scope](/docs/accessanalyzer/11.6/admin/datacollector/spaa/activitydatescope.md) +- [SPAA: Activity Log Locations](/docs/accessanalyzer/11.6/admin/datacollector/spaa/activityloglocations.md) +- [SPAA: Test Access](/docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccess.md) +- [SPAA: Results](/docs/accessanalyzer/11.6/admin/datacollector/spaa/results.md) +- [SPAA: Summary Page](/docs/accessanalyzer/11.6/admin/datacollector/spaa/summary.md) + +![SPAA Data Collector Wizard Welcome Page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/welcomepage.webp) + +The Welcome page can be hidden by checking the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/results.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/results.md new file mode 100644 index 0000000000..daa0040f9c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/results.md @@ -0,0 +1,11 @@ +# SPAA: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +of the categories. + +![Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be checked individually, or the **Select All**and **Clear All** buttons can be used. +All checked properties are gathered. Available properties vary based on the category selected. This +information is not available within the standard reference tables. Instead, this information can be +viewed in the table created by the query task, for example SA_1-SPAA_SystemScans_Access table. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.md new file mode 100644 index 0000000000..ac4c101b6d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.md @@ -0,0 +1,91 @@ +# SPAA: Scan Scoping Options + +The Scan Scoping Options page provides scoping options to specify the list of URLs to be scanned. It +is a wizard page for the categories of: + +- Scan SharePoint Access +- Scan For Sensitive Content + +![Scan Scoping Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.webp) + +The options on the Scan Scoping Options page are: + +- Add – When a URL is entered in the text box, adds the URL to the Scope box + + - To scope for a SharePoint Host Named Site Collections, use the text box to enter the URL for + both the Web App and the HNSC with custom non-existent URL extensions added. See the + [Scoping to SharePoint Host Named Site Collections](#scoping-to-sharepoint-host-named-site-collections) + topic for additional information. + + **NOTE:** If sites are included in the Scope box, all other sites are excluded from the scan. + +- Import CSV – Opens a file explorer to browse for a CSV file +- Scope box – Lists all added URLs +- Scope drop-down list – Select include to include a URL in the scan. Select exclude to exclude a + URL from the scan. +- Remove – Removes the selected URL from the Scope box + +## Scoping to SharePoint Host Named Site Collections + +In order to scope to objects within host named site collections, add a scope line which includes the +URL of the web application containing the host named site collection. To scope the host named site +collection URL `http://sample.com/documents/` for a host named site collection that exists under the +web application URL `http://example.com`, follow the steps: + +**Step 1 –** Navigate to the **Scan Scoping Options** page. + +![Enter URL on Scan Scoping Options page example](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptionswebappurl.webp) + +**Step 2 –** In the text box, enter an invalid URL prefixed with the **Web App URL** which contains +the HNSCs. Click **Add**. + +- In the example the invalid Web App URL is: `http://example.com/hnsc_indicator/` + +**Step 3 –** In the text box, enter the HNSC URL to scope for. Click **Add**. + +- In the example, the HNSC URL entered to filter for is: `http://sample.com/documents/` + +![Scan Scoping Options example](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptionsexample.webp) + +**Step 4 –** The Web App URL must appear above the HNSC URL, as depicted in the example above. + +**Step 5 –** The SharePoint Access Auditor Data Collector Wizard is now configured to filter for the +URL inside the SharePoint Host Named Site Collections. + +## Virtual Hosts + +In order to decrease the scan time in large SharePoint Online environments, it is possible to break +Site Collections for a single host down into subsets, or **Virtual Hosts**, that are treated as +separate hosts by Enterprise Auditor. This allows multiple scans of a single host to be run +concurrently. Follow the steps to configure this. + +![CSV file with host and site collection information](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/virtualhostscsv.webp) + +**Step 1 –** Create a new CSV file. Add into rows the information for the host and site collection +URLs you want to scan in the format `HOSTNAME#DESIGNATOR;URL`. + +- Each unique `DESIGNATOR` is treated as a separate host comprised of the specified URLs. + +![Host List for targeting the Virtual Hosts](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/virtualhostshostlist.webp) + +**Step 2 –** Configure the Host List for SPAA or SPSEEK scans to target these Virtual Hosts using +the format `HOSTNAME#DESIGNATOR`. + +![SPAA Data Collector Wizard Scan Scoping Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp) + +**Step 3 –** On the Scan Scoping Options page of the SharePoint Access Auditor Data Collector +Wizard, use the **Import CSV** button to import the information from the CSV file created in Step 1. + +**Step 4 –** Click **Next** to continue through the other pages of the SharePoint Access Auditor +Data Collector Wizard. Then click **Finish** on the Summary Page. + +Enterprise Auditor is now configured to scan multiple site collections for the same host +concurrently. + +A new host folder is created for each Virtual Host in `Jobs/SA_CommonData/SHAREPOINTACCESS`. You +will also see a separate line on the Running Instances tab for each Virtual Host included in the +scan. + +**NOTE:** The Host List for Bulk Import should be configured to contain each Virtual Host included +in the above scan using the `HOSTNAME#DESIGNATOR` format. After Bulk Import, the data contained in +Tier 1 Database tables and views will resemble a scan run against multiple hosts. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/selectdlpcriteria.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/selectdlpcriteria.md new file mode 100644 index 0000000000..52a809d243 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/selectdlpcriteria.md @@ -0,0 +1,42 @@ +# SPAA: Select DLP Criteria + +The Select Criteria page is where criteria to be used for discovering sensitive data are configured. +It is a wizard page for the category of Scan For Sensitive Content. This page requires the Sensitive +Data Discovery Add-On to be been installed on the Enterprise Auditor Console to define the criteria +and enable the Criteria Editor. If the SharePoint Agent is used, then it must also be installed on +the application server that hosts the Central Administration component. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +![Select DLP criteria for this scan page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/selectdlpcriteria.webp) + +The options on the Select DLP Criteria page are: + +- Use Global Criterion Selection – Check this option to inherit sensitive data criteria settings + from the **Settings** > **Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md) + topic for additional information. +- Use the following selected criteria – Check this option to use the table to select which sensitive + data criteria to scan for +- Select All - Click **Select All** to enable all sensitive data criteria for scanning +- Clear All - Click **Clear All** to remove all selections from the table +- Check the boxes next to the sensitive data criteria options to enable it to be scanned for during + job execution + +The table contains the following types of criteria: + +**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System +Criteria and User Criteria nodes are visible in the table. + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit + user-defined criteria. See the + [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md)topic + for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/settings.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/settings.md new file mode 100644 index 0000000000..b36ec5341c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/settings.md @@ -0,0 +1,76 @@ +# SPAA: SharePoint Data Collection Settings + +The SharePoint data collection settings page is where additional scan settings are configured. It is +a wizard page for the categories of: + +- Scan SharePoint Access +- Scan For Sensitive Content + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +![SharePoint data collection settings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/datacollectionsettings.webp) + +The Probable Owners section provides options for how probable ownership will be calculated: + +- Limit maximum number of Probable Owners per resource: [number] – Return the maximum user supplied + number of probable owners per resource + +The Collect Personal Sites checkbox enables or disables collection during the scan of personal site +collections of individual users. Personal site collections are a SharePoint feature which gives +every user their own site collection, and which are used by Office 365 to store a user’s OneDrive +files. Personal sites are configured by default to only be accessible by the user to whom they +belong, and so it is likely that the Connection Profile that the data collector is assigned may not +have access to some users’ personal sites. There are three radio buttons for identifying how the +query treats personal sites to which it does not have access: + +- Skip inaccessible personal sites – Inaccessible personal sites are not scanned +- Force scan account as admin of inaccessible personal sites – Make the Connection Profile + credentials a Site Collection Administrator of any personal sites to which it does not have + access: + + - The personal sites will be scanned + - When the scan is complete, the permissions are restored to what they were prior to the scan, + referring to those credentials made a Site Collection Administrator of personal sites in order + to conduct the scan. + - Requires the account used in the Connection Profile credentials to have the Global + Administrator role for SharePoint Online or be a Farm Administrator for SharePoint on premise. + This permission is required to facilitate altering the administrators of site collections. + + **NOTE:** The Microsoft SharePoint API employed to remove personal Site Collection + Administrator is unreliable, and occasionally the scanning account is left as a Site + Collection Administrator of personal sites. This may leave the scanning account visible to + SharePoint users on the permissions of the files in their personal sites. + + **_RECOMMENDED:_** Only use this option if that account is clearly identifiable as an + administrative account, and users are advised of the possibility that the account could + appear on the permissions of their personal site collection documents. + +- Force Company Administrator as admin of inaccessible personal sites – Make the special Company + Administrator account an administrator of any personal sites to which it does not have access + + - The personal sites will be scanned + - When the scan is complete, the Company Administrator account is left as an administrator of + the users’ personal site collections + - Requires the account used in the Connection Profile credentials to have the Global + Administrator role for SharePoint Online or be a Farm Administrator for SharePoint on premise. + This permission is required to facilitate altering the administrators of site collections. + + **NOTE:** The Company Administrator account is a special SharePoint Online and SharePoint + 2013 group which contains all accounts which have the Global Administrators role. + +The **Extract Document Tags** option enables the collection of metadata tags from Microsoft Office +files in SharePoint. Since this option requires the retrieval and scanning of each document, it +results in a noticeable increase in scan time. + +- Select a preferred zone – Use the drop-down list to select a preferred zone within the web + application to target the scan. If a targeted web application does not have the selected preferred + zone, the scan targets the default zone for that web application. Options include: + + - Default + - Intranet + - Internet + - Custom + - Extranet diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/standardtables.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/standardtables.md new file mode 100644 index 0000000000..687116e9b9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/standardtables.md @@ -0,0 +1,142 @@ +# Standard Reference Tables & Views for the SPAA Data Collector + +The SPAA Data Collector gathers essential SharePoint on-premises and SharePoint Online information +into standard reference tables. Unlike most of the other Enterprise Auditor data collectors, the +SPAA Data Collector writes data to these tables regardless of the job executing the query. + +## SharePoint Access Auditing Tables & Views + +The tables and their associated views are grouped by types. + +Structure Tables + +| Tables | Details | +| ----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_SPAA_Hosts | Contains the names and ID of all SharePoint hosts that have been scanned for permissions. | +| SA_SPAA_Resources | Contains information about all audited resources, which can be site collections, sites, libraries, lists, or folders. This provides information on the hierarchy relationship, as well as references to the name and rights applied to that folder. | +| SA_SPAA_Sharing | Contains the view and edit links for anonymously shared resources, indicates if a resource is shared directly with trustees, and indicates whether a resource has a pending sharing request. | +| SA_SPAA_SharingUsers | Contains information about the users to whom resources are shared with such as their email, login name, title, department, and describes whether the sharing grants is view only or edit permissions. | +| SA_SPAA_SiteCollections | Contains a list of site collections that were audited and references the SA_SPAA_Resources and SA_SPAA_Trustees tables for the administrators of each site collection. | +| SA_SPAA_WebApplications | Contains a list of web applications audited. | +| SA_SPAA_WebAppURls | Contains a list of URLs for each web application audited. | + +Trustee Tables + +| Tables | Details | +| --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_SPAA_Trustees | Contains information about any domain user, group, or security principal that has been assigned permissions. This table does not contain local user and groups, as none of the trustees in this table are specific to any one host. | +| SA_SPAA_TrusteeGroupMembers | Table contains information on SharePoint group membership. | + +Access Calculation Tables + +| Tables | Details | +| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_SPAA_Permissions | Contains information on the actual permissions that have been granted to resources. Each entry summarizes the rights assigned to every trustee that would appear on the permissions of a SharePoint resource. | +| SA_SPAA_Roles | Contains information about all of the roles on all of the site collections. | +| SA_SPAA_RolesProxy | Contains a mapping of role sets to individually assigned role definitions. A role set is a distinct set of roles that are applied to one or more resources. | +| SA_SPAA_WebAppPolicies | Contains summarized rights for every trustee in a web application policy. Each policy refers to a specific URL within that web application. | + +Calculated Tables + +| Tables | Details | +| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_SPAA_Exceptions | Contains information about security issues and concerns. One out-of-the-box exception stored inside this table is the Open Resource exception, which identifies where resources are open to Everyone, Authenticated Users, or Domain Users. | +| SA_SPAA_ExceptionTypes | Contains summary information about exceptions. It details how many exceptions are found on each host scanned and breaks them down by exception type. | + +Content Tables + +| Tables | Details | +| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_SPAA_DocumentMetaData | Contains all of the details about all of the files found on the audited SharePoint environment. It will list information like the file size, the number of versions of each file, the author editor of the file, and the editor of the file. | +| SA_SPAA_ProbableOwners | Contains information about the probable owners of the files stored within the audited SharePoint folders and lists. This table will tell what trustees own the most files and, therefore, may be the owners of the entire folder or the list. | +| SA_SPAA_TagProxies | Contains a mapping of tag sets to individual tags. A tag set is a distinct collection of tags appearing together in one or more documents. | +| SA_SPAA_Tags | Contains the individual tags which were found in documents. | + + Views are the recommended way for Enterprise Auditor users to obtain the information gathered by +the SPAA Data Collector. They contain additional information for building queries easily. The +following is an explanation of the corresponding views created for some of the tables generated by +the SPAA Data Collector: + +Permission Views + +| Views | Details | +| ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_SPAA_PermissionsView | Provides any object permission, regardless of whether they have been made directly to folders or are inherited. An object includes site, site collection, list, library, folder, and so on. | +| SA_SPAA_DirectPermissionsView | Provides permissions that are directly applied to resources. | +| SA_SPAA_EffectiveAccessView | Provides information on every trustee with access to a resource and the trustee’s level of access. This will do complete group expansion, but also take into account security principals such as Authenticated Users. Also, this view will not just expand permissions; it will calculate access by making sure every user has access to the web application. | +| SA_SPAA_WebAppPoliciesView | Provides details around the web application policies that are applied to the audited SharePoint environment. These policies allow or deny access to the entire web application for the specified trustees. | + +Resources Views + +| Views | Details | +| ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_SPAA_SiteCollectionsView | Provides information about each site collection. | +| SA_SPAA_SiteCollectionsTraversalView | Provides information about resources and about navigation of these resources, such as their URL, the site collection they belong to, how deeply nested they are beneath the site collection, and so on. | + +Calculated Views + +| Views | Details | +| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_SPAA_ExceptionsView | Provides information on instances of exceptions that exist on the audited hosts. This view will contain a row for each exception type for each host. Exceptions are specific conditions set forth by Enterprise Auditor that are considered to be issues, such as folders with open access. | + +Additional Views + +| Views | Details | +| ----------------------------- | ---------------------------------------------------------------------------------------------- | +| SA_SPAA_LocalGroupMembersView | Provides information on the local groups present on each host and the members of those groups. | + +Legacy Views + +| Views | Details | +| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_SPAA_PermissionScopeResources | Provides information on the actual permissions that have been granted to resources. Each entry summarizes the rights assigned to every trustee that would appear on the permissions of a SharePoint resource. | + +## SharePoint Activity Auditing Tables & Views + +The tables and their associated views are: + +Activity Changes Tables (SPAC) + +| Tables | Details | +| ----------------------- | -------------------------------------------------------------------------------------- | +| SA_SPAC_ActivityDates | Contains a list of all dates of activities collected during scans. | +| SA_SPAC_ActivityEvents | Contains all of the logged activity events. | +| SA_SPAC_ActivitySources | Contains a list of all sources of activity collected during scans. | +| SA_SPAC_EventNames | Contains a list of SharePoint event names, their IDs, and a description of each event. | + +Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the +SPAA Data Collector. They contain additional information for building queries easily. The following +is an explanation of the corresponding views created for some of the tables generated by the SPAA +Data Collector: + +Activity Changes Views (SPAC) + +| Views | Details | +| -------------------------- | --------------------------------------------- | +| SA_SPAC_ActivityEventsView | Provides detailed activity event information. | + +## SharePoint Sensitive Data Discovery Auditing Tables & Views + +The tables and their associated views are: + +**NOTE:** Lists and libraries are excluded from Sensitive Data Discovery Auditing. + +SPDLP Tables + +| Tables | Details | +| ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_SPDLP_Criteria | Contains the sensitive data criteria which are selected for collection by the scan engine (data collector configuration). | +| SA_SPDLP_Matches | Contains rolled up aggregate counts of the sensitive data criteria matches found during the scan. | +| SA_SPDLP_MatchHits | Contains the actual sensitive data within files that matched selected criteria. For example, if the credit card criteria is used, this table will contain the potential credit card numbers identified within each files with hits. | + +Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the +SPAA Data Collector. They contain additional information for building queries easily. The following +is an explanation of the corresponding views created for some of the tables generated by the SPAA +Data Collector: + +SPDLP Views + +| Views | Details | +| ---------------------- | ------------------------------------------------------------------------------------------- | +| SA_SPDLP_MatchesView | Surfaces all relevant data about the files, its location, and the type of criteria found. | +| SA_SPDLP_MatchHitsView | Surfaces all actual sensitive data discovered within files which matched selected criteria. | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/summary.md new file mode 100644 index 0000000000..fc83f8e637 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/summary.md @@ -0,0 +1,10 @@ +# SPAA: Summary Page + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +-![Summary Page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/summarypage.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the SharePoint Access Auditor Data Collector Wizard ensuring that no +accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccess.md b/docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccess.md new file mode 100644 index 0000000000..6ad1a69633 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccess.md @@ -0,0 +1,30 @@ +# SPAA: Test Access + +Use the Test Access page to check access to SharePoint On-Premises environments. The Test Access +function uses each credential in a job's Connection profile to test access to a SharePoint +environment. The Test Access page tests access to the following: + +- Access to the remote registry +- SQL Access (for databases associated with the SharePoint farms) +- All Web Applications in the SharePoint environment + +![Test Access page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccess.webp) + +The options and sections on the Test Access page are: + +- SharePoint App Server – Enter the server name for the SharePoint environment in the SharePoint App + Server text box. Click **Check Access** to test access to the SharePoint environment. + + - For example – `sbnjqasp30` or `sbnjqasp3.qa.com` + - Do not include `http[s]://` or use a URL for the server name. The Test Access function cannot + be scoped to individual Web applications. + +- Access Test Results – Displays information on test results. Test criteria are listed in the + **Description** column. Test results will be returned as either **Pass** or **Fail** in the + Results column. +- Save Report – Click **Save Report** to export and save a text version of the test results + +| | | +| ---------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | +| ![Successful test example](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccessgoodtest.webp) | ![Unsuccessful test example](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccessbadtest.webp) | +| **Successful Test (Correct Credentials)** | **Unsuccessful Test (Incorrect Credentials)** | diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/category.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/category.md new file mode 100644 index 0000000000..fce0d514ab --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/category.md @@ -0,0 +1,147 @@ +# SQL: Category + +The Category page in the SQL Data Collector Wizard lists the available query categories, sub-divided +by auditing focus. + +![SQL Data Collector Wizard Category Page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The query categories are: + +- Permissions + + - Permissions Collection – Gather permissions on server and database objects + +- Server Audits + + - Server Audits Events Collection – Gather events from SQL server audits + +- Sensitive Data + + - Sensitive Data Collection – Scan databases for sensitive data + + **NOTE:** The Sensitive Data category options require the Sensitive Data Discovery Add-on to + have been installed on the Enterprise Auditor Console before the SQL Data Collector can collect + sensitive data. See the + [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) + topic for additional information. + +- Microsoft SQL Server + + - Discovery + + - Enumerate Network – Enumerate local network for browsable SQL server instances visible to + the storage host + + - Custom SQL Query + + - Custom Query – Run a custom SQL query against a SQL database + + - Infrastructure + + - Server Properties – Information about the server + - Configuration Properties – Information about server configuration + - Version Information – Version information about Microsoft SQL server + - File Groups – File group information + - Files – File information + - Database Information – Information about databases + + - Operations + + - Database Without Backups – List of all databases without backups + - Latest Week Backups – List of latest week database backups + + - Utilities + + - Remove Storage Tables – Removes the tables created and used by the SQL server data + collector + + - Legacy Queries + + - Server Principles – Data for every server level principal + - Database Principles – Data for every database level principal + - Server Permissions – Data about server permissions + - Database Permissions – Data about database permissions + - Server Roles – Data about server roles + - Database Roles – Data about database roles + - System Objects – Data about system objects + - Object Collection – Collects SQL server objects + +- Oracle + + - Custom Oracle Query + + - Custom Oracle Query – Run a custom SQL query against an Oracle container + + - Infrastructure + + - Version Information – Version information about the Oracle database + - File Group Information – Information about file groups and tablespaces + - Data File Information – Information about data files + - Database Information – Information about database configurations + - Initialization Parameter Information – Information about initialization parameters + - System Parameter Information – Information about system parameters + - Container Information – Information about the containers of the databases, both root and + pluggable + - Pluggable Databases History – View of the pluggable databases (PBD) history + - Database Instance Information – Shows information about the current instance of the + database + - Free Space in Tablespaces – Describes the free extents in all tablespaces in the database + + - Operations + + - Latest Week Backup – Information about the latest week backup + - Oldest and Newest Backup – Information about the oldest and the most recent backups + - Database File Without Backup – Indicates file names of the files that are not present in + the RMAN backup + + - Utilities + + - Remove Storage Tables – Removes the tables created and used by the Oracle Data Collector + +- Azure SQL + + - Discovery + + - Enumerate Azure SQL Instances – Enumerate Azure SQL instances and Azure resources + + - Utilities + + - Remove Storage tables – Removes the tables created and used by Azure SQL Discovery + +- MySQL + + - Custom MySQL Query + + - Custom Query – Run a custom SQL query against a SQL database + + - Utilities + + - Remove Storage Tables – Removes tables created for MySQL Data Collector + +- PostgreSQL + + - Custom PostgreSQL Query + + - Custom Query – Run a custom SQL query against a SQL database + + - Utilities + + - Remove Storage Tables – Removes tables created for PostgreSQL Data Collector + +- Db2LUW + + - Custom Db2LUW Query + + - Custom Query – Run a custom SQL query against a SQL database + + - Utilities + + - Remove Storage Tables – Removes tables created for Db2LUW Data Collector + + - Db2LUW Permissions Scan + + - Db2LUW Permissions Scan – Collect permissions from the targeted instances + +- Utilities + + - Remove Storage Data – Removes stored data for specific instances on a specific host diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/configurejob.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/configurejob.md new file mode 100644 index 0000000000..568139e896 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/configurejob.md @@ -0,0 +1,71 @@ +# SQL Custom Connection Profile & Default Dynamic Host List + +The SQL Data Collector requires a custom Connection Profile and Host List. The **SQL SERVERS** +default host list can be used with this data collector for the SQL Solution. The host inventory +option during host list creation makes it necessary to configure the Connection Profile first. + +## Connection Profile + +Create a Connection Profile and set the following information on the User Credentials window. + +- For an Active Directory account: + + - Select Account Type – Active Directory Account + - Domain – Drop-down menu with available trusted domains will appear. Either type the short + domain name in the textbox or select a domain from the menu. + - User name – Type the user name + - Password Storage – Choose the desired option for credential password storage: + + - Application – Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information. + - CyberArk – Uses the CyberArk Enterprise Password Vault. See the + [CyberArk Integration](/docs/accessanalyzer/11.6/admin/settings/connection/cyberarkintegration.md) + topic for additional information. The password fields do not apply for CyberArk password + storage. + + - Password – Type the password + - Confirm – Re-type the password + +- For a SQL account: + + - Select Account Type – SQL Authentication + - User name – Enter user name + - Password Storage – Application (Uses the configured Profile Security setting as selected at + the **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) + - Password – Type the password + - Confirm – Re-type the password + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +## Host List + +The required host list depends on the database that the SQL data collector is being used for. + +### Default Dynamic Host List (SQL) + +Jobs using the SQL Data Collector can use the SQL Servers default host list. This is a dynamic host +list that is populated from hosts in the Host Master Table which meet the host inventory criteria +for the list, `IsSQLServer = True`. Since the SQL Servers host list is default, it is available to +jobs and job groups for host assignment. See the +[Host Management](/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md) +topic for additional information. + +### Oracle / MySQL / PostgreSQL / Db2 + +Jobs in the Oracle, MySQL, Postgre SQL, or Db2 solution using the SQL Data Collector must be +configured to query a host list with the servers containing the target databases. Setup the list of +hosts that needs to be monitored. Be sure to use a specific host name (if forcing the connection to +a secondary host) or just the server name if connecting to the server. See the +[Host Management](/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md) +topic for additional information. + +Additionally, the database instances must be added to the Filter page in the query configuration. +See the +[SQL: Filter](/docs/accessanalyzer/11.6/admin/datacollector/sql/filter.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/criteria.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/criteria.md new file mode 100644 index 0000000000..360ccd2c57 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/criteria.md @@ -0,0 +1,42 @@ +# SQL: Criteria + +The Criteria page is where criteria to be used for discovering sensitive data are configured. It is +a wizard page for the Sensitive Data Collection category. + +This page requires the Sensitive Data Discovery Add-On to be installed on the Enterprise Auditor +Console to define the criteria and enable the Criteria Editor. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +![SQL Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +The options on the Criteria page are: + +- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings + from the **Settings > Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md) + topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for + + - Select All– Click **Select All** to enable all sensitive data criteria for scanning + - Clear All – Click **Clear All** to remove all selections from the table + - Select the checkboxes next to the sensitive data criteria options to enable it to be scanned + for during job execution + +The table contains the following types of criteria: + +**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System +Criteria and User Criteria nodes are visible in the table. + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in the **Settings > Sensitive Data** to create and edit + user-defined criteria. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. + +**NOTE:** Adding unnecessary criteria can adversely impact the scanner performance and can cause the +scanning job to take a long time. If performance is adversely affected, revisit the sensitive data +scanning criteria and remove criteria that is not required. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/customqueryoracle.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/customqueryoracle.md new file mode 100644 index 0000000000..da276422e1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/customqueryoracle.md @@ -0,0 +1,20 @@ +# SQL: Custom Oracle Query + +The Custom Query page for a Custom Oracle Query contains the same options as the Custom Query page +for a custom SQL query, with the addition of the **Convert CDB to DBA on non-container databases** +checkbox. It is a wizard page for the Custom Oracle Query category. + +![SQL Data Collector Wizard Custom Query page for a Custom Oracle Query](/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/customqueryoracle.webp) + +The configurable options are: + +- Test Database: + + - Data Source – Select the host\instance from the drop-down menu + - Database – Select the database from the drop-down menu + + - Convert CDB to DBA on non-container databases + +- SQL Query textbox – Enter the custom SQL script +- Validate Query – Click to test the query, results display in the box +- Row limit – Enter a number to limit the rows the query is tested on diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/customquerysql.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/customquerysql.md new file mode 100644 index 0000000000..91de38856a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/customquerysql.md @@ -0,0 +1,22 @@ +# SQL: Custom SQL Query + +The Custom Query page for a Custom SQL Query contains the following configuration options. It is a +wizard page for the following categories: + +- Custom MySQL Query +- Custom PostgreSQL Query +- Custom SQL Query +- Custom Db2LUW Query + +![SQL Data Collector Wizard Custom SQL Query Page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/customsqlquery.webp) + +The configurable options are: + +- Test Database: + + - Data Source – Select the host\instance from the drop-down menu + - Database – Select the database from the drop-down menu + +- SQL Query textbox – Enter the custom SQL script +- Validate Query – Click to test the query, results display in the box +- Row limit – Enter a number to limit the rows the query is tested on diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/filter.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/filter.md new file mode 100644 index 0000000000..05a6b55055 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/filter.md @@ -0,0 +1,154 @@ +# SQL: Filter + +The Filter page is where the query can be scoped to target specific databases or instances. It is a +wizard page for the categories of: + +- Permissions > Permissions Collection +- Server Audits > Server Audit Events Collection +- Sensitive Data > Sensitive Data Collection +- Microsoft SQL Server: + + - Discovery + - Custom SQL Query + - Infrastructure + - Operations + - Utilities > Remove Storage Tables + - Legacy Queries + +- Oracle: + + - Custom Oracle Query + - Infrastructure + - Operations + - Utilities > Remove Storage Tables + +- MySQL: + + - Custom MySQL Query + - Utilities > Remove Storage Tables + +- PostgreSQL: + + - Custom PostgreSQL Query + - Utilities > Remove Storage Tables + +- Db2LUW: + + - Custom Db2LUW Query + - Utilities > Remove Storage Tables + - Db2LUW Permissions Scan + +- Utilities – Remove Storage Data + +It is necessary for the SA_SQL_Instances table to be populated before available databases/instances +can populate the Available Server audits list. For Oracle and SQL, the SA_SQL_Instances table is +populated through an instance discovery query. See the +[0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/0-sql_instancediscovery.md) +topic for additional information. For PostgreSQL and MySQL Scans, the SA_SQL_Instances table is +populated manually in the Manage Connections window. See the +[Manage Connections Window](#manage-connections-window) topic for additional information. Once the +table has been populated, a query can be scoped. + +![SQL Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.webp) + +The configurable filter options are: + +- Connections — Opens the Manage Connections window to add or modify database instances. See the + [Manage Connections Window](#manage-connections-window) topic for additional information. +- Filter options + + - All database objects — No scoping + - Only select database objects — Scope to specific databases + + - Click **Retrieve** to display available server audits + +- Available database objects — Displays known databases and instances for query scoping + + - Select from the available list and click **Add** + +- Selected databases or instances — Displays selected database objects for which the query has been + scoped. Additional options include: + + - Remove — Removes the selected database/instance from the query + - Include — Reverts an exclusion. By default, all sub tables are included. + - Exclude — Excludes selected databases/instances and displays them in red + - Add Custom Filter — Opens the Add custom filter window to build a custom filter to be applied + to the selected databases/instances. See the + [Add Custom Filter Window](#add-custom-filter-window) topic for additional information. + - Import CSV — Import a list of databases/instances from a CSV file + - Export CSV — Exports the list of databases/instance to a CSV file through the Save As window + +## Manage Connections Window + +The Manage Connections window enables you to add database instances to search. Click the +**Connections** button to open it. + +![Manage Connections window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/manageconnections.webp) + +The Manage Connections table lists the previously added database instances and their attributes. +Select a row in the table to edit that instance, or create a new instance to add to the table: + +- Is Active — Select the checkbox to include the database on the Servers Pane on the Filter page +- Instance Label — The name of the server +- Database System — Select from a list of available databases +- Service Name — Name of the service +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the database. If a non-default port is being used, it should be + specified in the Port Number section. +- Default Database — Account used to access the database. Admin is recommended. +- Enable impersonation — Select to enable impersonation +- Service Type— If applicable, select whether the service type is **Service** or **SID** + +In the Manage Connections Table, the following information is also listed: + +- Was Inspected — Indicates whether information for a connection was validated. **Y** indicates the + information has been validated. **N** indicates the information has not been validated. +- Last Inspected — Indicates the date and time of when the connection information was last + inspected. If blank, the connection information has not yet been validated. + +The Manage Connections window has the following buttons: + +- Test Connection — Click to verify the connection to the database with the connection profile + applied to the job group +- Edit Connection — Click to edit information for the selected connection +- Delete Connection — Click to delete the selected connection +- Create New — Click to create a new connection + +#### Add Custom Filter Window + +The Add custom filter window opens from the Filter page of the SQL Data Collector Wizard. It enables +you to apply a custom scoping filter to the query. + +![Add custom filter window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/addcustomfilter.webp) + +Type the filter in the window and click Save. The following characters can be used in the filter: + +- Forward slash (/) – Path separator +- Asterisk (\*) – Wild card for any combination of characters +- Question mark (?) – Wild card for a single character + +Use the following format to add a custom filter for a server: + +- SQL: + + [SQL Server Name]/[Host or IP Address]/[Database Name]/[TableName] + +- Oracle: + + [Oracle Server Name]/[Host or IP Address]/[Container Name]/[Schema]/[Table Name] + +- Azure SQL: + + [Azure SQL Server Name]/[Host or IP Address]/[Database Name]/[Table Name] + +- MySQL: + + [MySQL Server Name]/[Host or IP Address]/[DastabaseName]/[TableName] + +- PostgreSQL: + + [PostgreSQL Server Name]/[Host or IP Address]/[DastabaseName]/[Schema]/[TableName] + +- Db2: + + [Db2LUW Server Name]/[Host or IP Address]/[DastabaseName]/[TableName] diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/options.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/options.md new file mode 100644 index 0000000000..fe53dd6dc2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/options.md @@ -0,0 +1,86 @@ +# SQL: Options + +Use the Options page to configure additional settings. The contents of the page vary according to +the category selected. The Options page is a wizard page for the categories of: + +- Server Audits +- Sensitive Data + +## Server Audits + +Use the Options page to specify collection options to use when gathering server audits. This is a +page for the Server Audits Events Collection category. + +![SQL Data Collector Wizard Options page for Server Audit](/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/optionsserveraudits.webp) + +The scan options are: + +- Collect only events since last scan – Differential scanning +- Process each audit file individually +- Number of days you want to keep events in the database – Data retention period, set to 15 days by + default +- Collection Method – Choose a collection method: + + - Collect audits by name + - Collect audits by path + +## Sensitive Data + +Use the Sensitive Data Scan Settings (Options) page to specify collection options to use when +gathering server audits. This is a page for the Sensitive Data Collection category. + +![SQL Data Collector Wizard Options page for Sensitive Data](/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/optionssensitivedata.webp) + +The sensitive data scan settings are: + +Scan Options + +- Scan tables for sensitive data – Scans the tables within the database for sensitive data + + - The Oracle default is set for optimal performance for a high-level scan of only tables + +- Scan views for sensitive data – Scans views for sensitive data + +Data Settings + +- Scan individual columns for sensitive data – Scans individual columns within the database for + sensitive data +- Scan full rows for sensitive data – Scans full rows within the database for sensitive data +- Scan all rows for sensitive data – Scans all rows within the database for sensitive data +- Limit rows to scan – Select the number of rows to scan for sensitive data. Select the **Use random + sampling** checkbox to enable random sampling for checking for sensitive data. + +Meta Data Options + +- Scan database names for sensitive data – Scans database names for sensitive data if the database + names are included as part of the keyword list in the scanning criteria +- Scan table names for sensitive data – Scans table names within the database for sensitive data if + the table names are included as part of the keyword list in the scanning criteria +- Scan column names for sensitive data – Scans column names within the database for sensitive data. + This scans all column names of every table for sensitive data if the column names are included as + part of the keyword list in the scanning criteria. + +Large Data Type Options + +- Included binary data types (BLOB, NLOB, LONGRAW, VARBINARY) – Select to include the listed binary + data types +- Include character data types (NCLOB, CLOB, LONG) – Select to include the listed character data + types + +SDD Options + +- Store discovered sensitive data – Stores potentially sensitive data in the Enterprise Auditor + database. Any sampled sensitive data discovered based on the matched criteria is stored in the + Enterprise Auditor database. This functionality can be disabled by clearing this option. + + **NOTE:** The **Store discovered sensitive data** option is required to view Content Audit + reports in the Access Information Center for SQL data. + + **CAUTION:** Changing scan options, criteria, or filters when resuming a scan may prevent the + can from resuming properly. + +- Resume scan from last point on error – Resumes scan from where the previous scan left off when the + previous scan was stopped as a result of an error + +_Remember,_ the Sensitive Data Discovery Add-on is required to use the sensitive data collection +option. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md new file mode 100644 index 0000000000..369d564f48 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md @@ -0,0 +1,122 @@ +# SQL Data Collector + +The SQL Data Collector provides information on database configuration, permissions, data extraction, +application name of the application responsible for activity events, an IP Address or Host name of +the client server, and sensitive data reports. This data collector also provides information on +Oracle databases including infrastructure and operations. + +The SQL Data Collector has been preconfigured within the Database data collection jobs for Db2, +MySQL, Oracle, PostgreSQL, Redshift, and SQL Server databases. Both this data collector and the +Database Solution are available with a special Enterprise Auditor license. See the following topics +for additional information: + +- [Db2 Solution](/docs/accessanalyzer/11.6/solutions/databases/db2/overview.md) +- [MySQL Solution](/docs/accessanalyzer/11.6/solutions/databases/mysql/overview.md) +- [PostgreSQL Solution](/docs/accessanalyzer/11.6/solutions/databases/postgresql/overview.md) +- [Oracle Solution](/docs/accessanalyzer/11.6/solutions/databases/oracle/overview.md) +- [Redshift Solution](/docs/accessanalyzer/11.6/solutions/databases/redshift/overview.md) +- [SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/overview.md) + +Protocols + +TCP + +Ports + +For Db2: + +- Specified by Instances table (default is 5000) + +For MySQL: + +- Specified by Instances table (default is 3306) + +For Oracle: + +- Specified by Instances table (default is 1521) + +For PostgreSQL: + +- Specified by Instances table (default is 5432) + +For SQL: + +- Specified by Instances table (default is 1433) + +Permissions + +For MySQL: + +- Read access to MySQL instance to include all databases contained within each instance +- Windows Only — Domain Admin or Local Admin privilege + +For Oracle: + +- User with SYSDBA role +- Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or + Unix operating systems + +For PostgreSQL: + +- Read access to all the databases in PostgreSQL cluster or instance +- Windows Only — Domain Admin or Local Admin privilege + +For Redshift: + +- Read-access to the following tables: + + - pg_tables + - pg_user + +For SQL: + +- For Instance Discovery, local rights on the target SQL Servers: + + - Local group membership to Remote Management Users + - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` + +- For permissions for data collection: + + - Read access to SQL instance + - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the + target SQL instance(s) when using the **Scan full rows for sensitive data** option on the + Options wizard page + - Grant Authenticate Server to [DOMAIN\USER] + - Grant Connect SQL to [DOMAIN\USER] + - Grant View any database to [DOMAIN\USER] + - Grant View any definition to [DOMAIN\USER] + - Grant View server state to [DOMAIN\USER] + - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) + +See the +[Azure SQL Auditing Configuration](/docs/accessanalyzer/11.6/requirements/target/config/azuresqlaccess.md) +topic and the +[AzureSQL Target Least Privilege Model](/docs/accessanalyzer/11.6/requirements/target/config/databaseazuresql.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +## SQL Query Configuration + +The SQL Data Collector is configured through the SQL Data Collector Wizard. The wizard contains the +following pages, which change based upon the query category selected: + +**NOTE:** The SQL Data Collector is used in multiple Enterprise Auditor Solutions, and the query +categories used are dependent on the solution. + +- [SQL: Category](/docs/accessanalyzer/11.6/admin/datacollector/sql/category.md) +- [SQL: Options](/docs/accessanalyzer/11.6/admin/datacollector/sql/options.md) +- [SQL: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/sql/criteria.md) +- [SQL: Filter](/docs/accessanalyzer/11.6/admin/datacollector/sql/filter.md) +- [SQL: Settings](/docs/accessanalyzer/11.6/admin/datacollector/sql/settings.md) +- [SQL: Custom SQL Query](/docs/accessanalyzer/11.6/admin/datacollector/sql/customquerysql.md) +- [SQL: Custom Oracle Query](/docs/accessanalyzer/11.6/admin/datacollector/sql/customqueryoracle.md) +- [SQL: Results](/docs/accessanalyzer/11.6/admin/datacollector/sql/results.md) +- [SQL: Rowkey](/docs/accessanalyzer/11.6/admin/datacollector/sql/rowkey.md) +- [SQL: Summary](/docs/accessanalyzer/11.6/admin/datacollector/sql/summary.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/results.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/results.md new file mode 100644 index 0000000000..5626d3da83 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/results.md @@ -0,0 +1,10 @@ +# SQL: Results + +The Results page is where the properties that will be gathered are selected. It is a wizard page for +all of the categories. + +![SQL Data Collector Wizard Results Page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually, or the **Select All** and **Clear All** buttons can be +used. All selected properties are gathered. Available properties vary based on the category +selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/rowkey.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/rowkey.md new file mode 100644 index 0000000000..3bb9aaebeb --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/rowkey.md @@ -0,0 +1,10 @@ +# SQL: Rowkey + +The Rowkey page configures the Rowkey for the SQL query. It is a wizard page for the Custom Query +categories. + +![SQL Data Collector Wizard Rowkey Page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/rowkey.webp) + +Properties selected on the Results page are listed. Select the property or properties to act as the +Rowkey. Properties can be selected individually, or the **Select All** and **Clear All** buttons can +be used. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/settings.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/settings.md new file mode 100644 index 0000000000..56f3985694 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/settings.md @@ -0,0 +1,13 @@ +# SQL: Settings + +The Settings page configures the removal of data from the Enterprise Auditor database for specific +instances. It is a wizard page for the category of Utilities. + +![SQL Data Collector Wizard Data removal settings Page](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) + +Data from the selected categories will be removed from the Enterprise Auditor database: + +- Permissions +- Audits +- Sensitive Data +- Orphaned Rows diff --git a/docs/accessanalyzer/11.6/admin/datacollector/sql/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/sql/summary.md new file mode 100644 index 0000000000..83371a9888 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/sql/summary.md @@ -0,0 +1,10 @@ +# SQL: Summary + +The Summary page is where the configuration settings are summarized. It is a wizard page for all of +the categories. + +![SQL Data Collector Wizard Summary Page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the SQL Data Collector Wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/category.md b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/category.md new file mode 100644 index 0000000000..ed879db65b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/category.md @@ -0,0 +1,16 @@ +# SystemInfo: Category + +The Category page contains the following categories: + +![System Info Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp) + +The report categories are: + +- Computer System – Returns hardware and software related information +- Files Shares – Returns file share, permissions, and content information +- Logged On Users – Returns information about users logged on to local and remote machines +- Network Interface(NIC) – Returns network adapter configuration information +- Open File Shares – Returns information on accessible file shares +- Open Files – Returns information on locked and in use files +- Scheduled Tasks – Returns information on scheduled tasks +- Sessions – Returns information on local and remote sessions diff --git a/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/filetypes.md b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/filetypes.md new file mode 100644 index 0000000000..8fdd872409 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/filetypes.md @@ -0,0 +1,11 @@ +# SystemInfo: File Types + +The File Types page is where to enable count file types and specify filename masks if it is desired +to count files of given types. Two properties are generated for every mask provided, one for size +and one for count. It is a wizard page for the category of File Shares. + +![System Info Data Collector Wizard File Types page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/filetypes.webp) + +To enable counting file types, select the **Count file types** checkbox. To add new file types, +click **Add New**. To load a list of default file types for counting, click **Load Defaults**. To +remove a file type, select the file type and click **Remove**. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/jobscope.md b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/jobscope.md new file mode 100644 index 0000000000..56a3f4e780 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/jobscope.md @@ -0,0 +1,11 @@ +# SystemInfo: Job Scope + +The Job Scope page is where to select whether or not scoping should be used during execution. It is +a wizard page for the category of File Shares. + +![System Info Data Collector Wizard Job Scope page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/jobscope.webp) + +Select from the following options: + +- Don’t Use Scoping +- Use Scoping diff --git a/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/options.md b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/options.md new file mode 100644 index 0000000000..a5e0b70b9e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/options.md @@ -0,0 +1,48 @@ +# SystemInfo: Options + +The Options page contains options for the Files Shares category. It is a wizard page for the +categories of: + +- File Shares +- Network Interface (NIC) +- Open File Shares + +**NOTE:** This is a legacy feature, as it is more efficient to use the **FileSystemAccess** (FSAA) +Data Collector to gather this information. + +## File Shares and Open File Shares + +For the File Shares and Open File Shares categories: + +![System Info Data Collector Wizard Options page for File Shares category](/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/optionsfileshares.webp) + +Select from the following options to control the depth of processing and the amount of information +to be returned by the query: + +- Include file level permissions + + - Do not collect inherited file permissions + + - Return All Folders + +- Enumerate subfolders within shared folders + + - Limit returned subfolders depth to – Specify the number of levels + +- Size units for corresponding properties – Select the desired size unit: + + - Bytes + - KBytes + - Mbytes + - GBytes + +## Network Interface (NIC) + +For the Network Interface (NIC) category: + +![System Info Data Collector Wizard Options page for NIC category](/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/optionsnic.webp) + +The configurable option is: + +- Show primary IP address only – Select this checkbox to return data for the primary network + interface only diff --git a/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/overview.md new file mode 100644 index 0000000000..fc8214c39b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/overview.md @@ -0,0 +1,44 @@ +# SystemInfo Data Collector + +The SystemInfo Data Collector extracts information from the target system based on the selected +category. The SystemInfo Data Collector is a core component of Enterprise Auditor, but it has been +preconfigured within the Windows Solution. While the data collector is available with all Enterprise +Auditor license options, the Windows Solution is only available with a special Enterprise Auditor +license. See the +[Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) +topic for additional information. + +Protocols + +- Remote Registry +- RPC +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group + +## SystemInfo Query Configuration + +The SystemInfo Data Collector is configured through the System Info Data Collector Wizard, which +contains the following wizard pages: + +- Welcome +- [SystemInfo: Category](/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/category.md) +- [SystemInfo: Results](/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/results.md) +- [SystemInfo: Shares List](/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/shareslist.md) +- [SystemInfo: Probable Owner](/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/probableowner.md) +- [SystemInfo: VIP Membership](/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/vipmembership.md) +- [SystemInfo: File Types](/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/filetypes.md) +- [SystemInfo: Options](/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/options.md) +- [SystemInfo: Summary](/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/summary.md) + +![System Info Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/probableowner.md b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/probableowner.md new file mode 100644 index 0000000000..0087a35da9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/probableowner.md @@ -0,0 +1,62 @@ +# SystemInfo: Probable Owner + +On the Probable Owner page, select options for determining the owner using weighted calculations. +This page is enabled when the **Probable Owner** property is selected on the Results page. + +![System Info Data Collector Wizard Probable Owner page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableowner.webp) + +Determine owner + +In the Determine owner section, select from the following options: + +- Determine owner from User Profile Last Modified Date +- Determine owner from User Profile Size +- Determine owner from Current User +- Determine owner from Last User +- Custom weights – Select this radio button to use custom weights to determine the probable owner. + These weights can be set by clicking the ellipsis next to the Result weights box to open the + Probable Owner Settings window. + +![Custom weights Probable Owner Settings window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/customweights.webp) + +The Result weights box displays the custom weights set in the Probable Owner Settings window. + +Exclude users list + +In the Exclude users list section, select from the following checkboxes: + +- Exclude users by list – Enables the **Set List of Users to Exclude** button +- Exclude locked out users +- Exclude disabled users + +![Exclude users Probable Owner Settings window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/excludeusers.webp) + +Click **Set Users to Exclude** to open the Probable Owner Settings window: + +- User – Enter users in the following format: `Domain\Username` +- Add user – Click **Add user** to add the users entered in the User box to the excluded users list +- Removed selected – Select a user and click **Removed selected** to remove the user +- Clear list – Click **Clear list** to remove the list of excluded users +- Select users or groups – Click **Select users or groups** to open the Select User or Group window + and select users or groups to add the excluded users list +- Import from file – Select **Import from file** to open the Import File Dialog and import files to + add to the excluded users list + +Output options + +In the Output options section, select from the following options: + +- Get the most probable owner(s) +- Get probable owners with relative deviation to the most probable owner – Enables the following + option: + + - Maximum deviation: **[number]** percents + +- Get probable owners limited by probability – Enables the following options: + + - Probability threshold **[number]** percents + - Return at least one probable owner regardless of probability + +Select the following checkbox if desired: + +- Return the top **[number]** ranked probable owners diff --git a/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/results.md b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/results.md new file mode 100644 index 0000000000..5d3631ec28 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/results.md @@ -0,0 +1,10 @@ +# SystemInfo: Results + +The Results page is used to select which properties are gathered out of those available for the +category. It is a wizard page for all categories. + +![System Info Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or the **Check all**, **Uncheck all**, and **Reset to +defaults** buttons can be used. All selected properties are gathered. Available properties vary +based on the category selected. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/shareslist.md b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/shareslist.md new file mode 100644 index 0000000000..83de629d0d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/shareslist.md @@ -0,0 +1,19 @@ +# SystemInfo: Shares List + +On the Shares List page, configure the shares to include and exclude. It is a wizard page for the +category of File Shares. + +![System Info Data Collector Wizard Shares List page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/shareslist.webp) + +Select from the following options to exclude system or hidden shared folders from enumeration: + +- Exclude system and special shared folders +- Exclude hidden shared folders + +Select the following checkbox to identify nested shares and exclude them from the output: + +- Skip Nested Shares + +To configure individual shares to include or exclude, enter a share name and click **Add as +inclusion** or **Add as exclusion**. To remove the share from the list, select the share and click +**Remove selected**. To clear the list of inclusions and exclusions, click **Clear list**. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/summary.md new file mode 100644 index 0000000000..2db761071d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/summary.md @@ -0,0 +1,9 @@ +# SystemInfo: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all categories. + +![System Info Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the System Info Data Collector Wizard ensuring that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/vipmembership.md b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/vipmembership.md new file mode 100644 index 0000000000..d58d6ee00a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/vipmembership.md @@ -0,0 +1,15 @@ +# SystemInfo: VIP Membership + +The VIP Membership provides the option to add members to a VIP List and exclude them from contact +about probable ownership. Any users can be added to VIP membership. This page is enabled when the +VIPList property is selected on the Results page. + +![System Info Data Collector Wizard VIP Membership page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/vipmembership.webp) + +To add a user to the VIPList members table, enter the username in the User box in the +`Domain\Username` format and click **Add user**. To remove a user from the list, select the user and +click **Remove selected**. To clear the list, click **Clear list**. + +To select users or groups to add to the VIPList members table, click **Select users or groups** to +open the Select User or Group browser window and add a user or group. To import a file, click +**Import from file** to open the Import File Dialog browser window. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/textsearch/advancedcriteria.md b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/advancedcriteria.md new file mode 100644 index 0000000000..8679a870f9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/advancedcriteria.md @@ -0,0 +1,24 @@ +# TextSearch: Advanced Criteria + +The Advanced Criteria page is displayed if the **Use advanced criteria (instead of simple +criteria)** checkbox is selected on the Search Criteria page. This page provides configuration +options to specify the text to search for across the entire row of each file or within the specified +column in each row. + +![Text Search Data Collector Wizard Advanced Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/advancedcriteria.webp) + +The configurable options are: + +- Return Multiple Columns – Return data values in multiple columns +- Load Sample Data – Click this button to browse for sample data to test the filters entered. If the + sample data file is large, it is recommended to sample an excerpt of the file to reduce the amount + of time it takes to load the data. +- Customize – Click this button to open the Filter builder + + ![Filter builder window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/filterbuilder.webp) + + See the + [Filtration Dialog](/docs/accessanalyzer/11.6/admin/navigate/datagrid.md#filtration-dialog) + topic for information on using the Filter builder. + +The filter section cannot be blank. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/textsearch/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/overview.md new file mode 100644 index 0000000000..297e19da68 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/overview.md @@ -0,0 +1,38 @@ +# TextSearch Data Collector + +The TextSearch Data Collector enables searches through text based log files. The TextSearch Data +Collector is a core component of Enterprise Auditor, but it has been preconfigured within the +Windows Solution. While the data collector is available with all Enterprise Auditor license options, +the Windows Solution is only available with a special Enterprise Auditor license. See the +[Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) +topic for additional information. + +Protocols + +- RPC + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group + +## TextSearch Query Configuration + +The TextSearch Data Collector is configured through the Text Search Data Collector Wizard, which +contains the following wizard pages: + +- Welcome +- [TextSearch: Source Files](/docs/accessanalyzer/11.6/admin/datacollector/textsearch/sourcefiles.md) +- [TextSearch: Search Criteria](/docs/accessanalyzer/11.6/admin/datacollector/textsearch/searchcriteria.md) +- [TextSearch: Advanced Criteria](/docs/accessanalyzer/11.6/admin/datacollector/textsearch/advancedcriteria.md) +- [TextSearch: Results](/docs/accessanalyzer/11.6/admin/datacollector/textsearch/results.md) +- [TextSearch: Summary](/docs/accessanalyzer/11.6/admin/datacollector/textsearch/summary.md) + +![Text Search Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/textsearch/results.md b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/results.md new file mode 100644 index 0000000000..7e3d5c0ea6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/results.md @@ -0,0 +1,18 @@ +# TextSearch: Results + +The Results page is where properties that will be gathered are selected. + +![Text Search Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or the **Check all**, **Uncheck All**, and **Reset to +Defaults** buttons can be used. All selected properties are gathered. Available properties vary +based on the category selected. + +- Size units – Select from the following: + + - Bytes + - KBytes + - MBytes + - GBytes + +- Only return results for files with at least one match diff --git a/docs/accessanalyzer/11.6/admin/datacollector/textsearch/searchcriteria.md b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/searchcriteria.md new file mode 100644 index 0000000000..6ac0f132a5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/searchcriteria.md @@ -0,0 +1,18 @@ +# TextSearch: Search Criteria + +The Search Criteria page provides configuration options to specify the text to search for across the +entire row of each file. + +![Text Search Data Collector Wizard Search Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/searchcriteria.webp) + +The configurable functions are: + +- Use advanced criteria (instead of simple criteria) – Select this checkbox to display the Advanced + Criteria page and configure the search with additional filtering options. Advanced search criteria + is configured on the Advanced Criteria page. See the + [TextSearch: Advanced Criteria](/docs/accessanalyzer/11.6/admin/datacollector/textsearch/advancedcriteria.md) topic + for additional information. +- Simple Criteria + + - Text to match – Find files that contain the text string entered + - Exact match – Select this option to find files that contain only the exact text string entered diff --git a/docs/accessanalyzer/11.6/admin/datacollector/textsearch/sourcefiles.md b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/sourcefiles.md new file mode 100644 index 0000000000..b9619900f1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/sourcefiles.md @@ -0,0 +1,82 @@ +# TextSearch: Source Files + +The Source Files page provides options to specify which files to search. + +![Text Search Data Collector Wizard Source Files page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/sourcefiles.webp) + +Location + +The Location section provides options to scope the search. + +- Fixed path – Supply a fixed path or use wildcards and system variables. Fixed paths are typically + entered in the following format: `drive\filepath` (for example, `C:\WINNT\System32`). Click the + ellipsis to open the Remote Folder Explorer and browse to add file paths to the search scope. See + the [Remote Folder Explorer](#remote-folder-explorer) topic for additional information. +- Current Job Directory – Search the job’s root folder for the specified file +- Registry Lookup – Select this option to programmatically obtain a file path from a registry key + that exists on the target host in the environment. Click the ellipsis to open the Enterprise + Auditor Registry Browser and connect to a host to select a registry key and path to be used for + the lookup. + + - Value Name – This value is automatically populated from the registry key + - Levels – The Levels slider can be used to truncate the path for the key value in the Adjust + Path dialog box + - Current value data – Displays the current value for the registry key + - Query 32-bit – Select this checkbox to query a 32-bit view + - Query 64-bit – Select this checkbox to query a 64-bit view + +Files + +The Files section provides options to define the object or set of objects to find. + +- File name – Enter file names to search in the following format: `filename.extension`. Separate + multiple file names with a semicolon and no spaces between the names. Wild cards can be used. +- File type – Select the extension type of the file name entered above to tell the collection + routine how the data within the underlying file is structured and should be handled: + + - Autodetect – Select this when the data type is unknown. The data collection routine will + attempt to figure out what type of data it is and handle it appropriately. + - Plain Text + - CSV + - TSV + - Binary + - Space Separated Text + +- First line is header captions line – Enabled when CSV, TSV, or Space Separated Text is selected + +Options + +The Options section provides options to scope the search. + +- Ignore files larger than [number]MB +- Include subfolders + +Last Modification Time Filter + +The Last Modification Time Filter section provides options to apply time filters to the search. + +- None +- Oldest file +- Most recent file +- Between [date] and [date] +- In the last [number] [days] or [hours] + +## Remote Folder Explorer + +Clicking the ellipsis in the Location section of the Source Files page opens the Remote Folder +Explorer search window. In the Remote Folder Explorer window, navigate to the file folder location +and add the path to the scope. Multiple paths can be added to the scope. + +![Remote Folder Explorer window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/remotefolderexplorer.webp) + +The Remote Folder Explorer functions are: + +- Sample from host (path) – If the desired file does not exist on the local Enterprise Auditor + Console, enter the name of the host that contains the file and click **Connect** to browse that + host +- Selected Path – Displays the path selected in the box above +- Add path – Click **Add path** to add the selected path to the Path box. This adds the path to the + search scope. +- Delete path – Select a path in the Path box and click **Delete path** to delete the path from the + search scope +- Path – Displays the paths that have been added to the search scope diff --git a/docs/accessanalyzer/11.6/admin/datacollector/textsearch/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/summary.md new file mode 100644 index 0000000000..e90a86cdf0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/textsearch/summary.md @@ -0,0 +1,9 @@ +# TextSearch: Summary + +The Summary page displays a summary of the configured query. + +![Text Search Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Text Search Data Collector Wizard ensuring that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/unix/editscript.md b/docs/accessanalyzer/11.6/admin/datacollector/unix/editscript.md new file mode 100644 index 0000000000..4f10053f11 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/unix/editscript.md @@ -0,0 +1,9 @@ +# Unix: Edit Script + +The Edit Script page allows the script to be customized. + +![Unix Data Collector Wizard Edit Script page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/editscript.webp) + +Edit the shell script in the textbox if desired. + +Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/unix/input.md b/docs/accessanalyzer/11.6/admin/datacollector/unix/input.md new file mode 100644 index 0000000000..a0a02ceb97 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/unix/input.md @@ -0,0 +1,25 @@ +# Unix: Input + +The Input page configures the source for input data. + +![Unix Data Collector Wizard Input page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/input.webp) + +The configurable options are: + +- Use SQL table for scoping input – Select the checkbox to enable scoping options +- Input Table + + - Name – Select the SQL table from the drop-down menu + - Filter Nulls – Select the checkbox to ignore blank rows in the table + - Filter Duplicates – Select the checkbox to ignore duplicate rows in the table + - Filter by host column – Select the checkbox to sort rows by host + +- Columns – Select the desired rows from the SQL table +- Data Input Method + + - Run command once per table row + - Send table data via standard input + +- Column Separator – Specify the column delimiter + +Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/unix/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/unix/overview.md new file mode 100644 index 0000000000..a6f24d7750 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/unix/overview.md @@ -0,0 +1,36 @@ +# Unix Data Collector + +The Unix Data collector provides host inventory, software inventory, and logical volume inventory on +UNIX & Linux platforms. The Unix Data Collector has been preconfigured within the Unix Solution. +Both this data collector and the solution are available with a special Enterprise Auditor license. +See the +[Unix Solution](/docs/accessanalyzer/11.6/solutions/unix/overview.md) +topic for additional information. + +Protocols + +- SSH + +Ports + +- TCP 22 +- User configurable + +Permissions + +- Root permissions in Unix/Linux + +If the Root permission is unavailable, a least privileged model can be used. See the +[Least Privilege Model](/docs/accessanalyzer/11.6/requirements/target/unix.md#least-privilege-model) +topic additional information. + +## Unix Query Configuration + +The Unix Data Collector is configured through the Unix Data Collector Wizard. It is designed to scan +and import information from UNIX / Linux systems. The Unix Data Collector has these pages: + +- [Unix: Settings](/docs/accessanalyzer/11.6/admin/datacollector/unix/settings.md) +- [Unix: Input](/docs/accessanalyzer/11.6/admin/datacollector/unix/input.md) +- [Unix: Edit Script](/docs/accessanalyzer/11.6/admin/datacollector/unix/editscript.md) +- [Unix: Parsing](/docs/accessanalyzer/11.6/admin/datacollector/unix/parsing.md) +- [Unix: Results](/docs/accessanalyzer/11.6/admin/datacollector/unix/results.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/unix/parsing.md b/docs/accessanalyzer/11.6/admin/datacollector/unix/parsing.md new file mode 100644 index 0000000000..a8154ab6f9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/unix/parsing.md @@ -0,0 +1,31 @@ +# Unix: Parsing + +The Parsing Configuration page configures the columns to return from the remote command and the +parameters used to parse that output into those columns. + +![Unix Data Collector Wizard Parsing Configuration page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/parsing.webp) + +The configurable options are: + +- Parse Columns – Select the checkbox to enable the parsing parameters options + + - Delimiter – Specify the delimiter + - Ignore duplicate delimiters – Check the checkbox to enable + - Delimiter Type – Select one of the following options: + + - Split on any delimiter character + - Split on entire delimiter string + - Split on delimiter regular expression + + - Handle additional delimited fields by – Select one of the following options: + + - Ignoring them + - Inserting them as the last column in additional rows + - Including them in the last column + +- Columns – Use the buttons to add or remove columns + + - **Add** – Opens the New Column window. Enter a new column name and click **OK**. + - **Remove** – Removes the selected column + +Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/unix/results.md b/docs/accessanalyzer/11.6/admin/datacollector/unix/results.md new file mode 100644 index 0000000000..c185b13038 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/unix/results.md @@ -0,0 +1,15 @@ +# Unix: Results + +On the Results page, select which properties will be gathered out of those available for the query. +Additionally select properties based on which ROWKEY will be built. + +![Unix Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +The configurable options are: + +- Properties to return – Select the desired columns +- ROWKEY's components – Select the desired columns + +Click **Finish** to save the configuration changes, or **Back** to return to the previous page. If +no changes were made, it is a best practice to click **Cancel** to close the Unix Data Collector +Wizard to make sure that no accidental settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/unix/settings.md b/docs/accessanalyzer/11.6/admin/datacollector/unix/settings.md new file mode 100644 index 0000000000..e5ff6050fa --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/unix/settings.md @@ -0,0 +1,36 @@ +# Unix: Settings + +The Settings page configures the Unix Data Collector settings. + +![Unix Data Collector Wizard Settings page](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) + +The configurable options are: + +- Time Out Settings + + - Connection Timeout – Set the connection timeout + - Processing Timeout – Set the processing timeout + +- Pre-Execution File Copy + + The Unix Data Collector can use SCP to copy a file from the Enterprise Auditor console to the + target system before running the script command. + + - Enable pre-execution file copy – Select the checkbox to enable + + - Source File – Enter a file path or click the ellipsis (…) to browse to the file location + - Target Location – Enter the file path to copy the file to + +- Credential Selection Settings + + - Only use Unix Account type credentials from connection profile + - Use both Unix Account and Active Directory Account type credentials from connection profile + + - AD Account user name format – Select from the dropdown the format of the user name from + the following: + + - username + - domain\username + - username@domain + +Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/groups.md b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/groups.md new file mode 100644 index 0000000000..f35973dba2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/groups.md @@ -0,0 +1,43 @@ +# UsersGroups: Groups Category + +The Groups Query category collects information for groups in different contexts. + +![Users and Groups Browser wizard Results page for Groups category](/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/groups.webp) + +In the Groups section, select from the following options: + +- All groups +- All global groups +- All local groups +- All groups containing the following users – Click the ellipsis (**…**) to open the Find a User + browser screen and select users. See the [Find a Group/User Browser](#find-a-groupuser-browser) + topic for additional information. +- These groups – Click the ellipsis (**…**) to open the Find a Group browser window and select + groups. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic for additional + information. + +In the Additional Properties section, select the **What rights does this group have?** checkbox to +return rights for the selected groups. + +**CAUTION:** The number of offline Groups can significantly increase the time for a scan. + +**_RECOMMENDED:_** For large networks, configure the length of time for a scan when Groups are +offline. + +- Retry Attempts [number] +- Retry Interval [number] seconds + +## Find a Group/User Browser + +Clicking the ellipses for the **All groups containing the following users** and the **These groups** +options opens the Find a Group or Find a User browser. + +![Find a group window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/findagroup.webp) + +The Find a Group and Find a User browsers display a list of groups or users, depending on which one +is being used, that can be selected for the option. Select from a specific host using the Sample +from host option, or leave the text field blank and click **Connect** to retrieve all user groups or +users that are selectable. + +Select a group or user by selecting the checkbox next to it, and click **OK** to confirm selection. +Click **Cancel** to leave the window without a selection. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/security.md b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/security.md new file mode 100644 index 0000000000..e3b5e452c4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/security.md @@ -0,0 +1,27 @@ +# UsersGroups: Security Category + +This Security policy is used to audit security policies. + +![Users and Groups Browser wizard Results page Security category](/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/security.webp) + +Select from the following options for what data will be returned: + +- Security Policy (User Rights Assignment) – Identifies user rights assignment for each individual + policy part that grants or removes rights + + - Resolve Nested Group Membership – Returns nested group membership + - Find all users and groups who have the following right – Select the checkboxes next to the + rights desired for the query + +- Password Policy – Returns a password policy audit for the target +- Audit Policy – Returns an audit policy audit for the target +- Account Lockout Policy – Returns an account lockout policy audit for the target + +**CAUTION:** The number of offline hosts with policies can significantly increase the time for a +scan. + +**_RECOMMENDED:_** For large networks, configure the length of time for a scan when hosts with +policies are offline. + +- Retry Attempts [number] +- Retry Interval [number] seconds diff --git a/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/users.md b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/users.md new file mode 100644 index 0000000000..83cf677d22 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/users.md @@ -0,0 +1,61 @@ +# UsersGroups: Users Category + +The Users Query category collects information for users in different contexts. + +![Users and Groups Browser wizard Results page Users category](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/users.webp) + +In the Users section, select from the following options: + +- All users – All users found on the target host +- All users in the following groups – Click the ellipsis (**…**) to open the Find a Group browser + window and specify a group. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic + for additional information. A specific group can also be entered manually into the text field. +- These users – Click the ellipsis (**…**) to open the Find a User browser window and specify one or + more users. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic for additional + information. A specific user can also be entered manually into the text field. +- Special users – The users found can be flagged as special users in the following categories: + + - Administrator + - Guest + - Check if account has been renamed – Select this checkbox to check if the Administrator or + Guest account has been renamed + - Resolve nested group membership – Returns nested group membership + - Include every occurrence of a user – Show every group in which the user is a member + +In the Additional Properties section, select from the following checkboxes to return additional +information on user objects: + +- Is the user account enabled? +- Is the user account locked out? +- Can the user change their password? +- Does the user’s password expire? +- What rights does the user have? +- Does the user require a password? +- When was this user’s password last changed? +- What is this user’s password age in days? +- When did this user last logon? + +Click **Select all** to select all properties. Click **Clear all** to deselect all properties + +**CAUTION:** The number of offline Users can significantly increase the time for a scan. + +**_RECOMMENDED:_** For large networks, configure the length of time for a scan when Users are +offline. + +- Retry Attempts [number] +- Retry Interval [number] seconds + +## Find a Group/User Browser + +Clicking the ellipses for the **All users in the following groups** and the **These users** options +opens the Find a Group or Find a User browser. + +![Find a group window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/findagroup.webp) + +The Find a Group and Find a User browsers display a list of groups or users, depending on which one +is being used, that can be selected for the option. Select from a specific host using the Sample +from host option, or leave the text field blank and click **Connect** to retrieve all user groups or +users that are selectable. + +Select a group or user by selecting the checkbox next to it, and click **OK** to confirm selection. +Click **Cancel** to leave the window without a selection. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/overview.md new file mode 100644 index 0000000000..ba74a20823 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/overview.md @@ -0,0 +1,45 @@ +# UsersGroups Data Collector + +The UsersGroups Data Collector audits user and group accounts for both local and domain, extracting +system policies. + +The UsersGroups Data Collector has been preconfigured within the Windows Solution. Both this data +collector and the solution are available with a special Enterprise Auditor license. See the +[Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) +topic for additional information. + +Protocols + +- RPC +- SMBV2 +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports +- 445 + +Permissions + +- Member of the Local Administrators group + + - If a less-privileged option is required, you can use a regular domain user that has been added + to the **Network access: Restrict clients allowed to make remote calls to SAM** Local Security + Policy + +- Member of the Domain Administrators group (if targeting domain controllers) + +## UsersGroups Query Configuration + +The UsersGroups Data Collector is configured through the Users and Groups Browser wizard, which +contains the following wizard pages: + +- Welcome +- [UsersGroups: Results](/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/results.md) +- [UsersGroups: Summary](/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/summary.md) + +![Users and Groups Browser wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/results.md b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/results.md new file mode 100644 index 0000000000..ee0327f252 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/results.md @@ -0,0 +1,12 @@ +# UsersGroups: Results + +The Results page is where the type of data to be returned is configured. Each type has a different +set of options. + +![Users and Groups Browser wizard Results page Category selection](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) + +Choose from the following query categories: + +- [UsersGroups: Users Category](/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/users.md) +- [UsersGroups: Groups Category](/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/groups.md) +- [UsersGroups: Security Category](/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/security.md) diff --git a/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/summary.md new file mode 100644 index 0000000000..26f9334871 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/summary.md @@ -0,0 +1,9 @@ +# UsersGroups: Summary + +The Summary page displays a summary of the configured query. + +![Users and Groups Browser wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Users and Groups Browser wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/classes.md b/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/classes.md new file mode 100644 index 0000000000..79f7e55157 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/classes.md @@ -0,0 +1,9 @@ +# WMICollector: Classes + +On the Classes page, configure the WMICollector namespaces and classes to use as a data source. + +![WMI Browser wizard Classes page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/classes.webp) + +Select the **Namespace** and **Class** from the drop-down lists to use as a data source. The default +namespace, **root\CIMV2**, is typically what should be used. Select the **Win32 classes only** +checkbox to use only Win32 classes. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/overview.md b/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/overview.md new file mode 100644 index 0000000000..68004f75b0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/overview.md @@ -0,0 +1,39 @@ +# WMICollector Data Collector + +The WMICollector Data Collector identifies data for certain types of WMI classes and namespaces. The +WMICollector Data Collector is a core component of Enterprise Auditor, but it has been preconfigured +within the Windows Solution. While the data collector is available with all Enterprise Auditor +license options, the Windows Solution is only available with a special Enterprise Auditor license. +See the +[Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) +topic for additional information. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group + +## WMICollector Query Configuration + +The WMICollector Data Collector is configured through the WMI Browser wizard, which contains the +following wizard pages: + +- Welcome +- [WMICollector: Sample Host](/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/samplehost.md) +- [WMICollector: Classes](/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/classes.md) +- [WMICollector: Properties](/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/properties.md) +- [WMICollector: Summary (Results)](/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/summary.md) + +![WMI Browser wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/properties.md b/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/properties.md similarity index 100% rename from docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/properties.md rename to docs/accessanalyzer/11.6/admin/datacollector/wmicollector/properties.md diff --git a/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/samplehost.md b/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/samplehost.md new file mode 100644 index 0000000000..8b499a19ca --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/samplehost.md @@ -0,0 +1,10 @@ +# WMICollector: Sample Host + +On the Sample Host page, enter a sample host to populate options for the query. + +![WMI Browser wizard Sample Host page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/samplehost.webp) + +On the Sample Host page, if the desired classes and namespaces to audit reside on the local host, +click **Next**. (The local host is represented by `.` in the **Sample host name** box). If a +different sample host is needed to populate the namespace and class options, enter the name for the +remote host and click **Next**. diff --git a/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/summary.md b/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/summary.md new file mode 100644 index 0000000000..ae21dac541 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/summary.md @@ -0,0 +1,8 @@ +# WMICollector: Summary (Results) + +The Summary page, or Results page, displays a summary of the configured query. + +![WMI Browser wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the WMI Browser wizard ensuring that no accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/activities.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/activities.md new file mode 100644 index 0000000000..4509438186 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/activities.md @@ -0,0 +1,37 @@ +# Host Discovery Queries Activities Pane + +The Activities pane provides several options for managing Host Discovery queries. + +![Activities pane](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/activities.webp) + +The options are: + +- Create Query – Opens the Host Discovery Wizard to create a new query +- Edit Query – Opens the Host Discovery Wizard with the selected query’s configuration +- Delete Query – Deletes the selected query and its generated host list + + - A confirmation window displays. Click **Yes** to complete the deletion + +- Run Query – Begins an immediate execution of the selected query +- Stop Query – Stops the selected query which is currently running + + - No action occurs if the query is **Idle** + +- Suspend Query Queue – Removes the selected query from a scheduled queue + + - The Activities pane listing changes to **Resume Query Queue**. Click again to resume scheduled + queue. + +- Schedule – Opens the Schedule wizard to schedule query execution + + - See the + [Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) + topic for additional information on the Schedule wizard + +- View Host List – Opens the + [Host Management](/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md) + node directly to the selected query’s generated host list + +These options are also available through a pop-up menu accessed by right-clicking on a query. +**Create Query** and **Suspend Query Queue** are additionally available through a pop-up menu +accessed by right-clicking on the **Host Discovery** node. diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/log.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/log.md new file mode 100644 index 0000000000..696b72fd4d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/log.md @@ -0,0 +1,28 @@ +# Discovery Log + +The **Host Discovery** > **Discovery Log** node lists host discovery logs. These logs house +transactions that transpire during the running of host discovery and host inventory tasks. + +![Discovery Log](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/discoverylog.webp) + +The Discovery Log logging level is configured within the **Settings** > **Host Discovery** node. See +the +[Host Discovery](/docs/accessanalyzer/11.6/admin/settings/hostdiscovery.md) +topic for additional information. + +The following options are above the data grid: + +- Reload Log – Refresh the log data for the selected Log date and Query Name +- Log date – Select the desired **Log date** from the drop-down menu to view transactions +- Query Name – The default selection is **All Queries**. To narrow the data to a desired query, + select a query name from the drop-down menu. + +The data grid contains the following columns: + +- Date – Date timestamp of transaction +- Kind – Type of transaction recorded (Error, Warning, Info, Debug), controlled by the configured + logging level +- Source – Selectively used, the source value reflects the core component responsible for producing + the message +- HostName – Name of the targeted host where the transaction occurred +- Message – Log transaction message diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/overview.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/overview.md new file mode 100644 index 0000000000..28dbffacb7 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/overview.md @@ -0,0 +1,19 @@ +# Host Discovery Node + +Use the **Host Discovery** node to discover hosts to audit. Host Discovery queries are created in +the Host Discovery node to discover hosts within the targeted environment that match the desired +criteria (for example, all domain controllers for Active Directory auditing). + +The Host Discovery queries view displays a list of previously configured queries, opens the Host +Discovery Wizard to create new queries, and is where host inventory process can be automated. The +**Host Discovery** node houses the Discovery Log. The **Settings** > **Host Discovery** node +contains the global settings that affect discovery queries. See the +[Host Discovery](/docs/accessanalyzer/11.6/admin/settings/hostdiscovery.md) +topic for additional information. + +The Discovery node has four main panes: + +- [Host Discovery Queries](/docs/accessanalyzer/11.6/admin/hostdiscovery/queries.md) +- [Host Discovery Queries Activities Pane](/docs/accessanalyzer/11.6/admin/hostdiscovery/activities.md) +- [Host Discovery Wizard](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/overview.md) +- [Discovery Log](/docs/accessanalyzer/11.6/admin/hostdiscovery/log.md) diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/queries.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/queries.md new file mode 100644 index 0000000000..c8d002de8e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/queries.md @@ -0,0 +1,45 @@ +# Host Discovery Queries + +The Host Discovery Queries Pane contains a list of previously-configured queries. + +![Host Discovery Queries Pane](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queries.webp) + +The list of previously configured queries is provided in a table format with the following columns: + +- Name – Displays the name assigned to the query during creation +- Query Source – Identifies where the query searches for hosts +- Query State – Displays the query’s current status (active or idle) +- Last count – Identifies the number of hosts found from the last scan +- Last Queried – Displays the date and time stamp for the last running of the query +- Connection Profile – Identifies the Connection Profile assigned to the query for access to the + Query Source +- ID – GUID of the query task +- SANode – Name of the Enterprise Auditor Console server +- Snapshot mode – Identifies the type of discovery query: + + - Cumulative – Grows the host list by appending newly discovered hosts with each query execution + - Snapshot – Only shows host found during the most recent query execution + + **NOTE:** The Snapshot mode is configured on the Options page of the Host Discovery Wizard. + +## View Hidden Columns + +Follow the steps to view the hidden columns in the table: + +**Step 1 –** Right-click a header in the table, which opens a context menu. + +![Field Chooser option on context menu](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queriesfieldchooser.webp) + +**Step 2 –** Select **Field Chooser**, which opens the Customization window. + +![Customization window](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queriescustomizationwindow.webp) + +**Step 3 –** Select the **Columns** tab. + +![Drag hidden colum into table](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queriesaddhiddencolumn.webp) + +**Step 4 –** Drag and drop the desired column between any header of the table. + +![Host Discovery Queries table with column added](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/querieshiddencolumnadded.webp) + +The header is now present in the table. diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/addomaincontrollers.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/addomaincontrollers.md new file mode 100644 index 0000000000..a17574d834 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/addomaincontrollers.md @@ -0,0 +1,123 @@ +# Query an Active Directory server (Discover Domain Controllers) + +Follow the steps to create a Host Discovery query using the **Query an Active Directory server +(Discover Domain Controllers)** source option. This option scans the default domain controller or a +specified server but is scoped to return only machines that are domain controllers. + +![Host Discovey Wizard Source page for AD Domain Controllers query](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Query an Active +Directory server (Discover Domain Controllers)** option. Click **Next**. + +![Host Discovey Wizard Query page for AD Domain Controllers query](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/query.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovey Wizard Domains & Sites page](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/domainssites.webp) + +**Step 3 –** The Domains & Sites page is scoped to return all domain controllers in the targeted +domains and sites. By default, all domains and sites are selected. If desired, scope to target +specific domains and sites. + +- Connection – Select the radio button to specify the server to be connected to and searched: + + - Connect to default directory – Selects a default domain controller from the domain in which + the Enterprise Auditor Console server resides + - Specify server – Specify a particular server or domain controller. Type the server name in the + textbox. Click **Connect** to confirm the connection to the specified server and populate the + domains and sites choices. + +- Filter by domains – Lists discovered domains + + - Search all domains – The default option. To narrow the scope to specific domains, deselect + this option to enable the selection box. + - Exclude domain – Deselect the checkbox for a domain in the list to exclude it from the scope. + The **Check All** and **Uncheck All** buttons are enabled when scoping by domain. + +- Filter by sites – Lists discovered sites + + - Search all sites – The default option. To narrow the scope to specific sites, deselect this + option to enable the Selection box. + - Exclude site – Deselect the checkbox for a site in the list to exclude it from the scope. The + **Check All** and **Uncheck All** buttons are enabled when scoping by site. + +Click **Next** to continue. + +![Host Discovey Wizard Options page for AD Domain Controllers query](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovey Wizard Inventory page for AD Domain Controllers query](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovey Wizard Summary page for AD Domain Controllers query](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/adexchange.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/adexchange.md new file mode 100644 index 0000000000..b36e4d32d5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/adexchange.md @@ -0,0 +1,103 @@ +# Query an Active Directory Server (Discover Exchange servers) + +Follow the steps to create a Host Discovery query using the Query an Active Directory server +(Discover Exchange servers) source option. This option scans the default domain controller or a +specified server but is scoped to return only computer objects residing in the configuration +container for Exchange servers. + +![Host Discovery Wizard Source page for AD Exchange](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source Page, select the **Query an Active +Directory server (Discover Exchange servers)** option. Click **Next**. + +![Host Discovery Wizard Query page for AD Exchange](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/query.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Exchange Server Query page](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/exchangeserver.webp) + +**Step 3 –** The Exchange Server Query page is scoped to the default Microsoft container where all +Exchange servers are housed. + +Leave this page unchanged. If you must modify this page, see the +[Query an Active Directory Server (General)](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/adgeneral.md) +topic for instructions. Click **Next**. + +![Host Discovery Wizard Options page for AD Exchange](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovery Wizard Inventory page for AD Exchange](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Summary page for AD Exchange](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/adgeneral.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/adgeneral.md new file mode 100644 index 0000000000..826b78aca0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/adgeneral.md @@ -0,0 +1,124 @@ +# Query an Active Directory Server (General) + +Follow the steps to create a Host Discovery query using the Query an Active Directory server +(General) source option. This option scans the default domain controller or a specified server for +all computer objects. The query can be scoped to only return computer objects in specified +containers or individual computer objects. See Step 3 for additional information. + +![Host Discovery Wizard Source page for AD General](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Query an Active +Directory server (General)** option. Click **Next**. + +![Host Discovery Wizard Query page for AD General](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/query.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Active Directory page](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/activedirectory.webp) + +**Step 3 –** On the Active Directory page, identify the organizational units (OUs) to scan. + +**_RECOMMENDED:_** Scope the query when using this source option. + +- Connection – Select the server to connect to and search for computer objects using the radio + buttons: + + - Connect to default directory – Selects a default domain controller from the domain in which + the Enterprise Auditor Console server resides + - Specify server – Allows you to specify a particular server or domain controller. Type the + server name in the textbox. Click **Connect** to confirm the connection to the specified + server and populate the OU choices. + +- Use Configuration directory partition (contains all Exchange servers) – If selected, the + Configuration directory opens in the Selection box +- Selection box – Expand the domain to select containers and individual hosts. Click **Add** to + include the selected container or host in the OUs to be searched box. +- OUs to be searched box – Displays the selected OUs. Use the buttons at the top of the box to edit + the list: + + - Add – Adds the selection from the Selection Box into the list + - Remove – Removes the selected OU from the list + +- Search sub-OUs – This checkbox in the OUs to be searched box indicates scan depth for the selected + OU + +Click **Next** to continue. + +![Host Discovery Wizard Options page for AD General](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovery Wizard Inventory page for AD General](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Summary page for AD General](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/csv.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/csv.md new file mode 100644 index 0000000000..6bcde31235 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/csv.md @@ -0,0 +1,113 @@ +# Import From a Local CSV File + +Follow the steps to create a Host Discovery query using the **Import from a CSV file** source +option. + +**CAUTION:** Each time a query refresh occurs for a query with an import option set as the source, +it re-imports the host list. Therefore, deleting, renaming, or moving the import source file causes +the query to fail. + +![Host Discovery Wizard Source page for CSV import](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Import from a CSV +file** option on the Source page. Click **Next**. + +![Host Discovery Wizard Query page for CSV import](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/query.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +**NOTE:** The source in this case is the Enterprise Auditor Console server. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard CSV File Import page](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/fileimport.webp) + +**Step 3 –** On the CSV File Import page, identify the CSV file to import and the column from within +the file where the host names are located: + +- File name – Identify the CSV file with the full file path. Use the ellipsis (**…**) to open a + browser window. +- Includes header row – If the first row of the CSV file is a header row, select this option to + remove it from the list of hosts to be imported +- Column – The drop-down menu is populated from the selected CSV file. Select the column containing + the host names. The selection is highlighted in the Sample data box. +- Sample data box – Displays a preview of the selected CSV file + +Click **Next** to continue. + +![Host Discovery Wizard Options page for CSV import](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovery Wizard Inventory page for CSV import](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Summary page for CSV import](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/database.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/database.md new file mode 100644 index 0000000000..54ad2d846c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/database.md @@ -0,0 +1,140 @@ +# Import From a Database + +Follow the steps to create a Host Discovery query using the **Import from a database** source +option. + +**CAUTION:** Each time a query refresh occurs for a query with an import option set as the source, +it re-imports the host list. Therefore, deleting, renaming, or moving the import source file causes +the query to fail. + +![Host Discovery Wizard Source page for database import](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Import from a +database** option. Click **Next**. + +![Host Discovery Wizard Query page for database import](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/query.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Database Import page](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/databaseimport.webp) + +**Step 3 –** On the Database Import page, identify the database, table, and column where the host +names are located: + +- Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link Properties + window. Then provide the required information on the Connection tab. + + ![Data Link Properties window Connection tab](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/datalinkproperties.webp) + + - Server name – Use the drop-down menu to select the server. The **Refresh** button refreshes + the list of available servers. + - Credentials – Select the credentials to use to log on to the server: + + - Use Windows NT Integrated security – This option applies the credentials used to run the + Enterprise Auditor application + - Use a specific user name and password – Provide the user name and password and select the + **Allow saving password** option + - If selected, the **Blank password** option indicates that no password is required + + ![Test connection succeeded confirmation window](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp) + + - Click **Test Connection** to confirm a connection has been established. Click **OK** on the + confirmation window. + - Database – Select the **Select the database on the server** option and use the drop-down menu + to select the database + - The other tabs in the Data Link Properties window should not be modified + + - Provider tab – The database connector, dictated by the source of the data and the data + sources that are available on the Enterprise Auditor Console server. This is set by + default to the **Microsoft OLE DB Provider for SQL Server**. + - Advanced tab – Allows modifications of the connection timeout to the database server in + case the server is slow or far away + - All tab – Do not modify this tab + + - Click **OK** to close the Data Link Properties window + +- Table – Use the drop-down menu to select a table from the database +- Column – Use the drop-down menu to select the column where the host names are located. The + selection is highlighted in the Sample data box. +- Sample data Box – Displays a preview of the selected database table + +Click **Next** to continue. + +![Host Discovery Wizard Options page for database import](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovery Wizard Inventory page for database import](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Summary page for database import](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/ipnetwork.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/ipnetwork.md new file mode 100644 index 0000000000..e56efc4ede --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/ipnetwork.md @@ -0,0 +1,134 @@ +# Scan IP Network + +Follow the steps to create a Host Discovery query using the Scan your IP network source option. This +option scans a specified range of IP Addresses for active hosts and resolves the names of machines +using DNS. + +![Host Discovey Wizard Source page for IP network scan](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Scan your IP network** +option. Click **Next**. + +![Host Discovey Wizard Query page for IP network scan](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/query.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovey Wizard IPSweep page](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/ipsweep.webp) + +**Step 3 –** On the IPSweep page, specify the range of IP Addresses to scan. + +- Specification Type – Specify the type of IP range to scan. The selected Specification Type + determines the IP Address options available for specifying the IP range. The default is **Specify + IP Address Range**, but the following options are available: + + - Specify Windows IP Configuration Information – Provide **Hostname or IP address** and **Subnet + mask** values + - Specify IP Address Range – Provide **Starting IP Address** and **Ending IP Address** + - Specify Advance IP Address Range – Provide **IP Address Range** + +- IP Address options – The help [?] button at the end of each textbox provides example formats + + - Hostname or IP address – Example: `192.168.2.35` or `target.example.com` + - Subnet mask – Example: `255.255.255.0` + - Starting IP Address – Example: `192.168.2.1` + - Ending IP Address – Example: `192.168.2.255` + - IP Address Range – Example: `192.168.2.*` + - See the help button for full list of examples + +- IP Ranges box – Displays the selected range of IP Addresses. Use the links at the top of the box + to edit the list: + + - Add as inclusion – Adds information provided in the IP Address Textboxes into the to be + collected list + - Add as exclusion – Adds information provided in the IP Address Textboxes into the to be + ignored list + - Remove – Removes the selection from the IP Ranges box + +- (Optional) Only include host with the following ports open – If selected, this option limits the + Host Discovery query to return only the hosts found in the IP Sweep with the specified open ports. + When specifying multiple ports, separate them with commas or semicolons but not spaces. For + example, to specify ports 10 and 80 enter: `10,80`. The help **[?]** button at the end of the + textbox provides example entry formats. +- (Optional) Only include Windows hosts – If selected, this option limits the Host Discovery query + to return only the hosts found in the IP Sweep that have Windows operating systems + +Click **Next** to continue. + +![Host Discovey Wizard Options page for IP network scan](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovey Wizard Inventory page for IP network scan](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +Click **Next** to continue. + +![Host Discovey Wizard Summary page for IP network scan](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/overview.md b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/overview.md new file mode 100644 index 0000000000..563e74da58 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/overview.md @@ -0,0 +1,39 @@ +# Host Discovery Wizard + +The Host Discovery Wizard gives complete control over how hosts are discovered on the targeted +network and which hosts are discovered. + +![Console with Create Query Option Highlighted](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/createqueryhighlighted.webp) + +Use the Host Discovery Wizard to create new queries. The wizard opens in the Results pane. Use any +of the following methods in order to access the Host Discovery Wizard from the Host Discovery node: + +- Select **Create Query** in the Activities pane +- Right-click the **Host Discovery** node and select **Create Query** from the pop-up menu +- Right-click anywhere in the Host Discovery Queries table and select **Create Query** from the + pop-up menu + +![Host Discovery Wizard](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/hostdiscoverywizard.webp) + +The first step in creating a Host Discovery query is to select the source where the query searches +for hosts. Hosts are discoverable using one of the following options: + +- [Scan IP Network](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/ipnetwork.md) + – Scans a specified range of IP Addresses for active hosts and resolves the names of machines + using DNS +- [Query an Active Directory Server (General)](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/adgeneral.md) + – Scans the default domain controller or a specified server for all computer objects, can be + scoped +- [Query an Active Directory Server (Discover Exchange servers)](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/adexchange.md) + – Scans the default domain controller or a specified server but is scoped to return only computer + objects sitting in the configuration container for Exchange servers +- [Query an Active Directory server (Discover Domain Controllers)](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/addomaincontrollers.md) + – Scans the default domain controller or a specified server but is scoped to return only machines + which are domain controllers +- [Import From a Local CSV File](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/csv.md) + – Imports a host list from a specified CSV file +- [Import From a Database](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/database.md) + – Imports a host list from a specified SQL Server database + +**NOTE:** The Advanced Options checkbox in the lower-left corner is a legacy item and should not be +selected. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md new file mode 100644 index 0000000000..cb3af90f49 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md @@ -0,0 +1,55 @@ +# Add Hosts + +The **Add Hosts** option creates a new host list. It can be accessed through the **Host Management** +node. Follow the steps to add a new host list. + +![Add Hosts option on Activities pane of the Host Management node](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/addhosts.webp) + +**Step 1 –** Click **Add Hosts** to open the Host List Wizard in the Results pane. + +![Host List Wizard Specify Manual Host Entry page](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistwizardhostentry.webp) + +**Step 2 –** On the Manual Host Entry page, choose to either enter the hosts manually one at a time, +or use the **Import** option. When the list is completed, click **Next**. + +- To enter hosts manually, type the host name in the **Host name** textbox. Then click **Add**. The + entry will appear in the **Host list** box. Repeat the process until all hosts for this list have + been entered. +- The **Import** option opens the Import Hosts window. See the + [Import Hosts Option](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhost.md) + topic for additional information. +- Use **Remove** to delete a selected host from the **Host list** box + +![Host List Wizard Specify Host List Properties page](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistwizardproperties.webp) + +**Step 3 –** On the Specify Host List Properties page, provide a unique descriptive **Host List +Name**. + +- There cannot be two host lists with the same name. Enterprise Auditor automatically appends a + numeral to the end of a host list name to avoid duplicates. + +**Step 4 –** On the Specify Host List Properties page, configure when inventory fields should be +refreshed for hosts in the list and set the credentials to use to conduct the host inventory. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Set the credentials to use to conduct the host inventory. + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Enterprise Auditor application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information on Connection Profiles. + +**Step 5 –** Click **Finish** to save the host list and close the Host Lost Wizard. + +The new list displays at the bottom of the host lists under the **Host Management** node in the +Navigation pane. Every host added is included in the host master table at the Host Management node +as well as in the newly created host list. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/deletehost.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/deletehost.md new file mode 100644 index 0000000000..9d79c27dbf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/deletehost.md @@ -0,0 +1,51 @@ +# Delete Host(s) + +Use the **Delete Host(s)** option at the **Host Management** node to permanently delete a host from +the master host table, or at an individual host list node to remove the host from the selected list. + +## Delete From Host Management Node + +Follow the steps to delete a host from the Host Management node. + +**Step 1 –** In the Host Management node, select the host in the data grid and click **Delete +Host(s)** on the Activities pane. + +![Confirm dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletehost.webp) + +**CAUTION:** A deletion from the host master table at the Host Management node cannot be undone, as +it deletes it from the host management database tables. It also removes the host from any host list +to which it has been assigned. Click **Cancel** to stop the deletion. + +**Step 2 –** A dialog box asks for confirmation of the action. Click **OK** to proceed with the +deletion. + +The host is no longer in the master host table. + +## Delete From Individual Host List + +Follow the steps to delete a host from an individual host list. + +**Step 1 –** In the host list, select the host in the data grid and click **Delete Host(s)** on the +Activities pane. + +![Confirm dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletehost.webp) + +**Step 2 –** A dialog box asks for confirmation of the action. Click **OK** to proceed with the +deletion. + +Enterprise Auditor checks to see if the host exists in any other static host lists. If so, the +deletion is limited to removing the selected host from the current host list. + +![Confirm deletion from master host table dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletehostmaster.webp) + +**CAUTION:** A deletion from the host master table cannot be undone, as it deletes it from the host +management database tables. + +**Step 3 –** If the host is not found in another static host list, Enterprise Auditor asks if you +also want to remove the host from the Host Master Table. On the Confirm dialog, select the desired +action. + +- Click **Yes** to remove the host from all dynamic host lists and from the host master table +- Click **No** to remove only the host for the current host list + +The host is no longer in the host list. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/deletelist.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/deletelist.md new file mode 100644 index 0000000000..4e8e51fe7b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/deletelist.md @@ -0,0 +1,32 @@ +# Delete List + +Use the **Delete List** option to remove the selected list. This option is available only at an +individual host list node. + +**_RECOMMENDED:_** Before deleting a host list, first ensure it is not assigned to a job. + +**Step 1 –** In the Navigation pane, select the host list to delete and click **Delete List**. + +![Confirm dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletelist.webp) + +**CAUTION:** This action cannot be undone. Click **Cancel** to stop the deletion. + +**Step 2 –** On the Confirm dialog box, click **OK** to continue with the deletion. + +Enterprise Auditor checks to see if any hosts within the host list are found in any other static +host lists. + +![Confirm deletion of orphaned hosts from master host table dialog box](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletelistmaster.webp) + +**Step 3 –** If no hosts are found in any other host list, then Enterprise Auditor asks if you want +to remove the host from the master host table. On the Confirm dialog box, select the desired option. + +- Yes – Deletes the specified host from the master host table +- No – Does not delete the specified host from the master host table +- No to All – Does not delete other hosts that are not found in another static host list from the + master host table +- Yes to All – Deletes other hosts not found in any other static host list from the master host + table + +When the operation is complete, the list is no longer visible under the Host Management node in the +Navigation pane and it cannot be used to execute jobs against. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/editlist.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/editlist.md new file mode 100644 index 0000000000..174fd7842c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/editlist.md @@ -0,0 +1,23 @@ +# Edit List + +Use the **Edit List** option to edit properties for the selected host list. This option is available +only from an individual host list node. + +![Edit List option on Activities pane](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/editlist.webp) + +Select the host list to edit and click **Edit List**. The Host List Wizard opens for the selected +host list. If the selected host list is a custom static host list, the wizard opens on the Manual +Host Entry page where you can add and remove hosts from the list. Other host lists open directly to +the Specify Host List Properties page where you can modify the following: + +- Host List Name + + **CAUTION:** Changing the name of a host list that has been assigned to a job can cause the job + to fail. + +- Refresh inventory setting +- Credentials used for host inventory + +See the +[Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) +topic for information on modifying these settings. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/editquery.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/editquery.md new file mode 100644 index 0000000000..f33ea9a1b2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/editquery.md @@ -0,0 +1,11 @@ +# Edit Query + +Use the **Edit Query** option to modify host lists created by a Host Discovery query. + +![Edit Query option on Activities pane](/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.webp) + +In the Navigation pane, select the query-created host list to edit and click **Edit Query**. The +Host Discovery Wizard opens to the Query page where the query settings for the selected +query-created host list are modified. See the +[Host Discovery Wizard](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/overview.md) +topic for information on modifying these settings. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/export.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/export.md new file mode 100644 index 0000000000..086499adf5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/export.md @@ -0,0 +1,39 @@ +# Export Data + +Use the **Export Data** option to export all information available in the current grid view for the +selected host list to a HTML, XML , or CSV file. Follow the steps to export data. + +**Step 1 –** Select the Host Management or individual host list node to export data from, and +configure the data grid to contain all the columns you want to export. See the +[Host Inventory Data Grid](/docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.md) +topic for additional information. + +![Export Data option on the Activities pane](/img/versioned_docs/directorymanager_11.0/directorymanager/portal/export.webp) + +**Step 2 –** When the data grid contains all columns desired for export, click **Export Data**. A +Save As window opens. + +![Save As window](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportsaveas.webp) + +**Step 3 –** On the Save As window, select the required format (HTML Files, XML Files, or CSV Files) +and provide a name and location for the export file. + +This export is now shareable. Unlike the +[View/Edit Host](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewhost.md) +export option, this file will be in the same format as the data grid. + +## Export Examples + +The following examples show the different export format options. + +Example HTML File Export + +![Example HTML File Export](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportexamplehtml.webp) + +Example XML File Export + +![Example XML File Export](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportexamplexml.webp) + +Example CSV File Export + +![Example CSV File Export](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportexamplecsv.webp) diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhost.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhost.md new file mode 100644 index 0000000000..8e9ccd531c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhost.md @@ -0,0 +1,58 @@ +# Import Hosts Option + +On the Manual Host Entry page of the Host List Wizard, the **Import** option allows hosts to be +imported from either a CSV file or a database into the host list being created. + +Follow the steps to import hosts. + +![Import option on the Manual Host Entry page of the Host List Wizard](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistwizardimport.webp) + +**Step 1 –** On the Manual Host Entry page of the Host List Wizard, click **Import**. The Import +Hosts window opens. + +![Import Hosts window](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhosts.webp) + +**Step 2 –** On the Import Hosts window, use the **Import from** dropdown to select the source as +either **CSV File** or **Database**. + +**Step 3 –** Configure the source file. The necessary fields depend on the selection in the previous +step. + +![Import Hosts window for importing from CSV File](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhostscsv.webp) + +- CSV File + + - File Name – Click the ellipsis (**…**) to open a browser window and select the CSV file. This + file needs to be stored on the Enterprise Auditor Console server. Once selected, a preview of + the file is shown in the preview box. + - Includes header row – Select this checkbox if the file contains a header row. Otherwise, the + header row will be included in the import (visible within the preview box). + +![Import Hosts window for importing from Database](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhostsdatabase.webp) + +- Database + + - Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link + Properties window. Provide the required information on the Connection tab of the Data Link + Properties window, and then click **OK**. See the + [Import From a Database](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/database.md) + topic for additional information. + + **NOTE:** The Provider, Advanced, and All tabs of the Data Link Properties window should not + be modified. + + - Table – Use the dropdown to select the table that contains the hosts to be imported. A preview + of the selected table is displayed in the preview box. + +**Step 4 –** Use either the drop-down menu or click on the column in the preview box to select the +column containing the host names. The selected column is highlighted in the preview box. + +**Step 5 –** Click **OK** to complete the import. + +![Imported hosts added in the Host list box on the Manual Host Entry page of the Host List Wizard](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhostscomplete.webp) + +The Import Hosts window closes, and the imported list of host names is added in the Host list box on +the Manual Host Entry page of the Host List Wizard. Click **Next** to proceed with configuring the +host list. See the +[Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) +topic for additional information on the Host List Wizard. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocation.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocation.md new file mode 100644 index 0000000000..27d78239de --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocation.md @@ -0,0 +1,69 @@ +# Import Location + +Use the **Import Location** option to import the physical location data for hosts and opens a +customized version of the Import Hosts window. Add host locations from a CSV file or SQL Server +database without creating a new host list. See the +[Host Inventory Data Grid](/docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.md) +topic for information on the Location column of host inventory. + +Follow the steps to import physical location data for hosts. + +**Step 1 –** Ensure the import source file has columns for both the host name as it is identified +within Enterprise Auditor and the location. + +**NOTE:** When a host name does not match any existing hosts within the Host Master Table, it can be +added as a new host. + +![Import Location option on Activities pane](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocation.webp) + +**Step 2 –** Select the host list and click **Import Location**. + +![Import Hosts window for importing location](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocationwindow.webp) + +**Step 3 –** On the Import Hosts window, use the **Import from** dropdown to select the source as +either **CSV File** or **Database**. + +**Step 4 –** Configure the source file. The necessary fields depend on the selection in the previous +step. + +- CSV File + + - File Name – Click the ellipsis (**…**) to open a browser window and select the CSV file. This + file needs to be stored on the Enterprise Auditor Console server. Once selected, a preview of + the file is shown in the preview box. + - Includes header row – Select this checkbox if the file contains a header row. Otherwise, the + header row will be included in the import (visible within the preview box). + +- Database + + - Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link + Properties window. Provide the required information on the Connection tab of the Data Link + Properties window, and then click **OK**. See the + [Import From a Database](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/database.md) + topic for additional information. + + **NOTE:** The Provider, Advanced, and All tabs of the Data Link Properties window should not + be modified. + + - Table – Use the dropdown to select the table that contains the hosts to be imported. A preview + of the selected table is displayed in the preview box. + +**Step 5 –** Use either the drop-down menu or click on the column in the preview box to select the +column containing the host names. The selected column is highlighted in the preview box. + +![Import Hosts window Location column selection](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocationcsv.webp) + +**Step 6 –** Use the **Import column** drop-down menu to select the column containing the location +information. The selected column is highlighted a lighter color in the preview box. + +**Step 7 –** Click **OK** to complete the import. + +![Imported Location column data in the data grid](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocationcomplete.webp) + +The Location column now contains the imported information. If any of the hosts included in the +import file are not already in the Host Master Table, Enterprise Auditor prompts for confirmation on +whether or not to import the host. Selecting **Yes** or **Yes to All** adds the new hosts to the +Host Master Table but not to any individual host lists. + +**NOTE:** Any new hosts that match dynamic host list criteria will be added to the appropriate +dynamic host lists. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/overview.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/overview.md new file mode 100644 index 0000000000..e69f040c23 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/overview.md @@ -0,0 +1,60 @@ +# Host Management Activities + +The Activities pane available at the Host Management node and at the individual host list nodes +provides the tools needed to manage hosts and host lists. + +| ![Activities pane in Host Management node](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/activitieshostmanagement.webp) | ![Activities pane in individual host list node](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/activitiesindividualhost.webp) | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Host Management Node | Individual Host List Nodes | + +The available actions are: + +- [Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) + – Create a new host list by manually entering hosts or importing a host list (only available in + the Host Management node) +- [View/Edit Host](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewhost.md) + – Open the Host Details View, which displays the collected host inventory information for the + selected host in an easier-to-read format and allows you to manually edit the host inventory + information +- [Delete Host(s)](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/deletehost.md) + – Delete host from the selected list (permanently deletes host from the host master table if used + in the Host Management node) +- [Import Location](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocation.md) + – Import the physical location data for hosts from a CSV file or database without creating a new + host list. Location column is in the + [Host Inventory Data Grid](/docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.md). +- [Refresh Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/refresh.md) + – Manually executes the host inventory query for the selection +- [Save Current View](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/saveview.md) + – Create a dynamic host list from the current (filtered) data grid view +- [Save Selected To List](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/savetolist.md) + – Create a static host list from the selected hosts within the current data grid +- [Schedule (Activities Pane Option)](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedule.md) + – Opens a customized Schedule Properties window to schedule a host inventory query +- [Export Data](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/export.md) + – Export the current data grid to a HTML, XML, or CSV file +- [Suspend/Resume Host Inventory](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/suspend.md) + – Pause an **In progress** host inventory or resume a paused **In queue** host inventory +- External commands – Sub-header (not activity) that separates the Activities above which occur + within the Enterprise Auditor Console from the Activities below which open external processes: + + - Manage Host – Opens the Microsoft Management Console interface for the selected host if it has + that feature enabled + - Explore Host – Opens Windows Explorer, displaying the shares on the selected host + - Ping Host – Opens a Command Prompt to run a ping command targeting the selected host + - Trace Route to Host – Opens a Command Prompt to run the `TraceRoute` command, locating a path + to the selected machine in less than 30 hops + +Activities available only at the individual host list nodes are: + +- [Edit List](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/editlist.md) + – Edit the selected host list in the Host List Wizard +- [Edit Query](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/editquery.md) + – Edit the Host Discovery query settings for the selected query-created host list +- [Rename List](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/rename.md) + – Rename the selected host list (should not be used if the host list has already been assigned to + a job for execution) +- [Delete List](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/deletelist.md) + – Delete the selected host list +- [View Query](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewquery.md) + – Opens the Host Discovery Queries window diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/refresh.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/refresh.md new file mode 100644 index 0000000000..6e4a3441dd --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/refresh.md @@ -0,0 +1,18 @@ +# Refresh Hosts + +Use the **Refresh Hosts** option to manually execute the Host Inventory query. It can be selected +for the following: + +- All hosts – Use from the Host Management node +- Individual host list – Use from a host list node to refresh all hosts in the selected host list +- Selected hosts in a list – Select hosts using the Windows Ctrl and left-click function or by + filtering the data grid view +- Individual host – Select a host from the current view + +![Refresh Hosts option on Activities pane](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/refreshhosts.webp) + +Select the hosts or host list to inventory and then click **Refresh Hosts** in the Activities pane. + +![Refresh Hosts Confirm dialog](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/refreshhostsconfirm.webp) + +When only particular hosts are selected in a list, a dialog box asks for confirmation of the action. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/rename.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/rename.md new file mode 100644 index 0000000000..8c128e8f67 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/rename.md @@ -0,0 +1,16 @@ +# Rename List + +Use the Rename List option to change the name of a selected host list. This option is available only +from an individual host list node. + +**CAUTION:** Changing the name on a host list that has been assigned to a job can cause the job to +fail. + +![Host list name window](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistname.webp) + +Select the host list to rename and click **Rename List** to open the Host list name window. Enter +the new name for the host list and click **OK**. + +**NOTE:** Host list names can also be changed using the **Edit List** option, see the +[Edit List](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/editlist.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/savetolist.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/savetolist.md new file mode 100644 index 0000000000..f2054fe6b7 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/savetolist.md @@ -0,0 +1,15 @@ +# Save Selected To List + +Use the **Save Selected To List** option to create a static host list. This option is available from +either the Host Management node or an individual host list node. See the +[Static Host Lists](/docs/accessanalyzer/11.6/admin/hostmanagement/lists.md#static-host-lists) +topic for additional information on static host lists. This option is inactive until at least one +host within the data grid is selected. + +![Save Selected To List option in Host Management node](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/savetolist.webp) + +Use the Windows Ctrl + left-click function to select multiple hosts from the data grid. In the +Activities pane, click **Save Selected To List**. The Host List Wizard opens with the selected hosts +in the Host list box on the Manual Host Entry page. See the +[Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) +topic for information on creating a host list. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/saveview.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/saveview.md new file mode 100644 index 0000000000..10059dc120 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/saveview.md @@ -0,0 +1,32 @@ +# Save Current View + +Use the **Save Current View** option to create a dynamic host list. This option is available from +either the Host Management node or an individual host list node. The option is inactive until you +apply a filter to the data grid. Follow the steps to create a dynamic host list. + +**Step 1 –** Select the Host Management or individual host list node to create the host list from. + +**Step 2 –** Filter the data grid for the desired criteria. See the +[Host Inventory Data Grid](/docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.md) +topic for additional information. + +![savecurrentview](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/savecurrentview.webp) + +**Step 3 –** Click **Save Current View** in the Activities pane. + +![Host List name window](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistname.webp) + +**Step 4 –** On the Host list name window, provide a unique, descriptive name for the new host list +and click **OK**. + +The new host list displays under the Host Management node. When the Enterprise Auditor Console +closes the host lists under the Host Management node, the hosts reorganize in alphanumeric order. +Like the default host lists, custom dynamic host lists are auto-populated and updated according to +host inventory. + +**_RECOMMENDED:_** Do not modify the criteria once a dynamic based list has been created. It is +better to delete and recreate the list in order to modify a dynamic-based list. + +See the +[Dynamic Host Lists](/docs/accessanalyzer/11.6/admin/hostmanagement/lists.md#dynamic-host-lists) +topic for more information on dynamic host lists. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedule.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedule.md new file mode 100644 index 0000000000..06e8c77852 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedule.md @@ -0,0 +1,24 @@ +# Schedule (Activities Pane Option) + +Use the **Schedule** option in the Activities pane to schedule a host inventory query to run for any +of the following: + +- All hosts in the Host Master Table +- An individual host list +- Selected hosts in a list + +![Schedule option on the Activities pane](/img/product_docs/accessanalyzer/11.6/admin/settings/schedule.webp) + +Select the hosts or host list to inventory and click **Schedule** in the Activities pane. The +Schedule Wizard opens for the selected host or host list. + +![Schedule Wizard for Host Inventory Query](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedulewizardhostmanagement.webp) + +Use the Schedule Wizard to configure the scheduled task. See the +[Schedule Wizard](/docs/accessanalyzer/11.6/admin/schedule/wizard.md) +topic for additional information. + +The details of the scheduled Inventory query are available in the **Schedules** view, including the +next run date and time. See the +[Schedules](/docs/accessanalyzer/11.6/admin/schedule/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/suspend.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/suspend.md new file mode 100644 index 0000000000..9501f74698 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/suspend.md @@ -0,0 +1,15 @@ +# Suspend/Resume Host Inventory + +Use the **Suspend Host Inventory** option to pause an in progress inventory. + +![Suspend Host Inventory](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/suspendhostinventory.webp) + +Once clicked, the option changes to **Resume Host Inventory** and the **In progress** host +inventories change to an **In queue** state. + +**NOTE:** Clicking **Refresh Hosts** while inventory is suspended adds to the queue but does not +resume the inventory. + +![Resume Host Inventory](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/resumehostinventory.webp) + +Click **Resume Host Inventory** to resume the inventory queries. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewhost.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewhost.md new file mode 100644 index 0000000000..56c1ea9989 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewhost.md @@ -0,0 +1,23 @@ +# View/Edit Host + +Use the **View/Edit Host** option to open the Host Details View. This view displays the collected +host inventory information for the selected host in an easy-to-read format. + +![View/Edit Host option](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewedithost.webp) + +Select a host from either the Host Master Table or an individual host list and click **View/Edit +Host**. + +![Host Details View](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostdetailsview.webp) + +The Host Details View displays in the Results pane, and the rest of the Enterprise Auditor Console +is unavailable while it is open. You can use the view to manually edit the host inventory +information. + +- Edit – Enables the textboxes and checkboxes for editing +- Apply – Saves any changes. This button appears when **Edit** is clicked. +- Save as HTML – Exports the current view of the selected host’s inventory to an HTML file. Click, + then provide a name and location for the export. The export is now sharable as desired. This + button is inactive while in edit mode. +- Cancel – Abandons any changes. This button displays when **Edit** is clicked. +- Close – Exits the Host Details View diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewquery.md b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewquery.md new file mode 100644 index 0000000000..8f1d17765c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewquery.md @@ -0,0 +1,9 @@ +# View Query + +Use the **View Query** option to open the Host Discovery Queries pane. + +![View Query option on Activities pane](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewquery.webp) + +Click **View Query** to go to the Host Discovery Queries pane. See the +[Host Discovery Queries](/docs/accessanalyzer/11.6/admin/hostdiscovery/queries.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.md b/docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.md new file mode 100644 index 0000000000..0aaf654750 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.md @@ -0,0 +1,99 @@ +# Host Inventory Data Grid + +The data grid provides all host inventory information collected on the hosts. View this information +at the **Host Management** node (the Host Master Table) or at individual host list nodes. See the +[Hosts Lists](/docs/accessanalyzer/11.6/admin/hostmanagement/lists.md) +topic for information on host lists. + +![Host Inventory Data Grid](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.webp) + +The icon for each host entry is an indicator of its inventory state: + +| Icon | Inventory State | +| ---------------------------------------------------------------------------------------------------------------------------------------------- | --------------- | +| ![Idle inventory state icon](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/inventoryidle.webp) | Idle | +| ![In Queue inventory state icon](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/inventoryinqueue.webp) | In Queue | +| ![In Progress inventory state icon](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/inventoryinprogress.webp) | In Progress | + +The **Name**, **HostStatus**, and **InventoryState** grid columns are fixed by default. If desired, +you can move these columns to the scrollable section of the table. + +Use the horizontal scrollbar at the bottom to view the host inventory data, which includes: + +- Name – Unique host name +- HostStatus – Status of the host during the last time it was queried for host inventory collection +- InventoryState – Last known status of the host inventory query (**Idle**, **In progress**, or **In + queue**) + + **NOTE:** If the Enterprise Auditor application is stopped during host inventory collection, + hosts queued for inventory retain the **InventoryState** of **In queue** within the Host + Management node data grid, as this is the last known state of inventory. It retains that state + until the next host inventory collection is executed against the host. + +- IPAddress – Last known IP Address for the host from host inventory collection +- Subnet – Subnet mask for the host’s IP Address +- DNSDomain – Domain in which the host participates +- FQDN – Fully Qualified Domain Name of host +- OSName – Name of host’s operating system +- OSType – Type of host’s operating system +- TimeZone – Configured time zone for the host +- LastOnline – Timestamp for the last time the host was found to be online during a host inventory + query +- LastAudit – Timestamp for the last time the host was executed against at the job level +- LastUpdate – Timestamp for the last time the host inventory record was updated +- WindowsDomain – Domain in which the host resides +- OSVersion – Version of the host’s operating system +- ServicePack – Operating system Service Pack for the host +- Role – Estimated role of the workstation or server (only applicable to Windows devices) +- Manufacturer – Name of the manufacturer of the device, if applicable +- SerialNumber – Serial number of the device, if applicable +- ADSite – Active Directory site in which the host resides +- isDNSServer – True or False if the host serves the role of DNS server +- isDomainController – True or False if host serves the role of domain controller +- isGlobalCatalog – True or False if host serves the role of Global Catalog +- isExchangeServer – True or False if host serves the role of Exchange server +- Model – Model of the device, if applicable +- FirstDiscovered – Timestamp of the Host Discovery query which introduced the host +- LastUpdatedBy – Name of the Enterprise Auditor Console server which last updated the host’s + inventory record +- MACAddress – Media Access Control address, if applicable +- ServerRole – Indicates what role is served by the server (only applicable to Exchange servers) +- isIIS – True or False if IIS is present on the server +- Location – Distinct physical location, entered manually through the + [Import Location](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocation.md) + activity +- ExchLocation – Distinct physical location of Exchange server, entered manually through the + [Import Location](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocation.md) + activity +- AltLocation – Alternate physical location, entered manually through the + [Import Location](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocation.md) + activity +- WinCluster – Name of the Windows cluster in which the host is a part, if applicable +- ExchCluster – Name of the Exchange cluster in which the host is a part, if applicable +- ExchangeServerRole – Name of the Exchange server roles served by the host +- ExchangeVersion – Exchange Server application version obtained from the registry +- IsSQLServer – True or False if host serves the role of SQL Server +- hostID – Unique identifier of the host within the Enterprise Auditor inventory tables + +See the +[Data Grid Functionality](/docs/accessanalyzer/11.6/admin/navigate/datagrid.md) +topic for information on how to sort, filter, and search within the data grid. + +The Activities pane provides several options for managing hosts within the Host Management node. See +the +[Host Management Activities](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/overview.md) +topic for information on these options. + +## Host List Data Grid Right-Click Menus + +The right-click menu available in the Host Management data grid varies according to the selection in +the Navigation pane. + +| ![Host Management node right-click menu](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/rightclickhostmanagement.webp) | ![Individual host list right-click menu](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/rightclickindividualhost.webp) | ![Query created host list right-click menu](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/rightclickquerycreated.webp) | +| -------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Host Management Node | Individual Host List | Query-Created Host List | + +These right-click menu options contain the Host Management Activities available for the selection. +See the +[Host Management Activities](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/overview.md) +topic for additional information on these options. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/lists.md b/docs/accessanalyzer/11.6/admin/hostmanagement/lists.md new file mode 100644 index 0000000000..975ce86ae9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/lists.md @@ -0,0 +1,77 @@ +# Hosts Lists + +A host list is a grouping of hosts for the purpose of executing jobs against. Every host list +created can be accessed by expanding the **Host Management** node in the Navigation pane. + +![Host Management Node in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +There are two types of host lists: + +- Dynamic host lists – Auto-populated and updated according to the most recent inventory information + available for the hosts. They include both the default host lists and custom created dynamic host + lists. See the [Dynamic Host Lists](#dynamic-host-lists) topic for additional information. +- Static host lists – Only changed manually or through a scheduled host discovery query. They + include both host lists created during host discovery queries and custom created static host + lists. See the [Static Host Lists](#static-host-lists) topic for additional information. + +A newly created host list will appear in alphanumerical order under the Host Management node. The +icon in front of the host list will indicate which type of host list it is: + +| Icon | Type of Host List | +| ------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | +| ![Static Host List icon](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/statichostlist.webp) | Default Host List or Custom Host List (Static or Dynamic) | +| ![Host Discovery Query List icon](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/discoveryquerylist.webp) | Host Discovery Query List | +| ![Dynamic Host List icon](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/dynamichostlist.webp) | Host List created by Job | + +You can view host inventory information at the Host Discovery node (the Host Master Table) or at +individual host list nodes. See the +[Host Inventory Data Grid](/docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.md) +topic for information on the data collected by host inventory. + +## Dynamic Host Lists + +Dynamic host lists are lists of hosts that are grouped according to selected criteria within the +host inventory. Each time a host inventory record is refreshed, the hosts are automatically added to +or removed from dynamic host lists in accordance with the criteria set for the list. They include +both the default host lists and custom created dynamic host lists. See the +[Host Inventory](/docs/accessanalyzer/11.6/admin/settings/hostinventory.md) +topic for a list of the default host lists and instructions on controlling which of these lists are +visible under the Host Management node. + +Custom dynamic host lists are created by filtering the data grid and using the +[Save Current View](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/saveview.md) +option in the Activities pane or right-click menu. This can be done at the Host Management node with +the Host Master Table or at any host list node. See the +[Filter](/docs/accessanalyzer/11.6/admin/navigate/datagrid.md#filter) +topic for additional information on filtering data grids. + +**_RECOMMENDED:_** Do not modify the criteria once a dynamic based list has been created. It is +better to delete and recreate the list in order to modify a dynamic-based list. + +## Static Host Lists + +Static host lists are created either through host discovery queries or manually entered within the +**Host Management** node. Lists created by +[Host Discovery Node](/docs/accessanalyzer/11.6/admin/hostdiscovery/overview.md) +queries are updated each time the query is run, manually or scheduled. Other static host lists can +only be changed manually. Custom host lists are frequently created in order to scope a job to +execute against a select set of hosts. + +For example, a user running the Exchange Solution might create a list to just run Mailbox queries +against. Whereas a user running the File System Solution might create a list of servers being used +for file shares. + +There are two common ways to create static host lists: + +- Use the + [Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) + option in the Activities pane or right-click menu to access the Host List Wizard +- Select multiple hosts from the data grid using the Windows Ctrl and left-click function. This can + be done from the Host Mast Table or any host list under the Host Management node. Then use the + [Save Selected To List](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/savetolist.md) + option in the Activities pane or right-click menu to open the Host List Wizard with a pre-filled + in Manual Host Entry page. + +See the +[Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) +section for information using the Host List Wizard. diff --git a/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md b/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md new file mode 100644 index 0000000000..4e206c25b5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md @@ -0,0 +1,45 @@ +# Host Management + +The **Host Management** node is used to manage hosts in a targeted environment. Hosts configured +under the **Host Management** node can be audited using other features in Enterprise Auditor. This +node maintains information for audited computers. To view information on all computers in the +environment, use the +[.Active Directory Inventory Solution](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/overview.md), +specifically the Active Directory Summary report. + +The Host Management node provides a master list of every host ever introduced to Enterprise Auditor. +Introduce hosts through +[Host Discovery Node](/docs/accessanalyzer/11.6/admin/hostdiscovery/overview.md) +queries or by entering them manually. Hosts are removed from this list only by manually deleting +them. This master listing of hosts, or the Host Master Table, is designed around unique host names, +not necessarily unique hosts themselves. The data grid provides all host inventory information +collected on the hosts. See the +[Host Inventory Data Grid](/docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.md) +topic for additional information. + +The Host Management process consists of the following phases: + +- Host Discovery – The process of discovering hosts to audit through Host Discovery queries, which + can be scoped to identify computers with commonalities. These queries are managed under the Host + Discovery node. See the + [Host Discovery Node](/docs/accessanalyzer/11.6/admin/hostdiscovery/overview.md) + topic for additional information. +- Host Inventory – The process of collecting key pieces of information about each host to aid in + segregating the hosts into logical sub-groupings for targeted auditing. Use either the Host + Discovery or Host Management nodes. +- Host List Creation – Enterprise Auditor creates Default host lists based on Host Inventory + results. Create and manage Custom host lists under the Host Management node. See the + [Hosts Lists](/docs/accessanalyzer/11.6/admin/hostmanagement/lists.md) + topic for additional information. + +![Host Management Node in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The nodes under the Host Management node are: + +- Default hosts lists +- Host lists generated by Host Discovery queries +- Custom host lists + +See the +[Host Inventory](/docs/accessanalyzer/11.6/admin/settings/hostinventory.md) +topic for global settings that affect Host Management. diff --git a/docs/accessanalyzer/11.6/admin/jobs/features.md b/docs/accessanalyzer/11.6/admin/jobs/features.md new file mode 100644 index 0000000000..ce3430026b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/features.md @@ -0,0 +1,102 @@ +# Special Features & Functions + +There are several special features and functions available for jobs and job components with which +Enterprise Auditor users should be familiar. + +View XML Files + +Job, query, analysis, and action property windows all have the **View XML** option. These provide +the ability to edit through an XML text window. + +Open Explore Folder + +Enterprise Auditor users can directly open a selected job or job group folder from the Jobs tree +using the **Explore Folder** option in the right-click menu. + +Publish Reports after Report Generation + +Reports that have been generated but not published can be sent to the Web Console using the +**Publish** option in the right-click menu from the selected Jobs tree, job group, or job node. See +the [Publish Reports Window](#publish-reports-window) topic for additional information. + +Job Configuration Change Tracking + +Jobs configuration changes can be tracked using the **Changes** option in the right-click menu from +the selected Jobs tree, job group, or job node. See the +[Changes Window](/docs/accessanalyzer/11.6/admin/jobs/overview.md#changes-window) +topic for additional information. + +Job Export + +Jobs can be exported to a ZIP file using the **Export** option in the right-click menu from the +selected job group or job node. See the +[Export Job to Zip Archive Window](#export-job-to-zip-archive-window) topic for additional +information. + +See the +[Jobs Tree Right-click Menus](/docs/accessanalyzer/11.6/admin/navigate/pane.md#jobs-tree-right-click-menus) +section for additional features. + +## Export Job to Zip Archive Window + +The Export Job to Zip Archive window opens from the **Export** option in the right-click menu from +the selected job group or job node. + +![Export from Jobs Tree menu](/img/versioned_docs/directorymanager_11.0/directorymanager/portal/export.webp) + +Select **Export** from the right-click menu to open the Export Group to Zip Archive window. + +![Export Group to Zip Archive window](/img/product_docs/accessanalyzer/11.6/admin/jobs/exportgrouptoziparchive.webp) + +The **Include all job components** option will zip the job’s directory, the reports, the job log, +and the SA_Debug log. The **Select specific components to export** option allows Enterprise Auditor +users to select which components to include in the ZIP file. + +There are two options for where to save the ZIP file: + +- Save in the exported folder – Saves the file in the job’s directory, for example + `%sainstalldir%Jobs\GROUP_.Active Directory Inventory\.Active Directory Inventory.zip` +- Save in the following location – Allows you to either type or browse to the desired save location + +The **Email this archive**checkbox provides the opportunity to send an email notification with the +attached ZIP file. + +![Support Email window](/img/product_docs/accessanalyzer/11.6/admin/jobs/supportemail.webp) + +When the archive has been created, the Enterprise Auditor Support Email window opens. By default, +the recipient is set to [Netwrix Support](https://www.netwrix.com/support.html) but it can be +modified prior to sending. Additional recipients can be added, and the Subject and email body can be +modified. + +## Publish Reports Window + +The **Publish Reports** wizard allows you to better manage the list of reports published to the Web +Console. + +When you right-click on a job group or job and select **Publish**, the Publish Reports wizard opens. +You can choose the list of reports to be published or removed from the Web Console. + +Follow the steps to publish the reports. + +**Step 1 –** Right-click on a job group or job and select **Publish** from the drop-down list. + +![Publish Reports wizard Action Type page](/img/product_docs/accessanalyzer/11.6/admin/jobs/publishreportsactiontype.webp) + +**Step 2 –** On the Action Type page, select the type of action to be performed on the reports and +click **Next**: + +- Publish Reports +- Delete Reports + +![Publish Reports wizard Report Tree page](/img/product_docs/accessanalyzer/11.6/admin/jobs/publishreportsreporttree.webp) + +**Step 3 –** On the Report Tree page, select the reports to be published or removed (depending on +the Action Type selected in the previous step). Click **Next** to proceed with the action. + +**Step 4 –** The Progress page shows you the status of the action. When it has completed, click +**Finish** to exit the wizard. + +Published reports can be viewed under the **[Job]** > **Results** node or through the Web Console. +See the +[Reporting](/docs/accessanalyzer/11.6/admin/report/overview.md) topic +for additional information. diff --git a/docs/accessanalyzer/11.6/admin/jobs/group/connection.md b/docs/accessanalyzer/11.6/admin/jobs/group/connection.md new file mode 100644 index 0000000000..29102879fd --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/group/connection.md @@ -0,0 +1,29 @@ +# Connection Node + +At the job group level, the **Connection** node identifies the Connection Profile assigned for the +job group. All Connection Profiles are created at the global level (**Settings** > **Connection**). + +![Job Group Connection Settings](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoredhosts/add/connection.webp) + +By default, all job groups are set to inherit the **Use Default Profile** option from the global +level or a parent job group. See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +If the Default Setting is not preferred, select the custom type of connection settings desired +below: + +- System default + + - For manual or ad hoc job execution, the account logged into the Enterprise Auditor Console is + applied to the target hosts for authentication + - For scheduled job execution, the account supplied as the Schedule Service account at the + **Settings** > **Schedule** node is applied to the target hosts for authentication + +- Select one of the following user defined profiles + + - Select a pre-configured Connection Profile from the drop-down menu + +Selecting the **Set all the child objects to inherit these settings** option forces inheritance of +this setting to all sub-groups and jobs within the job group. When enabled, this option overrides +any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/11.6/admin/jobs/group/history.md b/docs/accessanalyzer/11.6/admin/jobs/group/history.md new file mode 100644 index 0000000000..8048b668ab --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/group/history.md @@ -0,0 +1,30 @@ +# History Node + +At the job group level, the History node identifies data retention and log retention periods +assigned for the job group. + +![Job Group History Settings](/img/product_docs/accessanalyzer/11.6/admin/settings/history.webp) + +By default, all job groups are set to inherit **Use Default Setting** option from the global level +(**Settings** > **History**) or a parent job group. See the +[History](/docs/accessanalyzer/11.6/admin/settings/history.md) topic +for additional information. + +**CAUTION:** It is important to understand that some pre-configured jobs require history retention +while others do not support it. See job group and job descriptions for additional information. + +If the Default Setting is not preferred, select the custom type of retention settings desired below: + +- Data Retention Period + + - Never retain previous job data + - Retain previous job data for [number] [time period] + - Always retain previous job data + +- Log Retention Period + + - Retain previous job logs for [number] [time period] + +Selecting the **Set all the child objects to inherit these settings** option forces inheritance of +this setting to all sub-groups and jobs within the job group. When enabled, this option overrides +any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/11.6/admin/jobs/group/hostlistsassignment.md b/docs/accessanalyzer/11.6/admin/jobs/group/hostlistsassignment.md new file mode 100644 index 0000000000..1ac54722d2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/group/hostlistsassignment.md @@ -0,0 +1,26 @@ +# Host Lists Assignment + +At the job group level, the Host Lists Assignment node identifies target host lists assigned for the +job group. + +![Job Group Host Lists Assignment](/img/product_docs/accessanalyzer/11.6/admin/jobs/group/hostlistassignment.webp) + +At a top-level job group, there is no host list to be inherited. The **Use Default Settings** option +is grayed-out. However, a sub-job group can inherit host lists from a parent job group. Host lists +are configured through the **Host Management** node. See the +[Host Management](/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md) +topic for additional information. + +Several pre-defined solutions have default host lists already assigned to the solution, for example +the .Active Directory Inventory Job Group has the Default domain controller assigned at the job +group and inherited to the jobs. + +Select the host lists to be targeted by the job group. The **Filter host lists by** feature scopes +the list to match the search string provided. At the bottom of the list is an indicator of how many +hosts lists have been selected out of the total number of hosts lists known to the Enterprise +Auditor Console. If a filter has been applied, there is also an indicator of how many host lists +matched the search string. + +Selecting the **Set all the child objects to inherit these settings** option forces inheritance of +this setting to all sub-groups and jobs within the job group. When enabled, this option overrides +any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/11.6/admin/jobs/group/overview.md b/docs/accessanalyzer/11.6/admin/jobs/group/overview.md new file mode 100644 index 0000000000..1478d781c6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/group/overview.md @@ -0,0 +1,111 @@ +# Job Groups + +Job groups are designed to manage related jobs and can contain sub-job groups to ensure that related +jobs are executed in the correct order. To create a new job group, right-click on the desired +location (Jobs tree or another job group) and select **Create Group**. Then provide a unique, +descriptive name taking into consideration the alphanumeric ordering of the Jobs tree. + +![Example of Job Group Structure](/img/product_docs/accessanalyzer/11.6/admin/jobs/group/jobgroupstructure.webp) + +Job groups are organized similar to the Jobs tree, with the Settings node at the top, followed by +sub-job groups (job group for collection first, if applicable), then followed by analysis and +reporting jobs. Both are sorted in alphanumeric order. This is necessary because data collection +jobs must run prior to the analysis and reporting jobs that rely on the collected data without +consideration to the job’s name (alphanumeric order). + +## Job Group Description Page + +The Job Group Description page displays shortcuts, links, and important information on the job group +and the jobs contained within the Job Group. Depending on the type of job group, the description +page will appear different and display information specific to the job group selected. + +| ![Job Group Description page for a pre-configured job group](/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpage.webp) | ![Job Group Description page for a user-created job group](/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpagenewgroup.webp) | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Pre-Configured Job Group | User-Created Job Group | + +The two types of job groups in Enterprise Auditor are: + +- Pre-configured – The job group description page provides a brief summary of the purpose of the job + group, the jobs contained within, and special requirements if applicable +- User Created – Job group description of job description only provides generic information and + options + +**NOTE:** Every job group’s description includes options for creating a group, opening the Instant +Job Library, and creating a job. + +Pre-configured job group description pages provide users with shortcuts and links to many of the +functions that can be accessed in the Jobs Tree in the Navigation Pane. + +![Job Group Description page](/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpage.webp) + +The sections of the job group description page are: + +- Job Group Settings Shortcuts – These pages can also be accessed through the job group Settings + Nodes in the Navigation Pane. See the + [Job Groups Settings Node](/docs/accessanalyzer/11.6/admin/jobs/group/settings.md) + topic for additional information. + + - Storage – Configure the job group’s Storage options + - History – Configure the job group’s History options + - Connection – Configure the job group’s Connection options + - Reporting – Configure the job group’s Reporting options + - Host Lists Assignment – Select the targeted host list in the job group’s Host Lists Assignment + +- Help – Opens the [Netwrix Technical Knowledge Center](https://helpcenter.netwrix.com/) in a + browser to a relevant landing page for the job group +- Run Now – Runs the currently selected job group +- Schedule – Opens the Schedule page to schedule the job group +- Open Folder – Opens the job group’s folder location with supporting files in the Windows Explorer +- Create Group – Creates a job group within the currently selected job group +- Create Job – Creates a job within the currently selected Job +- Add Instant Job – Add an Instant Job using the Instant Job Wizard. See the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) + topic for additional information. + +![Overview section of Job Group description page](/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpageoverview.webp) + +The Overview section provides summary information about the job group. This section includes the +following information: + +- Assigned Host List – Hovering over the **Assigned Host List** button shows a tool-tip with + information on the hosts lists are assigned to the job group + + - Click on the **Assigned Host List** button to go to the Job Group's Host List Assignment node. + See the + [Host Lists Assignment](/docs/accessanalyzer/11.6/admin/jobs/group/hostlistsassignment.md) + topic for additional information. + +- Show Inherited Settings – Click on the **Show Inherited Settings** button to view information on + the following: + + - Connection Profile + - Data Retention Period + - Log Retention Period + - Reporting Settings + - Storage Account + +- Contents – Shows the job groups and jobs contained within the currently selected job group + +**NOTE:** If applicable, the page shows special instructions for which hosts need to be targeted for +proper job group execution. + +### Job Settings: Inherited and Directly Applied + +Job group settings can be applied directly or inherited. On the job group level, it is considered +that all settings are applied directly. + +![Show Inherited Settings on Job Overview page](/img/product_docs/accessanalyzer/11.6/admin/jobs/group/showinheritedsettings.webp) + +If not, click the **Show inherited settings** button to expand the inherited settings list (they are +highlighted in blue). + +The following inherited settings are available: + +| Setting | Description | +| --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Connection profile | The tooltip shows the account name used in the connection profile. Clicking the button opens the parent Connection settings for the selected job group. See [Connection Node](/docs/accessanalyzer/11.6/admin/jobs/group/connection.md) for more information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit the Profile – Clicking the link opens the Connection settings for the current profile - Use Default Profile – Clicking the link applies the connection profile set as default on a global level to a job. In this case, this setting is hidden under the **Show Inherited Settings** button. - List of profiles – Allows switching between existing connection profiles and apply a desired one to a job | +| Data Retention Period | The tooltip shows the current value for the data retention period (by default, **Never retain previous job data**). Clicking the button opens the parent History settings for the selected job group. See the [History Node](/docs/accessanalyzer/11.6/admin/jobs/group/history.md) topic for additional information. | +| Log Retention Period | The tooltip shows the current value for log retention period (by default, **Retain previous job log for 7 times**). Clicking the button opens the parent History settings for the selected job group. See the [History Node](/docs/accessanalyzer/11.6/admin/jobs/group/history.md) topic for additional information. | +| Hosts Lists | The tooltip shows the names of the host lists assigned to this job group. If you have more than three host lists assigned to a job group, the tooltip shows 3 hosts name and the number of other hosts lists assigned (for example, if 5 hosts are assigned it shows `Host1, Host2, Host3 + 2 more`). Clicking the button opens the parent Host Lists setting for the selected job group. See the [Host Lists Assignment](/docs/accessanalyzer/11.6/admin/jobs/group/hostlistsassignment.md) topic for additional information. | +| Reporting Settings | Clicking the Reporting Settings button opens the parent Reporting settings for the selected job group including publishing options, email settings, and roles. See the [Reporting Node](/docs/accessanalyzer/11.6/admin/jobs/group/reporting.md) topic for additional information. | +| Storage Profile | The tooltip shows the current SQL Server instance, database name, user account, and authentication type used for the selected job group. See the [Storage Node](/docs/accessanalyzer/11.6/admin/jobs/group/storage.md)s topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit This Profile – Clicking the link opens the Storage settings for the current profile - Use Default Profile – Clicking the link applies the storage profile set as default on a global level to a job. In this case, this setting is hidden under the **Show Inherited Settings** button - List of existing profiles – Allows switching between existing storage profiles and apply a desired one to a job | diff --git a/docs/accessanalyzer/11.6/admin/jobs/group/reporting.md b/docs/accessanalyzer/11.6/admin/jobs/group/reporting.md new file mode 100644 index 0000000000..111683e49c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/group/reporting.md @@ -0,0 +1,23 @@ +# Reporting Node + +At the job group level, the **Reporting** node identifies the report publishing and email +configurations assigned for the job group. By default, all job groups are set to inherit the +reporting settings, the **Use default setting** option, from the global level (**Settings** > +**Reporting**), or a parent job group. See the +[Reporting](/docs/accessanalyzer/11.6/admin/settings/reporting.md) +topic for additional information. + +**NOTE:** If the Role Based Access feature is enabled, it also displays a list of all accounts +granted access to the published reports via the Web Console that are generated by any jobs within +the job group. + +![Job Group Reporting Settings page](/img/product_docs/accessanalyzer/11.6/admin/settings/reporting.webp) + +Checking the **Set all the child objects to inherit these settings** option at the bottom of the +page forces inheritance of these settings to all sub-groups and jobs within the job group. When +enabled, this option overrides any custom settings configured for the child objects. + +**NOTE:** The **Set all the child objects to inherit these settings** option has no impact on the +inheritance of Report Roles. + +## Publish diff --git a/docs/accessanalyzer/11.6/admin/jobs/group/settings.md b/docs/accessanalyzer/11.6/admin/jobs/group/settings.md new file mode 100644 index 0000000000..e2bf02f266 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/group/settings.md @@ -0,0 +1,43 @@ +# Job Groups Settings Node + +A job group’s Settings node is where custom configurations can be set and where the host lists are +assigned to a job group. + +![Job group settings in the Jobs Tree](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) + +These settings inherit the global settings down by default unless inheritance is broken at a job +group or a job level. + +- [Connection Node](/docs/accessanalyzer/11.6/admin/jobs/group/connection.md) + – Use the default Connection Profile or break inheritance to select the Connection Profile needed + for the assigned host lists for this job group +- [History Node](/docs/accessanalyzer/11.6/admin/jobs/group/history.md) + – Use the default history settings or break inheritance on data retention and log retention + settings for this job group +- [Host Lists Assignment](/docs/accessanalyzer/11.6/admin/jobs/group/hostlistsassignment.md) + – Use the default host list configured on a parent job group or break inheritance on assigned host + lists for this job group + + **NOTE:** Host List Assignments is not a global setting. The pre-configured solutions may + contain Host List Assignments configured to use Global Default Host Lists, for example All + Domain Controllers. See the + [Default Host Lists](/docs/accessanalyzer/11.6/admin/settings/hostinventory.md#default-host-lists) + topic for additional information. + +- [Reporting Node](/docs/accessanalyzer/11.6/admin/jobs/group/reporting.md) + – Use the default report settings or break inheritance on Published Report settings, Email + settings, and Report role assignment for this job group +- [Storage Node](/docs/accessanalyzer/11.6/admin/jobs/group/storage.md) + – Use the default storage profile or break inheritance on where this job group's data is stored + +If changes are made, click **Save** to implement the changes. Changes are not implemented unless +they are saved. + +**Host List Assignment** and **Connection** are the two settings that should always be confirmed +before executing a job group or job when data collection is included. The assigned host lists +contains the hosts that are targeted by the job’s data collection queries. The assigned Connection +Profile must have the appropriate level of permissions in order for the data collection to be +successful. See the +[Permissions by Data Collector (Matrix)](/docs/accessanalyzer/11.6/admin/datacollector/permissionmatrix.md) +topic for information on the recommended permissions needed on the targeted hosts in order to +collect data. diff --git a/docs/accessanalyzer/11.6/admin/jobs/group/storage.md b/docs/accessanalyzer/11.6/admin/jobs/group/storage.md new file mode 100644 index 0000000000..e821247825 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/group/storage.md @@ -0,0 +1,17 @@ +# Storage Node + +At the job group level, the Storage node identifies the Storage Profile assigned for the job group. +All Storage Profiles are created at the global level (**Settings** > **Storage**). See the +[Storage](/docs/accessanalyzer/11.6/admin/settings/storage/overview.md) +topic for additional information. + +![Job Group Storage Settings](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/storage.webp) + +By default, all job groups are set to inherit the **Use Default Profile** option from the global +level or a parent job group. If it is necessary for a job group to send data to a different +database, the Storage Profile must already exist at the global level. Select the **Use This +Profile** radio button and choose the non-default Storage Profile from the drop-down menu. + +Selecting the **Set all the child objects to inherit these settings** option forces inheritance of +this setting to all sub-groups and jobs within the job group. When enabled, this option overrides +any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/11.6/admin/jobs/instantiate.md b/docs/accessanalyzer/11.6/admin/jobs/instantiate.md new file mode 100644 index 0000000000..f4f4da17f0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/instantiate.md @@ -0,0 +1,63 @@ +# Instantiating Jobs into the Jobs Tree + +Enterprise Auditor jobs and solutions are comprised of files contained within the file system of the +installation directory. All jobs and job groups contained within the Jobs tree are housed in the +Jobs directory. The default location is: + +…\STEALTHbits\StealthAUDIT\Jobs + +![Explore Folder option from Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/jobs/explorefolder.webp) + +The folder is opened from within the Enterprise Auditor Console by right-clicking on the desired +**Jobs** node and selecting **Explore Folder**. + +![Jobs folder in File Explorer](/img/product_docs/accessanalyzer/11.6/admin/jobs/explorefolderfileexplorer.webp) + +The naming convention of the folders controls what is visible in the Jobs tree. `GROUP_` is the +prefix for all job groups. `JOB_` is the prefix for all jobs. Changing the prefix removes the object +from the Jobs tree without deleting it. + +Instantiating new, external jobs is as easy as copying and pasting the job or job group into this +location. However, copying an existing job within the Jobs directory is not supported. If the job +already exists within the Enterprise Auditor Console server, copying outside of the console may +result in reporting issues. + +**CAUTION:** Do not use these steps to copy an existing job. + +There is no need to close the Enterprise Auditor application to instantiate a new job. Follow the +steps to instantiate a new job into the Enterprise Auditor Jobs tree: + +**Step 1 –** Obtain the job or job group to be instantiated. If it has been sent by Netwrix, a +colleague, or other entity, it is most likely in one of two formats: + +- Archive (.zip, .rar, and so on) +- Folder containing the job content (JOB*[name of job] or GROUP*[name of job group]) + +**Step 2 –** Open the Jobs directory. The default location is: + +…\STEALTHbits\StealthAUDIT\Jobs + +**Step 3 –** Place the job or job group into the Jobs directory. + +![Extract zip file contents to the Jobs folder](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantiateextract.webp) + +- If in archive format, extract the desired content to the Jobs directory + + - Use the default path or specify a specific path using the browse button (…) + - Select whether to **Show extracted files when complete**. This option is selected by default. + +- If in a folder format, copy and paste the job or job group folder into the Jobs directory + +![New job added in the Jobs folder ](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantiatefileexplorer.webp) + +The new job or job group should be visible in the Jobs directory, and the naming convention should +match that of the jobs or job groups that are already there. + +![Refresh Tree](/img/product_docs/accessanalyzer/11.6/admin/jobs/refreshtree.webp) + +**Step 4 –** In the Enterprise Auditor Console, right-click on the **Jobs** node and select +**Refresh Tree**. + +![Job displayed in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantiatejobstree.webp) + +The new job or job group now displays in the **Jobs** tree in alphanumeric order. diff --git a/docs/accessanalyzer/11.6/admin/jobs/instantjobs/ad_passwordexpirationnotification.md b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/ad_passwordexpirationnotification.md new file mode 100644 index 0000000000..3ebbbbd0a2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/ad_passwordexpirationnotification.md @@ -0,0 +1,240 @@ +# AD_PasswordExpirationNotification Job + +The AD_PasswordExpirationNotification Job determines when Active Directory user passwords are about +to expire and can be configured to send notifications to users prior to password expiration. It is +available through the Instant Job Library under the Active Directory library. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +section for instructions to add this instant job into the Jobs tree. Since this job does not require +a host to target, select Local host on the Hosts page of the Instant Job Wizard. + +![AD_PasswordExpirationNotification job in the Jobs tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +Runtime Details: + +- Dependencies – The .Active Directory Inventory Job Group must be successfully run before running + this job +- Target Hosts – None +- Scheduling – This job should be scheduled to run as desired +- History Retention – Not supported and should be turned off +- Multi-console Support – Not supported + +The AD_PasswordExpirationNotification Job runs analysis tasks that generate tables and configure +password expiration notifications. It also generates a report on passwords expiring within a +specified parameter, by default within 15 days. If desired, notifications of password expiration can +be configured to send to a help desk email (through an analysis task) and to the user (through an +action task). + +## Analysis Tasks for the AD_PasswordExpirationNotification Job + +Navigate to the **Jobs** > **AD_PasswordExpirationNotification** > **Configure** node and select +**Analysis** to view the analysis tasks. + +![Default Analysis Tasks for the Job](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- 1. User Password Information – Creates the PasswordExpirationNotification_Details table + accessible under the job’s Results node + - Contains a configurable parameter for the number of days until a password expires to be + identified + - See the + [Customizable Analysis Tasks for the AD_PasswordExpirationNotification Job](#customizable-analysis-tasks-for-the-ad_passwordexpirationnotification-job) + topic for additional information. +- 2. Domain Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation +- 3. Passwords Set to Expire Within 15 Days – Creates the + PasswordExpirationNotification_ExpiresWithin15Days table accessible under the job’s Results + node +- 4. Notification Data Table – Creates the + PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table accessible under + the job’s Results node +- 5. Help Desk Notification – Sends notification of users with passwords set to expire in X days + - See the + [Notification Analysis Task in the AD_PasswordExpirationNotification Job](#notification-analysis-task-in-the-ad_passwordexpirationnotification-job) + topic for additional information. + +## Action for the AD_PasswordExpirationNotification Job + +Navigate to the **Jobs** > **AD_PasswordExpirationNotification** > **Configure** node and select +**Actions** to view the action modules. + +**CAUTION:** This action is enabled by default. + +![Default Action Tasks for the Job](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/actiontasks.webp) + +The default actions are: + +- 1. User Notification – Uses the SendMail Action Module to send notifications to users on + password expiration + - Requires the Notification Actions license feature + - See the + [Action Task in the AD_PasswordExpirationNotification Job](#action-task-in-the-ad_passwordexpirationnotification-job) + topic for additional information. + +In addition to the tables created by the analysis and action tasks, the +AD_PasswordExpirationNotification Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------------------- | -------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------- | +| Passwords Expiring Within 15 Days | This report displays users accounts with passwords set to expire within 15 days. | None | This report is comprised of one element: - Table – Displays details on passwords expiring within 15 days | + +## Customizable Analysis Tasks for the AD_PasswordExpirationNotification Job + +Customizable parameters enable Enterprise Auditor users to set the values used to classify user and +group objects during this job’s analysis. The parameters can be customized and are listed in a +section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s +parameters. + +**CAUTION:** Do not change the table names or report name to align with a different value supplied +for this parameter. Modifying the table names will result in analysis and report errors downstream. +Only the report title and descriptions can be modified within the report configuration. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ---------------------------- | --------------------------- | ------------- | ------------------------------------------------------------------------------------------------- | +| 1. User Password Information | @pswLen | 15 | Number of days left until a password expires, should be set according to an organizations policy. | + +The parameters that can be customized are listed in a section at the bottom of the SQL Script +Editor. Follow the steps to customize an analysis task’s parameters. + +**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**Step 2 –** In the Analysis Selection view, select the **1. User Password Information** Analysis +Task and click on **Analysis Configuration**. The SQL Script Editor opens. + +![1. User Password Information Analysis Task in SQL Script Editor](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/customizeanalysistask.webp) + +**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. +Double-click on the current value and change as desired. + +**CAUTION:** Do not change any parameters where the Value states **Created during execution**. + +**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. + +The new value will be applied to the next job execution. + +## Notification Analysis Task in the AD_PasswordExpirationNotification Job + +The Notification Analysis Task can be used to send a single email to specified recipients containing +a list of all users whose passwords will expire in the specified number of days, that is the users +listed in the PasswordExpirationNotification_ExpiresWithin15Days table. The analysis is enabled by +default. Therefore, when the job is executed the following message is sent to the specified +recipient, such as the organization’s help desk, with information from the associated table: + +_Subject:_ Users with Passwords About To Expire + +Support Team, + +Heads-up.  The following users are facing password expiration in seven days or less: + +**[[ -- Password for [User] ([NTAccount]) expires in [DaysUntilExpiration] days** + +**]** + +Thank you, + +Netwrix + +**CAUTION:** Do not modify the tags, highlighted in bold text above. + +The Subject or message body can be modified, for example to replace `Netwrix` with the +organization’s name. Follow the steps to configure the 5. Help Desk Notification Analysis Task. + +**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select +**Analysis** to view the Analysis tasks. + +**Step 2 –** In the Analysis Selection view, select the **5. Help Desk Notification Analysis Task** +and click on **Analysis Configuration**. The Notification Data Analysis Module opens. + +![SMTP properties page](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/smtpproperties.webp) + +**Step 3 –** Use the **Next** button to navigate to the SMTP properties page. Do not make changes to +the preceding pages. The email configuration takes place on the SMTP page. Provide the recipients’ +email addresses, Message Subject, and add the notification email content. + +![SMTP properties add email recipients](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/smtppropertiesrecipients.webp) + +In the Recipients section, provide the email addresses in the text box or distribution lists in the +E-mail field (fully qualified address) for those who are to receive this notification, for example +the organization’s Help Desk. Multiple addresses can be input by adding a semicolon (;) and space +between entries. + +Use the **Add** and **Remove** buttons to add or remove the address in the E-mail field from the +Recipients list. There is an option to **Combine multiple messages into single message**, which is +checked by default so that it sends one email for all users in the record set instead of one email +per user. + +![Message section of SMTP properties page](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/smtppropertiesmessage.webp) + +In the Message section, the **Subject** should be configured. Then set the email content in the text +box as desired. + +**Step 4 –** To save these configuration changes, use the **Next** button to navigate to the Summary +page. Do not make changes to any other pages. Click **Finish**. The Notification Data Analysis +Module window closes. + +![Analyis Tasks view](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp) + +**Step 5 –** This notification analysis task is now configured to send emails. In the Analysis +Selection view, ensure the 5. Help Desk Notification Analysis Task is checked so that notifications +can be sent automatically during the execution of the AD_PasswordExpirationNotification Job. + +The recipients added in Step 3 receive a notification when the AD_PasswordExpirationNotification Job +is executed. + +## Action Task in the AD_PasswordExpirationNotification Job + +The 1. User Notification Action Task uses the SendMail Action Module to send users notification of +password expiration. It targets the SMTP Address Column of the users whose passwords are going to +expire within the desired number of days, that is the users listed in the +PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table. The action is enabled by +default. Therefore, when the job is executed the following message is sent to all users in the +associated table: + +_Subject:_ Attention **[User]** - Your Password Expires in **[DaysUntilExpiration]** Days + +Hello **[User]**, + +The password for the account **[NTAccount]** expires on **[ExpirationDate]**. Please change the +password prior to the expiration date.  If account profiles are used on mobile devices, please +remember to update the password on each device used. + +Thank you, + +Netwrix + +**CAUTION:** Do not change the recipient for the action task. While the tags can be moved, do not +remove or modify the tags, which are highlighted in bold text above. + +The subject or message body can be modified, for example to replace `Netwrix` with the +organization’s name. Follow the steps to modify the Subject or message body within the 1. User +Notification Action Task. + +**NOTE:** It is necessary for the +PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table to exist in the database +before this action task can be modified. + +**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select +**Actions**. + +**Step 2 –** In the Action Selection view, select the **1. User Notification** Action Task and click +on **Action Properties** to view the actions. + +**CAUTION:** Do not modify the action task properties. + +**Step 3 –** In the Action Properties view, the action properties and a preview of the users from +the associated table are displayed. Click **Configure Action**. The Send Mail Action Module Wizard +opens. + +![Send Mail Action Module Wizard Message page](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/actionwizardmessage.webp) + +**Step 4 –** Click **Next** to navigate to the Message page. Modify the message **Subject** and +email content as desired. + +**Step 5 –** Click **Next** and then **Finish** to save the changes. The Send Mail Action Module +Wizard closes. + +**Step 6 –** Click **Save** on the Action Properties view. + +When the action task is enabled, it executes as part of the job. Optionally, the action task can be +manually executed. diff --git a/docs/accessanalyzer/11.6/admin/jobs/instantjobs/ex_registerazureappauth.md b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/ex_registerazureappauth.md new file mode 100644 index 0000000000..a79ac81ce1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/ex_registerazureappauth.md @@ -0,0 +1,91 @@ +# EX_RegisterAzureAppAuth Job + +EX_RegisterAzureAppAuth will register an Microsoft Entra ID (formerly Azure AD) application for +authentication and provision appropriate permissions for Exchange Online scans. It requires: + +- A Connection Profile containing a Microsoft Entra ID Global Admin credential with an Account Type + of **Task (Local)** +- Exchange Online Management v3.4.0 + + - You can install this module with the following command: + + ``` + Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 + ``` + +- Azure AD PowerShell module installed on targeted hosts + + **NOTE:** If the module is not already installed, the job will attempt to install it. + + - You can install the module with the following command: + + ``` + Install-Module AzureAD + ``` + + - TLS 1.2 is required for the Azure AD PowerShell module. Run the following command to configure + it: + + ``` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + ``` + +- Microsoft Graph PowerShell module installed on targeted hosts + + - You can install the module with the following command: + + ``` + Install-Module Microsoft.Graph + ``` + +## Using the EX_RegisterAzureAppAuth Job + +Follow the steps to configure and run the EX_RegisterAzureAppAuth Job. + +**Step 1 –** In Enterprise Auditor navigate to the Exchange Job Group (or any other Job Group you +wish to place the EX_RegistureAzureApp job into). + +**Step 2 –** Click **Add Instant Job** to open the Instant Job Wizard. + +**Step 3 –** Install the EX_RegisterAzureAppAuth Job from the Instant Job Library under the Exchange +General library. After installation, the job tree automatically refreshes with the new job available +within the selected Job Group. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. + +**Step 4 –** On the job description page, in the Configuration section, select the edit button for +**Name of the app as it will appear in the Azure applications list** and enter the name you want to +apply to the registered Microsoft Entra ID application. Click **Save**. + +**Step 5 –** In the same section, select the edit button for **Password used for the Azure +application and to encrypt the certificate file in the local file system** and enter the password to +use for the Microsoft Entra ID application. Click **Save**. + +**Step 6 –** (Optional) For non-standard tenant types, edit the **Azure Environment Name...** option +to provide the full environment name. For a standard tenant, leave this option blank. + +- For example, if leveraging a government (or GCC) tenant, enter **AzureGovernment** +- Additional options include: AzureChinaCloud, AzureCloud, AzureGermanyCloud, AzurePPE, + AzureGovernment2, and AzureGovernment3 + +**Step 7 –** On the **Configure** > **Hosts** node, select the target hosts. The targeted hosts +should be the Microsoft Entra tenant name (for example, `myorg.onmicrosoft.com`). Click **Save**. +The job is now ready to be run. + +**Step 8 –** Run the EX_RegisterAzureAppAuth Job. + +**Step 9 –** After the job successfully runs, it opens a browser window to Microsoft Entra ID. +Log-in as a Global Administrator, and grant administrator consent to the Application's configured +API Permissions. + +- If this login attempt fails or you close the browser, you will need to login to Microsoft Entra ID + as a Global Administrator and navigate to the Application's API Permissions to grant Admin Consent + before the Application can be used for Exchange scans in Enterprise Auditor. + +The Microsoft Entra ID application is now provisioned with the necessary permissions for Exchange +Online scans. There will be a new Connection Profile for this Application. Restart the Enterprise +Auditor Console and enter a password to use this Connection Profile. + +_Remember,_ the required rights and roles for Exchange Online still need to be configured. See the +[Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/exchangeonline.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/jobs/instantjobs/fs_defend_sdd.md b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/fs_defend_sdd.md new file mode 100644 index 0000000000..8075c82d92 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/fs_defend_sdd.md @@ -0,0 +1,90 @@ +# FS_DEFEND_SDD Job + +The FS_DEFEND_SDD Job exports sensitive data matches collected by the File System Solution Sensitive +Data Discovery Auditing jobs to Threat Manager. It is available through the Instant Job Library +under the File System library. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for instructions to add this instant job into the Jobs tree. + +For installing the job, select **Local host** on the Hosts page of the Instant Job Wizard. Then set +the host list according to the following information. + +![FS_DEFEND_SDD job in the Jobs tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +Runtime Details: + +- Dependencies – The following job groups must be successfully run before running this job + - **FileSystem** > **0.Collection** Job Group + - **FileSystem** > **7.Sensitive Data** Job Group +- Special Instructions + - A Connection Profile must be created using the Web Services (JWT) credential account type with + the specified Threat Manager App Token and assigned to this job + - See the + [Custom Connection Profile for FS_DEFEND_SDD Job](#custom-connection-profile-for-fs_defend_sdd-job) + topic for additional information + - Assign the Connection Profile on the Connection tab of the job’s Properties + - The Threat Manager host name with port, [HOST]:8080, and App Token are generated within Threat + Manager: + - Navigate to the **Configuration** > **App Tokens** page + - Create a new app token + - Copy the Host Name and Token + - See the Enterprise Auditor Integration topic of the + [Netwrix Threat Manager Documentation](https://helpcenter.netwrix.com/category/stealthdefend) + for additional information. +- Target Hosts – Custom Host List + - Threat Manager target host is the Threat Manager host name with port, [HOST]:8080 + - Format – [HOST]:8080 + - Assign host list at the **FS_DEFEND_SDD** > **Configure** > **Hosts** (see the + [Hosts Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/hosts.md) + topic for additional information) +- Scheduling – This job should be scheduled to run as desired +- History Retention – Not supported and should be turned off +- Multi-console Support – Not supported + +The FS_DEFEND_SDD Job runs an analysis task that generates the SA_FSAA_SDD_RESULTS table, which +places the data in a compatible format for Threat Manager. It then runs an action task using the Web +Request Action Module to send the data to Threat Manager. + +## Analysis Tasks for the FS_DEFEND_SDD Job + +Navigate to the **Jobs** > **FS_DEFEND_SDD** > **Configure** node and select **Analysis** to view +the analysis tasks. + +![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- Create FSAA DEFEND table – Creates the FSAA_SDD_RESULTS table accessible under the job’s Results + node + +## Actions for the FS_DEFEND_SDD Job + +Navigate to the **Jobs** > **FS_DEFEND_SDD** > **Configure** node and select **Actions** to view the +actions. + +**CAUTION:** This action is enabled by default. + +![Default Action Tasks for the Job](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/actiontasks.webp) + +The default action is: + +- Integrate – Uses the Web Request Action Module to send data to Threat Manager + +## Custom Connection Profile for FS_DEFEND_SDD Job + +The FS_DEFEND_SDD Job requires a custom Connection Profile to authenticate to Threat Manager. The +credential for the Connection Profile must be created with the Web Services (JWT) account type. +Remember, the Threat Manager App Token is generated within Threat Manager. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Web Services (JWT) +- Domain – Not a field for this type of credential, defaults to `` +- User name – Not a field for this type of credential +- Password Storage: Application – Uses Enterprise Auditor’s configured Profile Security setting as + selected at the **Settings** > **Application** node +- Access Token – Copy and paste the Threat Manager App Token + +See the +[Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/jobs/instantjobs/fs_migrateschema.md b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/fs_migrateschema.md new file mode 100644 index 0000000000..450923ab2b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/fs_migrateschema.md @@ -0,0 +1,56 @@ +# FS_MigrateSchema Job + +The FS_Migrate_Schema Job migrates the schema in order to support the use of 64-bit ResourceID's +without affecting data. It is available through the Instant Job Library under the File System +library. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for instructions to add this instant job into the Jobs tree. + +For installing the job, select **Local host** on the Hosts page of the Instant Job Wizard. + +![FS_MigrateSchema job in the Jobs tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +Runtime Details: + +- Dependencies – None +- Target Hosts – None +- Scheduling – This job should be scheduled to run as desired +- History Retention – Not supported and should be turned off +- Multi-console Support – Not supported +- Additional Notes – None + +The FS_Migrate Schema Job migrates the schema in order to support the use of 64-bit ResourceID's +without affecting data. + +## Analysis Tasks for the FS_MigrateSchema Job + +Navigate to the **Jobs** > **FS_MigrateSchema** > **Configure** node and select **Analysis** to view +the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- 1.Migrate Resources – Migrates the SA_FSAA_Resources table to leverage 64-bit IDs +- 2.Migrate UnixRights – Migrates the SA_FSAA_UnixRights table to leverage 64-bit IDs +- 3.Migrate Gates – Migrates the SA_Gates table to leverage 64-bit IDs +- 4.Migrate GatesProxy – Migrates the SA_FSAA_GatesProxy table to leverage 64-bit IDs +- 5.Migrate Exceptions – Migrates the SA_FSAA_Exceptions table to leverage 64-bit IDs +- 6.Migrate ProbableOwners – Migrates the SA_FSAA_ProbableOwners table to leverage 64-bit IDs +- 7.Migrate FileSizes – Migrates the SA_FSAA_FileSizes table to leverage 64-bit IDs +- 8.Migrate FileTypes – Migrates the SA_FSAA_FileTypes table to leverage 64-bit IDs +- 9.Migrate FileAges – Migrates the SA_FSAA_FileAges table to leverage 64-bit IDs +- 10.Migrate FileTags – Migrates the SA_FSAA_FileTags table to leverage 64-bit IDs +- 11.Migrate DFS Links – Migrates the SA_FSDFS_Links table to leverage 64-bit IDs +- 12.Migrate DLP Matches – Migrates the SA_FSDLP_Matches table to leverage 64-bit IDs +- 13.Migrate DLP MatchHits – Migrates the SA_FSDLP_MatchHits table to leverage 64-bit IDs +- 14.Migrate DLP MatchHits Subject Profile – Migrates the SA_FSDLP_MatchHits_SubjectProfile table to + leverage 64-bit IDs +- 15.Migrate FSAC ActivityEvents – Migrates the SA_FSAC_ActivityEvents table to leverage 64-bit IDs +- 16.Migrate DailyActivity – Migrates the SA_FSAC_DailyActivity table to leverage 64-bit IDs +- 17.Migrate FSAC RenameTargets – Migrates the SA_FSAC_RenameTargets table to leverage 64-bit IDs +- 18.Migrate FSAC Exceptions – Migrates the SA_FSAC_Exceptions table to leverage 64-bit IDs +- 19.Refresh Views – Updates viewable metadata diff --git a/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md new file mode 100644 index 0000000000..b5da983fdb --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md @@ -0,0 +1,58 @@ +# Instant Job Wizard + +The Enterprise Auditor Instant Job Wizard provides access to a library of instant solutions and +instant jobs, which are pre-configured for Enterprise Auditor. Instant solutions contain groups of +jobs to help solve a wide range of problems within each category. Instant jobs help solve specific +problems. The instant solutions available align to an organization’s license key. See +the[Solutions](/docs/accessanalyzer/11.6/solutions/overview.md) topic +for additional information. + +Follow the steps to install an instant solution or an instant job with the Instant Job Wizard. + +![Add Instant Job from context menu](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/addinstantjob.webp) + +**Step 1 –** Select the Jobs tree (for an instant solution) or the desired job group (for an instant +job), right-click on the node, and select **Add Instant Job**. + +![Instant Job Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +**Step 2 –** On the Welcome page, click **Next**. + +![Instant Job page](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/instantjob.webp) + +**Step 3 –** On the Instant Job page, use the filter menu to only view instant jobs in a particular +category, or click the plus icon (+) to expand a category group. + +![Selected Instant Job](/img/product_docs/accessanalyzer/11.6/admin/navigate/selectinstantjob.webp) + +**Step 4 –** Select the desired instant solution or job. To select multiple instant solutions or +jobs, press the Windows **Ctrl** key and select the items to install. Click **Next**. + +![Host Assignment page](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/hostassignment.webp) + +**Step 5 –** Some of the Library selections add a Host Assignment page. If this page does not +appear, skip to Step 7. If the page does appear, select either the **Use default settings (Inherit +from the parent group, if any)** or **Specify individual hosts or hosts lists** option. If the first +option is selected, skip to Step 7. If the second option is selected, click **Next** to go to the +Host Lists and Individual Hosts wizard pages. + +| ![Host Lists page](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/hostlists.webp) | | ![Individual Hosts page](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/individualhosts.webp) | +| --------------------------------------------------------------------------------------------------------------------- | --- | --------------------------------------------------------------------------------------------------------------------------------- | +| Host Lists page | | Individual Hosts page | + +**Step 6 –** Some of the Library selections add a Host Lists, and Individual Hosts page. If these +pages do not appear with the selection, skip to Step 7. If the pages do appear, check the host list +to be assigned to the job group or job. Alternatively enter hosts manually. Then click **Next**. + +![Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) + +**Step 7 –** On the Summary page, click **Save & Exit**. + +![Instant Solutions installation dialog](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/installationcomplete.webp) + +**Step 8 –** For Instant Solutions, when the installation is complete, click **Finish**. + +The Instant Job Wizard closes, and the Jobs tree refreshes automatically. See the individual +sections in the +[Solutions](/docs/accessanalyzer/11.6/solutions/overview.md) topic +for additional information. diff --git a/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sas_executionstatistics.md b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sas_executionstatistics.md new file mode 100644 index 0000000000..0f7b8bc8ce --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sas_executionstatistics.md @@ -0,0 +1,57 @@ +# SAS_ExecutionStatistics Job + +The SAS_ExecutionStatistics Job tracks historical performance of Enterprise Auditor job and analysis +functions and highlights when a particular task takes an abnormal length of time to execute. It is +available through the Instant Job Library under the Enterprise Auditor Utilities library. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +section for instructions to add this instant job into the Jobs tree. Since this job does not require +a host to target, select Local host on the Hosts page of the Instant Job Wizard. + +The job is dependent upon the Job Statistics Retention configuration in the **Settings** > +**Application** node. See the +[Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) +topic for additional information. + +![SAS_ExecutionStatistics job in the Jobs tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +Runtime Details: + +- Dependencies – None +- Target Hosts – None +- Scheduling – This job should be scheduled to run as desired +- History Retention – Not supported and should be turned off +- Multi-console Support – Not supported +- Additional Notes – The jobs uses custom SQL scripts to render views on collected data. SQL views + are used to populate report element tables and graphs. Changing or modifying the Group, Job, or + Table names will result in no data displayed within the reports. + +The SAS_ExecutionStatistics Job runs analysis tasks and generates reports on the latest job +executions, analysis history, host query details, and analysis details. + +## Analysis Tasks for the SAS_ExecutionStatistics Job + +Navigate to the **Jobs** > **SAS_ExecutionStatistics** > **Configure** node and select **Analysis** +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- Analyze Jobs – Collects and analyzes all job-level execution statistics from the database based on + the statistics retention settings set in the Application node +- Analyze All Statistics – Collects and analyzes all task-level execution statistics from the + database based on the statistics retention settings set in the Application node +- Query Execution Details – Organizes query-related statistics +- Analysis Details – Organizes analysis-related statistics + +In addition to the tables created by the analysis tasks, the SAS_ExecutionStatistics Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ----------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------ | +| Analysis Execution | This report identifies abnormally long analysis times. | None | This report is comprised of two elements: - Bar graph – Displays Abnormally Long Analysis Times - Table – Displays details on analysis times | +| Collection Statistics | This report identifies abnormally long collection times. | None | This report is comprised of two elements: - Bar graph – Displays Abnormally Long Collection Times - Table – Displays details on collection times | +| Job Execution Statistics | This report identifies jobs which have abnormally long run times. | None | This report is comprised of two elements: - Pie chart – Displays Job Status - Table – Displays details on job status | diff --git a/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_registerazureappauth.md b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_registerazureappauth.md new file mode 100644 index 0000000000..8a15d9dde9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_registerazureappauth.md @@ -0,0 +1,56 @@ +# SP_RegisterAzureAppAuth Job + +SP_RegisterAzureAppAuth will register an Microsoft Entra ID (formerly Azure AD) application for +authentication and provision appropriate permissions for SharePoint Online scans. It requires: + +- A Connection Profile containing the following two user credentials, both with an Account Type of + **Task (Local)**: + + - Microsoft Entra ID Global Admin credential + - A credential with the username `newapp` that contains the password for the new application + +- Microsoft Graph API PowerShell module to be installed on targeted hosts + +## Instantiate the SP_RegisterAzureAppAuth Job. + +Follow the steps to instantiate the SP_RegisterAzureAppAuth Job. + +**Step 1 –** In Enterprise Auditor navigate to the SharePoint Job Group (or any other Job Group you +wish to place the SP_RegistureAzureApp job into). + +**Step 2 –** Click **Add Instant Job** to open the Instant Job Wizard. + +**Step 3 –** Install the SP_RegisterAzureAppAuth Job from the Instant Job Library under the +SharePoint library. After installation, the job tree automatically refreshes with the new job +available within the selected Job Group. + +**Step 4 –** On the job description page, in the Configuration section, select the edit button for +**The new application’s display name** and enter the name you want to apply to the registered +Microsoft Entra ID application. Click **Save**. + +**Step 5 –** On the **Configure** > **Hosts** node, select the targeted host. The targeted host +should be the Microsoft Entra ID tenant on which you want to install the Microsoft Entra ID +application (for example, `myorg.onmicrosoft.com`). Click **Save**. The job is now ready to be run. + +After the job successfully runs it will open a browser window to Microsoft Entra ID that, when +logged-in as a Global Administrator, allows the user to grant administrator consent to the +Application's configured API Permissions. If the login attempt fails, or the user closes the +browser, they will need to login to Microsoft Entra ID as a Global Administrator and navigate to the +Application's API Permissions to grant Admin Consent before the Application can be used for +SharePoint scans in Enterprise Auditor. + +Additional Considerations + +- After the job successfully runs, there will be a new Connection Profile for this Application. + Restart the Enterprise Auditor Console and enter a password to use this Connection Profile. +- The password is the location of the PFX file generated by the script (in the \PrivateAssemblies + directory), the Microsoft Entra ID application's password, and a numeric designator for the + Microsoft 365 environment (0 is the default for production environments; the other supported + options are 1 for pre-production environments, 2 for China, 3 for Germany, 4 for US Government, 5 + for US Government-High, and 6 for US Government-DoD). To allow for multiple unique certificates + for different Microsoft Entra ID tenants to be stored on the same Enterprise Auditor server, the + script appends the targeted host name (without the domain) to the filename of the PFX file + generated by the script. For example, if the targeted host is `myorg.onmicrosoft.com`, then the + password for the connection profile would be: + + ...\STEALTHbits\StealthAUDIT\PrivateAssemblies\spaa_cert_myorg.pfx,YourPasswordHere,0 diff --git a/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_removehost.md b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_removehost.md new file mode 100644 index 0000000000..4f52d1bb98 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_removehost.md @@ -0,0 +1,34 @@ +# SP_RemoveHost Job + +The SP_RemoveHost Job removes desired SharePoint hosts from the Enterprise Auditor database. It is +available through the Instant Job Library under the SharePoint library. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for instructions to add this instant job into the Jobs tree. + +![SP_RemoveHost job in the Jobs tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +Runtime Details: + +- Dependencies – None +- Target Hosts – SharePoint host to be deleted +- Scheduling – This job should be scheduled to run as desired +- History Retention – Not supported and should be turned off +- Multi-console Support – Not supported +- Additional Notes – None + +The SP_RemoveHosts Job removes desired SharePoint hosts from the Enterprise Auditor database, target +the hosts on the job and run it to delete the respective hosts SharePoint data. + +## Analysis Tasks for the SP_RemoveHost Job + +Navigate to the **Jobs** > **SP_RemoveHost** > **Configure** node and select **Analysis** to view +the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- Remove Host(s) — Remove Scanned Hosts from Tier 1 diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/configure/actions.md b/docs/accessanalyzer/11.6/admin/jobs/job/configure/actions.md new file mode 100644 index 0000000000..1420fceff1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/configure/actions.md @@ -0,0 +1,71 @@ +# Actions Node + +The Actions node uses Enterprise Auditor action modules to take action on collected and analyzed +data. Action can be taken on objects leveraging collected data or analyzed data, for example from a +listing of locked-out accounts, an action can be executed to unlock those accounts. + +**NOTE:** Action modules are available with a special Enterprise Auditor license. + +![Action Selection page](/img/product_docs/accessanalyzer/11.6/admin/action/actionselection.webp) + +The Action Selection view lists all action tasks for the selected job. The listed information +includes: + +- Name – Name of the action task (as provided by the creator of the task) +- Description – Description of the action task (as provided by the creator of the task) +- Module – Name of the Enterprise Auditor action module +- Table – Name of the source table for the action + +![Options at the top of the Action Selection page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionselectionoptions.webp) + +The Actions section at the top has five options: + +- Add from Library – Opens the Libraries window for adding and configuring pre-made action tasks +- Create Action – Opens the Action Properties window for creating and configuring action tasks +- Delete Action – Deletes the selected action task from the list + + - This action does require confirmation + +- Action Properties – Opens the Action Properties window for the selected action task + + - See the + [Action Properties Page](/docs/accessanalyzer/11.6/admin/action/overview.md#action-properties-page) + topic for additional information + - See the + [Action Modules](/docs/accessanalyzer/11.6/admin/action/overview.md) + topic for additional information + + **NOTE:** The AutoAction task appears in the Analysis Selection view, not in the Action + Selection view. + +- Execute Action – Opens the Action Execution window and starts executing the selected action + + - Does not require an action task to be checked, only selected + +![Buttons at the bottom of Action Selection page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionselectiontablebuttons.webp) + +At the bottom of the Action Selection view, there are action buttons that apply to the table: + +- Move Up – Moves the selected action task up the list, which is important since action tasks are + executed in the order listed in the table +- Move Down – Moves the selected action task down the list, which is important since action tasks + are executed in the order listed in the table +- Select All – Selects all action tasks in the table for execution + +The Action Selection view also has its own right-click menu for taking action on the action task or +the job. + +![Actions Right-Click Menu](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionsrightclickmenu.webp) + +The options for the Actions node right-click menu are: + +- Create Action – Opens the Action Properties window +- Copy Action – Copies the selected action to the clipboard +- Paste Action – Opens the Action Properties window for modifying copied action tasks +- Delete Action – Deletes selected action task +- Properties – Opens the Action Properties window +- Execute Action – Opens the Action execution window and runs an action +- Run Job – Starts job execution for the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Create Job (Ctrl + Alt + A) – Creates a new job at the same location as the selected job diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysis.md b/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysis.md new file mode 100644 index 0000000000..9d5d748dd3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysis.md @@ -0,0 +1,74 @@ +# Analysis Node + +The Analysis node uses Enterprise Auditor analysis modules to run analysis tasks on collected data. +There are two basic types of analysis modules. Most analysis modules correlate, format, and +transform collected data into powerful data views for end-stage reports and graphs. + +The Notification analysis module allows for the ability to send an email notice when a trigger is +met, for example an email can be sent to an administrator to notify that disk space has reached a +particular point (the trigger) and needs to be addressed before space runs out. + +![Analysis Selection page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisselection.webp) + +The Analysis Selection view lists all analysis tasks for the selected job. The listed information +includes: + +- Name – Name of the analysis task (as provided by the creator of the task) +- Description – Description of the analysis task (as provided by the creator of the task) +- Module – Name of the Enterprise Auditor analysis module +- HostLists – Indicates the analysis task is applicable to hosts found in the referenced host lists, + applies to analysis modules that use host list filters, for example **Business Rules** analysis + module + +![Option at the top of the Analysis Section](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisbuttonstop.webp) + +The Analysis section at the top has four options: + +- Create Analysis – Opens the Analysis Properties window for creating and configuring analysis tasks +- Delete Analysis – Deletes the selected analysis task from the list + - This action does require confirmation +- Analysis Properties – Opens the Analysis Properties window for the selected analysis task + - See the + [Analysis Properties Page](/docs/accessanalyzer/11.6/admin/analysis/overview.md#analysis-properties-page) + topic for additional information. + - See the individual analysis module sections in the + [Analysis Modules](/docs/accessanalyzer/11.6/admin/analysis/overview.md) + topic for additional information. +- Analysis Configuration – Opens the selected analysis task’s configuration window + +![Buttons at the bottom of the Analysis Selection page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisbuttonsbottom.webp) + +At the bottom of the Analysis Selection view, there are action buttons that apply to the table: + +- Move Up – Moves the selected analysis task up the list, which is important since analysis tasks + are executed in the order listed in the table +- Move Down – Moves the selected analysis task down the list, which is important since analysis + tasks are executed in the order listed in the table +- Select All – Selects all analysis tasks in the table for execution +- Validate – Validates all analysis tasks where the **Business Rules** analysis module was used +- Validate selected – Validates selected analysis tasks where the **Business Rules** analysis module + was used +- Edit Rules – Edits the rule for selected analysis task where the **Business Rules** analysis + module was used + +The Analysis Selection view also has its own right-click menu for taking action on the analysis task +or the job. + +![Analysis Selection page right-click menu](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisrightclickmenu.webp) + +The options for the Analysis node right-click menu are: + +- Create Analysis – Opens the Analysis Properties window +- Cut Analysis – Cuts selected analysis task +- Copy Analysis – Copies selected analysis task +- Paste Analysis – Pastes a copied/cut analysis task to the selected location +- Delete Analysis – Deletes selected analysis task +- Properties – Opens the Analysis Properties window +- Configuration – Opens the selected analysis task’s configuration window +- Test Scorecard SQL – Validates all analysis tasks where the Business Rules analysis module was + used +- Execute Analyses – Executes or runs the checked (enabled) analysis tasks +- Run Job – Starts job execution for the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Create Job (Ctrl + Alt + A) – Creates a new job at the same location as the selected job diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md b/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md new file mode 100644 index 0000000000..f5fa2c903e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md @@ -0,0 +1,30 @@ +# Configure the Customizable Parameters in an Analysis Task + +The parameters that can be customized and are listed in a section at the bottom of the SQL Script +Editor. Follow the steps to customize an analysis task’s parameters. + +**Step 1 –** Navigate to the Job’s **Configure** node and select **Analysis**. + +**Step 2 –** In the Analysis Selection view, select the desired analysis task and click **Analysis +Configuration**. The SQL Script Editor opens. + +**Step 3 –** At the top of the SQL Script Editor, select **Parameters**. + +**NOTE:** The image shown is a generic example. Table names and customizable parameters will change +based on the Job. + +![SQL Script Editor](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/customizableparameters.webp) + +**Step 4 –** In the parameters section at the bottom of the editor, find the Value column. + +**CAUTION:** Do not change any parameters where the Value states **Created during execution**. + +- Double-click on the customizable value and change as desired + +**Step 5 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. + +Repeat the steps as needed to customize analysis parameters. + +See the +[SQLscripting Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/sqlscripting.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/configure/hosts.md b/docs/accessanalyzer/11.6/admin/jobs/job/configure/hosts.md new file mode 100644 index 0000000000..3bed1519c3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/configure/hosts.md @@ -0,0 +1,39 @@ +# Hosts Node + +The Hosts node provides the option to assign a preconfigured host list at the job level. It also +provides a way to manually assign hosts to be targeted by the job using Host Selection pane. + +![Host Selection page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/hostselection.webp) + +Use the default settings by selecting the **Use Default Setting** checkbox and inherit the job +group’s assigned host lists. To break inheritance and assign host lists at the job level select from +the available host lists. + +Hosts added manually at the job level are added to the Master Host Table if not already there, and +it triggers a host inventory query according to the global settings. The host will not be added to +any individual host lists. See the [Manually Add Hosts to a Job](#manually-add-hosts-to-a-job) topic +for additional information. + +Click **Save** to apply any changes to the host selection. Changes are not implemented unless they +are saved. + +## Manually Add Hosts to a Job + +Hosts can be added manually at the job level even when inheritance (Use Default Setting) is used for +host list assignment. The job targets the hosts in any assigned host lists as well as any manually +added at the job level. Follow these directions to manually add a host to a job. + +![Job's Configure > Hosts node](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/hostsnode.webp) + +**Step 1 –** Navigate to the job’s **Configure** > **Hosts** node. + +![Individual hosts section of the Host Selection view](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/hostselectionindividualhosts.webp) + +**Step 2 –** In the Individual hosts section of the Host Selection view, enter the Host name in the +textbox and click **Add**. + +**Step 3 –** Repeat the previous step for each host to be added. + +**Step 4 –** Click **Save** and then **OK** to confirm the changes. + +The manually added host is now targeted by the job. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/configure/overview.md b/docs/accessanalyzer/11.6/admin/jobs/job/configure/overview.md new file mode 100644 index 0000000000..ccfd92d3a6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/configure/overview.md @@ -0,0 +1,57 @@ +# Configure Node + +Changes to configurations for the job’s assigned Host Lists, Queries, Analyses, Actions, and Reports +are created through the **[Job]** > **Configure** node or through the Configure shortcut on the +job’s Description page. + +| | | +| -------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ![Configure Node](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/configurenode.webp) | ![Configure link on job description page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/configurelinkjobpage.webp) | +| Configure Node | Configure link on job description page | + +The sub-nodes under the **[Job]** > **Configure** node are: + +- [Hosts Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/hosts.md) + – Assign a host list at the job level or manually add hosts to be targeted by the job +- [Queries Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/queries.md) + – Select and configure a Enterprise Auditor data collector to scan targeted hosts +- [Analysis Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysis.md) + – Create and configure Analysis and Notification tasks for collected data +- [Actions Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/actions.md) + – Create and configure Action tasks for taking action on collected and analyzed data +- [Reports Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/reports.md) + – Create and configure Reports to be generated during job execution + +## Configure Page + +The job's Configure Page provides an overview with shortcuts for options that are configured in the +job's Configure Node. + +![Configure page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/configurepage.webp) + +The options on the Configure Page are: + +- Hosts - Navigates to the job's Hosts node +- Queries - Navigates to the job's Queries node +- Analysis - Navigates to the Analysis node +- Actions - Navigates to the Actions node +- Reports - Navigates to the Reports node +- Run Now - Executes the job +- Open Folder - Opens the job folder location with supporting files in the Windows Explorer +- View Log - Opens the job’s log + +The options in the Configure section are: + +- Tasks - If applicable, displays a list of the job's Queries, Analysis Tasks, and Action Modules + + - Click **Properties** to view the task's properties + - Click **Output Table** to view the Results for the task under the + [Results Node](/docs/accessanalyzer/11.6/admin/jobs/job/results.md) + +- Hosts - Lists the assigned hosts for the job +- Reports - If applicable, displays a list of the job's Reports + + - Click the reports name to access a report under the job's + [Results Node](/docs/accessanalyzer/11.6/admin/jobs/job/results.md) + - Click **Configure** to edit the report parameters in the + [Report Configuration Wizard](/docs/accessanalyzer/11.6/admin/report/wizard/overview.md) diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/configure/queries.md b/docs/accessanalyzer/11.6/admin/jobs/job/configure/queries.md new file mode 100644 index 0000000000..09259595b7 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/configure/queries.md @@ -0,0 +1,115 @@ +# Queries Node + +The Queries node uses a Enterprise Auditor data collector to run scans against the targeted hosts. +Different data collectors are designed for different types of collection. It is necessary for the +Connection Profile associated with the target hosts to have a sufficient level of rights for the +selected data collector. See the +[Permissions by Data Collector (Matrix)](/docs/accessanalyzer/11.6/admin/datacollector/permissionmatrix.md) +topic for a chart with recommended permissions per data collector. + +![Query Selection page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/queryselection.webp) + +The Query Selection view lists all queries for the selected job. Though it is possible to have +multiple queries in a single job, it is not usually recommended. The listed information includes: + +- Name – Name of the query (as provided by the creator of the query) +- Source – Name of the Enterprise Auditor data collector +- Table – Name of the Native Data table +- Enumerates – Whether or not the data collector will return enumerated data, or multiple lines of + data per target host + - If **Yes**, only one query can write to a single table + - If **No**, then multiple related queries can write to a single table +- Properties – Number of the properties to be returned +- Filters – Number of in-line filters applied to the data being returned by the query +- Script – Whether or not a VB Script was added to the query + - If **Yes**, a VB Script was added to query execution + - If **No**, a VB Script was not added to query execution +- Description – Description of the query (as provided by the creator of the query) + +## Tables + +Add and configure native data tables through the Tables section in the Query Selection view. + +![Tables section of Query Selection page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryselectiontables.webp) + +The Tables section at the top has three options: + +- Add Table – Adds an additional native data table and associated query to the selected job +- Rename Table – Opens the Rename Table window for changing the native data table name +- Delete Table – Deletes the selected table from the list, all associated query tasks, and the + database table if it has already been created. This action does require confirmation. + + **CAUTION:** Do not delete the last table in a job’s Query Selection view. Doing so will also + delete the Messages table. In order to delete the last table, it is necessary to delete the job. + +## Queries + +The Queries section is where the job’s preconfigured queries can be edited and where new queries can +be added. + +![Queries section of Query Selection page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryselectionqueries.webp) + +The Queries section has four options and includes the list of queries for the selected job: + +- Add from Library – Opens the Libraries window to select preconfigured data collection queries. See + the + [Add Query from Library](/docs/accessanalyzer/11.6/admin/datacollector/overview.md#add-query-from-library) + topic for additional information. +- Create Query – Opens the Query Properties window for creating and configuring queries +- Delete Query – Deletes the selected query from the list. This action does require confirmation. +- Query Properties – Opens the Query Properties window for the selected query + - This option is used for query modifications + - See the + [Create or Modify a Query](/docs/accessanalyzer/11.6/admin/datacollector/overview.md#create-or-modify-a-query) + topic for additional information + - See the topics for the individual + [Data Collectors](/docs/accessanalyzer/11.6/admin/datacollector/overview.md) + for additional information + +## Right-click Menu + +The Query Selection view also has its own right-click menu for taking action on the queries, tables, +or the job. + +![Right-click menu on the Query Selection page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryrightclickmenu.webp) + +The options in the Queries node right-click menu are: + +- Add from Library – Opens the Libraries window +- Quick Add – Quickly add a new query from a list of non-configured data collector queries +- Create Query – Creates a new query to be configured +- Cut Query – Cuts selected query +- Copy Query – Copies selected query +- Paste Query – Pastes a cut or copied query to the selected location +- Delete Query – Deletes a selected query +- Properties – Opens the Query Properties window +- Add Table – Adds a Native Data table to the selected query +- Delete Table – Deletes the selected table +- Rename Table – Opens the Rename Table window +- Run Job – Starts job execution for the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Create Job (**Ctrl + Alt + A**) – Creates a new job at the same location as the selected job + +## Host List + +Jobs with configured queries require a host list to be assigned. This can be done at either the Job +Group or Job level. Whichever location is used to set the host list for query execution should also +be the location where the Connection Profile is assigned. See the +[Job Properties](/docs/accessanalyzer/11.6/admin/jobs/job/properties/overview.md) +topic for additional information. + +- Job Groups + - Host List Assigned – **[Job Group]** > **Settings** > **Host Lists Assignment**. See the + [Host Lists Assignment](/docs/accessanalyzer/11.6/admin/jobs/group/hostlistsassignment.md) + topic for additional information. + - Connection Profile Selected – **[Job Group]** > **Settings** > **Connection**. See the + [Connection Node](/docs/accessanalyzer/11.6/admin/jobs/group/connection.md) + topic for additional information. +- Job Level + - Host List Assigned – **[Job]** > **Configure** > **Hosts**. See the + [Hosts Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/hosts.md) + topic for additional information. + - Connection Profile Selected – Connection tab of the Job’s Properties Window. See the + [Connection Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/connection.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/configure/reports.md b/docs/accessanalyzer/11.6/admin/jobs/job/configure/reports.md new file mode 100644 index 0000000000..a86bb81548 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/configure/reports.md @@ -0,0 +1,51 @@ +# Reports Node + +The Reports node is for configuring reports to be generated during job execution. + +![Reports page](/img/product_docs/accessanalyzer/11.6/admin/report/reports.webp) + +The Reports view lists any reports that have been configured for the selected job and options +related to configuring reports. The options at the top of the Reports view are: + +- Properties – Opens the + [Job Properties](/docs/accessanalyzer/11.6/admin/jobs/job/properties/overview.md) + page for the job that the report is for +- Run Now – Runs the currently selected job that the report is for +- Open Folder – Opens the Report’s folder location with supporting files in the Windows Explorer +- View Log – Opens the log for the job that the report is for + +![Options on the Reports table header row](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/reportstableheaderoptions.webp) + +The Reports table contains all of the configured reports for the job. The header row of the table +contains the following options for adding reports to the table: + +- Create – Creates a new report for the selected job + + - See the + [Creating a Report](/docs/accessanalyzer/11.6/admin/report/create.md) + topic for additional information + +- Paste – Paste a cut or copied report into the selected job + + - The paste option is accessed from the vertical ellipsis menu of the header row of the Reports + table + +![Reports table row options](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/reportstablerowoptions.webp) + +Clicking on the name of a report opens it in the Results node. Clicking **Configure** next to a +report's name opens the Report Configuration wizard for the report, see the +[Report Configuration Wizard](/docs/accessanalyzer/11.6/admin/report/wizard/overview.md) +topic for additional information. Additional options are available from the vertical ellipsis menu +on a reports row: + +- Generate – Generates the report +- Copy – Copies the report to the clipboard +- Delete – Deletes the report + +Once a report is generated, it can be viewed in several locations depending on the configuration. +Report configurations may also be copied to other reports to generate preferred outputs for +alternate jobs. However, all generated reports can be viewed in the job’s **Results** node. + +See the +[Reporting](/docs/accessanalyzer/11.6/admin/report/overview.md) topic +for additional information. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/create.md b/docs/accessanalyzer/11.6/admin/jobs/job/create.md new file mode 100644 index 0000000000..16c0a5d9bd --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/create.md @@ -0,0 +1,31 @@ +# Create a New Job + +Follow the steps to create a new job. + +![Create Job from Jobs Tree context menu](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/createjob.webp) + +**Step 1 –** Select the Jobs tree or the desired job group to add the new job to. Right-click and +select **Create Job**. + +![New Job added to Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/navigate/newjob.webp) + +**Step 2 –** Provide a unique, descriptive name for the job. The default name is `NewJob`. Some +considerations for naming conventions: + +**CAUTION:** Do not end a job name with a space. + +- There can never be two jobs with the same name. Enterprise Auditor automatically appends a numeral + to the end of a job name to avoid duplicates, for example `NewJob1`. +- No special characters can be used. See the Microsoft + [Naming Conventions](https://learn.microsoft.com/en-us/windows/win32/fileio/naming-a-file#naming-conventions) + article for limitations. +- Jobs in a group are run alphanumerically +- When possible, keep names short to avoid report path errors caused by Microsoft’s maximum path + length. See the Microsoft article referenced above. + +The new job is now ready to be configured. See the +[Data Collectors](/docs/accessanalyzer/11.6/admin/datacollector/overview.md), +[Analysis Modules](/docs/accessanalyzer/11.6/admin/analysis/overview.md), +[Action Modules](/docs/accessanalyzer/11.6/admin/action/overview.md), +and [Reporting](/docs/accessanalyzer/11.6/admin/report/overview.md) +topics for additional information. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/disableenable.md b/docs/accessanalyzer/11.6/admin/jobs/job/disableenable.md new file mode 100644 index 0000000000..7b1db48b35 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/disableenable.md @@ -0,0 +1,53 @@ +# Disable or Enable a Job + +Job groups may contain individual jobs that should not be run when the entire job group is run. Some +job groups also contain jobs that can optionally be run separately from the rest of the job group. +Individual jobs can be disabled or enabled at the job group or job level. Disabled jobs do not +execute when the parent job group is run. + +If the role based access feature is enabled, the ability to enable and disable jobs is limited by +the assigned role. See the +[Role Based Access](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md) +topic for additional information. + +## Disable a Job + +Jobs can be disabled from the Jobs tree. Disabled jobs cannot be run manually, through a scheduled +task, or executed as part of the job group. Follow the steps to disable a job. + +**Step 1 –** Select a job group or job. + +**NOTE:** When disabling jobs at the job group level, all jobs contained in the job group are +disabled, but the job group is not disabled. Any additional jobs added to that job group at a later +time will be enabled by default. + +![Disable Job from Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/disablejob.webp) + +**Step 2 –** Right-click on the job group or job and select **Disable Job(s)** from the menu. + +![Disabled Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/disabledjob.webp) + +The job is now disabled. If a job group was selected, all the jobs in the group are now disabled. +Disabled jobs are grayed out, and a red cross is displayed in front of the job. + +![Disabled Job Description page banner](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/disabledjob2.webp) + +A yellow banner also notifies users that a job is disabled in the Job’s Description page. + +Additionally, if a disabled job is run, a warning message appears in the Messages table stating: +`[UserName] requested [JobName] to run but it is in a disabled state`. Job statistics also do not +display on the job’s description page. + +## Enable a Job + +Jobs that have been disabled can be enabled from the Jobs tree. Following the steps to enable a +disabled job. + +**Step 1 –** Select the disabled job. If multiple jobs in a job group are disabled, select the job +group to enable all of the disabled jobs. + +![Enable Job from Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/enablejob.webp) + +**Step 2 –** Right-click on the job group or job and select **Enable Job(s)** from the menu. + +The job is now enabled. If a job group was selected, all the jobs in the group are now enabled. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/overview.md b/docs/accessanalyzer/11.6/admin/jobs/job/overview.md new file mode 100644 index 0000000000..cd0d49bfd1 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/overview.md @@ -0,0 +1,164 @@ +# Jobs + +An Enterprise Auditor job is responsible for running data collection, conducting data analysis, +executing actions on collected or analyzed data, or generating reports. Each of these are configured +in the corresponding section under the job’s Configure node. A single job can be configured to +execute one or multiple tasks. See the +[Configure Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/overview.md) +topic for additional information. + +![Job structure in the Job's Tree](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/jobnode.webp) + +**_RECOMMENDED:_** Use job group organization to spread these tasks across jobs. For example, create +a job to run a query and a second job to run analysis or generate a report. Then use the job group +structure to run those jobs together in the proper order. + +Jobs do not have a Settings node like a job group. Job Properties provide the option to break +inheritance on global or job group settings. See the +[Job Properties](/docs/accessanalyzer/11.6/admin/jobs/job/properties/overview.md) +topic for additional information. + +Once a job has been configured and is being executed, job progress can be viewed at the **Running +Instances** node on the Navigation pane. See the +[Running Instances Node](/docs/accessanalyzer/11.6/admin/runninginstances/overview.md) +topic for additional information. + +![Running Job](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/jobrunning.webp) + +At the bottom of the Enterprise Auditor Console, there is an indication of how many jobs are in +queue and the **View Job Progress** link, which opens the Running Instances node. + +When a job execution has completed, the tables, views, and reports generated by the job are +accessible under the job’s Status and Results nodes. See the +[Status Node](/docs/accessanalyzer/11.6/admin/jobs/job/status.md) and +[Results Node](/docs/accessanalyzer/11.6/admin/jobs/job/results.md) +topics for additional information. Reports are also accessible through the Web Console. + +## Job Description Page + +The Job Description page displays shortcuts, links, and important information on the job. The Job +Page allows users to view and modify common job configurations, such as Connection and Storage +profiles, job properties, SQL analysis parameters, and PowerShell parameters. Depending on the type +of job, the description page will appear different and display information specific to the job +selected. + +| ![Pre-Configured Job Description page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpagepreconfigured.webp) | ![User-Created Job Description page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpagenewjob.webp) | +| ---------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | +| Pre-Configured Job | User-Created Job | + +The two types of Job Groups in Enterprise Auditor are: + +- Pre-configured – The job description page provides a brief summary of the purpose of the job, the + reports and data contained within it, and summary information of the last five times the job was + executed +- User Created – The job description page of User Created jobs will be blank until the job is + configured + +Pre-configured job description pages provide users with shortcuts and links to many of the functions +that can be accessed under the **[Job Group]** > **[Job]** node in the Jobs Tree in the Navigation +Pane. + +![Job Description page options](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpageoptions.webp) + +The sections and options of the job description page are: + +- Properties – Opens the Job Properties window. See the + [Job Properties](/docs/accessanalyzer/11.6/admin/jobs/job/properties/overview.md) + topic for additional information. +- Status – Opens the job Status page. See the + [Status Node](/docs/accessanalyzer/11.6/admin/jobs/job/status.md) + topic for additional information. +- Results – Opens the job Results page. See the + [Results Node](/docs/accessanalyzer/11.6/admin/jobs/job/results.md) + topic for additional information. +- Configure – Opens the job Configure page. See the + [Configure Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/overview.md) + topic for additional information. +- Run Now – Executes the job +- Schedule – Opens the Schedule Wizard +- Open Folder – Opens the job folder location with supporting files in the Windows Explorer +- View Log – Opens the job’s log + +![Job Description page Overview section](/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpageoverview.webp) + +The Overview section provides summary information about the job, and includes the following +information: + +- Inherited settings – Job settings can be applied directly or inherited from a parent job group or + even the General Settings level. See the + [Jobs with Inherited Settings](#jobs-with-inherited-settings) topic for additional information. +- Reports – Displays a list of reports that are generated by this job +- Results – Displays a list of data tables and views created and populated by the job +- Configuration - If applicable, configure parameters for the job's analysis tasks + + - See the [Parameter Configuration](#parameter-configuration) topic for additional information. + +- Job Statistics – Displays important information for the last five times the job was executed + including: + + - Timestamp – Date timestamp of when job was initiated + - Status – Displays information on job status (Running, Success, Error) + - Duration – Displays length of time each job took + +- Graph – Displays a line graph that has information for the last five times the job was executed + +Prior to running any job or job group, ensure the following have been properly configured: + +- Queries, Analysis, Actions, and Reports are configured as desired +- If collecting data, at least one host list has been assigned +- If a host list is assigned, the appropriate Connection Profile with credentials to collect data + from the targeted hosts has been assigned + +Finally, ensure these settings are configured at the recommended location for the job or job group +and that the inheritance of settings is adjusted accordingly. + +### Jobs with Inherited Settings + +Job settings can be applied directly or inherited from a parent job group or even the General +Settings level. If settings are applied directly to a job, these are shown in the Overview section +under the job description: + +![Job Inherited settings](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/inheritedsettings.webp) + +In the example above, the **Assigned 1 Host List** setting is applied directly to the job. Other +settings are inherited from the parent job group. Clicking the **Show inherited settings** button +opens this list of the inherited settings. + +The following settings can be inherited from a parent: + +| Setting | Description | +| --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Connection profile | The tooltip shows the account name used in the connection profile. Clicking the button opens the parent Connection settings for the selected job. See the [Connection Node](/docs/accessanalyzer/11.6/admin/jobs/group/connection.md) topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit the Profile – Clicking the link opens the Connection settings for the current profile - Use Default Profile – Clicking the link applies the connection profile set as default on a global level to a job. In this case, this setting will be hidden under the **Show Inherited Settings** button. - List of existing profiles – Allows switching between existing connection profiles and apply a desired one to a job | +| Data Retention Period | The tooltip shows the current value for the data retention period (by default, Never retain previous job data). Clicking the button opens the parent History settings for the selected job. See the [History Node](/docs/accessanalyzer/11.6/admin/jobs/group/history.md) topic for additional information. | +| Log Retention Period | The tooltip shows the current value for the log retention period (by default, Retain previous job log for 7 times). Clicking the button opens the parent History settings for the selected job. See the [History Node](/docs/accessanalyzer/11.6/admin/jobs/group/history.md) topic for additional information. | +| Hosts Lists | The tooltip shows the number and the names of the host lists assigned to this job. If you have more than three host lists assigned to a job, the tooltip shows 3 hosts name and the number of other hosts lists assigned (for example, if 5 hosts are assigned it shows `Host1, Host2, Host3 + 2 more`). Clicking the button opens the parent Host Lists setting for the selected job. See the [Hosts Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/hosts.md) topic for additional information. | +| Reporting Settings | Clicking the Reporting Settings button opens the parent Reporting settings for the selected job including publishing options, email settings, and roles. See the [Reporting Node](/docs/accessanalyzer/11.6/admin/jobs/group/reporting.md) topic for additional information. | +| Storage Profile | The tooltip shows the current SQL Server instance, database name, user account, and authentication type used for the selected job. See the [Storage Node](/docs/accessanalyzer/11.6/admin/jobs/group/storage.md) topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available - Edit This Profile – Clicking the link opens the Storage settings for the current profile - Use Default Profile – Clicking the link applies the storage profile set as default on a global level to a job. In this case, this setting will be hidden under the **Show Inherited Settings** button - List of existing profiles – Allows switching between existing storage profiles and apply a desired one to a job | + +### Parameter Configuration + +If a job has analysis parameters that can be customized, those parameters can be configured in the +Configuration section of the Job Description Page. + +Follow the steps to configure customizable parameters using the Configuration option on the Job +Description Page: + +**Step 1 –** Navigate to the **Jobs > [Job Group] > [Job]** node. If the job has customizable +parameters, they will be located under Configuration in the job's Overview section. + +![Configuration section of Job description page](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpageconfigurationsection.webp) + +**Step 2 –** Click on a parameter to open the Parameter Configuration window. + +**NOTE:** To view a tool-tip that contains information about the Variable Name and the Task Name +that the parameter is associated with, hover the mouse over the parameter. + +![Parameter Configuration Window](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/parameterconfigurationwindow.webp) + +**Step 3 –** Configure the parameter in the Parameter Configuration window. Click **Save** to save +changes and exit the window. Click **Cancel** to exit without saving. + +The parameter has now been configured. The parameters can also be configured in the Analysis Node +under the job's Configure Node. See the +[Analysis Node](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysis.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/autoretry.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/autoretry.md new file mode 100644 index 0000000000..1e172be32a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/autoretry.md @@ -0,0 +1,16 @@ +# Auto Retry Tab + +The Auto Retry tab provides the option to schedule the job to re-execute against hosts that match +the selected host status values: Offline, Failed, Errors, and Warnings. + +![Auto Retry tab of Job Properties](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/autoretry.webp) + +Check the desired Host Status values to generate a retry, and then configure the Refresh Data and +Retry Options settings. Finally, enter a User name (domain\user) and Password in the Scheduler +Authentication section. + +**NOTE:** To update the password for an existing account, enter a new password in the Password +field. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/connection.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/connection.md new file mode 100644 index 0000000000..b832f499e7 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/connection.md @@ -0,0 +1,20 @@ +# Connection Tab + +The Connection tab is for configuring the Connection Profile. Choose to use the default settings +(the global configuration or configuration set via broken inheritance at a job group level), to use +the system default (the account being used to run Enterprise Auditor), or to select another +Connection Profile. + +**NOTE:** It is a best practice to set the Connection Profile at the same level where the job’s host +list is set. For example, if the host list is set under the job group’s **Settings** node, then that +is where the Connection Profile should be configured. If the host list is set under the **[Job]** > +**Configure** node, then this is where the Connection Profile should be configured. + +![Connection tab of the Jop Properties](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxml.webp) + +Select the desired option to identify the required Connection Profile for the job. See the +[Connection Node](/docs/accessanalyzer/11.6/admin/jobs/group/connection.md) +topic for additional information for the three connection options. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/general.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/general.md new file mode 100644 index 0000000000..d885cb401a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/general.md @@ -0,0 +1,50 @@ +# General Tab + +The General tab is for changing the job name and description. + +![General tab of Job Properties](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/general.webp) + +The following options are available: + +- Job Name +- Description +- Log Level – Indicates the job log level, which can be inherited from the global **Settings** > + **Application** log level or customized here. See below for additional information. +- Write CSV Files To Job Output Directory – Exports the native data table created by a query to a + CSV file in the job’s output directory. If there are multiple tables in the job, this option + creates one file per table. +- Timeout [value] minutes – Job’s thread timeout value +- Command – Provides the ability to enter a command that will be executed from the command line upon + job completion + +## Log Level + +The log level feature includes the following options: + +- Use global setting – use the Application log level feature, configured at the global level. + + **NOTE:** By selecting the another option from the drop-down list, you break inheritance for + this job. + +- Debug – Records everything that happens during job execution, most verbose level of logging + - Records all Info level information + - Records everything else that happens + - Creates the largest file +- Info – Records information about what stage of the job is being performed when errors or warnings + occurred + - Records all Warning level information + - Records job progress information +- Warning – Records all warnings which occur during job execution + - Records all Error level information + - Records all warnings and the time of occurrence +- Error – Records all errors which occur during job execution + - Records job start time + - Records errors and the time of occurrence + - Records job completion time + +**NOTE:** You can switch between log levels. All the levels, including the one that you choose, +shall be set for messaging in the application. + +![Log Level Options](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/generalloglevel.webp) + +For example, this is where you set the messaging for Info, Warning, or Error at a job level. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/history.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/history.md new file mode 100644 index 0000000000..9943898fa0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/history.md @@ -0,0 +1,17 @@ +# History Tab + +The History tab is for configuring the Data Retention and Log Retention periods. Choose either to +use the default settings, which could be either the global configuration or configuration set via +broken inheritance at a job group level, or to configure settings just for this job. + +![History tab of the Job Properties](/img/product_docs/accessanalyzer/11.6/admin/settings/history.webp) + +By default, all jobs are set to inherit the Data Retention Period and Log Retention Period settings, +the **Use Default Setting** option. Deselect the **Use Default Settings** option to configure custom +settings for the job. Then provide the desired Data Retention Period and Log Retention Period +settings. See the +[History](/docs/accessanalyzer/11.6/admin/settings/history.md) topic +for additional information. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/notification.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/notification.md new file mode 100644 index 0000000000..0b7ff5929a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/notification.md @@ -0,0 +1,14 @@ +# Notification Tab + +The Notification tab is where email notifications are configured at the job level. Choose either to +inherit the global configuration or to configure settings just for this job. + +![Notification tab of Job Properties](/img/product_docs/accessanalyzer/11.6/admin/settings/notification.webp) + +Deselect the **Use Global Settings** option to configure custom settings for the job. Then provide a +specific list of recipients for email notifications generated by this job. Multiple email addresses +can be input by adding a semicolon (;) and space between entries. This is specific to Notification +analysis module tasks. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/overview.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/overview.md new file mode 100644 index 0000000000..06cbddc716 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/overview.md @@ -0,0 +1,30 @@ +# Job Properties + +Jobs can be configured to inherit global settings down through parent job groups or to be +individually configured at the job level through the Job Properties window. + +![Open Job Properties from Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +To configure a job’s properties, open the Job Properties window by right-clicking on the job's node +in the Navigation pane and selecting **Properties**. + +The properties can be configured at the job level within the Job Properties window using the +following tabs: + +- [General Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/general.md) +- [Performance Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/performance.md) +- [Notification Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/notification.md) +- [Report Settings Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.md) +- [Report Roles Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportroles.md) +- [Storage Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/storage.md) +- [Connection Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/connection.md) +- [Auto Retry Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/autoretry.md) +- [History Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/history.md) + +You can click the **View XML** button at the bottom of the window to open the job’s XML file. See +the +[View Job XML File](/docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxml.md) +for additional information. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/performance.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/performance.md new file mode 100644 index 0000000000..34315a8d1b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/performance.md @@ -0,0 +1,23 @@ +# Performance Tab + +The Performance tab provides options that can be used to improve job performance and runtime. + +![Performance tab of Job Properties](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/performance.webp) + +Adjust the following settings by sliding the needle up and down the line: + +- Concurrent Worker Threads – The number of worker threads selected equals the number of hosts being + queried concurrently. If needed, this value can be increased. +- Skip Hosts that do not respond to PING – Selected by default. Deselect if a target host has been + configured to not respond to PING requests, allowing Enterprise Auditor to scan the target host + without a PING response. + + **NOTE:** In most cases, it is not recommend to deselect this option, as it causes the job to + continue querying offline hosts until the job timeout value is reached, set by default to 20 + minutes. + +- PING Timeout – The PING timeout value is the number of seconds before a host is identified as + offline for not responding to PING + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportroles.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportroles.md new file mode 100644 index 0000000000..29302f47e0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportroles.md @@ -0,0 +1,37 @@ +# Report Roles Tab + +The Report Roles tab is part of the Role Bases Access feature of Enterprise Auditor. If Role Based +Access has been enabled, the table displays all accounts that can view reports within the Web +Console. If Role Based Access has not been enabled, all accounts have access to all reports, and the +table is blank. See the +[Role Based Access](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md) +topic for additional information. + +![Report Roles tab of Job Properties](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/reportroles.webp) + +On the Report Roles tab, report role inheritance cannot be broken. Access to reports is inherited +from the global level to job groups to jobs to report configuration. All user roles configured at +the global level (**Settings** > **Roles**) are inherited down to all reports. Only the Global +Options Administrator, the Access Administrator, and the Host Management Administrator do not have +access to reports. + +The **Include Report Viewers from this object's parent** option can be unchecked to automatically +remove any user with the Report Viewer role inherited from a parent object to the job. Remember, +this does not apply to global inheritance. + +Additional accounts can be added with the Report Viewer role at the job level and inherited down to +all reports generated by the job. Click **Add Report Viewer** to open the Select User or Group +window and grant a new account access to these reports. Inheritance can be broken for accounts that +have not inherited the report role from the global level. Select an account and click **Delete +Report Viewer** to deny access to the reports. + +The table displays the following information: + +- Account Name – NT Style account name +- Type – Account type (user or group) +- Role – Role assigned to account which grants access to reports +- Inherited From – Indicates the level at which the account was granted access to reports. Remember, + global inheritance cannot be broken. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.md new file mode 100644 index 0000000000..9580552f78 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.md @@ -0,0 +1,18 @@ +# Report Settings Tab + +The Report Settings tab is for configuring publishing of Enterprise Auditor reports generated by +this job. Choose either to use the default settings, which could be either the global configuration +or configuration set via broken inheritance at a job group level, or to configure settings just for +this job. + +![Report Settings tab of Job Properties](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.webp) + +Use the Publish Options drop-down menu to customize the publish setting for the job. To configure +custom Email settings for the job, select the **Use These Email Settings** option and then provide +the desired Email information. Multiple email addresses can be input by adding a semicolon (;) and +space between entries. See the +[Reporting Node](/docs/accessanalyzer/11.6/admin/jobs/group/reporting.md) +topic for additional information on the Publish and Email options. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/storage.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/storage.md new file mode 100644 index 0000000000..8a3d7ebc2c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/storage.md @@ -0,0 +1,17 @@ +# Storage Tab + +The Storage tab is for configuring the Storage Profile. Choose either to use the default settings, +which could be either the global configuration or configuration set via broken inheritance at a job +group level, or to configure settings just for this job. + +![Storage tab of the Job Properties](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/storage.webp) + +By default, all jobs are set to inherit the storage setting, the **Use Default** option. To +configure a different profile for the job, select the **Use This Profile** option and select the +desired Storage Profile from the drop-down menu. Storage Profiles can only be configured at the +**Settings** > **Storage** node. See the +[Storage](/docs/accessanalyzer/11.6/admin/settings/storage/overview.md) +topic for additional information. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxml.md b/docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxml.md new file mode 100644 index 0000000000..7dfbaca637 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxml.md @@ -0,0 +1,19 @@ +# View Job XML File + +At the bottom of the Job Properties window is the **View XML** button. To view the XML file, click +**View** XML. + +| ![View XML button on Job Properties window](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxmlbutton.webp) | ![XML Text window](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxml.webp) | +| ----------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | +| Job Properties Window | Job XML File | + +This opens the job’s XML file, which contains all of the job, query, and reporting configurations. +When the log level is directly set at job level, the job XML `` parameter will show a +value of: + +- 0 for Debug +- 1 for Info +- 2 for Warning +- 3 for Error + +**NOTE:** Job analysis configurations are kept in a separate XML file. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/results.md b/docs/accessanalyzer/11.6/admin/jobs/job/results.md new file mode 100644 index 0000000000..8fac2a89a2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/results.md @@ -0,0 +1,27 @@ +# Results Node + +Once a job has been executed, the query populated native data tables, the analysis and action +populated materialized tables and views, and the generated reports can be viewed under the job’s +Results node. + +**NOTE:** Native data tables are only populated by jobs with configured queries. Materialized tables +and views are only generated by jobs with configured analysis or action tasks. Reports are only +generated by jobs with configured reports. + +![Results Node](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/resultsnode.webp) + +Every job generates a native data table when executed, which appears at the top of the Results node. +The native data table, or raw data table, is produced by query execution. It contains all raw data +collected by the scan. It is often named DEFAULT, but may have another name that is set during query +configuration. If no query is executed by the job, the DEFAULT table is listed as a placeholder only +and will be empty (0 rows). It is possible to have multiple queries in the same job, though not +recommended. These queries could write to the same native data table, or each query could write to +its own native data table. If multiple native data tables are being generated by one job, they are +listed in alphanumeric order at the top of the Results node list. + +Analysis tasks can be configured to generate materialized tables and views. Action tasks create +action status tables. These appear beneath the native data tables under the Results node in +alphanumeric order. + +Finally, any reports generated by the job, both published and unpublished, will be listed beneath +the materialized tables and views in alphanumeric order. diff --git a/docs/accessanalyzer/11.6/admin/jobs/job/status.md b/docs/accessanalyzer/11.6/admin/jobs/job/status.md new file mode 100644 index 0000000000..218429785e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/job/status.md @@ -0,0 +1,33 @@ +# Status Node + +Once a job has been executed, it always generates the tables providing information on host +connection status, job statistics, job task statistics, and error and warning messages can be viewed +under the job’s Status node: + +![Status Node](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/statusnode.webp) + +The Status node tables are: + +- ConnectStatus table – Lists all hosts queried during job execution and the access status of the + scan, unless the System Default is being used +- Job Stats table – Provides information on the selected job’s runtime details, according to the + global configuration set in the **Settings** > **Application** node. By default, this is set to + not filter the data. +- Task Stats table – Provides information for each task run during job execution, according to the + global configuration set in the **Settings** > **Application** node. By default, this is set to + filter to the most recent data. + + **NOTE:** The Job Statistics Retention settings in the **Settings** > **Application** node + control how long the job statistics history is kept in the database and displayed Job Stats and + Task Stats tables. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information. + +- Messages table – Provides a list of any warning or error messages that occurred during the + execution of the job. For example, a frequently generated message is + `WARNING: No Host found for processing`. + + - If this message is generated by an analysis or reporting job, then there is no problem as that + type of job does not need a host list assigned + - However, if this message is generated by a job running a data collection query, this warning + would explain why the native data table is empty diff --git a/docs/accessanalyzer/11.6/admin/jobs/overview.md b/docs/accessanalyzer/11.6/admin/jobs/overview.md new file mode 100644 index 0000000000..6e0caffd17 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/jobs/overview.md @@ -0,0 +1,109 @@ +# Jobs Tree + +Jobs are the fundamental unit of Enterprise Auditor. It is through jobs that all data collection +queries, analysis tasks, notification tasks, action tasks, and report generation occur. Jobs are +housed within the Jobs tree of the Navigation pane. + +The Jobs Tree is located in the Navigation Pane on the Enterprise Auditor Console. + +![Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/jobs/jobstreeoverview.webp) + +Clicking on the arrow next to the Jobs node will expand it. The Jobs tree is organized +alphanumerically, first by job groups and then by any jobs that are independent of job groups. + +Each component within the Jobs tree has an icon for quick reference. The icons are: + +| Icon Description | Description | +| -------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | +| ![jobgroup](/img/product_docs/accessanalyzer/11.6/admin/jobs/jobgroup.webp) | Job Group | +| ![modifiedjobgroup](/img/product_docs/accessanalyzer/11.6/admin/jobs/modifiedjobgroup.webp) | Modified Job Group | +| ![settings](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) | Settings node for a Job Group/ Configure node for a job | +| ![job](/img/product_docs/accessanalyzer/11.6/admin/jobs/job.webp) | Job | +| ![modifiedjob](/img/product_docs/accessanalyzer/11.6/admin/jobs/modifiedjob.webp) | Modified Job | +| ![lockedjob](/img/product_docs/accessanalyzer/11.6/admin/jobs/lockedjob.webp) | Locked Job (Only applicable to Role Based Access feature) | +| ![status](/img/product_docs/accessanalyzer/11.6/admin/jobs/status.webp) | Status node for a Job | +| ![connectstatus](/img/product_docs/accessanalyzer/11.6/admin/jobs/connectstatus.webp) | Job’s ConnectStatus Node | +| ![jobstatus](/img/product_docs/accessanalyzer/11.6/admin/jobs/jobstatus.webp) | Job Status for a Job | +| ![taskstatus](/img/product_docs/accessanalyzer/11.6/admin/jobs/taskstatus.webp) | Task Status for a Job | +| ![results](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp) | Results node for a Job | +| ![messages](/img/product_docs/accessanalyzer/11.6/admin/jobs/messages.webp) | Job’s Messages table | +| ![jobsdata](/img/product_docs/accessanalyzer/11.6/admin/jobs/jobsdata.webp) | Job’s Data Table or View | +| ![jobsreport](/img/product_docs/accessanalyzer/11.6/admin/jobs/jobsreport.webp) | Job’s Report | + +A green checkmark over a Job or Job Group icon indicates a configuration change has been made to the +job or job group. The global settings configured under the Settings node are inherited down through +the Jobs tree to the job unless inheritance is broken in a job group’s Settings node, a job’s +Configure node, or a job’s Properties window. See the +[Navigating the Console](/docs/accessanalyzer/11.6/admin/navigate/overview.md) +for additional information. + +## Job Execution Options + +Enterprise Auditor is designed to execute jobs one at a time in the order assigned. If a job group +is run, the jobs execute in the order listed within the job group. Job groups are designed to run +data collection jobs before running analysis and reporting jobs. If multiple jobs are independently +triggered to run, the jobs execute in the order triggered. + +Jobs execution options include: + +- Manual or Ad Hoc + - Applies logged in user’s credentials to execute the job on the Enterprise Auditor Console + server + - Job progress can be monitored through the **Running Instances** node + - Order of job execution can be manipulated on the **Running Instances** node + - Closing the Enterprise Auditor Console terminates the running job and clear the jobs queue +- Schedule + - Applies Schedule Service Account credentials to execute the job through Windows Task Scheduler + - Each scheduled task independently employs the Enterprise Auditor application, allowing + unrelated tasks to run simultaneously + - Runs on schedule whether a user is logged in or not + +## Changes Window + +The Changes window is where jobs are created by customers or professional services engineers. Custom +jobs can be enabled to track changes to configuration settings. When enabled, configuration changes +are tracked in change logs stored within the job folder. Changes can also be viewed within this +window. + +Remember, custom jobs are not shipped with Enterprise Auditor but instead user created. + +The Changes window opens from the **Changes** option in the right-click menu from the selected Jobs +tree, job group, or job node. + +![Changes Window](/img/product_docs/accessanalyzer/11.6/admin/jobs/changeswindow.webp) + +Select **Enabled** from the drop-down menu in the upper-left corner to turn on change tracking of +configuration settings. Select a modification from the table and click **Undo** to revert the +change. + +The window columns display the following information: + +- Job Path – Path to the job where the configuration change occurred, only visible when viewed at + the Jobs tree or job group level +- Component – Component of the job where the configuration change occurred, for example Job, Query, + or Analysis +- Modification – Type of change that was made, for example Add or Update +- Task – Name of the analysis or action task modified, only populated when the change occurred to an + Analysis or Action component +- Setting – A changed setting +- Value – New setting value. If the modification was an update, this displays both the old and the + new setting value. + +Select a modification from the table and click **Undo** to revert the change. + +If configuration change tracking is **Disabled**, configuration changes are only written directly to +the job’s XML file. If the configuration change tracking feature was previously enabled and then +disabled at a later time, an option is provided to merge changes back into the job’s XML file. + +![Change Window Merge Changes](/img/product_docs/accessanalyzer/11.6/admin/jobs/changeswindowmerge.webp) + +To merge the changes into the job’s XML file without disabling the configuration change tracking +feature, click **Merge** on the bottom left corner of the Changes window and then click **Yes** on +the Enterprise Auditor pop-up window to confirm the merge. + +![Changes Window Locked](/img/product_docs/accessanalyzer/11.6/admin/jobs/changeswindowlocked.webp) + +Changes between releases are tracked. Only jobs that are locked can be upgraded. + +**NOTE:** Jobs that are included in Enterprise Auditor are locked and changes cannot be made to +those jobs. diff --git a/docs/accessanalyzer/11.6/administration/maintenance/antivirus-exclusions.md b/docs/accessanalyzer/11.6/admin/maintenance/antivirusexclusions.md similarity index 100% rename from docs/accessanalyzer/11.6/administration/maintenance/antivirus-exclusions.md rename to docs/accessanalyzer/11.6/admin/maintenance/antivirusexclusions.md diff --git a/docs/accessanalyzer/11.6/admin/maintenance/backuprecovery.md b/docs/accessanalyzer/11.6/admin/maintenance/backuprecovery.md new file mode 100644 index 0000000000..0a069397dc --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/maintenance/backuprecovery.md @@ -0,0 +1,100 @@ +# Backup and Recovery + +For data recovery purposes, the Enterprise Auditor does not need a complete image back up of the +Enterprise Auditor Console server. Rather a standard file level back up of a few key components is +all that is necessary. This document contains a step-by-step guide for back up and recovery. The +choice of back up utility is left to the Enterprise Auditor user. + +**NOTE:** This does not cover back up of the Enterprise Auditor database. + +## Steps to Back Up the Console Server + +Follow these steps to back up the key components necessary for data recovery of the Enterprise +Auditor Console server. + +**Step 1 –** Obtain or save the installation media for Enterprise Auditor. + +**Step 2 –** Back up the following files and folders from the Enterprise Auditor folder (Typically +found at `C:\Program Files(x86)\STEALTHbits\StealthAUDIT` and can be more directly found with the +built-in environment variable `%SAINSTALLDIR%`): + +- ...\STEALTHbits\StealthAUDIT\Jobs: Contains the jobs from the Enterprise Auditor jobs tree +- … \STEALTHbits\StealthAUDIT\CLU: Contains any CLU parameters +- … \STEALTHbits\StealthAUDIT\ODBCProfiles\Custom: Contains any custom ODBC connect strings +- …\STEALTHbits\StealthAUDIT\SADatabase\Views: Contains the host list definitions +- ...\ STEALTHbits\StealthAUDIT\SecurityMap: Contains all of the Connection Profiles +- ... \STEALTHbits\StealthAUDIT\GlobalOptions.XML: Contains the Global Options +- ...\ STEALTHbits\StealthAUDIT\SPProfiles.XML: Contains the Storage Profiles (SQL connection) +- ...\ STEALTHbits\StealthAUDIT\rba.conf: Contains the Role Based Access Configuration +- ...\ STEALTHbits\StealthAUDIT\StealthAUDIT.LIC: The license key + +**Step 3 –** Back up all Scheduled Tasks. The method of back up is determined by the Enterprise +Auditor user. This can be as simple as copying the contents of the tasks folder from the following +two locations: + +![C:\Windows\Tasks](/img/product_docs/accessanalyzer/11.6/admin/maintenance/maintenance_3.webp) + +- C:\Windows\Tasks + +![C:\Windows\System32\Tasks](/img/product_docs/accessanalyzer/11.6/admin/maintenance/maintenance_4.webp) + +- C:\Windows\System32\Tasks + +All key components necessary for data recovery have now been backed up. + +## Steps to Restore the Console Server + +Follow these steps for data recovery of the Enterprise Auditor Console server. + +**Step 1 –** Confirm the prerequisites have been met on the Enterprise Auditor Console Server. See +the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for specific prerequisites. + +**Step 2 –** Install the Enterprise Auditor application. Do not start the Enterprise Auditor +application at this time. + +**Step 3 –** Restore all of the backed up files and folders from Step 2 of Steps to Back up the +Enterprise Auditor Console Server to their corresponding location. + +**Step 4 –** Restore all of the backed up scheduled tasks from Step 3 of Steps to Back up the +Enterprise Auditor Console Server to the corresponding tasks folder of the operating system. + +**Step 5 –** For Host Management and Host List Replication in a new host scenario, run the following +code within the SQL Studio on the Enterprise Auditor database. + +- Replace `OldServer` and `NewServer` in the script below with the names of the old and new + Enterprise Auditor servers + +``` +Declare @OHost varchar (128) +Declare @NHost varchar (128) +Set @OHost = 'OldServer' +Set @NHost = 'NewServer' +Update [HostMaster_SANodeFilter] +SET SA_Node = @NHost +Where SA_Node = @OHost; +Update [HostListsTbl] +SET SA_Node = @NHost +Where SA_Node = @OHost +and ListID not in (Select ListID from [HostListsTbl] where SA_Node = @NHost); +Update [QueryTbl] +SET SA_Node = @NHost +Where SA_Node = @OHost; +``` + +**Step 6 –** Start Enterprise Auditor and confirm all settings and jobs have been restored. + +**Step 7 –** Enable Role Based Access to write the necessary registry keys: + +![Role Based Access](/img/product_docs/accessanalyzer/11.6/admin/maintenance/maintenance_5.webp) + +- Navigate to the **Settings** > **Access** node in the Enterprise Auditor Console and select + **Access** +- Use the **Add Access**, **Edit Member Role**, and **Delete Member Role** buttons to add, remove, + and edit roles +- See the + [Role Based Access](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md) + topic for more information + +The Enterprise Auditor Console Server is now restored. diff --git a/docs/accessanalyzer/11.6/administration/maintenance/best-practices.md b/docs/accessanalyzer/11.6/admin/maintenance/bestpractices.md similarity index 100% rename from docs/accessanalyzer/11.6/administration/maintenance/best-practices.md rename to docs/accessanalyzer/11.6/admin/maintenance/bestpractices.md diff --git a/docs/accessanalyzer/11.6/admin/maintenance/overview.md b/docs/accessanalyzer/11.6/admin/maintenance/overview.md new file mode 100644 index 0000000000..1dee6d3bbf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/maintenance/overview.md @@ -0,0 +1,10 @@ +# Application Maintenance and Best Practices + +The following topics contain information needed for application maintenance and troubleshooting for +the Enterprise Auditor Console: + +- [Antivirus Exclusions](/docs/accessanalyzer/11.6/admin/maintenance/antivirusexclusions.md) +- [Updating Passwords](/docs/accessanalyzer/11.6/admin/maintenance/updatepasswords.md) +- [Backup and Recovery](/docs/accessanalyzer/11.6/admin/maintenance/backuprecovery.md) +- [Troubleshooting](/docs/accessanalyzer/11.6/admin/maintenance/troubleshooting.md) +- [Best Practices](/docs/accessanalyzer/11.6/admin/maintenance/bestpractices.md) diff --git a/docs/accessanalyzer/11.6/admin/maintenance/troubleshooting.md b/docs/accessanalyzer/11.6/admin/maintenance/troubleshooting.md new file mode 100644 index 0000000000..9056d94f7b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/maintenance/troubleshooting.md @@ -0,0 +1,77 @@ +# Troubleshooting + +There are some general things to know when getting started troubleshooting Enterprise Auditor: + +- Enterprise Auditor Install Directory Shortcut – `%sainstalldir%` + +The shortcut opens the installation folder location where the Enterprise Auditor application is +installed. The default installation directory is: + +C:\Program Files (x86)\STEALTHbits\StealthAUDIT\ + +If the installation directory was customized during installation, it will be: + +…\STEALTHbits\StealthAUDIT\ + +The Enterprise Auditor install directory has several logs that can be accessed for troubleshooting +purposes. This includes: + +- The Application log which contains logging of all activities within Enterprise Auditor +- The Upgrade log which logs activities related to the upgrade process +- The upgrade archive which is a zip file containing all of your Enterprise Auditor jobs prior to + the upgrade process +- Sensitive Data logs that contain details from sensitive data scans performed against various + repositories +- Artifacts from various data collection routines such as tier 2 database files created from File + System or SharePoint scanning + +See the [Logs](#logs) topic for additional information. + +## Logs + +Enterprise Auditor has a few areas where it stores logs. Make sure the log level is set to DEBUG in +Enterprise Auditor to gather all necessary information. Once the logs have been created and sent to +Netwrix Support, then reset the logging level to save disc space. + +To set your logging level to debug go to **Settings** > **Application** – **Set the Application log +level to Debug** and restart the application. + +#### Where Are the Logs Located? + +| Log Name | Log Location | +| ------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SADebug (Enterprise Auditor Console) | `%sainstalldir%SADatabase\Logs\Application` SADebug Logs will be saved in the format: SADebug-[timestamp]-[PID].tsv | +| Job Log (Enterprise Auditor Console) | Windows File Explorer Shortcut: `%sainstalldir%Jobs\Group_Name\Job_Name\Output\nameofjob.tsv` Console Shortcut: **Right click job** > **Explore folder** > `nameofjob.tsv` | +| ExchangePS logs (Enterprise Auditor Console) | `%sainstalldir%PrivateAssemblies\GUID` | +| PowerShell Logs (Enterprise Auditor Console) | `%sainstalldir%Jobs\SA_CommonData\PowerShell` | +| PowerShell logs (Remote Host): | ` C:\Program Files(x86)\STEALTHbits\StealthAUDIT\Applet\Powershell\GUID` | +| RPC logs (File System Action Module) | `FileSystemAM\RPCLogs` | +| SMARTLog logs (Remote Host) | `C:\Program Files(x86)\STEALTHbits\StealthAUDIT\Applet\SmartLog` | +| SMARTLog logs (Enterprise Auditor Console) | `%SAInstallDir%Jobs\SA_CommonData\SmartLog` | +| SMARTLog Persistence File (Enterprise Auditor Console) | `%SAInstallDir%Jobs\SA_CommonData\SmartLog\GUID\Host` | +| Metrics Logs (Remote Host) | `{Location of Message Tracking Logs}\ SA_ExchangeMetricsData\NameofQuery` | +| Metrics Persistence File (Enterprise Auditor Console) | `%SAInstallDir%Jobs\SA_CommonData\Metrics\GUID\Host` | +| Web Server Logs | `%sainstalldir%SADatabase\Logs\Web` | + +## FSAA Log Naming Conventions + +FSAA Applet Logs: + +All FSAA applet logs have the following naming convention for permissions, activity, sensitive data, +and DFS scan types: + +- `[SCAN TYPE]_[HOSTNAME]_[YEAR]_[MONTH]_[DAY]_[TIME]_{JOB_GUID}_[SessionID].log` + +FSAA Trace Logs: + +Below are two types of FSAA trace logs created while in local, applet, or proxy modes: + +- Parent Trace Log – StealthAUDITRPC*[YYYYMMDD_hhmmss]*[Execution_Host].log + - ProccessID is logged in the job log +- Child Trace Log – + StealthAUDITRPC*[session_id]*[ScanType]_[Execution_host]_[Target_host]_[YYMMDD_hhmmss].log + - ProcessID is logged in the Parent trace log + +When running StealthAUDITRPC as a service, the parent trace log reads as: + +- StealthAUDITRPC.log diff --git a/docs/accessanalyzer/11.6/admin/maintenance/updatepasswords.md b/docs/accessanalyzer/11.6/admin/maintenance/updatepasswords.md new file mode 100644 index 0000000000..f7453e7ae5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/maintenance/updatepasswords.md @@ -0,0 +1,95 @@ +# Updating Passwords + +Credential passwords in Enterprise Auditor occasionally need to be updated due to reasons such as +the password expiring due to existing password expiration polices or for security purposes. If a +password change is required, there are multiple types of accounts where credential passwords must be +updated: + +- [Storage Profiles](#storage-profiles) +- [Connection Profiles ](#connection-profiles) +- [Schedule Service Accounts ](#schedule-service-accounts) + + - [Settings > Schedule Node](#settings-schedule-node) + - [Schedules Node](#schedules-node) + - [Jobs](#jobs) + +- [Notifications (if enabled)](#notifications-if-enabled) +- [ServiceNow (if enabled)](#servicenow-if-enabled) +- [Enterprise Auditor Services](#enterprise-auditor-services) + +**NOTE:** When updating passwords in Enterprise Auditor, you should also check the passwords in +Netwrix Activity Monitor. See the Update Credential Passwords topic in the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for additional information. + +## Storage Profiles + +Storage Profiles manage user authentication with the database. See the +[Update Authentication Credentials in a Storage Profile](/docs/accessanalyzer/11.6/admin/settings/storage/updateauth.md) +topic for information about updating Storage Profile authentication credentials in the Enterprise +Auditor Console. + +## Connection Profiles + +Connection Profiles are used for scan authentication in the Enterprise Auditor console. See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for details on how to edit user credentials for a Connection Profile. + +For Entra ID, formerly Microsoft Azure Active Directory, accounts, see the +[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/11.6/config/entraid/access.md) +topic for additional information. + +## Schedule Service Accounts + +Enterprise Auditor uses the Schedule Service Account to run scheduled tasks on the Enterprise +Auditor Console server. The global account is configured at the Settings > Schedule node. However, a +custom account can be assigned to either a Job or a Scheduled Task. + +### Settings > Schedule Node + +The Settings > Schedule Node displays the Schedule page where you can configure the account used for +executing a scheduled task. See the +[Edit a Schedule Service Account](/docs/accessanalyzer/11.6/admin/settings/schedule.md#edit-a-schedule-service-account) +topic for additional information on editing the user credentials for the account. + +### Schedules Node + +The Schedules Node opens the Scheduled Actions pages where scheduled tasks are listed. From this +page, actions can be scheduled using the Schedule wizard. See the +[Schedule Wizard](/docs/accessanalyzer/11.6/admin/schedule/wizard.md) +topic for additional information on updating the credentials password in the Schedule wizard. + +### Jobs + +Jobs are typically scheduled with the global scheduled account. However, Jobs can also be scheduled +with a custom account. See the +[Auto Retry Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/autoretry.md) +topic for information on updating the Schedule Authentication credentials. + +## Notifications (if enabled) + +Email notifications are configured in the Notifications node. The following steps only apply if +Notification authentication has been enabled for the Enterprise Auditor Console. See the +[Update Notification Authentication Credentials](/docs/accessanalyzer/11.6/admin/settings/notification.md#update-notification-authentication-credentials) +topic for information on updating Notification authentication credentials. + +## ServiceNow (if enabled) + +The ServiceNow Node controls the integration between Enterprise Auditor and ServiceNow. See the +[Update ServiceNow Authentication Credentials](/docs/accessanalyzer/11.6/admin/settings/servicenow.md#update-servicenow-authentication-credentials) +topic for information on updating ServiceNow authentication credentials. + +## Enterprise Auditor Services + +Depending on your configuration, the credentials for the accounts running the following Netwrix +Enterprise Auditor services may need updating: + +- File System Proxy Service – This service is on the proxy server. See the + [File System Proxy Service Installation](/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md) + topic for additional information. +- Vault Service – See the + [Vault](/docs/accessanalyzer/11.6/admin/settings/application/vault.md) + topic for additional information +- Web Server Service – See the + [Reports via the Web Console](/docs/accessanalyzer/11.6/install/application/reports/overview.md) + topic for additional information diff --git a/docs/accessanalyzer/11.6/admin/navigate/activitiespane.md b/docs/accessanalyzer/11.6/admin/navigate/activitiespane.md new file mode 100644 index 0000000000..bede9c6f41 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/navigate/activitiespane.md @@ -0,0 +1,20 @@ +# Activities Pane + +The Activities pane displays a list of activities which can be conducted within the currently +selected console section. It is only visible if there are activities available for the selected +section. In the few cases where the Results pane is a wizard, this pane becomes the navigation pane +for the wizard, e.g. the Enterprise Auditor Host Discovery Wizard. If the currently selected console +section has an associated Activities Pane, it can be found on the right-hand side of the Enterprise +Auditor Console. + +![activitiespane](/img/product_docs/accessanalyzer/11.6/admin/navigate/activitiespane.webp) + +The following console sections have associated Activities Panes: + +- All Global Settings > [Settings] nodes +- Host Management nodes +- **Host Discovery** node +- Jobs > [Job Group/Job] > Settings node + +The Guidance section of the Activities Pane will display context sensitive information depending on +what the currently selected console section is. diff --git a/docs/accessanalyzer/11.6/admin/navigate/datagrid.md b/docs/accessanalyzer/11.6/admin/navigate/datagrid.md new file mode 100644 index 0000000000..2d2cb75410 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/navigate/datagrid.md @@ -0,0 +1,262 @@ +# Data Grid Functionality + +All data grids within the Enterprise Auditor Console have functions and features that allow +Enterprise Auditor users to group by, filter, and sort via the filtration dialog through the data. + +![Search Methods - Data Grid](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality.webp) + +The different grouping, filtering, and search methods in the Data Grid are: + +- [Data Grid Right-Click Menu](#data-grid-right-click-menu) +- [Sort](#sort) +- [Group By](#group-by) +- [Filter](#filter) + +The Show maximum [value] of total [value] rows, located in the upper-right hand corner of the Data +Grid view in the Results Pane, indicates how many rows of data are available within this data grid +(the first value) and how many rows of data are available in the Enterprise Auditor database for +this data grid (the second value). The maximum value can be changed by the user and only affects the +maximum number of rows available for this data grid within the Enterprise Auditor Console. The total +value is automatically supplied from the Enterprise Auditor database and cannot be changed by the +user. If the total value is less than the maximum value, then all available data for this grid is +present for sorting, filtering, and searching. + +## Data Grid Right-Click Menu + +The right-click menu that affects data grid functionality is accessible by right-clicking on the +data grid header row. + +![Data Grid Functionality](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality1.webp) + +The Data Grid Right-click menu contains the following selections: + +- Sort Ascending – Sorts data by selected column in alphanumeric order +- Sort Descending – Sorts data by selected column in alphanumeric order +- Clear Sorting – Removes all sorting from selected column +- Group By This Field – Groups data or clears grouping of data by selected column +- Group By Box – Hides or shows the Group By Box where headers can be dragged-and-dropped to group + the data +- Footer – Provides a data grid summation row at the bottom of the data grid (see the + [Footer](#footer) section) +- Group Footers – Provides a data grid summation row at the bottom of each group (see the + [Footer](#footer) section) +- Remove This Column – Removes selected column from the data grid +- Field Chooser – Opens the Customization window (see the + [Customization Window](#customization-window) section) +- Best Fit – Changes column width to fit the data within the selected column +- Best Fit (all columns) – Changes column width for all columns to fit the data + +Some data grids include right-click menus for actions on the data. See the corresponding sections +for information on right-click menus within a data grid. + +### Customization Window + +The Customization window can be used to customize the data grid to only display specific columns. + +![Customization Window](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality2.webp) + +To open the Customization window, select Field Chooser from the column header right-click menu. + +![Customization Window](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality3.webp) + +Any column that has been removed from the data grid, either by dragging it off the screen or by +dropping it into this window, will be listed here. A column not currently displayed can be returned +to the data grid by dragging-and-dropping it from this window onto the header row. + +### Footer + +The footer provides a data grid summation row. The summation capabilities exist for every column on +the footer either for the entire data grid or by grouped sections of the data grid. + +![Footer Option](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality4.webp) + +To enable the footer, right-click in a column header and select Footer from the right-click menu. + +![Footer display](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality5.webp) + +The footer appears as a gray bar at the bottom of the grid (or grid group). Right-click on the +footer under the desired column. Only the options applicable to the desired column will be valid for +selection. + +![Footer options](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality6.webp) + +The different footer options are: + +- Sum – Available for columns with numeric values, adds all values in the column +- Min – Available for columns with numeric values, identifies the minimum value in the column +- Max – Available for columns with numeric values, identifies the maximum value in the column +- Count – Counts the number of records within the column +- Average – Available for columns with numeric values, calculates the average value for the column +- None – Removes the selected summation + +## Sort + +The data grid can be sorted in alphanumeric order by clicking on a column header. + +![Sort Order](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality7.webp) + +An arrow displays on the column header indicating if the sort is increasing or decreasing. This +feature only works on one column at a time. + +## Group By + +Users can interact and search through data grids in the Results Pane. + +| ![Default Group By View](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality8.webp) | ![Organized by Column Header](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality9.webp) | +| -------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | +| Default view | Organized by Column Header | + +To use this feature, drag a column header into the “Drag a column header here to group by that +column” area. The data grid groups according to the data within that column. The sub-header provides +a ‘count’ of records within each group. Expand the group to view the data. + +![Expand Group View](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality10.webp) + +Multiple columns can be dragged into the Group By area to form tiered groupings. + +**NOTE:** Sorting by the FQDN column is an easy way to see if there are two entries for the same +host. + +![Column Header](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality11.webp) + +The data grid can also be grouped by dragging a column header beneath the other column headers +either to the stationary section on the left or to the mobile section on the right. Each record +counts as a single row for the total rows value, but displays in two rows with the second row +dedicated for the moved column. + +Drag the column header(s) back to the table to remove the grouping or use the Clear Sort option in +the [Data Grid Right-Click Menu](#data-grid-right-click-menu). Additionally, the sort will clear +when the user navigates to another place in the console. + +## Filter + +Users can filter and search data in the Data Grid by using the dropdown arrow in the column headers +to select from a list of filters, configuring a custom filter, or by using the Data Grid filtration +dialog located above the Activities Pane. + +![Filter](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality12.webp) + +In the header of every column is a drop-down arrow. This provides users with the ability to filter +the data grid for a particular item or items within a column. The drop-down menu has the options of +(All), (Custom…), and an alphabetical listing of all items currently within that column for the data +grid. + +- [Custom Filter](#custom-filter) – Click Custom Filter in the header dropdown to open the Custom + Filter window +- [Filtration Dialog](#filtration-dialog) – Click the Magnifying Glass icon in the Filtration Dialog + to select a specific filter + +### Custom Filter + +The Custom option opens a Custom Filter builder for the selected column. + +![Custom Filter](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality13.webp) + +The Custom Filter window options are: + +- Show rows where + - First Comparison Operator – Select from a list of different logical operators that will apply + to the first custom filter criteria + - AND/OR radio buttons – Select logical relationship between the first and second custom filter + criteria + - Second Comparison Operator – Select from a list of different logical operators that will apply + to the second custom filter criteria. +- Two wildcard options: + - The underscore (_) can be used to represent any single character + - The asterisk (\*) can be used to represent any series of characters + +#### Creating a Custom Filter + +Follow the steps to create a Custom Filter: + +**Step 1 –** Click the dropdown arrow in the column header for the column where the Custom Filter is +going to be applied and select (Custom…) from the list. The Custom Filter window opens. + +![Creating a Custom Filter](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality14.webp) + +**Step 2 –** Set the desired criteria for the custom filter. Select the logical operator from the +drop-down menu on the left and set the criteria in the textbox on the right. + +**Step 3 –** Select either AND/OR and set the second criteria field, following the same method as +Step 2. + +**Step 4 –** Click OK to confirm changes. The custom filter criteria is now applied to the Data +Grid. + +In the example above, OSName is like \*2008\* AND not like \*Standard\*, the filter returns all data +records with an operating system name that contains “2008” but not “Standard,” e.g. Windows Server +2008 Enterprise Edition, 64 bit and Windows Server 2008 R2 Datacenter Edition, 64-bit, etc. Complex +filters can be created using the Advanced Search option in the Filtration Dialog. + +![Selected Filter Criteria](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality15.webp) + +The selected filter criteria will appear at the top of the data grid. A red X appears in the +filtration dialog, and the total rows value drops to the number of records that match the filter +criteria. Additional filter statements can be added for other columns by repeating the process to +build complex filters. The filtration dialog also provides other ways to filter and search the data +set. See the [Filtration Dialog](#filtration-dialog) topic for additional information on this +feature. + +Filters can be cleared by clicking the red X in the filtration dialog (to clear all filter +statements), selecting All from the column’s drop-down menu (to clear filters one column at a time), +or by navigating to another place in the console (to clear all filter statements). However, the +Recent Filters option in the filtration dialog provides a list of the most recent filters applied to +the data set for users to quickly return to a filtered view. + +### Filtration Dialog + +The filtration dialog in the upper-right corner with the magnifying glass icon provides additional +filtering options. + +![Filtration Dialog](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality16.webp) + +The magnifying glass icon opens a dropdown list of columns for the selected data grid, the Advanced +Search option, and the Recent Filters list. Typing in the textbox at the top filters the data grid +for the selected column (identified by the black dot). Hover over the Recent Filters menu item to +open the list of the last server filters applied to this data grid. + +#### Advanced Search + +The Advanced Search option opens a Set Filter builder for users to build a filter for multiple +columns using multiple logical operators. + +![Advanced Search](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality17.webp) + +The filter options and logical operators are: + +- Filter Button – The Filter button opens a menu with the options to: + - Add Condition + - Add Group + - Clear All +- Logical Operator – The logical operator (red text) beside the Filter button can be changed by + clicking on it to open a menu with: + - AND + - OR + - NOT AND + - NOT OR +- Ellipsis Button – The ellipsis (…) button at the beginning of each row opens a menu with options + to: + - Add Condition + - Add Group + - Remove Row +- Column Selection – The selected column (green text) can be changed by clicking on it to open a + menu with all available columns for the data grid. +- Comparison Operator – The comparison operator (dark red text) can be changed by clicking on it to + open a menu with: + - equals + - does not equal + - is less than + - is less than or equal to + - is greater than + - is greater than or equal to + - like + - not like + - is blank + - is not blank + - between + - not between + - in + - not in +- Filter Criteria – The filter criteria (blue text) can be changed by clicking on it and typing in + the textbox that appears. The Custom Filter builder wildcards can also be used in the Set Filter + builder. diff --git a/docs/accessanalyzer/11.6/admin/navigate/overview.md b/docs/accessanalyzer/11.6/admin/navigate/overview.md new file mode 100644 index 0000000000..735cd7d38f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/navigate/overview.md @@ -0,0 +1,26 @@ +# Navigating the Console + +There are several options that can be used to navigate the Enterprise Auditor Console. This section +covers basic Enterprise Auditor Console navigation, including menu options, buttons, and the +different panes through which users can access Enterprise Auditor’s various functions and options. + +![Console Navigation Overview](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationoverview.webp) + +The primary sections of the Enterprise Auditor Console are: + +- [Top Navigation](/docs/accessanalyzer/11.6/admin/navigate/top.md) – + Comprised of the Menu Bar and the Actions Bar +- [Navigation Pane](/docs/accessanalyzer/11.6/admin/navigate/pane.md) + – Navigate through all of Enterprise Auditor’s major functions using the Navigation Pane. + Selecting a node or sub-folder in the Navigation Pane will change what can be done in the Results + Pane. +- [Results Pane](/docs/accessanalyzer/11.6/admin/navigate/resultspane.md) + – Displays various interfaces based on what is selected in the Navigation Pane or Activities Pane +- [Activities Pane](/docs/accessanalyzer/11.6/admin/navigate/activitiespane.md) + – Displays a list of activities which can be conducted within the currently selected console + section + +Enterprise Auditor Data Grids also have specific navigation options that enable users to filter, +group, and search through data. See the +[Data Grid Functionality](/docs/accessanalyzer/11.6/admin/navigate/datagrid.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/navigate/pane.md b/docs/accessanalyzer/11.6/admin/navigate/pane.md new file mode 100644 index 0000000000..c490a75202 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/navigate/pane.md @@ -0,0 +1,346 @@ +# Navigation Pane + +The Navigation Pane, located on the left-hand side of the Enterprise Auditor Console, lists all the +major functions of Enterprise Auditor in a collapsible list format. Clicking on any node with an +arrow will open a collapsible list that shows more navigation, configuration, and use options. + +![Configuration Settings](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationmenu.webp) + +The items in the Navigation Pane are: + +- Settings – Opens the Global Settings section for configurations which affect the running of + Enterprise Auditor jobs. See the + [Global Settings](/docs/accessanalyzer/11.6/admin/settings/overview.md) + topic for additional information. +- Host Management – Opens the Host Management section for inventorying and managing hosts to be + targeted by Enterprise Auditor jobs. See the + [Host Management](/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md) + topic for additional information. +- Host Discovery - Opens the Host Discovery section for discovering hosts to be targeted by the + Enterprise Auditor jobs. See the Host Discovery topic for additional information. +- Running Instances – Displays progress for all running jobs. This includes jobs that are run by a + scheduled task, interactively within the open Enterprise Auditor instance, or interactively in any + other running instance of Enterprise Auditor See the + [Running Instances Node](/docs/accessanalyzer/11.6/admin/runninginstances/overview.md) + topic for additional information. +- Schedules – Opens the Scheduled Actions view which displays information on all scheduled tasks. + See the + [Schedules](/docs/accessanalyzer/11.6/admin/schedule/overview.md) + topic for additional information. +- Jobs – Lists all solutions, job groups, and jobs within a folder structure. See the + [Jobs Tree](/docs/accessanalyzer/11.6/admin/jobs/overview.md) topic + for additional information. + +The title above the Navigation Pane will change depending on what is selected. There are also +several right-click or context menus available throughout the console. See the +[Navigation Pane Right-click Menus](#navigation-pane-right-click-menus) topic for additional +information. + +## Navigation Pane Right-click Menus + +There are several contextual right-click menus that are accessed by right-clicking on individual +nodes or sub-nodes in the Navigation Pane. The different right-click menus are: + +- Host Management Right-click Menus +- Jobs Tree Right-click Menus + +### Host Management Right-click Menus + +The following right-click menus are available within the Host Management node. + +See the +[Host Management](/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md) +topic for additional information on these actions. + +#### Discovery Node + +The Discovery node right click-menu can be accessed in the Host Management node in the Navigation +Pane. + +![Discovery Node options](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane1.webp) + +The Discovery node right-click menu options are: + +- Create Query – Opens the + [Host Discovery Wizard](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/overview.md) +- Suspend/Resume Query Queue – Pauses or resumes the host discovery queue + +#### All Hosts Node + +The All Hosts node right-click menu can be accessed in the Host Management node in the Navigation +Pane. + +![All Hosts Node options](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane2.webp) + +The All Hosts right-click menu options are: + +- Add Hosts – Opens the + [Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) + window +- Refresh Lists – Refreshes host list +- Refresh Hosts – Executes the host inventory query +- Save Selected to Lists – Opens the + [Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) + window with the selected hosts already added to a new list +- Schedule – Opens the + [Schedule (Activities Pane Option)](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedule.md) + window to schedule a host inventory query +- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file +- Suspend/Resume Host Inventory – Pauses or resumes a host inventory query + +#### All Hosts > [Host List] Node + +The All Hosts > [Host List] right-click menu can be accessed in the Host Management node in the +Navigation Pane. + +![Host List Node options](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane3.webp) + +The All Hosts > [Host List] node right-click menu options are: + +- Edit List – Opens the + [Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) + window for the selected list +- Rename List – Opens the Host list name window +- Delete List – Delete the selected host list +- Refresh List – Refreshes host list +- Refresh Hosts – Executes the host inventory query +- Save Selected to List – Opens the + [Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) + window with the selected hosts already added to a new list +- Schedule – Opens the + [Schedule (Activities Pane Option)](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedule.md) + window to schedule a host inventory query +- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file +- Suspend Host Inventory – Pauses or resumes a host inventory query + +### Jobs Tree Right-click Menus + +The following right-click menus are available within the Jobs tree. + +See the [Jobs Tree](/docs/accessanalyzer/11.6/admin/jobs/overview.md) +topic for additional information on these actions. + +#### Jobs Tree Primary Nodes + +The Job tree primary nodes have the following right-click menu items: + +**NOTE:** These menu items apply to a Jobs Tree, Job Group, and a Job. Depending on the chosen +selection, some menu items are grayed out. + +| ![Jobs Tree Primary Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane4.webp) | ![Jobs Tree Primary Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane5.webp) | ![Jobs Tree Primary Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane6.webp) | +| --------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------- | +| Jobs Tree Node | A Job Group Node | A Job Node | + +Menu items include: + +- Run Group/Jobs – Executes the selected job group or job +- Publish – Publishes the reports from the selected job group or job without regenerating the + report. See the + [Reporting](/docs/accessanalyzer/11.6/admin/report/overview.md) + topic for additional information. +- Lock Group/Job – Locks job group or job, indicating configuration has been approved and the job + group or job is ready to be scheduled/run. This option only applies to Role Based Access. See the + [Role Based Access](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md) + topic for additional information. +- Unlock Group/Job – Unlocks job group or job, indicating the configuration has not been approved or + needs to be modified. Unlocking a job will prevent Job Initiators from scheduling or running the + job. This option only applies to Role Based Access. See the + [Role Based Access](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md) + for additional information. +- Enable/Disable Job(s) – Disables the selected job or job group and skips them during scan + execution. When a job group is disabled, all existing jobs within the job group are disabled. See + the + [Disable or Enable a Job](/docs/accessanalyzer/11.6/admin/jobs/job/disableenable.md) topic + for more information. +- Schedules – Opens the + [Schedule Jobs](/docs/accessanalyzer/11.6/admin/schedule/overview.md#schedule-jobs) to + schedule job group or job execution +- Refresh Tree – Refreshes the Jobs tree +- Changes – Opens the + [Changes Window](/docs/accessanalyzer/11.6/admin/jobs/overview.md#changes-window) to + track changes to job configuration in a change log +- Cut – Cuts the selected job group or job (Ctrl+X) +- Copy – Copies the selected job group or job (Ctrl+C) +- Paste – Pastes a copied/cut job group or job to the selected location (Ctrl+V) + + **CAUTION:** Delete Group/Job will also delete all tables that match the job’s naming convention + from the database. + +- Delete Group/Job – Deletes the selected job group or job. See the + [Report Cleanup when Deleting a Job or Job Group](/docs/accessanalyzer/11.6/admin/report/cleanup.md) + topic for additional information. + + **CAUTION:** Rename Group/Job will rename all tables that match the job’s naming convention + within the database. + +- Rename Group/Job – Opens a textbox over the selected job group or job to rename +- Export – Zips the selected job group or job. Options allow for including the job, the reports, + and/or the job log and SA_Debug log. + - Save the ZIP file to a desired location, and optionally attach it to an email to + [Netwrix Support](https://www.netwrix.com/support.html). + - Email option requires + [Notification](/docs/accessanalyzer/11.6/admin/settings/notification.md) + settings to be configured. +- Create Job (Ctrl+Alt+A) – Creates a new job at the same location as the selected job group or job. + See the + [Create a New Job](/docs/accessanalyzer/11.6/admin/jobs/job/create.md) + topic for additional information. +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md). +- Create Group – Creates a new job group within the selected location +- Explore Folder – Opens the Windows Explorer folder for the select object +- Properties – Opens the + [Job Properties](/docs/accessanalyzer/11.6/admin/jobs/job/properties/overview.md) window + +#### [Job] > Status Node + +The [Job] > Status node has the following right-click menu items: + +![Status Node](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane7.webp) + +The Status node right-click menu items are: + +- Run Job – Executes the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + +#### [Job] > Status > [Table/View] Nodes + +The [Job] > Status > [Table/View] nodes have the following right-click menu items: + +| ![Table/View Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane8.webp) | ![Table/View Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane9.webp) | ![Table/View Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane10.webp) | +| -------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | +| ConnectStatus Table | Job Stats & Task Stats Tables | Messages Table | + +These menu items apply to the ConnectStatus Tables, Job Stats and Task Stats Tables, and the +Messages Table. Depending on the chosen selection, some menu items are grayed out. The menu items +are: + +- Create Hostlist From Data – Opens the New host list from job results window +- Edit Host List – Opens the Edit Dynamic Job Host Lists window +- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file +- Run Job – Executes the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Creates Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + +#### [Job] > Results Node + +The [Job] > Results node has the following right-click menu items: + +![Results Node](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane11.webp) + +The menu items are: + +- Refresh Tree – Refreshes the Jobs Tree +- Run Job – Executes the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + +#### [Job] > Results > [Table/View] Nodes + +The [Job] > Results > [Table/View] nodes have the following right-click menu items: + +![Results-Table View Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane12.webp) + +The menu items are: + +- Create Hostlist From Data – Opens the New host list from job results window. See the + [Host Management](/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md) + topic for additional information. +- Edit Host List – Opens the Edit Dynamic Job Host Lists window. See the + [Host Management](/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md) + topic for additional information. +- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file +- Actions – Opens the selected + [Action Modules](/docs/accessanalyzer/11.6/admin/action/overview.md) + for the selected table/view +- Run Job – Executes the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Create Job - Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + +#### [Job] > Results > [Report] Nodes + +The [Job] > Results > [Report] nodes have the following right-click menu items: + +![Results-Report Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane13.webp) + +The [Job] > Results > [Report] node right-click menu items are: + +- Run Job – Executes the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + +#### [Job] > Configure Node + +The [Job] >Configure node have the following right-click menu items: + +![Configure Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane13.webp) + +The [Job] > Configure node right-click menu items are: + +- Run Job – Executes the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + + **NOTE:** This right-click menu is also opened at the Configure > Hosts node. + +#### [Job] > Configure > [Configuration] Nodes + +The right-click menu items for the [Job] > Configure > [Configuration] node are the same right-click +menus as those available within the job’s individual configuration views: + +| ![Configure-Configuration Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane14.webp) | ![Configure-Configuration Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane15.webp) | ![Configure-Configuration Nodes](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane16.webp) | +| ---------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | +| Queries Node | Analysis Node | Actions Node | + +Each configuration node has a different right-click menu. For additional information on each: + +- For the Queries node, see the + [Jobs](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md) section + for information on these options +- For the Analysis node, see the + [Jobs](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md) section + for information on these options +- For the Actions node, see the + [Jobs](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md) section + for information on these options + +#### [Job] > Configure > Reports Node + +The [Job] >Configure > Reports node has the following right-click menu items: + +![Configure-Reports Node](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane17.webp) + +The [Job] > Configure > Reports node right-click menu items are: + +- Create Report – Opens a new report Configuration under the job’s **Configure > Reports Node** +- Paste Report – Paste a copied report from a different job into this job’s Reports node +- Run Job – Executes the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job + +#### [Job] > Configure > Reports > [Report Configuration] Node + +The [Job] >Configure > Reports > [Report Configuration] node has the following right-click menu +items: + +![Reports Configuration Node](/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane18.webp) + +The [Job] > Configure > Reports > [Report Configuration] node right-click menu items are: + +- Generate Report – Generates the selected report +- Rename Report – Opens a textbox over the selected report to rename +- Delete Report – Deletes the selected report +- Copy Report – Copies the report configuration to clipboard. The copied report will have only the + roles inherited from the parent job when pasted. +- Run Job – Executes the selected job +- Add Instant Job – Opens the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) diff --git a/docs/accessanalyzer/11.6/admin/navigate/resultspane.md b/docs/accessanalyzer/11.6/admin/navigate/resultspane.md new file mode 100644 index 0000000000..cdc9d2a21c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/navigate/resultspane.md @@ -0,0 +1,9 @@ +# Results Pane + +The Results pane displays all views for the selected console section. + +![Results Pane](/img/product_docs/accessanalyzer/11.6/admin/navigate/resultspane.webp) + +The Results pane displays all views for the selected console section. This includes solution, job +group, and job descriptions, configuration views, native and materialized data tables and views, and +reports. diff --git a/docs/accessanalyzer/11.6/admin/navigate/top.md b/docs/accessanalyzer/11.6/admin/navigate/top.md new file mode 100644 index 0000000000..bdc6731b5c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/navigate/top.md @@ -0,0 +1,153 @@ +# Top Navigation + +The Top Navigation bars provide users quick access to various options and functions in Enterprise +Auditor. The two parts of the Top Navigation section are: + +- [Menu Bar on the Console](#menu-bar-on-the-console) +- [Button Bar on the Console](#button-bar-on-the-console) + +## Menu Bar on the Console + +Users can access various Enterprise Auditor functions and actions in the Menu Bar. + +![Menu Bar on Console](/img/product_docs/accessanalyzer/11.6/admin/navigate/menubar.webp) + +The Menu Bar options are: + +- File + + - Create Job – Creates a new job (Ctrl+Alt+A) at the selected location within the Jobs tree + - Add Instant Job – Opens the Enterprise Auditor Instant Job Wizard to install an instant job + set at the selected location within the Jobs tree. See the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) + section for information on installing instant solutions from the Enterprise Auditor Library. + + **CAUTION:** Delete Job will also delete all data tables with the job’s base naming + convention from the SQL database. + + - Delete Job – Deletes the selected job from the Jobs tree + - Properties – Opens the Job Properties window for the selected job. See the + [Job Properties](/docs/accessanalyzer/11.6/admin/jobs/job/properties/overview.md) + topic for additional information. + - Export Data – Exports the selected data table or view to an HTML, XML, or CSV file format + - Exit – Closes the Enterprise Auditor application + +- Edit + + - Cut – Cuts (Ctrl+X) the selected job group or job + - Copy – Copies (Ctrl+C) the selected job group or job + - Paste – Pastes (Ctrl+V) a copied job group or job to the selected job group folder (or into + the Jobs tree) + + **CAUTION:** Delete will also delete all data tables with the job’s base naming convention + from the SQL database. + + - Delete – Deletes the job group or job at the selected location within the Jobs tree + +- View + - Refresh Tree – Refreshes the Jobs tree + - Reset Current Data View – This is a legacy feature + - Show Change Deltas – This is a legacy feature + - Show Job Progress – Redirects the Enterprise Auditor Console to the Running Job Node to view + the running job’s progress. See the + [Running Instances Node](/docs/accessanalyzer/11.6/admin/runninginstances/overview.md) + topic for additional information. +- Job + + - Add Instant Job – Opens the Enterprise Auditor Instant Job Wizard to install an instant job + set at the selected location within the Jobs tree. See the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) + section for information on installing instant solutions from the Enterprise Auditor Library. + - Create Job – Creates a new job (Ctrl + Alt + A) at the selected location within the Jobs tree + + **CAUTION:** Delete Job will also delete all data tables with the job’s base naming + convention from the SQL database. + + - Delete Job – Deletes the selected job from the Jobs tree + + **CAUTION:** Rename Job will also rename all data tables with the job’s base naming + convention within the SQL database. + + - Rename Job – Renames the selected job + - Properties – Opens the Job Properties window for the selected job. See the + [Job Properties](/docs/accessanalyzer/11.6/admin/jobs/job/properties/overview.md) + topic for additional information. + - Execute: + - Run Job or Group – Starts job execution for the selected job group or job + - Stop Job or Group – Stops job execution for the selected job group or job + - Schedule – Opens the selected job’s Schedule window. See the + [Schedule Jobs](/docs/accessanalyzer/11.6/admin/schedule/overview.md#schedule-jobs) + topic for additional information. + - Queries: + + - Add from Library – Opens the Library to add a query to the selected job’s Query Selection + view. See the Query Selection topic for additional information. + - Create Query – Opens the Query Selection window to create a new query at the selected + job’s Query Selection view + - Cut Query – Deletes the selected query from the selected job’s Query Selection view + - Properties – Opens the Query Selection window for the selected query + - Add Table – Opens the Query Selection window to add a table to the selected query + - Delete Table – Opens the Delete Table window which identifies associated tasks to be + deleted and asks for confirmation of the deletion action. See the Query Selection topic + for additional information. + - Rename Table – Opens the Rename Table window to enter a new table name for the selected + query. See the Query Selection topic for additional information. + + See the Data Collectors topic for additional information. See the + [Data Collectors](/docs/accessanalyzer/11.6/admin/datacollector/overview.md) + topic for additional information. + + - Reports + - Create Report – Creates a new report at the selected Reports node + - Generate Report – Generates the selected report and opens the report in a browser window + - Rename Report – Rename the selected report for the database and how it is seen in the Jobs + tree + - Delete Report – Delete the selected report + +- Schedules + - Schedule – Opens the selected object’s Schedule window to create a new scheduled action. The + Enterprise Auditor Console is redirected to the Schedules node. See the + [Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) + topic for additional information. + - Delete – Delete the selected scheduled task from the Scheduled Actions view of the Schedules + node + - Properties – Opens the selected scheduled task’s Schedule window. See the + [Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) + topic for additional information. +- Tools + - Libraries – Opens the Add Query from Library window to add a query to the selected job’s Query + Selection view. See the + [Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) + topic for additional information. + - Options – Redirects the Enterprise Auditor Console to the Settings node +- Help + - Content – Opens Enterprise Auditor help documentation + - User Details – Opens an information window display Current Logged In User and Role Assigned To + Current User (when applicable) + - Reference – This is a legacy feature + - Enable Support Mode – Enables Support Mode for Netwrix Support Engineers + - About – Opens the About window with the Enterprise Auditor Console’s version and license + information, including License Expiration date, Host Limit, and Licensed Features + +## Button Bar on the Console + +The Button bar provides quick links to various actions and functions in Enterprise Auditor. + +![Button Bar](/img/product_docs/accessanalyzer/11.6/admin/datacollector/buttonbar.webp) + +The options in the Button Bar are: + +| Icon | Icon Description | Name | +| --------------------------------------------------------------------------------------------------------------------- | --------------------------- | --------------------------------------------------- | +| ![selectinstantjob](/img/product_docs/accessanalyzer/11.6/admin/navigate/selectinstantjob.webp) | Paper with plus sign | Select an Instant Job | +| ![newjob](/img/product_docs/accessanalyzer/11.6/admin/navigate/newjob.webp) | Paper with pencil | Create a new job (Ctrl + Alt + A) | +| ![newgroup](/img/product_docs/accessanalyzer/11.6/admin/navigate/newgroup.webp) | Folder with plus sign | Create a new group | +| ![newquery](/img/product_docs/accessanalyzer/11.6/admin/navigate/newquery.webp) | Puzzle piece with plus sign | Create a new query and add it to the selected table | +| ![addreport](/img/product_docs/accessanalyzer/11.6/admin/navigate/addreport.webp) | Graph with plus sign | Add a report | +| ![addquery](/img/product_docs/accessanalyzer/11.6/admin/navigate/addquery.webp) | Book with plus sign | Add a query from a library | +| ![cut](/img/product_docs/accessanalyzer/11.6/admin/navigate/cut.webp) | Scissors | Cut the selected query to the clipboard (Ctrl + X) | +| ![copy](/img/product_docs/accessanalyzer/11.6/admin/navigate/copy.webp) | Duplicate papers | Copy the selected query to the clipboard (Ctrl + C) | +| ![paste](/img/product_docs/accessanalyzer/11.6/admin/navigate/paste.webp) | Clipboard with paper | Paste the query from the clipboard (Ctrl + V) | +| ![delete](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/delete.webp) | Red X | Delete the selected query | + +Select a button for the desired action. diff --git a/docs/accessanalyzer/11.6/admin/overview.md b/docs/accessanalyzer/11.6/admin/overview.md new file mode 100644 index 0000000000..467b881c8f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/overview.md @@ -0,0 +1,73 @@ +# Administration + +The Enterprise Auditor application is the power behind the solutions. It has the automation, +management, and integration building blocks that ensure the solutions’ advanced data collection and +analysis deliver meaningful results to an organization’s infrastructure and other technologies. +Users manage and control access to unstructured and structured data, systems, and critical +applications with the application. + +## Data Collectors Overview + +Enterprise Auditor leverages a wide variety of APIs and protocols to connect to and communicate with +the systems and applications in an organization’s environment. From MAPI to PowerShell, WMI, LDAP, +CIFS, and more. It uses the best, most appropriate data collection methodology for every data +collection task. The majority of Enterprise Auditor data comes from agentless scans and log +collection. This enables remote collection of thousands of data points across dozens of system and +application types. + +Though Enterprise Auditor does use applets and kernel-level drivers for certain data collection +requirements, e.g. real-time file level activity monitoring, these agent-based advanced data +collection methods allow the kind of deep rich information, which can usually be obtained only by +substantial manual effort. + +See the +[Data Collectors](/docs/accessanalyzer/11.6/admin/datacollector/overview.md) +topic for additional information. + +## Analysis Modules Overview + +Enterprise Auditor employs a series of powerful, yet easy-to-use Analysis Modules which provide +end-users with the ability to perform very simple and sophisticated data analysis routines with +ease: + +- Correlation – Easily correlate data from multiple datasets to create meaningful views +- Policy – Create rules and policies which automatically categorize your data output, i.e. Severity, + Classifications, etc. +- Change – Turn on change detection to see exactly what has changed between time periods +- Trend – See what is happening over time and when thresholds will be met +- Conformance – Create a baseline or designate a “golden” image to see what deviates from the + organization’s desired standards +- Notification – Get alerts based upon any condition within any dataset, with control over how and + how often alerts are generated + +See the +[Analysis Modules](/docs/accessanalyzer/11.6/admin/analysis/overview.md) +topic for additional information. + +## Action Modules Overview + +The Enterprise Auditor Action Module framework enables administrators to make bulk changes across +various system and application resources such as File Systems, Exchange Mailboxes, Public Folders, +Distribution Lists, SharePoint sites, and Windows Registry. The Mail and Survey Action Modules work +in conjunction with other Action Modules and datasets to instantiate workflows involving end-users +such as data custodians to obtain answers and verifications. + +See the +[Action Modules](/docs/accessanalyzer/11.6/admin/action/overview.md) +topic for additional information. + +## Reporting Overview + +The Enterprise Auditor custom report authoring engine, dashboards, and open data views provide +information to multiple audiences within an organization, both technical and non-technical. Its +reporting capabilities include a distribution and viewing mechanism allowing reports to be +automatically distributed via email or posted to one or more network locations and/or websites for +simple, secure, and on-demand access to information. The Enterprise Auditor Report Index provides +access to published Enterprise Auditor reports through a web-based console, granting access to +reports without requiring access to the Enterprise Auditor Console. It is accessed through the +Stealthbits Web Console, which is created during the installation of Enterprise Auditor. The Web +Console can also provide access to the Access Information Center, and other Stealthbits products. + +See the +[Reporting](/docs/accessanalyzer/11.6/admin/report/overview.md) topic +for additional information. diff --git a/docs/accessanalyzer/11.6/admin/report/cleanup.md b/docs/accessanalyzer/11.6/admin/report/cleanup.md new file mode 100644 index 0000000000..270900426b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/cleanup.md @@ -0,0 +1,40 @@ +# Report Cleanup when Deleting a Job or Job Group + +When deleting a job or job group, the Delete Job and Delete Group wizards allow you to delete any +published reports contained in the jobs that are being deleted. Follow the steps to delete a job or +job group that contains published reports. + +**CAUTION:** Deleted objects cannot be restored. + +![Delete Group on right-click menu](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +**Step 1 –** In the Jobs tree, right-click on the job or group that you want to delete and select +**Delete Job/Group**. + +![Delete Group wizard page](/img/product_docs/accessanalyzer/11.6/admin/report/deletegroup.webp) + +**Step 2 –** On the Delete Job/Group page of the wizard, confirm it shows the correct job or group +that you want to delete, then click **Next**. + +**NOTE:** If there are no published reports, clicking **Next** starts the deletion (skip to step 4). + +![Delete Published Reports wizard page](/img/product_docs/accessanalyzer/11.6/admin/report/reporttree.webp) + +**Step 3 –** The Delete Published Reports page of the wizard shows the tree of published reports. +Select the checkboxes next to all the reports you want to delete. You can also select reports by job +group or job. Click **Next** to proceed with the deletion. + +![Progress wizard page](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/progress.webp) + +**Step 4 –** The Progress page shows you the status of the deletion process. When it has completed, +click **Finish** to exit the wizard. + +The job or job group and all of the selected published reports have been deleted. If you chose not +to delete any of the published reports contained in any of the deleted jobs, then those remaining +reports can still be viewed in the Web Console, even though the parent has been removed from the +Enterprise Auditor Console. + +![Delete Published Reports page with a report from previous deletion](/img/product_docs/accessanalyzer/11.6/admin/report/reportfrompreviousdeletion.webp) + +The remaining published reports that weren't deleted are shown in the wizard if you are deleting the +parent group of the previously deleted job or group. diff --git a/docs/accessanalyzer/11.6/admin/report/create.md b/docs/accessanalyzer/11.6/admin/report/create.md new file mode 100644 index 0000000000..b8d97d5ae5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/create.md @@ -0,0 +1,74 @@ +# Creating a Report + +Creating and customizing reports allows you to design outputs uniquely crafted to your requirements. +Reports can vary by section order, sourced data, file format, and other elements within the reports +configuration. + +You can add additional reports by the following methods: + +- [Create a Custom Report](#create-a-custom-report) +- [Copy an Existing Report](#copy-an-existing-report) + +**NOTE:** It is important to consider whether a report should be added to an existing job, or a new +job created to generate the report. Contact [Netwrix Support](https://www.netwrix.com/support.html) +for additional information on report outputs. + +## Create a Custom Report + +You can create a new custom report for an existing job from the job’s Reports node. Follow the steps +to create a new report. + +**Step 1 –** Navigate to **Jobs** > **[Job]** > **Configure** and select the **Reports** node. + +![Create report option](/img/product_docs/accessanalyzer/11.6/admin/report/create.webp) + +**Step 2 –** On the Reports page, click Create. + +**Step 3 –** The Report Configuration wizard is automatically launched. Use the wizard to configure +the new report as required, see the +[Report Configuration Wizard](/docs/accessanalyzer/11.6/admin/report/wizard/overview.md) +topic for instructions. Click **Finish** on the final page of the wizard to create the report. + +The new report is added to the Reports table. + +![Generate report](/img/product_docs/accessanalyzer/11.6/admin/report/generate.webp) + +**Step 4 –** Click the vertical ellipsis menu next to the report and select Generate. + +The report is now created. To access the new report, see the +[Viewing Generated Reports](/docs/accessanalyzer/11.6/admin/report/view.md) +topic. + +## Copy an Existing Report + +You can create a new report by copying an existing report and pasting it in a job’s Reports node. +You can then optionally customize the report as required. Follow the steps to create a copy of an +existing report. + +![Copy Report](/img/product_docs/accessanalyzer/11.6/admin/navigate/copy.webp) + +**Step 1 –** Navigate to the Reports node where the desired report to copy is located. Click the +vertical ellipsis menu next to the report and select Copy. + +![Paste Report](/img/product_docs/accessanalyzer/11.6/admin/navigate/paste.webp) + +**Step 2 –** Navigate to the Reports node in the desired destination for the new report. Click the +vertical ellipsis menu in the header row of the Reports table and select Paste. + +The copy of the report is added to the Reports table. Reports that are copied maintain the same +configuration settings as the original report. + +**NOTE:** If the report copied to the job’s Reports node has the same name as an existing report, +the copied report adds a numerical value to the name sequentially. For example if the existing +report is named Exceptions Summary, then the new report is named `Exceptions Summary1`. + +**Step 3 –** (Optional) Click the **Configure** button next to the report. Use the Report +Configuration wizard to modify the reports settings. See the +[Report Configuration Wizard](/docs/accessanalyzer/11.6/admin/report/wizard/overview.md) +topic for instructions. + +**Step 4 –** Click the vertical ellipsis menu next to the report and select Generate. + +The report is now created. To access the new report, see the +[Viewing Generated Reports](/docs/accessanalyzer/11.6/admin/report/view.md) +topic. diff --git a/docs/accessanalyzer/11.6/admin/report/edit.md b/docs/accessanalyzer/11.6/admin/report/edit.md new file mode 100644 index 0000000000..5589b12c1f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/edit.md @@ -0,0 +1,29 @@ +# Editing Existing Reports + +It is not recommended to edit existing reports unless there are changes to a job’s settings at the +global level, job group level, or job level. Changes to when data is collected, the types of data +collected, and the properties of collected data are not reflected in a report’s configuration. As a +result, generated reports could appear with blank fields or misleading information about the purpose +of the collected data, unless the report is modified to reflect the changes to the job's settings. +To modify a report, use the Report Configuration Wizard. + +Follow the steps to modify an existing report. + +**Step 1 –** Navigate to the Reports node that contains the report. + +![Configure Report](/img/product_docs/accessanalyzer/11.6/admin/analysis/configure.webp) + +**Step 2 –** Click the **Configure** button next to the report you want to modify. + +**Step 3 –** Use the Report Configuration wizard to make any required changes. See the +[Report Configuration Wizard](/docs/accessanalyzer/11.6/admin/report/wizard/overview.md) +topic for instructions. + +- You must go through all pages of the wizard, and click **Finish** on the final page to save your + changes. Skip any sections or pages that do not require changes to the existing configuration. You + can click **Cancel** on any page to exit the wizard without saving your changes. + +Your configuration updates have been saved. To view the updated report you need to first generate +the report or run it's associated job. See the +[Viewing Generated Reports](/docs/accessanalyzer/11.6/admin/report/view.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/report/interactivegrids/copyingcells.md b/docs/accessanalyzer/11.6/admin/report/interactivegrids/copyingcells.md new file mode 100644 index 0000000000..6216220699 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/interactivegrids/copyingcells.md @@ -0,0 +1,12 @@ +# Copying Cells + +Copying an individual cell within a generated report enables easier searching for information using +the AIC or other tools. The copy feature can only be used on interactive grids. Each cell listed +under a column can be selected and copied to the clipboard. + +![Copy Cell Data](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/copycell.webp) + +To copy a cell, select the cell, then right-click on it and select **Copy Cell Data**. + +**NOTE:** You may need to allow programmatic clipboard access for your browser the first time you +attempt to copy a cell. diff --git a/docs/accessanalyzer/11.6/admin/report/interactivegrids/grouping.md b/docs/accessanalyzer/11.6/admin/report/interactivegrids/grouping.md new file mode 100644 index 0000000000..67c4bc2aca --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/interactivegrids/grouping.md @@ -0,0 +1,16 @@ +# Grouping Data + +If grouping is enabled, the **Group by** field provides a drop-down list of categories by which the +data can be grouped. + +**NOTE:** Grouping and filtering cannot be enabled at the same time. If grouping is enabled, the +Filter icon is disabled in the report. + +The following example shows an interactive grid in which grouping has been enabled. See the +[Grid](/docs/accessanalyzer/11.6/admin/report/wizard/widgets.md#grid) +topic for additional information. + +![Group by option](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/groupby.webp) + +The drop-down list to the right of the Group by field can be accessed by clicking the down arrow. +Click an item from the drop-down list to group the report by that category. diff --git a/docs/accessanalyzer/11.6/admin/report/interactivegrids/overview.md b/docs/accessanalyzer/11.6/admin/report/interactivegrids/overview.md new file mode 100644 index 0000000000..5c61463493 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/interactivegrids/overview.md @@ -0,0 +1,29 @@ +# Interactive Grids + +Interactive grids in the table section of a report provide the ability to interact with the data and +filter it as required. Interactive grids allow you to perform the following actions: + +- Group data +- Search and filter data +- Paging +- Download data to a CSV file + +![Interactive Grid actions bar](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/interactivegridoptions.webp) + +The toolbar in an interactive grid can display the following options: + +- Filter icon – Click this icon to activate searching and filter the data +- Group by – Provides a drop-down list of available categories to select for grouping. When grouping + is enabled, searching is disabled. +- Up arrow and down arrow – Click to expand or collapse the groups +- Download Data – Click to download all data to a CSV file. This option is displayed when the + **Export table data as CSV** checkbox has been selected for the report, see the + [Grid](/docs/accessanalyzer/11.6/admin/report/wizard/widgets.md#grid) + topic for additional information. + +When enumeration is set on an interactive grid, a second download button is displayed. A CSV file +can be downloaded that contains only data for the selected enumeration. + +![Group by loading data](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/groupbyloadingdata.webp) + +When grouping data, interactive grids display the percentage of data that has loaded on the page. diff --git a/docs/accessanalyzer/11.6/admin/report/interactivegrids/paging.md b/docs/accessanalyzer/11.6/admin/report/interactivegrids/paging.md new file mode 100644 index 0000000000..731fcf9dfb --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/interactivegrids/paging.md @@ -0,0 +1,17 @@ +# Paging + +Paging allows users to interact with large sets of data more efficiently when viewing, filtering, +and sorting generated report tables by limiting the amount of data being displayed at a given time. +Reports provide the ability to navigate to specific pages using arrows at the bottom of the report. +Paging is enabled by default. See the +[Grid](/docs/accessanalyzer/11.6/admin/report/wizard/widgets.md#grid) +topic for additional information. + +**NOTE:** Paging and grouping cannot be enabled at the same time. When Paging is enabled, the +Grouping options are disabled for the report. + +![Paging](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/paging.webp) + +When paging is enabled, arrows are displayed that allow you to navigate to the next page, last page, +previous page, or first page. If the data is filtered, it is indicated at the end of the line. Each +page contains 10 records. diff --git a/docs/accessanalyzer/11.6/admin/report/interactivegrids/searchfilter.md b/docs/accessanalyzer/11.6/admin/report/interactivegrids/searchfilter.md new file mode 100644 index 0000000000..855ae4a391 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/interactivegrids/searchfilter.md @@ -0,0 +1,63 @@ +# Searching and Filtering Data + +When dealing with large sets of data, it may be useful to search for a desired attribute. This can +be done using the Filter icon. + +**NOTE:** Searching and grouping cannot be enabled at the same time. If grouping is enabled, the +Search icon is disabled in the report. + +The following example shows an interactive grid in which searching has been enabled. See the +[Grid](/docs/accessanalyzer/11.6/admin/report/wizard/widgets.md#grid) +topic for additional information. + +![Search](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/search.webp) + +Enter search criteria in the boxes under the columns to filter the data. Click the search icon again +to clear the filters. + +Click on a column to sort by that column. Clicking on a cell in a column automatically expands the +column size to fit the largest length of text contained in the column. + +## Searching Enumerated Tables + +Enabling the enumerated column option, and choosing a column from the data set adds a list of column +types to display as enumerated tables. + +![Enumerated Table](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/enumerated.webp) + +To change the enumeration in the report, select an option from the enumerated column list. When +enumeration is set on an interactive grid, a second download button is displayed with the name of +the currently selected enumerated column. You can use this to download a CSV file that only contains +the data for the selected enumeration. + +## Filtering on Dates & Times + +Data can also be filtered on dates and times. Expanding the column’s width activates hyperlinks to +filter on specific time periods. + +![Date column filter](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/datefilter.webp) + +Enter a Start and End date and select the desired time period. + +## Filtering on Numeric Columns + +Comparison operators can also be used for filtering. Comparison operators which can be used for +filtering include the following: + +| Description | Operator | +| ------------------------ | -------- | +| Equal to | = | +| Greater than | `>` | +| Less than | `<` | +| Less than or equal to | `<=` | +| Greater than or equal to | `>=` | +| A range of values | n1..n2 | + +## Adding & Removing Columns + +Columns can be added or removed from the table. + +![Add and remove columns](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/addremovecolumns.webp) + +Right-click on a column to display a list of the available columns. Select the checkboxes of the +columns you want to be displayed. Click the up or down arrows to scroll through the list of columns. diff --git a/docs/accessanalyzer/11.6/admin/report/overview.md b/docs/accessanalyzer/11.6/admin/report/overview.md new file mode 100644 index 0000000000..9a39c0291b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/overview.md @@ -0,0 +1,25 @@ +# Reporting + +Enterprise Auditor provides the ability to report on collected data in multiple ways such as tables, +views, graphs, and emails. Depending on the type of data collected, different reporting methods can +simplify how to present and understand the information. + +![Reports node](/img/product_docs/accessanalyzer/11.6/admin/report/reports.webp) + +The Reports node, contained within a job’s Configure node, lists any reports that are configured for +the job. The page contains options to create a report, configure existing reports, and a link to +view generated reports. The configuration of reports vary by use case, but they contain the same +elements. The layout and elements of a report are configured using the +[Report Configuration Wizard](/docs/accessanalyzer/11.6/admin/report/wizard/overview.md). + +In addition, there are various ways to view and interact with generated reports. Generated reports +can be viewed in the Enterprise Auditor Console or in the Web Console. Reports can also be +configured to be downloaded as a CSV file, or sent as an email in various forms. See the +[Viewing Generated Reports](/docs/accessanalyzer/11.6/admin/report/view.md) +topic for additional information. + +The global settings configured under the Settings node are inherited down through the Jobs tree to +the job unless inheritance is broken in a job group’s Settings node, a job’s Properties window, or +in the Report Configuration Wizard. See the +[Reporting](/docs/accessanalyzer/11.6/admin/settings/reporting.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/report/tags.md b/docs/accessanalyzer/11.6/admin/report/tags.md new file mode 100644 index 0000000000..a0ea4c11c4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/tags.md @@ -0,0 +1,98 @@ +# Tags + +Tags can be added to reports to describe the content of the report and use cases for the report. For +example, tags can be included in a report to show the compliance frameworks to which the report +maps. To view tags or click on tag links, reports must be viewed in the Web Console. Tags are not +supported in reports in the Jobs tree. + +![Web Console Home Page](/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolehome.webp) + +If Reports from solutions that have been run have tags added to them, those tags can be found under +the Tags tab in the Navigation section on the right-hand side of the Published Reports homepage. + +| ![Tags tab on Web Console homepage](/img/product_docs/accessanalyzer/11.6/admin/report/tagstab.webp) | ![Priviliged Accounts tag page](/img/product_docs/accessanalyzer/11.6/admin/report/privilegedaccountstag.webp) | +| -------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | +| Privileged Accounts Tag on Published Reports homepage | Privileged Accounts Tag page | + +Click on a tag to view all reports that contain the selected tag. + +![Job Group view in the Web Console](/img/product_docs/accessanalyzer/11.6/admin/report/jobgroupview.webp) + +Clicking on a job group in the Published Reports menu displays the reports contained in that job +group. Jobs within that job group that have tags are identified with a tag icon along with the tag +name. + +![Report header](/img/product_docs/accessanalyzer/11.6/admin/report/reportheader.webp) + +When viewing a report in either the Web Console or the Enterprise Auditor console, tags are +displayed below the report title. Click on a tag to view all reports that contain that tag. If the +tag is selected from the Reports view in the Enterprise Auditor Console, the Published Reports Web +Console opens and direct users to the tag page. + +## Default Tags in Reports + +The following sections list out of the box reports that contain each tag. The tags are: + +### Open Access + +The Open Access tag is included in the following reports: + +- Active Directory Permissions Analyzer > 5.Open Access > AD_OpenAccess > Open Access by Domain +- Exchange > 4. Mailboxes > Permissions > EX_MailboxAccess > Incorrect Default and Anon Permissions +- SharePoint > 2.High Risk Sites >ALL REPORTS +- FileSystem > 1.Open Access > FS_OpenAccess > ALL REPORTS +- SQL > 5.Permissions > SQL_PublicPermissions > Public Permissions +- Oracle > 5.Permissions > Oracle_PublicPermissions > Public Permissions + +### Sensitive Data + +The Sensitive Data tag is included in the following reports: + +- Dropbox > 5.Sensitive Data > Dropbox SensitiveData > ALL REPORTS +- Exchange > 7. Sensitive Data > EX_SDDResults > ALL REPORTS +- FileSystem > 7.Sensitive Data > FS_DLPResults > ALL REPORTS +- Oracle > 7.Sensitive Data > Oracle_SensitiveData > ALL REPORTS +- SharePoint > 7.Sensitive Data Discovery > SP_SensitiveData > ALL REPORTS +- SQL > 7.Sensitive Data > SQL_SensitiveData > ALL REPORTS + +### Stale Data + +The Stale Data tag is included in the following reports: + +- Dropbox > 4.Content >Dropbox_Content > Stale Data +- Exchange > 4. Mailboxes > Sizing >EX_StaleMailboxes > Stale Users +- FileSystem > 4.Content > Stale > FS_StaleContent > Shares with Stale Content +- SharePoint > 4.Content > SP_StaleFiles > Stale Files +- Box > 2.Content > Box_FileMetrics > Files by User +- Box > 2.Content > Box_FileMetrics > Files by Extension + +### Stale Principals + +The Stale Principals tag is included in the following reports: + +- Active Directory > 2.Users > AD_StaleUsers > Stale Users +- Active Directory > 1.Groups > AD_StaleGroups > Stale Effective Membership +- Entra ID > 1.Groups > AAD_StaleGroups +- Entra ID > 2.Users > AAD_StaleUsers +- Oracle > 3.Users and Roles >Oracle_Users +- SQL > 3.Users and Roles > SQL_DatabasePrincipals + +### Security Assessment + +The Security Assessment tag is included in the following reports: + +- Active Directory > AD_SecurityAssessment > AD Security Assessment +- FileSystem > FS_SecurityAssessment > Security Assessment +- Windows > SG_SecurityAssessment > Systems Security Assessment +- SQL > SQL_SecurityAssessment > SQL Security Assessment +- Oracle > Oracle_SecurityAssessment > Oracle Security Assessment + +### Privileged Access + +The Privileged Access tag is included in the following reports: + +- Active Directory > 2.Users > AD_ServiceAccounts > Service Accounts +- Windows > Privileged Accounts > Local Administrators > SG_LocalAdmins > Local Administrators +- Unix > 2.Privileged Access > Sudoers > UX_Sudoers > Sudo Rights by Host +- Active Directory > 1.Groups > AD_SensitiveSecurityGroups > Sensitive Security Group Membership +- Shadow Access (when added) diff --git a/docs/accessanalyzer/11.6/admin/report/view.md b/docs/accessanalyzer/11.6/admin/report/view.md new file mode 100644 index 0000000000..8679a81cf7 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/view.md @@ -0,0 +1,54 @@ +# Viewing Generated Reports + +Reports can be viewed either in the Enterprise Auditor Console in the Results Node of the related +job, or published reports can be viewed in the Web Console. + +- [Results Node](#results-node) – All reports generated by a job are always accessible under the + job’s Results node +- [Web Console](#web-console) – All published reports generated by all jobs appear in the Published + Reports Web Console + +## Results Node + +Each job contains a results node where reports generated by that job can be viewed. Even if the +report is unpublished, the report is still displayed here. + +![Report in the Results node](/img/product_docs/accessanalyzer/11.6/admin/report/viewresultsnode.webp) + +Select the desired report to be viewed. The report displays in the Results pane of the console. + +![Access report from configure page](/img/product_docs/accessanalyzer/11.6/admin/report/viewconfigure.webp) + +You can also access the report from the **Configure** > **Reports** page for the job. Click the +report title to view the report. + +## Web Console + +The most common place to view reports is the Web Console. For information on how to access the Web +Console, see the +[Log into the Web Console](/docs/accessanalyzer/11.6/install/application/reports/overview.md#log-into-the-web-console) +topic. + +![Web Console Home page](/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolehome.webp) + +On the home page of the Web Console, select a solution to view a list of all published reports for +that solution’s job group. This list includes reports with changed Publish Path locations. + +![Web Console .Active Directory Inventory](/img/product_docs/accessanalyzer/11.6/admin/report/webconsolesolutioninventory.webp) + +Clicking a report name link opens the selected report, or navigate through the folders to select a +report. + +From within the Web Console, reports cannot be edited or deleted. However, the interactive grid +functions are enabled. See the +[Interactive Grids](/docs/accessanalyzer/11.6/admin/report/interactivegrids/overview.md) +topic for additional information. An additional feature available within the Web Console is the +option to download data as a CSV file, which can be enabled for grid elements. This exports the data +within tables, both interactive grid and plain HTML tables. See the +[Grid](/docs/accessanalyzer/11.6/admin/report/wizard/widgets.md#grid) +topic for additional information. + +**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See +the +[Configure JavaScript Settings for the Web Console](/docs/accessanalyzer/11.6/admin/settings/reporting.md#configure-javascript-settings-for-the-web-console) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/report/wizard/authoring.md b/docs/accessanalyzer/11.6/admin/report/wizard/authoring.md new file mode 100644 index 0000000000..6bf19f0851 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/wizard/authoring.md @@ -0,0 +1,65 @@ +# Authoring Page + +On the Authoring page of the Report Configuration wizard, you can configure the name, header +information, and publish settings for the report. + +![Report Configuration wizard Authoring page](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/authoring.webp) + +Configure the following settings as required: + +![name](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/name.webp) + +- Name – The name used for the report in the Enterprise Auditor console and Web Console. + +Header Options + +![header](/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/header.webp) + +- Title – The title of the report as displayed at the top of the generated report +- Author – Name of the person or group who created the report. This is displayed at the top of the + generated report. +- Tags – Use the tag editor to add and remove tags, see the + [Add Tags to a Report](#add-tags-to-a-report) topic below for more information. Tags are displayed + in the header of the generated reported. +- Description – A description of the report content. It is displayed beneath the report Title in the + generated report. + +Publish Options + +- Publish Report – Select an option to configure if the report should be published to the Web + Console when it is generated. + - Use default setting – Applies the Global report settings, or the settings configured at the + job group or job levels if inheritance has been broken. (See the + [Publish Option](/docs/accessanalyzer/11.6/admin/settings/reporting.md#publish-option), + [Reporting Node](/docs/accessanalyzer/11.6/admin/jobs/group/reporting.md), + and + [Report Settings Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.md) + topics for additional information.) + - Publish report – Select this option to publish the report + - Do not publish report – Select this option to not publish the report +- Publish State – Shows the current publish state of the report. If the report is already published, + you can click the link to open the report in the Web Console. + +## Add Tags to a Report + +You can add tags to reports to describe the content and use cases of the report (see the +[Tags](/docs/accessanalyzer/11.6/admin/report/tags.md) topic for +additional information). The Tag Editor allows you to select the tags for a report, including +creating new ones to select. + +Follow the steps to select tags using the Tag Editor. + +**Step 1 –** On the Authoring page of the Report Configuration wizard, click the **Edit** button +located next to the Tags text box. + +![Tag Editor](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/tageditor.webp) + +**Step 2 –** In the Tag editor, select the checkbox next to the tags that should be applied to the +report. + +- In addition to selecting existing tags, you can also add new tags to be selected. To create a tag, + enter the desired tag name in the text box and click **Add**. + +**Step 3 –** Click **OK**. + +The selected tags are now shown in the Tags field as a comma separated list. diff --git a/docs/accessanalyzer/11.6/admin/report/wizard/email.md b/docs/accessanalyzer/11.6/admin/report/wizard/email.md new file mode 100644 index 0000000000..4657ab5ad8 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/wizard/email.md @@ -0,0 +1,55 @@ +# E-mail Page + +The E-mail page of the Report Configuration wizard gives you the option to break inheritance and +select report specific settings for emailing the report. + +![Report Configuration wizard E-mail page](/img/product_docs/accessanalyzer/11.6/admin/settings/email.webp) + +The default setting for new and included reports is **Use default setting**, which keeps the +inheritance from the global, job group, or job settings (see the +[Email Report Options](/docs/accessanalyzer/11.6/admin/settings/reporting.md#email-report-options), +[Reporting Node](/docs/accessanalyzer/11.6/admin/jobs/group/reporting.md), +and +[Report Settings Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.md) +topics for additional information). If you want to keep the default, then you can skip this page of +the wizard by clicking **Next**. + +**NOTE:** In order for reports to be emailed, the SMTP server information must be configured in the +**Settings** > **Notification** node. See the +[Notification](/docs/accessanalyzer/11.6/admin/settings/notification.md) +topic for additional information. + +To configure the setting for the report, use the Settings drop-down menu to select one of the +following options: + +- Use default setting – The default option. Applies the Global notification settings, or whatever + settings have been configured at the job group or job levels if inheritance has been broken. If + **Email this report** is enabled by default, then using this option sends the report to the + recipients configured at the parent level where the inheritance begins. +- Email this report – Select this option if you want to email the report and the inherited setting + is **Do not email this report**, or if you want to configure specific email settings for the + report. If it is selected, you must then configure the additional fields below. +- Do not email this report – Select this option to not email the report + +![Settings configured to email the report](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/emailconfigured.webp) + +If the **Email this report** setting is selected, then the following fields are enabled for you to +configure: + +- Format – Select the format of the report to be contained in the email. + - Web Link – Sends an email notice that the report has been published and provides the recipient + with a link to it in the Web console + - Embedded HTML – Sends the report embedded inside the email using HTML format + - Data Tables as CSV (No Charts) – Attaches the complete data set (as configured within the + report, without row limit) to an email as a CSV file, excluding any charts + - PDF – Attaches the report to an email as a PDF file +- Subject – The subject line of the e-mail. By default it is + `Netwrix Enterprise Auditor Report: [ReportName]`, with the `[ReportName]`variable being + automatically populated. +- Send-To / Send-Cc / Send-Bcc – Enter the email addresses of the required recipients for the email + notification. Use a semicolon (;) to separate multiple recipients. +- Do not e-mail this report if blank – Select this checkbox to not email the report if all elements + of it are blank when it is generated + - A blank report can occur if there is an error in data collection or if the report is + configured for data which might not always be present (for example, new computer objects + created since last scan) diff --git a/docs/accessanalyzer/11.6/admin/report/wizard/layout.md b/docs/accessanalyzer/11.6/admin/report/wizard/layout.md new file mode 100644 index 0000000000..ee7f35e80c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/wizard/layout.md @@ -0,0 +1,31 @@ +# Layout Page + +The Layout page allows you to configure the layout of the report's content. + +![layout](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/layout.webp) + +Follow the steps to select the layout: + +**Step 1 –** Click the **Select the number of rows** drop-down menu and select an option from: 1 +row, 2 rows, or 3 rows. + +**Step 2 –** Click on the layout tile you want for the report. + +The layout for the report has been selected. Each box on the selected tile corresponds to a separate +widget that you next need to configure on the +[Widgets Page](/docs/accessanalyzer/11.6/admin/report/wizard/widgets.md) +page of the Report Configuration wizard. + +## Element Downgrade Editor + +If you are editing an existing report and you select a layout that has fewer elements than the +number of already configured widgets, then the Element Downgrade Editor automatically displays. + +![Element Downgrade Editor](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/elementdowngradeeditor.webp) + +The maximum number of elements allowed by the correctly selected layout is specified at the top of +the editor. Select the checkboxes next to the title of all the configured widgets you want to keep +up to this limit, then click **OK**. Any widgets not selected will be removed from the report. + +**NOTE:** You can click **Cancel** to return to the layout page to select a different layout with +more elements. diff --git a/docs/accessanalyzer/11.6/admin/report/wizard/overview.md b/docs/accessanalyzer/11.6/admin/report/wizard/overview.md new file mode 100644 index 0000000000..a20402f180 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/wizard/overview.md @@ -0,0 +1,46 @@ +# Report Configuration Wizard + +You can use the Report Configuration Wizard to configure reports. The wizard can be launched for an +existing report or when creating a new report. See the +[Creating a Report](/docs/accessanalyzer/11.6/admin/report/create.md) +and +[Editing Existing Reports](/docs/accessanalyzer/11.6/admin/report/edit.md) +topics for additional information. + +Follow the steps to configure a report using the wizard. + +**NOTE:** Skip any sections or pages that do not require changes to the existing configuration. + +**Step 1 –** Create a new report or open the Report Configuration wizard for an existing report. + +**Step 2 –** Configure the settings on the +[Authoring Page](/docs/accessanalyzer/11.6/admin/report/wizard/authoring.md) +page. These include Name, Header information, and publish settings. Click **Next**. + +**Step 3 –** On the +[E-mail Page](/docs/accessanalyzer/11.6/admin/report/wizard/email.md) +page, use the inherited settings or configure report specific settings. Click **Next**. + +**Step 4 –** The +[Publish Security Page](/docs/accessanalyzer/11.6/admin/report/wizard/publishsecurity.md) +page is only enabled if role-based access is configured for the Enterprise Auditor console. On this +page you can view and configure accounts with permissions to view the report. If you are not using +role-based access, you can skip this page. Click **Next**. + +**Step 5 –** On the +[Layout Page](/docs/accessanalyzer/11.6/admin/report/wizard/layout.md) +page, select the number of rows using the dropdown menu. Then select the desired pre-defined layout +from the options displayed. Click **Next**. + +**Step 6 –** On the +[Widgets Page](/docs/accessanalyzer/11.6/admin/report/wizard/widgets.md) +page, configure widgets for each element of the layout. + +**Step 7 –** Click **Finish** to save your changes. + +- If you do not want to save your changes or have not made any changes, click **Cancel** on any page + to exit the wizard without saving your changes. + +Your configuration has been saved. For information on how to view your report, see the +[Viewing Generated Reports](/docs/accessanalyzer/11.6/admin/report/view.md) +topic. diff --git a/docs/accessanalyzer/11.6/admin/report/wizard/publishsecurity.md b/docs/accessanalyzer/11.6/admin/report/wizard/publishsecurity.md new file mode 100644 index 0000000000..7a2513ca70 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/wizard/publishsecurity.md @@ -0,0 +1,35 @@ +# Publish Security Page + +The Publish Security page of the Report Configuration wizard contains the account names of users +with inherited permissions to view the generated report. + +**NOTE:** This page is only enabled if Role Based Access is configured for the Enterprise Auditor +Console. See the +[Role Based Access](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md) +topic for additional information. + +![Publish Security page](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/publishsecurity.webp) + +Roles assigned at the global level are inherited down to the report configuration. Additional report +viewer privileges can also be added at the job group or job levels. + +De-select the Include Report Reviewers from this object's parent checkbox to remove all inherited +accounts with the Report Viewer role. + +You can add additional users, groups, and service accounts with the Report Viewer role at the Report +level. This gives them the permission to view the specific report in the Web Console. Follow the +steps to add an account. + +**Step 1 –** Click **Add**. + +![Select User, Service Account, or Group window](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/addreportviewer.webp) + +**Step 2 –** On the Select User, Service Account or Group window, select the desired account and +then click **OK**. + +![Report Viewer user added in wizard](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/reportviewer.webp) + +The selected account is added to the list with a Role of Report Viewer. + +**NOTE:** The permission for accounts that are not Inherited can also be removed using the wizard. +To remove an account, select it and then click **Remove**. diff --git a/docs/accessanalyzer/11.6/admin/report/wizard/widgets.md b/docs/accessanalyzer/11.6/admin/report/wizard/widgets.md new file mode 100644 index 0000000000..6e886653ca --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/report/wizard/widgets.md @@ -0,0 +1,312 @@ +# Widgets Page + +The Widgets page of the Report Configuration wizard allows you to configure the tables, charts, and +text that form the report. + +![Widgets page](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgets.webp) + +At the top of the page the selected layout is described. The table contains the available element +locations where widgets need to be configured. + +![Configure widgets](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetsconfigure.webp) + +To add a new widget to an empty element, click **Configure** and select the desired widget type from +the drop-down menu. The following widgets are available: + +- [Grid](#grid) +- [Chart](#chart) +- [Text](#text) + +The editor for the selected widget opens. See the relevant section below for information about +configuring it. + +![Table with configured widgets](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetsconfigured.webp) + +For configured widgets the table shows the title, type, and data source. You can perform the +following actions by selecting a row and clicking the relevant button: + +- Configure – Opens the editor for the configured widget +- Clear – Deletes the configured widget from the selected element +- Up / Down – Moves the widget up or down to the next element of the selected layout. If another + widget is already configured in the element you are moving it to, the two widgets exchange places. + +## Grid + +The Grid widget type allows you to configure a table to be displayed on generated reports. + +![Grid configuration window](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgrid.webp) + +### Options + +The Options section allows you to configure the title and data source for the Grid element. + +![Options section](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgridoptions.webp) + +The section contains the following options: + +- Element Title – Enter a title for the element in the text box. This will be displayed in the + element's header on the generated report. + +DataSource Options + +In order to generate results, a location must first be selected as the source of the data. + +- Table – Use the drop-down to select the required data source. The drop-down contains the list of + jobs within Enterprise Auditor that have been executed. +- Current job only – Select this checkbox to only display data from the current job. This option is + selected by default. +- Include all SA nodes data – Select this checkbox to display data from all Enterprise Auditor data + tables +- Show Historical Data – If there is historical data, selecting this option displays all + collections. It is keyed off of the Job Runtime column. +- Limit maximum number of displayed rows to [number] – Limits the number of rows of data displayed + to less than or equal to the number chosen. By default it is set to **1000**. + + **NOTE:** Limits that are larger than the default may slow down the run time. + +Export CSV Options + +You can configure the table to allow the data to be exported as a CSV file. + +- Export table data as CSV – Select this option to enable a report’s table section to be exportable + as a CSV file from the generated report + - When it is configured, you can click the **All Data** button on the table section of the + report to save the report as a CSV file. See the + [Interactive Grids](/docs/accessanalyzer/11.6/admin/report/interactivegrids/overview.md) + topic for more information. +- Rows – Limits the amount of rows exported to the CSV file. The default is **Visible**. + - Visible – Only includes the amount of rows set by the **Limit Maximum number of displayed rows + to** option in the DataSource Options section + - All – Includes all rows of the data set +- Columns – Limits the amount of columns exported to the CSV file. The default is **Visible**. + - Visible – Only exports the visible columns (excludes any columns removed using the Column + Chooser) + - All – Includes all columns, including those in the Column Chooser + +### Table Properties + +The Table Properties section allows you to configure the display features of the grid. + +![Table Properties section](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgridtableproperties.webp) + +There are two types of grid displays: + +- Interactive grid – Allows the viewer to interact with the table in the generated report. See the + [Interactive Grids](/docs/accessanalyzer/11.6/admin/report/interactivegrids/overview.md) + topic for additional information. +- Non Interactive grid – Creates a report with fixed settings and stationary elements. This option + disables all the fields within the Table Properties section. + + **NOTE:** In order to view user configured Grouping in emailed reports, the report must be + emailed as a **Non Interactive Grid**. + +The following settings are available when Interactive grid is selected: + +Grid Properties + +- Treat interactive grid contents as plain text (not HTML) – Enables interactive grid functionality. + This option is selected by default. +- Enable Paging – Enables Paging in reports. Paging allows users to interact with large sets of data + more efficiently when viewing, filtering, and sorting generated report tables by limiting the + amount of data being displayed at a given time. Paging is enabled by default. See the + [Paging](/docs/accessanalyzer/11.6/admin/report/interactivegrids/paging.md) + topic for additional information. + +Column Properties + +- Group Column – Arranges the table to be grouped by the attributes of the selected column + + **NOTE:** Paging and grouping are not compatible. When Paging is enabled, the Grouping options + are disabled in the Table Properties section and in the generated report. + +- Enum Column – Groups the data in tables based on the selected column +- Color Column – Colors a column data displayed on the report’s table section +- Icon Column – Creates an icon that appears next to column name on the report’s table section +- Path Column – Creates a column that displays the attack path within the report + +### Data + +The selected data for the table is shown in the section at the bottom of the window. This section +allows you to configure the data to be displayed in the table. + +![Data display](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgriddata.webp) + +The buttons above the column names provide you options for configuring the table arrangement. + +- Clear Sorting – Restores columns to the default placement +- Column Chooser – Opens a pane where you can remove unwanted columns or add hidden columns +- Filter Editor – Opens the Filter Editor which allows you to add custom filters with conditional + statements and logical connectives +- Best Fit (all columns) –  Adjusts the width of the columns to display all the data within the + cells + +## Chart + +Chart widgets allow you to create various chart types to represent data. A Chart Section can only +display one chart type at a time. + +![Chart configuration window](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchart.webp) + +### Options + +The Options section allows you to configure the title and data source for the Chart element. + +![Chart Options](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartoptions.webp) + +The section contains the following options: + +- Element Title – Enter a title for the element in the text box. This will be displayed in the + element's header on the generated report. + +DataSource Options + +In order to generate results, a location must first be selected as the source of the data. + +- Table – Use the drop-down to select the required data source. The drop-down contains the list of + jobs within Enterprise Auditor that have been executed. +- Current job only – Select this checkbox to only display data from the current job. This option is + selected by default. +- Include all SA nodes data – Select this checkbox to display data from all Enterprise Auditor data + tables +- Show Historical Data – If there is historical data, selecting this option displays all + collections. It is keyed off of the Job Runtime column. +- Limit maximum number of displayed rows to [number] – Limits the number of rows of data displayed + to less than or equal to the number chosen. By default it is set to **1000**. + + **NOTE:** Limits that are larger than the default may slow down the run time. + +### Chart Properties + +The Chart Properties section allows you to select the type of chart you want to create. + +![Chart Properties](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartproperties.webp) + +The following options are the available in the Chart Properties: + +- Chart Type – Select from the following chart types: + + - Area – Shaded region beneath line to indicate a group’s proportion within a column + - Bar – Horizontal rectangles that represent discrete units of measurement + - Column – Vertical bar chart + - Line – Vertical line chart + - Pie – Circular statistical graphic that demonstrates numerical proportion. First grouped + column can be numeric or string, but the second column should always be numeric. + - Stacked – Consolidated bar chart for comparing values + + **NOTE:** Negative numbers cannot be plotted. + +- Show Data Labels – Displays the column name for each section within a chart +- Enum Column – Groups the data in chart by the selected column name +- Assign color for pie slice – Available only for pie charts. Allow you to customize the color for + each slice. Select the column header name from the drop-down menu, then use the color selector + window to choose the desired color. + +### Link + +The Link option allows you to add a hyperlink to the report to connect to other reports. + +![Link Published Reports Tree](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartlink.webp) + +To add a link, click **Published Reports**. On the Published Report Tree window, select the required +report to link to and click **Ok**. + +### Data + +The table of data for the chart is displayed in the middle of the window. This table allows you to +customize the data that is to be shown in the chart. + +![Data table](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartdata.webp) + +The buttons above the column names provide you the following options for configuring the table +arrangement: + +- Filter Editor – Opens the Filter Editor which allows you to add custom filters with conditional + statements and logical connectives +- Best Fit (all columns) –  Adjusts the width of the columns to display all the data within the + cells + +You can group the table by a column by dragging the column header to the bar above the header row. +If grouping is already applied, you can right-click on the grouping bar to expand or collapse all +the groups, or clear the grouping. + +The pane to the right of the table allows you to filter which columns are displayed on the chart. +Select the checkbox next to the columns you want to include in the chart. + +### Chart Preview + +At the bottom of the page a preview of the currently configured chart is displayed. + +![Chart Preview](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartpreview.webp) + +## Text + +There are two types of text editor that allow you to configure a text element on a report. + +- Basic Text Editor – Provides basic functionality like font size and style. Works with HTML script. +- Advanced Text Editor – Provides advanced functionality like document formatting, inserting tables, + and adding hyperlinks + +![Text Editor selection window](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/texteditorselection.webp) + +When you first configure a new text element, a dialog displays allowing you to select the type of +Text Editor. On this dialog, select either the Basic or Advanced Text Editor and click **Open +Editor**. The selected editor then opens. + +**NOTE:** Once a Text Editor is selected for a Text element, it cannot be changed. + +### Basic Text Editor + +![Basic Text Editor](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/basictexteditor.webp) + +The Basic Text Editor has the following options: + +- Element Title – Enter a title for the element in the text box. This will be displayed in the + element's header on the generated report. +- Editor / Preview tabs – You can switch between the Editor and Preview tabs. The Editor tab allows + you to edit the text and apply formatting. The Preview tab shows you how the formatted text will + look in the generated report.. +- Convert Carriage Returns to HTML – This checkbox is selected by default. When selected, text + displays on a new line in the generated output where a carriage return has been used. If it is not + selected, the text continues on the same line. + +The icons listed in the table below are available in the Basic Editor (and Advanced Editor) to +provide basic editing options for text entries. + +| Icon | Description | +| ------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | +| ![Undo](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/undo.webp) | Undo a change to the text | +| ![Redo](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/redo.webp) | Redo a change to the text | +| ![Paste](/img/product_docs/accessanalyzer/11.6/admin/navigate/paste.webp) | Paste the contents of the clipboard | +| ![Paste Special](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/pastespecial.webp) | Paste as either formatted text, unformatted text, or metafile | +| ![Cut](/img/product_docs/accessanalyzer/11.6/admin/navigate/cut.webp) | Cut the selected text and put it on the clipboard | +| ![Find](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/find.webp) | Find and replace specified text | +| ![Font](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/font.webp) | Change the font face | +| ![Font Size](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/fontsize.webp) | Change the font size | + +### Advanced Text Editor + +![Advanced Text Editor](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/advancedtexteditor.webp) + +The Advanced Text Editor has the following options: + +- Element Title – Enter a title for the element in the text box. This will be displayed in the + element's header on the generated report. +- Editor / Preview tabs – You can switch between the Editor and Preview tabs. The Editor tab allows + you to edit the text and apply formatting. The Preview tab shows you how the formatted text will + look in the generated report.. + +The Advanced Editor contains all the icons from the Basic Editor, see above. In addition to these, +it has the icons with higher level editing options for text entries that are listed in the table +below. + +| Icon | Description | +| ----------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------- | +| ![Bold](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/bold.webp) | Makes the selected text bold | +| ![Italic](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/italic.webp) | Italicize the selected text | +| ![Decrease Indent](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/decreaseindent.webp) | Decrease the indent level of the paragraph | +| ![Increase Indent](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/increaseindent.webp) | Increase the indent level of the paragraph | +| ![Hyperlink](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/hyperlink.webp) | Create a link to a Web page, picture, email address, or program | +| ![Multilevel List](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/multilevel.webp) | Start a multilevel list | +| ![Numbering](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/numbering.webp) | Start a numbered list | +| ![Bullets](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/bullets.webp) | Start a bulleted list | +| ![Table](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/table.webp) | Insert a table | diff --git a/docs/accessanalyzer/11.6/admin/runninginstances/jobdetails.md b/docs/accessanalyzer/11.6/admin/runninginstances/jobdetails.md new file mode 100644 index 0000000000..d369ac42f4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/runninginstances/jobdetails.md @@ -0,0 +1,85 @@ +# Running Job Details + +Both the Process ID and the View Details links open the running job's Details page. The path of the +job and the component are displayed at the top. + +- Path – Folder path in the Jobs directory. For example, + `Jobs\GROUP_.Active Directory Inventory\JOB_3-AD_Exceptions`. + + - The link opens the job’s directory in a Windows Explorer window + +- Status – While the job is running, this field displays the component that is running. When the job + has completed execution, it displays a completed status and lists the completion time. + + - Job configuration components include Query, Data Analysis, Action, and Report + +There are three tabs: Current, History, and Queued Jobs. + +## Current Tab + +The **Current** tab displays information on the job actively being executed. + +![Current tab](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailscurrent.webp) + +The tab includes: + +- Order – Order in which the tasks in the job are being run +- Host Name – Name of the targeted host, only visible when a query is executing +- Query – Name of the running query task, only visible when a query is executing +- Task Name – Name of the running task, when applicable to Data Analysis, Actions, or Reports. This + information is only visible when an analysis task or an action task are executing, or a report is + being generated. +- Status – Execution status, for example **Queued**, **Running**, **Success**, or **Warning**. +- Message – Enterprise Auditor message regarding runtime activity +- Runtime – Duration of task execution +- Stop – Aborts all currently running instances + +## History Tab + +The History tab only displays information for the last job that completed. + +![History tab](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailshistory.webp) + +The tab includes: + +- Order – Order in which the tasks within the job ran +- Task Type – Name of the component associated to the task +- Task Name – Name of the task +- Host Name – Name of the targeted host associated with the running job, if any +- Status – Status of the completed task +- Message – Enterprise Auditor message associated to the **Status** +- Runtime – Duration of task execution + +### Messages + +In the bottom pane, the History tab includes a section to display any messages for individual job +components returned from a job execution. Clicking a Task Name displays the messages for that +component. + +You can filter what messages display by using the three filters in the message pane. By clicking on +a filter arrow in the column header and selecting an available option, you can filter by Time, Type, +or Message. + +![Custom Filter window](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailshistorycustomfilter.webp) + +If you select Custom, you can create a complex filter. See the +[Custom Filter](/docs/accessanalyzer/11.6/admin/navigate/datagrid.md#custom-filter) +topic for additional information. + +## Queued Jobs Tab + +The Queued Jobs tab displays a list of jobs in queue and the order in which they are executed. + +![Queued Jobs tab](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailsqueuedjobs.webp) + +The tab includes: + +- Order – Order in which the queued jobs are executed. This order can be changed on the Queued Jobs + tab by using the buttons at the bottom. +- Job Path – Folder path in Jobs directory +- State – Queue status, for example **Running** or  **Waiting** +- Connection Profile – The Connection Profile assigned to the job, if applicable +- Host Lists – The host list assigned to the job, if applicable + +The **Move Up**, **Move Down**, and **Remove** buttons are for changing the order or removing a job +from the queue. diff --git a/docs/accessanalyzer/11.6/admin/runninginstances/overview.md b/docs/accessanalyzer/11.6/admin/runninginstances/overview.md new file mode 100644 index 0000000000..21fcd5cacb --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/runninginstances/overview.md @@ -0,0 +1,131 @@ +# Running Instances Node + +The Running Instances node displays progress for all running jobs. This includes jobs that are run +by a scheduled task, interactively within the open Enterprise Auditor instance, or interactively in +any other running instance of Enterprise Auditor. The Running Instances node displays the instance +name, its status and position in the queue, run times for all instances, and detailed views of each +instance. + +![Running Instances node Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +This is the primary view of the Running Instances node that displays the progress of all jobs +running. + +## Overview + +The Overview page displays information about all running jobs on the current server. + +![Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overview.webp) + +For each instance this screen provides : + +- Job path +- Credential used +- Running time of the job +- Status of the running job +- Number of jobs scheduled in queue + +It also has hyperlinks for: + +- Process ID +- Host Name +- Connection Profile +- View Details +- View Log +- Stop +- View Schedule + +Clicking on any of the hyperlinks displays more information about the running job. The +**ProcessID**, **View Details, View Log**, and **Stop** links only work while the job is running. +Once the job is complete, these links are disabled. The host and Connection Profile links continue +to work. The **View Schedule** link only displays and is valid for jobs that are running via a +scheduled task and is not enabled for interactive job executions. + +![Number of jobs running on bottom bar](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewbottombar.webp) + +The number of jobs currently being run can be found in the lower-left-hand corner of the Enterprise +Auditor Console. + +## View Host + +This view identifies the host list associated with the running job. + +![Host list link](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewhost.webp) + +Click the host list link to display the hosts assigned to the running job. + +![Host list in Host Management node](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewhostlist.webp) + +This view displays the host list table with host inventory data. + +## Process ID + +The Process ID correlates to the Process ID of the running instance of Enterprise Auditor in Task +Manager. In addition, the Process ID comes coupled with the file path of associated scheduled tasks, +an identifier for the account running the current instance of Enterprise Auditor, and a timestamp +for the length of the instance. + +![Process ID link](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/processid.webp) + +Click the Process ID link for additional details of the job status and queue. + +![Job details page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetails.webp) + +The Process ID link displays a page with three tabs of information with details about the running +job. See the +[Running Job Details](/docs/accessanalyzer/11.6/admin/runninginstances/jobdetails.md) +topic for additional information. + +## View Details + +Additional details on the status of the tasks the job is running are available. + +![View Details link](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewdetails.webp) + +Click the **View Details** link to display additional details of the job status and queue. + +![Job details page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetails.webp) + +The View Details link opens the running job's details with three tabs of information. See the +[Running Job Details](/docs/accessanalyzer/11.6/admin/runninginstances/jobdetails.md) +topic for additional information. + +## View Log + +The log for this running job can be opened in a text editor, such as Notepad. + +![View Log link](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewlog.webp) + +Click **View Log** to display the current job log. The View Log link is only enabled while a job is +running. + +![Log file in Notepad](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/logfile.webp) + +The Log displays such details as errors, aborts, and terminations. + +## View Schedule + +The Enterprise Auditor Console can only run one job at a time. However, with the Schedule Service +Account, the StealthAUDIT application can run multiple jobs simultaneously via Windows Task +Scheduler. + +![View Schedule link](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewschedule.webp) + +Click the **View Schedule** link to display the corresponding Scheduled Task for the running job or +job group. This link is only enabled for jobs that are running via scheduled task and will not be +enabled for interactive job executions. + +![Schedule wizard](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/schedulewizard.webp) + +The Schedule wizard for the running task opens. See the +[Schedule Wizard](/docs/accessanalyzer/11.6/admin/schedule/wizard.md) topic +for additional information. + +## Stop + +The job execution can be stopped if needed. + +![Stop button](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/stop.webp) + +Click **Stop** to abort all instances in the job queue. This link is only enabled while a job is +running. diff --git a/docs/accessanalyzer/11.6/admin/schedule/overview.md b/docs/accessanalyzer/11.6/admin/schedule/overview.md new file mode 100644 index 0000000000..e69f29bf66 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/schedule/overview.md @@ -0,0 +1,41 @@ +# Schedules + +The Enterprise Auditor Console can only run one task at a time. However, with the Schedule Service +Account, the Enterprise Auditor application can run multiple tasks simultaneously. See the +[Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) +topic for information on configuring the Schedule Service Account. + +The following tasks can be scheduled: + +- Job or Job Group – Schedule jobs to run at the job or job group level. See the + [Schedule Jobs](#schedule-jobs) topic for additional information. +- Host Discovery Query – Schedule Host Discovery queries from the Host Discovery node. See the + [Host Discovery Queries Activities Pane](/docs/accessanalyzer/11.6/admin/hostdiscovery/activities.md) + topic for additional information. +- Host Inventory Query – Schedule Host Inventory queries from within the Host Management node. See + the + [Schedule (Activities Pane Option)](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedule.md) + topic for additional information. + +## Schedule Jobs + +Jobs can be scheduled at the job group or job level. + +![Schedule option from Job Tree](/img/product_docs/accessanalyzer/11.6/admin/schedule/jobtree.webp) + +Select the desired job group or job. Right-click on the node and select **Schedule** to open the +Schedule wizard. + +![Schedule Job wizard](/img/product_docs/accessanalyzer/11.6/admin/settings/schedule.webp) + +The Schedule wizard has five pages with options for setting up the schedule task: + +- Schedule +- Host List +- Connection +- Run as +- Options + +See the +[Schedule Wizard](/docs/accessanalyzer/11.6/admin/schedule/wizard.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/schedule/wizard.md b/docs/accessanalyzer/11.6/admin/schedule/wizard.md new file mode 100644 index 0000000000..333179a584 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/schedule/wizard.md @@ -0,0 +1,139 @@ +# Schedule Wizard + +The schedule wizard allows you to configure scheduled tasks for jobs, job groups, Host Discovery +queries, and Host Inventory queries. The wizard has five wizard pages with options for setting up +the schedule task: + +- [Schedule](#schedule) +- [Host List](#host-list) +- [Connection](#connection) +- [Run As](#run-as) +- [Options](#options) + +On the Schedule page, click **New** to schedule when the task will run. The Host List and Connection +pages are optional customizations. See the relevant section below for more information on the +settings on each wizard page. + +When the settings on the wizard pages are configured as desired, click **OK** to save the changes +and close the window. The task is visible in the Schedule Actions view, at the Schedules node. + +## Schedule + +The Schedule page is for setting the schedule of when and how often the task will run. This tab +needs to be properly configured for every scheduled task. + +![Schedule wizard page](/img/product_docs/accessanalyzer/11.6/admin/settings/schedule.webp) + +The options on the Schedule page are: + +- New – Opens the Trigger window to create a trigger for when the selected task will run +- Edit – Edits the selected Trigger in the Schedule view +- Delete – Deletes the selected trigger + +![Trigger window](/img/product_docs/accessanalyzer/11.6/admin/schedule/triggerwindow.webp) + +The options in the Trigger window are: + +- Begin the task – Select when the scheduled task will execute from a list of options +- Settings Section – Select the time interval that the scheduled task will execute. Enterprise + Auditor pulls schedule frequency options from Windows Task Scheduler. The following options are + applicable for scheduling Enterprise Auditor tasks on the Schedule page: + + - For **One time** recurrence, set the Start time and date of the single execution + - For **Daily** recurrence, set the Start time and the daily interval of Recur every [value] + days + - For **Weekly** recurrence, set the Start time and the weekly interval of Recur every [value] + weeks on. Then select the days of the week for the execution. + - For **Monthly** recurrence, set the Start time. Then select either the monthly interval of + Days [value] of the month or the [value] [Day of the Week] of the month. By default, this is + set to recur every month. To select only specific months, use Months dropdown menu and + deselect the undesired months. + - The drop-down menu next to **Start** opens a calendar view for selecting the date + - Selecting the **Synchronize across time zones** checkbox will synchronize the scheduled task + to run without respect to the time zone + +The remaining schedule frequencies are supplied by Windows Task Scheduler and not applicable to +Enterprise Auditor task scheduling. See the Microsoft +[Task Scheduler Overview](https://technet.microsoft.com/en-us/library/cc721871.aspx) article for +additional information. + +![Trigger window Advanced settings](/img/product_docs/accessanalyzer/11.6/admin/schedule/triggerwindowadvancedsettings.webp) + +The options in the Advanced settings section are: + +- Stop task if it runs longer than – Create a threshold for when the task will stop if it runs + beyond a certain duration +- Enabled – If checked, the configurations made in the Trigger window will be enabled + +## Host List + +The Host List page identifies the host list the task being scheduled queries. Customizations to the +configuration of this tab is optional. + +![Host List wizard page](/img/product_docs/accessanalyzer/11.6/admin/schedule/hostlist.webp) + +Choose the desired setting from the following options: + +- Use Host list from Job – A default setting and applies the host list designated at the job or job + group level. This is also the recommended setting. +- Use Alternate Host List – Allows a host list to be selected from the list of Hosts Lists provided. + The list is from the Host Management host lists. + +Under the selection window, the number of selected hosts are identified. In addition, the **Select +All** and **Clear All** links provide for quick selection and deselection. + +## Connection + +The Connection page identifies the Connection Profile that is applied to the targeted hosts being +queried by the task being scheduled. Customizations to the configuration of this tab is optional. + +![Connection wizard page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoredhosts/add/connection.webp) + +Choose the desired setting from the following options: + +- Use Profile from Job – A default setting and applies the Connection Profile designated at the job + or job group level + + **_RECOMMENDED:_** In most cases, this is the recommended setting + +- Use the Windows account that the application is run with (System default) – Applies the account + used to open the Enterprise Auditor Console +- Use Alternate Profile – Allows a Connection Profile to be selected form the Profiles list + provided. The list is from the global **Settings** > **Connection** list of Connection Profiles. + +## Run As + +Select the Schedule Service account to run this task with on the Run as wizard page. To create or +edit Schedule Service accounts, go to the **Settings** > **Schedule** node. See the +[Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) +topic for additional information. + +![Run as wizard page](/img/product_docs/accessanalyzer/11.6/admin/schedule/runas.webp) + +The options on the Run as wizard page are: + +- Use default Schedule Service Account – Uses the default Schedule Service Account that is set at + the **Settings** > **Schedule** node +- Use selected Schedule Service Account – Select the Schedule Service Account to use for the task + from a list of available accounts in the drop-down menu +- Use Custom Credentials – Use custom credentials not stored in the Enterprise Auditor Console. + Enter the User Name for the custom credentials. + + - Change User – Click this button to open the Schedule Custom Credentials window and specify a + user name and password + - To update the password for an existing account, click the **Change User** button and enter a + new password + +## Options + +Configure additional options for the task on the Options wizard page. + +![Options wizard page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +The configurable options are: + +- Comments – Enter custom comments for the scheduled task +- Stop the task if it runs for – Create the threshold for when the scheduled task will stop if it + exceeds a configured duration +- Scheduled task is enabled – Selecting this checkbox will enable the scheduled task. Deselecting it + will disable the scheduled task. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/overview.md b/docs/accessanalyzer/11.6/admin/settings/access/overview.md new file mode 100644 index 0000000000..d1f2fcb262 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/overview.md @@ -0,0 +1,24 @@ +# Access + +Configure what applications, users, and groups have access to Enterprise Auditor using the Access +node + +![Access Window](/img/versioned_docs/directorymanager_11.0/directorymanager/admincenter/datasource/excel_-_one_drive.webp) + +The first type of access that can be granted is Role Based Access for a user or group accessing the +Enterprise Auditor Console. The second type of access grants access to an application accessing data +remotely through the Web Service using the REST API. See these sections for additional information: + +- [Role Based Access](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md) +- [Web Service REST API for Applications Accessing Data Remotely](/docs/accessanalyzer/11.6/admin/settings/access/restapi/overview.md) + +The Enterprise Auditor vault provides enhanced security through enhanced encryption to various +credentials stored by the Enterprise Auditor application. See the +[Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) +topic for additional information. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Roles view. These buttons +are enabled when modifications are made to the Roles global setting. + +Whenever changes are made at the global level, click **Save** and then **OK** to confirm the +changes. Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/restapi/assignappaccess.md b/docs/accessanalyzer/11.6/admin/settings/access/restapi/assignappaccess.md new file mode 100644 index 0000000000..74512af433 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/restapi/assignappaccess.md @@ -0,0 +1,58 @@ +# Assign Application Access through the Web Service + +An application can be assigned to access data remotely through the Web Service. Follow the steps to +assign roles in the Console. + +![Add Access option on Access page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/addaccess.webp) + +**Step 1 –** Navigate to **Settings** > **Access** and click **Add Access**. The Access Type wizard +opens. + +![Access Type page of the Access Role wizard](/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/accesstypeapplication.webp) + +**Step 2 –** Select the **An application accessing data remotely through Web Service** option. Click +**Next**. The Application Access window opens. + +![Application Access page of the Access Role Wizard](/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/applicationaccess.webp) + +**Step 3 –** The Application Access window displays a list of objects available in the database that +are available for access. Select the database objects the application will access and click **Add** +to open the Select database objects window. + +![Select database objects window](/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/selectdatabaseobjects.webp) + +**Step 4 –** Select the database objects to access and then click **OK** to return to the +Application Access page. + +- Selecting a parent node in the tree automatically selects all children in addition to the parent +- Selecting a child automatically selects the parent +- Deselecting a child when the parent is selected automatically puts the parent into an + indeterminate state +- Selecting any child puts the parent into an intermediate state + +Click Next to proceed. + +**NOTE:** Only select items that the application needs to access. Type in the **Filter objects by +name** box to filter the list of objects by the characters entered. + +![Application Details page of the Access Role Wizard](/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/applicationdetails.webp) + +**Step 5 –** On the Application Details page, define the name of the application and generate the +app token. + +- Application name – The name of the application accessing that data +- Access Expiration – The expiration for the client secret. Select an option for the desired access + expiration: + + - Access expires within – Select a time frame from the drop-down list. The default is 72 hours. + - Access expires on specified date – Select a date from the drop-down list + +- Generate – Click this button to generate the Client ID and Client secret +- Client ID – Copy the Client ID into the application accessing data remotely through the Web + Service +- Client secret – Copy the Client secret into the application accessing data remotely through the + Web Service + +**Step 6 –** Click **Finish** to confirm the changes. + +The application is added to the table on the Access page. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/restapi/getdata.md b/docs/accessanalyzer/11.6/admin/settings/access/restapi/getdata.md new file mode 100644 index 0000000000..bd0b2a4c2b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/restapi/getdata.md @@ -0,0 +1,31 @@ +# Use Access Token to Get Data from the Enterprise Auditor Endpoint + +Use the access token to call the API endpoints using PowerShell and retrieve data. The following +tables provide additional information on retrieving data. + +## ROWS + +This table provides information on how to call the REST API to retrieve data from a named table or +view definition. + +| | Description | +| ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| URL STRUCTURE | `/api/v1/data//rows` `/api/v1/data//rows` | +| DESCRIPTION | Allows the caller to retrieve data from a table or view. | +| METHOD | GET, POST | +| PARAMETERS | **object-name** – Required value that specifies the unique object name. **alias-name** – Required value that specifies the unique alias associated with the table, available as a more thoughtfully designed namespace. **jobRuntimeKey**(Optional) – The execution to retrieve information for. If this is omitted the latest report is provided. **filters** (Optional) – A filter to be applied prior to returning data, multiple filters are applied with `and` operators. If an array is specified for the value field for a filter, the filter returns any successful match from the array of values. String comparisons are case insensitive. A list of the available functions is below. Filter functions: - equals - not_equals - greater (greater_equal) - less (less_equal) - contains - starts_with **columns** (Optional) – A list of columns to be returned. When not specified all columns are returned. The columns specified by the **groupby** parameter should be omitted from this array. **groupby** (Optional) – A list of columns to group each row by, resulting in a JSON object that contains those keys followed by an array of entries. Sample JSON request: `{     jobRuntimeKey: "2018-11-05T13:15:30",     columns: [ "url", "trusteeName", "rights" ],     groupby: [ "hostName" ],     filters: [         {             column: "hostName",             function: "equals",             value: "ENGINEERING01",         },         {             column: "trusteeName",             function: "equals",             value: [ "Pete Smith", "Jake Roberts" ]         }     ] }` | +| RETURNS | A JSON array representation of the underlying table. Sample JSON response: `[     {         hostName: "ENGINEERING01",         groupItems: [             {                 url: "https://site/list",                 trusteeName: "Pete Smith",                 rights: "Read"             }         ]     } ]` | +| ERRORS | 400 One or more the parameters passed in are invalid. 404 The object requested does not exist. | + +## PROC + +This table provides information on how to call the REST API to execute a stored procedure. + +| | Description | +| ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| URL STRUCTURE | `/api/v1/data//proc` `/api/v1/data//proc` | +| DESCRIPTION | Allows the caller to execute stored procedure and retrieve data. | +| METHOD | POST | +| PARAMETERS | **object-name** – Required value that specifies the unique object name. **groupby**(Optional) – A list of columns to group each row by, resulting in a JSON object that contains those keys followed by an array of entries. The parameters passed in here are passed to the stored procedure untouched. Arrays are mapped to a user defined table type, currently only single value arrays are supported. Sample JSON request: `{     parameters: {         hostName: "SBNJENGINEERING01",         userName: "DOMAIN\\pete.smith",         files: [             { name: "puppets.xls" },             { name: "groups.pdf" }         ]     }     groupby: [ "HostName" ] }` | +| RETURNS | A JSON array representation of the underlying result data. Sample JSON request: `{     parameters: {         hostName: "SBNJENGINEERING01",         userName: "DOMAIN\\pete.smith",         files: [             { name: "puppets.xls" },             { name: "groups.pdf" }         ]     }     groupby: [ "HostName" ] }` | +| ERRORS | 400 One or more the parameters passed in are invalid. 404 The object requested does not exist. | diff --git a/docs/accessanalyzer/11.6/admin/settings/access/restapi/obtaintoken.md b/docs/accessanalyzer/11.6/admin/settings/access/restapi/obtaintoken.md new file mode 100644 index 0000000000..5eb2097048 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/restapi/obtaintoken.md @@ -0,0 +1,60 @@ +# Use the Client Credentials Grant to Obtain an Access Token + +An access token is a credential that can be used by an application to access an API. To obtain an +access token, the application accessing data remotely through the Web Service must connect to the +Enterprise Auditor token endpoint and use the Client ID and Client Secret to authenticate the access +request. This is done using the Client Credentials grant. The Client Credentials grant is used when +applications request an access token to access their own resources, not on behalf of a user. The +following request parameters should be used: + +- `grant_type` (required) – The `grant_type` parameter must be set to `client_credentials` +- `scope` (optional) – Your service may support different scopes for the client credentials grant + +The client must then be authenticated for the request. Typically, the service will allow either +additional request parameters, `client_ID` and `client_secret`, or accept those parameters in the +HTTP Basic auth header. + +The following example shows how to retrieve an access token: + +``` +POST /token HTTP/1.1 +Host: authorization-server.com +grant_type=client_credentials +&client_id=xxxxxxxxxx +&client_secret=xxxxxxxxxx +``` + +**_RECOMMENDED:_** Tokens contain sensitive information and should be stored securely. See the +Microsoft +[ConvertTo-SecureString](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/convertto-securestring?view=powershell-7.4) +article for additional information. + +If the token does not have the ability to perform this request, is invalid, or the specific resource +has been blocked from access remotely, an HTTP status code of 401 is returned. + +If the request for an access token is valid, the authorization server generates an access token and +returns it to the client. The following example shows a successful access token response: + +``` +HTTP/1.1 200 OK +Content-Type: application/json +Cache-Control: no-store +Pragma: no-cache  +{ +  "access_token":"MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3", +  "token_type":"bearer", +  "expires_in":3600, +  "refresh_token":"IwOGYzYTlmM2YxOTQ5MGE3YmNmMDFkNTVk", +  "scope":"create" +} +``` + +See the Okta +[Access Token Response](https://www.oauth.com/oauth2-servers/access-tokens/access-token-response/) +article for additional information on successful and unsuccessful responses to requests for access +tokens. + +The Client Secret expires after 72 hours. The access token expires after 1 hour after which time you +can request a refresh token. See the +[Use the Client Credentials to Grant a Refesh Token](/docs/accessanalyzer/11.6/admin/settings/access/restapi/refreshtoken.md) topic +for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/restapi/overview.md b/docs/accessanalyzer/11.6/admin/settings/access/restapi/overview.md new file mode 100644 index 0000000000..12b7b2ff3e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/restapi/overview.md @@ -0,0 +1,22 @@ +# Web Service REST API for Applications Accessing Data Remotely + +The Enterprise Auditor REST API is integrated into the Web Service as an endpoint using an OAuth 2.0 +client credentials grant for authentication and providing the following access role: + +- Read-Only – Read data only + +See the +[Use the Client Credentials Grant to Obtain an Access Token](/docs/accessanalyzer/11.6/admin/settings/access/restapi/obtaintoken.md) +topic for additional information. + +The client provides the access token in the HTTP header in the following format: + +``` +GET /api/v1/data/SA_ADInventory_UsersView/rows HTTP/1.1 +Host: accessgovernance.company.com  +Authorization: Bearer N4ahquT7rXuiEEeUiNfKD0TjUq7JB9DS +``` + +See the MDN Web Docs +[The general HTTP authentication framework](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication) +article for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/rest-api/powershell-commands.md b/docs/accessanalyzer/11.6/admin/settings/access/restapi/powershellcommands.md similarity index 100% rename from docs/accessanalyzer/12.0/administration/settings/access/rest-api/powershell-commands.md rename to docs/accessanalyzer/11.6/admin/settings/access/restapi/powershellcommands.md diff --git a/docs/accessanalyzer/12.0/administration/settings/access/rest-api/refresh-token.md b/docs/accessanalyzer/11.6/admin/settings/access/restapi/refreshtoken.md similarity index 100% rename from docs/accessanalyzer/12.0/administration/settings/access/rest-api/refresh-token.md rename to docs/accessanalyzer/11.6/admin/settings/access/restapi/refreshtoken.md diff --git a/docs/accessanalyzer/11.6/admin/settings/access/rolebased/assignroles.md b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/assignroles.md new file mode 100644 index 0000000000..ec7d27cd11 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/assignroles.md @@ -0,0 +1,107 @@ +# Assign User to Role Members + +Role Based Access becomes enabled within Enterprise Auditor as soon as the first role has been +assigned in the Access Role wizard. When saving the first role or set of roles added to the Role +Membership list in the Roles view, the Administrator role must be included for a least one user or +an error message displays. + +Follow the steps to assign roles in the Enterprise Auditor Console. + +![Add Access option on the Access page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/addaccess.webp) + +**Step 1 –** On the Access page, click **Add Access**. The Access Type wizard opens. + +![Access Type page of the Access Role wizard](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/accesstypeuser.webp) + +**Step 2 –** Select the **A user or group accessing this console** option. Click **Next**. + +![Console Access page of the Access Role wizard](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccess.webp) + +**Step 3 –** On the Console Access page, specify a group or user in the **Name** field. Use the +ellipsis (**…**) to browse for accounts with the Select User or Group window. + +- (Optional) To use previously configured MSA and gMSAs for authentication, select the gMSA option + from the Object Types list. See the Microsoft + [Group Managed Service Accounts](https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview) + article for additional information. + + - Change the location to the desired domain and click **Object Types**, then select **Service + Accounts**. + - Add the gMSA name (`gMSAadmin$`), then click **OK**. + - The Member Type will show as `msDS-GroupManagedServiceAccount` on the Access page. + +![Console Access page with user added](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccessfinish.webp) + +**Step 4 –** Select a role for the group or user from the Role list. Click **Finish**. The group or +user and role is added to the Role Membership list in the Roles view. + +**Step 5 –** Repeat Steps 1-4 to assign roles to other groups or users. + +**Step 6 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if +they are not saved. + +Role Based Access is enabled when the first role has been assigned. + +![Error message when Administrator role is not specified](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/noadminerror.webp) + +The first role or set of roles saved must include the Administrator role. Clicking **Save** for the +first role or set or roles without including the Administrator generates an error message in the +Enterprise Auditor Console. + +When Role Based Access is first enabled, restart the Enterprise Auditor application to ensure all +roles are properly active. When saving roles for the first time, permissions for the local Users +group are applied to the Enterprise Auditor directory. This allows roles to be leveraged without +requiring local Administrator rights. + +| | | +| ----------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ![Permissions - This folder only](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/permissionsfolder.webp) | ![Permissions - Subfolders and files only](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/permissionssubfolderfiles.webp) | + +There are two separate sets of permissions: + +- Applies to **This folder only** +- Applies to **Subfolders and files only** + +## Edit Role Members' Responsibilities + +Follow the steps to edit a Enterprise Auditor user’s role. + +![Edit Member Role](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/editmemberrole.webp) + +**Step 1 –** On the Access page, select the desired user and click **Edit Member Role**. + +![Edit Console Access wizard page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccessedit.webp) + +**Step 2 –** Select a new role for the user from the Roles list. + +**Step 3 –** Click **Finish**. The role is updated on the Access page. + +**Step 4 –** Repeat Steps 1-3 to edit other users’ roles. + +**Step 5 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if +they are not saved. + +The changed roles take affect the next time the users logs into the Enterprise Auditor application. +If a user is actively logged into Enterprise Auditor at the same time the role for that user is +changed, then the user needs to exit and re-launch the application for the role to take effect. + +## Delete Role Member + +Follow the steps to delete a user from having access to the Enterprise Auditor Console. + +![Delete Role Member](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/deleterolemember.webp) + +**Step 1 –** On the Access page, select the desired user and click **Delete Role Member**. The +selected user will be removed from the list. + +**NOTE:** No confirmation will be requested. However the changes will not be finalized until Step 3 +is completed. + +**Step 2 –** Repeat Step 1 to remove other users as desired. + +**Step 3 –** Click **Save** and then **OK** to confirm the deletions. The users will not be deleted +if the changes are not saved. + +The deleted users will no longer be able to log into the Enterprise Auditor application. If a user +is actively logged into Enterprise Auditor at the same time of the deletion, the user will need to +exit the application for the deletion to take effect. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/rolebased/configureroles.md b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/configureroles.md new file mode 100644 index 0000000000..ed1be9b685 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/configureroles.md @@ -0,0 +1,151 @@ +# Configuring Roles + +To ensure a least privilege access model, roles need to be configured within both the Enterprise +Auditor Console for folder rights and SQL Management Studio for database access rights. + +This is a three-part process: + +- Configure the Enterprise Auditor Installation Account +- Configure Roles in SQL Management Studio + + - Create SQL Server Database Roles + - Assign Users to SQL Roles + +- Assign User Roles in the Enterprise Auditor Console + + - Edit Role Members’ Responsibilities + - Delete Role Members + +**NOTE:** This configuration process is not required if only using Role Based Access to secure +Published Reports. See the +[Securing Published Reports Only](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/securereports.md) +topic for additional information. + +## Configure the Installation Account + +The Enterprise Auditor Installation Account is used both to perform the initial installation of +Enterprise Auditor and to change Storage Profile settings. It needs additional rights in order to +query objects in the master database. This is only necessary so the user can enumerate the available +databases to choose from when configuring the Enterprise Auditor Storage Profile. + +The following script can be executed to give these necessary rights only to the account performing +the initial installation of Enterprise Auditor and any changes to the database where Enterprise +Auditor writes data: + +``` +--Create a login for the user if one does not already exist +IF NOT EXISTS (SELECT *FROM sys.server_principals WHERE [name] = '\') +BEGIN +    create login [\] from windows +END +GO +--Grant that user rights to query the master database to get a list of all database objects +USE [master] +GRANT VIEW ANY DEFINITION TO [\] +GRANT CREATE DATABASE TO [\] +GO +``` + +## Configure Roles in SQL Management Studio + +It is necessary to provision rights to the SQL Server database so the Enterprise Auditor application +rights and database access rights are consistent and provide the minimum rights necessary to support +the Enterprise Auditor roles. This approach involves creating custom database roles which will be +assigned rights and privileges. Then, individual domain user accounts must be assigned to these +roles. + +**NOTE:** For any SQL Server version prior to 2012, Windows groups cannot be used because SQL Server +does not allow the assignment of default schemas to Windows groups. Enterprise Auditor requires the +default schema of [dbo] to function properly. + +### Create SQL Server Database Roles + +To create the roles within the SQL Server database, run the following script. + +![Query Window](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqlcreateroles.webp) + +Be sure to set the context of this query to the Enterprise Auditor database by selecting the right +database from the drop-down window. Alternatively, prefix the script with a +`USE [Enterprise Auditor DATABASE NAME]` clause. + +``` +--create SMP Viewer role +CREATE ROLE SMP_Viewer  +--grant role permissions at the schema level +GRANT SELECT +ON SCHEMA::dbo +TO SMP_Viewer +Go  +--create SMP Builder role +CREATE ROLE SMP_Builder  +--grant role permissions at the schema level +GRANT SELECT,INSERT,DELETE +ON SCHEMA::dbo +TO SMP_Builder +Go  +--grant additional creation rights +GRANT CREATE TABLE TO [SMP_Builder] +GO  +--create SMP Admin role +CREATE ROLE SMP_Admin  +--grant role permissions at the schema level +GRANT ALTER,EXECUTE,INSERT,UPDATE,REFERENCES +ON SCHEMA::dbo +TO SMP_Admin +Go  +--grant additional creation rights +GRANT CREATE TABLE TO [SMP_Admin] +GO +GRANT CREATE VIEW TO [SMP_Admin] +GO +GRANT CREATE PROCEDURE TO [SMP_Admin] +GO +GRANT CREATE FUNCTION TO [SMP_Admin] +GO +GRANT CREATE TYPE TO [SMP_Admin] +GO + +``` + +Once the script has been successfully executed, assign domain users to these database roles. + +### Assigning Users to SQL Roles + +Now that the SQL Server database roles have been created the next step is to assign domain users to +those roles. This can be done interactively in SQL Management Studio. Follow the steps to assign +users to SQL Server database roles. + +**Step 1 –** Connect to the Enterprise Auditor database through SQL Management Studio. + +![Database Roles](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqldatabaseroles.webp) + +**Step 2 –** Validate that the roles have been properly created by navigating to **Security** > +**Roles** > **Database Roles**. The three new roles should be visible: + +- SMP_Admin +- SMP_Builder +- SMP_Viewer + +| | | +| ----------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | +| ![New User Option](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqlusers.webp) | ![New User Option](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqlusersnewuser.webp) | + +**Step 3 –** After confirmation of role creation, the next step is to map users to these roles. +Right-click on the **Security** > **Users** node and select **New User**. + +![Database User Window](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqluserwindow.webp) + +**Step 4 –** Enter the user information in the dialog as follows: + +- User Name – Display name given to the user which is shown under the user’s folder. + + **_RECOMMENDED:_** Use a descriptive name. + +- Login name – Qualified domain name of the user: `[DOMAIN]\[Username]` +- Default Schema – Should be set to `dbo` +- Database role membership – Should be set to the appropriate role for this user. See the + [Role Definitions](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/roledefinitions.md) + topic for more information. + +When all of the users have been assigned to the appropriate SQL Server database roles, complete the +process by assigning users to roles within the Enterprise Auditor Console. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/rolebased/customroles.md b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/customroles.md new file mode 100644 index 0000000000..be83e3a3c5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/customroles.md @@ -0,0 +1,176 @@ +# Custom Roles + +A custom role can be created within Enterprise Auditor to combine the rights of other defined roles. +Follow the steps below to create a custom role. + +**Step 1 –** In the Enterprise Auditor directory, navigate to **PrivateAssemblies** and edit the +**rba-roles.conf** file.  Add a new section for the custom role as shown in the following +instructions: + +``` + + + + + + + +``` + +- Replace `Special User` between the double quotes in the script above with the name of the new + role. +- Replace `Description of Special User` between the double quotes in the script above with a + description of what a user assigned the new role is able to do. + +**Step 2 –** Add privileged values for the desired rights on new lines between the beginning comment +`` and ending comment `` in the script above. + +- For example, to create a single role which has the same privileges as the Host Management + Administrator and Global Options Administrator roles, copy the privileges from the sections of the + **rba-roles.conf** file to the newly added section, and remove duplicate values if there is any + overlap. + +See the sections below for examples of how roles should be added in the **rba-roles.conf** file. + +## Default Global Options Administrator Privileges + +The following example shows what is currently contained in the Global Options Administrator role, +and how the created role should be added in the **rba-roles.conf** file. + +``` + + + + + + +    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +``` + +## Default Host Management Administrator Privileges + +The following example shows what is currently contained in the Host Management Administrator role, +and how the created role should be added in the **rba-roles.conf** file. + +``` + + + + + + + + + + + + + + + + + + + + + + + + + + +``` + +## New Role Combining the Global Options Administrator and Host Management Administrator Roles + +The following is an example of a custom role that combines the Global Options Administrator and Host +Management Administrator roles. The script contains duplicate privileges of `RunSA`, +`ScheduleDelete`, and `ScheduleEdit` that need to be removed. + +``` + +  + + + +          + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +``` diff --git a/docs/accessanalyzer/11.6/admin/settings/access/rolebased/eventlog.md b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/eventlog.md new file mode 100644 index 0000000000..af60b37f5a --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/eventlog.md @@ -0,0 +1,25 @@ +# Roles and the Event Log + +The Enterprise Auditor Event Log includes a list of the following activities related to Role Based +Access. The logged activities include information regarding the user who initiated the activity and +their corresponding role: + +- Job Query Modifications +- Host List Modifications +- All Global Settings Modifications + + - Connection Profiles + - Role Based Access + - All other settings found in Settings node + +- Job and Group Properties/Settings +- Job Schedules +- Job Deletions +- Job Creations +- Job Moves in the Jobs tree +- Job/Group Executions +- Enterprise Auditor Console launches and exits + +See the +[Application Maintenance and Best Practices](/docs/accessanalyzer/11.6/admin/maintenance/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/rolebased/faq.md b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/faq.md new file mode 100644 index 0000000000..a46498e3dd --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/faq.md @@ -0,0 +1,93 @@ +# Role Based Access: FAQ + +This topic lists some commonly asked questions about Role Based Access functionality in Enterprise +Auditor. + +How do locked jobs affect the role functionality? + +A lock on a job represents the approval by the Job Approver, and is therefore deemed acceptable to +execute. Once a job is locked, Job Builders can no longer modify the job configuration. Furthermore, +only locked jobs can be run. Therefore, the Job Initiator can only run or schedule jobs which have +already been locked. + +**NOTE:** Locked jobs do not affect the functionality of the Administrator role. See the +[Role Definitions](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/roledefinitions.md) +topic for more information. + +How can I make sure that a lock on a job will not get tampered with through the associated XML file? + +The Scheduling Service Account provides limited rights for the Job Approver. Previously, the Job +Approver required permissions on the Jobs folder in order to apply the lock to a job. Now, the +credentials specified in the Scheduling Service Account will be used to apply the locks. Therefore, +the Job Approver no longer needs access to the Jobs folder and cannot manually remove or tamper with +the associated XML file. + +**NOTE:** If using a Job Initiator’s credentials for a Schedule Service Account, all jobs must be +locked in order for them to be executed. See the +[Role Definitions](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/roledefinitions.md) +and +[Roles & the Schedule Service Account](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/scheduleserviceaccount.md) +topics for more information. + +Why can the Host Management Administrator not manage settings for the Host Discovery and Host +Inventory nodes under Settings? + +The Host Management Administrator role is designed specifically to access the Host Management node. +Therefore, this role does not grant access to the global settings menu under the Settings node. + +**NOTE:** In order to access this node, the user must have either the Administrator or the Global +Options Administrator role. See the +[Role Definitions](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/roledefinitions.md) +topic for more information. + +What rights do I need to give the user on the local machine in order to use Enterprise Auditor? + +Enabling Role Based Access removes the necessity to explicitly provide users rights on the +Enterprise Auditor folder structure. Instead, when the Administrator role is first assigned and Role +Based Access is enabled, the roles will set permissions to allow all members of the local users +group the necessary access to Enterprise Auditor. + +When a user’s role is changed, when does the new role take affect? + +If a user’s role has been altered while they are in an active Enterprise Auditor session, the user +must exit the Enterprise Auditor Console and re-open the application for the new role to take +effect. This is also true if a user has been given an additional role or removed from role +membership. The capabilities of the new role will not come into effect until the Enterprise Auditor +application has been restarted. + +**NOTE:** See the +[Edit Role Members' Responsibilities](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/assignroles.md#edit-role-members-responsibilities) +and +[Delete Role Member](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/assignroles.md#delete-role-member) +topics for more information. + +I locked a job, but when going back to it, it appears to be unlocked. Why? + +A locked job signifies that the job has been approved for execution and should not be modified. If a +job is modified in any way, the lock is immediately removed. Although most roles should not be able +to modify locked jobs, the Administrator role can. This role is not governed by the limitations of +Role Based Access. Thus, if a locked job is modified by an Administrator, the job will become +unlocked. This event will be logged as a job-change related event by Administrator in the Enterprise +Auditor Event Log. + +**NOTE:** If using a Job Initiator’s credentials for the Schedule Service Account, all jobs must be +locked in order for them to execute. See the +[Role Definitions](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/roledefinitions.md), +[Workflow with Role Based Access Enabled](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/workflow.md), +and +[Roles and the Event Log](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/eventlog.md) +topics for more information. + +What should be the group type when assigning Role Based Access to an AD group in a multi-domain +environment? + +When assigning an Role Based Access to an AD group, it is important to consider the domain +relationship between the AD group and the Enterprise Auditor server. + +If the Enterprise Auditor server and the AD group are in different domains then the AD group must be +a universal group. If the group type is not universal then it will result in the RBA being unable to +access the user's group membership and the user who is a member of that AD group will be unable to +view any reports. + +However, if both the Enterprise Auditor server and the AD group are in the same domain, the AD group +can be either a local group, global group, or universal group. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md new file mode 100644 index 0000000000..f084784ecf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md @@ -0,0 +1,40 @@ +# Role Based Access + +Role Based Access allows Enterprise Auditor users to not have local Administrator rights on the +console server. This is done through the creation of different roles which cover all aspects of the +Enterprise Auditor work flow introduced by enabling Role Based Access. These roles can be leveraged +without such elevated rights. Responsibilities within the Enterprise Auditor Console have been +divided among these roles. + +Role Based Access also allows users to secure published reports when accessed through the Web +Console. This is done by first enabling Role Based Access and then by assigning users/groups as +viewers to the reports to which they should have access. + +Report security through Role Based Access can be applied without implementing a least privileged +access model to the Enterprise Auditor Console. See the +[Securing Published Reports Only](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/securereports.md) +topic for additional information. + +**NOTE:** The least privileged access model to the Enterprise Auditor Console does not work in +conjunction with the Exchange Solution. Role Based Access can be enabled, but the Administrator role +is required to run the Exchange Solution jobs. + +**CAUTION:** Please use caution when enabling Role Based Access, as it is a very powerful tool +within the console designed to be difficult to disable once activated. If Role Based Access is +enabled by accident, please contact [Netwrix Support](https://www.netwrix.com/support.html) for +assistance in disabling it. + +The account used to perform the initial Enterprise Auditor installation, as well as to change +Storage Profile settings after installation, require additional rights in order to query objects in +the master database. See the +[Configure the Installation Account](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/configureroles.md#configure-the-installation-account) +topic for additional information on this account. + +To enable Role Based Access within Enterprise Auditor, corresponding roles must first be created +within SQL Management Studio. Then Enterprise Auditor users must be assigned roles both in SQL +Management Studio and in Enterprise Auditor. + +The first Enterprise Auditor user assigned a role must be an Administrator. Assigning this first +user role officially enables Role Based Access within Enterprise Auditor. See the +[Configuring Roles](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/configureroles.md) +topic for additional configuration details. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/rolebased/roledefinitions.md b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/roledefinitions.md new file mode 100644 index 0000000000..dcc7d2a168 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/roledefinitions.md @@ -0,0 +1,233 @@ +# Role Definitions + +The following is a list of all roles leveraged within Enterprise Auditor once Role Based Access is +enabled, including their intended functionality. A user may have more than one role assigned to +them. + +**NOTE:** When a job is moved or copied to a separate job group, it inherits the assigned roles at +the parent and global level from the new job group. Any previous role inheritance is overwritten. + +- OS Administrator – Used only for installation purposes + + - This is not not a configured role, but rather the access required during installation + +- Administrator – At least one must be set before any other roles are assigned + + - Full functionality from all roles within the Enterprise Auditor Console + - Rights to view all reports, tags, and report permissions within the Web Console + - Rights to preform an upgrade on Enterprise Auditor + +**NOTE:** In order to use Role Base Access with the Exchange Solution, all Exchange users must be +assigned the Administrator role. This is because the solution requires local Administrator rights on +the Enterprise Auditor Console server. + +- Power User + + - Rights to add, modify, and delete global settings, except for the **Setting** > **Access** + node + - Not able to view or modify Roles at the global level + - Has rights to add and break inheritance on report viewers at the job group, job, and report + configuration levels + - Rights to modify host management settings as well as run host inventory queries + - Rights to create, modify, and delete jobs as well as view the results of a job. They need to + be able to manage all configuration settings related to those jobs. + - Rights to view previously configured jobs and approve them to be run. They are also able to + view the results of a job. + - Rights to run jobs which have been approved, as well as disable or enable jobs and job groups + - Rights to view all reports, tags, and report permissions within the Web Console + +- Access Administrator + + - Rights to add, modify, and delete global roles except for own roles. This is to restrict + Access Administrators from stepping outside intended rights. + - Not able to view or modify report roles at any other level + - Rights to view report Tags within the Web Console but not report content or permissions + +- Global Options Administrator + + - Able to modify global settings, except for the **Setting** > **Access** node + - The Exchange node is the exception due to its requirements. Therefore, this node cannot be + modified by the Global Options Administrator. + - Rights to view report Tags within the Web Console but not report content or permissions + +- Host Management Administrator + + - Rights to modify host management settings as well as run host inventory queries + - Rights to view report Tags within the Web Console but not report content or permissions + +- Job Builder + + - Rights to create, modify, and delete jobs as well as view the results of a job. They need to + be able to manage all configuration settings related to those jobs. + - Rights to view or modify report viewers at the job group, job, and report levels but not the + global level + - Rights to view all reports and tags within the Web Console but not the report permissions + +- Job Approver + + - Rights to view previously configured jobs and approve them to be run. They are also able to + view the results of a job. + - Rights to view all reports and tags within the Web Console but not the report permissions + +- Job Initiator + + - Rights to start jobs which have been approved as well as view the results of a job + - Rights to disable and enable job and job groups + - Rights to view all reports and tags within the Web Console but not the report permissions + +- Job Initiator (No Actions) + + - Rights to start jobs which have been approved as long as there are no configured Actions in + the job. They are also able to view the results of a job. + - Rights to disable and enable job and job groups + - Rights to view all reports and tags within the Web Console but not the report permissions + +- Job Viewer + + - Only able to view the results of a job + - Rights to view all reports and tags within the Web Console but not the report permissions + +- Web Administrator + + - Not able to access the Enterprise Auditor Console + - Rights to view all reports, tags, and report permissions within the Web Console + +- Report Viewer + + - Not able to access the Enterprise Auditor Console + - Only able to view reports and tags within the Web Console but not the report permissions + - Access to reports is restricted according to where the Report Viewer role is assigned: + + - Assigned at the Global level (**Settings** > **Roles**) – Able to view all published + reports + - Assigned at the Job Group level (**Jobs** > **[Job Group]** > **Settings**  > + **Reporting**) – Able to view all reports published by the jobs within this job group + - Assigned at the Job level (**Jobs** > **[Job Group]** > **[Job]** > **Job Properties** > + **Report Roles** tab) – Able to view all reports published by this job + - Assigned at the Report configuration level (**Jobs** >**[Job Group]** >**[Job]** > + **Configure** > **Reports**> **Configure** > **Publish Security** page) – Able to view + only this report + +By default, many roles are granted rights to view all reports and report content. The inheritance of +the Report Viewer role can be broken at the job group, job, or report configuration levels. See the +[Report Viewer Inheritance](#report-viewer-inheritance) topic for additional information. + +## Enterprise Auditor Console Roles & Rights + +These tables show the rights granted to different user levels to the Enterprise Auditor Console. + +### Administrators + +This table identifies the rights granted to administrative users to the Enterprise Auditor Console. + +| Action | Administrator | Global Options Administrator | Access Administrator | Host Management Administrator | OS Administrator | +| ----------------------------------------------------------------------------------------------------------------------------------- | ------------- | ---------------------------- | -------------------- | ----------------------------- | ---------------- | +| View Reports within the Web Console | Yes | No | No | No | No | +| View Report Tags within the Web Console | Yes | Yes | Yes | Yes | No | +| View Report Permissions within the Web Console | Yes | No | No | No | No | +| Access the Enterprise Auditor Console (after Role Based Access is enabled) | Yes | Yes | Yes | Yes | No | +| Read All Configuration Logs | Yes | Yes | Yes | Yes | No | +| Manage / Edit Access Roles | Yes | No | Yes | No | No | +| Manage Global Settings (includes Connection Profiles) | Yes | Yes | No | No | No | +| Manage / Edit Hosts in Job | Yes | No | No | No | No | +| Manage / Edit Job Definitions | Yes | No | No | No | No | +| Run Jobs | Yes | No | No | No | No | +| Manage / Edit Job Schedules | Yes | No | No | No | No | +| Manage Host Management Settings (includes scheduling and running of host discovery, but not host related nodes in Global  Settings) | Yes | No | No | Yes | No | +| Lock / Unlock Jobs | Yes | No | No | No | No | +| Enable/Disable Jobs | Yes | No | No | No | No | +| Install / Uninstall Data Collectors (or other tool components) | Yes | No | No | No | Yes | +| Upgrade Enterprise Auditor Console | Yes | No | No | No | No | + +### Users + +This table identifies the rights granted to users who have access to the Enterprise Auditor Console. + +| Action | Power User | Job Builder | Job Approver | Job Initiator | Job Initiator (No Actions) | Job Viewer | +| ---------------------------------------------------------------------------------------------------------------------------------- | ---------- | ----------- | ------------ | ------------- | -------------------------- | ---------- | +| View Reports within the Web Console | Yes | Yes | Yes | Yes | Yes | Yes | +| View Report Tags within the Web Console | Yes | Yes | Yes | Yes | Yes | Yes | +| View Report Permissions within the Web Console | Yes | No | No | No | No | No | +| Access the Enterprise Auditor Console (after Role Based Access is enabled) | Yes | Yes | Yes | Yes | Yes | Yes | +| Read All Configuration Logs | Yes | Yes | Yes | Yes | Yes | Yes | +| Manage / Edit Access Roles | No | No | No | No | No | No | +| Manage Global Settings (includes Connection Profiles) | Yes | No | No | No | No | No | +| Manage / Edit Hosts in Job | Yes | Yes\* | No | No | No | No | +| Manage / Edit Job Definitions | Yes | Yes\* | No | No | No | No | +| Run Jobs | Yes | No | No | Yes\*\* | Yes\*\*\* | No | +| Manage / Edit Job Schedules | Yes | No | No | Yes\*\* | Yes\*\*\* | No | +| Manage Host Management Settings (includes scheduling and running of host discovery, but not host related nodes in Global Settings) | Yes | No | No | No | No | No | +| Lock / Unlock Jobs | Yes | No | Yes | No | No | No | +| Enable/Disable Jobs | Yes | No | No | Yes | Yes | No | +| Install / Uninstall Data Collectors (or other tool components) | Yes | No | No | No | No | No | +| Upgrade Enterprise Auditor Console | No | No | No | No | No | No | + +\*When jobs are unlocked + +\*\*When jobs are locked + +\*\*\*When jobs are locked and have no actions + +## Web Console Roles & Rights + +This table identifies the rights granted to users who have access only to the Web Console. + +| Action | Web Administrator | Report Viewer | +| ---------------------------------------------- | ----------------- | ------------- | +| View Reports within the Web Console | Yes | Yes\* | +| View Report Tags within the Web Console | Yes | Yes\* | +| View Report Permissions within the Web Console | Yes | No | + +\*According to where the role is assigned + +## SQL Server Database Roles & Rights + +This table describes the roles that will be created within the SQL Server database and what rights +they will have to the Enterprise Auditor database. It also describes which Enterprise Auditor roles +they are mapped to. + +| Database Role(s) | Enterprise Auditor Role | Rights | Role Description | +| --------------------------------------------- | ------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| SMP Administrator db_datareader db_datawriter | Administrator Job Initiator Job Initiator (No Actions) | On the dbo schema: ALTER, EXECUTE, INSERT, UPDATE, REFERENCES On the Enterprise Auditor database: CREATE TABLE, CREATE VIEW, CREATE PROCEDURE, CREATE FUNCTION, CREATE TYPE | This role is used by full Administrators and Job Initiators who must run the 2-FSAA Bulk Import Job which requires manipulation of the Enterprise Auditor database | +| SMP Builder | Job Builder Host Management Administrator | On the dbo schema: ELECT, INSERT, DELETE On the Enterprise Auditor database: CREATE TABLE | This role is used by the Job Builder who must be able to create/delete tables, view data, and insert and delete hosts from the Enterprise Auditor Console | +| SMP Viewer | Job Viewer Access Administrator Job Approver All other roles | On the dbo schema: SELECT | This role is used by all roles who do not require anything more than just reading data and information from the database | + +## Report Viewer Inheritance + +When Role-Based Access is enabled, users assigned the following roles inherit rights to view all +reports and their content: + +- Administrator role +- Power User role +- Job Builder role +- Job Approver role +- Job Initiator role +- Job Initiator (No Actions) role +- Job Viewer +- Web Administrator + +Additional users can be assigned the Report Viewer role at the global, job group, job, or report +configuration levels. These rights are inherited down through child objects. However, the Report +Viewer role inheritance can be broken at any level. Break inheritance to remove the right to view +specific reports at: + +- Job Group level – **[Job Group]** >**Settings** > **Reporting** node +- Job level – **[Job]** > **Properties** >**Report Roles** tab +- Report Configuration level – **[Job]** > **Configure** > **Reports** node. Click **Configure** + next to the report, and navigate to the Publish Security page of the Report Configuration wizard. + See the + [Publish Security Page](/docs/accessanalyzer/11.6/admin/report/wizard/publishsecurity.md) topic + for additional information. + +| ![Job Group Level](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportviewerjobgroup.webp) | ![Job Level](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportviewerjob.webp) | ![Report Configuration Level](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportviewerreport.webp) | +| ----------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------- | +| Job Group Level | Job Level | Report Configuration Level | + +There are two options that control inheritance for Report Viewers when selected: + +- Include Report Viewers from this object’s parent – Automatically removes any user with the Report + Viewer role inherited from a parent object at the lower levels +- Set all the child objects to inherit these settings – Only available at the Job Group level. Sets + all Jobs and Reports to inherit group settings for all child objects by automatically selecting + the **Include Report Viewers from this object’s parent** option. Any previous configurations are + overwritten once **Yes** is selected in the confirmation window. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/rolebased/scheduleserviceaccount.md b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/scheduleserviceaccount.md new file mode 100644 index 0000000000..0d834a37ee --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/scheduleserviceaccount.md @@ -0,0 +1,66 @@ +# Roles & the Schedule Service Account + +Once Role-Based Access is enabled, a user or group with the appropriate access role has the ability +to schedule a job or job group as a Schedule Service Account at the **Settings** > **Schedule** +node. Multiple accounts can be added as needed. + +Who Configures This Account? + +- Administrator role +- Power User role +- Global Options Administrator role + +Whose Credentials Should Be Used as the Schedule Service Account? + +- A user with either: + + - Administrator role + - Power User role + - Job Initiator role + +**NOTE:** In order to run or schedule a Host Inventory query, the Schedule Service Account must have +an Administrator, Power User, or Host Management Administrator role. Therefore, if the account has +the Job Initiator role assigned, it must have the Host Management Administrator role as well. + +The Schedule Service Account is used to access the Task folders when scheduling tasks and to apply +locks on jobs. + +- Schedule Tasks + + - In order to have the appropriate level of rights to schedule tasks, the credentials specified + must at least have the following: + + - Create Files/Write Data rights on the Windows Task Folder + - Create Files/Write Data rights on the System 32 Task folder + - Otherwise, they should have local Administrator privileges on the Enterprise Auditor + Console server + + - The user whose credentials are specified must also have a role that allows the scheduling of + tasks – Administrator, Power User, or Job Initiator + +- Apply Locks + + **NOTE:** If the Enterprise Auditor user whose credentials are used has the role of Job + Initiator, the job must be locked in order for it to execute successfully. + + - These credentials are used to apply locks on jobs, enabling the Job Approver to have fewer + rights on the Jobs directory. Therefore, the credentials specified must at least have the + following: + + - Modify rights on this directory + - Otherwise, these credentials should have local Administrator privileges on the Enterprise + Auditor Console server + + - The Job Approver uses these credentials to apply locks. Therefore, the Job Approver must be + added to the local policy **Impersonate a client after Authentication**. + +Do not choose the **Use local System account to schedule tasks** option. This account does not have +the appropriate rights to apply locks on jobs. Therefore, it does not work in conjunction with Role +Based Access. + +See the +[Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) +topic for additional instructions on configuring the Schedule Service Account. + +_Remember,_ these credentials must be for a user with local Administrator privileges or rights to +the Windows Task Folder and the System 32 Task folder on the Enterprise Auditor Console server. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/rolebased/securereports.md b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/securereports.md new file mode 100644 index 0000000000..a4d72423b2 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/securereports.md @@ -0,0 +1,69 @@ +# Securing Published Reports Only + +In order to secure published reports through the Web Console, it is necessary to enable Role Based +Access within the Enterprise Auditor Console. If that is the only reason the Role Based Access +feature is being enabled, ensure the following requirements are met: + +- Administrator role assigned to all Enterprise Auditor Console users + + - Anyone not assigned an Administrator role are unable to access the Enterprise Auditor Console + after Role Based Access is enabled + +- Web Administrator role assigned to individuals who should have access to all reports, tags, and + report permissions but not the Enterprise Auditor Console +- Report Viewer assigned to individuals who should have access to reports and tags but not report + permissions or the Enterprise Auditor Console + + - Global Level Assignment – Access to all reports + - Job Group Level Assignment – Access to reports published by jobs within the job group + - Job Level Assignment – Access to reports published by the job + - Report Configuration Level Assignment – Access to the specific report + +Follow the steps to assign roles at the global level. + +**Step 1 –** Navigate to the **Settings** > **Access** node. + +![Add Access option on the Access page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/addaccess.webp) + +**Step 2 –** On the Access page, click **Add Access**. The Access Type wizard opens. + +![Access Type page of the Access Role wizard](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/accesstypeuser.webp) + +**Step 3 –** Select the **A user or group accessing this console** option. Click **Next**. + +![Console Access page of the Access Role wizard](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccess.webp) + +**Step 4 –** On the Console Access page, specify a group or user in the **Name** field. Use the +ellipsis (**…**) to browse for accounts with the Select User or Group window. + +![Console Access page with user added](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccessfinish.webp) + +**Step 5 –** Select a role for the group or user from the Role list. Click **Finish**. The group or +user and role is added to the Role Membership list in the Roles view. + +**CAUTION:** The first role or set of roles saved must include the Administrator role. Clicking Save +for the first role or set or roles without including the Administrator generates an error message in +the Enterprise Auditor Console. + +**Step 6 –** Repeat Steps 2-4 to assign the Administrator, Web Administrator, and Report Viewer +roles to other groups or users. + +**Step 7 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if +they are not saved. + +Role Based Access is enabled when the first role has been assigned. + +![Error message when Administrator role is not specified](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/noadminerror.webp) + +The first role or set of roles saved must include the Administrator role. Clicking **Save** for the +first role or set or roles without including the Administrator generates an error message in the +Enterprise Auditor Console. + +When Role Based Access is first enabled, restart the Enterprise Auditor application to ensure all +roles are properly active. The Report Viewer role can be assigned at the job group, job, and report +configuration levels. See the +[Reporting Node](/docs/accessanalyzer/11.6/admin/jobs/group/reporting.md), +[Report Roles Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportroles.md), +and +[Publish Security Page](/docs/accessanalyzer/11.6/admin/report/wizard/publishsecurity.md) +topics for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/access/rolebased/workflow.md b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/workflow.md new file mode 100644 index 0000000000..33a9db32c6 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/access/rolebased/workflow.md @@ -0,0 +1,76 @@ +# Workflow with Role Based Access Enabled + +The following workflow summarizes the necessary steps involved to deploy a job once Role Based +Access is enabled and roles have been assigned. + +**Step 1 –** The Job Builder creates and configures a Enterprise Auditor job + +**Step 2 –** The Job Approver reviews a new or edited job’s configuration, and either approves or +rejects it + +![Lock Job option in right-click menu](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/lockjob.webp) + +- If a job is approved, then a lock needs to be applied by right-clicking the job title in the Jobs + tree and selecting **Lock Job** +- If a job is rejected, then the job remains unlocked +- If the **Lock Job** option is visible, then the job has not yet been approved +- If the **Lock Job** option is not visible, then the job has been approved + +![Unlock Job option in right-click menu](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/unlockjob.webp) + +**Step 3 –** The Job Initiator can choose to run the job directly through the Enterprise Auditor +Console or schedule it to run with the Schedule Service Account. This user will know the job was +approved by the grayed-out **Unlock Job** option in the right-click menu. + +- Job Initiator/Job Initiator (No Actions) – The Job Initiator can only execute locked job. + + - For the Job Initiator (No Actions) role, the user is unable to execute a job which contains + configured actions, even if it is approved and locked + - Both roles can enable and disable job groups and jobs regardless of whether or not they are + locked. Disabled jobs are grayed out with a red x next to it and are not executed with the job + group. When applied at the job group level, all nested jobs are disabled and do not run. + However, any new job added to that group is enabled by default. + + **NOTE:** The Job initiator can also publish the reports already generated by the job. + +- Publish – To publish reports which have already been generated to the Web Console + + - See the + [Report Settings Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.md) + topic for additional information + +![Report under the Results Node in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportjobstree.webp) + +**Step 4 –** After a job has been successfully run, the **Job Viewer** can now view the results of +the job under the job’s Status and Results node, or in the Web Console. See the +[Viewing Generated Reports](/docs/accessanalyzer/11.6/admin/report/view.md) +topic for additional information. + +**NOTE:** The Job Builder, Job Approver, and Job Initiator may also view these results within the +Enterprise Auditor Console. Additionally, users with these roles can view reports within the Web +Console. + +## Other Console Roles + +Any modifications needed in the Settings or Host Management nodes must be done by the corresponding +administrator role (Global Options Administrator, Access Administrator, or Host Management +Administrator). These roles can be used in conjunction with any other role (for example, a user can +be a Job Builder and Global Options Administrator in order to build jobs and manage corresponding +Connection Profiles). + +### Web Administrator + +The Web Administrator can view all reports within the Web Console. + +In addition to viewing report content, Web Administrators can view tags and report permissions. + +_Remember,_ a user with only the Web Administrator role is unable to access the Enterprise Auditor +Console. + +### Report Viewer + +The Report Viewer can view reports within the Web Console according to where the user’s role was +assigned: global, job group, job, or report configuration. + +_Remember,_ a user with only the Report Viewer role is unable to access the Enterprise Auditor +Console. diff --git a/docs/accessanalyzer/11.6/admin/settings/application/overview.md b/docs/accessanalyzer/11.6/admin/settings/application/overview.md new file mode 100644 index 0000000000..1037446624 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/application/overview.md @@ -0,0 +1,164 @@ +# Application + +The **Application** node is for configuring general settings which affect the way the Enterprise +Auditor Console functions. + +![Application](/img/product_docs/accessanalyzer/11.6/admin/settings/application/application.webp) + +Application Log + +The Enterprise Auditor Application Log section determines what information is stored in the +Enterprise Auditor application log. + +![Application Log](/img/product_docs/accessanalyzer/11.6/admin/settings/application/applicationlog.webp) + +The Application log level controls the types of messages generated for each job and the application. +It can be modified at the job level in the **Job Properties** window. See the +[General Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/general.md) +topic for additional information. Options available in the Application log level drop-down menu +include: + +- Debug – Records everything that happens during job execution, most verbose level of logging + + - Records all Info level information + - Records everything else that happens + - Creates the largest file + +- Info – Records information about what stage of the job is being performed when errors or warnings + occurred + + - Records all Warning level information + - Records job progress information + +- Warning – Records all warnings which occur during job execution + + - Records all Error level information + - Records all warnings and the time of occurrence + +- Error – Records all errors which occur during job execution + + - Records job start time + - Records errors and the time of occurrence + - Records job completion time + +**_RECOMMENDED:_** Set the log level to **Warning**. + +The other log levels are designed to assist with troubleshooting job execution issues. The Debug +level is only recommended when experiencing problems. After the problem is fixed or the Application +log has been sent to [Netwrix Support](https://www.netwrix.com/support.html), reduce the logging +level to **Warning** or **Info**. + +Profile Security + +The Profile Security section provides the option to enable an enhanced method of encryption to +various credentials stored by the Enterprise Auditor application. + +![Profile Security](/img/product_docs/accessanalyzer/11.6/admin/settings/application/profilesecurity.webp). + +There are two options available in the Profiles stored with drop-down menu: + +- Application – Default setting, does not employ the enhanced encryption +- Vault – Enables the enhanced encryption of stored credentials. See the + [Vault](/docs/accessanalyzer/11.6/admin/settings/application/vault.md) + topic for requirements and additional information. + +Usage Statistics + +The Usage Statistics section allows you to select whether to send usage statistics data to Netwrix +to help us improve our product. + +![Usage Statistics](/img/product_docs/accessanalyzer/11.6/admin/settings/application/usagestatistics.webp) + +- If selected, usage statistics are collected and sent to Netwrix + + - Upon startup of the Enterprise Auditor console, the system checks if usage statistics have + been sent in the last 7 days. If they have not been, stored procedures run against the + Enterprise Auditor database and gather data about job runs, access times, and environmental + details like resource counts, users counts, number of exceptions, and so on. This data is then + sent back to Netwrix to help us identify usage trends and common pain points, so that we can + use this information to improve the product. + - Only anonymous statistic-level data is included. No private company or personal data is + collected or sent to Netwrix. + +- If cleared, no usage statistics are collected or sent to Netwrix + +Host Target Options + +The Host Target Options section provides radio buttons to select the source that Enterprise Auditor +should use to connect to hosts. + +![Host Target Options](/img/product_docs/accessanalyzer/11.6/admin/settings/application/hosttargetoptions.webp) + +Select from the following two options: + +- Use host name +- Prefer DNS name if available + +Grid View Parameters + +The Grid View Parameters section controls how the data grids display within the Enterprise Auditor +Console. + +![Grid View Parameters](/img/product_docs/accessanalyzer/11.6/admin/settings/application/gridviewparameters.webp) + +- Automatically rename duplicate columns within a table – Checks for and renames columns with + duplicate names +- Automatically correct invalid column names – Checks for and corrects column names which contain + characters SQL cannot handle + + **_RECOMMENDED:_** Leave both options selected. + +- Save filters and grouping on data grids – Maintains filters configured for a data grid for the + next viewing. If not selected, filtered data grids reset between viewings. +- Maximum row count for interactive grid view – Indicates the number of rows displayed in tables + accessible in under a job’s Status and Results nodes + + - Maximum row count is set to 1000 by default and has a cap of 99,999 rows. This number does not + impact the number of rows within the SQL database. To view the full row count for a table + exceeding this size, use the SQL Server Management Studio or another SQL Server interface tool + which displays the full table. + +Filtered data grids are not lost if persistent filters are not saved. The Filtration Dialog +available for every data grid maintains a list of recent filters. See the +[Data Grid Functionality](/docs/accessanalyzer/11.6/admin/navigate/datagrid.md) +topic for additional information. + +Cleanup + +The Cleanup section is designed to conserve space in the SQL Database Transaction Log. It only works +when the database is configured to use Simple Recovery Model. + +![Cleanup Options](/img/product_docs/accessanalyzer/11.6/admin/settings/application/cleanup.webp) + +- Compact Database Transaction Log – If selected, every time the Enterprise Auditor application is + closed, the Database Transaction Log is compacted + + **_RECOMMENDED:_** In most environments, it is recommended to leave this option selected. If a + scheduled task ends while multiple tasks are still running, the process of compacting the + database freezes it and causes the running tasks to fail. + +- Run Post Processing SQL Script to Set Host Status – If selected, this option ascribes the values + of SUCCESS, WARNING, or ERROR to indicate what happened on that host during job execution + + **_RECOMMENDED:_** It is recommended that this option be left selected. + +Application Exit Options + +The Application Exit Options section controls whether or not a confirmation is displayed when the +Enterprise Auditor application is closed. + +![Application Exit Options](/img/product_docs/accessanalyzer/11.6/admin/settings/application/applicationexitoptions.webp) + +If selected, the **Show Confirmation Dialog** option causes a Confirm Exit window to open when the +Enterprise Auditor user attempts to exit the application. If deselected, the Enterprise Auditor +application closes without confirmation. + +![Confirm Exit](/img/product_docs/accessanalyzer/11.6/admin/settings/application/confirmexitwindow.webp) + +The Confirm Exit window requires the **Yes** button to be clicked before the Enterprise Auditor +application closes. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Application view. These +buttons become enabled when modifications are made to the Application global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/11.6/admin/settings/application/vault.md b/docs/accessanalyzer/11.6/admin/settings/application/vault.md new file mode 100644 index 0000000000..05ba7c1568 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/application/vault.md @@ -0,0 +1,68 @@ +# Vault + +The Enterprise Auditor vault provides additional security through enhanced encryption to various +credentials stored by the Enterprise Auditor application, such as Connection Profile credentials or +Schedule Service Account credentials. In order to enable the vault, the following prerequisites must +be met in the order listed: + +- Enterprise Auditor Vault Service must be running + + - This service was installed during the Enterprise Auditor installation and is configured for + Manual Startup Type + - It needs to be configured to Log On (Service > Properties) with a service account which has + Log on as Service rights, as well as Read and Execute rights to the VaultService.exe file + located within the Enterprise Auditor installation directory + +- Role Base Access must be enabled within Enterprise Auditor + + - The vault was designed to provide enhanced security when employing the Role Based Access, or + least privilege, option of Enterprise Auditor + - At least one Administrator role must be assigned to enable the vault: + + - If full Role Based Access is not desired but enabling the vault is, all of the Enterprise + Auditor users should be given the Administrator role + - No additional Role Based Access prerequisites are required for this option + + - See the + [Access](/docs/accessanalyzer/11.6/admin/settings/access/overview.md) + topic for additional information on Role Based Access + + **NOTE:** Once the vault has been enabled, it is not possible to disable Role Based Access + without first disabling the vault. Please contact + [Netwrix Support](https://www.netwrix.com/support.html) for assistance in disabling Role Based + Access. + +- The Profile Security section of the Application node must be set to **Vault** + + ![Vault Security](/img/product_docs/accessanalyzer/11.6/admin/settings/application/vaultrbaerror.webp) + + If the previous prerequisites have not been met, then one of the following errors will occur + when attempting to save the Vault Profile Security setting: + + - Role Based Access Error – Role Based Access must be configured in order to use the Enterprise + Auditor Vault. Please configure Role Based Access and try again + - Enterprise Auditor Vault Service Error – Enterprise Auditor is not running + +- The Netwrix Enterprise Auditor Web Server service must be run with an account that has the + Administrator role assigned + + - If the Administrator role is not assigned, the vault service does not allow the web server to + access the SQL profile and throws an access denied error in the web server log file + +The credentials which are encrypted once the vault has been enabled are: + +- Storage Profile credentials +- Connection Profile credentials +- Schedule Service Account credentials +- Role Definitions +- Role Assignments + +Once encrypted, the files with these stored credentials are moved into a new directory location. + +This location is protected by the service account used to run the Enterprise Auditor Vault Service. + +## Disabling the Vault + +To disable the vault, navigate to the **Settings** > **Application** node and change the Profile +Security section setting to **Application**. It is a best practice to also stop the Enterprise +Auditor Vault Service. diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/cyberarkintegration.md b/docs/accessanalyzer/11.6/admin/settings/connection/cyberarkintegration.md new file mode 100644 index 0000000000..4ce5d4341e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/cyberarkintegration.md @@ -0,0 +1,163 @@ +# CyberArk Integration + +In order for Enterprise Auditor to be able to retrieve service account passwords from the CyberArk +Password Vault, the following prerequisites must be completed: + +- The Secrets Manager must be installed on the Enterprise Auditor Console server. The organization’s + Vault administrator can provide the Secrets Manager installation package and most likely needs to + be present during the installation to provide credentials in order for the Secrets Manager + installation to complete. See the CyberArk + [Credential Provider (CP)](https://docs.cyberark.com/credential-providers/Latest/en/Content/CP%20and%20ASCP/Installing-CP.htm) article + for additional information. +- An application must be added to CyberArk for the integration with Enterprise Auditor. The + Application Id of this application must then be added to the `GlobalOptions.xml` file for + Enterprise Auditor. See the + [Customize CyberArk Application Id](#customize-cyberark-application-id) topic for additional + information. The application can be locked down by providing an OS User, a Path, or a Hash. See + the CyberArk + [Add applications](https://docs.cyberark.com/credential-providers/14.0/en/Content/Common/Adding-Applications.htm) article + for additional information. + + - The OS User needs to be the account running Enterprise Auditor. This could be the account used + to launch the Enterprise Auditor application or an account used as the Schedule Service + Account within Enterprise Auditor. More than one OS User can be added. + - The Path should be a local path to the `StealthAUDIT.exe` file. The path should end with the + file name: `…\StealthAUDIT.exe`. + - The Hash should be generated using the **AimGetAppInfo** tool in the + `…\CyberArk\ApplicationPasswordProvider\Utils` folder on the server where Secrets Manager is + installed. AimGetAppInfo should be run in an Administrator Command Prompt. Run the following + command: + + ``` + ..\CyberArk\ApplicationPasswordProvider\Utils\NETAimGetAppInfo.exe GetHash /AppExecutablesPattern \PrivateAssemblies\Stealthbits.StealthAUDIT.Console.dll + ``` + + **_RECOMMENDED:_** Pipe the output hash value to a file to easily copy and paste it to the + CyberArk application. + + See the CyberArk + [Generate an application hash value](https://docs.cyberark.com/credential-providers/Latest/en/Content/CP%20and%20ASCP/Generating-Application-Hash-Value.htm) article + for additional information. + + ![Application Details page for the CyberArk Application](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/applicationidhash.webp) + + Add the generated hash value in the Authentication tab of the Application Details page for + the CyberArk Application. + + ![Allowed Machines list for the CyberArk application](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/allowedmachines.webp) + + - The machine name for the Enterprise Auditor console needs to be added on the Allowed Machines + list for the CyberArk application + +- Once the Secrets Manager installation has completed and the Enterprise Auditor application has + been created, the necessary CyberArk accounts must be given access to the Safes in which the + Enterprise Auditor service accounts are stored. This includes the account which was created + automatically during the Secrets Manager installation, as well as the account created + automatically as a result of the application creation. + + ![Owners window for the Safe containing the credentials](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/vaultownerswindow.webp) + + - The account created during the AIM installation is under the naming convention + `Prov_[COMPUTERNAME]`, where `COMPUTERNAME` is the name of the computer on which AIM is + installed. This account should be given **Retrieve accounts**, **List accounts**, and **View + Safe Members** rights on the desired Safes. + - The account created during the application creation has the same name as the application + itself and should be given **Retrieve accounts** rights on the desired Safes + +## Customize CyberArk Application Id + +The Application id value of the application created within CyberArk for the integration with +Enterprise Auditor must be configured within Enterprise Auditor. This is done in the +`GlobalOptions.xml` file within the Enterprise Auditor installation directory. The default location +is `…\STEALTHbits\StealthAUDIT\`. + +Follow the steps to customize the CyberArk Application Id within Enterprise Auditor. + +**Step 1 –** Navigate to the `GlobalOptions.xml` file. Open it with a text editor, for example +Notepad. + +**CAUTION:** Ensure Enterprise Auditor is closed when modifying this file. + +![GlobalOptions.xml file in Notepad](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/globaloptions.webp) + +**Step 2 –** Find the `` section of the `GlobalOptions.xml` file. Add the +Application Id of the configured CyberArk application for the integration in the `` tag. If +required, customize the Command Timeout and Connection Port properties. + +``` + +    CyberArkApplicationID +    30 +    18923 + +``` + +- AppId – The name of the CyberArk application +- CommandTimeout – Set to the suggested default of 30 +- ConnectionPort – This is a configurable option found during the installation of the CyberArk + Credential Provider. After installation, it can be found in the configuration file located in the + installation folder. + + See the CyberArk + [TCP parameters](https://docs.cyberark.com/credential-providers/13.0/en/Content/CP%20and%20ASCP/Credential-Provider-Configuration-Files.htm#tcp-parameters) article + for additional information. + +**Step 3 –** Save and close the file. + +Enterprise Auditor now uses the CyberArk Application Id identified in the XML string. + +## User Credentials Window + +In Enterprise Auditor, the CyberArk option for Password Storage is available on the User Credentials +window when configuring an **Active Directory Account** or **Local Windows Account**. + +The credential information supplied in the User Credentials window must be an exact match to what is +in CyberArk as the privileged account for which it is linked. It is case-sensitive. + +If the Connection Profile with a Local Windows Account credential using CyberArk password storage is +used to target multiple hosts, then the local credential on each host needs to have the exact same +username and password combination. + +![Connection view with CyberArk credentials](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/usercredentials.webp) + +The Connection view displays `CyberArk` in the Source column of the User Credentials list for the +selected Connection Profile. + +### Active Directory Account + +Match the User Credentials window settings in Enterprise Auditor with the privilege account +properties in CyberArk. These values are case-sensitive, and must be an exact match. + +![User Credentials window for Active Directory Account](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/usercredentialsad.webp) + +The table below shows the values from your CyberArk configuration that the User Credentials window +should be populated with: + +| Enterprise Auditor | CyberArk Property | CyberArk Description | Example Value | +| ------------------ | ----------------- | -------------------------------------- | ----------------- | +| Domain | Address | Domain address | ExampleDomain.com | +| User name | Username | Privilege account | ExampleUser | +| Safe | Safe | Vault managing the privileged accounts | Test | +| Folder | Folder | Folder within Safe | Root | + +### Local Windows Account + +Match the User Credentials window settings in Enterprise Auditor with the privilege account +properties in CyberArk. These values are case-sensitive, and must be an exact match. The Enterprise +Auditor Domain value is `` and the CyberArk Address property value is the server address. + +![User Credentials window for Local Windows Account](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/usercredentialslocal.webp) + +The table below shows the values from your CyberArk configuration that the User Credentials window +should be populated with: + +| Enterprise Auditor | CyberArk Property | CyberArk Description | Example Value | +| ------------------ | ----------------- | -------------------------------------- | ------------- | +| User name | Username | Privilege account | ExampleUser2 | +| Safe | Safe | Vault managing the privileged accounts | Test | +| Folder | Folder | Folder within Safe | Root | + +**_RECOMMENDED:_** Only use one Local Windows Account credential with CyberArk password storage in a +Connection Profile. As part of the Enterprise Auditor to CyberArk integration, the Enterprise +Auditor job is stopped immediately if the query from Enterprise Auditor to CyberArk for the +credential fails. Therefore, a second credential within the Connection Profile would not be queried. diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/gmsa.md b/docs/accessanalyzer/11.6/admin/settings/connection/gmsa.md new file mode 100644 index 0000000000..33e65b87fa --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/gmsa.md @@ -0,0 +1,24 @@ +# Group Managed Service Accounts (gMSA) Configuration + +Enterprise Auditor can use a previously-configured Group Managed Service Accounts (gMSA/MSA) +account. Make sure that Managed Service Account is selected in the User Credentials window. See the +[Create a Connection Profile](/docs/accessanalyzer/11.6/admin/settings/connection/profile/create.md) +or +[Create a Schedule Service Account](/docs/accessanalyzer/11.6/admin/settings/schedule.md#create-a-schedule-service-account) +topic for additional information. + +To run a job or scheduled task with a gMSA/MSA account, the following prerequisites must be met: + +- The account that Enterprise Auditor is run with must have permissions to retrieve the gMSA account + password +- The gMSA account must be a Local Admin in the target hosts +- The gMSA account does not have to be a local admin in the Enterprise Auditor Console +- The Data Collector used must support unicode characters in the Connection Profile's credential + password to retrieve the gMSA account password + +**NOTE:** For FSAA, remote scans using gMSA credentials need to use the Windows Service launch +mechanism in the query configuration. + +See the Microsoft +[Group Managed Service Accounts](https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview) +article for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/overview.md b/docs/accessanalyzer/11.6/admin/settings/connection/overview.md new file mode 100644 index 0000000000..5f950546d5 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/overview.md @@ -0,0 +1,76 @@ +# Connection + +The Connection node contains objects referred to as Connection Profiles. A Connection Profile houses +the information Enterprise Auditor uses to connect to the target hosts during job execution. + +![Connection](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/connectionpage.webp) + +There are two methods for authentication to a targeted host: + +- Use Local Login Credentials +- Use a Connection Profile + +## Use Local Login Credentials + +This method is traditionally assigned through the **Only use the Windows account that the +application is run with System default** option. It is generally referred to as the System Default +or trusted method. When used, Enterprise Auditor authenticates to the target hosts during host +inventory or job execution with the Windows account used to launch Enterprise Auditor. This can be: + +- Account which was used to log on to the Enterprise Auditor Console server and start the + application +- Account which was used to launch the Enterprise Auditor application through the run-as security + context +- Account which was used to provision a Windows scheduled task when running a job group or job via a + scheduled task + +## Use a Connection Profile + +This method allows you to define a Connection Profile which houses one or several sets of +credentials to be used for authentication on the target hosts during host inventory or job +execution. The credentials specified in a Connection Profile could be any of the following: + +- Local machine account +- Active Directory account +- Unix account +- SQL account +- Microsoft Entra ID (formerly, Azure Active Directory) key +- Dropbox access token +- Web service JWT +- Oracle account + +For the majority of auditing scenarios, domain-based accounts are preferred if not required by the +nature of the auditing task. The credentials must have the permissions required by the data +collector being used. + +### Password Storage Options + +The password for the credential provided can be stored in Enterprise Auditor application or +Enterprise Auditor Vault. Certain types of credentials can be stored in CyberArk®. + +Choosing to store passwords in either the Enterprise Auditor application or the Enterprise Auditor +Vault is a global setting configured in the **Settings** > **Application** node. See the +[Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) topic +for additional information. + +The Enterprise Auditor vault provides enhanced security through enhanced encryption to various +credentials stored by the Enterprise Auditor application. See the +[Vault](/docs/accessanalyzer/11.6/admin/settings/application/vault.md) +topic for additional information. + +CyberArk integration stores supported credentials in the CyberArk Enterprise Password Vault. +CyberArk Privileged Account Security Solution offers components designed to discover, secure, +rotate, and control access to privileged account passwords used to access systems through the +enterprise IT environment. See the +[CyberArk Integration](/docs/accessanalyzer/11.6/admin/settings/connection/cyberarkintegration.md) +topic for additional information. + +![Cancel and Save options](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/cancelsavebuttons.webp) + +The **Cancel** and **Save** buttons are in the lower-right corner of the Connection view. These +buttons become enabled when modifications are made to the Connection global setting. + +![Information update message box](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/settingssavedmessage.webp) + +Whenever changes are made at the global level, click **Save** and then **OK** to confirm the +changes. Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/activedirectory.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/activedirectory.md new file mode 100644 index 0000000000..36daa36231 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/activedirectory.md @@ -0,0 +1,27 @@ +# Active Directory Account for User Credentials + +If the account type selected on the User Credentials window is **Active Directory Account**, the +following information is required for the credential: + +![User Credentials Window - Active Directory](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/activedirectoryaccount.webp) + +- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain + name in the textbox or select a domain from the menu. +- User name – Type the user name +- Password Storage – Choose the option for credential password storage: + + - Application – Uses the configured Profile Security setting as selected at the **Settings** > + **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information. + - CyberArk – Uses the CyberArk Enterprise Password Vault. See the + [CyberArk Integration](/docs/accessanalyzer/11.6/admin/settings/connection/cyberarkintegration.md) + topic for additional information. The password fields do not apply for CyberArk password + storage. + - Managed Service Account – Use previously configured MSA and gMSAs for authentication. The + password fields are not applicable when this option is selected. See the + [Group Managed Service Accounts (gMSA) Configuration](/docs/accessanalyzer/11.6/admin/settings/connection/gmsa.md) + topic for additional information. + +- Password – Type the password +- Confirm – Re-type the password diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/aws.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/aws.md new file mode 100644 index 0000000000..062f274fff --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/aws.md @@ -0,0 +1,35 @@ +# Amazon Web Services for User Credentials + +The information in this section applies to **Select Account Type > Amazon Web Services** account +type in the User Credentials window. + +![User Credentials Window - AWS](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/connectionaws.webp) + +The required credentials for Amazon Web Services are: + +- Access Key ID — Used to sign programmatic requests made to AWS. If access keys are not available, + create them with the IAM console. +- Password Storage: Application – Uses the configured Profile Security setting as selected at the + **Settings >** **Application** node +- Secret Key — Used to sign programmatic requests made to AWS. If secret keys are not available, + create them with the IAM console. +- Scan Roles — Role used to scan other organization accounts + +## Create a Connection Profile for AWS + +A new connection profile will need to be created to be leveraged in the AWS Solution. + +**Step 1 –** Under Settings > Connection, click Add Connection profile. + +**Step 2 –** Click Add User credential and select the Amazon Web Services account type. + +**Step 3 –** Input the Access Key ID into the Username section, and the Secret Access Key into the +Access Token section. + +_Remember,_ these are obtained from AWS when the permissions are configured. See the +[Configure AWS for Scans](/docs/accessanalyzer/11.6/requirements/target/config/aws.md) +topic for additional information. + +**Step 4 –** Click OK in the User Credentials modal, name the Connection Profile, and click Save. + +This connection profile can now be assigned to the AWS Solution. diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/create.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/create.md new file mode 100644 index 0000000000..c5e93ddb81 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/create.md @@ -0,0 +1,155 @@ +# Create a Connection Profile + +Follow the steps to create a Connection Profile. + +![Add Connection Profile](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/addconnectionprofile.webp) + +**Step 1 –** Click Add Connection profile at the top of the Connection view. + +![Connection - Add Connection Profile](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/connectionprofilename.webp) + +**Step 2 –** A new profile displays in the list with a generic name. Provide a unique, descriptive +name in the Connection profile name textbox. + +**NOTE:** A good profile name should be chosen so that it does not need to be changed at a later +time. If the profile name is changed after being applied to job groups or jobs, it requires the user +to go back through all of those job groups or jobs and re-apply the Connection Profile. + +![Add User Credential](/img/product_docs/accessanalyzer/11.6/admin/settings/addusercredential.webp) + +**Step 3 –** Now it is time to add credentials to this profile. Click Add User credential and the +User Credentials window opens. + +![User Credentials](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/activedirectoryaccount.webp) + +**Step 4 –** The window options change according to the value for the Selected Account Type field. +Select the appropriate account type and then provide the required information. The account types +are: + +- [Active Directory Account for User Credentials ](/docs/accessanalyzer/11.6/admin/settings/connection/profile/activedirectory.md) +- [Local Windows Account for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/localwindows.md) +- [Unix Account for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/unix.md) +- [SQL Authentication for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/sql.md) +- [Task for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/task.md) +- [Azure Active Directory for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/entraid.md) +- [Dropbox for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/dropbox.md) +- [Web Services (JWT) for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/webservices.md) +- [Oracle for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/oracle.md) +- [Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/exchangemodernauth.md) + +See the individual account type sections for information on the fields. Then click OK. + +![Error Message for Password](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/passworddifferserror.webp) + +**NOTE:** If the entered passwords are not the same, an error message will pop-up after clicking OK +on the User Credentials window. Click OK on the error message and re-type the passwords. + +![User Credentials](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/usercredentialslist.webp) + +**Step 5 –** Repeat Steps 3-4 until the User Credentials list for this profile is complete. + +When Enterprise Auditor authenticates to a target host, it looks at the value of the WindowsDomain +field in the Host Inventory for the target host. It then matches the first credential in the +Connection Profile which matches that domain. If authentication fails, it moves consecutively +through the User Credentials list. It will first match to all credentials listed for target host’s +domain, and then proceed through all other credentials until authentication is successful or there +are no more credentials to try. + +**_RECOMMENDED:_** Limit the User Credentials list to a minimal number per profile, especially when +considering that a successful authentication does not automatically mean that particular credential +has the appropriate level of permissions in order for the data collection to occur. + +![Arrange Priority](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/moveupdown.webp) + +There are Move Up and Move Down buttons for arranging priority within the User Credentials list. + +![Apply local login credentials](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/usewindowsaccountoption.webp) + +**Step 6 –** (Optional): At the bottom of the Connection view, is the Use the Windows account that +Enterprise Auditor runs with before trying the user credentials above option. This option is per +Connection Profile. If checked, Enterprise Auditor applies the local login credentials prior to any +of the credentials saved to the Connection Profile. + +**NOTE:** If a data collector utilizes an applet, this option must be unchecked. + +**Step 7 –** When the user credentials have been added and ordered, click Save and then OK to +confirm the changes to the Connection Profile. + +The new Connection Profile is now visible in the Profile list and available for use at the job group +or job level. + +## Edit User Credentials within a Connection Profile + +Follow the steps to edit user credentials within a Connection Profile. + +![Edit Connection Profile](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/editusercredentials.webp) + +**Step 1 –** Select the Connection Profile to be modified from the Profile list. Remember, changing +the Connection Profile name results in breaking job groups or jobs that are assigned this profile. + +**Step 2 –** Select the user credential to be edited from the User Credentials list. Click Edit. + +![User Credentials](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/selectaccounttype.webp) + +**Step 3 –** Modify the information in the User Credentials window. For the password, choose between +the Use the existing password option or the Specify a new password below option. Click OK. + +**Step 4 –** When the Connection Profile’s user credentials have been edited as desired, click Save +and then OK to confirm the changes to the Connection Profile. + +The edited user credentials are now used for authentication to target hosts for this Connection +Profile. + +## Delete a User Credential from a Connection Profile + +Follow the steps to delete a user credential from a Connection Profile. + +![Delete User Credentials](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteusercredentials.webp) + +**Step 1 –** Select the Connection Profile to be modified from the Profile list. Remember, changing +the Connection Profile name results in breaking job groups or jobs that are assigned this profile. + +**Step 2 –** Select the user credential to be edited from the User Credentials list. Click Delete. + +![Confirmation message for deletion](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteusercredentialsconfirm.webp) + +**Step 3 –** Click OK to confirm the deletion. + +**Step 4 –** The selected credential is no longer visible in the User Credentials list. Click Save +and then OK to confirm the changes to the Connection Profile. + +The deleted user credentials are no longer available for authentication to target hosts for this +Connection Profile. + +## Set a Default Connection Profile + +The default profile is marked with the green checkmark. + +![defaultconnectionprofile](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/defaultconnectionprofile.webp) + +Follow the steps to set a new default Connection Profile. + +![Set a Default Connection Profile](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/setasdefaultconnectionprofile.webp) + +**Step 1 –** Select the desired profile in the Connection Profile list and click Set as default. + +**Step 2 –** The green checkmark moves. Click Save and then OK to confirm the changes. + +This Connection Profile is now used as the default Connection Profile. + +## Delete a Connection Profile + +Follow the steps to delete a Connection Profile. + +![Delete a Connection Profile](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteconnectionprofile.webp) + +**Step 1 –** Select the profile from the Connection Profile list and click Delete. + +![Confirmation message for deletion](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp) + +**Step 2 –** Click OK to confirm the deletion. + +**Step 3 –** The selected profile is no longer visible in the Connection Profiles list. Click Save +and then OK to confirm the changes. + +The deleted Connection Profile is no longer available for authentication to target hosts. diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/dropbox.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/dropbox.md new file mode 100644 index 0000000000..ac08a0e075 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/dropbox.md @@ -0,0 +1,16 @@ +# Dropbox for User Credentials + +The information in this topic applies to **Select Account Type** > **Dropbox** in the User +Credentials window. + +![User Credentials - Dropbox](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/dropbox.webp) + +The required credentials for Dropbox are: + +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Access Token – Copy and paste the access token after it has been generated from the Scan Options + page of the DropboxAccess Data Collector configuration wizard. See the Dropbox for User + Credentials topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/entraid.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/entraid.md new file mode 100644 index 0000000000..98125d9bb0 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/entraid.md @@ -0,0 +1,29 @@ +# Azure Active Directory for User Credentials + +The information in this topic applies to **Select Account Type** > **Azure Active Directory** in the +User Credentials window. This account type is for Microsoft Entra ID, formerly Azure Active +Directory. + +![User Credentials Window - Azure Active Directory](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/entraid.webp) + +The required credentials for this account type are: + +- Client ID – Application (client) ID of the Enterprise Auditor application registered with + Microsoft Entra ID. See the + [Identify the Client ID](/docs/accessanalyzer/11.6/config/entraid/access.md#identify-the-client-id) + topic for additional information. +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Key – The required Key depends on the target environment the Connection Profile is being used for: + + - Entra ID – Client secret value for the Enterprise Auditor application registered with + Microsoft Entra ID. See the + [Generate the Client Secret Key](/docs/accessanalyzer/11.6/config/entraid/access.md#generate-the-client-secret-key) + topic for additional information. + - SharePoint Online – The comma delimited string containing the path to the certificate PFX + file, certificate password, and the Microsoft Entra ID environment identifier ( + `CertPath,CertPassword,AzureEnvironment`). See the + [SharePoint Online Credential for a Connection Profile using Modern Authentication](/docs/accessanalyzer/11.6/admin/datacollector/spaa/configurejob.md#sharepoint-online-credential-for-a-connection-profile-using-modern-authentication)topic + for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/exchangemodernauth.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/exchangemodernauth.md new file mode 100644 index 0000000000..3f1846f191 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/exchangemodernauth.md @@ -0,0 +1,27 @@ +# Exchange Modern Authentication for User Credentials + +The information in this topic applies to **Select Account Type** > **Exchange Modern +Authentication** account type in the User Credentials window. + +![User Credentials - Exchange Modern Authentication ](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/exchangemodernauthentication.webp) + +The values for the required credentials for the Exchange Modern Authentication account are: + +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Organization – The primary domain name of the Microsoft Entra tenant being leveraged to make the + connection. See the + [Identify the Tenant's Name](/docs/accessanalyzer/11.6/config/exchangeonline/access.md#identify-the-tenants-name) + topic for additional information. +- Email Address – The email address for the mailbox to be leveraged in Exchange Online environment + scans. The mailbox must belong to the primary domain used in the Organization field. +- AppID – Application (client) ID of the Enterprise Auditor application registered with Microsoft + Entra ID. See the + [Identify the Client ID](/docs/accessanalyzer/11.6/config/exchangeonline/access.md#identify-the-client-id) + topic for additional information. +- Certificate Thumbprint – The thumbprint value of the certificate uploaded to the Microsoft Entra + ID application. See the + [Upload Self-Signed Certificate](/docs/accessanalyzer/11.6/config/exchangeonline/access.md#upload-self-signed-certificate) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/localwindows.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/localwindows.md new file mode 100644 index 0000000000..5c0bf86fc9 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/localwindows.md @@ -0,0 +1,27 @@ +# Local Windows Account for User Credentials + +The information in this topic applies to **Select Account Type** > **Local Windows Account** in the +User Credentials window. + +![User Credentials - Local Windows Account](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/localwindowsaccount.webp) + +The required credentials for the Local Windows Account are: + +- User name – Type the user name +- Password Storage – Choose the option for credential password storage: + + - Application – Uses the configured Profile Security setting as selected at the **Settings** > + **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information. + - CyberArk – Uses the CyberArk Enterprise Password Vault. See the + [CyberArk Integration](/docs/accessanalyzer/11.6/admin/settings/connection/cyberarkintegration.md) + topic for additional information. The password fields do not apply for CyberArk password + storage. + + **NOTE:** If using the CyberArk option, then the associated Connection Profile can only have + one user credential in it. Multiple user credentials are not supported with the CyberArk + integration when using local Windows accounts. + +- Password – Type the password +- Confirm – Re-type the password diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/oracle.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/oracle.md new file mode 100644 index 0000000000..7c141bd7cf --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/oracle.md @@ -0,0 +1,38 @@ +# Oracle for User Credentials + +The information in this section applies to Select Account Type > Oracle in the User Credentials +window. + +![User Credentials - Oracle](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/oracle.webp) + +The required credentials for Oracle are: + +- Domain – Field options are dependent upon the additional account type option selected: + - Oracle Account – Domain is not a field for this type of credential + - Windows account that Enterprise Auditor is run with – (Domain is not a field for this type of + credential) + - Active Directory – Drop-down menu with available trusted domains displays. Either type the + short domain name in the textbox or select a domain from the menu. +- User name – Type the user name + - This is not a field for the additional account type of Windows account that Enterprise Auditor + is run with is selected +- Password Storage: Application – Uses the configured Profile Security setting as selected at the + **Settings >** **Application** node +- Password – Type the password + - This is not a field for the additional account type of Windows account that Enterprise Auditor + is run with +- Confirm – Re-type the password + - This is not a field for the additional account type of Windows account that Enterprise Auditor + is run with +- Role – Specify an Oracle role, if desired. The drop-down menu provides a list of roles. Either + type the role name in the textbox or select a role from the menu. + - **NOTE:** When using a least privileged model for Oracle, **SYSDBA** must be selected for the + Role. +- Additional Account type – Select radio button of the secondary account type from the list at the + bottom of the window: + - Oracle Account – Use an Oracle account for target host authentication + - Windows account that Enterprise Auditor is run with – Use the account that launched the + Enterprise Auditor application through the run-as security context + - Active Directory – Use an Active Directory account for target host authentication + +Selecting default from the list is the same as leaving the field blank. diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/sql.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/sql.md new file mode 100644 index 0000000000..4636ca4279 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/sql.md @@ -0,0 +1,19 @@ +# SQL Authentication for User Credentials + +This information applies to **Select Account Type** > **SQL Authentication** in the User Credentials +window. + +**NOTE:** SQL Authentication credentials are used in the Connection Profiles for the SQL, MySQL, and +PostgreSQL Solutions. + +![User Credentials - SQL Authentication](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/sqlauthentication.webp) + +The required credentials for SQL Authentication are: + +- User name – Enter user name +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Password – Type the password +- Confirm – Re-type the password diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/task.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/task.md new file mode 100644 index 0000000000..42ec5df539 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/task.md @@ -0,0 +1,20 @@ +# Task for User Credentials + +The information in this section applies to Select Account Type > Task (Local) or Task (Domain) in +the User Credentials window. + +| ![User Credentials - Task (Local)](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/tasklocal.webp) | ![User Credentials - Task (Domain)](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/taskdomain.webp) | +| ------------------------------------------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------- | +| _Task (Local)_ | _Task (Domain)_ | + +The required credentials for Task (Local) and Task (Domain) are: + +- Domain + - Local – Not a field for this type of credential, defaults to `` + - Domain – Drop-down menu with available trusted domains displays. Either type the short domain + name in the textbox or select a domain from the menu. +- User name – Type the user name +- Password Storage: Application – Uses the configured Profile Security setting as selected at the + **Settings > Application** node +- Password – Type the password +- Confirm – Re-type the password diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/unix.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/unix.md new file mode 100644 index 0000000000..cf8a4e3793 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/unix.md @@ -0,0 +1,34 @@ +# Unix Account for User Credentials + +The information in this topic applies to **Select Account Type** > **Unix Account** in the User +Credentials window. + +![User Credentials - Unix](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/unixaccount.webp) + +The required credentials for the Unix Account are: + +- User name – Enter user name +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + topic for additional information.) +- Password/Confirm + + - If not using a private key, enter the **Password** and re-type in the **Confirm** field + - If using a private key, then the password is not needed. Provide the private key information + in the **Use the following private key when connecting** field. + +- Use the following port/ports (CSV) for SSH + + - The SSH port needs to be opened in software and hardware firewalls + - If desired, select this option and provide the port value + +- Use the following private key when connecting + + - This option uses the authentication method of an SSH Private Key + - Supported Key types: + + - Open SSH + - PuTTY Private Key + + - If desired, select this option and provide the key value diff --git a/docs/accessanalyzer/11.6/admin/settings/connection/profile/webservices.md b/docs/accessanalyzer/11.6/admin/settings/connection/profile/webservices.md new file mode 100644 index 0000000000..93695e2add --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/connection/profile/webservices.md @@ -0,0 +1,16 @@ +# Web Services (JWT) for User Credentials + +The information in this section applies to Select Account Type > Web Services (JWT) in the User +Credentials window. + +![User Credentials - Web Services (JWT)](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/webservicesjwt.webp) + +The required credentials for Web Services (JWT) are: + +- User name – (not a field for this type of credential) +- Password Storage: Application – Uses the configured Profile Security setting as selected at the + **Settings > Application** node +- Access Token – Copy and paste the StealthDEFEND App Token after it has been generated within + StealthDEFEND. See the + [FS_DEFEND_SDD Job](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/fs_defend_sdd.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/exchange.md b/docs/accessanalyzer/11.6/admin/settings/exchange.md new file mode 100644 index 0000000000..c70d84b6af --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/exchange.md @@ -0,0 +1,69 @@ +# Exchange + +The Exchange node is for configuring the settings needed to query Microsoft® Exchange Servers. +These settings are exclusive to the Enterprise Auditor for Exchange Solution. + +![Exchange - Set up the connection](/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_1.webp) + +The Exchange node is grayed-out by default. In order for these settings to be enabled, it is +necessary to install both Enterprise Auditor MAPI CDO and Microsoft Exchange MAPI CDO on the +Enterprise Auditor Console server. See the +[StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md) +topic for additional information. + +![exchange_2](/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_2.webp) + +Once the requirements have been met, the Exchange node is enabled for configuration. These settings +are utilized to make MAPI connections to the Exchange Server for the Mailbox, PublicFolder, +Exchange2K, and ExchangePS Data Collectors. The Client Access Server field, or CAS, is also utilized +by the ExchangePS Data Collector in order to make Remote PowerShell connections for Exchange 2010 or +newer. The data collectors apply these settings unless modified inside the job query. + +![Set up the connection](/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_3.webp) + +The three options in the Exchange Connection Setting section at the top of the window are dependent +on which version of Exchange is audited. + +- For Auditing Microsoft Exchange 2007 or Older Versions: + - Select the radio button for System Attendant (2003 & 2007) – The System Attendant Account is + built into Exchange 2007 and older versions and allows Enterprise Auditor to make the + necessary MAPI connections. +- For Auditing Microsoft Exchange 2010 or Newer Versions: + + - Select either of the other two options: + + - Use the mailbox associated with the Windows account that Enterprise Auditor is run with – + This option uses either the account logged into the Enterprise Auditor Console server or + the account set to run the Enterprise Auditor application. + - Exchange Mailbox (2010 and newer) – This option allows an Exchange Mailbox Alias to be + specified for MAPI connections. + + - Enter the Alias name in the textbox. The Alias needs to be an Exchange 2010 or newer + mailbox, not a mail-enabled service account. However, this mailbox does not need + rights on the Exchange Organization; it only needs to reside within it. + + - Enter the name of the physical CAS in the Client Access Server textbox. This server can be + part of an array, but do not enter the name of a CAS Array. This should also be the + Exchange CAS where both Remote PowerShell and Windows Authentication on the PowerShell + Virtual Directory have been enabled. + +**_RECOMMENDED:_** Once the Exchange Connection Settings have been properly configured for the +version of Exchange to be audited, it is strongly recommended that the settings be tested. + +In the Test Exchange Connection Settings section: + +- Enter a Mailbox Server with mailboxes to be audited in the Exchange Server textbox. +- Click the Test Exchange settings link. + + ![Test Exchange Connection Setting](/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_4.webp) + +If the Exchange Connection Settings are correct, an output field opens. At the bottom of the output +field, a mailbox count is stated and a message appears which says, “You have successfully connected +to this Exchange Server.” Click OK. + +![exchange_6](/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_6.webp) + +The Cancel and Save buttons are in the lower-right corner of the Exchange view. These buttons become +enabled when modifications are made to the Exchange global setting. Whenever changes are made at the +global level, click Save and then OK to confirm the changes. Otherwise, click Cancel if no changes +were intended. diff --git a/docs/accessanalyzer/11.6/admin/settings/history.md b/docs/accessanalyzer/11.6/admin/settings/history.md new file mode 100644 index 0000000000..b9ed2969fb --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/history.md @@ -0,0 +1,94 @@ +# History + +The History node is where the history retention of job data and job logs are configured. The setting +specified here at the global level applies to all jobs in the Jobs tree unless specifically changed +at the job group or job level. See the +[History Node](/docs/accessanalyzer/11.6/admin/jobs/group/history.md) +and +[History Tab](/docs/accessanalyzer/11.6/admin/jobs/job/properties/history.md) +topics for additional information. + +![History Global Settings](/img/product_docs/accessanalyzer/11.6/admin/settings/history.webp) + +The Data Retention Period settings are for configuring the job data history retention within the +database. There are three options: + +- Never retain previous job data +- Retain previous job data for [number] [time period] +- Always retain previous job data + +Set the Data Retention Period at the global level to **Never retain previous job data**. This allows +for more control over the quantity of data by applying history retention at the job group or job +level. All jobs run with this default setting only keep the most current record set. + +**CAUTION:** It is important to understand that some pre-configured jobs require history retention +while others do not support it. Changing the history retention settings at the global level can +cause issues with data analysis and reporting on jobs that don't support it. See the relevant job +group and job descriptions for additional information. + +The Diagnostics Retention Period settings determine how long this data is retained for all jobs that +do not have an explicit setting. Setting the retention period for a specific job overrides the +default setting. There are two settings: + +- Logs and Messages + + - Retain previous application logs, job logs, and messages for [number] [time period] – Controls + how long the messages for previous job executions are stored in the SA_Messages table for each + job. Older job execution messages are cleared. + - The default value is 7 Times. With this setting, the messages are stored for the previous + seven job executions. + +- Job Statistics + + - Retain job statistics in database for [number] [time period] – Controls how long job + statistics history is stored within the Enterprise Auditor database in the following two + tables: + + - SA_JobStatsTbl + - SA_JobTaskStatsTbl + + - This setting is only available at the global settings level. The default value is 100 days. + This directly affects each job’s **Status** node. See the + [Status Node](/docs/accessanalyzer/11.6/admin/jobs/job/status.md) + topic for additional information. + +For both the **Logs and Messages** and **Job Statistics** options above: + +- Enter a number in the first textbox and select the desired time period from the drop-down menu in + the second box. Retention can be set to a specific number of **Days**, **Weeks**, **Months**, or + **Times** for both. +- All jobs run with this setting add the newly collected data set or job logs on top of the + previously collected record sets or logs. Any record sets or logs outside the specified historical + retention limit are dropped. + +The **Cancel** and **Save** buttons are in the lower-right corner of the History view. These buttons +become enabled when modifications are made to the History global settings. Whenever changes are made +at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, click +**Cancel** if no changes were intended. + +## Job Data History Retention & Database Size Concerns + +A major concern around job data history retention is the impact it can have on database size. The +following scenario explains a common concern. + +- The **Retain previous application logs, job logs, and message for** or **Retain job statistics in + database for** setting is set to an extended time period and the database size is unmanageable + + - To reduce data retention periods, navigate to the **Settings** > **History** node. Change the + time period to a smaller interval, for example 90 days. Click **Save** and rerun the jobs. + - All of the record sets outside the new retention limit are dropped, and the database size is + back down where it belongs + +## Job Logs + +The job logs are stored within the output folder of each job. They can be read in the Enterprise +Auditor Console within the job’s **Status** > **Messages** table. To access the logs within the +job’s directory, right-click on the job’s node in the Navigation pane and select **Explore Folder**. + +![Job Logs in the job's Output folder in File Explorer](/img/product_docs/accessanalyzer/11.6/admin/settings/historyjoblogs.webp) + +The most recent log is open. Older jobs are stored as zip files, according to the Log Retention +Period setting. Each log is named in the following format: + +- Open/Latest Log Name – `[Jobname]_Log.tsv` +- Older/Zipped Log Name – `[Jobname]_Log_[Date]_[Time].zip` diff --git a/docs/accessanalyzer/11.6/admin/settings/hostdiscovery.md b/docs/accessanalyzer/11.6/admin/settings/hostdiscovery.md new file mode 100644 index 0000000000..cf1c04d675 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/hostdiscovery.md @@ -0,0 +1,63 @@ +# Host Discovery + +The Host Discovery node is for configuring the settings which dictate how Enterprise Auditor handles +newly discovered hosts, what information is logged during the host discovery process, and how long +the logged information is stored. + +![Host Discovery page](/img/product_docs/accessanalyzer/11.6/admin/settings/hostdiscovery.webp) + +In the Host Discovery Options section at the top is a checkbox for the **Perform the first inventory +right away for newly discovered hosts** option. This option is selected by default. + +- If selected, Enterprise Auditor retrieves information about a host as soon as it is discovered +- If deselected, the host inventory information can be obtained later according to the Host + Inventory node options + +The configurable options in the Discovery Log section are: + +- Retention period – Determines how long the Host Discovery query log is kept. This is set by + default to 14 days which is based on average Enterprise Auditor usage. +- Log level – Determines what information is stored in the Host Discover query log + +![Log level options](/img/product_docs/accessanalyzer/11.6/admin/settings/hostdiscoveryloglevels.webp) + +The log levels are: + +- Debug – Records everything that happens during the host discovery process, most verbose level of + logging + + - Records all Info level information + - If files are referenced or updated during the process of running the query then the path to + the affected file is shown + - Helps [Netwrix Support](https://www.netwrix.com/support.html) to assist in diagnosing issues + which may be causing host inventories to fail + - Creates the largest file + +- Info – Records information on the steps which occur during the host discovery process, in addition + to warnings and errors + + - Records all Warning level information + - Records start actions of each query + - Records end actions of each query + +- Warning – Records all warnings which occur during the host discovery process + + - Records all Error level information + - When Enterprise Auditor encounters a host which only grants partial access + - When Enterprise Auditor encounters something which allows for only partial data gathering + - When Enterprise Auditor encounters something which causes it to produce a larger log file + +- Error – Records all errors which occur during the host discovery process + + **_RECOMMENDED:_** Set the Log Level to Error. The default setting is Info, but it is + recommended that the setting for daily use be set to Error. The other log levels are designed to + assist with troubleshooting host discovery and host inventory issues. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Host Discovery view. These +buttons become enabled when modifications are made to the Host Discovery global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +![Host Discovery Log under Host Discovery node](/img/product_docs/accessanalyzer/11.6/admin/settings/hostdiscoverylog.webp) + +The Host Discovery Log is located under the **Host Discovery** node. diff --git a/docs/accessanalyzer/11.6/admin/settings/hostinventory.md b/docs/accessanalyzer/11.6/admin/settings/hostinventory.md new file mode 100644 index 0000000000..96b64805cc --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/hostinventory.md @@ -0,0 +1,168 @@ +# Host Inventory + +The Host Inventory node is for selecting what information to collect from the target host during the +host inventory process, for allocating console resources to the host inventory process, and for +setting what out-of-the box host lists are visible in the Host Management node. + +![Host Inventory Settings page](/img/product_docs/accessanalyzer/11.6/admin/settings/hostinventory.webp) + +In the Inventory Items section, there are four program property groups: + +- Operating System – Includes 7 Items +- Application – Includes 7 Items +- Network – Includes 6 Items +- Hardware – Includes 4 Items + +Each of these groups brings back the properties enumerated in the list below the group title. These +collected properties correspond to the columns in the Host Management tables. Deselecting a checkbox +prevents that information from being collected for target hosts. However, some solutions require +this information. + +**_RECOMMENDED:_** Leave the default setting of all the groups selected. Consult with +[Netwrix Support](https://www.netwrix.com/support.html) prior to turning off any of these property +groups. + +In the Performance Tuning section, there are five settings which allocate console resources to the +host inventory process: + +- Threads – Indicates the number of job threads that are employed during the host inventory process + + - The default setting is 20 Threads + - Maximum thread count is 100. Thread count will revert back to 100 if values over 100 are + entered. + - Restart Enterprise Auditor if thread count is changed for changes to take place + +- Thread timeout [in seconds] – Indicates the time a thread will spend in retrieving information + from a host + + - Default setting is 1200 seconds + - If thread cannot receive an active response from target host, the thread will move on to the + next host in the queue + +- Stop on Failed Ping – If the Stop on Failed Ping checkbox is selected, hosts that do not respond + to pings are not queried. Otherwise, hosts will be queried regardless. +- PING timeout [in seconds] – Indicates the time a thread will spend pinging a host + + - Default setting is 4 seconds + - If thread cannot connect with a host, the host will be designated as being offline and the + thread will move on to the next host in the queue + +- Only refresh inventory items older than [time selected] – Indicates the time that needs to pass + before the host inventory process is automatically refreshed + + - Default setting is 60 days + - The number textbox has a five-character limit + - The drop-down menu includes the time-units of: + + - Hours + - Days + - Weeks + - Months + + - This setting affects the Inventory page options on the Host Discovery Wizard. See the + [Host Discovery Wizard](/docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/overview.md) + topic for additional information. + +The Desired Host List Views section at the bottom contains all available host lists, both +out-of-the-box lists and custom-created lists. There are seven Default Hosts Lists which correspond +to the solutions that target them. During the host inventory process, hosts which meet the filter +criteria for these default lists are automatically populated into that host list. A checkmark in +front of the host list indicates that the list is visible in the **Host Management** > **All Hosts** +node. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Host Inventory view. These +buttons become enabled when modifications are made to the Host Inventory global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +## Default Host Lists + +The seven default lists are auto-populated during the host inventory process based on specific +filter criteria. These lists correspond to the pre-configured solution jobs which target them. + +### AD Host List + +The **AD** Host List can be expanded and contains five sub-groups utilized by the Active Directory +Solution and the Active Directory Inventory Solution: + +![AD Host List](/img/product_docs/accessanalyzer/11.6/admin/settings/ad.webp) + +The sub-groups are: + +- ALL DNS SERVERS +- ALL DOMAIN CONTROLLERS +- ALL GLOBAL CATALOG SERVERS +- ONE DOMAIN CONTROLLER PER DOMAIN +- ONE GLOBAL CATALOG SERVER PER DOMAIN + +### ALL WINDOWS HOSTS Host List + +The **ALL WINDOWS HOSTS** Host List is utilized primarily by the Windows Solution. + +![ALL WINDOWS HOSTS Host List](/img/product_docs/accessanalyzer/11.6/admin/settings/allwindowshosts.webp) + +There are no sub-groups for ALL WINDOWS HOSTS. + +### DG Host List + +The **DG** Host List can be expanded and contains three sub-groups utilized by the Data Access +Governance for File System Solution. + +![DG Host List](/img/product_docs/accessanalyzer/11.6/admin/settings/dg.webp) + +The sub-groups are: + +- ALL CELERA SERVERS +- ALL INTERNET INFORMATION SERVERS +- ALL NETAPP SERVERS + +### EXCHANGE Host List + +The **EXCHANGE** Host List can be expanded and contains six sub-groups utilized by the Exchange +Solution. Four of these sub-groups can also be expand. + +![EXCHANGE Host List](/img/versioned_docs/directorymanager_11.0/directorymanager/configureentraid/register/exchange.webp) + +The sub-groups are: + +- EXCHANGE GENERAL + + - ALL EXCHANGE SERVERS (ACTIVE HOSTS) + - ALL EXCHANGE SERVERS (ALL HOSTS) + - EXCHANGE CAS SERVERS + - EXCHANGE HUB SERVERS + - EXCHANGE MB SERVERS + +- EXCHANGE 2016 + +### SQL Servers Host List + +The **SQL SERVERS** Host List is utilized primarily by the SQL Solution. + +![SQL Servers Host List](/img/product_docs/accessanalyzer/11.6/admin/settings/sqlservers.webp) + +There are no sub-groups for SQL SERVERS. + +### Windows Server Host List + +The **Windows Server** Host List can be expanded and contains three sub-groups utilized by the +Windows Solution. + +![Windows Server Host List](/img/product_docs/accessanalyzer/11.6/admin/settings/windowsserver.webp) + +The sub-groups are: + +- ALL WINDOWS SERVERS (ACTIVE HOSTS) +- ALL WINDOWS SERVERS (ALL HOSTS) +- ALL WINDOWS SERVERS (NO DCS) + +### Work Station Host List + +The **Work Station** Host List can be expanded and contains one sub-group utilized by the Windows +Solution. + +![Work Station Host List](/img/product_docs/accessanalyzer/11.6/admin/settings/workstation.webp) + +The single sub-group is: + +- ALL WINDOWS WORKSTATIONS diff --git a/docs/accessanalyzer/11.6/admin/settings/notification.md b/docs/accessanalyzer/11.6/admin/settings/notification.md new file mode 100644 index 0000000000..2e16b7457f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/notification.md @@ -0,0 +1,115 @@ +# Notification + +The Notification node is where email notifications are configured. Emails can be sent from the +Enterprise Auditor Console for a variety of purposes: reports on collected data, change detection +alerts, conformance analysis notification, and more. + +![Global Settings Notification page](/img/product_docs/accessanalyzer/11.6/admin/settings/notification.webp) + +To enable notifications from the Enterprise Auditor Console, a mail server must be configured for +Enterprise Auditor to employ for sending emails. + +Enterprise Auditor supports authentication and encryption when sending email notifications. +Notifications can be configured based on the requirements of an organizations mail environment. + +Enable Enterprise Auditor notifications by configuring the Mail Server and Sender Information. It is +recommended to send a test email to yourself after initial configuration to ensure proper settings. +See the [Test Notification Settings](#test-notification-settings) topic for additional information. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Notification view. These +buttons become enabled when modifications are made to the Notification global setting. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +## Configure SMTP Server Information + +The Mail Server section at the top of the page is where an organization’s SMTP Server information is +provided. + +![Mail Server settings on Notification page](/img/product_docs/accessanalyzer/11.6/admin/settings/server.webp) + +Provide the following information to enable notifications from Enterprise Auditor. + +**NOTE:** Check with your Messaging Team if you are unsure of this information. + +- Mail Server – Enter the organization’s SMTP Server name +- Encryption – Allows Enterprise Auditor users to enable notification encryption according to the + supported protocol on the configured SMTP Server. The default setting is **No Encryption**. Select + an encryption method: + - No Encryption + - Encryption + - Encryption, Ignore Certificate Error +- Port – Enter the SMTP Server port number. The default port setting changes based on the selected + Encryption Option: + - For the **No Encryption** option, the default port is 25, since this is common for most SMTP + Servers + - For the **Encryption** and **Encryption, Ignore Certificate Error** options, the default port + is 587 + +### Notification Authentication Credentials + +If the SMTP Server requires authentication, select the **My Mail Server requires authentication** +checkbox and provide the necessary credentials in the User name and Password boxes. + +#### Update Notification Authentication Credentials + +**Step 1 –** In the My Mail server requires authentication section, enter a new **Password** for the +account. + +**Step 2 –** Click **Save**. + +The credentials for Mail Server authentication account have been updated and committed to the +Console. + +## Sender Information + +The Sender Information section is where the sender information is provided. + +![Sender Information section on Notification page](/img/product_docs/accessanalyzer/11.6/admin/settings/senderinformation.webp) + +Configure the sender information for all Enterprise Auditor notifications. Since this is a global +settings, any recipients configured at this level receive all notifications sent from Enterprise +Auditor, and are sent to this recipient list unless inheritance is broken at the job group or job +level. + +- Sender Name – Name displayed in the sent from field of the email +- Sender Address – Sender’s email address. This does not have to be a real email address, unless + required by the organization. It can be something as simple as `accessanalyzer@yourdomain.com`. + +## Email Content + +The Email Content section is where the recipient information is provided. + +![Email Content section on Notification page](/img/product_docs/accessanalyzer/11.6/admin/settings/emailcontent.webp) + +- To / CC / BCC – Enter the email addresses for the recipients of the email notifications. Use a + semicolon (;) to separate multiple recipients. + - Recipients listed at this global level receive all email notifications sent by Enterprise + Auditor unless inheritance is broken at the job group or job levels + +## Test Notification Settings + +Once the global **Notification** settings have been configured, it is recommended to send a test +email to ensure proper configuration. This verifies all settings are correct and email is received +as expected. + +![Test Email Settings button](/img/product_docs/accessanalyzer/11.6/admin/settings/test.webp) + +The Test Email Settings button sends a test email to the recipient list. It is recommended that you +test by sending an email to yourself. Once all Notification settings are configured, click the +**Test Email Settings** button. + +![Test email sent successfully message](/img/product_docs/accessanalyzer/11.6/admin/settings/testsuccess.webp) + +A message displays stating that the test e-mail was sent successfully. + +![Test email error message example](/img/product_docs/accessanalyzer/11.6/admin/settings/testerror.webp) + +**NOTE:** If there are any problems with the information, an error message will appear during the +Test Email settings process. Correct the Notification settings until the test email is sent +successfully. + +![Netwrix Enterprise Auditor test e-mail](/img/product_docs/accessanalyzer/11.6/admin/settings/testemail.webp) + +This email is sent to all recipients when the **Test Email settings** link is clicked. When the +Notification settings are configured, click **Save** and then **Ok** to complete the configuration. diff --git a/docs/accessanalyzer/11.6/admin/settings/overview.md b/docs/accessanalyzer/11.6/admin/settings/overview.md new file mode 100644 index 0000000000..b70c171f90 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/overview.md @@ -0,0 +1,83 @@ +# Global Settings + +The global settings have an overall impact on the running ofEnterprise Auditor jobs. Settings are +inherited through a parent-child structure from the Settings node through the Jobs tree to the +individual jobs unless inheritance is broken by direct assignment at either the job group or the +individual job level. + +![Configuration Settings](/img/product_docs/accessanalyzer/11.6/admin/settings/globalsettings.webp) + +Some of these settings are configured during the initial launching of theEnterprise Auditor Console. +Others are configured as desired by the end-user. Expand the Settings node in the Navigation pane to +select a global setting to configure: + +- [Access](/docs/accessanalyzer/11.6/admin/settings/access/overview.md) + - Configure what applications users, and groups have access to Enterprise Auditor + - Configure Role Based Access control of Enterprise Auditor and the Web Console + - Configure REST API +- [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + - Configure the Enterprise Auditor application logging level + - Configure profile security + - Configure options to connecting to host targets + - Configure grid view parameters for data tables and views + - Configure database cleanup options + - Configure the Enterprise Auditor application’s exit options +- [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + - Optional configuration during the initial launch, but required for host inventory query + execution and job execution + - Provide credential sets with adequate permissions to remotely contact and gather information + from target hosts + - Creating a Connection Profile requires credentials with appropriate levels of permissions + according to the data collector being used +- [Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) + - Required for auditing an organization’s Exchange environment + - Only enabled for configuration once the Enterprise Auditor for Exchange Solution prerequisites + are installed + - Configure Microsoft Exchange server connections and requires Exchange server versions and + names + - The ExchangeMailbox, Exchange2K, ExchangePS, and ExchangePublicFolder Data Collectors utilize + these global settings +- [History](/docs/accessanalyzer/11.6/admin/settings/history.md) + - Configure job data retention period settings + - Configure diagnostics retention period settings +- [Host Discovery](/docs/accessanalyzer/11.6/admin/settings/hostdiscovery.md) + - Configure host discovery settings + - Configure discovery log settings +- [Host Inventory](/docs/accessanalyzer/11.6/admin/settings/hostinventory.md) + - Configure inventory items, performance tuning, and desired host list views +- [Notification](/docs/accessanalyzer/11.6/admin/settings/notification.md) + - Required for the Enterprise Auditor application to send email + - Provide SMTP server information and sender information + - Configuration requires an organization’s SMTP server name and authentication credentials (if + applicable) + - Encryption Options can be configured +- [Reporting](/docs/accessanalyzer/11.6/admin/settings/reporting.md) + - Required for report publishing + - Configure settings for publishing reports outside of the Enterprise Auditor Console (e.g. + distribution via email, posting to an internal share, or posting to the Report Index) + - Use information to configure accessing published reports via the Web Console +- [Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) + - Optional configuration during the initial launch if Windows authentication is used with the + Storage Profile + - Required in order to schedule host inventory, job, analysis task, and action task execution + - Provide credentials used against the Enterprise Auditor Console server to execute scheduled + jobs with the Windows Task Scheduler + - Creating a Schedule Service Account requires credentials on the Enterprise Auditor Console + server + - Multiple Schedule Service Accounts can be configured +- [Sensitive Data](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md) + - Flag locations which are known to contain false positive criteria matches to be filtered out + of Sensitive Data Discovery reports +- [ServiceNow](/docs/accessanalyzer/11.6/admin/settings/servicenow.md) + - Required for integration between Enterprise Auditor and ServiceNow® + - Configure the ServiceNow Action Module authentication credentials + - Configuration requires an organization’s ServiceNow instance name and authentication + credentials +- [Storage](/docs/accessanalyzer/11.6/admin/settings/storage/overview.md) + - Required configuration during the initial launch + - Create profiles for storing output data from queries + - Creating a Storage Profiles requires Microsoft® SQL® Server information + +See the +[Getting Started](/docs/accessanalyzer/11.6/gettingstarted.md) topic +for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/reporting.md b/docs/accessanalyzer/11.6/admin/settings/reporting.md new file mode 100644 index 0000000000..dec4cdff4b --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/reporting.md @@ -0,0 +1,117 @@ +# Reporting + +The Reporting node is for configuring the global settings for publishing Enterprise Auditor reports. +The Web Console is where any reports which have been published can be viewed outside of the +Enterprise Auditor Console. The Web Console provides a consolidated logon housing both the published +reports and the AIC (when applicable). + +![Global Settings Reporting page](/img/product_docs/accessanalyzer/11.6/admin/settings/reporting.webp) + +The publishing of reports can be disabled at the global level by selecting **Do not publish +reports** from the Publish Option drop-down menu. It can also be disabled at the job group, job, or +report configuration level. See the +[Jobs Tree](/docs/accessanalyzer/11.6/admin/jobs/overview.md) topic +for additional information. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Reporting view. These +buttons become enabled when modifications are made to the Reporting global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +## Website URL + +The Website URL field contains address for the hosted website, the Web Console, where the published +reports reside. + +![Website URL on Global Settings Reporting page](/img/product_docs/accessanalyzer/11.6/admin/settings/websiteurl.webp) + +The default address is: + +http://[Fully Qualified Domain Name of the Enterprise Auditor Console server]:8082 + +This link is used to access the Web Console, and it is used for the web link in an emailed report. +The protocol and port number may need to be modified to align with the organization’s environment, +but it must match the information in the website’s configuration file. If the Web Console has been +secured, this address must be manually updated: + +https://[Fully Qualified Domain Name of the StealthAUDIT Console server]:[Port Number] + +**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See +the +[Configure JavaScript Settings for the Web Console](#configure-javascript-settings-for-the-web-console) +topic for additional information. + +## Publish Option + +The Publish Option allows you to enable or disable the publishing of reports at the global level. + +![Publish Option on Global Settings Reporting page](/img/product_docs/accessanalyzer/11.6/admin/settings/publish.webp) + +Select the **Publish reports** option to publish all Enterprise Auditor reports or select **Do not +publish reports** to disable the publishing. The inheritance of this setting can be broken at the +job group, job, or report levels. + +### Email Report Options + +Configure email reports sent out by Enterprise Auditor using the Email Report options. + +![Email options on Global Settings Reporting page](/img/product_docs/accessanalyzer/11.6/admin/settings/email.webp) + +The **E-mail reports** checkbox enables recipients to receive all published reports, unless +inheritance is broken at the job group, job, or report level. Separate multiple recipients with a +semicolon. If commas are used as delimiters for email addresses, they will be converted into +semicolons when the settings are saved. + +**_RECOMMENDED:_** Configure email reporting at a specific level to ensure recipients only receive +reports which apply to them. + +**NOTE:** Email reports does not work unless Enterprise Auditor has been configured to send email +notifications through the **Notification** node. See the +[Notification](/docs/accessanalyzer/11.6/admin/settings/notification.md) +topic for additional information. + +The **Do Not Email Report If Blank** checkbox prevents reports from being sent via email if all +elements are blank when generated. A blank report can occur if there is an error in data collection +or if the report is configured for data which might not always be present (for example, new computer +objects created since last scan). + +**_RECOMMENDED:_** Enable the **Do Not Email Report If Blank** option. + +The report can be sent using the desired **Email Content** option: + +- Web Link – Sends an email notice that the report has been published and provides the recipient + with a link to it in the Web console +- Embedded HTML – Sends the report embedded inside the email using HTML format +- Data Tables as CSV (No Charts) – Attaches the complete data set (as configured within the report, + without row limit) to an email as a CSV file, excluding any charts +- PDF – Attaches the report to an email as a PDF file + +The **Subject(Prefix)** field identifies the prefix of the email subject line, unless inheritance is +broken at the job group, job, or report level. The prefix appears in the email header preceding the +report name. If left blank, Enterprise Auditor applies a prefix of `Enterprise Auditor Report` to +the email subject line. + +## Configure JavaScript Settings for the Web Console + +Any browser used to access the Web Console must have JavaScript allowed for all features of the Web +Console to function correctly. If the JavaScript permission is not set as allowed for the entire +browser, you must add the Web Console as an allowed site. + +Follow the steps to allow JavaScript on the Web Console in Microsoft Edge. + +**Step 1 –** Open Microsoft Edge Settings. + +![javascriptsitepermissions](/img/product_docs/accessanalyzer/11.6/admin/settings/javascriptsitepermissions.webp) + +**Step 2 –** Go to the **Cookies and site permissions** settings page, and click **JavaScript** +under All permissions. + +![javascriptsettings](/img/product_docs/accessanalyzer/11.6/admin/settings/javascriptsettings.webp) + +**Step 3 –** Click **Add** in the Allow section. On the Add a site window, enter the URL for the Web +Console and click **Add**. + +**NOTE:** If the global Allowed option is selected, you do not need to specifically add the Web +Console as an allowed site. + +The Web Console's URL is added to the Allow list and JavaScript is enabled for the Web Console. diff --git a/docs/accessanalyzer/11.6/admin/settings/schedule.md b/docs/accessanalyzer/11.6/admin/settings/schedule.md new file mode 100644 index 0000000000..7f53915c23 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/schedule.md @@ -0,0 +1,228 @@ +# Schedule + +The Schedule node contains objects referred to as Schedule Service Accounts. A Schedule Service +Account is used to run scheduled tasks on the Enterprise Auditor Console server. + +![Schedule node](/img/product_docs/accessanalyzer/11.6/admin/settings/schedule.webp) + +Jobs can be executed manually as desired or scheduled to execute at designated times. For example, +you could schedule a job to run during hours when the office is closed and network traffic is low. +Windows uses the Schedule Service Account to access the task folders when launching scheduled tasks. +Schedule Service Accounts are configured at the global level, and this account can be used to +schedule jobs in the Schedule Wizard. See the +[Schedules](/docs/accessanalyzer/11.6/admin/schedule/overview.md) +topic for additional information. + +**CAUTION:** On Windows 2016 servers, the Schedule Service Account cannot be signed into an active +session when the time comes for a scheduled task to start. Windows blocks the starting or running of +scheduled tasks using an account that is logged into the server. + +Password Storage Options + +The password for the credential provided can be stored in the Enterprise Auditor application or the +Enterprise Auditor Vault. + +Choosing between the Enterprise Auditor application and Enterprise Auditor Vault is a global setting +configured in the **Settings** > **Application** node. See the +[Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) +topic for additional information. + +Permissions + +Regardless of the account type, any account used to schedule tasks must have credentials with at +least the following to meet Least Privileged specifications: + +- Create Files/Write Data rights on the following Task folders: + + - Windows Task folder + - System 32 Task folder + - Member of **Log on as a Batch Job** local policy + + Otherwise, credentials must have local Administrator privileges on the Enterprise Auditor + Console server. + +- The following NTFS permissions for **Subfolders and Files Only** in the Enterprise Auditor + Directory: + + - Create Files/Write Data + - Create Folders/Append Data + - Write Attributes + - Write Extended Attributes + +- To configure Least Privilege Model Schedule Service Accounts when Role Based Access is enabled, + see the + [Role Based Access](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md) + topic for additional information +- If using Windows authentication for the Storage Profile, the Schedule Service Account must have a + sufficient level of rights to connect to and interact with the Enterprise Auditor database. See + the + [Storage](/docs/accessanalyzer/11.6/admin/settings/storage/overview.md) + topic for additional information. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Schedule view. These +buttons become enabled when modifications are made to the Schedule global settings. Whenever changes +are made at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, +click **Cancel** if no changes were intended. + +The Enterprise Auditor vault provides enhanced security through enhanced encryption to various +credentials stored by the Enterprise Auditor application. See the +[Vault](/docs/accessanalyzer/11.6/admin/settings/application/vault.md) +topic for additional information. + +## Schedule Service Account Types + +There are two types of accounts that can be used to configure the Schedule Service Account. + +![serviceaccounttypes](/img/product_docs/accessanalyzer/11.6/admin/settings/serviceaccounttypes.webp) + +Use one of the following options for the Schedule Service Account: + +- Use the local system account to schedule tasks – This option applies the credentials logged into + the Enterprise Auditor Console server + + - Credentials must have privileges sufficient for scheduling tasks on the Enterprise Auditor + Console server. If not, scheduled tasks fail to start. + - This option cannot be edited or deleted + +- User-supplied credentials – Provide credentials for a specific account with sufficient rights to + schedule tasks on the Enterprise Auditor Console server + + - The account can be either a domain account or a local Windows account + - A local Windows account is a specific account and not the default local system account + +_Remember,_ the Schedule Service Account cannot be signed into an active session on the Enterprise +Auditor Console server when the time comes for a scheduled task to start when it has a Windows 2016 +operating system. + +## Create a Schedule Service Account + +Follow the steps to create a Schedule Service Account. + +_Remember,_ the Schedule Service Account cannot be signed into an active session on the Enterprise +Auditor Console server when the time comes for a scheduled task to start when it has a Windows 2016 +operating system. + +![Add User credential option in the Schedule view](/img/product_docs/accessanalyzer/11.6/admin/settings/addusercredential.webp) + +**Step 1 –** Click **Add User credential** at the top of the Schedule view. The User Credentials +window opens. + +![User Credentials window](/img/product_docs/accessanalyzer/11.6/admin/settings/usercredentialswindow.webp) + +**Step 2 –** The window options change according to the value for the **Selected Account Type** +field. Select the appropriate account type and then provide the required information. The account +types are: + +- Active Directory Account – Use this option to specify a domain account + + - Domain – Auto-filled with the domain where the Enterprise Auditor Console server resides, + change by typing the domain name in the textbox or select a domain from the menu + - User name – Provide a domain account user name + - Password Storage – Choose the option for credential password storage: + + - Application – Uses Enterprise Auditor’s configured Profile Security setting as selected at + the **Settings** > **Application** node + - Managed Service Account – Use previously configured MSA and gMSAs for authentication. The + password fields are not applicable when this option is selected. See the + [Group Managed Service Accounts (gMSA) Configuration](/docs/accessanalyzer/11.6/admin/settings/connection/gmsa.md) + topic for additional information. + + - Password – Type the password + - Confirm – Re-type the password + +- Local Account – Use this option to specify a local account for the Enterprise Auditor Console + server + + - User name – Provide the local account user name + - Password Storage – Choose the option for credential password storage: + + - Application – Uses Enterprise Auditor’s configured Profile Security setting as selected at + the **Settings** > **Application** node + + - Password – Type the password + - Confirm – Re-type the password + +**Step 3 –** Click **OK** and the credentials are verified. If there are no problems with the +provided credentials, the User Credentials window closes. Otherwise, one of the following error +messages might appear: + +- Passwords Do Not Match Error + + ![Passwords Do Not Match Error](/img/product_docs/accessanalyzer/11.6/admin/settings/passwordsdontmatch.webp) + + - This error indicates the two password entries do not match. Click **OK** and reenter the + passwords. + +- Bad User Name or Password Error + + ![Bad User Name or Password Error](/img/product_docs/accessanalyzer/11.6/admin/settings/incorrectlogondetails.webp) + + - This error indicates either the user account does not exist or the username and password do + not match. Click **OK** and reenter the information. + +- Insufficient Rights Error + + ![Insufficient Rights Error](/img/product_docs/accessanalyzer/11.6/admin/settings/insufficientrights.webp) + + - This error indicates the account supplied does not have sufficient rights to create and run + scheduled tasks. Click **OK** and provide credentials with sufficient rights. + +- GPO Network Security Error + + ![GPO Network Security Error](/img/product_docs/accessanalyzer/11.6/admin/settings/gponetworksecurity.webp) + + - This error indicates that the GPO Network Security settings are configured to not allow + storage of passwords and credentials for network authentication. Click OK. Disable the + domain’s GPO Network Security settings or exempt the Enterprise Auditor Server from GPO. + - This error will also appear when trying to schedule a task using the domain’s Schedule Service + Account where GPO Network Security is set to not allow storage of passwords and credentials + for network authentication + +**Step 4 –** The credential information appears in the User Credentials table. Click **Save** and +then **OK** to confirm the changes. To ensure these credentials take effect, exit and restart the +Enterprise Auditor application before scheduling any tasks. + +Enterprise Auditor can now schedule tasks with this Scheduled Service Account. + +## Edit a Schedule Service Account + +Follow the steps to edit a Schedule Service Account credentials. + +_Remember,_ the Schedule Service Account cannot be signed into an active session on the Enterprise +Auditor Console server when the time comes for a scheduled task to start when it has a Windows 2016 +operating system. + +![Edit option in the Schedule view](/img/product_docs/accessanalyzer/11.6/admin/settings/edit.webp) + +**Step 1 –** Select a credential from the User Credentials list and click on **Edit**. The User +Credentials window opens. + +**Step 2 –** Modify the credential information as needed. See Step 2 of the +[Create a Schedule Service Account](#create-a-schedule-service-account) topic for additional +information. + +**Step 3 –** Click **OK** and the credentials will be verified. If there are no problems with the +provided credentials, the User Credentials window closes. + +Enterprise Auditor can now schedule tasks with this Scheduled Service Account. + +## Delete a Schedule Service Account + +Follow the steps to delete a Schedule Service Account. + +![Delete option in the Schedule view](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/delete.webp) + +**Step 1 –** Select the credential from the User Credentials list and click **Delete**. The Delete +Credentials confirmation window appears. + +![Delete Credentials confirmation window](/img/product_docs/accessanalyzer/11.6/admin/settings/deletecredentials.webp) + +**Step 2 –** Click **OK** to confirm the deletion or **Cancel** to exit the deletion process. + +**Step 3 –** The User Credentials list now reflects the absence of the deleted Schedule Service +Account. Click **Save** and then **OK** to confirm the changes. To ensure these changes take effect, +exit and restart the Enterprise Auditor application. + +If all Schedule Service Accounts are removed and only the local System account remains, Enterprise +Auditor cannot create or run scheduled tasks unless the local system account has adequate +permissions. diff --git a/docs/accessanalyzer/11.6/admin/settings/sensitivedata/criteria.md b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/criteria.md new file mode 100644 index 0000000000..4400818e54 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/criteria.md @@ -0,0 +1,43 @@ +# Criteria Tab + +Configure the list of selected sensitive data criteria that will be used within sensitive data scan +jobs using the Criteria Tab. + +![Sensitive Data Criteria tab](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/criteriatab.webp) + +The options on the Criteria Tab are: + +- Add – Opens the Select Criteria window to add search criteria that will be inherited by Sensitive + Data scan jobs. See the [Select Criteria Window](#select-criteria-window) topic for additional + information. +- Remove – Removes the selected criteria from being inherited by Sensitive Data scan jobs +- Launch Editor – Opens the Sensitive Data Criteria Editor. See the + [Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md) + for additional information. +- Search selected criteria – Filter the criteria listed in the Criteria tab + +The **Cancel** and **Save** buttons are in the lower-right corner of the Sensitive Data view. These +buttons become enabled when modifications are made to the Sensitive Data global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +## Select Criteria Window + +Follow the steps to add Search Criteria for Sensitive Data scan jobs. + +![Add criteria](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/addcriteria.webp) + +**Step 1 –** Click **Add** to open the Select Criteria window. + +![Select Criteria window](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/selectcriteria.webp) + +**Step 2 –** Select the checkbox to select the criteria. Use the **Search Criteria** text field to +filter the list using keywords or expand each category to view and select individual Sensitive Data +search criteria. + +**Step 3 –** Click **OK** to confirm changes. The Select Criteria window closes. + +**Step 4 –** Click **Save** on the Sensitive Data view to save changes. + +The selected Search Criteria are now inherited by Sensitive Data scan jobs that are set to use +global sensitive data criteria settings. diff --git a/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/add.md b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/add.md new file mode 100644 index 0000000000..09868a275f --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/add.md @@ -0,0 +1,24 @@ +# Adding False Positive Exclusion Filters + +Follow the steps to add a False Positive Exclusion Filter. + +![Add Filter on False Positives tab](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/addfilter.webp) + +**Step 1 –** Click **Add Filter** to open the Add False Positive Exclusion Filter window. + +![Add False Positive Exclusion Filter window](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp) + +**Step 2 –** Enter the **File Path** according to the type of format for the repository. + +**Step 3 –** Indicate the type of repository by selecting either **File System** or **SharePoint** +from the **Source** drop-down menu. + +**Step 4 –** Select the required criteria from the list by selecting the relevant checkboxes. You +can use the **Search Criteria** textbox to filter the list by keywords. + +**Step 5 –** Click **OK** to add the filter to the False Criteria list. The Add False Positive +Exclusion Filter window closes. + +**Step 6 –** Click **Save** on the Sensitive Data view to save changes. + +The false positive exclusion filter is now applied to Sensitive Data reports. diff --git a/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/delete.md b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/delete.md new file mode 100644 index 0000000000..f7ff690637 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/delete.md @@ -0,0 +1,11 @@ +# Deleting False Positive Exclusion Filters + +Follow the steps to delete a False Positive Exclusion Filter. + +![Delete Filter on False Positives tab](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/deletefilter.webp) + +**Step 1 –** Select a filter from the list and click **Delete Filter**. + +**Step 2 –** Click **Save** on the Sensitive Data view to save changes. + +The false positive exclusion filter has been successfully deleted. diff --git a/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/edit.md b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/edit.md new file mode 100644 index 0000000000..36e2c5926c --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/edit.md @@ -0,0 +1,18 @@ +# Editing False Positive Exclusion Filters + +Follow the steps to edit a False Positive Exclusion Filter. + +![Edit Filter on False Positives tab](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/editfilter.webp) + +**Step 1 –** Click **Edit Filter** to open the Edit False Positive Exclusion Filter window. + +![Edit False Positive Exclusion Filter window](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp) + +**Step 2 –** Make modifications to the File Path, Source type, and Search Criteria. + +**Step 3 –** Click **OK** to confirm changes. The Edit False Positive Exclusion Filter window +closes. + +**Step 4 –** Click **Save** on the Sensitive Data view to save changes. + +The false positive exclusion filter has been successfully edited. diff --git a/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/export.md b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/export.md new file mode 100644 index 0000000000..755e5fa7aa --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/export.md @@ -0,0 +1,15 @@ +# Exporting False Positive Exclusion Filters + +Follow the steps to export selected False Positive Exclusion Filters into a TXT file. + +![Export on False Positives tab](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/exportfilter.webp) + +**Step 1 –** Select the false positive exclusion filters to export and click **Export**. The File +Explorer opens. + +![Select False Positive Exclusion filter file to export File Explorer window](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp) + +**Step 2 –** Enter a File name for the TXT file that the exported false positive exclusion filters +will be contained in. Click **Save**. + +The False Positive Exclusion Filters are now exported. diff --git a/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/import.md b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/import.md new file mode 100644 index 0000000000..d938b19cd4 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/import.md @@ -0,0 +1,34 @@ +# Importing False Positive Exclusion Filters + +Create an import (TXT) file containing a list of file paths for the files to be excluded from +Sensitive Data reports. The text file should have one file path per row. The import file needs to be +scoped to a single solution and a criteria set. + +Follow the steps to import a list of False Positive Exclusion Filter. + +![Import on False Positives tab](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/importfilter.webp) + +**Step 1 –** Click **Import** to open the Select False Positive Exclusion Filter file to import +window. + +![Select False Positive Exclusion Filter file to import window](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/importfileexplorer.webp) + +**Step 2 –** Navigate to the file that will be imported. Select the file and click **Open**. The +Configure Imported False Positive Exclusion Filters window opens. + +![Configure Imported False Positive Exclusion Filters window](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp) + +**Step 3 –** Select the repository type from the **Source** drop-down menu. + +**Step 4 –** Select the required criteria from the list. You can use the **Search Criteria** textbox +to filter the list by keywords. + +**Step 5 –** Click **OK** to confirm configurations. The Configure Imported False Positive Exclusion +Filters window closes. + +**Step 6 –** Click **Save** on the Sensitive Data view to save changes. + +The imported list of False Positive Exclusion Filters are now applied to Sensitive Data reports. If +all of the files in the import were not meant to have the same Source and Criteria set, see the +[Editing False Positive Exclusion Filters](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/edit.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/overview.md b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/overview.md new file mode 100644 index 0000000000..0f4e3dfe33 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/overview.md @@ -0,0 +1,44 @@ +# False Positives Tab + +Configure False Positive exclusion filters using the options in the False Positives tab. False +Positives Filters listed here as False Positives results in the corresponding matches being removed +from Enterprise Auditor and Access Information Center reports. + +![False Positives tab](/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/falsepositivestab.webp) + +The options under the False Positives Tab are: + +- Add Filter – Opens the Add False Positive Exclusion Filter window to add False Positive Exclusion + Filters. See the + [Adding False Positive Exclusion Filters](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/add.md) + topic for additional information. +- Edit Filter – Opens the Edit False Positive Exclusion Filter window to edit the selected filters + in the list. See the + [Editing False Positive Exclusion Filters](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/edit.md) + topic for additional information. +- Delete Filter – Deletes the selected false positive exclusion filter. See the + [Deleting False Positive Exclusion Filters](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/delete.md) + topic for additional information. +- Import – Imports a text file to populate the False Positives tab with False Positive Exclusion + Filters. See the + [Importing False Positive Exclusion Filters](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/import.md) + topic for additional information. +- Export – Exports selected false positive exclusion filters in a text file. See the + [Exporting False Positive Exclusion Filters](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/export.md) + topic for additional information. + +The False Positives view displays the following information for the False Positive Exclusion +Filters: + +- File Path – Path of the file to be excluded from Sensitive Data reports +- Solution – Solution source of the exclusion filter. The two solution sources are: + + - File System + - SharePoint + +- Criteria – Sensitive Data criteria where the exclusion filter is applied + +The **Cancel** and **Save** buttons are in the lower-right corner of the Sensitive Data view. These +buttons become enabled when modifications are made to the Sensitive Data global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md new file mode 100644 index 0000000000..5e8d6031ff --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md @@ -0,0 +1,22 @@ +# Sensitive Data + +The Sensitive Data node provides configuration options to manage sensitive data criteria and false +positive exclusion filters. These settings require the Sensitive Data Discovery Add-on. See the +[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md) +topic for additional information. + +**NOTE:** Sensitive data exclusion filters can only be applied to the +[File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/overview.md) +and the +[SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/overview.md). + +![Sensitive Data settings](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/sensitivedata.webp) + +The tabs in the Sensitive Data node are: + +- Criteria – Configure Search Criteria to be used in Sensitive Data scan jobs. See the + [Criteria Tab](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/criteria.md) + topic for additional information. +- False Positives – Configure False Positive exclusion filters. See the + [False Positives Tab](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/overview.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/servicenow.md b/docs/accessanalyzer/11.6/admin/settings/servicenow.md new file mode 100644 index 0000000000..7ee604093d --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/servicenow.md @@ -0,0 +1,32 @@ +# ServiceNow + +The ServiceNow® node is for configuring the settings needed to integrate with ServiceNow. These +settings are exclusive to the Enterprise Auditor integration with ServiceNow and are used by the +ServiceNow Action Module. See the +[ServiceNow Action Module](/docs/accessanalyzer/11.6/admin/action/servicenow/overview.md) +topic for additional information. + +![ServiceNow node](/img/product_docs/accessanalyzer/11.6/admin/settings/servicenow.webp) + +Provide ServiceNow authentication information to your ServiceNow instance. + +- Instance – The ServiceNow instance, for example `example.service-now.com` +- User Name and Password – The **Settings** > **ServiceNow** node at the global level can be + configured with a credential provisioned to create incidents as Callers in the **Assigned to** + field, and any other ServiceNow incident field that references the **sys_user** table. + +The **Cancel** and **Save** buttons are in the lower-right corner of the ServiceNow view. These +buttons become enabled when modifications are made to the ServiceNow global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +## Update ServiceNow Authentication Credentials + +Follow the steps to update the ServiceNow authentication credentials. + +**Step 1 –** In the ServiceNow Authentication section, enter a new **Password** for the user +account. + +**Step 2 –** Click **Save**. + +The credentials have been updated for ServiceNow authentication. diff --git a/docs/accessanalyzer/11.6/admin/settings/storage/add.md b/docs/accessanalyzer/11.6/admin/settings/storage/add.md new file mode 100644 index 0000000000..d40baa9ede --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/storage/add.md @@ -0,0 +1,64 @@ +# Add a Storage Profile + +Follow the steps to create a Storage Profile. + +![Add Storage profile option](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofile.webp) + +**Step 1 –** Click **Add Storage profile** at the top of the Storage view. + +![New Storage profile added](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofilename.webp) + +**Step 2 –** A new profile line appears in the Storage Profiles list with a generic name. Change the +Profile name to a unique and descriptive name. + +![Server Name field](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofileservername.webp) + +**Step 3 –** Type the SQL **Server name** in the textbox provided. This can be a NetBIOS name, a +fully qualified domain name, or an IP Address. If the SQL Server specified is configured to use a +named instance, provide the **Instance name** in the next textbox. + +![Command timeout field](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofiletimeout.webp) + +**Step 4 –** Specify the time in minutes that must expire before Enterprise Auditor halts any SQL +queries running for that amount of time. + +![Authentication options](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofileauthentication.webp) + +**Step 5 –** Select the radio button for the appropriate authentication mode. If using **SQL Server +authentication** , provide a **User name** and **Password** in the textboxes. + +**_RECOMMENDED:_** When possible, use Windows Authentication. Windows Authentication is more secure +than SQL Server Authentication. See the Microsoft +[Choose an authentication mode](https://learn.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode) article +for additional information. + +| ![Good connection test](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofilegoodconnection.webp) | ![Bad connection test](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofilebadconnection.webp) | +| ----------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | +| Good Connection Test | Bad Connection Test | + +**Step 6 –** It is recommended to test the credentials provided at this point. The radio button for +**Use existing database** should be selected by default. Test the SQL Server connection by clicking +the drop-down arrow for an existing database. If the connection is established, a listing of +databases appears. If the connection cannot be established, an error warning displays. + +![Database options](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofiledatabase.webp) + +**Step 7 –** Set the database through one of the following options: + +- Use existing database – Click this radio button and select a database from this list provided in + the drop-down menu +- Create new database – Click this radio button and provide a unique, descriptive name in the + textbox + +![Connection report](/img/product_docs/accessanalyzer/11.6/install/application/connectionreport.webp) + +**Step 8 –** Click **Apply** and a Connection report window opens. The Connection report checks for +the appropriate permissions and lists any that are missing. If no permissions are present, an error +message appears in the Connection report window. When there is a `Successful connection test`, click +**Close**. + +**Step 9 –** If **Create new database** was selected, the new database now exists. If **Use existing +database** was selected, the Storage Profile is now linked to the database. Click **Save** and then +**OK** to complete the creation of the new Storage Profile. + +The new Storage Profile is available to be used by Enterprise Auditor. diff --git a/docs/accessanalyzer/11.6/admin/settings/storage/default.md b/docs/accessanalyzer/11.6/admin/settings/storage/default.md new file mode 100644 index 0000000000..e7887f5f0e --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/storage/default.md @@ -0,0 +1,50 @@ +# Set a Default Storage Profile + +While multiple Storage Profiles can exist, only one profile can be set as the default. A green +checkmark next to the profile name indicates the default Storage Profile. Follow the steps to change +the default Storage Profile at the global level. + +![Set as Default option on Storage page](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/default.webp) + +**Step 1 –** Select the profile to be the new default, and click **Set as default**. The Change +storage profile window opens. + +![Change storage profile window](/img/product_docs/accessanalyzer/11.6/install/application/changestorageprofile.webp) + +**Step 2 –** There are three options for host management data migration. Select the desired option, +choose whether or not to apply the secondary option, and click **OK**. + +- Merge your host management data with data in the destination table (Recommended) – This option + keeps existing hosts and host discovery tasks in the destination and updates the tasks based on + the information found in the source database + + - Use destination value on conflict – If selected, any conflicting information between the + destination table and the source database is resolved in favor of the destination table + +- Overwrite data in the destination table – This option replaces existing hosts and host discovery + tasks with ones found in the source database + + - Also overwrite shared host inventory data – If selected, host inventory data is also replaced + with data found in the source database + +- Don’t copy your host management data to destination table – This option does not copy, update, or + overwrite information between databases + + - Clear data in destination table – If selected, all host management data in the destination + table is deleted + +![Change storage profile window when transfer is complete](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/changestorageprofilefinish.webp) + +**Step 3 –** When the host management data migration has completed, click **Finish**. + +![Storage page with new default storage profile](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/defaultsave.webp) + +**Step 4 –** A blue arrow now points to the new default Storage Profile. However, the arrow is also +an indication that the new default is not fully recognized by Enterprise Auditor. Click **Save** and +then **OK** to confirm the changes. + +**Step 5 –** Finally, to ensure these changes take effect, exit the Enterprise Auditor application +and relaunch it. + +The blue arrow is replaced by the green checkmark, indicating the new default Storage Profile is +recognized. diff --git a/docs/accessanalyzer/11.6/admin/settings/storage/delete.md b/docs/accessanalyzer/11.6/admin/settings/storage/delete.md new file mode 100644 index 0000000000..2f86f69ed3 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/storage/delete.md @@ -0,0 +1,19 @@ +# Delete a Storage Profile + +Follow the steps to delete a Storage Profile. + +**NOTE:** This procedure does not delete databases from the SQL Server. It only removes the selected +Storage Profile from this Enterprise Auditor Console. + +![Delete Storage Profile option](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/delete.webp) + +**Step 1 –** Select the Storage Profile to be removed, and click **Delete**. + +![Confirm delete selected profile dialog](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/deleteconfirm.webp) + +**Step 2 –** Confirm the operation by clicking **OK**. + +**Step 3 –** The profile disappears from the Storage Profiles list. Click **Save** and then **OK** +to confirm the changes. + +The Storage Profile has now been deleted. diff --git a/docs/accessanalyzer/11.6/admin/settings/storage/overview.md b/docs/accessanalyzer/11.6/admin/settings/storage/overview.md new file mode 100644 index 0000000000..f290894960 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/storage/overview.md @@ -0,0 +1,77 @@ +# Storage + +The Storage node contains objects known as Storage Profiles. Storage Profiles house the information +Enterprise Auditor uses to connect to a SQL Server database within your environment. + +![Storage Node](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/storage.webp) + +Each Storage Profile consists of the following parts: + +- Profile name – Unique, descriptive name which distinguishes the profile from others in cases where + multiple profiles exist +- Server name – Name of the SQL Server serving the database to be used for the Enterprise Auditor + database. The value format can be either a NetBIOS name, a fully qualified domain name, or an IP + Address. +- Instance name – Value of the named instance, if the SQL Server being connected to is configured to + use a named instance + + - To change the instance port number, provide the instance name in the format + `,`. For example, if using the default **MSSQLSERVER** instance and port + **12345**, the instance name should be entered as `MSSQLSERVER,12345`. + +- Command Timeout – Number of minutes before Enterprise Auditor halts any SQL queries running for + that amount of time. This prevents SQL queries from running excessively long. The default is 1440 + minutes. +- Authentication – Mode of authentication to the SQL Server. In general, it is recommended to + connect with an account configured with the DBO role (database owner rights) and provisioned to + use DBO Schema. + + **_RECOMMENDED:_** When possible, use Windows Authentication. Windows Authentication is more + secure than SQL Server Authentication. See the Microsoft + [Choose an authentication mode](https://learn.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode) article + for additional information. + + - Windows authentication – Leverages the account used to run the Enterprise Auditor Console + + **NOTE:** This option affects the credentials used for Schedule Service Accounts. See the + [Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) + topic for additional information. + + - SQL Server authentication – Leverages the account provided in the **User name** and + **Password** textboxes + - Use existing password – Use the password configured for the Storage Profile account + - Specify a new password below – Enter a new password for the selected Storage Profile account + +- Database name – Name of the Enterprise Auditor database to use in this storage profile + + - Use existing database – Drop-down menu provides a list of databases on the named SQL Server, + provided the connection information supplied is correct. If the menu is empty, then a + connection to the SQL Server was not established. + - Create new database – Enterprise Auditor automatically creates a new database using the name + provided in the textbox. This value should be a unique, descriptive name. + +![Operations on the Storage view](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/storageoperations.webp) + +At the Storage view, the following operations are available: + +- Add Storage profile – Create a new Storage Profile. See the + [Add a Storage Profile](/docs/accessanalyzer/11.6/admin/settings/storage/add.md) + topic for additional information. +- Set as default – Change the default Storage Profile. See the + [Set a Default Storage Profile](/docs/accessanalyzer/11.6/admin/settings/storage/default.md) + topic for additional information. +- Delete – Remove a Storage Profile. See the + [Delete a Storage Profile](/docs/accessanalyzer/11.6/admin/settings/storage/delete.md) + topic for additional information. + +**NOTE:** A green checkmark in the Storage Profiles list indicates the default Storage Profile. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Storage view. These buttons +become enabled when modifications are made to the Storage global setting. Whenever changes are made +at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, click +**Cancel** if no changes were intended. + +The vault provides enhanced security through enhanced encryption to various credentials stored by +the Enterprise Auditor application. See the +[Vault](/docs/accessanalyzer/11.6/admin/settings/application/vault.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/admin/settings/storage/updateauth.md b/docs/accessanalyzer/11.6/admin/settings/storage/updateauth.md new file mode 100644 index 0000000000..5d97019618 --- /dev/null +++ b/docs/accessanalyzer/11.6/admin/settings/storage/updateauth.md @@ -0,0 +1,18 @@ +# Update Authentication Credentials in a Storage Profile + +Follow the steps to update authentication credentials for a Storage Profile in the Enterprise +Auditor Console. + +**Step 1 –** Navigate to the **Settings** > **Storage** page. + +**Step 2 –** Locate and select a **Storage Profile** to update. + +![Specify a new password below option on Storage page](/img/product_docs/accessanalyzer/11.6/admin/settings/storage/updateauth.webp) + +**Step 3 –** In the Authentication section, click the **Specify a new password below** radio button. + +**Step 4 –** Enter a new **Password**. + +**Step 5 –** Click **Apply**. + +A new password has been added to a Storage profile. diff --git a/docs/accessanalyzer/11.6/administration/access-control/rest-api.md b/docs/accessanalyzer/11.6/administration/access-control/rest-api.md deleted file mode 100644 index 2eb7cc68d8..0000000000 --- a/docs/accessanalyzer/11.6/administration/access-control/rest-api.md +++ /dev/null @@ -1,261 +0,0 @@ -# Assign Application Access through the Web Service - -An application can be assigned to access data remotely through the Web Service. Follow the steps to -assign roles in the Console. - -![Add Access option on Access page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/addaccess.webp) - -**Step 1 –** Navigate to **Settings** > **Access** and click **Add Access**. The Access Type wizard -opens. - -![Access Type page of the Access Role wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/accesstypeapplication.webp) - -**Step 2 –** Select the **An application accessing data remotely through Web Service** option. Click -**Next**. The Application Access window opens. - -![Application Access page of the Access Role Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/applicationaccess.webp) - -**Step 3 –** The Application Access window displays a list of objects available in the database that -are available for access. Select the database objects the application will access and click **Add** -to open the Select database objects window. - -![Select database objects window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/selectdatabaseobjects.webp) - -**Step 4 –** Select the database objects to access and then click **OK** to return to the -Application Access page. - -- Selecting a parent node in the tree automatically selects all children in addition to the parent -- Selecting a child automatically selects the parent -- Deselecting a child when the parent is selected automatically puts the parent into an - indeterminate state -- Selecting any child puts the parent into an intermediate state - -Click Next to proceed. - -**NOTE:** Only select items that the application needs to access. Type in the **Filter objects by -name** box to filter the list of objects by the characters entered. - -![Application Details page of the Access Role Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/applicationdetails.webp) - -**Step 5 –** On the Application Details page, define the name of the application and generate the -app token. - -- Application name – The name of the application accessing that data -- Access Expiration – The expiration for the client secret. Select an option for the desired access - expiration: - - - Access expires within – Select a time frame from the drop-down list. The default is 72 hours. - - Access expires on specified date – Select a date from the drop-down list - -- Generate – Click this button to generate the Client ID and Client secret -- Client ID – Copy the Client ID into the application accessing data remotely through the Web - Service -- Client secret – Copy the Client secret into the application accessing data remotely through the - Web Service - -**Step 6 –** Click **Finish** to confirm the changes. - -The application is added to the table on the Access page. - -# Use Access Token to Get Data from the Enterprise Auditor Endpoint - -Use the access token to call the API endpoints using PowerShell and retrieve data. The following -tables provide additional information on retrieving data. - -## ROWS - -This table provides information on how to call the REST API to retrieve data from a named table or -view definition. - -| | Description | -| ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| URL STRUCTURE | `/api/v1/data//rows` `/api/v1/data//rows` | -| DESCRIPTION | Allows the caller to retrieve data from a table or view. | -| METHOD | GET, POST | -| PARAMETERS | **object-name** – Required value that specifies the unique object name. **alias-name** – Required value that specifies the unique alias associated with the table, available as a more thoughtfully designed namespace. **jobRuntimeKey**(Optional) – The execution to retrieve information for. If this is omitted the latest report is provided. **filters** (Optional) – A filter to be applied prior to returning data, multiple filters are applied with `and` operators. If an array is specified for the value field for a filter, the filter returns any successful match from the array of values. String comparisons are case insensitive. A list of the available functions is below. Filter functions: - equals - not_equals - greater (greater_equal) - less (less_equal) - contains - starts_with **columns** (Optional) – A list of columns to be returned. When not specified all columns are returned. The columns specified by the **groupby** parameter should be omitted from this array. **groupby** (Optional) – A list of columns to group each row by, resulting in a JSON object that contains those keys followed by an array of entries. Sample JSON request: `{     jobRuntimeKey: "2018-11-05T13:15:30",     columns: [ "url", "trusteeName", "rights" ],     groupby: [ "hostName" ],     filters: [         {             column: "hostName",             function: "equals",             value: "ENGINEERING01",         },         {             column: "trusteeName",             function: "equals",             value: [ "Pete Smith", "Jake Roberts" ]         }     ] }` | -| RETURNS | A JSON array representation of the underlying table. Sample JSON response: `[     {         hostName: "ENGINEERING01",         groupItems: [             {                 url: "https://site/list",                 trusteeName: "Pete Smith",                 rights: "Read"             }         ]     } ]` | -| ERRORS | 400 One or more the parameters passed in are invalid. 404 The object requested does not exist. | - -## PROC - -This table provides information on how to call the REST API to execute a stored procedure. - -| | Description | -| ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| URL STRUCTURE | `/api/v1/data//proc` `/api/v1/data//proc` | -| DESCRIPTION | Allows the caller to execute stored procedure and retrieve data. | -| METHOD | POST | -| PARAMETERS | **object-name** – Required value that specifies the unique object name. **groupby**(Optional) – A list of columns to group each row by, resulting in a JSON object that contains those keys followed by an array of entries. The parameters passed in here are passed to the stored procedure untouched. Arrays are mapped to a user defined table type, currently only single value arrays are supported. Sample JSON request: `{     parameters: {         hostName: "SBNJENGINEERING01",         userName: "DOMAIN\\pete.smith",         files: [             { name: "puppets.xls" },             { name: "groups.pdf" }         ]     }     groupby: [ "HostName" ] }` | -| RETURNS | A JSON array representation of the underlying result data. Sample JSON request: `{     parameters: {         hostName: "SBNJENGINEERING01",         userName: "DOMAIN\\pete.smith",         files: [             { name: "puppets.xls" },             { name: "groups.pdf" }         ]     }     groupby: [ "HostName" ] }` | -| ERRORS | 400 One or more the parameters passed in are invalid. 404 The object requested does not exist. | - -# Use the Client Credentials Grant to Obtain an Access Token - -An access token is a credential that can be used by an application to access an API. To obtain an -access token, the application accessing data remotely through the Web Service must connect to the -Enterprise Auditor token endpoint and use the Client ID and Client Secret to authenticate the access -request. This is done using the Client Credentials grant. The Client Credentials grant is used when -applications request an access token to access their own resources, not on behalf of a user. The -following request parameters should be used: - -- `grant_type` (required) – The `grant_type` parameter must be set to `client_credentials` -- `scope` (optional) – Your service may support different scopes for the client credentials grant - -The client must then be authenticated for the request. Typically, the service will allow either -additional request parameters, `client_ID` and `client_secret`, or accept those parameters in the -HTTP Basic auth header. - -The following example shows how to retrieve an access token: - -``` -POST /token HTTP/1.1 -Host: authorization-server.com -grant_type=client_credentials -&client_id=xxxxxxxxxx -&client_secret=xxxxxxxxxx -``` - -**_RECOMMENDED:_** Tokens contain sensitive information and should be stored securely. See the -Microsoft -[ConvertTo-SecureString](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/convertto-securestring?view=powershell-7.4) -article for additional information. - -If the token does not have the ability to perform this request, is invalid, or the specific resource -has been blocked from access remotely, an HTTP status code of 401 is returned. - -If the request for an access token is valid, the authorization server generates an access token and -returns it to the client. The following example shows a successful access token response: - -``` -HTTP/1.1 200 OK -Content-Type: application/json -Cache-Control: no-store -Pragma: no-cache  -{ -  "access_token":"MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3", -  "token_type":"bearer", -  "expires_in":3600, -  "refresh_token":"IwOGYzYTlmM2YxOTQ5MGE3YmNmMDFkNTVk", -  "scope":"create" -} -``` - -See the Okta -[Access Token Response](https://www.oauth.com/oauth2-servers/access-tokens/access-token-response/) -article for additional information on successful and unsuccessful responses to requests for access -tokens. - -The Client Secret expires after 72 hours. The access token expires after 1 hour after which time you -can request a refresh token. See the -[Use the Client Credentials to Grant a Refesh Token](/docs/accessanalyzer/11.6/administration/access-control/rest-api.md) topic -for additional information. - -# Web Service REST API for Applications Accessing Data Remotely - -The Enterprise Auditor REST API is integrated into the Web Service as an endpoint using an OAuth 2.0 -client credentials grant for authentication and providing the following access role: - -- Read-Only – Read data only - -See the -[Use the Client Credentials Grant to Obtain an Access Token](/docs/accessanalyzer/11.6/administration/access-control/rest-api.md) -topic for additional information. - -The client provides the access token in the HTTP header in the following format: - -``` -GET /api/v1/data/SA_ADInventory_UsersView/rows HTTP/1.1 -Host: accessgovernance.company.com  -Authorization: Bearer N4ahquT7rXuiEEeUiNfKD0TjUq7JB9DS -``` - -See the MDN Web Docs -[The general HTTP authentication framework](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication) -article for additional information. - -# PowerShell Commands for the REST API - -The following examples show PowerShell commands commonly performed with the REST API. - -## Retrieve an Access Token - -The following example shows how to retrieve an access token. - -``` -$body = @{ -  client_id="[Insert Client ID Here]" -  client_secret="[Insert Client Secret Here]" -  grant_type="client_credentials" -}  -$response = Invoke-WebRequest -Method POST -uri http://localhost:8082/api/v1/token -Body $body -ContentType "application/json" -$content = $response.Content | ConvertFrom-Json   -$access_token = $content.access_token; -$refresh_token = $content.refresh_token; -``` - -**_RECOMMENDED:_** Tokens contain sensitive information and should be stored securely. See the -Microsoft -[ConvertTo-SecureString](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/convertto-securestring?view=powershell-7.4) -article for additional information. - -## Retrieve Data from a Table or View - -The following example shows how to retrieve data from a table or view. - -``` -$headers = @{   -Authorization="Bearer $access_token" -} -$response = Invoke-WebRequest -Method GET -uri http://localhost:8082/api/v1/data/SA_ADInventory_ComputersView/rows -Headers $headers -$content = $response.Content | ConvertFrom-Json -``` - -# Use the Client Credentials to Grant a Refesh Token - -A refresh token contains the information required to obtain a renewed access token. Request a -refresh token when the access token expires. - -- `grant_type` (Required) – The `grant_type` parameter must be set to `client_credentials` -- `refresh_token` (Required) – The refresh token previously issue to the client -- `scope` (Optional) – The requested scope must not include additional scopes that were not issued - in the original access token. If the scope is not included in the request, the service issues an - access token with the same scope as previously issued. -- Client Authentication – Required if the client was issued a secret - -The authentication server then verifies the access request. If the request is valid, the service -generates an access token. - -The following example shows a refresh token grant: - -``` -POST /api/v1/token HTTP/1.1 -Host: authorization-server.com -grant_type=refresh_token -&refresh_token=xxxxxxxxxxx -&client_id=xxxxxxxxxx -&client_secret=xxxxxxxxxx -``` - -If the token does not have the ability to perform this request, is invalid, or the specific resource -has been blocked from access remotely, an HTTP status code of 401 is returned. - -The response for a refresh token is the same as the response for an access token. Optionally, a new -refresh token can be included in the response. If a new refresh token is not included in the -response, the current refresh token will continue to be valid. The following example shows a -successful access token response: - -``` -POST /oauth/token HTTP/1.1 -Host: authorization-server.com -grant_type=refresh_token -&refresh_token=xxxxxxxxxxx -&client_id=xxxxxxxxxx -&client_secret=xxxxxxxxxx -``` - -See the Okta -[Access Token Response](https://www.oauth.com/oauth2-servers/access-tokens/access-token-response/) -article for additional information on successful and unsuccessful responses to requests for access -tokens. - -The refresh token expires after 7 days. diff --git a/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md b/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md deleted file mode 100644 index ade5957354..0000000000 --- a/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md +++ /dev/null @@ -1,1045 +0,0 @@ -# Assign User to Role Members - -Role Based Access becomes enabled within Enterprise Auditor as soon as the first role has been -assigned in the Access Role wizard. When saving the first role or set of roles added to the Role -Membership list in the Roles view, the Administrator role must be included for a least one user or -an error message displays. - -Follow the steps to assign roles in the Enterprise Auditor Console. - -![Add Access option on the Access page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/addaccess.webp) - -**Step 1 –** On the Access page, click **Add Access**. The Access Type wizard opens. - -![Access Type page of the Access Role wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/accesstypeuser.webp) - -**Step 2 –** Select the **A user or group accessing this console** option. Click **Next**. - -![Console Access page of the Access Role wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) - -**Step 3 –** On the Console Access page, specify a group or user in the **Name** field. Use the -ellipsis (**…**) to browse for accounts with the Select User or Group window. - -- (Optional) To use previously configured MSA and gMSAs for authentication, select the gMSA option - from the Object Types list. See the Microsoft - [Group Managed Service Accounts](https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview) - article for additional information. - - - Change the location to the desired domain and click **Object Types**, then select **Service - Accounts**. - - Add the gMSA name (`gMSAadmin$`), then click **OK**. - - The Member Type will show as `msDS-GroupManagedServiceAccount` on the Access page. - -![Console Access page with user added](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccessfinish.webp) - -**Step 4 –** Select a role for the group or user from the Role list. Click **Finish**. The group or -user and role is added to the Role Membership list in the Roles view. - -**Step 5 –** Repeat Steps 1-4 to assign roles to other groups or users. - -**Step 6 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if -they are not saved. - -Role Based Access is enabled when the first role has been assigned. - -![Error message when Administrator role is not specified](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/noadminerror.webp) - -The first role or set of roles saved must include the Administrator role. Clicking **Save** for the -first role or set or roles without including the Administrator generates an error message in the -Enterprise Auditor Console. - -When Role Based Access is first enabled, restart the Enterprise Auditor application to ensure all -roles are properly active. When saving roles for the first time, permissions for the local Users -group are applied to the Enterprise Auditor directory. This allows roles to be leveraged without -requiring local Administrator rights. - -| | | -| ------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| ![Permissions - This folder only](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/permissionsfolder.webp) | ![Permissions - Subfolders and files only](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/permissionssubfolderfiles.webp) | - -There are two separate sets of permissions: - -- Applies to **This folder only** -- Applies to **Subfolders and files only** - -## Edit Role Members' Responsibilities - -Follow the steps to edit a Enterprise Auditor user’s role. - -![Edit Member Role](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/editmemberrole.webp) - -**Step 1 –** On the Access page, select the desired user and click **Edit Member Role**. - -![Edit Console Access wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccessedit.webp) - -**Step 2 –** Select a new role for the user from the Roles list. - -**Step 3 –** Click **Finish**. The role is updated on the Access page. - -**Step 4 –** Repeat Steps 1-3 to edit other users’ roles. - -**Step 5 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if -they are not saved. - -The changed roles take affect the next time the users logs into the Enterprise Auditor application. -If a user is actively logged into Enterprise Auditor at the same time the role for that user is -changed, then the user needs to exit and re-launch the application for the role to take effect. - -## Delete Role Member - -Follow the steps to delete a user from having access to the Enterprise Auditor Console. - -![Delete Role Member](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/deleterolemember.webp) - -**Step 1 –** On the Access page, select the desired user and click **Delete Role Member**. The -selected user will be removed from the list. - -**NOTE:** No confirmation will be requested. However the changes will not be finalized until Step 3 -is completed. - -**Step 2 –** Repeat Step 1 to remove other users as desired. - -**Step 3 –** Click **Save** and then **OK** to confirm the deletions. The users will not be deleted -if the changes are not saved. - -The deleted users will no longer be able to log into the Enterprise Auditor application. If a user -is actively logged into Enterprise Auditor at the same time of the deletion, the user will need to -exit the application for the deletion to take effect. - -# Configuring Roles - -To ensure a least privilege access model, roles need to be configured within both the Enterprise -Auditor Console for folder rights and SQL Management Studio for database access rights. - -This is a three-part process: - -- Configure the Enterprise Auditor Installation Account -- Configure Roles in SQL Management Studio - - - Create SQL Server Database Roles - - Assign Users to SQL Roles - -- Assign User Roles in the Enterprise Auditor Console - - - Edit Role Members’ Responsibilities - - Delete Role Members - -**NOTE:** This configuration process is not required if only using Role Based Access to secure -Published Reports. See the -[Securing Published Reports Only](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topic for additional information. - -## Configure the Installation Account - -The Enterprise Auditor Installation Account is used both to perform the initial installation of -Enterprise Auditor and to change Storage Profile settings. It needs additional rights in order to -query objects in the master database. This is only necessary so the user can enumerate the available -databases to choose from when configuring the Enterprise Auditor Storage Profile. - -The following script can be executed to give these necessary rights only to the account performing -the initial installation of Enterprise Auditor and any changes to the database where Enterprise -Auditor writes data: - -``` ---Create a login for the user if one does not already exist -IF NOT EXISTS (SELECT *FROM sys.server_principals WHERE [name] = '\') -BEGIN -    create login [\] from windows -END -GO ---Grant that user rights to query the master database to get a list of all database objects -USE [master] -GRANT VIEW ANY DEFINITION TO [\] -GRANT CREATE DATABASE TO [\] -GO -``` - -## Configure Roles in SQL Management Studio - -It is necessary to provision rights to the SQL Server database so the Enterprise Auditor application -rights and database access rights are consistent and provide the minimum rights necessary to support -the Enterprise Auditor roles. This approach involves creating custom database roles which will be -assigned rights and privileges. Then, individual domain user accounts must be assigned to these -roles. - -**NOTE:** For any SQL Server version prior to 2012, Windows groups cannot be used because SQL Server -does not allow the assignment of default schemas to Windows groups. Enterprise Auditor requires the -default schema of [dbo] to function properly. - -### Create SQL Server Database Roles - -To create the roles within the SQL Server database, run the following script. - -![Query Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqlcreateroles.webp) - -Be sure to set the context of this query to the Enterprise Auditor database by selecting the right -database from the drop-down window. Alternatively, prefix the script with a -`USE [Enterprise Auditor DATABASE NAME]` clause. - -``` ---create SMP Viewer role -CREATE ROLE SMP_Viewer  ---grant role permissions at the schema level -GRANT SELECT -ON SCHEMA::dbo -TO SMP_Viewer -Go  ---create SMP Builder role -CREATE ROLE SMP_Builder  ---grant role permissions at the schema level -GRANT SELECT,INSERT,DELETE -ON SCHEMA::dbo -TO SMP_Builder -Go  ---grant additional creation rights -GRANT CREATE TABLE TO [SMP_Builder] -GO  ---create SMP Admin role -CREATE ROLE SMP_Admin  ---grant role permissions at the schema level -GRANT ALTER,EXECUTE,INSERT,UPDATE,REFERENCES -ON SCHEMA::dbo -TO SMP_Admin -Go  ---grant additional creation rights -GRANT CREATE TABLE TO [SMP_Admin] -GO -GRANT CREATE VIEW TO [SMP_Admin] -GO -GRANT CREATE PROCEDURE TO [SMP_Admin] -GO -GRANT CREATE FUNCTION TO [SMP_Admin] -GO -GRANT CREATE TYPE TO [SMP_Admin] -GO - -``` - -Once the script has been successfully executed, assign domain users to these database roles. - -### Assigning Users to SQL Roles - -Now that the SQL Server database roles have been created the next step is to assign domain users to -those roles. This can be done interactively in SQL Management Studio. Follow the steps to assign -users to SQL Server database roles. - -**Step 1 –** Connect to the Enterprise Auditor database through SQL Management Studio. - -![Database Roles](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqldatabaseroles.webp) - -**Step 2 –** Validate that the roles have been properly created by navigating to **Security** > -**Roles** > **Database Roles**. The three new roles should be visible: - -- SMP_Admin -- SMP_Builder -- SMP_Viewer - -| | | -| ------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------- | -| ![New User Option](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqlusers.webp) | ![New User Option](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqlusersnewuser.webp) | - -**Step 3 –** After confirmation of role creation, the next step is to map users to these roles. -Right-click on the **Security** > **Users** node and select **New User**. - -![Database User Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqluserwindow.webp) - -**Step 4 –** Enter the user information in the dialog as follows: - -- User Name – Display name given to the user which is shown under the user’s folder. - - **_RECOMMENDED:_** Use a descriptive name. - -- Login name – Qualified domain name of the user: `[DOMAIN]\[Username]` -- Default Schema – Should be set to `dbo` -- Database role membership – Should be set to the appropriate role for this user. See the - [Role Definitions](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) - topic for more information. - -When all of the users have been assigned to the appropriate SQL Server database roles, complete the -process by assigning users to roles within the Enterprise Auditor Console. - -# Custom Roles - -A custom role can be created within Enterprise Auditor to combine the rights of other defined roles. -Follow the steps below to create a custom role. - -**Step 1 –** In the Enterprise Auditor directory, navigate to **PrivateAssemblies** and edit the -**rba-roles.conf** file.  Add a new section for the custom role as shown in the following -instructions: - -``` - - - - - - - -``` - -- Replace `Special User` between the double quotes in the script above with the name of the new - role. -- Replace `Description of Special User` between the double quotes in the script above with a - description of what a user assigned the new role is able to do. - -**Step 2 –** Add privileged values for the desired rights on new lines between the beginning comment -`` and ending comment `` in the script above. - -- For example, to create a single role which has the same privileges as the Host Management - Administrator and Global Options Administrator roles, copy the privileges from the sections of the - **rba-roles.conf** file to the newly added section, and remove duplicate values if there is any - overlap. - -See the sections below for examples of how roles should be added in the **rba-roles.conf** file. - -## Default Global Options Administrator Privileges - -The following example shows what is currently contained in the Global Options Administrator role, -and how the created role should be added in the **rba-roles.conf** file. - -``` - - - - - - -    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -``` - -## Default Host Management Administrator Privileges - -The following example shows what is currently contained in the Host Management Administrator role, -and how the created role should be added in the **rba-roles.conf** file. - -``` - - - - - - - - - - - - - - - - - - - - - - - - - - -``` - -## New Role Combining the Global Options Administrator and Host Management Administrator Roles - -The following is an example of a custom role that combines the Global Options Administrator and Host -Management Administrator roles. The script contains duplicate privileges of `RunSA`, -`ScheduleDelete`, and `ScheduleEdit` that need to be removed. - -``` - -  - - - -          - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -``` - -# Roles and the Event Log - -The Enterprise Auditor Event Log includes a list of the following activities related to Role Based -Access. The logged activities include information regarding the user who initiated the activity and -their corresponding role: - -- Job Query Modifications -- Host List Modifications -- All Global Settings Modifications - - - Connection Profiles - - Role Based Access - - All other settings found in Settings node - -- Job and Group Properties/Settings -- Job Schedules -- Job Deletions -- Job Creations -- Job Moves in the Jobs tree -- Job/Group Executions -- Enterprise Auditor Console launches and exits - -See the -[Application Maintenance and Best Practices](/docs/accessanalyzer/11.6/accessanalyzer/admin/maintenance/overview.md) -topic for additional information. - -# Role Based Access: FAQ - -This topic lists some commonly asked questions about Role Based Access functionality in Enterprise -Auditor. - -How do locked jobs affect the role functionality? - -A lock on a job represents the approval by the Job Approver, and is therefore deemed acceptable to -execute. Once a job is locked, Job Builders can no longer modify the job configuration. Furthermore, -only locked jobs can be run. Therefore, the Job Initiator can only run or schedule jobs which have -already been locked. - -**NOTE:** Locked jobs do not affect the functionality of the Administrator role. See the -[Role Definitions](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topic for more information. - -How can I make sure that a lock on a job will not get tampered with through the associated XML file? - -The Scheduling Service Account provides limited rights for the Job Approver. Previously, the Job -Approver required permissions on the Jobs folder in order to apply the lock to a job. Now, the -credentials specified in the Scheduling Service Account will be used to apply the locks. Therefore, -the Job Approver no longer needs access to the Jobs folder and cannot manually remove or tamper with -the associated XML file. - -**NOTE:** If using a Job Initiator’s credentials for a Schedule Service Account, all jobs must be -locked in order for them to be executed. See the -[Role Definitions](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -and -[Roles & the Schedule Service Account](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topics for more information. - -Why can the Host Management Administrator not manage settings for the Host Discovery and Host -Inventory nodes under Settings? - -The Host Management Administrator role is designed specifically to access the Host Management node. -Therefore, this role does not grant access to the global settings menu under the Settings node. - -**NOTE:** In order to access this node, the user must have either the Administrator or the Global -Options Administrator role. See the -[Role Definitions](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topic for more information. - -What rights do I need to give the user on the local machine in order to use Enterprise Auditor? - -Enabling Role Based Access removes the necessity to explicitly provide users rights on the -Enterprise Auditor folder structure. Instead, when the Administrator role is first assigned and Role -Based Access is enabled, the roles will set permissions to allow all members of the local users -group the necessary access to Enterprise Auditor. - -When a user’s role is changed, when does the new role take affect? - -If a user’s role has been altered while they are in an active Enterprise Auditor session, the user -must exit the Enterprise Auditor Console and re-open the application for the new role to take -effect. This is also true if a user has been given an additional role or removed from role -membership. The capabilities of the new role will not come into effect until the Enterprise Auditor -application has been restarted. - -**NOTE:** See the -[Edit Role Members' Responsibilities](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md#edit-role-members-responsibilities) -and -[Delete Role Member](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md#delete-role-member) -topics for more information. - -I locked a job, but when going back to it, it appears to be unlocked. Why? - -A locked job signifies that the job has been approved for execution and should not be modified. If a -job is modified in any way, the lock is immediately removed. Although most roles should not be able -to modify locked jobs, the Administrator role can. This role is not governed by the limitations of -Role Based Access. Thus, if a locked job is modified by an Administrator, the job will become -unlocked. This event will be logged as a job-change related event by Administrator in the Enterprise -Auditor Event Log. - -**NOTE:** If using a Job Initiator’s credentials for the Schedule Service Account, all jobs must be -locked in order for them to execute. See the -[Role Definitions](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md), -[Workflow with Role Based Access Enabled](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md), -and -[Roles and the Event Log](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topics for more information. - -What should be the group type when assigning Role Based Access to an AD group in a multi-domain -environment? - -When assigning an Role Based Access to an AD group, it is important to consider the domain -relationship between the AD group and the Enterprise Auditor server. - -If the Enterprise Auditor server and the AD group are in different domains then the AD group must be -a universal group. If the group type is not universal then it will result in the RBA being unable to -access the user's group membership and the user who is a member of that AD group will be unable to -view any reports. - -However, if both the Enterprise Auditor server and the AD group are in the same domain, the AD group -can be either a local group, global group, or universal group. - -# Role Based Access - -Role Based Access allows Enterprise Auditor users to not have local Administrator rights on the -console server. This is done through the creation of different roles which cover all aspects of the -Enterprise Auditor work flow introduced by enabling Role Based Access. These roles can be leveraged -without such elevated rights. Responsibilities within the Enterprise Auditor Console have been -divided among these roles. - -Role Based Access also allows users to secure published reports when accessed through the Web -Console. This is done by first enabling Role Based Access and then by assigning users/groups as -viewers to the reports to which they should have access. - -Report security through Role Based Access can be applied without implementing a least privileged -access model to the Enterprise Auditor Console. See the -[Securing Published Reports Only](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topic for additional information. - -**NOTE:** The least privileged access model to the Enterprise Auditor Console does not work in -conjunction with the Exchange Solution. Role Based Access can be enabled, but the Administrator role -is required to run the Exchange Solution jobs. - -**CAUTION:** Please use caution when enabling Role Based Access, as it is a very powerful tool -within the console designed to be difficult to disable once activated. If Role Based Access is -enabled by accident, please contact [Netwrix Support](https://www.netwrix.com/support.html) for -assistance in disabling it. - -The account used to perform the initial Enterprise Auditor installation, as well as to change -Storage Profile settings after installation, require additional rights in order to query objects in -the master database. See the -[Configure the Installation Account](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md#configure-the-installation-account) -topic for additional information on this account. - -To enable Role Based Access within Enterprise Auditor, corresponding roles must first be created -within SQL Management Studio. Then Enterprise Auditor users must be assigned roles both in SQL -Management Studio and in Enterprise Auditor. - -The first Enterprise Auditor user assigned a role must be an Administrator. Assigning this first -user role officially enables Role Based Access within Enterprise Auditor. See the -[Configuring Roles](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topic for additional configuration details. - -# Role Definitions - -The following is a list of all roles leveraged within Enterprise Auditor once Role Based Access is -enabled, including their intended functionality. A user may have more than one role assigned to -them. - -**NOTE:** When a job is moved or copied to a separate job group, it inherits the assigned roles at -the parent and global level from the new job group. Any previous role inheritance is overwritten. - -- OS Administrator – Used only for installation purposes - - - This is not not a configured role, but rather the access required during installation - -- Administrator – At least one must be set before any other roles are assigned - - - Full functionality from all roles within the Enterprise Auditor Console - - Rights to view all reports, tags, and report permissions within the Web Console - - Rights to preform an upgrade on Enterprise Auditor - -**NOTE:** In order to use Role Base Access with the Exchange Solution, all Exchange users must be -assigned the Administrator role. This is because the solution requires local Administrator rights on -the Enterprise Auditor Console server. - -- Power User - - - Rights to add, modify, and delete global settings, except for the **Setting** > **Access** - node - - Not able to view or modify Roles at the global level - - Has rights to add and break inheritance on report viewers at the job group, job, and report - configuration levels - - Rights to modify host management settings as well as run host inventory queries - - Rights to create, modify, and delete jobs as well as view the results of a job. They need to - be able to manage all configuration settings related to those jobs. - - Rights to view previously configured jobs and approve them to be run. They are also able to - view the results of a job. - - Rights to run jobs which have been approved, as well as disable or enable jobs and job groups - - Rights to view all reports, tags, and report permissions within the Web Console - -- Access Administrator - - - Rights to add, modify, and delete global roles except for own roles. This is to restrict - Access Administrators from stepping outside intended rights. - - Not able to view or modify report roles at any other level - - Rights to view report Tags within the Web Console but not report content or permissions - -- Global Options Administrator - - - Able to modify global settings, except for the **Setting** > **Access** node - - The Exchange node is the exception due to its requirements. Therefore, this node cannot be - modified by the Global Options Administrator. - - Rights to view report Tags within the Web Console but not report content or permissions - -- Host Management Administrator - - - Rights to modify host management settings as well as run host inventory queries - - Rights to view report Tags within the Web Console but not report content or permissions - -- Job Builder - - - Rights to create, modify, and delete jobs as well as view the results of a job. They need to - be able to manage all configuration settings related to those jobs. - - Rights to view or modify report viewers at the job group, job, and report levels but not the - global level - - Rights to view all reports and tags within the Web Console but not the report permissions - -- Job Approver - - - Rights to view previously configured jobs and approve them to be run. They are also able to - view the results of a job. - - Rights to view all reports and tags within the Web Console but not the report permissions - -- Job Initiator - - - Rights to start jobs which have been approved as well as view the results of a job - - Rights to disable and enable job and job groups - - Rights to view all reports and tags within the Web Console but not the report permissions - -- Job Initiator (No Actions) - - - Rights to start jobs which have been approved as long as there are no configured Actions in - the job. They are also able to view the results of a job. - - Rights to disable and enable job and job groups - - Rights to view all reports and tags within the Web Console but not the report permissions - -- Job Viewer - - - Only able to view the results of a job - - Rights to view all reports and tags within the Web Console but not the report permissions - -- Web Administrator - - - Not able to access the Enterprise Auditor Console - - Rights to view all reports, tags, and report permissions within the Web Console - -- Report Viewer - - - Not able to access the Enterprise Auditor Console - - Only able to view reports and tags within the Web Console but not the report permissions - - Access to reports is restricted according to where the Report Viewer role is assigned: - - - Assigned at the Global level (**Settings** > **Roles**) – Able to view all published - reports - - Assigned at the Job Group level (**Jobs** > **[Job Group]** > **Settings**  > - **Reporting**) – Able to view all reports published by the jobs within this job group - - Assigned at the Job level (**Jobs** > **[Job Group]** > **[Job]** > **Job Properties** > - **Report Roles** tab) – Able to view all reports published by this job - - Assigned at the Report configuration level (**Jobs** >**[Job Group]** >**[Job]** > - **Configure** > **Reports**> **Configure** > **Publish Security** page) – Able to view - only this report - -By default, many roles are granted rights to view all reports and report content. The inheritance of -the Report Viewer role can be broken at the job group, job, or report configuration levels. See the -[Report Viewer Inheritance](#report-viewer-inheritance) topic for additional information. - -## Enterprise Auditor Console Roles & Rights - -These tables show the rights granted to different user levels to the Enterprise Auditor Console. - -### Administrators - -This table identifies the rights granted to administrative users to the Enterprise Auditor Console. - -| Action | Administrator | Global Options Administrator | Access Administrator | Host Management Administrator | OS Administrator | -| ----------------------------------------------------------------------------------------------------------------------------------- | ------------- | ---------------------------- | -------------------- | ----------------------------- | ---------------- | -| View Reports within the Web Console | Yes | No | No | No | No | -| View Report Tags within the Web Console | Yes | Yes | Yes | Yes | No | -| View Report Permissions within the Web Console | Yes | No | No | No | No | -| Access the Enterprise Auditor Console (after Role Based Access is enabled) | Yes | Yes | Yes | Yes | No | -| Read All Configuration Logs | Yes | Yes | Yes | Yes | No | -| Manage / Edit Access Roles | Yes | No | Yes | No | No | -| Manage Global Settings (includes Connection Profiles) | Yes | Yes | No | No | No | -| Manage / Edit Hosts in Job | Yes | No | No | No | No | -| Manage / Edit Job Definitions | Yes | No | No | No | No | -| Run Jobs | Yes | No | No | No | No | -| Manage / Edit Job Schedules | Yes | No | No | No | No | -| Manage Host Management Settings (includes scheduling and running of host discovery, but not host related nodes in Global  Settings) | Yes | No | No | Yes | No | -| Lock / Unlock Jobs | Yes | No | No | No | No | -| Enable/Disable Jobs | Yes | No | No | No | No | -| Install / Uninstall Data Collectors (or other tool components) | Yes | No | No | No | Yes | -| Upgrade Enterprise Auditor Console | Yes | No | No | No | No | - -### Users - -This table identifies the rights granted to users who have access to the Enterprise Auditor Console. - -| Action | Power User | Job Builder | Job Approver | Job Initiator | Job Initiator (No Actions) | Job Viewer | -| ---------------------------------------------------------------------------------------------------------------------------------- | ---------- | ----------- | ------------ | ------------- | -------------------------- | ---------- | -| View Reports within the Web Console | Yes | Yes | Yes | Yes | Yes | Yes | -| View Report Tags within the Web Console | Yes | Yes | Yes | Yes | Yes | Yes | -| View Report Permissions within the Web Console | Yes | No | No | No | No | No | -| Access the Enterprise Auditor Console (after Role Based Access is enabled) | Yes | Yes | Yes | Yes | Yes | Yes | -| Read All Configuration Logs | Yes | Yes | Yes | Yes | Yes | Yes | -| Manage / Edit Access Roles | No | No | No | No | No | No | -| Manage Global Settings (includes Connection Profiles) | Yes | No | No | No | No | No | -| Manage / Edit Hosts in Job | Yes | Yes\* | No | No | No | No | -| Manage / Edit Job Definitions | Yes | Yes\* | No | No | No | No | -| Run Jobs | Yes | No | No | Yes\*\* | Yes\*\*\* | No | -| Manage / Edit Job Schedules | Yes | No | No | Yes\*\* | Yes\*\*\* | No | -| Manage Host Management Settings (includes scheduling and running of host discovery, but not host related nodes in Global Settings) | Yes | No | No | No | No | No | -| Lock / Unlock Jobs | Yes | No | Yes | No | No | No | -| Enable/Disable Jobs | Yes | No | No | Yes | Yes | No | -| Install / Uninstall Data Collectors (or other tool components) | Yes | No | No | No | No | No | -| Upgrade Enterprise Auditor Console | No | No | No | No | No | No | - -\*When jobs are unlocked - -\*\*When jobs are locked - -\*\*\*When jobs are locked and have no actions - -## Web Console Roles & Rights - -This table identifies the rights granted to users who have access only to the Web Console. - -| Action | Web Administrator | Report Viewer | -| ---------------------------------------------- | ----------------- | ------------- | -| View Reports within the Web Console | Yes | Yes\* | -| View Report Tags within the Web Console | Yes | Yes\* | -| View Report Permissions within the Web Console | Yes | No | - -\*According to where the role is assigned - -## SQL Server Database Roles & Rights - -This table describes the roles that will be created within the SQL Server database and what rights -they will have to the Enterprise Auditor database. It also describes which Enterprise Auditor roles -they are mapped to. - -| Database Role(s) | Enterprise Auditor Role | Rights | Role Description | -| --------------------------------------------- | ------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| SMP Administrator db_datareader db_datawriter | Administrator Job Initiator Job Initiator (No Actions) | On the dbo schema: ALTER, EXECUTE, INSERT, UPDATE, REFERENCES On the Enterprise Auditor database: CREATE TABLE, CREATE VIEW, CREATE PROCEDURE, CREATE FUNCTION, CREATE TYPE | This role is used by full Administrators and Job Initiators who must run the 2-FSAA Bulk Import Job which requires manipulation of the Enterprise Auditor database | -| SMP Builder | Job Builder Host Management Administrator | On the dbo schema: ELECT, INSERT, DELETE On the Enterprise Auditor database: CREATE TABLE | This role is used by the Job Builder who must be able to create/delete tables, view data, and insert and delete hosts from the Enterprise Auditor Console | -| SMP Viewer | Job Viewer Access Administrator Job Approver All other roles | On the dbo schema: SELECT | This role is used by all roles who do not require anything more than just reading data and information from the database | - -## Report Viewer Inheritance - -When Role-Based Access is enabled, users assigned the following roles inherit rights to view all -reports and their content: - -- Administrator role -- Power User role -- Job Builder role -- Job Approver role -- Job Initiator role -- Job Initiator (No Actions) role -- Job Viewer -- Web Administrator - -Additional users can be assigned the Report Viewer role at the global, job group, job, or report -configuration levels. These rights are inherited down through child objects. However, the Report -Viewer role inheritance can be broken at any level. Break inheritance to remove the right to view -specific reports at: - -- Job Group level – **[Job Group]** >**Settings** > **Reporting** node -- Job level – **[Job]** > **Properties** >**Report Roles** tab -- Report Configuration level – **[Job]** > **Configure** > **Reports** node. Click **Configure** - next to the report, and navigate to the Publish Security page of the Report Configuration wizard. - See the - [Publish Security Page](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/publishsecurity.md) topic - for additional information. - -| ![Job Group Level](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportviewerjobgroup.webp) | ![Job Level](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportviewerjob.webp) | ![Report Configuration Level](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportviewerreport.webp) | -| ------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- | -| Job Group Level | Job Level | Report Configuration Level | - -There are two options that control inheritance for Report Viewers when selected: - -- Include Report Viewers from this object’s parent – Automatically removes any user with the Report - Viewer role inherited from a parent object at the lower levels -- Set all the child objects to inherit these settings – Only available at the Job Group level. Sets - all Jobs and Reports to inherit group settings for all child objects by automatically selecting - the **Include Report Viewers from this object’s parent** option. Any previous configurations are - overwritten once **Yes** is selected in the confirmation window. - -# Roles & the Schedule Service Account - -Once Role-Based Access is enabled, a user or group with the appropriate access role has the ability -to schedule a job or job group as a Schedule Service Account at the **Settings** > **Schedule** -node. Multiple accounts can be added as needed. - -Who Configures This Account? - -- Administrator role -- Power User role -- Global Options Administrator role - -Whose Credentials Should Be Used as the Schedule Service Account? - -- A user with either: - - - Administrator role - - Power User role - - Job Initiator role - -**NOTE:** In order to run or schedule a Host Inventory query, the Schedule Service Account must have -an Administrator, Power User, or Host Management Administrator role. Therefore, if the account has -the Job Initiator role assigned, it must have the Host Management Administrator role as well. - -The Schedule Service Account is used to access the Task folders when scheduling tasks and to apply -locks on jobs. - -- Schedule Tasks - - - In order to have the appropriate level of rights to schedule tasks, the credentials specified - must at least have the following: - - - Create Files/Write Data rights on the Windows Task Folder - - Create Files/Write Data rights on the System 32 Task folder - - Otherwise, they should have local Administrator privileges on the Enterprise Auditor - Console server - - - The user whose credentials are specified must also have a role that allows the scheduling of - tasks – Administrator, Power User, or Job Initiator - -- Apply Locks - - **NOTE:** If the Enterprise Auditor user whose credentials are used has the role of Job - Initiator, the job must be locked in order for it to execute successfully. - - - These credentials are used to apply locks on jobs, enabling the Job Approver to have fewer - rights on the Jobs directory. Therefore, the credentials specified must at least have the - following: - - - Modify rights on this directory - - Otherwise, these credentials should have local Administrator privileges on the Enterprise - Auditor Console server - - - The Job Approver uses these credentials to apply locks. Therefore, the Job Approver must be - added to the local policy **Impersonate a client after Authentication**. - -Do not choose the **Use local System account to schedule tasks** option. This account does not have -the appropriate rights to apply locks on jobs. Therefore, it does not work in conjunction with Role -Based Access. - -See the -[Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) -topic for additional instructions on configuring the Schedule Service Account. - -_Remember,_ these credentials must be for a user with local Administrator privileges or rights to -the Windows Task Folder and the System 32 Task folder on the Enterprise Auditor Console server. - -# Securing Published Reports Only - -In order to secure published reports through the Web Console, it is necessary to enable Role Based -Access within the Enterprise Auditor Console. If that is the only reason the Role Based Access -feature is being enabled, ensure the following requirements are met: - -- Administrator role assigned to all Enterprise Auditor Console users - - - Anyone not assigned an Administrator role are unable to access the Enterprise Auditor Console - after Role Based Access is enabled - -- Web Administrator role assigned to individuals who should have access to all reports, tags, and - report permissions but not the Enterprise Auditor Console -- Report Viewer assigned to individuals who should have access to reports and tags but not report - permissions or the Enterprise Auditor Console - - - Global Level Assignment – Access to all reports - - Job Group Level Assignment – Access to reports published by jobs within the job group - - Job Level Assignment – Access to reports published by the job - - Report Configuration Level Assignment – Access to the specific report - -Follow the steps to assign roles at the global level. - -**Step 1 –** Navigate to the **Settings** > **Access** node. - -![Add Access option on the Access page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/addaccess.webp) - -**Step 2 –** On the Access page, click **Add Access**. The Access Type wizard opens. - -![Access Type page of the Access Role wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/accesstypeuser.webp) - -**Step 3 –** Select the **A user or group accessing this console** option. Click **Next**. - -![Console Access page of the Access Role wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) - -**Step 4 –** On the Console Access page, specify a group or user in the **Name** field. Use the -ellipsis (**…**) to browse for accounts with the Select User or Group window. - -![Console Access page with user added](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccessfinish.webp) - -**Step 5 –** Select a role for the group or user from the Role list. Click **Finish**. The group or -user and role is added to the Role Membership list in the Roles view. - -**CAUTION:** The first role or set of roles saved must include the Administrator role. Clicking Save -for the first role or set or roles without including the Administrator generates an error message in -the Enterprise Auditor Console. - -**Step 6 –** Repeat Steps 2-4 to assign the Administrator, Web Administrator, and Report Viewer -roles to other groups or users. - -**Step 7 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if -they are not saved. - -Role Based Access is enabled when the first role has been assigned. - -![Error message when Administrator role is not specified](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/noadminerror.webp) - -The first role or set of roles saved must include the Administrator role. Clicking **Save** for the -first role or set or roles without including the Administrator generates an error message in the -Enterprise Auditor Console. - -When Role Based Access is first enabled, restart the Enterprise Auditor application to ensure all -roles are properly active. The Report Viewer role can be assigned at the job group, job, and report -configuration levels. See the -[Reporting Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md), -[Report Roles Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md), -and -[Publish Security Page](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/publishsecurity.md) -topics for additional information. - -# Workflow with Role Based Access Enabled - -The following workflow summarizes the necessary steps involved to deploy a job once Role Based -Access is enabled and roles have been assigned. - -**Step 1 –** The Job Builder creates and configures a Enterprise Auditor job - -**Step 2 –** The Job Approver reviews a new or edited job’s configuration, and either approves or -rejects it - -![Lock Job option in right-click menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/lockjob.webp) - -- If a job is approved, then a lock needs to be applied by right-clicking the job title in the Jobs - tree and selecting **Lock Job** -- If a job is rejected, then the job remains unlocked -- If the **Lock Job** option is visible, then the job has not yet been approved -- If the **Lock Job** option is not visible, then the job has been approved - -![Unlock Job option in right-click menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/unlockjob.webp) - -**Step 3 –** The Job Initiator can choose to run the job directly through the Enterprise Auditor -Console or schedule it to run with the Schedule Service Account. This user will know the job was -approved by the grayed-out **Unlock Job** option in the right-click menu. - -- Job Initiator/Job Initiator (No Actions) – The Job Initiator can only execute locked job. - - - For the Job Initiator (No Actions) role, the user is unable to execute a job which contains - configured actions, even if it is approved and locked - - Both roles can enable and disable job groups and jobs regardless of whether or not they are - locked. Disabled jobs are grayed out with a red x next to it and are not executed with the job - group. When applied at the job group level, all nested jobs are disabled and do not run. - However, any new job added to that group is enabled by default. - - **NOTE:** The Job initiator can also publish the reports already generated by the job. - -- Publish – To publish reports which have already been generated to the Web Console - - - See the - [Report Settings Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information - -![Report under the Results Node in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportjobstree.webp) - -**Step 4 –** After a job has been successfully run, the **Job Viewer** can now view the results of -the job under the job’s Status and Results node, or in the Web Console. See the -[Viewing Generated Reports](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md) -topic for additional information. - -**NOTE:** The Job Builder, Job Approver, and Job Initiator may also view these results within the -Enterprise Auditor Console. Additionally, users with these roles can view reports within the Web -Console. - -## Other Console Roles - -Any modifications needed in the Settings or Host Management nodes must be done by the corresponding -administrator role (Global Options Administrator, Access Administrator, or Host Management -Administrator). These roles can be used in conjunction with any other role (for example, a user can -be a Job Builder and Global Options Administrator in order to build jobs and manage corresponding -Connection Profiles). - -### Web Administrator - -The Web Administrator can view all reports within the Web Console. - -In addition to viewing report content, Web Administrators can view tags and report permissions. - -_Remember,_ a user with only the Web Administrator role is unable to access the Enterprise Auditor -Console. - -### Report Viewer - -The Report Viewer can view reports within the Web Console according to where the user’s role was -assigned: global, job group, job, or report configuration. - -_Remember,_ a user with only the Report Viewer role is unable to access the Enterprise Auditor -Console. diff --git a/docs/accessanalyzer/11.6/administration/host-management/discovery.md b/docs/accessanalyzer/11.6/administration/host-management/discovery.md deleted file mode 100644 index 847ebf936f..0000000000 --- a/docs/accessanalyzer/11.6/administration/host-management/discovery.md +++ /dev/null @@ -1,915 +0,0 @@ -# Host Discovery Queries Activities Pane - -The Activities pane provides several options for managing Host Discovery queries. - -![Activities pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/activities.webp) - -The options are: - -- Create Query – Opens the Host Discovery Wizard to create a new query -- Edit Query – Opens the Host Discovery Wizard with the selected query’s configuration -- Delete Query – Deletes the selected query and its generated host list - - - A confirmation window displays. Click **Yes** to complete the deletion - -- Run Query – Begins an immediate execution of the selected query -- Stop Query – Stops the selected query which is currently running - - - No action occurs if the query is **Idle** - -- Suspend Query Queue – Removes the selected query from a scheduled queue - - - The Activities pane listing changes to **Resume Query Queue**. Click again to resume scheduled - queue. - -- Schedule – Opens the Schedule wizard to schedule query execution - - - See the - [Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) - topic for additional information on the Schedule wizard - -- View Host List – Opens the - [Host Management](/docs/accessanalyzer/11.6/administration/host-management/management.md) - node directly to the selected query’s generated host list - -These options are also available through a pop-up menu accessed by right-clicking on a query. -**Create Query** and **Suspend Query Queue** are additionally available through a pop-up menu -accessed by right-clicking on the **Host Discovery** node. - -# Discovery Log - -The **Host Discovery** > **Discovery Log** node lists host discovery logs. These logs house -transactions that transpire during the running of host discovery and host inventory tasks. - -![Discovery Log](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/discoverylog.webp) - -The Discovery Log logging level is configured within the **Settings** > **Host Discovery** node. See -the -[Host Discovery](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostdiscovery.md) -topic for additional information. - -The following options are above the data grid: - -- Reload Log – Refresh the log data for the selected Log date and Query Name -- Log date – Select the desired **Log date** from the drop-down menu to view transactions -- Query Name – The default selection is **All Queries**. To narrow the data to a desired query, - select a query name from the drop-down menu. - -The data grid contains the following columns: - -- Date – Date timestamp of transaction -- Kind – Type of transaction recorded (Error, Warning, Info, Debug), controlled by the configured - logging level -- Source – Selectively used, the source value reflects the core component responsible for producing - the message -- HostName – Name of the targeted host where the transaction occurred -- Message – Log transaction message - -# Host Discovery Node - -Use the **Host Discovery** node to discover hosts to audit. Host Discovery queries are created in -the Host Discovery node to discover hosts within the targeted environment that match the desired -criteria (for example, all domain controllers for Active Directory auditing). - -The Host Discovery queries view displays a list of previously configured queries, opens the Host -Discovery Wizard to create new queries, and is where host inventory process can be automated. The -**Host Discovery** node houses the Discovery Log. The **Settings** > **Host Discovery** node -contains the global settings that affect discovery queries. See the -[Host Discovery](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostdiscovery.md) -topic for additional information. - -The Discovery node has four main panes: - -- [Host Discovery Queries](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) -- [Host Discovery Queries Activities Pane](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) -- [Host Discovery Wizard](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) -- [Discovery Log](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - -# Host Discovery Queries - -The Host Discovery Queries Pane contains a list of previously-configured queries. - -![Host Discovery Queries Pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queries.webp) - -The list of previously configured queries is provided in a table format with the following columns: - -- Name – Displays the name assigned to the query during creation -- Query Source – Identifies where the query searches for hosts -- Query State – Displays the query’s current status (active or idle) -- Last count – Identifies the number of hosts found from the last scan -- Last Queried – Displays the date and time stamp for the last running of the query -- Connection Profile – Identifies the Connection Profile assigned to the query for access to the - Query Source -- ID – GUID of the query task -- SANode – Name of the Enterprise Auditor Console server -- Snapshot mode – Identifies the type of discovery query: - - - Cumulative – Grows the host list by appending newly discovered hosts with each query execution - - Snapshot – Only shows host found during the most recent query execution - - **NOTE:** The Snapshot mode is configured on the Options page of the Host Discovery Wizard. - -## View Hidden Columns - -Follow the steps to view the hidden columns in the table: - -**Step 1 –** Right-click a header in the table, which opens a context menu. - -![Field Chooser option on context menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queriesfieldchooser.webp) - -**Step 2 –** Select **Field Chooser**, which opens the Customization window. - -![Customization window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queriescustomizationwindow.webp) - -**Step 3 –** Select the **Columns** tab. - -![Drag hidden colum into table](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queriesaddhiddencolumn.webp) - -**Step 4 –** Drag and drop the desired column between any header of the table. - -![Host Discovery Queries table with column added](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/querieshiddencolumnadded.webp) - -The header is now present in the table. - -# Query an Active Directory server (Discover Domain Controllers) - -Follow the steps to create a Host Discovery query using the **Query an Active Directory server -(Discover Domain Controllers)** source option. This option scans the default domain controller or a -specified server but is scoped to return only machines that are domain controllers. - -![Host Discovey Wizard Source page for AD Domain Controllers query](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Query an Active -Directory server (Discover Domain Controllers)** option. Click **Next**. - -![Host Discovey Wizard Query page for AD Domain Controllers query](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovey Wizard Domains & Sites page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/domainssites.webp) - -**Step 3 –** The Domains & Sites page is scoped to return all domain controllers in the targeted -domains and sites. By default, all domains and sites are selected. If desired, scope to target -specific domains and sites. - -- Connection – Select the radio button to specify the server to be connected to and searched: - - - Connect to default directory – Selects a default domain controller from the domain in which - the Enterprise Auditor Console server resides - - Specify server – Specify a particular server or domain controller. Type the server name in the - textbox. Click **Connect** to confirm the connection to the specified server and populate the - domains and sites choices. - -- Filter by domains – Lists discovered domains - - - Search all domains – The default option. To narrow the scope to specific domains, deselect - this option to enable the selection box. - - Exclude domain – Deselect the checkbox for a domain in the list to exclude it from the scope. - The **Check All** and **Uncheck All** buttons are enabled when scoping by domain. - -- Filter by sites – Lists discovered sites - - - Search all sites – The default option. To narrow the scope to specific sites, deselect this - option to enable the Selection box. - - Exclude site – Deselect the checkbox for a site in the list to exclude it from the scope. The - **Check All** and **Uncheck All** buttons are enabled when scoping by site. - -Click **Next** to continue. - -![Host Discovey Wizard Options page for AD Domain Controllers query](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovey Wizard Inventory page for AD Domain Controllers query](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovey Wizard Summary page for AD Domain Controllers query](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. - -# Query an Active Directory Server (Discover Exchange servers) - -Follow the steps to create a Host Discovery query using the Query an Active Directory server -(Discover Exchange servers) source option. This option scans the default domain controller or a -specified server but is scoped to return only computer objects residing in the configuration -container for Exchange servers. - -![Host Discovery Wizard Source page for AD Exchange](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source Page, select the **Query an Active -Directory server (Discover Exchange servers)** option. Click **Next**. - -![Host Discovery Wizard Query page for AD Exchange](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Exchange Server Query page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/exchangeserver.webp) - -**Step 3 –** The Exchange Server Query page is scoped to the default Microsoft container where all -Exchange servers are housed. - -Leave this page unchanged. If you must modify this page, see the -[Query an Active Directory Server (General)](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) -topic for instructions. Click **Next**. - -![Host Discovery Wizard Options page for AD Exchange](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovery Wizard Inventory page for AD Exchange](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Summary page for AD Exchange](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. - -# Query an Active Directory Server (General) - -Follow the steps to create a Host Discovery query using the Query an Active Directory server -(General) source option. This option scans the default domain controller or a specified server for -all computer objects. The query can be scoped to only return computer objects in specified -containers or individual computer objects. See Step 3 for additional information. - -![Host Discovery Wizard Source page for AD General](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Query an Active -Directory server (General)** option. Click **Next**. - -![Host Discovery Wizard Query page for AD General](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Active Directory page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) - -**Step 3 –** On the Active Directory page, identify the organizational units (OUs) to scan. - -**_RECOMMENDED:_** Scope the query when using this source option. - -- Connection – Select the server to connect to and search for computer objects using the radio - buttons: - - - Connect to default directory – Selects a default domain controller from the domain in which - the Enterprise Auditor Console server resides - - Specify server – Allows you to specify a particular server or domain controller. Type the - server name in the textbox. Click **Connect** to confirm the connection to the specified - server and populate the OU choices. - -- Use Configuration directory partition (contains all Exchange servers) – If selected, the - Configuration directory opens in the Selection box -- Selection box – Expand the domain to select containers and individual hosts. Click **Add** to - include the selected container or host in the OUs to be searched box. -- OUs to be searched box – Displays the selected OUs. Use the buttons at the top of the box to edit - the list: - - - Add – Adds the selection from the Selection Box into the list - - Remove – Removes the selected OU from the list - -- Search sub-OUs – This checkbox in the OUs to be searched box indicates scan depth for the selected - OU - -Click **Next** to continue. - -![Host Discovery Wizard Options page for AD General](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovery Wizard Inventory page for AD General](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Summary page for AD General](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. - -# Import From a Local CSV File - -Follow the steps to create a Host Discovery query using the **Import from a CSV file** source -option. - -**CAUTION:** Each time a query refresh occurs for a query with an import option set as the source, -it re-imports the host list. Therefore, deleting, renaming, or moving the import source file causes -the query to fail. - -![Host Discovery Wizard Source page for CSV import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Import from a CSV -file** option on the Source page. Click **Next**. - -![Host Discovery Wizard Query page for CSV import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -**NOTE:** The source in this case is the Enterprise Auditor Console server. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard CSV File Import page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/fileimport.webp) - -**Step 3 –** On the CSV File Import page, identify the CSV file to import and the column from within -the file where the host names are located: - -- File name – Identify the CSV file with the full file path. Use the ellipsis (**…**) to open a - browser window. -- Includes header row – If the first row of the CSV file is a header row, select this option to - remove it from the list of hosts to be imported -- Column – The drop-down menu is populated from the selected CSV file. Select the column containing - the host names. The selection is highlighted in the Sample data box. -- Sample data box – Displays a preview of the selected CSV file - -Click **Next** to continue. - -![Host Discovery Wizard Options page for CSV import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovery Wizard Inventory page for CSV import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Summary page for CSV import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. - -# Import From a Database - -Follow the steps to create a Host Discovery query using the **Import from a database** source -option. - -**CAUTION:** Each time a query refresh occurs for a query with an import option set as the source, -it re-imports the host list. Therefore, deleting, renaming, or moving the import source file causes -the query to fail. - -![Host Discovery Wizard Source page for database import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Import from a -database** option. Click **Next**. - -![Host Discovery Wizard Query page for database import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Database Import page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/databaseimport.webp) - -**Step 3 –** On the Database Import page, identify the database, table, and column where the host -names are located: - -- Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link Properties - window. Then provide the required information on the Connection tab. - - ![Data Link Properties window Connection tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/datalinkproperties.webp) - - - Server name – Use the drop-down menu to select the server. The **Refresh** button refreshes - the list of available servers. - - Credentials – Select the credentials to use to log on to the server: - - - Use Windows NT Integrated security – This option applies the credentials used to run the - Enterprise Auditor application - - Use a specific user name and password – Provide the user name and password and select the - **Allow saving password** option - - If selected, the **Blank password** option indicates that no password is required - - ![Test connection succeeded confirmation window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp) - - - Click **Test Connection** to confirm a connection has been established. Click **OK** on the - confirmation window. - - Database – Select the **Select the database on the server** option and use the drop-down menu - to select the database - - The other tabs in the Data Link Properties window should not be modified - - - Provider tab – The database connector, dictated by the source of the data and the data - sources that are available on the Enterprise Auditor Console server. This is set by - default to the **Microsoft OLE DB Provider for SQL Server**. - - Advanced tab – Allows modifications of the connection timeout to the database server in - case the server is slow or far away - - All tab – Do not modify this tab - - - Click **OK** to close the Data Link Properties window - -- Table – Use the drop-down menu to select a table from the database -- Column – Use the drop-down menu to select the column where the host names are located. The - selection is highlighted in the Sample data box. -- Sample data Box – Displays a preview of the selected database table - -Click **Next** to continue. - -![Host Discovery Wizard Options page for database import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovery Wizard Inventory page for database import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Summary page for database import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. - -# Scan IP Network - -Follow the steps to create a Host Discovery query using the Scan your IP network source option. This -option scans a specified range of IP Addresses for active hosts and resolves the names of machines -using DNS. - -![Host Discovey Wizard Source page for IP network scan](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Scan your IP network** -option. Click **Next**. - -![Host Discovey Wizard Query page for IP network scan](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovey Wizard IPSweep page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/ipsweep.webp) - -**Step 3 –** On the IPSweep page, specify the range of IP Addresses to scan. - -- Specification Type – Specify the type of IP range to scan. The selected Specification Type - determines the IP Address options available for specifying the IP range. The default is **Specify - IP Address Range**, but the following options are available: - - - Specify Windows IP Configuration Information – Provide **Hostname or IP address** and **Subnet - mask** values - - Specify IP Address Range – Provide **Starting IP Address** and **Ending IP Address** - - Specify Advance IP Address Range – Provide **IP Address Range** - -- IP Address options – The help [?] button at the end of each textbox provides example formats - - - Hostname or IP address – Example: `192.168.2.35` or `target.example.com` - - Subnet mask – Example: `255.255.255.0` - - Starting IP Address – Example: `192.168.2.1` - - Ending IP Address – Example: `192.168.2.255` - - IP Address Range – Example: `192.168.2.*` - - See the help button for full list of examples - -- IP Ranges box – Displays the selected range of IP Addresses. Use the links at the top of the box - to edit the list: - - - Add as inclusion – Adds information provided in the IP Address Textboxes into the to be - collected list - - Add as exclusion – Adds information provided in the IP Address Textboxes into the to be - ignored list - - Remove – Removes the selection from the IP Ranges box - -- (Optional) Only include host with the following ports open – If selected, this option limits the - Host Discovery query to return only the hosts found in the IP Sweep with the specified open ports. - When specifying multiple ports, separate them with commas or semicolons but not spaces. For - example, to specify ports 10 and 80 enter: `10,80`. The help **[?]** button at the end of the - textbox provides example entry formats. -- (Optional) Only include Windows hosts – If selected, this option limits the Host Discovery query - to return only the hosts found in the IP Sweep that have Windows operating systems - -Click **Next** to continue. - -![Host Discovey Wizard Options page for IP network scan](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovey Wizard Inventory page for IP network scan](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -Click **Next** to continue. - -![Host Discovey Wizard Summary page for IP network scan](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. - -# Host Discovery Wizard - -The Host Discovery Wizard gives complete control over how hosts are discovered on the targeted -network and which hosts are discovered. - -![Console with Create Query Option Highlighted](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/createqueryhighlighted.webp) - -Use the Host Discovery Wizard to create new queries. The wizard opens in the Results pane. Use any -of the following methods in order to access the Host Discovery Wizard from the Host Discovery node: - -- Select **Create Query** in the Activities pane -- Right-click the **Host Discovery** node and select **Create Query** from the pop-up menu -- Right-click anywhere in the Host Discovery Queries table and select **Create Query** from the - pop-up menu - -![Host Discovery Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/hostdiscoverywizard.webp) - -The first step in creating a Host Discovery query is to select the source where the query searches -for hosts. Hosts are discoverable using one of the following options: - -- [Scan IP Network](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - – Scans a specified range of IP Addresses for active hosts and resolves the names of machines - using DNS -- [Query an Active Directory Server (General)](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - – Scans the default domain controller or a specified server for all computer objects, can be - scoped -- [Query an Active Directory Server (Discover Exchange servers)](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - – Scans the default domain controller or a specified server but is scoped to return only computer - objects sitting in the configuration container for Exchange servers -- [Query an Active Directory server (Discover Domain Controllers)](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - – Scans the default domain controller or a specified server but is scoped to return only machines - which are domain controllers -- [Import From a Local CSV File](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - – Imports a host list from a specified CSV file -- [Import From a Database](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - – Imports a host list from a specified SQL Server database - -**NOTE:** The Advanced Options checkbox in the lower-left corner is a legacy item and should not be -selected. diff --git a/docs/accessanalyzer/11.6/administration/host-management/management.md b/docs/accessanalyzer/11.6/administration/host-management/management.md deleted file mode 100644 index 2d13216b4d..0000000000 --- a/docs/accessanalyzer/11.6/administration/host-management/management.md +++ /dev/null @@ -1,790 +0,0 @@ -# Add Hosts - -The **Add Hosts** option creates a new host list. It can be accessed through the **Host Management** -node. Follow the steps to add a new host list. - -![Add Hosts option on Activities pane of the Host Management node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/addhosts.webp) - -**Step 1 –** Click **Add Hosts** to open the Host List Wizard in the Results pane. - -![Host List Wizard Specify Manual Host Entry page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistwizardhostentry.webp) - -**Step 2 –** On the Manual Host Entry page, choose to either enter the hosts manually one at a time, -or use the **Import** option. When the list is completed, click **Next**. - -- To enter hosts manually, type the host name in the **Host name** textbox. Then click **Add**. The - entry will appear in the **Host list** box. Repeat the process until all hosts for this list have - been entered. -- The **Import** option opens the Import Hosts window. See the - [Import Hosts Option](/docs/accessanalyzer/11.6/administration/host-management/management.md) - topic for additional information. -- Use **Remove** to delete a selected host from the **Host list** box - -![Host List Wizard Specify Host List Properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistwizardproperties.webp) - -**Step 3 –** On the Specify Host List Properties page, provide a unique descriptive **Host List -Name**. - -- There cannot be two host lists with the same name. Enterprise Auditor automatically appends a - numeral to the end of a host list name to avoid duplicates. - -**Step 4 –** On the Specify Host List Properties page, configure when inventory fields should be -refreshed for hosts in the list and set the credentials to use to conduct the host inventory. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Set the credentials to use to conduct the host inventory. - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Enterprise Auditor application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information on Connection Profiles. - -**Step 5 –** Click **Finish** to save the host list and close the Host Lost Wizard. - -The new list displays at the bottom of the host lists under the **Host Management** node in the -Navigation pane. Every host added is included in the host master table at the Host Management node -as well as in the newly created host list. - -# Delete Host(s) - -Use the **Delete Host(s)** option at the **Host Management** node to permanently delete a host from -the master host table, or at an individual host list node to remove the host from the selected list. - -## Delete From Host Management Node - -Follow the steps to delete a host from the Host Management node. - -**Step 1 –** In the Host Management node, select the host in the data grid and click **Delete -Host(s)** on the Activities pane. - -![Confirm dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletehost.webp) - -**CAUTION:** A deletion from the host master table at the Host Management node cannot be undone, as -it deletes it from the host management database tables. It also removes the host from any host list -to which it has been assigned. Click **Cancel** to stop the deletion. - -**Step 2 –** A dialog box asks for confirmation of the action. Click **OK** to proceed with the -deletion. - -The host is no longer in the master host table. - -## Delete From Individual Host List - -Follow the steps to delete a host from an individual host list. - -**Step 1 –** In the host list, select the host in the data grid and click **Delete Host(s)** on the -Activities pane. - -![Confirm dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletehost.webp) - -**Step 2 –** A dialog box asks for confirmation of the action. Click **OK** to proceed with the -deletion. - -Enterprise Auditor checks to see if the host exists in any other static host lists. If so, the -deletion is limited to removing the selected host from the current host list. - -![Confirm deletion from master host table dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletehostmaster.webp) - -**CAUTION:** A deletion from the host master table cannot be undone, as it deletes it from the host -management database tables. - -**Step 3 –** If the host is not found in another static host list, Enterprise Auditor asks if you -also want to remove the host from the Host Master Table. On the Confirm dialog, select the desired -action. - -- Click **Yes** to remove the host from all dynamic host lists and from the host master table -- Click **No** to remove only the host for the current host list - -The host is no longer in the host list. - -# Delete List - -Use the **Delete List** option to remove the selected list. This option is available only at an -individual host list node. - -**_RECOMMENDED:_** Before deleting a host list, first ensure it is not assigned to a job. - -**Step 1 –** In the Navigation pane, select the host list to delete and click **Delete List**. - -![Confirm dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletelist.webp) - -**CAUTION:** This action cannot be undone. Click **Cancel** to stop the deletion. - -**Step 2 –** On the Confirm dialog box, click **OK** to continue with the deletion. - -Enterprise Auditor checks to see if any hosts within the host list are found in any other static -host lists. - -![Confirm deletion of orphaned hosts from master host table dialog box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletelistmaster.webp) - -**Step 3 –** If no hosts are found in any other host list, then Enterprise Auditor asks if you want -to remove the host from the master host table. On the Confirm dialog box, select the desired option. - -- Yes – Deletes the specified host from the master host table -- No – Does not delete the specified host from the master host table -- No to All – Does not delete other hosts that are not found in another static host list from the - master host table -- Yes to All – Deletes other hosts not found in any other static host list from the master host - table - -When the operation is complete, the list is no longer visible under the Host Management node in the -Navigation pane and it cannot be used to execute jobs against. - -# Edit List - -Use the **Edit List** option to edit properties for the selected host list. This option is available -only from an individual host list node. - -![Edit List option on Activities pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/editlist.webp) - -Select the host list to edit and click **Edit List**. The Host List Wizard opens for the selected -host list. If the selected host list is a custom static host list, the wizard opens on the Manual -Host Entry page where you can add and remove hosts from the list. Other host lists open directly to -the Specify Host List Properties page where you can modify the following: - -- Host List Name - - **CAUTION:** Changing the name of a host list that has been assigned to a job can cause the job - to fail. - -- Refresh inventory setting -- Credentials used for host inventory - -See the -[Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for information on modifying these settings. - -# Edit Query - -Use the **Edit Query** option to modify host lists created by a Host Discovery query. - -![Edit Query option on Activities pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editquery.webp) - -In the Navigation pane, select the query-created host list to edit and click **Edit Query**. The -Host Discovery Wizard opens to the Query page where the query settings for the selected -query-created host list are modified. See the -[Host Discovery Wizard](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) -topic for information on modifying these settings. - -# Export Data - -Use the **Export Data** option to export all information available in the current grid view for the -selected host list to a HTML, XML , or CSV file. Follow the steps to export data. - -**Step 1 –** Select the Host Management or individual host list node to export data from, and -configure the data grid to contain all the columns you want to export. See the -[Host Inventory Data Grid](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information. - -![Export Data option on the Activities pane](/img/versioned_docs/directorymanager_11.0/directorymanager/portal/export.webp) - -**Step 2 –** When the data grid contains all columns desired for export, click **Export Data**. A -Save As window opens. - -![Save As window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportsaveas.webp) - -**Step 3 –** On the Save As window, select the required format (HTML Files, XML Files, or CSV Files) -and provide a name and location for the export file. - -This export is now shareable. Unlike the -[View/Edit Host](/docs/accessanalyzer/11.6/administration/host-management/management.md) -export option, this file will be in the same format as the data grid. - -## Export Examples - -The following examples show the different export format options. - -Example HTML File Export - -![Example HTML File Export](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportexamplehtml.webp) - -Example XML File Export - -![Example XML File Export](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportexamplexml.webp) - -Example CSV File Export - -![Example CSV File Export](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportexamplecsv.webp) - -# Import Hosts Option - -On the Manual Host Entry page of the Host List Wizard, the **Import** option allows hosts to be -imported from either a CSV file or a database into the host list being created. - -Follow the steps to import hosts. - -![Import option on the Manual Host Entry page of the Host List Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistwizardimport.webp) - -**Step 1 –** On the Manual Host Entry page of the Host List Wizard, click **Import**. The Import -Hosts window opens. - -![Import Hosts window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhosts.webp) - -**Step 2 –** On the Import Hosts window, use the **Import from** dropdown to select the source as -either **CSV File** or **Database**. - -**Step 3 –** Configure the source file. The necessary fields depend on the selection in the previous -step. - -![Import Hosts window for importing from CSV File](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhostscsv.webp) - -- CSV File - - - File Name – Click the ellipsis (**…**) to open a browser window and select the CSV file. This - file needs to be stored on the Enterprise Auditor Console server. Once selected, a preview of - the file is shown in the preview box. - - Includes header row – Select this checkbox if the file contains a header row. Otherwise, the - header row will be included in the import (visible within the preview box). - -![Import Hosts window for importing from Database](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhostsdatabase.webp) - -- Database - - - Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link - Properties window. Provide the required information on the Connection tab of the Data Link - Properties window, and then click **OK**. See the - [Import From a Database](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - topic for additional information. - - **NOTE:** The Provider, Advanced, and All tabs of the Data Link Properties window should not - be modified. - - - Table – Use the dropdown to select the table that contains the hosts to be imported. A preview - of the selected table is displayed in the preview box. - -**Step 4 –** Use either the drop-down menu or click on the column in the preview box to select the -column containing the host names. The selected column is highlighted in the preview box. - -**Step 5 –** Click **OK** to complete the import. - -![Imported hosts added in the Host list box on the Manual Host Entry page of the Host List Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhostscomplete.webp) - -The Import Hosts window closes, and the imported list of host names is added in the Host list box on -the Manual Host Entry page of the Host List Wizard. Click **Next** to proceed with configuring the -host list. See the -[Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information on the Host List Wizard. - -# Import Location - -Use the **Import Location** option to import the physical location data for hosts and opens a -customized version of the Import Hosts window. Add host locations from a CSV file or SQL Server -database without creating a new host list. See the -[Host Inventory Data Grid](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for information on the Location column of host inventory. - -Follow the steps to import physical location data for hosts. - -**Step 1 –** Ensure the import source file has columns for both the host name as it is identified -within Enterprise Auditor and the location. - -**NOTE:** When a host name does not match any existing hosts within the Host Master Table, it can be -added as a new host. - -![Import Location option on Activities pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocation.webp) - -**Step 2 –** Select the host list and click **Import Location**. - -![Import Hosts window for importing location](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocationwindow.webp) - -**Step 3 –** On the Import Hosts window, use the **Import from** dropdown to select the source as -either **CSV File** or **Database**. - -**Step 4 –** Configure the source file. The necessary fields depend on the selection in the previous -step. - -- CSV File - - - File Name – Click the ellipsis (**…**) to open a browser window and select the CSV file. This - file needs to be stored on the Enterprise Auditor Console server. Once selected, a preview of - the file is shown in the preview box. - - Includes header row – Select this checkbox if the file contains a header row. Otherwise, the - header row will be included in the import (visible within the preview box). - -- Database - - - Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link - Properties window. Provide the required information on the Connection tab of the Data Link - Properties window, and then click **OK**. See the - [Import From a Database](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - topic for additional information. - - **NOTE:** The Provider, Advanced, and All tabs of the Data Link Properties window should not - be modified. - - - Table – Use the dropdown to select the table that contains the hosts to be imported. A preview - of the selected table is displayed in the preview box. - -**Step 5 –** Use either the drop-down menu or click on the column in the preview box to select the -column containing the host names. The selected column is highlighted in the preview box. - -![Import Hosts window Location column selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocationcsv.webp) - -**Step 6 –** Use the **Import column** drop-down menu to select the column containing the location -information. The selected column is highlighted a lighter color in the preview box. - -**Step 7 –** Click **OK** to complete the import. - -![Imported Location column data in the data grid](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocationcomplete.webp) - -The Location column now contains the imported information. If any of the hosts included in the -import file are not already in the Host Master Table, Enterprise Auditor prompts for confirmation on -whether or not to import the host. Selecting **Yes** or **Yes to All** adds the new hosts to the -Host Master Table but not to any individual host lists. - -**NOTE:** Any new hosts that match dynamic host list criteria will be added to the appropriate -dynamic host lists. - -# Host Management Activities - -The Activities pane available at the Host Management node and at the individual host list nodes -provides the tools needed to manage hosts and host lists. - -| ![Activities pane in Host Management node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/activitieshostmanagement.webp) | ![Activities pane in individual host list node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/activitiesindividualhost.webp) | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Host Management Node | Individual Host List Nodes | - -The available actions are: - -- [Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Create a new host list by manually entering hosts or importing a host list (only available in - the Host Management node) -- [View/Edit Host](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Open the Host Details View, which displays the collected host inventory information for the - selected host in an easier-to-read format and allows you to manually edit the host inventory - information -- [Delete Host(s)](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Delete host from the selected list (permanently deletes host from the host master table if used - in the Host Management node) -- [Import Location](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Import the physical location data for hosts from a CSV file or database without creating a new - host list. Location column is in the - [Host Inventory Data Grid](/docs/accessanalyzer/11.6/administration/host-management/management.md). -- [Refresh Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Manually executes the host inventory query for the selection -- [Save Current View](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Create a dynamic host list from the current (filtered) data grid view -- [Save Selected To List](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Create a static host list from the selected hosts within the current data grid -- [Schedule (Activities Pane Option)](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Opens a customized Schedule Properties window to schedule a host inventory query -- [Export Data](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Export the current data grid to a HTML, XML, or CSV file -- [Suspend/Resume Host Inventory](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Pause an **In progress** host inventory or resume a paused **In queue** host inventory -- External commands – Sub-header (not activity) that separates the Activities above which occur - within the Enterprise Auditor Console from the Activities below which open external processes: - - - Manage Host – Opens the Microsoft Management Console interface for the selected host if it has - that feature enabled - - Explore Host – Opens Windows Explorer, displaying the shares on the selected host - - Ping Host – Opens a Command Prompt to run a ping command targeting the selected host - - Trace Route to Host – Opens a Command Prompt to run the `TraceRoute` command, locating a path - to the selected machine in less than 30 hops - -Activities available only at the individual host list nodes are: - -- [Edit List](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Edit the selected host list in the Host List Wizard -- [Edit Query](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Edit the Host Discovery query settings for the selected query-created host list -- [Rename List](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Rename the selected host list (should not be used if the host list has already been assigned to - a job for execution) -- [Delete List](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Delete the selected host list -- [View Query](/docs/accessanalyzer/11.6/administration/host-management/management.md) - – Opens the Host Discovery Queries window - -# Refresh Hosts - -Use the **Refresh Hosts** option to manually execute the Host Inventory query. It can be selected -for the following: - -- All hosts – Use from the Host Management node -- Individual host list – Use from a host list node to refresh all hosts in the selected host list -- Selected hosts in a list – Select hosts using the Windows Ctrl and left-click function or by - filtering the data grid view -- Individual host – Select a host from the current view - -![Refresh Hosts option on Activities pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/refreshhosts.webp) - -Select the hosts or host list to inventory and then click **Refresh Hosts** in the Activities pane. - -![Refresh Hosts Confirm dialog](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/refreshhostsconfirm.webp) - -When only particular hosts are selected in a list, a dialog box asks for confirmation of the action. - -# Rename List - -Use the Rename List option to change the name of a selected host list. This option is available only -from an individual host list node. - -**CAUTION:** Changing the name on a host list that has been assigned to a job can cause the job to -fail. - -![Host list name window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistname.webp) - -Select the host list to rename and click **Rename List** to open the Host list name window. Enter -the new name for the host list and click **OK**. - -**NOTE:** Host list names can also be changed using the **Edit List** option, see the -[Edit List](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information. - -# Save Selected To List - -Use the **Save Selected To List** option to create a static host list. This option is available from -either the Host Management node or an individual host list node. See the -[Static Host Lists](/docs/accessanalyzer/11.6/administration/host-management/management.md#static-host-lists) -topic for additional information on static host lists. This option is inactive until at least one -host within the data grid is selected. - -![Save Selected To List option in Host Management node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/savetolist.webp) - -Use the Windows Ctrl + left-click function to select multiple hosts from the data grid. In the -Activities pane, click **Save Selected To List**. The Host List Wizard opens with the selected hosts -in the Host list box on the Manual Host Entry page. See the -[Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for information on creating a host list. - -# Save Current View - -Use the **Save Current View** option to create a dynamic host list. This option is available from -either the Host Management node or an individual host list node. The option is inactive until you -apply a filter to the data grid. Follow the steps to create a dynamic host list. - -**Step 1 –** Select the Host Management or individual host list node to create the host list from. - -**Step 2 –** Filter the data grid for the desired criteria. See the -[Host Inventory Data Grid](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information. - -![savecurrentview](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/savecurrentview.webp) - -**Step 3 –** Click **Save Current View** in the Activities pane. - -![Host List name window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistname.webp) - -**Step 4 –** On the Host list name window, provide a unique, descriptive name for the new host list -and click **OK**. - -The new host list displays under the Host Management node. When the Enterprise Auditor Console -closes the host lists under the Host Management node, the hosts reorganize in alphanumeric order. -Like the default host lists, custom dynamic host lists are auto-populated and updated according to -host inventory. - -**_RECOMMENDED:_** Do not modify the criteria once a dynamic based list has been created. It is -better to delete and recreate the list in order to modify a dynamic-based list. - -See the -[Dynamic Host Lists](/docs/accessanalyzer/11.6/administration/host-management/management.md#dynamic-host-lists) -topic for more information on dynamic host lists. - -# Schedule (Activities Pane Option) - -Use the **Schedule** option in the Activities pane to schedule a host inventory query to run for any -of the following: - -- All hosts in the Host Master Table -- An individual host list -- Selected hosts in a list - -![Schedule option on the Activities pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/schedule.webp) - -Select the hosts or host list to inventory and click **Schedule** in the Activities pane. The -Schedule Wizard opens for the selected host or host list. - -![Schedule Wizard for Host Inventory Query](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/schedulewizardhostmanagement.webp) - -Use the Schedule Wizard to configure the scheduled task. See the -[Schedule Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md) -topic for additional information. - -The details of the scheduled Inventory query are available in the **Schedules** view, including the -next run date and time. See the -[Schedules](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md) -topic for additional information. - -# Suspend/Resume Host Inventory - -Use the **Suspend Host Inventory** option to pause an in progress inventory. - -![Suspend Host Inventory](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/suspendhostinventory.webp) - -Once clicked, the option changes to **Resume Host Inventory** and the **In progress** host -inventories change to an **In queue** state. - -**NOTE:** Clicking **Refresh Hosts** while inventory is suspended adds to the queue but does not -resume the inventory. - -![Resume Host Inventory](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/resumehostinventory.webp) - -Click **Resume Host Inventory** to resume the inventory queries. - -# View/Edit Host - -Use the **View/Edit Host** option to open the Host Details View. This view displays the collected -host inventory information for the selected host in an easy-to-read format. - -![View/Edit Host option](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/viewedithost.webp) - -Select a host from either the Host Master Table or an individual host list and click **View/Edit -Host**. - -![Host Details View](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostdetailsview.webp) - -The Host Details View displays in the Results pane, and the rest of the Enterprise Auditor Console -is unavailable while it is open. You can use the view to manually edit the host inventory -information. - -- Edit – Enables the textboxes and checkboxes for editing -- Apply – Saves any changes. This button appears when **Edit** is clicked. -- Save as HTML – Exports the current view of the selected host’s inventory to an HTML file. Click, - then provide a name and location for the export. The export is now sharable as desired. This - button is inactive while in edit mode. -- Cancel – Abandons any changes. This button displays when **Edit** is clicked. -- Close – Exits the Host Details View - -# View Query - -Use the **View Query** option to open the Host Discovery Queries pane. - -![View Query option on Activities pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/viewquery.webp) - -Click **View Query** to go to the Host Discovery Queries pane. See the -[Host Discovery Queries](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) -topic for additional information. - -# Host Inventory Data Grid - -The data grid provides all host inventory information collected on the hosts. View this information -at the **Host Management** node (the Host Master Table) or at individual host list nodes. See the -[Hosts Lists](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for information on host lists. - -![Host Inventory Data Grid](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/datagrid.webp) - -The icon for each host entry is an indicator of its inventory state: - -| Icon | Inventory State | -| ----------------------------------------------------------------------------------------------------------------------------------------- | --------------- | -| ![Idle inventory state icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/inventoryidle.webp) | Idle | -| ![In Queue inventory state icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/inventoryinqueue.webp) | In Queue | -| ![In Progress inventory state icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/inventoryinprogress.webp) | In Progress | - -The **Name**, **HostStatus**, and **InventoryState** grid columns are fixed by default. If desired, -you can move these columns to the scrollable section of the table. - -Use the horizontal scrollbar at the bottom to view the host inventory data, which includes: - -- Name – Unique host name -- HostStatus – Status of the host during the last time it was queried for host inventory collection -- InventoryState – Last known status of the host inventory query (**Idle**, **In progress**, or **In - queue**) - - **NOTE:** If the Enterprise Auditor application is stopped during host inventory collection, - hosts queued for inventory retain the **InventoryState** of **In queue** within the Host - Management node data grid, as this is the last known state of inventory. It retains that state - until the next host inventory collection is executed against the host. - -- IPAddress – Last known IP Address for the host from host inventory collection -- Subnet – Subnet mask for the host’s IP Address -- DNSDomain – Domain in which the host participates -- FQDN – Fully Qualified Domain Name of host -- OSName – Name of host’s operating system -- OSType – Type of host’s operating system -- TimeZone – Configured time zone for the host -- LastOnline – Timestamp for the last time the host was found to be online during a host inventory - query -- LastAudit – Timestamp for the last time the host was executed against at the job level -- LastUpdate – Timestamp for the last time the host inventory record was updated -- WindowsDomain – Domain in which the host resides -- OSVersion – Version of the host’s operating system -- ServicePack – Operating system Service Pack for the host -- Role – Estimated role of the workstation or server (only applicable to Windows devices) -- Manufacturer – Name of the manufacturer of the device, if applicable -- SerialNumber – Serial number of the device, if applicable -- ADSite – Active Directory site in which the host resides -- isDNSServer – True or False if the host serves the role of DNS server -- isDomainController – True or False if host serves the role of domain controller -- isGlobalCatalog – True or False if host serves the role of Global Catalog -- isExchangeServer – True or False if host serves the role of Exchange server -- Model – Model of the device, if applicable -- FirstDiscovered – Timestamp of the Host Discovery query which introduced the host -- LastUpdatedBy – Name of the Enterprise Auditor Console server which last updated the host’s - inventory record -- MACAddress – Media Access Control address, if applicable -- ServerRole – Indicates what role is served by the server (only applicable to Exchange servers) -- isIIS – True or False if IIS is present on the server -- Location – Distinct physical location, entered manually through the - [Import Location](/docs/accessanalyzer/11.6/administration/host-management/management.md) - activity -- ExchLocation – Distinct physical location of Exchange server, entered manually through the - [Import Location](/docs/accessanalyzer/11.6/administration/host-management/management.md) - activity -- AltLocation – Alternate physical location, entered manually through the - [Import Location](/docs/accessanalyzer/11.6/administration/host-management/management.md) - activity -- WinCluster – Name of the Windows cluster in which the host is a part, if applicable -- ExchCluster – Name of the Exchange cluster in which the host is a part, if applicable -- ExchangeServerRole – Name of the Exchange server roles served by the host -- ExchangeVersion – Exchange Server application version obtained from the registry -- IsSQLServer – True or False if host serves the role of SQL Server -- hostID – Unique identifier of the host within the Enterprise Auditor inventory tables - -See the -[Data Grid Functionality](/docs/accessanalyzer/11.6/administration/navigation.md) -topic for information on how to sort, filter, and search within the data grid. - -The Activities pane provides several options for managing hosts within the Host Management node. See -the -[Host Management Activities](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for information on these options. - -## Host List Data Grid Right-Click Menus - -The right-click menu available in the Host Management data grid varies according to the selection in -the Navigation pane. - -| ![Host Management node right-click menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/rightclickhostmanagement.webp) | ![Individual host list right-click menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/rightclickindividualhost.webp) | ![Query created host list right-click menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/rightclickquerycreated.webp) | -| --------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| Host Management Node | Individual Host List | Query-Created Host List | - -These right-click menu options contain the Host Management Activities available for the selection. -See the -[Host Management Activities](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information on these options. - -# Hosts Lists - -A host list is a grouping of hosts for the purpose of executing jobs against. Every host list -created can be accessed by expanding the **Host Management** node in the Navigation pane. - -![Host Management Node in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -There are two types of host lists: - -- Dynamic host lists – Auto-populated and updated according to the most recent inventory information - available for the hosts. They include both the default host lists and custom created dynamic host - lists. See the [Dynamic Host Lists](#dynamic-host-lists) topic for additional information. -- Static host lists – Only changed manually or through a scheduled host discovery query. They - include both host lists created during host discovery queries and custom created static host - lists. See the [Static Host Lists](#static-host-lists) topic for additional information. - -A newly created host list will appear in alphanumerical order under the Host Management node. The -icon in front of the host list will indicate which type of host list it is: - -| Icon | Type of Host List | -| -------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | -| ![Static Host List icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/statichostlist.webp) | Default Host List or Custom Host List (Static or Dynamic) | -| ![Host Discovery Query List icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/discoveryquerylist.webp) | Host Discovery Query List | -| ![Dynamic Host List icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/dynamichostlist.webp) | Host List created by Job | - -You can view host inventory information at the Host Discovery node (the Host Master Table) or at -individual host list nodes. See the -[Host Inventory Data Grid](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for information on the data collected by host inventory. - -## Dynamic Host Lists - -Dynamic host lists are lists of hosts that are grouped according to selected criteria within the -host inventory. Each time a host inventory record is refreshed, the hosts are automatically added to -or removed from dynamic host lists in accordance with the criteria set for the list. They include -both the default host lists and custom created dynamic host lists. See the -[Host Inventory](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostinventory.md) -topic for a list of the default host lists and instructions on controlling which of these lists are -visible under the Host Management node. - -Custom dynamic host lists are created by filtering the data grid and using the -[Save Current View](/docs/accessanalyzer/11.6/administration/host-management/management.md) -option in the Activities pane or right-click menu. This can be done at the Host Management node with -the Host Master Table or at any host list node. See the -[Filter](/docs/accessanalyzer/11.6/administration/navigation.md#filter) -topic for additional information on filtering data grids. - -**_RECOMMENDED:_** Do not modify the criteria once a dynamic based list has been created. It is -better to delete and recreate the list in order to modify a dynamic-based list. - -## Static Host Lists - -Static host lists are created either through host discovery queries or manually entered within the -**Host Management** node. Lists created by -[Host Discovery Node](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) -queries are updated each time the query is run, manually or scheduled. Other static host lists can -only be changed manually. Custom host lists are frequently created in order to scope a job to -execute against a select set of hosts. - -For example, a user running the Exchange Solution might create a list to just run Mailbox queries -against. Whereas a user running the File System Solution might create a list of servers being used -for file shares. - -There are two common ways to create static host lists: - -- Use the - [Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) - option in the Activities pane or right-click menu to access the Host List Wizard -- Select multiple hosts from the data grid using the Windows Ctrl and left-click function. This can - be done from the Host Mast Table or any host list under the Host Management node. Then use the - [Save Selected To List](/docs/accessanalyzer/11.6/administration/host-management/management.md) - option in the Activities pane or right-click menu to open the Host List Wizard with a pre-filled - in Manual Host Entry page. - -See the -[Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) -section for information using the Host List Wizard. - -# Host Management - -The **Host Management** node is used to manage hosts in a targeted environment. Hosts configured -under the **Host Management** node can be audited using other features in Enterprise Auditor. This -node maintains information for audited computers. To view information on all computers in the -environment, use the -[.Active Directory Inventory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md), -specifically the Active Directory Summary report. - -The Host Management node provides a master list of every host ever introduced to Enterprise Auditor. -Introduce hosts through -[Host Discovery Node](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) -queries or by entering them manually. Hosts are removed from this list only by manually deleting -them. This master listing of hosts, or the Host Master Table, is designed around unique host names, -not necessarily unique hosts themselves. The data grid provides all host inventory information -collected on the hosts. See the -[Host Inventory Data Grid](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information. - -The Host Management process consists of the following phases: - -- Host Discovery – The process of discovering hosts to audit through Host Discovery queries, which - can be scoped to identify computers with commonalities. These queries are managed under the Host - Discovery node. See the - [Host Discovery Node](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - topic for additional information. -- Host Inventory – The process of collecting key pieces of information about each host to aid in - segregating the hosts into logical sub-groupings for targeted auditing. Use either the Host - Discovery or Host Management nodes. -- Host List Creation – Enterprise Auditor creates Default host lists based on Host Inventory - results. Create and manage Custom host lists under the Host Management node. See the - [Hosts Lists](/docs/accessanalyzer/11.6/administration/host-management/management.md) - topic for additional information. - -![Host Management Node in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The nodes under the Host Management node are: - -- Default hosts lists -- Host lists generated by Host Discovery queries -- Custom host lists - -See the -[Host Inventory](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostinventory.md) -topic for global settings that affect Host Management. diff --git a/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md b/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md deleted file mode 100644 index 882067cefa..0000000000 --- a/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md +++ /dev/null @@ -1,689 +0,0 @@ -# AD_PasswordExpirationNotification Job - -The AD_PasswordExpirationNotification Job determines when Active Directory user passwords are about -to expire and can be configured to send notifications to users prior to password expiration. It is -available through the Instant Job Library under the Active Directory library. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -section for instructions to add this instant job into the Jobs tree. Since this job does not require -a host to target, select Local host on the Hosts page of the Instant Job Wizard. - -![AD_PasswordExpirationNotification job in the Jobs tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Runtime Details: - -- Dependencies – The .Active Directory Inventory Job Group must be successfully run before running - this job -- Target Hosts – None -- Scheduling – This job should be scheduled to run as desired -- History Retention – Not supported and should be turned off -- Multi-console Support – Not supported - -The AD_PasswordExpirationNotification Job runs analysis tasks that generate tables and configure -password expiration notifications. It also generates a report on passwords expiring within a -specified parameter, by default within 15 days. If desired, notifications of password expiration can -be configured to send to a help desk email (through an analysis task) and to the user (through an -action task). - -## Analysis Tasks for the AD_PasswordExpirationNotification Job - -Navigate to the **Jobs** > **AD_PasswordExpirationNotification** > **Configure** node and select -**Analysis** to view the analysis tasks. - -![Default Analysis Tasks for the Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- 1. User Password Information – Creates the PasswordExpirationNotification_Details table - accessible under the job’s Results node - - Contains a configurable parameter for the number of days until a password expires to be - identified - - See the - [Customizable Analysis Tasks for the AD_PasswordExpirationNotification Job](#customizable-analysis-tasks-for-the-ad_passwordexpirationnotification-job) - topic for additional information. -- 2. Domain Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation -- 3. Passwords Set to Expire Within 15 Days – Creates the - PasswordExpirationNotification_ExpiresWithin15Days table accessible under the job’s Results - node -- 4. Notification Data Table – Creates the - PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table accessible under - the job’s Results node -- 5. Help Desk Notification – Sends notification of users with passwords set to expire in X days - - See the - [Notification Analysis Task in the AD_PasswordExpirationNotification Job](#notification-analysis-task-in-the-ad_passwordexpirationnotification-job) - topic for additional information. - -## Action for the AD_PasswordExpirationNotification Job - -Navigate to the **Jobs** > **AD_PasswordExpirationNotification** > **Configure** node and select -**Actions** to view the action modules. - -**CAUTION:** This action is enabled by default. - -![Default Action Tasks for the Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/actiontasks.webp) - -The default actions are: - -- 1. User Notification – Uses the SendMail Action Module to send notifications to users on - password expiration - - Requires the Notification Actions license feature - - See the - [Action Task in the AD_PasswordExpirationNotification Job](#action-task-in-the-ad_passwordexpirationnotification-job) - topic for additional information. - -In addition to the tables created by the analysis and action tasks, the -AD_PasswordExpirationNotification Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------------------- | -------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------- | -| Passwords Expiring Within 15 Days | This report displays users accounts with passwords set to expire within 15 days. | None | This report is comprised of one element: - Table – Displays details on passwords expiring within 15 days | - -## Customizable Analysis Tasks for the AD_PasswordExpirationNotification Job - -Customizable parameters enable Enterprise Auditor users to set the values used to classify user and -group objects during this job’s analysis. The parameters can be customized and are listed in a -section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s -parameters. - -**CAUTION:** Do not change the table names or report name to align with a different value supplied -for this parameter. Modifying the table names will result in analysis and report errors downstream. -Only the report title and descriptions can be modified within the report configuration. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ---------------------------- | --------------------------- | ------------- | ------------------------------------------------------------------------------------------------- | -| 1. User Password Information | @pswLen | 15 | Number of days left until a password expires, should be set according to an organizations policy. | - -The parameters that can be customized are listed in a section at the bottom of the SQL Script -Editor. Follow the steps to customize an analysis task’s parameters. - -**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**Step 2 –** In the Analysis Selection view, select the **1. User Password Information** Analysis -Task and click on **Analysis Configuration**. The SQL Script Editor opens. - -![1. User Password Information Analysis Task in SQL Script Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/customizeanalysistask.webp) - -**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. -Double-click on the current value and change as desired. - -**CAUTION:** Do not change any parameters where the Value states **Created during execution**. - -**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. - -The new value will be applied to the next job execution. - -## Notification Analysis Task in the AD_PasswordExpirationNotification Job - -The Notification Analysis Task can be used to send a single email to specified recipients containing -a list of all users whose passwords will expire in the specified number of days, that is the users -listed in the PasswordExpirationNotification_ExpiresWithin15Days table. The analysis is enabled by -default. Therefore, when the job is executed the following message is sent to the specified -recipient, such as the organization’s help desk, with information from the associated table: - -_Subject:_ Users with Passwords About To Expire - -Support Team, - -Heads-up.  The following users are facing password expiration in seven days or less: - -**[[ -- Password for [User] ([NTAccount]) expires in [DaysUntilExpiration] days** - -**]** - -Thank you, - -Netwrix - -**CAUTION:** Do not modify the tags, highlighted in bold text above. - -The Subject or message body can be modified, for example to replace `Netwrix` with the -organization’s name. Follow the steps to configure the 5. Help Desk Notification Analysis Task. - -**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select -**Analysis** to view the Analysis tasks. - -**Step 2 –** In the Analysis Selection view, select the **5. Help Desk Notification Analysis Task** -and click on **Analysis Configuration**. The Notification Data Analysis Module opens. - -![SMTP properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/smtpproperties.webp) - -**Step 3 –** Use the **Next** button to navigate to the SMTP properties page. Do not make changes to -the preceding pages. The email configuration takes place on the SMTP page. Provide the recipients’ -email addresses, Message Subject, and add the notification email content. - -![SMTP properties add email recipients](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/smtppropertiesrecipients.webp) - -In the Recipients section, provide the email addresses in the text box or distribution lists in the -E-mail field (fully qualified address) for those who are to receive this notification, for example -the organization’s Help Desk. Multiple addresses can be input by adding a semicolon (;) and space -between entries. - -Use the **Add** and **Remove** buttons to add or remove the address in the E-mail field from the -Recipients list. There is an option to **Combine multiple messages into single message**, which is -checked by default so that it sends one email for all users in the record set instead of one email -per user. - -![Message section of SMTP properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/smtppropertiesmessage.webp) - -In the Message section, the **Subject** should be configured. Then set the email content in the text -box as desired. - -**Step 4 –** To save these configuration changes, use the **Next** button to navigate to the Summary -page. Do not make changes to any other pages. Click **Finish**. The Notification Data Analysis -Module window closes. - -![Analyis Tasks view](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp) - -**Step 5 –** This notification analysis task is now configured to send emails. In the Analysis -Selection view, ensure the 5. Help Desk Notification Analysis Task is checked so that notifications -can be sent automatically during the execution of the AD_PasswordExpirationNotification Job. - -The recipients added in Step 3 receive a notification when the AD_PasswordExpirationNotification Job -is executed. - -## Action Task in the AD_PasswordExpirationNotification Job - -The 1. User Notification Action Task uses the SendMail Action Module to send users notification of -password expiration. It targets the SMTP Address Column of the users whose passwords are going to -expire within the desired number of days, that is the users listed in the -PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table. The action is enabled by -default. Therefore, when the job is executed the following message is sent to all users in the -associated table: - -_Subject:_ Attention **[User]** - Your Password Expires in **[DaysUntilExpiration]** Days - -Hello **[User]**, - -The password for the account **[NTAccount]** expires on **[ExpirationDate]**. Please change the -password prior to the expiration date.  If account profiles are used on mobile devices, please -remember to update the password on each device used. - -Thank you, - -Netwrix - -**CAUTION:** Do not change the recipient for the action task. While the tags can be moved, do not -remove or modify the tags, which are highlighted in bold text above. - -The subject or message body can be modified, for example to replace `Netwrix` with the -organization’s name. Follow the steps to modify the Subject or message body within the 1. User -Notification Action Task. - -**NOTE:** It is necessary for the -PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table to exist in the database -before this action task can be modified. - -**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select -**Actions**. - -**Step 2 –** In the Action Selection view, select the **1. User Notification** Action Task and click -on **Action Properties** to view the actions. - -**CAUTION:** Do not modify the action task properties. - -**Step 3 –** In the Action Properties view, the action properties and a preview of the users from -the associated table are displayed. Click **Configure Action**. The Send Mail Action Module Wizard -opens. - -![Send Mail Action Module Wizard Message page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/actionwizardmessage.webp) - -**Step 4 –** Click **Next** to navigate to the Message page. Modify the message **Subject** and -email content as desired. - -**Step 5 –** Click **Next** and then **Finish** to save the changes. The Send Mail Action Module -Wizard closes. - -**Step 6 –** Click **Save** on the Action Properties view. - -When the action task is enabled, it executes as part of the job. Optionally, the action task can be -manually executed. - -# EX_RegisterAzureAppAuth Job - -EX_RegisterAzureAppAuth will register an Microsoft Entra ID (formerly Azure AD) application for -authentication and provision appropriate permissions for Exchange Online scans. It requires: - -- A Connection Profile containing a Microsoft Entra ID Global Admin credential with an Account Type - of **Task (Local)** -- Exchange Online Management v3.4.0 - - - You can install this module with the following command: - - ``` - Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 - ``` - -- Azure AD PowerShell module installed on targeted hosts - - **NOTE:** If the module is not already installed, the job will attempt to install it. - - - You can install the module with the following command: - - ``` - Install-Module AzureAD - ``` - - - TLS 1.2 is required for the Azure AD PowerShell module. Run the following command to configure - it: - - ``` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - ``` - -- Microsoft Graph PowerShell module installed on targeted hosts - - - You can install the module with the following command: - - ``` - Install-Module Microsoft.Graph - ``` - -## Using the EX_RegisterAzureAppAuth Job - -Follow the steps to configure and run the EX_RegisterAzureAppAuth Job. - -**Step 1 –** In Enterprise Auditor navigate to the Exchange Job Group (or any other Job Group you -wish to place the EX_RegistureAzureApp job into). - -**Step 2 –** Click **Add Instant Job** to open the Instant Job Wizard. - -**Step 3 –** Install the EX_RegisterAzureAppAuth Job from the Instant Job Library under the Exchange -General library. After installation, the job tree automatically refreshes with the new job available -within the selected Job Group. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -**Step 4 –** On the job description page, in the Configuration section, select the edit button for -**Name of the app as it will appear in the Azure applications list** and enter the name you want to -apply to the registered Microsoft Entra ID application. Click **Save**. - -**Step 5 –** In the same section, select the edit button for **Password used for the Azure -application and to encrypt the certificate file in the local file system** and enter the password to -use for the Microsoft Entra ID application. Click **Save**. - -**Step 6 –** (Optional) For non-standard tenant types, edit the **Azure Environment Name...** option -to provide the full environment name. For a standard tenant, leave this option blank. - -- For example, if leveraging a government (or GCC) tenant, enter **AzureGovernment** -- Additional options include: AzureChinaCloud, AzureCloud, AzureGermanyCloud, AzurePPE, - AzureGovernment2, and AzureGovernment3 - -**Step 7 –** On the **Configure** > **Hosts** node, select the target hosts. The targeted hosts -should be the Microsoft Entra tenant name (for example, `myorg.onmicrosoft.com`). Click **Save**. -The job is now ready to be run. - -**Step 8 –** Run the EX_RegisterAzureAppAuth Job. - -**Step 9 –** After the job successfully runs, it opens a browser window to Microsoft Entra ID. -Log-in as a Global Administrator, and grant administrator consent to the Application's configured -API Permissions. - -- If this login attempt fails or you close the browser, you will need to login to Microsoft Entra ID - as a Global Administrator and navigate to the Application's API Permissions to grant Admin Consent - before the Application can be used for Exchange scans in Enterprise Auditor. - -The Microsoft Entra ID application is now provisioned with the necessary permissions for Exchange -Online scans. There will be a new Connection Profile for this Application. Restart the Enterprise -Auditor Console and enter a password to use this Connection Profile. - -_Remember,_ the required rights and roles for Exchange Online still need to be configured. See the -[Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -# FS_DEFEND_SDD Job - -The FS_DEFEND_SDD Job exports sensitive data matches collected by the File System Solution Sensitive -Data Discovery Auditing jobs to Threat Manager. It is available through the Instant Job Library -under the File System library. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for instructions to add this instant job into the Jobs tree. - -For installing the job, select **Local host** on the Hosts page of the Instant Job Wizard. Then set -the host list according to the following information. - -![FS_DEFEND_SDD job in the Jobs tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Runtime Details: - -- Dependencies – The following job groups must be successfully run before running this job - - **FileSystem** > **0.Collection** Job Group - - **FileSystem** > **7.Sensitive Data** Job Group -- Special Instructions - - A Connection Profile must be created using the Web Services (JWT) credential account type with - the specified Threat Manager App Token and assigned to this job - - See the - [Custom Connection Profile for FS_DEFEND_SDD Job](#custom-connection-profile-for-fs_defend_sdd-job) - topic for additional information - - Assign the Connection Profile on the Connection tab of the job’s Properties - - The Threat Manager host name with port, [HOST]:8080, and App Token are generated within Threat - Manager: - - Navigate to the **Configuration** > **App Tokens** page - - Create a new app token - - Copy the Host Name and Token - - See the Enterprise Auditor Integration topic of the - [Netwrix Threat Manager Documentation](https://helpcenter.netwrix.com/category/stealthdefend) - for additional information. -- Target Hosts – Custom Host List - - Threat Manager target host is the Threat Manager host name with port, [HOST]:8080 - - Format – [HOST]:8080 - - Assign host list at the **FS_DEFEND_SDD** > **Configure** > **Hosts** (see the - [Hosts Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information) -- Scheduling – This job should be scheduled to run as desired -- History Retention – Not supported and should be turned off -- Multi-console Support – Not supported - -The FS_DEFEND_SDD Job runs an analysis task that generates the SA_FSAA_SDD_RESULTS table, which -places the data in a compatible format for Threat Manager. It then runs an action task using the Web -Request Action Module to send the data to Threat Manager. - -## Analysis Tasks for the FS_DEFEND_SDD Job - -Navigate to the **Jobs** > **FS_DEFEND_SDD** > **Configure** node and select **Analysis** to view -the analysis tasks. - -![Default Analysis tasks for the job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- Create FSAA DEFEND table – Creates the FSAA_SDD_RESULTS table accessible under the job’s Results - node - -## Actions for the FS_DEFEND_SDD Job - -Navigate to the **Jobs** > **FS_DEFEND_SDD** > **Configure** node and select **Actions** to view the -actions. - -**CAUTION:** This action is enabled by default. - -![Default Action Tasks for the Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/actiontasks.webp) - -The default action is: - -- Integrate – Uses the Web Request Action Module to send data to Threat Manager - -## Custom Connection Profile for FS_DEFEND_SDD Job - -The FS_DEFEND_SDD Job requires a custom Connection Profile to authenticate to Threat Manager. The -credential for the Connection Profile must be created with the Web Services (JWT) account type. -Remember, the Threat Manager App Token is generated within Threat Manager. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Web Services (JWT) -- Domain – Not a field for this type of credential, defaults to `` -- User name – Not a field for this type of credential -- Password Storage: Application – Uses Enterprise Auditor’s configured Profile Security setting as - selected at the **Settings** > **Application** node -- Access Token – Copy and paste the Threat Manager App Token - -See the -[Application](/docs/accessanalyzer/11.6/administration/settings/application.md) -topic for additional information. - -# FS_MigrateSchema Job - -The FS_Migrate_Schema Job migrates the schema in order to support the use of 64-bit ResourceID's -without affecting data. It is available through the Instant Job Library under the File System -library. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for instructions to add this instant job into the Jobs tree. - -For installing the job, select **Local host** on the Hosts page of the Instant Job Wizard. - -![FS_MigrateSchema job in the Jobs tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Runtime Details: - -- Dependencies – None -- Target Hosts – None -- Scheduling – This job should be scheduled to run as desired -- History Retention – Not supported and should be turned off -- Multi-console Support – Not supported -- Additional Notes – None - -The FS_Migrate Schema Job migrates the schema in order to support the use of 64-bit ResourceID's -without affecting data. - -## Analysis Tasks for the FS_MigrateSchema Job - -Navigate to the **Jobs** > **FS_MigrateSchema** > **Configure** node and select **Analysis** to view -the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Default Analysis tasks for the job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- 1.Migrate Resources – Migrates the SA_FSAA_Resources table to leverage 64-bit IDs -- 2.Migrate UnixRights – Migrates the SA_FSAA_UnixRights table to leverage 64-bit IDs -- 3.Migrate Gates – Migrates the SA_Gates table to leverage 64-bit IDs -- 4.Migrate GatesProxy – Migrates the SA_FSAA_GatesProxy table to leverage 64-bit IDs -- 5.Migrate Exceptions – Migrates the SA_FSAA_Exceptions table to leverage 64-bit IDs -- 6.Migrate ProbableOwners – Migrates the SA_FSAA_ProbableOwners table to leverage 64-bit IDs -- 7.Migrate FileSizes – Migrates the SA_FSAA_FileSizes table to leverage 64-bit IDs -- 8.Migrate FileTypes – Migrates the SA_FSAA_FileTypes table to leverage 64-bit IDs -- 9.Migrate FileAges – Migrates the SA_FSAA_FileAges table to leverage 64-bit IDs -- 10.Migrate FileTags – Migrates the SA_FSAA_FileTags table to leverage 64-bit IDs -- 11.Migrate DFS Links – Migrates the SA_FSDFS_Links table to leverage 64-bit IDs -- 12.Migrate DLP Matches – Migrates the SA_FSDLP_Matches table to leverage 64-bit IDs -- 13.Migrate DLP MatchHits – Migrates the SA_FSDLP_MatchHits table to leverage 64-bit IDs -- 14.Migrate DLP MatchHits Subject Profile – Migrates the SA_FSDLP_MatchHits_SubjectProfile table to - leverage 64-bit IDs -- 15.Migrate FSAC ActivityEvents – Migrates the SA_FSAC_ActivityEvents table to leverage 64-bit IDs -- 16.Migrate DailyActivity – Migrates the SA_FSAC_DailyActivity table to leverage 64-bit IDs -- 17.Migrate FSAC RenameTargets – Migrates the SA_FSAC_RenameTargets table to leverage 64-bit IDs -- 18.Migrate FSAC Exceptions – Migrates the SA_FSAC_Exceptions table to leverage 64-bit IDs -- 19.Refresh Views – Updates viewable metadata - -# Instant Job Wizard - -The Enterprise Auditor Instant Job Wizard provides access to a library of instant solutions and -instant jobs, which are pre-configured for Enterprise Auditor. Instant solutions contain groups of -jobs to help solve a wide range of problems within each category. Instant jobs help solve specific -problems. The instant solutions available align to an organization’s license key. See -the[Solutions](/docs/accessanalyzer/11.6/accessanalyzer/solutions/overview.md) topic -for additional information. - -Follow the steps to install an instant solution or an instant job with the Instant Job Wizard. - -![Add Instant Job from context menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/addinstantjob.webp) - -**Step 1 –** Select the Jobs tree (for an instant solution) or the desired job group (for an instant -job), right-click on the node, and select **Add Instant Job**. - -![Instant Job Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page, click **Next**. - -![Instant Job page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/instantjob.webp) - -**Step 3 –** On the Instant Job page, use the filter menu to only view instant jobs in a particular -category, or click the plus icon (+) to expand a category group. - -![Selected Instant Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/selectinstantjob.webp) - -**Step 4 –** Select the desired instant solution or job. To select multiple instant solutions or -jobs, press the Windows **Ctrl** key and select the items to install. Click **Next**. - -![Host Assignment page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/hostassignment.webp) - -**Step 5 –** Some of the Library selections add a Host Assignment page. If this page does not -appear, skip to Step 7. If the page does appear, select either the **Use default settings (Inherit -from the parent group, if any)** or **Specify individual hosts or hosts lists** option. If the first -option is selected, skip to Step 7. If the second option is selected, click **Next** to go to the -Host Lists and Individual Hosts wizard pages. - -| ![Host Lists page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/hostlists.webp) | | ![Individual Hosts page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/individualhosts.webp) | -| ---------------------------------------------------------------------------------------------------------------- | --- | ---------------------------------------------------------------------------------------------------------------------------- | -| Host Lists page | | Individual Hosts page | - -**Step 6 –** Some of the Library selections add a Host Lists, and Individual Hosts page. If these -pages do not appear with the selection, skip to Step 7. If the pages do appear, check the host list -to be assigned to the job group or job. Alternatively enter hosts manually. Then click **Next**. - -![Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 7 –** On the Summary page, click **Save & Exit**. - -![Instant Solutions installation dialog](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/installationcomplete.webp) - -**Step 8 –** For Instant Solutions, when the installation is complete, click **Finish**. - -The Instant Job Wizard closes, and the Jobs tree refreshes automatically. See the individual -sections in the -[Solutions](/docs/accessanalyzer/11.6/accessanalyzer/solutions/overview.md) topic -for additional information. - -# SAS_ExecutionStatistics Job - -The SAS_ExecutionStatistics Job tracks historical performance of Enterprise Auditor job and analysis -functions and highlights when a particular task takes an abnormal length of time to execute. It is -available through the Instant Job Library under the Enterprise Auditor Utilities library. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -section for instructions to add this instant job into the Jobs tree. Since this job does not require -a host to target, select Local host on the Hosts page of the Instant Job Wizard. - -The job is dependent upon the Job Statistics Retention configuration in the **Settings** > -**Application** node. See the -[Application](/docs/accessanalyzer/11.6/administration/settings/application.md) -topic for additional information. - -![SAS_ExecutionStatistics job in the Jobs tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Runtime Details: - -- Dependencies – None -- Target Hosts – None -- Scheduling – This job should be scheduled to run as desired -- History Retention – Not supported and should be turned off -- Multi-console Support – Not supported -- Additional Notes – The jobs uses custom SQL scripts to render views on collected data. SQL views - are used to populate report element tables and graphs. Changing or modifying the Group, Job, or - Table names will result in no data displayed within the reports. - -The SAS_ExecutionStatistics Job runs analysis tasks and generates reports on the latest job -executions, analysis history, host query details, and analysis details. - -## Analysis Tasks for the SAS_ExecutionStatistics Job - -Navigate to the **Jobs** > **SAS_ExecutionStatistics** > **Configure** node and select **Analysis** -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Default Analysis tasks for the job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- Analyze Jobs – Collects and analyzes all job-level execution statistics from the database based on - the statistics retention settings set in the Application node -- Analyze All Statistics – Collects and analyzes all task-level execution statistics from the - database based on the statistics retention settings set in the Application node -- Query Execution Details – Organizes query-related statistics -- Analysis Details – Organizes analysis-related statistics - -In addition to the tables created by the analysis tasks, the SAS_ExecutionStatistics Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ----------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------ | -| Analysis Execution | This report identifies abnormally long analysis times. | None | This report is comprised of two elements: - Bar graph – Displays Abnormally Long Analysis Times - Table – Displays details on analysis times | -| Collection Statistics | This report identifies abnormally long collection times. | None | This report is comprised of two elements: - Bar graph – Displays Abnormally Long Collection Times - Table – Displays details on collection times | -| Job Execution Statistics | This report identifies jobs which have abnormally long run times. | None | This report is comprised of two elements: - Pie chart – Displays Job Status - Table – Displays details on job status | - -# SP_RegisterAzureAppAuth Job - -SP_RegisterAzureAppAuth will register an Microsoft Entra ID (formerly Azure AD) application for -authentication and provision appropriate permissions for SharePoint Online scans. It requires: - -- A Connection Profile containing the following two user credentials, both with an Account Type of - **Task (Local)**: - - - Microsoft Entra ID Global Admin credential - - A credential with the username `newapp` that contains the password for the new application - -- Microsoft Graph API PowerShell module to be installed on targeted hosts - -## Instantiate the SP_RegisterAzureAppAuth Job. - -Follow the steps to instantiate the SP_RegisterAzureAppAuth Job. - -**Step 1 –** In Enterprise Auditor navigate to the SharePoint Job Group (or any other Job Group you -wish to place the SP_RegistureAzureApp job into). - -**Step 2 –** Click **Add Instant Job** to open the Instant Job Wizard. - -**Step 3 –** Install the SP_RegisterAzureAppAuth Job from the Instant Job Library under the -SharePoint library. After installation, the job tree automatically refreshes with the new job -available within the selected Job Group. - -**Step 4 –** On the job description page, in the Configuration section, select the edit button for -**The new application’s display name** and enter the name you want to apply to the registered -Microsoft Entra ID application. Click **Save**. - -**Step 5 –** On the **Configure** > **Hosts** node, select the targeted host. The targeted host -should be the Microsoft Entra ID tenant on which you want to install the Microsoft Entra ID -application (for example, `myorg.onmicrosoft.com`). Click **Save**. The job is now ready to be run. - -After the job successfully runs it will open a browser window to Microsoft Entra ID that, when -logged-in as a Global Administrator, allows the user to grant administrator consent to the -Application's configured API Permissions. If the login attempt fails, or the user closes the -browser, they will need to login to Microsoft Entra ID as a Global Administrator and navigate to the -Application's API Permissions to grant Admin Consent before the Application can be used for -SharePoint scans in Enterprise Auditor. - -Additional Considerations - -- After the job successfully runs, there will be a new Connection Profile for this Application. - Restart the Enterprise Auditor Console and enter a password to use this Connection Profile. -- The password is the location of the PFX file generated by the script (in the \PrivateAssemblies - directory), the Microsoft Entra ID application's password, and a numeric designator for the - Microsoft 365 environment (0 is the default for production environments; the other supported - options are 1 for pre-production environments, 2 for China, 3 for Germany, 4 for US Government, 5 - for US Government-High, and 6 for US Government-DoD). To allow for multiple unique certificates - for different Microsoft Entra ID tenants to be stored on the same Enterprise Auditor server, the - script appends the targeted host name (without the domain) to the filename of the PFX file - generated by the script. For example, if the targeted host is `myorg.onmicrosoft.com`, then the - password for the connection profile would be: - - ...\STEALTHbits\StealthAUDIT\PrivateAssemblies\spaa_cert_myorg.pfx,YourPasswordHere,0 - -# SP_RemoveHost Job - -The SP_RemoveHost Job removes desired SharePoint hosts from the Enterprise Auditor database. It is -available through the Instant Job Library under the SharePoint library. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for instructions to add this instant job into the Jobs tree. - -![SP_RemoveHost job in the Jobs tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Runtime Details: - -- Dependencies – None -- Target Hosts – SharePoint host to be deleted -- Scheduling – This job should be scheduled to run as desired -- History Retention – Not supported and should be turned off -- Multi-console Support – Not supported -- Additional Notes – None - -The SP_RemoveHosts Job removes desired SharePoint hosts from the Enterprise Auditor database, target -the hosts on the job and run it to delete the respective hosts SharePoint data. - -## Analysis Tasks for the SP_RemoveHost Job - -Navigate to the **Jobs** > **SP_RemoveHost** > **Configure** node and select **Analysis** to view -the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Default Analysis tasks for the job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- Remove Host(s) — Remove Scanned Hosts from Tier 1 diff --git a/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md b/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md deleted file mode 100644 index 5f99b58cd6..0000000000 --- a/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md +++ /dev/null @@ -1,285 +0,0 @@ -# Connection Node - -At the job group level, the **Connection** node identifies the Connection Profile assigned for the -job group. All Connection Profiles are created at the global level (**Settings** > **Connection**). - -![Job Group Connection Settings](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoredhosts/add/connection.webp) - -By default, all job groups are set to inherit the **Use Default Profile** option from the global -level or a parent job group. See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -If the Default Setting is not preferred, select the custom type of connection settings desired -below: - -- System default - - - For manual or ad hoc job execution, the account logged into the Enterprise Auditor Console is - applied to the target hosts for authentication - - For scheduled job execution, the account supplied as the Schedule Service account at the - **Settings** > **Schedule** node is applied to the target hosts for authentication - -- Select one of the following user defined profiles - - - Select a pre-configured Connection Profile from the drop-down menu - -Selecting the **Set all the child objects to inherit these settings** option forces inheritance of -this setting to all sub-groups and jobs within the job group. When enabled, this option overrides -any custom settings configured for the child objects. - -# History Node - -At the job group level, the History node identifies data retention and log retention periods -assigned for the job group. - -![Job Group History Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/history.webp) - -By default, all job groups are set to inherit **Use Default Setting** option from the global level -(**Settings** > **History**) or a parent job group. See the -[History](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md) topic -for additional information. - -**CAUTION:** It is important to understand that some pre-configured jobs require history retention -while others do not support it. See job group and job descriptions for additional information. - -If the Default Setting is not preferred, select the custom type of retention settings desired below: - -- Data Retention Period - - - Never retain previous job data - - Retain previous job data for [number] [time period] - - Always retain previous job data - -- Log Retention Period - - - Retain previous job logs for [number] [time period] - -Selecting the **Set all the child objects to inherit these settings** option forces inheritance of -this setting to all sub-groups and jobs within the job group. When enabled, this option overrides -any custom settings configured for the child objects. - -# Host Lists Assignment - -At the job group level, the Host Lists Assignment node identifies target host lists assigned for the -job group. - -![Job Group Host Lists Assignment](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/hostlistassignment.webp) - -At a top-level job group, there is no host list to be inherited. The **Use Default Settings** option -is grayed-out. However, a sub-job group can inherit host lists from a parent job group. Host lists -are configured through the **Host Management** node. See the -[Host Management](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information. - -Several pre-defined solutions have default host lists already assigned to the solution, for example -the .Active Directory Inventory Job Group has the Default domain controller assigned at the job -group and inherited to the jobs. - -Select the host lists to be targeted by the job group. The **Filter host lists by** feature scopes -the list to match the search string provided. At the bottom of the list is an indicator of how many -hosts lists have been selected out of the total number of hosts lists known to the Enterprise -Auditor Console. If a filter has been applied, there is also an indicator of how many host lists -matched the search string. - -Selecting the **Set all the child objects to inherit these settings** option forces inheritance of -this setting to all sub-groups and jobs within the job group. When enabled, this option overrides -any custom settings configured for the child objects. - -# Job Groups - -Job groups are designed to manage related jobs and can contain sub-job groups to ensure that related -jobs are executed in the correct order. To create a new job group, right-click on the desired -location (Jobs tree or another job group) and select **Create Group**. Then provide a unique, -descriptive name taking into consideration the alphanumeric ordering of the Jobs tree. - -![Example of Job Group Structure](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/jobgroupstructure.webp) - -Job groups are organized similar to the Jobs tree, with the Settings node at the top, followed by -sub-job groups (job group for collection first, if applicable), then followed by analysis and -reporting jobs. Both are sorted in alphanumeric order. This is necessary because data collection -jobs must run prior to the analysis and reporting jobs that rely on the collected data without -consideration to the job’s name (alphanumeric order). - -## Job Group Description Page - -The Job Group Description page displays shortcuts, links, and important information on the job group -and the jobs contained within the Job Group. Depending on the type of job group, the description -page will appear different and display information specific to the job group selected. - -| ![Job Group Description page for a pre-configured job group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpage.webp) | ![Job Group Description page for a user-created job group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpagenewgroup.webp) | -| ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Pre-Configured Job Group | User-Created Job Group | - -The two types of job groups in Enterprise Auditor are: - -- Pre-configured – The job group description page provides a brief summary of the purpose of the job - group, the jobs contained within, and special requirements if applicable -- User Created – Job group description of job description only provides generic information and - options - -**NOTE:** Every job group’s description includes options for creating a group, opening the Instant -Job Library, and creating a job. - -Pre-configured job group description pages provide users with shortcuts and links to many of the -functions that can be accessed in the Jobs Tree in the Navigation Pane. - -![Job Group Description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpage.webp) - -The sections of the job group description page are: - -- Job Group Settings Shortcuts – These pages can also be accessed through the job group Settings - Nodes in the Navigation Pane. See the - [Job Groups Settings Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) - topic for additional information. - - - Storage – Configure the job group’s Storage options - - History – Configure the job group’s History options - - Connection – Configure the job group’s Connection options - - Reporting – Configure the job group’s Reporting options - - Host Lists Assignment – Select the targeted host list in the job group’s Host Lists Assignment - -- Help – Opens the [Netwrix Technical Knowledge Center](https://helpcenter.netwrix.com/) in a - browser to a relevant landing page for the job group -- Run Now – Runs the currently selected job group -- Schedule – Opens the Schedule page to schedule the job group -- Open Folder – Opens the job group’s folder location with supporting files in the Windows Explorer -- Create Group – Creates a job group within the currently selected job group -- Create Job – Creates a job within the currently selected Job -- Add Instant Job – Add an Instant Job using the Instant Job Wizard. See the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) - topic for additional information. - -![Overview section of Job Group description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpageoverview.webp) - -The Overview section provides summary information about the job group. This section includes the -following information: - -- Assigned Host List – Hovering over the **Assigned Host List** button shows a tool-tip with - information on the hosts lists are assigned to the job group - - - Click on the **Assigned Host List** button to go to the Job Group's Host List Assignment node. - See the - [Host Lists Assignment](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) - topic for additional information. - -- Show Inherited Settings – Click on the **Show Inherited Settings** button to view information on - the following: - - - Connection Profile - - Data Retention Period - - Log Retention Period - - Reporting Settings - - Storage Account - -- Contents – Shows the job groups and jobs contained within the currently selected job group - -**NOTE:** If applicable, the page shows special instructions for which hosts need to be targeted for -proper job group execution. - -### Job Settings: Inherited and Directly Applied - -Job group settings can be applied directly or inherited. On the job group level, it is considered -that all settings are applied directly. - -![Show Inherited Settings on Job Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/showinheritedsettings.webp) - -If not, click the **Show inherited settings** button to expand the inherited settings list (they are -highlighted in blue). - -The following inherited settings are available: - -| Setting | Description | -| --------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Connection profile | The tooltip shows the account name used in the connection profile. Clicking the button opens the parent Connection settings for the selected job group. See [Connection Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) for more information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit the Profile – Clicking the link opens the Connection settings for the current profile - Use Default Profile – Clicking the link applies the connection profile set as default on a global level to a job. In this case, this setting is hidden under the **Show Inherited Settings** button. - List of profiles – Allows switching between existing connection profiles and apply a desired one to a job | -| Data Retention Period | The tooltip shows the current value for the data retention period (by default, **Never retain previous job data**). Clicking the button opens the parent History settings for the selected job group. See the [History Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) topic for additional information. | -| Log Retention Period | The tooltip shows the current value for log retention period (by default, **Retain previous job log for 7 times**). Clicking the button opens the parent History settings for the selected job group. See the [History Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) topic for additional information. | -| Hosts Lists | The tooltip shows the names of the host lists assigned to this job group. If you have more than three host lists assigned to a job group, the tooltip shows 3 hosts name and the number of other hosts lists assigned (for example, if 5 hosts are assigned it shows `Host1, Host2, Host3 + 2 more`). Clicking the button opens the parent Host Lists setting for the selected job group. See the [Host Lists Assignment](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) topic for additional information. | -| Reporting Settings | Clicking the Reporting Settings button opens the parent Reporting settings for the selected job group including publishing options, email settings, and roles. See the [Reporting Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) topic for additional information. | -| Storage Profile | The tooltip shows the current SQL Server instance, database name, user account, and authentication type used for the selected job group. See the [Storage Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md)s topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit This Profile – Clicking the link opens the Storage settings for the current profile - Use Default Profile – Clicking the link applies the storage profile set as default on a global level to a job. In this case, this setting is hidden under the **Show Inherited Settings** button - List of existing profiles – Allows switching between existing storage profiles and apply a desired one to a job | - -# Reporting Node - -At the job group level, the **Reporting** node identifies the report publishing and email -configurations assigned for the job group. By default, all job groups are set to inherit the -reporting settings, the **Use default setting** option, from the global level (**Settings** > -**Reporting**), or a parent job group. See the -[Reporting](/docs/accessanalyzer/11.6/administration/settings/reporting.md) -topic for additional information. - -**NOTE:** If the Role Based Access feature is enabled, it also displays a list of all accounts -granted access to the published reports via the Web Console that are generated by any jobs within -the job group. - -![Job Group Reporting Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/reporting.webp) - -Checking the **Set all the child objects to inherit these settings** option at the bottom of the -page forces inheritance of these settings to all sub-groups and jobs within the job group. When -enabled, this option overrides any custom settings configured for the child objects. - -**NOTE:** The **Set all the child objects to inherit these settings** option has no impact on the -inheritance of Report Roles. - -## Publish - -# Job Groups Settings Node - -A job group’s Settings node is where custom configurations can be set and where the host lists are -assigned to a job group. - -![Job group settings in the Jobs Tree](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) - -These settings inherit the global settings down by default unless inheritance is broken at a job -group or a job level. - -- [Connection Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) - – Use the default Connection Profile or break inheritance to select the Connection Profile needed - for the assigned host lists for this job group -- [History Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) - – Use the default history settings or break inheritance on data retention and log retention - settings for this job group -- [Host Lists Assignment](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) - – Use the default host list configured on a parent job group or break inheritance on assigned host - lists for this job group - - **NOTE:** Host List Assignments is not a global setting. The pre-configured solutions may - contain Host List Assignments configured to use Global Default Host Lists, for example All - Domain Controllers. See the - [Default Host Lists](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostinventory.md#default-host-lists) - topic for additional information. - -- [Reporting Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) - – Use the default report settings or break inheritance on Published Report settings, Email - settings, and Report role assignment for this job group -- [Storage Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) - – Use the default storage profile or break inheritance on where this job group's data is stored - -If changes are made, click **Save** to implement the changes. Changes are not implemented unless -they are saved. - -**Host List Assignment** and **Connection** are the two settings that should always be confirmed -before executing a job group or job when data collection is included. The assigned host lists -contains the hosts that are targeted by the job’s data collection queries. The assigned Connection -Profile must have the appropriate level of permissions in order for the data collection to be -successful. See the -[Permissions by Data Collector (Matrix)](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/permissionmatrix.md) -topic for information on the recommended permissions needed on the targeted hosts in order to -collect data. - -# Storage Node - -At the job group level, the Storage node identifies the Storage Profile assigned for the job group. -All Storage Profiles are created at the global level (**Settings** > **Storage**). See the -[Storage](/docs/accessanalyzer/11.6/administration/settings/storage.md) -topic for additional information. - -![Job Group Storage Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/storage.webp) - -By default, all job groups are set to inherit the **Use Default Profile** option from the global -level or a parent job group. If it is necessary for a job group to send data to a different -database, the Storage Profile must already exist at the global level. Select the **Use This -Profile** radio button and choose the non-default Storage Profile from the drop-down menu. - -Selecting the **Set all the child objects to inherit these settings** option forces inheritance of -this setting to all sub-groups and jobs within the job group. When enabled, this option overrides -any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md b/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md deleted file mode 100644 index ed56762a5a..0000000000 --- a/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md +++ /dev/null @@ -1,1028 +0,0 @@ -# Actions Node - -The Actions node uses Enterprise Auditor action modules to take action on collected and analyzed -data. Action can be taken on objects leveraging collected data or analyzed data, for example from a -listing of locked-out accounts, an action can be executed to unlock those accounts. - -**NOTE:** Action modules are available with a special Enterprise Auditor license. - -![Action Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/actionselection.webp) - -The Action Selection view lists all action tasks for the selected job. The listed information -includes: - -- Name – Name of the action task (as provided by the creator of the task) -- Description – Description of the action task (as provided by the creator of the task) -- Module – Name of the Enterprise Auditor action module -- Table – Name of the source table for the action - -![Options at the top of the Action Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionselectionoptions.webp) - -The Actions section at the top has five options: - -- Add from Library – Opens the Libraries window for adding and configuring pre-made action tasks -- Create Action – Opens the Action Properties window for creating and configuring action tasks -- Delete Action – Deletes the selected action task from the list - - - This action does require confirmation - -- Action Properties – Opens the Action Properties window for the selected action task - - - See the - [Action Properties Page](/docs/accessanalyzer/11.6/accessanalyzer/admin/action/overview.md#action-properties-page) - topic for additional information - - See the - [Action Modules](/docs/accessanalyzer/11.6/accessanalyzer/admin/action/overview.md) - topic for additional information - - **NOTE:** The AutoAction task appears in the Analysis Selection view, not in the Action - Selection view. - -- Execute Action – Opens the Action Execution window and starts executing the selected action - - - Does not require an action task to be checked, only selected - -![Buttons at the bottom of Action Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionselectiontablebuttons.webp) - -At the bottom of the Action Selection view, there are action buttons that apply to the table: - -- Move Up – Moves the selected action task up the list, which is important since action tasks are - executed in the order listed in the table -- Move Down – Moves the selected action task down the list, which is important since action tasks - are executed in the order listed in the table -- Select All – Selects all action tasks in the table for execution - -The Action Selection view also has its own right-click menu for taking action on the action task or -the job. - -![Actions Right-Click Menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionsrightclickmenu.webp) - -The options for the Actions node right-click menu are: - -- Create Action – Opens the Action Properties window -- Copy Action – Copies the selected action to the clipboard -- Paste Action – Opens the Action Properties window for modifying copied action tasks -- Delete Action – Deletes selected action task -- Properties – Opens the Action Properties window -- Execute Action – Opens the Action execution window and runs an action -- Run Job – Starts job execution for the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Create Job (Ctrl + Alt + A) – Creates a new job at the same location as the selected job - -# Analysis Node - -The Analysis node uses Enterprise Auditor analysis modules to run analysis tasks on collected data. -There are two basic types of analysis modules. Most analysis modules correlate, format, and -transform collected data into powerful data views for end-stage reports and graphs. - -The Notification analysis module allows for the ability to send an email notice when a trigger is -met, for example an email can be sent to an administrator to notify that disk space has reached a -particular point (the trigger) and needs to be addressed before space runs out. - -![Analysis Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisselection.webp) - -The Analysis Selection view lists all analysis tasks for the selected job. The listed information -includes: - -- Name – Name of the analysis task (as provided by the creator of the task) -- Description – Description of the analysis task (as provided by the creator of the task) -- Module – Name of the Enterprise Auditor analysis module -- HostLists – Indicates the analysis task is applicable to hosts found in the referenced host lists, - applies to analysis modules that use host list filters, for example **Business Rules** analysis - module - -![Option at the top of the Analysis Section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisbuttonstop.webp) - -The Analysis section at the top has four options: - -- Create Analysis – Opens the Analysis Properties window for creating and configuring analysis tasks -- Delete Analysis – Deletes the selected analysis task from the list - - This action does require confirmation -- Analysis Properties – Opens the Analysis Properties window for the selected analysis task - - See the - [Analysis Properties Page](/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/overview.md#analysis-properties-page) - topic for additional information. - - See the individual analysis module sections in the - [Analysis Modules](/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/overview.md) - topic for additional information. -- Analysis Configuration – Opens the selected analysis task’s configuration window - -![Buttons at the bottom of the Analysis Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisbuttonsbottom.webp) - -At the bottom of the Analysis Selection view, there are action buttons that apply to the table: - -- Move Up – Moves the selected analysis task up the list, which is important since analysis tasks - are executed in the order listed in the table -- Move Down – Moves the selected analysis task down the list, which is important since analysis - tasks are executed in the order listed in the table -- Select All – Selects all analysis tasks in the table for execution -- Validate – Validates all analysis tasks where the **Business Rules** analysis module was used -- Validate selected – Validates selected analysis tasks where the **Business Rules** analysis module - was used -- Edit Rules – Edits the rule for selected analysis task where the **Business Rules** analysis - module was used - -The Analysis Selection view also has its own right-click menu for taking action on the analysis task -or the job. - -![Analysis Selection page right-click menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisrightclickmenu.webp) - -The options for the Analysis node right-click menu are: - -- Create Analysis – Opens the Analysis Properties window -- Cut Analysis – Cuts selected analysis task -- Copy Analysis – Copies selected analysis task -- Paste Analysis – Pastes a copied/cut analysis task to the selected location -- Delete Analysis – Deletes selected analysis task -- Properties – Opens the Analysis Properties window -- Configuration – Opens the selected analysis task’s configuration window -- Test Scorecard SQL – Validates all analysis tasks where the Business Rules analysis module was - used -- Execute Analyses – Executes or runs the checked (enabled) analysis tasks -- Run Job – Starts job execution for the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Create Job (Ctrl + Alt + A) – Creates a new job at the same location as the selected job - -# Configure the Customizable Parameters in an Analysis Task - -The parameters that can be customized and are listed in a section at the bottom of the SQL Script -Editor. Follow the steps to customize an analysis task’s parameters. - -**Step 1 –** Navigate to the Job’s **Configure** node and select **Analysis**. - -**Step 2 –** In the Analysis Selection view, select the desired analysis task and click **Analysis -Configuration**. The SQL Script Editor opens. - -**Step 3 –** At the top of the SQL Script Editor, select **Parameters**. - -**NOTE:** The image shown is a generic example. Table names and customizable parameters will change -based on the Job. - -![SQL Script Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/customizableparameters.webp) - -**Step 4 –** In the parameters section at the bottom of the editor, find the Value column. - -**CAUTION:** Do not change any parameters where the Value states **Created during execution**. - -- Double-click on the customizable value and change as desired - -**Step 5 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. - -Repeat the steps as needed to customize analysis parameters. - -See the -[SQLscripting Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/scripting.md) -topic for additional information. - -# Hosts Node - -The Hosts node provides the option to assign a preconfigured host list at the job level. It also -provides a way to manually assign hosts to be targeted by the job using Host Selection pane. - -![Host Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/hostselection.webp) - -Use the default settings by selecting the **Use Default Setting** checkbox and inherit the job -group’s assigned host lists. To break inheritance and assign host lists at the job level select from -the available host lists. - -Hosts added manually at the job level are added to the Master Host Table if not already there, and -it triggers a host inventory query according to the global settings. The host will not be added to -any individual host lists. See the [Manually Add Hosts to a Job](#manually-add-hosts-to-a-job) topic -for additional information. - -Click **Save** to apply any changes to the host selection. Changes are not implemented unless they -are saved. - -## Manually Add Hosts to a Job - -Hosts can be added manually at the job level even when inheritance (Use Default Setting) is used for -host list assignment. The job targets the hosts in any assigned host lists as well as any manually -added at the job level. Follow these directions to manually add a host to a job. - -![Job's Configure > Hosts node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/hostsnode.webp) - -**Step 1 –** Navigate to the job’s **Configure** > **Hosts** node. - -![Individual hosts section of the Host Selection view](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/hostselectionindividualhosts.webp) - -**Step 2 –** In the Individual hosts section of the Host Selection view, enter the Host name in the -textbox and click **Add**. - -**Step 3 –** Repeat the previous step for each host to be added. - -**Step 4 –** Click **Save** and then **OK** to confirm the changes. - -The manually added host is now targeted by the job. - -# Configure Node - -Changes to configurations for the job’s assigned Host Lists, Queries, Analyses, Actions, and Reports -are created through the **[Job]** > **Configure** node or through the Configure shortcut on the -job’s Description page. - -| | | -| --------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| ![Configure Node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/configurenode.webp) | ![Configure link on job description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/configurelinkjobpage.webp) | -| Configure Node | Configure link on job description page | - -The sub-nodes under the **[Job]** > **Configure** node are: - -- [Hosts Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - – Assign a host list at the job level or manually add hosts to be targeted by the job -- [Queries Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - – Select and configure a Enterprise Auditor data collector to scan targeted hosts -- [Analysis Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - – Create and configure Analysis and Notification tasks for collected data -- [Actions Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - – Create and configure Action tasks for taking action on collected and analyzed data -- [Reports Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - – Create and configure Reports to be generated during job execution - -## Configure Page - -The job's Configure Page provides an overview with shortcuts for options that are configured in the -job's Configure Node. - -![Configure page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/configurepage.webp) - -The options on the Configure Page are: - -- Hosts - Navigates to the job's Hosts node -- Queries - Navigates to the job's Queries node -- Analysis - Navigates to the Analysis node -- Actions - Navigates to the Actions node -- Reports - Navigates to the Reports node -- Run Now - Executes the job -- Open Folder - Opens the job folder location with supporting files in the Windows Explorer -- View Log - Opens the job’s log - -The options in the Configure section are: - -- Tasks - If applicable, displays a list of the job's Queries, Analysis Tasks, and Action Modules - - - Click **Properties** to view the task's properties - - Click **Output Table** to view the Results for the task under the - [Results Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - -- Hosts - Lists the assigned hosts for the job -- Reports - If applicable, displays a list of the job's Reports - - - Click the reports name to access a report under the job's - [Results Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - - Click **Configure** to edit the report parameters in the - [Report Configuration Wizard](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/overview.md) - -# Queries Node - -The Queries node uses a Enterprise Auditor data collector to run scans against the targeted hosts. -Different data collectors are designed for different types of collection. It is necessary for the -Connection Profile associated with the target hosts to have a sufficient level of rights for the -selected data collector. See the -[Permissions by Data Collector (Matrix)](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/permissionmatrix.md) -topic for a chart with recommended permissions per data collector. - -![Query Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/queryselection.webp) - -The Query Selection view lists all queries for the selected job. Though it is possible to have -multiple queries in a single job, it is not usually recommended. The listed information includes: - -- Name – Name of the query (as provided by the creator of the query) -- Source – Name of the Enterprise Auditor data collector -- Table – Name of the Native Data table -- Enumerates – Whether or not the data collector will return enumerated data, or multiple lines of - data per target host - - If **Yes**, only one query can write to a single table - - If **No**, then multiple related queries can write to a single table -- Properties – Number of the properties to be returned -- Filters – Number of in-line filters applied to the data being returned by the query -- Script – Whether or not a VB Script was added to the query - - If **Yes**, a VB Script was added to query execution - - If **No**, a VB Script was not added to query execution -- Description – Description of the query (as provided by the creator of the query) - -## Tables - -Add and configure native data tables through the Tables section in the Query Selection view. - -![Tables section of Query Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryselectiontables.webp) - -The Tables section at the top has three options: - -- Add Table – Adds an additional native data table and associated query to the selected job -- Rename Table – Opens the Rename Table window for changing the native data table name -- Delete Table – Deletes the selected table from the list, all associated query tasks, and the - database table if it has already been created. This action does require confirmation. - - **CAUTION:** Do not delete the last table in a job’s Query Selection view. Doing so will also - delete the Messages table. In order to delete the last table, it is necessary to delete the job. - -## Queries - -The Queries section is where the job’s preconfigured queries can be edited and where new queries can -be added. - -![Queries section of Query Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryselectionqueries.webp) - -The Queries section has four options and includes the list of queries for the selected job: - -- Add from Library – Opens the Libraries window to select preconfigured data collection queries. See - the - [Add Query from Library](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/overview.md#add-query-from-library) - topic for additional information. -- Create Query – Opens the Query Properties window for creating and configuring queries -- Delete Query – Deletes the selected query from the list. This action does require confirmation. -- Query Properties – Opens the Query Properties window for the selected query - - This option is used for query modifications - - See the - [Create or Modify a Query](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/overview.md#create-or-modify-a-query) - topic for additional information - - See the topics for the individual - [Data Collectors](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/overview.md) - for additional information - -## Right-click Menu - -The Query Selection view also has its own right-click menu for taking action on the queries, tables, -or the job. - -![Right-click menu on the Query Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryrightclickmenu.webp) - -The options in the Queries node right-click menu are: - -- Add from Library – Opens the Libraries window -- Quick Add – Quickly add a new query from a list of non-configured data collector queries -- Create Query – Creates a new query to be configured -- Cut Query – Cuts selected query -- Copy Query – Copies selected query -- Paste Query – Pastes a cut or copied query to the selected location -- Delete Query – Deletes a selected query -- Properties – Opens the Query Properties window -- Add Table – Adds a Native Data table to the selected query -- Delete Table – Deletes the selected table -- Rename Table – Opens the Rename Table window -- Run Job – Starts job execution for the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Create Job (**Ctrl + Alt + A**) – Creates a new job at the same location as the selected job - -## Host List - -Jobs with configured queries require a host list to be assigned. This can be done at either the Job -Group or Job level. Whichever location is used to set the host list for query execution should also -be the location where the Connection Profile is assigned. See the -[Job Properties](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -- Job Groups - - Host List Assigned – **[Job Group]** > **Settings** > **Host Lists Assignment**. See the - [Host Lists Assignment](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) - topic for additional information. - - Connection Profile Selected – **[Job Group]** > **Settings** > **Connection**. See the - [Connection Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) - topic for additional information. -- Job Level - - Host List Assigned – **[Job]** > **Configure** > **Hosts**. See the - [Hosts Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. - - Connection Profile Selected – Connection tab of the Job’s Properties Window. See the - [Connection Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. - -# Reports Node - -The Reports node is for configuring reports to be generated during job execution. - -![Reports page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reports.webp) - -The Reports view lists any reports that have been configured for the selected job and options -related to configuring reports. The options at the top of the Reports view are: - -- Properties – Opens the - [Job Properties](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - page for the job that the report is for -- Run Now – Runs the currently selected job that the report is for -- Open Folder – Opens the Report’s folder location with supporting files in the Windows Explorer -- View Log – Opens the log for the job that the report is for - -![Options on the Reports table header row](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/reportstableheaderoptions.webp) - -The Reports table contains all of the configured reports for the job. The header row of the table -contains the following options for adding reports to the table: - -- Create – Creates a new report for the selected job - - - See the - [Creating a Report](/docs/accessanalyzer/11.6/administration/reporting/create-reports.md) - topic for additional information - -- Paste – Paste a cut or copied report into the selected job - - - The paste option is accessed from the vertical ellipsis menu of the header row of the Reports - table - -![Reports table row options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/reportstablerowoptions.webp) - -Clicking on the name of a report opens it in the Results node. Clicking **Configure** next to a -report's name opens the Report Configuration wizard for the report, see the -[Report Configuration Wizard](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/overview.md) -topic for additional information. Additional options are available from the vertical ellipsis menu -on a reports row: - -- Generate – Generates the report -- Copy – Copies the report to the clipboard -- Delete – Deletes the report - -Once a report is generated, it can be viewed in several locations depending on the configuration. -Report configurations may also be copied to other reports to generate preferred outputs for -alternate jobs. However, all generated reports can be viewed in the job’s **Results** node. - -See the -[Reporting](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/overview.md) topic -for additional information. - -# Create a New Job - -Follow the steps to create a new job. - -![Create Job from Jobs Tree context menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/createjob.webp) - -**Step 1 –** Select the Jobs tree or the desired job group to add the new job to. Right-click and -select **Create Job**. - -![New Job added to Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/newjob.webp) - -**Step 2 –** Provide a unique, descriptive name for the job. The default name is `NewJob`. Some -considerations for naming conventions: - -**CAUTION:** Do not end a job name with a space. - -- There can never be two jobs with the same name. Enterprise Auditor automatically appends a numeral - to the end of a job name to avoid duplicates, for example `NewJob1`. -- No special characters can be used. See the Microsoft - [Naming Conventions](https://learn.microsoft.com/en-us/windows/win32/fileio/naming-a-file#naming-conventions) - article for limitations. -- Jobs in a group are run alphanumerically -- When possible, keep names short to avoid report path errors caused by Microsoft’s maximum path - length. See the Microsoft article referenced above. - -The new job is now ready to be configured. See the -[Data Collectors](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/overview.md), -[Analysis Modules](/docs/accessanalyzer/11.6/accessanalyzer/admin/analysis/overview.md), -[Action Modules](/docs/accessanalyzer/11.6/accessanalyzer/admin/action/overview.md), -and [Reporting](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/overview.md) -topics for additional information. - -# Disable or Enable a Job - -Job groups may contain individual jobs that should not be run when the entire job group is run. Some -job groups also contain jobs that can optionally be run separately from the rest of the job group. -Individual jobs can be disabled or enabled at the job group or job level. Disabled jobs do not -execute when the parent job group is run. - -If the role based access feature is enabled, the ability to enable and disable jobs is limited by -the assigned role. See the -[Role Based Access](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topic for additional information. - -## Disable a Job - -Jobs can be disabled from the Jobs tree. Disabled jobs cannot be run manually, through a scheduled -task, or executed as part of the job group. Follow the steps to disable a job. - -**Step 1 –** Select a job group or job. - -**NOTE:** When disabling jobs at the job group level, all jobs contained in the job group are -disabled, but the job group is not disabled. Any additional jobs added to that job group at a later -time will be enabled by default. - -![Disable Job from Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/disablejob.webp) - -**Step 2 –** Right-click on the job group or job and select **Disable Job(s)** from the menu. - -![Disabled Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/disabledjob.webp) - -The job is now disabled. If a job group was selected, all the jobs in the group are now disabled. -Disabled jobs are grayed out, and a red cross is displayed in front of the job. - -![Disabled Job Description page banner](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/disabledjob2.webp) - -A yellow banner also notifies users that a job is disabled in the Job’s Description page. - -Additionally, if a disabled job is run, a warning message appears in the Messages table stating: -`[UserName] requested [JobName] to run but it is in a disabled state`. Job statistics also do not -display on the job’s description page. - -## Enable a Job - -Jobs that have been disabled can be enabled from the Jobs tree. Following the steps to enable a -disabled job. - -**Step 1 –** Select the disabled job. If multiple jobs in a job group are disabled, select the job -group to enable all of the disabled jobs. - -![Enable Job from Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/enablejob.webp) - -**Step 2 –** Right-click on the job group or job and select **Enable Job(s)** from the menu. - -The job is now enabled. If a job group was selected, all the jobs in the group are now enabled. - -# Jobs - -An Enterprise Auditor job is responsible for running data collection, conducting data analysis, -executing actions on collected or analyzed data, or generating reports. Each of these are configured -in the corresponding section under the job’s Configure node. A single job can be configured to -execute one or multiple tasks. See the -[Configure Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -![Job structure in the Job's Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/jobnode.webp) - -**_RECOMMENDED:_** Use job group organization to spread these tasks across jobs. For example, create -a job to run a query and a second job to run analysis or generate a report. Then use the job group -structure to run those jobs together in the proper order. - -Jobs do not have a Settings node like a job group. Job Properties provide the option to break -inheritance on global or job group settings. See the -[Job Properties](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -Once a job has been configured and is being executed, job progress can be viewed at the **Running -Instances** node on the Navigation pane. See the -[Running Instances Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/running-instances.md) -topic for additional information. - -![Running Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/jobrunning.webp) - -At the bottom of the Enterprise Auditor Console, there is an indication of how many jobs are in -queue and the **View Job Progress** link, which opens the Running Instances node. - -When a job execution has completed, the tables, views, and reports generated by the job are -accessible under the job’s Status and Results nodes. See the -[Status Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) and -[Results Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topics for additional information. Reports are also accessible through the Web Console. - -## Job Description Page - -The Job Description page displays shortcuts, links, and important information on the job. The Job -Page allows users to view and modify common job configurations, such as Connection and Storage -profiles, job properties, SQL analysis parameters, and PowerShell parameters. Depending on the type -of job, the description page will appear different and display information specific to the job -selected. - -| ![Pre-Configured Job Description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpagepreconfigured.webp) | ![User-Created Job Description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpagenewjob.webp) | -| ----------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -| Pre-Configured Job | User-Created Job | - -The two types of Job Groups in Enterprise Auditor are: - -- Pre-configured – The job description page provides a brief summary of the purpose of the job, the - reports and data contained within it, and summary information of the last five times the job was - executed -- User Created – The job description page of User Created jobs will be blank until the job is - configured - -Pre-configured job description pages provide users with shortcuts and links to many of the functions -that can be accessed under the **[Job Group]** > **[Job]** node in the Jobs Tree in the Navigation -Pane. - -![Job Description page options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpageoptions.webp) - -The sections and options of the job description page are: - -- Properties – Opens the Job Properties window. See the - [Job Properties](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. -- Status – Opens the job Status page. See the - [Status Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. -- Results – Opens the job Results page. See the - [Results Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. -- Configure – Opens the job Configure page. See the - [Configure Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. -- Run Now – Executes the job -- Schedule – Opens the Schedule Wizard -- Open Folder – Opens the job folder location with supporting files in the Windows Explorer -- View Log – Opens the job’s log - -![Job Description page Overview section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpageoverview.webp) - -The Overview section provides summary information about the job, and includes the following -information: - -- Inherited settings – Job settings can be applied directly or inherited from a parent job group or - even the General Settings level. See the - [Jobs with Inherited Settings](#jobs-with-inherited-settings) topic for additional information. -- Reports – Displays a list of reports that are generated by this job -- Results – Displays a list of data tables and views created and populated by the job -- Configuration - If applicable, configure parameters for the job's analysis tasks - - - See the [Parameter Configuration](#parameter-configuration) topic for additional information. - -- Job Statistics – Displays important information for the last five times the job was executed - including: - - - Timestamp – Date timestamp of when job was initiated - - Status – Displays information on job status (Running, Success, Error) - - Duration – Displays length of time each job took - -- Graph – Displays a line graph that has information for the last five times the job was executed - -Prior to running any job or job group, ensure the following have been properly configured: - -- Queries, Analysis, Actions, and Reports are configured as desired -- If collecting data, at least one host list has been assigned -- If a host list is assigned, the appropriate Connection Profile with credentials to collect data - from the targeted hosts has been assigned - -Finally, ensure these settings are configured at the recommended location for the job or job group -and that the inheritance of settings is adjusted accordingly. - -### Jobs with Inherited Settings - -Job settings can be applied directly or inherited from a parent job group or even the General -Settings level. If settings are applied directly to a job, these are shown in the Overview section -under the job description: - -![Job Inherited settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/inheritedsettings.webp) - -In the example above, the **Assigned 1 Host List** setting is applied directly to the job. Other -settings are inherited from the parent job group. Clicking the **Show inherited settings** button -opens this list of the inherited settings. - -The following settings can be inherited from a parent: - -| Setting | Description | -| --------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Connection profile | The tooltip shows the account name used in the connection profile. Clicking the button opens the parent Connection settings for the selected job. See the [Connection Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit the Profile – Clicking the link opens the Connection settings for the current profile - Use Default Profile – Clicking the link applies the connection profile set as default on a global level to a job. In this case, this setting will be hidden under the **Show Inherited Settings** button. - List of existing profiles – Allows switching between existing connection profiles and apply a desired one to a job | -| Data Retention Period | The tooltip shows the current value for the data retention period (by default, Never retain previous job data). Clicking the button opens the parent History settings for the selected job. See the [History Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) topic for additional information. | -| Log Retention Period | The tooltip shows the current value for the log retention period (by default, Retain previous job log for 7 times). Clicking the button opens the parent History settings for the selected job. See the [History Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) topic for additional information. | -| Hosts Lists | The tooltip shows the number and the names of the host lists assigned to this job. If you have more than three host lists assigned to a job, the tooltip shows 3 hosts name and the number of other hosts lists assigned (for example, if 5 hosts are assigned it shows `Host1, Host2, Host3 + 2 more`). Clicking the button opens the parent Host Lists setting for the selected job. See the [Hosts Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) topic for additional information. | -| Reporting Settings | Clicking the Reporting Settings button opens the parent Reporting settings for the selected job including publishing options, email settings, and roles. See the [Reporting Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) topic for additional information. | -| Storage Profile | The tooltip shows the current SQL Server instance, database name, user account, and authentication type used for the selected job. See the [Storage Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available - Edit This Profile – Clicking the link opens the Storage settings for the current profile - Use Default Profile – Clicking the link applies the storage profile set as default on a global level to a job. In this case, this setting will be hidden under the **Show Inherited Settings** button - List of existing profiles – Allows switching between existing storage profiles and apply a desired one to a job | - -### Parameter Configuration - -If a job has analysis parameters that can be customized, those parameters can be configured in the -Configuration section of the Job Description Page. - -Follow the steps to configure customizable parameters using the Configuration option on the Job -Description Page: - -**Step 1 –** Navigate to the **Jobs > [Job Group] > [Job]** node. If the job has customizable -parameters, they will be located under Configuration in the job's Overview section. - -![Configuration section of Job description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpageconfigurationsection.webp) - -**Step 2 –** Click on a parameter to open the Parameter Configuration window. - -**NOTE:** To view a tool-tip that contains information about the Variable Name and the Task Name -that the parameter is associated with, hover the mouse over the parameter. - -![Parameter Configuration Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/parameterconfigurationwindow.webp) - -**Step 3 –** Configure the parameter in the Parameter Configuration window. Click **Save** to save -changes and exit the window. Click **Cancel** to exit without saving. - -The parameter has now been configured. The parameters can also be configured in the Analysis Node -under the job's Configure Node. See the -[Analysis Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -# Auto Retry Tab - -The Auto Retry tab provides the option to schedule the job to re-execute against hosts that match -the selected host status values: Offline, Failed, Errors, and Warnings. - -![Auto Retry tab of Job Properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/autoretry.webp) - -Check the desired Host Status values to generate a retry, and then configure the Refresh Data and -Retry Options settings. Finally, enter a User name (domain\user) and Password in the Scheduler -Authentication section. - -**NOTE:** To update the password for an existing account, enter a new password in the Password -field. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. - -# Connection Tab - -The Connection tab is for configuring the Connection Profile. Choose to use the default settings -(the global configuration or configuration set via broken inheritance at a job group level), to use -the system default (the account being used to run Enterprise Auditor), or to select another -Connection Profile. - -**NOTE:** It is a best practice to set the Connection Profile at the same level where the job’s host -list is set. For example, if the host list is set under the job group’s **Settings** node, then that -is where the Connection Profile should be configured. If the host list is set under the **[Job]** > -**Configure** node, then this is where the Connection Profile should be configured. - -![Connection tab of the Jop Properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/viewxml.webp) - -Select the desired option to identify the required Connection Profile for the job. See the -[Connection Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) -topic for additional information for the three connection options. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. - -# General Tab - -The General tab is for changing the job name and description. - -![General tab of Job Properties](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/general.webp) - -The following options are available: - -- Job Name -- Description -- Log Level – Indicates the job log level, which can be inherited from the global **Settings** > - **Application** log level or customized here. See below for additional information. -- Write CSV Files To Job Output Directory – Exports the native data table created by a query to a - CSV file in the job’s output directory. If there are multiple tables in the job, this option - creates one file per table. -- Timeout [value] minutes – Job’s thread timeout value -- Command – Provides the ability to enter a command that will be executed from the command line upon - job completion - -## Log Level - -The log level feature includes the following options: - -- Use global setting – use the Application log level feature, configured at the global level. - - **NOTE:** By selecting the another option from the drop-down list, you break inheritance for - this job. - -- Debug – Records everything that happens during job execution, most verbose level of logging - - Records all Info level information - - Records everything else that happens - - Creates the largest file -- Info – Records information about what stage of the job is being performed when errors or warnings - occurred - - Records all Warning level information - - Records job progress information -- Warning – Records all warnings which occur during job execution - - Records all Error level information - - Records all warnings and the time of occurrence -- Error – Records all errors which occur during job execution - - Records job start time - - Records errors and the time of occurrence - - Records job completion time - -**NOTE:** You can switch between log levels. All the levels, including the one that you choose, -shall be set for messaging in the application. - -![Log Level Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/generalloglevel.webp) - -For example, this is where you set the messaging for Info, Warning, or Error at a job level. - -# History Tab - -The History tab is for configuring the Data Retention and Log Retention periods. Choose either to -use the default settings, which could be either the global configuration or configuration set via -broken inheritance at a job group level, or to configure settings just for this job. - -![History tab of the Job Properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/history.webp) - -By default, all jobs are set to inherit the Data Retention Period and Log Retention Period settings, -the **Use Default Setting** option. Deselect the **Use Default Settings** option to configure custom -settings for the job. Then provide the desired Data Retention Period and Log Retention Period -settings. See the -[History](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md) topic -for additional information. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. - -# Notification Tab - -The Notification tab is where email notifications are configured at the job level. Choose either to -inherit the global configuration or to configure settings just for this job. - -![Notification tab of Job Properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/notification.webp) - -Deselect the **Use Global Settings** option to configure custom settings for the job. Then provide a -specific list of recipients for email notifications generated by this job. Multiple email addresses -can be input by adding a semicolon (;) and space between entries. This is specific to Notification -analysis module tasks. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. - -# Job Properties - -Jobs can be configured to inherit global settings down through parent job groups or to be -individually configured at the job level through the Job Properties window. - -![Open Job Properties from Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -To configure a job’s properties, open the Job Properties window by right-clicking on the job's node -in the Navigation pane and selecting **Properties**. - -The properties can be configured at the job level within the Job Properties window using the -following tabs: - -- [General Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -- [Performance Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -- [Notification Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -- [Report Settings Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -- [Report Roles Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -- [Storage Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -- [Connection Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -- [Auto Retry Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -- [History Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - -You can click the **View XML** button at the bottom of the window to open the job’s XML file. See -the -[View Job XML File](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -for additional information. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. - -# Performance Tab - -The Performance tab provides options that can be used to improve job performance and runtime. - -![Performance tab of Job Properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/performance.webp) - -Adjust the following settings by sliding the needle up and down the line: - -- Concurrent Worker Threads – The number of worker threads selected equals the number of hosts being - queried concurrently. If needed, this value can be increased. -- Skip Hosts that do not respond to PING – Selected by default. Deselect if a target host has been - configured to not respond to PING requests, allowing Enterprise Auditor to scan the target host - without a PING response. - - **NOTE:** In most cases, it is not recommend to deselect this option, as it causes the job to - continue querying offline hosts until the job timeout value is reached, set by default to 20 - minutes. - -- PING Timeout – The PING timeout value is the number of seconds before a host is identified as - offline for not responding to PING - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. - -# Report Roles Tab - -The Report Roles tab is part of the Role Bases Access feature of Enterprise Auditor. If Role Based -Access has been enabled, the table displays all accounts that can view reports within the Web -Console. If Role Based Access has not been enabled, all accounts have access to all reports, and the -table is blank. See the -[Role Based Access](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topic for additional information. - -![Report Roles tab of Job Properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/reportroles.webp) - -On the Report Roles tab, report role inheritance cannot be broken. Access to reports is inherited -from the global level to job groups to jobs to report configuration. All user roles configured at -the global level (**Settings** > **Roles**) are inherited down to all reports. Only the Global -Options Administrator, the Access Administrator, and the Host Management Administrator do not have -access to reports. - -The **Include Report Viewers from this object's parent** option can be unchecked to automatically -remove any user with the Report Viewer role inherited from a parent object to the job. Remember, -this does not apply to global inheritance. - -Additional accounts can be added with the Report Viewer role at the job level and inherited down to -all reports generated by the job. Click **Add Report Viewer** to open the Select User or Group -window and grant a new account access to these reports. Inheritance can be broken for accounts that -have not inherited the report role from the global level. Select an account and click **Delete -Report Viewer** to deny access to the reports. - -The table displays the following information: - -- Account Name – NT Style account name -- Type – Account type (user or group) -- Role – Role assigned to account which grants access to reports -- Inherited From – Indicates the level at which the account was granted access to reports. Remember, - global inheritance cannot be broken. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. - -# Report Settings Tab - -The Report Settings tab is for configuring publishing of Enterprise Auditor reports generated by -this job. Choose either to use the default settings, which could be either the global configuration -or configuration set via broken inheritance at a job group level, or to configure settings just for -this job. - -![Report Settings tab of Job Properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/reportsettings.webp) - -Use the Publish Options drop-down menu to customize the publish setting for the job. To configure -custom Email settings for the job, select the **Use These Email Settings** option and then provide -the desired Email information. Multiple email addresses can be input by adding a semicolon (;) and -space between entries. See the -[Reporting Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-groups.md) -topic for additional information on the Publish and Email options. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. - -# Storage Tab - -The Storage tab is for configuring the Storage Profile. Choose either to use the default settings, -which could be either the global configuration or configuration set via broken inheritance at a job -group level, or to configure settings just for this job. - -![Storage tab of the Job Properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/storage.webp) - -By default, all jobs are set to inherit the storage setting, the **Use Default** option. To -configure a different profile for the job, select the **Use This Profile** option and select the -desired Storage Profile from the drop-down menu. Storage Profiles can only be configured at the -**Settings** > **Storage** node. See the -[Storage](/docs/accessanalyzer/11.6/administration/settings/storage.md) -topic for additional information. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. - -# View Job XML File - -At the bottom of the Job Properties window is the **View XML** button. To view the XML file, click -**View** XML. - -| ![View XML button on Job Properties window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/viewxmlbutton.webp) | ![XML Text window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/viewxml.webp) | -| ------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------- | -| Job Properties Window | Job XML File | - -This opens the job’s XML file, which contains all of the job, query, and reporting configurations. -When the log level is directly set at job level, the job XML `` parameter will show a -value of: - -- 0 for Debug -- 1 for Info -- 2 for Warning -- 3 for Error - -**NOTE:** Job analysis configurations are kept in a separate XML file. - -# Results Node - -Once a job has been executed, the query populated native data tables, the analysis and action -populated materialized tables and views, and the generated reports can be viewed under the job’s -Results node. - -**NOTE:** Native data tables are only populated by jobs with configured queries. Materialized tables -and views are only generated by jobs with configured analysis or action tasks. Reports are only -generated by jobs with configured reports. - -![Results Node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/resultsnode.webp) - -Every job generates a native data table when executed, which appears at the top of the Results node. -The native data table, or raw data table, is produced by query execution. It contains all raw data -collected by the scan. It is often named DEFAULT, but may have another name that is set during query -configuration. If no query is executed by the job, the DEFAULT table is listed as a placeholder only -and will be empty (0 rows). It is possible to have multiple queries in the same job, though not -recommended. These queries could write to the same native data table, or each query could write to -its own native data table. If multiple native data tables are being generated by one job, they are -listed in alphanumeric order at the top of the Results node list. - -Analysis tasks can be configured to generate materialized tables and views. Action tasks create -action status tables. These appear beneath the native data tables under the Results node in -alphanumeric order. - -Finally, any reports generated by the job, both published and unpublished, will be listed beneath -the materialized tables and views in alphanumeric order. - -# Status Node - -Once a job has been executed, it always generates the tables providing information on host -connection status, job statistics, job task statistics, and error and warning messages can be viewed -under the job’s Status node: - -![Status Node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/statusnode.webp) - -The Status node tables are: - -- ConnectStatus table – Lists all hosts queried during job execution and the access status of the - scan, unless the System Default is being used -- Job Stats table – Provides information on the selected job’s runtime details, according to the - global configuration set in the **Settings** > **Application** node. By default, this is set to - not filter the data. -- Task Stats table – Provides information for each task run during job execution, according to the - global configuration set in the **Settings** > **Application** node. By default, this is set to - filter to the most recent data. - - **NOTE:** The Job Statistics Retention settings in the **Settings** > **Application** node - control how long the job statistics history is kept in the database and displayed Job Stats and - Task Stats tables. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information. - -- Messages table – Provides a list of any warning or error messages that occurred during the - execution of the job. For example, a frequently generated message is - `WARNING: No Host found for processing`. - - - If this message is generated by an analysis or reporting job, then there is no problem as that - type of job does not need a host list assigned - - However, if this message is generated by a job running a data collection query, this warning - would explain why the native data table is empty diff --git a/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/running-instances.md b/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/running-instances.md deleted file mode 100644 index b80695a967..0000000000 --- a/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/running-instances.md +++ /dev/null @@ -1,217 +0,0 @@ -# Running Job Details - -Both the Process ID and the View Details links open the running job's Details page. The path of the -job and the component are displayed at the top. - -- Path – Folder path in the Jobs directory. For example, - `Jobs\GROUP_.Active Directory Inventory\JOB_3-AD_Exceptions`. - - - The link opens the job’s directory in a Windows Explorer window - -- Status – While the job is running, this field displays the component that is running. When the job - has completed execution, it displays a completed status and lists the completion time. - - - Job configuration components include Query, Data Analysis, Action, and Report - -There are three tabs: Current, History, and Queued Jobs. - -## Current Tab - -The **Current** tab displays information on the job actively being executed. - -![Current tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailscurrent.webp) - -The tab includes: - -- Order – Order in which the tasks in the job are being run -- Host Name – Name of the targeted host, only visible when a query is executing -- Query – Name of the running query task, only visible when a query is executing -- Task Name – Name of the running task, when applicable to Data Analysis, Actions, or Reports. This - information is only visible when an analysis task or an action task are executing, or a report is - being generated. -- Status – Execution status, for example **Queued**, **Running**, **Success**, or **Warning**. -- Message – Enterprise Auditor message regarding runtime activity -- Runtime – Duration of task execution -- Stop – Aborts all currently running instances - -## History Tab - -The History tab only displays information for the last job that completed. - -![History tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailshistory.webp) - -The tab includes: - -- Order – Order in which the tasks within the job ran -- Task Type – Name of the component associated to the task -- Task Name – Name of the task -- Host Name – Name of the targeted host associated with the running job, if any -- Status – Status of the completed task -- Message – Enterprise Auditor message associated to the **Status** -- Runtime – Duration of task execution - -### Messages - -In the bottom pane, the History tab includes a section to display any messages for individual job -components returned from a job execution. Clicking a Task Name displays the messages for that -component. - -You can filter what messages display by using the three filters in the message pane. By clicking on -a filter arrow in the column header and selecting an available option, you can filter by Time, Type, -or Message. - -![Custom Filter window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailshistorycustomfilter.webp) - -If you select Custom, you can create a complex filter. See the -[Custom Filter](/docs/accessanalyzer/11.6/administration/navigation.md#custom-filter) -topic for additional information. - -## Queued Jobs Tab - -The Queued Jobs tab displays a list of jobs in queue and the order in which they are executed. - -![Queued Jobs tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailsqueuedjobs.webp) - -The tab includes: - -- Order – Order in which the queued jobs are executed. This order can be changed on the Queued Jobs - tab by using the buttons at the bottom. -- Job Path – Folder path in Jobs directory -- State – Queue status, for example **Running** or  **Waiting** -- Connection Profile – The Connection Profile assigned to the job, if applicable -- Host Lists – The host list assigned to the job, if applicable - -The **Move Up**, **Move Down**, and **Remove** buttons are for changing the order or removing a job -from the queue. - -# Running Instances Node - -The Running Instances node displays progress for all running jobs. This includes jobs that are run -by a scheduled task, interactively within the open Enterprise Auditor instance, or interactively in -any other running instance of Enterprise Auditor. The Running Instances node displays the instance -name, its status and position in the queue, run times for all instances, and detailed views of each -instance. - -![Running Instances node Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -This is the primary view of the Running Instances node that displays the progress of all jobs -running. - -## Overview - -The Overview page displays information about all running jobs on the current server. - -![Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overview.webp) - -For each instance this screen provides : - -- Job path -- Credential used -- Running time of the job -- Status of the running job -- Number of jobs scheduled in queue - -It also has hyperlinks for: - -- Process ID -- Host Name -- Connection Profile -- View Details -- View Log -- Stop -- View Schedule - -Clicking on any of the hyperlinks displays more information about the running job. The -**ProcessID**, **View Details, View Log**, and **Stop** links only work while the job is running. -Once the job is complete, these links are disabled. The host and Connection Profile links continue -to work. The **View Schedule** link only displays and is valid for jobs that are running via a -scheduled task and is not enabled for interactive job executions. - -![Number of jobs running on bottom bar](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewbottombar.webp) - -The number of jobs currently being run can be found in the lower-left-hand corner of the Enterprise -Auditor Console. - -## View Host - -This view identifies the host list associated with the running job. - -![Host list link](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewhost.webp) - -Click the host list link to display the hosts assigned to the running job. - -![Host list in Host Management node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewhostlist.webp) - -This view displays the host list table with host inventory data. - -## Process ID - -The Process ID correlates to the Process ID of the running instance of Enterprise Auditor in Task -Manager. In addition, the Process ID comes coupled with the file path of associated scheduled tasks, -an identifier for the account running the current instance of Enterprise Auditor, and a timestamp -for the length of the instance. - -![Process ID link](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/processid.webp) - -Click the Process ID link for additional details of the job status and queue. - -![Job details page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetails.webp) - -The Process ID link displays a page with three tabs of information with details about the running -job. See the -[Running Job Details](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/running-instances.md) -topic for additional information. - -## View Details - -Additional details on the status of the tasks the job is running are available. - -![View Details link](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewdetails.webp) - -Click the **View Details** link to display additional details of the job status and queue. - -![Job details page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetails.webp) - -The View Details link opens the running job's details with three tabs of information. See the -[Running Job Details](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/running-instances.md) -topic for additional information. - -## View Log - -The log for this running job can be opened in a text editor, such as Notepad. - -![View Log link](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewlog.webp) - -Click **View Log** to display the current job log. The View Log link is only enabled while a job is -running. - -![Log file in Notepad](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/logfile.webp) - -The Log displays such details as errors, aborts, and terminations. - -## View Schedule - -The Enterprise Auditor Console can only run one job at a time. However, with the Schedule Service -Account, the StealthAUDIT application can run multiple jobs simultaneously via Windows Task -Scheduler. - -![View Schedule link](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewschedule.webp) - -Click the **View Schedule** link to display the corresponding Scheduled Task for the running job or -job group. This link is only enabled for jobs that are running via scheduled task and will not be -enabled for interactive job executions. - -![Schedule wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/schedulewizard.webp) - -The Schedule wizard for the running task opens. See the -[Schedule Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md) topic -for additional information. - -## Stop - -The job execution can be stopped if needed. - -![Stop button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/stop.webp) - -Click **Stop** to abort all instances in the job queue. This link is only enabled while a job is -running. diff --git a/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md b/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md deleted file mode 100644 index 80473cb117..0000000000 --- a/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md +++ /dev/null @@ -1,181 +0,0 @@ -# Schedules - -The Enterprise Auditor Console can only run one task at a time. However, with the Schedule Service -Account, the Enterprise Auditor application can run multiple tasks simultaneously. See the -[Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) -topic for information on configuring the Schedule Service Account. - -The following tasks can be scheduled: - -- Job or Job Group – Schedule jobs to run at the job or job group level. See the - [Schedule Jobs](#schedule-jobs) topic for additional information. -- Host Discovery Query – Schedule Host Discovery queries from the Host Discovery node. See the - [Host Discovery Queries Activities Pane](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) - topic for additional information. -- Host Inventory Query – Schedule Host Inventory queries from within the Host Management node. See - the - [Schedule (Activities Pane Option)](/docs/accessanalyzer/11.6/administration/host-management/management.md) - topic for additional information. - -## Schedule Jobs - -Jobs can be scheduled at the job group or job level. - -![Schedule option from Job Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/jobtree.webp) - -Select the desired job group or job. Right-click on the node and select **Schedule** to open the -Schedule wizard. - -![Schedule Job wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/schedule.webp) - -The Schedule wizard has five pages with options for setting up the schedule task: - -- Schedule -- Host List -- Connection -- Run as -- Options - -See the -[Schedule Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md) -topic for additional information. - -# Schedule Wizard - -The schedule wizard allows you to configure scheduled tasks for jobs, job groups, Host Discovery -queries, and Host Inventory queries. The wizard has five wizard pages with options for setting up -the schedule task: - -- [Schedule](#schedule) -- [Host List](#host-list) -- [Connection](#connection) -- [Run As](#run-as) -- [Options](#options) - -On the Schedule page, click **New** to schedule when the task will run. The Host List and Connection -pages are optional customizations. See the relevant section below for more information on the -settings on each wizard page. - -When the settings on the wizard pages are configured as desired, click **OK** to save the changes -and close the window. The task is visible in the Schedule Actions view, at the Schedules node. - -## Schedule - -The Schedule page is for setting the schedule of when and how often the task will run. This tab -needs to be properly configured for every scheduled task. - -![Schedule wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/schedule.webp) - -The options on the Schedule page are: - -- New – Opens the Trigger window to create a trigger for when the selected task will run -- Edit – Edits the selected Trigger in the Schedule view -- Delete – Deletes the selected trigger - -![Trigger window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/triggerwindow.webp) - -The options in the Trigger window are: - -- Begin the task – Select when the scheduled task will execute from a list of options -- Settings Section – Select the time interval that the scheduled task will execute. Enterprise - Auditor pulls schedule frequency options from Windows Task Scheduler. The following options are - applicable for scheduling Enterprise Auditor tasks on the Schedule page: - - - For **One time** recurrence, set the Start time and date of the single execution - - For **Daily** recurrence, set the Start time and the daily interval of Recur every [value] - days - - For **Weekly** recurrence, set the Start time and the weekly interval of Recur every [value] - weeks on. Then select the days of the week for the execution. - - For **Monthly** recurrence, set the Start time. Then select either the monthly interval of - Days [value] of the month or the [value] [Day of the Week] of the month. By default, this is - set to recur every month. To select only specific months, use Months dropdown menu and - deselect the undesired months. - - The drop-down menu next to **Start** opens a calendar view for selecting the date - - Selecting the **Synchronize across time zones** checkbox will synchronize the scheduled task - to run without respect to the time zone - -The remaining schedule frequencies are supplied by Windows Task Scheduler and not applicable to -Enterprise Auditor task scheduling. See the Microsoft -[Task Scheduler Overview](https://technet.microsoft.com/en-us/library/cc721871.aspx) article for -additional information. - -![Trigger window Advanced settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/triggerwindowadvancedsettings.webp) - -The options in the Advanced settings section are: - -- Stop task if it runs longer than – Create a threshold for when the task will stop if it runs - beyond a certain duration -- Enabled – If checked, the configurations made in the Trigger window will be enabled - -## Host List - -The Host List page identifies the host list the task being scheduled queries. Customizations to the -configuration of this tab is optional. - -![Host List wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/hostlist.webp) - -Choose the desired setting from the following options: - -- Use Host list from Job – A default setting and applies the host list designated at the job or job - group level. This is also the recommended setting. -- Use Alternate Host List – Allows a host list to be selected from the list of Hosts Lists provided. - The list is from the Host Management host lists. - -Under the selection window, the number of selected hosts are identified. In addition, the **Select -All** and **Clear All** links provide for quick selection and deselection. - -## Connection - -The Connection page identifies the Connection Profile that is applied to the targeted hosts being -queried by the task being scheduled. Customizations to the configuration of this tab is optional. - -![Connection wizard page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoredhosts/add/connection.webp) - -Choose the desired setting from the following options: - -- Use Profile from Job – A default setting and applies the Connection Profile designated at the job - or job group level - - **_RECOMMENDED:_** In most cases, this is the recommended setting - -- Use the Windows account that the application is run with (System default) – Applies the account - used to open the Enterprise Auditor Console -- Use Alternate Profile – Allows a Connection Profile to be selected form the Profiles list - provided. The list is from the global **Settings** > **Connection** list of Connection Profiles. - -## Run As - -Select the Schedule Service account to run this task with on the Run as wizard page. To create or -edit Schedule Service accounts, go to the **Settings** > **Schedule** node. See the -[Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) -topic for additional information. - -![Run as wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/runas.webp) - -The options on the Run as wizard page are: - -- Use default Schedule Service Account – Uses the default Schedule Service Account that is set at - the **Settings** > **Schedule** node -- Use selected Schedule Service Account – Select the Schedule Service Account to use for the task - from a list of available accounts in the drop-down menu -- Use Custom Credentials – Use custom credentials not stored in the Enterprise Auditor Console. - Enter the User Name for the custom credentials. - - - Change User – Click this button to open the Schedule Custom Credentials window and specify a - user name and password - - To update the password for an existing account, click the **Change User** button and enter a - new password - -## Options - -Configure additional options for the task on the Options wizard page. - -![Options wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -The configurable options are: - -- Comments – Enter custom comments for the scheduled task -- Stop the task if it runs for – Create the threshold for when the scheduled task will stop if it - exceeds a configured duration -- Scheduled task is enabled – Selecting this checkbox will enable the scheduled task. Deselecting it - will disable the scheduled task. diff --git a/docs/accessanalyzer/11.6/administration/maintenance/backup-recovery.md b/docs/accessanalyzer/11.6/administration/maintenance/backup-recovery.md deleted file mode 100644 index 7cf355c6d8..0000000000 --- a/docs/accessanalyzer/11.6/administration/maintenance/backup-recovery.md +++ /dev/null @@ -1,100 +0,0 @@ -# Backup and Recovery - -For data recovery purposes, the Enterprise Auditor does not need a complete image back up of the -Enterprise Auditor Console server. Rather a standard file level back up of a few key components is -all that is necessary. This document contains a step-by-step guide for back up and recovery. The -choice of back up utility is left to the Enterprise Auditor user. - -**NOTE:** This does not cover back up of the Enterprise Auditor database. - -## Steps to Back Up the Console Server - -Follow these steps to back up the key components necessary for data recovery of the Enterprise -Auditor Console server. - -**Step 1 –** Obtain or save the installation media for Enterprise Auditor. - -**Step 2 –** Back up the following files and folders from the Enterprise Auditor folder (Typically -found at `C:\Program Files(x86)\STEALTHbits\StealthAUDIT` and can be more directly found with the -built-in environment variable `%SAINSTALLDIR%`): - -- ...\STEALTHbits\StealthAUDIT\Jobs: Contains the jobs from the Enterprise Auditor jobs tree -- … \STEALTHbits\StealthAUDIT\CLU: Contains any CLU parameters -- … \STEALTHbits\StealthAUDIT\ODBCProfiles\Custom: Contains any custom ODBC connect strings -- …\STEALTHbits\StealthAUDIT\SADatabase\Views: Contains the host list definitions -- ...\ STEALTHbits\StealthAUDIT\SecurityMap: Contains all of the Connection Profiles -- ... \STEALTHbits\StealthAUDIT\GlobalOptions.XML: Contains the Global Options -- ...\ STEALTHbits\StealthAUDIT\SPProfiles.XML: Contains the Storage Profiles (SQL connection) -- ...\ STEALTHbits\StealthAUDIT\rba.conf: Contains the Role Based Access Configuration -- ...\ STEALTHbits\StealthAUDIT\StealthAUDIT.LIC: The license key - -**Step 3 –** Back up all Scheduled Tasks. The method of back up is determined by the Enterprise -Auditor user. This can be as simple as copying the contents of the tasks folder from the following -two locations: - -![C:\Windows\Tasks](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/maintenance/maintenance_3.webp) - -- C:\Windows\Tasks - -![C:\Windows\System32\Tasks](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/maintenance/maintenance_4.webp) - -- C:\Windows\System32\Tasks - -All key components necessary for data recovery have now been backed up. - -## Steps to Restore the Console Server - -Follow these steps for data recovery of the Enterprise Auditor Console server. - -**Step 1 –** Confirm the prerequisites have been met on the Enterprise Auditor Console Server. See -the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for specific prerequisites. - -**Step 2 –** Install the Enterprise Auditor application. Do not start the Enterprise Auditor -application at this time. - -**Step 3 –** Restore all of the backed up files and folders from Step 2 of Steps to Back up the -Enterprise Auditor Console Server to their corresponding location. - -**Step 4 –** Restore all of the backed up scheduled tasks from Step 3 of Steps to Back up the -Enterprise Auditor Console Server to the corresponding tasks folder of the operating system. - -**Step 5 –** For Host Management and Host List Replication in a new host scenario, run the following -code within the SQL Studio on the Enterprise Auditor database. - -- Replace `OldServer` and `NewServer` in the script below with the names of the old and new - Enterprise Auditor servers - -``` -Declare @OHost varchar (128) -Declare @NHost varchar (128) -Set @OHost = 'OldServer' -Set @NHost = 'NewServer' -Update [HostMaster_SANodeFilter] -SET SA_Node = @NHost -Where SA_Node = @OHost; -Update [HostListsTbl] -SET SA_Node = @NHost -Where SA_Node = @OHost -and ListID not in (Select ListID from [HostListsTbl] where SA_Node = @NHost); -Update [QueryTbl] -SET SA_Node = @NHost -Where SA_Node = @OHost; -``` - -**Step 6 –** Start Enterprise Auditor and confirm all settings and jobs have been restored. - -**Step 7 –** Enable Role Based Access to write the necessary registry keys: - -![Role Based Access](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/maintenance/maintenance_5.webp) - -- Navigate to the **Settings** > **Access** node in the Enterprise Auditor Console and select - **Access** -- Use the **Add Access**, **Edit Member Role**, and **Delete Member Role** buttons to add, remove, - and edit roles -- See the - [Role Based Access](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) - topic for more information - -The Enterprise Auditor Console Server is now restored. diff --git a/docs/accessanalyzer/11.6/administration/maintenance/troubleshooting.md b/docs/accessanalyzer/11.6/administration/maintenance/troubleshooting.md deleted file mode 100644 index f0ce5b277b..0000000000 --- a/docs/accessanalyzer/11.6/administration/maintenance/troubleshooting.md +++ /dev/null @@ -1,77 +0,0 @@ -# Troubleshooting - -There are some general things to know when getting started troubleshooting Enterprise Auditor: - -- Enterprise Auditor Install Directory Shortcut – `%sainstalldir%` - -The shortcut opens the installation folder location where the Enterprise Auditor application is -installed. The default installation directory is: - -C:\Program Files (x86)\STEALTHbits\StealthAUDIT\ - -If the installation directory was customized during installation, it will be: - -…\STEALTHbits\StealthAUDIT\ - -The Enterprise Auditor install directory has several logs that can be accessed for troubleshooting -purposes. This includes: - -- The Application log which contains logging of all activities within Enterprise Auditor -- The Upgrade log which logs activities related to the upgrade process -- The upgrade archive which is a zip file containing all of your Enterprise Auditor jobs prior to - the upgrade process -- Sensitive Data logs that contain details from sensitive data scans performed against various - repositories -- Artifacts from various data collection routines such as tier 2 database files created from File - System or SharePoint scanning - -See the [Logs](#logs) topic for additional information. - -## Logs - -Enterprise Auditor has a few areas where it stores logs. Make sure the log level is set to DEBUG in -Enterprise Auditor to gather all necessary information. Once the logs have been created and sent to -Netwrix Support, then reset the logging level to save disc space. - -To set your logging level to debug go to **Settings** > **Application** – **Set the Application log -level to Debug** and restart the application. - -#### Where Are the Logs Located? - -| Log Name | Log Location | -| ------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SADebug (Enterprise Auditor Console) | `%sainstalldir%SADatabase\Logs\Application` SADebug Logs will be saved in the format: SADebug-[timestamp]-[PID].tsv | -| Job Log (Enterprise Auditor Console) | Windows File Explorer Shortcut: `%sainstalldir%Jobs\Group_Name\Job_Name\Output\nameofjob.tsv` Console Shortcut: **Right click job** > **Explore folder** > `nameofjob.tsv` | -| ExchangePS logs (Enterprise Auditor Console) | `%sainstalldir%PrivateAssemblies\GUID` | -| PowerShell Logs (Enterprise Auditor Console) | `%sainstalldir%Jobs\SA_CommonData\PowerShell` | -| PowerShell logs (Remote Host): | ` C:\Program Files(x86)\STEALTHbits\StealthAUDIT\Applet\Powershell\GUID` | -| RPC logs (File System Action Module) | `FileSystemAM\RPCLogs` | -| SMARTLog logs (Remote Host) | `C:\Program Files(x86)\STEALTHbits\StealthAUDIT\Applet\SmartLog` | -| SMARTLog logs (Enterprise Auditor Console) | `%SAInstallDir%Jobs\SA_CommonData\SmartLog` | -| SMARTLog Persistence File (Enterprise Auditor Console) | `%SAInstallDir%Jobs\SA_CommonData\SmartLog\GUID\Host` | -| Metrics Logs (Remote Host) | `{Location of Message Tracking Logs}\ SA_ExchangeMetricsData\NameofQuery` | -| Metrics Persistence File (Enterprise Auditor Console) | `%SAInstallDir%Jobs\SA_CommonData\Metrics\GUID\Host` | -| Web Server Logs | `%sainstalldir%SADatabase\Logs\Web` | - -## FSAA Log Naming Conventions - -FSAA Applet Logs: - -All FSAA applet logs have the following naming convention for permissions, activity, sensitive data, -and DFS scan types: - -- `[SCAN TYPE]_[HOSTNAME]_[YEAR]_[MONTH]_[DAY]_[TIME]_{JOB_GUID}_[SessionID].log` - -FSAA Trace Logs: - -Below are two types of FSAA trace logs created while in local, applet, or proxy modes: - -- Parent Trace Log – StealthAUDITRPC*[YYYYMMDD_hhmmss]*[Execution_Host].log - - ProccessID is logged in the job log -- Child Trace Log – - StealthAUDITRPC*[session_id]*[ScanType]_[Execution_host]_[Target_host]\_[YYMMDD_hhmmss].log - - ProcessID is logged in the Parent trace log - -When running StealthAUDITRPC as a service, the parent trace log reads as: - -- StealthAUDITRPC.log diff --git a/docs/accessanalyzer/11.6/administration/maintenance/update-passwords.md b/docs/accessanalyzer/11.6/administration/maintenance/update-passwords.md deleted file mode 100644 index 5525bf0da9..0000000000 --- a/docs/accessanalyzer/11.6/administration/maintenance/update-passwords.md +++ /dev/null @@ -1,95 +0,0 @@ -# Updating Passwords - -Credential passwords in Enterprise Auditor occasionally need to be updated due to reasons such as -the password expiring due to existing password expiration polices or for security purposes. If a -password change is required, there are multiple types of accounts where credential passwords must be -updated: - -- [Storage Profiles](#storage-profiles) -- [Connection Profiles ](#connection-profiles) -- [Schedule Service Accounts ](#schedule-service-accounts) - - - [Settings > Schedule Node](#settings-schedule-node) - - [Schedules Node](#schedules-node) - - [Jobs](#jobs) - -- [Notifications (if enabled)](#notifications-if-enabled) -- [ServiceNow (if enabled)](#servicenow-if-enabled) -- [Enterprise Auditor Services](#enterprise-auditor-services) - -**NOTE:** When updating passwords in Enterprise Auditor, you should also check the passwords in -Netwrix Activity Monitor. See the Update Credential Passwords topic in the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for additional information. - -## Storage Profiles - -Storage Profiles manage user authentication with the database. See the -[Update Authentication Credentials in a Storage Profile](/docs/accessanalyzer/11.6/administration/settings/storage.md) -topic for information about updating Storage Profile authentication credentials in the Enterprise -Auditor Console. - -## Connection Profiles - -Connection Profiles are used for scan authentication in the Enterprise Auditor console. See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for details on how to edit user credentials for a Connection Profile. - -For Entra ID, formerly Microsoft Azure Active Directory, accounts, see the -[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md) -topic for additional information. - -## Schedule Service Accounts - -Enterprise Auditor uses the Schedule Service Account to run scheduled tasks on the Enterprise -Auditor Console server. The global account is configured at the Settings > Schedule node. However, a -custom account can be assigned to either a Job or a Scheduled Task. - -### Settings > Schedule Node - -The Settings > Schedule Node displays the Schedule page where you can configure the account used for -executing a scheduled task. See the -[Edit a Schedule Service Account](/docs/accessanalyzer/11.6/administration/settings/schedule.md#edit-a-schedule-service-account) -topic for additional information on editing the user credentials for the account. - -### Schedules Node - -The Schedules Node opens the Scheduled Actions pages where scheduled tasks are listed. From this -page, actions can be scheduled using the Schedule wizard. See the -[Schedule Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md) -topic for additional information on updating the credentials password in the Schedule wizard. - -### Jobs - -Jobs are typically scheduled with the global scheduled account. However, Jobs can also be scheduled -with a custom account. See the -[Auto Retry Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for information on updating the Schedule Authentication credentials. - -## Notifications (if enabled) - -Email notifications are configured in the Notifications node. The following steps only apply if -Notification authentication has been enabled for the Enterprise Auditor Console. See the -[Update Notification Authentication Credentials](/docs/accessanalyzer/11.6/administration/settings/notifications.md#update-notification-authentication-credentials) -topic for information on updating Notification authentication credentials. - -## ServiceNow (if enabled) - -The ServiceNow Node controls the integration between Enterprise Auditor and ServiceNow. See the -[Update ServiceNow Authentication Credentials](/docs/accessanalyzer/11.6/administration/settings/service-now.md#update-servicenow-authentication-credentials) -topic for information on updating ServiceNow authentication credentials. - -## Enterprise Auditor Services - -Depending on your configuration, the credentials for the accounts running the following Netwrix -Enterprise Auditor services may need updating: - -- File System Proxy Service – This service is on the proxy server. See the - [File System Proxy Service Installation](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) - topic for additional information. -- Vault Service – See the - [Vault](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information -- Web Server Service – See the - [Reports via the Web Console](/docs/accessanalyzer/11.6/installation/reports-configuration/security.md) - topic for additional information diff --git a/docs/accessanalyzer/11.6/administration/navigation.md b/docs/accessanalyzer/11.6/administration/navigation.md deleted file mode 100644 index 74c1ab7650..0000000000 --- a/docs/accessanalyzer/11.6/administration/navigation.md +++ /dev/null @@ -1,821 +0,0 @@ -# Activities Pane - -The Activities pane displays a list of activities which can be conducted within the currently -selected console section. It is only visible if there are activities available for the selected -section. In the few cases where the Results pane is a wizard, this pane becomes the navigation pane -for the wizard, e.g. the Enterprise Auditor Host Discovery Wizard. If the currently selected console -section has an associated Activities Pane, it can be found on the right-hand side of the Enterprise -Auditor Console. - -![activitiespane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/activitiespane.webp) - -The following console sections have associated Activities Panes: - -- All Global Settings > [Settings] nodes -- Host Management nodes -- **Host Discovery** node -- Jobs > [Job Group/Job] > Settings node - -The Guidance section of the Activities Pane will display context sensitive information depending on -what the currently selected console section is. - -# Data Grid Functionality - -All data grids within the Enterprise Auditor Console have functions and features that allow -Enterprise Auditor users to group by, filter, and sort via the filtration dialog through the data. - -![Search Methods - Data Grid](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality.webp) - -The different grouping, filtering, and search methods in the Data Grid are: - -- [Data Grid Right-Click Menu](#data-grid-right-click-menu) -- [Sort](#sort) -- [Group By](#group-by) -- [Filter](#filter) - -The Show maximum [value] of total [value] rows, located in the upper-right hand corner of the Data -Grid view in the Results Pane, indicates how many rows of data are available within this data grid -(the first value) and how many rows of data are available in the Enterprise Auditor database for -this data grid (the second value). The maximum value can be changed by the user and only affects the -maximum number of rows available for this data grid within the Enterprise Auditor Console. The total -value is automatically supplied from the Enterprise Auditor database and cannot be changed by the -user. If the total value is less than the maximum value, then all available data for this grid is -present for sorting, filtering, and searching. - -## Data Grid Right-Click Menu - -The right-click menu that affects data grid functionality is accessible by right-clicking on the -data grid header row. - -![Data Grid Functionality](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality1.webp) - -The Data Grid Right-click menu contains the following selections: - -- Sort Ascending – Sorts data by selected column in alphanumeric order -- Sort Descending – Sorts data by selected column in alphanumeric order -- Clear Sorting – Removes all sorting from selected column -- Group By This Field – Groups data or clears grouping of data by selected column -- Group By Box – Hides or shows the Group By Box where headers can be dragged-and-dropped to group - the data -- Footer – Provides a data grid summation row at the bottom of the data grid (see the - [Footer](#footer) section) -- Group Footers – Provides a data grid summation row at the bottom of each group (see the - [Footer](#footer) section) -- Remove This Column – Removes selected column from the data grid -- Field Chooser – Opens the Customization window (see the - [Customization Window](#customization-window) section) -- Best Fit – Changes column width to fit the data within the selected column -- Best Fit (all columns) – Changes column width for all columns to fit the data - -Some data grids include right-click menus for actions on the data. See the corresponding sections -for information on right-click menus within a data grid. - -### Customization Window - -The Customization window can be used to customize the data grid to only display specific columns. - -![Customization Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality2.webp) - -To open the Customization window, select Field Chooser from the column header right-click menu. - -![Customization Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality3.webp) - -Any column that has been removed from the data grid, either by dragging it off the screen or by -dropping it into this window, will be listed here. A column not currently displayed can be returned -to the data grid by dragging-and-dropping it from this window onto the header row. - -### Footer - -The footer provides a data grid summation row. The summation capabilities exist for every column on -the footer either for the entire data grid or by grouped sections of the data grid. - -![Footer Option](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality4.webp) - -To enable the footer, right-click in a column header and select Footer from the right-click menu. - -![Footer display](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality5.webp) - -The footer appears as a gray bar at the bottom of the grid (or grid group). Right-click on the -footer under the desired column. Only the options applicable to the desired column will be valid for -selection. - -![Footer options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality6.webp) - -The different footer options are: - -- Sum – Available for columns with numeric values, adds all values in the column -- Min – Available for columns with numeric values, identifies the minimum value in the column -- Max – Available for columns with numeric values, identifies the maximum value in the column -- Count – Counts the number of records within the column -- Average – Available for columns with numeric values, calculates the average value for the column -- None – Removes the selected summation - -## Sort - -The data grid can be sorted in alphanumeric order by clicking on a column header. - -![Sort Order](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality7.webp) - -An arrow displays on the column header indicating if the sort is increasing or decreasing. This -feature only works on one column at a time. - -## Group By - -Users can interact and search through data grids in the Results Pane. - -| ![Default Group By View](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality8.webp) | ![Organized by Column Header](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality9.webp) | -| --------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | -| Default view | Organized by Column Header | - -To use this feature, drag a column header into the “Drag a column header here to group by that -column” area. The data grid groups according to the data within that column. The sub-header provides -a ‘count’ of records within each group. Expand the group to view the data. - -![Expand Group View](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality10.webp) - -Multiple columns can be dragged into the Group By area to form tiered groupings. - -**NOTE:** Sorting by the FQDN column is an easy way to see if there are two entries for the same -host. - -![Column Header](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality11.webp) - -The data grid can also be grouped by dragging a column header beneath the other column headers -either to the stationary section on the left or to the mobile section on the right. Each record -counts as a single row for the total rows value, but displays in two rows with the second row -dedicated for the moved column. - -Drag the column header(s) back to the table to remove the grouping or use the Clear Sort option in -the [Data Grid Right-Click Menu](#data-grid-right-click-menu). Additionally, the sort will clear -when the user navigates to another place in the console. - -## Filter - -Users can filter and search data in the Data Grid by using the dropdown arrow in the column headers -to select from a list of filters, configuring a custom filter, or by using the Data Grid filtration -dialog located above the Activities Pane. - -![Filter](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality12.webp) - -In the header of every column is a drop-down arrow. This provides users with the ability to filter -the data grid for a particular item or items within a column. The drop-down menu has the options of -(All), (Custom…), and an alphabetical listing of all items currently within that column for the data -grid. - -- [Custom Filter](#custom-filter) – Click Custom Filter in the header dropdown to open the Custom - Filter window -- [Filtration Dialog](#filtration-dialog) – Click the Magnifying Glass icon in the Filtration Dialog - to select a specific filter - -### Custom Filter - -The Custom option opens a Custom Filter builder for the selected column. - -![Custom Filter](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality13.webp) - -The Custom Filter window options are: - -- Show rows where - - First Comparison Operator – Select from a list of different logical operators that will apply - to the first custom filter criteria - - AND/OR radio buttons – Select logical relationship between the first and second custom filter - criteria - - Second Comparison Operator – Select from a list of different logical operators that will apply - to the second custom filter criteria. -- Two wildcard options: - - The underscore (\_) can be used to represent any single character - - The asterisk (\*) can be used to represent any series of characters - -#### Creating a Custom Filter - -Follow the steps to create a Custom Filter: - -**Step 1 –** Click the dropdown arrow in the column header for the column where the Custom Filter is -going to be applied and select (Custom…) from the list. The Custom Filter window opens. - -![Creating a Custom Filter](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality14.webp) - -**Step 2 –** Set the desired criteria for the custom filter. Select the logical operator from the -drop-down menu on the left and set the criteria in the textbox on the right. - -**Step 3 –** Select either AND/OR and set the second criteria field, following the same method as -Step 2. - -**Step 4 –** Click OK to confirm changes. The custom filter criteria is now applied to the Data -Grid. - -In the example above, OSName is like \*2008\* AND not like \*Standard\*, the filter returns all data -records with an operating system name that contains “2008” but not “Standard,” e.g. Windows Server -2008 Enterprise Edition, 64 bit and Windows Server 2008 R2 Datacenter Edition, 64-bit, etc. Complex -filters can be created using the Advanced Search option in the Filtration Dialog. - -![Selected Filter Criteria](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality15.webp) - -The selected filter criteria will appear at the top of the data grid. A red X appears in the -filtration dialog, and the total rows value drops to the number of records that match the filter -criteria. Additional filter statements can be added for other columns by repeating the process to -build complex filters. The filtration dialog also provides other ways to filter and search the data -set. See the [Filtration Dialog](#filtration-dialog) topic for additional information on this -feature. - -Filters can be cleared by clicking the red X in the filtration dialog (to clear all filter -statements), selecting All from the column’s drop-down menu (to clear filters one column at a time), -or by navigating to another place in the console (to clear all filter statements). However, the -Recent Filters option in the filtration dialog provides a list of the most recent filters applied to -the data set for users to quickly return to a filtered view. - -### Filtration Dialog - -The filtration dialog in the upper-right corner with the magnifying glass icon provides additional -filtering options. - -![Filtration Dialog](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality16.webp) - -The magnifying glass icon opens a dropdown list of columns for the selected data grid, the Advanced -Search option, and the Recent Filters list. Typing in the textbox at the top filters the data grid -for the selected column (identified by the black dot). Hover over the Recent Filters menu item to -open the list of the last server filters applied to this data grid. - -#### Advanced Search - -The Advanced Search option opens a Set Filter builder for users to build a filter for multiple -columns using multiple logical operators. - -![Advanced Search](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality17.webp) - -The filter options and logical operators are: - -- Filter Button – The Filter button opens a menu with the options to: - - Add Condition - - Add Group - - Clear All -- Logical Operator – The logical operator (red text) beside the Filter button can be changed by - clicking on it to open a menu with: - - AND - - OR - - NOT AND - - NOT OR -- Ellipsis Button – The ellipsis (…) button at the beginning of each row opens a menu with options - to: - - Add Condition - - Add Group - - Remove Row -- Column Selection – The selected column (green text) can be changed by clicking on it to open a - menu with all available columns for the data grid. -- Comparison Operator – The comparison operator (dark red text) can be changed by clicking on it to - open a menu with: - - equals - - does not equal - - is less than - - is less than or equal to - - is greater than - - is greater than or equal to - - like - - not like - - is blank - - is not blank - - between - - not between - - in - - not in -- Filter Criteria – The filter criteria (blue text) can be changed by clicking on it and typing in - the textbox that appears. The Custom Filter builder wildcards can also be used in the Set Filter - builder. - -# Navigating the Console - -There are several options that can be used to navigate the Enterprise Auditor Console. This section -covers basic Enterprise Auditor Console navigation, including menu options, buttons, and the -different panes through which users can access Enterprise Auditor’s various functions and options. - -![Console Navigation Overview](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationoverview.webp) - -The primary sections of the Enterprise Auditor Console are: - -- [Top Navigation](/docs/accessanalyzer/11.6/administration/navigation.md) – - Comprised of the Menu Bar and the Actions Bar -- [Navigation Pane](/docs/accessanalyzer/11.6/administration/navigation.md) - – Navigate through all of Enterprise Auditor’s major functions using the Navigation Pane. - Selecting a node or sub-folder in the Navigation Pane will change what can be done in the Results - Pane. -- [Results Pane](/docs/accessanalyzer/11.6/administration/navigation.md) - – Displays various interfaces based on what is selected in the Navigation Pane or Activities Pane -- [Activities Pane](/docs/accessanalyzer/11.6/administration/navigation.md) - – Displays a list of activities which can be conducted within the currently selected console - section - -Enterprise Auditor Data Grids also have specific navigation options that enable users to filter, -group, and search through data. See the -[Data Grid Functionality](/docs/accessanalyzer/11.6/administration/navigation.md) -topic for additional information. - -# Navigation Pane - -The Navigation Pane, located on the left-hand side of the Enterprise Auditor Console, lists all the -major functions of Enterprise Auditor in a collapsible list format. Clicking on any node with an -arrow will open a collapsible list that shows more navigation, configuration, and use options. - -![Configuration Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationmenu.webp) - -The items in the Navigation Pane are: - -- Settings – Opens the Global Settings section for configurations which affect the running of - Enterprise Auditor jobs. See the - [Global Settings](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/overview.md) - topic for additional information. -- Host Management – Opens the Host Management section for inventorying and managing hosts to be - targeted by Enterprise Auditor jobs. See the - [Host Management](/docs/accessanalyzer/11.6/administration/host-management/management.md) - topic for additional information. -- Host Discovery - Opens the Host Discovery section for discovering hosts to be targeted by the - Enterprise Auditor jobs. See the Host Discovery topic for additional information. -- Running Instances – Displays progress for all running jobs. This includes jobs that are run by a - scheduled task, interactively within the open Enterprise Auditor instance, or interactively in any - other running instance of Enterprise Auditor See the - [Running Instances Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/running-instances.md) - topic for additional information. -- Schedules – Opens the Scheduled Actions view which displays information on all scheduled tasks. - See the - [Schedules](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md) - topic for additional information. -- Jobs – Lists all solutions, job groups, and jobs within a folder structure. See the - [Jobs Tree](/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/overview.md) topic - for additional information. - -The title above the Navigation Pane will change depending on what is selected. There are also -several right-click or context menus available throughout the console. See the -[Navigation Pane Right-click Menus](#navigation-pane-right-click-menus) topic for additional -information. - -## Navigation Pane Right-click Menus - -There are several contextual right-click menus that are accessed by right-clicking on individual -nodes or sub-nodes in the Navigation Pane. The different right-click menus are: - -- Host Management Right-click Menus -- Jobs Tree Right-click Menus - -### Host Management Right-click Menus - -The following right-click menus are available within the Host Management node. - -See the -[Host Management](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information on these actions. - -#### Discovery Node - -The Discovery node right click-menu can be accessed in the Host Management node in the Navigation -Pane. - -![Discovery Node options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane1.webp) - -The Discovery node right-click menu options are: - -- Create Query – Opens the - [Host Discovery Wizard](/docs/accessanalyzer/11.6/administration/host-management/discovery.md) -- Suspend/Resume Query Queue – Pauses or resumes the host discovery queue - -#### All Hosts Node - -The All Hosts node right-click menu can be accessed in the Host Management node in the Navigation -Pane. - -![All Hosts Node options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane2.webp) - -The All Hosts right-click menu options are: - -- Add Hosts – Opens the - [Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) - window -- Refresh Lists – Refreshes host list -- Refresh Hosts – Executes the host inventory query -- Save Selected to Lists – Opens the - [Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) - window with the selected hosts already added to a new list -- Schedule – Opens the - [Schedule (Activities Pane Option)](/docs/accessanalyzer/11.6/administration/host-management/management.md) - window to schedule a host inventory query -- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file -- Suspend/Resume Host Inventory – Pauses or resumes a host inventory query - -#### All Hosts > [Host List] Node - -The All Hosts > [Host List] right-click menu can be accessed in the Host Management node in the -Navigation Pane. - -![Host List Node options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane3.webp) - -The All Hosts > [Host List] node right-click menu options are: - -- Edit List – Opens the - [Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) - window for the selected list -- Rename List – Opens the Host list name window -- Delete List – Delete the selected host list -- Refresh List – Refreshes host list -- Refresh Hosts – Executes the host inventory query -- Save Selected to List – Opens the - [Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) - window with the selected hosts already added to a new list -- Schedule – Opens the - [Schedule (Activities Pane Option)](/docs/accessanalyzer/11.6/administration/host-management/management.md) - window to schedule a host inventory query -- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file -- Suspend Host Inventory – Pauses or resumes a host inventory query - -### Jobs Tree Right-click Menus - -The following right-click menus are available within the Jobs tree. - -See the [Jobs Tree](/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/overview.md) -topic for additional information on these actions. - -#### Jobs Tree Primary Nodes - -The Job tree primary nodes have the following right-click menu items: - -**NOTE:** These menu items apply to a Jobs Tree, Job Group, and a Job. Depending on the chosen -selection, some menu items are grayed out. - -| ![Jobs Tree Primary Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane4.webp) | ![Jobs Tree Primary Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane5.webp) | ![Jobs Tree Primary Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane6.webp) | -| ---------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | -| Jobs Tree Node | A Job Group Node | A Job Node | - -Menu items include: - -- Run Group/Jobs – Executes the selected job group or job -- Publish – Publishes the reports from the selected job group or job without regenerating the - report. See the - [Reporting](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/overview.md) - topic for additional information. -- Lock Group/Job – Locks job group or job, indicating configuration has been approved and the job - group or job is ready to be scheduled/run. This option only applies to Role Based Access. See the - [Role Based Access](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) - topic for additional information. -- Unlock Group/Job – Unlocks job group or job, indicating the configuration has not been approved or - needs to be modified. Unlocking a job will prevent Job Initiators from scheduling or running the - job. This option only applies to Role Based Access. See the - [Role Based Access](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) - for additional information. -- Enable/Disable Job(s) – Disables the selected job or job group and skips them during scan - execution. When a job group is disabled, all existing jobs within the job group are disabled. See - the - [Disable or Enable a Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) topic - for more information. -- Schedules – Opens the - [Schedule Jobs](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md#schedule-jobs) to - schedule job group or job execution -- Refresh Tree – Refreshes the Jobs tree -- Changes – Opens the - [Changes Window](/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/overview.md#changes-window) to - track changes to job configuration in a change log -- Cut – Cuts the selected job group or job (Ctrl+X) -- Copy – Copies the selected job group or job (Ctrl+C) -- Paste – Pastes a copied/cut job group or job to the selected location (Ctrl+V) - - **CAUTION:** Delete Group/Job will also delete all tables that match the job’s naming convention - from the database. - -- Delete Group/Job – Deletes the selected job group or job. See the - [Report Cleanup when Deleting a Job or Job Group](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/cleanup.md) - topic for additional information. - - **CAUTION:** Rename Group/Job will rename all tables that match the job’s naming convention - within the database. - -- Rename Group/Job – Opens a textbox over the selected job group or job to rename -- Export – Zips the selected job group or job. Options allow for including the job, the reports, - and/or the job log and SA_Debug log. - - Save the ZIP file to a desired location, and optionally attach it to an email to - [Netwrix Support](https://www.netwrix.com/support.html). - - Email option requires - [Notification](/docs/accessanalyzer/11.6/administration/settings/notifications.md) - settings to be configured. -- Create Job (Ctrl+Alt+A) – Creates a new job at the same location as the selected job group or job. - See the - [Create a New Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md). -- Create Group – Creates a new job group within the selected location -- Explore Folder – Opens the Windows Explorer folder for the select object -- Properties – Opens the - [Job Properties](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) window - -#### [Job] > Status Node - -The [Job] > Status node has the following right-click menu items: - -![Status Node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane7.webp) - -The Status node right-click menu items are: - -- Run Job – Executes the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -#### [Job] > Status > [Table/View] Nodes - -The [Job] > Status > [Table/View] nodes have the following right-click menu items: - -| ![Table/View Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane8.webp) | ![Table/View Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane9.webp) | ![Table/View Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane10.webp) | -| --------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------- | -| ConnectStatus Table | Job Stats & Task Stats Tables | Messages Table | - -These menu items apply to the ConnectStatus Tables, Job Stats and Task Stats Tables, and the -Messages Table. Depending on the chosen selection, some menu items are grayed out. The menu items -are: - -- Create Hostlist From Data – Opens the New host list from job results window -- Edit Host List – Opens the Edit Dynamic Job Host Lists window -- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file -- Run Job – Executes the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Creates Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -#### [Job] > Results Node - -The [Job] > Results node has the following right-click menu items: - -![Results Node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane11.webp) - -The menu items are: - -- Refresh Tree – Refreshes the Jobs Tree -- Run Job – Executes the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -#### [Job] > Results > [Table/View] Nodes - -The [Job] > Results > [Table/View] nodes have the following right-click menu items: - -![Results-Table View Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane12.webp) - -The menu items are: - -- Create Hostlist From Data – Opens the New host list from job results window. See the - [Host Management](/docs/accessanalyzer/11.6/administration/host-management/management.md) - topic for additional information. -- Edit Host List – Opens the Edit Dynamic Job Host Lists window. See the - [Host Management](/docs/accessanalyzer/11.6/administration/host-management/management.md) - topic for additional information. -- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file -- Actions – Opens the selected - [Action Modules](/docs/accessanalyzer/11.6/accessanalyzer/admin/action/overview.md) - for the selected table/view -- Run Job – Executes the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Create Job - Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -#### [Job] > Results > [Report] Nodes - -The [Job] > Results > [Report] nodes have the following right-click menu items: - -![Results-Report Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane13.webp) - -The [Job] > Results > [Report] node right-click menu items are: - -- Run Job – Executes the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -#### [Job] > Configure Node - -The [Job] >Configure node have the following right-click menu items: - -![Configure Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane13.webp) - -The [Job] > Configure node right-click menu items are: - -- Run Job – Executes the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - - **NOTE:** This right-click menu is also opened at the Configure > Hosts node. - -#### [Job] > Configure > [Configuration] Nodes - -The right-click menu items for the [Job] > Configure > [Configuration] node are the same right-click -menus as those available within the job’s individual configuration views: - -| ![Configure-Configuration Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane14.webp) | ![Configure-Configuration Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane15.webp) | ![Configure-Configuration Nodes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane16.webp) | -| ----------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -| Queries Node | Analysis Node | Actions Node | - -Each configuration node has a different right-click menu. For additional information on each: - -- For the Queries node, see the - [Jobs](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) section - for information on these options -- For the Analysis node, see the - [Jobs](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) section - for information on these options -- For the Actions node, see the - [Jobs](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) section - for information on these options - -#### [Job] > Configure > Reports Node - -The [Job] >Configure > Reports node has the following right-click menu items: - -![Configure-Reports Node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane17.webp) - -The [Job] > Configure > Reports node right-click menu items are: - -- Create Report – Opens a new report Configuration under the job’s **Configure > Reports Node** -- Paste Report – Paste a copied report from a different job into this job’s Reports node -- Run Job – Executes the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Create Job – Creates a new job at the same location as the selected job group or job - -#### [Job] > Configure > Reports > [Report Configuration] Node - -The [Job] >Configure > Reports > [Report Configuration] node has the following right-click menu -items: - -![Reports Configuration Node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane18.webp) - -The [Job] > Configure > Reports > [Report Configuration] node right-click menu items are: - -- Generate Report – Generates the selected report -- Rename Report – Opens a textbox over the selected report to rename -- Delete Report – Deletes the selected report -- Copy Report – Copies the report configuration to clipboard. The copied report will have only the - roles inherited from the parent job when pasted. -- Run Job – Executes the selected job -- Add Instant Job – Opens the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -# Results Pane - -The Results pane displays all views for the selected console section. - -![Results Pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/resultspane.webp) - -The Results pane displays all views for the selected console section. This includes solution, job -group, and job descriptions, configuration views, native and materialized data tables and views, and -reports. - -# Top Navigation - -The Top Navigation bars provide users quick access to various options and functions in Enterprise -Auditor. The two parts of the Top Navigation section are: - -- [Menu Bar on the Console](#menu-bar-on-the-console) -- [Button Bar on the Console](#button-bar-on-the-console) - -## Menu Bar on the Console - -Users can access various Enterprise Auditor functions and actions in the Menu Bar. - -![Menu Bar on Console](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/menubar.webp) - -The Menu Bar options are: - -- File - - - Create Job – Creates a new job (Ctrl+Alt+A) at the selected location within the Jobs tree - - Add Instant Job – Opens the Enterprise Auditor Instant Job Wizard to install an instant job - set at the selected location within the Jobs tree. See the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) - section for information on installing instant solutions from the Enterprise Auditor Library. - - **CAUTION:** Delete Job will also delete all data tables with the job’s base naming - convention from the SQL database. - - - Delete Job – Deletes the selected job from the Jobs tree - - Properties – Opens the Job Properties window for the selected job. See the - [Job Properties](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. - - Export Data – Exports the selected data table or view to an HTML, XML, or CSV file format - - Exit – Closes the Enterprise Auditor application - -- Edit - - - Cut – Cuts (Ctrl+X) the selected job group or job - - Copy – Copies (Ctrl+C) the selected job group or job - - Paste – Pastes (Ctrl+V) a copied job group or job to the selected job group folder (or into - the Jobs tree) - - **CAUTION:** Delete will also delete all data tables with the job’s base naming convention - from the SQL database. - - - Delete – Deletes the job group or job at the selected location within the Jobs tree - -- View - - Refresh Tree – Refreshes the Jobs tree - - Reset Current Data View – This is a legacy feature - - Show Change Deltas – This is a legacy feature - - Show Job Progress – Redirects the Enterprise Auditor Console to the Running Job Node to view - the running job’s progress. See the - [Running Instances Node](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/running-instances.md) - topic for additional information. -- Job - - - Add Instant Job – Opens the Enterprise Auditor Instant Job Wizard to install an instant job - set at the selected location within the Jobs tree. See the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) - section for information on installing instant solutions from the Enterprise Auditor Library. - - Create Job – Creates a new job (Ctrl + Alt + A) at the selected location within the Jobs tree - - **CAUTION:** Delete Job will also delete all data tables with the job’s base naming - convention from the SQL database. - - - Delete Job – Deletes the selected job from the Jobs tree - - **CAUTION:** Rename Job will also rename all data tables with the job’s base naming - convention within the SQL database. - - - Rename Job – Renames the selected job - - Properties – Opens the Job Properties window for the selected job. See the - [Job Properties](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. - - Execute: - - Run Job or Group – Starts job execution for the selected job group or job - - Stop Job or Group – Stops job execution for the selected job group or job - - Schedule – Opens the selected job’s Schedule window. See the - [Schedule Jobs](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md#schedule-jobs) - topic for additional information. - - Queries: - - - Add from Library – Opens the Library to add a query to the selected job’s Query Selection - view. See the Query Selection topic for additional information. - - Create Query – Opens the Query Selection window to create a new query at the selected - job’s Query Selection view - - Cut Query – Deletes the selected query from the selected job’s Query Selection view - - Properties – Opens the Query Selection window for the selected query - - Add Table – Opens the Query Selection window to add a table to the selected query - - Delete Table – Opens the Delete Table window which identifies associated tasks to be - deleted and asks for confirmation of the deletion action. See the Query Selection topic - for additional information. - - Rename Table – Opens the Rename Table window to enter a new table name for the selected - query. See the Query Selection topic for additional information. - - See the Data Collectors topic for additional information. See the - [Data Collectors](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/overview.md) - topic for additional information. - - - Reports - - Create Report – Creates a new report at the selected Reports node - - Generate Report – Generates the selected report and opens the report in a browser window - - Rename Report – Rename the selected report for the database and how it is seen in the Jobs - tree - - Delete Report – Delete the selected report - -- Schedules - - Schedule – Opens the selected object’s Schedule window to create a new scheduled action. The - Enterprise Auditor Console is redirected to the Schedules node. See the - [Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) - topic for additional information. - - Delete – Delete the selected scheduled task from the Scheduled Actions view of the Schedules - node - - Properties – Opens the selected scheduled task’s Schedule window. See the - [Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) - topic for additional information. -- Tools - - Libraries – Opens the Add Query from Library window to add a query to the selected job’s Query - Selection view. See the - [Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) - topic for additional information. - - Options – Redirects the Enterprise Auditor Console to the Settings node -- Help - - Content – Opens Enterprise Auditor help documentation - - User Details – Opens an information window display Current Logged In User and Role Assigned To - Current User (when applicable) - - Reference – This is a legacy feature - - Enable Support Mode – Enables Support Mode for Netwrix Support Engineers - - About – Opens the About window with the Enterprise Auditor Console’s version and license - information, including License Expiration date, Host Limit, and Licensed Features - -## Button Bar on the Console - -The Button bar provides quick links to various actions and functions in Enterprise Auditor. - -![Button Bar](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/buttonbar.webp) - -The options in the Button Bar are: - -| Icon | Icon Description | Name | -| ---------------------------------------------------------------------------------------------------------------- | --------------------------- | --------------------------------------------------- | -| ![selectinstantjob](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/selectinstantjob.webp) | Paper with plus sign | Select an Instant Job | -| ![newjob](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/newjob.webp) | Paper with pencil | Create a new job (Ctrl + Alt + A) | -| ![newgroup](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/newgroup.webp) | Folder with plus sign | Create a new group | -| ![newquery](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/newquery.webp) | Puzzle piece with plus sign | Create a new query and add it to the selected table | -| ![addreport](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/addreport.webp) | Graph with plus sign | Add a report | -| ![addquery](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/addquery.webp) | Book with plus sign | Add a query from a library | -| ![cut](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/cut.webp) | Scissors | Cut the selected query to the clipboard (Ctrl + X) | -| ![copy](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/copy.webp) | Duplicate papers | Copy the selected query to the clipboard (Ctrl + C) | -| ![paste](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/paste.webp) | Clipboard with paper | Paste the query from the clipboard (Ctrl + V) | -| ![delete](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/delete.webp) | Red X | Delete the selected query | - -Select a button for the desired action. diff --git a/docs/accessanalyzer/11.6/administration/reporting/create-reports.md b/docs/accessanalyzer/11.6/administration/reporting/create-reports.md deleted file mode 100644 index 4c53de6a36..0000000000 --- a/docs/accessanalyzer/11.6/administration/reporting/create-reports.md +++ /dev/null @@ -1,74 +0,0 @@ -# Creating a Report - -Creating and customizing reports allows you to design outputs uniquely crafted to your requirements. -Reports can vary by section order, sourced data, file format, and other elements within the reports -configuration. - -You can add additional reports by the following methods: - -- [Create a Custom Report](#create-a-custom-report) -- [Copy an Existing Report](#copy-an-existing-report) - -**NOTE:** It is important to consider whether a report should be added to an existing job, or a new -job created to generate the report. Contact [Netwrix Support](https://www.netwrix.com/support.html) -for additional information on report outputs. - -## Create a Custom Report - -You can create a new custom report for an existing job from the job’s Reports node. Follow the steps -to create a new report. - -**Step 1 –** Navigate to **Jobs** > **[Job]** > **Configure** and select the **Reports** node. - -![Create report option](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/create.webp) - -**Step 2 –** On the Reports page, click Create. - -**Step 3 –** The Report Configuration wizard is automatically launched. Use the wizard to configure -the new report as required, see the -[Report Configuration Wizard](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/overview.md) -topic for instructions. Click **Finish** on the final page of the wizard to create the report. - -The new report is added to the Reports table. - -![Generate report](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/generate.webp) - -**Step 4 –** Click the vertical ellipsis menu next to the report and select Generate. - -The report is now created. To access the new report, see the -[Viewing Generated Reports](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md) -topic. - -## Copy an Existing Report - -You can create a new report by copying an existing report and pasting it in a job’s Reports node. -You can then optionally customize the report as required. Follow the steps to create a copy of an -existing report. - -![Copy Report](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/copy.webp) - -**Step 1 –** Navigate to the Reports node where the desired report to copy is located. Click the -vertical ellipsis menu next to the report and select Copy. - -![Paste Report](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/paste.webp) - -**Step 2 –** Navigate to the Reports node in the desired destination for the new report. Click the -vertical ellipsis menu in the header row of the Reports table and select Paste. - -The copy of the report is added to the Reports table. Reports that are copied maintain the same -configuration settings as the original report. - -**NOTE:** If the report copied to the job’s Reports node has the same name as an existing report, -the copied report adds a numerical value to the name sequentially. For example if the existing -report is named Exceptions Summary, then the new report is named `Exceptions Summary1`. - -**Step 3 –** (Optional) Click the **Configure** button next to the report. Use the Report -Configuration wizard to modify the reports settings. See the -[Report Configuration Wizard](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/overview.md) -topic for instructions. - -**Step 4 –** Click the vertical ellipsis menu next to the report and select Generate. - -The report is now created. To access the new report, see the -[Viewing Generated Reports](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md) -topic. diff --git a/docs/accessanalyzer/11.6/administration/reporting/edit-reports.md b/docs/accessanalyzer/11.6/administration/reporting/edit-reports.md deleted file mode 100644 index 008be24d35..0000000000 --- a/docs/accessanalyzer/11.6/administration/reporting/edit-reports.md +++ /dev/null @@ -1,29 +0,0 @@ -# Editing Existing Reports - -It is not recommended to edit existing reports unless there are changes to a job’s settings at the -global level, job group level, or job level. Changes to when data is collected, the types of data -collected, and the properties of collected data are not reflected in a report’s configuration. As a -result, generated reports could appear with blank fields or misleading information about the purpose -of the collected data, unless the report is modified to reflect the changes to the job's settings. -To modify a report, use the Report Configuration Wizard. - -Follow the steps to modify an existing report. - -**Step 1 –** Navigate to the Reports node that contains the report. - -![Configure Report](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/configure.webp) - -**Step 2 –** Click the **Configure** button next to the report you want to modify. - -**Step 3 –** Use the Report Configuration wizard to make any required changes. See the -[Report Configuration Wizard](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/overview.md) -topic for instructions. - -- You must go through all pages of the wizard, and click **Finish** on the final page to save your - changes. Skip any sections or pages that do not require changes to the existing configuration. You - can click **Cancel** on any page to exit the wizard without saving your changes. - -Your configuration updates have been saved. To view the updated report you need to first generate -the report or run it's associated job. See the -[Viewing Generated Reports](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/administration/reporting/interactive-grids.md b/docs/accessanalyzer/11.6/administration/reporting/interactive-grids.md deleted file mode 100644 index 5ee0810fa4..0000000000 --- a/docs/accessanalyzer/11.6/administration/reporting/interactive-grids.md +++ /dev/null @@ -1,141 +0,0 @@ -# Copying Cells - -Copying an individual cell within a generated report enables easier searching for information using -the AIC or other tools. The copy feature can only be used on interactive grids. Each cell listed -under a column can be selected and copied to the clipboard. - -![Copy Cell Data](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/copycell.webp) - -To copy a cell, select the cell, then right-click on it and select **Copy Cell Data**. - -**NOTE:** You may need to allow programmatic clipboard access for your browser the first time you -attempt to copy a cell. - -# Grouping Data - -If grouping is enabled, the **Group by** field provides a drop-down list of categories by which the -data can be grouped. - -**NOTE:** Grouping and filtering cannot be enabled at the same time. If grouping is enabled, the -Filter icon is disabled in the report. - -The following example shows an interactive grid in which grouping has been enabled. See the -[Grid](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/widgets.md#grid) -topic for additional information. - -![Group by option](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/groupby.webp) - -The drop-down list to the right of the Group by field can be accessed by clicking the down arrow. -Click an item from the drop-down list to group the report by that category. - -# Interactive Grids - -Interactive grids in the table section of a report provide the ability to interact with the data and -filter it as required. Interactive grids allow you to perform the following actions: - -- Group data -- Search and filter data -- Paging -- Download data to a CSV file - -![Interactive Grid actions bar](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/interactivegridoptions.webp) - -The toolbar in an interactive grid can display the following options: - -- Filter icon – Click this icon to activate searching and filter the data -- Group by – Provides a drop-down list of available categories to select for grouping. When grouping - is enabled, searching is disabled. -- Up arrow and down arrow – Click to expand or collapse the groups -- Download Data – Click to download all data to a CSV file. This option is displayed when the - **Export table data as CSV** checkbox has been selected for the report, see the - [Grid](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/widgets.md#grid) - topic for additional information. - -When enumeration is set on an interactive grid, a second download button is displayed. A CSV file -can be downloaded that contains only data for the selected enumeration. - -![Group by loading data](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/groupbyloadingdata.webp) - -When grouping data, interactive grids display the percentage of data that has loaded on the page. - -# Paging - -Paging allows users to interact with large sets of data more efficiently when viewing, filtering, -and sorting generated report tables by limiting the amount of data being displayed at a given time. -Reports provide the ability to navigate to specific pages using arrows at the bottom of the report. -Paging is enabled by default. See the -[Grid](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/widgets.md#grid) -topic for additional information. - -**NOTE:** Paging and grouping cannot be enabled at the same time. When Paging is enabled, the -Grouping options are disabled for the report. - -![Paging](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/paging.webp) - -When paging is enabled, arrows are displayed that allow you to navigate to the next page, last page, -previous page, or first page. If the data is filtered, it is indicated at the end of the line. Each -page contains 10 records. - -# Searching and Filtering Data - -When dealing with large sets of data, it may be useful to search for a desired attribute. This can -be done using the Filter icon. - -**NOTE:** Searching and grouping cannot be enabled at the same time. If grouping is enabled, the -Search icon is disabled in the report. - -The following example shows an interactive grid in which searching has been enabled. See the -[Grid](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/wizard/widgets.md#grid) -topic for additional information. - -![Search](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/search.webp) - -Enter search criteria in the boxes under the columns to filter the data. Click the search icon again -to clear the filters. - -Click on a column to sort by that column. Clicking on a cell in a column automatically expands the -column size to fit the largest length of text contained in the column. - -## Searching Enumerated Tables - -Enabling the enumerated column option, and choosing a column from the data set adds a list of column -types to display as enumerated tables. - -![Enumerated Table](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/enumerated.webp) - -To change the enumeration in the report, select an option from the enumerated column list. When -enumeration is set on an interactive grid, a second download button is displayed with the name of -the currently selected enumerated column. You can use this to download a CSV file that only contains -the data for the selected enumeration. - -## Filtering on Dates & Times - -Data can also be filtered on dates and times. Expanding the column’s width activates hyperlinks to -filter on specific time periods. - -![Date column filter](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/datefilter.webp) - -Enter a Start and End date and select the desired time period. - -## Filtering on Numeric Columns - -Comparison operators can also be used for filtering. Comparison operators which can be used for -filtering include the following: - -| Description | Operator | -| ------------------------ | -------- | -| Equal to | = | -| Greater than | `>` | -| Less than | `<` | -| Less than or equal to | `<=` | -| Greater than or equal to | `>=` | -| A range of values | n1..n2 | - -## Adding & Removing Columns - -Columns can be added or removed from the table. - -![Add and remove columns](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/addremovecolumns.webp) - -Right-click on a column to display a list of the available columns. Select the checkboxes of the -columns you want to be displayed. Click the up or down arrows to scroll through the list of columns. diff --git a/docs/accessanalyzer/11.6/administration/reporting/tags.md b/docs/accessanalyzer/11.6/administration/reporting/tags.md deleted file mode 100644 index 7a97bf58f5..0000000000 --- a/docs/accessanalyzer/11.6/administration/reporting/tags.md +++ /dev/null @@ -1,98 +0,0 @@ -# Tags - -Tags can be added to reports to describe the content of the report and use cases for the report. For -example, tags can be included in a report to show the compliance frameworks to which the report -maps. To view tags or click on tag links, reports must be viewed in the Web Console. Tags are not -supported in reports in the Jobs tree. - -![Web Console Home Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolehome.webp) - -If Reports from solutions that have been run have tags added to them, those tags can be found under -the Tags tab in the Navigation section on the right-hand side of the Published Reports homepage. - -| ![Tags tab on Web Console homepage](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/tagstab.webp) | ![Priviliged Accounts tag page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/privilegedaccountstag.webp) | -| --------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------- | -| Privileged Accounts Tag on Published Reports homepage | Privileged Accounts Tag page | - -Click on a tag to view all reports that contain the selected tag. - -![Job Group view in the Web Console](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/jobgroupview.webp) - -Clicking on a job group in the Published Reports menu displays the reports contained in that job -group. Jobs within that job group that have tags are identified with a tag icon along with the tag -name. - -![Report header](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reportheader.webp) - -When viewing a report in either the Web Console or the Enterprise Auditor console, tags are -displayed below the report title. Click on a tag to view all reports that contain that tag. If the -tag is selected from the Reports view in the Enterprise Auditor Console, the Published Reports Web -Console opens and direct users to the tag page. - -## Default Tags in Reports - -The following sections list out of the box reports that contain each tag. The tags are: - -### Open Access - -The Open Access tag is included in the following reports: - -- Active Directory Permissions Analyzer > 5.Open Access > AD_OpenAccess > Open Access by Domain -- Exchange > 4. Mailboxes > Permissions > EX_MailboxAccess > Incorrect Default and Anon Permissions -- SharePoint > 2.High Risk Sites >ALL REPORTS -- FileSystem > 1.Open Access > FS_OpenAccess > ALL REPORTS -- SQL > 5.Permissions > SQL_PublicPermissions > Public Permissions -- Oracle > 5.Permissions > Oracle_PublicPermissions > Public Permissions - -### Sensitive Data - -The Sensitive Data tag is included in the following reports: - -- Dropbox > 5.Sensitive Data > Dropbox SensitiveData > ALL REPORTS -- Exchange > 7. Sensitive Data > EX_SDDResults > ALL REPORTS -- FileSystem > 7.Sensitive Data > FS_DLPResults > ALL REPORTS -- Oracle > 7.Sensitive Data > Oracle_SensitiveData > ALL REPORTS -- SharePoint > 7.Sensitive Data Discovery > SP_SensitiveData > ALL REPORTS -- SQL > 7.Sensitive Data > SQL_SensitiveData > ALL REPORTS - -### Stale Data - -The Stale Data tag is included in the following reports: - -- Dropbox > 4.Content >Dropbox_Content > Stale Data -- Exchange > 4. Mailboxes > Sizing >EX_StaleMailboxes > Stale Users -- FileSystem > 4.Content > Stale > FS_StaleContent > Shares with Stale Content -- SharePoint > 4.Content > SP_StaleFiles > Stale Files -- Box > 2.Content > Box_FileMetrics > Files by User -- Box > 2.Content > Box_FileMetrics > Files by Extension - -### Stale Principals - -The Stale Principals tag is included in the following reports: - -- Active Directory > 2.Users > AD_StaleUsers > Stale Users -- Active Directory > 1.Groups > AD_StaleGroups > Stale Effective Membership -- Entra ID > 1.Groups > AAD_StaleGroups -- Entra ID > 2.Users > AAD_StaleUsers -- Oracle > 3.Users and Roles >Oracle_Users -- SQL > 3.Users and Roles > SQL_DatabasePrincipals - -### Security Assessment - -The Security Assessment tag is included in the following reports: - -- Active Directory > AD_SecurityAssessment > AD Security Assessment -- FileSystem > FS_SecurityAssessment > Security Assessment -- Windows > SG_SecurityAssessment > Systems Security Assessment -- SQL > SQL_SecurityAssessment > SQL Security Assessment -- Oracle > Oracle_SecurityAssessment > Oracle Security Assessment - -### Privileged Access - -The Privileged Access tag is included in the following reports: - -- Active Directory > 2.Users > AD_ServiceAccounts > Service Accounts -- Windows > Privileged Accounts > Local Administrators > SG_LocalAdmins > Local Administrators -- Unix > 2.Privileged Access > Sudoers > UX_Sudoers > Sudo Rights by Host -- Active Directory > 1.Groups > AD_SensitiveSecurityGroups > Sensitive Security Group Membership -- Shadow Access (when added) diff --git a/docs/accessanalyzer/11.6/administration/settings/application.md b/docs/accessanalyzer/11.6/administration/settings/application.md deleted file mode 100644 index 3fc9f7ca67..0000000000 --- a/docs/accessanalyzer/11.6/administration/settings/application.md +++ /dev/null @@ -1,233 +0,0 @@ -# Application - -The **Application** node is for configuring general settings which affect the way the Enterprise -Auditor Console functions. - -![Application](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/application.webp) - -Application Log - -The Enterprise Auditor Application Log section determines what information is stored in the -Enterprise Auditor application log. - -![Application Log](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/applicationlog.webp) - -The Application log level controls the types of messages generated for each job and the application. -It can be modified at the job level in the **Job Properties** window. See the -[General Tab](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. Options available in the Application log level drop-down menu -include: - -- Debug – Records everything that happens during job execution, most verbose level of logging - - - Records all Info level information - - Records everything else that happens - - Creates the largest file - -- Info – Records information about what stage of the job is being performed when errors or warnings - occurred - - - Records all Warning level information - - Records job progress information - -- Warning – Records all warnings which occur during job execution - - - Records all Error level information - - Records all warnings and the time of occurrence - -- Error – Records all errors which occur during job execution - - - Records job start time - - Records errors and the time of occurrence - - Records job completion time - -**_RECOMMENDED:_** Set the log level to **Warning**. - -The other log levels are designed to assist with troubleshooting job execution issues. The Debug -level is only recommended when experiencing problems. After the problem is fixed or the Application -log has been sent to [Netwrix Support](https://www.netwrix.com/support.html), reduce the logging -level to **Warning** or **Info**. - -Profile Security - -The Profile Security section provides the option to enable an enhanced method of encryption to -various credentials stored by the Enterprise Auditor application. - -![Profile Security](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/profilesecurity.webp). - -There are two options available in the Profiles stored with drop-down menu: - -- Application – Default setting, does not employ the enhanced encryption -- Vault – Enables the enhanced encryption of stored credentials. See the - [Vault](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for requirements and additional information. - -Usage Statistics - -The Usage Statistics section allows you to select whether to send usage statistics data to Netwrix -to help us improve our product. - -![Usage Statistics](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/usagestatistics.webp) - -- If selected, usage statistics are collected and sent to Netwrix - - - Upon startup of the Enterprise Auditor console, the system checks if usage statistics have - been sent in the last 7 days. If they have not been, stored procedures run against the - Enterprise Auditor database and gather data about job runs, access times, and environmental - details like resource counts, users counts, number of exceptions, and so on. This data is then - sent back to Netwrix to help us identify usage trends and common pain points, so that we can - use this information to improve the product. - - Only anonymous statistic-level data is included. No private company or personal data is - collected or sent to Netwrix. - -- If cleared, no usage statistics are collected or sent to Netwrix - -Host Target Options - -The Host Target Options section provides radio buttons to select the source that Enterprise Auditor -should use to connect to hosts. - -![Host Target Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/hosttargetoptions.webp) - -Select from the following two options: - -- Use host name -- Prefer DNS name if available - -Grid View Parameters - -The Grid View Parameters section controls how the data grids display within the Enterprise Auditor -Console. - -![Grid View Parameters](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/gridviewparameters.webp) - -- Automatically rename duplicate columns within a table – Checks for and renames columns with - duplicate names -- Automatically correct invalid column names – Checks for and corrects column names which contain - characters SQL cannot handle - - **_RECOMMENDED:_** Leave both options selected. - -- Save filters and grouping on data grids – Maintains filters configured for a data grid for the - next viewing. If not selected, filtered data grids reset between viewings. -- Maximum row count for interactive grid view – Indicates the number of rows displayed in tables - accessible in under a job’s Status and Results nodes - - - Maximum row count is set to 1000 by default and has a cap of 99,999 rows. This number does not - impact the number of rows within the SQL database. To view the full row count for a table - exceeding this size, use the SQL Server Management Studio or another SQL Server interface tool - which displays the full table. - -Filtered data grids are not lost if persistent filters are not saved. The Filtration Dialog -available for every data grid maintains a list of recent filters. See the -[Data Grid Functionality](/docs/accessanalyzer/11.6/administration/navigation.md) -topic for additional information. - -Cleanup - -The Cleanup section is designed to conserve space in the SQL Database Transaction Log. It only works -when the database is configured to use Simple Recovery Model. - -![Cleanup Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/cleanup.webp) - -- Compact Database Transaction Log – If selected, every time the Enterprise Auditor application is - closed, the Database Transaction Log is compacted - - **_RECOMMENDED:_** In most environments, it is recommended to leave this option selected. If a - scheduled task ends while multiple tasks are still running, the process of compacting the - database freezes it and causes the running tasks to fail. - -- Run Post Processing SQL Script to Set Host Status – If selected, this option ascribes the values - of SUCCESS, WARNING, or ERROR to indicate what happened on that host during job execution - - **_RECOMMENDED:_** It is recommended that this option be left selected. - -Application Exit Options - -The Application Exit Options section controls whether or not a confirmation is displayed when the -Enterprise Auditor application is closed. - -![Application Exit Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/applicationexitoptions.webp) - -If selected, the **Show Confirmation Dialog** option causes a Confirm Exit window to open when the -Enterprise Auditor user attempts to exit the application. If deselected, the Enterprise Auditor -application closes without confirmation. - -![Confirm Exit](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/confirmexitwindow.webp) - -The Confirm Exit window requires the **Yes** button to be clicked before the Enterprise Auditor -application closes. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Application view. These -buttons become enabled when modifications are made to the Application global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -# Vault - -The Enterprise Auditor vault provides additional security through enhanced encryption to various -credentials stored by the Enterprise Auditor application, such as Connection Profile credentials or -Schedule Service Account credentials. In order to enable the vault, the following prerequisites must -be met in the order listed: - -- Enterprise Auditor Vault Service must be running - - - This service was installed during the Enterprise Auditor installation and is configured for - Manual Startup Type - - It needs to be configured to Log On (Service > Properties) with a service account which has - Log on as Service rights, as well as Read and Execute rights to the VaultService.exe file - located within the Enterprise Auditor installation directory - -- Role Base Access must be enabled within Enterprise Auditor - - - The vault was designed to provide enhanced security when employing the Role Based Access, or - least privilege, option of Enterprise Auditor - - At least one Administrator role must be assigned to enable the vault: - - - If full Role Based Access is not desired but enabling the vault is, all of the Enterprise - Auditor users should be given the Administrator role - - No additional Role Based Access prerequisites are required for this option - - - See the - [Access](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/access/overview.md) - topic for additional information on Role Based Access - - **NOTE:** Once the vault has been enabled, it is not possible to disable Role Based Access - without first disabling the vault. Please contact - [Netwrix Support](https://www.netwrix.com/support.html) for assistance in disabling Role Based - Access. - -- The Profile Security section of the Application node must be set to **Vault** - - ![Vault Security](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/vaultrbaerror.webp) - - If the previous prerequisites have not been met, then one of the following errors will occur - when attempting to save the Vault Profile Security setting: - - - Role Based Access Error – Role Based Access must be configured in order to use the Enterprise - Auditor Vault. Please configure Role Based Access and try again - - Enterprise Auditor Vault Service Error – Enterprise Auditor is not running - -- The Netwrix Enterprise Auditor Web Server service must be run with an account that has the - Administrator role assigned - - - If the Administrator role is not assigned, the vault service does not allow the web server to - access the SQL profile and throws an access denied error in the web server log file - -The credentials which are encrypted once the vault has been enabled are: - -- Storage Profile credentials -- Connection Profile credentials -- Schedule Service Account credentials -- Role Definitions -- Role Assignments - -Once encrypted, the files with these stored credentials are moved into a new directory location. - -This location is protected by the service account used to run the Enterprise Auditor Vault Service. - -## Disabling the Vault - -To disable the vault, navigate to the **Settings** > **Application** node and change the Profile -Security section setting to **Application**. It is a best practice to also stop the Enterprise -Auditor Vault Service. diff --git a/docs/accessanalyzer/11.6/administration/settings/connections.md b/docs/accessanalyzer/11.6/administration/settings/connections.md deleted file mode 100644 index d78c47928d..0000000000 --- a/docs/accessanalyzer/11.6/administration/settings/connections.md +++ /dev/null @@ -1,720 +0,0 @@ -# CyberArk Integration - -In order for Enterprise Auditor to be able to retrieve service account passwords from the CyberArk -Password Vault, the following prerequisites must be completed: - -- The Secrets Manager must be installed on the Enterprise Auditor Console server. The organization’s - Vault administrator can provide the Secrets Manager installation package and most likely needs to - be present during the installation to provide credentials in order for the Secrets Manager - installation to complete. See the CyberArk - [Credential Provider (CP)](https://docs.cyberark.com/credential-providers/Latest/en/Content/CP%20and%20ASCP/Installing-CP.htm) article - for additional information. -- An application must be added to CyberArk for the integration with Enterprise Auditor. The - Application Id of this application must then be added to the `GlobalOptions.xml` file for - Enterprise Auditor. See the - [Customize CyberArk Application Id](#customize-cyberark-application-id) topic for additional - information. The application can be locked down by providing an OS User, a Path, or a Hash. See - the CyberArk - [Add applications](https://docs.cyberark.com/credential-providers/14.0/en/Content/Common/Adding-Applications.htm) article - for additional information. - - - The OS User needs to be the account running Enterprise Auditor. This could be the account used - to launch the Enterprise Auditor application or an account used as the Schedule Service - Account within Enterprise Auditor. More than one OS User can be added. - - The Path should be a local path to the `StealthAUDIT.exe` file. The path should end with the - file name: `…\StealthAUDIT.exe`. - - The Hash should be generated using the **AimGetAppInfo** tool in the - `…\CyberArk\ApplicationPasswordProvider\Utils` folder on the server where Secrets Manager is - installed. AimGetAppInfo should be run in an Administrator Command Prompt. Run the following - command: - - ``` - ..\CyberArk\ApplicationPasswordProvider\Utils\NETAimGetAppInfo.exe GetHash /AppExecutablesPattern \PrivateAssemblies\Stealthbits.StealthAUDIT.Console.dll - ``` - - **_RECOMMENDED:_** Pipe the output hash value to a file to easily copy and paste it to the - CyberArk application. - - See the CyberArk - [Generate an application hash value](https://docs.cyberark.com/credential-providers/Latest/en/Content/CP%20and%20ASCP/Generating-Application-Hash-Value.htm) article - for additional information. - - ![Application Details page for the CyberArk Application](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/applicationidhash.webp) - - Add the generated hash value in the Authentication tab of the Application Details page for - the CyberArk Application. - - ![Allowed Machines list for the CyberArk application](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/allowedmachines.webp) - - - The machine name for the Enterprise Auditor console needs to be added on the Allowed Machines - list for the CyberArk application - -- Once the Secrets Manager installation has completed and the Enterprise Auditor application has - been created, the necessary CyberArk accounts must be given access to the Safes in which the - Enterprise Auditor service accounts are stored. This includes the account which was created - automatically during the Secrets Manager installation, as well as the account created - automatically as a result of the application creation. - - ![Owners window for the Safe containing the credentials](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/vaultownerswindow.webp) - - - The account created during the AIM installation is under the naming convention - `Prov_[COMPUTERNAME]`, where `COMPUTERNAME` is the name of the computer on which AIM is - installed. This account should be given **Retrieve accounts**, **List accounts**, and **View - Safe Members** rights on the desired Safes. - - The account created during the application creation has the same name as the application - itself and should be given **Retrieve accounts** rights on the desired Safes - -## Customize CyberArk Application Id - -The Application id value of the application created within CyberArk for the integration with -Enterprise Auditor must be configured within Enterprise Auditor. This is done in the -`GlobalOptions.xml` file within the Enterprise Auditor installation directory. The default location -is `…\STEALTHbits\StealthAUDIT\`. - -Follow the steps to customize the CyberArk Application Id within Enterprise Auditor. - -**Step 1 –** Navigate to the `GlobalOptions.xml` file. Open it with a text editor, for example -Notepad. - -**CAUTION:** Ensure Enterprise Auditor is closed when modifying this file. - -![GlobalOptions.xml file in Notepad](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/globaloptions.webp) - -**Step 2 –** Find the `` section of the `GlobalOptions.xml` file. Add the -Application Id of the configured CyberArk application for the integration in the `` tag. If -required, customize the Command Timeout and Connection Port properties. - -``` - -    CyberArkApplicationID -    30 -    18923 - -``` - -- AppId – The name of the CyberArk application -- CommandTimeout – Set to the suggested default of 30 -- ConnectionPort – This is a configurable option found during the installation of the CyberArk - Credential Provider. After installation, it can be found in the configuration file located in the - installation folder. - - See the CyberArk - [TCP parameters](https://docs.cyberark.com/credential-providers/13.0/en/Content/CP%20and%20ASCP/Credential-Provider-Configuration-Files.htm#tcp-parameters) article - for additional information. - -**Step 3 –** Save and close the file. - -Enterprise Auditor now uses the CyberArk Application Id identified in the XML string. - -## User Credentials Window - -In Enterprise Auditor, the CyberArk option for Password Storage is available on the User Credentials -window when configuring an **Active Directory Account** or **Local Windows Account**. - -The credential information supplied in the User Credentials window must be an exact match to what is -in CyberArk as the privileged account for which it is linked. It is case-sensitive. - -If the Connection Profile with a Local Windows Account credential using CyberArk password storage is -used to target multiple hosts, then the local credential on each host needs to have the exact same -username and password combination. - -![Connection view with CyberArk credentials](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/usercredentials.webp) - -The Connection view displays `CyberArk` in the Source column of the User Credentials list for the -selected Connection Profile. - -### Active Directory Account - -Match the User Credentials window settings in Enterprise Auditor with the privilege account -properties in CyberArk. These values are case-sensitive, and must be an exact match. - -![User Credentials window for Active Directory Account](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/usercredentialsad.webp) - -The table below shows the values from your CyberArk configuration that the User Credentials window -should be populated with: - -| Enterprise Auditor | CyberArk Property | CyberArk Description | Example Value | -| ------------------ | ----------------- | -------------------------------------- | ----------------- | -| Domain | Address | Domain address | ExampleDomain.com | -| User name | Username | Privilege account | ExampleUser | -| Safe | Safe | Vault managing the privileged accounts | Test | -| Folder | Folder | Folder within Safe | Root | - -### Local Windows Account - -Match the User Credentials window settings in Enterprise Auditor with the privilege account -properties in CyberArk. These values are case-sensitive, and must be an exact match. The Enterprise -Auditor Domain value is `` and the CyberArk Address property value is the server address. - -![User Credentials window for Local Windows Account](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/usercredentialslocal.webp) - -The table below shows the values from your CyberArk configuration that the User Credentials window -should be populated with: - -| Enterprise Auditor | CyberArk Property | CyberArk Description | Example Value | -| ------------------ | ----------------- | -------------------------------------- | ------------- | -| User name | Username | Privilege account | ExampleUser2 | -| Safe | Safe | Vault managing the privileged accounts | Test | -| Folder | Folder | Folder within Safe | Root | - -**_RECOMMENDED:_** Only use one Local Windows Account credential with CyberArk password storage in a -Connection Profile. As part of the Enterprise Auditor to CyberArk integration, the Enterprise -Auditor job is stopped immediately if the query from Enterprise Auditor to CyberArk for the -credential fails. Therefore, a second credential within the Connection Profile would not be queried. - -# Group Managed Service Accounts (gMSA) Configuration - -Enterprise Auditor can use a previously-configured Group Managed Service Accounts (gMSA/MSA) -account. Make sure that Managed Service Account is selected in the User Credentials window. See the -[Create a Connection Profile](/docs/accessanalyzer/11.6/administration/settings/connections.md) -or -[Create a Schedule Service Account](/docs/accessanalyzer/11.6/administration/settings/schedule.md#create-a-schedule-service-account) -topic for additional information. - -To run a job or scheduled task with a gMSA/MSA account, the following prerequisites must be met: - -- The account that Enterprise Auditor is run with must have permissions to retrieve the gMSA account - password -- The gMSA account must be a Local Admin in the target hosts -- The gMSA account does not have to be a local admin in the Enterprise Auditor Console -- The Data Collector used must support unicode characters in the Connection Profile's credential - password to retrieve the gMSA account password - -**NOTE:** For FSAA, remote scans using gMSA credentials need to use the Windows Service launch -mechanism in the query configuration. - -See the Microsoft -[Group Managed Service Accounts](https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview) -article for additional information. - -# Connection - -The Connection node contains objects referred to as Connection Profiles. A Connection Profile houses -the information Enterprise Auditor uses to connect to the target hosts during job execution. - -![Connection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/connectionpage.webp) - -There are two methods for authentication to a targeted host: - -- Use Local Login Credentials -- Use a Connection Profile - -## Use Local Login Credentials - -This method is traditionally assigned through the **Only use the Windows account that the -application is run with System default** option. It is generally referred to as the System Default -or trusted method. When used, Enterprise Auditor authenticates to the target hosts during host -inventory or job execution with the Windows account used to launch Enterprise Auditor. This can be: - -- Account which was used to log on to the Enterprise Auditor Console server and start the - application -- Account which was used to launch the Enterprise Auditor application through the run-as security - context -- Account which was used to provision a Windows scheduled task when running a job group or job via a - scheduled task - -## Use a Connection Profile - -This method allows you to define a Connection Profile which houses one or several sets of -credentials to be used for authentication on the target hosts during host inventory or job -execution. The credentials specified in a Connection Profile could be any of the following: - -- Local machine account -- Active Directory account -- Unix account -- SQL account -- Microsoft Entra ID (formerly, Azure Active Directory) key -- Dropbox access token -- Web service JWT -- Oracle account - -For the majority of auditing scenarios, domain-based accounts are preferred if not required by the -nature of the auditing task. The credentials must have the permissions required by the data -collector being used. - -### Password Storage Options - -The password for the credential provided can be stored in Enterprise Auditor application or -Enterprise Auditor Vault. Certain types of credentials can be stored in CyberArk®. - -Choosing to store passwords in either the Enterprise Auditor application or the Enterprise Auditor -Vault is a global setting configured in the **Settings** > **Application** node. See the -[Application](/docs/accessanalyzer/11.6/administration/settings/application.md) topic -for additional information. - -The Enterprise Auditor vault provides enhanced security through enhanced encryption to various -credentials stored by the Enterprise Auditor application. See the -[Vault](/docs/accessanalyzer/11.6/administration/settings/application.md) -topic for additional information. - -CyberArk integration stores supported credentials in the CyberArk Enterprise Password Vault. -CyberArk Privileged Account Security Solution offers components designed to discover, secure, -rotate, and control access to privileged account passwords used to access systems through the -enterprise IT environment. See the -[CyberArk Integration](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -![Cancel and Save options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/cancelsavebuttons.webp) - -The **Cancel** and **Save** buttons are in the lower-right corner of the Connection view. These -buttons become enabled when modifications are made to the Connection global setting. - -![Information update message box](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/settingssavedmessage.webp) - -Whenever changes are made at the global level, click **Save** and then **OK** to confirm the -changes. Otherwise, click **Cancel** if no changes were intended. - -# Active Directory Account for User Credentials - -If the account type selected on the User Credentials window is **Active Directory Account**, the -following information is required for the credential: - -![User Credentials Window - Active Directory](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/activedirectoryaccount.webp) - -- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain - name in the textbox or select a domain from the menu. -- User name – Type the user name -- Password Storage – Choose the option for credential password storage: - - - Application – Uses the configured Profile Security setting as selected at the **Settings** > - **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information. - - CyberArk – Uses the CyberArk Enterprise Password Vault. See the - [CyberArk Integration](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information. The password fields do not apply for CyberArk password - storage. - - Managed Service Account – Use previously configured MSA and gMSAs for authentication. The - password fields are not applicable when this option is selected. See the - [Group Managed Service Accounts (gMSA) Configuration](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information. - -- Password – Type the password -- Confirm – Re-type the password - -# Amazon Web Services for User Credentials - -The information in this section applies to **Select Account Type > Amazon Web Services** account -type in the User Credentials window. - -![User Credentials Window - AWS](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/connectionaws.webp) - -The required credentials for Amazon Web Services are: - -- Access Key ID — Used to sign programmatic requests made to AWS. If access keys are not available, - create them with the IAM console. -- Password Storage: Application – Uses the configured Profile Security setting as selected at the - **Settings >** **Application** node -- Secret Key — Used to sign programmatic requests made to AWS. If secret keys are not available, - create them with the IAM console. -- Scan Roles — Role used to scan other organization accounts - -## Create a Connection Profile for AWS - -A new connection profile will need to be created to be leveraged in the AWS Solution. - -**Step 1 –** Under Settings > Connection, click Add Connection profile. - -**Step 2 –** Click Add User credential and select the Amazon Web Services account type. - -**Step 3 –** Input the Access Key ID into the Username section, and the Secret Access Key into the -Access Token section. - -_Remember,_ these are obtained from AWS when the permissions are configured. See the -[Configure AWS for Scans](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -**Step 4 –** Click OK in the User Credentials modal, name the Connection Profile, and click Save. - -This connection profile can now be assigned to the AWS Solution. - -# Create a Connection Profile - -Follow the steps to create a Connection Profile. - -![Add Connection Profile](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/addconnectionprofile.webp) - -**Step 1 –** Click Add Connection profile at the top of the Connection view. - -![Connection - Add Connection Profile](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/connectionprofilename.webp) - -**Step 2 –** A new profile displays in the list with a generic name. Provide a unique, descriptive -name in the Connection profile name textbox. - -**NOTE:** A good profile name should be chosen so that it does not need to be changed at a later -time. If the profile name is changed after being applied to job groups or jobs, it requires the user -to go back through all of those job groups or jobs and re-apply the Connection Profile. - -![Add User Credential](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/addusercredential.webp) - -**Step 3 –** Now it is time to add credentials to this profile. Click Add User credential and the -User Credentials window opens. - -![User Credentials](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/activedirectoryaccount.webp) - -**Step 4 –** The window options change according to the value for the Selected Account Type field. -Select the appropriate account type and then provide the required information. The account types -are: - -- [Active Directory Account for User Credentials ](/docs/accessanalyzer/11.6/administration/settings/connections.md) -- [Local Windows Account for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -- [Unix Account for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -- [SQL Authentication for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -- [Task for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -- [Azure Active Directory for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -- [Dropbox for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -- [Web Services (JWT) for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -- [Oracle for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -- [Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) - -See the individual account type sections for information on the fields. Then click OK. - -![Error Message for Password](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/passworddifferserror.webp) - -**NOTE:** If the entered passwords are not the same, an error message will pop-up after clicking OK -on the User Credentials window. Click OK on the error message and re-type the passwords. - -![User Credentials](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/usercredentialslist.webp) - -**Step 5 –** Repeat Steps 3-4 until the User Credentials list for this profile is complete. - -When Enterprise Auditor authenticates to a target host, it looks at the value of the WindowsDomain -field in the Host Inventory for the target host. It then matches the first credential in the -Connection Profile which matches that domain. If authentication fails, it moves consecutively -through the User Credentials list. It will first match to all credentials listed for target host’s -domain, and then proceed through all other credentials until authentication is successful or there -are no more credentials to try. - -**_RECOMMENDED:_** Limit the User Credentials list to a minimal number per profile, especially when -considering that a successful authentication does not automatically mean that particular credential -has the appropriate level of permissions in order for the data collection to occur. - -![Arrange Priority](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/moveupdown.webp) - -There are Move Up and Move Down buttons for arranging priority within the User Credentials list. - -![Apply local login credentials](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/usewindowsaccountoption.webp) - -**Step 6 –** (Optional): At the bottom of the Connection view, is the Use the Windows account that -Enterprise Auditor runs with before trying the user credentials above option. This option is per -Connection Profile. If checked, Enterprise Auditor applies the local login credentials prior to any -of the credentials saved to the Connection Profile. - -**NOTE:** If a data collector utilizes an applet, this option must be unchecked. - -**Step 7 –** When the user credentials have been added and ordered, click Save and then OK to -confirm the changes to the Connection Profile. - -The new Connection Profile is now visible in the Profile list and available for use at the job group -or job level. - -## Edit User Credentials within a Connection Profile - -Follow the steps to edit user credentials within a Connection Profile. - -![Edit Connection Profile](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/editusercredentials.webp) - -**Step 1 –** Select the Connection Profile to be modified from the Profile list. Remember, changing -the Connection Profile name results in breaking job groups or jobs that are assigned this profile. - -**Step 2 –** Select the user credential to be edited from the User Credentials list. Click Edit. - -![User Credentials](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/selectaccounttype.webp) - -**Step 3 –** Modify the information in the User Credentials window. For the password, choose between -the Use the existing password option or the Specify a new password below option. Click OK. - -**Step 4 –** When the Connection Profile’s user credentials have been edited as desired, click Save -and then OK to confirm the changes to the Connection Profile. - -The edited user credentials are now used for authentication to target hosts for this Connection -Profile. - -## Delete a User Credential from a Connection Profile - -Follow the steps to delete a user credential from a Connection Profile. - -![Delete User Credentials](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteusercredentials.webp) - -**Step 1 –** Select the Connection Profile to be modified from the Profile list. Remember, changing -the Connection Profile name results in breaking job groups or jobs that are assigned this profile. - -**Step 2 –** Select the user credential to be edited from the User Credentials list. Click Delete. - -![Confirmation message for deletion](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteusercredentialsconfirm.webp) - -**Step 3 –** Click OK to confirm the deletion. - -**Step 4 –** The selected credential is no longer visible in the User Credentials list. Click Save -and then OK to confirm the changes to the Connection Profile. - -The deleted user credentials are no longer available for authentication to target hosts for this -Connection Profile. - -## Set a Default Connection Profile - -The default profile is marked with the green checkmark. - -![defaultconnectionprofile](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/defaultconnectionprofile.webp) - -Follow the steps to set a new default Connection Profile. - -![Set a Default Connection Profile](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/setasdefaultconnectionprofile.webp) - -**Step 1 –** Select the desired profile in the Connection Profile list and click Set as default. - -**Step 2 –** The green checkmark moves. Click Save and then OK to confirm the changes. - -This Connection Profile is now used as the default Connection Profile. - -## Delete a Connection Profile - -Follow the steps to delete a Connection Profile. - -![Delete a Connection Profile](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofile.webp) - -**Step 1 –** Select the profile from the Connection Profile list and click Delete. - -![Confirmation message for deletion](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp) - -**Step 2 –** Click OK to confirm the deletion. - -**Step 3 –** The selected profile is no longer visible in the Connection Profiles list. Click Save -and then OK to confirm the changes. - -The deleted Connection Profile is no longer available for authentication to target hosts. - -# Dropbox for User Credentials - -The information in this topic applies to **Select Account Type** > **Dropbox** in the User -Credentials window. - -![User Credentials - Dropbox](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/dropbox.webp) - -The required credentials for Dropbox are: - -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Access Token – Copy and paste the access token after it has been generated from the Scan Options - page of the DropboxAccess Data Collector configuration wizard. See the Dropbox for User - Credentials topic for additional information. - -# Azure Active Directory for User Credentials - -The information in this topic applies to **Select Account Type** > **Azure Active Directory** in the -User Credentials window. This account type is for Microsoft Entra ID, formerly Azure Active -Directory. - -![User Credentials Window - Azure Active Directory](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/entraid.webp) - -The required credentials for this account type are: - -- Client ID – Application (client) ID of the Enterprise Auditor application registered with - Microsoft Entra ID. See the - [Identify the Client ID](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md#identify-the-client-id) - topic for additional information. -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Key – The required Key depends on the target environment the Connection Profile is being used for: - - - Entra ID – Client secret value for the Enterprise Auditor application registered with - Microsoft Entra ID. See the - [Generate the Client Secret Key](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md#generate-the-client-secret-key) - topic for additional information. - - SharePoint Online – The comma delimited string containing the path to the certificate PFX - file, certificate password, and the Microsoft Entra ID environment identifier ( - `CertPath,CertPassword,AzureEnvironment`). See the - [SharePoint Online Credential for a Connection Profile using Modern Authentication](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md#sharepoint-online-credential-for-a-connection-profile-using-modern-authentication)topic - for additional information. - -# Exchange Modern Authentication for User Credentials - -The information in this topic applies to **Select Account Type** > **Exchange Modern -Authentication** account type in the User Credentials window. - -![User Credentials - Exchange Modern Authentication ](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/exchangemodernauthentication.webp) - -The values for the required credentials for the Exchange Modern Authentication account are: - -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Organization – The primary domain name of the Microsoft Entra tenant being leveraged to make the - connection. See the - [Identify the Tenant's Name](/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md#identify-the-tenants-name) - topic for additional information. -- Email Address – The email address for the mailbox to be leveraged in Exchange Online environment - scans. The mailbox must belong to the primary domain used in the Organization field. -- AppID – Application (client) ID of the Enterprise Auditor application registered with Microsoft - Entra ID. See the - [Identify the Client ID](/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md#identify-the-client-id) - topic for additional information. -- Certificate Thumbprint – The thumbprint value of the certificate uploaded to the Microsoft Entra - ID application. See the - [Upload Self-Signed Certificate](/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md#upload-self-signed-certificate) - topic for additional information. - -# Local Windows Account for User Credentials - -The information in this topic applies to **Select Account Type** > **Local Windows Account** in the -User Credentials window. - -![User Credentials - Local Windows Account](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/localwindowsaccount.webp) - -The required credentials for the Local Windows Account are: - -- User name – Type the user name -- Password Storage – Choose the option for credential password storage: - - - Application – Uses the configured Profile Security setting as selected at the **Settings** > - **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information. - - CyberArk – Uses the CyberArk Enterprise Password Vault. See the - [CyberArk Integration](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information. The password fields do not apply for CyberArk password - storage. - - **NOTE:** If using the CyberArk option, then the associated Connection Profile can only have - one user credential in it. Multiple user credentials are not supported with the CyberArk - integration when using local Windows accounts. - -- Password – Type the password -- Confirm – Re-type the password - -# Oracle for User Credentials - -The information in this section applies to Select Account Type > Oracle in the User Credentials -window. - -![User Credentials - Oracle](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/oracle.webp) - -The required credentials for Oracle are: - -- Domain – Field options are dependent upon the additional account type option selected: - - Oracle Account – Domain is not a field for this type of credential - - Windows account that Enterprise Auditor is run with – (Domain is not a field for this type of - credential) - - Active Directory – Drop-down menu with available trusted domains displays. Either type the - short domain name in the textbox or select a domain from the menu. -- User name – Type the user name - - This is not a field for the additional account type of Windows account that Enterprise Auditor - is run with is selected -- Password Storage: Application – Uses the configured Profile Security setting as selected at the - **Settings >** **Application** node -- Password – Type the password - - This is not a field for the additional account type of Windows account that Enterprise Auditor - is run with -- Confirm – Re-type the password - - This is not a field for the additional account type of Windows account that Enterprise Auditor - is run with -- Role – Specify an Oracle role, if desired. The drop-down menu provides a list of roles. Either - type the role name in the textbox or select a role from the menu. - - **NOTE:** When using a least privileged model for Oracle, **SYSDBA** must be selected for the - Role. -- Additional Account type – Select radio button of the secondary account type from the list at the - bottom of the window: - - Oracle Account – Use an Oracle account for target host authentication - - Windows account that Enterprise Auditor is run with – Use the account that launched the - Enterprise Auditor application through the run-as security context - - Active Directory – Use an Active Directory account for target host authentication - -Selecting default from the list is the same as leaving the field blank. - -# SQL Authentication for User Credentials - -This information applies to **Select Account Type** > **SQL Authentication** in the User Credentials -window. - -**NOTE:** SQL Authentication credentials are used in the Connection Profiles for the SQL, MySQL, and -PostgreSQL Solutions. - -![User Credentials - SQL Authentication](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/sqlauthentication.webp) - -The required credentials for SQL Authentication are: - -- User name – Enter user name -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Password – Type the password -- Confirm – Re-type the password - -# Task for User Credentials - -The information in this section applies to Select Account Type > Task (Local) or Task (Domain) in -the User Credentials window. - -| ![User Credentials - Task (Local)](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/tasklocal.webp) | ![User Credentials - Task (Domain)](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/taskdomain.webp) | -| ------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- | -| _Task (Local)_ | _Task (Domain)_ | - -The required credentials for Task (Local) and Task (Domain) are: - -- Domain - - Local – Not a field for this type of credential, defaults to `` - - Domain – Drop-down menu with available trusted domains displays. Either type the short domain - name in the textbox or select a domain from the menu. -- User name – Type the user name -- Password Storage: Application – Uses the configured Profile Security setting as selected at the - **Settings > Application** node -- Password – Type the password -- Confirm – Re-type the password - -# Unix Account for User Credentials - -The information in this topic applies to **Select Account Type** > **Unix Account** in the User -Credentials window. - -![User Credentials - Unix](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/unixaccount.webp) - -The required credentials for the Unix Account are: - -- User name – Enter user name -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Password/Confirm - - - If not using a private key, enter the **Password** and re-type in the **Confirm** field - - If using a private key, then the password is not needed. Provide the private key information - in the **Use the following private key when connecting** field. - -- Use the following port/ports (CSV) for SSH - - - The SSH port needs to be opened in software and hardware firewalls - - If desired, select this option and provide the port value - -- Use the following private key when connecting - - - This option uses the authentication method of an SSH Private Key - - Supported Key types: - - - Open SSH - - PuTTY Private Key - - - If desired, select this option and provide the key value - -# Web Services (JWT) for User Credentials - -The information in this section applies to Select Account Type > Web Services (JWT) in the User -Credentials window. - -![User Credentials - Web Services (JWT)](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/webservicesjwt.webp) - -The required credentials for Web Services (JWT) are: - -- User name – (not a field for this type of credential) -- Password Storage: Application – Uses the configured Profile Security setting as selected at the - **Settings > Application** node -- Access Token – Copy and paste the StealthDEFEND App Token after it has been generated within - StealthDEFEND. See the - [FS_DEFEND_SDD Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) - topic for additional information. diff --git a/docs/accessanalyzer/11.6/administration/settings/exchange.md b/docs/accessanalyzer/11.6/administration/settings/exchange.md deleted file mode 100644 index 164e3bf534..0000000000 --- a/docs/accessanalyzer/11.6/administration/settings/exchange.md +++ /dev/null @@ -1,69 +0,0 @@ -# Exchange - -The Exchange node is for configuring the settings needed to query Microsoft® Exchange Servers. -These settings are exclusive to the Enterprise Auditor for Exchange Solution. - -![Exchange - Set up the connection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_1.webp) - -The Exchange node is grayed-out by default. In order for these settings to be enabled, it is -necessary to install both Enterprise Auditor MAPI CDO and Microsoft Exchange MAPI CDO on the -Enterprise Auditor Console server. See the -[StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/11.6/configuration-guides/stealthaudit/configuration.md) -topic for additional information. - -![exchange_2](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_2.webp) - -Once the requirements have been met, the Exchange node is enabled for configuration. These settings -are utilized to make MAPI connections to the Exchange Server for the Mailbox, PublicFolder, -Exchange2K, and ExchangePS Data Collectors. The Client Access Server field, or CAS, is also utilized -by the ExchangePS Data Collector in order to make Remote PowerShell connections for Exchange 2010 or -newer. The data collectors apply these settings unless modified inside the job query. - -![Set up the connection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_3.webp) - -The three options in the Exchange Connection Setting section at the top of the window are dependent -on which version of Exchange is audited. - -- For Auditing Microsoft Exchange 2007 or Older Versions: - - Select the radio button for System Attendant (2003 & 2007) – The System Attendant Account is - built into Exchange 2007 and older versions and allows Enterprise Auditor to make the - necessary MAPI connections. -- For Auditing Microsoft Exchange 2010 or Newer Versions: - - - Select either of the other two options: - - - Use the mailbox associated with the Windows account that Enterprise Auditor is run with – - This option uses either the account logged into the Enterprise Auditor Console server or - the account set to run the Enterprise Auditor application. - - Exchange Mailbox (2010 and newer) – This option allows an Exchange Mailbox Alias to be - specified for MAPI connections. - - - Enter the Alias name in the textbox. The Alias needs to be an Exchange 2010 or newer - mailbox, not a mail-enabled service account. However, this mailbox does not need - rights on the Exchange Organization; it only needs to reside within it. - - - Enter the name of the physical CAS in the Client Access Server textbox. This server can be - part of an array, but do not enter the name of a CAS Array. This should also be the - Exchange CAS where both Remote PowerShell and Windows Authentication on the PowerShell - Virtual Directory have been enabled. - -**_RECOMMENDED:_** Once the Exchange Connection Settings have been properly configured for the -version of Exchange to be audited, it is strongly recommended that the settings be tested. - -In the Test Exchange Connection Settings section: - -- Enter a Mailbox Server with mailboxes to be audited in the Exchange Server textbox. -- Click the Test Exchange settings link. - - ![Test Exchange Connection Setting](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_4.webp) - -If the Exchange Connection Settings are correct, an output field opens. At the bottom of the output -field, a mailbox count is stated and a message appears which says, “You have successfully connected -to this Exchange Server.” Click OK. - -![exchange_6](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_6.webp) - -The Cancel and Save buttons are in the lower-right corner of the Exchange view. These buttons become -enabled when modifications are made to the Exchange global setting. Whenever changes are made at the -global level, click Save and then OK to confirm the changes. Otherwise, click Cancel if no changes -were intended. diff --git a/docs/accessanalyzer/11.6/administration/settings/notifications.md b/docs/accessanalyzer/11.6/administration/settings/notifications.md deleted file mode 100644 index ca00689b70..0000000000 --- a/docs/accessanalyzer/11.6/administration/settings/notifications.md +++ /dev/null @@ -1,115 +0,0 @@ -# Notification - -The Notification node is where email notifications are configured. Emails can be sent from the -Enterprise Auditor Console for a variety of purposes: reports on collected data, change detection -alerts, conformance analysis notification, and more. - -![Global Settings Notification page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/notification.webp) - -To enable notifications from the Enterprise Auditor Console, a mail server must be configured for -Enterprise Auditor to employ for sending emails. - -Enterprise Auditor supports authentication and encryption when sending email notifications. -Notifications can be configured based on the requirements of an organizations mail environment. - -Enable Enterprise Auditor notifications by configuring the Mail Server and Sender Information. It is -recommended to send a test email to yourself after initial configuration to ensure proper settings. -See the [Test Notification Settings](#test-notification-settings) topic for additional information. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Notification view. These -buttons become enabled when modifications are made to the Notification global setting. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -## Configure SMTP Server Information - -The Mail Server section at the top of the page is where an organization’s SMTP Server information is -provided. - -![Mail Server settings on Notification page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/server.webp) - -Provide the following information to enable notifications from Enterprise Auditor. - -**NOTE:** Check with your Messaging Team if you are unsure of this information. - -- Mail Server – Enter the organization’s SMTP Server name -- Encryption – Allows Enterprise Auditor users to enable notification encryption according to the - supported protocol on the configured SMTP Server. The default setting is **No Encryption**. Select - an encryption method: - - No Encryption - - Encryption - - Encryption, Ignore Certificate Error -- Port – Enter the SMTP Server port number. The default port setting changes based on the selected - Encryption Option: - - For the **No Encryption** option, the default port is 25, since this is common for most SMTP - Servers - - For the **Encryption** and **Encryption, Ignore Certificate Error** options, the default port - is 587 - -### Notification Authentication Credentials - -If the SMTP Server requires authentication, select the **My Mail Server requires authentication** -checkbox and provide the necessary credentials in the User name and Password boxes. - -#### Update Notification Authentication Credentials - -**Step 1 –** In the My Mail server requires authentication section, enter a new **Password** for the -account. - -**Step 2 –** Click **Save**. - -The credentials for Mail Server authentication account have been updated and committed to the -Console. - -## Sender Information - -The Sender Information section is where the sender information is provided. - -![Sender Information section on Notification page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/senderinformation.webp) - -Configure the sender information for all Enterprise Auditor notifications. Since this is a global -settings, any recipients configured at this level receive all notifications sent from Enterprise -Auditor, and are sent to this recipient list unless inheritance is broken at the job group or job -level. - -- Sender Name – Name displayed in the sent from field of the email -- Sender Address – Sender’s email address. This does not have to be a real email address, unless - required by the organization. It can be something as simple as `accessanalyzer@yourdomain.com`. - -## Email Content - -The Email Content section is where the recipient information is provided. - -![Email Content section on Notification page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/emailcontent.webp) - -- To / CC / BCC – Enter the email addresses for the recipients of the email notifications. Use a - semicolon (;) to separate multiple recipients. - - Recipients listed at this global level receive all email notifications sent by Enterprise - Auditor unless inheritance is broken at the job group or job levels - -## Test Notification Settings - -Once the global **Notification** settings have been configured, it is recommended to send a test -email to ensure proper configuration. This verifies all settings are correct and email is received -as expected. - -![Test Email Settings button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/test.webp) - -The Test Email Settings button sends a test email to the recipient list. It is recommended that you -test by sending an email to yourself. Once all Notification settings are configured, click the -**Test Email Settings** button. - -![Test email sent successfully message](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/testsuccess.webp) - -A message displays stating that the test e-mail was sent successfully. - -![Test email error message example](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/testerror.webp) - -**NOTE:** If there are any problems with the information, an error message will appear during the -Test Email settings process. Correct the Notification settings until the test email is sent -successfully. - -![Netwrix Enterprise Auditor test e-mail](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/testemail.webp) - -This email is sent to all recipients when the **Test Email settings** link is clicked. When the -Notification settings are configured, click **Save** and then **Ok** to complete the configuration. diff --git a/docs/accessanalyzer/11.6/administration/settings/reporting.md b/docs/accessanalyzer/11.6/administration/settings/reporting.md deleted file mode 100644 index 36c763f9d6..0000000000 --- a/docs/accessanalyzer/11.6/administration/settings/reporting.md +++ /dev/null @@ -1,117 +0,0 @@ -# Reporting - -The Reporting node is for configuring the global settings for publishing Enterprise Auditor reports. -The Web Console is where any reports which have been published can be viewed outside of the -Enterprise Auditor Console. The Web Console provides a consolidated logon housing both the published -reports and the AIC (when applicable). - -![Global Settings Reporting page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/reporting.webp) - -The publishing of reports can be disabled at the global level by selecting **Do not publish -reports** from the Publish Option drop-down menu. It can also be disabled at the job group, job, or -report configuration level. See the -[Jobs Tree](/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/overview.md) topic -for additional information. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Reporting view. These -buttons become enabled when modifications are made to the Reporting global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -## Website URL - -The Website URL field contains address for the hosted website, the Web Console, where the published -reports reside. - -![Website URL on Global Settings Reporting page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/websiteurl.webp) - -The default address is: - -http://[Fully Qualified Domain Name of the Enterprise Auditor Console server]:8082 - -This link is used to access the Web Console, and it is used for the web link in an emailed report. -The protocol and port number may need to be modified to align with the organization’s environment, -but it must match the information in the website’s configuration file. If the Web Console has been -secured, this address must be manually updated: - -https://[Fully Qualified Domain Name of the StealthAUDIT Console server]:[Port Number] - -**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See -the -[Configure JavaScript Settings for the Web Console](#configure-javascript-settings-for-the-web-console) -topic for additional information. - -## Publish Option - -The Publish Option allows you to enable or disable the publishing of reports at the global level. - -![Publish Option on Global Settings Reporting page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/publish.webp) - -Select the **Publish reports** option to publish all Enterprise Auditor reports or select **Do not -publish reports** to disable the publishing. The inheritance of this setting can be broken at the -job group, job, or report levels. - -### Email Report Options - -Configure email reports sent out by Enterprise Auditor using the Email Report options. - -![Email options on Global Settings Reporting page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/email.webp) - -The **E-mail reports** checkbox enables recipients to receive all published reports, unless -inheritance is broken at the job group, job, or report level. Separate multiple recipients with a -semicolon. If commas are used as delimiters for email addresses, they will be converted into -semicolons when the settings are saved. - -**_RECOMMENDED:_** Configure email reporting at a specific level to ensure recipients only receive -reports which apply to them. - -**NOTE:** Email reports does not work unless Enterprise Auditor has been configured to send email -notifications through the **Notification** node. See the -[Notification](/docs/accessanalyzer/11.6/administration/settings/notifications.md) -topic for additional information. - -The **Do Not Email Report If Blank** checkbox prevents reports from being sent via email if all -elements are blank when generated. A blank report can occur if there is an error in data collection -or if the report is configured for data which might not always be present (for example, new computer -objects created since last scan). - -**_RECOMMENDED:_** Enable the **Do Not Email Report If Blank** option. - -The report can be sent using the desired **Email Content** option: - -- Web Link – Sends an email notice that the report has been published and provides the recipient - with a link to it in the Web console -- Embedded HTML – Sends the report embedded inside the email using HTML format -- Data Tables as CSV (No Charts) – Attaches the complete data set (as configured within the report, - without row limit) to an email as a CSV file, excluding any charts -- PDF – Attaches the report to an email as a PDF file - -The **Subject(Prefix)** field identifies the prefix of the email subject line, unless inheritance is -broken at the job group, job, or report level. The prefix appears in the email header preceding the -report name. If left blank, Enterprise Auditor applies a prefix of `Enterprise Auditor Report` to -the email subject line. - -## Configure JavaScript Settings for the Web Console - -Any browser used to access the Web Console must have JavaScript allowed for all features of the Web -Console to function correctly. If the JavaScript permission is not set as allowed for the entire -browser, you must add the Web Console as an allowed site. - -Follow the steps to allow JavaScript on the Web Console in Microsoft Edge. - -**Step 1 –** Open Microsoft Edge Settings. - -![javascriptsitepermissions](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/javascriptsitepermissions.webp) - -**Step 2 –** Go to the **Cookies and site permissions** settings page, and click **JavaScript** -under All permissions. - -![javascriptsettings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/javascriptsettings.webp) - -**Step 3 –** Click **Add** in the Allow section. On the Add a site window, enter the URL for the Web -Console and click **Add**. - -**NOTE:** If the global Allowed option is selected, you do not need to specifically add the Web -Console as an allowed site. - -The Web Console's URL is added to the Allow list and JavaScript is enabled for the Web Console. diff --git a/docs/accessanalyzer/11.6/administration/settings/schedule.md b/docs/accessanalyzer/11.6/administration/settings/schedule.md deleted file mode 100644 index 70a411052b..0000000000 --- a/docs/accessanalyzer/11.6/administration/settings/schedule.md +++ /dev/null @@ -1,228 +0,0 @@ -# Schedule - -The Schedule node contains objects referred to as Schedule Service Accounts. A Schedule Service -Account is used to run scheduled tasks on the Enterprise Auditor Console server. - -![Schedule node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/schedule.webp) - -Jobs can be executed manually as desired or scheduled to execute at designated times. For example, -you could schedule a job to run during hours when the office is closed and network traffic is low. -Windows uses the Schedule Service Account to access the task folders when launching scheduled tasks. -Schedule Service Accounts are configured at the global level, and this account can be used to -schedule jobs in the Schedule Wizard. See the -[Schedules](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md) -topic for additional information. - -**CAUTION:** On Windows 2016 servers, the Schedule Service Account cannot be signed into an active -session when the time comes for a scheduled task to start. Windows blocks the starting or running of -scheduled tasks using an account that is logged into the server. - -Password Storage Options - -The password for the credential provided can be stored in the Enterprise Auditor application or the -Enterprise Auditor Vault. - -Choosing between the Enterprise Auditor application and Enterprise Auditor Vault is a global setting -configured in the **Settings** > **Application** node. See the -[Application](/docs/accessanalyzer/11.6/administration/settings/application.md) -topic for additional information. - -Permissions - -Regardless of the account type, any account used to schedule tasks must have credentials with at -least the following to meet Least Privileged specifications: - -- Create Files/Write Data rights on the following Task folders: - - - Windows Task folder - - System 32 Task folder - - Member of **Log on as a Batch Job** local policy - - Otherwise, credentials must have local Administrator privileges on the Enterprise Auditor - Console server. - -- The following NTFS permissions for **Subfolders and Files Only** in the Enterprise Auditor - Directory: - - - Create Files/Write Data - - Create Folders/Append Data - - Write Attributes - - Write Extended Attributes - -- To configure Least Privilege Model Schedule Service Accounts when Role Based Access is enabled, - see the - [Role Based Access](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) - topic for additional information -- If using Windows authentication for the Storage Profile, the Schedule Service Account must have a - sufficient level of rights to connect to and interact with the Enterprise Auditor database. See - the - [Storage](/docs/accessanalyzer/11.6/administration/settings/storage.md) - topic for additional information. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Schedule view. These -buttons become enabled when modifications are made to the Schedule global settings. Whenever changes -are made at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, -click **Cancel** if no changes were intended. - -The Enterprise Auditor vault provides enhanced security through enhanced encryption to various -credentials stored by the Enterprise Auditor application. See the -[Vault](/docs/accessanalyzer/11.6/administration/settings/application.md) -topic for additional information. - -## Schedule Service Account Types - -There are two types of accounts that can be used to configure the Schedule Service Account. - -![serviceaccounttypes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/serviceaccounttypes.webp) - -Use one of the following options for the Schedule Service Account: - -- Use the local system account to schedule tasks – This option applies the credentials logged into - the Enterprise Auditor Console server - - - Credentials must have privileges sufficient for scheduling tasks on the Enterprise Auditor - Console server. If not, scheduled tasks fail to start. - - This option cannot be edited or deleted - -- User-supplied credentials – Provide credentials for a specific account with sufficient rights to - schedule tasks on the Enterprise Auditor Console server - - - The account can be either a domain account or a local Windows account - - A local Windows account is a specific account and not the default local system account - -_Remember,_ the Schedule Service Account cannot be signed into an active session on the Enterprise -Auditor Console server when the time comes for a scheduled task to start when it has a Windows 2016 -operating system. - -## Create a Schedule Service Account - -Follow the steps to create a Schedule Service Account. - -_Remember,_ the Schedule Service Account cannot be signed into an active session on the Enterprise -Auditor Console server when the time comes for a scheduled task to start when it has a Windows 2016 -operating system. - -![Add User credential option in the Schedule view](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/addusercredential.webp) - -**Step 1 –** Click **Add User credential** at the top of the Schedule view. The User Credentials -window opens. - -![User Credentials window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/usercredentialswindow.webp) - -**Step 2 –** The window options change according to the value for the **Selected Account Type** -field. Select the appropriate account type and then provide the required information. The account -types are: - -- Active Directory Account – Use this option to specify a domain account - - - Domain – Auto-filled with the domain where the Enterprise Auditor Console server resides, - change by typing the domain name in the textbox or select a domain from the menu - - User name – Provide a domain account user name - - Password Storage – Choose the option for credential password storage: - - - Application – Uses Enterprise Auditor’s configured Profile Security setting as selected at - the **Settings** > **Application** node - - Managed Service Account – Use previously configured MSA and gMSAs for authentication. The - password fields are not applicable when this option is selected. See the - [Group Managed Service Accounts (gMSA) Configuration](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information. - - - Password – Type the password - - Confirm – Re-type the password - -- Local Account – Use this option to specify a local account for the Enterprise Auditor Console - server - - - User name – Provide the local account user name - - Password Storage – Choose the option for credential password storage: - - - Application – Uses Enterprise Auditor’s configured Profile Security setting as selected at - the **Settings** > **Application** node - - - Password – Type the password - - Confirm – Re-type the password - -**Step 3 –** Click **OK** and the credentials are verified. If there are no problems with the -provided credentials, the User Credentials window closes. Otherwise, one of the following error -messages might appear: - -- Passwords Do Not Match Error - - ![Passwords Do Not Match Error](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/passwordsdontmatch.webp) - - - This error indicates the two password entries do not match. Click **OK** and reenter the - passwords. - -- Bad User Name or Password Error - - ![Bad User Name or Password Error](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/incorrectlogondetails.webp) - - - This error indicates either the user account does not exist or the username and password do - not match. Click **OK** and reenter the information. - -- Insufficient Rights Error - - ![Insufficient Rights Error](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/insufficientrights.webp) - - - This error indicates the account supplied does not have sufficient rights to create and run - scheduled tasks. Click **OK** and provide credentials with sufficient rights. - -- GPO Network Security Error - - ![GPO Network Security Error](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/gponetworksecurity.webp) - - - This error indicates that the GPO Network Security settings are configured to not allow - storage of passwords and credentials for network authentication. Click OK. Disable the - domain’s GPO Network Security settings or exempt the Enterprise Auditor Server from GPO. - - This error will also appear when trying to schedule a task using the domain’s Schedule Service - Account where GPO Network Security is set to not allow storage of passwords and credentials - for network authentication - -**Step 4 –** The credential information appears in the User Credentials table. Click **Save** and -then **OK** to confirm the changes. To ensure these credentials take effect, exit and restart the -Enterprise Auditor application before scheduling any tasks. - -Enterprise Auditor can now schedule tasks with this Scheduled Service Account. - -## Edit a Schedule Service Account - -Follow the steps to edit a Schedule Service Account credentials. - -_Remember,_ the Schedule Service Account cannot be signed into an active session on the Enterprise -Auditor Console server when the time comes for a scheduled task to start when it has a Windows 2016 -operating system. - -![Edit option in the Schedule view](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/edit.webp) - -**Step 1 –** Select a credential from the User Credentials list and click on **Edit**. The User -Credentials window opens. - -**Step 2 –** Modify the credential information as needed. See Step 2 of the -[Create a Schedule Service Account](#create-a-schedule-service-account) topic for additional -information. - -**Step 3 –** Click **OK** and the credentials will be verified. If there are no problems with the -provided credentials, the User Credentials window closes. - -Enterprise Auditor can now schedule tasks with this Scheduled Service Account. - -## Delete a Schedule Service Account - -Follow the steps to delete a Schedule Service Account. - -![Delete option in the Schedule view](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/delete.webp) - -**Step 1 –** Select the credential from the User Credentials list and click **Delete**. The Delete -Credentials confirmation window appears. - -![Delete Credentials confirmation window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/deletecredentials.webp) - -**Step 2 –** Click **OK** to confirm the deletion or **Cancel** to exit the deletion process. - -**Step 3 –** The User Credentials list now reflects the absence of the deleted Schedule Service -Account. Click **Save** and then **OK** to confirm the changes. To ensure these changes take effect, -exit and restart the Enterprise Auditor application. - -If all Schedule Service Accounts are removed and only the local System account remains, Enterprise -Auditor cannot create or run scheduled tasks unless the local system account has adequate -permissions. diff --git a/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md b/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md deleted file mode 100644 index 6c11269524..0000000000 --- a/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md +++ /dev/null @@ -1,218 +0,0 @@ -# Criteria Tab - -Configure the list of selected sensitive data criteria that will be used within sensitive data scan -jobs using the Criteria Tab. - -![Sensitive Data Criteria tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/criteriatab.webp) - -The options on the Criteria Tab are: - -- Add – Opens the Select Criteria window to add search criteria that will be inherited by Sensitive - Data scan jobs. See the [Select Criteria Window](#select-criteria-window) topic for additional - information. -- Remove – Removes the selected criteria from being inherited by Sensitive Data scan jobs -- Launch Editor – Opens the Sensitive Data Criteria Editor. See the - [Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md) - for additional information. -- Search selected criteria – Filter the criteria listed in the Criteria tab - -The **Cancel** and **Save** buttons are in the lower-right corner of the Sensitive Data view. These -buttons become enabled when modifications are made to the Sensitive Data global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -## Select Criteria Window - -Follow the steps to add Search Criteria for Sensitive Data scan jobs. - -![Add criteria](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/addcriteria.webp) - -**Step 1 –** Click **Add** to open the Select Criteria window. - -![Select Criteria window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/selectcriteria.webp) - -**Step 2 –** Select the checkbox to select the criteria. Use the **Search Criteria** text field to -filter the list using keywords or expand each category to view and select individual Sensitive Data -search criteria. - -**Step 3 –** Click **OK** to confirm changes. The Select Criteria window closes. - -**Step 4 –** Click **Save** on the Sensitive Data view to save changes. - -The selected Search Criteria are now inherited by Sensitive Data scan jobs that are set to use -global sensitive data criteria settings. - -# Adding False Positive Exclusion Filters - -Follow the steps to add a False Positive Exclusion Filter. - -![Add Filter on False Positives tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/addfilter.webp) - -**Step 1 –** Click **Add Filter** to open the Add False Positive Exclusion Filter window. - -![Add False Positive Exclusion Filter window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp) - -**Step 2 –** Enter the **File Path** according to the type of format for the repository. - -**Step 3 –** Indicate the type of repository by selecting either **File System** or **SharePoint** -from the **Source** drop-down menu. - -**Step 4 –** Select the required criteria from the list by selecting the relevant checkboxes. You -can use the **Search Criteria** textbox to filter the list by keywords. - -**Step 5 –** Click **OK** to add the filter to the False Criteria list. The Add False Positive -Exclusion Filter window closes. - -**Step 6 –** Click **Save** on the Sensitive Data view to save changes. - -The false positive exclusion filter is now applied to Sensitive Data reports. - -# Deleting False Positive Exclusion Filters - -Follow the steps to delete a False Positive Exclusion Filter. - -![Delete Filter on False Positives tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/deletefilter.webp) - -**Step 1 –** Select a filter from the list and click **Delete Filter**. - -**Step 2 –** Click **Save** on the Sensitive Data view to save changes. - -The false positive exclusion filter has been successfully deleted. - -# Editing False Positive Exclusion Filters - -Follow the steps to edit a False Positive Exclusion Filter. - -![Edit Filter on False Positives tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/editfilter.webp) - -**Step 1 –** Click **Edit Filter** to open the Edit False Positive Exclusion Filter window. - -![Edit False Positive Exclusion Filter window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp) - -**Step 2 –** Make modifications to the File Path, Source type, and Search Criteria. - -**Step 3 –** Click **OK** to confirm changes. The Edit False Positive Exclusion Filter window -closes. - -**Step 4 –** Click **Save** on the Sensitive Data view to save changes. - -The false positive exclusion filter has been successfully edited. - -# Exporting False Positive Exclusion Filters - -Follow the steps to export selected False Positive Exclusion Filters into a TXT file. - -![Export on False Positives tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfilter.webp) - -**Step 1 –** Select the false positive exclusion filters to export and click **Export**. The File -Explorer opens. - -![Select False Positive Exclusion filter file to export File Explorer window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp) - -**Step 2 –** Enter a File name for the TXT file that the exported false positive exclusion filters -will be contained in. Click **Save**. - -The False Positive Exclusion Filters are now exported. - -# Importing False Positive Exclusion Filters - -Create an import (TXT) file containing a list of file paths for the files to be excluded from -Sensitive Data reports. The text file should have one file path per row. The import file needs to be -scoped to a single solution and a criteria set. - -Follow the steps to import a list of False Positive Exclusion Filter. - -![Import on False Positives tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/importfilter.webp) - -**Step 1 –** Click **Import** to open the Select False Positive Exclusion Filter file to import -window. - -![Select False Positive Exclusion Filter file to import window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/importfileexplorer.webp) - -**Step 2 –** Navigate to the file that will be imported. Select the file and click **Open**. The -Configure Imported False Positive Exclusion Filters window opens. - -![Configure Imported False Positive Exclusion Filters window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp) - -**Step 3 –** Select the repository type from the **Source** drop-down menu. - -**Step 4 –** Select the required criteria from the list. You can use the **Search Criteria** textbox -to filter the list by keywords. - -**Step 5 –** Click **OK** to confirm configurations. The Configure Imported False Positive Exclusion -Filters window closes. - -**Step 6 –** Click **Save** on the Sensitive Data view to save changes. - -The imported list of False Positive Exclusion Filters are now applied to Sensitive Data reports. If -all of the files in the import were not meant to have the same Source and Criteria set, see the -[Editing False Positive Exclusion Filters](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) -topic for additional information. - -# False Positives Tab - -Configure False Positive exclusion filters using the options in the False Positives tab. False -Positives Filters listed here as False Positives results in the corresponding matches being removed -from Enterprise Auditor and Access Information Center reports. - -![False Positives tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/falsepositivestab.webp) - -The options under the False Positives Tab are: - -- Add Filter – Opens the Add False Positive Exclusion Filter window to add False Positive Exclusion - Filters. See the - [Adding False Positive Exclusion Filters](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- Edit Filter – Opens the Edit False Positive Exclusion Filter window to edit the selected filters - in the list. See the - [Editing False Positive Exclusion Filters](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- Delete Filter – Deletes the selected false positive exclusion filter. See the - [Deleting False Positive Exclusion Filters](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- Import – Imports a text file to populate the False Positives tab with False Positive Exclusion - Filters. See the - [Importing False Positive Exclusion Filters](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- Export – Exports selected false positive exclusion filters in a text file. See the - [Exporting False Positive Exclusion Filters](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. - -The False Positives view displays the following information for the False Positive Exclusion -Filters: - -- File Path – Path of the file to be excluded from Sensitive Data reports -- Solution – Solution source of the exclusion filter. The two solution sources are: - - - File System - - SharePoint - -- Criteria – Sensitive Data criteria where the exclusion filter is applied - -The **Cancel** and **Save** buttons are in the lower-right corner of the Sensitive Data view. These -buttons become enabled when modifications are made to the Sensitive Data global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -# Sensitive Data - -The Sensitive Data node provides configuration options to manage sensitive data criteria and false -positive exclusion filters. These settings require the Sensitive Data Discovery Add-on. See the -[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md) -topic for additional information. - -**NOTE:** Sensitive data exclusion filters can only be applied to the -[File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -and the -[SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -![Sensitive Data settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/sensitivedata.webp) - -The tabs in the Sensitive Data node are: - -- Criteria – Configure Search Criteria to be used in Sensitive Data scan jobs. See the - [Criteria Tab](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- False Positives – Configure False Positive exclusion filters. See the - [False Positives Tab](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. diff --git a/docs/accessanalyzer/11.6/administration/settings/service-now.md b/docs/accessanalyzer/11.6/administration/settings/service-now.md deleted file mode 100644 index 3ea7117273..0000000000 --- a/docs/accessanalyzer/11.6/administration/settings/service-now.md +++ /dev/null @@ -1,32 +0,0 @@ -# ServiceNow - -The ServiceNow® node is for configuring the settings needed to integrate with ServiceNow. These -settings are exclusive to the Enterprise Auditor integration with ServiceNow and are used by the -ServiceNow Action Module. See the -[ServiceNow Action Module](/docs/accessanalyzer/11.6/analysis-and-actions/actions/service-now.md) -topic for additional information. - -![ServiceNow node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/servicenow.webp) - -Provide ServiceNow authentication information to your ServiceNow instance. - -- Instance – The ServiceNow instance, for example `example.service-now.com` -- User Name and Password – The **Settings** > **ServiceNow** node at the global level can be - configured with a credential provisioned to create incidents as Callers in the **Assigned to** - field, and any other ServiceNow incident field that references the **sys_user** table. - -The **Cancel** and **Save** buttons are in the lower-right corner of the ServiceNow view. These -buttons become enabled when modifications are made to the ServiceNow global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -## Update ServiceNow Authentication Credentials - -Follow the steps to update the ServiceNow authentication credentials. - -**Step 1 –** In the ServiceNow Authentication section, enter a new **Password** for the user -account. - -**Step 2 –** Click **Save**. - -The credentials have been updated for ServiceNow authentication. diff --git a/docs/accessanalyzer/11.6/administration/settings/storage.md b/docs/accessanalyzer/11.6/administration/settings/storage.md deleted file mode 100644 index 8b79b45053..0000000000 --- a/docs/accessanalyzer/11.6/administration/settings/storage.md +++ /dev/null @@ -1,232 +0,0 @@ -# Add a Storage Profile - -Follow the steps to create a Storage Profile. - -![Add Storage profile option](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofile.webp) - -**Step 1 –** Click **Add Storage profile** at the top of the Storage view. - -![New Storage profile added](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofilename.webp) - -**Step 2 –** A new profile line appears in the Storage Profiles list with a generic name. Change the -Profile name to a unique and descriptive name. - -![Server Name field](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofileservername.webp) - -**Step 3 –** Type the SQL **Server name** in the textbox provided. This can be a NetBIOS name, a -fully qualified domain name, or an IP Address. If the SQL Server specified is configured to use a -named instance, provide the **Instance name** in the next textbox. - -![Command timeout field](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofiletimeout.webp) - -**Step 4 –** Specify the time in minutes that must expire before Enterprise Auditor halts any SQL -queries running for that amount of time. - -![Authentication options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofileauthentication.webp) - -**Step 5 –** Select the radio button for the appropriate authentication mode. If using **SQL Server -authentication** , provide a **User name** and **Password** in the textboxes. - -**_RECOMMENDED:_** When possible, use Windows Authentication. Windows Authentication is more secure -than SQL Server Authentication. See the Microsoft -[Choose an authentication mode](https://learn.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode) article -for additional information. - -| ![Good connection test](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofilegoodconnection.webp) | ![Bad connection test](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofilebadconnection.webp) | -| ------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------- | -| Good Connection Test | Bad Connection Test | - -**Step 6 –** It is recommended to test the credentials provided at this point. The radio button for -**Use existing database** should be selected by default. Test the SQL Server connection by clicking -the drop-down arrow for an existing database. If the connection is established, a listing of -databases appears. If the connection cannot be established, an error warning displays. - -![Database options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofiledatabase.webp) - -**Step 7 –** Set the database through one of the following options: - -- Use existing database – Click this radio button and select a database from this list provided in - the drop-down menu -- Create new database – Click this radio button and provide a unique, descriptive name in the - textbox - -![Connection report](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/connectionreport.webp) - -**Step 8 –** Click **Apply** and a Connection report window opens. The Connection report checks for -the appropriate permissions and lists any that are missing. If no permissions are present, an error -message appears in the Connection report window. When there is a `Successful connection test`, click -**Close**. - -**Step 9 –** If **Create new database** was selected, the new database now exists. If **Use existing -database** was selected, the Storage Profile is now linked to the database. Click **Save** and then -**OK** to complete the creation of the new Storage Profile. - -The new Storage Profile is available to be used by Enterprise Auditor. - -# Set a Default Storage Profile - -While multiple Storage Profiles can exist, only one profile can be set as the default. A green -checkmark next to the profile name indicates the default Storage Profile. Follow the steps to change -the default Storage Profile at the global level. - -![Set as Default option on Storage page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/default.webp) - -**Step 1 –** Select the profile to be the new default, and click **Set as default**. The Change -storage profile window opens. - -![Change storage profile window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/changestorageprofile.webp) - -**Step 2 –** There are three options for host management data migration. Select the desired option, -choose whether or not to apply the secondary option, and click **OK**. - -- Merge your host management data with data in the destination table (Recommended) – This option - keeps existing hosts and host discovery tasks in the destination and updates the tasks based on - the information found in the source database - - - Use destination value on conflict – If selected, any conflicting information between the - destination table and the source database is resolved in favor of the destination table - -- Overwrite data in the destination table – This option replaces existing hosts and host discovery - tasks with ones found in the source database - - - Also overwrite shared host inventory data – If selected, host inventory data is also replaced - with data found in the source database - -- Don’t copy your host management data to destination table – This option does not copy, update, or - overwrite information between databases - - - Clear data in destination table – If selected, all host management data in the destination - table is deleted - -![Change storage profile window when transfer is complete](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/changestorageprofilefinish.webp) - -**Step 3 –** When the host management data migration has completed, click **Finish**. - -![Storage page with new default storage profile](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/defaultsave.webp) - -**Step 4 –** A blue arrow now points to the new default Storage Profile. However, the arrow is also -an indication that the new default is not fully recognized by Enterprise Auditor. Click **Save** and -then **OK** to confirm the changes. - -**Step 5 –** Finally, to ensure these changes take effect, exit the Enterprise Auditor application -and relaunch it. - -The blue arrow is replaced by the green checkmark, indicating the new default Storage Profile is -recognized. - -# Delete a Storage Profile - -Follow the steps to delete a Storage Profile. - -**NOTE:** This procedure does not delete databases from the SQL Server. It only removes the selected -Storage Profile from this Enterprise Auditor Console. - -![Delete Storage Profile option](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/delete.webp) - -**Step 1 –** Select the Storage Profile to be removed, and click **Delete**. - -![Confirm delete selected profile dialog](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/deleteconfirm.webp) - -**Step 2 –** Confirm the operation by clicking **OK**. - -**Step 3 –** The profile disappears from the Storage Profiles list. Click **Save** and then **OK** -to confirm the changes. - -The Storage Profile has now been deleted. - -# Storage - -The Storage node contains objects known as Storage Profiles. Storage Profiles house the information -Enterprise Auditor uses to connect to a SQL Server database within your environment. - -![Storage Node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/storage.webp) - -Each Storage Profile consists of the following parts: - -- Profile name – Unique, descriptive name which distinguishes the profile from others in cases where - multiple profiles exist -- Server name – Name of the SQL Server serving the database to be used for the Enterprise Auditor - database. The value format can be either a NetBIOS name, a fully qualified domain name, or an IP - Address. -- Instance name – Value of the named instance, if the SQL Server being connected to is configured to - use a named instance - - - To change the instance port number, provide the instance name in the format - `,`. For example, if using the default **MSSQLSERVER** instance and port - **12345**, the instance name should be entered as `MSSQLSERVER,12345`. - -- Command Timeout – Number of minutes before Enterprise Auditor halts any SQL queries running for - that amount of time. This prevents SQL queries from running excessively long. The default is 1440 - minutes. -- Authentication – Mode of authentication to the SQL Server. In general, it is recommended to - connect with an account configured with the DBO role (database owner rights) and provisioned to - use DBO Schema. - - **_RECOMMENDED:_** When possible, use Windows Authentication. Windows Authentication is more - secure than SQL Server Authentication. See the Microsoft - [Choose an authentication mode](https://learn.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode) article - for additional information. - - - Windows authentication – Leverages the account used to run the Enterprise Auditor Console - - **NOTE:** This option affects the credentials used for Schedule Service Accounts. See the - [Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) - topic for additional information. - - - SQL Server authentication – Leverages the account provided in the **User name** and - **Password** textboxes - - Use existing password – Use the password configured for the Storage Profile account - - Specify a new password below – Enter a new password for the selected Storage Profile account - -- Database name – Name of the Enterprise Auditor database to use in this storage profile - - - Use existing database – Drop-down menu provides a list of databases on the named SQL Server, - provided the connection information supplied is correct. If the menu is empty, then a - connection to the SQL Server was not established. - - Create new database – Enterprise Auditor automatically creates a new database using the name - provided in the textbox. This value should be a unique, descriptive name. - -![Operations on the Storage view](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/storageoperations.webp) - -At the Storage view, the following operations are available: - -- Add Storage profile – Create a new Storage Profile. See the - [Add a Storage Profile](/docs/accessanalyzer/11.6/administration/settings/storage.md) - topic for additional information. -- Set as default – Change the default Storage Profile. See the - [Set a Default Storage Profile](/docs/accessanalyzer/11.6/administration/settings/storage.md) - topic for additional information. -- Delete – Remove a Storage Profile. See the - [Delete a Storage Profile](/docs/accessanalyzer/11.6/administration/settings/storage.md) - topic for additional information. - -**NOTE:** A green checkmark in the Storage Profiles list indicates the default Storage Profile. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Storage view. These buttons -become enabled when modifications are made to the Storage global setting. Whenever changes are made -at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, click -**Cancel** if no changes were intended. - -The vault provides enhanced security through enhanced encryption to various credentials stored by -the Enterprise Auditor application. See the -[Vault](/docs/accessanalyzer/11.6/administration/settings/application.md) -topic for additional information. - -# Update Authentication Credentials in a Storage Profile - -Follow the steps to update authentication credentials for a Storage Profile in the Enterprise -Auditor Console. - -**Step 1 –** Navigate to the **Settings** > **Storage** page. - -**Step 2 –** Locate and select a **Storage Profile** to update. - -![Specify a new password below option on Storage page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/updateauth.webp) - -**Step 3 –** In the Authentication section, click the **Specify a new password below** radio button. - -**Step 4 –** Enter a new **Password**. - -**Step 5 –** Click **Apply**. - -A new password has been added to a Storage profile. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md b/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md deleted file mode 100644 index eb39c59d75..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md +++ /dev/null @@ -1,474 +0,0 @@ -# Active Directory Action Operations - -Use Operations page to select one or more operations for the action to perform on the targeted -Active Directory objects. Some operations have wizard pages to specify the configuration settings. - -![Active Directory Action Module Wizard Operations page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) - -The Operations drop-down menu contains the following operations: - -- [Clear/Set SID History ](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Computer Details](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Disable/Enable Computers](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Create Groups](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Create Users](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Delete Objects](#delete-objects) -- [Disable/Enable Users](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Group Details](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Group Membership](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Groups Remove All Members ](#groups-remove-all-members) -- [Move Objects](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Set/Reset Users Password ](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Unlock Users ](#unlock-users) -- [Users Details ](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) - -Select an operation from the drop-down list and then click **Add**. The selection appears in the -Selections pane as well as the navigation pane if there is an associated configuration page. If -performing multiple operations, the action executes the operations in the order in which they appear -here. To change the order, select an operation and use the **Down** and **Up** buttons. - -## Delete Objects - -**CAUTION:** Once deleted, objects from Active Directory cannot be restored. - -Select this operation to delete objects from Active Directory, such as users, groups, or computers. -The source table determines which objects are deleted from the Active Directory. Therefore, this -operation does not possess its own wizard window. - -## Groups Remove All Members - -Select this operation to remove all members from groups located in the source table. There is not a -wizard window associated with this operation. No configuration is required. - -## Unlock Users - -Select this operation to unlock the account of the specified users in the source table. There is not -a wizard window associated with this operation. No configuration is required. - -# Computer Details - -Use the Computers Details page to select computer attributes to change. - -![Active Directory Action Module Wizard Computer Details page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/computerdetails.webp) - -Highlight the attribute to edit: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then click - the blue arrow to insert the item into the Value box. The executed action replaces the AD Object - property with the specified value from the source table. -- Add Attribute – Adds a custom attribute to the Computer Details attribute list -- Remove Attribute – Removes a selected attribute Computer Details attribute list -- Edit Attribute – Click this icon to change the name of the selected custom attribute -- Import Attribute – Opens the Import Custom Attributes Import Wizard where one or more custom - attributes can be imported. See the - [Custom Attribute Import Wizard](#custom-attribute-import-wizard) topic for additional - information. -- Value – This field contains selections from the Insert field. If the Manager attribute is - selected, click the ellipsis (…) to access the Select User, Contact, or Group window to populate - this field. -- Select the checkboxes next to the computer attributes to enable them for editing when running the - action. - -## Custom Attribute Import Wizard - -The Custom Attributes Import Wizard is used to import a list of custom attributes. Follow the steps -to use the Custom Attributes Import Wizard. - -**Step 1 –** On the Computer Details page of the Active Directory Action Module Wizard, click -**Import**. The Custom Attribute Import Wizard opens. - -![Custom Attributes Import Wizard Credentials page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/credentials.webp) - -**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting -one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in -which the Enterprise Auditor Console server resides. Then set the credentials for reading the -attributes list from the domain: - -- Authenticate as the logged in user – Applies the user account running Enterprise Auditor -- Use the following credentials to authenticate – Applies the account supplied in the **User Name** - and **Password** fields. - -**Step 3 –** Click **Next**. - -![Custom Attributes Import Wizard Attributes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/attributescomputer.webp) - -**Step 4 –** The wizard populates available attributes from the domain specified on the Attributes -page. Expand the desired object class and select the checkboxes for the custom attributes to be -imported. Then click **Next**. - -![Custom Attributes Import Wizard Completion page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/completionpage.webp) - -**Step 5 –** On the Completion page, click **Finish**. - -The selected attributes have been added to the attribute list on the Computer Details page. - -# Create Groups - -Use the Create Groups page to configure the action to create groups on the selected target. - -![Active Directory Action Module Wizard Create Groups page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/creategroups.webp) - -Use the following options to configure the action: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the OU, Group name, or Group name (pre Windows 2000) - boxes. -- OU – The organizational unit that contains the group - - - Create target OU location if it does not already exist – Select this checkbox to create the - target OU - -- Group Name – The name of the group that being created. This field is required. -- Group name (pre Windows 2000) – The name of the group being created -- Group scope – The scope of the group being created. Select from the following: - - - Universal - - Global - - DomainLocal - - SqlField – Enter a value from the drop-down list - -- Group type – The type of group being created. Select from the following: - - - Security - - Distribution - - SqlField – Enter a value from the drop-down list - -# Create Users - -Use the Create Users page to create users on the selected target. - -![Active Directory Action Module Wizard Create Users page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/createusers.webp) - -Use the following options to configure the action: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the selected box. -- OU – The organizational unit in which to create the user - - - Create target OU location if it does not already exist - Select this checkbox to create the - target OU. - -- First Name – The first name of the user being created -- Initials – The initials of the user being created -- Last Name – The last name of the user being created -- Full Name – The full name of the user being created. This field is required. -- User logon name – The user logon name and domain for the user being created -- User logon name (pre Windows 2000) – The domain and user logon name for the user being created -- Password – The password for the user being created. This field is required. - -Optionally, select from the following checkboxes: - -- User must change password at next logon – Require the user to change the password at the next - logon -- User cannot change password -- Password never expires -- Account is disabled - -# Disable/Enable Computers - -Use the (Disable/Enable Computers page to configure the action to enable or disable users' operation -options on target computers. - -![Active Directory Action Module Wizard Disable/Enable Computers page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/disableenablecomputers.webp) - -Select the radio button for the desired option: - -- Enable – Enables users' operation options -- Disable – Disables users' operation options - -# Disable/Enable Users - -Use the Disable/Enable Users page to enable or disable target users. - -![Active Directory Action Module Wizard Disable/Enable Users page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/disableenableusers.webp) - -Select the radio button for the desired option: - -- Disable – Select this radio button to disable users' operation options -- Enable – Select this radio button to enable users' operation options - -# Group Details - -Use Groups Details page to edit selected group attributes. - -![Active Directory Action Module Wizard Group Details page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/groupdetails.webp) - -Highlight the attribute to edit. Add or delete attributes using the buttons to the right of Insert -field. - -**NOTE:** The options at the bottom of the page vary based on the highlighted attribute. - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the Value box. -- Add Attribute – Adds a custom attribute to the Computer Details attribute list -- Remove Attribute – Removes a selected attribute from the action -- Edit Attribute – Click this icon to change the name of the selected custom attribute -- Import Attribute – Opens the Import Custom Attributes Import Wizard where current attributes for - an object is viewed and can be imported for editing. See the - [Custom Attribute Import Wizard](#custom-attribute-import-wizard) topic for additional - information. -- Value/Name – This field derives its name from selections made on the page. It can contain - selections from the Insert field or you can click the ellipsis (…) to access the Select User, - Contact, or Group window, via which you can populate this field. - -Select the checkboxes next to the group details attributes to enable them for editing when running -the action. - -## Custom Attribute Import Wizard - -The Custom Attributes Import Wizard is used to import a list of custom attributes. Follow the steps -to use the Custom Attributes Import Wizard. - -**Step 1 –** On the Group Details page of the Active Directory Action Module Wizard, click -**Import**. The Custom Attribute Import Wizard opens. - -![Custom Attributes Import Wizard Credentials page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/credentials.webp) - -**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting -one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in -which the Enterprise Auditor Console server resides. Then set the credentials for reading the -attributes list from the domain: - -- Authenticate as the logged in user – Applies the user account running Enterprise Auditor -- Use the following credentials to authenticate – Applies the account supplied in the **User Name** - and **Password** fields. - -**Step 3 –** Click **Next**. - -![Custom Attributes Import Wizard Attributes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/attributesgroup.webp) - -**Step 4 –** The wizard populates available attributes from the domain specified on the Attributes -page. Expand the desired object class and select the checkboxes for the custom attributes to be -imported. Then click **Next**. - -![Custom Attributes Import Wizard Completion page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/completionpage.webp) - -**Step 5 –** On the Completion page, click **Finish**. On the Completion page, click **Finish**. - -The selected attributes have been added to the attribute list on the Group Details page. - -# Group Membership - -Use the Groups Membership page to add or remove group members. Values from the source table can also -be used to specify if the object will be added or removed. - -![Active Directory Action Module Wizard Group Membership page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp) - -Use the following options to configure the action: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the selected box. -- Select one of the following: - - - Target Group by OU - - Target Group by NT Style Name - -- OU – The organizational unit that contains the group. This field is required. - - - Create target OU location if it does not already exist – Select this checkbox to create the - target OU. - -- Group (CN, not a pre-Windows 2000 name) – The group to create. This field is required. - - - Create target Group if it does not already exist - -- Select one of the following: - - - Add members - - Remove members - - Add/Remove members – Enables the ChangeType Column drop down list - -- ChangeType Column – The value to use from the source table to specify if the object is added or - removed. The contents of the ChangeType column should be a 0 for Add or a 1 for Remove. - -# Move Objects - -Use the Move Objects page to specify the OU in which to move objects. - -![Active Directory Action Module Wizard Move Objects page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/moveobject.webp) - -Use the following options to configure the action: - -- Insert Field – Contains available values from populated from the source table -- OU – Use the drop-down list to select a field (column) from the source table. Then, click the blue - arrow to insert the item into the OU box. - - - Create target OU location if it does not already exist – Select this checkbox to create the - target OU - -# Set/Reset Users Password - -Use the Set/Reset Users Password page to set or reset user passwords with the specified value. - -![Active Directory Action Module Wizard Set/Reset Users Password page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/setresetpassword.webp) - -Use the following options to configure the action: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the Password box. -- Password – The field with the passwords to set or reset. This field is required. - - - User must change password at next logon – Select this checkbox to require the user to change - the password at the next logon - -# Clear/Set SID History - -Use the Clear/Set SID History page to overwrite or append to the SID history for targeted objects. -Please review the restrictions for this operation in the Notes box. - -The source table used for this operation must contain a column with the following information: - -- SID History data - -![Active Directory Action Module Wizard Clear/Set SID History page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/sidhistory.webp) - -Configure the action with the following options: - -- Overwrite – Overwrites the SID History -- Append – Adds to the SID History -- Clear – Clears the SID History -- Insert Field – This drop-down list is enabled when the Overwrite or Append radio buttons are - selected. Use the drop-down list to select a field (column) from the source table. Then, click the - blue arrow to insert the item into the SID History box. The SID history is overwritten with the - selected fields or appended to with the selected fields depending on the selected radio button. -- SID History – This box is enabled by selecting the Overwrite or Append radio buttons. The SID - history is overwritten or appended to with the inserted fields, depending on the selected radio - button. Populate the SID History box using either of the following methods: - - - Select one or more fields at the Insert Field drop-down menu - - Click the **ellipsis (…)** to access the Select Users or Groups window to populate this field - -- Reference link – Accesses a Microsoft web page called Using DsAddSidHistory containing important - information on SID history - -# Users Details - -Use the Users Details page to edit user attributes. - -![Active Directory Action Module Wizard Users Details page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/usersdetails.webp) - -Highlight the attribute to edit. The highlighted user attribute in the Selections pane determines -the configuration options available at the bottom of the page. - -Select the checkboxes next to the user details attributes to enable them for editing when running -the action. - -# Active Directory Action Options - -The Options page provides the option to select to use the default domain or specific a domain to -use. - -![Active Directory Action Module Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -Use the following options to configure the action: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the **Specify domain (controller) to use** box. -- Use default domain (controller) – Use the default domain controller for the action -- Specify domain (controller) to use – Click the ellipsis to open the Browse for Domain window and - select a domain for the action - -# Active Directory Action Module - -Use the Active Directory Action Module to make bulk changes to objects in Microsoft Active Directory -(AD) such as deleting users or changing group memberships. It is available with a special Enterprise -Auditor license. - -**CAUTION:** Be careful when using this action module. Make sure that only the changes required are -applied and only to those target systems desired. Actions perform their functions on all rows in a -table. - -Enterprise Auditor action modules contain one or more selectable operations. Each operation performs -its function on a single object per row from the source table defined in the action. - -## Source Table Configuration - -Individual action modules, including the Active Directory Action Module, may have their own -requirements for the type of data contained in the columns in the source table. To take action on an -Active Directory object, group, user, or computer, the source table columns must contain values that -uniquely identify each Active Directory object referenced. Active Directory objects correspond to -rows in a Enterprise Auditor source table. Active Directory object attributes correspond to columns. -Once the source table has been scoped, use the Target page to specify the field that identifies the -target objects along with the field type to indicate the type of data contained in the field. - -The Operations page lists the operations that may be performed by the Active Directory Action -Module. Each operation may have its own source table column requirements as follows: - -| Operation | Requirements | -| ----------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Clear/Set SID History | Column containing SID History information | -| Computer Details | No specific columns required | -| Disable/Enable Computers | No specific columns required | -| Create Groups | No specific columns required | -| Create Users | Column containing the user logon name **_RECOMMENDED:_** It is recommended that the source table has columns containing the following information: - First Name - Last name - Initials - Full name - Password - OU in which to create the user (This can also be created on the Create Users page) | -| Delete Objects (Users, Groups, Computers, etc.) | No specific columns required | -| Disable/Enable Users | No specific columns required | -| Group Details | No specific columns required | -| Group Membership | Column containing the target group OU or the target group NT style name | -| Groups Remove All Members | No specific columns required | -| Move Objects | Column containing an OU (Alternatively, type in the OU or click the ellipsis (…) to select an OU) | -| Set/Reset Users Password | No specific columns required | -| Unlock Users | No specific columns required | -| User Details | No specific columns required | - -## Configuration - -The Active Directory Action module is configured through the Active Directory Action Module Wizard, -which contains the following wizard pages: - -- Welcome -- [Active Directory Action Target](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Active Directory Action Operations](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Active Directory Action Options](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) -- [Active Directory Action Summary](/docs/accessanalyzer/11.6/analysis-and-actions/actions/active-directory.md) - -The Welcome page displays first in the Active Directory Action Module Wizard. Review the -introductory and caution information about the Active Directory Action Module. - -![Active Directory Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The navigation pane contains links to the pages in the wizard. Note that the operations added on the -Operations page will affect the list of pages in the navigation pane. Several operations have -associated configuration pages. - -# Active Directory Action Summary - -The Summary page displays a summary of the configured settings for the action. - -![Active Directory Action Module Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Action Module Wizard to ensure that no accidental -clicks are saved. - -# Active Directory Action Target - -Use the Target (Identification Criteria) page to select one or more fields (columns) in the -Enterprise Auditor source table that uniquely identifies the target Active Directory objects upon -which to perform the action. This process enables Enterprise Auditor to locate those objects within -Active Directory. Added fields are displayed in the textbox. - -![Active Directory Action Module Wizard Target page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/target.webp) - -Use the following options to configure the action: - -- Add – Adds the selected field and field type to the Selections pane -- Delete – Removes the highlighted operation from the Selection pane -- Field – The name of the column in the Enterprise Auditor source table. Select the field that - uniquely identifies the target AD objects (represented by rows in the Enterprise Auditor table). - The drop-down list displays the fields from the source data table specified on the Action - Properties page. The list excludes any default fields such as HOSTSTATUS, on which actions cannot - be performed. -- Field Type – The type of data contained in the specified field. Enterprise Auditor must know the - data type of the field selected above. Otherwise, errors may appear upon execution of the action - and report results may be incomplete. The drop-down list contains the following field types: - - - Distinguished Name or DN - - GUID - - SID - - WindowsID - - E-Mail - - Employee (employeeID) - -**NOTE:** While one field is usually sufficient to identify AD objects, if specifying multiple -fields, each field type can only be used once. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md b/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md deleted file mode 100644 index d7d5ece6e0..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md +++ /dev/null @@ -1,586 +0,0 @@ -# File System Action: Action - -On the Action page, select the type of action to be configured, define a new action, and additional -capabilities. - -![File System Action Module Wizard Action page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/action.webp) - -The following options are available: - -- Define a new action – Enables the Operation page where operations are selected on which the action - is based -- Rollback a previously executed action – Enables the Prior Actions page where lists of previously - executed actions and rollback actions can be selected. Not all operations support rollback. Enable - the Support Rollback option prior to execution for the action in order to perform a rollback. -- Remove the applet service from a host – If an executed action installs an applet service on a host - from a Enterprise Auditor Console, it remains installed after the action is completed for other - Enterprise Auditor consoles to perform actions using the same applet service. This setting removes - the action’s applet service from that host. - -# File System Action: Applet Settings - -Use the Applet Settings page to specify the machines on which to execute the selected operation. - -![File System Action Module Wizard Applet Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettings.webp) - -Specify how the operations will be executed: - -- Automatic – Get host data from the Host Management -- Local Enterprise Auditor server -- Specific remote server: - - - Fields – Use the drop-down list to select a field (column) from the source table, then click - the blue arrow to insert the item into the **Remote server** field - - Environment Variables – Select an item from the drop-down list, then click the blue arrow to - insert the item into the **Remote Server** field - - Remote Server – Enter the path to the server - - Click the **ellipsis (…)** to browse for server - - Click the **tick** icon to show a preview of the path - - Click the **Help** icon for additional information - -- Preview – Shows what the compound path specified will be resolved in to. The text here is used to - initialize the path specification selection dialog. -- Specific remote servers – Click the **ellipsis (…)** to browse for servers - - - Click **Add** to add the server - - Click **Remove** to remove the server - -- Fall back to the local Enterprise Auditor server if an applet cannot start – Check to enable this - option - -# File System Action: Destination - -The Destination page is available only if the following operations are selected: - -- Copy -- Move -- Rename - -Define the destination location of the files that will be copied, moved, or renamed by building the -destination path using the Fields and Environment Variables options as needed. - -![File System Action Module Wizard Destination page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/destination.webp) - -Use the fields provided to select destination items and hosts from the drop-down lists and populate -the Destination field, or edit the field manually. The Preview field updates based on the contents -of the Destination field. - -- Fields – Use the drop-down list to select a field (column) from the source table, then click the - blue arrow to insert the item into the **Destination** field -- Environment Variables – Select an item from the drop-down list, then click the blue arrow to - insert the item into the **Destination** field -- Target Items – Enter the path to the target file or folder - - - Click the **ellipsis (…)** to browse for pattern path specification - - Click the **tick** icon to show a preview of the specified path - - Click the **Help** icon for additional information - -- Host – Select the field that identifies the systems or manually type the host destination -- Use path type – Choose from the following options: - - - Local – Uses the local path - - UNC – Uses the UNC path - -- Preview – Shows what the compound path specified will be resolved in to. The text here is used to - initialize the file specification selection dialog. - -# File System Action: Environment - -The Environment (Environment Variables) page is available only if the selected operation requires -the selection of a sample host. - -Use this page to select and connect to a sample host, via which a set of remote environment -variables for use in scoping the action are loaded. Then, on the Target page, use the environment -variables to build dynamic file path locations for the selected operation. - -**NOTE:** The environment variables from the local system load by default. - -![File System Action Module Wizard Environment page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/environment.webp) - -The connection status displays next to the Host field. To browse for another host, click the -ellipsis (**…**) to open the Browse for Computer window. Once a host name appears in the field, -click the check mark button to attempt to connect to the selected host. - -# File System Action: Operation - -The Operation page is available when **Define a new action** is selected on the Action page. On the -Operation page, define the action by selecting an operation from the drop-down list. - -![File System Action Module Wizard Operation page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/operation.webp) - -At the Available Operations drop-down selection list, choose the operation for the action to -perform. The selection determines which pages are available in the wizard. The following operations -are available: - -- Change attributes -- Change permissions and Auditing -- Change permission inheritance -- Change Share permissions -- Copy -- Delete -- Launch Remote Process -- Move -- Remove permissions -- Remove Share permissions -- Rename -- Add tags -- Remove tags -- Change Owner - -# File System Action: Options - -The Options page provides access to additional options for the action. Based on the selection on the -Operation page and other choices made within the wizard, not all options on this page may be -available. - -![File System Action Module Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -Select from the following additional operations: - -- Delete locked files on reboot – Files that are locked can be queued to be deleted at the next - system start up -- Overwrite existing files – Files in the destination location are overwritten. This action cannot - be undone. -- Terminate associated process – Files that are locked cannot be actively moved, renamed or deleted - without stopping the associated process. If selected, this may cause an interruption to any users - of that target system and service. -- Create shortcuts to the moved files in the source directory – A shortcut will be created in the - source directory that points to the new location of a moved file -- Preserve file access – Copy the file ACL from the source directory to the destination to preserve - file access. Child objects, with inherited permissions or broken inheritance, targeted by copy or - move actions retain their permissions. Parent folders with inherited permissions are changed to - explicit. -- Enable SACL modification – Request system security access when opening files in order to make SACL - changes -- Retry failed rows – Enter the following information: - - - Number of times to retry - - Do not retry error codes – Rows of data with error codes listed within this textbox are - excluded from the action performed. Common errors are included for certain actions, and may be - customized to add or remove error codes. See the Microsoft - [System Error Codes](https://docs.microsoft.com/en-us/windows/desktop/Debug/system-error-codes) - article for additional information. - - Delay between retries - -- Enable batching – (For big data sets) Enabling batching breaks the data set into batches so the - action does not attempt to execute all lines at once. Actions performed on tables with a large - number of input rows may fail due to network failure, and it is difficult to determine the actions - that were executed before the failure. - - - Batch size – Specify the batch size. - -Start Process - -Select the desired start process. - -**CAUTION:** Due to system security limitations, some applications and programs cannot be restarted -or run remotely using this option. Additionally, starting interactive processes (such as Word, -Excel, and so on) will load them into memory, but may not make them available for interaction by the -end user. - -Use the fields provided to select target items and hosts from the drop-down lists and populate the -Set working directory field, or edit the field manually. The Preview field updates based on the -contents of the Set working directory field. - -# File System Action Module - -The File System Action Module allows Enterprise Auditor Administrators to automate the process of -remediating and modifying Windows file system attributes and properties. The File System Action -Module provides options for changing attributes and permissions, as well as copying, deleting, -moving, and renaming file system contents. It is available with a special Enterprise Auditor -license. - -**CAUTION:** Be careful when using this Action Module. Make sure that only the changes required are -applied and only to those target systems desired. Actions perform their functions on all rows in a -table. - -Enterprise Auditor action modules contain one or more selectable operations. Each operation performs -its function on a single object per row from the source table defined in the action. - -## Permissions - -The File System Action Module requires a Enterprise Auditor connection profile and privileged access -to file system devices. The Enterprise Auditor connection profile may be configured to have a Task -account type. The following are the least privileged access model required for Share Permission -Changes: - -- Windows – User credential must be member of Power Users group -- NetApp Data ONTAP 7-Mode Device – User credential must be member of Power Users group -- NetApp Data ONTAP Cluster-Mode Device – User credential must have role on SVM that has permission - to modify share permissions - - **NOTE:** Enter the following syntax to create role: - - ``` - ‑security login role create ‑role [DESIRED_ROLE_NAME] ‑cmddirname “vserver cifs share access-control” ‑vserver [VSERVER_NAME] ‑access all - ``` - - Replace the `[DESIRED_ROLE_NAME]` and `[VSERVER_NAME]` variables with the required information. - For example: - - ``` - ‑security login role create ‑role netwrix ‑cmddirname “vserver cifs share access-control” ‑vserver testserver ‑access all - ``` - -## Applet Deployment - -The File System Action Module deploys an applet the first time an action is executed. Applets are -installed within the Enterprise Auditor Installation Directory if the `%SAInstallDir%` environment -is present. Otherwise, applets are deployed to `C:\Program Files (x86)\STEALTHbits\StealthAUDIT`. - -## Source Table Configuration - -Individual action modules, including File System Action Module, may have their own column -requirements. To take action on a file system resource, the source table must contain a column with -values to uniquely identify it. File System resources correspond to rows in a Enterprise Auditor -table. File System attributes correspond to columns. Once the source table has been scoped, use the -Target page to specify the field that identifies the target attribute along with any environmental -variables. - -These columns are required to use the File System Action Module. Otherwise, errors may occur upon -execution of the action and with analysis and reports downstream. - -| Required Columns | Description | -| ---------------- | ---------------------------------------------------------------------------------------------------------------------------- | -| rowGUID | Identifies each data row as unique. The datatype in the table is uniqueidentifier (GUID). | -| RowKey | Identifies each data row as unique. Sometimes the value is a GUID, but the datatype in the table is a varchar (text string). | - -_Remember,_ the individual File System actions may have their own column requirements in addition to -the above. These columns are made available through the File System Action Module wizard. - -The Operations page lists the operations that may be performed by the File System Action Module. -Each operation has its own source table column requirements as follows: - -| Operation | Column requirements | -| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | -| Change attributes | Columns containing: - Object to change attributes for - UNC path or local path (files or folders) | -| Change permissions and Auditing | Columns containing: - Object to change permissions for - UNC path or local path - (Optional) Permission values to change (files or folders) | -| Change permission inheritance | Columns containing: - Object to change permission inheritance for - UNC path or local path (files or folders) | -| Change Share permissions | Columns containing: - Share to change permissions for - UNC path or local path (shares) | -| Copy | Columns containing: - Object to copy - Location to copy the object to - UNC path or local path | -| Delete | Columns containing: - Object to delete - UNC Path or local path | -| Launch Remote Process | No specific columns required | -| Move | Columns containing: - Object to move - Location to move the object to - UNC path or local path | -| Remove permissions | Columns containing: - Object to remove permissions for - UNC path or local path (files or folders) | -| Remove Share permissions | Columns containing: - Object to remove Share permissions for - UNC path or local path (shares) | -| Rename | Columns containing: - Object to rename - New name of the object - UNC path or local path | -| Add tags | Columns containing: - Object to add tags to - UNC path or local path (files) | -| Remove tags | Columns containing: - Object to remove tags from - UNC path or local path (files) | -| Change Owner | Columns containing: - Object to change ownership for - UNC path or local path (folders) | - -## Configuration - -The File System Action module is configured through the File System Action Module Wizard, which -contains the following wizard pages: - -**NOTE:** Depending on the selections on the various pages, not all pages may be accessible. - -- Welcome -- [File System Action: Action](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [File System Action: Operation](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [File System Action: Prior Actions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [File System Action: Environment](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [File System Action: Target](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [File System Action: Parameters](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [File System Action: Destination](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [File System Action: Rollback](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [File System Action: Options](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [File System Action: Applet Settings](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [File System Action: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) - -The Welcome page displays first and gives an overview of the action module. The navigation pane -contains links to the pages in the wizard, which may change based on the Action selected on the -Action page. - -![File System Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. - -# File System Action: Parameters - -The Parameters page is available for some of the selections on the Operation page. The list of -operations below provides access to the operation-specific versions of the Parameters page for this -wizard. Click on an operation to view its associated Parameters page. - -- [Change Attributes](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [Change Permissions and Auditing](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [Change Permission Inheritance](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [Change Share Permissions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [Remove File Permissions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [Remove Share Permissions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [Add Tags](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [Remove Tags](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) -- [Change Owner](/docs/accessanalyzer/11.6/analysis-and-actions/actions/file-system.md) - -![File System Action Module Wizard Change File Attributes Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/changeattributes.webp) - -The Navigation pane will list this as the Parameters page, but the title for each version indicates -the type of parameter to be configured. - -# Add Tags - -Use the Parameters page to specify the file tags the action adds. - -![File System Action Module Wizard Add Tags Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/addtags.webp) - -Use the fields provided to select tags from the drop-down lists and populate the Tag field, or edit -the field manually. The Preview field updates based on the contents of the Tag field. - -- Add Mode: - - - Append to existing tags - Adds new tags to the existing list of tags - - Overwrite existing tags - Removes all existing tags before adding newly configured tags - -**NOTE:** If choosing the option to overwrite tags, the action module will clear out both normal -tags and Boldon James tags and then proceed to apply the tags configured for overwrite. If choosing -the option to remove all tags, the action module will clear out both normal tags and Boldon James -tags. - -- Fields – Use the drop-down list to select a field (column) from the source table, then click the - blue arrow to insert the item into the **Tag** field -- Environment Variables – Select an item from the drop-down list, then click the blue arrow to - insert the item into the **Tag** field -- Preview – Shows what the compound path specified will be resolved in to -- Click **Add** to add the tag field to the list -- Click **Remove** to remove the tag field from the list - -![Boldon James Column on Add Tags Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/addremovetagsboldonjames.webp) - -- Type - Select which type of tag to add. The two types of tags that can be added are: - - - Regular - Configure new tag as a regular tag - - Boldon James - Configure new tag as a Boldon James tag - - **NOTE:** The Boldon James column indicates whether a file tag is a regular tag or a Boldon - James tag. Regular tags will be identified with **0**. Boldon James tags will be identified - with **1**. - -A list of supported file types appears at the bottom of the page. - -# Change Attributes - -Use the Change File Attributes Parameters page to change the attribute for one or more of the target -systems or data. - -![File System Action Module Wizard Change File Attributes Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/changeattributes.webp) - -Select from the following options: - -- Read-only – Set the file / folder to read only -- Archive – Archive the file / folder -- System – Stop / start a system process -- Hidden – Set the file / folder to hidden -- Compress – Compress the file / folder -- Encrypt – Encrypt the file / folder - -Attribute change options are: - -- Set – Applies the attribute -- Clear – Removes the attribute -- Leave intact – Leaves the attribute unchanged - -# Change Owner - -Use the Change Owner Parameters page to select a trustee to be the new owner. - -![File System Action Module Wizard Change Owner Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changeowner.webp) - -Use the options to enter the trustees: - -- Insert field – Use the drop-down list to select a field (column) from the source table, then click - the blue arrow -- Alternatively click **Select** to select a user or group object -- Replace owner on all child objects – Check to enable - -# Change Permission Inheritance - -Use the Change Permission Inheritance Parameters page to specify how to change inherited -permissions. - -![File System Action Module Wizard Change Permissions Inheritance Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changepermissionsinheritance.webp) - -Select the desired options for adding or removing inheritance. - -# Change Permissions and Auditing - -Use the Change Permissions and Auditing Parameters page to specify the permissions and auditing -settings the action changes. - -![File System Action Module Wizard Change Permissions and Auditing Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changepermissionsauditing.webp) - -Use the following options to enter the Permissions: - -- Insert field – Use the drop-down list to select a field (column) from the source table, then click - the blue arrow -- Group or user names: - - - Click **Add** to select a user or group object - - Click **Remove** to remove a user or group object - - Dynamic – Uses the host id to retrieve the applicable permissions - -In the table, select from the following options: - -- Permission – Permissions for the selected user or group object -- Action – Modify the attribute for the selected permission -- Action Apply To – Select the files or folders to apply the action to. -- Audit – Report the status of the change to the attribute -- Audit Apply To - Select the files or folders to report the status on - -Select from the following options (Multiple options can be selected): - -- Overwrite existing file explicit permissions (target object only) -- Replace permission entries on all child objects -- Apply these permissions to objects within the target container only - -# Change Share Permissions - -Use the Change Share Permissions Parameters page to specify the permission status for what group or -users are to be changed. - -![File System Action Module Wizard Change Share Permissions Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changesharepermissions.webp) - -Select the desired options for changing the permissions control of the selected group or users. - -# Remove File Permissions - -Use the Remove File Permissions Parameters page to specify whose file permissions the action -removes. - -![File System Action Module Wizard Remove File Permissions Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/removefilepermissions.webp) - -Use the options to enter the Permissions: - -- Insert field – Use the drop-down list to select a field (column) from the source table, then click - the blue arrow -- Group or user names: -- Click **Add** to select a user or group object -- Click **Remove** to remove a user or group object - -Specify how to change inherited permissions Select from the following options: - -- Copy others – Make them explicit -- Remove others – Remove all -- Leave all intact – Delete explicit permissions only - -# Remove Share Permissions - -Use the Remove Share Permissions Parameters page to specify whose share permissions the action -removes. - -![File System Action Module Wizard Remove Share Permissions Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/removesharepermissions.webp) - -Use the options to enter the Permissions: - -- Insert field – Use the drop-down list to select a field (column) from the source table, then click - the blue arrow -- Group or user names: - - - Click **Add** to select a user or group object - - Click **Remove** to remove a user or group object - -# Remove Tags - -Use the Parameter page to specify the file tags the action removes. - -![File System Action Module Wizard Remove Tags Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/removetags.webp) - -Use the fields provided to select tags from the drop-down lists and populate the Tag field, or edit -the field manually. The Preview field updates based on the contents of the Tag field. - -- Remove Mode: - - - Remove specified tags - Remove specified tags from the existing list of tags - - Remove all tags - Remove all existing tags - -**NOTE:** If choosing the option to overwrite tags, the action module will clear out both normal -tags and Boldon James tags and then proceed to apply the tags configured for overwrite. If choosing -the option to remove all tags, the action module will clear out both normal tags and Boldon James -tags. - -- Fields – Use the drop-down list to select a field (column) from the source table, then click the - blue arrow to insert the item into the **Tag** field -- Environment Variables – Select an item from the drop-down list, then click the blue arrow to - insert the item into the **Tag** field -- Preview – Shows what the compound path specified will be resolved in to -- Click **Add** to add the tag field to the list for removal -- Click **Remove** to remove the tag field from the list for removal - -![Boldon James Column on Remove Tags Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/addremovetagsboldonjames.webp) - -- Type - Select which type of tag to remove. The two types of tags that can be removed are: - - - Regular - Specify a regular tag for removal - - Boldon James - Specify a Boldon James tag for removal - - **NOTE:** The Boldon James column indicates whether a file tag is a regular tag or a Boldon - James tag. Regular tags will be identified with **0**. Boldon James tags will be identified - with **1**. - -A list of supported file types appears at the bottom of the page. - -# File System Action: Prior Actions - -The Prior Actions page is available when **Rollback a previously executed action** is selected on -the Action page . - -![File System Action Module Wizard Prior Actions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/prioractions.webp) - -Any previously executed actions appear in the table. - -# File System Action: Rollback - -Use the Rollback page to apply rollback support to the action. This option provides the ability to -undo failed actions and reapply the original action settings when the action continues from where it -left off. - -**NOTE:** Not all actions support Rollback. - -![File System Action Module Wizard Rollback page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/rollback.webp) - -Use the following options: - -- Support rollback – Check to enable rollback of this action -- Add comments to be saved with this rollback – Enter a brief description to identify this rollback - -# File System Action: Summary - -The Summary page displays a summary of the configured action. - -![File System Action Module Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the File System Action Module Wizard to ensure that no accidental clicks -are saved. - -# File System Action: Target - -Use the Target page to point the action module towards a file path on the specified host. -Environmental variables (for example, Program Files, SystemRoot, SAInstallDir, and so on) can be -used when creating a path as well as fields in the raw table output to populate the **Target items** -field. - -![File System Action Module Wizard Target page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/search/query/target.webp) - -Use the fields provided to select target items and hosts from the drop-down lists and populate the -Target items field, or edit the field manually. The Preview field updates based on the contents of -the Target items field. - -- Fields – Use the drop-down list to select a field (column) from the source table, then click the - blue arrow to insert the item into the **Target items** field -- Environment Variables – Select an item from the drop-down list, then click the blue arrow to - insert the item into the Target items field -- Target items – Enter the path to the target file or folder - - - Click the **ellipsis (…)** to browse for pattern path specification - - Click the **tick** icon to show a preview of the specified path - - Click the **Help** icon for additional information - -- Host – Select the field that identifies the systems or manually type the host to take action - against -- Use path type – Choose from the following options: - - - Local – Uses the local path - - UNC – Uses the UNC path - -- Preview – Shows what the compound path specified will be resolved in to. The text here is used to - initialize the file specification selection dialog. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md b/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md deleted file mode 100644 index 26b16545d0..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md +++ /dev/null @@ -1,668 +0,0 @@ -# Mailbox: Affected Mailboxes - -Use the Affected Mailboxes page to select the mailboxes to target for the action. It is a wizard -page for the following operations: - -- Add/Change Permissions -- Remove Permissions -- Add Delegates, Remove Delegates -- Remove Stale SIDs - -![New Mailbox Action Wizard Affected Mailboxes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/affectedmailboxes.webp) - -Select mailboxes to process using the following options: - -- Users found in the following column – Select this option to identify users via a data table column - - - Use the drop-down menu to select a data table column containing either the Mailbox display - name or email address - - Select a data type for the selected field using the following options: - - - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data - types: - - - Legacy Exchange DN - - Display Name - - - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active - Directory Data Collector with the following data types: - - - User DN - - Account Name - - SID - - SMTP Email Address - -- The list of users – Identifies users in one of the following ways: - - - Click **Select** to choose from the global address list (GAL) - - Manually enter a user name and click **Add**. Repeat for additional users. - - To restore anonymous permissions to folders, enter `anonymous` and click **Add** - - To remove a user, select it and click **Remove** - -# Mailbox: Criteria Selection - -Use the Criteria Selection page to choose search criteria saved in a previous Exchange Mailbox Data -Collector query or define new criteria. It is a wizard page for the Delete Mailbox Contents -operation. - -![New Mailbox Action Wizard Criteria Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/criteriaselection.webp) - -Choose whether to use existing Mailbox Search criteria or determine new criteria: - -- Use the following criteria specified in the task – Applies a predetermined search criteria - - - Use the dropdown menu to select existing Mailbox search criteria (if any) - - Select the checkbox to modify Content Conditions of existing search criteria - -- Define a new criteria – Proceed while establishing new criteria - -# Mailbox: Delegate Rights - -Use the Delegate Rights page to specify folder permissions for the selected delegates. A permission -level can be specified for each folder on the page. It is a wizard page for the Add Delegates -operation. - -![New Mailbox Action Wizard Delegate Rights page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/delegaterights.webp) - -Set delegate rights using the following options: - -- The following delegate rights can be chosen to access each mailbox folder: - - - None - - Reviewer - - Contributor - - Nonediting Author - - Author - - Editor - - Publishing Author - - Publishing Editor - - Owner - -- Select a right from the drop-down menu of any desired mailbox folder, including: - - - Calendar - - **NOTE:** If Editor or a higher rights level is selected, the **Delegate receives copies of - meeting-related messages sent to me** option is enabled for selection. - - - Tasks - - Inbox - - Contacts - - Notes - - Journal - -- Propagate permissions to child folders – Select the checkbox to Propagate permissions to the child - folders of the selected folders -- Delegate can see my private items – Select the checkbox to allow a delegate to access your - personal items of the selected folders - -# Mailbox: Folder Conditions - -Use the Folder Conditions page to customize folder search filter conditions. It is a wizard page for -the **No, the query results do not contain a mailbox identification** column option on the Folder -Identification page. - -![New Mailbox Action Wizard Folder Conditions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) - -Customize folder search conditions using the following options: - -- Select conditions – Select the checkbox next to any of the following filter conditions to apply - them to the search and add them to the Edit conditions box. Folder Conditions include: - - - With specific folder type - - With search terms in the folder name - - With specific folder(s) to include/exclude - -- Edit conditions – Any selected conditions populate here. To modify filter conditions, click the - underlined portion of the condition, which opens a corresponding window. - -## Folder Type Window - -Use the Folder Type window to select which folder types to run the action against. The Folder Type -window opens if **specific** in **with specific folder type** is selected in the Edit Conditions -box. . - -![Folder Type Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) - -Select the checkbox next to any desired folder type to include it in the search criteria, including: - -- Calendar -- Contact -- Journal -- Mail -- Notes -- Task -- Reminder -- RSS Feed - -## Search Terms Window - -Use the Search Terms window to select terms contained in folder names to run the action against.The -Search Terms window opens if **search terms** is selected in the Edit Conditions box. - -![Search Terms Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Edit the search terms using the following options: - -- To add a term to the search, enter the desired term into the upper text box and click **Add** -- To remove a term from the search, select a term in the lower text box and click **Remove** -- Click **Clear** to clear all terms from the lower box -- Select a qualifier option: - - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing one or - more of the search terms - -- Click **Import CSV** to open a file explorer and select a CSV file to import - -## Folder Inclusion/Exclusion Window - -Use the Folder Inclusion/Exclusion window to select individual folders to add to or remove from the -action. The Folder Inclusion/Exclusion window opens if **specific** in **with specific folder(s) to -include/exclude** is selected in the Edit Conditions box. - -![Folder Inclusion/Exclusion Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindow.webp) - -Include/Exclude folders using the following options: - -- Click **Add** to populate a field to add a folder path - - ![New field added on Folder Inclusion/Exclusion window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindownew.webp) - -- Click the ellipsis (**…**) or enter the path to the desired folder in the text box -- Scope auto-populates with **This folder**. Click **This folder** to reveal a drop-down menu to - select from the following scope options: - - - This folder - - This folder and subfolders - - Subfolders only - -- The Remove button becomes enabled once a folder is added to either section. To remove a folder - from the scope, select it and click **Remove**. - -# Mailbox: Folder Identification - -Use the Folder Identification page to specify folders to target. It is a wizard page for the Delete -Mailbox Contents operation. - -![New Mailbox Action Wizard Folder Identification page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderidentification.webp) - -Select whether the query results contain a mailbox identification column using the following -options: - -- Yes, the query results contain a mailbox folder identification column - - - Select the mailbox identification column using the drop-down menu - - Folder Identifier Type – Choose which mailbox identifier the selected column uses: - - - Folder Path and Name – Select this option if the specified field contains a fully - qualified path - - Entry ID – Select this option if the selected field is an EntryID that is a unique - identifier for a folder - -- No, the query results do not contain a mailbox folder identification column – Selecting this - enables the Folder Conditions page, used to identify specific folders to target. See the - [Mailbox: Folder Conditions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) - topic for additional information. - -# Mailbox: Mailbox Identification - -The Mailbox Identification page specifies the mailboxes the action targets. It is a wizard page for -the Delete Mailbox Contents operation. - -Depending on the data in the source table, users must specify a data table column containing either -the Mailbox display name or email address. - -![New Mailbox Action Wizard Mailbox Identification page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/identification.webp) - -Select which mailboxes to target using the following options: - -- Users found in the following column – Select this option to identify users via a data table column - - - Use the drop-down menu to select a data table column containing either the Mailbox display - name or email address - - Select a data type for the selected field using the following options: - - - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data - types: - - - Legacy Exchange DN - - Display Name - - - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active - Directory Data Collector with the following data types: - - - User DN - - Account Name - - SID - - SMTP Email Address - -- The list of users – Identifies users in one of the following ways: - - - Click **Select** to choose from the global address list (GAL) - - Manually enter a user name and click **Add**. Repeat for additional users. - - To restore anonymous permissions to folders, enter `anonymous` and click **Add** - - To remove a user, select it and click **Remove** - -# Mailbox: Message Actions - -Use the Message Actions page to specify the action to take with the messages that meet the search -criteria. It is a wizard page for the **Delete Mailbox Contents** operation. - -![New Mailbox Action Wizard Message Actions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageactions.webp) - -To select a message action, use the following options: - -- Select an action – Select the checkbox next to a message action to apply it to the search. The - selected action displays in the Edit Actions box. Possible actions include: - - - Delete – Items can be recovered via the Deleted Contents table (folder dumpster) - - Permanent Delete – Items are not recoverable - - Move to Deleted Items folder - - Delete Attachment (Append Text Options) – Deletes attachment and adds **Append Text Options** - to the Edit Conditions box - - Delete Body Text (Append Text Options) – Deletes body text and adds **Append Text Options** to - the Edit Conditions box - -- Edit conditions – Any selected conditions populate here - - - To edit a filter condition, click the underlined portion of the condition to open the - corresponding window - -## Options Window - -Use the Options window to add an appended text. The Options window opens if **Append Text Options** -is selected in the Edit Conditions box. - -![Options Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/optionswindow.webp) - -To append text to the attachment or body, select the checkbox to enable editing and enter the -desired text to append in the textbox. - -# Mailbox: Message Conditions - -Use the Message Conditions page to customize message search filter conditions. It is a wizard page -for the Delete Mailbox Contents operation. - -![New Mailbox Action Wizard Mailbox Message Conditions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) - -Customize the folder search conditions using the following options: - -- Message Category – Use the drop-down menu to select a message category - - **NOTE:** Each selection may populate various conditions in the Select Conditions section. - -- Select conditions – Select the checkbox next to any desired filter conditions to apply them to the - search. The selected conditions then show in the Edit conditions box. Message Conditions include: - - - with specific message classes - - that is created in specific date - - with search terms in the subject - - with search terms in the body - - with search terms in the subject or body - - with search terms in the message header - - with search terms in the recipient’s address - - with search terms in the sender’s address - - that has an attachment - - that is received in specific date - - with specific message ID - - that occurs in specific date - -- Edit conditions – Any selected conditions populate here - - - To edit filter conditions, click the underlined portion of the condition. This opens a - corresponding window to configure the condition, with the exception of **has attachment(s)**. - - - Clicking **has attachment(s)** changes it to **has no attachment(s** and vice versa - -## MessageClasses Window - -Use the MessageClasses window to select a message class to apply to the scope of the action. The -MessageClasses window opens if **specific** in **with specific message classes** is selected in the -Edit Conditions box. - -![MessageClasses Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageclasseswindow.webp) - -Modify message classes using the following options: - -- Click **Add** to populate a field to add a message class - - ![New class added in MessageClasses Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageclasseswindownew.webp) - -- Click the ellipsis (**…**) or enter the path to the desired folder in the text box -- Matching Strategy auto-populates with **Exact Match**. Click **Exact Match** to reveal a drop-down - menu to select from the following scope options: - - - Exact Match - - Starts With - - Contains - -- To remove a message class, select it and click **Remove** -- Click **Import CSV** to open a file explorer and select a CSV file to import - -## Data Range Selection Window - -Use the Date Range Selection window to determine a time period to scope. The Date Range Selection -window opens if **in specific date** in either the **that is created in specific date** or **that is -received in specific date** conditions is selected in the Edit condition box. - -![Data Range Selection Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/datarangeselectionwindow.webp) - -To specify a date range, use the following options: - -- Select one of the following qualifier options: - - - Over - - Last - - Before - - After - - Between - -- Configure the date range using the textbox or drop-down menus for the selected option - -## Search Terms Window - -Use the Search Terms window to select terms in messages to run the action against. The Search Terms -window opens if **search terms** in any condition is selected in the Edit Conditions box. - -![Search Terms Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Edit the search terms using the following options: - -- To add a term to the search, enter the desired term into the upper text box and click **Add** -- To remove a term from the search, select a term in the lower text box and click **Remove** -- Click **Clear** to clear all terms from the lower box -- Specify a qualifier option: - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing any one or - more of the search terms -- Click **Import CSV** to open a file explorer and select a CSV file to import - -## Values Window - -Use the Values window to add or remove values to or from the search. The Values window opens if -**specific** in **with specific Message ID** is selected in the Edit Conditions box. - -![Values Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/valueswindow.webp) - -- To add a term to the search, enter the desired term into the upper text box and click **Add** -- To remove a term from the search, select a term in the lower text box and click **Remove** -- Click **Clear** to clear all terms from the lower box -- Click **Import CSV** to open a file explorer and select a CSV file to import - -# Mailbox: Operations - -Use the Operations page to specify the operation to be performed as part of the action. - -![New Mailbox Action Wizard Operations page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) - -Select from the following operations: - -- Delete Mailbox Contents -- Add/Change Permissions -- Remove Permissions -- Add Delegates -- Remove Delegates -- Remove Stale SIDS - -**NOTE:** The Operation selected alters the subsequent steps displayed by the wizard. - -# Mailbox Action Module - -The Mailbox action module allows you to perform bulk operations on Microsoft Exchange mailboxes, for -example deleting mailbox content and modifying permissions and delegates. - -**CAUTION:** This action module can add, change, or remove permissions and delegates from an -environment. Always verify the data and target mailboxes prior to executing any action. - -## Mailbox Action Source Table Configuration - -All data tables used in Enterprise Auditor action modules require the presence of certain data -columns. In addition, individual action modules including Mailbox may have their own column -requirements. The Mailbox action module requires a column containing mailbox names. - -## Configuration - -Use the New Mailbox Action Wizard to target mailboxes or folders and to define the operation to -perform against the selected objects. The wizard has the following pages: - -- Welcome -- [Mailbox: Operations](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Criteria Selection](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Sampling Host](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Mailbox Identification](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Folder Identification](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Folder Conditions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Message Conditions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Message Actions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Permissions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Affected Mailboxes](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Trusted Users](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Delegate Rights](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) -- [Mailbox: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/actions/mailbox.md) - -The Welcome page gives an overview of the action module. The steps navigation pane contains links to -the pages in the wizard, which change based on the operation selected on the Operations page. - -![New Mailbox Action Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. - -# Mailbox: Permissions - -Use the Permissions page to determine which permissions to remove. It is a wizard page for the -**Add/Change Permissions** and **Remove Permissions** operations. - -![New Mailbox Action Wizard Permissions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp) - -Use the following options to add, change or remove Permissions: - -- User – Specifies user permissions to add or change. To select different users, click the - down-arrow to display the User window. See the [User Window](#user-window) topic for additional - information. -- Folder – Specifies the folder for which to change permissions. Click the down-arrow to display the - Folder window. See the [Folder Window](#folder-window) topic for additional information. -- Permission – Selects a permission to assign. Click the down-arrow to display the Permission - window. See the [Permission Window](#permission-window) topic for additional information. -- Propagate permissions to child folders – Propagates permissions to the child folders of the - selected folders -- Once User, Folder, and Permission are selected, click **Add** to add them to the summary of the - action to be taken -- To remove an added Permission, select it in the panel and click **Remove** - -## User Window - -Use the User window to select a user. The User window opens when the **User** down-arrow is selected -on the Permissions page. - -![User Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/userwindow.webp) - -Select a user using the following options: - -- Users found in the following column – Select this option to identify users via a data table column - - - Use the drop-down menu to select a data table column containing either the Mailbox display - name or email address - - Select a data type for the selected field using the following options: - - - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data - types: - - - Legacy Exchange DN - - Display Name - - - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active - Directory Data Collector with the following data types: - - - User DN - - Account Name - - SID - - SMTP Email Address - -- The list of users – Identifies users in one of the following ways: - - - Click **Select** to choose from the global address list (GAL) - - Manually enter a user name and click **Add**. Repeat for additional users. - - To restore anonymous permissions to folders, enter `anonymous` and click **Add** - - To remove a user, select it and click **Remove** - -## Folder Window - -Use the Folder window to select folders. The Folder window opens when the **Folder** down-arrow is -selected on the Permissions page. - -![Folder Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderwindow.webp) - -Select a folder using the following options: - -- Folder names in the following column – Select from folder names present in the column - - - Click the down arrow and select either the folder path or the Entry ID column for that folder - - Select the appropriate folder identifier type: - - - Folder Path - - Entry ID - -- The list of folders – Select one of the default folders - - - Select a folder from the drop-down menu and click **Add** - - To remove a folder, select it and click **Remove** - -## Permission Window - -Use the Permission window to specify permissions. The Permission window opens when the -**Permission** down-arrow is selected on the Permissions page. - -![Permission Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissionwindow.webp) - -Specify permissions using the following options: - -- Permissions Level – Each permission level has a set of default selections. If a setting is - changed, the Permissions Level field changes to **Custom**. Permission levels are associated with - the different permissions available for assignment through Outlook. Options include: - - - None - - Contributor - - Reviewer - - Nonediting Author - - Author - - Publishing Author - - Editor - - Publishing Editor - - Owner - -- Read – Choose the read permissions from the following: - - - None - - Full Details - -- Write – Select any desired write permissions from the following: - - - Create Items - - Create subfolders - - Edit Own - - Edit all - -- Delete Items – Choose delete permissions from the following: - - - None - - Own - - All - -- Other – Select any other permissions to apply from the following: - - - Folder owner – User has all permissions for the folder - - Folder Contact – User receives automated messages about the folder such as replication - conflict messages, requests from users for additional permissions, and other changes to folder - status - - Folder visible – User can see the folder but cannot read or edit the items within - -- To add anonymous permissions, choose **None** - - - To re-add Anonymous to the folder but not assign any access, select a permission level to - assign - -# Mailbox: Sampling Host - -Use the Sampling Host page to specify the Exchange server to target. It is a wizard page for all -operation types. - -![New Mailbox Action Wizard Sampling Host page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/samplinghost.webp) - -Select an Exchange server to target using the following options: - -- Select the **Use Global Setting** checkbox to query the global Exchange setting -- Use the radio buttons to select a specific host -- System Attendant (2003 & 2007) – Audits Microsoft Exchange 2007 or older versions -- Use the mailbox associated with the Windows account that Enterprise Auditor is run with – Uses - either the account logged into the Enterprise Auditor Console server or the account set to run the - Enterprise Auditor application to access the Exchange mailbox -- Exchange Mailbox (2010 and newer) – Allows Exhange Mailbox Alias to be specified for MAPI - connections - - - When Exchange Mailbox (2010 and newer) is selected, the textbox is enabled. Enter the Alias - name in the textbox. The Alias needs to be an Exchange 2010 or newer mailbox, not a - mail-enabled service account. However, this mailbox does not need rights on the Exchange - Organization; it only needs to reside within it. - - Client Access Server – Enter the name of the physical CAS in the textbox. This server can be - part of an array, but do enter the name of a CAS Array. This should also be the Exchange CAS - where both Remote PowerShell and Windows Authentication on the PowerShell Virtual Directory - have been enabled. - -# Mailbox: Summary - -The Summary page summarizes the configuration of the action. - -![New Mailbox Action Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes and exit, or **Cancel** to exit with saving. - -# Mailbox: Trusted Users - -Use the Trusted Users page to select delegates to add. Users can be added individually or from a -server with a mailbox environment. It is a wizard page for the following operations: - -- Add Delegates -- Remove Delegates - -![New Mailbox Action Wizard Trusted Users page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/trustedusers.webp) - -Select Trusted User delegates using the following options: - -- Users found in the following column – Select this option to identify users via a data table column - - - Use the drop-down menu to select a data table column containing either the Mailbox display - name or email address - - Select a data type for the selected field using the following options: - - - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data - types: - - - Legacy Exchange DN - - Display Name - - - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active - Directory Data Collector with the following data types: - - - User DN - - Account Name - - SID - - SMTP Email Address - -- The list of users – Identifies users in one of the following ways: - - - Click **Select** to choose from the global address list (GAL) - - Manually enter a user name and click **Add**. Repeat for additional users. - - To restore anonymous permissions to folders, enter `anonymous` and click **Add** - - To remove a user, select it and click **Remove** - -The following additional options are available for the Remove Delegates operation: - -- Remove Permissions for Delegate – Remove Mailbox permissions in addition to removing delegate - rights -- Remove Permissions from Child Folders – Removes permissions from child folders - - **NOTE:** This option is only enabled if the **Remove Permissions for Delegate** option is - selected. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/actions/powershell.md b/docs/accessanalyzer/11.6/analysis-and-actions/actions/powershell.md deleted file mode 100644 index 766fc31fcc..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/actions/powershell.md +++ /dev/null @@ -1,141 +0,0 @@ -# PowerShell Action: Execution Options - -Specify the execution options for the PowerShell script using the Execution Options page. - -![PowerShell Action Module Wizard Execution Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/executionoptions.webp) - -The options on the Execution Options page are: - -- Execute script locally on the Enterprise Auditor server – Enable this to execute the PowerShell - script on the Enterprise Auditor server - - - Use the same PowerShell session for each row – Select to enable using the same PowerShell - session to run multiple rows - -- Execute script remotely on a target server – Enable this to execute the PowerShell script on a - remote target server - - - Use the **Remote host** dropdown to select the database column that will be used as the target - server name or type in a network host name - - Select the **Fall back to the local Enterprise Auditor server if the remote execution fails** - option to use the Enterprise Auditor server if remote execution fails - -- Use impersonation within server executable – Select this option to use impersonation when - executing the PowerShell script - -# PowerShell Action Module - -The PowerShell action module provides methods of running PowerShell scripts on the local machine or -on remote hosts. Define PowerShell scripting actions using the PowerShell Action Module Wizard. - -**CAUTION:** Ensure that only the changes required are applied and only to those target systems -desired. - -Enterprise Auditor action modules contain one or more selectable operations. Each operation performs -its function on a single object per row from the source table defined in the action. - -## Configuration - -The PowerShell action module is configured through the PowerShell Action Module Wizard, which -contains the following wizard pages: - -- Welcome -- [PowerShell Action: Script](/docs/accessanalyzer/11.6/analysis-and-actions/actions/powershell.md) -- [PowerShell Action: Execution Options](/docs/accessanalyzer/11.6/analysis-and-actions/actions/powershell.md) -- [PowerShell Action: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/actions/powershell.md) - -The Welcome page displays first and gives an overview of the action module. The navigation pane -contains links to the pages in the wizard. - -![PowerShell Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. - -# PowerShell Action: Script - -The Script page enables you to input the PowerShell script that will be used to perform the -requested action. Built-in variables are available for use in the script. - -![PowerShell Action Module Wizard Script page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/script.webp) - -The PowerShell script can be entered manually into the Script window at the top of the Script page. -To open a pre-existing PowerShell script from a file, click **Open** to select the script file. - -At the bottom of the page are three tabs that can be used to configure the PowerShell action module -further. The tabs are: - -- [Columns](#columns) -- [Parameters](#parameters) -- [Input Data](#input-data) - -## Columns - -Use the Columns tab to select the available columns. - -![Columns tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptcolumns.webp) - -The table in the Columns tab displays the Columns that can be used for the PowerShell script. To use -a Column, select the checkbox under the **Use** column. - -![Right-click menu](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptrightclickoption.webp) - -Right-clicking any of the variable names brings up a **Copy variable name** option that enables -users to paste the variable name into the PowerShell script. - -## Parameters - -The Parameters tab contains options to add, edit, or delete user-made PowerShell parameters. - -![Parameters tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptparamters.webp) - -The options are: - -- Add – Clicking **Add** opens the Add/Edit Variable window. See the - [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. -- Edit – Select an existing parameter and click **Edit** to open the Add/Edit Variable window. See - the [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. - - - Double-clicking an existing parameter also opens the **Add/Edit Variable** window - -- Delete – Delete a selected parameter - -**NOTE:** The built-in default parameters cannot be edited or deleted. - -### Add/Edit Variable Window - -Configure options for a new or existing parameter using the Add/Edit Variable window. - -![Add/Edit Variable Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/addeditvariable.webp) - -The options are: - -- Name – Enter or edit the name for the custom parameter -- Description – Enter or edit the description for the custom parameter -- Type – Select the Type from a dropdown list. The options are: - - - String - - List - - Filepath - - Boolean - - Long - - Double - -- Value – Enter or edit the value for the custom parameter - -## Input Data - -Preview how the input data will look in the Input Data tab. - -![Input Data tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptinputdata.webp) - -Information in the Input Data tab varies depending on which source table the PowerShell action -module is configured to pull data from. - -# PowerShell Action: Summary - -View a summary of configured options on the Summary page. - -![PowerShell Action Module Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save changes and exit the PowerShell Action Module Wizard. Click **Cancel** to -exit the wizard without saving. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md b/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md deleted file mode 100644 index fd487d8131..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md +++ /dev/null @@ -1,320 +0,0 @@ -# Public Folder: Action - -The Action page specifies the basic action to perform on public folders. The pages available for -selection in the Steps pane adjust based on this selection. - -**NOTE:** Once an action is selected and saved, and the wizard is closed, this page is no longer -available and the selection cannot be altered. - -![Public Folder Action Module Wizard Action page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/action.webp) - -Choose from the following actions: - -- Define a new action – Enables the Operation page where the operation on which the action is based - is selected -- Rollback a previously executed action – Enables the Prior Actions page where a list of previously - executed actions is displayed and a selected action may be rolled back. Not all operations support - rollback, and the Support Rollback option must be enabled prior to execution for the action to be - eligible for rollback. - -# Public Folder: Folders - -The Folders page identifies which public folders are targeted by this action. - -![Public Folder Action Module Wizard Folders page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/folders.webp) - -The options on this page are: - -- Public folder identifier – Select a field using the dropdown menu - - - Field – Column names - - **NOTE:** The displayed fields vary depending on the Source Table selected during the - creation of the new action - -- Folder identifier type – Select a folder type option - - - Entry ID – Select this option if the field contains an Entry ID - - Folder path and name – Select this option if the field contains a fully qualified path and - name - -# Public Folder: MAPI Settings - -Use the MAPI Settings page to specify the proper MAPI settings. - -![Public Folder Action Module Wizard MAPI Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/mapisettings.webp) - -Use the following options to configure the action: - -- Use Global setting – The default setting in the Exchange Global Settings displays -- System Attendant (2003 & 2007) -- Use the mailbox associated with the Windows account on which Enterprise Auditor is run -- Exchange Mailbox (2010 and newer) – If targeting a 2010 Exchange Server, specify the CAS server. - This is also where the MAPI setting is selected. - - - Client Access Server – Enter the Domain Name in this field - -# Public Folder: Operations - -Use the Operations page to specify the operations to perform as part of the action. - -![Public Folder Action Module Wizard Operations page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) - -The **Add operation** drop-down menu lists the operations that can be performed. Each operation -opens a corresponding window. Operations include: - -- Rename – See the [Rename Folder Window](#rename-folder-window) topic for additional information -- Change permissions – See the [Change Permissions Window](#change-permissions-window) topic for - additional information -- Custom attributes – See the [Custom Attributes Window](#custom-attributes-window) topic for - additional information -- Replicas – See the [Replicas Window](#replicas-window) topic for additional information -- Limits – See the [Limits Window](#limits-window) topic for additional information -- Delete – See the [Delete Folder Window](#delete-folder-window) topic for additional information - -The buttons to the right of the drop-down control the operations in the field: - -- Edit – Allows you to alter operation settings -- Add – Places selected operation one step above its current position -- Down – Places selected operation one step below its current position -- Delete – Removes a selected operation - -## Rename Folder Window - -Use the Rename Folder window to rename selected folders. It is a wizard page for the Rename -operation. - -![Rename Folder Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/renamefolder.webp) - -Rename folders using the following options: - -- Select a field from the dropdown menu and click **Add** to add it to the list below - - **NOTE:** The available fields vary based on the source table. - -- New name – Enter the name to replace an existing folder name - -## Change Permissions Window - -Use the Change Permissions window to change the permissions. It is a wizard page for the Change -permissions operation. - -![Change Permissions Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/changepermissions.webp) - -Change permissions using the following options: - -- Username – Select a user or create a list of users to edit permissions for - - - To add a user, type in the field to search for a user, select it, and click **Add** - - Click **Select** to open a list with usernames to select from - - To delete a user, select an added user and click **Delete** - -- Dynamic users – Select a user using the dropdown menu -- Mode – Select whether to change or remove permissions -- Permissions – Determine Permission level and assign permissions to the user - - - Permission level – Use the drop-down menu to select a permission level from the following: - - - Reviewer - - Contributor - - Nonediting Author - - Author - - Editor - - Publishing Author - - Publishing Editor - - Owner - - Custom - - - Select the checkbox to assign a permission to any of the following: - - - Create items – User can create items - - Read items – User can read items - - Create Subfolders – User can create subfolders - - Folder owner – User can view and move the public folder, create subfolders, and set - permissions for the folder, but cannot read, edit, delete, or create items - - Folder contact – Set user as the contact for the specified public folder - - Folder visible – User can view the specified public folder but cannot read or edit the - items within - - **NOTE:** Different permissions become automatically selected based on which permission - level is selected. To override this default, select the checkbox of the unwanted permission - to deselect it. If a desired checkbox is blocked by a black square, click the square to - unblock the checkbox. The checkbox can then be selected or unselected. - - - Edit items – Use the drop-down menu to determine user editing permissions from the following: - - - No change - - None - - Allow own - - Deny any - - Own only - - All - - - Delete items – Use the drop-down menu to determine user deletion permissions from the - following: - - - No change - - None - - Allow own - - Deny any - - Own only - - All - -- Overwrite folder permissions with these conditions -- Remove unresolved SIDs - -## Custom Attributes Window - -Use the Custom Attributes window to select custom attributes. It is a wizard page for the Custom -Attributes operation. - -![Custom Attributes Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributes.webp) - -Select attributes using the following options: - -- Select a checkbox to set any custom attribute list -- Select a Field from the dropdown list and click **Add** to add the field to the custom attribute - - **NOTE:** Multiple fields may be added to a custom attribute. Fields added to a custom attribute - can be modified or deleted manually. - -## Replicas Window - -Use the Replicas window to replicate servers. It is a wizard page for the Replicas operation. - -![Replicas Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/replicas.webp) - -Replicate servers using the following options: - -- Select a server from the dropdown menu and click **Add**. The servers listed will be replicated. -- Select a server from the list and click **Delete** to remove it from the list of replicated - servers -- Select the **Remove last replica** option to delete the replica created when the action was last - run - -## Limits Window - -Use the Limits window to select limits to the action. It is a wizard page for the Limits operation. - -![Limits Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/limits.webp) - -Use the options to select any changes for the categories. If applicable, use the dropdown to select -desired values related to the corresponding option. - -- Issue warning -- Prohibit post -- Maximum Item Size -- Deletion settings -- Age limits - -## Delete Folder Window - -Use the Delete Folder window to select deletion settings for the action. It is a wizard page for the -Delete operation. - -![Delete Folder Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/deletefolder.webp) - -Select deletion settings using the following options: - -- Select the delete method - - - Soft – Delete the folder but retain a backup copy for a defined period of time - - Hard – Delete the folder permanently, without retaining a backup - -- Optionally, select a checkbox to apply any exception - - - Do not delete folders with subfolders - - Do not delete folders with content - -# Public Folder: Options - -Use the Options page to edit the thread settings. - -**CAUTION:** Increasing the thread count increases the processing load on the servers. - -![Public Folder Action Module Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -Use the following options to configure the operations: - -- Number of threads per server – Adjust the number of threads the server processes at a time. The - default is set to one. -- Number of servers to process in parallel – Adjust the number of servers to process at a time. The - default is set to two. - -# PublicFolder Action Module - -The Public Folder action module allows users to make bulk changes to selected Microsoft Exchange -public folders by adding, changing, or removing folders and permissions from the environment. Use -the Pubic Folder Action Module Wizard to choose the data table column that identifies the folders -and to configure the operations performed against the selected folders. - -Prior to configuring the Pubic Folder Action Module Wizard, scope the source data table to ensure -the actions apply only to the desired folders. - -**CAUTION:** Be careful when using this action module. Make sure that only the changes required are -applied and only to those target folders desired. Always verify the data prior to execution of any -action. - -**_RECOMMENDED:_** Although rollbacks for some actions are available, having to use one should be -avoided - -## Configuration - -The Public Folder action module is configured through the Public Folder Action Module Wizard, which -contains the following wizard pages: - -- Welcome -- [Public Folder: Action](/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md) -- [Public Folder: Prior Actions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md) -- [Public Folder: Folders](/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md) -- [Public Folder: MAPI Settings](/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md) -- [Public Folder: Operations](/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md) -- [Public Folder: Rollback](/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md) -- [Public Folder: Options](/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md) -- [Public Folder: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/actions/public-folder.md) - -The Welcome page gives an overview of the action module. The navigation pane contains links to the -pages in the wizard. Review the introductory and caution information about the Public Folder Action -Module before proceeding. - -![Public Folder Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. - -# Public Folder: Prior Actions - -The Prior Actions page selects previously executed actions for rollback. It is a wizard page when -**Rollback a previously executed action** is selected on the Action page. - -**NOTE:** Once an action is selected and saved, and the wizard is closed, this page is no longer -available and the selection cannot be altered. - -![Public Folder Action Module Wizard Prior Actions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/prioractions.webp) - -The options on this page are: - -- Select a previously executed action (if available) to rollback -- Click **Clear rollback record** to remove all actions from the list - -# Public Folder: Rollback - -Use the Rollback page to enable rollback capabilities for the action. If rollback isn’t selected at -this step, the applied operations cannot be rolled back after execution of the action module. - -![Public Folder Action Module Wizard Rollback page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/rollback.webp) - -The options on this page are: - -- Support rollback – Select to enable rollback of this action -- Add additional comments to be saved with this rollback – Optionally, enter a brief description to - identify this rollback - -# Public Folder: Summary - -The Summary page summarizes the configuration of the action. - -![Public Folder Action Module Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Public Folder Action Module Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/actions/registry.md b/docs/accessanalyzer/11.6/analysis-and-actions/actions/registry.md deleted file mode 100644 index def7e41c52..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/actions/registry.md +++ /dev/null @@ -1,199 +0,0 @@ -# Registry: Operations - -Use the Operations page to select the operations to apply to the target hosts. See the -[Registry: Target Hosts](/docs/accessanalyzer/11.6/analysis-and-actions/actions/registry.md) topic -for additional information. - -![Registry Action Module Wizard Operations page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) - -Select and configure the operations using the following options: - -- Add operation – Use the drop-down menu to select an operation to perform on the target host. This - opens a corresponding window for configuration. Operations include: - - **NOTE:** Window options vary based on the operation selected from the drop-down menu. - - - New Registry Value – Used to add a new registry value to the list - - Modify registry value – Used to modify an existing registry value in the list - - Delete registry value – Used to delete an existing registry value - - New registry key – Used to add a new registry key to the list - - Rename registry key – Used to rename a registry key in the list - - Delete registry key – Used to delete a registry key from the list - - Change registry permissions – Used to alter registry permissions - -- Edit – Accesses the editing window for the selected operation -- Up – Moves the selected operation up in the list -- Down – Moves the selected operation up in the list -- Delete – Deletes the selected operation - -## Registry Browser Window - -Use the Registry Browser window to navigate a computer’s registry and select a key. - -![Registry Browser Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/registrybrowser.webp) - -Select a key using the following options: - -- Computer name – By default, the Registry browser connects to the local machine - - - If the desired registry item is on the local machine, browse the registry, and select the item - - To connect to the registry of another machine: - - - Enter the hostname in the **Computer name** textbox - - Click **Connect**, then browse the registry of that machine - - Select the desired registry item - -- Connect – Attempts to connect to the registry of the machine specified in the **Computer name** - field -- 64-bit view – The default view is 32-bit. Select the **64-bit view** checkbox to switch to a - 64-bit view. - -## Select Users or Groups Window - -Use the Select Users or Groups window to select a user, group, or built-in security principal. - -![Select Users or Groups Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/selectusersgroups.webp) - -The options are: - -- Select this object type – Displays types that are queried against - - - Click **Object Types** to open the Object Types window and select the types to query against. - See the [Object Types Window](#object-types-window) topic for additional information. - -- From this location – Displays the location the intended objects are found - - - Click **Locations** to open the Locations window and set the location to be queried. See the - [Locations Window](#locations-window) topic for additional information. - -- Enter the object names to select – Select names of objects to query - - - Click **Check Names** to confirm the selected manually-entered object name is viable - -- Advanced – Click **Advanced** to open an advanced version of the Select Users and Groups Window - and further configure the query. See the - [Advanced Select Users and Groups Window](#advanced-select-users-and-groups-window) topic for - additional information. - -### Object Types Window - -Use the Object Types window to select which types of objects to query. - -![Object Types Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/objecttypes.webp) - -Select any of the following objects: - -- Built-in security principals -- Groups -- Users - -### Locations Window - -Use the Locations window to select a location. - -![Locations Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/locations.webp) - -Select a location using the explorer. - -### Advanced Select Users and Groups Window - -Use the Advanced Select Users and Groups window to search for items with a finer focus. - -![Advanced Select Users and Groups Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/advancedselectusersgroups.webp) - -This window contains the same options as the main Select Users or Groups window, but with the -following additional options: - -- Common Queries - - - Name – Select a name of a user, group, or security principal to search for - - - Select a qualifier from the dropdown - - - Starts with - - Is exactly - - - Manually enter the name - -- Columns – Click **Columns** to open the Choose Columns window. See the - [Choose Columns Window](#choose-columns-window) topic for additional information. -- Find now – Click **Find Now** to search for objects matching the selected criteria -- Stop – While a search is running , the **Stop** button is available. Click **Stop** to halt the - search before it is completed. -- Search Results – Displays results from a search - -#### Choose Columns Window - -Use this window to select columns. The columns available varies based on the source table originally -selected. - -![Choose Columns Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/choosecolumns.webp) - -Choose columns using the following options: - -- To add an available column, select it in **Columns available** and click **Add** to place it in - **Columns shown** -- To remove a column, select it in **Columns shown** and click **Remove** to place it in **Columns - available** - -# Registry Action Module - -The Registry action module allows users to make bulk changes to the Microsoft Windows Registry. Use -the Registry Action Module Wizard to choose the data table column that identifies the folders and to -configure the operations performed against the selected folders. The Registry action module requires -a column containing the hosts to be targeted. - -Prior to configuring the Registry Action Module Wizard, scope the source data table to ensure the -actions apply only to the desired hosts. - -**CAUTION:** Unexpected values in the registry can cause major system failures when deleting or -modifying registry items. - -**_RECOMMENDED:_** Backup the system registry before making changes using the Registry action -module. - -## Registry Action Source Table Configuration - -All data tables used in Enterprise Auditor action modules require the presence of certain data -columns. In addition, individual action modules including Registry may have their own column -requirements. The Registry action module requires a column containing the hosts that are going to be -targeted. - -## Configuration - -The Registry action module is configured through the Registry Action Module Wizard, which contains -the following wizard pages: - -- Welcome -- [Registry: Target Hosts](/docs/accessanalyzer/11.6/analysis-and-actions/actions/registry.md) -- [Registry: Operations](/docs/accessanalyzer/11.6/analysis-and-actions/actions/registry.md) -- [Registry: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/actions/registry.md) - -The Welcome page gives an overview of the Registry Action Module Wizard. The steps navigation pane -contains links to the pages in the wizard. Review the introductory and caution information about the -Registry Action Module before proceeding. - -![Registry Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -To proceed, click Next or use the Steps navigation pane to open another page in the wizard. - -# Registry: Summary - -The Summary page summarizes the configuration of the action. - -![Registry Action Module Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -When done configuring the action, click **Finish**. If no changes were made, it is a best practice -to click **Cancel** to close the Registry Action Module Wizard to ensure that no accidental clicks -are saved. - -# Registry: Target Hosts - -Use the Target Hosts page to identify the target hosts whose registries the action examines or -alters. - -![Registry Action Module Wizard Target hosts page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/targethosts.webp) - -Use the drop-down menu to select the field that identifies the systems to be targeted. The list -displays columns from the specified source table. The action applies the specified operations to all -systems in the field. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/actions/send-mail.md b/docs/accessanalyzer/11.6/analysis-and-actions/actions/send-mail.md deleted file mode 100644 index 485ce42021..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/actions/send-mail.md +++ /dev/null @@ -1,193 +0,0 @@ -# SendMail Action: Message - -Use the Message page to specify the text of the email. - -![Send Mail Action Module Wizard Message page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/message.webp) - -Use the following fields to specify the text of the email: - -- Subject – Specify a subject for the email. The contents of this field displays as the subject line - of the delivered email. Enter text directly and optionally use the Insert field to insert one or - more data fields. This is a required field. -- Insert Field – Inserts a data field into the subject or body of the email. The drop-down menu - displays a list of available fields. Once a selection displays in the field, click on the blue Up - and Down arrows to insert the field into the body or the subject, respectively. This field is - optional. -- Show sample input source data – To display a table of sample source data, click the icon next to - the blue arrows. -- Show dialog to set SMTP options – To override the global SMTP settings, click the icon next to the - blue arrows to display the SMTP Options dialog box -- Preview – Displays the Message Preview window containing a preview of the current SendMail. Click - **Send** to send a single message to the addresses in the Recipient field in the Message Preview - window. The Preview button is active only if the Recipients field is populated on the Properties - page of the Send Mail Action Module Wizard. See the - [Messages Preview Window](#messages-preview-window) topic for additional information. -- Clear Template – Clears any content from the Subject and Text Entry box -- Load from template – Accesses a list of message templates. This field is optional. The following - templates are available: - - - Active Directory Cleanup - - Distribution List Cleanup - - Mailbox Cleanup - - Open Shares Lockdown - - Public Folder Cleanup - - Sensitive Group Review - - Shared Folder Cleanup - - Unauthorized Software Cleanup - -- Message templates include sample email text describing the reason for the message and the next - steps requested of, or required by, the user. They may also include dynamic content taken from the - specified table, for example the user name. - - - Save to template – Saves the current email subject and content to a template. If an existing - template name appears in the Load from template field, clicking this button updates that - template. If the Load from template field is empty or contains a name other than one of the - existing templates, clicking this button opens the Save SendMail Template window and saves the - changes to a new template. Templates reside locally on the host computer as XML files, in the - `Actions/SM_Templates` folder. - -## Text Entry Box - -The Text Entry box allows you to compose a message. A Microsoft Word-style editor provides -formatting options including the ability to insert dynamic text from the specified table (such as a -username) through the Insert field option. Use the editor to personalize the content and appearance -of each message. - -Example: - -Assume the source table includes a column containing the names of intended recipients. Place the -cursor in the greeting section of the email. Next, select that field from the Insert field drop-down -list and click the down arrow to insert a dynamic field. The column name appears in the Text Entry -box, enclosed by brackets: - -Dear [ProbableOwner]; - -You are approaching your Mailbox storage quota. Please clean up any unneeded items. - -Thank you, - -The Messaging Team - -## Messages Preview Window - -The Messages Preview window displays a preview of the email, including any dynamic fields. This -window displays after clicking the **Preview** button. - -![Messages preview window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/messagespreview.webp) - -- Blue arrow buttons – Click to view other recipients -- Send – Sends a single message to the addresses in the Recipients field - -# SendMail Action Module - -Use this action module to send dynamic and static content from selected audit data to targeted -audiences. - -The SendMail Action Module has multiple uses, for example: - -- Send notifications of important IT initiatives or planned service outages -- In combination with other Enterprise Auditor action modules such as Survey, create an end-to-end - workflow to contact clients and solicit feedback for use in the decision-making process - -**CAUTION:** This module sends one or more electronic messages to a selected audience. Prior to -executing the action, ensure the audience consists of only the desired members. - -## Source Table Configuration - -All data tables used in Enterprise Auditor action modules require the presence of certain data -columns. In addition, individual action modules including SendMail may have their own column -requirements. The SendMail Action Module requires a column containing well-formatted email addresses -(for example, `hfinn@netwrix.com`) for your recipients. - -## Configuration - -The SendMail Action module is configured through the SendMail Action Module Wizard, which contains -the following wizard pages: - -- Welcome -- [SendMail Action: Properties](/docs/accessanalyzer/11.6/analysis-and-actions/actions/send-mail.md) -- [SendMail Action: Message](/docs/accessanalyzer/11.6/analysis-and-actions/actions/send-mail.md) -- [SendMail Action: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/actions/send-mail.md) - -The Welcome page displays first and gives an overview of the action module. The navigation pane -contains links to the pages in the wizard. - -![Send Mail Action Module Wizard Welcome page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overview.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. - -# SendMail Action: Properties - -Use the Properties page to specify the recipients of the email. - -![Send Mail Action Module Wizard Properties page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/properties.webp) - -Use the following fields to specify the recipient information: - -- Recipient column – Use the drop-down menu to specify the column from the data table containing - intended recipients, for example a column containing email addresses -- Recipient type – Use the drop-down menu to specify the data type of the Recipient column, for - example SMTP mail address -- Carbon copy (CC) – Optionally, specify one or more additional email addresses to receive a - carbon-copy of the SendMail message, for example an address not included in the source table. - - - Use the following email address – Enter one or more additional email addresses. Separate - multiple addresses with a semi-colon and a space. - - Use a column from the table – Use the drop-down menu to specify a column from the data table - -- Combine multiple messages into a single message when all recipients are the same – Select this - checkbox to send only one message to each recipient as a result of this action (even recipients - who appear more than once in the job results) - -# SendMail Action: Summary - -The Summary page displays the SendMail configuration. - -![Send Mail Action Module Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Send Mail Action Module Wizard to ensure that no accidental clicks are -saved. - -To view the status of executed SendMail actions, see the -[Viewing the Status of SendMail Actions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/send-mail.md) -for additional information. - -# Viewing the Status of SendMail Actions - -Follow the steps to view the status of an executed SendMail action: - -![Analysis Properties page for SendMail View Status Analysis task](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusanalysisproperties.webp) - -**Step 1 –** Create a new SQLViewCreation analysis and choose **Configure Analysis**. The View and -Table Creation Analysis Module wizard opens. - -![Input Source wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusinputsource.webp) - -**Step 2 –** On the Input Source page, choose the original source table for the SendMail action as -the first table and `tablename_ActionStatus` as the second table. For example, if the source table -is `MailEnabledPF`, then select `MailEnabledPF_ActionStatus` as the second table. - -![Join Columns wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusjoincolumns.webp) - -**Step 3 –** For **Table 1 join property**, specify the column recipient of the SendMail action. For -example, if sent to SMTP address, specify **SMTPaddress** as the column. For **Table 2 join -property**, select **srcRowKey**. Leave everything else at the default settings. - -![Result Columns wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusresultcolumns.webp) - -**Step 4 –** On the Results Columns page, select the columns to return from each table. Leave all -other settings at their default. - -![Result Type wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusresulttype.webp) - -**Step 5 –** On the Result Type page, leave it as a table and provide a descriptive name, for -example `SendMailStatus`. - -![Results Sample wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusresultsample.webp) - -**Step 6 –** Click through the rest of the options. On the Result Sample page, click **Show -Preview** to display the columns selected within the Columns page. Click **Summary** to navigate to -the Summary page and click **Finish** to exit the wizard. - -This analysis now reports the status of the SendMail action. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/actions/service-now.md b/docs/accessanalyzer/11.6/analysis-and-actions/actions/service-now.md deleted file mode 100644 index 3b0f03f9da..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/actions/service-now.md +++ /dev/null @@ -1,175 +0,0 @@ -# ServiceNow Action: Authentication - -The Authentication page implements signing into a ServiceNow account. - -A ServiceNow account must be set up and configured to determine which incidents will be visible on -the Incident Creation page. - -![ServiceNow Action Module wizard Authentication page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/authentication.webp) - -Use the following options to log into a ServiceNow account: - -- Select the **Use global ServiceNow credentials** to access the ServiceNow credentials entered into - the Enterprise Auditor console’s global setting -- To break inheritance, deselect the checkbox and enter information into the following fields: - - - Instance – Domain name for the ServiceNow account - - User Name/Password – Specify the credentials to access the ServiceNow account - -**NOTE:** ServiceNow accounts must have an administrator role to modify incidents on the -configuration page. - -# ServiceNow Action: Description - -The Description page provides details on the incidents entered into a field on the Incident Creation -page. A description of the incident and related comments are included with the incident’s report to -provide additional feedback to the system administrator, and may be saved to a template. - -![ServiceNow Action Module wizard Description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/description.webp) - -Create a report using the following options: - -- Short Description – Displays entered words or phrases used to summarize the incident -- Insert Field – Use the drop-down menu to select a field (column) from the source table - - - Click the **blue down arrow** to insert the item into the Short Description section - - Click the **blue up arrow** to insert the item in to the Comments section - - Click the file icon with the magnifying glass to preview the sourced table for values. The - default is 1000 rows. - - ![Sample Source Data window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/samplesourcedata.webp) - -- Click the **Clear Template** button to remove content from the Short Description section and - Comments section -- Comments – Displays entered information that may be helpful to resolve an incident -- Load from Template – Displays preconfigured Short Description and Comments section by name of - template - - - Click the **Save to Template** link to preserve the Short Description and Comments sections - for later use under a template name. - - ![Save ServiceNow Template window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/savetemplate.webp) - - Enter a name for the template, and click **OK**. - -# ServiceNow Action: Incident Creation - -The Incident Creation page is available once the ServiceNow credentials are approved. Incidents on -this page belong to two fields: Mandatory and Optional. The type of field and its incidents are -chosen within ServiceNow’s configuration page. Selecting a field and entering a value will include -the incident within ServiceNow’s incident report. - -![ServiceNow Action Module wizard New Incident page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/incidentcreation.webp) - -At the New Incident field list section, enter the fields for which incident to include on -ServiceNow’s incident report. The ServiceNow account entered on the Authentication page determines -which incidents are available within the fields on the Incidents Creation page and are adjusted in -ServiceNow. - -Fields with a drop-down menu have a set of preconfigured options to select. Fields with ellipsis -choose members from a preconfigured list. - -# ServiceNow Action Module - -The ServiceNow Action Module is primarily intended to allow for the automated creation of ServiceNow -incidents from data collected by the Netwrix suite of data security tools. By facilitating -communication between tools like Enterprise Auditor and ServiceNow’s incident management capability, -security risks in an organization’s environment can not only be identified, but presented to admins, -managers, and other stakeholders in a familiar way, with respect to chains of command and approval -as dictated by employee relationships and business workflows implemented in ServiceNow. - -When account lockouts occur, the Active Directory Inventory Data Collector makes that information -available. From the Enterprise Auditor console, the ServiceNow Action Module transmits customized -information regarding the locked out accounts directly to those responsible for account management, -alerting them of the issue and requesting that appropriate action is taken to re-enable user -accounts before effected users are aware of the problem. - -This section describes the following pages in the configuration wizard. - -## Dependencies - -The ServiceNow Action Module requires an active ServiceNow account with: - -- Import Multiple Web Service Plugin -- Web Service Import Sets -- System Web Service plugins enabled -- An instance of Enterprise Auditor with the Stealthbits ServiceNow Action Module enabled - -## Permissions - -The following permissions are required to utilize Enterprise Auditor’s ServiceNow Action Module: - -- ServiceNow admin account – An Administrator Role by an organization’s ServiceNow administrator -- The **Settings** > **ServiceNow** node at the global level can be configured with a credential - provisioned to create incidents as Callers in the **Assigned to** field, and any other ServiceNow - incident field that references the sys_user table. - -## Connecting ServiceNow with Enterprise Auditor - -The following instructions can only be performed with a ServiceNow admin account and access to the -ServiceNow Action Module XML file. - -![ServiceNow Action Module XML file in Windows file explorer](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/actionmodulexmlfile.webp) - -**Step 1 –** Navigate to the file path …\STEALTHbits\StealthAUDIT\Actions to access the -`STEALTHbits SN Action Module v1.0_merged_rev2.0` file to use on ServiceNow’s website. - -**Step 2 –** Visit servicenow.com, sign into the administrator account, expand **System Update -Sets**, and click on **Retrieved Update Sets**. - -**Step 3 –** Under **Related Links**, click on **Import Update Set from XML**. - -**Step 4 –** Attach the `STEALTHbits SN Action Module v1.0_merged_rev2.0` file, and then click -**Upload**. - -**Step 5 –** After the file is uploaded, click on the **STEALTHbits SN Action Module** within the -list of updated sets. - -**Step 6 –** Click on the **Preview Update Set** button. Wait until the update set preview is -finished and then click **Commit Update Set**. Then, close the Update Set Commit window. - -**Step 7 –** On the navigation page, expand **System Definitions** and click **Plugins**. Then click -on the **Insert Multiple Web Service plugin** - -**Step 8 –** Under **Related Links**, click on **Activate/Upgrade** and click **Activate** on the -Activate Plugin window. When the Activation is complete, click **Close** to close the window. - -**Step 9 –** Click **Reload** on the System Plugin page and confirm the Status is Active. - -Enterprise Auditor is now connected with the ServiceNow platform. - -## Source Table Configuration - -Individual action modules, including the ServiceNow Action Module, may have their own column -requirements. To take action on a resource, the source table must contain columns with RowGUID -values to uniquely identify them. - -## Configuration - -The ServiceNow Action module is configured through the ServiceNow Action Module Wizard, which -contains the following wizard pages: - -- Welcome -- [ServiceNow Action: Authentication](/docs/accessanalyzer/11.6/analysis-and-actions/actions/service-now.md) -- [ServiceNow Action: Incident Creation](/docs/accessanalyzer/11.6/analysis-and-actions/actions/service-now.md) -- [ServiceNow Action: Description](/docs/accessanalyzer/11.6/analysis-and-actions/actions/service-now.md) -- [ServiceNow Action: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/actions/service-now.md) - -**NOTE:** Not all pages may be accessible unless the user has a configured ServiceNow account. - -The Welcome page displays first in the ServiceNow Action Module Wizard. Review the introductory and -caution information about the ServiceNow Action Module. - -![ServiceNow Action Module wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. - -# ServiceNow Action: Summary - -The Summary page displays a summary of the configured query. - -![ServiceNow Action Module wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the ServiceNow Action Module Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md b/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md deleted file mode 100644 index 8c7e5a14aa..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md +++ /dev/null @@ -1,279 +0,0 @@ -# Survey HTML Style - -Choose an HTML style from the HTML Styles list. The Sample pane displays a preview of the style. - -![Survey Action Module Wizard HTML Style page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/htmlstyle.webp) - -The configurable options are: - -- HTML Style List – Select which HTML Style is used for Surveys using the HTML Style list. An - example of the style shows in the Sample box at the bottom of the wizard. -- Hide and Lock Previous Responses – Select the checkbox to prevent users from changing their survey - responses once they exit the survey - -# Survey: Introduction - -Use this page to specify web page introductory text (if any) for the web page specified on the Web -Server page. See the -[Survey: Web Server](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) -topic for additional information. The introductory text appears on the landing page when recipients -click on the survey link in the email. - -![Survey Action Module Wizard Introduction Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/introduction.webp) - -The configurable options are: - -- Insert Field – Inserts a dynamic field into the message content. Dynamic fields such as - **username** can personalize the survey for each recipient. The options available at this field - are limited to data from the SQL table specified at the Source Table field on the Action - Properties page. - - Place the cursor in the text where a field should appear. Next, click on the drop-down and - select a field from the list. When a selection appears in the field, click the blue down arrow. - The field appears in the text. - -## Text Entry Box - -Use the Text Entry box to compose an introductory message. Above the text box is a tool bar -containing various Microsoft Word-style editing tools. Use the editor to personalize the content and -appearance of each message. Use the Insert field option to insert dynamic text from the specified -data table. - -# Survey: Mail – Message - -Use this page to specify the text of the email. When first accessing this page, the cursor appears -in the **Load from template** field. Survey templates are a legacy feature and Netwrix recommends -not using them. - -![Survey Action Module Wizard Mail – Message page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/mailmessage.webp) - -Placeholder text displays in the Message box. This text includes a hyperlink to the web page hosting -the survey. Placeholder text can be modified but the link cannot be removed. The link does not -activate until the message is sent. - -Use the following fields to specify the text of the email: - -- Subject – Specify subject text for the email. The contents of this field displays as the Subject - line of the delivered email. Enter text directly and use the **Insert field** to insert one or - more data fields. This is a required field. -- Insert Field – Inserts a data field into the subject or body of the email. The drop-down menu - displays a list of available fields. Once a selection displays in the field, click on the blue - Down and Up arrows to insert the field into the body or the subject, respectively. This field is - optional. -- The following are buttons appearing on a bar below the Subject field: - - - Show sample input source data – To display a table of sample source data, click the icon next - to the blue arrows - - Show dialog to set SMTP options – To override the global SMTP settings, click the icon next to - the blue arrows to display the SMTP Options dialog box - - Preview – Displays the Messages Preview window containing a preview of the current email - message. Click **Send** to send a single message to the addresses in the Recipient field in - the Message Preview window. The Preview button is active only if the Recipients field is - populated. See the [Messages Preview Window](#messages-preview-window) topic for additional - information. - - Clear Template – Clears any content from the Subject and Text Entry box - -- Load from template – Survey templates are a legacy feature. It is strongly recommended not use - templates when creating surveys. -- Save to template – Saves the current email subject and content to a template. If an existing - template name appears in the **Load from template** field, clicking this button updates that - template. If the **Load from template** field is empty or contains a name other than one of the - existing templates, clicking this button accesses the Save SendMail Template window and changes - can be saved to a new template. Templates reside locally on the host computer as XML files, in the - `Actions/SM_Templates` folder. - -## Messages Preview Window - -The Messages preview window opens when you click **Preview** on the Mail – Message page of the -Survey Action Module Wizard. This window displays a preview of the email, including any dynamic -fields. - -![Messages preview window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/messagespreview.webp) - -The window has the following options: - -- Blue arrow buttons – Click to view other recipients -- Send – Sends a single message to the addresses in the **Recipients** field - -# Survey: Mail – Properties - -Use this page to specify the email recipients. - -![Survey Action Module Wizard Mail – Properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/mailproperties.webp) - -Use the following fields to specify the recipient information: - -- Recipient column – Specify the data table columns containing intended recipient information - - - For example, a column containing email addresses. The drop-down menu displays a list of - possible column types. - -- Recipient type – Specify the data type of the Recipient column. The drop-down menu displays a list - of recipient types, for example **SMTP email address**. -- Carbon copy (CC) – (Optional) Specify one or more additional email addresses to receive a - carbon-copy of the SendMail message, for example an address not included in the source table. - Separate multiple address with a semi-colon and a space. -- Combine multiple messages to a recipient into one message when all recipients are the same – - Select this option to send only one message to each recipient as a result of this action (even - recipients who appear more than once in the job results) - -# Survey Action Module - -Use this action module to create surveys and make them available to targeted recipients via email. -For example, a survey can solicit feedback from clients or poll employees on company issues. - -The Survey Action Module Wizard builds customizable, web-based surveys containing questions created -by the user. Once the survey is defined, a list of recipients can then be specified. When executing -the action, the process simultaneously sends an email to the recipients containing a link to the -survey and creates a web page to host the survey. - -**CAUTION:** This module sends one or more electronic messages to a selected audience. Prior to -executing the action, ensure the audience consists of only the desired members. Netwrix recommends -using this and all other Enterprise Auditor actions with caution. - -## Survey Action Source Table Configuration - -All data tables used in Enterprise Auditor action modules require the presence of certain data -columns. In addition, individual action modules including Survey may have their own column -requirements. The Survey action module requires a column containing well-formatted email addresses -(for example, `hfinn@netwrix.com`) for your recipients. - -## Survey Action Module Wizard - -The Survey action module is configured through the Survey Action Module Wizard, which contains the -following wizard pages: - -- Welcome -- [Survey: Template](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) - (Legacy feature) -- [Survey: Introduction](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) -- [Survey: Questions](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) -- [Survey HTML Style](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) -- [Survey: Web Server](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) -- [Survey: Mail – Properties](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) -- [Survey: Mail – Message](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) -- [Survey: Test Survey](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) -- [Survey: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/actions/survey.md) - -The Welcome page displays first and gives an overview of the action module. The navigation pane -contains links to the pages in the wizard. - -![Survey Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. - -# Survey: Questions - -Use this page to specify the questions on the survey. Configure the following for each question: - -- The text of the question - - - Example: `Are you the owner of the following stale AD objects?` - -- The subject of the question – The subject is the object to which the question is directed, such as - a user who has access to AD objects. Specify the subject via a dynamic field. - - - Example: **UserName** - - The data table must contain a column with the subject of each question on the survey - -- A name for the answer column in the result table. This column stores the answers to the survey - question. -- The question type (**Yes/No**, **Text**, or **Multiple Choice**) -- Any additional descriptive text to include for the question - -![Survey Action Module Wizard Questions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/questions.webp) - -The configurable options are: - -- Questions List – Any existing questions appear in the Question List box. The following buttons are - available: - - - Add new question – Adds a new question to the Questions list. Use the Question Details section - to customize the question. - - Remove question – Remove selected question from the Questions list - - Up and Down arrows – Re-order questions - -- Question Details – Use this section to define your survey questions. The following options are - available: - - - Text – Specify the survey question - - Subjects – Click on the ellipses (**…**) to open the Select subjects window. Specify the - object to which a question is directed. The selected subjects show in the Subjects field. See - the [Select Subjects Window](#select-subjects-window) topic for additional information. - - Answer Column Name – The Survey action module inserts the results of the survey directly into - the SQL table on which a survey is based, creating an answer column for each question in the - survey. Give each column a unique name that corresponds to the associated survey question. - - Question type – Specify a question type. The options are: - - - Yes/No - - Text - - Multiple Choice – If this option is selected, the **Answers** button activates. Click this - button to open the Answers window and specify the response options to the multiple choice - question via the **Add** button. - - - Answers – This button activates if Multiple Choice in the Question Type field is selected. - Click to access the Answers window. - - Description – Specify any additional explanation of the survey question. The text appears on - the survey below the associated question. - -## Select Subjects Window - -Select which subjects to use for the Survey question using the Select subjects window. - -![Select subjects window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/selectsubjects.webp) - -Select a subject from the Available subjects list, then click the **Right Arrow** to move it into -the Selected Subjects list. Remove a subject from the Selected Subjects list by selecting a subject -and clicking the **Left Arrow**. Change the priority of the subjects in the Selected Subjects list -by using the **Up and Down Arrows**. - -# Survey: Summary - -A summary of the survey configuration displays. - -![Survey Action Module Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Save Template** to access the Save Survey Template window. - -![Save Survey Template window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/savesurveytemplate.webp) - -Specify a name for the survey for future use. Click **OK** to return to the Summary page. - -When done, click **Finish** to finalize survey configurations. - -# Survey: Template - -Survey templates require customization to meet the customer's business needs. Contact -[Netwrix Support](https://www.netwrix.com/support.html) for additional information. - -![Survey Action Module Wizard Survey Template page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/surveytemplate.webp) - -# Survey: Test Survey - -Use this page to test a survey and verify proper configuration. - -![Survey Action Module Wizard Test Survey page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/testsurvey.webp) - -The configurable options are: - -- Start test – Click to test your survey configuration -- Survey full test – Once the survey configuration test passes inspection, a full survey can be - tested against a single user (for example, your own email account) to verify a survey matches - design criteria - -# Survey: Web Server - -Use this page to specify information about the web server hosting the survey website. - -![Survey Action Module Wizard Web Server page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/webserver.webp) - -The configurable options are: - -- Web Server Name – Specify the name of the server hosting the survey -- Web server path (Survey root path) – Specify the root path to the folder on the web server - containing the scripts used to build and operate the survey web page - - - Click the ellipses (**...**) to open the Browse For Folder window to navigate to the folder on - the web server containing the scripts used to build and operate the survey web page - -- URL (Survey root path) – Specify the root path of the web page location diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/actions/web-request.md b/docs/accessanalyzer/11.6/analysis-and-actions/actions/web-request.md deleted file mode 100644 index beeb413609..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/actions/web-request.md +++ /dev/null @@ -1,205 +0,0 @@ -# Web Request: Destination - -Use the Destination page to specify all settings for the destination of the web request. - -![Web Request Action Module Wizard Destination page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/destination.webp) - -Use the following categories to establish the location of the web request: - -- Insert field – Select a field using the drop-down menu - - **NOTE:** The fields available varies based on the source table columns. - -Destination Information - -- Method – Use the dropdown to select a method from the following: - - - GET - - POST - - PUT - - DELETE - - HEAD - - OPTIONS - - PATCH - - MERGE - - COPY - -- Follow Redirects – Enables the web request to follow redirects -- Combine SQL rows into single request – Enables bulk insertion of the number of rows specified into - a single web request - - - Rows – Select the number of rows to combine. The default is 50. - -- Resource – URL destination to send the data via the web request - - - Select a field using the drop-down menu, place the cursor in the Resource textbox, and click - the blue down-arrow to add it to the Resource box - - Manually enter a resource in the textbox - - **NOTE:** A red circle with an x indicates that the Resource field cannot be empty. - -- Authentication – Select an authentication method from the following: - - - None – No authentication - - Basic – Basic authentication - - JWT – JSON Web Token, a URL-safe authentication method - - Basic and JWT authentications are pulled from the credential profile set in the job. It inserts - that data into the authentication header of the web request with the proper format expected (for - example, Basic [Base64 encoded credentials] or Bearer [JWT token] for Basic and JWT - authentication respectively). - -Test Connection - -- Drop-down menu – Select a method to test. Currently locked to GET. -- URI textbox – Input the resource to receive the test message - - - Select a field using the drop-down menu, place the cursor in text area, and click the blue - down-arrow to add it to the URI textbox - - Manually enter a resource in the field - - **NOTE:** Red circle with x indicates - `Invalid URI: The format of the URI could not be determined`. - -- Test – Tests the connection for the request using the first row of the source table -- Text box – Shows log messages from the connection test - -# Web Request: Header - -Use the Header page to enter the header values for the request. - -![Web Request Action Module Wizard Header page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/header.webp) - -Use the following options to enter header values: - -- Insert field – Select a field to include in the request using the drop-down menu - - **NOTE:** The fields available varies based on the source table columns. - -- Use the radio buttons to indicate: - - - Parameters – Key value pairs to insert in the headers field of the web request - - Raw edit – Disabled for headers - -- Key / Value fields – The name or value of the attribute - - - Select a field using the drop-down menu, place the cursor in the cell of the desired Key or - Value, and click the blue down-arrow to add it to the selected cell - - Manually enter a field in the cell - -# WebRequest Action Module - -The Web Request action module provides methods of applying bulk changes to REST endpoints. At this -stage, target endpoints should be identified to invoke web requests against. This wizard allows the -definition of requests to perform. - -**CAUTION:** Ensure that only the changes required are applied and only those target systems desired -when using this action module. - -## Configuration - -The Web Request action module is configured through the Web Request Action Module Wizard, which -contains the following wizard pages: - -- Welcome -- [Web Request: Destination](/docs/accessanalyzer/11.6/analysis-and-actions/actions/web-request.md) -- [Web Request: Header](/docs/accessanalyzer/11.6/analysis-and-actions/actions/web-request.md) -- [Web Request: Parameters](/docs/accessanalyzer/11.6/analysis-and-actions/actions/web-request.md) -- [Web Request: Settings](/docs/accessanalyzer/11.6/analysis-and-actions/actions/web-request.md) -- [Web Request: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/actions/web-request.md) - -The Welcome page gives an overview of the action module. The navigation pane contains links to the -pages in the wizard. - -![Web Request Action Module Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. - -# Web Request: Parameters - -Use the Parameters page to enter the parameter values. - -![Web Request Action Module Wizard Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/parameters.webp) - -Enter parameter values using the following options: - -- Insert Field – Select a field to include in the request from the drop-down menu. - - **NOTE:** The fields available varies based on the source table. - -- Green circle with plus sign – Add a custom attribute. This opens the Custom Attribute Editor - Window. See the [Custom Attribute Editor Window](#custom-attribute-editor-window) topic for - additional information. -- Red circle with minus sign – Remove a custom attribute - - - Select a cell or row to remove the custom attributes - -- Paper and pencil – Edit a custom attribute. This opens the Custom Attribute Editor Window. See the - [Custom Attribute Editor Window](#custom-attribute-editor-window) topic for additional - information. -- Use the radio buttons to indicate: - - - Parameters – Key value pairs to insert in the headers field of the web request - - Raw edit – Disabled for Parameters - -- Key / Value Fields – The name or value of the attribute - - - Select a field using the drop-down menu, place the cursor in the cell of the desired Key or - Value, and click the blue down-arrow to add it to the selected cell - - Select a cell and click the green circle with plus sign to open the Custom Attribute Editor - window and add the attribute to the cell - - Manually enter a field in the cell - -### Custom Attribute Editor Window - -Use the Custom Attribute Editor window to create a custom attribute using the existing attributes -and advanced functions. - -![Custom Attribute Editor Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/customattributeeditor.webp) - -Create custom attributes using the following options: - -- Insert field – Select a field to insert using the drop-down menu -- Unique name – Name of the custom attribute that will be created - - - Select a field using the drop-down menu, place the cursor in the Unique name textbox, and - click the blue down-arrow to add it to the Unique name textbox - - Manually enter the name - -- Data – The actual value of the custom attribute (can be database value or manually specified) - - - Select a field using the drop-down menu, place the cursor in the Data textbox, and click the - blue down-arrow to add it to the Data textbox - - Manually enter the data - -- Advanced Functions - - - Split on – Split the data on the character specified in the text box. The default is comma - `,`. - -# Web Request: Settings - -Use the settings page to specify the settings for the web request. - -![Web Request Action Module Wizard Settings page](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) - -Establish the settings using the following options: - -- Insert field – not applicable on this page -- Input Table Rowkey – Select the column to use as the Enterprise Auditor key for reporting and - built-in Enterprise Auditor functions -- Include response in output table – When enabled, it records the body of the server’s response - message in the actions output table -- Execute multiple requests asynchronously – use a thread pool to manage requests - - - Request count – Select the number of asynchronous requests to run simultaneously - -# Web Request: Summary - -The Summary page displays a summary of the configured action. - -![Web Request Action Module Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Web Request Action Module Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/analysis/business-rules.md b/docs/accessanalyzer/11.6/analysis-and-actions/analysis/business-rules.md deleted file mode 100644 index 29ae7e8d54..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/analysis/business-rules.md +++ /dev/null @@ -1,198 +0,0 @@ -# Applies To Tab - -Use the Applies To tab to specify the scope for application of the analysis rules. Rules are applied -to data collected from all hosts, from specific hosts, or from the specific host running the job -(local data). Data is filtered based on a specified time window. - -![Edit Rules window Applies To tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/appliesto.webp) - -The Applies To tab provides the following options: - -- Source and Time Window – Specify whether to exclude data from outside of the Enterprise Auditor - console and apply a filter to the time window of the data - - - All Source Data – Select this option to run the action using all data - - Source Data from this Console only – Select this option to run the action specifically using - data from only this Enterprise Auditor console - - Time Window for source table – Use the drop-down menu to specify a time window from the - following options: - - - Most recent data – Use only the most recently collected data - - Cumulative data for offline hosts – Use data collected from offline hosts - - Most recent data filtering duplicate and offline hosts – Use most recent data excluding - duplicate and offline hosts - - Do not filter data – Use unfiltered data - -- Hosts Filtering – Specify source hosts - - - Apply to All Hosts – Select this checkbox to use all hosts to query - - Host List – Select any desired hosts to query. If **Apply to All Hosts** is selected, the list - is unavailable. - -# Logic Tab - -Use the Logic tab to specify conditions and actions for the Business Rule. - -![Edit Rules window Logic tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/logic.webp) - -The Logic tab contains the following sections and options: - -- Rule Details – Create a title for the rule and select a source table: - - - Rule Name – The field defaults with the name on the Analysis Properties page and is manually - editable - - Table – Select a table from the drop-down menu containing the baseline values to evaluate - - - To view data from a selected table, click the ellipsis (**…**) to open the Sample Data - Viewer window, or select a table within the viewer. See the - [Sample Data Viewer Window](#sample-data-viewer-window) topic for additional information. - -- Conditions – Apply conditions to the table - - - Click **Add Condition** to open the EditConditionsForm window and add a condition to the - Conditions list. See the [EditConditionsForm Window](#editconditionsform-window) topic for - additional information. - - Exceptions textbox – Lists added conditions. By default, it says `Add Exception to Scorecard` - but updates with any conditions selected. - - To check the SQL statement executed, click the green checkmark SQL symbol. This opens the SQL - Extract Preview window. See the - [SQL Extract Preview Window](#sql-extract-preview-window) topic for additional information. - -- Actions – Add exceptions to the scorecard action - - - Select **Edit Action** or double click **Add Exception To Scorecard** to open the Configure - Scorecard Action window. See the - [Configure Scorecard Action Window](#configure-scorecard-action-window) topic for additional - information. - -## Sample Data Viewer Window - -Use the Sample Data Viewer window to examine data in a selected table. - -![Sample Data Viewer Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/sampledataviewer.webp) - -The Sample Data Viewer window provides the following options: - -- Use the drop-down menu to select a table to view the table’s data. The field defaults with the - table selected in the Logic tab if previously selected. -- Show First [Number] rows – Adjusts the presentation of the number of rows of the selected table. - The default value is 50. It can be manually adjusted with values between 0 and all. - -## EditConditionsForm Window - -Use the EditConditionsForm to configure conditions to be applied to the table. - -![EditConditionsForm Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/editconditionsform.webp) - -The EditConditionsForm contains the following options: - -- Column – Use the drop-down menu to select a column from the table selected in the Logic tab -- Operator – Use the dropdown to select an operator: - - - `<` – Search for items in the selected column with values less than a selected value - - `>` – Search for items in the selected column with values greater than a selected value - - `=` – Search for items in the selected column of equal value to the selected value - - `!=` – Search for items in the selected column not equal to the selected value - - `like` – Search for items in the selected column of similar or value to the selected value - -- Value – Manually set a comparator value. The default is 0. - -## SQL Extract Preview Window - -The SQL Extract Preview window previews results of the conditions added to the table in the -Conditions section. - -![SQL Extract Preview Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/sqlextractpreviewwindow.webp) - -The SQL script requires the table have these columns: `HOST`, `SA_Host`, and `JobRunTimeKey`. If -there is a mismatch between table and SQL script, a SQL Syntax Check window describes any detected -issue. - -![SQL Syntax Check window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/sqlsyntaxcheck.webp) - -For example, this SQL Syntax Check window is reporting an error of missing information of an object -or column. - -## Configure Scorecard Action Window - -Use this window to add exceptions to the scorecard. - -![Configure Scorecard Action Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/configurescorecardaction.webp) - -The Configure Scorecard Options window provides the following options: - -- Scorecard Action Description – Use this section to label the scorecard action - - - Action Name – Enter a name for the action - - Description – Enter a description for the action - -- Action Classification – This section allows you to group scorecard action results for reporting - purposes - - - Category – Enter a desired category name in the field or use the dropdown to select from - previously titled categories - - Index – Enter a desired index value for the scorecard action - -- Action Score – This section allows you to rank the action’s importance relative to other scorecard - actions - - - Score – Enter a desired score value for the scorecard action - - Severity – Enter a desired severity value or use the dropdown to select from previously - selected values - -- Knowledge – This section provides information that may assist with resolving this issue - - - Knowledge – Enter information to assist issue resolution, for example a website URL - -- Captured Values – This section allows you to select up to five optional properties whose values - will be captured and stored with the scorecard entry. For each property selected, a name column - and value column appear in the scorecard. - - - Property [1-5] – Select a property from the selected table using the drop-down menu to capture - and store its values with the scorecard - -# Business Rules Analysis Module - -The Business Rules analysis module measures and evaluates a configured value from an object (the -baseline value) and compares it against a stated value (the business rule) to find an exception or -deviation. Any deviations or differences found the execution of a business rule appear in a -resultant table called a scorecard. - -Create one or more jobs to collect the data to be analyzed. Then configure one or business rules to -analyze the data. Examine the scoreboard to determine how an object is performing with regard to its -original baseline expectations. - -## Scorecard - -Business Rules analysis module results are displayed in a table called a scorecard. The scorecard -determines which of the rules are applied, and in what order. A scorecard table contains only -exceptions and deviations from the business rule criteria when compared to a baseline value. The -table does not include matches to the criteria. All scorecard table names are suffixed with -`_SCORECARD` for easy identification. - -## Edit Rules Window - -To access and modify the Business Rules analysis module, navigate to the Job's **Configure** > -**Analysis** node and click **Configure Analysis** to open the Edit Rules window. The Edit Rules -window has the following tabs: - -- [Logic Tab](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/business-rules.md) -- [Variables Tab](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/business-rules.md) -- [Applies To Tab](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/business-rules.md) - -# Variables Tab - -Use the Variables tab to specify values to substitute in the rule logic at run time. - -![Edit Rules window Variables tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/variables.webp) - -This tab contains the following options: - -- Sort by Variable or Value in descending order by clicking the preferred column header. To sort by - ascending Value, click the column header again. The default is by ascending Value. -- To delete a variable, select it and click **Delete** - - ![JobVariables TSV file](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/jobvariablestsv.webp) - -- Click **View all variables for this job** to open the `JobVariables.TSV` file containing any - variables for the current job diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md b/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md deleted file mode 100644 index 88037da92c..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md +++ /dev/null @@ -1,142 +0,0 @@ -# Change Detection: Additional Fields - -Use the Additional Fields page to choose any additional fields to include with the change analysis. -These fields do not detect change, but may provide additional information to help diagnose and -analyze the changes reported. - -![Change Detection Data Analysis Module wizard Additional Fields page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/additionalfields.webp) - -Choose any additional fields to be collected with change analysis using the following options: - -- Select the checkbox of any desired fields -- Check All – Select all fields in the table -- Uncheck All – Clear all fields in the table -- Hide system columns – Hide columns -- Checked – Order the list by selected items -- Column Name – Name of the field - -# Change Detection: Fields - -Use the Change Detection Fields page to select the columns on which to report changes. - -![Change Detection Data Analysis Module wizard Fields page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/fields.webp) - -Choose which fields change detection analyzes using the following options: - -- Select the checkbox next to any desired fields -- Check All – Select all fields in the table -- Uncheck All – Clear all fields in the table -- Hide system columns – Hide columns -- Checked – Order the list by selected items -- Column Name – Name of the field -- Combine multiple changes into a single change record – Select to combine multiple changes into a - single change record - -# Change Detection: Input - -Use the Input Data Source page to choose a data source to analyze for changes. - -![Change Detection Data Analysis Module wizard Input Data Source page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/input.webp) - -The configurable option is: - -- Please select a data source – Select a data source table from the list - - **NOTE:** The selectable data sources change based on which option is selected on the Input - Scope page. - -# Change Detection: Input Scope - -Use the Input Scope page to specify the input scope of the data source. - -![Change Detection Data Analysis Module wizard Input Scope page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/inputscope.webp) - -Identify the scope of the data source from the following options: - -- Tables from Current Job – Select tables from only the currently selected job -- All Enterprise Auditor Tables – Select from all Enterprise Auditor tables within the SQL Server - database -- All tables in the database – Select all tables within the SQL Server database - -**NOTE:** This selection affects the tables that are available for selection on the Input page. - -# Change Detection: Options - -Use the Options page to specify whether to save history, including a running tally of all changes -made within a certain time period, or only changes between the last two runs of the source set. - -![Change Detection Data Analysis Module wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -Configure the additional options using the following: - -- Save change detection results for xx days – Modify the number of days that results for the Change - Detection task are saved for -- Only save most recent change (per unique key) – Select the checkbox to only save changes between - the last two runs of the source set - -# Change Detection Analysis Module - -Use the Change Detection analysis module to track changes within a specific Enterprise Auditor view -or table for use in reporting and notifications. This module tracks additional, changed, or missing -selected data items and compares result rows from previous collection activity with rows from the -most recent collection. - -This module compares values collected for two different query instances. Therefore, as change -detection depends on the existence of a **JobRunTimeKey**, history must be enabled and data -collected at least twice to produce the desired results. Configure History settings under the job’s -**Settings** > **History** node. See the -[History](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md) topic -for additional information. - -## Configuration - -The Change Detection Data Analysis Module wizard has the following pages: - -- Welcome -- [Change Detection: Input Scope](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md) -- [Change Detection: Input](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md) -- [Change Detection: Unique Key](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md) -- [Change Detection: Fields](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md) -- [Change Detection: Additional Fields](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md) -- [Change Detection: Options](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md) -- [Change Detection: Result Sample](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md) -- [Change Detection: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md) - -The Welcome page gives an overview of the action module. The navigation pane contains links to the -pages in the wizard. - -![Change Detection Data Analysis Module wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -There are no configurable settings on the Welcome page. To proceed, click **Next** or use the Steps -navigation pane to open another page in the wizard. - -# Change Detection: Result Sample - -The Result Sample page generates a preview of the output based on the configurations selected on the -previous pages. - -![Change Detection Data Analysis Module wizard Result Sample page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/resultsample.webp) - -Click **Show Preview** to generate a preview of the results, which may take several minutes to -populate. - -# Change Detection: Summary - -The Summary page summarizes the configuration of the action. - -![Change Detection Data Analysis Module wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, click **Cancel** to close -the Change Detection Data Analysis Module wizard to ensure no accidental configurations are saved. - -# Change Detection: Unique Key - -Use the Unique Key page to select one or more columns that, when put together as a ROWKEY, uniquely -identify each row of data in the source table. Available fields vary based on data source selected -on the Input page. See the -[Change Detection: Input](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/change-detection.md) topic -for additional information. - -![Change Detection Data Analysis Module wizard Unique Key page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/uniquekey.webp) - -Select one or more fields to form a unique key for the selected table and its columns. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md b/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md deleted file mode 100644 index 211eca992e..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md +++ /dev/null @@ -1,297 +0,0 @@ -# Notification: Change Type - -Use the Select Change Type page to choose the types of changes for which to trigger a notification. -The selections on this page are optional. This page is only active if Change Detection Table is -selected on the Table Type page. - -![Notification Data Analysis Module wizard Select Change Type page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/changetype.webp) - -The following options are available: - -- Notify me when a property changes – Used to watch for changes in settings, such as a change to a - registry value or a service user account assignment change -- Notify me when something new is detected – Used to watch for something new, such as a new - permissions assignment or someone being added to a group -- Notify me when something is removed – Used to watch for something being removed, such as a user - being removed from a group or an application uninstalled - -# Notification: Command Line - -The Command Line properties page is available when the Command-line Executable notification type is -selected on the Type page. - -![Notification Data Analysis Module wizard Command Line properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/commandline.webp) - -The following options are available: - -- Application – Specify an application to receive the notification. Click the ellipsis (**…**) to - view and select from a list of executable files. -- Arguments – If required, specify command line inputs for the application in the text box. If the - argument must come from a value in the database (for example, a timeout value), insert it here via - the Fields drop-down menu above. - - - Fields – To pass one or more fields into the command line arguments, click the drop-down menu, - select a field from the lists, and click **Add** - -# Notification: Criteria - -Use the Notification Criteria page to specify criteria to trigger a notification. - -![Notification Data Analysis Module wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The following options are available: - -- No Criteria – Set no criteria to trigger a notification if any property changes. If selected, any - row will trigger the notification. -- Simple Criteria – Select criteria to send a notification based on the value of a specific property - or column in the database. The trigger can be if the property or column value is greater than, - equal to, or less than the value provided. -- Advanced Criteria – Use the Filter Builder to create custom triggers when a value meets the - defined conditions. See the - [Advanced Search](/docs/accessanalyzer/11.6/administration/navigation.md#advanced-search) - topic for additional information. - -# Notification: Event Log - -The Event Log properties page is available when the Event log notification type is selected on the -Type page. Use this page to specify the type of event, the event ID, and the description for the -event. - -![Notification Data Analysis Module wizard Event Log properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/eventlog.webp) - -The following options are available: - -- Log – The event log name is Enterprise Auditor -- Type – Specify the log type. The drop-down menu displays the following options: - - - Information - - Warning - - Error - - FailureAudit - - SuccessAudit - -- Event ID – Specify the event ID -- Description – Enter a description of the event - - - Fields – To pass fields into the description, click on the drop-down list, select a field from - the list, then click **Add** - -# Notification: Frequency - -Use the Notification Frequency page to specify the frequency by which to generate the notifications. - -![Notification Data Analysis Module wizard Notification Frequency page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/frequency.webp) - -The following options are available: - -- Generate notifications immediately -- Delay notifications until conditions have been met – Set the frequency condition - -# Notification: Hosts - -Use the Select Hosts page to scope hosts and to select specific hosts to target. - -![Notification Data Analysis Module wizard Select Hosts page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/hosts.webp) - -The following options are available: - -- I want notification sent for all hosts -- I want notifications sent only for the hosts listed below -- I want notifications sent for all hosts except the ones listed below - -If the first option is selected, the host list selection window is not enabled. If either the second -or third option is selected, the following options are enabled: - -- Show me all host lists – Activates the host list selection window, from which individual host - lists can be selected -- Enter hosts manually – Manually enter specific host names. Once the name is entered, click the add - (**+**) button to add it to the selection box. Ensure the checkbox next to the host name is - selected to include it in the list of hosts. - -# Notification Analysis Module - -The Notification Data analysis module provides the ability to send an email or command-line -notification to selected targets based on the values contains in any table. - -The Notification Data Analysis Module has the following prerequisites: - -- Configure the **Notification** node in the global settings - - - See the - [Notification](/docs/accessanalyzer/11.6/administration/settings/notifications.md) - topic for additional information - -- Enable History for the table specified as the source - - - Only required if configuring Frequency or Time Window, or when using the Change Detection - table as a source on the Table Type page - -## Configuration - -The Notification analysis module is configured through the Notification Data Analysis Module wizard, -which contains the following wizard pages: - -- Welcome -- [Notification: Table Type](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: Select Table](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: Change Type](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: Criteria](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: Hosts](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: Type](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: SMTP](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: Command Line](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: Event Log](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: Frequency](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: Time Window](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) -- [Notification: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) - -The Welcome page lists the prerequisites needed for the Notification Analysis Module to function -properly. - -![Notification Data Analysis Module wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -There are no configurable settings on the Welcome page. To proceed, click **Next**. - -# Notification: Select Table - -Select the table containing data on which to trigger a notification. The selection on the Table Type -page determines the options available on this page. See the -[Notification: Table Type](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) topic -for additional information. - -![Notification Data Analysis Module wizard Select Table page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/selecttable.webp) - -The Select table page has the following options: - -- Show All Tables – All tables within the SQL Server database -- Show All SA Tables – All Enterprise Auditor tables within the SQL Server database -- Show only tables for this job - -# Notification: SMTP - -The SMTP properties page is available when the Email notification type is selected on the Type page. -Use this page to specify SMTP notification properties, including recipients, subject line, and email -body. - -![Notification Data Analysis Module wizard SMTP properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/smtp.webp) - -The following options are available: - -- E-mail – Enter an email address to add to the notification list - - - Add – Add an email address to the E-mail field - - Remove – Remove an email address from the Recipients list - - Combine multiple messages into single message – Sends one email for all objects in the record - set instead of one email per object to all recipients - -- Subject – Specify a subject for the email. The subject can include field variables. - - **_RECOMMENDED:_** If configuring a Notification analysis module for a pre-configured job, it is - recommended not to change the existing field variables. - -- Insert Field – Select a source data column to add to the message body or subject line. Click the - drop-down to see a list of columns. Once the column displays in the field, click an arrow to - insert the field. - - - Down arrow – Adds the selected source column to the message text - - Up arrow – Adds the selected source column to the subject text - -- Embed HTML Report – Embed a HTML report in the notification email. Click the Embed HTML Report - button to navigate to the HTML file. -- Show sample input source data – Opens the Sample Source Data window, containing sample input - source data as it currently exists in the database -- Show dialog to set SMTP options – Opens the SMTP Options window, where SMTP global settings can be - overwritten through manual configuration -- Preview – Displays a preview of the email. - - **NOTE:** The preview may not show any or all of the filters applied in previous steps. - -- Clear Template – Clears all data from the subject and message boxes. Does not clear e-mail - addresses. -- Text Box – Specify the text of the email message. The toolbar above the text box contains various - icons providing access to text editing and formatting tools. To insert fields from Enterprise - Auditor, choose a field from the drop-down menu and click the Down arrow. Block tag formatting is - supported. - -# Notification: Summary - -The Summary Page displays all the information input in each of the configured options from the -previous pages of the wizard. - -![Notification Data Analysis Module wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is best practice to -click **Cancel** to close the Notification Data Analysis Module wizard to ensure no accidental -clicks are saved. - -# Notification: Table Type - -Use the Source Table Selection page to choose the type of table to use as the data source for -notifications. - -![Notification Data Analysis Module wizard Source Table Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/tabletype.webp) - -The following options are available: - -- Change Detection Table – Sends notifications when changes are detected in the data. When selected, - the option of **Show only tables for this job** becomes the default selection on the Select Table - page. This option targets only change detection tables within the current job. Possible tables (if - any) display on the Select Table page. See the - [Notification: Select Table](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) topic - for additional information. - - **NOTE:** Change Detection Table also locks selections to tables on the Select Table page that - are selected through Other. To select tables outside of **Show only tables for this job**, - select Other on the Table Type page, then select either **Show All Tables** or **Show All SA - Tables**, then click back to return to the Table Type page. Now selecting Change Detection Table - and proceeding defaults the selection on the Select Table page to whichever was previously - selected through Other. - -- Other – Sends a notification based on a value within a selected table. Selecting this option - enables the following options on the Select Table page, each of which lists a specific set of - tables available for selection: - - - Show All Tables - - Show All SA Tables - - Show only tables for this job - -# Notification: Time Window - -Use this page to specify whether to include only rows collected in the last execution. - -![Notification Data Analysis Module wizard Time window page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/timewindow.webp) - -The following option is available: - -- Only include rows from most recent run for `[
]` – Select the checkbox to scope the - task to the most recent data - - **NOTE:** The checkbox is only enabled if the table selected on the Select Table page has a - Enterprise Auditor **JobRunTimeKey** property. Otherwise, the checkbox is cleared by default. - -# Notification: Type - -Use the Notification Type page to specify one or more notification types. - -![Notification Data Analysis Module wizard Notification Type page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/type.webp) - -The following options are available: - -- Email – Sends a notification email to specified addresses defined on the SMTP page. See the - [Notification: SMTP](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) topic - for additional information. -- Command-line Executable – Runs a command-line program such as a batch file. On the Command Line - page, define the specific application to run and any flags or arguments that must be set at - runtime. See the - [Notification: Command Line](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) topic - for additional information. -- Event Log – Creates a Windows Event Log item on the Enterprise Auditor Event Log. On the Event Log - page, define the following: - - - Type of event (Information, Warning, Error, SuccessAudit, FailureAudit) - - Event ID - - Description of the event - - See the - [Notification: Event Log](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/notifications.md) topic - for additional information. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/analysis/scripting.md b/docs/accessanalyzer/11.6/analysis-and-actions/analysis/scripting.md deleted file mode 100644 index a9eda748b5..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/analysis/scripting.md +++ /dev/null @@ -1,136 +0,0 @@ -# SQLscripting Analysis Module - -Use the SQLscripting analysis module to apply SQL scripting to the selected job. - -![SQL Script Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlscripteditor.webp) - -The SQLscripting analysis module evaluates the Enterprise Auditor user’s permission level to -determine whether to allow the connected user to run the scripted command. Since this evaluation is -based on specific SQL database permissions and is not always under Enterprise Auditor’s control, -some scripts with correct syntax may fail due to insufficient permissions. - -The SQL Script Editor window has the following options: - -- Save and Close – Saves script and closes window -- Parameters – Establishes parameters for SQL scripts in the editor - - - Clicking **Parameters** opens the Parameters interface. See the [Parameters](#parameters) - topic for additional information. - -- Syntax Check – Checks SQL script syntax - - - Syntax Check does not identify logic errors, only instances where syntax is incorrect. Click - **Syntax Check** to open the Script Errors window which identifies syntax errors. - - Syntax Check reports back syntax errors starting from the beginning of the script to the end. - Syntax Check does not return a list of errors. - -- Load file – Opens a File Explorer which can be used to navigate to a SQL file -- Save to File – Saves the currently configured script into a SQL file -- Undo – Undo the previous changes made to script (Ctrl+Z) -- Redo – Redo the previous changes made to script (Ctrl+Y) -- Cut – Cuts the highlighted script from the SQL script editor (Ctrl+X) -- Copy – Copies the highlighted script into the SQL script editor (Ctrl+C) -- Paste – Pastes cut or copied script into the SQL script editor (Ctrl+V) -- Online SQL Language Reference – Opens the Microsoft - [Transact-SQL Reference]() - article - -Click **Save and Close** to return to the Analysis Properties page. If no changes were made or -intended, it is best practice to click **Cancel** to close the SQL Script Editor wizard to ensure no -accidental changes are saved. - -## Parameters - -Use the Parameters window to add, edit, and delete temporary variables and tables defined by -SQLscripting and users. The window only displays when **Parameters** is clicked. - -![Parameters window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlscriptparameters.webp) - -**CAUTION:** not modify any parameters where the Value states `Created during execution`. - -The Parameters window has the following options: - -- Add Variable – Adds a new variable - - - Double-click in the **Name**, **Description**, and **Value** fields to enter custom labels - - Select the variable **Type** from the dropdown menu - - Variable names must begin with the `@` sign - -- Add Table – Adds a new table -- Edit Table – Opens the Edit Table window. See the [Edit Table](#edit-table) topic for additional - information. -- Delete – Deletes the selected variable or table - -The parameters have the following properties: - -- Name – Name of the variable or table -- Type – Type of variable or table - - - String variables utilize a text string input - - Integers and floats are able to handle invalid inputs - - Boolean variables only take True/False input, in SQL they are 1/0 - - Percentages only take whole numbers 0-100, converted to 0.0 to 1.0 in SQL - - Temporary and Variable Tables - -- Description – Description of the variable or table. See the [Edit Table](#edit-table) topic for - additional information. -- Value – Input value - -### Edit Table - -Click **Edit Table** to open the Edit Table window to modify parameters for the selected table. - -![Edit Table window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlscriptedittablewindow.webp) - -The Edit table window has the following options: - -- Name – Use the Parameters window to edit the table name. - - - If the name begins with a `#` it is a temporary table - - If the name begins with a `@` it is a table variable - - - In SQLCommand, these can be passed in as structured table parameters - - - If neither is specified, Enterprise Auditor assumes it is a temporary table - -- Description – Use the Parameters window to edit the description -- Values – Add, edit, and remove values from the table - - - Add – Select from the dropdown to either **Add New Row** or **Add New Column** to the table - - Edit a value – Edits the selected value - - Delete – Deletes the selected value - - Up/Down – Changes the value position higher or lower - -A CSV file is created under the job’s directory when a parameter table is added to the analysis. A -pre-existing CSV file can also be uploaded to populate the table. - -Click **OK** to confirm changes to the table. If no changes were made or intended, click **Cancel** -to close the Edit Table window to ensure no accidental changes are saved. - -# VBscripting Analysis Module - -Use the VBscripting analysis module to access the VBScript Editor and apply VB scripting to the -current analysis. - -![VBScript Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/vbscripteditor.webp) - -The VBScript Editor has the following options: - -- Save and Close – Saves the script and closes the window -- Syntax Check – Checks VB script syntax - - - Syntax Check does not identify logic errors, only instances where syntax is incorrect. Click - **Syntax Check** to open the Script Errors window which identifies syntax errors. - - Syntax Check reports back syntax errors starting from the beginning of the script to the end. - Syntax Check does not return a list of errors. - -- Load file – Opens a File Explorer which can be used to navigate to a VBS file -- Save to File – Saves the currently configured script into a VBS file -- Undo – Undo the previous changes made to script (Ctrl+Z) -- Redo – Redo the previous changes made to script (Ctrl+Y) -- Cut – Cuts the highlighted script from the VB script editor (Ctrl+X) -- Copy – Copies the highlighted script in the VB script editor (Ctrl+C) -- Paste – Pastes cut or copied script into the VB script editor (Ctrl+V) - -When done using the editor, click **Save and Close** to return to the Analysis Properties page. Make -sure to save the analysis. diff --git a/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md b/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md deleted file mode 100644 index c506dff650..0000000000 --- a/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md +++ /dev/null @@ -1,324 +0,0 @@ -# SQLViewCreations: Columns - -The Result Columns page lists the tables selected on the Input Select page. - -![View and Table Creation Analysis Module wizard Result Columns page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/columns.webp) - -Expand the table to show its columns. Then, select the checkbox next to the column to include it in -the resulting table or view. If two data tables are being joined, the resulting table displays at -the bottom of the grid. Use the scroll bar to view any hidden tables or data points. - -The grid provides the following options for formatting the resulting table or view: - -- Check All – Selects all checkboxes in the Checked column -- Uncheck All – Clears all checkboxes in the Checked column -- Add Column – Opens the New Trend Column window, where columns can be added to the table -- Delete – Deletes a selected column - - - Original columns cannot be deleted. Only columns that have been added by users can be deleted. - -- Show All Columns/Hide Unchecked Columns – Hides rows that are not currently selected ,or if - columns are currently hidden, displays all columns in the table -- Checked – Selects data columns for inclusion in the resulting table or view -- Column Name – Displays the data column name -- Group Operation – Accesses the available group operations that can be applied to individual data - points. Click on a cell in this column to display the drop-down arrow. The following operations - are available: - - - (none) - - Average - - Count - - Maximum - - Minimum - - Sum - - Variance - -- Data Label – Displays any data label for the associated data point. Data labels override the - column name on the materialized table or view. If applying a group operation, a default data label - shows. To apply a custom label, click in the cell and enter the label. -- Order By Operation – Accesses the available order-by operations that can be applied to individual - data points. Click on a cell in this column to display the drop-down arrow. The following - operations are available: - - - None - - Ascending - - Descending - -**NOTE:** If at least one columns is sorted by value, the **With ties** option is enabled on the -Result Constraints page. See the -[SQLViewCreation: Result Constraints](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) topic -for additional information. - -After selecting the columns to include in the resulting table or view, click **Next** to further -filter the sourced data. - -# SQLViewCreation: Export - -Use the Export settings page to specify data export settings. - -![View and Table Creation Analysis Module wizard Export page](/img/versioned_docs/directorymanager_11.0/directorymanager/portal/export.webp) - -Select the **Export results data** checkbox to enable the settings. The following options control -the file type and destination of the exported data: - -- Format – Use the drop-down menu to select the file format of the exported data - - - MS Excel file – Converts file to Microsoft Excel format. If Excel is not installed on the - console, a warning message shows and another export file format needs to be selected. - - CSV file – Converts file to Comma-Separated Values format. Includes the option to compress the - file to a zip file. - - ML file – Converts file to Extensible Markup Language format. Includes the option to compress - the file to a zip file. - -- Location – Displays the export location path. To edit this field, clear the **Use the job output - folder** checkbox. Click the ellipsis (**…**) to browse for a location, or edit the field - directly. -- Use the job output folder – Use the default export location and displays the path within the - **Location** field. To specify a different location, clear the checkbox and edit the **Location** - field. - -Once the options are selected, click **Next**. - -# SQLViewCreation: Filter - -Use this page to add custom filters to the table using the Filter Builder. - -![View and Table Creation Analysis Module wizard Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -Filters reduce the amount of data visible in a column imported to the resulting table or view. By -default, when the filter page is blank, all the data within each column is included. Use the -following options to add and remove filters: - -- Edit – Opens the Filter window - - - See the - [Advanced Search](/docs/accessanalyzer/11.6/administration/navigation.md#advanced-search) - topic for additional information - -- Clear – Clears any specified filters - -# SQLViewCreation: Input Source - -Use the Input Source page to select the source tables or views, containing data, to join or -aggregate into a resulting table or view. - -![View and Table Creation Analysis Module wizard Input Source page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/input.webp) - -At the first drop-down, select a table. The drop-down lists on this page are determined by the -selection made on the Input Scope page. To join or aggregate data from two tables, select a second -table at the second drop-down menu. To remove the second table from the field, click the **X** -button. - -**NOTE:** It is important to choose tables that are compatible with one another or share similar -columns. - -When the two sources of data are selected, click **Next** to create a joint column within the -resulting table or view. - -# SQLViewCreation: Input Scope - -Use the Input Selection page to scope the source data tables. This option affects the tables -available for selection on the subsequent pages. - -![View and Table Creation Analysis Module wizard Input Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/inputscope.webp) - -Select the source data to be used from the following options: - -- Tables from Current Job – Targets all tables generated by the current job within the SQL Server - database -- All Enterprise Auditor Tables – Targets tables within the SQL Server database that begin with `SA` -- All tables in the database – Targets all tables within the SQL Server database - -After selecting the initial scope for the data sources, click **Next**. - -# SQLViewCreations: Join Columns - -Use the Join Columns page to select a column from each source table to join together on the -resulting table or view. The options on this page are only enabled if two tables are selected on the -Input Source page. - -**NOTE:** The SQLViewCreation analysis module can join two tables, using a simple equi-join -condition of two predicates. For composite joins with two or more tables using a conjunction of -predicates, use the SQLscripting analysis module. See the -[SQLscripting Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/scripting.md) topic -for additional information. - -![View and Table Creation Analysis Module wizard Join Columns page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/joincolumns.webp) - -Use the **Table 1 join property** and **Table 2 join property** fields to select join predicates -from both tables. Join predicates are columns containing analogous values that are used to match -records in referenced tables. - -Next, specify how to join these tables. To automatically select the appropriate join type, select -one or more of the checkboxes. The selection in the **Join Type** field updates based on user -selections. - -To manually select, use the **Join Type** field. The selection here may update the above checkboxes. -The following options are available: - -- Join Type – Select a join type from the drop-down: - - **NOTE:** Left is the first table referenced, right is the second table. - - - Inner Join – Returns records that have matching values in both tables - - Right Outer Join – Returns all records from the left table, and the matched records from the - right table - - Left Outer Join – Return all records from the right table, and the matched records from the - left table - - Full Outer Join – Return all records when there is a match in either left or right table - -**NOTE:** The join property is the column found within both tables. The two columns can have -different names. However, in the results set, everywhere a value in the first column matches the -value in the second column, rows from the respective tables are joined together. - -After selecting a column from each data source to join, click **Next** to select columns to transfer -to the resulting table or view. - -# SQLViewCreation Analysis Module - -The SQLViewCreation analysis module provides the ability to create new views or tables that are used -in Enterprise Auditor actions and reports. These views or tables are re-created during job -execution. - -**CAUTION:** Consider the impact on storage and performance when choosing to create views versus -tables. Tables require more storage space in the database. - -## Configuration - -This analysis module provides the View and Table Creation Analysis Module wizard to assist in -configuring the module. Before the wizard, collect the desired data for manipulation. - -The wizard contains the following pages: - -- Welcome -- [SQLViewCreation: Input Scope](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) -- [SQLViewCreation: Input Source](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) -- [SQLViewCreations: Join Columns](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) -- [SQLViewCreations: Columns](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) -- [SQLViewCreation: Filter](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) -- [SQLViewCreation: Time Window](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) -- [SQLViewCreation: Result Constraints](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) -- [SQLViewCreation: Result Type](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) -- [SQLViewCreation: Result Sample](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) -- [SQLViewCreation: Export](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) -- [SQLViewCreation: Summary](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) - -The Welcome page provides an overview of the analysis module. - -![View and Table Creation Analysis Module wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -There are no configurable settings on the Welcome page. Click **Next** to begin configuring a custom -table or view using two formatted data sources, or use the Steps navigation pane to open another -page in the wizard. - -# SQLViewCreation: Result Type - -Use the Result Type page to choose a SQL database table or view for the result’s output. - -![View and Table Creation Analysis Module wizard Result Type page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/resulttype.webp) - -The options on this page determine the visual representation and name of the combined data from the -two sourced tables. Select from the following two options: - -- Create Table – Creates a table output for the resulting dataset -- Create View – Creates a view output for the resulting dataset - -A default name of `SA_[job name]_Result` is provided in the name field. You can customize this name -for the resulting table or view. - -The name must start with `SA` to be recognized as a Enterprise Auditor table or view. - -After selecting the resulting table or view’s visual representation and name, click **Next**. - -# SQLViewCreation: Result Constraints - -Use the Result Constraints page to impose restraints on the dataset. - -![View and Table Creation Analysis Module wizard Result constraints page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/resultconstraints.webp) - -Select one of the following options to choose if and how much data should be returned: - -- Duplicate rows can appear in the result set -- Only unique rows can appear in the result set -- Return only [number] [unit] of the rows – Select this checkbox to specify a numeric value and unit - of measurement to return for the rows that appear in the resulting table or view - - - With ties – Include all instances of identical values in the sorted columns with the results. - To include only one instance of identical values, do not select this option.. See the - [With Ties Example](#with-ties-example) topic for additional information. - - **NOTE:** This field is enabled by sorting at least one column in the table by value (for - SQL, only a sorted column can contain ties). To sort columns, use the **Order By Operation** - field on the Columns page. See the - [SQLViewCreations: Columns](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/sql-views.md) - topic for additional information. - -## With Ties Example - -The following example explains how the **With ties** option works. - -![cid:image027.webp@01D4CF75.96F2E110](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/examplefull.webp) - -Consider a table that has ten rows with one repeating entry under the value column. - -![cid:image025.webp@01D4CF74.8A56D750](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/examplereduced.webp) - -If the table is sorted by the value column in ascending order and the **Return only** option is set -to **40 percent**, then there should be four rows visible in the resulting table or view output. - -![cid:image026.webp@01D4CF74.8A56D750](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/examplereducedwithties.webp) - -However, if the first three values in the sort column are unique but the fourth value matches the -fifth, selecting the **With ties** option returns the first three rows as well as both the fourth -and fifth rows for a total of five rows. - -**NOTE:** If sorting multiple columns, **With ties** evaluates all sorted columns to determine ties -between columns with the same inputs. - -# SQLViewCreation: Result Sample - -Use this page to preview a sampling of the completed data manipulation. - -![View and Table Creation Analysis Module wizard Result Sample page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/resultsample.webp) - -Click **Show Preview** to populate the window with the selections from the previous pages. If the -window does not populate, check the configurations for errors and try again. - -**NOTE:** The **Show Preview** option does not always apply the filter conditions specified within -the wizard, but the resulting table or view applies all filters. - -If the preview is satisfactory, click **Next** to continue. - -# SQLViewCreation: Summary - -This page provides an overview of all the settings configured in the wizard. - -![View and Table Creation Analysis Module wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the View and Table Creation Analysis Module wizard to ensure that no -accidental clicks are saved. - -# SQLViewCreation: Time Window - -Use the Source and Time Window page to specify which data to access if using multiple Enterprise -Auditor Consoles or history is enabled. - -![View and Table Creation Analysis Module wizard Source and Time Window page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/timewindow.webp) - -Use the following options to select which sources of data to permit and the time frame in which the -data was collected: - -- Source Data Details – Choose a data source. This option is for when the selected tables are from - two separate Enterprise Auditor Consoles using tables generated by the same job. - - **NOTE:** This section is enabled after selecting **All Enterprise Auditor Tables** or **All - tables in the database** on the Input Scope page. - - - All data – Uses all data available from the selected option on the Input Scope page and merges - the data - - Data from this Enterprise Auditor Console only – Uses only data from the Enterprise Auditor - Console generating the current analysis module - -- Time Window – Select a time window for each table in the analysis. The drop-down menu selections - vary based on each table's history settings. diff --git a/docs/accessanalyzer/11.6/cdsa/job.md b/docs/accessanalyzer/11.6/cdsa/job.md new file mode 100644 index 0000000000..064a1bef9c --- /dev/null +++ b/docs/accessanalyzer/11.6/cdsa/job.md @@ -0,0 +1,120 @@ +# CDSA Job + +The CDSA Job is available through the Instant Job Library under the CDSA library. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for instructions of how to add this instant job to the Jobs tree. When installing the job, +select **Local host** on the Host pages of the Instant Job Wizard. + +Ensure the supporting solutions have successfully collected and analyzed data prior to running this +job. See the +[Presentation Dependencies](/docs/accessanalyzer/11.6/cdsa/presentation.md) +topic for alignment between presentation slides and jobs that supply the data points. + +The CDSA job generates three PowerPoint files: + +- For the Presenter + + - The **Netwrix_CDSA_Presentation.pptx** file is designed to be presented live to the customer + +- For the Customer as printable assets + + - The **Netwrix_CDSA_8.5x11_Presentation.pptx** file is designed to be given to the customer for + self-review as a PDF file + - The **Netwrix_CDSA_A4_Presentation.pptx** file is designed to be given to the customer for + self-review as a PDF file + +**CAUTION:** Do not send any these presentations to a customer in PowerPoint format. + +The printable assets can be converted to PDFs or printed booklet style at a professional print shop +(suggested) if desired. + +These presentations are located within the job’s folder in the Enterprise Auditor installation +directory, which varies according to the location of the job within the Jobs tree. Navigate to this +folder by clicking **Open Folder** on the job's overview page. + +The presentation files contain slides for both a classic CDSA presentation applicable to most +organizations and an ePHI Security Assessment applicable to the healthcare industry. + +## Delivering a CDSA Presentation Slide Show + +The **Netwrix_CDSA_Presentation.pptx** file is designed to be presented live to the customer. There +are two presentation options for the live slide show: + +- The **CDSA - Classic** slide show contains the first 24 slides and is applicable for most + organizations +- The **ePHI Security Assessment** slide show contains the ending slides with select summary slides + from the Classic slide show and is applicable to the healthcare industry + +Use the Custom Slide Show drop-down menu on the Slide Show ribbon in PowerPoint to select the +appropriate presentation. + +**NOTE:** Slide 17 is hidden by default as same information is available on Slides 18-20. + +Netwrix University includes a training module with details on the key talking points for a live +delivery of the slide shows. Check out the **315 – Getting Started with Credential & Data Security +Assessment** training course. + +## Choosing a PDF Version + +Both of the printable assets have two customized options for converting to a PDF: + +- CDSA Classic – Contains the first 24 slides and is applicable for most organizations +- ePHI Security Assessment – Contains the ending slides with select summary slides from the Classic + slide show and is applicable to the healthcare industry + +Follow the steps to create the appropriate custom PDF. + +**Step 1 –** Use the **Save As** option. + +**Step 2 –** Set the file name as desired and change the Save As type to **PDF**. + +**Step 3 –** Click **Options** and change the Range to **Custom show**. + +**Step 4 –** By default, this is set to the **CDSA Classic** show. If needed, change it to the +**ePHI Security Assessment** show. + +**Step 5 –** Click **OK** to confirm the option, and then click **Save** to generate the PDF. + +The presentation is converted to a PDF with only the applicable slides included. + +**NOTE:** Slide 16 is hidden by default as same information is available on Slides 17-19. + +## Custom Slide Show Alignment + +The table lists each slide as it is listed in the **Netwrix_CDSA_Presentation.pptx** file. It +indicates which slides are included in each custom slide show. There are slight variations in page +numbering with the files designed to be saved as PDFs. + +| # | Slide Title | CDSA Classic | ePHI Security Assessment | +| --- | -------------------------------------------------------- | ------------ | ------------------------ | +| 1 | Executive Summary | X | | +| 2 | Netwrix Credential and Data Security Assessment (CDSA) | X | | +| 3 | Data Security | X | | +| 4 | Condition: Open Access | X | X | +| 5 | Sensitive Data | X | | +| 6 | Stale Data | X | | +| 7 | Active Directory Security | X | X | +| 8 | Password Issues | X | | +| 9 | Toxic Active Directory Conditions | X | | +| 10 | Non-Administrators that can Perform Sensitive AD Actions | X | | +| 11 | Active Directory Sensitive Security Groups | X | | +| 12 | Windows: Assessment Summary | X | X | +| 13 | Local Administrators | X | | +| 14 | Service Accounts | X | | +| 15 | Ticket and Credential Management | X | | +| 16 | Shadow Access Rights | X | | +| 17 | Additional Findings (FS, AD, Windows OS) | | | +| 18 | Additional Findings (FS, SharePoint, Box, Dropbox) | X | X | +| 19 | Additional Findings (Exchange, Databases) | X | X | +| 20 | Additional Findings (AD, Windows OS) | X | X | +| 21 | Product Portfolio | X | X | +| 22 | Path To Success | X | X | +| 23 | Netwrix | X | X | +| 24 | Thank You | X | X | +| 25 | Executive Summary: ePHI Security Assessment | | X | +| 26 | Netwrix ePHI Security Assessment | | X | +| 27 | ePHI Data | | X | +| 28 | Condition: Stale Data | | X | +| 29 | AD Security Assessment | | X | +| 30 | Windows: Security Assessment | | X | +| 31 | Shadow Access Rights to ePHI Data | | X | diff --git a/docs/accessanalyzer/11.6/cdsa/overview.md b/docs/accessanalyzer/11.6/cdsa/overview.md new file mode 100644 index 0000000000..88bb874e59 --- /dev/null +++ b/docs/accessanalyzer/11.6/cdsa/overview.md @@ -0,0 +1,60 @@ +# Credential & Data Security Assessment Overview + +Proper data security begins with a strong foundation. The Credential & Data Security Assessment +(CDSA) provides a deep-dive into the security of your structured and unstructured data, Active +Directory, and Windows infrastructure. + +The CDSA job depends upon several Enterprise Auditor solutions for data collection. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for installation and database requirements. + +## Supporting Solutions + +At a minimum the following solutions need to run prior to the CDSA job to provide the data used to +generate the CDSA presentations: + +- .Active Directory Inventory Solution + + - See the + [.Active Directory Inventory Solution](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/overview.md) + topic for additional information + +- Active Directory Solution + + - See the + [Active Directory Solution](/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md) + topic for additional information + +- Active Directory Permissions Analyzer Solution + + - See the + [Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/overview.md) + topic for additional information + +- File System Solution + + - See the + [File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/overview.md) + topic for additional information + +- Windows Solution + + - See the + [Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) + topic for additional information + +The following additional solutions also provide data to the CDSA job: + +- [Entra ID Solution](/docs/accessanalyzer/11.6/solutions/entraid/overview.md) +- [AWS Solution](/docs/accessanalyzer/11.6/solutions/aws/overview.md) +- [Box Solution](/docs/accessanalyzer/11.6/solutions/box/overview.md) +- [Dropbox Solution](/docs/accessanalyzer/11.6/solutions/dropbox/overview.md) +- [Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +- [Oracle Solution](/docs/accessanalyzer/11.6/solutions/databases/oracle/overview.md) +- [SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/overview.md) +- [SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/overview.md) + +Additionally, the Sensitive Data Discovery Add-On also contributes to the CDSA presentations. See +the +[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md) topic +for additional information. diff --git a/docs/accessanalyzer/11.6/cdsa/presentation.md b/docs/accessanalyzer/11.6/cdsa/presentation.md new file mode 100644 index 0000000000..2de630e269 --- /dev/null +++ b/docs/accessanalyzer/11.6/cdsa/presentation.md @@ -0,0 +1,763 @@ +# Presentation Dependencies + +In the following subsections, each slide is aligned to the jobs that supply its data. The slide +number is specific to the **Netwrix_CDSA_Presentation.pptx** file, as there are slight various in +page numbering with the files designed to be saved as PDFs. Many jobs contribute to multiple slides, +so jobs are highlighted in bold text the first time they are listed. + +## Executive Summary Slide + +The Executive Summary slide (Slide 1) has no data points. + +## Netwrix Credential and Data Security Assessment (CDSA) Slide + +The Netwrix Credential and Data Security Assessment (CDSA) slide (Slide 2) has no data points. + +## Data Security Slide + +The Data Security slide (Slide 3) has the following primary job dependencies: + +- .Active Directory Inventory + + - **1-AD_Scan** + +- FileSystem + + - **0.Collection > 1-FSAA System Scans** + - **0.Collection > 2-FSAA Bulk Import** + +Data is also supplied by the following jobs when they have been executed: + +- AWS + + - **0.Collection > 1.AWS_OrgScan** + - **0.Collection > 2.AWS_S3Scan** + +- Box + + - **0.Collection > 1-Box_Access Scans** + - **0.Collection > 2-Box_Import** + +- Databases + + - **0.Collection > Oracle > 0-Oracle_Servers** + - **0.Collection > Oracle > 1-Oracle_PermissionsScan** + - **0.Collection > SQL > 0-SQL_InstanceDiscovery** + - **0.Collection > SQL > 1-SQL_PermissionsScan** + +- Dropbox + + - **0.Collection > 1-Dropbox_Permissions Scan** + - **0.Collection > 2-Dropbox_Permissions Bulk Import** + +- Exchange + + - **4. Mailboxes > Sizing > 0. Collection > EX_MBSize** + - **5. Public Folders > Growth and Size > Collection > PF_FolderScans** + +- SharePoint + + - **0.Collection > 2-SPAA_SystemScans** + - **0.Collection > 5-SPAA_BulkImport** + +## Condition: Open Access Slide + +The Condition: Open Access slide (Slide 4) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- FileSystem + + - 0.Collection > 1-FSAA System Scans + - 0.Collection > 2-FSAA Bulk Import + - **1.Open Access >FS_OpenAccess** + +Data is also supplied by the following jobs when they have been executed: + +- AWS + + - 0.Collection > 1.AWS_OrgScan + - 0.Collection > 2.AWS_S3Scan + - **6.S3 Permissions > AWS_OpenBuckets** + +- Box + + - 0.Collection > 1-Box_Access Scans + - 0.Collection > 2-Box_Import + +- Databases + + - 0.Collection > Oracle > 0-Oracle_Servers + - 0.Collection > Oracle > 1-Oracle_PermissionsScan + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - **Oracle > 3.Permissions > Oracle_PublicPermissions** + - **SQL > 3.Permissions > SQL_PublicPermissions** + +- Dropbox + + - 0.Collection > 1-Dropbox_Permissions Scan + - 0.Collection > 2-Dropbox_Permissions Bulk Import + +- Exchange + + - **4. Mailboxes > Permissions > 0. Collection > EX_Delegates** + - **4. Mailboxes > Permissions > 0. Collection > EX_MBRights** + - **4. Mailboxes > Permissions > 0. Collection > EX_Perms** + - **4. Mailboxes > Permissions > 0. Collection > EX_SendAs** + - **4. Mailboxes > Permissions > EX_MailboxAccess** + - 4. Mailboxes > Sizing > 0. Collection > EX_MBSize + - 5. Public Folders > Growth and Size > Collection > PF_FolderScans + - **5. Public Folders > Permissions > Collection > PF_EntitlementScans** + +- SharePoint + + - 0.Collection > 2-SPAA_SystemScans + - 0.Collection > 5-SPAA_BulkImport + - **2.High Risk Sites > SP_OpenAccess** + +## Sensitive Data Slide + +The Sensitive Data slide (Slide 5) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- FileSystem + + - **0.Collection > 1-SEEK System Scans** + - **0.Collection > 2-SEEK Bulk Import** + - **7.Sensitive Data > FS_DLPResults** + +Data is also supplied by the following jobs when they have been executed: + +- AWS + + - 0.Collection > 1.AWS_OrgScan + - **0.Collection > 4.AWS_S3SDDScan** + - **8.S3 Sensitive Data > AWS_SensitiveData** + +- Databases + + - 0.Collection > Oracle > 0-Oracle_Servers + - 0.Collection > Oracle > 1-Oracle_PermissionsScan + - **0.Collection > Oracle > 2-Oracle_SensitiveDataScan** + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - **0.Collection > SQL > 2-SQL_SensitiveDataScan** + - **Oracle > 5.Sensitive Data > Oracle_SensitiveData** + - **SQL > 5.Sensitive Data > SQL_SensitiveData** + +- Dropbox + + - **0.Collection > 1-Dropbox_SDD Scan** + - **0.Collection > 2-Dropbox_SDD Bulk Import** + - **5.Sensitive Data > Dropbox SensitiveData** + +- Exchange + + - **7. Sensitive Data > 0.Collection > EX_Mailbox_SDD** + - **7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD** + - **7. Sensitive Data > EX_SDDResults** + +- SharePoint + + - **0.Collection > 1-SPSEEK_SystemScans** + - **0.Collection > 4-SPSEEK_BulkImport** + - **6.Sensitive Data > SP_SensitiveData** + +## Stale Data Slide + +The Stale Data slide (Slide 6) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- FileSystem + + - 0.Collection > 1-FSAA System Scans + - 0.Collection > 2-FSAA Bulk Import + - **4.Content > Stale > FS_StaleContent** + +Data is also supplied by the following jobs when they have been executed: + +- Box + + - 0.Collection > 1-Box_Access Scans + - 0.Collection > 2-Box_Import + +- Databases + + - 0.Collection > Oracle > 0-Oracle_Servers + - 0.Collection > Oracle > 1-Oracle_PermissionsScan + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + +- Dropbox + + - 0.Collection > 1-Dropbox_Permissions Scan + - 0.Collection > 2-Dropbox_Permissions Bulk Import + +- Exchange + + - **5. Public Folders > Content > Collection > PF_ContentScans** + +- SharePoint + + - 0.Collection > 2-SPAA_SystemScans + - 0.Collection > 5-SPAA_BulkImport + - **4.Content > SP_StaleFiles** + +## Active Directory Security Slide + +The Active Directory Security slide (Slide 7) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Active Directory Permissions Analyzer + + - **0.Collection > AD_ComputerRights** + - **0.Collection > AD_ContainerRights** + - **0.Collection > AD_DomainRights** + - **0.Collection > AD_GroupRights** + - **0.Collection > AD_OURights** + - **0.Collection > AD_SiteRights** + - **0.Collection > AD_UserRights** + +Data is also supplied by the following jobs when they have been executed: + +- .Entra ID Inventory + + - **1-AAD_Scan** + +## Password Issues Slide + +The Password Issues slide (Slide 8) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Active Directory + + - **2.Users > AD_WeakPasswords** + - **2.Users > AD_PasswordStatus** + - **4.Group Policy > AD_CPassword** + +## Toxic Active Directory Conditions Slide + +The Toxic Active Directory Conditions slide (Slide 9) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + - **3-AD_Exceptions** + +- Active Directory + + - **1.Groups > AD_CircularNesting** + - **1.Groups > AD_EmptyGroups** + - **1.Groups > AD_SensitiveSecurityGroups** + - **1.Groups > AD_StaleGroups** + - **2.Users > AD_SIDHistory** + - **2.Users > AD_StaleUsers** + +## Non-Administrators that can Perform Sensitive AD Actions Slide + +The Non-Administrators that can Perform Sensitive AD Actions slide (Slide 10) has the following +primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Active Directory Permissions Analyzer + + - 0.Collection > AD_ComputerRights + - 0.Collection > AD_ContainerRights + - 0.Collection > AD_DomainRights + - 0.Collection > AD_GroupRights + - 0.Collection > AD_OURights + - 0.Collection > AD_SiteRights + - 0.Collection > AD_UserRights + - **1.Users > AD_ResetPasswordPermissions** + - **2.Groups > AD_GroupMembershipPermissions** + - **8.Domains > AD_DomainReplication** + +## Active Directory Sensitive Security Groups Slide + +The Active Directory Sensitive Security Groups slide (Slide 11) has the following primary job +dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +## Windows: Assessment Summary Slide + +The Windows: Assessment Summary slide (Slide 12) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Windows + + - **Authentication > SG_LSASettings** + - **Authentication > SG_SecuritySupportProviders** + - **Authentication > SG_WDigestSettings** + - **Open Access > SG_OpenFolders** + - **Privileged Accounts > Local Administrators > SG_LocalAdmins** + - **Privileged Accounts > Local Administrators > SG_MicrosoftLAPS** + - **Privileged Accounts > Logon Rights > SG_LocalPolicies** + - **Privileged Accounts > Service Accounts > SG_ServiceAccounts** + - **Security Utilities > SG_PowerShellCommands** + +## Local Administrators Slide + +The Local Administrators slide (Slide 13) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Windows + + - Privileged Accounts > Local Administrators > SG_LocalAdmins + - Privileged Accounts > Logon Rights > SG_LocalPolicies + +## Service Accounts Slide + +The Service Accounts slide (Slide 14) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Windows + + - Authentication > SG_LSASettings + - Authentication > SG_WDigestSettings + - Privileged Accounts > Service Accounts > SG_ServiceAccounts + - Security Utilities > SG_PowerShellCommands + +## Ticket and Credential Management Slide + +The Ticket and Credential Management slide (Slide 15) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Windows + + - Authentication > SG_LSASettings + - Authentication > SG_WDigestSettings + - Security Utilities > SG_PowerShellCommands + +## Shadow Access Rights Slide + +The Shadow Access Rights slide (Slide 16) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Active Directory + + - 1.Groups > AD_SensitiveSecurityGroups + - 2.Users > AD_WeakPasswords + +- Active Directory Permissions Analyzer + + - 0.Collection > AD_ComputerRights + - 0.Collection > AD_ContainerRights + - 0.Collection > AD_DomainRights + - 0.Collection > AD_GroupRights + - 0.Collection > AD_OURights + - 0.Collection > AD_SiteRights + - 0.Collection > AD_UserRights + - 1.Users > AD_ResetPasswordPermissions + - 2.Groups > AD_GroupMembershipPermissions + - **7.Containers > AD_AdminSDHolder** + - 8.Domains > AD_DomainReplication + +- FileSystem + + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-SEEK Bulk Import + - 7.Sensitive Data > FS_DLPResults + +- Windows + + - Privileged Accounts > Local Administrators > SG_LocalAdmins + - **Privileged Accounts > Local Administrators > SG_Sessions** + +Data is also supplied by the following jobs when they have been executed: + +- Databases + + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - 0.Collection > SQL > 2-SQL_SensitiveDataScan + - SQL > 5.Sensitive Data > SQL_SensitiveData + +## Additional Findings (FS, AD, Windows OS) Slide + +Slide 17 in the **Netwrix_CDSA_Presentation.pptx** file is hidden by default. It is recommended to +use Slides 18-20 instead, even when the primary jobs are the only ones supplying data. Slide 17 is +an alternative to slides 18-20. It has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Active Directory + + - 1.Groups > AD_StaleGroups + - **2.Users > AD_ServiceAccounts** + - 2.Users > AD_StaleUsers + - **2.Users > AD_UserToken** + - **3.Computers > AD_StaleComputers** + - 4.Group Policy > AD_CPassword + - 8.Domains > AD_DomainReplication + +- FileSystem + + - 0.Collection > 1-FSAA System Scans + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-FSAA Bulk Import + - 0.Collection > 2-SEEK Bulk Import + - **2.Direct Permissions > FS_DomainUserACLs** + - **3.Broken Inheritance > FS_BrokenInheritance** + - 4.Content > Stale > FS_StaleContent + - 7.Sensitive Data > FS_DLPResults + +- Windows + + - Authentication > SG_LSASettings + - Authentication > SG_WDigestSettings + - Privileged Accounts > Local Administrators > SG_LocalAdmins + - Privileged Accounts > Service Accounts > SG_ServiceAccounts + +## Additional Findings (FS, SharePoint, Box, Dropbox) Slide + +The Additional Findings (FS, SharePoint, Box, Dropbox) slide (Slide 18) has the following primary +job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- FileSystem + + - 0.Collection > 1-FSAA System Scans + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-FSAA Bulk Import + - 0.Collection > 2-SEEK Bulk Import + - **2.Direct Permissions > FS_DomainUserACLs** + - **3.Broken Inheritance > FS_BrokenInheritance** + - 4.Content > Stale > FS_StaleContent + - 7.Sensitive Data > FS_DLPResults + +Data is also supplied by the following jobs when they have been executed: + +- Box + + - 0.Collection > 1-Box_Access Scans + - 0.Collection > 2-Box_Import + +- Dropbox + + - 0.Collection > 1-Dropbox_SDD Scan + - 0.Collection > 2-Dropbox_SDD Bulk Import + - **1.Access > Dropbox_Access** + +- SharePoint + + - 0.Collection > 2-SPAA_SystemScans + - 0.Collection > 5-SPAA_BulkImport + - **2.High Risk Sites > SP_AnonymousSharing** + - 2.High Risk Sites > SP_OpenAccess + - **3.Broken Inheritance > SP_BrokenInheritance** + - 4.Content > SP_StaleFiles + - 7.Sensitive Data > SP_SensitiveData + +## Additional Findings (Exchange, Databases) Slide + +The Additional Findings (Exchange, Databases) slide (Slide 19) has the following primary job +dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +Data is also supplied by the following jobs when they have been executed: + +- Databases + + - 0.Collection > Oracle > 0-Oracle_Servers + - 0.Collection > Oracle > 1-Oracle_PermissionsScan + - 0.Collection > Oracle > 2-Oracle_SensitiveDataScan + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - 0.Collection > SQL > 2-SQL_SensitiveDataScan + - **Oracle > 1. Users and Roles > Oracle_PasswordIssues** + - Oracle > 3.Permissions > Oracle_PublicPermissions + - **Oracle > 4. Configuration > Oracle_DataDictionaryProtection** + - **Oracle > 4. Configuration > Oracle_InstanceNameIssues** + - **Oracle > 4. Configuration > Oracle_RemoteOSAuthentication** + - Oracle > 5.Sensitive Data > Oracle_SensitiveData + - **SQL > 1. Users and Roles > SQL_PasswordIssues** + - SQL > 3.Permissions > SQL_PublicPermissions + - **SQL > 4.Configuration > SQL_Authentication** + - **SQL > 4. Configuration > SQL_BestPractices** + - **SQL > 4.Configuration > SQL_CMDShell** + - SQL > 5.Sensitive Data > SQL_SensitiveData + +- Exchange + + - 4. Mailboxes > Permissions > 0. Collection > EX_Delegates + - 4. Mailboxes > Permissions > 0. Collection > EX_MBRights + - 4. Mailboxes > Permissions > 0. Collection > EX_Perms + - 4. Mailboxes > Permissions > 0. Collection > EX_SendAs + - **4. Mailboxes > Permissions > EX_AdminGroups** + - 4. Mailboxes > Permissions > EX_MailboxAccess + - **4. Mailboxes > Sizing > EX_StaleMailboxes** + - 5. Public Folders > Content > Collection > PF_ContentScans + - 5. Public Folders > Permissions > Collection > PF_EntitlementScans + - 7. Sensitive Data > 0.Collection > EX_Mailbox_SDD + - 7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD + - 7. Sensitive Data > EX_SDDResults + +## Additional Findings (AD, Windows OS) Slide + +The Additional Findings (AD, Windows OS) slide (Slide 20) has the following primary job +dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Active Directory + + - 1.Groups > AD_StaleGroups + - **2.Users > AD_ServiceAccounts** + - 2.Users > AD_StaleUsers + - **2.Users > AD_UserToken** + - **3.Computers > AD_StaleComputers** + - 4.Group Policy > AD_CPassword + - 8.Domains > AD_DomainReplication + +- Windows + + - Authentication > SG_LSASettings + - Authentication > SG_WDigestSettings + - Privileged Accounts > Local Administrators > SG_LocalAdmins + +## Product Portfolio Slide + +The Product Portfolio slide (Slide 21) has no data points. + +## Path To Success Slide + +The Path To Success slide (Slide 22) has no data points. + +## Netwrix Slide + +The Netwrix slide (Slide 23) has no data points. + +## Thank You Slide + +The Thank You slide (Slide 24) has no data points. + +## Executive Summary: ePHI Security Assessment Slide + +The Executive Summary: ePHI Security Assessment slide (Slide 25) has no data points. + +## Netwrix ePHI Security Assessment Slide + +The Netwrix ePHI Security Assessment slide (Slide 26) has no data points. + +## ePHI Data Slide + +The ePHI Data slide (Slide 27) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- FileSystem + + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-SEEK Bulk Import + - **0.Collection > 3-FSAA-Exceptions** + - 7.Sensitive Data > FS_DLPResults + +Data is also supplied by the following jobs when they have been executed: + +- AWS + + - 0.Collection > 1.AWS_OrgScan + - 0.Collection > 4.AWS_S3SDDScan + - 8.S3 Sensitive Data > AWS_SensitiveData + +- Box + + - 0.Collection > 1-Box_Access Scans + - 0.Collection > 2-Box_Import + +- Databases + + - 0.Collection > Oracle > 0-Oracle_Servers + - 0.Collection > Oracle > 1-Oracle_PermissionsScan + - 0.Collection > Oracle > 2-Oracle_SensitiveDataScan + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - 0.Collection > SQL > 2-SQL_SensitiveDataScan + - Oracle > 3.Permissions > Oracle_PublicPermissions + - Oracle > 5.Sensitive Data > Oracle_SensitiveData + - SQL > 3.Permissions > SQL_PublicPermissions + - SQL > 5.Sensitive Data > SQL_SensitiveData + +- Dropbox + + - 0.Collection > 1-Dropbox_SDD Scan + - 0.Collection > 2-Dropbox_SDD Bulk Import + - 5.Sensitive Data > Dropbox_SensitiveData + +- Exchange + + - 7. Sensitive Data > 0.Collection > EX_Mailbox_SDD + - 7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD + - 7. Sensitive Data > SDDResults + - 4. Mailboxes > Permissions > 0. Collection > EX_Delegates + - 4. Mailboxes > Permissions > 0. Collection > EX_MBRights + - 4. Mailboxes > Permissions > 0. Collection > EX_Perms + - 4. Mailboxes > Permissions > 0. Collection > EX_SendAs + - 4. Mailboxes > Permissions > EX_MailboxAccess + +- SharePoint + + - 0.Collection > 1-SPSEEK_SystemScans + - 0.Collection > 4-SPSEEK_BulkImport + - **0.Collection > 7-SPAA_Exceptions** + - 6.Sensitive Data > SP_SensitiveData + +## Condition: Stale Data Slide + +The Condition: Stale Data slide (Slide 28) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- FileSystem + + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-SEEK Bulk Import + - 7.Sensitive Data > FS_DLPResults + +Data is also supplied by the following jobs when they have been executed: + +- Dropbox + + - 0.Collection > 1-Dropbox_SDD Scan + - 0.Collection > 2-Dropbox_SDD Bulk Import + - 5.Sensitive Data > Dropbox_SensitiveData + +- SharePoint + + - 0.Collection > 1-SPSEEK_SystemScans + - 0.Collection > 4-SPSEEK_BulkImport + - 6.Sensitive Data > SP_SensitiveData + +## AD Security Assessment Slide + +The AD Security Assessment slide (Slide 29) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + - 3-AD_Exceptions + +- Active Directory + + - 1.Groups > AD_SensitiveSecurityGroups + - 2.Users > AD_WeakPasswords + - 2.Users > AD_PasswordStatus + - 4.Group Policy > AD_CPassword + +- Active Directory Permissions Analyzer + + - 1.Users > AD_ResetPasswordPermissions + - 2.Groups > AD_GroupMembershipPermissions + - 8.Domains > AD_DomainReplication + +## Windows: Security Assessment Slide + +The Windows: Security Assessment slide (Slide 30) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Windows + + - Authentication > SG_LSASettings + - Authentication > SG_WDigestSettings + - Privileged Accounts > Local Administrators > SG_LocalAdmins + - Privileged Accounts > Service Accounts > SG_ServiceAccounts + +## Shadow Access Rights to ePHI Data Slide + +The Shadow Access Rights to ePHI Data slide (Slide 31) has the following primary job dependencies: + +- .Active Directory Inventory + + - 1-AD_Scan + +- Active Directory + + - 1.Groups > AD_SensitiveSecurityGroups + - 2.Users > AD_WeakPasswords + +- Active Directory Permissions Analyzer + + - 0.Collection > AD_ComputerRights + - 0.Collection > AD_ContainerRights + - 0.Collection > AD_DomainRights + - 0.Collection > AD_GroupRights + - 0.Collection > AD_OURights + - 0.Collection > AD_SiteRights + - 0.Collection > AD_UserRights + - 1.Users > AD_ResetPasswordPermissions + - 2.Groups > AD_GroupMembershipPermissions + - 7.Containers > AD_AdminSDHolder + - 8.Domains > AD_DomainReplication + +- FileSystem + + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-SEEK Bulk Import + - 7.Sensitive Data > FS_DLPResults + +- Windows + + - Privileged Accounts > Local Administrators > SG_LocalAdmins + - Privileged Accounts > Local Administrators > SG_Sessions + +Data is also supplied by the following jobs when they have been executed: + +- Databases + + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - 0.Collection > SQL > 2-SQL_SensitiveDataScan + - SQL > 5.Sensitive Data > SQL_SensitiveData diff --git a/docs/accessanalyzer/11.6/config/activedirectory/access.md b/docs/accessanalyzer/11.6/config/activedirectory/access.md new file mode 100644 index 0000000000..83449af5bb --- /dev/null +++ b/docs/accessanalyzer/11.6/config/activedirectory/access.md @@ -0,0 +1,221 @@ +# Active Directory Auditing Configuration + +The Enterprise Auditor for Active Directory Solution is compatible with the following Active +Directory versions as targets: + +- Windows Server 2016 and later +- Windows 2003 Forest level or higher + +**NOTE:** See the Microsoft +[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) +article for additional information. + +Domain Controller Requirements + +The following are requirements for the domain controllers to be scanned: + +- .NET Framework 4.5+ installed +- WINRM Service installed + +Data Collectors + +Successful use of the Enterprise Auditor Active Directory solution requires the necessary settings +and permissions in a Microsoft® Active Directory® environment described in this topic and its +subtopics. This solution employs the following data collectors to scan for groups, users, computers, +passwords, permissions, group policies, and domain information: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [ActiveDirectory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/activedirectory/overview.md) +- [ADActivity Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adactivity/overview.md) +- [GroupPolicy Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/overview.md) +- [LDAP Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/ldap.md) +- [PasswordSecurity Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/overview.md) +- [PowerShell Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md) +- [Registry Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/registry.md) + +## Permissions + +- Member of the Domain Administrators group + +The majority of jobs in the Active Directory solutions rely on tables with queried data from the +data collectors mentioned above to perform analysis and generate reports. The remaining jobs utilize +data collectors to scan environments, and require additional permissions on the target host. + +**_RECOMMENDED:_** Use Domain/Local Administrator privileges to run Enterprise Auditor against an +Active Directory domain controller. + +There is a least privilege model for scanning your domain. See the +[Least Privilege Model](#least-privilege-model) topic for additional information. + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For ActiveDirectory Data Collector + +- TCP 389/636 +- TCP 135-139 +- Randomly allocated high TCP ports + +For ADActivity Data Collector + +- TCP 4494 (configurable within the Netwrix Activity Monitor) + +For GroupPolicy Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For LDAP Data Collector + +- TCP 389 + +For PasswordSecurity Collector + +- TCP 389/636 + +For PowerShell Data Collector + +- Randomly allocated high TCP ports + +For Registry Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports + +## Least Privilege Model + +A least privilege model can be configured based on your auditing needs and the data collection jobs +you will be using. The following jobs and their corresponding data collectors can be run with a +least privilege permissions model. + +1-AD_Scan Job Permissions + +The ADInventory Data Collector in the .Active Directory Inventory > 1-AD_Scan Job has the following +minimum requirements, which must be configured at the Domain level in Active Directory: + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +AD_WeakPasswords Job Permissions + +The PasswordSecurity Data Collector in the 2.Users > AD_WeakPasswords Job has the following minimum +requirements: + +- At the domain level: + + - Read + - Replicating Directory Changes + - Replicating Directory Changes All + - Replicating Directory Changes in a Filtered Set + - Replication Synchronization + +AD_CPassword Job Permissions + +While the PowerShell Data Collector typically requires Domain Administrator permissions when +targeting a domain controller, that level of access is not required to run the 4.Group Policy > +AD_CPasswords job. The minimum requirements for running this job are: + +- Read access to SYSVOL on the targeted Domain Controller(s) and all of its children + +AD_GroupPolicy Job Permissions + +While the GroupPolicy Data Collector typically requires Domain Administrator permissions when +targeting a domain controller, that level of access is not required to run the 4.Group Policy > +AD_GroupPolicy Job. The minimum requirements for running this job are: + +- Requires Read permissions on Group Policy Objects + +AD_PasswordPolicies Job Permissions + +While the LDAP Data Collector typically requires Domain Administrator permissions when targeting a +domain controller, that level of access is not required to run the 4.Group Policy > +AD_PasswordPolicies Job. The minimum requirements for running this job are: + +- Requires Read permissions on the Password Settings Container + +AD_DomainControllers Job Permissions + +While the LDAP Data Collector and Active Directory Data Collector typically requires Domain +Administrator permissions when targeting a domain controller, that level of access is not required +to run the 5.Domains > 0.Collection > AD_DomainControllers Job. The minimum requirements for running +this job are: + +- Read access to CN=Servers,%SITEDN% and its children +- Read access to: %PARTITIONDNS% and its children +- Read access to: %SCHEMADN% +- Read access to: %SITESDN% and its children + +See the [Variable Definitions](#variable-definitions) for variable definitions. + +AD_DSRM Job Permissions + +While the Registry Data Collector typically requires Domain Administrator permissions when targeting +a domain controller, that level of access is not required to run the 5.Domains > 0.Collection > +AD_DSRM Job. The minimum requirements for running this job are: + +- Requires read access to the following Registry key and its children: + HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa + +AD_TimeSync Job Permissions + +While the Registry Data Collector typically requires Domain Administrator permissions when targeting +a domain controller, that level of access is not required to run the 5.Domains > 0.Collection > +AD_TimeSync Job. The minimum requirements for running this job are: + +- Requires Read access to the following Registry keys and its children: + HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time + +AD_DomainInfo Job Permissions + +While the LDAP Data Collector and Active Directory Data Collector typically requires Domain +Administrator permissions when targeting a domain controller, that level of access is not required +to run the 5.Domains > AD_DomainInfo Job. The minimum requirements for running this job, which must +be configured at the Domain level in Active Directory, are: + +- Read access to: %DOMAINDN% and its children +- Read access to: CN=System,%DOMAINDN% and its children +- Read access to: %SITEDN% and its children +- Read access to: %PARTITIONDNS% and its children + +See the [Variable Definitions](#variable-definitions) for variable definitions. + +AD_ActivityCollection Job Permission + +The ADActivity Data Collector in the 6.Activity > 0.Collection > AD_ActivityCollection Job has the +following minimum requirements: + +- Netwrix Activity Monitor API Access activity data +- Netwrix Activity Monitor API Read +- Read access to the Netwrix Activity Monitor Log Archive location + +### Variable Definitions + +The following variables are referenced for Active Directory Least Privileged Models: + +`%PARTITIONDNS%` is the distinguished name of the accessed partition; +`CN=Partitions,CN=Configuration,DC=contoso,DC=com` + +`%SITEDN%` is the distinguished name of the accessed site; +`CN=Sites,CN=Configuration,DC=contoso,DC=com` + +`%CONFIGDN%` is the distinguished name of the configuration naming context; +`CN=Configuration,DC=company,DC=com` + +`%SCHEMADN%` is the distinguished name of the accessed schema; +`CN=Schema,CN=Configuration,DC=company,DC=com` + +`%DOMAINDN%`" is the distinguished name of the accessed domain object; `DC=company,DC=com` diff --git a/docs/accessanalyzer/11.6/config/activedirectory/activity.md b/docs/accessanalyzer/11.6/config/activedirectory/activity.md new file mode 100644 index 0000000000..5df346c827 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/activedirectory/activity.md @@ -0,0 +1,251 @@ +# Active Directory Activity Auditing Configuration + +There are two methods to configure Activity Monitor to provide Active Directory domain activity to +Enterprise Auditor: + +- API Server +- File Archive Repository + +See the +[File Archive Repository Option](/docs/accessanalyzer/11.6/config/activedirectory/filearchive.md) +topic for additional information on that option. + +## API Server Option + +In this method, you will be deploying two agents: + +- First, deploy an Activity Agent to a Windows server that will act as the API server. This is a + non-domain controller server. + + **_RECOMMENDED:_** Deploy the API Server to the same server where the Activity Monitor Console + resides. + +- Next, deploy the AD Agent to all domain controllers in the target domain. + +Follow the steps to setup integration between Activity Monitor and Enterprise Auditor through an API +server. + +**Step 1 –** Deploy the Activity Agent to the API server. + +**Step 2 –** Deploy the AD Agent to each domain controller in the target domain. + +The next step is to configure the agent deployed to the API server. + +## Configure API Server Agent + +Follow the steps to configure the agent deployed to the API server. + +**Step 1 –** On the Agents tab of the Activity Monitor Console, select the agent deployed to the +API server. + +**Step 2 –** Click **Edit**. The Agent properties window opens. + +**Step 3 –** Select the **API Server** tab and configure the following: + +- Select the **Enable API access on this agent** checkbox. +- The default **API server port (TCP)** is 4494, but it can be modified if desired. Ensure the + modified port is also used by Enterprise Auditor. +- Click **Add Application**. The Add or edit API client window opens. +- Configure the following: + + - Provide a descriptive and unique **Application name**, for example `Enterprise Auditor`. + - Select the **Read** checkbox to grant this permission to this application. + - Click **Generate** to generate the Client ID and Client Secret. + - Copy the Client ID value to a text file. + - Click **Copy** and save the Client Secret value to a text file. + + **CAUTION:** It is not possible to retrieve the value after closing the Add or edit + API client window. It must be copied first. + + - By default, the **Secret Expires** in 3 days. That means it must be used in the Enterprise + Auditor Connection Profile within 72 hours or a new secret will need to be generated. Modify + if desired. + - Click **OK** to save the configuration and close the Add or edit API client window. + +- If the Activity Monitor Console server is not the API Server, then click **Use this console** to + grant the Activity Monitor the ability to manage the API server. +- The IPv4 or IPv6 allowlist allows you to limit access to the API server data to specific hosts. + +**Step 4 –** Click **OK** to save the configuration and close the Agent properties window. + +The next step is to configure the agents deployed to the domain controllers. + +## Configure Domain Controller Agent + +Follow the steps to configure the agent deployed to the domain controller. + +**Step 1 –** On the Agents tab of the Activity Monitor Console, select an agent deployed to domain +controller. + +**Step 2 –** Click **Edit**. The Agent properties window opens. + +**Step 3 –** Select the **Archiving** tab and configure the following: + +- Select the **Enable Archiving for this agent** checkbox. +- Select the **Archive log files on a UNC path** option. Click the **...** button and navigate to + the desired network share on the API server. +- The **User name** and **User password** fields only need to be filled in if the account used to + install the agent does not have access to this share. + + _Remember,_ The account used to install the agent on a domain controller is a Domain + Administrator account. + +- Click **Test** to ensure a successful connection to the network share. + +**Step 4 –** Click **OK** to save the configuration and close the Agent properties window. + +**Step 5 –** Repeat Steps 1-4 for each agent deployed to domain controller. + +These agent are configured to save the Archive logs to the selected share. + +## Configure Monitored Domain Output + +Follow the steps configure the monitored domain output for Netwrix Enterprise Auditor. + +**Step 1 –** Select the **Monitored Domains** tab. + +**Step 2 –** Select the desired domain and click **Add Output**. The Add New Ouptut window opens. + +**Step 3 –** Configure the following: + +- Configure the desired number of days for the **Period to keep Log files**. This is the number of + days the log files are kept on the API server configured in the sections above. This needs to be + set to a greater value than the days between Enterprise Auditor scans. + + - For example, if Enterprise Auditor runs the **AD_ActivityCollection** Job once a week (every 7 + days), then the Activity Monitor output should be configured to retain at least 10 days of log + files. + +- Check the **This log file is for StealthAUDIT** box. +- Optionally select the **Enable periodic AD Status Check event reporting** checkbox. When enabled, + the agent will send out status messages every five minutes to verify whether the connection is + still active. + +**Step 4 –** Click **Add Output** to save and close the Add New Output window. + +Enterprise Auditor now has access to the agent log files for this domain. + +## Configure Enterprise Auditor Connection Profile + +Follow the steps to configure the Connection Profile in Enterprise Auditor. + +_Remember,_ the Client ID and Client Secret were generated by the API server and copied to a text +file. If the secret expired before the Connection Profile is configured, it will need to be +re-generated. + +**Step 1 –** On the **Settings** > **Connection** node of the Enterprise Auditor Console, select the +Connection Profile for the Active Directory solution. If you haven't yet created a Connection +Profile or desire a specific one for AD Activity, create a new one and provide a unique descriptive +name. + +**Step 2 –** Click **Add User credential**. The User Credentials window opens. + +**Step 3 –** Configure the following: + +- Select Account Type – Select **Web Services (JWT)** +- User name – Enter the Client ID generated by the Activity Monitor API Server +- Access Token – Enter the Client Secret generated by the Activity Monitor API Server + +**Step 4 –** Click **OK** to save and close the User Credentials window. + +**Step 5 –** Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +**Step 6 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** Job +Group. Select the **Settings > Connection** node. + +**Step 7 –** Select the **Select one of the following user defined profiles** option. Expand the +drop-down menu and select the Connection Profile with this credential. + +**Step 8 –** Click **Save** and then **OK** to confirm the changes to the job group settings. + +The Connection Profile will now be used for AD Activity collection. + +## Configure the AD_ActivityCollection Job + +The Enterprise Auditor requires additional configurations in order to collect domain activity data. +Follow the steps to configure the **AD_ActivityCollection** Job. + +**NOTE:** Ensure that the **.Active Directory Inventory** Job Group has been successfully run +against the target domain. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. + +**Step 2 –** Click **Query Properties**. The Query Properties window displays. + +**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard +opens. + +![Active Directory Activity DC wizard Category page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/categoryimportfromnam.webp) + +**Step 4 –** On the Category page, choose **Import from SAM** option and click **Next**. + +![Active Directory Activity DC wizard SAM connection settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/namconnection.webp) + +**Step 5 –** On the SAM connection page, the **Port** is set to the default 4494. This needs to +match the port configured for the Activity Monitor API Server agent. + +**Step 6 –** In the **Test SAM host** textbox, enter the Activity Monitor API Server name using +fully qualified domain format. For example, `NEWYORKSRV30.NWXTech.com`. Click **Connect**. + +**Step 7 –** If connection is successful, the archive location displays along with a Refresh token. +Copy the **Refresh token**. This will replace the Client Secret in the Connection Profile in the +last step. + +**Step 8 –** Click **Next**. + +![Active Directory Activity DC wizard Scoping and Retention page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +**Step 9 –** On the Scope page, set the Timespan as desired. There are two options: + +- Relative Timespan – Set the number of days of activity logs to collect when the scan is run +- Absolute Timespan – Set the date range for activity logs to collect when the scan is run + +**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity +Monitor domain output log retention expires. For example, if Enterprise Auditor runs the +**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be +configured to retain at least 10 days of log files. + +**Step 10 –** Set the Retention period as desired. This is the number of days Enterprise Auditor +keeps the collected data in the SQL Server database. + +**Step 11 –** Click **Next** and then **Finish** to save the changes and close the wizard. + +**Step 12 –** Click **OK** to save the changes and close the Query Properties page. + +**Step 13 –** Navigate to the global **Settings** > **Connection** node to update the User +Credential with the Refresh token: + +- Select the Connection Profile assigned to the **6.Activity** > **0.Collection** Job Group. +- Select the Web Services (JWT) User Credential and click **Edit**. +- Replace the Access Token with the Refresh token generated by the data collector in Step 7. +- Click **OK** to save and close the User Credentials window. +- Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +The query is now configured to target the Activity Monitor API Server to collect domain activity +logs. + +### (Optional) Configure Import of AD Activity into Netwrix Access Information Center + +AD Activity data can be imported into Netwrix Access Information Center by the +**AD_ActivityCollection** Job. However, this is disabled by default. Follow the steps to enable the +importing of AD activity data into the Access Information Center. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. + +**Step 2 –** On the job's Overview page, enable the import of AD Events. + +- Click on the **Enable to import AD events into the AIC** parameter. +- On the Parameter Configuration window, select the **Enabled** checkbox and click **Save**. + +**Step 3 –** On the job's Overview page, enable the import of authentication Events. + +- Click on the **Enable to import authentication events into the AIC** parameter. +- On the Parameter Configuration window, select the **Enabled** checkbox and click **Save**. + +**Step 4 –** Optionally, modify the **List of attributes to track for Object Modified changes** and +**Number of days to retain activity data in the AIC** parameters. + +The **AD_ActivityCollection** Job is now configured to import both AD events and authentication +events into the Netwrix Access Information Center. diff --git a/docs/accessanalyzer/11.6/config/activedirectory/filearchive.md b/docs/accessanalyzer/11.6/config/activedirectory/filearchive.md new file mode 100644 index 0000000000..88ed7f3fed --- /dev/null +++ b/docs/accessanalyzer/11.6/config/activedirectory/filearchive.md @@ -0,0 +1,154 @@ +# File Archive Repository Option + +As an alternative to using an API Server, Netwrix Activity Monitor can be configured to store all +archived logs to a network share. This option requires all of the domain logs to be stored in the +same share location in order for Enterprise Auditor to collect the AD Activity data. + +Prerequisite + +Deploy the AD Agent to each domain controller in the target domain. + +## Configure Domain Controller Agent + +Follow the steps to configure the agent deployed to the domain controller. + +**NOTE:** These steps assume the network share where the activity log files will be archived already +exists. + +**Step 1 –** On the Agents tab of the Activity Monitor Console, select an agent deployed to domain +controller. + +**Step 2 –** Click Edit. The Agent properties window opens. + +**Step 3 –** Select the Archiving tab and configure the following: + +- Check the Enable Archiving for this agent box. +- Select the **Archive log files on a UNC path** option. Click the ... button and navigate to the + desired network share. +- The **User name** and **User password** fields only need to be filled in if the account used to + install the agent does not have access to this share. + + _Remember,_ The account used to install the agent on a domain controller is a Domain + Administrator account. This is typically the credential that will be used in the Netwrix + Enterprise Auditor Connection Profile. However, a least privilege option is a domain user + account with Read access to this share. + +- Click **Test** to ensure a successful connection to the network share. + +**Step 4 –** Click OK to save the configuration and close the Agent properties window. + +**Step 5 –** Repeat Steps 1-4 for each agent deployed to domain controller pointing to the same +network share in Step 3 for each agent. + +These agent are configured to save the Archive logs to the selected share. + +## Configure Monitored Domain Output + +Follow the steps configure the monitored domain output for Netwrix Enterprise Auditor. + +**Step 1 –** Select the **Monitored Domains** tab. + +**Step 2 –** Select the desired domain and click **Add Output**. The Add New Ouptut window opens. + +**Step 3 –** Configure the following: + +- Configure the desired number of days for the **Period to keep Log files**. This is the number of + days the log files are kept on the API server configured in the sections above. This needs to be + set to a greater value than the days between Enterprise Auditor scans. + + - For example, if Enterprise Auditor runs the **AD_ActivityCollection** Job once a week (every 7 + days), then the Activity Monitor output should be configured to retain at least 10 days of log + files. + +- Check the **This log file is for StealthAUDIT** box. +- Optionally select the **Enable periodic AD Status Check event reporting** checkbox. When enabled, + the agent will send out status messages every five minutes to verify whether the connection is + still active. + +**Step 4 –** Click **Add Output** to save and close the Add New Output window. + +Enterprise Auditor now has access to the agent log files for this domain. + +## Configure Enterprise Auditor Connection Profile + +Follow the steps to configure the Connection Profile in Enterprise Auditor. + +**Step 1 –** On the Settings > Connection node of the Enterprise Auditor Console, select the +Connection Profile for the Active Directory solution. If you haven't yet created a Connection +Profile or desire a specific one for AD Activity, create a new one and provide a unique descriptive +name. + +**Step 2 –** Click Add User credential. The User Credentials window opens. + +**Step 3 –** Configure the following: + +- Select Account Type – Select **Active Directory Account** +- Domain – Select the domain where the network share resides +- User name – Enter the account with Read access to the network share +- Provide the account password: + + - Password Storage – Select the password storage location, if it is being stored in a vault, + like CyberArk + - Password / Confirm – Enter the account password in both fields + +**Step 4 –** Click OK to save and close the User Credentials window. + +**Step 5 –** Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +**Step 6 –** Navigate to the Jobs > Active Directory > 6.Activity > 0.Collection Job Group. Select +the **Settings > Connection** node. + +**Step 7 –** Select the **Select one of the following user defined profiles** option. Expand the +drop-down menu and select the Connection Profile with this credential. + +**Step 8 –** Click **Save** and then **OK** to confirm the changes to the job group settings. + +The Connection Profile will now be used for AD Activity collection. + +## Configure the AD_ActivityCollection Job + +The Enterprise Auditor requires additional configurations in order to collect domain activity data. +Follow the steps to configure the **AD_ActivityCollection** Job. + +**NOTE:** Ensure that the .Active Directory Inventory Job Group has been successfully run against +the target domain. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. + +**Step 2 –** Click **Query Properties**. The Query Properties window displays. + +**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard +opens. + +![Active Directory Activity DC wizard Category page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/categoryimportfromshare.webp) + +**Step 4 –** On the Category page, choose **Import from Share** option and click **Next**. + +![Active Directory Activity DC wizard Share settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/share.webp) + +**Step 5 –** On the Share page, provide the UNC path to the AD Activity share archive location. If +there are multiple archives in the same network share, check the **Include Sub-Directories** box. +Click **Next**. + +![Active Directory Activity DC wizard Scoping and Retention page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +**Step 6 –** On the Scope page, set the Timespan as desired. There are two options: + +- Relative Timespan – Set the number of days of activity logs to collect when the scan is run +- Absolute Timespan – Set the date range for activity logs to collect when the scan is run + +**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity +Monitor domain output log retention expires. For example, if Enterprise Auditor runs the +**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be +configured to retain at least 10 days of log files. + +**Step 7 –** Set the Retention period as desired. This is the number of days Enterprise Auditor +keeps the collected data in the SQL Server database. + +**Step 8 –** Click **Next** and then **Finish** to save the changes and close the wizard. + +**Step 9 –** Click **OK** to save the changes and close the Query Properties page. + +The query is now configured to target the network share where the Activity Monitor domain activity +logs are archived. diff --git a/docs/accessanalyzer/11.6/config/activedirectory/overview.md b/docs/accessanalyzer/11.6/config/activedirectory/overview.md new file mode 100644 index 0000000000..fbcf046ce3 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/activedirectory/overview.md @@ -0,0 +1,82 @@ +# Active Directory Domain Target Requirements + +Netwrix Enterprise Auditor can execute scans on Active Directory domains. The Netwrix Activity +Monitor can be configured to monitor activity on Active Directory domains and make the event data +available for Enterprise Auditor Active Directory Activity scans. + +## Auditing Permissions + +The following permission is needed: + +- Member of the Domain Administrators group + +Some collection jobs do allow for a least privilege model. See the +[Active Directory Auditing Configuration](/docs/accessanalyzer/11.6/config/activedirectory/access.md) +topic for additional information. + +## Auditing Port Requirements + +Ports vary based on the data collector being used. See the +[Active Directory Auditing Configuration](/docs/accessanalyzer/11.6/config/activedirectory/access.md) +topic for additional information. + +## Activity Auditing Permissions + +**NOTE:** Active Directory domain activity events can also be monitored through Netwrix Threat +Prevention. This requires integration between it and Netwrix Activity Monitor to enable access to +the data for Enterprise Auditor Active Directory Activity scans. See the +[Getting Data from NTP for AD Activity Reporting](/docs/accessanalyzer/11.6/config/activedirectory/threatprevention.md) +topic for additional information. + +Requirements to Deploy the AD Agent on the Domain Controller + +The Netwrix Activity Monitor must have an AD Agent deployed on the domain controller to be +monitored. While actively monitoring, the AD Agent generates activity log files stored on the +server. The credential used to deploy the AD Agent must have the following permissions on the +server: + +- Membership in the Domain Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +**NOTE:** For monitoring an Active Directory domain, the AD Agent must be installed on all domain +controllers within the domain to be monitored. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +Integration with Enterprise Auditor + +See the +[Active Directory Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/activedirectory/activity.md) +topic for target environment requirements. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/activedirectory/threatprevention.md b/docs/accessanalyzer/11.6/config/activedirectory/threatprevention.md new file mode 100644 index 0000000000..6b3148a344 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/activedirectory/threatprevention.md @@ -0,0 +1,40 @@ +# Getting Data from NTP for AD Activity Reporting + +When Netwrix Threat Prevention is configured to monitor a domain, the event data collected by the +policies can be provided to Netwrix Enterprise Auditor for Active Directory Activity reporting. This +is accomplished by configuring Threat Prevention to send data to Netwrix Activity Monitor, which in +turn creates the activity log files that Enterprise Auditor collects. + +**NOTE:** Threat Prevention can only be configured to send event data to one Netwrix application, +either Netwrix Activity Monitor or Netwrix Threat Manager but not both. However, the Activity +Monitor can be configured with outputs for Enterprise Auditor and Threat Manager + +Follow these steps to configure this integration. + +**_RECOMMENDED:_** It is a best practice to use the API Server option of the Activity Monitor for +this integration between Threat Prevention and Enterprise Auditor. + +**Step 1 –** In the Threat Prevention Administration Console, click **Configuration** > **Netwrix +Threat Manager Configuration** on the menu. The Netwrix Threat Manager Configuration window opens. + +**Step 2 –** On the Event Sink tab, configure the following: + +- Netwrix Threat Manager URI – Enter the name of the Activity Monitor agent host and port, which is + 4499 by default, in the following format: + + `amqp://localhost:4499` + + You must use localhost, even if Activity Monitor and Threat Prevention are installed on + different servers. + +- App Token – Leave this field blank for integration with Activity Monitor +- Policies – The table displays all policies created in Threat Prevention along with a State icon + indicating if the policy is active. Check the **Send** box for the desired policies monitoring the + target domain activity. + +**Step 3 –** Click **Save**. + +All real-time event data from the selected policies are now being sent to Activity Monitor. +Additional policies can be added to this data stream through the Netwrix Threat Manager +Configuration window or by selecting the **Send to Netwrix Threat Manager** option on the Actions +tab of the policy. diff --git a/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/access.md b/docs/accessanalyzer/11.6/config/dellcelerravnx/access.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/access.md rename to docs/accessanalyzer/11.6/config/dellcelerravnx/access.md diff --git a/docs/accessanalyzer/11.6/config/dellcelerravnx/activity.md b/docs/accessanalyzer/11.6/config/dellcelerravnx/activity.md new file mode 100644 index 0000000000..6c535a8294 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellcelerravnx/activity.md @@ -0,0 +1,56 @@ +# Dell Celerra & Dell VNX Activity Auditing Configuration + +An Dell Celerra or VNX device can be configured to audit Server Message Block (SMB) protocol access +events. All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Activity Monitor +listens for all events coming through the Dell CEE and translates all relevant information into +entries in the Log files or syslog messages. + +Complete the following checklist prior to configuring the Activity Monitor to monitor the host. +Instructions for each item of the checklist are detailed within the following sections. + +Checklist Item 1: Plan Deployment + +- Prior to beginning the deployment, gather the following: + + - DNS name of Celerra or VNX CIFS share(s) to be monitored + - Data Mover or Virtual Data Mover hosting the share(s) to be monitored + - Account with access to the CLI + - Download the Dell CEE from: + + - [https://www.dell.com/support](https://www.dell.com/support) + +Checklist Item 2: Install Dell CEE + +- Dell CEE can be installed on the same Windows server as the Activity Agent, or on a different + server. If it is installed on the same host, the activity agent can configure it automatically. + + **_RECOMMENDED:_** The latest version of Dell CEE is the recommended version to use with the + asynchronous bulk delivery (VCAPS) feature. + +- Important: + + - Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE + is installed + - Dell CEE 8.4.2 through Dell CEE 8.6.1 are not supported for use with the VCAPS feature + - Dell CEE requires .NET Framework 3.5 to be installed on the Windows proxy server + +- See the + [Install & Configure Dell CEE](/docs/accessanalyzer/11.6/config/dellcelerravnx/installcee.md) + topic for instructions. + +Checklist Item 3: Dell Device Configuration + +- Configure the `cepp.conf` file on the Celerra VNX Cluster +- See the + [Connect Data Movers to the Dell CEE Server](/docs/accessanalyzer/11.6/config/dellcelerravnx/installcee.md#connect-data-movers-to-the-dell-cee-server) + topic for instructions. + +Checklist Item 4: Activity Monitor Configuration + +- Deploy the Activity Monitor Activity Agent, preferably on the same server where Dell CEE is + installed + + - After activity agent deployment, configure the Dell CEE Options tab of the agent’s Properties + window within the Activity Monitor Console + +Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent diff --git a/docs/accessanalyzer/11.6/config/dellcelerravnx/installcee.md b/docs/accessanalyzer/11.6/config/dellcelerravnx/installcee.md new file mode 100644 index 0000000000..ac86749fcf --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellcelerravnx/installcee.md @@ -0,0 +1,184 @@ +# Install & Configure Dell CEE + +Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix +product. Dell customers have a support account with Dell to access the download. + +_Remember,_ the latest version is the recommended version of Dell CEE. + +**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity +Monitor agent will be deployed (recommended) or on any other Windows or Linux server. + +Follow the steps to install the Dell CEE. + +**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for +this component. It is recommended to use the most current version. + +**Step 2 –** Follow the instructions in the Dell +[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) +guide to install and configure the CEE. The installation will add two services to the machine: + +- EMC Checker Service (Display Name: EMC CAVA) +- EMC CEE Monitor (Display Name: EMC CEE Monitor) + +**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the +asynchronous bulk delivery (VCAPS) feature. + +See the +[CEE Debug Logs](/docs/accessanalyzer/11.6/config/dellunity/validate.md#cee-debug-logs) +section for information on troubleshooting issues related to Dell CEE. + +After Dell CEE installation is complete, it is necessary to +[Connect Data Movers to the Dell CEE Server](#connect-data-movers-to-the-dell-cee-server). + +## Configure Dell Registry Key Settings + +There may be situations when Dell CEE needs to be installed on a different Windows server than the +one where the Activity Monitor activity agent is deployed. In those cases it is necessary to +manually set the Dell CEE registry key to forward events. + +**Step 1 –** Open the Registry Editor (run regedit). + +![registryeditor](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/registryeditor.webp) + +**Step 2 –** Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration + +**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. + +**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value +window closes. + +**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. + +**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the +Windows proxy server hosting the Activity Monitor activity agent. Use the following format: + +StealthAUDIT@[IP ADDRESS] + +Examples: + +StealthAUDIT@192.168.30.15 + +**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. + +![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) + +**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. + +The Dell CEE registry key is now properly configured to forward event to the Activity Monitor +activity agent. + +## Connect Data Movers to the Dell CEE Server + +The `cepp.conf` file contains information that is necessary to connect the Data Movers to the Dell +CEE server. An administrator must create a configuration file which contains at least one event, one +pool, and one server. All other parameters are optional. The `cepp.conf` file resides on the Data +Mover. + +**Step 1 –** Log into the Dell Celerra or VNX server with an administrator account. The +administrative account should have a $ character in the terminal. + +**NOTE:** Do not use a # charter. + +**Step 2 –** Create or retrieve the `cepp.conf` file. + +If there is not a `cepp.conf` file on the Data Mover(s), use a text editor to create a new blank +file in the home directory named `cepp.conf`. The following is an example command if using the text +editor ‘vi’ to create a new blank file: + +$ vi cepp.conf + +> If a `cepp.conf` file already exists, it can be retrieved from the Data Movers for modification +> with the following command: + +$ server_file [DATA_MOVER_NAME] -get cepp.conf cepp.conf + +**Step 3 –** Configure the `cepp.conf` file. For information on the `cepp.conf` file, see the Dell +[Using the Common Event Enabler for Windows Platforms](https://www.dellemc.com/en-us/collaterals/unauth/technical-guides-support-information/products/storage-3/docu48055.pdf) +guide instructions on how to add parameters or edit the values or existing parameters. + +**NOTE:** The information can be added to the file on one line or separate lines by using a space +and a ”\” at the end of each line, except for the last line and the lines that contain global +options: `cifsserver`, `surveytime`, `ft`, and `msrpcuser`. + +The Activity Monitor requires the following parameters to be set in the `cepp.conf` file: + +- `pool name= ` + - This should equal the name assigned to the configuration container. This container is composed + of the server(s) IP Address or FQDN where the Dell CEE is installed and where the list of + events to be monitored is located. It can be named as desired but must be a pool name. +- `servers= ` + - This should equal the IP Address or FQDN of the Windows server where the Dell CEE is + installed. If several servers are specified, separate them with the vertical bar (|) or a + colon (:). +- `postevents= ` + - The following events are required (separated with the vertical bar): + `CloseModified|CloseUnmodified|CreateDir|CreateFile|DeleteDir|DeleteFile|RenameDir|RenameFile|SetAclDir|SetAclFile ` + - If "Directory Read/List" operations are needed, append `OpenDir` to the list. +- `msrpcuser= ` + + - This should equal the domain account used to run the Dell CEE Monitor and Dell CAVA services + on the Windows server. This parameter is a security measure used to ensure events are only + sent to the appropriate servers. + + All unspecified parameters use the default setting. For most configurations, the default + setting is sufficient. + + Example cepp.conf file format: + + msrpcuser=[DOMAIN\DOMAINUSER] + + pool name=[POOL_NAME] \ + + servers=[IP_ADDRESS1]|[IP_ADDRESS2]|... \ + + postevents=[EVENT1]|[EVENT2]|... + + Example cepp.conf file format for the Activity Monitor: + + msrpcuser=[DOMAIN\DOMAINUSER running CEE services] + + pool name=[POOL_NAME for configuration container] \ + + servers=[IP_ADDRESS where CEE is installed]|... \ + + postevents=[EVENT1]|[EVENT2]|... + + Example of a completed cepp.conf file for the Activity Monitor: + + msrpcuser=example\user1 + + pool name=pool \ + + servers=192.168.30.15 \ + + postevents=CloseModified|CloseUnmodified|CreateDir|CreateFile|DeleteDir|DeleteFile|RenameDir|RenameFile|SetAclDir|SetAclFile + +**Step 4 –** Move the `cepp.conf` file to the Data Mover(s) root file system. Run the following +command: + +$ server_file [DATA_MOVER_NAME]‑put cepp.conf cepp.conf + +**NOTE:** Each Data Mover which runs Celerra Event Publishing Agent (CEPA) must have a `cepp.conf` +file, but each configuration file can specify different events. + +**Step 5 –** (This step is required only if using the `msrpcuser` parameter) Register the MSRPC user +(see Step 3 for additional information on this parameter). Before starting CEPA for the first time, +the administrator must issue the following command from the Control Station and follow the prompts +for entering information: + +/nas/sbin/server_user server_2 -add -md5 -passwd [DOMAIN\DOMAINUSER for msrpcuser] + +**Step 6 –** Start the CEPA facility on the Data Mover. Use the following command: + +server_cepp [DATA_MOVER_NAME] -service –start + +Then verify the CEPA status using the following command: + +server_cepp [DATA_MOVER_NAME] -service –status + +Once the `cepp.config` file has been configured, it is time to configure and enable monitoring with +the Activity Monitor. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for additional information. diff --git a/docs/accessanalyzer/11.6/config/dellcelerravnx/overview.md b/docs/accessanalyzer/11.6/config/dellcelerravnx/overview.md new file mode 100644 index 0000000000..2564b7b30e --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellcelerravnx/overview.md @@ -0,0 +1,117 @@ +# Dell Celerra & Dell VNX Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery +Auditing scans on Dell Celerra or Dell VNX devices. The Netwrix Activity Monitor can be configured +to monitor activity on Dell Celerra or Dell VNX devices and make the event data available for +Enterprise Auditor Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Enterprise Auditor scans must have the following permissions on the +target host: + +- Group membership in both of the following groups: + + - Power Users + - Backup Operators + +These permissions grant the credential the ability to enumerate shares, access the remote registry, +and bypass NTFS security on folders. The credential used within the assigned Connection Profile for +these target hosts requires these permissions. See the +[Dell Celerra & Dell VNX Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/dellcelerravnx/access.md) +topic for instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +Troubleshooting Dell Celerra & Dell VNX Denied Access Errors + +If there are folders to which the credential is denied access, it is likely that the Backup +Operators group does not have the “Back up files and directories” right. In that case, it is +necessary to assign additional the “Back up files and directories” right to those groups or to +create a new local group, using Computer Management from a Windows server. Then assign rights to it +using the CelerraManagementTool.msc plugin, which is available to Dell customers. For further +information, see the Celerra guide Using Windows Administrative Tools on VNX found on the Celerra +website. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of Dell Celerra or Dell VNX + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +Dell Celerra & Dell VNX Requirements + +Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, +where the activity agent is deployed. + +**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. + +EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC +CEE service to start. + +See the +[Dell Celerra & Dell VNX Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/dellcelerravnx/activity.md) +topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Dell Celerra & Dell VNX Devices + +The following firewall settings are required for communication between the CEE server/ Activity +Monitor Activity Agent server and the target Dell device: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | +| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | +| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/dellcelerravnx/validate.md b/docs/accessanalyzer/11.6/config/dellcelerravnx/validate.md new file mode 100644 index 0000000000..eda7726314 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellcelerravnx/validate.md @@ -0,0 +1,136 @@ +# Validate Setup + +Once the Activity Monitor agent is configured to monitor the Dell device, the automated +configuration must be validated to ensure events are being monitored. + +## Validate Dell CEE Registry Key Settings + +**NOTE:** See the +[Configure Dell Registry Key Settings](/docs/accessanalyzer/11.6/config/dellunity/installcee.md#configure-dell-registry-key-settings) +topic for information on manually setting the registry key. + +After the Activity Monitor activity agent has been configured to monitor the Dell device, it will +configure the Dell CEE automatically if it is installed on the same server as the agent. This needs +to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on +a different server than the Windows proxy server(s) where the Activity Monitor activity agent is +deployed. + +If the monitoring agent is not registering events, validate that the EndPoint is accurately set. +Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the +following steps. + +**Step 1 –** Navigate to the following windows registry key: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration + +![registryeditorendpoint](/img/versioned_docs/activitymonitor_7.1/config/dellunity/registryeditorendpoint.webp) + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` + +- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` + +**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. + +**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. + +For Asynchronous Bulk Delivery Mode + +For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events +(VCAPS), use the following steps. + +**Step 1 –** Navigate to the following windows registry key: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` +- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` + +**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. + +**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the +MaxEventsPerFeed - between 10 and 10000. + +**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. + +Set the following values under the Data column: + +- Enabled – 1 +- EndPoint – StealthAUDIT + +If this is configured correctly, validate that the Dell CEE services are running. See the +[Validate Dell CEE Services are Running](#validate-dell-cee-services-are-running) topic for +additional information. + +## Validate Dell CEE Services are Running + +After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell +CEE services should be running. If the Activity Agent is not registering events and the EndPoint is +set accurately, validate that the Dell CEE services are running. Open the Services (run +`services.msc`). + +![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) + +The following services laid down by the Dell CEE installer should have Running as their status: + +- Dell CAVA +- Dell CEE Monitor + +## Dell CEE Debug Logs + +If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs +need to be enabled for troubleshooting purposes. Follow the steps. + +**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right +corner to Trace. + +**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list +and Disable monitoring. + +**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: + +> [http://docs.microsoft.com/en-us/sysinternals/downloads/debugview](http://docs.microsoft.com/en-us/sysinternals/downloads/debugview) + +**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration + +**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the +Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +**NOTE:** If the Debug DWORD Value does not exist, it needs to be added. + +**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In +the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +**NOTE:** If the Verbose DWORD Value does not exist, it needs to be added. + +**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: + +- Capture Win32 +- Capture Global Win32 +- Capture Events + +**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list +and Enable monitoring. + +**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. + +**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): + +- Debug View Log (from Dell Debug View tool) +- Use the **Collect Logs** button to collect debug logs from the activity agent + +**_RECOMMENDED:_** After the logs have been gathered and sent to Netwrix Support, reset these +configurations. diff --git a/docs/accessanalyzer/11.6/config/dellpowerscale/activity.md b/docs/accessanalyzer/11.6/config/dellpowerscale/activity.md new file mode 100644 index 0000000000..cb87600140 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellpowerscale/activity.md @@ -0,0 +1,104 @@ +# Dell Isilon/PowerScale Activity Auditing Configuration + +Dell Isilon/PowerScale can be configured to audit Server Message Block (SMB) and NFS protocol access +events on the Dell Isilon/PowerScale cluster. All audit data can be forwarded to the Dell Common +Event Enabler (CEE). The Activity Monitor listens for all events coming through the Dell CEE and +translates all relevant information into entries in the log files or syslog messages. + +Protocol auditing must be enabled and then configured on a per-access zone basis. For example, all +SMB protocol events on a particular access zone can be audited, while only attempts to delete files +on a different access zone can be audited. + +The audit events are logged and stored on the individual OneFS nodes where the SMB/NFS client +initiated the activity. The stored events are then forwarded by the node to the Dell CEE instance or +concurrently to several instances. At this point, Dell CEE forwards the audit event to a defined +endpoint, such as Activity Monitor agent. + +Complete the following checklist prior to configuring Activity Monitor to monitor the host. +Instructions for each item of the checklist are detailed within the following sections. + +Checklist Item 1: Plan Deployment + +- Prior to beginning the deployment, gather the following: + + - DNS name of Isilon/PowerScale CIFS share(s) to be monitored + - Access Zone(s) containing the CIFS shares to be monitored + - Account with access to the OneFS UI or CLI + - Download the Dell CEE from: + + - [https://www.dell.com/support/home/en-us/](https://www.dell.com/support/home/en-us/) + +**_RECOMMENDED:_** You can achieve higher throughput and fault tolerance by monitoring the +Isilon/PowerScale cluster with more than one pair of Dell CEE and Activity Monitor Agent. The +activity will be evenly distributed between the pairs. + +Checklist Item 2: +[Install Dell CEE](/docs/accessanalyzer/11.6/config/dellpowerscale/installcee.md) + +- Dell CEE should be installed on a Windows or a Linux server. + + **_RECOMMENDED:_** Dell CEE can be installed on the same server as the Activity Agent, or on a + different Windows or Linux server. If CEE is installed on the same server, the Activity Agent + can configure it automatically. + +- Important: + + - Dell CEE 8.8 is the minimum supported version. It is recommended to use the latest available + version. + - Dell CEE requires .NET Framework 3.5 to be installed on the Windows server + +Checklist Item 3: Configure Auditing on the Dell Isilon/PowerScale Cluster + +- Select method: + + - **_RECOMMENDED:_** Allow the Activity Monitor to configure auditing automatically. + + - Automation completed while the Activity Monitor is configured to monitor the + Isilon/PowerScale device + - Automatically sets CEE Server with the IP Address of the server where CEE is installed + - Automatically sets Storage Cluster Name to exactly match the name known to the Activity + Monitor + - Choose between monitoring all Access Zones or scoping to specific Access Zones + + - [Manually Configure Auditing in OneFS](/docs/accessanalyzer/11.6/config/dellpowerscale/manualconfiguration.md) + + - After configuration, add the Isilon/PowerScale device to be monitored by the Activity + Monitor + +- Important: + + - Value of the **Storage Cluster Name** field must exactly match the name entered for the + monitored host in the Activity Monitor Console. If the Storage Cluster Name cannot be modified + (for example, another 3rd party depends on it), you need to set the Host Aliases parameter in + the Activity Monitor Console. Otherwise, if for some reason the Storage Cluster Name must be + left empty, one can list OneFS cluster node names in the Host Aliases. + + - If the Storage Cluster Name is not empty, set the Host Aliases parameter to its value + - If the Storage Cluster Name is empty, set the Host Aliases to a semicolon-separated list + of OneFS node names + + - Include all Access Zones to be monitored in the auditing configuration + - As soon as the first CEE is installed, Isilon/PowerScale will start to send all activity, + including all previous audit events, to the agent. The start time can be modified to exclude + previously recorded audit events to prevent the agent from becoming overloaded with data. It + can be done using OneFS CLI only with isi audit modify command to edit the start time. + + - Start time command: + + ``` + isi audit settings global modify --cee-log-time [Protocol@2021-04-23 14:00:00] + ``` + + - View progress: + + ``` + isi_for_array isi audit progress view + ``` + + - See the Audit log time adjustment section of the Dell + [File System Auditing with Dell PowerScale and Dell Common Event Enabler](https://www.dellemc.com/resources/en-us/asset/white-papers/products/storage/h12428-wp-best-practice-guide-isilon-file-system-auditing.pdf) + documentation for additional information. + +Checklist Item 4: Configure Dell CEE to Forward Events to the Activity Agent. See the +[Validate Setup](/docs/accessanalyzer/11.6/config/dellpowerscale/validate.md) topic for +additional information. diff --git a/docs/accessanalyzer/11.6/config/dellpowerscale/installcee.md b/docs/accessanalyzer/11.6/config/dellpowerscale/installcee.md new file mode 100644 index 0000000000..50e4f6257a --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellpowerscale/installcee.md @@ -0,0 +1,67 @@ +# Install Dell CEE + +Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix +product. Dell customers have a support account with Dell to access the download. + +_Remember,_ the latest version is the recommended version of Dell CEE. + +**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity +Monitor agent will be deployed (recommended) or on any other Windows or Linux server. + +Follow the steps to install the Dell CEE. + +**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for +this component. It is recommended to use the most current version. + +**Step 2 –** Follow the instructions in the Dell +[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) +guide to install and configure the CEE. The installation will add two services to the machine: + +- EMC Checker Service (Display Name: EMC CAVA) +- EMC CEE Monitor (Display Name: EMC CEE Monitor) + +**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the +asynchronous bulk delivery (VCAPS) feature. + +After installation, open MS-RPC ports between the Dell device and the Dell CEE server. See the +[Dell CEE Debug Logs](/docs/accessanalyzer/11.6/config/dellpowerscale/validate.md#dell-cee-debug-logs) +section for information on troubleshooting issues related to Dell CEE. + +## Configure Dell Registry Key Settings + +There may be situations when Dell CEE needs to be installed on a different Windows server than the +one where the Activity Monitor activity agent is deployed. In those cases it is necessary to +manually set the Dell CEE registry key to forward events. + +**Step 1 –** Open the Registry Editor (run regedit). + +![registryeditor](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/registryeditor.webp) + +**Step 2 –** Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration + +**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. + +**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value +window closes. + +**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. + +**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the +Windows proxy server hosting the Activity Monitor activity agent. Use the following format: + +StealthAUDIT@[IP ADDRESS] + +Examples: + +StealthAUDIT@192.168.30.15 + +**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. + +![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) + +**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. + +The Dell CEE registry key is now properly configured to forward event to the Activity Monitor +activity agent. diff --git a/docs/accessanalyzer/11.6/config/dellpowerscale/manualconfiguration.md b/docs/accessanalyzer/11.6/config/dellpowerscale/manualconfiguration.md new file mode 100644 index 0000000000..4de7f18eb7 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellpowerscale/manualconfiguration.md @@ -0,0 +1,74 @@ +# Manually Configure Auditing in OneFS + +Manual configuration for auditing is optional for newer versions as the Activity Agent can configure +the auditing automatically using the OneFS API. Follow the steps through the OneFS Storage +Administration Console. + +**Step 1 –** Navigate to the **Cluster Management** tab, and select **Auditing**. + +![settings](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) + +**Step 2 –** In the Settings section, check the Enable Protocol Access Auditing box. + +**Step 3 –** In the Audited Zones section, add at least one zone to be audited. The **System** zone +is typically used. If the CIFS or NFS shares are accessible through different zones on the OneFS +cluster, include all relevant zones. + +Ensure that OneFS collects only events you are interested in. By default, OneFS may monitor things +like directory reads, which can take up a large amount of space. Configuring the OneFS events that +need monitoring is not done through the Activity Monitor console. Configure OneFS event monitoring +using OneFS CLI with the isi audit modify command for each access zone. Enabling monitoring for only +what is needed for the environment will reduce the data load to the agent. + +Activity Monitor monitors the following events: `close_file_modified`, `close_file_unmodified`, +`create_file`, `create_directory`, `delete_file`, `delete_directory`, `rename_file`, +`rename_directory`, `set_security_file`, `set_security_directory`, and `open_directory` (if you want +to monitor Directory List/Read events). + +For each monitored access zone: + +- Use isi audit settings view `isi --zone ZONENAME` to check current settings. +- Disable reporting of failure and syslog audit events with: + + isi audit settings modify --zone ZONENAME --clear-audit-failure --clear-syslog-audit-events + +- Set the success audit events with: + + isi audit settings modify --zone ZONENAME + --audit-success=close_file_modified,close_file_unmodified,create_file,create_directory,delete_file,delete_directory,rename_file,rename_directory,set_security_file,set_security_directory + +![eventforwarding](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/eventforwarding.webp) + +**Step 4 –** In the Event Forwarding section, add the CEE Server URI value for the Windows or Linux +server hosting CEE. Use either of the following format: + +http://[IP ADDRESS]:[PORT]/cee + +http://[SERVER Name]:[PORT]/cee + +**_RECOMMENDED:_** When deploying multiple Dell CEE instances at scale, it is recommended that an +accommodating agent must be configured with each CEE instance. If multiple CEE instances send events +to just one agent, it may create an overflow of data and overload the agent. Distributing the +activity stream into pairs will be the most efficient way of monitoring large data sets at scale. + +**Step 5 –** Also in the Event Forwarding section, set the **Storage Cluster Name** value. It must +be an exact match to the name which is entered in the Activity Monitor for the **Monitored Host** +list. + +This name is used as a ‘tag’ on all events coming through the CEE. This name must exactly match what +is in the Activity Monitor or it does not recognize the events. + +**_RECOMMENDED:_** Use the CIFS DNS name for Dell OneFS. + +**NOTE:** To use the Activity Monitor with Enterprise Auditor for Activity Auditing (FSAC) scans, +the name entered here must exactly match what is used for Enterprise Auditor as a target host. + +If the Storage Cluster Name cannot be modified (for example, another third-party depends on it), you +need to set the Host Aliases parameter in the Activity Monitor Console: + +- If the Storage Cluster Name is not empty, set the Host Aliases parameter to its value +- If the Storage Cluster Name is empty, set the Host Aliases to a semicolon-separated list of OneFS + node names + +Next, it is time to configure the monitoring agent on the Windows server to monitor the +Isilon/PowerScale device. diff --git a/docs/accessanalyzer/11.6/config/dellpowerscale/overview.md b/docs/accessanalyzer/11.6/config/dellpowerscale/overview.md new file mode 100644 index 0000000000..3d848ac817 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellpowerscale/overview.md @@ -0,0 +1,211 @@ +# Dell Isilon/PowerScale Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery +Auditing scans on Dell Isilon/PowerScale devices. The Netwrix Activity Monitor can be configured to +monitor activity on Dell Isilon/PowerScale devices and make the event data available for Enterprise +Auditor Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Enterprise Auditor scans must have the following permissions on the +target host: + +- Group membership in the local Administrators group – LOCAL:System Provider +- Rights on the actual file tree or to the IFS root share + + - Share Permissions: + + - Read access + +These permissions grant the credential the ability to enumerate shares, access the remote registry, +and bypass NTFS security on folders. The credential used within the assigned Connection Profile for +these target hosts requires these permissions. See the topic for instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +Additional Sensitive Data Discovery Auditing Permission + +In order to execute scoped Sensitive Data Discovery Auditing scans, the credential must also have +the LOCAL:System provider selected in each access zone in which the shares to be scanned reside. + +The credential must have an Authentication Provider configured for the Isilon/PowerScale device. For +example, if the credential is an Active Directory account, then the domain where the account resides +must be an Active Directory Authentication Provider. This is configured in the OneFS® Storage +Administration Console. Navigate to the Access tab, and select Authentication Providers. + +## Local Administrator Group Membership for Isilon + +Follow the steps assign membership in the local Administrators group through the OneFS Storage +Administration Console. + +**Step 1 –** Navigate to the **Access** tab, and select **Membership & Roles** for the System Access +Zone. + +![Groups tab](/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/groupstab.webp) + +**Step 2 –** On the **Groups** tab, set the Providers to **LOCAL: System**. Then select **View / +Edit** for the Administrators group. The View Group Details window opens. + +![Edit Group window](/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/editgroup.webp) + +**Step 3 –** Click **Edit Group** and the Edit Group window opens. Click **Add Members**, and enter +the User Name and Provider in the Select a User window. Click **Select**, and then click **Save +Changes**. The Edit Group window closes. + +**Step 4 –** Click **Close**. The View Group Details window closes. + +Share permissions can now be granted to this credential. + +## BackupAdmin Role Assignment for OneFS + +Follow the steps to assign the credential to the **BackupAdmin** role through OneFS Storage +Administration Console. + +**Step 1 –** Navigate to the **Access** tab > **Membership & Roles** for the System Access Zone. + +![One FS Dashboard](/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/rolestab.webp) + +**Step 2 –** On the Roles tab, select **View / Edit** for the BackupAdmin role. The View Role +Details window opens. + +![One FS Role Details Window](/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/viewroledetails.webp) + +**Step 3 –** Click **Edit** role and the Edit role details window opens. + +**Step 4 –** Click **Add a member to this role**. + +**Step 5 –** Enter the **User Name** and **Provider** in the Select a User window then click Search. +The user appears in the Search Results table. + +**Step 6 –** Click **Select** and the Edit role window closes. + +**Step 7 –** Click **Save Changes** and the successful save notification appears. + +**Step 8 –** Click **Close**. + +The View role details window closes. + +## NFS Export Scan Requirements for Isilon/PowerScale + +Enterprise Auditor supports scanning Isilon/PowerScale NFSv3 exports. The following settings need to +be configured in OneFS for the Enterprise Auditor server's IP address for each Isilon/PowerScale NFS +export to be scanned. + +The Enterprise Auditor server IP needs to be added to the following fields in each NFS export's +settings, in the OneFS UI under **Protocols** > **UNIX sharing (NFS)** > **View/Edit** > **Edit +export** (per NFS export): + +- Always read-only clients +- Root Clients + +The NFS export to be scanned also needs to be configured so root squash is disabled, which is +performed in the same Edit export menu as the above settings. + +**Step 1 –** Navigate to the export's **Root user mapping** settings. + +**Step 2 –** Select **Map root users to a specified user**. + +**Step 3 –** Set both User and Group to **0** (effectively mapping root client UID/GID to 0). + +Both of these steps need to be performed in each NFS export's settings that a user would like to +scan. + +### Troubleshooting NFSv3 Export Access + +If Enterprise Auditor is not discovering the expected NFS export, it is possible that the export +policy is not properly configured to allow the Enterprise Auditor server or proxy server IP Address +to mount the NFS export. One step in troubleshooting this issue is to confirm a Unix client (or WSL +for Windows) in the same IP range as the Enterprise Auditor server or proxy server can mount the NFS +export. + +Run the following command from a Unix host to verify the NFS mount is available: + +``` +showmount ‑e[NFS_HOSTNAME_OR_IP] +``` + +If the NFS export is returned as a result of the previous command, then Enterprise Auditor should +also be able to mount it. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of Dell Isilon/PowerScale + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +Dell Isilon/PowerScale Requirements + +Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, +where the activity agent is deployed. + +**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. + +EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC +CEE service to start. + +See the +[Dell Isilon/PowerScale Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/dellpowerscale/activity.md) +topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Dell Isilon/PowerScale Devices + +The following firewall settings are required for communication between the CEE server/ Activity +Monitor Activity Agent server and the target Dell Isilon/PowerScale device: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | +| Dell Isilon/PowerScale to CEE Server | TCP | TCP 12228 | CEE Communication | +| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/dellpowerscale/validate.md b/docs/accessanalyzer/11.6/config/dellpowerscale/validate.md new file mode 100644 index 0000000000..5131d4342a --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellpowerscale/validate.md @@ -0,0 +1,184 @@ +# Validate Setup + +Once the Activity Monitor agent is configured to monitor the Dell device, the automated +configuration must be validated to ensure events are being monitored. + +## Validate Dell CEE Registry Key Settings + +After the Activity Monitor activity agent has been configured to monitor the Dell device, it will +configure the Dell CEE automatically if it is installed on the same server as the agent. This needs +to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on +a different server than the Windows proxy server(s) where the Activity Monitor activity agent is +deployed. + +If the monitoring agent is not registering events, validate that the EndPoint is accurately set. +Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the +following steps. + +**Step 1 –** Navigate to the following windows registry key: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration + +![registryeditorendpoint](/img/versioned_docs/activitymonitor_7.1/config/dellunity/registryeditorendpoint.webp) + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` + +- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` + +**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. + +**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. + +For Asynchronous Bulk Delivery Mode + +For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events +(VCAPS), use the following steps. + +**Step 1 –** Navigate to the following windows registry key: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` +- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` + +**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. + +**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the +MaxEventsPerFeed - between 10 and 10000. + +**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. + +Set the following values under the Data column: + +- Enabled – 1 +- EndPoint – StealthAUDIT + +If this is configured correctly, validate that the Dell CEE services are running. See the +[Validate Dell CEE Services are Running](#validate-dell-cee-services-are-running) topic for +additional information. + +## Validate Dell CEE Services are Running + +After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell +CEE services should be running. If the Activity Agent is not registering events and the EndPoint is +set accurately, validate that the Dell CEE services are running. Open the Services (run +`services.msc`). + +![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) + +The following services laid down by the Dell CEE installer should have Running as their status: + +- Dell CAVA +- Dell CEE Monitor + +## Dell CEE Debug Logs + +If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs +need to be enabled for troubleshooting purposes. Follow the steps. + +**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right +corner to Trace. + +**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list +and Disable monitoring. + +**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: + +> [http://docs.microsoft.com/en-us/sysinternals/downloads/debugview](http://docs.microsoft.com/en-us/sysinternals/downloads/debugview) + +**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration + +**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the +Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +**NOTE:** If the Debug DWORD Value does not exist, it needs to be added. + +**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In +the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +**NOTE:** If the Verbose DWORD Value does not exist, it needs to be added. + +**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: + +- Capture Win32 +- Capture Global Win32 +- Capture Events + +**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list +and Enable monitoring. + +**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. + +**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): + +- Debug View Log (from Dell Debug View tool) +- Use the **Collect Logs** button to collect debug logs from the activity agent + +**_RECOMMENDED:_** After the logs have been gathered and sent to Netwrix Support, reset these +configurations. + +## Linux CEE Debug Log + +The debug log is stored in `/opt/CEEPack/emc_cee_svc.log` file. To enable verbose logging set Debug +and Verbose parameters under **Configuration** to 255 and restart the CEE. + +**NOTE:** Debug logs should only be used for troubleshooting purposes. It's recommended to have +Debug Logs disabled by default. + +```xml +... + + + +100 + +255 + +10 + +10 + +20 + +255 + +12228 + + + +2 + +5 + +86400 + + + + + +/opt/CEEPack/ + +100 + + + + + + +``` + +**NOTE:** All protocol strings are case sensitive. diff --git a/docs/accessanalyzer/12.0/configuration/dell-unity/access.md b/docs/accessanalyzer/11.6/config/dellunity/access.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/dell-unity/access.md rename to docs/accessanalyzer/11.6/config/dellunity/access.md diff --git a/docs/accessanalyzer/11.6/config/dellunity/activity.md b/docs/accessanalyzer/11.6/config/dellunity/activity.md new file mode 100644 index 0000000000..3e214b735c --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellunity/activity.md @@ -0,0 +1,69 @@ +# Dell Unity Activity Auditing Configuration + +A Dell Unity device can be configured to audit Server Message Block (SMB) protocol access events. +All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Netwrix Activity Monitor +listens for all events coming through the Dell CEE and translates all relevant information into +entries in the TSV files or syslog messages. + +If the service is turned off, a notification will be sent to the Dell CEE framework to turn off the +associated Activity Monitor filter, but the policy will not be removed. + +The Dell CEE Framework uses a “push” mechanism so a notification is sent only to the activity agent +when a transaction occurs. Daily activity log files are created only if activity is performed. No +activity log file is created if there is no activity for the day. + +Configuration Checklist + +Complete the following checklist prior to configuring activity monitoring of Dell Unity devices. +Instructions for each item of the checklist are detailed within the following topics. + +Checklist Item 1: Plan Deployment + +- Prior to beginning the deployment, gather the following: + + - Data Mover or Virtual Data Mover hosting the share(s) to be monitored + - Account with access to the CLI + - Download the Dell CEE from: + + - [http://support.emc.com](http://support.emc.com/) + +Checklist Item 2: +[Install Dell CEE](/docs/accessanalyzer/11.6/config/dellunity/installcee.md) + +- Dell CEE should be installed on the Windows proxy server(s) where the Activity Monitor activity + agent will be deployed + + **_RECOMMENDED:_** The latest version of Dell CEE is the recommended version to use with the + asynchronous bulk delivery (VCAPS) feature. + +- Important: + + - Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE + is installed + - Dell CEE 8.4.2 through Dell CEE 8.6.1 are not supported for use with the VCAPS feature + - Dell CEE requires .NET Framework 3.5 to be installed on the Windows proxy server + +Checklist Item 3: Dell Unity Device Configuration + +- Configure initial setup for a Unity device + + - [Unity Initial Setup with Unisphere](/docs/accessanalyzer/11.6/config/dellunity/setupunisphere.md) + +Checklist Item 4: Activity Monitor Configuration + +- Deploy the Activity Monitor activity agent to a Windows proxy server where Dell CEE was installed + + - After activity agent deployment, configure the Dell CEE Options tab of the agent’s Properties + window within the Activity Monitor Console + + - Automatically sets the Dell registry key settings + +Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent + +**NOTE:** When Dell CEE is installed on Windows proxy server(s) where the Activity Monitor activity +agent will be deployed, the following steps are not needed. + +- Ensure the Dell CEE registry key has enabled set to 1 and has an EndPoint set to StealthAUDIT. +- Ensure the Dell CAVA service and the Dell CEE Monitor service are running. +- See the [Validate Setup](/docs/accessanalyzer/11.6/config/dellunity/validate.md) + topic for instructions. diff --git a/docs/accessanalyzer/11.6/config/dellunity/installcee.md b/docs/accessanalyzer/11.6/config/dellunity/installcee.md new file mode 100644 index 0000000000..d603e625d3 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellunity/installcee.md @@ -0,0 +1,66 @@ +# Install Dell CEE + +Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix +product. Dell customers have a support account with Dell to access the download. + +_Remember,_ the latest version is the recommended version of Dell CEE. + +**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity +Monitor agent will be deployed (recommended) or on any other Windows or Linux server. + +Follow the steps to install the Dell CEE. + +**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for +this component. It is recommended to use the most current version. + +**Step 2 –** Follow the instructions in the Dell +[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) +guide to install and configure the CEE. The installation will add two services to the machine: + +- EMC Checker Service (Display Name: EMC CAVA) +- EMC CEE Monitor (Display Name: EMC CEE Monitor) + +**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the +asynchronous bulk delivery (VCAPS) feature. + +After Dell CEE installation is complete, it is necessary to complete the +[Unity Initial Setup with Unisphere](/docs/accessanalyzer/11.6/config/dellunity/setupunisphere.md). + +## Configure Dell Registry Key Settings + +There may be situations when Dell CEE needs to be installed on a different Windows server than the +one where the Activity Monitor activity agent is deployed. In those cases it is necessary to +manually set the Dell CEE registry key to forward events. + +**Step 1 –** Open the Registry Editor (run regedit). + +![registryeditor](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/registryeditor.webp) + +**Step 2 –** Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration + +**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. + +**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value +window closes. + +**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. + +**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the +Windows proxy server hosting the Activity Monitor activity agent. Use the following format: + +StealthAUDIT@[IP ADDRESS] + +Examples: + +StealthAUDIT@192.168.30.15 + +**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. + +![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) + +**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. + +The Dell CEE registry key is now properly configured to forward event to the Activity Monitor +activity agent. diff --git a/docs/accessanalyzer/11.6/config/dellunity/overview.md b/docs/accessanalyzer/11.6/config/dellunity/overview.md new file mode 100644 index 0000000000..dc07f0f971 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellunity/overview.md @@ -0,0 +1,117 @@ +# Dell Unity Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery +Auditing scans on Dell Unity devices. The Netwrix Activity Monitor can be configured to monitor +activity on Dell Unity devices and make the event data available for Enterprise Auditor Activity +Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Enterprise Auditor scans must have the following permissions on the +target host: + +- Group membership in both of the following groups: + + - Power Users + - Backup Operators + +These permissions grant the credential the ability to enumerate shares, access the remote registry, +and bypass NTFS security on folders. The credential used within the assigned Connection Profile for +these target hosts requires these permissions. See the +[Dell Unity Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/dellunity/access.md) +topic for instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +Troubleshooting Dell Unity Denied Access Errors + +If there are folders to which the credential is denied access, it is likely that the Backup +Operators group does not have the “Back up files and directories” right. In that case, it is +necessary to assign additional the “Back up files and directories” right to those groups or to +create a new local group, using Computer Management from a Windows server. Then assign rights to it +using the CelerraManagementTool.msc plugin, which is available to Dell customers. For further +information, see the Celerra guide Using Windows Administrative Tools on VNX found on the Celerra +website. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of Dell Unity + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +Dell Unity Requirements + +Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, +where the activity agent is deployed. + +**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. + +EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC +CEE service to start. + +See the +[Dell Unity Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/dellunity/activity.md) +topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Dell Unity Devices + +The following firewall settings are required for communication between the CEE server/ Activity +Monitor Activity Agent server and the target Dell device: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | +| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | +| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/dellunity/setupunisphere.md b/docs/accessanalyzer/11.6/config/dellunity/setupunisphere.md new file mode 100644 index 0000000000..9f3ff50a48 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellunity/setupunisphere.md @@ -0,0 +1,27 @@ +# Unity Initial Setup with Unisphere + +Follow the steps to configure the initial setup for a Unity device with Unisphere. + +**Step 1 –** Edit the NAS Server > Protection and Events > Events Publishing > Select Pool settings: + +- Add CEPA server – This is the server where CEE is installed. It is recommended that this is also + the server were the Activity Monitor activity agent is deployed. +- Enable the following events for Post Events. + +Required Unity events needed for CIFS Activity: + +![NAM Required Events For CIFS](/img/versioned_docs/activitymonitor_7.1/config/dellunity/eventscifs.webp) + +Required Unity events needed for NFS Activity: + +![NAM Required Events For NFS](/img/versioned_docs/activitymonitor_7.1/config/dellunity/eventsnfs.webp) + +**Step 2 –** Enable Events Publishing: + +- Edit the FileSystem > Advanced settings: + + - NFS Events Publishing – Enabled (required for NFS protocol monitoring) + - SMB Events publishing – Enabled (required for SMB / CIFS protocol monitoring) + +Once Unity setup is complete, it is time to configure and enable monitoring with the Activity +Monitor. diff --git a/docs/accessanalyzer/11.6/config/dellunity/validate.md b/docs/accessanalyzer/11.6/config/dellunity/validate.md new file mode 100644 index 0000000000..9c78b415e8 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/dellunity/validate.md @@ -0,0 +1,136 @@ +# Validate Setup + +Once the Activity Monitor agent is configured to monitor the Dell device, the automated +configuration must be validated to ensure events are being monitored. + +## Validate CEE Registry Key Settings + +**NOTE:** See the +[Configure Dell Registry Key Settings](/docs/accessanalyzer/11.6/config/dellcelerravnx/installcee.md#configure-dell-registry-key-settings) +topic for information on manually setting the registry key. + +After the Activity Monitor activity agent has been configured to monitor the Dell device, it will +configure the Dell CEE automatically if it is installed on the same server as the agent. This needs +to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on +a different server than the Windows proxy server(s) where the Activity Monitor activity agent is +deployed. + +If the monitoring agent is not registering events, validate that the EndPoint is accurately set. +Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the +following steps. + +**Step 1 –** Navigate to the following windows registry key: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration + +![registryeditorendpoint](/img/versioned_docs/activitymonitor_7.1/config/dellunity/registryeditorendpoint.webp) + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` + +- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` + +**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. + +**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. + +For Asynchronous Bulk Delivery Mode + +For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events +(VCAPS), use the following steps. + +**Step 1 –** Navigate to the following windows registry key: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` +- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` + +**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. + +**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the +MaxEventsPerFeed - between 10 and 10000. + +**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. + +Set the following values under the Data column: + +- Enabled – 1 +- EndPoint – StealthAUDIT + +If this is configured correctly, validate that the Dell CEE services are running. See the +[Validate Dell CEE Services are Running](#validate-dell-cee-services-are-running) topic for +additional information. + +## Validate Dell CEE Services are Running + +After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell +CEE services should be running. If the Activity Agent is not registering events and the EndPoint is +set accurately, validate that the Dell CEE services are running. Open the Services (run +`services.msc`). + +![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) + +The following services laid down by the Dell CEE installer should have Running as their status: + +- Dell CAVA +- Dell CEE Monitor + +## CEE Debug Logs + +If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs +need to be enabled for troubleshooting purposes. Follow the steps. + +**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right +corner to Trace. + +**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list +and Disable monitoring. + +**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: + +> [http://docs.microsoft.com/en-us/sysinternals/downloads/debugview](http://docs.microsoft.com/en-us/sysinternals/downloads/debugview) + +**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration + +**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the +Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +**NOTE:** If the Debug DWORD Value does not exist, it needs to be added. + +**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In +the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +**NOTE:** If the Verbose DWORD Value does not exist, it needs to be added. + +**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: + +- Capture Win32 +- Capture Global Win32 +- Capture Events + +**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list +and Enable monitoring. + +**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. + +**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): + +- Debug View Log (from Dell Debug View tool) +- Use the **Collect Logs** button to collect debug logs from the activity agent + +**_RECOMMENDED:_** After the logs have been gathered and sent to Netwrix Support, reset these +configurations. diff --git a/docs/accessanalyzer/11.6/config/entraid/access.md b/docs/accessanalyzer/11.6/config/entraid/access.md new file mode 100644 index 0000000000..ead558d3f5 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/entraid/access.md @@ -0,0 +1,205 @@ +# Microsoft Entra ID Auditing Configuration + +The Enterprise Auditor for Entra ID Solution provides the ability to audit Microsoft Entra ID, +formerly Azure Active Directory. It scans: + +- Microsoft Entra ID (formerly Azure AD) + +**NOTE:** A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. + +Data Collector + +- [AzureADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/overview.md) + +Configuration Settings from the Registered Application + +The following settings are needed from your tenant once you have registered the application: + +- Client ID – This is the Application (client) ID for the registered application +- Key – This is the Client Secret Value generated when a new secret is created + + **CAUTION:** It is not possible to retrieve the value after saving the new key. It must be + copied first. + +**NOTE:** In order to add custom attributes, you will also need to know the Tenant name of the Entra +ID environment. + +## Permissions + +The following permissions are required: + +- Microsoft Graph API + + - Application Permissions: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + + - Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +- Access URLs + + - https://login.windows.net + - https://graph.windows.net + - https://login.microsoftonline.com + - https://graph.microsoft.com + + - All sub-directories of the access URLs listed + +## Register a Microsoft Entra ID Application + +Follow the steps to register Enterprise Auditor with Microsoft Entra ID. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Enterprise + Auditor Entra ID +- Supported account types – Select **Accounts in this organizational directory only** + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Grant Permissions to the Registered Application + +Follow the steps to grant permissions to the registered application. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs +tab. Select the following permissions: + +- Under Application Permissions, select: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + +- Under Delegated Permissions, select: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the Connection Profile and host settings for +Enterprise Auditor need to be collected. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This Application (client) ID value is needed for the Enterprise Auditor Connection Profile and the +Custom Attributes page of the AzureADInventory Data Collector. See the +[Azure Active Directory for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/entraid.md) +topic and the +[AzureADInventory: Custom Attributes](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributes.md) +topic for additional information. Next generate the application’s Client Secret Key. + +## Generate the Client Secret Key + +Follow the steps to find the registered application's Client Secret, create a new key, and save its +value when saving the new key. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**CAUTION:** It is not possible to retrieve the value after saving the new key. It must be copied +first. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** In the top toolbar, click **New client secret**. + +**Step 4 –** On the Add a client secret blade, complete the following: + +- Description – Enter a unique description for this secret +- Expires – Select the duration. + + **NOTE:** Setting the duration on the key to expire requires reconfiguration at the time of + expiration. It is best to configure it to expire in 1 or 2 years. + +**Step 5 –** Click **Add** to generate the key. + +**CAUTION:** If this page is left before the key is copied, then the key is not retrievable, and +this process will have to be repeated. + +**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the +Copy to clipboard button to copy the Client Secret. + +**Step 7 –** Save this value in a text file. + +This Client Secret value is needed for the Enterprise Auditor Connection Profile and the Custom +Attributes page of the AzureADInventory Data Collector. See the +[Azure Active Directory for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/entraid.md) +topic and the +[AzureADInventory: Custom Attributes](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributes.md) +topic for additional information. + +## Identify the Tenant Name + +Follow the steps to find the Tenant Name where the registered application resides. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Settings** and click **Domain +names** to open the Custom domain names list. + +**Step 3 –** Copy the domain name from the list of domains. + +**Step 4 –** Save this value in a text file. + +This is needed for the Host List and the Custom Attributes page of the AzureADInventory Data +Collector. See the +[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/configurejob.md) +and [AzureADInventory: Custom Attributes](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributes.md) +topics for additional information. diff --git a/docs/accessanalyzer/11.6/config/entraid/overview.md b/docs/accessanalyzer/11.6/config/entraid/overview.md new file mode 100644 index 0000000000..77fdedd3f1 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/entraid/overview.md @@ -0,0 +1,20 @@ +# Microsoft Entra ID Tenant Target Requirements + +Netwrix Enterprise Auditor can execute scans on Microsoft Entra ID, formerly Azure Active Directory. + +## Auditing Permissions + +It is necessary to register Enterprise Auditor as a web application to the targeted Microsoft Entra +ID in order for Enterprise Auditor to scan the environment. This generates the Client ID (App ID) +and Key (App Key) needed for the Connection Profile credentials and the Custom Attributes Import +Wizard page. + +See the +[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/11.6/config/entraid/access.md) +topic for additional information. + +## Auditing Port Requirements + +The following firewall ports are needed by the AzureADInventory Data Collector: + +- TCP 80 and 443 diff --git a/docs/accessanalyzer/11.6/config/exchangeonline/access.md b/docs/accessanalyzer/11.6/config/exchangeonline/access.md new file mode 100644 index 0000000000..530ea3a495 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/exchangeonline/access.md @@ -0,0 +1,283 @@ +# Exchange Online Auditing Configuration + +It is necessary to register Enterprise Auditor as a web application to the targeted Microsoft Entra +ID, formerly Azure Active Directory, in order for Enterprise Auditor to scan the environment. This +generates the Client ID (App ID) and self-signed certificate (Certificate Thumbprint) needed for the +Connection Profile credentials and/or the Custom Attributes Import Wizard page. See +[Microsoft Support](https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-api-prerequisites-azure-portal) +for assistance in configuring the Microsoft Entra ID web application. + +**NOTE:** A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. + +Configuration Settings from the Registered Application + +The following settings are needed from your tenant once you have registered the application: + +- Client ID – This is the Application (client) ID for the registered application +- Tenant name – This is the primary domain name of the Microsoft Entra tenant +- Certificate Thumbprint – This is thumbprint value of the certificate uploaded to the Microsoft + Entra ID application + +Configure Modern Authentication for Exchange Online using EX_RegisterAzureAppAuth Instant Job + +Registering a Microsoft Entra ID application and provisioning it to grant permissions to Exchange +Online can be automated using the EX_RegisterAzureAppAuth job from the Enterprise Auditor Instant +Job Library. The EX_RegisterAzureAppAuth job uses the PowerShell Data Collector to automatically +configure modern authentication for Exchange Online. It requires: + +- A Connection Profile containing a Microsoft Entra ID Global Admin credential with an Account Type + of **Task (Local)** +- Exchange Online Management v3.4.0 + + - You can install this module with the following command: + + ``` + Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 + ``` + +- Azure AD PowerShell module installed on targeted hosts + + **NOTE:** If the module is not already installed, the job will attempt to install it. + + - You can install the module with the following command: + + ``` + Install-Module AzureAD + ``` + + - TLS 1.2 is required for the Azure AD PowerShell module. Run the following command to configure + it: + + ``` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + ``` + +- Microsoft Graph PowerShell module installed on targeted hosts + + - You can install the module with the following command: + + ``` + Install-Module Microsoft.Graph + ``` + +See the +[EX_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/ex_registerazureappauth.md) +topic for additional information. + +## Prerequisites + +The following prerequisites are required to use Modern Authentication for Exchange Online in +Enterprise Auditor. + +- Exchange Online Management v3.4.0 + + - You can install this module with the following command: + + ``` + Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 + ``` + +- Create a self-signed certificate that will be used by Enterprise Auditor for Modern Authentication + +## Permissions + +The following permissions are required: + +Permissions for Office 365 Exchange Online + +- Application Permissions: + + - Exchange.ManageAsApp – Manage Exchange As Application + - full_access_as_app – Use Exchange Web Services with full access to all mailboxes + +- Exchange Administrator role assigned to the registered application's service principal + +## Create Self–Signed Certificate + +A self signed certificate needs to be created on the Enterprise Auditor console server. This is used +by Enterprise Auditor to connect to the Microsoft Entra tenant. + +Follow the steps create the self-signed certificate. + +**Step 1 –** To generate a certificate, use the sample PowerShell command below: + +- Change the following parameters in the sample PowerShell command. See the Microsoft + [New-SelfSignedCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate) + article for additional information. + + - DNS Name – Specifies a DNS name to put into the subject alternative name extension of the + certificate + - Subject – A unique name for the new App (always starts with CN=, to denote a canonical name) + - FriendlyName – Same as Subject name minus the canonical name prefix + - NotAfter – A datetime string denoting the certificate's expiration date - in the above sample, + Get-Date.AddYears(11) specifies that the certificate will expire 11 years from the current + datetime + +Example PowerShell: + +``` +$cert=New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My -DnsName stealthbits.com -Subject "CN=NEA Exchange Online" -FriendlyName "NEA Exchange Online" -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddYears(11) +``` + +**Step 2 –** Export the certificate public key as a .cer file to the PrivateAssemblies folder in +Enterprise Auditor with the Export–Certificate cmdlet using the certificate path stored in the +$certPath variable (see Step 1). + +**NOTE:** The environment variable `SAINSTALLDIR` always points to the base Enterprise Auditor +install directory; simply append the PrivateAssemblies to point to that folder with the following +cmdlet: + +``` +Export-Certificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\exchange_cert.cer" -Type CERT +``` + +- See the Microsoft + [Export-Certificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-certificate) + article for additional information. + +**Step 3 –** Export the certificate private key as a .pfx file to the same folder by running the +following cmdlet: + +**_RECOMMENDED:_** Change the string in the Password parameter from "PasswordGoesHere" to something +more secure before running this cmdlet. + +``` +Export-PfxCertificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\exchange_cert.pfx" -Password (ConvertTo-SecureString -String "PasswordGoesHere" -Force -AsPlainText) +``` + +- See the Microsoft + [Export-PfxCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-pfxcertificate) + article for additional information. + +The self signed certificate has been created. The next steps are to create a Microsoft Entra ID +application and then upload this certificate to it. + +## Register a Microsoft Entra ID Application + +Follow the steps to register Enterprise Auditor with Microsoft Entra ID. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Enterprise + Auditor for Exchange +- Supported account types – Select **Accounts in this organizational directory only** + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Upload Self-Signed Certificate + +Follow the steps upload your self-signed certificate. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** Select the Certificates tab. + +**Step 4 –** In the tool bar, click **Upload Certificate**. + +**Step 5 –** Navigate to the to PrivateAssemblies folder and select the `exchange_cert.cer` file. +Optionally add a Description. + +**Step 6 –** Click **Add**. + +The Certificate Thumbprint of this uploaded certificate is needed for the Enterprise Auditor +Connection Profile. See the +[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/exchangemodernauth.md) +topic for additional information. + +## Grant Permissions to the Registered Application + +Follow the steps to grant permissions to the registered application. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, use the search bar on the APIs my organization +uses tab to find and select Office 365 Exchange Online. Select the following permissions: + +- Application Permissions: + + - Exchange.ManageAsApp – Manage Exchange As Application + - full_access_as_app – Use Exchange Web Services with full access to all mailboxes + +- Exchange Administrator role assigned to the registered application's service principal + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the Connection Profile and host settings for +Enterprise Auditor need to be collected. + +## Identify the Tenant's Name + +Follow the steps to find the Tenant Name where the registered application resides. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Settings** and click **Domain +names** to open the Custom domain names list. + +**Step 3 –** Copy the domain name from the list of domains. + +**Step 4 –** Save this value in a text file. + +This is needed for the Enterprise Auditor Connection Profile. See the +[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/exchangemodernauth.md) +topic for additional information. Next identify the application’s Client ID. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This is needed for the Enterprise Auditor Connection Profile. See the +[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/exchangemodernauth.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/config/hitachi/activity.md b/docs/accessanalyzer/11.6/config/hitachi/activity.md new file mode 100644 index 0000000000..389941906c --- /dev/null +++ b/docs/accessanalyzer/11.6/config/hitachi/activity.md @@ -0,0 +1,53 @@ +# Hitachi Activity Auditing Configuration + +The Hitachi NAS (HNAS) server can host multiple Enterprise Virtual Servers (EVS). Each EVS has +multiple file systems. Auditing is enabled and configured per file system. This guide explains how +to enable auditing on an HNAS and to configure the Activity Monitor to monitor activity coming from +the Hitachi device auditing. + +The Activity Monitor does not use the EVS or file system name to connect to HNAS. Therefore, all +that is required of the user for HNAS activity collection is the following: + +- Logs path (UNC) + + - Active Log file name – Active Log File name needs with an `.evt` extension, and it should be + the same as in the HNAS configuration. This is usually `audit.evt`. + +- Credentials to access the HNAS log files + + - The only requirement for the credentials is the ability to read files from the `logs` + directory. + +- A polling interval between log collections (15 seconds by default) + + - The Activity Monitor minimizes IO by remembering a file offset where it stopped reading and + continuing from that offset next time. + +**CAUTION:** The following disclaimer is provided by Hitachi: + +“Because CIFS defines open and close operations, auditing file system object access performed by +clients using other protocols would be costly in terms of system performance, because each I/O +operation would have to be audited as an open operation. **Therefore, when file system auditing is +enabled, by default, only clients connecting through the CIFS protocol are allowed access to the +file system.** Access by clients using other protocols, like NFS, can, however, be allowed. When +such access is allowed, access to file system objects through these protocols is not audited.” + +**NOTE:** File system auditing can be configured to deny access to clients connecting with protocols +that cannot be audited (NFS). Please see the Hitachi +[Server and Cluster Administration Guide](https://support.hds.com/download/epcra/hnas0106.pdf) for +additional information. + +Configuration Checklist + +Complete the following checklist prior to configuring activity monitoring of Hitachi devices. +Instructions for each item of the checklist are detailed within the following topics. + +Checklist Item 1: +[Configure Audit Logs on HNAS](/docs/accessanalyzer/11.6/config/hitachi/configurelogs.md) + +Checklist Item 2: +[Configure Access to HNAS Audit Logs on Activity Agent Server](/docs/accessanalyzer/11.6/config/hitachi/configureaccesstologs.md) + +Checklist Item 3: Activity Monitor Configuration + +- Deploy the Activity Monitor Activity Agent to a Windows proxy server diff --git a/docs/accessanalyzer/12.0/configuration/hitachi/configure-access-to-logs.md b/docs/accessanalyzer/11.6/config/hitachi/configureaccesstologs.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/hitachi/configure-access-to-logs.md rename to docs/accessanalyzer/11.6/config/hitachi/configureaccesstologs.md diff --git a/docs/accessanalyzer/11.6/config/hitachi/configurelogs.md b/docs/accessanalyzer/11.6/config/hitachi/configurelogs.md new file mode 100644 index 0000000000..6d51e5610a --- /dev/null +++ b/docs/accessanalyzer/11.6/config/hitachi/configurelogs.md @@ -0,0 +1,33 @@ +# Configure Audit Logs on HNAS + +Follow the steps to configure access to the HNAS audit logs on the Hitachi device. + +**Step 1 –** Open a browser and enter the IP Address for HNAS in the address bar to launch the +Hitachi Storage Navigator (SN). Enter the username and password. + +**Step 2 –** At the Storage Navigator home page, click File Services. + +**Step 3 –** On the File Services screen, click Enable File Service. + +**Step 4 –** On the Enable File Services screen, verify that the CIFS/Windows service is selected. + +**Step 5 –** On the File Services screen, click File System Security. + +**Step 6 –** Click Switch Mode and set the default file system security mode to Mixed (Windows and +UNIX) for all virtual file systems. + +**Step 7 –** Configure the Hitachi NAS Platform audit policy by returning to the File Services page. + +**Step 8 –** Click File System Audit Policies. + +**Step 9 –** Select the correct EVS and click details for the file system to enable auditing. + +**Step 10 –** In the Access via Unsupported Protocols section, select Allow Access (without +auditing). In the Audit Log section, set the maximum log file size to a value of at least 8 MB. It +is recommended to set it to 16 MB. In the Log roll over policy section, select New. The product does +not support the Wrap policy. Click OK to close. + +Once access has been configured on the Hitachi device, it is necessary to configure access to the +HNAS audit logs on the Windows server. See the +[Configure Access to HNAS Audit Logs on Activity Agent Server](/docs/accessanalyzer/11.6/config/hitachi/configureaccesstologs.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/config/hitachi/overview.md b/docs/accessanalyzer/11.6/config/hitachi/overview.md new file mode 100644 index 0000000000..bd1d8983c4 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/hitachi/overview.md @@ -0,0 +1,94 @@ +# Hitachi Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery +Auditing scans on Hitachi devices. The Netwrix Activity Monitor can be configured to monitor +activity on Hitachi devices and make the event data available for Enterprise Auditor Activity +Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Enterprise Auditor scans must have the following permissions on the +target host: + +- Group membership in the Backup Operators local group + +This permission grants the credential read access to all target folders and files. The credential +used within the assigned Connection Profile for these target hosts requires these permissions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of Hitachi + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +Hitachi Requirements + +A Hitachi device can host multiple Enterprise Virtual Servers (EVS). Each EVS has multiple file +systems. Auditing is enabled and configured per file system. HNAS generates the audit log files in +[EVT format](https://technet.microsoft.com/en-us/sysinternals/bb309026) (a standard event log format +in Windows XP/2003 and earlier). Hitachi stores the generated audit logs in a user specified +location on the file system. The activity agent deployed on the Windows proxy server accesses this +location to collect the audit log files as they are generated. The credential used to monitor +activity must be provisioned with: + +- Capability of enabling a File System Audit Policy on the Hitachi device +- Audit rights to the Hitachi log directory + +See the +[Hitachi Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/hitachi/activity.md) +topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/nasuni/access.md b/docs/accessanalyzer/11.6/config/nasuni/access.md new file mode 100644 index 0000000000..146440eaef --- /dev/null +++ b/docs/accessanalyzer/11.6/config/nasuni/access.md @@ -0,0 +1,69 @@ +# Nasuni Edge Appliance Access & Sensitive Data Auditing Configuration + +It is necessary to generate an API Key Name and Passcode for each on-premise Nasuni Edge Appliance +and cloud filer. + +## Nasuni Filer Management Interface + +Follow the steps to generate a Nasuni API Access Key in the Nasuni Filer Management Interface. + +**Step 1 –** Within the **Configuration** menu, under **USERS & SECURITY**, select API Access Keys. +The API Access Keys page opens. + +**Step 2 –** Click Add API Key button. The Add API Key window opens. + +**Step 3 –** Enter a Name for thekey; for example, the name of the application. + +**Step 4 –** Click Create Key. + +**Step 5 –** In the Successfully Generated API Key window, copy the Key Passcode. + +Both the Key Name and the Key Passcode are required for each Nasuni Edge Appliance and cloud filer. +They are used as the credentials in the Enterprise Auditor Connection Profile for 0-FS_Nasuni Job. + +**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in +the exact same case as generated. + +See the Nasuni +[Management Console Guide](https://nasuni.my.salesforce.com/sfc/p/#management-console-guide) +documentation for additional information. + +## Nasuni Management Console + +Follow the steps to generate a Nasuni API Access Key in the Nasuni Management Console. + +**Step 1 –** Click Filers and select API Keys from the menu on the left. The Filer API Access Key +Settings page opens. + +**Step 2 –** Click New API Key button. The Add API Access Key window opens. + +**Step 3 –** From the Filer drop-down menu, select the desired Nasuni Edge Appliance. Then enter a +Name for the key; for example, the name of the application. + +**Step 4 –** Click Add API Key. + +**Step 5 –** A message appears which includes the Key Passcode; copy the Key Passcode. + +Both the Key Name and the Key Passcode are required for each Nasuni Edge Appliance and cloud filer. +They are used as the credentials in the Enterprise Auditor Connection Profile for 0-FS_Nasuni Job. + +**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in +the exact same case as generated. + +See the +[Nasuni Management Console Guide](https://nasuni.my.salesforce.com/sfc/p/#nasuni-management-console-guide) +documentation for additional information. + +## Nasuni Best Practices for Access Auditing + +Nasuni is a hybrid NAS where actively-used data is stored on a Nasuni Edge appliance while the +authoritative copy of all files and meta data is stored in private or public cloud object storage +platforms by the UniFS® global file system, and there are egress fees associated with transferring +data between the two. In order to minimize these egress fees and optimize scan performance, it is +recommended to deploy a dedicated Nasuni Edge Appliance with all shares to be scanned by Enterprise +Auditor mounted, and the Enterprise Auditor console server, in the same region where the +authoritative copy resides. + +See the +[External Auditing and Nasuni Best Practices](https://nasuni.my.salesforce.com/sfc/p/#external-auditing-and-nasuni-best-practices) +documentation for additional information. diff --git a/docs/accessanalyzer/11.6/config/nasuni/activity.md b/docs/accessanalyzer/11.6/config/nasuni/activity.md new file mode 100644 index 0000000000..381e5979ac --- /dev/null +++ b/docs/accessanalyzer/11.6/config/nasuni/activity.md @@ -0,0 +1,68 @@ +# Nasuni Edge Appliance Activity Auditing Configuration + +Generation of an API Access Key is required for Nasuni activity monitoring. The Nasuni Edge +Appliance generates its own audit trail. An API Access Key is used by the Activity Monitor to form a +network connection to the appliance. Nasuni will then stream event data to the activity agent. See +[Nasuni Support Documentation](https://www.nasuni.com/support/) for additional information. + +Configuration Checklist + +Complete the following checklist prior to configuring activity monitoring of Nasuni Edge Appliances. +Instructions for each item of the checklist are detailed within the following topics. + +Checklist Item 1: Generate Nasuni API Access Key + +- Generate an API Access Key for each Nasuni Edge Appliance to be monitored through one of the + following: + + - Nasuni Filer Management Interface + - Nasuni Management Console + +Checklist Item 2: Activity Monitor Configuration + +- Deploy the Activity Monitor activity agent to a Windows proxy server + +## Nasuni Filer Management Interface + +Follow the steps to generate a Nasuni API Access Key in the Nasuni Filer Management Interface. + +**Step 1 –** Within the **Configuration** menu, under **USERS & SECURITY**, select API Access Keys. +The API Access Keys page opens. + +**Step 2 –** Click Add API Key button. The Add API Key window opens. + +**Step 3 –** Enter a Name for thekey; for example, the name of the application. + +**Step 4 –** Click Create Key. + +**Step 5 –** In the Successfully Generated API Key window, copy the Key Passcode. + +Both the Key Name and the Key Passcode are required by the Activity Monitor in order to connect to +the Nasuni Edge Appliance. Once the API Key has been generated, it is time to configure and enable +monitoring with the Activity Monitor console. + +**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in +the exact same case as generated. + +## Nasuni Management Console + +Follow the steps to generate a Nasuni API Access Key in the Nasuni Management Console. + +**Step 1 –** Click Filers and select API Keys from the menu on the left. The Filer API Access Key +Settings page opens. + +**Step 2 –** Click New API Key button. The Add API Access Key window opens. + +**Step 3 –** From the Filer drop-down menu, select the desired Nasuni Edge Appliance. Then enter a +Name for the key; for example, the name of the application. + +**Step 4 –** Click Add API Key. + +**Step 5 –** A message appears which includes the Key Passcode; copy the Key Passcode. + +Both the Key Name and the Key Passcode are required by the Activity Monitor in order to connect to +the Nasuni Edge Appliance. Once the API Key has been generated, it is time to configure and enable +monitoring with the Activity Monitor console. + +**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in +the exact same case as generated. diff --git a/docs/accessanalyzer/11.6/config/nasuni/overview.md b/docs/accessanalyzer/11.6/config/nasuni/overview.md new file mode 100644 index 0000000000..183fb150e2 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/nasuni/overview.md @@ -0,0 +1,96 @@ +# Nasuni Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery +Auditing scans on on-premise Nasuni Edge Appliances. The Netwrix Activity Monitor can be configured +to monitor activity on on-premise Nasuni Edge Appliances and make the event data available for +Enterprise Auditor Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Enterprise Auditor scans must have the following permissions on the +target host: + +- Group membership in the local Administrators group + +This is in addition to the API Key Name and Passcode which must be generated for each on-premise +Nasuni Edge Appliance and cloud filer. The credential used within the assigned Connection Profile +for these target hosts requires these permissions. See the +[Nasuni Edge Appliance Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/nasuni/access.md) +topic for instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of Nasuni Edge Appliance + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +Nasuni Edge Appliance Requirements + +Additionally, it is necessary to generate an API Access Key for Nasuni activity monitoring. See the +[Nasuni Edge Appliance Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/nasuni/activity.md) +topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Nasuni Edge Appliance + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target Nasuni Edge Appliance: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | ------------- | ----- | ---------------------- | +| Agent Server to Nasuni | HTTPS | 8443 | Nasuni API calls | +| Nasuni to Activity Agent Server | AMQP over TCP | 5671 | Nasuni event reporting | + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/netapp7mode/access.md b/docs/accessanalyzer/11.6/config/netapp7mode/access.md new file mode 100644 index 0000000000..3c39418824 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netapp7mode/access.md @@ -0,0 +1,57 @@ +# NetApp Data ONTAP 7-Mode Access & Sensitive Data Auditing Configuration + +This topic provides instructions for configuring API calls and bypassing NTFS security for NetApp +Data ONTAP 7-Mode devices. + +## Share Enumeration – API Calls for 7-Mode + +To enumerate the shares on a NetApp Data ONTAP 7-Mode device, File System scans require a credential +provisioned with access to (at minimum) the following API calls: + +``` +login-http-admin +api-system-api-list +api-system-get-version +api-cifs-share-list-iter-* +``` + +If the query configuration option to “Exclude system shares” is deselected, the credential must also +have the ability to run the following command, which is also configuration-specific: + +``` +api-volume-list-info-iter-* +``` + +## Bypass NTFS Security for 7-Mode + +In order to bypass NTFS, the credential needs to at least have the following permissions on the +NetApp device: + +- Group membership in both of the following groups: + + - Power Users + - Backup Operators + +If the query configuration option to “Exclude system shares” is deselected, the credential must +have: + +- Group membership in the local Administrators group + +**NOTE:** All NetApp groups are assigned an RID. Built-in NetApp groups such as Power Users and +Backup Operators are assigned specific RID values. On 7-Mode NetApp devices, system access checks +for a group are identified by the RID assigned to the group and not by the role it has. Therefore, +application’s ability to bypass access checks with the Power Users and Backup Operators group has +nothing to do with the power role or the backup role. Neither role is required. For example, the +built-in Power User group, even when stripped of all roles, still has more file system access +capabilities than any other non-built-in group. + +If only running the Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, proceed +to the +[Provision Account](/docs/accessanalyzer/11.6/config/netapp7mode/provisionaccess.md) +topic for instructions. If also running Activity Auditing (FSAC) scan, then the FPolicy Account +Provisioned for the Netwrix Activity Monitor will meet the needs of the Access Auditing (FSAA) +and/or Sensitive Data Discovery Auditing scans. Proceed to the +[NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/netapp7mode/activity.md) +topic for instructions. + +This credential is used within the Connection Profile assigned to the File System scans. diff --git a/docs/accessanalyzer/11.6/config/netapp7mode/activity.md b/docs/accessanalyzer/11.6/config/netapp7mode/activity.md new file mode 100644 index 0000000000..a08074a895 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netapp7mode/activity.md @@ -0,0 +1,100 @@ +# NetApp Data ONTAP 7-Mode Activity Auditing Configuration + +The Activity Monitor agent employed to monitor NetApp leverages 128-bit encrypted Remote Procedure +Calls (RPC), NetApp ONTAP-API, and NetApp FPolicy to monitor file system events. This includes both +NetApp 7-Mode and Cluster-Mode configurations. To learn more about FPolicy please visit the NetApp +website and read the +[What FPolicy is](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-54FE1A84-6CF0-447E-9AAE-F43B61CA2138.html) +article. + +If the activity agent is stopped, a notification will be sent to the NetApp device to disconnect and +disable the associated FPolicy policy, but it will not be removed. + +If the network connection is lost between the activity agent and the NetApp device, the NetApp +device is configured with a default timeout to wait for a response. If a response is not received +from the Activity Agent within the timeout, then the NetApp device will disconnect and disable the +FPolicy policy. The Activity Agent will check every minute by default to see if the FPolicy policy +has been disabled and will enable it (if the auto-enable functionality is enabled for the agent). +The default setting to check every minute is configurable. + +The NetApp FPolicy uses a “push” mechanism such that notification will only be sent to the activity +agent when a transaction occurs. Daily activity log files are created only if activity is performed. +No activity log file will be created if there is no activity for the day. + +Configuration Checklist + +Complete the following checklist prior to configuring activity monitoring of NetApp Data ONTAP +7-Mode devices. Instructions for each item of the checklist are detailed within the following +topics. + +Checklist Item 1: Plan Deployment + +- Gather the following information: + - Names of the vFiler™(s) to be monitored + - DNS name of the CIFS shares(s) to be monitored + +Checklist Item 2: +[Provision FPolicy Account](/docs/accessanalyzer/11.6/config/netapp7mode/provisionactivity.md) + +- Group membership with a role granting access to the following commands: + + ``` + login-http-admin + api-system-api-list + api-system-get-version + api-cifs-share-list-iter-* + api-volume-list-info-iter-* + ``` + +- For Automatic FPolicy creation (Checklist Item 4), group membership with a role granting access to + the following command: + + ``` + api-fpolicy* + ``` + +- To use the “Enable and connect FPolicy” option within the Activity Monitor, group membership with + a role granting access to the following command: + + ``` + cli-fpolicy* + ``` + +- Group membership in: + + - ONTAP Power Users + - ONTAP Backup Operators + +Checklist Item 3: Firewall Configuration + +- HTTP (80) or HTTPS (443) +- HTTP or HTTPS protocols need to be enabled on the NetApp filer +- TCP 135 +- TCP 445 +- Dynamic port range: TCP/UDP 137-139 +- See the + [Enable HTTP or HTTPS](/docs/accessanalyzer/11.6/config/netapp7mode/enablehttp.md) + topic for instructions. + +Checklist Item 4: +[Configure FPolicy](/docs/accessanalyzer/11.6/config/netapp7mode/configurefpolicy.md) + +- If using vFilers: + + - FPolicy operates on the vFiler so the FPolicy must be created on the vFiler + + **NOTE:** Activity Monitor must target the vFiler + +- Select method: + + **_RECOMMENDED:_** Configure FPolicy Manually – A tailored FPolicy + + - Allow the Activity Monitor to create an FPolicy automatically + - This option is enabled when the Activity Monitor agent is configured to monitor the NetApp + device on the NetApp FPolicy Configuration page of the Add New Hosts window. + - It monitors all file system activity. + +Checklist Item 5: Activity Monitor Configuration + +- Deploy the Activity Monitor Activity Agent to a Windows proxy server +- Configure the Activity Agent to monitor the NetApp device diff --git a/docs/accessanalyzer/11.6/config/netapp7mode/configurefpolicy.md b/docs/accessanalyzer/11.6/config/netapp7mode/configurefpolicy.md new file mode 100644 index 0000000000..92e2c67efb --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netapp7mode/configurefpolicy.md @@ -0,0 +1,171 @@ +# Configure FPolicy + +Select a method to configure the FPolicy for NetApp Data ONTAP 7-Mode devices: + +**_RECOMMENDED:_** +[Manually Configure FPolicy (Recommended Option)](#manually-configure-fpolicy-recommended-option) – +A tailored FPolicy + +- If using vFilers the FPolicy must be created on the vFiler, and the Activity Monitor must target + the vFiler. This is because FPolicy operates on the affected vFiler. Therefore, when executing + these commands on a vFiler, the commands must be run from a vFiler context (e.g. via the vFiler + run command). +- Allow the Activity Monitor to create an FPolicy automatically. See the + [Automatic Configuration of FPolicy](#automatic-configuration-of-fpolicy) topic for additional + information. + + - This option is enabled when the Activity Monitor Activity Agent is configured to monitor the + NetApp device on the NetApp FPolicy Configuration page of the Add New Hosts window. + - It monitors all file system activity. + +## Manually Configure FPolicy (Recommended Option) + +This section describes how to manually configure FPolicy. Manual configuration of the FPolicy is +recommended so that the policy can be scoped. It is necessary to create six FPolicy components and +then enable the FPolicy. See the sections corresponding to each part of this list: + +- [Part 1: Create FPolicy](#part-1-create-fpolicy) +- [Part 2: Set FPolicy Required to Off](#part-2-set-fpolicy-required-to-off) +- [Part 3: Set FPolicy to Collect Permission Changes](#part-3-set-fpolicy-to-collect-permission-changes) +- [Part 4: Set FPolicy to Monitor Alternate Data Streams](#part-4-set-fpolicy-to-monitor-alternate-data-streams) +- [Part 5: Set FPolicy to Monitor Disconnected Sessions](#part-5-set-fpolicy-to-monitor-disconnected-sessions) +- [Part 6: Scope FPolicy for Specific Volumes](#part-6-scope-fpolicy-for-specific-volumes) +- [Part 7: Enable FPolicy](#part-7-enable-fpolicy) + +If using vFilers the FPolicy must be created on the vFiler, and the Activity Monitor must target the +vFiler. This is because FPolicy operates on the affected vFiler. Therefore, when executing these +commands on a vFiler, the commands must be run from a vFiler context (e.g. via the vFiler run +command). + +Relevant NetApp Documentation: To learn more about configuring file policies, please visit the +NetApp website and read +[na_fpolicy – configure file policies](https://library.netapp.com/ecmdocs/ECMP1196890/html/man1/na_fpolicy.1.html) +article. + +### Part 1: Create FPolicy + +Create the FPolicy on the vFiler. + +IMPORTANT: + +- The policy should be named "StealthAUDIT" +- The only supported policy type is "screen" for file screening. + +Use the following command to create the FPolicy: + +``` +fpolicy create StealthAUDIT screen +``` + +### Part 2: Set FPolicy Required to Off + +If the `FPolicy Required` value is set to on, user requests are denied if an FPolicy server is not +available to implement the policy. If it is set to off, user requests are allowed when it is not +possible to apply the policy to the file because no FPolicy server is available. + +IMPORTANT: + +- The `FPolicy Required` value should be set to **off** + +Use the following command to set the `FPolicy Required` value to off: + +``` +fpolicy options StealthAUDIT required off +``` + +### Part 3: Set FPolicy to Collect Permission Changes + +The cifs_setattr value must be set to on in order for CIFS requests to change file security +descriptors to be screened by the policy. + +IMPORTANT: + +- The `cifs_setattr` value must be set to **on** + +Use the following command to enable the FPolicy to collect permission changes: + +``` +fpolicy options StealthAUDIT cifs_setattr on +``` + +### Part 4: Set FPolicy to Monitor Alternate Data Streams + +The monitor_ads value must be set to on in order for CIFS requests for alternate data streams (ADS) +to be monitored by the policy. + +IMPORTANT: + +- The `monitor_ads` value must be set to **on** + +Use the following command to enable the FPolicy to monitor ADS: + +``` +fpolicy options StealthAUDIT monitor_ads on +``` + +### Part 5: Set FPolicy to Monitor Disconnected Sessions + +The cifs_disconnect_check value must be set to on in order for CIFS requests associated with +disconnected sessions to be monitored by the policy. + +IMPORTANT: + +- The `cifs_disconnect_check` value must be set to **on** + +Use the following command to enable the FPolicy to monitor disconnected sessions: + +``` +fpolicy options StealthAUDIT cifs_disconnect_check on +``` + +### Part 6: Scope FPolicy for Specific Volumes + +The FPolicy can be scoped either to monitor only specified volumes (inclusion) or to not monitor +specific volumes (exclusion). + +IMPORTANT: + +- Choose to scope by including or excluding volumes + +Use the following command to scope the FPolicy by volume: + +``` +fpolicy ‑volume [INCLUDE OR EXCLUSION] ‑add StealthAUDIT [VOLUME_NAME],[VOLUME_NAME] +``` + +Inclusion Example: + +``` +fpolicy ‑volume include ‑add StealthAUDIT samplevolume1,samplevolume2 +``` + +Exclusion Example: + +``` +fpolicy ‑volume exclusion ‑add StealthAUDIT samplevolume1,samplevolume2 +``` + +### Part 7: Enable FPolicy + +The FPolicy must be enabled before the Activity Monitor Activity Agent can be configured to monitor +the NetApp device. + +IMPORTANT: + +- The Activity Monitor must register with the NetApp device as an FPolicy server. By default, it + looks for a policy named `StealthAUDIT`. See the + [Customize FPolicy Policy Name](/docs/accessanalyzer/11.6/config/netapp7mode/customizefpolicy.md) + section for information on using a different policy name. + +Use the following command to enable the FPolicy to monitor disconnected sessions: + +``` +fpolicy enable StealthAUDIT +``` + +## Automatic Configuration of FPolicy + +The Activity Monitor can automatically configure FPolicy on the targeted NetApp Data ONTAP 7-Mode +device. The FPolicy created monitors all file system activity. This is done when the NetApp device +is assigned to the agent for monitoring. This option is enabled on the NetApp FPolicy Configuration +page of the Add New Host window. diff --git a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/customize-fpolicy.md b/docs/accessanalyzer/11.6/config/netapp7mode/customizefpolicy.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/netapp-7-mode/customize-fpolicy.md rename to docs/accessanalyzer/11.6/config/netapp7mode/customizefpolicy.md diff --git a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/enable-http.md b/docs/accessanalyzer/11.6/config/netapp7mode/enablehttp.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/netapp-7-mode/enable-http.md rename to docs/accessanalyzer/11.6/config/netapp7mode/enablehttp.md diff --git a/docs/accessanalyzer/11.6/config/netapp7mode/overview.md b/docs/accessanalyzer/11.6/config/netapp7mode/overview.md new file mode 100644 index 0000000000..0589e75a14 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netapp7mode/overview.md @@ -0,0 +1,145 @@ +# NetApp Data ONTAP 7-Mode Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery +Auditing scans on NetApp Data ONTAP 7-Mode devices. The Netwrix Activity Monitor can be configured +to monitor activity on NetApp Data ONTAP 7-Mode devices and make the event data available for +Enterprise Auditor Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Enterprise Auditor scans must have the following permissions on the +target host: + +- Enumerate shares by executing specific API calls +- Bypass NTFS security to read the entire folder structure to be scanned and collect file/folder + permissions + +These permissions grant the credential the ability to enumerate shares, access the remote registry, +and bypass NTFS security on folders. The credential used within the assigned Connection Profile for +these target hosts requires these permissions. See the +[NetApp Data ONTAP 7-Mode Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/netapp7mode/access.md) +topic for instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of NetApp Data ONTAP 7-Mode Device + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +NetApp Data ONTAP 7-Mode Device Requirements + +An FPolicy must be configured on the target device for Activity Auditing (FSAC) scans. A tailored +FPolicy is recommended as it decreases the impact on the NetApp device. The credential associated +with the FPolicy used to monitor activity must be provisioned with access to the following API +calls: + +``` +login-http-admin +api-system-api-list +api-system-get-version +api-cifs-share-list-iter-* +api-volume-list-info-iter-* +``` + +If the Activity Monitor will be automatically configuring the FPolicy, then the following command is +also needed: + +``` +api-fpolicy* +``` + +If the Activity Monitor will be configured to use the “Enable and connect to the FPolicy” option, +then the following command is also needed: + +``` +cli-fpolicy* +``` + +The credential must also have the following permissions on the target device: + +- Group membership in both of the following groups: + + - ONTAP Power Users + - ONTAP Backup Operators + +See the +[NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/netapp7mode/activity.md) +topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for NetApp Data ONTAP 7-Mode Device + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target NetApp Data ONTAP 7-Mode device: + +| Communication Direction | Protocol | Ports | Description | +| --------------------------------- | ---------------- | ------------------------------------ | ----------- | +| Activity Agent Server to NetApp\* | HTTP (optional) | 80 | ONTAPI | +| Activity Agent Server to NetApp\* | HTTPS (optional) | 443 | ONTAPI | +| Activity Agent Server to NetApp | TCP | 135, 139 Dynamic Range (49152-65535) | RPC | +| Activity Agent Server to NetApp | TCP | 445 | SMB | +| Activity Agent Server to NetApp | UDP | 137, 138 | RPC | +| NetApp to Activity Agent Server | TCP | 135, 139 Dynamic Range (49152-65535) | RPC | +| NetApp to Activity Agent Server | TCP | 445 | SMB | +| NetApp to Activity Agent Server | UDP | 137, 138 | RPC | + +\*Only required if using the FPolicy Configuration and FPolicy Enable and Connect options in +Activity Monitor. + +**NOTE:** If either HTTP or HTTPS are not enabled, the FPolicy on the NetApp Data ONTAP 7-Mode +device must be configured manually. Also, the External Engine will not reconnect automatically in +the case of a server reboot or service restart. + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/netapp7mode/provisionaccess.md b/docs/accessanalyzer/11.6/config/netapp7mode/provisionaccess.md new file mode 100644 index 0000000000..5fa354331e --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netapp7mode/provisionaccess.md @@ -0,0 +1,74 @@ +# Provision Account + +This section describes the steps needed to create a user account with the privileges required to +execute Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans from Enterprise +Auditor. It is necessary to: + +- Create Role +- Create a Group & Assign Role +- Add User to Group + +Relevant NetApp Documentation: To learn more about node access controls, please visit the NetApp +website and read the +[na_useradmin – Administers node access controls](https://library.netapp.com/ecmdocs/ECMP1511537/html/man1/na_useradmin.1.html) +article. + +## Create Role + +This section provides instructions for creating a role with access to the following commands: + +``` +login-http-admin +api-system-api-list +api-system-get-version +api-cifs-share-list-iter-* +api-volume-list-info-iter-* +``` + +The following command needs to be run to create the role. + +``` +useradmin role ‑add [ROLE_NAME] ‑c "[ROLE_DESCRIPTION]" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter +``` + +Example: + +``` +useradmin role ‑add enterpriseauditor ‑c "Role for Enterprise Auditor" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter‑* +``` + +After the role is created, Create a Group & Assign Role. + +## Create a Group & Assign Role + +Once the role has been created, it must be attached to a group. The following command needs to be +run to create a group and assign the role to it. + +``` +useradmin group add [GROUP_NAME] ‑r [ROLE_NAME] +``` + +Example: + +``` +useradmin group add nwxgroup ‑r enterpriseauditor +``` + +After the group is created and the role is assigned, Add User to Group. + +## Add User to Group + +The final step is to add the domain user to the new group, Backup Operators group, and Power Users +group. The following command needs to be run to add the user to all three groups. + +``` +useradmin domainuser ‑add [DOMAIN\USER] ‑g [GROUP_NAME, WITHIN " MARKS IF MULTIPLE WORDS], "Backup Operators","Power Users" +``` + +Example: + +``` +useradmin domainuser ‑add example\user1 ‑g nwxgroup,"Backup Operators","Power Users" +``` + +This credential is used within the Connection Profile assigned to the File System scans. diff --git a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/provision-activity.md b/docs/accessanalyzer/11.6/config/netapp7mode/provisionactivity.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/netapp-7-mode/provision-activity.md rename to docs/accessanalyzer/11.6/config/netapp7mode/provisionactivity.md diff --git a/docs/accessanalyzer/11.6/config/netappcmode/access.md b/docs/accessanalyzer/11.6/config/netappcmode/access.md new file mode 100644 index 0000000000..8c931edc1d --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netappcmode/access.md @@ -0,0 +1,261 @@ +# NetApp Data ONTAP Cluster-Mode Access & Sensitive Data Auditing Configuration + +This topic provides instructions for configuring NetApp Data ONTAP Cluster-Mode devices. + +## CIFS Method 1 Credential Configuration + +Configuring access to CIFS shares using FPolicy and ONTAP API for Enterprise Auditor requires the +following: + +- Configure Data LIF to Allow HTTPS Traffic +- [Configure Empty FPolicy](/docs/accessanalyzer/11.6/config/netappcmode/configureemptyfpolicy.md) + +See the [CIFS Method 2 Credential Configuration](#cifs-method-2-credential-configuration) topic for +an alternative method. + +### Configure Data LIF to Allow HTTPS Traffic + +As of NetApp Clustered ONTAP 9.6, users can assign service policies (instead of LIF roles) to LIFs +that determine the kind of traffic that is supported for the LIFs. + +- Starting with ONTAP 9.5, ONTAP supports service policies +- Starting with ONTAP 9.6, LIF roles are deprecated and service policies are supported for all types + of services + +For users running ONTAP 9.6+, data LIFs used for HTTPS communication with Enterprise Auditor are +required to use a LIF service policy that includes the `management-https` service. Without this +service applied to a data LIF’s service policy, HTTPS communication will not be possible. + +The following examples offer guidance for managing service policies, but may vary depending on the +NetApp environment’s specific configuration and needs. + +Use the following command to display available services: + +``` +network interface service show +``` + +Use the following command to create a service policy (example includes NFS, CIFS, and HTTPS +traffic): + +``` +network interface service-policy create -vserver [SVM_NAME] -policy [SERVICE_POLICY_NAME] -services [LIST_OF_SERVICES_COMMA-SEPARARTED] -allowed-addresses [IP_CIDR_NOTATION] +``` + +Example with the NFS, CIFS, and HTTPS protocols being allowed: + +``` +network interface service-policy create -vserver testserver -policy new_service_policy -services data-nfx,data-cifs,management-https,data-core -allowed-addresses 0.0.0.0/0 +``` + +Use the following command to verify if the service policy was properly created: + +``` +network interface service-policy show +``` + +Use the following command to add the created service policy to an existing data LIF: + +``` +network interface modify -vserver [SVM_NAME] -lif [LIF_NAME] -service-policy [SERVICE_POLICY_NAME] +``` + +Example: + +``` +network interface modify -vserver testserver -lif lif_1 -service-policy new_service_policy +``` + +A service policy can only be used by LIFs in the same SVM that is specified when creating the +service policy. + +## CIFS Method 2 Credential Configuration + +Configuring access to CIFS shares using the special C$ share is an alternative least privileged +access option for NetApp Data ONTAP Cluster-Mode devices v9.0+. See the +[CIFS Method 1 Credential Configuration](#cifs-method-1-credential-configuration) topic for an +alternative method. + +The following permissions are required: + +- Group membership in the Backup Operators group on either the file system proxy server for Proxy + Mode scans or the Enterprise Auditor server for Local Mode scans (to get a high integrity token) +- Group membership in the NetApp SVM's Power Users group (to enumerate shares) + + - Use the following command to add the Service Account to BUILTIN\Power Users: + + ``` + cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Power Users" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] + ``` + +- Group membership in the NetApp SVM's Backup Operators group (to bypass NTFS permissions) + + - NetApp SVM's SeBackupPrivilege needs to be applied to this group + - This group must have read-only access to the SVM's C$ share + - Use the following command to add the Service Account to BUILTIN\Backup Operators: + + ``` + cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Backup Operators" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] + ``` + +If an ACE does not already exist for a specific user/group on an SVM's c$ share, then it needs to be +added with the desired rights (No_access, Read, Change, or Full_Control). To check the current ACE +for a user or group on each SVM's c$ share, the following ONTAP CLI command should be used at the +cluster management level. + +``` +vserver cifs share access-control show -share c$ +``` + +The output will list each SVM's ACL for its c$ share. For example: + +![ONTAP CLI Command Output Example](/img/product_docs/accessanalyzer/11.6/config/netappcmode/accesscifsmethod2.webp) + +If the desired ACE does not exist on an SVM's c$ share, then one can be created with the following +command: + +``` +vserver cifs share access-control create -share c$ -user-or-group [USER_OR_GROUP_NAME] -permission Read -vserver [SVM_NAME] +``` + +If an existing ACE needs to be modified, the following command should be used: + +**CAUTION:** The following command will overwrite an existing ACE. For example, it is possible to +downgrade a user with Full_Control to Read, or vice versa. + +``` +vserver cifs share access-control modify -share c$ -user-or-group [USER_OR_GROUP_NAME] -permission Read -vserver [SVM_NAME] +``` + +**NOTE:** If users would prefer to avoid permissioning C$, then there is an alternative. Users can +instead give the SVM's Backup Operators group read-only access to each share to be scanned. + +In order to utilize Enterprise Auditor’s LAT Preservation (Last Access Time) feature during +sensitive data scans and metadata tag collection, applying ONTAP’s SeRestorePrivilege to the service +account is also required. + +As an alternative to membership in BUILTIN\Backup Operators, SeBackupPrivilege can be directly +applied to a user via the NetApp command line. + +The following commands can be used to grant these permissions to the service account to be used for +scanning by Enterprise Auditor. + +Use the following commands to add SeBackupPrivilege to the Service Account (or a BUILTIN Group): + +``` +cifs users-and-groups privilege add-privilege ‑user-or-group-name [USER_OR_GROUP_NAME] ‑privileges SeBackupPrivilege ‑vserver [SVM_NAME] +``` + +Use the following commands to add the Service Account to BUILTIN\Power Users: + +``` +cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Power Users" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] +``` + +Use the following commands to add the Service Account to BUILTIN\Backup Operators: + +``` +cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Backup Operators" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] +``` + +Use the following commands to verify the results from the previous commands: + +``` +cifs users-and-groups privilege show ‑vserver [SVM_NAME] ‑user-or-group-name [USER_OR_GROUP_NAME] +``` + +Use the following commands to give the Service Account Read-only Access to NetApp SVM's c$ Share: + +``` +cifs share access-control create ‑vserver [SVM_NAME] ‑share c$ ‑user-or-group [USER_OR_GROUP_NAME] ‑permission Read +``` + +**NOTE:** In the previous command, "create" needs to be replaced with "modify" if the CIFS share ACE +already exists for the share/user combination. + +Use the following commands to verify the results from the previous command: + +``` +cifs share access-control show ‑vserver [SVM_NAME] ‑share c$ +``` + +## NFSv3 Credential Configuration + +The following is a list of example commands that can be used to configure a NetApp export policy to +scan a volume via NFSv3 using the Enterprise Auditor File System Solution. + +**CAUTION:** The export policy for a volume's parent (ex. the SVM's root volume), or the export +policy for a qtree's parent, must have access rights that are equal or wider in scope to the export +policy for the target volume/qtree. If Enterprise Auditor cannot access all segments of a target +volume/qtree's junction path, then NFS access will be denied. + +Use the following command to create an export policy: + +``` +vserver export-policy create ‑vserver [SVM_NAME] ‑policyname [EXPORT_POLICY_NAME] +``` + +Example: + +``` +vserver export-policy create ‑vserver testserver ‑policyname testNFS +``` + +Use the following command to add a rule to the previous export policy, using the nfsv3, auth_sys +(aka auth_unix), and superuser properties: + +``` +vserver export-policy rule create ‑vserver [SVM_NAME] ‑policyname [EXPORT_POLICY_NAME] ‑clientmatch [IP_CIDR_NOTATION] ‑rorule sys ‑rwrule sys ‑superuser sys -protocol nfs3 +``` + +Example: + +``` +vserver export-policy rule create ‑vserver testserver ‑policyname testNFS ‑clientmatch 0.0.0.0/0 ‑rorule sys ‑rwrule sys ‑superuser sys -protocol nfs3 +``` + +Use the following command to show each volume’s export policy: + +``` +volume show ‑vserver [SVM_NAME] ‑fields policy +``` + +Example: + +``` +volume show ‑vserver testserver ‑fields policy +``` + +Use the following command to change a volume’s export policy: + +``` +volume modify ‑vserver [SVM_NAME] ‑volume [VOLUME_NAME] ‑policy [EXPORT_POLICY_NAME] +``` + +Example: + +``` +volume modify ‑vserver testserver ‑volume testVolume ‑policy testNFS +``` + +### Troubleshooting NFSv3 Export Access + +If Enterprise Auditoris not discovering the expected NFS export, it is possible that the export +policy is not properly configured to allow the Enterprise Auditor server or proxy server IP Address +to mount the NFS export. One step in troubleshooting this issue is to confirm a Unix client (or WSL +for Windows) in the same IP range as the Enterprise Auditor server or proxy server can mount the NFS +export. + +Run the following command from a Unix host to verify the NFS mount is available: + +``` +showmount ‑e [NFS_HOSTNAME_OR_IP] +``` + +If the NFS export is returned as a result of the previous command, then Enterprise Auditor should +also be able to mount it. If not, it may be necessary to run the following command on the NetApp SVM +to get the NFS export to be returned by the `showmount` command: + +``` +vserver nfs modify ‑vserver [SVM_NAME] ‑showmount enabled +``` diff --git a/docs/accessanalyzer/11.6/config/netappcmode/activity.md b/docs/accessanalyzer/11.6/config/netappcmode/activity.md new file mode 100644 index 0000000000..4d5fdbaa52 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netappcmode/activity.md @@ -0,0 +1,200 @@ +# NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration + +The Activity Monitor agent employed to monitor NetApp leverages NetApp ONTAP API, and the NetApp +FPolicy framework to monitor file system events. This includes both NetApp 7-Mode and Cluster-Mode +configurations. For more information about FPolicy read the +[What are the two parts of the FPolicy solution ](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-54FE1A84-6CF0-447E-9AAE-F43B61CA2138.html) +article. + +Activity Monitor requires two communication channels for ONTAP monitoring: + +1. Activity Monitor Agent connects to ONTAP on port 80 or 443 for access to ONTAP API (ONTAPI/ZAPI + or REST API). +2. Data LIFs of the SVM connect to Activity Monitor Agent on port 9999 for FPolicy notifications. + +The ONTAP API access is mandatory; without the API access the agent will not be able to receive and +translate events from FPolicy. Both classic ONTAPI/ZAPI and the new REST API are supported. The +agent uses the API to retrieve information about the storage virtual machines (SVM): CIFS settings, +list of volumes, list of LIFs. Depending on the configuration, the agent can also retrieve the state +of FPolicy to ensure it is enabled; configure FPolicy and register or unregister itself. + +The FPolicy framework enables the collection of audit events on the ONTAP side and their transfer to +the agent(s) via the designated Data LIFs. Each LIF establishes its own connection with one or +several agents and sends notifications as soon as the file transaction occurs. The FPolicy +connection is asynchronous and buffered; both ONTAP and Activity Monitor have techniques in place to +make sure that connections are alive and working. The connection can be secured using TLS with +server or mutual authentication. + +FPolicy may have a significant impact on file system throughput, and it is always a best practice to +monitor performance when enabling FPolicy. + +**_RECOMMENDED:_** Create a tailored FPolicy which only collects the desired activity from the +environment to limit the scope and impact. + +For scale-out and fault tolerance purposes, the product supports a range of deployment options. A +single agent can receive events from multiple SVMs. Or events from a single SVM can be distributed +among multiple agents. Or a set of SVMs can distribute events among a set of agents. The choice +depends on the fault tolerance requirements and the expected event flow. As a rule of thumb, the +_average_ load on a single agent should not exceed 5000 events per second. + +Configuration Checklist + +Complete the following checklist prior to configuring the activity monitoring of NetApp Data ONTAP +Cluster-Mode devices. Instructions for each item of the checklist are detailed within the following +sections. + +Checklist Item 1: Plan Deployment + +- Gather the following information: + + - Names of the SVM(s) to be monitored + + - FPolicy is configured for each SVM separately + - This should be the SVM(s) hosting the CIFS or NFS shares(s) to be monitored + + - Credentials to access ONTAP to provision a role and account. + - Desired functionality level: + + - _Manual_. A user configures FPolicy manually and ensures it stays enabled. + - _Enable and Connect FPolicy_. The product ensures that FPolicy stays enabled and connected + all the time. RECOMMENDED. + - _Configure FPolicy_. The product configures FPolicy automatically and ensures it stays + enabled and connected all the time. RECOMMENDED. + + - Volumes or shares on each SVM to be monitored + + - Limiting the FPolicy to select volumes or shares is an effective way to limit the + performance impact of FPolicy + + - Successful/failed file operations to be monitored + + - Limiting the FPolicy to specific file operations is an effective way to limit the + performance impact of FPolicy + + - IP Address of the server(s) where the Activity Monitor Agent is deployed + - API enabled in ONTAP: the classic ONTAPI/ZAPI or the new REST API + + - The product supports the REST API for ONTAP 9.13.1 and above. + + - Encryption and Authentication protocol for FPolicy connection + + - No Authentication (default) + - TLS, server authentication (the SVM authenticates the agent) + - TLS, mutual authentication (both the SVM and the agent authenticate each other) + +Checklist Item 2: +[Provision ONTAP Account](/docs/accessanalyzer/11.6/config/netappcmode/provisionactivity.md) + +- Permission names depend on the API used, ONTAPI/ZAPI or REST API. +- The case of domain and username created during the account provisioning process must match exactly + to the credentials provided to the activity agent for authentication to work. +- The credential associated with the FPolicy used to monitor activity must be provisioned with + access to (at minimum) the following CLI or API commands, according to the level of collection + desired: + + - Manual, Collect Activity Events Only (Least Privilege) + + - ONTAPI/ZAPI + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + + - REST API + + - `/api/cluster` – Readonly access + - `/api/protocols/cifs/services` – Readonly access + - `/api/storage/volumes` – Readonly access + - `/api/svm/svms` – Readonly access + + - Employ the “Enable and connect FPolicy” Option (Less Privilege) – RECOMMENDED + + - ONTAPI/ZAPI + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + - `network interface` – Readonly access + - `vserver fpolicy disable` – All access + - `vserver fpolicy enable` – All access + - `vserver fpolicy engine-connect` – All access + + - REST API + + - `/api/cluster` – Readonly access + - `/api/protocols/cifs/services` – Readonly access + - `/api/storage/volumes` – Readonly access + - `/api/svm/svms` – Readonly access + - `/api/network/ip/interfaces` – Readonly access + - `/api/protocols/fpolicy` – All access + + - Employ the “Configure FPolicy” Option (Automatic Configuration of FPolicy) – RECOMMENDED + + - ONTAPI/ZAPI + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + - `network interface` – Readonly access + - `vserver fpolicy` – All access + - `security certificate install` – All access (only if FPolicy uses a TLS connection) + + - REST API + + - `/api/cluster` – Readonly access + - `/api/protocols/cifs/services` – Readonly access + - `/api/storage/volumes` – Readonly access + - `/api/svm/svms` – Readonly access + - `/api/network/ip/interfaces` – Readonly access + - `/api/protocols/fpolicy` – All access + - `/api/security/certificates` – All access (only if FPolicy uses a TLS connection) + + - Enterprise Auditor Integration requires the addition of the following CLI command: + + - `security login role show-ontapi` – Readonly access + +Checklist Item 3: +[Configure Network](/docs/accessanalyzer/11.6/config/netappcmode/configurefirewall.md) + +- Agent must be able to connect to ONTAP API via a management LIF on ports HTTP (80) or HTTPS (443) + + - NetApp firewall policy may need to be modified. + - LIF's service policy may need to be modified to include `management-https` or + `management-http` services. + - Either of these ports is required. Activity Monitor requires ONTAP API access. + +- ONTAP cluster nodes, which serve the SVM, must be able to connect to the agent on port 9999. + + - LIFs' service policy may need to be modified to include `data-fpolicy-client` service. + - Each data serving node should have its own LIF with the `data-fpolicy-client` service. + - The default port 9999 can be changed in the agent's settings. + +Checklist Item 4: +[Configure FPolicy](/docs/accessanalyzer/11.6/config/netappcmode/configurefpolicy.md) + +- Remember: all FPolicy objects and SVM names are case sensitive. +- FPolicy must be configured for each SVM to be monitored. +- If using TLS, … authentication options, generate needed certificates and PEM files +- Select method: + + - Configure FPolicy Manually – If you want to exclude certain volumes or shares; a tailored + FPolicy decreases the impact on NetApp. + + - Required when the FPolicy account is provisioned for either Least Privileged or Less + Privilege permission model + - If using TLS, … authentication options, set authentication + + - Allow the Activity Monitor to create an FPolicy automatically + + - If using TLS, … authentication options, set authentication + - This option is enabled using the **Configure FPolicy. Create or modify FPolicy objects if + needed** checkbox for each monitored SVM. + - It monitors file system activity on all volumes and shares of the SVM. + - FPolicy configuration is automatically updated to reflect the Activity Monitor + configuration. + - Requires a Privileged Access credential be provided. + +Checklist Item 5: Activity Monitor Configuration + +- Deploy the Activity Monitor Agent to a Windows server. +- Configure the Agent to monitor the SVM. diff --git a/docs/accessanalyzer/11.6/config/netappcmode/configureemptyfpolicy.md b/docs/accessanalyzer/11.6/config/netappcmode/configureemptyfpolicy.md new file mode 100644 index 0000000000..ca35193ab4 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netappcmode/configureemptyfpolicy.md @@ -0,0 +1,382 @@ +# Configure Empty FPolicy + +The credential used to just run Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing +scans requires access to the specified API calls as well as association to an FPolicy. Therefore, it +is necessary to: + +- [Create Security Role for FSAA Scans](#create-security-role-for-fsaa-scans) +- [Create Security Login for FSAA Scans](#create-security-login-for-fsaa-scans) +- [Create External Engine for Empty FPolicy](#create-external-engine-for-empty-fpolicy) +- [Create FPolicy Event for Empty FPolicy](#create-fpolicy-event-for-empty-fpolicy) +- [Create Empty FPolicy Policy](#create-empty-fpolicy-policy) +- [Create Empty FPolicy Scope](#create-empty-fpolicy-scope) +- [Enable the Empty FPolicy](#enable-the-empty-fpolicy) + +**NOTE:** The commands in the following sections have been verified for NetApp Data ONTAP 9.6+. +Users of older versions should consult the NetApp documentation to find the appropriate syntax. + +## Create Security Role for FSAA Scans + +This section provides instructions for creating an access-control role. An access-control role +consists of a role name and a command to which the role has access. It optionally includes an access +level (none, read-only, or all) and a query that applies to the specified command or command +directory. The following commands need to be run to create the security role. + +Use the following command to provision read-only access to Version\* commands: + +``` +security login role create ‑role [ROLE_NAME] ‑cmddirname "version" ‑access readonly ‑query "" ‑vserver [SVM_NAME] +``` + +Example: + +``` +security login role create ‑role enterpriseauditor ‑cmddirname "version" ‑access readonly ‑query "" ‑vserver testserver +``` + +Use the following command to provision read-only access to Volume\* commands: + +``` +security login role create ‑role [ROLE_NAME] ‑cmddirname "volume" ‑access readonly ‑query "" ‑vserver [SVM_NAME] +``` + +Example: + +``` +security login role create ‑role enterpriseauditor ‑cmddirname "volume" ‑access readonly ‑query "" ‑vserver testserver +``` + +Use the following command to provision read-only access to SVM\* commands: + +``` +security login role create ‑role [ROLE_NAME] ‑cmddirname "vserver" ‑access readonly ‑query "" ‑vserver [SVM_NAME] +``` + +Example: + +``` +security login role create ‑role enterpriseauditor ‑cmddirname "vserver" ‑access readonly ‑query "" ‑vserver testserver +``` + +Use the following command to provision read-only access to security login role show-ontapi commands: + +``` +security login role create ‑role [ROLE_NAME] ‑cmddirname "security login role show-ontapi" ‑access readonly ‑query "" ‑vserver [SVM_NAME] +``` + +Example: + +``` +security login role create ‑role enterpriseauditor ‑cmddirname "security login role show-ontapi" ‑access readonly ‑query "" ‑vserver testserver +``` + +Before creating the Security Login, validate this configuration. + +### Validate Security Role Configuration + +Run the following command to validate the security role configuration: + +``` +security login role show [ROLE_NAME] +``` + +Example: + +``` +security login role show enterpriseauditor +``` + +Relevant NetApp Documentation: To learn more about creating security login roles, please visit the +NetApp website and read the +[security login role create](https://library.netapp.com/ecmdocs/ECMP1196817/html/security/login/role/create.html) +article. + +## Create Security Login for FSAA Scans + +Once the access control role has been created, apply it to a domain account. + +**CAUTION:** + +- The SVM used in the following command must be the same SVM used when creating the role. See the + [Create Security Role for FSAA Scans](#create-security-role-for-fsaa-scans) topic for additional + information. + + **CAUTION:** Cluster-Mode is case sensitive. + +- It is recommended to use lowercase for both domain and username. The case of domain and username + created during the account provisioning process must match exactly to the credentials provided to + the Enterprise Auditor for authentication to work. + +Use the following command to create the security login for the security role: + +``` +security login create ‑user-or-group-name [DOMAIN\DOMAINUSER] ‑application ontapi ‑authentication‑method domain ‑role [ROLE_NAME] ‑vserver [SVM_NAME] +``` + +Example: + +``` +security login create ‑user-or-group-name example\user1 ‑application ontapi ‑authentication‑method domain ‑role enterpriseauditor ‑vserver testserver +``` + +Before creating the External Engine, validate this security login. + +### Validate Security Login Creation + +Run the following command to validate security login: + +``` +security login show [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +security login show example\user1 +``` + +Verify that the output is displayed as follows: + +![validatesecuritylogincreation](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatesecuritylogincreation.webp) + +Relevant NetApp Documentation: To learn more about creating security logins, please visit the NetApp +website and read the +[security login create](https://library.netapp.com/ecmdocs/ECMP12452955/html/security/login/create.html) +article. + +## Create External Engine for Empty FPolicy + +The External Engine defines how FPolicy makes and manages connections to external FPolicy servers. + +IMPORTANT: + +- The `-primary-servers` must be the server from which the StealthAUDIT scans will be executed: + + - StealthAUDIT Console server for local mode + - proxy server if running in any of the proxy mode options + +- The following values are required: + + - `engine-name StealthAUDITEngine` + - `port 9999` + + - Port number can be customized, but it is recommended to use 9999. + + - `extern-engine-type asynchronous` + - `ssl-option no-auth` + +**CAUTION:** Cluster-Mode is case sensitive. + +Use the following command to create the external engine: + +``` +vserver fpolicy policy external-engine create ‑vserver [SVM_NAME] ‑engine-name StealthAUDITEngine ‑primary-servers [IP_ADDRESS,…] ‑port 9999 ‑extern-engine-type asynchronous ‑ssl-option no-auth +``` + +Example: + +``` +vserver fpolicy policy external-engine create ‑vserver testserver ‑engine-name StealthAUDITEngine ‑primary-servers 192.168.30.15 ‑port 9999 ‑extern-engine-type asynchronous ‑ssl-option no-auth +``` + +Before creating the FPolicy Event, validate this external engine was created. + +### Validate External Engine Creation + +Run the following command to validate the creation of the external engine: + +``` +fpolicy policy external-engine show ‑instance +``` + +Verify that the output is displayed as follows: + +![validateexternalenginecreation](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validateexternalenginecreation.webp) + +Relevant NetApp Documentation: To learn more about creating an external engine, please visit the +NetApp website and read the +[vserver fpolicy policy external-engine create](https://library.netapp.com/ecmdocs/ECMP1366832/html/vserver/fpolicy/policy/external-engine/create.html) +article. + +## Create FPolicy Event for Empty FPolicy + +An event defines which protocol and which file operations are associated with the FPolicy. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares. +- The following values are required: + + - `event-name StealthAUDITScreening` + - `volume-operation true` + +**CAUTION:** Cluster-Mode is case sensitive. + +Use the following command to create the FPolicy event: + +``` +vserver fpolicy policy event create ‑vserver [SVM_NAME] ‑event-name StealthAUDITScreening ‑volume-operation true ‑protocol [PROTOCOL] ‑file-operations "" +``` + +Example: + +``` +vserver fpolicy policy event create ‑vserver testserver ‑event-name StealthAUDITScreening ‑volume-operation true ‑protocol cifs ‑file-operations "" +``` + +Before creating the FPolicy Policy, validate this FPolicy Event was created. + +### Validate FPolicy Event Creation + +Run the following command to validate the creation of the FPolicy event: + +``` +fpolicy policy event show ‑event-name StealthAUDITScreening‑instance +``` + +Verify that the output is displayed as follows: + +![validatefpolciyeventcreation](/img/product_docs/accessanalyzer/11.6/config/netappcmode/validatefpolciyeventcreation.webp) + +Relevant NetApp Documentation: To learn more about creating an event, please visit the NetApp +website and read the +[vserver fpolicy policy event create](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/policy/event/create.html) +article. + +## Create Empty FPolicy Policy + +The FPolicy policy associates the other three FPolicy components and allows for the designation of a +privileged FPolicy user, or the account granted Security Login. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares. +- The External Engine and FPolicy Event used in this command must be the External Engine and the + FPolicy Event created for this purpose. See the + [Create External Engine for Empty FPolicy](#create-external-engine-for-empty-fpolicy) and + [Create FPolicy Event for Empty FPolicy](#create-fpolicy-event-for-empty-fpolicy) sections for + additional information. +- The following values are required: + + - `privileged-user-name` must be the account granted Security Login. See the + [Create Security Login for FSAA Scans](#create-security-login-for-fsaa-scans) topic for + additional information. + - `policy-name StealthAUDIT` + +**CAUTION:** Cluster-Mode is case sensitive. + +Use the following command to create the FPolicy policy: + +``` +vserver fpolicy policy create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑events StealthAUDITScreening ‑engine StealthAUDITEngine ‑is-mandatory false ‑allow-privileged-access yes ‑privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create ‑vserver testserver ‑policy-name StealthAUDIT ‑events StealthAUDITScreening ‑engine StealthAUDITEngine ‑is-mandatory false ‑allow-privileged-access yes ‑privileged-user-name example\user1 +``` + +Before creating the FPolicy Scope, validate this FPolicy Policy was created. + +### Validate FPolicy Policy Creation + +Run the following command to validate the creation of the FPolicy policy: + +``` +fpolicy policy show ‑instance +``` + +![validatefpolicypolicycreation](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicypolicycreation.webp) + +Relevant NetApp Documentation: To learn more about creating a policy, please visit the NetApp +website and read the +[vserver fpolicy policy create](https://library.netapp.com/ecmdocs/ECMP1366832/html/vserver/fpolicy/policy/create.html) +article. + +## Create Empty FPolicy Scope + +The FPolicy scope creates the filters necessary to perform scans on specific shares or volumes. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS shares. +- It is not necessary to specify both volumes and shares. One or the other is sufficient. + +Use the following command to create the FPolicy scope by volume(s): + +``` +vserver fpolicy policy scope create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑volumes-to-include +``` + +Example: + +``` +vserver fpolicy policy scope create ‑vserver testserver ‑policy-name StealthAUDIT ‑volumes-to-include +``` + +Use the following command to create the FPolicy scope by share(s): + +``` +vserver fpolicy policy scope create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑shares-to-include +``` + +Example: + +``` +vserver fpolicy policy scope create ‑vserver testserver ‑policy-name StealthAUDIT ‑shares-to-include +``` + +Before enabling the FPolicy, validate this FPolicy Scope was created. + +### Validate FPolicy Scope Creation + +Run the following command to validate the FPolicy scope creation: + +``` +fpolicy policy scope show ‑instance +``` + +![validatefpolicyscopecreation](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicyscopecreation.webp) + +Relevant NetApp Documentation: To learn more about creating scope, please visit the NetApp website +and read the +[vserver fpolicy policy scope create](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/policy/scope/create.html) +article. + +## Enable the Empty FPolicy + +Once the empty FPolicy has been created, it must be enabled. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares. + +Use the following command to enable the FPolicy: + +``` +vserver fpolicy enable ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑sequence-number [INTEGER] +``` + +Example: + +``` +vserver fpolicy enable ‑vserver testserver ‑policy-name StealthAUDIT ‑sequence-number 10 +``` + +Validate this FPolicy was enabled. + +### Validate FPolicy Enabled + +Run the following command to validate the FPolicy scope creation: + +``` +vserver fpolicy show +``` + +![validatefpolicyenabled](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicyenabled.webp) + +Relevant NetApp Documentation: To learn more about enabling a policy, please visit the NetApp +website and read the +[vserver fpolicy enable](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/enable.html) +article. diff --git a/docs/accessanalyzer/11.6/config/netappcmode/configurefirewall.md b/docs/accessanalyzer/11.6/config/netappcmode/configurefirewall.md new file mode 100644 index 0000000000..a6bb2a962c --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netappcmode/configurefirewall.md @@ -0,0 +1,185 @@ +# Configure Network + +Activity Monitor requires two communication channels for ONTAP monitoring: + +1. ONTAP API – Activity Monitor Agent connects to ONTAP on port 80 (http) or 443 (https) for access + to ONTAP API (ONTAPI/ZAPI or REST API). +2. FPolicy – Data LIFs of the SVM connect to Activity Monitor Agent on port 9999 for FPolicy + notifications. + +The following sections discuss network configuration required to enable API and FPolicy +communication. + +## ONTAP API + +The ONTAP API access is mandatory; without the API access the agent will not be able to receive and +translate events from FPolicy. The agent uses the API to retrieve information about the SVM: CIFS +settings, list of volumes, list of LIFs. Depending on the configuration, the agent can also retrieve +the state of FPolicy to ensure it is enabled; configure FPolicy and register or unregister itself. + +The API access is needed either through the SVM's LIF or through the cluster management LIF with +_vserver tunneling_ feature. If you want to use the vserver tunneling feature, specify the cluster +management LIF's address in the "Management LIF" parameter in the host's settings in the Activity +Monitor. + +Both classic ONTAPI/ZAPI and the new REST API are supported. Starting with ONTAP 9.13.1, the product +uses REST API by default if it is available. HTTP and HTTPS protocols are supported. For HTTPS, two +modes are supported: strict and ignore errors. For the strict mode, the product allows you to +disable the host name validation in case the agent cannot resolve the FQDN of the LIF. + +Enabling the API access varies depending on ONTAP version. The following sections list common steps +on enabling the API access. Please refer to the NetApp documentation for more details. + +### Management-http Service + +Starting with ONTAP 9.6, data LIFs used for HTTPS communication with the Activity Monitor are +required to use a service policy that includes the `management-https` service. This service enables +HTTPS access to the LIF. + +The following examples offer guidance for managing service policies, but may vary depending on the +NetApp environment’s specific configuration and needs. + +**Step 1** – Display LIFs of the SVM. Take note of the _service policy_ name used by the LIF you +want to be used for API access. + +``` +network interface show -vserver [SVM] -instance +``` + +**Step 2** – Check the services included in the SVM service policy + +``` +network interface service-policy show -policy [POLICY_NAME] +``` + +**Step 3** – Add the `management-https` service if it is missing + +``` +set -privilege advanced +network interface service-policy add-service -service management-https -policy [POLICY_NAME] -vserver [SVM] +``` + +Example: + +``` +set -privilege advanced +network interface service-policy add-service -service management-https -policy default-data-files -vserver testserver +``` + +### Firewall Policy + +For ONTAP 9.5 and older, the following commands can be used to either create a new firewall policy +or modify an existing policy if ONTAPI is blocked. + +#### Create New Firewall HTTP Policy + +Use the following commands with the Cluster Management LIF to create a new firewall HTTP policy: + +``` +system services firewall policy clone ‑policy data ‑vserver [ADMIN_SVM_NAME] ‑destination-policy [FIREWALL_POLICY_NAME] ‑destination-vserver [SVM_NAME] +system services firewall policy create ‑vserver [SVM_NAME] ‑policy [FIREWALL_POLICY_NAME] ‑service http ‑allow-list [IP_ADDRESS]/[NETMASK], [IP_ADDRESS]/[NETMASK] +``` + +Example: + +``` +system services firewall policy clone ‑policy data ‑vserver myontap ‑destination-policy enterpriseauditorfirewall ‑destination-vserver testserver +system services firewall policy create ‑vserver testserver ‑policy enterpriseauditorfirewall ‑service http ‑allow-list 192.168.30.15/32 +``` + +#### Create New Firewall HTTPS Policy + +Use the following commands with the Cluster Management LIF to create a new firewall HTTPS policy: + +``` +system services firewall policy clone ‑policy data ‑vserver [ADMIN_SVM_NAME] ‑destination-policy [FIREWALL_POLICY_NAME] ‑destination-vserver [SVM_NAME] +system services firewall policy create ‑vserver [SVM_NAME] ‑policy [FIREWALL_POLICY_NAME] ‑service https ‑allow-list [IP_ADDRESS]/[NETMASK], [IP_ADDRESS]/[NETMASK] +``` + +Example: + +``` +system services firewall policy clone ‑policy data ‑vserver myontap ‑destination-policy enterpriseauditorfirewall ‑destination-vserver testserver +system services firewall policy create ‑vserver testserver ‑policy enterpriseauditorfirewall ‑service https ‑allow-list 192.168.30.15/32 +``` + +#### Apply Firewall Policy to SVM Data LIF + +Use the following command to modify an existing firewall policy: + +``` +network interface modify ‑vserver [SVM_NAME] ‑lif [DATA LIF NAME] ‑firewall-policy [FIREWALL_POLICY_NAME] +``` + +Example: + +``` +network interface modify ‑vserver testserver ‑lif datal ‑firewall-policy enterpriseauditorfirewall +``` + +For more information about creating a firewall policy and assigning it to a LIF, read the +[Configure firewall policies for LIFs](https://docs.netapp.com/us-en/ontap/networking/configure_firewall_policies_for_lifs.html)[ ](https://docs.netapp.com/us-en/ontap/networking/configure_firewall_policies_for_lifs.html) +article. + +#### Validate Firewall Policy + +Run the following command to validate the firewall policy: + +``` +system services firewall policy show ‑policy [FIREWALL_POLICY_NAME] ‑service [HTTP_HTTPS] +``` + +Example: + +``` +system services firewall policy show ‑policy enterpriseauditorfirewall ‑service http +``` + +Verify that the output is displayed as follows: + +![validatefirewall](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefirewall.webp) + +## FPolicy + +The FPolicy framework enables the collection of audit events on the ONTAP side and their transfer to +the agent(s) via the designated Data LIFs. Each LIF establishes its own connection with one or +several agents and sends notifications as soon as the file transaction occurs. The FPolicy +connection is asynchronous and buffered; both ONTAP and Activity Monitor have techniques in place to +make sure that connections are alive and working. The connection can be secured using TLS with +server or mutual authentication. + +ONTAP cluster nodes connect to the agent on port 9999 by default. The port can be changed in the +agent's settings. The agent adds this port to Windows Firewall exclusions automatically. Please +ensure the port is not blocked by other firewalls between ONTAP and the agent. + +### Data-fpolicy-client Service + +Starting with ONTAP 9.8, each data LIF of the SVM must have the **data-fpolicy-client** service +included in its service-policy configuration. This service enables the FPolicy protocol for the LIF. +Use the following commands to ensure that the service is included. + +**Step 1** – Display LIFs of the SVM. Take note of the _service policy_ name used by the data LIFs. + +``` +network interface show -vserver [SVM] -instance +``` + +**Step 2** – Check the services included in the SVM service policy + +``` +network interface service-policy show -policy [POLICY_NAME] +``` + +**Step 3** – Add the **data-fpolicy-client** service if it is missing + +``` +set -privilege advanced +network interface service-policy add-service -service data-fpolicy-client -policy [POLICY_NAME] -vserver [SVM] +``` + +Example: + +``` +set -privilege advanced +network interface service-policy add-service -service data-fpolicy-client -policy default-data-files -vserver testserver +``` diff --git a/docs/accessanalyzer/11.6/config/netappcmode/configurefpolicy.md b/docs/accessanalyzer/11.6/config/netappcmode/configurefpolicy.md new file mode 100644 index 0000000000..676aefe899 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netappcmode/configurefpolicy.md @@ -0,0 +1,689 @@ +# Configure FPolicy + +Activity Monitor relies on the NetApp FPolicy framework for monitoring of file access events on +SVMs. FPolicy needs to be configured for each SVM. + +There are two ways to configure FPolicy: + +- Activity Monitor agent can facilitate the + [Automatic Configuration of FPolicy](#automatic-configuration-of-fpolicy) for the monitored SVM + using the ONTAP API. This mode is simple, but does not allow you to exclude certain volumes or + shares of the SVM from being monitored. It also requires additional permissions to create and + modify FPolicy. +- Another option is to [Manually Configure FPolicy](#manually-configure-fpolicy) for each SVM. This + mode allows you to fine tune FPolicy by excluding certain volumes or shares from being monitored. + It also reduces product permissions. + +Regardless of the chosen approach for FPolicy configuration, one also needs to perform extra steps +if the FPolicy communication has to be secured with TLS. + +## TLS Authentication Options + +There are two TLS FPolicy Authentication options that can be used: + +- TLS, server authentication – Server only authentication + + - A certificate (Server Certificate) for the Agent server needs to be generated and copied to a + PEM file. The Server Certificate PEM file needs to be saved locally on the Activity Monitor + Console server. + - For manual FPolicy configuration, the Server Certificate needs to be installed on the SVM, and + then server-authentication set. + - For automatic FPolicy configuration, the Activity Monitor manages installation of the Server + Certificate. + +- TLS, mutual authentication – Mutual authentication + + - A certificate (Server Certificate) for the Agent server needs to be generated and copied to a + PEM file. The Server Certificate PEM file needs to be saved locally on the Activity Monitor + Console server. + - A certificate (Client Certificate) for the SVM needs to be copied to a PEM file and saved + locally on the Activity Monitor Console server. + - For manual FPolicy configuration, the Server Certificate needs to be installed on the SVM and + then mutual-authentication set. + - For automatic FPolicy configuration, mutual-authentication set before the configuration + process. The Activity Monitor manages installation of both certificates. + +### Generate Server Certificate + +A certificate (Server Certificate) for the Agent server needs to be generated and copied to a PEM +file. This is required for both of the TLS authentication options. + +The PEM file must contain both Public Key and Private Key parts. A certificate may be self-signed or +issued by a certification authority. Below are the steps for generation of a self-signed certificate +using OpenSSL toolkit. + +Use the following command on the agent server to create the Server Certificate and copy it to a .pem +file: + +``` +openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=[ACTIVITY_AGENT_SERVER_NAME]"  +copy cert.pem+key.pem [CERTIFICATE_FILE_NAME.pem] +del cert.pem key.pem .rnd +``` + +Example: + +``` +openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=testagentserver"  +copy cert.pem+key.pem agentkey.pem +del cert.pem key.pem .rnd +``` + +openssl.exe req x509 newkey rsa:2048 keyout key.pem out cert.pem days 365 nodes subj +"/CN=testagentserver" + +copy cert.pem+key.pem agentkey.pem + +del cert.pem key.pem .rnd + +In this example ` agentkey.pem` would be used as the Server Certificate. Save the Server Certificate +locally on the Activity Monitor Console server. + +### Create PEM File for Client Certificate + +A certificate (Client Certificate) for the SVM needs to be copied to a PEM file. This is required +for the TLS, mutual authentication option. Follow the steps to create the PEM file for the Client +Certificate. + +**Step 1 –** On the SVM , use the following command to show the security certificate details: + +``` +security certificate show -vserver [SVM_NAME] -type server instance +``` + +Example: + +``` +security certificate show -vserver testserver -type server instance +``` + +**Step 2 –** Copy the security certificate details into a text file and copy the public key to a PEM +file. The following variables from security details will be needed to set mutual-authentication +during Part 6 of manual configuration and prior to automatic configuration: + +- SVM +- Common Name +- Certificate Serial +- Public Key Certificate + +**Step 3 –** Copy the value of Public Key Certificate field to a PEM file. The value spans multiple +lines, starts with "`----BEGIN CERTIFICATE-----`" and ends with "`-----END CERTIFICATE-----`". + +The Client Certificate PEM file has been created. + +## Manually Configure FPolicy + +This section describes how to manually configure FPolicy. Manual configuration of the FPolicy is +recommended if the policy needs to be scoped to monitor select volumes or shares. It is necessary to +create several FPolicy components and then enable the FPolicy. See the sections corresponding to +each part of this list: + +- Part 1: Install Server Certificate on the SVM (only if using TLS authentication) + + - This is only needed if using either of the TLS, … authentication options. + +- Part 2: Create External Engine + + - The External Engine defines how FPolicy makes and manages connections to external FPolicy + servers like Activity Monitor Agent. + +- Part 3: Create FPolicy Events + + - An FPolicy event defines which protocol(s) to monitor and which file access events to monitor. + +- Part 4: Create FPolicy Policy + + - The FPolicy policy associates the other three FPolicy components and allows for the + designation of a privileged FPolicy user + - If running the Access Auditing (FSAA), Activity Auditing (FSAC), and/or Sensitive Data + Discovery Auditing scans, then this is the user account credential to be added to the + Enterprise Auditor Connection Profile. + +- Part 5: Create FPolicy Scope + + - The FPolicy scope creates the filters necessary to perform scans on specific shares or + volumes. + +- Part 6: Set TLS Authentication (optional) + + - This is only needed if using either of the TLS authentication options. + +- Part 7: Enable the FPolicy + + - Once the FPolicy is enabled, the Activity Monitor Agent can be configured to monitor the SVM. + +- Part 8: Connect FPolicy Server / Agent to Cluster Node (optional) + + - This is only needed if there is an issue with connection to the Cluster node or for + troubleshooting a disconnection issue. + +### Part 1: Install Server Certificate on the SVM + +If using the TLS authentication options, it is necessary to install the Server Certificate on the +SVM. + +Use the following command to install the Server Certificate: + +``` +security certificate install type client-ca -vserver [SVM_NAME] +``` + +Example: + +``` +security certificate install type client-ca -vserver testserver +``` + +The command will ask you to provide a public certificate. Copy the public key from the Server +Certificate PEM file, i.e. the block starting with "`-----BEGIN CERTIFICATE-----`" and ending with +"`-----END CERTIFICATE-----`". Paste the block to the terminal window. + +#### Validate Part 1: Server Certificate Install + +Run the following command to validate the Server Certificate is installed: + +``` +security certificate show -vserver [SVM_NAME] -commonname [ACTIVITY_AGENT_SERVER_NAME] -type client-ca instance +``` + +Example: + +``` +security certificate show -vserver testserver -commonname testagentserver -type client-ca instance +``` + +### Part 2: Create External Engine + +The External Engine defines how FPolicy makes and manages connections to external FPolicy servers. + +IMPORTANT: + +- The `-primary-servers` must be the server hosting the Activity Monitor Agent. +- If intending to use the Activity Monitor with Enterprise Auditor, then the primary server must + also be the proxy server from which the Enterprise Auditor Access Auditing (FSAC) scans are + running, e.g. the Enterprise Auditor Console server for local mode or the proxy server if running + in any of the proxy mode options. +- The following values are required: + + - `engine-name StealthAUDITEngine`, the names of the external engine object can be customized + (see below). + - `port 9999`, Port number can be customized, but it is recommended to use 9999. + - `extern-engine-type asynchronous` + - `ssl-option no-auth` + - `send-buffer-size 6291456`, for ONTAP 9.10+ use `send-buffer-size 8388608` + +**CAUTION:** All parameters are case sensitive. + +Use the following command to create the external engine: + +``` +set -privilege advanced +vserver fpolicy policy external-engine create -vserver [SVM_NAME] -engine-name StealthAUDITEngine -primary-servers [IP_ADDRESS,…] -port 9999 -extern-engine-type asynchronous -ssl-option no-auth -send-buffer-size 6291456 +``` + +Example: + +``` +set -privilege advanced +vserver fpolicy policy external-engine create -vserver testserver -engine-name StealthAUDITEngine -primary-servers 192.168.30.15 -port 9999 -extern-engine-type asynchronous -ssl-option no-auth -send-buffer-size 6291456 +``` + +#### Validate Part 2: External Engine Creation + +Run the following command to validate the creation of the external engine: + +``` +fpolicy policy external-engine show -instance +``` + +Verify that the output is displayed as follows: + +![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validateexternalenginecreation.webp) + +Relevant NetApp Documentation: To learn more about creating an external engine, please visit the +NetApp website and read the +[vserver fpolicy policy external-engine create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-external-engine-create.html) +article. + +### Part 3: Create FPolicy Event + +An event defines which protocol to monitor and which file access events to monitor. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. +- Enterprise Auditor and the Activity Monitor are capable of monitoring both NFS and CIFS. However, + it is necessary to create separate events for each protocol. +- The following values are required: + + - `event-name` + + - For CIFS shares – ` StealthAUDITScreeningCifs` for successful events; + `StealthAUDITScreeningFailedCifs` for failed events. + - For NFS shares – `StealthAUDITScreeningNfsV3, StealthAUDITScreeningNfsV4` for successful + events; `StealthAUDITScreeningFailedNfsV3, StealthAUDITScreeningFailedNfsV4` for failed + events. + The names of the event objects can be customized (see + [Customization of FPolicy Object Names](#customization-of-fpolicy-object-names)). + + - `volume-operation true` + - `protocol` – one of the following `cifs`, `nfsv3`, `nfsv4` + - `monitor-fileop-failure` – `true `or `false`, indicates whether failed file operations are + reported. + +- Limiting the file operations to be monitored is an excellent way to limit the performance impact + the FPolicy will have on the NetApp device. The file operations from which to choose are below + with additional filter options: + + - `create` – File create operations + - `create_dir` – Directory create operations + - `close` – File close operations + + - Enable this operation for NFSv4 to capture all read operations + + - `delete` – File delete operations + - `delete_dir` – Directory delete operations + - `link` – Link operations + - `open` – File open operations for CIFS protocol + + - `open-with-delete-intent` – Limits notification to only when an attempt is made to open a + file with the intent to delete it, according to the `FILE_DELETE_ON_CLOSE` flag + specification + + **NOTE:** File open operations are only supported with the `open-with-delete-intent` + filter applied. + + - `read` – File read operations + + - `first-read` – Limits notification to only first read operations for CIFS protocol. For + ONTAP 9.2+, this filter can be used for both CIFS and NFS protocols. + + - `rename`– File rename operations + - `rename_dir`– Directory rename operations + - `setattr` – Set attribute operations and permission changes. The following filters are + available for ONTAP 9.0+ to limit events to permission changes only: + + - CIFS: + + - `setattr-with-owner-change` + - `setattr-with-group-change` + - `setattr-with-sacl-change` + - `setattr-with-dacl-change` + + - NFSv3: + + - `setattr-with-owner-change` + - `setattr-with-group-change` + - `setattr-with-mode-change` + + - NFSv4: + + - `setattr-with-owner-change` + - `setattr-with-group-change` + - `setattr-with-mode-change` + - `setattr-with-sacl-change` + - `setattr-with-dacl-change` + + - `symlink` – Symbolic link operations + - `write` – File write operations + + - `first-write` – Limits notification to only first write operations for CIFS protocol. For + ONTAP 9.2+, this filter can be used for both CIFS and NFS protocols. + +- For failed/denied events, the list of supported file operations is limited to the following + values: + + - CIFS: `open` + - NFSv3: + `create, create_dir, read, write, delete, delete_dir, rename, rename_dir, setattr, link` + - NFSv4: + `open, create, create_dir, read, write, delete, delete_dir, rename, rename_dir, setattr, link` + +**CAUTION:** All parameters are case sensitive. + +Use the following command to create the FPolicy event for CIFS protocols: + +``` +vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningCifs -volume-operation true -protocol cifs -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] +``` + +Example: + +``` +vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningCifs -volume-operation true -protocol cifs -file-operations create,create_dir,delete,delete_dir,open,read,write,rename,rename_dir,setattr -filters first-read,first-write,open-with-delete-intent,setattr-with-owner-change,setattr-with-group-change,setattr-with-sacl-change,setattr-with-dacl-change +``` + +Use the following command to create the FPolicy event for NFSv3 protocols: + +``` +vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningNfsV3 -volume-operation true -protocol nfsv3 -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] +``` + +Example: + +``` +vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningNfsV3 -volume-operation true -protocol nfsv3 -file-operations create,create_dir,delete,delete_dir,read,write,rename,rename_dir,setattr,link,symlink -filters first-read,first-write,setattr-with-owner-change,setattr-with-group-change,setattr-with-mode-change +``` + +Use the following command to create the FPolicy event for NFSv4 protocols: + +``` +vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningNfsV4 -volume-operation true -protocol nfsv4 -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] +``` + +Example: + +``` +vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningNfsV4 -volume-operation true -protocol nfsv4 -file-operations create,create_dir,delete,delete_dir,read,write,rename,rename_dir,setattr,link,symlink,close -filters group-change,setattr-with-mode-change,setattr-with-sacl-change,setattr-with-dacl-change +``` + +#### Validate Part 3: FPolicy Event Creation + +Run the following command to validate the creation of the FPolicy event: + +``` +fpolicy policy event show -event-name [StealthAUDITScreeningCifs or StealthAUDITScreeningNfsV3 or StealthAUDITScreeningNfsV4 or ...] -instance +``` + +Example: + +``` +fpolicy policy event show -event-name StealthAUDITScreeningCifs -instance +``` + +Verify that the output is displayed as follows: + +![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/fpolicyeventcreation.webp) + +Relevant NetApp Documentation: To learn more about creating an event, please visit the NetApp +website and read the +[vserver fpolicy policy event create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-event-create.html) +article. + +### Part 4: Create FPolicy Policy + +The FPolicy policy associates the other three FPolicy components and allows for the designation of a +privileged FPolicy user, or the provisioned FPolicy account. If running the Access Auditing (FSAA), +Activity Auditing (FSAC), and/or Sensitive Data Discovery Auditing scans in Enterprise Auditor, then +this is also the user account credential to be added to the Enterprise Auditor Connection Profile. + +IMPORTANT: + +- To monitor both CIFS and NFS protocols, two FPolicy Event were created. Multiple events can be + included in the FPolicy policy. +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. +- The External Engine and FPolicy Event used in this command must be the External Engine created in + Part 2 and the FPolicy Event created in Part 3 from the previous steps. +- The following values are required: + + - `policy-name StealthAUDIT`, the name of the policy object can be customized (see + [Customization of FPolicy Object Names](#customization-of-fpolicy-object-names)). + +- The following values are required for Enterprise Auditor integration: + + - `privileged-user-name`, which must be a provisioned FPolicy account + - `allow-privileged-access yes` + +**CAUTION:** All parameters are case sensitive. + +Use the following command to create the FPolicy policy to monitor both CIFS and NFS protocols: + +``` +vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningCifs,StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningCifs,StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 +``` + +Use the following command to create the FPolicy policy to monitor only CIFS protocols: + +``` +vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningCifs -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningCifs -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 +``` + +Use the following command to create the FPolicy policy to monitor only NFS protocols: + +``` +vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 +``` + +#### Validate Part 4: FPolicy Policy Creation + +Run the following command to validate the creation of the FPolicy policy: + +``` +fpolicy policy show -instance +``` + +![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicypolicycreation.webp) + +Relevant NetApp Documentation: To learn more about creating a policy, please visit the NetApp +website and read the +[vserver fpolicy policy create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-create.html) +article. + +### Part 5: Create FPolicy Scope + +The FPolicy scope creates the filters necessary to perform scans on specific shares or volumes. It +is possible to set the scope to monitor all volumes or all shares by replacing the volume/share name +variable [SVM_NAME] in the command with an asterisk (\*). + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. +- It is not necessary to specify both volumes and shares. One or the other is sufficient. +- If you want to monitor everything, set the "`volumes-to-include`" value to "`*`". + +Use the following command to create the FPolicy scope by specifying volume(s): + +``` +vserver fpolicy policy scope create -vserver [SVM_NAME] -policy-name StealthAUDIT -volumes-to-include [VOLUME_NAME],[VOLUME_NAME] +``` + +Example: + +``` +vserver fpolicy policy scope create -vserver testserver -policy-name StealthAUDIT -volumes-to-include samplevolume1,samplevolume2 +``` + +Use the following command to create the FPolicy scope by specifying share(s): + +``` +vserver fpolicy policy scope create -vserver [SVM_NAME] -policy-name StealthAUDIT -shares-to-include [SHARE_NAME],[SHARE_NAME] +``` + +Example: + +``` +vserver fpolicy policy scope create -vserver testserver -policy-name StealthAUDIT -shares-to-include sampleshare1,sampleshare2 +``` + +#### Validate Part 5: FPolicy Scope Creation + +Run the following command to validate the FPolicy scope creation: + +``` +fpolicy policy scope show -instance +``` + +![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicyscopecreation.webp) + +Relevant NetApp Documentation: To learn more about creating scope, please visit the NetApp website +and read the +[vserver fpolicy policy scope create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-scope-create.html) +article. + +### Part 6: Set TLS Authentication + +If using the TLS authentication options, it is necessary to set authentication for the type of +authentication. + +#### Set Server-Authentication + +Use the following command to set server-authentication: + +``` +vserver fpolicy policy externalengine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option server-auth +``` + +Example: + +``` +vserver fpolicy policy externalengine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option server-auth +``` + +#### Set Mutual-Authentication + +Use the following command to set mutual-authentication: + +``` +vserver fpolicy policy external-engine modify ‑vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name [COMMON_NAME] -certificate-serial [CERTIFICATE_SERIAL] -certificate-ca [CERTIFICATE_AUTHORITY] +``` + +Example: + +``` +vserver fpolicy policy external-engine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name testserver -certificate-serial 461AC46521B31321330EBBE4321AC51D -certificate-ca "VeriSign Universal Root Certification Authority" +``` + +#### Validate Mutual-Authentication Is Set + +Run the following command to confirm mutual-authentication is set: + +``` +vserver fpolicy policy external-engine show -fields ssl-option +``` + +### Part 7: Enable the FPolicy + +The FPolicy must be enabled before the Activity Monitor Agent can be configured to monitor the SVM. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. + +Use the following command to enable the FPolicy: + +``` +vserver fpolicy enable -vserver [SVM_NAME] -policy-name StealthAUDIT -sequence-number [INTEGER] +``` + +Example: + +``` +vserver fpolicy enable -vserver testserver -policy-name StealthAUDIT -sequence-number 10 +``` + +#### Validate Part 7: FPolicy Enabled + +Run the following command to validate the FPolicy scope creation: + +``` +vserver fpolicy show +``` + +![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicyenabled.webp) + +Relevant NetApp Documentation: To learn more about enabling a policy, please visit the NetApp +website and read the +[vserver fpolicy enable](https://docs.netapp.com/us-en/ontap-cli-9121//vserver-fpolicy-enable.html) +article. + +### Part 8: Connect FPolicy Server / Agent to Cluster Node + +Manually connecting the FPolicy server (or Agent server) to the Cluster Node is only needed if there +is an issue with connection to the Cluster Node or for troubleshooting a disconnection issue. + +Use the following command to connect the `StealthAUDITEngine` that belongs to the `StealthAUDIT` +policy to all Cluster Nodes: + +``` +policy engine-connect -vserver [SVM_NAME] -policy-name StealthAUDIT -node * +``` + +Example: + +``` +policy engine-connect -vserver testserver -policy-name StealthAUDIT -node * +``` + +#### Validate Part 8: Connection to Cluster Node + +Run the following command to validate connection to the Cluster Node: + +``` +fpolicy show-engine -vserver [SVM_NAME] -policy-name StealthAUDIT -node * +``` + +![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/connectiontoclusternode.webp) + +## Automatic Configuration of FPolicy + +The Activity Monitor can automatically configure FPolicy on the targeted SVM. The FPolicy created +will monitor file system activity from all volumes and shares of the SVM. This feature can be +enabled using the **Configure FPolicy. Create or modify FPolicy objects if needed** checkbox in the +monitored host's properties in the Activity Monitor. + +If using the TLS, mutual authentication option, you will need to create the PEM file for the Client +Certification, which is needed during the monitored host configuration in the Activity Monitor. It +will also be necessary to set mutual authentication on the SVM. + +### Set TLS Mutual-Authentication + +If using the TLS, mutual authentication options, it is necessary to set authentication. + +Use the following command to set mutual-authentication: + +``` +vserver fpolicy policy external-engine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name [COMMON_NAME] -certificate-serial [CERTIFICATE_SERIAL] -certificate-ca [CERTIFICATE_AUTHORITY] +``` + +Example: + +``` +vserver fpolicy policy external-engine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name testserver -certificate-serial 461AC46521B31321330EBBE4321AC51D -certificate-ca "VeriSign Universal Root Certification Authority" +``` + +#### Validate: Mutual-Authentication + +Run the following command to confirm mutual-authentication is set: + +``` +vserver fpolicy policy external-engine show -fields ssl-option +``` + +## Customization of FPolicy Object Names + +Activity Monitor uses the following FPolicy object names by default: + +- Policy name: `StealthAUDIT` +- External Engine name: `StealthAUDITEngine` +- CIFS Event name: `StealthAUDITScreeningCifs` +- NFS v3 Event name: `StealthAUDITScreeningNfsV3` +- NFS v4 Event name: `StealthAUDITScreeningNfsV4` +- Failed CIFS Event name: `StealthAUDITScreeningFailedCifs` +- Failed NFS v3 Event name: `StealthAUDITScreeningFailedNfsV3` +- Failed NFS v4 Event name: `StealthAUDITScreeningFailedNfsV4` + +These names can be customized in the monitored host's settings in the Activity Monitor. It can be +useful in two scenarios: + +- You want the names to match the company policies; +- You want to configure FPolicy manually using your custom names, but also want to leverage the + "Enable and Connect FPolicy" feature of the Activity Monitor, so that the product ensures that + FPolicy stays enabled and connected at all times. diff --git a/docs/accessanalyzer/11.6/config/netappcmode/overview.md b/docs/accessanalyzer/11.6/config/netappcmode/overview.md new file mode 100644 index 0000000000..5081c55f4b --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netappcmode/overview.md @@ -0,0 +1,157 @@ +# NetApp Data ONTAP Cluster-Mode Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery +Auditing scans on NetApp Data ONTAP Cluster-Mode devices. The Netwrix Activity Monitor can be +configured to monitor activity on NetApp Data ONTAP Cluster-Mode devices and make the event data +available for Enterprise Auditor Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Enterprise Auditor scans must have the following permissions on the +target host: + +- For CIFS access: + + - Method 1 – Use FPolicy & ONTAP API + + - Enumerate shares by executing specific NetApp API calls + - Bypass NTFS security to read the entire folder structure to be scanned and collect + file/folder permissions + + - Method 2 – Use the c$ Share + + - Enumerate shares with standard Windows file sharing APIs. + - Bypass NTFS security to read the entire folder structure to be scanned and collect + file/folder permissions + +- For NFSv3 access: + + - IP Address of scanning server in the export policy for each volume + +These permissions grant the credential the ability to enumerate shares, access the remote registry, +and bypass NTFS security on folders. The credential used within the assigned Connection Profile for +these target hosts requires these permissions. See the +[NetApp Data ONTAP Cluster-Mode Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/netappcmode/access.md) +topic for instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of NetApp Data ONTAP Cluser-Mode Device + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +NetApp Data ONTAP Cluster-Mode Device Requirements + +An FPolicy must be configured on the target device for Activity Auditing (FSAC) scans. A tailored +FPolicy is recommended as it decreases the impact on the NetApp device. The credential associated +with the FPolicy used to monitor activity must be provisioned with access to (at minimum) the +following CLI commands, according to the level of collection desired: + +- Collect Activity Events (Least Privilege) + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + +- Employ the “Enable and connect FPolicy” Option (Less Privilege) + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + - `vserver fpolicy disable` – All access + - `vserver fpolicy enable` – All access + - `vserver fpolicy engine-connect` – All access + - `network interface` – Readonly access + +- Employ the “Configure FPolicy Option (Automatic Configuration of FPolicy) + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + - `vserver fpolicy` – All access + - `network interface` – Readonly access + +- If FPolicy uses a TLS connection, the following CLI command is also needed: + + - `security certificate install` – All access + +- StealthAUDIT Integration requires the addition of the following CLI command: + + - `security login role show-ontapi` – Readonly access + +See the +[NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/netappcmode/activity.md) +topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for NetApp Data ONTAP Cluster-Mode Device + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target NetApp Data ONTAP Cluster-Mode device: + +| Communication Direction | Protocol | Ports | Description | +| --------------------------------- | ---------------- | ----- | -------------- | +| Activity Agent Server to NetApp\* | HTTP (optional) | 80 | ONTAPI | +| Activity Agent Server to NetApp\* | HTTPS (optional) | 443 | ONTAPI | +| NetApp to Activity Agent Server | TCP | 9999 | FPolicy events | + +\*Only required if using the FPolicy Configuration and FPolicy Enable and Connect options in +Activity Monitor. + +**NOTE:** If either HTTP or HTTPS are not enabled, the FPolicy on the NetApp Data ONTAP 7-Mode +device must be configured manually. Also, the External Engine will not reconnect automatically in +the case of a server reboot or service restart. + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/netappcmode/provisionactivity.md b/docs/accessanalyzer/11.6/config/netappcmode/provisionactivity.md new file mode 100644 index 0000000000..54677d50d6 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/netappcmode/provisionactivity.md @@ -0,0 +1,371 @@ +# Provision ONTAP Account + +This topic describes the steps needed to create a user account with the privileges required to +connect the Activity Monitor Agent to ONTAP API and to execute the API calls required for activity +monitoring and configuration. + +Provisioning this account is a two part process: + +- Part 1: Create Security Role +- Part 2: Create Security Login + +## Part 1: Create Security Role + +This section provides instructions for creating an access-control role. An access-control role +consists of a role name and a set of commands or API endpoints to which the role has access. It also +includes an access level (none, read-only, or all) and a query that applies to the specified command +or API endpoint. + +The permissions needed depends on the functionality level: + +- Least Privileged: ONLY Collect Events – This is the minimal functionality level. A user manually + configures FPolicy and ensures that it stays enabled and connected. The product only collects + events. This functionality level is not recommended as it requires an additional solution that + tracks the state of FPolicy and fixes the problem should ONTAP disconnect or should the policy + become disabled. +- **_RECOMMENDED:_** Less Privileged: Enable/Connect Policy & Collect Events – With this level, the + user still performs the initial FPolicy configuration manually. The product tracks the state of + FPolicy with periodic checks to ensure it stays enabled and connected all the time. +- **_RECOMMENDED:_** Automatically Configure the FPolicy – With this full-blown level, no manual + configuration is needed. The product performs the initial FPolicy configuration; updates FPolicy + to reflect configuration changes; ensures that FPolicy stays enabled and connected all the time. + +No matter which set of permissions you provision, validate the configuration before continuing to +Part 2. See the +[Validate Part 1: Security Role Configuration](#validate-part-1-security-role-configuration) topic +for additional information. + +If the FPolicy is to be used for both the Activity Monitor and Enterprise Auditor, the account also +needs to be provisioned with an additional permission. See the +[Enterprise Auditor Integration](#enterprise-auditor-integration) topic for additional information. + +The commands to create a role and names of permissions depend on the ONTAP API used. The product +supports both the classic ONTAPI/ZAPI and the new REST API. For ONTAPI/ZAPI you need to use +`security login role create` command to create a RBAC access control role. The required commands are +listed in the `cmddirname` parameter. For REST API, use `security login rest-role create` command to +create a REST access control role. The required API endpoint is specified in the `api` parameter. +The following sections provide instructions for both API modes. + +### Least Privileged: ONLY Collect Events + +If the desire is for a least privileged model, the Activity Monitor requires the following +permissions to collect events. + +#### ONTAPI/ZAPI + +- `version` – Readonly access +- `volume` – Readonly access +- `vserver` – Readonly access + +Use the following commands to provision read-only access to all required commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME]     +``` + +Example: + +``` +security login role create -role enterpriseauditor -cmddirname "version" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditor -cmddirname "volume" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditor -cmddirname "vserver" -access readonly -query "" -vserver testserver +``` + +#### REST API + +- `/api/cluster` – Readonly access +- `/api/protocols/cifs/services` – Readonly access +- `/api/storage/volumes` – Readonly access +- `/api/svm/svms` – Readonly access + +Use the following commands to provision read-only access to all required API endpoints: + +``` +security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] +``` + +Example: + +``` +security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver +``` + +**NOTE:** If the FPolicy account is configured with these permissions, it is necessary to manually +configure the FPolicy. See the +[Configure FPolicy](/docs/accessanalyzer/11.6/config/netappcmode/configurefpolicy.md) +topic for additional information. + +### Less Privileged: Enable/Connect FPolicy & Collect Events + +If the desire is for a less privileged model, the Activity Monitor requires the following +permissions to collect events: + +#### ONTAPI/ZAPI + +- `version` – Readonly access +- `volume` – Readonly access +- `vserver` – Readonly access + + `network interface` – Readonly access + +- `vserver fpolicy disable` – All access +- `vserver fpolicy enable` – All access + + _Remember,_ this permission permits the Activity Monitor to enable the FPolicy. If the “Enable + and connect FPolicy” option is employed but the permission is not provided, the agent will + encounter “Failed to enable policy” errors, but it will still be able to connect to the FPolicy. + Since this permission model requires a manual configuration of the FPolicy, then the need to + manually enable the FPolicy will be met. + +- `vserver fpolicy engine-connect` – All access + +Use the following command to provision access to all required commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "network interface" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy disable" -access all -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy enable" -access all -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy engine-connect" -access all -query "" -vserver [SVM_NAME] +``` + +Example: + +``` +security login role create -role enterpriseauditorrest -cmddirname "version" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "volume" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "network interface" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy disable" -access all -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy enable" -access all -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy engine-connect" -access all -query "" -vserver testserver +``` + +#### REST API + +- `/api/cluster` – Readonly access +- `/api/protocols/cifs/services` – Readonly access +- `/api/storage/volumes` – Readonly access +- `/api/svm/svms` – Readonly access +- `/api/network/ip/interfaces` – Readonly access +- `/api/protocols/fpolicy` – All access + +Use the following commands to provision read-only access to all required API endpoints: + +``` +security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/network/ip/interfaces" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/fpolicy" -access all -vserver [SVM_NAME] +``` + +Example: + +``` +security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/network/ip/interfaces" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/fpolicy" -access all -vserver testserver +``` + +**NOTE:** If the FPolicy account is configured with these permissions, it is necessary to manually +configure the FPolicy. See the +[Configure FPolicy](/docs/accessanalyzer/11.6/config/netappcmode/configurefpolicy.md) +topic for additional information. + +### Automatically Configure the FPolicy + +If the desire is for the Activity Monitor to automatically configure the FPolicy, the security role +requires the following permissions: + +#### ONTAPI/ZAPI + +- `version` – Readonly access +- `volume` – Readonly access +- `vserver` – Readonly access + + `network interface` – Readonly access + +- `vserver fpolicy` – All access +- `security certificate install` – All access + + _Remember,_ this permission is only needed for FPolicy TLS connections. + +Use the following command to provision access to all required commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "network interface" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy" -access all -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "security certificate install" -access all -query "" -vserver [SVM_NAME] +``` + +Example: + +``` +security login role create -role enterpriseauditorrest -cmddirname "version" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "volume" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "network interface" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy" -access all -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "security certificate install" -access all -query "" -vserver testserver +``` + +#### REST API + +- `/api/cluster` – Readonly access +- `/api/protocols/cifs/services` – Readonly access +- `/api/storage/volumes` – Readonly access +- `/api/svm/svms` – Readonly access +- `/api/network/ip/interfaces` – Readonly access +- `/api/protocols/fpolicy` – All access +- `/api/security/certificates` – All access + + Remember, this permission is only needed for FPolicy TLS connections. + +Use the following commands to provision access to all required API endpoints: + +``` +security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/network/ip/interfaces" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/fpolicy" -access all -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/security/certificates" -access all -vserver [SVM_NAME] +``` + +Example: + +``` +security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/network/ip/interfaces" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/fpolicy" -access all -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/security/certificates" -access all -vserver testserver +``` + +**NOTE:** If the FPolicy account is configured with these permissions, the Activity Monitor can +automatically configure the FPolicy. See the +[Configure FPolicy](/docs/accessanalyzer/11.6/config/netappcmode/configurefpolicy.md) +topic for additional information. + +### Enterprise Auditor Integration + +If the desire is for FPolicy to be used with both the Activity Monitor and Enterprise Auditor, then +the following permission is also required: + +- `security login role show-ontapi` – Readonly access + +Use the following command to provision read-only access to security login role show-ontapi commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "security login role show-ontapi" -access readonly -query "" -vserver [SVM_NAME] +``` + +Example: + +``` +security login role create -role enterpriseauditor -cmddirname "security login role show-ontapi" -access readonly -query "" -vserver testserver +``` + +### Validate Part 1: Security Role Configuration + +For ONTAPI, run the following command to validate the RBAC security role configuration: + +``` +security login role show [ROLE_NAME] +``` + +Example: + +``` +security login role show enterpriseauditor +``` + +Relevant NetApp Documentation: For more information about creating RBAC access control roles, read +the +[security login role create](https://docs.netapp.com/us-en/ontap-cli-9141//security-login-role-create.html) +article. + +For REST API, run the following command to validate the REST security role configuration: + +``` +security login rest-role show [ROLE_NAME] +``` + +Example: + +``` +security login rest-role show enterpriseauditorrest +``` + +For more information about creating REST access control roles, read the +[security login rest-role create](https://docs.netapp.com/us-en/ontap-cli-9141/security-login-rest-role-create.html) +article. + +## Part 2: Create Security Login + +Once the access control role has been created, apply it to a domain account. Ensure the following +requirements are met: + +- The SVM used in the following command must be the same SVM used when creating the access control + role in Part 1. +- All parameters are case sensitive. +- It is recommended to use lowercase for both domain and username. The case of domain and username + created during the account provisioning process must match exactly to the credentials provided to + the Activity Monitor activity agent for authentication to work. + +Use the following command to create the security login for the security role created in Part 1: + +``` +security login create -user-or-group-name [DOMAIN\DOMAINUSER] -application ontapi -authentication-method [DOMAIN_OR_PASSWORD_AUTH] -role [ROLE_NAME] -vserver [SVM_NAME] +``` + +Example: + +``` +security login create -user-or-group-name example\user1 -application ontapi -authentication-method domain -role enterpriseauditor -vserver testserver +``` + +Validate this security login was created. + +### Validate Part 2: Security Login Creation + +Run the following command to validate security login: + +``` +security login show [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +security login show example\user1 +``` + +Verify that the output is displayed as follows: + +![validatesecuritylogincreation](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatesecuritylogincreation.webp) + +For more information about creating security logins, read the +[security login create](https://docs.netapp.com/us-en/ontap-cli-9141/security-login-create.html) +article. diff --git a/docs/accessanalyzer/11.6/config/nutanix/access.md b/docs/accessanalyzer/11.6/config/nutanix/access.md new file mode 100644 index 0000000000..05fc90d3bc --- /dev/null +++ b/docs/accessanalyzer/11.6/config/nutanix/access.md @@ -0,0 +1,22 @@ +# Nutanix Appliance Access & Sensitive Data Auditing Configuration + +The credentials used to run Enterprise Auditor scans on Nutanix appliances must have the **Backup +Admin: Backup Access only** role assigned. + +## Nutanix Prism Central Interface + +Follow the steps to configure the required account in the Nutanix Prism Central Interface. + +**Step 1 –** Select the **Home** dropdown and select **File Server**. + +**Step 2 –** On the file server page, under actions select **Launch Files Console**. + +**Step 3 –** On the new files URL page, locate the **Configuration** dropdown and select **Manage +Roles**. + +![Nutanix Backup Admin: Backup Access only role](/img/product_docs/accessanalyzer/11.6/config/nutanix/nutanixbackupadminrole.webp) + +**Step 4 –** On the Manage Roles window, add an account with the **Backup Admin: Backup Access +only** role. + +This account must be used for running the Enterprise Auditor scans on Nutanix appliances. diff --git a/docs/accessanalyzer/11.6/config/nutanix/activity.md b/docs/accessanalyzer/11.6/config/nutanix/activity.md new file mode 100644 index 0000000000..03c9ebb756 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/nutanix/activity.md @@ -0,0 +1,12 @@ +# Nutanix Activity Auditing Configuration + +The Netwrix Activity Monitor can be configured to monitor activity on Nutanix devices. + +A user having REST API access must be created on the Nutanix Files server to monitor the files +server using Activity Monitor. Additional configurations are done by Activity Monitor with the help +of this user. In the Nutanix Files server, select **Configuration** > **Manage Roles**. Under the +REST API access users section, click **New User** to create a new user. Specify the username and the +password. + +**NOTE:** The user credentials created here are used when adding a Nutanix file server in Activity +Monitor. diff --git a/docs/accessanalyzer/11.6/config/nutanix/overview.md b/docs/accessanalyzer/11.6/config/nutanix/overview.md new file mode 100644 index 0000000000..3bcdc18b8c --- /dev/null +++ b/docs/accessanalyzer/11.6/config/nutanix/overview.md @@ -0,0 +1,73 @@ +# Nutanix Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery +Auditing scans on Nutanix Appliances. The Netwrix Activity Monitor can be configured to monitor +activity on Nutanix Appliances and make the event data available for Enterprise Auditor Activity +Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Enterprise Auditor scans must have the following permissions on the +target host: + +- Group membership in the role **Backup Admin: Backup Access Only** + +See the +[Nutanix Appliance Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/nutanix/access.md) +topic for additional information. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +The Netwrix Activity Monitor can be configured to monitor activity on Nutanix devices. See the +[Nutanix Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/nutanix/activity.md) +topic for instructions. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Nutanix Appliances + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target Nutanix device: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ----------------------- | +| Activity Agent Server to Nutanix | TCP | 9440 | Nutanix API | +| Nutanix to Activity Agent Server | TCP | 4501 | Nutanix Event Reporting | + +Protect the port with a username and password. The credentials will be configured in Nutanix. + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/qumulo/activity.md b/docs/accessanalyzer/11.6/config/qumulo/activity.md new file mode 100644 index 0000000000..1042550312 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/qumulo/activity.md @@ -0,0 +1,50 @@ +# Qumulo Activity Auditing Configuration + +The Netwrix Activity Monitor can be configured to monitor activity on Qumulo devices. To prepare +Qumulo to be monitored, an account needs to be provisioned and the audit event format may need to be +modified. + +## Provision Account + +Activity Monitor requires an account with the Observers role to monitor a Qumulo cluster. Follow the +steps to create a new account in the Qumulo web user interface with the Observers role. + +**Step 1 –** Create a new user in **Cluster** > **Local Users & Groups**. + +**Step 2 –** Assign the Observers role to the user using **Cluster** > **Role Management**. + +This credential will then be used when configuring the Activity Agent to monitor the Qumulo device. + +## Verify Audit Event Format + +Qumulo reports audit events in one of two formats: CSV and JSON. While the Netwrix Activity Monitor +supports both, the JSON format is recommended as it provides more detail. In particular, it allows +the product to distinguish between permission change events and attribute change events, presents +granular information for permission changes, and includes user SIDs instead of just usernames. The +advanced filtering of Microsoft Office activity also requires the JSON format. + +The JSON format for audit events was introduced in Qumulo Core 6.0.1. The new format can be enabled +via an SSH session to the Qumulo cluster. + +Follow the steps to verify that audit event format and change the format, if needed. + +**Step 1 –** Connect to the Qumulo cluster with SSH. + +**Step 2 –** Execute the following command to log in: + +`qq --host login -u ` + +The command will ask for the password. + +**Step 3 –** Execute the following command to check current format: + +qq audit_get_syslog_config + +The format will be shown in the **format** field. The old format is **csv**; the new format is +**json**. + +**Step 4 –** Execute the following command to change the format, if needed: + +qq audit_set_syslog_config --json + +The change willshould be reflected in the **format** field. diff --git a/docs/accessanalyzer/11.6/config/qumulo/overview.md b/docs/accessanalyzer/11.6/config/qumulo/overview.md new file mode 100644 index 0000000000..7e4c419789 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/qumulo/overview.md @@ -0,0 +1,70 @@ +# Qumulo Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery +Auditing scans on Qumulo devices. The Netwrix Activity Monitor can be configured to monitor activity +on Qumulo devices and make the event data available for Enterprise Auditor Activity Auditing (FSAC) +scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Enterprise Auditor scans must have the following permissions on the +target host: + +- Group membership in the Data-Administrators role + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Netwrix Activity Monitor requires an account with the Observers role to monitor a Qumulo cluster. +See the +[Qumulo Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/qumulo/activity.md) +topic for instructions. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Qumulo Devices + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target Qumulo device: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ----- | ---------------------- | +| Activity Agent Server to Qumulo | TCP | 8000 | Qumulo API | +| Qumulo to Activity Agent Server | TCP | 4496 | Qumulo Event Reporting | + +Protect the port with a username and password. The credentials will be configured in Qumulo. + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/sharepoint/access.md b/docs/accessanalyzer/11.6/config/sharepoint/access.md new file mode 100644 index 0000000000..f6518e5f80 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/sharepoint/access.md @@ -0,0 +1,80 @@ +# SharePoint Access & Sensitive Data Auditing Configuration + +Permissions are required on the SharePoint Farm, Web Application, and the SharePoint Database in +order for Enterprise Auditor to execute Access Auditing (SPAA) and/or Sensitive Data Discovery +Auditing scans. + +## Configure SharePoint Farm Permissions + +Follow the steps to configure the SharePoint Farm level permissions on SharePoint 2013 through +SharePoint 2019 farms. + +**Step 1 –** In the SharePoint Central Administration Center, navigate to the Security section. + +**Step 2 –** Select the Manage the farm administrators group option under Users. + +**Step 3 –** If the Farm Read group exists, add the service account to that group. If the Farm Read +group has been deleted, it is necessary to create a new group with Read privileges at the Farm +level: + +- Select More under the Groups section. +- Select New Group from the New drop-down menu. +- Ensure the group has the Read – Can view pages and list items and download documents permission. +- Add the service account to this new group. + +The service account has Read level access at the Farm level. + +## Configure SharePoint Web Application Permissions + +Follow the steps to configure the SharePoint web application level permissions on SharePoint 2013 +through SharePoint 2019 farms. + +**Step 1 –** In the SharePoint Central Administration Center, navigate to the Application Management +section. + +**Step 2 –** Select Manage web applications option under Web Applications. + +**Step 3 –** Create a new policy for the desired web application. Follow these steps: + +- Click Permission Policy. The Manage Permission Policy Levels window opens. +- Click Add Permission Policy Level. Select the following: + + - Check the Site Collection Auditor permission. + - Check the Open Items box in the Site Permissions Grant column. + - Click Save. + +**Step 4 –** Repeat Step 3 for each web application in scope. It is recommended to give these +policies the same name. + +**Step 5 –** Add the service account to the newly created roles. Follow these steps: + +- Select a web application with the newly created role. +- Click User Policy. The Policy for Web Application window opens. +- Click Add Users. Leave all zones select and click Next. +- Add the service account in the Users textbox. +- Check the newly created role with site collection auditor in the Permissions section. Click + Finish. + +**Step 6 –** Repeat Step 5 for each web application in scope. + +The service account is provisioned as a Site Collection Auditor on all web applications to be +audited. + +## Configure SharePoint Database Server Permissions + +Follow the steps to configure the SharePoint database server permissions on SharePoint 2013 through +SharePoint 2019 farms. + +**Step 1 –** Navigate to the SharePoint database server user configuration via SQL Management +Studio. + +**Step 2 –** Provision the service account to have: + +- SPDataAccess Database role membership +- This database role membership needs to be configured on: + + - SharePoint Configuration database (ShaerPoint_Config) + - All SharePoint Content databases housing web application data (by default the content + databases begin with WSS*Content*, but they can be customized) + +The service account is provisioned with SharePoint database permissions. diff --git a/docs/accessanalyzer/11.6/config/sharepoint/activity.md b/docs/accessanalyzer/11.6/config/sharepoint/activity.md new file mode 100644 index 0000000000..1924d3efa7 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/sharepoint/activity.md @@ -0,0 +1,44 @@ +# SharePoint On-Premise Activity Auditing Configuration + +SharePoint Event Auditing must be enabled for each site collection to be monitored by the Netwrix +Activity Monitor and/or audited by Netwrix Enterprise Auditor. + +## User Requirements + +Following are the SharePoint On-Premise user requirements: + +- Local Administrator on SharePoint server (that hosts Central Administration) +- SharePoint SQL server, which includes login on SharePoint Admin, Config, and all content + databases, with the following role permissions: + + - SharePoint 2013+ + + - SPDataAccess + + - SharePoint 2010 + + - db_owner + +## Enable Event Auditing + +Follow the steps for each site collection within a SharePoint 2013 through SharePoint 2019 farm. + +**Step 1 –** Select Settings > Site settings. + +**Step 2 –** Under Site Collection Administration, click Go to top level site settings. + +**Step 3 –** On the Site Settings page, under Site Collection Administration, select Site collection +audit settings. + +**Step 4 –** On the Configure Audit Settings page, in the Documents and Items section select the +events to be audited. + +**Step 5 –** Still on the Configure Audit Settings page, in the List, Libraries, and Site section +select the events to be audited. + +**Step 6 –** Click OK to save the changes. + +SharePoint will create the audit logs to be monitored by the Netwrix Activity Monitor and/or audited +by Enterprise Auditor. See the Microsoft +[Configure audit settings for a site collection (SharePoint 2013/2016/2019)](https://support.office.com/en-us/article/Configure-audit-settings-for-a-site-collection-a9920c97-38c0-44f2-8bcb-4cf1e2ae22d2) +article for additional information. diff --git a/docs/accessanalyzer/11.6/config/sharepoint/overview.md b/docs/accessanalyzer/11.6/config/sharepoint/overview.md new file mode 100644 index 0000000000..85e692b868 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/sharepoint/overview.md @@ -0,0 +1,76 @@ +# SharePoint Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (SPAA) and/or Sensitive Data Discovery +Auditing scans on SharePoint farms. The Netwrix Activity Monitor can be configured to monitor +activity on SharePoint farms and make the event data available for Enterprise Auditor Activity +Auditing (SPAC) scans. + +## Access & Sensitive Data Auditing Permissions + +- Permissions vary based on the Scan Mode selected and target environment. See the + [SharePoint Support](/docs/accessanalyzer/11.6/requirements/target/sharepoint.md) + topic for additional information. + +See the +[SharePoint Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/sharepoint/access.md) +topic for instructions. + +## Access & Sensitive Data Auditing Port Requirements + +- Ports vary based on the Scan Mode selected and target environment. See the + [SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) + topic for additional information. + +## Activity Auditing Permissions + +Requirements to Deploy the Activity Agent on the “Central Administration” SharePoint Server + +The Netwrix Activity Monitor must have an Activity Agent deployed on one instance of a SharePoint +Application server that hosts the “Central Administration” component. While actively monitoring, the +Activity Agent generates activity log files stored on the server. The credential used to deploy the +Activity Agent must have the following permissions on the proxy server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +SharePoint Requirements + +See the +[SharePoint On-Premise Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/sharepoint/activity.md) +topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/sharepointonline/access.md b/docs/accessanalyzer/11.6/config/sharepointonline/access.md new file mode 100644 index 0000000000..13e8bb4f36 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/sharepointonline/access.md @@ -0,0 +1,299 @@ +# SharePoint Online Access & Sensitive Data Auditing Configuration + +Netwrix Enterprise Auditor uses Modern Authentication to execute Access Auditing (SPAA) and/or +Sensitive Data Discovery Auditing scans for the target SharePoint Online & OneDrive for Business +environments. This involves creating and defining a Microsoft Entra ID application for app–only +access to SharePoint Online. + +**NOTE:** A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. + +Configuration Settings from the Registered Application + +The following settings are needed from your tenant once you have registered the application: + +- Client ID – This is the Application (client) ID for the registered application +- Key – The comma delimited string containing the path to the certificate PFX file, certificate + password, and the Microsoft Entra ID environment identifier ( + `CertPath,CertPassword,AzureEnvironment`) + +Configure Modern Authentication for SharePoint Online using SP_RegisterAzureAppAuth Instant Job + +Registering a Microsoft Entra ID application and provisioning it to grant permissions to SharePoint +Online can be automated using the SP_RegisterAzureAppAuth job from the Enterprise Auditor Instant +Job Library. The SP_RegisterAzureAppAuth job uses the PowerShell Data Collector to automatically +configure modern authentication for SharePoint Online. It requires: + +- A Connection Profile containing the following two user credentials, both with an Account Type of + **Task (Local)**: + + - Microsoft Entra ID Global Admin credential + - A credential with the username `newapp` that contains the password for the new application + +- Microsoft Graph API PowerShell module to be installed on targeted hosts + +See the +[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_registerazureappauth.md) +topic for additional information. + +## Permissions + +The following permissions are required: + +Permissions for Microsoft Graph API + +- Application Permissions: + + - Application.Read.All – Read all applications + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + - Domain.Read.All – Read domains + - Files.Read.All – Read files in all site collections + - GroupMember.Read.All – Read all group memberships + - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an + organization + - Member.Read.Hidden – Read all hidden memberships + - Organization.Read.All – Read organization information + - OrgContact.Read.All – Read organization contact + - Policy.Read.All – Read your organization's policies + - Policy.Read.ConditionalAccess – Read you organization's conditional access policies + - Policy.Read.PermissionGrant – Read consent and permission grant policies + - ServiceHealth.Read.All – Read service health + - ServiceMessage.Read.All – Read service messages + - Sites.Read.All – Read items in all site collections + - Team.ReadBasic.All – Get a list of all teamss + - TeamMember.Read.All – Read the members of all teams + +- Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +Permissions for Office 365 Management APIs + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + - ServiceHealth.Read – Read service health information for your organization + +Permissions for SharePoint + +- Application Permissions: + + - Sites.FullControl.All – Have full control of all site collections + - Sites.Read.All – Read items in all site collections + - TermStore.Read.All – Read managed metadata + - User.Read.All – Read user profiles + +## Create Self–Signed Certificate + +To configure the Entra ID Application for invoking SharePoint Online with an App Only access token, +create and configure a self–signed X.509 certificate. This certificate authenticates the application +against Entra ID while requesting the App Only access token. See the Microsoft +[Granting access via Azure AD App-Only](https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread) +article for additional information. + +Follow the steps create the self-signed X.509 certificate. + +**Step 1 –** To generate a certificate, use the sample PowerShell command below: + +- Change the following parameters in the sample PowerShell command. See the Microsoft + [New-SelfSignedCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate) + article for additional information. + + - DNS Name – Specifies a DNS name to put into the subject alternative name extension of the + certificate + - Subject – A unique name for the new App (always starts with CN=, to denote a canonical name) + - FriendlyName – Same as Subject name minus the canonical name prefix + - NotAfter – A datetime string denoting the certificate's expiration date - in the above sample, + Get-Date.AddYears(11) specifies that the certificate will expire 11 years from the current + datetime + +Example PowerShell: + +``` +$cert=New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My -DnsName stealthbits.com -Subject "CN=StealthAUDIT SharePoint Auditor" -FriendlyName "StealthAUDIT SharePoint Auditor" -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddYears(11) +``` + +**Step 2 –** Export the certificate public key as a .cer file to the PrivateAssemblies folder in +Enterprise Auditor with the Export–Certificate cmdlet using the certificate path stored in the +$certPath variable (see Step 1). + +**NOTE:** The environment variable `SAINSTALLDIR` always points to the base Enterprise Auditor +install directory; simply append the PrivateAssemblies to point to that folder with the following +cmdlet: + +``` +Export-Certificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\spaa_cert.cer" -Type CERT +``` + +- See the Microsoft + [Export-Certificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-certificate) + article for additional information. + +**Step 3 –** Export the certificate private key as a .pfx file to the same folder by running the +following cmdlet: + +``` +Export-PfxCertificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\spaa_cert.pfx" -Password (ConvertTo-SecureString -String "PasswordGoesHere" -Force -AsPlainText) +``` + +**_RECOMMENDED:_** Change the string in the Password parameter from "PasswordGoesHere" to something +more secure before running this cmdlet. + +- See the Microsoft + [Export-PfxCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-pfxcertificate) + article for additional information. + +## Register a Microsoft Entra ID Application + +Follow the steps to register Enterprise Auditor with Microsoft Entra ID. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Enterprise + Auditor Entra ID for SharePoint +- Supported account types – Select **Accounts in this organizational directory only** + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Upload Self-Signed Certificate + +Follow the steps to provision the upload your self-signed certificate. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** Select the Certificates tab. + +**Step 4 –** In the tool bar, click **Upload Certificate**. + +**Step 5 –** Navigate to the to PrivateAssemblies folder and select the `spaa_cert.cer` file. +Optionally add a Description. + +**Step 6 –** Click **Add**. + +The upload certificate public key .cer file is an application key credential. + +## Grant Permissions to the Registered Application + +Follow the steps to grant permissions to the registered application. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs +tab. Select the following permissions: + +- Application Permissions: + + - Application.Read.All – Read all applications + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + - Domain.Read.All – Read domains + - Files.Read.All – Read files in all site collections + - GroupMember.Read.All – Read all group memberships + - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an + organization + - Member.Read.Hidden – Read all hidden memberships + - Organization.Read.All – Read organization information + - OrgContact.Read.All – Read organization contact + - Policy.Read.All – Read your organization's policies + - Policy.Read.ConditionalAccess – Read you organization's conditional access policies + - Policy.Read.PermissionGrant – Read consent and permission grant policies + - ServiceHealth.Read.All – Read service health + - ServiceMessage.Read.All – Read service messages + - Sites.Read.All – Read items in all site collections + - Team.ReadBasic.All – Get a list of all teamss + - TeamMember.Read.All – Read the members of all teams + +- Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** In the top toolbar, click **Add a permission**. + +**Step 7 –** On the Request API permissions blade, select **Office 365 Management APIs** on the +Microsoft APIs tab. Select the following permissions: + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + - ServiceHealth.Read – Read service health information for your organization + +**Step 8 –** At the bottom of the page, click **Add Permissions**. + +**Step 9 –** In the top toolbar, click **Add a permission**. + +**Step 10 –** On the Request API permissions blade, select **SharePoint** on the Microsoft APIs tab. +Select the following permissions: + +- Application Permissions: + + - Sites.FullControl.All – Have full control of all site collections + - Sites.Read.All – Read items in all site collections + - TermStore.Read.All – Read managed metadata + - User.Read.All – Read user profiles + +**Step 11 –** At the bottom of the page, click **Add Permissions**. + +**Step 12 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the Connection Profile and host settings for +Enterprise Auditor need to be collected. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This is needed for the Enterprise Auditor Connection Profile. See the +[Azure Active Directory for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/entraid.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/config/sharepointonline/activity.md b/docs/accessanalyzer/11.6/config/sharepointonline/activity.md new file mode 100644 index 0000000000..0526a66d6f --- /dev/null +++ b/docs/accessanalyzer/11.6/config/sharepointonline/activity.md @@ -0,0 +1,229 @@ +# SharePoint Online Activity Auditing Configuration + +In order to collect logs and monitor SharePoint Online activity using the Netwrix Activity Monitor, +it needs to be registered with Microsoft® Entra ID® (formerly Azure AD). + +**NOTE:** A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. + +Additional Requirement + +In addition to registering the application with Microsoft Entra ID, the following is required: + +- Enable Auditing for SharePoint Online + +See the [Enable Auditing for SharePoint Online](#enable-auditing-for-sharepoint-online) topic for +additional information. + +Configuration Settings from the Registered Application + +The following settings are needed from your tenant once you have registered the application: + +- Tenant ID – This is the Tenant ID for Microsoft Entra ID +- Client ID – This is the Application (client) ID for the registered application +- Client Secret – This is the Client Secret Value generated when a new secret is created + + **CAUTION:** It is not possible to retrieve the value after saving the new key. It must be + copied first. + +Permissions for Microsoft Graph API + +- Application: + + - Directory.Read.All – Read directory data + - Sites.Read.All – Read items in all site collections + - User.Read.All – Read all users' full profiles + +Permissions for Office 365 Management APIs + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + +## Register a Microsoft Entra ID Application + +Follow the steps to register Activity Monitor with Microsoft Entra ID. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Activity Monitor + for SharePoint +- Supported account types – Select **Accounts in this organizational directory only** +- Redirect URI – Set the Redirect URI to **Public client/native** (Mobile and desktop) from the drop + down menu. In the text box, enter the following: + + Urn:ietf:wg:oauth:2.0:oob + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Grant Permissions to the Registered Application + +Follow the steps to grant permissions to the registered application. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs +tab. Select the following permissions: + +- Application: + + - Directory.Read.All – Read directory data + - Sites.Read.All – Read items in all site collections + - User.Read.All – Read all users' full profiles + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** In the top toolbar, click **Add a permission**. + +**Step 7 –** On the Request API permissions blade, select **Office 365 Management APIs** on the +Microsoft APIs tab. Select the following permissions: + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + +**Step 8 –** At the bottom of the page, click **Add Permissions**. + +**Step 9 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the settings required for Activity Monitor need to +be collected. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. Next identify the Tenant +ID. + +## Identify the Tenant ID + +The Tenant ID is available in two locations within Microsoft Entra ID. + +Registered Application Overview Blade + +You can copy the Tenant ID from the same page where you just copied the Client ID. Follow the steps +to copy the Tenant ID from the registered application Overview blade. + +**Step 1 –** Copy the Directory (tenant) ID value. + +**Step 2 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. Next generate the +application’s Client Secret Key. + +Overview Page + +Follow the steps to find the tenant name where the registered application resides. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** Copy the Tenant ID value. + +**Step 3 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. Next generate the +application’s Client Secret Key. + +## Generate the Client Secret Key + +Follow the steps to find the registered application's Client Secret, create a new key, and save its +value when saving the new key. + +**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly +if you start from a different Microsoft portal. See the relevant Microsoft documentation for +additional information. + +**CAUTION:** It is not possible to retrieve the value after saving the new key. It must be copied +first. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** In the top toolbar, click **New client secret**. + +**Step 4 –** On the Add a client secret blade, complete the following: + +- Description – Enter a unique description for this secret +- Expires – Select the duration. + + **NOTE:** Setting the duration on the key to expire requires reconfiguration at the time of + expiration. It is best to configure it to expire in 1 or 2 years. + +**Step 5 –** Click **Add** to generate the key. + +**CAUTION:** If this page is left before the key is copied, then the key is not retrievable, and +this process will have to be repeated. + +**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the +Copy to clipboard button to copy the Client Secret. + +**Step 7 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. + +## Enable Auditing for SharePoint Online + +Follow the steps to enable auditing for SharePoint Online so the Activity Monitor can receive +events. + +**Step 1 –** In the Microsoft Purview compliance portal at +[https://compliance.microsoft.com](https://compliance.microsoft.com/), go to **Solutions** > +**Audit**. Or, to go directly to the Audit page at +[https://compliance.microsoft.com/auditlogsearch](https://compliance.microsoft.com/auditlogsearch). + +**Step 2 –** If auditing is not turned on for your organization, a banner is displayed prompting you +start recording user and admin activity. + +**Step 3 –** Select the **Start recording** user and **admin activity** banner. + +It may take up to 60 minutes for the change to take effect. The Activity Monitor now has SharePoint +Online auditing enabled as needed to receive events. See the Microsoft +[Turn auditing on or off](https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-log-enable-disable?view=o365-worldwide) +article for additional information on enabling or disabling auditing. diff --git a/docs/accessanalyzer/11.6/config/sharepointonline/overview.md b/docs/accessanalyzer/11.6/config/sharepointonline/overview.md new file mode 100644 index 0000000000..95202edf67 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/sharepointonline/overview.md @@ -0,0 +1,82 @@ +# SharePoint Online Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (SPAA) and Sensitive Data Discovery Auditing +scans on SharePoint Online. The Netwrix Activity Monitor can be configured to monitor activity on +SharePoint Online and make the event data available for Enterprise Auditor Activity Auditing (SPAC) +scans. + +## Access & Sensitive Data Auditing Permissions + +- Permissions vary based on the Scan Mode selected and target environment. See the + [SharePoint Support](/docs/accessanalyzer/11.6/requirements/target/sharepoint.md) + topic for additional information. + +See the +[SharePoint Online Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/sharepointonline/access.md) +topic for instructions. + +**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for +SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and +provisions it with the required permissions. See the +[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_registerazureappauth.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +- Ports vary based on the Scan Mode selected and target environment. See the + [SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) + topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of SharePoint Online + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +SharePoint Requirements + +See the +[SharePoint Online Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/sharepointonline/activity.md) +topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/config/windowsfile/access.md b/docs/accessanalyzer/11.6/config/windowsfile/access.md new file mode 100644 index 0000000000..4079fd3169 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/windowsfile/access.md @@ -0,0 +1,134 @@ +# Windows File Server Access & Sensitive Data Auditing Configuration + +Permissions required for Enterprise Auditor to execute Access Auditing (SPAA) and/or Sensitive Data +Discovery Auditing scans on a Windows file server are dependent upon the Scan Mode Option selected. +See the +[File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) +topic for additional information. + +However, additional considerations are needed when targeting a Windows File System Clusters or DFS +Namespaces. + +## Windows File System Clusters + +The permissions necessary to collect file system data from a Windows File System Cluster must be set +for all nodes that comprise the cluster. + +**NOTE:** It is necessary to target the Windows File Server Cluster (name of the cluster) of +interest when running a File System scan against a Windows File System Cluster. + +Configure credentials on all cluster nodes according to the Windows Operating Systems required +permissions for the desired scan mode with these additional considerations: + +- For + [Applet Mode](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md#applet-mode) + and + [Proxy Mode with Applet](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md#proxy-mode-with-applet): + + - Applet will be deployed to each node + - Credential used in the Connection Profile must have rights to deploy the applet to each node + +- For + [Proxy Mode as a Service](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md#proxy-mode-as-a-service): + + - Proxy Service must be installed on each node + - For Sensitive Data Discovery Auditing scans, the Sensitive Data Discovery Add-on must be + installed on each node + +Additionally, the credential used within the Connection Profile must have rights to remotely access +the registry on each individual cluster node. + +_Remember,_ Remote Registry Service must be enabled on all nodes that comprise the cluster. +Configure the credential(s) with the following rights on all nodes: + +- Group membership in the local Administrators group +- Granted the “Log on as a batch” privilege + +Host List Consideration + +It is necessary to target the Windows File Server Cluster (name of the cluster) of interest when +running a File System scan against a Windows File System Cluster. Within the Master Host Table, +there should be a host entry for the cluster as well as for each node. Additionally, each of these +host entries must have the name of the cluster in the `WinCluster` column in the host inventory +data. This may need to be updated manually. + +See the View/Edit section of the +[Host Management Activities](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/overview.md) +topic for additional information on host inventory. + +- For FSAA and SDD scans, configure a custom host list to target the cluster's Role Server. +- For FSAC scans, configure a custom host list to target the Windows File Server Cluster. + +The host targeted by the File System scans is only the host entry for the cluster. For example: + +The environment has a Windows File System Cluster named `ExampleCluster1` with three nodes named +`ExampleNodeA`, `ExampleNodeB`, and `ExampleNodeC`. There would be four host entries in the +StealthAUDIT Master Host Table: `ExampleCluster1`, `ExampleNodeA`, `ExampleNodeB`, and +`ExampleNodeC`. Each of these four entries would have the same value of the cluster name in the +`WinCluster` column: `ExampleCluster1`. Only the `ExampleCluster1` host would be in the host list +targeted by the File System scans. + +Sensitive Data Discovery Scans + +For Sensitive Data Discovery Auditing scans on a Windows File System Cluster it is necessary for the +credential to also have Group membership in both of the following local groups for all nodes which +comprise the cluster: + +- Power Users +- Backup Operators + +Activity Auditing Scans + +The Netwrix Activity Monitor must deploy an Activity Agent on all nodes that comprise the Windows +File System Cluster. The Activity Agent generates activity log files stored on each node. Enterprise +Auditor targets the Windows File Server Cluster (name of the cluster) of interest in order to read +the activity. See the +[Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/windowsfile/activity.md) +topic for additional information. + +The credential used Enterprise Auditor to read the activity log files must have: + +- Membership in the local Administrators group + +The FileSystemAccess Data Collector needs to be specially configured to run the +[1-FSAC System Scans Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsac_system_scans.md) +against a Windows File System Cluster. On the +[FSAA: Activity Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/activitysettings.md), +configure the Host Mapping option. This provides a method for mapping between the target host and +the hosts where activity logs reside. However, this feature requires **advanced SQL scripting +knowledge** to build the query. + +Membership in the local Administrators group + +### Least Privilege Permission Model for Windows Cluster + +If a least privilege model is required by the organization, then the credential must have READ +access on the following registry keys: + +- `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SBTLogging\Parameters` +- `HKEY_LOCAL_MACHINE\Cluster\Nodes` + +Additionally, the credential must have READ access to the path where the activity log files are +located. + +## DFS Namespaces + +The FileSystem > 0.Collection > 0-FSDFS System Scans Job is configured by default to target the +default domain controller for the domain in which Enterprise Auditor resides. This is the +appropriate target host for this job when targeting a domain-based namespace. To target a standalone +namespace or multiple namespaces, create a custom host list of the server(s) hosting the +namespace(s). Then assign the custom host list to the 0-FSDFS System Scans Job. No additional host +list is require for the FileSystem > 0.Collection Job Group unless additional file servers are also +being targeted. + +DFS as Part of a Windows Cluster Consideration + +If the DFS hosting server is part of a Windows Cluster, then the Windows File System Clusters +requirements must be included with the credential. + +DFS and Activity Auditing Consideration + +For activity monitoring, the Netwrix Activity Monitor must have a deployed Activity Agent on all DFS +servers identified by the 0-FSDFS System Scans Job and populated into the dynamic host list. See the +[Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/windowsfile/activity.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/config/windowsfile/activity.md b/docs/accessanalyzer/11.6/config/windowsfile/activity.md new file mode 100644 index 0000000000..163608a29b --- /dev/null +++ b/docs/accessanalyzer/11.6/config/windowsfile/activity.md @@ -0,0 +1,41 @@ +# Windows File Server Activity Auditing Configuration + +In order for the Netwrix Activity Monitor to monitor Windows file server activity, an Activity Agent +must be deployed to the server. It cannot be deployed to a proxy server. However, additional +considerations are needed when targeting a Windows File System Clusters or DFS Namespaces. + +## Windows File System Clusters + +In order to monitor a Windows File System Cluster, an Activity Agent needs to be deployed on all +nodes that comprise the Windows File System Cluster. The credential used to deploy the Activity +Agent must have the following permissions on the server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +After the agent has been deployed, it is necessary to modify the HOST parameter in the +`SBTFilemon.ini` file to be the name of the cluster. For integration with Netwrix Enterprise +Auditor, this must be an exact match to the name of the cluster in the Master Host Table. + +## DFS Namespaces + +In order to monitor activity on DFS Namespaces, an Activity Agent needs to be deployed on all DFS +servers. + +**NOTE:** The FileSystem > 0.Collection > 0-FSDFS System Scans Job in Netwrix Enterprise Auditor can +be used to identify all DFS servers. + +The credential used to deploy the Activity Agent must have the following permissions on the server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. diff --git a/docs/accessanalyzer/11.6/config/windowsfile/overview.md b/docs/accessanalyzer/11.6/config/windowsfile/overview.md new file mode 100644 index 0000000000..7b4ec27b76 --- /dev/null +++ b/docs/accessanalyzer/11.6/config/windowsfile/overview.md @@ -0,0 +1,91 @@ +# Windows File Server Target Requirements + +Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery +Auditing scans on Windows file servers. The Netwrix Activity Monitor can be configured to monitor +activity on Windows file servers and make the event data available for Enterprise Auditor Activity +Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +- Permissions vary based on the Scan Mode Option selected. See the + [File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) + topic for additional information. + +Windows File System Cluster Requirements + +See the +[Windows File Server Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/windowsfile/access.md) +topic for instructions. + +Windows File System DFS Namespaces Requirements + +See the +[Windows File Server Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/config/windowsfile/access.md) +topic for instructions. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Requirements to Deploy the Activity Agent on the Windows File Server + +The Netwrix Activity Monitor must have an Activity Agent deployed on the Windows file server to be +monitored. While actively monitoring, the Activity Agent generates activity log files stored on the +server. The credential used to deploy the Activity Agent must have the following permissions on the +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Enterprise Auditor, the credential used by +Enterprise Auditor to read the activity log files must have also have this permission. + +Windows File System Cluster Requirements + +See the +[Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/windowsfile/activity.md) +topic for instructions. + +Windows File System DFS Namespaces Requirements + +See the +[Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/windowsfile/activity.md) +topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Enterprise Auditor to read the activity log files must also +have READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Enterprise Auditor Console: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------- | -------- | ---------- | ------------------------------ | +| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md b/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md deleted file mode 100644 index 5cac5be7c6..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md +++ /dev/null @@ -1,283 +0,0 @@ -# Exchange Online Auditing Configuration - -It is necessary to register Enterprise Auditor as a web application to the targeted Microsoft Entra -ID, formerly Azure Active Directory, in order for Enterprise Auditor to scan the environment. This -generates the Client ID (App ID) and self-signed certificate (Certificate Thumbprint) needed for the -Connection Profile credentials and/or the Custom Attributes Import Wizard page. See -[Microsoft Support](https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-api-prerequisites-azure-portal) -for assistance in configuring the Microsoft Entra ID web application. - -**NOTE:** A user account with the Global Administrator role is required to register an app with -Microsoft Entra ID. - -Configuration Settings from the Registered Application - -The following settings are needed from your tenant once you have registered the application: - -- Client ID – This is the Application (client) ID for the registered application -- Tenant name – This is the primary domain name of the Microsoft Entra tenant -- Certificate Thumbprint – This is thumbprint value of the certificate uploaded to the Microsoft - Entra ID application - -Configure Modern Authentication for Exchange Online using EX_RegisterAzureAppAuth Instant Job - -Registering a Microsoft Entra ID application and provisioning it to grant permissions to Exchange -Online can be automated using the EX_RegisterAzureAppAuth job from the Enterprise Auditor Instant -Job Library. The EX_RegisterAzureAppAuth job uses the PowerShell Data Collector to automatically -configure modern authentication for Exchange Online. It requires: - -- A Connection Profile containing a Microsoft Entra ID Global Admin credential with an Account Type - of **Task (Local)** -- Exchange Online Management v3.4.0 - - - You can install this module with the following command: - - ``` - Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 - ``` - -- Azure AD PowerShell module installed on targeted hosts - - **NOTE:** If the module is not already installed, the job will attempt to install it. - - - You can install the module with the following command: - - ``` - Install-Module AzureAD - ``` - - - TLS 1.2 is required for the Azure AD PowerShell module. Run the following command to configure - it: - - ``` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - ``` - -- Microsoft Graph PowerShell module installed on targeted hosts - - - You can install the module with the following command: - - ``` - Install-Module Microsoft.Graph - ``` - -See the -[EX_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -## Prerequisites - -The following prerequisites are required to use Modern Authentication for Exchange Online in -Enterprise Auditor. - -- Exchange Online Management v3.4.0 - - - You can install this module with the following command: - - ``` - Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 - ``` - -- Create a self-signed certificate that will be used by Enterprise Auditor for Modern Authentication - -## Permissions - -The following permissions are required: - -Permissions for Office 365 Exchange Online - -- Application Permissions: - - - Exchange.ManageAsApp – Manage Exchange As Application - - full_access_as_app – Use Exchange Web Services with full access to all mailboxes - -- Exchange Administrator role assigned to the registered application's service principal - -## Create Self–Signed Certificate - -A self signed certificate needs to be created on the Enterprise Auditor console server. This is used -by Enterprise Auditor to connect to the Microsoft Entra tenant. - -Follow the steps create the self-signed certificate. - -**Step 1 –** To generate a certificate, use the sample PowerShell command below: - -- Change the following parameters in the sample PowerShell command. See the Microsoft - [New-SelfSignedCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate) - article for additional information. - - - DNS Name – Specifies a DNS name to put into the subject alternative name extension of the - certificate - - Subject – A unique name for the new App (always starts with CN=, to denote a canonical name) - - FriendlyName – Same as Subject name minus the canonical name prefix - - NotAfter – A datetime string denoting the certificate's expiration date - in the above sample, - Get-Date.AddYears(11) specifies that the certificate will expire 11 years from the current - datetime - -Example PowerShell: - -``` -$cert=New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My -DnsName stealthbits.com -Subject "CN=NEA Exchange Online" -FriendlyName "NEA Exchange Online" -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddYears(11) -``` - -**Step 2 –** Export the certificate public key as a .cer file to the PrivateAssemblies folder in -Enterprise Auditor with the Export–Certificate cmdlet using the certificate path stored in the -$certPath variable (see Step 1). - -**NOTE:** The environment variable `SAINSTALLDIR` always points to the base Enterprise Auditor -install directory; simply append the PrivateAssemblies to point to that folder with the following -cmdlet: - -``` -Export-Certificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\exchange_cert.cer" -Type CERT -``` - -- See the Microsoft - [Export-Certificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-certificate) - article for additional information. - -**Step 3 –** Export the certificate private key as a .pfx file to the same folder by running the -following cmdlet: - -**_RECOMMENDED:_** Change the string in the Password parameter from "PasswordGoesHere" to something -more secure before running this cmdlet. - -``` -Export-PfxCertificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\exchange_cert.pfx" -Password (ConvertTo-SecureString -String "PasswordGoesHere" -Force -AsPlainText) -``` - -- See the Microsoft - [Export-PfxCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-pfxcertificate) - article for additional information. - -The self signed certificate has been created. The next steps are to create a Microsoft Entra ID -application and then upload this certificate to it. - -## Register a Microsoft Entra ID Application - -Follow the steps to register Enterprise Auditor with Microsoft Entra ID. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App -registrations. - -**Step 3 –** In the top toolbar, click **New registration**. - -**Step 4 –** Enter the following information in the Register an application page: - -- Name – Enter a user-facing display name for the application, for example Netwrix Enterprise - Auditor for Exchange -- Supported account types – Select **Accounts in this organizational directory only** - -**Step 5 –** Click **Register**. - -The Overview page for the newly registered app opens. Review the newly created registered -application. Now that the application has been registered, permissions need to be granted to it. - -## Upload Self-Signed Certificate - -Follow the steps upload your self-signed certificate. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. - -**Step 3 –** Select the Certificates tab. - -**Step 4 –** In the tool bar, click **Upload Certificate**. - -**Step 5 –** Navigate to the to PrivateAssemblies folder and select the `exchange_cert.cer` file. -Optionally add a Description. - -**Step 6 –** Click **Add**. - -The Certificate Thumbprint of this uploaded certificate is needed for the Enterprise Auditor -Connection Profile. See the -[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -## Grant Permissions to the Registered Application - -Follow the steps to grant permissions to the registered application. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. - -**Step 3 –** In the top toolbar, click **Add a permission**. - -**Step 4 –** On the Request API permissions blade, use the search bar on the APIs my organization -uses tab to find and select Office 365 Exchange Online. Select the following permissions: - -- Application Permissions: - - - Exchange.ManageAsApp – Manage Exchange As Application - - full_access_as_app – Use Exchange Web Services with full access to all mailboxes - -- Exchange Administrator role assigned to the registered application's service principal - -**Step 5 –** At the bottom of the page, click **Add Permissions**. - -**Step 6 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation -window. - -Now that the permissions have been granted to it, the Connection Profile and host settings for -Enterprise Auditor need to be collected. - -## Identify the Tenant's Name - -Follow the steps to find the Tenant Name where the registered application resides. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Settings** and click **Domain -names** to open the Custom domain names list. - -**Step 3 –** Copy the domain name from the list of domains. - -**Step 4 –** Save this value in a text file. - -This is needed for the Enterprise Auditor Connection Profile. See the -[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. Next identify the application’s Client ID. - -## Identify the Client ID - -Follow the steps to find the registered application's Client ID. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** Copy the **Application (client) ID** value. - -**Step 3 –** Save this value in a text file. - -This is needed for the Enterprise Auditor Connection Profile. See the -[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint-online.md b/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint-online.md deleted file mode 100644 index 5578c3c916..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint-online.md +++ /dev/null @@ -1,612 +0,0 @@ -# SharePoint Online Access & Sensitive Data Auditing Configuration - -Netwrix Enterprise Auditor uses Modern Authentication to execute Access Auditing (SPAA) and/or -Sensitive Data Discovery Auditing scans for the target SharePoint Online & OneDrive for Business -environments. This involves creating and defining a Microsoft Entra ID application for app–only -access to SharePoint Online. - -**NOTE:** A user account with the Global Administrator role is required to register an app with -Microsoft Entra ID. - -Configuration Settings from the Registered Application - -The following settings are needed from your tenant once you have registered the application: - -- Client ID – This is the Application (client) ID for the registered application -- Key – The comma delimited string containing the path to the certificate PFX file, certificate - password, and the Microsoft Entra ID environment identifier ( - `CertPath,CertPassword,AzureEnvironment`) - -Configure Modern Authentication for SharePoint Online using SP_RegisterAzureAppAuth Instant Job - -Registering a Microsoft Entra ID application and provisioning it to grant permissions to SharePoint -Online can be automated using the SP_RegisterAzureAppAuth job from the Enterprise Auditor Instant -Job Library. The SP_RegisterAzureAppAuth job uses the PowerShell Data Collector to automatically -configure modern authentication for SharePoint Online. It requires: - -- A Connection Profile containing the following two user credentials, both with an Account Type of - **Task (Local)**: - - - Microsoft Entra ID Global Admin credential - - A credential with the username `newapp` that contains the password for the new application - -- Microsoft Graph API PowerShell module to be installed on targeted hosts - -See the -[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -## Permissions - -The following permissions are required: - -Permissions for Microsoft Graph API - -- Application Permissions: - - - Application.Read.All – Read all applications - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - Domain.Read.All – Read domains - - Files.Read.All – Read files in all site collections - - GroupMember.Read.All – Read all group memberships - - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an - organization - - Member.Read.Hidden – Read all hidden memberships - - Organization.Read.All – Read organization information - - OrgContact.Read.All – Read organization contact - - Policy.Read.All – Read your organization's policies - - Policy.Read.ConditionalAccess – Read you organization's conditional access policies - - Policy.Read.PermissionGrant – Read consent and permission grant policies - - ServiceHealth.Read.All – Read service health - - ServiceMessage.Read.All – Read service messages - - Sites.Read.All – Read items in all site collections - - Team.ReadBasic.All – Get a list of all teamss - - TeamMember.Read.All – Read the members of all teams - -- Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -Permissions for Office 365 Management APIs - -- Application Permissions: - - - ActivityFeed.Read – Read activity data for your organization - - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data - - ServiceHealth.Read – Read service health information for your organization - -Permissions for SharePoint - -- Application Permissions: - - - Sites.FullControl.All – Have full control of all site collections - - Sites.Read.All – Read items in all site collections - - TermStore.Read.All – Read managed metadata - - User.Read.All – Read user profiles - -## Create Self–Signed Certificate - -To configure the Entra ID Application for invoking SharePoint Online with an App Only access token, -create and configure a self–signed X.509 certificate. This certificate authenticates the application -against Entra ID while requesting the App Only access token. See the Microsoft -[Granting access via Azure AD App-Only](https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread) -article for additional information. - -Follow the steps create the self-signed X.509 certificate. - -**Step 1 –** To generate a certificate, use the sample PowerShell command below: - -- Change the following parameters in the sample PowerShell command. See the Microsoft - [New-SelfSignedCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate) - article for additional information. - - - DNS Name – Specifies a DNS name to put into the subject alternative name extension of the - certificate - - Subject – A unique name for the new App (always starts with CN=, to denote a canonical name) - - FriendlyName – Same as Subject name minus the canonical name prefix - - NotAfter – A datetime string denoting the certificate's expiration date - in the above sample, - Get-Date.AddYears(11) specifies that the certificate will expire 11 years from the current - datetime - -Example PowerShell: - -``` -$cert=New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My -DnsName stealthbits.com -Subject "CN=StealthAUDIT SharePoint Auditor" -FriendlyName "StealthAUDIT SharePoint Auditor" -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddYears(11) -``` - -**Step 2 –** Export the certificate public key as a .cer file to the PrivateAssemblies folder in -Enterprise Auditor with the Export–Certificate cmdlet using the certificate path stored in the -$certPath variable (see Step 1). - -**NOTE:** The environment variable `SAINSTALLDIR` always points to the base Enterprise Auditor -install directory; simply append the PrivateAssemblies to point to that folder with the following -cmdlet: - -``` -Export-Certificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\spaa_cert.cer" -Type CERT -``` - -- See the Microsoft - [Export-Certificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-certificate) - article for additional information. - -**Step 3 –** Export the certificate private key as a .pfx file to the same folder by running the -following cmdlet: - -``` -Export-PfxCertificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\spaa_cert.pfx" -Password (ConvertTo-SecureString -String "PasswordGoesHere" -Force -AsPlainText) -``` - -**_RECOMMENDED:_** Change the string in the Password parameter from "PasswordGoesHere" to something -more secure before running this cmdlet. - -- See the Microsoft - [Export-PfxCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-pfxcertificate) - article for additional information. - -## Register a Microsoft Entra ID Application - -Follow the steps to register Enterprise Auditor with Microsoft Entra ID. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App -registrations. - -**Step 3 –** In the top toolbar, click **New registration**. - -**Step 4 –** Enter the following information in the Register an application page: - -- Name – Enter a user-facing display name for the application, for example Netwrix Enterprise - Auditor Entra ID for SharePoint -- Supported account types – Select **Accounts in this organizational directory only** - -**Step 5 –** Click **Register**. - -The Overview page for the newly registered app opens. Review the newly created registered -application. Now that the application has been registered, permissions need to be granted to it. - -## Upload Self-Signed Certificate - -Follow the steps to provision the upload your self-signed certificate. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. - -**Step 3 –** Select the Certificates tab. - -**Step 4 –** In the tool bar, click **Upload Certificate**. - -**Step 5 –** Navigate to the to PrivateAssemblies folder and select the `spaa_cert.cer` file. -Optionally add a Description. - -**Step 6 –** Click **Add**. - -The upload certificate public key .cer file is an application key credential. - -## Grant Permissions to the Registered Application - -Follow the steps to grant permissions to the registered application. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. - -**Step 3 –** In the top toolbar, click **Add a permission**. - -**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs -tab. Select the following permissions: - -- Application Permissions: - - - Application.Read.All – Read all applications - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - Domain.Read.All – Read domains - - Files.Read.All – Read files in all site collections - - GroupMember.Read.All – Read all group memberships - - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an - organization - - Member.Read.Hidden – Read all hidden memberships - - Organization.Read.All – Read organization information - - OrgContact.Read.All – Read organization contact - - Policy.Read.All – Read your organization's policies - - Policy.Read.ConditionalAccess – Read you organization's conditional access policies - - Policy.Read.PermissionGrant – Read consent and permission grant policies - - ServiceHealth.Read.All – Read service health - - ServiceMessage.Read.All – Read service messages - - Sites.Read.All – Read items in all site collections - - Team.ReadBasic.All – Get a list of all teamss - - TeamMember.Read.All – Read the members of all teams - -- Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -**Step 5 –** At the bottom of the page, click **Add Permissions**. - -**Step 6 –** In the top toolbar, click **Add a permission**. - -**Step 7 –** On the Request API permissions blade, select **Office 365 Management APIs** on the -Microsoft APIs tab. Select the following permissions: - -- Application Permissions: - - - ActivityFeed.Read – Read activity data for your organization - - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data - - ServiceHealth.Read – Read service health information for your organization - -**Step 8 –** At the bottom of the page, click **Add Permissions**. - -**Step 9 –** In the top toolbar, click **Add a permission**. - -**Step 10 –** On the Request API permissions blade, select **SharePoint** on the Microsoft APIs tab. -Select the following permissions: - -- Application Permissions: - - - Sites.FullControl.All – Have full control of all site collections - - Sites.Read.All – Read items in all site collections - - TermStore.Read.All – Read managed metadata - - User.Read.All – Read user profiles - -**Step 11 –** At the bottom of the page, click **Add Permissions**. - -**Step 12 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation -window. - -Now that the permissions have been granted to it, the Connection Profile and host settings for -Enterprise Auditor need to be collected. - -## Identify the Client ID - -Follow the steps to find the registered application's Client ID. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** Copy the **Application (client) ID** value. - -**Step 3 –** Save this value in a text file. - -This is needed for the Enterprise Auditor Connection Profile. See the -[Azure Active Directory for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -# SharePoint Online Activity Auditing Configuration - -In order to collect logs and monitor SharePoint Online activity using the Netwrix Activity Monitor, -it needs to be registered with Microsoft® Entra ID® (formerly Azure AD). - -**NOTE:** A user account with the Global Administrator role is required to register an app with -Microsoft Entra ID. - -Additional Requirement - -In addition to registering the application with Microsoft Entra ID, the following is required: - -- Enable Auditing for SharePoint Online - -See the [Enable Auditing for SharePoint Online](#enable-auditing-for-sharepoint-online) topic for -additional information. - -Configuration Settings from the Registered Application - -The following settings are needed from your tenant once you have registered the application: - -- Tenant ID – This is the Tenant ID for Microsoft Entra ID -- Client ID – This is the Application (client) ID for the registered application -- Client Secret – This is the Client Secret Value generated when a new secret is created - - **CAUTION:** It is not possible to retrieve the value after saving the new key. It must be - copied first. - -Permissions for Microsoft Graph API - -- Application: - - - Directory.Read.All – Read directory data - - Sites.Read.All – Read items in all site collections - - User.Read.All – Read all users' full profiles - -Permissions for Office 365 Management APIs - -- Application Permissions: - - - ActivityFeed.Read – Read activity data for your organization - - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data - -## Register a Microsoft Entra ID Application - -Follow the steps to register Activity Monitor with Microsoft Entra ID. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App -registrations. - -**Step 3 –** In the top toolbar, click **New registration**. - -**Step 4 –** Enter the following information in the Register an application page: - -- Name – Enter a user-facing display name for the application, for example Netwrix Activity Monitor - for SharePoint -- Supported account types – Select **Accounts in this organizational directory only** -- Redirect URI – Set the Redirect URI to **Public client/native** (Mobile and desktop) from the drop - down menu. In the text box, enter the following: - - Urn:ietf:wg:oauth:2.0:oob - -**Step 5 –** Click **Register**. - -The Overview page for the newly registered app opens. Review the newly created registered -application. Now that the application has been registered, permissions need to be granted to it. - -## Grant Permissions to the Registered Application - -Follow the steps to grant permissions to the registered application. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. - -**Step 3 –** In the top toolbar, click **Add a permission**. - -**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs -tab. Select the following permissions: - -- Application: - - - Directory.Read.All – Read directory data - - Sites.Read.All – Read items in all site collections - - User.Read.All – Read all users' full profiles - -**Step 5 –** At the bottom of the page, click **Add Permissions**. - -**Step 6 –** In the top toolbar, click **Add a permission**. - -**Step 7 –** On the Request API permissions blade, select **Office 365 Management APIs** on the -Microsoft APIs tab. Select the following permissions: - -- Application Permissions: - - - ActivityFeed.Read – Read activity data for your organization - - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data - -**Step 8 –** At the bottom of the page, click **Add Permissions**. - -**Step 9 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation -window. - -Now that the permissions have been granted to it, the settings required for Activity Monitor need to -be collected. - -## Identify the Client ID - -Follow the steps to find the registered application's Client ID. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** Copy the **Application (client) ID** value. - -**Step 3 –** Save this value in a text file. - -This is needed for adding a SharePoint Online host in the Activity Monitor. Next identify the Tenant -ID. - -## Identify the Tenant ID - -The Tenant ID is available in two locations within Microsoft Entra ID. - -Registered Application Overview Blade - -You can copy the Tenant ID from the same page where you just copied the Client ID. Follow the steps -to copy the Tenant ID from the registered application Overview blade. - -**Step 1 –** Copy the Directory (tenant) ID value. - -**Step 2 –** Save this value in a text file. - -This is needed for adding a SharePoint Online host in the Activity Monitor. Next generate the -application’s Client Secret Key. - -Overview Page - -Follow the steps to find the tenant name where the registered application resides. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** Copy the Tenant ID value. - -**Step 3 –** Save this value in a text file. - -This is needed for adding a SharePoint Online host in the Activity Monitor. Next generate the -application’s Client Secret Key. - -## Generate the Client Secret Key - -Follow the steps to find the registered application's Client Secret, create a new key, and save its -value when saving the new key. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**CAUTION:** It is not possible to retrieve the value after saving the new key. It must be copied -first. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. - -**Step 3 –** In the top toolbar, click **New client secret**. - -**Step 4 –** On the Add a client secret blade, complete the following: - -- Description – Enter a unique description for this secret -- Expires – Select the duration. - - **NOTE:** Setting the duration on the key to expire requires reconfiguration at the time of - expiration. It is best to configure it to expire in 1 or 2 years. - -**Step 5 –** Click **Add** to generate the key. - -**CAUTION:** If this page is left before the key is copied, then the key is not retrievable, and -this process will have to be repeated. - -**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the -Copy to clipboard button to copy the Client Secret. - -**Step 7 –** Save this value in a text file. - -This is needed for adding a SharePoint Online host in the Activity Monitor. - -## Enable Auditing for SharePoint Online - -Follow the steps to enable auditing for SharePoint Online so the Activity Monitor can receive -events. - -**Step 1 –** In the Microsoft Purview compliance portal at -[https://compliance.microsoft.com](https://compliance.microsoft.com/), go to **Solutions** > -**Audit**. Or, to go directly to the Audit page at -[https://compliance.microsoft.com/auditlogsearch](https://compliance.microsoft.com/auditlogsearch). - -**Step 2 –** If auditing is not turned on for your organization, a banner is displayed prompting you -start recording user and admin activity. - -**Step 3 –** Select the **Start recording** user and **admin activity** banner. - -It may take up to 60 minutes for the change to take effect. The Activity Monitor now has SharePoint -Online auditing enabled as needed to receive events. See the Microsoft -[Turn auditing on or off](https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-log-enable-disable?view=o365-worldwide) -article for additional information on enabling or disabling auditing. - -# SharePoint Online Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (SPAA) and Sensitive Data Discovery Auditing -scans on SharePoint Online. The Netwrix Activity Monitor can be configured to monitor activity on -SharePoint Online and make the event data available for Enterprise Auditor Activity Auditing (SPAC) -scans. - -## Access & Sensitive Data Auditing Permissions - -- Permissions vary based on the Scan Mode selected and target environment. See the - [SharePoint Support](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information. - -See the -[SharePoint Online Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint-online.md) -topic for instructions. - -**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for -SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and -provisions it with the required permissions. See the -[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -- Ports vary based on the Scan Mode selected and target environment. See the - [SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of SharePoint Online - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -SharePoint Requirements - -See the -[SharePoint Online Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint-online.md) -topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint.md b/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint.md deleted file mode 100644 index 12bd32cc0b..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint.md +++ /dev/null @@ -1,202 +0,0 @@ -# SharePoint Access & Sensitive Data Auditing Configuration - -Permissions are required on the SharePoint Farm, Web Application, and the SharePoint Database in -order for Enterprise Auditor to execute Access Auditing (SPAA) and/or Sensitive Data Discovery -Auditing scans. - -## Configure SharePoint Farm Permissions - -Follow the steps to configure the SharePoint Farm level permissions on SharePoint 2013 through -SharePoint 2019 farms. - -**Step 1 –** In the SharePoint Central Administration Center, navigate to the Security section. - -**Step 2 –** Select the Manage the farm administrators group option under Users. - -**Step 3 –** If the Farm Read group exists, add the service account to that group. If the Farm Read -group has been deleted, it is necessary to create a new group with Read privileges at the Farm -level: - -- Select More under the Groups section. -- Select New Group from the New drop-down menu. -- Ensure the group has the Read – Can view pages and list items and download documents permission. -- Add the service account to this new group. - -The service account has Read level access at the Farm level. - -## Configure SharePoint Web Application Permissions - -Follow the steps to configure the SharePoint web application level permissions on SharePoint 2013 -through SharePoint 2019 farms. - -**Step 1 –** In the SharePoint Central Administration Center, navigate to the Application Management -section. - -**Step 2 –** Select Manage web applications option under Web Applications. - -**Step 3 –** Create a new policy for the desired web application. Follow these steps: - -- Click Permission Policy. The Manage Permission Policy Levels window opens. -- Click Add Permission Policy Level. Select the following: - - - Check the Site Collection Auditor permission. - - Check the Open Items box in the Site Permissions Grant column. - - Click Save. - -**Step 4 –** Repeat Step 3 for each web application in scope. It is recommended to give these -policies the same name. - -**Step 5 –** Add the service account to the newly created roles. Follow these steps: - -- Select a web application with the newly created role. -- Click User Policy. The Policy for Web Application window opens. -- Click Add Users. Leave all zones select and click Next. -- Add the service account in the Users textbox. -- Check the newly created role with site collection auditor in the Permissions section. Click - Finish. - -**Step 6 –** Repeat Step 5 for each web application in scope. - -The service account is provisioned as a Site Collection Auditor on all web applications to be -audited. - -## Configure SharePoint Database Server Permissions - -Follow the steps to configure the SharePoint database server permissions on SharePoint 2013 through -SharePoint 2019 farms. - -**Step 1 –** Navigate to the SharePoint database server user configuration via SQL Management -Studio. - -**Step 2 –** Provision the service account to have: - -- SPDataAccess Database role membership -- This database role membership needs to be configured on: - - - SharePoint Configuration database (ShaerPoint_Config) - - All SharePoint Content databases housing web application data (by default the content - databases begin with WSS*Content*, but they can be customized) - -The service account is provisioned with SharePoint database permissions. - -# SharePoint On-Premise Activity Auditing Configuration - -SharePoint Event Auditing must be enabled for each site collection to be monitored by the Netwrix -Activity Monitor and/or audited by Netwrix Enterprise Auditor. - -## User Requirements - -Following are the SharePoint On-Premise user requirements: - -- Local Administrator on SharePoint server (that hosts Central Administration) -- SharePoint SQL server, which includes login on SharePoint Admin, Config, and all content - databases, with the following role permissions: - - - SharePoint 2013+ - - - SPDataAccess - - - SharePoint 2010 - - - db_owner - -## Enable Event Auditing - -Follow the steps for each site collection within a SharePoint 2013 through SharePoint 2019 farm. - -**Step 1 –** Select Settings > Site settings. - -**Step 2 –** Under Site Collection Administration, click Go to top level site settings. - -**Step 3 –** On the Site Settings page, under Site Collection Administration, select Site collection -audit settings. - -**Step 4 –** On the Configure Audit Settings page, in the Documents and Items section select the -events to be audited. - -**Step 5 –** Still on the Configure Audit Settings page, in the List, Libraries, and Site section -select the events to be audited. - -**Step 6 –** Click OK to save the changes. - -SharePoint will create the audit logs to be monitored by the Netwrix Activity Monitor and/or audited -by Enterprise Auditor. See the Microsoft -[Configure audit settings for a site collection (SharePoint 2013/2016/2019)](https://support.office.com/en-us/article/Configure-audit-settings-for-a-site-collection-a9920c97-38c0-44f2-8bcb-4cf1e2ae22d2) -article for additional information. - -# SharePoint Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (SPAA) and/or Sensitive Data Discovery -Auditing scans on SharePoint farms. The Netwrix Activity Monitor can be configured to monitor -activity on SharePoint farms and make the event data available for Enterprise Auditor Activity -Auditing (SPAC) scans. - -## Access & Sensitive Data Auditing Permissions - -- Permissions vary based on the Scan Mode selected and target environment. See the - [SharePoint Support](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information. - -See the -[SharePoint Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint.md) -topic for instructions. - -## Access & Sensitive Data Auditing Port Requirements - -- Ports vary based on the Scan Mode selected and target environment. See the - [SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for additional information. - -## Activity Auditing Permissions - -Requirements to Deploy the Activity Agent on the “Central Administration” SharePoint Server - -The Netwrix Activity Monitor must have an Activity Agent deployed on one instance of a SharePoint -Application server that hosts the “Central Administration” component. While actively monitoring, the -Activity Agent generates activity log files stored on the server. The credential used to deploy the -Activity Agent must have the following permissions on the proxy server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -SharePoint Requirements - -See the -[SharePoint On-Premise Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint.md) -topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md b/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md deleted file mode 100644 index 517d03399e..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md +++ /dev/null @@ -1,752 +0,0 @@ -# Active Directory Auditing Configuration - -The Enterprise Auditor for Active Directory Solution is compatible with the following Active -Directory versions as targets: - -- Windows Server 2016 and later -- Windows 2003 Forest level or higher - -**NOTE:** See the Microsoft -[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) -article for additional information. - -Domain Controller Requirements - -The following are requirements for the domain controllers to be scanned: - -- .NET Framework 4.5+ installed -- WINRM Service installed - -Data Collectors - -Successful use of the Enterprise Auditor Active Directory solution requires the necessary settings -and permissions in a Microsoft® Active Directory® environment described in this topic and its -subtopics. This solution employs the following data collectors to scan for groups, users, computers, -passwords, permissions, group policies, and domain information: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ActiveDirectory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADActivity Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [GroupPolicy Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/overview.md) -- [LDAP Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/ldap.md) -- [PasswordSecurity Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/overview.md) -- [PowerShell Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -- [Registry Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/registry.md) - -## Permissions - -- Member of the Domain Administrators group - -The majority of jobs in the Active Directory solutions rely on tables with queried data from the -data collectors mentioned above to perform analysis and generate reports. The remaining jobs utilize -data collectors to scan environments, and require additional permissions on the target host. - -**_RECOMMENDED:_** Use Domain/Local Administrator privileges to run Enterprise Auditor against an -Active Directory domain controller. - -There is a least privilege model for scanning your domain. See the -[Least Privilege Model](#least-privilege-model) topic for additional information. - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For ActiveDirectory Data Collector - -- TCP 389/636 -- TCP 135-139 -- Randomly allocated high TCP ports - -For ADActivity Data Collector - -- TCP 4494 (configurable within the Netwrix Activity Monitor) - -For GroupPolicy Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For LDAP Data Collector - -- TCP 389 - -For PasswordSecurity Collector - -- TCP 389/636 - -For PowerShell Data Collector - -- Randomly allocated high TCP ports - -For Registry Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports - -## Least Privilege Model - -A least privilege model can be configured based on your auditing needs and the data collection jobs -you will be using. The following jobs and their corresponding data collectors can be run with a -least privilege permissions model. - -1-AD_Scan Job Permissions - -The ADInventory Data Collector in the .Active Directory Inventory > 1-AD_Scan Job has the following -minimum requirements, which must be configured at the Domain level in Active Directory: - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -AD_WeakPasswords Job Permissions - -The PasswordSecurity Data Collector in the 2.Users > AD_WeakPasswords Job has the following minimum -requirements: - -- At the domain level: - - - Read - - Replicating Directory Changes - - Replicating Directory Changes All - - Replicating Directory Changes in a Filtered Set - - Replication Synchronization - -AD_CPassword Job Permissions - -While the PowerShell Data Collector typically requires Domain Administrator permissions when -targeting a domain controller, that level of access is not required to run the 4.Group Policy > -AD_CPasswords job. The minimum requirements for running this job are: - -- Read access to SYSVOL on the targeted Domain Controller(s) and all of its children - -AD_GroupPolicy Job Permissions - -While the GroupPolicy Data Collector typically requires Domain Administrator permissions when -targeting a domain controller, that level of access is not required to run the 4.Group Policy > -AD_GroupPolicy Job. The minimum requirements for running this job are: - -- Requires Read permissions on Group Policy Objects - -AD_PasswordPolicies Job Permissions - -While the LDAP Data Collector typically requires Domain Administrator permissions when targeting a -domain controller, that level of access is not required to run the 4.Group Policy > -AD_PasswordPolicies Job. The minimum requirements for running this job are: - -- Requires Read permissions on the Password Settings Container - -AD_DomainControllers Job Permissions - -While the LDAP Data Collector and Active Directory Data Collector typically requires Domain -Administrator permissions when targeting a domain controller, that level of access is not required -to run the 5.Domains > 0.Collection > AD_DomainControllers Job. The minimum requirements for running -this job are: - -- Read access to CN=Servers,%SITEDN% and its children -- Read access to: %PARTITIONDNS% and its children -- Read access to: %SCHEMADN% -- Read access to: %SITESDN% and its children - -See the [Variable Definitions](#variable-definitions) for variable definitions. - -AD_DSRM Job Permissions - -While the Registry Data Collector typically requires Domain Administrator permissions when targeting -a domain controller, that level of access is not required to run the 5.Domains > 0.Collection > -AD_DSRM Job. The minimum requirements for running this job are: - -- Requires read access to the following Registry key and its children: - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa - -AD_TimeSync Job Permissions - -While the Registry Data Collector typically requires Domain Administrator permissions when targeting -a domain controller, that level of access is not required to run the 5.Domains > 0.Collection > -AD_TimeSync Job. The minimum requirements for running this job are: - -- Requires Read access to the following Registry keys and its children: - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time - -AD_DomainInfo Job Permissions - -While the LDAP Data Collector and Active Directory Data Collector typically requires Domain -Administrator permissions when targeting a domain controller, that level of access is not required -to run the 5.Domains > AD_DomainInfo Job. The minimum requirements for running this job, which must -be configured at the Domain level in Active Directory, are: - -- Read access to: %DOMAINDN% and its children -- Read access to: CN=System,%DOMAINDN% and its children -- Read access to: %SITEDN% and its children -- Read access to: %PARTITIONDNS% and its children - -See the [Variable Definitions](#variable-definitions) for variable definitions. - -AD_ActivityCollection Job Permission - -The ADActivity Data Collector in the 6.Activity > 0.Collection > AD_ActivityCollection Job has the -following minimum requirements: - -- Netwrix Activity Monitor API Access activity data -- Netwrix Activity Monitor API Read -- Read access to the Netwrix Activity Monitor Log Archive location - -### Variable Definitions - -The following variables are referenced for Active Directory Least Privileged Models: - -`%PARTITIONDNS%` is the distinguished name of the accessed partition; -`CN=Partitions,CN=Configuration,DC=contoso,DC=com` - -`%SITEDN%` is the distinguished name of the accessed site; -`CN=Sites,CN=Configuration,DC=contoso,DC=com` - -`%CONFIGDN%` is the distinguished name of the configuration naming context; -`CN=Configuration,DC=company,DC=com` - -`%SCHEMADN%` is the distinguished name of the accessed schema; -`CN=Schema,CN=Configuration,DC=company,DC=com` - -`%DOMAINDN%`" is the distinguished name of the accessed domain object; `DC=company,DC=com` - -# Active Directory Activity Auditing Configuration - -There are two methods to configure Activity Monitor to provide Active Directory domain activity to -Enterprise Auditor: - -- API Server -- File Archive Repository - -See the -[File Archive Repository Option](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md) -topic for additional information on that option. - -## API Server Option - -In this method, you will be deploying two agents: - -- First, deploy an Activity Agent to a Windows server that will act as the API server. This is a - non-domain controller server. - - **_RECOMMENDED:_** Deploy the API Server to the same server where the Activity Monitor Console - resides. - -- Next, deploy the AD Agent to all domain controllers in the target domain. - -Follow the steps to setup integration between Activity Monitor and Enterprise Auditor through an API -server. - -**Step 1 –** Deploy the Activity Agent to the API server. - -**Step 2 –** Deploy the AD Agent to each domain controller in the target domain. - -The next step is to configure the agent deployed to the API server. - -## Configure API Server Agent - -Follow the steps to configure the agent deployed to the API server. - -**Step 1 –** On the Agents tab of the Activity Monitor Console, select the agent deployed to the -API server. - -**Step 2 –** Click **Edit**. The Agent properties window opens. - -**Step 3 –** Select the **API Server** tab and configure the following: - -- Select the **Enable API access on this agent** checkbox. -- The default **API server port (TCP)** is 4494, but it can be modified if desired. Ensure the - modified port is also used by Enterprise Auditor. -- Click **Add Application**. The Add or edit API client window opens. -- Configure the following: - - - Provide a descriptive and unique **Application name**, for example `Enterprise Auditor`. - - Select the **Read** checkbox to grant this permission to this application. - - Click **Generate** to generate the Client ID and Client Secret. - - Copy the Client ID value to a text file. - - Click **Copy** and save the Client Secret value to a text file. - - **CAUTION:** It is not possible to retrieve the value after closing the Add or edit - API client window. It must be copied first. - - - By default, the **Secret Expires** in 3 days. That means it must be used in the Enterprise - Auditor Connection Profile within 72 hours or a new secret will need to be generated. Modify - if desired. - - Click **OK** to save the configuration and close the Add or edit API client window. - -- If the Activity Monitor Console server is not the API Server, then click **Use this console** to - grant the Activity Monitor the ability to manage the API server. -- The IPv4 or IPv6 allowlist allows you to limit access to the API server data to specific hosts. - -**Step 4 –** Click **OK** to save the configuration and close the Agent properties window. - -The next step is to configure the agents deployed to the domain controllers. - -## Configure Domain Controller Agent - -Follow the steps to configure the agent deployed to the domain controller. - -**Step 1 –** On the Agents tab of the Activity Monitor Console, select an agent deployed to domain -controller. - -**Step 2 –** Click **Edit**. The Agent properties window opens. - -**Step 3 –** Select the **Archiving** tab and configure the following: - -- Select the **Enable Archiving for this agent** checkbox. -- Select the **Archive log files on a UNC path** option. Click the **...** button and navigate to - the desired network share on the API server. -- The **User name** and **User password** fields only need to be filled in if the account used to - install the agent does not have access to this share. - - _Remember,_ The account used to install the agent on a domain controller is a Domain - Administrator account. - -- Click **Test** to ensure a successful connection to the network share. - -**Step 4 –** Click **OK** to save the configuration and close the Agent properties window. - -**Step 5 –** Repeat Steps 1-4 for each agent deployed to domain controller. - -These agent are configured to save the Archive logs to the selected share. - -## Configure Monitored Domain Output - -Follow the steps configure the monitored domain output for Netwrix Enterprise Auditor. - -**Step 1 –** Select the **Monitored Domains** tab. - -**Step 2 –** Select the desired domain and click **Add Output**. The Add New Ouptut window opens. - -**Step 3 –** Configure the following: - -- Configure the desired number of days for the **Period to keep Log files**. This is the number of - days the log files are kept on the API server configured in the sections above. This needs to be - set to a greater value than the days between Enterprise Auditor scans. - - - For example, if Enterprise Auditor runs the **AD_ActivityCollection** Job once a week (every 7 - days), then the Activity Monitor output should be configured to retain at least 10 days of log - files. - -- Check the **This log file is for StealthAUDIT** box. -- Optionally select the **Enable periodic AD Status Check event reporting** checkbox. When enabled, - the agent will send out status messages every five minutes to verify whether the connection is - still active. - -**Step 4 –** Click **Add Output** to save and close the Add New Output window. - -Enterprise Auditor now has access to the agent log files for this domain. - -## Configure Enterprise Auditor Connection Profile - -Follow the steps to configure the Connection Profile in Enterprise Auditor. - -_Remember,_ the Client ID and Client Secret were generated by the API server and copied to a text -file. If the secret expired before the Connection Profile is configured, it will need to be -re-generated. - -**Step 1 –** On the **Settings** > **Connection** node of the Enterprise Auditor Console, select the -Connection Profile for the Active Directory solution. If you haven't yet created a Connection -Profile or desire a specific one for AD Activity, create a new one and provide a unique descriptive -name. - -**Step 2 –** Click **Add User credential**. The User Credentials window opens. - -**Step 3 –** Configure the following: - -- Select Account Type – Select **Web Services (JWT)** -- User name – Enter the Client ID generated by the Activity Monitor API Server -- Access Token – Enter the Client Secret generated by the Activity Monitor API Server - -**Step 4 –** Click **OK** to save and close the User Credentials window. - -**Step 5 –** Click **Save** and then **OK** to confirm the changes to the Connection Profile. - -**Step 6 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** Job -Group. Select the **Settings > Connection** node. - -**Step 7 –** Select the **Select one of the following user defined profiles** option. Expand the -drop-down menu and select the Connection Profile with this credential. - -**Step 8 –** Click **Save** and then **OK** to confirm the changes to the job group settings. - -The Connection Profile will now be used for AD Activity collection. - -## Configure the AD_ActivityCollection Job - -The Enterprise Auditor requires additional configurations in order to collect domain activity data. -Follow the steps to configure the **AD_ActivityCollection** Job. - -**NOTE:** Ensure that the **.Active Directory Inventory** Job Group has been successfully run -against the target domain. - -**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. - -**Step 2 –** Click **Query Properties**. The Query Properties window displays. - -**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard -opens. - -![Active Directory Activity DC wizard Category page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/categoryimportfromnam.webp) - -**Step 4 –** On the Category page, choose **Import from SAM** option and click **Next**. - -![Active Directory Activity DC wizard SAM connection settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/namconnection.webp) - -**Step 5 –** On the SAM connection page, the **Port** is set to the default 4494. This needs to -match the port configured for the Activity Monitor API Server agent. - -**Step 6 –** In the **Test SAM host** textbox, enter the Activity Monitor API Server name using -fully qualified domain format. For example, `NEWYORKSRV30.NWXTech.com`. Click **Connect**. - -**Step 7 –** If connection is successful, the archive location displays along with a Refresh token. -Copy the **Refresh token**. This will replace the Client Secret in the Connection Profile in the -last step. - -**Step 8 –** Click **Next**. - -![Active Directory Activity DC wizard Scoping and Retention page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -**Step 9 –** On the Scope page, set the Timespan as desired. There are two options: - -- Relative Timespan – Set the number of days of activity logs to collect when the scan is run -- Absolute Timespan – Set the date range for activity logs to collect when the scan is run - -**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity -Monitor domain output log retention expires. For example, if Enterprise Auditor runs the -**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be -configured to retain at least 10 days of log files. - -**Step 10 –** Set the Retention period as desired. This is the number of days Enterprise Auditor -keeps the collected data in the SQL Server database. - -**Step 11 –** Click **Next** and then **Finish** to save the changes and close the wizard. - -**Step 12 –** Click **OK** to save the changes and close the Query Properties page. - -**Step 13 –** Navigate to the global **Settings** > **Connection** node to update the User -Credential with the Refresh token: - -- Select the Connection Profile assigned to the **6.Activity** > **0.Collection** Job Group. -- Select the Web Services (JWT) User Credential and click **Edit**. -- Replace the Access Token with the Refresh token generated by the data collector in Step 7. -- Click **OK** to save and close the User Credentials window. -- Click **Save** and then **OK** to confirm the changes to the Connection Profile. - -The query is now configured to target the Activity Monitor API Server to collect domain activity -logs. - -### (Optional) Configure Import of AD Activity into Netwrix Access Information Center - -AD Activity data can be imported into Netwrix Access Information Center by the -**AD_ActivityCollection** Job. However, this is disabled by default. Follow the steps to enable the -importing of AD activity data into the Access Information Center. - -**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. - -**Step 2 –** On the job's Overview page, enable the import of AD Events. - -- Click on the **Enable to import AD events into the AIC** parameter. -- On the Parameter Configuration window, select the **Enabled** checkbox and click **Save**. - -**Step 3 –** On the job's Overview page, enable the import of authentication Events. - -- Click on the **Enable to import authentication events into the AIC** parameter. -- On the Parameter Configuration window, select the **Enabled** checkbox and click **Save**. - -**Step 4 –** Optionally, modify the **List of attributes to track for Object Modified changes** and -**Number of days to retain activity data in the AIC** parameters. - -The **AD_ActivityCollection** Job is now configured to import both AD events and authentication -events into the Netwrix Access Information Center. - -# File Archive Repository Option - -As an alternative to using an API Server, Netwrix Activity Monitor can be configured to store all -archived logs to a network share. This option requires all of the domain logs to be stored in the -same share location in order for Enterprise Auditor to collect the AD Activity data. - -Prerequisite - -Deploy the AD Agent to each domain controller in the target domain. - -## Configure Domain Controller Agent - -Follow the steps to configure the agent deployed to the domain controller. - -**NOTE:** These steps assume the network share where the activity log files will be archived already -exists. - -**Step 1 –** On the Agents tab of the Activity Monitor Console, select an agent deployed to domain -controller. - -**Step 2 –** Click Edit. The Agent properties window opens. - -**Step 3 –** Select the Archiving tab and configure the following: - -- Check the Enable Archiving for this agent box. -- Select the **Archive log files on a UNC path** option. Click the ... button and navigate to the - desired network share. -- The **User name** and **User password** fields only need to be filled in if the account used to - install the agent does not have access to this share. - - _Remember,_ The account used to install the agent on a domain controller is a Domain - Administrator account. This is typically the credential that will be used in the Netwrix - Enterprise Auditor Connection Profile. However, a least privilege option is a domain user - account with Read access to this share. - -- Click **Test** to ensure a successful connection to the network share. - -**Step 4 –** Click OK to save the configuration and close the Agent properties window. - -**Step 5 –** Repeat Steps 1-4 for each agent deployed to domain controller pointing to the same -network share in Step 3 for each agent. - -These agent are configured to save the Archive logs to the selected share. - -## Configure Monitored Domain Output - -Follow the steps configure the monitored domain output for Netwrix Enterprise Auditor. - -**Step 1 –** Select the **Monitored Domains** tab. - -**Step 2 –** Select the desired domain and click **Add Output**. The Add New Ouptut window opens. - -**Step 3 –** Configure the following: - -- Configure the desired number of days for the **Period to keep Log files**. This is the number of - days the log files are kept on the API server configured in the sections above. This needs to be - set to a greater value than the days between Enterprise Auditor scans. - - - For example, if Enterprise Auditor runs the **AD_ActivityCollection** Job once a week (every 7 - days), then the Activity Monitor output should be configured to retain at least 10 days of log - files. - -- Check the **This log file is for StealthAUDIT** box. -- Optionally select the **Enable periodic AD Status Check event reporting** checkbox. When enabled, - the agent will send out status messages every five minutes to verify whether the connection is - still active. - -**Step 4 –** Click **Add Output** to save and close the Add New Output window. - -Enterprise Auditor now has access to the agent log files for this domain. - -## Configure Enterprise Auditor Connection Profile - -Follow the steps to configure the Connection Profile in Enterprise Auditor. - -**Step 1 –** On the Settings > Connection node of the Enterprise Auditor Console, select the -Connection Profile for the Active Directory solution. If you haven't yet created a Connection -Profile or desire a specific one for AD Activity, create a new one and provide a unique descriptive -name. - -**Step 2 –** Click Add User credential. The User Credentials window opens. - -**Step 3 –** Configure the following: - -- Select Account Type – Select **Active Directory Account** -- Domain – Select the domain where the network share resides -- User name – Enter the account with Read access to the network share -- Provide the account password: - - - Password Storage – Select the password storage location, if it is being stored in a vault, - like CyberArk - - Password / Confirm – Enter the account password in both fields - -**Step 4 –** Click OK to save and close the User Credentials window. - -**Step 5 –** Click **Save** and then **OK** to confirm the changes to the Connection Profile. - -**Step 6 –** Navigate to the Jobs > Active Directory > 6.Activity > 0.Collection Job Group. Select -the **Settings > Connection** node. - -**Step 7 –** Select the **Select one of the following user defined profiles** option. Expand the -drop-down menu and select the Connection Profile with this credential. - -**Step 8 –** Click **Save** and then **OK** to confirm the changes to the job group settings. - -The Connection Profile will now be used for AD Activity collection. - -## Configure the AD_ActivityCollection Job - -The Enterprise Auditor requires additional configurations in order to collect domain activity data. -Follow the steps to configure the **AD_ActivityCollection** Job. - -**NOTE:** Ensure that the .Active Directory Inventory Job Group has been successfully run against -the target domain. - -**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. - -**Step 2 –** Click **Query Properties**. The Query Properties window displays. - -**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard -opens. - -![Active Directory Activity DC wizard Category page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/categoryimportfromshare.webp) - -**Step 4 –** On the Category page, choose **Import from Share** option and click **Next**. - -![Active Directory Activity DC wizard Share settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/share.webp) - -**Step 5 –** On the Share page, provide the UNC path to the AD Activity share archive location. If -there are multiple archives in the same network share, check the **Include Sub-Directories** box. -Click **Next**. - -![Active Directory Activity DC wizard Scoping and Retention page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -**Step 6 –** On the Scope page, set the Timespan as desired. There are two options: - -- Relative Timespan – Set the number of days of activity logs to collect when the scan is run -- Absolute Timespan – Set the date range for activity logs to collect when the scan is run - -**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity -Monitor domain output log retention expires. For example, if Enterprise Auditor runs the -**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be -configured to retain at least 10 days of log files. - -**Step 7 –** Set the Retention period as desired. This is the number of days Enterprise Auditor -keeps the collected data in the SQL Server database. - -**Step 8 –** Click **Next** and then **Finish** to save the changes and close the wizard. - -**Step 9 –** Click **OK** to save the changes and close the Query Properties page. - -The query is now configured to target the network share where the Activity Monitor domain activity -logs are archived. - -# Active Directory Domain Target Requirements - -Netwrix Enterprise Auditor can execute scans on Active Directory domains. The Netwrix Activity -Monitor can be configured to monitor activity on Active Directory domains and make the event data -available for Enterprise Auditor Active Directory Activity scans. - -## Auditing Permissions - -The following permission is needed: - -- Member of the Domain Administrators group - -Some collection jobs do allow for a least privilege model. See the -[Active Directory Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md) -topic for additional information. - -## Auditing Port Requirements - -Ports vary based on the data collector being used. See the -[Active Directory Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md) -topic for additional information. - -## Activity Auditing Permissions - -**NOTE:** Active Directory domain activity events can also be monitored through Netwrix Threat -Prevention. This requires integration between it and Netwrix Activity Monitor to enable access to -the data for Enterprise Auditor Active Directory Activity scans. See the -[Getting Data from NTP for AD Activity Reporting](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md) -topic for additional information. - -Requirements to Deploy the AD Agent on the Domain Controller - -The Netwrix Activity Monitor must have an AD Agent deployed on the domain controller to be -monitored. While actively monitoring, the AD Agent generates activity log files stored on the -server. The credential used to deploy the AD Agent must have the following permissions on the -server: - -- Membership in the Domain Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -**NOTE:** For monitoring an Active Directory domain, the AD Agent must be installed on all domain -controllers within the domain to be monitored. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -Integration with Enterprise Auditor - -See the -[Active Directory Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md) -topic for target environment requirements. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | - -# Getting Data from NTP for AD Activity Reporting - -When Netwrix Threat Prevention is configured to monitor a domain, the event data collected by the -policies can be provided to Netwrix Enterprise Auditor for Active Directory Activity reporting. This -is accomplished by configuring Threat Prevention to send data to Netwrix Activity Monitor, which in -turn creates the activity log files that Enterprise Auditor collects. - -**NOTE:** Threat Prevention can only be configured to send event data to one Netwrix application, -either Netwrix Activity Monitor or Netwrix Threat Manager but not both. However, the Activity -Monitor can be configured with outputs for Enterprise Auditor and Threat Manager - -Follow these steps to configure this integration. - -**_RECOMMENDED:_** It is a best practice to use the API Server option of the Activity Monitor for -this integration between Threat Prevention and Enterprise Auditor. - -**Step 1 –** In the Threat Prevention Administration Console, click **Configuration** > **Netwrix -Threat Manager Configuration** on the menu. The Netwrix Threat Manager Configuration window opens. - -**Step 2 –** On the Event Sink tab, configure the following: - -- Netwrix Threat Manager URI – Enter the name of the Activity Monitor agent host and port, which is - 4499 by default, in the following format: - - `amqp://localhost:4499` - - You must use localhost, even if Activity Monitor and Threat Prevention are installed on - different servers. - -- App Token – Leave this field blank for integration with Activity Monitor -- Policies – The table displays all policies created in Threat Prevention along with a State icon - indicating if the policy is active. Check the **Send** box for the desired policies monitoring the - target domain activity. - -**Step 3 –** Click **Save**. - -All real-time event data from the selected policies are now being sent to Activity Monitor. -Additional policies can be added to this data stream through the Netwrix Threat Manager -Configuration window or by selecting the **Send to Netwrix Threat Manager** option on the Actions -tab of the policy. diff --git a/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md b/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md deleted file mode 100644 index 7041e274c3..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md +++ /dev/null @@ -1,226 +0,0 @@ -# Microsoft Entra ID Auditing Configuration - -The Enterprise Auditor for Entra ID Solution provides the ability to audit Microsoft Entra ID, -formerly Azure Active Directory. It scans: - -- Microsoft Entra ID (formerly Azure AD) - -**NOTE:** A user account with the Global Administrator role is required to register an app with -Microsoft Entra ID. - -Data Collector - -- [AzureADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) - -Configuration Settings from the Registered Application - -The following settings are needed from your tenant once you have registered the application: - -- Client ID – This is the Application (client) ID for the registered application -- Key – This is the Client Secret Value generated when a new secret is created - - **CAUTION:** It is not possible to retrieve the value after saving the new key. It must be - copied first. - -**NOTE:** In order to add custom attributes, you will also need to know the Tenant name of the Entra -ID environment. - -## Permissions - -The following permissions are required: - -- Microsoft Graph API - - - Application Permissions: - - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - - Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -- Access URLs - - - https://login.windows.net - - https://graph.windows.net - - https://login.microsoftonline.com - - https://graph.microsoft.com - - - All sub-directories of the access URLs listed - -## Register a Microsoft Entra ID Application - -Follow the steps to register Enterprise Auditor with Microsoft Entra ID. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App -registrations. - -**Step 3 –** In the top toolbar, click **New registration**. - -**Step 4 –** Enter the following information in the Register an application page: - -- Name – Enter a user-facing display name for the application, for example Netwrix Enterprise - Auditor Entra ID -- Supported account types – Select **Accounts in this organizational directory only** - -**Step 5 –** Click **Register**. - -The Overview page for the newly registered app opens. Review the newly created registered -application. Now that the application has been registered, permissions need to be granted to it. - -## Grant Permissions to the Registered Application - -Follow the steps to grant permissions to the registered application. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. - -**Step 3 –** In the top toolbar, click **Add a permission**. - -**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs -tab. Select the following permissions: - -- Under Application Permissions, select: - - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - -- Under Delegated Permissions, select: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -**Step 5 –** At the bottom of the page, click **Add Permissions**. - -**Step 6 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation -window. - -Now that the permissions have been granted to it, the Connection Profile and host settings for -Enterprise Auditor need to be collected. - -## Identify the Client ID - -Follow the steps to find the registered application's Client ID. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** Copy the **Application (client) ID** value. - -**Step 3 –** Save this value in a text file. - -This Application (client) ID value is needed for the Enterprise Auditor Connection Profile and the -Custom Attributes page of the AzureADInventory Data Collector. See the -[Azure Active Directory for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic and the -[AzureADInventory: Custom Attributes](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -topic for additional information. Next generate the application’s Client Secret Key. - -## Generate the Client Secret Key - -Follow the steps to find the registered application's Client Secret, create a new key, and save its -value when saving the new key. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**CAUTION:** It is not possible to retrieve the value after saving the new key. It must be copied -first. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. - -**Step 3 –** In the top toolbar, click **New client secret**. - -**Step 4 –** On the Add a client secret blade, complete the following: - -- Description – Enter a unique description for this secret -- Expires – Select the duration. - - **NOTE:** Setting the duration on the key to expire requires reconfiguration at the time of - expiration. It is best to configure it to expire in 1 or 2 years. - -**Step 5 –** Click **Add** to generate the key. - -**CAUTION:** If this page is left before the key is copied, then the key is not retrievable, and -this process will have to be repeated. - -**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the -Copy to clipboard button to copy the Client Secret. - -**Step 7 –** Save this value in a text file. - -This Client Secret value is needed for the Enterprise Auditor Connection Profile and the Custom -Attributes page of the AzureADInventory Data Collector. See the -[Azure Active Directory for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic and the -[AzureADInventory: Custom Attributes](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -topic for additional information. - -## Identify the Tenant Name - -Follow the steps to find the Tenant Name where the registered application resides. - -**NOTE:** The steps below are for the Microsoft Entra Admin Center. These steps might vary slightly -if you start from a different Microsoft portal. See the relevant Microsoft documentation for -additional information. - -**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Settings** and click **Domain -names** to open the Custom domain names list. - -**Step 3 –** Copy the domain name from the list of domains. - -**Step 4 –** Save this value in a text file. - -This is needed for the Host List and the Custom Attributes page of the AzureADInventory Data -Collector. See the -[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -and [AzureADInventory: Custom Attributes](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -topics for additional information. - -# Microsoft Entra ID Tenant Target Requirements - -Netwrix Enterprise Auditor can execute scans on Microsoft Entra ID, formerly Azure Active Directory. - -## Auditing Permissions - -It is necessary to register Enterprise Auditor as a web application to the targeted Microsoft Entra -ID in order for Enterprise Auditor to scan the environment. This generates the Client ID (App ID) -and Key (App Key) needed for the Connection Profile credentials and the Custom Attributes Import -Wizard page. - -See the -[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md) -topic for additional information. - -## Auditing Port Requirements - -The following firewall ports are needed by the AzureADInventory Data Collector: - -- TCP 80 and 443 diff --git a/docs/accessanalyzer/11.6/configuration-guides/stealthaudit/configuration.md b/docs/accessanalyzer/11.6/configuration-guides/stealthaudit/configuration.md deleted file mode 100644 index 64300196fc..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/stealthaudit/configuration.md +++ /dev/null @@ -1,89 +0,0 @@ -# Appendix for the StealthAUDIT MAPI CDO Installation Guide - -**CAUTION:** The Enterprise Auditor MAPI CDO must be installed first before installing the Microsoft -Exchange MAPI CDO. - -Before installing either binary, close the Enterprise Auditor application and ensure the following -requirements have been met: - -- Exchange System Manager for Exchange 2003 is not installed on the Enterprise Auditor Console - server. -- Microsoft Outlook is not installed on the Enterprise Auditor Console server. - -These programs will interfere with the Microsoft Exchange MAPI CDO installation and with MAPI -connections if they are installed on the Enterprise Auditor Console server. - -Follow these steps to install the Microsoft Exchange MAPI CDO. - -**Step 1 –** Download and run the ExchangeMapiCDO application from Microsoft. - -**NOTE:** The steps may be slightly different than the following. See Microsoft’s website for -additional detail. - -![appendix_for_the_stealthaudit](/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp) - -**Step 2 –** Choose the “Directory For Extracted Files” or accept the default location. Click OK. - -![appendix_for_the_stealthaudit_1](/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp) - -**Step 3 –** When the extraction is complete, click OK. - -![appendix_for_the_stealthaudit_2](/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp) - -**Step 4 –** Open the ExchangeMapiCdo folder and run the ExchangeMapiCdo application installer. - -| | | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| ![appendix_for_the_stealthaudit_3](/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_3.webp) | ![appendix_for_the_stealthaudit_4](/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp) | - -**Step 5 –** On the Welcome page of the Installation Wizard, click Next. Accept the license -agreement and click Next. - -![appendix_for_the_stealthaudit_5](/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp) - -**Step 6 –** When the installation is complete, click Finish. - -Reopen the Enterprise Auditor application, and the Settings > Exchange node is enabled for -configuration. - -# StealthAUDIT MAPI CDO Installation - -Both the Enterprise Auditor MAPI CDO and the Microsoft® Exchange MAPI CDO must to be installed in -order to enable the Settings > Exchange node. - -![exchangenode](/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp) - -The Microsoft Exchange MAPI CDO is only required to run the MAPI-based data collectors. See the -[Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -topic for additional information. - -The Enterprise Auditor MAPI CDO can be downloaded from the -[Product Downloads](https://www.stealthbits.com/product-downloads) page of the Netwrix website. The -Microsoft Exchange MAPI CDO can be downloaded directly from Microsoft. See the -[Appendix for the StealthAUDIT MAPI CDO Installation Guide](/docs/accessanalyzer/11.6/configuration-guides/stealthaudit/configuration.md) -for requirements and installation steps to install the Microsoft Exchange MAPI CDO. - -**CAUTION:** The Enterprise Auditor MAPI CDO must be installed first before installing the Microsoft -Exchange MAPI CDO. - -Before installing either binary, close the Enterprise Auditor application and ensure the following -requirements have been met: - -- Exchange System Manager for Exchange 2003 is not installed on the Enterprise Auditor Console - server. -- Microsoft Outlook is not installed on the Enterprise Auditor Console server. - -These programs interfere with MAPI connections if they are installed on the Enterprise Auditor -Console server. - -Follow the steps to install the Enterprise Auditor MAPI CDO. - -**Step 1 –** Run the StealthAuditMapiCDO executable. - -![stealthaudit_mapi_cdo_installation_1](/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp) - -**Step 2 –** Click OK to confirm the path. - -The application will install and the wizard will close automatically when it is finished. See the -[Appendix for the StealthAUDIT MAPI CDO Installation Guide](/docs/accessanalyzer/11.6/configuration-guides/stealthaudit/configuration.md) -for information on installing the Microsoft Exchange MAPI CDO. diff --git a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-celerra-vnx.md b/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-celerra-vnx.md deleted file mode 100644 index 024a1eb68f..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-celerra-vnx.md +++ /dev/null @@ -1,519 +0,0 @@ -# Dell Celerra & Dell VNX Access & Sensitive Data Auditing Configuration - -This topic provides instructions for assigning group membership for Dell Celerra & Dell VNX devices. - -## Assign Group Membership for Dell Devices - -Follow the steps assign group membership through Computer Management. - -**Step 1 –** Open Computer Management (`compmgmt.msc`). - -**Step 2 –** Right-click on the Computer Management (local) node and select Connect to another -computer. - -**Step 3 –** Enter the name of the Dell device in the textbox and click OK. - -**Step 4 –** Navigate to the Local Users and Groups > Groups node for the device. - -**Step 5 –** Select the Backup Operators group and add the account being provisioned. - -**Step 6 –** Select the Power Users group and add the account being provisioned. - -The account has been provisioned for Access Auditing and Sensitive Data Discovery Auditing. - -# Dell Celerra & Dell VNX Activity Auditing Configuration - -An Dell Celerra or VNX device can be configured to audit Server Message Block (SMB) protocol access -events. All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Activity Monitor -listens for all events coming through the Dell CEE and translates all relevant information into -entries in the Log files or syslog messages. - -Complete the following checklist prior to configuring the Activity Monitor to monitor the host. -Instructions for each item of the checklist are detailed within the following sections. - -Checklist Item 1: Plan Deployment - -- Prior to beginning the deployment, gather the following: - - - DNS name of Celerra or VNX CIFS share(s) to be monitored - - Data Mover or Virtual Data Mover hosting the share(s) to be monitored - - Account with access to the CLI - - Download the Dell CEE from: - - - [https://www.dell.com/support](https://www.dell.com/support) - -Checklist Item 2: Install Dell CEE - -- Dell CEE can be installed on the same Windows server as the Activity Agent, or on a different - server. If it is installed on the same host, the activity agent can configure it automatically. - - **_RECOMMENDED:_** The latest version of Dell CEE is the recommended version to use with the - asynchronous bulk delivery (VCAPS) feature. - -- Important: - - - Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE - is installed - - Dell CEE 8.4.2 through Dell CEE 8.6.1 are not supported for use with the VCAPS feature - - Dell CEE requires .NET Framework 3.5 to be installed on the Windows proxy server - -- See the - [Install & Configure Dell CEE](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-celerra-vnx.md) - topic for instructions. - -Checklist Item 3: Dell Device Configuration - -- Configure the `cepp.conf` file on the Celerra VNX Cluster -- See the - [Connect Data Movers to the Dell CEE Server](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-celerra-vnx.md#connect-data-movers-to-the-dell-cee-server) - topic for instructions. - -Checklist Item 4: Activity Monitor Configuration - -- Deploy the Activity Monitor Activity Agent, preferably on the same server where Dell CEE is - installed - - - After activity agent deployment, configure the Dell CEE Options tab of the agent’s Properties - window within the Activity Monitor Console - -Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent - -# Install & Configure Dell CEE - -Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix -product. Dell customers have a support account with Dell to access the download. - -_Remember,_ the latest version is the recommended version of Dell CEE. - -**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity -Monitor agent will be deployed (recommended) or on any other Windows or Linux server. - -Follow the steps to install the Dell CEE. - -**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for -this component. It is recommended to use the most current version. - -**Step 2 –** Follow the instructions in the Dell -[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) -guide to install and configure the CEE. The installation will add two services to the machine: - -- EMC Checker Service (Display Name: EMC CAVA) -- EMC CEE Monitor (Display Name: EMC CEE Monitor) - -**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the -asynchronous bulk delivery (VCAPS) feature. - -See the -[CEE Debug Logs](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md#cee-debug-logs) -section for information on troubleshooting issues related to Dell CEE. - -After Dell CEE installation is complete, it is necessary to -[Connect Data Movers to the Dell CEE Server](#connect-data-movers-to-the-dell-cee-server). - -## Configure Dell Registry Key Settings - -There may be situations when Dell CEE needs to be installed on a different Windows server than the -one where the Activity Monitor activity agent is deployed. In those cases it is necessary to -manually set the Dell CEE registry key to forward events. - -**Step 1 –** Open the Registry Editor (run regedit). - -![registryeditor](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/registryeditor.webp) - -**Step 2 –** Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration - -**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. - -**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value -window closes. - -**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. - -**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the -Windows proxy server hosting the Activity Monitor activity agent. Use the following format: - -StealthAUDIT@[IP ADDRESS] - -Examples: - -StealthAUDIT@192.168.30.15 - -**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. - -![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) - -**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. - -The Dell CEE registry key is now properly configured to forward event to the Activity Monitor -activity agent. - -## Connect Data Movers to the Dell CEE Server - -The `cepp.conf` file contains information that is necessary to connect the Data Movers to the Dell -CEE server. An administrator must create a configuration file which contains at least one event, one -pool, and one server. All other parameters are optional. The `cepp.conf` file resides on the Data -Mover. - -**Step 1 –** Log into the Dell Celerra or VNX server with an administrator account. The -administrative account should have a $ character in the terminal. - -**NOTE:** Do not use a # charter. - -**Step 2 –** Create or retrieve the `cepp.conf` file. - -If there is not a `cepp.conf` file on the Data Mover(s), use a text editor to create a new blank -file in the home directory named `cepp.conf`. The following is an example command if using the text -editor ‘vi’ to create a new blank file: - -$ vi cepp.conf - -> If a `cepp.conf` file already exists, it can be retrieved from the Data Movers for modification -> with the following command: - -$ server_file [DATA_MOVER_NAME] -get cepp.conf cepp.conf - -**Step 3 –** Configure the `cepp.conf` file. For information on the `cepp.conf` file, see the Dell -[Using the Common Event Enabler for Windows Platforms](https://www.dellemc.com/en-us/collaterals/unauth/technical-guides-support-information/products/storage-3/docu48055.pdf) -guide instructions on how to add parameters or edit the values or existing parameters. - -**NOTE:** The information can be added to the file on one line or separate lines by using a space -and a ”\” at the end of each line, except for the last line and the lines that contain global -options: `cifsserver`, `surveytime`, `ft`, and `msrpcuser`. - -The Activity Monitor requires the following parameters to be set in the `cepp.conf` file: - -- `pool name= ` - - This should equal the name assigned to the configuration container. This container is composed - of the server(s) IP Address or FQDN where the Dell CEE is installed and where the list of - events to be monitored is located. It can be named as desired but must be a pool name. -- `servers= ` - - This should equal the IP Address or FQDN of the Windows server where the Dell CEE is - installed. If several servers are specified, separate them with the vertical bar (|) or a - colon (:). -- `postevents= ` - - The following events are required (separated with the vertical bar): - `CloseModified|CloseUnmodified|CreateDir|CreateFile|DeleteDir|DeleteFile|RenameDir|RenameFile|SetAclDir|SetAclFile ` - - If "Directory Read/List" operations are needed, append `OpenDir` to the list. -- `msrpcuser= ` - - - This should equal the domain account used to run the Dell CEE Monitor and Dell CAVA services - on the Windows server. This parameter is a security measure used to ensure events are only - sent to the appropriate servers. - - All unspecified parameters use the default setting. For most configurations, the default - setting is sufficient. - - Example cepp.conf file format: - - msrpcuser=[DOMAIN\DOMAINUSER] - - pool name=[POOL_NAME] \ - - servers=[IP_ADDRESS1]|[IP_ADDRESS2]|... \ - - postevents=[EVENT1]|[EVENT2]|... - - Example cepp.conf file format for the Activity Monitor: - - msrpcuser=[DOMAIN\DOMAINUSER running CEE services] - - pool name=[POOL_NAME for configuration container] \ - - servers=[IP_ADDRESS where CEE is installed]|... \ - - postevents=[EVENT1]|[EVENT2]|... - - Example of a completed cepp.conf file for the Activity Monitor: - - msrpcuser=example\user1 - - pool name=pool \ - - servers=192.168.30.15 \ - - postevents=CloseModified|CloseUnmodified|CreateDir|CreateFile|DeleteDir|DeleteFile|RenameDir|RenameFile|SetAclDir|SetAclFile - -**Step 4 –** Move the `cepp.conf` file to the Data Mover(s) root file system. Run the following -command: - -$ server_file [DATA_MOVER_NAME]‑put cepp.conf cepp.conf - -**NOTE:** Each Data Mover which runs Celerra Event Publishing Agent (CEPA) must have a `cepp.conf` -file, but each configuration file can specify different events. - -**Step 5 –** (This step is required only if using the `msrpcuser` parameter) Register the MSRPC user -(see Step 3 for additional information on this parameter). Before starting CEPA for the first time, -the administrator must issue the following command from the Control Station and follow the prompts -for entering information: - -/nas/sbin/server_user server_2 -add -md5 -passwd [DOMAIN\DOMAINUSER for msrpcuser] - -**Step 6 –** Start the CEPA facility on the Data Mover. Use the following command: - -server_cepp [DATA_MOVER_NAME] -service –start - -Then verify the CEPA status using the following command: - -server_cepp [DATA_MOVER_NAME] -service –status - -Once the `cepp.config` file has been configured, it is time to configure and enable monitoring with -the Activity Monitor. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for additional information. - -# Dell Celerra & Dell VNX Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery -Auditing scans on Dell Celerra or Dell VNX devices. The Netwrix Activity Monitor can be configured -to monitor activity on Dell Celerra or Dell VNX devices and make the event data available for -Enterprise Auditor Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Enterprise Auditor scans must have the following permissions on the -target host: - -- Group membership in both of the following groups: - - - Power Users - - Backup Operators - -These permissions grant the credential the ability to enumerate shares, access the remote registry, -and bypass NTFS security on folders. The credential used within the assigned Connection Profile for -these target hosts requires these permissions. See the -[Dell Celerra & Dell VNX Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-celerra-vnx.md) -topic for instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -Troubleshooting Dell Celerra & Dell VNX Denied Access Errors - -If there are folders to which the credential is denied access, it is likely that the Backup -Operators group does not have the “Back up files and directories” right. In that case, it is -necessary to assign additional the “Back up files and directories” right to those groups or to -create a new local group, using Computer Management from a Windows server. Then assign rights to it -using the CelerraManagementTool.msc plugin, which is available to Dell customers. For further -information, see the Celerra guide Using Windows Administrative Tools on VNX found on the Celerra -website. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of Dell Celerra or Dell VNX - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -Dell Celerra & Dell VNX Requirements - -Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, -where the activity agent is deployed. - -**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. - -EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC -CEE service to start. - -See the -[Dell Celerra & Dell VNX Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-celerra-vnx.md) -topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Dell Celerra & Dell VNX Devices - -The following firewall settings are required for communication between the CEE server/ Activity -Monitor Activity Agent server and the target Dell device: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | -| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | -| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | - -# Validate Setup - -Once the Activity Monitor agent is configured to monitor the Dell device, the automated -configuration must be validated to ensure events are being monitored. - -## Validate Dell CEE Registry Key Settings - -**NOTE:** See the -[Configure Dell Registry Key Settings](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md#configure-dell-registry-key-settings) -topic for information on manually setting the registry key. - -After the Activity Monitor activity agent has been configured to monitor the Dell device, it will -configure the Dell CEE automatically if it is installed on the same server as the agent. This needs -to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on -a different server than the Windows proxy server(s) where the Activity Monitor activity agent is -deployed. - -If the monitoring agent is not registering events, validate that the EndPoint is accurately set. -Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the -following steps. - -**Step 1 –** Navigate to the following windows registry key: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration - -![registryeditorendpoint](/img/versioned_docs/activitymonitor_7.1/config/dellunity/registryeditorendpoint.webp) - -**Step 2 –** Ensure that the Enabled parameter is set to 1. - -**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor -agent in the following formats: - -- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` - -- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` - -**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values -for other applications, separated with semicolons. - -**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. - -For Asynchronous Bulk Delivery Mode - -For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events -(VCAPS), use the following steps. - -**Step 1 –** Navigate to the following windows registry key: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration - -**Step 2 –** Ensure that the Enabled parameter is set to 1. - -**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor -agent in the following formats: - -- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` -- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` - -**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values -for other applications, separated with semicolons. - -**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the -MaxEventsPerFeed - between 10 and 10000. - -**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. - -Set the following values under the Data column: - -- Enabled – 1 -- EndPoint – StealthAUDIT - -If this is configured correctly, validate that the Dell CEE services are running. See the -[Validate Dell CEE Services are Running](#validate-dell-cee-services-are-running) topic for -additional information. - -## Validate Dell CEE Services are Running - -After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell -CEE services should be running. If the Activity Agent is not registering events and the EndPoint is -set accurately, validate that the Dell CEE services are running. Open the Services (run -`services.msc`). - -![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) - -The following services laid down by the Dell CEE installer should have Running as their status: - -- Dell CAVA -- Dell CEE Monitor - -## Dell CEE Debug Logs - -If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs -need to be enabled for troubleshooting purposes. Follow the steps. - -**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right -corner to Trace. - -**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list -and Disable monitoring. - -**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: - -> [http://docs.microsoft.com/en-us/sysinternals/downloads/debugview](http://docs.microsoft.com/en-us/sysinternals/downloads/debugview) - -**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration - -**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the -Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. - -**NOTE:** If the Debug DWORD Value does not exist, it needs to be added. - -**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In -the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. - -**NOTE:** If the Verbose DWORD Value does not exist, it needs to be added. - -**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: - -- Capture Win32 -- Capture Global Win32 -- Capture Events - -**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list -and Enable monitoring. - -**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. - -**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): - -- Debug View Log (from Dell Debug View tool) -- Use the **Collect Logs** button to collect debug logs from the activity agent - -**_RECOMMENDED:_** After the logs have been gathered and sent to Netwrix Support, reset these -configurations. diff --git a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-powerscale.md b/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-powerscale.md deleted file mode 100644 index 55cd7f65ed..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-powerscale.md +++ /dev/null @@ -1,644 +0,0 @@ -# Dell Isilon/PowerScale Activity Auditing Configuration - -Dell Isilon/PowerScale can be configured to audit Server Message Block (SMB) and NFS protocol access -events on the Dell Isilon/PowerScale cluster. All audit data can be forwarded to the Dell Common -Event Enabler (CEE). The Activity Monitor listens for all events coming through the Dell CEE and -translates all relevant information into entries in the log files or syslog messages. - -Protocol auditing must be enabled and then configured on a per-access zone basis. For example, all -SMB protocol events on a particular access zone can be audited, while only attempts to delete files -on a different access zone can be audited. - -The audit events are logged and stored on the individual OneFS nodes where the SMB/NFS client -initiated the activity. The stored events are then forwarded by the node to the Dell CEE instance or -concurrently to several instances. At this point, Dell CEE forwards the audit event to a defined -endpoint, such as Activity Monitor agent. - -Complete the following checklist prior to configuring Activity Monitor to monitor the host. -Instructions for each item of the checklist are detailed within the following sections. - -Checklist Item 1: Plan Deployment - -- Prior to beginning the deployment, gather the following: - - - DNS name of Isilon/PowerScale CIFS share(s) to be monitored - - Access Zone(s) containing the CIFS shares to be monitored - - Account with access to the OneFS UI or CLI - - Download the Dell CEE from: - - - [https://www.dell.com/support/home/en-us/](https://www.dell.com/support/home/en-us/) - -**_RECOMMENDED:_** You can achieve higher throughput and fault tolerance by monitoring the -Isilon/PowerScale cluster with more than one pair of Dell CEE and Activity Monitor Agent. The -activity will be evenly distributed between the pairs. - -Checklist Item 2: -[Install Dell CEE](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-powerscale.md) - -- Dell CEE should be installed on a Windows or a Linux server. - - **_RECOMMENDED:_** Dell CEE can be installed on the same server as the Activity Agent, or on a - different Windows or Linux server. If CEE is installed on the same server, the Activity Agent - can configure it automatically. - -- Important: - - - Dell CEE 8.8 is the minimum supported version. It is recommended to use the latest available - version. - - Dell CEE requires .NET Framework 3.5 to be installed on the Windows server - -Checklist Item 3: Configure Auditing on the Dell Isilon/PowerScale Cluster - -- Select method: - - - **_RECOMMENDED:_** Allow the Activity Monitor to configure auditing automatically. - - - Automation completed while the Activity Monitor is configured to monitor the - Isilon/PowerScale device - - Automatically sets CEE Server with the IP Address of the server where CEE is installed - - Automatically sets Storage Cluster Name to exactly match the name known to the Activity - Monitor - - Choose between monitoring all Access Zones or scoping to specific Access Zones - - - [Manually Configure Auditing in OneFS](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-powerscale.md) - - - After configuration, add the Isilon/PowerScale device to be monitored by the Activity - Monitor - -- Important: - - - Value of the **Storage Cluster Name** field must exactly match the name entered for the - monitored host in the Activity Monitor Console. If the Storage Cluster Name cannot be modified - (for example, another 3rd party depends on it), you need to set the Host Aliases parameter in - the Activity Monitor Console. Otherwise, if for some reason the Storage Cluster Name must be - left empty, one can list OneFS cluster node names in the Host Aliases. - - - If the Storage Cluster Name is not empty, set the Host Aliases parameter to its value - - If the Storage Cluster Name is empty, set the Host Aliases to a semicolon-separated list - of OneFS node names - - - Include all Access Zones to be monitored in the auditing configuration - - As soon as the first CEE is installed, Isilon/PowerScale will start to send all activity, - including all previous audit events, to the agent. The start time can be modified to exclude - previously recorded audit events to prevent the agent from becoming overloaded with data. It - can be done using OneFS CLI only with isi audit modify command to edit the start time. - - - Start time command: - - ``` - isi audit settings global modify --cee-log-time [Protocol@2021-04-23 14:00:00] - ``` - - - View progress: - - ``` - isi_for_array isi audit progress view - ``` - - - See the Audit log time adjustment section of the Dell - [File System Auditing with Dell PowerScale and Dell Common Event Enabler](https://www.dellemc.com/resources/en-us/asset/white-papers/products/storage/h12428-wp-best-practice-guide-isilon-file-system-auditing.pdf) - documentation for additional information. - -Checklist Item 4: Configure Dell CEE to Forward Events to the Activity Agent. See the -[Validate Setup](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-powerscale.md) topic for -additional information. - -# Install Dell CEE - -Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix -product. Dell customers have a support account with Dell to access the download. - -_Remember,_ the latest version is the recommended version of Dell CEE. - -**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity -Monitor agent will be deployed (recommended) or on any other Windows or Linux server. - -Follow the steps to install the Dell CEE. - -**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for -this component. It is recommended to use the most current version. - -**Step 2 –** Follow the instructions in the Dell -[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) -guide to install and configure the CEE. The installation will add two services to the machine: - -- EMC Checker Service (Display Name: EMC CAVA) -- EMC CEE Monitor (Display Name: EMC CEE Monitor) - -**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the -asynchronous bulk delivery (VCAPS) feature. - -After installation, open MS-RPC ports between the Dell device and the Dell CEE server. See the -[Dell CEE Debug Logs](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-powerscale.md#dell-cee-debug-logs) -section for information on troubleshooting issues related to Dell CEE. - -## Configure Dell Registry Key Settings - -There may be situations when Dell CEE needs to be installed on a different Windows server than the -one where the Activity Monitor activity agent is deployed. In those cases it is necessary to -manually set the Dell CEE registry key to forward events. - -**Step 1 –** Open the Registry Editor (run regedit). - -![registryeditor](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/registryeditor.webp) - -**Step 2 –** Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration - -**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. - -**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value -window closes. - -**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. - -**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the -Windows proxy server hosting the Activity Monitor activity agent. Use the following format: - -StealthAUDIT@[IP ADDRESS] - -Examples: - -StealthAUDIT@192.168.30.15 - -**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. - -![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) - -**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. - -The Dell CEE registry key is now properly configured to forward event to the Activity Monitor -activity agent. - -# Manually Configure Auditing in OneFS - -Manual configuration for auditing is optional for newer versions as the Activity Agent can configure -the auditing automatically using the OneFS API. Follow the steps through the OneFS Storage -Administration Console. - -**Step 1 –** Navigate to the **Cluster Management** tab, and select **Auditing**. - -![settings](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) - -**Step 2 –** In the Settings section, check the Enable Protocol Access Auditing box. - -**Step 3 –** In the Audited Zones section, add at least one zone to be audited. The **System** zone -is typically used. If the CIFS or NFS shares are accessible through different zones on the OneFS -cluster, include all relevant zones. - -Ensure that OneFS collects only events you are interested in. By default, OneFS may monitor things -like directory reads, which can take up a large amount of space. Configuring the OneFS events that -need monitoring is not done through the Activity Monitor console. Configure OneFS event monitoring -using OneFS CLI with the isi audit modify command for each access zone. Enabling monitoring for only -what is needed for the environment will reduce the data load to the agent. - -Activity Monitor monitors the following events: `close_file_modified`, `close_file_unmodified`, -`create_file`, `create_directory`, `delete_file`, `delete_directory`, `rename_file`, -`rename_directory`, `set_security_file`, `set_security_directory`, and `open_directory` (if you want -to monitor Directory List/Read events). - -For each monitored access zone: - -- Use isi audit settings view `isi --zone ZONENAME` to check current settings. -- Disable reporting of failure and syslog audit events with: - - isi audit settings modify --zone ZONENAME --clear-audit-failure --clear-syslog-audit-events - -- Set the success audit events with: - - isi audit settings modify --zone ZONENAME - --audit-success=close_file_modified,close_file_unmodified,create_file,create_directory,delete_file,delete_directory,rename_file,rename_directory,set_security_file,set_security_directory - -![eventforwarding](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/eventforwarding.webp) - -**Step 4 –** In the Event Forwarding section, add the CEE Server URI value for the Windows or Linux -server hosting CEE. Use either of the following format: - -http://[IP ADDRESS]:[PORT]/cee - -http://[SERVER Name]:[PORT]/cee - -**_RECOMMENDED:_** When deploying multiple Dell CEE instances at scale, it is recommended that an -accommodating agent must be configured with each CEE instance. If multiple CEE instances send events -to just one agent, it may create an overflow of data and overload the agent. Distributing the -activity stream into pairs will be the most efficient way of monitoring large data sets at scale. - -**Step 5 –** Also in the Event Forwarding section, set the **Storage Cluster Name** value. It must -be an exact match to the name which is entered in the Activity Monitor for the **Monitored Host** -list. - -This name is used as a ‘tag’ on all events coming through the CEE. This name must exactly match what -is in the Activity Monitor or it does not recognize the events. - -**_RECOMMENDED:_** Use the CIFS DNS name for Dell OneFS. - -**NOTE:** To use the Activity Monitor with Enterprise Auditor for Activity Auditing (FSAC) scans, -the name entered here must exactly match what is used for Enterprise Auditor as a target host. - -If the Storage Cluster Name cannot be modified (for example, another third-party depends on it), you -need to set the Host Aliases parameter in the Activity Monitor Console: - -- If the Storage Cluster Name is not empty, set the Host Aliases parameter to its value -- If the Storage Cluster Name is empty, set the Host Aliases to a semicolon-separated list of OneFS - node names - -Next, it is time to configure the monitoring agent on the Windows server to monitor the -Isilon/PowerScale device. - -# Dell Isilon/PowerScale Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery -Auditing scans on Dell Isilon/PowerScale devices. The Netwrix Activity Monitor can be configured to -monitor activity on Dell Isilon/PowerScale devices and make the event data available for Enterprise -Auditor Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Enterprise Auditor scans must have the following permissions on the -target host: - -- Group membership in the local Administrators group – LOCAL:System Provider -- Rights on the actual file tree or to the IFS root share - - - Share Permissions: - - - Read access - -These permissions grant the credential the ability to enumerate shares, access the remote registry, -and bypass NTFS security on folders. The credential used within the assigned Connection Profile for -these target hosts requires these permissions. See the topic for instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -Additional Sensitive Data Discovery Auditing Permission - -In order to execute scoped Sensitive Data Discovery Auditing scans, the credential must also have -the LOCAL:System provider selected in each access zone in which the shares to be scanned reside. - -The credential must have an Authentication Provider configured for the Isilon/PowerScale device. For -example, if the credential is an Active Directory account, then the domain where the account resides -must be an Active Directory Authentication Provider. This is configured in the OneFS® Storage -Administration Console. Navigate to the Access tab, and select Authentication Providers. - -## Local Administrator Group Membership for Isilon - -Follow the steps assign membership in the local Administrators group through the OneFS Storage -Administration Console. - -**Step 1 –** Navigate to the **Access** tab, and select **Membership & Roles** for the System Access -Zone. - -![Groups tab](/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/groupstab.webp) - -**Step 2 –** On the **Groups** tab, set the Providers to **LOCAL: System**. Then select **View / -Edit** for the Administrators group. The View Group Details window opens. - -![Edit Group window](/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/editgroup.webp) - -**Step 3 –** Click **Edit Group** and the Edit Group window opens. Click **Add Members**, and enter -the User Name and Provider in the Select a User window. Click **Select**, and then click **Save -Changes**. The Edit Group window closes. - -**Step 4 –** Click **Close**. The View Group Details window closes. - -Share permissions can now be granted to this credential. - -## BackupAdmin Role Assignment for OneFS - -Follow the steps to assign the credential to the **BackupAdmin** role through OneFS Storage -Administration Console. - -**Step 1 –** Navigate to the **Access** tab > **Membership & Roles** for the System Access Zone. - -![One FS Dashboard](/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/rolestab.webp) - -**Step 2 –** On the Roles tab, select **View / Edit** for the BackupAdmin role. The View Role -Details window opens. - -![One FS Role Details Window](/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/viewroledetails.webp) - -**Step 3 –** Click **Edit** role and the Edit role details window opens. - -**Step 4 –** Click **Add a member to this role**. - -**Step 5 –** Enter the **User Name** and **Provider** in the Select a User window then click Search. -The user appears in the Search Results table. - -**Step 6 –** Click **Select** and the Edit role window closes. - -**Step 7 –** Click **Save Changes** and the successful save notification appears. - -**Step 8 –** Click **Close**. - -The View role details window closes. - -## NFS Export Scan Requirements for Isilon/PowerScale - -Enterprise Auditor supports scanning Isilon/PowerScale NFSv3 exports. The following settings need to -be configured in OneFS for the Enterprise Auditor server's IP address for each Isilon/PowerScale NFS -export to be scanned. - -The Enterprise Auditor server IP needs to be added to the following fields in each NFS export's -settings, in the OneFS UI under **Protocols** > **UNIX sharing (NFS)** > **View/Edit** > **Edit -export** (per NFS export): - -- Always read-only clients -- Root Clients - -The NFS export to be scanned also needs to be configured so root squash is disabled, which is -performed in the same Edit export menu as the above settings. - -**Step 1 –** Navigate to the export's **Root user mapping** settings. - -**Step 2 –** Select **Map root users to a specified user**. - -**Step 3 –** Set both User and Group to **0** (effectively mapping root client UID/GID to 0). - -Both of these steps need to be performed in each NFS export's settings that a user would like to -scan. - -### Troubleshooting NFSv3 Export Access - -If Enterprise Auditor is not discovering the expected NFS export, it is possible that the export -policy is not properly configured to allow the Enterprise Auditor server or proxy server IP Address -to mount the NFS export. One step in troubleshooting this issue is to confirm a Unix client (or WSL -for Windows) in the same IP range as the Enterprise Auditor server or proxy server can mount the NFS -export. - -Run the following command from a Unix host to verify the NFS mount is available: - -``` -showmount ‑e[NFS_HOSTNAME_OR_IP] -``` - -If the NFS export is returned as a result of the previous command, then Enterprise Auditor should -also be able to mount it. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of Dell Isilon/PowerScale - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -Dell Isilon/PowerScale Requirements - -Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, -where the activity agent is deployed. - -**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. - -EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC -CEE service to start. - -See the -[Dell Isilon/PowerScale Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-powerscale.md) -topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Dell Isilon/PowerScale Devices - -The following firewall settings are required for communication between the CEE server/ Activity -Monitor Activity Agent server and the target Dell Isilon/PowerScale device: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | -| Dell Isilon/PowerScale to CEE Server | TCP | TCP 12228 | CEE Communication | -| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | - -# Validate Setup - -Once the Activity Monitor agent is configured to monitor the Dell device, the automated -configuration must be validated to ensure events are being monitored. - -## Validate Dell CEE Registry Key Settings - -After the Activity Monitor activity agent has been configured to monitor the Dell device, it will -configure the Dell CEE automatically if it is installed on the same server as the agent. This needs -to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on -a different server than the Windows proxy server(s) where the Activity Monitor activity agent is -deployed. - -If the monitoring agent is not registering events, validate that the EndPoint is accurately set. -Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the -following steps. - -**Step 1 –** Navigate to the following windows registry key: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration - -![registryeditorendpoint](/img/versioned_docs/activitymonitor_7.1/config/dellunity/registryeditorendpoint.webp) - -**Step 2 –** Ensure that the Enabled parameter is set to 1. - -**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor -agent in the following formats: - -- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` - -- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` - -**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values -for other applications, separated with semicolons. - -**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. - -For Asynchronous Bulk Delivery Mode - -For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events -(VCAPS), use the following steps. - -**Step 1 –** Navigate to the following windows registry key: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration - -**Step 2 –** Ensure that the Enabled parameter is set to 1. - -**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor -agent in the following formats: - -- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` -- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` - -**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values -for other applications, separated with semicolons. - -**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the -MaxEventsPerFeed - between 10 and 10000. - -**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. - -Set the following values under the Data column: - -- Enabled – 1 -- EndPoint – StealthAUDIT - -If this is configured correctly, validate that the Dell CEE services are running. See the -[Validate Dell CEE Services are Running](#validate-dell-cee-services-are-running) topic for -additional information. - -## Validate Dell CEE Services are Running - -After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell -CEE services should be running. If the Activity Agent is not registering events and the EndPoint is -set accurately, validate that the Dell CEE services are running. Open the Services (run -`services.msc`). - -![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) - -The following services laid down by the Dell CEE installer should have Running as their status: - -- Dell CAVA -- Dell CEE Monitor - -## Dell CEE Debug Logs - -If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs -need to be enabled for troubleshooting purposes. Follow the steps. - -**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right -corner to Trace. - -**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list -and Disable monitoring. - -**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: - -> [http://docs.microsoft.com/en-us/sysinternals/downloads/debugview](http://docs.microsoft.com/en-us/sysinternals/downloads/debugview) - -**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration - -**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the -Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. - -**NOTE:** If the Debug DWORD Value does not exist, it needs to be added. - -**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In -the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. - -**NOTE:** If the Verbose DWORD Value does not exist, it needs to be added. - -**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: - -- Capture Win32 -- Capture Global Win32 -- Capture Events - -**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list -and Enable monitoring. - -**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. - -**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): - -- Debug View Log (from Dell Debug View tool) -- Use the **Collect Logs** button to collect debug logs from the activity agent - -**_RECOMMENDED:_** After the logs have been gathered and sent to Netwrix Support, reset these -configurations. - -## Linux CEE Debug Log - -The debug log is stored in `/opt/CEEPack/emc_cee_svc.log` file. To enable verbose logging set Debug -and Verbose parameters under **Configuration** to 255 and restart the CEE. - -**NOTE:** Debug logs should only be used for troubleshooting purposes. It's recommended to have -Debug Logs disabled by default. - -```xml -... - - - -100 - -255 - -10 - -10 - -20 - -255 - -12228 - - - -2 - -5 - -86400 - - - - - -/opt/CEEPack/ - -100 - - - - - - -``` - -**NOTE:** All protocol strings are case sensitive. diff --git a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md b/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md deleted file mode 100644 index f3adc06b4a..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md +++ /dev/null @@ -1,442 +0,0 @@ -# Dell Unity Access & Sensitive Data Auditing Configuration - -This topic provides instructions for assigning group membership for Dell Unity devices. - -## Assign Group Membership for Dell Devices - -Follow the steps assign group membership through Computer Management. - -**Step 1 –** Open Computer Management (`compmgmt.msc`). - -**Step 2 –** Right-click on the Computer Management (local) node and select Connect to another -computer. - -**Step 3 –** Enter the name of the Dell device in the textbox and click OK. - -**Step 4 –** Navigate to the Local Users and Groups > Groups node for the device. - -**Step 5 –** Select the Backup Operators group and add the account being provisioned. - -**Step 6 –** Select the Power Users group and add the account being provisioned. - -The account has been provisioned for Access Auditing and Sensitive Data Discovery Auditing. - -# Dell Unity Activity Auditing Configuration - -A Dell Unity device can be configured to audit Server Message Block (SMB) protocol access events. -All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Netwrix Activity Monitor -listens for all events coming through the Dell CEE and translates all relevant information into -entries in the TSV files or syslog messages. - -If the service is turned off, a notification will be sent to the Dell CEE framework to turn off the -associated Activity Monitor filter, but the policy will not be removed. - -The Dell CEE Framework uses a “push” mechanism so a notification is sent only to the activity agent -when a transaction occurs. Daily activity log files are created only if activity is performed. No -activity log file is created if there is no activity for the day. - -Configuration Checklist - -Complete the following checklist prior to configuring activity monitoring of Dell Unity devices. -Instructions for each item of the checklist are detailed within the following topics. - -Checklist Item 1: Plan Deployment - -- Prior to beginning the deployment, gather the following: - - - Data Mover or Virtual Data Mover hosting the share(s) to be monitored - - Account with access to the CLI - - Download the Dell CEE from: - - - [http://support.emc.com](http://support.emc.com/) - -Checklist Item 2: -[Install Dell CEE](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md) - -- Dell CEE should be installed on the Windows proxy server(s) where the Activity Monitor activity - agent will be deployed - - **_RECOMMENDED:_** The latest version of Dell CEE is the recommended version to use with the - asynchronous bulk delivery (VCAPS) feature. - -- Important: - - - Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE - is installed - - Dell CEE 8.4.2 through Dell CEE 8.6.1 are not supported for use with the VCAPS feature - - Dell CEE requires .NET Framework 3.5 to be installed on the Windows proxy server - -Checklist Item 3: Dell Unity Device Configuration - -- Configure initial setup for a Unity device - - - [Unity Initial Setup with Unisphere](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md) - -Checklist Item 4: Activity Monitor Configuration - -- Deploy the Activity Monitor activity agent to a Windows proxy server where Dell CEE was installed - - - After activity agent deployment, configure the Dell CEE Options tab of the agent’s Properties - window within the Activity Monitor Console - - - Automatically sets the Dell registry key settings - -Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent - -**NOTE:** When Dell CEE is installed on Windows proxy server(s) where the Activity Monitor activity -agent will be deployed, the following steps are not needed. - -- Ensure the Dell CEE registry key has enabled set to 1 and has an EndPoint set to StealthAUDIT. -- Ensure the Dell CAVA service and the Dell CEE Monitor service are running. -- See the [Validate Setup](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md) - topic for instructions. - -# Install Dell CEE - -Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix -product. Dell customers have a support account with Dell to access the download. - -_Remember,_ the latest version is the recommended version of Dell CEE. - -**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity -Monitor agent will be deployed (recommended) or on any other Windows or Linux server. - -Follow the steps to install the Dell CEE. - -**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for -this component. It is recommended to use the most current version. - -**Step 2 –** Follow the instructions in the Dell -[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) -guide to install and configure the CEE. The installation will add two services to the machine: - -- EMC Checker Service (Display Name: EMC CAVA) -- EMC CEE Monitor (Display Name: EMC CEE Monitor) - -**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the -asynchronous bulk delivery (VCAPS) feature. - -After Dell CEE installation is complete, it is necessary to complete the -[Unity Initial Setup with Unisphere](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md). - -## Configure Dell Registry Key Settings - -There may be situations when Dell CEE needs to be installed on a different Windows server than the -one where the Activity Monitor activity agent is deployed. In those cases it is necessary to -manually set the Dell CEE registry key to forward events. - -**Step 1 –** Open the Registry Editor (run regedit). - -![registryeditor](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/registryeditor.webp) - -**Step 2 –** Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration - -**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. - -**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value -window closes. - -**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. - -**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the -Windows proxy server hosting the Activity Monitor activity agent. Use the following format: - -StealthAUDIT@[IP ADDRESS] - -Examples: - -StealthAUDIT@192.168.30.15 - -**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. - -![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) - -**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. - -The Dell CEE registry key is now properly configured to forward event to the Activity Monitor -activity agent. - -# Dell Unity Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery -Auditing scans on Dell Unity devices. The Netwrix Activity Monitor can be configured to monitor -activity on Dell Unity devices and make the event data available for Enterprise Auditor Activity -Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Enterprise Auditor scans must have the following permissions on the -target host: - -- Group membership in both of the following groups: - - - Power Users - - Backup Operators - -These permissions grant the credential the ability to enumerate shares, access the remote registry, -and bypass NTFS security on folders. The credential used within the assigned Connection Profile for -these target hosts requires these permissions. See the -[Dell Unity Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md) -topic for instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -Troubleshooting Dell Unity Denied Access Errors - -If there are folders to which the credential is denied access, it is likely that the Backup -Operators group does not have the “Back up files and directories” right. In that case, it is -necessary to assign additional the “Back up files and directories” right to those groups or to -create a new local group, using Computer Management from a Windows server. Then assign rights to it -using the CelerraManagementTool.msc plugin, which is available to Dell customers. For further -information, see the Celerra guide Using Windows Administrative Tools on VNX found on the Celerra -website. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of Dell Unity - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -Dell Unity Requirements - -Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, -where the activity agent is deployed. - -**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. - -EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC -CEE service to start. - -See the -[Dell Unity Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md) -topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Dell Unity Devices - -The following firewall settings are required for communication between the CEE server/ Activity -Monitor Activity Agent server and the target Dell device: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | -| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | -| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | - -# Unity Initial Setup with Unisphere - -Follow the steps to configure the initial setup for a Unity device with Unisphere. - -**Step 1 –** Edit the NAS Server > Protection and Events > Events Publishing > Select Pool settings: - -- Add CEPA server – This is the server where CEE is installed. It is recommended that this is also - the server were the Activity Monitor activity agent is deployed. -- Enable the following events for Post Events. - -Required Unity events needed for CIFS Activity: - -![NAM Required Events For CIFS](/img/versioned_docs/activitymonitor_7.1/config/dellunity/eventscifs.webp) - -Required Unity events needed for NFS Activity: - -![NAM Required Events For NFS](/img/versioned_docs/activitymonitor_7.1/config/dellunity/eventsnfs.webp) - -**Step 2 –** Enable Events Publishing: - -- Edit the FileSystem > Advanced settings: - - - NFS Events Publishing – Enabled (required for NFS protocol monitoring) - - SMB Events publishing – Enabled (required for SMB / CIFS protocol monitoring) - -Once Unity setup is complete, it is time to configure and enable monitoring with the Activity -Monitor. - -# Validate Setup - -Once the Activity Monitor agent is configured to monitor the Dell device, the automated -configuration must be validated to ensure events are being monitored. - -## Validate CEE Registry Key Settings - -**NOTE:** See the -[Configure Dell Registry Key Settings](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-celerra-vnx.md#configure-dell-registry-key-settings) -topic for information on manually setting the registry key. - -After the Activity Monitor activity agent has been configured to monitor the Dell device, it will -configure the Dell CEE automatically if it is installed on the same server as the agent. This needs -to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on -a different server than the Windows proxy server(s) where the Activity Monitor activity agent is -deployed. - -If the monitoring agent is not registering events, validate that the EndPoint is accurately set. -Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the -following steps. - -**Step 1 –** Navigate to the following windows registry key: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration - -![registryeditorendpoint](/img/versioned_docs/activitymonitor_7.1/config/dellunity/registryeditorendpoint.webp) - -**Step 2 –** Ensure that the Enabled parameter is set to 1. - -**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor -agent in the following formats: - -- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` - -- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` - -**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values -for other applications, separated with semicolons. - -**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. - -For Asynchronous Bulk Delivery Mode - -For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events -(VCAPS), use the following steps. - -**Step 1 –** Navigate to the following windows registry key: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration - -**Step 2 –** Ensure that the Enabled parameter is set to 1. - -**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor -agent in the following formats: - -- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` -- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` - -**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values -for other applications, separated with semicolons. - -**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the -MaxEventsPerFeed - between 10 and 10000. - -**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. - -Set the following values under the Data column: - -- Enabled – 1 -- EndPoint – StealthAUDIT - -If this is configured correctly, validate that the Dell CEE services are running. See the -[Validate Dell CEE Services are Running](#validate-dell-cee-services-are-running) topic for -additional information. - -## Validate Dell CEE Services are Running - -After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell -CEE services should be running. If the Activity Agent is not registering events and the EndPoint is -set accurately, validate that the Dell CEE services are running. Open the Services (run -`services.msc`). - -![services](/img/versioned_docs/activitymonitor_7.1/config/dellpowerstore/services.webp) - -The following services laid down by the Dell CEE installer should have Running as their status: - -- Dell CAVA -- Dell CEE Monitor - -## CEE Debug Logs - -If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs -need to be enabled for troubleshooting purposes. Follow the steps. - -**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right -corner to Trace. - -**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list -and Disable monitoring. - -**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: - -> [http://docs.microsoft.com/en-us/sysinternals/downloads/debugview](http://docs.microsoft.com/en-us/sysinternals/downloads/debugview) - -**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration - -**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the -Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. - -**NOTE:** If the Debug DWORD Value does not exist, it needs to be added. - -**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In -the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. - -**NOTE:** If the Verbose DWORD Value does not exist, it needs to be added. - -**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: - -- Capture Win32 -- Capture Global Win32 -- Capture Events - -**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list -and Enable monitoring. - -**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. - -**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): - -- Debug View Log (from Dell Debug View tool) -- Use the **Collect Logs** button to collect debug logs from the activity agent - -**_RECOMMENDED:_** After the logs have been gathered and sent to Netwrix Support, reset these -configurations. diff --git a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/hitachi.md b/docs/accessanalyzer/11.6/configuration-guides/storage-systems/hitachi.md deleted file mode 100644 index cca2aef0d7..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/hitachi.md +++ /dev/null @@ -1,207 +0,0 @@ -# Hitachi Activity Auditing Configuration - -The Hitachi NAS (HNAS) server can host multiple Enterprise Virtual Servers (EVS). Each EVS has -multiple file systems. Auditing is enabled and configured per file system. This guide explains how -to enable auditing on an HNAS and to configure the Activity Monitor to monitor activity coming from -the Hitachi device auditing. - -The Activity Monitor does not use the EVS or file system name to connect to HNAS. Therefore, all -that is required of the user for HNAS activity collection is the following: - -- Logs path (UNC) - - - Active Log file name – Active Log File name needs with an `.evt` extension, and it should be - the same as in the HNAS configuration. This is usually `audit.evt`. - -- Credentials to access the HNAS log files - - - The only requirement for the credentials is the ability to read files from the `logs` - directory. - -- A polling interval between log collections (15 seconds by default) - - - The Activity Monitor minimizes IO by remembering a file offset where it stopped reading and - continuing from that offset next time. - -**CAUTION:** The following disclaimer is provided by Hitachi: - -“Because CIFS defines open and close operations, auditing file system object access performed by -clients using other protocols would be costly in terms of system performance, because each I/O -operation would have to be audited as an open operation. **Therefore, when file system auditing is -enabled, by default, only clients connecting through the CIFS protocol are allowed access to the -file system.** Access by clients using other protocols, like NFS, can, however, be allowed. When -such access is allowed, access to file system objects through these protocols is not audited.” - -**NOTE:** File system auditing can be configured to deny access to clients connecting with protocols -that cannot be audited (NFS). Please see the Hitachi -[Server and Cluster Administration Guide](https://support.hds.com/download/epcra/hnas0106.pdf) for -additional information. - -Configuration Checklist - -Complete the following checklist prior to configuring activity monitoring of Hitachi devices. -Instructions for each item of the checklist are detailed within the following topics. - -Checklist Item 1: -[Configure Audit Logs on HNAS](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/hitachi.md) - -Checklist Item 2: -[Configure Access to HNAS Audit Logs on Activity Agent Server](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/hitachi.md) - -Checklist Item 3: Activity Monitor Configuration - -- Deploy the Activity Monitor Activity Agent to a Windows proxy server - -# Configure Access to HNAS Audit Logs on Activity Agent Server - -Follow the steps to configure access to the HNAS audit logs on the Windows server hosting the -Activity Monitor activity agent. - -**Step 1 –** On the Windows computer, go to Run and type `compmgmt.msc`. - -**Step 2 –** In the right-hand panel, select More Actions > Connect to another computer. - -**Step 3 –** In the Select Computer dialog box, enter the IP Address for EVS for HNAS and then click -OK. - -**Step 4 –** In the Computer Management window, go to Computer Management > System tools > Shared -Folders > Shares. - -**Step 5 –** Select the Security tab and click Advanced. - -**Step 6 –** In the Advanced Security Settings dialog box, select the Audit tab. Click Add or Edit -to select the users and groups to be audited and add the desired user or group. - -**Step 7 –** Select All for Type, and Full Control for Basic permissions. - -Once access has been configured on both the Hitachi device and the Activity Agent server, it is time -to configure and enable monitoring with the Activity Monitor Console. - -# Configure Audit Logs on HNAS - -Follow the steps to configure access to the HNAS audit logs on the Hitachi device. - -**Step 1 –** Open a browser and enter the IP Address for HNAS in the address bar to launch the -Hitachi Storage Navigator (SN). Enter the username and password. - -**Step 2 –** At the Storage Navigator home page, click File Services. - -**Step 3 –** On the File Services screen, click Enable File Service. - -**Step 4 –** On the Enable File Services screen, verify that the CIFS/Windows service is selected. - -**Step 5 –** On the File Services screen, click File System Security. - -**Step 6 –** Click Switch Mode and set the default file system security mode to Mixed (Windows and -UNIX) for all virtual file systems. - -**Step 7 –** Configure the Hitachi NAS Platform audit policy by returning to the File Services page. - -**Step 8 –** Click File System Audit Policies. - -**Step 9 –** Select the correct EVS and click details for the file system to enable auditing. - -**Step 10 –** In the Access via Unsupported Protocols section, select Allow Access (without -auditing). In the Audit Log section, set the maximum log file size to a value of at least 8 MB. It -is recommended to set it to 16 MB. In the Log roll over policy section, select New. The product does -not support the Wrap policy. Click OK to close. - -Once access has been configured on the Hitachi device, it is necessary to configure access to the -HNAS audit logs on the Windows server. See the -[Configure Access to HNAS Audit Logs on Activity Agent Server](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/hitachi.md) -topic for additional information. - -# Hitachi Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery -Auditing scans on Hitachi devices. The Netwrix Activity Monitor can be configured to monitor -activity on Hitachi devices and make the event data available for Enterprise Auditor Activity -Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Enterprise Auditor scans must have the following permissions on the -target host: - -- Group membership in the Backup Operators local group - -This permission grants the credential read access to all target folders and files. The credential -used within the assigned Connection Profile for these target hosts requires these permissions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of Hitachi - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -Hitachi Requirements - -A Hitachi device can host multiple Enterprise Virtual Servers (EVS). Each EVS has multiple file -systems. Auditing is enabled and configured per file system. HNAS generates the audit log files in -[EVT format](https://technet.microsoft.com/en-us/sysinternals/bb309026) (a standard event log format -in Windows XP/2003 and earlier). Hitachi stores the generated audit logs in a user specified -location on the file system. The activity agent deployed on the Windows proxy server accesses this -location to collect the audit log files as they are generated. The credential used to monitor -activity must be provisioned with: - -- Capability of enabling a File System Audit Policy on the Hitachi device -- Audit rights to the Hitachi log directory - -See the -[Hitachi Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/hitachi.md) -topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nasuni.md b/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nasuni.md deleted file mode 100644 index 6cb7a4f899..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nasuni.md +++ /dev/null @@ -1,235 +0,0 @@ -# Nasuni Edge Appliance Access & Sensitive Data Auditing Configuration - -It is necessary to generate an API Key Name and Passcode for each on-premise Nasuni Edge Appliance -and cloud filer. - -## Nasuni Filer Management Interface - -Follow the steps to generate a Nasuni API Access Key in the Nasuni Filer Management Interface. - -**Step 1 –** Within the **Configuration** menu, under **USERS & SECURITY**, select API Access Keys. -The API Access Keys page opens. - -**Step 2 –** Click Add API Key button. The Add API Key window opens. - -**Step 3 –** Enter a Name for thekey; for example, the name of the application. - -**Step 4 –** Click Create Key. - -**Step 5 –** In the Successfully Generated API Key window, copy the Key Passcode. - -Both the Key Name and the Key Passcode are required for each Nasuni Edge Appliance and cloud filer. -They are used as the credentials in the Enterprise Auditor Connection Profile for 0-FS_Nasuni Job. - -**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in -the exact same case as generated. - -See the Nasuni -[Management Console Guide](https://nasuni.my.salesforce.com/sfc/p/#management-console-guide) -documentation for additional information. - -## Nasuni Management Console - -Follow the steps to generate a Nasuni API Access Key in the Nasuni Management Console. - -**Step 1 –** Click Filers and select API Keys from the menu on the left. The Filer API Access Key -Settings page opens. - -**Step 2 –** Click New API Key button. The Add API Access Key window opens. - -**Step 3 –** From the Filer drop-down menu, select the desired Nasuni Edge Appliance. Then enter a -Name for the key; for example, the name of the application. - -**Step 4 –** Click Add API Key. - -**Step 5 –** A message appears which includes the Key Passcode; copy the Key Passcode. - -Both the Key Name and the Key Passcode are required for each Nasuni Edge Appliance and cloud filer. -They are used as the credentials in the Enterprise Auditor Connection Profile for 0-FS_Nasuni Job. - -**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in -the exact same case as generated. - -See the -[Nasuni Management Console Guide](https://nasuni.my.salesforce.com/sfc/p/#nasuni-management-console-guide) -documentation for additional information. - -## Nasuni Best Practices for Access Auditing - -Nasuni is a hybrid NAS where actively-used data is stored on a Nasuni Edge appliance while the -authoritative copy of all files and meta data is stored in private or public cloud object storage -platforms by the UniFS® global file system, and there are egress fees associated with transferring -data between the two. In order to minimize these egress fees and optimize scan performance, it is -recommended to deploy a dedicated Nasuni Edge Appliance with all shares to be scanned by Enterprise -Auditor mounted, and the Enterprise Auditor console server, in the same region where the -authoritative copy resides. - -See the -[External Auditing and Nasuni Best Practices](https://nasuni.my.salesforce.com/sfc/p/#external-auditing-and-nasuni-best-practices) -documentation for additional information. - -# Nasuni Edge Appliance Activity Auditing Configuration - -Generation of an API Access Key is required for Nasuni activity monitoring. The Nasuni Edge -Appliance generates its own audit trail. An API Access Key is used by the Activity Monitor to form a -network connection to the appliance. Nasuni will then stream event data to the activity agent. See -[Nasuni Support Documentation](https://www.nasuni.com/support/) for additional information. - -Configuration Checklist - -Complete the following checklist prior to configuring activity monitoring of Nasuni Edge Appliances. -Instructions for each item of the checklist are detailed within the following topics. - -Checklist Item 1: Generate Nasuni API Access Key - -- Generate an API Access Key for each Nasuni Edge Appliance to be monitored through one of the - following: - - - Nasuni Filer Management Interface - - Nasuni Management Console - -Checklist Item 2: Activity Monitor Configuration - -- Deploy the Activity Monitor activity agent to a Windows proxy server - -## Nasuni Filer Management Interface - -Follow the steps to generate a Nasuni API Access Key in the Nasuni Filer Management Interface. - -**Step 1 –** Within the **Configuration** menu, under **USERS & SECURITY**, select API Access Keys. -The API Access Keys page opens. - -**Step 2 –** Click Add API Key button. The Add API Key window opens. - -**Step 3 –** Enter a Name for thekey; for example, the name of the application. - -**Step 4 –** Click Create Key. - -**Step 5 –** In the Successfully Generated API Key window, copy the Key Passcode. - -Both the Key Name and the Key Passcode are required by the Activity Monitor in order to connect to -the Nasuni Edge Appliance. Once the API Key has been generated, it is time to configure and enable -monitoring with the Activity Monitor console. - -**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in -the exact same case as generated. - -## Nasuni Management Console - -Follow the steps to generate a Nasuni API Access Key in the Nasuni Management Console. - -**Step 1 –** Click Filers and select API Keys from the menu on the left. The Filer API Access Key -Settings page opens. - -**Step 2 –** Click New API Key button. The Add API Access Key window opens. - -**Step 3 –** From the Filer drop-down menu, select the desired Nasuni Edge Appliance. Then enter a -Name for the key; for example, the name of the application. - -**Step 4 –** Click Add API Key. - -**Step 5 –** A message appears which includes the Key Passcode; copy the Key Passcode. - -Both the Key Name and the Key Passcode are required by the Activity Monitor in order to connect to -the Nasuni Edge Appliance. Once the API Key has been generated, it is time to configure and enable -monitoring with the Activity Monitor console. - -**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in -the exact same case as generated. - -# Nasuni Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery -Auditing scans on on-premise Nasuni Edge Appliances. The Netwrix Activity Monitor can be configured -to monitor activity on on-premise Nasuni Edge Appliances and make the event data available for -Enterprise Auditor Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Enterprise Auditor scans must have the following permissions on the -target host: - -- Group membership in the local Administrators group - -This is in addition to the API Key Name and Passcode which must be generated for each on-premise -Nasuni Edge Appliance and cloud filer. The credential used within the assigned Connection Profile -for these target hosts requires these permissions. See the -[Nasuni Edge Appliance Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nasuni.md) -topic for instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of Nasuni Edge Appliance - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -Nasuni Edge Appliance Requirements - -Additionally, it is necessary to generate an API Access Key for Nasuni activity monitoring. See the -[Nasuni Edge Appliance Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nasuni.md) -topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Nasuni Edge Appliance - -The following firewall settings are required for communication between the Activity Monitor Activity -Agent server and the target Nasuni Edge Appliance: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | ------------- | ----- | ---------------------- | -| Agent Server to Nasuni | HTTPS | 8443 | Nasuni API calls | -| Nasuni to Activity Agent Server | AMQP over TCP | 5671 | Nasuni event reporting | - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md b/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md deleted file mode 100644 index 7bb0b6ec01..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md +++ /dev/null @@ -1,705 +0,0 @@ -# NetApp Data ONTAP 7-Mode Access & Sensitive Data Auditing Configuration - -This topic provides instructions for configuring API calls and bypassing NTFS security for NetApp -Data ONTAP 7-Mode devices. - -## Share Enumeration – API Calls for 7-Mode - -To enumerate the shares on a NetApp Data ONTAP 7-Mode device, File System scans require a credential -provisioned with access to (at minimum) the following API calls: - -``` -login-http-admin -api-system-api-list -api-system-get-version -api-cifs-share-list-iter-* -``` - -If the query configuration option to “Exclude system shares” is deselected, the credential must also -have the ability to run the following command, which is also configuration-specific: - -``` -api-volume-list-info-iter-* -``` - -## Bypass NTFS Security for 7-Mode - -In order to bypass NTFS, the credential needs to at least have the following permissions on the -NetApp device: - -- Group membership in both of the following groups: - - - Power Users - - Backup Operators - -If the query configuration option to “Exclude system shares” is deselected, the credential must -have: - -- Group membership in the local Administrators group - -**NOTE:** All NetApp groups are assigned an RID. Built-in NetApp groups such as Power Users and -Backup Operators are assigned specific RID values. On 7-Mode NetApp devices, system access checks -for a group are identified by the RID assigned to the group and not by the role it has. Therefore, -application’s ability to bypass access checks with the Power Users and Backup Operators group has -nothing to do with the power role or the backup role. Neither role is required. For example, the -built-in Power User group, even when stripped of all roles, still has more file system access -capabilities than any other non-built-in group. - -If only running the Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, proceed -to the -[Provision Account](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md) -topic for instructions. If also running Activity Auditing (FSAC) scan, then the FPolicy Account -Provisioned for the Netwrix Activity Monitor will meet the needs of the Access Auditing (FSAA) -and/or Sensitive Data Discovery Auditing scans. Proceed to the -[NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md) -topic for instructions. - -This credential is used within the Connection Profile assigned to the File System scans. - -# NetApp Data ONTAP 7-Mode Activity Auditing Configuration - -The Activity Monitor agent employed to monitor NetApp leverages 128-bit encrypted Remote Procedure -Calls (RPC), NetApp ONTAP-API, and NetApp FPolicy to monitor file system events. This includes both -NetApp 7-Mode and Cluster-Mode configurations. To learn more about FPolicy please visit the NetApp -website and read the -[What FPolicy is](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-54FE1A84-6CF0-447E-9AAE-F43B61CA2138.html) -article. - -If the activity agent is stopped, a notification will be sent to the NetApp device to disconnect and -disable the associated FPolicy policy, but it will not be removed. - -If the network connection is lost between the activity agent and the NetApp device, the NetApp -device is configured with a default timeout to wait for a response. If a response is not received -from the Activity Agent within the timeout, then the NetApp device will disconnect and disable the -FPolicy policy. The Activity Agent will check every minute by default to see if the FPolicy policy -has been disabled and will enable it (if the auto-enable functionality is enabled for the agent). -The default setting to check every minute is configurable. - -The NetApp FPolicy uses a “push” mechanism such that notification will only be sent to the activity -agent when a transaction occurs. Daily activity log files are created only if activity is performed. -No activity log file will be created if there is no activity for the day. - -Configuration Checklist - -Complete the following checklist prior to configuring activity monitoring of NetApp Data ONTAP -7-Mode devices. Instructions for each item of the checklist are detailed within the following -topics. - -Checklist Item 1: Plan Deployment - -- Gather the following information: - - Names of the vFiler™(s) to be monitored - - DNS name of the CIFS shares(s) to be monitored - -Checklist Item 2: -[Provision FPolicy Account](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md) - -- Group membership with a role granting access to the following commands: - - ``` - login-http-admin - api-system-api-list - api-system-get-version - api-cifs-share-list-iter-* - api-volume-list-info-iter-* - ``` - -- For Automatic FPolicy creation (Checklist Item 4), group membership with a role granting access to - the following command: - - ``` - api-fpolicy* - ``` - -- To use the “Enable and connect FPolicy” option within the Activity Monitor, group membership with - a role granting access to the following command: - - ``` - cli-fpolicy* - ``` - -- Group membership in: - - - ONTAP Power Users - - ONTAP Backup Operators - -Checklist Item 3: Firewall Configuration - -- HTTP (80) or HTTPS (443) -- HTTP or HTTPS protocols need to be enabled on the NetApp filer -- TCP 135 -- TCP 445 -- Dynamic port range: TCP/UDP 137-139 -- See the - [Enable HTTP or HTTPS](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md) - topic for instructions. - -Checklist Item 4: -[Configure FPolicy](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md) - -- If using vFilers: - - - FPolicy operates on the vFiler so the FPolicy must be created on the vFiler - - **NOTE:** Activity Monitor must target the vFiler - -- Select method: - - **_RECOMMENDED:_** Configure FPolicy Manually – A tailored FPolicy - - - Allow the Activity Monitor to create an FPolicy automatically - - This option is enabled when the Activity Monitor agent is configured to monitor the NetApp - device on the NetApp FPolicy Configuration page of the Add New Hosts window. - - It monitors all file system activity. - -Checklist Item 5: Activity Monitor Configuration - -- Deploy the Activity Monitor Activity Agent to a Windows proxy server -- Configure the Activity Agent to monitor the NetApp device - -# Configure FPolicy - -Select a method to configure the FPolicy for NetApp Data ONTAP 7-Mode devices: - -**_RECOMMENDED:_** -[Manually Configure FPolicy (Recommended Option)](#manually-configure-fpolicy-recommended-option) – -A tailored FPolicy - -- If using vFilers the FPolicy must be created on the vFiler, and the Activity Monitor must target - the vFiler. This is because FPolicy operates on the affected vFiler. Therefore, when executing - these commands on a vFiler, the commands must be run from a vFiler context (e.g. via the vFiler - run command). -- Allow the Activity Monitor to create an FPolicy automatically. See the - [Automatic Configuration of FPolicy](#automatic-configuration-of-fpolicy) topic for additional - information. - - - This option is enabled when the Activity Monitor Activity Agent is configured to monitor the - NetApp device on the NetApp FPolicy Configuration page of the Add New Hosts window. - - It monitors all file system activity. - -## Manually Configure FPolicy (Recommended Option) - -This section describes how to manually configure FPolicy. Manual configuration of the FPolicy is -recommended so that the policy can be scoped. It is necessary to create six FPolicy components and -then enable the FPolicy. See the sections corresponding to each part of this list: - -- [Part 1: Create FPolicy](#part-1-create-fpolicy) -- [Part 2: Set FPolicy Required to Off](#part-2-set-fpolicy-required-to-off) -- [Part 3: Set FPolicy to Collect Permission Changes](#part-3-set-fpolicy-to-collect-permission-changes) -- [Part 4: Set FPolicy to Monitor Alternate Data Streams](#part-4-set-fpolicy-to-monitor-alternate-data-streams) -- [Part 5: Set FPolicy to Monitor Disconnected Sessions](#part-5-set-fpolicy-to-monitor-disconnected-sessions) -- [Part 6: Scope FPolicy for Specific Volumes](#part-6-scope-fpolicy-for-specific-volumes) -- [Part 7: Enable FPolicy](#part-7-enable-fpolicy) - -If using vFilers the FPolicy must be created on the vFiler, and the Activity Monitor must target the -vFiler. This is because FPolicy operates on the affected vFiler. Therefore, when executing these -commands on a vFiler, the commands must be run from a vFiler context (e.g. via the vFiler run -command). - -Relevant NetApp Documentation: To learn more about configuring file policies, please visit the -NetApp website and read -[na_fpolicy – configure file policies](https://library.netapp.com/ecmdocs/ECMP1196890/html/man1/na_fpolicy.1.html) -article. - -### Part 1: Create FPolicy - -Create the FPolicy on the vFiler. - -IMPORTANT: - -- The policy should be named "StealthAUDIT" -- The only supported policy type is "screen" for file screening. - -Use the following command to create the FPolicy: - -``` -fpolicy create StealthAUDIT screen -``` - -### Part 2: Set FPolicy Required to Off - -If the `FPolicy Required` value is set to on, user requests are denied if an FPolicy server is not -available to implement the policy. If it is set to off, user requests are allowed when it is not -possible to apply the policy to the file because no FPolicy server is available. - -IMPORTANT: - -- The `FPolicy Required` value should be set to **off** - -Use the following command to set the `FPolicy Required` value to off: - -``` -fpolicy options StealthAUDIT required off -``` - -### Part 3: Set FPolicy to Collect Permission Changes - -The cifs_setattr value must be set to on in order for CIFS requests to change file security -descriptors to be screened by the policy. - -IMPORTANT: - -- The `cifs_setattr` value must be set to **on** - -Use the following command to enable the FPolicy to collect permission changes: - -``` -fpolicy options StealthAUDIT cifs_setattr on -``` - -### Part 4: Set FPolicy to Monitor Alternate Data Streams - -The monitor_ads value must be set to on in order for CIFS requests for alternate data streams (ADS) -to be monitored by the policy. - -IMPORTANT: - -- The `monitor_ads` value must be set to **on** - -Use the following command to enable the FPolicy to monitor ADS: - -``` -fpolicy options StealthAUDIT monitor_ads on -``` - -### Part 5: Set FPolicy to Monitor Disconnected Sessions - -The cifs_disconnect_check value must be set to on in order for CIFS requests associated with -disconnected sessions to be monitored by the policy. - -IMPORTANT: - -- The `cifs_disconnect_check` value must be set to **on** - -Use the following command to enable the FPolicy to monitor disconnected sessions: - -``` -fpolicy options StealthAUDIT cifs_disconnect_check on -``` - -### Part 6: Scope FPolicy for Specific Volumes - -The FPolicy can be scoped either to monitor only specified volumes (inclusion) or to not monitor -specific volumes (exclusion). - -IMPORTANT: - -- Choose to scope by including or excluding volumes - -Use the following command to scope the FPolicy by volume: - -``` -fpolicy ‑volume [INCLUDE OR EXCLUSION] ‑add StealthAUDIT [VOLUME_NAME],[VOLUME_NAME] -``` - -Inclusion Example: - -``` -fpolicy ‑volume include ‑add StealthAUDIT samplevolume1,samplevolume2 -``` - -Exclusion Example: - -``` -fpolicy ‑volume exclusion ‑add StealthAUDIT samplevolume1,samplevolume2 -``` - -### Part 7: Enable FPolicy - -The FPolicy must be enabled before the Activity Monitor Activity Agent can be configured to monitor -the NetApp device. - -IMPORTANT: - -- The Activity Monitor must register with the NetApp device as an FPolicy server. By default, it - looks for a policy named `StealthAUDIT`. See the - [Customize FPolicy Policy Name](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md) - section for information on using a different policy name. - -Use the following command to enable the FPolicy to monitor disconnected sessions: - -``` -fpolicy enable StealthAUDIT -``` - -## Automatic Configuration of FPolicy - -The Activity Monitor can automatically configure FPolicy on the targeted NetApp Data ONTAP 7-Mode -device. The FPolicy created monitors all file system activity. This is done when the NetApp device -is assigned to the agent for monitoring. This option is enabled on the NetApp FPolicy Configuration -page of the Add New Host window. - -# Customize FPolicy Policy Name - -There may be situations when FPolicy needs to be named something other than StealthAUDIT. In those -cases it is necessary to manually add a parameter to the Activity Monitor agent’s `sbtfilemon.ini` -file. After the monitoring agent has been deployed, follow the steps. - -**Step 1 –** Open to the `sbtfilemon.ini` file on the agent server in a text editor: - -…\STEALTHbits\StealthAUDIT\FSAC - -**Step 2 –** Add the following parameter: - -``` -FPOLICY_POLICY_NAME=[POLICY_NAME] -``` - -Example: - -``` -FPOLICY_POLICY_NAME=EnterpriseAuditor -``` - -**Step 3 –** Save and close the `sbtfilemon.ini` file. - -When the Activity Agent is configured to monitor a NetApp device, it looks for the FPolicy named in -the parameter. - -# Enable HTTP or HTTPS - -The Activity Monitor Activity Agent must be able to send ONTAPI calls to the vFiler’s data LIF over -HTTP or HTTPS. The following commands will enable the HTTP or HTTPS communication between the vFiler -and the Activity Monitor. - -Use the following command to enable HTTP: - -``` -options httpd.admin.enable on -``` - -Check HTTP Status: - -``` -options httpd.admin.enable -``` - -Use the following command to enable HTTPS: - -``` -options httpd.admin.ssl.enable on -``` - -Check HTTP Status: - -``` -options httpd.admin.ssl.enable -``` - -# NetApp Data ONTAP 7-Mode Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery -Auditing scans on NetApp Data ONTAP 7-Mode devices. The Netwrix Activity Monitor can be configured -to monitor activity on NetApp Data ONTAP 7-Mode devices and make the event data available for -Enterprise Auditor Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Enterprise Auditor scans must have the following permissions on the -target host: - -- Enumerate shares by executing specific API calls -- Bypass NTFS security to read the entire folder structure to be scanned and collect file/folder - permissions - -These permissions grant the credential the ability to enumerate shares, access the remote registry, -and bypass NTFS security on folders. The credential used within the assigned Connection Profile for -these target hosts requires these permissions. See the -[NetApp Data ONTAP 7-Mode Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md) -topic for instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of NetApp Data ONTAP 7-Mode Device - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -NetApp Data ONTAP 7-Mode Device Requirements - -An FPolicy must be configured on the target device for Activity Auditing (FSAC) scans. A tailored -FPolicy is recommended as it decreases the impact on the NetApp device. The credential associated -with the FPolicy used to monitor activity must be provisioned with access to the following API -calls: - -``` -login-http-admin -api-system-api-list -api-system-get-version -api-cifs-share-list-iter-* -api-volume-list-info-iter-* -``` - -If the Activity Monitor will be automatically configuring the FPolicy, then the following command is -also needed: - -``` -api-fpolicy* -``` - -If the Activity Monitor will be configured to use the “Enable and connect to the FPolicy” option, -then the following command is also needed: - -``` -cli-fpolicy* -``` - -The credential must also have the following permissions on the target device: - -- Group membership in both of the following groups: - - - ONTAP Power Users - - ONTAP Backup Operators - -See the -[NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md) -topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for NetApp Data ONTAP 7-Mode Device - -The following firewall settings are required for communication between the Activity Monitor Activity -Agent server and the target NetApp Data ONTAP 7-Mode device: - -| Communication Direction | Protocol | Ports | Description | -| --------------------------------- | ---------------- | ------------------------------------ | ----------- | -| Activity Agent Server to NetApp\* | HTTP (optional) | 80 | ONTAPI | -| Activity Agent Server to NetApp\* | HTTPS (optional) | 443 | ONTAPI | -| Activity Agent Server to NetApp | TCP | 135, 139 Dynamic Range (49152-65535) | RPC | -| Activity Agent Server to NetApp | TCP | 445 | SMB | -| Activity Agent Server to NetApp | UDP | 137, 138 | RPC | -| NetApp to Activity Agent Server | TCP | 135, 139 Dynamic Range (49152-65535) | RPC | -| NetApp to Activity Agent Server | TCP | 445 | SMB | -| NetApp to Activity Agent Server | UDP | 137, 138 | RPC | - -\*Only required if using the FPolicy Configuration and FPolicy Enable and Connect options in -Activity Monitor. - -**NOTE:** If either HTTP or HTTPS are not enabled, the FPolicy on the NetApp Data ONTAP 7-Mode -device must be configured manually. Also, the External Engine will not reconnect automatically in -the case of a server reboot or service restart. - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | - -# Provision Account - -This section describes the steps needed to create a user account with the privileges required to -execute Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans from Enterprise -Auditor. It is necessary to: - -- Create Role -- Create a Group & Assign Role -- Add User to Group - -Relevant NetApp Documentation: To learn more about node access controls, please visit the NetApp -website and read the -[na_useradmin – Administers node access controls](https://library.netapp.com/ecmdocs/ECMP1511537/html/man1/na_useradmin.1.html) -article. - -## Create Role - -This section provides instructions for creating a role with access to the following commands: - -``` -login-http-admin -api-system-api-list -api-system-get-version -api-cifs-share-list-iter-* -api-volume-list-info-iter-* -``` - -The following command needs to be run to create the role. - -``` -useradmin role ‑add [ROLE_NAME] ‑c "[ROLE_DESCRIPTION]" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter -``` - -Example: - -``` -useradmin role ‑add enterpriseauditor ‑c "Role for Enterprise Auditor" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter‑* -``` - -After the role is created, Create a Group & Assign Role. - -## Create a Group & Assign Role - -Once the role has been created, it must be attached to a group. The following command needs to be -run to create a group and assign the role to it. - -``` -useradmin group add [GROUP_NAME] ‑r [ROLE_NAME] -``` - -Example: - -``` -useradmin group add nwxgroup ‑r enterpriseauditor -``` - -After the group is created and the role is assigned, Add User to Group. - -## Add User to Group - -The final step is to add the domain user to the new group, Backup Operators group, and Power Users -group. The following command needs to be run to add the user to all three groups. - -``` -useradmin domainuser ‑add [DOMAIN\USER] ‑g [GROUP_NAME, WITHIN " MARKS IF MULTIPLE WORDS], "Backup Operators","Power Users" -``` - -Example: - -``` -useradmin domainuser ‑add example\user1 ‑g nwxgroup,"Backup Operators","Power Users" -``` - -This credential is used within the Connection Profile assigned to the File System scans. - -# Provision FPolicy Account - -This topic describes the steps needed to create a user account with the privileges required to -connect the Activity Monitor Activity Agent to the FPolicy engine and to execute the NetApp API -calls required for activity monitoring and configuration. - -Provisioning this account is a three part process: - -- Part 1: Create Role with API/CLI Access -- Part 2: Create a Group & Assign Role -- Part 3: Add User to Group - -Relevant NetApp Documentation: To learn more about node access controls, please visit the NetApp -website and read the -[na_useradmin – Administers node access controls](https://library.netapp.com/ecmdocs/ECMP1511537/html/man1/na_useradmin.1.html) -article. - -## Part 1: Create Role with API/CLI Access - -This section provides instructions for creating a role with access to the following commands: - -``` -login-http-admin -api-system-api-list -api-system-get-version -api-cifs-share-list-iter-* -api-volume-list-info-iter-* -api-fpolicy* -cli-fpolicy* -``` - -**NOTE:** The `api-fpolicy*` command is required for automatic configuration of FPolicy. The -`cli-fpolicy*` command is required to use the “Enable and connect FPolicy” option for a Monitored -Host configuration. - -The following command needs to be run to create the role. - -Run the following command when provisioning an account for manual configuration of FPolicy; it -includes the "Enable and connect FPolicy" option requirement: - -``` -useradmin role ‑add [ROLE_NAME] ‑c "[ROLE_DESCRIPTION]" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter‑*,cli‑fpolicy* -``` - -Example: - -``` -useradmin role ‑add enterpriseauditor ‑c "Role for Enterprise Auditor" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter‑*,cli‑fpolicy* -``` - -Run the following command when provisioning an account for automatic configuration of FPolicy; it -includes the "Enable and connect FPolicy" option requirement: - -``` -useradmin role ‑add [ROLE_NAME] ‑c "[ROLE_DESCRIPTION]" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter‑*,api‑fpolicy*,cli‑fpolicy* -``` - -Example: - -``` -useradmin role ‑add enterpriseauditor ‑c "Role for Enterprise Auditor" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter‑*,api‑fpolicy*,cli‑fpolicy* -``` - -After the role is created, complete Part 2: Create a Group & Assign Role. - -## Part 2: Create a Group & Assign Role - -Once the role has been created, it must be attached to a group. The following command needs to be -run to create a group and assign the role to it. - -``` -useradmin group ‑add [GROUP_NAME] ‑r [ROLE_NAME] -``` - -Example: - -``` -useradmin group ‑add nwxgroup ‑r enterpriseauditor -``` - -After the group is created and the role is assigned, complete Part 3: Add User to Group. - -## Part 3: Add User to Group - -The final step is to add the domain user to the new group, Backup Operators group, and Power Users -group. The following command needs to be run to add the user to all three groups. - -``` -useradmin domainuser ‑add [DOMAIN\USER] ‑g [GROUP_NAME, WITHIN " MARKS IF MULTIPLE WORDS],"Backup Operators","Power Users" -``` - -Example: - -``` -useradmin domainuser ‑add example\user1 ‑g nwxgroup,"Backup Operators","Power Users" -``` diff --git a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md b/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md deleted file mode 100644 index 86f65a2501..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md +++ /dev/null @@ -1,2251 +0,0 @@ -# NetApp Data ONTAP Cluster-Mode Access & Sensitive Data Auditing Configuration - -This topic provides instructions for configuring NetApp Data ONTAP Cluster-Mode devices. - -## CIFS Method 1 Credential Configuration - -Configuring access to CIFS shares using FPolicy and ONTAP API for Enterprise Auditor requires the -following: - -- Configure Data LIF to Allow HTTPS Traffic -- [Configure Empty FPolicy](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md) - -See the [CIFS Method 2 Credential Configuration](#cifs-method-2-credential-configuration) topic for -an alternative method. - -### Configure Data LIF to Allow HTTPS Traffic - -As of NetApp Clustered ONTAP 9.6, users can assign service policies (instead of LIF roles) to LIFs -that determine the kind of traffic that is supported for the LIFs. - -- Starting with ONTAP 9.5, ONTAP supports service policies -- Starting with ONTAP 9.6, LIF roles are deprecated and service policies are supported for all types - of services - -For users running ONTAP 9.6+, data LIFs used for HTTPS communication with Enterprise Auditor are -required to use a LIF service policy that includes the `management-https` service. Without this -service applied to a data LIF’s service policy, HTTPS communication will not be possible. - -The following examples offer guidance for managing service policies, but may vary depending on the -NetApp environment’s specific configuration and needs. - -Use the following command to display available services: - -``` -network interface service show -``` - -Use the following command to create a service policy (example includes NFS, CIFS, and HTTPS -traffic): - -``` -network interface service-policy create -vserver [SVM_NAME] -policy [SERVICE_POLICY_NAME] -services [LIST_OF_SERVICES_COMMA-SEPARARTED] -allowed-addresses [IP_CIDR_NOTATION] -``` - -Example with the NFS, CIFS, and HTTPS protocols being allowed: - -``` -network interface service-policy create -vserver testserver -policy new_service_policy -services data-nfx,data-cifs,management-https,data-core -allowed-addresses 0.0.0.0/0 -``` - -Use the following command to verify if the service policy was properly created: - -``` -network interface service-policy show -``` - -Use the following command to add the created service policy to an existing data LIF: - -``` -network interface modify -vserver [SVM_NAME] -lif [LIF_NAME] -service-policy [SERVICE_POLICY_NAME] -``` - -Example: - -``` -network interface modify -vserver testserver -lif lif_1 -service-policy new_service_policy -``` - -A service policy can only be used by LIFs in the same SVM that is specified when creating the -service policy. - -## CIFS Method 2 Credential Configuration - -Configuring access to CIFS shares using the special C$ share is an alternative least privileged -access option for NetApp Data ONTAP Cluster-Mode devices v9.0+. See the -[CIFS Method 1 Credential Configuration](#cifs-method-1-credential-configuration) topic for an -alternative method. - -The following permissions are required: - -- Group membership in the Backup Operators group on either the file system proxy server for Proxy - Mode scans or the Enterprise Auditor server for Local Mode scans (to get a high integrity token) -- Group membership in the NetApp SVM's Power Users group (to enumerate shares) - - - Use the following command to add the Service Account to BUILTIN\Power Users: - - ``` - cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Power Users" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] - ``` - -- Group membership in the NetApp SVM's Backup Operators group (to bypass NTFS permissions) - - - NetApp SVM's SeBackupPrivilege needs to be applied to this group - - This group must have read-only access to the SVM's C$ share - - Use the following command to add the Service Account to BUILTIN\Backup Operators: - - ``` - cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Backup Operators" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] - ``` - -If an ACE does not already exist for a specific user/group on an SVM's c$ share, then it needs to be -added with the desired rights (No_access, Read, Change, or Full_Control). To check the current ACE -for a user or group on each SVM's c$ share, the following ONTAP CLI command should be used at the -cluster management level. - -``` -vserver cifs share access-control show -share c$ -``` - -The output will list each SVM's ACL for its c$ share. For example: - -![ONTAP CLI Command Output Example](/img/versioned_docs/accessanalyzer_11.6/config/netappcmode/accesscifsmethod2.webp) - -If the desired ACE does not exist on an SVM's c$ share, then one can be created with the following -command: - -``` -vserver cifs share access-control create -share c$ -user-or-group [USER_OR_GROUP_NAME] -permission Read -vserver [SVM_NAME] -``` - -If an existing ACE needs to be modified, the following command should be used: - -**CAUTION:** The following command will overwrite an existing ACE. For example, it is possible to -downgrade a user with Full_Control to Read, or vice versa. - -``` -vserver cifs share access-control modify -share c$ -user-or-group [USER_OR_GROUP_NAME] -permission Read -vserver [SVM_NAME] -``` - -**NOTE:** If users would prefer to avoid permissioning C$, then there is an alternative. Users can -instead give the SVM's Backup Operators group read-only access to each share to be scanned. - -In order to utilize Enterprise Auditor’s LAT Preservation (Last Access Time) feature during -sensitive data scans and metadata tag collection, applying ONTAP’s SeRestorePrivilege to the service -account is also required. - -As an alternative to membership in BUILTIN\Backup Operators, SeBackupPrivilege can be directly -applied to a user via the NetApp command line. - -The following commands can be used to grant these permissions to the service account to be used for -scanning by Enterprise Auditor. - -Use the following commands to add SeBackupPrivilege to the Service Account (or a BUILTIN Group): - -``` -cifs users-and-groups privilege add-privilege ‑user-or-group-name [USER_OR_GROUP_NAME] ‑privileges SeBackupPrivilege ‑vserver [SVM_NAME] -``` - -Use the following commands to add the Service Account to BUILTIN\Power Users: - -``` -cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Power Users" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] -``` - -Use the following commands to add the Service Account to BUILTIN\Backup Operators: - -``` -cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Backup Operators" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] -``` - -Use the following commands to verify the results from the previous commands: - -``` -cifs users-and-groups privilege show ‑vserver [SVM_NAME] ‑user-or-group-name [USER_OR_GROUP_NAME] -``` - -Use the following commands to give the Service Account Read-only Access to NetApp SVM's c$ Share: - -``` -cifs share access-control create ‑vserver [SVM_NAME] ‑share c$ ‑user-or-group [USER_OR_GROUP_NAME] ‑permission Read -``` - -**NOTE:** In the previous command, "create" needs to be replaced with "modify" if the CIFS share ACE -already exists for the share/user combination. - -Use the following commands to verify the results from the previous command: - -``` -cifs share access-control show ‑vserver [SVM_NAME] ‑share c$ -``` - -## NFSv3 Credential Configuration - -The following is a list of example commands that can be used to configure a NetApp export policy to -scan a volume via NFSv3 using the Enterprise Auditor File System Solution. - -**CAUTION:** The export policy for a volume's parent (ex. the SVM's root volume), or the export -policy for a qtree's parent, must have access rights that are equal or wider in scope to the export -policy for the target volume/qtree. If Enterprise Auditor cannot access all segments of a target -volume/qtree's junction path, then NFS access will be denied. - -Use the following command to create an export policy: - -``` -vserver export-policy create ‑vserver [SVM_NAME] ‑policyname [EXPORT_POLICY_NAME] -``` - -Example: - -``` -vserver export-policy create ‑vserver testserver ‑policyname testNFS -``` - -Use the following command to add a rule to the previous export policy, using the nfsv3, auth_sys -(aka auth_unix), and superuser properties: - -``` -vserver export-policy rule create ‑vserver [SVM_NAME] ‑policyname [EXPORT_POLICY_NAME] ‑clientmatch [IP_CIDR_NOTATION] ‑rorule sys ‑rwrule sys ‑superuser sys -protocol nfs3 -``` - -Example: - -``` -vserver export-policy rule create ‑vserver testserver ‑policyname testNFS ‑clientmatch 0.0.0.0/0 ‑rorule sys ‑rwrule sys ‑superuser sys -protocol nfs3 -``` - -Use the following command to show each volume’s export policy: - -``` -volume show ‑vserver [SVM_NAME] ‑fields policy -``` - -Example: - -``` -volume show ‑vserver testserver ‑fields policy -``` - -Use the following command to change a volume’s export policy: - -``` -volume modify ‑vserver [SVM_NAME] ‑volume [VOLUME_NAME] ‑policy [EXPORT_POLICY_NAME] -``` - -Example: - -``` -volume modify ‑vserver testserver ‑volume testVolume ‑policy testNFS -``` - -### Troubleshooting NFSv3 Export Access - -If Enterprise Auditoris not discovering the expected NFS export, it is possible that the export -policy is not properly configured to allow the Enterprise Auditor server or proxy server IP Address -to mount the NFS export. One step in troubleshooting this issue is to confirm a Unix client (or WSL -for Windows) in the same IP range as the Enterprise Auditor server or proxy server can mount the NFS -export. - -Run the following command from a Unix host to verify the NFS mount is available: - -``` -showmount ‑e [NFS_HOSTNAME_OR_IP] -``` - -If the NFS export is returned as a result of the previous command, then Enterprise Auditor should -also be able to mount it. If not, it may be necessary to run the following command on the NetApp SVM -to get the NFS export to be returned by the `showmount` command: - -``` -vserver nfs modify ‑vserver [SVM_NAME] ‑showmount enabled -``` - -# NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration - -The Activity Monitor agent employed to monitor NetApp leverages NetApp ONTAP API, and the NetApp -FPolicy framework to monitor file system events. This includes both NetApp 7-Mode and Cluster-Mode -configurations. For more information about FPolicy read the -[What are the two parts of the FPolicy solution ](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-54FE1A84-6CF0-447E-9AAE-F43B61CA2138.html) -article. - -Activity Monitor requires two communication channels for ONTAP monitoring: - -1. Activity Monitor Agent connects to ONTAP on port 80 or 443 for access to ONTAP API (ONTAPI/ZAPI - or REST API). -2. Data LIFs of the SVM connect to Activity Monitor Agent on port 9999 for FPolicy notifications. - -The ONTAP API access is mandatory; without the API access the agent will not be able to receive and -translate events from FPolicy. Both classic ONTAPI/ZAPI and the new REST API are supported. The -agent uses the API to retrieve information about the storage virtual machines (SVM): CIFS settings, -list of volumes, list of LIFs. Depending on the configuration, the agent can also retrieve the state -of FPolicy to ensure it is enabled; configure FPolicy and register or unregister itself. - -The FPolicy framework enables the collection of audit events on the ONTAP side and their transfer to -the agent(s) via the designated Data LIFs. Each LIF establishes its own connection with one or -several agents and sends notifications as soon as the file transaction occurs. The FPolicy -connection is asynchronous and buffered; both ONTAP and Activity Monitor have techniques in place to -make sure that connections are alive and working. The connection can be secured using TLS with -server or mutual authentication. - -FPolicy may have a significant impact on file system throughput, and it is always a best practice to -monitor performance when enabling FPolicy. - -**_RECOMMENDED:_** Create a tailored FPolicy which only collects the desired activity from the -environment to limit the scope and impact. - -For scale-out and fault tolerance purposes, the product supports a range of deployment options. A -single agent can receive events from multiple SVMs. Or events from a single SVM can be distributed -among multiple agents. Or a set of SVMs can distribute events among a set of agents. The choice -depends on the fault tolerance requirements and the expected event flow. As a rule of thumb, the -_average_ load on a single agent should not exceed 5000 events per second. - -Configuration Checklist - -Complete the following checklist prior to configuring the activity monitoring of NetApp Data ONTAP -Cluster-Mode devices. Instructions for each item of the checklist are detailed within the following -sections. - -Checklist Item 1: Plan Deployment - -- Gather the following information: - - - Names of the SVM(s) to be monitored - - - FPolicy is configured for each SVM separately - - This should be the SVM(s) hosting the CIFS or NFS shares(s) to be monitored - - - Credentials to access ONTAP to provision a role and account. - - Desired functionality level: - - - _Manual_. A user configures FPolicy manually and ensures it stays enabled. - - _Enable and Connect FPolicy_. The product ensures that FPolicy stays enabled and connected - all the time. RECOMMENDED. - - _Configure FPolicy_. The product configures FPolicy automatically and ensures it stays - enabled and connected all the time. RECOMMENDED. - - - Volumes or shares on each SVM to be monitored - - - Limiting the FPolicy to select volumes or shares is an effective way to limit the - performance impact of FPolicy - - - Successful/failed file operations to be monitored - - - Limiting the FPolicy to specific file operations is an effective way to limit the - performance impact of FPolicy - - - IP Address of the server(s) where the Activity Monitor Agent is deployed - - API enabled in ONTAP: the classic ONTAPI/ZAPI or the new REST API - - - The product supports the REST API for ONTAP 9.13.1 and above. - - - Encryption and Authentication protocol for FPolicy connection - - - No Authentication (default) - - TLS, server authentication (the SVM authenticates the agent) - - TLS, mutual authentication (both the SVM and the agent authenticate each other) - -Checklist Item 2: -[Provision ONTAP Account](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md) - -- Permission names depend on the API used, ONTAPI/ZAPI or REST API. -- The case of domain and username created during the account provisioning process must match exactly - to the credentials provided to the activity agent for authentication to work. -- The credential associated with the FPolicy used to monitor activity must be provisioned with - access to (at minimum) the following CLI or API commands, according to the level of collection - desired: - - - Manual, Collect Activity Events Only (Least Privilege) - - - ONTAPI/ZAPI - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - - - REST API - - - `/api/cluster` – Readonly access - - `/api/protocols/cifs/services` – Readonly access - - `/api/storage/volumes` – Readonly access - - `/api/svm/svms` – Readonly access - - - Employ the “Enable and connect FPolicy” Option (Less Privilege) – RECOMMENDED - - - ONTAPI/ZAPI - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - - `network interface` – Readonly access - - `vserver fpolicy disable` – All access - - `vserver fpolicy enable` – All access - - `vserver fpolicy engine-connect` – All access - - - REST API - - - `/api/cluster` – Readonly access - - `/api/protocols/cifs/services` – Readonly access - - `/api/storage/volumes` – Readonly access - - `/api/svm/svms` – Readonly access - - `/api/network/ip/interfaces` – Readonly access - - `/api/protocols/fpolicy` – All access - - - Employ the “Configure FPolicy” Option (Automatic Configuration of FPolicy) – RECOMMENDED - - - ONTAPI/ZAPI - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - - `network interface` – Readonly access - - `vserver fpolicy` – All access - - `security certificate install` – All access (only if FPolicy uses a TLS connection) - - - REST API - - - `/api/cluster` – Readonly access - - `/api/protocols/cifs/services` – Readonly access - - `/api/storage/volumes` – Readonly access - - `/api/svm/svms` – Readonly access - - `/api/network/ip/interfaces` – Readonly access - - `/api/protocols/fpolicy` – All access - - `/api/security/certificates` – All access (only if FPolicy uses a TLS connection) - - - Enterprise Auditor Integration requires the addition of the following CLI command: - - - `security login role show-ontapi` – Readonly access - -Checklist Item 3: -[Configure Network](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md) - -- Agent must be able to connect to ONTAP API via a management LIF on ports HTTP (80) or HTTPS (443) - - - NetApp firewall policy may need to be modified. - - LIF's service policy may need to be modified to include `management-https` or - `management-http` services. - - Either of these ports is required. Activity Monitor requires ONTAP API access. - -- ONTAP cluster nodes, which serve the SVM, must be able to connect to the agent on port 9999. - - - LIFs' service policy may need to be modified to include `data-fpolicy-client` service. - - Each data serving node should have its own LIF with the `data-fpolicy-client` service. - - The default port 9999 can be changed in the agent's settings. - -Checklist Item 4: -[Configure FPolicy](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md) - -- Remember: all FPolicy objects and SVM names are case sensitive. -- FPolicy must be configured for each SVM to be monitored. -- If using TLS, … authentication options, generate needed certificates and PEM files -- Select method: - - - Configure FPolicy Manually – If you want to exclude certain volumes or shares; a tailored - FPolicy decreases the impact on NetApp. - - - Required when the FPolicy account is provisioned for either Least Privileged or Less - Privilege permission model - - If using TLS, … authentication options, set authentication - - - Allow the Activity Monitor to create an FPolicy automatically - - - If using TLS, … authentication options, set authentication - - This option is enabled using the **Configure FPolicy. Create or modify FPolicy objects if - needed** checkbox for each monitored SVM. - - It monitors file system activity on all volumes and shares of the SVM. - - FPolicy configuration is automatically updated to reflect the Activity Monitor - configuration. - - Requires a Privileged Access credential be provided. - -Checklist Item 5: Activity Monitor Configuration - -- Deploy the Activity Monitor Agent to a Windows server. -- Configure the Agent to monitor the SVM. - -# Configure Empty FPolicy - -The credential used to just run Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing -scans requires access to the specified API calls as well as association to an FPolicy. Therefore, it -is necessary to: - -- [Create Security Role for FSAA Scans](#create-security-role-for-fsaa-scans) -- [Create Security Login for FSAA Scans](#create-security-login-for-fsaa-scans) -- [Create External Engine for Empty FPolicy](#create-external-engine-for-empty-fpolicy) -- [Create FPolicy Event for Empty FPolicy](#create-fpolicy-event-for-empty-fpolicy) -- [Create Empty FPolicy Policy](#create-empty-fpolicy-policy) -- [Create Empty FPolicy Scope](#create-empty-fpolicy-scope) -- [Enable the Empty FPolicy](#enable-the-empty-fpolicy) - -**NOTE:** The commands in the following sections have been verified for NetApp Data ONTAP 9.6+. -Users of older versions should consult the NetApp documentation to find the appropriate syntax. - -## Create Security Role for FSAA Scans - -This section provides instructions for creating an access-control role. An access-control role -consists of a role name and a command to which the role has access. It optionally includes an access -level (none, read-only, or all) and a query that applies to the specified command or command -directory. The following commands need to be run to create the security role. - -Use the following command to provision read-only access to Version\* commands: - -``` -security login role create ‑role [ROLE_NAME] ‑cmddirname "version" ‑access readonly ‑query "" ‑vserver [SVM_NAME] -``` - -Example: - -``` -security login role create ‑role enterpriseauditor ‑cmddirname "version" ‑access readonly ‑query "" ‑vserver testserver -``` - -Use the following command to provision read-only access to Volume\* commands: - -``` -security login role create ‑role [ROLE_NAME] ‑cmddirname "volume" ‑access readonly ‑query "" ‑vserver [SVM_NAME] -``` - -Example: - -``` -security login role create ‑role enterpriseauditor ‑cmddirname "volume" ‑access readonly ‑query "" ‑vserver testserver -``` - -Use the following command to provision read-only access to SVM\* commands: - -``` -security login role create ‑role [ROLE_NAME] ‑cmddirname "vserver" ‑access readonly ‑query "" ‑vserver [SVM_NAME] -``` - -Example: - -``` -security login role create ‑role enterpriseauditor ‑cmddirname "vserver" ‑access readonly ‑query "" ‑vserver testserver -``` - -Use the following command to provision read-only access to security login role show-ontapi commands: - -``` -security login role create ‑role [ROLE_NAME] ‑cmddirname "security login role show-ontapi" ‑access readonly ‑query "" ‑vserver [SVM_NAME] -``` - -Example: - -``` -security login role create ‑role enterpriseauditor ‑cmddirname "security login role show-ontapi" ‑access readonly ‑query "" ‑vserver testserver -``` - -Before creating the Security Login, validate this configuration. - -### Validate Security Role Configuration - -Run the following command to validate the security role configuration: - -``` -security login role show [ROLE_NAME] -``` - -Example: - -``` -security login role show enterpriseauditor -``` - -Relevant NetApp Documentation: To learn more about creating security login roles, please visit the -NetApp website and read the -[security login role create](https://library.netapp.com/ecmdocs/ECMP1196817/html/security/login/role/create.html) -article. - -## Create Security Login for FSAA Scans - -Once the access control role has been created, apply it to a domain account. - -**CAUTION:** - -- The SVM used in the following command must be the same SVM used when creating the role. See the - [Create Security Role for FSAA Scans](#create-security-role-for-fsaa-scans) topic for additional - information. - - **CAUTION:** Cluster-Mode is case sensitive. - -- It is recommended to use lowercase for both domain and username. The case of domain and username - created during the account provisioning process must match exactly to the credentials provided to - the Enterprise Auditor for authentication to work. - -Use the following command to create the security login for the security role: - -``` -security login create ‑user-or-group-name [DOMAIN\DOMAINUSER] ‑application ontapi ‑authentication‑method domain ‑role [ROLE_NAME] ‑vserver [SVM_NAME] -``` - -Example: - -``` -security login create ‑user-or-group-name example\user1 ‑application ontapi ‑authentication‑method domain ‑role enterpriseauditor ‑vserver testserver -``` - -Before creating the External Engine, validate this security login. - -### Validate Security Login Creation - -Run the following command to validate security login: - -``` -security login show [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -security login show example\user1 -``` - -Verify that the output is displayed as follows: - -![validatesecuritylogincreation](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatesecuritylogincreation.webp) - -Relevant NetApp Documentation: To learn more about creating security logins, please visit the NetApp -website and read the -[security login create](https://library.netapp.com/ecmdocs/ECMP12452955/html/security/login/create.html) -article. - -## Create External Engine for Empty FPolicy - -The External Engine defines how FPolicy makes and manages connections to external FPolicy servers. - -IMPORTANT: - -- The `-primary-servers` must be the server from which the StealthAUDIT scans will be executed: - - - StealthAUDIT Console server for local mode - - proxy server if running in any of the proxy mode options - -- The following values are required: - - - `engine-name StealthAUDITEngine` - - `port 9999` - - - Port number can be customized, but it is recommended to use 9999. - - - `extern-engine-type asynchronous` - - `ssl-option no-auth` - -**CAUTION:** Cluster-Mode is case sensitive. - -Use the following command to create the external engine: - -``` -vserver fpolicy policy external-engine create ‑vserver [SVM_NAME] ‑engine-name StealthAUDITEngine ‑primary-servers [IP_ADDRESS,…] ‑port 9999 ‑extern-engine-type asynchronous ‑ssl-option no-auth -``` - -Example: - -``` -vserver fpolicy policy external-engine create ‑vserver testserver ‑engine-name StealthAUDITEngine ‑primary-servers 192.168.30.15 ‑port 9999 ‑extern-engine-type asynchronous ‑ssl-option no-auth -``` - -Before creating the FPolicy Event, validate this external engine was created. - -### Validate External Engine Creation - -Run the following command to validate the creation of the external engine: - -``` -fpolicy policy external-engine show ‑instance -``` - -Verify that the output is displayed as follows: - -![validateexternalenginecreation](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validateexternalenginecreation.webp) - -Relevant NetApp Documentation: To learn more about creating an external engine, please visit the -NetApp website and read the -[vserver fpolicy policy external-engine create](https://library.netapp.com/ecmdocs/ECMP1366832/html/vserver/fpolicy/policy/external-engine/create.html) -article. - -## Create FPolicy Event for Empty FPolicy - -An event defines which protocol and which file operations are associated with the FPolicy. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares. -- The following values are required: - - - `event-name StealthAUDITScreening` - - `volume-operation true` - -**CAUTION:** Cluster-Mode is case sensitive. - -Use the following command to create the FPolicy event: - -``` -vserver fpolicy policy event create ‑vserver [SVM_NAME] ‑event-name StealthAUDITScreening ‑volume-operation true ‑protocol [PROTOCOL] ‑file-operations "" -``` - -Example: - -``` -vserver fpolicy policy event create ‑vserver testserver ‑event-name StealthAUDITScreening ‑volume-operation true ‑protocol cifs ‑file-operations "" -``` - -Before creating the FPolicy Policy, validate this FPolicy Event was created. - -### Validate FPolicy Event Creation - -Run the following command to validate the creation of the FPolicy event: - -``` -fpolicy policy event show ‑event-name StealthAUDITScreening‑instance -``` - -Verify that the output is displayed as follows: - -![validatefpolciyeventcreation](/img/versioned_docs/accessanalyzer_11.6/config/netappcmode/validatefpolciyeventcreation.webp) - -Relevant NetApp Documentation: To learn more about creating an event, please visit the NetApp -website and read the -[vserver fpolicy policy event create](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/policy/event/create.html) -article. - -## Create Empty FPolicy Policy - -The FPolicy policy associates the other three FPolicy components and allows for the designation of a -privileged FPolicy user, or the account granted Security Login. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares. -- The External Engine and FPolicy Event used in this command must be the External Engine and the - FPolicy Event created for this purpose. See the - [Create External Engine for Empty FPolicy](#create-external-engine-for-empty-fpolicy) and - [Create FPolicy Event for Empty FPolicy](#create-fpolicy-event-for-empty-fpolicy) sections for - additional information. -- The following values are required: - - - `privileged-user-name` must be the account granted Security Login. See the - [Create Security Login for FSAA Scans](#create-security-login-for-fsaa-scans) topic for - additional information. - - `policy-name StealthAUDIT` - -**CAUTION:** Cluster-Mode is case sensitive. - -Use the following command to create the FPolicy policy: - -``` -vserver fpolicy policy create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑events StealthAUDITScreening ‑engine StealthAUDITEngine ‑is-mandatory false ‑allow-privileged-access yes ‑privileged-user-name [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -vserver fpolicy policy create ‑vserver testserver ‑policy-name StealthAUDIT ‑events StealthAUDITScreening ‑engine StealthAUDITEngine ‑is-mandatory false ‑allow-privileged-access yes ‑privileged-user-name example\user1 -``` - -Before creating the FPolicy Scope, validate this FPolicy Policy was created. - -### Validate FPolicy Policy Creation - -Run the following command to validate the creation of the FPolicy policy: - -``` -fpolicy policy show ‑instance -``` - -![validatefpolicypolicycreation](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicypolicycreation.webp) - -Relevant NetApp Documentation: To learn more about creating a policy, please visit the NetApp -website and read the -[vserver fpolicy policy create](https://library.netapp.com/ecmdocs/ECMP1366832/html/vserver/fpolicy/policy/create.html) -article. - -## Create Empty FPolicy Scope - -The FPolicy scope creates the filters necessary to perform scans on specific shares or volumes. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS shares. -- It is not necessary to specify both volumes and shares. One or the other is sufficient. - -Use the following command to create the FPolicy scope by volume(s): - -``` -vserver fpolicy policy scope create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑volumes-to-include -``` - -Example: - -``` -vserver fpolicy policy scope create ‑vserver testserver ‑policy-name StealthAUDIT ‑volumes-to-include -``` - -Use the following command to create the FPolicy scope by share(s): - -``` -vserver fpolicy policy scope create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑shares-to-include -``` - -Example: - -``` -vserver fpolicy policy scope create ‑vserver testserver ‑policy-name StealthAUDIT ‑shares-to-include -``` - -Before enabling the FPolicy, validate this FPolicy Scope was created. - -### Validate FPolicy Scope Creation - -Run the following command to validate the FPolicy scope creation: - -``` -fpolicy policy scope show ‑instance -``` - -![validatefpolicyscopecreation](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicyscopecreation.webp) - -Relevant NetApp Documentation: To learn more about creating scope, please visit the NetApp website -and read the -[vserver fpolicy policy scope create](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/policy/scope/create.html) -article. - -## Enable the Empty FPolicy - -Once the empty FPolicy has been created, it must be enabled. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares. - -Use the following command to enable the FPolicy: - -``` -vserver fpolicy enable ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑sequence-number [INTEGER] -``` - -Example: - -``` -vserver fpolicy enable ‑vserver testserver ‑policy-name StealthAUDIT ‑sequence-number 10 -``` - -Validate this FPolicy was enabled. - -### Validate FPolicy Enabled - -Run the following command to validate the FPolicy scope creation: - -``` -vserver fpolicy show -``` - -![validatefpolicyenabled](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicyenabled.webp) - -Relevant NetApp Documentation: To learn more about enabling a policy, please visit the NetApp -website and read the -[vserver fpolicy enable](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/enable.html) -article. - -# Configure Network - -Activity Monitor requires two communication channels for ONTAP monitoring: - -1. ONTAP API – Activity Monitor Agent connects to ONTAP on port 80 (http) or 443 (https) for access - to ONTAP API (ONTAPI/ZAPI or REST API). -2. FPolicy – Data LIFs of the SVM connect to Activity Monitor Agent on port 9999 for FPolicy - notifications. - -The following sections discuss network configuration required to enable API and FPolicy -communication. - -## ONTAP API - -The ONTAP API access is mandatory; without the API access the agent will not be able to receive and -translate events from FPolicy. The agent uses the API to retrieve information about the SVM: CIFS -settings, list of volumes, list of LIFs. Depending on the configuration, the agent can also retrieve -the state of FPolicy to ensure it is enabled; configure FPolicy and register or unregister itself. - -The API access is needed either through the SVM's LIF or through the cluster management LIF with -_vserver tunneling_ feature. If you want to use the vserver tunneling feature, specify the cluster -management LIF's address in the "Management LIF" parameter in the host's settings in the Activity -Monitor. - -Both classic ONTAPI/ZAPI and the new REST API are supported. Starting with ONTAP 9.13.1, the product -uses REST API by default if it is available. HTTP and HTTPS protocols are supported. For HTTPS, two -modes are supported: strict and ignore errors. For the strict mode, the product allows you to -disable the host name validation in case the agent cannot resolve the FQDN of the LIF. - -Enabling the API access varies depending on ONTAP version. The following sections list common steps -on enabling the API access. Please refer to the NetApp documentation for more details. - -### Management-http Service - -Starting with ONTAP 9.6, data LIFs used for HTTPS communication with the Activity Monitor are -required to use a service policy that includes the `management-https` service. This service enables -HTTPS access to the LIF. - -The following examples offer guidance for managing service policies, but may vary depending on the -NetApp environment’s specific configuration and needs. - -**Step 1** – Display LIFs of the SVM. Take note of the _service policy_ name used by the LIF you -want to be used for API access. - -``` -network interface show -vserver [SVM] -instance -``` - -**Step 2** – Check the services included in the SVM service policy - -``` -network interface service-policy show -policy [POLICY_NAME] -``` - -**Step 3** – Add the `management-https` service if it is missing - -``` -set -privilege advanced -network interface service-policy add-service -service management-https -policy [POLICY_NAME] -vserver [SVM] -``` - -Example: - -``` -set -privilege advanced -network interface service-policy add-service -service management-https -policy default-data-files -vserver testserver -``` - -### Firewall Policy - -For ONTAP 9.5 and older, the following commands can be used to either create a new firewall policy -or modify an existing policy if ONTAPI is blocked. - -#### Create New Firewall HTTP Policy - -Use the following commands with the Cluster Management LIF to create a new firewall HTTP policy: - -``` -system services firewall policy clone ‑policy data ‑vserver [ADMIN_SVM_NAME] ‑destination-policy [FIREWALL_POLICY_NAME] ‑destination-vserver [SVM_NAME] -system services firewall policy create ‑vserver [SVM_NAME] ‑policy [FIREWALL_POLICY_NAME] ‑service http ‑allow-list [IP_ADDRESS]/[NETMASK], [IP_ADDRESS]/[NETMASK] -``` - -Example: - -``` -system services firewall policy clone ‑policy data ‑vserver myontap ‑destination-policy enterpriseauditorfirewall ‑destination-vserver testserver -system services firewall policy create ‑vserver testserver ‑policy enterpriseauditorfirewall ‑service http ‑allow-list 192.168.30.15/32 -``` - -#### Create New Firewall HTTPS Policy - -Use the following commands with the Cluster Management LIF to create a new firewall HTTPS policy: - -``` -system services firewall policy clone ‑policy data ‑vserver [ADMIN_SVM_NAME] ‑destination-policy [FIREWALL_POLICY_NAME] ‑destination-vserver [SVM_NAME] -system services firewall policy create ‑vserver [SVM_NAME] ‑policy [FIREWALL_POLICY_NAME] ‑service https ‑allow-list [IP_ADDRESS]/[NETMASK], [IP_ADDRESS]/[NETMASK] -``` - -Example: - -``` -system services firewall policy clone ‑policy data ‑vserver myontap ‑destination-policy enterpriseauditorfirewall ‑destination-vserver testserver -system services firewall policy create ‑vserver testserver ‑policy enterpriseauditorfirewall ‑service https ‑allow-list 192.168.30.15/32 -``` - -#### Apply Firewall Policy to SVM Data LIF - -Use the following command to modify an existing firewall policy: - -``` -network interface modify ‑vserver [SVM_NAME] ‑lif [DATA LIF NAME] ‑firewall-policy [FIREWALL_POLICY_NAME] -``` - -Example: - -``` -network interface modify ‑vserver testserver ‑lif datal ‑firewall-policy enterpriseauditorfirewall -``` - -For more information about creating a firewall policy and assigning it to a LIF, read the -[Configure firewall policies for LIFs](https://docs.netapp.com/us-en/ontap/networking/configure_firewall_policies_for_lifs.html)[ ](https://docs.netapp.com/us-en/ontap/networking/configure_firewall_policies_for_lifs.html) -article. - -#### Validate Firewall Policy - -Run the following command to validate the firewall policy: - -``` -system services firewall policy show ‑policy [FIREWALL_POLICY_NAME] ‑service [HTTP_HTTPS] -``` - -Example: - -``` -system services firewall policy show ‑policy enterpriseauditorfirewall ‑service http -``` - -Verify that the output is displayed as follows: - -![validatefirewall](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefirewall.webp) - -## FPolicy - -The FPolicy framework enables the collection of audit events on the ONTAP side and their transfer to -the agent(s) via the designated Data LIFs. Each LIF establishes its own connection with one or -several agents and sends notifications as soon as the file transaction occurs. The FPolicy -connection is asynchronous and buffered; both ONTAP and Activity Monitor have techniques in place to -make sure that connections are alive and working. The connection can be secured using TLS with -server or mutual authentication. - -ONTAP cluster nodes connect to the agent on port 9999 by default. The port can be changed in the -agent's settings. The agent adds this port to Windows Firewall exclusions automatically. Please -ensure the port is not blocked by other firewalls between ONTAP and the agent. - -### Data-fpolicy-client Service - -Starting with ONTAP 9.8, each data LIF of the SVM must have the **data-fpolicy-client** service -included in its service-policy configuration. This service enables the FPolicy protocol for the LIF. -Use the following commands to ensure that the service is included. - -**Step 1** – Display LIFs of the SVM. Take note of the _service policy_ name used by the data LIFs. - -``` -network interface show -vserver [SVM] -instance -``` - -**Step 2** – Check the services included in the SVM service policy - -``` -network interface service-policy show -policy [POLICY_NAME] -``` - -**Step 3** – Add the **data-fpolicy-client** service if it is missing - -``` -set -privilege advanced -network interface service-policy add-service -service data-fpolicy-client -policy [POLICY_NAME] -vserver [SVM] -``` - -Example: - -``` -set -privilege advanced -network interface service-policy add-service -service data-fpolicy-client -policy default-data-files -vserver testserver -``` - -# Configure FPolicy - -Activity Monitor relies on the NetApp FPolicy framework for monitoring of file access events on -SVMs. FPolicy needs to be configured for each SVM. - -There are two ways to configure FPolicy: - -- Activity Monitor agent can facilitate the - [Automatic Configuration of FPolicy](#automatic-configuration-of-fpolicy) for the monitored SVM - using the ONTAP API. This mode is simple, but does not allow you to exclude certain volumes or - shares of the SVM from being monitored. It also requires additional permissions to create and - modify FPolicy. -- Another option is to [Manually Configure FPolicy](#manually-configure-fpolicy) for each SVM. This - mode allows you to fine tune FPolicy by excluding certain volumes or shares from being monitored. - It also reduces product permissions. - -Regardless of the chosen approach for FPolicy configuration, one also needs to perform extra steps -if the FPolicy communication has to be secured with TLS. - -## TLS Authentication Options - -There are two TLS FPolicy Authentication options that can be used: - -- TLS, server authentication – Server only authentication - - - A certificate (Server Certificate) for the Agent server needs to be generated and copied to a - PEM file. The Server Certificate PEM file needs to be saved locally on the Activity Monitor - Console server. - - For manual FPolicy configuration, the Server Certificate needs to be installed on the SVM, and - then server-authentication set. - - For automatic FPolicy configuration, the Activity Monitor manages installation of the Server - Certificate. - -- TLS, mutual authentication – Mutual authentication - - - A certificate (Server Certificate) for the Agent server needs to be generated and copied to a - PEM file. The Server Certificate PEM file needs to be saved locally on the Activity Monitor - Console server. - - A certificate (Client Certificate) for the SVM needs to be copied to a PEM file and saved - locally on the Activity Monitor Console server. - - For manual FPolicy configuration, the Server Certificate needs to be installed on the SVM and - then mutual-authentication set. - - For automatic FPolicy configuration, mutual-authentication set before the configuration - process. The Activity Monitor manages installation of both certificates. - -### Generate Server Certificate - -A certificate (Server Certificate) for the Agent server needs to be generated and copied to a PEM -file. This is required for both of the TLS authentication options. - -The PEM file must contain both Public Key and Private Key parts. A certificate may be self-signed or -issued by a certification authority. Below are the steps for generation of a self-signed certificate -using OpenSSL toolkit. - -Use the following command on the agent server to create the Server Certificate and copy it to a .pem -file: - -``` -openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=[ACTIVITY_AGENT_SERVER_NAME]"  -copy cert.pem+key.pem [CERTIFICATE_FILE_NAME.pem] -del cert.pem key.pem .rnd -``` - -Example: - -``` -openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=testagentserver"  -copy cert.pem+key.pem agentkey.pem -del cert.pem key.pem .rnd -``` - -openssl.exe req x509 newkey rsa:2048 keyout key.pem out cert.pem days 365 nodes subj -"/CN=testagentserver" - -copy cert.pem+key.pem agentkey.pem - -del cert.pem key.pem .rnd - -In this example ` agentkey.pem` would be used as the Server Certificate. Save the Server Certificate -locally on the Activity Monitor Console server. - -### Create PEM File for Client Certificate - -A certificate (Client Certificate) for the SVM needs to be copied to a PEM file. This is required -for the TLS, mutual authentication option. Follow the steps to create the PEM file for the Client -Certificate. - -**Step 1 –** On the SVM , use the following command to show the security certificate details: - -``` -security certificate show -vserver [SVM_NAME] -type server instance -``` - -Example: - -``` -security certificate show -vserver testserver -type server instance -``` - -**Step 2 –** Copy the security certificate details into a text file and copy the public key to a PEM -file. The following variables from security details will be needed to set mutual-authentication -during Part 6 of manual configuration and prior to automatic configuration: - -- SVM -- Common Name -- Certificate Serial -- Public Key Certificate - -**Step 3 –** Copy the value of Public Key Certificate field to a PEM file. The value spans multiple -lines, starts with "`----BEGIN CERTIFICATE-----`" and ends with "`-----END CERTIFICATE-----`". - -The Client Certificate PEM file has been created. - -## Manually Configure FPolicy - -This section describes how to manually configure FPolicy. Manual configuration of the FPolicy is -recommended if the policy needs to be scoped to monitor select volumes or shares. It is necessary to -create several FPolicy components and then enable the FPolicy. See the sections corresponding to -each part of this list: - -- Part 1: Install Server Certificate on the SVM (only if using TLS authentication) - - - This is only needed if using either of the TLS, … authentication options. - -- Part 2: Create External Engine - - - The External Engine defines how FPolicy makes and manages connections to external FPolicy - servers like Activity Monitor Agent. - -- Part 3: Create FPolicy Events - - - An FPolicy event defines which protocol(s) to monitor and which file access events to monitor. - -- Part 4: Create FPolicy Policy - - - The FPolicy policy associates the other three FPolicy components and allows for the - designation of a privileged FPolicy user - - If running the Access Auditing (FSAA), Activity Auditing (FSAC), and/or Sensitive Data - Discovery Auditing scans, then this is the user account credential to be added to the - Enterprise Auditor Connection Profile. - -- Part 5: Create FPolicy Scope - - - The FPolicy scope creates the filters necessary to perform scans on specific shares or - volumes. - -- Part 6: Set TLS Authentication (optional) - - - This is only needed if using either of the TLS authentication options. - -- Part 7: Enable the FPolicy - - - Once the FPolicy is enabled, the Activity Monitor Agent can be configured to monitor the SVM. - -- Part 8: Connect FPolicy Server / Agent to Cluster Node (optional) - - - This is only needed if there is an issue with connection to the Cluster node or for - troubleshooting a disconnection issue. - -### Part 1: Install Server Certificate on the SVM - -If using the TLS authentication options, it is necessary to install the Server Certificate on the -SVM. - -Use the following command to install the Server Certificate: - -``` -security certificate install type client-ca -vserver [SVM_NAME] -``` - -Example: - -``` -security certificate install type client-ca -vserver testserver -``` - -The command will ask you to provide a public certificate. Copy the public key from the Server -Certificate PEM file, i.e. the block starting with "`-----BEGIN CERTIFICATE-----`" and ending with -"`-----END CERTIFICATE-----`". Paste the block to the terminal window. - -#### Validate Part 1: Server Certificate Install - -Run the following command to validate the Server Certificate is installed: - -``` -security certificate show -vserver [SVM_NAME] -commonname [ACTIVITY_AGENT_SERVER_NAME] -type client-ca instance -``` - -Example: - -``` -security certificate show -vserver testserver -commonname testagentserver -type client-ca instance -``` - -### Part 2: Create External Engine - -The External Engine defines how FPolicy makes and manages connections to external FPolicy servers. - -IMPORTANT: - -- The `-primary-servers` must be the server hosting the Activity Monitor Agent. -- If intending to use the Activity Monitor with Enterprise Auditor, then the primary server must - also be the proxy server from which the Enterprise Auditor Access Auditing (FSAC) scans are - running, e.g. the Enterprise Auditor Console server for local mode or the proxy server if running - in any of the proxy mode options. -- The following values are required: - - - `engine-name StealthAUDITEngine`, the names of the external engine object can be customized - (see below). - - `port 9999`, Port number can be customized, but it is recommended to use 9999. - - `extern-engine-type asynchronous` - - `ssl-option no-auth` - - `send-buffer-size 6291456`, for ONTAP 9.10+ use `send-buffer-size 8388608` - -**CAUTION:** All parameters are case sensitive. - -Use the following command to create the external engine: - -``` -set -privilege advanced -vserver fpolicy policy external-engine create -vserver [SVM_NAME] -engine-name StealthAUDITEngine -primary-servers [IP_ADDRESS,…] -port 9999 -extern-engine-type asynchronous -ssl-option no-auth -send-buffer-size 6291456 -``` - -Example: - -``` -set -privilege advanced -vserver fpolicy policy external-engine create -vserver testserver -engine-name StealthAUDITEngine -primary-servers 192.168.30.15 -port 9999 -extern-engine-type asynchronous -ssl-option no-auth -send-buffer-size 6291456 -``` - -#### Validate Part 2: External Engine Creation - -Run the following command to validate the creation of the external engine: - -``` -fpolicy policy external-engine show -instance -``` - -Verify that the output is displayed as follows: - -![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validateexternalenginecreation.webp) - -Relevant NetApp Documentation: To learn more about creating an external engine, please visit the -NetApp website and read the -[vserver fpolicy policy external-engine create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-external-engine-create.html) -article. - -### Part 3: Create FPolicy Event - -An event defines which protocol to monitor and which file access events to monitor. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. -- Enterprise Auditor and the Activity Monitor are capable of monitoring both NFS and CIFS. However, - it is necessary to create separate events for each protocol. -- The following values are required: - - - `event-name` - - - For CIFS shares – ` StealthAUDITScreeningCifs` for successful events; - `StealthAUDITScreeningFailedCifs` for failed events. - - For NFS shares – `StealthAUDITScreeningNfsV3, StealthAUDITScreeningNfsV4` for successful - events; `StealthAUDITScreeningFailedNfsV3, StealthAUDITScreeningFailedNfsV4` for failed - events. - The names of the event objects can be customized (see - [Customization of FPolicy Object Names](#customization-of-fpolicy-object-names)). - - - `volume-operation true` - - `protocol` – one of the following `cifs`, `nfsv3`, `nfsv4` - - `monitor-fileop-failure` – `true `or `false`, indicates whether failed file operations are - reported. - -- Limiting the file operations to be monitored is an excellent way to limit the performance impact - the FPolicy will have on the NetApp device. The file operations from which to choose are below - with additional filter options: - - - `create` – File create operations - - `create_dir` – Directory create operations - - `close` – File close operations - - - Enable this operation for NFSv4 to capture all read operations - - - `delete` – File delete operations - - `delete_dir` – Directory delete operations - - `link` – Link operations - - `open` – File open operations for CIFS protocol - - - `open-with-delete-intent` – Limits notification to only when an attempt is made to open a - file with the intent to delete it, according to the `FILE_DELETE_ON_CLOSE` flag - specification - - **NOTE:** File open operations are only supported with the `open-with-delete-intent` - filter applied. - - - `read` – File read operations - - - `first-read` – Limits notification to only first read operations for CIFS protocol. For - ONTAP 9.2+, this filter can be used for both CIFS and NFS protocols. - - - `rename`– File rename operations - - `rename_dir`– Directory rename operations - - `setattr` – Set attribute operations and permission changes. The following filters are - available for ONTAP 9.0+ to limit events to permission changes only: - - - CIFS: - - - `setattr-with-owner-change` - - `setattr-with-group-change` - - `setattr-with-sacl-change` - - `setattr-with-dacl-change` - - - NFSv3: - - - `setattr-with-owner-change` - - `setattr-with-group-change` - - `setattr-with-mode-change` - - - NFSv4: - - - `setattr-with-owner-change` - - `setattr-with-group-change` - - `setattr-with-mode-change` - - `setattr-with-sacl-change` - - `setattr-with-dacl-change` - - - `symlink` – Symbolic link operations - - `write` – File write operations - - - `first-write` – Limits notification to only first write operations for CIFS protocol. For - ONTAP 9.2+, this filter can be used for both CIFS and NFS protocols. - -- For failed/denied events, the list of supported file operations is limited to the following - values: - - - CIFS: `open` - - NFSv3: - `create, create_dir, read, write, delete, delete_dir, rename, rename_dir, setattr, link` - - NFSv4: - `open, create, create_dir, read, write, delete, delete_dir, rename, rename_dir, setattr, link` - -**CAUTION:** All parameters are case sensitive. - -Use the following command to create the FPolicy event for CIFS protocols: - -``` -vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningCifs -volume-operation true -protocol cifs -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] -``` - -Example: - -``` -vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningCifs -volume-operation true -protocol cifs -file-operations create,create_dir,delete,delete_dir,open,read,write,rename,rename_dir,setattr -filters first-read,first-write,open-with-delete-intent,setattr-with-owner-change,setattr-with-group-change,setattr-with-sacl-change,setattr-with-dacl-change -``` - -Use the following command to create the FPolicy event for NFSv3 protocols: - -``` -vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningNfsV3 -volume-operation true -protocol nfsv3 -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] -``` - -Example: - -``` -vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningNfsV3 -volume-operation true -protocol nfsv3 -file-operations create,create_dir,delete,delete_dir,read,write,rename,rename_dir,setattr,link,symlink -filters first-read,first-write,setattr-with-owner-change,setattr-with-group-change,setattr-with-mode-change -``` - -Use the following command to create the FPolicy event for NFSv4 protocols: - -``` -vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningNfsV4 -volume-operation true -protocol nfsv4 -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] -``` - -Example: - -``` -vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningNfsV4 -volume-operation true -protocol nfsv4 -file-operations create,create_dir,delete,delete_dir,read,write,rename,rename_dir,setattr,link,symlink,close -filters group-change,setattr-with-mode-change,setattr-with-sacl-change,setattr-with-dacl-change -``` - -#### Validate Part 3: FPolicy Event Creation - -Run the following command to validate the creation of the FPolicy event: - -``` -fpolicy policy event show -event-name [StealthAUDITScreeningCifs or StealthAUDITScreeningNfsV3 or StealthAUDITScreeningNfsV4 or ...] -instance -``` - -Example: - -``` -fpolicy policy event show -event-name StealthAUDITScreeningCifs -instance -``` - -Verify that the output is displayed as follows: - -![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/fpolicyeventcreation.webp) - -Relevant NetApp Documentation: To learn more about creating an event, please visit the NetApp -website and read the -[vserver fpolicy policy event create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-event-create.html) -article. - -### Part 4: Create FPolicy Policy - -The FPolicy policy associates the other three FPolicy components and allows for the designation of a -privileged FPolicy user, or the provisioned FPolicy account. If running the Access Auditing (FSAA), -Activity Auditing (FSAC), and/or Sensitive Data Discovery Auditing scans in Enterprise Auditor, then -this is also the user account credential to be added to the Enterprise Auditor Connection Profile. - -IMPORTANT: - -- To monitor both CIFS and NFS protocols, two FPolicy Event were created. Multiple events can be - included in the FPolicy policy. -- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. -- The External Engine and FPolicy Event used in this command must be the External Engine created in - Part 2 and the FPolicy Event created in Part 3 from the previous steps. -- The following values are required: - - - `policy-name StealthAUDIT`, the name of the policy object can be customized (see - [Customization of FPolicy Object Names](#customization-of-fpolicy-object-names)). - -- The following values are required for Enterprise Auditor integration: - - - `privileged-user-name`, which must be a provisioned FPolicy account - - `allow-privileged-access yes` - -**CAUTION:** All parameters are case sensitive. - -Use the following command to create the FPolicy policy to monitor both CIFS and NFS protocols: - -``` -vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningCifs,StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningCifs,StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 -``` - -Use the following command to create the FPolicy policy to monitor only CIFS protocols: - -``` -vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningCifs -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningCifs -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 -``` - -Use the following command to create the FPolicy policy to monitor only NFS protocols: - -``` -vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 -``` - -#### Validate Part 4: FPolicy Policy Creation - -Run the following command to validate the creation of the FPolicy policy: - -``` -fpolicy policy show -instance -``` - -![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicypolicycreation.webp) - -Relevant NetApp Documentation: To learn more about creating a policy, please visit the NetApp -website and read the -[vserver fpolicy policy create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-create.html) -article. - -### Part 5: Create FPolicy Scope - -The FPolicy scope creates the filters necessary to perform scans on specific shares or volumes. It -is possible to set the scope to monitor all volumes or all shares by replacing the volume/share name -variable [SVM_NAME] in the command with an asterisk (\*). - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. -- It is not necessary to specify both volumes and shares. One or the other is sufficient. -- If you want to monitor everything, set the "`volumes-to-include`" value to "`*`". - -Use the following command to create the FPolicy scope by specifying volume(s): - -``` -vserver fpolicy policy scope create -vserver [SVM_NAME] -policy-name StealthAUDIT -volumes-to-include [VOLUME_NAME],[VOLUME_NAME] -``` - -Example: - -``` -vserver fpolicy policy scope create -vserver testserver -policy-name StealthAUDIT -volumes-to-include samplevolume1,samplevolume2 -``` - -Use the following command to create the FPolicy scope by specifying share(s): - -``` -vserver fpolicy policy scope create -vserver [SVM_NAME] -policy-name StealthAUDIT -shares-to-include [SHARE_NAME],[SHARE_NAME] -``` - -Example: - -``` -vserver fpolicy policy scope create -vserver testserver -policy-name StealthAUDIT -shares-to-include sampleshare1,sampleshare2 -``` - -#### Validate Part 5: FPolicy Scope Creation - -Run the following command to validate the FPolicy scope creation: - -``` -fpolicy policy scope show -instance -``` - -![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicyscopecreation.webp) - -Relevant NetApp Documentation: To learn more about creating scope, please visit the NetApp website -and read the -[vserver fpolicy policy scope create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-scope-create.html) -article. - -### Part 6: Set TLS Authentication - -If using the TLS authentication options, it is necessary to set authentication for the type of -authentication. - -#### Set Server-Authentication - -Use the following command to set server-authentication: - -``` -vserver fpolicy policy externalengine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option server-auth -``` - -Example: - -``` -vserver fpolicy policy externalengine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option server-auth -``` - -#### Set Mutual-Authentication - -Use the following command to set mutual-authentication: - -``` -vserver fpolicy policy external-engine modify ‑vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name [COMMON_NAME] -certificate-serial [CERTIFICATE_SERIAL] -certificate-ca [CERTIFICATE_AUTHORITY] -``` - -Example: - -``` -vserver fpolicy policy external-engine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name testserver -certificate-serial 461AC46521B31321330EBBE4321AC51D -certificate-ca "VeriSign Universal Root Certification Authority" -``` - -#### Validate Mutual-Authentication Is Set - -Run the following command to confirm mutual-authentication is set: - -``` -vserver fpolicy policy external-engine show -fields ssl-option -``` - -### Part 7: Enable the FPolicy - -The FPolicy must be enabled before the Activity Monitor Agent can be configured to monitor the SVM. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. - -Use the following command to enable the FPolicy: - -``` -vserver fpolicy enable -vserver [SVM_NAME] -policy-name StealthAUDIT -sequence-number [INTEGER] -``` - -Example: - -``` -vserver fpolicy enable -vserver testserver -policy-name StealthAUDIT -sequence-number 10 -``` - -#### Validate Part 7: FPolicy Enabled - -Run the following command to validate the FPolicy scope creation: - -``` -vserver fpolicy show -``` - -![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatefpolicyenabled.webp) - -Relevant NetApp Documentation: To learn more about enabling a policy, please visit the NetApp -website and read the -[vserver fpolicy enable](https://docs.netapp.com/us-en/ontap-cli-9121//vserver-fpolicy-enable.html) -article. - -### Part 8: Connect FPolicy Server / Agent to Cluster Node - -Manually connecting the FPolicy server (or Agent server) to the Cluster Node is only needed if there -is an issue with connection to the Cluster Node or for troubleshooting a disconnection issue. - -Use the following command to connect the `StealthAUDITEngine` that belongs to the `StealthAUDIT` -policy to all Cluster Nodes: - -``` -policy engine-connect -vserver [SVM_NAME] -policy-name StealthAUDIT -node * -``` - -Example: - -``` -policy engine-connect -vserver testserver -policy-name StealthAUDIT -node * -``` - -#### Validate Part 8: Connection to Cluster Node - -Run the following command to validate connection to the Cluster Node: - -``` -fpolicy show-engine -vserver [SVM_NAME] -policy-name StealthAUDIT -node * -``` - -![Output Displayed](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/connectiontoclusternode.webp) - -## Automatic Configuration of FPolicy - -The Activity Monitor can automatically configure FPolicy on the targeted SVM. The FPolicy created -will monitor file system activity from all volumes and shares of the SVM. This feature can be -enabled using the **Configure FPolicy. Create or modify FPolicy objects if needed** checkbox in the -monitored host's properties in the Activity Monitor. - -If using the TLS, mutual authentication option, you will need to create the PEM file for the Client -Certification, which is needed during the monitored host configuration in the Activity Monitor. It -will also be necessary to set mutual authentication on the SVM. - -### Set TLS Mutual-Authentication - -If using the TLS, mutual authentication options, it is necessary to set authentication. - -Use the following command to set mutual-authentication: - -``` -vserver fpolicy policy external-engine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name [COMMON_NAME] -certificate-serial [CERTIFICATE_SERIAL] -certificate-ca [CERTIFICATE_AUTHORITY] -``` - -Example: - -``` -vserver fpolicy policy external-engine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name testserver -certificate-serial 461AC46521B31321330EBBE4321AC51D -certificate-ca "VeriSign Universal Root Certification Authority" -``` - -#### Validate: Mutual-Authentication - -Run the following command to confirm mutual-authentication is set: - -``` -vserver fpolicy policy external-engine show -fields ssl-option -``` - -## Customization of FPolicy Object Names - -Activity Monitor uses the following FPolicy object names by default: - -- Policy name: `StealthAUDIT` -- External Engine name: `StealthAUDITEngine` -- CIFS Event name: `StealthAUDITScreeningCifs` -- NFS v3 Event name: `StealthAUDITScreeningNfsV3` -- NFS v4 Event name: `StealthAUDITScreeningNfsV4` -- Failed CIFS Event name: `StealthAUDITScreeningFailedCifs` -- Failed NFS v3 Event name: `StealthAUDITScreeningFailedNfsV3` -- Failed NFS v4 Event name: `StealthAUDITScreeningFailedNfsV4` - -These names can be customized in the monitored host's settings in the Activity Monitor. It can be -useful in two scenarios: - -- You want the names to match the company policies; -- You want to configure FPolicy manually using your custom names, but also want to leverage the - "Enable and Connect FPolicy" feature of the Activity Monitor, so that the product ensures that - FPolicy stays enabled and connected at all times. - -# NetApp Data ONTAP Cluster-Mode Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery -Auditing scans on NetApp Data ONTAP Cluster-Mode devices. The Netwrix Activity Monitor can be -configured to monitor activity on NetApp Data ONTAP Cluster-Mode devices and make the event data -available for Enterprise Auditor Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Enterprise Auditor scans must have the following permissions on the -target host: - -- For CIFS access: - - - Method 1 – Use FPolicy & ONTAP API - - - Enumerate shares by executing specific NetApp API calls - - Bypass NTFS security to read the entire folder structure to be scanned and collect - file/folder permissions - - - Method 2 – Use the c$ Share - - - Enumerate shares with standard Windows file sharing APIs. - - Bypass NTFS security to read the entire folder structure to be scanned and collect - file/folder permissions - -- For NFSv3 access: - - - IP Address of scanning server in the export policy for each volume - -These permissions grant the credential the ability to enumerate shares, access the remote registry, -and bypass NTFS security on folders. The credential used within the assigned Connection Profile for -these target hosts requires these permissions. See the -[NetApp Data ONTAP Cluster-Mode Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md) -topic for instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of NetApp Data ONTAP Cluser-Mode Device - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -NetApp Data ONTAP Cluster-Mode Device Requirements - -An FPolicy must be configured on the target device for Activity Auditing (FSAC) scans. A tailored -FPolicy is recommended as it decreases the impact on the NetApp device. The credential associated -with the FPolicy used to monitor activity must be provisioned with access to (at minimum) the -following CLI commands, according to the level of collection desired: - -- Collect Activity Events (Least Privilege) - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - -- Employ the “Enable and connect FPolicy” Option (Less Privilege) - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - - `vserver fpolicy disable` – All access - - `vserver fpolicy enable` – All access - - `vserver fpolicy engine-connect` – All access - - `network interface` – Readonly access - -- Employ the “Configure FPolicy Option (Automatic Configuration of FPolicy) - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - - `vserver fpolicy` – All access - - `network interface` – Readonly access - -- If FPolicy uses a TLS connection, the following CLI command is also needed: - - - `security certificate install` – All access - -- StealthAUDIT Integration requires the addition of the following CLI command: - - - `security login role show-ontapi` – Readonly access - -See the -[NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md) -topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for NetApp Data ONTAP Cluster-Mode Device - -The following firewall settings are required for communication between the Activity Monitor Activity -Agent server and the target NetApp Data ONTAP Cluster-Mode device: - -| Communication Direction | Protocol | Ports | Description | -| --------------------------------- | ---------------- | ----- | -------------- | -| Activity Agent Server to NetApp\* | HTTP (optional) | 80 | ONTAPI | -| Activity Agent Server to NetApp\* | HTTPS (optional) | 443 | ONTAPI | -| NetApp to Activity Agent Server | TCP | 9999 | FPolicy events | - -\*Only required if using the FPolicy Configuration and FPolicy Enable and Connect options in -Activity Monitor. - -**NOTE:** If either HTTP or HTTPS are not enabled, the FPolicy on the NetApp Data ONTAP 7-Mode -device must be configured manually. Also, the External Engine will not reconnect automatically in -the case of a server reboot or service restart. - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | - -# Provision ONTAP Account - -This topic describes the steps needed to create a user account with the privileges required to -connect the Activity Monitor Agent to ONTAP API and to execute the API calls required for activity -monitoring and configuration. - -Provisioning this account is a two part process: - -- Part 1: Create Security Role -- Part 2: Create Security Login - -## Part 1: Create Security Role - -This section provides instructions for creating an access-control role. An access-control role -consists of a role name and a set of commands or API endpoints to which the role has access. It also -includes an access level (none, read-only, or all) and a query that applies to the specified command -or API endpoint. - -The permissions needed depends on the functionality level: - -- Least Privileged: ONLY Collect Events – This is the minimal functionality level. A user manually - configures FPolicy and ensures that it stays enabled and connected. The product only collects - events. This functionality level is not recommended as it requires an additional solution that - tracks the state of FPolicy and fixes the problem should ONTAP disconnect or should the policy - become disabled. -- **_RECOMMENDED:_** Less Privileged: Enable/Connect Policy & Collect Events – With this level, the - user still performs the initial FPolicy configuration manually. The product tracks the state of - FPolicy with periodic checks to ensure it stays enabled and connected all the time. -- **_RECOMMENDED:_** Automatically Configure the FPolicy – With this full-blown level, no manual - configuration is needed. The product performs the initial FPolicy configuration; updates FPolicy - to reflect configuration changes; ensures that FPolicy stays enabled and connected all the time. - -No matter which set of permissions you provision, validate the configuration before continuing to -Part 2. See the -[Validate Part 1: Security Role Configuration](#validate-part-1-security-role-configuration) topic -for additional information. - -If the FPolicy is to be used for both the Activity Monitor and Enterprise Auditor, the account also -needs to be provisioned with an additional permission. See the -[Enterprise Auditor Integration](#enterprise-auditor-integration) topic for additional information. - -The commands to create a role and names of permissions depend on the ONTAP API used. The product -supports both the classic ONTAPI/ZAPI and the new REST API. For ONTAPI/ZAPI you need to use -`security login role create` command to create a RBAC access control role. The required commands are -listed in the `cmddirname` parameter. For REST API, use `security login rest-role create` command to -create a REST access control role. The required API endpoint is specified in the `api` parameter. -The following sections provide instructions for both API modes. - -### Least Privileged: ONLY Collect Events - -If the desire is for a least privileged model, the Activity Monitor requires the following -permissions to collect events. - -#### ONTAPI/ZAPI - -- `version` – Readonly access -- `volume` – Readonly access -- `vserver` – Readonly access - -Use the following commands to provision read-only access to all required commands: - -``` -security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME]     -``` - -Example: - -``` -security login role create -role enterpriseauditor -cmddirname "version" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditor -cmddirname "volume" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditor -cmddirname "vserver" -access readonly -query "" -vserver testserver -``` - -#### REST API - -- `/api/cluster` – Readonly access -- `/api/protocols/cifs/services` – Readonly access -- `/api/storage/volumes` – Readonly access -- `/api/svm/svms` – Readonly access - -Use the following commands to provision read-only access to all required API endpoints: - -``` -security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] -``` - -Example: - -``` -security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver -``` - -**NOTE:** If the FPolicy account is configured with these permissions, it is necessary to manually -configure the FPolicy. See the -[Configure FPolicy](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md) -topic for additional information. - -### Less Privileged: Enable/Connect FPolicy & Collect Events - -If the desire is for a less privileged model, the Activity Monitor requires the following -permissions to collect events: - -#### ONTAPI/ZAPI - -- `version` – Readonly access -- `volume` – Readonly access -- `vserver` – Readonly access - - `network interface` – Readonly access - -- `vserver fpolicy disable` – All access -- `vserver fpolicy enable` – All access - - _Remember,_ this permission permits the Activity Monitor to enable the FPolicy. If the “Enable - and connect FPolicy” option is employed but the permission is not provided, the agent will - encounter “Failed to enable policy” errors, but it will still be able to connect to the FPolicy. - Since this permission model requires a manual configuration of the FPolicy, then the need to - manually enable the FPolicy will be met. - -- `vserver fpolicy engine-connect` – All access - -Use the following command to provision access to all required commands: - -``` -security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "network interface" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy disable" -access all -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy enable" -access all -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy engine-connect" -access all -query "" -vserver [SVM_NAME] -``` - -Example: - -``` -security login role create -role enterpriseauditorrest -cmddirname "version" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "volume" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "network interface" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy disable" -access all -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy enable" -access all -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy engine-connect" -access all -query "" -vserver testserver -``` - -#### REST API - -- `/api/cluster` – Readonly access -- `/api/protocols/cifs/services` – Readonly access -- `/api/storage/volumes` – Readonly access -- `/api/svm/svms` – Readonly access -- `/api/network/ip/interfaces` – Readonly access -- `/api/protocols/fpolicy` – All access - -Use the following commands to provision read-only access to all required API endpoints: - -``` -security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/network/ip/interfaces" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/protocols/fpolicy" -access all -vserver [SVM_NAME] -``` - -Example: - -``` -security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/network/ip/interfaces" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/protocols/fpolicy" -access all -vserver testserver -``` - -**NOTE:** If the FPolicy account is configured with these permissions, it is necessary to manually -configure the FPolicy. See the -[Configure FPolicy](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md) -topic for additional information. - -### Automatically Configure the FPolicy - -If the desire is for the Activity Monitor to automatically configure the FPolicy, the security role -requires the following permissions: - -#### ONTAPI/ZAPI - -- `version` – Readonly access -- `volume` – Readonly access -- `vserver` – Readonly access - - `network interface` – Readonly access - -- `vserver fpolicy` – All access -- `security certificate install` – All access - - _Remember,_ this permission is only needed for FPolicy TLS connections. - -Use the following command to provision access to all required commands: - -``` -security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "network interface" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy" -access all -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "security certificate install" -access all -query "" -vserver [SVM_NAME] -``` - -Example: - -``` -security login role create -role enterpriseauditorrest -cmddirname "version" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "volume" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "network interface" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy" -access all -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "security certificate install" -access all -query "" -vserver testserver -``` - -#### REST API - -- `/api/cluster` – Readonly access -- `/api/protocols/cifs/services` – Readonly access -- `/api/storage/volumes` – Readonly access -- `/api/svm/svms` – Readonly access -- `/api/network/ip/interfaces` – Readonly access -- `/api/protocols/fpolicy` – All access -- `/api/security/certificates` – All access - - Remember, this permission is only needed for FPolicy TLS connections. - -Use the following commands to provision access to all required API endpoints: - -``` -security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/network/ip/interfaces" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/protocols/fpolicy" -access all -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/security/certificates" -access all -vserver [SVM_NAME] -``` - -Example: - -``` -security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/network/ip/interfaces" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/protocols/fpolicy" -access all -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/security/certificates" -access all -vserver testserver -``` - -**NOTE:** If the FPolicy account is configured with these permissions, the Activity Monitor can -automatically configure the FPolicy. See the -[Configure FPolicy](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md) -topic for additional information. - -### Enterprise Auditor Integration - -If the desire is for FPolicy to be used with both the Activity Monitor and Enterprise Auditor, then -the following permission is also required: - -- `security login role show-ontapi` – Readonly access - -Use the following command to provision read-only access to security login role show-ontapi commands: - -``` -security login role create -role [ROLE_NAME] -cmddirname "security login role show-ontapi" -access readonly -query "" -vserver [SVM_NAME] -``` - -Example: - -``` -security login role create -role enterpriseauditor -cmddirname "security login role show-ontapi" -access readonly -query "" -vserver testserver -``` - -### Validate Part 1: Security Role Configuration - -For ONTAPI, run the following command to validate the RBAC security role configuration: - -``` -security login role show [ROLE_NAME] -``` - -Example: - -``` -security login role show enterpriseauditor -``` - -Relevant NetApp Documentation: For more information about creating RBAC access control roles, read -the -[security login role create](https://docs.netapp.com/us-en/ontap-cli-9141//security-login-role-create.html) -article. - -For REST API, run the following command to validate the REST security role configuration: - -``` -security login rest-role show [ROLE_NAME] -``` - -Example: - -``` -security login rest-role show enterpriseauditorrest -``` - -For more information about creating REST access control roles, read the -[security login rest-role create](https://docs.netapp.com/us-en/ontap-cli-9141/security-login-rest-role-create.html) -article. - -## Part 2: Create Security Login - -Once the access control role has been created, apply it to a domain account. Ensure the following -requirements are met: - -- The SVM used in the following command must be the same SVM used when creating the access control - role in Part 1. -- All parameters are case sensitive. -- It is recommended to use lowercase for both domain and username. The case of domain and username - created during the account provisioning process must match exactly to the credentials provided to - the Activity Monitor activity agent for authentication to work. - -Use the following command to create the security login for the security role created in Part 1: - -``` -security login create -user-or-group-name [DOMAIN\DOMAINUSER] -application ontapi -authentication-method [DOMAIN_OR_PASSWORD_AUTH] -role [ROLE_NAME] -vserver [SVM_NAME] -``` - -Example: - -``` -security login create -user-or-group-name example\user1 -application ontapi -authentication-method domain -role enterpriseauditor -vserver testserver -``` - -Validate this security login was created. - -### Validate Part 2: Security Login Creation - -Run the following command to validate security login: - -``` -security login show [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -security login show example\user1 -``` - -Verify that the output is displayed as follows: - -![validatesecuritylogincreation](/img/versioned_docs/activitymonitor_7.1/config/netappcmode/validatesecuritylogincreation.webp) - -For more information about creating security logins, read the -[security login create](https://docs.netapp.com/us-en/ontap-cli-9141/security-login-create.html) -article. diff --git a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nutanix.md b/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nutanix.md deleted file mode 100644 index 898bf2c56c..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nutanix.md +++ /dev/null @@ -1,109 +0,0 @@ -# Nutanix Appliance Access & Sensitive Data Auditing Configuration - -The credentials used to run Enterprise Auditor scans on Nutanix appliances must have the **Backup -Admin: Backup Access only** role assigned. - -## Nutanix Prism Central Interface - -Follow the steps to configure the required account in the Nutanix Prism Central Interface. - -**Step 1 –** Select the **Home** dropdown and select **File Server**. - -**Step 2 –** On the file server page, under actions select **Launch Files Console**. - -**Step 3 –** On the new files URL page, locate the **Configuration** dropdown and select **Manage -Roles**. - -![Nutanix Backup Admin: Backup Access only role](/img/versioned_docs/accessanalyzer_11.6/config/nutanix/nutanixbackupadminrole.webp) - -**Step 4 –** On the Manage Roles window, add an account with the **Backup Admin: Backup Access -only** role. - -This account must be used for running the Enterprise Auditor scans on Nutanix appliances. - -# Nutanix Activity Auditing Configuration - -The Netwrix Activity Monitor can be configured to monitor activity on Nutanix devices. - -A user having REST API access must be created on the Nutanix Files server to monitor the files -server using Activity Monitor. Additional configurations are done by Activity Monitor with the help -of this user. In the Nutanix Files server, select **Configuration** > **Manage Roles**. Under the -REST API access users section, click **New User** to create a new user. Specify the username and the -password. - -**NOTE:** The user credentials created here are used when adding a Nutanix file server in Activity -Monitor. - -# Nutanix Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery -Auditing scans on Nutanix Appliances. The Netwrix Activity Monitor can be configured to monitor -activity on Nutanix Appliances and make the event data available for Enterprise Auditor Activity -Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Enterprise Auditor scans must have the following permissions on the -target host: - -- Group membership in the role **Backup Admin: Backup Access Only** - -See the -[Nutanix Appliance Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nutanix.md) -topic for additional information. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Activity Auditing Permissions - -The Netwrix Activity Monitor can be configured to monitor activity on Nutanix devices. See the -[Nutanix Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nutanix.md) -topic for instructions. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Nutanix Appliances - -The following firewall settings are required for communication between the Activity Monitor Activity -Agent server and the target Nutanix device: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ----------------------- | -| Activity Agent Server to Nutanix | TCP | 9440 | Nutanix API | -| Nutanix to Activity Agent Server | TCP | 4501 | Nutanix Event Reporting | - -Protect the port with a username and password. The credentials will be configured in Nutanix. - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/qumulo.md b/docs/accessanalyzer/11.6/configuration-guides/storage-systems/qumulo.md deleted file mode 100644 index 846900c99c..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/qumulo.md +++ /dev/null @@ -1,121 +0,0 @@ -# Qumulo Activity Auditing Configuration - -The Netwrix Activity Monitor can be configured to monitor activity on Qumulo devices. To prepare -Qumulo to be monitored, an account needs to be provisioned and the audit event format may need to be -modified. - -## Provision Account - -Activity Monitor requires an account with the Observers role to monitor a Qumulo cluster. Follow the -steps to create a new account in the Qumulo web user interface with the Observers role. - -**Step 1 –** Create a new user in **Cluster** > **Local Users & Groups**. - -**Step 2 –** Assign the Observers role to the user using **Cluster** > **Role Management**. - -This credential will then be used when configuring the Activity Agent to monitor the Qumulo device. - -## Verify Audit Event Format - -Qumulo reports audit events in one of two formats: CSV and JSON. While the Netwrix Activity Monitor -supports both, the JSON format is recommended as it provides more detail. In particular, it allows -the product to distinguish between permission change events and attribute change events, presents -granular information for permission changes, and includes user SIDs instead of just usernames. The -advanced filtering of Microsoft Office activity also requires the JSON format. - -The JSON format for audit events was introduced in Qumulo Core 6.0.1. The new format can be enabled -via an SSH session to the Qumulo cluster. - -Follow the steps to verify that audit event format and change the format, if needed. - -**Step 1 –** Connect to the Qumulo cluster with SSH. - -**Step 2 –** Execute the following command to log in: - -`qq --host login -u ` - -The command will ask for the password. - -**Step 3 –** Execute the following command to check current format: - -qq audit_get_syslog_config - -The format will be shown in the **format** field. The old format is **csv**; the new format is -**json**. - -**Step 4 –** Execute the following command to change the format, if needed: - -qq audit_set_syslog_config --json - -The change willshould be reflected in the **format** field. - -# Qumulo Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery -Auditing scans on Qumulo devices. The Netwrix Activity Monitor can be configured to monitor activity -on Qumulo devices and make the event data available for Enterprise Auditor Activity Auditing (FSAC) -scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Enterprise Auditor scans must have the following permissions on the -target host: - -- Group membership in the Data-Administrators role - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Activity Auditing Permissions - -Netwrix Activity Monitor requires an account with the Observers role to monitor a Qumulo cluster. -See the -[Qumulo Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/qumulo.md) -topic for instructions. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Qumulo Devices - -The following firewall settings are required for communication between the Activity Monitor Activity -Agent server and the target Qumulo device: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ----- | ---------------------- | -| Activity Agent Server to Qumulo | TCP | 8000 | Qumulo API | -| Qumulo to Activity Agent Server | TCP | 4496 | Qumulo Event Reporting | - -Protect the port with a username and password. The credentials will be configured in Qumulo. - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/windows-file-systems.md b/docs/accessanalyzer/11.6/configuration-guides/storage-systems/windows-file-systems.md deleted file mode 100644 index 9e8b80a126..0000000000 --- a/docs/accessanalyzer/11.6/configuration-guides/storage-systems/windows-file-systems.md +++ /dev/null @@ -1,268 +0,0 @@ -# Windows File Server Access & Sensitive Data Auditing Configuration - -Permissions required for Enterprise Auditor to execute Access Auditing (SPAA) and/or Sensitive Data -Discovery Auditing scans on a Windows file server are dependent upon the Scan Mode Option selected. -See the -[File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -However, additional considerations are needed when targeting a Windows File System Clusters or DFS -Namespaces. - -## Windows File System Clusters - -The permissions necessary to collect file system data from a Windows File System Cluster must be set -for all nodes that comprise the cluster. - -**NOTE:** It is necessary to target the Windows File Server Cluster (name of the cluster) of -interest when running a File System scan against a Windows File System Cluster. - -Configure credentials on all cluster nodes according to the Windows Operating Systems required -permissions for the desired scan mode with these additional considerations: - -- For - [Applet Mode](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#applet-mode) - and - [Proxy Mode with Applet](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#proxy-mode-with-applet): - - - Applet will be deployed to each node - - Credential used in the Connection Profile must have rights to deploy the applet to each node - -- For - [Proxy Mode as a Service](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#proxy-mode-as-a-service): - - - Proxy Service must be installed on each node - - For Sensitive Data Discovery Auditing scans, the Sensitive Data Discovery Add-on must be - installed on each node - -Additionally, the credential used within the Connection Profile must have rights to remotely access -the registry on each individual cluster node. - -_Remember,_ Remote Registry Service must be enabled on all nodes that comprise the cluster. -Configure the credential(s) with the following rights on all nodes: - -- Group membership in the local Administrators group -- Granted the “Log on as a batch” privilege - -Host List Consideration - -It is necessary to target the Windows File Server Cluster (name of the cluster) of interest when -running a File System scan against a Windows File System Cluster. Within the Master Host Table, -there should be a host entry for the cluster as well as for each node. Additionally, each of these -host entries must have the name of the cluster in the `WinCluster` column in the host inventory -data. This may need to be updated manually. - -See the View/Edit section of the -[Host Management Activities](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information on host inventory. - -- For FSAA and SDD scans, configure a custom host list to target the cluster's Role Server. -- For FSAC scans, configure a custom host list to target the Windows File Server Cluster. - -The host targeted by the File System scans is only the host entry for the cluster. For example: - -The environment has a Windows File System Cluster named `ExampleCluster1` with three nodes named -`ExampleNodeA`, `ExampleNodeB`, and `ExampleNodeC`. There would be four host entries in the -StealthAUDIT Master Host Table: `ExampleCluster1`, `ExampleNodeA`, `ExampleNodeB`, and -`ExampleNodeC`. Each of these four entries would have the same value of the cluster name in the -`WinCluster` column: `ExampleCluster1`. Only the `ExampleCluster1` host would be in the host list -targeted by the File System scans. - -Sensitive Data Discovery Scans - -For Sensitive Data Discovery Auditing scans on a Windows File System Cluster it is necessary for the -credential to also have Group membership in both of the following local groups for all nodes which -comprise the cluster: - -- Power Users -- Backup Operators - -Activity Auditing Scans - -The Netwrix Activity Monitor must deploy an Activity Agent on all nodes that comprise the Windows -File System Cluster. The Activity Agent generates activity log files stored on each node. Enterprise -Auditor targets the Windows File Server Cluster (name of the cluster) of interest in order to read -the activity. See the -[Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/windows-file-systems.md) -topic for additional information. - -The credential used Enterprise Auditor to read the activity log files must have: - -- Membership in the local Administrators group - -The FileSystemAccess Data Collector needs to be specially configured to run the -[1-FSAC System Scans Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -against a Windows File System Cluster. On the -[FSAA: Activity Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md), -configure the Host Mapping option. This provides a method for mapping between the target host and -the hosts where activity logs reside. However, this feature requires **advanced SQL scripting -knowledge** to build the query. - -Membership in the local Administrators group - -### Least Privilege Permission Model for Windows Cluster - -If a least privilege model is required by the organization, then the credential must have READ -access on the following registry keys: - -- `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SBTLogging\Parameters` -- `HKEY_LOCAL_MACHINE\Cluster\Nodes` - -Additionally, the credential must have READ access to the path where the activity log files are -located. - -## DFS Namespaces - -The FileSystem > 0.Collection > 0-FSDFS System Scans Job is configured by default to target the -default domain controller for the domain in which Enterprise Auditor resides. This is the -appropriate target host for this job when targeting a domain-based namespace. To target a standalone -namespace or multiple namespaces, create a custom host list of the server(s) hosting the -namespace(s). Then assign the custom host list to the 0-FSDFS System Scans Job. No additional host -list is require for the FileSystem > 0.Collection Job Group unless additional file servers are also -being targeted. - -DFS as Part of a Windows Cluster Consideration - -If the DFS hosting server is part of a Windows Cluster, then the Windows File System Clusters -requirements must be included with the credential. - -DFS and Activity Auditing Consideration - -For activity monitoring, the Netwrix Activity Monitor must have a deployed Activity Agent on all DFS -servers identified by the 0-FSDFS System Scans Job and populated into the dynamic host list. See the -[Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/windows-file-systems.md) -topic for additional information. - -# Windows File Server Activity Auditing Configuration - -In order for the Netwrix Activity Monitor to monitor Windows file server activity, an Activity Agent -must be deployed to the server. It cannot be deployed to a proxy server. However, additional -considerations are needed when targeting a Windows File System Clusters or DFS Namespaces. - -## Windows File System Clusters - -In order to monitor a Windows File System Cluster, an Activity Agent needs to be deployed on all -nodes that comprise the Windows File System Cluster. The credential used to deploy the Activity -Agent must have the following permissions on the server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -After the agent has been deployed, it is necessary to modify the HOST parameter in the -`SBTFilemon.ini` file to be the name of the cluster. For integration with Netwrix Enterprise -Auditor, this must be an exact match to the name of the cluster in the Master Host Table. - -## DFS Namespaces - -In order to monitor activity on DFS Namespaces, an Activity Agent needs to be deployed on all DFS -servers. - -**NOTE:** The FileSystem > 0.Collection > 0-FSDFS System Scans Job in Netwrix Enterprise Auditor can -be used to identify all DFS servers. - -The credential used to deploy the Activity Agent must have the following permissions on the server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -# Windows File Server Target Requirements - -Netwrix Enterprise Auditor can execute Access Auditing (FSAA) and/or Sensitive Data Discovery -Auditing scans on Windows file servers. The Netwrix Activity Monitor can be configured to monitor -activity on Windows file servers and make the event data available for Enterprise Auditor Activity -Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -- Permissions vary based on the Scan Mode Option selected. See the - [File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information. - -Windows File System Cluster Requirements - -See the -[Windows File Server Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/windows-file-systems.md) -topic for instructions. - -Windows File System DFS Namespaces Requirements - -See the -[Windows File Server Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/windows-file-systems.md) -topic for instructions. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Enterprise Auditor for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Activity Auditing Permissions - -Requirements to Deploy the Activity Agent on the Windows File Server - -The Netwrix Activity Monitor must have an Activity Agent deployed on the Windows file server to be -monitored. While actively monitoring, the Activity Agent generates activity log files stored on the -server. The credential used to deploy the Activity Agent must have the following permissions on the -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Enterprise Auditor, the credential used by -Enterprise Auditor to read the activity log files must have also have this permission. - -Windows File System Cluster Requirements - -See the -[Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/windows-file-systems.md) -topic for instructions. - -Windows File System DFS Namespaces Requirements - -See the -[Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/windows-file-systems.md) -topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Enterprise Auditor to read the activity log files must also -have READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Integration between Enterprise Auditor and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Enterprise Auditor Console: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------- | -------- | ---------- | ------------------------------ | -| Enterprise Auditor to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Enterprise Auditor to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md b/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md deleted file mode 100644 index 5c39e3c923..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md +++ /dev/null @@ -1,984 +0,0 @@ -# ActiveDirectory: Category - -The ActiveDirectory Data Collector Category page contains the following query categories, -sub-divided by auditing focus: - -![Active Directory Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The categories are: - -- Domains - - - Domains – Domains in an organization’s forest - - Trusted Domains – List of domains and their trust relationships - - FSMO Role Holders – FSMO Role Holders (Significant Domain Controllers) - - Domain Object Counts – Number of users and servers with each Domain - -- Directory Objects By Domain - - - Containers – Containers under given scope - - Organizational Units – Organizational units under given scope - - Computers – List of computer objects under scope - - Shared Folders – Shared folders under the scope - - Printers – Printer objects - - Users – All user objects under the scope - - Contacts – Contact objects - - Groups – Domain/global/universal distribution groups - -- Sites and Topology - - - Sites – List of AD sites - - Servers – Servers list - - Site Object Counts – Number of users and servers within each AD Site - -- Inter-site transports - - - Transports – Inter-site transports in AD - - SiteLinks – Connections between two sites - - SiteLinkBridges – Object for tracking transitively connected site links - -- DNS Services - - - Subnets – Known subnets list - - DNS Zones – DNS zone objects list - -- Directory Security - - - Extended Control Access Rights – Extended rights dump - - Security Principals – Well-known security principals from external sources - -- Directory Schema - - - Schema Attributes – Dumps all defined attributes in Active Directory - - Schema Classes – Dumps all defined classes in Active Directory - -- AD Replication - - - AD Replication Links – Active Directory replication links - -# ActiveDirectory: Directory Scope - -The Directory Scope page provides configuration settings for the directory connection and the scope -for the query. It is a wizard page for the category of **Directory Objects by Domain**. - -![Active Directory Data Collector Wizard Directory Scope page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/directoryscope.webp) - -The Directory Scope page has the following options: - -- Connect to – Identifies the target domain - - - Default domain – Domain in which the Enterprise Auditor Console server resides - - This domain – Domain specified in the textbox - -- Connect – Connects to the target domain to provide a list of directories -- Add – Add an OU to the query scope -- Remove – Removes an OU from the query scope -- Scope – List of OUs to be scanned -- Sub tree – Sub-OUs included in the scan if checked - -# ActiveDirectory: Options - -The Options page provides format options for returned data. It is a wizard page for all categories. - -![Active Directory Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -- How to format collected results – Select from the following options: - - - Return data as collected - - Return data in a separate row for each property set in the following group - - - Select the group from the drop-down menu - - - Return each value of the following property in a separate row - - - Select the property from the drop-down menu - -- How to return multi-valued properties in one cell – Select from the following options: - - - Concatenated – All values are listed in one cell using the delimiter specified - - - Delimiter – Symbol used to separate values in the cell - - - First value only – Only the first value is listed in the cell - -# ActiveDirectory Data Collector - -The ActiveDirectory Data Collector audits objects published in Active Directory. It has been -preconfigured within the Active Directory Solution. Both this data collector and the solution are -available with a special Enterprise Auditor license. See the -[Active Directory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -topic for additional information. - -Protocols - -- ADSI -- LDAP -- RPC - -Ports - -- TCP 389/636 -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Domain Administrators group - -## ActiveDirectory Query Configuration - -The ActiveDirectory Data Collector is configured through the Active Directory Data Collector Wizard, -which contains the following wizard pages: - -- Welcome -- [ActiveDirectory: Category](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ActiveDirectory: Directory Scope](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ActiveDirectory: Results](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ActiveDirectory: Options](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ActiveDirectory: Summary](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - -![Active Directory Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. - -# ActiveDirectory: Results - -The Results page is where Active Directory object properties to be gathered are selected. It is a -wizard page for all categories. - -![Active Directory Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Check all**, **Uncheck all**, and **Reset to -defaults** buttons can be used. All selected properties are gathered. Available properties vary -based on the category selected. - -# ActiveDirectory: Summary - -The Summary page displays a summary of the configured query. It wizard page for all categories. - -![Active Directory Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Data Collector Wizard to ensure that no accidental -clicks are saved. - -# ADActivity: Category - -Use the Category page to identify how activity data is retrieved or removed. - -![Active Directory Activity DC wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The ADActivity Data Collector Category page contains three query categories: - -- Import From SAM – Import activity from a Netwrix Activity Monitor archive -- Import From Share – Import activity from a network share -- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for - troubleshooting. When this option is selected, the next wizard page is the Summary page. See the - [Clear ADActivity Tables](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - topic for more information. - -# Clear ADActivity Tables - -Sometimes when troubleshooting an ADActivity issue, it becomes necessary to clear the standard -reference tables. Follow the steps. - -**Step 1 –** Create a new job and assign a query using the ADActivity Data Collector. - -![Active Directory Activity DC wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/categoryremovetables.webp) - -**Step 2 –** In the Active Directory Activity DC Wizard on the Category page, select the **Remove -Tables** category task. - -![Active Directory Activity DC wizard Results page for Remove Tables category](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/resultsremovetables.webp) - -**Step 3 –** Click **Next** to go to the Results page. Optionally, select the **Success** checkbox -to display a confirmation of successful removal in the results after the job is run. - -**Step 4 –** Click **Next** and then Click **Finish** to close the Active Directory Activity DC -Wizard. Click **OK** to close the Query Properties window. - -**CAUTION:** When the job is run, all of the ADActivity standard reference tables are removed from -the database. - -# ADActivity: SAM Connection - -The SAM connection page is where the port number is configured to send Active Directory data from -Netwrix Activity Monitor. It is a wizard page for the category of: - -- Import from SAM - -![Active Directory Activity DC wizard SAM connection settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/namconnection.webp) - -The following connection setting can be configured to connect to the Netwrix Activity Monitor -archive via an API Server: - -- Port – Enter the API server port. The default is 4494. -- Encrypt communication with target server (SSL) – Allows the Active Directory Activity Data - Collector to communicate with the SAM API Server over a secure channel - - - Ignore certificate errors? – Ignores untrusted certificate authority errors and allows the - scan to continue - -- Test SAM host – Enter the Activity Monitor API server name in a qualified domain name format. - Click Connect to test the connection. A successful result populates the section underneath with a - Refresh token. -- Exclude – Select archives to be ignored by the Active Directory Activity DC scan - - **CAUTION:** Save the Refresh token to a Text Editor for later use. The Refresh token resets - each time the Test SAM host option is connected to. It must be replaced in the Connection - profile if it is regenerated. - -- Refresh token – After generation, it must replace the old Access Token from the SAM API Server - configuration in the Connection Profiles required to connect to the API Server - -# ADActivity Data Collector - -The ADActivity Data Collector integrates with the Netwrix Activity Monitor by reading the Active -Directory activity log files. It has been preconfigured within the Active Directory Solution. Both -this data collector and the solution are available with a special Enterprise Auditor license. See -the -[Active Directory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -topic for additional information. - -Protocols - -- HTTP -- RPC - -Ports - -- TCP 4494 (configurable within the Netwrix Activity Monitor) - -Permissions - -- Netwrix Activity Monitor API Access activity data -- Netwrix Activity Monitor API Read -- Read access to the Netwrix Activity Monitor Log Archive location - -## ADActivity Query Configuration - -The ADActivity Data Collector is configured through the Active Directory Activity DC wizard, which -contains the following wizard pages, which change based up on the query category selected: - -- [ADActivity: Category](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADActivity: SAM Connection](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADActivity: Share](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADActivity: Scope](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADActivity: Results](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADActivity: Summary](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - -# ADActivity: Results - -The Results page is where the properties to be gathered are selected. It is a wizard page for all of -the categories. - -![Active Directory Activity DC wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Select All** and **Clear All** buttons can be used. -All selected properties are gathered. Available properties vary based on the category selected. - -# ADActivity: Scope - -Use the Scoping and Retention page to configure additional settings. This page is a wizard page for -the categories of: - -- Import From SAM -- Import From Share - -![Active Directory Activity DC wizard Scoping and Retention page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -The Timespan is defined according to the following two elements: - -- Relative Timespan – Number of days AD Activity is collected when the scan is run -- Absolute Timespan – Set the date range for the scan to collect AD Activity - - **_RECOMMENDED:_** The threshold should be set for after the Netwrix Activity Monitor collects - and archives its data but before they are deleted after a set retention period. - -The Retention section sets what event type is collected and how many days Enterprise Auditor keeps -the collected data in its SQL database. The table has the following columns: - -- Event Type – The event type that may be enabled for the scan. The event types are: - - - AD Change - - AD Replication - - Authentication - - LDAP - - Process Injection - -- Days to Store – Specify the number of days to store the collected data for the event type -- Enable Collection – When selected, the corresponding event type is collected - -# ADActivity: Share - -The Share page provides options for configuring share settings. It is a wizard page for the category -of: - -- Import from Share - -![Active Directory Activity DC wizard Share settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/share.webp) - -The following connection setting can be configured to connect to the AD activity archives that must -be located on a Domain Controller share: - -- UNC Path – Enter the path of the share that stores AD Activity from the AD Agent(s). The ellipsis - (**…**) opens a file explorer where the path can be navigated to and selected. - - - _Remember,_ all AD Agent logs must be archived to this location or the AD Activity data is not - queried by Enterprise Auditor - -- Include Sub-Directories – Select to include sub-directories on the targeted share. Use this option - if there are multiple archives in the same location. - -# Standard Reference Tables & Views for the ADActivity Data Collector - -The ADActivity Data Collector gathers essential user and group activity information into standard -reference tables. Unlike other Enterprise Auditor data collectors, the ADActivity Data Collector -writes data to these tables regardless of the job executing the query. - -These tables and their associated views are outlined below: - -| Table | Details | -| -------------------------------- | --------------------------------------------------------------------- | -| SA_ADActivity_AuthTypes | Contains Active Directory authentication protocol types | -| SA_ADActivity_Classes | Contains Active Directory classes (for example, user, computer) | -| SA_ADActivity_DesiredAccess | Contains desired access level of each activity event | -| SA_ADActivity_DesiredAccessNames | Contains dictionary of desired access names | -| SA_ADActivity_EventErrorCodes | Contains dictionary of event error codes | -| SA_ADActivity_EventNames | Contains dictionary of event names | -| SA_ADActivity_Events | Contains Active Directory event details | -| SA_ADActivity_FilesImported | Contains lists of imported audit files | -| SA_ADActivity_From | Contains lists of the sources of activity events | -| SA_ADActivity_HostInfo | Contains lists of scanned hosts | -| SA_ADActivity_LDAPEvents | Contains lists of Lightweight Directory Access Protocol (LDAP) events | -| SA_ADActivity_LDAPFilters | Contains lists of LDAP filters provided | -| SA_ADActivity_ObjectNames | Contains dictionary of object  names | -| SA_ADActivity_Objects | Contains lists of Active Directory objects found in the activity log | -| SA_ADActivity_PAC | Contains lists of relative IDs (RIDs) for each collected event | -| SA_ADActivity_ProcessEvents | Contains lists of activity events by process | -| SA_ADActivity_ProcessNames | Contains dictionary of process names | -| SA_ADActivity_Protocols | Enumerates network protocols found | -| SA_ADActivity_Sources | Contains lists of sources of activity events | -| SA_ADActivity_SPNs | Contains a unique identifier for each logon account | - -Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the -ADActivity Data Collector. They contain additional information for building queries easily. The -following is an explanation of the corresponding views created for some of the tables generated by -the ADActivity Data Collector: - -| Views | Details | -| -------------------------------------------- | ------------------------------------------------------------------------ | -| SA_ADActivity_ADEventsAttributesView | Contains detailed view of attribute events (changes) | -| SA_ADActivity_ADEventsView | Contains detailed view of activity events | -| SA_ADActivity_AuthEventsPACView | Contains detailed view of authentication events referencing relative IDs | -| SA_ADActivity_AuthEventsView | Contains detailed authentication event view | -| SA_ADActivity_EventsView | Contains detailed activity event view | -| SA_ADActivity_LDAPEventsView | Contains LDAP view | -| SA_ADActivity_ProcessEventsDesiredAccessView | Contains detailed process event view with desired access references | -| SA_ADActivity_ProcessEventsView | Contains detailed process event view | - -# ADActivity: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![Active Directory Activity DC wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Activity DC wizard to ensure that no accidental -clicks are saved. - -# ADInventory: Category - -Use the category page to identify which Active Directory task to perform. - -![Active Directory Inventory DC Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The categories include the following tasks: - -- Scan Active Directory – Scans Active Directory objects and imports the information into SQL Server - database, creating the standard reference tables. This task is also responsible for maintaining - the schema for tables and views. This is the standard option for this data collector. -- Update SQL Indexes – Reorganizes or rebuilds indexes in the Enterprise Auditor SQL storage - database. When this option is selected, the next wizard page is the Results page. -- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for - troubleshooting. When this option is selected, the next wizard page is the Summary page. See the - [Clear ADInventory Tables](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - topic for more information. -- Drop Domain – Remove host domain related data from SQL server - -**NOTE:** The Scan Active Directory category is the pre-configured setting for the .Active Directory -Inventory Job Group. Therefore, accessing the Active Directory Inventory DC Wizard from the query -within that job group does not display the Category wizard page. - -# Clear ADInventory Tables - -Sometimes when troubleshooting an ADInventory issue, it becomes necessary to clear the standard -reference tables. Follow the steps. - -**CAUTION:** Be careful when using this query task. It will result in the deletion of collected -data. - -**Step 1 –** Create a new job and assign a query using the **ADInventory** Data Collector. - -![Remove Tables task selected on Active Directory Inventory DC Wizard Category page ](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/categoryremovetables.webp) - -**Step 2 –** In the Active Directory Inventory DC Wizard on the Category page, select the **Remove -Tables** category task. - -**Step 3 –** Click **Next** and then **Finish** to close the Active Directory Inventory DC Wizard. -Click **OK** to close the Query Properties window. - -When the job is run, all of the ADInventory standard reference tables are removed from the database. - -**CAUTION:** Never leave the query task selected after job execution. Accidental data loss can -occur. - -_Remember,_ this job deletes data from the Enterprise Auditor database. Check the job has been -configured correctly prior to job execution. - -# ADInventory: Custom Attributes - -The Custom Attributes page provides ability to add Active Directory attributes that are unique to -the environment or not collected by default to be gathered. It is a wizard page for the category of -Scan Active Directory. - -The -[Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -topic provides information on what is collected by default. Custom attributes added on this page are -stored in the **SA_ADInventory_ExtendedAttributes** table. - -![Active Directory Inventory DC Wizard Custom Attributes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributes.webp) - -The Custom Attribute is defined according to the following three elements: - -- Domain Filter – Short or fully qualified name -- Object Class – User, Group, or Computer -- Attribute Name – As listed within Active Directory - -Use the **Add**, **Edit**, and **Remove** buttons at the bottom of the window to configure the -custom attributes to be gathered by the scan. See the -[Manually Add Custom Attributes](#manually-add-custom-attributes) topic for additional information. - -The **Import** button opens the Custom Attributes Import Wizard. See the -[Custom Attributes Import Wizard](#custom-attributes-import-wizard) topic for additional -information. - -Microsoft Active Directory Schema is detailed in the Microsoft -[Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) -article. - -#### Manually Add Custom Attributes - -The **Add** and **Edit** buttons on the Custom Attributes page open the Custom Attribute window. -Follow the steps to manually add custom attributes. - -**Step 1 –** On the Custom Attributes page of the Active Directory Inventory DC Wizard, click -**Add**. The Custom Attribute window opens. - -![Custom Attribute window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesadd.webp) - -**Step 2 –** Enter the **Domain Filter**. This can be entered either as the short domain name or the -fully qualified domain name. - -**Step 3 –** Select the checkbox for the desired **Object Class**. - -**Step 4 –** Enter the **Attribute Name** as it appears in Active Directory. - -**Step 5 –** Click **OK**. The Custom Attribute window closes and the specified attribute is added -in the Custom Attributes page. - -Repeat this process until all desired Custom Attributes have been included. - -#### Custom Attributes Import Wizard - -The Custom Attributes Import Wizard is used to import a list of custom attributes into the -ADInventory Data Collector configurations. Follow the steps to use the Custom Attributes Import -Wizard. - -**Step 1 –** On the Custom Attributes page of the Active Directory Inventory DC Wizard, click -**Import**. The Custom Attribute Import Wizard opens. - -![Custom Attributes Import Wizard Credentials page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesimportcredentials.webp) - -**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting -one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in -which the Enterprise Auditor Console server resides. Then set the credentials for reading the -attributes list from the domain: - -- Authenticate as the logged in user – Applies the user account running Enterprise Auditor -- Use the following credentials to authenticate – Applies the account supplied in the **User Name** - and **Password** fields - -Click **Next** to continue. - -![Custom Attributes Import Wizard Attributes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesimportattributes.webp) - -**Step 3 –** The wizard populates available attributes from the domain specified on the Attributes -page. Expand the desired object class and select the checkboxes for the custom attributes to be -imported. Then click **Next**. - -![Custom Attributes Import Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesimportsummary.webp) - -**Step 4 –** On the Summary page, click **Finish**. - -The selected attributes are added on the Custom Attributes page of the Active Directory Inventory DC -Wizard. - -# ADInventory: Domains - -The Domains page removes host domain-related data from the SQL server for the selected domains. - -![Active Directory Inventory DC Wizard Domains page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/domains.webp) - -Select the checkbox next to a domain to remove host-related data from the SQL server for that -domain. - -# ADInventory: Index Update Options - -Configure options for maintaining SQL Server indexes while running queries using the Index Update -Options page. - -![Active Directory Inventory DC Wizard Index Update Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/indexupdateoptions.webp) - -The options on the Index Update Options page are: - -- SQL Index Update Options: - - - Maximum Degree of Parallelism – Set the maximum limit of the Degree of Parallelism used for - the query. Default is **1**. - - Minimum Index Reorganization Threshold – Set the minimum index reorganization threshold that - is performed while running the query. Default is **5** percent. - - Minimum Index Rebuilding Threshold – Set the minimum index rebuilding threshold that is - performed while running the query. Default is **31** percent. - -- Select Data Collector Schemas– Select which schemas to maintain when running the query by - selecting them from the table. Enable a schema for indexing by selecting the checkbox next to it. - Right-click in the table to show options for **Check All**, **Clear All**, **Check All Selected - Items**, and **Clear All Selected Items**. - -# ADInventory: Options - -The Options page provides options for Active Directory data collection. It is a wizard page for the -category of Scan Active Directory. - -![Active Directory Inventory DC Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -The Options page has the following configuration options: - -- Encrypt communication with Active Directory (SSL) – Allows the ADInventory Data Collector to - communicate with Active Directory over a secure channel - - - Ignore certificate errors? (For testing only) – Ignores untrusted certificate authority errors - and allows the scan to continue. This option is for testing purposes only. - -- Collect SID History from domain migrations – During a domain migration, the new infrastructure is - created alongside the old infrastructure. The old account SID is typically added to the SID - history attribute for the new account. The option to collect SID history is made available within - the ADInventory Data Collector to assist resolving SIDs for domain migrations. -- Collect only updates since the last scan (recommended) – Default setting for differential - scanning. The updates collected are any changes to: group membership, attributes on user objects, - attributes on group objects, and so on. - - - Track changes into Change tracking tables – Records all changes since the last scan in - separate tables - - Limit Last Logon TimeStamp Changes – When selected, changes to the Last Logon TimeStamp - Attribute are not recorded - - **_RECOMMENDED:_** If tracking changes, use the Limit Last Logon TimeStamp Changes option. - - - Number of days you want to keep changes in the database – Use the arrow buttons or manually - enter a number to set the number of days to keep changes - - Target previously scanned domain controller – Collects updated information from the last - domain controller targeted to reduce the scan time. Below are some considerations: - - - If the last domain controller is unavailable, the targeted domain controller is the - specified domain controller from the host list. If using the domain name, it attempts to - find the last scanned domain controller. - - If that domain controller is determined to be unavailable, then it runs a full scan on the - next domain controller that responds. Then, it will scan the new domain controller for - changes going forward. - - Selecting the **Track changes into Change tracking tables** option enables the **Number of days - you want to keep changes in the database** box. This allows for changes in Active Directory to - be tracked. When change tracking is enabled, notification analysis tasks can be used to send - alerts. - -# ADInventory Data Collector - -The extraction and correlation of user, group, and computer attributes drastically transforms the -meaning of data collected across the many systems and applications that are linked to Active -Directory. The ADInventory Data Collector is designed as a highly scalable and useful data -collection mechanism to catalogue user, group, and computer object information that can be used by -other solutions within Enterprise Auditor. - -The ADInventory Data Collector is a core component of Enterprise Auditor and has been preconfigured -to be used within the .Active Directory Inventory Solution. Both this data collector and the -solution are available with all Enterprise Auditor license options. See the -[.Active Directory Inventory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -topic for additional information. - -Protocols - -- LDAP - -Ports - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -## Functional Design of the ADInventory Data Collector - -The ADInventory Data Collector has been designed to update incrementally. Once it has run against a -domain controller, additional collections gather changes made since the last scan. This enables the -ADInventory Data Collector to function efficiently within large environments. Each time it is run -against different domain controllers, it restarts the cycle. - -## ADInventory Query Configuration - -The ADInventory Data Collector is configured through the Active Directory Inventory DC Wizard, which -contains the following wizard pages: - -- Welcome -- [ADInventory: Category](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADInventory: Results](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADInventory: Options](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADInventory: Index Update Options](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADInventory: Custom Attributes](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADInventory: Summary](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - -![Active Directory Inventory DC Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. - -# ADInventory: Results - -The Results page is where properties from Active Directory to be gathered are selected. It is a -wizard page for the category of Scan Active Directory. - -![Active Directory Inventory DC Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Select All** or **Clear All** buttons can be used. -All selected properties are gathered. - -This information is not available within the standard reference tables and views. Instead, this -information can be viewed in the SA_ADInventory_DEFAULT table, which is created when any of these -properties are selected. - -# Standard Reference Tables & Views for the ADInventory Data Collector - -The ADInventory Data Collector gathers essential user and group inventory information into standard -reference tables. Unlike other Enterprise Auditor data collectors, the ADInventory Data Collector -writes data to these tables regardless of the job executing the query. - -These tables and their associated views are outlined below: - -| Table | Details | AD Object Reference Article | -| ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_ADInventory_AttributeChanges | Contains a list of principal identifiers and their corresponding attribute changes for each differential scan that is performed against a domain. | [Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) | -| SA_ADInventory_Computers | Contains extended information about computers, operating systems, service packs, etc. | [Computer class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-computer) | -| SA_ADInventory_DistinguishedNames | Contains every distinguished name collected from principals and group membership. | [Attribute distinguishedName](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-ada1/56da5a9b-485d-4d7c-a226-1a54a43d9013) | -| SA_ADInventory_Domains | Contains information about the domain such as its naming context and when it was last scanned. | [Domain class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-domain) | -| SA_ADInventory_EffectiveGroupMembers | Contains expanded group membership which includes a flattened representation of members. | | -| SA_ADInventory_Exceptions | Contains information about security issues and concerns. **NOTE:** See the [AD Exception Types Translated](#ad-exception-types-translated) topic for an explanation of Exception Types. | | -| SA_ADInventory_ExceptionTypes | Identifies how many instances of exceptions exist on the audited domain. **NOTE:** See the [AD Exception Types Translated](#ad-exception-types-translated) topic for an explanation of Exception Types. | | -| SA_ADInventory_Exchange | Contains information about the Exchange Server, each database and storage group, and the HomeMDB property. | [ms-Exch-Home-MDB Attribute]() | -| SA_ADInventory_ExtendedAttributes | Contains information gathered by the custom attributes component of the query configuration. | [Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) | -| SA_ADInventory_GroupMemberChanges | Contains a list of group principal identifiers and their corresponding membership changes for each differential scan that is performed against a domain. | [Member attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-member) | -| SA_ADInventory_GroupMembers | Contains a map of groups to member distinguished names. | [Member attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-member) | -| SA_ADInventory_Groups | Contains extended information about groups, group type, managed by, etc. | [Group class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-group) | -| SA_ADInventory_ImportHistory | Contains a list of all imports performed against a particular domain along with when the import happened and the GUID of the domain controller that was scanned. | | -| SA_ADInventory_Principals | Contains common attributes for users, groups, and computers as well as references to their primary distinguished name and security identifiers. | [Security-Principal class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-securityprincipal) | -| SA_ADInventory_SecurityIdentifiers | Contains every SID collected from the principals, including historical identifiers. | [Security-Identifier attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-securityidentifier) | -| SA_ADInventory_Users | Contains extended information about users, department, title, etc. | [User class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-user) | - -Views are the recommended way for you to obtain the information gathered by the ADInventory Data -Collector. They contain additional information for building queries easily. - -The following is an explanation of the corresponding views created for some of the tables generated -by the ADInventory Data Collector: - -| Views | Details | -| ---------------------------------------- | ---------------------------------------------------------------------------------------- | -| SA_ADInventory_AttributeChangesView | Contains attribute change information | -| SA_ADInventory_ComputersView | Contains computer information | -| SA_ADInventory_EffectiveGroupMembersView | Contains effective group membership information | -| SA_ADInventory_ExceptionsView | Contains principals that are identified to have security concerns | -| SA_ADInventory_GroupMemberChangesView | Contains group membership change information | -| SA_ADInventory_GroupMembersView | Contains group membership information | -| SA_ADInventory_GroupsView | Contains group level information | -| SA_ADInventory_PrincipalsView | Contains common attributes from the principals table including additional domain details | -| SA_ADInventory_UsersView | Contains user information | - -### AD Exception Types Translated - -The following table translates the Type of Exceptions that can found. - -| Type | Exception | Description | -| ---- | -------------------- | ------------------------------------------------------------------------- | -| 1 | Large Groups | Groups with a large amount of effective members | -| 2 | Deeply Nested | Groups with deep levels of membership nesting | -| 3 | Circular Nesting | Groups with circular references in their effective membership | -| 4 | Empty Groups | Groups with no membership | -| 5 | Single Member Groups | Groups with a single direct member | -| 6 | Stale Users | Users that have not logged onto the domain for an extended period of time | -| 7 | Stale Membership | Groups with a high percentage of effective members that are stale users | -| 8 | Large Token | Users with a large amount of authorization groups in their token | - -# ADInventory: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![Active Directory Inventory DC Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Inventory DC Wizard to ensure that no accidental -clicks are saved. - -# ADPermissions: Category - -The ADPermissions Data Collector Category page identifies what kind of information to retrieve using -the Category wizard page. - -![ADPermissions Data Collector wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The categories on the ADPermissions Category page are: - -- Scan Active Directory Permissions – Scan permissions applied to objects -- Scan Active Directory Audits – Scan audits applied to objects -- Remove Tables – Remove all tables and views from SQL server. See the - [Remove ADPermissions Tables](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - topic for additional information. - -# ADPermissions: Custom Filter - -The Custom Filter page provides options to configure settings for object permission collection. It -is only available if the Custom Filter option is checked on the Scope page. It is a wizard page for -the categories of: - -- Scan Active Directory Permissions -- Scan Active Directory Audits - -![ADPermissions Data Collector wizard Custom Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/customfilter.webp) - -The configurable options are: - -- Root Path – Enter the AD root path - - - Select the distinguished name from the drop-down menu to the right of the Root Path - - Click **Preview** to show an example of the complete path - -- LDAP Filter – Enter a custom filter string -- Scope – Select an option from the drop-down menu: - - - Base – Limits the scope to the base object. The maximum number of objects returned is always - one. - - One Level – Restricted to the immediate children of a base object, but excludes the base - object itself - - Sub tree – (or a deep scope) includes all child objects as well as the base object - -- Click **Add** to add the filter criteria to the list. Multiple filters can be used. - -# ADPermissions: Options - -The Options page is provides additional options for collecting the Active Directory information. It -is a wizard page for the categories of: - -- Scan Active Directory Permissions -- Scan Active Directory Audits - -![ADPermissions Data Collector wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -The configurable options are: - -- Encrypt communication with Active Directory (SSL) – Enables SSL encryption - - - Ignore Certificate errors – Select to ignore errors for testing only - -- Collect only updates since the last scan – Enables differential scanning - - - Target previously scanned domain controller – Select to use the same domain controller as the - previous scan - - Track changes into change tracking tables – Enable to track changes - - Number of days you want to keep changes in the database – Set the number of days to keep - changes in the database - -# ADPermissions Data Collector - -The ADPermissions Data Collector collects the advanced security permissions of objects in AD. It is -preconfigured within the Active Directory Permissions Analyzer Solution. Both this data collector -and the solution are available with a special Enterprise Auditor license. See the -[Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) -topic for additional information. - -Protocols - -- ADSI -- LDAP -- RPC - -Ports - -- TCP 389 -- TCP 135 – 139 -- Randomly allocated high TCP ports - -Permissions - -- LDAP Read permissions -- Read on all AD objects -- Read permissions on all AD Objects - -## ADPermissions Query Configuration - -The ADPermissions Data Collector is configured through the Active Directory Permissions Data -Collector Wizard. The wizard contains the following pages, which change based upon the query -category selected: - -- [ADPermissions: Category](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADPermissions: Scope](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADPermissions: Custom Filter](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADPermissions: Options](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADPermissions: Results](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADPermissions: Summary](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - -# Remove ADPermissions Tables - -If it becomes necessary to clear the ADPermissions Data Collector tables and views to resolve an -issue, create a new job using it as the query source and select the Remove Tables category. The -Connection Profile applied should be the same as the one used for the associated **Active Directory -Permissions Analyzer** > **0.Collection** Job. Follow the steps. - -**CAUTION:** Using this query task results in the deletion of collected data. - -**Step 1 –** Create a new job and assign a query using the **ADPermissions** Data Collector. - -**Step 2 –** In the Active Directory Permissions Data Collector Wizard, on the Category page select -the **Remove Tables** category and click **Next**. - -**Step 3 –** On the Results page, make sure all the Available Properties are selected and click -**Next**. - -**Step 4 –** Click **Finish** to close the Active Directory Permissions Data Collector Wizard. Click -**OK** to close the Query Properties window. - -When the job is run, all of the ADPermissions standard reference tables are removed from the -database. - -_Remember,_ this job deletes data from the Enterprise Auditor database. Ensure the job has been -configured correctly prior to executing the job. - -**CAUTION:** Never leave the query task selected after the job has been executed. Accidental data -loss can occur. - -# ADPermissions: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -of the categories. - -![ADPermissions Data Collector wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Available properties vary based on the category selected. Properties can be selected individually or -the **Select All** and **Clear All** buttons can be used. All selected properties are gathered. - -# ADPermissions: Scope - -The Scope page is where the scope for the Active Directory permissions scan is configured. It is a -wizard page for the categories of: - -- Scan Active Directory Permissions -- Scan Active Directory Audits - -![ADPermissions Data Collector wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -The configurable options are: - -- Built-in: - - - Computers – Computer objects under scope - - Contacts – Contact objects - - Containers – Containers under given scope - - DNS Zones – DNS zone object list - - Domains – Domains in an organizations forest - - Extended Control Access Rights – Access control rights list - - Foreign Security Principals – Well known security principles from external sources - - Group – Domain, global, universal distribution groups - - Organizational Units – Organizational units under given scope - - Printer – Printer objects - - Schema Attributes – All defined attributes in Active Directory - - Schema Classes – All defined classes in Active Directory - - Servers – Server objects - - Shared Folders – Shared folders under the scope - - Site Link Bridges – Object for tracking transitively connected site links - - Site links – Connections between sites - - Site Transports – Inter-site transports in Active Directory - - Sites – List of Active Directory sites - - Subnets – Known subnet objects - - Users – All user objects under the scope - -- Custom: - - - Custom Filter – Custom filter for collecting objects - -# Standard Reference Tables & Views - -The ADPermissions Data Collector gathers essential user and group inventory information into -standard reference tables. Unlike other Enterprise Auditor data collectors, the ADPermissions Data -Collector writes data to these tables regardless of the job executing the query. - -These tables and their associated views are outlined below: - -| Table | Details | -| -------------------------------------- | ------------------------------------------------- | -| SA_ADPerms_ACLs | Access Control List entries | -| SA_ADPerms_ACLTypes | Types of Access Control List entries | -| SA_ADPerms_Domains | Targeted domains | -| SA_ADPerms_EffectiveChildren | Linked lists of inheritance in Active Directory | -| SA_ADPerms_EffectivePermissionChildren | Linked lists of inheritance for permissions | -| SA_ADPerms_ImportHistory | History of all ADPermissions scans | -| SA_ADPerms_Inheritance | Permission inheritance | -| SA_ADPerms_ObjectChanges | Changes to Active Directory object permissions | -| SA_ADPerms_Objects | Active Directory objects | -| SA_ADPerms_Permissions | Active Directory permissions | -| SA_ADPerms_Sets | Junction table to associate permissions with ACLs | - -Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the -ADPermissions Data Collector. They contain additional information for building queries easily. The -following is an explanation of the corresponding views created for some of the tables generated by -the ADPermissions Data Collector: - -| Views | Details | -| --------------------------------- | -------------------------------------------------------------- | -| SA_ADPerms_AuditChangesView | The view of changes to audits that were applied to the objects | -| SA_ADPerms_AuditsExtView | The extended view of audits applied to the objects | -| SA_ADPerms_AuditsView | The view of object audits | -| SA_ADPerms_OwnershipChangesView | The view of object ownership changes | -| SA_ADPerms_PermissionsChangesView | The view of changes to permissions applied to the objects | -| SA_ADPerms_PermissionsExtView | The extended view of permissions applied to the objects | -| SA_ADPerms_PermissionsView | The view of object permissions | - -# ADPermissions: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![ADPermissions Data Collector wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Permissions Data Collector Wizard ensuring that no -accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md b/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md deleted file mode 100644 index 38b334af72..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md +++ /dev/null @@ -1,277 +0,0 @@ -# AWS: Category - -Use the Category page to select the type of scan for the targeted AWS instance or maintenance task -to perform. - -![AWS Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The options on the Category page are: - -- AWS scan jobs - - - Collect Org data – Collects all organization info from an AWS instance - - Collect IAM data – Collects all users, groups, and roles from an AWS instance - - Collect S3 – Collects S3 data - - Collect SDD data – Scans S3 objects for potentially sensitive data - -- Maintenance - - - Drop AWS DC Tables – Removes AWS data collector data and tables from the Enterprise Auditor - database. See the - [Drop AWS Tables](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) - topic for additional information. - -# AWS: Criteria - -The Criteria (Select DLP criteria for this scan) page is where criteria to be used for discovering -sensitive data during a scan is configured. It is a wizard page for the category of Collect SDD -Data. - -This page requires the Sensitive Data Discovery Add-On to be been installed on the Enterprise -Auditor Console to define the criteria and enable the Criteria Editor. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -![AWS Query SDD Criteria](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -Default criteria is set at the **Global Settings** > **Sensitive Data** node. Choose between the -**Use Global Criteria** Selection and the **Use the Following Selected Criteria** radio buttons. - -For custom criteria, select the checkbox for the criteria to be used to search for sensitive data. -There are **Select All** and **Clear All** buttons that can be used. - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - -**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System -Criteria and User Criteria nodes are visible in the table. - -User-defined criteria is created in the Criteria Editor, accessed through the **Global Settings** > -**Sensitive Data** node. See the -[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md) -topic for additional information. - -# Drop AWS Tables - -Sometimes when troubleshooting an AWS issue, it becomes necessary to clear the AWS DC data and -tables from the Enterprise Auditor database. Follow the steps to configure a job to remove tables. - -**Step 1 –** Create a new job. - -**Step 2 –** Configure the target host as **Local host**. - -**Step 3 –** Assign a query using the **AWS** Data Collector. - -![Drop AWS DC Tables option on Amazon Web Services Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/droptables.webp) - -**Step 4 –** In the Amazon Web Services Data Collector Wizard on the Category page, select the -**Drop AWS DC Tables** category task. Click **Next**. - -**Step 5 –** Click **Next** and then click **Finish** to close the Amazon Web Services Data -Collector Wizard. Click **OK** to close the Query Properties window. - -**CAUTION:** When the job is run, all of the AWS DC data and tables are removed from the database. - -The job is now configured and ready to run. - -**NOTE:** An AWS connection profile is not required for the Drop AWS DC Tables task. - -# AWS: Filter S3 Objects - -The Filter S3 Objects page provides the options to filter which objects stored in S3 should be -queried for permissions and sensitive data. It is a wizard page for the categories of: - -- Collect S3 -- Collect SDD Data - -![Filter S3 Objects page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/filters3objects.webp) - -Use the buttons to customize the filter list: - -- Add – Opens the Select a bucket window. See the [Add Filter](#add-filter) topic for additional - information. -- Add Custom Filter – Create a custom filter. See the [Add Custom Filter](#add-custom-filter) topic - for additional information. -- Remove – Remove a filter from the list - -## Add Filter - -The Select a Bucket window shows the available buckets in the AWS instance. - -![Select a bucket window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/selectabucket.webp) - -Select from the available buckets and click **OK** to add them to the Filter S3 Objects page. - -## Add Custom Filter - -The Add Custom Filter window allows a custom filter to be configured. - -![Add Custom Filter window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/customfilter.webp) - -Configure a custom filter using the following format: - -- The characters `*` and `?` are wildcards - - `*` – matches any number of characters - - `?` – matches a single character -- ARN should follow the format: `arn:aws:s3:::/` - -Click **Save** to add the custom filter to the Filter S3 Objects page. - -# AWS: Login Roles - -The Login Roles page is where the previously created AWS Roles are added. It is a wizard page for -the categories of: - -- Collect Org data -- Collect IAM data -- Collect S3 - -![AWS Query Login Roles](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/loginroles.webp) - -Add the login roles that will allow Enterprise Auditor to scan the AWS accounts. See the -[Configure AWS for Scans](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. The page has the following options: - -- Import From File – Browse to the location of a CSV file from which to import the roles -- Role Name – Enter the name of the role -- Add – Add the role from the Role Name textbox to the list -- Remove – Remove the selected role from the list -- Clear – Remove all roles from the list -- Max Session Duration (hours) – Specify the maximum time the account can be logged in for. This - value should not exceed the SessionDuration configured for the role in AWS. The default value is 1 - and the maximum value is 12. - -# AWS Data Collector - -The AWS Data Collector collects IAM users, groups, roles, and policies, as well as S3 permissions, -content, and sensitive data from the target Amazon Web Services (AWS) accounts. The AWS Data -Collector has been preconfigured for the AWS Solution. Both this data collector and the solution are -available with a special Enterprise Auditor license. See the -[AWS Solution](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) -topic for additional information. - -Protocols - -- 443 - -Ports - -- 443 - -Permissions - -- To collect details about the AWS Organization, the following permission is required: - - - organizations:DescribeOrganization - -- To collect details regarding IAM, the following permissions are required: - - - iam:GenerateCredentialReport - - iam:GenerateServiceLastAccessedDetails - - iam:Get\* - - iam:List\* - - iam:Simulate\* - - sts:GetAccessKeyInfo - -- To collect details related to S3 buckets and objects, the following permissions are required: - - - s3:Describe\* - - s3:Get\* - - s3:HeadBucket - - s3:List\* - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -## AWS Query Configuration - -The AWS Data Collector is configured through the Amazon Web Services Data Collector Wizard. The -wizard contains the following pages, which change based up on the query category selected: - -- [AWS: Category](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) -- [AWS: Login Roles](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) -- [AWS: Filter S3 Objects](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) -- [AWS: Sensitive Data Settings](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) -- [AWS: Criteria ](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) -- [AWS: Results](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) -- [AWS: Summary](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) - -# AWS: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -of the categories. - -![Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be checked individually or the **Select All** or **Clear All** buttons can be used. -All checked properties are gathered. Available properties vary based on the category selected. - -# AWS: Sensitive Data Settings - -The Sensitive Data Settings page is where sensitive data discovery settings are configured. It is a -wizard page for the category of Collect SDD Data. - -![Sensitive Data Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/sensitivedata.webp) - -Configure the following options: - -- Don’t process files larger than: [number] MB – Limits the files to be scanned for sensitive - content to only files smaller than the specified size -- Include offline files (this may significantly increase scan times) – Includes offline files in the - scan -- Perform Optical Character Recognition for image files – Enables the data collector to scan for - sensitive data within digital images of physical documents - - **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents - directly converted to images, with standard fonts. It will not work for scanning photos of - documents and may not be able to recognize text on images of credit cards, driver's licenses, or - other identity cards. - -- Store discovered sensitive data – Stores discovered sensitive data in the database -- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria - for discovered sensitive data -- Use the radio buttons to select the File types to scan: - - - Scan all file types – Scans everything in a given environment - - Scan custom file types – Select the checkboxes from the list of file and document types that - are included in a sensitive data scan. The table contains the following categories and their - sub-options: - - - Compressed Archive files - - Documents - - Email - - Image files - - Presentations - - Spreadsheets - - Text/Markup files - -- Perform differential scan of – Enables you to choose whether to employ incremental scanning: - - - Files modified since last scan – Scans only files modified since the last scan - - Files modified since [date] – Only scans files modified after the specified date - - Files modified since the last [number] days – Scans files modified within the specified number - of days - -- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn - as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU - threads available. - -_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to be -been installed on the Enterprise Auditor Console. - -# AWS: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all categories. - -![summary](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Amazon Web Services Data Collector Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md b/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md deleted file mode 100644 index f4454d2327..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md +++ /dev/null @@ -1,243 +0,0 @@ -# Box: Activity Operation Scope - -The Activity Operation Scope page (ActivityOperationScope) is where Box Enterprise events can be -selected or unselected for scans. It is a wizard page for the Scan Box Activity category. - -![Box DC Wizard Activity Operation Scope page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/activityoperation.webp) - -Event filters can be selected by group or the group may be expanded and the filters selected -individually. All selected filters are gathered from the Box environment. - -Event filters include: - -- Collaboration -- File Activity -- Group -- Login -- Metadata -- Misc -- Security -- Sharing -- Task -- Users -- Workflow - -# Box: Activity Timeframe Scope - -The Activity Timespan Scope page (ActivityTimeframeScope) is where Box activity data collection is -configured. It is a wizard page for the Scan Box Activity category. - -![Box DC Wizard Activity Timespan Scope page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/activitytimeframe.webp) - -Select one of the following options to configure the timeframe for Box data collection: - -- Relative Timespan – Collects activity from a set number of days relative to the present - - - Collect activity from the last [number] Days – Enter the number of days for which activity - data collection is required. The default is 180. The maximum timespan is 365 days. - - Data retention settings – Select a preferred retention setting - - - Within timespan – Deletes all data outside of the selected timespan - - Retain all data – Retains all data collected inside or outside of the selected timespan - -- Absolute Timespan – Enter the interval of days for which activity data collection is required. The - default End Date is the current day. - - **NOTE:** Choosing an absolute timespan will not affect activity data during relative timespan - scans. - -# Box: Additional Scoping - -The Additional Scoping page is where the scan can be limited by depth of the scan. It is a wizard -page for the Scan Box Permissions category. - -![Box DC Wizard Additional Scoping page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/additionalscoping.webp) - -Configure the scan depth level: - -- Limit scanned depth to: [number] level – Select the checkbox and set the scan depth level to the - desired depth. If this checkbox is not selected, then the entire Box environment will be scanned, - according to the - [Box: Exclusions Page](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) - settings. If the scoping depth is set to **0** then only root will be scanned. Each increment will - add another level of depth from root level. - -# Box: Authenticate - -The Authenticate page is where connection to the Box environment is configured. It is a wizard page -for all categories. - -![Box DC Wizard Authentication page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/authentication.webp) - -Click **Authorize** to launch the BoxLogin window and generate an authorization code. This code will -allow Enterprise Auditor to report on the Box Enterprise. - -![BoxLogin window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/boxlogin.webp) - -Enter an email address and password for an account with Enterprise Admin credentials in the targeted -Box environment. Then click **Authorize** to grant access to Box and generate the code. The **Use -Single Sign On (SSO)** option is an alternative log in method. - -# Box: Category - -Use the Category page to select the type of scan or import for the Box Enterprise targeted. - -![Box DC Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The Box Data Collector contains the following query categories: - -- Box Activity Audit – Scan Box activity - - - Scan Box Activity – Performs an audit of Box activity - - Bulk Import Box Activity – Performs a bulk import of Box activity - -- Box Permission Audit – Scan Box permissions - - - Scan Box Permissions – Performs an audit for Box permissions - - Import Box Permissions – Performs an import of Box permissions - -# Box: Exclusions Page - -The Exclude or Include folders page (ExclusionsPage) is where the scan can be limited to include or -to exclude folders within the Box Enterprise. It is a wizard page for of Scan Box Permissions -category. - -![Box DC Wizard Exclude or Include folders page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/exclusions.webp) - -The options on the Exclusions Page are: - -- Add as inclusion – Type the path of a folder in the text box to include in the scan. The folder - path must not include a slash at the end. - - - Example format: `/All Files/Folder/SubFolder` - - Incorrect format: `/All Files/Folder/SubFolder/` - -- Add as exclusion – Type the path of a folder in the text box to exclude from the scan - -The **Remove** option will delete a selected folder from the list. The **Clear List** option will -remove all folders from the list. - -# Box Data Collector - -The Box Data Collector audits access, group membership, and content within a Box enterprise. - -**NOTE:** If the Box Data Collector is used in a new job, outside of the Box Solution, it is -necessary to deselect the **Skip Hosts that do not respond to PING** option on the job’s -**Properties** > **Performance** tab. - -The Box Data Collector has been preconfigured within the Box Solution. Both this data collector and -the solution are available with a special Enterprise Auditor license. See the -[Box Solution](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) -topic for additional information. - -Protocols - -- HTTP -- HTTPS - -Ports - -- TCP 80 -- TCP 443 - -Permissions - -- Box Enterprise Administrator - -## Box Query Configuration - -The Box Data Collector is configured through the Box Data Collector Wizard. The wizard contains the -following pages, which change based up on the query category selected: - -- Welcome -- [Box: Category](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) -- [Box: Exclusions Page](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) -- [Box: Scope by User Page](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) -- [Box: Additional Scoping](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) -- [Box: Activity Timeframe Scope](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) -- [Box: Activity Operation Scope](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) -- [Box: Authenticate](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) -- [Box: Results](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) -- [Box: Summary](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) - -The Welcome page gives an overview of the data collector. To proceed through the pages, click -**Next** or use the Steps navigation pane to open another page in the wizard. Review the -introductory and caution information about the Box Data Collector before proceeding. - -![Box DC Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by checking the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. - -# Box: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -categories. - -![Box DC Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Select All** or **Clear All** buttons can be used. -All selected properties will be gathered. Available properties vary based on the category selected. - -# Box: Scope by User Page - -The User Scope Settings page (ScopeByUserPage) is where the scope of the scan can be limited to -specified users and the resulting scan will only scan for the specified users. It is a wizard page -for the Scan Box Permissions category. - -![Box DC Wizard User Scope Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/scopebyuser.webp) - -Select whether to scan **All Users** or **Limited Users**. If scanning for **Limited Users**, click -**Browse** and navigate to the path of the CSV file that contains the email addresses of users to be -included in the scan. The CSV file should have one email address per row. - -**NOTE:** The query will collect information related to User names and Group membership for all -users in a target environment. However, if the query is scoped to specific users, no additional -information is collected for users outside out of the scope. User names and group membership for the -target environment is necessary to generate the Box Solution reports. - -# Standard Reference Tables & Views For the Box Data Collector - -The Box Data Collector gathers essential user and group inventory information into standard -reference tables. These tables and their associated views are outlined below: - -| Table | Details | -| -------------------------- | ----------------------------------------------------------------------------------------------------------------------- | -| SA_Box_Collaborations | Contains all of the trustees who have access on folders and defines the access type | -| SA_Box_Enterprises | Contains information on the enterprises within the Box environment | -| SA_Box_EventNames | Contains information on the names of events within the Box environment | -| SA_Box_Events | Contains information on the type of events within the Box environment | -| SA_Box_ExternalUsers | Contains one row per user and displays information on external users over the past 30 days | -| SA_Box_FileDetails | Contains one row per file and displays file-specific details | -| SA_Box_FolderDetails | Contains one row per folder and displays folder-specific details | -| SA_Box_GroupMembers | Contains unique row for each trustee per group and defines the access type of each member | -| SA_Box_Groups | Contains all of the enterprise-created groups and has a unique row for each group | -| SA_Box_Hosts | Contains the name and ID of all Box enterprises that have been scanned for permissions | -| SA_Box_Resources | Contains information about all audited resources, which can be files or folders. It contains a unique row per resource. | -| SA_Box_TaskStatus | Displays the tasks which have been completed and the corresponding USN value | -| SA_Box_Trustees | Contains basic information about all of the users and groups | -| SA_Box_UnusualUserActivity | Contains information about suspicious activity on user accounts | -| SA_Box_Users | Contains one row per user and displays information on users of any teams present | - -Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the -Box Data Collector. They contain additional information for building queries easily. The following -is an explanation of the corresponding views created for some of the tables generated by the Box -Data Collector: - -| Views | Details | -| ------------------------- | ------------------------------------------------------------------------------------------------------------ | -| SA_Box_CollaborationsView | Displays the collaborations applied to shared folders and the access type for the trustee | -| SA_Box_ExternalUsersView | Displays external user activity which has occurred over the past 30 days | -| SA_Box_GroupMembersView | Displays all of the users, which groups they are members of, and the access type on the group | -| SA_Box_ResourceEventsView | Displays all of the events, which users created it, the source of that event, and the name and type of event | - -# Box: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![Box DC Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Box Data Collector Wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md b/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md deleted file mode 100644 index 8ebbee24c6..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md +++ /dev/null @@ -1,304 +0,0 @@ -# DropboxAccess: Category - -Use the Category Selection Page to identify the type of information to retrieve. The DropboxAccess -Data Collector contains the following query categories, sub-divided by auditing focus: - -![Dropbox Access Auditor Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -- The Dropbox Access Audits scans for Dropbox access information: - - - Scan Dropbox Access – Performs a Dropbox access audit to collection permissions information - - Bulk Import Access Scan Results – Imports Dropbox access scan results into the Enterprise - Auditor database and creates SQL views - -- The Sensitive Content scans for sensitive data information: - - - Scan for Sensitive Content – Scans for sensitive data content on Dropbox - - Bulk Import Sensitive Content Scan Results – Imports sensitive content scan results into the - Enterprise Auditor database and creates SQL views - -The selection made on the Category Selection Page determines the wizard pages available. - -# DropboxAccess: Summary (Completion) - -The Completion page, is where configuration settings are summarized. This page is a wizard page for -all categories. - -![Dropbox Access Auditor Data Collector Wizard Completion page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/completion.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Dropbox Access Auditor Data Collector Wizard ensuring that no -accidental clicks are saved. - -_Remember,_ if an Access Token was generated, use it as the credential within the Connection -Profile. Then assign it to the job group or job which will be scanning the targeted Dropbox -environment. See the -[Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) topic -for additional information. - -# Custom Dropbox Connection Profile & Host List - -The DropboxAccess Data Collector requires a custom Connection Profile to be created and assigned to -the job or job group conducting the data collection. - -## Connection Profile - -Creating the Connection Profile requires an access token. The access token is generated on the Scan -Options page of the Dropbox Access Auditor Data Collector Wizard. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Dropbox -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Access Token – Copy and paste the Access Token after it has been generated from the Scan Options - page of the Dropbox Access Auditor Data Collector Wizard. See the - [DropboxAccess: Scan Options](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) topic - for additional information. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -## Host List - -The host list should be set to: - -- Local host - -# DropboxAccess: DLP Audit Settings - -Use the DLP Audit Settings page to configure sensitive data discovery settings. This page is a -wizard page for the Scan for Sensitive Content category. - -![Dropbox Access Auditor Data Collector Wizard DLP Audit Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/dlpauditsettings.webp) - -Configure the DLP audit settings: - -- Scan Performance: - - - Don’t process files larger than – Limits the files to be scanned for sensitive content to - files smaller than the specified size - -- File types to scan: - - - Scan typical documents (recommended, fastest) – Scans most common file types - - Scan all document types (slower) – Scans all file types except those excluded - -- Store Match Hits –  Choose whether to store copies of potentially sensitive data discovered during - the scan: - - - Store discovered sensitive data – Stores a copy of any potentially sensitive data that matches - the selected criteria in the Enterprise Auditor database. This copy can be used to check for - false positives, data that matches the selected criteria but is not actually sensitive. - - Limit stored matches per criteria to [number] – Identifies the number of potentially sensitive - data matches that are copied to the database. The default is 5 matches. This option is - available only if the **Store discovered sensitive data** option is selected. - -- Perform differential scan of – Enables users to choose whether to employ incremental scanning: - - - Files modified since last scan – Scans only files modified since the last scan - - Files modified since [date] – Only scans files modified after the specified date - - Files modified since the last [number] days – Scans files modified within the specified number - of days - -_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to have -been installed on the Enterprise Auditor Console. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -# DropboxAccess Data Collector - -The DropboxAccess Data Collector audits access, group membership, and content within a Dropbox -environment. Dropbox can scan the contents of over 400 file types to discover which files contain -sensitive data using the Sensitive Data Discovery Add-on. The DropboxAccess Data Collector has been -preconfigured within the Dropbox Solution. Both this data collector and the solution are available -with a special Enterprise Auditor license. See the -[Dropbox Solution](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) -topic for additional information. - -Protocols - -- HTTP -- HTTPS - -Ports - -- TCP 80 -- TCP443 - -Permissions - -- Dropbox Team Administrator - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -## Query Configuration - -The DropboxAccess Data Collector is configured through the Dropbox Access Auditor Data Collector -Wizard. The wizard contains the following pages, which change based upon the query category -selected: - -- Welcome -- [DropboxAccess: Category](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -- [DropboxAccess: Scan Options](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -- [DropboxAccess: Scoping](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -- [DropboxAccess: DLP Audit Settings](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -- [DropboxAccess: Select DLP Criteria](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -- [DropboxAccess: Summary (Completion)](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) - -![Dropbox Access Auditor Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. - -# DropboxAccess: Scan Options - -Use the Scan Options page to authorize Enterprise Auditor to generate an Access Token allowing the -DropboxAccess Data Collector to access and scan an organization’s Dropbox environment. The Access -Token is used as the credential in the Connection Profile. - -**NOTE:** The Access Token needs to be generated only once, prior to the first execution of any job -in which the DropboxAccess Data Collector is used in a query. - -The Scan Options page is a wizard page for the following categories: - -- Scan Dropbox Access -- Scan for Sensitive Content - -Follow the steps to create the Access Token: - -![Dropbox Access Auditor Data Collector Wizard Scan Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scanoptions.webp) - -**Step 1 –** Click the **Authorize** button to access the Dropbox Authentication page. - -![Dropbox Log in page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp) - -**Step 2 –** On the Dropbox Authentication page, log in as the Team Administrator. - -![Copy Access Token](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp) - -**Step 3 –** Once the Access Token has been generated, click **Copy to Clipboard**. Click **Next** -to finish choosing the configuration options or click **Cancel** to close the Dropbox Access Auditor -Data Collector Wizard. - -Create a Connection Profile using this access token as the credential. See the -[Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -topic for additional information on configuring the Dropbox credential. - -_Remember,_ assign this Connection Profile to the job group or job where the host assignment for the -Dropbox environment to be targeted has been assigned. - -# DropboxAccess: Scoping - -The Scoping page configures the data collector to scan either the entire Dropbox environment or -limit the scan to specific users. The page is a wizard page for the following categories: - -- Scan Dropbox Access -- Scan for Sensitive Content - -![Dropbox Access Auditor Data Collector Wizard Scoping Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scoping.webp) - -Use the scoping options to select the depth of the scan: - -- User Scoping: - - - All Users – Scans all users in the Dropbox environment - - Limited Users – Click **Browse** and navigate to the path of the CSV file that contains the - email addresses of users to include in the scan. The CSV file should have one email address - per row. - -- File Permissions: - - - Collect File Level Permissions – Select the checkbox to collect permissions at the file level - -# DropboxAccess: Select DLP Criteria - -Use the Select DLP criteria for this scan page to configure criteria to use for discovering -sensitive data. This page requires the Sensitive Data Discovery Add-On to be been installed on the -Enterprise Auditor Console to define the criteria and enable the Criteria Editor. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -The Select DLP Criteria for this scan page is a wizard page for the Scan for Sensitive Content -category. - -![Dropbox Access Auditor Data Collector Wizard Select DLP criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/selectdlpcriteria.webp) - -Select the checkbox next to each criteria to be included in the search for sensitive data. You can -also use the **Select All** and **Clear All** buttons. - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - -**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System -Criteria and User Criteria nodes are visible in the table. - -Use the **Edit** button to access the Criteria Editor where user-defined criteria can be created or -customized. See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) -topic for additional information. - -# Standard Reference Tables & Views for the DropboxAccess Data Collector - -The DropboxAccess Data Collector gathers essential user and group inventory information into -standard reference tables. Unlike most of the other Enterprise Auditor data collectors, the -DropboxAccess Data Collector writes data to these tables regardless of the job executing the query. - -## Dropbox Access Auditing Tables & Views - -These tables and their associated views are outlined below: - -| Table | Details | -| --------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -| SA_Dropbox_DocumentMetadata | Contains one row per document collected and displays file details such as size and last time modified | -| SA_Dropbox_GroupMembers | Contains a unique row for each trustee per group and defines the access type of each member | -| SA_Dropbox_Groups | Contains all of the team-created groups and should have a unique row for each group | -| SA_Dropbox_Resources | Contains information about all audited resources, which can be files or folders. It should contain a unique row per resource. | -| SA_Dropbox_Rights | Contains all of the trustees who have access on shared folders and defines the access type | -| SA_Dropbox_SharedFolders | Contains all of the shared folders with corresponding OwnerID and access type along with the shared link policy | -| SA_Dropbox_TeamMembers | Contains one row per team member and displays information on members of any teams present | -| SA_Dropbox_Teams | Contains information on the teams within the Dropbox environment | -| SA_Dropbox_Trustees | Contains information about any trustee, group, or team that has been assigned permissions | - -Views are the recommended way for you to obtain the information gathered by the DropboxAccess Data -Collector. They contain additional information for building queries easily. The following is an -explanation of the corresponding views created for some of the tables generated by the DropboxAccess -Data Collector: - -| Views | Details | -| ------------------------------- | ------------------------------------------------------------------------------------------------ | -| SA_Dropbox_DocumentMetadataView | Displays the location and file details of all audited files | -| SA_Dropbox_GroupMembersView | Displays all of the team members, which groups they are members of, and access type on the group | -| SA_Dropbox_RightsView | Displays the rights applied to shared folders and the access type for the trustee | -| SA_Dropbox_SharedFoldersView | Displays shared folders, their owners, and whether the owner is a team member | - -## Dropbox Sensitive Data Discovery Auditing (SEEK) Tables & Views - -These tables and their associated views are outlined below: - -| Table | Details | -| -------------------- | ------------------------------------------------------------------------------------------------------------------------ | -| SA_Dropbox_Criteria | Contains the sensitive data criteria which are selected for collection by the scan engine (data collector configuration) | -| SA_Dropbox_Matches | Contains rolled up aggregate counts of the sensitive data criteria matches found during the scan | -| SA_Dropbox_MatchHits | Contains the actual sensitive data discovered within files which matched selected criteria | - -Views are the recommended way for you to obtain the information gathered by the DropboxAccess Data -Collector. They contain additional information for building queries easily. The following is an -explanation of the corresponding views created for some of the tables generated by the DropboxAccess -Data Collector: - -| Views | Details | -| ------------------------ | ------------------------------------------------------------------------------------------ | -| SA_Dropbox_MatchesView | Surfaces all relevant data about the files, its location, and the type of criteria found | -| SA_Dropbox_MatchHitsView | Surfaces all actual sensitive data discovered within files which matched selected criteria | diff --git a/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md b/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md deleted file mode 100644 index e805c8d322..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md +++ /dev/null @@ -1,178 +0,0 @@ -# CLU: Define Fields - -The Define Fields page provides options to define and configure fields for the Command Line Utility -output. It is a wizard page for the **Edit Profile** and **Create a New Profile** profile types. - -![Command Line Utility Data Collector Wizard Define Fields page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/definefields.webp) - -**CAUTION:** Do not modify this page without guidance from Netwrix or the data may not be processed -by Enterprise Auditor. - -# CLU: Execution Options - -The Execution Options page provides options to define the mode of execution. It is a wizard page for -the **Edit Profile** and **Create a New Profile** selections on the Profile Type page. - -![Command Line Utility Data Collector Wizard Execution Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/executionoptions.webp) - -The available options on the page vary depending on the selected profile type. The possible options -are as follows: - -Execution Type - -The Execution Type section identifies the mode of execution: - -- Local – Execute the utility within the Enterprise Auditor Console -- Remote – Execute the utility on the target host - -Output options - -The output options include: - -- Write Output to a text file – Writes task output to a text file which is thenprocessed to collect - properties -- Preserve Output file – Stores the output file on the local machine -- .Exe Present in Installed CLU Directory – Select the checkbox if the .exe utility is present in - the installed CLU directory. The path on the Profile Parameters page should be the utility name - instead of the full path. See the - [CLU: Profile Parameters](/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md) topic - for additional information. - -Remote Execution Options - -The Remote Execution Options apply to the Remote mode of execution: - -- Copy .exe to remote host – Copies the executable from the local machine to the remote machine - before executing it -- Leave .exe on remote host – Keeps the executable on the remote machine after execution - -Other Settings - -The Other Settings section provides additional options: - -- Ignore Error Code – Error code to skip while executing the command line utility using the task - scheduler - - - The `0` code is always skipped during execution - - If no error code is required, enter `0` - -- Timeout – Timeout limit in seconds for the task to finish - - - The default value is 1200 seconds, or 20 minutes - -# CommandLineUtility Data Collector - -The CommandLineUtility Data Collector provides the ability to remotely spawn, execute, and extract -data provided by a Microsoft native or third-party command line utility. It allows users to easily -execute a command line utility and capture its output as Enterprise Auditor data. This data -collector is a core component of Enterprise Auditor and is available with all Enterprise Auditor -licenses. - -Protocols - -- Remote Registry -- RPC - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the local Administrators group - -## CommandLineUtility Query Configuration - -The CommandLineUtility Data Collector executes a command line utility and captures the output. It is -configured through the Command Line Utility Data Collector Wizard, which contains the following -pages: - -- Welcome -- [CLU: Profile Type](/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md) -- [CLU: Profile Parameters](/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md) -- [CLU: Execution Options](/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md) -- [CLU: Define Fields](/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md) -- [CLU: Script Editor](/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md) -- [CLU: Results](/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md) -- [CLU: Summary](/docs/accessanalyzer/11.6/data-collection/custom-collectors/command-line.md) - -![Command Line Utility Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. - -# CLU: Profile Parameters - -The Profile Parameters page provides settings to configure the parameters for the profile. It is a -wizard page for the **Edit Profile** or **Create a New Profile** selections on the Profile Type -page. - -![Command Line Utility Data Collector Wizard Profile Parameters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/profileparameters.webp) - -Profile parameters include: - -- Profile Name – Name of the profile. If **Edit Profile** was selected on the Profile Type page, - then this is the name of an existing profile to be edited. If **Create a New Profile** was - selected, then this is the name of a new profile. -- Path – Path of the utility (.exe) from the local or remote machine. If stored on the local - machine, give the local path. If the utility is located on multiple paths in the same machine, - each can be entered on a new line in this field. If the .exe file is present in the installed CLU - directory, then enter the utility name rather than the full path. -- Start in path for task (Optional) – Working directory for the command line that executes the - program or script. This should be either the path to the program or script file, or the path to - the files that are used by the executable file. -- Command Line – Command that the utility executes. If the utility is self-executable and does not - need a command, leave this field blank. -- Output File Name – Enter the desired name for the output file. By default, the output file name - matches the profile name. - -# CLU: Profile Type - -The Profile Type page contains options to select a new or existing profile. - -![Command Line Utility Data Collector Wizard Profile Type page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/profiletype.webp) - -The options on the Profile Type page are: - -- Select Profile – Allows you to change the properties of a profile from the results page -- Edit Profile – Allows you to edit a profile's execution options and properties. Enables the Define - Fields and Script Editor pages. -- Create a New Profile – Allows you to create a new profile. Enables the Define Fields and Script - Editor pages. - -The profile type selected may alter the availability of the subsequent wizard steps. - -# CLU: Results - -The Results page is where the properties to be returned as columns in the results table are -selected. It is a wizard page for all profile types. - -![Command Line Utility Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Select one or more properties to be returned as columns in the results table. Click **Select All** -to select all of the properties, or click **Clear All** to clear all the currently selected -properties. The available properties vary based on the selections on previous wizard pages. - -# CLU: Script Editor - -The Script Editor page provides options to create or edit a Visual Basic script that is used to -parse the output file created by the data collector after execution. The Script Editor page is -enabled when **Edit Profile** or **Create a New Profile** is selected on the Profile Type page. The -page is disabled when the **Select Profile** option is selected on the Profile Type page. - -![Command Line Utility Data Collector Wizard Script Editor page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/scripteditor.webp) - -**CAUTION:** Do not modify this page without guidance from Netwrix or the data may not be processed -by Enterprise Auditor. - -# CLU: Summary - -The Summary page provides a summary of the query that has been created or edited. It is a wizard -page for all profile types. - -![Command Line Utility Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Command Line Utility Data Collector Wizard to ensure that no -accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/data-collection/custom-collectors/ldap.md b/docs/accessanalyzer/11.6/data-collection/custom-collectors/ldap.md deleted file mode 100644 index f41c955305..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/custom-collectors/ldap.md +++ /dev/null @@ -1,147 +0,0 @@ -# LDAP Data Collector - -The LDAP Data Collector uses LDAP to query Active Directory returning the specified objects and -attributes. For example, a query can be configured to return all user objects at the selected level. -Another query can be configured to return a master list of all user objects found within the target -domain. Wildcards and LDAP filters can be applied to the query configurations. - -The LDAP Data Collector is a core component of Enterprise Auditor, but it has been preconfigured -within the Active Directory Solution. While the data collector is available with all Enterprise -Auditor license options, the Active Directory Solution is only available with a special Enterprise -Auditor license. See the -[Active Directory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -topic for additional information. - -Protocols - -- LDAP - -Ports - -- TCP 389 - -Permissions - -- Member of the Domain Administrators group - -## LDAP Query Configuration - -The LDAP Data Collector is configured through the LDAP template form. The LDAP template form has the -following configuration options: - -![LDAP template form](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/templateform.webp) - -- Connect to the server – Use the default domain controller entered in the box, or enter an - alternate server -- Naming context – Select a directory partition from the drop-down list: **Default Context**, - **Configuration Context**, or **Schema Context** -- Connect – Connects to the domain specified. The root folder of the domain is displayed in the left - pane of the window. - - **NOTE:** Before clicking **Connect**, the server port must be configured. To configure the - server port, click **Options** to open the Options window and configure the server port as - described in the Options Window section. - -- Options – Opens the Options window to configure connection options and multi-value results - options. See the [Options Window](#options-window) topic for additional information. -- List of attributes – Table in the upper right corner lists attributes for the object selected in - the left pane -- Root path – The Root path textbox is populated with the path to the highlighted attributes to be - collected -- LDAP filter – The LDAP filter textbox shows the filters applied to the objects. Click the ellipses - (**…**) to open the Filter Options window. See the [Filter Options Window](#filter-options-window) - topic for additional information. - -The button bar provides additional options for selecting objects and attributes. See the -[Button Bar](#button-bar) topic for additional information. - -### Options Window - -The Options window contains configure connection options and multi-value results options. Click the -**Options** button located in the upper right corner of the LDAP template form to open it. - -![Options Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -- Connect Securely with TL/SSL – Connect using TLS/SSL. If the checkbox is selected, the server port - defaults to `636`. -- Ignore Certificate Errors – Ignores certificate errors during connection when encrypted - communication is enabled -- Server Port - - - If the Connect Securely with TLS/SSL option is selected, use Server Port `686` - - If the Connect Securely with TLS/SSL option is not selected, use Server Port `389` - -- Authentication Type - - - Negotiate – Default authentication type - - Simple - -- TreeView Node Limit – Typically set to 500 -- Multi-valued attributes – Indicates how multi-valued properties are returned - - - Concatenated – All values are listed in one cell using the delimiter specified - - - Delimiter – Symbol used to separate values in the cell - - - First Value Only – Only the first value is listed in the cell - -### Filter Options Window - -The Filter Options window is where to add filters to the query. Click the ellipses (**…**) button -located to the right of the **LDAP filter** box in the LDAP template form to open this window. - -![filteroptions](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/filteroptions.webp) - -- Extract all objects (no filter) – No filters applied -- Extract only objects of the following classes – Applies class filter for selected classes - - - Users - - Groups - - Contacts - - Computers - - Printers - - Shared Folders - -- Custom Filter – Applies a custom filter configured in the Custom Filter window. See the - [Custom Filter Window](#custom-filter-window) topic for additional information. - -#### Custom Filter Window - -The Custom Filter window provides options for creating a complex filter. - -![Custom Filter window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/customfilter.webp) - -Select a **Field** and **Condition** from the drop-down lists. Enter a **Value** for the condition. -Click **Add** to add the filter to the Filter Lines table. - -- Filter Lines will be combined with a logical – Select the **AND** or **OR** option. **AND** is - selected by default. -- Edit Raw Filter – Opens the Raw Filter Edit window - - ![Raw Filter Edit window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/rawfilteredit.webp) - - Enter the entire LDAP filter in the textbox. Click **Verify** to confirm the filter, and then - **OK** to add it to the custom filter list. - -- Clear Filter – Deletes the selected filter - -Click **OK** to save the changes and close the Custom Filter window. - -### Button Bar - -The button bar provides several options for configuring the query. - -![buttonbar](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/buttonbar.webp) - -| Button | Name | Description | -| --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------- | ------------------------------------------------------------------------- | -| ![Include sublevels button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sublevels.webp) | Include sublevels | Include sublevel folders of the selected folder. | -| ![Org wildcard button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/orgwildcard.webp) | Org wildcard | Search for the attribute across multiple domains. | -| ![Wildcard the level button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wildcard.webp) | Wildcard the level | Search everything on the selected level. | -| ![Unwildcard all levels button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unwildcard.webp) | Unwildcard all levels | Removes the wildcard and returns the search scope to the selected domain. | -| ![Include a HostName Tag button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/includehostname.webp) | Include a HostName Tag | Replaces the OU with a HostName Tag. | -| ![Remove all HostName Tags button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/removehostname.webp) | Remove all HostName Tags | Removes the HostName Tag. | -| ![Add Security Properties for Selected Key button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addsecurityproperties.webp) | Add Security Properties for Selected Key | Adds the list of security properties. | -| ![Select Highlighted Attributes button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addattributes.webp) | Select Highlighted Attributes | Adds the highlighted attributes to the list. | -| ![Delete the Highlighted Selected Attributes button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/deleteattributes.webp) | Delete the Highlighted Selected Attributes | Deletes the highlighted attributes from the list. | -| ![Find the Root Path in the Directory Objects button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/rootpath.webp) | Find the Root Path in the Directory Objects | Returns the root path to the selected root. | diff --git a/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md b/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md deleted file mode 100644 index c7d0625682..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md +++ /dev/null @@ -1,169 +0,0 @@ -# PowerShell: Edit Query - -The Edit Query page provides a screen to edit the query to execute. Users can import PowerShell -script as well as use an input table to create and edit the PowerShell script. - -![PowerShell Data Collector Wizard Edit Query page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editquery.webp) - -The options on the Edit Query page are: - -- Open – Click to import and open a PowerShell script -- Script Editor – Input PowerShell script to use for the configured job -- Parameters – The Parameters tab located on the right-hand side of the Edit Query page is used to - bring up the Parameters window. See the [Parameters](#parameters) topic for additional - information. -- Use table input for PowerShell script – select the checkbox to bring up the Input options for the - PowerShell script. See the [Input Options](#input-options) topic for additional information. - -## Parameters - -Add, edit, and delete parameters for the PowerShell data collector using the Parameters window. - -![Parameters Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryparameters.webp) - -The options in the Parameters Window are: - -- Add – Add a parameter by opening the Add/Edit Variable Window. See the - [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. -- Edit – Edit the selected parameter by opening the Add/Edit Variable Window. See the - [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. -- Delete – Delete a parameter - -**NOTE:** Only user created parameters can be edited or deleted. Pre-configured parameters cannot be -edited or deleted. - -### Add/Edit Variable Window - -Use the Add/Edit Variable Window to add and edit parameters for the PowerShell Data Collector. - -![Add/Edit Variable Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryvariable.webp) - -The options in the Add/Edit Variable window are: - -- Name – Enter or edit the name for the custom parameter -- Description – (Optional) Enter or edit the description for the custom parameter -- Type – Select the Type from the dropdown list. The options are: - - - String - - List - - Filepath - - Boolean - - Long - - Double - -- Value – Enter or edit the value for the custom parameter - -## Input Options - -When the Use table input for PowerShell script option is selected on the Edit Query page, additional -options display to define the source for input data. - -![Edit Query page input options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryinput.webp) - -The input options are: - -- Please select name – Select the input table to be used from the drop-down menu -- Filter nulls – Excludes values that are null from input -- Filter duplicates – Excludes any values that are duplicate from input -- Text Box – Displays an example of how the input can be used in a PowerShell script -- Columns – Displays the columns in the selected input table. If applicable, select the checkbox to - include the column in the input. -- Input Data – Preview how the input data will look in the Input Data tab - -![Text Box and the Columns tab populated with information](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryinputtable.webp) - -Selecting an input table in the **Please select name** dropdown populates the Text Box and the -Columns tab with information. - -# PowerShell: Options - -The Options page provides the option to execute the script remotely on the target host. - -![PowerShell Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -The configurable options are: - -- Execute remotely – Remotely executes the script on the target host. If this checkbox is not - selected, the script will be executed from the Enterprise Auditor Console server. -- Use impersonation within server executable – Executes the script with the job credentials - -For cmdlets requiring explicit credentials, a single credential set from the job's Connection -Profile can be referenced using `Get-Credential` or the `$JobCredential` variable, a `PSCredential` -type object. All credentials from the job’s Connection Profile may be accessed via the -`$JobCredentials` array. - -# PowerShell Data Collector - -The PowerShell Data Collector provides PowerShell script exit from Enterprise Auditor. It has -configuration options for creating and configuring a PowerShell query. This data collector is a core -component of Enterprise Auditor and is available with all Enterprise Auditor licenses. - -Protocols - -- PowerShell - -Ports - -- Randomly allocated high TCP ports - -Permissions - -- Member of the Domain Administrators group (if targeting domain controllers) -- Member of the Local Administrators group - -## PowerShell Query Configuration - -The PowerShell Data Collector is configured through the PowerShell Data Collector Wizard, which -contains the following pages: - -- Welcome -- [PowerShell: Edit Query](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -- [PowerShell: Options](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -- [PowerShell: Sample Server](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -- [PowerShell: Results](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -- [PowerShell: Summary](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) - -![PowerShell Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by checking the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. - -# PowerShell: Results - -The Results page provides configuration settings for the Properties to return and ROWKEY's -components. - -![PowerShell Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -The Results page options are: - -- Properties to return – List of available properties which can be gathered for the PowerShell query -- ROWKEY's components – List of available properties based on which ROWKEY will be built - -# PowerShell: Sample Server - -The Sample Server page provides a box to select a server to generate the result columns. - -![PowerShell Data Collector Wizard Select Server page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/selectserver.webp) - -The Select Server page options are: - -- Server name – Server to be used during configuration -- Validate – Validates the script results and retrieves result columns. Validation must be run in - order to populate and enable the Results page. - -The server selected here replaces any `[SAHOSTNAME]` tokens in the PowerShell script. During -execution, the `[SAHOSTNAME]` tokens are replaced in turn by each host in the host list. If no -`[SAHOSTHAME]` tokens exist in the PowerShell script, then the server name and the hosts in the host -list have no effect. - -# PowerShell: Summary - -The Summary page summarizes the selected configurations from the previous pages in the PowerShell -Data Collector Wizard. - -![PowerShell Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the PowerShell Data Collector Wizard ensuring that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md b/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md deleted file mode 100644 index 4ec6be4099..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md +++ /dev/null @@ -1,391 +0,0 @@ -# Add a Script to an Existing Query - -The Query Properties window provides the ability to add a script to an existing query. Typically, a -script is used to augment a query providing services such as conversion of returned data. - -Follow the steps to add a script. - -**Step 1 –** Navigate to the job's **Configure** node and select **Queries**. - -**Step 2 –** Click **Create Query** to open the Query Properties window. - -**Step 3 –** Select the **Data Source** tab and select the desired data collector in the Data -Collector drop-down menu. - -![Query Properties window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/querypropertiesexisting.webp) - -**Step 4 –** Click the **Browse Data Source** button to open the VBScript Editor page and add the -script to run after data collection. - -See the -[VBScript Editor](/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md) -topic for additional information. - -# VBScript Editor - -The VBScript Editor window provides the means to add a script. The window is ideal for editing small -scripts and for pasting larger scripts from external scripting tools. - -![VBScript Editor window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/vbscripteditor.webp) - -The options in the VBScript Editor are: - -- Save and Close – Use this option to save the script and close the window -- Syntax Check – Use this option to check the syntax of your script. This does not identify logic - errors, only cases where the script syntax is incorrect. It helps reduce the overhead of debugging - a script. When selected, a Script Errors window opens and a syntax check is performed. Any - syntactical errors are displayed within the window. -- Load from file – Use this option to load a VB script from a .vbs file -- Save to file – Use this option to save the current script in the Editor -- Undo – Undo previous changes made to the script (Shortcut is Ctrl+Z) -- Redo – Redo previous changes made to the script (Shortcut is Shift+Ctrl+Z) -- Cut – Cut the highlighted text -- Copy – Copy the highlighted text -- Paste – Paste cut or copied text into the VB Script Editor -- Online VBScript Language Reference – Opens internet browser to the Microsoft Technical - Documentation website from where documentation for Visual Basic Script can be navigated to - -After adding or modifying a script, click **Save and close**. - -See the -[Script Example 1: Conversion of Data](/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md) -and -[Script Example 2: Command Query](/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md) -topics for additional information. - -# Script Example 1: Conversion of Data - -This script example demonstrates how to perform a query and modify returned data. The script -provides the data collector with the information that would have been provided if the user interface -had been used to design the query. However, in this case it is all done through script. The data -collector returns a value that is then converted and stored by Enterprise Auditor. - -This script starts by defining a query using the Perfmon Data Collector. Notice that the -**WorkingQuery** object is used, not the Query object. This is done to preserve the Query object, -since the Query object will be used to store the results that are different from what the data -collector is providing. - -The script then issues the query by calling `WorkingQuery.Execute`. When the query completes, -**WorkingQuery** is set to view the first row of results by setting the **ResultRow** property. The -value within the **System Up Time** property is then transferred into the `REMAINDER` variable so -that it can be more easily manipulated. - -The script then takes the value of `REMAINDER`, which is in seconds, and converts it to days, hours, -minutes, and seconds. These values are then recorded in the Query object so that Enterprise Auditor -can store this data. - -**NOTE:** In this task, the hours, minutes, and seconds properties were specified manually using the -task dialog. See the -[Script Properties](/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md) -topic for additional information. - -## Example of Conversion of Data Script - -The conversation of data script example is: - -``` -Sub Task() -Dim DAYS -Dim HRS -Dim MINS -Dim SECS -Dim REMAINDER  -WorkingQuery.Host=Query.Host -WorkingQuery.Source="Perfmon" -WorkingQuery.Paths=1 -WorkingQuery.Path(0)="System\System Up Time" -WorkingQuery.AddProperty  "NAME=System Up Time,DATATYPE=NUMERIC,VALUE=,COLUMN=UPTIME" -WorkingQuery.Execute -WorkingQuery.ResultRow=0 -REMAINDER=WorkingQuery.ResultData("System Up Time")  -Query.ResultRows=1 -Query.ResultRow=0  -'Calculate days/hrs/mins/secs -DAYS=INT(REMAINDER/86400) -REMAINDER=REMAINDER-(DAYS*86400) -HRS=INT(REMAINDER/3600) -REMAINDER=REMAINDER-(HRS*3600) -MINS=INT(REMAINDER/60) -SECS=INT(REMAINDER-(MINS*60))  -Query.ResultData("SecondsElapsed")=INT(WorkingQuery.ResultData("System Up Time")) -Query.ResultData("Days")=DAYS -Query.ResultData("Hrs")=HRS -Query.ResultData("Mins")=MINS -Query.ResultData("Secs")=SECS -End Sub - -``` - -# Script Example 2: Command Query - -The following example illustrates the use of scripts within Enterprise Auditor. This script reads a -database list from SQL Server and then proceeds to the File System Data Collector for the size of -the database file, essentially inventorying the installed databases, their paths, and sizes. - -**NOTE:** Because the object instances are not thread-safe, scripts like these that use objects -external to Enterprise Auditor should be run with only one thread. - -In this example, a connection is opened with a SQL server. The SQL server name is provided by -Enterprise Auditor during the query. Enterprise Auditor provides the active host to the script using -the **Query.Host** property. - -The script then queries the Master database, requesting a **recordset** containing all databases and -proceeds to get the row count. Setting the **Query.ResultRows** property creates a row of storage -for each record in the recordset. It then proceeds to read data from each row by looping row by row. -For each row, the database name, filename, and ID are captured. The script then calls a function to -get the size of the file. The **FileSize** function uses the database filename to construct a query -to the File System Data Collector, which ultimately returns the size of the file. - -The data for each database is stored in the Query object. - -Finally, the SQL objects are freed. - -## Example of Compound Query Script - -The compound query script example is: - -``` -Sub Task()  -Const adOpenStatic = 3 -Const adLockPessimistic = 2  -Dim cnnSQL -Dim rstSQL -Dim I -Dim sFilespec, sPath, sFile  -' CONNECT TO THE DATABASE -' **** NOTE ***** -' Set Uid and pwd to username and password -' OR set both to blank for trusted connections  -Set cnnSQL = CreateObject("ADODB.Connection") -cnnSQL.Open "Driver={SQL Server};" & _  -"Server=" & Query.Host & ";" & _ -"Database=Master;" & _ -"Uid=SA;" & _  -"Pwd=" -Set rstSQL = CreateObject("ADODB.Recordset") -rstSQL.Open "SELECT dbid, name, filename FROM sysdatabases;", cnnSQL, _ -adOpenStatic, adLockPessimistic  -' AS LONG AS RECORDS CAME BACK, PROCEED TO CAPTURE DATABASE INFO  -If NOT(rstSQL.EOF) Then -Query.ResultRows=rstSQL.RecordCount -rstSQL.MoveFirst -For i=0 to Query.ResultRows-1 -Query.ResultRow=i -Query.ResultData("DbId")=rstSQL.Fields("dbid") -Query.ResultData("Name")=rstSQL.Fields("name") -sFilespec=rstSQL.Fields("filename") -SplitPath sFileSpec, sPath, sFile -Query.ResultData("Path")=sPath  -'GET DB SIZE  -iSize=GetFileSize(Query.Host, sPath, sFile) -Query.ResultData("Size")=iSize  -'MOVE TO NEXT DB -rstSQL.MoveNext  -Next  -End If  -' CLEAN UP  -rstSQL.Close -Set rstSQL = Nothing  -cnnSQL.Close -Set cnnSQL = Nothing  -End Sub  -'---------------------------------------------------------------------  -Function GetFileSize (sHost, sPath, sFile)  -sFile=Chr(34) & sFile & Chr(34) -sPath=Chr(34) & sPath & Chr(34) -WorkingQuery.Reset -WorkingQuery.Host=Query.Host -WorkingQuery.Source="FILE" -sQueryPath="Type=FILEPATH?FilePath=" & sPath & _ -"?Target=FILES?FileSpec=" & sFile & _ -"?SubFolders=FALSE?GroupSize=FALSE?Units=Mb" -WorkingQuery.Paths1 -WorkingQuery.Path(0)=sQueryPath -WorkingQuery.AddProperty("NAME=Size,DATATYPE=NUMERIC,VALUE=") -WorkingQuery.Execute -WorkingQuery.ResultRow=0  -GetFileSize=WorkingQuery.ResultData("Size")  -End Function  -'---------------------------------------------------------------------  -Sub SplitPath(sFileSpec, ByRef sPath, ByRef sFile) -Dim iPos -If sFileSpec<>"" then -iPos=instrRev(sFileSpec,"\") -sPath=mid(sFileSpec,1,iPos-1) -sFile=mid(sFileSpec,iPos+1) -End If -End Sub -'--------------------------------------------------------------------- - -``` - -# Script Methods and Properties - -The Query and Working Query objects support the following methods and properties. - -## Supported Methods - -| Methods | Description | -| -------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Execute | Executes the object query. Use this to perform the query after setting the source, path, and properties. | -| Reset | Resets the object’s properties to their original values. Use this if the source, path, or properties have been modified, but the original values are desired. | -| AddProperty (attributes : string) | Adds a property to the query. Using the following format: `NAME=;COLUMN=;VALUE=;DATATYPE=;SIZE=;KEY=` | -| DeleteProperty (propertyname : string) | Removes a property from a query. | - -## Supported Properties - -| Pproperties | Description | -| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Host : string | Sets or retrieves the current host | -| Source : string | Sets or retrieves the data source | -| Path : sting | Sets or retrieves the path | -| Paths : integer | Sets or retrieves the current path for multi-path tasks | -| ResultData (Property : string) : Variant | Sets or retrieves the value for the property specified | -| ResultData (PropertyIndex : integer) : Variant | Sets ResultRow to the desired row before accessing this property | -| ResultRow : integer | Sets or retrieves the current row. For non-enumerated tasks, ResultRow will always be 0. | -| ResultRows : integer | Sets or returns the count of rows. Use this to determine the number of rows returned after an enumerated task is executed. Set this property to create a multi-row return value. | -| Message (index : integer, type : string) | Sets or returns a message in the indicated position. Use MessageCount to determine the number of messages. These messages appear in the job MessageLog. | - -# Script Data Collector - -The Script Data Collector provides VB Script exit from Enterprise Auditor. Static queries are -sometimes inadequate for demanding auditing tasks. The Script Data Collector provides a means to add -a custom script to a query. Enterprise Auditor implements Microsoft Visual Basic Script (VB Script) -with extensions that provide script writers the ability to interface directly with Enterprise -Auditor. - -The following examples describe situations where using a script may be useful: - -- Conversions – One of the most frequent uses of a scriptis for converting a value from one thing to - another, for example `build1230` to `at risk`. See the - [Script Example 1: Conversion of Data](/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md) - topic for additional information. -- Compound Queries – This is a query that cannot be performed using a single query. See the - [Script Example 2: Command Query](/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md) - topic for additional information. -- Interfacing with External Systems – This is a query that requires access to external data. For - example, the query needs to access a corporate database to obtain a location code. - -The Script Data Collector is a core component of Enterprise Auditor, but it has been preconfigured -within the Windows Solution. While the data collector is available with all Enterprise Auditor -license options, the Windows Solution is only available with a special Enterprise Auditor license. -See the -[Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) -topic for additional information. - -Protocols - -- VB Script - -Ports - -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group -- Member of the Domain Administrators group (if targeting domain controllers) - -# Script Properties - -The Data Source tab is used to select the data collector to be used. The configurable options are: - -- Source – Used to select data collector -- Path – Displays the returned path from the data collector - - **CAUTION:** Editing the path is considered an advanced operation. Entering an incorrect value - may render the query inoperable. - - - The path is used to identify the selection from within the data collector. The path - essentially tells the data collector where the data is and depending on the data collector, - may define selected options. It is sometimes convenient to edit the path manually. - - For example: If defining a file system query using the File System Data Collector, the path - would automatically be filled in with the selected details. A minor change like changing the - file location can be done manually by editing the path. - -- Properties – As the Path is used to define where the target data is, the properties are used to - define what data is desired. Each property has a series of attributes including: - - - Name – Identifies the target data. Modifying this affects what data the data collector - returns. - - Column – Specifies the column name within the result data. Use this to specify the column name - that will be used within the report output. This is set by default to match the **Name** - attribute. - - DataType – Used to determine the format of the data for reporting purposes. It affects sorting - order and the ability to graph content. In some cases, the data collector is unable to - determine the correct data type for the returned data. - - **CAUTION:** Setting this value manually to an incorrect data type may render your results - invalid and inaccessible by Enterprise Auditor. - - - For example: Querying the registry for a value stored as **REG_SZ** returns a string, as - **REG_SZ** is a string type in the registry. However, sometimes numbers are recorded in - **REG_SZ** entries. If you determine that the content returned could always be interpreted as - numeric, you could override the default `STRING` value and set it to `NUMERIC`. This provides - proper sorting and charting ability. - -- Size – Used to determine the width of the field used to hold String data. Setting the size smaller - than the actual returned data will cause Enterprise Auditor to truncate the data in the view. - However, the actual stored data in the result table will contain the full result. -- Value – Reserved for internal use -- Key – Used to identify a key property. A key property is used to identify the property that - contains a unique value for enumerated tasks. A Key value is required for Change Detection and - Conformance Management on enumerated tasks. To identify a property that uniquely identifies each - row, set the Key attribute to `YES`. - -## Adding and Removing Properties Manually - -Although the property list is automatically populated by the data collectors, additional properties -may be added manually. Doing so allocates storage within Enterprise Auditor during data collection -and creates corresponding columns in the output table. Use a script to reference and populate these -properties. - -![Properties on the Query Properties window](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/properties.webp) - -To add properties manually, click the plus (**+**) button at the bottom of the property window. To -remove properties, click the minus (-) button. - -# Script Reference - -Enterprise Auditor provides extensions to standard Visual Basic Script. These extensions allow -access to and manipulation of task data, in addition to invoking queries. They are implemented -through two objects. - -Query Object - -The Query object provides access to the current query configuration and data. Use this to examine -the results of a query or to manipulate the query before it is executed. Changing properties of this -object will change the way the task is executed by Enterprise Auditor. - -Working Query Object - -The Working Query object is identical to the Query object. This object supports the same methods and -properties as the Query object but its properties and methods do not access the current query. Think -of this object as allowing the ability to create a task on the fly. Use this object to perform -queries, while leaving the original task undisturbed. This is valuable when performing compound -queries isneeded. See the -[Script Example 2: Command Query](/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md) -topic for additional information. - -# Run a Stand-Alone Script - -Some situations require a script to be used exclusively without defining a data source. The Query -Properties window provides the ability to add and run a script. - -Follow the steps to add a script. - -**Step 1 –** Go to the job's **Configure** node and select **Queries**. - -**Step 2 –** Click **Create Query** to open the Query Properties window. - -**Step 3 –** Select the **Data Source** tab, and select **SCRIPT** in the Data Collector drop-down -menu. - -![Query Properties window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/querypropertiesstandalone.webp) - -**Step 4 –** Click **Configure** or the **Browse Data Source** button to open the VBScript Editor -page and add the script to run. - -See the -[VBScript Editor](/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md b/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md deleted file mode 100644 index 32fde8a1c3..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md +++ /dev/null @@ -1,372 +0,0 @@ -# NoSQL: Category - -The Category page in the NoSQL Data Collector Wizard lists the following query categories, -sub-divided by auditing focus: - -![NoSQL Data Collector Wizard Category Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The query categories are: - -- Sensitive Data - - - Sensitive Data Collection – Scan databases for sensitive data - - - The Sensitive Data category options require the Sensitive Data Discovery Add-on to be - installed on the Enterprise Auditor Console before the NoSQL Data Collector can collect - sensitive data. See the - [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) - topic for additional information. - -- MongoDB - - - Utilities - - - Remove Storage Tables — Removes the tables created for the MongoDB Data Collector - - - Database Sizing - - - Database Sizing — Determines MongoDB database size - -- NoSQL - - - NoSQL Utilities - - - Remove NoSQL Storage Tables — All connection related and filter data will be removed for - NoSQL databases - -# NoSQL Custom Connection Profile & Host List - -The NoSQL Data Collector requires a custom connection profile and host list. - -## Connection Profile - -The credential used for MongoDB Server auditing can be either an Active Directory account or a SQL -account. Create a Connection Profile and set the following information on the User Credentials -window. - -Active Directory - -For an Active Directory account, set the following on the User Credentials window: - -- Select Account Type – Active Directory Account -- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain - name in the textbox or select a domain from the menu. -- User name – Type the user name -- Password Storage – Choose the option for credential password storage: - - - Application – Uses the configured Profile Security setting as selected at the **Settings** > - **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information. - - CyberArk – Uses the CyberArk Enterprise Password Vault. See the - [CyberArk Integration](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information. The password fields do not apply for CyberArk password - storage. - -- Password – Type the password -- Confirm – Re-type the password - -SQL - -For a SQL account, set the following on the User Credentials window: - -- Select Account Type – SQL Authentication -- User name – Enter user name -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Password – Type the password -- Confirm – Re-type the password - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -and -[Application](/docs/accessanalyzer/11.6/administration/settings/application.md) -topics for additional information. - -## Host List - -Jobs using the NoSQL Data Collector must create a host list with the servers containing the target -databases. Setup the list of MongoDB hosts that needs to be monitored. Be sure to use a specific -host name (if forcing the connection to a secondary host) or just the cluster name if connecting to -the cluster. See the -[Host Management](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information. - -Additionally, the database clusters / instances must be added to the Filter page in the query -configuration. See the -[NoSQL: Filter](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -topic for additional information. - -# NoSQL: Criteria - -The Criteria page is where the criteria to be used for discovering sensitive data is configured. It -is a wizard page for the category of Sensitive Data Collection. - -This page requires the Sensitive Data Discovery Add-On to be installed on the Enterprise Auditor -Console to define the criteria and enable the Criteria Editor. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -![NoSQL Data Collector Wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The options on the Criteria page are: - -- Use Global Criteria Selection – Select this option to inherit sensitive data criteria settings - from the **Settings** > **Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for - - - Select All – Click **Select All** to enable all sensitive data criteria for scanning - - Clear All – Click **Clear All** to remove all selections from the table - - Select the checkboxes next to the sensitive data criteria options to enable it to be scanned - for during job execution - -The table contains the following types of criteria: - -**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System -Criteria and User Criteria nodes are visible in the table. - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit - user-defined criteria. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information. - -**NOTE:** Adding unnecessary criteria can adversely impact the scanner performance and can cause the -scanning job to take a long time. If performance is adversely affected, revisit the sensitive data -scanning criteria and remove criteria that is not required. - -# NoSQL: Filter - -The Filter page is where the query can be scoped to target specific databases or instances. It is a -wizard page for the Sensitive Data Collection category. - -It is necessary to populate the available Mongo databases/instances before the query can be scoped. -See the [Manage Connections Window](#manage-connections-window) topic for additional information. - -![NoSQL Data Collector Wizard Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -The Filter page has the following buttons: - -- Connections — Opens the Manage Connections window to add or modify database instances. See the - [Manage Connections Window](#manage-connections-window) topic for additional information. -- Retrieve — Click to populate the Server pane with the database instances added in the Manage - Connections window -- Validate Selections — Validate the include /exclude filters shown in the Selections pane -- Find — Select an item in the Servers list and click find to search for any objects that match the - search string -- Save — Click to save the selected filters -- Orientation — Alternate between a vertical and horizontal split - -The configurable filter options are: - -- Servers — Displays known databases and instances for query scoping. Click **Retrieve** to - populate. Right click to open context menu: - - - Exclude — Excludes selected databases/instances and displays them in red - - Include — Reverts an exclusion. By default, all sub tables are included. - - Build Pattern — Opens the Build Pattern dialogue to build a custom filter to be applied to the - selected database objects. See the [Build or Edit Pattern](#build-or-edit-pattern) topic for - additional information. - -- Selections — Displays selected database objects for which the query has been scoped. Right click - to open context menu: - - - Remove Pattern — Selected database/instance will be removed from the query - - Edit Pattern — Opens the Edit Pattern dialogue with the following options (See the - [Build or Edit Pattern](#build-or-edit-pattern) topic for additional information): - - - Exclude — Excludes selected databases/instances and displays them in red - - Include — Reverts an exclusion. By default, all sub tables are included. - - Pattern — Build a custom filter to be applied to the selected database objects - -## Manage Connections Window - -The Manage Connections window enables users to add MongoDB database instances to search for -sensitive data. Click **Connections** to open the window. - -![Manage Connections window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/manageconnections.webp) - -The Manage Connections table lists the previously added database instances and their attributes. - -Select a row in the table to edit that instance, or create a new instance to add to the table. For -additional information on how to connect to a MongoDB database, see the MongoDB -[Get Connection String](https://docs.mongodb.com/guides/server/drivers/) article. - -- Is Active — Select the checkbox to include the database on the Servers Pane on the Filter page -- Server Label — The name of the server -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the database. The default port is 27017. If a non-default port is - being used, it should be specified in the Port Number section. -- Auth Database — The database used for authorization. Typically it is the **admin** database. -- Read Preference — Read preference describes how MongoDB clients route read operations to the - members of a replica set by default, an application directs its read operations to the primary - member in a replica set (that is, read preference mode **primary**). Howevert, clients can specify - a read preference to send read operations to secondaries. Click the link for additional - information. -- Mongo SRV — Specifies that the information entered is for clusters or shards - -In the Manage Connections table, the following information is also listed: - -- Was Inspected — Indicates whether information for a connection was validated. **Y** indicates the - information has been validated. **N** indicates the information has not been validated. -- Last Inspected — Indicates the date and time of when the connection information was last - inspected. If blank, the connection information has not yet been validated. -- Enable Impersonation – Impersonation does not apply to MongoDB and this column will be blank. - -The Manage Connections window has the following buttons: - -- Test Connection — Click to verify the connection to the database with the connection profile - applied to the job group -- Edit Connection — Click to edit information for the selected connection -- Delete Connection — Click to delete the selected connection -- Create New — Click to create a new connection - -#### Build or Edit Pattern - -The Build / Edit Pattern window enables users to apply a custom scoping filter to the query. - -![Edit Existing Pattern window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/editpattern.webp) - -The Build / Edit Pattern window has the following features: - -- Selected Location — The location within the database / collection -- Exclude — Excludes selected database / instances and displays them in red -- Include — Reverts an exclusion. By default, all sub tables are included. -- Pattern — Build a custom filter to be applied to the selected database objects - - **NOTE:** Color-coding indicating Excluded and Included objects does not display until after a - selection is validated using the **Validate Selections** button on the Filter page. - -# NoSQL: Options - -Use the Sensitive Data Scan Settings (Options) page to configure additional settings for the -sensitive data scan. It is a wizard page for the Sensitive Data Collection category. - -![NoSQL Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -The sensitive data scan settings are: - -Scan Options - -- Data Settings: - - - Scan all documents for sensitive data — Scan all the documents in a collection in the targeted - database or cluster - - Limit of documents to scan — Scan limited number of documents in each database or cluster. - This option is ideal when discovering sensitive data and has minimal impact on the MongoDB - cluster performance. However, if the Subject Profile Request feature is being leveraged, then - all the documents in all the database or cluster need to be scanned. - - Scan documents randomly — Enterprise Auditor requests a set of documents from each database - when scanning for sensitive data. The database engine does not return random data from a - collection. Instead, Enterprise Auditor returns sequential documents in a collection. In order - to ensure a statistical discrete uniform distribution of data being scanned, this option can - be selected. When selected, the Enterprise Auditor sensitive data scanner requests randomized - documents from each collection in all the targeted databases. - -- Scan database names for sensitive data – Scans database names for sensitive data if the database - names are included as part of the keyword list in the scanning criteria -- Scan collection names for sensitive data – Scans collection names within the database for - sensitive data if the collection names are included as part of the keyword list in the scanning - criteria - -DLP Options - -- Store discovered sensitive data – Stores potentially sensitive data in the Enterprise Auditor - database. Any sampled sensitive data discovered based on the matched criteria is stored in the - Enterprise Auditor database. This functionality can be disabled by clearing this checkbox. - - **NOTE:** The **Store discovered sensitive data** option is required to view Content Audit - reports in the Access Information Center for MongoDB data. - - **CAUTION:** Changing scan options, criteria, or filters when resuming a scan may prevent the - scan from resuming properly. - -- Resume scan from last point on error — Resumes scan from where the previous scan left off when the - scan was stopped as a result of an error - -_Remember,_ the Sensitive Data Discovery Add-on is required to use the sensitive data collection -option. - -# NoSQL Data Collector - -The NoSQL Data Collector for MongoDB provides information on MongoDB Cluster configuration, limited -user permissions, scans collections for sensitive data, and identifies who has access to sensitive -data. It also supports the execution of custom queries against all targeted MongoDB cluster nodes. - -The NoSQL Data Collector has been preconfigured within the MongoDB Solution. Both this data -collector and the solution are available with a special Enterprise Auditor license. See the -[MongoDB Solution](/docs/accessanalyzer/11.6/solutions/databases/mongodb-analysis.md) -topic for additional information. - -Protocols - -- TCP/IP - -Ports - -- MongoDB Cluster -- Default port is 27017 (A custom port can be configured) - -Permissions - -- Read Only access to ALL databases in the MongoDB Cluster including: - - - Admin databases - - Config databases - - Local databases - -- Read Only access to any user databases is required for sensitive data discovery -- Read access to NOSQL instance -- Read access to MongoDB instance -- Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target - NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard - page - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -## NoSQL Query Configuration - -The NoSQL Data Collector is configured through the NoSQL Data Collector Wizard. The wizard contains -the following pages, which change based upon the query category selected: - -- [NoSQL: Category](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -- [NoSQL: Options](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -- [NoSQL: Criteria](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -- [NoSQL: Filter](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -- [NoSQL: Results](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -- [NoSQL: Summary](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) - -# NoSQL: Results - -The Results page is where the properties that will be gathered are selected. It is a wizard page for -all of the categories. - -![NoSQL Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually, or the **Select All**, **Clear All**, and **Reset to -Defaults** buttons can be used. All selected properties are gathered. Available properties vary -based on the category selected. - -# NoSQL: Summary - -The Summary page is where the configuration settings are summarized. It is a wizard page for all of -the categories. - -![NoSQL Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the NoSQL Data Collector Wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md b/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md deleted file mode 100644 index b92ccf0117..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md +++ /dev/null @@ -1,718 +0,0 @@ -# SQL: Category - -The Category page in the SQL Data Collector Wizard lists the available query categories, sub-divided -by auditing focus. - -![SQL Data Collector Wizard Category Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The query categories are: - -- Permissions - - - Permissions Collection – Gather permissions on server and database objects - -- Server Audits - - - Server Audits Events Collection – Gather events from SQL server audits - -- Sensitive Data - - - Sensitive Data Collection – Scan databases for sensitive data - - **NOTE:** The Sensitive Data category options require the Sensitive Data Discovery Add-on to - have been installed on the Enterprise Auditor Console before the SQL Data Collector can collect - sensitive data. See the - [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) - topic for additional information. - -- Microsoft SQL Server - - - Discovery - - - Enumerate Network – Enumerate local network for browsable SQL server instances visible to - the storage host - - - Custom SQL Query - - - Custom Query – Run a custom SQL query against a SQL database - - - Infrastructure - - - Server Properties – Information about the server - - Configuration Properties – Information about server configuration - - Version Information – Version information about Microsoft SQL server - - File Groups – File group information - - Files – File information - - Database Information – Information about databases - - - Operations - - - Database Without Backups – List of all databases without backups - - Latest Week Backups – List of latest week database backups - - - Utilities - - - Remove Storage Tables – Removes the tables created and used by the SQL server data - collector - - - Legacy Queries - - - Server Principles – Data for every server level principal - - Database Principles – Data for every database level principal - - Server Permissions – Data about server permissions - - Database Permissions – Data about database permissions - - Server Roles – Data about server roles - - Database Roles – Data about database roles - - System Objects – Data about system objects - - Object Collection – Collects SQL server objects - -- Oracle - - - Custom Oracle Query - - - Custom Oracle Query – Run a custom SQL query against an Oracle container - - - Infrastructure - - - Version Information – Version information about the Oracle database - - File Group Information – Information about file groups and tablespaces - - Data File Information – Information about data files - - Database Information – Information about database configurations - - Initialization Parameter Information – Information about initialization parameters - - System Parameter Information – Information about system parameters - - Container Information – Information about the containers of the databases, both root and - pluggable - - Pluggable Databases History – View of the pluggable databases (PBD) history - - Database Instance Information – Shows information about the current instance of the - database - - Free Space in Tablespaces – Describes the free extents in all tablespaces in the database - - - Operations - - - Latest Week Backup – Information about the latest week backup - - Oldest and Newest Backup – Information about the oldest and the most recent backups - - Database File Without Backup – Indicates file names of the files that are not present in - the RMAN backup - - - Utilities - - - Remove Storage Tables – Removes the tables created and used by the Oracle Data Collector - -- Azure SQL - - - Discovery - - - Enumerate Azure SQL Instances – Enumerate Azure SQL instances and Azure resources - - - Utilities - - - Remove Storage tables – Removes the tables created and used by Azure SQL Discovery - -- MySQL - - - Custom MySQL Query - - - Custom Query – Run a custom SQL query against a SQL database - - - Utilities - - - Remove Storage Tables – Removes tables created for MySQL Data Collector - -- PostgreSQL - - - Custom PostgreSQL Query - - - Custom Query – Run a custom SQL query against a SQL database - - - Utilities - - - Remove Storage Tables – Removes tables created for PostgreSQL Data Collector - -- Db2LUW - - - Custom Db2LUW Query - - - Custom Query – Run a custom SQL query against a SQL database - - - Utilities - - - Remove Storage Tables – Removes tables created for Db2LUW Data Collector - - - Db2LUW Permissions Scan - - - Db2LUW Permissions Scan – Collect permissions from the targeted instances - -- Utilities - - - Remove Storage Data – Removes stored data for specific instances on a specific host - -# SQL Custom Connection Profile & Default Dynamic Host List - -The SQL Data Collector requires a custom Connection Profile and Host List. The **SQL SERVERS** -default host list can be used with this data collector for the SQL Solution. The host inventory -option during host list creation makes it necessary to configure the Connection Profile first. - -## Connection Profile - -Create a Connection Profile and set the following information on the User Credentials window. - -- For an Active Directory account: - - - Select Account Type – Active Directory Account - - Domain – Drop-down menu with available trusted domains will appear. Either type the short - domain name in the textbox or select a domain from the menu. - - User name – Type the user name - - Password Storage – Choose the desired option for credential password storage: - - - Application – Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information. - - CyberArk – Uses the CyberArk Enterprise Password Vault. See the - [CyberArk Integration](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information. The password fields do not apply for CyberArk password - storage. - - - Password – Type the password - - Confirm – Re-type the password - -- For a SQL account: - - - Select Account Type – SQL Authentication - - User name – Enter user name - - Password Storage – Application (Uses the configured Profile Security setting as selected at - the **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) - - Password – Type the password - - Confirm – Re-type the password - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -## Host List - -The required host list depends on the database that the SQL data collector is being used for. - -### Default Dynamic Host List (SQL) - -Jobs using the SQL Data Collector can use the SQL Servers default host list. This is a dynamic host -list that is populated from hosts in the Host Master Table which meet the host inventory criteria -for the list, `IsSQLServer = True`. Since the SQL Servers host list is default, it is available to -jobs and job groups for host assignment. See the -[Host Management](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information. - -### Oracle / MySQL / PostgreSQL / Db2 - -Jobs in the Oracle, MySQL, Postgre SQL, or Db2 solution using the SQL Data Collector must be -configured to query a host list with the servers containing the target databases. Setup the list of -hosts that needs to be monitored. Be sure to use a specific host name (if forcing the connection to -a secondary host) or just the server name if connecting to the server. See the -[Host Management](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information. - -Additionally, the database instances must be added to the Filter page in the query configuration. -See the -[SQL: Filter](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -topic for additional information. - -# SQL: Criteria - -The Criteria page is where criteria to be used for discovering sensitive data are configured. It is -a wizard page for the Sensitive Data Collection category. - -This page requires the Sensitive Data Discovery Add-On to be installed on the Enterprise Auditor -Console to define the criteria and enable the Criteria Editor. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -![SQL Data Collector Wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The options on the Criteria page are: - -- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings - from the **Settings > Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for - - - Select All– Click **Select All** to enable all sensitive data criteria for scanning - - Clear All – Click **Clear All** to remove all selections from the table - - Select the checkboxes next to the sensitive data criteria options to enable it to be scanned - for during job execution - -The table contains the following types of criteria: - -**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System -Criteria and User Criteria nodes are visible in the table. - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in the **Settings > Sensitive Data** to create and edit - user-defined criteria. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information. - -**NOTE:** Adding unnecessary criteria can adversely impact the scanner performance and can cause the -scanning job to take a long time. If performance is adversely affected, revisit the sensitive data -scanning criteria and remove criteria that is not required. - -# SQL: Custom Oracle Query - -The Custom Query page for a Custom Oracle Query contains the same options as the Custom Query page -for a custom SQL query, with the addition of the **Convert CDB to DBA on non-container databases** -checkbox. It is a wizard page for the Custom Oracle Query category. - -![SQL Data Collector Wizard Custom Query page for a Custom Oracle Query](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/customqueryoracle.webp) - -The configurable options are: - -- Test Database: - - - Data Source – Select the host\instance from the drop-down menu - - Database – Select the database from the drop-down menu - - - Convert CDB to DBA on non-container databases - -- SQL Query textbox – Enter the custom SQL script -- Validate Query – Click to test the query, results display in the box -- Row limit – Enter a number to limit the rows the query is tested on - -# SQL: Custom SQL Query - -The Custom Query page for a Custom SQL Query contains the following configuration options. It is a -wizard page for the following categories: - -- Custom MySQL Query -- Custom PostgreSQL Query -- Custom SQL Query -- Custom Db2LUW Query - -![SQL Data Collector Wizard Custom SQL Query Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/customsqlquery.webp) - -The configurable options are: - -- Test Database: - - - Data Source – Select the host\instance from the drop-down menu - - Database – Select the database from the drop-down menu - -- SQL Query textbox – Enter the custom SQL script -- Validate Query – Click to test the query, results display in the box -- Row limit – Enter a number to limit the rows the query is tested on - -# SQL: Filter - -The Filter page is where the query can be scoped to target specific databases or instances. It is a -wizard page for the categories of: - -- Permissions > Permissions Collection -- Server Audits > Server Audit Events Collection -- Sensitive Data > Sensitive Data Collection -- Microsoft SQL Server: - - - Discovery - - Custom SQL Query - - Infrastructure - - Operations - - Utilities > Remove Storage Tables - - Legacy Queries - -- Oracle: - - - Custom Oracle Query - - Infrastructure - - Operations - - Utilities > Remove Storage Tables - -- MySQL: - - - Custom MySQL Query - - Utilities > Remove Storage Tables - -- PostgreSQL: - - - Custom PostgreSQL Query - - Utilities > Remove Storage Tables - -- Db2LUW: - - - Custom Db2LUW Query - - Utilities > Remove Storage Tables - - Db2LUW Permissions Scan - -- Utilities – Remove Storage Data - -It is necessary for the SA_SQL_Instances table to be populated before available databases/instances -can populate the Available Server audits list. For Oracle and SQL, the SA_SQL_Instances table is -populated through an instance discovery query. See the -[0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) -topic for additional information. For PostgreSQL and MySQL Scans, the SA_SQL_Instances table is -populated manually in the Manage Connections window. See the -[Manage Connections Window](#manage-connections-window) topic for additional information. Once the -table has been populated, a query can be scoped. - -![SQL Data Collector Wizard Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -The configurable filter options are: - -- Connections — Opens the Manage Connections window to add or modify database instances. See the - [Manage Connections Window](#manage-connections-window) topic for additional information. -- Filter options - - - All database objects — No scoping - - Only select database objects — Scope to specific databases - - - Click **Retrieve** to display available server audits - -- Available database objects — Displays known databases and instances for query scoping - - - Select from the available list and click **Add** - -- Selected databases or instances — Displays selected database objects for which the query has been - scoped. Additional options include: - - - Remove — Removes the selected database/instance from the query - - Include — Reverts an exclusion. By default, all sub tables are included. - - Exclude — Excludes selected databases/instances and displays them in red - - Add Custom Filter — Opens the Add custom filter window to build a custom filter to be applied - to the selected databases/instances. See the - [Add Custom Filter Window](#add-custom-filter-window) topic for additional information. - - Import CSV — Import a list of databases/instances from a CSV file - - Export CSV — Exports the list of databases/instance to a CSV file through the Save As window - -## Manage Connections Window - -The Manage Connections window enables you to add database instances to search. Click the -**Connections** button to open it. - -![Manage Connections window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/manageconnections.webp) - -The Manage Connections table lists the previously added database instances and their attributes. -Select a row in the table to edit that instance, or create a new instance to add to the table: - -- Is Active — Select the checkbox to include the database on the Servers Pane on the Filter page -- Instance Label — The name of the server -- Database System — Select from a list of available databases -- Service Name — Name of the service -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the database. If a non-default port is being used, it should be - specified in the Port Number section. -- Default Database — Account used to access the database. Admin is recommended. -- Enable impersonation — Select to enable impersonation -- Service Type— If applicable, select whether the service type is **Service** or **SID** - -In the Manage Connections Table, the following information is also listed: - -- Was Inspected — Indicates whether information for a connection was validated. **Y** indicates the - information has been validated. **N** indicates the information has not been validated. -- Last Inspected — Indicates the date and time of when the connection information was last - inspected. If blank, the connection information has not yet been validated. - -The Manage Connections window has the following buttons: - -- Test Connection — Click to verify the connection to the database with the connection profile - applied to the job group -- Edit Connection — Click to edit information for the selected connection -- Delete Connection — Click to delete the selected connection -- Create New — Click to create a new connection - -#### Add Custom Filter Window - -The Add custom filter window opens from the Filter page of the SQL Data Collector Wizard. It enables -you to apply a custom scoping filter to the query. - -![Add custom filter window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/addcustomfilter.webp) - -Type the filter in the window and click Save. The following characters can be used in the filter: - -- Forward slash (/) – Path separator -- Asterisk (\*) – Wild card for any combination of characters -- Question mark (?) – Wild card for a single character - -Use the following format to add a custom filter for a server: - -- SQL: - - [SQL Server Name]/[Host or IP Address]/[Database Name]/[TableName] - -- Oracle: - - [Oracle Server Name]/[Host or IP Address]/[Container Name]/[Schema]/[Table Name] - -- Azure SQL: - - [Azure SQL Server Name]/[Host or IP Address]/[Database Name]/[Table Name] - -- MySQL: - - [MySQL Server Name]/[Host or IP Address]/[DastabaseName]/[TableName] - -- PostgreSQL: - - [PostgreSQL Server Name]/[Host or IP Address]/[DastabaseName]/[Schema]/[TableName] - -- Db2: - - [Db2LUW Server Name]/[Host or IP Address]/[DastabaseName]/[TableName] - -# SQL: Options - -Use the Options page to configure additional settings. The contents of the page vary according to -the category selected. The Options page is a wizard page for the categories of: - -- Server Audits -- Sensitive Data - -## Server Audits - -Use the Options page to specify collection options to use when gathering server audits. This is a -page for the Server Audits Events Collection category. - -![SQL Data Collector Wizard Options page for Server Audit](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/optionsserveraudits.webp) - -The scan options are: - -- Collect only events since last scan – Differential scanning -- Process each audit file individually -- Number of days you want to keep events in the database – Data retention period, set to 15 days by - default -- Collection Method – Choose a collection method: - - - Collect audits by name - - Collect audits by path - -## Sensitive Data - -Use the Sensitive Data Scan Settings (Options) page to specify collection options to use when -gathering server audits. This is a page for the Sensitive Data Collection category. - -![SQL Data Collector Wizard Options page for Sensitive Data](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/optionssensitivedata.webp) - -The sensitive data scan settings are: - -Scan Options - -- Scan tables for sensitive data – Scans the tables within the database for sensitive data - - - The Oracle default is set for optimal performance for a high-level scan of only tables - -- Scan views for sensitive data – Scans views for sensitive data - -Data Settings - -- Scan individual columns for sensitive data – Scans individual columns within the database for - sensitive data -- Scan full rows for sensitive data – Scans full rows within the database for sensitive data -- Scan all rows for sensitive data – Scans all rows within the database for sensitive data -- Limit rows to scan – Select the number of rows to scan for sensitive data. Select the **Use random - sampling** checkbox to enable random sampling for checking for sensitive data. - -Meta Data Options - -- Scan database names for sensitive data – Scans database names for sensitive data if the database - names are included as part of the keyword list in the scanning criteria -- Scan table names for sensitive data – Scans table names within the database for sensitive data if - the table names are included as part of the keyword list in the scanning criteria -- Scan column names for sensitive data – Scans column names within the database for sensitive data. - This scans all column names of every table for sensitive data if the column names are included as - part of the keyword list in the scanning criteria. - -Large Data Type Options - -- Included binary data types (BLOB, NLOB, LONGRAW, VARBINARY) – Select to include the listed binary - data types -- Include character data types (NCLOB, CLOB, LONG) – Select to include the listed character data - types - -SDD Options - -- Store discovered sensitive data – Stores potentially sensitive data in the Enterprise Auditor - database. Any sampled sensitive data discovered based on the matched criteria is stored in the - Enterprise Auditor database. This functionality can be disabled by clearing this option. - - **NOTE:** The **Store discovered sensitive data** option is required to view Content Audit - reports in the Access Information Center for SQL data. - - **CAUTION:** Changing scan options, criteria, or filters when resuming a scan may prevent the - can from resuming properly. - -- Resume scan from last point on error – Resumes scan from where the previous scan left off when the - previous scan was stopped as a result of an error - -_Remember,_ the Sensitive Data Discovery Add-on is required to use the sensitive data collection -option. - -# SQL Data Collector - -The SQL Data Collector provides information on database configuration, permissions, data extraction, -application name of the application responsible for activity events, an IP Address or Host name of -the client server, and sensitive data reports. This data collector also provides information on -Oracle databases including infrastructure and operations. - -The SQL Data Collector has been preconfigured within the Database data collection jobs for Db2, -MySQL, Oracle, PostgreSQL, Redshift, and SQL Server databases. Both this data collector and the -Database Solution are available with a special Enterprise Auditor license. See the following topics -for additional information: - -- [Db2 Solution](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) -- [MySQL Solution](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md) -- [PostgreSQL Solution](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md) -- [Oracle Solution](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) -- [Redshift Solution](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) -- [SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - -Protocols - -TCP - -Ports - -For Db2: - -- Specified by Instances table (default is 5000) - -For MySQL: - -- Specified by Instances table (default is 3306) - -For Oracle: - -- Specified by Instances table (default is 1521) - -For PostgreSQL: - -- Specified by Instances table (default is 5432) - -For SQL: - -- Specified by Instances table (default is 1433) - -Permissions - -For MySQL: - -- Read access to MySQL instance to include all databases contained within each instance -- Windows Only — Domain Admin or Local Admin privilege - -For Oracle: - -- User with SYSDBA role -- Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or - Unix operating systems - -For PostgreSQL: - -- Read access to all the databases in PostgreSQL cluster or instance -- Windows Only — Domain Admin or Local Admin privilege - -For Redshift: - -- Read-access to the following tables: - - - pg_tables - - pg_user - -For SQL: - -- For Instance Discovery, local rights on the target SQL Servers: - - - Local group membership to Remote Management Users - - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` - -- For permissions for data collection: - - - Read access to SQL instance - - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the - target SQL instance(s) when using the **Scan full rows for sensitive data** option on the - Options wizard page - - Grant Authenticate Server to [DOMAIN\USER] - - Grant Connect SQL to [DOMAIN\USER] - - Grant View any database to [DOMAIN\USER] - - Grant View any definition to [DOMAIN\USER] - - Grant View server state to [DOMAIN\USER] - - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) - -See the -[Azure SQL Auditing Configuration](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic and the -[AzureSQL Target Least Privilege Model](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -## SQL Query Configuration - -The SQL Data Collector is configured through the SQL Data Collector Wizard. The wizard contains the -following pages, which change based upon the query category selected: - -**NOTE:** The SQL Data Collector is used in multiple Enterprise Auditor Solutions, and the query -categories used are dependent on the solution. - -- [SQL: Category](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -- [SQL: Options](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -- [SQL: Criteria](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -- [SQL: Filter](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -- [SQL: Settings](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -- [SQL: Custom SQL Query](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -- [SQL: Custom Oracle Query](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -- [SQL: Results](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -- [SQL: Rowkey](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -- [SQL: Summary](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) - -# SQL: Results - -The Results page is where the properties that will be gathered are selected. It is a wizard page for -all of the categories. - -![SQL Data Collector Wizard Results Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually, or the **Select All** and **Clear All** buttons can be -used. All selected properties are gathered. Available properties vary based on the category -selected. - -# SQL: Rowkey - -The Rowkey page configures the Rowkey for the SQL query. It is a wizard page for the Custom Query -categories. - -![SQL Data Collector Wizard Rowkey Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/rowkey.webp) - -Properties selected on the Results page are listed. Select the property or properties to act as the -Rowkey. Properties can be selected individually, or the **Select All** and **Clear All** buttons can -be used. - -# SQL: Settings - -The Settings page configures the removal of data from the Enterprise Auditor database for specific -instances. It is a wizard page for the category of Utilities. - -![SQL Data Collector Wizard Data removal settings Page](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) - -Data from the selected categories will be removed from the Enterprise Auditor database: - -- Permissions -- Audits -- Sensitive Data -- Orphaned Rows - -# SQL: Summary - -The Summary page is where the configuration settings are summarized. It is a wizard page for all of -the categories. - -![SQL Data Collector Wizard Summary Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the SQL Data Collector Wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md b/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md deleted file mode 100644 index e17e47b779..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md +++ /dev/null @@ -1,357 +0,0 @@ -# AzureADInventory: Category - -The Category page identifies which Inventory task to perform. - -![Entra ID Inventory DC Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The two categories are: - -- Scan Entra ID – Scans Microsoft Entra ID objects and imports the information into the SQL Server - database, creating the standard reference tables. This task also maintains the schema for tables - and views. This is the standard option for this data collector. -- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for - troubleshooting. When this option is selected, the next wizard page is the Summary page. See the - [Troubleshooting AzureADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) - topic for more information. - -The Scan Entra ID category is the pre-configured setting for the .Entra ID Inventory Job Group. -Therefore, accessing the Entra ID Inventory DC Wizard from the query within that job group does not -display the Category wizard page. - -# Microsoft Entra ID Connection Profile & Host List - -The AzureADInventory Data Collector requires a custom Connection Profile and host list to be created -and assigned to the job or job group conducting the data collection. The host inventory option -during host list creation makes it necessary to configure the Connection Profile first. - -## Connection Profile - -Creating the Connection Profile requires having the Client ID and Key that was generated when -Enterprise Auditor was registered as a web application with Microsoft Entra ID. See the -[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md) -for additional information. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Azure Active Directory -- Client ID – Application (client) ID of the Enterprise Auditor application registered with - Microsoft Entra ID. See the - [Identify the Client ID](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md#identify-the-client-id) - topic for additional information. -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Key – Client secret value for the Enterprise Auditor application registered with Microsoft Entra - ID. See the - [Generate the Client Secret Key](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md#generate-the-client-secret-key) - topic for additional information. - -Once the Connection Profile is created, it is time to create the custom host list. See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -## Custom Host List - -The custom host list should include: - -- All Microsoft Entra ID tenants to be targeted. If there are multiple tenants, the Connection - Profile should contain a credential for each. -- The host name must be the domain name of the tenant, for example `company.onmicrosoft.com`. See - the - [Identify the Client ID](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md#identify-the-client-id) - topic for additional information. - -See the -[Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for instructions on creating a custom static host list. - -# AzureADInventory: Custom Attributes - -Use the Custom Attributes wizard page to define custom attributes that will be used in the Microsoft -Entra ID scan. - -![Entra ID Inventory Data Collector Wizard Custom Attributes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributes.webp) - -Configuration options for Custom Attributes include: - -- Collect Open Extensions – If enabled, data collector will perform a full scan and collect all - extension attributes for Microsoft Entra ID objects - - - Enabling this option will increase the time it takes for the data collector to complete the - scan. Disabling this option will configure the data collector run a differential scan, which - will only scan changes since the last scan was performed. - - **CAUTION:** A full scan is required when new attributes are added or removed. - -- Add – Adds a manually entered attribute that is included in the scan. This option opens the Custom - Attribute window. -- Edit – Make changes to a previously added attribute. This option opens the Custom Attribute - window. -- Remove – Deletes the attribute from the table and therefore the scan -- Import – Use the Azure Connection Profile credentials or manually inputted credentials to import - custom attributes for the scan using a valid tenant name. This option opens up the Custom - Attributes Import Wizard. - -Use the **Add**, **Edit**, and **Remove** buttons at the bottom of the window to configure the -custom attributes to be gathered by the scan. Use the **Add** button to open the -[Custom Attribute Window](#custom-attribute-window). The **Import** button opens the -[Custom Attributes Import Wizard](#custom-attributes-import-wizard). - -#### Custom Attribute Window - -Input custom attributes from Microsoft Entra ID environments using the Custom Attribute pop-up -window. - -![Custom Attribute Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributewindow.webp) - -The options on the Custom Attributes window are: - -- Tenant Filter – Use a Tenant Name or wildcard to target the desired environment. Wildcards (\*) - can be used. -- Object Class – One or more object class for the attribute can be selected: - - User - - Group - - Contact -- Attribute Name – Microsoft Entra ID attribute name -- Collect all sub-attributes – Allows the collection of sub-attributes - - Sub-Attribute Name – Define the sub-attribute name. Wildcards (\*) can be used. - -Repeat this process until all desired Custom Attributes have been included. Click **OK** to save the -attribute. - -#### Custom Attributes Import Wizard - -The Custom Attributes Import wizard adds a list of custom schema and application attributes from the -targeted tenant environment into the AzureADInventory Data Collector configurations. Follow the -steps to use this window: - -**Step 1 –** On the Custom Attributes page of the Entra Inventory DC wizard, click **Import**. The -Custom Attributes Import Wizard opens. - -![Custom Attributes Import Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizard.webp) - -**Step 2 –** On the Connection page, enter the Tenant Name of the instance of Microsoft Entra ID to -be targeted, and then select the method of supplying credentials for the specified tenant instance: - -- Use the following connection profile entry – Select an Azure Connection Profile from the dropdown - list -- Use the following credentials to authenticate – Enter the credentials to use - - App Id –Client ID - - App key – Client Secret Key - -**_RECOMMENDED:_** Add a valid Azure Connection Profile to the **Jobs** > **.Entra ID Inventory** > -**Settings** > **Connection** settings as a user defined profile. This ensures the connection -profile displays in the dropdown menu. - -See the -[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md) -or the -[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -topics for additional information. - -**Step 3 –** Click **Test Connection** in order to connect to the tenant with the supplied -credentials. If they are correct, the Schema Attributes and Application Attributes pages become -available. Click **Next** to navigate to them. - -| | | -| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| ![customattributesimportwizardschema](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardschema.webp) | ![customattributesimportwizardapplication](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp) | -| Schema Extended Attributes page | Application Extended Attributes page | - -**Step 4 –** On the Schema and Application Attributes pages, the wizard populates with the available -attributes from the Azure tenant. Expand the object classes and select the checkboxes next to the -required attributes to import the custom attributes. Click Next to continue. - -- Load More – Adds additional object classes from the Microsoft Entra ID tenant environment that are - not located in the current list -- Refresh Nodes – Wipes selections from all object class folders - -**Step 5 –** On the Summary page, review your selections and click **Finish**. - -The selected attributes display on the Custom Attributes page of the Entra ID Inventory DC wizard. - -# AzureADInventory: Options - -The Options page provides scan options to use when gathering Microsoft Entra ID information. It is a -wizard page for the Scan Entra ID category. - -![Entra ID Inventory DC Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -Scan options for collecting Microsoft Entra ID information include: - -- Collect only updates since the last scan -- Collect sign-in activity with scan - - This option is required to collect the LastLogonTimestamp attribute of user objects -- Collect directory audit events - -# AzureADInventory Data Collector - -The AzureADInventory Data Collector catalogs user and group object information from Microsoft Entra -ID, formerly Azure Active Directory. This data collector is a core component of Enterprise Auditor -and is preconfigured in the .Entra ID Inventory Solution. - -Both this data collector and the solution are available with all Enterprise Auditor license options. -See the -[.Entra ID Inventory Solution](/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md) -topic for additional information. - -Protocols - -- HTTP -- HTTPS -- REST - -Ports - -- TCP 80 and 443 - -Permissions - -- Microsoft Graph API - - - Application Permissions: - - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - - Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -- Access URLs - - - https://login.windows.net - - https://graph.windows.net - - https://login.microsoftonline.com - - https://graph.microsoft.com - - - All sub-directories of the access URLs listed - -## AzureADInventory Query Configuration - -The AzureADInventory Data Collector is configured through the Entra ID Inventory DC Wizard, which -contains the following wizard pages: - -- Welcome -- [AzureADInventory: Category](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -- [AzureADInventory: Options](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -- [AzureADInventory: Custom Attributes](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -- [AzureADInventory: Results](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -- [AzureADInventory: Summary](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) - -![Entra ID Inventory Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -Hide the Welcome page the next time this data collected is accessed by selecting the **Do not -display this page the next time** checkbox. - -# AzureADInventory: Results - -The Results page is where the properties from Microsoft Entra ID to be gathered are selected. It is -a wizard page for the category of Scan Entra ID. - -![Entra ID Inventory DC Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be checked individually or the **Select All** and **Clear All** buttons can be used. -All checked properties are collected. This information is not available within the standard -reference tables and views. Instead, this information can be viewed in the -**SA_AzureADInventory_DEFAULT** table, which is created when any of these properties are selected. - -# Standard Reference Tables & Views for the AzureADInventory Data Collector - -The AzureADInventory Data Collector collects essential user and group inventory information into -standard reference tables. Unlike other Enterprise Auditor data collectors, the AzureADInventory -Data Collector writes data to these tables regardless of the job executing the query. - -These tables and their associated views are outlined below: - -| Table | Details | -| ----------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_AzureADInventory_Contacts | Contains a list of principal identifiers and their corresponding Department and Job Title | -| SA_AzureADInventory_Domains | Contains information about the domain such as last updated date and time | -| SA_AzureADInventory_EffectiveGroupMembers | Contains expanded group membership which includes a flattened representation of members and nesting levels | -| SA_AzureADInventory_Exceptions | Contains information about security issues and concerns See the [AzureADInventory Exception Types Translated](#azureadinventory-exception-types-translated) section for an explanation of Exception Types | -| SA_AzureADInventory_ExceptionTypes | Contains more detailed information about each security issues and concerns See the [AzureADInventory Exception Types Translated](#azureadinventory-exception-types-translated) section for an explanation of Exception Types | -| SA_AzureADInventory_ExtendedAttributes | Contains information gathered by the custom attributes component of the query configuration | -| SA_AzureADInventory_GroupMembers | Contains a map of groups to member Identifiers | -| SA_AzureADInventory_GroupOwners | Contains a map of groups to owner Identifiers | -| SA_AzureADInventory_Groups | Contains extended information about groups, mail enabled, security enabled, and so on | -| SA_AzureADInventory_Principals | Contains common attributes for users, groups, and computers as well as references to their primary display name and mail addresses | -| SA_AzureADInventory_Users | Contains extended information about users, department, title, and so on | - -Views are the recommended way for you to obtain the information gathered by the AzureADInventory -Data Collector. They contain additional information for building queries easily. The following is an -explanation of the corresponding views created for some of the tables generated by the -AzureADInventory Data Collector: - -| Views | Details | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | -| SA_AzureADInventory_EffectiveGroupMembersView | Contains effective group membership information | -| SA_AzureADInventory_ExceptionsView | Contains principals that are identified to have security concerns as well as detailed security concern information | -| SA_AzureADInventory_GroupMembersView | Contains group membership information | -| SA_AzureADInventory_GroupOwnersView | Contains group owner information | -| SA_AzureADInventory_GroupsView | Contains group level information | -| SA_AzureADInventory_PrincipalsView | Contains common attributes from the principals table including additional domain details | -| SA_AzureADInventory_UsersView | Contains user information | - -### AzureADInventory Exception Types Translated - -The following table translates the Type of Exceptions that can found. - -| Type | Exception | Description | -| ---- | -------------------- | ------------------------------------------------------------------------- | -| 1 | Large Groups | Groups with a large amount of effective members | -| 2 | Deeply Nested | Groups with deep levels of membership nesting | -| 3 | Circular Nesting | Groups with circular references in their effective membership | -| 4 | Empty Groups | Groups with no membership | -| 5 | Single Member Groups | Groups with a single direct member | -| 6 | Stale Users | Users that have not logged onto the domain for an extended period of time | -| 7 | Stale Membership | Groups with a high percentage of effective members that are stale users | -| 8 | Large Token | Users with a large amount of authorization groups in their token | - -# AzureADInventory: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for both of the -categories. - -![Entra ID Inventory DC Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Entra ID Inventory DC Wizard to ensure that no accidental clicks are -saved. - -# Troubleshooting AzureADInventory Data Collector - -## Clear AzureADInventory Tables - -Sometimes when troubleshooting an AzureADInventory issue, it becomes necessary to clear the standard -reference tables. Follow the steps. - -**Step 1 –** Create a new job and assign a query using the **AZUREADINVENTORY** Data Collector. - -**Step 2 –** In the Entra ID Inventory DC Wizard on the Category page, select the **Remove Tables** -category task. - -**Step 3 –** Click **Next** and then **Finish** to close the Entra ID Inventory DC Wizard. Click -**OK** to close the Query Properties window. - -When the job is run, all of the AzureADInventory standard reference tables are removed from the -database. - -## Troubleshooting Error Messages - -Change the XML parameters to address the following errors: - -Error: Microsoft.Graph.ServiceException: Code: timeout Message: The request timed out - -Update the `` parameter to update the number of retries to run the query. -The default is 3. - -Error: An existing connection was forcible closed by the remote host - -Update the `` parameter to update the max delta token age. The default is 6. - -See the -[View Job XML File](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md b/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md deleted file mode 100644 index 51c37e2575..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md +++ /dev/null @@ -1,2981 +0,0 @@ -# EWSMailbox: Category - -The Category page identifies which type of EWSMailbox information is retrieved during the scan. - -![EWS Mailbox Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -Identify the EWS mailbox information type using the following options: - -- Mailbox contents - - - MailboxContent – Scan contents of mailboxes - -- Mailbox permissions - - - MailboxPermissions – Scan permissions of mailboxes - -- Sensitive Data - - - SDDScan – Scan mailboxes for sensitive data - -- Mailbox search - - - MailboxSearchMailboxes – Search for mailboxes containing messages - - MailboxSearchFolders – Search for folders containing messages - - MailboxSearchMessages – Search for messages - -# EWSMailbox: Criteria - -The Select DLP criteria for this scan page is where to select the criteria to use for the sensitive -data scan are selected. It is a wizard page for the Sensitive Data category. - -This page requires the Sensitive Data Discovery Add-On to be been installed on the Enterprise -Auditor Console to define the criteria and enable the Criteria Editor. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -![EWS Mailbox Data Collector Wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The options on the Criteria page are: - -- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings - from the **Settings** > **Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for -- Select All - Click **Select All** to enable all sensitive data criteria for scanning -- Clear All - Click **Clear All** to remove all selections from the table -- Select the checkboxes next to the sensitive data criteria options to enable it to be scanned for - during job execution - -The table contains the following types of criteria: - -**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System -Criteria and User Criteria nodes are visible in the table. - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit - user-defined criteria. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information. - -# EWSMailbox: Filter - -The Filter settings page provides options to filter folders and attachments. It is a wizard page for -the categories of: - -- Mailbox Contents -- Mailbox permissions -- Sensitive data - -![EWS Mailbox Data Collector Wizard Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -All folders and attachments are scanned by default. Scope the scan for specific folders and -attachments: - -- Include Folders – Type the folder paths to filter the scan to specific mailbox folders -- Include Attachments – Type the attachment file names to filter to specific attachments -- Exclude Folders – Type the folder paths to exclude mailbox folders from the scan -- Exclude Attachments – Type the file names for the attachments to exclude attachments from the scan - -Use `*` and `?` for matching wildcard and single characters. - -- Limit message size to [numerical value] – Select to limit message size and define the threshold - for maximum size of a message. The default value is 20000 KB. -- Limit attachments size to [numerical value] – Select to limit attachment size and define a - threshold for maximum size of an attachment returned in the scan. The default value is 20000 KB. - -# EWSMailbox FW: BodyOptions - -Use the BodyOptions page to select the size unit of messages. - -![Filter Wizard BodyOptions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp) - -Select the desired message size unit: - -- KB -- MB -- GB - -# EWSMailbox FW: Folder Conditions - -Use the Folder Conditions page to apply folder-related filter criteria to the search. - -![Filter Wizard Folder Conditions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) - -Customize folder search conditions using the following options: - -- Select conditions – To add it to the search, select any of the following conditions: - - - with specific folder type - - with search terms in the folder name - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click **specific** in the Edit conditions box to open the Folder Type Window. See the - [Folder Type Window](#folder-type-window) topic for additional information. - - Click **search terms** to open the Search Terms Window. See the - [Search Terms Window](#search-terms-window) topic for additional information. - -## Folder Type Window - -Use the Folder Type window to determine folder types to search for. The Folder Type window opens if -**specific** is selected in the Edit Conditions box on the Folder Conditions page. - -![Folder Type window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) - -Select the checkbox next to any folder type to include it in the search filter. - -## Search Terms Window - -Use the Search Terms window to determine terms for the search. The Search Terms window opens if -**search terms** is selected in the Edit Conditions box. - -![Search Terms window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Determine terms for the search using the following options: - -- Type the desired term into the upper text box and click **Add** to add the term to the lower text - box, which adds the term to the search -- Select a term in the lower text box, and click **Remove** to remove the term from the search -- Click **Clear** to clear all terms from the lower box -- Select the desired qualifier option: - - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing any one or - more of the search terms - -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -# EWSMailbox FW: Message Conditions - -Use the Message Conditions page to apply filters to the message category part of the search. - -![Filter Wizard Message Conditions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) - -Customize message search filter conditions using the following options: - -- Message category – Select a message category using the dropdown menu from the following: - - - Common - - Email - - Appointment - - Schedule - - Contact - - Task - - Journal - - Note - - Post - - RSS Feed - - Unified Messaging - -- Select conditions – To add it to the search, select any of the following conditions: - - **NOTE:** The conditions that are available in the Select Conditions box depends on the selected - **Message category**. - - - with specific message classes - - that is created in specific date - - with search terms in the subject - - with search terms in the body - - with search terms in the subject or body - - with search terms in the message header - - with search terms in the recipient’s address - - with search terms in the sender’s address - - that has an attachment - - that is received in specific date - - with specific Message ID - - that occurs in specific date - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click **specific** to open the MessageClasses Window. See the - [MessageClasses Window (Message Conditions)](#messageclasses-window-message-conditions) topic - for additional information. - - Click **in specific date** to open the Date Range Selection Window. See the - [Date Range Selection Window](#date-range-selection-window) topic for additional information. - - Click **search terms** to open the Search Terms Window. See the - [Search Terms Window (Message Conditions)](#search-terms-window-message-conditions) topic for - additional information. - - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice - versa - -## MessageClasses Window (Message Conditions) - -Use the MessageClasses window to alter criteria related to message class. The Message Classes window -opens if **specific** is clicked in the Edit Conditions box on the Message Conditions page. - -![MessagesClasses window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp) - -Determine MessageClass-related criteria using the following options: - -- To add a class, click **Add** -- Enter the desired Message Class in the corresponding textbox -- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy - and select the preferred option: - - - Exact Match - - Starts With - - Contains - -- To remove a message class, select it and click **Remove** -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -## Date Range Selection Window - -Use the Date Range Selection window to select a time period or range for the search. The Date Range -Selection window opens if **in specific date** is clicked in the Edit Conditions box on the Message -Conditions page. - -![Date Range Selection window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp) - -Determine the time period or range of the search using the following options: - -- Over [Number] [Time Period] ago -- Last [Number] [Time Period] -- Before [Date] -- After [Date] -- Between [Date] and [Date] - -## Search Terms Window (Message Conditions) - -Use the Search Terms window to determine terms for the search. The Search Terms window opens if -**search terms** is selected in the Edit Conditions box. - -![Search Terms window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Determine terms for the search using the following options: - -- Type the desired term into the upper text box and click **Add** to add the term to the lower text - box, which adds the term to the search -- Select a term in the lower text box, and click **Remove** to remove the term from the search -- Click **Clear** to clear all terms from the lower box -- Select the desired qualifier option: - - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing any one or - more of the search terms - -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -# EWSMailbox FW: Save Filter - -Use the Save Filter Page to name and describe the custom filter created in the wizard. - -![Filter Wizard Save Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp) - -Label the custom filter using the following options: - -- Enter a name for the filter in the Filter Name textbox -- Enter any desired description for the filter in the Description textbox - -# EWSMailbox FW: Search Filter - -Use the Search Filter page to choose a filter template for the search. - -![Filter Wizard Search Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp) - -Customize folder search conditions using the following options: - -- Select template – Select any of the following template options: - - - Blank - - All non-archived items over 90 days ago - - All calendar items that contains attachment that occurred over 90 days ago - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click either **IPM.Note** or **IPM.Appointment**, to open the MessageClasses Window with - IPM.Note or IPM.Appointment class populated, respectively. See the - [MessageClasses Window ](#messageclasses-window) topic for additional information. - - Click **over 90 Day ago** to open the Date Range Selection Window. See the - [Date Range Selection Window](#date-range-selection-window) topic for additional information. - - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice - versa - -## MessageClasses Window - -Use the MessageClasses window to alter criteria related to message class. The Message Classes window -opens if **Ipm.Note** or **Ipm.Appointment** is clicked in the Edit Conditions box on the Search -Filter page. - -![MessagesClasses window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp) - -Determine MessageClass-related criteria using the following options: - -- To add a class, click **Add** -- Enter the desired Message Class in the corresponding textbox -- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy - and select the preferred option: - - - Exact Match - - Starts With - - Contains - -- To remove a message class, select it and click **Remove** -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -## Date Range Selection Window - -Use the Date Range Selection window to select a time period or range for the search. The Date Range -Selection window opens if **over 90 Day ago** is clicked in the Edit Conditions box on the Search -Filter page. - -![Date Range Selection window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp) - -Determine the time period or range of the search using the following options: - -- Over [Number] [Time Period] ago -- Last [Number] [Time Period] -- Before [Date] -- After [Date] -- Between [Date] and [Date] - -# EWSMailbox: Options - -The Scan options page provides general scan options. It is a wizard page for all categories. - -![EWS Mailbox Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -Select the checkboxes to apply any desired scan options: - -- Ignore certificate errors – Ignores certificate errors when connecting to Exchange Web Services -- Match job host against autodiscovered host – Matches the name of the job host against the host - name returned from autodiscover - - **_RECOMMENDED:_** Use this option when scanning multiple Exchange environments with a single - job and the Connection Profile has multiple credentials in it. - -- Scan options - - - Scan archives – Scans for archived mailbox data - - Scan recoverable items – Scans for recoverable items - -- Authentication – Select an Authentication type from the drop down: - - - Negotiate - - Basic - - NTLM - - Kerberos - - Digest - -# EWSMailbox Data Collector - -The EWSMailbox Data Collector provides configuration options to scan mailbox contents, permissions, -and sensitive data, and is preconfigured within the Exchange Solution. Both this data collector and -the solution are available with a special Enterprise Auditor license. See the -[Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -topic for additional information. - -Protocols - -- HTTPS -- ADSI -- LDAP - -Ports - -- TCP 389 -- TCP 443 - -Permissions - -- Exchange Admin Role -- Discovery Management Role -- Application Impersonation Role -- Exchange Online License - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -## EWSMailbox Query Configuration - -The EWSMailbox Data Collector is configured through the Exchange Mailbox Data Collector Wizard, -which contains the following wizard pages: - -**NOTE:** The Category selected may alter the subsequent steps displayed by the wizard. - -- [EWSMailbox: Category](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox: Scope Select](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox: SDD Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox: Criteria](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox: Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox: Search Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -# EWSMailbox: Results - -Use the Results page to select which properties are gathered out of those available for the -category. It is a wizard page for all of the categories. - -![EWS Mailbox Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Select criteria using the following options: - -- Select the checkbox of any property to include it in the summary. All selected properties will be - gathered. - - **NOTE:** Available properties vary based on the category selected. - -- Click **Select All** to select all properties -- Click **Clear All** to clear all selected properties - -# EWSMailbox: Scope - -The Mailbox scope settings page is used to select which mailboxes are searched by the scan. It is a -wizard page for all categories. - -![EWS Mailbox Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -Select an option to specify which mailboxes are searched: - -- All mailboxes – Search all mailboxes -- Select mailboxes from list – Search only specific selected mailboxes. This option enables the - [EWSMailbox: Scope Select](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - page. - -# EWSMailbox: Scope Select - -The Scope select page is used to select specific mailboxes to scan. It is a wizard page for all -categories when the **Select mailboxes from list** option is selected on the -[EWSMailbox: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -page. - -![EWS Mailbox Data Collector Wizard Scope select page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/scopeselect.webp) - -Use the following options to scope the scan to specific mailboxes: - -- Retrieve – Loads the list of mailboxes available for scanning in the Available box -- Add – Select mailboxes from the Available list and click to add them to the Selected box to be - scanned -- Select All – Selects all mailboxes in the list -- Deselect All – Deselects all selected mailboxes from the list -- Remove – Select mailboxes from the Selected box and click to remove them from the list - -# EWSMailbox: SDD Options - -The Sensitive data scan options page is where options to be used for discovering sensitive data are -configured. It is a wizard page for the Sensitive Data category. - -The Sensitive Data Discovery Add-on is required to use the sensitive data collection option. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -![EWS Mailbox Data Collector Wizard SDD Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp) - -Select the applicable Sensitive data scan options: - -- Store discovered sensitive data – Stores discovered sensitive data in the database -- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria - for discovered sensitive data - - **NOTE:** This option is only available if **Store discovered sensitive data** is selected. - -# EWSMailbox: Search Filter - -The Search filter settings page applies a filter used to search mailboxes in the environment. It is -a wizard page for the Mailbox Search categories. - -![EWS Mailbox Data Collector Wizard Search filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp) - -Click **Add Filter** to open the Filter Wizard. - -## EWSMailbox Filter Wizard (FW) - -The Filter Wizard manages properties of the search filter. The Filter Wizard pages are: - -- [EWSMailbox FW: Search Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox FW: Folder Conditions](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox FW: Message Conditions](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox FW: BodyOptions](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSMailbox FW: Save Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -# EWSMailbox: Summary - -The Summary page displays a summary of the configured query. It wizard page for all categories. - -![EWS Mailbox Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the EWS Mailbox Data Collector Wizard to ensure that no accidental clicks -are saved. - -# EWSPublicFolder: Category - -The Category page contains the following Exchange Web Service categories to search: - -![EWS Public Folder Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -Select which type of EWS public folder information to retrieve from the following: - -- Public Folder contents - - - PublicFolderContent – Scan contents of public folders - -- Public Folder permissions - - - PublicFolderPermissions – Scan permissions of public folders - -- Sensitive Data - - - SDDScan – Scan public folders for sensitive data - -- Public folder search - - - PublicFolderSearchFolders – Search for folders containing messages - - PublicFolderSearchMessages – Search for messages - -# EWSPublicFolder: Critieria - -Use the Select DLP criteria for this scan page to select criteria for the sensitive data scan. It is -a wizard page for the Sensitive Data category. - -The Sensitive Data Discovery Add-on is required to use the sensitive data collection option and -enable the Criteria Editor. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -for additional information. - -![EWS Public Folder Data Collector Wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The options on the Criteria page are: - -- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings - from the **Settings** > **Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for -- Select All - Click **Select All** to enable all sensitive data criteria for scanning -- Clear All - Click **Clear All** to remove all selections from the table -- Select the checkboxes next to the sensitive data criteria options to enable it to be scanned for - during job execution - -The table contains the following types of criteria: - -**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System -Criteria and User Criteria nodes are visible in the table. - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit - user-defined criteria. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information. - -# EWSPublicFolder: Filter - -The Filter settings page provides options to filter folders and attachments. It is a wizard page for -the categories of: - -- Public Folder contents -- Public Folder permissions -- Sensitive Data - -![EWS Public Folder Data Collector Wizard Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -All folders and attachments are scanned by default. Scope the scan for specific folders and -attachments: - -- Include Folders – Type the folder paths to filter the scan to specific mailbox folders -- Include Attachments – Type the attachment file names to filter to specific attachments -- Exclude Folders – Type the folder paths to exclude mailbox folders from the scan -- Exclude Attachments – Type the file names for the attachments to exclude attachments from the scan - -Use `*` and `?` for matching wildcard and single characters. - -- Limit message size to [numerical value] – Select to limit message size and define the threshold - for maximum size of a message. The default value is 20000 KB. -- Limit attachments size to [numerical value] – Select to limit attachment size and define a - threshold for maximum size of an attachment returned in the scan. The default value is 20000 KB. - -Public folders can also be included or excluded from the scan by retrieving a list of public folders -and selecting the desired folders. - -Follow the steps to filter the scan by selecting public folders from a list. - -![Choose folder to include window on Filter settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/filterpublicfolders.webp) - -**Step 1 –** Click the **+** button to the right of the Include Folders or Exclude Folders box to -open the Choose folders to include or Choose folders to exclude window. - -**Step 2 –** Click **Retrieve** to load the list of public folders that can be selected. - -**Step 3 –** Select the desired public folders and click **Add** to add the folders to the Include -Folders or Exclude Folders list. - -After the configuration changes are saved, scans are filtered by the selected public folders. - -# EWSPublicFolder FW: BodyOptions - -The BodyOptions page is where the size of messages is selected. - -![Filter Wizard BodyOptions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp) - -Select the desired message size unit: - -- KB -- MB -- GB - -# EWSPublicFolder FW: Folder Conditions - -The Folder Conditions page is where folder-related filter criteria can be applied to the search. - -![Filter Wizard Folder Conditions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) - -Customize folder search conditions using the following options: - -- Select conditions – To add it to the search, select any of the following conditions: - - - with specific folder type - - with search terms in the folder name - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click **specific** in the Edit conditions box to open the Folder Type Window. See the - [Folder Type Window](#folder-type-window)topic for additional information - - Click **search terms** to open the Search Terms Window. See the - [Search Terms Window](#search-terms-window) topic for additional information - -## Folder Type Window - -Use the Folder Type window to determine folder types to search for. The Folder Type window opens if -**specific** is selected in the Edit Conditions box on the Folder Conditions page. - -![Folder Type window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) - -Select the checkbox next to any folder type to include it in the search filter. - -## Search Terms Window - -Use the Search Terms window to determine terms for the search. The Search Terms window opens if -**search terms** is selected in the Edit Conditions box. - -![Search Terms window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Determine terms for the search using the following options: - -- Type the desired term into the upper text box and click **Add** to add the term to the lower text - box, which adds the term to the search -- Select a term in the lower text box, and click **Remove** to remove the term from the search -- Click **Clear** to clear all terms from the lower box -- Select the desired qualifier option: - - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing any one or - more of the search terms - -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -# EWSPublicFolder FW: Message Conditions - -Use the Message Conditions page to apply filters to the message category part of the search. - -![Filter Wizard Message Conditions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) - -Customize message search filter conditions using the following options: - -- Message category – Select a message category using the dropdown menu from the following: - - - Common - - Email - - Appointment - - Schedule - - Contact - - Task - - Journal - - Note - - Post - - RSS Feed - - Unified Messaging - -- Select conditions – To add it to the search, select any of the following conditions: - - **NOTE:** The conditions that are available in the Select Conditions box depends on the selected - **Message category**. - - - with specific message classes - - that is created in specific date - - with search terms in the subject - - with search terms in the body - - with search terms in the subject or body - - with search terms in the message header - - with search terms in the recipient’s address - - with search terms in the sender’s address - - that has an attachment - - that is received in specific date - - with specific Message ID - - that occurs in specific date - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click **specific** to open the MessageClasses Window. See the - [MessageClasses Window](#messageclasses-window) topic for additional information. - - Click **in specific date** to open the Date Range Selection Window. See the - [Date Range Selection Window](#date-range-selection-window) topic for additional information. - - Click **search terms** to open the Search Terms Window. See the - [Search Terms Window](#search-terms-window) topic for additional information. - - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice - versa - -## MessageClasses Window - -Use the MessageClasses window to alter criteria related to message class. The Message Classes window -opens if **specific** is clicked in the Edit Conditions box on the Message Conditions page. - -![MessagesClasses window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp) - -Determine MessageClass-related criteria using the following options: - -- To add a class, click **Add** -- Enter the desired Message Class in the corresponding textbox -- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy - and select the preferred option: - - - Exact Match - - Starts With - - Contains - -- To remove a message class, select it and click **Remove** -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -## Date Range Selection Window - -Use the Date Range Selection window to select a time period or range for the search. The Date Range -Selection window opens if **in specific date** is clicked in the Edit Conditions box on the Message -Conditions page. - -![Date Range Selection window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp) - -Determine the time period or range of the search using the following options: - -- Over [Number] [Time Period] ago -- Last [Number] [Time Period] -- Before [Date] -- After [Date] -- Between [Date] and [Date] - -## Search Terms Window - -Use the Search Terms window to determine terms for the search. The Search Terms window opens if -**search terms** is selected in the Edit Conditions box. - -![Search Terms window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Determine terms for the search using the following options: - -- Type the desired term into the upper text box and click **Add** to add the term to the lower text - box, which adds the term to the search -- Select a term in the lower text box, and click **Remove** to remove the term from the search -- Click **Clear** to clear all terms from the lower box -- Select the desired qualifier option: - - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing any one or - more of the search terms - -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -# EWSPublicFolder FW: Save Filter - -Use the Save Filter Page to name and describe the custom filter created in the wizard. - -![Filter Wizard Save Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp) - -Label the custom filter using the following options: - -- Enter a name for the filter in the Filter Name textbox -- Enter any desired description for the filter in the Description textbox - -# EWSPublicFolder FW: Search Filter - -Use the Search Filter page to choose a filter template for the search. - -![Filter Wizard Search Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp) - -Customize folder search conditions using the following options: - -- Select template – Select any of the following template options: - - - Blank - - All non-archived items over 90 days ago - - All calendar items that contains attachment that occurred over 90 days ago - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click either **IPM.Note** or **IPM.Appointment**, to open the MessageClasses Window with - IPM.Note or IPM.Appointment class populated, respectively. See the - [MessageClasses Window](#messageclasses-window) topic for additional information. - - Click **over 90 Day ago** to open the Date Range Selection Window. See the - [Date Range Selection Window](#date-range-selection-window) - - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice - versa - -## MessageClasses Window - -Use the MessageClasses window to alter criteria related to message class. The Message Classes window -opens if **Ipm.Note** or **Ipm.Appointment** is clicked in the Edit Conditions box on the Search -Filter page. - -![MessagesClasses window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp) - -Determine MessageClass-related criteria using the following options: - -- To add a class, click **Add** -- Enter the desired Message Class in the corresponding textbox -- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy - and select the preferred option: - - - Exact Match - - Starts With - - Contains - -- To remove a message class, select it and click **Remove** -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -## Date Range Selection Window - -Use the Date Range Selection window to select a time period or range for the search. The Date Range -Selection window opens if **over 90 Day ago** is clicked in the Edit Conditions box on the Search -Filter page. - -![Date Range Selection window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp) - -Determine the time period or range of the search using the following options: - -- Over [Number] [Time Period] ago -- Last [Number] [Time Period] -- Before [Date] -- After [Date] -- Between [Date] and [Date] - -# EWSPublicFolder: Options - -The Scan options page provides general scan options. It is a wizard page for all of the categories. - -![options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -Select any desired scan options: - -- Ignore certificate errors – Ignores certificate errors when connecting to Exchange Web Services -- Match job host against autodiscovered host – Matches the name of the job host against the host - name returned from autodiscover - - **_RECOMMENDED:_** Use this option when scanning multiple Exchange environments with a single - job and the Connection Profile has multiple credentials in it. - -- Authentication – Select an Authentication type from the drop down: - - - Negotiate - - Basic - - NTLM - - Kerberos - - Digest - -# EWSPublicFolder Data Collector - -The EWSPublicFolder Data Collector provides configuration options to extract public folder contents, -permissions, and sensitive data, and is preconfigured within the Exchange Solution. Both this data -collector and the solution are available with a special Enterprise Auditor license. See the -[Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -topic for additional information. - -Protocols - -- HTTPS -- ADSI -- LDAP - -Ports - -- TCP 389 -- TCP 443 - -Permissions - -- Exchange Admin Role -- Discovery Management Role -- Application Impersonation Role -- Exchange Online License with a mailbox - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -## EWSPublicFolder Query Configuration - -The EWSPublicFolder Data Collector is configured through the Exchange Public Folder Data Collector -Wizard. The wizard contains the following pages: - -**NOTE:** The Category selected may alter the subsequent steps displayed by the wizard. - -- [EWSPublicFolder: Category](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder: SDD Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder: Critieria](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder: Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder: Search Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -# EWSPublicFolder: Results - -The Results page is used to select which properties will be gathered out of those available for the -category. It is a wizard page for all of the categories. - -![EWS Public Folder Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Select criteria using the following options: - -- Select the checkbox of any property to include it in the summary. All selected properties will be - gathered. - - **NOTE:** Available properties vary based on the category selected. - -- Click **Select All** to select all properties -- Click **Clear All** to clear all selected properties - -# EWSPublicFolder: SDD Options - -Use the Sensitive data scan options page to configure options to for discovering sensitive data. It -is a wizard page for the Sensitive Data category. - -The Sensitive Data Discovery Add-on is required to use the sensitive data collection option. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -![EWS Public Folder Data Collector Wizard SDD Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp) - -Select the applicable Sensitive data scan options: - -- Store discovered sensitive data – Stores discovered sensitive data in the database -- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria - for discovered sensitive data - - **NOTE:** This option is only available if **Store discovered sensitive data** is selected. - -# EWSPublicFolder: Search Filter - -The Search filter settings page applies a filter used to search mailboxes in the environment. It is -a wizard page for the category of: - -- PublicFolder search - -![EWS Public Folder Data Collector Wizard Search Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp) - -Click **Add Filter** to open the Filter Wizard - -## EWSPublicFolder Filter Wizard (FW) - -The Filter Wizard manages properties of the search filter. The Filter Wizard pages are: - -- [EWSPublicFolder FW: Search Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder FW: Folder Conditions](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder FW: Message Conditions](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder FW: BodyOptions](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder FW: Save Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -# EWSPublicFolder: Summary - -The Summary page displays a summary of the configured query. It wizard page for all categories. - -![EWS Public Folder Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the EWS Public Folder Data Collector Wizard to ensure that no accidental -clicks are saved. - -# Exchange2K: Category - -The Exchange2K Data Collector contains the following query categories, sub-divided by auditing -focus: - -![Exchange 2K+ Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -- Exchange Organization - - - Organization – Exchange organization properties - - Administrative Groups - - Exchange Servers - - Storage Groups - - Exchange 2007/2010 Users – User properties from PowerShell commands - - Users – Mail-enabled and mailbox-enabled user - - Groups – Mail-enabled groups - - Contacts - - QBDGs – Query-Based Distribution Groups - -- Exchange Server Configuration - - - Recipient Update Services - - Message Delivery – System-wide message settings - - Instant Messaging – Instant messaging settings - - Exchange Mailbox Store Logons – The users currently logged on to Microsoft Exchange 2007 and - 2010 - -- Exchange 2007/2010 Hub Transport Configuration - - - Accepted Domains - - Remote Domains - - Transport Rules - - Journaling - -- Exchange 2007 CCR/SCR - - - Server Status - - CCR Storage Group Status - - SCR Storage Group Status - - Replication Health - -- Exchange 2007/2010 Unified Messaging - - - Dial plans - - IP gateways - - Mailbox policies - - Auto attendants - -- Exchange 2010 DAG - - - Exchange 2010 Mailbox Database Copy Status - - Exchange 2010 Data Availability Group - - Replication Health - -- Connectors - - - SMTP Connectors - - Exchange 2007/2010 Receive Connectors - - Exchange 2007/2010 Send Connectors - - Routing Group Connectors - - TCPX 400 Connectors - - X25X 400 Connectors - -- Protocols - - - HTTP Virtual Servers - - IMAP4 Virtual Servers - - NNTP Virtual Servers - - POP3 Virtual Servers - - SMTP Virtual Servers - - X400 Protocol - - Exchange 2007/2010 IMAP4 protocol - - Exchange 2007/2010 POP3 protocol - - Exchange 2007/2010 ActiveSync Protocols - -- Queues - - - Exchange Queues - - Exchange 2007/2010 Queries - -- Policies - - - Recipient Policies - - Exchange Server Policies - - Exchange 2007/2010 Email Policies - - Mailbox Store Policies - - Public Store Policies - - Exchange 2007/2010 ActiveSync Mailbox Policies - - Exchange 2010 Throttling Policies - -- Address Lists - - - Address Lists - - Global Address Lists - - Offline Address Lists - -- Internet Message Formats -- Mailbox Stores -- Public Stores -- Public Folders -- Anti-Virus Software -- OrphanedMailboxes -- OrphanedPublicFolders -- Exchange 2007/2010 ActiveSync Mobile Devices - -# Exchange2K: MAPI Settings - -The MAPI Settings page is used to enter configurations to connect to target Exchange servers. By -default, Enterprise Auditor connects to Exchange using System Attendant. For Exchange 2010 and 2013, -a mailbox and a client access server need to be entered in order to make a MAPI connection. These -settings only need to be configured if not configured at the Global Settings level. It is a wizard -page for the categories of: - -- Exchange Organization > Users -- Mailbox Stores -- Public Folders -- OrphanedMailboxes -- OrphanedPublicFolders - -![Exchange 2K+ Data Collector Wizard MAPI Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/mapisettings.webp) - -Configure the Connection Setting by selecting from the following: - -- Use Global settings: -- System Attendant (2003 & 2007) -- Use the mailbox associated with the Windows account that Enterprise Auditor is run with -- Exchange Mailbox (2010 and newer) -- Client Access Server - -Enter a server to Test Connection Setting: - -- Exchange Server – Enter the Exchange Mailbox Server to use to test the connection setting to make - sure that there is access to the server entered -- Test connection setting – Click to test the connection to the Exchange server - -The box at the bottom of the page displays information regarding the test connection in progress. - -# Exchange2K: Options - -The Options page provides additional configuration options for the query. Available options vary -depending on the category selected. It is a wizard page for all of the categories. - -![Exchange 2K+ Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -Configure the Options step using the following options: - -- How to format collected – Select how the table will be formatted according to the return data - - - Return data as collected - - Return each value of the following property in a separate row – Enabled for specific - properties selected on the Results page - - Return data in a separate row for each property set in the following group – Enabled for - specific properties selected on the Results page - -- How to return multi-valued properties – Select how the table will be formatted when the return - data contains multi-valued properties - - - Concatenated – Return the data in a continuous string without gaps - - - Delimiter – Enter the desired delimiter to be used between values - - - First-value only – Only display the first value - -- Message size units – Available for the Exchange Organization > Users, Mailbox Stores, and Public - Stores categories. Choose between: - - - KB - - MB - - GB - -# Exchange2K Data Collector - -The Exchange2K Data Collector extracts configuration details from Exchange organizations for -versions 2003 and later. This is a MAPI-based data collector which requires the **Settings** > -**Exchange** node to be enabled and configured. See the -[Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) -topic for additional information. - -The Exchange2K Data Collector has been preconfigured within the Exchange Solution. Both this data -collector and the solution are available with a special Enterprise Auditor license. See the -[Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -topic for additional information. - -Protocols - -- LDAP -- MAPI -- PowerShell -- RPC -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports -- TCP 389 -- Optional TCP 445 - -Permissions - -- Member of the Exchange Administrator group -- Domain Admin for AD property collection -- Public Folder Management - -## Exchange2K Query Configuration - -The Exchange2K Data Collector is configured through the Exchange 2K+ Data Collector Wizard, which -contains the following wizard pages: - -- Welcome -- [Exchange2K: Category](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [Exchange2K: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [Exchange2K: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [Exchange2K: MAPI Settings](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [Exchange2K: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [Exchange2K: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -![Exchange 2K+ Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not show this page the next time** checkbox -when the wizard is open and configuration settings are saved. - -# Exchange2K: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for -all. - -![Exchange 2K+ Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Check All**, **Uncheck All**, or **Reset Defaults** -buttons can be used. All Selected properties will be gathered. Click **Expand All** to expand all -properties, or **Collapse All** to collapse all properties. Available properties vary based on the -category selected. - -# Exchange2K: Scope - -The Scope page is used to define where to search. It is a wizard page for the categories of: - -- Exchange Organization > Users -- Exchange Organization > Groups -- Exchange Organization > Contacts -- Exchange Organization > QBDGs - -![Exchange 2K+ Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -Select where to connect for the search and click **Connect** to add the domain or server: - -- Default domain – Select this option to search the default domain -- This domain or server – Click the ellipsis to open the Browse for Domain window and select a - domain or server. - -Click **Add** to add the OUs highlighted in the top box to the scope. Click **Remove** to remove the -selected OU. - -# Exchange2K: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all of the -categories. - -![Exchange 2K+ Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Exchange 2K+ Data Collector Wizard to ensure that no accidental clicks -are saved. - -# ExchangeMailbox: Category - -The Exchange Mailbox Data Collector contains the following Exchange Mailbox categories for -searching: - -![Exchange Mailbox Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The Category page contains a list of objects the query searches for: - -- Mailboxes -- Mailbox contents -- Mailbox permissions -- Mailbox sensitive data discovery -- Mailbox search – Enables the Return data options: - - - Per mailbox - - Per folder - -# ExchangeMailbox: Options - -The Options page provides different configuration options for the search. It is a wizard page for -the following categories: - -- Mailboxes -- Mailbox contents -- Mailbox permissions -- Mailbox sensitive data discovery - -![Exchange Mailbox Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -The following options can be configured: - -**NOTE:** Options available vary based upon the category selected. - -- Message size units: - - - KB - - MB - -- Folders - - - All Folders – Select to include all folders in the query. When deselected, the other options - of the category become available. - - Include root folder – Include root folders of the selected folders in the query - - - - – Enter the name of a folder to include and click **+** to add it to the list of - included folders - - - – Select a folder from the list of included folders ad click **–** to remove it - - - Include subfolders in message counters – Include messages contained in subfolders of the - selected folders in the message count - -- Attachment Types - - - Count attachment types – Counts attachment types as part of the query. When selected, this - enables the following options: - - - Add New – Adds another line to the list of attachment types which is manually edited - - Load Defaults – Reverts the list to default attachment types - - Remove – Remove selected attachment type from the list - -- Large Attachment Threshold (KB) – Default is 500 - -# ExchangeMailbox Data Collector - -The ExchangeMailbox Data Collector extracts configuration details from the Exchange Store to provide -statistical, content, permission, and sensitive data reporting on mailboxes. This is a MAPI-based -data collector which requires the **Settings** > **Exchange** node to be enabled and configured. See -the [Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) -topic for additional information. - -The ExchangeMailbox Data Collector is available with a special Enterprise Auditor license. See the -[Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -topic for additional information. - -Protocols - -- MAPI -- RPC - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Exchange Administrator group -- Organization Management -- Discovery Management - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -## ExchangeMailbox Query Configuration - -The ExchangeMailbox Data Collector is configured through the Exchange Mailbox Data Collector Wizard, -which contains the following wizard pages: - -- Welcome -- [ExchangeMailbox: Category](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMailbox: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMailbox: Properties](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMailbox: SDD Criteria](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMailbox: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMailbox: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -The query requires special permissions to connect to target Exchange servers. Assign these -permissions on the Welcome page. - -![Exchange Mailbox Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -Connection Setting - -Select one of the following options for the connection setting: - -- Use Global setting – The configured Global Setting is displayed next to this checkbox. Select the - checkbox to use the global setting. -- System Attendant (2003 & 2007) – Enabled when the **Use Global Setting** checkbox is not selected. - Select this option to use System Attendant (2003 & 2007) for the connection. -- Use the mailbox associated with the Windows account that Enterprise Auditor is run with – Enabled - when the **Use Global Setting** checkbox is not selected. Select this option to use the mailbox - associated with the Windows account that Enterprise Auditor is run with for the connection. -- Exchange Mailbox (2010 and newer) – Enabled when the **Use Global Setting** checkbox is not - selected. Select this option to use an Exchange Mailbox (2010 and newer) for the connection. The - Client Access Server must be entered unless specified in the Global Settings. - - - Client Access Server – A private store server is needed if the Exchange server only has public - stores - -Test Connection Setting - -Enter a server to test the connection string: - -- Exchange Server – Enter the Exchange Mailbox Server to use to test the connection setting to make - sure that there is access to the server entered -- Test – Click **Test** to test the connection to the Exchange server - -The box at the bottom of the page displays information regarding the test connection in progress. - -# ExchangeMailbox: Properties - -The Properties page is where properties that will be gathered are selected. The available properties -depend on the category selected. It is a wizard page for all of the categories. - -![Exchange Mailbox Data Collector Wizard Properties page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/properties.webp) - -Properties can be selected individually or you can use the Select All, Clear All, and Reset All -buttons. All selected properties will be gathered. Click **Message Classes** to open the Message -classes filters window. - -![Message classes filters window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp) - -The wildcard (`*`) returns all message class filters. Enter the name of the class filter and click -**Add** to add it to the list. **Delete** will remove the selected class filter from the list. The -**Load defaults** option will restore the class filter default settings. - -# ExchangeMailbox: Scope - -The Scope page is used to define which mailboxes are to be queried. It is a wizard page for all of -the categories. - -![Exchange Mailbox Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -At the top, configure the mailboxes to be queried. The selected option changes how the mailboxes are -identified for scoping. - -- All mailboxes – Searches all mailboxes -- Selected mailboxes from server – Retrieves all mailboxes in the Exchange organization, making them - visible within the **Available mailboxes on connected server** list. The following options - display: - - ![Scope page with Selected mailboxes from server selected](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp) - - - Retrieve – Enter the server and select Retrieve to display the list of mailboxes on that - server - - Add – Select the desired mailboxes to add to the query. The added mailboxes display in the - **Selected mailboxes** list. - - Remove – Deletes selected mailboxes from the list - - Select All – Click the Select All icon to select all mailboxes in the list - - Clear All – Click the Clear All icon to clear all current selections in the list - -- Selected table – Populates the **Available tables** list with tables from the Enterprise Auditor - database - - ![Scope page with Selected table selected](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp) - - - Table – Filters this list by tables. Select the table which hosts the list of mailboxes for - which this query will be scoped. - - Field containing EmailAddressDNs – This list will be populated with columns from the selected - table. Select the appropriate column from the list. - -# ExchangeMailbox: SDD Criteria - -The SDD Criteria page is where criteria to be used for discovering sensitive data are configured. It -is a wizard page for the Mailbox sensitive data discovery category. This page requires the Sensitive -Data Discovery Add-On to be been installed on the Enterprise Auditor Console to define the criteria -and enable the Criteria Editor. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -![Exchange Mailbox Data Collector Wizard SDD Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sddcriteria.webp) - -Select the checkbox for the criteria to be used to search for sensitive data. Criteria can also be -selected using the **Select All** and **Select None** buttons. - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - **NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the - System Criteria and User Criteria nodes will be visible in the table. - -- Edit – Click this button to access the Criteria Editor where user-defined criteria can be created - or customized. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information. -- Store discovered sensitive data – Stores the potentially sensitive data that matches the selected - criteria in the Enterprise Auditor database. Select this checkbox to store a copy of the criteria - match data. This copy can be used to check for false positives, data that matches the selected - criteria but is not actually sensitive. -- Limit stored matches per criteria to [number] – Identifies the number of potentially sensitive - data matches that are copied to the database. The default is 5 matches. This option is only - available if the **Store discovered sensitive data** option is selected. - -# ExchangeMailbox: Summary - -The Summary page displays a summary of the configured query. It wizard page for all categories. - -![Exchange Mailbox Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Exchange Mailbox Data Collector Wizard to ensure that no accidental -clicks are saved. - -# ExchangeMetrics: Category - -The Category page is used to identify the type of Exchange Metrics information to retrieve. - -![Exchange Metrics Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The ExchangeMetrics Data Collector contains the following query categories: - -- Exchange Metrics Queries - - - Server Volume – Summary metrics by server for all messages sent and received inside and - outside of the Exchange organization - - Internal Traffic Summary – Summary metrics by server for all messages sent and received inside - of the Exchange organization - - Internet Traffic Summary – Summary metrics by external domain for messages sent and received - outside of the Exchange organization - - Delivery Time – Summary metrics by server for all messages delivered within specified delivery - time window - - Delivery Time Custom – Summary metrics by server for all messages delivered within delivery - time windows - - User Statistics – Summary metrics by user for all messages sent and received by each user - - DL Statistics – Summary metrics by distribution list (DL) for all messages received by each DL - - Hour Statistics – Summary metrics by server for all messages delivered within specified hour - slot - - Message Size Statistics – Summary metrics by server for all messages of specified sizes - - Message Size Statistics Custom – Summary metrics by serer for message size windows - - User’s Message Activity – Message activity per user - - User’s Message Activity Per Hour – Message activity per user per hour - -- Exchange Metrics Applet Maintenance - - - Deploy or Change Applet Settings – Deploys a data collector applet to an Exchange Server, or - update its settings - - Check Applet State – Information about a deployed data collector applet - - Remove Applet Settings – Removes a deployed data collector applet from an Exchange Server - -# ExchangeMetrics: Collect Mode - -The Collect Mode page is where to set the collection mode. It is a wizard page for the categories -of: - -- Server Volume -- Internal Traffic Summary -- Internet Traffic Summary -- Delivery Time -- Delivery Time Custom -- User Statistics -- DL Statistics -- Hour Statistics -- Message Size Statistics -- Message Size Statistics Custom -- User’s Message Activity -- User’s Message Activity Per Hour - -![Exchange Metrics Data Collector Wizard Collect Mode page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/collectmode.webp) - -There are two types of collection modes: - -- Query Summary Data Only – In this mode, the applet gathers only existing summary data and returns - it to the Enterprise Auditor Console. In order to process Exchange tracking log files, another - instance of the applet must be configured. -- Process Exchange Tracking Logs and Query Summary Data – In this mode, the applet processes missing - summary data and returns it to the Enterprise Auditor Console. This mode includes an additional - setting for **Summary data path**. Choose between: - - - Default location - - Specific location – Specify the folder location - -# ExchangeMetrics: Message Activity Filter - -The Message Activity Filter page configures which domains the data collector should return mail flow -from specific senders and to specific recipients. For example, if `@netwrix.com` is entered in the -Senders list and `@netwrix.com` in the Recipients list, message activity will be returned only for -mail sent to and received from an `@netwrix.com` address. It is a wizard page for the categories of: - -- User’s Message Activity -- User’s Message Activity Per Hour - -![Exchange Metrics Data Collector Wizard Message Activity Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/messageactivityfilter.webp) - -Configure the Message Activity Filter using the following options: - -- Add – To add a filter to the desired category, click **Add** in the desired category to add an - entry to that category -- Select **Exact Match** in the added filter to reveal a drop-down list with the following condition - options: - - - Exact matches - - Contains - - Begins with - - Ends with - -- Kind – Select **(Custom…)** to open the Custom Filter menu. The Custom Filter menu provides - options to create and configure other filters. -- Value – Type the filter to be applied - -The columns in the entry tables can be sorted and or filtered, using the same sorting and filtering -methods of Enterprise Auditor data grids. The **Remove** option will delete a selected filter. - -# ExchangeMetrics: Message Sizes - -The Message Sizes page is used to configure message size frames for which to return summary metrics -by server. It is a wizard page for the category of: - -- Message Size Statistics Custom. - -![Exchange Metrics Data Collector Wizard Message Sizes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/messagesizes.webp) - -Configure the desired message size frames using the following options: - -- Frame name – Name the configured message size parameters. Can either be entered manually or a - default will populate when query limits are set. -- Start – Specify the lower limit of the message sizes (in MB) -- End – Specify the upper limit of the message sizes (in MB) - -For example, a **Start** value of **1** and an **End** value of **2** returns messages between 1 and -2 megabytes. - -- Infinite – Select the checkbox to remove the **End** value from the scan. For example, a **Start** - value of **5** with the **Infinite** checkbox selected retrieves all messages which are 5 - megabytes or larger. - -Once the frame is configured, click **Add**. The configured message size frame will appear in the -list. Multiple frames can be configured. Select a frame and click **Replace** to modify an existing -frame. Use **Remove** to delete an existing frame. - -# ExchangeMetrics: Options - -The Options page provides additional configuration options for the query. Options vary depending on -the category selected. It is a wizard page for the categories of: - -- Server Volume -- Internal Traffic Summary -- Internet Traffic Summary -- Delivery Time -- Delivery Time Custom -- User Statistics -- DL Statistics -- Hour Statistics -- Message Size Statistics -- Message Size Statistics Custom -- User’s Message Activity -- User’s Message Activity Per Hour -- Deploy or Change Applet Settings -- Remove Applet Settings - -![Exchange Metrics Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -Select the checkbox of any of the following options to configure the query: - -**NOTE:** Available options vary depending on Category selected. - -- Host-side Cleanup - - - Remove applet after task is completed - - Remove all summary data after task is completed (Not recommended) - - Remove summary data older than [number] days - - Remove AD database after task is completed - -- Applet Logging - - - Enable Logging – Enables the applet to log - - Applet log level – Select the desired log level using the dropdown list: - - - None - - Debug - - Information - - Warning - - Error - - - Set Default – Returns the Applet log level to the default of **Error** - -- Applet History - - - Enable Persistent Log State – Search the log from where the previous search left off. A state - file is created for each host configured in the query. State files can be viewed within - Enterprise Auditor and are named by the query GUID. State files display the record the - previous search left off on, the event log, and the date of the last entry. - -- AD Database Creation - - - Recreate AD DB if existing DB is older than [number] days - - Create AD DB locally - -# ExchangeMetrics Data Collector - -The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking -Logs on the Exchange servers. Some examples of this include server volume and message size -statistics. This data collector runs as an applet over RPC connection to process and collect -summarized metrics from the Message Tracking Log. See the -[Exchange Support and Permissions Explained](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for a complete list of supported platforms. - -The ExchangeMetrics Data Collector has been preconfigured within the Exchange Solution. Both this -data collector and the solution are available with a special Enterprise Auditor license. See the -[Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -topic for additional information. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the local Administrator group on the targeted Exchange server(s) - -See the -[Exchange Mail-Flow Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## ExchangeMetrics Query Configuration - -The ExchangeMetrics Data Collector is configured through the Exchange Metrics Data Collector Wizard, -which contains the following wizard pages: - -- Welcome -- [ExchangeMetrics: Category](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMetrics: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMetrics: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMetrics: Collect Mode](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMetrics: Time Frames](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMetrics: Message Sizes](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMetrics: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMetrics: Message Activity Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMetrics: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - - **NOTE:** Pages available vary depending on the Category selected. - -![Exchange Metrics Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by checking the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. - -# ExchangeMetrics: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -of the categories. - -![Exchange Metrics Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Check All**, **Uncheck All**, or **Reset Defaults** -buttons can be used. Click **Expand All** to expand all property categories. All selected properties -will be gathered. Available properties vary based on the category selected. - -# ExchangeMetrics: Scope - -The Scope page is used to define where to search. It is a wizard page for the categories of: - -- Server Volume -- Internal Traffic Summary -- Internet Traffic Summary -- Delivery Time -- Delivery Time Custom -- User Statistics -- DL Statistics -- Hour Statistics -- Message Size Statistics -- Message Size Statistics Custom -- User’s Message Activity -- User’s Message Activity Per Hour -- Deploy or Change Applet Settings - -![Exchange Metrics Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -Define the scope of the query using the following options: - -- Return data for section – Select the time period for which data will be collected. GMT time is - used by Exchange Metrics to calculate the result. - - - Today - - Yesterday - - This Week (from last Sunday till today) - - Last Week (from Sunday till Saturday) - - This Month - - Last Month - - Last [number] days - - Within time frame: - - From [calendar date] to [calendar date] – Use the drop-down arrows to select calendar dates. - -- Return results section – Select the table design for the collected data - - - One row for – Use the drop-down list to select one of the following options: - - - All period - - Day - - Week - - Month - - - Add summary values as last row – Select this checkbox to add summary values as the last row. - This option is enabled when **Day**, **Week**, or **Month** are selected. - -# ExchangeMetrics: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all of the -categories. - -![Exchange Metrics Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Exchange Metrics Data Collector Wizard to ensure that no accidental -clicks are saved. - -# ExchangeMetrics: Time Frames - -The Time Frames page is used to configure message delivery time frames for which to return summary -metrics by server. It is a wizard page for the category of: - -- Delivery Time Custom. - -![Exchange Metrics Data Collector Wizard Time Frames page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/timeframes.webp) - -Configure the desired time frames using the following options: - -- Frame name – Name the configured time frame. Can either be entered manually or a default will - populate when frame limits are set. -- Start – Specify the lower limit of the delivery time frame -- End – Specify the upper limit of the delivery time frame -- Select the time unit of the time frame: - - - Seconds - - Minutes - - Hours - -For example, a **Start** value of **1** and an **End** value of **2** with the **Minutes** unit -selected returns messages delivered in 1 to 2 minutes. - -- Infinite – Select the checkbox to eliminate the **End** value from the scan. For example, a - **Start** value of **2** with the **Infinite** checkbox selected retrieves all messages that took - 2 seconds/minutes/hours or longer to deliver. - -Once the frame is configured, click **Add**. The configured message time frame will appear in the -list. Multiple time frames can be configured. Select a frame and click **Replace** to modify an -existing frame. Use **Remove** to delete an existing frame. - -# ExchangePS: Category - -The Category page contains a connection section where connection options are defined. It is also -where the query category is selected. The available query categories are sub-divided by auditing -focus. - -![ExchangePS Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -## Connection - -In the Connection section, select the method for connecting to the target Exchange environment: - -- Use Global setting – Reads from the global configuration from the **Settings** > **Exchange** - node, specifically the **Client Access Server** (CAS) field - - - See the - [Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) - topic for additional information on these settings - -- Use specific server – Use a different server from what is set in core - - - Exchange 2010 Servers – Can use the CAS server set in the global configuration (**Settings** > - **Exchange** node) - - Exchange 2013 & 2016 – Require an actual CAS server name: - - - If the **Settings** > **Exchange** node was configured for MAPI over HTTP, then an actual - CAS server name was supplied and will be used by the ExchangePS Data Collector - - If the **Settings** > **Exchange** node was configured for MAPI over HTTPS, then the - global configuration will have a web address instead of an actual server. Therefore, each - query requires the CAS server to be set as the specific server on the Category page. - -- Use Office 365 – Connect to Office 365 -- Use pipelined PowerShell – Processes each mailbox object in turn. When selected, the data - collector streams data to the database instead of transferring batches of data. - - - This option uses less memory but is more sensitive to network conditions - - Only available for Exchange 2013+ target environments - -## Query Categories - -The ExchangePS Data Collector contains the following query categories, sub-divided by auditing -focus: - -- Mailbox Information - - - Mailboxes – Collects mailbox information - - Mailbox Permissions – Collects permissions on mailbox folders (Exchange 2010 or later) - - Mailbox Databases – Collects information on mailbox databases - - **NOTE:** This option is not available for Office 365 target environments - - - Mailbox Rights – Collects information on mailbox rights - - Mailbox AD Rights – Collects information on mailbox Active Directory rights - - Mailbox Search – Search mailboxes (Exchange 2010 or later) - - Mailbox Access Logons – Collects information on mailbox access logons - -- Exchange Organization - - - Exchange Users – Collects Exchange user properties - -- Exchange ActiveSync - - - Exchange ActiveSync Mobile Devices – Collects Exchange ActiveSync for mobile devices - -- Public Folder Information - - - Public Folder Content – Collects general statistics and sizing for the public folder - environment - - Public Folder Permissions – Collects permission information for the public folder environment - -- Office 365 – Only available for Office 365 target environments - - - Mail Flow Metrics – Collects information about mail flow in the Exchange Online environment - -- Domain Information - - - Domains – Collects information about Domains in the Exchange environment - -Each category has specific requirements and capabilities per auditing focus: - -- [Mailbox Information](#mailbox-information) -- [Exchange Organization](#exchange-organization) -- [Exchange ActiveSync](#exchange-activesync) -- [Public Folder Information](#public-folder-information) -- [Office 365](#office-365) -- [Domain Information](#domain-information) - -### Mailbox Information - -Mailbox Information audit focus contains the following categories: - -Mailboxes - -This category gathers high-level statistics about the Mailboxes in the environment. It can be run -with quick properties or all properties. The quick properties are the first 14 properties and -significantly reduce the time it takes to return the information. The PowerShell queries this -category runs are as follows: - -``` -Get-Mailbox -Get-MailboxStatistics -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -Mailbox Permissions - -This category returns Mailbox Folder permissions and folder level statistics about the mailboxes. -The PowerShell queries this category runs are as follows: - -``` -Get-Mailbox -Get-MailboxFolderPermission -Get-MailboxStatistics -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -Mailbox Databases - -This category returns information about the Mailbox Databases which reside in the organization. The -PowerShell query this category runs is as follows: - -``` -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -Mailbox Rights - -This category returns Mailbox Rights assigned to each Mailbox, such as Full Mailbox Access. The -PowerShell query this category runs is as follows: - -``` -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -Mailbox AD Rights - -This category returns information about the Mailbox Databases which reside in the organization. The -PowerShell query this category runs is as follows: - -``` -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -Mailbox Search - -This category provides the capability to search the Mailbox for any criteria configured inside the -data collector. The PowerShell queries this category runs are as follows: - -``` -Search-Mailbox -Get-Mailbox -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Filter by Message](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -Mailbox Access Logons - -This category returns the Mailbox Access Auditing log details. Mailbox Access Auditing does need to -be enabled on the Mailboxes in order for this job to return any information. The PowerShell queries -this category runs are as follows: - -``` -Search-MailboxAuditLog -Get-Mailbox -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Mailbox Logons](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -### Exchange Organization - -Exchange Organization audit focus contains the following category: - -Exchange Users - -This category returns information about the Mail-Enabled Users in the Exchange environment. The -PowerShell queries this category runs are as follows: - -``` -Get-User -Get-CASMailbox -Get-Mailbox -Get-ThrottlingPolicyAssociation -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -### Exchange ActiveSync - -Exchange ActiveSync audit focus contains the following category: - -Exchange ActiveSync Mobile Devices - -This category returns ActiveSync device properties and the Exchange Mailboxes they are associated -to. The PowerShell queries this category runs are as follows: - -``` -Get-ActiveSyncDeviceStatistics -Get-Mailbox -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -### Public Folder Information - -Public Folder Information audit focus contains the following categories: - -Public Folder Content - -This category returns general statistics and sizing for the public folder environment. When it is -selected, the following ExchangePS Data Collector Wizard pages are available for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -Public Folder Permissions - -This category returns permissions information for the public folder environment. When it is -selected, the following ExchangePS Data Collector Wizard pages are available for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -### Office 365 - -Office 365 audit focus contains the following category: - -Mail Flow Metrics - -This category returns information about mail flow in the target Exchange Online environment. When it -is selected, the following ExchangePS Data Collector Wizard pages are available for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Mail Flow](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -### Domain Information - -Domain Information audit focus contains the following category: - -Domains - -This category returns information about domains in the Exchange environment. When it is selected, -the following ExchangePS Data Collector Wizard pages are available for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -# Exchange Custom Connection Profile & Host List - -The ExchangePS Data Collector requires a custom Connection Profile and host list to be created and -assigned to the job conducting the data collection. The host inventory option during host list -creation makes it necessary to configure the Connection Profile first. - -**NOTE:** It is not possible to target both Exchange Online and on-premises Exchange environments -from the same job. Therefore, the Connection Profile should only contain the credentials for one -type of environment. - -## Exchange On-Premises - -This section describes the process to configure the Connection Profile and host list for Exchange -on-premises environments. - -### Exchange On-Premise Credential for a Connection Profile - -The provisioned credential used should be an Active Directory account. Create a Connection Profile -and set the following information on the User Credentials window: - -- Select Account Type – Active Directory Account -- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain - name in the textbox or select a domain from the menu. -- User name – Type the user name -- Password Storage – Choose the for credential password storage: - - - Application – Uses the configured Profile Security setting as selected at the **Settings** > - **Application** node - - CyberArk – Uses the CyberArk Enterprise Password Vault - -- Password – Type the password -- Confirm – Re-type the password - -### Exchange On-Premise Host List - -The ExchangePS Data Collector should be set to run against: - -- Local host - -## Exchange Online - -This section describes the process to configure the Connection Profile and custom host list for -Exchange Online. - -### Exchange Online Credential for a Connection Profile - -The provisioned credential must be created with the Exchange Modern Authentication account type. -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Exchange Modern Authentication -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Organization – The primary domain name of the Microsoft Entra tenant being leveraged to make the - connection. See the - [Identify the Tenant's Name](/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md#identify-the-tenants-name) - topic for additional information. -- Email Address – The email address for the mailbox to be leveraged in Exchange Online environment - scans. The mailbox must belong to the primary domain used in the Organization field. -- AppID – Application (client) ID of the Enterprise Auditor application registered with Microsoft - Entra ID. See the - [Identify the Client ID](/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md#identify-the-client-id) - topic for additional information. -- Certificate Thumbprint – The thumbprint value of the certificate uploaded to the Microsoft Entra - ID application. See the - [Upload Self-Signed Certificate](/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md#upload-self-signed-certificate) - topic for additional information. - -### Exchange Online Host List - -Exchange Online requires a custom host list. The host list should include the tenant name of the -Microsoft Entra tenant used to connect to Exchange Online. - -- The host name must be the domain name of the tenant, for example `company.onmicrosoft.com`. See - the - [Identify the Tenant's Name](/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md#identify-the-tenants-name) - topic for additional information. - -See the -[Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for instructions on creating a custom host list. - -# ExchangePS: Error Logging - -The Error Logging page is used to configure how long to keep the PowerShell logs. It is a wizard -page for all of the categories. - -![ExchangePS Data Collector Wizard Error Logging page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/errorlogging.webp) - -Select from the following options: - -- Remove all log files – Removes the PowerShell logs when data collection completes -- Keep log files newer than [number] days – Removes PowerShell logs older than the specified age - when data collection completes - -These log files are stored in the following location on the target host: - -…\STEALTHbits\StealthAUDIT\ExchangePS - -# ExchangePS: Filter by Message - -The Filter by Message page is used to define the filter conditions of the search. It is a wizard -page for the category of: - -- Mailbox Search - -![ExchangePS Data Collector Wizard Filter by Message Conditions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/filtermessage.webp) - -In the Select Conditions section, choose the filter logic: - -- All Conditions – All selected conditions must be met -- Any condition – Any of the selected conditions must be met - -Available conditions to select from include: - -- date when message expires according to policy – If selected, specify date range through the Date - Range Selection window -- with specific words in the retention policy – If selected, specify words through the Words window -- with specific words in the subject – If selected, specify words through the Words window -- with specific words in the body – If selected, specify words through the Words window -- with specific words in the subject or body – If selected, specify words through the Words window -- with specific words in the recipient’s address – If selected, specify words through the Words - window -- with specific words in the sender’s address – If selected, specify words through the Words window -- that was received in a specific date range – If selected, specify date range through the Date - Range Selection window -- with specific words in the attachment – If selected, specify words through the Words window - -See the [Date Range Selection Window](#date-range-selection-window) and -[Words Window](#words-window) topics for additional information. - -In the Select Search Mailbox Parameters section, select the desired filter parameters: - -- Do not Include Archive -- Include Unsearchable Items -- Search Dumpster -- Search Dumpster Only - -#### Date Range Selection Window - -The Date Range Selection window is opened by the **Specify Date Range...** option for a date related -filter on the Filter by Message page. - -![Date Range Selection window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/daterangeselectionwindow.webp) - -Select the range category on the left and configure the range setting in the enabled fields: - -- Over – Select the number and time units. The available time units are: **Days**, **Months**, or - **Years**. -- Last – Select the number and time units. The available time units are: **Days**, **Months**, or - **Years**. -- Before – Drop-down menu opens a calendar selection view, choose the end date -- After – Drop-down menu opens a calendar selection view, choose the start date -- Between (Date) – Drop-down menus open calendar selection view, choose the start and end dates -- Between – Select the numbers for the lower and upper range boundary, and the desired time units. - The available time units are: **Days**, **Months**, or **Years**. - -When the date range is specified, click **OK**. The selected date range shows as a filter on the -Filter by Message page. Click the filter to open the Date Range Selection window to modify the date -range. - -#### Words Window - -The Words window is opened by the **Specify words...** option for a word related filter on the -Filter by Message page. - -![Words window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/wordswindow.webp) - -In the Search property section, choose the filter logic: - -- All Words – All selected word filters must be met -- Any Words – Any of the selected word filters must be met - -Then, configure the required words in the filter list. Enter the word in the textbox and click -**Add**. To delete a word from the filter list, select the word and click **Remove**. - -When the word list is complete, click **OK**. The specified words show as a filter on the Filter by -Message page. Click the filter to open the Words window to modify the list. - -# ExchangePS: Mailbox Logons - -The Mailbox Logons page is used to define the type of mailbox logon events to return, as well as the -date range to be returned. It is a wizard page for the category of Mailbox Information > Mailbox -Access Logons. - -![ExchangePS Data Collector Wizard Mailbox Logons page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/mailboxlogons.webp) - -Select the desired checkboxes to indicate which logons to audit: - -- Delegate -- Admin -- Owner - -Specify the date range for the logons: - -- Last – Select the number and time units - - **NOTE:** Available units are **Days**, **Months**, or **Years**. - -- Between (Date) – Use the drop-down menus to open calendars to select the start and end dates - -# ExchangePS: Mail Flow - -The Mail Flow page returns permissions information for the public folder environment. It is a wizard -page for the category of: - -- Office 365 > Mail Flow Metrics - -![ExchangePS Data Collector Wizard Mail Flow page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/mailflow.webp) - -Select and configure a date range from the following options: - -**NOTE:** Date range must be 7 days or less. - -- Last – Select the number of days -- Between (Date) – Use the drop-down menus to open the calendar selection view to choose the start - and end dates - -# ExchangePS: Options - -The Options page is used to configure additional options. It is a wizard page for all of the -categories. - -![ExchangePS Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -The following options can be configured: - -- Message size units - Select the message size for the query: - - - KB - - MB - - GB - -- How to format collected results – Select how table will be formatted according to the return data: - - - Return data as collected - - Return each value of the following property in a separate row – Enabled for specific - properties selected on the Results page - - Return data in a separate row for each property set in the following group – Enabled for - specific properties selected on the Results page - -- How to return multi-valued properties – Select how the table will be formatted when the return - data contains multi-valued properties: - - - Concatenated - - - Delimiter – Enter the desired delimiter to be used between values - - - First-value only - -# ExchangePS Data Collector - -The ExchangePS Data Collector utilizes the Exchange CMDlets to return information about the Exchange -environment utilizing PowerShell. This data collector has been designed to work with Exchange 2010 -and newer. The ExchangePS Data Collector has been preconfigured within the Exchange Solution. Both -this data collector and the solution are available with a special Enterprise Auditor license. See -the -[Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -topic for additional information. - -Protocols - -- PowerShell - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Remote PowerShell enabled on a single Exchange server -- Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server - where Remote PowerShell has been enabled -- View-Only Organization Management Role Group -- Discovery Search Management Role Group -- Public Folder Management Role Group -- Mailbox Search Role - -- Discovery Management Role -- Organization Management Role - -See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Remote PowerShell - -The ExchangePS Data Collector will utilize Remote PowerShell when connecting to Exchange 2010 or -newer. This behavior simulates what the Exchange Management Shell does when loading. The below -PowerShell syntax is an example of how the connection is loaded through PowerShell. - -``` -$JobUserName = '{insert domain\username}' -$JobPassword = '{insert password}' -$secpasswd = ConvertTo-SecureString $JobPassword -AsPlainText -Force -$JobCredential = New-Object System.Management.Automation.PSCredential ($JobUserName, $secpasswd) -$relaxed=New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck -$sess=New-PSSession -ConnectionUri 'https://{exchangeserver}/powershell?serializationLevel=Full' -ConfigurationName 'Microsoft.Exchange' -AllowRedirection -Authentication Negotiate -Credential $JobCredential -SessionOption $relaxed  -Import-PSSession $sess -``` - -See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for instructions on enabling Remote PowerShell. - -## The Exchange Applet - -The Exchange Applet will run on the Exchange server by the ExchangePS Data Collector in the -following circumstances: - -- An actual Client Access Server (CAS) server is not specified either in the global configuration - (**Settings** > **Exchange** node) or on the Category page of the ExchangePS Data Collector Wizard -- Remote PowerShell has not been enabled for targeting Exchange 2010 - -The following Exchange Snap-in is used when the applet is utilized: - -- Add-pssnapin Microsoft.Exchange.Management.Powershell.E2010 - -## ExchangePS Query Configuration - -The ExchangePS Data Collector is configured through the ExchangePS Data Collector Wizard, which -contains the following wizard pages: - -- [ExchangePS: Category](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Scope by DB](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Filter by Message](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Mailbox Logons](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -Available pages vary according to selections made throughout the wizard. - -# ExchangePS: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -of the categories. - -![ExchangePS Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Select All** and **Clear All** buttons can be used. -All selected properties will be gathered. Available properties vary based on the category selected. - -# ExchangePS: Scope - -The Scope page establishes how mailboxes are scoped. It is a wizard page for all of the categories. - -![ExchangePS Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -Available scoping options vary based on the category selected. Scoping options include: - -- No Scoping Target Host: Local Host – Returns all results for the entire targeted Exchange - Organization - - - If this option is selected, then the data collector should be run against the host specified - on the Summary page. See the - [ExchangePS: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic - for additional information. - - When using the applet, the data collector gathers information about the Exchange Forest in - which the Enterprise Auditor Console currently resides - - For Remote PowerShell, the data collector gathers information about the Exchange Organization - to which the Remote PowerShell connection was made. This refers to the server entered in the - Client Access Server (CAS) field of the global configuration from the **Settings** > - **Exchange** node or on the this page. - -- Scope by Database Target Host: Local Host – Scope query to return results for specific databases. - If this option is selected, the Scope by Database page is enabled in the wizard. See the - [ExchangePS: Scope by DB](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic - for additional information. -- Scope by Mailbox Target Host: Local Host – Scope query to return results for specific mailboxes. - If this option is selected, the Scope by Mailboxes page is enabled in the wizard. See the - [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic - for additional information. -- Scope by Server Target Host: Exchange MB Server – Scope query to return results for specific - servers selected in the job’s **Configure** > **Hosts** node - - - When using the applet, the data collector deploys a process to the targeted host to run the - PowerShell on that server - - For Remote PowerShell, the data collector does not deploy anapplet and utilizes the WinRM - protocol to gather information about the objects on that server. See the - [Remote PowerShell](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md#remote-powershell) - and - [The Exchange Applet](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md#the-exchange-applet) - topics for additional information. - -- Scope by Public Folder – Scope query to return results for specific Public Folders. If this option - is selected, the Scope by Public Folders page is enabled in the wizard. See the - [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic - for additional information. -- View entire forest when querying for objects – Select this checkbox to scan the entire forest when - querying for objects - -# ExchangePS: Scope by DB - -The Scope by Databases page is used to define specific databases to search. This page is enabled -when **Scope by Database Target Host: Local Host** option is selected on the Scope page. See the -[ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic -for additional information. - -When using the applet, the data collector returns databases for the Exchange Organization in which -the Enterprise Auditor Console currently resides, and only returns information about those -databases. For Remote PowerShell, the data collector returns databases for the Exchange Forest and -only returns information about those databases. - -![ExchangePS Data Collector Wizard Scope by Databases page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopedatabases.webp) - -Click **Retrieve** to return all databases in the Exchange Organization and populate them in the -Available Databases list. Select the desired databases from Available Databases and click **Add**. -The selected databases are added in the Selected Databases list. To remove undesired databases from -Selected Databases, select them and click **Remove**. The Select All and Clear All buttons can be -used for quick selection. - -# ExchangePS: Scope by Mailboxes - -The Scope by Mailboxes page is used to define specific mailboxes to search. This page is enabled -when the **Scope by Mailbox Target Host: Local Host** option is selected on the Scope page. See the -[ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic -for additional information. - -When using the applet, the data collector will return mailboxes for the Exchange Forest in which the -Enterprise Auditor Console currently resides, and only return information about those mailboxes. For -Remote PowerShell, the data collector will return mailboxes for the Exchange Forest as well as -return information about those mailboxes. - -![ExchangePS Data Collector Wizard Scope by Mailboxes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopemailboxes.webp) - -Click **Retrieve** to return all mailboxes in the Exchange Organization and populate them in the -Available Mailboxes list. Select desired mailboxes from the Available Mailboxes list and click -**Add**. The selected mailboxes are added in the Selected Mailboxes list. To remove undesired -mailboxes from Selected Mailboxes, select them and click **Remove**. The Select All and Clear All -buttons can be used for quick selection. - -# ExchangePS: Scope by Public Folders - -The Scope by Public Folders page is used to define specific public folders to search. This page is -enabled when the **Scope by Public Folder** option is selected on the Scope page. See the -[ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic -for additional information. - -Configure the **Scope** option using the drop-down. The available options are: - -- Selected Public Folder -- Selected Table - -The option selected changes how the public folders are identified for scoping. - -## Selected Public Folder - -The **Selected Public Folders** scope option retrieves all public folders in the Exchange -organization, populating them in the Available list. - -![ExchangePS Data Collector Wizard Scope by Public Folders page with Selected Public Folders option](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopepublicfolders.webp) - -The **Search** feature filters this list. Select the desired public folders and click **Add**. The -selected public folders are added to the Selected list. Use the **Remove** option to delete selected -public folders from the list. The Select All or Deselect All buttons can be used for quick -selection. Additional scoping options include: - -- Return only these folders – Audits only the selected public folders -- Return all children – Audits the selected public folders and all sub-folders -- Return only direct children – Audits the selected public folders and one folder deeper - -## Selected Table - -The **Selected Table** scope option populates the Available tables list with tables from the -Enterprise Auditor database. - -![ExchangePS Data Collector Wizard Scope by Public Folders page with Selected Table option](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp) - -The **Search** feature filters this list. Select the table that houses the list of public folders -for which this query will be scoped. The Field containing EntryIDs list is populated with columns -from the selected table. Select the appropriate column from the list. - -# ExchangePS: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![ExchangePS Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the ExchangePS Data Collector Wizard to ensure that no accidental clicks -are saved. - -# ExchangePublicFolder: Category - -The Category page is used to select the objects to search. - -![Exchange Public Folder Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The ExchangePublicFolder Data Collector contains the following query categories: - -- Contents – Returns information on the contents of each folder within the scope -- Permissions – Returns permissions on the each folder within the scope -- Ownership – Returns trustees which have the owner permission role -- Replicas – Returns a listing for each folder within the scope, including the replicas - -# ExchangePublicFolder: Options - -The Options page provides additional configuration options for the query. It is a wizard page for -all of the categories. Available options vary based on the category selected. - -![Exchange Public Folder Data Collector Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -The Options page contains the following options: - -- Process folders that physically reside on the target server only – This option will limit - extraction to only the subset of public folders which reside on this server when selected. Clear - this option if targeting the Exchange 2010 Public Folder Server. The ability to scope to the - targeted server is not available for Exchange 2010. The entire public folder hierarchy is - returned. -- Message size units: - - - KB - - MB - -- Include subfolders in message counters – This option is only available for the Contents category. - When this option is selected, it will include subfolders in message counters, according to the - Scope page settings. See the - [ExchangeMetrics: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic - for additional information. -- Large attachment threshold (Kb) – Configure the desired size limit for attachments. The default - value is 500. - -In the Attachment types section, configure attachment count types. - -- Count attachment types – Selecting this option enables the Content Types settings -- Add New – Add classifications and provide the file extensions for those classifications -- Load Defaults – Resets the **Attachment types** configuration to its original settings -- Remove – Deletes a selected classification from the filter list - -# ExchangePublicFolder Data Collector - -The ExchangePublicFolder Data Collector audits an Exchange Public Folder, including contents, -permissions, ownership, and replicas. This is a MAPI-based data collector which requires the -**Settings > Exchange** node to be enabled and configured. See the -[Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) -topic for additional information. - -The ExchangePublicFolder Data Collector has been preconfigured within the Exchange Solution. Both -this data collector and the solution are available with a special Enterprise Auditor license. See -the -[Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -topic for additional information. - -Protocols - -- MAPI -- RPC - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Exchange Administrator group -- Organization Management - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -## ExchangePublicFolder Query Configuration - -The ExchangePublicFolder Data Collector is configured through the Exchange Public Folder Data -Collector Wizard, which contains the following wizard pages: - -- Welcome -- [ExchangePublicFolder: Category](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePublicFolder: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePublicFolder: Properties](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePublicFolder: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePublicFolder: Probable Owner](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePublicFolder: Summary](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -The query requires special permissions to connect to target Exchange servers. Configure these -permissions on the Welcome page. - -![Exchange Public Folder Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -In the Connection Setting section, choose to either maintain the global inheritance, or configure -query specific settings. - -The **Use Global setting** option specifies what setting is being inherited. Clear this option to -break inheritance, and then select one of the following options: - -- System Attendant (2003 & 2007) -- Use the maibox associated with the Windows account that Enterprise Auditor is run with -- Exchange Mailbox (2010 and newer) – Enter the Exchange mailbox -- Client Access Server – Enter the CAS - -See the -[Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) -topic for additional information. - -In the Sampling server section, enter the Exchange server in the textbox to be used to test the -connection settings. Click **Test sampling server** to ensure there is access to the server. The box -at the bottom of the page displays information regarding the test connection in progress. - -# ExchangePublicFolder: Probable Owner - -The Probable Owner Settings page provides configuration options to determine an owner. It is enabled -when the Probable Owner property is selected on the Properties page. See the -[ExchangePublicFolder: Properties](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic -for additional information. - -![Exchange Public Folder Data Collector Wizard Probable Owner page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/probableowner.webp) - -In the Determine owner section, select the desired option to specify what setting to use to -determine an owner: - -- Determine owner from folder hierarchy – Select to determine the probable owner with a weight of - one hundred percent on file hierarchy -- Determine owner from content count – Select to determine the probable owner with a weight of one - hundred percent of content count -- Determine owner from content size – Select to determine the probable owner with weight of 100 - percent on content size -- Use custom weights – Select to enable the **Result weights** option to assign custom weights to - the ownership categories - - ![Probable Owner Settings window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp) - -- Result weights – This option is enabled when the **Use custom weights** option is selected. Click - the ellipses to open the Probable Owner Settings window and assign ownership weights to distribute - between the parameters. - -In the Exclusions section, select one or more of the following checkboxes to specify exclusions: - -- Exclude locked out users -- Exclude disabled users -- Exclude Zombie Owners -- Exclude users from analysis – Select this checkbox to enable the Exclude users list and add users - for exclusion. - - - Add user – Enter a user in the box and click **Add user** to add the user to the exclusion - list - - Import from file – Click **Import from file** to open the Import File Dialog page and browse - for a file to import - - Select from GAL – Click **Select from GAL** to select a user from the Global Address Book - - Clear list – Click **Clear list** to remove all users from the Exclude users list - - Remove selected – Select a user or users to remove from the Exclude users list and click - **Remove selected** to remove the users - -In the Output Options section, select the desired output option: - -- Get one most probable owner – Return one probable owner -- Get probable owners with relative deviation to the most probable owner – Return probable owners - based on the deviation from percentage from the most probable owner - - - Maximum deviation [number] percents – Use the arrow buttonss to enter the desired percent of - deviation from the most probable owner from which to return probable owners - -- Get multiple probable owners – Return multiple probable owners - - - Count – Use the arrow buttons to enter the desired number of probable owners to return - -# ExchangePublicFolder: Properties - -The Properties page is where properties that will be gathered are selected. It is a wizard page for -all of the categories. - -![Exchange Public Folder Data Collector Wizard Properties page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/properties.webp) - -Properties can be selected individually or you can use the **Select All**, **Clear All**, or **Reset -All** buttons. All selected properties will be gathered. The **Message Classes** button opens the -Message classes filters window. - -![Message classes filters window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp) - -The wildcard (`*`) returns all message class filters. Enter the name of a class filter and click -**Add** to add it to the list. **Delete** will remove the selected class filter from the list. The -**Load defaults** option will restore the class filter default settings. - -# ExchangePublicFolder: Scope - -The Scope page is used to define which folders will be included will be searched by this query. It -is a wizard page for all of the categories. - -![Exchange Public Folder Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -In the Choose Type of Public Folders to be queried section, select either: - -- Default Public Folders – User can access these folders directly with client applications such as - Microsoft Outlook. In its default configuration, Exchange System Manager displays these folders - when a public folder tree is expanded. -- System Public Folders – Users cannot access these folders directly. Client applications, such as - Microsoft Outlook, use these folders to store information such as free and busy data, offline - address lists, and organizational forms. Other folders hold configuration information that is used - by custom applications or by Exchange itself. The Public Folders tree contains extra system - folders, such as the EFORMS REGISTRY folder, that do not exist in general-purpose public folder - trees. - -In the Choose Scope of Public Folders to be queried section, select one of the following options: - -- All Public Folders – Returns all public folders within the targeted environment -- Selected Public Folders – Returns only those public folders specified on the Scope page of the - query - - - See the [Scope to the Selected Public Folders](#scope-to-the-selected-public-folders) topic - for additional information - -- Selected Table – Returns only those public folders within the table and field name specified on - the Scope page of the query - - - See the [Scope to Selected Table](#scope-to-selected-table) topic for additional information. - -## Scope to the Selected Public Folders - -When Scope to **Selected Public Folders** is selected on the Scope page, the options to specify the -desired folders are enabled. - -![Scope page with Selected Public Folders option selected](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp) - -Configure the scope of the selected public folders to be queried: - -- Select public folders from – Enter the name of the server hosting the desired public folders and - click **Retrieve**. The box will populate with available public folders. -- Add – Adds the selected folders -- Add Recursive – Adds the selected folders and all child folders. Not adding recursive folders will - add only the selected folder without its child folders. -- Highlight selected host folders – Highlights all the folders that are physically housed on the - selected host. If enabled, physically housed folders show in bold text in the list that is - returned after clicking **Retrieve**. - -The selected public folders are added in the table at the bottom. Click **Remove** to delete a -selected word from the filter list. - -## Scope to Selected Table - -When Scope to **Selected Table** is selected on the Scope page, the options to specify the desired -tables are enabled. - -![Scope page with Selected Table option selected](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp) - -Configure the selected tables to be queried: - -- Table Name – retrieves the list of selected public folders from a Enterprise Auditor database - table. Click **Retrieve** to populate the Table name box with all available tables within the - database. - - - The Table name box can be filtered by entering a name in the textbox and clicking **Retrieve** - -- Field name – Select the desired table and the available fields will populate the Field names box. - Select the field containing the public folder names. - -# ExchangePublicFolder: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all of the -categories. - -![Exchange Public Folder Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Exchange Public Folder Data Collector Wizard to ensure that no -accidental clicks are saved. diff --git a/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md b/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md deleted file mode 100644 index e9b16546ca..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md +++ /dev/null @@ -1,2088 +0,0 @@ -# FSAA: Activity Settings - -The File System Activity Auditor Scan Filter Settings page is where activity scan filter settings -are configured. It is a wizard page for the category of File System Activity Scan. - -![FSAA Data Collector Wizard Activity Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/activitysettings.webp) - -In the Scan Filters section, choose from the following options: - -- Set Scan Filter for Detailed Activity – Enables the **Days** number box. Select the number of past - days for activity details to be collected. -- Set Filter for Statistics of Activity – Enables the **Days** number box. Select the number of past - days for activity statistics to be collected. - -In the Log Parsing Limits section, choose from the following option: - -- Number of Threads – Number of parsing threads FSAC can use at any given time. The default is four - threads. - -In the Scan Limit section, configure the following: - -- Set Log Processing Limit – Stops the scan after the set number of MB or GB of log files are - processed and the threshold number is reached - -These filters affect what data is collected from the activity logs. However, enabling these filters -also causes the corresponding bulk import query to purge the database of selected activity -information older than the time filter specified here. - -If either is left deselected, all available log files are collected and stored. This has a direct -impact on both scan time and database size. - -_Remember,_ the file activity options require the Activity Monitor to be deployed, configured, and -services running. - -In the Host Mapping section, configure the following: - -- Host Mapping – Provides a mapping between the target host and the hosts where activity logs - reside. Select **Configure Query** to open the File System Activity Scan Host Mapping page. This - feature requires advanced SQL scripting knowledge to build the query. See the - [Host Mapping](#host-mapping) topic for additional information. - -## Host Mapping - -If desired, enable the host mapping feature and select **Configure Query** to open the Host Mapping -Query window. - -![Host Mapping Query window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/hostmappingquery.webp) - -When the Enable host mapping checkbox is selected, the query textbox is enabled. The SQL query -provided by a user should return a set of log locations, target hosts, and host names of the -Monitored Hosts in the Activity Monitor. The target tables must reside within the Enterprise Auditor -database and contain at least the following columns: - -- LogLocation – Name of the hosts where activity logs reside. The required column name is case - sensitive and must be exactly `LogLocation`. -- HostName – Name of the configured HOST value in the Activity Monitor. The required column name is - case sensitive and must be exactly `HostName`. - - - Format must match exactly how the host is known to the Activity Monitor, on the Monitored Host - tab - -- Host – Name of the host being targeted in the FSAC scan and Bulk Import which the activity events - will be mapped to - -Enter the SQL query by clicking Sample Query then replacing the sample text in the textbox, as shown -above. The SQL query must target tables that have the required columns populated with the host -mapping. - -(Optional) Enter a host in the **Host parameter value (@host)** textbox to test the query to -retrieve the data for that host. - -Select **Test Query** to open a preview of the results in the Query Results window. Ensure that the -data being retrieved by the query is expected. When this option is selected, the data collector runs -against the target table. - -### Host-Agent Mapping - -Enterprise Auditor can be configured via the Host Mapping feature to support the use of Multiple -Activity Monitor Agents for a single targeted Host. See the examples below: - -Single-Host Single-Agent Example: - -![Query Results window for single agent example](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp) - -Single-Host Multiple-Agent Example: - -![Query Results window for multiple agent example](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp) - -**NOTE:** For multiple-agent setup, the configured Host Mapping table must have the same value for -HostName and Host, as shown in the Single-Host Multiple-Agent example. - -# FSAA: Applet Settings - -The Applet Settings page is where the Applet Launch Mechanism and Applet Settings are configured. It -is a wizard page for the categories of: - -- File System Access/Permission Auditing Scan -- File System Activity Scan -- Sensitive Data Scan - -**NOTE:** This wizard page identifies options associated with the scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -![FSAA Data Collector Wizard Applet Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettings.webp) - -In the Applet Launch Mechanism section, choose one of three radio buttons: - -- MSTask Task Scheduler – Creates a scheduled task on the target host that runs the applet -- Windows Service – Automatically installs the FSAA Applet as a proxy service - - The Applet service runs as a Connection Profile credential unless the Local System checkbox is - selected in the Applet Settings options below. Then it runs the service in Local mode. -- Require applet to be running as a service on target (does not deploy or launch applet) - - See the - [File System Proxy Service Installation](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) - topic for additional information. - - It requires the `FSAAAppletServer.exe` to run as a service on the proxy host in order to run a - successful scan. When this radio button is selected, Enterprise Auditor does not deploy an - applet on the target or proxy machine. Therefore, if the File System Proxy service is not - running, the FSAA scan will fail. - - To avoid a failed scan when an applet cannot be deployed or the File System Proxy service is - not running, the Applet Gathering Settings page contains the **Fallback to local mode if - applet can’t start** option. This option allows the scan to run in local mode when an applet - cannot be deployed or the service is not running. - -![Applet Settings section of the Applet Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettingsappletsettings.webp) - -In the Applet Settings section, configure the following options: - -- Port number – Default port number is 8766 - - See - [Custom Parameters for File System Proxy Service](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md#custom-parameters-for-file-system-proxy-service) - topic for additional information. -- Applet Log level – The type of log created on the target host. Checking the box to Enable Logging - enables the Applet log level drop-down menu. The **Set To Default** button resets the log level to - **Information**. - - Debug – Most verbose logging method, records everything that happens while the applet is - processing - - Information – Records the steps the applet takes while processing as well as errors and - warnings - - Warning – Record when the applet encounters both errors and warnings while processing - - Error – Least verbose logging method, only records when the applet encounters an error while - processing -- Keep log files for last [number] scan(s) – Data retention period. The default is set to **15**. -- Run service as Local System (only applies to Windows Service) - - When this checkbox is selected, the applet is deployed to run as a service on the target host. - The credentials in the Connection Profile are used to deploy and run the service unless - **System Default** is selected as the Connection Profile. - - This option is active when the Windows Service radio button in the Applet Launch Mechanism - section is selected -- Strong proxy affinity (only run scans on last proxy to scan host, unless no longer in proxy host - list) - - This is an optional setting when using proxy architecture - - If this checkbox is selected and a host was previously scanned with a given proxy, it will - only be rescanned with that same proxy. If that proxy is unreachable for any reason and no - connection can be made, Enterprise Auditor will not try another proxy on the host list and - will fail to scan that host. However, if that proxy is no longer on the host list, it will - choose another proxy on the list and rescan. - - If unchecked, proxy affinity is still considered, though rather than the scan failing if the - proxy is unreachable, a new proxy will be chosen and will scan the host - - If a host has not yet been scanned by a proxy server, the data collector should choose the - least loaded proxy at that time. After that host has been scanned, it will follow the proxy - affinity mapped out above. -- Maximum concurrent scans [number] – This option dictates a set limit to the number of simultaneous - scans allowed to run on a proxy host regardless of max threads set on the job - - For example, if there are two proxy servers with max concurrent scans set to ten per proxy and - one proxy is offline, the remaining proxy should never exceed the value set in the query - configuration for this option, even if the job is configured with 20 threads -- Strong proxy affinity timeout [number] minute(s) – This option determines the time a host waits, - while the proxy server is busy, before it gets pushed into the job engine queue -- Applet communication timeout: [number] minute(s) – This option determines the length of time (in - minutes) the Enterprise Auditor Console attempts to reach the proxy before giving up. Depending on - the job configuration, the data collector behaves in one of three ways after the timeout value has - been exceeded: - - If a communication timeout is reached and the **Stop scan on applet communication timeout** - option is unchecked, the scan continues running. When the proxy is available again, the data - collector gets the database files on the next scan of that host. It will either bring the - database files back, if the scan has finished, or display the current state of the scan in a - **Running Job** node if it is still running. - - If the communication timeout is reached and the **Stop scan on applet communication timeout** - option is checked, the remote scan is either automatically suspended or canceled. If the - **Restart incomplete scans after (0 always restarts) [number] days** option or the **Rescan - unimported hosts after (0 always rescans) [number] days** option on the Applet Gathering - Settings page are both set to zero or unchecked, the scan cancels. - - If either of these options on the Applet Gathering Settings page are checked with values - higher than zero, the scan is suspended after the communication timeout value has been - exceeded -- Scan cancellation timeout: [number] minute(s) – When checked, this option will timeout the applet - if there is an attempt to pause the scan and the applet does not respond - -![Certificate Exchange Options section of the Applet Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp) - -In the Certificate Exchange Options section, configure the following options: - -- Mechanism – Select one of the following options: - - - Automatic – Certificate exchange is handled automatically by the FSAA Data Collector. This is - the default option. - - Manual – The FSSA Data Collector and applet server expect all certificates to be valid and in - their respective stores beforehand. See the - [FSAA Manual Certificate Configuration](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - topic for additional information. - - **NOTE:** If the FSAA Data Collector and the applet server are on separate domains without a - trust, this option must be used. - - - Provide Certificate Authority – Enables the **Select** button, which allows you to upload an - existing certificate - -- Port – Select the checkbox to specify the port number for certificate exchange. The Default port - number is 8767. - -See the -[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -# FSAA: Azure Tenant Mapping - -The Azure Tenant Mapping page is where the target domain or Tenant ID are configured for Azure -Information Protection (AIP) scanning. It is a wizard page for the categories of: - -- File System Access/Permission Auditing Scan -- File System SDD Scan - -Remember, select the **Enable scanning of files protected by Azure Information Protection** checkbox -on the -[FSAA: Scan Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -page to enable this page in the data collector wizard. In order for FSAA to scan files protected by -AIP, ensure that the prerequisites are met and an Azure Connection Profile is successfully created. -See the -[Azure Information Protection Target Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information on configuring the File System solution to scan for AIP labels. - -![FSAA Data Collector Wizard Azure Tenant Mapping page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/azuretenantmapping.webp) - -Populate this page with the App ID (created during prerequisites) and a domain name or Tenant ID for -an Azure environment. These values must be associated with each application ID in the Azure -Connection Profile. - -Use the **Add** and **Remove** buttons and manually enter or **Paste** into the textbox the required -information. - -# FSAA: Bulk Import Settings - -The Bulk Import Settings page is where the bulk import process settings are configured. It is a -wizard page for the categories of: - -- Bulk Import File System Access/Permission Auditing -- Bulk Import File System Activity -- Bulk Import Sensitive Data - -![FSAA Data Collector Wizard Bulk Import Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/bulkimport.webp) - -Select the **Import incomplete scan data** checkbox to enable imports of partial scan data. If the -scan is stopped before successful completion, this option must be checked in order to bulk import -the data from a partially scanned host. - -# FSAA Applet Certificate Management Overview - -Communication between the FSAA Data Collector and the FSAA Applet is secure by default using HTTPS. -For authentication, at least three certificates are required and need to be stored in the correct -certificate store managed by the FSAA Data Collector. These three certificates are: - -- The certificate authority (stored in the FSAA Certificate Authority Store) -- The server certificate (stored in the FSAA Server Certificate Store) -- The client certificate (stored in the FSAA Client Certificate Store) - -**NOTE:** The FSAA Data Collector and Applet server support certificates in both the user’s -certificate store and the computer’s certificate store. It is recommended to store certificates in -the user's certificate store that is running the FSAA Data Collector or Applet server because -administrative access is required for the computer's certificate store. When certificates are -generated using the Automatic option below, they are stored in the user’s certificate store. - -![Certificate Exchange Options section of the Applet Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp) - -There are three Certificate Exchange Options provided by the FSAA Data collector: - -- Automatic (Default Option) – The creation of a self-signed certificate and certificate exchange - between the FSAA Data Collector and Applet are handled entirely by the FSAA Data Collector and - Applet server - - - The self-signed CA generated will be valid for two years and the FSAA Data Collector and - Applet server will also manage expired certificates and remove certificates that are no longer - valid from the FSAA stores - -- Manual – The FSAA Data Collector will expect all certificates to be valid and in their respective - certificate stores prior to running a scan - - - To create and store certificates, the `FSAACertificateManager.exe` tool can be used. This - application was created to simplify the process of creating certificates and will store the - certificates in the location that the FSAA Data Collector and Applet server expect them to be - stored. See the - [FSAA Manual Certificate Configuration](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - topic for additional information. - - The `FSAACertificateManager.exe` tool is located in the - `StealthAUDIT\PrivateAssemblies\FILESYSTEMACCESS\Applet` directory. For complete - instructions and examples on how to use the tool, run `FSAACertificateExchangeManager.exe` - with the `-help` command. - - **NOTE:** If the FSAA Data Collector and Applet are on separate domains without a trust, this - option must be used. - -- Provide Certificate Authority – The certificate exchange process is the same as with the Automatic - option. However, instead of creating a self-signed certificate, the FSAA Data Collector uses a - certificate you provide through the FSAA Data Collector Wizard. The provided certificate is stored - in the FSAA Certificate Authority Store. - - **NOTE:** If the provided certificate is not self-signed as the Certificate Authority, the root - certificate and the Certificate Authority’s certificate chain must also be stored in the FSAA - Certificate Authority Store on both the client and server hosts. - - **CAUTION:** The FSAA Applet does not support password-protected certificates. Certificates - generated when the Automatic option is selected have no password. When manually creating a - certificate for use with the FSAA Applet the password parameter should be omitted. - -Additionally, the port used for secure certificate exchange can be configured by selecting the -Specify certificate exchange port checkbox on the Applet Settings page of the FSAA Data Collector -Wizard. The default port is 8767. - -# FSAA: Default Scoping Options - -The Default Scoping Options page is where scan settings, file details, and file properties settings -can be configured for every resource in the targeted environment by the data collector. The settings -assigned on this page are used by all resources involved in the scan. It is a wizard page for the -categories of: - -- File System Access/Permission Auditing Scan -- Sensitive Data Scan - -![FSAA Data Collector Wizard Default Scoping Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scansettings.webp) - -See the Scoping Options tab setting topics to target individual resources for the scan: - -- [Scan Settings Tab](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [File Details Tab](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [File Properties (Folder Summary) Tab](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - -# File Details Tab - -The File Details tab allows configuration of settings for file detail collection. - -![FSAA Data Collector Wizard Default Scoping Options page File Details tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp) - -Select the desired settings for additional scoping: - -- Scan file-level details – Turns on file-level scanning and collects a full list of files, file - size, last modified, and last accessed -- Scan file permissions – Turns on file permission scanning and collects a full list of who has - access to which files - -File tag metadata collection - -- Collect tags/keywords from file metadata properties – Enables the collection of file Microsoft - Office metadata tags and stores the tags into the tables when the **Scan file-level details** - checkbox and the **Collect File Metadata Tags** checkbox are selected on the page. It only scans - the files that satisfy the scan filter settings. -- Include offline files – Include offline files in the scan -- Only collect tags/keywords with the following comma-separated values (case-insensitive) – Collects - tags from the files and stores the tags into the tables. Filters results to only collect from - files with extensions matching to the list of file types entered. - - This option is enabled when the **Scan file-level details** and the **Collect tags/keywords - from file metadata properties** checkboxes are selected. - -The FSAA scan collects the tags from the files and stores the information at the folder level, which -provides a count for the number of occurrences of each tag. - -Scan filter settings - -The Scan filter settings options are enabled if the **Scan file-level details** checkbox is -selected. - -- Only files larger than [number] [size unit] – Filters the results to only collect file data on - files larger than the set value. If this option is not set, all file sizes are collected. -- Only files last modified more than [number] [time period] ago – Filters results to only collect - file data on files modified older than the set value -- Only files last modified less than [number] [time period] ago – Filters results to only collect - file data on files modified younger than the set value -- Only files matching one of these comma-separated types (without leading dots) – Filters results to - only collect files with extensions matching to the list of file types entered. If this option is - not set, all file types are collected. - -**CAUTION:** Be careful when configuring these settings. If no filters are applied when file detail -scanning has been enabled, it can result in returning large amounts of data to the database. - -# File Properties (Folder Summary) Tab - -The File Properties (Folder Summary) tab is where file property collection settings for the scan is -configured. - -![FSAA Data Collector Wizard Default Scoping Options page File Properties (Folder Summary) tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp) - -- Scan for probable owners – Gathers file ownership information to determine the most probable owner - of every resource - - Limit maximum number of probable owners to return per folder [number] – Stops the collection - of probable owners when the number provided is reached -- Scan for File Types – Gathers file type information within the audited folders - - Limit maximum number of file types to return per folder [number] – Stops the collection of - file types when the number provided is reached per folder - - Only return file types with these comma-separated values (without leading dots) – Enter the - file types that will be returned from the scan. Any types not provided are ignored. -- Collect tags/keywords from file metadata properties (this may significantly increase scan times) – - Scans the files and collects metadata tags from Microsoft Office files - - Include offline files – Scans network files that have the offline files feature enabled - - Include AIP Protected Files – Scans for files protected by Azure Information Protection (AIP) - that have protection labels - - This option is only available when the Enable scanning of files protected by Azure - Information Protection checkbox is enabled on the Scan Settings page - - Only collect tags/keywords with these comma-separated values (case-insensitive) – scopes the - scan to only collect tags from the files with the tags specified by comma-separated values - -The FSAA scan collects the tags from the files and stores the information at the folder level, which -provides a count for the number of occurrences of each tag. - -# Scan Settings Tab - -The Scan Settings tab allows configuration of data collection settings. - -![FSAA Data Collector Wizard Default Scoping Options page Scan Settings tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scansettings.webp) - -The Scan Settings tab has the following configurable options: - -- Limit returned subfolder depth to: [number] level – Value indicates the depth of the scan - - - Higher numbers increases scan time but return more thorough data - -- Exclude snapshot directories on NetApp server – Excludes folders on NetApp Filers that begin with - ~snapshot -- Exclude system shares – Part of the OS that most users don’t have access to so its hidden by - Microsoft -- Exclude hidden shares – Excludes shares with names ending with $ -- Last Access Time (LAT) preservation – Preserves Data Access timestamp attribute on files that are - scanned for Metadata tags and sensitive data - - - Warn if unable to preserve Last Access Time – Scan throws a warning if the LAT cannot be - preserved. The file is still scanned unless the Skip file if unable to preserve Last Access - Time checkbox is also selected. - - Skip file if unable to preserve Last Access Time – Scan skips the file if the LAT cannot be - preserved - -Selecting the **Last Access Time (LAT) preservation** checkbox enables the **Action on failure to -enable LAT preservation** and **Action on changed LAT after scan** dropdown menus. - -![Action on failure to enable LAT preservation dropdown options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp) - -- Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to enable - an operating system feature to preserve the LAT when accessing the file. This operation may fail - for a variety of reasons, which include but are not limited to: the operating system or file - system where the file is located does not support LAT preservation, or insufficient permissions - from the service account trying to access the file. The following configuration addresses a - failure to enable the LAT preservation mode: - - - Continue to scan file silently – FSAA scans the file with the possibility that LAT - preservation is not possible. No warning will be shown. - - Continue to scan file with warning – FSAA scans the file with the possibility that LAT will - not be preserved. A warning will be shown for this file. - - Skip file silently – FSAA will not scan the file. No warning will be shown. - - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating the - file was skipped. - - Abort the scan – FSAA will abort the scan. No further files will be processed. - -![Action on changed LAT after scan dropdown options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp) - -- Action on changed LAT After scan – Before scanning each file, the LAT of the current file is - recorded. After scanning, it is verified whether the LAT has changed since then (likely scenarios - are either that the LAT preservation mechanism failed to function as intended, or that the file - was accessed by someone while the scan was occurring). The following configuration addresses a - changed LAT: - - - Continue scan silently – The scan will move on to the next file while updating the LAT for the - processed file. No warning will be shown. - - Continue scan with warning – The scan will continue on to the next file. LAT will be updated - for the processed file. A warning will be shown. - - Force-reset file LAT silently – The scan will reset the file's LAT to its original state - before processing. No warning will be shown. The scan will proceed to the next file. - - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original state - before processing. A warning will be shown. The scan will proceed to the next file. - - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No - other files will be processed - -# FSAA Manual Certificate Configuration - -To create and store the certificates needed to set up FSAA scans using manual certificate exchange, -use the `FSAACertificateManager.exe` tool. The `FSAACertificateManager.exe` tool is located in the -`StealthAUDIT\PrivateAssemblies\FILESYSTEMACCESS\Applet` directory. All commands in the tool are -case-sensitive. - -Follow the steps to use the tool to create and store the required certificates. - -**NOTE:** In these steps, some commands need to be run on the Enterprise Auditor console and some on -the Proxy host. In the provided example commands: - -- All files that are generated by the Certificate Manager or copied to the Enterprise Auditor - console are placed in the - `%SAInstallDir%\PrivateAssemblies\FILESYSTEMACCESS\Applet\My Certificates` directory. This folder - is created by the tool if it does not already exist. -- When operating on the proxy host, files are placed into the root of the **FSAA** folder - -_Remember,_ all commands in the `FSAACertificateManager.exe` tool are case-sensitive. - -**Step 1 –** Create a Certificate Authority (CA). The CA is a self signed certificate that will be -used to sign the client and server certificates. On the Enterprise Auditor console, run the -following command: - -``` -.\FSAACertificateManager.exe -createCertificate -subjectDN CN=FSAA CA NEAConsole.my.domain.com -purpose CertificateAuthority -friendlyName FSAA_CA -outputPath ".\My Certificates" -name MyFSAACA -``` - -- Replace the Common Name (CN) in this example command (`FSAA CA NEAConsole.my.domain.com`) with a - unique and descriptive name -- The output file is stored at the specified output path `.\My Certificates` - -The following message is returned when the command completes successfully: - -``` -Successfully wrote certificate to .\My Certificates\MyFSAACA.pfx -``` - -**Step 2 –** Create a client certificate using the CA from the previous step. On the Enterprise -Auditor console, run the following command: - -``` -.\FSAACertificateManager.exe -createCertificate -issuer ".\My Certificates\MyFSAACA.pfx" -subjectDN CN=NEAConsole.my.domain.com -purpose ClientAuth -subjectAlternativeNames NEAConsole -friendlyName FSAA_Client_Auth -outputPath ".\My Certificates" -name MyFSAAClientCert -``` - -- Replace the CN (`NEAConsole.my.domain.com`) with the fully qualified domain name (FQDN) of your - Enterprise Auditor console -- Replace the alternate subject name (`NEAConsole`) with the short name for the Enterprise Auditor - console -- The output file is stored at the specified output path `.\My Certificates` - -The following message is returned when the command completes successfully: - -``` -Successfully wrote certificate to .\My Certificates\MyFSAAClientCert.pfx -``` - -**Step 3 –** Store the CA in an FSAA managed certificate store. As the user that runs the Enterprise -Auditor console, run the following command on the Enterprise Auditor console: - -``` -.\FSAACertificateManager.exe -storeCertificate -certificate ".\My Certificates\MyFSAACA.pfx" -store CertificateAuthority -location CurrentUser -``` - -The following message is returned when the command completes successfully: - -``` -Successfully added FSAA_CA to CertificateAuthority -``` - -**Step 4 –** Store the client certificate in an FSAA managed certificates store. As the user that -runs the Enterprise Auditor console, run the following command on the Enterprise Auditor console: - -``` -.\FSAACertificateManager.exe -storeCertificate -certificate ".\My Certificates\MyFSAAClientCert.pfx" -store Client -location CurrentUser -``` - -The following message is returned when the command completes successfully: - -``` -Successfully added FSAA_Client_Auth to Client -``` - -**Step 5 –** Convert the CA from a PFX file to a CER file. On the Enterprise Auditor console, run -the following command: - -**NOTE:** This conversion to a CER file is necessary so that the private key of the CA is not -shared. - -``` -.\FSAACertificateManager.exe -createCER -certificate ".\My Certificates\MyFSAACA.pfx" -outputPath ".\My Certificates" -name MyFSAACA -``` - -The following message is returned when the command completes successfully: - -``` -Successfully wrote CER certificate to .\My Certificates\MyFSAACA.cer -``` - -**Step 6 –** Copy `FSAACertficateManager.exe` and the CA CER file (`.\My Certificates\MyFSAACA.cer`) -to the proxy host that will be running `FSAAAppletServer.exe`. These files must be copied to the -same directory. - -**NOTE:** These copied files will be deleted from the destination directory later in Step 12. - -**Step 7 –** Generate the server certificate signing request and key on the Proxy host. On the proxy -host, run the following command out of the FSAA folder where the `FSAACertificateManager.exe` was -copied to: - -``` -.\FSAACertificateManager.exe -createCertificateSigningRequest -subjectDN CN=proxy01.my.domain.com -subjectAlternativeNames Proxy01 -outputPath . -name Proxy01 -``` - -- Replace the CN (`proxy01.my.domain.com`) with the FQDN of the proxy host -- Replace the alternate subject name (`proxy01`) with the short name for the proxy host -- The generated certificate signing request and key are stored in the same directory as - `FSAACertificateManager.exe` on the proxy host - -The following message is returned when the command completes successfully: - -``` -Successfully wrote certificate signing request to .\Proxy01.csr -Successfully wrote certificate key to .\Proxy01.key -``` - -**Step 8 –** Store the CA on the proxy host in an FSAA managed certificate store. As the user that -runs the proxy scanner (`FSAAAppletServer.exe`), run the following command on the proxy host: - -``` -.\FSAACertificateManager.exe -storeCertificate -certificate .\MyFSAACA.cer -store CertificateAuthority -location CurrentUser -``` - -The following message is returned when the command completes successfully: - -``` -Successfully added FSAA_CA to CertificateAuthority -``` - -**Step 9 –** Complete the server certificate signing request on the Enterprise Auditor console. Copy -the CSR file from the proxy host to the **My Certificates** directory on the Enterprise Auditor -console (where the original CA PFX file is located), then run the following command on the -Enterprise Auditor console: - -``` -.\FSAACertificateManager.exe -completeCertificateSigningRequest -certificateSigningRequest ".\My Certificates\Proxy01.csr" -purpose ServerAuth -issuer ".\My Certificates\MyFSAACA.pfx" -days 365 -outputPath ".\My Certificates" -name Proxy01 -``` - -The following message is returned when the command completes successfully: - -``` -Successfully completed certificate signing request to .\My Certificates\Proxy01.cer -``` - -**Step 10 –** Store the server certificate on the proxy host in an FSAA managed certificate store. -Copy the Proxy CER file back to the proxy host from the Enterprise Auditor console. Then, as the -user that runs the proxy scanner (`FSAAAppletServer.exe`), run the following command on the proxy -host: - -``` -.\FSAACertificateManager.exe -storeCertificate -certificate .\Proxy01.cer -key .\Proxy01.key -friendlyName FSAA_Server_Auth -store Server -location CurrentUser -``` - -The following message is returned when the command completes successfully: - -``` -Successfully added FSAA_Server_Auth to Server -``` - -**Step 11 –** Repeat Steps 6-10 for each proxy host. - -**Step 12 –** Delete all the PFX, CER, and Key files that were generated or copied in the above -steps from the output locations. - -All of the required FSAA certificates have been stored in the FSAA managed certificate stores. The -FSAA queries need to be configured to use the **Manual** certificate exchange option. This option -can be found under Applet Settings in the FSAA Data Collector Wizard. See the -[FSAA: Applet Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -For additional information on how to use the `FSAACertificateManager.exe` tool, run the -`.\FSAACertificateManager.exe -help` command. - -# FileSystemAccess Data Collector - -The FileSystemAccess (FSAA) Data Collector collects permissions, content, and activity, and -sensitive data information for Windows and NAS file systems. The FSAA Data Collector has been -preconfigured within the File System Solution. Both this data collector and the solution are -available with a special Enterprise Auditor license. See the -[File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -topic for additional information. - -Protocols - -- Remote Registry -- WMI - -Ports - -- Ports vary based on the Scan Mode Option selected. See the - [File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for additional information. - -Permissions - -- Permissions vary based on the Scan Mode Option selected. See the - [File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. By default, SDD scans are configured to run two concurrent threads. -For example, if the job is configured to scan 8 hosts at a time with two concurrent SDD threads, -then an extra 32 GB of RAM are required (8x2x2=32). - -_Remember,_ if employing either of the File System Proxy Mode as a Service scan mode options, it is -also necessary for the Sensitive Data Discovery Add-on to be installed on the server where the proxy -service is installed. - -## FSAA Query Configuration - -The FSAA Data Collector is configured through the File System Access Auditor Data Collector Wizard. -The wizard contains the following pages, which change based up on the query category selected: - -- [FSAA: Query Selection](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: Applet Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: Scan Server Selection](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: Scan Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: Azure Tenant Mapping](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: Activity Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: Default Scoping Options](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: Scoping Options](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: Scoping Queries](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: Sensitive Data Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: SDD Criteria Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: Bulk Import Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [FSAA: FSAA Update Service Setting](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - -# FSAA: Query Selection - -The FSAA Data Collector Query Selection page contains the following query categories, sub-divided by -auditing focus: - -![FSAA Data Collector Wizard Query Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/queryselection.webp) - -- The File System Access/Permission Auditing options scan hosts for file system information, and - there are two categories to choose from: - - Scan – Scans file systems for permission information, ownership, and content profiling - - Bulk import– Imports access scan data into the SQL database -- The File System Activity options runs user and group activity and inactivity related queries based - on FSAC data, and there are two categories to choose from: - - Scan – Performs file system activity scan for the target host - - Bulk import – Imports File System Activity scan data into the SQL database -- The Sensitive Data options scan hosts for sensitive data, and there are two categories to choose - from: - - Scan – Scans file system content for sensitive information - - Bulk import – Imports SDD scan data into the SQL database -- The DFS options collect Distributed File System information, and there is one category: - - - Scan and import – Collects Distributed File System information - - **NOTE:** Starting with v8.1, DFS Audits are completed with a streaming method and do not - require a bulk import query following the scan query. - -- The Maintenance options perform maintenance for the FSAA Data Collector, and there are three - categories to choose from: - - - Remove scan executables and data – Removes file system access audit scan applet and data from - the remote server - - Upgrade proxy service – Update FSAA binaries for hosts running the File System Proxy Service - - **NOTE:** The Upgrade proxy service category only applies to updating a v8.0+ File System - Proxy installation to a newer version. Manual updating is necessary for v7.x File System - Proxy installations. - - - Remove Host Data – Removes host from all SQL tables created by the FSAA Data Collector and - deletes StrucMap (removes host assigned to job where query exists) - -_Remember,_ the Sensitive Data category options require the Sensitive Data Discovery Add-On to be -installed on the Enterprise Auditor Console before the FSAA Data Collector can collect sensitive -data. - -Once a query scan using the FSAA DC has been executed, the **Maintenance** button is enabled to -allow troubleshooting of scan errors that may have occurred. - -**CAUTION:** Do not use the Maintenance button unless instructed by -[Netwrix Support](https://www.netwrix.com/support.html). It is possible to cause corruption of the -database and loss of data to occur. - -## Maintenance Wizard - -The Maintenance Wizard is opened by clicking the **Maintenance** button on the Query Selection page -of the FSAA Data Collector Wizard. You can use the wizard to reset hosts or repair file system data -errors. - -![Maintenance Wizard Maintenance Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maintenancewizardselection.webp) - -The Maintenance Selection page allows you to select the type of maintenance to be performed: - -- Reset Hosts – Resets the Access GUID column value in the SA_FSAA_Hosts table for the Hosts - selected. Allows data to be bulk imported when there is a GUID mismatch. -- Repair – Resets the MinResourceID and MinTrusteeID column values to 0. Removes duplicate and data - consistency issues, including resources with nonexistent parents. Deletes StrucMap database. - -Select the required option and click **Next**. The subsequent wizard page is determined by the -selection made. - -- If Reset Hosts was selected, the Reset Hosts page displays: - - ![Maintenance Wizard Reset Hosts page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maintenancewizardresethosts.webp) - - Select the desired hosts to reset the SQL data for, and click **Reset Hosts** to perform the - maintenance. - -- If Repair was selected, the Repair Tool page displays: - - ![Maintenance Wizard Repair Tool page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maintenancewizardrepair.webp) - - Select the desired hosts to repair the SQL data for, and click **Run** to perform the - maintenance. - -Click **Finish** to close the wizard when you have completed the required maintenance. - -# FSAA: Scan Server Selection - -The Scan Server Selection page is where the server that executes the scan is configured. It is a -wizard page for the categories of: - -- File System Access/Permission Auditing Scan -- File System Activity Scan -- Sensitive Data Scan - -![FSAA Data Collector Wizard Scan Server Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scanserverselection.webp) - -Using the radio buttons, select where the execution of the applet will take place: - -- Automatic (Local for NAS device hosts, Remote for Windows hosts) – Applet is deployed to all - targeted Windows servers. Other targeted devices, for example NAS, are scanned locally by the - Enterprise Auditor Console server. - - - The scan identifies Windows servers through the host inventory field OSType - -- Local Server – Assigns all scanning to the Enterprise Auditor Console server -- Specific Remote Server – Assign a specified server for scanning by entering a server name in the - textbox. This option uses proxy architecture and requires the targeted server to have the File - System Proxy deployed. - - - See the - [File System Proxy Service Installation](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) - topic for additional information - -- Specific Remote Servers by Host List – Assign hosts from a custom created host list for scanning. - This option uses proxy architecture and requires the targeted servers to have the File System - Proxy deployed - - - See the - [File System Proxy Service Installation](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) - topic for additional information - - ![Select Host Lists window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/selecthostlists.webp) - -- Select Host Lists – Opens the Select Host Lists window displaying all the available hosts to - choose from. If more than one list is selected, scanning is distributed across each host. - -**_RECOMMENDED:_** - -It is best practice in global implementations to utilize a specific remote server or proxy scanner -that is located in the same data center as the target hosts. This is particularly beneficial if the -Enterprise Auditor Console server is in a different data center. See the -[Proxy Scanning Architecture](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md#proxy-scanning-architecture) -topic for additional information. - -In the bottom section, the checkbox options affect the execution of the applet: - -- Fallback to local mode if applet can't start – If the applet cannot be deployed on the target - host, it is deployed locally on the same server as the Enterprise Auditor Console and the scan - collects data across the network -- Run remote applet with normal priority (non-proxy applet server uses background priority by - default) – Select this option to run the applet with normal priority. Running at low-priority - allows other normal priority applications to take precedent over the scan when consuming - processing power and system resources. Running at low priority allows the scan to run with little - or no impact on the applet host. - -# FSAA: Scan Settings - -The Scan Settings page is where additional scan protocols and settings are configured. It is a -wizard page for the categories of: - -- System Access/Permission Auditing Scan -- Sensitive Data - -![FSAA Data Collector Wizard Scan Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scansettings.webp) - -In the Scan Protocols section, select the desired checkboxes for including certain types of shared -folders: - -- Scan Windows (SMB/CIFS) shares – Includes types of Windows and NAS shares -- Scan NFS exports (shares) – Includes this type of UNIX and NAS shares - -In the middle section, select the desired checkboxes for additional settings: - -- Enable file system scan streaming – Sends the streamed data directly to the Enterprise Auditor - database. A bulk import query is not required when this option is selected -- Enable scanning of files protected by Azure Information Protection – Adds additional options to - this wizard to scan for protection labels and encrypted files for sensitive data - - - See the - [Azure Information Protection Target Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - for additional information. - -- Use SQL query to manually specify shares – For advanced SQL users. This option provides a least - privileged model for enumerating shares. It bypasses share permission requirements and eliminates - the need for the Connection Profile credentials to have local Administrator or Power User - permissions. Click **Configure Query** to open the Manual Shares Query window. See the - [Enable the Use SQL Query to Manually Specify Shares](#enable-the-use-sql-query-to-manually-specify-shares) - topic for additional information. -- NetApp communication security – This option provides the ability to choose levels of encryption - and authentication applied during Access Auditing scans of NetApp devices - - ![NetApp communication security options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scansettingsnetapp.webp) - - - HTTPS – Encrypts communication and verifies the targeted server's SSL certificate - - HTTPS, Ignore Certificate Errors – Encrypts communication but ignores certificate errors - - - This option is primarily used for troubleshooting - - Alternative use for this option would be for access scans within a trusted and secured - network - - - HTTP – Applies no encryption or authentication of communication - - The HTTPS options require Enterprise Auditor to have access to the targeted server's SSL - certificate. Enterprise Auditor ships with a file containing trusted certificates from a trusted - Certification Authority (`cacert.pem`). If the organization uses a self-signed certificate, see - the HTTPS Encryption Certificate for FSAA & NetApp Communication topic for information on adding - the organization's certificate. - -The bottom section is only available for the File System Access/Permission Auditing Scan and -Sensitive Data Scan categories and contains the following options: - -- Restart incomplete scans after (0 always restarts) [number] days – Determines when the saved - progress should be discarded and the scan restarted -- Rescan unimported hosts after (0 always rescans) [number] days – Controls when the host is - rescanned even if its data has not been imported yet - - - When this option is enabled, set to a value higher than zero, and results in a host not being - scanned, a warning message is logged - - The Messages table records the - `No need to scan, Tier 2 DB USN > Tier 1 DB USN, needs to bulk import` warning - -## Enable the Use SQL Query to Manually Specify Shares - -If desired, enable this feature and click **Configure Query** to open the Manual Share Query window. - -![Maual Shares Query window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maualsharesquery.webp) - -The SQL query provided by a user should return a list of all shares in the target environment. The -target tables must reside within the Enterprise Auditor database and contain at least the following -columns for all shares in the target environment: - -- Host – Name of host where the share resides matching the Host Master table Name field value - - **_RECOMMENDED:_** Use this column but it is not required. - -- Share – Name of the share -- Folder – Landing folder path of the share on the host -- ShareType – Integer representing the protocol for the type of share: - - - 0 = CIFS share - - 1 = NFS share - -For example, if the share has a path of `\\cec-fs01\Documentation`, then the columns are populated -in this way: - -- Host – `cec-fs01` -- Share – `Documentation` -- Folder – `C:\Documentation` -- ShareType – `0` - -**CAUTION:** If the FSAA Data Collector has identified a share in a previous scan, but that share is -not in a table targeted by this query, then it is marked as a deleted share. - -Enter the SQL query by replacing the sample text in the textbox. The SQL query must target tables -that have the required columns populated with the list of all shares in the target environment. - -_(Optional)_ Enter a host in the Host parameter value (@host) textbox to test the query to retrieve -the data for that host. - -Select **Test Query** to open a preview of the results in the Query Results window. Ensure that the -data being retrieved by the query is expected. - -When this option is selected, the data collector runs against the target table to enumerate shares -in the environment. - -_Remember,_ if a share is not in the target table, the data collector assumes that the share does -not exist and marks it as deleted. - -## HTTPS Encryption Certificate for FSAA & NetApp Communication - -The HTTPS encryption options for the NetApp communication security setting of the global Remote Data -Collection Configuration page in the File System Access Auditor Data Collector Wizard requires a -certificate. If the organization uses a self-signed certificate, it is necessary to add this -certificate to enable HTTPS encryption of Enterprise Auditor communications. - -The certificate (`cacert.pem`) which is shipped with Enterprise Auditor is in the DC folder of the -installation directory. The default location is: - -…\STEALTHbits\StealthAUDIT\DC - -If employing remote applet mode or proxy servers, then the certificate (`cacert.pem`) must exist in -the FSAA folder where the `FSAAAppletServer.exe` process is running (applet/proxy host). Therefore, -it is necessary to also copy it to the FSAA folder on the target hosts andr proxy servers. This is -done at runtime when using remote applet mode, but any updates or custom certificates must be copied -manually. The default location is: - -…\STEALTHbits\StealthAUDIT\FSAA - -**_RECOMMENDED:_** Do not overwrite this certificate. It is fully trusted by Netwrix. Instead, add -an underscore (\_) character to the start of the file name. Then copy the organization's self-signed -certificate to this location with the name `cacert.pem`. - -There is another `cacert.perm` file within the Enterprise Auditor installation directory used by the -Notification SSL encryption options. While these files have the same name, they serve different -purposes and are stored in different locations. - -# FSAA: Scoping Options - -The Scoping Options page is where scan settings, file details, and file properties settings can be -configured for a specified resource in the targeted environment. It is a wizard page for the -following categories: - -- File System Access/Permission Auditing Scan -- Sensitive Data - -![FSAA Data Collector Wizard Scoping Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingoptions.webp) - -The Scoping Options buttons have the following: - -- Add – Add a resource to be included or excluded in the scan. Opens the Scoping Configuration - window. -- View/Edit – Make changes to a previously added resource. Opens the Scoping Configuration window. -- Remove – Deletes the resource from the table and therefore the scan -- Increase Priority – Sets a lower numerical value to the resource, which sets a higher priority - when conflicting settings occur with one resource -- Decrease Priority – Sets a higher value to the resource, which sets a lower priority when - conflicting settings occur with one resource -- Import – Import scoping options from a `.fsaascope` file. - - - If a conflict arises between an existing configured scoping option and an option that is being - imported, the user will be prompted to resolve the conflict by either keeping the existing - configuration or importing the new one, which will overwrite the scoping option. - -- Export – Take the currently configured scoping options in the job and export it to a `.fsaascope` - file - -By default, priority is assigned in the order it is added to the table. Priority can also be -manually assigned with the Increase Priority and Decrease Priority buttons or in the -[Scoping Configuration Window](#scoping-configuration-window). If there is a conflict between an -inclusion scoping option and an exclusion scoping option with the same priority, the inclusion takes -precedence. - -See the [Common Scoping Scenarios](#common-scoping-scenarios) section for example configurations of -scoping options and the expected results. - -## Scoping Configuration Window - -The Scoping Configuration Window allows a specific share or folder to be included or excluded from -the scan. Only included resources require additional scoping. Remember, these settings override the -default scoping settings for the selected resource. - -![Scoping Configuration Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingconfigurationwindow.webp) - -Set the Resource Name and Host Name: - -- Resource Name – Specify a local path or individual share to the target folder or the share name -- Host Name – Apply scoping options to a specific target host. If a host name is not supplied, all - hosts targeted by the job have the scoping options applied. - -Both the Resource Name and Host Name textboxes support regular expressions and pattern matching. - -- For wildcards – Use the `?` or `*` as the share or folder name. Example of Wildcard Support: You - have three shares named `Share1`, `Share2`, and `MyShare`. You want to include `Share1` and - `Share2`. You can enter into this field: - - - `share*` - - `share?` - - `Share*` - - `SHARE?` - -- For regular expressions – Use the prefix `RE:` and escape the backslash characters. Example of - Regular Expression: To provide an expression that would include all shares or files that start - with the letter `A`: - - **NOTE:** This option is case sensitive. - - - `RE:\\\\[^\\[+\\A` - -Then set Scoping Type and Priority: - -- Scoping Type – Choose from the dropdown menu the type of resource to scan: - - - Share Include – Provided share name is included in the scan. All scoping options must match or - it is excluded. - - Share Exclude – Provided share is excluded from the scan - - Folder Include – Provided folder name is included in the scan. All scoping options must match - or the scan ignores the resource. - - Folder Exclude – Provided folder is excluded from the scan. All scoping options must match or - it is excluded. - - **NOTE:** Any included files or folders inherit all options previously checked in the - [FSAA: Default Scoping Options](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - page. Manually apply new options if the default ones are not desired in this scan. - -- Priority – Numerical value that determines which options are used in the case of more than one - scoping option overlaps for a particular resource. Lower numerical values have a higher priority - for this scan. When multiple scoping options are added to a single resource, and there is no - conflict, the scoping options are merged. However, in some instances, the settings conflict. Below - are some known conflicts and their results: - - Conflict between two options for a single resource – Higher priority takes precedence - - Folder scoping option conflicts with a share scoping option – Folder takes precedence - - Conflict between two scoping options with the same priority – Path determines which option is - used. The scoping option with the child takes precedence over the parent. -- Enable Button – Adds the scoping option to the scan criteria - -See the -[Scan Settings Tab](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md), -[File Details Tab](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md), -and -[File Properties (Folder Summary) Tab](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -tabs for more detail on these scoping options. - -## Common Scoping Scenarios - -The following examples show some common configurations of scoping options and the expected results. - -Scenario 1 - -Scan for all shares except one. - -![Common Scoping Options example Scenario 1](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp) - -All shares included except for the ProbableOwner share. - -Scenario 2 - -Scan for one share and exclude all others. - -![Common Scoping Options example Scenario 2](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp) - -The ProbableOwner Share is included. All other shares are excluded. Share Inclusion must have a -priority that is greater than or equal to the Share Exclusion. - -Scenario 3 - -Scan all folders except one. - -![Common Scoping Options example Scenario 3](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp) - -All Shares are scanned and all folders are included except for C:\ProbableOwner\DifferentOwner. - -Scenario 4 - -Scan one folder and exclude all others. - -![Common Scoping Options example Scenario 4](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp) - -The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner -Share, Folder path C:\ProbableOwner\DifferentOwner is included. All other folder paths are excluded. - -Scenario 5 - -Scan one folder and all of its children and exclude all others. - -![Common Scoping Options example Scenario 5](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp) - -The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner -Share, Folder path C:\ProbableOwner\DifferentOwner is included along with all of its children -(Notice the \\\* at the end of folder include path). All other folder paths are excluded. - -Scenario 6 - -Scan for all content within a folder except one sub-folder. - -![Common Scoping Options example Scenario 6](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp) - -The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner -Share, Folder path C:\ProbableOwner\DifferentOwner is included along with all of its children -(Notice the \\\* at the end of folder include path). Within the DifferentOwner folder the path -C:\ProbableOwner\DifferentOwner\Test2 is excluded (Notice the higher priority for the exclusion). -All other folder paths are excluded. - -Additional Considerations - -The scoping options listed above can be used to scope for SMB shares and NFS exports but NFS exports -are enumerated differently. The include/exclude logic outlined above should be the same for both, -but when scoping for NFS exports the Resource Name should be the full path to the export. - -For example, in the scenario below, the NFS export named NFS_Export is included. All other exports -are excluded. Within the NFS_Export export, folder path \ifs\NFS_Export\Test_Folder is included. All -other folder paths are excluded. - -![FSAA Scoping Options NFS export example](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp) - -Note the different slash types for exports compared to folders. - -# FSAA: Scoping Queries - -Use the Scoping Queries page to query the SQL database and return exclude and include resources from -a specified host. This feature bypasses share permission requirements and eliminates the need for -the Connection Profile credentials to have local Administrator or Power User permissions. It is a -wizard page for the following categories: - -- File System Access/Permission Auditing Scan -- Sensitive Data - -![FSAA Data Collector Wizard Scoping Queries page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingqueries.webp) - -The Scoping Queries buttons have the following functionality: - -- Add – Add a resource to be included or excluded in the scoping query. Opens the Scoping Query - Configuration window. See the - [Scoping Query Configuration Window](#scoping-query-configuration-window) topic for additional - information. -- View / Edit – Make changes to a previously added scoping query. Opens the Scoping Query - Configuration window. See the - [Scoping Query Configuration Window](#scoping-query-configuration-window) topic for additional - information. -- Remove – Deletes the resource from the table and therefore the scan -- Migrate Scan Resource Filters – Migrates configured scan resource filters from the - `FSAAConfig.xml` file and imports them into the FSAA data collector - - - There are two Scan Resource Filters migrated by default: - - - DFS Shares - - - Scoping Query that will query the SQL database and return a list of Distributed File - System (DFS) Shares from the targeted host to include in the Scan - - Requires the 0-FSDFS System Scans, 1-FSAA System Scans, and 2-FSAA Bulk Import jobs to - have been run as a prerequisite - - - DG Open Shares - - - Scoping Query that will query the SQL database and return a list of Open Shares as - identified by the 3-FSAA Exceptions job - - Requires the 1-FSAA System Scans, 2-FSAA Bulk Import, and 3-FSAA Exceptions jobs to - have been run as a prerequisite - -**NOTE:** These two Scan Resource Filters are both Share Include queries by default. To restrict the -scan to only Open Shares or only DFS Shares it is necessary to also configure the Scoping Options on -the previous page of the wizard to exclude all other shares. - -For example, to restrict the scan to only Open Shares and exclude all other shares, the Scoping -Options page should be configured as shown: - -![FSAA Data Collector Wizard Scoping Options page Open shares configuration](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingoptionsopenshares.webp) - -The Scoping Queries page should be configured as shown: - -![FSAA Data Collector Wizard Scoping Queries page Open shares configuration](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingqueriesopenshares.webp) - -See the -[FSAA: Scoping Options](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information and common scoping scenarios. - -## Scoping Query Configuration Window - -The Scoping Query Configuration window allows you to create a custom Scoping Query to specify shares -and folders to be included in or excluded from the scan. - -![Scoping Query Configuration window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingqueryconfiguration.webp) - -Configure the following fields: - -- Name – Enter a unique name for the scoping query -- Scoping Type – Choose from the dropdown menu the type of resource to scan -- Configure Query – Select **Configure Query** to open the Advanced Scoping Options Query - Configuration window. See the - [Advanced Scoping Options Query Configuration Window](#advanced-scoping-options-query-configuration-window) topic - for additional information. - -**_RECOMMENDED:_** Provide a descriptive Comment on the Scoping Queries page. - -### Advanced Scoping Options Query Configuration Window - -Clicking **Configure Query** on the Scoping Query Configuration Window brings up the Advanced -Scoping Options Query Configuration window. - -![Advanced Scoping Options Query Configuration window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp) - -Follow the steps to configure a query. - -**Step 1 –** Enter a SQL Query that will return a list of resources to be included in or excluded -from the scan. - -**NOTE:** The target tables must reside within the Enterprise Auditor database and the result must -return at least the following columns: - -- Name -- Priority - -**Step 2 –** (Optional) Enter a host in the Host parameter value (@host) textbox to test the query -to retrieve the data for that host. - -**Step 3 –** Select **Test Query** to open a preview of the results in the Query Results window. -Ensure that the data being retrieved by the query is expected. - -**Step 4 –** Click **OK**. - -When a query configuration is enabled, the data collector runs against the target table to configure -scoping for shares or folders in the environment. - -# FSAA: SDD Criteria Settings - -The SDD Criteria Settings page is where criteria to be used for discovering sensitive data during a -scan is configured. It is a wizard page for the category of Sensitive Data Scan. - -This page requires the Sensitive Data Discovery Add-On to be been installed on the Enterprise -Auditor Console to define the criteria and enable the Sensitive Data Criteria Editor. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -![FSAA Data Collector Wizard SDD Criteria Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sddcriteria.webp) - -The options on the SDD Criteria Settings page are: - -- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings - from the **Settings** > **Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for -- Select All - Click **Select All** to enable all sensitive data criteria for scanning -- Clear All - Click **Clear All** to remove all selections from the table -- Select the checkboxes next to the sensitive data criteria options to enable them to be scanned for - during job execution - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in the **Settings** > **Sensitive Data** to create and - edit user-defined criteria. See the - [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) - topic for additional information. - -**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System -Criteria and User Criteria nodes are visible in the table. - -# FSAA: Sensitive Data Settings - -The Sensitive Data Settings page is where sensitive data discovery settings are configured. It is a -wizard page for the category of Sensitive Data Scan. - -![FSAA Data Collector Wizard Sensitive Data Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/sensitivedata.webp) - -- Don’t process files larger than: [number] MB – Limits the files to be scanned for sensitive - content to only files smaller than the specified size -- Include offline files (this may significantly increase scan times) – Includes offline files in the - scan -- Perform Optical Character Recognition for image files – Enables the data collector to scan for - sensitive data within digital images of physical documents - - **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents - directly converted to images, with standard fonts. It will not work for scanning photos of - documents and may not be able to recognize text on images of credit cards, driver's licenses, or - other identity cards. - -- Store discovered sensitive data – Stores discovered sensitive data in the database -- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria - for discovered sensitive data - -Use the radio buttons to select the File types to scan: - -- Scan all file types – Scans everything in a given environment -- Scan custom file types – Select the checkboxes from the list of file and document types that are - included in a sensitive data scan. The table contains the following categories and their - sub-options available: - - - Compressed Archive files - - Documents - - Email - - Image files - - Presentations - - Spreadsheets - - Text/Markup files - -- Perform differential scan of – Enables users to choose whether to employ incremental scanning: - - - Files modified or newly discovered since last scan – Scans newly discovered files and files - with a modified date after the previous scan date - - Files modified since [date] – Only scans files with a modified date after the specified date - - Files modified within the last [number] days – Only scans files with a modified date within - the specified date range - -_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to be -been installed on the Enterprise Auditor Console. - -The Performance Options section allows the user to modulate the efficiency of SDD scans. - -- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn - as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU - threads available. - - **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host - should be 1 to 2 times the number of CPU threads available. - -# Standard Reference Tables & Views for the FSAA Data Collector - -The FSAA Data Collector gathers essential File System information into standard reference tables. -Unlike most of the other Enterprise Auditor data collectors, the FSAA Data Collector writes data to -these tables regardless of the job executing the query. - -## File System Access Auditing Tables & Views - -The tables and their associated views are grouped by types. - -Structure Tables - -| Tables | Details | -| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| SA_FSAA_Hosts | Contains the name and ID of all File System hosts that have been scanned for permissions | -| SA_FSAA_ImportHistory | Contains historical information about the import process for each host that is imported | -| SA_FSAA_Resources | Contains information about all audited resources, which can be file shares or folders. This provides information on the hierarchy relationship and references to the name and rights applied to that folder. | - -Trustee Tables - -| Tables | Details | -| -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_FSAA_Trustees | Contains information about any domain user, group, or security principal that has been assigned permissions. This table does not contain local users and groups since none of the trustees in this table are specific to any one host. | -| SA_FSAA_LocalTrustees | Contains information about any trustees that do not belong to a domain, primarily local users and local groups | -| SA_FSAA_TrusteeEquivalence | Contains information about Local Group membership. The trustees described can be found in the SA_FSAA_LocalTrustees table. | - -Access Calculation Tables - -| Tables | Details | -| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| SA_FSAA_Rights | Contains information about the actual permissions that have been granted to folders. Each entry summarizes the rights assigned to every trustee that would appear in the DACL of a folder. If a trustee is entered twice in a DACL, then that trustee’s rights will be summarized into a single row in this table. | -| SA_FSAA_Gates | Contains information about all gates, or access points, to shared data. This includes shared folders, administrative shares, and policies. | -| SA_FSAA_GatesProxy | Allows for quick determination of the shares through which a folder can be accessed as well as the child folders that can be accessed from a single share. The combination of ID and GateID is unique by host. | -| SA_FSAA_Policies | Contains information about what trustees are allowed or denied through the policies described in the SA_FSAA_Gates table | -| SA_FSAA_UnixRights | Contains information about permissions as they exist within the targeted Unix environment | - -Calculated Tables - -| Tables | Details | -| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_FSAA_Exceptions | Contains information about security issues and concerns. One out-of-box exception stored inside this table is the Open Shares exception. This exception identifies where resources which are open to Everyone, Authenticated Users, or Domain users are located. | -| SA_FSAA_ExceptionTypes | Identifies how many instances of exceptions exist on the audited hosts. This table will contain a row for each exception type for each host. Exceptions are specific conditions set forth by Enterprise Auditor that are considered to be issues, such as folders with open access. | - -Folder Content Tables - -| Tables | Details | -| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_FSAA_FileAges | Contains information about the age of files within folders by looking at the created timestamp | -| SA_FSAA_FileSizes | Contains information about the size of the files stored within audited folders. This table will tell the total size of every folder and the number of files within it. | -| SA_FSAA_FileTags | Contains file tag information at the folder level | -| SA_FSAA_FileTypes | Contains information about the types of files stored within audited folders by their extensions. This table will tell how many files of particular extension types exist within a folder. | -| SA_FSAA_ProbableOwners | Contains information about the owners of the files stored within audited folders. This table will tell what trustees own the most files and, therefore, may be the owners of the entire folder. | -| SA_FSAA_TagKeys | Contains the unique combination of the tags and ID | -| SA_FSAA_TagProxies | Contains the unique combination of the TagID and TagProxyID | -| SA_FSAA_Tags | Contains file tags and the unique ID | - -System Tables - -| Tables | Details | -| ------------------- | -------------------------------------------------------------- | -| SA_FSAA_ScanHistory | Track the history of the scans for troubleshooting purposes | -| SA_FSAA_SchemaVer | Tracks the schema version of the tables for upgrading purposes | - -Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the -FSAA Data Collector. They contain additional information for building queries easily. The following -is an explanation of the corresponding views created for some of the tables generated by the FSAA -Data Collector: - -Permission Views - -| Views | Details | -| -------------------------------- | ----------------------------------------------------------------------------------------------------------------------- | -| SA_FSAA_PermissionsView | Contains any folder or share permission, regardless of whether they have been made directly to folders or are inherited | -| SA_FSAA_DirectPermissionsView | Contains only permissions which are directly applied to resources | -| SA_FSAA_ExpandedPermissionsView | Contains an expansion of any domain groups that are assigned rights | -| SA_FSAA_InheritedPermissionsView | Contains only the inherited permission values for the folder, share, or audited object | -| SA_FSAA_EffectiveAccessView | Correlates share folder permissions and group membership | -| SA_FSAA_ExceptionsView | Contains how many instances of exceptions exist on the audited hosts | - -Resources Views - -| Views | Details | -| --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_FSAA_ResourcesView | Contains information about file shares or folders | -| SA_FSAA_SharesTraversalView | Contains information about shared folders. It also provides useful information for the locations of these resources, including the local and network paths. Additionally, mount/junction points will show as a normal path traversal, unless the mount/junction point has system and hidden attributes set. | -| SA_FSAA_Paths | Contains information about the full paths to every distinct folder location for which permissions have been scanned and child folders exist | - -Additional Views - -| Views | Details | -| ----------------------------- | --------------------------------------------------------------------------------------------- | -| SA_FSAA_LocalGroupMembersView | Contains information on the local groups present on each host and the members of those groups | - -## File System Activity Auditing Tables & Views - -The tables and their associated views are grouped by types. - -Activity Changes Tables (FSAC) - -| Tables | Details | -| -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_FSAC_ActivityEvents | Contains all of the logged activity events | -| SA_FSAC_DailyActivity | Contains roll-up information of the number of operations that have been performed by a trustee on a file or folder. This information is date-wise. | -| SA_FSAC_Exceptions | Contains information about security issues and concerns | -| SA_FSAC_ExceptionTypes | Identifies how many instances of exceptions exist on the audited hosts | -| SA_FSAC_OwnerChanges | Contains information about ownership changes on folders and files | -| SA_FSAC_PermissionChanges | Contains details around permission changes events for an activity | -| SA_FSAC_ProcessNames | Contains process names by which user have performed activity | -| SA_FSAC_RenameTargets | Contains the target path for rename operations | -| SA_FSAC_UserExceptions | Contains information about user security issues and concerns | -| SA_FSAC_UserExceptionTypes | Identifies how many instances of user exceptions exist on the audited hosts | - -Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the -FSAA Data Collector. They contain additional information for building queries easily. The following -is an explanation of the corresponding views created for some of the tables generated by the FSAA -Data Collector: - -Activity Change Views (FSAC) - -| Views | Details | -| --------------------------------- | ------------------------------------------------------------------------- | -| SA_FSAC_ActivityEventsView | Contains detailed activity event information | -| SA_FSAC_DailyActivityView | Contains the daily rollup statistics for activity events per day | -| SA_FSAC_DailyResourceActivityView | Contains the daily rollup statistics per folder | -| SA_FSAC_DailyUserActivityView | Contains the daily rollup statistics for activity events per user | -| SA_FSAC_ExceptionsView | Contains how many instances of exceptions exist on the audited hosts | -| SA_FSAC_PermissionChangesView | Contains detailed permission changes event information | -| SA_FSAC_UserExceptionsView | Contains how many instances of user exceptions exist on the audited hosts | - -## File System DFS Auditing Tables & Views - -The tables and their associated views are grouped by types. - -FSDFS Tables - -| Tables | Details | -| ------------------- | -------------------------------------------------------------------------------------------------------------- | -| SA_FSDFS_Links | Contains information on links | -| SA_FSDFS_Namespaces | Contains a list of all of the domain and server namespaces with corresponding links to the SA_FSAA_Hosts table | - -Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the -FSAA Data Collector. They contain additional information for building queries easily. The following -is an explanation of the corresponding views created for some of the tables generated by the FSAA -Data Collector: - -FSDFS Views - -| Views | Details | -| -------------------------------- | ------------------------------------- | -| SA_FSDFS_NamespacesTraversalView | Expands all of the scanned namespaces | - -## File System Sensitive Data Discovery Auditing (SEEK) Tables & Views - -The tables and their associated views are grouped by types. - -FSDLP Tables - -| Tables | Details | -| --------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -| SA_FSDLP_Criteria | Contains the sensitive data criteria which are selected for collection by the scan engine (data collector configuration) | -| SA_FSDLP_ImportHistory | Contains historical information about the import process for each host that is imported | -| SA_FSDLP_Matches | Contains rolled up aggregate counts of the sensitive data criteria matches found during the scan | -| SA_FSDLP_MatchHits | Contains the actual sensitive data discovered within files which matched selected criteria | -| SA_FSDLP_MatchHits_SubjectProfile | Contains the actual sensitive data within files that matched selected criteria for subject profiles | - -Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the -FSAA Data Collector. They contain additional information for building queries easily. The following -is an explanation of the corresponding views created for some of the tables generated by the FSAA -Data Collector: - -FSDLP Views - -| Views | Details | -| ---------------------- | ------------------------------------------------------------------------------------------ | -| SA_FSDLP_MatchesView | Surfaces all relevant data about the files, its location, and the type of criteria found | -| SA_FSDLP_MatchHitsView | Surfaces all actual sensitive data discovered within files which matched selected criteria | - -# FSAA: FSAA Update Service Setting - -The FSAA Update Service Setting page is where the File System Proxy Service can be automatically -updated on hosts where the service has already been installed. It requires the File System Proxy -Service to be v8.0 or later prior to using this feature. It is a wizard page for the category of -Update Proxy Service. - -![FSAA Data Collector Wizard FSAA Update Service Setting page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/updateservice.webp) - -Configure the settings for the targeted File System Proxy Service: - -- Port number – The default port number is 8766 -- Applet communication timeout: [number] minute(s) – This option determines the length of time (in - minutes) the Enterprise Auditor Console attempts to reach the proxy before giving up. Depending on - the job configuration, the data collector behaves in one of three ways after the timeout value has - been exceeded. -- Scan cancellation timeout: [number] minute(s) – When selected, this option will timeout the applet - if there is an attempt to pause the scan and the applet does not respond - -See the -[FSAA: Applet Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -# Additional FSAA Workflows - -The following FSAA Data Collector query categories that provide additional functionality: - -- Remove scan executables and data – Removes file system access audit scan applet and data from - remote server -- Update proxy service – Update FSAA binaries for hosts running the File System Proxy Service - - **NOTE:** Requires the existing File System Proxy Service to be v8.0 or later. - -- Remove host data – Removes host from all SQL tables created by the FSAA Data Collector and deletes - StrucMap (removes host assigned to job where query exists) - -Additional workflows include: - -- Remove Host and Criteria SDD Data – Removes SDD data for a host or a criteria from the SQL tables -- Drop Tables & Views – Drops the standard reference tables and views - -_Remember,_ the FSAA Data Collector always records data in Standard Reference Tables, no matter what -job it is applied to. - -## Remove File System Access Scan Category - -The FSAA Data Collector can be used to clean-up or troubleshoot the applet and proxy scanning -servers. This would need to be done through a new job’s query. Set the host list and Connection -Profile to target the desired applet and proxy servers. - -Follow these steps to build a new query using the FSAA Data Collector with the Remove scan -executables and data category. - -**Step 1 –** Navigate to the **Configure** node of a new or chosen job and select the **Queries** -node. - -**Step 2 –** In the Query Selection view, click the **Create Query** link. The Query Properties -window displays. - -**Step 3 –** Select the **Data Source** tab. From the **Data Collector** drop-down menu, select -**FILESYSTEMACCESS** and then click the **Configure** button. The File System Access Auditor Data -Collector Wizard opens. - -![FSAA Data Collector Wizard Query Selection page with Remove scan executables and data option selected](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp) - -**Step 4 –** On the Query Selection page, select the **Remove scan executables and data** category. - -**Step 5 –** Click **Finish** to save the selection and close the wizard. Then click **OK** to close -the Query Properties window. - -This job has now been configured to run the FSAA Data Collector to remove the file system access -audit scan applet and data from the target server. Run the job to clean-up the targeted hosts. - -## Update Proxy Service Category - -The FSAA Data Collector can be used to upgrade the File System Proxy Service already installed on -proxy servers. The FS_UpdateProxy Job is preconfigured to run with the default settings with the -category of Update proxy service. It is available through the Instant Job Library under the File -System library. - -The Update Proxy Service category option enables users with the ability to update v8.0+ File System -Proxy Service installations to newer versions. When this query is employed, the job compresses the -updated binaries and deploy them to the proxy server. Once the proxy server has no active sessions, -the Netwrix Enterprise Auditor FSAA Proxy Scanner service shuts down and the components are updated. -Finally, the service restarts itself. - -**NOTE:** This option is not for updating v7.x File System Proxy installations. Those must be -manually updated to at least v8.0 on the proxy server before this query can be used to automate the -process. - -Follow the -[Upgrade Proxy Service Procedure](/docs/accessanalyzer/11.6/installation/filesystem-proxy/upgrade.md) -and use the FS_UpdateProxy Job. - -## Remove Host Category - -The FSAA Data Collector can be used to clean-up the Standard Reference Tables by removing data for -particular hosts. This would need to be done through a new job’s query. The host to be removed is -set as the host list for the new job. The Connection Profile applied should be the same as the one -used for the associated **FileSystem** > **0.Collection** > … **Bulk Import** Job. - -**CAUTION:** Be careful when applying this query task, as it results in the deletion of collected -data. Ensure proper configuration prior to job execution. - -**_RECOMMENDED:_** Manually enter individual hosts into the host list executing this query. - -Follow the steps to build a new query using the FSAA Data Collector with the Remove host data -category. - -**Step 1 –** Navigate to the **Configure** node of a new or chosen job and select the **Queries** -node. - -**Step 2 –** In the Query Selection view, click the **Create Query** link. The Query Properties -window displays. - -**Step 3 –** Select the **Data Source** tab. From the **Data Collector** drop-down menu, select -**FILESYSTEMACCESS** and then click **Configure**. The File System Access Auditor Data Collector -Wizard opens. - -![FSAA Data Collector Wizard Query Selection page with Remove host data option selected](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/queryselectionremovehostdata.webp) - -**Step 4 –** On the Query Selection page, select the **Remove host data** category. - -**Step 5 –** Click **Finish** to save the selection and close the wizard. Then click **OK** to close -the Query Properties window. - -This job has now been configured to run the FSAA Data Collector to remove the host identified in the -job’s **Configure** > **Hosts** node. Run the job to clean-up the targeted hosts. - -_Remember,_ this job deletes data from the Enterprise Auditor database. Use caution and ensure -proper configuration prior to job execution. - -## Remove Host and Criteria SDD Data - -The FS_SDD_DELETE job removes host and criteria sensitive data matches from the Tier 1 database. It -is preconfigured to run analysis tasks with temporary tables that requires modification prior to job -execution. It is available through the Instant Job Library under the File System library. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -![FS_SDD_DELETE Job in Job's Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddelete.webp) - -The 0.Collection Job Group must be run before executing the FS_SDD_DELETE Job. - -### Analysis Tasks for the FS_SDD_DELETE Job - -The analysis tasks are deselected by default. View the analysis tasks by navigating to the -**Jobs** > **FS_SDD_DELETE** > **Configure** node and select **Analysis**. - -**CAUTION:** Applying these analysis tasks result in the deletion of collected data. - -![FS_SDD_DELETE Job Analysis Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddeleteanalysistasks.webp) - -- Delete Criteria – Remove all SDD Data for a Specified Criteria -- Delete Host – Remove all SDD Data Related to a Host -- Remove Host & Criteria – Remove all SDD Data for a Specific Host and Criteria Combination - -### Configure the FS_SDD_DELETE Analysis Tasks - -Follow the steps to configure and run the analysis tasks. - -**Step 1 –** Prior to job execution, modify the desired analysis tasks using the -[Customizable Analysis Parameters for FS_SDD_DELETE Job](#customizable-analysis-parameters-for-fs_sdd_delete-job) -instructions. - -**Step 2 –** In the Analysis Selection Pane, check the type of analysis task that will be run. - -**Step 3 –** Right-click the **FS_SDD_DELETE** Job and select **Run Job**. The analysis execution -status is visible from the **Running Instances** node. - -**Step 4 –** When the job has completed, return to the Analysis Selection Pane and deselect all -analysis tasks. - -**CAUTION:** Do not leave these analysis tasks checked in order to avoid accidental data loss. - -All of these tables have been dropped from the SQL Server database and the data is no longer -available. - -### Customizable Analysis Parameters for FS_SDD_DELETE Job - -A customizable parameter enables Enterprise Auditor users to set the sensitive data values that will -be deleted during this job’s analysis. - -| Analysis Task | Customizable Parameter Name | Value Indicates | -| ---------------------- | --------------------------- | --------------------------------------------- | -| Delete Host | #hosts | List of Host Names to be removed | -| Delete Criteria | #Criteria | List of Criteria to be removed | -| Remove Host & Criteria | #Criteria #hosts | List of Criteria and Host Names to be removed | - -The parameters that can be customized are listed in a section at the bottom of the SQL Script -Editor. Follow the steps to customize analysis task parameters. - -**Step 1 –** Navigate to the **FS_SDD_DELETE** > **Configure** node and select **Analysis**. - -**Step 2 –** In the Analysis Selection view, select the desired analysis task and click on -**Analysis Configuration**. The SQL Script Editor opens. - -![ FS_SDD_DELETE Job Analysis Task in SQL Script Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp) - -**Step 3 –** In the Parameters section at the bottom of the editor, select either the **#Criteria** -or **#hosts** row, depending on the analysis task chosen, and then **Edit Table**. The Edit Table -window opens. - -**CAUTION:** Do not change any parameters where the Value states `Created during execution`. - -![SQL Script Editor Edit Table window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp) - -**Step 4 –** Use the **Add New Item** button to enter host names or criteria to the temporary table -list manually, or select the **Browse** button to upload a list of hosts in CSV format. Click **OK** -to save any changes. Other Edit Table buttons include: - -- Edit a Value -- Delete this row/column -- Move up -- Move down - -**Step 5 –** Click Save and Close to finalize the customization and close the SQL Script Editor. - -The job is now ready to be executed. - -## Drop Tables & Views - -If it becomes necessary to clear the FSAA Data Collector tables and views to resolve an issue, the -FS_DropTables Job is preconfigured to run analysis tasks that drop functions and views for the File -System Solution as well as the standard tables and views generated by the FSAA Data Collector. - -It is available through the Instant Job Library under the File System library. Since this job does -not require a host to target, select Local host on the Hosts page of the Instant Job Wizard. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -![FS_DropTables Job in Job's Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/droptables.webp) - -The 0.Collection Job Group must be run before executing the FS_DropTables Job. - -### Analysis Tasks for the FS_DropTables Job - -The analysis tasks are deselected by default. View the analysis tasks by navigating to the -**Jobs** > **FS_DropTables** > **Configure** node and select **Analysis**. - -**CAUTION:** Applying these analysis tasks result in the deletion of collected data. - -![FS_DropTables Job Analysis Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/droptablesanalysistasks.webp) - -- 1. Drop FSAA functions – Removes all functions and views from previous runs of the File System - Solution -- 2. Drop FSAC tables – Drops the File System Activity Auditing tables imported from the previous - runs -- 3. Drop FSDLP Tables – Drops the File System Sensitive Data Discovery Auditing tables imported - from the previous runs -- 4. Drop FSDFS Tables – Drops the File System DFS Auditing tables imported from the previous runs -- 5. Drop FSAA Tables – Drops File System Access Auditing tables imported from the previous runs - -Do not try to run these tasks separately, as they are designed to work together. Follow these steps -to run the analysis tasks: - -**Step 1 –** In the Analysis Selection Pane, click **Select All**. All tasks will be checked. - -**Step 2 –** Right-click the **FS_DropTables** Job and select **Run Job**. The analysis execution -status is visible from the **Running Job** node. - -**Step 3 –** When the job has completed, return to the Analysis Selection Pane and click **Select -All** to deselect these analysis tasks. - -**CAUTION:** Do not leave these analysis tasks checked in order to avoid accidental data loss. - -All of these tables have been dropped from the SQL Server database and the data is no longer -available. - -# SystemInfo: Category - -The Category page contains the following categories: - -![System Info Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The report categories are: - -- Computer System – Returns hardware and software related information -- Files Shares – Returns file share, permissions, and content information -- Logged On Users – Returns information about users logged on to local and remote machines -- Network Interface(NIC) – Returns network adapter configuration information -- Open File Shares – Returns information on accessible file shares -- Open Files – Returns information on locked and in use files -- Scheduled Tasks – Returns information on scheduled tasks -- Sessions – Returns information on local and remote sessions - -# SystemInfo: File Types - -The File Types page is where to enable count file types and specify filename masks if it is desired -to count files of given types. Two properties are generated for every mask provided, one for size -and one for count. It is a wizard page for the category of File Shares. - -![System Info Data Collector Wizard File Types page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/filetypes.webp) - -To enable counting file types, select the **Count file types** checkbox. To add new file types, -click **Add New**. To load a list of default file types for counting, click **Load Defaults**. To -remove a file type, select the file type and click **Remove**. - -# SystemInfo: Job Scope - -The Job Scope page is where to select whether or not scoping should be used during execution. It is -a wizard page for the category of File Shares. - -![System Info Data Collector Wizard Job Scope page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/jobscope.webp) - -Select from the following options: - -- Don’t Use Scoping -- Use Scoping - -# SystemInfo: Options - -The Options page contains options for the Files Shares category. It is a wizard page for the -categories of: - -- File Shares -- Network Interface (NIC) -- Open File Shares - -**NOTE:** This is a legacy feature, as it is more efficient to use the **FileSystemAccess** (FSAA) -Data Collector to gather this information. - -## File Shares and Open File Shares - -For the File Shares and Open File Shares categories: - -![System Info Data Collector Wizard Options page for File Shares category](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/optionsfileshares.webp) - -Select from the following options to control the depth of processing and the amount of information -to be returned by the query: - -- Include file level permissions - - - Do not collect inherited file permissions - - - Return All Folders - -- Enumerate subfolders within shared folders - - - Limit returned subfolders depth to – Specify the number of levels - -- Size units for corresponding properties – Select the desired size unit: - - - Bytes - - KBytes - - Mbytes - - GBytes - -## Network Interface (NIC) - -For the Network Interface (NIC) category: - -![System Info Data Collector Wizard Options page for NIC category](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/optionsnic.webp) - -The configurable option is: - -- Show primary IP address only – Select this checkbox to return data for the primary network - interface only - -# SystemInfo Data Collector - -The SystemInfo Data Collector extracts information from the target system based on the selected -category. The SystemInfo Data Collector is a core component of Enterprise Auditor, but it has been -preconfigured within the Windows Solution. While the data collector is available with all Enterprise -Auditor license options, the Windows Solution is only available with a special Enterprise Auditor -license. See the -[Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) -topic for additional information. - -Protocols - -- Remote Registry -- RPC -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group - -## SystemInfo Query Configuration - -The SystemInfo Data Collector is configured through the System Info Data Collector Wizard, which -contains the following wizard pages: - -- Welcome -- [SystemInfo: Category](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [SystemInfo: Results](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [SystemInfo: Shares List](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [SystemInfo: Probable Owner](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [SystemInfo: VIP Membership](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [SystemInfo: File Types](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [SystemInfo: Options](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [SystemInfo: Summary](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - -![System Info Data Collector Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. - -# SystemInfo: Probable Owner - -On the Probable Owner page, select options for determining the owner using weighted calculations. -This page is enabled when the **Probable Owner** property is selected on the Results page. - -![System Info Data Collector Wizard Probable Owner page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/probableowner.webp) - -Determine owner - -In the Determine owner section, select from the following options: - -- Determine owner from User Profile Last Modified Date -- Determine owner from User Profile Size -- Determine owner from Current User -- Determine owner from Last User -- Custom weights – Select this radio button to use custom weights to determine the probable owner. - These weights can be set by clicking the ellipsis next to the Result weights box to open the - Probable Owner Settings window. - -![Custom weights Probable Owner Settings window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/customweights.webp) - -The Result weights box displays the custom weights set in the Probable Owner Settings window. - -Exclude users list - -In the Exclude users list section, select from the following checkboxes: - -- Exclude users by list – Enables the **Set List of Users to Exclude** button -- Exclude locked out users -- Exclude disabled users - -![Exclude users Probable Owner Settings window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/excludeusers.webp) - -Click **Set Users to Exclude** to open the Probable Owner Settings window: - -- User – Enter users in the following format: `Domain\Username` -- Add user – Click **Add user** to add the users entered in the User box to the excluded users list -- Removed selected – Select a user and click **Removed selected** to remove the user -- Clear list – Click **Clear list** to remove the list of excluded users -- Select users or groups – Click **Select users or groups** to open the Select User or Group window - and select users or groups to add the excluded users list -- Import from file – Select **Import from file** to open the Import File Dialog and import files to - add to the excluded users list - -Output options - -In the Output options section, select from the following options: - -- Get the most probable owner(s) -- Get probable owners with relative deviation to the most probable owner – Enables the following - option: - - - Maximum deviation: **[number]** percents - -- Get probable owners limited by probability – Enables the following options: - - - Probability threshold **[number]** percents - - Return at least one probable owner regardless of probability - -Select the following checkbox if desired: - -- Return the top **[number]** ranked probable owners - -# SystemInfo: Results - -The Results page is used to select which properties are gathered out of those available for the -category. It is a wizard page for all categories. - -![System Info Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Check all**, **Uncheck all**, and **Reset to -defaults** buttons can be used. All selected properties are gathered. Available properties vary -based on the category selected. - -# SystemInfo: Shares List - -On the Shares List page, configure the shares to include and exclude. It is a wizard page for the -category of File Shares. - -![System Info Data Collector Wizard Shares List page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/shareslist.webp) - -Select from the following options to exclude system or hidden shared folders from enumeration: - -- Exclude system and special shared folders -- Exclude hidden shared folders - -Select the following checkbox to identify nested shares and exclude them from the output: - -- Skip Nested Shares - -To configure individual shares to include or exclude, enter a share name and click **Add as -inclusion** or **Add as exclusion**. To remove the share from the list, select the share and click -**Remove selected**. To clear the list of inclusions and exclusions, click **Clear list**. - -# SystemInfo: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all categories. - -![System Info Data Collector Wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the System Info Data Collector Wizard ensuring that no accidental clicks -are saved. - -# SystemInfo: VIP Membership - -The VIP Membership provides the option to add members to a VIP List and exclude them from contact -about probable ownership. Any users can be added to VIP membership. This page is enabled when the -VIPList property is selected on the Results page. - -![System Info Data Collector Wizard VIP Membership page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/vipmembership.webp) - -To add a user to the VIPList members table, enter the username in the User box in the -`Domain\Username` format and click **Add user**. To remove a user from the list, select the user and -click **Remove selected**. To clear the list, click **Clear list**. - -To select users or groups to add to the VIPList members table, click **Select users or groups** to -open the Select User or Group browser window and add a user or group. To import a file, click -**Import from file** to open the Import File Dialog browser window. diff --git a/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md b/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md deleted file mode 100644 index 2b7f239ec7..0000000000 --- a/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md +++ /dev/null @@ -1,831 +0,0 @@ -# SPAA: Activity Date Scope - -The Activity Date Scope page is where the range of dates for which the SharePoint activity scan will -collect data is configured. It is a wizard page for the category of Scan SharePoint Activity. - -![Activity Date Scope page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/activitydatescope.webp) - -Use the radio buttons to select the **Scan Filters**. - -- Relative Timespan - - Collect Activity from the last 180 days – The number of days to collect activity can be - configured with the up and down arrows - - Retain data – The timespan for data retention. Select from the drop-down list: - - within timespan - - forever -- Absolute Timespan - - - Start date – Click the down arrow to access the calendar and select the start date for data - collection - - End date – Click the down arrow to access the calendar and select the end date for data - collection - - **NOTE:** Selecting Absolute Timespan will not affect activity data collected during Relative - Timespan scans. - -# SPAA: Activity Log Locations - -The Activity Log Locations page is where to manually configure log locations to avoid requiring -remote registry access to locate the activity event log files. It is a wizard page for the category -of Scan SharePoint Activity. - -![Activity Log Locations page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/activityloglocations.webp) - -The options in the Activity Log Locations page are: - -- Add – Opens the Customize Activity Log UNC Paths location window to add a new host -- Add Default – Opens the Customize Activity Log UNC Paths location window for the default host -- Edit – Opens the Customize Activity Log UNC Paths window for the selected host. If edits are made, - click **OK** to save the changes. -- Remove – Removes the selected host - -![Customize Activity Log UNC Paths Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/customizeactivityloguncpaths.webp) - -The options in the Customize Activity Log UNC Paths Window are: - -- Host name – Host name of the targeted SharePoint On-Premises server or SharePoint Online tenant -- SBTFileMon.ini UNC path – UNC path to the location of the **SBTFileMon.ini** file (as configured - in **Activity Monitor** > **Monitored Hosts**) -- Activity log UNC path – UNC path to the location of the **SBTFileMon_Logs** folder containing the - Activity Logs (as configured in **Activity Monitor** > **Monitored Hosts**) - - **NOTE:** For On-Premises environments you do not need to specify an Activity Log UNC path as - the Data Collector will default to finding the log locations via the registry. - -- Activity archive UNC path – UNC path to the archive location of Activity Logs (as configured in - **Activity Monitor** > **Agents**). If archiving is not enabled in Activity Monitor this can be - left blank. - -**NOTE:** In any UNC paths, `%HOST%` will be replaced with the host name. - -See the Getting Started with SharePoint & SharePoint Online Activity Monitor topic in the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for additional information. - -# SPAA: Additional Scoping - -The Additional Scoping page is where the scan can be limited by depth of the scan. It is a wizard -page for the categories of: - -- Scan SharePoint Access -- Scan For Sensitive Content - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -![Additional Scoping page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/additionalscoping.webp) - -If checked, set the **Limit scanned depth to: [number] level(s)** option to the desired depth. If -this option is not checked then the entire farm is scanned. If the scoping depth is set to **0** -then only root site collections are scanned. Each increment to the depth adds an additional level of -depth from that point. - -Check the **Perform differential scan** box to enable the job to run a differential scan. -Differential scanning is enabled by default. When this option is enabled, SPAA scan will only parse -files for content/SDD if it has been modified since the last scan. - -**NOTE:** This option only applies to Tag collection and Sensitive data collection. Files will be -still be scanned for permissions regardless of whether this option is checked or not. - -# SPAA: Agent Settings - -The Agent Settings page is where the SharePoint Agent Service is configured. It is a wizard page for -the category of Scan SharePoint Access. - -![Agent Settings page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/windowsagent.webp) - -The **Enable Agent Service Scans** checkbox enables collecting SharePoint data through the agent -services instead of directly from SharePoint. This option requires a **Network Port** to be entered. -Agent Service Identity radio buttons are: - -- Use Job Credentials when job has same credentials as agent services -- Use Custom Identity for other agent service credential scenarios - - Specify identity in the format `spn:name` or `upn:name` - - The token `%HOST%` may be substituted for the host name - -This option requires the SharePoint Agent to be installed on the application server. See the -[SharePoint Agent Installation](/docs/accessanalyzer/11.6/installation/sharepoint-agent/install.md) -topic for additional information. - -# SPAA: Bulk Import Settings - -The Bulk Import Settings page is where the bulk import process settings are configured. It is a -wizard page for the categories of: - -- Bulk Import Access Scan Results -- Bulk Import Sensitive Content Scan Results - -![Bulk Import Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp) - -Subsequent hosts in job lists will get host IDs incremented by 1. The Host Identifier may require an -offset to avoid overlapping IDs in collected data. If the **Set Host ID** checkbox is left -unchecked, then Enterprise Auditor assigns values starting from 1 to every host. This feature is -intended only for SQL Server Replication. - -# SPAA: Category - -The SPAA Data Collector Category page contains the following query categories, sub-divided by -auditing focus: - -![Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The options on the Category page are: - -- The **SharePoint Access Audits** category scans hosts for SharePoint access information and has - two selections to choose from: - - Scan SharePoint Access – Performs SharePoint access audits - - Bulk Import Access Scan Results – Imports SharePoint access scan results into the Enterprise - Auditor database -- The **Sensitive Content** category scans hosts for sensitive data information and has two - selections to choose from: - - Scan for Sensitive Content – Scans for sensitive content on SharePoint - - Bulk Import Sensitive Content Scan Results – Imports sensitive content scan results into the - Enterprise Auditor database -- The **SharePoint Activity Audits** category scans hosts for SharePoint activity information and - has two selections to choose from: - - Scan SharePoint Activity – Scans SharePoint activity log files - - Bulk Import SharePoint Activity Scan Results – Imports SharePoint activity into the Enterprise - Auditor database - -_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to be -installed on the Enterprise Auditor Console. If the SharePoint Agent is used, then it must also be -installed on the application server that hosts the Central Administration component. - -# SharePoint Custom Connection Profile & Host List - -The SPAA Data Collector requires a custom Connection Profile and a custom host list to be created -and assigned to the job conducting the data collection. The host inventory option during host list -creation makes it necessary to configure the Connection Profile first. While SharePoint on-premises -uses the Active Directory account type for the credential within a Connection Profile, it is -necessary for online credentials to be listed first in the credentials list within a Connection -Profile housing credentials to both environments. - -## SharePoint Farm - -This section describes the process to configure the Connection Profile and custom host list for -scanning SharePoint On-Premises. - -### SharePoint Farm Credential for a Connection Profile - -The provisioned credential used should be an Active Directory account. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Active Directory Account -- Domain – Drop-down menu with available trusted domains displays. Either type the short domain name - in the textbox or select a domain from the menu. -- User name – Type the user name -- Password Storage – Choose the for credential password storage: - - Application – Uses Enterprise Auditor’s configured Profile Security setting as selected at the - **Settings** > **Application** node - - CyberArk – Uses the CyberArk Enterprise Password Vault -- Password – Type the password -- Confirm – Re-type the password - -Once the Connection Profile is created, it is time to create the custom host list. See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -### SharePoint Farm Host in a Custom Host List - -The custom host list should include: - -- One application server per farm -- Host name without a domain suffix, this means the host name should not contain a period character - -See the -[Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) -section for instruction on creating a custom static host list. - -## SharePoint Online - -This section describes the process to configure the Connection Profile and custom host list for -scanning SharePoint Online using Modern Authentication. - -### SharePoint Online Credential for a Connection Profile using Modern Authentication - -The provisioned credential should be an Microsoft Entra ID Application. See the -[SharePoint Online Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/collaboration/sharepoint-online.md) -topic for instructions on registering and provisioning the Microsoft Entra ID Application manually -or via the SP_RegisterAzureAppAuth Instant Job. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Azure Active Directory -- Client ID – Application (client) ID of the Enterprise Auditor application registered with - Microsoft Entra ID -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - topic for additional information.) -- Key – The comma delimited string containing the path to the certificate PFX file, certificate - password, and the Microsoft Entra ID environment identifier ( - `CertPath,CertPassword,AzureEnvironment`) - - The `AzureEnvironment` is typically 0 for the default Azure Production Environment. Other - possible values are: - - - 1 – PPE - - 2 – China - - 3 – Germany - - 4 – US Government - - 5 – US Government-High - - 6 – US Government-DoD - - An example string matching the configuration from above is: - - C:\Program Files - (x86)\STEALTHbits\StealthAUDIT\PrivateAssemblies\spaa_cert_myorg.pfx,PasswordGoesHere,0 - - **NOTE:** `PasswordGoesHere` should be replaced with the password used when generating the - self-signed X.509 certificate if the Microsoft Entra ID Application was Registered and - Provisioned manually or the $appPassword parameter used in the SP_RegisterAzureAppAuth Instant - Job if that method was used. - -Once the Connection Profile is created, it is time to create the custom host list. See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -### SharePoint Online Host in a Custom Host List - -The custom host list should include: - -- Web or cloud hosts should be specified using the full web DNS part of the site URL, for example an - Office 365 site with the URL http://TestSite.sharepoint.com should be added as a host with name - TestSite.sharepoint.com -- Do not use the admin site, for example TestSite-admin.sharepoint.com -- Do not use IP Addresses -- Host name must be in DNS format - -See the -[Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for instructions on creating a custom static host list. - -# SPAA: DLP Audit Settings - -The DLP Audit Settings page is where sensitive data discovery settings are configured. It is a -wizard page for the category of Scan For Sensitive Content. - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -![DLP Audit Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/dlpauditsettings.webp) - -Configure the **Scan Performance** options: - -- Don’t process files larger than: Size Limit [number] MB – Limits the files to be scanned for - sensitive content to only files smaller than the specified size. The checkbox is selected by - default. The default size is 2 MB. -- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn - as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU - threads available. - -Use the radio buttons to select the **File types to scan**: - -- Scan typical documents (recommended, fastest) – Scans most common file types -- Scan all document types (slower) – Scans all file types except those excluded -- Scan image files for OCR content – Use optical character recognition to scan image files for - sensitive data content - - **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents - directly converted to images, with standard fonts. It will not work for scanning photos of - documents and may not be able to recognize text on images of credit cards, driver's licenses, or - other identity cards. - -Use the checkboxes to select to **Store Match Hits**: - -- Store discovered sensitive data – Stores match hits for sensitive data in the SPAA Tier 2 - database. If this option is not selected, then the match hits for sensitive data are still - reported but the data columns are masked in the database. -- Limit stored matches per criteria to [number] – Enabled when the Store discovered sensitive data - checkbox is selected. Limits the number of stored matches per criteria to the specified number. - -_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to be -installed on the Enterprise Auditor Console. If the SharePoint Agent is used, then it must also be -installed on the application server that hosts the Central Administration component. - -# SPAA Drop Tables & Views Workflow - -If it becomes necessary to clear the SPAA Data Collector tables and views to resolve an issue, the -SP_DropTables Job is preconfigured to run analysis tasks that drop functions and views for the -SharePoint Solution as well as the standard tables and views generated by the **SPAA** Data -Collector. It is available through the Instant Job Library under the SharePoint library. Since this -job does not require a host to target, select **Local host** on the Hosts page of the Enterprise -Auditor Instant Job Wizard. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -## Analysis Tasks for the SP_DropTables Job - -Navigate to the **Jobs** > **SP_DropTables** > **Configure** node and select **Analysis** to view -the analysis tasks. - -**CAUTION:** Applying these analysis tasks will result in the deletion of collected data. - -![SP_DropTables Job Analysis tasks](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/droptablesanalysis.webp) - -The default analysis tasks are: - -- 1. Drop SPAA functions – Removes all functions and views from previous runs of the SharePoint - Solution -- 2. Drop SPAC imports – Drops the SharePoint Activity Auditing tables imported from the previous - runs -- 3. Drop SPDLP Tables – Drops the SharePoint Sensitive Data Discovery Auditing (SEEK) tables - imported from the previous runs -- 4. Drop SPAA Tables – Drops the SharePoint Access Auditing tables imported from the previous - runs - -Do not try to run these tasks separately, as they are designed to work together. Follow these steps -to run the analysis tasks: - -**Step 1 –** In the Analysis Selection Pane, click **Select All**. All tasks will be checked. - -**Step 2 –** Right-click the **SP_DropTables** Job and select **Run Job**. The analysis execution -status will be visible from the **Running Jobs** node. - -**Step 3 –** When the job has completed, return to the Analysis Selection Pane and click **Select -All** to deselect these analysis tasks. - -**_RECOMMENDED:_** Do not leave these analysis tasks checked in order to avoid accidental data loss. - -All of these tables have been dropped from the SQL Server database and the data is no longer -available. - -# SharePointAccess Data Collector - -The SharePointAccess (SPAA) Data Collector audits access, group membership, and content within a -SharePoint on-premises and SharePoint Online environment. The SPAA Data Collector has been -preconfigured within the SharePoint Solution. Both this data collector and the solution are -available with a special Enterprise Auditor license. See the -[SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -topic for additional information. The SPAA Data Collector has the following requirements: - -Protocols - -- MS SQL -- Remote Registry -- SP CSOM (Web Services via HTTP & HTTPS) -- SP Server API -- WCF AUTH via TCP (configurable) - -Ports - -- Ports vary based on the Scan Mode selected and target environment. See the - [SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for additional information. - -Permissions - -- Permissions vary based on the Scan Mode selected and target environment. See the - [SharePoint Support](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -_Remember,_ if employing the Enterprise Auditor SharePoint Agent, it is also necessary for the -Sensitive Data Discovery Add-on to be installed on the server where the agent is installed. - -## SPAA Query Configuration - -The SharePointAccess Data Collector is configured through the SharePoint Access Auditor Data -Collector Wizard. The wizard contains the following pages, which change based up on the query -Category selected: - -- Welcome -- [SPAA: Category](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: Scan Scoping Options](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: Additional Scoping](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: Agent Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: Bulk Import Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: DLP Audit Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: Select DLP Criteria](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: Activity Date Scope](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: Activity Log Locations](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: Test Access](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: Results](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -- [SPAA: Summary Page](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) - -![SPAA Data Collector Wizard Welcome Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/welcomepage.webp) - -The Welcome page can be hidden by checking the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. - -# SPAA: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -of the categories. - -![Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be checked individually, or the **Select All**and **Clear All** buttons can be used. -All checked properties are gathered. Available properties vary based on the category selected. This -information is not available within the standard reference tables. Instead, this information can be -viewed in the table created by the query task, for example SA_1-SPAA_SystemScans_Access table. - -# SPAA: Scan Scoping Options - -The Scan Scoping Options page provides scoping options to specify the list of URLs to be scanned. It -is a wizard page for the categories of: - -- Scan SharePoint Access -- Scan For Sensitive Content - -![Scan Scoping Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptions.webp) - -The options on the Scan Scoping Options page are: - -- Add – When a URL is entered in the text box, adds the URL to the Scope box - - - To scope for a SharePoint Host Named Site Collections, use the text box to enter the URL for - both the Web App and the HNSC with custom non-existent URL extensions added. See the - [Scoping to SharePoint Host Named Site Collections](#scoping-to-sharepoint-host-named-site-collections) - topic for additional information. - - **NOTE:** If sites are included in the Scope box, all other sites are excluded from the scan. - -- Import CSV – Opens a file explorer to browse for a CSV file -- Scope box – Lists all added URLs -- Scope drop-down list – Select include to include a URL in the scan. Select exclude to exclude a - URL from the scan. -- Remove – Removes the selected URL from the Scope box - -## Scoping to SharePoint Host Named Site Collections - -In order to scope to objects within host named site collections, add a scope line which includes the -URL of the web application containing the host named site collection. To scope the host named site -collection URL `http://sample.com/documents/` for a host named site collection that exists under the -web application URL `http://example.com`, follow the steps: - -**Step 1 –** Navigate to the **Scan Scoping Options** page. - -![Enter URL on Scan Scoping Options page example](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptionswebappurl.webp) - -**Step 2 –** In the text box, enter an invalid URL prefixed with the **Web App URL** which contains -the HNSCs. Click **Add**. - -- In the example the invalid Web App URL is: `http://example.com/hnsc_indicator/` - -**Step 3 –** In the text box, enter the HNSC URL to scope for. Click **Add**. - -- In the example, the HNSC URL entered to filter for is: `http://sample.com/documents/` - -![Scan Scoping Options example](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsexample.webp) - -**Step 4 –** The Web App URL must appear above the HNSC URL, as depicted in the example above. - -**Step 5 –** The SharePoint Access Auditor Data Collector Wizard is now configured to filter for the -URL inside the SharePoint Host Named Site Collections. - -## Virtual Hosts - -In order to decrease the scan time in large SharePoint Online environments, it is possible to break -Site Collections for a single host down into subsets, or **Virtual Hosts**, that are treated as -separate hosts by Enterprise Auditor. This allows multiple scans of a single host to be run -concurrently. Follow the steps to configure this. - -![CSV file with host and site collection information](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/virtualhostscsv.webp) - -**Step 1 –** Create a new CSV file. Add into rows the information for the host and site collection -URLs you want to scan in the format `HOSTNAME#DESIGNATOR;URL`. - -- Each unique `DESIGNATOR` is treated as a separate host comprised of the specified URLs. - -![Host List for targeting the Virtual Hosts](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/virtualhostshostlist.webp) - -**Step 2 –** Configure the Host List for SPAA or SPSEEK scans to target these Virtual Hosts using -the format `HOSTNAME#DESIGNATOR`. - -![SPAA Data Collector Wizard Scan Scoping Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp) - -**Step 3 –** On the Scan Scoping Options page of the SharePoint Access Auditor Data Collector -Wizard, use the **Import CSV** button to import the information from the CSV file created in Step 1. - -**Step 4 –** Click **Next** to continue through the other pages of the SharePoint Access Auditor -Data Collector Wizard. Then click **Finish** on the Summary Page. - -Enterprise Auditor is now configured to scan multiple site collections for the same host -concurrently. - -A new host folder is created for each Virtual Host in `Jobs/SA_CommonData/SHAREPOINTACCESS`. You -will also see a separate line on the Running Instances tab for each Virtual Host included in the -scan. - -**NOTE:** The Host List for Bulk Import should be configured to contain each Virtual Host included -in the above scan using the `HOSTNAME#DESIGNATOR` format. After Bulk Import, the data contained in -Tier 1 Database tables and views will resemble a scan run against multiple hosts. - -# SPAA: Select DLP Criteria - -The Select Criteria page is where criteria to be used for discovering sensitive data are configured. -It is a wizard page for the category of Scan For Sensitive Content. This page requires the Sensitive -Data Discovery Add-On to be been installed on the Enterprise Auditor Console to define the criteria -and enable the Criteria Editor. If the SharePoint Agent is used, then it must also be installed on -the application server that hosts the Central Administration component. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -![Select DLP criteria for this scan page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/selectdlpcriteria.webp) - -The options on the Select DLP Criteria page are: - -- Use Global Criterion Selection – Check this option to inherit sensitive data criteria settings - from the **Settings** > **Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - topic for additional information. -- Use the following selected criteria – Check this option to use the table to select which sensitive - data criteria to scan for -- Select All - Click **Select All** to enable all sensitive data criteria for scanning -- Clear All - Click **Clear All** to remove all selections from the table -- Check the boxes next to the sensitive data criteria options to enable it to be scanned for during - job execution - -The table contains the following types of criteria: - -**NOTE:** Until the Sensitive Data Discovery Add-On is installed, only the headers for the System -Criteria and User Criteria nodes are visible in the table. - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit - user-defined criteria. See the - [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md)topic - for additional information. - -# SPAA: SharePoint Data Collection Settings - -The SharePoint data collection settings page is where additional scan settings are configured. It is -a wizard page for the categories of: - -- Scan SharePoint Access -- Scan For Sensitive Content - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -![SharePoint data collection settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/datacollectionsettings.webp) - -The Probable Owners section provides options for how probable ownership will be calculated: - -- Limit maximum number of Probable Owners per resource: [number] – Return the maximum user supplied - number of probable owners per resource - -The Collect Personal Sites checkbox enables or disables collection during the scan of personal site -collections of individual users. Personal site collections are a SharePoint feature which gives -every user their own site collection, and which are used by Office 365 to store a user’s OneDrive -files. Personal sites are configured by default to only be accessible by the user to whom they -belong, and so it is likely that the Connection Profile that the data collector is assigned may not -have access to some users’ personal sites. There are three radio buttons for identifying how the -query treats personal sites to which it does not have access: - -- Skip inaccessible personal sites – Inaccessible personal sites are not scanned -- Force scan account as admin of inaccessible personal sites – Make the Connection Profile - credentials a Site Collection Administrator of any personal sites to which it does not have - access: - - - The personal sites will be scanned - - When the scan is complete, the permissions are restored to what they were prior to the scan, - referring to those credentials made a Site Collection Administrator of personal sites in order - to conduct the scan. - - Requires the account used in the Connection Profile credentials to have the Global - Administrator role for SharePoint Online or be a Farm Administrator for SharePoint on premise. - This permission is required to facilitate altering the administrators of site collections. - - **NOTE:** The Microsoft SharePoint API employed to remove personal Site Collection - Administrator is unreliable, and occasionally the scanning account is left as a Site - Collection Administrator of personal sites. This may leave the scanning account visible to - SharePoint users on the permissions of the files in their personal sites. - - **_RECOMMENDED:_** Only use this option if that account is clearly identifiable as an - administrative account, and users are advised of the possibility that the account could - appear on the permissions of their personal site collection documents. - -- Force Company Administrator as admin of inaccessible personal sites – Make the special Company - Administrator account an administrator of any personal sites to which it does not have access - - - The personal sites will be scanned - - When the scan is complete, the Company Administrator account is left as an administrator of - the users’ personal site collections - - Requires the account used in the Connection Profile credentials to have the Global - Administrator role for SharePoint Online or be a Farm Administrator for SharePoint on premise. - This permission is required to facilitate altering the administrators of site collections. - - **NOTE:** The Company Administrator account is a special SharePoint Online and SharePoint - 2013 group which contains all accounts which have the Global Administrators role. - -The **Extract Document Tags** option enables the collection of metadata tags from Microsoft Office -files in SharePoint. Since this option requires the retrieval and scanning of each document, it -results in a noticeable increase in scan time. - -- Select a preferred zone – Use the drop-down list to select a preferred zone within the web - application to target the scan. If a targeted web application does not have the selected preferred - zone, the scan targets the default zone for that web application. Options include: - - - Default - - Intranet - - Internet - - Custom - - Extranet - -# Standard Reference Tables & Views for the SPAA Data Collector - -The SPAA Data Collector gathers essential SharePoint on-premises and SharePoint Online information -into standard reference tables. Unlike most of the other Enterprise Auditor data collectors, the -SPAA Data Collector writes data to these tables regardless of the job executing the query. - -## SharePoint Access Auditing Tables & Views - -The tables and their associated views are grouped by types. - -Structure Tables - -| Tables | Details | -| ----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_SPAA_Hosts | Contains the names and ID of all SharePoint hosts that have been scanned for permissions. | -| SA_SPAA_Resources | Contains information about all audited resources, which can be site collections, sites, libraries, lists, or folders. This provides information on the hierarchy relationship, as well as references to the name and rights applied to that folder. | -| SA_SPAA_Sharing | Contains the view and edit links for anonymously shared resources, indicates if a resource is shared directly with trustees, and indicates whether a resource has a pending sharing request. | -| SA_SPAA_SharingUsers | Contains information about the users to whom resources are shared with such as their email, login name, title, department, and describes whether the sharing grants is view only or edit permissions. | -| SA_SPAA_SiteCollections | Contains a list of site collections that were audited and references the SA_SPAA_Resources and SA_SPAA_Trustees tables for the administrators of each site collection. | -| SA_SPAA_WebApplications | Contains a list of web applications audited. | -| SA_SPAA_WebAppURls | Contains a list of URLs for each web application audited. | - -Trustee Tables - -| Tables | Details | -| --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_SPAA_Trustees | Contains information about any domain user, group, or security principal that has been assigned permissions. This table does not contain local user and groups, as none of the trustees in this table are specific to any one host. | -| SA_SPAA_TrusteeGroupMembers | Table contains information on SharePoint group membership. | - -Access Calculation Tables - -| Tables | Details | -| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_SPAA_Permissions | Contains information on the actual permissions that have been granted to resources. Each entry summarizes the rights assigned to every trustee that would appear on the permissions of a SharePoint resource. | -| SA_SPAA_Roles | Contains information about all of the roles on all of the site collections. | -| SA_SPAA_RolesProxy | Contains a mapping of role sets to individually assigned role definitions. A role set is a distinct set of roles that are applied to one or more resources. | -| SA_SPAA_WebAppPolicies | Contains summarized rights for every trustee in a web application policy. Each policy refers to a specific URL within that web application. | - -Calculated Tables - -| Tables | Details | -| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_SPAA_Exceptions | Contains information about security issues and concerns. One out-of-the-box exception stored inside this table is the Open Resource exception, which identifies where resources are open to Everyone, Authenticated Users, or Domain Users. | -| SA_SPAA_ExceptionTypes | Contains summary information about exceptions. It details how many exceptions are found on each host scanned and breaks them down by exception type. | - -Content Tables - -| Tables | Details | -| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_SPAA_DocumentMetaData | Contains all of the details about all of the files found on the audited SharePoint environment. It will list information like the file size, the number of versions of each file, the author editor of the file, and the editor of the file. | -| SA_SPAA_ProbableOwners | Contains information about the probable owners of the files stored within the audited SharePoint folders and lists. This table will tell what trustees own the most files and, therefore, may be the owners of the entire folder or the list. | -| SA_SPAA_TagProxies | Contains a mapping of tag sets to individual tags. A tag set is a distinct collection of tags appearing together in one or more documents. | -| SA_SPAA_Tags | Contains the individual tags which were found in documents. | - - Views are the recommended way for Enterprise Auditor users to obtain the information gathered by -the SPAA Data Collector. They contain additional information for building queries easily. The -following is an explanation of the corresponding views created for some of the tables generated by -the SPAA Data Collector: - -Permission Views - -| Views | Details | -| ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_SPAA_PermissionsView | Provides any object permission, regardless of whether they have been made directly to folders or are inherited. An object includes site, site collection, list, library, folder, and so on. | -| SA_SPAA_DirectPermissionsView | Provides permissions that are directly applied to resources. | -| SA_SPAA_EffectiveAccessView | Provides information on every trustee with access to a resource and the trustee’s level of access. This will do complete group expansion, but also take into account security principals such as Authenticated Users. Also, this view will not just expand permissions; it will calculate access by making sure every user has access to the web application. | -| SA_SPAA_WebAppPoliciesView | Provides details around the web application policies that are applied to the audited SharePoint environment. These policies allow or deny access to the entire web application for the specified trustees. | - -Resources Views - -| Views | Details | -| ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_SPAA_SiteCollectionsView | Provides information about each site collection. | -| SA_SPAA_SiteCollectionsTraversalView | Provides information about resources and about navigation of these resources, such as their URL, the site collection they belong to, how deeply nested they are beneath the site collection, and so on. | - -Calculated Views - -| Views | Details | -| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_SPAA_ExceptionsView | Provides information on instances of exceptions that exist on the audited hosts. This view will contain a row for each exception type for each host. Exceptions are specific conditions set forth by Enterprise Auditor that are considered to be issues, such as folders with open access. | - -Additional Views - -| Views | Details | -| ----------------------------- | ---------------------------------------------------------------------------------------------- | -| SA_SPAA_LocalGroupMembersView | Provides information on the local groups present on each host and the members of those groups. | - -Legacy Views - -| Views | Details | -| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_SPAA_PermissionScopeResources | Provides information on the actual permissions that have been granted to resources. Each entry summarizes the rights assigned to every trustee that would appear on the permissions of a SharePoint resource. | - -## SharePoint Activity Auditing Tables & Views - -The tables and their associated views are: - -Activity Changes Tables (SPAC) - -| Tables | Details | -| ----------------------- | -------------------------------------------------------------------------------------- | -| SA_SPAC_ActivityDates | Contains a list of all dates of activities collected during scans. | -| SA_SPAC_ActivityEvents | Contains all of the logged activity events. | -| SA_SPAC_ActivitySources | Contains a list of all sources of activity collected during scans. | -| SA_SPAC_EventNames | Contains a list of SharePoint event names, their IDs, and a description of each event. | - -Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the -SPAA Data Collector. They contain additional information for building queries easily. The following -is an explanation of the corresponding views created for some of the tables generated by the SPAA -Data Collector: - -Activity Changes Views (SPAC) - -| Views | Details | -| -------------------------- | --------------------------------------------- | -| SA_SPAC_ActivityEventsView | Provides detailed activity event information. | - -## SharePoint Sensitive Data Discovery Auditing Tables & Views - -The tables and their associated views are: - -**NOTE:** Lists and libraries are excluded from Sensitive Data Discovery Auditing. - -SPDLP Tables - -| Tables | Details | -| ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_SPDLP_Criteria | Contains the sensitive data criteria which are selected for collection by the scan engine (data collector configuration). | -| SA_SPDLP_Matches | Contains rolled up aggregate counts of the sensitive data criteria matches found during the scan. | -| SA_SPDLP_MatchHits | Contains the actual sensitive data within files that matched selected criteria. For example, if the credit card criteria is used, this table will contain the potential credit card numbers identified within each files with hits. | - -Views are the recommended way for Enterprise Auditor users to obtain the information gathered by the -SPAA Data Collector. They contain additional information for building queries easily. The following -is an explanation of the corresponding views created for some of the tables generated by the SPAA -Data Collector: - -SPDLP Views - -| Views | Details | -| ---------------------- | ------------------------------------------------------------------------------------------- | -| SA_SPDLP_MatchesView | Surfaces all relevant data about the files, its location, and the type of criteria found. | -| SA_SPDLP_MatchHitsView | Surfaces all actual sensitive data discovered within files which matched selected criteria. | - -# SPAA: Summary Page - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - --![Summary Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/summarypage.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the SharePoint Access Auditor Data Collector Wizard ensuring that no -accidental clicks are saved. - -# SPAA: Test Access - -Use the Test Access page to check access to SharePoint On-Premises environments. The Test Access -function uses each credential in a job's Connection profile to test access to a SharePoint -environment. The Test Access page tests access to the following: - -- Access to the remote registry -- SQL Access (for databases associated with the SharePoint farms) -- All Web Applications in the SharePoint environment - -![Test Access page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/testaccess.webp) - -The options and sections on the Test Access page are: - -- SharePoint App Server – Enter the server name for the SharePoint environment in the SharePoint App - Server text box. Click **Check Access** to test access to the SharePoint environment. - - - For example – `sbnjqasp30` or `sbnjqasp3.qa.com` - - Do not include `http[s]://` or use a URL for the server name. The Test Access function cannot - be scoped to individual Web applications. - -- Access Test Results – Displays information on test results. Test criteria are listed in the - **Description** column. Test results will be returned as either **Pass** or **Fail** in the - Results column. -- Save Report – Click **Save Report** to export and save a text version of the test results - -| | | -| ----------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | -| ![Successful test example](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/testaccessgoodtest.webp) | ![Unsuccessful test example](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/testaccessbadtest.webp) | -| **Successful Test (Correct Credentials)** | **Unsuccessful Test (Incorrect Credentials)** | diff --git a/docs/accessanalyzer/11.6/getting-started/overview.md b/docs/accessanalyzer/11.6/getting-started/overview.md deleted file mode 100644 index db39259ca3..0000000000 --- a/docs/accessanalyzer/11.6/getting-started/overview.md +++ /dev/null @@ -1,238 +0,0 @@ -# Netwrix Enterprise Auditor v11.6 Documentation - -Netwrix Enterprise Auditor automates the collection and analysis of the data you need to answer the -most difficult questions you face in the management and security of dozens of critical IT assets, -including data, directories, and systems. - -The platform framework contains the following key components: - -- Data Collection through Data Collectors -- Analysis through Analysis Modules -- Remediation through Action Modules -- Reporting through Published Reports and the Web Console - -Enterprise Auditor contains over 40 built-in data collection modules covering both on-premises and -cloud-based platforms from Operating Systems to Office 365. Leveraging an agentless architectural -approach, our proprietary AnyData collector provides an easy, wizard-driven interface for -configuring the application to collect exactly the data needed, enabling fast, flawless, -lightest-weight possible data collection from dozens of data sources. - -## Instant Solutions Overview - -There are several predefined instant solutions available with Enterprise Auditor. Each solution -contains specific data collectors, jobs, analysis modules, action modules, and pre-created reports. -A few solutions are core components available to all Enterprise Auditor users, but most solutions -require a license. - -### .Active Directory Inventory Solution - -The .Active Directory Inventory Solution is designed to provide essential user, group membership, -and computer details from the targeted domains to many Enterprise Auditor built-in solutions. Key -information includes user status, user attributes, and group membership. The collected data is -accessed by other Enterprise Auditor solutions and the Netwrix Access Information Center for -analysis. - -This is a core solution available to all Enterprise Auditor users. - -See the -[.Active Directory Inventory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -topic for additional information. - -### .Entra ID Inventory Solution - -The .Entra ID Inventory Solution is designed to inventory, analyze, and report on Microsoft Entra -ID. It provides essential user and group membership details to the Entra ID Solution. Key -information includes managers, email addresses, and direct memberships. Collected data helps an -organization identify toxic conditions like nested groups, circular nesting, disabled users, and -duplicate groups. The user and group information assists with understanding probable group -ownership, group memberships, largest groups, user status, attribute completion, and synchronization -status between on-premises Active Directory and Microsoft Entra ID. - -This is a core solution available to all Enterprise Auditor users. - -See the -[.Entra ID Inventory Solution](/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md) -topic for additional information. - -### .NIS Inventory Solution - -The .NIS Inventory Solution is designed to provide essential user and group membership information -from a NIS domain, mapping these principals to Windows-style SIDs. This provides valuable -information to the File Systems Solution when auditing NFS shares. - -This is a core solution available to all Enterprise Auditor users. - -See the -[.NIS Inventory Solution](/docs/accessanalyzer/11.6/solutions/cross-platform/nis-inventory.md) -topic for additional information. - -### Active Directory Solution - -The Active Directory Solution is designed to provide the information every administrator needs -regarding Active Directory configuration, operational management, troubleshooting, analyzing -effective permissions, and tracking who is making what changes within your organization. - -See the -[Active Directory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -topic for additional information. - -### Active Directory Permissions Analyzer Solution - -The Active Directory Permissions Analyzer Solution is designed to easily and automatically determine -effective permissions applied to any and all Active Directory objects, at any scope, allowing for -the most authoritative view available of who has access to what in Active Directory. - -See the -[Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) -topic for additional information. - -### Amazon Web Services Solution - -Enterprise Auditor for AWS allows organizations to secure their data residing in Amazon Web Services -(AWS) S3 platform, reducing their risk exposure through proactive, automated auditing and reporting -of S3 permissions, sensitive data, and ultimately a consolidated view of user access rights across -dozens of structured and unstructured data resources both on-premises and in the cloud. - -See the -[AWS Solution](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) -topic for additional information. - -### Entra ID Solution - -The Entra ID Solution is a comprehensive set of audit jobs and reports that provide the information -regarding Microsoft Entra ID configuration, operational management, and troubleshooting. The jobs -within this group help pinpoint potential areas of administrative and security concerns related to -Microsoft Entra ID users and groups, including syncing with on-premises Active Directory. - -See the -[Entra ID Solution](/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md) -topic for additional information. - -### Box Solution - -The Box solution set contains jobs to provide visibility into Box access rights, policies, -configurations, activities, and more, ensuring you never lose sight or control of your critical -assets residing in Box. - -See the -[Box Solution](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) -topic for additional information. - -### Databases Solutions - -Enterprise Auditor Databases Solution Set is a comprehensive set of pre-configured audit jobs and -reports that provide visibility into various aspects of supported databases. - -- Azure SQL – The Azure SQL Solution Set is a comprehensive set of pre-configured audit jobs and - reports that provide visibility into various aspects of Azure SQL : Users and Roles, Sensitive - Data Discovery, Object Permissions, Configuration, and User Activity. -- Db2 – The Db2 Solution Set is a comprehensive set of pre-configured audit jobs and reports that - provides visibility into various aspects of a Db2 Databases: Sensitive Data Discovery and Object - Permissions. -- Instance Discovery – The Instance Discovery Solution discovers instances on supported database - servers. -- MongoDB Solution – The MongoDB Solution automates the process of understanding where MongDB - databases exist and provides an overview of the MongoDB environment in order to answer questions - around data access. With visibility into every corner of MongoDB and the operating system it - relies upon, organizations can proactively highlight and prioritize risks to sensitive data. - Additionally, organizations can automate manual, time-consuming, and expensive processes - associated with compliance, security, and operations to easily adhere to best practices that keep - MongoDB Server safe and operational. -- MySQL Solution – The MySQL Solution automates the process of understanding where SQL databases - exist and provides an overview of the MySQL environment in order to answer questions around data - access. With visibility into every corner of Microsoft SQL Server and the Windows operating system - it relies upon, organizations can proactively highlight and prioritize risks to sensitive data. - Additionally, organizations can automate manual, time-consuming, and expensive processes - associated with compliance, security, and operations to easily adhere to best practices that keep - SQL Server safe and operational. -- Oracle Solution – The Oracle Solution delivers comprehensive permissions, activity, and sensitive - data auditing and reporting for Oracle databases. Through the power of Enterprise Auditor, users - can automate Oracle instance discovery, understand who has access to their Oracle databases, the - level of permission they have, and who is leveraging their access privileges, identify the - location of sensitive information, measure adherence to best practices, and generate workflows and - reports to satisfy security, compliance, and operational requirements. -- PostgreSQL Solution – Enterprise Auditor PostgreSQL Solution Set is a set of pre-configured audit - jobs and reports that provides visibility into PostgreSQL Sensitive Data. -- Redshift – Enterprise Auditor Redshift Solution Set is a set of pre-configured audit jobs and - reports that provides visibility into Redshift Sensitive Data. -- SQL Solution – The SQL Solution is an auditing, compliance, and governance solution for Microsoft - SQL Server database. Key capabilities include effective access calculation, sensitive data - discovery, security configuration assessment, and database activity monitoring. - -See the -[Databases Solutions](/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/overview.md) -topic for additional information. - -### Dropbox Solution - -The Dropbox Solution is an auditing, compliance, and governance solution for Dropbox for Business. -Key capabilities include effective access calculation, sensitive data discovery, file content -inspection, inactive access and stale data identification, and entitlement collection for -integration with Identity & Access Management (IAM) processes. - -See the -[Dropbox Solution](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) -topic for additional information. - -**NOTE:** Sensitive data auditing requires the Sensitive Data Discovery Add-on. - -### Exchange Solution - -The Exchange Solution provides auditing and reporting on multiple aspects of the Exchange -environment to assist with identifying risk, understanding usage, and decreasing bloat. Areas of -focus include Audit and Compliance, Maintenance and Cleanup, Metrics and Capacity, Operations and -Health, Public Folders and Configuration Baseline. - -See the -[Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -topic for additional information. - -**NOTE:** Sensitive data auditing requires the Sensitive Data Discovery Add-on. - -### File Systems Solution - -The File Systems Solution is an auditing, compliance, and governance solution for Windows, NAS, -Unix, and Linux file systems. Key capabilities include effective access calculation, data owner -identification, governance workflows including entitlement reviews and self-service access requests, -sensitive data discovery and classification, open access remediation, least-privilege access -transformation, and file activity monitoring. - -See the -[File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -topic for additional information. - -**NOTE:** Activity auditing requires the Activity Monitor. Sensitive data auditing requires the -Sensitive Data Discovery Add-on. - -### SharePoint Solution - -The SharePoint Solution is a comprehensive set of audit jobs and reports which provide the -information every administrator needs regarding SharePoint on-premises and SharePoint Online -infrastructure, configuration, performance, permissions, required ports, and effective rights. - -See the -[SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -topic for additional information. - -**NOTE:** Sensitive data auditing requires the Sensitive Data Discovery Add-on. - -### Unix Solution - -The Unix Solution reports on areas of administrative concern for Unix and Linux systems. Attention -is given to users and group details, privileged access rights, and NFS and Samba sharing -configurations. - -See the -[Unix Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/unix/overview.md) -topic for additional information. - -### Windows Solution - -The Windows Solution allows organizations to quickly inventory, assess, and secure their Windows -desktop and server infrastructure from a central location. Key capabilities include privileged -account discovery, security configuration and vulnerability assessment, compliance reporting, and -asset inventory. - -See the -[Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/getting-started/quick-start.md b/docs/accessanalyzer/11.6/getting-started/quick-start.md deleted file mode 100644 index d5374950db..0000000000 --- a/docs/accessanalyzer/11.6/getting-started/quick-start.md +++ /dev/null @@ -1,117 +0,0 @@ -# Getting Started - -Once Enterprise Auditor is installed, the following workflow will quickly enable users to begin -auditing the organization’s IT infrastructure. See the -[Navigating the Console](/docs/accessanalyzer/11.6/administration/navigation.md) -topic for additional information and data grid functionality. - -## Initial Configuration During First Launch - -During the initial Enterprise Auditor Configuration Wizard, users are walked through configuring -several key global settings: - -- Storage - - - Mandatory configuration during the first launch - - Requires credential on the SQL® Server database which is used to create and modify the - Enterprise Auditor database - - Option to either create a new database or point to an existing database - - If using Windows Authentication, the Schedule node must be configured also - - See the - [Storage](/docs/accessanalyzer/11.6/administration/settings/storage.md) - topic for additional information - -- Schedule - - - Only appears if the Storage Profile is configured to use Windows Authentication - - If the Storage Profile is configured to use SQL Authentication, the setting is configured - later - - See the - [Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) - topic for additional information - -- Instant Job - - - Install the pre-configured solutions for which the organization is licensed - - See the - [Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) - topic for additional information - -## Global Settings Configured - -The global Settings have an overall impact on the running of Enterprise Auditor jobs. They are -managed through the Settings node at the top of the Navigation pane. The following global Settings -require configuration from the start: - -- [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - – Configure the Default Connection Profile and additional Connection Profiles as needed for - intended data collection -- [Schedule](/docs/accessanalyzer/11.6/administration/settings/schedule.md) – - Configure the Default Scheduled Service Account for scheduling Enterprise Auditor job execution, - if not configured via the initial configuration wizard -- [Notification](/docs/accessanalyzer/11.6/administration/settings/notifications.md) - – Configure an SMTP server for Enterprise Auditor to use for sending email notifications - -The other global Settings provide additional options for impacting how Enterprise Auditor functions: - -- [Access](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/access/overview.md) - – Enable and configure Role Based Access for a least privileged application of Enterprise Auditor - and report viewing or the enable the REST API - - **NOTE:** If Role Based Access is enabled by accident, contact - [Netwrix Support](https://www.netwrix.com/support.html) for assistance in disabling it. - -- [Application](/docs/accessanalyzer/11.6/administration/settings/application.md) - – Configure additional settings not included in the other nodes -- [Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) – - Configure Microsoft® Exchange Server connections - -**CAUTION:** Do not configure data retention at the global level without ensuring History is -supported by ALL solutions to be run. - -- [History](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md) – - Configure data retention and log retention settings -- [Host Discovery](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostdiscovery.md) - – Configure Host Discovery task settings -- [Host Inventory](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostinventory.md) - – Configure Host Inventory settings -- [Reporting](/docs/accessanalyzer/11.6/administration/settings/reporting.md) - – Configure reporting options, if necessary -- [Sensitive Data](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) - – Flag false positive within discovered potential sensitive data files -- [ServiceNow](/docs/accessanalyzer/11.6/administration/settings/service-now.md) - – Configure the ServiceNow Action Module authentication credentials -- [Storage](/docs/accessanalyzer/11.6/administration/settings/storage.md) - – Configure additional SQL Server database Storage Profiles - -See the -[Global Settings](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/overview.md) -topic for additional information. - -## Discover Hosts for Enterprise Auditor - -Within the terminology of Enterprise Auditor, hosts are the machines being targeted during data -collection. Hosts can be discovered or manually introduced to Enterprise Auditor. Known hosts are -then inventoried to populate dynamic host lists. Host discovery is done at the Host Discovery  node. -Hosts are manually introduced at the Host Management node. - -Host management consists of maintaining up-to-date host inventories and host lists which can be -assigned to job groups or jobs as targeted hosts. See the -[Host Management](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information. - -## Enterprise Auditor Job Workflow - -Once the global Settings are configured and hosts have been introduced to Enterprise Auditor, it is -time to begin auditing. This requires an understanding of the relationship between solutions, job -groups, jobs, queries, analysis, actions, and reports. - -The Enterprise Auditor job is the fundamental unit. Jobs are responsible for all data collection -queries, analysis tasks, notification tasks, action tasks, and report generation. When Jobs are -designed to work together, they are housed within job groups to control the order of job execution. -Solutions are pre-configured job groups which have been designed to target specific types of -environments to audit for specific data sets, typically the most common types of information -desired. - -See the [Jobs Tree](/docs/accessanalyzer/11.6/accessanalyzer/admin/jobs/overview.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md b/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md deleted file mode 100644 index 69db756644..0000000000 --- a/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md +++ /dev/null @@ -1,2377 +0,0 @@ -# Active Directory Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat -Prevention is required for event activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or -the -[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) -for installation requirements and information on collecting activity data. - -See the -[Active Directory Domain Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md) -topic for target environment requirements. - -## Active Directory Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Active Directory Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | - -# Active Directory Permissions Analyzer Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -See the -[Domain Target Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for target environment requirements. - -## Active Directory Permissions Analyzer Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Active Directory Permissions Analyzer Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 1 TB | 450 GB | -| SQL Transaction Log Disk | 240 GB | 120 GB | -| SQL TEMP DB Disk | 350 GB | 240 GB | - -# Amazon Web Services (AWS) Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. - -See the -[Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for target environment requirements. - -## AWS Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | -------------- | -------------- | -| Definition | > 100 Accounts | < 100 Accounts | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -Sensitive Data Discovery Auditing Requirement - -The following is required to run Sensitive Data Discovery scans: - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -## AWS Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | -------------- | -------------- | -| Definition | > 100 Accounts | < 100 Accounts | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | - -# Box Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -See the -[Target Box Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for target environment requirements. - -## Box Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Box Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | - -# Databases Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -In addition to these, integration with either the Netwrix Activity Monitor is required for event -activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for installation requirements and information on collecting activity data. - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. - -See the following topics for target environment requirements: - -- [Target Db2 Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -- [Target MongoDB Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -- [Target MySQL Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -- [Target Oracle Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -- [Target PostgreSQL Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -- [Target Redshift Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -- [Target SQL Server Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - -## Databases Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Extra-Large | Large | Medium | Small | -| ----------- | -------------------- | ------------------------ | --------------------- | -------------------- | -| Definition | > 1 TB database size | Up to 1 TB database size | ~250 GB database size | ~50 GB database size | -| RAM | 24 GB | 16 GB | 12 GB | 4 GB | -| Cores | 8 CPU | 8 CPU | 4 CPU | 2 CPU | -| Disk Space | 460 GB | 280 GB | 160 GB | 80 GB | - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -Additional Server Considerations for Oracle Scans - -For scanning Oracle databases, the following are additional requirements for the Console server: - -- Windows Management Framework 3+ installed -- PowerShell 3.0+ installed -- NMAP installed -- For Instance Discovery, NMAP installed - -Additional Server Considerations for SQL Server Scans - -For scanning SQL databases, the following are additional requirements for the Console server: - -- Windows Management Framework 3+ installed -- PowerShell 3.0+ installed - -Sensitive Data Discovery Auditing Requirement - -The following is required to run Sensitive Data Discovery scans: - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -## Databases Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Extra-Large | Large | Medium | Small | -| ------------------------ | -------------------- | ------------------------ | --------------------- | -------------------- | -| Definition | > 1 TB database size | Up to 1 TB database size | ~250 GB database size | ~50 GB database size | -| RAM | 64 GB | 32 GB | 16 GB | 8 GB | -| Cores | 16 CPU | 12 CPU | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | -| SQL Database Disk | 500 GB | 320 GB | 240 GB | 100 GB | -| SQL Transaction Log Disk | 120 GB | 100 GB | 80 GB | 40 GB | -| SQL TEMP DB Disk | 320 GB | 240 GB | 160 GB | 80 GB | - -# Dropbox Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat -Prevention is required for event activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or -the -[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) -for installation requirements and information on collecting activity data. - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. - -See the -[Target Dropbox Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for target environment requirements. - -## Dropbox Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -Sensitive Data Discovery Auditing Requirement - -The following is required to run Sensitive Data Discovery scans: - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -## Dropbox Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | - -# Entra ID Solution - -**NOTE:** The Entra ID solution is for scanning Microsoft Entra ID, formerly Azure Active Directory. - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -See the -[Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md) -topic for target environment requirements. - -## Entra ID Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Entra ID Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | - -# Exchange Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat -Prevention is required for event activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or -the -[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) -for installation requirements and information on collecting activity data. - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. - -See the following topics for target environment requirements: - -- [Target Exchange Servers Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -- [Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - -## Exchange Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Extra Large – Large | Medium – Small | -| ----------- | ------------------------- | ----------------------- | -| Definition | ~50,000-120,000 Mailboxes | ~1,000-10,000 Mailboxes | -| RAM | 16+ GB | 8+ GB | -| Cores | 8 CPU | 4 CPU | -| Disk Space | 120 GB | 120 GB | - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -Sensitive Data Discovery Auditing Requirement - -The following is required to run Sensitive Data Discovery scans: - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Permissions to Run Exchange Scans - -The following are additional requirements for the Enterprise Auditor Console server specific to -running the Exchange Solution: - -- Outlook should not be installed -- StealthAUDIT MAPI CDO installed (for MAPI- based data collectors). See the - [StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/11.6/configuration-guides/stealthaudit/configuration.md) - topic for additional information. -- Exchange MAPI CDO installed (for MAPI- based data collectors) -- For targeting Exchange 2010 – Exchange Management Tools 2010 installed on the Enterprise Auditor - Console server -- For Targeting Exchange Online – PowerShell Execution Policy set to unrestricted for both 64-bit - and 32-bit versions - -Exchange Online Modern Authentication - -The following prerequisites are required to use Modern Authentication for Exchange Online in -Enterprise Auditor. - -- Exchange Online Management v3.4.0 - - - You can install this module with the following command: - - ``` - Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 - ``` - -- Create a self-signed certificate that will be used by Enterprise Auditor for Modern Authentication - -## Exchange Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Extra-Large | Large | Medium | Small | -| ------------------------ | ------------------ | ----------------- | ----------------- | ---------------- | -| Definition | ~120,000 Mailboxes | ~50,000 Mailboxes | ~10,000 Mailboxes | ~1,000 Mailboxes | -| RAM | 64 GB | 16 GB | 16 GB | 8 GB | -| Cores | 16 CPU | 16 CPU | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | -| SQL Database Disk | 1.25 TB | 650 GB | 415 GB | 325 GB | -| SQL Transaction Log Disk | 650 GB | 650 GB | 325 GB | 325 GB | -| SQL TEMP DB Disk | 325 GB | 325 GB | 325 GB | 325 GB | - -# Exchange Mail-Flow Permissions - -The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking -Logs on the Exchange servers. Some examples of this include server volume and message size -statistics. This data collector utilizes an applet to process and collect summarized metrics from -the Message Tracking Log. - -1. HUB Metrics Job Group Requirement - -In addition to the permissions required by the ExchangeMetrics Data Collector, the Connection -Profile assigned to the 1. HUB Metrics Job Group requires the following permission and User Rights -(based on default settings): - -- Member of the local Administrator group on the targeted Exchange server(s) where the Hub Transport - service is running -- Log on as a Service Group Policy: - - - Go to `GPedit.msc` - - Go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User - Rights - -Applet Permissions - -This is required because the ExchangeMetrics Data Collector is an applet-based data collector. It -requires - -- Member of the local Administrator group on the targeted Exchange server(s) - -This grants access to the Message Tracking Logs and the ability to create the -`SA_ExchangeMetricsData` folder, which will contain the applet files and the processed message -tracking log files stored inside a SQLite database for each day. For example: - -\\ExchangeServerName\c$\Program Files\Microsoft\Exchange -Server\V14\TransportRoles\Logs\MessageTracking - -If there have been additional security or permission modifications on the server(s), the following -rights and policies may need to be enabled on the targeted host: - -- Ensure the Administrator group has been granted Full Control over Message Tracking Log Directories -- WMI Control (`wmimgmt.msc`) > Right Click Properties > Security - - - Security Tab > Root > CIMV2 > Click Security - - - Ensure the Administrators group has been assigned: - - - Execute Methods - - Remote Enable - - Enable Account - -- Local Security Policy (`secpol.msc`): - - - Local Policies > User Rights Assignment: - - - Ensure the ‘Replace a Process Level Token’ right grants access to Local Service, Network - Service, and Administrators - - Ensure the ‘Adjust Memory Quotas for a Process’ right grants access to Local Service, - Network Service, and Administrators - - Ensure the ‘Impersonate a client after authentication’ right grants access to Local - Service and Administrators - - Ensure the Administrators group has been granted the following rights: - - - Access this computer from a network - - Allow Log on Locally - - Log on as a batch job - -# MAPI-Based Data Collector Permissions - -The Exchange2K, ExchangeMailbox, and ExchangePublicFolder data collectors have other permission -requirements. - -These data collectors supports Exchange 2010 through Exchange 2013. Since this data collectors are -MAPI-based, they do not support Exchange Online, Exchange 2019, nor Exchange 2016. - -All MAPI-based data collectors have the following prerequisites: - -- Microsoft MAPI CDO installed on the StealthAUDIT Console -- StealthAUDIT MAPI CDO installed on the StealthAUDIT Console -- Settings > Exchange node configured in the StealthAUDIT Console - -The Exchange2K Data Collector is used in the 3. Databases Job Group has the following permission -requirements: - -- Public Folder Management - -The ExchangePublicFolder Data Collector is used in the 5. Public Folders Job Group has the following -permission requirements: - -- Organization Management - -The ExchangeMailbox Data Collector is used in the 7. Sensitive Data Job Group has the following -permission requirements: - -- Organization Management -- Discovery Management - -# Exchange PowerShell Permissions - -The ExchangePS Data Collector utilizes PowerShell to collect various information from the Exchange -environment. This data collector utilizes Remote PowerShell to collect information about Exchange -Users Configuration, Mailboxes, Public Folders, and Exchange Online Mail-Flow. - -Job Group Requirements in Addition to ExchangePS - -In addition to the permissions required by the ExchangePS Data Collector, the Connection Profile -assigned to these job groups requires the following permissions: - -- 2. CAS Metrics - - - This job group also requires remote connection permissions for the SMARTLog Data Collector. - See the - [Exchange Remote Connections Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for additional information. - -- 3. Databases - - - This job group also requires permissions for the Exchange2K Data Collector, which is - MAPI-based and has additional requirements - -- 4. Mailboxes - - - This job group also requires Exchange Mailbox Access Auditing to be enabled. See the - [Enable Exchange Mailbox Access Auditing](#enable-exchange-mailbox-access-auditing) topic for - additional information. - -- 5. Public Folders - - - This job group also requires permissions for the ExchangePublicFolder Data Collector, which is - MAPI-based and has additional requirements - -- 8. Exchange Online - - - This job group uses Modern Authentication to target Exchange Online. See the - [Exchange Online Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md) topic - for additional information. - -## Permissions Explained - -Remote PowerShell and Windows Authentication Enabled - -The Remote PowerShell and Windows Authentication configurations for Exchanges servers are required -to be enabled on at least one Exchange server running the Client Access Service so that the -ExchangePS Data Collector can make a remote PowerShell connection and authenticate through -Enterprise Auditor. - -Enterprise Auditor passes credentials saved in the Connection Profile to the data collector so that -it is able to connect to the targeted host. This requires the Exchange server to allow for Windows -Authentication. See the -[Enable Remote PowerShell for ExchangePS Data Collector](#enable-remote-powershell-for-exchangeps-data-collector) -topic and the -[Enable Windows Authentication for PowerShell Virtual Directory](#enable-windows-authentication-for-powershell-virtual-directory) -topic for additional information. - -View-Only Organization Management Role Group - -This is required so the ExchangePS Data Collector is able to run the various Exchange PowerShell -cmdlets. - -Public Folder Management - -This permission is only required if utilizing the ExchangePublicFolder Data Collector or -ExchangeMailbox Data Collector, as well as the PublicFolder or Mailbox Action Modules. This is -required in order to make a connection through the MAPI protocol. The following job group requires -the Public Folder Management Role Group: - -- 5. Public Folders > Ownership - -If not running this collection, then this permission is not required. - -Mailbox Search Role - -This is required to collect Mailbox Access Audit logs and run Mailbox Search queries through the -ExchangePS Data Collector. The following job group requires the Mailbox Search Role: - -- 4. Mailboxes > Logons - -Application Impersonation Role - -The Application Impersonation Role is a customer role you need to create. See the -[Create Custom Application Impersonation Role in Exchange](#create-custom-application-impersonation-role-in-exchange) -topic for additional information. - -## Scoping Options - -There are five different scoping options within this data collector. Since not all query categories -support all scoping options, No Scoping is an option. If there are no scoping options available, -then the data collector should be run against the host specified in the Summary page of the data -collector wizard. - -No Scoping - -This option will gather information about the entire Exchange Organization. When using the applet, -the data collector will gather information about the Exchange Forest in which the Enterprise Auditor -Console currently resides. For Remote PowerShell, the data collector will gather information about -the Exchange Organization to which the Remote PowerShell connection was made. This refers to the -server entered in the Client Access Server (CAS) field of the global configuration from the -**Settings** > **Exchange** node or on the Scope Page of the data collector wizard. See the -[ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -Scope by Database - -This option will gather information about any databases which are chosen. When using the applet, the -data collector will return databases in the Scope by DB page of the data collector wizard for the -Exchange Organization in which the Enterprise Auditor Console currently resides, as well as, only -return information about those databases. For Remote PowerShell, the data collector will return -databases in the Scope by DB page of the data collector wizard for the Exchange Forest, as well as, -only return information about those databases. See the -[ExchangePS: Scope by DB](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -Scope by Mailbox - -This option will gather information about any mailboxes which are chosen. When using the applet, the -data collector will return mailboxes in the Scope by Mailboxes page of the data collector wizard for -the Exchange Forest in which the Enterprise Auditor Console currently resides, as well as, only -return information about those mailboxes. For Remote PowerShell, the data collector will return -mailboxes in the Scope by Mailboxes page of the data collector wizard for the Exchange Forest, as -well as, only return information about those mailboxes. See the -[ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -Scope by Server - -This option will gather information about objects which reside on the chosen server. When choosing -this option, the data collector will then use the Host List applied to the job’s **Configure** > -**Hosts** node as the servers scoping list. When using the applet, the data collector will deploy a -process to the targeted host to run the PowerShell on that server. For Remote PowerShell, the data -collector will deploy no applet and utilize the WinRM protocol to gather information about the -objects on that server. - -Scope by Public Folder - -This option will gather information about any public folders which are chosen. When using the -applet, the data collector will return public folders in the Scope by Public Folders page of the -data collector wizard for the Exchange Forest in which the Enterprise Auditor Console currently -resides, as well as, only return information about those public folders. For Remote PowerShell, the -data collector will return public folders in the Scope by Public Folders page of the data collector -wizard for the Exchange Forest, as well as, only return information about those public folders. See -the -[ExchangePS: Scope by Public Folders](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -## Enable Remote PowerShell for ExchangePS Data Collector - -Follow these steps to enable Remote PowerShell. - -**Step 1 –** On the server that Enterprise Auditor will connect with Remote PowerShell, open -PowerShell. - -**Step 2 –** Run the following command: - -``` -Enable-PSRemoting -``` - -**Step 3 –** When prompted, type `A` and `A` again to enable the appropriate services and protocols. - -Remote PowerShell has been enabled. See the Microsoft -[Tip: Enable and Use Remote Commands in Windows PowerShell](https://technet.microsoft.com/en-us/library/ff700227.aspx) -article for additional information. - -Next, enable Windows Authentication for PowerShell Virtual Directory on the same server. - -## Enable Windows Authentication for PowerShell Virtual Directory - -Once Remote PowerShell has been enabled on an Exchange Server in the environment, it is necessary to -also enable Windows Authentication for the PowerShell Virtual Directory on the same Exchange server. -Follow these steps to enable Windows Authentication. - -**Step 1 –** On the server where Remote PowerShell was enabled, open the Internet Information -Services (IIS) Manager. - -![IIS Authentication Open Feature](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/exchange/iismanager.webp) - -**Step 2 –** Traverse to the **PowerShell** Virtual Directory under the **Default Web Site**. Select -**Authentication** and click **Open Feature**. - -![IIS Enable Windows Authentication](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/exchange/iismanagerauth.webp) - -**Step 3 –** Right-click on **Windows Authentication** and select **Enable**. - -Windows Authentication has been enabled for the PowerShell Virtual Directory. - -## Create Custom Application Impersonation Role in Exchange - -Follow the steps to create the custom Application Impersonation role. The process is the same for -Exchange 2010 Service Pack 1 through Exchange 2019 and Exchange Online. - -**Step 1 –** Within the Exchange Admin Center, navigate to the permissions section and select admin -roles. - -**Step 2 –** Add a new role group by clicking on the + button, and the New Role Group window opens. - -![New role group window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/exchange/rolegroup.webp) - -**Step 3 –** Configure the new role group with the following settings: - -- Name – Provide a distinct name for the role group, for example Application Impersonation -- Description – Optionally indicate in the description that the new role group is required for - Enterprise Auditor -- Write scope – Remain set to **Default** -- Roles – Click the + button to open the Select a Role window. Select the - **ApplicationImpersonation** role from the available list and click **Add**. Then click **OK** to - close the Select a Role window. -- Members – Click the + button to open the Select Members window. Select the account from the - available list and click **Add**. Remember, the account needs to be assigned the other permissions - required for the **EWSMailbox** and/or **EWSPublicFolder** data collectors. Then click **OK** to - close the Select Members window. - -**Step 4 –** **Save** the new role group. - -The new role group appears in the list. - -## Enable Exchange Mailbox Access Auditing - -The 4. Mailboxes Job Group requires the Exchange Mailbox Access Auditing to be enabled. In order to -collect Mailbox Access Auditing events, it is necessary to enable Exchange Mailbox Access Auditing -for Exchange. See the following Microsoft articles: - -- Exchange Online – - [Enable mailbox auditing in Office 365](https://technet.microsoft.com/en-us/library/dn879651.aspx) - article -- Exchange 2016 – Exchange 2019 – - [Enable or disable mailbox audit logging for a mailbox]() - article -- Exchange 2013 – - [Enable or disable mailbox audit logging for a mailbox]() - article -- Exchange 2010 – - [Enable or Disable Mailbox Audit Logging for a Mailbox]() - article - -# Exchange Remote Connections Permissions - -The SMARTLog Data Collector processes the IIS Logs on the server running the Client Access Service -(CAS) to return information about the remote connections being made to Exchange. This data collector -uses an applet to process and collect the IIS Logs. - -2. CAS Metrics Job Group Requirement - -In addition to the permissions required by the SMARTLog Data Collector, the Connection Profile -assigned to the 2. CAS Metrics Job Group requires the following permissions and User Rights (based -on default settings): - -- Member of the local Administrator group on the targeted Exchange server(s) where the Client Access - Service is running -- Log on as a Service Group Policy: - - - Go to `GPedit.msc` - - Go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User - Rights - -- Permissions required by the ExchangePS Data Collector. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for additional information. - -Applet Permissions - -This is required because the SMARTLog Data Collector is an applet-based data collector. It requires -the following permission on the target host which contain the IIS Logs: - -- Member of the local Administrators group - -This grants the ability to process logs folder which will contain the applet files and logs. For -example: - -\\ExchangeServerName\c$\Program Files (x86)\STEALTHbits\StealthAUDIT\LogProcessor - -If there have been additional security or permission modifications on the server(s), the following -rights and policies may need to be enabled on the targeted host: - -- Ensure the Administrator group has been granted Full Control over IIS Log Directories -- WMI Control (`wmimgmt.msc`) > Right Click Properties > Security - - - Security Tab > Root > CIMV2 > Click Security - - - Ensure the Administrators group has been assigned: - - - Execute Methods - - Remote Enable - - Enable Account - -- Local Security Policy (`secpol.msc`): - - - Local Policies > User Rights Assignment: - - - Ensure the ‘Replace a Process Level Token’ right grants access to Local Service, Network - Service, and Administrators - - Ensure the ‘Adjust Memory Quotas for a Process’ right grants access to Local Service, - Network Service, and Administrators - - Ensure the ‘Impersonate a client after authentication’ right grants access to Local - Service and Administrators - - Ensure the Administrators group has been granted the following rights: - - - Access this computer from a network - - Allow Log on Locally - - Log on as a batch job - -# Exchange Support and Permissions Explained - -This topic outlines what is supported for each type of Exchange version. - -**NOTE:** Sensitive Data Discovery is available with the EWSMailbox, EWSPublicFolder, and -ExchangeMailbox data collectors. - -## Support by Data Collector - -The following tables provide a breakdown of support by data collector: - -| Data Collector | Exchange Online | Exchange 2019 | Exchange 2016 | Exchange 2013 | Exchange 2010 | MAPI-Based | -| -------------------- | --------------- | ------------- | ------------- | ------------- | ------------- | ---------- | -| EWSMailbox | Yes | Yes | Yes | Yes | Limited\* | No | -| EWSPublicFolder | Yes | Yes | Yes | Yes | Limited\* | No | -| Exchange2k | No | No | No | Yes | Yes | Yes | -| ExchangeMailbox | No | No | No | Yes | Yes | Yes | -| ExchangeMetrics | No | Yes | Yes | Yes | Yes | No | -| ExchangePS | Yes | Yes | Yes | Yes | Yes | No | -| ExchangePublicFolder | No | No | No | Yes | Yes | Yes | -| SMARTLog | No | Yes | Yes | Yes | Yes | No | - -\* The data collector can target Exchange 2010 Service Pack 1 and later. - -## Support by Job Group - -The following tables provide a breakdown of support by job group: - -| Job Group | Exchange Online | Exchange 2019 | Exchange 2016 | Exchange 2013 | Exchange 2010 | MAPI-Based | -| --------------------- | --------------- | ------------- | ------------- | ------------- | ------------- | ---------- | -| 1. HUB Metrics | No | Yes | Yes | Yes | Yes | No | -| 2. CAS Metrics | No | Yes | Yes | Yes | Yes | No | -| 3. Database | No | Limited\* | Limited\* | Yes | Yes | Yes | -| 4. Mailboxes | Yes | Yes | Yes | Yes | Yes | No | -| 5. Public Folders | No | No | No | Yes | Yes | Yes | -| 6. Distribution Lists | Yes | Yes | Yes | Yes | Yes | No | -| 7. Sensitive Data | Yes | Yes | Yes | Yes | Limited\* | Mix\*\* | -| 8. Exchange Online | Yes | No | No | No | No | No | - -\* Limited indicates that some of the data collectors can target the environment, but not all. - -\*\* Mix indicates some data collectors are MAPI-based, but not all. - -## Exchange Solution to Permissions Alignment - -See the following sections for permission requirements according to the job group, data collector, -or action module to be used: - -- [Exchange Mail-Flow Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - - - ExchangeMetrics Data Collector - - 1. HUB Metrics Job Group - -- [Exchange Remote Connections Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - - - SMARTLog Data Collector - - 2. CAS Metrics Job Group - -- [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - - - ExchangePS Data Collector - - PublicFolder Action Module - - Mailbox Action Module - - 2. CAS Metrics Job Group - - 3. Databases Job Group - - 4. Mailboxes Job Group - - 5. Public Folders Job Group - - 8. Exchange Online Job Group - -- [Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - - - EWSMailbox Data Collector - - EWSPublicFolder Data Collector - - 7. Sensitive Data Job Group - -- [MAPI-Based Data Collector Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - - - Exchange2K Data Collector - - ExchangeMailbox Data Collector - - ExchangePublicFolder Data Collector - - 3. Databases Job Group - - 5. Public Folders Job Group - - 7. Sensitive Data Job Group - -**NOTE:** All MAPI-based data collectors require the **Settings** > **Exchange** node configured in -the Enterprise Auditor Console. - -# Exchange Web Services API Permissions - -The EWSMailbox and EWSPublicFolder data collectors utilizes Exchange Web Services API to access and -communicate with Exchange. These data collectors collect statistical, content, permission, and -sensitive data information from mailboxes and public folders. - -Exchange Online Hybrid Environment Requirement - -In addition to the permissions required by the EWSMailbox and EWSPublicFolder data collectors, the -Connection Profile assigned to the 7. Sensitive Data Job Group requires the following permissions -(based on default settings): - -- Customized Administrator > Exchange Administrator Role - -# File System Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -The File System solution can be configure to use Proxy servers either an applet or as a service. See -the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat -Prevention is required for event activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or -the -[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) -for installation requirements and information on collecting activity data. - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. - -**NOTE:** If proxy server scan options are used, it may also be necessary for the Sensitive Data -Discovery Add-On to be installed on those servers as well. - -See the following topics for target environment requirements: - -- [File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -- [File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - -## File System Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Enterprise | Extra-Large | Large | Medium | Small | -| ----------- | ------------------------------ | ----------------------------------- | ----------------------------------- | ----------------------------------- | ----------------------------------- | -| Definition | 800+ million files and folders | Up to 800 million files and folders | Up to 500 million files and folders | Up to 200 million files and folders | Up to 100 million files and folders | -| RAM | 24 GB | 24 GB | 16 GB | 12 GB | 4 GB | -| Cores | 8 CPU | 8 CPU | 8 CPU | 4 CPU | 2 CPU | -| Disk Space | 1.5 TB | 770 GB | 470 GB | 270 GB | 130 GB | - -The above recommended disk space sizing information is based on the needs of Enterprise Auditor as -well as the File System solution for running Permission scans with default configuration (500 MB per -million files and folders), that means no tag collection, file-level scanning, activity, or -sensitive data. - -- For tag collection, add 125 MB per million documents to the totals above -- For activity collection, add 250 MB per million files and folders and another 125 MB per million - activity events to the totals above -- For sensitive data collection, add 500 MB per million files and folders and another 1%-10% of the - total size of the documents scanned for sensitive data (depending on targeted document types and - selected criteria) to the totals above - -For example, in order to scan 200 million files and folders, of which 10 million files will be -scanned for tag collection and sensitive data with a total size of 6 TB, you would need: 160 GB for -permission collection + 1.25 GB for tag collection (10x125 MB) + 100 GB for sensitive data -collection (200x500 MB) + 600 GB additional for sensitive data collection (10% of 6 TB) = 861.25 GB -total disk space. - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By -default, SDD scans are configured to run two concurrent threads. For example, if the job is -configured to scan 8 hosts at a time with two concurrent SDD threads, then an extra 32 GB of RAM are -required (8x2x2=32). - -Additional Server Considerations for File System Scans - -If Data Activity Tracking for NAS is required or if NetApp Filers running Clustered Data ONTAP are -in scope, reducing latency between the scanning server and the target device is highly recommended. -Additional hardware may be required, especially if the target NAS devices are not collocated with -the Enterprise Auditor Console server. - -Sensitive Data Discovery Auditing Requirement - -The following is required to run Sensitive Data Discovery scans: - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Permissions on the Console Server to Run File System Scans - -In most cases the Enterprise Auditor user is a member of the local Administrators group on the -application server. However, if the Role Based Access usage is employed, then the user assigned the -role of Job Initiator (for manual execution) or the credential used for the Schedule Service Account -(for scheduled execution) must have the following permissions to execute File System scans in local -mode, applet mode, or proxy mode with applet: - -- Group membership in either of the following local groups: - - - Backup Operators - - Administrators - -These permissions grant the credential the ability to create a high integrity token capable of -leveraging the “Back up files and directories” from where the Enterprise Auditor executable is run. - -Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the -installation directory. This is required by either the user account running the Enterprise Auditor -application, when manually executing jobs from the console, or the Schedule Service Account assigned -within Enterprise Auditor, when running jobs as a scheduled tasks. - -See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic and the -[File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for permissions required to scan the environment. - -## File System Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Enterprise | Extra-Large | Large | Medium | Small | -| ------------------------ | ------------------------------ | ----------------------------------- | ----------------------------------- | ----------------------------------- | ----------------------------------- | -| Definition | 800+ million files and folders | Up to 800 million files and folders | Up to 500 million files and folders | Up to 200 million files and folders | Up to 100 million files and folders | -| RAM | 64 GB | 64 GB | 32 GB | 16 GB | 8 GB | -| Cores | 16 CPU | 16 CPU | 12 CPU | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | 4 | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | 160 GB | -| SQL Database Disk | 1.6 TB | 830 GB | 530 GB | 400 GB | 170 GB | -| SQL Transaction Log Disk | 390 GB | 200 GB | 170 GB | 130 GB | 70 GB | -| SQL TEMP DB Disk | 1 TB | 530 GB | 400 GB | 270 GB | 130 GB | - -Additional SQL Server Requirements for File System Scans - -The following are additional requirements for the SQL Server specifically for the File System -solution: - -- For File-level Auditing – SQL Server standard edition or higher required -- For File Activity Auditing – SQL Server Enterprise Edition is required - -# Applet Mode Permissions - -When File System scans are run in applet mode, it means the File System applet is deployed to the -target host when the job is executed to conduct data collection. However, the applet can only be -deployed to a server with a Windows operating system. The data is collected on the Windows target -host where the applet is deployed. The final step in data collection is to compress and transfer the -data collected in the SQLite database(s), or Tier 2 database(s), back to the Enterprise Auditor -Console server. If the target host is a NAS device, the File System scans will default to local mode -for that host. - -Configure the credential(s) with the following rights on the Windows target host(s): - -- Group membership in the local Administrators group -- Granted the “Backup files and directories” local policy privilege -- Granted the “Log on as a batch” privilege -- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local - Policies > Security Options privilege - -Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the -installation directory on the target host/proxy server as well as on the Enterprise Auditor Console -server. This is required by either the user account running the Enterprise Auditor application, when -manually executing jobs within the console, or the Schedule Service Account assigned within -Enterprise Auditor, when running jobs as a scheduled tasks. - -_Remember,_ Remote Registry Service must be enabled on the host where the applet is deployed (for -Applet Mode or Proxy Mode with Applet scans) to determine the system platform and where to deploy -the applet. - -**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials -for network authentication” must be disabled in order for the applet to start. - -Sensitive Data Discovery Auditing scans also require .NET Framework 4.7.2 or later. to be installed -on the server where the applet is to be deployed in order for Sensitive Data Discovery collections -to successfully occur. The Sensitive Data Discovery Add-On must be installed on the Enterprise -Auditor Console server, which enables Sensitive Data criteria for scans. - -When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials -within the Connection Profile assigned to the File System scans must be properly configured as -explained above. Also the firewall rules must be configured to allow for communication between the -applicable servers. - -See the -[Applet Mode Port Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for firewall rule information. - -# Applet Mode Port Requirements - -The following are the firewall settings are required when executing the Access Auditing (FSAA) -and/or Sensitive Data Discovery Auditing scans in applet mode for communication between Enterprise -Auditor and the host: - -| Communication Direction | Protocol | Ports | Description | -| ----------------------------------------------------- | -------- | ----- | ---------------------------------------- | -| Enterprise Auditor Console to Windows Server | TCP | 445 | SMB | -| Between Enterprise Auditor Console and Windows Server | TCP | 8767 | FSAA Applet Certificate Exchange | -| Between Enterprise Auditor Console and Windows Server | TCP | 8766 | FSAA Applet HTTPS communication security | - -**NOTE:** The FSAA applet https requests configuration port 8766 and the FSAA Applet Certificate -Exchange port 8767 can be customized on the Applet Settings page of the File System Access Auditor -Data Collector Wizard. - -**_RECOMMENDED:_** Configure target hosts to respond to ping requests. - -# Local Mode Permissions - -When File System scans are run in local mode, it means all of the data collection processing is -conducted by the Enterprise Auditor Console server across the network. The data is collected in the -SQLite database(s), or Tier 2 database(s), on the Enterprise Auditor Console server, and then -imported into theEnterprise Auditor database, or Tier 1 database, on the SQL Server. - -The account used to run either a manual execution or a scheduled execution of the File System scans, -must have the following permissions on the StealthAUDIT Console server: - -- Group membership in either of the following local groups: - - Backup Operators - - Administrators - -Configure the credential(s) with the following rights on the Windows host(s): - -- Group membership in both of the following local groups: - - Power Users - - Backup Operators -- Granted the “Backup files and directories” local policy privilege - -For Windows Server target hosts, the credential also requires: - -- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local - Policies > Security Options privilege - -In order to collect data on administrative shares and local policies (logon policies) for a Windows -target, the credential must have group membership in the local Administrators group. - -Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the -installation directory on the Enterprise Auditor Console server. This is required by either the user -account running the Enterprise Auditor application, when manually executing jobs within the console, -or the Schedule Service Account assigned within Enterprise Auditor, when running jobs as a scheduled -tasks. - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host.  By default, SDD scans are configured to run two concurrent threads. -For example, if the job is configured to scan 8 hosts at a time with two concurrent SDD threads, -then an extra 32 GB of RAM are required (8x2x2=32). - -When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials -within the Connection Profile assigned to the File System scans must be properly configured as -explained above. Also the firewall rules must be configured to allow for communication between the -applicable servers. - -See the -[Local Mode Port Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for firewall rule information. - -# Local Mode Port Requirements - -The following are the firewall settings are required when executing the Access Auditing (FSAA) -and/or Sensitive Data Discovery Auditing scans in local mode for communication between Enterprise -Auditor and the target host: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------------------------ | -------- | ----- | ----------- | -| Enterprise Auditor Console to File Server/Device | TCP | 445 | SMB | - -## Additional Firewall Rules for NetApp Data ONTAP Devices - -The NetApp communication security is configured on the Scan Settings page of the File System Access -Auditor Data Collector Wizard. One additional firewall setting is required when targeting either a -NetApp Data ONTAP 7-Mode device or a NetApp Data ONTAP Cluster-mode device. The required setting is -dependent upon how the NetApp communication security option is configured: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------------------- | -------- | ----- | ----------------------------------- | -| Enterprise Auditor Console to NetApp Device | TCP | 80 | HTTP NetApp communication security | -| Enterprise Auditor Console to NetApp Device | TCP | 443 | HTTPS NetApp communication security | - -# Proxy Mode with Applet Permissions - -When File System scans are run in proxy mode with applet, it means the File System applet is -deployed to the Windows proxy server when the job is executed to conduct data collection. The data -collection processing is initiated by the proxy server where the applet is deployed and leverages a -local mode-type scan to each of the target hosts. The final step in data collection is to compress -and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Enterprise -Auditor Console server. - -Configure the credential(s) with the following rights on the proxy server(s): - -- Group membership in the local Administrators group -- Granted the Backup files and directories local policy privilege -- Granted the Log on as a batch privilege -- If the applet is deployed as a service, the service account requires the Log on as a service - privilege - - - See the - [FSAA: Applet Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - topic for additional information on the applet launch mechanism - -- If running FSAC, the service account in the credential profile requires access to the admin share - (e.g. `C$`) where the `sbtfilemon.ini` file exists - -Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the -installation directory on the proxy server as well as on the Enterprise Auditor Console server. This -is required by either the user account running the Enterprise Auditor application, when manually -executing jobs within the console, or the Schedule Service Account assigned within Enterprise -Auditor, when running jobs as a scheduled tasks. - -_Remember,_ Remote Registry Service must be enabled on the host where the applet is deployed (for -Applet Mode or Proxy Mode with Applet scans) to determine the system platform and where to deploy -the applet. - -**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials -for network authentication” must be disabled in order for the applet to start. - -Configure the credential(s) with the following rights on the Windows host(s): - -- Group membership in both of the following local groups: - - Power Users - - Backup Operators -- Granted the “Backup files and directories” local policy privilege - -For Windows Server target hosts, the credential also requires: - -- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local - Policies > Security Options privilege - -Sensitive Data Discovery Auditing scans also require .NET Framework 4.7.2 or later. to be installed -on the server where the applet is to be deployed in order for Sensitive Data Discovery collections -to successfully occur. The Sensitive Data Discovery Add-On must be installed on the Enterprise -Auditor Console server, which enables Sensitive Data criteria for scans. - -When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials -within the Connection Profile assigned to the File System scans must be properly configured as -explained above. Also the firewall rules must be configured to allow for communication between the -applicable servers. - -See the -[Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for firewall rule information. - -Secure Proxy Communication Considerations - -For Proxy Mode with Applet scans, the certificate exchange mechanism and certificate exchange port -must be configured via the File System Access Auditing Data Collector Wizard prior to executing a -scan. See the -[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -# Proxy Mode with Applet Port Requirements - -The following are the firewall settings are required when executing the Access Auditing (FSAA) -and/or Sensitive Data Discovery Auditing scans in proxy mode with applet for communication between -Enterprise Auditor and the proxy server: - -| Communication Direction | Protocol | Ports | Description | -| ----------------------------------------------------------- | -------- | ----- | ---------------------------------------- | -| Enterprise Auditor Console to Windows Proxy Server | TCP | 445 | SMB | -| Between Enterprise Auditor Console and Windows Proxy Server | TCP | 8767 | FSAA Applet Certificate Exchange | -| Between Enterprise Auditor Console and Windows Server | TCP | 8766 | FSAA Applet HTTPS communication security | - -**NOTE:** The FSAA applet https requests configuration port 8766 and the FSAA Applet Certificate -Exchange port 8767 can be customized on the Applet Settings page of the File System Access Auditor -Data Collector Wizard. - -The following are the firewall settings are required when executing the Access Auditing (FSAA) -and/or Sensitive Data Discovery Auditing scans in proxy mode with applet for communication between -the proxy server and the target host: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------------------ | -------- | ----- | ----------- | -| Windows Proxy Server to File Server/Device | TCP | 445 | SMB | - -## Additional Firewall Rules for NetApp Data ONTAP Devices - -_Remember,_ NetApp communication security is configured on the Scan Settings page of the File System -Access Auditor Data Collector Wizard. One additional firewall setting is required when targeting -either a NetApp Data ONTAP 7-Mode device or a NetApp Data ONTAP Cluster-Mode device. The required -setting is dependent upon how the NetApp communication security option is configured: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------------------- | -------- | ----- | ----------------------------------- | -| Enterprise Auditor Console to NetApp Device | TCP | 80 | HTTP NetApp communication security | -| Enterprise Auditor Console to NetApp Device | TCP | 443 | HTTPS NetApp communication security | - -## Additional Firewall Rules for Windows File Servers - -The following firewall setting is also required when targeting a Windows file server: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------------------- | -------- | ----- | -------------------------- | -| Enterprise Auditor Console to Windows Server | TCP | 135 | for pre-scan access checks | - -**_RECOMMENDED:_** Configure target hosts to respond to ping requests. - -# Proxy Mode Server Requirements - -The Enterprise Auditor File System Proxy requirements apply for servers where either the service is -installed or the applet will be deployed unless otherwise stated. - -**NOTE:** Align the proxy server requirements to match the environment size the proxy server will be -handling. - -The server can be physical or virtual. The requirements for Enterprise Auditor are: - -- Windows Server 2016 through Windows Server 2022 - - - US English language installation - - Domain member - -RAM, CPU, and Disk Space - -RAM, CPU, and Disk Space are dependent upon the size of the target environment: - -**CAUTION:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By -default, SDD scans are configured to run two concurrent threads. For example, if the job is -configured to scan 8 hosts at a time with two concurrent SDD threads, then an extra 32 GB of RAM are -required (8x2x2=32). - -- Enterprise Environment (800 million+ files and folders) - - - 24 GB RAM - - 8 CPU Cores - - 1.5 TB Disk Space - -- Extra-Large Environment (Up to 800 million files and folders) - - - 24 GB RAM - - 8 CPU Cores - - 770 GB Disk Space - -- Large Environment (Up to 500 million files and folders) - - - 16 GB RAM - - 8 CPU Cores - - 470 GB Disk Space - -- Medium Environment (Up to 200 million files and folders) - - - 12 GB RAM - - 4 CPU Cores - - 270 GB Disk Space - -- Small Environment (Up to 100 million files and folders) - - - 4 GB RAM - - 2 CPU Cores - - 130 GB Disk Space - -The above recommended disk space sizing information is based on the needs of Enterprise Auditor as -well as the File System solution for running Permission scans with out of the box configuration (500 -MB per million files and folders), that means no tag collection, file-level scanning, activity, or -sensitive data. - -- For tag collection, add 125 MB per million documents to the totals above -- For activity collection, add 250 MB per million files and folders and another 125 MB per million - activity events to the totals above -- For sensitive data collection, add 500 MB per million files and folders and another 1%-10% of the - total size of the documents scanned for sensitive data (depending on targeted document types and - selected criteria) to the totals above - -For example, in order to scan 200 million files and folders, of which 10 million files will be -scanned for tag collection and sensitive data with a total size of 6 TB, you would need: 160 GB for -permission collection + 1.25 GB for tag collection (10x125 MB) + 100 GB for sensitive data -collection (200x500 MB) + 600 GB additional for sensitive data collection (10% of 6 TB) = 861.25 GB -Disk Space. - -Additional Server Requirements - -The following are additional requirements for the server: - -- .NET Framework 4.7.2 Installed - - **NOTE:** .NET Framework 4.7.2 can be downloaded from the link in the Microsoft - [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) - article. - -- Remote Registry Service enabled - - **NOTE:** The Remote Registry Service only needs to be enabled when running Applet Mode or Proxy - Mode with Applet scans. - -Sensitive Data Discovery Auditing - -The following is required to run Sensitive Data Discovery scans: - -- Sensitive Data Discovery Add-On installed on the proxy server - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration. It will not conflict with other JDKs or Java Runtimes in the same environment. - -See the following topics for additional information, based on the type of proxy mode you plan to -use: - -- Proxy Mode with Applet - - - [Proxy Mode with Applet Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - - [Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - -- Proxy Mode as a Service - - - [Proxy Mode as a Service Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - - [Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - -# Proxy Mode as a Service Permissions - -When File System scans are run in proxy mode as a service, there are two methods available for -deploying the service: - -- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be - installed on the Windows proxy servers prior to executing the scans. This is the recommended - method. -- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the - Windows proxy server when the job is executed - -The data collection processing is conducted by the proxy server where the service is running and -leverages a local mode-type scan to each of the target hosts. The final step in data collection is -to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to -the Enterprise Auditor Console server. - -The secure communication is configured during the installation of the service on the proxy server. -The credential provided for the secure communications in the installation wizard is also added to -the Enterprise Auditor Connection Profile assigned to the File System Solution. - -File System Proxy Service Credentials - -The service can be run either as LocalSystem or with a domain account supplied during the -installation of the File System Proxy Service with the following permission on the proxy server: - -- Membership in the local Administrators group -- Granted the Log on as a service privilege (**Local Security Policies** > **Local Policies** > - **User Rights Assignment** > **Log on as a service**) -- If running FSAC, the service account in the credential profile requires access to the admin share - (for example, `C$`) where the `sbtfilemon.ini` file exists - -Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the -installation directory. - -Windows File Server Target Host Credentials - -Configure the credential(s) with the following rights on the Windows host(s): - -- Group membership in both of the following local groups: - - Power Users - - Backup Operators -- Granted the “Backup files and directories” local policy privilege - -For Windows Server target hosts, the credential also requires: - -- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local - Policies > Security Options privilege - -In order to collect data on administrative shares and local policies (logon policies) for a Windows -target, the credential must have group membership in the local Administrators group. - -Sensitive Data Discovery Auditing Consideration - -The Sensitive Data Discovery Add-on must be installed on the proxy server. This requirement is in -addition to having the Sensitive Data Discovery Add-on installed on the Enterprise Auditor Console -server. Sensitive Data Discovery Auditing scans also require .NET Framework 4.7.2 or later.If -running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount of -RAM. Each thread requires a minimum of 2 additional GB of RAM per host.. By default, SDD scans are -configured to run two concurrent threads. For example, if the job is configured to scan 8 hosts at a -time with two concurrent SDD threads, then an extra 32 GB of RAM are required (8x2x2=32). - -Secure Proxy Communication Considerations - -For secure proxy communication via https, a credential is supplied during installation to provide -secure communications between the Enterprise Auditor server and the proxy server. This credential -must be a domain account, but no additional permissions are required. It is recommended to use the -same domain account configured to run the proxy service as a credential in the Connection Profile to -be used by the File System Solution - -Secure Proxy Communication and Certificate Exchange - -For Proxy Mode as a Service Scans, the certificate exchange mechanism and certificate exchange port -must be configured via the File System Access Auditing Data Collector Wizard prior to executing a -scan. See the -[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -Enterprise Auditor Connection Profile - -When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials -within the Connection Profile assigned to the File System scans must be properly configured as -explained above. Also the firewall rules must be configured to allow for communication between the -applicable servers. - -See the -[Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for firewall rule information. - -# Proxy Mode as a Service Port Requirements - -The following are the firewall settings are required when executing the Access Auditing (FSAA) -and/or Sensitive Data Discovery Auditing scans in proxy mode as a service for communication between -Enterprise Auditor and the proxy server: - -| Communication Direction | Protocol | Ports | Description | -| ----------------------------------------------------------- | -------- | ----- | ---------------------------------------- | -| Between Enterprise Auditor Console and Windows Proxy Server | TCP | 8766 | FSAA Applet HTTPS communication security | -| Between Enterprise Auditor Console and Windows Proxy Server | TCP | 8767 | FSAA Applet Certificate Exchange | - -**NOTE:** The FSAA applet https requests configuration port 8766 and the FSAA Applet Certificate -Exchange port 8767 can be customized on the Applet Settings page of the File System Access Auditor -Data Collector Wizard. - -The following are the firewall settings are required when executing the Access Auditing (FSAA) -and/or Sensitive Data Discovery Auditing scans in proxy mode as a service for communication between -the proxy server and the target host: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------------------ | -------- | ----- | ----------- | -| Windows Proxy Server to File Server/Device | TCP | 445 | SMB | - -#### Additional Firewall Rules for NetApp Data ONTAP Devices - -_Remember,_ NetApp communication security is configured on the Scan Settings page of the File System -Access Auditor Data Collector Wizard. One additional firewall setting is required when targeting -either a NetApp Data ONTAP 7-Mode device or a NetApp Data ONTAP Cluster-mode device. The required -setting is dependent upon how the NetApp communication security option is configured: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------------------- | -------- | ----- | ----------------------------------- | -| Enterprise Auditor Console to NetApp Device | TCP | 80 | HTTP NetApp communication security | -| Enterprise Auditor Console to NetApp Device | TCP | 443 | HTTPS NetApp communication security | - -#### Additional Consideration for Windows File Servers - -The following firewall setting is also required when targeting a Windows file server: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------------------- | -------- | ----- | -------------------------- | -| Enterprise Auditor Console to Windows Server | TCP | 135 | for pre-scan access checks | - -**_RECOMMENDED:_** Configure target hosts to respond to ping requests. - -# File System Scan Options - -Required permissions on the targeted file system are dependent upon not only the type of environment -targeted but also the mode in which the data collection scan is executed. There are three primary -types of scan modes: local, applet, or proxy. The proxy mode can be conducted via applet deployment, -or via running as a service (installed in advance). - -For the purpose of this document, “applet” refers to the runtime deployment of the -`FSAAAppletServer.exe` to either the target host (applet mode scans) or the proxy host (proxy mode -with applet scans) via Microsoft Task Scheduler. A “proxy” host is any host which can be leveraged -for running File System scans against target hosts. - -## Local Mode - -When File System scans are run in local mode, it means all of the data collection processing is -conducted by the Enterprise Auditor Console server across the network. The data is collected in the -SQLite database(s), or Tier 2 database(s), on the Enterprise Auditor Console server, and then -imported into theEnterprise Auditor database, or Tier 1 database, on the SQL Server. - -![Illustrates the Enterprise Auditor server running the scan against a file server](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/filesystem/localmode.webp) - -The diagram illustrates the Enterprise Auditor server running the scan against a file server. - -See the following topics for additional information: - -- [Local Mode Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -- [Local Mode Port Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - -## Applet Mode - -**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials -for network authentication” must be disabled in order for the applet to start. - -When File System scans are run in applet mode, it means the File System applet is deployed to the -target host when the job is executed to conduct data collection. However, the applet can only be -deployed to a server with a Windows operating system. The data is collected on the Windows target -host where the applet is deployed. The final step in data collection is to compress and transfer the -data collected in the SQLite database(s), or Tier 2 database(s), back to the Enterprise Auditor -Console server. If the target host is a NAS device, the File System scans will default to local mode -for that host. - -![Illustrates the Enterprise Auditor server sending an FSAA applet to a targeted Windows file server, which runs the scan against locally, and then returns data to the Enterprise Auditor server](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/filesystem/appletmode.webp) - -The diagram illustrates the Enterprise Auditor server sending an FSAA applet to a targeted Windows -file server, which runs the scan against locally, and then returns data to the Enterprise Auditor -server. - -See the following topics for additional information: - -- [Applet Mode Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -- [Applet Mode Port Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - -## Proxy Mode with Applet - -**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials -for network authentication” must be disabled in order for the applet to start. - -When File System scans are run in proxy mode with applet, it means the File System applet is -deployed to the Windows proxy server when the job is executed to conduct data collection. The data -collection processing is initiated by the proxy server where the applet is deployed and leverages a -local mode-type scan to each of the target hosts. The final step in data collection is to compress -and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Enterprise -Auditor Console server. - -![Diagram of Enterprise Auditor server sending an FSAA applet to a proxy server](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/proxymodewithapplet.webp) - -The diagram illustrates the Enterprise Auditor server sending an FSAA applet to a proxy server, -which runs the scan against a file server, and then returns data to the Enterprise Auditor server. - -See the following topics for additional information: - -- [Proxy Mode Server Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -- [Proxy Mode with Applet Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -- [Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - -## Proxy Mode as a Service - -When File System scans are run in proxy mode as a service, there are two methods available for -deploying the service: - -- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be - installed on the Windows proxy servers prior to executing the scans. This is the recommended - method. -- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the - Windows proxy server when the job is executed - -The data collection processing is conducted by the proxy server where the service is running and -leverages a local mode-type scan to each of the target hosts. The final step in data collection is -to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to -the Enterprise Auditor Console server. - -The proxy communication is configured during the installation of the service on the proxy server and -certificate exchange options are configured via the Applet Settings page of the File System Access -Auditing Data Collector Wizard. The credential provided for the secure communications in the -installation wizard is also added to the Enterprise Auditor Connection Profile assigned to the File -System Solution. - -See the -[File System Proxy Service Installation](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) -topic for additional information. - -![Diagram of Enterprise Auditor server communicating securely with the proxy service on a proxy server](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp) - -The diagram illustrates the Enterprise Auditor server communicating securely with the proxy service -on a proxy server, which runs the scan against a file server, collecting the data locally and -securely. Then the proxy service returns data securely to the Enterprise Auditor server. - -See the following topics for additional information: - -- [Proxy Mode Server Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -- [Proxy Mode as a Service Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -- [Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - -# SharePoint Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -The SharePoint solution can be configure to run without an agent or to use the Enterprise Auditor -SharePoint Agent. See the -[SharePoint Agent Installation](/docs/accessanalyzer/11.6/installation/sharepoint-agent/install.md) -topic for additional information. - -In addition to these, integration with either the Netwrix Activity Monitor is required for event -activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for installation requirements and information on collecting activity data. - -**NOTE:** For Activity Auditing (SPAC) scans, the audit logs generated by SharePoint must be -retained for more days than the number of days between the Enterprise Auditor scans. - -**_RECOMMENDED:_** When configuring the Netwrix Activity Monitor, select all events to be monitored -in both the Documents and Items section and the List, Libraries, and Site section. - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. - -**NOTE:** If the Enterprise Auditor SharePoint Agent scan option is used, it is also be necessary -for the Sensitive Data Discovery Add-On to be installed on the servers as well. - -See the following topics for the SharePoint Agent and the target environment requirements: - -- [SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -- [SharePoint Support](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - -**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for -SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and -provisions it with the required permissions. See the -[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -## SharePoint Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Extra-Large | Large | Medium | Small | -| ----------- | ------------------------------------------------ | ------------------------------------------------- | ------------------------------------------------- | ----------------------------------------------- | -| Definition | ~5,000 Site Collections or 5+ TB of managed data | ~2,500 Site Collections or 1-5 TB of managed data | ~1,000 Site Collections or 500 GB of managed data | ~100 Site Collections or 100 GB of managed data | -| RAM | 24 GB | 16 GB | 12 GB | 4 GB | -| Cores | 8 CPU | 8 CPU | 4 CPU | 2 CPU | -| Disk Space | 460 GB | 280 GB | 160 GB | 80 GB | - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -Sensitive Data Discovery Auditing Requirement - -The following is required to run Sensitive Data Discovery scans: - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -## SharePoint Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Extra-Large | Large | Medium | Small | -| ------------------------ | ------------------------------------------------ | ------------------------------------------------- | ------------------------------------------------- | ----------------------------------------------- | -| Definition | ~5,000 Site Collections or 5+ TB of managed data | ~2,500 Site Collections or 1-5 TB of managed data | ~1,000 Site Collections or 500 GB of managed data | ~100 Site Collections or 100 GB of managed data | -| RAM | 64 GB | 32 GB | 16 GB | 8 GB | -| Cores | 16 CPU | 12 CPU | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | -| SQL Database Disk | 500 GB | 320 GB | 240 GB | 100 GB | -| SQL Transaction Log Disk | 120 GB | 100 GB | 80 GB | 40 GB | -| SQL TEMP DB Disk | 320 GB | 240 GB | 160 GB | 80 GB | - -# SharePoint Agent-Less Permissions - -When SharePoint agent-less scans are run, it means all of the data collection processing is -conducted by the Enterprise Auditor Console server across the network. - -The SharePoint agent-less scan architecture requires permissions to be configured on the specified -server: - -- SharePoint Application Server permissions: - - - Membership in the local Backup Operators group - - - This is required so Enterprise Auditor can read remote registry to identify if the server - is part of the farm, what the server’s role is, and to identify the location of the - SharePoint configuration database. - - - Membership in the local WSS_WPG group - - - This is required to gain read access to system resources used by Microsoft SharePoint - Foundation. - -- SharePoint Farm permissions: - - - Membership in the Farm Read group at the farm level - - - This is required so the Enterprise Auditor auditing account can make calls against the - SharePoint web services to remotely gather information around permissions, site hierarchy, - content and more. - - If the group does not exist already, then you will need to create a new group at that - level and grant it ‘Read’ access. Specifically, it is a group that exists within Central - Administration at the farm administrator level. This group only requires ‘Read’ access and - is not giving farm admin access. Once the group is created, add the service account that - Enterprise Auditor will be leveraging to scan SharePoint. - -- Web Application permissions: - - - Custom Role with Site Collection Auditor at the web application level with the Open Items - permission - - - This is needed for Enterprise Auditor to execute web service calls against Central - Administration. - -- SharePoint Database Server permissions: - - - SPDataAccess on the on the SharePoint Content database and all Configuration databases - - - This permission should be applied on the desired Configuration database and all Content - databases for the SharePoint version. - - This version-specific permission is required for Enterprise Auditor to execute read - operations directly against the SharePoint databases, gather information from the - configuration database regarding the names and locations of the web applications and - content databases, and give read access around sites, roles, and users. - -- MySites permissions are based on the SharePointAccess Data Collector configuration option: - - - Forcing the service account to become a temporary admin of the personal sites either as the - service account or as a member of the Company Administrators group requires SharePoint Farm - Administrator role or Site Collection Auditor at the web application housing MySites. - - The skipping inaccessible personal sites option will only scan sites where the service account - has administrative access. It requires the service account to be provisioned prior to the scan - to scan OneDrives / personal sites. - -# SharePoint Agent-Less Ports - -One of the following ports must be open for communication between Enterprise Auditor and the -SharePoint Online environment: - -| Port | Protocol | Source | Direction | Target | Purpose | -| ---- | -------- | --------------------------------- | --------- | ----------------------------- | ------------------- | -| 80 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Online Environment | HTTP Communication | -| 443 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Online Environment | HTTPS Communication | - -The following ports must be open for communication between Enterprise Auditor and the SharePoint -on-premise environment: - -| Port | Protocol | Source | Direction | Target | Purpose | -| ------- | -------- | --------------------------------- | --------- | ----------------------------- | ---------------------------------- | -| 1433 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint SQL Server | SharePoint SQL Database Connection | -| 445 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Application Server | Remote Registry Connection | -| 389/636 | TCP | Enterprise Auditor Console server | `<-->` | LDAP server | Authentication | -| 80 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Application Server | StealthAUDIT Communication Channel | - -# SharePoint Agent Permissions - -When Enterprise Auditor SharePoint scans are run in agent-based mode, the Enterprise Auditor -SharePoint Agent must be installed on the SharePoint Application server which hosts the Central -Administration component prior to executing the scans. This is typically the first server stood up -during the SharePoint farm installation process in this mode. The data collection processing is -conducted by the SharePoint Agent for the target environment. The final step in data collection is -to transfer the data collected in the SQLite databases, or Tier 2 databases, on the Enterprise -Auditor SharePoint Agent server back to the Enterprise Auditor Console server. - -The Enterprise Auditor SharePoint Agent needs to be installed on the: - -- SharePoint Application server hosting the Central Administration component - - - SharePoint® 2013 through SharePoint® 2019 - - Windows® Server 2012 through Windows® Server 2022 - -Additional Server Requirements - -The following are additional requirements for the Enterprise Auditor SharePoint Agent server: - -- .NET Framework 4.8 installed -- Port Sharing network feature - -Sensitive Data Discovery Auditing Requirement - -In addition to having the Sensitive Data Discovery Add-on be installed on the Enterprise Auditor -Console server, The following is required to run Sensitive Data Discovery scans: - -- Sensitive Data Discovery Add-On, 64-bit version, installed on the Enterprise Auditor SharePoint - Agent server -- .NET Framework 4.7.2 or later - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## Permissions Explained - -If limited provisioning of the service account is not required by the organization, then the -following permissions are sufficient for successful agent-based scans: - -- Membership in the local Administrator group on the on server where the Enterprise Auditor - SharePoint Agent is installed - - - Only needed for agent installation - -- SharePoint Application Server permissions: - - - Membership in the local Backup Operators group - - - This is required so Enterprise Auditor can read remote registry to identify if the server - is part of the farm, what the server’s role is, and to identify the location of the - SharePoint configuration database - - - Membership in the local WSS_WPG group - - - This is required to gain read access to system resources used by Microsoft SharePoint - Foundation - - - Log on as a Service in the Local Security Policy - - Full Control on the agent install directory, default path is: - - `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` - -- SharePoint Farm permissions: - - - Membership in the Farm Read group at the farm level - - - This is required so the Enterprise Auditor auditing account can make calls against the - SharePoint web services to remotely gather information around permissions, site hierarchy, - content and more - - If the group does not exist already, then you need to create a new group at that level and - grant it Read access. Specifically, it is a group that exists within Central - Administration at the farm administrator level. This group only requires Read access and - is not giving farm admin access. Once the group is created, add the service account that - Enterprise Auditor will be leveraging to scan SharePoint. - -- Web Application permissions: - - - Custom Role with Site Collection Auditor at the web application level with the Open Items - permission - - - This is needed for Enterprise Auditor to execute web service calls against Central - Administration - -- SharePoint Database Server permissions: - - - SPDataAccess on the SharePoint Content database and all Configuration databases - - - This permission should be applied on the desired Configuration database and all Content - databases for the SharePoint version - - This version-specific permission is required for Enterprise Auditor to execute read - operations directly against the SharePoint databases, gather information from the - configuration database regarding the names and locations of the web applications and - content databases, and give read access around sites, roles, and users - -- DB_Owner on Enterprise Auditor database if using Windows Authentication for the Storage Profile -- MySites permissions are based on the SharePointAccess Data Collector configuration option: - - - Forcing the service account to become a temporary admin of the personal sites either as the - service account or as a member of the Company Administrators group requires SharePoint Farm - Administrator role or Site Collection Auditor at the web application housing MySites - - The skipping inaccessible personal sites option only scans sites where the service account has - administrative access - - This grants Enterprise Auditor rights to scan MySites - -Additional permission models are explained for a less and least permission model. - -## SharePoint Agent-Based Less Privilege Permission Model - -If restricted permissions are desired by the organization, then the following permissions are needed -for the service account to successfully run SharePoint Agent-based scans. - -Prior to installation of the SharePoint Agent, the service account to be supplied during -installation and later used to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing -scans against the targeted SharePoint environment needs the following permissions: - -- Log on as a Service in the Local Security Policy -- Membership in the local IIS_IUSRS group -- Performance Log Users (for Sensitive Data Discovery only) - -After the SharePoint Agent installation, this service account needs the following additional -permissions to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing scans: - -- Site Collection Administrator on all Site Collections to be scanned -- Membership in the local Users group on the server where the SharePoint Agent is installed -- DB_Owner on Enterprise Auditor database if using Windows Authentication for the Storage Profile - -If the scans include Web Application scoping, then the following permissions are needed (can be -skipped if running full farm scans): - -- Membership in the local Backup Operators group -- Membership in the local WSS_WPG group -- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Configuration database - -After the Enterprise Auditor SharePoint Agent is installed, ensure that the service account has the -following permissions: - -- Full Control on the agent install directory, default path is: - - `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` - -The Enterprise Auditor SharePoint Agent utilizes Microsoft APIs. The Microsoft APIs require an -account with the following permissions in order to collect all of the data: - -- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Content databases -- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Configuration database - -**NOTE:** If scans include Web Application scoping, this last permission requirement is already met. - -## SharePoint Agent-Based Least Privilege Permission Model - -If a least privilege model is required by the organization, then the following permissions are -needed for the service account to successfully run SharePoint Agent-based scans. - -Prior to installation of the SharePoint Agent, the service account to be supplied during -installation and later used to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing -scans the targeted SharePoint environment needs the following permissions: - -- Log on as a Service in the Local Security Policy -- Service Account SID added to the `SMSvcHost.exe.config` file -- Performance Log Users (for Sensitive Data Discovery only) - -After the SharePoint Agent installation, this service account needs the following additional -permissions to run the Access Auditing (SPAA) scans: - -- Site Collection Administrator on all Site Collections to be scanned -- Membership in the local Users group on the server where the SharePoint Agent is installed -- DB_Owner on Enterprise Auditor database if using Windows Authentication for the Storage Profile - -If the scans include Web Application scoping, then the following permissions are needed (can be -skipped if running full farm scans): - -- READ Access on the following registry keys: - - - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg` - - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowPaths` - - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowExactPaths` - - For SharePoint 2013: - - - `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\Secure` - - `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\Secure\ConfigDB` - -- DB_DataReader on the SharePoint Configuration database -- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Configuration - database: - - - `proc_getObject` - - `proc_getObjectsByClass` - - `proc_getObjectsByBaseClass` - - `proc_getDependentObjectsByBaseClass` - - `proc_ReturnWebFeatures` - -After the Enterprise Auditor SharePoint Agent is installed, ensure that the service account has the -following permissions: - -- Full Control on the agent install directory, default path is: - - `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` - -The Enterprise Auditor SharePoint Agent utilizes Microsoft APIs. The Microsoft APIs require an -account with the following permissions in order to collect all of the data: - -- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Configuration - database: - - - `proc_getObject` - - `proc_getObjectsByClass` - - `proc_getObjectsByBaseClass` - - `proc_getDependentObjectsByBaseClass` - - `proc_ReturnWebFeatures` - - **NOTE:** The above four stored procedures would already have the correct permissions if Web - Application scoping is desired. - - - `[dbo].proc_getSiteName` - - `[dbo].proc_getSiteMap` - - `[dbo].proc_getSiteMapById` - -- DB_DataReader on the SharePoint Content databases and SharePoint AdminContent database, if - applicable -- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Content - databases and SharePoint AdminContent database (if applicable): - - - `[dbo].proc_EnumLists` - - `[dbo].proc_GetTpWebMetaDataAndListMetaData` - - `[dbo].proc_GetListMetaDataAndEventReceivers` - - `[dbo].proc_GetSiteProps` - - `[dbo].proc_GetListWebParts` - - `[dbo].proc_GetWebFeatureList` - - `[dbo].proc_GetListFields` - - `[dbo].proc_GetDocsMetaInfo` - - `[dbo].proc_GetDocIdUrl` - - `[dbo].proc_ListChildWebs` - - `[dbo].proc_ListChildWebs` - - `[dbo].proc_ListUrls` - - `[dbo].proc_ListChildWebs` - - `[dbo].proc_SecListAllSiteMembers` - - `[dbo].proc_SecRefreshToken` - - `[dbo].proc_SecListSiteGroups` - - `[dbo].proc_SecListSiteGroupMembership` - - `[dbo].proc_SecGetRoleDefs` - - `[dbo].proc_SecListSiteGroups` - - `[dbo].proc_SecListScopeUsers` - - `[dbo].proc_SecListScopeGroups` - - `[dbo].proc_SecAddWebMembership` - - `[dbo].proc_SecGetSecurityInfo` - - `[dbo].proc_SecGetPrincipalByLogin` - - `[dbo].proc_SecGetPrincipalDisplayInformation20` - - `[dbo].proc_SecGetRoleBindingsForAllPrincipals` - -# SharePoint Agent Ports - -The following are the firewall settings are required when executing the Access Auditing (FSAA) -and/or Sensitive Data Discovery Auditing scans in Agent-based mode for communication between -Enterprise Auditor and the target host: - -| Port | Protocol | Source | Direction | Target | Purpose | -| ------- | -------- | ------------------------------------------ | --------- | ------------------------------------------ | ---------------------------------------------------------------------- | -| 1433 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint SQL Server | SharePoint SQL Database Connection | -| 445 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Application Server | Remote Registry Connection (Only required for Web Application scoping) | -| 389/636 | TCP | Enterprise Auditor SharePoint Agent server | `<-->` | LDAP server | Agent Authentication | -| 9876\* | TCP | Enterprise Auditor Console server | `<-->` | Enterprise Auditor SharePoint Agent server | Enterprise Auditor Agent Communication Channel | - -\*Configurable value in the SharePoint Access Auditor Data Collector Wizard. - -# SharePoint Online Permissions - -SharePoint Online environments can only be scanned in Agent-less mode. When SharePoint agent-less -scans are run, it means all of the data collection processing is conducted by the Enterprise Auditor -Console server across the network. - -## Modern Authentication - -The SharePoint agent-less scan architecture uses modern authentication in the target environment: - -Tenant Global Administrator Role - -- Tenant Global Administrator role is required to provision the application - - - Modern authentication enables Enterprise Auditor to scan SharePoint Online and all OneDrives - in the target environment - -Permissions for Microsoft Graph APIs - -- Application Permissions: - - - Application.Read.All – Read all applications - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - Domain.Read.All – Read domains - - Files.Read.All – Read files in all site collections - - GroupMember.Read.All – Read all group memberships - - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an - organization - - Member.Read.Hidden – Read all hidden memberships - - Organization.Read.All – Read organization information - - OrgContact.Read.All – Read organization contact - - Policy.Read.All – Read your organization's policies - - Policy.Read.ConditionalAccess – Read you organization's conditional access policies - - Policy.Read.PermissionGrant – Read consent and permission grant policies - - ServiceHealth.Read.All – Read service health - - ServiceMessage.Read.All – Read service messages - - Sites.Read.All – Read items in all site collections - - Team.ReadBasic.All – Get a list of all teamss - - TeamMember.Read.All – Read the members of all teams - -- Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -Permissions for Office 365 Management APIs - -- Application Permissions: - - - ActivityFeed.Read – Read activity data for your organization - - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data - - ServiceHealth.Read – Read service health information for your organization - -Permissions for SharePoint APIs - -- Application Permissions: - - - Sites.FullControl.All – Have full control of all site collections - - Sites.Read.All – Read items in all site collections - - TermStore.Read.All – Read managed metadata - - User.Read.All – Read user profiles - -# SharePoint Online Ports - -One of the following ports must be open for communication between Enterprise Auditor and the -SharePoint environment: - -| Port | Protocol | Source | Direction | Target | Purpose | -| ---- | -------- | --------------------------------- | --------- | ----------------------------- | ------------------- | -| 80 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Online Environment | HTTP Communication | -| 443 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Online Environment | HTTPS Communication | - -# SharePoint Scan Options - -Required permissions on the targeted SharePoint environment are dependent upon not only the type of -environment targeted but also the type of data collection scan being executed. There are two types -of Access Auditing (SPAA) and/or Sensitive Data Discovery Auditing scans: agent-based and -agent-less. The Activity Auditing (SPAC) scans run as agent-less scans from Enterprise Auditor, but -they require the Netwrix Activity Monitor to have an activity agent deployed in the target -environment. - -## Agent-Based Type - -When Enterprise Auditor SharePoint scans are run in agent-based mode, the Enterprise Auditor -SharePoint Agent must be installed on the SharePoint Application server which hosts the Central -Administration component prior to executing the scans. This is typically the first server stood up -during the SharePoint farm installation process in this mode. The data collection processing is -conducted by the SharePoint Agent for the target environment. The final step in data collection is -to transfer the data collected in the SQLite databases, or Tier 2 databases, on the Enterprise -Auditor SharePoint Agent server back to the Enterprise Auditor Console server. - -**NOTE:** Agent-based scans can only target on-premise environments. - -See the following topics for additional information: - -- [SharePoint Agent Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -- [SharePoint Agent Ports](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - -## Agent-Less Type - -When SharePoint agent-less scans are run, it means all of the data collection processing is -conducted by the Enterprise Auditor Console server across the network. - -**NOTE:** Agent-less scans can target both on-premise and online environments. This is the only scan -mode that can run Activity Auditing (SPAC) scans. - -For Activity Auditing (SPAC) scans, target the server where the Netwrix Activity Monitor has a -deployed activity agent. - -See the following topics for additional information: - -- SharePoint Online - - - [SharePoint Online Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - - [SharePoint Online Ports](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - -- SharePoint On-Premise - - - [SharePoint Agent-Less Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - - [SharePoint Agent-Less Ports](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - -# Unix Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -See the -[Target Unix Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for target environment requirements. - -## Unix Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ------ | -------------- | -| RAM | 8+ GB | 4+ GB | -| Cores | 4+ CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Unix Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ------ | -------------- | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | - -# Windows Solution - -The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL -Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for the core requirements. - -See the -[Target Windows Server and Desktop Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for target environment requirements. - -## Windows Solution Requirements on the Enterprise Auditor Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ------ | -------------- | -| RAM | 8+ GB | 4+ GB | -| Cores | 4+ CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Windows Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ------ | -------------- | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md b/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md deleted file mode 100644 index a856db2f14..0000000000 --- a/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md +++ /dev/null @@ -1,210 +0,0 @@ -# Requirements - -This topic describes the recommended configuration of the servers needed to install the application -in a production environment. Depending on the size of the organization, it is recommended to review -your environment and requirements with a Netwrix engineer prior to deployment to ensure all -exceptions are covered. - -## Architecture Overview - -The following servers and applications are required for installation of the application: - -Core Components - -- Enterprise Auditor Console Server – This is where the v11.6 application is installed. -- SQL Server for Enterprise Auditor Database – As a data-intensive application, a well-provisioned, - dedicated SQL Server is recommended. -- Access Information Center Application Server – This application is typically installed on the - Enterprise Auditor Console server and is a browser-based, interactive dashboard for exploring - permissions, activity, and sensitive data. - - **NOTE:** The Access Information Center is often installed on the same server as the Enterprise - Auditor application, but it can be installed separately. - -Add-on Component - -- Enterprise Auditor Sensitive Data Discovery Add-On – This application is installed on the - Enterprise Auditor Console server as an add-on enabling Sensitive Data criteria for scans. In some - cases it must also be installed on additional servers. See the - [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) - topic for additional information. - -Exchange Solution-Specific Components - -- Enterprise Auditor MAPI CDO – This application is installed on the Enterprise Auditor Console - server to enable the Settings > Exchange global configuration interface within Enterprise Auditor. - -File System Solution-Specific Components - -- Enterprise Auditor File System Proxy Server – In certain environments, a proxy server may be - utilized to scan hosts in remote or firewalled sites to increase scan capacity in large - environments. This feature can be implemented through either an applet or a service. The applet - would be deployed as part of the data collection process. The service should be installed prior to - data collection. See the - [Proxy Mode as a Service](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#proxy-mode-as-a-service) - topic for server requirements. -- Enterprise Auditor Sensitive Data Discovery Add-On – This application is installed on the file - system proxy server where the File System Proxy Service is installed as an add-on enabling - Sensitive Data criteria for scans. - -SharePoint Solution-Specific Components - -- Enterprise Auditor SharePoint Agent Server – For agent-based scans, this application can be - installed on the SharePoint application server that hosts the “Central Administration” component - of the targeted farm(s) to auditing permissions, content, and sensitive data for SharePoint - On-Premise. See the - [SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for server requirements. -- Enterprise Auditor Sensitive Data Discovery Add-On – This application is installed on the same - server where the Enterprise Auditor SharePoint Agent is installed as an add-on enabling Sensitive - Data criteria for scans. - -Activity Event Data Considerations - -- Netwrix Activity Monitor – Enterprise Auditor depends upon integration with the Activity Monitor - for monitored event data for several solutions. See the - [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) - for installation requirements and information on collecting activity data. -- Netwrix Threat Prevention – Enterprise Auditor can integrate with Threat Prevention for Active - Directory and Windows File System event data. This integration works in conjunction with Netwrix - Activity Monitor. See the the - [Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) - for installation requirements and information on collecting activity data. - -Target Environment Considerations - -The target environment encompasses all servers, devices, or infrastructure to be audited by -Enterprise Auditor. Most solutions have additional target requirements. - -## Enterprise Auditor Console & Access Information Center Server Requirements - -The server can be physical or virtual. The requirements are: - -- Windows Server 2016 through Windows Server 2022 - -Additionally the server must meet these requirements: - -- US English language installation -- Domain member - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. See the following topics for -additional: - -- [Active Directory Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#active-directory-solution-requirements-on-the-enterprise-auditor-console) -- [Active Directory Permissions Analyzer Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#active-directory-permissions-analyzer-solution-requirements-on-the-enterprise-auditor-console) -- [AWS Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#aws-solution-requirements-on-the-enterprise-auditor-console) -- [Box Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#box-solution-requirements-on-the-enterprise-auditor-console) -- [Databases Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#databases-solution-requirements-on-the-enterprise-auditor-console) -- [Dropbox Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#dropbox-solution-requirements-on-the-enterprise-auditor-console) -- [Entra ID Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#entra-idsolution-requirements-on-the-enterprise-auditor-console) -- [Exchange Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#exchange-solution-requirements-on-the-enterprise-auditor-console) -- [File System Solution Requirements on the Enterprise Auditor Console ](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#file-system-solution-requirements-on-the-enterprise-auditor-console) -- [SharePoint Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#sharepoint-solution-requirements-on-the-enterprise-auditor-console) -- [Unix Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#unix-solution-requirements-on-the-enterprise-auditor-console) -- [Windows Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#windows-solution-requirements-on-the-enterprise-auditor-console) - -Additional Server Requirements - -The following are additional requirements for the Console server: - -- .NET Framework 4.7.2 installed, which can be downloaded from the link in the Microsoft - [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) - article. -- Microsoft SQL Server supports TLS 1.2, which requires the Enterprise Auditor Console server to - have either SQL Server Native Client 11 or Microsoft OleDB 18 installed - -Additional Server Considerations - -The following are recommended for the Console server: - -- 100/1000 Mb Network Connection -- SQL Server Management Studio installed (Optional) -- Font "arial-unicode-ms" installed (Needed for report Unicode character support) - -Permissions for Installation - -The following permissions are required to install and use the application: - -- Membership in the local Administrators group for the Enterprise Auditor Console server - - **NOTE:** Role based access can be enabled for a least privilege user model. - -Supported Browsers - -The following is a list of supported browsers for the Web Console and the Access Information Center: - -- Google® Chrome® -- Microsoft® Edge® -- Mozilla® Firefox® - -## SQL Server Requirements - -The server requirements include one of the following SQL Server versions: - -- SQL Server 2016 through SQL Server 2022 -- Azure SQL Managed Instances - -Additionally the server must meet this requirement: - -- US English language installation - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. See the following topics for -additional: - -- [Active Directory Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#active-directory-solution-requirements-on-the-sql-server) -- [Active Directory Permissions Analyzer Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#active-directory-permissions-analyzer-solution-requirements-on-the-sql-server) -- [AWS Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#aws-solution-requirements-on-the-sql-server) -- [Box Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#box-solution-requirements-on-the-sql-server) -- [Databases Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#databases-solution-requirements-on-the-sql-server) -- [Entra ID Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#entra-id-solution-requirements-on-the-sql-server) -- [Exchange Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#exchange-solution-requirements-on-the-sql-server) -- [File System Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#file-system-solution-requirements-on-the-sql-server) -- [SharePoint Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#sharepoint-solution-requirements-on-the-sql-server) -- [Unix Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#unix-solution-requirements-on-the-sql-server) -- [Windows Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#windows-solution-requirements-on-the-sql-server) - -Additional Server Requirements - -The following are additional requirements for the SQL Server: - -- SQL Server must be equal or newer version than the version to be targeted -- All SQL Server databases configured to use ‘Simple Recovery Model’ - -Additional Server Considerations - -The following additional considerations are recommended for the SQL Server: - -- The standard Autogrowth setting can cause Enterprise Auditor job delays. Database growth is - computationally intensive. While SQL Server is growing the database, no other activity can occur. - If this option is employed, please speak with a Netwrix engineer to determine an appropriate - setting for best performance. -- Microsoft SQL Server supports TLS 1.2, which requires the Enterprise Auditor Console server to - have either SQL Server Native Client 11 or Microsoft OleDB 18 installed. -- _Optional_: SQL Server Management Studio installed on the Enterprise Auditor Console server - -Database Permissions - -The following permissions are required on the databases: - -- Database Owner -- Provisioned to use Default Schema of ‘dbo’ - -## Virtual Environment Recommendations - -While physical machines are always preferred, we fully support the use of virtual machines. This -section contains special considerations when leveraging virtualization. - -- VMWare® ESX® – If using ESX, the following specifications are recommended: - - - ESX 4.0 / ESXi™ 4.1 or higher - - Virtual Hardware 7 or higher - - All Virtual Machines installed on the same datacenter / rack - -- Virtual Storage Consideration - - - In the server requirements, when separate disks are required for the servers, that should - translate to separate data stores on the VM host machine. diff --git a/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md b/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md deleted file mode 100644 index 26605ca3dd..0000000000 --- a/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md +++ /dev/null @@ -1,2634 +0,0 @@ -# Domain Target Requirements, Permissions, and Ports - -The Enterprise Auditor for Active Directory Permissions Analyzer Solution is compatible with the -following Active Directory versions as targets: - -- Windows Server 2016 and later -- Windows 2003 Forest level or higher - -**NOTE:** See the Microsoft -[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) -article for additional information. - -Domain Controller Requirements - -The following are requirements for the domain controllers to be scanned: - -- .NET Framework 4.5+ installed -- WINRM Service installed - -Data Collectors - -Successful use of the Enterprise Auditor Active Directory Permissions Analyzer solution requires the -necessary settings and permissions in a Microsoft® Active Directory® environment described in this -topic and its subtopics. This solution employs the following data collectors to scan the domain: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [ADPermissions Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - -## Permissions - -- LDAP Read permissions -- Read on all AD objects -- Read permissions on all AD Objects - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For ADPermissions Data Collector - -- TCP 389 -- TCP 135 – 139 -- Randomly allocated high TCP ports - -# Target Amazon Web Service Requirements, Permissions, and Ports - -The Enterprise Auditor for AWS Solution provides the ability to audit Amazon Web Services (AWS) to -collect IAM users, groups, roles, and policies, as well as S3 permissions, content, and sensitive -data from target AWS accounts. It scans: - -- Amazon AWS IAM -- Amazon AWS S3 - -Data Collector - -This solution employs the following data collector to scan the target environment: - -- [AWS Data Collector](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) - -## Permissions - -The permissions required to scan an AWS account are based on the type of information being -collected: - -- To collect details about the AWS Organization, the following permission is required: - - - organizations:DescribeOrganization - -- To collect details regarding IAM, the following permissions are required: - - - iam:GenerateCredentialReport - - iam:GenerateServiceLastAccessedDetails - - iam:Get\* - - iam:List\* - - iam:Simulate\* - - sts:GetAccessKeyInfo - -- To collect details related to S3 buckets and objects, the following permissions are required: - - - s3:Describe\* - - s3:Get\* - - s3:HeadBucket - - s3:List\* - -This provides a least privilege model for your auditing needs. See the -[Configure AWS for Scans](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -## Ports - -The following firewall ports are needed: - -For AWS Data Collector - -- 443 - -# Target Box Requirements, Permissions, and Ports - -The Enterprise Auditor for Box scans: - -- Box for Business - -Box Requirements - -The following are requirements from the target environment: - -- Enterprise_ID of the target Box environment - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [Box Data Collector](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For Box Data Collection - -Box scans require the Enterprise Admin or Co-Admin account credentials to generate an authorization -code. The following can be used as a least privilege model: - -- Enterprise Admin account -- Co-Admin account with the permission to **Run new reports and access existing reports** enabled - - - See the Box - [Co-Admin Permissions Required to Run Reports](https://support.box.com/hc/en-us/articles/15518640907283-Co-Admin-Permissions-Required-to-Run-Reports) - article for details on enabling this permission - -**NOTE:** Scans run with Co-Admin account credentials will complete. However, the data returned from -the scan might not include content owned by the Enterprise Admin account. - -See the -[Recommended Configurations for the Box Solution](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) -topic for additional information. - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For Box Data Collector - -- TCP 80 -- TCP 443 - -# Configure AWS for Scans - -In order to scan multiple AWS accounts using one account you need to create a role in each target -account, so that It can provide the designated scanning account permissions to scan resources it -controls. This is achieved through the following steps which will need to be completed leveraging a -user with administrative access to each target account: - -**Step 1 –** Create a Managed Policy in each target account that will be used to allow access to -account (S3, Org and IAM). - -**Step 2 –** Create a Role in each target account that will be used to allow access to listing IAM -users. - -**Step 3 –** Create a Managed Policy in the designated scanning account that will be used to allow -the service account to assume the configured role in each target account. - -**Step 4 –** Add Role to Enterprise Auditor. The Role created in the scanning account will need to -be added to the **1-AWS_OrgScan**, **2-AWS_S3Scan**, and **3-AWS_IAMScan** job query configurations. -See the -[AWS: Login Roles](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) -topic for additional information. - -Once these steps are completed, the role must be added to the AWS queries within Enterprise Auditor. - -## Create a Managed Policy in Each Target Account - -The following steps will need to be completed in each target account. - -**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the -Trusting account. - -![Create policy in Identity and Access Management (IAM) Console](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policies.webp) - -**Step 2 –** Browse to the Identity and Access Management (IAM) Console. Navigate to **Policies** -and click **Create policy**. - -![JSON tab in the Policy editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/jsontabpolicies.webp) - -**Step 3 –** Select the **JSON** tab. - -**Step 4 –** Paste the following: - -``` -{ -    "Version": "2012-10-17", -    "Statement": [ -        { -            "Sid": "CapabilityIamScan", -            "Effect": "Allow", -            "Action": [ -                "iam:GenerateCredentialReport", -                "iam:GenerateServiceLastAccessedDetails", -                "iam:Get*", -                "iam:List*", -                "iam:Simulate*", -        "sts:GetAccessKeyInfo" -            ], -            "Resource": "*" -        }, -        { -            "Sid": "CapabilityS3Scan", -            "Effect": "Allow", -            "Action": [ -                "s3:Describe*", -                "s3:Get*", -                "s3:HeadBucket", -                "s3:List*" -            ], -            "Resource": "*" -        } -    ] -} -``` - -**Step 5 –** Click **Review Policy**. - -**Step 6 –** Enter a name for the policy in the **Name** box. - -![Review policy page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/reviewpolicy.webp) - -**Step 7 –** Click **Create Policy**. - -**NOTE:** If the designated scanning account is not in Root (Master Account), create a second policy -in the Master Account with the following JSON definition: - -[Copy]() - -``` -{ -    "Version": "2012-10-17", -    "Statement": [ -        { -            "Sid": "RequiredCapabilityOrgScan", -            "Effect": "Allow", -            "Action": [ -                "iam:GenerateOrganizationsAccessReport", -                "organizations:Describe*", -                "organizations:List*" -            ], -            "Resource": "*" -        } -    ] -} -``` - -The next step is to create a role in each target account that will be used to allow access to -listing IAM users. - -## Create a Role in Each Target Account - -The following steps will need to be completed in each target account. For this, you will need the -Account ID of the designating scanning account. - -**NOTE:** If the scanning account is also a target account, be sure to complete these steps for the -scanning account as well. - -**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the -target account. - -![Create role in Identity and Access Management (IAM) Console](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/roles.webp) - -**Step 2 –** Navigate to **Access management** > **Roles** and click **Create role**. - -![Create role page Another AWS account option](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/createrole.webp) - -**Step 3 –** Select the **Another AWS Account** option and add the Account ID of the scanning -account that will be leveraged within Enterprise Auditor. - -**Step 4 –** Click **Next: Permissions**. - -![Add policies to role](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policiesadd.webp) - -**Step 5 –** Add the policy or policies created earlier in this topic to this role. - -**Step 6 –** Click **Next: Tags**. - -**Step 7 –** Click **Next: Review**. - -![Create role Review page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/reviewrole.webp) - -**Step 8 –** Enter a **Role name**. - -**Step 9 –** Click **Create Role**. - -The next step is to create a Managed Policy in the designated scanning account that will be used to -allow the service account to assume the configured role in each target account. - -## Configure the Scanning Account - -Create a Managed Policy in the scanning account that will be used to allow the user to assume the -roles configured in each target account. - -**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the -scanning account. - -![Create policy in Identity and Access Management (IAM) Console](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policies.webp) - -**Step 2 –** Navigate to **Access Management** > **Policies** and click **Create policy**. - -![JSON tab in the Policy editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/jsontabaccount.webp) - -**Step 3 –** Select the **JSON** tab. - -**Step 4 –** Paste the following: - -``` -{ -    "Version": "2012-10-17", -    "Statement": [ -        { -            "Sid": "RequiredCapabilityOrgScan", -            "Effect": "Allow", -            "Action": [ -                "iam:GenerateOrganizationsAccessReport", -                "organizations:Describe*", -                "organizations:List*" -            ], -            "Resource": "*" -        }, -        { -            "Sid": "RequiredCapabilityMemberAccountAccess", -            "Effect": "Allow", -            "Action": "sts:AssumeRole", -            "Resource": "arn:aws:iam::*:role/ROLENAME" -        } -    ] -} -``` - -**NOTE:** Replace `ROLENAME` with the name of the role that was created. If the `ROLENAME` is -different in each account, then a policy will need to be created for each distinct role name. - -**Step 5 –** Click **Review Policy**. - -![Review policy page Name field](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/reviewpolicyaccount.webp) - -**Step 6 –** Enter a **Policy Name**. - -**Step 7 –** Click **Create Policy**. - -**Step 8 –** Create a group with the service account user and assign both policies to this group. - -**Step 9 –** Under **Access Management** > **Users**, select the service account user. - -![Security credentials tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/securitycredentials.webp) - -**Step 10 –** In the Security credentials tab, click **Create access key**. Make sure to note the -Access key ID and Secret access key which need to be input into Enterprise Auditor. - -You can now create the Connection Profile for the AWS Solution. See the -[Amazon Web Services for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -# Azure Information Protection Target Requirements - -Microsoft® Azure is a cloud-based computing platform that provides a range of services, such as -file storage. Azure uses Azure Information Protection (AIP) labels, a Microsoft tool used to -classify and protect stored files. Enterprise Auditor employs the File System Solution to execute -Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans in order to find AIP -Protection labels and scan protected (i.e. encrypted) files for sensitive data. - -This document provides information needed to properly configure access required by Enterprise -Auditor to successfully scan for Azure Information Protection labels in a targeted environment. - -**NOTE:** Enterprise Auditor does not scan for AIP Marking labels, only Protection labels. - -## Workflow for Scanning AIP Labels - -Before the Enterprise Auditor File System solution can scan for Azure Information Protection (AIP) -labels, certain prerequisites are required both in Enterprise Auditor and Azure environments. - -1. [Rights Management Service Client Installation](#rights-management-service-client-installation) -2. [Create a Service Principal Account using PowerShell](#create-a-service-principal-account-using-powershell) -3. [Enable the Account as an AIP Super User using PowerShell](#enable-the-account-as-an-aip-super-user-using-powershell) -4. [Add User to the AIP Role in Microsoft® Azure](#add-user-to-the-aip-role-in-microsoft-azure) -5. [Enterprise Auditor Configurations](#enterprise-auditor-configurations) -6. Enable settings in FSAA Data Collector in Enterprise Auditor. - - - See the FileSystemAccess Data Collector section in the - [File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - topic for additional information - -## Prerequisites - -Ensure the following prerequisites are met before configuring AIP scanning: - -- Microsoft Entra ID Admin credentials -- The PowerShell `Install-Module` command requires: - - - PowerShell 5.0 (Run as Administrator) - - Windows Server 2016and later - -- Active Directory Rights Management Services Client 2.1 installed on the server where the FSAA - applet or proxy is being run - -## Rights Management Service Client Installation - -The Rights Management Service Client must be installed on the applet servers where FSAA is running. -This may be the local Enterprise Auditor server, a Proxy server, or a File Server running in applet -mode. - -- To install the Rights Management Service Client 2.1 on the server where the scan is taking place, - go to the Microsoft download center: - - [https://www.microsoft.com/en-us/download/details.aspx?id=38396](https://www.microsoft.com/en-us/download/details.aspx?id=38396) - -**_RECOMMENDED:_** Read the System Requirements and Install Instructions provided by Microsoft to -complete the installation. - -## Create a Service Principal Account using PowerShell - -Follow the steps to create a service principal account with a symmetric key to connect to AIP: - -**NOTE:** All PowerShell commands should be run in order through PowerShell as an Admin. - -**Step 1 –** Open up PowerShell (Administrator). - -**Step 2 –** Install and import MsOnline module: - -``` -Install-Module MsOnline -Import-Module MsOnline -``` - -**Step 3 –** Connect to Azure with the `Connect-MsolService` command. Enter the Azure credentials in -the **Sign in to your account** window that displays from Microsoft. - -**Step 4 –** Once successfully connected to Azure, create a service principal with the following -command: - -``` -New-MsolServicePrincipal -``` - -> Enter the **DisplayName** of the new service principal name. (For example, AIP_EnterpriseAuditor) - -**Step 5 –** Take note and save the **Symmetric Key** and **AppPrincipalID** to be used in later -steps. - -**CAUTION:** Do not lose the symmetric key. It is not retrievable again once the PowerShell window -is closed. - -The service principal account with the proper key has been created. - -## Enable the Account as an AIP Super User using PowerShell - -Follow the steps to enable the Service Principal Account in AIP as a Super User: - -**NOTE:** All PowerShell commands should be run in order through PowerShell as an Admin. - -**Step 1 –** In PowerShell, install Microsoft Azure Active Directory Rights Manager (AIPService) -module: - -``` -Install-Module AIPService -Import-Module AIPService -``` - -**Step 2 –** Connect to Azure using the `Connect-AIPService` command and supply Azure credentials in -the **Sign in to your account** window that displays from Microsoft. - -**Step 3 –** Add the service principal to the Azure AD Rights Management service super users, using -the AppPrincipalID saved from the steps in the -[Create a Service Principal Account using PowerShell](#create-a-service-principal-account-using-powershell) -section: - -``` -Add-AipServiceSuperUser-ServicePrincipalID -``` - -**Step 4 –** Enable the DisplayName account using the following command: - -``` -Enable-AIPServiceSuperUserFeature -``` - -The Service Principal Account is now added to the Rights Management service as a Super User, and the -Super User feature is enabled. - -## Add User to the AIP Role in Microsoft® Azure - -In Microsoft Azure, add the Account to the Azure Information Protection Administrator Role. - -**Step 1 –** Log into **http://portal.azure.com** with Azure credentials and select **Microsoft -Entra ID** from the list of resources on the left-hand pane. - -**Step 2 –** Navigate to **Roles and Administrators**. On the Administrative Roles page, select the -**Azure Information Protection Administrator** role. - -**Step 3 –** Use the **Add Assignment** button to display the Add assignments pane. Search for the -name of the new service principal account (the **DisplayName** entered in PowerShell) and add it to -the list of assignments. - -The Service Principal Account is now successfully added to the Azure Information Protection -Administrator role. - -## Enterprise Auditor Configurations - -Before Enterprise Auditor can scan for AIP labels, two configurations must be done prior to the -initial scan. - -- [Azure Connection Profile ](#azure-connection-profile) -- [Configure FSAA Data Collector](#configure-fsaa-data-collector) - -### Azure Connection Profile - -To collect tags for files protected with Azure Information Protection, an Azure connection profile -must be configured in Enterprise Auditor before an FSAA scan runs. See the -[Global Settings](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/overview.md) -topic for additional information on how to set up a connection profile at the global level. - -**Step 1 –** In Enterprise Auditor, add a credential for an Azure Active Directory account type to -the existing Connection Profile used for File System scanning. Supply the Client ID field with the -**AppPrincipalID** and the Key field with the **Symmetric key** created upon creation of the new -service principal. - -**Step 2 –** At the job level, apply the connection profile that contains both the Microsoft Entra -ID credential and credentials required for File System scanning under the **Jobs** > [__Job__] > -**Settings** > **Connection** node. - -**Step 3 –** Ensure that the job is configured correctly before running a scan. See the -[Configure FSAA Data Collector](#configure-fsaa-data-collector) topic for additional information. - -An Azure Connection Profile has now been successfully created for an FSAA scan. - -### Configure FSAA Data Collector - -In Enterprise Auditor, configure the FSAA Data Collector wizard pages to scan files protected by -Azure Information Protection. This can be done for both FSAA System Scans and SEEK System Scans. In -the FSAA Data Collector Wizard, configure the following menus to scan for AIP protection labels: - -For FSAA System Scans: - -- Scan Server Selection – Choose the server that scanning is executed on. Target the server that has - the Rights Management Service Client 2.1 installed where the applet is running. - - - This may be a proxy server, file server (applet mode), or the local Enterprise Auditor console - depending on scan configuration - -- Scan Settings – Select the **Enable scanning of files protected by Azure Information Protection** - checkbox to add AIP files to the scan criteria -- Azure Tenant Mapping page – Add the **AppPrincipalID** (App ID) and the **Domain Name** or - **Tenant ID** - - _Remember,_ the Azure Tenant Mapping page is only visible when the **Enable scanning of files - protected by Azure Information Protection** checkbox is selected on the Scan Settings page. - -- Default Scoping Options - - - File Details tab – **Include files protected by Azure Information Protection (AIP)** - - File Properties (Folder Summary) – **Include AIP Protected Files** - -- Scoping Options – if needed, scope to a specific subset of resources on a selected host - -For SEEK System Scans: - -- Scan Server Selection – Choose the server that scanning is executed on. Target the server that has - the Rights Management Service Client 2.1 installed where the applet is running. - - - This may be a proxy server, file server (applet mode), or the local Enterprise Auditor console - depending on scan configuration - -- Scan Settings – Select the **Enable scanning of files protected by Azure Information Protection** - checkbox to add AIP files to the scan criteria -- Azure Tenant Mapping page – Add the **AppPrincipalID** (App ID) and the **Domain Name** or - **Tenant ID** - - _Remember,_ the Azure Tenant Mapping page is only visible when the **Enable scanning of files - protected by Azure Information Protection** checkbox is selected on the Scan Settings page. - -- Scoping Options – if needed, scope to a specific subset of resources on a selected host -- Sensitive Data Settings – Select **Decrypt Files Protected by Azure Information Protection**. This - page only applies for SEEK scans. - -See the FileSystemAccess Data Collector section in the -[File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -topic for additional information on these scoping options. - -# Azure SQL Auditing Configuration - -Enterprise Auditor for Azure SQL relies on the native Azure SQL auditing capabilities to collect and -report on user activity, as well as successful or unsuccessful server or database logon activity. -Azure SQL Auditing supports three different audit log destinations. At present Enterprise Auditor -only supports storage as the audit log destination. This document describes the necessary -permissions required to configure the Enterprise Auditor Azure SQL Job Group. - -Enterprise Auditorfor Azure SQL enables users to create custom roles which allow for differential -access to Enterprise Auditor. - -Within Enterprise Auditor for Azure SQL, roles are created specifically to target Azure SQL -Databases: - -- Stand-Alone Databases -- Managed Instances -- Elastic Pools - -Role can be largely defined by the scope that particular role possesses. A scope-defined role has -access to, or is limited to all resources in a Management Group, Subscription, Resource Group or -Resource. For example, if all SQL databases reside within a resource group, then the scope can be -restricted to that resource group. If databases reside in different resource groups, then the scope -for the custom role should be at the subscription level. - -This will enable Enterprise Auditor to discover all the SQL databases present in the subscription. - -## Create a StealthAUDIT Custom Role - -Follow the steps below to create an Azure SQL custom role at the subscription level. - -![Azure Portal - Azure Services](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_1.webp) - -**Step 1 –** Sign in to Azure. Navigate to the Azure Services section and click **Subscriptions**. -This will navigate you to the Pay-As-You-Go page of the Azure Portal. - -**Step 2 –** Locate and click the **Access Control (IAM)** view option blade from the available -subscriptions in the left-hand menu. - -![Azure Portal - Pay as you Go - Access Control (IAM)](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_2.webp) - -**Step 3 –** Click **Add** > Add **Custom Role**. - -**Step 4 –** Create a JSON file using the subscription ID provided by Microsoft Azure (see the -example below) and save it to a local directory. - -```json -{ - "properties": { - "roleName": "StealthAUDIT Azure SQL Role", - - "description": "This is a custom role created for use by StealthAUDIT Azure SQL Job Group for Azure SQL Database discovery and auditing", - - "assignableScopes": ["/subscriptions/"], - - "permissions": [ - { - "actions": [ - "Microsoft.Authorization/\*/read", - - "Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action", - - "Microsoft.Sql/locations/administratorAzureAsyncOperation/read", - - "Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/\*", - - "Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/\*", - - "Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/\*", - - "Microsoft.Sql/managedInstances/databases/securityAlertPolicies/\*", - - "Microsoft.Sql/managedInstances/databases/sensitivityLabels/\*", - - "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/\*", - - "Microsoft.Sql/managedInstances/securityAlertPolicies/\*", - - "Microsoft.Sql/managedInstances/databases/transparentDataEncryption/\*", - - "Microsoft.Sql/managedInstances/vulnerabilityAssessments/\*", - - "Microsoft.Sql/servers/extendedAuditingSettings/read", - - "Microsoft.Sql/servers/databases/auditRecords/read", - - "Microsoft.Sql/servers/databases/currentSensitivityLabels/\*", - - "Microsoft.Sql/servers/databases/dataMaskingPolicies/\*", - - "Microsoft.Sql/servers/databases/extendedAuditingSettings/read", - - "Microsoft.Sql/servers/databases/read", - - "Microsoft.Sql/servers/databases/recommendedSensitivityLabels/\*", - - "Microsoft.Sql/servers/databases/schemas/read", - - "Microsoft.Sql/servers/databases/schemas/tables/columns/read", - - "Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/\*", - - "Microsoft.Sql/servers/databases/schemas/tables/read", - - "Microsoft.Sql/servers/databases/securityAlertPolicies/\*", - - "Microsoft.Sql/servers/databases/securityMetrics/\*", - - "Microsoft.Sql/servers/databases/sensitivityLabels/\*", - - "Microsoft.Sql/servers/databases/transparentDataEncryption/\*", - - "Microsoft.Sql/servers/databases/vulnerabilityAssessments/\*", - - "Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/\*", - - "Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/\*", - - "Microsoft.Sql/servers/devOpsAuditingSettings/\*", - - "Microsoft.Sql/servers/firewallRules/\*", - - "Microsoft.Sql/servers/read", - - "Microsoft.Sql/servers/securityAlertPolicies/\*", - - "Microsoft.Sql/servers/vulnerabilityAssessments/\*", - - "Microsoft.Sql/servers/azureADOnlyAuthentications/\*", - - "Microsoft.Sql/managedInstances/read", - - "Microsoft.Sql/managedInstances/azureADOnlyAuthentications/\*", - - "Microsoft.Security/sqlVulnerabilityAssessments/\*", - - "Microsoft.Sql/managedInstances/administrators/read", - - "Microsoft.Sql/servers/administrators/read", - - "Microsoft.Storage/storageAccounts/blobServices/containers/read", - - "Microsoft.Sql/servers/auditingSettings/read", - - "Microsoft.Sql/servers/databases/auditingSettings/read" - ], - - "notActions": [], - - "dataActions": [], - - "notDataActions": [] - } - ] - } -} -``` - -![Azure SQL Configuration - Create a Custom Role section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_3.webp) - -**Step 5 –** Once created, click **Start from JSON** in the Azure portal and select the JSON file. -Once that file is chosen, the Review + Create button should be enabled. - -Click **Review + Create** to create the role or click **Next** to review and edit the permissions. -Once the JSON file is opened, the Custom Role Name and Description boxes will be populated -automatically. The name and description of the custom role can be customized if required in this -step. - -![Azure SQL Configuration - Create a Cusotm Role window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_4.webp) - -**Step 6 –** Click Create. This action will save and finalize a custom role entitled Enterprise -Auditor Azure SQL Role. - -**Step 7 –** Click OK on the final screen to complete the custom role creation process. The custom -role can now be used to register the Enterprise Auditor application within the Azure portal. - -**NOTE:** Depending upon the number of resources in the Azure tenancy, it might take some time for -the role to be made available to the resources. - -## Register an Azure SQL Application - -Follow the steps below to create an Azure SQL Application Registration in the Azure portal. - -**Step 1 –** In the Azure portal under Azure Services, click the **App Registration** icon. - -![AzureSQL - App Registrations - New Registration](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_5.webp) - -**Step 2 –** Click **New Registration** in the Register an application blade. - -![Azure SQL - Register an Application](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_6.webp) - -**Step 3 –** Enter a **Name** for the application and select an appropriate option from the -Supported account types options. - -**Step 4 –** Click **Register** at the bottom of the page when finished. Once the application has -been registered, the App registration overview blade will appear. Take note of the _Application -(client) ID_ on this page. - -**NOTE:** The _Application (client) ID_ is required to create a Connection Profile within the -Enterprise Auditor. - -![Azure SQL - Register and App - Application ID](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_8.webp) - -**Step 5 –** Click the **Certificates & secrets** blade in the left-hand menu. Click **New Client -secret**. - -**Step 6 –** Enter a unique identifier in the Description field of the Add a client secret window. -Select a Expiration time frame from the drop down. Click **Add** when finished. - -_Remember,_ you will have to update the Enterprise Auditor Connection Profile once the expiration -time frame is reached (within 24 months, for example). - -**Step 7 –** Make note of the key under the Value column. - -**NOTE:** The Value key on this paged will be used to create the Enterprise Auditor connection -profile. - -![Azure SQL - Access Control (IAM) page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_11z.webp) - -## Add a Role Assignment - -Follow the steps below to add a role assignment to the custom role and newly registered Enterprise -Auditor Azure SQL application. - -**Step 1 –** Navigate to the Subscriptions blade and click the **Access Control (IAM)** option. -Click the **Add** drop down > Click **Add role assignment**. - -![Azure SQL - Add a Role Assignment](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_13z.webp) - -**Step 2 –** Search for and click the recently created custom role from the Role drop down. See -[Create a StealthAUDIT Custom Role](#create-a-stealthaudit-custom-role) for steps required to create -a custom role in the Azure portal. - -**Step 3 –** Search for and select the recently registered Azure SQL application from the Select -drop down. See [Register an Azure SQL Application](#register-an-azure-sqlapplication) for steps -required to register an Azure SQL application in the Azure portal. The registered application will -be visible in the Selected members window. Click **Save** when finished. - -![Azure SQL - Add a role assignment window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_14z.webp) - -**Step 4 –** Search for and select the SQL Server Contributor role in the Role drop down. - -**Step 5 –** Search for and select the recently registered Azure SQL application from the Select -drop down. See [Register an Azure SQL Application](#register-an-azure-sqlapplication) for steps -required to register an Azure SQL application in the Azure portal. The registered application will -be visible in the Selected members window. Click **Save** when finished. - -![Azure SQL - Access Control (IAM) window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_16z.webp) - -**Step 6 –** Navigate to the **Subscriptions** blade. Click **Access Control (IAM)**. - -**Step 7 –** Click the **Check access** menu tab Search for and select the recently registered Azure -SQL application from the drop down. See -[Register an Azure SQL Application](#register-an-azure-sqlapplication) for steps required to -register an Azure SQL application in the Azure portal. A preview window will appear on the -right-hand side of the window. - -# AzureSQL Target Least Privilege Model - -To access the AzureSQL database, users require the Control permission for the target database. Users -with the Control Database permission have access to perform activity scans due to the function -leveraged by AzureSQL to return the required audit logs. See the -[Auditing for Azure SQL Database and Azure Synapse Analytics](https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview?view=azuresql) -Microsoft Knowledge Base article for additional information. - -**_RECOMMENDED:_** It is recommended to create a new user when leveraging a least privilege access -model to access the AzureSQL database because the user must exist in the master database and all -target database(s). A least privilege access model is one that uses the bare minimum privileges -required to carry out collections for the AzureSQL data collector. - -The following role and permission are required for the Least Privilege Model: - -- db_datareader role -- View Database Performance State permission -- Control permission on target database(s) - - **NOTE:** Control permission must be granted on any database you wish to collect data for. - -Follow the steps to configure the least privilege access model for AzureSQL collections. - -**Step 1 –** To login with the user, run the following script against the master database: - -CREATE LOGIN LPAUser WITH PASSWORD = [insert password] - -CREATE USER LPAUser FROM LOGIN LPAUser - -**Step 2 –** Create the user in the target database with the following script: - -CREATE USER LPAUser FROM LOGIN LPAUser - -Once complete, confirm that the newly created user exists in the instance of the master database and -the target database before proceeding to the next step. - -**Step 3 –** Run the following script against the target database to apply the db_datareader role: - -EXEC sp_addrolemember N’db_datareader’, N’LPAUser’ - -**Step 4 –** Apply the View Database State Permission against the target database with the following -script: - -GRANT VIEW DATABASE PERFORMANCE STATE TO LPAUSER - -**Step 5 –** Grant the control permission with the following script: - -GRANT CONTROL ON DATABASE - -The user is granted Control permission based on the least privilege access model. - -# Oracle Target Least Privilege Model - -We recommend using an account DBA privilege to run Enterprise Auditor against an Oracle database. -However, if that is not acceptable all the privileges that are required to configure and run the -solution are below and can be used to implement the least privileges necessary. - -## Create Session Privilege - -Before getting started with the least privilege model, ensure that the Enterprise Auditor Connection -Profile user has the **Create Session** privilege granted. To do it, run the following command in -Oracle environment (SQL Plus or SQL Developer): - -``` -GRANT CREATE SESSION TO %USERNAME%;          -``` - -**NOTE:** The above command will grant the privilege only in the current container. To follow the -least privilege model, only grant the privilege on the containers (or pluggable databases) that you -will be scanning with Enterprise Auditor. - -However, if you target all of your pluggable databases, then to grant the **Create Session** -privilege on all of those containers at once, run the following command: - -``` -GRANT CREATE SESSION TO %USERNAME% CONTAINER=ALL;          -``` - -## User Credentials Role - -When using a least privileged model for Oracle, **SYSDBA** must be selected for the Role in the User -Credentials window for the Oracle Connection Profile. See the -[Oracle for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -## Oracle Server Discovery - -This Job uses Nmap to locate listening Oracle ports on servers by scanning for ports using the -service Oracle TNS Listener or optionally using specified ports, such as 1521. The Nmap utility can -be downloaded from [nmap.org](http://www.nmap.org/). To run this job, the user needs to have a -permission to execute any PowerShell script on the local host if the host is running the Microsoft -Windows operating system. In addition, on the Windows host, PowerShell execution policy needs to be -sent as well. For example, to set the execution policy to `Unrestricted`, run the following command -on the PowerShell command line: - -``` -Set-ExecutionPolicy -ExecutionPolicy Unrestricted           -``` - -In case of Linux and UNIX hosts, the `plink` command needs to be executed on the Enterprise Auditor -Console server to update the local file with the SSH keys. - -**NOTE:** The plink utility in the Enterprise Auditor installation directory has to be used. A -version of plink gets installed with the Nmap utility. - -The syntax is as follows: - -![administratorcommandprompt](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/administratorcommandprompt.webp) - -Run the following on the command prompt: - -``` -C:\Program Files (x86)\Stealthbits\StealthAUDIT\plink   -store_new_keys       -``` - -## Oracle SID Discovery - -This Job collects the Oracle SID from discovered Oracle servers and uses WMI or SSH to collect -running Oracle processes from the Oracle servers. The process is used to determine the name of the -Oracle SID. When multiple Oracle instances are running on a server, each SID will have its own entry -in this table. - -This Job requires local administrator rights on the target hosts in order to read the running -processes using either WMI or SSH. - -## Oracle Instance Discovery - -This Job verifies Oracle SID, IP Address, and Port combinations and inserts them into the -SA_SQL_Instances table. - -This Job requires read rights on the Oracle table DUAL, all users with any read right on an Oracle -server should be able to validate this query. - -For example, to grant a user `SELECT` permission on DUAL, run the following command in SQL Developer -or SQL\*Plus: - -``` -GRANT SELECT ON DUAL TO %USERNAME%; -``` - -**NOTE:** Replace `%USERNAME%` with the actual username of the user. - -``` -CONTAINER_DATA=ALL FOR %NAME_OF_PLUGGABLE_DATABASE% CONTAINER = CURRENT; -``` - -If you want to scan all pluggable databases in the given environment, run the following command in -the root container: - -``` -ALTER USER %USERNAME% SET CONTAINER_DATA=ALL CONTAINER = CURRENT; -``` - -## Oracle Permission Auditing - -The Oracle Permissions Scan job is responsible for collecting all permissions from all licensed -database types for all target instances. - -### Oracle Database 19c Series Permissions - -In order to collect permissions from Oracle Database 19c series, the user credential requires at -least the following `SELECT` privilege on the targeted database for the following views and tables: - -- CDB_COL_PRIVS view -- CDB_TAB_COLS view -- CDB_OBJECTS view -- CDB_PROFILES view -- CDB_ROLE_PRIVS view -- CDB_ROLES view -- CDB_SYS_PRIVS view -- CDB_TABLESPACES view -- CDB_TAB_PRIVS view. -- CDB_USERS view. -- V\_$DATABASE view. -- V\_$RSRC_CONSUMER_GROUP view. -- V\_$CONTAINERS view. -- V\_$PARAMETER view. -- V\_$PDBS view. -- V\_$INSTANCE view. -- SYS.USER$ table. -- DBA_TABLESPACES view -- DBA_ROLES view -- DBA_USERS view -- DBA_OBJECTS view -- DBA_COL_PRIVS view -- DBA_TAB_COLS view -- DBA_ROLE_PRIVS view -- DBA_SYS_PRIVS view -- DBA_TAB_PRIVS view - -For example, to grant all of the above privileges, run the following set of commands in SQL -Developer or SQL\*Plus: - -``` -GRANT CONNECT TO %USERNAME%; -GRANT CREATE SESSION TO %USERNAME%; -GRANT SELECT ON DUAL TO %USERNAME%; -GRANT SELECT ON CDB_COL_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; -GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; -GRANT SELECT ON CDB_PROFILES TO %USERNAME%; -GRANT SELECT ON CDB_ROLE_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_ROLES TO %USERNAME%; -GRANT SELECT ON CDB_SYS_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_TABLESPACES TO %USERNAME%; -GRANT SELECT ON CDB_TAB_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_USERS TO %USERNAME%; -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; -GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; -GRANT SELECT ON V_$PARAMETER TO %USERNAME%; -GRANT SELECT ON V_$PDBS TO %USERNAME%; -GRANT SELECT ON V_$INSTANCE TO %USERNAME%; -GRANT SELECT ON SYS.USER$ TO %USERNAME%; -GRANT SELECT ON DBA_TABLESPACES TO %USERNAME%; -GRANT SELECT ON DBA_ROLES TO %USERNAME%; -GRANT SELECT ON DBA_USERS TO %USERNAME%; -GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; -GRANT SELECT ON DBA_COL_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; -GRANT SELECT ON DBA_ROLE_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_SYS_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_TAB_PRIVS TO %USERNAME%; -``` - -### Oracle Database 12c Series Permissions - -In order to collect permissions from Oracle Database 12c series, the user credential requires at -least the following `SELECT` privilege on the targeted database for the following views and tables: - -- CDB_COL_PRIVS view -- CDB_TAB_COLS view -- CDB_OBJECTS view -- CDB_PROFILES view -- CDB_ROLE_PRIVS view -- CDB_ROLES view -- CDB_SYS_PRIVS view -- CDB_TABLESPACES view -- CDB_TAB_PRIVS view. -- CDB_USERS view. -- V\_$RSRC_CONSUMER_GROUP view. -- V\_$DATABASE view. -- V\_$PARAMETER view. -- V\_$PDBS view. -- V\_$CONTAINERS view. -- SYS.USER$ table. - -For example, to grant all of the above privileges, run the following set of commands in SQL -Developer or SQL\*Plus: - -``` -GRANT SELECT ON CDB_COL_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; -GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; -GRANT SELECT ON CDB_PROFILES TO %USERNAME%; -GRANT SELECT ON CDB_ROLE_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_ROLES TO %USERNAME%; -GRANT SELECT ON CDB_SYS_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_TABLESPACES TO %USERNAME%; -GRANT SELECT ON CDB_TAB_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_USERS TO %USERNAME%; -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; -GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; -GRANT SELECT ON V_$PARAMETER TO %USERNAME%; -GRANT SELECT ON V_$PDBS TO %USERNAME%; -GRANT SELECT ON SYS.USER$ TO %USERNAME%; -``` - -### Oracle Database 11g Series Permissions - -In order to collect permissions from Oracle Database 11g series, the user credential requires at -least the following `SELECT` privileges on the targeted database for the following views and tables: - -- DBA_COL_PRIVS view -- DBA_TAB_COLS view -- DBA_OBJECTS view -- DBA_PROFILES view -- DBA_ROLES view -- DBA_ROLE_PRIVS view -- DBA_SYS_PRIVS view -- DBA_TABLESPACES view -- DBA_TAB_PRIVS view -- DBA_USERS view -- V\_$RSRC_CONSUMER_GROUP view -- V\_$DATABASE view -- V\_$PARAMETER view -- SYS.USER$ table - -For example, to grant all of the above privileges, run the following set of commands in Oracle SQL -Developer or SQL\*Plus: - -``` -GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; -GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; -GRANT SELECT ON DBA_TABLESPACES TO %USERNAME%; -GRANT SELECT ON DBA_PROFILES TO %USERNAME%; -GRANT SELECT ON DBA_TAB_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_ROLES TO %USERNAME%; -GRANT SELECT ON DBA_ROLE_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_SYS_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_COL_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_USERS TO %USERNAME%; -GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON V_$PARAMETER TO %USERNAME%; -GRANT SELECT ON SYS.USER$ TO %USERNAME%; -``` - -## Oracle Sensitive Data Auditing - -This job is responsible for identifying sensitive data that has been stored within target database -instances. - -Before running this scan, ensure that Oracle database statistics are up to date at least for the -targeted schema or tables. Use one of the following commands: - -``` -EXEC DBMS_STATS.GATHER_SCHEMA_STATS('%SCHEMA_NAME%'); -EXEC DBMS_STATS.GATHER_TABLE_STATS('%SCHEMA_NAME%', ‘%TABLE_NAME%’); -``` - -### Oracle Database 12c Series Sensitive Data - -In order to perform a sensitive data scan on Oracle database 12c series, the user credential -requires at least the following `SELECT` privileges on the targeted database for the following -views: - -- V\_$CONTAINERS view -- V\_$DATABASE view -- CDB_TAB_COLS view -- CDB_OBJECTS view - -For example, to grant the above privileges, run the following set of commands in SQL Developer or -SQL\*Plus: - -``` -GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; -GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; -``` - -### Oracle Database 11g Series Sensitive Data - -In order to perform a sensitive data scan on Oracle database 11g series, the user credential -requires at least the following `SELECT` privileges on the targeted database for the following -views: - -- V\_$DATABASE view -- DBA_TAB_COLS view -- DBA_OBJECTS view - -For example, to grant the above privileges, run the following set of commands in SQL Developer or -SQL\*Plus: - -``` -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; -GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; -``` - -Please note that the `SELECT` privilege needs to be granted individually on all sensitive data -tables to be targeted (more secure). To accomplish it, run the following command for each targeted -sensitive data table: - -``` -GRANT SELECT ON %YOUR_SENSITIVE_DATA_TABLE% TO %USERNAME%; -``` - -*(Optional)* Grant the `SELECT` privilege on any table (less secure) by running the following -command: - -``` -GRANT SELECT ANY TABLE TO %USERNAME%; -``` - -## Oracle Activity Auditing - -This job is responsible for collecting audit data from configured database server audits on target -endpoints. - -### Oracle Database 12c Series Activity Data - -In order to perform an activity data scan on Oracle database 12c series, the user credential -requires at least the following `SELECT` privileges on the targeted database for the following -views: - -- V\_$DATABASE view -- CDB_COMMON_AUDIT_TRAIL view -- UNIFIED_AUDIT_TRAIL view - -For example, to grant the above privileges, run the following set of commands in SQL Developer or -SQL\*Plus: - -``` -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON CDB_COMMON_AUDIT_TRAIL TO %USERNAME%; -GRANT SELECT ON UNIFIED_AUDIT_TRAIL TO %USERNAME%; -``` - -If the audit trail mode is `QUEUED`, then audit records are not written to disk until the in-memory -queues are full. The following procedure explicitly flushes the queues to disk, so that the audit -trail records are viewable in the `UNIFIED_AUDIT_TRAIL` view: - -``` -EXEC SYS.DBMS_AUDIT_MGMT.FLUSH_UNIFIED_AUDIT_TRAIL; -``` - -### Oracle Database 11g Series Activity Data - -In order to perform an activity data scan on Oracle database 11g series, the user credential -required at least the following `SELECT` privileges on the targeted database for the following -views: - -- V\_$DATABASE view -- DBA_COMMON_AUDIT_TRAIL view - -For example, to grant the above privileges, run the following set of commands in SQL Developer or -SQL\*Plus: - -``` -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON DBA_COMMON_AUDIT_TRAIL TO %USERNAME%; -``` - -## Oracle Users with Default Passwords Job - -The 4-Oracle_DefaultPasswordUsers job is responsible for collecting usernames of users whose -passwords have not been updated since the database creation. - -The user needs to have a `SELECT` privilege on `CDB_USERS_WITH_DEFPWD` table for Oracle container -databases (version 12c and higher) or `DBA_USERS_WITH_DEFPWD` for the non-container database (any -version below 12c). - -To grant the required privileges, execute the following statements in SQL Developer or SQL\*Plus: - -For version 12c and later: - -``` -GRANT SELECT ON CDB_USERS_WITH_DEFPWD TO %USERNAME%; -``` - -For version 11g: - -``` -GRANT SELECT ON DBA_USERS_WITH_DEFPWD TO %USERNAME%; -``` - -# Target Db2 Requirements, Permissions, and Ports - -The Enterprise Auditor for Databases Solution provides the ability to audit and monitor Db2 database -environments to collect permissions and sensitive data. It scans: - -- DB2LUW 11+ - -Target Db2 Requirements - -Successful installation of the IBM Data Server Client is required to run the Db2 Job Group. In -addition, the following clients and drivers must be installed: - -- IBM Data Server Driver Package (DS Driver) -- IBM Data Server Driver for JDBC and SQLJ (JCC Driver) -- IBM Data Server Driver for ODBC and CLI (CLI Driver) -- IBM Data Server Runtime Client -- IBM Data Server Client -- IBM Database Add-Ins for Visual Studio -- IBM .NET Driver NuGet - -**NOTE:** All necessary clients and drivers can be found on IBM Support's -[Download initial version 11.5 clients and drivers](https://www.ibm.com/support/pages/download-initial-version-115-clients-and-drivers) -page. From the list of available packages, select the IBM Data Server Client, which is the -all-in-one client package. This package includes all of the client tools and available libraries, as -well as the add-ins for Visual Studio. - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For SQL Data Collector - -- Specified by Instances table (default is 5000) - -# Target MongoDB Requirements, Permissions, and Ports - -The Enterprise Auditor for Databases Solution provides the ability to audit and monitor MongoDB -database environments to collect permissions and sensitive data. It scans: - -- MongoDB 5.0 -- MongoDB 6.0 -- MongoDB 7.0 -- Windows and Linux distributions supported by MongoDB - -Target MongoDB Requirements for Sensitive Data Discovery Scans - -- .NET Framework 4.8 is required to run the MongoDB_SensitiveDataScan Job -- MongoDB Cluster on Windows Only – Domain Administrator or Local Administrator privilege - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [NoSQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) - -## Permissions - -For MongoDB Prerequisite - -- Read Only access to ALL databases in the MongoDB Cluster including: - - - Admin databases - - Config databases - - Local databases - -- Read Only access to any user databases is required for sensitive data discovery -- Read access to NOSQL instance -- Read access to MongoDB instance -- Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target - NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard - page - -## Ports - -The following firewall ports are needed: - -For NoSQL Data Collector - -- MongoDB Cluster -- Default port is 27017 (A custom port can be configured) - -# Target MySQL Requirements, Permissions, and Ports - -The Enterprise Auditor for Databases Solution provides the ability to audit and monitor MySQL -database environments to collect permissions and sensitive data. It scans: - -- MySQL 5.x -- MySQL 8.x -- Amazon MySQL RDS -- Amazon Aurora MySQL Engine -- MariaDB 10.x - -Target MySQL Requirements - -The following are requirements for the MySQL to be scanned: - -- WINRM Service installed and enabled — Required only if MySQL is running on Windows - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) - -## Requirements - -- Windows (Enterprise Auditor host) - Windows Management Framework 3+ installed on the Enterprise - Auditor Console server (Windows 2012 and later) -- Windows (MySQL host) - - WinRM enabled -- MySQL - - - Read access to all databases contained within each MySQL instance - - Domain Admin or Local Admin privilege (Windows only) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For MySQL Data Collection - -- Read access to MySQL instance to include all databases contained within each instance -- Windows Only — Domain Admin or Local Admin privilege - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For SQL Data Collector - -- Specified by Instances table (default is 3306) - -# Target Oracle Requirements, Permissions, and Ports - -The Enterprise Auditor for Databases Solution provides the ability to audit and monitor Oracle -database environments to collect permissions, sensitive data, and activity events. It scans: - -- Oracle Database 12c -- Oracle Database 18c -- Oracle Database 19c - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [PowerShell Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -- [SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For PowerShell Data Collection - -- Member of the Local Administrators group - -For Oracle Data Collection - -- User with SYSDBA role -- Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or - Unix operating systems - -There is a least privilege model for scanning your domain. See the -[Oracle Target Least Privilege Model](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For PowerShell Data Collector - -- Randomly allocated high TCP ports - -For SQL Data Collector - -- Specified by Instances table (default is 1521) - -# Target PostgreSQL Requirements, Permissions, and Ports - -The Enterprise Auditor for Databases Solution provides the ability to audit and monitor PostgreSQL -database environments to collect permissions and sensitive data. It scans: - -- Open Source PostgreSQL 9x through 12x -- Enterprise DB PostgreSQL (10x trhough 12x) -- Amazon AWS Aurora PostgreSQL Engine (all versions supported by Amazon AWS) -- Azure PostgreSQL (9.6) - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) - -## Requirements - -- Read access to all databases contained within each PostgreSQL instance -- Domain Admin or Local Admin privilege (Windows only) -- Login account for each instance of PostgreSQL to be audited - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For PostgreSQL Data Collection - -- Read access to all the databases in PostgreSQL cluster or instance -- Windows Only — Domain Admin or Local Admin privilege - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For SQL Data Collector - -- Specified by Instances table (default is 5432) - -# Target Redshift Requirements, Permissions, and Ports - -The Enterprise Auditor for Databases Solution provides the ability to audit and monitor Redshift -database environments to collect permissions and sensitive data. It scans: - -- Amazon AWS Redshift -- AWS Redshift Cluster - -Target Redshift Requirements - -- Creation of a user name and password through the AWS portal. -- Successful retrieval of the following items from the AWS website: - - - Database Name – Unique identifier for a specific database - - Port Number – String of unique numbers used by networks to identify specific incoming - processes - - Endpoint name – Publicly accessible elastic IP address specific to the database - -- Retrieval of the information from the Enterprise Auditor console. - -Additional requirements for Sensitive Data Discovery: - -- Windows Only – Domain Administrator or Local Administrator privilege - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For Redshift Data Collection - -- Read-access to the following tables: - - - pg_tables - - pg_user - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -# Target SQL Server Requirements, Permissions, and Ports - -The Enterprise Auditor for Databases Solution provides the ability to audit and monitor SQL Server -database environments to collect permissions, sensitive data, and activity events. It scans: - -- Azure SQL - -- SQL Server 2022 -- SQL Server 2019 -- SQL Server 2017 -- SQL Server 2016 - -Target SQL Server Requirements - -The following are requirements for the SQL Server to be scanned: - -- WINRM Service installed -- Ensure the following rights are in the `ROOT\Microsoft\SQLServer` and `ROOT\Interop` WMI - NameSpaces: - - - Execute Methods - - Enable Account - - Remote Enable - - **NOTE:** Restart WMI after applying changes. - -- For Activity Auditing – SQL Server Audit: - - - SQL Server Audit Specifications to be configured on the target databases - - Audit destination must be a binary file - - See the Microsoft - [Create a server audit and database audit specification](https://learn.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) - article. - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [SMARTLog Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/overview.md) -- [SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For SMARTLog Data Collection - -- Member of the local Administrators group - -For SQL Server Data Collection - -- For Instance Discovery, local rights on the target SQL Servers: - - - Local group membership to Remote Management Users - - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` - -- For permissions for data collection: - - - Read access to SQL instance - - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the - target SQL instance(s) when using the **Scan full rows for sensitive data** option on the - Options wizard page - - Grant Authenticate Server to [DOMAIN\USER] - - Grant Connect SQL to [DOMAIN\USER] - - Grant View any database to [DOMAIN\USER] - - Grant View any definition to [DOMAIN\USER] - - Grant View server state to [DOMAIN\USER] - - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) - -See the -[Azure SQL Auditing Configuration](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For SMARTLog Data Collector - -- TCP 135 -- TCP 445 -- Randomly allocated high TCP ports - -For SQL Data Collector - -- Specified by Instances table (default is 1433) - -# Target Dropbox Requirements, Permissions, and Ports - -The Enterprise Auditor for AWS Solution provides the ability to audit Dropbox. It scans: - -- Dropbox - -Data Collector - -This solution employs the following data collector to scan the target environment: - -- [DropboxAccess Data Collector](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) - -## Permissions - -- Dropbox Team Administrator - -The DropboxAccess Data Collector requires the generation of an access token that is used to -configure the Connection Profile for Dropbox. The access token is generated from within the Dropbox -Access Auditor Data Collector Wizard on the Scan Options page. Once the access token is copied into -a Connection Profile for Dropbox, it will be saved and does not need to be generated again. See the -[DropboxAccess: Scan Options](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -topic for additional information. - -## Ports - -The following firewall ports are needed: - -For DropboxAccess Data Collector - -- TCP 80 -- TCP443 - -# Target Exchange Servers Requirements, Permissions, and Ports - -The Enterprise Auditor for Exchange Solution is compatible with the following Exchange Server -versions as targets: - -- Exchange 2019 (Limited) -- Exchange 2016 (Limited) -- Exchange 2013 -- Exchange 2010 (Limited) - -See the -[Exchange Support and Permissions Explained](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for details on the type of auditing supported by data collector and by job group. - -Domain Controller Requirements - -The following are requirements for the Exchange servers to be scanned: - -- Enable Remote PowerShell on one Client Access Server (CAS) -- Enable Windows Authentication for the PowerShell Virtual Directory on the same CAS -- .NET Framework 4.5+ installed on all Exchange servers to be targeted -- WINRM Service installed on all Exchange servers to be targeted as a back up in the event of a - remote PowerShell failure -- Within the Enterprise Auditor Console, the global **Settings > Exchange** node must be configured - - **NOTE:** For Exchange 2013, 2016, and 2019 – If the global Settings have been configured for - "MAPI over HTTP," then an actual CAS server name was supplied and will be used by the ExchangePS - Data Collector. If the global Settings have been configured for "MAPI over HTTPS," then the - global Settings will have a web address instead of an actual server. Therefore, each ExchangePS - query requires the CAS server to be set as the specific server on the Category page. See the - [ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/11.6/solutions/exchange/recommended-reports.md) - topic for a list of queries for which this would apply. - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [EWSMailbox Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [Exchange2K Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMailbox Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangeMetrics Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePublicFolder Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [SMARTLog Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/overview.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For Exchange Web Services API Permissions with the EWSMailbox Data Collector - -- Exchange Admin Role -- Discovery Management Role -- Application Impersonation Role -- Exchange Online License - -See the -[Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -For Exchange Web Services API Permissions with the EWSPublicFolder Data Collector - -- Exchange Admin Role -- Discovery Management Role -- Application Impersonation Role -- Exchange Online License with a mailbox - -See the -[Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -For Exchange2K Data Collector - -- Member of the Exchange Administrator group -- Domain Admin for AD property collection -- Public Folder Management - -For ExchangeMailbox Data Collector - -- Member of the Exchange Administrator group -- Organization Management -- Discovery Management - -For Exchange Mail Flow with ExchangeMetrics Data Collector - -- Member of the local Administrator group on the targeted Exchange server(s) - -See the -[Exchange Mail-Flow Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -For Exchange Remote Connection with SMARTLog Data Collector - -- Member of the local Administrators group - -See the -[Exchange Remote Connections Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -For Exchange PowerShell with ExchangePS Data Collector - -- Remote PowerShell enabled on a single Exchange server -- Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server - where Remote PowerShell has been enabled -- View-Only Organization Management Role Group -- Discovery Search Management Role Group -- Public Folder Management Role Group -- Mailbox Search Role - -See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -For ExchangePublicFolders Data Collector - -- Member of the Exchange Administrator group -- Organization Management - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For EWSMailbox Data Collector - -- TCP 389 -- TCP 443 - -For EWSPublicFolder Data Collector - -- TCP 389 -- TCP 443 - -For Exchange2K Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports -- TCP 389 -- Optional TCP 445 - -For ExchangeMailbox Data Collector - -- TCP 135 -- Randomly allocated high TCP ports - -For ExchangeMetrics Data Collector - -- TCP 135 -- Randomly allocated high TCP ports - -For ExchangePS Data Collector - -- TCP 135 -- Randomly allocated high TCP ports - -For ExchangePublicFolder Data Collector - -- TCP 135 -- Randomly allocated high TCP ports - -For SMARTLog Data Collector - -- TCP 135 -- TCP 445 -- Randomly allocated high TCP ports - -# Target Exchange Online Requirements, Permissions, and Ports - -The Enterprise Auditor for Exchange Solution provides the ability to audit Exchange Online. It -scans: - -- Exchange Online (Limited) - -See the -[Exchange Support and Permissions Explained](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for details on the type of auditing supported by data collector and by job group. - -Data Collectors - -This solution employs the following data collectors to scan the target environment: - -- [AzureADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -- [EWSMailbox Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [EWSPublicFolder Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -- [ExchangePS Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - -## Permissions - -For .Entra ID Inventory Prerequisite with the AzureADInventory Data Collector - -- Microsoft Graph API - - - Application Permissions: - - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - - Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -- Access URLs - - - https://login.windows.net - - https://graph.windows.net - - https://login.microsoftonline.com - - https://graph.microsoft.com - - - All sub-directories of the access URLs listed - -See the -[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md) -topic for additional information. - -Permissions for the Registered Microsoft Entra ID Application: Office 365 Exchange Online - -- Application Permissions: - - - Exchange.ManageAsApp – Manage Exchange As Application - - full_access_as_app – Use Exchange Web Services with full access to all mailboxes - -- Exchange Administrator role assigned to the registered application's service principal - -See the -[Exchange Online Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/collaboration/exchange-online.md) -topic for additional information. - -For Exchange Web Services API Permissions with the EWSMailbox Data Collector - -- Exchange Admin Role -- Discovery Management Role -- Exchange Online License - -See the -[Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -For Exchange Web Services API Permissions with the EWSPublicFolder Data Collector - -- Exchange Admin Role -- Discovery Management Role -- Exchange Online License with a mailbox - -See the -[Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -For Exchange PowerShell with ExchangePS Data Collector - -- Discovery Management Role -- Organization Management Role - -See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -## Ports - -The following firewall ports are needed: - -For AzureADInventory Data Collector - -- TCP 80 and 443 - -For EWSMailbox Data Collector - -- TCP 389 -- TCP 443 - -For EWSPublicFolder Data Collector - -- TCP 389 -- TCP 443 - -For ExchangePS Data Collector - -- TCP 135 -- Randomly allocated high TCP ports - -# File System Supported Platforms - -Netwrix Enterprise Auditor audits Microsoft® Windows® file servers, Network Attached Storage (NAS) -devices, and Unix platforms. - -Enterprise Auditor employs the File System Solution to execute Access Auditing (FSAA), Activity -Monitoring (FSAC), and Sensitive Data Discovery Auditing scans. The Activity Monitoring (FSAC) scans -also require an additional application, either Netwrix Activity Monitor or Netwrix Threat -Prevention, to monitor the target environment. - -**NOTE:** Access Auditing and Sensitive Data Discovery Auditing support CIFS and NFSv3. - -Ports and permissions vary based on the scan mode option selected as well as the target environment. - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [FileSystemAccess Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - -Permissions and Ports for ADInventory Data Collector Prerequisite - -The following permissions are needed: - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -The following firewall ports are needed: - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions and Ports for FileSystemAccess Data Collector - -- Permissions vary based on the Scan Mode Option selected. See the File System Supported Platforms - topic for additional information. - -## Supported Windows Platforms - -The following are supported Microsoft® Windows® operating systems: - -- Windows Server 2022 -- Windows Server 2019 -- Windows Server 2016 - -See the -[Windows File Server Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/windows-file-systems.md) -topic for target environment requirements. - -Windows File System Clusters - -See the topic for target environment requirements. - -Windows File System DFS Namespaces - -See the topic for target environment requirements. - -## Supported Network Attached Storage Devices - -The following are supported Network Attached Storage (NAS) devices. - -Dell Celerra® & VNX - -- Celerra 6.0+ -- VNX 7.1 -- VNX 8.1 - -See the -[Dell Celerra & Dell VNX Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-celerra-vnx.md) -topic for target environment requirements. - -Dell Isilon/PowerScale - -- 7.0+ - -See the -[Dell Isilon/PowerScale Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-powerscale.md) -topic for target environment requirements. - -Dell Unity - -See the -[Dell Unity Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/dell-unity.md) -topic for target environment requirements. - -Hitachi - -- 11.2+ - -See the -[Hitachi Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/hitachi.md) -topic for target environment requirements. - -Nasuni Nasuni Edge Appliances - -- 8.0+ - -See the -[Nasuni Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nasuni.md) topic -for target environment requirements. - -NetApp Data ONTAP - -- 7-Mode 7.3+ -- Cluster-Mode 8.2+ - - **NOTE:** The Resiliency feature introduced in ONTAP 9.0 is not supported. - -See the following topics for target environment requirements: - -- [NetApp Data ONTAP Cluster-Mode Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-cmode.md) -- [NetApp Data ONTAP 7-Mode Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/netapp-7mode.md) - -Nutanix - -See the -[Nutanix Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/nutanix.md) -topic for target environment requirements. - -Qumulo - -- Qumulo Core 5.0.0.1B+ - -See the -[Qumulo Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/storage-systems/qumulo.md) topic -for target environment requirements. - -## Supported Unix Platforms - -The following are supported Unix operating systems for Access Auditing (FSAA) and Sensitive Data -Discovery Auditing only: - -- AIX® 4+ -- Solaris™ 8+ -- Red Hat® Enterprise Linux® 4+ -- Red Hat® Linux® 5.2+ -- HP-UX® 11+ -- SUSE® 10+ - -# SharePoint Support - -Netwrix products audit and monitor Microsoft® SharePoint® environments. Enterprise Auditor employs -the SharePoint solution to execute Access Auditing (SPAA) and Sensitive Data Discovery Auditing -scans against SharePoint on-premise and SharePoint Online. Through integration with Activity -Monitor, Enterprise Auditor can also execute Activity Auditing (SPAC) scans against SharePoint -on-premise and SharePoint online environments. Additionally, Activity Monitor can be configured to -provide activity data to various SIEM products. - -Ports and permissions vary based on the scan mode option selected as well as the target environment. - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -- [AzureADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -- [SharePointAccess Data Collector](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) - -Permissions and Ports for ADInventory Data Collector Prerequisite - -The following permissions are needed: - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -The following firewall ports are needed: - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions and Ports for AzureADInventory Data Collector Prerequisite - -The following permissions are needed: - -- Microsoft Graph API - - - Application Permissions: - - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - - Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -- Access URLs - - - https://login.windows.net - - https://graph.windows.net - - https://login.microsoftonline.com - - https://graph.microsoft.com - - - All sub-directories of the access URLs listed - -The following firewall ports are needed: - -- TCP 80 and 443 - -## Supported SharePoint Online - -The following are supported Microsoft® SharePoint® Online: - -- SharePoint Online® (Agent-less mode scans only) - -- OneDrive® for Business (Access Auditing and/or Sensitive Data Discovery Auditing for Agent-less - mode scans only) - -See the -[SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for -SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and -provisions it with the required permissions. See the -[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -## Supported SharePoint On-Premise - -The following are supported Microsoft® SharePoint® operating systems: - -- SharePoint® 2019 -- SharePoint® 2016 -- SharePoint® 2013 - -See the -[SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -# Target Unix Requirements, Permissions, and Ports - -The Enterprise Auditor for Unix Solution provides the ability to audit Unix servers. It scans: - -- AIX® 4+ -- Solaris™ 8+ -- Red Hat® Enterprise Linux® 4+ -- Red Hat® Linux® 5.2+ -- HP-UX® 11+ -- CentOS® 7+ -- SUSE® 10+ - -Data Collectors - -This solution employs the following data collectors to scan the target environment: - -- [NIS Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/overview.md) -- [Unix Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/unix/overview.md) - -## Permissions - -For NIS Data Collector Prerequisite - -- No special permissions are needed aside from access to a NIS server - -For Unix Data Collector - -- Root permissions in Unix/Linux - -If the Root permission is unavailable, a least privileged model can be used. See the -[Least Privilege Model](#least-privilege-model) topic additional information. - -## Ports - -The following firewall ports are needed: - -For NIS Data Collector Prerequisite - -- TCP 111 or UDP 111 -- Randomly allocated high TCP ports - -For Unix Data Collector - -- TCP 22 -- User configurable - -## Least Privilege Model - -Enterprise Auditor for Unix collects information from Unix devices by running commands or executing -scripts on your Unix hosts (if configured properly our tool can SCP scripts to your hosts before -execution). Therefore, the domain or local user credentials entered in the Connection Profile within -the Enterprise Auditor must be capable of running the necessary commands, executing the necessary -scripts or, in some cases, have rights to SCP scripts to the host. - -### Connecting to Unix Hosts - -Enterprise Auditor for Unix connects to your host in two ways: - -- Plink – This mechanism is leveraged during our tools Host Inventory to test connectivity to a host - and to collect basic details about a host (Host Name, OS Type, etc.) -- Implementation of the SSH2 protocol built into Enterprise Auditor – This is how the Unix Data - Collector interacts with and pulls information from your environment - -Authentication Methods - -- SSH Login Required -- SSH Private Key - - - Supported Key Types - - - Open SSH - - PuTTY Private Key - -Device Connectivity - -- SSH port opened in software and hardware firewalls. Default is 22. - - - If you do not use Port 22, you can specify your SSH port in the Connection Profile - -### Commands for Non-Root Accounts - -We recommend using the root account to run Enterprise Auditor against a Unix system. However, if -that is not acceptable all the commands we leverage in the solution set are below and can be used to -implement least privilege: - -All Perl scripts require the account to be able to execute the following commands: - -``` -scp [script] to a target location: /tmp/[script] -``` - -``` -perl [script] -``` - -``` -rm -f [script] -``` - -#### UX_UsersAndGroups Job Requirements - -The 1.Users and Groups > 0.Collection > UX_UsersAndGroups Job requires permissions in the Unix -environment to run the following commands: - -Commands Used - -- `grep` -- `egrep` -- `uname` -- `cat /etc/passwd` (read access) -- `cat /etc/group` (read access) -- `cat /etc/security/user` (read access) -- `cat /etc/shadow` - - - Requires root or customization to job to utilize sudo without password prompt (:NOPASSWD) - -- `egrep /etc/security/user` (read access) -- `egrep /etc/login.defs` (read access) -- `egrep /etc/default/passwd` (read access) -- `cat /etc/security/passwd` (read access) - -Perl Scripts Used - -``` -SA_UX_AIX_User.pl -``` - -``` -SA_UX_AIX_UserLastUpdate.pl -``` - -#### UX_MakeDirectory Job Requirements - -The 2.PrivilegedAccess > Sudoers > 0.Collection > UX_MakeDirectory Job requires permissions in the -Unix environment to run the following commands: - -Commands Used - -- `mkdir /tmp/Stealthbits/` - -#### UX_ParseSudoers Job Requires - -The 2.PrivilegedAccess > Sudoers > 0.Collection > UX_ParseSudoers Job requires permissions in the -Unix environment to run the following commands: - -**NOTE:** To parse sudoers we either need root or an account that has access to use sudo without -password prompt (:NOPASSWD) - -Commands Used - -- `sudo chmod 500 SA_UX_ParseSudoers.pl` -- `sudo ./SA_UX_ParseSudoers.pl` -- `sudo rm SA_UX_ParseSudoers.pl` -- `sudo rmdir /tmp/Stealthbits/` - -Perl Scripts Used - -``` -SA_UX_ParseSudoers.pl -``` - -This grants read access to  `/etc/sudoers` - -#### UX_CriticalFiles Job Requires - -The 2.PrivilegedAccess > UX_Critical Files Job requires permissions in the Unix environment to run -the following commands: - -Commands Used - -- `ls -al /etc/` -- `ls -al /etc/samba/` -- `ls -al /etc/sysconfig` - -#### UX_NFSConfiguration Job Requires - -The 3.Sharing > 0.Collection > UX_NFSConfiguration Job requires permissions in the Unix environment -to run the following commands: - -Perl Scripts Used - -``` -SA_UX_NFSConfiguration.pl -``` - -This grants: - -- read access to `/etc/exports` -- read access to `/etc/dfs/dfstab` - -#### UX_SambaConfiguration Job Requires - -The 3.Sharing > 0.Collection > UX_SambaConfiguration Job requires permissions in the Unix -environment to run the following commands: - -Perl Scripts Used - -``` -SA_UX_SambaConfiguration.pl -``` - -This grants: - -- read access to `/etc/sfw/smb.conf` -- read access to `/etc/samba/smb.conf` - -# Target Windows Server and Desktop Requirements, Permissions, and Ports - -The Enterprise Auditor for Windows Solution is compatible with the following Microsoft Windows -versions as targets: - -- Windows 7 and higher -- Windows Server 2016 and later - -Server and Desktop Requirements - -The following are requirements for the servers and desktops to be scanned: - -- WINRM Service installed - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [GroupPolicy Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/overview.md) -- [PowerShell Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -- [Registry Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/registry.md) -- [Script Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/scripting.md) -- [Services Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/services.md) -- [SMARTLog Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/overview.md) -- [SystemInfo Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -- [TextSearch Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/textsearch/overview.md) -- [UsersGroups Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/usersgroups/overview.md) -- [WMICollector Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/wmicollector/overview.md) - -## Permissions - -- Member of the local Administrators group -- If target host is a domain controller, member of the Domain Administrator group in the target - domain - -## Ports - -The following firewall ports are needed: - -For GroupPolicy Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For PowerShell Data Collector - -- Randomly allocated high TCP ports - -For Registry Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports - -For Script Data Collector - -- Randomly allocated high TCP ports - -For Services Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports - -For SMARTLog Data Collector - -- TCP 135 -- TCP 445 -- Randomly allocated high TCP ports - -For SystemInfo Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports - -For TextSearch Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports - -For UsersGroups Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports -- 445 - -For WMICollector Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/11.6/gettingstarted.md b/docs/accessanalyzer/11.6/gettingstarted.md new file mode 100644 index 0000000000..1785909e91 --- /dev/null +++ b/docs/accessanalyzer/11.6/gettingstarted.md @@ -0,0 +1,117 @@ +# Getting Started + +Once Enterprise Auditor is installed, the following workflow will quickly enable users to begin +auditing the organization’s IT infrastructure. See the +[Navigating the Console](/docs/accessanalyzer/11.6/admin/navigate/overview.md) +topic for additional information and data grid functionality. + +## Initial Configuration During First Launch + +During the initial Enterprise Auditor Configuration Wizard, users are walked through configuring +several key global settings: + +- Storage + + - Mandatory configuration during the first launch + - Requires credential on the SQL® Server database which is used to create and modify the + Enterprise Auditor database + - Option to either create a new database or point to an existing database + - If using Windows Authentication, the Schedule node must be configured also + - See the + [Storage](/docs/accessanalyzer/11.6/admin/settings/storage/overview.md) + topic for additional information + +- Schedule + + - Only appears if the Storage Profile is configured to use Windows Authentication + - If the Storage Profile is configured to use SQL Authentication, the setting is configured + later + - See the + [Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) + topic for additional information + +- Instant Job + + - Install the pre-configured solutions for which the organization is licensed + - See the + [Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) + topic for additional information + +## Global Settings Configured + +The global Settings have an overall impact on the running of Enterprise Auditor jobs. They are +managed through the Settings node at the top of the Navigation pane. The following global Settings +require configuration from the start: + +- [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + – Configure the Default Connection Profile and additional Connection Profiles as needed for + intended data collection +- [Schedule](/docs/accessanalyzer/11.6/admin/settings/schedule.md) – + Configure the Default Scheduled Service Account for scheduling Enterprise Auditor job execution, + if not configured via the initial configuration wizard +- [Notification](/docs/accessanalyzer/11.6/admin/settings/notification.md) + – Configure an SMTP server for Enterprise Auditor to use for sending email notifications + +The other global Settings provide additional options for impacting how Enterprise Auditor functions: + +- [Access](/docs/accessanalyzer/11.6/admin/settings/access/overview.md) + – Enable and configure Role Based Access for a least privileged application of Enterprise Auditor + and report viewing or the enable the REST API + + **NOTE:** If Role Based Access is enabled by accident, contact + [Netwrix Support](https://www.netwrix.com/support.html) for assistance in disabling it. + +- [Application](/docs/accessanalyzer/11.6/admin/settings/application/overview.md) + – Configure additional settings not included in the other nodes +- [Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) – + Configure Microsoft® Exchange Server connections + +**CAUTION:** Do not configure data retention at the global level without ensuring History is +supported by ALL solutions to be run. + +- [History](/docs/accessanalyzer/11.6/admin/settings/history.md) – + Configure data retention and log retention settings +- [Host Discovery](/docs/accessanalyzer/11.6/admin/settings/hostdiscovery.md) + – Configure Host Discovery task settings +- [Host Inventory](/docs/accessanalyzer/11.6/admin/settings/hostinventory.md) + – Configure Host Inventory settings +- [Reporting](/docs/accessanalyzer/11.6/admin/settings/reporting.md) + – Configure reporting options, if necessary +- [Sensitive Data](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md) + – Flag false positive within discovered potential sensitive data files +- [ServiceNow](/docs/accessanalyzer/11.6/admin/settings/servicenow.md) + – Configure the ServiceNow Action Module authentication credentials +- [Storage](/docs/accessanalyzer/11.6/admin/settings/storage/overview.md) + – Configure additional SQL Server database Storage Profiles + +See the +[Global Settings](/docs/accessanalyzer/11.6/admin/settings/overview.md) +topic for additional information. + +## Discover Hosts for Enterprise Auditor + +Within the terminology of Enterprise Auditor, hosts are the machines being targeted during data +collection. Hosts can be discovered or manually introduced to Enterprise Auditor. Known hosts are +then inventoried to populate dynamic host lists. Host discovery is done at the Host Discovery  node. +Hosts are manually introduced at the Host Management node. + +Host management consists of maintaining up-to-date host inventories and host lists which can be +assigned to job groups or jobs as targeted hosts. See the +[Host Management](/docs/accessanalyzer/11.6/admin/hostmanagement/overview.md) +topic for additional information. + +## Enterprise Auditor Job Workflow + +Once the global Settings are configured and hosts have been introduced to Enterprise Auditor, it is +time to begin auditing. This requires an understanding of the relationship between solutions, job +groups, jobs, queries, analysis, actions, and reports. + +The Enterprise Auditor job is the fundamental unit. Jobs are responsible for all data collection +queries, analysis tasks, notification tasks, action tasks, and report generation. When Jobs are +designed to work together, they are housed within job groups to control the order of job execution. +Solutions are pre-configured job groups which have been designed to target specific types of +environments to audit for specific data sets, typically the most common types of information +desired. + +See the [Jobs Tree](/docs/accessanalyzer/11.6/admin/jobs/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/index.md b/docs/accessanalyzer/11.6/index.md index 79d714f930..808d1508b6 100644 --- a/docs/accessanalyzer/11.6/index.md +++ b/docs/accessanalyzer/11.6/index.md @@ -1,25 +1 @@ -# Netwrix Access Analyzer 11.6 - -> **Complete visibility and control over who has access to what** - -Netwrix Access Analyzer provides comprehensive visibility into access rights and permissions across your entire IT infrastructure. Quickly identify excessive permissions, validate access changes, and ensure compliance with security policies. - -## Key Features - -- **Access Intelligence** — Discover who has access to critical data and systems -- **Permission Analysis** — Identify and remediate excessive or inappropriate permissions -- **Access Certification** — Streamline periodic access reviews and recertification -- **Compliance Reporting** — Demonstrate compliance with automated access reports - -## Benefits - -- Reduce security risks by identifying and removing excessive permissions -- Accelerate access reviews and certification processes -- Ensure compliance with regulatory requirements -- Prevent unauthorized access to sensitive data - -```mdx-code-block -import DocCardList from '@theme/DocCardList'; - - -``` +# Enterprise Auditor 11.6 diff --git a/docs/accessanalyzer/11.6/install/application/database.md b/docs/accessanalyzer/11.6/install/application/database.md new file mode 100644 index 0000000000..4a169595d4 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/database.md @@ -0,0 +1,224 @@ +# Enterprise Auditor Database + +The Enterprise Auditor database is dynamic in nature. There are a handful of required system tables +which are created at installation time or when individual features are used the first time. All +other data tables in the Enterprise Auditor database are created and bound to individual jobs which +are added to the Enterprise Auditor Console. As jobs are created and modified, corresponding tables +are created and modified in the database. A job can generate one or more tables. + +The structure and schema of each data table is controlled by the Enterprise Auditor data collector +used to collect data and write results to the table. There is a one-to-one relationship between a +task created within a Enterprise Auditor job and the table to which the task writes results. +Creating tasks or adding and removing properties within a task modifies the schema of the table on +subsequent execution of the job. + +Enterprise Auditor offers users the ability to modify its preconfigured jobs or create custom jobs +and tasks as needed. Therefore, precise schema information for data tables cannot be predicted, +restricted, or locked down. + +## Database Permissions + +The account configured in the storage profile to be used by Enterprise Auditor to access the +database should have the necessary rights to Add, Alter, Create, Drop, Select, and Update. These +rights are critical to normal Enterprise Auditor operations and functionality. + +**_RECOMMENDED:_** The account used by Enterprise Auditor should have database owner (DBO) level +access to the database. + +If database owner rights cannot be obtained, the following SQL script can be executed by a database +administrator (DBA) against the Enterprise Auditor database to grant the necessary permissions to +the appropriate users (replacing `` and `` with the appropriate values): + +``` +USE [master]GRANT VIEW ANY DEFINITION TO [] +GO +USE [] +GO +EXEC sp_addrolemember 'db_datareader', '' +GO +EXEC sp_addrolemember 'db_datawriter', '' +GO +GRANT CREATE TABLE TO [] +GO +GRANT CREATE VIEW TO [] +GO +GRANT CREATE PROCEDURE TO [] +GO +GRANT CREATE FUNCTION TO [] +GO +GRANT CREATE TYPE TO [] +GO +GRANT REFERENCES ON SCHEMA::dbo TO [] +GO +GRANT ALTER ON SCHEMA::dbo TO [] +GO +GRANT EXECUTE ON SCHEMA::dbo TO [] +GO +GRANT INSERT ON SCHEMA::dbo TO [] +GO +GRANT UPDATE ON SCHEMA::dbo TO [] +GO +Alter User [] with DEFAULT_SCHEMA = dbo +``` + +## Database Sizing + +SQL Server storage considerations vary. As Enterprise Auditor is a highly customizable auditing +platform, variables such as query scope, the number of hosts, frequency, historical retention, and +reporting needs are a few of the factors which affect the database resource consumption by +Enterprise Auditor. + +- Query Scope – Amount of data configured to be returned from each query (queries are dynamic and + can be configured to return one row per host or tens of thousands) +- Number of Hosts – Number of hosts targeted for auditing objectives +- Frequency – How often jobs are run +- Historical Retention – Amount of collected data to be retained in source data tables based on a + user-configured time frame +- Reporting Needs – Anticipated data needed to generate reports + +Recommended SQL Server database sizes are provided for specific solutions in the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topics. These recommendations are based on environmental factors, the number of target objects +within an environment (users, hosts, mailboxes, etc.), and the applicable factors listed above for +the specific solution. + +### Customer Examples of Database Sizing + +The overall database size is ultimately governed by an organization’s auditing objectives. The +examples below provide a glimpse into how these objectives combine with the applicable factors above +to impact the Enterprise Auditor database resource consumption. + +- Example from an Active Directory Solution Customer + - An Active Directory (AD) customer intends to collect AD User/Group/Membership information and + run the standard Active Directory Solution within their environment. In an environment of + 50,000 Users and 200,000 Groups, the database can be 50 GB in size. The expansion of group + information can also require 20 GB of TEMPDB space. +- Example from a Data Access Governance Solution Customer + - A Data Access Governance customer using the File System Solution intends to collect and report + on file system permissions, and optionally to profile size, age, extensions, and ownership of + files in the organization. The database for a typical mid-sized organization could be anywhere + from 60 GB to upward of 240 GB, depending on the number of folders scanned, which can vary + greatly in depth and width. Electing to collect content-related information will also impact + database size. +- Another Example from a Data Access Governance Solution Customer + - A Data Access Governance customer using the File System Solution intends to inventory 1.3 PB + of files spread across 600+ standalone (non-clustered) Windows file servers, collecting + information on file permissions and ages (and possibly, ad hoc, information on file system + activity) with an overall plan to identify stale data, consolidate active data on a subset of + the organization’s file system infrastructure, and to move that active data to a cloud-based + platform like SharePoint Online. Activity monitoring (FSAC) is to be used ad hoc against open + shares to profile resource ownership and also to validate the “staleness” of certain + resources. The database sizing for a project of this scope could be up to 750 GB for the + database, 240 GB for the transaction log, and 380 GB of TEMPDB space. +- Example from an Exchange Solution Customer + - An Exchange customer only intends to collect Mail-Flow Metrics for 100,000 Mailboxes from 10 + HUB Servers in the organization. However, the customer would like to keep six months of + history on User to User Activity sent internally and externally, as well as one year of Server + and User Volume Traffic. This database can grow to around 320 GB. +- Example from a Windows Solution Customer + - A Windows customer intends to audit and retain Success and Failed login events for five member + servers retaining the data for twelve months within their environment. The database can be 100 + GB in size. + +## Securing the Enterprise Auditor Database + +The typical database configuration is to have **sysadmin Server Role** assigned to the ID used to +connect to the SQL instance. It will allow full control over the instance where the Enterprise +Auditor database resides. This configuration is chosen because Enterprise Auditor requires some +interaction with the master database in order to install and configure the initial Enterprise +Auditor database. When it is necessary to secure the Enterprise Auditor database, the following +steps should be followed to achieve the minimum SQL security levels without breaking core Enterprise +Auditor functionality. + +### Database Creation & First Level of Security + +Use SQL Server Management Studio to create the Enterprise Auditor database and configure the +settings for the server roles and user mappings. + +![SQL Server Management Studio create New Database](/img/product_docs/accessanalyzer/11.6/install/application/createnewdatabase.webp) + +**Step 1 –** Create a new database for use with Enterprise Auditor. Right-click on the **Databases** +node and choose **New Database**. + +![SQL Server Management Studio New Database window](/img/product_docs/accessanalyzer/11.6/install/application/newdatabase.webp) + +**Step 2 –** Set the **Database name**. Set any other desired data files configuration per company +standards. Click **OK** on the New Database window. + +**_RECOMMENDED:_** Enter Enterprise Auditor as the Database name. + +![SQL Server Management Studio create New Login](/img/product_docs/accessanalyzer/11.6/install/application/newlogin.webp) + +**Step 3 –** Create a new SQL Login account by right-clicking on the **Security** > **Logins** +folder and selecting **New Login**. + +**Step 4 –** Choose the authentication mode as the login type for use with the newly created +Enterprise Auditor database. The available options are Windows authentication and SQL Server +authentication. + +![SQL Server Management Studio new login with Windows authentication](/img/product_docs/accessanalyzer/11.6/install/application/loginwindows.webp) + +- If **Windows authentication** is desired, then click **Search** and select the desired Windows + account, which has been set up for use with Enterprise Auditor. + +![SQL Server Management Studio new login with SQL Server authentication](/img/product_docs/accessanalyzer/11.6/install/application/loginsql.webp) + +- **_RECOMMENDED:_** If **SQL Server authentication** is desired, use a login name called Enterprise + Auditor. + +**NOTE:** Set the **Default Database** as Enterprise Auditor (or the desired Enterprise Auditor +database) and choose English as the **Default Language**. + +![SQL Server Management Studio New Login User Mapping](/img/product_docs/accessanalyzer/11.6/install/application/loginusermapping.webp) + +**Step 5 –** Navigate to the **User Mapping** menu, select the Enterprise Auditor (or the desired +Enterprise Auditor database) database, and set the **Default Schema** to **DBO**. + +**Step 6 –** In the **Database role membership** section, set the role to **db_owner**. Click **OK** +to save new user configuration information and continue on to configure the Enterprise Auditor +Console. + +**Step 7 –** Configure the Enterprise Auditor Console to access the assigned database using the +newly secured login account. + +**NOTE:** This step requires the completion of the Enterprise Auditor installation. See the +[Enterprise Auditor Core Installation](/docs/accessanalyzer/11.6/install/application/wizard.md) +topic for instructions. + +![Storage Profile configuration page](/img/product_docs/accessanalyzer/11.6/install/application/storageprofile.webp) + +**Step 8 –** Launch Enterprise Auditor and navigate to **Settings** > **Storage**. + +- Select the Storage Profile and enter the name of the SQL Server in the **Server name** field and + **Instance Name**, if applicable. +- Enter the name of the Enterprise Auditor database in the **Use existing database** field. +- Choose the authentication method which matches the secure login that was created in Step 4, either + **Windows authentication** or **SQL Server authentication**. If using SQL Server authentication, + enter the **User name** and **Password**. + +![Connection report window](/img/product_docs/accessanalyzer/11.6/install/application/connectionreport.webp) + +- Click **Apply** and a Connection report window will open. Verify that the connection and test + table drop were performed successfully. +- Click **Close** on the Connection report window and then **Save** the new Storage Profile. + +![Change storage profile dialog](/img/product_docs/accessanalyzer/11.6/install/application/changestorageprofile.webp) + +**NOTE:** If previously connected to another database which already had the Enterprise Auditor DB +schema applied, then a prompt should appear to merge the host management data. Choose the +appropriate options and then click **OK** to migrate data. + +**Step 9 –** Make sure to close and re-open the Enterprise Auditor Console before continuing to +configure or use Enterprise Auditor if a new database Storage Profile was chosen as the default. + +The **blue arrow** signifies the default profile was changed but does not take effect until the +required restart of the Enterprise Auditor Console. + +See the +[Enterprise Auditor Initial Configuration](/docs/accessanalyzer/11.6/install/application/firstlaunch.md) +topic to perform these steps during the initial configuration process after installation. + +### Second Level of Security + +For second level security of the SQL Server database, use the script provided in the +[Database Permissions](#database-permissions) section. diff --git a/docs/accessanalyzer/11.6/install/application/firstlaunch.md b/docs/accessanalyzer/11.6/install/application/firstlaunch.md new file mode 100644 index 0000000000..7b7651c12f --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/firstlaunch.md @@ -0,0 +1,124 @@ +# Enterprise Auditor Initial Configuration + +Once the Enterprise Auditor installation process is complete, and before performing actions within +Enterprise Auditor, the initial settings for the Enterprise Auditor Console must be configured. + +![Newrix Access Governance shortcut](/img/product_docs/accessanalyzer/11.6/install/application/shortcut.webp) + +**Step 1 –** Launch the Enterprise Auditor application. The installation wizard places the +Enterprise Auditor icon on the desktop. + +![Configuration Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +**Step 2 –** On the Welcome page of the Enterprise Auditor Configuration Wizard, click **Next** to +continue. + +![Configuration Wizard Version Selection page](/img/product_docs/accessanalyzer/11.6/install/application/versionselection.webp) + +**Step 3 –** On the Version Selection page, select the **I have no previous versions to migrate data +from** and click **Next** to continue. + +**NOTE:** If you are upgrading from a previous version of Enterprise Auditor, select **Choose a +StealthAUDIT root folder path to copy from**. See the +[Enterprise Auditor Console Upgrade](/docs/accessanalyzer/11.6/install/application/upgrade/overview.md) +topic for additional information. + +![SQL Server Settings page](/img/product_docs/accessanalyzer/11.6/install/application/sqlserver.webp) + +**Step 4 –** Configure the options on the SQL Server Settings page. + +- Server name – Enter the database server host name (NetBIOS name, FQDN, or IP Address) +- Instance name – If the SQL Server is configured to use an instance name, provide the instance name + in the text box. If not, leave this text box blank. + + - To change the instance port number, provide the instance name in the format + `,`. For example, if using the default **MSSQLSERVER** instance and port + **12345**, the instance name should be entered as `MSSQLSERVER,12345`. + +- Command timeout [number] minutes – Number of minutes before Enterprise Auditor halts any SQL + queries running for that amount of time. This prevents SQL queries from running excessively long. + The default is 1440 minutes. +- Windows authentication – Leverages the account used to open the Enterprise Auditor Console. This + option will use Windows NT Authentication to authenticate to the SQL Server. It also requires the + Schedule Service Account to have proper permissions on the SQL database. +- SQL Server authentication – Leverages an account created within the SQL Server. + + - User name and password – If SQL Server authentication is selected, provide the **User name** + and **Password** for the SQL account. + - Specify a new password below – Specify a new password for the SQL server. + +- Use existing database – Confirm the SQL Server connection has been established by selecting the + radio button for **Use existing database** and clicking the drop-down arrow. If a listing of + databases appears, then the connection has been established. Select this option to use a + pre-existing database. Then select a database from the drop-down menu of available databases. +- Create new database – Select this option to create a new database during the configuration of the + storage profile. Enter a unique, descriptive name for the new database. If multiple databases + might exist for Enterprise Auditor, then the default name of Enterprise Auditor is not + recommended. + +See the +[Securing the Enterprise Auditor Database](/docs/accessanalyzer/11.6/install/application/database.md#securing-the-enterprise-auditor-database) +topic for additional information on creating a SQL Server database for Enterprise Auditor. + +**Step 5 –** Click **Next**. + +- If SQL Server authentication is used, the Options page is displayed next. Skip to Step 7. +- If Windows Server authentication is used, the **Schedule Account** page is enabled for + configuration. Continue to Step 6. + +![Schedule Account Configuration page](/img/product_docs/accessanalyzer/11.6/install/application/scheduleaccount.webp) + +**Step 6 –** (Windows Authentication Only) Configure the schedule service account on the Scheduling +page. The account configured here must be an Active Directory account and must have rights to the +Enterprise Auditor Console server’s local Task folders as well as sufficient rights to the +Enterprise Auditor database. + +There are two options that can be selected: + +- Skip this step, I will configure a schedule service account later – Select this radio button to + skip this step and configure the schedule service account later +- Use the following service for account – Select this radio button to configure the schedule service + account and enter the following information: + + - Domain – The domain for the service account + - User name – The user name for the service account + - Password – The password for the service account + - Confirm – Re-enter the password for the service account + +![Configuration wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +**Step 7 –** On the Options page, select whether to send usage statistics to Netwrix to help us +improve our product. After the Usage Statistics option is set as desired, click **Next** to +continue. + +- If selected, usage statistics are collected and sent to Netwrix + + - Upon startup of the Enterprise Auditor console, the system checks if usage statistics have + been sent in the last 7 days. If they have not been, stored procedures run against the + Enterprise Auditor database and gather data about job runs, access times, and environmental + details like resource counts, users counts, number of exceptions, and so on. This data is then + sent back to Netwrix to help us identify usage trends and common pain points, so that we can + use this information to improve the product. + - Only anonymous statistic-level data is included. No private company or personal data is + collected or sent to Netwrix. + +- If cleared, no usage statistics are collected or sent to Netwrix + +![Progress page when upgrade process has completed](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) + +**Step 8 –** After the Enterprise Auditor Configuration Wizard finishes configuring your +installation, click **Finish** to open the Enterprise Auditor Console. + +**NOTE:** To view the log for the setup process, click **View Log** to open it. If you need to view +the log after exiting the wizard, it is located in the installation directory at +`..\STEALTHbits\StealthAUDIT\SADatabase\Logs`. See the +[Troubleshooting](/docs/accessanalyzer/11.6/admin/maintenance/troubleshooting.md) +topic for more information about logs. + +![Netwrix Acces Governance Settings Node](/img/product_docs/accessanalyzer/11.6/install/application/settingsnode.webp) + +The Enterprise Auditor Console is now ready for custom configuration and use. There are a few +additional steps to complete in order to begin collecting data, such as configuring a Connection +Profile and a Schedule Service account as well as discovering hosts and setting up host lists. See +the [Getting Started](/docs/accessanalyzer/11.6/gettingstarted.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/install/application/otherlanguages.md b/docs/accessanalyzer/11.6/install/application/otherlanguages.md new file mode 100644 index 0000000000..5f0b2ade27 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/otherlanguages.md @@ -0,0 +1,142 @@ +# Non-English Language Environments + +There are specific SQL Server requirements when installing Enterprise Auditor in a non-English +Language environment, specifically when the environment uses a non-Latin alphabet. + +## Requirements + +The following collation requirements need to be met prior to the Enterprise Auditor installation. + +### Database & Server Collation Settings + +The collation settings at the database level must match what is set at the server level. + +Symptoms + +Common errors that occur are: + +- Implicit conversion of VARCHAR value to VARCHAR cannot be performed because the collation of the + value is unresolved due to a collation conflict. + - Could not find stored procedure `#SA_ImportObject` + - Cannot drop the procedure `#SA_ImportObject`, because it does not exist or lack of permission +- Cannot resolve the collation conflict between **SQL_Latin1_General_CP1_CI_AS** and + **French_CI_AS** in the equal to operation. + +Cause + +These errors occur because the Enterprise Auditor solutions use many temporary functions and +procedures which in turn use the collation at the server level. Temporary tables created within a +stored procedure use the TEMPDB database’s collation instead of the current user database’s +collation. Therefore, there will be issues in analysis due to the mismatch. + +Resolution + +The following is a work-around which we use to avoid collation errors. However, when making changes +at the SQL Server level, use caution as it actually rebuilds all user/system database objects. If +there are schema bound objects (i.e. Constraints), the whole operation will fail. Make sure to have +all of the information or scripts needed to recreate the Enterprise Auditor user’s databases and all +of the objects in them. Customers should use a localized version of the SQL Server, and this should +not be done in production environments. + +#### Change Collation at the Database Level + +Follow the steps to change the collation at the database level. + +**Step 1 –** Access the Database Properties in SQL Server Management Studio. + +![SQL Server Management Studio Database Properties window](/img/product_docs/accessanalyzer/11.6/install/application/databasepropertiescollation.webp) + +**Step 2 –** Select **Options** and set the collation. + +Now that the collations match, proceed with Enterprise Auditor installation. + +#### Change Collation at the SQL Server Level + +Follow the steps to change the collation at the SQL Server level. + +![SQL Server Configuration Manager](/img/product_docs/accessanalyzer/11.6/install/application/sqlserverconfigurationmanager.webp) + +**Step 1 –** Stop the SQL Server service from the Configuration Manager. + +**Step 2 –** Open CMD console as Administrator, and go to the following path (or the path where the +binary files are): + +``` +…\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn   +``` + +**Step 3 –** Execute the following command (or whichever collation is needed): + +``` +sqlservr.exe  -m -T4022 -T3659 -q "French _CS_AS" +``` + +See the Microsoft +[Collation and Unicode support](https://learn.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support) +article for collation matches. + +**Step 4 –** Wait until it finishes and start the SQL Server service again. + +Now that the collations match, proceed with Enterprise Auditor installation. + +### Case Sensitive Collation + +Enterprise Auditor does not support case sensitive collation settings. Case insensitive collations +are notated by having **CI** in the collation, for example **Latin1_General_CI_AS**. + +Cause + +For example, `SYS.INDEXES` will be unable to be found if there was an English install of SQL Server +but a Turkish collation which is case sensitive. So `'SYS.INDEXES != 'sys.indexes' `in the +environment. + +Resolution + +All collation settings must be case insensitive. + +## Troubleshooting + +The following are possible problems for future consideration. + +During comparison or joining of columns, collation conflict error occurs in two cases if collation +of one column does not match with collation of another column: + +This can be generated by the following script: + +``` +CREATE TABLE TestTab +(PrimaryKey int PRIMARY KEY, +CharCol char(10) COLLATE French_CI_AS, +CharCol2 char(10) COLLATE greek_ci_as +) +INSERT INTO TestTab VALUES (1, 'abc', 'abc')  +SELECT * FROM TestTab WHERE CharCol = CharCol2 +``` + +- Error Returned – Cannot resolve the collation conflict between **Greek_CI_AS** and + **French_CI_AS** in the equal to operation. +- Resolution – If the select statement is changed as below, then it would run successfully. + + ``` + SELECT * FROM TestTab WHERE CharCol = CharCol2 COLLATE Albanian_CI_AI + ``` + +**NOTE:** Explicit collation (Albanian_CI_AI) is not one of any column, but after that it will +complete successfully. The collation of two columns have not been matched, instead the third rule of +collation precedence was implemented. See the Microsoft +[Collation Precedence](https://learn.microsoft.com/en-us/sql/t-sql/statements/collation-precedence-transact-sql) +article for additional information. + +### Resources + +The following articles may be of assistance: + +- Microsoft + [Collation and Unicode support](https://learn.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support) + article +- Microsoft + [Collation Precedence](https://learn.microsoft.com/en-us/sql/t-sql/statements/collation-precedence-transact-sql) + article +- Microsoft + [Set or change the server collation](https://learn.microsoft.com/en-us/sql/relational-databases/collations/set-or-change-the-server-collation) + article diff --git a/docs/accessanalyzer/11.6/install/application/overview.md b/docs/accessanalyzer/11.6/install/application/overview.md new file mode 100644 index 0000000000..9575079ff1 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/overview.md @@ -0,0 +1,84 @@ +# Installation & Configuration Overview + +This section provides instructions for installing Enterprise Auditor and the initial configuration +required when first launching the Enterprise Auditor Console. It also includes additional +information, such as how to secure the Enterprise Auditor Database, and configuring the Web Console +for viewing reports outside of the Enterprise Auditor Console. + +Prior to installing Enterprise Auditor, please ensure that all of the prerequisites have been met. +See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for more information. + +## Binaries + +There are a variety of Enterprise Auditor binaries based on the organizational auditing objectives. +Your Netwrix Representative will provide the appropriate binaries. + +- Enterprise Auditor binary – Core installation package + + - Includes data collectors, analysis modules, and action modules + - An organization’s license key, needed during installation, controls which components are laid + down during installation + - Installs the Web Console + +- File System Proxy binary – Installation package for the File System Proxy Scanning option + + - See the + [File System Proxy Service Installation](/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md) + topic for additional information. + +- Activity Monitor binary – Installation package for monitoring Windows and NAS device file system + activity + + - See the Installation topic of the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for additional information. + +- Sensitive Data Discovery Add-on binary – Installation package for File System and/or SharePoint + Sensitive Data Discovery Add-on + + - See the + [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) + topic for additional information. + +- SharePoint Agent binary – Installation package for the SharePoint Agent (optional for Access + Auditing of SharePoint farms) + + - See the + [SharePoint Agent Installation](/docs/accessanalyzer/11.6/install/sharepointagent/overview.md) + topic for additional information. + +- Enterprise Auditor MAPI CDO binary – One of two installation package needed to enable the Exchange + Solution + + - See the + [StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md) + topic for additional information. + +- Enterprise Auditor Reporting Services binary – Installation package for Survey Action Module + Reporting Service +- Netwrix Access Information Center binary – Installation package for the Netwrix Access Information + Center + + - Customers who are logged in to the Netwrix Customer Portal can download the latest version of + their software products from the My Products page: + [https://www.netwrix.com/my_products.html](https://www.netwrix.com/my_products.html). See the + [Customer Portal Access](https://helpcenter.netwrix.com/bundle/NetwrixCustomerPortalAccess/page/Customer_Portal_Access.html) + topic for information on how to register for a Customer Portal account. + - See the + [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) + for additional information. + +## License Key + +Your Netwrix Representative will provide the necessary license key. The Enterprise Auditor license +key (`StealthAUDIT.lic`) is needed for the Enterprise Auditor Core Installation. See the +[Enterprise Auditor Core Installation](/docs/accessanalyzer/11.6/install/application/wizard.md) +topic for additional information. + +To grant access to additional Solution sets in an existing Enterprise Auditor installation, a new +license key is required. To update the Enterprise Auditor license key without installing a new +version of the Enterprise Auditor Console, see the +[Update License Key](/docs/accessanalyzer/11.6/install/application/updatelicense.md) +topic for instructions. diff --git a/docs/accessanalyzer/11.6/install/application/reports/adfs.md b/docs/accessanalyzer/11.6/install/application/reports/adfs.md new file mode 100644 index 0000000000..1ae64f68ca --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/reports/adfs.md @@ -0,0 +1,130 @@ +# Configuring the Web Console to use ADFS + +The Enterprise Auditor Webserver and Access Information Center are able to support Single-Sign-On +(SSO) leveraging WSFederation with SAML tokens. This guide contains steps for implementing SSO using +Active Directory Federation Services (ADFS). + +Follow the steps to configure the Web Console to use ADFS authentication: + +**NOTE:** A certificate from the ADFS server is required. Confer with a PKI administrator to +determine which certificate method will conform to the organization's security policies. + +**Step 1 –** Import the certificate for the ADFS server onto the hosting server using the +Certificate Management MMC snap-in. + +- If used, self-signed certificates will also need to be imported + +**Step 2 –** On the ADFS server, open **AD FS Management**. + +**Step 3 –** Navigate to **Relying Party Trusts** and click **Add Relying Part Trust...**. Use the +Add Relying Party Trust Wizard to configure the relying party trust: + +- On the Welcome page, select **Claims aware** and click **Start**. +- On the Select Data Source page, select **Enter data about the relying party manually** and click + **Next**. +- On the Specify Display Name page, enter a display name for the relying party trust. Click + **Next**. +- On the Configure URL page, do not select any options and click **Next**. + + ![Identifier added on the Configure Identifiers page](/img/product_docs/accessanalyzer/11.6/install/application/reports/relyingpartytrustwizardidentifier.webp) + +- On the Configure Identifiers page, add an identifier of `https://` followed by the fully qualified + domain name (FQDN) of your ADFS server. + + - For example, `https://app0290.train90.local` + +- Click **Next** to proceed through the remaining wizard pages and complete the wizard. + +![Add an Endpoint window](/img/product_docs/accessanalyzer/11.6/install/application/reports/addanendpointwindow.webp) + +**Step 4 –** Double-click on the newly added relying party trust to open it's Properties window. +Navigate to the Endpoints tab and click **Add WS-Federation**. On the Add an Endpoint window, add +`https://:/federation` as the Trusted URL, then click **OK**. + +- For example, `https://app0190.train90.local:8082/federation` + +Click **OK** to save the changes and close the properties window. + +**Step 5 –** Select the relying party trust, and click **Edit Claim Issuance Policy** on the +right-hand panel. + +- On the Edit Claim Issuance Policy window, click **Add Rule**. +- On the Choose Rule Type page of the Add Transform Claim Rule Wizard, select **Send LDAP Attributes + as Claims** as the Claim rule template. Click **Next**. + + ![Configure Claim Rule page](/img/product_docs/accessanalyzer/11.6/install/application/reports/claimrulenameadfsconfig.webp) + +- On the Configure Claim Rule page, enter a name in the **Claim rule name** field. + +If the SID claim is not configured by default, add it to the Claim Description as follows: + +![Configure Claim Rule SID Properties](/img/product_docs/accessanalyzer/11.6/install/application/reports/claimrulenamesidproperties.webp) + +**Step 6 –** Navigate to the Enterprise Auditor installation directory and open the +`WebServer.exe.config` file in a text editor. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigadfs.webp) + +**Step 7 –** In the `WebServer.exe.config` file, change the following parameters: + +- `WsFederationMetadata` – Change the value to the following: + + ``` + + ``` + +- `WsFederationRealm` – Replace the value text with the URL entered for the Relying Party Trust in + Step 3: + + ``` + + ``` + + ![URL required for WsFederationRealm attribute](/img/product_docs/accessanalyzer/11.6/install/application/reports/wsfederationrealmurl.webp) + + You can retrieve the URL value from the Identifiers tab of the relying party trust properties + window. + +- `WsFederationReply` – Replace the value text with the Trusted URL entered for the Endpoint in Step + 4: + + ``` + + ``` + + ![URL required for WsFederationReply attribute](/img/product_docs/accessanalyzer/11.6/install/application/reports/wsfederationreplyurl.webp) + + You can obtain the URL required for this parameter from the Endpoints tab of the relying party + trust properties window. Select the endpoint and click **Edit** to open the Edit Endpoint + window. + +The following is an example of how the parameters should look when configured in the config file: + +``` + +  +  +``` + +**Step 8 –** Save the changes in the `WebServer.exe.config` file. + +**Step 9 –** Navigate to Services (`services.msc`). Restart the **Enterprise Auditor Web Server** +service. + +ADFS authentication is now enabled for Enterprise Auditor. + +## Update the Published Reports URL for ADFS + +If ADFS does not accept `http://localhost:8082/` as an acceptable path, the path will need to be +updated in the Published Reports properties window. Follow the steps to configure the Published +Reports URL for ADFS: + +**Step 1 –** Right-click the Published Reports shortcut on the desktop and select **Properties**. + +![Published Reports desktop shortcut properties](/img/product_docs/accessanalyzer/11.6/install/application/reports/publishedreportsproperties.webp) + +**Step 2 –** Replace the URL with `https://SAWebConsole.domain.com:8082`. + +**Step 3 –** Click **Apply**. Exit the window. + +The Published Reports URL is now configured for ADFS. diff --git a/docs/accessanalyzer/11.6/install/application/reports/disclaimer.md b/docs/accessanalyzer/11.6/install/application/reports/disclaimer.md new file mode 100644 index 0000000000..9ffd937d25 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/reports/disclaimer.md @@ -0,0 +1,46 @@ +# Configuring Login Page Disclaimer + +Users can add a disclaimer message to the logon screen by adding a custom `Disclaimer.txt` file in +the Web folder in the Enterprise Auditor directory and configuring the `WebServer.exe.config` file. +Follow the steps to configure the optional disclaimer message: + +**Step 1 –** Navigate to the Web folder of the installation directory: +` …\STEALTHbits\StealthAUDIT\Web`. + +![Disclaimer.txt file added to the Web folder](/img/product_docs/accessanalyzer/11.6/install/application/reports/disclaimertxt.webp) + +**Step 2 –** Create a `Disclaimer.txt` file in the Web folder. Write a custom disclaimer that +displays on the login page for the Web Console. + +- The text file must be named `Disclaimer.txt`. The disclaimer message option is not configured + properly if using a text file with a different name. + +![File Explorer WebServer.exe.config](/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigfile.webp) + +**Step 3 –** Locate the `WebServer.exe.config` file and open it. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigdisclaimer.webp) + +**Step 4 –** Find the following line in the text: + +``` + +``` + +**Step 5 –** Replace the value with `true` so that the line now reads as: + +``` + +``` + +**Step 6 –** Save the changes to enable the disclaimer message on the Web Console login page. + +![Web Console login page with disclaimer message](/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolelogindisclaimer.webp) + +**Step 7 –** To check if the disclaimer message was configured correctly, open the Web Console to +access the login page. + +- If the disclaimer is configured correctly, the custom disclaimer message displays at the bottom of + the login page. + +The disclaimer message displays on the Web Console login page. diff --git a/docs/accessanalyzer/11.6/install/application/reports/domains.md b/docs/accessanalyzer/11.6/install/application/reports/domains.md new file mode 100644 index 0000000000..5e89cf8dd3 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/reports/domains.md @@ -0,0 +1,40 @@ +# Enable Multiple Domain Access + +When the `AuthenticationDomains` parameter in the **WebServer.exe.config** file is blank, only +domain users from the domain where the Enterprise Auditor Console resides can access the Web +Console. Access can be granted from other domains when specified within this parameter. + +**NOTE:** Once another domain is added, then it is necessary to also add the domain where the +Enterprise Auditor Console resides. + +All domains provided or enumerated must have a trust relationship with the domain where Enterprise +Auditor resides. Follow the steps to allow access to the Web Console from other domains. + +**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is +located within the Web folder of the Enterprise Auditor installation directory. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigmultipledomains.webp) + +**Step 2 –** Add the desired domains to the value for the `AuthenticationDomains` parameter: + +``` + +``` + +Use domain name in a comma-separated list. For example: + +``` + +``` + +**Step 3 –** Save and close the file. + +**Step 4 –** Navigate to Services (`services.msc`). Restart the Enterprise Auditor Web Server +service. + +The Web Console can now be accessed from multiple domains. + +**NOTE:** In order for the AIC to be accessed from these domains, this must also be configured for +the AIC. See the Multiple Domains topic in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. diff --git a/docs/accessanalyzer/11.6/install/application/reports/entraidsso.md b/docs/accessanalyzer/11.6/install/application/reports/entraidsso.md new file mode 100644 index 0000000000..35f0e88e5f --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/reports/entraidsso.md @@ -0,0 +1,116 @@ +# Microsoft Entra ID Single Sign-On + +Microsoft Entra ID Single Sign-On (SSO) can be configured for logging in to the Web Console to view +reports. When configured, users accessing the Web Console are directed to the Microsoft Entra +ID login page, and can log in using their existing Entra credentials. + +The following is required to use Microsoft Entra ID SSO: + +- SSL must be enabled +- The on-premise Active Directory must be synced with Microsoft Entra ID + +To enable Microsoft Entra ID SSO, you must first create a registered application in Microsoft Entra +ID, and then configure the Web Console to use it. + +## Configure an Application in Microsoft Entra ID + +An application must be registered for the Web Console with your Microsoft Entra ID tenant and be +configured with the necessary single sign-on settings. Follow the steps to create and configure the +application. + +**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** > **Enterprise +Applications**. On the top toolbar, click App registrations and then **Create your own +application**. + +**Step 3 –** On the Create your own application page, enter a name for your application and select +the **Integrate any other application you don't find in the gallery** option. Click **Create** to +finish creating the application. + +**Step 4 –** In your application, go to **Manage** > **Single sign-on**. Select **SAML** as the +single sign-on method. + +**Step 5 –** On the Set up Single Sign-On with SAML page, click **Edit** on the Basic SAML +Configuration section. Add your Identifier and Reply URL, and then click **Save**. + +- As the Identifier, enter `https://:`, for example: + + ``` + https://app0190.train90.local:8082 + ``` + +- As the Reply URL, enter `https://:/federation`, for example: + + ``` + https://app0190.train90.local:8082/federation + ``` + +**Step 6 –** Next, click **Edit** on the Attributes & Claims section. The four claims in the table +below are required. For each of these, click **Add new claim**, enter the information from the +table, and then click **Save**. + +| Name | Namespace | Source attribute | +| ------------------ | ------------------------------------------------------- | --------------------------------- | +| windowsaccountname | http://schemas.microsoft.com/ws/2008/06/identity/claims | user.onpremisessamaccountname | +| name | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.displayname | +| sid | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.onpremisessecurityidentifier | +| upn | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.onpremisesuserprincipalname | + +Once configured they should show under Additional claims as below: + +![Claims configured](/img/product_docs/accessanalyzer/11.6/install/application/reports/entraidssoclaims.webp) + +**Step 7 –** In the **Manage** > **Users and groups** section for your application, add any required +users or groups to give permission to access the application. + +The application is now configured with the necessary settings. The next step is to enable the use of +Microsoft Entra ID SSO in the web server config file. + +## Enable in the Web Server Config File + +To enable Microsoft Entra ID SSO for the Web Console, the web server config file needs to be updated +with values from Microsoft Entra ID. Follow the steps to enable the SSO. + +_Remember,_ Enabling Entra ID SSO requires SSL to already have been enabled for the web server. See +the +[Securing the Web Console](/docs/accessanalyzer/11.6/install/application/reports/secure.md) +topic for additional information. + +**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is +located within the Web folder of the Enterprise Auditor installation directory. + +![Parameters in the web server config file](/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigfileentrasso.webp) + +**Step 2 –** Locate the **WsFederationMetaData**, **WsFederationRealm**, and **WsFederationReply** +Parameters in the config file, and add the required values from your Microsoft Entra ID application: + +- WsFederationMetaData – Metadata markup for describing the services provided + + - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single + sign-on** > **SAML Certificates** > **App Federation Metadata Url** + +- WsFederationRealm – Maps to the application identifier to Microsoft Entra ID + + - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single + sign-on** > **Basic SAML Configuration** > **Identifier** + +- WsFederationReply – This is the endpoint for the configured relying party trust + + - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single + sign-on** > **Basic SAML Configuration** > **Reply URL** + +For example: + +``` +     +     +     +``` + +**Step 3 –** Save and close the file. + +**Step 4 –** Navigate to Services (`services.msc`). Restart the Netwrix Enterprise Auditor Web +Server service. + +The Web Console has been enabled for Microsoft Entra ID single sign-on. diff --git a/docs/accessanalyzer/11.6/install/application/reports/kerberosencryption.md b/docs/accessanalyzer/11.6/install/application/reports/kerberosencryption.md new file mode 100644 index 0000000000..1c7e5b839e --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/reports/kerberosencryption.md @@ -0,0 +1,102 @@ +# Manage Kerberos Encryption Warning for the Web Console + +If a computer's Local Security Policy, or applicable Group Policy, enforces certain encryption +methods for Kerberos authentication, then the service account running the Enterprise Auditor Web +Server must support the same encryption methods. + +If encryption methods have been configured for Kerberos on the Enterprise Auditor server but not on +the service account running the Enterprise Auditor Web Server service, then users will not be able +to log-in to the Web Console and will receive the below error message. + +![Kerberos Error Message](/img/product_docs/accessanalyzer/11.6/install/application/reports/kerberoserrormessage.webp) + +When this occurs, the following error will be logged: + +_ERROR - Unhandled server error: Nancy.RequestExecutionException: Oh noes! ---> +System.Security.SecurityException: The encryption type requested is not supported by the KDC_. + +This error will be logged in the following location: + +%SAINSTALLDIR%\SADatabase\Logs\Web\service.log + +While it is not required to configure these settings, this section provides the locations and steps +necessary to configure encryption methods in Local and Group policies to allow Kerberos for the +Report Index if an error does occur. + +## Local Security Policies + +Follow the steps to configure a Local Security Policy to allow Kerberos. + +**Step 1 –** Open the Local Security Policy window. + +![Local Security Policy Window](/img/product_docs/accessanalyzer/11.6/install/application/reports/localsecuritypolicywindow.webp) + +**Step 2 –** From the Security Settings list, navigate to **Local Policies** > **Security Options**. + +**Step 3 –** Right-click the **Network Security: Configure encryption types allows for Kerberos** +policy > click **Properties**. + +![Configure Local Security Setting Window](/img/product_docs/accessanalyzer/11.6/install/application/reports/configurelocalsecuritysettingwindow.webp) + +**Step 4 –** Configure necessary settings by checking each applicable box. + +**Step 5 –** Click **Apply**, then click **OK**. + +A Local Security Policy has been configured to allow encryption methods for Kerberos. Proceed to the +[Configure Active Directory Users and Computers Settings to allow Kerberos](#configure-active-directory-users-and-computers-settings-to-allow-kerberos) +section of this topic to ensure Active Directory Users and Computer settings are configured to allow +the encryption methods for Kerberos. + +## Group Security Policy + +Follow the steps to configure a Local Group Security Policy to allow Kerberos. + +**Step 1 –** Open the Local Group Policy Editor window. + +![Local Group Policy Editor window](/img/product_docs/accessanalyzer/11.6/install/application/reports/localgrouppolicywindow.webp) + +**Step 2 –** From the Local Computer Policy list, navigate to **Computer Configuration** > **Windows +Settings** > **Security Settings** > **Local Policies** > **Security Options** folder . + +**Step 3 –** Right-click the **Network Security: Configure encryption types allows for Kerberos** +policy, then click **Properties**. + +![Configure Local Security Setting Window](/img/product_docs/accessanalyzer/11.6/install/application/reports/configurelocalsecuritysettingwindow.webp) + +**Step 4 –** Configure necessary settings by checking each applicable box. + +**Step 5 –** Click **Apply**, then click **OK**. + +A Local Group Security Policy has been configured to allow encryption methods for Kerberos. Proceed +to the +[Configure Active Directory Users and Computers Settings to allow Kerberos](#configure-active-directory-users-and-computers-settings-to-allow-kerberos) +section of this topic to ensure Active Directory Users and Computer settings are configured to allow +the encryption methods for Kerberos. + +## Configure Active Directory Users and Computers Settings to allow Kerberos + +Follow the steps to ensure the settings for Active Directory Users and Computers are configured to +allow the encryption methods to allow Kerberos. Configurations selected in this section should +reflect the configuration options selected in the two sections above. See the +[Local Security Policies](#local-security-policies) and +[Group Security Policy](#group-security-policy) topics for additional information. + +**Step 1 –** Open the Active Directory Users and Computers window. + +![Active Directory Users and Computers Window](/img/product_docs/accessanalyzer/11.6/install/application/reports/activedirectoryusersandcomputerswindows.webp) + +**Step 2 –** Click and expand the Domain from the left-hand menu and click **Users**. + +**Step 3 –** Right-click a **User** from the list of available users, then click **Properties**. + +![User Properties Window](/img/product_docs/accessanalyzer/11.6/install/application/reports/userproperteswindow.webp) + +**Step 4 –** Click the **Account** tab. + +**Step 5 –** Locate the appropriate Account options and check the corresponding boxes. + +**Step 6 –** Click **Apply**, then click **OK**. + +Active Directory Users and Computer settings have been configured to allow the encryption methods +for Kerberos. These settings should match the configuration options for Local Security Policies and +Local Group Policies. diff --git a/docs/accessanalyzer/11.6/install/application/reports/okta.md b/docs/accessanalyzer/11.6/install/application/reports/okta.md new file mode 100644 index 0000000000..77759018d8 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/reports/okta.md @@ -0,0 +1,171 @@ +# Creating an Application and Attributes in Okta + +Create an Enterprise Auditor Application in Okta Using the WS-Fed Template + +Follow the steps to create an Enterprise Auditor Application in Okta Using the WS-Fed Template: + +**Step 1 –** Log in to Okta. + +**Step 2 –** In the left-pane menu, expand **Applications** and then click **Applications**. + +**Step 3 –** Click **Create App Integration**. + +![Okta Browse App Integration Catalog](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktawsfedtemplate.webp) + +**Step 4 –** Browse the App Integration Catalog and select **Template WS-Fed**. + +**Step 5 –** Click **Create**. Name the application Enterprise Auditor. + +Retrieve the Values to Paste into the Enterprise Auditor WebServer.exe.config File + +![Okta Application copy link address](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktacopylinkaddress.webp) + +**Step 1 –** In the Enterprise Auditor application, click the **Sign On** tab. + +**Step 2 –** Right click on the **Identity Provider metadata** link and select **Copy Link Address** +to get the value for the WSFederationMetadata URL. + + + +**Step 3 –** Click on the General tab to copy the value for the **Realm**. This value will be unique +per tenant. + +`https://www.okta.com/` + +**Step 4 –** Construct the ReplytoURL using the FQDN of your Enterprise Auditor server: + +https://FQDNofaccessanalyzerserver.com:8082/federation + +Edit the WebServer.exe.config File + +Follow the steps to edit the **WebServer.exe.config** file: + +**Step 1 –** Open the **WebServer.exe.config** file with a text editor, such as Notepad++. It is +located in the Web folder within the Enterprise Auditor installation. + +**Step 2 –** Change the value for the `BindingUrl` parameter from `http` to `https`: + +``` + +``` + +![Okta application values in WebServer.exe.config file](/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigokta.webp) + +**Step 3 –** Update the following values in the **WebServer.exe.config** file with the values +retrieved from the Enterprise Auditor Okta application. + +**CAUTION:** These values are case sensitive. The values used here must match the values in the +Enterprise Auditor Okta application. + +- `WSFederationMetadata` – Paste the copied link address into the **WebServer.exe.config** file as: + + ``` + + ``` + +- `WSFederationRealm` – Paste the value for the Realm into the **WebServer.exe.config** file as: + + ``` + + ``` + +- `WSFederationReply` – Enter the value for the WSFederationReply based on the FQDN of the + Enterprise Auditor server and port into the **Webserver.exe.config** file as: + + ``` + + ``` + +**Step 4 –** Restart the Enterprise Auditor Web Server. + +Configure the App Settings for the StealthAUDIT Application + +**Step 1 –** In the Enterprise Auditor application, navigate to the General Tab and click **Edit** +to populate the following fields. + +- Web Application URL – This value should follow this + format:`https://:8082/` +- Realm – This value is unique per tenant and should follow this format: + `https://www.okta.com/` +- Audience Restriction – This value should match the value for the Realm +- ReplyToURL – Enter the value from the WSFederationReply setting from the **Webserver.exe.config** + file + + - `https://FQDNofaccessanalyzerserver.com:8082/federation` + +- Custom Attribute Statement – This value must match the following format, including case and bold + areas: + + http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname|${user.__samaccountname__}|, + http://schemas.xmlsoap.org/ws/2005/05/identity/claims/sid|${user.__SID__}|,http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn|${user.__upn__}| + +![oktaprofileeditor](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaprofileeditor.webp) + +**Step 2 –** Navigate to the Directory menu and select **Profile Editor** from the drop-down menu. +Click the **Edit Profile** button for the Enterprise Auditor application. + +![Okta Add Attribute button](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaaddattribute.webp) + +**Step 3 –** Click **Add Attribute** to open the Add Attribute window. + +![Okta Add Atrribute window](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaaddattributewindow.webp) + +**Step 4 –** In the Add Attribute window, add the following attributes: + +- Username +- SID +- samaccountname +- upn +- department + +**NOTE:** The case of the attributes in bold must match the case used in the custom attribute. + +Click **Save** to save the attribute details and close the Add Attribute window. To add another +attribute, click **Save and Add Another**. + +![To Okta option under the Directory Provisioning Tab](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktadirectoryprovisioningtookta.webp) + +**Step 5 –** Navigate to the **Directory** menu and click on the **Provisioning** tab. Click **To +Okta**. + +![Okta Show Unmapped Attributes](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktashowunmappedattributes.webp) + +**Step 6 –** Locate and map the attributes that were added for the profile by clicking the +**Pencil** icon to edit attributes. To locate the attributes, scroll down and select **Show Unmapped +Attributes**. + +![Okta Unmapped Attribute configuration window](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaunmappedattributeconfigscreen.webp) + +**Step 7 –** Click the pencil icon for **SID**, **upn**, and **samAccountName** to map the +attributes. They will display in the mapped section. + +**Step 8 –** Click **Save** and return to the **Okta Attribute Mappings** page. + +![Okta Attribute Mappings Force Sync](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaattributemappingsforcesync.webp) + +**Step 9 –** On the Okta Attribute Mappings page, click **Force Sync**. The new attributes will +display for any user under the profile. + +To configure Okta Multi-Factor Authentication, see the +[Setting Up Multi-Factor Authentication](#setting-up-multi-factor-authentication) topic for +additional information. + +## Setting Up Multi-Factor Authentication + +Follow the steps to configure multi-factor-authentication for Enterprise Auditor: + +![Okta MFA App Sign on Rule window](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktamfaappsignonrule.webp) + +**Step 1 –** Navigate to the **Sign On Policy** page and click **Add Rule**. The App Sign On Rule +opens. Configure the following options: + +- Rule Name – Name of the rule +- Conditions – Select whether the rule applies to either the **Users assigned to this app** or **The + following groups and users**. + +![Okta MFA App Sign on Rule window Access section](/img/product_docs/accessanalyzer/11.6/install/application/reports/oktamfaappsignonruleaccess.webp) + +**Step 2 –** Scroll down to the Access section. Check the **Prompt for factor** box and select +**Every Sign On**. Click **Save**. + +Multi-Factor Authentication is now configured for Enterprise Auditor. diff --git a/docs/accessanalyzer/11.6/install/application/reports/overview.md b/docs/accessanalyzer/11.6/install/application/reports/overview.md new file mode 100644 index 0000000000..4b2d867d67 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/reports/overview.md @@ -0,0 +1,80 @@ +# Reports via the Web Console + +The Web Console is where any reports which have been published can be viewed outside of the +Enterprise Auditor Console. + +- Web Console – This console uses an embedded website for published reports. It provides a + consolidated logon feature for viewing published reports, and accessing the Netwrix Access + Information Center (when installed) and other Netwrix products. + +The Enterprise Auditor installer places a Web folder at the root of the Enterprise Auditor +directory. This folder contains the Enterprise Auditor Web Server (WebServer.exe) that runs on the +Enterprise Auditor Console upon installation. + +**NOTE:** The Enterprise Auditor Web Server service must run as an account that has access to the +Enterprise Auditor database. This may be a different account than the one used to connect Enterprise +Auditor to the database. If the Enterprise Auditor Vault service is running, the account running the +Web Server service must be an Enterprise Auditor Administrator. See the +[Vault](/docs/accessanalyzer/11.6/admin/settings/application/vault.md) topic +for additional information. + +The Web folder that the Enterprise Auditor installer places at the root of the Enterprise Auditor +directory also contains a `WebServer.exe.config` file. This file contains configurable parameters. + +**CAUTION:** If encryption methods have been configured for Kerberos on the Enterprise Auditor +server but not on the service account running the Enterprise Auditor Web Server service, then users +will not be able to log-in to the Web Console and will receive an error message. See the +[Manage Kerberos Encryption Warning for the Web Console](/docs/accessanalyzer/11.6/install/application/reports/kerberosencryption.md) +topic for additional information on configuring security polices to allow Kerberos encryption. + +## Log into the Web Console + +In order for a user to log into the Web Console, the user’s account must have the User Principal +Name (UPN) attribute populated within Active Directory. Then the user can login using domain +credentials. If multiple domains are being managed by the Netwrix Access Information Center, then +the username needs to be in the `domain\username` format. + +Access to reports in the Web Console can be managed through the Role Based Access feature of +Enterprise Auditor (**Settings** > **Access**). The Web Administrator role and the Report Viewer +role grant access to the published reports. See the +[Role Based Access](/docs/accessanalyzer/11.6/admin/settings/access/rolebased/overview.md) +topic for addition information. + +**NOTE:** Access to the AIC and other Netwrix products is controlled from within those products. + +The address to the Web Console can be configured within the Enterprise Auditor Console +(**Settings** > **Reporting**). The default address is `http://[hostname.domain.com]:8082`. From the +Enterprise Auditor Console server, it can be accessed at `http://localhost/` with any standard +browser. To access the Web Console from another machine in or connected to the environment, replace +localhost with the name of the Enterprise Auditor Console. See the +[Update Website URLs](/docs/accessanalyzer/11.6/install/application/reports/secure.md#update-website-urls) +topic for additional information. + +**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See +the +[Configure JavaScript Settings for the Web Console](/docs/accessanalyzer/11.6/admin/settings/reporting.md#configure-javascript-settings-for-the-web-console) +topic for additional information. + +Follow the steps to login to the Web Console. + +**Step 1 –** To open the Web Console page, use one of the following methods: + +- From the Enterprise Auditor Console server – Click the Published Reports desktop icon + (`http://localhost:8082`) +- For remote access – Enter one of the following URLs into a web browser: + + http://[machinename]:8082 + + https://[machinename]:8082 + +**NOTE:** The URL that is used may need to be added to the browser’s list of trusted sites. + +![Web Console Login page](/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolelogin.webp) + +**Step 2 –** Enter your **User Name** and **Password**. Click **Login**. + +![Web Console Home page](/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolehome.webp) + +The home page shows the solutions with published reports available. See the +[Web Console](/docs/accessanalyzer/11.6/admin/report/view.md#web-console) +topic for information on using the Web Console. diff --git a/docs/accessanalyzer/11.6/install/application/reports/secure.md b/docs/accessanalyzer/11.6/install/application/reports/secure.md new file mode 100644 index 0000000000..98de9b6fa1 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/reports/secure.md @@ -0,0 +1,250 @@ +# Securing the Web Console + +Published reports can be accessed in the Web Console. There are several options for enhancing +security. + +Additional configuration options for enhanced security include: + +- Enable SSL – The `BindingUrl` parameter shows the port used by the Enterprise Auditor web server + for SSL reports. If SSL is enabled, the value will be HTTPS instead of HTTP. +- Enable Multiple Domain Access – The `AuthenticationDomains` parameter allows the Web Console to be + accessed from multiple domains. By default this parameter is blank, allowing only domain users + from the domain where the Enterprise Auditor Console resides to access the Web Console. +- Enable Single Sign-On – The `WindowsAuthentication` parameter allows domain users to be + automatically logged into the Web Console. By default this parameter is set to `false`, which + requires domain users to login each time the Web Console is accessed. See the + [Enable Single Sign-On](/docs/accessanalyzer/11.6/install/application/reports/sso.md) + topic for additional information. + + **NOTE:** The Web Console also supports using Microsoft Entra ID single sign-on. See the + [Microsoft Entra ID Single Sign-On](/docs/accessanalyzer/11.6/install/application/reports/entraidsso.md) + topic for additional information. + +These parameters can be configured within the **WebServer.exe.config** file in the Web folder of the +Enterprise Auditor installation directory `…\STEALTHbits\StealthAUDIT\Web`. + +## Enable SSL for the Web Console + +To enable Secure Sockets Layer (SSL) for secure, remote connections to the Web Console it is +necessary to bind a certificate to the port. See the +[Use a Self-Signed Certificate for SSL](#use-a-self-signed-certificate-for-ssl) topic for more +information. Follow the steps on the server where Enterprise Auditor is installed to enable SSL for +the Web Console. + +**NOTE:** The following steps require a certificate to be available. Organizations typically have +one or more system administrators responsible for Public Key Infrastructure (PKI) and certificates. +To continue with this configuration it will first be necessary to confer with the PKI administrator +to determine which certificate method will conform to the organization’s security policies. +Optionally, see [Use a Self-Signed Certificate for SSL](#use-a-self-signed-certificate-for-ssl) for +an Administrator PowerShell command which will both create and import a self-signed certificate. + +**Step 1 –** Import the certificate to the hosting server using the Certificate Management MMC +snap-in. + +**NOTE:** If using a self-signed certificate, it will also need to be imported. + +**Step 2 –** Create an SSL binding. It is necessary to use the certificate’s **Hash** value for the +`$certHash` value: + +**NOTE:** The following Administrator PowerShell dir command can be run on the certificate's “drive” +to find the **Hash** value of a certificate which was already created and the output will include +the Thumbprint (**Hash**) value and the certificate name: + +``` +dir cert:\localmachine\my +``` + +- Run the following command using Administrator PowerShell to create the SSL binding, with the + appropriate `certHash` value: + + ``` + $guid = "bdd5710f-7cbe-4f85-b8c1-da4bddf485a8" + $certHash = "80F78FD2566793D2F39E748CDF6DED09B6F57A82" # the 'Thumbprint' value + $ip = "0.0.0.0" # this means all IP addresses + $port = "8082" # the default HTTPS port + "http add sslcert ipport=$($ip):$port certhash=$certHash appid={$guid}" | netsh + ``` + +**Step 3 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is +located within the Web folder of the Enterprise Auditor installation directory. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfig.webp) + +**Step 4 –** Change the value for the `BindingUrl` parameter from `http` to `https`: + +``` + +``` + +- After changing the `BindingUrl` value in the **WebServer.exe.config** file, the Website URL must + be updated to match the new value in the following places: + - Enterprise Auditor's **Settings** > **Reporting** node + - Enterprise Auditor's Published Reports Desktop icon properties + - See the [Update Website URLs](#update-website-urls) topic for additional information. + +**Step 5 –** Save and close the file. + +**Step 6 –** Navigate to Services (`services.msc`). Restart the Netwrix Enterprise Auditor Web +Server service. + +**NOTE:** If also using the AIC, then SSL needs to be enabled for the AIC using this certificate. +See the Securing the AIC section of the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +The Web Console has been enabled for SSL communication. Access it using the server’s fully qualified +domain name and the HTTPS port (`https://[hostname.domain.com]:8082`). If a self-signed certificate +was used, then the client-side access to the Web Console will generate a Certificate error. See the +[Add the Certificate for Client-Side Access](#add-the-certificate-for-client-side-access) topic for +additional information. + +### Update Website URLs + +If the Binding URL value is updated in Enterprise Auditor's **WebServer.exe.config** file, the +Website URL must be updated to match the new value in the following places: + +- Enterprise Auditor's Reporting node (**Settings** > **Reporting**) +- Enterprise Auditor's Published Reports Desktop icon properties + +Update the Website URL in the Reporting Node + +Follow the steps to update the Website URL in the **Settings** > **Reporting** node. + +**Step 1 –** Expand **Settings** and select the **Reporting** node. + +![Access Governance Reporting Settings page](/img/product_docs/accessanalyzer/11.6/install/application/reports/websiteurlreporting.webp) + +**Step 2 –** In the **Website URL** box, update the URL to: `https://[hostname.domain.com]:8082` + +**Step 3 –** Click **Save**. + +The Website URL is now updated. + +Update the URL in the Published Reports Desktop Icon Properties + +Follow the steps to update the URL in the Published Reports desktop icon's Published Report's +Properties window. + +**Step 1 –** Right click on the **Published Reports** desktop shortcut and click **Properties**. + +![Published Reports desktop icon properties](/img/product_docs/accessanalyzer/11.6/install/application/reports/publishedreportsproperties.webp) + +**Step 2 –** On the **Web Document** tab, update the **URL** in the text box to: +`https://localhost:8082/` + +**Step 3 –** Click **Apply** and then **OK** to exit. + +The URL is now updated. + +### Remove Certificate from the Port + +Remove or unbind the certificate from the port by running the following Administrator PowerShell +command: + +``` +netsh http delete sslcert ipport=0.0.0.0:8082 # ip and port used when binding +``` + +### List SSL Certificate Bindings + +You can run the following PowerShell command to list all SSL certificate bindings and use this to +validate which certificates are bound to specific ports: + +``` +netsh http show sslcert +``` + +## Use a Self-Signed Certificate for SSL + +If you want to use a self-signed certificate, use the `New-SelfSignedCertificate` cmdlet, which is +available in Administrator PowerShell 3.0+ to generate and import the certificate: + +``` +New-SelfSignedCertificate -DnsName machinename.domain.com -CertStoreLocation Cert:\LocalMachine\My +``` + +The output will show this info: + +`Thumbprint                                Subject` + +`----------                                -------` + +`80F78FD2566793D2F39E748CDF6DED09B6F57A82  CN=machinename.domain.com` + +The Thumbprint value is the certificate **Hash** value to be used when binding to the port. The port +can be the same as in HTTP (8082). Use this **Hash** value for Step 2 of the +[Enable SSL for the Web Console](#enable-ssl-for-the-web-console) instructions. + +Creation and import of the self-signed certificate can be validated in Microsoft Management Console. +Follow these steps to confirm the certificate is in Microsoft Management Console. + +**Step 1 –** Open Microsoft Management Console (`mmc.exe`). + +![Microsoft Management Console Certificates snap-in](/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateaddsnapin.webp) + +**Step 2 –** Select **File** > **Add/Remove Snap-in**. The Add or Remove Snap-ins window opens. +Select **Certificates**, and click **Add**. Then select **Computer account** in the Certificates +snap-in window. + +![Microsoft Management Console Certificates snap-in Select Computer dialog](/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateselectcomputer.webp) + +**Step 3 –** Click **Next** and select **Local computer**. Click **Finish**. + +![Microsoft Management Console Certificates Add or Remove Snap-ins window](/img/product_docs/accessanalyzer/11.6/install/application/reports/certificatesnapins.webp) + +**Step 4 –** The certificate will appear in the Selected snap-ins list in the Add or Remove Snap-ins +window. Click **OK** to close the window. + +**Step 5 –** Navigate to **Certificates** > **Personal** > **Certificates**. The certificate should +show in the pane on the right. + +The self-signed certificate was created and imported. Repeat these steps for each client-side host. + +### Add the Certificate for Client-Side Access + +When you open the Web Console with SSL enabled, the web browser shows a Your connection isn't +private warning message. This can be removed by importing the certificate onto the client server. + +Follow the steps to remove the certificate error. + +**Step 1 –** Open the Web Console in your browser. + +![Your connection isn't private warning in Microsoft Edge](/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateconnectionnotprivate.webp) + +**Step 2 –** Click **Advanced**, and then use the link to continue to the site. This loads the main +page of the Web Console. + +![Access Certificat Viewer from Not Secure error in Microsoft Edge address bar](/img/product_docs/accessanalyzer/11.6/install/application/reports/certificatenotsecureerror.webp) + +**Step 3 –** Click the **Not Secure** warning in the browser's address bar. Open the Certificate +Viewer from the warning details. + +- In Microsoft Edge, click the **Your Connection to this site isn't secure** section, and then click + the certificate icon. +- In Google Chrome, click **Certificate is not valid**. + +![Web browser Certificate Viewer window](/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateviewer.webp) + +**Step 4 –** On the Details tab of the Certificate Viewer, click **Export**. Save the security +certificate and close the Certificate Viewer. + +![Certificate window](/img/product_docs/accessanalyzer/11.6/install/application/reports/certificatewindow.webp) + +**Step 5 –** Navigate to the save location from the previous step and open the exported security +certificate. On the Certificate window, click **Install Certificate**. The Certificate Import Wizard +opens. + +![Certificate Import Wizard](/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateimportwizard.webp) + +**Step 6 –** On the Certificate Import Wizard, select the Store Location as **Local Machine**, and +click **Next**. Keep the default selection of **Automatically select the certificate store based on +the type of certificate**. Navigate through the wizard to save this configuration. A pop-up message +should state that the import was successful. Click **OK** to close out all dialogs. + +![Microsoft Management Console Trusted Root Certification Authorities Certificates](/img/product_docs/accessanalyzer/11.6/install/application/reports/addcertificateconsole.webp) + +**Step 7 –** In the Microsoft Management Console, check the **Trusted Root Certification +Authorities** > **Certificates**. The self-signed certificate should now be listed there. + +The client-side access to the Web Console will no longer generate a certificate error. Repeat these +steps for each client-side host. diff --git a/docs/accessanalyzer/11.6/install/application/reports/sso.md b/docs/accessanalyzer/11.6/install/application/reports/sso.md new file mode 100644 index 0000000000..af94d5af59 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/reports/sso.md @@ -0,0 +1,65 @@ +# Enable Single Sign-On + +Single sign-on using Windows authentication allows users to be automatically log into the Web +Console according to the user’s current login session. When opening a session from a different +domain, the user will be prompted for credentials from a pop-up windows. After authenticating, the +user will be automatically logged in the Web Console. + +**NOTE:** The Web Console also supports using Microsoft Entra ID single sign-on. See the +[Microsoft Entra ID Single Sign-On](/docs/accessanalyzer/11.6/install/application/reports/entraidsso.md) +topic for additional information. + +Follow the steps to enable single sign-on for the Web Console. + +**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is +located within the Web folder of the Enterprise Auditor installation directory. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigsso.webp) + +**Step 2 –** Change the value for the `WindowsAuthentication` parameter to: + +``` + +``` + +**Step 3 –** Save and close the file. + +**Step 4 –** Navigate to Services (`services.msc`). Restart the Netwrix Enterprise Auditor Web +Server service. + +The Web Console has been enabled for single sign-on. + +## Local Intranet Settings + +Next, configure local intranet settings to enable SSO. This enables users to have authentication +pass through Windows Authentication and bypass SSO configuration Prompts for credentials via Browser +pop-up. + +Follow the steps to configure local intranet settings. + +**Step 1 –** Open Windows Internet Properties (**Control Panel** > **Network and +Internet** > **Internet Options**). + +![ConfigureLocalIntranetSettingsforSSO - 1](/img/product_docs/accessanalyzer/11.6/install/application/reports/internetproperties.webp) + +**Step 2 –** Go to the Security tab, and select the **Local Intranet** option. Then, click the +**Sites** button. + +![localintranet](/img/product_docs/accessanalyzer/11.6/install/application/reports/localintranet.webp) + +**Step 3 –** Click the **Advanced** button. + +![localintranetadvanced](/img/product_docs/accessanalyzer/11.6/install/application/reports/localintranetadvanced.webp) + +**Step 4 –** Enter a domain in the **Add this website in the zone** field. Ensure the fully +qualified domain name is in the following format: `https://..com` + +**Step 5 –** Click the **Add** button. Close the Local intranet window. + +**Step 6 –** On the Internet Properties window, click the **Apply** button. + +Authentication will now pass through Windows Authentication and bypass SSO configuration Prompts for +credentials via Browser pop-up + +**NOTE:** A list of allowed authentication servers can also be configured using the +AuthServerAllowList policy. diff --git a/docs/accessanalyzer/11.6/install/application/reports/timeout.md b/docs/accessanalyzer/11.6/install/application/reports/timeout.md new file mode 100644 index 0000000000..5a9738c6b7 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/reports/timeout.md @@ -0,0 +1,25 @@ +# Timeout Parameter for the Web Console + +The Web Console is configured with a default timeout parameter of 15 minutes. This can be configured +within the **WebServer.exe.config** file in the Web folder of the Enterprise Auditor installation +directory: + +…\STEALTHbits\StealthAUDIT\Web + +Follow the steps to modify the timeout parameter for the Web Console. + +**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigtimeout.webp) + +**Step 2 –** Change the value for the `SessionTimeout` parameter to the desired number of minutes: + +``` + +``` + +**Step 3 –** Save and close the file. + +The Web Console session will timeout after this many minutes of inactivity. This value will take +precedence over session timeout values set within the product consoles, for example the AIC, when +accessed through the Web Console. diff --git a/docs/accessanalyzer/11.6/install/application/updatelicense.md b/docs/accessanalyzer/11.6/install/application/updatelicense.md new file mode 100644 index 0000000000..78ad0179c4 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/updatelicense.md @@ -0,0 +1,57 @@ +# Update License Key + +It is necessary to install a new license key for an existing Enterprise Auditor installation due to +the following: + +- To renew a Enterprise Auditor license that is due to expire +- To grant access to additional Solutions + +In these situations it is possible to update the license file without going through the full +installation process. + +## Install a New License File + +Follow the steps to update the Enterprise Auditor license key without installing a new version of +the Enterprise Auditor Console. + +**Step 1 –** Ensure the new `StealthAUDIT.lic` license file is stored locally on the Enterprise +Auditor Console server in order to be referenced during the installation process. + +![Windows Control Panel Uninstall or change a program window](/img/product_docs/accessanalyzer/11.6/install/application/controlpaneluninstall.webp) + +**Step 2 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and +Features**), select the Enterprise Auditor application and click **Change**. + +![Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +**Step 3 –** On the Welcome page, click **Next**. + +![Setup Wizard Change, Repair, or Remove Installation page](/img/product_docs/accessanalyzer/11.6/install/application/change.webp) + +**Step 4 –** On the Change, Repair, or Remove Installation page, click **Change**. + +| | | | +| ------------------------------------------------------------------------------------------------------- | --- | ----------------------------------------------------------------------------------------------------------------------------------------- | +| ![License File page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/license.webp) | | ![License File page with mapped file](/img/product_docs/accessanalyzer/11.6/install/application/licensemapped.webp) | +| Default License File Page | | Mapped License File | + +**Step 5 –** On the License File page, click **Browse** and navigate to the **StealthAUDIT.lic** +file. It must be stored on the Enterprise Auditor Console server before the installation begins. +When the path to the file is visible in the text box, click **Next**. The license will be imported. + +![License Features page](/img/product_docs/accessanalyzer/11.6/install/application/licensefeatures.webp) + +**Step 6 –** The License Features page displays a list of all features covered by the imported +license. It also displays the name of the organization which owns the license, the expiration date, +and the host limit. These are the features that will be installed. Click **Next**. + +![Setup Wizard Ready to change page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/ready.webp) + +**Step 7 –** On the Ready to Change Enterprise Auditor page, click **Change** to begin the update. + +![Setup Wizard Completed page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) + +**Step 8 –** When the installation has completed, click **Finish** to exit the wizard. + +The new license file has been imported. If the license granted access to any additional solutions, +they will now be accessible from within the Enterprise Auditor Console. diff --git a/docs/accessanalyzer/11.6/install/application/upgrade/overview.md b/docs/accessanalyzer/11.6/install/application/upgrade/overview.md new file mode 100644 index 0000000000..f4bb92764d --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/upgrade/overview.md @@ -0,0 +1,60 @@ +# Enterprise Auditor Console Upgrade + +Enterprise Auditor 11.6 uses the Upgrade Wizard. For upgrades from versions of Enterprise Auditor +that are no longer supported, contact [Netwrix Support](https://www.netwrix.com/support.html) for +assistance. + +**NOTE:** If any customizations have been done by a Netwrix Engineer, please ensure custom work is +not lost during the upgrade process. While using the Upgrade Wizard, customizations are archived +prior to solution upgrades. These archives are available after the solution upgrades have been +completed. Contact [Netwrix Support](https://www.netwrix.com/support.html) for additional +information. + +The purpose of this document is to provide the basic steps needed for upgrading Enterprise Auditor +and the stock solutions. Contact [Netwrix Support](https://www.netwrix.com/support.html) for +additional information. + +See the [What's New](/docs/accessanalyzer/11.6/whatsnew.md) topic for +release information. + +## Considerations + +Multiple Enterprise Auditor Consoles Connecting to the Same Database + +In environments where multiple Enterprise Auditor Consoles are using the same SQL Server database, +every console using the database must also be updated. The act of connecting a Enterprise Auditor +Console with a newer version to a database updates the database’s schema pursuant to the new +definition. If a Enterprise Auditor Console with an older version connects to the same database +after the schema has been updated, corruption to Enterprise Auditor’s system tables can result. + +SQL Server Supported Version Change for the Enterprise Auditor Database + +With the release of Enterprise Auditor v11.6, SQL Server 2016 through SQL Server 2022 are the +supported versions for the Enterprise Auditor database. + +To grant access to additional Solutions in an existing Enterprise Auditor installation, a new +license key is required. To update the Enterprise Auditor license key without installing a new +version of the Enterprise Auditor Console, see the +[Update License Key](/docs/accessanalyzer/11.6/install/application/updatelicense.md) +topic for instructions. + +License Key Changes + +The following changes in licensing requires the organization needing a new key: + +- Enterprise Auditor v11.6 + + - No additional licenses are required for this version + +- StealthAUDIT v11.5 + - No additional licenses are required for this version +- StealthAUDIT v11.0 + - The new Data Privacy functionality is now a licensable feature. + - All database platforms are available as part of a single SQL license. +- StealthAUDIT v10.0 + - The new Amazon Web Services (AWS) Solution and the AWS Data Collector is now a licensable + feature. + +See the +[Update License Key](/docs/accessanalyzer/11.6/install/application/updatelicense.md) +section for instructions on updating the license key. diff --git a/docs/accessanalyzer/11.6/install/application/upgrade/solutionconsiderations.md b/docs/accessanalyzer/11.6/install/application/upgrade/solutionconsiderations.md new file mode 100644 index 0000000000..b07b64359c --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/upgrade/solutionconsiderations.md @@ -0,0 +1,120 @@ +# Solution Upgrade Considerations + +The following items must be taken into consideration for upgrades: + +Access Information Center + +- Should be upgraded at the same time as Enterprise Auditor. + + **NOTE:** The Enterprise Auditor upgrade should be completed first. + +See the Upgrade Procedure for Enterprise Auditor topic in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter)[ ](https://www.stealthbits.com/jdownloads/Documentation%20User%20Guides%20PDF/Stealthbits_AIC_InstallConfigGuide.pdf)for +instructions. + +Sensitive Data Discovery Add-on + +- Needs to be updated on all servers where it was installed. See the + [Upgrade Sensitive Data Discovery Add-on](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/upgrade.md) + topic for instructions. +- **CAUTION:** The new global Settings will overwrite any previously configured criteria. Make a + note of any configured Sensitive Data Criteria before upgrading Enterprise Auditor. Sensitive Data + Criteria must be reconfigured after an upgrade. + +With the new global experience, sensitive data criteria selection is configured globally and used by +default in all solution sets. See the +[Configure Global Sensitive Data Settings](#configure-global-sensitive-data-settings) for additional +information. + +Active Directory Solution Considerations + +- For Activity – Ensure the Netwrix Activity Monitor is a compatible version. See the Upgrade + Instructions in the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for additional information. + +File System Solution Considerations + +- For Proxy Mode as a Service – File System Proxy Service needs to be updated on the proxy servers. + See the + [Upgrade Proxy Service Procedure](/docs/accessanalyzer/11.6/install/filesystemproxy/upgrade.md) + topic for instructions. +- For Activity – Ensure the Netwrix Activity Monitor is a compatible version. See the Upgrade + Instructions in the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for additional information. + +SharePoint Solution Considerations + +- For SharePoint Agent – Enterprise Auditor SharePoint Agent needs to be updated on the SharePoint + server where it was installed. See the + [Upgrade SharePoint Agent](/docs/accessanalyzer/11.6/install/sharepointagent/upgrade.md) + section for instructions. +- For Activity – Ensure the Stealthbits Activity Monitor is a compatible version. See the Upgrade + Instructions in the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for additional information. + +The following binary component versions are required for Enterprise Auditor v11.6: + +| Component | Version | +| ----------------------------------- | ------- | +| Access Information Center | 11.6 | +| Netwrix Activity Monitor | 8.0 | +| File System Proxy Service | 11.6 | +| Sensitive Data Discovery Add-on | 11.6 | +| Enterprise Auditor SharePoint Agent | 11.6 | + +## File System Solution Upgrade + +After upgrading to Enterprise Auditor 11.6, run the latest version of the **File System** > +**0.Collection** > **0-Create Schema** job to migrate the File System Solution to the latest +database schema. + +This database schema migration should be performed before running other jobs in the File System +Solution after upgrading to Enterprise Auditor 11.6. + +See the +[File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/overview.md) +topic for additional information. + +## Configure Global Sensitive Data Settings + +**CAUTION:** The new global Settings will overwrite any previously configured criteria. Make a note +of any configured Sensitive Data Criteria before commencing the upgrade Enterprise Auditor. +Sensitive Data Criteria must be reconfigured after an upgrade. + +If Sensitive Data Criteria are configured differently for each solution, re-configure the criteria +selection at the solution level. See the +[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md) +topic and the topic for the applicable solution for additional information. + +If the same Sensitive Data Criteria are used for all solutions, configure the criteria selection at +the global **Settings** > **Sensitive Data** node, which will then be used by default in all +solutions. See the +[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md) +topic for additional information. + +Follow the steps to configure Sensitive Data Criteria at the global level. + +**Step 1 –** The Sensitive Data node provides configuration options to manage sensitive data +criteria and false positive exclusion filters. These settings require the Sensitive Data Discovery +Add-on. See the +[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md) +topic for additional information. + +![Global Settings Sensitive Data node](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/sensitivedata.webp) + +**Step 2 –** If the same Sensitive Data Criteria are used for all solutions, configure the criteria +selection at the global Settings level, which will then be used by default in all solution sets. +Navigate to the **Settings** > **Sensitive Data** node and click **Add** to open the Select Criteria +window. + +![Sensitive Data Select Criteria window](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/selectcriteria.webp) + +**Step 3 –** Select the desired criteria. Use the **Search Criteria** text field to filter the list +using keywords or expand each category to view and select individual Sensitive Data search criteria, +then click **OK**. + +By default, Sensitive Data Criteria configured at the global Settings level is inherited down to the +applicable solutions. diff --git a/docs/accessanalyzer/11.6/install/application/upgrade/wizard.md b/docs/accessanalyzer/11.6/install/application/upgrade/wizard.md new file mode 100644 index 0000000000..391cb70024 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/upgrade/wizard.md @@ -0,0 +1,153 @@ +# Enterprise Auditor Core Upgrade Instructions + +**CAUTION:** If Role Based Access has been enabled, a user with the Administrator role must perform +the upgrade. Other user roles do not have the necessary permissions to perform upgrades. + +Follow the steps to upgrade to Enterprise Auditor 11.6 on the same server where an older version of +Enterprise Auditor is installed. + +**NOTE:** If any customizations have been done by a Netwrix Engineer, please ensure the custom work +is not lost during the upgrade process. While using the Upgrade Wizard, customizations are archived +prior to solution upgrades. These archives are available after the solution upgrades have been +completed. Contact [Netwrix Support](https://www.netwrix.com/support.html) for additional +information. + +**CAUTION:** The new global Settings will overwrite any previously configured Sensitive Data +criteria. Make a note of any configured Sensitive Data Criteria before upgrading Enterprise Auditor. +Sensitive Data Criteria must be reconfigured after an upgrade. See the +[Configure Global Sensitive Data Settings](/docs/accessanalyzer/11.6/install/application/upgrade/solutionconsiderations.md#configure-global-sensitive-data-settings) +topic for additional information. + +![Windows Control Panel Uninstall or change a program window](/img/product_docs/accessanalyzer/11.6/install/application/controlpaneluninstall.webp) + +**Step 1 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and +Features**), uninstall the previous version of Enterprise Auditor. Jobs, application configuration +files, and reports remain in the installation directory after the uninstall process. + +- The `WebServer.exe.config` file is automatically retained in a Backup folder created under the Web + folder of the installation directory. Any custom application settings contained in this file are + kept as part of this upgrade process. + +![Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +**Step 2 –** Install Enterprise Auditor 11.6. See the +[Enterprise Auditor Core Installation](/docs/accessanalyzer/11.6/install/application/wizard.md) +topic for detailed instructions. + +- Before installation, ensure the new `StealthAUDIT.lic` license file is stored locally on the + Enterprise Auditor Console in order to be referenced during the installation process +- Enterprise Auditor is installed to the following directory by default: + `…\STEALTHbits\StealthAUDIT` + + If another installation path is designated, please be sure to leave `STEALTHbits\StealthAUDIT` + as the path suffix in the installation wizard. + +- During the installation, any customizations to the settings in the `WebServer.exe.config` file are + automatically restored from the backup file retained when installing the previous version. The + `../Web/Backup` folder is deleted after the settings have been restored. + +After the installation is completed, the upgrade wizard launches from the Enterprise Auditor desktop +icon. + +## Upgrade Wizard + +Once the Enterprise Auditor installation process is complete, it is necessary to go through the +Upgrade Wizard. There are three Upgrade options for a solution: + +- Full Upgrade – Performs a full synchronization of the directory and file structure of the solution + to mirror the Instant Solution +- Upgrade in place – Performs file content updates of jobs matching the Instant Solutions but does + not change the Jobs tree structure +- Do not upgrade – No upgrade is performed, leaving the previous version of the solution + +The default settings configured within the Advanced Upgrade Options window align with the best +practices of the Netwrix Professional Services and Support teams. + +The Upgrade Wizard conducts the following actions according to the State identified and whether the +Upgrade action is set to **Full Upgrade** or **Upgrade in place**: + +| State | Condition | Action: Full Upgrade | Action: Upgrade in place | +| -------- | ----------------------------------------------------------------------------------- | -------------------- | ------------------------ | +| Normal | Job exists in Locked state and has matching ID in Instant Solutions | Upgrade | Upgrade | +| New | Job exists in Instant Solutions but not in the Jobs tree for an existing solution | Install | Install | +| Removed | Job exists in Locked state in the Jobs tree but does not exist in Instant Solutions | Delete | Nothing | +| Copied | Original job exists in original location, but multiple instances of the job exists | Delete | Upgrade | +| Moved | Original job exists but in a different location than in the Instant Solutions | Move & Upgrade | Upgrade | +| Renamed | Job found via ID match but was renamed | Rename & Upgrade | Upgrade | +| Conflict | Changes have been made to the job | Overwrite | Overwrite | + +Conflicts are identified when customizations have been made by either a user or a Netwrix engineer. +Conflicts need to be either resolved prior to the upgrade action or manually applied after the +upgrade is complete. Conflict resolution can be done on the Changes window by undoing a +customization. However, if the conflict is undone prior to a solution upgrade, then the +customization will not be archived. + +**CAUTION:** If Role Based Access has been enabled, a user with the Administrator role must perform +the upgrade. Other user roles do not have the necessary permissions to perform upgrades. + +Follow the steps to use the Upgrade Wizard. + +**Step 1 –** Launch the Enterprise Auditor application. The installation wizard placed the +Enterprise Auditor icon on the desktop. + +![Configuration Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +**Step 2 –** The Enterprise Auditor Configuration Wizard opens. Click **Next** to continue. + +**NOTE:** When Enterprise Auditor11.6 is installed on a server where a previous version of +Enterprise Auditor had been installed, the Version Selection page of the Configuration Wizard will +not appear. + +![Configuration Wizard Solution Set Files page with conflicts](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/solutionsetfiles.webp) + +**Step 3 –** On the Solution Set Files page, only upgrade conflicts are displayed by default. + +**_RECOMMENDED:_** Investigate the changes where conflicts have been identified before proceeding. + +**Step 4 –** (Optional) Select an item with the Conflict State and click **View conflicts** to open +the Changes window. + +Additional options include: + +- Show upgrade conflicts only – Displays upgrade actions for all solutions +- Advanced – Opens the Advanced Upgrade Options window to view or modify the Upgrade option per + solution + +![View conflicts in the Changes window](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/changes.webp) + +**Step 5 –** (Optional) Conflicts can be resolved on the Changes window, which is opened by the +**View conflicts** button. Remember, if the conflict is resolved prior to a solution upgrade, then +the customization will not be archived. To resolve a conflict, select it from the list and click +**Undo**. + +**Step 6 –** When the Upgrade options have been set as desired. Click **Next**. + +![Configuration wizard Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +**Step 7 –** On the Options page, select whether to send usage statistics to Netwrix to help us +improve our product. After the Usage Statistics option is set as desired, click **Next** to +continue. + +- If selected, usage statistics are collected and sent to Netwrix + + - Upon startup of the Enterprise Auditor console, the system checks if usage statistics have + been sent in the last 7 days. If they have not been, stored procedures run against the + Enterprise Auditor database and gather data about job runs, access times, and environmental + details like resource counts, users counts, number of exceptions, and so on. This data is then + sent back to Netwrix to help us identify usage trends and common pain points, so that we can + use this information to improve the product. + - Only anonymous statistic-level data is included. No private company or personal data is + collected or sent to Netwrix. + +- If cleared, no usage statistics are collected or sent to Netwrix + +![Configuration Wizard Progress page](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/progress.webp) + +**Step 8 –** The Upgrade Progress page opens and displays the progress of the upgrade actions. When +the action completes, click **Finish**. + +The Upgrade Wizard closes, and Enterprise Auditor launches. The archived Jobs directory is in a ZIP +file located within the Jobs directory: `…\STEALTHbits\StealthAUDIT\Jobs`. + +The ZIP file name reflects the date and time of the upgrade. For example, the file name for an +upgrade performed on June 4, 2023 at approximately 6 PM would be: `20230604180542.zip`. diff --git a/docs/accessanalyzer/11.6/install/application/wizard.md b/docs/accessanalyzer/11.6/install/application/wizard.md new file mode 100644 index 0000000000..b34677237d --- /dev/null +++ b/docs/accessanalyzer/11.6/install/application/wizard.md @@ -0,0 +1,59 @@ +# Enterprise Auditor Core Installation + +Save the organization’s Enterprise Auditor license key, received from your Netwrix Sales +Representative, to the server where Enterprise Auditor is to be installed. Then follow the steps to +install Enterprise Auditor. + +**NOTE:** The process explained in this topic assumes that both the downloaded binary and the +license (.lic) file are located on the server which will become the Enterprise Auditor Console. + +**CAUTION:** If User Account Control (UAC) is enabled on the server, ensure the installation package +is run in Administrative/privilege mode. + +**Step 1 –** Run the **Netwrixaccessanalyzer.exe** executable to open the Enterprise Auditor +Setup Wizard. + +![Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +**Step 2 –** On the Welcome page, click **Next** to begin the installation. + +![ End User License Agreement](/img/versioned_docs/changetracker_8.0/changetracker/install/eula.webp) + +**Step 3 –** On the End-User License Agreement page, read the End User License Agreement, then check +the **I accept the terms in the License Agreement** box and click **Next**. + +![Destinations Folder page](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/destination.webp) + +**Step 4 –** On the Destination Folder page, click **Change** to select the folder location to +install Enterprise Auditor. The default destination folder is +`C:\Program Files (x86)\STEALTHbits\StealthAUDIT\`. Click **Next** to continue. + +| | | | +| ------------------------------------------------------------------------------------------------------- | --- | ----------------------------------------------------------------------------------------------------------------------------------------- | +| ![License File page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/license.webp) | | ![License File page with mapped file](/img/product_docs/accessanalyzer/11.6/install/application/licensemapped.webp) | +| Default License File Page | | Mapped License File | + +**Step 5 –** On the License File page, click **Browse** and navigate to your **StealthAUDIT.lic** +file. When the path to the file is visible in the textbox, click **Next**. + +**NOTE:** The license file must be stored on the Enterprise Auditor Console server before the +installation begins. + +![License Features page](/img/product_docs/accessanalyzer/11.6/install/application/licensefeatures.webp) + +**Step 6 –** The License Features page displays a list of all features covered by the imported +license. It also displays the name of the organization which owns the license, the expiration date, +and the host limit. These are the features that will be installed. Click **Next**. + +![Ready to install Netwrix Access Governance page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/ready.webp) + +**Step 7 –** On the Ready to install Enterprise Auditor page, click **Install** to begin the +installation. + +![Setup Wizard Completed page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) + +**Step 8 –** When the installation has completed, click **Finish** to exit the wizard. + +The Enterprise Auditor Console has been installed, and two desktop icons have been created: +Enterprise Auditor and Published Reports. Launch the Enterprise Auditor application to complete the +initial configuration. diff --git a/docs/accessanalyzer/11.6/install/filesystemproxy/configuredatacollector.md b/docs/accessanalyzer/11.6/install/filesystemproxy/configuredatacollector.md new file mode 100644 index 0000000000..cb0fa20214 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/filesystemproxy/configuredatacollector.md @@ -0,0 +1,26 @@ +# File System Data Collection Configuration for Proxy as a Service + +To employ the proxy mode as a service scan for collecting file system data from the target host, +navigate to the **FileSystem** > **0.Collection** > **…System Scans** jobs and open the File System +Access Auditor Data Collector Wizard from the job’s query. + +On the Applet Settings wizard page, select the following option: + +- Require applet to be running as service on target – Must be selected in the Applet Launch + Mechanism section to prevent the deployment of the applet or the ad hoc installation of the + service during the scan + +On the Scan Server Selection wizard page, select either of the following options: + +- Specific Remote Server – Assigns the data collection processing to the server specified in the + textbox +- Specific Remote Servers by Host List – Assigns the data collection processing to the proxy servers + in the host list selected within the wizard via the **Select Hosts Lists** button + +See the +[FSAA Query Configuration](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/overview.md#fsaa-query-configuration) +topic for additional information. + +**_RECOMMENDED:_** When choosing to use proxy mode as a service for any of the File System Solution +**…System Scans** jobs, set proxy mode as a service for all of the **…System Scans** jobs that are +scheduled to run together. diff --git a/docs/accessanalyzer/11.6/install/filesystemproxy/overview.md b/docs/accessanalyzer/11.6/install/filesystemproxy/overview.md new file mode 100644 index 0000000000..bdcb7bfa92 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/filesystemproxy/overview.md @@ -0,0 +1,135 @@ +# File System Proxy as a Service Overview + +The File System Solution can be enabled to use proxy servers for scanning targeted file systems in +very large or widely dispersed environments. + +When File System scans are run in proxy mode as a service, there are two methods available for +deploying the service: + +- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be + installed on the Windows proxy servers prior to executing the scans. This is the recommended + method. +- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the + Windows proxy server when the job is executed + +The data collection processing is conducted by the proxy server where the service is running and +leverages a local mode-type scan to each of the target hosts. The final step in data collection is +to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to +the Enterprise Auditor Console server. + +Communication between the Enterprise Auditor Console Server and the proxy server is secure by +default using HTTPS requests. + +The version of the proxy service must match the major version of Enterprise Auditor. + +See the +[File System Solution](/docs/accessanalyzer/11.6/requirements/solutions/filesystem.md) +topic for information on the required prerequisites. + +## Supported Platforms + +The File System Proxy Service for the Enterprise Auditor File System Solution can be installed on +the following Windows operating systems: + +- Windows Server 2022 +- Windows Server 2019 +- Windows Server 2016 + +## Proxy Scanning Architecture + +Enterprise Auditor is configured by default to process data collection against ten target hosts +simultaneously. When File System scans are run in local mode ten hosts process simultaneously, and +processing against the eleventh host begins after the processing against the first host is +completed. Proxy scanning architecture supports large deployments or widely dispersed environments. + +A proxy server is any server that can be leveraged to process data collection against target hosts. + +**CAUTION:** The File System Proxy Service cannot be installed on the same server as Enterprise +Auditor. + +Two options are available for implementing the proxy scanning architecture: + +- Proxy mode with applet +- Proxy mode as a service + +### Proxy Mode with Applet + +When File System scans are run in proxy mode with applet, it means the File System applet is +deployed to the Windows proxy server when the job is executed to conduct data collection. The data +collection processing is initiated by the proxy server where the applet is deployed and leverages a +local mode-type scan to each of the target hosts. The final step in data collection is to compress +and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Enterprise +Auditor Console server. + +![Diagram of Enterprise Auditor server sending an FSAA applet to a proxy server](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/proxymodewithapplet.webp) + +The diagram illustrates the Enterprise Auditor server sending an FSAA applet to a proxy server, +which runs the scan against a file server, and then returns data to the Enterprise Auditor server. + +### Proxy Mode as a Service + +When File System scans are run in proxy mode as a service, there are two methods available for +deploying the service: + +- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be + installed on the Windows proxy servers prior to executing the scans. This is the recommended + method. +- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the + Windows proxy server when the job is executed + +The data collection processing is conducted by the proxy server where the service is running and +leverages a local mode-type scan to each of the target hosts. The final step in data collection is +to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to +the Enterprise Auditor Console server. + +The proxy communication is configured during the installation of the service on the proxy server and +certificate exchange options are configured via the Applet Settings page of the File System Access +Auditing Data Collector Wizard. The credential provided for the secure communications in the +installation wizard is also added to the Enterprise Auditor Connection Profile assigned to the File +System Solution. + +See the +[File System Proxy Service Installation](/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md) +topic for additional information. + +![Diagram of Enterprise Auditor server communicating securely with the proxy service on a proxy server](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp) + +The diagram illustrates the Enterprise Auditor server communicating securely with the proxy service +on a proxy server, which runs the scan against a file server, collecting the data locally and +securely. Then the proxy service returns data securely to the Enterprise Auditor server. + +When a proxy mode scan is initiated from the Enterprise Auditor Console, it will distribute hosts to +be scanned across all proxy hosts. Enterprise Auditor monitors the scans from the central console. +Once all proxy hosts have completed scanning, all results and SQLite databases are returned to the +Enterprise Auditor Console server. + +![Diagram of difference between an implementation with and without proxy servers](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/fsaaproxyarchitecture.webp) + +The diagram shows the difference between an implementation of Enterprise Auditor without proxy +servers (on the left) and with proxy servers (on the right). On the right side of the diagram, the +scans have been configured to use the local host and two additional proxy servers to perform the +FSAA Data Collector scans. This allows it to execute three times as many concurrent hosts than would +be possible without proxy servers. This provides a clear benefit in scalability and scan times. + +The proxy functionality for the FSAA Data Collector provides security and reliability. + +_Remember,_ It is recommended that the File System Proxy Service is installed on the proxy server +before running File System scans in proxy mode as a service. Once installed, the FileSystemAccess +(FSAA) Data Collector must be configured to use the service. See the +[File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/11.6/install/filesystemproxy/configuredatacollector.md) +topic for additional information. + +## Sensitive Data Discovery Auditing Consideration + +Sensitive Data Discovery Auditing scans also require the Sensitive Data Add-on – FSAA & SPAA +Agentless (or x86) version of the Sensitive Data Discovery Add-On be installed on the proxy server. +This requirement is in addition to having the Sensitive Data Discovery Add-on installed on the +Enterprise Auditor Console server. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By +default, SDD scans are configured to run two concurrent threads. For example, if the job is +configured to scan 8 hosts at a time with two concurrent SDD threads, then an extra 32 GB of RAM are +required (8x2x2=32). diff --git a/docs/accessanalyzer/11.6/install/filesystemproxy/silentinstall.md b/docs/accessanalyzer/11.6/install/filesystemproxy/silentinstall.md new file mode 100644 index 0000000000..fa5cd82508 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/filesystemproxy/silentinstall.md @@ -0,0 +1,76 @@ +# Silent Installer Option for Proxy + +It is possible to use one of the following methods to complete a silent installation of the File +System Proxy Service. + +**CAUTION:** For all Active Directory versions, aside from Windows 2012 R2, the silent installer +does not prompt an error message if a duplicate SPN value exists in the targeted domain for +[Option 1: Run as LocalSystem](#option-1-run-as-localsystem). Having duplicate SPN’s in the targeted +Active Directory environment prohibits connection to the proxy service, resulting in a failed scan. + +If a desired SPN already exists in a Windows 2012 R2 domain, the silent installer displays the +following message: + +> _There is a problem with this Windows Installer package. A script required for this install to +> complete could not be run. Contact your support personnel or package vendor_. + +To resolve the problem, remove the duplicate SPN value and rerun the installer to complete +installation. For any additional issues, verbose logging is included in the silent installer and +creates an `install.txt` file on the desktop. + +## Option 1: Run as LocalSystem + +Follow the steps to install the File System Proxy Service on the targeted proxy servers with a +silent installer. + +**Step 1 –** Copy the `FileSystemProxy.msi` executable to the desktop of the server designated as +the proxy server. + +**Step 2 –** Run the following command: + +``` +msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=SYSTEM +``` + +- To add a non-default install directory, append `PRODUCTDIR="[path]"` to the command. + + - `path` – The path to the desired installation directory and must include + `...\STEALTHbits\StealthAUDIT\FSAA\...` + + For example: + + ``` + msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=SYSTEM PRODUCTDIR="E:\STEALTHbits\StealthAUDIT\FSAA" + ``` + +The SPN value is automatically added to the computer object in Active Directory with this option. + +## Option 2: Run as a Service Account + +Follow the steps to install the File System Proxy Service on the targeted proxy servers with a +silent installer. + +**Step 1 –** Copy the `FileSystemProxy.exe` executable to the desktop of the server designated as +the proxy server. + +**Step 2 –** Run the following command: + +``` +msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=DOMAIN SVC_USERNAME=DOMAIN\USERNAME SVC_PASSWORD="secret" +``` + +- `DOMAIN\USERNAME` – The service account credentials, which need to be a member the Local + Administrators group and have the**Log on as a service** local policy  (**Local Policies** > + **User Rights Assignment**) +- `secret` – The password for the credentials provided above (within quotes) + +- To add a non-default install directory, append `PRODUCTDIR="[path]"` to the command. + + - `path` – The path to the desired installation directory and must include + `...\STEALTHbits\StealthAUDIT\FSAA\...` + + For example: + + ``` + msiexec /i FileSystemProxy.msi/qb /l*v install.log SVC_ACCOUNT_TYPE=DOMAIN SVC_USERNAME=DOMAIN\USERNAME SVC_PASSWORD="secret" PRODUCTDIR="E:\STEALTHbits\StealthAUDIT\FSAA" + ``` diff --git a/docs/accessanalyzer/11.6/installation/filesystem-proxy/troubleshooting.md b/docs/accessanalyzer/11.6/install/filesystemproxy/troubleshooting.md similarity index 100% rename from docs/accessanalyzer/11.6/installation/filesystem-proxy/troubleshooting.md rename to docs/accessanalyzer/11.6/install/filesystemproxy/troubleshooting.md diff --git a/docs/accessanalyzer/11.6/install/filesystemproxy/uninstall.md b/docs/accessanalyzer/11.6/install/filesystemproxy/uninstall.md new file mode 100644 index 0000000000..9fff16b818 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/filesystemproxy/uninstall.md @@ -0,0 +1,18 @@ +# Uninstall Proxy Service Process + +The process to properly uninstall the File System Proxy Service is completed through the +uninstalling of the Enterprise Auditor File System Scanning Proxy program. + +**Step 1 –** Open Control Panel and select **Programs** > **Uninstall a program**. + +![Programs and Features](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/uninstall.webp) + +**Step 2 –** Select Netwrix Enterprise Auditor File System Scanning Proxy and click **Uninstall**. + +**NOTE:** If the installation was configured to use the LocalSystem account to run the RPC service +the two SPN values are removed for that machine in Active Directory. If the service is running with +a supplied account, the SPN values would need to be manually removed for that machine in Active +Directory (unless the uninstall was completed as part of the +[Upgrade Proxy Service Procedure](/docs/accessanalyzer/11.6/install/filesystemproxy/upgrade.md)). + +When the uninstall process is complete, this program is removed from the list. diff --git a/docs/accessanalyzer/11.6/install/filesystemproxy/upgrade.md b/docs/accessanalyzer/11.6/install/filesystemproxy/upgrade.md new file mode 100644 index 0000000000..e5f1154524 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/filesystemproxy/upgrade.md @@ -0,0 +1,56 @@ +# Upgrade Proxy Service Procedure + +When the Enterprise Auditor Console and File System Solution are upgraded, it is necessary to also +upgrade the File System Proxy Service when running Enterprise Auditor in Proxy Mode as a Service. +This upgrade can be done in two ways: + +- Automatically – An instant job within the Enterprise Auditor Console +- Manually – On each server hosting the proxy service + +**CAUTION:** When upgrading the Proxy Service to 11.6 from a previous version for the first time, +you must manually uninstall the previous version and follow the [Manual Upgrade](#manual-upgrade) +steps below. Subsequent 11.6 upgrades can be done using the automatic upgrade option. + +## Automatic Upgrade + +The **FS_UpdateProxy** Job is available through the Instant Job Wizard. This job updates the File +System Proxy Service on all servers in the assigned host list. Follow the steps to instantiate this +job. + +**Step 1 –** Within the **Jobs** tree, right-click and select **Add Instant Job**. The Instant Job +Wizard window opens. + +**Step 2 –** On the Welcome page, click **Next**. + +![FS_UpdateProxy Job in the Instant Job Wizard](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/updateproxyinstantjob.webp) + +**Step 3 –** On the Instant Job page, locate the **Library Name: File System** category group. +Expand the category and select the **FS_UpgradeProxy** Job. Click **Next**. + +**Step 4 –** On the Host Assignment page, select the **Specify individual hosts or host lists** +option and click **Next**. + +**Step 5 –** On the Host Lists page, assign the host lists containing the proxy servers to be +updated . Multiple host lists can be added. Click Next. + +**Step 6 –** On the Individual Hosts page, click **Next**. + +**Step 7 –** Review the Summary and click either **Save & Exit** or **Save & Run Jobs Now**. + +The proxy does not update until the job is run. Once successfully ran, the servers in the assigned +host lists have been updated. + +## Manual Upgrade + +Follow the steps on the servers hosting the File System Proxy Service. + +![Programs and Features](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/uninstall.webp) + +**Step 1 –** Navigate to Programs and Features (**Control Panel** > **Programs** > **Programs and +Features**). Uninstall the previous version of Enterprise Auditor File System Scanning Proxy. + +**Step 2 –** Install the new version of the File System Proxy Service. See the +[File System Proxy Service Installation](/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md) +topic for instructions. + +The File System Solution can now use the proxy architecture for the latest version of the solution. diff --git a/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md b/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md new file mode 100644 index 0000000000..e6cc93c190 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md @@ -0,0 +1,134 @@ +# File System Proxy Service Installation + +The File System Proxy installer is designed to simplify the process of setting up File System +Scanning Proxy as a service on the designated proxy server. It is a best practice to use a +specifically provisioned domain account as the File System Proxy service account. Follow the steps +to install the FSAA service on the targeted proxy servers. + +**Step 1 –** Run the `FileSystemProxy.exe` executable. The Netwrix Enterprise Auditor File System +Scanning Proxy Setup wizard opens. + +![File System Proxy Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +**Step 2 –** On the Welcome page, click **Next** to begin the installation. + +![File System Proxy Setup Wizard End-User License Agreement page](/img/versioned_docs/changetracker_8.0/changetracker/install/eula.webp) + +**Step 3 –** On the End-User License Agreement page, select the **I accept the terms in the License +Agreement** checkbox and click **Next**. + +![File System Proxy Setup Wizard Destination Folder page](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/destination.webp) + +**Step 4 –** On the Destination Folder page, click **Next** to install to the default folder or +click **Change** to select a different location. Clicking **Change** opens the Change destination +folder page. + +![File System Proxy Setup Wizard Change destination folder page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/changedestination.webp) + +On the Change destination folder page, choose a different destination folder for the installation. + +- Look in – Select which folder or sub-folder to complete installation in using the Look in + drop-down +- Up one level – Click the Up one level button to select the folder one level above the currently + selected one +- Create a new folder – Click to create a new folder for the destination of the installation + +Click **OK** to save changes or click **Cancel** to return to the Destination Folder page without +saving. + +![File System Proxy Setup Wizard Configure Service page](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/configureservice.webp) + +**Step 5 –** On the Configure Service page, configure the credential to run the service using the +radio buttons. Then, click **Next**. + +- Run as LocalSystem – Uses the local system to run the File System Proxy service +- Run as a service account – Uses the provisioned credentials provided in the **User Name** and + **Password** fields to run the File System Proxy service. Remember, this account must be a local + Administrator on the proxy server and have the Log on as a service privilege in the proxy server's + Local Security Policy. + +![File System Proxy Setup Wizard Ready to install page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/ready.webp) + +**Step 6 –** On the Ready to install page, click **Install** to start installation. + +![File System Proxy Setup Wizard Completed page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/complete.webp) + +**Step 7 –** When the installation completes, click **Finish** to exit the wizard. + +**NOTE:** If the File System Proxy Service is installed on multiple servers, then a custom host list +of proxy servers should also be created in Netwrix Enterprise Auditor. + +Once the File System Proxy Service has been installed on any proxy server, it is necessary to +configure the File System Solution certificate exchange method for Proxy Mode as a Service. See the +[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/certificatemanagement.md) +topic for additional information. + +## Custom Parameters for File System Proxy Service + +The port and priority parameters can be modified for the File System Proxy Service on the registry +key: + +HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\StealthAUDITFSAA\ImagePath + +- Port parameter – Only needs to be added to the registry key value if a custom port is used. The + default port of 8766 does not need to be set as a parameter + - Append `-e [PORT NUMBER]` to the ImagePath key value +- Priority parameter – Can be modified so that the service runs as a background priority, which may + be desired if the service has been installed directly on a file server + + - Append `-r 0` to the ImagePath key value + + **NOTE:** If both parameters are added, there is no required order. + + **_RECOMMENDED:_** Stop the Netwrix Enterprise Auditor FSAA Proxy Scanner service before + modifying the registry key. + +Follow the steps to configure these service parameters. + +![Netwrix Enterprise Auditor FSAA Proxy Scanner service in the Services Management Console](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/service.webp) + +**Step 1 –** After installing the File System Proxy Service, open Services Management Console +(`services.msc`). To stop the service, right-click on the Netwrix Enterprise Auditor FSAA Proxy +Scanner service and select **Stop**. + +![File System Proxy ImagePath registry key in the Registry Editor](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/regedit.webp) + +**Step 2 –** Open Registry Editor (`regedit`) and navigate to the following registry key: + +HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\StealthAUDITFSAA\ImagePath + +**Step 3 –** Right-click on the **ImagePath** key and select **Modify**. The Value data was set +during installation according to the installation directory location selected. + +- Priority set to background priority: + - Add `-r 0` to the end of the path value +- Custom Port: + + - Add `-e [PORT NUMBER]` number to the end of the path value + + Example with Port number 1234: + + C:\Program Files (x86)\STEALTHbits\StealthAUDIT\FSAA\StealthAUDITRPC.EXEFSAASrv.DLL -e 1234 + + **NOTE:** The port number needs to be added to the path only if a custom port is used. + +**Step 4 –** Click **OK** and close Registry Editor. + +**Step 5 –** Return to the Services Management Console and start the Netwrix Enterprise Auditor FSAA +Proxy Scanner service. Close the Services Management Console. + +![Port number on File System Access Auditor Data Collector Wizard Applet Settings page](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/dcwizardportnumber.webp) + +**Step 6 –** In the Enterprise Auditor Console, navigate to the **FileSystem** > **0.Collection** > +**[Job]** > **Configure** > **Queries** node and open the File System Access Auditor Data Collector +Wizard. On the Applet Settings wizard page, change the **Port number** to the custom port. + +**NOTE:** See the +[File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/11.6/install/filesystemproxy/configuredatacollector.md) +section for additional configurations required to run scans in proxy mode as a service. + +**Step 7 –** Repeat the previous step for each of the **FileSystem** > **0.Collection** jobs to +employ this proxy service. + +The custom port identified is now used for communication between the File System Proxy Service and +Enterprise Auditor. diff --git a/docs/accessanalyzer/11.6/install/overview.md b/docs/accessanalyzer/11.6/install/overview.md new file mode 100644 index 0000000000..9752fb384d --- /dev/null +++ b/docs/accessanalyzer/11.6/install/overview.md @@ -0,0 +1,46 @@ +# Installation + +The following sections provide instructions for installing and upgrading Enterprise Auditor and +other related components. + +## Enterprise Auditor + +This section provides instructions for installing Enterprise Auditor and the initial configuration +required when first launching the Enterprise Auditor Console. It also includes additional +information, such as how to secure the Enterprise Auditor Database, and configuring the Web Console +for viewing reports outside of the Enterprise Auditor Console. + +See the +[Installation & Configuration Overview](/docs/accessanalyzer/11.6/install/application/overview.md) +topic for additional information. + +## Sensitive Data Discovery Add-on + +The Sensitive Data Discovery Add-On enables Enterprise Auditor to scan files for criteria matches +which indicate the existence of sensitive data. Sensitive Data Discovery scans can be run against +Windows file system servers, Network Attached Storage (NAS) devices, SharePoint on-premises, +SharePoint Online, OneDrive for Business, DropBox for Business, SQL Server databases, and Exchange +mailboxes. + +See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +## File System Proxy Service + +The File System Solution can be enabled to use proxy servers for scanning targeted file systems in +very large or widely dispersed environments. The File System Proxy installer is designed to simplify +the process of setting up File System Scanning Proxy as a service on the designated proxy server. + +See the +[File System Proxy as a Service Overview](/docs/accessanalyzer/11.6/install/filesystemproxy/overview.md) +topic for additional information. + +## SharePoint Agent + +The SharePoint Agent is capable of auditing permissions and content, or Access Auditing (SPAA) and +Sensitive Data Discovery Auditing, on SharePoint servers. + +See the +[SharePoint Agent Installation](/docs/accessanalyzer/11.6/install/sharepointagent/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md b/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md new file mode 100644 index 0000000000..4583a2fe85 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md @@ -0,0 +1,34 @@ +# Sensitive Data Discovery Add-On Installation + +The Sensitive Data Discovery Add-On enables Enterprise Auditor to scan files for criteria matches +which indicate the existence of sensitive data. Sensitive Data Discovery scans can be run against +Windows file system servers, Network Attached Storage (NAS) devices, SharePoint on-premises, +SharePoint Online, OneDrive for Business, DropBox for Business, SQL Server databases, and Exchange +mailboxes. + +This topic provides information on the installation and upgrade processes of the Sensitive Data +Discovery Add-On. For information on the required prerequisites, see the Server Requirements topic. + +The version of the SharePoint Agent must also match the major version of Enterprise Auditor. See the +[What's New](/docs/accessanalyzer/11.6/whatsnew.md) topic for release +information. + +## Supported Platforms + +The Sensitive Data Discovery Add-On can be installed on the following servers: + +- Windows Server 2016 through Windows Server 2022 + - On the Enterprise Auditor Console Server + - On the Windows proxy server hosting the File System Proxy service + - See the + [File System Proxy as a Service Overview](/docs/accessanalyzer/11.6/install/filesystemproxy/overview.md) + topic for additional information + - Install the Sensitive Data Add-on – FSAA & SPAA Agentless (or x86) version of the Sensitive + Data Discovery Add-On +- SharePoint 2013+ + - On the SharePoint server hosting the SharePoint Agent + - See the + [SharePoint Agent Installation](/docs/accessanalyzer/11.6/install/sharepointagent/overview.md) + topic for additional information + - Install the Sensitive Data Add-on – SPAA Agent (or x64) version of the Sensitive Data + Discovery Add-On diff --git a/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/upgrade.md b/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/upgrade.md new file mode 100644 index 0000000000..33dc409b4a --- /dev/null +++ b/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/upgrade.md @@ -0,0 +1,15 @@ +# Upgrade Sensitive Data Discovery Add-on + +When the Enterprise Auditor Console and applicable solutions are upgraded, it is necessary to also +upgrade the Sensitive Data Discovery Add-On. + +![Windows Control Panel Uninstall or change a program window](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/uninstall.webp) + +**Step 1 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and +Features**). Uninstall the previous version of Enterprise Auditor Sensitive Data Discovery Add-on. + +**Step 2 –** Install the new version of the Sensitive Data Discovery Add-On. See the +[Installing the Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/wizard.md) +section for instructions. + +The applicable solutions can now search for sensitive data based on the updated criteria. diff --git a/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/wizard.md b/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/wizard.md new file mode 100644 index 0000000000..3f7a8cba4e --- /dev/null +++ b/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/wizard.md @@ -0,0 +1,86 @@ +# Installing the Sensitive Data Discovery Add-On + +Remember, the following additional considerations: + +- File System Considerations: + - To run the **FileSystem** Job Group in Applet Mode or Proxy Mode with Applet, the targeted + file servers also need .NET Framework 4.7.2 or later to be installed in order for Sensitive + Data Discovery collections to successfully occur. + - To run the **FileSystem** Job Group in File System Proxy Mode as a Service, the Sensitive Data + Discovery Add-On (32-bit `SensitiveDataAddon.msi`) also needs to be installed on the proxy + server. The proxy server also requires the .NET Framework 4.7.2 or later. The Enterprise + Auditor license file will need to be accessible locally for this installation. See the + [File System Proxy as a Service Overview](/docs/accessanalyzer/11.6/install/filesystemproxy/overview.md) + topic for additional information. +- SharePoint Consideration – To use the SharePoint Agent to scan for sensitive data, the Sensitive + Data Discovery Add-On (64-bit `SensitiveDataAddon.msi`) will also need to be installed on the + application server which hosts the Central Administration component of the targeted SharePoint + farms after the Enterprise Auditor SharePoint Agent has been installed on that server. The + SharePoint server also requires .NET Framework 4.7.2 or later. The Enterprise Auditor license file + will need to be accessible locally for this installation. See the + [SharePoint Agent Installation](/docs/accessanalyzer/11.6/install/sharepointagent/overview.md) + topic for additional information. + +**NOTE:** Before running the installation package, please close the Enterprise Auditor application. + +The Enterprise Auditor license file is needed during installation. It can be imported from the +Enterprise Auditor installation directory when the add-on is installed on the Enterprise Auditor +Console server. Follow the steps to install the Sensitive Data Discovery Add-On. + +**Step 1 –** Run the `SensitiveDataAddon.exe` executable. + +_Remember,_ + +- Install the Sensitive Data Add-on – FSAA & SPAA Agentless (or x86) version of the Sensitive Data + Discovery Add-On on the Enterprise Auditor Console Server. +- Install the Sensitive Data Add-on – FSAA & SPAA Agentless (or x86) version of the Sensitive Data + Discovery Add-On on the File System Proxy server when using the File System Proxy Mode as a + Service scan mode. +- Install the Sensitive Data Add-on – SPAA Agent (or x64) version of the Sensitive Data Discovery + Add-On on the SharePoint server hosting the SharePoint Agent. + - Select the SPAA Agent for SP 2013 and newer + +![SDD Add-on Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +**Step 2 –** On the Welcome page, click **Next** to begin the installation. + +![SDD Add-on Setup Wizard End-User License Agreement page](/img/versioned_docs/changetracker_8.0/changetracker/install/eula.webp) + +**Step 3 –** Check the **I accept the terms in the License Agreement** box and click **Next**. + +![SDD Add-on Setup Wizard License File page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/license.webp) + +**Step 4 –** Click **Browse** to select the license file to use for installation. By default, this +will target the license key within the Enterprise Auditor installation directory. If installing on +the SharePoint Agent server or the File System Proxy server, use the Browse button to navigate to +the license file. Click **Next**. + +**NOTE:** The Enterprise Auditor license file needs to be locally accessible during the installation +process. + +![SDD Add-on Setup Wizard Ready to install page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/ready.webp) + +**Step 5 –** Click **Install** to begin the installation. + +![Completed the SDD Add-on Setup Wizard page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) + +**Step 6 –** When the installation has completed, click **Finish** to exit the wizard. + +The Enterprise Auditor Console is now ready to run Sensitive Data Discovery jobs for the following +solutions, according to the organization’s license: + +- AWS +- Dropbox +- Exchange +- File System +- PostgreSQL +- MongoDB +- MySQL +- Oracle +- SharePoint +- SQL + +Prior to job execution, ensure the desired criteria have been properly configured for each job. See +the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/install/sharepointagent/overview.md b/docs/accessanalyzer/11.6/install/sharepointagent/overview.md new file mode 100644 index 0000000000..1986c963c9 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/sharepointagent/overview.md @@ -0,0 +1,43 @@ +# SharePoint Agent Installation + +The SharePoint Agent is capable of auditing permissions and content, or Access Auditing (SPAA) and +Sensitive Data Discovery Auditing, on SharePoint servers. + +This topic provides information on the installation and upgrade processes of the SharePoint Agent. +It also provides information on the permissions needed by the service account used to run the Access +Auditing (SPAA) and Sensitive Data Discovery Auditing scans against the targeted SharePoint +environment. + +For information on the required prerequisites and permissions, see the +[SharePoint Agent Permissions](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentpermissions.md) +topic. + +The version of the SharePoint Agent must also match the major version of Enterprise Auditor. See the +[What's New](/docs/accessanalyzer/11.6/whatsnew.md) topic for +additional information. + +## Supported Platforms + +The SharePoint Agent for the Enterprise Auditor SharePoint & SharePoint Online Solution can be +installed on the following SharePoint versions as targeted environments: + +- SharePoint® 2019 +- SharePoint® 2016 +- SharePoint® 2013 + +## Sensitive Data Discovery Auditing Consideration + +If utilizing the SharePoint Agent to scan for Sensitive Data, install the Sensitive Data Add-on – +SPAA Agent (or x64) version of the Sensitive Data Discovery Add-On after the SharePoint Agent has +been installed on the SharePoint server. This requirement is in addition to having the Sensitive +Data Discovery Add-on installed on the Enterprise Auditor Console server. Sensitive Data Discovery +Auditing scans also require .NET Framework 4.7.2 or later. + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/install/sharepointagent/upgrade.md b/docs/accessanalyzer/11.6/install/sharepointagent/upgrade.md new file mode 100644 index 0000000000..7254cf195a --- /dev/null +++ b/docs/accessanalyzer/11.6/install/sharepointagent/upgrade.md @@ -0,0 +1,21 @@ +# Upgrade SharePoint Agent + +Follow the steps to upgrade the SharePoint Agent. + +![Windows Control Panel Uninstall or change a program window](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/uninstall.webp) + +**Step 1 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and +Features**), uninstall the previous version of SharePoint Agent. + +**Step 2 –** Install the new version of the SharePoint Agent. See the +[Installing the SharePoint Agent](/docs/accessanalyzer/11.6/install/sharepointagent/wizard.md) +topic for instructions. + +**Step 3 –** If also conducting Sensitive Data Discovery Auditing, after the installation is +completed upgrade the Sensitive Data Discovery Add-on on the SharePoint server. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +Now that the SharePoint Agent has been upgraded, it can be used by the SharePoint Solution. See the +[SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/install/sharepointagent/wizard.md b/docs/accessanalyzer/11.6/install/sharepointagent/wizard.md new file mode 100644 index 0000000000..4ba95a0e95 --- /dev/null +++ b/docs/accessanalyzer/11.6/install/sharepointagent/wizard.md @@ -0,0 +1,55 @@ +# Installing the SharePoint Agent + +The installer will prompt for credentials which are used to set the identity that the SharePoint +Access Auditor Agent service runs as. The agent service does no additional impersonation, so this is +the account used to connect to and enumerate SharePoint. The service account credentials provided +need to be a member of the Log on as a service local policy. Additionally, the credentials provided +for Step 5 should also be a part of the Connection Profile used by the SharePoint Solution within +the Enterprise Auditor Console. See the +[SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) +topic for detailed permission information. + +**NOTE:** If utilizing the SharePoint Agent to scan for Sensitive Data, the 64-bit +`SensitiveDataAddon.msi` needs to be installed after the SharePoint Agent has been installed on the +SharePoint server. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +Follow the steps to install the SharePoint Agent on the application server which hosts the Central +Administration component of the targeted SharePoint farms. + +**Step 1 –** Run the `SharePointAgent.exe` executable to open the Netwrix Enterprise Auditor +SharePoint Agent Setup Wizard. + +![SharePoint Agent Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) + +**Step 2 –** On the Welcome page, click **Next** to begin the installation. + +![SharePoint Agent Setup Wizard End-User License Agreement page](/img/versioned_docs/changetracker_8.0/changetracker/install/eula.webp) + +**Step 3 –** On the End-User License Agreement page, select the **I accept the terms in the License +Agreement** checkbox and click **Next**. + +![SharePoint Agent Setup Wizard Destination Folder page](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/destination.webp) + +**Step 4 –** On the Destination Folder page, click **Next** to install to the default folder or +click **Change** to select a different location. + +![SharePoint Agent Setup Wizard Configure Service Security page](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/configureservice.webp) + +**Step 5 –** On the Configure Service Security page, enter the **User Name** and **Password** for +the SharePoint Service Account. Click **Next**. + +![SharePoint Agent Setup Wizard Ready to install page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/ready.webp) + +**Step 6 –** On the Ready to install Netwrix Enterprise Auditor SharePoint Agent page, click +**Install** to start the installation. + +![SharePoint Agent Setup Wizard Completed page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) + +**Step 7 –** When the installation has completed, click **Finish** to exit the wizard. + +Now that the SharePoint Agent has been installed on the appropriate application server, it can be +used by the SharePoint Solution. See the +[SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/overview.md) +topic for instructions on enabling agent service scans on the Agent Settings page. diff --git a/docs/accessanalyzer/11.6/installation/application/database-setup.md b/docs/accessanalyzer/11.6/installation/application/database-setup.md deleted file mode 100644 index 6e4785ee6b..0000000000 --- a/docs/accessanalyzer/11.6/installation/application/database-setup.md +++ /dev/null @@ -1,224 +0,0 @@ -# Enterprise Auditor Database - -The Enterprise Auditor database is dynamic in nature. There are a handful of required system tables -which are created at installation time or when individual features are used the first time. All -other data tables in the Enterprise Auditor database are created and bound to individual jobs which -are added to the Enterprise Auditor Console. As jobs are created and modified, corresponding tables -are created and modified in the database. A job can generate one or more tables. - -The structure and schema of each data table is controlled by the Enterprise Auditor data collector -used to collect data and write results to the table. There is a one-to-one relationship between a -task created within a Enterprise Auditor job and the table to which the task writes results. -Creating tasks or adding and removing properties within a task modifies the schema of the table on -subsequent execution of the job. - -Enterprise Auditor offers users the ability to modify its preconfigured jobs or create custom jobs -and tasks as needed. Therefore, precise schema information for data tables cannot be predicted, -restricted, or locked down. - -## Database Permissions - -The account configured in the storage profile to be used by Enterprise Auditor to access the -database should have the necessary rights to Add, Alter, Create, Drop, Select, and Update. These -rights are critical to normal Enterprise Auditor operations and functionality. - -**_RECOMMENDED:_** The account used by Enterprise Auditor should have database owner (DBO) level -access to the database. - -If database owner rights cannot be obtained, the following SQL script can be executed by a database -administrator (DBA) against the Enterprise Auditor database to grant the necessary permissions to -the appropriate users (replacing `` and `` with the appropriate values): - -``` -USE [master]GRANT VIEW ANY DEFINITION TO [] -GO -USE [] -GO -EXEC sp_addrolemember 'db_datareader', '' -GO -EXEC sp_addrolemember 'db_datawriter', '' -GO -GRANT CREATE TABLE TO [] -GO -GRANT CREATE VIEW TO [] -GO -GRANT CREATE PROCEDURE TO [] -GO -GRANT CREATE FUNCTION TO [] -GO -GRANT CREATE TYPE TO [] -GO -GRANT REFERENCES ON SCHEMA::dbo TO [] -GO -GRANT ALTER ON SCHEMA::dbo TO [] -GO -GRANT EXECUTE ON SCHEMA::dbo TO [] -GO -GRANT INSERT ON SCHEMA::dbo TO [] -GO -GRANT UPDATE ON SCHEMA::dbo TO [] -GO -Alter User [] with DEFAULT_SCHEMA = dbo -``` - -## Database Sizing - -SQL Server storage considerations vary. As Enterprise Auditor is a highly customizable auditing -platform, variables such as query scope, the number of hosts, frequency, historical retention, and -reporting needs are a few of the factors which affect the database resource consumption by -Enterprise Auditor. - -- Query Scope – Amount of data configured to be returned from each query (queries are dynamic and - can be configured to return one row per host or tens of thousands) -- Number of Hosts – Number of hosts targeted for auditing objectives -- Frequency – How often jobs are run -- Historical Retention – Amount of collected data to be retained in source data tables based on a - user-configured time frame -- Reporting Needs – Anticipated data needed to generate reports - -Recommended SQL Server database sizes are provided for specific solutions in the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topics. These recommendations are based on environmental factors, the number of target objects -within an environment (users, hosts, mailboxes, etc.), and the applicable factors listed above for -the specific solution. - -### Customer Examples of Database Sizing - -The overall database size is ultimately governed by an organization’s auditing objectives. The -examples below provide a glimpse into how these objectives combine with the applicable factors above -to impact the Enterprise Auditor database resource consumption. - -- Example from an Active Directory Solution Customer - - An Active Directory (AD) customer intends to collect AD User/Group/Membership information and - run the standard Active Directory Solution within their environment. In an environment of - 50,000 Users and 200,000 Groups, the database can be 50 GB in size. The expansion of group - information can also require 20 GB of TEMPDB space. -- Example from a Data Access Governance Solution Customer - - A Data Access Governance customer using the File System Solution intends to collect and report - on file system permissions, and optionally to profile size, age, extensions, and ownership of - files in the organization. The database for a typical mid-sized organization could be anywhere - from 60 GB to upward of 240 GB, depending on the number of folders scanned, which can vary - greatly in depth and width. Electing to collect content-related information will also impact - database size. -- Another Example from a Data Access Governance Solution Customer - - A Data Access Governance customer using the File System Solution intends to inventory 1.3 PB - of files spread across 600+ standalone (non-clustered) Windows file servers, collecting - information on file permissions and ages (and possibly, ad hoc, information on file system - activity) with an overall plan to identify stale data, consolidate active data on a subset of - the organization’s file system infrastructure, and to move that active data to a cloud-based - platform like SharePoint Online. Activity monitoring (FSAC) is to be used ad hoc against open - shares to profile resource ownership and also to validate the “staleness” of certain - resources. The database sizing for a project of this scope could be up to 750 GB for the - database, 240 GB for the transaction log, and 380 GB of TEMPDB space. -- Example from an Exchange Solution Customer - - An Exchange customer only intends to collect Mail-Flow Metrics for 100,000 Mailboxes from 10 - HUB Servers in the organization. However, the customer would like to keep six months of - history on User to User Activity sent internally and externally, as well as one year of Server - and User Volume Traffic. This database can grow to around 320 GB. -- Example from a Windows Solution Customer - - A Windows customer intends to audit and retain Success and Failed login events for five member - servers retaining the data for twelve months within their environment. The database can be 100 - GB in size. - -## Securing the Enterprise Auditor Database - -The typical database configuration is to have **sysadmin Server Role** assigned to the ID used to -connect to the SQL instance. It will allow full control over the instance where the Enterprise -Auditor database resides. This configuration is chosen because Enterprise Auditor requires some -interaction with the master database in order to install and configure the initial Enterprise -Auditor database. When it is necessary to secure the Enterprise Auditor database, the following -steps should be followed to achieve the minimum SQL security levels without breaking core Enterprise -Auditor functionality. - -### Database Creation & First Level of Security - -Use SQL Server Management Studio to create the Enterprise Auditor database and configure the -settings for the server roles and user mappings. - -![SQL Server Management Studio create New Database](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/createnewdatabase.webp) - -**Step 1 –** Create a new database for use with Enterprise Auditor. Right-click on the **Databases** -node and choose **New Database**. - -![SQL Server Management Studio New Database window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/newdatabase.webp) - -**Step 2 –** Set the **Database name**. Set any other desired data files configuration per company -standards. Click **OK** on the New Database window. - -**_RECOMMENDED:_** Enter Enterprise Auditor as the Database name. - -![SQL Server Management Studio create New Login](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/newlogin.webp) - -**Step 3 –** Create a new SQL Login account by right-clicking on the **Security** > **Logins** -folder and selecting **New Login**. - -**Step 4 –** Choose the authentication mode as the login type for use with the newly created -Enterprise Auditor database. The available options are Windows authentication and SQL Server -authentication. - -![SQL Server Management Studio new login with Windows authentication](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/loginwindows.webp) - -- If **Windows authentication** is desired, then click **Search** and select the desired Windows - account, which has been set up for use with Enterprise Auditor. - -![SQL Server Management Studio new login with SQL Server authentication](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/loginsql.webp) - -- **_RECOMMENDED:_** If **SQL Server authentication** is desired, use a login name called Enterprise - Auditor. - -**NOTE:** Set the **Default Database** as Enterprise Auditor (or the desired Enterprise Auditor -database) and choose English as the **Default Language**. - -![SQL Server Management Studio New Login User Mapping](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/loginusermapping.webp) - -**Step 5 –** Navigate to the **User Mapping** menu, select the Enterprise Auditor (or the desired -Enterprise Auditor database) database, and set the **Default Schema** to **DBO**. - -**Step 6 –** In the **Database role membership** section, set the role to **db_owner**. Click **OK** -to save new user configuration information and continue on to configure the Enterprise Auditor -Console. - -**Step 7 –** Configure the Enterprise Auditor Console to access the assigned database using the -newly secured login account. - -**NOTE:** This step requires the completion of the Enterprise Auditor installation. See the -[Enterprise Auditor Core Installation](/docs/accessanalyzer/11.6/installation/application/install.md) -topic for instructions. - -![Storage Profile configuration page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/storageprofile.webp) - -**Step 8 –** Launch Enterprise Auditor and navigate to **Settings** > **Storage**. - -- Select the Storage Profile and enter the name of the SQL Server in the **Server name** field and - **Instance Name**, if applicable. -- Enter the name of the Enterprise Auditor database in the **Use existing database** field. -- Choose the authentication method which matches the secure login that was created in Step 4, either - **Windows authentication** or **SQL Server authentication**. If using SQL Server authentication, - enter the **User name** and **Password**. - -![Connection report window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/connectionreport.webp) - -- Click **Apply** and a Connection report window will open. Verify that the connection and test - table drop were performed successfully. -- Click **Close** on the Connection report window and then **Save** the new Storage Profile. - -![Change storage profile dialog](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/changestorageprofile.webp) - -**NOTE:** If previously connected to another database which already had the Enterprise Auditor DB -schema applied, then a prompt should appear to merge the host management data. Choose the -appropriate options and then click **OK** to migrate data. - -**Step 9 –** Make sure to close and re-open the Enterprise Auditor Console before continuing to -configure or use Enterprise Auditor if a new database Storage Profile was chosen as the default. - -The **blue arrow** signifies the default profile was changed but does not take effect until the -required restart of the Enterprise Auditor Console. - -See the -[Enterprise Auditor Initial Configuration](/docs/accessanalyzer/11.6/installation/application/first-launch.md) -topic to perform these steps during the initial configuration process after installation. - -### Second Level of Security - -For second level security of the SQL Server database, use the script provided in the -[Database Permissions](#database-permissions) section. diff --git a/docs/accessanalyzer/11.6/installation/application/first-launch.md b/docs/accessanalyzer/11.6/installation/application/first-launch.md deleted file mode 100644 index c6f78fa6e2..0000000000 --- a/docs/accessanalyzer/11.6/installation/application/first-launch.md +++ /dev/null @@ -1,124 +0,0 @@ -# Enterprise Auditor Initial Configuration - -Once the Enterprise Auditor installation process is complete, and before performing actions within -Enterprise Auditor, the initial settings for the Enterprise Auditor Console must be configured. - -![Newrix Access Governance shortcut](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/shortcut.webp) - -**Step 1 –** Launch the Enterprise Auditor application. The installation wizard places the -Enterprise Auditor icon on the desktop. - -![Configuration Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page of the Enterprise Auditor Configuration Wizard, click **Next** to -continue. - -![Configuration Wizard Version Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/versionselection.webp) - -**Step 3 –** On the Version Selection page, select the **I have no previous versions to migrate data -from** and click **Next** to continue. - -**NOTE:** If you are upgrading from a previous version of Enterprise Auditor, select **Choose a -StealthAUDIT root folder path to copy from**. See the -[Enterprise Auditor Console Upgrade](/docs/accessanalyzer/11.6/installation/application/upgrade.md) -topic for additional information. - -![SQL Server Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/sqlserver.webp) - -**Step 4 –** Configure the options on the SQL Server Settings page. - -- Server name – Enter the database server host name (NetBIOS name, FQDN, or IP Address) -- Instance name – If the SQL Server is configured to use an instance name, provide the instance name - in the text box. If not, leave this text box blank. - - - To change the instance port number, provide the instance name in the format - `,`. For example, if using the default **MSSQLSERVER** instance and port - **12345**, the instance name should be entered as `MSSQLSERVER,12345`. - -- Command timeout [number] minutes – Number of minutes before Enterprise Auditor halts any SQL - queries running for that amount of time. This prevents SQL queries from running excessively long. - The default is 1440 minutes. -- Windows authentication – Leverages the account used to open the Enterprise Auditor Console. This - option will use Windows NT Authentication to authenticate to the SQL Server. It also requires the - Schedule Service Account to have proper permissions on the SQL database. -- SQL Server authentication – Leverages an account created within the SQL Server. - - - User name and password – If SQL Server authentication is selected, provide the **User name** - and **Password** for the SQL account. - - Specify a new password below – Specify a new password for the SQL server. - -- Use existing database – Confirm the SQL Server connection has been established by selecting the - radio button for **Use existing database** and clicking the drop-down arrow. If a listing of - databases appears, then the connection has been established. Select this option to use a - pre-existing database. Then select a database from the drop-down menu of available databases. -- Create new database – Select this option to create a new database during the configuration of the - storage profile. Enter a unique, descriptive name for the new database. If multiple databases - might exist for Enterprise Auditor, then the default name of Enterprise Auditor is not - recommended. - -See the -[Securing the Enterprise Auditor Database](/docs/accessanalyzer/11.6/installation/application/database-setup.md#securing-the-enterprise-auditor-database) -topic for additional information on creating a SQL Server database for Enterprise Auditor. - -**Step 5 –** Click **Next**. - -- If SQL Server authentication is used, the Options page is displayed next. Skip to Step 7. -- If Windows Server authentication is used, the **Schedule Account** page is enabled for - configuration. Continue to Step 6. - -![Schedule Account Configuration page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/scheduleaccount.webp) - -**Step 6 –** (Windows Authentication Only) Configure the schedule service account on the Scheduling -page. The account configured here must be an Active Directory account and must have rights to the -Enterprise Auditor Console server’s local Task folders as well as sufficient rights to the -Enterprise Auditor database. - -There are two options that can be selected: - -- Skip this step, I will configure a schedule service account later – Select this radio button to - skip this step and configure the schedule service account later -- Use the following service for account – Select this radio button to configure the schedule service - account and enter the following information: - - - Domain – The domain for the service account - - User name – The user name for the service account - - Password – The password for the service account - - Confirm – Re-enter the password for the service account - -![Configuration wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -**Step 7 –** On the Options page, select whether to send usage statistics to Netwrix to help us -improve our product. After the Usage Statistics option is set as desired, click **Next** to -continue. - -- If selected, usage statistics are collected and sent to Netwrix - - - Upon startup of the Enterprise Auditor console, the system checks if usage statistics have - been sent in the last 7 days. If they have not been, stored procedures run against the - Enterprise Auditor database and gather data about job runs, access times, and environmental - details like resource counts, users counts, number of exceptions, and so on. This data is then - sent back to Netwrix to help us identify usage trends and common pain points, so that we can - use this information to improve the product. - - Only anonymous statistic-level data is included. No private company or personal data is - collected or sent to Netwrix. - -- If cleared, no usage statistics are collected or sent to Netwrix - -![Progress page when upgrade process has completed](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) - -**Step 8 –** After the Enterprise Auditor Configuration Wizard finishes configuring your -installation, click **Finish** to open the Enterprise Auditor Console. - -**NOTE:** To view the log for the setup process, click **View Log** to open it. If you need to view -the log after exiting the wizard, it is located in the installation directory at -`..\STEALTHbits\StealthAUDIT\SADatabase\Logs`. See the -[Troubleshooting](/docs/accessanalyzer/11.6/administration/maintenance/troubleshooting.md) -topic for more information about logs. - -![Netwrix Acces Governance Settings Node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/settingsnode.webp) - -The Enterprise Auditor Console is now ready for custom configuration and use. There are a few -additional steps to complete in order to begin collecting data, such as configuring a Connection -Profile and a Schedule Service account as well as discovering hosts and setting up host lists. See -the [Getting Started](/docs/accessanalyzer/11.6/getting-started/quick-start.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/installation/application/install.md b/docs/accessanalyzer/11.6/installation/application/install.md deleted file mode 100644 index 94b418bd96..0000000000 --- a/docs/accessanalyzer/11.6/installation/application/install.md +++ /dev/null @@ -1,144 +0,0 @@ -# Installation & Configuration Overview - -This section provides instructions for installing Enterprise Auditor and the initial configuration -required when first launching the Enterprise Auditor Console. It also includes additional -information, such as how to secure the Enterprise Auditor Database, and configuring the Web Console -for viewing reports outside of the Enterprise Auditor Console. - -Prior to installing Enterprise Auditor, please ensure that all of the prerequisites have been met. -See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for more information. - -## Binaries - -There are a variety of Enterprise Auditor binaries based on the organizational auditing objectives. -Your Netwrix Representative will provide the appropriate binaries. - -- Enterprise Auditor binary – Core installation package - - - Includes data collectors, analysis modules, and action modules - - An organization’s license key, needed during installation, controls which components are laid - down during installation - - Installs the Web Console - -- File System Proxy binary – Installation package for the File System Proxy Scanning option - - - See the - [File System Proxy Service Installation](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) - topic for additional information. - -- Activity Monitor binary – Installation package for monitoring Windows and NAS device file system - activity - - - See the Installation topic of the - [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) - for additional information. - -- Sensitive Data Discovery Add-on binary – Installation package for File System and/or SharePoint - Sensitive Data Discovery Add-on - - - See the - [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) - topic for additional information. - -- SharePoint Agent binary – Installation package for the SharePoint Agent (optional for Access - Auditing of SharePoint farms) - - - See the - [SharePoint Agent Installation](/docs/accessanalyzer/11.6/installation/sharepoint-agent/install.md) - topic for additional information. - -- Enterprise Auditor MAPI CDO binary – One of two installation package needed to enable the Exchange - Solution - - - See the - [StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/11.6/configuration-guides/stealthaudit/configuration.md) - topic for additional information. - -- Enterprise Auditor Reporting Services binary – Installation package for Survey Action Module - Reporting Service -- Netwrix Access Information Center binary – Installation package for the Netwrix Access Information - Center - - - Customers who are logged in to the Netwrix Customer Portal can download the latest version of - their software products from the My Products page: - [https://www.netwrix.com/my_products.html](https://www.netwrix.com/my_products.html). See the - [Customer Portal Access](https://helpcenter.netwrix.com/bundle/NetwrixCustomerPortalAccess/page/Customer_Portal_Access.html) - topic for information on how to register for a Customer Portal account. - - See the - [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) - for additional information. - -## License Key - -Your Netwrix Representative will provide the necessary license key. The Enterprise Auditor license -key (`StealthAUDIT.lic`) is needed for the Enterprise Auditor Core Installation. See the -[Enterprise Auditor Core Installation](/docs/accessanalyzer/11.6/installation/application/install.md) -topic for additional information. - -To grant access to additional Solution sets in an existing Enterprise Auditor installation, a new -license key is required. To update the Enterprise Auditor license key without installing a new -version of the Enterprise Auditor Console, see the -[Update License Key](/docs/accessanalyzer/11.6/installation/application/license.md) -topic for instructions. - -# Enterprise Auditor Core Installation - -Save the organization’s Enterprise Auditor license key, received from your Netwrix Sales -Representative, to the server where Enterprise Auditor is to be installed. Then follow the steps to -install Enterprise Auditor. - -**NOTE:** The process explained in this topic assumes that both the downloaded binary and the -license (.lic) file are located on the server which will become the Enterprise Auditor Console. - -**CAUTION:** If User Account Control (UAC) is enabled on the server, ensure the installation package -is run in Administrative/privilege mode. - -**Step 1 –** Run the **Netwrixaccessanalyzer.exe** executable to open the Enterprise Auditor -Setup Wizard. - -![Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page, click **Next** to begin the installation. - -![ End User License Agreement](/img/versioned_docs/changetracker_8.0/changetracker/install/eula.webp) - -**Step 3 –** On the End-User License Agreement page, read the End User License Agreement, then check -the **I accept the terms in the License Agreement** box and click **Next**. - -![Destinations Folder page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/destination.webp) - -**Step 4 –** On the Destination Folder page, click **Change** to select the folder location to -install Enterprise Auditor. The default destination folder is -`C:\Program Files (x86)\STEALTHbits\StealthAUDIT\`. Click **Next** to continue. - -| | | | -| -------------------------------------------------------------------------------------------------------- | --- | ------------------------------------------------------------------------------------------------------------------------------------ | -| ![License File page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/license.webp) | | ![License File page with mapped file](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/licensemapped.webp) | -| Default License File Page | | Mapped License File | - -**Step 5 –** On the License File page, click **Browse** and navigate to your **StealthAUDIT.lic** -file. When the path to the file is visible in the textbox, click **Next**. - -**NOTE:** The license file must be stored on the Enterprise Auditor Console server before the -installation begins. - -![License Features page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/licensefeatures.webp) - -**Step 6 –** The License Features page displays a list of all features covered by the imported -license. It also displays the name of the organization which owns the license, the expiration date, -and the host limit. These are the features that will be installed. Click **Next**. - -![Ready to install Netwrix Access Governance page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/ready.webp) - -**Step 7 –** On the Ready to install Enterprise Auditor page, click **Install** to begin the -installation. - -![Setup Wizard Completed page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) - -**Step 8 –** When the installation has completed, click **Finish** to exit the wizard. - -The Enterprise Auditor Console has been installed, and two desktop icons have been created: -Enterprise Auditor and Published Reports. Launch the Enterprise Auditor application to complete the -initial configuration. diff --git a/docs/accessanalyzer/11.6/installation/application/license.md b/docs/accessanalyzer/11.6/installation/application/license.md deleted file mode 100644 index 25a26c305a..0000000000 --- a/docs/accessanalyzer/11.6/installation/application/license.md +++ /dev/null @@ -1,57 +0,0 @@ -# Update License Key - -It is necessary to install a new license key for an existing Enterprise Auditor installation due to -the following: - -- To renew a Enterprise Auditor license that is due to expire -- To grant access to additional Solutions - -In these situations it is possible to update the license file without going through the full -installation process. - -## Install a New License File - -Follow the steps to update the Enterprise Auditor license key without installing a new version of -the Enterprise Auditor Console. - -**Step 1 –** Ensure the new `StealthAUDIT.lic` license file is stored locally on the Enterprise -Auditor Console server in order to be referenced during the installation process. - -![Windows Control Panel Uninstall or change a program window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/controlpaneluninstall.webp) - -**Step 2 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and -Features**), select the Enterprise Auditor application and click **Change**. - -![Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -**Step 3 –** On the Welcome page, click **Next**. - -![Setup Wizard Change, Repair, or Remove Installation page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/change.webp) - -**Step 4 –** On the Change, Repair, or Remove Installation page, click **Change**. - -| | | | -| -------------------------------------------------------------------------------------------------------- | --- | ------------------------------------------------------------------------------------------------------------------------------------ | -| ![License File page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/license.webp) | | ![License File page with mapped file](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/licensemapped.webp) | -| Default License File Page | | Mapped License File | - -**Step 5 –** On the License File page, click **Browse** and navigate to the **StealthAUDIT.lic** -file. It must be stored on the Enterprise Auditor Console server before the installation begins. -When the path to the file is visible in the text box, click **Next**. The license will be imported. - -![License Features page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/licensefeatures.webp) - -**Step 6 –** The License Features page displays a list of all features covered by the imported -license. It also displays the name of the organization which owns the license, the expiration date, -and the host limit. These are the features that will be installed. Click **Next**. - -![Setup Wizard Ready to change page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/ready.webp) - -**Step 7 –** On the Ready to Change Enterprise Auditor page, click **Change** to begin the update. - -![Setup Wizard Completed page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) - -**Step 8 –** When the installation has completed, click **Finish** to exit the wizard. - -The new license file has been imported. If the license granted access to any additional solutions, -they will now be accessible from within the Enterprise Auditor Console. diff --git a/docs/accessanalyzer/11.6/installation/application/upgrade.md b/docs/accessanalyzer/11.6/installation/application/upgrade.md deleted file mode 100644 index 43202e7515..0000000000 --- a/docs/accessanalyzer/11.6/installation/application/upgrade.md +++ /dev/null @@ -1,335 +0,0 @@ -# Enterprise Auditor Console Upgrade - -Enterprise Auditor 11.6 uses the Upgrade Wizard. For upgrades from versions of Enterprise Auditor -that are no longer supported, contact [Netwrix Support](https://www.netwrix.com/support.html) for -assistance. - -**NOTE:** If any customizations have been done by a Netwrix Engineer, please ensure custom work is -not lost during the upgrade process. While using the Upgrade Wizard, customizations are archived -prior to solution upgrades. These archives are available after the solution upgrades have been -completed. Contact [Netwrix Support](https://www.netwrix.com/support.html) for additional -information. - -The purpose of this document is to provide the basic steps needed for upgrading Enterprise Auditor -and the stock solutions. Contact [Netwrix Support](https://www.netwrix.com/support.html) for -additional information. - -See the [What's New](/docs/accessanalyzer/11.6/getting-started/whats-new.md) topic for -release information. - -## Considerations - -Multiple Enterprise Auditor Consoles Connecting to the Same Database - -In environments where multiple Enterprise Auditor Consoles are using the same SQL Server database, -every console using the database must also be updated. The act of connecting a Enterprise Auditor -Console with a newer version to a database updates the database’s schema pursuant to the new -definition. If a Enterprise Auditor Console with an older version connects to the same database -after the schema has been updated, corruption to Enterprise Auditor’s system tables can result. - -SQL Server Supported Version Change for the Enterprise Auditor Database - -With the release of Enterprise Auditor v11.6, SQL Server 2016 through SQL Server 2022 are the -supported versions for the Enterprise Auditor database. - -To grant access to additional Solutions in an existing Enterprise Auditor installation, a new -license key is required. To update the Enterprise Auditor license key without installing a new -version of the Enterprise Auditor Console, see the -[Update License Key](/docs/accessanalyzer/11.6/installation/application/license.md) -topic for instructions. - -License Key Changes - -The following changes in licensing requires the organization needing a new key: - -- Enterprise Auditor v11.6 - - - No additional licenses are required for this version - -- StealthAUDIT v11.5 - - No additional licenses are required for this version -- StealthAUDIT v11.0 - - The new Data Privacy functionality is now a licensable feature. - - All database platforms are available as part of a single SQL license. -- StealthAUDIT v10.0 - - The new Amazon Web Services (AWS) Solution and the AWS Data Collector is now a licensable - feature. - -See the -[Update License Key](/docs/accessanalyzer/11.6/installation/application/license.md) -section for instructions on updating the license key. - -# Solution Upgrade Considerations - -The following items must be taken into consideration for upgrades: - -Access Information Center - -- Should be upgraded at the same time as Enterprise Auditor. - - **NOTE:** The Enterprise Auditor upgrade should be completed first. - -See the Upgrade Procedure for Enterprise Auditor topic in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter)[ ](https://www.stealthbits.com/jdownloads/Documentation%20User%20Guides%20PDF/Stealthbits_AIC_InstallConfigGuide.pdf)for -instructions. - -Sensitive Data Discovery Add-on - -- Needs to be updated on all servers where it was installed. See the - [Upgrade Sensitive Data Discovery Add-on](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/upgrade.md) - topic for instructions. -- **CAUTION:** The new global Settings will overwrite any previously configured criteria. Make a - note of any configured Sensitive Data Criteria before upgrading Enterprise Auditor. Sensitive Data - Criteria must be reconfigured after an upgrade. - -With the new global experience, sensitive data criteria selection is configured globally and used by -default in all solution sets. See the -[Configure Global Sensitive Data Settings](#configure-global-sensitive-data-settings) for additional -information. - -Active Directory Solution Considerations - -- For Activity – Ensure the Netwrix Activity Monitor is a compatible version. See the Upgrade - Instructions in the - [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) - for additional information. - -File System Solution Considerations - -- For Proxy Mode as a Service – File System Proxy Service needs to be updated on the proxy servers. - See the - [Upgrade Proxy Service Procedure](/docs/accessanalyzer/11.6/installation/filesystem-proxy/upgrade.md) - topic for instructions. -- For Activity – Ensure the Netwrix Activity Monitor is a compatible version. See the Upgrade - Instructions in the - [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) - for additional information. - -SharePoint Solution Considerations - -- For SharePoint Agent – Enterprise Auditor SharePoint Agent needs to be updated on the SharePoint - server where it was installed. See the - [Upgrade SharePoint Agent](/docs/accessanalyzer/11.6/installation/sharepoint-agent/upgrade.md) - section for instructions. -- For Activity – Ensure the Stealthbits Activity Monitor is a compatible version. See the Upgrade - Instructions in the - [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) - for additional information. - -The following binary component versions are required for Enterprise Auditor v11.6: - -| Component | Version | -| ----------------------------------- | ------- | -| Access Information Center | 11.6 | -| Netwrix Activity Monitor | 8.0 | -| File System Proxy Service | 11.6 | -| Sensitive Data Discovery Add-on | 11.6 | -| Enterprise Auditor SharePoint Agent | 11.6 | - -## File System Solution Upgrade - -After upgrading to Enterprise Auditor 11.6, run the latest version of the **File System** > -**0.Collection** > **0-Create Schema** job to migrate the File System Solution to the latest -database schema. - -This database schema migration should be performed before running other jobs in the File System -Solution after upgrading to Enterprise Auditor 11.6. - -See the -[File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -topic for additional information. - -## Configure Global Sensitive Data Settings - -**CAUTION:** The new global Settings will overwrite any previously configured criteria. Make a note -of any configured Sensitive Data Criteria before commencing the upgrade Enterprise Auditor. -Sensitive Data Criteria must be reconfigured after an upgrade. - -If Sensitive Data Criteria are configured differently for each solution, re-configure the criteria -selection at the solution level. See the -[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md) -topic and the topic for the applicable solution for additional information. - -If the same Sensitive Data Criteria are used for all solutions, configure the criteria selection at -the global **Settings** > **Sensitive Data** node, which will then be used by default in all -solutions. See the -[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md) -topic for additional information. - -Follow the steps to configure Sensitive Data Criteria at the global level. - -**Step 1 –** The Sensitive Data node provides configuration options to manage sensitive data -criteria and false positive exclusion filters. These settings require the Sensitive Data Discovery -Add-on. See the -[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md) -topic for additional information. - -![Global Settings Sensitive Data node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/sensitivedata.webp) - -**Step 2 –** If the same Sensitive Data Criteria are used for all solutions, configure the criteria -selection at the global Settings level, which will then be used by default in all solution sets. -Navigate to the **Settings** > **Sensitive Data** node and click **Add** to open the Select Criteria -window. - -![Sensitive Data Select Criteria window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/selectcriteria.webp) - -**Step 3 –** Select the desired criteria. Use the **Search Criteria** text field to filter the list -using keywords or expand each category to view and select individual Sensitive Data search criteria, -then click **OK**. - -By default, Sensitive Data Criteria configured at the global Settings level is inherited down to the -applicable solutions. - -# Enterprise Auditor Core Upgrade Instructions - -**CAUTION:** If Role Based Access has been enabled, a user with the Administrator role must perform -the upgrade. Other user roles do not have the necessary permissions to perform upgrades. - -Follow the steps to upgrade to Enterprise Auditor 11.6 on the same server where an older version of -Enterprise Auditor is installed. - -**NOTE:** If any customizations have been done by a Netwrix Engineer, please ensure the custom work -is not lost during the upgrade process. While using the Upgrade Wizard, customizations are archived -prior to solution upgrades. These archives are available after the solution upgrades have been -completed. Contact [Netwrix Support](https://www.netwrix.com/support.html) for additional -information. - -**CAUTION:** The new global Settings will overwrite any previously configured Sensitive Data -criteria. Make a note of any configured Sensitive Data Criteria before upgrading Enterprise Auditor. -Sensitive Data Criteria must be reconfigured after an upgrade. See the -[Configure Global Sensitive Data Settings](/docs/accessanalyzer/11.6/installation/application/upgrade.md#configure-global-sensitive-data-settings) -topic for additional information. - -![Windows Control Panel Uninstall or change a program window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/controlpaneluninstall.webp) - -**Step 1 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and -Features**), uninstall the previous version of Enterprise Auditor. Jobs, application configuration -files, and reports remain in the installation directory after the uninstall process. - -- The `WebServer.exe.config` file is automatically retained in a Backup folder created under the Web - folder of the installation directory. Any custom application settings contained in this file are - kept as part of this upgrade process. - -![Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -**Step 2 –** Install Enterprise Auditor 11.6. See the -[Enterprise Auditor Core Installation](/docs/accessanalyzer/11.6/installation/application/install.md) -topic for detailed instructions. - -- Before installation, ensure the new `StealthAUDIT.lic` license file is stored locally on the - Enterprise Auditor Console in order to be referenced during the installation process -- Enterprise Auditor is installed to the following directory by default: - `…\STEALTHbits\StealthAUDIT` - - If another installation path is designated, please be sure to leave `STEALTHbits\StealthAUDIT` - as the path suffix in the installation wizard. - -- During the installation, any customizations to the settings in the `WebServer.exe.config` file are - automatically restored from the backup file retained when installing the previous version. The - `../Web/Backup` folder is deleted after the settings have been restored. - -After the installation is completed, the upgrade wizard launches from the Enterprise Auditor desktop -icon. - -## Upgrade Wizard - -Once the Enterprise Auditor installation process is complete, it is necessary to go through the -Upgrade Wizard. There are three Upgrade options for a solution: - -- Full Upgrade – Performs a full synchronization of the directory and file structure of the solution - to mirror the Instant Solution -- Upgrade in place – Performs file content updates of jobs matching the Instant Solutions but does - not change the Jobs tree structure -- Do not upgrade – No upgrade is performed, leaving the previous version of the solution - -The default settings configured within the Advanced Upgrade Options window align with the best -practices of the Netwrix Professional Services and Support teams. - -The Upgrade Wizard conducts the following actions according to the State identified and whether the -Upgrade action is set to **Full Upgrade** or **Upgrade in place**: - -| State | Condition | Action: Full Upgrade | Action: Upgrade in place | -| -------- | ----------------------------------------------------------------------------------- | -------------------- | ------------------------ | -| Normal | Job exists in Locked state and has matching ID in Instant Solutions | Upgrade | Upgrade | -| New | Job exists in Instant Solutions but not in the Jobs tree for an existing solution | Install | Install | -| Removed | Job exists in Locked state in the Jobs tree but does not exist in Instant Solutions | Delete | Nothing | -| Copied | Original job exists in original location, but multiple instances of the job exists | Delete | Upgrade | -| Moved | Original job exists but in a different location than in the Instant Solutions | Move & Upgrade | Upgrade | -| Renamed | Job found via ID match but was renamed | Rename & Upgrade | Upgrade | -| Conflict | Changes have been made to the job | Overwrite | Overwrite | - -Conflicts are identified when customizations have been made by either a user or a Netwrix engineer. -Conflicts need to be either resolved prior to the upgrade action or manually applied after the -upgrade is complete. Conflict resolution can be done on the Changes window by undoing a -customization. However, if the conflict is undone prior to a solution upgrade, then the -customization will not be archived. - -**CAUTION:** If Role Based Access has been enabled, a user with the Administrator role must perform -the upgrade. Other user roles do not have the necessary permissions to perform upgrades. - -Follow the steps to use the Upgrade Wizard. - -**Step 1 –** Launch the Enterprise Auditor application. The installation wizard placed the -Enterprise Auditor icon on the desktop. - -![Configuration Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -**Step 2 –** The Enterprise Auditor Configuration Wizard opens. Click **Next** to continue. - -**NOTE:** When Enterprise Auditor11.6 is installed on a server where a previous version of -Enterprise Auditor had been installed, the Version Selection page of the Configuration Wizard will -not appear. - -![Configuration Wizard Solution Set Files page with conflicts](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/solutionsetfiles.webp) - -**Step 3 –** On the Solution Set Files page, only upgrade conflicts are displayed by default. - -**_RECOMMENDED:_** Investigate the changes where conflicts have been identified before proceeding. - -**Step 4 –** (Optional) Select an item with the Conflict State and click **View conflicts** to open -the Changes window. - -Additional options include: - -- Show upgrade conflicts only – Displays upgrade actions for all solutions -- Advanced – Opens the Advanced Upgrade Options window to view or modify the Upgrade option per - solution - -![View conflicts in the Changes window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/changes.webp) - -**Step 5 –** (Optional) Conflicts can be resolved on the Changes window, which is opened by the -**View conflicts** button. Remember, if the conflict is resolved prior to a solution upgrade, then -the customization will not be archived. To resolve a conflict, select it from the list and click -**Undo**. - -**Step 6 –** When the Upgrade options have been set as desired. Click **Next**. - -![Configuration wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -**Step 7 –** On the Options page, select whether to send usage statistics to Netwrix to help us -improve our product. After the Usage Statistics option is set as desired, click **Next** to -continue. - -- If selected, usage statistics are collected and sent to Netwrix - - - Upon startup of the Enterprise Auditor console, the system checks if usage statistics have - been sent in the last 7 days. If they have not been, stored procedures run against the - Enterprise Auditor database and gather data about job runs, access times, and environmental - details like resource counts, users counts, number of exceptions, and so on. This data is then - sent back to Netwrix to help us identify usage trends and common pain points, so that we can - use this information to improve the product. - - Only anonymous statistic-level data is included. No private company or personal data is - collected or sent to Netwrix. - -- If cleared, no usage statistics are collected or sent to Netwrix - -![Configuration Wizard Progress page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/progress.webp) - -**Step 8 –** The Upgrade Progress page opens and displays the progress of the upgrade actions. When -the action completes, click **Finish**. - -The Upgrade Wizard closes, and Enterprise Auditor launches. The archived Jobs directory is in a ZIP -file located within the Jobs directory: `…\STEALTHbits\StealthAUDIT\Jobs`. - -The ZIP file name reflects the date and time of the upgrade. For example, the file name for an -upgrade performed on June 4, 2023 at approximately 6 PM would be: `20230604180542.zip`. diff --git a/docs/accessanalyzer/11.6/installation/filesystem-proxy/configure.md b/docs/accessanalyzer/11.6/installation/filesystem-proxy/configure.md deleted file mode 100644 index 11ed6ce54d..0000000000 --- a/docs/accessanalyzer/11.6/installation/filesystem-proxy/configure.md +++ /dev/null @@ -1,26 +0,0 @@ -# File System Data Collection Configuration for Proxy as a Service - -To employ the proxy mode as a service scan for collecting file system data from the target host, -navigate to the **FileSystem** > **0.Collection** > **…System Scans** jobs and open the File System -Access Auditor Data Collector Wizard from the job’s query. - -On the Applet Settings wizard page, select the following option: - -- Require applet to be running as service on target – Must be selected in the Applet Launch - Mechanism section to prevent the deployment of the applet or the ad hoc installation of the - service during the scan - -On the Scan Server Selection wizard page, select either of the following options: - -- Specific Remote Server – Assigns the data collection processing to the server specified in the - textbox -- Specific Remote Servers by Host List – Assigns the data collection processing to the proxy servers - in the host list selected within the wizard via the **Select Hosts Lists** button - -See the -[FSAA Query Configuration](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md#fsaa-query-configuration) -topic for additional information. - -**_RECOMMENDED:_** When choosing to use proxy mode as a service for any of the File System Solution -**…System Scans** jobs, set proxy mode as a service for all of the **…System Scans** jobs that are -scheduled to run together. diff --git a/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md b/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md deleted file mode 100644 index e403989562..0000000000 --- a/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md +++ /dev/null @@ -1,270 +0,0 @@ -# File System Proxy as a Service Overview - -The File System Solution can be enabled to use proxy servers for scanning targeted file systems in -very large or widely dispersed environments. - -When File System scans are run in proxy mode as a service, there are two methods available for -deploying the service: - -- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be - installed on the Windows proxy servers prior to executing the scans. This is the recommended - method. -- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the - Windows proxy server when the job is executed - -The data collection processing is conducted by the proxy server where the service is running and -leverages a local mode-type scan to each of the target hosts. The final step in data collection is -to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to -the Enterprise Auditor Console server. - -Communication between the Enterprise Auditor Console Server and the proxy server is secure by -default using HTTPS requests. - -The version of the proxy service must match the major version of Enterprise Auditor. - -See the -[File System Solution](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for information on the required prerequisites. - -## Supported Platforms - -The File System Proxy Service for the Enterprise Auditor File System Solution can be installed on -the following Windows operating systems: - -- Windows Server 2022 -- Windows Server 2019 -- Windows Server 2016 - -## Proxy Scanning Architecture - -Enterprise Auditor is configured by default to process data collection against ten target hosts -simultaneously. When File System scans are run in local mode ten hosts process simultaneously, and -processing against the eleventh host begins after the processing against the first host is -completed. Proxy scanning architecture supports large deployments or widely dispersed environments. - -A proxy server is any server that can be leveraged to process data collection against target hosts. - -**CAUTION:** The File System Proxy Service cannot be installed on the same server as Enterprise -Auditor. - -Two options are available for implementing the proxy scanning architecture: - -- Proxy mode with applet -- Proxy mode as a service - -### Proxy Mode with Applet - -When File System scans are run in proxy mode with applet, it means the File System applet is -deployed to the Windows proxy server when the job is executed to conduct data collection. The data -collection processing is initiated by the proxy server where the applet is deployed and leverages a -local mode-type scan to each of the target hosts. The final step in data collection is to compress -and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Enterprise -Auditor Console server. - -![Diagram of Enterprise Auditor server sending an FSAA applet to a proxy server](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/proxymodewithapplet.webp) - -The diagram illustrates the Enterprise Auditor server sending an FSAA applet to a proxy server, -which runs the scan against a file server, and then returns data to the Enterprise Auditor server. - -### Proxy Mode as a Service - -When File System scans are run in proxy mode as a service, there are two methods available for -deploying the service: - -- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be - installed on the Windows proxy servers prior to executing the scans. This is the recommended - method. -- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the - Windows proxy server when the job is executed - -The data collection processing is conducted by the proxy server where the service is running and -leverages a local mode-type scan to each of the target hosts. The final step in data collection is -to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to -the Enterprise Auditor Console server. - -The proxy communication is configured during the installation of the service on the proxy server and -certificate exchange options are configured via the Applet Settings page of the File System Access -Auditing Data Collector Wizard. The credential provided for the secure communications in the -installation wizard is also added to the Enterprise Auditor Connection Profile assigned to the File -System Solution. - -See the -[File System Proxy Service Installation](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) -topic for additional information. - -![Diagram of Enterprise Auditor server communicating securely with the proxy service on a proxy server](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp) - -The diagram illustrates the Enterprise Auditor server communicating securely with the proxy service -on a proxy server, which runs the scan against a file server, collecting the data locally and -securely. Then the proxy service returns data securely to the Enterprise Auditor server. - -When a proxy mode scan is initiated from the Enterprise Auditor Console, it will distribute hosts to -be scanned across all proxy hosts. Enterprise Auditor monitors the scans from the central console. -Once all proxy hosts have completed scanning, all results and SQLite databases are returned to the -Enterprise Auditor Console server. - -![Diagram of difference between an implementation with and without proxy servers](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/fsaaproxyarchitecture.webp) - -The diagram shows the difference between an implementation of Enterprise Auditor without proxy -servers (on the left) and with proxy servers (on the right). On the right side of the diagram, the -scans have been configured to use the local host and two additional proxy servers to perform the -FSAA Data Collector scans. This allows it to execute three times as many concurrent hosts than would -be possible without proxy servers. This provides a clear benefit in scalability and scan times. - -The proxy functionality for the FSAA Data Collector provides security and reliability. - -_Remember,_ It is recommended that the File System Proxy Service is installed on the proxy server -before running File System scans in proxy mode as a service. Once installed, the FileSystemAccess -(FSAA) Data Collector must be configured to use the service. See the -[File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/11.6/installation/filesystem-proxy/configure.md) -topic for additional information. - -## Sensitive Data Discovery Auditing Consideration - -Sensitive Data Discovery Auditing scans also require the Sensitive Data Add-on – FSAA & SPAA -Agentless (or x86) version of the Sensitive Data Discovery Add-On be installed on the proxy server. -This requirement is in addition to having the Sensitive Data Discovery Add-on installed on the -Enterprise Auditor Console server. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By -default, SDD scans are configured to run two concurrent threads. For example, if the job is -configured to scan 8 hosts at a time with two concurrent SDD threads, then an extra 32 GB of RAM are -required (8x2x2=32). - -# File System Proxy Service Installation - -The File System Proxy installer is designed to simplify the process of setting up File System -Scanning Proxy as a service on the designated proxy server. It is a best practice to use a -specifically provisioned domain account as the File System Proxy service account. Follow the steps -to install the FSAA service on the targeted proxy servers. - -**Step 1 –** Run the `FileSystemProxy.exe` executable. The Netwrix Enterprise Auditor File System -Scanning Proxy Setup wizard opens. - -![File System Proxy Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page, click **Next** to begin the installation. - -![File System Proxy Setup Wizard End-User License Agreement page](/img/versioned_docs/changetracker_8.0/changetracker/install/eula.webp) - -**Step 3 –** On the End-User License Agreement page, select the **I accept the terms in the License -Agreement** checkbox and click **Next**. - -![File System Proxy Setup Wizard Destination Folder page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/destination.webp) - -**Step 4 –** On the Destination Folder page, click **Next** to install to the default folder or -click **Change** to select a different location. Clicking **Change** opens the Change destination -folder page. - -![File System Proxy Setup Wizard Change destination folder page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/changedestination.webp) - -On the Change destination folder page, choose a different destination folder for the installation. - -- Look in – Select which folder or sub-folder to complete installation in using the Look in - drop-down -- Up one level – Click the Up one level button to select the folder one level above the currently - selected one -- Create a new folder – Click to create a new folder for the destination of the installation - -Click **OK** to save changes or click **Cancel** to return to the Destination Folder page without -saving. - -![File System Proxy Setup Wizard Configure Service page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/configureservice.webp) - -**Step 5 –** On the Configure Service page, configure the credential to run the service using the -radio buttons. Then, click **Next**. - -- Run as LocalSystem – Uses the local system to run the File System Proxy service -- Run as a service account – Uses the provisioned credentials provided in the **User Name** and - **Password** fields to run the File System Proxy service. Remember, this account must be a local - Administrator on the proxy server and have the Log on as a service privilege in the proxy server's - Local Security Policy. - -![File System Proxy Setup Wizard Ready to install page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/ready.webp) - -**Step 6 –** On the Ready to install page, click **Install** to start installation. - -![File System Proxy Setup Wizard Completed page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/complete.webp) - -**Step 7 –** When the installation completes, click **Finish** to exit the wizard. - -**NOTE:** If the File System Proxy Service is installed on multiple servers, then a custom host list -of proxy servers should also be created in Netwrix Enterprise Auditor. - -Once the File System Proxy Service has been installed on any proxy server, it is necessary to -configure the File System Solution certificate exchange method for Proxy Mode as a Service. See the -[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -## Custom Parameters for File System Proxy Service - -The port and priority parameters can be modified for the File System Proxy Service on the registry -key: - -HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\StealthAUDITFSAA\ImagePath - -- Port parameter – Only needs to be added to the registry key value if a custom port is used. The - default port of 8766 does not need to be set as a parameter - - Append `-e [PORT NUMBER]` to the ImagePath key value -- Priority parameter – Can be modified so that the service runs as a background priority, which may - be desired if the service has been installed directly on a file server - - - Append `-r 0` to the ImagePath key value - - **NOTE:** If both parameters are added, there is no required order. - - **_RECOMMENDED:_** Stop the Netwrix Enterprise Auditor FSAA Proxy Scanner service before - modifying the registry key. - -Follow the steps to configure these service parameters. - -![Netwrix Enterprise Auditor FSAA Proxy Scanner service in the Services Management Console](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/service.webp) - -**Step 1 –** After installing the File System Proxy Service, open Services Management Console -(`services.msc`). To stop the service, right-click on the Netwrix Enterprise Auditor FSAA Proxy -Scanner service and select **Stop**. - -![File System Proxy ImagePath registry key in the Registry Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/regedit.webp) - -**Step 2 –** Open Registry Editor (`regedit`) and navigate to the following registry key: - -HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\StealthAUDITFSAA\ImagePath - -**Step 3 –** Right-click on the **ImagePath** key and select **Modify**. The Value data was set -during installation according to the installation directory location selected. - -- Priority set to background priority: - - Add `-r 0` to the end of the path value -- Custom Port: - - - Add `-e [PORT NUMBER]` number to the end of the path value - - Example with Port number 1234: - - C:\Program Files (x86)\STEALTHbits\StealthAUDIT\FSAA\StealthAUDITRPC.EXEFSAASrv.DLL -e 1234 - - **NOTE:** The port number needs to be added to the path only if a custom port is used. - -**Step 4 –** Click **OK** and close Registry Editor. - -**Step 5 –** Return to the Services Management Console and start the Netwrix Enterprise Auditor FSAA -Proxy Scanner service. Close the Services Management Console. - -![Port number on File System Access Auditor Data Collector Wizard Applet Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/dcwizardportnumber.webp) - -**Step 6 –** In the Enterprise Auditor Console, navigate to the **FileSystem** > **0.Collection** > -**[Job]** > **Configure** > **Queries** node and open the File System Access Auditor Data Collector -Wizard. On the Applet Settings wizard page, change the **Port number** to the custom port. - -**NOTE:** See the -[File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/11.6/installation/filesystem-proxy/configure.md) -section for additional configurations required to run scans in proxy mode as a service. - -**Step 7 –** Repeat the previous step for each of the **FileSystem** > **0.Collection** jobs to -employ this proxy service. - -The custom port identified is now used for communication between the File System Proxy Service and -Enterprise Auditor. diff --git a/docs/accessanalyzer/11.6/installation/filesystem-proxy/upgrade.md b/docs/accessanalyzer/11.6/installation/filesystem-proxy/upgrade.md deleted file mode 100644 index 9294bf8d9d..0000000000 --- a/docs/accessanalyzer/11.6/installation/filesystem-proxy/upgrade.md +++ /dev/null @@ -1,56 +0,0 @@ -# Upgrade Proxy Service Procedure - -When the Enterprise Auditor Console and File System Solution are upgraded, it is necessary to also -upgrade the File System Proxy Service when running Enterprise Auditor in Proxy Mode as a Service. -This upgrade can be done in two ways: - -- Automatically – An instant job within the Enterprise Auditor Console -- Manually – On each server hosting the proxy service - -**CAUTION:** When upgrading the Proxy Service to 11.6 from a previous version for the first time, -you must manually uninstall the previous version and follow the [Manual Upgrade](#manual-upgrade) -steps below. Subsequent 11.6 upgrades can be done using the automatic upgrade option. - -## Automatic Upgrade - -The **FS_UpdateProxy** Job is available through the Instant Job Wizard. This job updates the File -System Proxy Service on all servers in the assigned host list. Follow the steps to instantiate this -job. - -**Step 1 –** Within the **Jobs** tree, right-click and select **Add Instant Job**. The Instant Job -Wizard window opens. - -**Step 2 –** On the Welcome page, click **Next**. - -![FS_UpdateProxy Job in the Instant Job Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/updateproxyinstantjob.webp) - -**Step 3 –** On the Instant Job page, locate the **Library Name: File System** category group. -Expand the category and select the **FS_UpgradeProxy** Job. Click **Next**. - -**Step 4 –** On the Host Assignment page, select the **Specify individual hosts or host lists** -option and click **Next**. - -**Step 5 –** On the Host Lists page, assign the host lists containing the proxy servers to be -updated . Multiple host lists can be added. Click Next. - -**Step 6 –** On the Individual Hosts page, click **Next**. - -**Step 7 –** Review the Summary and click either **Save & Exit** or **Save & Run Jobs Now**. - -The proxy does not update until the job is run. Once successfully ran, the servers in the assigned -host lists have been updated. - -## Manual Upgrade - -Follow the steps on the servers hosting the File System Proxy Service. - -![Programs and Features](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/uninstall.webp) - -**Step 1 –** Navigate to Programs and Features (**Control Panel** > **Programs** > **Programs and -Features**). Uninstall the previous version of Enterprise Auditor File System Scanning Proxy. - -**Step 2 –** Install the new version of the File System Proxy Service. See the -[File System Proxy Service Installation](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) -topic for instructions. - -The File System Solution can now use the proxy architecture for the latest version of the solution. diff --git a/docs/accessanalyzer/11.6/installation/overview.md b/docs/accessanalyzer/11.6/installation/overview.md deleted file mode 100644 index 1029a8df65..0000000000 --- a/docs/accessanalyzer/11.6/installation/overview.md +++ /dev/null @@ -1,46 +0,0 @@ -# Installation - -The following sections provide instructions for installing and upgrading Enterprise Auditor and -other related components. - -## Enterprise Auditor - -This section provides instructions for installing Enterprise Auditor and the initial configuration -required when first launching the Enterprise Auditor Console. It also includes additional -information, such as how to secure the Enterprise Auditor Database, and configuring the Web Console -for viewing reports outside of the Enterprise Auditor Console. - -See the -[Installation & Configuration Overview](/docs/accessanalyzer/11.6/installation/application/install.md) -topic for additional information. - -## Sensitive Data Discovery Add-on - -The Sensitive Data Discovery Add-On enables Enterprise Auditor to scan files for criteria matches -which indicate the existence of sensitive data. Sensitive Data Discovery scans can be run against -Windows file system servers, Network Attached Storage (NAS) devices, SharePoint on-premises, -SharePoint Online, OneDrive for Business, DropBox for Business, SQL Server databases, and Exchange -mailboxes. - -See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -## File System Proxy Service - -The File System Solution can be enabled to use proxy servers for scanning targeted file systems in -very large or widely dispersed environments. The File System Proxy installer is designed to simplify -the process of setting up File System Scanning Proxy as a service on the designated proxy server. - -See the -[File System Proxy as a Service Overview](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) -topic for additional information. - -## SharePoint Agent - -The SharePoint Agent is capable of auditing permissions and content, or Access Auditing (SPAA) and -Sensitive Data Discovery Auditing, on SharePoint servers. - -See the -[SharePoint Agent Installation](/docs/accessanalyzer/11.6/installation/sharepoint-agent/install.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/installation/reports-configuration/authentication.md b/docs/accessanalyzer/11.6/installation/reports-configuration/authentication.md deleted file mode 100644 index 23c9236a32..0000000000 --- a/docs/accessanalyzer/11.6/installation/reports-configuration/authentication.md +++ /dev/null @@ -1,143 +0,0 @@ -# Enable Multiple Domain Access - -When the `AuthenticationDomains` parameter in the **WebServer.exe.config** file is blank, only -domain users from the domain where the Enterprise Auditor Console resides can access the Web -Console. Access can be granted from other domains when specified within this parameter. - -**NOTE:** Once another domain is added, then it is necessary to also add the domain where the -Enterprise Auditor Console resides. - -All domains provided or enumerated must have a trust relationship with the domain where Enterprise -Auditor resides. Follow the steps to allow access to the Web Console from other domains. - -**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is -located within the Web folder of the Enterprise Auditor installation directory. - -![WebServer.exe.config file in Notepad](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigmultipledomains.webp) - -**Step 2 –** Add the desired domains to the value for the `AuthenticationDomains` parameter: - -``` - -``` - -Use domain name in a comma-separated list. For example: - -``` - -``` - -**Step 3 –** Save and close the file. - -**Step 4 –** Navigate to Services (`services.msc`). Restart the Enterprise Auditor Web Server -service. - -The Web Console can now be accessed from multiple domains. - -**NOTE:** In order for the AIC to be accessed from these domains, this must also be configured for -the AIC. See the Multiple Domains topic in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -# Manage Kerberos Encryption Warning for the Web Console - -If a computer's Local Security Policy, or applicable Group Policy, enforces certain encryption -methods for Kerberos authentication, then the service account running the Enterprise Auditor Web -Server must support the same encryption methods. - -If encryption methods have been configured for Kerberos on the Enterprise Auditor server but not on -the service account running the Enterprise Auditor Web Server service, then users will not be able -to log-in to the Web Console and will receive the below error message. - -![Kerberos Error Message](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/kerberoserrormessage.webp) - -When this occurs, the following error will be logged: - -_ERROR - Unhandled server error: Nancy.RequestExecutionException: Oh noes! ---> -System.Security.SecurityException: The encryption type requested is not supported by the KDC_. - -This error will be logged in the following location: - -%SAINSTALLDIR%\SADatabase\Logs\Web\service.log - -While it is not required to configure these settings, this section provides the locations and steps -necessary to configure encryption methods in Local and Group policies to allow Kerberos for the -Report Index if an error does occur. - -## Local Security Policies - -Follow the steps to configure a Local Security Policy to allow Kerberos. - -**Step 1 –** Open the Local Security Policy window. - -![Local Security Policy Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localsecuritypolicywindow.webp) - -**Step 2 –** From the Security Settings list, navigate to **Local Policies** > **Security Options**. - -**Step 3 –** Right-click the **Network Security: Configure encryption types allows for Kerberos** -policy > click **Properties**. - -![Configure Local Security Setting Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/configurelocalsecuritysettingwindow.webp) - -**Step 4 –** Configure necessary settings by checking each applicable box. - -**Step 5 –** Click **Apply**, then click **OK**. - -A Local Security Policy has been configured to allow encryption methods for Kerberos. Proceed to the -[Configure Active Directory Users and Computers Settings to allow Kerberos](#configure-active-directory-users-and-computers-settings-to-allow-kerberos) -section of this topic to ensure Active Directory Users and Computer settings are configured to allow -the encryption methods for Kerberos. - -## Group Security Policy - -Follow the steps to configure a Local Group Security Policy to allow Kerberos. - -**Step 1 –** Open the Local Group Policy Editor window. - -![Local Group Policy Editor window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localgrouppolicywindow.webp) - -**Step 2 –** From the Local Computer Policy list, navigate to **Computer Configuration** > **Windows -Settings** > **Security Settings** > **Local Policies** > **Security Options** folder . - -**Step 3 –** Right-click the **Network Security: Configure encryption types allows for Kerberos** -policy, then click **Properties**. - -![Configure Local Security Setting Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/configurelocalsecuritysettingwindow.webp) - -**Step 4 –** Configure necessary settings by checking each applicable box. - -**Step 5 –** Click **Apply**, then click **OK**. - -A Local Group Security Policy has been configured to allow encryption methods for Kerberos. Proceed -to the -[Configure Active Directory Users and Computers Settings to allow Kerberos](#configure-active-directory-users-and-computers-settings-to-allow-kerberos) -section of this topic to ensure Active Directory Users and Computer settings are configured to allow -the encryption methods for Kerberos. - -## Configure Active Directory Users and Computers Settings to allow Kerberos - -Follow the steps to ensure the settings for Active Directory Users and Computers are configured to -allow the encryption methods to allow Kerberos. Configurations selected in this section should -reflect the configuration options selected in the two sections above. See the -[Local Security Policies](#local-security-policies) and -[Group Security Policy](#group-security-policy) topics for additional information. - -**Step 1 –** Open the Active Directory Users and Computers window. - -![Active Directory Users and Computers Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/activedirectoryusersandcomputerswindows.webp) - -**Step 2 –** Click and expand the Domain from the left-hand menu and click **Users**. - -**Step 3 –** Right-click a **User** from the list of available users, then click **Properties**. - -![User Properties Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/userproperteswindow.webp) - -**Step 4 –** Click the **Account** tab. - -**Step 5 –** Locate the appropriate Account options and check the corresponding boxes. - -**Step 6 –** Click **Apply**, then click **OK**. - -Active Directory Users and Computer settings have been configured to allow the encryption methods -for Kerberos. These settings should match the configuration options for Local Security Policies and -Local Group Policies. diff --git a/docs/accessanalyzer/11.6/installation/reports-configuration/security.md b/docs/accessanalyzer/11.6/installation/reports-configuration/security.md deleted file mode 100644 index 0a27991c2e..0000000000 --- a/docs/accessanalyzer/11.6/installation/reports-configuration/security.md +++ /dev/null @@ -1,404 +0,0 @@ -# Configuring Login Page Disclaimer - -Users can add a disclaimer message to the logon screen by adding a custom `Disclaimer.txt` file in -the Web folder in the Enterprise Auditor directory and configuring the `WebServer.exe.config` file. -Follow the steps to configure the optional disclaimer message: - -**Step 1 –** Navigate to the Web folder of the installation directory: -` …\STEALTHbits\StealthAUDIT\Web`. - -![Disclaimer.txt file added to the Web folder](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/disclaimertxt.webp) - -**Step 2 –** Create a `Disclaimer.txt` file in the Web folder. Write a custom disclaimer that -displays on the login page for the Web Console. - -- The text file must be named `Disclaimer.txt`. The disclaimer message option is not configured - properly if using a text file with a different name. - -![File Explorer WebServer.exe.config](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigfile.webp) - -**Step 3 –** Locate the `WebServer.exe.config` file and open it. - -![WebServer.exe.config file in Notepad](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigdisclaimer.webp) - -**Step 4 –** Find the following line in the text: - -``` - -``` - -**Step 5 –** Replace the value with `true` so that the line now reads as: - -``` - -``` - -**Step 6 –** Save the changes to enable the disclaimer message on the Web Console login page. - -![Web Console login page with disclaimer message](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolelogindisclaimer.webp) - -**Step 7 –** To check if the disclaimer message was configured correctly, open the Web Console to -access the login page. - -- If the disclaimer is configured correctly, the custom disclaimer message displays at the bottom of - the login page. - -The disclaimer message displays on the Web Console login page. - -# Reports via the Web Console - -The Web Console is where any reports which have been published can be viewed outside of the -Enterprise Auditor Console. - -- Web Console – This console uses an embedded website for published reports. It provides a - consolidated logon feature for viewing published reports, and accessing the Netwrix Access - Information Center (when installed) and other Netwrix products. - -The Enterprise Auditor installer places a Web folder at the root of the Enterprise Auditor -directory. This folder contains the Enterprise Auditor Web Server (WebServer.exe) that runs on the -Enterprise Auditor Console upon installation. - -**NOTE:** The Enterprise Auditor Web Server service must run as an account that has access to the -Enterprise Auditor database. This may be a different account than the one used to connect Enterprise -Auditor to the database. If the Enterprise Auditor Vault service is running, the account running the -Web Server service must be an Enterprise Auditor Administrator. See the -[Vault](/docs/accessanalyzer/11.6/administration/settings/application.md) topic -for additional information. - -The Web folder that the Enterprise Auditor installer places at the root of the Enterprise Auditor -directory also contains a `WebServer.exe.config` file. This file contains configurable parameters. - -**CAUTION:** If encryption methods have been configured for Kerberos on the Enterprise Auditor -server but not on the service account running the Enterprise Auditor Web Server service, then users -will not be able to log-in to the Web Console and will receive an error message. See the -[Manage Kerberos Encryption Warning for the Web Console](/docs/accessanalyzer/11.6/installation/reports-configuration/authentication.md) -topic for additional information on configuring security polices to allow Kerberos encryption. - -## Log into the Web Console - -In order for a user to log into the Web Console, the user’s account must have the User Principal -Name (UPN) attribute populated within Active Directory. Then the user can login using domain -credentials. If multiple domains are being managed by the Netwrix Access Information Center, then -the username needs to be in the `domain\username` format. - -Access to reports in the Web Console can be managed through the Role Based Access feature of -Enterprise Auditor (**Settings** > **Access**). The Web Administrator role and the Report Viewer -role grant access to the published reports. See the -[Role Based Access](/docs/accessanalyzer/11.6/administration/access-control/role-based-access.md) -topic for addition information. - -**NOTE:** Access to the AIC and other Netwrix products is controlled from within those products. - -The address to the Web Console can be configured within the Enterprise Auditor Console -(**Settings** > **Reporting**). The default address is `http://[hostname.domain.com]:8082`. From the -Enterprise Auditor Console server, it can be accessed at `http://localhost/` with any standard -browser. To access the Web Console from another machine in or connected to the environment, replace -localhost with the name of the Enterprise Auditor Console. See the -[Update Website URLs](/docs/accessanalyzer/11.6/installation/reports-configuration/security.md#update-website-urls) -topic for additional information. - -**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See -the -[Configure JavaScript Settings for the Web Console](/docs/accessanalyzer/11.6/administration/settings/reporting.md#configure-javascript-settings-for-the-web-console) -topic for additional information. - -Follow the steps to login to the Web Console. - -**Step 1 –** To open the Web Console page, use one of the following methods: - -- From the Enterprise Auditor Console server – Click the Published Reports desktop icon - (`http://localhost:8082`) -- For remote access – Enter one of the following URLs into a web browser: - - http://[machinename]:8082 - - https://[machinename]:8082 - -**NOTE:** The URL that is used may need to be added to the browser’s list of trusted sites. - -![Web Console Login page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolelogin.webp) - -**Step 2 –** Enter your **User Name** and **Password**. Click **Login**. - -![Web Console Home page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolehome.webp) - -The home page shows the solutions with published reports available. See the -[Web Console](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md#web-console) -topic for information on using the Web Console. - -# Securing the Web Console - -Published reports can be accessed in the Web Console. There are several options for enhancing -security. - -Additional configuration options for enhanced security include: - -- Enable SSL – The `BindingUrl` parameter shows the port used by the Enterprise Auditor web server - for SSL reports. If SSL is enabled, the value will be HTTPS instead of HTTP. -- Enable Multiple Domain Access – The `AuthenticationDomains` parameter allows the Web Console to be - accessed from multiple domains. By default this parameter is blank, allowing only domain users - from the domain where the Enterprise Auditor Console resides to access the Web Console. -- Enable Single Sign-On – The `WindowsAuthentication` parameter allows domain users to be - automatically logged into the Web Console. By default this parameter is set to `false`, which - requires domain users to login each time the Web Console is accessed. See the - [Enable Single Sign-On](/docs/accessanalyzer/11.6/installation/reports-configuration/sso-setup.md) - topic for additional information. - - **NOTE:** The Web Console also supports using Microsoft Entra ID single sign-on. See the - [Microsoft Entra ID Single Sign-On](/docs/accessanalyzer/11.6/installation/reports-configuration/sso-setup.md) - topic for additional information. - -These parameters can be configured within the **WebServer.exe.config** file in the Web folder of the -Enterprise Auditor installation directory `…\STEALTHbits\StealthAUDIT\Web`. - -## Enable SSL for the Web Console - -To enable Secure Sockets Layer (SSL) for secure, remote connections to the Web Console it is -necessary to bind a certificate to the port. See the -[Use a Self-Signed Certificate for SSL](#use-a-self-signed-certificate-for-ssl) topic for more -information. Follow the steps on the server where Enterprise Auditor is installed to enable SSL for -the Web Console. - -**NOTE:** The following steps require a certificate to be available. Organizations typically have -one or more system administrators responsible for Public Key Infrastructure (PKI) and certificates. -To continue with this configuration it will first be necessary to confer with the PKI administrator -to determine which certificate method will conform to the organization’s security policies. -Optionally, see [Use a Self-Signed Certificate for SSL](#use-a-self-signed-certificate-for-ssl) for -an Administrator PowerShell command which will both create and import a self-signed certificate. - -**Step 1 –** Import the certificate to the hosting server using the Certificate Management MMC -snap-in. - -**NOTE:** If using a self-signed certificate, it will also need to be imported. - -**Step 2 –** Create an SSL binding. It is necessary to use the certificate’s **Hash** value for the -`$certHash` value: - -**NOTE:** The following Administrator PowerShell dir command can be run on the certificate's “drive” -to find the **Hash** value of a certificate which was already created and the output will include -the Thumbprint (**Hash**) value and the certificate name: - -``` -dir cert:\localmachine\my -``` - -- Run the following command using Administrator PowerShell to create the SSL binding, with the - appropriate `certHash` value: - - ``` - $guid = "bdd5710f-7cbe-4f85-b8c1-da4bddf485a8" - $certHash = "80F78FD2566793D2F39E748CDF6DED09B6F57A82" # the 'Thumbprint' value - $ip = "0.0.0.0" # this means all IP addresses - $port = "8082" # the default HTTPS port - "http add sslcert ipport=$($ip):$port certhash=$certHash appid={$guid}" | netsh - ``` - -**Step 3 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is -located within the Web folder of the Enterprise Auditor installation directory. - -![WebServer.exe.config file in Notepad](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfig.webp) - -**Step 4 –** Change the value for the `BindingUrl` parameter from `http` to `https`: - -``` - -``` - -- After changing the `BindingUrl` value in the **WebServer.exe.config** file, the Website URL must - be updated to match the new value in the following places: - - Enterprise Auditor's **Settings** > **Reporting** node - - Enterprise Auditor's Published Reports Desktop icon properties - - See the [Update Website URLs](#update-website-urls) topic for additional information. - -**Step 5 –** Save and close the file. - -**Step 6 –** Navigate to Services (`services.msc`). Restart the Netwrix Enterprise Auditor Web -Server service. - -**NOTE:** If also using the AIC, then SSL needs to be enabled for the AIC using this certificate. -See the Securing the AIC section of the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -The Web Console has been enabled for SSL communication. Access it using the server’s fully qualified -domain name and the HTTPS port (`https://[hostname.domain.com]:8082`). If a self-signed certificate -was used, then the client-side access to the Web Console will generate a Certificate error. See the -[Add the Certificate for Client-Side Access](#add-the-certificate-for-client-side-access) topic for -additional information. - -### Update Website URLs - -If the Binding URL value is updated in Enterprise Auditor's **WebServer.exe.config** file, the -Website URL must be updated to match the new value in the following places: - -- Enterprise Auditor's Reporting node (**Settings** > **Reporting**) -- Enterprise Auditor's Published Reports Desktop icon properties - -Update the Website URL in the Reporting Node - -Follow the steps to update the Website URL in the **Settings** > **Reporting** node. - -**Step 1 –** Expand **Settings** and select the **Reporting** node. - -![Access Governance Reporting Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/websiteurlreporting.webp) - -**Step 2 –** In the **Website URL** box, update the URL to: `https://[hostname.domain.com]:8082` - -**Step 3 –** Click **Save**. - -The Website URL is now updated. - -Update the URL in the Published Reports Desktop Icon Properties - -Follow the steps to update the URL in the Published Reports desktop icon's Published Report's -Properties window. - -**Step 1 –** Right click on the **Published Reports** desktop shortcut and click **Properties**. - -![Published Reports desktop icon properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/publishedreportsproperties.webp) - -**Step 2 –** On the **Web Document** tab, update the **URL** in the text box to: -`https://localhost:8082/` - -**Step 3 –** Click **Apply** and then **OK** to exit. - -The URL is now updated. - -### Remove Certificate from the Port - -Remove or unbind the certificate from the port by running the following Administrator PowerShell -command: - -``` -netsh http delete sslcert ipport=0.0.0.0:8082 # ip and port used when binding -``` - -### List SSL Certificate Bindings - -You can run the following PowerShell command to list all SSL certificate bindings and use this to -validate which certificates are bound to specific ports: - -``` -netsh http show sslcert -``` - -## Use a Self-Signed Certificate for SSL - -If you want to use a self-signed certificate, use the `New-SelfSignedCertificate` cmdlet, which is -available in Administrator PowerShell 3.0+ to generate and import the certificate: - -``` -New-SelfSignedCertificate -DnsName machinename.domain.com -CertStoreLocation Cert:\LocalMachine\My -``` - -The output will show this info: - -`Thumbprint                                Subject` - -`----------                                -------` - -`80F78FD2566793D2F39E748CDF6DED09B6F57A82  CN=machinename.domain.com` - -The Thumbprint value is the certificate **Hash** value to be used when binding to the port. The port -can be the same as in HTTP (8082). Use this **Hash** value for Step 2 of the -[Enable SSL for the Web Console](#enable-ssl-for-the-web-console) instructions. - -Creation and import of the self-signed certificate can be validated in Microsoft Management Console. -Follow these steps to confirm the certificate is in Microsoft Management Console. - -**Step 1 –** Open Microsoft Management Console (`mmc.exe`). - -![Microsoft Management Console Certificates snap-in](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateaddsnapin.webp) - -**Step 2 –** Select **File** > **Add/Remove Snap-in**. The Add or Remove Snap-ins window opens. -Select **Certificates**, and click **Add**. Then select **Computer account** in the Certificates -snap-in window. - -![Microsoft Management Console Certificates snap-in Select Computer dialog](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateselectcomputer.webp) - -**Step 3 –** Click **Next** and select **Local computer**. Click **Finish**. - -![Microsoft Management Console Certificates Add or Remove Snap-ins window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificatesnapins.webp) - -**Step 4 –** The certificate will appear in the Selected snap-ins list in the Add or Remove Snap-ins -window. Click **OK** to close the window. - -**Step 5 –** Navigate to **Certificates** > **Personal** > **Certificates**. The certificate should -show in the pane on the right. - -The self-signed certificate was created and imported. Repeat these steps for each client-side host. - -### Add the Certificate for Client-Side Access - -When you open the Web Console with SSL enabled, the web browser shows a Your connection isn't -private warning message. This can be removed by importing the certificate onto the client server. - -Follow the steps to remove the certificate error. - -**Step 1 –** Open the Web Console in your browser. - -![Your connection isn't private warning in Microsoft Edge](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateconnectionnotprivate.webp) - -**Step 2 –** Click **Advanced**, and then use the link to continue to the site. This loads the main -page of the Web Console. - -![Access Certificat Viewer from Not Secure error in Microsoft Edge address bar](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificatenotsecureerror.webp) - -**Step 3 –** Click the **Not Secure** warning in the browser's address bar. Open the Certificate -Viewer from the warning details. - -- In Microsoft Edge, click the **Your Connection to this site isn't secure** section, and then click - the certificate icon. -- In Google Chrome, click **Certificate is not valid**. - -![Web browser Certificate Viewer window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateviewer.webp) - -**Step 4 –** On the Details tab of the Certificate Viewer, click **Export**. Save the security -certificate and close the Certificate Viewer. - -![Certificate window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificatewindow.webp) - -**Step 5 –** Navigate to the save location from the previous step and open the exported security -certificate. On the Certificate window, click **Install Certificate**. The Certificate Import Wizard -opens. - -![Certificate Import Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateimportwizard.webp) - -**Step 6 –** On the Certificate Import Wizard, select the Store Location as **Local Machine**, and -click **Next**. Keep the default selection of **Automatically select the certificate store based on -the type of certificate**. Navigate through the wizard to save this configuration. A pop-up message -should state that the import was successful. Click **OK** to close out all dialogs. - -![Microsoft Management Console Trusted Root Certification Authorities Certificates](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/addcertificateconsole.webp) - -**Step 7 –** In the Microsoft Management Console, check the **Trusted Root Certification -Authorities** > **Certificates**. The self-signed certificate should now be listed there. - -The client-side access to the Web Console will no longer generate a certificate error. Repeat these -steps for each client-side host. - -# Timeout Parameter for the Web Console - -The Web Console is configured with a default timeout parameter of 15 minutes. This can be configured -within the **WebServer.exe.config** file in the Web folder of the Enterprise Auditor installation -directory: - -…\STEALTHbits\StealthAUDIT\Web - -Follow the steps to modify the timeout parameter for the Web Console. - -**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. - -![WebServer.exe.config file in Notepad](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigtimeout.webp) - -**Step 2 –** Change the value for the `SessionTimeout` parameter to the desired number of minutes: - -``` - -``` - -**Step 3 –** Save and close the file. - -The Web Console session will timeout after this many minutes of inactivity. This value will take -precedence over session timeout values set within the product consoles, for example the AIC, when -accessed through the Web Console. diff --git a/docs/accessanalyzer/11.6/installation/reports-configuration/sso-setup.md b/docs/accessanalyzer/11.6/installation/reports-configuration/sso-setup.md deleted file mode 100644 index d17a50d25f..0000000000 --- a/docs/accessanalyzer/11.6/installation/reports-configuration/sso-setup.md +++ /dev/null @@ -1,485 +0,0 @@ -# Configuring the Web Console to use ADFS - -The Enterprise Auditor Webserver and Access Information Center are able to support Single-Sign-On -(SSO) leveraging WSFederation with SAML tokens. This guide contains steps for implementing SSO using -Active Directory Federation Services (ADFS). - -Follow the steps to configure the Web Console to use ADFS authentication: - -**NOTE:** A certificate from the ADFS server is required. Confer with a PKI administrator to -determine which certificate method will conform to the organization's security policies. - -**Step 1 –** Import the certificate for the ADFS server onto the hosting server using the -Certificate Management MMC snap-in. - -- If used, self-signed certificates will also need to be imported - -**Step 2 –** On the ADFS server, open **AD FS Management**. - -**Step 3 –** Navigate to **Relying Party Trusts** and click **Add Relying Part Trust...**. Use the -Add Relying Party Trust Wizard to configure the relying party trust: - -- On the Welcome page, select **Claims aware** and click **Start**. -- On the Select Data Source page, select **Enter data about the relying party manually** and click - **Next**. -- On the Specify Display Name page, enter a display name for the relying party trust. Click - **Next**. -- On the Configure URL page, do not select any options and click **Next**. - - ![Identifier added on the Configure Identifiers page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/relyingpartytrustwizardidentifier.webp) - -- On the Configure Identifiers page, add an identifier of `https://` followed by the fully qualified - domain name (FQDN) of your ADFS server. - - - For example, `https://app0290.train90.local` - -- Click **Next** to proceed through the remaining wizard pages and complete the wizard. - -![Add an Endpoint window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/addanendpointwindow.webp) - -**Step 4 –** Double-click on the newly added relying party trust to open it's Properties window. -Navigate to the Endpoints tab and click **Add WS-Federation**. On the Add an Endpoint window, add -`https://:/federation` as the Trusted URL, then click **OK**. - -- For example, `https://app0190.train90.local:8082/federation` - -Click **OK** to save the changes and close the properties window. - -**Step 5 –** Select the relying party trust, and click **Edit Claim Issuance Policy** on the -right-hand panel. - -- On the Edit Claim Issuance Policy window, click **Add Rule**. -- On the Choose Rule Type page of the Add Transform Claim Rule Wizard, select **Send LDAP Attributes - as Claims** as the Claim rule template. Click **Next**. - - ![Configure Claim Rule page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/claimrulenameadfsconfig.webp) - -- On the Configure Claim Rule page, enter a name in the **Claim rule name** field. - -If the SID claim is not configured by default, add it to the Claim Description as follows: - -![Configure Claim Rule SID Properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/claimrulenamesidproperties.webp) - -**Step 6 –** Navigate to the Enterprise Auditor installation directory and open the -`WebServer.exe.config` file in a text editor. - -![WebServer.exe.config file in Notepad](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigadfs.webp) - -**Step 7 –** In the `WebServer.exe.config` file, change the following parameters: - -- `WsFederationMetadata` – Change the value to the following: - - ``` - - ``` - -- `WsFederationRealm` – Replace the value text with the URL entered for the Relying Party Trust in - Step 3: - - ``` - - ``` - - ![URL required for WsFederationRealm attribute](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/wsfederationrealmurl.webp) - - You can retrieve the URL value from the Identifiers tab of the relying party trust properties - window. - -- `WsFederationReply` – Replace the value text with the Trusted URL entered for the Endpoint in Step - 4: - - ``` - - ``` - - ![URL required for WsFederationReply attribute](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/wsfederationreplyurl.webp) - - You can obtain the URL required for this parameter from the Endpoints tab of the relying party - trust properties window. Select the endpoint and click **Edit** to open the Edit Endpoint - window. - -The following is an example of how the parameters should look when configured in the config file: - -``` - -  -  -``` - -**Step 8 –** Save the changes in the `WebServer.exe.config` file. - -**Step 9 –** Navigate to Services (`services.msc`). Restart the **Enterprise Auditor Web Server** -service. - -ADFS authentication is now enabled for Enterprise Auditor. - -## Update the Published Reports URL for ADFS - -If ADFS does not accept `http://localhost:8082/` as an acceptable path, the path will need to be -updated in the Published Reports properties window. Follow the steps to configure the Published -Reports URL for ADFS: - -**Step 1 –** Right-click the Published Reports shortcut on the desktop and select **Properties**. - -![Published Reports desktop shortcut properties](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/publishedreportsproperties.webp) - -**Step 2 –** Replace the URL with `https://SAWebConsole.domain.com:8082`. - -**Step 3 –** Click **Apply**. Exit the window. - -The Published Reports URL is now configured for ADFS. - -# Microsoft Entra ID Single Sign-On - -Microsoft Entra ID Single Sign-On (SSO) can be configured for logging in to the Web Console to view -reports. When configured, users accessing the Web Console are directed to the Microsoft Entra -ID login page, and can log in using their existing Entra credentials. - -The following is required to use Microsoft Entra ID SSO: - -- SSL must be enabled -- The on-premise Active Directory must be synced with Microsoft Entra ID - -To enable Microsoft Entra ID SSO, you must first create a registered application in Microsoft Entra -ID, and then configure the Web Console to use it. - -## Configure an Application in Microsoft Entra ID - -An application must be registered for the Web Console with your Microsoft Entra ID tenant and be -configured with the necessary single sign-on settings. Follow the steps to create and configure the -application. - -**Step 1 –** Sign into the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** > **Enterprise -Applications**. On the top toolbar, click App registrations and then **Create your own -application**. - -**Step 3 –** On the Create your own application page, enter a name for your application and select -the **Integrate any other application you don't find in the gallery** option. Click **Create** to -finish creating the application. - -**Step 4 –** In your application, go to **Manage** > **Single sign-on**. Select **SAML** as the -single sign-on method. - -**Step 5 –** On the Set up Single Sign-On with SAML page, click **Edit** on the Basic SAML -Configuration section. Add your Identifier and Reply URL, and then click **Save**. - -- As the Identifier, enter `https://:`, for example: - - ``` - https://app0190.train90.local:8082 - ``` - -- As the Reply URL, enter `https://:/federation`, for example: - - ``` - https://app0190.train90.local:8082/federation - ``` - -**Step 6 –** Next, click **Edit** on the Attributes & Claims section. The four claims in the table -below are required. For each of these, click **Add new claim**, enter the information from the -table, and then click **Save**. - -| Name | Namespace | Source attribute | -| ------------------ | ------------------------------------------------------- | --------------------------------- | -| windowsaccountname | http://schemas.microsoft.com/ws/2008/06/identity/claims | user.onpremisessamaccountname | -| name | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.displayname | -| sid | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.onpremisessecurityidentifier | -| upn | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.onpremisesuserprincipalname | - -Once configured they should show under Additional claims as below: - -![Claims configured](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/entraidssoclaims.webp) - -**Step 7 –** In the **Manage** > **Users and groups** section for your application, add any required -users or groups to give permission to access the application. - -The application is now configured with the necessary settings. The next step is to enable the use of -Microsoft Entra ID SSO in the web server config file. - -## Enable in the Web Server Config File - -To enable Microsoft Entra ID SSO for the Web Console, the web server config file needs to be updated -with values from Microsoft Entra ID. Follow the steps to enable the SSO. - -_Remember,_ Enabling Entra ID SSO requires SSL to already have been enabled for the web server. See -the -[Securing the Web Console](/docs/accessanalyzer/11.6/installation/reports-configuration/security.md) -topic for additional information. - -**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is -located within the Web folder of the Enterprise Auditor installation directory. - -![Parameters in the web server config file](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigfileentrasso.webp) - -**Step 2 –** Locate the **WsFederationMetaData**, **WsFederationRealm**, and **WsFederationReply** -Parameters in the config file, and add the required values from your Microsoft Entra ID application: - -- WsFederationMetaData – Metadata markup for describing the services provided - - - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single - sign-on** > **SAML Certificates** > **App Federation Metadata Url** - -- WsFederationRealm – Maps to the application identifier to Microsoft Entra ID - - - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single - sign-on** > **Basic SAML Configuration** > **Identifier** - -- WsFederationReply – This is the endpoint for the configured relying party trust - - - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single - sign-on** > **Basic SAML Configuration** > **Reply URL** - -For example: - -``` -     -     -     -``` - -**Step 3 –** Save and close the file. - -**Step 4 –** Navigate to Services (`services.msc`). Restart the Netwrix Enterprise Auditor Web -Server service. - -The Web Console has been enabled for Microsoft Entra ID single sign-on. - -# Creating an Application and Attributes in Okta - -Create an Enterprise Auditor Application in Okta Using the WS-Fed Template - -Follow the steps to create an Enterprise Auditor Application in Okta Using the WS-Fed Template: - -**Step 1 –** Log in to Okta. - -**Step 2 –** In the left-pane menu, expand **Applications** and then click **Applications**. - -**Step 3 –** Click **Create App Integration**. - -![Okta Browse App Integration Catalog](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktawsfedtemplate.webp) - -**Step 4 –** Browse the App Integration Catalog and select **Template WS-Fed**. - -**Step 5 –** Click **Create**. Name the application Enterprise Auditor. - -Retrieve the Values to Paste into the Enterprise Auditor WebServer.exe.config File - -![Okta Application copy link address](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktacopylinkaddress.webp) - -**Step 1 –** In the Enterprise Auditor application, click the **Sign On** tab. - -**Step 2 –** Right click on the **Identity Provider metadata** link and select **Copy Link Address** -to get the value for the WSFederationMetadata URL. - - - -**Step 3 –** Click on the General tab to copy the value for the **Realm**. This value will be unique -per tenant. - -`https://www.okta.com/` - -**Step 4 –** Construct the ReplytoURL using the FQDN of your Enterprise Auditor server: - -https://FQDNofaccessanalyzerserver.com:8082/federation - -Edit the WebServer.exe.config File - -Follow the steps to edit the **WebServer.exe.config** file: - -**Step 1 –** Open the **WebServer.exe.config** file with a text editor, such as Notepad++. It is -located in the Web folder within the Enterprise Auditor installation. - -**Step 2 –** Change the value for the `BindingUrl` parameter from `http` to `https`: - -``` - -``` - -![Okta application values in WebServer.exe.config file](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigokta.webp) - -**Step 3 –** Update the following values in the **WebServer.exe.config** file with the values -retrieved from the Enterprise Auditor Okta application. - -**CAUTION:** These values are case sensitive. The values used here must match the values in the -Enterprise Auditor Okta application. - -- `WSFederationMetadata` – Paste the copied link address into the **WebServer.exe.config** file as: - - ``` - - ``` - -- `WSFederationRealm` – Paste the value for the Realm into the **WebServer.exe.config** file as: - - ``` - - ``` - -- `WSFederationReply` – Enter the value for the WSFederationReply based on the FQDN of the - Enterprise Auditor server and port into the **Webserver.exe.config** file as: - - ``` - - ``` - -**Step 4 –** Restart the Enterprise Auditor Web Server. - -Configure the App Settings for the StealthAUDIT Application - -**Step 1 –** In the Enterprise Auditor application, navigate to the General Tab and click **Edit** -to populate the following fields. - -- Web Application URL – This value should follow this - format:`https://:8082/` -- Realm – This value is unique per tenant and should follow this format: - `https://www.okta.com/` -- Audience Restriction – This value should match the value for the Realm -- ReplyToURL – Enter the value from the WSFederationReply setting from the **Webserver.exe.config** - file - - - `https://FQDNofaccessanalyzerserver.com:8082/federation` - -- Custom Attribute Statement – This value must match the following format, including case and bold - areas: - - http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname|${user.__samaccountname__}|, - http://schemas.xmlsoap.org/ws/2005/05/identity/claims/sid|${user.__SID__}|,http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn|${user.__upn__}| - -![oktaprofileeditor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaprofileeditor.webp) - -**Step 2 –** Navigate to the Directory menu and select **Profile Editor** from the drop-down menu. -Click the **Edit Profile** button for the Enterprise Auditor application. - -![Okta Add Attribute button](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaaddattribute.webp) - -**Step 3 –** Click **Add Attribute** to open the Add Attribute window. - -![Okta Add Atrribute window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaaddattributewindow.webp) - -**Step 4 –** In the Add Attribute window, add the following attributes: - -- Username -- SID -- samaccountname -- upn -- department - -**NOTE:** The case of the attributes in bold must match the case used in the custom attribute. - -Click **Save** to save the attribute details and close the Add Attribute window. To add another -attribute, click **Save and Add Another**. - -![To Okta option under the Directory Provisioning Tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktadirectoryprovisioningtookta.webp) - -**Step 5 –** Navigate to the **Directory** menu and click on the **Provisioning** tab. Click **To -Okta**. - -![Okta Show Unmapped Attributes](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktashowunmappedattributes.webp) - -**Step 6 –** Locate and map the attributes that were added for the profile by clicking the -**Pencil** icon to edit attributes. To locate the attributes, scroll down and select **Show Unmapped -Attributes**. - -![Okta Unmapped Attribute configuration window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaunmappedattributeconfigscreen.webp) - -**Step 7 –** Click the pencil icon for **SID**, **upn**, and **samAccountName** to map the -attributes. They will display in the mapped section. - -**Step 8 –** Click **Save** and return to the **Okta Attribute Mappings** page. - -![Okta Attribute Mappings Force Sync](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaattributemappingsforcesync.webp) - -**Step 9 –** On the Okta Attribute Mappings page, click **Force Sync**. The new attributes will -display for any user under the profile. - -To configure Okta Multi-Factor Authentication, see the -[Setting Up Multi-Factor Authentication](#setting-up-multi-factor-authentication) topic for -additional information. - -## Setting Up Multi-Factor Authentication - -Follow the steps to configure multi-factor-authentication for Enterprise Auditor: - -![Okta MFA App Sign on Rule window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktamfaappsignonrule.webp) - -**Step 1 –** Navigate to the **Sign On Policy** page and click **Add Rule**. The App Sign On Rule -opens. Configure the following options: - -- Rule Name – Name of the rule -- Conditions – Select whether the rule applies to either the **Users assigned to this app** or **The - following groups and users**. - -![Okta MFA App Sign on Rule window Access section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktamfaappsignonruleaccess.webp) - -**Step 2 –** Scroll down to the Access section. Check the **Prompt for factor** box and select -**Every Sign On**. Click **Save**. - -Multi-Factor Authentication is now configured for Enterprise Auditor. - -# Enable Single Sign-On - -Single sign-on using Windows authentication allows users to be automatically log into the Web -Console according to the user’s current login session. When opening a session from a different -domain, the user will be prompted for credentials from a pop-up windows. After authenticating, the -user will be automatically logged in the Web Console. - -**NOTE:** The Web Console also supports using Microsoft Entra ID single sign-on. See the -[Microsoft Entra ID Single Sign-On](/docs/accessanalyzer/11.6/installation/reports-configuration/sso-setup.md) -topic for additional information. - -Follow the steps to enable single sign-on for the Web Console. - -**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is -located within the Web folder of the Enterprise Auditor installation directory. - -![WebServer.exe.config file in Notepad](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigsso.webp) - -**Step 2 –** Change the value for the `WindowsAuthentication` parameter to: - -``` - -``` - -**Step 3 –** Save and close the file. - -**Step 4 –** Navigate to Services (`services.msc`). Restart the Netwrix Enterprise Auditor Web -Server service. - -The Web Console has been enabled for single sign-on. - -## Local Intranet Settings - -Next, configure local intranet settings to enable SSO. This enables users to have authentication -pass through Windows Authentication and bypass SSO configuration Prompts for credentials via Browser -pop-up. - -Follow the steps to configure local intranet settings. - -**Step 1 –** Open Windows Internet Properties (**Control Panel** > **Network and -Internet** > **Internet Options**). - -![ConfigureLocalIntranetSettingsforSSO - 1](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/internetproperties.webp) - -**Step 2 –** Go to the Security tab, and select the **Local Intranet** option. Then, click the -**Sites** button. - -![localintranet](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localintranet.webp) - -**Step 3 –** Click the **Advanced** button. - -![localintranetadvanced](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localintranetadvanced.webp) - -**Step 4 –** Enter a domain in the **Add this website in the zone** field. Ensure the fully -qualified domain name is in the following format: `https://..com` - -**Step 5 –** Click the **Add** button. Close the Local intranet window. - -**Step 6 –** On the Internet Properties window, click the **Apply** button. - -Authentication will now pass through Windows Authentication and bypass SSO configuration Prompts for -credentials via Browser pop-up - -**NOTE:** A list of allowed authentication servers can also be configured using the -AuthServerAllowList policy. diff --git a/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md b/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md deleted file mode 100644 index 22274b03ea..0000000000 --- a/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md +++ /dev/null @@ -1,121 +0,0 @@ -# Sensitive Data Discovery Add-On Installation - -The Sensitive Data Discovery Add-On enables Enterprise Auditor to scan files for criteria matches -which indicate the existence of sensitive data. Sensitive Data Discovery scans can be run against -Windows file system servers, Network Attached Storage (NAS) devices, SharePoint on-premises, -SharePoint Online, OneDrive for Business, DropBox for Business, SQL Server databases, and Exchange -mailboxes. - -This topic provides information on the installation and upgrade processes of the Sensitive Data -Discovery Add-On. For information on the required prerequisites, see the Server Requirements topic. - -The version of the SharePoint Agent must also match the major version of Enterprise Auditor. See the -[What's New](/docs/accessanalyzer/11.6/getting-started/whats-new.md) topic for release -information. - -## Supported Platforms - -The Sensitive Data Discovery Add-On can be installed on the following servers: - -- Windows Server 2016 through Windows Server 2022 - - On the Enterprise Auditor Console Server - - On the Windows proxy server hosting the File System Proxy service - - See the - [File System Proxy as a Service Overview](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) - topic for additional information - - Install the Sensitive Data Add-on – FSAA & SPAA Agentless (or x86) version of the Sensitive - Data Discovery Add-On -- SharePoint 2013+ - - On the SharePoint server hosting the SharePoint Agent - - See the - [SharePoint Agent Installation](/docs/accessanalyzer/11.6/installation/sharepoint-agent/install.md) - topic for additional information - - Install the Sensitive Data Add-on – SPAA Agent (or x64) version of the Sensitive Data - Discovery Add-On - -# Installing the Sensitive Data Discovery Add-On - -Remember, the following additional considerations: - -- File System Considerations: - - To run the **FileSystem** Job Group in Applet Mode or Proxy Mode with Applet, the targeted - file servers also need .NET Framework 4.7.2 or later to be installed in order for Sensitive - Data Discovery collections to successfully occur. - - To run the **FileSystem** Job Group in File System Proxy Mode as a Service, the Sensitive Data - Discovery Add-On (32-bit `SensitiveDataAddon.msi`) also needs to be installed on the proxy - server. The proxy server also requires the .NET Framework 4.7.2 or later. The Enterprise - Auditor license file will need to be accessible locally for this installation. See the - [File System Proxy as a Service Overview](/docs/accessanalyzer/11.6/installation/filesystem-proxy/install.md) - topic for additional information. -- SharePoint Consideration – To use the SharePoint Agent to scan for sensitive data, the Sensitive - Data Discovery Add-On (64-bit `SensitiveDataAddon.msi`) will also need to be installed on the - application server which hosts the Central Administration component of the targeted SharePoint - farms after the Enterprise Auditor SharePoint Agent has been installed on that server. The - SharePoint server also requires .NET Framework 4.7.2 or later. The Enterprise Auditor license file - will need to be accessible locally for this installation. See the - [SharePoint Agent Installation](/docs/accessanalyzer/11.6/installation/sharepoint-agent/install.md) - topic for additional information. - -**NOTE:** Before running the installation package, please close the Enterprise Auditor application. - -The Enterprise Auditor license file is needed during installation. It can be imported from the -Enterprise Auditor installation directory when the add-on is installed on the Enterprise Auditor -Console server. Follow the steps to install the Sensitive Data Discovery Add-On. - -**Step 1 –** Run the `SensitiveDataAddon.exe` executable. - -_Remember,_ - -- Install the Sensitive Data Add-on – FSAA & SPAA Agentless (or x86) version of the Sensitive Data - Discovery Add-On on the Enterprise Auditor Console Server. -- Install the Sensitive Data Add-on – FSAA & SPAA Agentless (or x86) version of the Sensitive Data - Discovery Add-On on the File System Proxy server when using the File System Proxy Mode as a - Service scan mode. -- Install the Sensitive Data Add-on – SPAA Agent (or x64) version of the Sensitive Data Discovery - Add-On on the SharePoint server hosting the SharePoint Agent. - - Select the SPAA Agent for SP 2013 and newer - -![SDD Add-on Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page, click **Next** to begin the installation. - -![SDD Add-on Setup Wizard End-User License Agreement page](/img/versioned_docs/changetracker_8.0/changetracker/install/eula.webp) - -**Step 3 –** Check the **I accept the terms in the License Agreement** box and click **Next**. - -![SDD Add-on Setup Wizard License File page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/license.webp) - -**Step 4 –** Click **Browse** to select the license file to use for installation. By default, this -will target the license key within the Enterprise Auditor installation directory. If installing on -the SharePoint Agent server or the File System Proxy server, use the Browse button to navigate to -the license file. Click **Next**. - -**NOTE:** The Enterprise Auditor license file needs to be locally accessible during the installation -process. - -![SDD Add-on Setup Wizard Ready to install page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/ready.webp) - -**Step 5 –** Click **Install** to begin the installation. - -![Completed the SDD Add-on Setup Wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) - -**Step 6 –** When the installation has completed, click **Finish** to exit the wizard. - -The Enterprise Auditor Console is now ready to run Sensitive Data Discovery jobs for the following -solutions, according to the organization’s license: - -- AWS -- Dropbox -- Exchange -- File System -- PostgreSQL -- MongoDB -- MySQL -- Oracle -- SharePoint -- SQL - -Prior to job execution, ensure the desired criteria have been properly configured for each job. See -the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/upgrade.md b/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/upgrade.md deleted file mode 100644 index e5c35506aa..0000000000 --- a/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/upgrade.md +++ /dev/null @@ -1,15 +0,0 @@ -# Upgrade Sensitive Data Discovery Add-on - -When the Enterprise Auditor Console and applicable solutions are upgraded, it is necessary to also -upgrade the Sensitive Data Discovery Add-On. - -![Windows Control Panel Uninstall or change a program window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/uninstall.webp) - -**Step 1 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and -Features**). Uninstall the previous version of Enterprise Auditor Sensitive Data Discovery Add-on. - -**Step 2 –** Install the new version of the Sensitive Data Discovery Add-On. See the -[Installing the Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -section for instructions. - -The applicable solutions can now search for sensitive data based on the updated criteria. diff --git a/docs/accessanalyzer/11.6/installation/sharepoint-agent/install.md b/docs/accessanalyzer/11.6/installation/sharepoint-agent/install.md deleted file mode 100644 index 760f74b690..0000000000 --- a/docs/accessanalyzer/11.6/installation/sharepoint-agent/install.md +++ /dev/null @@ -1,99 +0,0 @@ -# SharePoint Agent Installation - -The SharePoint Agent is capable of auditing permissions and content, or Access Auditing (SPAA) and -Sensitive Data Discovery Auditing, on SharePoint servers. - -This topic provides information on the installation and upgrade processes of the SharePoint Agent. -It also provides information on the permissions needed by the service account used to run the Access -Auditing (SPAA) and Sensitive Data Discovery Auditing scans against the targeted SharePoint -environment. - -For information on the required prerequisites and permissions, see the -[SharePoint Agent Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic. - -The version of the SharePoint Agent must also match the major version of Enterprise Auditor. See the -[What's New](/docs/accessanalyzer/11.6/getting-started/whats-new.md) topic for -additional information. - -## Supported Platforms - -The SharePoint Agent for the Enterprise Auditor SharePoint & SharePoint Online Solution can be -installed on the following SharePoint versions as targeted environments: - -- SharePoint® 2019 -- SharePoint® 2016 -- SharePoint® 2013 - -## Sensitive Data Discovery Auditing Consideration - -If utilizing the SharePoint Agent to scan for Sensitive Data, install the Sensitive Data Add-on – -SPAA Agent (or x64) version of the Sensitive Data Discovery Add-On after the SharePoint Agent has -been installed on the SharePoint server. This requirement is in addition to having the Sensitive -Data Discovery Add-on installed on the Enterprise Auditor Console server. Sensitive Data Discovery -Auditing scans also require .NET Framework 4.7.2 or later. - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -# Installing the SharePoint Agent - -The installer will prompt for credentials which are used to set the identity that the SharePoint -Access Auditor Agent service runs as. The agent service does no additional impersonation, so this is -the account used to connect to and enumerate SharePoint. The service account credentials provided -need to be a member of the Log on as a service local policy. Additionally, the credentials provided -for Step 5 should also be a part of the Connection Profile used by the SharePoint Solution within -the Enterprise Auditor Console. See the -[SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for detailed permission information. - -**NOTE:** If utilizing the SharePoint Agent to scan for Sensitive Data, the 64-bit -`SensitiveDataAddon.msi` needs to be installed after the SharePoint Agent has been installed on the -SharePoint server. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -Follow the steps to install the SharePoint Agent on the application server which hosts the Central -Administration component of the targeted SharePoint farms. - -**Step 1 –** Run the `SharePointAgent.exe` executable to open the Netwrix Enterprise Auditor -SharePoint Agent Setup Wizard. - -![SharePoint Agent Setup Wizard Welcome page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page, click **Next** to begin the installation. - -![SharePoint Agent Setup Wizard End-User License Agreement page](/img/versioned_docs/changetracker_8.0/changetracker/install/eula.webp) - -**Step 3 –** On the End-User License Agreement page, select the **I accept the terms in the License -Agreement** checkbox and click **Next**. - -![SharePoint Agent Setup Wizard Destination Folder page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/destination.webp) - -**Step 4 –** On the Destination Folder page, click **Next** to install to the default folder or -click **Change** to select a different location. - -![SharePoint Agent Setup Wizard Configure Service Security page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/configureservice.webp) - -**Step 5 –** On the Configure Service Security page, enter the **User Name** and **Password** for -the SharePoint Service Account. Click **Next**. - -![SharePoint Agent Setup Wizard Ready to install page](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/ready.webp) - -**Step 6 –** On the Ready to install Netwrix Enterprise Auditor SharePoint Agent page, click -**Install** to start the installation. - -![SharePoint Agent Setup Wizard Completed page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) - -**Step 7 –** When the installation has completed, click **Finish** to exit the wizard. - -Now that the SharePoint Agent has been installed on the appropriate application server, it can be -used by the SharePoint Solution. See the -[SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -topic for instructions on enabling agent service scans on the Agent Settings page. diff --git a/docs/accessanalyzer/11.6/installation/sharepoint-agent/upgrade.md b/docs/accessanalyzer/11.6/installation/sharepoint-agent/upgrade.md deleted file mode 100644 index e0b19be496..0000000000 --- a/docs/accessanalyzer/11.6/installation/sharepoint-agent/upgrade.md +++ /dev/null @@ -1,21 +0,0 @@ -# Upgrade SharePoint Agent - -Follow the steps to upgrade the SharePoint Agent. - -![Windows Control Panel Uninstall or change a program window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/uninstall.webp) - -**Step 1 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and -Features**), uninstall the previous version of SharePoint Agent. - -**Step 2 –** Install the new version of the SharePoint Agent. See the -[Installing the SharePoint Agent](/docs/accessanalyzer/11.6/installation/sharepoint-agent/install.md) -topic for instructions. - -**Step 3 –** If also conducting Sensitive Data Discovery Auditing, after the installation is -completed upgrade the Sensitive Data Discovery Add-on on the SharePoint server. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -Now that the SharePoint Agent has been upgraded, it can be used by the SharePoint Solution. See the -[SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/overview.md b/docs/accessanalyzer/11.6/overview.md new file mode 100644 index 0000000000..aa5937bbe4 --- /dev/null +++ b/docs/accessanalyzer/11.6/overview.md @@ -0,0 +1,238 @@ +# Netwrix Enterprise Auditor v11.6 Documentation + +Netwrix Enterprise Auditor automates the collection and analysis of the data you need to answer the +most difficult questions you face in the management and security of dozens of critical IT assets, +including data, directories, and systems. + +The platform framework contains the following key components: + +- Data Collection through Data Collectors +- Analysis through Analysis Modules +- Remediation through Action Modules +- Reporting through Published Reports and the Web Console + +Enterprise Auditor contains over 40 built-in data collection modules covering both on-premises and +cloud-based platforms from Operating Systems to Office 365. Leveraging an agentless architectural +approach, our proprietary AnyData collector provides an easy, wizard-driven interface for +configuring the application to collect exactly the data needed, enabling fast, flawless, +lightest-weight possible data collection from dozens of data sources. + +## Instant Solutions Overview + +There are several predefined instant solutions available with Enterprise Auditor. Each solution +contains specific data collectors, jobs, analysis modules, action modules, and pre-created reports. +A few solutions are core components available to all Enterprise Auditor users, but most solutions +require a license. + +### .Active Directory Inventory Solution + +The .Active Directory Inventory Solution is designed to provide essential user, group membership, +and computer details from the targeted domains to many Enterprise Auditor built-in solutions. Key +information includes user status, user attributes, and group membership. The collected data is +accessed by other Enterprise Auditor solutions and the Netwrix Access Information Center for +analysis. + +This is a core solution available to all Enterprise Auditor users. + +See the +[.Active Directory Inventory Solution](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/overview.md) +topic for additional information. + +### .Entra ID Inventory Solution + +The .Entra ID Inventory Solution is designed to inventory, analyze, and report on Microsoft Entra +ID. It provides essential user and group membership details to the Entra ID Solution. Key +information includes managers, email addresses, and direct memberships. Collected data helps an +organization identify toxic conditions like nested groups, circular nesting, disabled users, and +duplicate groups. The user and group information assists with understanding probable group +ownership, group memberships, largest groups, user status, attribute completion, and synchronization +status between on-premises Active Directory and Microsoft Entra ID. + +This is a core solution available to all Enterprise Auditor users. + +See the +[.Entra ID Inventory Solution](/docs/accessanalyzer/11.6/solutions/entraidinventory/overview.md) +topic for additional information. + +### .NIS Inventory Solution + +The .NIS Inventory Solution is designed to provide essential user and group membership information +from a NIS domain, mapping these principals to Windows-style SIDs. This provides valuable +information to the File Systems Solution when auditing NFS shares. + +This is a core solution available to all Enterprise Auditor users. + +See the +[.NIS Inventory Solution](/docs/accessanalyzer/11.6/solutions/nisinventory/overview.md) +topic for additional information. + +### Active Directory Solution + +The Active Directory Solution is designed to provide the information every administrator needs +regarding Active Directory configuration, operational management, troubleshooting, analyzing +effective permissions, and tracking who is making what changes within your organization. + +See the +[Active Directory Solution](/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md) +topic for additional information. + +### Active Directory Permissions Analyzer Solution + +The Active Directory Permissions Analyzer Solution is designed to easily and automatically determine +effective permissions applied to any and all Active Directory objects, at any scope, allowing for +the most authoritative view available of who has access to what in Active Directory. + +See the +[Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/overview.md) +topic for additional information. + +### Amazon Web Services Solution + +Enterprise Auditor for AWS allows organizations to secure their data residing in Amazon Web Services +(AWS) S3 platform, reducing their risk exposure through proactive, automated auditing and reporting +of S3 permissions, sensitive data, and ultimately a consolidated view of user access rights across +dozens of structured and unstructured data resources both on-premises and in the cloud. + +See the +[AWS Solution](/docs/accessanalyzer/11.6/solutions/aws/overview.md) +topic for additional information. + +### Entra ID Solution + +The Entra ID Solution is a comprehensive set of audit jobs and reports that provide the information +regarding Microsoft Entra ID configuration, operational management, and troubleshooting. The jobs +within this group help pinpoint potential areas of administrative and security concerns related to +Microsoft Entra ID users and groups, including syncing with on-premises Active Directory. + +See the +[Entra ID Solution](/docs/accessanalyzer/11.6/solutions/entraid/overview.md) +topic for additional information. + +### Box Solution + +The Box solution set contains jobs to provide visibility into Box access rights, policies, +configurations, activities, and more, ensuring you never lose sight or control of your critical +assets residing in Box. + +See the +[Box Solution](/docs/accessanalyzer/11.6/solutions/box/overview.md) +topic for additional information. + +### Databases Solutions + +Enterprise Auditor Databases Solution Set is a comprehensive set of pre-configured audit jobs and +reports that provide visibility into various aspects of supported databases. + +- Azure SQL – The Azure SQL Solution Set is a comprehensive set of pre-configured audit jobs and + reports that provide visibility into various aspects of Azure SQL : Users and Roles, Sensitive + Data Discovery, Object Permissions, Configuration, and User Activity. +- Db2 – The Db2 Solution Set is a comprehensive set of pre-configured audit jobs and reports that + provides visibility into various aspects of a Db2 Databases: Sensitive Data Discovery and Object + Permissions. +- Instance Discovery – The Instance Discovery Solution discovers instances on supported database + servers. +- MongoDB Solution – The MongoDB Solution automates the process of understanding where MongDB + databases exist and provides an overview of the MongoDB environment in order to answer questions + around data access. With visibility into every corner of MongoDB and the operating system it + relies upon, organizations can proactively highlight and prioritize risks to sensitive data. + Additionally, organizations can automate manual, time-consuming, and expensive processes + associated with compliance, security, and operations to easily adhere to best practices that keep + MongoDB Server safe and operational. +- MySQL Solution – The MySQL Solution automates the process of understanding where SQL databases + exist and provides an overview of the MySQL environment in order to answer questions around data + access. With visibility into every corner of Microsoft SQL Server and the Windows operating system + it relies upon, organizations can proactively highlight and prioritize risks to sensitive data. + Additionally, organizations can automate manual, time-consuming, and expensive processes + associated with compliance, security, and operations to easily adhere to best practices that keep + SQL Server safe and operational. +- Oracle Solution – The Oracle Solution delivers comprehensive permissions, activity, and sensitive + data auditing and reporting for Oracle databases. Through the power of Enterprise Auditor, users + can automate Oracle instance discovery, understand who has access to their Oracle databases, the + level of permission they have, and who is leveraging their access privileges, identify the + location of sensitive information, measure adherence to best practices, and generate workflows and + reports to satisfy security, compliance, and operational requirements. +- PostgreSQL Solution – Enterprise Auditor PostgreSQL Solution Set is a set of pre-configured audit + jobs and reports that provides visibility into PostgreSQL Sensitive Data. +- Redshift – Enterprise Auditor Redshift Solution Set is a set of pre-configured audit jobs and + reports that provides visibility into Redshift Sensitive Data. +- SQL Solution – The SQL Solution is an auditing, compliance, and governance solution for Microsoft + SQL Server database. Key capabilities include effective access calculation, sensitive data + discovery, security configuration assessment, and database activity monitoring. + +See the +[Databases Solutions](/docs/accessanalyzer/11.6/solutions/databases/overview.md) +topic for additional information. + +### Dropbox Solution + +The Dropbox Solution is an auditing, compliance, and governance solution for Dropbox for Business. +Key capabilities include effective access calculation, sensitive data discovery, file content +inspection, inactive access and stale data identification, and entitlement collection for +integration with Identity & Access Management (IAM) processes. + +See the +[Dropbox Solution](/docs/accessanalyzer/11.6/solutions/dropbox/overview.md) +topic for additional information. + +**NOTE:** Sensitive data auditing requires the Sensitive Data Discovery Add-on. + +### Exchange Solution + +The Exchange Solution provides auditing and reporting on multiple aspects of the Exchange +environment to assist with identifying risk, understanding usage, and decreasing bloat. Areas of +focus include Audit and Compliance, Maintenance and Cleanup, Metrics and Capacity, Operations and +Health, Public Folders and Configuration Baseline. + +See the +[Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +topic for additional information. + +**NOTE:** Sensitive data auditing requires the Sensitive Data Discovery Add-on. + +### File Systems Solution + +The File Systems Solution is an auditing, compliance, and governance solution for Windows, NAS, +Unix, and Linux file systems. Key capabilities include effective access calculation, data owner +identification, governance workflows including entitlement reviews and self-service access requests, +sensitive data discovery and classification, open access remediation, least-privilege access +transformation, and file activity monitoring. + +See the +[File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/overview.md) +topic for additional information. + +**NOTE:** Activity auditing requires the Activity Monitor. Sensitive data auditing requires the +Sensitive Data Discovery Add-on. + +### SharePoint Solution + +The SharePoint Solution is a comprehensive set of audit jobs and reports which provide the +information every administrator needs regarding SharePoint on-premises and SharePoint Online +infrastructure, configuration, performance, permissions, required ports, and effective rights. + +See the +[SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/overview.md) +topic for additional information. + +**NOTE:** Sensitive data auditing requires the Sensitive Data Discovery Add-on. + +### Unix Solution + +The Unix Solution reports on areas of administrative concern for Unix and Linux systems. Attention +is given to users and group details, privileged access rights, and NFS and Samba sharing +configurations. + +See the +[Unix Solution](/docs/accessanalyzer/11.6/solutions/unix/overview.md) +topic for additional information. + +### Windows Solution + +The Windows Solution allows organizations to quickly inventory, assess, and secure their Windows +desktop and server infrastructure from a central location. Key capabilities include privileged +account discovery, security configuration and vulnerability assessment, compliance reporting, and +asset inventory. + +See the +[Windows Solution](/docs/accessanalyzer/11.6/solutions/windows/overview.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/requirements/overview.md b/docs/accessanalyzer/11.6/requirements/overview.md new file mode 100644 index 0000000000..61001a1399 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/overview.md @@ -0,0 +1,210 @@ +# Requirements + +This topic describes the recommended configuration of the servers needed to install the application +in a production environment. Depending on the size of the organization, it is recommended to review +your environment and requirements with a Netwrix engineer prior to deployment to ensure all +exceptions are covered. + +## Architecture Overview + +The following servers and applications are required for installation of the application: + +Core Components + +- Enterprise Auditor Console Server – This is where the v11.6 application is installed. +- SQL Server for Enterprise Auditor Database – As a data-intensive application, a well-provisioned, + dedicated SQL Server is recommended. +- Access Information Center Application Server – This application is typically installed on the + Enterprise Auditor Console server and is a browser-based, interactive dashboard for exploring + permissions, activity, and sensitive data. + + **NOTE:** The Access Information Center is often installed on the same server as the Enterprise + Auditor application, but it can be installed separately. + +Add-on Component + +- Enterprise Auditor Sensitive Data Discovery Add-On – This application is installed on the + Enterprise Auditor Console server as an add-on enabling Sensitive Data criteria for scans. In some + cases it must also be installed on additional servers. See the + [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) + topic for additional information. + +Exchange Solution-Specific Components + +- Enterprise Auditor MAPI CDO – This application is installed on the Enterprise Auditor Console + server to enable the Settings > Exchange global configuration interface within Enterprise Auditor. + +File System Solution-Specific Components + +- Enterprise Auditor File System Proxy Server – In certain environments, a proxy server may be + utilized to scan hosts in remote or firewalled sites to increase scan capacity in large + environments. This feature can be implemented through either an applet or a service. The applet + would be deployed as part of the data collection process. The service should be installed prior to + data collection. See the + [Proxy Mode as a Service](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md#proxy-mode-as-a-service) + topic for server requirements. +- Enterprise Auditor Sensitive Data Discovery Add-On – This application is installed on the file + system proxy server where the File System Proxy Service is installed as an add-on enabling + Sensitive Data criteria for scans. + +SharePoint Solution-Specific Components + +- Enterprise Auditor SharePoint Agent Server – For agent-based scans, this application can be + installed on the SharePoint application server that hosts the “Central Administration” component + of the targeted farm(s) to auditing permissions, content, and sensitive data for SharePoint + On-Premise. See the + [SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) + topic for server requirements. +- Enterprise Auditor Sensitive Data Discovery Add-On – This application is installed on the same + server where the Enterprise Auditor SharePoint Agent is installed as an add-on enabling Sensitive + Data criteria for scans. + +Activity Event Data Considerations + +- Netwrix Activity Monitor – Enterprise Auditor depends upon integration with the Activity Monitor + for monitored event data for several solutions. See the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for installation requirements and information on collecting activity data. +- Netwrix Threat Prevention – Enterprise Auditor can integrate with Threat Prevention for Active + Directory and Windows File System event data. This integration works in conjunction with Netwrix + Activity Monitor. See the the + [Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) + for installation requirements and information on collecting activity data. + +Target Environment Considerations + +The target environment encompasses all servers, devices, or infrastructure to be audited by +Enterprise Auditor. Most solutions have additional target requirements. + +## Enterprise Auditor Console & Access Information Center Server Requirements + +The server can be physical or virtual. The requirements are: + +- Windows Server 2016 through Windows Server 2022 + +Additionally the server must meet these requirements: + +- US English language installation +- Domain member + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. See the following topics for +additional: + +- [Active Directory Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/activedirectory.md#active-directory-solution-requirements-on-the-enterprise-auditor-console) +- [Active Directory Permissions Analyzer Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/activedirectorypermissionsanalyzer.md#active-directory-permissions-analyzer-solution-requirements-on-the-enterprise-auditor-console) +- [AWS Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/aws.md#aws-solution-requirements-on-the-enterprise-auditor-console) +- [Box Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/box.md#box-solution-requirements-on-the-enterprise-auditor-console) +- [Databases Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/databases.md#databases-solution-requirements-on-the-enterprise-auditor-console) +- [Dropbox Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/dropbox.md#dropbox-solution-requirements-on-the-enterprise-auditor-console) +- [Entra ID Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/entraid.md#entra-idsolution-requirements-on-the-enterprise-auditor-console) +- [Exchange Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/exchange.md#exchange-solution-requirements-on-the-enterprise-auditor-console) +- [File System Solution Requirements on the Enterprise Auditor Console ](/docs/accessanalyzer/11.6/requirements/solutions/filesystem.md#file-system-solution-requirements-on-the-enterprise-auditor-console) +- [SharePoint Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint.md#sharepoint-solution-requirements-on-the-enterprise-auditor-console) +- [Unix Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/unix.md#unix-solution-requirements-on-the-enterprise-auditor-console) +- [Windows Solution Requirements on the Enterprise Auditor Console](/docs/accessanalyzer/11.6/requirements/solutions/windows.md#windows-solution-requirements-on-the-enterprise-auditor-console) + +Additional Server Requirements + +The following are additional requirements for the Console server: + +- .NET Framework 4.7.2 installed, which can be downloaded from the link in the Microsoft + [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) + article. +- Microsoft SQL Server supports TLS 1.2, which requires the Enterprise Auditor Console server to + have either SQL Server Native Client 11 or Microsoft OleDB 18 installed + +Additional Server Considerations + +The following are recommended for the Console server: + +- 100/1000 Mb Network Connection +- SQL Server Management Studio installed (Optional) +- Font "arial-unicode-ms" installed (Needed for report Unicode character support) + +Permissions for Installation + +The following permissions are required to install and use the application: + +- Membership in the local Administrators group for the Enterprise Auditor Console server + + **NOTE:** Role based access can be enabled for a least privilege user model. + +Supported Browsers + +The following is a list of supported browsers for the Web Console and the Access Information Center: + +- Google® Chrome® +- Microsoft® Edge® +- Mozilla® Firefox® + +## SQL Server Requirements + +The server requirements include one of the following SQL Server versions: + +- SQL Server 2016 through SQL Server 2022 +- Azure SQL Managed Instances + +Additionally the server must meet this requirement: + +- US English language installation + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. See the following topics for +additional: + +- [Active Directory Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/activedirectory.md#active-directory-solution-requirements-on-the-sql-server) +- [Active Directory Permissions Analyzer Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/activedirectorypermissionsanalyzer.md#active-directory-permissions-analyzer-solution-requirements-on-the-sql-server) +- [AWS Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/aws.md#aws-solution-requirements-on-the-sql-server) +- [Box Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/box.md#box-solution-requirements-on-the-sql-server) +- [Databases Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/databases.md#databases-solution-requirements-on-the-sql-server) +- [Entra ID Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/entraid.md#entra-id-solution-requirements-on-the-sql-server) +- [Exchange Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/exchange.md#exchange-solution-requirements-on-the-sql-server) +- [File System Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/filesystem.md#file-system-solution-requirements-on-the-sql-server) +- [SharePoint Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint.md#sharepoint-solution-requirements-on-the-sql-server) +- [Unix Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/unix.md#unix-solution-requirements-on-the-sql-server) +- [Windows Solution Requirements on the SQL Server](/docs/accessanalyzer/11.6/requirements/solutions/windows.md#windows-solution-requirements-on-the-sql-server) + +Additional Server Requirements + +The following are additional requirements for the SQL Server: + +- SQL Server must be equal or newer version than the version to be targeted +- All SQL Server databases configured to use ‘Simple Recovery Model’ + +Additional Server Considerations + +The following additional considerations are recommended for the SQL Server: + +- The standard Autogrowth setting can cause Enterprise Auditor job delays. Database growth is + computationally intensive. While SQL Server is growing the database, no other activity can occur. + If this option is employed, please speak with a Netwrix engineer to determine an appropriate + setting for best performance. +- Microsoft SQL Server supports TLS 1.2, which requires the Enterprise Auditor Console server to + have either SQL Server Native Client 11 or Microsoft OleDB 18 installed. +- _Optional_: SQL Server Management Studio installed on the Enterprise Auditor Console server + +Database Permissions + +The following permissions are required on the databases: + +- Database Owner +- Provisioned to use Default Schema of ‘dbo’ + +## Virtual Environment Recommendations + +While physical machines are always preferred, we fully support the use of virtual machines. This +section contains special considerations when leveraging virtualization. + +- VMWare® ESX® – If using ESX, the following specifications are recommended: + + - ESX 4.0 / ESXi™ 4.1 or higher + - Virtual Hardware 7 or higher + - All Virtual Machines installed on the same datacenter / rack + +- Virtual Storage Consideration + + - In the server requirements, when separate disks are required for the servers, that should + translate to separate data stores on the VM host machine. diff --git a/docs/accessanalyzer/11.6/requirements/solutions/activedirectory.md b/docs/accessanalyzer/11.6/requirements/solutions/activedirectory.md new file mode 100644 index 0000000000..400d9ca8ce --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/activedirectory.md @@ -0,0 +1,47 @@ +# Active Directory Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat +Prevention is required for event activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or +the +[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) +for installation requirements and information on collecting activity data. + +See the +[Active Directory Domain Target Requirements](/docs/accessanalyzer/11.6/config/activedirectory/overview.md) +topic for target environment requirements. + +## Active Directory Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Active Directory Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/activedirectorypermissionsanalyzer.md b/docs/accessanalyzer/11.6/requirements/solutions/activedirectorypermissionsanalyzer.md new file mode 100644 index 0000000000..778e00cbcd --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/activedirectorypermissionsanalyzer.md @@ -0,0 +1,40 @@ +# Active Directory Permissions Analyzer Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +See the +[Domain Target Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/activedirectorypermissionsanalyzer.md) +topic for target environment requirements. + +## Active Directory Permissions Analyzer Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Active Directory Permissions Analyzer Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 1 TB | 450 GB | +| SQL Transaction Log Disk | 240 GB | 120 GB | +| SQL TEMP DB Disk | 350 GB | 240 GB | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/aws.md b/docs/accessanalyzer/11.6/requirements/solutions/aws.md new file mode 100644 index 0000000000..5b06f1c55a --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/aws.md @@ -0,0 +1,60 @@ +# Amazon Web Services (AWS) Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. + +See the +[Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/aws.md) +topic for target environment requirements. + +## AWS Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | -------------- | -------------- | +| Definition | > 100 Accounts | < 100 Accounts | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +Sensitive Data Discovery Auditing Requirement + +The following is required to run Sensitive Data Discovery scans: + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +## AWS Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | -------------- | -------------- | +| Definition | > 100 Accounts | < 100 Accounts | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/box.md b/docs/accessanalyzer/11.6/requirements/solutions/box.md new file mode 100644 index 0000000000..21ba7844fd --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/box.md @@ -0,0 +1,40 @@ +# Box Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +See the +[Target Box Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/box.md) +topic for target environment requirements. + +## Box Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Box Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/databases.md b/docs/accessanalyzer/11.6/requirements/solutions/databases.md new file mode 100644 index 0000000000..5b0c965505 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/databases.md @@ -0,0 +1,87 @@ +# Databases Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +In addition to these, integration with either the Netwrix Activity Monitor is required for event +activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for installation requirements and information on collecting activity data. + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. + +See the following topics for target environment requirements: + +- [Target Db2 Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databasedb2.md) +- [Target MongoDB Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databasemongodb.md) +- [Target MySQL Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databasemysql.md) +- [Target Oracle Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databaseoracle.md) +- [Target PostgreSQL Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databasepostgresql.md) +- [Target Redshift Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databaseredshift.md) +- [Target SQL Server Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databasesql.md) + +## Databases Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Extra-Large | Large | Medium | Small | +| ----------- | -------------------- | ------------------------ | --------------------- | -------------------- | +| Definition | > 1 TB database size | Up to 1 TB database size | ~250 GB database size | ~50 GB database size | +| RAM | 24 GB | 16 GB | 12 GB | 4 GB | +| Cores | 8 CPU | 8 CPU | 4 CPU | 2 CPU | +| Disk Space | 460 GB | 280 GB | 160 GB | 80 GB | + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +Additional Server Considerations for Oracle Scans + +For scanning Oracle databases, the following are additional requirements for the Console server: + +- Windows Management Framework 3+ installed +- PowerShell 3.0+ installed +- NMAP installed +- For Instance Discovery, NMAP installed + +Additional Server Considerations for SQL Server Scans + +For scanning SQL databases, the following are additional requirements for the Console server: + +- Windows Management Framework 3+ installed +- PowerShell 3.0+ installed + +Sensitive Data Discovery Auditing Requirement + +The following is required to run Sensitive Data Discovery scans: + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +## Databases Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Extra-Large | Large | Medium | Small | +| ------------------------ | -------------------- | ------------------------ | --------------------- | -------------------- | +| Definition | > 1 TB database size | Up to 1 TB database size | ~250 GB database size | ~50 GB database size | +| RAM | 64 GB | 32 GB | 16 GB | 8 GB | +| Cores | 16 CPU | 12 CPU | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | +| SQL Database Disk | 500 GB | 320 GB | 240 GB | 100 GB | +| SQL Transaction Log Disk | 120 GB | 100 GB | 80 GB | 40 GB | +| SQL TEMP DB Disk | 320 GB | 240 GB | 160 GB | 80 GB | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/dropbox.md b/docs/accessanalyzer/11.6/requirements/solutions/dropbox.md new file mode 100644 index 0000000000..f8cb428b2b --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/dropbox.md @@ -0,0 +1,67 @@ +# Dropbox Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat +Prevention is required for event activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or +the +[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) +for installation requirements and information on collecting activity data. + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. + +See the +[Target Dropbox Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/dropbox.md) +topic for target environment requirements. + +## Dropbox Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +Sensitive Data Discovery Auditing Requirement + +The following is required to run Sensitive Data Discovery scans: + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +## Dropbox Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/entraid.md b/docs/accessanalyzer/11.6/requirements/solutions/entraid.md new file mode 100644 index 0000000000..c21966f68f --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/entraid.md @@ -0,0 +1,42 @@ +# Entra ID Solution + +**NOTE:** The Entra ID solution is for scanning Microsoft Entra ID, formerly Azure Active Directory. + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +See the +[Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/11.6/config/entraid/overview.md) +topic for target environment requirements. + +## Entra ID Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Entra ID Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/exchange.md b/docs/accessanalyzer/11.6/requirements/solutions/exchange.md new file mode 100644 index 0000000000..de8f9b1e96 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/exchange.md @@ -0,0 +1,98 @@ +# Exchange Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat +Prevention is required for event activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or +the +[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) +for installation requirements and information on collecting activity data. + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. + +See the following topics for target environment requirements: + +- [Target Exchange Servers Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/exchange.md) +- [Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/exchangeonline.md) + +## Exchange Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Extra Large – Large | Medium – Small | +| ----------- | ------------------------- | ----------------------- | +| Definition | ~50,000-120,000 Mailboxes | ~1,000-10,000 Mailboxes | +| RAM | 16+ GB | 8+ GB | +| Cores | 8 CPU | 4 CPU | +| Disk Space | 120 GB | 120 GB | + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +Sensitive Data Discovery Auditing Requirement + +The following is required to run Sensitive Data Discovery scans: + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Permissions to Run Exchange Scans + +The following are additional requirements for the Enterprise Auditor Console server specific to +running the Exchange Solution: + +- Outlook should not be installed +- StealthAUDIT MAPI CDO installed (for MAPI- based data collectors). See the + [StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md) + topic for additional information. +- Exchange MAPI CDO installed (for MAPI- based data collectors) +- For targeting Exchange 2010 – Exchange Management Tools 2010 installed on the Enterprise Auditor + Console server +- For Targeting Exchange Online – PowerShell Execution Policy set to unrestricted for both 64-bit + and 32-bit versions + +Exchange Online Modern Authentication + +The following prerequisites are required to use Modern Authentication for Exchange Online in +Enterprise Auditor. + +- Exchange Online Management v3.4.0 + + - You can install this module with the following command: + + ``` + Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 + ``` + +- Create a self-signed certificate that will be used by Enterprise Auditor for Modern Authentication + +## Exchange Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Extra-Large | Large | Medium | Small | +| ------------------------ | ------------------ | ----------------- | ----------------- | ---------------- | +| Definition | ~120,000 Mailboxes | ~50,000 Mailboxes | ~10,000 Mailboxes | ~1,000 Mailboxes | +| RAM | 64 GB | 16 GB | 16 GB | 8 GB | +| Cores | 16 CPU | 16 CPU | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | +| SQL Database Disk | 1.25 TB | 650 GB | 415 GB | 325 GB | +| SQL Transaction Log Disk | 650 GB | 650 GB | 325 GB | 325 GB | +| SQL TEMP DB Disk | 325 GB | 325 GB | 325 GB | 325 GB | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/exchange/mailflow.md b/docs/accessanalyzer/11.6/requirements/solutions/exchange/mailflow.md new file mode 100644 index 0000000000..5ffcdc1d1a --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/exchange/mailflow.md @@ -0,0 +1,64 @@ +# Exchange Mail-Flow Permissions + +The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking +Logs on the Exchange servers. Some examples of this include server volume and message size +statistics. This data collector utilizes an applet to process and collect summarized metrics from +the Message Tracking Log. + +1. HUB Metrics Job Group Requirement + +In addition to the permissions required by the ExchangeMetrics Data Collector, the Connection +Profile assigned to the 1. HUB Metrics Job Group requires the following permission and User Rights +(based on default settings): + +- Member of the local Administrator group on the targeted Exchange server(s) where the Hub Transport + service is running +- Log on as a Service Group Policy: + + - Go to `GPedit.msc` + - Go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User + Rights + +Applet Permissions + +This is required because the ExchangeMetrics Data Collector is an applet-based data collector. It +requires + +- Member of the local Administrator group on the targeted Exchange server(s) + +This grants access to the Message Tracking Logs and the ability to create the +`SA_ExchangeMetricsData` folder, which will contain the applet files and the processed message +tracking log files stored inside a SQLite database for each day. For example: + +\\ExchangeServerName\c$\Program Files\Microsoft\Exchange +Server\V14\TransportRoles\Logs\MessageTracking + +If there have been additional security or permission modifications on the server(s), the following +rights and policies may need to be enabled on the targeted host: + +- Ensure the Administrator group has been granted Full Control over Message Tracking Log Directories +- WMI Control (`wmimgmt.msc`) > Right Click Properties > Security + + - Security Tab > Root > CIMV2 > Click Security + + - Ensure the Administrators group has been assigned: + + - Execute Methods + - Remote Enable + - Enable Account + +- Local Security Policy (`secpol.msc`): + + - Local Policies > User Rights Assignment: + + - Ensure the ‘Replace a Process Level Token’ right grants access to Local Service, Network + Service, and Administrators + - Ensure the ‘Adjust Memory Quotas for a Process’ right grants access to Local Service, + Network Service, and Administrators + - Ensure the ‘Impersonate a client after authentication’ right grants access to Local + Service and Administrators + - Ensure the Administrators group has been granted the following rights: + + - Access this computer from a network + - Allow Log on Locally + - Log on as a batch job diff --git a/docs/accessanalyzer/11.6/requirements/solutions/exchange/mapi.md b/docs/accessanalyzer/11.6/requirements/solutions/exchange/mapi.md new file mode 100644 index 0000000000..35f73b6e9e --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/exchange/mapi.md @@ -0,0 +1,29 @@ +# MAPI-Based Data Collector Permissions + +The Exchange2K, ExchangeMailbox, and ExchangePublicFolder data collectors have other permission +requirements. + +These data collectors supports Exchange 2010 through Exchange 2013. Since this data collectors are +MAPI-based, they do not support Exchange Online, Exchange 2019, nor Exchange 2016. + +All MAPI-based data collectors have the following prerequisites: + +- Microsoft MAPI CDO installed on the StealthAUDIT Console +- StealthAUDIT MAPI CDO installed on the StealthAUDIT Console +- Settings > Exchange node configured in the StealthAUDIT Console + +The Exchange2K Data Collector is used in the 3. Databases Job Group has the following permission +requirements: + +- Public Folder Management + +The ExchangePublicFolder Data Collector is used in the 5. Public Folders Job Group has the following +permission requirements: + +- Organization Management + +The ExchangeMailbox Data Collector is used in the 7. Sensitive Data Job Group has the following +permission requirements: + +- Organization Management +- Discovery Management diff --git a/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md b/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md new file mode 100644 index 0000000000..75fa816102 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md @@ -0,0 +1,236 @@ +# Exchange PowerShell Permissions + +The ExchangePS Data Collector utilizes PowerShell to collect various information from the Exchange +environment. This data collector utilizes Remote PowerShell to collect information about Exchange +Users Configuration, Mailboxes, Public Folders, and Exchange Online Mail-Flow. + +Job Group Requirements in Addition to ExchangePS + +In addition to the permissions required by the ExchangePS Data Collector, the Connection Profile +assigned to these job groups requires the following permissions: + +- 2. CAS Metrics + + - This job group also requires remote connection permissions for the SMARTLog Data Collector. + See the + [Exchange Remote Connections Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/remoteconnections.md) + topic for additional information. + +- 3. Databases + + - This job group also requires permissions for the Exchange2K Data Collector, which is + MAPI-based and has additional requirements + +- 4. Mailboxes + + - This job group also requires Exchange Mailbox Access Auditing to be enabled. See the + [Enable Exchange Mailbox Access Auditing](#enable-exchange-mailbox-access-auditing) topic for + additional information. + +- 5. Public Folders + + - This job group also requires permissions for the ExchangePublicFolder Data Collector, which is + MAPI-based and has additional requirements + +- 8. Exchange Online + + - This job group uses Modern Authentication to target Exchange Online. See the + [Exchange Online Auditing Configuration](/docs/accessanalyzer/11.6/config/exchangeonline/access.md) topic + for additional information. + +## Permissions Explained + +Remote PowerShell and Windows Authentication Enabled + +The Remote PowerShell and Windows Authentication configurations for Exchanges servers are required +to be enabled on at least one Exchange server running the Client Access Service so that the +ExchangePS Data Collector can make a remote PowerShell connection and authenticate through +Enterprise Auditor. + +Enterprise Auditor passes credentials saved in the Connection Profile to the data collector so that +it is able to connect to the targeted host. This requires the Exchange server to allow for Windows +Authentication. See the +[Enable Remote PowerShell for ExchangePS Data Collector](#enable-remote-powershell-for-exchangeps-data-collector) +topic and the +[Enable Windows Authentication for PowerShell Virtual Directory](#enable-windows-authentication-for-powershell-virtual-directory) +topic for additional information. + +View-Only Organization Management Role Group + +This is required so the ExchangePS Data Collector is able to run the various Exchange PowerShell +cmdlets. + +Public Folder Management + +This permission is only required if utilizing the ExchangePublicFolder Data Collector or +ExchangeMailbox Data Collector, as well as the PublicFolder or Mailbox Action Modules. This is +required in order to make a connection through the MAPI protocol. The following job group requires +the Public Folder Management Role Group: + +- 5. Public Folders > Ownership + +If not running this collection, then this permission is not required. + +Mailbox Search Role + +This is required to collect Mailbox Access Audit logs and run Mailbox Search queries through the +ExchangePS Data Collector. The following job group requires the Mailbox Search Role: + +- 4. Mailboxes > Logons + +Application Impersonation Role + +The Application Impersonation Role is a customer role you need to create. See the +[Create Custom Application Impersonation Role in Exchange](#create-custom-application-impersonation-role-in-exchange) +topic for additional information. + +## Scoping Options + +There are five different scoping options within this data collector. Since not all query categories +support all scoping options, No Scoping is an option. If there are no scoping options available, +then the data collector should be run against the host specified in the Summary page of the data +collector wizard. + +No Scoping + +This option will gather information about the entire Exchange Organization. When using the applet, +the data collector will gather information about the Exchange Forest in which the Enterprise Auditor +Console currently resides. For Remote PowerShell, the data collector will gather information about +the Exchange Organization to which the Remote PowerShell connection was made. This refers to the +server entered in the Client Access Server (CAS) field of the global configuration from the +**Settings** > **Exchange** node or on the Scope Page of the data collector wizard. See the +[ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) +topic for additional information. + +Scope by Database + +This option will gather information about any databases which are chosen. When using the applet, the +data collector will return databases in the Scope by DB page of the data collector wizard for the +Exchange Organization in which the Enterprise Auditor Console currently resides, as well as, only +return information about those databases. For Remote PowerShell, the data collector will return +databases in the Scope by DB page of the data collector wizard for the Exchange Forest, as well as, +only return information about those databases. See the +[ExchangePS: Scope by DB](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopedatabases.md) +topic for additional information. + +Scope by Mailbox + +This option will gather information about any mailboxes which are chosen. When using the applet, the +data collector will return mailboxes in the Scope by Mailboxes page of the data collector wizard for +the Exchange Forest in which the Enterprise Auditor Console currently resides, as well as, only +return information about those mailboxes. For Remote PowerShell, the data collector will return +mailboxes in the Scope by Mailboxes page of the data collector wizard for the Exchange Forest, as +well as, only return information about those mailboxes. See the +[ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopemailboxes.md) +topic for additional information. + +Scope by Server + +This option will gather information about objects which reside on the chosen server. When choosing +this option, the data collector will then use the Host List applied to the job’s **Configure** > +**Hosts** node as the servers scoping list. When using the applet, the data collector will deploy a +process to the targeted host to run the PowerShell on that server. For Remote PowerShell, the data +collector will deploy no applet and utilize the WinRM protocol to gather information about the +objects on that server. + +Scope by Public Folder + +This option will gather information about any public folders which are chosen. When using the +applet, the data collector will return public folders in the Scope by Public Folders page of the +data collector wizard for the Exchange Forest in which the Enterprise Auditor Console currently +resides, as well as, only return information about those public folders. For Remote PowerShell, the +data collector will return public folders in the Scope by Public Folders page of the data collector +wizard for the Exchange Forest, as well as, only return information about those public folders. See +the +[ExchangePS: Scope by Public Folders](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfolders.md) +topic for additional information. + +## Enable Remote PowerShell for ExchangePS Data Collector + +Follow these steps to enable Remote PowerShell. + +**Step 1 –** On the server that Enterprise Auditor will connect with Remote PowerShell, open +PowerShell. + +**Step 2 –** Run the following command: + +``` +Enable-PSRemoting +``` + +**Step 3 –** When prompted, type `A` and `A` again to enable the appropriate services and protocols. + +Remote PowerShell has been enabled. See the Microsoft +[Tip: Enable and Use Remote Commands in Windows PowerShell](https://technet.microsoft.com/en-us/library/ff700227.aspx) +article for additional information. + +Next, enable Windows Authentication for PowerShell Virtual Directory on the same server. + +## Enable Windows Authentication for PowerShell Virtual Directory + +Once Remote PowerShell has been enabled on an Exchange Server in the environment, it is necessary to +also enable Windows Authentication for the PowerShell Virtual Directory on the same Exchange server. +Follow these steps to enable Windows Authentication. + +**Step 1 –** On the server where Remote PowerShell was enabled, open the Internet Information +Services (IIS) Manager. + +![IIS Authentication Open Feature](/img/product_docs/accessanalyzer/11.6/requirements/solutions/exchange/iismanager.webp) + +**Step 2 –** Traverse to the **PowerShell** Virtual Directory under the **Default Web Site**. Select +**Authentication** and click **Open Feature**. + +![IIS Enable Windows Authentication](/img/product_docs/accessanalyzer/11.6/requirements/solutions/exchange/iismanagerauth.webp) + +**Step 3 –** Right-click on **Windows Authentication** and select **Enable**. + +Windows Authentication has been enabled for the PowerShell Virtual Directory. + +## Create Custom Application Impersonation Role in Exchange + +Follow the steps to create the custom Application Impersonation role. The process is the same for +Exchange 2010 Service Pack 1 through Exchange 2019 and Exchange Online. + +**Step 1 –** Within the Exchange Admin Center, navigate to the permissions section and select admin +roles. + +**Step 2 –** Add a new role group by clicking on the + button, and the New Role Group window opens. + +![New role group window](/img/product_docs/accessanalyzer/11.6/requirements/solutions/exchange/rolegroup.webp) + +**Step 3 –** Configure the new role group with the following settings: + +- Name – Provide a distinct name for the role group, for example Application Impersonation +- Description – Optionally indicate in the description that the new role group is required for + Enterprise Auditor +- Write scope – Remain set to **Default** +- Roles – Click the + button to open the Select a Role window. Select the + **ApplicationImpersonation** role from the available list and click **Add**. Then click **OK** to + close the Select a Role window. +- Members – Click the + button to open the Select Members window. Select the account from the + available list and click **Add**. Remember, the account needs to be assigned the other permissions + required for the **EWSMailbox** and/or **EWSPublicFolder** data collectors. Then click **OK** to + close the Select Members window. + +**Step 4 –** **Save** the new role group. + +The new role group appears in the list. + +## Enable Exchange Mailbox Access Auditing + +The 4. Mailboxes Job Group requires the Exchange Mailbox Access Auditing to be enabled. In order to +collect Mailbox Access Auditing events, it is necessary to enable Exchange Mailbox Access Auditing +for Exchange. See the following Microsoft articles: + +- Exchange Online – + [Enable mailbox auditing in Office 365](https://technet.microsoft.com/en-us/library/dn879651.aspx) + article +- Exchange 2016 – Exchange 2019 – + [Enable or disable mailbox audit logging for a mailbox](https://technet.microsoft.com/en-us/library/ff461937(v=exchg.160).aspx) + article +- Exchange 2013 – + [Enable or disable mailbox audit logging for a mailbox](https://technet.microsoft.com/en-us/library/ff461937(v=exchg.150).aspx) + article +- Exchange 2010 – + [Enable or Disable Mailbox Audit Logging for a Mailbox](https://technet.microsoft.com/en-us/library/ff461937(v=exchg.141).aspx) + article diff --git a/docs/accessanalyzer/11.6/requirements/solutions/exchange/remoteconnections.md b/docs/accessanalyzer/11.6/requirements/solutions/exchange/remoteconnections.md new file mode 100644 index 0000000000..4a7eca4f8e --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/exchange/remoteconnections.md @@ -0,0 +1,65 @@ +# Exchange Remote Connections Permissions + +The SMARTLog Data Collector processes the IIS Logs on the server running the Client Access Service +(CAS) to return information about the remote connections being made to Exchange. This data collector +uses an applet to process and collect the IIS Logs. + +2. CAS Metrics Job Group Requirement + +In addition to the permissions required by the SMARTLog Data Collector, the Connection Profile +assigned to the 2. CAS Metrics Job Group requires the following permissions and User Rights (based +on default settings): + +- Member of the local Administrator group on the targeted Exchange server(s) where the Client Access + Service is running +- Log on as a Service Group Policy: + + - Go to `GPedit.msc` + - Go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User + Rights + +- Permissions required by the ExchangePS Data Collector. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) + topic for additional information. + +Applet Permissions + +This is required because the SMARTLog Data Collector is an applet-based data collector. It requires +the following permission on the target host which contain the IIS Logs: + +- Member of the local Administrators group + +This grants the ability to process logs folder which will contain the applet files and logs. For +example: + +\\ExchangeServerName\c$\Program Files (x86)\STEALTHbits\StealthAUDIT\LogProcessor + +If there have been additional security or permission modifications on the server(s), the following +rights and policies may need to be enabled on the targeted host: + +- Ensure the Administrator group has been granted Full Control over IIS Log Directories +- WMI Control (`wmimgmt.msc`) > Right Click Properties > Security + + - Security Tab > Root > CIMV2 > Click Security + + - Ensure the Administrators group has been assigned: + + - Execute Methods + - Remote Enable + - Enable Account + +- Local Security Policy (`secpol.msc`): + + - Local Policies > User Rights Assignment: + + - Ensure the ‘Replace a Process Level Token’ right grants access to Local Service, Network + Service, and Administrators + - Ensure the ‘Adjust Memory Quotas for a Process’ right grants access to Local Service, + Network Service, and Administrators + - Ensure the ‘Impersonate a client after authentication’ right grants access to Local + Service and Administrators + - Ensure the Administrators group has been granted the following rights: + + - Access this computer from a network + - Allow Log on Locally + - Log on as a batch job diff --git a/docs/accessanalyzer/11.6/requirements/solutions/exchange/support.md b/docs/accessanalyzer/11.6/requirements/solutions/exchange/support.md new file mode 100644 index 0000000000..b05828bca4 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/exchange/support.md @@ -0,0 +1,86 @@ +# Exchange Support and Permissions Explained + +This topic outlines what is supported for each type of Exchange version. + +**NOTE:** Sensitive Data Discovery is available with the EWSMailbox, EWSPublicFolder, and +ExchangeMailbox data collectors. + +## Support by Data Collector + +The following tables provide a breakdown of support by data collector: + +| Data Collector | Exchange Online | Exchange 2019 | Exchange 2016 | Exchange 2013 | Exchange 2010 | MAPI-Based | +| -------------------- | --------------- | ------------- | ------------- | ------------- | ------------- | ---------- | +| EWSMailbox | Yes | Yes | Yes | Yes | Limited\* | No | +| EWSPublicFolder | Yes | Yes | Yes | Yes | Limited\* | No | +| Exchange2k | No | No | No | Yes | Yes | Yes | +| ExchangeMailbox | No | No | No | Yes | Yes | Yes | +| ExchangeMetrics | No | Yes | Yes | Yes | Yes | No | +| ExchangePS | Yes | Yes | Yes | Yes | Yes | No | +| ExchangePublicFolder | No | No | No | Yes | Yes | Yes | +| SMARTLog | No | Yes | Yes | Yes | Yes | No | + +\* The data collector can target Exchange 2010 Service Pack 1 and later. + +## Support by Job Group + +The following tables provide a breakdown of support by job group: + +| Job Group | Exchange Online | Exchange 2019 | Exchange 2016 | Exchange 2013 | Exchange 2010 | MAPI-Based | +| --------------------- | --------------- | ------------- | ------------- | ------------- | ------------- | ---------- | +| 1. HUB Metrics | No | Yes | Yes | Yes | Yes | No | +| 2. CAS Metrics | No | Yes | Yes | Yes | Yes | No | +| 3. Database | No | Limited\* | Limited\* | Yes | Yes | Yes | +| 4. Mailboxes | Yes | Yes | Yes | Yes | Yes | No | +| 5. Public Folders | No | No | No | Yes | Yes | Yes | +| 6. Distribution Lists | Yes | Yes | Yes | Yes | Yes | No | +| 7. Sensitive Data | Yes | Yes | Yes | Yes | Limited\* | Mix\*\* | +| 8. Exchange Online | Yes | No | No | No | No | No | + +\* Limited indicates that some of the data collectors can target the environment, but not all. + +\*\* Mix indicates some data collectors are MAPI-based, but not all. + +## Exchange Solution to Permissions Alignment + +See the following sections for permission requirements according to the job group, data collector, +or action module to be used: + +- [Exchange Mail-Flow Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/mailflow.md) + + - ExchangeMetrics Data Collector + - 1. HUB Metrics Job Group + +- [Exchange Remote Connections Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/remoteconnections.md) + + - SMARTLog Data Collector + - 2. CAS Metrics Job Group + +- [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) + + - ExchangePS Data Collector + - PublicFolder Action Module + - Mailbox Action Module + - 2. CAS Metrics Job Group + - 3. Databases Job Group + - 4. Mailboxes Job Group + - 5. Public Folders Job Group + - 8. Exchange Online Job Group + +- [Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/webservicesapi.md) + + - EWSMailbox Data Collector + - EWSPublicFolder Data Collector + - 7. Sensitive Data Job Group + +- [MAPI-Based Data Collector Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/mapi.md) + + - Exchange2K Data Collector + - ExchangeMailbox Data Collector + - ExchangePublicFolder Data Collector + - 3. Databases Job Group + - 5. Public Folders Job Group + - 7. Sensitive Data Job Group + +**NOTE:** All MAPI-based data collectors require the **Settings** > **Exchange** node configured in +the Enterprise Auditor Console. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/web-services-api.md b/docs/accessanalyzer/11.6/requirements/solutions/exchange/webservicesapi.md similarity index 100% rename from docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/web-services-api.md rename to docs/accessanalyzer/11.6/requirements/solutions/exchange/webservicesapi.md diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem.md new file mode 100644 index 0000000000..b9d26449e5 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem.md @@ -0,0 +1,137 @@ +# File System Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +The File System solution can be configure to use Proxy servers either an applet or as a service. See +the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat +Prevention is required for event activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or +the +[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) +for installation requirements and information on collecting activity data. + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. + +**NOTE:** If proxy server scan options are used, it may also be necessary for the Sensitive Data +Discovery Add-On to be installed on those servers as well. + +See the following topics for target environment requirements: + +- [File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +- [File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) + +## File System Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Enterprise | Extra-Large | Large | Medium | Small | +| ----------- | ------------------------------ | ----------------------------------- | ----------------------------------- | ----------------------------------- | ----------------------------------- | +| Definition | 800+ million files and folders | Up to 800 million files and folders | Up to 500 million files and folders | Up to 200 million files and folders | Up to 100 million files and folders | +| RAM | 24 GB | 24 GB | 16 GB | 12 GB | 4 GB | +| Cores | 8 CPU | 8 CPU | 8 CPU | 4 CPU | 2 CPU | +| Disk Space | 1.5 TB | 770 GB | 470 GB | 270 GB | 130 GB | + +The above recommended disk space sizing information is based on the needs of Enterprise Auditor as +well as the File System solution for running Permission scans with default configuration (500 MB per +million files and folders), that means no tag collection, file-level scanning, activity, or +sensitive data. + +- For tag collection, add 125 MB per million documents to the totals above +- For activity collection, add 250 MB per million files and folders and another 125 MB per million + activity events to the totals above +- For sensitive data collection, add 500 MB per million files and folders and another 1%-10% of the + total size of the documents scanned for sensitive data (depending on targeted document types and + selected criteria) to the totals above + +For example, in order to scan 200 million files and folders, of which 10 million files will be +scanned for tag collection and sensitive data with a total size of 6 TB, you would need: 160 GB for +permission collection + 1.25 GB for tag collection (10x125 MB) + 100 GB for sensitive data +collection (200x500 MB) + 600 GB additional for sensitive data collection (10% of 6 TB) = 861.25 GB +total disk space. + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By +default, SDD scans are configured to run two concurrent threads. For example, if the job is +configured to scan 8 hosts at a time with two concurrent SDD threads, then an extra 32 GB of RAM are +required (8x2x2=32). + +Additional Server Considerations for File System Scans + +If Data Activity Tracking for NAS is required or if NetApp Filers running Clustered Data ONTAP are +in scope, reducing latency between the scanning server and the target device is highly recommended. +Additional hardware may be required, especially if the target NAS devices are not collocated with +the Enterprise Auditor Console server. + +Sensitive Data Discovery Auditing Requirement + +The following is required to run Sensitive Data Discovery scans: + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Permissions on the Console Server to Run File System Scans + +In most cases the Enterprise Auditor user is a member of the local Administrators group on the +application server. However, if the Role Based Access usage is employed, then the user assigned the +role of Job Initiator (for manual execution) or the credential used for the Schedule Service Account +(for scheduled execution) must have the following permissions to execute File System scans in local +mode, applet mode, or proxy mode with applet: + +- Group membership in either of the following local groups: + + - Backup Operators + - Administrators + +These permissions grant the credential the ability to create a high integrity token capable of +leveraging the “Back up files and directories” from where the Enterprise Auditor executable is run. + +Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the +installation directory. This is required by either the user account running the Enterprise Auditor +application, when manually executing jobs from the console, or the Schedule Service Account assigned +within Enterprise Auditor, when running jobs as a scheduled tasks. + +See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic and the +[File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) +topic for permissions required to scan the environment. + +## File System Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Enterprise | Extra-Large | Large | Medium | Small | +| ------------------------ | ------------------------------ | ----------------------------------- | ----------------------------------- | ----------------------------------- | ----------------------------------- | +| Definition | 800+ million files and folders | Up to 800 million files and folders | Up to 500 million files and folders | Up to 200 million files and folders | Up to 100 million files and folders | +| RAM | 64 GB | 64 GB | 32 GB | 16 GB | 8 GB | +| Cores | 16 CPU | 16 CPU | 12 CPU | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | 4 | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | 160 GB | +| SQL Database Disk | 1.6 TB | 830 GB | 530 GB | 400 GB | 170 GB | +| SQL Transaction Log Disk | 390 GB | 200 GB | 170 GB | 130 GB | 70 GB | +| SQL TEMP DB Disk | 1 TB | 530 GB | 400 GB | 270 GB | 130 GB | + +Additional SQL Server Requirements for File System Scans + +The following are additional requirements for the SQL Server specifically for the File System +solution: + +- For File-level Auditing – SQL Server standard edition or higher required +- For File Activity Auditing – SQL Server Enterprise Edition is required diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmodepermissions.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmodepermissions.md new file mode 100644 index 0000000000..d5f97b81af --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmodepermissions.md @@ -0,0 +1,44 @@ +# Applet Mode Permissions + +When File System scans are run in applet mode, it means the File System applet is deployed to the +target host when the job is executed to conduct data collection. However, the applet can only be +deployed to a server with a Windows operating system. The data is collected on the Windows target +host where the applet is deployed. The final step in data collection is to compress and transfer the +data collected in the SQLite database(s), or Tier 2 database(s), back to the Enterprise Auditor +Console server. If the target host is a NAS device, the File System scans will default to local mode +for that host. + +Configure the credential(s) with the following rights on the Windows target host(s): + +- Group membership in the local Administrators group +- Granted the “Backup files and directories” local policy privilege +- Granted the “Log on as a batch” privilege +- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local + Policies > Security Options privilege + +Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the +installation directory on the target host/proxy server as well as on the Enterprise Auditor Console +server. This is required by either the user account running the Enterprise Auditor application, when +manually executing jobs within the console, or the Schedule Service Account assigned within +Enterprise Auditor, when running jobs as a scheduled tasks. + +_Remember,_ Remote Registry Service must be enabled on the host where the applet is deployed (for +Applet Mode or Proxy Mode with Applet scans) to determine the system platform and where to deploy +the applet. + +**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials +for network authentication” must be disabled in order for the applet to start. + +Sensitive Data Discovery Auditing scans also require .NET Framework 4.7.2 or later. to be installed +on the server where the applet is to be deployed in order for Sensitive Data Discovery collections +to successfully occur. The Sensitive Data Discovery Add-On must be installed on the Enterprise +Auditor Console server, which enables Sensitive Data criteria for scans. + +When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials +within the Connection Profile assigned to the File System scans must be properly configured as +explained above. Also the firewall rules must be configured to allow for communication between the +applicable servers. + +See the +[Applet Mode Port Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmodeports.md) +topic for firewall rule information. diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmodeports.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmodeports.md new file mode 100644 index 0000000000..8c698a9433 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmodeports.md @@ -0,0 +1,17 @@ +# Applet Mode Port Requirements + +The following are the firewall settings are required when executing the Access Auditing (FSAA) +and/or Sensitive Data Discovery Auditing scans in applet mode for communication between Enterprise +Auditor and the host: + +| Communication Direction | Protocol | Ports | Description | +| ----------------------------------------------------- | -------- | ----- | ---------------------------------------- | +| Enterprise Auditor Console to Windows Server | TCP | 445 | SMB | +| Between Enterprise Auditor Console and Windows Server | TCP | 8767 | FSAA Applet Certificate Exchange | +| Between Enterprise Auditor Console and Windows Server | TCP | 8766 | FSAA Applet HTTPS communication security | + +**NOTE:** The FSAA applet https requests configuration port 8766 and the FSAA Applet Certificate +Exchange port 8767 can be customized on the Applet Settings page of the File System Access Auditor +Data Collector Wizard. + +**_RECOMMENDED:_** Configure target hosts to respond to ping requests. diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmodepermissions.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmodepermissions.md new file mode 100644 index 0000000000..97c043ed0f --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmodepermissions.md @@ -0,0 +1,50 @@ +# Local Mode Permissions + +When File System scans are run in local mode, it means all of the data collection processing is +conducted by the Enterprise Auditor Console server across the network. The data is collected in the +SQLite database(s), or Tier 2 database(s), on the Enterprise Auditor Console server, and then +imported into theEnterprise Auditor database, or Tier 1 database, on the SQL Server. + +The account used to run either a manual execution or a scheduled execution of the File System scans, +must have the following permissions on the StealthAUDIT Console server: + +- Group membership in either of the following local groups: + - Backup Operators + - Administrators + +Configure the credential(s) with the following rights on the Windows host(s): + +- Group membership in both of the following local groups: + - Power Users + - Backup Operators +- Granted the “Backup files and directories” local policy privilege + +For Windows Server target hosts, the credential also requires: + +- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local + Policies > Security Options privilege + +In order to collect data on administrative shares and local policies (logon policies) for a Windows +target, the credential must have group membership in the local Administrators group. + +Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the +installation directory on the Enterprise Auditor Console server. This is required by either the user +account running the Enterprise Auditor application, when manually executing jobs within the console, +or the Schedule Service Account assigned within Enterprise Auditor, when running jobs as a scheduled +tasks. + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host.  By default, SDD scans are configured to run two concurrent threads. +For example, if the job is configured to scan 8 hosts at a time with two concurrent SDD threads, +then an extra 32 GB of RAM are required (8x2x2=32). + +When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials +within the Connection Profile assigned to the File System scans must be properly configured as +explained above. Also the firewall rules must be configured to allow for communication between the +applicable servers. + +See the +[Local Mode Port Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmodeports.md) +topic for firewall rule information. diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmodeports.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmodeports.md new file mode 100644 index 0000000000..aafd27f276 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmodeports.md @@ -0,0 +1,21 @@ +# Local Mode Port Requirements + +The following are the firewall settings are required when executing the Access Auditing (FSAA) +and/or Sensitive Data Discovery Auditing scans in local mode for communication between Enterprise +Auditor and the target host: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------------------------ | -------- | ----- | ----------- | +| Enterprise Auditor Console to File Server/Device | TCP | 445 | SMB | + +## Additional Firewall Rules for NetApp Data ONTAP Devices + +The NetApp communication security is configured on the Scan Settings page of the File System Access +Auditor Data Collector Wizard. One additional firewall setting is required when targeting either a +NetApp Data ONTAP 7-Mode device or a NetApp Data ONTAP Cluster-mode device. The required setting is +dependent upon how the NetApp communication security option is configured: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------------------- | -------- | ----- | ----------------------------------- | +| Enterprise Auditor Console to NetApp Device | TCP | 80 | HTTP NetApp communication security | +| Enterprise Auditor Console to NetApp Device | TCP | 443 | HTTPS NetApp communication security | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletpermissions.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletpermissions.md new file mode 100644 index 0000000000..1fbcbb9412 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletpermissions.md @@ -0,0 +1,70 @@ +# Proxy Mode with Applet Permissions + +When File System scans are run in proxy mode with applet, it means the File System applet is +deployed to the Windows proxy server when the job is executed to conduct data collection. The data +collection processing is initiated by the proxy server where the applet is deployed and leverages a +local mode-type scan to each of the target hosts. The final step in data collection is to compress +and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Enterprise +Auditor Console server. + +Configure the credential(s) with the following rights on the proxy server(s): + +- Group membership in the local Administrators group +- Granted the Backup files and directories local policy privilege +- Granted the Log on as a batch privilege +- If the applet is deployed as a service, the service account requires the Log on as a service + privilege + + - See the + [FSAA: Applet Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md) + topic for additional information on the applet launch mechanism + +- If running FSAC, the service account in the credential profile requires access to the admin share + (e.g. `C$`) where the `sbtfilemon.ini` file exists + +Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the +installation directory on the proxy server as well as on the Enterprise Auditor Console server. This +is required by either the user account running the Enterprise Auditor application, when manually +executing jobs within the console, or the Schedule Service Account assigned within Enterprise +Auditor, when running jobs as a scheduled tasks. + +_Remember,_ Remote Registry Service must be enabled on the host where the applet is deployed (for +Applet Mode or Proxy Mode with Applet scans) to determine the system platform and where to deploy +the applet. + +**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials +for network authentication” must be disabled in order for the applet to start. + +Configure the credential(s) with the following rights on the Windows host(s): + +- Group membership in both of the following local groups: + - Power Users + - Backup Operators +- Granted the “Backup files and directories” local policy privilege + +For Windows Server target hosts, the credential also requires: + +- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local + Policies > Security Options privilege + +Sensitive Data Discovery Auditing scans also require .NET Framework 4.7.2 or later. to be installed +on the server where the applet is to be deployed in order for Sensitive Data Discovery collections +to successfully occur. The Sensitive Data Discovery Add-On must be installed on the Enterprise +Auditor Console server, which enables Sensitive Data criteria for scans. + +When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials +within the Connection Profile assigned to the File System scans must be properly configured as +explained above. Also the firewall rules must be configured to allow for communication between the +applicable servers. + +See the +[Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletports.md) +topic for firewall rule information. + +Secure Proxy Communication Considerations + +For Proxy Mode with Applet scans, the certificate exchange mechanism and certificate exchange port +must be configured via the File System Access Auditing Data Collector Wizard prior to executing a +scan. See the +[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/certificatemanagement.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletports.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletports.md new file mode 100644 index 0000000000..c427a065d1 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletports.md @@ -0,0 +1,45 @@ +# Proxy Mode with Applet Port Requirements + +The following are the firewall settings are required when executing the Access Auditing (FSAA) +and/or Sensitive Data Discovery Auditing scans in proxy mode with applet for communication between +Enterprise Auditor and the proxy server: + +| Communication Direction | Protocol | Ports | Description | +| ----------------------------------------------------------- | -------- | ----- | ---------------------------------------- | +| Enterprise Auditor Console to Windows Proxy Server | TCP | 445 | SMB | +| Between Enterprise Auditor Console and Windows Proxy Server | TCP | 8767 | FSAA Applet Certificate Exchange | +| Between Enterprise Auditor Console and Windows Server | TCP | 8766 | FSAA Applet HTTPS communication security | + +**NOTE:** The FSAA applet https requests configuration port 8766 and the FSAA Applet Certificate +Exchange port 8767 can be customized on the Applet Settings page of the File System Access Auditor +Data Collector Wizard. + +The following are the firewall settings are required when executing the Access Auditing (FSAA) +and/or Sensitive Data Discovery Auditing scans in proxy mode with applet for communication between +the proxy server and the target host: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------------------ | -------- | ----- | ----------- | +| Windows Proxy Server to File Server/Device | TCP | 445 | SMB | + +## Additional Firewall Rules for NetApp Data ONTAP Devices + +_Remember,_ NetApp communication security is configured on the Scan Settings page of the File System +Access Auditor Data Collector Wizard. One additional firewall setting is required when targeting +either a NetApp Data ONTAP 7-Mode device or a NetApp Data ONTAP Cluster-Mode device. The required +setting is dependent upon how the NetApp communication security option is configured: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------------------- | -------- | ----- | ----------------------------------- | +| Enterprise Auditor Console to NetApp Device | TCP | 80 | HTTP NetApp communication security | +| Enterprise Auditor Console to NetApp Device | TCP | 443 | HTTPS NetApp communication security | + +## Additional Firewall Rules for Windows File Servers + +The following firewall setting is also required when targeting a Windows file server: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------------------- | -------- | ----- | -------------------------- | +| Enterprise Auditor Console to Windows Server | TCP | 135 | for pre-scan access checks | + +**_RECOMMENDED:_** Configure target hosts to respond to ping requests. diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserver.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserver.md new file mode 100644 index 0000000000..3e08823cf9 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserver.md @@ -0,0 +1,110 @@ +# Proxy Mode Server Requirements + +The Enterprise Auditor File System Proxy requirements apply for servers where either the service is +installed or the applet will be deployed unless otherwise stated. + +**NOTE:** Align the proxy server requirements to match the environment size the proxy server will be +handling. + +The server can be physical or virtual. The requirements for Enterprise Auditor are: + +- Windows Server 2016 through Windows Server 2022 + + - US English language installation + - Domain member + +RAM, CPU, and Disk Space + +RAM, CPU, and Disk Space are dependent upon the size of the target environment: + +**CAUTION:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By +default, SDD scans are configured to run two concurrent threads. For example, if the job is +configured to scan 8 hosts at a time with two concurrent SDD threads, then an extra 32 GB of RAM are +required (8x2x2=32). + +- Enterprise Environment (800 million+ files and folders) + + - 24 GB RAM + - 8 CPU Cores + - 1.5 TB Disk Space + +- Extra-Large Environment (Up to 800 million files and folders) + + - 24 GB RAM + - 8 CPU Cores + - 770 GB Disk Space + +- Large Environment (Up to 500 million files and folders) + + - 16 GB RAM + - 8 CPU Cores + - 470 GB Disk Space + +- Medium Environment (Up to 200 million files and folders) + + - 12 GB RAM + - 4 CPU Cores + - 270 GB Disk Space + +- Small Environment (Up to 100 million files and folders) + + - 4 GB RAM + - 2 CPU Cores + - 130 GB Disk Space + +The above recommended disk space sizing information is based on the needs of Enterprise Auditor as +well as the File System solution for running Permission scans with out of the box configuration (500 +MB per million files and folders), that means no tag collection, file-level scanning, activity, or +sensitive data. + +- For tag collection, add 125 MB per million documents to the totals above +- For activity collection, add 250 MB per million files and folders and another 125 MB per million + activity events to the totals above +- For sensitive data collection, add 500 MB per million files and folders and another 1%-10% of the + total size of the documents scanned for sensitive data (depending on targeted document types and + selected criteria) to the totals above + +For example, in order to scan 200 million files and folders, of which 10 million files will be +scanned for tag collection and sensitive data with a total size of 6 TB, you would need: 160 GB for +permission collection + 1.25 GB for tag collection (10x125 MB) + 100 GB for sensitive data +collection (200x500 MB) + 600 GB additional for sensitive data collection (10% of 6 TB) = 861.25 GB +Disk Space. + +Additional Server Requirements + +The following are additional requirements for the server: + +- .NET Framework 4.7.2 Installed + + **NOTE:** .NET Framework 4.7.2 can be downloaded from the link in the Microsoft + [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) + article. + +- Remote Registry Service enabled + + **NOTE:** The Remote Registry Service only needs to be enabled when running Applet Mode or Proxy + Mode with Applet scans. + +Sensitive Data Discovery Auditing + +The following is required to run Sensitive Data Discovery scans: + +- Sensitive Data Discovery Add-On installed on the proxy server + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration. It will not conflict with other JDKs or Java Runtimes in the same environment. + +See the following topics for additional information, based on the type of proxy mode you plan to +use: + +- Proxy Mode with Applet + + - [Proxy Mode with Applet Permissions](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletpermissions.md) + - [Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletports.md) + +- Proxy Mode as a Service + + - [Proxy Mode as a Service Permissions](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeservicepermissions.md) + - [Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserviceports.md) diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeservicepermissions.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeservicepermissions.md new file mode 100644 index 0000000000..13997c7145 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeservicepermissions.md @@ -0,0 +1,87 @@ +# Proxy Mode as a Service Permissions + +When File System scans are run in proxy mode as a service, there are two methods available for +deploying the service: + +- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be + installed on the Windows proxy servers prior to executing the scans. This is the recommended + method. +- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the + Windows proxy server when the job is executed + +The data collection processing is conducted by the proxy server where the service is running and +leverages a local mode-type scan to each of the target hosts. The final step in data collection is +to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to +the Enterprise Auditor Console server. + +The secure communication is configured during the installation of the service on the proxy server. +The credential provided for the secure communications in the installation wizard is also added to +the Enterprise Auditor Connection Profile assigned to the File System Solution. + +File System Proxy Service Credentials + +The service can be run either as LocalSystem or with a domain account supplied during the +installation of the File System Proxy Service with the following permission on the proxy server: + +- Membership in the local Administrators group +- Granted the Log on as a service privilege (**Local Security Policies** > **Local Policies** > + **User Rights Assignment** > **Log on as a service**) +- If running FSAC, the service account in the credential profile requires access to the admin share + (for example, `C$`) where the `sbtfilemon.ini` file exists + +Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the +installation directory. + +Windows File Server Target Host Credentials + +Configure the credential(s) with the following rights on the Windows host(s): + +- Group membership in both of the following local groups: + - Power Users + - Backup Operators +- Granted the “Backup files and directories” local policy privilege + +For Windows Server target hosts, the credential also requires: + +- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local + Policies > Security Options privilege + +In order to collect data on administrative shares and local policies (logon policies) for a Windows +target, the credential must have group membership in the local Administrators group. + +Sensitive Data Discovery Auditing Consideration + +The Sensitive Data Discovery Add-on must be installed on the proxy server. This requirement is in +addition to having the Sensitive Data Discovery Add-on installed on the Enterprise Auditor Console +server. Sensitive Data Discovery Auditing scans also require .NET Framework 4.7.2 or later.If +running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount of +RAM. Each thread requires a minimum of 2 additional GB of RAM per host.. By default, SDD scans are +configured to run two concurrent threads. For example, if the job is configured to scan 8 hosts at a +time with two concurrent SDD threads, then an extra 32 GB of RAM are required (8x2x2=32). + +Secure Proxy Communication Considerations + +For secure proxy communication via https, a credential is supplied during installation to provide +secure communications between the Enterprise Auditor server and the proxy server. This credential +must be a domain account, but no additional permissions are required. It is recommended to use the +same domain account configured to run the proxy service as a credential in the Connection Profile to +be used by the File System Solution + +Secure Proxy Communication and Certificate Exchange + +For Proxy Mode as a Service Scans, the certificate exchange mechanism and certificate exchange port +must be configured via the File System Access Auditing Data Collector Wizard prior to executing a +scan. See the +[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/certificatemanagement.md) +topic for additional information. + +Enterprise Auditor Connection Profile + +When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials +within the Connection Profile assigned to the File System scans must be properly configured as +explained above. Also the firewall rules must be configured to allow for communication between the +applicable servers. + +See the +[Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserviceports.md) +topic for firewall rule information. diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserviceports.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserviceports.md new file mode 100644 index 0000000000..06a7b34afe --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserviceports.md @@ -0,0 +1,44 @@ +# Proxy Mode as a Service Port Requirements + +The following are the firewall settings are required when executing the Access Auditing (FSAA) +and/or Sensitive Data Discovery Auditing scans in proxy mode as a service for communication between +Enterprise Auditor and the proxy server: + +| Communication Direction | Protocol | Ports | Description | +| ----------------------------------------------------------- | -------- | ----- | ---------------------------------------- | +| Between Enterprise Auditor Console and Windows Proxy Server | TCP | 8766 | FSAA Applet HTTPS communication security | +| Between Enterprise Auditor Console and Windows Proxy Server | TCP | 8767 | FSAA Applet Certificate Exchange | + +**NOTE:** The FSAA applet https requests configuration port 8766 and the FSAA Applet Certificate +Exchange port 8767 can be customized on the Applet Settings page of the File System Access Auditor +Data Collector Wizard. + +The following are the firewall settings are required when executing the Access Auditing (FSAA) +and/or Sensitive Data Discovery Auditing scans in proxy mode as a service for communication between +the proxy server and the target host: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------------------ | -------- | ----- | ----------- | +| Windows Proxy Server to File Server/Device | TCP | 445 | SMB | + +#### Additional Firewall Rules for NetApp Data ONTAP Devices + +_Remember,_ NetApp communication security is configured on the Scan Settings page of the File System +Access Auditor Data Collector Wizard. One additional firewall setting is required when targeting +either a NetApp Data ONTAP 7-Mode device or a NetApp Data ONTAP Cluster-mode device. The required +setting is dependent upon how the NetApp communication security option is configured: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------------------- | -------- | ----- | ----------------------------------- | +| Enterprise Auditor Console to NetApp Device | TCP | 80 | HTTP NetApp communication security | +| Enterprise Auditor Console to NetApp Device | TCP | 443 | HTTPS NetApp communication security | + +#### Additional Consideration for Windows File Servers + +The following firewall setting is also required when targeting a Windows file server: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------------------- | -------- | ----- | -------------------------- | +| Enterprise Auditor Console to Windows Server | TCP | 135 | for pre-scan access checks | + +**_RECOMMENDED:_** Configure target hosts to respond to ping requests. diff --git a/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md new file mode 100644 index 0000000000..cc38f1ded6 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md @@ -0,0 +1,112 @@ +# File System Scan Options + +Required permissions on the targeted file system are dependent upon not only the type of environment +targeted but also the mode in which the data collection scan is executed. There are three primary +types of scan modes: local, applet, or proxy. The proxy mode can be conducted via applet deployment, +or via running as a service (installed in advance). + +For the purpose of this document, “applet” refers to the runtime deployment of the +`FSAAAppletServer.exe` to either the target host (applet mode scans) or the proxy host (proxy mode +with applet scans) via Microsoft Task Scheduler. A “proxy” host is any host which can be leveraged +for running File System scans against target hosts. + +## Local Mode + +When File System scans are run in local mode, it means all of the data collection processing is +conducted by the Enterprise Auditor Console server across the network. The data is collected in the +SQLite database(s), or Tier 2 database(s), on the Enterprise Auditor Console server, and then +imported into theEnterprise Auditor database, or Tier 1 database, on the SQL Server. + +![Illustrates the Enterprise Auditor server running the scan against a file server](/img/product_docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmode.webp) + +The diagram illustrates the Enterprise Auditor server running the scan against a file server. + +See the following topics for additional information: + +- [Local Mode Permissions](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmodepermissions.md) +- [Local Mode Port Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmodeports.md) + +## Applet Mode + +**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials +for network authentication” must be disabled in order for the applet to start. + +When File System scans are run in applet mode, it means the File System applet is deployed to the +target host when the job is executed to conduct data collection. However, the applet can only be +deployed to a server with a Windows operating system. The data is collected on the Windows target +host where the applet is deployed. The final step in data collection is to compress and transfer the +data collected in the SQLite database(s), or Tier 2 database(s), back to the Enterprise Auditor +Console server. If the target host is a NAS device, the File System scans will default to local mode +for that host. + +![Illustrates the Enterprise Auditor server sending an FSAA applet to a targeted Windows file server, which runs the scan against locally, and then returns data to the Enterprise Auditor server](/img/product_docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmode.webp) + +The diagram illustrates the Enterprise Auditor server sending an FSAA applet to a targeted Windows +file server, which runs the scan against locally, and then returns data to the Enterprise Auditor +server. + +See the following topics for additional information: + +- [Applet Mode Permissions](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmodepermissions.md) +- [Applet Mode Port Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmodeports.md) + +## Proxy Mode with Applet + +**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials +for network authentication” must be disabled in order for the applet to start. + +When File System scans are run in proxy mode with applet, it means the File System applet is +deployed to the Windows proxy server when the job is executed to conduct data collection. The data +collection processing is initiated by the proxy server where the applet is deployed and leverages a +local mode-type scan to each of the target hosts. The final step in data collection is to compress +and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Enterprise +Auditor Console server. + +![Diagram of Enterprise Auditor server sending an FSAA applet to a proxy server](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/proxymodewithapplet.webp) + +The diagram illustrates the Enterprise Auditor server sending an FSAA applet to a proxy server, +which runs the scan against a file server, and then returns data to the Enterprise Auditor server. + +See the following topics for additional information: + +- [Proxy Mode Server Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserver.md) +- [Proxy Mode with Applet Permissions](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletpermissions.md) +- [Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeappletports.md) + +## Proxy Mode as a Service + +When File System scans are run in proxy mode as a service, there are two methods available for +deploying the service: + +- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be + installed on the Windows proxy servers prior to executing the scans. This is the recommended + method. +- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the + Windows proxy server when the job is executed + +The data collection processing is conducted by the proxy server where the service is running and +leverages a local mode-type scan to each of the target hosts. The final step in data collection is +to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to +the Enterprise Auditor Console server. + +The proxy communication is configured during the installation of the service on the proxy server and +certificate exchange options are configured via the Applet Settings page of the File System Access +Auditing Data Collector Wizard. The credential provided for the secure communications in the +installation wizard is also added to the Enterprise Auditor Connection Profile assigned to the File +System Solution. + +See the +[File System Proxy Service Installation](/docs/accessanalyzer/11.6/install/filesystemproxy/wizard.md) +topic for additional information. + +![Diagram of Enterprise Auditor server communicating securely with the proxy service on a proxy server](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp) + +The diagram illustrates the Enterprise Auditor server communicating securely with the proxy service +on a proxy server, which runs the scan against a file server, collecting the data locally and +securely. Then the proxy service returns data securely to the Enterprise Auditor server. + +See the following topics for additional information: + +- [Proxy Mode Server Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserver.md) +- [Proxy Mode as a Service Permissions](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeservicepermissions.md) +- [Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/proxymodeserviceports.md) diff --git a/docs/accessanalyzer/11.6/requirements/solutions/sharepoint.md b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint.md new file mode 100644 index 0000000000..5fc1f0617f --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint.md @@ -0,0 +1,86 @@ +# SharePoint Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +The SharePoint solution can be configure to run without an agent or to use the Enterprise Auditor +SharePoint Agent. See the +[SharePoint Agent Installation](/docs/accessanalyzer/11.6/install/sharepointagent/overview.md) +topic for additional information. + +In addition to these, integration with either the Netwrix Activity Monitor is required for event +activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for installation requirements and information on collecting activity data. + +**NOTE:** For Activity Auditing (SPAC) scans, the audit logs generated by SharePoint must be +retained for more days than the number of days between the Enterprise Auditor scans. + +**_RECOMMENDED:_** When configuring the Netwrix Activity Monitor, select all events to be monitored +in both the Documents and Items section and the List, Libraries, and Site section. + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. + +**NOTE:** If the Enterprise Auditor SharePoint Agent scan option is used, it is also be necessary +for the Sensitive Data Discovery Add-On to be installed on the servers as well. + +See the following topics for the SharePoint Agent and the target environment requirements: + +- [SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) +- [SharePoint Support](/docs/accessanalyzer/11.6/requirements/target/sharepoint.md) + +**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for +SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and +provisions it with the required permissions. See the +[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_registerazureappauth.md) +topic for additional information. + +## SharePoint Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Extra-Large | Large | Medium | Small | +| ----------- | ------------------------------------------------ | ------------------------------------------------- | ------------------------------------------------- | ----------------------------------------------- | +| Definition | ~5,000 Site Collections or 5+ TB of managed data | ~2,500 Site Collections or 1-5 TB of managed data | ~1,000 Site Collections or 500 GB of managed data | ~100 Site Collections or 100 GB of managed data | +| RAM | 24 GB | 16 GB | 12 GB | 4 GB | +| Cores | 8 CPU | 8 CPU | 4 CPU | 2 CPU | +| Disk Space | 460 GB | 280 GB | 160 GB | 80 GB | + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +Sensitive Data Discovery Auditing Requirement + +The following is required to run Sensitive Data Discovery scans: + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +## SharePoint Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Extra-Large | Large | Medium | Small | +| ------------------------ | ------------------------------------------------ | ------------------------------------------------- | ------------------------------------------------- | ----------------------------------------------- | +| Definition | ~5,000 Site Collections or 5+ TB of managed data | ~2,500 Site Collections or 1-5 TB of managed data | ~1,000 Site Collections or 500 GB of managed data | ~100 Site Collections or 100 GB of managed data | +| RAM | 64 GB | 32 GB | 16 GB | 8 GB | +| Cores | 16 CPU | 12 CPU | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | +| SQL Database Disk | 500 GB | 320 GB | 240 GB | 100 GB | +| SQL Transaction Log Disk | 120 GB | 100 GB | 80 GB | 40 GB | +| SQL TEMP DB Disk | 320 GB | 240 GB | 160 GB | 80 GB | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentlesspermissions.md b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentlesspermissions.md new file mode 100644 index 0000000000..7090372863 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentlesspermissions.md @@ -0,0 +1,61 @@ +# SharePoint Agent-Less Permissions + +When SharePoint agent-less scans are run, it means all of the data collection processing is +conducted by the Enterprise Auditor Console server across the network. + +The SharePoint agent-less scan architecture requires permissions to be configured on the specified +server: + +- SharePoint Application Server permissions: + + - Membership in the local Backup Operators group + + - This is required so Enterprise Auditor can read remote registry to identify if the server + is part of the farm, what the server’s role is, and to identify the location of the + SharePoint configuration database. + + - Membership in the local WSS_WPG group + + - This is required to gain read access to system resources used by Microsoft SharePoint + Foundation. + +- SharePoint Farm permissions: + + - Membership in the Farm Read group at the farm level + + - This is required so the Enterprise Auditor auditing account can make calls against the + SharePoint web services to remotely gather information around permissions, site hierarchy, + content and more. + - If the group does not exist already, then you will need to create a new group at that + level and grant it ‘Read’ access. Specifically, it is a group that exists within Central + Administration at the farm administrator level. This group only requires ‘Read’ access and + is not giving farm admin access. Once the group is created, add the service account that + Enterprise Auditor will be leveraging to scan SharePoint. + +- Web Application permissions: + + - Custom Role with Site Collection Auditor at the web application level with the Open Items + permission + + - This is needed for Enterprise Auditor to execute web service calls against Central + Administration. + +- SharePoint Database Server permissions: + + - SPDataAccess on the on the SharePoint Content database and all Configuration databases + + - This permission should be applied on the desired Configuration database and all Content + databases for the SharePoint version. + - This version-specific permission is required for Enterprise Auditor to execute read + operations directly against the SharePoint databases, gather information from the + configuration database regarding the names and locations of the web applications and + content databases, and give read access around sites, roles, and users. + +- MySites permissions are based on the SharePointAccess Data Collector configuration option: + + - Forcing the service account to become a temporary admin of the personal sites either as the + service account or as a member of the Company Administrators group requires SharePoint Farm + Administrator role or Site Collection Auditor at the web application housing MySites. + - The skipping inaccessible personal sites option will only scan sites where the service account + has administrative access. It requires the service account to be provisioned prior to the scan + to scan OneDrives / personal sites. diff --git a/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentlessports.md b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentlessports.md new file mode 100644 index 0000000000..33b518eff0 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentlessports.md @@ -0,0 +1,19 @@ +# SharePoint Agent-Less Ports + +One of the following ports must be open for communication between Enterprise Auditor and the +SharePoint Online environment: + +| Port | Protocol | Source | Direction | Target | Purpose | +| ---- | -------- | --------------------------------- | --------- | ----------------------------- | ------------------- | +| 80 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Online Environment | HTTP Communication | +| 443 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Online Environment | HTTPS Communication | + +The following ports must be open for communication between Enterprise Auditor and the SharePoint +on-premise environment: + +| Port | Protocol | Source | Direction | Target | Purpose | +| ------- | -------- | --------------------------------- | --------- | ----------------------------- | ---------------------------------- | +| 1433 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint SQL Server | SharePoint SQL Database Connection | +| 445 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Application Server | Remote Registry Connection | +| 389/636 | TCP | Enterprise Auditor Console server | `<-->` | LDAP server | Authentication | +| 80 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Application Server | StealthAUDIT Communication Channel | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentpermissions.md b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentpermissions.md new file mode 100644 index 0000000000..a43f0aa83e --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentpermissions.md @@ -0,0 +1,257 @@ +# SharePoint Agent Permissions + +When Enterprise Auditor SharePoint scans are run in agent-based mode, the Enterprise Auditor +SharePoint Agent must be installed on the SharePoint Application server which hosts the Central +Administration component prior to executing the scans. This is typically the first server stood up +during the SharePoint farm installation process in this mode. The data collection processing is +conducted by the SharePoint Agent for the target environment. The final step in data collection is +to transfer the data collected in the SQLite databases, or Tier 2 databases, on the Enterprise +Auditor SharePoint Agent server back to the Enterprise Auditor Console server. + +The Enterprise Auditor SharePoint Agent needs to be installed on the: + +- SharePoint Application server hosting the Central Administration component + + - SharePoint® 2013 through SharePoint® 2019 + - Windows® Server 2012 through Windows® Server 2022 + +Additional Server Requirements + +The following are additional requirements for the Enterprise Auditor SharePoint Agent server: + +- .NET Framework 4.8 installed +- Port Sharing network feature + +Sensitive Data Discovery Auditing Requirement + +In addition to having the Sensitive Data Discovery Add-on be installed on the Enterprise Auditor +Console server, The following is required to run Sensitive Data Discovery scans: + +- Sensitive Data Discovery Add-On, 64-bit version, installed on the Enterprise Auditor SharePoint + Agent server +- .NET Framework 4.7.2 or later + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## Permissions Explained + +If limited provisioning of the service account is not required by the organization, then the +following permissions are sufficient for successful agent-based scans: + +- Membership in the local Administrator group on the on server where the Enterprise Auditor + SharePoint Agent is installed + + - Only needed for agent installation + +- SharePoint Application Server permissions: + + - Membership in the local Backup Operators group + + - This is required so Enterprise Auditor can read remote registry to identify if the server + is part of the farm, what the server’s role is, and to identify the location of the + SharePoint configuration database + + - Membership in the local WSS_WPG group + + - This is required to gain read access to system resources used by Microsoft SharePoint + Foundation + + - Log on as a Service in the Local Security Policy + - Full Control on the agent install directory, default path is: + + `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` + +- SharePoint Farm permissions: + + - Membership in the Farm Read group at the farm level + + - This is required so the Enterprise Auditor auditing account can make calls against the + SharePoint web services to remotely gather information around permissions, site hierarchy, + content and more + - If the group does not exist already, then you need to create a new group at that level and + grant it Read access. Specifically, it is a group that exists within Central + Administration at the farm administrator level. This group only requires Read access and + is not giving farm admin access. Once the group is created, add the service account that + Enterprise Auditor will be leveraging to scan SharePoint. + +- Web Application permissions: + + - Custom Role with Site Collection Auditor at the web application level with the Open Items + permission + + - This is needed for Enterprise Auditor to execute web service calls against Central + Administration + +- SharePoint Database Server permissions: + + - SPDataAccess on the SharePoint Content database and all Configuration databases + + - This permission should be applied on the desired Configuration database and all Content + databases for the SharePoint version + - This version-specific permission is required for Enterprise Auditor to execute read + operations directly against the SharePoint databases, gather information from the + configuration database regarding the names and locations of the web applications and + content databases, and give read access around sites, roles, and users + +- DB_Owner on Enterprise Auditor database if using Windows Authentication for the Storage Profile +- MySites permissions are based on the SharePointAccess Data Collector configuration option: + + - Forcing the service account to become a temporary admin of the personal sites either as the + service account or as a member of the Company Administrators group requires SharePoint Farm + Administrator role or Site Collection Auditor at the web application housing MySites + - The skipping inaccessible personal sites option only scans sites where the service account has + administrative access + - This grants Enterprise Auditor rights to scan MySites + +Additional permission models are explained for a less and least permission model. + +## SharePoint Agent-Based Less Privilege Permission Model + +If restricted permissions are desired by the organization, then the following permissions are needed +for the service account to successfully run SharePoint Agent-based scans. + +Prior to installation of the SharePoint Agent, the service account to be supplied during +installation and later used to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing +scans against the targeted SharePoint environment needs the following permissions: + +- Log on as a Service in the Local Security Policy +- Membership in the local IIS_IUSRS group +- Performance Log Users (for Sensitive Data Discovery only) + +After the SharePoint Agent installation, this service account needs the following additional +permissions to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing scans: + +- Site Collection Administrator on all Site Collections to be scanned +- Membership in the local Users group on the server where the SharePoint Agent is installed +- DB_Owner on Enterprise Auditor database if using Windows Authentication for the Storage Profile + +If the scans include Web Application scoping, then the following permissions are needed (can be +skipped if running full farm scans): + +- Membership in the local Backup Operators group +- Membership in the local WSS_WPG group +- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Configuration database + +After the Enterprise Auditor SharePoint Agent is installed, ensure that the service account has the +following permissions: + +- Full Control on the agent install directory, default path is: + + `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` + +The Enterprise Auditor SharePoint Agent utilizes Microsoft APIs. The Microsoft APIs require an +account with the following permissions in order to collect all of the data: + +- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Content databases +- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Configuration database + +**NOTE:** If scans include Web Application scoping, this last permission requirement is already met. + +## SharePoint Agent-Based Least Privilege Permission Model + +If a least privilege model is required by the organization, then the following permissions are +needed for the service account to successfully run SharePoint Agent-based scans. + +Prior to installation of the SharePoint Agent, the service account to be supplied during +installation and later used to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing +scans the targeted SharePoint environment needs the following permissions: + +- Log on as a Service in the Local Security Policy +- Service Account SID added to the `SMSvcHost.exe.config` file +- Performance Log Users (for Sensitive Data Discovery only) + +After the SharePoint Agent installation, this service account needs the following additional +permissions to run the Access Auditing (SPAA) scans: + +- Site Collection Administrator on all Site Collections to be scanned +- Membership in the local Users group on the server where the SharePoint Agent is installed +- DB_Owner on Enterprise Auditor database if using Windows Authentication for the Storage Profile + +If the scans include Web Application scoping, then the following permissions are needed (can be +skipped if running full farm scans): + +- READ Access on the following registry keys: + + - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg` + - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowPaths` + - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowExactPaths` + - For SharePoint 2013: + + - `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\Secure` + - `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\Secure\ConfigDB` + +- DB_DataReader on the SharePoint Configuration database +- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Configuration + database: + + - `proc_getObject` + - `proc_getObjectsByClass` + - `proc_getObjectsByBaseClass` + - `proc_getDependentObjectsByBaseClass` + - `proc_ReturnWebFeatures` + +After the Enterprise Auditor SharePoint Agent is installed, ensure that the service account has the +following permissions: + +- Full Control on the agent install directory, default path is: + + `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` + +The Enterprise Auditor SharePoint Agent utilizes Microsoft APIs. The Microsoft APIs require an +account with the following permissions in order to collect all of the data: + +- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Configuration + database: + + - `proc_getObject` + - `proc_getObjectsByClass` + - `proc_getObjectsByBaseClass` + - `proc_getDependentObjectsByBaseClass` + - `proc_ReturnWebFeatures` + + **NOTE:** The above four stored procedures would already have the correct permissions if Web + Application scoping is desired. + + - `[dbo].proc_getSiteName` + - `[dbo].proc_getSiteMap` + - `[dbo].proc_getSiteMapById` + +- DB_DataReader on the SharePoint Content databases and SharePoint AdminContent database, if + applicable +- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Content + databases and SharePoint AdminContent database (if applicable): + + - `[dbo].proc_EnumLists` + - `[dbo].proc_GetTpWebMetaDataAndListMetaData` + - `[dbo].proc_GetListMetaDataAndEventReceivers` + - `[dbo].proc_GetSiteProps` + - `[dbo].proc_GetListWebParts` + - `[dbo].proc_GetWebFeatureList` + - `[dbo].proc_GetListFields` + - `[dbo].proc_GetDocsMetaInfo` + - `[dbo].proc_GetDocIdUrl` + - `[dbo].proc_ListChildWebs` + - `[dbo].proc_ListChildWebs` + - `[dbo].proc_ListUrls` + - `[dbo].proc_ListChildWebs` + - `[dbo].proc_SecListAllSiteMembers` + - `[dbo].proc_SecRefreshToken` + - `[dbo].proc_SecListSiteGroups` + - `[dbo].proc_SecListSiteGroupMembership` + - `[dbo].proc_SecGetRoleDefs` + - `[dbo].proc_SecListSiteGroups` + - `[dbo].proc_SecListScopeUsers` + - `[dbo].proc_SecListScopeGroups` + - `[dbo].proc_SecAddWebMembership` + - `[dbo].proc_SecGetSecurityInfo` + - `[dbo].proc_SecGetPrincipalByLogin` + - `[dbo].proc_SecGetPrincipalDisplayInformation20` + - `[dbo].proc_SecGetRoleBindingsForAllPrincipals` diff --git a/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentports.md b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentports.md new file mode 100644 index 0000000000..b24457d631 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentports.md @@ -0,0 +1,14 @@ +# SharePoint Agent Ports + +The following are the firewall settings are required when executing the Access Auditing (FSAA) +and/or Sensitive Data Discovery Auditing scans in Agent-based mode for communication between +Enterprise Auditor and the target host: + +| Port | Protocol | Source | Direction | Target | Purpose | +| ------- | -------- | ------------------------------------------ | --------- | ------------------------------------------ | ---------------------------------------------------------------------- | +| 1433 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint SQL Server | SharePoint SQL Database Connection | +| 445 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Application Server | Remote Registry Connection (Only required for Web Application scoping) | +| 389/636 | TCP | Enterprise Auditor SharePoint Agent server | `<-->` | LDAP server | Agent Authentication | +| 9876\* | TCP | Enterprise Auditor Console server | `<-->` | Enterprise Auditor SharePoint Agent server | Enterprise Auditor Agent Communication Channel | + +\*Configurable value in the SharePoint Access Auditor Data Collector Wizard. diff --git a/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/onlinepermissions.md b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/onlinepermissions.md new file mode 100644 index 0000000000..ca75b881b0 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/onlinepermissions.md @@ -0,0 +1,62 @@ +# SharePoint Online Permissions + +SharePoint Online environments can only be scanned in Agent-less mode. When SharePoint agent-less +scans are run, it means all of the data collection processing is conducted by the Enterprise Auditor +Console server across the network. + +## Modern Authentication + +The SharePoint agent-less scan architecture uses modern authentication in the target environment: + +Tenant Global Administrator Role + +- Tenant Global Administrator role is required to provision the application + + - Modern authentication enables Enterprise Auditor to scan SharePoint Online and all OneDrives + in the target environment + +Permissions for Microsoft Graph APIs + +- Application Permissions: + + - Application.Read.All – Read all applications + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + - Domain.Read.All – Read domains + - Files.Read.All – Read files in all site collections + - GroupMember.Read.All – Read all group memberships + - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an + organization + - Member.Read.Hidden – Read all hidden memberships + - Organization.Read.All – Read organization information + - OrgContact.Read.All – Read organization contact + - Policy.Read.All – Read your organization's policies + - Policy.Read.ConditionalAccess – Read you organization's conditional access policies + - Policy.Read.PermissionGrant – Read consent and permission grant policies + - ServiceHealth.Read.All – Read service health + - ServiceMessage.Read.All – Read service messages + - Sites.Read.All – Read items in all site collections + - Team.ReadBasic.All – Get a list of all teamss + - TeamMember.Read.All – Read the members of all teams + +- Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +Permissions for Office 365 Management APIs + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + - ServiceHealth.Read – Read service health information for your organization + +Permissions for SharePoint APIs + +- Application Permissions: + + - Sites.FullControl.All – Have full control of all site collections + - Sites.Read.All – Read items in all site collections + - TermStore.Read.All – Read managed metadata + - User.Read.All – Read user profiles diff --git a/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/onlineports.md b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/onlineports.md new file mode 100644 index 0000000000..5d1f76cc40 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/onlineports.md @@ -0,0 +1,9 @@ +# SharePoint Online Ports + +One of the following ports must be open for communication between Enterprise Auditor and the +SharePoint environment: + +| Port | Protocol | Source | Direction | Target | Purpose | +| ---- | -------- | --------------------------------- | --------- | ----------------------------- | ------------------- | +| 80 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Online Environment | HTTP Communication | +| 443 | TCP | Enterprise Auditor Console server | `<-->` | SharePoint Online Environment | HTTPS Communication | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md new file mode 100644 index 0000000000..6d6046bf47 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md @@ -0,0 +1,48 @@ +# SharePoint Scan Options + +Required permissions on the targeted SharePoint environment are dependent upon not only the type of +environment targeted but also the type of data collection scan being executed. There are two types +of Access Auditing (SPAA) and/or Sensitive Data Discovery Auditing scans: agent-based and +agent-less. The Activity Auditing (SPAC) scans run as agent-less scans from Enterprise Auditor, but +they require the Netwrix Activity Monitor to have an activity agent deployed in the target +environment. + +## Agent-Based Type + +When Enterprise Auditor SharePoint scans are run in agent-based mode, the Enterprise Auditor +SharePoint Agent must be installed on the SharePoint Application server which hosts the Central +Administration component prior to executing the scans. This is typically the first server stood up +during the SharePoint farm installation process in this mode. The data collection processing is +conducted by the SharePoint Agent for the target environment. The final step in data collection is +to transfer the data collected in the SQLite databases, or Tier 2 databases, on the Enterprise +Auditor SharePoint Agent server back to the Enterprise Auditor Console server. + +**NOTE:** Agent-based scans can only target on-premise environments. + +See the following topics for additional information: + +- [SharePoint Agent Permissions](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentpermissions.md) +- [SharePoint Agent Ports](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentports.md) + +## Agent-Less Type + +When SharePoint agent-less scans are run, it means all of the data collection processing is +conducted by the Enterprise Auditor Console server across the network. + +**NOTE:** Agent-less scans can target both on-premise and online environments. This is the only scan +mode that can run Activity Auditing (SPAC) scans. + +For Activity Auditing (SPAC) scans, target the server where the Netwrix Activity Monitor has a +deployed activity agent. + +See the following topics for additional information: + +- SharePoint Online + + - [SharePoint Online Permissions](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/onlinepermissions.md) + - [SharePoint Online Ports](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/onlineports.md) + +- SharePoint On-Premise + + - [SharePoint Agent-Less Permissions](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentlesspermissions.md) + - [SharePoint Agent-Less Ports](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/agentlessports.md) diff --git a/docs/accessanalyzer/11.6/requirements/solutions/unix.md b/docs/accessanalyzer/11.6/requirements/solutions/unix.md new file mode 100644 index 0000000000..6c28955fa4 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/unix.md @@ -0,0 +1,38 @@ +# Unix Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +See the +[Target Unix Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/unix.md) +topic for target environment requirements. + +## Unix Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ------ | -------------- | +| RAM | 8+ GB | 4+ GB | +| Cores | 4+ CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Unix Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ------ | -------------- | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/11.6/requirements/solutions/windows.md b/docs/accessanalyzer/11.6/requirements/solutions/windows.md new file mode 100644 index 0000000000..c6347ccfaa --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/solutions/windows.md @@ -0,0 +1,38 @@ +# Windows Solution + +The core components for Netwrix Enterprise Auditor are the Enterprise Auditor Console server, SQL +Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/11.6/requirements/overview.md) +topic for the core requirements. + +See the +[Target Windows Server and Desktop Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/windows.md) +topic for target environment requirements. + +## Windows Solution Requirements on the Enterprise Auditor Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ------ | -------------- | +| RAM | 8+ GB | 4+ GB | +| Cores | 4+ CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Windows Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ------ | -------------- | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/11.6/requirements/target/activedirectorypermissionsanalyzer.md b/docs/accessanalyzer/11.6/requirements/target/activedirectorypermissionsanalyzer.md new file mode 100644 index 0000000000..f93528bef7 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/activedirectorypermissionsanalyzer.md @@ -0,0 +1,49 @@ +# Domain Target Requirements, Permissions, and Ports + +The Enterprise Auditor for Active Directory Permissions Analyzer Solution is compatible with the +following Active Directory versions as targets: + +- Windows Server 2016 and later +- Windows 2003 Forest level or higher + +**NOTE:** See the Microsoft +[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) +article for additional information. + +Domain Controller Requirements + +The following are requirements for the domain controllers to be scanned: + +- .NET Framework 4.5+ installed +- WINRM Service installed + +Data Collectors + +Successful use of the Enterprise Auditor Active Directory Permissions Analyzer solution requires the +necessary settings and permissions in a Microsoft® Active Directory® environment described in this +topic and its subtopics. This solution employs the following data collectors to scan the domain: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [ADPermissions Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md) + +## Permissions + +- LDAP Read permissions +- Read on all AD objects +- Read permissions on all AD Objects + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For ADPermissions Data Collector + +- TCP 389 +- TCP 135 – 139 +- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/11.6/requirements/target/aws.md b/docs/accessanalyzer/11.6/requirements/target/aws.md new file mode 100644 index 0000000000..d4bfbc17d3 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/aws.md @@ -0,0 +1,51 @@ +# Target Amazon Web Service Requirements, Permissions, and Ports + +The Enterprise Auditor for AWS Solution provides the ability to audit Amazon Web Services (AWS) to +collect IAM users, groups, roles, and policies, as well as S3 permissions, content, and sensitive +data from target AWS accounts. It scans: + +- Amazon AWS IAM +- Amazon AWS S3 + +Data Collector + +This solution employs the following data collector to scan the target environment: + +- [AWS Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/aws/overview.md) + +## Permissions + +The permissions required to scan an AWS account are based on the type of information being +collected: + +- To collect details about the AWS Organization, the following permission is required: + + - organizations:DescribeOrganization + +- To collect details regarding IAM, the following permissions are required: + + - iam:GenerateCredentialReport + - iam:GenerateServiceLastAccessedDetails + - iam:Get\* + - iam:List\* + - iam:Simulate\* + - sts:GetAccessKeyInfo + +- To collect details related to S3 buckets and objects, the following permissions are required: + + - s3:Describe\* + - s3:Get\* + - s3:HeadBucket + - s3:List\* + +This provides a least privilege model for your auditing needs. See the +[Configure AWS for Scans](/docs/accessanalyzer/11.6/requirements/target/config/aws.md) +topic for additional information. + +## Ports + +The following firewall ports are needed: + +For AWS Data Collector + +- 443 diff --git a/docs/accessanalyzer/11.6/requirements/target/box.md b/docs/accessanalyzer/11.6/requirements/target/box.md new file mode 100644 index 0000000000..644e3f2426 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/box.md @@ -0,0 +1,65 @@ +# Target Box Requirements, Permissions, and Ports + +The Enterprise Auditor for Box scans: + +- Box for Business + +Box Requirements + +The following are requirements from the target environment: + +- Enterprise_ID of the target Box environment + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [Box Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/box/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For Box Data Collection + +Box scans require the Enterprise Admin or Co-Admin account credentials to generate an authorization +code. The following can be used as a least privilege model: + +- Enterprise Admin account +- Co-Admin account with the permission to **Run new reports and access existing reports** enabled + + - See the Box + [Co-Admin Permissions Required to Run Reports](https://support.box.com/hc/en-us/articles/15518640907283-Co-Admin-Permissions-Required-to-Run-Reports) + article for details on enabling this permission + +**NOTE:** Scans run with Co-Admin account credentials will complete. However, the data returned from +the scan might not include content owned by the Enterprise Admin account. + +See the +[Recommended Configurations for the Box Solution](/docs/accessanalyzer/11.6/solutions/box/recommended.md) +topic for additional information. + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For Box Data Collector + +- TCP 80 +- TCP 443 diff --git a/docs/accessanalyzer/11.6/requirements/target/config/aws.md b/docs/accessanalyzer/11.6/requirements/target/config/aws.md new file mode 100644 index 0000000000..250d2d0f8b --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/config/aws.md @@ -0,0 +1,212 @@ +# Configure AWS for Scans + +In order to scan multiple AWS accounts using one account you need to create a role in each target +account, so that It can provide the designated scanning account permissions to scan resources it +controls. This is achieved through the following steps which will need to be completed leveraging a +user with administrative access to each target account: + +**Step 1 –** Create a Managed Policy in each target account that will be used to allow access to +account (S3, Org and IAM). + +**Step 2 –** Create a Role in each target account that will be used to allow access to listing IAM +users. + +**Step 3 –** Create a Managed Policy in the designated scanning account that will be used to allow +the service account to assume the configured role in each target account. + +**Step 4 –** Add Role to Enterprise Auditor. The Role created in the scanning account will need to +be added to the **1-AWS_OrgScan**, **2-AWS_S3Scan**, and **3-AWS_IAMScan** job query configurations. +See the +[AWS: Login Roles](/docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.md) +topic for additional information. + +Once these steps are completed, the role must be added to the AWS queries within Enterprise Auditor. + +## Create a Managed Policy in Each Target Account + +The following steps will need to be completed in each target account. + +**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the +Trusting account. + +![Create policy in Identity and Access Management (IAM) Console](/img/product_docs/accessanalyzer/11.6/requirements/target/config/policies.webp) + +**Step 2 –** Browse to the Identity and Access Management (IAM) Console. Navigate to **Policies** +and click **Create policy**. + +![JSON tab in the Policy editor](/img/product_docs/accessanalyzer/11.6/requirements/target/config/jsontabpolicies.webp) + +**Step 3 –** Select the **JSON** tab. + +**Step 4 –** Paste the following: + +``` +{ +    "Version": "2012-10-17", +    "Statement": [ +        { +            "Sid": "CapabilityIamScan", +            "Effect": "Allow", +            "Action": [ +                "iam:GenerateCredentialReport", +                "iam:GenerateServiceLastAccessedDetails", +                "iam:Get*", +                "iam:List*", +                "iam:Simulate*", +        "sts:GetAccessKeyInfo" +            ], +            "Resource": "*" +        }, +        { +            "Sid": "CapabilityS3Scan", +            "Effect": "Allow", +            "Action": [ +                "s3:Describe*", +                "s3:Get*", +                "s3:HeadBucket", +                "s3:List*" +            ], +            "Resource": "*" +        } +    ] +} +``` + +**Step 5 –** Click **Review Policy**. + +**Step 6 –** Enter a name for the policy in the **Name** box. + +![Review policy page](/img/product_docs/accessanalyzer/11.6/requirements/target/config/reviewpolicy.webp) + +**Step 7 –** Click **Create Policy**. + +**NOTE:** If the designated scanning account is not in Root (Master Account), create a second policy +in the Master Account with the following JSON definition: + +[Copy](javascript:void(0);) + +``` +{ +    "Version": "2012-10-17", +    "Statement": [ +        { +            "Sid": "RequiredCapabilityOrgScan", +            "Effect": "Allow", +            "Action": [ +                "iam:GenerateOrganizationsAccessReport", +                "organizations:Describe*", +                "organizations:List*" +            ], +            "Resource": "*" +        } +    ] +} +``` + +The next step is to create a role in each target account that will be used to allow access to +listing IAM users. + +## Create a Role in Each Target Account + +The following steps will need to be completed in each target account. For this, you will need the +Account ID of the designating scanning account. + +**NOTE:** If the scanning account is also a target account, be sure to complete these steps for the +scanning account as well. + +**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the +target account. + +![Create role in Identity and Access Management (IAM) Console](/img/product_docs/accessanalyzer/11.6/requirements/target/config/roles.webp) + +**Step 2 –** Navigate to **Access management** > **Roles** and click **Create role**. + +![Create role page Another AWS account option](/img/product_docs/accessanalyzer/11.6/requirements/target/config/createrole.webp) + +**Step 3 –** Select the **Another AWS Account** option and add the Account ID of the scanning +account that will be leveraged within Enterprise Auditor. + +**Step 4 –** Click **Next: Permissions**. + +![Add policies to role](/img/product_docs/accessanalyzer/11.6/requirements/target/config/policiesadd.webp) + +**Step 5 –** Add the policy or policies created earlier in this topic to this role. + +**Step 6 –** Click **Next: Tags**. + +**Step 7 –** Click **Next: Review**. + +![Create role Review page](/img/product_docs/accessanalyzer/11.6/requirements/target/config/reviewrole.webp) + +**Step 8 –** Enter a **Role name**. + +**Step 9 –** Click **Create Role**. + +The next step is to create a Managed Policy in the designated scanning account that will be used to +allow the service account to assume the configured role in each target account. + +## Configure the Scanning Account + +Create a Managed Policy in the scanning account that will be used to allow the user to assume the +roles configured in each target account. + +**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the +scanning account. + +![Create policy in Identity and Access Management (IAM) Console](/img/product_docs/accessanalyzer/11.6/requirements/target/config/policies.webp) + +**Step 2 –** Navigate to **Access Management** > **Policies** and click **Create policy**. + +![JSON tab in the Policy editor](/img/product_docs/accessanalyzer/11.6/requirements/target/config/jsontabaccount.webp) + +**Step 3 –** Select the **JSON** tab. + +**Step 4 –** Paste the following: + +``` +{ +    "Version": "2012-10-17", +    "Statement": [ +        { +            "Sid": "RequiredCapabilityOrgScan", +            "Effect": "Allow", +            "Action": [ +                "iam:GenerateOrganizationsAccessReport", +                "organizations:Describe*", +                "organizations:List*" +            ], +            "Resource": "*" +        }, +        { +            "Sid": "RequiredCapabilityMemberAccountAccess", +            "Effect": "Allow", +            "Action": "sts:AssumeRole", +            "Resource": "arn:aws:iam::*:role/ROLENAME" +        } +    ] +} +``` + +**NOTE:** Replace `ROLENAME` with the name of the role that was created. If the `ROLENAME` is +different in each account, then a policy will need to be created for each distinct role name. + +**Step 5 –** Click **Review Policy**. + +![Review policy page Name field](/img/product_docs/accessanalyzer/11.6/requirements/target/config/reviewpolicyaccount.webp) + +**Step 6 –** Enter a **Policy Name**. + +**Step 7 –** Click **Create Policy**. + +**Step 8 –** Create a group with the service account user and assign both policies to this group. + +**Step 9 –** Under **Access Management** > **Users**, select the service account user. + +![Security credentials tab](/img/product_docs/accessanalyzer/11.6/requirements/target/config/securitycredentials.webp) + +**Step 10 –** In the Security credentials tab, click **Create access key**. Make sure to note the +Access key ID and Secret access key which need to be input into Enterprise Auditor. + +You can now create the Connection Profile for the AWS Solution. See the +[Amazon Web Services for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/aws.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/requirements/target/config/azureinformationprotection.md b/docs/accessanalyzer/11.6/requirements/target/config/azureinformationprotection.md new file mode 100644 index 0000000000..464d58badd --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/config/azureinformationprotection.md @@ -0,0 +1,224 @@ +# Azure Information Protection Target Requirements + +Microsoft® Azure is a cloud-based computing platform that provides a range of services, such as +file storage. Azure uses Azure Information Protection (AIP) labels, a Microsoft tool used to +classify and protect stored files. Enterprise Auditor employs the File System Solution to execute +Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans in order to find AIP +Protection labels and scan protected (i.e. encrypted) files for sensitive data. + +This document provides information needed to properly configure access required by Enterprise +Auditor to successfully scan for Azure Information Protection labels in a targeted environment. + +**NOTE:** Enterprise Auditor does not scan for AIP Marking labels, only Protection labels. + +## Workflow for Scanning AIP Labels + +Before the Enterprise Auditor File System solution can scan for Azure Information Protection (AIP) +labels, certain prerequisites are required both in Enterprise Auditor and Azure environments. + +1. [Rights Management Service Client Installation](#rights-management-service-client-installation) +2. [Create a Service Principal Account using PowerShell](#create-a-service-principal-account-using-powershell) +3. [Enable the Account as an AIP Super User using PowerShell](#enable-the-account-as-an-aip-super-user-using-powershell) +4. [Add User to the AIP Role in Microsoft® Azure](#add-user-to-the-aip-role-in-microsoft-azure) +5. [Enterprise Auditor Configurations](#enterprise-auditor-configurations) +6. Enable settings in FSAA Data Collector in Enterprise Auditor. + + - See the FileSystemAccess Data Collector section in the + [File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/overview.md) + topic for additional information + +## Prerequisites + +Ensure the following prerequisites are met before configuring AIP scanning: + +- Microsoft Entra ID Admin credentials +- The PowerShell `Install-Module` command requires: + + - PowerShell 5.0 (Run as Administrator) + - Windows Server 2016and later + +- Active Directory Rights Management Services Client 2.1 installed on the server where the FSAA + applet or proxy is being run + +## Rights Management Service Client Installation + +The Rights Management Service Client must be installed on the applet servers where FSAA is running. +This may be the local Enterprise Auditor server, a Proxy server, or a File Server running in applet +mode. + +- To install the Rights Management Service Client 2.1 on the server where the scan is taking place, + go to the Microsoft download center: + + [https://www.microsoft.com/en-us/download/details.aspx?id=38396](https://www.microsoft.com/en-us/download/details.aspx?id=38396) + +**_RECOMMENDED:_** Read the System Requirements and Install Instructions provided by Microsoft to +complete the installation. + +## Create a Service Principal Account using PowerShell + +Follow the steps to create a service principal account with a symmetric key to connect to AIP: + +**NOTE:** All PowerShell commands should be run in order through PowerShell as an Admin. + +**Step 1 –** Open up PowerShell (Administrator). + +**Step 2 –** Install and import MsOnline module: + +``` +Install-Module MsOnline +Import-Module MsOnline +``` + +**Step 3 –** Connect to Azure with the `Connect-MsolService` command. Enter the Azure credentials in +the **Sign in to your account** window that displays from Microsoft. + +**Step 4 –** Once successfully connected to Azure, create a service principal with the following +command: + +``` +New-MsolServicePrincipal +``` + +> Enter the **DisplayName** of the new service principal name. (For example, AIP_EnterpriseAuditor) + +**Step 5 –** Take note and save the **Symmetric Key** and **AppPrincipalID** to be used in later +steps. + +**CAUTION:** Do not lose the symmetric key. It is not retrievable again once the PowerShell window +is closed. + +The service principal account with the proper key has been created. + +## Enable the Account as an AIP Super User using PowerShell + +Follow the steps to enable the Service Principal Account in AIP as a Super User: + +**NOTE:** All PowerShell commands should be run in order through PowerShell as an Admin. + +**Step 1 –** In PowerShell, install Microsoft Azure Active Directory Rights Manager (AIPService) +module: + +``` +Install-Module AIPService +Import-Module AIPService +``` + +**Step 2 –** Connect to Azure using the `Connect-AIPService` command and supply Azure credentials in +the **Sign in to your account** window that displays from Microsoft. + +**Step 3 –** Add the service principal to the Azure AD Rights Management service super users, using +the AppPrincipalID saved from the steps in the +[Create a Service Principal Account using PowerShell](#create-a-service-principal-account-using-powershell) +section: + +``` +Add-AipServiceSuperUser-ServicePrincipalID +``` + +**Step 4 –** Enable the DisplayName account using the following command: + +``` +Enable-AIPServiceSuperUserFeature +``` + +The Service Principal Account is now added to the Rights Management service as a Super User, and the +Super User feature is enabled. + +## Add User to the AIP Role in Microsoft® Azure + +In Microsoft Azure, add the Account to the Azure Information Protection Administrator Role. + +**Step 1 –** Log into **http://portal.azure.com** with Azure credentials and select **Microsoft +Entra ID** from the list of resources on the left-hand pane. + +**Step 2 –** Navigate to **Roles and Administrators**. On the Administrative Roles page, select the +**Azure Information Protection Administrator** role. + +**Step 3 –** Use the **Add Assignment** button to display the Add assignments pane. Search for the +name of the new service principal account (the **DisplayName** entered in PowerShell) and add it to +the list of assignments. + +The Service Principal Account is now successfully added to the Azure Information Protection +Administrator role. + +## Enterprise Auditor Configurations + +Before Enterprise Auditor can scan for AIP labels, two configurations must be done prior to the +initial scan. + +- [Azure Connection Profile ](#azure-connection-profile) +- [Configure FSAA Data Collector](#configure-fsaa-data-collector) + +### Azure Connection Profile + +To collect tags for files protected with Azure Information Protection, an Azure connection profile +must be configured in Enterprise Auditor before an FSAA scan runs. See the +[Global Settings](/docs/accessanalyzer/11.6/admin/settings/overview.md) +topic for additional information on how to set up a connection profile at the global level. + +**Step 1 –** In Enterprise Auditor, add a credential for an Azure Active Directory account type to +the existing Connection Profile used for File System scanning. Supply the Client ID field with the +**AppPrincipalID** and the Key field with the **Symmetric key** created upon creation of the new +service principal. + +**Step 2 –** At the job level, apply the connection profile that contains both the Microsoft Entra +ID credential and credentials required for File System scanning under the **Jobs** > [__Job__] > +**Settings** > **Connection** node. + +**Step 3 –** Ensure that the job is configured correctly before running a scan. See the +[Configure FSAA Data Collector](#configure-fsaa-data-collector) topic for additional information. + +An Azure Connection Profile has now been successfully created for an FSAA scan. + +### Configure FSAA Data Collector + +In Enterprise Auditor, configure the FSAA Data Collector wizard pages to scan files protected by +Azure Information Protection. This can be done for both FSAA System Scans and SEEK System Scans. In +the FSAA Data Collector Wizard, configure the following menus to scan for AIP protection labels: + +For FSAA System Scans: + +- Scan Server Selection – Choose the server that scanning is executed on. Target the server that has + the Rights Management Service Client 2.1 installed where the applet is running. + + - This may be a proxy server, file server (applet mode), or the local Enterprise Auditor console + depending on scan configuration + +- Scan Settings – Select the **Enable scanning of files protected by Azure Information Protection** + checkbox to add AIP files to the scan criteria +- Azure Tenant Mapping page – Add the **AppPrincipalID** (App ID) and the **Domain Name** or + **Tenant ID** + + _Remember,_ the Azure Tenant Mapping page is only visible when the **Enable scanning of files + protected by Azure Information Protection** checkbox is selected on the Scan Settings page. + +- Default Scoping Options + + - File Details tab – **Include files protected by Azure Information Protection (AIP)** + - File Properties (Folder Summary) – **Include AIP Protected Files** + +- Scoping Options – if needed, scope to a specific subset of resources on a selected host + +For SEEK System Scans: + +- Scan Server Selection – Choose the server that scanning is executed on. Target the server that has + the Rights Management Service Client 2.1 installed where the applet is running. + + - This may be a proxy server, file server (applet mode), or the local Enterprise Auditor console + depending on scan configuration + +- Scan Settings – Select the **Enable scanning of files protected by Azure Information Protection** + checkbox to add AIP files to the scan criteria +- Azure Tenant Mapping page – Add the **AppPrincipalID** (App ID) and the **Domain Name** or + **Tenant ID** + + _Remember,_ the Azure Tenant Mapping page is only visible when the **Enable scanning of files + protected by Azure Information Protection** checkbox is selected on the Scan Settings page. + +- Scoping Options – if needed, scope to a specific subset of resources on a selected host +- Sensitive Data Settings – Select **Decrypt Files Protected by Azure Information Protection**. This + page only applies for SEEK scans. + +See the FileSystemAccess Data Collector section in the +[File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/overview.md) +topic for additional information on these scoping options. diff --git a/docs/accessanalyzer/11.6/requirements/target/config/azuresqlaccess.md b/docs/accessanalyzer/11.6/requirements/target/config/azuresqlaccess.md new file mode 100644 index 0000000000..1947e80816 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/config/azuresqlaccess.md @@ -0,0 +1,255 @@ +# Azure SQL Auditing Configuration + +Enterprise Auditor for Azure SQL relies on the native Azure SQL auditing capabilities to collect and +report on user activity, as well as successful or unsuccessful server or database logon activity. +Azure SQL Auditing supports three different audit log destinations. At present Enterprise Auditor +only supports storage as the audit log destination. This document describes the necessary +permissions required to configure the Enterprise Auditor Azure SQL Job Group. + +Enterprise Auditorfor Azure SQL enables users to create custom roles which allow for differential +access to Enterprise Auditor. + +Within Enterprise Auditor for Azure SQL, roles are created specifically to target Azure SQL +Databases: + +- Stand-Alone Databases +- Managed Instances +- Elastic Pools + +Role can be largely defined by the scope that particular role possesses. A scope-defined role has +access to, or is limited to all resources in a Management Group, Subscription, Resource Group or +Resource. For example, if all SQL databases reside within a resource group, then the scope can be +restricted to that resource group. If databases reside in different resource groups, then the scope +for the custom role should be at the subscription level. + +This will enable Enterprise Auditor to discover all the SQL databases present in the subscription. + +## Create a StealthAUDIT Custom Role + +Follow the steps below to create an Azure SQL custom role at the subscription level. + +![Azure Portal - Azure Services](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_1.webp) + +**Step 1 –** Sign in to Azure. Navigate to the Azure Services section and click **Subscriptions**. +This will navigate you to the Pay-As-You-Go page of the Azure Portal. + +**Step 2 –** Locate and click the **Access Control (IAM)** view option blade from the available +subscriptions in the left-hand menu. + +![Azure Portal - Pay as you Go - Access Control (IAM)](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_2.webp) + +**Step 3 –** Click **Add** > Add **Custom Role**. + +**Step 4 –** Create a JSON file using the subscription ID provided by Microsoft Azure (see the +example below) and save it to a local directory. + +```json +{ + "properties": { + "roleName": "StealthAUDIT Azure SQL Role", + + "description": "This is a custom role created for use by StealthAUDIT Azure SQL Job Group for Azure SQL Database discovery and auditing", + + "assignableScopes": ["/subscriptions/"], + + "permissions": [ + { + "actions": [ + "Microsoft.Authorization/\*/read", + + "Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action", + + "Microsoft.Sql/locations/administratorAzureAsyncOperation/read", + + "Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/\*", + + "Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/\*", + + "Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/\*", + + "Microsoft.Sql/managedInstances/databases/securityAlertPolicies/\*", + + "Microsoft.Sql/managedInstances/databases/sensitivityLabels/\*", + + "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/\*", + + "Microsoft.Sql/managedInstances/securityAlertPolicies/\*", + + "Microsoft.Sql/managedInstances/databases/transparentDataEncryption/\*", + + "Microsoft.Sql/managedInstances/vulnerabilityAssessments/\*", + + "Microsoft.Sql/servers/extendedAuditingSettings/read", + + "Microsoft.Sql/servers/databases/auditRecords/read", + + "Microsoft.Sql/servers/databases/currentSensitivityLabels/\*", + + "Microsoft.Sql/servers/databases/dataMaskingPolicies/\*", + + "Microsoft.Sql/servers/databases/extendedAuditingSettings/read", + + "Microsoft.Sql/servers/databases/read", + + "Microsoft.Sql/servers/databases/recommendedSensitivityLabels/\*", + + "Microsoft.Sql/servers/databases/schemas/read", + + "Microsoft.Sql/servers/databases/schemas/tables/columns/read", + + "Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/\*", + + "Microsoft.Sql/servers/databases/schemas/tables/read", + + "Microsoft.Sql/servers/databases/securityAlertPolicies/\*", + + "Microsoft.Sql/servers/databases/securityMetrics/\*", + + "Microsoft.Sql/servers/databases/sensitivityLabels/\*", + + "Microsoft.Sql/servers/databases/transparentDataEncryption/\*", + + "Microsoft.Sql/servers/databases/vulnerabilityAssessments/\*", + + "Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/\*", + + "Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/\*", + + "Microsoft.Sql/servers/devOpsAuditingSettings/\*", + + "Microsoft.Sql/servers/firewallRules/\*", + + "Microsoft.Sql/servers/read", + + "Microsoft.Sql/servers/securityAlertPolicies/\*", + + "Microsoft.Sql/servers/vulnerabilityAssessments/\*", + + "Microsoft.Sql/servers/azureADOnlyAuthentications/\*", + + "Microsoft.Sql/managedInstances/read", + + "Microsoft.Sql/managedInstances/azureADOnlyAuthentications/\*", + + "Microsoft.Security/sqlVulnerabilityAssessments/\*", + + "Microsoft.Sql/managedInstances/administrators/read", + + "Microsoft.Sql/servers/administrators/read", + + "Microsoft.Storage/storageAccounts/blobServices/containers/read", + + "Microsoft.Sql/servers/auditingSettings/read", + + "Microsoft.Sql/servers/databases/auditingSettings/read" + ], + + "notActions": [], + + "dataActions": [], + + "notDataActions": [] + } + ] + } +} +``` + +![Azure SQL Configuration - Create a Custom Role section](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_3.webp) + +**Step 5 –** Once created, click **Start from JSON** in the Azure portal and select the JSON file. +Once that file is chosen, the Review + Create button should be enabled. + +Click **Review + Create** to create the role or click **Next** to review and edit the permissions. +Once the JSON file is opened, the Custom Role Name and Description boxes will be populated +automatically. The name and description of the custom role can be customized if required in this +step. + +![Azure SQL Configuration - Create a Cusotm Role window](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_4.webp) + +**Step 6 –** Click Create. This action will save and finalize a custom role entitled Enterprise +Auditor Azure SQL Role. + +**Step 7 –** Click OK on the final screen to complete the custom role creation process. The custom +role can now be used to register the Enterprise Auditor application within the Azure portal. + +**NOTE:** Depending upon the number of resources in the Azure tenancy, it might take some time for +the role to be made available to the resources. + +## Register an Azure SQL Application + +Follow the steps below to create an Azure SQL Application Registration in the Azure portal. + +**Step 1 –** In the Azure portal under Azure Services, click the **App Registration** icon. + +![AzureSQL - App Registrations - New Registration](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_5.webp) + +**Step 2 –** Click **New Registration** in the Register an application blade. + +![Azure SQL - Register an Application](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_6.webp) + +**Step 3 –** Enter a **Name** for the application and select an appropriate option from the +Supported account types options. + +**Step 4 –** Click **Register** at the bottom of the page when finished. Once the application has +been registered, the App registration overview blade will appear. Take note of the _Application +(client) ID_ on this page. + +**NOTE:** The _Application (client) ID_ is required to create a Connection Profile within the +Enterprise Auditor. + +![Azure SQL - Register and App - Application ID](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_8.webp) + +**Step 5 –** Click the **Certificates & secrets** blade in the left-hand menu. Click **New Client +secret**. + +**Step 6 –** Enter a unique identifier in the Description field of the Add a client secret window. +Select a Expiration time frame from the drop down. Click **Add** when finished. + +_Remember,_ you will have to update the Enterprise Auditor Connection Profile once the expiration +time frame is reached (within 24 months, for example). + +**Step 7 –** Make note of the key under the Value column. + +**NOTE:** The Value key on this paged will be used to create the Enterprise Auditor connection +profile. + +![Azure SQL - Access Control (IAM) page](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_11z.webp) + +## Add a Role Assignment + +Follow the steps below to add a role assignment to the custom role and newly registered Enterprise +Auditor Azure SQL application. + +**Step 1 –** Navigate to the Subscriptions blade and click the **Access Control (IAM)** option. +Click the **Add** drop down > Click **Add role assignment**. + +![Azure SQL - Add a Role Assignment](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_13z.webp) + +**Step 2 –** Search for and click the recently created custom role from the Role drop down. See +[Create a StealthAUDIT Custom Role](#create-a-stealthaudit-custom-role) for steps required to create +a custom role in the Azure portal. + +**Step 3 –** Search for and select the recently registered Azure SQL application from the Select +drop down. See [Register an Azure SQL Application](#register-an-azure-sqlapplication) for steps +required to register an Azure SQL application in the Azure portal. The registered application will +be visible in the Selected members window. Click **Save** when finished. + +![Azure SQL - Add a role assignment window](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_14z.webp) + +**Step 4 –** Search for and select the SQL Server Contributor role in the Role drop down. + +**Step 5 –** Search for and select the recently registered Azure SQL application from the Select +drop down. See [Register an Azure SQL Application](#register-an-azure-sqlapplication) for steps +required to register an Azure SQL application in the Azure portal. The registered application will +be visible in the Selected members window. Click **Save** when finished. + +![Azure SQL - Access Control (IAM) window](/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_16z.webp) + +**Step 6 –** Navigate to the **Subscriptions** blade. Click **Access Control (IAM)**. + +**Step 7 –** Click the **Check access** menu tab Search for and select the recently registered Azure +SQL application from the drop down. See +[Register an Azure SQL Application](#register-an-azure-sqlapplication) for steps required to +register an Azure SQL application in the Azure portal. A preview window will appear on the +right-hand side of the window. diff --git a/docs/accessanalyzer/11.6/requirements/target/config/databaseazuresql.md b/docs/accessanalyzer/11.6/requirements/target/config/databaseazuresql.md new file mode 100644 index 0000000000..8ac967d97e --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/config/databaseazuresql.md @@ -0,0 +1,50 @@ +# AzureSQL Target Least Privilege Model + +To access the AzureSQL database, users require the Control permission for the target database. Users +with the Control Database permission have access to perform activity scans due to the function +leveraged by AzureSQL to return the required audit logs. See the +[Auditing for Azure SQL Database and Azure Synapse Analytics](https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview?view=azuresql) +Microsoft Knowledge Base article for additional information. + +**_RECOMMENDED:_** It is recommended to create a new user when leveraging a least privilege access +model to access the AzureSQL database because the user must exist in the master database and all +target database(s). A least privilege access model is one that uses the bare minimum privileges +required to carry out collections for the AzureSQL data collector. + +The following role and permission are required for the Least Privilege Model: + +- db_datareader role +- View Database Performance State permission +- Control permission on target database(s) + + **NOTE:** Control permission must be granted on any database you wish to collect data for. + +Follow the steps to configure the least privilege access model for AzureSQL collections. + +**Step 1 –** To login with the user, run the following script against the master database: + +CREATE LOGIN LPAUser WITH PASSWORD = [insert password] + +CREATE USER LPAUser FROM LOGIN LPAUser + +**Step 2 –** Create the user in the target database with the following script: + +CREATE USER LPAUser FROM LOGIN LPAUser + +Once complete, confirm that the newly created user exists in the instance of the master database and +the target database before proceeding to the next step. + +**Step 3 –** Run the following script against the target database to apply the db_datareader role: + +EXEC sp_addrolemember N’db_datareader’, N’LPAUser’ + +**Step 4 –** Apply the View Database State Permission against the target database with the following +script: + +GRANT VIEW DATABASE PERFORMANCE STATE TO LPAUSER + +**Step 5 –** Grant the control permission with the following script: + +GRANT CONTROL ON DATABASE + +The user is granted Control permission based on the least privilege access model. diff --git a/docs/accessanalyzer/11.6/requirements/target/config/databaseoracle.md b/docs/accessanalyzer/11.6/requirements/target/config/databaseoracle.md new file mode 100644 index 0000000000..c7a3f3359c --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/config/databaseoracle.md @@ -0,0 +1,397 @@ +# Oracle Target Least Privilege Model + +We recommend using an account DBA privilege to run Enterprise Auditor against an Oracle database. +However, if that is not acceptable all the privileges that are required to configure and run the +solution are below and can be used to implement the least privileges necessary. + +## Create Session Privilege + +Before getting started with the least privilege model, ensure that the Enterprise Auditor Connection +Profile user has the **Create Session** privilege granted. To do it, run the following command in +Oracle environment (SQL Plus or SQL Developer): + +``` +GRANT CREATE SESSION TO %USERNAME%;          +``` + +**NOTE:** The above command will grant the privilege only in the current container. To follow the +least privilege model, only grant the privilege on the containers (or pluggable databases) that you +will be scanning with Enterprise Auditor. + +However, if you target all of your pluggable databases, then to grant the **Create Session** +privilege on all of those containers at once, run the following command: + +``` +GRANT CREATE SESSION TO %USERNAME% CONTAINER=ALL;          +``` + +## User Credentials Role + +When using a least privileged model for Oracle, **SYSDBA** must be selected for the Role in the User +Credentials window for the Oracle Connection Profile. See the +[Oracle for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/oracle.md) +topic for additional information. + +## Oracle Server Discovery + +This Job uses Nmap to locate listening Oracle ports on servers by scanning for ports using the +service Oracle TNS Listener or optionally using specified ports, such as 1521. The Nmap utility can +be downloaded from [nmap.org](http://www.nmap.org/). To run this job, the user needs to have a +permission to execute any PowerShell script on the local host if the host is running the Microsoft +Windows operating system. In addition, on the Windows host, PowerShell execution policy needs to be +sent as well. For example, to set the execution policy to `Unrestricted`, run the following command +on the PowerShell command line: + +``` +Set-ExecutionPolicy -ExecutionPolicy Unrestricted           +``` + +In case of Linux and UNIX hosts, the `plink` command needs to be executed on the Enterprise Auditor +Console server to update the local file with the SSH keys. + +**NOTE:** The plink utility in the Enterprise Auditor installation directory has to be used. A +version of plink gets installed with the Nmap utility. + +The syntax is as follows: + +![administratorcommandprompt](/img/product_docs/accessanalyzer/11.6/requirements/target/config/administratorcommandprompt.webp) + +Run the following on the command prompt: + +``` +C:\Program Files (x86)\Stealthbits\StealthAUDIT\plink   -store_new_keys       +``` + +## Oracle SID Discovery + +This Job collects the Oracle SID from discovered Oracle servers and uses WMI or SSH to collect +running Oracle processes from the Oracle servers. The process is used to determine the name of the +Oracle SID. When multiple Oracle instances are running on a server, each SID will have its own entry +in this table. + +This Job requires local administrator rights on the target hosts in order to read the running +processes using either WMI or SSH. + +## Oracle Instance Discovery + +This Job verifies Oracle SID, IP Address, and Port combinations and inserts them into the +SA_SQL_Instances table. + +This Job requires read rights on the Oracle table DUAL, all users with any read right on an Oracle +server should be able to validate this query. + +For example, to grant a user `SELECT` permission on DUAL, run the following command in SQL Developer +or SQL\*Plus: + +``` +GRANT SELECT ON DUAL TO %USERNAME%; +``` + +**NOTE:** Replace `%USERNAME%` with the actual username of the user. + +``` +CONTAINER_DATA=ALL FOR %NAME_OF_PLUGGABLE_DATABASE% CONTAINER = CURRENT; +``` + +If you want to scan all pluggable databases in the given environment, run the following command in +the root container: + +``` +ALTER USER %USERNAME% SET CONTAINER_DATA=ALL CONTAINER = CURRENT; +``` + +## Oracle Permission Auditing + +The Oracle Permissions Scan job is responsible for collecting all permissions from all licensed +database types for all target instances. + +### Oracle Database 19c Series Permissions + +In order to collect permissions from Oracle Database 19c series, the user credential requires at +least the following `SELECT` privilege on the targeted database for the following views and tables: + +- CDB_COL_PRIVS view +- CDB_TAB_COLS view +- CDB_OBJECTS view +- CDB_PROFILES view +- CDB_ROLE_PRIVS view +- CDB_ROLES view +- CDB_SYS_PRIVS view +- CDB_TABLESPACES view +- CDB_TAB_PRIVS view. +- CDB_USERS view. +- V_$DATABASE view. +- V_$RSRC_CONSUMER_GROUP view. +- V_$CONTAINERS view. +- V_$PARAMETER view. +- V_$PDBS view. +- V_$INSTANCE view. +- SYS.USER$ table. +- DBA_TABLESPACES view +- DBA_ROLES view +- DBA_USERS view +- DBA_OBJECTS view +- DBA_COL_PRIVS view +- DBA_TAB_COLS view +- DBA_ROLE_PRIVS view +- DBA_SYS_PRIVS view +- DBA_TAB_PRIVS view + +For example, to grant all of the above privileges, run the following set of commands in SQL +Developer or SQL\*Plus: + +``` +GRANT CONNECT TO %USERNAME%; +GRANT CREATE SESSION TO %USERNAME%; +GRANT SELECT ON DUAL TO %USERNAME%; +GRANT SELECT ON CDB_COL_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; +GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; +GRANT SELECT ON CDB_PROFILES TO %USERNAME%; +GRANT SELECT ON CDB_ROLE_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_ROLES TO %USERNAME%; +GRANT SELECT ON CDB_SYS_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_TABLESPACES TO %USERNAME%; +GRANT SELECT ON CDB_TAB_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_USERS TO %USERNAME%; +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; +GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; +GRANT SELECT ON V_$PARAMETER TO %USERNAME%; +GRANT SELECT ON V_$PDBS TO %USERNAME%; +GRANT SELECT ON V_$INSTANCE TO %USERNAME%; +GRANT SELECT ON SYS.USER$ TO %USERNAME%; +GRANT SELECT ON DBA_TABLESPACES TO %USERNAME%; +GRANT SELECT ON DBA_ROLES TO %USERNAME%; +GRANT SELECT ON DBA_USERS TO %USERNAME%; +GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; +GRANT SELECT ON DBA_COL_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; +GRANT SELECT ON DBA_ROLE_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_SYS_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_TAB_PRIVS TO %USERNAME%; +``` + +### Oracle Database 12c Series Permissions + +In order to collect permissions from Oracle Database 12c series, the user credential requires at +least the following `SELECT` privilege on the targeted database for the following views and tables: + +- CDB_COL_PRIVS view +- CDB_TAB_COLS view +- CDB_OBJECTS view +- CDB_PROFILES view +- CDB_ROLE_PRIVS view +- CDB_ROLES view +- CDB_SYS_PRIVS view +- CDB_TABLESPACES view +- CDB_TAB_PRIVS view. +- CDB_USERS view. +- V_$RSRC_CONSUMER_GROUP view. +- V_$DATABASE view. +- V_$PARAMETER view. +- V_$PDBS view. +- V_$CONTAINERS view. +- SYS.USER$ table. + +For example, to grant all of the above privileges, run the following set of commands in SQL +Developer or SQL\*Plus: + +``` +GRANT SELECT ON CDB_COL_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; +GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; +GRANT SELECT ON CDB_PROFILES TO %USERNAME%; +GRANT SELECT ON CDB_ROLE_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_ROLES TO %USERNAME%; +GRANT SELECT ON CDB_SYS_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_TABLESPACES TO %USERNAME%; +GRANT SELECT ON CDB_TAB_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_USERS TO %USERNAME%; +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; +GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; +GRANT SELECT ON V_$PARAMETER TO %USERNAME%; +GRANT SELECT ON V_$PDBS TO %USERNAME%; +GRANT SELECT ON SYS.USER$ TO %USERNAME%; +``` + +### Oracle Database 11g Series Permissions + +In order to collect permissions from Oracle Database 11g series, the user credential requires at +least the following `SELECT` privileges on the targeted database for the following views and tables: + +- DBA_COL_PRIVS view +- DBA_TAB_COLS view +- DBA_OBJECTS view +- DBA_PROFILES view +- DBA_ROLES view +- DBA_ROLE_PRIVS view +- DBA_SYS_PRIVS view +- DBA_TABLESPACES view +- DBA_TAB_PRIVS view +- DBA_USERS view +- V_$RSRC_CONSUMER_GROUP view +- V_$DATABASE view +- V_$PARAMETER view +- SYS.USER$ table + +For example, to grant all of the above privileges, run the following set of commands in Oracle SQL +Developer or SQL\*Plus: + +``` +GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; +GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; +GRANT SELECT ON DBA_TABLESPACES TO %USERNAME%; +GRANT SELECT ON DBA_PROFILES TO %USERNAME%; +GRANT SELECT ON DBA_TAB_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_ROLES TO %USERNAME%; +GRANT SELECT ON DBA_ROLE_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_SYS_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_COL_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_USERS TO %USERNAME%; +GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON V_$PARAMETER TO %USERNAME%; +GRANT SELECT ON SYS.USER$ TO %USERNAME%; +``` + +## Oracle Sensitive Data Auditing + +This job is responsible for identifying sensitive data that has been stored within target database +instances. + +Before running this scan, ensure that Oracle database statistics are up to date at least for the +targeted schema or tables. Use one of the following commands: + +``` +EXEC DBMS_STATS.GATHER_SCHEMA_STATS('%SCHEMA_NAME%'); +EXEC DBMS_STATS.GATHER_TABLE_STATS('%SCHEMA_NAME%', ‘%TABLE_NAME%’); +``` + +### Oracle Database 12c Series Sensitive Data + +In order to perform a sensitive data scan on Oracle database 12c series, the user credential +requires at least the following `SELECT` privileges on the targeted database for the following +views: + +- V_$CONTAINERS view +- V_$DATABASE view +- CDB_TAB_COLS view +- CDB_OBJECTS view + +For example, to grant the above privileges, run the following set of commands in SQL Developer or +SQL\*Plus: + +``` +GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; +GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; +``` + +### Oracle Database 11g Series Sensitive Data + +In order to perform a sensitive data scan on Oracle database 11g series, the user credential +requires at least the following `SELECT` privileges on the targeted database for the following +views: + +- V_$DATABASE view +- DBA_TAB_COLS view +- DBA_OBJECTS view + +For example, to grant the above privileges, run the following set of commands in SQL Developer or +SQL\*Plus: + +``` +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; +GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; +``` + +Please note that the `SELECT` privilege needs to be granted individually on all sensitive data +tables to be targeted (more secure). To accomplish it, run the following command for each targeted +sensitive data table: + +``` +GRANT SELECT ON %YOUR_SENSITIVE_DATA_TABLE% TO %USERNAME%; +``` + +*(Optional)* Grant the `SELECT` privilege on any table (less secure) by running the following +command: + +``` +GRANT SELECT ANY TABLE TO %USERNAME%; +``` + +## Oracle Activity Auditing + +This job is responsible for collecting audit data from configured database server audits on target +endpoints. + +### Oracle Database 12c Series Activity Data + +In order to perform an activity data scan on Oracle database 12c series, the user credential +requires at least the following `SELECT` privileges on the targeted database for the following +views: + +- V_$DATABASE view +- CDB_COMMON_AUDIT_TRAIL view +- UNIFIED_AUDIT_TRAIL view + +For example, to grant the above privileges, run the following set of commands in SQL Developer or +SQL\*Plus: + +``` +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON CDB_COMMON_AUDIT_TRAIL TO %USERNAME%; +GRANT SELECT ON UNIFIED_AUDIT_TRAIL TO %USERNAME%; +``` + +If the audit trail mode is `QUEUED`, then audit records are not written to disk until the in-memory +queues are full. The following procedure explicitly flushes the queues to disk, so that the audit +trail records are viewable in the `UNIFIED_AUDIT_TRAIL` view: + +``` +EXEC SYS.DBMS_AUDIT_MGMT.FLUSH_UNIFIED_AUDIT_TRAIL; +``` + +### Oracle Database 11g Series Activity Data + +In order to perform an activity data scan on Oracle database 11g series, the user credential +required at least the following `SELECT` privileges on the targeted database for the following +views: + +- V_$DATABASE view +- DBA_COMMON_AUDIT_TRAIL view + +For example, to grant the above privileges, run the following set of commands in SQL Developer or +SQL\*Plus: + +``` +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON DBA_COMMON_AUDIT_TRAIL TO %USERNAME%; +``` + +## Oracle Users with Default Passwords Job + +The 4-Oracle_DefaultPasswordUsers job is responsible for collecting usernames of users whose +passwords have not been updated since the database creation. + +The user needs to have a `SELECT` privilege on `CDB_USERS_WITH_DEFPWD` table for Oracle container +databases (version 12c and higher) or `DBA_USERS_WITH_DEFPWD` for the non-container database (any +version below 12c). + +To grant the required privileges, execute the following statements in SQL Developer or SQL\*Plus: + +For version 12c and later: + +``` +GRANT SELECT ON CDB_USERS_WITH_DEFPWD TO %USERNAME%; +``` + +For version 11g: + +``` +GRANT SELECT ON DBA_USERS_WITH_DEFPWD TO %USERNAME%; +``` diff --git a/docs/accessanalyzer/11.6/requirements/target/databasedb2.md b/docs/accessanalyzer/11.6/requirements/target/databasedb2.md new file mode 100644 index 0000000000..934796b403 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/databasedb2.md @@ -0,0 +1,59 @@ +# Target Db2 Requirements, Permissions, and Ports + +The Enterprise Auditor for Databases Solution provides the ability to audit and monitor Db2 database +environments to collect permissions and sensitive data. It scans: + +- DB2LUW 11+ + +Target Db2 Requirements + +Successful installation of the IBM Data Server Client is required to run the Db2 Job Group. In +addition, the following clients and drivers must be installed: + +- IBM Data Server Driver Package (DS Driver) +- IBM Data Server Driver for JDBC and SQLJ (JCC Driver) +- IBM Data Server Driver for ODBC and CLI (CLI Driver) +- IBM Data Server Runtime Client +- IBM Data Server Client +- IBM Database Add-Ins for Visual Studio +- IBM .NET Driver NuGet + +**NOTE:** All necessary clients and drivers can be found on IBM Support's +[Download initial version 11.5 clients and drivers](https://www.ibm.com/support/pages/download-initial-version-115-clients-and-drivers) +page. From the list of available packages, select the IBM Data Server Client, which is the +all-in-one client package. This package includes all of the client tools and available libraries, as +well as the add-ins for Visual Studio. + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For SQL Data Collector + +- Specified by Instances table (default is 5000) diff --git a/docs/accessanalyzer/11.6/requirements/target/databasemongodb.md b/docs/accessanalyzer/11.6/requirements/target/databasemongodb.md new file mode 100644 index 0000000000..0684e48847 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/databasemongodb.md @@ -0,0 +1,46 @@ +# Target MongoDB Requirements, Permissions, and Ports + +The Enterprise Auditor for Databases Solution provides the ability to audit and monitor MongoDB +database environments to collect permissions and sensitive data. It scans: + +- MongoDB 5.0 +- MongoDB 6.0 +- MongoDB 7.0 +- Windows and Linux distributions supported by MongoDB + +Target MongoDB Requirements for Sensitive Data Discovery Scans + +- .NET Framework 4.8 is required to run the MongoDB_SensitiveDataScan Job +- MongoDB Cluster on Windows Only – Domain Administrator or Local Administrator privilege + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [NoSQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/nosql/overview.md) + +## Permissions + +For MongoDB Prerequisite + +- Read Only access to ALL databases in the MongoDB Cluster including: + + - Admin databases + - Config databases + - Local databases + +- Read Only access to any user databases is required for sensitive data discovery +- Read access to NOSQL instance +- Read access to MongoDB instance +- Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target + NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard + page + +## Ports + +The following firewall ports are needed: + +For NoSQL Data Collector + +- MongoDB Cluster +- Default port is 27017 (A custom port can be configured) diff --git a/docs/accessanalyzer/11.6/requirements/target/databasemysql.md b/docs/accessanalyzer/11.6/requirements/target/databasemysql.md new file mode 100644 index 0000000000..10881f0f48 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/databasemysql.md @@ -0,0 +1,66 @@ +# Target MySQL Requirements, Permissions, and Ports + +The Enterprise Auditor for Databases Solution provides the ability to audit and monitor MySQL +database environments to collect permissions and sensitive data. It scans: + +- MySQL 5.x +- MySQL 8.x +- Amazon MySQL RDS +- Amazon Aurora MySQL Engine +- MariaDB 10.x + +Target MySQL Requirements + +The following are requirements for the MySQL to be scanned: + +- WINRM Service installed and enabled — Required only if MySQL is running on Windows + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) + +## Requirements + +- Windows (Enterprise Auditor host) - Windows Management Framework 3+ installed on the Enterprise + Auditor Console server (Windows 2012 and later) +- Windows (MySQL host) + - WinRM enabled +- MySQL + + - Read access to all databases contained within each MySQL instance + - Domain Admin or Local Admin privilege (Windows only) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For MySQL Data Collection + +- Read access to MySQL instance to include all databases contained within each instance +- Windows Only — Domain Admin or Local Admin privilege + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For SQL Data Collector + +- Specified by Instances table (default is 3306) diff --git a/docs/accessanalyzer/11.6/requirements/target/databaseoracle.md b/docs/accessanalyzer/11.6/requirements/target/databaseoracle.md new file mode 100644 index 0000000000..1498ac8e33 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/databaseoracle.md @@ -0,0 +1,61 @@ +# Target Oracle Requirements, Permissions, and Ports + +The Enterprise Auditor for Databases Solution provides the ability to audit and monitor Oracle +database environments to collect permissions, sensitive data, and activity events. It scans: + +- Oracle Database 12c +- Oracle Database 18c +- Oracle Database 19c + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [PowerShell Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For PowerShell Data Collection + +- Member of the Local Administrators group + +For Oracle Data Collection + +- User with SYSDBA role +- Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or + Unix operating systems + +There is a least privilege model for scanning your domain. See the +[Oracle Target Least Privilege Model](/docs/accessanalyzer/11.6/requirements/target/config/databaseoracle.md) +topic for additional information. + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For PowerShell Data Collector + +- Randomly allocated high TCP ports + +For SQL Data Collector + +- Specified by Instances table (default is 1521) diff --git a/docs/accessanalyzer/11.6/requirements/target/databasepostgresql.md b/docs/accessanalyzer/11.6/requirements/target/databasepostgresql.md new file mode 100644 index 0000000000..fe95d38b79 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/databasepostgresql.md @@ -0,0 +1,54 @@ +# Target PostgreSQL Requirements, Permissions, and Ports + +The Enterprise Auditor for Databases Solution provides the ability to audit and monitor PostgreSQL +database environments to collect permissions and sensitive data. It scans: + +- Open Source PostgreSQL 9x through 12x +- Enterprise DB PostgreSQL (10x trhough 12x) +- Amazon AWS Aurora PostgreSQL Engine (all versions supported by Amazon AWS) +- Azure PostgreSQL (9.6) + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) + +## Requirements + +- Read access to all databases contained within each PostgreSQL instance +- Domain Admin or Local Admin privilege (Windows only) +- Login account for each instance of PostgreSQL to be audited + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For PostgreSQL Data Collection + +- Read access to all the databases in PostgreSQL cluster or instance +- Windows Only — Domain Admin or Local Admin privilege + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For SQL Data Collector + +- Specified by Instances table (default is 5432) diff --git a/docs/accessanalyzer/11.6/requirements/target/databaseredshift.md b/docs/accessanalyzer/11.6/requirements/target/databaseredshift.md new file mode 100644 index 0000000000..69214142b2 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/databaseredshift.md @@ -0,0 +1,60 @@ +# Target Redshift Requirements, Permissions, and Ports + +The Enterprise Auditor for Databases Solution provides the ability to audit and monitor Redshift +database environments to collect permissions and sensitive data. It scans: + +- Amazon AWS Redshift +- AWS Redshift Cluster + +Target Redshift Requirements + +- Creation of a user name and password through the AWS portal. +- Successful retrieval of the following items from the AWS website: + + - Database Name – Unique identifier for a specific database + - Port Number – String of unique numbers used by networks to identify specific incoming + processes + - Endpoint name – Publicly accessible elastic IP address specific to the database + +- Retrieval of the information from the Enterprise Auditor console. + +Additional requirements for Sensitive Data Discovery: + +- Windows Only – Domain Administrator or Local Administrator privilege + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For Redshift Data Collection + +- Read-access to the following tables: + + - pg_tables + - pg_user + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/11.6/requirements/target/databasesql.md b/docs/accessanalyzer/11.6/requirements/target/databasesql.md new file mode 100644 index 0000000000..b21c816f86 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/databasesql.md @@ -0,0 +1,102 @@ +# Target SQL Server Requirements, Permissions, and Ports + +The Enterprise Auditor for Databases Solution provides the ability to audit and monitor SQL Server +database environments to collect permissions, sensitive data, and activity events. It scans: + +- Azure SQL + +- SQL Server 2022 +- SQL Server 2019 +- SQL Server 2017 +- SQL Server 2016 + +Target SQL Server Requirements + +The following are requirements for the SQL Server to be scanned: + +- WINRM Service installed +- Ensure the following rights are in the `ROOT\Microsoft\SQLServer` and `ROOT\Interop` WMI + NameSpaces: + + - Execute Methods + - Enable Account + - Remote Enable + + **NOTE:** Restart WMI after applying changes. + +- For Activity Auditing – SQL Server Audit: + + - SQL Server Audit Specifications to be configured on the target databases + - Audit destination must be a binary file + - See the Microsoft + [Create a server audit and database audit specification](https://learn.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) + article. + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [SMARTLog Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For SMARTLog Data Collection + +- Member of the local Administrators group + +For SQL Server Data Collection + +- For Instance Discovery, local rights on the target SQL Servers: + + - Local group membership to Remote Management Users + - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` + +- For permissions for data collection: + + - Read access to SQL instance + - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the + target SQL instance(s) when using the **Scan full rows for sensitive data** option on the + Options wizard page + - Grant Authenticate Server to [DOMAIN\USER] + - Grant Connect SQL to [DOMAIN\USER] + - Grant View any database to [DOMAIN\USER] + - Grant View any definition to [DOMAIN\USER] + - Grant View server state to [DOMAIN\USER] + - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) + +See the +[Azure SQL Auditing Configuration](/docs/accessanalyzer/11.6/requirements/target/config/azuresqlaccess.md) +topic for additional information. + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For SMARTLog Data Collector + +- TCP 135 +- TCP 445 +- Randomly allocated high TCP ports + +For SQL Data Collector + +- Specified by Instances table (default is 1433) diff --git a/docs/accessanalyzer/11.6/requirements/target/dropbox.md b/docs/accessanalyzer/11.6/requirements/target/dropbox.md new file mode 100644 index 0000000000..ccc3cd751a --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/dropbox.md @@ -0,0 +1,31 @@ +# Target Dropbox Requirements, Permissions, and Ports + +The Enterprise Auditor for AWS Solution provides the ability to audit Dropbox. It scans: + +- Dropbox + +Data Collector + +This solution employs the following data collector to scan the target environment: + +- [DropboxAccess Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/overview.md) + +## Permissions + +- Dropbox Team Administrator + +The DropboxAccess Data Collector requires the generation of an access token that is used to +configure the Connection Profile for Dropbox. The access token is generated from within the Dropbox +Access Auditor Data Collector Wizard on the Scan Options page. Once the access token is copied into +a Connection Profile for Dropbox, it will be saved and does not need to be generated again. See the +[DropboxAccess: Scan Options](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.md) +topic for additional information. + +## Ports + +The following firewall ports are needed: + +For DropboxAccess Data Collector + +- TCP 80 +- TCP443 diff --git a/docs/accessanalyzer/11.6/requirements/target/exchange.md b/docs/accessanalyzer/11.6/requirements/target/exchange.md new file mode 100644 index 0000000000..eaeb839185 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/exchange.md @@ -0,0 +1,181 @@ +# Target Exchange Servers Requirements, Permissions, and Ports + +The Enterprise Auditor for Exchange Solution is compatible with the following Exchange Server +versions as targets: + +- Exchange 2019 (Limited) +- Exchange 2016 (Limited) +- Exchange 2013 +- Exchange 2010 (Limited) + +See the +[Exchange Support and Permissions Explained](/docs/accessanalyzer/11.6/requirements/solutions/exchange/support.md) +topic for details on the type of auditing supported by data collector and by job group. + +Domain Controller Requirements + +The following are requirements for the Exchange servers to be scanned: + +- Enable Remote PowerShell on one Client Access Server (CAS) +- Enable Windows Authentication for the PowerShell Virtual Directory on the same CAS +- .NET Framework 4.5+ installed on all Exchange servers to be targeted +- WINRM Service installed on all Exchange servers to be targeted as a back up in the event of a + remote PowerShell failure +- Within the Enterprise Auditor Console, the global **Settings > Exchange** node must be configured + + **NOTE:** For Exchange 2013, 2016, and 2019 – If the global Settings have been configured for + "MAPI over HTTP," then an actual CAS server name was supplied and will be used by the ExchangePS + Data Collector. If the global Settings have been configured for "MAPI over HTTPS," then the + global Settings will have a web address instead of an actual server. Therefore, each ExchangePS + query requires the CAS server to be set as the specific server on the Category page. See the + [ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/11.6/solutions/exchange/recommended.md) + topic for a list of queries for which this would apply. + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [EWSMailbox Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/overview.md) +- [EWSPublicFolder Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/overview.md) +- [Exchange2K Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/exchange2k/overview.md) +- [ExchangeMailbox Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/overview.md) +- [ExchangeMetrics Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/overview.md) +- [ExchangePS Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/overview.md) +- [ExchangePublicFolder Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/overview.md) +- [SMARTLog Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For Exchange Web Services API Permissions with the EWSMailbox Data Collector + +- Exchange Admin Role +- Discovery Management Role +- Application Impersonation Role +- Exchange Online License + +See the +[Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/webservicesapi.md) +topic for additional information. + +For Exchange Web Services API Permissions with the EWSPublicFolder Data Collector + +- Exchange Admin Role +- Discovery Management Role +- Application Impersonation Role +- Exchange Online License with a mailbox + +See the +[Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/webservicesapi.md) +topic for additional information. + +For Exchange2K Data Collector + +- Member of the Exchange Administrator group +- Domain Admin for AD property collection +- Public Folder Management + +For ExchangeMailbox Data Collector + +- Member of the Exchange Administrator group +- Organization Management +- Discovery Management + +For Exchange Mail Flow with ExchangeMetrics Data Collector + +- Member of the local Administrator group on the targeted Exchange server(s) + +See the +[Exchange Mail-Flow Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/mailflow.md) +topic for additional information. + +For Exchange Remote Connection with SMARTLog Data Collector + +- Member of the local Administrators group + +See the +[Exchange Remote Connections Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/remoteconnections.md) +topic for additional information. + +For Exchange PowerShell with ExchangePS Data Collector + +- Remote PowerShell enabled on a single Exchange server +- Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server + where Remote PowerShell has been enabled +- View-Only Organization Management Role Group +- Discovery Search Management Role Group +- Public Folder Management Role Group +- Mailbox Search Role + +See the +[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) +topic for additional information. + +For ExchangePublicFolders Data Collector + +- Member of the Exchange Administrator group +- Organization Management + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For EWSMailbox Data Collector + +- TCP 389 +- TCP 443 + +For EWSPublicFolder Data Collector + +- TCP 389 +- TCP 443 + +For Exchange2K Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports +- TCP 389 +- Optional TCP 445 + +For ExchangeMailbox Data Collector + +- TCP 135 +- Randomly allocated high TCP ports + +For ExchangeMetrics Data Collector + +- TCP 135 +- Randomly allocated high TCP ports + +For ExchangePS Data Collector + +- TCP 135 +- Randomly allocated high TCP ports + +For ExchangePublicFolder Data Collector + +- TCP 135 +- Randomly allocated high TCP ports + +For SMARTLog Data Collector + +- TCP 135 +- TCP 445 +- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/11.6/requirements/target/exchangeonline.md b/docs/accessanalyzer/11.6/requirements/target/exchangeonline.md new file mode 100644 index 0000000000..bb6b7e7a32 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/exchangeonline.md @@ -0,0 +1,113 @@ +# Target Exchange Online Requirements, Permissions, and Ports + +The Enterprise Auditor for Exchange Solution provides the ability to audit Exchange Online. It +scans: + +- Exchange Online (Limited) + +See the +[Exchange Support and Permissions Explained](/docs/accessanalyzer/11.6/requirements/solutions/exchange/support.md) +topic for details on the type of auditing supported by data collector and by job group. + +Data Collectors + +This solution employs the following data collectors to scan the target environment: + +- [AzureADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/overview.md) +- [EWSMailbox Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/overview.md) +- [EWSPublicFolder Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/overview.md) +- [ExchangePS Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/overview.md) + +## Permissions + +For .Entra ID Inventory Prerequisite with the AzureADInventory Data Collector + +- Microsoft Graph API + + - Application Permissions: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + + - Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +- Access URLs + + - https://login.windows.net + - https://graph.windows.net + - https://login.microsoftonline.com + - https://graph.microsoft.com + + - All sub-directories of the access URLs listed + +See the +[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/11.6/config/entraid/access.md) +topic for additional information. + +Permissions for the Registered Microsoft Entra ID Application: Office 365 Exchange Online + +- Application Permissions: + + - Exchange.ManageAsApp – Manage Exchange As Application + - full_access_as_app – Use Exchange Web Services with full access to all mailboxes + +- Exchange Administrator role assigned to the registered application's service principal + +See the +[Exchange Online Auditing Configuration](/docs/accessanalyzer/11.6/config/exchangeonline/access.md) +topic for additional information. + +For Exchange Web Services API Permissions with the EWSMailbox Data Collector + +- Exchange Admin Role +- Discovery Management Role +- Exchange Online License + +See the +[Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/webservicesapi.md) +topic for additional information. + +For Exchange Web Services API Permissions with the EWSPublicFolder Data Collector + +- Exchange Admin Role +- Discovery Management Role +- Exchange Online License with a mailbox + +See the +[Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/webservicesapi.md) +topic for additional information. + +For Exchange PowerShell with ExchangePS Data Collector + +- Discovery Management Role +- Organization Management Role + +See the +[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) +topic for additional information. + +## Ports + +The following firewall ports are needed: + +For AzureADInventory Data Collector + +- TCP 80 and 443 + +For EWSMailbox Data Collector + +- TCP 389 +- TCP 443 + +For EWSPublicFolder Data Collector + +- TCP 389 +- TCP 443 + +For ExchangePS Data Collector + +- TCP 135 +- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/11.6/requirements/target/filesystems.md b/docs/accessanalyzer/11.6/requirements/target/filesystems.md new file mode 100644 index 0000000000..e1f0288f2a --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/filesystems.md @@ -0,0 +1,146 @@ +# File System Supported Platforms + +Netwrix Enterprise Auditor audits Microsoft® Windows® file servers, Network Attached Storage (NAS) +devices, and Unix platforms. + +Enterprise Auditor employs the File System Solution to execute Access Auditing (FSAA), Activity +Monitoring (FSAC), and Sensitive Data Discovery Auditing scans. The Activity Monitoring (FSAC) scans +also require an additional application, either Netwrix Activity Monitor or Netwrix Threat +Prevention, to monitor the target environment. + +**NOTE:** Access Auditing and Sensitive Data Discovery Auditing support CIFS and NFSv3. + +Ports and permissions vary based on the scan mode option selected as well as the target environment. + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [FileSystemAccess Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/overview.md) + +Permissions and Ports for ADInventory Data Collector Prerequisite + +The following permissions are needed: + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +The following firewall ports are needed: + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions and Ports for FileSystemAccess Data Collector + +- Permissions vary based on the Scan Mode Option selected. See the File System Supported Platforms + topic for additional information. + +## Supported Windows Platforms + +The following are supported Microsoft® Windows® operating systems: + +- Windows Server 2022 +- Windows Server 2019 +- Windows Server 2016 + +See the +[Windows File Server Target Requirements](/docs/accessanalyzer/11.6/config/windowsfile/overview.md) +topic for target environment requirements. + +Windows File System Clusters + +See the topic for target environment requirements. + +Windows File System DFS Namespaces + +See the topic for target environment requirements. + +## Supported Network Attached Storage Devices + +The following are supported Network Attached Storage (NAS) devices. + +Dell Celerra® & VNX + +- Celerra 6.0+ +- VNX 7.1 +- VNX 8.1 + +See the +[Dell Celerra & Dell VNX Target Requirements](/docs/accessanalyzer/11.6/config/dellcelerravnx/overview.md) +topic for target environment requirements. + +Dell Isilon/PowerScale + +- 7.0+ + +See the +[Dell Isilon/PowerScale Target Requirements](/docs/accessanalyzer/11.6/config/dellpowerscale/overview.md) +topic for target environment requirements. + +Dell Unity + +See the +[Dell Unity Target Requirements](/docs/accessanalyzer/11.6/config/dellunity/overview.md) +topic for target environment requirements. + +Hitachi + +- 11.2+ + +See the +[Hitachi Target Requirements](/docs/accessanalyzer/11.6/config/hitachi/overview.md) +topic for target environment requirements. + +Nasuni Nasuni Edge Appliances + +- 8.0+ + +See the +[Nasuni Target Requirements](/docs/accessanalyzer/11.6/config/nasuni/overview.md) topic +for target environment requirements. + +NetApp Data ONTAP + +- 7-Mode 7.3+ +- Cluster-Mode 8.2+ + + **NOTE:** The Resiliency feature introduced in ONTAP 9.0 is not supported. + +See the following topics for target environment requirements: + +- [NetApp Data ONTAP Cluster-Mode Target Requirements](/docs/accessanalyzer/11.6/config/netappcmode/overview.md) +- [NetApp Data ONTAP 7-Mode Target Requirements](/docs/accessanalyzer/11.6/config/netapp7mode/overview.md) + +Nutanix + +See the +[Nutanix Target Requirements](/docs/accessanalyzer/11.6/config/nutanix/overview.md) +topic for target environment requirements. + +Qumulo + +- Qumulo Core 5.0.0.1B+ + +See the +[Qumulo Target Requirements](/docs/accessanalyzer/11.6/config/qumulo/overview.md) topic +for target environment requirements. + +## Supported Unix Platforms + +The following are supported Unix operating systems for Access Auditing (FSAA) and Sensitive Data +Discovery Auditing only: + +- AIX® 4+ +- Solaris™ 8+ +- Red Hat® Enterprise Linux® 4+ +- Red Hat® Linux® 5.2+ +- HP-UX® 11+ +- SUSE® 10+ diff --git a/docs/accessanalyzer/11.6/requirements/target/sharepoint.md b/docs/accessanalyzer/11.6/requirements/target/sharepoint.md new file mode 100644 index 0000000000..73132ba95f --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/sharepoint.md @@ -0,0 +1,97 @@ +# SharePoint Support + +Netwrix products audit and monitor Microsoft® SharePoint® environments. Enterprise Auditor employs +the SharePoint solution to execute Access Auditing (SPAA) and Sensitive Data Discovery Auditing +scans against SharePoint on-premise and SharePoint Online. Through integration with Activity +Monitor, Enterprise Auditor can also execute Activity Auditing (SPAC) scans against SharePoint +on-premise and SharePoint online environments. Additionally, Activity Monitor can be configured to +provide activity data to various SIEM products. + +Ports and permissions vary based on the scan mode option selected as well as the target environment. + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/overview.md) +- [AzureADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/overview.md) +- [SharePointAccess Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/spaa/overview.md) + +Permissions and Ports for ADInventory Data Collector Prerequisite + +The following permissions are needed: + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +The following firewall ports are needed: + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions and Ports for AzureADInventory Data Collector Prerequisite + +The following permissions are needed: + +- Microsoft Graph API + + - Application Permissions: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + + - Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +- Access URLs + + - https://login.windows.net + - https://graph.windows.net + - https://login.microsoftonline.com + - https://graph.microsoft.com + + - All sub-directories of the access URLs listed + +The following firewall ports are needed: + +- TCP 80 and 443 + +## Supported SharePoint Online + +The following are supported Microsoft® SharePoint® Online: + +- SharePoint Online® (Agent-less mode scans only) + +- OneDrive® for Business (Access Auditing and/or Sensitive Data Discovery Auditing for Agent-less + mode scans only) + +See the +[SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) +topic for additional information. + +**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for +SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and +provisions it with the required permissions. See the +[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_registerazureappauth.md) +topic for additional information. + +## Supported SharePoint On-Premise + +The following are supported Microsoft® SharePoint® operating systems: + +- SharePoint® 2019 +- SharePoint® 2016 +- SharePoint® 2013 + +See the +[SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/requirements/target/unix.md b/docs/accessanalyzer/11.6/requirements/target/unix.md new file mode 100644 index 0000000000..cd051d3195 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/unix.md @@ -0,0 +1,205 @@ +# Target Unix Requirements, Permissions, and Ports + +The Enterprise Auditor for Unix Solution provides the ability to audit Unix servers. It scans: + +- AIX® 4+ +- Solaris™ 8+ +- Red Hat® Enterprise Linux® 4+ +- Red Hat® Linux® 5.2+ +- HP-UX® 11+ +- CentOS® 7+ +- SUSE® 10+ + +Data Collectors + +This solution employs the following data collectors to scan the target environment: + +- [NIS Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/nis/overview.md) +- [Unix Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/unix/overview.md) + +## Permissions + +For NIS Data Collector Prerequisite + +- No special permissions are needed aside from access to a NIS server + +For Unix Data Collector + +- Root permissions in Unix/Linux + +If the Root permission is unavailable, a least privileged model can be used. See the +[Least Privilege Model](#least-privilege-model) topic additional information. + +## Ports + +The following firewall ports are needed: + +For NIS Data Collector Prerequisite + +- TCP 111 or UDP 111 +- Randomly allocated high TCP ports + +For Unix Data Collector + +- TCP 22 +- User configurable + +## Least Privilege Model + +Enterprise Auditor for Unix collects information from Unix devices by running commands or executing +scripts on your Unix hosts (if configured properly our tool can SCP scripts to your hosts before +execution). Therefore, the domain or local user credentials entered in the Connection Profile within +the Enterprise Auditor must be capable of running the necessary commands, executing the necessary +scripts or, in some cases, have rights to SCP scripts to the host. + +### Connecting to Unix Hosts + +Enterprise Auditor for Unix connects to your host in two ways: + +- Plink – This mechanism is leveraged during our tools Host Inventory to test connectivity to a host + and to collect basic details about a host (Host Name, OS Type, etc.) +- Implementation of the SSH2 protocol built into Enterprise Auditor – This is how the Unix Data + Collector interacts with and pulls information from your environment + +Authentication Methods + +- SSH Login Required +- SSH Private Key + + - Supported Key Types + + - Open SSH + - PuTTY Private Key + +Device Connectivity + +- SSH port opened in software and hardware firewalls. Default is 22. + + - If you do not use Port 22, you can specify your SSH port in the Connection Profile + +### Commands for Non-Root Accounts + +We recommend using the root account to run Enterprise Auditor against a Unix system. However, if +that is not acceptable all the commands we leverage in the solution set are below and can be used to +implement least privilege: + +All Perl scripts require the account to be able to execute the following commands: + +``` +scp [script] to a target location: /tmp/[script] +``` + +``` +perl [script] +``` + +``` +rm -f [script] +``` + +#### UX_UsersAndGroups Job Requirements + +The 1.Users and Groups > 0.Collection > UX_UsersAndGroups Job requires permissions in the Unix +environment to run the following commands: + +Commands Used + +- `grep` +- `egrep` +- `uname` +- `cat /etc/passwd` (read access) +- `cat /etc/group` (read access) +- `cat /etc/security/user` (read access) +- `cat /etc/shadow` + + - Requires root or customization to job to utilize sudo without password prompt (:NOPASSWD) + +- `egrep /etc/security/user` (read access) +- `egrep /etc/login.defs` (read access) +- `egrep /etc/default/passwd` (read access) +- `cat /etc/security/passwd` (read access) + +Perl Scripts Used + +``` +SA_UX_AIX_User.pl +``` + +``` +SA_UX_AIX_UserLastUpdate.pl +``` + +#### UX_MakeDirectory Job Requirements + +The 2.PrivilegedAccess > Sudoers > 0.Collection > UX_MakeDirectory Job requires permissions in the +Unix environment to run the following commands: + +Commands Used + +- `mkdir /tmp/Stealthbits/` + +#### UX_ParseSudoers Job Requires + +The 2.PrivilegedAccess > Sudoers > 0.Collection > UX_ParseSudoers Job requires permissions in the +Unix environment to run the following commands: + +**NOTE:** To parse sudoers we either need root or an account that has access to use sudo without +password prompt (:NOPASSWD) + +Commands Used + +- `sudo chmod 500 SA_UX_ParseSudoers.pl` +- `sudo ./SA_UX_ParseSudoers.pl` +- `sudo rm SA_UX_ParseSudoers.pl` +- `sudo rmdir /tmp/Stealthbits/` + +Perl Scripts Used + +``` +SA_UX_ParseSudoers.pl +``` + +This grants read access to  `/etc/sudoers` + +#### UX_CriticalFiles Job Requires + +The 2.PrivilegedAccess > UX_Critical Files Job requires permissions in the Unix environment to run +the following commands: + +Commands Used + +- `ls -al /etc/` +- `ls -al /etc/samba/` +- `ls -al /etc/sysconfig` + +#### UX_NFSConfiguration Job Requires + +The 3.Sharing > 0.Collection > UX_NFSConfiguration Job requires permissions in the Unix environment +to run the following commands: + +Perl Scripts Used + +``` +SA_UX_NFSConfiguration.pl +``` + +This grants: + +- read access to `/etc/exports` +- read access to `/etc/dfs/dfstab` + +#### UX_SambaConfiguration Job Requires + +The 3.Sharing > 0.Collection > UX_SambaConfiguration Job requires permissions in the Unix +environment to run the following commands: + +Perl Scripts Used + +``` +SA_UX_SambaConfiguration.pl +``` + +This grants: + +- read access to `/etc/sfw/smb.conf` +- read access to `/etc/samba/smb.conf` diff --git a/docs/accessanalyzer/11.6/requirements/target/windows.md b/docs/accessanalyzer/11.6/requirements/target/windows.md new file mode 100644 index 0000000000..e3490c4250 --- /dev/null +++ b/docs/accessanalyzer/11.6/requirements/target/windows.md @@ -0,0 +1,89 @@ +# Target Windows Server and Desktop Requirements, Permissions, and Ports + +The Enterprise Auditor for Windows Solution is compatible with the following Microsoft Windows +versions as targets: + +- Windows 7 and higher +- Windows Server 2016 and later + +Server and Desktop Requirements + +The following are requirements for the servers and desktops to be scanned: + +- WINRM Service installed + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [GroupPolicy Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/overview.md) +- [PowerShell Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md) +- [Registry Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/registry.md) +- [Script Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/script/overview.md) +- [Services Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/services.md) +- [SMARTLog Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/overview.md) +- [SystemInfo Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/overview.md) +- [TextSearch Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/textsearch/overview.md) +- [UsersGroups Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/usersgroups/overview.md) +- [WMICollector Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/wmicollector/overview.md) + +## Permissions + +- Member of the local Administrators group +- If target host is a domain controller, member of the Domain Administrator group in the target + domain + +## Ports + +The following firewall ports are needed: + +For GroupPolicy Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For PowerShell Data Collector + +- Randomly allocated high TCP ports + +For Registry Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports + +For Script Data Collector + +- Randomly allocated high TCP ports + +For Services Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports + +For SMARTLog Data Collector + +- TCP 135 +- TCP 445 +- Randomly allocated high TCP ports + +For SystemInfo Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports + +For TextSearch Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports + +For UsersGroups Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports +- 445 + +For WMICollector Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/11.6/security-and-compliance/change-driven-security-assessment/job-configuration.md b/docs/accessanalyzer/11.6/security-and-compliance/change-driven-security-assessment/job-configuration.md deleted file mode 100644 index d75a1ae95c..0000000000 --- a/docs/accessanalyzer/11.6/security-and-compliance/change-driven-security-assessment/job-configuration.md +++ /dev/null @@ -1,120 +0,0 @@ -# CDSA Job - -The CDSA Job is available through the Instant Job Library under the CDSA library. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for instructions of how to add this instant job to the Jobs tree. When installing the job, -select **Local host** on the Host pages of the Instant Job Wizard. - -Ensure the supporting solutions have successfully collected and analyzed data prior to running this -job. See the -[Presentation Dependencies](/docs/accessanalyzer/11.6/security-and-compliance/change-driven-security-assessment/presentation.md) -topic for alignment between presentation slides and jobs that supply the data points. - -The CDSA job generates three PowerPoint files: - -- For the Presenter - - - The **Netwrix_CDSA_Presentation.pptx** file is designed to be presented live to the customer - -- For the Customer as printable assets - - - The **Netwrix_CDSA_8.5x11_Presentation.pptx** file is designed to be given to the customer for - self-review as a PDF file - - The **Netwrix_CDSA_A4_Presentation.pptx** file is designed to be given to the customer for - self-review as a PDF file - -**CAUTION:** Do not send any these presentations to a customer in PowerPoint format. - -The printable assets can be converted to PDFs or printed booklet style at a professional print shop -(suggested) if desired. - -These presentations are located within the job’s folder in the Enterprise Auditor installation -directory, which varies according to the location of the job within the Jobs tree. Navigate to this -folder by clicking **Open Folder** on the job's overview page. - -The presentation files contain slides for both a classic CDSA presentation applicable to most -organizations and an ePHI Security Assessment applicable to the healthcare industry. - -## Delivering a CDSA Presentation Slide Show - -The **Netwrix_CDSA_Presentation.pptx** file is designed to be presented live to the customer. There -are two presentation options for the live slide show: - -- The **CDSA - Classic** slide show contains the first 24 slides and is applicable for most - organizations -- The **ePHI Security Assessment** slide show contains the ending slides with select summary slides - from the Classic slide show and is applicable to the healthcare industry - -Use the Custom Slide Show drop-down menu on the Slide Show ribbon in PowerPoint to select the -appropriate presentation. - -**NOTE:** Slide 17 is hidden by default as same information is available on Slides 18-20. - -Netwrix University includes a training module with details on the key talking points for a live -delivery of the slide shows. Check out the **315 – Getting Started with Credential & Data Security -Assessment** training course. - -## Choosing a PDF Version - -Both of the printable assets have two customized options for converting to a PDF: - -- CDSA Classic – Contains the first 24 slides and is applicable for most organizations -- ePHI Security Assessment – Contains the ending slides with select summary slides from the Classic - slide show and is applicable to the healthcare industry - -Follow the steps to create the appropriate custom PDF. - -**Step 1 –** Use the **Save As** option. - -**Step 2 –** Set the file name as desired and change the Save As type to **PDF**. - -**Step 3 –** Click **Options** and change the Range to **Custom show**. - -**Step 4 –** By default, this is set to the **CDSA Classic** show. If needed, change it to the -**ePHI Security Assessment** show. - -**Step 5 –** Click **OK** to confirm the option, and then click **Save** to generate the PDF. - -The presentation is converted to a PDF with only the applicable slides included. - -**NOTE:** Slide 16 is hidden by default as same information is available on Slides 17-19. - -## Custom Slide Show Alignment - -The table lists each slide as it is listed in the **Netwrix_CDSA_Presentation.pptx** file. It -indicates which slides are included in each custom slide show. There are slight variations in page -numbering with the files designed to be saved as PDFs. - -| # | Slide Title | CDSA Classic | ePHI Security Assessment | -| --- | -------------------------------------------------------- | ------------ | ------------------------ | -| 1 | Executive Summary | X | | -| 2 | Netwrix Credential and Data Security Assessment (CDSA) | X | | -| 3 | Data Security | X | | -| 4 | Condition: Open Access | X | X | -| 5 | Sensitive Data | X | | -| 6 | Stale Data | X | | -| 7 | Active Directory Security | X | X | -| 8 | Password Issues | X | | -| 9 | Toxic Active Directory Conditions | X | | -| 10 | Non-Administrators that can Perform Sensitive AD Actions | X | | -| 11 | Active Directory Sensitive Security Groups | X | | -| 12 | Windows: Assessment Summary | X | X | -| 13 | Local Administrators | X | | -| 14 | Service Accounts | X | | -| 15 | Ticket and Credential Management | X | | -| 16 | Shadow Access Rights | X | | -| 17 | Additional Findings (FS, AD, Windows OS) | | | -| 18 | Additional Findings (FS, SharePoint, Box, Dropbox) | X | X | -| 19 | Additional Findings (Exchange, Databases) | X | X | -| 20 | Additional Findings (AD, Windows OS) | X | X | -| 21 | Product Portfolio | X | X | -| 22 | Path To Success | X | X | -| 23 | Netwrix | X | X | -| 24 | Thank You | X | X | -| 25 | Executive Summary: ePHI Security Assessment | | X | -| 26 | Netwrix ePHI Security Assessment | | X | -| 27 | ePHI Data | | X | -| 28 | Condition: Stale Data | | X | -| 29 | AD Security Assessment | | X | -| 30 | Windows: Security Assessment | | X | -| 31 | Shadow Access Rights to ePHI Data | | X | diff --git a/docs/accessanalyzer/11.6/security-and-compliance/change-driven-security-assessment/overview.md b/docs/accessanalyzer/11.6/security-and-compliance/change-driven-security-assessment/overview.md deleted file mode 100644 index d6fd0e8674..0000000000 --- a/docs/accessanalyzer/11.6/security-and-compliance/change-driven-security-assessment/overview.md +++ /dev/null @@ -1,60 +0,0 @@ -# Credential & Data Security Assessment Overview - -Proper data security begins with a strong foundation. The Credential & Data Security Assessment -(CDSA) provides a deep-dive into the security of your structured and unstructured data, Active -Directory, and Windows infrastructure. - -The CDSA job depends upon several Enterprise Auditor solutions for data collection. See the -[Requirements](/docs/accessanalyzer/11.6/getting-started/requirements/system-requirements.md) -topic for installation and database requirements. - -## Supporting Solutions - -At a minimum the following solutions need to run prior to the CDSA job to provide the data used to -generate the CDSA presentations: - -- .Active Directory Inventory Solution - - - See the - [.Active Directory Inventory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - topic for additional information - -- Active Directory Solution - - - See the - [Active Directory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - topic for additional information - -- Active Directory Permissions Analyzer Solution - - - See the - [Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - topic for additional information - -- File System Solution - - - See the - [File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - topic for additional information - -- Windows Solution - - - See the - [Windows Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/overview.md) - topic for additional information - -The following additional solutions also provide data to the CDSA job: - -- [Entra ID Solution](/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md) -- [AWS Solution](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) -- [Box Solution](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) -- [Dropbox Solution](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) -- [Exchange Solution](/docs/accessanalyzer/11.6/accessanalyzer/solutions/exchange/overview.md) -- [Oracle Solution](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) -- [SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - -Additionally, the Sensitive Data Discovery Add-On also contributes to the CDSA presentations. See -the -[Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md) topic -for additional information. diff --git a/docs/accessanalyzer/11.6/security-and-compliance/change-driven-security-assessment/presentation.md b/docs/accessanalyzer/11.6/security-and-compliance/change-driven-security-assessment/presentation.md deleted file mode 100644 index 71385e0aca..0000000000 --- a/docs/accessanalyzer/11.6/security-and-compliance/change-driven-security-assessment/presentation.md +++ /dev/null @@ -1,763 +0,0 @@ -# Presentation Dependencies - -In the following subsections, each slide is aligned to the jobs that supply its data. The slide -number is specific to the **Netwrix_CDSA_Presentation.pptx** file, as there are slight various in -page numbering with the files designed to be saved as PDFs. Many jobs contribute to multiple slides, -so jobs are highlighted in bold text the first time they are listed. - -## Executive Summary Slide - -The Executive Summary slide (Slide 1) has no data points. - -## Netwrix Credential and Data Security Assessment (CDSA) Slide - -The Netwrix Credential and Data Security Assessment (CDSA) slide (Slide 2) has no data points. - -## Data Security Slide - -The Data Security slide (Slide 3) has the following primary job dependencies: - -- .Active Directory Inventory - - - **1-AD_Scan** - -- FileSystem - - - **0.Collection > 1-FSAA System Scans** - - **0.Collection > 2-FSAA Bulk Import** - -Data is also supplied by the following jobs when they have been executed: - -- AWS - - - **0.Collection > 1.AWS_OrgScan** - - **0.Collection > 2.AWS_S3Scan** - -- Box - - - **0.Collection > 1-Box_Access Scans** - - **0.Collection > 2-Box_Import** - -- Databases - - - **0.Collection > Oracle > 0-Oracle_Servers** - - **0.Collection > Oracle > 1-Oracle_PermissionsScan** - - **0.Collection > SQL > 0-SQL_InstanceDiscovery** - - **0.Collection > SQL > 1-SQL_PermissionsScan** - -- Dropbox - - - **0.Collection > 1-Dropbox_Permissions Scan** - - **0.Collection > 2-Dropbox_Permissions Bulk Import** - -- Exchange - - - **4. Mailboxes > Sizing > 0. Collection > EX_MBSize** - - **5. Public Folders > Growth and Size > Collection > PF_FolderScans** - -- SharePoint - - - **0.Collection > 2-SPAA_SystemScans** - - **0.Collection > 5-SPAA_BulkImport** - -## Condition: Open Access Slide - -The Condition: Open Access slide (Slide 4) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- FileSystem - - - 0.Collection > 1-FSAA System Scans - - 0.Collection > 2-FSAA Bulk Import - - **1.Open Access >FS_OpenAccess** - -Data is also supplied by the following jobs when they have been executed: - -- AWS - - - 0.Collection > 1.AWS_OrgScan - - 0.Collection > 2.AWS_S3Scan - - **6.S3 Permissions > AWS_OpenBuckets** - -- Box - - - 0.Collection > 1-Box_Access Scans - - 0.Collection > 2-Box_Import - -- Databases - - - 0.Collection > Oracle > 0-Oracle_Servers - - 0.Collection > Oracle > 1-Oracle_PermissionsScan - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - **Oracle > 3.Permissions > Oracle_PublicPermissions** - - **SQL > 3.Permissions > SQL_PublicPermissions** - -- Dropbox - - - 0.Collection > 1-Dropbox_Permissions Scan - - 0.Collection > 2-Dropbox_Permissions Bulk Import - -- Exchange - - - **4. Mailboxes > Permissions > 0. Collection > EX_Delegates** - - **4. Mailboxes > Permissions > 0. Collection > EX_MBRights** - - **4. Mailboxes > Permissions > 0. Collection > EX_Perms** - - **4. Mailboxes > Permissions > 0. Collection > EX_SendAs** - - **4. Mailboxes > Permissions > EX_MailboxAccess** - - 4. Mailboxes > Sizing > 0. Collection > EX_MBSize - - 5. Public Folders > Growth and Size > Collection > PF_FolderScans - - **5. Public Folders > Permissions > Collection > PF_EntitlementScans** - -- SharePoint - - - 0.Collection > 2-SPAA_SystemScans - - 0.Collection > 5-SPAA_BulkImport - - **2.High Risk Sites > SP_OpenAccess** - -## Sensitive Data Slide - -The Sensitive Data slide (Slide 5) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- FileSystem - - - **0.Collection > 1-SEEK System Scans** - - **0.Collection > 2-SEEK Bulk Import** - - **7.Sensitive Data > FS_DLPResults** - -Data is also supplied by the following jobs when they have been executed: - -- AWS - - - 0.Collection > 1.AWS_OrgScan - - **0.Collection > 4.AWS_S3SDDScan** - - **8.S3 Sensitive Data > AWS_SensitiveData** - -- Databases - - - 0.Collection > Oracle > 0-Oracle_Servers - - 0.Collection > Oracle > 1-Oracle_PermissionsScan - - **0.Collection > Oracle > 2-Oracle_SensitiveDataScan** - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - **0.Collection > SQL > 2-SQL_SensitiveDataScan** - - **Oracle > 5.Sensitive Data > Oracle_SensitiveData** - - **SQL > 5.Sensitive Data > SQL_SensitiveData** - -- Dropbox - - - **0.Collection > 1-Dropbox_SDD Scan** - - **0.Collection > 2-Dropbox_SDD Bulk Import** - - **5.Sensitive Data > Dropbox SensitiveData** - -- Exchange - - - **7. Sensitive Data > 0.Collection > EX_Mailbox_SDD** - - **7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD** - - **7. Sensitive Data > EX_SDDResults** - -- SharePoint - - - **0.Collection > 1-SPSEEK_SystemScans** - - **0.Collection > 4-SPSEEK_BulkImport** - - **6.Sensitive Data > SP_SensitiveData** - -## Stale Data Slide - -The Stale Data slide (Slide 6) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- FileSystem - - - 0.Collection > 1-FSAA System Scans - - 0.Collection > 2-FSAA Bulk Import - - **4.Content > Stale > FS_StaleContent** - -Data is also supplied by the following jobs when they have been executed: - -- Box - - - 0.Collection > 1-Box_Access Scans - - 0.Collection > 2-Box_Import - -- Databases - - - 0.Collection > Oracle > 0-Oracle_Servers - - 0.Collection > Oracle > 1-Oracle_PermissionsScan - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - -- Dropbox - - - 0.Collection > 1-Dropbox_Permissions Scan - - 0.Collection > 2-Dropbox_Permissions Bulk Import - -- Exchange - - - **5. Public Folders > Content > Collection > PF_ContentScans** - -- SharePoint - - - 0.Collection > 2-SPAA_SystemScans - - 0.Collection > 5-SPAA_BulkImport - - **4.Content > SP_StaleFiles** - -## Active Directory Security Slide - -The Active Directory Security slide (Slide 7) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Active Directory Permissions Analyzer - - - **0.Collection > AD_ComputerRights** - - **0.Collection > AD_ContainerRights** - - **0.Collection > AD_DomainRights** - - **0.Collection > AD_GroupRights** - - **0.Collection > AD_OURights** - - **0.Collection > AD_SiteRights** - - **0.Collection > AD_UserRights** - -Data is also supplied by the following jobs when they have been executed: - -- .Entra ID Inventory - - - **1-AAD_Scan** - -## Password Issues Slide - -The Password Issues slide (Slide 8) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Active Directory - - - **2.Users > AD_WeakPasswords** - - **2.Users > AD_PasswordStatus** - - **4.Group Policy > AD_CPassword** - -## Toxic Active Directory Conditions Slide - -The Toxic Active Directory Conditions slide (Slide 9) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - - **3-AD_Exceptions** - -- Active Directory - - - **1.Groups > AD_CircularNesting** - - **1.Groups > AD_EmptyGroups** - - **1.Groups > AD_SensitiveSecurityGroups** - - **1.Groups > AD_StaleGroups** - - **2.Users > AD_SIDHistory** - - **2.Users > AD_StaleUsers** - -## Non-Administrators that can Perform Sensitive AD Actions Slide - -The Non-Administrators that can Perform Sensitive AD Actions slide (Slide 10) has the following -primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Active Directory Permissions Analyzer - - - 0.Collection > AD_ComputerRights - - 0.Collection > AD_ContainerRights - - 0.Collection > AD_DomainRights - - 0.Collection > AD_GroupRights - - 0.Collection > AD_OURights - - 0.Collection > AD_SiteRights - - 0.Collection > AD_UserRights - - **1.Users > AD_ResetPasswordPermissions** - - **2.Groups > AD_GroupMembershipPermissions** - - **8.Domains > AD_DomainReplication** - -## Active Directory Sensitive Security Groups Slide - -The Active Directory Sensitive Security Groups slide (Slide 11) has the following primary job -dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -## Windows: Assessment Summary Slide - -The Windows: Assessment Summary slide (Slide 12) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Windows - - - **Authentication > SG_LSASettings** - - **Authentication > SG_SecuritySupportProviders** - - **Authentication > SG_WDigestSettings** - - **Open Access > SG_OpenFolders** - - **Privileged Accounts > Local Administrators > SG_LocalAdmins** - - **Privileged Accounts > Local Administrators > SG_MicrosoftLAPS** - - **Privileged Accounts > Logon Rights > SG_LocalPolicies** - - **Privileged Accounts > Service Accounts > SG_ServiceAccounts** - - **Security Utilities > SG_PowerShellCommands** - -## Local Administrators Slide - -The Local Administrators slide (Slide 13) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Windows - - - Privileged Accounts > Local Administrators > SG_LocalAdmins - - Privileged Accounts > Logon Rights > SG_LocalPolicies - -## Service Accounts Slide - -The Service Accounts slide (Slide 14) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Windows - - - Authentication > SG_LSASettings - - Authentication > SG_WDigestSettings - - Privileged Accounts > Service Accounts > SG_ServiceAccounts - - Security Utilities > SG_PowerShellCommands - -## Ticket and Credential Management Slide - -The Ticket and Credential Management slide (Slide 15) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Windows - - - Authentication > SG_LSASettings - - Authentication > SG_WDigestSettings - - Security Utilities > SG_PowerShellCommands - -## Shadow Access Rights Slide - -The Shadow Access Rights slide (Slide 16) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Active Directory - - - 1.Groups > AD_SensitiveSecurityGroups - - 2.Users > AD_WeakPasswords - -- Active Directory Permissions Analyzer - - - 0.Collection > AD_ComputerRights - - 0.Collection > AD_ContainerRights - - 0.Collection > AD_DomainRights - - 0.Collection > AD_GroupRights - - 0.Collection > AD_OURights - - 0.Collection > AD_SiteRights - - 0.Collection > AD_UserRights - - 1.Users > AD_ResetPasswordPermissions - - 2.Groups > AD_GroupMembershipPermissions - - **7.Containers > AD_AdminSDHolder** - - 8.Domains > AD_DomainReplication - -- FileSystem - - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-SEEK Bulk Import - - 7.Sensitive Data > FS_DLPResults - -- Windows - - - Privileged Accounts > Local Administrators > SG_LocalAdmins - - **Privileged Accounts > Local Administrators > SG_Sessions** - -Data is also supplied by the following jobs when they have been executed: - -- Databases - - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - 0.Collection > SQL > 2-SQL_SensitiveDataScan - - SQL > 5.Sensitive Data > SQL_SensitiveData - -## Additional Findings (FS, AD, Windows OS) Slide - -Slide 17 in the **Netwrix_CDSA_Presentation.pptx** file is hidden by default. It is recommended to -use Slides 18-20 instead, even when the primary jobs are the only ones supplying data. Slide 17 is -an alternative to slides 18-20. It has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Active Directory - - - 1.Groups > AD_StaleGroups - - **2.Users > AD_ServiceAccounts** - - 2.Users > AD_StaleUsers - - **2.Users > AD_UserToken** - - **3.Computers > AD_StaleComputers** - - 4.Group Policy > AD_CPassword - - 8.Domains > AD_DomainReplication - -- FileSystem - - - 0.Collection > 1-FSAA System Scans - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-FSAA Bulk Import - - 0.Collection > 2-SEEK Bulk Import - - **2.Direct Permissions > FS_DomainUserACLs** - - **3.Broken Inheritance > FS_BrokenInheritance** - - 4.Content > Stale > FS_StaleContent - - 7.Sensitive Data > FS_DLPResults - -- Windows - - - Authentication > SG_LSASettings - - Authentication > SG_WDigestSettings - - Privileged Accounts > Local Administrators > SG_LocalAdmins - - Privileged Accounts > Service Accounts > SG_ServiceAccounts - -## Additional Findings (FS, SharePoint, Box, Dropbox) Slide - -The Additional Findings (FS, SharePoint, Box, Dropbox) slide (Slide 18) has the following primary -job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- FileSystem - - - 0.Collection > 1-FSAA System Scans - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-FSAA Bulk Import - - 0.Collection > 2-SEEK Bulk Import - - **2.Direct Permissions > FS_DomainUserACLs** - - **3.Broken Inheritance > FS_BrokenInheritance** - - 4.Content > Stale > FS_StaleContent - - 7.Sensitive Data > FS_DLPResults - -Data is also supplied by the following jobs when they have been executed: - -- Box - - - 0.Collection > 1-Box_Access Scans - - 0.Collection > 2-Box_Import - -- Dropbox - - - 0.Collection > 1-Dropbox_SDD Scan - - 0.Collection > 2-Dropbox_SDD Bulk Import - - **1.Access > Dropbox_Access** - -- SharePoint - - - 0.Collection > 2-SPAA_SystemScans - - 0.Collection > 5-SPAA_BulkImport - - **2.High Risk Sites > SP_AnonymousSharing** - - 2.High Risk Sites > SP_OpenAccess - - **3.Broken Inheritance > SP_BrokenInheritance** - - 4.Content > SP_StaleFiles - - 7.Sensitive Data > SP_SensitiveData - -## Additional Findings (Exchange, Databases) Slide - -The Additional Findings (Exchange, Databases) slide (Slide 19) has the following primary job -dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -Data is also supplied by the following jobs when they have been executed: - -- Databases - - - 0.Collection > Oracle > 0-Oracle_Servers - - 0.Collection > Oracle > 1-Oracle_PermissionsScan - - 0.Collection > Oracle > 2-Oracle_SensitiveDataScan - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - 0.Collection > SQL > 2-SQL_SensitiveDataScan - - **Oracle > 1. Users and Roles > Oracle_PasswordIssues** - - Oracle > 3.Permissions > Oracle_PublicPermissions - - **Oracle > 4. Configuration > Oracle_DataDictionaryProtection** - - **Oracle > 4. Configuration > Oracle_InstanceNameIssues** - - **Oracle > 4. Configuration > Oracle_RemoteOSAuthentication** - - Oracle > 5.Sensitive Data > Oracle_SensitiveData - - **SQL > 1. Users and Roles > SQL_PasswordIssues** - - SQL > 3.Permissions > SQL_PublicPermissions - - **SQL > 4.Configuration > SQL_Authentication** - - **SQL > 4. Configuration > SQL_BestPractices** - - **SQL > 4.Configuration > SQL_CMDShell** - - SQL > 5.Sensitive Data > SQL_SensitiveData - -- Exchange - - - 4. Mailboxes > Permissions > 0. Collection > EX_Delegates - - 4. Mailboxes > Permissions > 0. Collection > EX_MBRights - - 4. Mailboxes > Permissions > 0. Collection > EX_Perms - - 4. Mailboxes > Permissions > 0. Collection > EX_SendAs - - **4. Mailboxes > Permissions > EX_AdminGroups** - - 4. Mailboxes > Permissions > EX_MailboxAccess - - **4. Mailboxes > Sizing > EX_StaleMailboxes** - - 5. Public Folders > Content > Collection > PF_ContentScans - - 5. Public Folders > Permissions > Collection > PF_EntitlementScans - - 7. Sensitive Data > 0.Collection > EX_Mailbox_SDD - - 7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD - - 7. Sensitive Data > EX_SDDResults - -## Additional Findings (AD, Windows OS) Slide - -The Additional Findings (AD, Windows OS) slide (Slide 20) has the following primary job -dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Active Directory - - - 1.Groups > AD_StaleGroups - - **2.Users > AD_ServiceAccounts** - - 2.Users > AD_StaleUsers - - **2.Users > AD_UserToken** - - **3.Computers > AD_StaleComputers** - - 4.Group Policy > AD_CPassword - - 8.Domains > AD_DomainReplication - -- Windows - - - Authentication > SG_LSASettings - - Authentication > SG_WDigestSettings - - Privileged Accounts > Local Administrators > SG_LocalAdmins - -## Product Portfolio Slide - -The Product Portfolio slide (Slide 21) has no data points. - -## Path To Success Slide - -The Path To Success slide (Slide 22) has no data points. - -## Netwrix Slide - -The Netwrix slide (Slide 23) has no data points. - -## Thank You Slide - -The Thank You slide (Slide 24) has no data points. - -## Executive Summary: ePHI Security Assessment Slide - -The Executive Summary: ePHI Security Assessment slide (Slide 25) has no data points. - -## Netwrix ePHI Security Assessment Slide - -The Netwrix ePHI Security Assessment slide (Slide 26) has no data points. - -## ePHI Data Slide - -The ePHI Data slide (Slide 27) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- FileSystem - - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-SEEK Bulk Import - - **0.Collection > 3-FSAA-Exceptions** - - 7.Sensitive Data > FS_DLPResults - -Data is also supplied by the following jobs when they have been executed: - -- AWS - - - 0.Collection > 1.AWS_OrgScan - - 0.Collection > 4.AWS_S3SDDScan - - 8.S3 Sensitive Data > AWS_SensitiveData - -- Box - - - 0.Collection > 1-Box_Access Scans - - 0.Collection > 2-Box_Import - -- Databases - - - 0.Collection > Oracle > 0-Oracle_Servers - - 0.Collection > Oracle > 1-Oracle_PermissionsScan - - 0.Collection > Oracle > 2-Oracle_SensitiveDataScan - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - 0.Collection > SQL > 2-SQL_SensitiveDataScan - - Oracle > 3.Permissions > Oracle_PublicPermissions - - Oracle > 5.Sensitive Data > Oracle_SensitiveData - - SQL > 3.Permissions > SQL_PublicPermissions - - SQL > 5.Sensitive Data > SQL_SensitiveData - -- Dropbox - - - 0.Collection > 1-Dropbox_SDD Scan - - 0.Collection > 2-Dropbox_SDD Bulk Import - - 5.Sensitive Data > Dropbox_SensitiveData - -- Exchange - - - 7. Sensitive Data > 0.Collection > EX_Mailbox_SDD - - 7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD - - 7. Sensitive Data > SDDResults - - 4. Mailboxes > Permissions > 0. Collection > EX_Delegates - - 4. Mailboxes > Permissions > 0. Collection > EX_MBRights - - 4. Mailboxes > Permissions > 0. Collection > EX_Perms - - 4. Mailboxes > Permissions > 0. Collection > EX_SendAs - - 4. Mailboxes > Permissions > EX_MailboxAccess - -- SharePoint - - - 0.Collection > 1-SPSEEK_SystemScans - - 0.Collection > 4-SPSEEK_BulkImport - - **0.Collection > 7-SPAA_Exceptions** - - 6.Sensitive Data > SP_SensitiveData - -## Condition: Stale Data Slide - -The Condition: Stale Data slide (Slide 28) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- FileSystem - - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-SEEK Bulk Import - - 7.Sensitive Data > FS_DLPResults - -Data is also supplied by the following jobs when they have been executed: - -- Dropbox - - - 0.Collection > 1-Dropbox_SDD Scan - - 0.Collection > 2-Dropbox_SDD Bulk Import - - 5.Sensitive Data > Dropbox_SensitiveData - -- SharePoint - - - 0.Collection > 1-SPSEEK_SystemScans - - 0.Collection > 4-SPSEEK_BulkImport - - 6.Sensitive Data > SP_SensitiveData - -## AD Security Assessment Slide - -The AD Security Assessment slide (Slide 29) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - - 3-AD_Exceptions - -- Active Directory - - - 1.Groups > AD_SensitiveSecurityGroups - - 2.Users > AD_WeakPasswords - - 2.Users > AD_PasswordStatus - - 4.Group Policy > AD_CPassword - -- Active Directory Permissions Analyzer - - - 1.Users > AD_ResetPasswordPermissions - - 2.Groups > AD_GroupMembershipPermissions - - 8.Domains > AD_DomainReplication - -## Windows: Security Assessment Slide - -The Windows: Security Assessment slide (Slide 30) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Windows - - - Authentication > SG_LSASettings - - Authentication > SG_WDigestSettings - - Privileged Accounts > Local Administrators > SG_LocalAdmins - - Privileged Accounts > Service Accounts > SG_ServiceAccounts - -## Shadow Access Rights to ePHI Data Slide - -The Shadow Access Rights to ePHI Data slide (Slide 31) has the following primary job dependencies: - -- .Active Directory Inventory - - - 1-AD_Scan - -- Active Directory - - - 1.Groups > AD_SensitiveSecurityGroups - - 2.Users > AD_WeakPasswords - -- Active Directory Permissions Analyzer - - - 0.Collection > AD_ComputerRights - - 0.Collection > AD_ContainerRights - - 0.Collection > AD_DomainRights - - 0.Collection > AD_GroupRights - - 0.Collection > AD_OURights - - 0.Collection > AD_SiteRights - - 0.Collection > AD_UserRights - - 1.Users > AD_ResetPasswordPermissions - - 2.Groups > AD_GroupMembershipPermissions - - 7.Containers > AD_AdminSDHolder - - 8.Domains > AD_DomainReplication - -- FileSystem - - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-SEEK Bulk Import - - 7.Sensitive Data > FS_DLPResults - -- Windows - - - Privileged Accounts > Local Administrators > SG_LocalAdmins - - Privileged Accounts > Local Administrators > SG_Sessions - -Data is also supplied by the following jobs when they have been executed: - -- Databases - - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - 0.Collection > SQL > 2-SQL_SensitiveDataScan - - SQL > 5.Sensitive Data > SQL_SensitiveData diff --git a/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md b/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md deleted file mode 100644 index a70f200ad4..0000000000 --- a/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md +++ /dev/null @@ -1,287 +0,0 @@ -# Configuration Pane - -Use the configuration pane to view sub-criteria information for System Criteria and to view, add, -edit, and remove sub-criteria information for User Criteria. - -![Configuration Pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp) - -The information in the configuration pane changes based on the criteria currently selected in the -navigation pane. - -![Options at the top of the configuration pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp) - -The options at the top of the Configuration Pane are: - -**NOTE:** Configuration settings for System Criteria cannot be modified. - -- Navigation Path – Displays information on the current location within the Sensitive Data Criteria - Editor -- Name – Name of the criteria as it is shown in the navigation pane -- Test Criteria Button – Opens the Criteria Tester window to test current criteria configurations. - See the [Criteria Tester Window](#criteria-tester-window) topic for additional information. -- Confidence Level – Displays the current confidence level which indicates how accurate a match is - for a criteria - - - The confidence level is reported on a scale from 0 - 100. The closer the number is to 100, the - more accurate a match is for a criteria. - -- Risk Score – Displays the general level of risk a criteria represents when found in a file that is - not properly secured - - - The risk score can be set to **Low**, **Medium**, or **High** - - Click the **Risk Score** button to change the risk score for user-configured criteria - -- Required matched criteria list – Lists the sub-criteria configured for the currently selected - top-level criteria in the navigation pane. The columns in the table are: - - - Name – Name of the sub-criteria - - Type – Type of sub-criteria: **Keywords**, **Regex**, or **Summary** - - Content – Values associated with the sub-criteria - - Minimum Matches – Minimum number of match hits required for a sub-criteria match hit - - Match Type – Displays whether the sub-criteria **Must match** or **Must not match** - -![Options at the bottom of the configuration pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp) - -The options at the bottom of the configuration pane are: - -**NOTE:** Configuration settings for System Criteria cannot be modified. - -- Add – Add a sub-criteria to the required matched criteria list. The three types of sub-criteria - that can be added are **Keyword**, **Pattern**, and **Summary**. See the following topics for - additional information: - - - [Keyword Criteria](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - - [Regular Expression (Pattern) Criteria](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - - [Summary Criteria](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - -- Remove – Remove sub-criteria from the Required matched sub-criteria list -- Edit – Edit the currently selected sub-criteria -- Must match at least this many criteria – Adjust the slider to configure how many sub-criteria must - be matched for the sensitive data criteria to be reported - - - The minimum value is 1 - - The maximum value is the number of sensitive data sub-criteria that has been added to the - required matched criteria list - - **CAUTION:** The character distance feature does not account for summaries that are nested - within other summaries. - -- Matches should be within this proximity of characters – Match hits for this criteria should be - within this many characters of one another in order for there to be a match. Adjust the slider to - set the default character distance required for match hits. - - - The minimum value is 0 - - The maximum value is 200 - - Using this feature requires any combination of two or more Regular Expression (Pattern) and - Keyword sub-criteria - -- Include keywords as part of match hits – Select this option to enable the inclusion of keywords as - part of match hits. This option determines whether a match found based on a Keyword Criteria is - reported as a match hit. When this option is selected, any matches found for a word in the Keyword - list is reported as match hit. If this option is not selected, then only matches found based on - Pattern or child Summary Criteria are reported as a match hit. -- Metadata for this criteria – Click the green plus (**+**) button to add a new metadata type for - the criteria. Delete a metadata type by clicking the **X** button in the gray metadata tag. - - - For a list of available out-of-the-box metadata tags, see the - [Default Metadata Tag Values](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/metadata-tags.md) - topic for additional information - -- Cancel – Exit the Sensitive Data Criteria Editor without saving changes -- Save – Save changes made to the current criteria - -## Criteria Tester Window - -Use the Criteria Tester window to test current criteria configurations. - -![Criteria Tester window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatester.webp) - -The options in the Criteria Tester are: - -- Use the following sample text – Enter sample text to test against current configured criteria in - the **Use the following sample text** textbox -- Use the following file – Click **Browse** to import a file as sample text to test against - currently configured criteria -- Test Data – Click **Test Data** to test the sample text against currently configured criteria. - Match hits show in the **Test Results** section. -- Test Results – Displays match hits for the sample text typed into the text box. The two tabs under - Test Results are: - - - Criteria – Displays the specific criteria for which the sample text is considered a match - - Matched Data – Displays the sample text that was matched for the configured criteria - -# Keyword Criteria - -Keyword criteria consists of a list of comma-separated words. If any word in the list is found in -the file, it is considered a hit. - -![Keywords window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp) - -The options on the Keywords window are: - -- Name – Name of the keyword sub-criteria as it appears in the Configuration window -- Add Keyword – Add a keyword to the Value list -- Remove Keyword – Remove a selected keyword from the Value list -- Import Keyword File – Import keywords from a file -- Export Keyword File – Export keywords as a file -- Match Type – Choose whether keyword matches for the Keyword criteria **Must match** or **Must not - match** -- Case Sensitive Keywords – If enabled, checks letter case when matching keywords -- Count only distinct occurrences – Select the checkbox to enable only distinct occurrences to be - counted during scan jobs -- Apply these keywords to these file components – Select which file components the keywords apply - to: - - - Name - - Contents - - Metadata - -- Look for at least this many occurrences – Adjust the slider to configure how many occurrences are - required for keyword criteria to match - - - The minimum value is 1 - - The maximum value is 10 - -# Regular Expression (Pattern) Criteria - -Regular Expression criteria are a set of pattern matching rules that provide a concise and flexible -means for matching strings of text. This criteria type can be used to verify a series of numbers as -potentially valid, for example credit card numbers. - -![Regular Expression window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp) - -The options on the Regular Expression window are: - -- Name – Name of the Regular Expression sub-criteria as it appears in the Configuration window -- Expression – Enter the Regular Expression in the Expression text box -- Case Sensitive Expression – Select the checkbox for case sensitive Regular Expression pattern - matching -- Validation – Select a validation method from the Validation drop-down. The default value is **No - validation required**. - - **NOTE:** See the - [Sensitive Data System Criteria](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/system-criteria.md) - topic for additional information on validation methods. - -- Sample Value – Text entered into the Sample Value text box is used to test pattern matches for the - expression in the Expression text box -- Test Match – Click **Test Match** to test the expression entered in the Expression text box - against the text in the Sample Value text box -- Match Type – Choose whether pattern matches for the Regular Expression criteria **Must match** or - **Must not match** - - - Must match – The Regular Expression must be matched for there to be a match - - Must not match – If the Regular Expression is matched and is designated **Must not match**, - then the potential match is invalidated - -- Apply this expression to these file components – Select which file components the expression - applies to: - - - Name - - Contents - - Metadata - -- Look for at least this many occurrences – Adjust the slider to configure how many occurrences are - required for a match hit - - - The minimum value is 1 - - The maximum value is 10 - -# Summary Criteria - -Summary criteria are designed as a way of combining Regular Expression (Pattern) criteria and -Keyword criteria. - -![Edit new Summary criteria](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp) - -Click **Add** and select **Summary** to add a new Summary criteria to the Required matched criteria -list. Select the new criteria and click **Edit** to configure the new Summary criteria. - -![Summary criteria configuration page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp) - -The options on the Summary criteria configuration page are: - -- Name – Name of the Summary sub-criteria -- Test Criteria – Opens the Criteria Tester window to test current Summary criteria configurations. - See the - [Criteria Tester Window](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md#criteria-tester-window) topic - for additional information. -- Required matched criteria – Lists sub-criteria configured for currently selected criteria in the - navigation pane. The columns in the table are: - - - Name – Name of the sub-criteria - - Type – Type of sub-criteria (**Keyword**, **Regex**, or **Summary**) - - Content – Values associated with sub-criteria - - Minimum Matches – Minimum matches required for a match hit - - Match Type – Displays whether the sub-criteria **Must match** or **Must not match** - -- Add – Add a sub-criteria to the required matched criteria list. The three types of sub-criteria - that can be added are **Keyword**, **Pattern**, and **Summary**. -- Remove – Remove the selected sub-criteria from the Required matched criteria list -- Edit – Edit the currently selected sub-criteria -- Match Type – Choose whether match hits for the Summary criteria **Must match** or **Must not - match** -- Must match at least this many criteria – Adjust the slider to configure how many sub-criteria must - be matched for the top-level criteria to be considered a match - - - The minimum value is 1 - - The maximum value is the number of sensitive data sub-criteria that has been added to the - Required matched criteria list - -**CAUTION:** The character distance feature does not account for summaries that are nested within -other summaries. - -- Matches should be within this proximity of characters – Adjust the slider to set the default - character distance required for match hits - - - The minimum value is 0 - - The maximum value is 200 - - Using this feature requires any combination of two or more Regular Expression (Pattern) and - Keyword sub-criteria - -- Include keywords as part of match hits – Select this checkbox to enable the inclusion of keywords - as part of match hits -- Cancel – Exit the Sensitive Data Criteria Editor without saving changes -- Save – Save changes made to the currently selected criteria - -# Sensitive Data Criteria Editor - -The Sensitive Data Criteria Editor is accessed from the Criteria Tab in the -**Settings** > **Sensitive Data** node. Use the Sensitive Data Criteria Editor to view pre-defined -criteria and to customize or create user-defined criteria. Sensitive Data Criteria can be configured -in individual data collectors that use the Sensitive Data Discovery Add-On or can be configured to -inherit Sensitive Data Criteria settings from the **Settings** > **Sensitive Data** node. See the -[Sensitive Data](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) -topic for additional information. - -![Sensitive Data Criteria Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp) - -The Sensitive Data Criteria Editor contains two sections: - -- Navigation pane – User-configured criteria can be added and removed in the navigation pane using - the Add or Remove options. See the [Navigation Pane](#navigation-pane) topic for additional - information. -- Configuration pane – Displays configured settings for the currently selected criteria in the - navigation pane. See the - [Configuration Pane](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information. - -## Navigation Pane - -The navigation pane lists all user-created and pre-configured Sensitive Data criteria. - -![Navigation Pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/navigationpane.webp) - -The options in the Navigation Pane are: - -- Add Criteria – Adds a new criteria under the User Criteria list -- Remove Criteria – Removes a user-created criteria from the User Criteria list -- User Criteria – Lists all user-created criteria -- System Criteria – Lists all pre-configured criteria. For a list of pre-configured System Criteria, - see the - [Sensitive Data System Criteria](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/system-criteria.md) - topic for additional information. - - - System Criteria cannot be modified or removed. To use existing System Criteria configurations - in a User Criteria, right-click on a System Criteria and select **Duplicate** from the - right-click menu. A configurable copy of the System Criteria appears under User Criteria. diff --git a/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/supported-formats.md b/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/supported-formats.md deleted file mode 100644 index d3c8d734d0..0000000000 --- a/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/supported-formats.md +++ /dev/null @@ -1,188 +0,0 @@ -# Supported Formats for Scanning & Metadata - -This topic provides a comprehensive listing of all formats supported by the Sensitive Data Discovery -Add-On. The list is divided into three major categories: - -- [Scan-able Formats](#scan-able-formats) -- [Metadata Only Formats](#metadata-only-formats) -- [Scans Against Files with no Extensions](#scans-against-files-with-no-extensions) - -## Scan-able Formats - -The Sensitive Data Discovery Add-On can identify any file type, extract text, and extract metadata -from the following formats. It will also identify file types and extract metadata of any -attachments. If the attachment’s file type is a scan-able format, then it can extract text from the -attachment as well. - -### Archive - -| Document Format | Extension | -| --------------------------- | ----------------- | -| 7-zip Archive | .7Z | -| Bzip 2 UNIX Compressed File | .BOZ, .BZ2, .TBZ2 | -| Bzip UNIX Compressed File | .BZ, .TBZ | -| Gzip Compressed Archive | .GZ, .TGZ | -| Java Archive | .JAR | -| UNIX AR Archive | .A, .AR | -| UNIX CPIO Archive | .CPIO | -| UNIX Tar | .TAR | -| XZ Compression Archive | .XZ | -| Zip Archive | .ZIP | - -### Database - -| Database | Data Type | -| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| MYSQL | BIGINT, BINARY, BIT, BLOB, CHAR, DATE, DATETIME, DECIMAL, DOUBLE, ENUM, FLOAT, INT, INTEGER, JSON, LONGBLOB, LONGTEXT, MEDIUMBLOB, MEDIUMINT, MEDIUMTEXT, NCHAR, NUMERIC, NVARCHAR, SET, SMALLINT, TEXT, TIME, TIMESTAMP, TINYBLOB, TINYINT, TINYTEXT, VARBINARY, VARCHAR, YEAR | -| Oracle | ANSISTRING, ANSISTRINGFIXEDLENGTH, BFILE, BLOB, CHAR, CLOB, DATE, DATETIME, DECIMAL, DOUBLE, FLOAT, INT, INT16, INT32, INT64, INTERVALDS, INTERVALYM, LONG, LONGRAW, NCHAR, NCLOB, NUMBER, NVARCHAR2, RAW, SBYTE, SINGLE, STRING, System.String, TIMESTAMP, TIMESTAMPLTZ, VARCHAR2, VARNUMERIC, XMLTYPE | -| PostgreSQL | BIGINT, BIT, BOOLEAN, BYTEA, CHAR, CHARACTER, CHARACTER VARYING, DATE, DOUBLE PRECISION, ENUM, INTEGER, JSON, JSONB, MONEY, NUMERIC, REAL, SERIAL, SMALLINT, SMALLSERIAL, TEST, TEXT, TIMESTAMP, TIME, VARBIT, XML | -| SQL | TEXT, DATE, TIME, DATETIME2, TINYINT, SMALLINT, INT, SMALLDATETIME, REAL, MONEY, DATETIME, FLOAT, NTEXT, DECIMAL, NUMERIC, SMALLMONEY, BIGINT, VARBINARY, VARCHAR, BINARY, CHAR, NVARCHAR, NCHAR, XML, SYSNAME | - -### Document - -| Document Format | Extension | -| -------------------------------------------------- | -------------------------------------- | -| Apple iWork Pages | .PAGES | -| Microsoft Publisher | .PUB | -| Microsoft Word Document / Office Open XML Document | .DOC, .DOCM, .DOCX, .DOT, .DOTM, .DOTX | -| OpenDocument: Text Document | .ODT, .OTH, .OTM, .OTT | -| OpenOffice: Writer Document | .SXW | -| Portable Document Format | .PDF | - -### Email & Messaging - -| Document Format | Extension | -| ---------------------------------------------- | ------------------------ | -| Email Message / Microsoft Outlook Message | .EML, .MBOX, .MIME, .MSG | -| Microsoft Outlook Personal Folders File Format | .OST, .PST | - -### Other - -| Document Format | Extension | -| --------------------------------------------------------------- | ------------------------------------------------- | -| Adobe Font Metric | .ACFM, .AFM, .AMFM | -| Apple iBooks Author Publication Format | .IBOOKS | -| C/C++ Object File | .O | -| C/C++ Shared Library/Object | .SO | -| Core Dump | .DMP | -| Electronic Publication | .EPUB | -| Executable and Linkable Format | .AXF, .BIN, .ELF, .KO, .MOD, .O, .PRX, .PUFF, .SO | -| Hierarchical Data Format File | .H5, .HDF, .HE5 | -| Java Class File | .CLASS | -| MATLAB Binary Data Container | .MAT | -| Microsoft Project | .MPP, .MPT | -| NetCDF (Network Common Data Form) | .NC | -| S/MIME (Secure/Multipurpose Internet Mail Extensions) | .P7C, .P7M | -| S/MIME (Secure/Multipurpose Internet Mail Extensions) Signature | .P7S | -| Transport Neutral Encapsulation Format | .TNEF | -| TrueType Font | .TTC, .TTF | - -### Presentation - -| Document Format | Extension | -| --------------------------------------------------- | ----------------------------------------------------------------------------- | -| Apple iWork Keynote | .KEY | -| Microsoft PowerPoint / Office Open XML Presentation | .PPA, .PPS, .PPT, .PPZ, .PPAM, .PPSM, .PPSX, .PPTM, .PPTX, .POT, .POTX, .THMX | -| OpenDocument: Presentation Document | .ODP, .OTP | - -### Raster Image - -| Document Format | Extension | -| --------------------------------------- | ------------------------------------ | -| Graphics Interchange Format (GIF) | .GIF, .GIFF | -| Joint Photographic Experts Group (JPEG) | .JFI, .JFIF, .JIF, .JPE, .JPEG, .JPG | -| Microsoft Windows Bitmap | .BMP, .DIB | -| Portable Network Graphic | .webp | -| Tagged Image File Format | .TIF, .TIFF | - -**NOTE:** The **FileSystem** > **0.Collection** > **1-SEEK System Scans** job can perform Optical -Character Recognition (OCR) scans for Raster image files by enabling the option on the SDD Audit -Settings page in the File System Access Auditor Data Collector Wizard. This is an option for the -Sensitive Data Scan category. See the -[1-SEEK System Scans Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -topic for additional information. - -### Spreadsheet - -| Document Format | Extension | -| -------------------------------------- | --------------------------------------------------------------------------------------- | -| Apple iWork Numbers | .NUMBERS | -| Microsoft Excel Spreadsheet | .XLA, .XLC, .XLD, .XLL, .XLM, .XLR, .XLS, .XLT, .XLW, .XLAM, .XLSM, .XLSX, .XLTM, .XLTX | -| OpenDocument: Chart / Formula Document | .ODC, .ODF, .ODFT, .ODS, .OTC, .OTS | - -### Text & Markup - -| Document Format | Extension | -| -------------------------------------------------------------- | ----------------------- | -| Active Server Pages (ASP) / ASP.NET | .ASP, .ASPX | -| American Newspaper Publishers Association Wire Feeds | .ANPA | -| Atom + XML | .ATOM | -| C++ Source Code | .C, .CC, .CPP, .CXX | -| Compiled HTML | .CHM | -| Extensible HyperText Markup Language | .XHT, .XHTML, .XHTML2 | -| Extensible Markup Language | .XML, .XSD, .XSL | -| FictionBook Document | .FB2 | -| Groovy Source Code | .GROOVY | -| HyperText Markup Language | .HTM, .HTML | -| Java Source Code | .JAVA | -| Microsoft HTML Help | .CHM | -| RDF Site Summary | .RSS | -| Rich Text Format | .RTF | -| Text File (Other) | .CSV, .TEXT, .TSV, .TXT | -| XHTML MP (eXtensible HyperText Markup Language Mobile Profile) | .HTM, .HTML, .XHTML | - -## Metadata Only Formats - -The Sensitive Data Discovery Add-On can identify file type and extract only metadata from images and -multimedia. The following file formats are supported as metadata only formats. - -### Image Files - -| Document Format | Extension | -| ------------------------------------------ | ----------------------- | -| Favicon | .GIF, .ICO, .JPG, .webp | -| GIMP eXperimental Computing Facility (XCF) | .XCF | -| OpenDocument: Graphics / Image Document | .ODG, .ODI, .OTG, .OTI | -| Wireless Bitmap File Format | .WBMP | - -### Vector Image - -| Document Format | Extension | -| ------------------------ | ------------------------- | -| AutoCad Drawing | .DWG | -| Microsoft Visio Diagram | .VSD, .VSS, .VST, .VSW | -| Photoshop Image | .PSD | -| Scalable Vector Graphics | .SVG, .SVGZ | -| SolidWorks CAD program | .SLDASM, .SLDDRW, .SLDPRT | - -## Scans Against Files with no Extensions - -Files with no extensions can be scanned by modifying the XML file for each job where this type of -scan is desired. Add the following line to the `PerScanExtraScanOptions` section of a job's XML -script: - -``` -true -``` - -This line must be added to a specific location within the XML script. See below: - -``` - - -    false -    2097152 -    false -    true -    0 -     -    100 -    0 -    0 -    true -    false - -``` - -Once this line has been added to the job's XML script and the XML file is saved, files with no -extensions are included in scans for the job. diff --git a/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configuration.md b/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configuration.md new file mode 100644 index 0000000000..c3ef2e2100 --- /dev/null +++ b/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configuration.md @@ -0,0 +1,111 @@ +# Configuration Pane + +Use the configuration pane to view sub-criteria information for System Criteria and to view, add, +edit, and remove sub-criteria information for User Criteria. + +![Configuration Pane](/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp) + +The information in the configuration pane changes based on the criteria currently selected in the +navigation pane. + +![Options at the top of the configuration pane](/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp) + +The options at the top of the Configuration Pane are: + +**NOTE:** Configuration settings for System Criteria cannot be modified. + +- Navigation Path – Displays information on the current location within the Sensitive Data Criteria + Editor +- Name – Name of the criteria as it is shown in the navigation pane +- Test Criteria Button – Opens the Criteria Tester window to test current criteria configurations. + See the [Criteria Tester Window](#criteria-tester-window) topic for additional information. +- Confidence Level – Displays the current confidence level which indicates how accurate a match is + for a criteria + + - The confidence level is reported on a scale from 0 - 100. The closer the number is to 100, the + more accurate a match is for a criteria. + +- Risk Score – Displays the general level of risk a criteria represents when found in a file that is + not properly secured + + - The risk score can be set to **Low**, **Medium**, or **High** + - Click the **Risk Score** button to change the risk score for user-configured criteria + +- Required matched criteria list – Lists the sub-criteria configured for the currently selected + top-level criteria in the navigation pane. The columns in the table are: + + - Name – Name of the sub-criteria + - Type – Type of sub-criteria: **Keywords**, **Regex**, or **Summary** + - Content – Values associated with the sub-criteria + - Minimum Matches – Minimum number of match hits required for a sub-criteria match hit + - Match Type – Displays whether the sub-criteria **Must match** or **Must not match** + +![Options at the bottom of the configuration pane](/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp) + +The options at the bottom of the configuration pane are: + +**NOTE:** Configuration settings for System Criteria cannot be modified. + +- Add – Add a sub-criteria to the required matched criteria list. The three types of sub-criteria + that can be added are **Keyword**, **Pattern**, and **Summary**. See the following topics for + additional information: + + - [Keyword Criteria](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/keyword.md) + - [Regular Expression (Pattern) Criteria](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.md) + - [Summary Criteria](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/summary.md) + +- Remove – Remove sub-criteria from the Required matched sub-criteria list +- Edit – Edit the currently selected sub-criteria +- Must match at least this many criteria – Adjust the slider to configure how many sub-criteria must + be matched for the sensitive data criteria to be reported + + - The minimum value is 1 + - The maximum value is the number of sensitive data sub-criteria that has been added to the + required matched criteria list + + **CAUTION:** The character distance feature does not account for summaries that are nested + within other summaries. + +- Matches should be within this proximity of characters – Match hits for this criteria should be + within this many characters of one another in order for there to be a match. Adjust the slider to + set the default character distance required for match hits. + + - The minimum value is 0 + - The maximum value is 200 + - Using this feature requires any combination of two or more Regular Expression (Pattern) and + Keyword sub-criteria + +- Include keywords as part of match hits – Select this option to enable the inclusion of keywords as + part of match hits. This option determines whether a match found based on a Keyword Criteria is + reported as a match hit. When this option is selected, any matches found for a word in the Keyword + list is reported as match hit. If this option is not selected, then only matches found based on + Pattern or child Summary Criteria are reported as a match hit. +- Metadata for this criteria – Click the green plus (**+**) button to add a new metadata type for + the criteria. Delete a metadata type by clicking the **X** button in the gray metadata tag. + + - For a list of available out-of-the-box metadata tags, see the + [Default Metadata Tag Values](/docs/accessanalyzer/11.6/sensitivedatadiscovery/metadatatags.md) + topic for additional information + +- Cancel – Exit the Sensitive Data Criteria Editor without saving changes +- Save – Save changes made to the current criteria + +## Criteria Tester Window + +Use the Criteria Tester window to test current criteria configurations. + +![Criteria Tester window](/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatester.webp) + +The options in the Criteria Tester are: + +- Use the following sample text – Enter sample text to test against current configured criteria in + the **Use the following sample text** textbox +- Use the following file – Click **Browse** to import a file as sample text to test against + currently configured criteria +- Test Data – Click **Test Data** to test the sample text against currently configured criteria. + Match hits show in the **Test Results** section. +- Test Results – Displays match hits for the sample text typed into the text box. The two tabs under + Test Results are: + + - Criteria – Displays the specific criteria for which the sample text is considered a match + - Matched Data – Displays the sample text that was matched for the configured criteria diff --git a/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/keyword.md b/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/keyword.md new file mode 100644 index 0000000000..214c601007 --- /dev/null +++ b/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/keyword.md @@ -0,0 +1,31 @@ +# Keyword Criteria + +Keyword criteria consists of a list of comma-separated words. If any word in the list is found in +the file, it is considered a hit. + +![Keywords window](/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp) + +The options on the Keywords window are: + +- Name – Name of the keyword sub-criteria as it appears in the Configuration window +- Add Keyword – Add a keyword to the Value list +- Remove Keyword – Remove a selected keyword from the Value list +- Import Keyword File – Import keywords from a file +- Export Keyword File – Export keywords as a file +- Match Type – Choose whether keyword matches for the Keyword criteria **Must match** or **Must not + match** +- Case Sensitive Keywords – If enabled, checks letter case when matching keywords +- Count only distinct occurrences – Select the checkbox to enable only distinct occurrences to be + counted during scan jobs +- Apply these keywords to these file components – Select which file components the keywords apply + to: + + - Name + - Contents + - Metadata + +- Look for at least this many occurrences – Adjust the slider to configure how many occurrences are + required for keyword criteria to match + + - The minimum value is 1 + - The maximum value is 10 diff --git a/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.md b/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.md new file mode 100644 index 0000000000..093f160b63 --- /dev/null +++ b/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.md @@ -0,0 +1,44 @@ +# Regular Expression (Pattern) Criteria + +Regular Expression criteria are a set of pattern matching rules that provide a concise and flexible +means for matching strings of text. This criteria type can be used to verify a series of numbers as +potentially valid, for example credit card numbers. + +![Regular Expression window](/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp) + +The options on the Regular Expression window are: + +- Name – Name of the Regular Expression sub-criteria as it appears in the Configuration window +- Expression – Enter the Regular Expression in the Expression text box +- Case Sensitive Expression – Select the checkbox for case sensitive Regular Expression pattern + matching +- Validation – Select a validation method from the Validation drop-down. The default value is **No + validation required**. + + **NOTE:** See the + [Sensitive Data System Criteria](/docs/accessanalyzer/11.6/sensitivedatadiscovery/systemcriteria.md) + topic for additional information on validation methods. + +- Sample Value – Text entered into the Sample Value text box is used to test pattern matches for the + expression in the Expression text box +- Test Match – Click **Test Match** to test the expression entered in the Expression text box + against the text in the Sample Value text box +- Match Type – Choose whether pattern matches for the Regular Expression criteria **Must match** or + **Must not match** + + - Must match – The Regular Expression must be matched for there to be a match + - Must not match – If the Regular Expression is matched and is designated **Must not match**, + then the potential match is invalidated + +- Apply this expression to these file components – Select which file components the expression + applies to: + + - Name + - Contents + - Metadata + +- Look for at least this many occurrences – Adjust the slider to configure how many occurrences are + required for a match hit + + - The minimum value is 1 + - The maximum value is 10 diff --git a/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/summary.md b/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/summary.md new file mode 100644 index 0000000000..a7d58b2df4 --- /dev/null +++ b/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/summary.md @@ -0,0 +1,56 @@ +# Summary Criteria + +Summary criteria are designed as a way of combining Regular Expression (Pattern) criteria and +Keyword criteria. + +![Edit new Summary criteria](/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp) + +Click **Add** and select **Summary** to add a new Summary criteria to the Required matched criteria +list. Select the new criteria and click **Edit** to configure the new Summary criteria. + +![Summary criteria configuration page](/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp) + +The options on the Summary criteria configuration page are: + +- Name – Name of the Summary sub-criteria +- Test Criteria – Opens the Criteria Tester window to test current Summary criteria configurations. + See the + [Criteria Tester Window](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configuration.md#criteria-tester-window) topic + for additional information. +- Required matched criteria – Lists sub-criteria configured for currently selected criteria in the + navigation pane. The columns in the table are: + + - Name – Name of the sub-criteria + - Type – Type of sub-criteria (**Keyword**, **Regex**, or **Summary**) + - Content – Values associated with sub-criteria + - Minimum Matches – Minimum matches required for a match hit + - Match Type – Displays whether the sub-criteria **Must match** or **Must not match** + +- Add – Add a sub-criteria to the required matched criteria list. The three types of sub-criteria + that can be added are **Keyword**, **Pattern**, and **Summary**. +- Remove – Remove the selected sub-criteria from the Required matched criteria list +- Edit – Edit the currently selected sub-criteria +- Match Type – Choose whether match hits for the Summary criteria **Must match** or **Must not + match** +- Must match at least this many criteria – Adjust the slider to configure how many sub-criteria must + be matched for the top-level criteria to be considered a match + + - The minimum value is 1 + - The maximum value is the number of sensitive data sub-criteria that has been added to the + Required matched criteria list + +**CAUTION:** The character distance feature does not account for summaries that are nested within +other summaries. + +- Matches should be within this proximity of characters – Adjust the slider to set the default + character distance required for match hits + + - The minimum value is 0 + - The maximum value is 200 + - Using this feature requires any combination of two or more Regular Expression (Pattern) and + Keyword sub-criteria + +- Include keywords as part of match hits – Select this checkbox to enable the inclusion of keywords + as part of match hits +- Cancel – Exit the Sensitive Data Criteria Editor without saving changes +- Save – Save changes made to the currently selected criteria diff --git a/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md b/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md new file mode 100644 index 0000000000..3ad1d1c02a --- /dev/null +++ b/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md @@ -0,0 +1,41 @@ +# Sensitive Data Criteria Editor + +The Sensitive Data Criteria Editor is accessed from the Criteria Tab in the +**Settings** > **Sensitive Data** node. Use the Sensitive Data Criteria Editor to view pre-defined +criteria and to customize or create user-defined criteria. Sensitive Data Criteria can be configured +in individual data collectors that use the Sensitive Data Discovery Add-On or can be configured to +inherit Sensitive Data Criteria settings from the **Settings** > **Sensitive Data** node. See the +[Sensitive Data](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md) +topic for additional information. + +![Sensitive Data Criteria Editor](/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp) + +The Sensitive Data Criteria Editor contains two sections: + +- Navigation pane – User-configured criteria can be added and removed in the navigation pane using + the Add or Remove options. See the [Navigation Pane](#navigation-pane) topic for additional + information. +- Configuration pane – Displays configured settings for the currently selected criteria in the + navigation pane. See the + [Configuration Pane](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configuration.md) + topic for additional information. + +## Navigation Pane + +The navigation pane lists all user-created and pre-configured Sensitive Data criteria. + +![Navigation Pane](/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/navigationpane.webp) + +The options in the Navigation Pane are: + +- Add Criteria – Adds a new criteria under the User Criteria list +- Remove Criteria – Removes a user-created criteria from the User Criteria list +- User Criteria – Lists all user-created criteria +- System Criteria – Lists all pre-configured criteria. For a list of pre-configured System Criteria, + see the + [Sensitive Data System Criteria](/docs/accessanalyzer/11.6/sensitivedatadiscovery/systemcriteria.md) + topic for additional information. + + - System Criteria cannot be modified or removed. To use existing System Criteria configurations + in a User Criteria, right-click on a System Criteria and select **Duplicate** from the + right-click menu. A configurable copy of the System Criteria appears under User Criteria. diff --git a/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/exempted-extensions.md b/docs/accessanalyzer/11.6/sensitivedatadiscovery/exemptedfileextensions.md similarity index 100% rename from docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/exempted-extensions.md rename to docs/accessanalyzer/11.6/sensitivedatadiscovery/exemptedfileextensions.md diff --git a/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/metadata-tags.md b/docs/accessanalyzer/11.6/sensitivedatadiscovery/metadatatags.md similarity index 100% rename from docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/metadata-tags.md rename to docs/accessanalyzer/11.6/sensitivedatadiscovery/metadatatags.md diff --git a/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md b/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md new file mode 100644 index 0000000000..87310dd9a3 --- /dev/null +++ b/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md @@ -0,0 +1,44 @@ +# Sensitive Data Discovery Add-On + +The Sensitive Data Discovery Add-On allows Enterprise Auditor to scan file content for matches to +the sensitive data criteria. There are several pre-defined criteria, but you can also customize +existing criteria or create new criteria. + +The Sensitive Data Discovery Add-on can be used with any of the following Enterprise Auditor +solutions: + +- AWS Solution +- Dropbox Solution +- Database Solutions + + - Azure SQL Solution + - Db2 Solution + - MongoDB Solution + - MySQL Solution + - Oracle Solution + - PostgreSQL Solution + - Redshift Solution + - SQL Solution + +- Exchange Solution – Only with specific data collectors: + + - EWSMailbox Data Collector + - EWSPublicFolder Data Collector + - ExchangeMailbox Data Collector + +- File System Solution +- SharePoint Solution + +**NOTE:** Changes made in the Sensitive Data Criteria Editor are global for Sensitive Data Discovery +in Enterprise Auditor. In other words, any changes to criteria affects all solutions using the +Sensitive Data Discovery Add-on. + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for installation information and prerequisites. diff --git a/docs/accessanalyzer/11.6/sensitivedatadiscovery/supportedformats.md b/docs/accessanalyzer/11.6/sensitivedatadiscovery/supportedformats.md new file mode 100644 index 0000000000..2c4aa3ed6d --- /dev/null +++ b/docs/accessanalyzer/11.6/sensitivedatadiscovery/supportedformats.md @@ -0,0 +1,188 @@ +# Supported Formats for Scanning & Metadata + +This topic provides a comprehensive listing of all formats supported by the Sensitive Data Discovery +Add-On. The list is divided into three major categories: + +- [Scan-able Formats](#scan-able-formats) +- [Metadata Only Formats](#metadata-only-formats) +- [Scans Against Files with no Extensions](#scans-against-files-with-no-extensions) + +## Scan-able Formats + +The Sensitive Data Discovery Add-On can identify any file type, extract text, and extract metadata +from the following formats. It will also identify file types and extract metadata of any +attachments. If the attachment’s file type is a scan-able format, then it can extract text from the +attachment as well. + +### Archive + +| Document Format | Extension | +| --------------------------- | ----------------- | +| 7-zip Archive | .7Z | +| Bzip 2 UNIX Compressed File | .BOZ, .BZ2, .TBZ2 | +| Bzip UNIX Compressed File | .BZ, .TBZ | +| Gzip Compressed Archive | .GZ, .TGZ | +| Java Archive | .JAR | +| UNIX AR Archive | .A, .AR | +| UNIX CPIO Archive | .CPIO | +| UNIX Tar | .TAR | +| XZ Compression Archive | .XZ | +| Zip Archive | .ZIP | + +### Database + +| Database | Data Type | +| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| MYSQL | BIGINT, BINARY, BIT, BLOB, CHAR, DATE, DATETIME, DECIMAL, DOUBLE, ENUM, FLOAT, INT, INTEGER, JSON, LONGBLOB, LONGTEXT, MEDIUMBLOB, MEDIUMINT, MEDIUMTEXT, NCHAR, NUMERIC, NVARCHAR, SET, SMALLINT, TEXT, TIME, TIMESTAMP, TINYBLOB, TINYINT, TINYTEXT, VARBINARY, VARCHAR, YEAR | +| Oracle | ANSISTRING, ANSISTRINGFIXEDLENGTH, BFILE, BLOB, CHAR, CLOB, DATE, DATETIME, DECIMAL, DOUBLE, FLOAT, INT, INT16, INT32, INT64, INTERVALDS, INTERVALYM, LONG, LONGRAW, NCHAR, NCLOB, NUMBER, NVARCHAR2, RAW, SBYTE, SINGLE, STRING, System.String, TIMESTAMP, TIMESTAMPLTZ, VARCHAR2, VARNUMERIC, XMLTYPE | +| PostgreSQL | BIGINT, BIT, BOOLEAN, BYTEA, CHAR, CHARACTER, CHARACTER VARYING, DATE, DOUBLE PRECISION, ENUM, INTEGER, JSON, JSONB, MONEY, NUMERIC, REAL, SERIAL, SMALLINT, SMALLSERIAL, TEST, TEXT, TIMESTAMP, TIME, VARBIT, XML | +| SQL | TEXT, DATE, TIME, DATETIME2, TINYINT, SMALLINT, INT, SMALLDATETIME, REAL, MONEY, DATETIME, FLOAT, NTEXT, DECIMAL, NUMERIC, SMALLMONEY, BIGINT, VARBINARY, VARCHAR, BINARY, CHAR, NVARCHAR, NCHAR, XML, SYSNAME | + +### Document + +| Document Format | Extension | +| -------------------------------------------------- | -------------------------------------- | +| Apple iWork Pages | .PAGES | +| Microsoft Publisher | .PUB | +| Microsoft Word Document / Office Open XML Document | .DOC, .DOCM, .DOCX, .DOT, .DOTM, .DOTX | +| OpenDocument: Text Document | .ODT, .OTH, .OTM, .OTT | +| OpenOffice: Writer Document | .SXW | +| Portable Document Format | .PDF | + +### Email & Messaging + +| Document Format | Extension | +| ---------------------------------------------- | ------------------------ | +| Email Message / Microsoft Outlook Message | .EML, .MBOX, .MIME, .MSG | +| Microsoft Outlook Personal Folders File Format | .OST, .PST | + +### Other + +| Document Format | Extension | +| --------------------------------------------------------------- | ------------------------------------------------- | +| Adobe Font Metric | .ACFM, .AFM, .AMFM | +| Apple iBooks Author Publication Format | .IBOOKS | +| C/C++ Object File | .O | +| C/C++ Shared Library/Object | .SO | +| Core Dump | .DMP | +| Electronic Publication | .EPUB | +| Executable and Linkable Format | .AXF, .BIN, .ELF, .KO, .MOD, .O, .PRX, .PUFF, .SO | +| Hierarchical Data Format File | .H5, .HDF, .HE5 | +| Java Class File | .CLASS | +| MATLAB Binary Data Container | .MAT | +| Microsoft Project | .MPP, .MPT | +| NetCDF (Network Common Data Form) | .NC | +| S/MIME (Secure/Multipurpose Internet Mail Extensions) | .P7C, .P7M | +| S/MIME (Secure/Multipurpose Internet Mail Extensions) Signature | .P7S | +| Transport Neutral Encapsulation Format | .TNEF | +| TrueType Font | .TTC, .TTF | + +### Presentation + +| Document Format | Extension | +| --------------------------------------------------- | ----------------------------------------------------------------------------- | +| Apple iWork Keynote | .KEY | +| Microsoft PowerPoint / Office Open XML Presentation | .PPA, .PPS, .PPT, .PPZ, .PPAM, .PPSM, .PPSX, .PPTM, .PPTX, .POT, .POTX, .THMX | +| OpenDocument: Presentation Document | .ODP, .OTP | + +### Raster Image + +| Document Format | Extension | +| --------------------------------------- | ------------------------------------ | +| Graphics Interchange Format (GIF) | .GIF, .GIFF | +| Joint Photographic Experts Group (JPEG) | .JFI, .JFIF, .JIF, .JPE, .JPEG, .JPG | +| Microsoft Windows Bitmap | .BMP, .DIB | +| Portable Network Graphic | .webp | +| Tagged Image File Format | .TIF, .TIFF | + +**NOTE:** The **FileSystem** > **0.Collection** > **1-SEEK System Scans** job can perform Optical +Character Recognition (OCR) scans for Raster image files by enabling the option on the SDD Audit +Settings page in the File System Access Auditor Data Collector Wizard. This is an option for the +Sensitive Data Scan category. See the +[1-SEEK System Scans Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-seek_system_scans.md) +topic for additional information. + +### Spreadsheet + +| Document Format | Extension | +| -------------------------------------- | --------------------------------------------------------------------------------------- | +| Apple iWork Numbers | .NUMBERS | +| Microsoft Excel Spreadsheet | .XLA, .XLC, .XLD, .XLL, .XLM, .XLR, .XLS, .XLT, .XLW, .XLAM, .XLSM, .XLSX, .XLTM, .XLTX | +| OpenDocument: Chart / Formula Document | .ODC, .ODF, .ODFT, .ODS, .OTC, .OTS | + +### Text & Markup + +| Document Format | Extension | +| -------------------------------------------------------------- | ----------------------- | +| Active Server Pages (ASP) / ASP.NET | .ASP, .ASPX | +| American Newspaper Publishers Association Wire Feeds | .ANPA | +| Atom + XML | .ATOM | +| C++ Source Code | .C, .CC, .CPP, .CXX | +| Compiled HTML | .CHM | +| Extensible HyperText Markup Language | .XHT, .XHTML, .XHTML2 | +| Extensible Markup Language | .XML, .XSD, .XSL | +| FictionBook Document | .FB2 | +| Groovy Source Code | .GROOVY | +| HyperText Markup Language | .HTM, .HTML | +| Java Source Code | .JAVA | +| Microsoft HTML Help | .CHM | +| RDF Site Summary | .RSS | +| Rich Text Format | .RTF | +| Text File (Other) | .CSV, .TEXT, .TSV, .TXT | +| XHTML MP (eXtensible HyperText Markup Language Mobile Profile) | .HTM, .HTML, .XHTML | + +## Metadata Only Formats + +The Sensitive Data Discovery Add-On can identify file type and extract only metadata from images and +multimedia. The following file formats are supported as metadata only formats. + +### Image Files + +| Document Format | Extension | +| ------------------------------------------ | ---------------------- | +| Favicon | .GIF, .ICO, .JPG, .webp | +| GIMP eXperimental Computing Facility (XCF) | .XCF | +| OpenDocument: Graphics / Image Document | .ODG, .ODI, .OTG, .OTI | +| Wireless Bitmap File Format | .WBMP | + +### Vector Image + +| Document Format | Extension | +| ------------------------ | ------------------------- | +| AutoCad Drawing | .DWG | +| Microsoft Visio Diagram | .VSD, .VSS, .VST, .VSW | +| Photoshop Image | .PSD | +| Scalable Vector Graphics | .SVG, .SVGZ | +| SolidWorks CAD program | .SLDASM, .SLDDRW, .SLDPRT | + +## Scans Against Files with no Extensions + +Files with no extensions can be scanned by modifying the XML file for each job where this type of +scan is desired. Add the following line to the `PerScanExtraScanOptions` section of a job's XML +script: + +``` +true +``` + +This line must be added to a specific location within the XML script. See below: + +``` + + +    false +    2097152 +    false +    true +    0 +     +    100 +    0 +    0 +    true +    false + +``` + +Once this line has been added to the job's XML script and the XML file is saved, files with no +extensions are included in scans for the job. diff --git a/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/system-criteria.md b/docs/accessanalyzer/11.6/sensitivedatadiscovery/systemcriteria.md similarity index 100% rename from docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/system-criteria.md rename to docs/accessanalyzer/11.6/sensitivedatadiscovery/systemcriteria.md diff --git a/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md b/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md deleted file mode 100644 index 8378a99bca..0000000000 --- a/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md +++ /dev/null @@ -1,964 +0,0 @@ -# 0.Collection > AD_ActivityCollection Job - -The AD_ActivityCollection Job located in the 0.Collection Job Group, imports data from the Netwrix -Activity Monitor logs into the Enterprise Auditor Database. Retention can be modified in the query -(120 days default). - -![AD_ActivityCollection Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -There are two ways AD Activity data can be retrieved by Enterprise Auditor: - -- Network share containing the archive logs -- API Server connected to the archive logs - -This is configured in the query. See the -[Queries for the AD_ActivityCollection Job](#queries-for-the-ad_activitycollection-job) topic for -additional information. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -![Configuration section on the AD_ActivityCollection job Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/overviewconfiguration.webp) - -The AD_ActivityCollection page has the following configurable parameters: - -- Enable to import AD events into the AIC -- Enable to import authentication events into the AIC - - **NOTE:** The import of AD events and authentication events is disabled by default. You must - enable these parameters for the activity data to be imported into the Netwrix Access Information - Center. See the - [(Optional) Configure Import of AD Activity into Netwrix Access Information Center](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md#optional-configure-import-of-ad-activity-into-netwrix-access-information-center) - topic for instructions. - -- List of attributes to track for Object Modified changes -- Number of days to retain activity data in the AIC - -See the -[Customize Analysis Parameters for the AD_ActivityCollection Job](#customize-analysis-parameters-for-the-ad_activitycollection-job) -topic for additional information. - -## Queries for the AD_ActivityCollection Job - -The AD Activity Collection query uses the ADActivity Data Collector to target the Activity Monitor -archive logs for AD Activity. - -**NOTE:** The query can be configured to connect directly to the network share where the archive -logs are stored or the API Server. - -![Queries for the AD_ActivityCollection Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queries.webp) - -The AD_ActivityCollection Job uses the ADActivity Data Collector for the following query: - -- AD Activity Collection – Targets Netwrix Activity Monitor archives to collect AD Activity - -### Configure the Query to Import from the Activity Monitor - -The AD_ActivityCollection Job requires configuration to collect data. Follow the steps to modify the -query configuration when Netwrix Activity Monitor is configured to host domain activity logs on an -API server. - -**NOTE:** Ensure the Activity Monitor API Server and the required Connection Profile are -successfully set up. See the -[Active Directory Activity Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md) -topic for additional information. - -**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. - -**Step 2 –** Click **Query Properties**. The Query Properties window displays. - -**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard -opens. - -![Active Directory Activity DC wizard Category page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/categoryimportfromnam.webp) - -**Step 4 –** On the Category page, choose **Import from SAM** option and click **Next**. - -![Active Directory Activity DC wizard SAM connection settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/namconnection.webp) - -**Step 5 –** On the SAM connection page, the **Port** is set to the default 4494. This needs to -match the port configured for the Activity Monitor API Server agent. - -**Step 6 –** In the **Test SAM host** textbox, enter the Activity Monitor API Server name using -fully qualified domain format. For example, `NEWYORKSRV30.NWXTech.com`. Click **Connect**. - -**Step 7 –** If connection is successful, the archive location displays along with a Refresh token. -Copy the **Refresh token**. This will replace the Client Secret in the Connection Profile in the -last step. - -**Step 8 –** Click **Next**. - -![Active Directory Activity DC wizard Scoping and Retention page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -**Step 9 –** On the Scope page, set the Timespan as desired. There are two options: - -- Relative Timespan – Set the number of days of activity logs to collect when the scan is run -- Absolute Timespan – Set the date range for activity logs to collect when the scan is run - -**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity -Monitor domain output log retention expires. For example, if Enterprise Auditor runs the -**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be -configured to retain at least 10 days of log files. - -**Step 10 –** Set the Retention period as desired. This is the number of days Enterprise Auditor -keeps the collected data in the SQL Server database. - -**Step 11 –** Click **Next** and then **Finish** to save the changes and close the wizard. - -**Step 12 –** Click **OK** to save the changes and close the Query Properties page. - -**Step 13 –** Navigate to the global **Settings** > **Connection** node to update the User -Credential with the Refresh token: - -- Select the Connection Profile assigned to the **6.Activity** > **0.Collection** Job Group. -- Select the Web Services (JWT) User Credential and click **Edit**. -- Replace the Access Token with the Refresh token generated by the data collector in Step 7. -- Click **OK** to save and close the User Credentials window. -- Click **Save** and then **OK** to confirm the changes to the Connection Profile. - -The query is now configured to target the Activity Monitor API Server to collect domain activity -logs. - -### Configure the Query to Import from a Share - -The AD_ActivityCollection Job requires configuration to collect data. Follow the steps to modify the -query configuration when Netwrix Activity Monitor is configured to store activity logs on a network -share. - -**NOTE:** Ensure the Activity Monitor domain output and the required Connection Profile are -successfully set up. See the -[File Archive Repository Option](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md) -topic for additional information. - -**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. - -**Step 2 –** Click **Query Properties**. The Query Properties window displays. - -**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard -opens. - -![Active Directory Activity DC wizard Category page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/categoryimportfromshare.webp) - -**Step 4 –** On the Category page, choose **Import from Share** option and click **Next**. - -![Active Directory Activity DC wizard Share settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/share.webp) - -**Step 5 –** On the Share page, provide the UNC path to the AD Activity share archive location. If -there are multiple archives in the same network share, check the **Include Sub-Directories** box. -Click **Next**. - -![Active Directory Activity DC wizard Scoping and Retention page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -**Step 6 –** On the Scope page, set the Timespan as desired. There are two options: - -- Relative Timespan – Set the number of days of activity logs to collect when the scan is run -- Absolute Timespan – Set the date range for activity logs to collect when the scan is run - -**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity -Monitor domain output log retention expires. For example, if Enterprise Auditor runs the -**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be -configured to retain at least 10 days of log files. - -**Step 7 –** Set the Retention period as desired. This is the number of days Enterprise Auditor -keeps the collected data in the SQL Server database. - -**Step 8 –** Click **Next** and then **Finish** to save the changes and close the wizard. - -**Step 9 –** Click **OK** to save the changes and close the Query Properties page. - -The query is now configured to target the network share where the Activity Monitor domain activity -logs are archived. - -## Analysis Tasks for the AD_ActivityCollection Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. Select the **Configure** > **Analysis** node. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ActivityCollection Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/analysis.webp) - -The following analysis tasks are selected by default: - -- UAC Formatting Function – Splits column on commas and assigns opposing values to attributes -- AIC Import - AD Activity Events – Imports AD events to the Access Information Center for domain - objects - - - The `@ADEvents` and `@AuthEvents` parameters must be enabled for AD events and authentication - events to be imported into the Access Information Center - - The list of attributes to track for Object Modified changes can be customized by the - `#modifiedAttributeList` parameter - -- AIC Import - Activity Retention – Deletes older activity data from the Access Information Center - - - By default, data is retained for 120 days. This is customizable by the `@Days` parameter. - -### Customize Analysis Parameters for the AD_ActivityCollection Job - -The customizable parameters for this job allow you to configure importing of AD activity data into -the Netwrix Access Information Center. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------------------- | --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- | -| AIC Import - AD Activity Events | #modifiedAttributeList | Default attributes: - givenName - sn - displayName - description - userPrincipalName - sAMAccountName - initials - title - department - company - manager - location - streetAddress - currentLocation - st - postalCode - c - otherTelephone - homePhone - ipPhone - mobile - facsimileTelephoneNumber - otherFacsimileTelephoneNumber - mail - wWWHomePage - employeeID - employeeType - employeeNumber - extensionAttribute1 - extensionAttribute2 - extensionAttribute3 - extensionAttribute4 - extensionAttribute5 - extensionAttribute6 - extensionAttribute7 - extensionAttribute8 - extensionAttribute9 - extensionAttribute10 - extensionAttribute11 - extensionAttribute12 - extensionAttribute13 - extensionAttribute14 - extensionAttribute15 | List of attributes to track for Object Modified changes | -| AIC Import - AD Activity Events | @ADEvents | False | Enable to import AD events into the AIC | -| AIC Import - AD Activity Events | @AuthEvents | False | Enable to import authentication events into the AIC | -| AIC Import - Activity Retention | @Days | 120 | Number of days to retain activity data in the AIC | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -# LDAP > AD_LDAPQueries Job - -The **LDAP** > **AD_LDAPQueries** Job analyzes LDAP traffic to determine trends such as most -expensive queries, most active servers and users, successful/failed and signing status. This data -can be used to troubleshoot performance issues, load balancing, and poorly configured services. - -![AD_LDAPQueries Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapjobstree.webp) - -**_RECOMMENDED:_** Schedule this job to run with the 0.Collection job group. - -## Analysis Tasks for the AD_LDAPQueries Job - -Navigate to the **Active Directory** > **6.Activity** > **LDAP** > **AD_LDAPQueries** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Except for the **Largest Queries** task, do not modify or deselect the remaining -selected analysis tasks. The remaining analysis tasks are preconfigured for this job. - -![Analysis Tasks for the AD_LDAPQueries Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysis.webp) - -The following non-configurable analysis tasks are selected by default: - -- SSL – Creates the SA_AD_LDAPQueries_SSLStatus table accessible under the job’s Results node -- Host Summary – Creates the SA_AD_LDAPQueries_HostSummary table accessible under the job’s Results - node -- User Summary – Creates the SA_AD_LDAPQueries_UserSummary table accessible under the job’s Results - node - -The following configurable analysis task can be optionally enabled: - -- Largest Queries – Creates the SA_AD_LDAPQueries_ExpensiveQueries table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the AD_LDAPQueries Job produces the follow -pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Largest LDAP Queries | Shows LDAP queries returning the most objects, and their source. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar – Displays top users by LDAP traffic - Table – Displays top users by LDAP traffic - Table – Displays Expensive LDAP Queries | -| LDAP Overview | Overview of hosts and users performing queries, and query security. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of four elements: - Pie – Displays SSL query events view results - Pie – Displays query security flags - Table – Displays users performing LDAP queries - Table – Displays originating hosts | - -### Configure the Largest Queries Analysis Task - -Customizable parameters enable you to set the values used to control the minimum objects returned -and the days of traffic to analyze during this job’s analysis. The parameters can be customized and -are listed in a section at the bottom of the SQL Script Editor. Follow the steps to customize an -analysis task’s parameters. - -**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **LDAP** > **AD_LDAPQueries** > -**Configure** node and select **Analysis**. - -![Largest Queries analysis task configuration](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp) - -**Step 2 –** In the Analysis Selection view, select the **Largest Queries** analysis task and click -**Analysis Configuration**. The SQL Script Editor opens. - -**CAUTION:** Do not change any parameters where the Value states `Created during execution`. - -![Largest Queries analysis task in the SQL Script Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapsqlscripteditor.webp) - -**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. There are -two integer variables that can be modified. Double-click on the current **value** and change as -desired: - -- @objects_returned – Controls the minimum number of objects returned for the queries to be - considered large. This value is set to 100 by default. -- @timeframe – Controls the number of days to analyze traffic for. This value is set to 30 days by - default. - -**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor -window. - -The analysis task now includes custom parameters for the updated values. - -# Lockouts > AD_Lockouts Job - -The **Lockouts** > **AD_Lockouts** Job provides a listing of all account lockouts. For any lockout -occurring in the past 30 days, failed authentications and host information is provided to aid -troubleshooting. - -![AD_Lockouts Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/lockoutsjobstree.webp) - -**_RECOMMENDED:_** Schedule this job to run with the 0.Collection job group. - -## Analysis Tasks for the AD_Lockouts Job - -Navigate to the **Active Directory** > **6.Activity** > **Lockouts** > **AD_Lockouts** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_Lockouts Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/lockoutsanalysis.webp) - -The default analysis tasks are: - -- Account Lockouts – Creates the SA_AD_AccountLockouts_Details view accessible under the job’s - Results node -- Failed Authentications – Creates the SA_AD_AccountLockouts_FailedAutnentications table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_Lockouts Job produces the follow -pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| Lockouts | This report tracks all lockouts for user accounts. For any lockout occurring in the past 30 days, failed authentications and host information are provided to aid troubleshooting. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Table – Displays account lockouts details - Table –  Displays failed authentications in the past 30 days | - -# AD_ComputerModifications Job - -The AD_ComputerModifications Job provides a report of all changes to computer objects. - -## Analysis Tasks for the AD_ComputerModifications Job - -Navigate to the **Active Directory** > **6.Activity** > **Changes** > **AD_ComputerModifications** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ComputerModifications Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp) - -The following non-configurable analysis tasks are selected by default: - -- All Computer Object Changes – Creates the SA_AD_ComputerChanges_ComputerSummary table accessible - under the job’s Results node -- Summarize by Computer – Creates the SA_AD_ComputerChanges_ComputerSummary table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_ComputerModifications Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ---------------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Computer Account Changes | Track changes to computer objects. | CPAA GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays Changes by Type - Table – Displays Changes by Computer - Table – Displays Computer Change Details | - -# AD_GroupModifications Job - -The AD_GroupModifications Job provides a report of all changes to group objects. A separate report -is provided to highlight group membership changes. The list of top perpetrators can be used to -identify out of band changes. - -## Analysis Tasks for the AD_GroupModifications Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Changes** > -**AD_GroupModifications** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupModifications Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp) - -The following non-configurable analysis tasks are selected by default: - -- Group Changes – Creates the SA_AD_GroupModifications_Details view accessible under the job’s - Results node -- Summarize by Group – Creates the SA_AD_GroupModifications_GroupSummary table accessible under the - job’s Results node -- Summarize by Perpetrator – Creates the SA_AD_GroupModifications_UserSummary table accessible under - the job’s Results node -- Membership Changes – Creates the SA_AD_GroupMembershipChanges_Details view accessible under the - job’s Results node -- Summarize by Group – Creates the SA_AD_GroupMembershipChanges_Summary table accessible under the - job’s Results node -- Top Groups by Changes – Creates the SA_AD_GroupMembershipChanges_Last30Days table accessible under - the job’s Results node. - -In addition to the tables created by the analysis tasks, the AD_GroupModifications Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ----------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Changes | Tracks changes to group attributes. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays changes by type - Table – Displays changes by group - Table – Displays changes by group change details | -| Group Membership Changes | Tracks changes to group membership. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Stacked Chart – Displays the most active groups in the past 30 days - Table – Displays group membership summary - Table – Displays group membership change details | - -# AD_UserModifications Job - -The AD_UserModifications Job provides a report of all changes to user objects. - -## Analysis Tasks for the AD_UserModifications Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Changes** > -**AD_UserModifications** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_UserModifications Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp) - -The following non-configurable analysis tasks are selected by default: - -- All User Account Changes – Creates the SA_AD_UserModifications_Details view accessible under the - job’s Results node -- Summary of Changes – Creates the SA_AD_userModifications_userSummary table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the AD_UserModifications Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------ | ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Account Changes | Track changes to user objects. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays changes by type - Table – Displays changes by user account - Table – Displays changes by user change details | - -# Changes Job Group - -The Changes Job Group provides an audit trail for changes made to Computer, Group and User objects -within the environment. - -![Changes Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following Jobs make up the Changes Job Group: - -**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. - -- [AD_ComputerModifications Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Reports on activity relating to changes made on computer objects -- [AD_GroupModifications Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Reports on activity relating to changes made on a group objects and changes made to group - membership -- [AD_UserModifications Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Reports on activity relating to changes made on user objects - -# AD_AccessChanges Job - -The AD_AccessChanges Job highlights the type and number of resources across the environment where -access has been affected. Groups which have historically been the cause of most access changes are -highlighted, to show potential issues in access sprawl and provisioning. - -## Analysis Tasks for the AD_AccessChanges Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Group Usage** > -**AD_AccessChanges** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_AccessChanges Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp) - -The following non-configurable analysis tasks are selected by default: - -- Find Access Changes – Creates the SA_AD_AccessChanges_Details table accessible under the job’s - Results node -- Group Summary – Creates the SA_AD_AccessChanges_GroupSummary table accessible under the job’s - Results node -- Access Type Summary – Creates the SA_AD_AccessChanges_TypeSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the AD_AccessChanges Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Access Changes | Highlights group membership additions that have created large changes in access within the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays largest changes last week - Table – Displays groups by modified access - Table – Displays all group membership changes | - -# AD_GroupHosts Job - -The AD_GroupHosts Job attempts to identify where groups may be used to provide access. - -## Analysis Tasks for the AD_GroupHosts Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **GroupUsage** > -**AD_GroupHosts** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupHosts Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp) - -The default analysis tasks are: - -- Group Authentication Details – Creates the SA_AD_GroupHosts_Details table accessible under the - job’s Results node -- Summarize Authentication Events by Group – Creates the SA_AD_GroupHosts_GroupSummary table - accessible under the job’s Results node -- Summarize Authentication Events by Host – Creates the SA_AD_GroupHosts_HostSummary table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_GroupHosts Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Host Usage | Understand what groups are utilizing what hosts in the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Table – Displays security groups by target hosts - Table – Displays hosts by associated groups - Table – Displays authentication details | - -# AD_GroupMemberActivity Job - -The AD_GroupMemberActivity Job analyzes the AD actions taken by the effective members of a group. -Monitoring authentication can provide a more accurate method of determining staleness than last -logons. - -## Analysis Tasks for the AD_GroupMemberActivity Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Group Usage** > -**AD_GroupMemberActivity** > **Configure** node and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the AD_GroupMemberActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp) - -The default analysis task is: - -- Group Member Activity – Creates the SA_AD_GroupMemberActivity_GroupSummary table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_GroupMemberActivity Job produces the -follow pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ------------------------------------------------------------------------------------------ | ---------------------------------------------------------- | --------------------------------------------------------------------------------- | -| Group Member Activity | This report identifies actions taken by the members of each group within your environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table – Displays group member activity | - -### Configure the Group Member Activity Analysis Task - -Customizable parameters enable you to set the values used to include the SIDs for admin groups -during this job’s analysis. The parameters can be customized and are listed in a section at the -bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s parameters. - -**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **Group Usage** > -**AD_GroupMemberActivity** > **Configure** node and select **Analysis**. - -![Group Member Activity analysis task configuration](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp) - -**Step 2 –** In the Analysis Selection view, select the Group Member Activity analysis task and -click on **Analysis Configuration**. The SQL Script Editor opens. - -**CAUTION:** Do not change any parameters where the Value states `Created during execution`. - -![Group Member Activity Analysis Task in the SQL Script Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp) - -**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. Select -the cell for the temporary table called #admingroups, and click **Edit Table** to modify the value. - -- The new value should include SIDs for admin groups to be considered administrative groups beyond - the default admin groups. - -**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor -window. - -The analysis task now includes custom parameters for the updated values. - -# Group Usage Job Group - -The Group Usage Job Group reports shows how group membership changes have affected access across the -entire environment, the actions taken by the members of a group, and identifies where groups may be -used for authorization in applications. - -![Group Usage Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following Jobs make up the Group Usage Job Group: - -**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. - -- [AD_AccessChanges Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Reports on activity relating to access changes for Active Directory groups, highlighting - membership changes that have created large access change within the environment -- [AD_GroupHosts Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Reports on what hosts groups are being used on within the environment -- [AD_GroupMemberActivity Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Reports on the activity that group members are taking within the Active Directory environment - -# AD_AuthenticationProtocol Job - -The AD_Authentication Job shows what protocols are being used to authenticate across the environment -and will help to identify what services and computers may be affected when disabling NTLM. - -## Analysis Tasks for the AD_AuthenticationProtocol Job - -Navigate to the **Active Directory** > **6.Activity** > **Operations** > -**AD_AuthenticationProtocol** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_AuthenticationProtocol Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp) - -The default analysis tasks are: - -- Summarize Protocol Usage – Creates the SA_AD_AuthenticationProtocol_Summary table accessible under - the job’s Results node -- Summarize Host Protocol Usage – Creates the SA_AD_AuthenticationProtocol_Hosts table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_AuthenticationProtocol Job produces -the follow pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | -------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | -| Authentication Protocols | Track the prevalence of NTLM versus Kerberos within the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie – Displays authentication protocols - Table –  Displays authentication protocols summary | - -# AD_DomainControllerTraffic Job - -The AD_DomainControllerTraffic Job provides a summary of the amount of traffic for Changes, -Authentication, Replication, and LDAP Queries for each domain controller which can be used to -identify issues with load balancing. If the AD_DCSummary job has been run, the roles for each domain -controller will be provided. - -## Analysis Tasks for the AD_DomainControllerTraffic Job - -Navigate to the **Active Directory** > **6.Activity** > **Operations** > -**AD_DomainControllerTraffic** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DomainControllerTraffic Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/dctrafficanalysis.webp) - -The default analysis task is: - -- Summarize Protocol Usage – Creates the SA_AD_DomainControllerTraffic_Details table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_DomainControllerTraffic Job produces -the follow pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | -------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------- | -| Domain Controller Traffic | Identifies the amount of active directory events that occur on each domain controller. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table –  Displays a Domain Controller summary | - -# AD_HardcodedDCs Job - -The AD_HardcodedDCs Job highlights machines that have communicated with only one domain controller. - -## Analysis Tasks for the AD_HardcodedDCs Job - -Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_HardcodedDCs** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_HardcodedDCs Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp) - -The default analysis tasks are: - -- Hardcoded DCs – Creates the SA_AD_Hardcoded_DCs table accessible under the job’s Results node -- Summarizes Hardcoded DC Information – Creates the SA_AD_Hardcoded_Summary table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_Hardcoded DCs Job produces the -follow pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Hardcoded DCs | This report identifies hosts which may have hardcoded domain controller information in server or application settings. Each host identified in this report has only contacted one domain controller. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie –  Displays top domain controllers - Table – Displays hardcoded domain controller summary - Table – Displays host details | - -# AD_LoadBalancing Job - -The AD_LoadBalancing Job analyzes each domain controller's traffic to show what percent of all LDAP, -Replication, Authentication and Changes are being handled by that particular machine. This helps to -highlight domain controllers which are over utilized relative to others within the domain, or unused -domain controllers which may be decommissioned. - -## Analysis Task for the AD_LoadBalancing Job - -Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_LoadBalancing** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the AD_LoadBalancing Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp) - -The default analysis task is: - -- Domain Controller Traffic – Creates the SA_AD_LoadBalancing_DomainControllers table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_LoadBalancing Job produces the -follow pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain Controllers | This report identifies the distribution of change events and authentication events between domain controllers in the monitored environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays top DCs by authentication traffic - Bar Chart – Displays top DCs by change traffic - Table – Displays domain controller traffic details | - -# AD_MachineOwners Job - -The AD_MachineOwners Job helps to identify the owner of a particular host. - -## Analysis Tasks for the AD_MachineOwners Job - -Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_MachineOwners** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_MachineOwners Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/machineownersanalysis.webp) - -The default analysis tasks are: - -- Identify Machine Owners – Creates the SA_AD_MachineOwners_Details table accessible under the job’s - Results node -- User Summary – Creates the SA_AD_MachineOwners_UserSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the AD_MachineOwners Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------- | ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -| Machine Owners | Identify owners of machines based on authentication patterns. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays top users by machines owned - Table – Displays machine owners | - -# Operations Job Group - -The Operations Job Group reports on Active Directory activity events related to operational -activity. This group can help report on probable machine owners based on authentications, domain -controller traffic and activity, and authentication protocols being used in the environment. - -![Operations Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following Jobs make up the Operations Job Group: - -**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. - -- [AD_AuthenticationProtocol Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Shows what protocols are being used to authenticate across the environment and will help to - identify what services and computers may be affected when disabling NTLM -- [AD_DomainControllerTraffic Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Provides a summary of the amount of traffic for Changes, Authentication, Replication, and LDAP - Queries for each domain controller which can be used to identify issues with load balancing. If - the AD_DCSummary job has been run, the roles for each DC will be provided. -- [AD_HardcodedDCs Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Highlight machines that have communicated with only one DC -- [AD_LoadBalancing Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Analyzes each domain controller's traffic to show what percent of all LDAP, Replication, - Authentication and Changes are being handled by that particular machine. This helps to highlight - domain controllers which are over utilized relative to others within the domain, or unused domain - controllers which may be decommissioned. -- [AD_MachineOwners Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Helps to identify the owner of a particular host - -# 6.Activity Job Group - -The 6.Activity Job Group provides insights into access sprawl, privileged account usage, and -operational health of the Active Directory environment. Information collected includes Active -Directory Changes, Authentication, LDAP Traffic, Replication Traffic, and LSASS.EXE process -injection on domain controllers. - -The jobs that comprise the 6.Activity Job Group collect data, process analysis tasks, and generate -reports. - -_Remember,_ this job group requires the Active Directory Activity license. - -![6.Activity Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 6.Activity Job Group is comprised of the following jobs: - -- [0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Imports data from the Netwrix Activity Monitor logs into the Enterprise Auditor Database. - Retention can be modified in the query (120 days default). -- [Changes Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Provides an audit trail for changes made to Computer, Group and User objects within the - environment -- [Group Usage Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Shows how group membership changes have affected access across the entire environment, the - actions taken by the members of a group, and identifies where groups may be used for authorization - in applications -- [LDAP > AD_LDAPQueries Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Analyzes LDAP traffic to determine trends such as most expensive queries, most active servers - and users, successful/failed and signing status. This data can be used to troubleshoot performance - issues, load balancing, and poorly configured services. -- [Lockouts > AD_Lockouts Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md)– - Provides a listing of all account lockouts with relevant details which can be used to aid - troubleshooting -- [Operations Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Reports on Active Directory activity events related to operational activity. This group can help - report on probable machine owners based on authentications, domain controller traffic and - activity, and authentication protocols being used in the environment. -- [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md)– - Highlights the activity performed by this accounts, to identify potential abuses or unused - accounts that can be deprovisioned - -# AD_AdminAccounts Job - -The AD_AdminAccounts Job shows all actions taken by domain administrators within the environment. - -## Analysis Tasks for the AD_AdminAccounts Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Privileged Accounts** > -**AD_AdminAccounts** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_AdminAccounts Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp) - -The default analysis tasks are: - -- Summarizes Administrative Account Activity – Creates the SA_AD_AdminAccounts_ActivitySummary table - accessible under the job’s Results node -- Identifies Administrative Accounts Last Activity Event – Creates the - SA_AD_AdminAccounts_LastActivity table accessible under the job’s Results node -- Identifies Administrative Group List Activity Event – Creates the - SA_AD_AdminAccounts_LastActivityByGroup table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_AdminAccounts Job produces the -follow pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Admin Activity | Highlights administrative account activity events. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays least active administrators - Table – Displays administrative user activity details | -| Admin Authentications | Authenticating from many different clients increases the risk of Administrator credentials being compromised. | GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays the top admin accounts by client usage - Table – Displays all client usage - Table – Displays administrator authentication | - -### Configure the Summarize Administrative Account Activity Analysis Task - -Customizable parameters enable you to set the values used to include the NT Account name for admin -groups during this job’s analysis. The parameters can be customized and are listed in a section at -the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s parameters. - -**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **Privileged Accounts** > -**AD_AdminAccounts** > **Configure** node and select **Analysis**. - -![Summarizes Administrative Account Activity analysis task configuration](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp) - -**Step 2 –** In the Analysis Selection view, select the **Summarizes Administrative Account -Activity** analysis task and click **Analysis Configuration**. The SQL Script Editor opens. - -**CAUTION:** Do not change any parameters where the Value states `Created during execution`. - -![Summarizes Administrative Account Activity analysis task in the SQL Script Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp) - -**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. Select -the cell for the temporary table called #AdminGroups, and click **Edit Table** to modify the value. - -- The new value should include the NT Account names for the admin groups that are considered - administrative groups beyond the default admin groups. - -**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor -window. - -The analysis task now includes custom parameters for the updated values. - -# AD_ServiceAccountAuth Job - -The AD_ServiceAccountAuth Job shows the last time a service account, identified by the presence of a -servicePrincipalName, was active within the environment. - -## Analysis Task for the AD_ServiceAccountAuth Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Operations** > -**AD_ServiceAccountAuth** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the AD_ServiceAccountAuth Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp) - -The following non-configurable analysis task is selected by default: - -- Creates the SA_AD_ServiceAccountAuth_Details table accessible under the job’s Results node. - -In addition to the tables created by the analysis tasks, the AD_ServiceAccountAuth Job produces the -follow pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | -| Service Accounts | Because many service accounts may not ever perform a logon, tracking authentication can be a better way to identify stale service accounts. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays stale service accounts - Table – Displays account details | - -# Privileged Accounts Job Group - -The Privileged Accounts Job Group highlights the activity performed by this accounts, to identify -potential abuses or unused accounts which can be deprovisioned. - -![Privileged Accounts Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following Jobs make up the Privileged Accounts Job Group: - -**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. - -- [AD_AdminAccounts Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Shows all actions taken by domain administrators within the environment being compromised -- [AD_ServiceAccountAuth Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Shows the last time a service account, identified by the presence of a servicePrincipalName, was - active within the environment - -# Recommended Configurations for the 6.Activity Job Group - -The **Active Directory** > **6.Activity** Job Group has been configured by default to run with the -out-of-the-box settings. It can be run directly or scheduled. - -Dependencies - -- Successfully execute the **.Active Directory Inventory** Job Group -- Netwrix Activity Monitor 4.1+ is archiving AD Activity Logs -- Successfully execute the **Active Directory** > **5.Domains Job Group** prior to running the - Operations Job Group -- (Optional) Successfully execute the **Active Directory Permissions Analyzer** > **0.Collection** - Job Group -- (Optional) Successfully execute the **FileSystem** > **0.Collection** Job Group - -Targeted Host(s) - -Netwrix Activity Monitor API Server or the host with the network share housing archived log files. - -Connection Profile - -Connection Profiles must be set directly on the -[0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) -in order to connect to either the SAM API Server or the host with the network share housing the -archived log files. - -Access Token - -Required for SAM API Server integration for the -[0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md). - -Scheduling Frequency - -This group can be scheduled to run as desired. - -**_RECOMMENDED:_** Run from the 6.Activity Job Group level in order to correlate 0.Collection job -group data with other jobs. - -History Retention - -History is not supported. Turning on history will cause issues with data analysis and reporting. - -Multi-Console Support - -Multiple Enterprise Auditor Consoles are not supported. This group should be run from a single -Enterprise Auditor Console. - -Workflow - -**Step 1 –** Successfully run the **.Active Directory Inventory** Job Group. - -**Step 2 –** Setup integration between the Netwrix Activity Monitor and Enterprise Auditor by using -either an API Server or the network share where the archived log files are located. - -**Step 3 –** Ensure Activity Monitor logs are archived. - -**Step 4 –** Configure the Connection Profiles to connect successfully to the Netwrix Activity -Monitor API Server or the host with the network share housing the archived log files. - -**Step 5 –** Configure the **AD_ActivityCollection** Job Query. - -**Step 6 –** Run the jobs as desired. - -**Step 7 –** Run from the **6.Activity** Job Group level in order to correlate 0.Collection job -group data with other jobs. - -**Step 8 –** Review the reports generated by the jobs. - -See the -[Active Directory Solution](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md b/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md deleted file mode 100644 index 4828a23b58..0000000000 --- a/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md +++ /dev/null @@ -1,717 +0,0 @@ -# AD_CleanupProgress Job - -The AD_CleanupProgress Job performs checks against Active Directory security best practices in order -to proactively identify critical security configurations that leave Active Directory vulnerable to -attack. The result is a report which provides a listing of findings by severity and category with -corresponding details that can be used to prioritize and remediate security issues. - -![AD_CleanupProgress Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp) - -Workflow - -**Step 1 –** Ensure the following prerequisites are met: - -- The .Active Directory Inventory Job Group needs to be successfully run prior to running this job -- The following jobs from the Active Directory Solution must be run prior to running this job: - - - **Active Directory** > **1.Groups** > **AD_DuplicateGroups** - - **Active Directory** > **2.Users** > **AD_DirectMembership** - - **Active Directory** > **3.Computers** > **AD_StaleComputers** - -**Step 2 –** Schedule the AD_Cleanup Progress Job to run every day after the prerequisites have been -satisfied. - -**Step 3 –** Review the reports generated by the AD_CleanupProgress Job. - -## Analysis Tasks for the AD_CleanupProgress Job - -Navigate to the **Active Directory** > **Cleanup** > **AD_CleanupProgress** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the AD_CleanupProgress Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp) - -The default analysis task is: - -- Generates daily summary of AD exceptions – Creates the AD_CleanupProgress_DailySummary table - accessible under the job’s Results node - -In addition to the table created by the analysis task, the AD_CleanupProgress Job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Computer Cleanup Summary | This report tracks Active Directory computer exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily computer exceptions trend - Table – Provides details on daily computer exceptions | -| Group Cleanup Summary | This report tracks Active Directory group exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily group exceptions trend - Table – Provides details on daily group exceptions | -| User Cleanup Summary | This report tracks Active Directory user exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily user exceptions trend - Table – Provides details on daily user exceptions | - -# AD_DeprovisionComputers_Status Job - -The AD_DeprovisionComputers_Status Job tracks and reports on the progress of the computer -deprovisioning workflow. - -## Analysis Tasks for the AD_DeprovisionComputers_Status Job - -Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > -**AD_DeprovisionComputers_Status** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for AD_DeprovisionComputers_Status Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp) - -The default analysis tasks are: - -- Track Deletion – Creates the AD_DeprovisionComputers_Log table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis task, the AD_DeprovisionComputers_Status -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Computer Deprovisioning | This report tracks actions taken each day of the Stale Computer Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on computer deprovisioning - Table – Provides action details | - -# AD_DeprovisionComputers Job - -The AD_DeprovisionComputers Job provides a simple automated workflow deprovision stale computers. - -**Step 1 –** Move stale computers to a staging OU for deletion. - -**Step 2 –** The assigned manager is alerted by email of the impending deletion. - -**Step 3 –** Disables computer accounts. - -**Step 4 –** After a configurable amount of days in the staging OU, deletes computers from the -staging OU. The default is 365 days. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The AD_DeprovisionComputers page has the following configurable parameters: - -- Days in the Staging OU before Deleting Account - -See the -[Customizable Analysis Parameters for the AD_DeprovisionComputers Job](#customizable-analysis-parameters-for-the-ad_deprovisioncomputers-job) -topic for additional information. - -## Analysis Tasks for the AD_DeprovisionComputers Job - -Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > **AD_Deprovision -Computers** > **Configure** node and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the AD_DeprovisionComputers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp) - -The default analysis tasks are: - -- Identify Stale Computers – Creates the AD_DeprovisionComputers_Details table accessible under the - job’s Results node -- Computer Accounts to Delete – Creates the AD_DeprovisionComputers_ToBeDeleted table accessible - under the job’s Results node - - - This analysis task contains a configurable parameter: `@days_before_deleting`. See the - [Customizable Analysis Parameters for the AD_DeprovisionComputers Job](#customizable-analysis-parameters-for-the-ad_deprovisioncomputers-job) - topic for additional information. - -### Customizable Analysis Parameters for the AD_DeprovisionComputers Job - -Customizable parameters enable you to set the values used to classify user and group objects during -this job’s analysis. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| --------------------------- | --------------------------- | ------------- | ---------------------------------------------- | -| Computer Accounts to Delete | @days_before_deleting | 365 | Days in the staging OU before deleting account | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -## Action Tasks for the AD_DeprovisionComputers Job - -Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > **AD_DeprovisionComputers** > -**Configure** node and select **Actions** to view the actions. - -**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -![Action Tasks for the AD_DeprovisionComputers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp) - -The action tasks are: - -**CAUTION:** The action tasks must be executed together and in order. - -- Move Computers – Move computers to staging OU for deletion - - - The target staging OU must be set in the Move Computers Action Task prior to executing the - action tasks. See the - [Configure the Target OU](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - topic for additional information. - -- Notify Manager – Notify assigned manager by email of the impending deletion -- Disable Computers – Disable computer accounts -- Delete Computers – Delete computers from staging OU - -After the `@days_before_deleting` analysis parameter has been configured and the target OU has been -set in the Move Computers Action Task, select the checkboxes next to all of the action tasks and -click **Execute Action** to execute the action tasks. - -# 3.Computers Job Group - -The 3.Computers Job Group identifies stale computer accounts, providing a workflow to safely -deprovision identified accounts. - -![3.Computers Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/computersjobtree.webp) - -The jobs in the 3.Computers Job Group are: - -- [AD_DeprovisionComputers Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Provides a simple, automated workflow to deprovision stale and unused user accounts -- [AD_DeprovisionComputers_Status Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Tracks all actions taken by the included deprovisioning workflow - -Workflow - -**Step 1 –** Ensure the following prerequisites are met: - -- The .Active Directory Inventory Job Group needs to be successfully run -- For the AD_DeprovisionComputers Job, the target OU needs to be manually set in the Move Computers - Action Task prior to executing the actions. See the - [Action Tasks for the AD_DeprovisionComputers Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md#action-tasks-for-the-ad_deprovisioncomputers-job) - topic for additional information. -- The AD_DeprovisionComputers Job needs to be run prior to running the - AD_DeprovisionComputers_Status Job - -**Step 2 –** Schedule the 3.Computers Job Group to run as desired after the prerequisites have been -satisfied. - -**Step 3 –** Review the reports generated by the 3.Computers Job Group. - -# Configure the Target OU - -Follow the steps to configure the target staging OU. - -**Step 1 –** Navigate to the **[Job]** > **Configure** > **Actions** node. - -![Action Properties button on Action Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp) - -**Step 2 –** On the Action Selection page, select the desired action task and click **Action -Properties**. - -**Step 3 –** In the Action Properties window, select **Configure Action**. The Active Directory -Action Module Wizard opens. - -![Move Objects page of the Active Directory Action Module Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp) - -**Step 4 –** Navigate to the Move Objects page of the Active Directory Action Module Wizard. In the -OU field, enter or browse to the desired target OU. To create the target OU location, select the -**Create target OU location if it does not already exist** checkbox. - -**Step 5 –** Navigate to the Summary page and click **Finish**. - -The target OU is now set for the action task. - -# AD_DeprovisionGroups_Status Job - -The AD_DeprovisionGroups_Status Job tracks all actions taken by the Deprovisioning workflow. - -## Analysis Task for the AD_DeprovisionGroups_Status Job - -Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > -**AD_Deprovision Groups_Status** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis tasks is -preconfigured for this job. - -![Analysis Task for the AD_DeprovisionGroups_Status Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp) - -The default analysis task is: - -- Track Actions – Creates the AD_DeprovisionGroups_Log and AD_DeprovisionGroups_Notes tables - accessible under the job’s Results node - -In addition to the table created by the analysis task, the AD_DeprovisionGroups_Status Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Deprovisioning | This report tracks actions taken each day of the Stale Group Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on cleanup progress - Table – Provides action details | - -# AD_DeprovisionGroups Job - -The AD_DeprovisionGroups Job provides an automated workflow to deprovision stale groups. This -workflow is completed by the action tasks. - -**Step 1 –** Move stale groups to a staging OU for deletion. - -**Step 2 –** The group is changed to a distribution list. - -**Step 3 –** The assigned manager is alerted by email of the impending deletion. - -**Step 4 –** The group is flagged as **To Be Deleted**. - -**Step 5 –** After a configurable amount of days in the staging OU, the group is deleted from the -staging OU. The default is 365 days. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The AD_DeprovisionGroups page has the following configurable parameters: - -- Days in the Staging OU before deletion - -See the -[Customizable Analysis Parameters for the AD_DeprovisionGroups Job](#customizable-analysis-parameters-for-the-ad_deprovisiongroups-job) -topic for additional information. - -## Analysis Tasks for the AD_DeprovisionGroups Job - -Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > -**AD_Deprovision Groups** > **Configure** node and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the AD_DeprovisionGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp) - -The default analysis tasks are: - -- Identify Stale Groups – Creates the AD_DeprovisionGroups_Details table accessible under the job’s - Results node -- Groups to Delete – Identifies groups in the Stale Groups OU that are ready to be deleted - - - This analysis task contains a configurable parameter: `@days_before_deleting`. See the - [Customizable Analysis Parameters for the AD_DeprovisionGroups Job](#customizable-analysis-parameters-for-the-ad_deprovisiongroups-job) - topic for additional information. - -### Customizable Analysis Parameters for the AD_DeprovisionGroups Job - -Customizable parameters enable you to set the values used to classify user and group objects during -this job’s analysis. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ---------------- | --------------------------- | ------------- | -------------------------------------- | -| Groups to Delete | @days_before_deleting | 365 | Days in the staging OU before deletion | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -## Action Tasks for the AD_DepvisionGroups Job - -Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > -**AD_DeprovisonGroups** > **Configure** node and select **Actions** to view the action tasks. - -**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -![Action Tasks for the AD_DepvisionGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp) - -The action tasks are: - -**CAUTION:** The action tasks must be executed together and in order. - -- Move Groups – Move groups to staging OU - - - The target staging OU must be set in the Move Groups Action Task prior to executing the action - tasks. See the - [Configure the Target OU](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - topic for additional information. - -- Disable Groups – The group is changed to a distribution list -- Notify Manager – Notify assigned manager by email of the impending deletion -- Update Description – The group is changed to a distribution list to prevent its use for - authentication and flagged as **To Be Deleted** -- Delete Groups – After a configurable amount of days in the staging OU, the group is deleted. The - default is 365 days. - -After the `@days_before_deleting` analysis parameter has been configured and the target OU has been -set in the Move Groups Action Task, select the checkboxes next to all of the action tasks and click -**Execute Action** to execute the action tasks. - -# 1.Deprovision Job Group - -The 1. Deprovision Groups Job Group provides a simple, automated workflow to deprovision stale -groups. The action tasks in this job group provide an automated workflow. - -![1.Deprovision Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp) - -The jobs in the 1. Deprovision Groups Job Group are: - -- [AD_DeprovisionGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – This job provides an automated workflow to deprovision stale groups -- [AD_DeprovisionGroups_Status Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – This job tracks and reports on the progress of all actions taken by the included Deprovisioning - workflow - -# 1.Groups Job Group - -The 1.Groups Job Group provides a workflow to safely deprovision groups, as well as the ability to -stamp security groups with what resources they are given access to. - -![1.Groups Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/groupsjobtree.webp) - -The jobs in the 1.Groups Job Group are: - -- [1.Deprovision Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – This job group provides a simple, automated workflow to deprovision stale groups - - - [AD_DeprovisionGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – This job provides a simple automated workflow to deprovision stale groups - - [AD_DeprovisionGroups_Status Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – This job tracks and reports on the progress of the deprovisioning workflow - -- [2.Group Stamping Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – This job group updates the Notes attribute for all security groups to show where the group is - provisioned inside the environment. - - - [AD_GroupCleanup_Permissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – This job reports on where security groups are being used to assign permissions. This can be - used to prioritize remediation for groups that are rarely used. - - [AD_GroupStamping Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – This job replaces the Notes attribute for all security groups to show where the group is - provisioned inside the environment. This overwrites the Notes field with data from Enterprise - Auditor. - -Workflow - -**Step 1 –** Ensure the following prerequisites are met: - -- The .Active Directory Inventory Job Group needs to be successfully run -- For the AD_DeprovisionGroups Job, the target OU needs to be manually set in the Move Groups Action - Task prior to executing the actions. See the - [Action Tasks for the AD_DepvisionGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md#action-tasks-for-the-ad_depvisiongroups-job) - topic for additional information. -- The AD_DeprovisionGroups Job needs to be run prior to running the AD_DeprovisionGroups_Status Job - -**Step 2 –** Schedule the 1.Groups Job Group to run as desired after the prerequisites have been -satisfied. - -**Step 3 –** Review the reports generated by the 1.Groups Job Group. - -# AD_GroupCleanup_Permissions Job - -The AD_GroupCleanup_Permissions Job reports on where security groups are being used to assign -permissions. This can be used to prioritize remediation for groups that are rarely used. - -## Analysis Tasks for the AD_GroupCleanup_Permissions Job - -Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **2. Group Stamping** > -**AD_GroupCleanup_Permissions** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupCleanup_Permissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp) - -The default analysis tasks are: - -- Summarize Group Type/Scope – Creates the SA_AD_GroupCleanup_GroupTypes table accessible under the - job’s Results node -- Direct Permission Details – Creates the SA_AD_GroupCleanup_PermissionsImport table accessible - under the job’s Results node -- Expanded Perms Details – Creates the SA_GroupCleanup_ExpandedPermissions table accessible under - the job’s Results node -- Expanded Perms Summary – Creates the SA_GroupCleanup_ExpandedPermissionsSummary table accessible - under the job’s Results node -- Access Counts by Group – Creates the SA_GroupCleanup_GroupAccessSprawl table accessible under the - job’s Results node -- Permission and Access Counts by Group Scope – Creates the SA_AD_GroupCleanup_PermissionsByScope - table accessible under the job’s Results node -- Permission and Access Counts by Toxic Condition – Creates the - SA_AD_GroupCleanup_PermissionsByCondition table accessible under the job’s Results node -- Permission and Access Counts by Scan Type – Creates the SA_AD_GroupCleanup_ScanOverview table - accessible under the job’s Results node -- Group Summary – Creates the SA_GroupCleanup_GroupSummary table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis tasks, the AD_GroupCleanup_Permissions -Job produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Direct Permission Details | This report shows all direct permissions found by DAG for FileSystem, DAG for SharePoint, or imported into the Access Information Center from other sources. | None | This report is comprised of one element: - Table – Provides group direct permission details | -| Group Permission Summary | This report identifies what types of resources each security group is being used to apply permissions. | None | This report is comprised of four elements: - Table – Provides details on permission scans - Table – Provides details on group access - Table – Provides details on toxic conditions - Table – Provides a group overview | - -# AD_GroupStamping Job - -The AD_GroupStamping Job updates the Notes attribute for all security groups to show where the group -is provisioned inside the environment. This overwrites the notes field with data from Enterprise -Auditor. - -## Analysis Tasks for the AD_GroupStamping Job - -Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **2. Group Stamping -AD_GroupStamping** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupStamping Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp) - -The default analysis tasks are: - -- Identify Stale Groups – Creates the AD_DeprovisionGroups_Details table accessible under the job’s - Results node -- Groups to Delete – Identifies groups in the Stale Groups OU ready to be deleted - -In addition to the tables and views created by the analysis tasks, the AD_GroupStamping Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Stamping | This report tracks all actions taken with the included group stamping workflow. | None | This report is comprised of three elements: - Line Chart – Displays daily actions - Table – Provides details on daily actions - Table – Provides action details | - -## Action Tasks for the AD_GroupStamping Job - -View the action tasks by navigating to the **Active Directory** > **Cleanup** > **1.Groups** > **2. -Group Stamping AD_GroupStamping** > **Configure** node and select **Actions**. - -![Action Tasks for the AD_GroupStamping Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp) - -- Stamp Groups – Update Notes field with Permissions - -Select the checkbox next to The Stamp Groups Action Task and click **Execute Action** to execute the -action task. - -# 2.Group Stamping Job Group - -The 2. Group Stamping Job Group updates the Notes attribute for all security groups to show where -the group is provisioned inside the environment. - -![2.Group Stamping Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp) - -The jobs in the 2. Group Stamping Job Group are: - -- [AD_GroupCleanup_Permissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Reports on where security groups are being used to assign permissions -- [AD_GroupStamping Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Updates the Note attribute for all security groups to show where the group is provisioned inside - of the environment - -# Cleanup Job Group - -The **Active Directory** > **Cleanup** Job Group identifies potential stale and unused users, -computers, and groups as well as issues with group membership. Remediation workflows are included to -deprovision unnecessary objects. - -**CAUTION:** Apply changes only to intended target Active Directory objects, and ensure only the -changes required are enabled. Enabling and executing action modules without consideration can -negatively impact Active Directory. - -**_RECOMMENDED:_** Run the actions in a test environment before making changes to a production -environment. - -![Cleanup Job Group Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The job groups in the Cleanup Job Group are: - -- [1.Groups Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Provides an automated workflow to safely deprovision groups, as well as the ability to stamp - security groups with what resources they are given access to -- [2.Users Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Provides an automated workflow to deprovision stale and unused user accounts -- [3.Computers Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Provides an automated workflow to deprovision stale computer accounts -- [AD_CleanupProgress Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Tracks Active Directory computer, group, and user exceptions over time. This information can be - used to provide a high-level picture of an organization's Active Directory cleanup effort. - -# Recommended Configurations for AD Cleanup Job Group - -The recommended configurations for the Cleanup Job Group are: - -Dependencies - -The Cleanup job group has the following prerequisites: - -- The Active Directory Actions license feature is required -- The Active Directory Actions Module must be installed -- The .Active Directory Inventory Job Group needs to be successfully run prior to running this job - group -- The following job groups from the Activity Directory job group need to be successfully run prior - to running this job group: - - - 1.Groups - - 2.Users - - 3.Computers - -Individual jobs and job groups within the Cleanup Job Group may have their own prerequisites and -dependencies. See the relevant job or job group topic for additional information. - -Target Hosts - -None - -Schedule Frequency - -Most of the jobs in this job group can be scheduled to run as desired. The AD_Cleanup Progress Job -should be scheduled to run every day. - -History Retention - -Not supported - -Multi-console Support - -Not supported - -# AD_DeprovisionUsers_Status Job - -The AD_DeprovisionUsers_Status Job tracks all actions taken by the included deprovisioning workflow. - -## Analysis Tasks for the AD_DeprovisionUsers_Status Job - -Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers_Status** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the AD_DeprovisionUsers_Status Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp) - -The default analysis task is: - -- Track History – Tracks all actions taken. Creates the SA_AD_DeprovisionUsers_Log accessible under - the job’s Results node. - -In addition to the tables and views created by the analysis task, the AD_DeprovisionUsers_Status Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| User Deprovisioning | This report tracks actions taken each day of the Stale User Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on user deprovisioning - Table – Provides action details | - -# AD_DeprovisionUsers Job - -The AD_DeprovisionUsers Job provides an automated workflow deprovision stale and unused user -accounts. - -**Step 1 –** Move stale users to a staging OU for deletion. - -**Step 2 –** The assigned manager is alerted by email of the impending deletion. - -**Step 3 –** User accounts are disabled. - -**Step 4 –** Users are flagged as **To Be Deleted**. - -**Step 5 –** Delete users from the staging OU. - -**Step 6 –** Remove stale users from all groups. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The AD_DeprovisionUsers page has the following configurable parameters: - -- Days in the Stale Users OU before being deleted - -See the -[Customizable Analysis Parameters for the AD_DeprovisionUsers Job](#customizable-analysis-parameters-for-the-ad_deprovisionusers-job) -topic for additional information. - -## Analysis Tasks for the AD_DeprovisionUsers Job - -Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers** > -**Configure** node and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the AD_DeprovisionUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp) - -The default analysis tasks are: - -- Identify Users to be Deleted – Imports data from stale users -- User Accounts to Delete – Identifies accounts in the Stale Accounts OU that are ready to be - deleted - - - This analysis task contains a configurable parameter: `@days_before_deleting`. See the - [Customizable Analysis Parameters for the AD_DeprovisionUsers Job](#customizable-analysis-parameters-for-the-ad_deprovisionusers-job) - topic for additional information. - -- Identify Group Membership – Identifies stale user membership to remove - -### Customizable Analysis Parameters for the AD_DeprovisionUsers Job - -Customizable parameters enable you to set the values used to classify user and group objects during -this job’s analysis. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ----------------------- | --------------------------- | ------------- | ----------------------------------------------- | -| User Accounts to Delete | @days_before_deleting | 365 | Days in the Stale Users OU before being deleted | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -## Action Tasks for the AD_DeprovisionUsers Job - -Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers** > -**Configure** node and select **Actions** to view the actions. - -**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -![Action Tasks for the AD_DeprovisionUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp) - -The action tasks are: - -**CAUTION:** The action tasks must be executed together and in order. - -- Move Users – Move users to staging OU for deletion - - - The target OU must be set in the Move Users Action Task prior to executing the action tasks. - See the - [Configure the Target OU](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - topic for additional information. - -- Notify Manager – Notify assigned manager by email of the impending deletion -- Disable Users – Disable user accounts -- Update Description – Flag users as **To Be Deleted** -- Delete Users – Delete users from staging OU -- Remove Membership – Remove stale users from all groups - -After the `@days_before_deleting` analysis parameter has been configured and the target OU has been -set in the Move Users Action Task, select the checkboxes next to all of the action tasks and click -**Execute Action** to execute the action tasks. - -# 2.Users Job Group - -The 2.Users Job Group provides a workflow to deprovision stale and unused user accounts. - -![2.Users Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/usersjobtree.webp) - -The jobs in the 2.Users Job Group are: - -- [AD_DeprovisionUsers Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Provides a simple and automated workflow to deprovisions stale and unused user accounts -- [AD_DeprovisionUsers_Status Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Tracks and reports all actions taken by the included Deprovisioning workflow - -Workflow - -**Step 1 –** Ensure the following prerequisites are met: - -- The .Active Directory Inventory Job Group needs to be successfully run -- For the AD_DeprovisionUsers Job, the target OU needs to be manually set in the Move Users Action - Task prior to executing the actions. See the - [Action Tasks for the AD_DeprovisionUsers Job](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md#action-tasks-for-the-ad_deprovisionusers-job) - topic for additional information. -- The AD_DeprovisionUsers Job needs to be run prior to running the AD_DeprovisionUsers_Status Job - -**Step 2 –** Schedule the 2.Users Job Group to run as desired after the prerequisites have been -satisfied. - -**Step 3 –** Review the reports generated by the 2.Users Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md b/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md deleted file mode 100644 index 30b3fbbf42..0000000000 --- a/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md +++ /dev/null @@ -1,2170 +0,0 @@ -# AD_ComputerDelegation Job - -The AD_ComputerDelegation Job provides details on computer accounts that have been enabled for -unconstrained delegation. Once this configuration is enabled for a computer, any time an account -connects to the computer for any reason, their ticket-granting ticket (TGT) is stored in memory so -it can be used later by the computer for impersonation, which exposes a significant security risk in -cases where privileged accounts access the computer.  See the -[What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix -blog article for more information about this configuration and the related security risks. - -## Analysis Task for the AD_ComputerDelegation Job - -Navigate to the **Active Directory** > **3.Computers** > **AD_ComputerDelegation** > Configure node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the analysis task. The analysis task is preconfigured for -this job. - -![Analysis Task for the AD_ComputerDelegation Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/computers/computerdelegationanalysis.webp) - -The default analysis tasks are: - -- Determine computers trusted for delegation – Creates the SA_AD_ComputerDelegation_Details table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the AD_ComputerDelegation Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Computers Trusted for Delegation | This report highlights which computers are trusted for delegation, which accounts are sensitive, and whether the delegation is constrained or unconstrained. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays computers trusted for delegation by domain - Table – Provides details on computers trusted for delegation - Table – Provides details on computers trusted for delegation by domain | - -# AD_StaleComputers Job - -The AD_StaleComputers Job provides details on stale computers that may be candidates for cleanup. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The AD_StaleComputers Job has the following configurable parameters: - -- Days since Last Logon -- Consider disabled accounts as stale - -See the -[Customizable Analysis Parameters for the AD_StaleComputers Job](#customizable-analysis-parameters-for-the-ad_stalecomputers-job) -topic for additional information. - -## Analysis Tasks for the AD_StaleComputers Job - -Navigate to the **Active Directory** > **3.Computers** > **AD_StaleComputers** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the **2. Summarize by Domain** analysis task. This analysis -task is preconfigured for this job. - -![Analysis Tasks for the AD_StaleComputers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/computers/stalecomputersanalysis.webp) - -The default analysis tasks are: - -- 1. Identify Stale Computers - - - Identifies computer objects that are disabled or have exceeded the defined threshold of - inactivity - - Creates the SA_AD_StaleComputers_Details table accessible under the job’s Results node - - Definition of a stale computer can be customized - -- 2. Summarize by Domain – Creates the SA_AD_StaleComputers_DomainSummay table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_StaleComputers Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Stale Computers | This report presents potentially stale computers. Computers are considered stale if they have never logged onto the domain, have not logged onto the domain in the past 90 days, or are disabled. **NOTE:** The definition of a stale computer is customizable. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays stale computers by domain - Table – Provides details on computers - Table – Provides summary of stale computers | - -### Customizable Analysis Parameters for the AD_StaleComputers Job - -Analysis parameters that can be customized have the following default values: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| --------------------------- | --------------------------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| 1. Identify Stale Computers | @days_since_last_logon | 90 | A computer object that has been inactive for 90 days or more | -| 1. Identify Stale Computers | @consider_disable | 1 | A computer object that has been disabled: - Value 1 = Disabled computers are included as stale - Value 0 = Disabled computers are not included as stale | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -# 3.Computers Job Group - -The 3.Computers Job Group help to pinpoint potential areas of administrative concern related to -computer accounts, including stale computers and computers that have been trusted for delegation. - -![3.Computers Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following jobs comprise the 3.Computers Job Group: - -- [AD_ComputerDelegation Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Provides details on computer accounts that have been trusted for delegation. Once this - configuration is enabled for a computer, any time an account connects to the computer for any - reason, their ticket-granting ticket (TGT) is stored in memory so it can be used later by the - computer for impersonation, which exposes a significant security risk in cases where privileged - accounts access the computer.  See the - [What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix - blog article for more information about this configuration and the related security risks. -- [AD_StaleComputers Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Provides details on stale computers that may be candidates for cleanup - -# AD_DCSummary Job - -The AD_DCSummary Job provides operational reporting related to the details collected for each domain -controller. For each domain controller, the report identifies the FSMO role, whether it is a -bridgehead server, whether it is a global catalog, and the time server it syncs to. - -## Analysis Task for the AD_DCSummary Job - -Navigate to the **Active Directory > 5.Domains > AD_DCSummary > Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/dcsummaryanalysis.webp) - -The default analysis tasks are: - -- 1. List DCs - - Creates the AD_DCSummary_List table accessible under the job’s Results node - - Creates an interim processing table in the database for use by downstream analysis and report - generation - -In addition to the tables and views created by the analysis task, the AD_DCSummary Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain Controllers Overview | This report identifies domain controllers' roles and attributes within each domain. | None | This report is comprised of two elements: - Bar Chart – Displays domain controllers by domain - Table – Provides details on domain controllers by domain | - -# AD_DomainInfo Job - -The AD_DomainInfo Job provides operational reporting related to the collected domains, sites, and -trusts, providing details such as high level object counts by domain or site, domain and forest -functional levels, and types and directions of trusts. - -## Queries for the AD_DomainInfo Job - -The AD_DomainInfo Job uses the ActiveDirectory Data Collector and the LDAP Data Collector for the -following queries: - -**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/domaininfoquery.webp) - -The queries for this job are: - -- Trusts – Targets one domain controller per forest to retrieve domain trust information -- Sites – Targets one domain controller per forest to retrieve domain site information -- Domains – Targets one domain controller per forest to retrieve domain information -- Trust Filtering – Queries the host specified to retrieve domain trust information -- dSHeuristics – Returns dSHeuristics Unicode string using LDAP - -**NOTE:** See the Active Directory Data Collector and LDAP Data Collector sections for additional -information - -## Analysis Tasks for the AD_DomainInfo Job - -Navigate to the **Active Directory > 5.Domains > AD_DomainInfo > Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/domaininfoanalysis.webp) - -The default analysis tasks are: - -- Domain Summary – Creates interim processing tables in the database for use by downstream analysis - and report generation -- Site Summary – Creates an interim processing table in the database for use by downstream analysis - and report generation -- Trust Details – Creates an interim processing table in the database for use by downstream analysis - and report generation -- dSHeuristics Details – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_DomainInfo Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------- | ----------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | -| Domains | This report lists the forest sites and presents the total number of domain controllers, GC Servers, and users per site. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays domains - Table – Provides details on domains | -| Sites | This report lists the sites and counts the domain controllers, global catalogue servers, and users of each. | None | This report is comprised of two elements: - Bar Chart – Displays sites by user count - Table – Provides details on sites by user count | -| Trusts | This report lists the domains and presents the trust information, including type, direction, and transitivity. | None | This report is comprised of one elements: - Table – Provides details on domains and trusts | - -# AD_DSRMSettings Job - -The AD_DRSMSettings Job provides details on domain controller registry settings for the -DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account can be used to log -in to the domain controller even if it has not been started in DSRM which can present a potential -security vulnerability. Additional information on this registry key is available in this -[Microsoft Document](). - -## Analysis Tasks for the AD_DSRMSettings Job - -Navigate to the **Active Directory > 5.Domains > AD_DSRMSettings > Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![dsrmsettingsanalysis](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/dsrmsettingsanalysis.webp) - -The default analysis tasks are: - -- Change tracking – Creates the SA_AD_DSRMSettings_ChangeTracking table accessible under the job’s - Results node -- Details – Creates the SA_AD_DSRMSettings_Details table accessible under the job’s Results node -- Summary – Creates the SA_AD_DSRMSettings_Summary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_DSRMSettings Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| DSRM Admin Security | This report highlights domain controller registry settings for the DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin account can be used to log in to the domain controller even if it has not been started in DSRM. This is a potential vulnerability. See the Microsoft [Restartable AD DS Step-by-Step Guide]() for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays DSRM admin logon  by domain controller - Table – Provides details on domain controllers | - -# AD_DomainControllers Job - -The 0.Collection > AD_DomainControllers Job collects domain controller details which will be further -analyzed in order to provide information on domains, sites, and trusts. - -## Queries for the AD_DomainControllers Job - -The AD_DomainControllers Job uses the LDAP Data Collector and the ActiveDirectory Data Collector for -the following queries: - -**CAUTION:** Except the first query, do not modify the remaining queries. The remaining queries are -preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/domaincontrollersquery.webp) - -The queries for this job are: - -- Domain Controller Listing – Targets one domain controller per domain known to Enterprise Auditor - to collect a listing of all domain controllers - - Can be modified to connect securely with TLS/SSL. - - See the [Connect Securely with TLS/SSL](#connect-securely-with-tlsssl) topic for additional - information. -- Actual Bridgehead Servers – Targets one domain controller per domain known to Enterprise Auditor - to collect all of the bridgehead servers for each site -- Global Catalog Servers – Targets one domain controller per domain known to Enterprise Auditor to - extract a list of GCs for each site -- Significant DCs – Targets one domain controller per domain known to Enterprise Auditor to gather - information about the significant DCs -- Preferred Bridgehead Servers – Targets one domain controller per domain known to Enterprise - Auditor to list the preferred bridgehead servers for each site - - **NOTE:** See the Active Directory Data Collector and LDAP Data Collector sections for - additional information. - -### Connect Securely with TLS/SSL - -The Domain Controller Listing Query in the AD_DomainControllers Job is configured to use the LDAP -Data Collector. This query can be optionally configured to connect securely with TLS/SSL. - -**CAUTION:** Do not modify any other settings in this query. - -**Step 1 –** Navigate to the job’s > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the _Domain Controller Listing_ Query and click -**Query Properties**. The Query Properties window displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The LDAP template form wizard -opens. - -![LDAP template form](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplate.webp) - -**Step 4 –** Click **Options**. - -![Connection Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp) - -**Step 5 –** On the Options page, select **Connect Securely with TLS/SSL**. Optionally, select -**Ignore Certificate Errors** to connect even if certificate errors occur. Use **Server Port** 686 -for a secure connection. Click **OK** to close the Options page. - -**Step 6 –** Step 13 – Then click **OK** to close the LDAP template form wizard. - -The job now connects securely with TLS/SSL. - -# AD_DSRM Job - -The **0.Collection > AD_DSRM** Job collects data related to domain controller registry settings for -the DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account can be used to -log in to the domain controller even if it has not been started in DSRM which can present a -potential security vulnerability. Additional information on this registry key is available in this -[Microsoft Document](). - -## Query for the AD_DSRM Job - -The AD_TimeSync Job uses the Registry Data Collector for the following query: - -**CAUTION:** Do not modify this query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/dsrmquery.webp) - -The queries for this job are: - -- Check LSA registry keys – Targets all domain controllers check LSA registry keys - - See the - [Registry Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/registry.md) - topic for additional information. - -# AD_TimeSync Job - -The 0.**Collection > AD_TimeSync** Job collects TimeSync information from the registry for each -domain controller within the domain. - -## Query for the AD_TimeSync Job - -The AD_TimeSync Job uses the Registry Data Collector for the following query: - -**CAUTION:** Do not modify this query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/timesyncquery.webp) - -The queries for this job are: - -- Timesync Info – Targets one domain controller per domain known to Enterprise Auditor to determine - TimeSync information from the registry - - See the - [Registry Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/registry.md) - topic for additional information. - -# 0.Collection Job Group - -The **5.Domains > 0.Collection** Job Group collects the data which will be further analyzed in order -to provide details on domains, sites, and trusts. - -![0.Collection Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The 0.Collection Job Group is comprised of: - -- [AD_DomainControllers Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Collects domain controller details which will be further analyzed in order to provide - information on domains, sites, and trusts. -- [AD_DSRM Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Collects data related to domain controller registry settings for the DSRMAdminLogonBehavior key. - If this key is set to 1 or 2, the DSRM Admin Account can be used to log in to the domain - controller even if it has not been started in DSRM which can present a potential security - vulnerability. Additional information on this registry key is available in this - [Microsoft Document](). -- [AD_TimeSync Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Collects TimeSync information from the registry for each domain controller within the domain - -# 5.Domains Job Group - -The 5.Domains Job Group provides details on domains, sites, and trusts, and highlight domain level -configurations that may leave your environment at risk. - -![Domains Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following components comprises the 5.Domains Job Group: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Collects the data which will be further analyzed in order to provide details on domains, sites, - and trusts. -- [AD_DCSummary Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Provides operational reporting related to the details collected for each domain controller. For - each domain controller, the report identifies the FSMO role, whether it is a bridgehead server, - whether it is a global catalog, and the time server it syncs to. -- [AD_DomainInfo Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Provides operational reporting related to the collected domains, sites, and trusts, providing - details such as high level object counts by domain or site, domain and forest functional levels, - and types and directions of trusts -- [AD_DSRMSettings Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Provides details on domain controller registry settings for the DSRMAdminLogonBehavior key. If - this key is set to 1 or 2, the DSRM Admin Account can be used to log in to the domain controller - even if it has not been started in DSRM which can present a potential security vulnerability. - Additional information on this registry key is available in this - [Microsoft Document](). - -# AD_CPassword Job - -The AD_CPassword Job identifies passwords that are stored in Group Policy Preferences which present -a security risk allowing attackers access to these passwords. Microsoft published the AES private -key, which can be used to decrypt passwords stored in Group Policy Preferences. See the Microsoft -[2.2.1.1.4 Password Encryption](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-gppref/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be) -article for additional information. Since Authenticated Users have read access to SYSVOL, any -malicious insider or attacker can search for the cPassword file inside XML files shared through -SYSVOL to decrypt them. GPOs can be stored in the `%ProgramData%\Microsoft\Group Policy\History` -folder on each machine, meaning any results found by this job should be deleted off every computer -once this policy has been removed. - -## Query for the AD_CPassword Job - -The AD_CPassword Job uses the PowerShell Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job - -![Query for the AD_CPassword Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/cpasswordquery.webp) - -The queries for this job are: - -- Sysvol – Targets one domain controller per domain known to Enterprise Auditor to determine - CPassword security - - - See the - [PowerShell Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) - topic for additional information. - -In addition to the tables created by the data collector, the AD_CPassword Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------- | -| Potential Plaintext Passwords | This report highlights domain contollers where this vulnerability exists, and provides the path of the XML file in question. | None | This report is comprised of one elements: - Table – Provides details on potential plaintext passwords | - -# AD_GroupPolicy Job - -The AD_GroupPolicy Job audits all Group Policies that are present on the Domain Controller, and -provides details on the containers they are linked to, and the settings that are configured. - -## Queries for the AD_GroupPolicy Job - -The AD_GroupPolicy Job uses the GroupPolicy Data Collector for the following query: - -**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. - -![Queries for the AD_GroupPolicy Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyquery.webp) - -The queries for this job are: - -- Link Status – Targets the default domain controller known to Enterprise Auditor to retrieve a - GPO's list for the domain -- Settings – Targets the default domain controller known to Enterprise Auditor to return the state - for domain policies for all GPOs. See the - [GroupPolicy Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/grouppolicy/overview.md) - topic for additional information. - -## Analysis Tasks for the AD_GroupPolicy Job - -Navigate to the **Active Directory** > **4.GroupPolicy** > **AD_GroupPolicy** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupPolicy Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp) - -The default analysis tasks are: - -- 1. Group Policy Analysis – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 2. Combined User and Computer Settings – Creates the SA_AD_GroupPolicy_SettingList table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_GroupPolicy Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------ | -------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| GPO Details | This report lists all Group Policies and their settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPO count by domain - Table – Provides details on policies by domain - Table – Provides details on GPO count by domain - Table – Provides details on settings | -| GPO Overview | This report lists all Group Policies and their settings. | None | This report is comprised of three elements: - Bar Chart – Displays GPO configuration by domain - Table – Provides details on GPOs - Table – Provides details on GPO configuration by domain | - -# AD_OverlappingGPOs Job - -The AD_OverlappingGPOs Job identifies conflicting and redundant GPO settings based on link location. -These GPO settings should be cleaned up or consolidated. - -## Analysis Tasks for the AD_OverlappingGPOs Job - -Navigate to the **Active Directory** > **4. Group Policy** > **AD_OverlappingGPOs** > **Configure** -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected first analysis task. The first analysis task is -preconfigured for this job. - -![Analysis Tasks for the AD_OverlappingGPOs Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp) - -The default analysis tasks are: - -- Conflicting – Creates the SA_AD_OverlappingGPOs_Conflicts table accessible under the job’s Results - node - -The following analysis tasks are deselected by default: - -**NOTE:** Deselect the **Conflicting** analysis task before selecting the analysis tasks below. - -- Redundant – Restores the SA_AD_OverlappingGPOs_Redundant table to be visible under the job’s - Results node -- Redundant GPOs by OU – Restores the SA_AD_OverlappingGPOs_RedundantGPOsbyOU table to be visible - under the job’s Results node -- Redundant GPOs – Restores the SA_AD_OverlappingGPOs_RedundantGPOs table to be visible under the - job’s Results node -- Conflicts by OU – Restores the SA_AD_OverlappingGPOs_ConflictsByOU table to be visible under the - job’s Results node -- Conflicts by GPO – Restores the SA_AD_OverlappingGPOs_ConflictsByGPO table to be visible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_OverlappingGPOs Job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Conflicting GPOs | This report lists group policy objects that apply conflicting settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPOs by conflicts - Table – Provides details on GPOs by conflicts - Table – Provides details on GPOs Details - Table – Provides details on OUs with conflicting GPOs | -| Redundant GPOs | This report lists group policy objects that apply redundant settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPOs by redundant children - Table – Provides details on GPOs by redundant children - Table – Provides details on overlapping GPOs - Table – Provides details on OUs with most redundancies | - -# AD_PasswordPolicies Job - -The AD_PasswordPolicies Job identifies fine-grained domain password policies that are stored within -the Password Settings Container. Fine-Grained password policies allow AD administrators to apply -different password policies within a single domain. - -## Query for the AD_PasswordPolicies Job - -The AD_PasswordPolicies Job uses the LDAP Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_PasswordPolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp) - -The query for this job is: - -- Fine-grained Policies – Targets one domain controller per domain known to Enterprise Auditor to - return fine-grained password policies - - - See the - [LDAP Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/ldap.md) - topic for additional information - -## Analysis Task for the AD_PasswordPolicies Job - -Navigate to the **Active Directory** > **4.GroupPolicy** > **AD_PasswordPolicies** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the AD_PasswordPolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp) - -The default analysis tasks are: - -- Determine fine-grained password policy details – Creates the SA_AD_PasswordPolicies_Details table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the AD_UserDelegation Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------- | -| Fine-Grained Password Policies | This report highlights fine-grained password policies on all targeted domain controllers. | None | This report is comprised of one element: - Table – Provides details on fine-grained password policy details | - -# 4.Group Policy Job Group - -The 4.Group Policy Job Group audits GPOs and their settings, and provides in depth analysis of -conditions such as where GPOs have been linked, misconfigurations that can cause security or -operational issues, and redundant GPOs that can be consolidated. - -![4.Group Policy Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following components comprise the 4.Group Policy Job Group: - -- [AD_CPassword Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies passwords that are stored in Group Policy Preferences which present a security risk - allowing attackers access to these passwords. Microsoft published the AES private key, which can - be used to decrypt passwords stored in Group Policy Preferences. See the Microsoft - [2.2.1.1.4 Password Encryption](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-gppref/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be) - article for additional information. Since Authenticated Users have read access to SYSVOL, any - malicious insider or attacker can search for the cPassword file inside XML files shared through - SYSVOL to decrypt them. GPOs can be stored in the `%ProgramData%\Microsoft\Group Policy\History` - folder on each machine, meaning any results found by this job should be deleted off every computer - once this policy has been removed. -- [AD_GroupPolicy Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Audits all Group Policies that are present on the Domain Controller, and provides details on the - containers they are linked to and the settings that are configured -- [AD_OverlappingGPOs Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies conflicting and redundant GPO settings based on link location. These GPO settings - should be cleaned up or consolidated. -- [AD_PasswordPolicies Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies fine-grained domain password policies that are stored within the Password Settings - Container. Fine-Grained password policies allow AD administrators to apply different password - policies within a single domain. - -# AD_CircularNesting Job - -The AD_CircularNesting Job identifies circularly nested groups within Active Directory which can -pose administrative and operational challenges with identifying effective access to resources. - -## Analysis Tasks for the AD_CircularNesting Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_CircularNesting** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_CircularNesting Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp) - -The default analysis tasks are : - -- Circular Nesting Details – Creates the SA_AD_CircularNesting_Details table accessible under the - job’s Results node -- Domain Summary – Creates the SA_AD_CircularNesting_DomainSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_CircularNesting Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ---------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Circular Nesting | This report identifies instances of circular nesting within the environment. | None | This report is comprised of three elements: - Bar Chart – Displays circular nesting by domain - Table – Provides details on circular nesting - Table – Provides details on circular nesting by domain | - -# AD_DCLogonGroups Job - -The AD_DCLogonGroups Job identifies users who are able to log on to Domain Controllers through -effective membership to the Enterprise Admins, Domain Admins, Administrators, Backup Operators, -Account Operators, Print Operators, or Remote Desktop Users groups. This type of access should be -limited to only those individuals who require this level of administrative privileges. - -## Analysis Tasks for the AD_DCLogonGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_DCLogonGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DCLogonGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/dclogongroupsanalysis.webp) - -The default analysis tasks are: - -- Circular Effective Membership – Creates the SA_AD_DCLogonGroups_Membership table accessible under - the job’s Results node -- User Listing – Creates the SA_AD_DCLogonGroups_UserList table accessible under the job’s Results - node -- Membership Summary – Creates the SA_AD_DCLogonGroups_Summary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_CircularNesting Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | --------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain Controller Logon Rights | This report displays effective membership for groups with logon rights to domain controllers. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays largest groups - Table – Provides details on membership - Table – Provides summary of membership | - -# AD_DuplicateGroups Job - -The AD_Duplicate Job identifies duplicate groups within Active Directory. Duplicate groups contain -the same group membership as one another and are suitable candidates for cleanup. - -## Analysis Task for the AD_DuplicateGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_DuplicateGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AD_DuplicateGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/duplicategroupsanalysis.webp) - -The default analysis tasks are: - -- Identify Duplicate Groups – Creates the SA_AD_DuplicateGroups_Details table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis task, the AD_DuplicateGroups Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Duplicate Groups | This report identifies duplicate groups within the audited domains. | None | This report is comprised of three elements: - Bar Chart – Displays domains by number of groups with duplicates - Table – Provides details on duplicate groups - Table – Provides details on domains by number of groups with duplicates | - -# AD_EmptyGroups Job - -The AD_EmptyGroups Job identifies empty and single member groups which are suitable candidates for -consolidation or cleanup. - -## Analysis Tasks for the AD_EmptyGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_EmptyGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_EmptyGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) - -The default analysis tasks are: - -- Empty Groups – Creates the SA_AD_EmptyGroups_Empty table accessible under the job’s Results node -- Single User Groups – Creates the SA_AD_EmptyGroups_SingleUser table accessible under the job’s - Results node -- Summarize Empty Groups – Creates the SA_AD_EmptyGroups_EmptySummary table accessible under the - job’s Results node -- Summarize Single User Groups – Creates the SA_AD_EmptyGroups_SingleUserSummary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_EmptyGroups Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | --------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Empty Groups | This report identifies all groups without any members. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by empty group counts - Table – Provides details on empty groups - Table – Provides details on empty groups by domain | -| Single User Groups | This report identifies groups which only contain a single user. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by single user groups - Table – Provides details on groups - Table – Provides details on single user groups by domain | - -# AD_GroupProbableOwners Job - -The AD_GroupProbableOwners Job determines potential owners for Active Directory Groups which can be -used to perform automated membership reviews and enable self-service group management and membership -requests. - -## Analysis Tasks for the AD_GroupProbableOwners Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_GroupProbableOwners** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupProbableOwners Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/groupprobableownersanalysis.webp) - -The default analysis tasks are: - -- Determine Ownership – Creates the SA_AD_GroupProbableOwner_Owners table accessible under the job’s - Results node -- Domain Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_GroupProbableOwner Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ----------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Probable Owners | This report identifies the most probable manager or department, based on effective member attributes. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top domains by blank manager field - Table – Provides details on probable ownership - Table – Provides summary of managers | - -# AD_LargestGroups Job - -The AD_LargestGroups Job identifies groups with large effective member counts. These types of groups -may cause administrative overhead and burden in being able to easily understand who is getting -access to resources, or how much access is being granted to resources through these groups. - -## Analysis Task for the AD_LargestGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_LargestGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AD_LargestGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp) - -The default analysis tasks are: - -- Group Details – Creates the SA_AD_LargestGroups_Details table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis task, the AD_LargestGroups Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------- | -| Largest Groups | This report identifies the largest groups within the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays largest groups - Table – Provides details on groups | - -# AD_MailSecurityGroups Job - -The AD_MailSecurityGroups Job identifies mail-enabled security groups within Active Directory. - -## Analysis Tasks for the AD_MailSecurityGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_MailSecurityGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_MailSecurityGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp) - -The default analysis tasks are: - -- Calculate Effective Membership – Creates the SA_AD_MailSecurityGroups_Membership table accessible - under the job’s Results node -- Mail Enabled Domain Summary – Creates the SA_AD_MailSecurityGroups_DomainSummary table accessible - under the job’s Results node -- Membership Summary – Creates the SA_AD_MailSecurityGroups_Summary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_MailSecurityGroups Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Mail Enabled Security Groups | This report displays summary data for mail enabled security groups. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays mail enabled security groups per domain - Table – Provides summary of mail enabled security groups - Table – Provides summary of mail enabled security groups by domain | - -# AD_NestedGroups Job - -The AD_NestedGroups Job identifies nested groups within Active Directory and provides details such -as the levels of nesting. While Active Directory provides the ability to nest certain types of -groups within other groups, Microsoft recommends nesting does not go beyond two levels in order to -avoid difficulties in understanding effective membership and access. - -## Analysis Tasks for the AD_NestedGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_NestedGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_NestedGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp) - -The default analysis tasks are: - -- Details – Creates the SA_AD_NestedGroups_Details table accessible under the job’s Results node -- Summarize by Domain – Creates the SA_AD_NestedGroups_DomainSummary table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_NestedGroups Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Nested Groups | This report identifies the groups with the largest amount of nested groups, and how many levels of nesting there are. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by nesting - Table – Provides details on nested groups - Table – Provides details on top groups by nesting | - -# AD_SensitiveSecurityGroups Job - -The AD_SensitiveSecurityGroups Job identifies users who are granted administrative access within -Active Directory through membership to the Enterprise Admins, Domain Admins, Schema Admins, DNS -Admins, or Administrators groups. This level of access should be limited to only those individuals -who require this level of administrative privileges. - -## Analysis Tasks for the AD_SensitiveSecurityGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_SensitiveSecurityGroups** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_SensitiveSecurityGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp) - -The default analysis tasks are: - -- Calculate Effective Membership – Creates the SA_AD_SensitiveSecurityGroups_Membership table - accessible under the job’s Results node -- User Listing – Creates the SA_AD_SensitiveSecurityGroups_UserList table accessible under the job’s - Results node -- Membership Summary – Creates the SA_AD_SensitiveSecurityGroups_Summary table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_SensitiveSecurityGroups -Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------- | ------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Security Group Membership | This report displays effective membership for sensitive security groups. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays largest groups - Table – Provides details on membership - Table – Provides summary of group membership | - -# AD_StaleGroups Job - -The AD_StaleGroups Job identifies groups that contain potentially stale users. Users are considered -stale if they have never logged onto the domain, have not logged onto the domain in the past 60 -days, or are disabled. These group memberships should be reviewed and possibly removed. - -## Analysis Tasks for the AD_StaleGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_StaleGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_StaleGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) - -The default analysis tasks are: - -- Stale Group Details – Creates the SA_AD_StaleGroups_Details table accessible under the job’s - Results node -- Stale Groups Summary – Creates the SA_AD_StaleGroups_GroupSummary table accessible under the job’s - Results node -- Stale Groups Org Summary – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_StaleGroups Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Effective Membership (A.K.A. Stale Groups) | This report identifies groups with stale effective membership. A stale user is defined as someone who has not logged into the domain in over 60 days, is expired, or currently disabled. | None | This report is comprised of three elements: - Bar Chart – Displays group membership - Table – Provides details on membership - Table – Provides details on group membership | - -# 1.Groups Job Group - -The 1.Groups Job Group identifies effective group membership and pinpoints potential areas of -administrative concern such as nested or stale groups. - -![1.Groups Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following jobs comprise the 1.Groups Job Group: - -- [AD_CircularNesting Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies circularly nested groups within Active Directory which can pose administrative and - operational challenges with identifying effective access to resources -- [AD_DCLogonGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies users who are able to log on to Domain Controllers through effective membership to - the Enterprise Admins, Domain Admins, Administrators, Backup Operators, Account Operators, Print - Operators, or Remote Desktop Users groups. This type of access should be limited to only those - individuals who require this level of administrative privileges. -- [AD_DuplicateGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies duplicate groups within Active Directory. Duplicate groups contain the same group - membership as one another and are suitable candidates for cleanup. -- [AD_EmptyGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies empty and single member groups which are suitable candidates for consolidation or - cleanup -- [AD_GroupProbableOwners Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Determines potential owners for Active Directory Groups which can be used to perform automated - membership reviews and enable self-service group management and membership requests -- [AD_LargestGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies groups with large effective member counts. These types of groups may cause - administrative overhead and burden in being able to easily understand who is getting access to - resources, or how much access is being granted to resources through these groups. - - - The definition of a large group is set by the **.Active Directory Inventory** > - **3-AD_Exceptions** Job. It can be customized. See the - [3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - topic for additional information. - -- [AD_MailSecurityGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies mail-enabled security groups within Active Directory -- [AD_NestedGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies nested groups within Active Directory and provides details such as the levels of - nesting. While Active Directory provides the ability to nest certain types of groups within other - groups, Microsoft recommends nesting does not go beyond two levels in order to avoid difficulties - in understanding effective membership and access. - - - The definition of a deeply nested group is set by the **.Active Directory Inventory** > - **3-AD_Exceptions** Job. It can be customized. See the - [3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - topic for additional information. - -- [AD_SensitiveSecurityGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies users who are granted administrative access within Active Directory through - membership to the Enterprise Admins, Domain Admins, Schema Admins, DNS Admins, or Administrators - groups. This level of access should be limited to only those individuals who require this level of - administrative privileges. -- [AD_StaleGroups Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies groups that contain potentially stale users. Users are considered stale if they have - never logged onto the domain, have not logged onto the domain in the past 60 days, or are - disabled. These group memberships should be reviewed and possibly removed. - - - The definition of a stale user” is set by the **.Active Directory Inventory** > - **3-AD_Exceptions** Job. It can be customized. See the - [3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - topic for additional information. - -# Active Directory Solution - -The Active Directory Solution is a comprehensive set of audit jobs and reports that provide the -information administrators need for Active Directory configuration, operational management, -troubleshooting, analyzing effective permissions, and tracking who is making what changes within an -organization. - -Supported Platforms - -- Windows Server 2016 and later -- Windows 2003 Forest level or higher - -**NOTE:** See the Microsoft -[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) -article for additional information. - -Requirements, Permissions, and Ports - -See the -[Active Directory Domain Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md) -topic for additional information. - -Location - -The Active Directory Solution requires a special Enterprise Auditor license. It can be installed -from the Enterprise Auditor Instant Job Wizard. Once installed into the Jobs tree, navigate to the -solution: **Jobs** > **Active Directory**. - -![Active Directory Solution](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/solutionoverview.webp) - -Each job group works independently from the other job groups. Some job groups run analysis tasks -against the analyzed data collected by the .Active Directory Inventory Solution to generate reports, -e.g. 1.Groups Job Group. Other job groups run both data collection and analysis to generate reports. -The AD_SecurityAssessment Job summarizes security related results from both the Active Directory -Solution and the Active Directory Permissions Analyzer Solution. - -**NOTE:** The Cleanup Job Group requires additional licenses to function. See the -[Active Directory Job Groups](#active-directory-job-groups) topic for additional information. - -See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -## Active Directory Job Groups - -The Active Directory solution is a comprehensive set of audit jobs and reports that provide the -information every administrator needs for Active Directory configuration, operational management, -troubleshooting, analyzing effective permissions, and tracking who is making what changes within an -organization. - -![Active Directory Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/adsolutionjobgroup.webp) - -The following job groups comprise the Active Directory Solution: - -- [1.Groups Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies effective group membership and pinpoints potential areas of administrative concern - such as nested or stale groups -- [2.Users Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies user conditions and pinpoint potential areas of administrative concern such as weak - passwords, user token size, or stale users -- [3.Computers Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Pinpoints potential areas of administrative concern related to computer accounts, including - stale computers and computers that have been trusted for delegation -- [4.Group Policy Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Audits GPOs and their settings, and provides in depth analysis of conditions such as where GPOs - have been linked, misconfigurations that can cause security or operational issues, and redundant - GPOs that can be consolidated -- [5.Domains Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Provides details on domains, sites, and trusts, and highlight domain level configurations that - may leave your environment at risk -- [6.Activity Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/activity-monitoring.md) - – Provides insights into access sprawl, privileged account usage, and operational health of the - Active Directory environment. Information collected includes Active Directory Changes, - Authentication, LDAP Traffic, Replication Traffic, and LSASS.EXE process injection on domain - controllers - - - Requires the Active Directory Activity license feature to function - -- [Cleanup Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/cleanup-operations.md) - – Identifies potential stale and unused users, computers, and groups as well as issues with group - membership. Remediation workflows are included to de-provision unnecessary objects to help - increase security and reduce complexity. - - - Requires the Active Directory Actions license feature to function. - - Requires the Active Directory Actions Module to be installed - -- [AD Security Assessment Job](/docs/accessanalyzer/11.6/solutions/active-directory/security-assessment.md) - – Summarizes security related results from the Active Directory Solution and the Active Directory - Permissions Analyzer Solution - -Since each job group within the Active Directory Solution is designed to run independently, refer to -the Recommended Configurations section for each job group, for information on frequency and job -group settings. - -# AD_DirectMembership Job - -The AD_DirectMembership Job identifies users who do not have any group membership. This condition -may indicate unnecessary user accounts that are suitable candidates for review and cleanup. - -## Analysis Tasks for the AD_DirectMembership Job - -Navigate to the **Active Directory** > **2.Users** > **AD_DirectMembership** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DirectMembership Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/directmembershipanalysis.webp) - -The default analysis tasks are: - -- User Details – Creates the SA_AD_DirectMembership_Details table accessible under the job’s Results - node -- Domain Summary – Creates the SA_AD_DirectMembership_DomainSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_DirectMembership Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| No Group Membership | This report identifies users with no group membership. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by users with no membership - Table – Provides details on all users with no group membership - Table – Provides details on top domains by users with no membership | - -# AD_DuplicateUsers Job - -The AD_DuplicateUsers Job helps to identify multiple user accounts which may be owned by a single -employee. A user may have accounts in multiple domains or administrative accounts with greater -access than their normal account. - -## Analysis Tasks for the AD_DuplicateUsers Job - -Navigate to the **Active Directory** > **2.Users** > **AD_DuplicateUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DuplicateUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/duplicateusersanalysis.webp) - -The default analysis tasks are: - -- Potential Duplicates Details – Creates the SA_AD_DuplicateUsers_Details table accessible under the - job’s Results node -- User Details – Creates the SA_AD_DuplicateUsers_DomainSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_DuplicateUsers Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Duplicate User Accounts | This report identifies user accounts which may belong to a single employee, based on a variety of common attributes. | None | This report is comprised of three elements: - Bar Chart – Displays a domain summary - Table – Provides details on matches - Table – Provides details on duplicate user accounts by domain | - -# AD_OrphanedUsers Job - -The AD_OrphanedUsers Job identifies users whose managers are stale or disabled. These user accounts -should be reviewed and appropriate management should be assigned. - -## Analysis Tasks for the AD_OrphanedUsers Job - -Navigate to the **Active Directory** > **2.Users** > **AD_OrphanedUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_OrphanedUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/orphanedusersanalysis.webp) - -The default analysis tasks are: - -- Details – Creates the SA_AD_OrphanedUsers_Details table accessible under the job’s Results node -- Domain Summary – Creates the SA_AD_OrphanedUsers_DomainSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_OrphanedUsers Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | --------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Orphaned Users | A user is considered orphans when their manager is disabled or stale. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by orphaned users - Table – Provides details on orphaned users - Provides details on top domains by orphaned users | - -# AD_PasswordStatus Job - -The AD_PasswordStatus Job highlights potential issues with user password settings that may exploited -or compromised if not addressed. - -## Analysis Tasks for the AD_PasswordStatus Job - -Navigate to the **Active Directory** > **2.Users** > **AD_PasswordStatus** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigure for this job. - -![Analysis Tasks for the AD_PasswordStatus Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/passwordstatusanalysis.webp) - -The default analysis tasks are: - -- Password Status Details – Creates the SA_AD_PasswordStatus_Details table accessible under the - job’s Results node -- Domain Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_PasswordStatus Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Password Status | This report identifies the password status of all users and highlights potential issues. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays password issues by domain - Table – Provides details on users - Provides details on password issues by domain | - -# AD_ServiceAccounts Job - -The AD_ServiceAccounts Job offers information about service accounts and if they are vulnerable to -Kerberoasting. An account is deemed vulnerable to a Kerberoasting attack if the -msDS-SupportedEncryptionTypes value supports RC4 as the highest encryption type. - -_Remember,_ the 1-AD_Scan Job needs to be configured to collect these Custom Attributes: - -- servicePrincipalName – Provides service account information. See the Microsoft - [Service Principal Names]() - article for additional information. -- msDS-SupportedEncryptionTypes – Identifies service accounts vulnerable to Kerberoasting attacks - -## Analysis Task for the AD_ServiceAccounts Job - -Navigate to the **Active Directory** > **2.Users** > **AD_ServiceAccounts** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the AD_ServiceAccounts Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/serviceaccountsanalysis.webp) - -The default analysis tasks are: - -- Password Status Details – Creates the SA_AD_ServiceAccounts_Details table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis task, the AD_ServiceAccounts Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ---------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Service Accounts | This report provides details on service accounts in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays service accounts by domain - Table – Provides details on service accounts - Table – Provides details on service accounts by domain | - -# AD_SIDHistory Job - -The AD_SIDHistory Job enumerates historical SIDs in the audited environment and highlights -exceptions involving the SIDHistory attribute on AD user objects. Specific conditions include when a -user has a historical SID from their current domain, or when a non-admin user has a historical SID -with administrative rights, both of which may be indicators of compromise. - -## Analysis Tasks for the AD_SIDHistory Job - -Navigate to the **Active Directory** > **2.Users** > **AD_SIDHistory** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_SIDHistory Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/sidhistoryanalysis.webp) - -The default analysis tasks are: - -- Determine SIDHistory details – Creates the SA_AD_SIDHistory_Details table accessible under the - job’s Results node -- Summarize SIDHistory details – Creates the SA_AD_SIDHistory_Summary table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_PasswordStatus Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SID History | This report lists historical SIDs in the audited environment. Additionally, it highlights exceptions involving the SIDHistory attribute on AD user objects. Considered in particular are when a user has a historical SID from their current domain, or when a non-admin user has a historical SID with administrative rights. | None | This report is comprised of three elements: - Bar Chart – Displays historical SIDs by domain - Table – Provides details on SID history - Table – Provides details on historical SIDs by domain | - -# AD_StaleUsers Job - -The AD_StaleUsers job identifies potentially stale users based on the amount of time since their -last login to the domain, or if the account has been disabled. These accounts should be reviewed and -cleaned up in order to increase security and reduce complexity. - -**NOTE:** The definition of a stale user is set by the .Active Directory Inventory solution. These -parameters, including the number of days since last login to be considered stale (by default 60 -days), can be customized within the **.Active Directory Inventory** > **3-AD_Exceptions** job's -**Stale Users** analysis task. See the -[3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -topic for additional information. - -## Analysis Tasks for the AD_StaleUsers Job - -Navigate to the **Active Directory** > **2.Users** > **AD_StaleUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_StaleUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp) - -The default analysis tasks are: - -- User Details – Creates the SA_AD_StaleUsers_Details table accessible under the job’s Results node -- Summarize by Domain – Creates the SA_AD_StaleUsers_DomainSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_StaleUsers job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Users | This report identifies user accounts which have not logged into the domain for an extended amount of time or are currently disabled. A user account is considered stale if the last logon is over 60 days ago, is currently disabled, or expired. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays users by domain - Table – Provides details on users - Table – Provides details on users by domain | - -# AD_UserAttributeCompletion Job - -The AD_UserAttributeCompletion Job identifies which attributes are present within User fields in -Active Directory, and which ones are blank for a majority of objects. This may indicate accounts -within Active Directory which are lacking appropriate information. - -## Analysis Tasks for the AD_UserAttributeCompletion Job - -Navigate to the **Active Directory** > **2.Users** > **AD_UserAttributeCompletion** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_UserAttributeCompletion Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/userattributecompletionanalysis.webp) - -The default analysis tasks are: - -- Details – Creates an interim processing table in the database for use by downstream analysis and - report generation -- User Details – Creates an interim processing table in the database for use by downstream analysis - and report generation - -In addition to the tables and views created by the analysis tasks, the AD_UserAttributeCompletion -Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Attribute Completion | This report identifies which attributes are present within User fields in Active Directory, and which ones are blank for a majority of objects. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays completeness by attribute - Table – Provides details on users with blank attributes - Table –Provides details on completeness by attribute | - -# AD_UserDelegation Job - -The AD_Delegation Job highlights user accounts which are trusted for delegation. Kerberos delegation -enables an application to access resources hosted on a different server, and opens up several -avenues to compromise based on the type of delegation enabled.  See the -[What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix -blog article for more information about this configuration and the related security risks. - -## Analysis Task for the AD_UserDelegation Job - -Navigate to the **Active Directory** > **2.Users** > **AD_UserDelegation** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AD_UserDelegation Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/userdelegationanalysis.webp) - -The default analysis tasks are: - -- Determine users for trusted delegation – Creates the SA_AD_UserDelegation_Details table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis task, the AD_UserDelegation Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Users Trusted for Delegation | This report highlights which users are trusted for delegation, which accounts are sensitive, and whether the delegation is constrained or unconstrained. | None | This report is comprised of three elements: - Bar Chart – Displays users trusted for delegation by domain - Table – Provides details on users trusted for delegation - Table – Provides details on users trusted for delegation by domain | - -# AD_UserToken Job - -The AD_UserToken Job identifies and reports the number of SIDS and estimated token size associated -with each user. Token bloat can lead to issues during login and can also cause applications that use -Kerberos authentication to fail. See the Microsoft -[Problems with Kerberos authentication when a user belongs to many groups](https://learn.microsoft.com/en-US/troubleshoot/windows-server/windows-security/kerberos-authentication-problems-if-user-belongs-to-groups) -article for more information about estimated token size. - -## Analysis Task for the AD_UserToken Job - -Navigate to the **Active Directory** > **2.Users** > **AD_UserToken** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AD_UserToken Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/usertokenanalysis.webp) - -The default analysis tasks are: - -- Calculate Token Size – Creates the SA_AD_UserTokens_Details table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis task, the AD_UserToken Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Token | A user's token size is directly related to the number of SIDs associated with their user account, taking into account historical SIDs and effective membership. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top users by estimated token size - Table – Provides details on user tokens | - -# AD_WeakPasswords Job - -The AD_WeakPasswords Job analyzes user account password hashes to determine how easily each could be -compromised or the likelihood their passwords are known through comparison with compromised password -dictionaries and other exceptions. Exceptions include: - -- AES Key Missing – Account is set up using older functional AD levels, so has no AES key. These - accounts use weaker encryption methods susceptible to brute force attacks. -- Clear Text Password – Account has passwords stored with reversible encryption. See the Microsoft - [Store passwords using reversible encryption]() - article for additional information. -- Default Computer Password – Computer has default computer passwords set -- Delegable Admins – Administrator account is allowed to be delegated to a service -- DES Encryption Only – Account is using Kerberos DES encryption. DES encryption is considered weak - as the 56-bit key is prone to brute force attacks. See the Microsoft - [AD DS: User accounts and trusts in this domain should not be configured for DES only]() - article for additional information. -- Empty Password – Account has an empty password -- Kerberos Pre-authentication is not required – Account does not require Kerberos - pre-authentication. Kerberos pre-authentication can mitigate against brute force attacks. See the - Microsoft - [Kerberos Pre-Authentication: Why It Should Not Be Disabled](https://learn.microsoft.com/en-us/archive/technet-wiki/23559.kerberos-pre-authentication-why-it-should-not-be-disabled) - article for additional information. -- LM Hash – Account has stored LM hashes. The LM hash is a relatively weak hash that is prone to - brute force attacks. See the Microsoft - [How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases](https://learn.microsoft.com/en-US/troubleshoot/windows-server/windows-security/prevent-windows-store-lm-hash-password) - article for additional information. -- Password Never Expires – Account has a password that never expires -- Password Not Required – Account does not require a password -- Weak Historical Password – Account has a historical password that was found in the dictionary -- Weak Password – Account has a password that was found in the dictionary -- Shares Common Password – Account shares a password with another account - -## Queries for the AD_WeakPasswords Job - -The AD_WeakPasswords Job uses the PasswordSecurity Data Collector. - -![Query for the AD_WeakPasswords Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/weakpasswordsquery.webp) - -The query for this job are: - -- Weak Passwords – Collects password hashes to identify weak passwords - - - See the - [PasswordSecurity Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/overview.md) - topic for additional information - -### Configure the Weak Passwords Query - -The PasswordSecurity Data Collector can be scoped if desired. Follow the steps to modify the query -configuration. - -**Step 1 –** Navigate to the job’s Configure node and select Queries. - -**Step 2 –** In the Query Selection view, select the **Weak Passwords** query and click**Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the Data Source tab, and click **Configure**. The Password Security Data -Collector Wizard opens. - -![Password Security Data Collection Wizard Scan options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/optionsweakpassword.webp) - -**CAUTION:** Read the warning prior to enabling the cleartext password feature. - -**Step 4 –** On the Options page, configure the scan options by enabling communication with the -Active Directory via SSL or returning cleartext password entries. - -![Password Security Data Collection Wizard Dictionary options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/dictionariesweakpassword.webp) - -**Step 5 –** On the Dictionaries page, configure the dictionary options by enabling the Stealthbits -password dictionary or click **Add…** to upload a custom dictionary with NTLM hashes or plaintext -passwords to use during the scan. - -- See the - [PasswordSecurity: Dictionaries](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.md) - topic for additional information - -**Step 6 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The Weak Passwords query is now configured. - -## Analysis Tasks for the AD_WeakPasswords Job - -Navigate to the **Active Directory** > **2.Users** > **AD_WeakPasswords** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_WeakPasswords Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/weakpasswordsanalysis.webp) - -The default analysis tasks are: - -- Count of Shared Passwords – Creates the SA_AD_WeakPasswords_Count table accessible under the job's - Results node -- Join Active Directory Stats – Creates the SA_AD_WeakPasswords_Details table accessible under the - job’s Results node -- Summarize Password Issues – Creates the SA_SA_AD_WeakPasswords_Summary table accessible under the - job's Results node -- Add to AD Exceptions – Creates the SA_AD_UserDelegation_Details table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_UserDelegation Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Weak Passwords Checks | This job identifies accounts in the organization with weak passwords that can be easily decrypted or brute forced. | None | This report is comprised of three elements: - Bar Chart – Displays password weaknesses - Table – Provides details on password weaknesses - Table – Provides details on exceptions and user counts | - -# 2.Users Job Group - -The 2.Users Job Group identifies user conditions and pinpoint potential areas of administrative -concern such as weak passwords, user token size, or stale users. - -![2.Users Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following components comprise the 2.Users Job Group: - -- [AD_DirectMembership Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies users who do not have any group membership. This condition may indicate unnecessary - user accounts that are suitable candidates for review and cleanup. -- [AD_DuplicateUsers Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies multiple user accounts which may be owned by a single employee. A user may have - accounts in multiple domains or administrative accounts with greater access than their normal - account. -- [AD_OrphanedUsers Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies users whose managers are stale or disabled. These user accounts should be reviewed - and appropriate management should be assigned. -- [AD_PasswordStatus Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Highlights potential issues with user password settings that may exploited or compromised if not - addressed -- [AD_ServiceAccounts Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Offers information about service accounts and if they are vulnerable to Kerberoasting. An - account is deemed vulnerable to a Kerberoasting attack if the msDS-SupportedEncryptionTypes value - supports RC4 as the highest encryption type. -- [AD_SIDHistory Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Enumerates historical SIDs in the audited environment and highlights exceptions involving the - SIDHistory attribute on AD user objects. Specific conditions include when a user has a historical - SID from their current domain, or when a non-admin user has a historical SID with administrative - rights, both of which may be indicators of compromise. -- [AD_StaleUsers Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies potentially stale users based on the amount of time since their last login to the - domain, or if the account has been disabled. These accounts should be reviewed and cleaned up in - order to increase security and reduce complexity. -- [AD_UserAttributeCompletion Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies which attributes are present within User fields in Active Directory, and which ones - are blank for a majority of objects. This may indicate accounts within Active Directory which are - lacking appropriate information. -- [AD_UserDelegation Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Highlights user accounts which are trusted for delegation. Kerberos delegation enables an - application to access resources hosted on a different server, and opens up several avenues to - compromise based on the type of delegation enabled. -- [AD_UserToken Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Identifies and reports the number of SIDS and estimated token size associated with each user. - Token bloat can lead to issues during login and can also cause applications that use Kerberos - authentication to fail. -- [AD_WeakPasswords Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Analyzes user account password hashes to determine how easily each could be compromised or the - likelihood their passwords are known through comparison with compromised password dictionaries and - other exceptions - -# 1-AD_Scan Job - -The 1-AD_Scan Job collects data from Active Directory. In most environments, this job requires no -additional customizations before running it. Optionally, the job can be configured to scope scan -options and to collect custom attributes. For enable SSL encryption for communication with Active -Directory, see the [Enable SSL Option](#enable-ssloption) topic for additional information. - -## Queries for the 1-AD Scan Job - -The 1-AD_Scan Job uses the ADInventory Data Collector for the following query: - -![Queries for the 1-AD Scan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scanqueries.webp) - -- AD Inventory – Targets a domain controller to collect inventory data for user, group, and computer - objects - - - This query can be modified. See the - [Customize the 1-AD_Scan Query](#customize-the-1-ad_scan-query) topic for additional - information. - -### Customize the 1-AD_Scan Query - -The 1-AD_Scan Job has been preconfigured to run with the default settings with the category of Scan -Active Directory. Follow the steps to set any desired customizations to scan options or to collect -custom attributes. - -**Step 1 –** Navigate to the **.Active Directory Inventory** > **1-AD_Scan** > **Configure** node -and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Active Directory Inventory -DC Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Active Directory Inventory DC Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptions.webp) - -**Step 4 –** (Optional) On the Options page, you can: - -- Enable encrypted communication with Active Directory (SSL) -- Configure the differential scan settings using the **Collect only updates since last - scan** settings - -See the -[ADInventory: Options](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -topic for more information. - -![Active Directory Inventory DC Wizard Custom Attributes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp) - -**Step 5 –** (Optional) On the Custom Attributes page, add any desired custom attributes to be used -in the Active Directory scan. See the -[ADInventory: Custom Attributes](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -topic for additional information. - -**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -**NOTE:** In order for the Access Information Center to populate NFS permissions within File System -reports, the .Active Directory Inventory Job Group must be configured to collect the **uid** and -**uidNumber** attributes for Users. See the -[NFS Permissions for the AIC ](#nfs-permissions-for-the-aic) topic for additional information. - -The 1-AD_Scan Job is now ready to run with the customized settings. If any custom attributes are -added to the data collection, the **Create Extended Attributes View** analysis task can be enabled -in order to have visibility into the collected data. - -## Analysis Tasks for the 1-AD_Scan Job - -View the analysis tasks by navigating to the **.Active Directory Inventory** > **1-AD_Scan** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 1-AD_Scan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scananalysis.webp) - -The following analysis tasks are selected by default: - -- Import functions – Imports effective group membership function into the database -- Create Extended Attributes View – Creates the SA_ADInventory_ExtendedAttributesView for Custom - Attributes that have been added to the query -- Summarize Domains – Creates the SA_ADInventory_Report_DomainSummary table -- Summarize Stats – Creates the SA_ADInventory_Summary table - -The following analysis tasks never need to be selected as they are only needed to restore views that -have been accidentally hidden: - -- Bring User View To Console – Restores the SA_ADInventory_UsersView to be visible within the - Enterprise Auditor Console if it is hidden -- Bring Group Members View To Console – Restores the SA_ADInventory_GroupMembersView to be visible - within the Enterprise Auditor Console if it is hidden -- Bring Group View To Console – Restores the SA_ADInventory_GroupsView to be visible within the - Enterprise Auditor Console if it is hidden -- Bring Computers View to Console – Restores the SA_ADInventory_ComputersView to be visible within - the Enterprise Auditor Console if it is hidden -- Remove ADI Stored Procedures – Removes the built-in ADI stored procedures - -In addition to the tables and views explained in the -[Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -topic, the 1-AD_Scan Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Active Directory Summary | This report provides a summary of all audited domains and objects. | None | This report is comprised of four elements: - Table – Displays general statistics in the Users, Groups, and Computers in All Audited Domains - Pie Chart – Displays Principals by Object Class - Pie Chart – Displays Principals by Audited Domain - Table – Displays detailed statistical information for each of the AD objects | - -## NFS Permissions for the AIC - -In order for the Access Information Center to populate NFS resources within all File System -permissions and resource audit reports, the .Active Directory Inventory Job Group must be configured -to collect the following custom attributes for Users: - -- uid -- uidNumber - -Follow the steps to add the custom attributes. - -**Step 1 –** Navigate to the Active Directory Inventory DC Wizard for the AD Inventory Query within -the 1-AD_Scan Job. - -![Active Directory Inventory DC Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp) - -**Step 2 –** Navigate to the Options page. Ensure the **Collect only updates since last scan** -option is deselected. - -**NOTE:** Whenever query configurations are modified, it is necessary to do a full scan. After the -first full scan, differential scanning can be re-enabled. - -![Active Directory Inventory DC Wizard Custom Attributes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp) - -**Step 3 –** Use the **Next** button to navigate to the Custom Attributes page. Add both **uid** and -**uidNumber** attributes to the existing list of custom attributes. See the -[ADInventory: Custom Attributes](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -topic for additional information. - -- **uid** attribute: - - - Domain Filter – \* - - Object Class – User - - Attribute Name – uid - -- **uidNumber** attribute: - - - Domain Filter – \* - - Object Class – User - - Attribute Name – uidNumber - -**Step 4 –** Use the **Next** button to navigate to the Summary page and click **Finish**. The -Active Directory Inventory DC Wizard closes. Click **OK** to close the Query Properties window. - -**Step 5 –** Run the .Active Directory Inventory Job Group either manually or through a scheduled -task. - -The .Active Directory Inventory Job Group is now collecting attributes required for NFS data to be -visible within the Access Information Center. - -_Remember,_ it is necessary to re-enable differential scanning after Step 5 if desired. - -See the Resource Audit topics in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -## Enable SSL Option - -Follow the steps to enable SSL encryption for communications with Active Directory: - -**Step 1 –** Navigate to the **1-AD_Scan > Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query -Properties window opens. - -**Step 3 –** Go to the Options page and select the **Encrypt communication with Active Directory -(SSL)** checkbox. Click **Next**. - -**Step 4 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The job will now use SSL encryption to query Active Directory. - -# 2-AD_Changes Job - -The 2-AD_Changes Job tracks changes within all scanned domains. Reports in the job highlight Active -Directory changes which have occurred since the last time the .Active Directory Inventory Job Group -was run. It is dependent on the running of the 1-AD_Scan Job, also located in the .Active Directory -Inventory Job Group. - -The 1-AD_Scan Job must have the Query Option to **Track changes into Change tracking tables** -selected in order for the Analysis Tasks in the 2-AD_Changes Job to work. See Step 4 of the -[Customize the 1-AD_Scan Query](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md#customize-the-1-ad_scan-query) -topic for additional information. - -## Analysis Tasks for the 2-AD_Changes Job - -View the analysis tasks by navigating to the **.Active Directory Inventory** > **2-AD_Changes** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 2-AD_Changes Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/changesanalysis.webp) - -The following analysis tasks are selected by default: - -- Org Changes - - - Creates the SA_AD_Changes_OrganizationalChanges table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -- Analyze Group Changes – Creates the SA_AD_Changes_GroupAnalysis table accessible under the job’s - Results node -- Attribute Changes - - - Creates the SA_AD_Changes_AttributeChangeDetails table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -- User Account Status - - - Creates the SA_AD_Changes_UserAccountStatus table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -- Group Membership Changes - - - Creates the SA_AD_Changes_GroupMembershipChanges table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -- Object Moves - - - Creates the SA_AD_Changes_ObjectMoves table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -- New Principals – Creates interim processing tables in the database for use by downstream analysis - and report generation -- Deleted Principals - - - Creates the SA_AD_Changes_DeletedPrincipals table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -The Notification analysis tasks are optional and require configuration before enabling them. The -following analysis tasks are deselected by default: - -- Domain Admin Changes – Alerts when Domain Admins Group membership changes occur - - - Importance – Security, as this is a Sensitive Security Group - -- Empty Groups – Alerts when group membership changes result in an empty group - - - Importance – AD Clean-up - -- Circular Nesting – Alerts when group membership changes result in a group effectively containing - itself - - - Importance – Security and AD Clean-up - -- Stale Membership – Alerts when group members become stale - - - Importance – Security and AD Clean-up - -- Large Change – Alerts when group membership changes result in a group becoming large - - - Importance – Security - -- Disabled Users – Alerts when user accounts become disabled - - - Importance – Security - -- Locked out Users – Alerts when user accounts become locked-out - - - Importance – Security  and Employee Productivity - -- Alert on New Principals – Alerts when new user, group, or computer objects are created - - - Importance – Security and AD Clean-up - -- Alert on Deleted Users – Alerts when user accounts are deleted - - - Importance – Security  and Employee Productivity - -Notification must have recipients configured for the analysis task. Optionally, the email subject -and body can be modified. See the -[Notification Analysis Tasks for the 2-AD_Changes Job](#notification-analysis-tasks-for-the-2-ad_changes-job) -topic for additional information. - -In addition to the tables and views created by the analysis tasks, the 2-AD_Changes Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------------------------- | ------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Attribute Changes | This report tracks attribute changes within Active Directory. | None | This report is comprised of three elements: - Bar graph – Displays Attribute Changes (Past 24 Hours) - Table – Provides details on attribute changes (Past 24 Hours) - Table – Provides details on changes | -| Group Membership Changes (A.K.A. Most Active Groups) | This report tracks group membership changes in Active Directory. | None | This report is comprised of three elements: - Bar graph – Displays Most Active Groups (Past 24 Hours) - Table – Provides details on the most active groups (Past 24 Hours) - Table – Provides details on the most active groups | -| New Principals | This report identifies when principals have been created on the targeted domains. | None | This report is comprised of two elements: - Bar graph – Displays New Principals by Domain (Past 24 Hours) - Table – Provides details on the new principals by domain | -| Object Moves | This report tracks object moves in Active Directory. | None | This report is comprised of two elements: - Table – Displays Most Active OUs (Past 24 Hours) - Table – Provides details on the most active OUs | -| Org Changes (A.K.A. Organizational Changes) | This report tracks organizational moves such as manager, title or department changes. | None | This report is comprised of three elements: - Bar graph – Displays Organizational Changes (Past 24 Hours) - Table – Provides details on organizational changes (Past 24 Hours) - Table – Provides details on the organizational changes | -| Principal Deletions (A.K.A. Past 24 Hours) | This report identifies when principals have been deleted from the targeted domains. | None | This report is comprised of three elements: - Bar graph – Displays Deleted Principals by Domain (Past 24 Hours) - Table – Provides details on deleted principals by domain (Past 24 Hours) - Table – Provides details on the principals by domain | -| User Account Status Changes | This report tracks user account status changes. | None | This report is comprised of three elements: - Bar graph – Displays User Account Control Changes (Past 24 Hours) - Table – Provides details on user account control changes (Past 24 Hours) - Table – Provides details on the user account control changes | - -### Notification Analysis Tasks for the 2-AD_Changes Job - -In order for Enterprise Auditor to send email notifications, it is necessary for the **Settings** > -**Notification** node to be properly configured. See the -[Notification](/docs/accessanalyzer/11.6/administration/settings/notifications.md) -topic for instructions on enabling the Enterprise Auditor Console to send email notifications. Once -email notifications have been enabled, the individual notification analysis tasks can be configured -and enabled. Follow the steps to configure a notification analysis task. - -**Step 1 –** Navigate to the **.Active Directory Inventory** > **2-AD_Changes** > **Configure** node -and select **Analysis**. - -![Notification Analysis Tasks for the 2-AD_Changes Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/changesanalysisnotification.webp) - -**Step 2 –** In the Analysis Selection view, select the desired notification analysis task and click -**Analysis Configuration**. The Notification Data Analysis Module opens. - -![Notification Data Analysis Module SMTP properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtp.webp) - -**CAUTION:** Do not make changes to the pages preceding the SMTP page. - -**Step 3 –** Use the **Next** button to navigate to the email configuration SMTP page. - -![Recipients section of SMTP properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp) - -**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully -qualified address) for those who are to receive this notification. Multiple addresses can be -provided. You can use the following options: - -- Add – Add an email address to the E-mail field -- Remove – Remove an email address from the Recipients list -- Combine multiple messages into single message – Sends one email for all objects in the record set - instead of one email per object to all recipients - -![Message section of SMTP properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp) - -**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any -parameters. Then, customize the email content in the textbox to provide an explanation of the -notification to the recipients. - -**Step 6 –** Click **Next** to save these configuration changes and navigate to the Summary page. Do -not make changes to any other pages. Click **Finish**. The Notification Data Analysis Module window -closes. - -**Step 7 –** This notification analysis task is now configured to send emails. In the Analysis -Selection view, select the task checkbox. - -**Step 8 –** Repeat this process for each desired notification analysis task. - -Configured and enabled notifications now send alerts automatically during the execution of the -2-AD_Changes Job. - -# 3-AD_Exceptions Job - -The 3-AD_Exceptions Job identifies toxic conditions that exist within Active Directory which may -leave your environment at risk or add unnecessary administrative overhead. It is dependent on -running the 1-AD_Scan Job, also located in the .Active Directory Inventory Job Group. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The 3-AD_Exceptions Job has the following configurable parameters: - -- Threshold of group members -- Threshold of nesting -- Threshold necessary to identify a stale group (0-100%) -- Whether to include disabled users that are stale -- Whether to include expired users that are stale -- Threshold for token size -- List of administrative groups - -See the -[Customize Analysis Parameters for the 3-AD_Exceptions Job](#customize-analysis-parameters-for-the-3-ad_exceptions-job) -topic for additional information. - -## Analysis Tasks for the 3-AD_Exceptions Job - -View the analysis tasks by navigating to the **.Active Directory Inventory** > **3-AD_Exceptions** > -**Configure** node and select **Analysis**. Analysis tasks with configuration parameters that define -the security concerns within them can be modified. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 3-AD_Exceptions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/exceptionsanalysis.webp) - -The following analysis tasks are selected by default: - -- Large Groups - - - Identifies groups that exceeded the defined threshold for effective group membership - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of a large group can be customized - -- Deeply Nested Groups - - - Identifies groups that exceeded the defined threshold of deep levels of membership nesting - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of a deeply nested group can be customized - -- Circular Nesting - - - Identifies groups with circular references in their effective membership - - Populates processing tables in the database for use by downstream analysis and report - generation - -- Empty Groups - - - Identifies groups with no membership - - Populates processing tables in the database for use by downstream analysis and report - generation - -- Single Member Groups - - - Identifies groups with a single direct member - - Populates processing tables in the database for use by downstream analysis and report - generation - -- Stale Users - - - Identifies user accounts that are expired, are disabled, or have exceeded the defined - threshold of inactivity - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of a stale user can be customized - -- Stale Membership - - - Identifies groups with a high percentage of effective members that are stale users - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of stale membership can be customized - -- Large Token - - - Identifies users that exceeded the defined threshold for effective membership in authorization - groups - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of a large token can be customized - -- Historical SID Tampering - - - Identifies users that have a historical SID from their current domain - - Populates processing tables in the database for use by downstream analysis and report - generation - -- Admin Historical SID - - - Identifies users that have a historical SID from an administrator account - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of an administrator group can be customized - -- Display Exceptions View – Creates the SA_ADInventory_ExceptionsView accessible under the job’s - Results node -- Summarize Exceptions Count – Generates data used in the Exceptions report - -In addition to the tables and views created by the analysis tasks, the 3-AD_Exceptions Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------- | ---------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Exceptions Summary (A.K.A. AD Exceptions) | This report summarizes common issues with user accounts and group membership | None | This report is comprised of three elements: - Pie Chart – Displays exceptions by class - Table – Provides exceptions by count - Table – Provides details on exceptions | - -### Customize Analysis Parameters for the 3-AD_Exceptions Job - -Exception definitions that can be customized have the following default values for the customizable -parameters: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| -------------------- | --------------------------- | --------------------------------------------------- | --------------------------------------------------------------------- | -| Large Groups | @LARGE_THRESHOLD | 10 | A group object with 10 members or more | -| Deeply Nested Groups | @NESTING_THRESHOLD | 1 | A group object nested 1 level or deeper within another group object | -| Stale Users | @STALE_THRESHOLD | 60 | A user object that has been inactive for 60 days or more | -| | @INCLUDE_DISABLED | True | A user object that has been disabled | -| | @INCLUDE_EXPIRED | True | A user object that has expired | -| Stale Membership | @STALE_THRESHOLD | 10 | A group with 10% of its effective members are stale users | -| Large Token | @TOKEN_THRESHOLD | 10 | A user object with effective membership in more than 10 group objects | -| Admin Historical SID | #ADMIN_GROUPS | - Domain Admins - Enterprise Admins - Schema Admins | List of administrative groups | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for instructions to modify the parameters. See the -[AD Exception Types Translated](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md#ad-exception-types-translated) -topic for an explanation of Exception Types. - -# .Active Directory Inventory Solution - -Active Directory (AD) acts as the central nervous system of any Microsoft environment and plays a -vital role in granting access to resources such as Exchange, File Systems, SharePoint, and SQL -Server. The .Active Directory Inventory Solution is designed to provide essential user, group -membership, and computer details from the targeted domains to many Enterprise Auditor built-in -solutions. Key information includes user status, user attributes, and group membership. The -collected data is accessed by other Enterprise Auditor solutions and the Netwrix Access Information -Center for analysis. - -**NOTE:** This solution is required for using the Access Information Center. - -This topic covers information on using the ADInventory Data Collector and the .Active Directory -Inventory Job Group. - -Supported Platforms - -- Windows 2003 Forest level or higher - -Permissions - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -Ports - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -Location - -The .Active Directory Inventory Solution is a core component of all Enterprise Auditor -installations. Typically this solution is instantiated during installation, but it can be installed -from the Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to the -solution: **Jobs** > **.Active Directory Inventory**. This group has been named in such a way to -keep it at the top of the Jobs tree. - -## Jobs - -This Job Group is comprised of three jobs that collect, analyze, and report on data. The data -collection is conducted by the ADInventory Data Collector. See the -[Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) -topic for database table information. - -![.Active Directory Inventory Solution Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overview.webp) - -The .Active Directory Inventory Solution has the following jobs: - -- [1-AD_Scan Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Collects data and generates the standard reference tables and views -- [2-AD_Changes Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Analyzes the collected data to track and alert on changes within all scanned domains that - occurred since the last scan -- [3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - – Analyzes the collected data to identify security and provisioning concerns, such as circular - nesting and stale membership - -# Recommended Configurations for the .Active Directory Inventory Solution - -The .Active Directory Inventory Solution has been configured by default to run with the -out-of-the-box settings, but some settings are optional for configuration. It can be run directly or -scheduled. - -Dependencies - -This job group does not have dependencies. - -Targeted Hosts - -The host list assignment has been configured under the **.Active Directory Inventory** > -**Settings** > **Host List Assignment** node. It is set to target the Default domain controller host -list, which is the domain in which the Enterprise Auditor Console server resides. - -If targeting multiple domains, change the Host List Assignment to the **ONE DOMAIN CONTROLLER PER -DOMAIN** host list. - -The Default domain controller host list and ONE DOMAIN CONTROLLER PER DOMAIN host list are dynamic -host lists based on the host inventory value in the isDomainController field in the Host Master -Table. - -Connection Profile - -The Connection Profile has been configured under the **.Active Directory Inventory** > -**Settings** > **Connection** node. It is set to Use the Default Profile, as configured at the -global settings level. Ensure the assigned Connection Profile has the necessary permissions on all -targeted domains. - -If targeting multiple domains, ensure the assigned Connection Profile has the necessary permissions -on all targeted domains. - -History Retention - -Not supported and should be turned off - -Multi-Console Support - -Not supported - -Schedule Frequency - -**_RECOMMENDED:_** Schedule the .Active Directory Inventory Job Group to run once a day. - -If there are frequent AD changes within the target environment, then it can be executed more often. -It is best to rerun it anytime AD changes might have occurred. - -Run at the Solution Level - -The jobs in the .Active Directory Inventory Job Group should be run together and in order by running -the entire solution, instead of the individual jobs. - -Query Configuration - -The solution is best run with the default query configuration. However, a possible modification -might be to include configurations of the scan options or additional custom attributes within the -[1-AD_Scan Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md). - -Analysis Configuration - -The solution is best run with the default analysis configuration. However, possible modifications -might be to: - -- Enable notification analysis tasks within the - [2-AD_Changes Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -- Customize exception analysis parameters within the - [3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - -Workflow - -The .Active Directory Inventory Job Group has been set to run against the following default dynamic -host list: - -- Default domain controller - -Default dynamic host lists are populated from hosts in the Host Master Table that meet the host -inventory criteria for the list. Ensure the appropriate host lists have been populated through host -inventory results. - -**Step 1 –** (Optional) Run a host discovery query to discover domain controllers. This is needed -when targeting multiple domains. - -**Step 2 –** Set a Connection Profile. - -**Step 3 –** chedule the .Active Directory Inventory Job Group to run as desired. - -**Step 4 –** Review the reports generated by the .Active Directory Inventory Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md b/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md deleted file mode 100644 index 2d9ba80c4d..0000000000 --- a/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md +++ /dev/null @@ -1,1157 +0,0 @@ -# 6.Broken Inheritance > AD_BrokenInheritance Job - -The AD_BrokenInheritance Job reports on all locations within Active Directory where inheritance is -broken within the targeted domains. - -![6.Broken Inheritance Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritancejobstree.webp) - -The AD_BrokenInheritance Job is located in the 6.Broken Inheritance Job Group. - -## Analysis Tasks for the AD_BrokenInheritance Job - -Navigate to the **Active Directory Permissions Analyzer** > **6.BrokenInheritance** > -**AD_BrokenInheritance** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_BrokenInheritance Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp) - -The default analysis tasks are: - -- Broken Inheritance Details – Creates the SA_AD_BrokenInheritance_Details table accessible under - the job’s Results node -- Broken Inheritance Summary – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_BrokenInheritance Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Broken Inheritance by Domain | This report highlights instances of broken inheritance on Active Directory objects. This information is summarized by domain. | None | This report is comprised of three elements: - Bar Chart – Displays broken inheritance by domain - Table – Provides summary of broken inheritance by OU - Table – Provides details on broken inheritance | - -# 5.Open Access > AD_OpenAccess Job - -The AD_OpenAccess Job reports on all Active Directory permissions granting open access within the -targeted domains. Open Access can be defined as access granted to security principals such as: -Domain Users, Authenticated Users, and Everyone. - -![5.Open Access Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/openaccessjobstree.webp) - -The AD_OpenAccess Job is located in the 5.Open Access Job Group. - -## Analysis Tasks for the AD_OpenAccess Job - -Navigate to the **Active Directory Permissions Analyzer** > **5.Open Access** > **AD_OpenAccess** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_OpenAccess Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/openaccessanalysis.webp) - -The default analysis tasks are: - -- Determine open access – Creates the SA_AD_OpenAccess_Details table accessible under the job’s - Results node -- Summarize open access by domain – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_OpenAccess Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ---------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Open Access by Domain | This report highlights instances of open access on AD objects, and summarizes open access by domain. | None | This report is comprised of three elements: - Bar Chart – Displays open access by domain - Table – Provides details on open access - Table – Provides details on open access by domain | - -# 3.OUs > AD_OUPermissions Job - -The AD_OUPermissions Job reports on all Active Directory permissions applied to organizational unit -objects within the targeted domains. - -![3.OUs Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp) - -The AD_OUPermissions Job is located in the 3.OUs Job Group. - -## Analysis Tasks for the AD_OUPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **3.OUs** > **AD_OUPermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_OUPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp) - -The default analysis tasks are: - -- List OU permissions – Creates the SA_AD_OUPermissions_Details table accessible under the job’s - Results node -- Summarize OU permissions – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_OUPermissions Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| OU Permissions | This report highlights instances where permissions are applied to Active Directory organizational units. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays OU permissions by domain - Pie Chart – Displays OU permissions by type - Table – Provides details on OU permissions | - -# AD_ShadowAccess Job - -This job finds shadow access that leads to compromise of a domain or sensitive data. Attackers can -chain vulnerabilities to escalate privileges from a non-privileged user to administrator with only a -few steps. This job will generate the shortest path between every non-privileged user to a domain -administrative group, total domain compromise, or access to sensitive data. - -This job will analyze the following links between resources and privileges in your environment: - -- Effective Group Membership -- Modify Group Membership -- Reset User Password -- Access through adminSDHolder -- DCSync/Domain Replication privileges -- Shared passwords between domain accounts -- Groups that provide access to sensitive data -- Local administrators that can dump hashes from user sessions -- Administrative rights on SQL Servers that hold sensitive data - -The AD_ShadowAccess Job has special dependencies. See the -[Recommended Configurations for AD Permissions Analyzer Solution](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) -topic for additional information. - -## Analysis Tasks for the AD_ShadowAccess Job - -Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks, with the exception of the -**Calculate Shadow Access** analysis tasks. The analysis tasks are preconfigured for this job. The -**Calculate Shadow Access** analysis task is the only analysis task that has customizable -parameters. - -![Analysis Tasks for the AD_ShadowAccess Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp) - -The default analysis tasks are: - -- Shadow Access Schema – Sets up the Shadow Access Tables and Views -- Dijkstra – Creates an interim processing table in the database for use by downstream analysis and - report generation -- Path Formatting – Creates an interim processing table in the database for use by downstream - analysis and report generation -- String Split – Creates an interim processing table in the database for use by downstream analysis - and report generation -- Calculate Shadow Access – Creates the SA_ShadowAccess_Details table accessible under the job’s - Results node - - - This Analysis Task has configurable parameters. See the - [Configure the Analysis Tasks for the AD_ShadowAccess Job](#configure-the-analysis-tasks-for-the-ad_shadowaccess-job) - topic for additional information. - -- Shadow Access Paths Cleanup – Removes calculated rows that are no longer used - -In addition to the tables and views created by the analysis tasks, the AD_ShadowAccess Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Domain Shadow Access | This report will calculate the shortest path between highly sensitive privileges and non-privileged users. | None | This report is comprised of five elements: - Bar Chart – Displays summary information on targeted domain - Table – Provides details on targeted domain in table form - Table – Provides details on exploited permissions - Table – Provides details on vulnerabilities - Table – Provides details on domain users and attack paths that can be used against those domain users | -| Sensitive Data Shadow Access | This report will calculate the shortest path between highly sensitive data and non-privileged users. | None | This report is comprised of five elements: - Bar Chart – Displays summary information on sensitive data - Table – Provides details on sensitive data in table form - Table – Provides details on exploited permissions - Table – Provides details on vulnerabilities - Table – Provides details on domain users and attack paths that can be used against those domain users | - -See the -[Report Functions for the AD_ShadowAccess Job](#report-functions-for-the-ad_shadowaccess-job) topic -for additional information. - -### Customizable Analysis Tasks for the AD_ShadowAccess Job - -The default values for customizable parameters are: - -| Analysis Task | Customizable Parameter Name | Default Value | Instruction | -| ------------------------ | --------------------------- | ----------------------------------------------------- | ------------------------------------- | -| Calculate Shadow Access | @session | 1 | Set to 0 to turn off Session Analysis | -| @shared_password | 0 | Set to 0 to turn of Shared Password Analysis | | -| @modify_group_membership | 1 | Set to 0 to turn off Modify Group Membership analysis | | -| @sensitive_data | 1 | Set to 0 to ignore sensitive data attacks | | -| @dcsync | 1 | Set to 0 to ignore dcsync rights | | -| @sdholder | 1 | Set to 0 to ignore sdadminholder | | -| @disabled | 0 | Set to 0 to ignore disabled users | | - -See the -[Configure the Analysis Tasks for the AD_ShadowAccess Job](#configure-the-analysis-tasks-for-the-ad_shadowaccess-job) -topic for additional information. - -### Configure the Analysis Tasks for the AD_ShadowAccess Job - -Customizable parameters enable Enterprise Auditor users to set the values used to classify user and -group objects during this job’s analysis. The parameters can be customized and are listed in a -section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s -parameters. - -**Step 1 –** Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > -**Configure** node and select **Analysis** to view analysis tasks. - -![Configure Calculate Shadow Access task from Analysis Selection view](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp) - -**Step 2 –** In the Analysis Selection view, select the **Calculate Shadow Access** analysis task, -then click **Analysis Configuration**. The SQL Script Editor opens. - -![SQL Script Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp) - -**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. -Double-click on the current value and change as desired. - -- If the variable type is a table, select the cell and click **Edit Table** to modify the value. - -**CAUTION:** Do not change any parameters where the Value states `Created during execution`. - -**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor -window. - -The customizable analysis task parameters are now configured and ready to run. - -### Report Functions for the AD_ShadowAccess Job - -The reports generated by the AD_ShadowAccess Job presents users with an overview of vulnerabilities -and attack paths within the targeted environments. - -![Shadow Access reports in the job's Results node](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp) - -Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > **Results** node -to view the AD_ShadowAccess job reports. - -**NOTE:** These reports can also be accessed through the Web Console. See the -[Viewing Generated Reports](/docs/accessanalyzer/11.6/accessanalyzer/admin/report/view.md) -topic for additional information. - -![Exploited Permissions and Vulnerabilities on Shadow Access reports](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp) - -The Domain Shadow Access and Sensitive Data Shadow Access reports provide information on the -exploited permissions and vulnerabilities that can be used as attack paths for shadow access to -domain and sensitive data. - -- Exploited Permissions – Displays summary information of the types of permissions that can be - exploited by shadow attacks and the number of occurrences of those permissions -- Vulnerabilities – Displays summary information of the vulnerabilities that were detected and the - number of occurrences of those vulnerabilities - -![Report element displaying information on potential attack paths for users found in the targeted domain](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp) - -The last report element displays information on potential attack paths for users found in the -targeted domain. Clicking on the green plus sign next to an attack path will open an Attack Path -window that displays a step-by-step process of how a user object, if compromised, can be used to -conduct a shadow attack. - -![Attack Path window example](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp) - -The Attack Path window displays how a user object can be used in a shadow attack. - -- Example: - - - The `Everyone` principle has the rights to reset the password of `LSA` - - `LSA` can modify group membership of `Domain Admins` - - The Attack Path window reveals that every user in the domain is effectively a Domain Admin - -![Attack Path window example](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp) - -The number of objects and the direction of the arrows can change depending on the attack path and -related elements. - -- Example: - - - The `testgroupuser10` user object is a Local Admin on the `TESTS` server - - A user object that has a session on the `TESTS` server is a member of the `Domain Admins` - group - - If the `testgroupuser10` user object becomes compromised, an attacker can scrape the password - hash on a user object’s local session on `TESTS` that also is a member of `Domain Admins` and - become a Domain Admin itself - -# AD_ComputerRights Job - -The AD_ComputerRights Job provides data collection to identify permissions applied to computers in -Active Directory. - -## Query for the AD_ComputerRights Job - -The AD_ComputerRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_ComputerRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp) - -- Computer Access Permissions – Returns computer access permission - - - See the - [ADPermissions Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - topic for additional information - -## Analysis Tasks for the AD_ComputerRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > -**AD_ComputerRights** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the AD_ComputerRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp) - -- Computer Rights View – Creates the SA_AD_ComputerRights_Details_PermissionsView visible under the - job’s Results node -- AIC computer permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation - -# AD_ContainerRights Job - -The AD_ContainerRights Job provides data collection to identify permissions applied to Containers in -Active Directory. - -## Query for the AD_ContainerRights Job - -The AD_ContainerRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_ContainerRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp) - -- Container Access Permissions – Returns containers under the given scope - - - See the - [ADPermissions Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - topic for additional information - -## Analysis Tasks for the AD_ContainerRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > -**AD_ContainerRights** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ContainerRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp) - -The default analysis tasks are: - -- Container Rights View – Creates the SA_AD_ContainerRights_Details_PermissionsView visible under - the job’s Results node -- AIC container permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation - -# AD_DomainRights Job - -The AD_DomainRights Job provides data collection to identify permissions applied to Domains in -Active Directory. - -## Query for the AD_DomainRights Job - -The AD_DomainRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_DomainRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp) - -- Domain Access Permissions – Returns domain access permissions - - - See the - [ADPermissions Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - topic for additional information - -## Analysis Tasks for the AD_DomainRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_DomainRights** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DomainRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp) - -The default analysis tasks are: - -- Domain Rights View – Creates the SA_AD_DomainRights_Details_PermissionsView visible under the - job’s Results node -- AIC domain permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation - -# AD_GroupRights Job - -The AD_GroupRights Job provides data collection to identify permissions applied to groups in Active -Directory. - -## Query for the AD_GroupRights Job - -The AD_GroupRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_GroupRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp) - -- Group Access Permissions – Returns group access permissions - - - See the - [ADPermissions Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - topic for additional information - -## Analysis Tasks for the AD_GroupRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_GroupRights** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp) - -The default analysis tasks are: - -- Group Rights View – Creates the SA_AD_GroupRights_Details_PermissionsView visible under the job’s - Results node -- AIC group permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation - -# AD_OURights Job - -The AD_OURights Job provides data collection to identify permissions applied to organizational units -in Active Directory. - -## Query for the AD_OURights Job - -The AD_OURights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_OURights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp) - -- OU Access Permissions – Returns organizational unit permissions - - - See the - [ADPermissions Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - topic for additional information - -## Analysis Tasks for the AD_OURights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_OURights** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_OURights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp) - -The default analysis tasks are: - -- OU Rights View – Creates the SA_AD_OURights_Details_PermissionsView visible under the job’s - Results node -- AIC OU permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation - -# AD_SiteRights Job - -The AD_SiteRights Job provides data collection to identify permissions applied to sites in Active -Directory. - -## Query for the AD_SiteRights Job - -The AD_SiteRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_SiteRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp) - -- Site Access Permissions – Returns site permissions - - - See the - [ADPermissions Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - topic for additional information - -## Analysis Tasks for the AD_SiteRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_SiteRights** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_SiteRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp) - -The default analysis tasks are: - -- Site Rights View – Creates the SA_AD_SiteRights_Details_PermissionsView visible under the job’s - Results node -- AIC Site Permissions Import – Creates an interim processing table in the database for use by - downstream analysis and report generation - -# AD_UserRights Job - -The AD_UserRights Job provides data collection to identify permissions applied to users in Active -Directory. - -## Query for the AD_UserRights Job - -The AD_UserRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_UserRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp) - -- User Access Permissions – Returns user permissions - - - See the - [ADPermissions Data Collector](/docs/accessanalyzer/11.6/data-collection/active-directory/configuration.md) - topic for additional information - -## Analysis Tasks for the AD_UserRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_UserRights** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_UserRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp) - -The default analysis tasks are: - -- User Rights View – Creates the SA_AD_UserRights_Details_PermissionsView visible under the job’s - Results node -- AIC user permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation - -# 0.Collection Job Group - -The 0.Collection Job Group collects data on permissions applied to computers, groups, organizational -units, and users. It is dependent on data collected by the .Active Directory Inventory Job Group. -The jobs which comprise the 0.Collection Job Group process analysis tasks. - -![0.Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 0.Collection Job Group are: - -- [AD_ComputerRights Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Collects all Active Directory permissions applied to computer objects within the targeted - domains -- [AD_ContainerRights Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Collects all Active Directory permissions applied to container objects within the targeted - domains -- [AD_DomainRights Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Collects all Active Directory permissions applied to domain objects within the targeted domains -- [AD_GroupRights Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Collects all Active Directory permissions applied to group objects within the targeted domains -- [AD_OURights Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Collects all Active Directory permissions applied to group objects within the targeted domains -- [AD_SiteRights Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Collects all Active Directory permissions applied to site objects within the targeted domains -- [AD_UserRights Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Collects all Active Directory permissions applied to user objects within the targeted domains - -# AD_ComputerPermissions Job - -The AD_ComputerPermissions Job reports on all Active Directory permissions applied to computer -objects within the targeted domains. - -## Analysis Tasks for the AD_ComputerPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **4.Computers** > -**AD_ComputerPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ComputerPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp) - -The default analysis tasks are: - -- List computer object permissions – Creates the SA_AD_ComputerPermissions_Details table accessible - under the job’s Results node -- Summarize computer object permissions – Creates an interim processing table in the database for - use by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_ComputerPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Computer Permissions | This report highlights instances where permissions are applied to Active Directory computer objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays computer permissions by domain - Pie Chart – Displays computer permissions by type - Table – Provides details on computer permissions | - -# AD_LAPSPermissions Job - -The AD_LAPSPermissions Job identifies Active Directory objects that have access to LAPS attributes -and access to computer objects that may lead to unintended access to LAPS attributes. - -## Analysis Tasks for the AD_LAPSPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **4.Computers** > -**AD_LAPSPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_LAPSPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp) - -The default analysis tasks are: - -- LAPS Permissions – Identifies potential indirect LAPS permissions. Creates the - SA_AD_LAPSPermissions_Results table accessible under the job’s Results node. -- LAPS Attribute Permissions – Identifies permissions on the LAPS attributes in Active Directory for - each computer. Creates the SA_AD_LAPSPermissions_Attributes table accessible under the job’s - Results node. - -In addition to the tables and views created by the analysis tasks, the AD_LAPSPermissions Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| LAPS Attributes | Identify Active Directory objects that have access to LAPS attributes on Computers within your organization. | None | This report is comprised of three elements: - Pie Chart – Displays top attribute permissions by trustee - Table – Provides details on attribute permissions by trustee - Table – Provides details on attributes | -| LAPS Permissions | Identify Active Directory objects that have access to computers objects within your organization that may lead to indirect access to LAPS attributes. | None | This report is comprised of three elements: - Bar Chart – Displays LAPS permissions by domain - Pie Chart – Displays LAPS permissions by type - Table – Provides details on LAPS permissions | - -# 4.Computers Job Group - -The 4.Computers Job Group reports on all Active Directory permissions applied to computer objects -within the targeted domains. - -![4.Computers Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 4.Computers Job Group are: - -- [AD_ComputerPermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to computer objects within the targeted - domains -- [AD_LAPSPermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Identifies Active Directory objects that have access to LAPS attributes and access to computer - objects that may lead to unintended access to LAPS attributes - -# AD_AdminSDHolder Job - -The AD_AdminSDHolder Job is comprised of analysis tasks and reports which use the data collected by -the 0.Collection Job Group to provide information on permissions applied to the AdminSDHolder -Container in Active Directory. - -## Queries for the AD_AdminSDHolder Job - -The AD_AdminSDHolder Job uses the PowerShell Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Queries for the AD_AdminSDHolder Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp) - -- Default AdminSDHolder Perms – Creates a table of default AdminSDHolder permissions - - - See the - [PowerShell Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) - topic for additional information - -## Analysis Tasks for the AD_AdminSDHolder Job - -Navigate to the **Active Directory Permissions Analyzer** > **7.Containers** > -**AD_AdminSDHolder** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_AdminSDHolder Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp) - -The default analysis tasks are: - -- Determine AdminSDHolder permissions – Creates the SA_AD_AdminSDHolder_Details table accessible - under the job’s Results node -- Summarize AdminSDHolder permissions – Creates the SA_AD_AdminSDHolder_DomainSummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_AdminSDHolder Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| AdminSDHolder Permissions | This report highlights suspicious (non-default) permissions applied to the AdminSDHolder container across all audited domains, and enumerates all AdminSDHolder permissions. For more information on vulnerabilities involving AdminSDHolder access, see the Microsoft [AdminSDHolder, Protected Groups and SDPROP](https://technet.microsoft.com/en-us/library/2009.09.sdadminholder.aspx) article. | None | This report is comprised of three elements: - Bar Chart – Displays suspicious AdminSDHolder permissions by domain - Table – Provides details on AdminSDHolder permissions - Table – Provides details on top users by suspicious AdminSDHolder permissions | - -# AD_ContainerPermissions Job - -The AD_ContainerPermissions Job is responsible for reporting on all Active Directory permissions -applied to container objects within the targeted domains. - -## Analysis Tasks for the AD_ContainerPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **7.Containers** > -**AD_ContainerPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ContainerPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp) - -The default analysis tasks are: - -- List container object permissions – Creates the SA_AD_ContainerPermissions_Details table - accessible under the job’s Results node -- Summarize container object permissions – Creates the SA_AD_ContainerPermissions_DomainSummary - table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_ContainerPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Container Permissions | This report highlights instances where permissions are applied to Active Directory container objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays container permissions by domain - Pie Chart – Provides details on enterprise container permissions by type - Table – Provides details on container permissions | - -# 7.Containers Job Group - -The 7.Containers Job Group reports on all Active Directory permissions applied to container objects -within the targeted domains. - -![7.Containers Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 7.Containers Job Group are: - -- [AD_AdminSDHolder Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all non-default Active Directory permissions applied to the AdminSDHolder container - within the targeted domains. The AdminSDHolder container can be leveraged by an attacker to create - persistence within the environment. See the Microsoft - [AdminSDHolder, Protected Groups and SDPROP](https://technet.microsoft.com/en-us/library/2009.09.sdadminholder.aspx) - article for additional information. -- [AD_ContainerPermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to container objects within the targeted - domains - -# AD_DomainPermissions Job - -The AD_DomainPermissions Job reports on all Active Directory permissions applied to domain objects -within the targeted domains. - -#### Analysis Tasks for the AD_DomainPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > -**AD_DomainPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DomainPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp) - -The default analysis tasks are: - -- List domain object permissions – Creates the SA_AD_DomainPermissions_Details table accessible - under the job’s Results node -- Summarize domain permissions – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_DomainPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain Permissions | This report highlights instances where permissions are applied to Active Directory domain objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays permissions by domain - Pie Chart – Provides details on enterprise domain permissions by type - Table – Provides details on domain permissions | - -# AD_DomainReplication Job - -The AD_DomainReplication Job highlights all Active Directory permissions applied to domain objects -within the targeted domains. - -## Analysis Tasks for the AD_DomainReplication Job - -Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > -**AD_DomainReplication** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DomainReplication Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp) - -The default analysis tasks are: - -- List domain replication permissions – Creates the SA_AD_DomainReplication_Details table accessible - under the job’s Results node -- Summarize replication permission details – Creates an interim processing table in the database for - use by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_DomainReplication Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | ---------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Domain Replication Permissions | This report highlights domain replication permissions applied to domain objects in active directory. | None | This report is comprised of three elements: - Bar Chart – Displays replication permission summary by domain - Table – Provides details on replication permissions - Table – Provides details on top users by replication permissions | - -# 8.Domains Job Group - -The 8.Domains Job Group reports on all Active Directory permissions applied to domain objects within -the targeted domains. - -![8.Domains Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 8.Domains Job Group are: - -- [AD_DomainPermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to domain objects within the targeted - domains -- [AD_DomainReplication Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Highlights all Active Directory permissions applied to domain objects within the targeted - domains - -# AD_GroupMembershipPermissions Job - -The AD_GroupMembershipPermissions Job highlights all Active Directory users that are capable of -modifying group membership within the targeted domains. - -## Analysis Tasks for the AD_GroupMembershipPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **2.Groups** > -**AD_GroupMembershipPermissions** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupMembershipPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp) - -The default analysis tasks are: - -- List group object permissions – Creates the SA_AD_GroupMembershipPermissions_Details table - accessible under the job’s Results node -- Summarize group object permissions – Creates an interim processing table in the database for use - by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_GroupMembershipPermissions -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Membership | This report highlights instances where trustees can change the membership of Active Directory group objects, either by writing the member attribute or via the "Add/Remove self as member" permission. By default, this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays affected groups by domain - Table – Provides details on membership change permissions - Table – Provides details on top users with group membership change permissions | - -# AD_GroupPermissions Job - -The AD_Permissions Job reports on all Active Directory permissions applied to group objects within -the targeted domains. - -## Analysis Tasks for the AD_GroupPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **2.Groups** > **AD_GroupPermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp) - -The default analysis tasks are: - -- List group object permissions – Creates the SA_AD_GroupPermissions_Details table accessible under - the job’s Results node -- Summarize group object permissions – Creates an interim processing table in the database for use - by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_GroupPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Permissions | This report highlights instances where permissions are applied to Active Directory group objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays group permissions by domain - Pie Chart – Displays group permissions by type - Table – Provides details on group permissions | - -# 2.Groups Job Group - -The 2.Groups Job Group reports on all Active Directory permissions applied to group objects within -the targeted domains. - -![2.Groups Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 2.Groups Job Group are: - -- [AD_GroupMembershipPermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Highlights all Active Directory users that are capable of modifying group membership within the - targeted domains -- [AD_GroupPermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to group objects within the targeted domains - -# Active Directory Permissions Analyzer Solution - -The Enterprise Auditor Active Directory Permissions Analyzer Solution enables organizations to -easily and automatically determine effective permissions applied to any and all Active Directory -(AD) objects. AD, Security, and Network Administrators can easily browse and compare information -from individual or multiple domains using comprehensive, preconfigured analyses and reports focused -on permissions associated with AD domains, organizational units, groups, users, and computers. These -capabilities enable them to obtain the most authoritative view of who has access to what in AD. - -The Active Directory Permissions Analyzer Solution is located within the **Jobs** > **Active -Directory Permissions Analyzer** Job Group, which identifies permissions applied to computers, -groups, organizational units, and users. - -Supported Platforms - -- Windows Server 2016 and later -- Windows 2003 Forest level or higher - -**NOTE:** See the Microsoft -[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) -article for additional information. - -Requirements, Permissions, and Ports - -See the -[Domain Target Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Location - -The Active Directory Permissions Analyzer requires a special Enterprise Auditor license. It can be -installed from the Instant Job Wizard, see the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. When purchased separately, the Permissions Analyzer Solution is -installed into the Jobs tree with the Active Directory instant solution. The license limits the -solution to just the **Jobs** > **Active Directory Permissions Analyzer** Job Group. Once installed -into the Jobs tree, navigate to the solution: **Jobs** > **Active Directory Permissions Analyzer**. -The 0.Collection Job Group collects the data. The other job groups run analysis on the collected -data and generate reports. - -## Job Groups - -The Active Directory Permissions Analyzer Solution is designed to provide visibility into Active -Directory permissions applied on all objects. Key information includes who can reset user passwords, -who can modify group membership, and who can replicate domain information. - -The jobs which comprise the Active Directory Permissions Analyzer Job Group use the ADPermissions -Data Collector and the PowerShell Data Collector to return advanced security permissions and process -analysis tasks and generate reports. The collected data is then available to the Netwrix Access -Information Center for analysis. - -![Active Directory Permissions Analyzer Solution Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overview.webp) - -The job groups and jobs in the Active Directory Permissions Analyzer Solution are: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Collects all Active Directory permissions information from the targeted domain -- [1.Users Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to user objects within the targeted domains -- [2.Groups Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to group objects within the targeted domains -- [3.OUs > AD_OUPermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to organizational unit objects within the - targeted domains -- [4.Computers Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to computer objects within the targeted - domains -- [5.Open Access > AD_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions granting open access within the targeted domains. - Open Access can be defined as access granted to security principals such as: Domain Users, - Authenticated Users, and Everyone. -- [6.Broken Inheritance > AD_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all locations within Active Directory where inheritance is broken within the targeted - domains -- [7.Containers Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to container objects within the targeted - domains -- [8.Domains Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to domain objects within the targeted - domains. -- [9.Sites Job Group](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to domain objects within the targeted - domains -- [AD_ShadowAccess Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Finds shadow access that leads to compromise of a domain or sensitive data. Attackers can chain - vulnerabilities to escalate privileges from a non-privileged user to administrator with only a few - steps. This job generates the shortest path between every non-privileged user to a domain - administrative group, total domain compromise, or access to sensitive data. - -# Recommended Configurations for AD Permissions Analyzer Solution - -Dependencies - -The following Enterprise Auditor job groups need to be successfully run: - -- .Active Directory Inventory Job Group - -The following jobs need to be run prior to running the -[AD_ShadowAccess Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md): - -- .Active Directory Inventory >1-AD_Scan > ADInventory -- Active Directory > 1.Groups > AD_SensitiveSecurityGroups -- Active Directory Permissions Analyzer > 7.Containers > AD_AdminSDHolder -- Active Directory Permissions Analyzer > 8.Domains > AD_DomainReplication -- Active Directory Permissions Analyzer > 1.Users > AD_ResetPasswordPermissions -- Active Directory Permissions Analyzer > 2.Groups > AD_GroupMembershipPermissions - -The following jobs can be optionally run to enhance reporting in the -[AD_ShadowAccess Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md): - -- Active Directory > 2.Users > AD_WeakPasswords -- FileSystem > 7.Sensitive Data > FS_DLPResults > FS_DLPResults -- Databases > 0.Collection >SQL > 2-SQL_SensitiveDataScan > SQLServer_SDD -- Windows > Privileged Accounts > Local Administrators > SG_Sessions -- Windows > Privileged Accounts > Local Administrators > SG_LocalAdmins - -Targeted Hosts - -The **Active Directory Permissions Analyzer** > **0. Collection** Job Group has been set to run -against the following default host list: - -- One Domain Controller Per Domain - -Connection Profile - -Assign a Connection Profile at the **Active Directory Permissions Analyzer** > **0. Collection** > -**Settings** > **Connection** node with local Administrator privileges on the target host, or Domain -Administrator privileges if the target host is a domain controller. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -This job group can be scheduled to run as desired. - -Workflow - -**Step 1 –** Prerequisite: Successful execution of the .Active Directory Inventory Job Group. - -**Step 2 –** Schedule the Active Directory Permissions Analyzer Job Group to run as desired. - -- Run sub-job groups individually if desired, but run the 0.Collection Job Group first - -**Step 3 –** Review the reports generated by the Active Directory Permissions Analyzer Job Group. - -# AD_DCShadowPermissions Job - -The AD_DCShadowPermissions Job highlights all Active Directory users that are capable of potentially -performing a DCShadow attack within the targeted domains. - -## Analysis Tasks for the AD_DCShadowPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **9.Sites** > -**AD_DCShadowPermissions** > **Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DCShadowPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp) - -The default analysis tasks are: - -- DCShadow Permissions – Creates the SA_AD_DCShadowPermissions_Details table accessible under the - job’s Results node -- DCShadow Summary – Creates the SA_AD_DCShadowPermission_Summary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_DCShadowPermisssions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| DCShadow Permissions | This report highlights permissions applied to Site objects and Computer objects in Active Directory required to execute the DCShadow attack. By default this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays top users by computer count - Table – Provides details on top users by computer count - Table – Provides details on DCShadow permission details | - -# AD_SitePermissions Job - -The AD_SitePermissions Job reports on all Active Directory permissions applied to site objects -within the targeted domains. - -## Analysis Tasks for the AD_SitePermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **9.Sites** > **AD_SitePermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_SitePermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp) - -The default analysis tasks are: - -- Site Permissions – Creates the SA_AD_SitePermissions_Details table accessible under the job’s - Results node -- Summarize Site Permissions – Creates the SA_AD_SitePermissions_DomainSummary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_SitePermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Site Permissions | This report highlights instances where permissions are applied to Active Directory Site objects. | None | This report is comprised of three elements: - Bar Chart – Displays permissions by site - Pie chart – Provides details on enterprise site permissions by type - Table – Provides details on site permissions | - -# 9.Sites Job Group - -The 9.Sites Job Group reports on all Active Directory permissions applied to site objects within the -targeted domains. - -![9.Sites Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 9.Sites Job Group are: - -- [AD_DCShadowPermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Highlights all Active Directory users that are capable of potentially performing a DCShadow - attack within the targeted domains -- [AD_SitePermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to site objects within the targeted domains - -# AD_ResetPasswordPermissions Job - -The AD_ResetPasswordPermissions Job highlights all Active Directory users that are capable of -resetting another user's password within the targeted domains. It uses the data collected by the -0.Collection Job Group to provide information on permissions applied to user objects in Active -Directory. - -## Analysis Tasks for the AD_ResetPasswordPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **1.Users** > -**AD_ResetPasswordPermissions** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ResetPasswordPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp) - -The default analysis tasks are: - -- List user password reset permissions – Creates the SA_AD_ResetPasswordPermissions_Details table - accessible under the job’s Results node -- Summarize password reset permissions – Creates an interim processing table in the database for use - by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_ResetPasswordPermissions -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Reset Password | This report highlights instances where "Reset Password" permissions are applied to Active Directory user objects. This information is summarized at the domain and enterprise levels. By default, this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays affected accounts by domain - Table – Provides details on reset password permissions - Table – Provides details on top users with reset password permissions | - -# AD_UserPermissions Job - -The AD_UserPermissions Job is comprised of analysis tasks and reports which use the data collected -by the 0.Collection Job Group to provide information on permissions applied to user objects in -Active Directory. - -## Analysis Tasks for the AD_UserPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **1.Users** > **AD_UserPermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_UserPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp) - -The default analysis tasks are: - -- List user object permissions – Creates the SA_AD_UserPermissions_Details table accessible under - the job’s Results node -- Summarize user object permissions – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_UserPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User permissions | This report highlights instances where permissions are applied to Active Directory user objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays user permissions by domain - Pie Chart – Provides details on user permission types - Table – Provides details on user permissions | - -# 1.Users Job Group - -The 1.Users Job Group reports on all Active Directory permissions applied to user objects within the -targeted domains - -![1.Users Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following jobs comprise the 1.Users Job Group: - -- [AD_ResetPasswordPermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Highlights all Active Directory users that are capable of resetting another user’s password - within the targeted domains -- [AD_UserPermissions Job](/docs/accessanalyzer/11.6/solutions/active-directory/permissions-analysis.md) - – Reports on all Active Directory permissions applied to user objects within the targeted domains diff --git a/docs/accessanalyzer/11.6/solutions/active-directory/recommended-reports.md b/docs/accessanalyzer/11.6/solutions/active-directory/recommended-reports.md deleted file mode 100644 index c7264658f7..0000000000 --- a/docs/accessanalyzer/11.6/solutions/active-directory/recommended-reports.md +++ /dev/null @@ -1,305 +0,0 @@ -# Recommended Configurations for the 3.Computers Job Group - -The **Active Directory** > **3.Computers** Job Group has been configured by default to run with the -default settings. It can be run directly or scheduled. - -Dependencies - -The **.Active Directory Inventory** Job Group needs to be successfully executed prior to running -this job group. - -Target Host - -This job group does not collect data. No target host is required. - -Connection Profile - -This job group does not collect data. No specific Connection Profile is required. - -Schedule Frequency - -The data analyzed by the 3.Computers Job Group jobs is collected by the .Active Directory Inventory -Job Group. Therefore, it is recommended to schedule these jobs to run after the .Active Directory -Inventory job group collection has completed. These jobs can be scheduled to run as desired. - -Run at the Job Group Level - -**_RECOMMENDED:_** Run the jobs in the 3.Computers Job Group together and in order by running the -entire job group, instead of the individual jobs. - -Analysis Configuration - -The 3.Computers Job Group should be run with the default analysis configurations. Most of the -analysis tasks are preconfigured for this Job Group. - -Some analysis tasks have customizable parameters: - -- The **Active Directory** > **3.Computers** > **AD_StaleComputers** Job defines stale users. The - parameters can be customized. - -Workflow - -**Step 1 –** Prerequisite: Successful execution of the .Active Directory Inventory Job Group. - -**Step 2 –** Schedule the 3.Computers Job Group to run as desired after the prerequisite job has -completed. - -**Step 3 –** Review the reports generated by the 3.Computers Job Group. - -# Recommended Configurations for the 5.Domains Job Group - -The **Active Directory > 5.Domains** job group has been configured by default to run with the -default settings. It can be run directly or scheduled. - -Dependencies - -This job group does not have dependencies. - -Targeted Hosts - -The **AD_DomainControllers** job has been configured to inherit its host from the **5.Domains > -0.Collection > Settings > Host List Assignment** node. It is set to target the ONE DOMAIN CONTROLLER -PER DOMAIN host list. - -The host list assignment for the **0.Collection > AD_TimeSync** and the **0.Collection** > -**AD_DSRM** jobs have been configured at the job’s **Configure** > **Hosts** node. They are set to -run against the ALL DOMAIN CONTROLLERS host list. - -The ONE DOMAIN CONTROLLER PER DOMAIN and ALL DOMAIN CONTROLLERS host lists are dynamic host lists -based on the host inventory value in the isDomainController field in the Host Master Table. - -The **5.Domains > AD_DomainInfo** job needs to be set to run against the following: - -- Custom host list with one domain controller per forest - -Connection Profile - -A Connection Profile should be assigned at the **5.Domains > Settings > Connection** node with -Domain Administrator privileges. - -Schedule Frequency - -This job group can be scheduled to run as desired. - -Run at the Job Group Level - -**_RECOMMENDED:_** Run the jobs in the **5.Domains** job group together and in order by running the -entire job group, instead of the individual jobs. - -Query Configuration - -The 5.Domains > 0.Collection > AD_DomainControllers job should be run with the default query -configurations. Most of these queries are preconfigured for this Job Group and should not be -modified. - -The following query can be modified to use a secure connection with TLS/SSL: - -- Domain Controller Listing Query which uses the - [LDAP Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/ldap.md) - -Workflow - -**Step 1 –** Set the host on the AD_DomainInfo job. - -**Step 2 –** Run a host discovery query to discover domain controllers. - -**Step 3 –** Set a Connection Profile on the job group. - -**Step 4 –** Schedule the 5.Domains job group to run as desired. - -**Step 5 –** Review the reports generated by the 5.Domains job group. - -# Recommended Configurations for the 4.Group Policy Job Group - -The **Active Directory** > **4.Group Policy** Job Group has been configured to run with the default -settings. It can be run directly or scheduled. - -Dependencies - -This job group does not have dependencies. - -Targeted Hosts - -The AD_GroupPolicy Job has been configured to inherit its host from the **4.Group Policy** > -**Settings** > **Host List Assignment** node. It is set to target the **Default domain controller** -host list, which is the domain in which the Enterprise Auditor Console server resides. - -The host list assignment for the **AD_CPassword** and **AD_PasswordPolicies** jobs have been -configured at the job’s > **Configure** > **Hosts** node. They are set to run against the **ONE -DOMAIN CONTROLLER PER DOMAIN** host list. - -The **Default domain controller** and **ONE DOMAIN CONTROLLER PER DOMAIN** host lists are dynamic -host lists based on the host inventory value in the **isDomainController** field in the Host Master -Table. - -Connection Profile - -A Connection Profile must be set directly on the collection jobs with Domain Administrator -privileges. - -Schedule Frequency - -This job group can be scheduled to run as desired. - -Run at the Job Group Level - -**_RECOMMENDED:_** Run the jobs in the 4.Group Policy Job Group together and in order by running the -entire job group, instead of the individual jobs. However, these jobs can be run independently, with -the exception of the AD_OverlappingGPOs Job, which is dependent upon the AD_GroupPolicy Job for data -collection. - -Workflow - -**Step 1 –** Run a host discovery query to discover domain controllers. - -**Step 2 –** Set a Connection Profile on the jobs that run data collection. - -**Step 3 –** Schedule the 4.Group Policy Job Group to run as desired. - -**Step 4 –** Review the reports generated by the 4.Group Policy Job Group. - -# Recommended Configurations for the 1.Groups Job Group - -The Active Directory > **1.Groups** Job Group has been configured by default to run with the default -settings. It can be run directly or scheduled. - -Dependencies - -The **.Active Directory Inventory** Job Group needs to be successfully executed prior to running -this job group. - -Target Host - -This job group does not collect data. No target host is required. - -Connection Profile - -This job group does not collect data. No specific Connection Profile is required. - -Schedule Frequency - -The data analyzed by the **1.Groups** Job Group jobs is collected by the **.Active Directory -Inventory** Job Group. Therefore, it is recommended to schedule these jobs to run after the .Active -Directory Inventory job group collection has completed. These jobs can be scheduled to run as -desired. - -Run at the Job Group Level - -**_RECOMMENDED:_** Run the jobs in the **1.Groups** Job Group together and in order by running the -entire job group, instead of the individual jobs. - -Analysis Configuration - -The **1.Groups** Job Group should be run with the default analysis configurations. Most of the -analysis tasks are preconfigured for this job group. - -Some analysis tasks have customizable parameters: - -- The .Active Directory Inventory Solution defines large groups, deeply nested groups, and stale - users. These parameters can be customized. - - - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks - - **NOTE:** Changes to an exception’s definition will affect all jobs dependent upon that - exception as well as all Access Information Center Exceptions reports. - -Workflow - -**Step 1 –** Prerequisite: Run the **.Active Directory Inventory** Job Group. - -**Step 2 –** Schedule the **1.Groups** Job Group to run as desired after the prerequisite job has -completed. - -**Step 3 –** Review the reports generated by the 1.Groups Job Group. - -# Recommended Configurations for the 2.Users Job Group - -The **Active Directory** > **2.Users** Job Group has been configured by default to run with the -out-of-the-box settings. It can be run directly or scheduled. - -Dependencies - -- The **.Active Directory Inventory** Job Group needs to be successfully executed prior to running - this job group - - - For the **AD_ServiceAccounts** Job, the **.Active Directory Inventory** > **1-AD_Scan** Job - needs to be configured to collect **servicePrincipalName** as a Custom Attribute - -- For the **AD_WeakPassword** Job: - - - Requires the DSInternals PowerShell Module, which is a third-party package. See the - [AD_WeakPasswords Job](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) - topic for additional information. - - The AD_WeakPasswords Job depends on a dictionary file. See the - [PasswordSecurity: Dictionaries](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.md) - topic for additional information. - - **_RECOMMENDED:_** If this job is not to be used, disable the job to prevent execution when the - job group is executed. - -Targeted Host(s) - -Only the **AD_WeakPasswords** Job requires a host list. The host list assignment has been configured -under the **2. Users** > **AD_WeakPasswords** > **Configure** > **Hosts** node. It is set to target -the **ONE DOMAIN CONTROLLER PER DOMAIN** host list. This host list is a dynamic host list based on -the host inventory value in the **isDomainController** field in the Host Master Table. - -Connection Profile - -Only the **AD_WeakPasswords** Job requires a Connection Profile. It must be set directly on the -**AD_WeakPasswords** Job (through the Job Properties window) with Domain Administrator privileges. - -**NOTE:** The **AD_WeakPassword** Job can be executed with a least privilege credential. See the -[Active Directory Auditing Configuration](/docs/accessanalyzer/11.6/configuration-guides/directory-services/active-directory.md) -topic for additional information. - -Schedule Frequency - -The data analyzed by the **2.Users** Job Group jobs is collected by the **.Active Directory -Inventory** Job Group. Therefore, it is recommended to schedule these jobs to run after the -**.Active Directory Inventory** job group collection has completed. These jobs can be scheduled to -run as desired. - -Run at the Job Group Level - -Run the jobs in the **2.Users** Job Group together and in order by running the entire job group, -instead of the individual jobs. - -_Remember,_ if the **AD_WeakPassword** Job is not to be executed, it can be disabled. - -Analysis Configuration - -The **2.Users** Job Group should be run with the default analysis configurations. Most of the -analysis tasks are preconfigured for this Job Group. - -Some analysis tasks have customizable parameters: - -- The **.Active Directory Inventory** Solution defines stale users. These parameters can be - customized. - - - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks - - **NOTE:** Changes to an exception’s definition will affect all jobs dependent upon that - exception as well as all Access Information Center Exceptions reports. - -Workflow - -**Step 1 –** Prerequisite: Ensure the **.Active Directory Inventory** Job Group has been -successfully run. - -**Step 2 –** For AD_WeakPassword Job: Run a host discovery query to discover domain controllers. - -- The **AD_WeakPasswords** Job has been set to run against the following default dynamic host list: - - - ONE DOMAIN CONTROLLER PER DOMAIN - - **NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table that meet - the host inventory criteria for the list. Ensure the appropriate host lists have been populated - through host inventory results. - -**Step 3 –** Set a Connection Profile on the job that runs the data collection. - -**Step 4 –** Schedule the **2.Users** Job Group to run as desired after the prerequisite job has -completed. - -**Step 5 –** Review the reports generated by the **2.Users** Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/active-directory/security-assessment.md b/docs/accessanalyzer/11.6/solutions/active-directory/security-assessment.md deleted file mode 100644 index 0d811865fe..0000000000 --- a/docs/accessanalyzer/11.6/solutions/active-directory/security-assessment.md +++ /dev/null @@ -1,91 +0,0 @@ -# AD Security Assessment Job - -The AD_SecurityAssessment Job performs checks against Active Directory security best practices in -order to proactively identify critical security configurations that leave Active Directory -vulnerable to attack. The result are reports that provide a listing of findings by severity and -category with corresponding details that can be used to prioritize and remediate security issues. - -![AD Security Assessment Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/securityassessmentjobstree.webp) - -## Recommended Configurations for the AD_SecurityAssessment Job - -Dependencies - -One or more of the following job groups or jobs must be run to produce results: - -- .Active Directory Inventory Job Group -- Active Directory Job Group - - - Active Directory > 1.Groups > AD_SensitiveSecurityGroups - - Active Directory > 2.Users > AD_PasswordStatus - - Active Directory > 2.Users > AD_ServiceAccounts - - Active Directory > 2.Users > AD_WeakPasswords - - Active Directory > 2.Users > AD_SIDHistory - - Active Directory > 2.Users > AD_UserDelegation - - Active Directory > 3.Computers > AD_ComputerDelegation - - Active Directory > 4.Group Policy > AD_CPassword - - Active Directory > 5.Domains > AD_DomainInfo - -- Active Directory Permissions Analyzer Job Group - - - Active Directory Permissions Analyzer > 1.Users > AD_ResetPasswordPermissions - - Active Directory Permissions Analyzer > 1.Users > AD_UserPermissions - - Active Directory Permissions Analyzer > 2.Groups > AD_GroupMembershipPermissions - - Active Directory Permissions Analyzer > 2.Groups > AD_GroupPermissions - - Active Directory Permissions Analyzer > 3.OUs > AD_OUPermissions - - Active Directory Permissions Analyzer > 4.Computers > AD_ComputerPermissions - - Active Directory Permissions Analyzer > 4.Computers > AD_LAPSPermissions - - Active Directory Permissions Analyzer > 7.Containers > AD_AdminSDHolder - - Active Directory Permissions Analyzer > 7.Containers > AD_ContainerPermissions - - Active Directory Permissions Analyzer > 8.Domains > AD_DomainReplication - - Active Directory Permissions Analyzer > 9.Sites > AD_DCShadowPermissions - -- Windows Job Group - - - Windows > Privileged Accounts > Service Accounts > SG_ServiceAccounts - -**NOTE:** If any of the above jobs are not completed, the AD_SecurityAssessment job will run but all -checks will not be assessed. - -Target Host - -This job group does not collect data. No target host is required. - -Connection Profile - -No specific Connection Profile is required. - -Schedule Frequency - -Scheduled to run as desired - -History Retention - -History is not supported. Turning on history will cause issues with data analysis and reporting. - -Multi-console Support - -Multiple StealthAUDIT consoles are not supported. This job should be run from a single StealthAUDIT -console. - -## Analysis Task for the AD_SecurityAssessment Job - -Navigate to the **Jobs** > Active Directory > AD_SecurityAssessment > Configure node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/securityassessmentanalysis.webp) - -The following non-configurable analysis task is selected by default: - -- Summarize Audit Findings – Creates the AD_SecurityAssessment_Results table accessible under the - job’s Results node. - -In addition to the tables created by the analysis task, the AD_SecurityAssessment job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| AD Security Assessment | This report identifies security risks within a targeted Active Directory environment based on results of previously run jobs. | GDPR SOX PCI HIPAA | This report is comprised of four elements: - Table – Provides Scope of Audit on domains - Pie Chart – Displays Findings by Severity - Table – Provides Findings by Category - Table – Provides Details on Risk | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_activitycollection.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_activitycollection.md new file mode 100644 index 0000000000..9cba5595ef --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_activitycollection.md @@ -0,0 +1,217 @@ +# 0.Collection > AD_ActivityCollection Job + +The AD_ActivityCollection Job located in the 0.Collection Job Group, imports data from the Netwrix +Activity Monitor logs into the Enterprise Auditor Database. Retention can be modified in the query +(120 days default). + +![AD_ActivityCollection Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +There are two ways AD Activity data can be retrieved by Enterprise Auditor: + +- Network share containing the archive logs +- API Server connected to the archive logs + +This is configured in the query. See the +[Queries for the AD_ActivityCollection Job](#queries-for-the-ad_activitycollection-job) topic for +additional information. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +![Configuration section on the AD_ActivityCollection job Overview page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/overviewconfiguration.webp) + +The AD_ActivityCollection page has the following configurable parameters: + +- Enable to import AD events into the AIC +- Enable to import authentication events into the AIC + + **NOTE:** The import of AD events and authentication events is disabled by default. You must + enable these parameters for the activity data to be imported into the Netwrix Access Information + Center. See the + [(Optional) Configure Import of AD Activity into Netwrix Access Information Center](/docs/accessanalyzer/11.6/config/activedirectory/activity.md#optional-configure-import-of-ad-activity-into-netwrix-access-information-center) + topic for instructions. + +- List of attributes to track for Object Modified changes +- Number of days to retain activity data in the AIC + +See the +[Customize Analysis Parameters for the AD_ActivityCollection Job](#customize-analysis-parameters-for-the-ad_activitycollection-job) +topic for additional information. + +## Queries for the AD_ActivityCollection Job + +The AD Activity Collection query uses the ADActivity Data Collector to target the Activity Monitor +archive logs for AD Activity. + +**NOTE:** The query can be configured to connect directly to the network share where the archive +logs are stored or the API Server. + +![Queries for the AD_ActivityCollection Job](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queries.webp) + +The AD_ActivityCollection Job uses the ADActivity Data Collector for the following query: + +- AD Activity Collection – Targets Netwrix Activity Monitor archives to collect AD Activity + +### Configure the Query to Import from the Activity Monitor + +The AD_ActivityCollection Job requires configuration to collect data. Follow the steps to modify the +query configuration when Netwrix Activity Monitor is configured to host domain activity logs on an +API server. + +**NOTE:** Ensure the Activity Monitor API Server and the required Connection Profile are +successfully set up. See the +[Active Directory Activity Auditing Configuration](/docs/accessanalyzer/11.6/config/activedirectory/activity.md) +topic for additional information. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. + +**Step 2 –** Click **Query Properties**. The Query Properties window displays. + +**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard +opens. + +![Active Directory Activity DC wizard Category page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/categoryimportfromnam.webp) + +**Step 4 –** On the Category page, choose **Import from SAM** option and click **Next**. + +![Active Directory Activity DC wizard SAM connection settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/namconnection.webp) + +**Step 5 –** On the SAM connection page, the **Port** is set to the default 4494. This needs to +match the port configured for the Activity Monitor API Server agent. + +**Step 6 –** In the **Test SAM host** textbox, enter the Activity Monitor API Server name using +fully qualified domain format. For example, `NEWYORKSRV30.NWXTech.com`. Click **Connect**. + +**Step 7 –** If connection is successful, the archive location displays along with a Refresh token. +Copy the **Refresh token**. This will replace the Client Secret in the Connection Profile in the +last step. + +**Step 8 –** Click **Next**. + +![Active Directory Activity DC wizard Scoping and Retention page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +**Step 9 –** On the Scope page, set the Timespan as desired. There are two options: + +- Relative Timespan – Set the number of days of activity logs to collect when the scan is run +- Absolute Timespan – Set the date range for activity logs to collect when the scan is run + +**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity +Monitor domain output log retention expires. For example, if Enterprise Auditor runs the +**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be +configured to retain at least 10 days of log files. + +**Step 10 –** Set the Retention period as desired. This is the number of days Enterprise Auditor +keeps the collected data in the SQL Server database. + +**Step 11 –** Click **Next** and then **Finish** to save the changes and close the wizard. + +**Step 12 –** Click **OK** to save the changes and close the Query Properties page. + +**Step 13 –** Navigate to the global **Settings** > **Connection** node to update the User +Credential with the Refresh token: + +- Select the Connection Profile assigned to the **6.Activity** > **0.Collection** Job Group. +- Select the Web Services (JWT) User Credential and click **Edit**. +- Replace the Access Token with the Refresh token generated by the data collector in Step 7. +- Click **OK** to save and close the User Credentials window. +- Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +The query is now configured to target the Activity Monitor API Server to collect domain activity +logs. + +### Configure the Query to Import from a Share + +The AD_ActivityCollection Job requires configuration to collect data. Follow the steps to modify the +query configuration when Netwrix Activity Monitor is configured to store activity logs on a network +share. + +**NOTE:** Ensure the Activity Monitor domain output and the required Connection Profile are +successfully set up. See the +[File Archive Repository Option](/docs/accessanalyzer/11.6/config/activedirectory/filearchive.md) +topic for additional information. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. + +**Step 2 –** Click **Query Properties**. The Query Properties window displays. + +**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard +opens. + +![Active Directory Activity DC wizard Category page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/categoryimportfromshare.webp) + +**Step 4 –** On the Category page, choose **Import from Share** option and click **Next**. + +![Active Directory Activity DC wizard Share settings page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/share.webp) + +**Step 5 –** On the Share page, provide the UNC path to the AD Activity share archive location. If +there are multiple archives in the same network share, check the **Include Sub-Directories** box. +Click **Next**. + +![Active Directory Activity DC wizard Scoping and Retention page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +**Step 6 –** On the Scope page, set the Timespan as desired. There are two options: + +- Relative Timespan – Set the number of days of activity logs to collect when the scan is run +- Absolute Timespan – Set the date range for activity logs to collect when the scan is run + +**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity +Monitor domain output log retention expires. For example, if Enterprise Auditor runs the +**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be +configured to retain at least 10 days of log files. + +**Step 7 –** Set the Retention period as desired. This is the number of days Enterprise Auditor +keeps the collected data in the SQL Server database. + +**Step 8 –** Click **Next** and then **Finish** to save the changes and close the wizard. + +**Step 9 –** Click **OK** to save the changes and close the Query Properties page. + +The query is now configured to target the network share where the Activity Monitor domain activity +logs are archived. + +## Analysis Tasks for the AD_ActivityCollection Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Analysis** node. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ActivityCollection Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/analysis.webp) + +The following analysis tasks are selected by default: + +- UAC Formatting Function – Splits column on commas and assigns opposing values to attributes +- AIC Import - AD Activity Events – Imports AD events to the Access Information Center for domain + objects + + - The `@ADEvents` and `@AuthEvents` parameters must be enabled for AD events and authentication + events to be imported into the Access Information Center + - The list of attributes to track for Object Modified changes can be customized by the + `#modifiedAttributeList` parameter + +- AIC Import - Activity Retention – Deletes older activity data from the Access Information Center + + - By default, data is retained for 120 days. This is customizable by the `@Days` parameter. + +### Customize Analysis Parameters for the AD_ActivityCollection Job + +The customizable parameters for this job allow you to configure importing of AD activity data into +the Netwrix Access Information Center. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------------------- | --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- | +| AIC Import - AD Activity Events | #modifiedAttributeList | Default attributes: - givenName - sn - displayName - description - userPrincipalName - sAMAccountName - initials - title - department - company - manager - location - streetAddress - currentLocation - st - postalCode - c - otherTelephone - homePhone - ipPhone - mobile - facsimileTelephoneNumber - otherFacsimileTelephoneNumber - mail - wWWHomePage - employeeID - employeeType - employeeNumber - extensionAttribute1 - extensionAttribute2 - extensionAttribute3 - extensionAttribute4 - extensionAttribute5 - extensionAttribute6 - extensionAttribute7 - extensionAttribute8 - extensionAttribute9 - extensionAttribute10 - extensionAttribute11 - extensionAttribute12 - extensionAttribute13 - extensionAttribute14 - extensionAttribute15 | List of attributes to track for Object Modified changes | +| AIC Import - AD Activity Events | @ADEvents | False | Enable to import AD events into the AIC | +| AIC Import - AD Activity Events | @AuthEvents | False | Enable to import authentication events into the AIC | +| AIC Import - Activity Retention | @Days | 120 | Number of days to retain activity data in the AIC | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_ldapqueries.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_ldapqueries.md new file mode 100644 index 0000000000..1c43214235 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_ldapqueries.md @@ -0,0 +1,73 @@ +# LDAP > AD_LDAPQueries Job + +The **LDAP** > **AD_LDAPQueries** Job analyzes LDAP traffic to determine trends such as most +expensive queries, most active servers and users, successful/failed and signing status. This data +can be used to troubleshoot performance issues, load balancing, and poorly configured services. + +![AD_LDAPQueries Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapjobstree.webp) + +**_RECOMMENDED:_** Schedule this job to run with the 0.Collection job group. + +## Analysis Tasks for the AD_LDAPQueries Job + +Navigate to the **Active Directory** > **6.Activity** > **LDAP** > **AD_LDAPQueries** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Except for the **Largest Queries** task, do not modify or deselect the remaining +selected analysis tasks. The remaining analysis tasks are preconfigured for this job. + +![Analysis Tasks for the AD_LDAPQueries Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapqueriesanalysis.webp) + +The following non-configurable analysis tasks are selected by default: + +- SSL – Creates the SA_AD_LDAPQueries_SSLStatus table accessible under the job’s Results node +- Host Summary – Creates the SA_AD_LDAPQueries_HostSummary table accessible under the job’s Results + node +- User Summary – Creates the SA_AD_LDAPQueries_UserSummary table accessible under the job’s Results + node + +The following configurable analysis task can be optionally enabled: + +- Largest Queries – Creates the SA_AD_LDAPQueries_ExpensiveQueries table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the AD_LDAPQueries Job produces the follow +pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Largest LDAP Queries | Shows LDAP queries returning the most objects, and their source. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar – Displays top users by LDAP traffic - Table – Displays top users by LDAP traffic - Table – Displays Expensive LDAP Queries | +| LDAP Overview | Overview of hosts and users performing queries, and query security. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of four elements: - Pie – Displays SSL query events view results - Pie – Displays query security flags - Table – Displays users performing LDAP queries - Table – Displays originating hosts | + +### Configure the Largest Queries Analysis Task + +Customizable parameters enable you to set the values used to control the minimum objects returned +and the days of traffic to analyze during this job’s analysis. The parameters can be customized and +are listed in a section at the bottom of the SQL Script Editor. Follow the steps to customize an +analysis task’s parameters. + +**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **LDAP** > **AD_LDAPQueries** > +**Configure** node and select **Analysis**. + +![Largest Queries analysis task configuration](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp) + +**Step 2 –** In the Analysis Selection view, select the **Largest Queries** analysis task and click +**Analysis Configuration**. The SQL Script Editor opens. + +**CAUTION:** Do not change any parameters where the Value states `Created during execution`. + +![Largest Queries analysis task in the SQL Script Editor](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapsqlscripteditor.webp) + +**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. There are +two integer variables that can be modified. Double-click on the current **value** and change as +desired: + +- @objects_returned – Controls the minimum number of objects returned for the queries to be + considered large. This value is set to 100 by default. +- @timeframe – Controls the number of days to analyze traffic for. This value is set to 30 days by + default. + +**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor +window. + +The analysis task now includes custom parameters for the updated values. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_lockouts.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_lockouts.md new file mode 100644 index 0000000000..9caf95bb5f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_lockouts.md @@ -0,0 +1,33 @@ +# Lockouts > AD_Lockouts Job + +The **Lockouts** > **AD_Lockouts** Job provides a listing of all account lockouts. For any lockout +occurring in the past 30 days, failed authentications and host information is provided to aid +troubleshooting. + +![AD_Lockouts Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/lockoutsjobstree.webp) + +**_RECOMMENDED:_** Schedule this job to run with the 0.Collection job group. + +## Analysis Tasks for the AD_Lockouts Job + +Navigate to the **Active Directory** > **6.Activity** > **Lockouts** > **AD_Lockouts** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_Lockouts Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/lockoutsanalysis.webp) + +The default analysis tasks are: + +- Account Lockouts – Creates the SA_AD_AccountLockouts_Details view accessible under the job’s + Results node +- Failed Authentications – Creates the SA_AD_AccountLockouts_FailedAutnentications table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_Lockouts Job produces the follow +pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | +| Lockouts | This report tracks all lockouts for user accounts. For any lockout occurring in the past 30 days, failed authentications and host information are provided to aid troubleshooting. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Table – Displays account lockouts details - Table –  Displays failed authentications in the past 30 days | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_computermodifications.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_computermodifications.md new file mode 100644 index 0000000000..541630a0cc --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_computermodifications.md @@ -0,0 +1,27 @@ +# AD_ComputerModifications Job + +The AD_ComputerModifications Job provides a report of all changes to computer objects. + +## Analysis Tasks for the AD_ComputerModifications Job + +Navigate to the **Active Directory** > **6.Activity** > **Changes** > **AD_ComputerModifications** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ComputerModifications Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp) + +The following non-configurable analysis tasks are selected by default: + +- All Computer Object Changes – Creates the SA_AD_ComputerChanges_ComputerSummary table accessible + under the job’s Results node +- Summarize by Computer – Creates the SA_AD_ComputerChanges_ComputerSummary table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_ComputerModifications Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ---------------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Computer Account Changes | Track changes to computer objects. | CPAA GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays Changes by Type - Table – Displays Changes by Computer - Table – Displays Computer Change Details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_groupmodifications.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_groupmodifications.md new file mode 100644 index 0000000000..4d2f79471a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_groupmodifications.md @@ -0,0 +1,38 @@ +# AD_GroupModifications Job + +The AD_GroupModifications Job provides a report of all changes to group objects. A separate report +is provided to highlight group membership changes. The list of top perpetrators can be used to +identify out of band changes. + +## Analysis Tasks for the AD_GroupModifications Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Changes** > +**AD_GroupModifications** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupModifications Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp) + +The following non-configurable analysis tasks are selected by default: + +- Group Changes – Creates the SA_AD_GroupModifications_Details view accessible under the job’s + Results node +- Summarize by Group – Creates the SA_AD_GroupModifications_GroupSummary table accessible under the + job’s Results node +- Summarize by Perpetrator – Creates the SA_AD_GroupModifications_UserSummary table accessible under + the job’s Results node +- Membership Changes – Creates the SA_AD_GroupMembershipChanges_Details view accessible under the + job’s Results node +- Summarize by Group – Creates the SA_AD_GroupMembershipChanges_Summary table accessible under the + job’s Results node +- Top Groups by Changes – Creates the SA_AD_GroupMembershipChanges_Last30Days table accessible under + the job’s Results node. + +In addition to the tables created by the analysis tasks, the AD_GroupModifications Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ----------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Changes | Tracks changes to group attributes. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays changes by type - Table – Displays changes by group - Table – Displays changes by group change details | +| Group Membership Changes | Tracks changes to group membership. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Stacked Chart – Displays the most active groups in the past 30 days - Table – Displays group membership summary - Table – Displays group membership change details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_usermodifications.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_usermodifications.md new file mode 100644 index 0000000000..8b8ff55381 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_usermodifications.md @@ -0,0 +1,27 @@ +# AD_UserModifications Job + +The AD_UserModifications Job provides a report of all changes to user objects. + +## Analysis Tasks for the AD_UserModifications Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Changes** > +**AD_UserModifications** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_UserModifications Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp) + +The following non-configurable analysis tasks are selected by default: + +- All User Account Changes – Creates the SA_AD_UserModifications_Details view accessible under the + job’s Results node +- Summary of Changes – Creates the SA_AD_userModifications_userSummary table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the AD_UserModifications Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------ | ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Account Changes | Track changes to user objects. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays changes by type - Table – Displays changes by user account - Table – Displays changes by user change details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/overview.md new file mode 100644 index 0000000000..9865e450df --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/overview.md @@ -0,0 +1,18 @@ +# Changes Job Group + +The Changes Job Group provides an audit trail for changes made to Computer, Group and User objects +within the environment. + +![Changes Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following Jobs make up the Changes Job Group: + +**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. + +- [AD_ComputerModifications Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_computermodifications.md) + – Reports on activity relating to changes made on computer objects +- [AD_GroupModifications Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_groupmodifications.md) + – Reports on activity relating to changes made on a group objects and changes made to group + membership +- [AD_UserModifications Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/ad_usermodifications.md) + – Reports on activity relating to changes made on user objects diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_accesschanges.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_accesschanges.md new file mode 100644 index 0000000000..d22eeb2c11 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_accesschanges.md @@ -0,0 +1,31 @@ +# AD_AccessChanges Job + +The AD_AccessChanges Job highlights the type and number of resources across the environment where +access has been affected. Groups which have historically been the cause of most access changes are +highlighted, to show potential issues in access sprawl and provisioning. + +## Analysis Tasks for the AD_AccessChanges Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Group Usage** > +**AD_AccessChanges** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_AccessChanges Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp) + +The following non-configurable analysis tasks are selected by default: + +- Find Access Changes – Creates the SA_AD_AccessChanges_Details table accessible under the job’s + Results node +- Group Summary – Creates the SA_AD_AccessChanges_GroupSummary table accessible under the job’s + Results node +- Access Type Summary – Creates the SA_AD_AccessChanges_TypeSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the AD_AccessChanges Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Access Changes | Highlights group membership additions that have created large changes in access within the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays largest changes last week - Table – Displays groups by modified access - Table – Displays all group membership changes | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_grouphosts.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_grouphosts.md new file mode 100644 index 0000000000..91b0ced806 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_grouphosts.md @@ -0,0 +1,29 @@ +# AD_GroupHosts Job + +The AD_GroupHosts Job attempts to identify where groups may be used to provide access. + +## Analysis Tasks for the AD_GroupHosts Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **GroupUsage** > +**AD_GroupHosts** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupHosts Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp) + +The default analysis tasks are: + +- Group Authentication Details – Creates the SA_AD_GroupHosts_Details table accessible under the + job’s Results node +- Summarize Authentication Events by Group – Creates the SA_AD_GroupHosts_GroupSummary table + accessible under the job’s Results node +- Summarize Authentication Events by Host – Creates the SA_AD_GroupHosts_HostSummary table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_GroupHosts Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Host Usage | Understand what groups are utilizing what hosts in the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Table – Displays security groups by target hosts - Table – Displays hosts by associated groups - Table – Displays authentication details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_groupmemberactivity.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_groupmemberactivity.md new file mode 100644 index 0000000000..e64cc736e0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_groupmemberactivity.md @@ -0,0 +1,53 @@ +# AD_GroupMemberActivity Job + +The AD_GroupMemberActivity Job analyzes the AD actions taken by the effective members of a group. +Monitoring authentication can provide a more accurate method of determining staleness than last +logons. + +## Analysis Tasks for the AD_GroupMemberActivity Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Group Usage** > +**AD_GroupMemberActivity** > **Configure** node and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the AD_GroupMemberActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp) + +The default analysis task is: + +- Group Member Activity – Creates the SA_AD_GroupMemberActivity_GroupSummary table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_GroupMemberActivity Job produces the +follow pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ------------------------------------------------------------------------------------------ | ---------------------------------------------------------- | --------------------------------------------------------------------------------- | +| Group Member Activity | This report identifies actions taken by the members of each group within your environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table – Displays group member activity | + +### Configure the Group Member Activity Analysis Task + +Customizable parameters enable you to set the values used to include the SIDs for admin groups +during this job’s analysis. The parameters can be customized and are listed in a section at the +bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s parameters. + +**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **Group Usage** > +**AD_GroupMemberActivity** > **Configure** node and select **Analysis**. + +![Group Member Activity analysis task configuration](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp) + +**Step 2 –** In the Analysis Selection view, select the Group Member Activity analysis task and +click on **Analysis Configuration**. The SQL Script Editor opens. + +**CAUTION:** Do not change any parameters where the Value states `Created during execution`. + +![Group Member Activity Analysis Task in the SQL Script Editor](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp) + +**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. Select +the cell for the temporary table called #admingroups, and click **Edit Table** to modify the value. + +- The new value should include SIDs for admin groups to be considered administrative groups beyond + the default admin groups. + +**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor +window. + +The analysis task now includes custom parameters for the updated values. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/overview.md new file mode 100644 index 0000000000..39c04f7087 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/overview.md @@ -0,0 +1,19 @@ +# Group Usage Job Group + +The Group Usage Job Group reports shows how group membership changes have affected access across the +entire environment, the actions taken by the members of a group, and identifies where groups may be +used for authorization in applications. + +![Group Usage Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following Jobs make up the Group Usage Job Group: + +**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. + +- [AD_AccessChanges Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_accesschanges.md) + – Reports on activity relating to access changes for Active Directory groups, highlighting + membership changes that have created large access change within the environment +- [AD_GroupHosts Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_grouphosts.md) + – Reports on what hosts groups are being used on within the environment +- [AD_GroupMemberActivity Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/ad_groupmemberactivity.md) + – Reports on the activity that group members are taking within the Active Directory environment diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_authenticationprotocol.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_authenticationprotocol.md new file mode 100644 index 0000000000..aa4f9069be --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_authenticationprotocol.md @@ -0,0 +1,29 @@ +# AD_AuthenticationProtocol Job + +The AD_Authentication Job shows what protocols are being used to authenticate across the environment +and will help to identify what services and computers may be affected when disabling NTLM. + +## Analysis Tasks for the AD_AuthenticationProtocol Job + +Navigate to the **Active Directory** > **6.Activity** > **Operations** > +**AD_AuthenticationProtocol** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_AuthenticationProtocol Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp) + +The default analysis tasks are: + +- Summarize Protocol Usage – Creates the SA_AD_AuthenticationProtocol_Summary table accessible under + the job’s Results node +- Summarize Host Protocol Usage – Creates the SA_AD_AuthenticationProtocol_Hosts table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_AuthenticationProtocol Job produces +the follow pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | -------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | +| Authentication Protocols | Track the prevalence of NTLM versus Kerberos within the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie – Displays authentication protocols - Table –  Displays authentication protocols summary | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_domaincontrollertraffic.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_domaincontrollertraffic.md new file mode 100644 index 0000000000..cbe3f896bb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_domaincontrollertraffic.md @@ -0,0 +1,29 @@ +# AD_DomainControllerTraffic Job + +The AD_DomainControllerTraffic Job provides a summary of the amount of traffic for Changes, +Authentication, Replication, and LDAP Queries for each domain controller which can be used to +identify issues with load balancing. If the AD_DCSummary job has been run, the roles for each domain +controller will be provided. + +## Analysis Tasks for the AD_DomainControllerTraffic Job + +Navigate to the **Active Directory** > **6.Activity** > **Operations** > +**AD_DomainControllerTraffic** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DomainControllerTraffic Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/dctrafficanalysis.webp) + +The default analysis task is: + +- Summarize Protocol Usage – Creates the SA_AD_DomainControllerTraffic_Details table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_DomainControllerTraffic Job produces +the follow pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | -------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------- | +| Domain Controller Traffic | Identifies the amount of active directory events that occur on each domain controller. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table –  Displays a Domain Controller summary | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_hardcodeddcs.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_hardcodeddcs.md new file mode 100644 index 0000000000..0c18aa5d59 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_hardcodeddcs.md @@ -0,0 +1,26 @@ +# AD_HardcodedDCs Job + +The AD_HardcodedDCs Job highlights machines that have communicated with only one domain controller. + +## Analysis Tasks for the AD_HardcodedDCs Job + +Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_HardcodedDCs** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_HardcodedDCs Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp) + +The default analysis tasks are: + +- Hardcoded DCs – Creates the SA_AD_Hardcoded_DCs table accessible under the job’s Results node +- Summarizes Hardcoded DC Information – Creates the SA_AD_Hardcoded_Summary table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_Hardcoded DCs Job produces the +follow pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Hardcoded DCs | This report identifies hosts which may have hardcoded domain controller information in server or application settings. Each host identified in this report has only contacted one domain controller. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie –  Displays top domain controllers - Table – Displays hardcoded domain controller summary - Table – Displays host details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_loadbalancing.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_loadbalancing.md new file mode 100644 index 0000000000..059f0d3f7a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_loadbalancing.md @@ -0,0 +1,28 @@ +# AD_LoadBalancing Job + +The AD_LoadBalancing Job analyzes each domain controller's traffic to show what percent of all LDAP, +Replication, Authentication and Changes are being handled by that particular machine. This helps to +highlight domain controllers which are over utilized relative to others within the domain, or unused +domain controllers which may be decommissioned. + +## Analysis Task for the AD_LoadBalancing Job + +Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_LoadBalancing** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the AD_LoadBalancing Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp) + +The default analysis task is: + +- Domain Controller Traffic – Creates the SA_AD_LoadBalancing_DomainControllers table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_LoadBalancing Job produces the +follow pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain Controllers | This report identifies the distribution of change events and authentication events between domain controllers in the monitored environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays top DCs by authentication traffic - Bar Chart – Displays top DCs by change traffic - Table – Displays domain controller traffic details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_machineowners.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_machineowners.md new file mode 100644 index 0000000000..3d9692e0aa --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_machineowners.md @@ -0,0 +1,27 @@ +# AD_MachineOwners Job + +The AD_MachineOwners Job helps to identify the owner of a particular host. + +## Analysis Tasks for the AD_MachineOwners Job + +Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_MachineOwners** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_MachineOwners Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/machineownersanalysis.webp) + +The default analysis tasks are: + +- Identify Machine Owners – Creates the SA_AD_MachineOwners_Details table accessible under the job’s + Results node +- User Summary – Creates the SA_AD_MachineOwners_UserSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the AD_MachineOwners Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------- | ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | +| Machine Owners | Identify owners of machines based on authentication patterns. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays top users by machines owned - Table – Displays machine owners | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/overview.md new file mode 100644 index 0000000000..d6e8b55067 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/overview.md @@ -0,0 +1,28 @@ +# Operations Job Group + +The Operations Job Group reports on Active Directory activity events related to operational +activity. This group can help report on probable machine owners based on authentications, domain +controller traffic and activity, and authentication protocols being used in the environment. + +![Operations Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following Jobs make up the Operations Job Group: + +**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. + +- [AD_AuthenticationProtocol Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_authenticationprotocol.md) + – Shows what protocols are being used to authenticate across the environment and will help to + identify what services and computers may be affected when disabling NTLM +- [AD_DomainControllerTraffic Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_domaincontrollertraffic.md) + – Provides a summary of the amount of traffic for Changes, Authentication, Replication, and LDAP + Queries for each domain controller which can be used to identify issues with load balancing. If + the AD_DCSummary job has been run, the roles for each DC will be provided. +- [AD_HardcodedDCs Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_hardcodeddcs.md) + – Highlight machines that have communicated with only one DC +- [AD_LoadBalancing Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_loadbalancing.md) + – Analyzes each domain controller's traffic to show what percent of all LDAP, Replication, + Authentication and Changes are being handled by that particular machine. This helps to highlight + domain controllers which are over utilized relative to others within the domain, or unused domain + controllers which may be decommissioned. +- [AD_MachineOwners Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/ad_machineowners.md) + – Helps to identify the owner of a particular host diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/overview.md new file mode 100644 index 0000000000..9dbb567f35 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/overview.md @@ -0,0 +1,40 @@ +# 6.Activity Job Group + +The 6.Activity Job Group provides insights into access sprawl, privileged account usage, and +operational health of the Active Directory environment. Information collected includes Active +Directory Changes, Authentication, LDAP Traffic, Replication Traffic, and LSASS.EXE process +injection on domain controllers. + +The jobs that comprise the 6.Activity Job Group collect data, process analysis tasks, and generate +reports. + +_Remember,_ this job group requires the Active Directory Activity license. + +![6.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 6.Activity Job Group is comprised of the following jobs: + +- [0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_activitycollection.md) + – Imports data from the Netwrix Activity Monitor logs into the Enterprise Auditor Database. + Retention can be modified in the query (120 days default). +- [Changes Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/overview.md) + – Provides an audit trail for changes made to Computer, Group and User objects within the + environment +- [Group Usage Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/overview.md) + – Shows how group membership changes have affected access across the entire environment, the + actions taken by the members of a group, and identifies where groups may be used for authorization + in applications +- [LDAP > AD_LDAPQueries Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_ldapqueries.md) + – Analyzes LDAP traffic to determine trends such as most expensive queries, most active servers + and users, successful/failed and signing status. This data can be used to troubleshoot performance + issues, load balancing, and poorly configured services. +- [Lockouts > AD_Lockouts Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_lockouts.md)– + Provides a listing of all account lockouts with relevant details which can be used to aid + troubleshooting +- [Operations Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/overview.md) + – Reports on Active Directory activity events related to operational activity. This group can help + report on probable machine owners based on authentications, domain controller traffic and + activity, and authentication protocols being used in the environment. +- [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/overview.md)– + Highlights the activity performed by this accounts, to identify potential abuses or unused + accounts that can be deprovisioned diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/ad_adminaccounts.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/ad_adminaccounts.md new file mode 100644 index 0000000000..9b941706dd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/ad_adminaccounts.md @@ -0,0 +1,59 @@ +# AD_AdminAccounts Job + +The AD_AdminAccounts Job shows all actions taken by domain administrators within the environment. + +## Analysis Tasks for the AD_AdminAccounts Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Privileged Accounts** > +**AD_AdminAccounts** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_AdminAccounts Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp) + +The default analysis tasks are: + +- Summarizes Administrative Account Activity – Creates the SA_AD_AdminAccounts_ActivitySummary table + accessible under the job’s Results node +- Identifies Administrative Accounts Last Activity Event – Creates the + SA_AD_AdminAccounts_LastActivity table accessible under the job’s Results node +- Identifies Administrative Group List Activity Event – Creates the + SA_AD_AdminAccounts_LastActivityByGroup table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_AdminAccounts Job produces the +follow pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Admin Activity | Highlights administrative account activity events. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays least active administrators - Table – Displays administrative user activity details | +| Admin Authentications | Authenticating from many different clients increases the risk of Administrator credentials being compromised. | GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays the top admin accounts by client usage - Table – Displays all client usage - Table – Displays administrator authentication | + +### Configure the Summarize Administrative Account Activity Analysis Task + +Customizable parameters enable you to set the values used to include the NT Account name for admin +groups during this job’s analysis. The parameters can be customized and are listed in a section at +the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s parameters. + +**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **Privileged Accounts** > +**AD_AdminAccounts** > **Configure** node and select **Analysis**. + +![Summarizes Administrative Account Activity analysis task configuration](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp) + +**Step 2 –** In the Analysis Selection view, select the **Summarizes Administrative Account +Activity** analysis task and click **Analysis Configuration**. The SQL Script Editor opens. + +**CAUTION:** Do not change any parameters where the Value states `Created during execution`. + +![Summarizes Administrative Account Activity analysis task in the SQL Script Editor](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp) + +**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. Select +the cell for the temporary table called #AdminGroups, and click **Edit Table** to modify the value. + +- The new value should include the NT Account names for the admin groups that are considered + administrative groups beyond the default admin groups. + +**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor +window. + +The analysis task now includes custom parameters for the updated values. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/ad_serviceaccountauth.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/ad_serviceaccountauth.md new file mode 100644 index 0000000000..c3298a04d0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/ad_serviceaccountauth.md @@ -0,0 +1,25 @@ +# AD_ServiceAccountAuth Job + +The AD_ServiceAccountAuth Job shows the last time a service account, identified by the presence of a +servicePrincipalName, was active within the environment. + +## Analysis Task for the AD_ServiceAccountAuth Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Operations** > +**AD_ServiceAccountAuth** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the AD_ServiceAccountAuth Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp) + +The following non-configurable analysis task is selected by default: + +- Creates the SA_AD_ServiceAccountAuth_Details table accessible under the job’s Results node. + +In addition to the tables created by the analysis tasks, the AD_ServiceAccountAuth Job produces the +follow pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | +| Service Accounts | Because many service accounts may not ever perform a logon, tracking authentication can be a better way to identify stale service accounts. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays stale service accounts - Table – Displays account details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/overview.md new file mode 100644 index 0000000000..dba2e0a286 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/overview.md @@ -0,0 +1,16 @@ +# Privileged Accounts Job Group + +The Privileged Accounts Job Group highlights the activity performed by this accounts, to identify +potential abuses or unused accounts which can be deprovisioned. + +![Privileged Accounts Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following Jobs make up the Privileged Accounts Job Group: + +**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. + +- [AD_AdminAccounts Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/ad_adminaccounts.md) + – Shows all actions taken by domain administrators within the environment being compromised +- [AD_ServiceAccountAuth Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/ad_serviceaccountauth.md) + – Shows the last time a service account, identified by the presence of a servicePrincipalName, was + active within the environment diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/activity/recommended.md b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/recommended.md new file mode 100644 index 0000000000..4f81c4526a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/activity/recommended.md @@ -0,0 +1,71 @@ +# Recommended Configurations for the 6.Activity Job Group + +The **Active Directory** > **6.Activity** Job Group has been configured by default to run with the +out-of-the-box settings. It can be run directly or scheduled. + +Dependencies + +- Successfully execute the **.Active Directory Inventory** Job Group +- Netwrix Activity Monitor 4.1+ is archiving AD Activity Logs +- Successfully execute the **Active Directory** > **5.Domains Job Group** prior to running the + Operations Job Group +- (Optional) Successfully execute the **Active Directory Permissions Analyzer** > **0.Collection** + Job Group +- (Optional) Successfully execute the **FileSystem** > **0.Collection** Job Group + +Targeted Host(s) + +Netwrix Activity Monitor API Server or the host with the network share housing archived log files. + +Connection Profile + +Connection Profiles must be set directly on the +[0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_activitycollection.md) +in order to connect to either the SAM API Server or the host with the network share housing the +archived log files. + +Access Token + +Required for SAM API Server integration for the +[0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/ad_activitycollection.md). + +Scheduling Frequency + +This group can be scheduled to run as desired. + +**_RECOMMENDED:_** Run from the 6.Activity Job Group level in order to correlate 0.Collection job +group data with other jobs. + +History Retention + +History is not supported. Turning on history will cause issues with data analysis and reporting. + +Multi-Console Support + +Multiple Enterprise Auditor Consoles are not supported. This group should be run from a single +Enterprise Auditor Console. + +Workflow + +**Step 1 –** Successfully run the **.Active Directory Inventory** Job Group. + +**Step 2 –** Setup integration between the Netwrix Activity Monitor and Enterprise Auditor by using +either an API Server or the network share where the archived log files are located. + +**Step 3 –** Ensure Activity Monitor logs are archived. + +**Step 4 –** Configure the Connection Profiles to connect successfully to the Netwrix Activity +Monitor API Server or the host with the network share housing the archived log files. + +**Step 5 –** Configure the **AD_ActivityCollection** Job Query. + +**Step 6 –** Run the jobs as desired. + +**Step 7 –** Run from the **6.Activity** Job Group level in order to correlate 0.Collection job +group data with other jobs. + +**Step 8 –** Review the reports generated by the jobs. + +See the +[Active Directory Solution](/docs/accessanalyzer/11.6/requirements/solutions/activedirectory.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/ad_securityassessment.md b/docs/accessanalyzer/11.6/solutions/activedirectory/ad_securityassessment.md new file mode 100644 index 0000000000..a35c93536f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/ad_securityassessment.md @@ -0,0 +1,91 @@ +# AD Security Assessment Job + +The AD_SecurityAssessment Job performs checks against Active Directory security best practices in +order to proactively identify critical security configurations that leave Active Directory +vulnerable to attack. The result are reports that provide a listing of findings by severity and +category with corresponding details that can be used to prioritize and remediate security issues. + +![AD Security Assessment Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/securityassessmentjobstree.webp) + +## Recommended Configurations for the AD_SecurityAssessment Job + +Dependencies + +One or more of the following job groups or jobs must be run to produce results: + +- .Active Directory Inventory Job Group +- Active Directory Job Group + + - Active Directory > 1.Groups > AD_SensitiveSecurityGroups + - Active Directory > 2.Users > AD_PasswordStatus + - Active Directory > 2.Users > AD_ServiceAccounts + - Active Directory > 2.Users > AD_WeakPasswords + - Active Directory > 2.Users > AD_SIDHistory + - Active Directory > 2.Users > AD_UserDelegation + - Active Directory > 3.Computers > AD_ComputerDelegation + - Active Directory > 4.Group Policy > AD_CPassword + - Active Directory > 5.Domains > AD_DomainInfo + +- Active Directory Permissions Analyzer Job Group + + - Active Directory Permissions Analyzer > 1.Users > AD_ResetPasswordPermissions + - Active Directory Permissions Analyzer > 1.Users > AD_UserPermissions + - Active Directory Permissions Analyzer > 2.Groups > AD_GroupMembershipPermissions + - Active Directory Permissions Analyzer > 2.Groups > AD_GroupPermissions + - Active Directory Permissions Analyzer > 3.OUs > AD_OUPermissions + - Active Directory Permissions Analyzer > 4.Computers > AD_ComputerPermissions + - Active Directory Permissions Analyzer > 4.Computers > AD_LAPSPermissions + - Active Directory Permissions Analyzer > 7.Containers > AD_AdminSDHolder + - Active Directory Permissions Analyzer > 7.Containers > AD_ContainerPermissions + - Active Directory Permissions Analyzer > 8.Domains > AD_DomainReplication + - Active Directory Permissions Analyzer > 9.Sites > AD_DCShadowPermissions + +- Windows Job Group + + - Windows > Privileged Accounts > Service Accounts > SG_ServiceAccounts + +**NOTE:** If any of the above jobs are not completed, the AD_SecurityAssessment job will run but all +checks will not be assessed. + +Target Host + +This job group does not collect data. No target host is required. + +Connection Profile + +No specific Connection Profile is required. + +Schedule Frequency + +Scheduled to run as desired + +History Retention + +History is not supported. Turning on history will cause issues with data analysis and reporting. + +Multi-console Support + +Multiple StealthAUDIT consoles are not supported. This job should be run from a single StealthAUDIT +console. + +## Analysis Task for the AD_SecurityAssessment Job + +Navigate to the **Jobs** > Active Directory > AD_SecurityAssessment > Configure node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/securityassessmentanalysis.webp) + +The following non-configurable analysis task is selected by default: + +- Summarize Audit Findings – Creates the AD_SecurityAssessment_Results table accessible under the + job’s Results node. + +In addition to the tables created by the analysis task, the AD_SecurityAssessment job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| AD Security Assessment | This report identifies security risks within a targeted Active Directory environment based on results of previously run jobs. | GDPR SOX PCI HIPAA | This report is comprised of four elements: - Table – Provides Scope of Audit on domains - Pie Chart – Displays Findings by Severity - Table – Provides Findings by Category - Table – Provides Details on Risk | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/ad_cleanupprogress.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/ad_cleanupprogress.md new file mode 100644 index 0000000000..6360c1853a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/ad_cleanupprogress.md @@ -0,0 +1,48 @@ +# AD_CleanupProgress Job + +The AD_CleanupProgress Job performs checks against Active Directory security best practices in order +to proactively identify critical security configurations that leave Active Directory vulnerable to +attack. The result is a report which provides a listing of findings by severity and category with +corresponding details that can be used to prioritize and remediate security issues. + +![AD_CleanupProgress Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp) + +Workflow + +**Step 1 –** Ensure the following prerequisites are met: + +- The .Active Directory Inventory Job Group needs to be successfully run prior to running this job +- The following jobs from the Active Directory Solution must be run prior to running this job: + + - **Active Directory** > **1.Groups** > **AD_DuplicateGroups** + - **Active Directory** > **2.Users** > **AD_DirectMembership** + - **Active Directory** > **3.Computers** > **AD_StaleComputers** + +**Step 2 –** Schedule the AD_Cleanup Progress Job to run every day after the prerequisites have been +satisfied. + +**Step 3 –** Review the reports generated by the AD_CleanupProgress Job. + +## Analysis Tasks for the AD_CleanupProgress Job + +Navigate to the **Active Directory** > **Cleanup** > **AD_CleanupProgress** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the AD_CleanupProgress Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp) + +The default analysis task is: + +- Generates daily summary of AD exceptions – Creates the AD_CleanupProgress_DailySummary table + accessible under the job’s Results node + +In addition to the table created by the analysis task, the AD_CleanupProgress Job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Computer Cleanup Summary | This report tracks Active Directory computer exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily computer exceptions trend - Table – Provides details on daily computer exceptions | +| Group Cleanup Summary | This report tracks Active Directory group exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily group exceptions trend - Table – Provides details on daily group exceptions | +| User Cleanup Summary | This report tracks Active Directory user exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily user exceptions trend - Table – Provides details on daily user exceptions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers.md new file mode 100644 index 0000000000..4453924aa7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers.md @@ -0,0 +1,87 @@ +# AD_DeprovisionComputers Job + +The AD_DeprovisionComputers Job provides a simple automated workflow deprovision stale computers. + +**Step 1 –** Move stale computers to a staging OU for deletion. + +**Step 2 –** The assigned manager is alerted by email of the impending deletion. + +**Step 3 –** Disables computer accounts. + +**Step 4 –** After a configurable amount of days in the staging OU, deletes computers from the +staging OU. The default is 365 days. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The AD_DeprovisionComputers page has the following configurable parameters: + +- Days in the Staging OU before Deleting Account + +See the +[Customizable Analysis Parameters for the AD_DeprovisionComputers Job](#customizable-analysis-parameters-for-the-ad_deprovisioncomputers-job) +topic for additional information. + +## Analysis Tasks for the AD_DeprovisionComputers Job + +Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > **AD_Deprovision +Computers** > **Configure** node and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the AD_DeprovisionComputers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp) + +The default analysis tasks are: + +- Identify Stale Computers – Creates the AD_DeprovisionComputers_Details table accessible under the + job’s Results node +- Computer Accounts to Delete – Creates the AD_DeprovisionComputers_ToBeDeleted table accessible + under the job’s Results node + + - This analysis task contains a configurable parameter: `@days_before_deleting`. See the + [Customizable Analysis Parameters for the AD_DeprovisionComputers Job](#customizable-analysis-parameters-for-the-ad_deprovisioncomputers-job) + topic for additional information. + +### Customizable Analysis Parameters for the AD_DeprovisionComputers Job + +Customizable parameters enable you to set the values used to classify user and group objects during +this job’s analysis. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| --------------------------- | --------------------------- | ------------- | ---------------------------------------------- | +| Computer Accounts to Delete | @days_before_deleting | 365 | Days in the staging OU before deleting account | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. + +## Action Tasks for the AD_DeprovisionComputers Job + +Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > **AD_DeprovisionComputers** > +**Configure** node and select **Actions** to view the actions. + +**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +![Action Tasks for the AD_DeprovisionComputers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp) + +The action tasks are: + +**CAUTION:** The action tasks must be executed together and in order. + +- Move Computers – Move computers to staging OU for deletion + + - The target staging OU must be set in the Move Computers Action Task prior to executing the + action tasks. See the + [Configure the Target OU](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetou.md) + topic for additional information. + +- Notify Manager – Notify assigned manager by email of the impending deletion +- Disable Computers – Disable computer accounts +- Delete Computers – Delete computers from staging OU + +After the `@days_before_deleting` analysis parameter has been configured and the target OU has been +set in the Move Computers Action Task, select the checkboxes next to all of the action tasks and +click **Execute Action** to execute the action tasks. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers_status.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers_status.md new file mode 100644 index 0000000000..c70e0964fe --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers_status.md @@ -0,0 +1,27 @@ +# AD_DeprovisionComputers_Status Job + +The AD_DeprovisionComputers_Status Job tracks and reports on the progress of the computer +deprovisioning workflow. + +## Analysis Tasks for the AD_DeprovisionComputers_Status Job + +Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > +**AD_DeprovisionComputers_Status** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for AD_DeprovisionComputers_Status Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp) + +The default analysis tasks are: + +- Track Deletion – Creates the AD_DeprovisionComputers_Log table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis task, the AD_DeprovisionComputers_Status +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Computer Deprovisioning | This report tracks actions taken each day of the Stale Computer Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on computer deprovisioning - Table – Provides action details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/overview.md new file mode 100644 index 0000000000..f1e9c18c58 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/overview.md @@ -0,0 +1,30 @@ +# 3.Computers Job Group + +The 3.Computers Job Group identifies stale computer accounts, providing a workflow to safely +deprovision identified accounts. + +![3.Computers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/computersjobtree.webp) + +The jobs in the 3.Computers Job Group are: + +- [AD_DeprovisionComputers Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers.md) + – Provides a simple, automated workflow to deprovision stale and unused user accounts +- [AD_DeprovisionComputers_Status Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers_status.md) + – Tracks all actions taken by the included deprovisioning workflow + +Workflow + +**Step 1 –** Ensure the following prerequisites are met: + +- The .Active Directory Inventory Job Group needs to be successfully run +- For the AD_DeprovisionComputers Job, the target OU needs to be manually set in the Move Computers + Action Task prior to executing the actions. See the + [Action Tasks for the AD_DeprovisionComputers Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers.md#action-tasks-for-the-ad_deprovisioncomputers-job) + topic for additional information. +- The AD_DeprovisionComputers Job needs to be run prior to running the + AD_DeprovisionComputers_Status Job + +**Step 2 –** Schedule the 3.Computers Job Group to run as desired after the prerequisites have been +satisfied. + +**Step 3 –** Review the reports generated by the 3.Computers Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetou.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetou.md new file mode 100644 index 0000000000..0bff838af4 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetou.md @@ -0,0 +1,23 @@ +# Configure the Target OU + +Follow the steps to configure the target staging OU. + +**Step 1 –** Navigate to the **[Job]** > **Configure** > **Actions** node. + +![Action Properties button on Action Selection page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp) + +**Step 2 –** On the Action Selection page, select the desired action task and click **Action +Properties**. + +**Step 3 –** In the Action Properties window, select **Configure Action**. The Active Directory +Action Module Wizard opens. + +![Move Objects page of the Active Directory Action Module Wizard](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp) + +**Step 4 –** Navigate to the Move Objects page of the Active Directory Action Module Wizard. In the +OU field, enter or browse to the desired target OU. To create the target OU location, select the +**Create target OU location if it does not already exist** checkbox. + +**Step 5 –** Navigate to the Summary page and click **Finish**. + +The target OU is now set for the action task. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md new file mode 100644 index 0000000000..bbd77bbf11 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md @@ -0,0 +1,92 @@ +# AD_DeprovisionGroups Job + +The AD_DeprovisionGroups Job provides an automated workflow to deprovision stale groups. This +workflow is completed by the action tasks. + +**Step 1 –** Move stale groups to a staging OU for deletion. + +**Step 2 –** The group is changed to a distribution list. + +**Step 3 –** The assigned manager is alerted by email of the impending deletion. + +**Step 4 –** The group is flagged as **To Be Deleted**. + +**Step 5 –** After a configurable amount of days in the staging OU, the group is deleted from the +staging OU. The default is 365 days. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The AD_DeprovisionGroups page has the following configurable parameters: + +- Days in the Staging OU before deletion + +See the +[Customizable Analysis Parameters for the AD_DeprovisionGroups Job](#customizable-analysis-parameters-for-the-ad_deprovisiongroups-job) +topic for additional information. + +## Analysis Tasks for the AD_DeprovisionGroups Job + +Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > +**AD_Deprovision Groups** > **Configure** node and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the AD_DeprovisionGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp) + +The default analysis tasks are: + +- Identify Stale Groups – Creates the AD_DeprovisionGroups_Details table accessible under the job’s + Results node +- Groups to Delete – Identifies groups in the Stale Groups OU that are ready to be deleted + + - This analysis task contains a configurable parameter: `@days_before_deleting`. See the + [Customizable Analysis Parameters for the AD_DeprovisionGroups Job](#customizable-analysis-parameters-for-the-ad_deprovisiongroups-job) + topic for additional information. + +### Customizable Analysis Parameters for the AD_DeprovisionGroups Job + +Customizable parameters enable you to set the values used to classify user and group objects during +this job’s analysis. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ---------------- | --------------------------- | ------------- | -------------------------------------- | +| Groups to Delete | @days_before_deleting | 365 | Days in the staging OU before deletion | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. + +## Action Tasks for the AD_DepvisionGroups Job + +Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > +**AD_DeprovisonGroups** > **Configure** node and select **Actions** to view the action tasks. + +**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +![Action Tasks for the AD_DepvisionGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp) + +The action tasks are: + +**CAUTION:** The action tasks must be executed together and in order. + +- Move Groups – Move groups to staging OU + + - The target staging OU must be set in the Move Groups Action Task prior to executing the action + tasks. See the + [Configure the Target OU](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetou.md) + topic for additional information. + +- Disable Groups – The group is changed to a distribution list +- Notify Manager – Notify assigned manager by email of the impending deletion +- Update Description – The group is changed to a distribution list to prevent its use for + authentication and flagged as **To Be Deleted** +- Delete Groups – After a configurable amount of days in the staging OU, the group is deleted. The + default is 365 days. + +After the `@days_before_deleting` analysis parameter has been configured and the target OU has been +set in the Move Groups Action Task, select the checkboxes next to all of the action tasks and click +**Execute Action** to execute the action tasks. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups_status.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups_status.md new file mode 100644 index 0000000000..79010ab1da --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups_status.md @@ -0,0 +1,26 @@ +# AD_DeprovisionGroups_Status Job + +The AD_DeprovisionGroups_Status Job tracks all actions taken by the Deprovisioning workflow. + +## Analysis Task for the AD_DeprovisionGroups_Status Job + +Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > +**AD_Deprovision Groups_Status** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis tasks is +preconfigured for this job. + +![Analysis Task for the AD_DeprovisionGroups_Status Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp) + +The default analysis task is: + +- Track Actions – Creates the AD_DeprovisionGroups_Log and AD_DeprovisionGroups_Notes tables + accessible under the job’s Results node + +In addition to the table created by the analysis task, the AD_DeprovisionGroups_Status Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Deprovisioning | This report tracks actions taken each day of the Stale Group Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on cleanup progress - Table – Provides action details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/overview.md new file mode 100644 index 0000000000..a8ee87366e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/overview.md @@ -0,0 +1,14 @@ +# 1.Deprovision Job Group + +The 1. Deprovision Groups Job Group provides a simple, automated workflow to deprovision stale +groups. The action tasks in this job group provide an automated workflow. + +![1.Deprovision Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp) + +The jobs in the 1. Deprovision Groups Job Group are: + +- [AD_DeprovisionGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md) + – This job provides an automated workflow to deprovision stale groups +- [AD_DeprovisionGroups_Status Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups_status.md) + – This job tracks and reports on the progress of all actions taken by the included Deprovisioning + workflow diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/overview.md new file mode 100644 index 0000000000..0d419ad7d8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/overview.md @@ -0,0 +1,44 @@ +# 1.Groups Job Group + +The 1.Groups Job Group provides a workflow to safely deprovision groups, as well as the ability to +stamp security groups with what resources they are given access to. + +![1.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/groupsjobtree.webp) + +The jobs in the 1.Groups Job Group are: + +- [1.Deprovision Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/overview.md) + – This job group provides a simple, automated workflow to deprovision stale groups + + - [AD_DeprovisionGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md) + – This job provides a simple automated workflow to deprovision stale groups + - [AD_DeprovisionGroups_Status Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups_status.md) + – This job tracks and reports on the progress of the deprovisioning workflow + +- [2.Group Stamping Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/overview.md) + – This job group updates the Notes attribute for all security groups to show where the group is + provisioned inside the environment. + + - [AD_GroupCleanup_Permissions Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/ad_groupcleanup_permissions.md) + – This job reports on where security groups are being used to assign permissions. This can be + used to prioritize remediation for groups that are rarely used. + - [AD_GroupStamping Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/ad_groupstamping.md) + – This job replaces the Notes attribute for all security groups to show where the group is + provisioned inside the environment. This overwrites the Notes field with data from Enterprise + Auditor. + +Workflow + +**Step 1 –** Ensure the following prerequisites are met: + +- The .Active Directory Inventory Job Group needs to be successfully run +- For the AD_DeprovisionGroups Job, the target OU needs to be manually set in the Move Groups Action + Task prior to executing the actions. See the + [Action Tasks for the AD_DepvisionGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md#action-tasks-for-the-ad_depvisiongroups-job) + topic for additional information. +- The AD_DeprovisionGroups Job needs to be run prior to running the AD_DeprovisionGroups_Status Job + +**Step 2 –** Schedule the 1.Groups Job Group to run as desired after the prerequisites have been +satisfied. + +**Step 3 –** Review the reports generated by the 1.Groups Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/ad_groupcleanup_permissions.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/ad_groupcleanup_permissions.md new file mode 100644 index 0000000000..57b257bb96 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/ad_groupcleanup_permissions.md @@ -0,0 +1,44 @@ +# AD_GroupCleanup_Permissions Job + +The AD_GroupCleanup_Permissions Job reports on where security groups are being used to assign +permissions. This can be used to prioritize remediation for groups that are rarely used. + +## Analysis Tasks for the AD_GroupCleanup_Permissions Job + +Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **2. Group Stamping** > +**AD_GroupCleanup_Permissions** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupCleanup_Permissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp) + +The default analysis tasks are: + +- Summarize Group Type/Scope – Creates the SA_AD_GroupCleanup_GroupTypes table accessible under the + job’s Results node +- Direct Permission Details – Creates the SA_AD_GroupCleanup_PermissionsImport table accessible + under the job’s Results node +- Expanded Perms Details – Creates the SA_GroupCleanup_ExpandedPermissions table accessible under + the job’s Results node +- Expanded Perms Summary – Creates the SA_GroupCleanup_ExpandedPermissionsSummary table accessible + under the job’s Results node +- Access Counts by Group – Creates the SA_GroupCleanup_GroupAccessSprawl table accessible under the + job’s Results node +- Permission and Access Counts by Group Scope – Creates the SA_AD_GroupCleanup_PermissionsByScope + table accessible under the job’s Results node +- Permission and Access Counts by Toxic Condition – Creates the + SA_AD_GroupCleanup_PermissionsByCondition table accessible under the job’s Results node +- Permission and Access Counts by Scan Type – Creates the SA_AD_GroupCleanup_ScanOverview table + accessible under the job’s Results node +- Group Summary – Creates the SA_GroupCleanup_GroupSummary table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis tasks, the AD_GroupCleanup_Permissions +Job produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Direct Permission Details | This report shows all direct permissions found by DAG for FileSystem, DAG for SharePoint, or imported into the Access Information Center from other sources. | None | This report is comprised of one element: - Table – Provides group direct permission details | +| Group Permission Summary | This report identifies what types of resources each security group is being used to apply permissions. | None | This report is comprised of four elements: - Table – Provides details on permission scans - Table – Provides details on group access - Table – Provides details on toxic conditions - Table – Provides a group overview | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/ad_groupstamping.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/ad_groupstamping.md new file mode 100644 index 0000000000..5a4ab5023f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/ad_groupstamping.md @@ -0,0 +1,40 @@ +# AD_GroupStamping Job + +The AD_GroupStamping Job updates the Notes attribute for all security groups to show where the group +is provisioned inside the environment. This overwrites the notes field with data from Enterprise +Auditor. + +## Analysis Tasks for the AD_GroupStamping Job + +Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **2. Group Stamping +AD_GroupStamping** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupStamping Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp) + +The default analysis tasks are: + +- Identify Stale Groups – Creates the AD_DeprovisionGroups_Details table accessible under the job’s + Results node +- Groups to Delete – Identifies groups in the Stale Groups OU ready to be deleted + +In addition to the tables and views created by the analysis tasks, the AD_GroupStamping Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Stamping | This report tracks all actions taken with the included group stamping workflow. | None | This report is comprised of three elements: - Line Chart – Displays daily actions - Table – Provides details on daily actions - Table – Provides action details | + +## Action Tasks for the AD_GroupStamping Job + +View the action tasks by navigating to the **Active Directory** > **Cleanup** > **1.Groups** > **2. +Group Stamping AD_GroupStamping** > **Configure** node and select **Actions**. + +![Action Tasks for the AD_GroupStamping Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp) + +- Stamp Groups – Update Notes field with Permissions + +Select the checkbox next to The Stamp Groups Action Task and click **Execute Action** to execute the +action task. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/overview.md new file mode 100644 index 0000000000..ad0efcca66 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/overview.md @@ -0,0 +1,14 @@ +# 2.Group Stamping Job Group + +The 2. Group Stamping Job Group updates the Notes attribute for all security groups to show where +the group is provisioned inside the environment. + +![2.Group Stamping Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp) + +The jobs in the 2. Group Stamping Job Group are: + +- [AD_GroupCleanup_Permissions Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/ad_groupcleanup_permissions.md) + – Reports on where security groups are being used to assign permissions +- [AD_GroupStamping Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/ad_groupstamping.md) + – Updates the Note attribute for all security groups to show where the group is provisioned inside + of the environment diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/overview.md new file mode 100644 index 0000000000..d9c700597e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/overview.md @@ -0,0 +1,27 @@ +# Cleanup Job Group + +The **Active Directory** > **Cleanup** Job Group identifies potential stale and unused users, +computers, and groups as well as issues with group membership. Remediation workflows are included to +deprovision unnecessary objects. + +**CAUTION:** Apply changes only to intended target Active Directory objects, and ensure only the +changes required are enabled. Enabling and executing action modules without consideration can +negatively impact Active Directory. + +**_RECOMMENDED:_** Run the actions in a test environment before making changes to a production +environment. + +![Cleanup Job Group Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The job groups in the Cleanup Job Group are: + +- [1.Groups Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/overview.md) + – Provides an automated workflow to safely deprovision groups, as well as the ability to stamp + security groups with what resources they are given access to +- [2.Users Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/overview.md) + – Provides an automated workflow to deprovision stale and unused user accounts +- [3.Computers Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/overview.md) + – Provides an automated workflow to deprovision stale computer accounts +- [AD_CleanupProgress Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/ad_cleanupprogress.md) + – Tracks Active Directory computer, group, and user exceptions over time. This information can be + used to provide a high-level picture of an organization's Active Directory cleanup effort. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/recommended.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/recommended.md new file mode 100644 index 0000000000..5e64e77aa6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/recommended.md @@ -0,0 +1,38 @@ +# Recommended Configurations for AD Cleanup Job Group + +The recommended configurations for the Cleanup Job Group are: + +Dependencies + +The Cleanup job group has the following prerequisites: + +- The Active Directory Actions license feature is required +- The Active Directory Actions Module must be installed +- The .Active Directory Inventory Job Group needs to be successfully run prior to running this job + group +- The following job groups from the Activity Directory job group need to be successfully run prior + to running this job group: + + - 1.Groups + - 2.Users + - 3.Computers + +Individual jobs and job groups within the Cleanup Job Group may have their own prerequisites and +dependencies. See the relevant job or job group topic for additional information. + +Target Hosts + +None + +Schedule Frequency + +Most of the jobs in this job group can be scheduled to run as desired. The AD_Cleanup Progress Job +should be scheduled to run every day. + +History Retention + +Not supported + +Multi-console Support + +Not supported diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/ad_deprovisionusers.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/ad_deprovisionusers.md new file mode 100644 index 0000000000..13bfa743e8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/ad_deprovisionusers.md @@ -0,0 +1,94 @@ +# AD_DeprovisionUsers Job + +The AD_DeprovisionUsers Job provides an automated workflow deprovision stale and unused user +accounts. + +**Step 1 –** Move stale users to a staging OU for deletion. + +**Step 2 –** The assigned manager is alerted by email of the impending deletion. + +**Step 3 –** User accounts are disabled. + +**Step 4 –** Users are flagged as **To Be Deleted**. + +**Step 5 –** Delete users from the staging OU. + +**Step 6 –** Remove stale users from all groups. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The AD_DeprovisionUsers page has the following configurable parameters: + +- Days in the Stale Users OU before being deleted + +See the +[Customizable Analysis Parameters for the AD_DeprovisionUsers Job](#customizable-analysis-parameters-for-the-ad_deprovisionusers-job) +topic for additional information. + +## Analysis Tasks for the AD_DeprovisionUsers Job + +Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers** > +**Configure** node and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the AD_DeprovisionUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp) + +The default analysis tasks are: + +- Identify Users to be Deleted – Imports data from stale users +- User Accounts to Delete – Identifies accounts in the Stale Accounts OU that are ready to be + deleted + + - This analysis task contains a configurable parameter: `@days_before_deleting`. See the + [Customizable Analysis Parameters for the AD_DeprovisionUsers Job](#customizable-analysis-parameters-for-the-ad_deprovisionusers-job) + topic for additional information. + +- Identify Group Membership – Identifies stale user membership to remove + +### Customizable Analysis Parameters for the AD_DeprovisionUsers Job + +Customizable parameters enable you to set the values used to classify user and group objects during +this job’s analysis. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ----------------------- | --------------------------- | ------------- | ----------------------------------------------- | +| User Accounts to Delete | @days_before_deleting | 365 | Days in the Stale Users OU before being deleted | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. + +## Action Tasks for the AD_DeprovisionUsers Job + +Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers** > +**Configure** node and select **Actions** to view the actions. + +**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +![Action Tasks for the AD_DeprovisionUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp) + +The action tasks are: + +**CAUTION:** The action tasks must be executed together and in order. + +- Move Users – Move users to staging OU for deletion + + - The target OU must be set in the Move Users Action Task prior to executing the action tasks. + See the + [Configure the Target OU](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetou.md) + topic for additional information. + +- Notify Manager – Notify assigned manager by email of the impending deletion +- Disable Users – Disable user accounts +- Update Description – Flag users as **To Be Deleted** +- Delete Users – Delete users from staging OU +- Remove Membership – Remove stale users from all groups + +After the `@days_before_deleting` analysis parameter has been configured and the target OU has been +set in the Move Users Action Task, select the checkboxes next to all of the action tasks and click +**Execute Action** to execute the action tasks. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/ad_deprovisionusers_status.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/ad_deprovisionusers_status.md new file mode 100644 index 0000000000..2cd83d9ce0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/ad_deprovisionusers_status.md @@ -0,0 +1,25 @@ +# AD_DeprovisionUsers_Status Job + +The AD_DeprovisionUsers_Status Job tracks all actions taken by the included deprovisioning workflow. + +## Analysis Tasks for the AD_DeprovisionUsers_Status Job + +Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers_Status** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the AD_DeprovisionUsers_Status Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp) + +The default analysis task is: + +- Track History – Tracks all actions taken. Creates the SA_AD_DeprovisionUsers_Log accessible under + the job’s Results node. + +In addition to the tables and views created by the analysis task, the AD_DeprovisionUsers_Status Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| User Deprovisioning | This report tracks actions taken each day of the Stale User Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on user deprovisioning - Table – Provides action details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/overview.md new file mode 100644 index 0000000000..df3a2da834 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/overview.md @@ -0,0 +1,28 @@ +# 2.Users Job Group + +The 2.Users Job Group provides a workflow to deprovision stale and unused user accounts. + +![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/usersjobtree.webp) + +The jobs in the 2.Users Job Group are: + +- [AD_DeprovisionUsers Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/ad_deprovisionusers.md) + – Provides a simple and automated workflow to deprovisions stale and unused user accounts +- [AD_DeprovisionUsers_Status Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/ad_deprovisionusers_status.md) + – Tracks and reports all actions taken by the included Deprovisioning workflow + +Workflow + +**Step 1 –** Ensure the following prerequisites are met: + +- The .Active Directory Inventory Job Group needs to be successfully run +- For the AD_DeprovisionUsers Job, the target OU needs to be manually set in the Move Users Action + Task prior to executing the actions. See the + [Action Tasks for the AD_DeprovisionUsers Job](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/ad_deprovisionusers.md#action-tasks-for-the-ad_deprovisionusers-job) + topic for additional information. +- The AD_DeprovisionUsers Job needs to be run prior to running the AD_DeprovisionUsers_Status Job + +**Step 2 –** Schedule the 2.Users Job Group to run as desired after the prerequisites have been +satisfied. + +**Step 3 –** Review the reports generated by the 2.Users Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/computers/ad_computerdelegation.md b/docs/accessanalyzer/11.6/solutions/activedirectory/computers/ad_computerdelegation.md new file mode 100644 index 0000000000..b71b04f092 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/computers/ad_computerdelegation.md @@ -0,0 +1,31 @@ +# AD_ComputerDelegation Job + +The AD_ComputerDelegation Job provides details on computer accounts that have been enabled for +unconstrained delegation. Once this configuration is enabled for a computer, any time an account +connects to the computer for any reason, their ticket-granting ticket (TGT) is stored in memory so +it can be used later by the computer for impersonation, which exposes a significant security risk in +cases where privileged accounts access the computer.  See the +[What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix +blog article for more information about this configuration and the related security risks. + +## Analysis Task for the AD_ComputerDelegation Job + +Navigate to the **Active Directory** > **3.Computers** > **AD_ComputerDelegation** > Configure node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the analysis task. The analysis task is preconfigured for +this job. + +![Analysis Task for the AD_ComputerDelegation Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/computers/computerdelegationanalysis.webp) + +The default analysis tasks are: + +- Determine computers trusted for delegation – Creates the SA_AD_ComputerDelegation_Details table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the AD_ComputerDelegation Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Computers Trusted for Delegation | This report highlights which computers are trusted for delegation, which accounts are sensitive, and whether the delegation is constrained or unconstrained. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays computers trusted for delegation by domain - Table – Provides details on computers trusted for delegation - Table – Provides details on computers trusted for delegation by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/computers/ad_stalecomputers.md b/docs/accessanalyzer/11.6/solutions/activedirectory/computers/ad_stalecomputers.md new file mode 100644 index 0000000000..ad3da76c18 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/computers/ad_stalecomputers.md @@ -0,0 +1,61 @@ +# AD_StaleComputers Job + +The AD_StaleComputers Job provides details on stale computers that may be candidates for cleanup. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The AD_StaleComputers Job has the following configurable parameters: + +- Days since Last Logon +- Consider disabled accounts as stale + +See the +[Customizable Analysis Parameters for the AD_StaleComputers Job](#customizable-analysis-parameters-for-the-ad_stalecomputers-job) +topic for additional information. + +## Analysis Tasks for the AD_StaleComputers Job + +Navigate to the **Active Directory** > **3.Computers** > **AD_StaleComputers** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the **2. Summarize by Domain** analysis task. This analysis +task is preconfigured for this job. + +![Analysis Tasks for the AD_StaleComputers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/computers/stalecomputersanalysis.webp) + +The default analysis tasks are: + +- 1. Identify Stale Computers + + - Identifies computer objects that are disabled or have exceeded the defined threshold of + inactivity + - Creates the SA_AD_StaleComputers_Details table accessible under the job’s Results node + - Definition of a stale computer can be customized + +- 2. Summarize by Domain – Creates the SA_AD_StaleComputers_DomainSummay table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_StaleComputers Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Stale Computers | This report presents potentially stale computers. Computers are considered stale if they have never logged onto the domain, have not logged onto the domain in the past 90 days, or are disabled. **NOTE:** The definition of a stale computer is customizable. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays stale computers by domain - Table – Provides details on computers - Table – Provides summary of stale computers | + +### Customizable Analysis Parameters for the AD_StaleComputers Job + +Analysis parameters that can be customized have the following default values: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| --------------------------- | --------------------------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| 1. Identify Stale Computers | @days_since_last_logon | 90 | A computer object that has been inactive for 90 days or more | +| 1. Identify Stale Computers | @consider_disable | 1 | A computer object that has been disabled: - Value 1 = Disabled computers are included as stale - Value 0 = Disabled computers are not included as stale | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/computers/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/computers/overview.md new file mode 100644 index 0000000000..8e5676451e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/computers/overview.md @@ -0,0 +1,19 @@ +# 3.Computers Job Group + +The 3.Computers Job Group help to pinpoint potential areas of administrative concern related to +computer accounts, including stale computers and computers that have been trusted for delegation. + +![3.Computers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following jobs comprise the 3.Computers Job Group: + +- [AD_ComputerDelegation Job](/docs/accessanalyzer/11.6/solutions/activedirectory/computers/ad_computerdelegation.md) + – Provides details on computer accounts that have been trusted for delegation. Once this + configuration is enabled for a computer, any time an account connects to the computer for any + reason, their ticket-granting ticket (TGT) is stored in memory so it can be used later by the + computer for impersonation, which exposes a significant security risk in cases where privileged + accounts access the computer.  See the + [What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix + blog article for more information about this configuration and the related security risks. +- [AD_StaleComputers Job](/docs/accessanalyzer/11.6/solutions/activedirectory/computers/ad_stalecomputers.md) + – Provides details on stale computers that may be candidates for cleanup diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/computers/recommended.md b/docs/accessanalyzer/11.6/solutions/activedirectory/computers/recommended.md similarity index 100% rename from docs/accessanalyzer/12.0/solutions/active-directory/computers/recommended.md rename to docs/accessanalyzer/11.6/solutions/activedirectory/computers/recommended.md diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_dcsummary.md b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_dcsummary.md new file mode 100644 index 0000000000..f18f9c57cb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_dcsummary.md @@ -0,0 +1,29 @@ +# AD_DCSummary Job + +The AD_DCSummary Job provides operational reporting related to the details collected for each domain +controller. For each domain controller, the report identifies the FSMO role, whether it is a +bridgehead server, whether it is a global catalog, and the time server it syncs to. + +## Analysis Task for the AD_DCSummary Job + +Navigate to the **Active Directory > 5.Domains > AD_DCSummary > Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/dcsummaryanalysis.webp) + +The default analysis tasks are: + +- 1. List DCs + - Creates the AD_DCSummary_List table accessible under the job’s Results node + - Creates an interim processing table in the database for use by downstream analysis and report + generation + +In addition to the tables and views created by the analysis task, the AD_DCSummary Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain Controllers Overview | This report identifies domain controllers' roles and attributes within each domain. | None | This report is comprised of two elements: - Bar Chart – Displays domain controllers by domain - Table – Provides details on domain controllers by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_domaininfo.md b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_domaininfo.md new file mode 100644 index 0000000000..b3924b68c1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_domaininfo.md @@ -0,0 +1,55 @@ +# AD_DomainInfo Job + +The AD_DomainInfo Job provides operational reporting related to the collected domains, sites, and +trusts, providing details such as high level object counts by domain or site, domain and forest +functional levels, and types and directions of trusts. + +## Queries for the AD_DomainInfo Job + +The AD_DomainInfo Job uses the ActiveDirectory Data Collector and the LDAP Data Collector for the +following queries: + +**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/domaininfoquery.webp) + +The queries for this job are: + +- Trusts – Targets one domain controller per forest to retrieve domain trust information +- Sites – Targets one domain controller per forest to retrieve domain site information +- Domains – Targets one domain controller per forest to retrieve domain information +- Trust Filtering – Queries the host specified to retrieve domain trust information +- dSHeuristics – Returns dSHeuristics Unicode string using LDAP + +**NOTE:** See the Active Directory Data Collector and LDAP Data Collector sections for additional +information + +## Analysis Tasks for the AD_DomainInfo Job + +Navigate to the **Active Directory > 5.Domains > AD_DomainInfo > Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/domaininfoanalysis.webp) + +The default analysis tasks are: + +- Domain Summary – Creates interim processing tables in the database for use by downstream analysis + and report generation +- Site Summary – Creates an interim processing table in the database for use by downstream analysis + and report generation +- Trust Details – Creates an interim processing table in the database for use by downstream analysis + and report generation +- dSHeuristics Details – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_DomainInfo Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------- | ----------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | +| Domains | This report lists the forest sites and presents the total number of domain controllers, GC Servers, and users per site. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays domains - Table – Provides details on domains | +| Sites | This report lists the sites and counts the domain controllers, global catalogue servers, and users of each. | None | This report is comprised of two elements: - Bar Chart – Displays sites by user count - Table – Provides details on sites by user count | +| Trusts | This report lists the domains and presents the trust information, including type, direction, and transitivity. | None | This report is comprised of one elements: - Table – Provides details on domains and trusts | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_dsrmsettings.md b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_dsrmsettings.md new file mode 100644 index 0000000000..74ecde36a9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_dsrmsettings.md @@ -0,0 +1,31 @@ +# AD_DSRMSettings Job + +The AD_DRSMSettings Job provides details on domain controller registry settings for the +DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account can be used to log +in to the domain controller even if it has not been started in DSRM which can present a potential +security vulnerability. Additional information on this registry key is available in this +[Microsoft Document](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732714(v=ws.10)?redirectedfrom=MSDN). + +## Analysis Tasks for the AD_DSRMSettings Job + +Navigate to the **Active Directory > 5.Domains > AD_DSRMSettings > Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![dsrmsettingsanalysis](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/dsrmsettingsanalysis.webp) + +The default analysis tasks are: + +- Change tracking – Creates the SA_AD_DSRMSettings_ChangeTracking table accessible under the job’s + Results node +- Details – Creates the SA_AD_DSRMSettings_Details table accessible under the job’s Results node +- Summary – Creates the SA_AD_DSRMSettings_Summary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_DSRMSettings Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | +| DSRM Admin Security | This report highlights domain controller registry settings for the DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin account can be used to log in to the domain controller even if it has not been started in DSRM. This is a potential vulnerability. See the Microsoft [Restartable AD DS Step-by-Step Guide](https://technet.microsoft.com/en-us/library/cc732714(v=ws.10).aspx) for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays DSRM admin logon  by domain controller - Table – Provides details on domain controllers | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_domaincontrollers.md b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_domaincontrollers.md new file mode 100644 index 0000000000..2460c72f99 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_domaincontrollers.md @@ -0,0 +1,62 @@ +# AD_DomainControllers Job + +The 0.Collection > AD_DomainControllers Job collects domain controller details which will be further +analyzed in order to provide information on domains, sites, and trusts. + +## Queries for the AD_DomainControllers Job + +The AD_DomainControllers Job uses the LDAP Data Collector and the ActiveDirectory Data Collector for +the following queries: + +**CAUTION:** Except the first query, do not modify the remaining queries. The remaining queries are +preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/domaincontrollersquery.webp) + +The queries for this job are: + +- Domain Controller Listing – Targets one domain controller per domain known to Enterprise Auditor + to collect a listing of all domain controllers + - Can be modified to connect securely with TLS/SSL. + - See the [Connect Securely with TLS/SSL](#connect-securely-with-tlsssl) topic for additional + information. +- Actual Bridgehead Servers – Targets one domain controller per domain known to Enterprise Auditor + to collect all of the bridgehead servers for each site +- Global Catalog Servers – Targets one domain controller per domain known to Enterprise Auditor to + extract a list of GCs for each site +- Significant DCs – Targets one domain controller per domain known to Enterprise Auditor to gather + information about the significant DCs +- Preferred Bridgehead Servers – Targets one domain controller per domain known to Enterprise + Auditor to list the preferred bridgehead servers for each site + + **NOTE:** See the Active Directory Data Collector and LDAP Data Collector sections for + additional information. + +### Connect Securely with TLS/SSL + +The Domain Controller Listing Query in the AD_DomainControllers Job is configured to use the LDAP +Data Collector. This query can be optionally configured to connect securely with TLS/SSL. + +**CAUTION:** Do not modify any other settings in this query. + +**Step 1 –** Navigate to the job’s > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the _Domain Controller Listing_ Query and click +**Query Properties**. The Query Properties window displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The LDAP template form wizard +opens. + +![LDAP template form](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ldaptemplate.webp) + +**Step 4 –** Click **Options**. + +![Connection Options](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp) + +**Step 5 –** On the Options page, select **Connect Securely with TLS/SSL**. Optionally, select +**Ignore Certificate Errors** to connect even if certificate errors occur. Use **Server Port** 686 +for a secure connection. Click **OK** to close the Options page. + +**Step 6 –** Step 13 – Then click **OK** to close the LDAP template form wizard. + +The job now connects securely with TLS/SSL. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_dsrm.md b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_dsrm.md new file mode 100644 index 0000000000..c5ddc688a3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_dsrm.md @@ -0,0 +1,22 @@ +# AD_DSRM Job + +The **0.Collection > AD_DSRM** Job collects data related to domain controller registry settings for +the DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account can be used to +log in to the domain controller even if it has not been started in DSRM which can present a +potential security vulnerability. Additional information on this registry key is available in this +[Microsoft Document](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732714(v=ws.10)?redirectedfrom=MSDN). + +## Query for the AD_DSRM Job + +The AD_TimeSync Job uses the Registry Data Collector for the following query: + +**CAUTION:** Do not modify this query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/dsrmquery.webp) + +The queries for this job are: + +- Check LSA registry keys – Targets all domain controllers check LSA registry keys + - See the + [Registry Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/registry.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_timesync.md b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_timesync.md new file mode 100644 index 0000000000..67c5b433bc --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_timesync.md @@ -0,0 +1,20 @@ +# AD_TimeSync Job + +The 0.**Collection > AD_TimeSync** Job collects TimeSync information from the registry for each +domain controller within the domain. + +## Query for the AD_TimeSync Job + +The AD_TimeSync Job uses the Registry Data Collector for the following query: + +**CAUTION:** Do not modify this query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/timesyncquery.webp) + +The queries for this job are: + +- Timesync Info – Targets one domain controller per domain known to Enterprise Auditor to determine + TimeSync information from the registry + - See the + [Registry Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/registry.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/overview.md new file mode 100644 index 0000000000..e9464acb19 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/overview.md @@ -0,0 +1,20 @@ +# 0.Collection Job Group + +The **5.Domains > 0.Collection** Job Group collects the data which will be further analyzed in order +to provide details on domains, sites, and trusts. + +![0.Collection Job Group](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The 0.Collection Job Group is comprised of: + +- [AD_DomainControllers Job](/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_domaincontrollers.md) + – Collects domain controller details which will be further analyzed in order to provide + information on domains, sites, and trusts. +- [AD_DSRM Job](/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_dsrm.md) + – Collects data related to domain controller registry settings for the DSRMAdminLogonBehavior key. + If this key is set to 1 or 2, the DSRM Admin Account can be used to log in to the domain + controller even if it has not been started in DSRM which can present a potential security + vulnerability. Additional information on this registry key is available in this + [Microsoft Document](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732714(v=ws.10)?redirectedfrom=MSDN). +- [AD_TimeSync Job](/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ad_timesync.md) + – Collects TimeSync information from the registry for each domain controller within the domain diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/domains/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/overview.md new file mode 100644 index 0000000000..b625d8be31 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/overview.md @@ -0,0 +1,26 @@ +# 5.Domains Job Group + +The 5.Domains Job Group provides details on domains, sites, and trusts, and highlight domain level +configurations that may leave your environment at risk. + +![Domains Job Group](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following components comprises the 5.Domains Job Group: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/overview.md) + – Collects the data which will be further analyzed in order to provide details on domains, sites, + and trusts. +- [AD_DCSummary Job](/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_dcsummary.md) + – Provides operational reporting related to the details collected for each domain controller. For + each domain controller, the report identifies the FSMO role, whether it is a bridgehead server, + whether it is a global catalog, and the time server it syncs to. +- [AD_DomainInfo Job](/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_domaininfo.md) + – Provides operational reporting related to the collected domains, sites, and trusts, providing + details such as high level object counts by domain or site, domain and forest functional levels, + and types and directions of trusts +- [AD_DSRMSettings Job](/docs/accessanalyzer/11.6/solutions/activedirectory/domains/ad_dsrmsettings.md) + – Provides details on domain controller registry settings for the DSRMAdminLogonBehavior key. If + this key is set to 1 or 2, the DSRM Admin Account can be used to log in to the domain controller + even if it has not been started in DSRM which can present a potential security vulnerability. + Additional information on this registry key is available in this + [Microsoft Document](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732714(v=ws.10)?redirectedfrom=MSDN). diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/domains/recommended.md b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/recommended.md new file mode 100644 index 0000000000..008003c0fc --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/domains/recommended.md @@ -0,0 +1,62 @@ +# Recommended Configurations for the 5.Domains Job Group + +The **Active Directory > 5.Domains** job group has been configured by default to run with the +default settings. It can be run directly or scheduled. + +Dependencies + +This job group does not have dependencies. + +Targeted Hosts + +The **AD_DomainControllers** job has been configured to inherit its host from the **5.Domains > +0.Collection > Settings > Host List Assignment** node. It is set to target the ONE DOMAIN CONTROLLER +PER DOMAIN host list. + +The host list assignment for the **0.Collection > AD_TimeSync** and the **0.Collection** > +**AD_DSRM** jobs have been configured at the job’s **Configure** > **Hosts** node. They are set to +run against the ALL DOMAIN CONTROLLERS host list. + +The ONE DOMAIN CONTROLLER PER DOMAIN and ALL DOMAIN CONTROLLERS host lists are dynamic host lists +based on the host inventory value in the isDomainController field in the Host Master Table. + +The **5.Domains > AD_DomainInfo** job needs to be set to run against the following: + +- Custom host list with one domain controller per forest + +Connection Profile + +A Connection Profile should be assigned at the **5.Domains > Settings > Connection** node with +Domain Administrator privileges. + +Schedule Frequency + +This job group can be scheduled to run as desired. + +Run at the Job Group Level + +**_RECOMMENDED:_** Run the jobs in the **5.Domains** job group together and in order by running the +entire job group, instead of the individual jobs. + +Query Configuration + +The 5.Domains > 0.Collection > AD_DomainControllers job should be run with the default query +configurations. Most of these queries are preconfigured for this Job Group and should not be +modified. + +The following query can be modified to use a secure connection with TLS/SSL: + +- Domain Controller Listing Query which uses the + [LDAP Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/ldap.md) + +Workflow + +**Step 1 –** Set the host on the AD_DomainInfo job. + +**Step 2 –** Run a host discovery query to discover domain controllers. + +**Step 3 –** Set a Connection Profile on the job group. + +**Step 4 –** Schedule the 5.Domains job group to run as desired. + +**Step 5 –** Review the reports generated by the 5.Domains job group. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_cpassword.md b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_cpassword.md new file mode 100644 index 0000000000..55a05b48a9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_cpassword.md @@ -0,0 +1,35 @@ +# AD_CPassword Job + +The AD_CPassword Job identifies passwords that are stored in Group Policy Preferences which present +a security risk allowing attackers access to these passwords. Microsoft published the AES private +key, which can be used to decrypt passwords stored in Group Policy Preferences. See the Microsoft +[2.2.1.1.4 Password Encryption](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-gppref/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be) +article for additional information. Since Authenticated Users have read access to SYSVOL, any +malicious insider or attacker can search for the cPassword file inside XML files shared through +SYSVOL to decrypt them. GPOs can be stored in the `%ProgramData%\Microsoft\Group Policy\History` +folder on each machine, meaning any results found by this job should be deleted off every computer +once this policy has been removed. + +## Query for the AD_CPassword Job + +The AD_CPassword Job uses the PowerShell Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job + +![Query for the AD_CPassword Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/cpasswordquery.webp) + +The queries for this job are: + +- Sysvol – Targets one domain controller per domain known to Enterprise Auditor to determine + CPassword security + + - See the + [PowerShell Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md) + topic for additional information. + +In addition to the tables created by the data collector, the AD_CPassword Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------- | +| Potential Plaintext Passwords | This report highlights domain contollers where this vulnerability exists, and provides the path of the XML file in question. | None | This report is comprised of one elements: - Table – Provides details on potential plaintext passwords | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_grouppolicy.md b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_grouppolicy.md new file mode 100644 index 0000000000..995c40b754 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_grouppolicy.md @@ -0,0 +1,46 @@ +# AD_GroupPolicy Job + +The AD_GroupPolicy Job audits all Group Policies that are present on the Domain Controller, and +provides details on the containers they are linked to, and the settings that are configured. + +## Queries for the AD_GroupPolicy Job + +The AD_GroupPolicy Job uses the GroupPolicy Data Collector for the following query: + +**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. + +![Queries for the AD_GroupPolicy Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/grouppolicyquery.webp) + +The queries for this job are: + +- Link Status – Targets the default domain controller known to Enterprise Auditor to retrieve a + GPO's list for the domain +- Settings – Targets the default domain controller known to Enterprise Auditor to return the state + for domain policies for all GPOs. See the + [GroupPolicy Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/overview.md) + topic for additional information. + +## Analysis Tasks for the AD_GroupPolicy Job + +Navigate to the **Active Directory** > **4.GroupPolicy** > **AD_GroupPolicy** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupPolicy Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp) + +The default analysis tasks are: + +- 1. Group Policy Analysis – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 2. Combined User and Computer Settings – Creates the SA_AD_GroupPolicy_SettingList table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_GroupPolicy Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------ | -------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| GPO Details | This report lists all Group Policies and their settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPO count by domain - Table – Provides details on policies by domain - Table – Provides details on GPO count by domain - Table – Provides details on settings | +| GPO Overview | This report lists all Group Policies and their settings. | None | This report is comprised of three elements: - Bar Chart – Displays GPO configuration by domain - Table – Provides details on GPOs - Table – Provides details on GPO configuration by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_overlappinggpos.md b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_overlappinggpos.md new file mode 100644 index 0000000000..fddb6c2af1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_overlappinggpos.md @@ -0,0 +1,42 @@ +# AD_OverlappingGPOs Job + +The AD_OverlappingGPOs Job identifies conflicting and redundant GPO settings based on link location. +These GPO settings should be cleaned up or consolidated. + +## Analysis Tasks for the AD_OverlappingGPOs Job + +Navigate to the **Active Directory** > **4. Group Policy** > **AD_OverlappingGPOs** > **Configure** +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected first analysis task. The first analysis task is +preconfigured for this job. + +![Analysis Tasks for the AD_OverlappingGPOs Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp) + +The default analysis tasks are: + +- Conflicting – Creates the SA_AD_OverlappingGPOs_Conflicts table accessible under the job’s Results + node + +The following analysis tasks are deselected by default: + +**NOTE:** Deselect the **Conflicting** analysis task before selecting the analysis tasks below. + +- Redundant – Restores the SA_AD_OverlappingGPOs_Redundant table to be visible under the job’s + Results node +- Redundant GPOs by OU – Restores the SA_AD_OverlappingGPOs_RedundantGPOsbyOU table to be visible + under the job’s Results node +- Redundant GPOs – Restores the SA_AD_OverlappingGPOs_RedundantGPOs table to be visible under the + job’s Results node +- Conflicts by OU – Restores the SA_AD_OverlappingGPOs_ConflictsByOU table to be visible under the + job’s Results node +- Conflicts by GPO – Restores the SA_AD_OverlappingGPOs_ConflictsByGPO table to be visible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_OverlappingGPOs Job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Conflicting GPOs | This report lists group policy objects that apply conflicting settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPOs by conflicts - Table – Provides details on GPOs by conflicts - Table – Provides details on GPOs Details - Table – Provides details on OUs with conflicting GPOs | +| Redundant GPOs | This report lists group policy objects that apply redundant settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPOs by redundant children - Table – Provides details on GPOs by redundant children - Table – Provides details on overlapping GPOs - Table – Provides details on OUs with most redundancies | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_passwordpolicies.md b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_passwordpolicies.md new file mode 100644 index 0000000000..448d1a7d2c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_passwordpolicies.md @@ -0,0 +1,44 @@ +# AD_PasswordPolicies Job + +The AD_PasswordPolicies Job identifies fine-grained domain password policies that are stored within +the Password Settings Container. Fine-Grained password policies allow AD administrators to apply +different password policies within a single domain. + +## Query for the AD_PasswordPolicies Job + +The AD_PasswordPolicies Job uses the LDAP Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_PasswordPolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp) + +The query for this job is: + +- Fine-grained Policies – Targets one domain controller per domain known to Enterprise Auditor to + return fine-grained password policies + + - See the + [LDAP Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/ldap.md) + topic for additional information + +## Analysis Task for the AD_PasswordPolicies Job + +Navigate to the **Active Directory** > **4.GroupPolicy** > **AD_PasswordPolicies** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the AD_PasswordPolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp) + +The default analysis tasks are: + +- Determine fine-grained password policy details – Creates the SA_AD_PasswordPolicies_Details table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the AD_UserDelegation Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------- | +| Fine-Grained Password Policies | This report highlights fine-grained password policies on all targeted domain controllers. | None | This report is comprised of one element: - Table – Provides details on fine-grained password policy details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/overview.md new file mode 100644 index 0000000000..3479d797b0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/overview.md @@ -0,0 +1,30 @@ +# 4.Group Policy Job Group + +The 4.Group Policy Job Group audits GPOs and their settings, and provides in depth analysis of +conditions such as where GPOs have been linked, misconfigurations that can cause security or +operational issues, and redundant GPOs that can be consolidated. + +![4.Group Policy Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following components comprise the 4.Group Policy Job Group: + +- [AD_CPassword Job](/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_cpassword.md) + – Identifies passwords that are stored in Group Policy Preferences which present a security risk + allowing attackers access to these passwords. Microsoft published the AES private key, which can + be used to decrypt passwords stored in Group Policy Preferences. See the Microsoft + [2.2.1.1.4 Password Encryption](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-gppref/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be) + article for additional information. Since Authenticated Users have read access to SYSVOL, any + malicious insider or attacker can search for the cPassword file inside XML files shared through + SYSVOL to decrypt them. GPOs can be stored in the `%ProgramData%\Microsoft\Group Policy\History` + folder on each machine, meaning any results found by this job should be deleted off every computer + once this policy has been removed. +- [AD_GroupPolicy Job](/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_grouppolicy.md) + – Audits all Group Policies that are present on the Domain Controller, and provides details on the + containers they are linked to and the settings that are configured +- [AD_OverlappingGPOs Job](/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_overlappinggpos.md) + – Identifies conflicting and redundant GPO settings based on link location. These GPO settings + should be cleaned up or consolidated. +- [AD_PasswordPolicies Job](/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/ad_passwordpolicies.md) + – Identifies fine-grained domain password policies that are stored within the Password Settings + Container. Fine-Grained password policies allow AD administrators to apply different password + policies within a single domain. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/recommended.md b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/recommended.md new file mode 100644 index 0000000000..7d510fd9e5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/recommended.md @@ -0,0 +1,48 @@ +# Recommended Configurations for the 4.Group Policy Job Group + +The **Active Directory** > **4.Group Policy** Job Group has been configured to run with the default +settings. It can be run directly or scheduled. + +Dependencies + +This job group does not have dependencies. + +Targeted Hosts + +The AD_GroupPolicy Job has been configured to inherit its host from the **4.Group Policy** > +**Settings** > **Host List Assignment** node. It is set to target the **Default domain controller** +host list, which is the domain in which the Enterprise Auditor Console server resides. + +The host list assignment for the **AD_CPassword** and **AD_PasswordPolicies** jobs have been +configured at the job’s > **Configure** > **Hosts** node. They are set to run against the **ONE +DOMAIN CONTROLLER PER DOMAIN** host list. + +The **Default domain controller** and **ONE DOMAIN CONTROLLER PER DOMAIN** host lists are dynamic +host lists based on the host inventory value in the **isDomainController** field in the Host Master +Table. + +Connection Profile + +A Connection Profile must be set directly on the collection jobs with Domain Administrator +privileges. + +Schedule Frequency + +This job group can be scheduled to run as desired. + +Run at the Job Group Level + +**_RECOMMENDED:_** Run the jobs in the 4.Group Policy Job Group together and in order by running the +entire job group, instead of the individual jobs. However, these jobs can be run independently, with +the exception of the AD_OverlappingGPOs Job, which is dependent upon the AD_GroupPolicy Job for data +collection. + +Workflow + +**Step 1 –** Run a host discovery query to discover domain controllers. + +**Step 2 –** Set a Connection Profile on the jobs that run data collection. + +**Step 3 –** Schedule the 4.Group Policy Job Group to run as desired. + +**Step 4 –** Review the reports generated by the 4.Group Policy Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_circularnesting.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_circularnesting.md new file mode 100644 index 0000000000..43011dbde3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_circularnesting.md @@ -0,0 +1,28 @@ +# AD_CircularNesting Job + +The AD_CircularNesting Job identifies circularly nested groups within Active Directory which can +pose administrative and operational challenges with identifying effective access to resources. + +## Analysis Tasks for the AD_CircularNesting Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_CircularNesting** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_CircularNesting Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp) + +The default analysis tasks are : + +- Circular Nesting Details – Creates the SA_AD_CircularNesting_Details table accessible under the + job’s Results node +- Domain Summary – Creates the SA_AD_CircularNesting_DomainSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_CircularNesting Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ---------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Circular Nesting | This report identifies instances of circular nesting within the environment. | None | This report is comprised of three elements: - Bar Chart – Displays circular nesting by domain - Table – Provides details on circular nesting - Table – Provides details on circular nesting by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_dclogongroups.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_dclogongroups.md new file mode 100644 index 0000000000..dabe34db43 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_dclogongroups.md @@ -0,0 +1,32 @@ +# AD_DCLogonGroups Job + +The AD_DCLogonGroups Job identifies users who are able to log on to Domain Controllers through +effective membership to the Enterprise Admins, Domain Admins, Administrators, Backup Operators, +Account Operators, Print Operators, or Remote Desktop Users groups. This type of access should be +limited to only those individuals who require this level of administrative privileges. + +## Analysis Tasks for the AD_DCLogonGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_DCLogonGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DCLogonGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/dclogongroupsanalysis.webp) + +The default analysis tasks are: + +- Circular Effective Membership – Creates the SA_AD_DCLogonGroups_Membership table accessible under + the job’s Results node +- User Listing – Creates the SA_AD_DCLogonGroups_UserList table accessible under the job’s Results + node +- Membership Summary – Creates the SA_AD_DCLogonGroups_Summary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_CircularNesting Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | --------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain Controller Logon Rights | This report displays effective membership for groups with logon rights to domain controllers. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays largest groups - Table – Provides details on membership - Table – Provides summary of membership | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_duplicategroups.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_duplicategroups.md new file mode 100644 index 0000000000..ca7e02a405 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_duplicategroups.md @@ -0,0 +1,26 @@ +# AD_DuplicateGroups Job + +The AD_Duplicate Job identifies duplicate groups within Active Directory. Duplicate groups contain +the same group membership as one another and are suitable candidates for cleanup. + +## Analysis Task for the AD_DuplicateGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_DuplicateGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AD_DuplicateGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/duplicategroupsanalysis.webp) + +The default analysis tasks are: + +- Identify Duplicate Groups – Creates the SA_AD_DuplicateGroups_Details table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis task, the AD_DuplicateGroups Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Duplicate Groups | This report identifies duplicate groups within the audited domains. | None | This report is comprised of three elements: - Bar Chart – Displays domains by number of groups with duplicates - Table – Provides details on duplicate groups - Table – Provides details on domains by number of groups with duplicates | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_emptygroups.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_emptygroups.md new file mode 100644 index 0000000000..45fcffb943 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_emptygroups.md @@ -0,0 +1,32 @@ +# AD_EmptyGroups Job + +The AD_EmptyGroups Job identifies empty and single member groups which are suitable candidates for +consolidation or cleanup. + +## Analysis Tasks for the AD_EmptyGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_EmptyGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_EmptyGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) + +The default analysis tasks are: + +- Empty Groups – Creates the SA_AD_EmptyGroups_Empty table accessible under the job’s Results node +- Single User Groups – Creates the SA_AD_EmptyGroups_SingleUser table accessible under the job’s + Results node +- Summarize Empty Groups – Creates the SA_AD_EmptyGroups_EmptySummary table accessible under the + job’s Results node +- Summarize Single User Groups – Creates the SA_AD_EmptyGroups_SingleUserSummary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_EmptyGroups Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | --------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Empty Groups | This report identifies all groups without any members. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by empty group counts - Table – Provides details on empty groups - Table – Provides details on empty groups by domain | +| Single User Groups | This report identifies groups which only contain a single user. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by single user groups - Table – Provides details on groups - Table – Provides details on single user groups by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_groupprobableowners.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_groupprobableowners.md new file mode 100644 index 0000000000..fd3bbf9d58 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_groupprobableowners.md @@ -0,0 +1,29 @@ +# AD_GroupProbableOwners Job + +The AD_GroupProbableOwners Job determines potential owners for Active Directory Groups which can be +used to perform automated membership reviews and enable self-service group management and membership +requests. + +## Analysis Tasks for the AD_GroupProbableOwners Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_GroupProbableOwners** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupProbableOwners Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/groupprobableownersanalysis.webp) + +The default analysis tasks are: + +- Determine Ownership – Creates the SA_AD_GroupProbableOwner_Owners table accessible under the job’s + Results node +- Domain Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_GroupProbableOwner Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ----------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Probable Owners | This report identifies the most probable manager or department, based on effective member attributes. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top domains by blank manager field - Table – Provides details on probable ownership - Table – Provides summary of managers | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_largestgroups.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_largestgroups.md new file mode 100644 index 0000000000..341de5e9c4 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_largestgroups.md @@ -0,0 +1,27 @@ +# AD_LargestGroups Job + +The AD_LargestGroups Job identifies groups with large effective member counts. These types of groups +may cause administrative overhead and burden in being able to easily understand who is getting +access to resources, or how much access is being granted to resources through these groups. + +## Analysis Task for the AD_LargestGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_LargestGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AD_LargestGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp) + +The default analysis tasks are: + +- Group Details – Creates the SA_AD_LargestGroups_Details table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis task, the AD_LargestGroups Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------- | +| Largest Groups | This report identifies the largest groups within the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays largest groups - Table – Provides details on groups | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_mailsecuritygroups.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_mailsecuritygroups.md new file mode 100644 index 0000000000..7b66080424 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_mailsecuritygroups.md @@ -0,0 +1,29 @@ +# AD_MailSecurityGroups Job + +The AD_MailSecurityGroups Job identifies mail-enabled security groups within Active Directory. + +## Analysis Tasks for the AD_MailSecurityGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_MailSecurityGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_MailSecurityGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp) + +The default analysis tasks are: + +- Calculate Effective Membership – Creates the SA_AD_MailSecurityGroups_Membership table accessible + under the job’s Results node +- Mail Enabled Domain Summary – Creates the SA_AD_MailSecurityGroups_DomainSummary table accessible + under the job’s Results node +- Membership Summary – Creates the SA_AD_MailSecurityGroups_Summary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_MailSecurityGroups Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Mail Enabled Security Groups | This report displays summary data for mail enabled security groups. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays mail enabled security groups per domain - Table – Provides summary of mail enabled security groups - Table – Provides summary of mail enabled security groups by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_nestedgroups.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_nestedgroups.md new file mode 100644 index 0000000000..cf4d036b25 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_nestedgroups.md @@ -0,0 +1,29 @@ +# AD_NestedGroups Job + +The AD_NestedGroups Job identifies nested groups within Active Directory and provides details such +as the levels of nesting. While Active Directory provides the ability to nest certain types of +groups within other groups, Microsoft recommends nesting does not go beyond two levels in order to +avoid difficulties in understanding effective membership and access. + +## Analysis Tasks for the AD_NestedGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_NestedGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_NestedGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp) + +The default analysis tasks are: + +- Details – Creates the SA_AD_NestedGroups_Details table accessible under the job’s Results node +- Summarize by Domain – Creates the SA_AD_NestedGroups_DomainSummary table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_NestedGroups Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Nested Groups | This report identifies the groups with the largest amount of nested groups, and how many levels of nesting there are. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by nesting - Table – Provides details on nested groups - Table – Provides details on top groups by nesting | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_sensitivesecuritygroups.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_sensitivesecuritygroups.md new file mode 100644 index 0000000000..8f0a1c2635 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_sensitivesecuritygroups.md @@ -0,0 +1,32 @@ +# AD_SensitiveSecurityGroups Job + +The AD_SensitiveSecurityGroups Job identifies users who are granted administrative access within +Active Directory through membership to the Enterprise Admins, Domain Admins, Schema Admins, DNS +Admins, or Administrators groups. This level of access should be limited to only those individuals +who require this level of administrative privileges. + +## Analysis Tasks for the AD_SensitiveSecurityGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_SensitiveSecurityGroups** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_SensitiveSecurityGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp) + +The default analysis tasks are: + +- Calculate Effective Membership – Creates the SA_AD_SensitiveSecurityGroups_Membership table + accessible under the job’s Results node +- User Listing – Creates the SA_AD_SensitiveSecurityGroups_UserList table accessible under the job’s + Results node +- Membership Summary – Creates the SA_AD_SensitiveSecurityGroups_Summary table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_SensitiveSecurityGroups +Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------- | ------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Security Group Membership | This report displays effective membership for sensitive security groups. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays largest groups - Table – Provides details on membership - Table – Provides summary of group membership | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_stalegroups.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_stalegroups.md new file mode 100644 index 0000000000..6566d60c11 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_stalegroups.md @@ -0,0 +1,31 @@ +# AD_StaleGroups Job + +The AD_StaleGroups Job identifies groups that contain potentially stale users. Users are considered +stale if they have never logged onto the domain, have not logged onto the domain in the past 60 +days, or are disabled. These group memberships should be reviewed and possibly removed. + +## Analysis Tasks for the AD_StaleGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_StaleGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_StaleGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) + +The default analysis tasks are: + +- Stale Group Details – Creates the SA_AD_StaleGroups_Details table accessible under the job’s + Results node +- Stale Groups Summary – Creates the SA_AD_StaleGroups_GroupSummary table accessible under the job’s + Results node +- Stale Groups Org Summary – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_StaleGroups Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Effective Membership (A.K.A. Stale Groups) | This report identifies groups with stale effective membership. A stale user is defined as someone who has not logged into the domain in over 60 days, is expired, or currently disabled. | None | This report is comprised of three elements: - Bar Chart – Displays group membership - Table – Provides details on membership - Table – Provides details on group membership | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/overview.md new file mode 100644 index 0000000000..e689f21ebc --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/overview.md @@ -0,0 +1,63 @@ +# 1.Groups Job Group + +The 1.Groups Job Group identifies effective group membership and pinpoints potential areas of +administrative concern such as nested or stale groups. + +![1.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following jobs comprise the 1.Groups Job Group: + +- [AD_CircularNesting Job](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_circularnesting.md) + – Identifies circularly nested groups within Active Directory which can pose administrative and + operational challenges with identifying effective access to resources +- [AD_DCLogonGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_dclogongroups.md) + – Identifies users who are able to log on to Domain Controllers through effective membership to + the Enterprise Admins, Domain Admins, Administrators, Backup Operators, Account Operators, Print + Operators, or Remote Desktop Users groups. This type of access should be limited to only those + individuals who require this level of administrative privileges. +- [AD_DuplicateGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_duplicategroups.md) + – Identifies duplicate groups within Active Directory. Duplicate groups contain the same group + membership as one another and are suitable candidates for cleanup. +- [AD_EmptyGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_emptygroups.md) + – Identifies empty and single member groups which are suitable candidates for consolidation or + cleanup +- [AD_GroupProbableOwners Job](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_groupprobableowners.md) + – Determines potential owners for Active Directory Groups which can be used to perform automated + membership reviews and enable self-service group management and membership requests +- [AD_LargestGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_largestgroups.md) + – Identifies groups with large effective member counts. These types of groups may cause + administrative overhead and burden in being able to easily understand who is getting access to + resources, or how much access is being granted to resources through these groups. + + - The definition of a large group is set by the **.Active Directory Inventory** > + **3-AD_Exceptions** Job. It can be customized. See the + [3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/3-ad_exceptions.md) + topic for additional information. + +- [AD_MailSecurityGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_mailsecuritygroups.md) + – Identifies mail-enabled security groups within Active Directory +- [AD_NestedGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_nestedgroups.md) + – Identifies nested groups within Active Directory and provides details such as the levels of + nesting. While Active Directory provides the ability to nest certain types of groups within other + groups, Microsoft recommends nesting does not go beyond two levels in order to avoid difficulties + in understanding effective membership and access. + + - The definition of a deeply nested group is set by the **.Active Directory Inventory** > + **3-AD_Exceptions** Job. It can be customized. See the + [3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/3-ad_exceptions.md) + topic for additional information. + +- [AD_SensitiveSecurityGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_sensitivesecuritygroups.md) + – Identifies users who are granted administrative access within Active Directory through + membership to the Enterprise Admins, Domain Admins, Schema Admins, DNS Admins, or Administrators + groups. This level of access should be limited to only those individuals who require this level of + administrative privileges. +- [AD_StaleGroups Job](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/ad_stalegroups.md) + – Identifies groups that contain potentially stale users. Users are considered stale if they have + never logged onto the domain, have not logged onto the domain in the past 60 days, or are + disabled. These group memberships should be reviewed and possibly removed. + + - The definition of a stale user” is set by the **.Active Directory Inventory** > + **3-AD_Exceptions** Job. It can be customized. See the + [3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/3-ad_exceptions.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/groups/recommended.md b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/recommended.md new file mode 100644 index 0000000000..066bde1367 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/groups/recommended.md @@ -0,0 +1,53 @@ +# Recommended Configurations for the 1.Groups Job Group + +The Active Directory > **1.Groups** Job Group has been configured by default to run with the default +settings. It can be run directly or scheduled. + +Dependencies + +The **.Active Directory Inventory** Job Group needs to be successfully executed prior to running +this job group. + +Target Host + +This job group does not collect data. No target host is required. + +Connection Profile + +This job group does not collect data. No specific Connection Profile is required. + +Schedule Frequency + +The data analyzed by the **1.Groups** Job Group jobs is collected by the **.Active Directory +Inventory** Job Group. Therefore, it is recommended to schedule these jobs to run after the .Active +Directory Inventory job group collection has completed. These jobs can be scheduled to run as +desired. + +Run at the Job Group Level + +**_RECOMMENDED:_** Run the jobs in the **1.Groups** Job Group together and in order by running the +entire job group, instead of the individual jobs. + +Analysis Configuration + +The **1.Groups** Job Group should be run with the default analysis configurations. Most of the +analysis tasks are preconfigured for this job group. + +Some analysis tasks have customizable parameters: + +- The .Active Directory Inventory Solution defines large groups, deeply nested groups, and stale + users. These parameters can be customized. + + - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks + + **NOTE:** Changes to an exception’s definition will affect all jobs dependent upon that + exception as well as all Access Information Center Exceptions reports. + +Workflow + +**Step 1 –** Prerequisite: Run the **.Active Directory Inventory** Job Group. + +**Step 2 –** Schedule the **1.Groups** Job Group to run as desired after the prerequisite job has +completed. + +**Step 3 –** Review the reports generated by the 1.Groups Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md new file mode 100644 index 0000000000..a836c6ec0a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/overview.md @@ -0,0 +1,93 @@ +# Active Directory Solution + +The Active Directory Solution is a comprehensive set of audit jobs and reports that provide the +information administrators need for Active Directory configuration, operational management, +troubleshooting, analyzing effective permissions, and tracking who is making what changes within an +organization. + +Supported Platforms + +- Windows Server 2016 and later +- Windows 2003 Forest level or higher + +**NOTE:** See the Microsoft +[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) +article for additional information. + +Requirements, Permissions, and Ports + +See the +[Active Directory Domain Target Requirements](/docs/accessanalyzer/11.6/config/activedirectory/overview.md) +topic for additional information. + +Location + +The Active Directory Solution requires a special Enterprise Auditor license. It can be installed +from the Enterprise Auditor Instant Job Wizard. Once installed into the Jobs tree, navigate to the +solution: **Jobs** > **Active Directory**. + +![Active Directory Solution](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/solutionoverview.webp) + +Each job group works independently from the other job groups. Some job groups run analysis tasks +against the analyzed data collected by the .Active Directory Inventory Solution to generate reports, +e.g. 1.Groups Job Group. Other job groups run both data collection and analysis to generate reports. +The AD_SecurityAssessment Job summarizes security related results from both the Active Directory +Solution and the Active Directory Permissions Analyzer Solution. + +**NOTE:** The Cleanup Job Group requires additional licenses to function. See the +[Active Directory Job Groups](#active-directory-job-groups) topic for additional information. + +See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. + +## Active Directory Job Groups + +The Active Directory solution is a comprehensive set of audit jobs and reports that provide the +information every administrator needs for Active Directory configuration, operational management, +troubleshooting, analyzing effective permissions, and tracking who is making what changes within an +organization. + +![Active Directory Job Group](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/adsolutionjobgroup.webp) + +The following job groups comprise the Active Directory Solution: + +- [1.Groups Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/groups/overview.md) + – Identifies effective group membership and pinpoints potential areas of administrative concern + such as nested or stale groups +- [2.Users Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/users/overview.md) + – Identifies user conditions and pinpoint potential areas of administrative concern such as weak + passwords, user token size, or stale users +- [3.Computers Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/computers/overview.md) + – Pinpoints potential areas of administrative concern related to computer accounts, including + stale computers and computers that have been trusted for delegation +- [4.Group Policy Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/overview.md) + – Audits GPOs and their settings, and provides in depth analysis of conditions such as where GPOs + have been linked, misconfigurations that can cause security or operational issues, and redundant + GPOs that can be consolidated +- [5.Domains Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/domains/overview.md) + – Provides details on domains, sites, and trusts, and highlight domain level configurations that + may leave your environment at risk +- [6.Activity Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/activity/overview.md) + – Provides insights into access sprawl, privileged account usage, and operational health of the + Active Directory environment. Information collected includes Active Directory Changes, + Authentication, LDAP Traffic, Replication Traffic, and LSASS.EXE process injection on domain + controllers + + - Requires the Active Directory Activity license feature to function + +- [Cleanup Job Group](/docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/overview.md) + – Identifies potential stale and unused users, computers, and groups as well as issues with group + membership. Remediation workflows are included to de-provision unnecessary objects to help + increase security and reduce complexity. + + - Requires the Active Directory Actions license feature to function. + - Requires the Active Directory Actions Module to be installed + +- [AD Security Assessment Job](/docs/accessanalyzer/11.6/solutions/activedirectory/ad_securityassessment.md) + – Summarizes security related results from the Active Directory Solution and the Active Directory + Permissions Analyzer Solution + +Since each job group within the Active Directory Solution is designed to run independently, refer to +the Recommended Configurations section for each job group, for information on frequency and job +group settings. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_directmembership.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_directmembership.md new file mode 100644 index 0000000000..cd700e1f74 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_directmembership.md @@ -0,0 +1,28 @@ +# AD_DirectMembership Job + +The AD_DirectMembership Job identifies users who do not have any group membership. This condition +may indicate unnecessary user accounts that are suitable candidates for review and cleanup. + +## Analysis Tasks for the AD_DirectMembership Job + +Navigate to the **Active Directory** > **2.Users** > **AD_DirectMembership** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DirectMembership Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/directmembershipanalysis.webp) + +The default analysis tasks are: + +- User Details – Creates the SA_AD_DirectMembership_Details table accessible under the job’s Results + node +- Domain Summary – Creates the SA_AD_DirectMembership_DomainSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_DirectMembership Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| No Group Membership | This report identifies users with no group membership. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by users with no membership - Table – Provides details on all users with no group membership - Table – Provides details on top domains by users with no membership | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_duplicateusers.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_duplicateusers.md new file mode 100644 index 0000000000..d95810cae9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_duplicateusers.md @@ -0,0 +1,29 @@ +# AD_DuplicateUsers Job + +The AD_DuplicateUsers Job helps to identify multiple user accounts which may be owned by a single +employee. A user may have accounts in multiple domains or administrative accounts with greater +access than their normal account. + +## Analysis Tasks for the AD_DuplicateUsers Job + +Navigate to the **Active Directory** > **2.Users** > **AD_DuplicateUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DuplicateUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/duplicateusersanalysis.webp) + +The default analysis tasks are: + +- Potential Duplicates Details – Creates the SA_AD_DuplicateUsers_Details table accessible under the + job’s Results node +- User Details – Creates the SA_AD_DuplicateUsers_DomainSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_DuplicateUsers Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Duplicate User Accounts | This report identifies user accounts which may belong to a single employee, based on a variety of common attributes. | None | This report is comprised of three elements: - Bar Chart – Displays a domain summary - Table – Provides details on matches - Table – Provides details on duplicate user accounts by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_orphanedusers.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_orphanedusers.md new file mode 100644 index 0000000000..dfc1b92b13 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_orphanedusers.md @@ -0,0 +1,27 @@ +# AD_OrphanedUsers Job + +The AD_OrphanedUsers Job identifies users whose managers are stale or disabled. These user accounts +should be reviewed and appropriate management should be assigned. + +## Analysis Tasks for the AD_OrphanedUsers Job + +Navigate to the **Active Directory** > **2.Users** > **AD_OrphanedUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_OrphanedUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/orphanedusersanalysis.webp) + +The default analysis tasks are: + +- Details – Creates the SA_AD_OrphanedUsers_Details table accessible under the job’s Results node +- Domain Summary – Creates the SA_AD_OrphanedUsers_DomainSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_OrphanedUsers Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | --------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Orphaned Users | A user is considered orphans when their manager is disabled or stale. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by orphaned users - Table – Provides details on orphaned users - Provides details on top domains by orphaned users | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_passwordstatus.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_passwordstatus.md new file mode 100644 index 0000000000..c560f134ed --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_passwordstatus.md @@ -0,0 +1,28 @@ +# AD_PasswordStatus Job + +The AD_PasswordStatus Job highlights potential issues with user password settings that may exploited +or compromised if not addressed. + +## Analysis Tasks for the AD_PasswordStatus Job + +Navigate to the **Active Directory** > **2.Users** > **AD_PasswordStatus** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigure for this job. + +![Analysis Tasks for the AD_PasswordStatus Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/passwordstatusanalysis.webp) + +The default analysis tasks are: + +- Password Status Details – Creates the SA_AD_PasswordStatus_Details table accessible under the + job’s Results node +- Domain Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_PasswordStatus Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Password Status | This report identifies the password status of all users and highlights potential issues. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays password issues by domain - Table – Provides details on users - Provides details on password issues by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_serviceaccounts.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_serviceaccounts.md new file mode 100644 index 0000000000..bb79a2b07c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_serviceaccounts.md @@ -0,0 +1,34 @@ +# AD_ServiceAccounts Job + +The AD_ServiceAccounts Job offers information about service accounts and if they are vulnerable to +Kerberoasting. An account is deemed vulnerable to a Kerberoasting attack if the +msDS-SupportedEncryptionTypes value supports RC4 as the highest encryption type. + +_Remember,_ the 1-AD_Scan Job needs to be configured to collect these Custom Attributes: + +- servicePrincipalName – Provides service account information. See the Microsoft + [Service Principal Names](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc961723(v=technet.10)) + article for additional information. +- msDS-SupportedEncryptionTypes – Identifies service accounts vulnerable to Kerberoasting attacks + +## Analysis Task for the AD_ServiceAccounts Job + +Navigate to the **Active Directory** > **2.Users** > **AD_ServiceAccounts** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the AD_ServiceAccounts Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/serviceaccountsanalysis.webp) + +The default analysis tasks are: + +- Password Status Details – Creates the SA_AD_ServiceAccounts_Details table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis task, the AD_ServiceAccounts Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ---------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Service Accounts | This report provides details on service accounts in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays service accounts by domain - Table – Provides details on service accounts - Table – Provides details on service accounts by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_sidhistory.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_sidhistory.md new file mode 100644 index 0000000000..be1a3a748a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_sidhistory.md @@ -0,0 +1,30 @@ +# AD_SIDHistory Job + +The AD_SIDHistory Job enumerates historical SIDs in the audited environment and highlights +exceptions involving the SIDHistory attribute on AD user objects. Specific conditions include when a +user has a historical SID from their current domain, or when a non-admin user has a historical SID +with administrative rights, both of which may be indicators of compromise. + +## Analysis Tasks for the AD_SIDHistory Job + +Navigate to the **Active Directory** > **2.Users** > **AD_SIDHistory** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_SIDHistory Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/sidhistoryanalysis.webp) + +The default analysis tasks are: + +- Determine SIDHistory details – Creates the SA_AD_SIDHistory_Details table accessible under the + job’s Results node +- Summarize SIDHistory details – Creates the SA_AD_SIDHistory_Summary table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_PasswordStatus Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SID History | This report lists historical SIDs in the audited environment. Additionally, it highlights exceptions involving the SIDHistory attribute on AD user objects. Considered in particular are when a user has a historical SID from their current domain, or when a non-admin user has a historical SID with administrative rights. | None | This report is comprised of three elements: - Bar Chart – Displays historical SIDs by domain - Table – Provides details on SID history - Table – Provides details on historical SIDs by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_staleusers.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_staleusers.md new file mode 100644 index 0000000000..210291da7d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_staleusers.md @@ -0,0 +1,35 @@ +# AD_StaleUsers Job + +The AD_StaleUsers job identifies potentially stale users based on the amount of time since their +last login to the domain, or if the account has been disabled. These accounts should be reviewed and +cleaned up in order to increase security and reduce complexity. + +**NOTE:** The definition of a stale user is set by the .Active Directory Inventory solution. These +parameters, including the number of days since last login to be considered stale (by default 60 +days), can be customized within the **.Active Directory Inventory** > **3-AD_Exceptions** job's +**Stale Users** analysis task. See the +[3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/3-ad_exceptions.md) +topic for additional information. + +## Analysis Tasks for the AD_StaleUsers Job + +Navigate to the **Active Directory** > **2.Users** > **AD_StaleUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_StaleUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/staleusersanalysis.webp) + +The default analysis tasks are: + +- User Details – Creates the SA_AD_StaleUsers_Details table accessible under the job’s Results node +- Summarize by Domain – Creates the SA_AD_StaleUsers_DomainSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_StaleUsers job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Users | This report identifies user accounts which have not logged into the domain for an extended amount of time or are currently disabled. A user account is considered stale if the last logon is over 60 days ago, is currently disabled, or expired. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays users by domain - Table – Provides details on users - Table – Provides details on users by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_userattributecompletion.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_userattributecompletion.md new file mode 100644 index 0000000000..465a9556fb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_userattributecompletion.md @@ -0,0 +1,29 @@ +# AD_UserAttributeCompletion Job + +The AD_UserAttributeCompletion Job identifies which attributes are present within User fields in +Active Directory, and which ones are blank for a majority of objects. This may indicate accounts +within Active Directory which are lacking appropriate information. + +## Analysis Tasks for the AD_UserAttributeCompletion Job + +Navigate to the **Active Directory** > **2.Users** > **AD_UserAttributeCompletion** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_UserAttributeCompletion Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/userattributecompletionanalysis.webp) + +The default analysis tasks are: + +- Details – Creates an interim processing table in the database for use by downstream analysis and + report generation +- User Details – Creates an interim processing table in the database for use by downstream analysis + and report generation + +In addition to the tables and views created by the analysis tasks, the AD_UserAttributeCompletion +Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Attribute Completion | This report identifies which attributes are present within User fields in Active Directory, and which ones are blank for a majority of objects. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays completeness by attribute - Table – Provides details on users with blank attributes - Table –Provides details on completeness by attribute | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_userdelegation.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_userdelegation.md new file mode 100644 index 0000000000..11bf1b15bd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_userdelegation.md @@ -0,0 +1,29 @@ +# AD_UserDelegation Job + +The AD_Delegation Job highlights user accounts which are trusted for delegation. Kerberos delegation +enables an application to access resources hosted on a different server, and opens up several +avenues to compromise based on the type of delegation enabled.  See the +[What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix +blog article for more information about this configuration and the related security risks. + +## Analysis Task for the AD_UserDelegation Job + +Navigate to the **Active Directory** > **2.Users** > **AD_UserDelegation** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AD_UserDelegation Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/userdelegationanalysis.webp) + +The default analysis tasks are: + +- Determine users for trusted delegation – Creates the SA_AD_UserDelegation_Details table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis task, the AD_UserDelegation Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Users Trusted for Delegation | This report highlights which users are trusted for delegation, which accounts are sensitive, and whether the delegation is constrained or unconstrained. | None | This report is comprised of three elements: - Bar Chart – Displays users trusted for delegation by domain - Table – Provides details on users trusted for delegation - Table – Provides details on users trusted for delegation by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_usertoken.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_usertoken.md new file mode 100644 index 0000000000..3eefdb3978 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_usertoken.md @@ -0,0 +1,29 @@ +# AD_UserToken Job + +The AD_UserToken Job identifies and reports the number of SIDS and estimated token size associated +with each user. Token bloat can lead to issues during login and can also cause applications that use +Kerberos authentication to fail. See the Microsoft +[Problems with Kerberos authentication when a user belongs to many groups](https://learn.microsoft.com/en-US/troubleshoot/windows-server/windows-security/kerberos-authentication-problems-if-user-belongs-to-groups) +article for more information about estimated token size. + +## Analysis Task for the AD_UserToken Job + +Navigate to the **Active Directory** > **2.Users** > **AD_UserToken** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AD_UserToken Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/usertokenanalysis.webp) + +The default analysis tasks are: + +- Calculate Token Size – Creates the SA_AD_UserTokens_Details table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis task, the AD_UserToken Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Token | A user's token size is directly related to the number of SIDs associated with their user account, taking into account historical SIDs and effective membership. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top users by estimated token size - Table – Provides details on user tokens | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_weakpasswords.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_weakpasswords.md new file mode 100644 index 0000000000..4766a3d1a6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_weakpasswords.md @@ -0,0 +1,109 @@ +# AD_WeakPasswords Job + +The AD_WeakPasswords Job analyzes user account password hashes to determine how easily each could be +compromised or the likelihood their passwords are known through comparison with compromised password +dictionaries and other exceptions. Exceptions include: + +- AES Key Missing – Account is set up using older functional AD levels, so has no AES key. These + accounts use weaker encryption methods susceptible to brute force attacks. +- Clear Text Password – Account has passwords stored with reversible encryption. See the Microsoft + [Store passwords using reversible encryption](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh994559(v=ws.11)) + article for additional information. +- Default Computer Password – Computer has default computer passwords set +- Delegable Admins – Administrator account is allowed to be delegated to a service +- DES Encryption Only – Account is using Kerberos DES encryption. DES encryption is considered weak + as the 56-bit key is prone to brute force attacks. See the Microsoft + [AD DS: User accounts and trusts in this domain should not be configured for DES only](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff646918(v=ws.10)) + article for additional information. +- Empty Password – Account has an empty password +- Kerberos Pre-authentication is not required – Account does not require Kerberos + pre-authentication. Kerberos pre-authentication can mitigate against brute force attacks. See the + Microsoft + [Kerberos Pre-Authentication: Why It Should Not Be Disabled](https://learn.microsoft.com/en-us/archive/technet-wiki/23559.kerberos-pre-authentication-why-it-should-not-be-disabled) + article for additional information. +- LM Hash – Account has stored LM hashes. The LM hash is a relatively weak hash that is prone to + brute force attacks. See the Microsoft + [How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases](https://learn.microsoft.com/en-US/troubleshoot/windows-server/windows-security/prevent-windows-store-lm-hash-password) + article for additional information. +- Password Never Expires – Account has a password that never expires +- Password Not Required – Account does not require a password +- Weak Historical Password – Account has a historical password that was found in the dictionary +- Weak Password – Account has a password that was found in the dictionary +- Shares Common Password – Account shares a password with another account + +## Queries for the AD_WeakPasswords Job + +The AD_WeakPasswords Job uses the PasswordSecurity Data Collector. + +![Query for the AD_WeakPasswords Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/weakpasswordsquery.webp) + +The query for this job are: + +- Weak Passwords – Collects password hashes to identify weak passwords + + - See the + [PasswordSecurity Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/overview.md) + topic for additional information + +### Configure the Weak Passwords Query + +The PasswordSecurity Data Collector can be scoped if desired. Follow the steps to modify the query +configuration. + +**Step 1 –** Navigate to the job’s Configure node and select Queries. + +**Step 2 –** In the Query Selection view, select the **Weak Passwords** query and click**Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the Data Source tab, and click **Configure**. The Password Security Data +Collector Wizard opens. + +![Password Security Data Collection Wizard Scan options page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/optionsweakpassword.webp) + +**CAUTION:** Read the warning prior to enabling the cleartext password feature. + +**Step 4 –** On the Options page, configure the scan options by enabling communication with the +Active Directory via SSL or returning cleartext password entries. + +![Password Security Data Collection Wizard Dictionary options page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/dictionariesweakpassword.webp) + +**Step 5 –** On the Dictionaries page, configure the dictionary options by enabling the Stealthbits +password dictionary or click **Add…** to upload a custom dictionary with NTLM hashes or plaintext +passwords to use during the scan. + +- See the + [PasswordSecurity: Dictionaries](/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/dictionaries.md) + topic for additional information + +**Step 6 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The Weak Passwords query is now configured. + +## Analysis Tasks for the AD_WeakPasswords Job + +Navigate to the **Active Directory** > **2.Users** > **AD_WeakPasswords** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_WeakPasswords Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/weakpasswordsanalysis.webp) + +The default analysis tasks are: + +- Count of Shared Passwords – Creates the SA_AD_WeakPasswords_Count table accessible under the job's + Results node +- Join Active Directory Stats – Creates the SA_AD_WeakPasswords_Details table accessible under the + job’s Results node +- Summarize Password Issues – Creates the SA_SA_AD_WeakPasswords_Summary table accessible under the + job's Results node +- Add to AD Exceptions – Creates the SA_AD_UserDelegation_Details table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_UserDelegation Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Weak Passwords Checks | This job identifies accounts in the organization with weak passwords that can be easily decrypted or brute forced. | None | This report is comprised of three elements: - Bar Chart – Displays password weaknesses - Table – Provides details on password weaknesses - Table – Provides details on exceptions and user counts | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/overview.md new file mode 100644 index 0000000000..18a0774d12 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/overview.md @@ -0,0 +1,51 @@ +# 2.Users Job Group + +The 2.Users Job Group identifies user conditions and pinpoint potential areas of administrative +concern such as weak passwords, user token size, or stale users. + +![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following components comprise the 2.Users Job Group: + +- [AD_DirectMembership Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_directmembership.md) + – Identifies users who do not have any group membership. This condition may indicate unnecessary + user accounts that are suitable candidates for review and cleanup. +- [AD_DuplicateUsers Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_duplicateusers.md) + – Identifies multiple user accounts which may be owned by a single employee. A user may have + accounts in multiple domains or administrative accounts with greater access than their normal + account. +- [AD_OrphanedUsers Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_orphanedusers.md) + – Identifies users whose managers are stale or disabled. These user accounts should be reviewed + and appropriate management should be assigned. +- [AD_PasswordStatus Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_passwordstatus.md) + – Highlights potential issues with user password settings that may exploited or compromised if not + addressed +- [AD_ServiceAccounts Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_serviceaccounts.md) + – Offers information about service accounts and if they are vulnerable to Kerberoasting. An + account is deemed vulnerable to a Kerberoasting attack if the msDS-SupportedEncryptionTypes value + supports RC4 as the highest encryption type. +- [AD_SIDHistory Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_sidhistory.md) + – Enumerates historical SIDs in the audited environment and highlights exceptions involving the + SIDHistory attribute on AD user objects. Specific conditions include when a user has a historical + SID from their current domain, or when a non-admin user has a historical SID with administrative + rights, both of which may be indicators of compromise. +- [AD_StaleUsers Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_staleusers.md) + – Identifies potentially stale users based on the amount of time since their last login to the + domain, or if the account has been disabled. These accounts should be reviewed and cleaned up in + order to increase security and reduce complexity. +- [AD_UserAttributeCompletion Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_userattributecompletion.md) + – Identifies which attributes are present within User fields in Active Directory, and which ones + are blank for a majority of objects. This may indicate accounts within Active Directory which are + lacking appropriate information. +- [AD_UserDelegation Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_userdelegation.md) + – Highlights user accounts which are trusted for delegation. Kerberos delegation enables an + application to access resources hosted on a different server, and opens up several avenues to + compromise based on the type of delegation enabled. +- [AD_UserToken Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_usertoken.md) + – Identifies and reports the number of SIDS and estimated token size associated with each user. + Token bloat can lead to issues during login and can also cause applications that use Kerberos + authentication to fail. +- [AD_WeakPasswords Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_weakpasswords.md) + – Analyzes user account password hashes to determine how easily each could be compromised or the + likelihood their passwords are known through comparison with compromised password dictionaries and + other exceptions diff --git a/docs/accessanalyzer/11.6/solutions/activedirectory/users/recommended.md b/docs/accessanalyzer/11.6/solutions/activedirectory/users/recommended.md new file mode 100644 index 0000000000..38fa653145 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectory/users/recommended.md @@ -0,0 +1,91 @@ +# Recommended Configurations for the 2.Users Job Group + +The **Active Directory** > **2.Users** Job Group has been configured by default to run with the +out-of-the-box settings. It can be run directly or scheduled. + +Dependencies + +- The **.Active Directory Inventory** Job Group needs to be successfully executed prior to running + this job group + + - For the **AD_ServiceAccounts** Job, the **.Active Directory Inventory** > **1-AD_Scan** Job + needs to be configured to collect **servicePrincipalName** as a Custom Attribute + +- For the **AD_WeakPassword** Job: + + - Requires the DSInternals PowerShell Module, which is a third-party package. See the + [AD_WeakPasswords Job](/docs/accessanalyzer/11.6/solutions/activedirectory/users/ad_weakpasswords.md) + topic for additional information. + - The AD_WeakPasswords Job depends on a dictionary file. See the + [PasswordSecurity: Dictionaries](/docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/dictionaries.md) + topic for additional information. + + **_RECOMMENDED:_** If this job is not to be used, disable the job to prevent execution when the + job group is executed. + +Targeted Host(s) + +Only the **AD_WeakPasswords** Job requires a host list. The host list assignment has been configured +under the **2. Users** > **AD_WeakPasswords** > **Configure** > **Hosts** node. It is set to target +the **ONE DOMAIN CONTROLLER PER DOMAIN** host list. This host list is a dynamic host list based on +the host inventory value in the **isDomainController** field in the Host Master Table. + +Connection Profile + +Only the **AD_WeakPasswords** Job requires a Connection Profile. It must be set directly on the +**AD_WeakPasswords** Job (through the Job Properties window) with Domain Administrator privileges. + +**NOTE:** The **AD_WeakPassword** Job can be executed with a least privilege credential. See the +[Active Directory Auditing Configuration](/docs/accessanalyzer/11.6/config/activedirectory/access.md) +topic for additional information. + +Schedule Frequency + +The data analyzed by the **2.Users** Job Group jobs is collected by the **.Active Directory +Inventory** Job Group. Therefore, it is recommended to schedule these jobs to run after the +**.Active Directory Inventory** job group collection has completed. These jobs can be scheduled to +run as desired. + +Run at the Job Group Level + +Run the jobs in the **2.Users** Job Group together and in order by running the entire job group, +instead of the individual jobs. + +_Remember,_ if the **AD_WeakPassword** Job is not to be executed, it can be disabled. + +Analysis Configuration + +The **2.Users** Job Group should be run with the default analysis configurations. Most of the +analysis tasks are preconfigured for this Job Group. + +Some analysis tasks have customizable parameters: + +- The **.Active Directory Inventory** Solution defines stale users. These parameters can be + customized. + + - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks + + **NOTE:** Changes to an exception’s definition will affect all jobs dependent upon that + exception as well as all Access Information Center Exceptions reports. + +Workflow + +**Step 1 –** Prerequisite: Ensure the **.Active Directory Inventory** Job Group has been +successfully run. + +**Step 2 –** For AD_WeakPassword Job: Run a host discovery query to discover domain controllers. + +- The **AD_WeakPasswords** Job has been set to run against the following default dynamic host list: + + - ONE DOMAIN CONTROLLER PER DOMAIN + + **NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table that meet + the host inventory criteria for the list. Ensure the appropriate host lists have been populated + through host inventory results. + +**Step 3 –** Set a Connection Profile on the job that runs the data collection. + +**Step 4 –** Schedule the **2.Users** Job Group to run as desired after the prerequisite job has +completed. + +**Step 5 –** Review the reports generated by the **2.Users** Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/1-ad_scan.md b/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/1-ad_scan.md new file mode 100644 index 0000000000..1cb5e01540 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/1-ad_scan.md @@ -0,0 +1,180 @@ +# 1-AD_Scan Job + +The 1-AD_Scan Job collects data from Active Directory. In most environments, this job requires no +additional customizations before running it. Optionally, the job can be configured to scope scan +options and to collect custom attributes. For enable SSL encryption for communication with Active +Directory, see the [Enable SSL Option](#enable-ssloption) topic for additional information. + +## Queries for the 1-AD Scan Job + +The 1-AD_Scan Job uses the ADInventory Data Collector for the following query: + +![Queries for the 1-AD Scan Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scanqueries.webp) + +- AD Inventory – Targets a domain controller to collect inventory data for user, group, and computer + objects + + - This query can be modified. See the + [Customize the 1-AD_Scan Query](#customize-the-1-ad_scan-query) topic for additional + information. + +### Customize the 1-AD_Scan Query + +The 1-AD_Scan Job has been preconfigured to run with the default settings with the category of Scan +Active Directory. Follow the steps to set any desired customizations to scan options or to collect +custom attributes. + +**Step 1 –** Navigate to the **.Active Directory Inventory** > **1-AD_Scan** > **Configure** node +and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Active Directory Inventory +DC Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Active Directory Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardoptions.webp) + +**Step 4 –** (Optional) On the Options page, you can: + +- Enable encrypted communication with Active Directory (SSL) +- Configure the differential scan settings using the **Collect only updates since last + scan** settings + +See the +[ADInventory: Options](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/options.md) +topic for more information. + +![Active Directory Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp) + +**Step 5 –** (Optional) On the Custom Attributes page, add any desired custom attributes to be used +in the Active Directory scan. See the +[ADInventory: Custom Attributes](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.md) +topic for additional information. + +**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +**NOTE:** In order for the Access Information Center to populate NFS permissions within File System +reports, the .Active Directory Inventory Job Group must be configured to collect the **uid** and +**uidNumber** attributes for Users. See the +[NFS Permissions for the AIC ](#nfs-permissions-for-the-aic) topic for additional information. + +The 1-AD_Scan Job is now ready to run with the customized settings. If any custom attributes are +added to the data collection, the **Create Extended Attributes View** analysis task can be enabled +in order to have visibility into the collected data. + +## Analysis Tasks for the 1-AD_Scan Job + +View the analysis tasks by navigating to the **.Active Directory Inventory** > **1-AD_Scan** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 1-AD_Scan Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scananalysis.webp) + +The following analysis tasks are selected by default: + +- Import functions – Imports effective group membership function into the database +- Create Extended Attributes View – Creates the SA_ADInventory_ExtendedAttributesView for Custom + Attributes that have been added to the query +- Summarize Domains – Creates the SA_ADInventory_Report_DomainSummary table +- Summarize Stats – Creates the SA_ADInventory_Summary table + +The following analysis tasks never need to be selected as they are only needed to restore views that +have been accidentally hidden: + +- Bring User View To Console – Restores the SA_ADInventory_UsersView to be visible within the + Enterprise Auditor Console if it is hidden +- Bring Group Members View To Console – Restores the SA_ADInventory_GroupMembersView to be visible + within the Enterprise Auditor Console if it is hidden +- Bring Group View To Console – Restores the SA_ADInventory_GroupsView to be visible within the + Enterprise Auditor Console if it is hidden +- Bring Computers View to Console – Restores the SA_ADInventory_ComputersView to be visible within + the Enterprise Auditor Console if it is hidden +- Remove ADI Stored Procedures – Removes the built-in ADI stored procedures + +In addition to the tables and views explained in the +[Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/standardtables.md) +topic, the 1-AD_Scan Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Active Directory Summary | This report provides a summary of all audited domains and objects. | None | This report is comprised of four elements: - Table – Displays general statistics in the Users, Groups, and Computers in All Audited Domains - Pie Chart – Displays Principals by Object Class - Pie Chart – Displays Principals by Audited Domain - Table – Displays detailed statistical information for each of the AD objects | + +## NFS Permissions for the AIC + +In order for the Access Information Center to populate NFS resources within all File System +permissions and resource audit reports, the .Active Directory Inventory Job Group must be configured +to collect the following custom attributes for Users: + +- uid +- uidNumber + +Follow the steps to add the custom attributes. + +**Step 1 –** Navigate to the Active Directory Inventory DC Wizard for the AD Inventory Query within +the 1-AD_Scan Job. + +![Active Directory Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp) + +**Step 2 –** Navigate to the Options page. Ensure the **Collect only updates since last scan** +option is deselected. + +**NOTE:** Whenever query configurations are modified, it is necessary to do a full scan. After the +first full scan, differential scanning can be re-enabled. + +![Active Directory Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp) + +**Step 3 –** Use the **Next** button to navigate to the Custom Attributes page. Add both **uid** and +**uidNumber** attributes to the existing list of custom attributes. See the +[ADInventory: Custom Attributes](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.md) +topic for additional information. + +- **uid** attribute: + + - Domain Filter – \* + - Object Class – User + - Attribute Name – uid + +- **uidNumber** attribute: + + - Domain Filter – \* + - Object Class – User + - Attribute Name – uidNumber + +**Step 4 –** Use the **Next** button to navigate to the Summary page and click **Finish**. The +Active Directory Inventory DC Wizard closes. Click **OK** to close the Query Properties window. + +**Step 5 –** Run the .Active Directory Inventory Job Group either manually or through a scheduled +task. + +The .Active Directory Inventory Job Group is now collecting attributes required for NFS data to be +visible within the Access Information Center. + +_Remember,_ it is necessary to re-enable differential scanning after Step 5 if desired. + +See the Resource Audit topics in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +## Enable SSL Option + +Follow the steps to enable SSL encryption for communications with Active Directory: + +**Step 1 –** Navigate to the **1-AD_Scan > Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query +Properties window opens. + +**Step 3 –** Go to the Options page and select the **Encrypt communication with Active Directory +(SSL)** checkbox. Click **Next**. + +**Step 4 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The job will now use SSL encryption to query Active Directory. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/2-ad_changes.md b/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/2-ad_changes.md new file mode 100644 index 0000000000..d197a16ba0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/2-ad_changes.md @@ -0,0 +1,173 @@ +# 2-AD_Changes Job + +The 2-AD_Changes Job tracks changes within all scanned domains. Reports in the job highlight Active +Directory changes which have occurred since the last time the .Active Directory Inventory Job Group +was run. It is dependent on the running of the 1-AD_Scan Job, also located in the .Active Directory +Inventory Job Group. + +The 1-AD_Scan Job must have the Query Option to **Track changes into Change tracking tables** +selected in order for the Analysis Tasks in the 2-AD_Changes Job to work. See Step 4 of the +[Customize the 1-AD_Scan Query](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/1-ad_scan.md#customize-the-1-ad_scan-query) +topic for additional information. + +## Analysis Tasks for the 2-AD_Changes Job + +View the analysis tasks by navigating to the **.Active Directory Inventory** > **2-AD_Changes** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 2-AD_Changes Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/changesanalysis.webp) + +The following analysis tasks are selected by default: + +- Org Changes + + - Creates the SA_AD_Changes_OrganizationalChanges table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +- Analyze Group Changes – Creates the SA_AD_Changes_GroupAnalysis table accessible under the job’s + Results node +- Attribute Changes + + - Creates the SA_AD_Changes_AttributeChangeDetails table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +- User Account Status + + - Creates the SA_AD_Changes_UserAccountStatus table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +- Group Membership Changes + + - Creates the SA_AD_Changes_GroupMembershipChanges table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +- Object Moves + + - Creates the SA_AD_Changes_ObjectMoves table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +- New Principals – Creates interim processing tables in the database for use by downstream analysis + and report generation +- Deleted Principals + + - Creates the SA_AD_Changes_DeletedPrincipals table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +The Notification analysis tasks are optional and require configuration before enabling them. The +following analysis tasks are deselected by default: + +- Domain Admin Changes – Alerts when Domain Admins Group membership changes occur + + - Importance – Security, as this is a Sensitive Security Group + +- Empty Groups – Alerts when group membership changes result in an empty group + + - Importance – AD Clean-up + +- Circular Nesting – Alerts when group membership changes result in a group effectively containing + itself + + - Importance – Security and AD Clean-up + +- Stale Membership – Alerts when group members become stale + + - Importance – Security and AD Clean-up + +- Large Change – Alerts when group membership changes result in a group becoming large + + - Importance – Security + +- Disabled Users – Alerts when user accounts become disabled + + - Importance – Security + +- Locked out Users – Alerts when user accounts become locked-out + + - Importance – Security  and Employee Productivity + +- Alert on New Principals – Alerts when new user, group, or computer objects are created + + - Importance – Security and AD Clean-up + +- Alert on Deleted Users – Alerts when user accounts are deleted + + - Importance – Security  and Employee Productivity + +Notification must have recipients configured for the analysis task. Optionally, the email subject +and body can be modified. See the +[Notification Analysis Tasks for the 2-AD_Changes Job](#notification-analysis-tasks-for-the-2-ad_changes-job) +topic for additional information. + +In addition to the tables and views created by the analysis tasks, the 2-AD_Changes Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------------------------- | ------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Attribute Changes | This report tracks attribute changes within Active Directory. | None | This report is comprised of three elements: - Bar graph – Displays Attribute Changes (Past 24 Hours) - Table – Provides details on attribute changes (Past 24 Hours) - Table – Provides details on changes | +| Group Membership Changes (A.K.A. Most Active Groups) | This report tracks group membership changes in Active Directory. | None | This report is comprised of three elements: - Bar graph – Displays Most Active Groups (Past 24 Hours) - Table – Provides details on the most active groups (Past 24 Hours) - Table – Provides details on the most active groups | +| New Principals | This report identifies when principals have been created on the targeted domains. | None | This report is comprised of two elements: - Bar graph – Displays New Principals by Domain (Past 24 Hours) - Table – Provides details on the new principals by domain | +| Object Moves | This report tracks object moves in Active Directory. | None | This report is comprised of two elements: - Table – Displays Most Active OUs (Past 24 Hours) - Table – Provides details on the most active OUs | +| Org Changes (A.K.A. Organizational Changes) | This report tracks organizational moves such as manager, title or department changes. | None | This report is comprised of three elements: - Bar graph – Displays Organizational Changes (Past 24 Hours) - Table – Provides details on organizational changes (Past 24 Hours) - Table – Provides details on the organizational changes | +| Principal Deletions (A.K.A. Past 24 Hours) | This report identifies when principals have been deleted from the targeted domains. | None | This report is comprised of three elements: - Bar graph – Displays Deleted Principals by Domain (Past 24 Hours) - Table – Provides details on deleted principals by domain (Past 24 Hours) - Table – Provides details on the principals by domain | +| User Account Status Changes | This report tracks user account status changes. | None | This report is comprised of three elements: - Bar graph – Displays User Account Control Changes (Past 24 Hours) - Table – Provides details on user account control changes (Past 24 Hours) - Table – Provides details on the user account control changes | + +### Notification Analysis Tasks for the 2-AD_Changes Job + +In order for Enterprise Auditor to send email notifications, it is necessary for the **Settings** > +**Notification** node to be properly configured. See the +[Notification](/docs/accessanalyzer/11.6/admin/settings/notification.md) +topic for instructions on enabling the Enterprise Auditor Console to send email notifications. Once +email notifications have been enabled, the individual notification analysis tasks can be configured +and enabled. Follow the steps to configure a notification analysis task. + +**Step 1 –** Navigate to the **.Active Directory Inventory** > **2-AD_Changes** > **Configure** node +and select **Analysis**. + +![Notification Analysis Tasks for the 2-AD_Changes Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/changesanalysisnotification.webp) + +**Step 2 –** In the Analysis Selection view, select the desired notification analysis task and click +**Analysis Configuration**. The Notification Data Analysis Module opens. + +![Notification Data Analysis Module SMTP properties page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/notificationanalysissmtp.webp) + +**CAUTION:** Do not make changes to the pages preceding the SMTP page. + +**Step 3 –** Use the **Next** button to navigate to the email configuration SMTP page. + +![Recipients section of SMTP properties page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp) + +**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully +qualified address) for those who are to receive this notification. Multiple addresses can be +provided. You can use the following options: + +- Add – Add an email address to the E-mail field +- Remove – Remove an email address from the Recipients list +- Combine multiple messages into single message – Sends one email for all objects in the record set + instead of one email per object to all recipients + +![Message section of SMTP properties page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp) + +**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any +parameters. Then, customize the email content in the textbox to provide an explanation of the +notification to the recipients. + +**Step 6 –** Click **Next** to save these configuration changes and navigate to the Summary page. Do +not make changes to any other pages. Click **Finish**. The Notification Data Analysis Module window +closes. + +**Step 7 –** This notification analysis task is now configured to send emails. In the Analysis +Selection view, select the task checkbox. + +**Step 8 –** Repeat this process for each desired notification analysis task. + +Configured and enabled notifications now send alerts automatically during the execution of the +2-AD_Changes Job. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/3-ad_exceptions.md b/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/3-ad_exceptions.md new file mode 100644 index 0000000000..3401757440 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/3-ad_exceptions.md @@ -0,0 +1,140 @@ +# 3-AD_Exceptions Job + +The 3-AD_Exceptions Job identifies toxic conditions that exist within Active Directory which may +leave your environment at risk or add unnecessary administrative overhead. It is dependent on +running the 1-AD_Scan Job, also located in the .Active Directory Inventory Job Group. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The 3-AD_Exceptions Job has the following configurable parameters: + +- Threshold of group members +- Threshold of nesting +- Threshold necessary to identify a stale group (0-100%) +- Whether to include disabled users that are stale +- Whether to include expired users that are stale +- Threshold for token size +- List of administrative groups + +See the +[Customize Analysis Parameters for the 3-AD_Exceptions Job](#customize-analysis-parameters-for-the-3-ad_exceptions-job) +topic for additional information. + +## Analysis Tasks for the 3-AD_Exceptions Job + +View the analysis tasks by navigating to the **.Active Directory Inventory** > **3-AD_Exceptions** > +**Configure** node and select **Analysis**. Analysis tasks with configuration parameters that define +the security concerns within them can be modified. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 3-AD_Exceptions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/exceptionsanalysis.webp) + +The following analysis tasks are selected by default: + +- Large Groups + + - Identifies groups that exceeded the defined threshold for effective group membership + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of a large group can be customized + +- Deeply Nested Groups + + - Identifies groups that exceeded the defined threshold of deep levels of membership nesting + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of a deeply nested group can be customized + +- Circular Nesting + + - Identifies groups with circular references in their effective membership + - Populates processing tables in the database for use by downstream analysis and report + generation + +- Empty Groups + + - Identifies groups with no membership + - Populates processing tables in the database for use by downstream analysis and report + generation + +- Single Member Groups + + - Identifies groups with a single direct member + - Populates processing tables in the database for use by downstream analysis and report + generation + +- Stale Users + + - Identifies user accounts that are expired, are disabled, or have exceeded the defined + threshold of inactivity + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of a stale user can be customized + +- Stale Membership + + - Identifies groups with a high percentage of effective members that are stale users + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of stale membership can be customized + +- Large Token + + - Identifies users that exceeded the defined threshold for effective membership in authorization + groups + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of a large token can be customized + +- Historical SID Tampering + + - Identifies users that have a historical SID from their current domain + - Populates processing tables in the database for use by downstream analysis and report + generation + +- Admin Historical SID + + - Identifies users that have a historical SID from an administrator account + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of an administrator group can be customized + +- Display Exceptions View – Creates the SA_ADInventory_ExceptionsView accessible under the job’s + Results node +- Summarize Exceptions Count – Generates data used in the Exceptions report + +In addition to the tables and views created by the analysis tasks, the 3-AD_Exceptions Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------- | ---------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Exceptions Summary (A.K.A. AD Exceptions) | This report summarizes common issues with user accounts and group membership | None | This report is comprised of three elements: - Pie Chart – Displays exceptions by class - Table – Provides exceptions by count - Table – Provides details on exceptions | + +### Customize Analysis Parameters for the 3-AD_Exceptions Job + +Exception definitions that can be customized have the following default values for the customizable +parameters: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| -------------------- | --------------------------- | --------------------------------------------------- | --------------------------------------------------------------------- | +| Large Groups | @LARGE_THRESHOLD | 10 | A group object with 10 members or more | +| Deeply Nested Groups | @NESTING_THRESHOLD | 1 | A group object nested 1 level or deeper within another group object | +| Stale Users | @STALE_THRESHOLD | 60 | A user object that has been inactive for 60 days or more | +| | @INCLUDE_DISABLED | True | A user object that has been disabled | +| | @INCLUDE_EXPIRED | True | A user object that has expired | +| Stale Membership | @STALE_THRESHOLD | 10 | A group with 10% of its effective members are stale users | +| Large Token | @TOKEN_THRESHOLD | 10 | A user object with effective membership in more than 10 group objects | +| Admin Historical SID | #ADMIN_GROUPS | - Domain Admins - Enterprise Admins - Schema Admins | List of administrative groups | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions to modify the parameters. See the +[AD Exception Types Translated](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/standardtables.md#ad-exception-types-translated) +topic for an explanation of Exception Types. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/overview.md new file mode 100644 index 0000000000..7afeb7ff8a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/overview.md @@ -0,0 +1,63 @@ +# .Active Directory Inventory Solution + +Active Directory (AD) acts as the central nervous system of any Microsoft environment and plays a +vital role in granting access to resources such as Exchange, File Systems, SharePoint, and SQL +Server. The .Active Directory Inventory Solution is designed to provide essential user, group +membership, and computer details from the targeted domains to many Enterprise Auditor built-in +solutions. Key information includes user status, user attributes, and group membership. The +collected data is accessed by other Enterprise Auditor solutions and the Netwrix Access Information +Center for analysis. + +**NOTE:** This solution is required for using the Access Information Center. + +This topic covers information on using the ADInventory Data Collector and the .Active Directory +Inventory Job Group. + +Supported Platforms + +- Windows 2003 Forest level or higher + +Permissions + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +Ports + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +Location + +The .Active Directory Inventory Solution is a core component of all Enterprise Auditor +installations. Typically this solution is instantiated during installation, but it can be installed +from the Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to the +solution: **Jobs** > **.Active Directory Inventory**. This group has been named in such a way to +keep it at the top of the Jobs tree. + +## Jobs + +This Job Group is comprised of three jobs that collect, analyze, and report on data. The data +collection is conducted by the ADInventory Data Collector. See the +[Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adinventory/standardtables.md) +topic for database table information. + +![.Active Directory Inventory Solution Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overview.webp) + +The .Active Directory Inventory Solution has the following jobs: + +- [1-AD_Scan Job](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/1-ad_scan.md) + – Collects data and generates the standard reference tables and views +- [2-AD_Changes Job](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/2-ad_changes.md) + – Analyzes the collected data to track and alert on changes within all scanned domains that + occurred since the last scan +- [3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/3-ad_exceptions.md) + – Analyzes the collected data to identify security and provisioning concerns, such as circular + nesting and stale membership diff --git a/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/recommended.md b/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/recommended.md new file mode 100644 index 0000000000..077ad45bf7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/recommended.md @@ -0,0 +1,88 @@ +# Recommended Configurations for the .Active Directory Inventory Solution + +The .Active Directory Inventory Solution has been configured by default to run with the +out-of-the-box settings, but some settings are optional for configuration. It can be run directly or +scheduled. + +Dependencies + +This job group does not have dependencies. + +Targeted Hosts + +The host list assignment has been configured under the **.Active Directory Inventory** > +**Settings** > **Host List Assignment** node. It is set to target the Default domain controller host +list, which is the domain in which the Enterprise Auditor Console server resides. + +If targeting multiple domains, change the Host List Assignment to the **ONE DOMAIN CONTROLLER PER +DOMAIN** host list. + +The Default domain controller host list and ONE DOMAIN CONTROLLER PER DOMAIN host list are dynamic +host lists based on the host inventory value in the isDomainController field in the Host Master +Table. + +Connection Profile + +The Connection Profile has been configured under the **.Active Directory Inventory** > +**Settings** > **Connection** node. It is set to Use the Default Profile, as configured at the +global settings level. Ensure the assigned Connection Profile has the necessary permissions on all +targeted domains. + +If targeting multiple domains, ensure the assigned Connection Profile has the necessary permissions +on all targeted domains. + +History Retention + +Not supported and should be turned off + +Multi-Console Support + +Not supported + +Schedule Frequency + +**_RECOMMENDED:_** Schedule the .Active Directory Inventory Job Group to run once a day. + +If there are frequent AD changes within the target environment, then it can be executed more often. +It is best to rerun it anytime AD changes might have occurred. + +Run at the Solution Level + +The jobs in the .Active Directory Inventory Job Group should be run together and in order by running +the entire solution, instead of the individual jobs. + +Query Configuration + +The solution is best run with the default query configuration. However, a possible modification +might be to include configurations of the scan options or additional custom attributes within the +[1-AD_Scan Job](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/1-ad_scan.md). + +Analysis Configuration + +The solution is best run with the default analysis configuration. However, possible modifications +might be to: + +- Enable notification analysis tasks within the + [2-AD_Changes Job](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/2-ad_changes.md) +- Customize exception analysis parameters within the + [3-AD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/3-ad_exceptions.md) + +Workflow + +The .Active Directory Inventory Job Group has been set to run against the following default dynamic +host list: + +- Default domain controller + +Default dynamic host lists are populated from hosts in the Host Master Table that meet the host +inventory criteria for the list. Ensure the appropriate host lists have been populated through host +inventory results. + +**Step 1 –** (Optional) Run a host discovery query to discover domain controllers. This is needed +when targeting multiple domains. + +**Step 2 –** Set a Connection Profile. + +**Step 3 –** chedule the .Active Directory Inventory Job Group to run as desired. + +**Step 4 –** Review the reports generated by the .Active Directory Inventory Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_brokeninheritance.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_brokeninheritance.md new file mode 100644 index 0000000000..9b71aa6464 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_brokeninheritance.md @@ -0,0 +1,32 @@ +# 6.Broken Inheritance > AD_BrokenInheritance Job + +The AD_BrokenInheritance Job reports on all locations within Active Directory where inheritance is +broken within the targeted domains. + +![6.Broken Inheritance Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritancejobstree.webp) + +The AD_BrokenInheritance Job is located in the 6.Broken Inheritance Job Group. + +## Analysis Tasks for the AD_BrokenInheritance Job + +Navigate to the **Active Directory Permissions Analyzer** > **6.BrokenInheritance** > +**AD_BrokenInheritance** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_BrokenInheritance Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritanceanalysis.webp) + +The default analysis tasks are: + +- Broken Inheritance Details – Creates the SA_AD_BrokenInheritance_Details table accessible under + the job’s Results node +- Broken Inheritance Summary – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_BrokenInheritance Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Broken Inheritance by Domain | This report highlights instances of broken inheritance on Active Directory objects. This information is summarized by domain. | None | This report is comprised of three elements: - Bar Chart – Displays broken inheritance by domain - Table – Provides summary of broken inheritance by OU - Table – Provides details on broken inheritance | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_openaccess.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_openaccess.md new file mode 100644 index 0000000000..95a7f0efea --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_openaccess.md @@ -0,0 +1,33 @@ +# 5.Open Access > AD_OpenAccess Job + +The AD_OpenAccess Job reports on all Active Directory permissions granting open access within the +targeted domains. Open Access can be defined as access granted to security principals such as: +Domain Users, Authenticated Users, and Everyone. + +![5.Open Access Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/openaccessjobstree.webp) + +The AD_OpenAccess Job is located in the 5.Open Access Job Group. + +## Analysis Tasks for the AD_OpenAccess Job + +Navigate to the **Active Directory Permissions Analyzer** > **5.Open Access** > **AD_OpenAccess** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_OpenAccess Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/openaccessanalysis.webp) + +The default analysis tasks are: + +- Determine open access – Creates the SA_AD_OpenAccess_Details table accessible under the job’s + Results node +- Summarize open access by domain – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_OpenAccess Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ---------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Open Access by Domain | This report highlights instances of open access on AD objects, and summarizes open access by domain. | None | This report is comprised of three elements: - Bar Chart – Displays open access by domain - Table – Provides details on open access - Table – Provides details on open access by domain | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_oupermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_oupermissions.md new file mode 100644 index 0000000000..e73ed150cd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_oupermissions.md @@ -0,0 +1,32 @@ +# 3.OUs > AD_OUPermissions Job + +The AD_OUPermissions Job reports on all Active Directory permissions applied to organizational unit +objects within the targeted domains. + +![3.OUs Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp) + +The AD_OUPermissions Job is located in the 3.OUs Job Group. + +## Analysis Tasks for the AD_OUPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **3.OUs** > **AD_OUPermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_OUPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp) + +The default analysis tasks are: + +- List OU permissions – Creates the SA_AD_OUPermissions_Details table accessible under the job’s + Results node +- Summarize OU permissions – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_OUPermissions Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| OU Permissions | This report highlights instances where permissions are applied to Active Directory organizational units. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays OU permissions by domain - Pie Chart – Displays OU permissions by type - Table – Provides details on OU permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md new file mode 100644 index 0000000000..e50a882439 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md @@ -0,0 +1,167 @@ +# AD_ShadowAccess Job + +This job finds shadow access that leads to compromise of a domain or sensitive data. Attackers can +chain vulnerabilities to escalate privileges from a non-privileged user to administrator with only a +few steps. This job will generate the shortest path between every non-privileged user to a domain +administrative group, total domain compromise, or access to sensitive data. + +This job will analyze the following links between resources and privileges in your environment: + +- Effective Group Membership +- Modify Group Membership +- Reset User Password +- Access through adminSDHolder +- DCSync/Domain Replication privileges +- Shared passwords between domain accounts +- Groups that provide access to sensitive data +- Local administrators that can dump hashes from user sessions +- Administrative rights on SQL Servers that hold sensitive data + +The AD_ShadowAccess Job has special dependencies. See the +[Recommended Configurations for AD Permissions Analyzer Solution](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/recommended.md) +topic for additional information. + +## Analysis Tasks for the AD_ShadowAccess Job + +Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks, with the exception of the +**Calculate Shadow Access** analysis tasks. The analysis tasks are preconfigured for this job. The +**Calculate Shadow Access** analysis task is the only analysis task that has customizable +parameters. + +![Analysis Tasks for the AD_ShadowAccess Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp) + +The default analysis tasks are: + +- Shadow Access Schema – Sets up the Shadow Access Tables and Views +- Dijkstra – Creates an interim processing table in the database for use by downstream analysis and + report generation +- Path Formatting – Creates an interim processing table in the database for use by downstream + analysis and report generation +- String Split – Creates an interim processing table in the database for use by downstream analysis + and report generation +- Calculate Shadow Access – Creates the SA_ShadowAccess_Details table accessible under the job’s + Results node + + - This Analysis Task has configurable parameters. See the + [Configure the Analysis Tasks for the AD_ShadowAccess Job](#configure-the-analysis-tasks-for-the-ad_shadowaccess-job) + topic for additional information. + +- Shadow Access Paths Cleanup – Removes calculated rows that are no longer used + +In addition to the tables and views created by the analysis tasks, the AD_ShadowAccess Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Domain Shadow Access | This report will calculate the shortest path between highly sensitive privileges and non-privileged users. | None | This report is comprised of five elements: - Bar Chart – Displays summary information on targeted domain - Table – Provides details on targeted domain in table form - Table – Provides details on exploited permissions - Table – Provides details on vulnerabilities - Table – Provides details on domain users and attack paths that can be used against those domain users | +| Sensitive Data Shadow Access | This report will calculate the shortest path between highly sensitive data and non-privileged users. | None | This report is comprised of five elements: - Bar Chart – Displays summary information on sensitive data - Table – Provides details on sensitive data in table form - Table – Provides details on exploited permissions - Table – Provides details on vulnerabilities - Table – Provides details on domain users and attack paths that can be used against those domain users | + +See the +[Report Functions for the AD_ShadowAccess Job](#report-functions-for-the-ad_shadowaccess-job) topic +for additional information. + +### Customizable Analysis Tasks for the AD_ShadowAccess Job + +The default values for customizable parameters are: + +| Analysis Task | Customizable Parameter Name | Default Value | Instruction | +| ------------------------ | --------------------------- | ----------------------------------------------------- | ------------------------------------- | +| Calculate Shadow Access | @session | 1 | Set to 0 to turn off Session Analysis | +| @shared_password | 0 | Set to 0 to turn of Shared Password Analysis | | +| @modify_group_membership | 1 | Set to 0 to turn off Modify Group Membership analysis | | +| @sensitive_data | 1 | Set to 0 to ignore sensitive data attacks | | +| @dcsync | 1 | Set to 0 to ignore dcsync rights | | +| @sdholder | 1 | Set to 0 to ignore sdadminholder | | +| @disabled | 0 | Set to 0 to ignore disabled users | | + +See the +[Configure the Analysis Tasks for the AD_ShadowAccess Job](#configure-the-analysis-tasks-for-the-ad_shadowaccess-job) +topic for additional information. + +### Configure the Analysis Tasks for the AD_ShadowAccess Job + +Customizable parameters enable Enterprise Auditor users to set the values used to classify user and +group objects during this job’s analysis. The parameters can be customized and are listed in a +section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s +parameters. + +**Step 1 –** Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > +**Configure** node and select **Analysis** to view analysis tasks. + +![Configure Calculate Shadow Access task from Analysis Selection view](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp) + +**Step 2 –** In the Analysis Selection view, select the **Calculate Shadow Access** analysis task, +then click **Analysis Configuration**. The SQL Script Editor opens. + +![SQL Script Editor](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp) + +**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. +Double-click on the current value and change as desired. + +- If the variable type is a table, select the cell and click **Edit Table** to modify the value. + +**CAUTION:** Do not change any parameters where the Value states `Created during execution`. + +**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor +window. + +The customizable analysis task parameters are now configured and ready to run. + +### Report Functions for the AD_ShadowAccess Job + +The reports generated by the AD_ShadowAccess Job presents users with an overview of vulnerabilities +and attack paths within the targeted environments. + +![Shadow Access reports in the job's Results node](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp) + +Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > **Results** node +to view the AD_ShadowAccess job reports. + +**NOTE:** These reports can also be accessed through the Web Console. See the +[Viewing Generated Reports](/docs/accessanalyzer/11.6/admin/report/view.md) +topic for additional information. + +![Exploited Permissions and Vulnerabilities on Shadow Access reports](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp) + +The Domain Shadow Access and Sensitive Data Shadow Access reports provide information on the +exploited permissions and vulnerabilities that can be used as attack paths for shadow access to +domain and sensitive data. + +- Exploited Permissions – Displays summary information of the types of permissions that can be + exploited by shadow attacks and the number of occurrences of those permissions +- Vulnerabilities – Displays summary information of the vulnerabilities that were detected and the + number of occurrences of those vulnerabilities + +![Report element displaying information on potential attack paths for users found in the targeted domain](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp) + +The last report element displays information on potential attack paths for users found in the +targeted domain. Clicking on the green plus sign next to an attack path will open an Attack Path +window that displays a step-by-step process of how a user object, if compromised, can be used to +conduct a shadow attack. + +![Attack Path window example](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp) + +The Attack Path window displays how a user object can be used in a shadow attack. + +- Example: + + - The `Everyone` principle has the rights to reset the password of `LSA` + - `LSA` can modify group membership of `Domain Admins` + - The Attack Path window reveals that every user in the domain is effectively a Domain Admin + +![Attack Path window example](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp) + +The number of objects and the direction of the arrows can change depending on the attack path and +related elements. + +- Example: + + - The `testgroupuser10` user object is a Local Admin on the `TESTS` server + - A user object that has a session on the `TESTS` server is a member of the `Domain Admins` + group + - If the `testgroupuser10` user object becomes compromised, an attacker can scrape the password + hash on a user object’s local session on `TESTS` that also is a member of `Domain Admins` and + become a Domain Admin itself diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_computerrights.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_computerrights.md new file mode 100644 index 0000000000..3edd40acc5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_computerrights.md @@ -0,0 +1,33 @@ +# AD_ComputerRights Job + +The AD_ComputerRights Job provides data collection to identify permissions applied to computers in +Active Directory. + +## Query for the AD_ComputerRights Job + +The AD_ComputerRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_ComputerRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp) + +- Computer Access Permissions – Returns computer access permission + + - See the + [ADPermissions Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_ComputerRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > +**AD_ComputerRights** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the AD_ComputerRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp) + +- Computer Rights View – Creates the SA_AD_ComputerRights_Details_PermissionsView visible under the + job’s Results node +- AIC computer permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_containerrights.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_containerrights.md new file mode 100644 index 0000000000..429f827aa3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_containerrights.md @@ -0,0 +1,35 @@ +# AD_ContainerRights Job + +The AD_ContainerRights Job provides data collection to identify permissions applied to Containers in +Active Directory. + +## Query for the AD_ContainerRights Job + +The AD_ContainerRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_ContainerRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp) + +- Container Access Permissions – Returns containers under the given scope + + - See the + [ADPermissions Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_ContainerRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > +**AD_ContainerRights** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ContainerRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp) + +The default analysis tasks are: + +- Container Rights View – Creates the SA_AD_ContainerRights_Details_PermissionsView visible under + the job’s Results node +- AIC container permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_domainrights.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_domainrights.md new file mode 100644 index 0000000000..bc97647140 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_domainrights.md @@ -0,0 +1,35 @@ +# AD_DomainRights Job + +The AD_DomainRights Job provides data collection to identify permissions applied to Domains in +Active Directory. + +## Query for the AD_DomainRights Job + +The AD_DomainRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_DomainRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp) + +- Domain Access Permissions – Returns domain access permissions + + - See the + [ADPermissions Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_DomainRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_DomainRights** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DomainRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp) + +The default analysis tasks are: + +- Domain Rights View – Creates the SA_AD_DomainRights_Details_PermissionsView visible under the + job’s Results node +- AIC domain permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_grouprights.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_grouprights.md new file mode 100644 index 0000000000..81929fb41e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_grouprights.md @@ -0,0 +1,35 @@ +# AD_GroupRights Job + +The AD_GroupRights Job provides data collection to identify permissions applied to groups in Active +Directory. + +## Query for the AD_GroupRights Job + +The AD_GroupRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_GroupRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp) + +- Group Access Permissions – Returns group access permissions + + - See the + [ADPermissions Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_GroupRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_GroupRights** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp) + +The default analysis tasks are: + +- Group Rights View – Creates the SA_AD_GroupRights_Details_PermissionsView visible under the job’s + Results node +- AIC group permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_ourights.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_ourights.md new file mode 100644 index 0000000000..2c641aa90e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_ourights.md @@ -0,0 +1,35 @@ +# AD_OURights Job + +The AD_OURights Job provides data collection to identify permissions applied to organizational units +in Active Directory. + +## Query for the AD_OURights Job + +The AD_OURights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_OURights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp) + +- OU Access Permissions – Returns organizational unit permissions + + - See the + [ADPermissions Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_OURights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_OURights** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_OURights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp) + +The default analysis tasks are: + +- OU Rights View – Creates the SA_AD_OURights_Details_PermissionsView visible under the job’s + Results node +- AIC OU permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_siterights.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_siterights.md new file mode 100644 index 0000000000..596a85cc16 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_siterights.md @@ -0,0 +1,35 @@ +# AD_SiteRights Job + +The AD_SiteRights Job provides data collection to identify permissions applied to sites in Active +Directory. + +## Query for the AD_SiteRights Job + +The AD_SiteRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_SiteRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp) + +- Site Access Permissions – Returns site permissions + + - See the + [ADPermissions Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_SiteRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_SiteRights** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_SiteRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp) + +The default analysis tasks are: + +- Site Rights View – Creates the SA_AD_SiteRights_Details_PermissionsView visible under the job’s + Results node +- AIC Site Permissions Import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_userrights.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_userrights.md new file mode 100644 index 0000000000..8ba552bbf7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_userrights.md @@ -0,0 +1,35 @@ +# AD_UserRights Job + +The AD_UserRights Job provides data collection to identify permissions applied to users in Active +Directory. + +## Query for the AD_UserRights Job + +The AD_UserRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_UserRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp) + +- User Access Permissions – Returns user permissions + + - See the + [ADPermissions Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_UserRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_UserRights** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_UserRights Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp) + +The default analysis tasks are: + +- User Rights View – Creates the SA_AD_UserRights_Details_PermissionsView visible under the job’s + Results node +- AIC user permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/overview.md new file mode 100644 index 0000000000..4fc9dcb2ca --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/overview.md @@ -0,0 +1,26 @@ +# 0.Collection Job Group + +The 0.Collection Job Group collects data on permissions applied to computers, groups, organizational +units, and users. It is dependent on data collected by the .Active Directory Inventory Job Group. +The jobs which comprise the 0.Collection Job Group process analysis tasks. + +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 0.Collection Job Group are: + +- [AD_ComputerRights Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_computerrights.md) + – Collects all Active Directory permissions applied to computer objects within the targeted + domains +- [AD_ContainerRights Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_containerrights.md) + – Collects all Active Directory permissions applied to container objects within the targeted + domains +- [AD_DomainRights Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_domainrights.md) + – Collects all Active Directory permissions applied to domain objects within the targeted domains +- [AD_GroupRights Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_grouprights.md) + – Collects all Active Directory permissions applied to group objects within the targeted domains +- [AD_OURights Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_ourights.md) + – Collects all Active Directory permissions applied to group objects within the targeted domains +- [AD_SiteRights Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_siterights.md) + – Collects all Active Directory permissions applied to site objects within the targeted domains +- [AD_UserRights Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ad_userrights.md) + – Collects all Active Directory permissions applied to user objects within the targeted domains diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/ad_computerpermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/ad_computerpermissions.md new file mode 100644 index 0000000000..caa5f3cfa5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/ad_computerpermissions.md @@ -0,0 +1,28 @@ +# AD_ComputerPermissions Job + +The AD_ComputerPermissions Job reports on all Active Directory permissions applied to computer +objects within the targeted domains. + +## Analysis Tasks for the AD_ComputerPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **4.Computers** > +**AD_ComputerPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ComputerPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp) + +The default analysis tasks are: + +- List computer object permissions – Creates the SA_AD_ComputerPermissions_Details table accessible + under the job’s Results node +- Summarize computer object permissions – Creates an interim processing table in the database for + use by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_ComputerPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Computer Permissions | This report highlights instances where permissions are applied to Active Directory computer objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays computer permissions by domain - Pie Chart – Displays computer permissions by type - Table – Provides details on computer permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/ad_lapspermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/ad_lapspermissions.md new file mode 100644 index 0000000000..35a7e6c605 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/ad_lapspermissions.md @@ -0,0 +1,30 @@ +# AD_LAPSPermissions Job + +The AD_LAPSPermissions Job identifies Active Directory objects that have access to LAPS attributes +and access to computer objects that may lead to unintended access to LAPS attributes. + +## Analysis Tasks for the AD_LAPSPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **4.Computers** > +**AD_LAPSPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_LAPSPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp) + +The default analysis tasks are: + +- LAPS Permissions – Identifies potential indirect LAPS permissions. Creates the + SA_AD_LAPSPermissions_Results table accessible under the job’s Results node. +- LAPS Attribute Permissions – Identifies permissions on the LAPS attributes in Active Directory for + each computer. Creates the SA_AD_LAPSPermissions_Attributes table accessible under the job’s + Results node. + +In addition to the tables and views created by the analysis tasks, the AD_LAPSPermissions Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| LAPS Attributes | Identify Active Directory objects that have access to LAPS attributes on Computers within your organization. | None | This report is comprised of three elements: - Pie Chart – Displays top attribute permissions by trustee - Table – Provides details on attribute permissions by trustee - Table – Provides details on attributes | +| LAPS Permissions | Identify Active Directory objects that have access to computers objects within your organization that may lead to indirect access to LAPS attributes. | None | This report is comprised of three elements: - Bar Chart – Displays LAPS permissions by domain - Pie Chart – Displays LAPS permissions by type - Table – Provides details on LAPS permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/overview.md new file mode 100644 index 0000000000..ecab1fdfb5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/overview.md @@ -0,0 +1,15 @@ +# 4.Computers Job Group + +The 4.Computers Job Group reports on all Active Directory permissions applied to computer objects +within the targeted domains. + +![4.Computers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 4.Computers Job Group are: + +- [AD_ComputerPermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/ad_computerpermissions.md) + – Reports on all Active Directory permissions applied to computer objects within the targeted + domains +- [AD_LAPSPermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/ad_lapspermissions.md) + – Identifies Active Directory objects that have access to LAPS attributes and access to computer + objects that may lead to unintended access to LAPS attributes diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/ad_adminsdholder.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/ad_adminsdholder.md new file mode 100644 index 0000000000..bf5b5f22c6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/ad_adminsdholder.md @@ -0,0 +1,43 @@ +# AD_AdminSDHolder Job + +The AD_AdminSDHolder Job is comprised of analysis tasks and reports which use the data collected by +the 0.Collection Job Group to provide information on permissions applied to the AdminSDHolder +Container in Active Directory. + +## Queries for the AD_AdminSDHolder Job + +The AD_AdminSDHolder Job uses the PowerShell Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Queries for the AD_AdminSDHolder Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp) + +- Default AdminSDHolder Perms – Creates a table of default AdminSDHolder permissions + + - See the + [PowerShell Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md) + topic for additional information + +## Analysis Tasks for the AD_AdminSDHolder Job + +Navigate to the **Active Directory Permissions Analyzer** > **7.Containers** > +**AD_AdminSDHolder** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_AdminSDHolder Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp) + +The default analysis tasks are: + +- Determine AdminSDHolder permissions – Creates the SA_AD_AdminSDHolder_Details table accessible + under the job’s Results node +- Summarize AdminSDHolder permissions – Creates the SA_AD_AdminSDHolder_DomainSummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_AdminSDHolder Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| AdminSDHolder Permissions | This report highlights suspicious (non-default) permissions applied to the AdminSDHolder container across all audited domains, and enumerates all AdminSDHolder permissions. For more information on vulnerabilities involving AdminSDHolder access, see the Microsoft [AdminSDHolder, Protected Groups and SDPROP](https://technet.microsoft.com/en-us/library/2009.09.sdadminholder.aspx) article. | None | This report is comprised of three elements: - Bar Chart – Displays suspicious AdminSDHolder permissions by domain - Table – Provides details on AdminSDHolder permissions - Table – Provides details on top users by suspicious AdminSDHolder permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/ad_containerpermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/ad_containerpermissions.md new file mode 100644 index 0000000000..b39feecaa3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/ad_containerpermissions.md @@ -0,0 +1,28 @@ +# AD_ContainerPermissions Job + +The AD_ContainerPermissions Job is responsible for reporting on all Active Directory permissions +applied to container objects within the targeted domains. + +## Analysis Tasks for the AD_ContainerPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **7.Containers** > +**AD_ContainerPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ContainerPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp) + +The default analysis tasks are: + +- List container object permissions – Creates the SA_AD_ContainerPermissions_Details table + accessible under the job’s Results node +- Summarize container object permissions – Creates the SA_AD_ContainerPermissions_DomainSummary + table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_ContainerPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Container Permissions | This report highlights instances where permissions are applied to Active Directory container objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays container permissions by domain - Pie Chart – Provides details on enterprise container permissions by type - Table – Provides details on container permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/overview.md new file mode 100644 index 0000000000..697ae93141 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/overview.md @@ -0,0 +1,18 @@ +# 7.Containers Job Group + +The 7.Containers Job Group reports on all Active Directory permissions applied to container objects +within the targeted domains. + +![7.Containers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 7.Containers Job Group are: + +- [AD_AdminSDHolder Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/ad_adminsdholder.md) + – Reports on all non-default Active Directory permissions applied to the AdminSDHolder container + within the targeted domains. The AdminSDHolder container can be leveraged by an attacker to create + persistence within the environment. See the Microsoft + [AdminSDHolder, Protected Groups and SDPROP](https://technet.microsoft.com/en-us/library/2009.09.sdadminholder.aspx) + article for additional information. +- [AD_ContainerPermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/ad_containerpermissions.md) + – Reports on all Active Directory permissions applied to container objects within the targeted + domains diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/ad_domainpermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/ad_domainpermissions.md new file mode 100644 index 0000000000..7fecc35ef3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/ad_domainpermissions.md @@ -0,0 +1,28 @@ +# AD_DomainPermissions Job + +The AD_DomainPermissions Job reports on all Active Directory permissions applied to domain objects +within the targeted domains. + +#### Analysis Tasks for the AD_DomainPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > +**AD_DomainPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DomainPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp) + +The default analysis tasks are: + +- List domain object permissions – Creates the SA_AD_DomainPermissions_Details table accessible + under the job’s Results node +- Summarize domain permissions – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_DomainPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain Permissions | This report highlights instances where permissions are applied to Active Directory domain objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays permissions by domain - Pie Chart – Provides details on enterprise domain permissions by type - Table – Provides details on domain permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/ad_domainreplication.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/ad_domainreplication.md new file mode 100644 index 0000000000..54d8eca36e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/ad_domainreplication.md @@ -0,0 +1,28 @@ +# AD_DomainReplication Job + +The AD_DomainReplication Job highlights all Active Directory permissions applied to domain objects +within the targeted domains. + +## Analysis Tasks for the AD_DomainReplication Job + +Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > +**AD_DomainReplication** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DomainReplication Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp) + +The default analysis tasks are: + +- List domain replication permissions – Creates the SA_AD_DomainReplication_Details table accessible + under the job’s Results node +- Summarize replication permission details – Creates an interim processing table in the database for + use by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_DomainReplication Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | ---------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Domain Replication Permissions | This report highlights domain replication permissions applied to domain objects in active directory. | None | This report is comprised of three elements: - Bar Chart – Displays replication permission summary by domain - Table – Provides details on replication permissions - Table – Provides details on top users by replication permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/overview.md new file mode 100644 index 0000000000..86c8baa870 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/overview.md @@ -0,0 +1,15 @@ +# 8.Domains Job Group + +The 8.Domains Job Group reports on all Active Directory permissions applied to domain objects within +the targeted domains. + +![8.Domains Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 8.Domains Job Group are: + +- [AD_DomainPermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/ad_domainpermissions.md) + – Reports on all Active Directory permissions applied to domain objects within the targeted + domains +- [AD_DomainReplication Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/ad_domainreplication.md) + – Highlights all Active Directory permissions applied to domain objects within the targeted + domains diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/ad_groupmembershippermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/ad_groupmembershippermissions.md new file mode 100644 index 0000000000..530a72d572 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/ad_groupmembershippermissions.md @@ -0,0 +1,29 @@ +# AD_GroupMembershipPermissions Job + +The AD_GroupMembershipPermissions Job highlights all Active Directory users that are capable of +modifying group membership within the targeted domains. + +## Analysis Tasks for the AD_GroupMembershipPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **2.Groups** > +**AD_GroupMembershipPermissions** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupMembershipPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp) + +The default analysis tasks are: + +- List group object permissions – Creates the SA_AD_GroupMembershipPermissions_Details table + accessible under the job’s Results node +- Summarize group object permissions – Creates an interim processing table in the database for use + by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_GroupMembershipPermissions +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Membership | This report highlights instances where trustees can change the membership of Active Directory group objects, either by writing the member attribute or via the "Add/Remove self as member" permission. By default, this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays affected groups by domain - Table – Provides details on membership change permissions - Table – Provides details on top users with group membership change permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/ad_grouppermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/ad_grouppermissions.md new file mode 100644 index 0000000000..83d7898f13 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/ad_grouppermissions.md @@ -0,0 +1,28 @@ +# AD_GroupPermissions Job + +The AD_Permissions Job reports on all Active Directory permissions applied to group objects within +the targeted domains. + +## Analysis Tasks for the AD_GroupPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **2.Groups** > **AD_GroupPermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp) + +The default analysis tasks are: + +- List group object permissions – Creates the SA_AD_GroupPermissions_Details table accessible under + the job’s Results node +- Summarize group object permissions – Creates an interim processing table in the database for use + by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_GroupPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Permissions | This report highlights instances where permissions are applied to Active Directory group objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays group permissions by domain - Pie Chart – Displays group permissions by type - Table – Provides details on group permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/overview.md new file mode 100644 index 0000000000..4afc172501 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/overview.md @@ -0,0 +1,14 @@ +# 2.Groups Job Group + +The 2.Groups Job Group reports on all Active Directory permissions applied to group objects within +the targeted domains. + +![2.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 2.Groups Job Group are: + +- [AD_GroupMembershipPermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/ad_groupmembershippermissions.md) + – Highlights all Active Directory users that are capable of modifying group membership within the + targeted domains +- [AD_GroupPermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/ad_grouppermissions.md) + – Reports on all Active Directory permissions applied to group objects within the targeted domains diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/overview.md new file mode 100644 index 0000000000..52724765d5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/overview.md @@ -0,0 +1,88 @@ +# Active Directory Permissions Analyzer Solution + +The Enterprise Auditor Active Directory Permissions Analyzer Solution enables organizations to +easily and automatically determine effective permissions applied to any and all Active Directory +(AD) objects. AD, Security, and Network Administrators can easily browse and compare information +from individual or multiple domains using comprehensive, preconfigured analyses and reports focused +on permissions associated with AD domains, organizational units, groups, users, and computers. These +capabilities enable them to obtain the most authoritative view of who has access to what in AD. + +The Active Directory Permissions Analyzer Solution is located within the **Jobs** > **Active +Directory Permissions Analyzer** Job Group, which identifies permissions applied to computers, +groups, organizational units, and users. + +Supported Platforms + +- Windows Server 2016 and later +- Windows 2003 Forest level or higher + +**NOTE:** See the Microsoft +[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) +article for additional information. + +Requirements, Permissions, and Ports + +See the +[Domain Target Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/activedirectorypermissionsanalyzer.md) +topic for additional information. + +Location + +The Active Directory Permissions Analyzer requires a special Enterprise Auditor license. It can be +installed from the Instant Job Wizard, see the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. When purchased separately, the Permissions Analyzer Solution is +installed into the Jobs tree with the Active Directory instant solution. The license limits the +solution to just the **Jobs** > **Active Directory Permissions Analyzer** Job Group. Once installed +into the Jobs tree, navigate to the solution: **Jobs** > **Active Directory Permissions Analyzer**. +The 0.Collection Job Group collects the data. The other job groups run analysis on the collected +data and generate reports. + +## Job Groups + +The Active Directory Permissions Analyzer Solution is designed to provide visibility into Active +Directory permissions applied on all objects. Key information includes who can reset user passwords, +who can modify group membership, and who can replicate domain information. + +The jobs which comprise the Active Directory Permissions Analyzer Job Group use the ADPermissions +Data Collector and the PowerShell Data Collector to return advanced security permissions and process +analysis tasks and generate reports. The collected data is then available to the Netwrix Access +Information Center for analysis. + +![Active Directory Permissions Analyzer Solution Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overview.webp) + +The job groups and jobs in the Active Directory Permissions Analyzer Solution are: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/overview.md) + – Collects all Active Directory permissions information from the targeted domain +- [1.Users Job Group](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/overview.md) + – Reports on all Active Directory permissions applied to user objects within the targeted domains +- [2.Groups Job Group](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/overview.md) + – Reports on all Active Directory permissions applied to group objects within the targeted domains +- [3.OUs > AD_OUPermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_oupermissions.md) + – Reports on all Active Directory permissions applied to organizational unit objects within the + targeted domains +- [4.Computers Job Group](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/overview.md) + – Reports on all Active Directory permissions applied to computer objects within the targeted + domains +- [5.Open Access > AD_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_openaccess.md) + – Reports on all Active Directory permissions granting open access within the targeted domains. + Open Access can be defined as access granted to security principals such as: Domain Users, + Authenticated Users, and Everyone. +- [6.Broken Inheritance > AD_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_brokeninheritance.md) + – Reports on all locations within Active Directory where inheritance is broken within the targeted + domains +- [7.Containers Job Group](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/overview.md) + – Reports on all Active Directory permissions applied to container objects within the targeted + domains +- [8.Domains Job Group](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/overview.md) + – Reports on all Active Directory permissions applied to domain objects within the targeted + domains. +- [9.Sites Job Group](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/overview.md) + – Reports on all Active Directory permissions applied to domain objects within the targeted + domains +- [AD_ShadowAccess Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md) + – Finds shadow access that leads to compromise of a domain or sensitive data. Attackers can chain + vulnerabilities to escalate privileges from a non-privileged user to administrator with only a few + steps. This job generates the shortest path between every non-privileged user to a domain + administrative group, total domain compromise, or access to sensitive data. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/recommended.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/recommended.md new file mode 100644 index 0000000000..85d0434a42 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/recommended.md @@ -0,0 +1,57 @@ +# Recommended Configurations for AD Permissions Analyzer Solution + +Dependencies + +The following Enterprise Auditor job groups need to be successfully run: + +- .Active Directory Inventory Job Group + +The following jobs need to be run prior to running the +[AD_ShadowAccess Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md): + +- .Active Directory Inventory >1-AD_Scan > ADInventory +- Active Directory > 1.Groups > AD_SensitiveSecurityGroups +- Active Directory Permissions Analyzer > 7.Containers > AD_AdminSDHolder +- Active Directory Permissions Analyzer > 8.Domains > AD_DomainReplication +- Active Directory Permissions Analyzer > 1.Users > AD_ResetPasswordPermissions +- Active Directory Permissions Analyzer > 2.Groups > AD_GroupMembershipPermissions + +The following jobs can be optionally run to enhance reporting in the +[AD_ShadowAccess Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md): + +- Active Directory > 2.Users > AD_WeakPasswords +- FileSystem > 7.Sensitive Data > FS_DLPResults > FS_DLPResults +- Databases > 0.Collection >SQL > 2-SQL_SensitiveDataScan > SQLServer_SDD +- Windows > Privileged Accounts > Local Administrators > SG_Sessions +- Windows > Privileged Accounts > Local Administrators > SG_LocalAdmins + +Targeted Hosts + +The **Active Directory Permissions Analyzer** > **0. Collection** Job Group has been set to run +against the following default host list: + +- One Domain Controller Per Domain + +Connection Profile + +Assign a Connection Profile at the **Active Directory Permissions Analyzer** > **0. Collection** > +**Settings** > **Connection** node with local Administrator privileges on the target host, or Domain +Administrator privileges if the target host is a domain controller. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +This job group can be scheduled to run as desired. + +Workflow + +**Step 1 –** Prerequisite: Successful execution of the .Active Directory Inventory Job Group. + +**Step 2 –** Schedule the Active Directory Permissions Analyzer Job Group to run as desired. + +- Run sub-job groups individually if desired, but run the 0.Collection Job Group first + +**Step 3 –** Review the reports generated by the Active Directory Permissions Analyzer Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/ad_dcshadowpermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/ad_dcshadowpermissions.md new file mode 100644 index 0000000000..d30a101528 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/ad_dcshadowpermissions.md @@ -0,0 +1,28 @@ +# AD_DCShadowPermissions Job + +The AD_DCShadowPermissions Job highlights all Active Directory users that are capable of potentially +performing a DCShadow attack within the targeted domains. + +## Analysis Tasks for the AD_DCShadowPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **9.Sites** > +**AD_DCShadowPermissions** > **Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DCShadowPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp) + +The default analysis tasks are: + +- DCShadow Permissions – Creates the SA_AD_DCShadowPermissions_Details table accessible under the + job’s Results node +- DCShadow Summary – Creates the SA_AD_DCShadowPermission_Summary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_DCShadowPermisssions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| DCShadow Permissions | This report highlights permissions applied to Site objects and Computer objects in Active Directory required to execute the DCShadow attack. By default this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays top users by computer count - Table – Provides details on top users by computer count - Table – Provides details on DCShadow permission details | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/ad_sitepermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/ad_sitepermissions.md new file mode 100644 index 0000000000..f4dd7bd710 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/ad_sitepermissions.md @@ -0,0 +1,28 @@ +# AD_SitePermissions Job + +The AD_SitePermissions Job reports on all Active Directory permissions applied to site objects +within the targeted domains. + +## Analysis Tasks for the AD_SitePermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **9.Sites** > **AD_SitePermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_SitePermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp) + +The default analysis tasks are: + +- Site Permissions – Creates the SA_AD_SitePermissions_Details table accessible under the job’s + Results node +- Summarize Site Permissions – Creates the SA_AD_SitePermissions_DomainSummary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_SitePermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Site Permissions | This report highlights instances where permissions are applied to Active Directory Site objects. | None | This report is comprised of three elements: - Bar Chart – Displays permissions by site - Pie chart – Provides details on enterprise site permissions by type - Table – Provides details on site permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/overview.md new file mode 100644 index 0000000000..6ad1b816ee --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/overview.md @@ -0,0 +1,14 @@ +# 9.Sites Job Group + +The 9.Sites Job Group reports on all Active Directory permissions applied to site objects within the +targeted domains. + +![9.Sites Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 9.Sites Job Group are: + +- [AD_DCShadowPermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/ad_dcshadowpermissions.md) + – Highlights all Active Directory users that are capable of potentially performing a DCShadow + attack within the targeted domains +- [AD_SitePermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/ad_sitepermissions.md) + – Reports on all Active Directory permissions applied to site objects within the targeted domains diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/ad_resetpasswordpermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/ad_resetpasswordpermissions.md new file mode 100644 index 0000000000..cccb1a3a9b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/ad_resetpasswordpermissions.md @@ -0,0 +1,31 @@ +# AD_ResetPasswordPermissions Job + +The AD_ResetPasswordPermissions Job highlights all Active Directory users that are capable of +resetting another user's password within the targeted domains. It uses the data collected by the +0.Collection Job Group to provide information on permissions applied to user objects in Active +Directory. + +## Analysis Tasks for the AD_ResetPasswordPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **1.Users** > +**AD_ResetPasswordPermissions** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ResetPasswordPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp) + +The default analysis tasks are: + +- List user password reset permissions – Creates the SA_AD_ResetPasswordPermissions_Details table + accessible under the job’s Results node +- Summarize password reset permissions – Creates an interim processing table in the database for use + by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_ResetPasswordPermissions +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Reset Password | This report highlights instances where "Reset Password" permissions are applied to Active Directory user objects. This information is summarized at the domain and enterprise levels. By default, this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays affected accounts by domain - Table – Provides details on reset password permissions - Table – Provides details on top users with reset password permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/ad_userpermissions.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/ad_userpermissions.md new file mode 100644 index 0000000000..92ac77d457 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/ad_userpermissions.md @@ -0,0 +1,29 @@ +# AD_UserPermissions Job + +The AD_UserPermissions Job is comprised of analysis tasks and reports which use the data collected +by the 0.Collection Job Group to provide information on permissions applied to user objects in +Active Directory. + +## Analysis Tasks for the AD_UserPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **1.Users** > **AD_UserPermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_UserPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp) + +The default analysis tasks are: + +- List user object permissions – Creates the SA_AD_UserPermissions_Details table accessible under + the job’s Results node +- Summarize user object permissions – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_UserPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User permissions | This report highlights instances where permissions are applied to Active Directory user objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays user permissions by domain - Pie Chart – Provides details on user permission types - Table – Provides details on user permissions | diff --git a/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/overview.md b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/overview.md new file mode 100644 index 0000000000..d8cdaeb72e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/overview.md @@ -0,0 +1,14 @@ +# 1.Users Job Group + +The 1.Users Job Group reports on all Active Directory permissions applied to user objects within the +targeted domains + +![1.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following jobs comprise the 1.Users Job Group: + +- [AD_ResetPasswordPermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/ad_resetpasswordpermissions.md) + – Highlights all Active Directory users that are capable of resetting another user’s password + within the targeted domains +- [AD_UserPermissions Job](/docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/ad_userpermissions.md) + – Reports on all Active Directory permissions applied to user objects within the targeted domains diff --git a/docs/accessanalyzer/11.6/solutions/anyid/anyid_csv.md b/docs/accessanalyzer/11.6/solutions/anyid/anyid_csv.md new file mode 100644 index 0000000000..067df86de3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/anyid/anyid_csv.md @@ -0,0 +1,148 @@ +# AnyID_CSV Job + +The AnyID_CSV job imports a list of identities and attributes from a CSV file. Use this when a +native integration may not be available, or an export is the best option. + +**_RECOMMENDED:_** Copy the CSV file to the Enterprise Auditor Console for the best import +performance. + +![AnyID_CSV Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvjoblocation.webp) + +The AnyID_CSV job is located in the **Jobs** > **AnyID Connectors** job group. + +## Recommended Configurations for the AnyID_CSV Job + +The following are recommended configurations for the AnyID_CSV job: + +Dependencies + +None + +Targeted Host + +Local Host + +Connection Profile + +The AnyID_CSV job does not require a connection profile. + +History Retention + +Default Retention Period. See the +[History](/docs/accessanalyzer/11.6/admin/settings/history.md) topic +for additional information. + +Multi-Console Support + +Not supported + +Schedule Frequency + +Schedule the job as required. + +Query Configuration + +This job contains configurable queries. See the +[Configure the AnyID_CSV Query](#configure-the-anyid_csvquery) topic for additional information. + +Analysis Configuration + +See the [Analysis Tasks for the AnyID_CSV Job](#analysis-tasks-for-the-anyid_csvjob) topic for +additional information. + +Workflow + +**Step 1 –** Prepare a CSV file for import. + +**Step 2 –** Configure the configurable query parameters. + +**Step 3 –** Run the job. + +**Step 4 –** Review the report generated by the job. + +## Queries for the AnyID_CSV Job + +The AnyID_CSV query uses the PowerShell Data Collector. + +![Queries for the AnyID_CSV Job](/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvqueries.webp) + +The query is: + +- CSV Import – Imports identities and attributes from a CSV file. See the + [Configure the AnyID_CSV Query](#configure-the-anyid_csvquery) topic for additional information. + +### Configure the AnyID_CSV Query + +Follow the steps to configure the AnyID_CSV query. + +![ The name of the source repository parameter on the job Overview page](/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvoverviewpage.webp) + +**Step 1 –** Navigate to and select the **AnyID Connectors** > **AnyID_CSV** node. In the +Configuration section of the job's Overview page, click the configure button for the **The name of +the source repository** parameter. In the Configure Window, enter the name of the source repository +where the list of identities and related attributes were retrieved from. + +**Step 2 –** Navigate to the **AnyID Connectors** > **AnyID_CSV** > **Configure** node and select +**Queries**. + +**Step 3 –** In the Query Selection view, select the CSV Import query and click **Query +Properties**. The Query Properties window opens. + +**Step 4 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector +Wizard opens. + +![Edit Query Page](/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvqueryeditquery.webp) + +**Step 5 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of +the page to expand the Parameters window. Configure the following attributes: + +**CAUTION:** The following attributes must be configured in order for the job to execute properly. + +- $inputfile – File path to the CSV file which contains the identity and attribute information +- $RequiredAttributes – The list of attributes that need to be found in the document in order to + trigger a match + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $Attributes – The list of attributes that will be scanned for during sensitive data scanning + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $ID – Column which uniquely identifies each subject +- $SubjectType – Either a reference to a column in the CSV file or a string which indicates the type + of subjects being imported +- $batchSize – (Optional) The number of rows to process in a batch. Leave at default unless + otherwise required. +- $debugMode – (Optional) When set to true, stores unhashed attribute values for troubleshooting + purposes + +**Step 6 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save +changes. Click **Cancel** to exit the wizard without saving changes. + +The query is now ready to run. + +## Analysis Tasks for the AnyID_CSV Job + +Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_CSV** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AnyID_CSV Job](/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvanalyses.webp) + +The default analysis tasks are: + +- Create Subject Profile Type – Creates subject profile type +- Create Subject Profile Stored Procedure – Creates subject profile stored procedure +- Merge into Subject Profile schema – Merges into subject profile schema +- Calculate completion details – Calculates attribute completion for imported subjects + +In addition to the tables created by the analysis tasks, the AnyID_CSV job produces the following +preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | --------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| CSV Imports | This report highlights subjects imported from the provided CSV file, and summarizes attribute completion. | None | This report is comprised of four elements: - Table – Contains information on imported subjects - Bar Chart – Provides information on subject types - Table – Contains information on the attributes summary - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/11.6/solutions/anyid/anyid_epicclarity.md b/docs/accessanalyzer/11.6/solutions/anyid/anyid_epicclarity.md new file mode 100644 index 0000000000..d1f3ec58a7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/anyid/anyid_epicclarity.md @@ -0,0 +1,144 @@ +# AnyID_EpicClarity Job + +The AnyID_EpicClarity job collects patient information from Epic including MRNs, SSNs, Subscriber +IDs, and Account IDs. An account with read access to the underlying Clarity Oracle database is +required in order to run queries. + +![AnyID_EpicClarity Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityjoblocation.webp) + +The AnyID_EpicClarity job is located in the **Jobs** > **AnyID Connectors** job group. + +## Recommended Configurations for the AnyID_EpicClarity Job + +The following are recommended configurations for the AnyID_EpicClarity job: + +Dependencies + +The AnyID_EpicClarity job requires a CSV file with a filepath configured in the job's query to +collect data. See the +[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for +additional information. + +Targeted Host + +Epic Clarity Database Server + +Connection Profile + +Read Access to the underlying Clarity Oracle database. + +History Retention + +Default Retention Period. See the +[History](/docs/accessanalyzer/11.6/admin/settings/history.md) topic +for additional information. + +Multi-Console Support + +Not supported + +Schedule Frequency + +This job should be run based on the desired frequency of Sensitive Data Scans. + +Query Configuration + +This job contains configurable queries. See the Configure the +[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for +additional information. + +Analysis Configuration + +Run the solution with the default analysis configuration for best results. + +Workflow + +**Step 1 –** Configure the configurable query parameters for the job. + +**Step 2 –** Run the job. + +**Step 3 –** Review the report generated by the job. + +## Queries for the AnyID_EpicClarity Job + +The AnyID_EpicClarity job uses the PowerShell Data Collector for queries. + +![Queries for the AnyID_EpicClarity Job](/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityqueries.webp) + +The queries are: + +- Epic Clarity Patients – Imports Epic Clarity subject profile information for patients +- Epic Clarity Accounts – Imports Epic Clarity subject profile information on accounts +- Epic Clarity Coverage – Imports Epic Clarity subject profile information on coverage +- Epic Clarity Identity IDs – Imports Epic Clarity subject profile information on identity IDs + +The above queries have configurable parameters. See the +[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for +additional information. + +### Configure the AnyID_EpicClarity Queries + +Follow the steps to configure the AnyID_EpicClarity queries. + +**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_EpicClarity** > **Configure** node and +select **Queries**. + +**Step 2 –** In the Query Selection view, select a query and click **Query Properties**. The Query +Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector +Wizard opens. + +![Edit Query Page](/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityqueryeditquery.webp) + +**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of +the page to expand the Parameters window. See the +[PowerShell: Edit Query](/docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.md) +topic for additional information. Configure the following attributes as needed: + +- $portNumber – The port number used to access the Oracle Database Server +- $fetchCount – The number of rows to process in a batch. Leave at default unless otherwise + required. +- $Attributes – The list of attributes that will be scanned for during sensitive data scanning. + Default values are MRN, SSN, Name, Date of Birth, Subscriber ID, Identity ID, and Account ID. + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $RequiredAttributes – The list of attributes that need to be found in the document in order to + trigger a match. The default values are SSN, MRN, and IdentityID. + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes + +**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save +changes. Click **Cancel** to exit the wizard without saving changes. + +Repeat these steps for each query in the case that a non default port value is required. Once +completed, the queries are ready to run. + +## Analysis Tasks for the AnyID_EpicClarity Job + +Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_EpicClarity** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AnyID_EpicClarity Job](/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityanalyses.webp) + +The default analysis tasks are: + +- Create Subject Profile Types – Create subject profile types +- Create Subject Profile Imports Procedure – Create subject profile imports procedure +- Merge into Subject Profile schema – Merge into Subject Profile schema +- Calculate completion details – Calculates attribute completion for Epic Clarity patients + +In addition to the tables created by the analysis tasks, the AnyID_EpicClarity job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Epic Clarity Patients | This report highlights Epic Clarity Patients and summarizes attribute completion by patient identity and by attribute. | None | This report is comprised of four elements: - Table – Contains information on Epic Clarity patients - Bar Chart – Provides information on subject types - Table – Contains information on the attributes summary - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/11.6/solutions/anyid/anyid_paycom.md b/docs/accessanalyzer/11.6/solutions/anyid/anyid_paycom.md new file mode 100644 index 0000000000..788b411fac --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/anyid/anyid_paycom.md @@ -0,0 +1,143 @@ +# AnyID_Paycom Job + +The AnyID_Paycom job pulls employee information from Paycom including name, address, date of Birth, +and SSN. Contact the organization's Paycom administrator in order to generate the CSV export +required for this job. The recommended approach is to copy the CSV file to the Enterprise Auditor +Console for best import performance. + +![AnyID_Paycom Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomjoblocation.webp) + +The AnyID_Paycom job is located in the **Jobs** > **AnyID Connectors** job group. + +## Recommended Configurations for the AnyID_Paycom Job + +The following are recommended configurations for the AnyID_Paycom job: + +Dependencies + +None + +Targeted Host + +Local Host + +Connection Profile + +The AnyID_Paycom job does not require a connection profile. + +History Retention + +Default Retention Period. See the +[History](/docs/accessanalyzer/11.6/admin/settings/history.md) topic +for additional information. + +Multi-Console Support + +Not supported + +Schedule Frequency + +This job should be run based on the desired frequency of Sensitive Data Scans. + +Query Configuration + +This job contains configurable queries. See the +[Configure the AnyID_Paycom Job](#configure-the-anyid_paycom-job) topic for additional information. + +Analysis Configuration + +Run the job with the default analysis configuration settings for best results. + +Workflow + +**Step 1 –** Prepare a CSV file from Paycom for import. + +**Step 2 –** Configure the configurable query parameters. + +**Step 3 –** Run the job. + +**Step 4 –** Review the report generated by the job. + +## Queries for the AnyID_Paycom Job + +The AnyID_Paycom job uses the PowerShell Data Collector for the query. + +![Queries for the AnyID_Paycom Job](/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomqueries.webp) + +The queries are: + +- Paycom CSV Import – Imports a CSV file with information from Paycom. This query has configurable + parameters. See the [Configure the AnyID_Paycom Job](#configure-the-anyid_paycom-job) topic for + additional information. + +### Configure the AnyID_Paycom Job + +Follow the steps to configure the AnyID_Paycom query. + +**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_Paycom** > **Configure** node and select +**Queries**. + +**Step 2 –** In the Query Selection view, select the Paycom CSV Import query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector +Wizard opens. + +![Edit Query Page](/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomqueryeditquery.webp) + +**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of +the page to expand the Parameters window. See the +[PowerShell: Edit Query](/docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.md) +topic for additional information. Configure the following attributes as needed: + +- $SAHOSTNAME – Created during execution. This parameter cannot be modified. +- $JobCredential – Created during execution. This parameter cannot be modified. +- $JobCredentials – Created during execution. This parameter cannot be modified. +- $inputfile – File path to the CSV file which contains the identity and attribute information +- $Attributes – The list of attributes that will be scanned for during sensitive data scanning + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $RequiredAttributes – The list of attributes that need to be found in the document in order to + trigger a match + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $ID – Column which uniquely identifies each subject +- $SubjectType – Either a reference to a column in the csv file or a string which indicates the type + of subjects being imported +- $SubjectName – Either a reference to a column in the csv file or a string which indicates the name + of the subjects being imported +- $batchSize – The number of rows to process in a batch. Leave at default unless otherwise required. +- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes + +**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save +changes. Click **Cancel** to exit the wizard without saving changes. + +The query is now ready to run. + +## Analysis Tasks for the AnyID_Paycom Job + +Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_Paycom** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AnyID_Paycom Job](/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomanalyses.webp) + +The default analysis tasks are: + +- Create Subject Profile Types – Creates subject profile types +- Create Subject Profile Stored Procedure – Creates subject profile stored procedure +- Merge into Subject Profile schema – Merges into subject profile schema +- Calculate completion details – Calculates attribute completion for imported subjects + +In addition to the tables created by the analysis tasks, the AnyID_Paycom job produces the following +preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ---------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Paycom Imports | This report highlights subjects imported from the provided Paycom CSV file, and summarizes attribute completion. | None | This report is comprised of four elements: - Table – Contains information on imported subjects - Bar Chart – Provides information on subject types - Table – Contains information on the attribute summary - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/11.6/solutions/anyid/anyid_salesforce.md b/docs/accessanalyzer/11.6/solutions/anyid/anyid_salesforce.md new file mode 100644 index 0000000000..d86d45f8d9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/anyid/anyid_salesforce.md @@ -0,0 +1,149 @@ +# AnyID_Salesforce Job + +The AnyID_Salesforce job collects Salesforce contact details including phone, address, email, and +date of birth. This job requires API access to Salesforce in order to collect this information. The +list of collected attributes can be adjusted as necessary. + +![AnyID_Salesforce Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforcejoblocation.webp) + +The AnyID_Salesforce job is located in the **Jobs** > **AnyID Connectors** job group. + +## Prerequisites + +The following credentials are required to run the AnyID_Salesforce job: + +- (TASK - Local) – Stores the Consumer Key and Consumer Secret +- (TASK - Local) – Stores the Salesforce Account Username and password +- (TASK - Local) – Stores the URL for Salesforce site and Security Token for Salesforce site (for + example, `https://company.my.salesforce.com`) + +## Permissions + +- API access to Salesforce + +## Recommended Configurations for the AnyID_Salesforce Job + +The following are recommended configurations for the AnyID_Salesforce job: + +Targeted Host + +Local Host + +Connection Profile + +Ensure that a connection profile is configured with the required credentials. See the +[Prerequisites](#prerequisites) topic for additional information. + +History Retention + +Default Retention Period. See the +[History](/docs/accessanalyzer/11.6/admin/settings/history.md) topic +for additional information. + +Multi-Console Support + +Not supported + +Schedule Frequency + +Schedule the job as required. + +Query Configuration + +This job contains configurable queries. See the +[Configure the AnyID_Salesforce Query](#configure-the-anyid_salesforce-query) topic for additional +information. + +Analysis Configuration + +Run the solution with the default analysis configuration for best results. + +Workflow + +**Step 1 –** Set up a connection profile with the required credentials. + +**Step 2 –** Configure the configurable query parameters for the job. + +**Step 3 –** Run the job. + +**Step 4 –** Review the report generated by the job. + +## Queries for the AnyID_Salesforce Job + +The AnyID_Salesforce job uses the PowerShell Data Collector for the query. + +![Query for the AnyID_Salesforce Job](/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforcequeries.webp) + +The query is: + +- PS Salesforce Import – Imports Salesforce information for analysis. This query has configurable + parameters. See the [Configure the AnyID_Salesforce Query](#configure-the-anyid_salesforce-query) + topic for additional information. + +### Configure the AnyID_Salesforce Query + +Follow the steps to configure the AnyID_Salesforce query. + +**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_Salesforce** > **Configure** node and +select **Queries**. + +**Step 2 –** In the Query Selection view, select the PS Salesforce Import query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector +Wizard opens. + +![Edit Query Page](/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforcequeryeditquery.webp) + +**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of +the page to expand the Parameters window. See the +[PowerShell: Edit Query](/docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.md) +topic for additional information. Configure the following attributes as needed: + +- $SAHOSTNAME – Created during execution. This parameter cannot be modified. +- $JobCredential – Created during execution. This parameter cannot be modified. +- $JobCredentials – Created during execution. This parameter cannot be modified. +- $Attributes – The list of attributes that will be scanned for during sensitive data scanning + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $RequiredAttributes – The list of attributes that need to be found in the document in order to + trigger a match + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $ID – Column which uniquely identifies each subject +- $SubjectType – A string which indicates the type of subjects being imported +- $SubjectName – A string which indicates the name of the subjects being imported +- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes + +**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save +changes. Click **Cancel** to exit the wizard without saving changes. + +The query is now ready to run. + +## Analysis Tasks for the AnyID_Salesforce Job + +Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_Salesforce** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AnyID_Salesforce Job](/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforceanalyses.webp) + +The default analysis tasks are: + +- Create Subject Profile Types – Creates subject profile types +- Create Subject Profile Imports Procedure – Creates subject profile imports procedure +- Merge into Subject Profile schema – Merges into subject profile schema +- Calculate completion details – Calculates attribute completion for Salesforce contacts + +In addition to the tables created by the analysis tasks, the AnyID_Salesforce job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ----------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Salesforce Contacts | This report highlights Salesforce Contacts and summarizes attribute completion by contact and by attribute. | None | This report is comprised of four elements: - Table – Contains information on Salesforce contacts - Bar Chart – Provides information on contact types - Table – Contains information on the attributes completion - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/11.6/solutions/anyid/overview.md b/docs/accessanalyzer/11.6/solutions/anyid/overview.md new file mode 100644 index 0000000000..7dad06e45d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/anyid/overview.md @@ -0,0 +1,70 @@ +# AnyID Connectors Solution + +The AnyID Connectors Solution allows you to quickly find where data for identities are stored, +reducing the response time to Data Subject Access Requests (DSARs). Integration with third party +repositories allows you to perform exact data matching for profiles such as employees, customers, +students, or patients across any data repository. + +Data Privacy Engine works in conjunction with Enterprise Auditor Sensitive Data Discovery scans to +create an efficient, secure IdentityIndex™ that privacy, security, and legal professionals can +leverage to quickly and easily map the location of subject information. Through a series of +preconfigured Identity Connectors,you can easily extract identity-related attributes about customers +and other potential subjects from verified systems of record like Salesforce, Epic, Peoplesoft, and +Paycom, as well as homegrown or alternative platforms. + +Through the creation of a Subject Profile for each individual, Enterprise Auditor’s broad-reaching +Sensitive Data Discovery engine accurately identifies the specific location of a subject’s data +across virtually any cloud or on-premises data repository. With this context in tow, organizations +can now easily perform Data Subject Access Requests (DSARs), zero-in on where the implementation of +Privacy by Design principles are needed most urgently, and know for certain when breach attempts and +activities involve consumer, patient, resident, and other subject data. + +## Supported Platforms + +- CSV +- EpicClarity +- Paycom +- Salesforce + +## Location + +The AnyID Connectors Solution requires a special Enterprise Auditor license. It can be installed +from the Instant Job Wizard. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. + +![AnyID Connectors Solution in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +Once installed into the Jobs tree, navigate to the solution: **Jobs** > **AnyID Connectors**. + +## Jobs + +The AnyID Connectors Solution provides a series of preconfigured jobs which allow end-users to +integrate with third-party systems of record such as Paycom or Salesforce, to extract a list of +potential data subjects along with relevant bits of PII such as Social Security Number, Address, or +Phone Number. + +The jobs within this group create and add to the secure IdentityIndex™ containing identity-related +attributes about potential subjects which are then used by Enterprise Auditor’s Sensitive Data +Discovery engine to perform exact data matching against virtually any cloud or on-premises data +repository. + +![AnyID Connectors Solution Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The jobs in the AnyID Connectors Solution are: + +- [AnyID_CSV Job](/docs/accessanalyzer/11.6/solutions/anyid/anyid_csv.md) + – Imports a list of identities and attributes from a CSV file. Use this when a native integration + may not be available, or an export is the best option. +- [AnyID_EpicClarity Job](/docs/accessanalyzer/11.6/solutions/anyid/anyid_epicclarity.md) + – Collects patient information from Epic including MRNs, SSNs, Subscriber IDs, and Account IDs. An + account with read access to the underlying Clarity Oracle database is required in order to run + queries. +- [AnyID_Paycom Job](/docs/accessanalyzer/11.6/solutions/anyid/anyid_paycom.md) + – Pulls employee information from Paycom including Name, Address, Date of Birth, and SSN. Contact + your Paycom administrator in order to generate the CSV export required for this job. +- [AnyID_Salesforce Job](/docs/accessanalyzer/11.6/solutions/anyid/anyid_salesforce.md) + – Collects Salesforce Contact details including Phone, Address, Email, and Date of birth. This job + requires API access to Salesforce in order to collect this information. + +**NOTE:** See the individual job topics for information on recommended configurations. diff --git a/docs/accessanalyzer/11.6/solutions/aws/collection/1.aws_orgscan.md b/docs/accessanalyzer/11.6/solutions/aws/collection/1.aws_orgscan.md new file mode 100644 index 0000000000..224e12a213 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/collection/1.aws_orgscan.md @@ -0,0 +1,44 @@ +# 1.AWS_OrgScan Job + +The 1.AWS_OrgScan job collects details about the AWS Organization including password policies and +accounts within the organization. + +## Queries for the 1.AWS_OrgScan Job + +The Org Scan query uses the AWS Data Collector to target all AWS instances and has been +preconfigured to use the Collect Org Data category. + +![Queries for the 1.AWS_OrgScan Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/orgscanqueries.webp) + +The 1.AWS_OrgScan job has the following configurable query: + +- Org Scan – Collects AWS Organization level information + +### Configure the Org Scan Query + +The Org Scan query in the 1.AWS_OrgScan job has been preconfigured to run with the default settings +with the category of Collect Org Data. Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **AWS** > **0.Collection** > **1.AWS_OrgScan** > **Configure** node and +select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data +Collector Wizard opens. + +![AWS Data Collector Login Roles wizard page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.webp) + +**Step 4 –** On the Login Roles page, add the created AWS Roles: + +- Enter the Role in the Role Name field and click **Add** +- Alternatively, import multiple Roles from a CSV file +- See the + [Configure AWS for Scans](/docs/accessanalyzer/11.6/requirements/target/config/aws.md) + topic for additional information + +**Step 5 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if +no changes were made. Then click **OK** to close the Query Properties window. + +If changes were saved, the 1.AWS_OrgScans Job has now been customized. diff --git a/docs/accessanalyzer/11.6/solutions/aws/collection/2.aws_s3scan.md b/docs/accessanalyzer/11.6/solutions/aws/collection/2.aws_s3scan.md new file mode 100644 index 0000000000..b15661ea0a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/collection/2.aws_s3scan.md @@ -0,0 +1,69 @@ +# 2.AWS_S3Scan Job + +The 2.AWS_S3Scan job collects details about the AWS S3 buckets including details about the objects +in those buckets. + +## Queries for the 2.AWS_S3Scan Job + +The S3 Scan query uses the AWS Data Collector to target all AWS instances and has been preconfigured +to use the Collect S3 category. + +![Query Selection page](/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3scanqueries.webp) + +The 2.AWS_S3Scan job has the following configurable query: + +- S3 Scan – Collects information about the AWS S3 buckets and objects + +### Configure the S3 Scan Query + +The S3 Scan query in the 2.AWS_S3 Scan job has been preconfigured to run with the default settings +with the category of Collect S3. Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **AWS** > **0.Collection** > **2.AWS_S3Scan** > **Configure** node and +select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data +Collector Wizard opens. + +![AWS Data Collector Login Roles wizard page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.webp) + +**Step 4 –** On the Login Roles page, add the created AWS Roles: + +- Enter the Role in the Role Name field and click **Add** +- Alternatively, import multiple Roles from a CSV file +- See the + [Configure AWS for Scans](/docs/accessanalyzer/11.6/requirements/target/config/aws.md) + topic for additional information + +![AWS Data Collector Filter S3 Objects wizard page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.webp) + +**Step 5 –** On the Filter S3 Objects page, scope the scan to target specific S3 objects: + +- Click **Add** to select from AWS Buckets in the target environment +- Alternatively, click **Add Custom Filter** to configure a custom filter as a text string +- See the + [AWS: Filter S3 Objects](/docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.md) + topic for additional information + +**Step 6 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if +no changes were made. Then click **OK** to close the Query Properties window. + +If changes were saved, the 2.AWS_S3Scan Job has now been customized. + +## Analysis Tasks for the 2.AWS_S3Scan Job + +Navigate to the **AWS** > **0.Collection** > **2.AWS_S3Scan** > **Configure** node and select +**Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the 2.AWS_S3Scan Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3scananaylsistasks.webp) + +The following analysis task is selected by default: + +- AIC AWS S3 Bucket Permissions Import – Imports AWS S3 Bucket permissions into the Access + Information Center diff --git a/docs/accessanalyzer/11.6/solutions/aws/collection/3.aws_iamscan.md b/docs/accessanalyzer/11.6/solutions/aws/collection/3.aws_iamscan.md new file mode 100644 index 0000000000..d5e9604908 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/collection/3.aws_iamscan.md @@ -0,0 +1,58 @@ +# 3.AWS_IAMScan Job + +The 3.AWS_IAMScan job collects details about users, groups, policies, roles, and other IAM related +identities. + +## Queries for the 3.AWS_IAMScan Job + +The IAM Scan query uses the AWS Data Collector to target all AWS instances and has been +preconfigured to use the Collect IAM Data category. + +![Queries for the 3.AWS_IAMScan Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/iamscanqueries.webp) + +The 3.AWS_IAMScan job has the following configurable query: + +- IAM Scan – Scans AWS S3 for information on IAM related identities + +### Configure the IAM Scan Query + +The IAM Scan query in the 3.AWS_IAMScan job has been preconfigured to run with the default settings +with the category of Collect IAM Data. Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **AWS** > **0.Collection** > **3.AWS_IAMScan** > **Configure** node and +select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data +Collector Wizard opens. + +![AWS Data Collector Login Roles wizard page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.webp) + +**Step 4 –** On the Login Roles page, add the created AWS Roles: + +- Enter the Role in the Role Name field and click **Add** +- Alternatively, import multiple Roles from a CSV file +- See the + [Configure AWS for Scans](/docs/accessanalyzer/11.6/requirements/target/config/aws.md) + topic for additional information + +**Step 5 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if +no changes were made. Then click **OK** to close the Query Properties window. + +If changes were saved, the 3.AWS_IAMScan job has now been customized. + +## Analysis Tasks for the 3.AWS_IAM Scan Job + +View the analysis tasks by navigating to the **AWS** > **0.Collection** > **3.AWS_IAMScan** > +**Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the 3.AWS_IAM Scan Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/iamscananalysistasks.webp) + +The following analysis task is selected by default: + +- AWS Views – Creates the AWS Views table diff --git a/docs/accessanalyzer/11.6/solutions/aws/collection/4.aws_s3sddscan.md b/docs/accessanalyzer/11.6/solutions/aws/collection/4.aws_s3sddscan.md new file mode 100644 index 0000000000..2296410794 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/collection/4.aws_s3sddscan.md @@ -0,0 +1,94 @@ +# 4.AWS_S3SDDScan Job + +The 4.AWS_S3SDDScan job collects details about S3 objects containing sensitive data. + +## Queries for the 4.AWS_S3SDDScan Job + +The AWS S3 Sensitive Data Scan query uses the AWS Data Collector to target all AWS instances and has +been preconfigured to use the Collect SDD Data category. + +![Queries for the 4.AWS_S3SDDScan Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3sddscanqueries.webp) + +The 4.AWS_S3SDDScan job has the following configurable query: + +- AWS S3 Sensitive Data Scan – Scans AWS objects for sensitive data + +### Configure the AWS S3 Sensitive Data Scan Query + +The AWS S3 Sensitive Data Scan query in the 4.AWS_S3SDDScan job has been preconfigured to run with +the default settings with the category of Collect SDD Data. Follow the steps to set any desired +customizations. + +**Step 1 –** Navigate to the **AWS** > **0.Collection** > **4.AWS_S3SDD Scan** > **Configure** node +and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data +Collector Wizard opens. + +![AWS Data Collector Filter S3 Objects wizard page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.webp) + +**Step 4 –** On the Filter S3 Objects page, scope the scan to target specific S3 objects: + +- Click **Add** to select from AWS Buckets in the target environment +- Alternatively, click **Add Custom Filter** to configure a custom filter as a text string +- See the + [AWS: Filter S3 Objects](/docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.md) + topic for additional information + +![AWS Data Collector Sensitive Data Settings wizard page](/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3sddsensitivedata.webp) + +**Step 5 –** On the Sensitive Data Settings page, configure the following options: + +- Modify maximum file size to be scanned +- Add scanning offline files +- Modify file types to be scanned +- Enable differential scanning +- Modify the number of SDD scan processes + + **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host + should be 1 to 2 times the number of CPU threads available. + +- Enable Optical Character Recognition (OCR) scans + + **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents + directly converted to images, with standard fonts. It will not work for scanning photos of + documents and may not be able to recognize text on images of credit cards, driver's licenses, or + other identity cards. + +![AWS Data Collector Select DLP criteria for this scan wizard page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +**Step 6 –** On the Criteria page, add or remove criteria as desired: + +- (Optional) Create custom criteria on the global **Settings** > **Sensitive Data** Node +- See + the[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information and instructions + +**NOTE:** By default, discovered sensitive data strings are stored in the Enterprise Auditor +database. + +**Step 7 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if +no changes were made. Then click **OK** to close the Query Properties window. + +If changes were saved, the 4.AWS_S3SDDScan Job has now been customized. + +## Analysis Tasks for the 4.AWS_S3SDD Scan Job + +View the analysis tasks by navigating to the **AWS** > **0.Collection** > **4.AWS_S3SDDScan** > +**Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 4.AWS_S3SDD Scan Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3sddscananaylsistasks.webp) + +The following analysis tasks are selected by default: + +- AWS Sensitive Data Latest Match Counts View – Creates a view with the most recent scans of each + AWS file +- Match Hits View – Shows the AWS SDD match hits +- AIC AWS S3 Bucket SDD Import – Imports AWS S3 Bucket objects with sensitive data into the Access + Information Center diff --git a/docs/accessanalyzer/11.6/solutions/aws/collection/overview.md b/docs/accessanalyzer/11.6/solutions/aws/collection/overview.md new file mode 100644 index 0000000000..7bb5bddd8e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/collection/overview.md @@ -0,0 +1,18 @@ +# 0.Collection Job Group + +The 0.Collection job group scans and collects details on IAM and S3 buckets within an +AWS organization. + +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 0.Collection Job Group is comprised of: + +- [1.AWS_OrgScan Job](/docs/accessanalyzer/11.6/solutions/aws/collection/1.aws_orgscan.md) + – Collects details about the AWS Organization including password policies and accounts within the + organization +- [2.AWS_S3Scan Job](/docs/accessanalyzer/11.6/solutions/aws/collection/2.aws_s3scan.md) + – Collects details about the AWS S3 buckets including details about the objects in those buckets +- [3.AWS_IAMScan Job](/docs/accessanalyzer/11.6/solutions/aws/collection/3.aws_iamscan.md) + – Collects details about users, groups, policies, roles and other IAM related identities +- [4.AWS_S3SDDScan Job](/docs/accessanalyzer/11.6/solutions/aws/collection/4.aws_s3sddscan.md) + – Collects details about S3 objects containing sensitive data diff --git a/docs/accessanalyzer/11.6/solutions/aws/groups/aws_groupmembers.md b/docs/accessanalyzer/11.6/solutions/aws/groups/aws_groupmembers.md new file mode 100644 index 0000000000..de0020c9a3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/groups/aws_groupmembers.md @@ -0,0 +1,30 @@ +# AWS_GroupMembers Job + +The AWS_GroupMembers job group provides details on AWS IAM group membership, orphaned groups (those +with no policy assigned to them), sensitive security group membership, and stale groups. + +## Analysis Tasks for the AWS_GroupMembers Job + +Navigate to the **AWS** > **3.Groups** > **AWS_GroupMembers** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_GroupMembers Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/groups/groupmembersanalysis.webp) + +The following analysis tasks are selected by default: + +- Group Membership – Identifies groups and their members. Creates the AWS_GroupMember_Details table + accessible under the job’s Results node. +- Group Member Summary – Summarizes group member counts and number of policies applied to the + groups. Creates the AWS_GroupMember_Summary table accessible under the job’s Results node. + +## Report for the AWS_GroupMembers Job + +In addition to the tables and views created by the analysis task, the AWS_GroupMembers job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ------------- | ------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Members | This report identifies group members and summarizes policies applied to those groups. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays a summary of group members - Stacked Bar Chart – Displays a summary of group policies - Table – Provides details on groups | diff --git a/docs/accessanalyzer/11.6/solutions/aws/groups/aws_nopolicygroups.md b/docs/accessanalyzer/11.6/solutions/aws/groups/aws_nopolicygroups.md new file mode 100644 index 0000000000..f5a17d55f9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/groups/aws_nopolicygroups.md @@ -0,0 +1,29 @@ +# AWS_NoPolicyGroups Job + +The AWS_NoPolicyGroups job provides details on groups that have no policies assigned to them. + +## Analysis Tasks for the AWS_NoPolicyGroups Job + +Navigate to the **AWS** > **3.Groups** > **AWS_NoPolicyGroups** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_NoPolicyGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/groups/nopolicygroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- No Policy Groups – Identifies groups that have no policies applied. Creates the + AWS_NoPolicyGroup_Details table accessible under the job’s Results node. +- No Policy Groups Summary – Summarizes no policy groups across AWS Organizations. Creates the + AWS_NoPolicyGroup_Summary table accessible under the job’s Results node. + +## Report for the AWS_NoPolicyGroups Job + +In addition to the tables and views created by the analysis task, the AWS_NoPolicyGroups job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------------------- | ----------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Groups With No Policies | This report identifies groups that do not have a policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by no policy group counts - Table – Shows no policy groups by accounts - Table – Provides details on no policy groups | diff --git a/docs/accessanalyzer/11.6/solutions/aws/groups/aws_stalegroups.md b/docs/accessanalyzer/11.6/solutions/aws/groups/aws_stalegroups.md new file mode 100644 index 0000000000..6e81d49f93 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/groups/aws_stalegroups.md @@ -0,0 +1,64 @@ +# AWS_StaleGroups Job + +The AWS_StaleGroups job highlights groups that have members that are considered stale. The +definition for staleness is set by default to 60 days. This can be configured. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The AWS_StaleGroups job has the following configurable parameter: + +- Days without login to consider an account stale + +See the +[Customizable Analysis Tasks for the AWS_StaleGroups Job](#customizable-analysis-tasks-for-the-aws_stalegroups-job) +topic for additional information. + +## Analysis Tasks for the AWS_StaleGroups Job + +Navigate to the **AWS** > **3.Groups** > **AWS_StaleGroups** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for +this job. Only modify the analysis tasks listed in the customizable analysis tasks section. + +![Analysis Tasks for the AWS_StaleGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- Stale Group Details – Highlights the staleness of users in AWS groups. Creates the + AWS_StaleGroup_Details table accessible under the job’s Results node. + + - The number of days without login to consider an account stale can be customized. By default it + is set to 60. See the + [Customizable Analysis Tasks for the AWS_StaleGroups Job](#customizable-analysis-tasks-for-the-aws_stalegroups-job) + topic for additional information. + +- Stale Group Summary – Summarizes statistics for stale groups. Creates the AWS_StaleGroup_Summary + table accessible under the job’s Results node. +- Stale Groups AWS Summary – Summarizes stale groups by percentile for all of AWS + +### Customizable Analysis Tasks for the AWS_StaleGroups Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------- | --------------------------- | ------------- | ----------------------------------------------- | +| Stale Group Details | @StaleThreshold | 60 | Days without login to consider an account stale | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on how to modify parameters. + +## Report for the AWS_StaleGroups Job + +In addition to the tables and views created by the analysis task, the AWS_StaleGroups job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ------------ | --------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Groups | This report determines the staleness of group membership. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays group membership - Table – Shows group membership - Table – Provides details on group membership | diff --git a/docs/accessanalyzer/11.6/solutions/aws/groups/overview.md b/docs/accessanalyzer/11.6/solutions/aws/groups/overview.md new file mode 100644 index 0000000000..6f48b82e54 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/groups/overview.md @@ -0,0 +1,15 @@ +# 3.Groups Job Group + +The 3.Groups job group provides details on AWS IAM group membership, orphaned groups (those with no +policy assigned to them), sensitive security group membership, and stale groups. + +![3.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 3.Groups job group is comprised of: + +- [AWS_GroupMembers Job](/docs/accessanalyzer/11.6/solutions/aws/groups/aws_groupmembers.md) + – Provides details about group members and the policies assigned to those groups +- [AWS_NoPolicyGroups Job](/docs/accessanalyzer/11.6/solutions/aws/groups/aws_nopolicygroups.md) + – Provides details on groups that have no policies assigned to them +- [AWS_StaleGroups Job](/docs/accessanalyzer/11.6/solutions/aws/groups/aws_stalegroups.md) + – Highlights groups that have members that are considered stale diff --git a/docs/accessanalyzer/11.6/solutions/aws/organizations/aws_accounts.md b/docs/accessanalyzer/11.6/solutions/aws/organizations/aws_accounts.md new file mode 100644 index 0000000000..2289375112 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/organizations/aws_accounts.md @@ -0,0 +1,32 @@ +# AWS_Accounts Job + +The AWS_Accounts job provides detailed information about the accounts that exist in each AWS +Organization. This job also determines the AWS Master Account for each Organization. The AWS Master +Account can be set manually by adding a line for each Organization in the temporary table +#IdentitySourceAccount in the analysis task parameters for this job. + +## Analysis Tasks for the AWS_Accounts Job + +Navigate to the **AWS** > **1.Organizations** > **AWS_Accounts** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_Accounts Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/organizations/accountsanalysis.webp) + +The following analysis tasks are selected by default: + +- AWS Account Details – Provides details for the AWS IAM accounts in the organization. Creates the + AWS_Account_Details table accessible under the job’s Results node. +- AWS Account Summary – Summarizes AWS Accounts by organization. Creates the AWS_Account_Summary + table accessible under the job’s Results node. + +## Report for the AWS_Accounts Job + +In addition to the tables and views created by the analysis task, the AWS_Accounts job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| -------- | ------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Accounts | This report provides details on the IAM Accounts in the AWS Organization. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by org - Table – Shows accounts by Org - Table – Provides details on accounts | diff --git a/docs/accessanalyzer/11.6/solutions/aws/organizations/aws_memberaccountusers.md b/docs/accessanalyzer/11.6/solutions/aws/organizations/aws_memberaccountusers.md new file mode 100644 index 0000000000..45af7918f1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/organizations/aws_memberaccountusers.md @@ -0,0 +1,30 @@ +# AWS_MemberAccountUsers Job + +The AWS_MemberAccountUsers job highlights users that are not located in the primary AWS Identity +Source, which is generally the Master AWS Account for the Organization. + +## Analysis Tasks for the AWS_MemberAccountUsers Job + +Navigate to the **AWS** > **1.Organizations** > **AWS_MemberAccountUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_MemberAccountUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/organizations/memberaccountusersanalysis.webp) + +The following analysis tasks are selected by default: + +- Member Account User Details – Provides details on users that exist outside the master AWS account. + Creates the AWS_MemberAccountUsers_Details table accessible under the job’s Results node. +- Member Account Users Summary – Summarizes AWS member account users by organization. Creates the + AWS_MemberAccountUsers_Summary table accessible under the job’s Results node. + +## Report for the AWS_MemberAccoutUsers Job + +In addition to the tables and views created by the analysis task, the AWS_MemberAccountUsers job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| -------------------- | -------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Member Account Users | This report highlights user accounts that are not contained in the AWS Master Account. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top member account users by org - Table – Shows member account users by Org - Table – Provides details on member account users | diff --git a/docs/accessanalyzer/11.6/solutions/aws/organizations/overview.md b/docs/accessanalyzer/11.6/solutions/aws/organizations/overview.md new file mode 100644 index 0000000000..7420eb2935 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/organizations/overview.md @@ -0,0 +1,17 @@ +# 1.Organizations Job Group + +The 1.Organizations job group analyzes and reports on the AWS Organization including password +policies and accounts within the organization. + +![1.Organizations Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 1.Organizations job jroup is comprised of: + +- [AWS_Accounts Job](/docs/accessanalyzer/11.6/solutions/aws/organizations/aws_accounts.md) + – Provides detailed information about the accounts that exist in each AWS Organization. This job + also determines the AWS Master Account for each Organization. The AWS Master Account can be set + manually by adding a line for each Organization in the temporary table #IdentitySourceAccount in + the analysis task parameters for this job. +- [AWS_MemberAccountUsers Job](/docs/accessanalyzer/11.6/solutions/aws/organizations/aws_memberaccountusers.md) + – Highlights users that are not located in the primary AWS Identity Source, which is generally the + Master AWS Account for the Organization diff --git a/docs/accessanalyzer/11.6/solutions/aws/overview.md b/docs/accessanalyzer/11.6/solutions/aws/overview.md new file mode 100644 index 0000000000..318396c259 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/overview.md @@ -0,0 +1,88 @@ +# AWS Solution + +Enterprise Auditor for AWS allows organizations to secure their data residing in Amazon Web Services +(AWS) S3 platform, reducing their risk exposure through proactive, automated auditing and reporting +of S3 permissions, sensitive data, and ultimately a consolidated view of user access rights across +dozens of structured and unstructured data resources both on-premises and in the cloud. + +The AWS Solution is designed to provide information about data access such as: + +- Who has access to your data +- Who is accessing your data +- What sensitive data is being stored and accessed + +The AWS Solution provides the ability to audit AWS IAM and S3. Enterprise Auditor uses the AWS +solution to collect IAM users, groups, roles, and policies, as well as S3 permissions, content, and +sensitive data from target AWS accounts. The solution requires a special Enterprise Auditor license. +It can be focused to only conduct auditing of AWS IAM. Additionally, the Sensitive Data Discovery +Add-On enables the solution to search AWS S3 content for sensitive data. + +Supported Platforms + +- Amazon AWS IAM +- Amazon AWS S3 + +Requirements, Permissions, and Ports + +See the +[Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/aws.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Location + +The AWS Solution requires a special Enterprise Auditor license. It can be installed from the +Enterprise Auditor Instant Job Wizard. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for information on installing instant solutions from the Enterprise Auditor Library. + +Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > **AWS**. + +## Job Groups + +The AWS solution is a comprehensive set of pre-configured audit jobs and reports that provide +visibility into IAM users, groups, roles, and policies, as well as S3 permissions, content, and +sensitive data from target AWS accounts. + +![AWS Solution Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The AWS Solution is comprised of the following job groups: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/aws/collection/overview.md) + – The 0.Collection Job Group scans and collects details on IAM and S3 buckets within an AWS + organization +- [1.Organizations Job Group](/docs/accessanalyzer/11.6/solutions/aws/organizations/overview.md) + – The 1.Organizations Job Group provides details on AWS accounts and users +- [2.Users Job Group](/docs/accessanalyzer/11.6/solutions/aws/users/overview.md) + – The 2.Users Job Group provides details on AWS IAM user MFA status, access key usage, and + staleness +- [3.Groups Job Group](/docs/accessanalyzer/11.6/solutions/aws/groups/overview.md) + – The 3.Groups Job Group provides details on AWS IAM group membership, orphaned groups (those with + no policy assigned to them), sensitive security group membership, and stale groups +- [4.Roles Job Group](/docs/accessanalyzer/11.6/solutions/aws/roles/overview.md) + – The 4.Roles Job Group provides details on roles in the AWS IAM environment +- [5.Policies Job Group](/docs/accessanalyzer/11.6/solutions/aws/policies/overview.md) + – The 5.Policies Job Group provides details on AWS IAM policies including the various types of + policies, the permissions they grant, and where they are applied in the AWS organization +- [6.S3 Permissions Job Group](/docs/accessanalyzer/11.6/solutions/aws/s3permissions/overview.md) + – The 6.S3 Permissions Job Group provides details on permissions assigned to AWS S3 buckets, + highlighting specific threats like broken inheritance and open buckets +- [7.S3 Content Job Group](/docs/accessanalyzer/11.6/solutions/aws/s3content/overview.md) + – The 7.S3 Content Job Group provide details on AWS S3 buckets and objects contained in those + buckets +- [8.S3 Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/overview.md) + – The 8.S3 Sensitive Data Job Group provides details on AWS S3 buckets and objects containing + sensitive data diff --git a/docs/accessanalyzer/11.6/solutions/aws/policies/aws_custommanagedpolicies.md b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_custommanagedpolicies.md new file mode 100644 index 0000000000..a1937ffae1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_custommanagedpolicies.md @@ -0,0 +1,31 @@ +# AWS_CustomManagedPolicies Job + +The AWS_CustomManagedPolicies job provides details on customer managed policies created in the AWS +Organization. + +## Analysis Tasks for the AWS_CustomManagedPolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_CustomManagedPolicies** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_CustomManagedPolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/custommanagedpoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- Custom Managed Policy Details – Provides detailed information on AWS custom managed policies. + Creates the AWS_CustomManagedPolicy_Details table accessible under the job’s Results node. +- Custom Managed Policy Usage Summary – Summarizes the custom managed policy usage by AWS + Organization. Creates the AWS_CustomManagedPolicy_Summary table accessible under the job’s Results + node. + +## Report for the AWS_CustomManagedPolicies Job + +In addition to the tables and views created by the analysis task, the AWS_CustomManagedPolicies job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------------------- | ----------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Custom Managed Policies | This report analyzes AWS Custom Managed Policies and their usage. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays custom managed policies by account - Table – Shows custom managed policies by account - Table – Provides details on custom managed policies by account | diff --git a/docs/accessanalyzer/11.6/solutions/aws/policies/aws_inlinepolicies.md b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_inlinepolicies.md new file mode 100644 index 0000000000..15cb1fb11c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_inlinepolicies.md @@ -0,0 +1,30 @@ +# AWS_InlinePolicies Job + +The AWS_InlinePolicies job provides details on customer managed policies that are directly assigned +to a user or group. + +## Analysis Tasks for the AWS_InlinePolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_InlinePolicies** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_InlinePolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/inlinepoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- Inline Policy Details – Provides details for AWS Inline Policies. Creates the + AWS_InlinePolicy_Details table accessible under the job’s Results node. +- Inline Policy Summary – Summarizes AWS Inline Policies by organization. Creates the + AWS_InlinePolicy_Summary table accessible under the job’s Results node. + +## Report for the AWS_InlinePolicies Job + +In addition to the tables and views created by the analysis task, the AWS_InlinePolicies job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Element | +| --------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Inline Policies | This report identifies AWS Inline Policies that are assigned directly on an AWS Identity. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays inline policies by account - Table – Shows inline policies by account - Table – Provides details on inline policies | diff --git a/docs/accessanalyzer/11.6/solutions/aws/policies/aws_managedpolicies.md b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_managedpolicies.md new file mode 100644 index 0000000000..d3b96d24a8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_managedpolicies.md @@ -0,0 +1,29 @@ +# AWS_ManagedPolicies Job + +The AWS_ManagedPolicies job provides details on policies managed by Amazon in the AWS Organization. + +## Analysis Tasks for the AWS_ManagedPolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_ManagedPolicies** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_ManagedPolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/managedpoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- Managed Policy Details – Identifies managed policies from AWS and if they are assigned to a user + or group. Creates the AWS_ManagedPolicy_Details table accessible under the job’s Results node. +- Managed Policy Usage Summary – Summarizes the managed policy usage by AWS Org. Creates the + AWS_ManagedPolicy_Summary table accessible under the job’s Results node. + +## Report for the AWS_ManagedPolicies Job + +In addition to the tables and views created by the analysis task, the AWS_Accounts job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| -------------------- | ---------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| AWS Managed Policies | This report analyzes AWS Managed Policies and their usage. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays AWS managed policies by account - Table – Shows AWS managed policies by account - Table – Provides details on AWS managed policies | diff --git a/docs/accessanalyzer/11.6/solutions/aws/policies/aws_sensitivepolicies.md b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_sensitivepolicies.md new file mode 100644 index 0000000000..0080cc5102 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_sensitivepolicies.md @@ -0,0 +1,35 @@ +# AWS_SensitivePolicies Job + +The AWS_SensitivePolicies job provides details on users, groups, and roles as well as the policies +granting them sensitive permissions. + +## Analysis Tasks for the AWS_SensitivePolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_SensitivePolicies** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_SensitivePolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/sensitivepoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- Sensitive Managed Policy Details – Provides details on AWS Sensitive Managed Policies. Creates the + AWS_SensitiveManagedPolicies_Details table accessible under the job’s Results node. +- Sensitive Inline Policy Details – Provides details on AWS Sensitive Inline Policies. Creates the + AWS_SensitiveInlinePolicies_Details table accessible under the job’s Results node. +- Sensitive Managed Policy Summary – Summarizes AWS Sensitive Managed Policies by organization. + Creates the AWS_SensitiveManagedPolicies_Summary table accessible under the job’s Results node. +- Sensitive Inline Policy Summary – Summarizes AWS Sensitive Inlin Policies by organization. Creates + the AWS_SensitiveInlinePolicies_Summary table accessible under the job’s Results node. + +## Reports for the AWS_SensitivePolicies Job + +In addition to the tables and views created by the analysis task, the AWS_SensitivePolicies job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| -------------------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Inline Policies | This report highlights users, groups, and roles with a sensitive inline policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays sensitive policy assignments by org - Table – Shows sensitive policy assignments by org - Table – Provides details on sensitive policy assignments | +| Sensitive Managed Policies | This report highlights users, groups, and roles with a sensitive managed policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays sensitive managed policy assignments by org - Table – Shows sensitive managed policy assignments by org - Table – Provides details on sensitive managed policy assignments | diff --git a/docs/accessanalyzer/11.6/solutions/aws/policies/aws_unusedmanagedpolicies.md b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_unusedmanagedpolicies.md new file mode 100644 index 0000000000..c6d8354294 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_unusedmanagedpolicies.md @@ -0,0 +1,63 @@ +# AWS_UnusedManagedPolicies Job + +The AWS_UnusedManagedPolicies job provides details on customer managed policies that exist in the +AWS Organization. Optionally, AWS managed policies can be included by changing the parameter for the +analysis task. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The AWS_UnusedManagedPolicies job has the following configurable parameter: + +- True or False value to include policies managed by AWS + +See the +[Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job](#customizable-analysis-tasks-for-the-aws_unusedmanagedpolicies-job) +topic for additional information. + +## Analysis Tasks for the AWS_UnusedManagedPolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_UnusedManagedPolicies** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for +this job. Only modify the analysis tasks listed in the customizable analysis tasks section. + +![Analysis Tasks for the AWS_UnusedManagedPolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- Unused Managed Policies – Policies not assigned to any group or user. Creates the + AWS_UnusedPolicies_Details table accessible under the job’s Results node. + + - Optionally, AWS managed policies can be included by setting the parameter to True. See the + [Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job](#customizable-analysis-tasks-for-the-aws_unusedmanagedpolicies-job) + topic for additional information. + +- Unused Managed Policy Summary – Summary by AWS Organization of unused managed policies. Creates + the AWS_UnusedPolicies_Summary table accessible under the job’s Results node. + +### Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ----------------------- | --------------------------- | ------------- | ------------------------------------------------------- | +| Unused Managed Policies | @IncludeAWSManaged | False | True or False value to include policies managed by AWS. | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on how to modify parameters. + +## Report for the AWS_UnusedManagedPolicies Job + +In addition to the tables and views created by the analysis task, the AWS_UnusedManagedPolicies job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------------------- | --------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Unused Managed Policies | This report identifies policies that are not assigned to any group or user. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays unused managed policies by account - Table – Shows unused managed policies by account - Table – Provides details on unused managed policies | diff --git a/docs/accessanalyzer/11.6/solutions/aws/policies/aws_userpolicies.md b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_userpolicies.md new file mode 100644 index 0000000000..b213f24b22 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/policies/aws_userpolicies.md @@ -0,0 +1,33 @@ +# AWS_UserPolicies Job + +The AWS_UserPolicies job provides details outlining user policy assignment. This includes where the +policy is assigned, directly or at a group level, and if the policy assignment has been duplicated. + +## Analysis Tasks for the AWS_UserPolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_UserPolicies** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_UserPolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/userpoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- User Policies View – Details policies assigned to users directly and through group membership. + Creates the AWS_IamUserPolicyView table accessible under the job’s Results node. +- Duplicated Policies – User policies that have been inherited and directly assigned. Creates the + AWS_DuplicatedPolicy_Details table accessible under the job’s Results node. +- User Policy Summary – Summarizes policies assigned to users by Account. Creates the + AWS_UserPolicy_Summary table accessible under the job’s Results node. + +## Reports for the AWS_UserPolicies Job + +In addition to the tables and views created by the analysis task, the AWS_UserPolicies job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ---------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Duplicate Policy Assignments | This report highlights policies that have been both assigned directly and inherited from a group to a user identity. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by assigned managed policies - Table – Provides details on managed policy assignments | +| Managed Policy Assignments | This report details managed policy assignments in the AWS Organization. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays duplicate policy assignment summary by account - Table – Shows duplicate policy assignment summary by account - Table – Provides details on duplicate policy assignment summary | diff --git a/docs/accessanalyzer/11.6/solutions/aws/policies/overview.md b/docs/accessanalyzer/11.6/solutions/aws/policies/overview.md new file mode 100644 index 0000000000..4f24968290 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/policies/overview.md @@ -0,0 +1,25 @@ +# 5.Policies Job Group + +The 5.Policies job group provides details on AWS IAM policies including the various types of +policies, the permissions they grant, and where they are applied in the AWS organization. + +![5.Policies Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 5.Policies job group is comprised of: + +- [AWS_CustomManagedPolicies Job](/docs/accessanalyzer/11.6/solutions/aws/policies/aws_custommanagedpolicies.md) + – Provides details on customer managed policies created in the AWS Organization +- [AWS_InlinePolicies Job](/docs/accessanalyzer/11.6/solutions/aws/policies/aws_inlinepolicies.md) + – Provides details on customer managed policies that are directly assigned to a user or group +- [AWS_ManagedPolicies Job](/docs/accessanalyzer/11.6/solutions/aws/policies/aws_managedpolicies.md) + – Provides details on policies managed by Amazon in the AWS Organization +- [AWS_SensitivePolicies Job](/docs/accessanalyzer/11.6/solutions/aws/policies/aws_sensitivepolicies.md) + – Provides details on users, groups, and roles as well as the policies granting them sensitive + permissions +- [AWS_UnusedManagedPolicies Job](/docs/accessanalyzer/11.6/solutions/aws/policies/aws_unusedmanagedpolicies.md) + – Provides details on customer managed policies that exist in the AWS Organization. Optionally, + AWS managed policies can be included by changing the @IncludeAWSManaged parameter on the analysis + task. +- [AWS_UserPolicies Job](/docs/accessanalyzer/11.6/solutions/aws/policies/aws_userpolicies.md) + – Provides details outlining user policy assignment. This includes where the policy is assigned, + directly or at a group level, and if the policy assignment has been duplicated. diff --git a/docs/accessanalyzer/11.6/solutions/aws/recommended.md b/docs/accessanalyzer/11.6/solutions/aws/recommended.md new file mode 100644 index 0000000000..0e9182b80d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/recommended.md @@ -0,0 +1,135 @@ +# Recommended Configuration for the AWS Solution + +The AWS Solution is configured to inherit settings from the global Settings node. The Connection +Profile must be assigned before job execution. Once it is assigned to the job group, it can be run +directly or scheduled. + +Dependencies + +For AWS IAM Auditing: + +- AWS Permissions must be configured on the target databases. + + - See the + [Configure AWS for Scans](/docs/accessanalyzer/11.6/requirements/target/config/aws.md) + topic for information on configuring Roles within AWS and obtaining an Access Key + - See the + [Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/aws.md) + topic for additional information on permissions + +For AWS S3 Sensitive Data Discovery Auditing: + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + + - See the + [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) + topic for additional information + +Some of the 0.Collection job group queries can be scoped to target specific S3 Objects. However, it +is necessary for the SA_AWS_Instances table to be populated before attempting to scope the queries. +Therefore, the AWS_S3Scan job must be manually executed before attempting to scope the S3 queries. + +Target Host + +The AWS Data Collector identifies AWS instances via the created Roles and therefore does not require +a host list to be assigned. No target host is required (assign Local Host). + +Connection Profile + +The AWS Data Collector requires a specific set of permissions. The account used can be either a Web +Services (JWT) account or an Amazon Web Services account. Once the account has been provisioned, +create a custom Connection Profile containing the credentials for the targeted environment. See the +[Amazon Web Services for User Credentials](/docs/accessanalyzer/11.6/admin/settings/connection/profile/aws.md) +topic for additional information. + +The Connection Profile is assigned under the **AWS** > **Settings** > **Connection** node. It is set +to **Use Default Profile**, as configured at the global Settings level. However, if this is not the +Connection Profile with the necessary permissions for targeting the AWS instances, click the +**Select one of the following user defined profiles** option and select the appropriate Connection +Profile. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information on creating a Connection Profile. + +Access Token + +Creating the Connection Profile requires having the **Access Key ID** and the **Secret Access Key** +that was generated by the Amazon Web Services application. See the +[Configure AWS for Scans](/docs/accessanalyzer/11.6/requirements/target/config/aws.md) +topic for additional information. + +Schedule Frequency + +Schedule the AWS job group to run weekly or daily, depending on the amount of data in the +environment. If there are frequent AWS changes within the target environment, then it can be +executed more often. It is best to rerun it anytime AWS changes might have occurred. + +History Retention + +Not supported. + +Multi Console Support + +Not supported. + +Run Order + +The jobs in the 0.Collection job group must be run first and in order. The other job groups can be +run in any order, together or individually, after running the 0.Collection job group. + +**_RECOMMENDED:_** Run the solution at the top level. + +Run at the Solution Level + +The jobs in the AWS job group should be run together and in order by running the entire solution, +instead of the individual jobs. + +Run at the Job Group Level + +For environments with a large amount of S3 data, it may be desirable to run the 3.AWS_S3Scan job and +the 4.AWS_S3SDDScan job less frequently than the other jobs in the 0.Collection job group. + +Query Configuration + +The following queries in the 0.Collection job group require the created AWS Roles to be added to the +Login Roles page: + +- [1.AWS_OrgScan Job](/docs/accessanalyzer/11.6/solutions/aws/collection/1.aws_orgscan.md) +- [2.AWS_S3Scan Job](/docs/accessanalyzer/11.6/solutions/aws/collection/2.aws_s3scan.md) +- [3.AWS_IAMScan Job](/docs/accessanalyzer/11.6/solutions/aws/collection/3.aws_iamscan.md) + +The following queries in the 0.Collection job group can be modified to limit the depth of the scan: + +- [2.AWS_S3Scan Job](/docs/accessanalyzer/11.6/solutions/aws/collection/2.aws_s3scan.md) +- [4.AWS_S3SDDScan Job](/docs/accessanalyzer/11.6/solutions/aws/collection/4.aws_s3sddscan.md) + +Analysis Configuration + +This solution can be run with the default analysis configuration. However, the following parameters +can be modified: + +- The `@STALETHRESHOLD` parameter determines the number of days after which content is considered + stale. It is set to default of 60 days. The `@STALETHRESHOLD` parameter can be customized in the + following analysis tasks: + + - **2. Users** > **AWS_StaleUsers** > **Stale Users** Analysis Task + - **3.Groups** > **AWS_StaleGroups** > **Stale Groups Details** Analysis Task + - **4.Roles** > **AWS_StaleRoles** > **Stale Roles Details** Analysis Task + +Workflow + +The following is the recommended workflow: + +**Step 1 –** Configure and assign the Connection Profile. + +**Step 2 –** Configure the Scan query to add the AWS Roles to the Login Roles page. + +**Step 3 –** (Optional) Modify query configurations for the 0.Collection job group to limit the scan +depth. + +**Step 4 –** (Optional) Modify analysis task parameters for the reporting jobs. + +**Step 5 –** Schedule the AWS job group to run as desired. + +**Step 6 –** Review the reports generated by the AWS job group. diff --git a/docs/accessanalyzer/11.6/solutions/aws/roles/aws_roles.md b/docs/accessanalyzer/11.6/solutions/aws/roles/aws_roles.md new file mode 100644 index 0000000000..db4755bead --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/roles/aws_roles.md @@ -0,0 +1,29 @@ +# AWS_Roles Job + +The AWS_Roles job provides details on roles in the AWS IAM environment. + +## Analysis Tasks for the AWS_Roles Job + +Navigate to the **AWS** > **4.Roles** > **AWS_Roles** > **Configure** node and select **Analysis** +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_Roles Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/roles/rolesanalysis.webp) + +The following analysis tasks are selected by default: + +- Role Details – Provides detailed information on AWS Roles. Creates the AWS_Role_Details table + accessible under the job’s Results node. +- Role Summary – Summarizes roles by AWS account. Creates the AWS_Role_Summary table accessible + under the job’s Results node. + +## Report for the AWS_Roles Job + +In addition to the tables and views created by the analysis task, the AWS_Roles job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ------ | ----------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Roles | This report provides details on roles in the AWS IAM environment. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top roles by account - Table – Shows roles by account - Table – Provides details on roles | diff --git a/docs/accessanalyzer/11.6/solutions/aws/roles/aws_staleroles.md b/docs/accessanalyzer/11.6/solutions/aws/roles/aws_staleroles.md new file mode 100644 index 0000000000..63e797a6d5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/roles/aws_staleroles.md @@ -0,0 +1,64 @@ +# AWS_StaleRoles Job + +The AWS_StaleRoles job provides details on roles that are considered stale. Highlighting roles that +have not been used in more than 60 days and those that have never been used. The 60 day parameter is +configurable. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The AWS_StaleRoles job has the following configurable parameter: + +- Days without login to consider an account stale + +See the +[Customizable Analysis Tasks for the AWS_StaleRoles Job](#customizable-analysis-tasks-for-the-aws_staleroles-job) +topic for additional information. + +## Analysis Tasks for the AWS_StaleRoles Job + +Navigate to the **AWS** > **4.Roles** > **AWS_StaleRoles** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for +this job. Only modify the analysis tasks listed in the customizable analysis tasks section. + +![Analysis Tasks for the AWS_StaleRoles Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/roles/stalerolesanalysis.webp) + +The following analysis tasks are selected by default: + +- Stale Role Details – Highlights the roles in AWS that are considered stale. Creates the + AWS_StaleRole_Details table accessible under the job’s Results node. + + - The number of days without login to consider an account stale can be customized. By default it + is set to 60. See the + [Customizable Analysis Tasks for the AWS_StaleRoles Job](#customizable-analysis-tasks-for-the-aws_staleroles-job) + topic for additional information. + +- Stale Role Summary – Summarizes stale roles by AWS Account. Creates the AWS_StaleRole_Summary + table accessible under the job’s Results node. + +### Customizable Analysis Tasks for the AWS_StaleRoles Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------ | --------------------------- | ------------- | ------------------------------------------------ | +| Stale Role Details | @StaleThreshold | 60 | Days without login to consider an account stale. | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on how to modify parameters. + +## Report for the AWS_StaleRoles Job + +In addition to the tables and views created by the analysis task, the AWS_StaleRoles job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------- | ---------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Roles | This report identifies stale roles in the AWS environment. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top stale roles by account - Table – Shows stales roles by account - Table – Provides details on stale roles | diff --git a/docs/accessanalyzer/11.6/solutions/aws/roles/overview.md b/docs/accessanalyzer/11.6/solutions/aws/roles/overview.md new file mode 100644 index 0000000000..3649510baa --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/roles/overview.md @@ -0,0 +1,13 @@ +# 4.Roles Job Group + +The 4.Roles job group provides details on roles in the AWS IAM environment. + +![4.Roles Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 4.Roles job group is comprised of: + +- [AWS_Roles Job](/docs/accessanalyzer/11.6/solutions/aws/roles/aws_roles.md) + – Provides details on roles in the AWS IAM environment +- [AWS_StaleRoles Job](/docs/accessanalyzer/11.6/solutions/aws/roles/aws_staleroles.md) + – Provides details on roles that are considered stale. Highlighting roles that have not been used + in more than 60 days and those that have never been used. diff --git a/docs/accessanalyzer/11.6/solutions/aws/s3content/aws_s3buckets.md b/docs/accessanalyzer/11.6/solutions/aws/s3content/aws_s3buckets.md new file mode 100644 index 0000000000..c25ce0836c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/s3content/aws_s3buckets.md @@ -0,0 +1,27 @@ +# AWS_S3Buckets Job + +The AWS_S3Buckets job provides a summary of AWS S3 buckets including total object size and counts. + +## Analysis Task for the AWS_S3Buckets Job + +Navigate to the **AWS** > **7.S3 Content** > **AWS_S3Buckets** > **Configure** node and select +**Analysis** to view the analysis task. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AWS_S3Buckets Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/s3content/s3bucketsanalysis.webp) + +The following analysis task is selected by default: + +- S3 Buckets – S3 Bucket details. Creates the AWS_Bucket_Details table accessible under the job’s + Results node. + +## Report for the AWS_S3Buckets Job + +In addition to the tables and views created by the analysis task, the AWS_S3Buckets job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ---------- | --------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| S3 Buckets | This report summarizes AWS S3 Bucket content. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top five buckets by size - Table – Shows buckets by size - Table – Provides details on buckets | diff --git a/docs/accessanalyzer/11.6/solutions/aws/s3content/aws_s3buckettags.md b/docs/accessanalyzer/11.6/solutions/aws/s3content/aws_s3buckettags.md new file mode 100644 index 0000000000..b41db2f084 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/s3content/aws_s3buckettags.md @@ -0,0 +1,30 @@ +# AWS_S3BucketTags Job + +The AWS_S3BucketTags job identifies tags associated with AWS S3 Buckets. Tagging can be helpful to +identify the storage class or purpose of a bucket and can be used in AWS IAM Policy assignments. + +## Analysis Tasks for the AWS_S3BucketTagsJob + +Navigate to the **AWS** > **7.S3 Content** > **AWS_S3BucketTags** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_S3BucketTagsJob](/img/product_docs/accessanalyzer/11.6/solutions/aws/s3content/s3buckettagsanalysis.webp) + +The following analysis tasks are selected by default: + +- AWS S3 Bucket Tags – Identifies tags associated with AWS S3 Buckets. Creates the + AWS_BucketTag_Details table accessible under the job’s Results node. +- AWS S3 Bucket Tag Summary – Summarizes AWS bucket tag status. Creates the AWS_BucketTag_Summary + table accessible under the job’s Results node. + +## Report for the AWS_S3BucketTags Job + +In addition to the tables and views created by the analysis tasks, the AWS_S3BucketTags job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------- | ------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Bucket Tags | This report highlights AWS S3 Bucket Tags. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays buckets tagged by account - Table – Shows bucket tagging summary - Table – Provides details on bucket tagging | diff --git a/docs/accessanalyzer/11.6/solutions/aws/s3content/overview.md b/docs/accessanalyzer/11.6/solutions/aws/s3content/overview.md new file mode 100644 index 0000000000..503f84af72 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/s3content/overview.md @@ -0,0 +1,13 @@ +# 7.S3 Content Job Group + +The 7.S3 Content job group provide details on AWS S3 buckets and objects contained in those buckets. + +![7.S3 Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 7.S3 Content job group is comprised of: + +- [AWS_S3Buckets Job](/docs/accessanalyzer/11.6/solutions/aws/s3content/aws_s3buckets.md) + – Provides a summary of AWS S3 buckets including total object size and counts +- [AWS_S3BucketTags Job](/docs/accessanalyzer/11.6/solutions/aws/s3content/aws_s3buckettags.md) + – Identifies tags associated with AWS S3 Buckets. Tagging can be helpful to identify the storage + class or purpose of a bucket and can be used in AWS IAM Policy assignments. diff --git a/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_brokeninheritance.md b/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_brokeninheritance.md new file mode 100644 index 0000000000..4ff6dff79e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_brokeninheritance.md @@ -0,0 +1,30 @@ +# AWS_BrokenInheritance Job + +The AWS_BrokenInheritance job highlights permissions in an AWS S3 bucket that differ from those +assigned at the bucket level, those assigned directly on objects within the bucket. + +## Analysis Tasks for the AWS_BrokenInheritance Job + +Navigate to the **AWS** > **6.S3 Permissions** > **AWS_BrokenInheritance** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_BrokenInheritance Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritanceanalysis.webp) + +The following analysis tasks are selected by default: + +- Broken Inheritance – Permissions applied directly to AWS S3 Bucket Objects. Creates the + AWS_BrokenInheritance_Details table accessible under the job’s Results node. +- Broken Inheritance Summary – Summarizes permissions applied directly to AWS S3 Bucket Objects. + Creates the AWS_BrokenInheritance_Summary table accessible under the job’s Results node. + +## Report for the AWS_BrokenInheritance Job + +In addition to the tables and views created by the analysis task, the AWS_BrokenInheritance job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ------------------ | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Broken Inheritance | This report identifies permissions applied directly on files in AWS S3 Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by broken inheritance - Table – Shows buckets by broken inheritance - Table – Provides details on broken inheritance | diff --git a/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_effectivepermissions.md b/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_effectivepermissions.md new file mode 100644 index 0000000000..663449baa6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_effectivepermissions.md @@ -0,0 +1,30 @@ +# AWS_EffectivePermissions Job + +The AWS_EffectivePermissions job identifies and summarizes effective permissions on AWS S3 buckets +and bucket objects. + +## Analysis Tasks for the AWS_Accounts Job + +Navigate to the **AWS** > **6.S3 Permissions** > **AWS_EffectivePermissions** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_Accounts Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp) + +The following analysis tasks are selected by default: + +- S3 Bucket Effective Permissions – AWS S3 Bucket effective permissions for each identity. Creates + the AWS_EffectiveBucketPermissions_Details table accessible under the job’s Results node. +- S3 Bucket Effective Permission Summary – Summarizes permission counts across AWS S3 Buckets. + Creates the AWS_EffectiveBucketPermissions_Summary table accessible under the job’s Results node. + +## Report for the AWS_EffectivePermissions Job + +In addition to the tables and views created by the analysis task, the AWS_EffectivePermissions job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| --------------------- | ------------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Effective Permissions | This report identifies and summarizes effective permissions on AWS S3 Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by effective permissions - Table – Shows buckets by effective permissions - Table – Provides details on effective permissions | diff --git a/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_openbuckets.md b/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_openbuckets.md new file mode 100644 index 0000000000..ab106ca0b1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_openbuckets.md @@ -0,0 +1,28 @@ +# AWS_OpenBuckets Job + +The AWS_OpenBuckets job identifies buckets that have permissions assigned to everyone at the top +level of the AWS S3 bucket. + +## Analysis Task for the AWS_OpenBuckets Job + +Navigate to the **AWS** > **6.S3 Permissions** > **AWS_OpenBuckets** > **Configure** node and select +**Analysis** to view the analysis task. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AWS_OpenBuckets Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/s3permissions/openbucketsanalysis.webp) + +The following analysis task is selected by default: + +- Open Bucket Permissions – Permissions applied to AWS S3 buckets across all users. Creates the + AWS_OpenBucket_Details table accessible under the job’s Results node. + +## Report for the AWS_OpenBuckets Job + +In addition to the tables and views created by the analysis task, the AWS_OpenBuckets job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ------------ | ------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Open Buckets | This report identifies AWS S3 Open Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays largest open buckets - Table – Shows largest open buckets - Table – Provides details on open buckets | diff --git a/docs/accessanalyzer/11.6/solutions/aws/s3permissions/overview.md b/docs/accessanalyzer/11.6/solutions/aws/s3permissions/overview.md new file mode 100644 index 0000000000..7e543133df --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/s3permissions/overview.md @@ -0,0 +1,17 @@ +# 6.S3 Permissions Job Group + +The 6.S3 Permissions job group provides details on permissions assigned to AWS S3 buckets, +highlighting specific threats like broken inheritance and open buckets. + +![6.S3 Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 6.S3 Permissions job group is comprised of: + +- [AWS_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_brokeninheritance.md) + – Highlights permissions in an AWS S3 bucket that differ from those assigned at the bucket level, + those assigned directly on objects within the bucket +- [AWS_EffectivePermissions Job](/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_effectivepermissions.md) + – Identifies and summarizes effective permissions on AWS S3 buckets and bucket objects +- [AWS_OpenBuckets Job](/docs/accessanalyzer/11.6/solutions/aws/s3permissions/aws_openbuckets.md) + – Identifies buckets that have permissions assigned to everyone at the top level of the AWS S3 + bucket diff --git a/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/aws_sensitivedata.md b/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/aws_sensitivedata.md new file mode 100644 index 0000000000..567ec803c3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/aws_sensitivedata.md @@ -0,0 +1,33 @@ +# AWS_SensitiveData Job + +The AWS_SensitiveData job provides details on AWS S3 buckets and the objects in them which contain +sensitive data. + +## Analysis Tasks for the AWS_SensitiveData Job + +Navigate to the **AWS** > **8.S3 Sensitive Data** > **AWS_SensitiveData** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_SensitiveData Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) + +The following analysis tasks are selected by default: + +- Sensitive Data Details – Provides detailed information for S3 objects with Sensitive Data. Creates + the AWS_SDD_Details table accessible under the job’s Results node. +- Sensitive Data Summary – Summarizes Sensitive Data by AWS Account. Creates the AWS_SDD_Summary + table accessible under the job’s Results node. +- Enterprise Summary – Summarizes AWS sensitive data by criteria. Creates the + AWS_SDD_EnterpriseSummary table accessible under the job’s Results node. + +## Report for the AWS_Sensitive Data Job + +In addition to the tables and views created by the analysis task, the AWS_SensitiveData job produces +the following preconfigured reports: + +| Report | Description | Default Tags | Report Element | +| ----------------------- | ----------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of the following elements: - Chart – Displays exceptions by match count - Table – Provides details on exceptions | +| Sensitive Data Overview | This report identifies objects in AWS S3 buckets that contain sensitive data. | Sensitive Data | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by sensitive data hit - Table – Shows sensitive data by account - Table – Provides details on sensitive data | diff --git a/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/aws_sensitivedata_permissions.md b/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/aws_sensitivedata_permissions.md new file mode 100644 index 0000000000..7e09d1f908 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/aws_sensitivedata_permissions.md @@ -0,0 +1,31 @@ +# AWS_SensitiveData_Permissions Job + +The AWS_SensitiveData_Permissions job provides details on the permissions assigned to AWS S3 buckets +and the objects in them which contain sensitive data. + +## Analysis Tasks for the AWS_SensitiveData_Permissions Job + +Navigate to the **AWS** > **8.S3 Sensitive Data** > **AWS_SensitiveData_Permissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_SensitiveData_Permissions Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp) + +The following analysis tasks are selected by default: + +- AWS Sensitive Data Permissions – Highlights permissions applied to AWS objects containing + sensitive data. Creates the AWS_SDDPermission_Details table accessible under the job’s Results + node. +- Sensitive Data Permissions Summary – Summarizes permissions on AWS objects containing sensitive + data. Creates the AWS_SDDPermission_BucketSummary table accessible under the job’s Results node. + +## Report for the AWS_SensitiveData_Permissions Job + +In addition to the tables and views created by the analysis task, the AWS_SensitiveData_Permissions +job produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| -------------------------- | ---------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Permissions | This report identifies permissions on AWS objects containing sensitive data. | Sensitive Data | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by permissions on sensitive data - Table – Shows buckets by permissions on sensitive data - Table – Provides details on sensitive data permissions | diff --git a/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/overview.md b/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/overview.md new file mode 100644 index 0000000000..a0d3ef9818 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/overview.md @@ -0,0 +1,14 @@ +# 8.S3 Sensitive Data Job Group + +The 8.S3 Sensitive Data job group provides details on AWS S3 buckets and objects containing +sensitive data. + +![8.S3 Sensitive Data Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 8.S3 Sensitive Data job group is comprised of: + +- [AWS_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/aws_sensitivedata.md) + – Provides details on AWS S3 buckets and the objects in them which contain sensitive data +- [AWS_SensitiveData_Permissions Job](/docs/accessanalyzer/11.6/solutions/aws/sensitivedata/aws_sensitivedata_permissions.md) + – Provides details on the permissions assigned to AWS S3 buckets and the objects in them which + contain sensitive data diff --git a/docs/accessanalyzer/11.6/solutions/aws/users/aws_accesskeys.md b/docs/accessanalyzer/11.6/solutions/aws/users/aws_accesskeys.md new file mode 100644 index 0000000000..6de48eeb05 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/users/aws_accesskeys.md @@ -0,0 +1,32 @@ +# AWS_AccessKeys Job + +The AWS_AccessKeys job provides details on the last time an access key was rotated or used, +highlighting keys that were last rotated over a year ago. + +## Analysis Tasks for the AWS_AccessKeys Job + +Navigate to the **AWS** > **2.Users** > **AWS_AccessKeys** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_AccessKeys Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/users/accesskeysanalysis.webp) + +The following analysis tasks are selected by default: + +- Access Keys – Analyzes access key rotation age and last use. Creates the AWS_AccessKey_Details + table accessible under the job’s Results node. +- High Risk Access Keys – Highlights high risk access keys. Creates the AWS_AccessKey_HighRisk table + accessible under the job’s Results node. +- Access Keys summary – Summarizes access key rotation by age. Creates the AWS_AccessKey_Summary + table accessible under the job’s Results node. + +## Report for the AWS_AccessKeys Job + +In addition to the tables and views created by the analysis task, the AWS_AccessKeys job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Access Keys | This report identifies user accounts which have not rotated their AWS IAM Access Keys for an extended amount of time or have never used it. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays access key age by account - Table – Shows high risk access keys - Table – Provides details on access keys | diff --git a/docs/accessanalyzer/11.6/solutions/aws/users/aws_mfastatus.md b/docs/accessanalyzer/11.6/solutions/aws/users/aws_mfastatus.md new file mode 100644 index 0000000000..5c0e15d4df --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/users/aws_mfastatus.md @@ -0,0 +1,30 @@ +# AWS_MFAStatus Job + +The AWS_MFAStatus job provides details on each user's MFA status, highlighting users that have it +disabled. + +## Analysis Tasks for the AWS_MFAStatus Job + +Navigate to the **AWS** > **2.Users** > **AWS_MFAStatus** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_MFAStatus Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/users/mfastatusanalysis.webp) + +The following analysis tasks are selected by default: + +- MFAStatus – Checks user accounts in AWS for Multi-Factor Authentication. Creates the + AWS_MFAStatus_Details table accessible under the job’s Results node. +- MFAStatus Summary – Summarizes AWS IAM Multi-Factor Authentication status by organisation. Creates + the AWS_MFAStatus_Summary table accessible under the job’s Results node. + +## Report for the AWS_MFAStatus Job + +In addition to the tables and views created by the analysis task, the AWS_MFAStatus job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ---------- | ------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------- | +| MFA Status | This report identifies the MFA status of each AWS user | None | This report is comprised of the following elements: - Pie Chart – Displays MFA status - Table – Shows status by account - Table – Provides details on MFA | diff --git a/docs/accessanalyzer/11.6/solutions/aws/users/aws_rootaccounts.md b/docs/accessanalyzer/11.6/solutions/aws/users/aws_rootaccounts.md new file mode 100644 index 0000000000..22f3d0e29a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/users/aws_rootaccounts.md @@ -0,0 +1,33 @@ +# AWS_RootAccounts Job + +The AWS_RootAccounts job provides details on AWS root accounts and how they conform to recommended +security practices. + +## Analysis Tasks for the AWS_RootAccounts Job + +Navigate to the **AWS** > **2.Users** > **AWS_RootAccounts** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_RootAccounts Job](/img/product_docs/accessanalyzer/11.6/solutions/aws/users/rootaccountsanalysis.webp) + +The following analysis tasks are selected by default: + +- Root Account Security Details – Provides details on the credentials and their usage for the AWS + root account in each account. Creates the AWS_RootAccountSecurity_Details table accessible under + the job’s Results node. +- Root Account Risk Assessment – Highlights security risks on AWS root accounts. Creates the + AWS_RootAccountSecurity_RiskAssessment table accessible under the job’s Results node. +- Root Account Security Summary – Summarizes risks on the root account. Creates the + AWS_RootAccountSecurity_Summary table accessible under the job’s Results node. + +## Report for the AWS_RootAccounts Job + +In addition to the tables and views created by the analysis task, the AWS_RootAccounts job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| --------------------- | ----------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Root Account Security | This report highlights security risks on AWS Root Accounts. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top account security by org - Table – Shows account security by Org - Table – Provides details on risk assessment - Table – Provides details on account security | diff --git a/docs/accessanalyzer/11.6/solutions/aws/users/aws_staleusers.md b/docs/accessanalyzer/11.6/solutions/aws/users/aws_staleusers.md new file mode 100644 index 0000000000..2c2c5a2d48 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/users/aws_staleusers.md @@ -0,0 +1,62 @@ +# AWS_StaleUsers Job + +The AWS_StaleUsers job provides details on the last time each user logged in or their access key was +used, highlighting those over specified number of days (default 60) or that have never logged in. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The AWS_StaleUsers job has the following configurable parameter: + +- Number of days before considering a user stale + +See the +[Customizable Analysis Tasks for the AWS_StaleUsers Job](#customizable-analysis-tasks-for-the-aws_staleusers-job) +topic for additional information. + +## Analysis Tasks for the AWS_StaleUsers Job + +Navigate to the **AWS** > **2.Users** > **AWS_StaleUsers** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for +this job. Only modify the analysis tasks listed in the customizable analysis tasks section. + +![Analysis Tasks for the AWS_StaleUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/staleusersanalysis.webp) + +The following analysis tasks are selected by default: + +- Stale Users – Identifies user accounts that have not been logged in to in the last 60 days. + Creates the AWS_StaleUser_Details table accessible under the job’s Results node. + + - The number of days can be customized from the default value of 60. See the + [Customizable Analysis Tasks for the AWS_StaleUsers Job](#customizable-analysis-tasks-for-the-aws_staleusers-job) + topic for additional information. + +- Stale User Summary – Summarizes stale users in AWS. Creates the AWS_StaleUser_Summary table + accessible under the job’s Results node. + +### Customizable Analysis Tasks for the AWS_StaleUsers Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------- | --------------------------- | ------------- | ---------------------------------------------- | +| Stale Users | @StaleThreshold | 60 | Number of days before considering a user stale | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on how to modify parameters. + +## Report for the AWS_StaleUsers Job + +In addition to the tables and views created by the analysis task, the AWS_StaleUsers job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Users | This report identifies user accounts which have not logged into AWS for an extended amount of time or have never logged in. A user account is considered stale if the last logon is over 60 days ago or the password has never been used. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays stale users by account - Table – Provides details on stale users | diff --git a/docs/accessanalyzer/11.6/solutions/aws/users/overview.md b/docs/accessanalyzer/11.6/solutions/aws/users/overview.md new file mode 100644 index 0000000000..5b176be272 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/aws/users/overview.md @@ -0,0 +1,18 @@ +# 2.Users Job Group + +The 2.Users job group provides details on AWS IAM user MFA status, access key usage, and staleness. + +![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 2.Users job group is comprised of: + +- [AWS_AccessKeys Job](/docs/accessanalyzer/11.6/solutions/aws/users/aws_accesskeys.md) + – Provides details on the last time an access key was rotated or used, highlighting keys that were + last rotated over a year ago +- [AWS_MFAStatus Job](/docs/accessanalyzer/11.6/solutions/aws/users/aws_mfastatus.md) + – Provides details on each user's MFA status, highlighting users that have it disabled +- [AWS_RootAccounts Job](/docs/accessanalyzer/11.6/solutions/aws/users/aws_rootaccounts.md) + – Provides details on AWS root accounts and how they conform to recommended security practices +- [AWS_StaleUsers Job](/docs/accessanalyzer/11.6/solutions/aws/users/aws_staleusers.md) + – Provides details on the last time each user logged in or their access key was used, highlighting + those over 60 days or that have never logged in diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_deletions.md b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_deletions.md new file mode 100644 index 0000000000..9297380574 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_deletions.md @@ -0,0 +1,28 @@ +# Box_Deletions Job + +The Box_Deletions Job is comprised of analysis and reports, which use the data collected by the +0.Collection Job Group to identify file and folder deletions that have occurred over the past 30 +days. + +## Analysis Tasks for the Box_Deletions Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Deletions** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Deletions Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/deletionsanalysis.webp) + +The following analysis tasks are selected by default: + +- Deletion Details – Creates the Box_Deletion_Details table accessible under the job’s Results node +- Deletions (Last 30 Days) – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_Deletions Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------- | +| File and Folder Deletions (Deletion Events) | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of deletions - Table – Provides details on deletions | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_downloads.md b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_downloads.md new file mode 100644 index 0000000000..fdc5aa8c58 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_downloads.md @@ -0,0 +1,27 @@ +# Box_Downloads Job + +The Box_Downloads Job provides details on file and folder deletions that have occurred over the past +30 days. + +## Analysis Tasks for the Box_Downloads Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Downloads** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Downloads Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/downloadsanalysis.webp) + +The following analysis tasks are selected by default: + +- Download Details – Creates the Box_Download_Details table accessible under the job’s Results node +- Downloads Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_Downloads Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------- | +| Download Activity (Download Events) | This report identifies download events for the past 30 days. The detailed report shows all resources that were successfully downloaded as well as which users performed those events. | None | This report is comprised of three elements: - Line Chart – Displays last 30 days of downloads - Table – Provides details on downloads | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_externaluseractivity.md b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_externaluseractivity.md new file mode 100644 index 0000000000..64db58c183 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_externaluseractivity.md @@ -0,0 +1,30 @@ +# Box_ExternalUserActivity Job + +The Box_ExternalUserActivity Job identifies and analyzes activity events performed by external users +over the last 30 days. External Users are collaborators from outside your organization. They can be +granted the same collaborator access and sharing rights as Managed Users, but there is limited +control over the content they own and their security settings. + +## Analysis for the Box_ExternalUserActivity Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_ExternalUserActivity** > **Configure** +node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis for the Box_ExternalUserActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/externaluseractivityanalysis.webp) + +The following analysis tasks are selected by default: + +- External User Activity Details – Creates the Box_ExternalUserActivity_Details table accessible + under the job’s Results node +- External User Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_ExternalUserActivity Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active External User | This report identifies highest resource activity by external users. The bar chart and summary table outline the top 5 most active external users. | None | This report is comprised of three elements: - Bar Chart – Displays top events by top external users - Table – Provides summary of events by top external user - Table – Provides details on external users | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_externalusercollaborations.md b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_externalusercollaborations.md new file mode 100644 index 0000000000..8bb9e748e8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_externalusercollaborations.md @@ -0,0 +1,29 @@ +# Box_ExternalUserCollaborations Job + +The Box_ExternalUserCollaborations Job External Users are collaborators from outside your +organization. They can be granted the same collaborator access and sharing rights as Managed Users, +but there is limited control over the content they own and their security settings. + +## Analysis Tasks for the Box_ExternalUserCollaborations Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_ExternalUserCollaborations** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_ExternalUserCollaborations Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp) + +The following analysis tasks are selected by default: + +- External User Collaboration Details – Creates the Box_ExternalUserCollaboration_Details table + accessible under the job’s Results node +- External User Collaboration (Last 30 Days) – Creates an interim processing table in the database + for use by downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_ExternalUserCollaborations Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| External User Collaborations | This report identifies high-risk collaborations, highlighting most active collaborations by invites of external users. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of external user collaborations - Table – Provides details on external user collaborations | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_permissionchanges.md b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_permissionchanges.md new file mode 100644 index 0000000000..23de61b566 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_permissionchanges.md @@ -0,0 +1,28 @@ +# Box_PermissionChanges Job + +The Box_PermissionChannges Job provides details on permission changes that have occurred over the +past 30 days. + +## Analysis Tasks for the Box_PermissionChanges Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_PermissionChanges** > **Configure** +node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_PermissionChanges Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/permissionchangesanalysis.webp) + +The following analysis tasks are selected by default: + +- Permission Change Details – Creates the Box_PermissionChange_Details table accessible under the + job’s Results node +- Permission Changes (Last 30 Days) – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_PermissionChanges Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | +| Permission Changes | This report identifies all resources where successful permission changes have occurred. The line chart shows data for the past 30 days only. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of permission changes - Table – Provides details on permission changes | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_sharing.md b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_sharing.md new file mode 100644 index 0000000000..48cecf3e17 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_sharing.md @@ -0,0 +1,26 @@ +# Box_Sharing Job + +The Box_Sharing Job provides details on sharing activity that has occurred over the past 30 days. + +## Analysis Tasks for the Box_Sharing Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Sharing** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Sharing Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/sharinganalysis.webp) + +The following analysis tasks are selected by default: + +- Box Sharing – Creates the Box_Sharing_Details table accessible under the job’s Results node +- Sharing Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_Sharing Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sharing Activity Summary | This report identifies resource sharing within the target Box environments. The line graph will highlight time periods of the highest rate of sharing within the past 30 days. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of sharing activity - Table – Provides details on sharing activity | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/forensics/overview.md b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/overview.md new file mode 100644 index 0000000000..512f96ebd6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/forensics/overview.md @@ -0,0 +1,24 @@ +# Forensics Job Group + +The Forensics Job Group highlights deletions, file downloads, permissions changes, external user +activity, collaboration activity and high-risk collaborations within the targeted Box environment. +It is dependent on data collected by the 0.Collection Job Group, also housed in the Box Job Group. +The jobs that comprise the 1.Activity Job Group process analysis tasks and generate a report. + +![Forensics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The Forensics Job Group is comprised of: + +- [Box_Deletions Job](/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_deletions.md) + – Provides details on file and folder deletions that have occurred over the past 30 days +- [Box_Downloads Job](/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_downloads.md) + – Provides details on file and folder deletions that have occurred over the past 30 days +- [Box_ExternalUserActivity Job](/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_externaluseractivity.md) + – Identifies and analyzes external user activity which has occurred over the past 30 days +- [Box_ExternalUserCollaborations Job](/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_externalusercollaborations.md) + – Identifies collaboration invites sent to external users. These collaborations should be reviewed + to ensure sensitive data is not being shared outside of your organization. +- [Box_PermissionChanges Job](/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_permissionchanges.md) + – Provides details on permission changes that have occurred over the past 30 days +- [Box_Sharing Job](/docs/accessanalyzer/11.6/solutions/box/activity/forensics/box_sharing.md) + – Provides details on sharing activity that has occurred over the past 30 days diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/overview.md b/docs/accessanalyzer/11.6/solutions/box/activity/overview.md new file mode 100644 index 0000000000..42df47bbb9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/overview.md @@ -0,0 +1,19 @@ +# 1.Activity Job Group + +The **Box** > **1.Activity** Job Group identifies long term trends of activity providing insight +into user activity, usage statistics, and suspicious behavior identifies long-term trends of +activity providing insight into user activity, usage statistics, and suspicious behavior. + +![1.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 1.Activity Job Group is comprised of: + +- [Forensics Job Group](/docs/accessanalyzer/11.6/solutions/box/activity/forensics/overview.md) + – Provides details on the types of operations occurring within audited Box enterprises, including + deletions, file downloads, permission changes, and more +- [Suspicious Activity Job Group](/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/overview.md) + – Identifies areas and times of abnormal activity by analyzing typical activity patterns and + identifying outliers based on factors such as amount of activity or time of day +- [Usage Statistics Job Group](/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/overview.md) + – Identifies long-term trends of activity and usage statistics across your Box environment, + highlighting conditions such as most active or stale folders diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_failedlogins.md b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_failedlogins.md new file mode 100644 index 0000000000..12819e54be --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_failedlogins.md @@ -0,0 +1,30 @@ +# Box_FailedLogins Job + +The Box_FailedLogins Job identifies failed logon events that have occurred over the last 30 days. A +failed logon can be an indication of security issues such as an attempt to access unauthorized +content, or operational issues such as a misconfigured service account. + +## Analysis Tasks for the Box_FailedLogins Job + +Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_FailedLogins** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_FailedLogins Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp) + +The following analysis tasks are selected by default: + +- Failed Logins – Creates the Box_FailedLogin_Details table accessible under the job’s Results node +- Failed Login User Summary – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Failed Login Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_FailedLogins Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------- | --------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Failed Logins | This report highlights the failed login activity occurring in the target Box environment over the last 30 days. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days summary of failed logins - Table – Provides details on last 30 days of failed login details | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_firsttimefolderaccess.md b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_firsttimefolderaccess.md new file mode 100644 index 0000000000..b48b245f46 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_firsttimefolderaccess.md @@ -0,0 +1,28 @@ +# Box_FirstTimeFolderAccess Job + +The Box_FirstTimeFolderAccess Job identifies the first time a user performs any activity on a folder +or a file over the past 30 days. + +## Analysis Tasks for the Box_FirstTimeFolderAccess Job + +View the analysis tasks by navigating to the **Box** > **1.Activity** > **Suspicious Activity** > +**Box_FirstTimeFolderAccess** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_FirstTimeFolderAccess Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp) + +The following analysis tasks are selected by default: + +- First Time Folder Access – Creates the Box_FirstTimeFolderAccess_Details table accessible under + the job’s Results node +- First Time Folder Access Last 30 Days – Creates an interim processing table in the database for + use by downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_FirstTimeFolderAccess Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | --------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| First Time Folder Access | This report highlights details for first time folder access per user. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of first time folder access - Table – Provides summary of last 30 days of first time folder access - Table – Provides details on first time folder access | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_unusualdownloadactivity.md b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_unusualdownloadactivity.md new file mode 100644 index 0000000000..d2feafdde8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_unusualdownloadactivity.md @@ -0,0 +1,27 @@ +# Box_UnusualDownloadActivity Job + +The Box_UnusualDownloadActivity Job highlights unusual download activity for a user on a specific +day by analyzing the download activity for a given user and looking for outliers. Unusual download +activity could indicate a compromised account or a malicious insider. + +## Analysis Task for the Box_UnusualDownloadActivity Job + +Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_UnusualDownloadActivity** > +**Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the Box_UnusualDownloadActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp) + +The following analysis task is selected by default: + +- Unusual Download Activity – Creates the Box_UnusualDownload_Details table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the Box_UnusualDownloadActivity Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Unusual Download Activity | This report provides insight into download activity that deviates from the normal range of expected downloads.  This is determined by using historical data for each file. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 most recent unusual download activity - Table – Provides details on unusual download activity | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_unusualuseractivity.md b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_unusualuseractivity.md new file mode 100644 index 0000000000..48a7ea7f9d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_unusualuseractivity.md @@ -0,0 +1,27 @@ +# Box_UnusualUserActivity Job + +The Box_UnusualUserActivity Job highlights unusual download activity for a user on a specific day by +analyzing the download activity for a given user and looking for outliers. Unusual download activity +could indicate a compromised account or a malicious insider. + +## Analysis Tasks for the Box_UnusualUserActivity Job + +Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_UnusualUserActivity** > +**Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_UnusualUserActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp) + +The following analysis task is selected by default: + +- Unusual User Activity – Creates the Box_UnusualUserActivity table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the Box_Content Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Unusual User Activity | This report provides insight into user activity that deviates from the normal range of expected activity.  This is determined by using historical data for each user. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 most recent unusual user activity - Table – Provides details on unusual user activity | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_weekendactivity.md b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_weekendactivity.md new file mode 100644 index 0000000000..ccc8f1b3d7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_weekendactivity.md @@ -0,0 +1,29 @@ +# Box_WeekendActivity Job + +The Box_WeekendActivity Job highlights unusual download activity for a user on a specific day by +analyzing the download activity for a given user and looking for outliers. Unusual download activity +could indicate a compromised account or a malicious insider. + +## Analysis Tasks for the Box_WeekendActivity Job + +Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_WeekendActivity** > +**Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_WeekendActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp) + +The following analysis tasks are selected by default: + +- Weekend Activity – Creates the Box_WeekendActivity_Details table accessible under the job’s + Results node +- Weekend Activity Summary – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_WeekendActivity Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | -------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Weekend Activity | This report highlights the activity occurring on weekends in the target Box environment over the last 30 days. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of weekend activity for top 5 users - Table – Provides summary top 30 days of weekend activity - Table – Provides details on weekend Activity Details | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/overview.md b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/overview.md new file mode 100644 index 0000000000..b0f0afc821 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/overview.md @@ -0,0 +1,23 @@ +# Suspicious Activity Job Group + +The Suspicious Activity Job Group identifies areas and times of abnormal activity by analyzing +typical activity patterns and identifying outliers based on factors such as amount of activity or +time of day. + +![Suspicious Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The Suspicious Activity Job Group is comprised of: + +- [Box_FailedLogins Job](/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_failedlogins.md) + – Identifies failed logon events that have occurred over the last 30 days +- [Box_FirstTimeFolderAccess Job](/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_firsttimefolderaccess.md) + – Identifies the first time a user performs any activity on a folder or a file over the past 30 + days +- [Box_UnusualDownloadActivity Job](/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_unusualdownloadactivity.md) + – Highlights unusual download activity for a user on a specific day by analyzing the download + activity for a given user and looking for outliers +- [Box_UnusualUserActivity Job](/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_unusualuseractivity.md) + – Highlights unusual activity for a user on a specific day by analyzing the activity for a given + user and looking for outliers +- [Box_WeekendActivity Job](/docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/box_weekendactivity.md) + – Identifies Box activity events which have occurred on weekends over the last 30 days diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_folders_mostactive.md b/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_folders_mostactive.md new file mode 100644 index 0000000000..4d1ea70632 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_folders_mostactive.md @@ -0,0 +1,26 @@ +# Box_Folders_MostActive Job + +The Box_Folders_MostActive Job identifies long-term trends of activity and usage statistics across +your Box environment, highlighting conditions such as most active or stale folders. + +## Analysis Tasks for the Box_Folders_MostActive Job + +Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Folders_MostActive** > +**Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Folders_MostActive Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp) + +The following analysis task is selected by default: + +- Most Active Folders – Creates the Box_Folders_MostActive table accessible under the job’s Results + node + +In addition to the tables created by the analysis tasks, the Box_Folders_MostActive Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Most Active Folders | This report highlights the most active folder in the target Box environment over the last 30 days | None | This report is comprised of two elements: - Bar Chart – Displays last 30 days of most active folders - Table – Provides summary of most active folders | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_folders_stale.md b/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_folders_stale.md new file mode 100644 index 0000000000..9f9e517426 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_folders_stale.md @@ -0,0 +1,27 @@ +# Box_Folders_Stale Job + +The Box_Folders_Stale Job identifies the last time activity occurred for each folder in the Box +environment, highlighting stale folders which have not had activity in the last 30 days. These +folders can be subject to cleanup or consolidation. + +## Analysis Tasks for the Box_Folders_Stale Job + +Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Folders_Stale** > **Configure** +node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Folders_Stale Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp) + +The following analysis tasks are selected by default: + +- Stale Folder Details – Creates the Box_Folders_Stale table accessible under the job’s Results node +- No Activity – Creates the Box_Folders_NoActivity table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the Box_Folders_Stale Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------- | ------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Folders | This report highlights stale resources in the target Box environment over the last 30 days | None | This report is comprised of three elements: - Bar Chart – Displays top 5 stale folders - Table – Provides summary of folders with no activity - Table – Provides details on stale folders | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_users_mostactive.md b/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_users_mostactive.md new file mode 100644 index 0000000000..12fc70ec56 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_users_mostactive.md @@ -0,0 +1,25 @@ +# Box_Users_MostActive Job + +The Box_Users_MostActive Job analyzes user activity to highlight the most active and potentially +stale users within the environment based on the last 30 days of activity events. + +## Analysis Tasks for the Box_Users_MostActive Job + +Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Users_MostActive** > +**Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Users_MostActive Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp) + +The default analysis task is: + +- Most Active Users – Creates the Box_Users_MostActive table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the Box_Users_MostActive Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active Users | This report highlights the most active users in the target Box environment over the last 30 days. It also lists stale users that have had no activity in the last 30 days. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of the most active users - Table – Provides summary of last 30 days of the most active users | diff --git a/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/overview.md b/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/overview.md new file mode 100644 index 0000000000..e5e0e5dd6b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/overview.md @@ -0,0 +1,18 @@ +# Usage Statistics Job Group + +The Usage Statistics Job Group identifies long term trends of activity and usage statistics across +your Box environment, highlighting conditions such as most active or stale folders. + +![Usage Statistics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The Usage Statistics Job Group is comprised of: + +- [Box_Folders_MostActive Job](/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_folders_mostactive.md) + – Identifies long-term trends of activity and usage statistics across your Box environment, + highlighting conditions such as most active or stale folders +- [Box_Folders_Stale Job](/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_folders_stale.md) + – Identifies long-term trends of activity and usage statistics across your Box environment, + highlighting conditions such as most active or stale folders +- [Box_Users_MostActive Job](/docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/box_users_mostactive.md) + – Identifies long-term trends of activity and usage statistics across your Box environment, + highlighting conditions such as most active or stale folders diff --git a/docs/accessanalyzer/11.6/solutions/box/box_access.md b/docs/accessanalyzer/11.6/solutions/box/box_access.md new file mode 100644 index 0000000000..5702d93540 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/box_access.md @@ -0,0 +1,32 @@ +# Box_Access Job + +The Box_Access Job analyzes access granted to users and groups in an organization's Box environment +in order to report on effective access rights, file-level permissions, and inactive access rights +that can be revoked. + +## Analysis Tasks for the Box_Access Job + +Navigate to **Box** > **Box_Access** > **Configure** node and select **Analysis** to view analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Access Job](/img/product_docs/accessanalyzer/11.6/solutions/box/accessanalysis.webp) + +The following analysis tasks are selected by default: + +- Calculate Access Details – Creates the Box_Access_Details table accessible under the job’s Results + node +- Summarize Access by User – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Summarize Access by Group – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the Box_Access Job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------- | ----------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Access (Box Access Overview) | This report highlights groups with access to Box resources, and summarizes them by group. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by access granted - Table – Provides details on top groups by access - Table – Provides details on group access | +| User Access | This report highlights users with access to Box resources, and summarizes them by group. | None | This report is comprised of three elements: - T-Chart – Displays top users by direct access - Table – Provides summary of user access - Table – Provides details on user access | diff --git a/docs/accessanalyzer/11.6/solutions/box/box_groupmembership.md b/docs/accessanalyzer/11.6/solutions/box/box_groupmembership.md new file mode 100644 index 0000000000..ef74c5a824 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/box_groupmembership.md @@ -0,0 +1,26 @@ +# Box_GroupMembership Job + +The Box_GroupMembership Job provides visibility into group membership within an organization's Box +environment. + +## Analysis Tasks for the Box_GroupMembership Job + +Navigate to **Box** > **Box_GroupMembership** > **Configure** node and select **Analysis** to view +analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_GroupMembership Job](/img/product_docs/accessanalyzer/11.6/solutions/box/groupmembershipanalysis.webp) + +The following analysis task is selected by default: + +- Summarize Group Membership – Creates the Box_GroupMembership_Details table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the Box_Content Job produces the following +pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Membership (Box Group Membership) | This report summarizes Box group membership and lists all group membership across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by member count - Table – Provides summary of group membership - Table – Provides details on group membership | diff --git a/docs/accessanalyzer/11.6/solutions/box/collection/1-box_access_scans.md b/docs/accessanalyzer/11.6/solutions/box/collection/1-box_access_scans.md new file mode 100644 index 0000000000..6599f88e56 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/collection/1-box_access_scans.md @@ -0,0 +1,79 @@ +# 1-Box_Access Scans Job + +The 1-Box_Access Scans Job collects the data which will be further analyzed in order to provide +details on Box access rights, policies, configurations, and content. + +## Queries for the 1-Box_Access Scans Job + +The Scan Query uses the Box Data Collector to target all Box hosts and has been preconfigured to use +the Scan Box Permissions Category. If this query is not configured but has the access token, a full +scan of all folders at full depth is performed. Optionally, configure the query to limit the depth +of the scan. + +![Queries for the 1-Box_Access Scans Job](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessqueries.webp) + +The 1-Box_Access Scans Job has the following queries: + +- Scan Query – Collects access data which will be further analyzed in order to provide details on + Box access rights, policies, configurations, and content + +Prior to the first execution, it is necessary to authenticate to the targeted Box environment. This +is done on the Authenticate page of the Scan query. Additionally, the following default +configurations are commonly customized: + +- Exclusions page: + + - Not scoped + +- Additional Scoping page: + + - Not scoped + +See the [Configure the 1-Box_Access Scans Job](#configure-the-1-box_access-scans-job) section for +instructions. + +### Configure the 1-Box_Access Scans Job + +The 1-Box_Access Scans Job contains the Scan Query. Follow the steps to configure the query. + +**Step 1 –** Navigate to the **Box** > **0.Collection** > **1-Box_Access Scans** > **Configure** +node and select **Queries**. + +**Step 1 –** In the Query Selection view, select the Scan Query and click **Query Properties**. The +Query Properties window opens. + +**Step 2 –** Select the **Data Source** tab, and click **Configure**. The Box Data Collector Wizard +opens. + +![Box Data Collector Wizard Exclusions page](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessexclusions.webp) + +**Step 3 –** On the Exclusions Page: + +- Add folders to be excluded +- Add folders to be included (scope scan to only these folders) + +![Box Data Collector Wizard Additional Scoping page](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessadditionalscoping.webp) + +**Step 4 –** On the Additional Scoping page: + +- Optionally, select this option to limit the depth of the scan across the targeted Box account + +![Box Data Collector Wizard Scope by User page](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessuserscope.webp) + +**Step 5 –** On the Scope By User Page: + +- Optionally, limit the scope of the scan to specified users by providing a CSV file + +![Box Data Collector Wizard Authenticate page](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessauthenticate.webp) + +**Step 6 –** The Authenticate page is where the connection to the target Box environment is +configured. Click **Authorize** to launch the BoxLogin window and generate an authorization code. +This code allows Enterprise Auditor to report on the Box Enterprise. + +**NOTE:** Authentication to the target Box environment only needs to be completed once, prior to the +first scan and only in one of the scan jobs. + +**Step 7 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The 1-Box_Access Scans Job will execute according to the connection settings configuration. diff --git a/docs/accessanalyzer/11.6/solutions/box/collection/1-box_activity_scans.md b/docs/accessanalyzer/11.6/solutions/box/collection/1-box_activity_scans.md new file mode 100644 index 0000000000..08df798490 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/collection/1-box_activity_scans.md @@ -0,0 +1,92 @@ +# 1-Box_Activity Scans Job + +The 1-Box_Activity Scans Job collects the data which will be further analyzed in order to provide +visibility into user activity events within Box. + +## Queries for the 1-Box_Activity Scans Job + +The Scan Query uses the Box Data Collector to target all Box hosts and has been preconfigured to use +the Scan Box Permissions Category. + +![Queries for the 1-Box_Activity Scans Job](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityqueries.webp) + +The 1-Box_Activity Scans Job has the following queries: + +- Activity Scan – Collects activity data which will be further analyzed in order to provide + visibility into user activity events within Box. + +Prior to the first execution, it is necessary to authenticate to the targeted Box environment if +this has not already been done when configuring the 1-Box_Access Scans Job. This is done on the +Authenticate page of the Activity Scan query. Additionally, the following default configurations are +commonly customized: + +- Exclusions page: + + - Not scoped + +- Additional Scoping page: + + - Not scoped + +See the [Configure the 1-Box_Activity Scans Job](#configure-the-1-box_activity-scans-job) section +for instructions. + +### Configure the 1-Box_Activity Scans Job + +The 1-Box_Activity Scans Job contains the Activity Scan Query. Follow the steps to configure the +query. + +**Step 1 –** Navigate to the **Box** > **0.Collection** > **1-Box_Activity Scans** > **Configure** +node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the Scan Query and click **Query Properties**. The +Query Properties window displays. + +**Step 3 –** Select the Data Source tab, and click **Configure**. The Box Data Collector Wizard +opens. + +![Box Data Collector Wizard Exclusions page](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityexclusions.webp) + +**Step 4 –** On the Exclusions page: + +- Add folders to be excluded +- Add folders to be included (scope scan to only these folders) + +![Box Data Collector Wizard Additional Scoping page](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityadditionalscoping.webp) + +**Step 5 –** On the Additional Scoping page: + +- Optionally, select this option to limit the depth of the scan across the targeted Box account + +![Box Data Collector Wizard Scope by User page](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityuserscope.webp) + +**Step 6 –** On the Scope By User Page: + +- Optionally, limit the scope of the scan to specified users by providing a CSV file + +![Box Data Collector Wizard Activity Timespan Scope page](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activitytimespanscope.webp) + +**Step 7 –** On the Activity Timespan Scope page: + +- Collect activity data within a Relative Timespan +- Collect activity data within an Absolute Timespan + +![Box Data Collector Wizard Activity Operation Scope page](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityoperationscope.webp) + +**Step 8 –** On the Activity Operation Scope page: + +- Select Box enterprise event operations to collect + +![Box Data Collector Wizard Authenticate page](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityauthenticate.webp) + +**Step 9 –** The Authenticate page is where the connection to the target Box environment is +configured. Click **Authorize** to launch the BoxLogin window and generate an authorization code. +This code allows Enterprise Auditor to report on the Box Enterprise. + +**NOTE:** Authentication to the target Box environment only needs to be completed once, prior to the +first scan and only in one of the scan jobs. + +**Step 10 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The 1-Box_Activity Scans Job will execute according to the connection settings configuration. diff --git a/docs/accessanalyzer/11.6/solutions/box/collection/2-box_import.md b/docs/accessanalyzer/11.6/solutions/box/collection/2-box_import.md new file mode 100644 index 0000000000..b5f1d99586 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/collection/2-box_import.md @@ -0,0 +1,18 @@ +# 2-Box_Import Job + +The 2-Box_Import Job takes the data that has been collected from the 1-Box_Access Scans Job and the +1-Box_Activity Scans Job and imports it to the Enterprise Auditor database to be analyzed in order +to provide detailed reports on Box access rights, policies, configurations, activities, and content. + +## Queries for the 2-Box_Import Job + +The Import Query uses the Box Data Collector and has been preconfigured to use the Import Box +Permissions Category. + +![Queries for the 2-Box_Import Job](/img/product_docs/accessanalyzer/11.6/solutions/box/collection/importqueries.webp) + +The 2-Box_Import Job has the following query: + +- Import - Takes the data that has been collected from Box and imports it to the Enterprise Auditor + database to be analyzed in order to provide detailed reports on Box access rights, policies, + configurations, activities, and content. diff --git a/docs/accessanalyzer/11.6/solutions/box/collection/overview.md b/docs/accessanalyzer/11.6/solutions/box/collection/overview.md new file mode 100644 index 0000000000..84fd057f90 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/collection/overview.md @@ -0,0 +1,19 @@ +# 0.Collection Job Group + +The 0.Collection Job Group collects data which will be further analyzed in order to provide details +on Box access rights, policies, configurations, activities, and content. + +![Box > Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 0.Collection Job Group is comprised of: + +- [1-Box_Access Scans Job](/docs/accessanalyzer/11.6/solutions/box/collection/1-box_access_scans.md) + – Collects the data which will be further analyzed in order to provide details on Box access + rights, policies, configurations, and content +- [1-Box_Activity Scans Job](/docs/accessanalyzer/11.6/solutions/box/collection/1-box_activity_scans.md) + – Collects the data which will be further analyzed in order to provide visibility into user + activity events within Box +- [2-Box_Import Job](/docs/accessanalyzer/11.6/solutions/box/collection/2-box_import.md) + – Takes the data that has been collected from Box and imports it to the Enterprise Auditor + database to be analyzed in order to provide detailed reports on Box access rights, policies, + configurations, activities, and content diff --git a/docs/accessanalyzer/11.6/solutions/box/content/box_filemetrics.md b/docs/accessanalyzer/11.6/solutions/box/content/box_filemetrics.md new file mode 100644 index 0000000000..90d12e8133 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/content/box_filemetrics.md @@ -0,0 +1,52 @@ +# Box_FileMetrics Job + +The Box_FileMetrics Job offers insight into content sizing, staleness, and ownership of files in the +Box environment. + +**NOTE:** The staleness threshold can be customized within the **File Metrics Details** analysis. + +## Analysis Tasks for the Box_FileMetrics Job + +Navigate to **Box** > **2.Content** > **Box_FileMetrics** > **Configure** node and select +**Analysis** to view analysis tasks. + +**CAUTION:** Most of these analysis tasks should never be modified and never be deselected. + +![Analysis Tasks for the Box_FileMetrics Job](/img/product_docs/accessanalyzer/11.6/solutions/box/content/filemetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- File Metrics Details – Creates the Box_FileMetrics_Details table accessible under the job’s + Results node + - Set to consider content stale after 30 days which is the @STALETHRESHOLD parameter value + - See the + [Customize Analysis Tasks for the Box_FileMetrics Job](#customize-analysis-tasks-for-the-box_filemetrics-job) + topic for additional information. +- File Count by User – Creates the Box_FileMetrics_UserFileCount table accessible under the job’s + Results node +- Total File Size by User – Creates the Box_FileMetrics_UserFileSize table accessible under the + job’s Results node +- File Counts by File Extension – Creates the Box_FileMetrics_ExtFileCount table accessible under + the job’s Results node +- File Size by File Extension – Creates the Box_FileMetrics_ExtFileSize table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the Box_FileMetrics Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | --------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Files by Extension | This report summarizes the Box content by file extension. | None | This report is comprised of four elements: - Pie Chart – Displays top 20 file counts by file extension - Bar Chart – Displays top 5 file size by file extension - Table – Provides details on file counts by file extension - Table – Provides details on file size by file extension | +| Files by User | This report summarizes the Box content by user. | None | This report is comprised of four elements: - Bar Chart – Displays top 5 file count by user - Bar Chart – Displays top 5 file size by user - Table – Provides details on file count by user - Table – Provides details on file size by user | + +### Customize Analysis Tasks for the Box_FileMetrics Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| -------------------- | --------------------------- | ------------- | ------------------------------------ | +| File Metrics Details | @STALE_THRESHOLD | 30 | Consider content stale after 30 days | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on how to modify parameters. diff --git a/docs/accessanalyzer/11.6/solutions/box/content/box_foldermetrics.md b/docs/accessanalyzer/11.6/solutions/box/content/box_foldermetrics.md new file mode 100644 index 0000000000..0e64e3fd2c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/content/box_foldermetrics.md @@ -0,0 +1,50 @@ +# Box_FolderMetrics Job + +The Box_FolderMetrics Job offers insight into content sizing, staleness, and ownership of folders in +the Box environment. + +**NOTE:** The staleness threshold can be customized within the **Folder Metrics Details** analysis. +Largest and smallest folder size thresholds can be configured in a similar way on their respective +analysis tasks. + +## Analysis Tasks for the Box_FolderMetrics Job + +Navigate to **Box** > **2.Content** > **Box_FolderMetrics** > **Configure** node and select +**Analysis** to view analysis tasks. + +**CAUTION:** Most of these analysis tasks should never be modified and never be deselected. + +![Analysis Tasks for the Box_FolderMetrics Job](/img/product_docs/accessanalyzer/11.6/solutions/box/content/foldermetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- Folder Metrics Details – Creates the Box_FolderMetrics_Details table accessible under the job’s + Results node + - Set to consider content stale after 30 days which is the @STALETHRESHOLD parameter value + - See the + [Customizable Analysis Tasks for the Box_FolderMetrics Job](#customizable-analysis-tasks-for-the-box_foldermetrics-job) + topic for additional information. +- Largest Folders – Creates the Box_FolderMetrics_Largest table accessible under the job’s Results + node +- Smallest Non-Empty Folders – Creates the Box_FolderMetrics_Smallest table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the Box_FolderMetrics Job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Largest Folders | This report summarizes the Box content by folder size. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 largest folders - Table – Provides details on largest folders | +| Smallest Folders | This report summarizes the Box content by folder size. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 smallest folders with files - Table – Provides details on smallest folders with files - Table – Provides details on empty folders | + +### Customizable Analysis Tasks for the Box_FolderMetrics Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ---------------------- | --------------------------- | ------------- | ------------------------------------ | +| Folder Metrics Details | @STALE_THRESHOLD | 30 | Consider content stale after 30 days | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) topic +for instructions on how to modify parameters. diff --git a/docs/accessanalyzer/11.6/solutions/box/content/overview.md b/docs/accessanalyzer/11.6/solutions/box/content/overview.md new file mode 100644 index 0000000000..f537f77ff8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/content/overview.md @@ -0,0 +1,18 @@ +# 2.Content Job Group + +The 2.Content Job Group analyzes and summarizes the content of the targeted Box environment, +highlighting users with the most content as well as what type of content exists. This information +can also be used to identify stale content that can be removed or archived to reduce risk. + +![2.Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 2.Content Job Group is comprised of: + +- [Box_FileMetrics Job](/docs/accessanalyzer/11.6/solutions/box/content/box_filemetrics.md) + – Offers insight into content sizing, staleness, and ownership of files in the Box environment. + The staleness threshold can be customized within the **File Metrics Details** analysis. +- [Box_FolderMetrics Job](/docs/accessanalyzer/11.6/solutions/box/content/box_foldermetrics.md) + – Offers insight into content sizing, staleness, and ownership of folders in the Box environment. + The staleness threshold can be customized within the **Folder Metrics Details** analysis. Largest + and smallest folder size thresholds can be configured in a similar way in their respective + analysis tasks. diff --git a/docs/accessanalyzer/11.6/solutions/box/overview.md b/docs/accessanalyzer/11.6/solutions/box/overview.md new file mode 100644 index 0000000000..080ee635e1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/overview.md @@ -0,0 +1,51 @@ +# Box Solution + +The Box solution set contains jobs to provide visibility into Box access rights, policies, +configurations, activities, and more, ensuring you never lose sight or control of your critical +assets residing in Box. + +Supported Platforms + +- Box for Business + +Requirements, Permissions, and Ports + +See the +[Target Box Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/box.md) +topic for additional information. + +Location + +The Box Solution requires a special Enterprise Auditor license. It can be installed from the Instant +Job Wizard. Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > +**Box**. + +![Box Solution in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 0.Collection Job Group collects the data. The other job groups run analysis on the collected +data and generate reports. + +## Jobs + +The Box solution contains jobs to highlight access, analyze content, and expand group membership in +an organization's Box environment. + +![Box Solution Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The Box Solution has the following job groups and jobs: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/box/collection/overview.md) + – Collects the data which will be further analyzed in order to provide details on Box access + rights, policies, configurations, activities, and content +- [1.Activity Job Group](/docs/accessanalyzer/11.6/solutions/box/activity/overview.md) + – Identifies long term trends of activity providing insight into user activity, usage statistics, + and suspicious behavior by analyzing enterprise events within the Box environment +- [2.Content Job Group](/docs/accessanalyzer/11.6/solutions/box/content/overview.md) + – Analyzes and summarizes the content of the Box environment, highlighting users with the most + content as well as what type of content exists +- [Box_Access Job](/docs/accessanalyzer/11.6/solutions/box/box_access.md) + – Analyzes access granted to users and groups in an organization's Box environment in order to + report on effective access rights, file-level permissions, and inactive access rights that can be + revoked +- [Box_GroupMembership Job](/docs/accessanalyzer/11.6/solutions/box/box_groupmembership.md) + – Expands group membership in an organization's Box environment diff --git a/docs/accessanalyzer/11.6/solutions/box/recommended.md b/docs/accessanalyzer/11.6/solutions/box/recommended.md new file mode 100644 index 0000000000..43b108ff9e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/box/recommended.md @@ -0,0 +1,85 @@ +# Recommended Configurations for the Box Solution + +The jobs that run analysis tasks in the Box Solution requires the host list to be assigned. + +Dependencies + +- The .Active Directory Inventory Job Group must be successfully run prior to running this Job Group +- 2-Box_Import Job – Imports data collected by the 1-Box_Access Scans Job and 1-Box_Activity Scans + Job + +Targeted Hosts + +- Enterprise_ID for the target Box environment + +Within host inventory, the Box hosts will return a HostStatus of **Offline**. + +If multiple Enterprise_IDs are to be scanned, it is necessary to duplicate the jobs within the +0.Collection Job Group for each target host. Since the 2-Box_Import Job must always be run after the +1-Box_Access Scans Job and 1-Box_Activity Scans Job, it is a best practice to set up sub-job groups +for each target named to identify the target, for example EMEA Box. Copying the jobs will append a +number to the job’s name. Once authorization codes have been generated for each 1-Box_Access Scans +Job and 1-Box_Activity Scans Job, then the solution can be scheduled to run as desired. + +Connection Profile + +The Box Solution requires a specific credential for the Connection Profile which has access to the +SA Installer location. It is also necessary to authenticate to the target Box environment, which is +done through the Box Data Collector query configuration. An Enterprise Admin account (or Co-Admin +account with permission to **Run new reports and access existing reports** enabled) credential is +needed to generate an authorization code in the form of an Access Token. This can be done through +the query configuration either in the 1-Box_Access Scans Job’ Authentication wizard page or the +1-Box_Activity Scans Job’s Authentication wizard page of the Box Data Collector Wizard. See the +[Box Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/box/overview.md) +topic for additional information. + +Access Token + +The Access Token is valid for 60 days. If Box scans are running on a regular schedule, then the +Access Token automatically refreshes once an hour. However, if it has been more than 60 days since +the last scan, it is necessary to regenerate the Access Token. + +Schedule Frequency + +The Box Job Group can be scheduled to run as desired. + +Query Configuration + +This solution can be run with the default query configuration. However, the following queries in the +0.Collection Job Group can be modified to limit the depth of the scan: + +- 1-Box_Access Scans Scan query +- 1-Box_Activity Scans Activity Scan query + +The Box_Import Job's Import query is preconfigured to run a full import and should not be modified. + +Analysis Configuration + +This solution can be run with the default analysis configuration. However, the following parameters +can be modified: + +- The @STALETHRESHOLD parameter determines the number of days after which content is considered + stale. It is set to default of 30 days. The @STALETHRESHOLD parameter can be customized in the + following analysis tasks: + - 2.Content > Box_FileMetrics in the File Metrics Details analysis task + - 2.Content > Box_FolderMetrics Folder in the Metrics Details analysis task + +Workflow + +**Step 1 –** Prerequisite: Run the .Active Directory Inventory Job Group. + +**Step 2 –** (Optional) Modify query configurations for the 0.Collection Job Group to limit the scan +depth. + +**Step 3 –** In the 1-Box_Access Scans Job, configure the Scan query to generate an authentication +code to authenticate to the targeted Box environment. This step only needs to be run prior to the +first scan. + +**Step 4 –** (Optional) Modify analysis task parameters for the reporting jobs. + +**Step 5 –** Schedule the Box Job Group to run as desired. + +**NOTE:** The 0.Collection > 2-Box_Import Job must be run after the 1-Box_Access Scans Job and +1-Box_Activity Scans Job because it imports the data collected by the scan jobs. + +**Step 6 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md b/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md deleted file mode 100644 index b12b89a4fb..0000000000 --- a/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md +++ /dev/null @@ -1,1541 +0,0 @@ -# 1.AWS_OrgScan Job - -The 1.AWS_OrgScan job collects details about the AWS Organization including password policies and -accounts within the organization. - -## Queries for the 1.AWS_OrgScan Job - -The Org Scan query uses the AWS Data Collector to target all AWS instances and has been -preconfigured to use the Collect Org Data category. - -![Queries for the 1.AWS_OrgScan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/orgscanqueries.webp) - -The 1.AWS_OrgScan job has the following configurable query: - -- Org Scan – Collects AWS Organization level information - -### Configure the Org Scan Query - -The Org Scan query in the 1.AWS_OrgScan job has been preconfigured to run with the default settings -with the category of Collect Org Data. Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **AWS** > **0.Collection** > **1.AWS_OrgScan** > **Configure** node and -select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data -Collector Wizard opens. - -![AWS Data Collector Login Roles wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/loginroles.webp) - -**Step 4 –** On the Login Roles page, add the created AWS Roles: - -- Enter the Role in the Role Name field and click **Add** -- Alternatively, import multiple Roles from a CSV file -- See the - [Configure AWS for Scans](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information - -**Step 5 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if -no changes were made. Then click **OK** to close the Query Properties window. - -If changes were saved, the 1.AWS_OrgScans Job has now been customized. - -# 2.AWS_S3Scan Job - -The 2.AWS_S3Scan job collects details about the AWS S3 buckets including details about the objects -in those buckets. - -## Queries for the 2.AWS_S3Scan Job - -The S3 Scan query uses the AWS Data Collector to target all AWS instances and has been preconfigured -to use the Collect S3 category. - -![Query Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3scanqueries.webp) - -The 2.AWS_S3Scan job has the following configurable query: - -- S3 Scan – Collects information about the AWS S3 buckets and objects - -### Configure the S3 Scan Query - -The S3 Scan query in the 2.AWS_S3 Scan job has been preconfigured to run with the default settings -with the category of Collect S3. Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **AWS** > **0.Collection** > **2.AWS_S3Scan** > **Configure** node and -select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data -Collector Wizard opens. - -![AWS Data Collector Login Roles wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/loginroles.webp) - -**Step 4 –** On the Login Roles page, add the created AWS Roles: - -- Enter the Role in the Role Name field and click **Add** -- Alternatively, import multiple Roles from a CSV file -- See the - [Configure AWS for Scans](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information - -![AWS Data Collector Filter S3 Objects wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/filters3objects.webp) - -**Step 5 –** On the Filter S3 Objects page, scope the scan to target specific S3 objects: - -- Click **Add** to select from AWS Buckets in the target environment -- Alternatively, click **Add Custom Filter** to configure a custom filter as a text string -- See the - [AWS: Filter S3 Objects](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) - topic for additional information - -**Step 6 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if -no changes were made. Then click **OK** to close the Query Properties window. - -If changes were saved, the 2.AWS_S3Scan Job has now been customized. - -## Analysis Tasks for the 2.AWS_S3Scan Job - -Navigate to the **AWS** > **0.Collection** > **2.AWS_S3Scan** > **Configure** node and select -**Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the 2.AWS_S3Scan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3scananaylsistasks.webp) - -The following analysis task is selected by default: - -- AIC AWS S3 Bucket Permissions Import – Imports AWS S3 Bucket permissions into the Access - Information Center - -# 3.AWS_IAMScan Job - -The 3.AWS_IAMScan job collects details about users, groups, policies, roles, and other IAM related -identities. - -## Queries for the 3.AWS_IAMScan Job - -The IAM Scan query uses the AWS Data Collector to target all AWS instances and has been -preconfigured to use the Collect IAM Data category. - -![Queries for the 3.AWS_IAMScan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/iamscanqueries.webp) - -The 3.AWS_IAMScan job has the following configurable query: - -- IAM Scan – Scans AWS S3 for information on IAM related identities - -### Configure the IAM Scan Query - -The IAM Scan query in the 3.AWS_IAMScan job has been preconfigured to run with the default settings -with the category of Collect IAM Data. Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **AWS** > **0.Collection** > **3.AWS_IAMScan** > **Configure** node and -select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data -Collector Wizard opens. - -![AWS Data Collector Login Roles wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/loginroles.webp) - -**Step 4 –** On the Login Roles page, add the created AWS Roles: - -- Enter the Role in the Role Name field and click **Add** -- Alternatively, import multiple Roles from a CSV file -- See the - [Configure AWS for Scans](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information - -**Step 5 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if -no changes were made. Then click **OK** to close the Query Properties window. - -If changes were saved, the 3.AWS_IAMScan job has now been customized. - -## Analysis Tasks for the 3.AWS_IAM Scan Job - -View the analysis tasks by navigating to the **AWS** > **0.Collection** > **3.AWS_IAMScan** > -**Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the 3.AWS_IAM Scan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/iamscananalysistasks.webp) - -The following analysis task is selected by default: - -- AWS Views – Creates the AWS Views table - -# 4.AWS_S3SDDScan Job - -The 4.AWS_S3SDDScan job collects details about S3 objects containing sensitive data. - -## Queries for the 4.AWS_S3SDDScan Job - -The AWS S3 Sensitive Data Scan query uses the AWS Data Collector to target all AWS instances and has -been preconfigured to use the Collect SDD Data category. - -![Queries for the 4.AWS_S3SDDScan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3sddscanqueries.webp) - -The 4.AWS_S3SDDScan job has the following configurable query: - -- AWS S3 Sensitive Data Scan – Scans AWS objects for sensitive data - -### Configure the AWS S3 Sensitive Data Scan Query - -The AWS S3 Sensitive Data Scan query in the 4.AWS_S3SDDScan job has been preconfigured to run with -the default settings with the category of Collect SDD Data. Follow the steps to set any desired -customizations. - -**Step 1 –** Navigate to the **AWS** > **0.Collection** > **4.AWS_S3SDD Scan** > **Configure** node -and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data -Collector Wizard opens. - -![AWS Data Collector Filter S3 Objects wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/filters3objects.webp) - -**Step 4 –** On the Filter S3 Objects page, scope the scan to target specific S3 objects: - -- Click **Add** to select from AWS Buckets in the target environment -- Alternatively, click **Add Custom Filter** to configure a custom filter as a text string -- See the - [AWS: Filter S3 Objects](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/aws.md) - topic for additional information - -![AWS Data Collector Sensitive Data Settings wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3sddsensitivedata.webp) - -**Step 5 –** On the Sensitive Data Settings page, configure the following options: - -- Modify maximum file size to be scanned -- Add scanning offline files -- Modify file types to be scanned -- Enable differential scanning -- Modify the number of SDD scan processes - - **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host - should be 1 to 2 times the number of CPU threads available. - -- Enable Optical Character Recognition (OCR) scans - - **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents - directly converted to images, with standard fonts. It will not work for scanning photos of - documents and may not be able to recognize text on images of credit cards, driver's licenses, or - other identity cards. - -![AWS Data Collector Select DLP criteria for this scan wizard page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -**Step 6 –** On the Criteria page, add or remove criteria as desired: - -- (Optional) Create custom criteria on the global **Settings** > **Sensitive Data** Node -- See - the[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information and instructions - -**NOTE:** By default, discovered sensitive data strings are stored in the Enterprise Auditor -database. - -**Step 7 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if -no changes were made. Then click **OK** to close the Query Properties window. - -If changes were saved, the 4.AWS_S3SDDScan Job has now been customized. - -## Analysis Tasks for the 4.AWS_S3SDD Scan Job - -View the analysis tasks by navigating to the **AWS** > **0.Collection** > **4.AWS_S3SDDScan** > -**Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 4.AWS_S3SDD Scan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3sddscananaylsistasks.webp) - -The following analysis tasks are selected by default: - -- AWS Sensitive Data Latest Match Counts View – Creates a view with the most recent scans of each - AWS file -- Match Hits View – Shows the AWS SDD match hits -- AIC AWS S3 Bucket SDD Import – Imports AWS S3 Bucket objects with sensitive data into the Access - Information Center - -# 0.Collection Job Group - -The 0.Collection job group scans and collects details on IAM and S3 buckets within an -AWS organization. - -![0.Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 0.Collection Job Group is comprised of: - -- [1.AWS_OrgScan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Collects details about the AWS Organization including password policies and accounts within the - organization -- [2.AWS_S3Scan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Collects details about the AWS S3 buckets including details about the objects in those buckets -- [3.AWS_IAMScan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Collects details about users, groups, policies, roles and other IAM related identities -- [4.AWS_S3SDDScan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Collects details about S3 objects containing sensitive data - -# AWS_GroupMembers Job - -The AWS_GroupMembers job group provides details on AWS IAM group membership, orphaned groups (those -with no policy assigned to them), sensitive security group membership, and stale groups. - -## Analysis Tasks for the AWS_GroupMembers Job - -Navigate to the **AWS** > **3.Groups** > **AWS_GroupMembers** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_GroupMembers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/groups/groupmembersanalysis.webp) - -The following analysis tasks are selected by default: - -- Group Membership – Identifies groups and their members. Creates the AWS_GroupMember_Details table - accessible under the job’s Results node. -- Group Member Summary – Summarizes group member counts and number of policies applied to the - groups. Creates the AWS_GroupMember_Summary table accessible under the job’s Results node. - -## Report for the AWS_GroupMembers Job - -In addition to the tables and views created by the analysis task, the AWS_GroupMembers job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ------------- | ------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Members | This report identifies group members and summarizes policies applied to those groups. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays a summary of group members - Stacked Bar Chart – Displays a summary of group policies - Table – Provides details on groups | - -# AWS_NoPolicyGroups Job - -The AWS_NoPolicyGroups job provides details on groups that have no policies assigned to them. - -## Analysis Tasks for the AWS_NoPolicyGroups Job - -Navigate to the **AWS** > **3.Groups** > **AWS_NoPolicyGroups** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_NoPolicyGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/groups/nopolicygroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- No Policy Groups – Identifies groups that have no policies applied. Creates the - AWS_NoPolicyGroup_Details table accessible under the job’s Results node. -- No Policy Groups Summary – Summarizes no policy groups across AWS Organizations. Creates the - AWS_NoPolicyGroup_Summary table accessible under the job’s Results node. - -## Report for the AWS_NoPolicyGroups Job - -In addition to the tables and views created by the analysis task, the AWS_NoPolicyGroups job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------------------- | ----------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Groups With No Policies | This report identifies groups that do not have a policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by no policy group counts - Table – Shows no policy groups by accounts - Table – Provides details on no policy groups | - -# AWS_StaleGroups Job - -The AWS_StaleGroups job highlights groups that have members that are considered stale. The -definition for staleness is set by default to 60 days. This can be configured. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The AWS_StaleGroups job has the following configurable parameter: - -- Days without login to consider an account stale - -See the -[Customizable Analysis Tasks for the AWS_StaleGroups Job](#customizable-analysis-tasks-for-the-aws_stalegroups-job) -topic for additional information. - -## Analysis Tasks for the AWS_StaleGroups Job - -Navigate to the **AWS** > **3.Groups** > **AWS_StaleGroups** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for -this job. Only modify the analysis tasks listed in the customizable analysis tasks section. - -![Analysis Tasks for the AWS_StaleGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- Stale Group Details – Highlights the staleness of users in AWS groups. Creates the - AWS_StaleGroup_Details table accessible under the job’s Results node. - - - The number of days without login to consider an account stale can be customized. By default it - is set to 60. See the - [Customizable Analysis Tasks for the AWS_StaleGroups Job](#customizable-analysis-tasks-for-the-aws_stalegroups-job) - topic for additional information. - -- Stale Group Summary – Summarizes statistics for stale groups. Creates the AWS_StaleGroup_Summary - table accessible under the job’s Results node. -- Stale Groups AWS Summary – Summarizes stale groups by percentile for all of AWS - -### Customizable Analysis Tasks for the AWS_StaleGroups Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------- | --------------------------- | ------------- | ----------------------------------------------- | -| Stale Group Details | @StaleThreshold | 60 | Days without login to consider an account stale | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for instructions on how to modify parameters. - -## Report for the AWS_StaleGroups Job - -In addition to the tables and views created by the analysis task, the AWS_StaleGroups job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ------------ | --------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Groups | This report determines the staleness of group membership. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays group membership - Table – Shows group membership - Table – Provides details on group membership | - -# 3.Groups Job Group - -The 3.Groups job group provides details on AWS IAM group membership, orphaned groups (those with no -policy assigned to them), sensitive security group membership, and stale groups. - -![3.Groups Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 3.Groups job group is comprised of: - -- [AWS_GroupMembers Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details about group members and the policies assigned to those groups -- [AWS_NoPolicyGroups Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on groups that have no policies assigned to them -- [AWS_StaleGroups Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Highlights groups that have members that are considered stale - -# AWS_Accounts Job - -The AWS_Accounts job provides detailed information about the accounts that exist in each AWS -Organization. This job also determines the AWS Master Account for each Organization. The AWS Master -Account can be set manually by adding a line for each Organization in the temporary table -#IdentitySourceAccount in the analysis task parameters for this job. - -## Analysis Tasks for the AWS_Accounts Job - -Navigate to the **AWS** > **1.Organizations** > **AWS_Accounts** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_Accounts Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/organizations/accountsanalysis.webp) - -The following analysis tasks are selected by default: - -- AWS Account Details – Provides details for the AWS IAM accounts in the organization. Creates the - AWS_Account_Details table accessible under the job’s Results node. -- AWS Account Summary – Summarizes AWS Accounts by organization. Creates the AWS_Account_Summary - table accessible under the job’s Results node. - -## Report for the AWS_Accounts Job - -In addition to the tables and views created by the analysis task, the AWS_Accounts job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| -------- | ------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Accounts | This report provides details on the IAM Accounts in the AWS Organization. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by org - Table – Shows accounts by Org - Table – Provides details on accounts | - -# AWS_MemberAccountUsers Job - -The AWS_MemberAccountUsers job highlights users that are not located in the primary AWS Identity -Source, which is generally the Master AWS Account for the Organization. - -## Analysis Tasks for the AWS_MemberAccountUsers Job - -Navigate to the **AWS** > **1.Organizations** > **AWS_MemberAccountUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_MemberAccountUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/organizations/memberaccountusersanalysis.webp) - -The following analysis tasks are selected by default: - -- Member Account User Details – Provides details on users that exist outside the master AWS account. - Creates the AWS_MemberAccountUsers_Details table accessible under the job’s Results node. -- Member Account Users Summary – Summarizes AWS member account users by organization. Creates the - AWS_MemberAccountUsers_Summary table accessible under the job’s Results node. - -## Report for the AWS_MemberAccoutUsers Job - -In addition to the tables and views created by the analysis task, the AWS_MemberAccountUsers job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| -------------------- | -------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Member Account Users | This report highlights user accounts that are not contained in the AWS Master Account. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top member account users by org - Table – Shows member account users by Org - Table – Provides details on member account users | - -# 1.Organizations Job Group - -The 1.Organizations job group analyzes and reports on the AWS Organization including password -policies and accounts within the organization. - -![1.Organizations Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 1.Organizations job jroup is comprised of: - -- [AWS_Accounts Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides detailed information about the accounts that exist in each AWS Organization. This job - also determines the AWS Master Account for each Organization. The AWS Master Account can be set - manually by adding a line for each Organization in the temporary table #IdentitySourceAccount in - the analysis task parameters for this job. -- [AWS_MemberAccountUsers Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Highlights users that are not located in the primary AWS Identity Source, which is generally the - Master AWS Account for the Organization - -# AWS Solution - -Enterprise Auditor for AWS allows organizations to secure their data residing in Amazon Web Services -(AWS) S3 platform, reducing their risk exposure through proactive, automated auditing and reporting -of S3 permissions, sensitive data, and ultimately a consolidated view of user access rights across -dozens of structured and unstructured data resources both on-premises and in the cloud. - -The AWS Solution is designed to provide information about data access such as: - -- Who has access to your data -- Who is accessing your data -- What sensitive data is being stored and accessed - -The AWS Solution provides the ability to audit AWS IAM and S3. Enterprise Auditor uses the AWS -solution to collect IAM users, groups, roles, and policies, as well as S3 permissions, content, and -sensitive data from target AWS accounts. The solution requires a special Enterprise Auditor license. -It can be focused to only conduct auditing of AWS IAM. Additionally, the Sensitive Data Discovery -Add-On enables the solution to search AWS S3 content for sensitive data. - -Supported Platforms - -- Amazon AWS IAM -- Amazon AWS S3 - -Requirements, Permissions, and Ports - -See the -[Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Location - -The AWS Solution requires a special Enterprise Auditor license. It can be installed from the -Enterprise Auditor Instant Job Wizard. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for information on installing instant solutions from the Enterprise Auditor Library. - -Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > **AWS**. - -## Job Groups - -The AWS solution is a comprehensive set of pre-configured audit jobs and reports that provide -visibility into IAM users, groups, roles, and policies, as well as S3 permissions, content, and -sensitive data from target AWS accounts. - -![AWS Solution Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The AWS Solution is comprised of the following job groups: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – The 0.Collection Job Group scans and collects details on IAM and S3 buckets within an AWS - organization -- [1.Organizations Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – The 1.Organizations Job Group provides details on AWS accounts and users -- [2.Users Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – The 2.Users Job Group provides details on AWS IAM user MFA status, access key usage, and - staleness -- [3.Groups Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – The 3.Groups Job Group provides details on AWS IAM group membership, orphaned groups (those with - no policy assigned to them), sensitive security group membership, and stale groups -- [4.Roles Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – The 4.Roles Job Group provides details on roles in the AWS IAM environment -- [5.Policies Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – The 5.Policies Job Group provides details on AWS IAM policies including the various types of - policies, the permissions they grant, and where they are applied in the AWS organization -- [6.S3 Permissions Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – The 6.S3 Permissions Job Group provides details on permissions assigned to AWS S3 buckets, - highlighting specific threats like broken inheritance and open buckets -- [7.S3 Content Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – The 7.S3 Content Job Group provide details on AWS S3 buckets and objects contained in those - buckets -- [8.S3 Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – The 8.S3 Sensitive Data Job Group provides details on AWS S3 buckets and objects containing - sensitive data - -# AWS_CustomManagedPolicies Job - -The AWS_CustomManagedPolicies job provides details on customer managed policies created in the AWS -Organization. - -## Analysis Tasks for the AWS_CustomManagedPolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_CustomManagedPolicies** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_CustomManagedPolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/custommanagedpoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- Custom Managed Policy Details – Provides detailed information on AWS custom managed policies. - Creates the AWS_CustomManagedPolicy_Details table accessible under the job’s Results node. -- Custom Managed Policy Usage Summary – Summarizes the custom managed policy usage by AWS - Organization. Creates the AWS_CustomManagedPolicy_Summary table accessible under the job’s Results - node. - -## Report for the AWS_CustomManagedPolicies Job - -In addition to the tables and views created by the analysis task, the AWS_CustomManagedPolicies job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------------------- | ----------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Custom Managed Policies | This report analyzes AWS Custom Managed Policies and their usage. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays custom managed policies by account - Table – Shows custom managed policies by account - Table – Provides details on custom managed policies by account | - -# AWS_InlinePolicies Job - -The AWS_InlinePolicies job provides details on customer managed policies that are directly assigned -to a user or group. - -## Analysis Tasks for the AWS_InlinePolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_InlinePolicies** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_InlinePolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/inlinepoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- Inline Policy Details – Provides details for AWS Inline Policies. Creates the - AWS_InlinePolicy_Details table accessible under the job’s Results node. -- Inline Policy Summary – Summarizes AWS Inline Policies by organization. Creates the - AWS_InlinePolicy_Summary table accessible under the job’s Results node. - -## Report for the AWS_InlinePolicies Job - -In addition to the tables and views created by the analysis task, the AWS_InlinePolicies job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Element | -| --------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Inline Policies | This report identifies AWS Inline Policies that are assigned directly on an AWS Identity. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays inline policies by account - Table – Shows inline policies by account - Table – Provides details on inline policies | - -# AWS_ManagedPolicies Job - -The AWS_ManagedPolicies job provides details on policies managed by Amazon in the AWS Organization. - -## Analysis Tasks for the AWS_ManagedPolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_ManagedPolicies** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_ManagedPolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/managedpoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- Managed Policy Details – Identifies managed policies from AWS and if they are assigned to a user - or group. Creates the AWS_ManagedPolicy_Details table accessible under the job’s Results node. -- Managed Policy Usage Summary – Summarizes the managed policy usage by AWS Org. Creates the - AWS_ManagedPolicy_Summary table accessible under the job’s Results node. - -## Report for the AWS_ManagedPolicies Job - -In addition to the tables and views created by the analysis task, the AWS_Accounts job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| -------------------- | ---------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| AWS Managed Policies | This report analyzes AWS Managed Policies and their usage. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays AWS managed policies by account - Table – Shows AWS managed policies by account - Table – Provides details on AWS managed policies | - -# AWS_SensitivePolicies Job - -The AWS_SensitivePolicies job provides details on users, groups, and roles as well as the policies -granting them sensitive permissions. - -## Analysis Tasks for the AWS_SensitivePolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_SensitivePolicies** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_SensitivePolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/sensitivepoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- Sensitive Managed Policy Details – Provides details on AWS Sensitive Managed Policies. Creates the - AWS_SensitiveManagedPolicies_Details table accessible under the job’s Results node. -- Sensitive Inline Policy Details – Provides details on AWS Sensitive Inline Policies. Creates the - AWS_SensitiveInlinePolicies_Details table accessible under the job’s Results node. -- Sensitive Managed Policy Summary – Summarizes AWS Sensitive Managed Policies by organization. - Creates the AWS_SensitiveManagedPolicies_Summary table accessible under the job’s Results node. -- Sensitive Inline Policy Summary – Summarizes AWS Sensitive Inlin Policies by organization. Creates - the AWS_SensitiveInlinePolicies_Summary table accessible under the job’s Results node. - -## Reports for the AWS_SensitivePolicies Job - -In addition to the tables and views created by the analysis task, the AWS_SensitivePolicies job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| -------------------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Inline Policies | This report highlights users, groups, and roles with a sensitive inline policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays sensitive policy assignments by org - Table – Shows sensitive policy assignments by org - Table – Provides details on sensitive policy assignments | -| Sensitive Managed Policies | This report highlights users, groups, and roles with a sensitive managed policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays sensitive managed policy assignments by org - Table – Shows sensitive managed policy assignments by org - Table – Provides details on sensitive managed policy assignments | - -# AWS_UnusedManagedPolicies Job - -The AWS_UnusedManagedPolicies job provides details on customer managed policies that exist in the -AWS Organization. Optionally, AWS managed policies can be included by changing the parameter for the -analysis task. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The AWS_UnusedManagedPolicies job has the following configurable parameter: - -- True or False value to include policies managed by AWS - -See the -[Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job](#customizable-analysis-tasks-for-the-aws_unusedmanagedpolicies-job) -topic for additional information. - -## Analysis Tasks for the AWS_UnusedManagedPolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_UnusedManagedPolicies** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for -this job. Only modify the analysis tasks listed in the customizable analysis tasks section. - -![Analysis Tasks for the AWS_UnusedManagedPolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- Unused Managed Policies – Policies not assigned to any group or user. Creates the - AWS_UnusedPolicies_Details table accessible under the job’s Results node. - - - Optionally, AWS managed policies can be included by setting the parameter to True. See the - [Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job](#customizable-analysis-tasks-for-the-aws_unusedmanagedpolicies-job) - topic for additional information. - -- Unused Managed Policy Summary – Summary by AWS Organization of unused managed policies. Creates - the AWS_UnusedPolicies_Summary table accessible under the job’s Results node. - -### Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ----------------------- | --------------------------- | ------------- | ------------------------------------------------------- | -| Unused Managed Policies | @IncludeAWSManaged | False | True or False value to include policies managed by AWS. | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for instructions on how to modify parameters. - -## Report for the AWS_UnusedManagedPolicies Job - -In addition to the tables and views created by the analysis task, the AWS_UnusedManagedPolicies job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------------------- | --------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Unused Managed Policies | This report identifies policies that are not assigned to any group or user. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays unused managed policies by account - Table – Shows unused managed policies by account - Table – Provides details on unused managed policies | - -# AWS_UserPolicies Job - -The AWS_UserPolicies job provides details outlining user policy assignment. This includes where the -policy is assigned, directly or at a group level, and if the policy assignment has been duplicated. - -## Analysis Tasks for the AWS_UserPolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_UserPolicies** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_UserPolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/userpoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- User Policies View – Details policies assigned to users directly and through group membership. - Creates the AWS_IamUserPolicyView table accessible under the job’s Results node. -- Duplicated Policies – User policies that have been inherited and directly assigned. Creates the - AWS_DuplicatedPolicy_Details table accessible under the job’s Results node. -- User Policy Summary – Summarizes policies assigned to users by Account. Creates the - AWS_UserPolicy_Summary table accessible under the job’s Results node. - -## Reports for the AWS_UserPolicies Job - -In addition to the tables and views created by the analysis task, the AWS_UserPolicies job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ---------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Duplicate Policy Assignments | This report highlights policies that have been both assigned directly and inherited from a group to a user identity. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by assigned managed policies - Table – Provides details on managed policy assignments | -| Managed Policy Assignments | This report details managed policy assignments in the AWS Organization. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays duplicate policy assignment summary by account - Table – Shows duplicate policy assignment summary by account - Table – Provides details on duplicate policy assignment summary | - -# 5.Policies Job Group - -The 5.Policies job group provides details on AWS IAM policies including the various types of -policies, the permissions they grant, and where they are applied in the AWS organization. - -![5.Policies Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 5.Policies job group is comprised of: - -- [AWS_CustomManagedPolicies Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on customer managed policies created in the AWS Organization -- [AWS_InlinePolicies Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on customer managed policies that are directly assigned to a user or group -- [AWS_ManagedPolicies Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on policies managed by Amazon in the AWS Organization -- [AWS_SensitivePolicies Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on users, groups, and roles as well as the policies granting them sensitive - permissions -- [AWS_UnusedManagedPolicies Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on customer managed policies that exist in the AWS Organization. Optionally, - AWS managed policies can be included by changing the @IncludeAWSManaged parameter on the analysis - task. -- [AWS_UserPolicies Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details outlining user policy assignment. This includes where the policy is assigned, - directly or at a group level, and if the policy assignment has been duplicated. - -# Recommended Configuration for the AWS Solution - -The AWS Solution is configured to inherit settings from the global Settings node. The Connection -Profile must be assigned before job execution. Once it is assigned to the job group, it can be run -directly or scheduled. - -Dependencies - -For AWS IAM Auditing: - -- AWS Permissions must be configured on the target databases. - - - See the - [Configure AWS for Scans](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for information on configuring Roles within AWS and obtaining an Access Key - - See the - [Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information on permissions - -For AWS S3 Sensitive Data Discovery Auditing: - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - - - See the - [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) - topic for additional information - -Some of the 0.Collection job group queries can be scoped to target specific S3 Objects. However, it -is necessary for the SA_AWS_Instances table to be populated before attempting to scope the queries. -Therefore, the AWS_S3Scan job must be manually executed before attempting to scope the S3 queries. - -Target Host - -The AWS Data Collector identifies AWS instances via the created Roles and therefore does not require -a host list to be assigned. No target host is required (assign Local Host). - -Connection Profile - -The AWS Data Collector requires a specific set of permissions. The account used can be either a Web -Services (JWT) account or an Amazon Web Services account. Once the account has been provisioned, -create a custom Connection Profile containing the credentials for the targeted environment. See the -[Amazon Web Services for User Credentials](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -The Connection Profile is assigned under the **AWS** > **Settings** > **Connection** node. It is set -to **Use Default Profile**, as configured at the global Settings level. However, if this is not the -Connection Profile with the necessary permissions for targeting the AWS instances, click the -**Select one of the following user defined profiles** option and select the appropriate Connection -Profile. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information on creating a Connection Profile. - -Access Token - -Creating the Connection Profile requires having the **Access Key ID** and the **Secret Access Key** -that was generated by the Amazon Web Services application. See the -[Configure AWS for Scans](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Schedule Frequency - -Schedule the AWS job group to run weekly or daily, depending on the amount of data in the -environment. If there are frequent AWS changes within the target environment, then it can be -executed more often. It is best to rerun it anytime AWS changes might have occurred. - -History Retention - -Not supported. - -Multi Console Support - -Not supported. - -Run Order - -The jobs in the 0.Collection job group must be run first and in order. The other job groups can be -run in any order, together or individually, after running the 0.Collection job group. - -**_RECOMMENDED:_** Run the solution at the top level. - -Run at the Solution Level - -The jobs in the AWS job group should be run together and in order by running the entire solution, -instead of the individual jobs. - -Run at the Job Group Level - -For environments with a large amount of S3 data, it may be desirable to run the 3.AWS_S3Scan job and -the 4.AWS_S3SDDScan job less frequently than the other jobs in the 0.Collection job group. - -Query Configuration - -The following queries in the 0.Collection job group require the created AWS Roles to be added to the -Login Roles page: - -- [1.AWS_OrgScan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) -- [2.AWS_S3Scan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) -- [3.AWS_IAMScan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - -The following queries in the 0.Collection job group can be modified to limit the depth of the scan: - -- [2.AWS_S3Scan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) -- [4.AWS_S3SDDScan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - -Analysis Configuration - -This solution can be run with the default analysis configuration. However, the following parameters -can be modified: - -- The `@STALETHRESHOLD` parameter determines the number of days after which content is considered - stale. It is set to default of 60 days. The `@STALETHRESHOLD` parameter can be customized in the - following analysis tasks: - - - **2. Users** > **AWS_StaleUsers** > **Stale Users** Analysis Task - - **3.Groups** > **AWS_StaleGroups** > **Stale Groups Details** Analysis Task - - **4.Roles** > **AWS_StaleRoles** > **Stale Roles Details** Analysis Task - -Workflow - -The following is the recommended workflow: - -**Step 1 –** Configure and assign the Connection Profile. - -**Step 2 –** Configure the Scan query to add the AWS Roles to the Login Roles page. - -**Step 3 –** (Optional) Modify query configurations for the 0.Collection job group to limit the scan -depth. - -**Step 4 –** (Optional) Modify analysis task parameters for the reporting jobs. - -**Step 5 –** Schedule the AWS job group to run as desired. - -**Step 6 –** Review the reports generated by the AWS job group. - -# AWS_Roles Job - -The AWS_Roles job provides details on roles in the AWS IAM environment. - -## Analysis Tasks for the AWS_Roles Job - -Navigate to the **AWS** > **4.Roles** > **AWS_Roles** > **Configure** node and select **Analysis** -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_Roles Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/roles/rolesanalysis.webp) - -The following analysis tasks are selected by default: - -- Role Details – Provides detailed information on AWS Roles. Creates the AWS_Role_Details table - accessible under the job’s Results node. -- Role Summary – Summarizes roles by AWS account. Creates the AWS_Role_Summary table accessible - under the job’s Results node. - -## Report for the AWS_Roles Job - -In addition to the tables and views created by the analysis task, the AWS_Roles job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ------ | ----------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Roles | This report provides details on roles in the AWS IAM environment. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top roles by account - Table – Shows roles by account - Table – Provides details on roles | - -# AWS_StaleRoles Job - -The AWS_StaleRoles job provides details on roles that are considered stale. Highlighting roles that -have not been used in more than 60 days and those that have never been used. The 60 day parameter is -configurable. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The AWS_StaleRoles job has the following configurable parameter: - -- Days without login to consider an account stale - -See the -[Customizable Analysis Tasks for the AWS_StaleRoles Job](#customizable-analysis-tasks-for-the-aws_staleroles-job) -topic for additional information. - -## Analysis Tasks for the AWS_StaleRoles Job - -Navigate to the **AWS** > **4.Roles** > **AWS_StaleRoles** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for -this job. Only modify the analysis tasks listed in the customizable analysis tasks section. - -![Analysis Tasks for the AWS_StaleRoles Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/roles/stalerolesanalysis.webp) - -The following analysis tasks are selected by default: - -- Stale Role Details – Highlights the roles in AWS that are considered stale. Creates the - AWS_StaleRole_Details table accessible under the job’s Results node. - - - The number of days without login to consider an account stale can be customized. By default it - is set to 60. See the - [Customizable Analysis Tasks for the AWS_StaleRoles Job](#customizable-analysis-tasks-for-the-aws_staleroles-job) - topic for additional information. - -- Stale Role Summary – Summarizes stale roles by AWS Account. Creates the AWS_StaleRole_Summary - table accessible under the job’s Results node. - -### Customizable Analysis Tasks for the AWS_StaleRoles Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------ | --------------------------- | ------------- | ------------------------------------------------ | -| Stale Role Details | @StaleThreshold | 60 | Days without login to consider an account stale. | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for instructions on how to modify parameters. - -## Report for the AWS_StaleRoles Job - -In addition to the tables and views created by the analysis task, the AWS_StaleRoles job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------- | ---------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Roles | This report identifies stale roles in the AWS environment. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top stale roles by account - Table – Shows stales roles by account - Table – Provides details on stale roles | - -# 4.Roles Job Group - -The 4.Roles job group provides details on roles in the AWS IAM environment. - -![4.Roles Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 4.Roles job group is comprised of: - -- [AWS_Roles Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on roles in the AWS IAM environment -- [AWS_StaleRoles Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on roles that are considered stale. Highlighting roles that have not been used - in more than 60 days and those that have never been used. - -# AWS_S3Buckets Job - -The AWS_S3Buckets job provides a summary of AWS S3 buckets including total object size and counts. - -## Analysis Task for the AWS_S3Buckets Job - -Navigate to the **AWS** > **7.S3 Content** > **AWS_S3Buckets** > **Configure** node and select -**Analysis** to view the analysis task. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AWS_S3Buckets Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3content/s3bucketsanalysis.webp) - -The following analysis task is selected by default: - -- S3 Buckets – S3 Bucket details. Creates the AWS_Bucket_Details table accessible under the job’s - Results node. - -## Report for the AWS_S3Buckets Job - -In addition to the tables and views created by the analysis task, the AWS_S3Buckets job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ---------- | --------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| S3 Buckets | This report summarizes AWS S3 Bucket content. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top five buckets by size - Table – Shows buckets by size - Table – Provides details on buckets | - -# AWS_S3BucketTags Job - -The AWS_S3BucketTags job identifies tags associated with AWS S3 Buckets. Tagging can be helpful to -identify the storage class or purpose of a bucket and can be used in AWS IAM Policy assignments. - -## Analysis Tasks for the AWS_S3BucketTagsJob - -Navigate to the **AWS** > **7.S3 Content** > **AWS_S3BucketTags** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_S3BucketTagsJob](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3content/s3buckettagsanalysis.webp) - -The following analysis tasks are selected by default: - -- AWS S3 Bucket Tags – Identifies tags associated with AWS S3 Buckets. Creates the - AWS_BucketTag_Details table accessible under the job’s Results node. -- AWS S3 Bucket Tag Summary – Summarizes AWS bucket tag status. Creates the AWS_BucketTag_Summary - table accessible under the job’s Results node. - -## Report for the AWS_S3BucketTags Job - -In addition to the tables and views created by the analysis tasks, the AWS_S3BucketTags job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------- | ------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Bucket Tags | This report highlights AWS S3 Bucket Tags. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays buckets tagged by account - Table – Shows bucket tagging summary - Table – Provides details on bucket tagging | - -# 7.S3 Content Job Group - -The 7.S3 Content job group provide details on AWS S3 buckets and objects contained in those buckets. - -![7.S3 Content Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 7.S3 Content job group is comprised of: - -- [AWS_S3Buckets Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides a summary of AWS S3 buckets including total object size and counts -- [AWS_S3BucketTags Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Identifies tags associated with AWS S3 Buckets. Tagging can be helpful to identify the storage - class or purpose of a bucket and can be used in AWS IAM Policy assignments. - -# AWS_BrokenInheritance Job - -The AWS_BrokenInheritance job highlights permissions in an AWS S3 bucket that differ from those -assigned at the bucket level, those assigned directly on objects within the bucket. - -## Analysis Tasks for the AWS_BrokenInheritance Job - -Navigate to the **AWS** > **6.S3 Permissions** > **AWS_BrokenInheritance** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_BrokenInheritance Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp) - -The following analysis tasks are selected by default: - -- Broken Inheritance – Permissions applied directly to AWS S3 Bucket Objects. Creates the - AWS_BrokenInheritance_Details table accessible under the job’s Results node. -- Broken Inheritance Summary – Summarizes permissions applied directly to AWS S3 Bucket Objects. - Creates the AWS_BrokenInheritance_Summary table accessible under the job’s Results node. - -## Report for the AWS_BrokenInheritance Job - -In addition to the tables and views created by the analysis task, the AWS_BrokenInheritance job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ------------------ | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Broken Inheritance | This report identifies permissions applied directly on files in AWS S3 Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by broken inheritance - Table – Shows buckets by broken inheritance - Table – Provides details on broken inheritance | - -# AWS_EffectivePermissions Job - -The AWS_EffectivePermissions job identifies and summarizes effective permissions on AWS S3 buckets -and bucket objects. - -## Analysis Tasks for the AWS_Accounts Job - -Navigate to the **AWS** > **6.S3 Permissions** > **AWS_EffectivePermissions** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_Accounts Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp) - -The following analysis tasks are selected by default: - -- S3 Bucket Effective Permissions – AWS S3 Bucket effective permissions for each identity. Creates - the AWS_EffectiveBucketPermissions_Details table accessible under the job’s Results node. -- S3 Bucket Effective Permission Summary – Summarizes permission counts across AWS S3 Buckets. - Creates the AWS_EffectiveBucketPermissions_Summary table accessible under the job’s Results node. - -## Report for the AWS_EffectivePermissions Job - -In addition to the tables and views created by the analysis task, the AWS_EffectivePermissions job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| --------------------- | ------------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Effective Permissions | This report identifies and summarizes effective permissions on AWS S3 Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by effective permissions - Table – Shows buckets by effective permissions - Table – Provides details on effective permissions | - -# AWS_OpenBuckets Job - -The AWS_OpenBuckets job identifies buckets that have permissions assigned to everyone at the top -level of the AWS S3 bucket. - -## Analysis Task for the AWS_OpenBuckets Job - -Navigate to the **AWS** > **6.S3 Permissions** > **AWS_OpenBuckets** > **Configure** node and select -**Analysis** to view the analysis task. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AWS_OpenBuckets Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3permissions/openbucketsanalysis.webp) - -The following analysis task is selected by default: - -- Open Bucket Permissions – Permissions applied to AWS S3 buckets across all users. Creates the - AWS_OpenBucket_Details table accessible under the job’s Results node. - -## Report for the AWS_OpenBuckets Job - -In addition to the tables and views created by the analysis task, the AWS_OpenBuckets job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ------------ | ------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Open Buckets | This report identifies AWS S3 Open Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays largest open buckets - Table – Shows largest open buckets - Table – Provides details on open buckets | - -# 6.S3 Permissions Job Group - -The 6.S3 Permissions job group provides details on permissions assigned to AWS S3 buckets, -highlighting specific threats like broken inheritance and open buckets. - -![6.S3 Permissions Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 6.S3 Permissions job group is comprised of: - -- [AWS_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Highlights permissions in an AWS S3 bucket that differ from those assigned at the bucket level, - those assigned directly on objects within the bucket -- [AWS_EffectivePermissions Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Identifies and summarizes effective permissions on AWS S3 buckets and bucket objects -- [AWS_OpenBuckets Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Identifies buckets that have permissions assigned to everyone at the top level of the AWS S3 - bucket - -# AWS_SensitiveData_Permissions Job - -The AWS_SensitiveData_Permissions job provides details on the permissions assigned to AWS S3 buckets -and the objects in them which contain sensitive data. - -## Analysis Tasks for the AWS_SensitiveData_Permissions Job - -Navigate to the **AWS** > **8.S3 Sensitive Data** > **AWS_SensitiveData_Permissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_SensitiveData_Permissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp) - -The following analysis tasks are selected by default: - -- AWS Sensitive Data Permissions – Highlights permissions applied to AWS objects containing - sensitive data. Creates the AWS_SDDPermission_Details table accessible under the job’s Results - node. -- Sensitive Data Permissions Summary – Summarizes permissions on AWS objects containing sensitive - data. Creates the AWS_SDDPermission_BucketSummary table accessible under the job’s Results node. - -## Report for the AWS_SensitiveData_Permissions Job - -In addition to the tables and views created by the analysis task, the AWS_SensitiveData_Permissions -job produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| -------------------------- | ---------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Permissions | This report identifies permissions on AWS objects containing sensitive data. | Sensitive Data | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by permissions on sensitive data - Table – Shows buckets by permissions on sensitive data - Table – Provides details on sensitive data permissions | - -# AWS_SensitiveData Job - -The AWS_SensitiveData job provides details on AWS S3 buckets and the objects in them which contain -sensitive data. - -## Analysis Tasks for the AWS_SensitiveData Job - -Navigate to the **AWS** > **8.S3 Sensitive Data** > **AWS_SensitiveData** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_SensitiveData Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) - -The following analysis tasks are selected by default: - -- Sensitive Data Details – Provides detailed information for S3 objects with Sensitive Data. Creates - the AWS_SDD_Details table accessible under the job’s Results node. -- Sensitive Data Summary – Summarizes Sensitive Data by AWS Account. Creates the AWS_SDD_Summary - table accessible under the job’s Results node. -- Enterprise Summary – Summarizes AWS sensitive data by criteria. Creates the - AWS_SDD_EnterpriseSummary table accessible under the job’s Results node. - -## Report for the AWS_Sensitive Data Job - -In addition to the tables and views created by the analysis task, the AWS_SensitiveData job produces -the following preconfigured reports: - -| Report | Description | Default Tags | Report Element | -| ----------------------- | ----------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of the following elements: - Chart – Displays exceptions by match count - Table – Provides details on exceptions | -| Sensitive Data Overview | This report identifies objects in AWS S3 buckets that contain sensitive data. | Sensitive Data | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by sensitive data hit - Table – Shows sensitive data by account - Table – Provides details on sensitive data | - -# 8.S3 Sensitive Data Job Group - -The 8.S3 Sensitive Data job group provides details on AWS S3 buckets and objects containing -sensitive data. - -![8.S3 Sensitive Data Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 8.S3 Sensitive Data job group is comprised of: - -- [AWS_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on AWS S3 buckets and the objects in them which contain sensitive data -- [AWS_SensitiveData_Permissions Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on the permissions assigned to AWS S3 buckets and the objects in them which - contain sensitive data - -# AWS_AccessKeys Job - -The AWS_AccessKeys job provides details on the last time an access key was rotated or used, -highlighting keys that were last rotated over a year ago. - -## Analysis Tasks for the AWS_AccessKeys Job - -Navigate to the **AWS** > **2.Users** > **AWS_AccessKeys** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_AccessKeys Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/accesskeysanalysis.webp) - -The following analysis tasks are selected by default: - -- Access Keys – Analyzes access key rotation age and last use. Creates the AWS_AccessKey_Details - table accessible under the job’s Results node. -- High Risk Access Keys – Highlights high risk access keys. Creates the AWS_AccessKey_HighRisk table - accessible under the job’s Results node. -- Access Keys summary – Summarizes access key rotation by age. Creates the AWS_AccessKey_Summary - table accessible under the job’s Results node. - -## Report for the AWS_AccessKeys Job - -In addition to the tables and views created by the analysis task, the AWS_AccessKeys job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Access Keys | This report identifies user accounts which have not rotated their AWS IAM Access Keys for an extended amount of time or have never used it. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays access key age by account - Table – Shows high risk access keys - Table – Provides details on access keys | - -# AWS_MFAStatus Job - -The AWS_MFAStatus job provides details on each user's MFA status, highlighting users that have it -disabled. - -## Analysis Tasks for the AWS_MFAStatus Job - -Navigate to the **AWS** > **2.Users** > **AWS_MFAStatus** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_MFAStatus Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/mfastatusanalysis.webp) - -The following analysis tasks are selected by default: - -- MFAStatus – Checks user accounts in AWS for Multi-Factor Authentication. Creates the - AWS_MFAStatus_Details table accessible under the job’s Results node. -- MFAStatus Summary – Summarizes AWS IAM Multi-Factor Authentication status by organisation. Creates - the AWS_MFAStatus_Summary table accessible under the job’s Results node. - -## Report for the AWS_MFAStatus Job - -In addition to the tables and views created by the analysis task, the AWS_MFAStatus job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ---------- | ------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -| MFA Status | This report identifies the MFA status of each AWS user | None | This report is comprised of the following elements: - Pie Chart – Displays MFA status - Table – Shows status by account - Table – Provides details on MFA | - -# AWS_RootAccounts Job - -The AWS_RootAccounts job provides details on AWS root accounts and how they conform to recommended -security practices. - -## Analysis Tasks for the AWS_RootAccounts Job - -Navigate to the **AWS** > **2.Users** > **AWS_RootAccounts** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_RootAccounts Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/rootaccountsanalysis.webp) - -The following analysis tasks are selected by default: - -- Root Account Security Details – Provides details on the credentials and their usage for the AWS - root account in each account. Creates the AWS_RootAccountSecurity_Details table accessible under - the job’s Results node. -- Root Account Risk Assessment – Highlights security risks on AWS root accounts. Creates the - AWS_RootAccountSecurity_RiskAssessment table accessible under the job’s Results node. -- Root Account Security Summary – Summarizes risks on the root account. Creates the - AWS_RootAccountSecurity_Summary table accessible under the job’s Results node. - -## Report for the AWS_RootAccounts Job - -In addition to the tables and views created by the analysis task, the AWS_RootAccounts job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| --------------------- | ----------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Root Account Security | This report highlights security risks on AWS Root Accounts. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top account security by org - Table – Shows account security by Org - Table – Provides details on risk assessment - Table – Provides details on account security | - -# AWS_StaleUsers Job - -The AWS_StaleUsers job provides details on the last time each user logged in or their access key was -used, highlighting those over specified number of days (default 60) or that have never logged in. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The AWS_StaleUsers job has the following configurable parameter: - -- Number of days before considering a user stale - -See the -[Customizable Analysis Tasks for the AWS_StaleUsers Job](#customizable-analysis-tasks-for-the-aws_staleusers-job) -topic for additional information. - -## Analysis Tasks for the AWS_StaleUsers Job - -Navigate to the **AWS** > **2.Users** > **AWS_StaleUsers** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for -this job. Only modify the analysis tasks listed in the customizable analysis tasks section. - -![Analysis Tasks for the AWS_StaleUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp) - -The following analysis tasks are selected by default: - -- Stale Users – Identifies user accounts that have not been logged in to in the last 60 days. - Creates the AWS_StaleUser_Details table accessible under the job’s Results node. - - - The number of days can be customized from the default value of 60. See the - [Customizable Analysis Tasks for the AWS_StaleUsers Job](#customizable-analysis-tasks-for-the-aws_staleusers-job) - topic for additional information. - -- Stale User Summary – Summarizes stale users in AWS. Creates the AWS_StaleUser_Summary table - accessible under the job’s Results node. - -### Customizable Analysis Tasks for the AWS_StaleUsers Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------- | --------------------------- | ------------- | ---------------------------------------------- | -| Stale Users | @StaleThreshold | 60 | Number of days before considering a user stale | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for instructions on how to modify parameters. - -## Report for the AWS_StaleUsers Job - -In addition to the tables and views created by the analysis task, the AWS_StaleUsers job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Users | This report identifies user accounts which have not logged into AWS for an extended amount of time or have never logged in. A user account is considered stale if the last logon is over 60 days ago or the password has never been used. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays stale users by account - Table – Provides details on stale users | - -# 2.Users Job Group - -The 2.Users job group provides details on AWS IAM user MFA status, access key usage, and staleness. - -![2.Users Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 2.Users job group is comprised of: - -- [AWS_AccessKeys Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on the last time an access key was rotated or used, highlighting keys that were - last rotated over a year ago -- [AWS_MFAStatus Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on each user's MFA status, highlighting users that have it disabled -- [AWS_RootAccounts Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on AWS root accounts and how they conform to recommended security practices -- [AWS_StaleUsers Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/aws-analysis.md) - – Provides details on the last time each user logged in or their access key was used, highlighting - those over 60 days or that have never logged in diff --git a/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md b/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md deleted file mode 100644 index 0c3f60d21d..0000000000 --- a/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md +++ /dev/null @@ -1,1021 +0,0 @@ -# Box_Deletions Job - -The Box_Deletions Job is comprised of analysis and reports, which use the data collected by the -0.Collection Job Group to identify file and folder deletions that have occurred over the past 30 -days. - -## Analysis Tasks for the Box_Deletions Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Deletions** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Deletions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/deletionsanalysis.webp) - -The following analysis tasks are selected by default: - -- Deletion Details – Creates the Box_Deletion_Details table accessible under the job’s Results node -- Deletions (Last 30 Days) – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_Deletions Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------- | -| File and Folder Deletions (Deletion Events) | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of deletions - Table – Provides details on deletions | - -# Box_Downloads Job - -The Box_Downloads Job provides details on file and folder deletions that have occurred over the past -30 days. - -## Analysis Tasks for the Box_Downloads Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Downloads** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Downloads Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/downloadsanalysis.webp) - -The following analysis tasks are selected by default: - -- Download Details – Creates the Box_Download_Details table accessible under the job’s Results node -- Downloads Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_Downloads Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------- | -| Download Activity (Download Events) | This report identifies download events for the past 30 days. The detailed report shows all resources that were successfully downloaded as well as which users performed those events. | None | This report is comprised of three elements: - Line Chart – Displays last 30 days of downloads - Table – Provides details on downloads | - -# Box_ExternalUserActivity Job - -The Box_ExternalUserActivity Job identifies and analyzes activity events performed by external users -over the last 30 days. External Users are collaborators from outside your organization. They can be -granted the same collaborator access and sharing rights as Managed Users, but there is limited -control over the content they own and their security settings. - -## Analysis for the Box_ExternalUserActivity Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_ExternalUserActivity** > **Configure** -node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis for the Box_ExternalUserActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/externaluseractivityanalysis.webp) - -The following analysis tasks are selected by default: - -- External User Activity Details – Creates the Box_ExternalUserActivity_Details table accessible - under the job’s Results node -- External User Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_ExternalUserActivity Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active External User | This report identifies highest resource activity by external users. The bar chart and summary table outline the top 5 most active external users. | None | This report is comprised of three elements: - Bar Chart – Displays top events by top external users - Table – Provides summary of events by top external user - Table – Provides details on external users | - -# Box_ExternalUserCollaborations Job - -The Box_ExternalUserCollaborations Job External Users are collaborators from outside your -organization. They can be granted the same collaborator access and sharing rights as Managed Users, -but there is limited control over the content they own and their security settings. - -## Analysis Tasks for the Box_ExternalUserCollaborations Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_ExternalUserCollaborations** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_ExternalUserCollaborations Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp) - -The following analysis tasks are selected by default: - -- External User Collaboration Details – Creates the Box_ExternalUserCollaboration_Details table - accessible under the job’s Results node -- External User Collaboration (Last 30 Days) – Creates an interim processing table in the database - for use by downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_ExternalUserCollaborations Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| External User Collaborations | This report identifies high-risk collaborations, highlighting most active collaborations by invites of external users. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of external user collaborations - Table – Provides details on external user collaborations | - -# Box_PermissionChanges Job - -The Box_PermissionChannges Job provides details on permission changes that have occurred over the -past 30 days. - -## Analysis Tasks for the Box_PermissionChanges Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_PermissionChanges** > **Configure** -node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_PermissionChanges Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/permissionchangesanalysis.webp) - -The following analysis tasks are selected by default: - -- Permission Change Details – Creates the Box_PermissionChange_Details table accessible under the - job’s Results node -- Permission Changes (Last 30 Days) – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_PermissionChanges Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | -| Permission Changes | This report identifies all resources where successful permission changes have occurred. The line chart shows data for the past 30 days only. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of permission changes - Table – Provides details on permission changes | - -# Box_Sharing Job - -The Box_Sharing Job provides details on sharing activity that has occurred over the past 30 days. - -## Analysis Tasks for the Box_Sharing Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Sharing** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Sharing Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/sharinganalysis.webp) - -The following analysis tasks are selected by default: - -- Box Sharing – Creates the Box_Sharing_Details table accessible under the job’s Results node -- Sharing Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_Sharing Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sharing Activity Summary | This report identifies resource sharing within the target Box environments. The line graph will highlight time periods of the highest rate of sharing within the past 30 days. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of sharing activity - Table – Provides details on sharing activity | - -# Forensics Job Group - -The Forensics Job Group highlights deletions, file downloads, permissions changes, external user -activity, collaboration activity and high-risk collaborations within the targeted Box environment. -It is dependent on data collected by the 0.Collection Job Group, also housed in the Box Job Group. -The jobs that comprise the 1.Activity Job Group process analysis tasks and generate a report. - -![Forensics Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The Forensics Job Group is comprised of: - -- [Box_Deletions Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Provides details on file and folder deletions that have occurred over the past 30 days -- [Box_Downloads Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Provides details on file and folder deletions that have occurred over the past 30 days -- [Box_ExternalUserActivity Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies and analyzes external user activity which has occurred over the past 30 days -- [Box_ExternalUserCollaborations Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies collaboration invites sent to external users. These collaborations should be reviewed - to ensure sensitive data is not being shared outside of your organization. -- [Box_PermissionChanges Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Provides details on permission changes that have occurred over the past 30 days -- [Box_Sharing Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Provides details on sharing activity that has occurred over the past 30 days - -# 1.Activity Job Group - -The **Box** > **1.Activity** Job Group identifies long term trends of activity providing insight -into user activity, usage statistics, and suspicious behavior identifies long-term trends of -activity providing insight into user activity, usage statistics, and suspicious behavior. - -![1.Activity Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 1.Activity Job Group is comprised of: - -- [Forensics Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Provides details on the types of operations occurring within audited Box enterprises, including - deletions, file downloads, permission changes, and more -- [Suspicious Activity Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies areas and times of abnormal activity by analyzing typical activity patterns and - identifying outliers based on factors such as amount of activity or time of day -- [Usage Statistics Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies long-term trends of activity and usage statistics across your Box environment, - highlighting conditions such as most active or stale folders - -# Box_FailedLogins Job - -The Box_FailedLogins Job identifies failed logon events that have occurred over the last 30 days. A -failed logon can be an indication of security issues such as an attempt to access unauthorized -content, or operational issues such as a misconfigured service account. - -## Analysis Tasks for the Box_FailedLogins Job - -Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_FailedLogins** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_FailedLogins Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp) - -The following analysis tasks are selected by default: - -- Failed Logins – Creates the Box_FailedLogin_Details table accessible under the job’s Results node -- Failed Login User Summary – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Failed Login Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_FailedLogins Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------- | --------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Failed Logins | This report highlights the failed login activity occurring in the target Box environment over the last 30 days. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days summary of failed logins - Table – Provides details on last 30 days of failed login details | - -# Box_FirstTimeFolderAccess Job - -The Box_FirstTimeFolderAccess Job identifies the first time a user performs any activity on a folder -or a file over the past 30 days. - -## Analysis Tasks for the Box_FirstTimeFolderAccess Job - -View the analysis tasks by navigating to the **Box** > **1.Activity** > **Suspicious Activity** > -**Box_FirstTimeFolderAccess** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_FirstTimeFolderAccess Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp) - -The following analysis tasks are selected by default: - -- First Time Folder Access – Creates the Box_FirstTimeFolderAccess_Details table accessible under - the job’s Results node -- First Time Folder Access Last 30 Days – Creates an interim processing table in the database for - use by downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_FirstTimeFolderAccess Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | --------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| First Time Folder Access | This report highlights details for first time folder access per user. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of first time folder access - Table – Provides summary of last 30 days of first time folder access - Table – Provides details on first time folder access | - -# Box_UnusualDownloadActivity Job - -The Box_UnusualDownloadActivity Job highlights unusual download activity for a user on a specific -day by analyzing the download activity for a given user and looking for outliers. Unusual download -activity could indicate a compromised account or a malicious insider. - -## Analysis Task for the Box_UnusualDownloadActivity Job - -Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_UnusualDownloadActivity** > -**Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the Box_UnusualDownloadActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp) - -The following analysis task is selected by default: - -- Unusual Download Activity – Creates the Box_UnusualDownload_Details table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the Box_UnusualDownloadActivity Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Unusual Download Activity | This report provides insight into download activity that deviates from the normal range of expected downloads.  This is determined by using historical data for each file. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 most recent unusual download activity - Table – Provides details on unusual download activity | - -# Box_UnusualUserActivity Job - -The Box_UnusualUserActivity Job highlights unusual download activity for a user on a specific day by -analyzing the download activity for a given user and looking for outliers. Unusual download activity -could indicate a compromised account or a malicious insider. - -## Analysis Tasks for the Box_UnusualUserActivity Job - -Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_UnusualUserActivity** > -**Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_UnusualUserActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp) - -The following analysis task is selected by default: - -- Unusual User Activity – Creates the Box_UnusualUserActivity table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the Box_Content Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Unusual User Activity | This report provides insight into user activity that deviates from the normal range of expected activity.  This is determined by using historical data for each user. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 most recent unusual user activity - Table – Provides details on unusual user activity | - -# Box_WeekendActivity Job - -The Box_WeekendActivity Job highlights unusual download activity for a user on a specific day by -analyzing the download activity for a given user and looking for outliers. Unusual download activity -could indicate a compromised account or a malicious insider. - -## Analysis Tasks for the Box_WeekendActivity Job - -Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_WeekendActivity** > -**Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_WeekendActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp) - -The following analysis tasks are selected by default: - -- Weekend Activity – Creates the Box_WeekendActivity_Details table accessible under the job’s - Results node -- Weekend Activity Summary – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_WeekendActivity Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | -------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Weekend Activity | This report highlights the activity occurring on weekends in the target Box environment over the last 30 days. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of weekend activity for top 5 users - Table – Provides summary top 30 days of weekend activity - Table – Provides details on weekend Activity Details | - -# Suspicious Activity Job Group - -The Suspicious Activity Job Group identifies areas and times of abnormal activity by analyzing -typical activity patterns and identifying outliers based on factors such as amount of activity or -time of day. - -![Suspicious Activity Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The Suspicious Activity Job Group is comprised of: - -- [Box_FailedLogins Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies failed logon events that have occurred over the last 30 days -- [Box_FirstTimeFolderAccess Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies the first time a user performs any activity on a folder or a file over the past 30 - days -- [Box_UnusualDownloadActivity Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Highlights unusual download activity for a user on a specific day by analyzing the download - activity for a given user and looking for outliers -- [Box_UnusualUserActivity Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Highlights unusual activity for a user on a specific day by analyzing the activity for a given - user and looking for outliers -- [Box_WeekendActivity Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies Box activity events which have occurred on weekends over the last 30 days - -# Box_Folders_MostActive Job - -The Box_Folders_MostActive Job identifies long-term trends of activity and usage statistics across -your Box environment, highlighting conditions such as most active or stale folders. - -## Analysis Tasks for the Box_Folders_MostActive Job - -Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Folders_MostActive** > -**Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Folders_MostActive Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp) - -The following analysis task is selected by default: - -- Most Active Folders – Creates the Box_Folders_MostActive table accessible under the job’s Results - node - -In addition to the tables created by the analysis tasks, the Box_Folders_MostActive Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Most Active Folders | This report highlights the most active folder in the target Box environment over the last 30 days | None | This report is comprised of two elements: - Bar Chart – Displays last 30 days of most active folders - Table – Provides summary of most active folders | - -# Box_Folders_Stale Job - -The Box_Folders_Stale Job identifies the last time activity occurred for each folder in the Box -environment, highlighting stale folders which have not had activity in the last 30 days. These -folders can be subject to cleanup or consolidation. - -## Analysis Tasks for the Box_Folders_Stale Job - -Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Folders_Stale** > **Configure** -node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Folders_Stale Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp) - -The following analysis tasks are selected by default: - -- Stale Folder Details – Creates the Box_Folders_Stale table accessible under the job’s Results node -- No Activity – Creates the Box_Folders_NoActivity table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the Box_Folders_Stale Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------- | ------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Folders | This report highlights stale resources in the target Box environment over the last 30 days | None | This report is comprised of three elements: - Bar Chart – Displays top 5 stale folders - Table – Provides summary of folders with no activity - Table – Provides details on stale folders | - -# Box_Users_MostActive Job - -The Box_Users_MostActive Job analyzes user activity to highlight the most active and potentially -stale users within the environment based on the last 30 days of activity events. - -## Analysis Tasks for the Box_Users_MostActive Job - -Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Users_MostActive** > -**Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Users_MostActive Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp) - -The default analysis task is: - -- Most Active Users – Creates the Box_Users_MostActive table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the Box_Users_MostActive Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active Users | This report highlights the most active users in the target Box environment over the last 30 days. It also lists stale users that have had no activity in the last 30 days. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of the most active users - Table – Provides summary of last 30 days of the most active users | - -# Usage Statistics Job Group - -The Usage Statistics Job Group identifies long term trends of activity and usage statistics across -your Box environment, highlighting conditions such as most active or stale folders. - -![Usage Statistics Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The Usage Statistics Job Group is comprised of: - -- [Box_Folders_MostActive Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies long-term trends of activity and usage statistics across your Box environment, - highlighting conditions such as most active or stale folders -- [Box_Folders_Stale Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies long-term trends of activity and usage statistics across your Box environment, - highlighting conditions such as most active or stale folders -- [Box_Users_MostActive Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies long-term trends of activity and usage statistics across your Box environment, - highlighting conditions such as most active or stale folders - -# Box_Access Job - -The Box_Access Job analyzes access granted to users and groups in an organization's Box environment -in order to report on effective access rights, file-level permissions, and inactive access rights -that can be revoked. - -## Analysis Tasks for the Box_Access Job - -Navigate to **Box** > **Box_Access** > **Configure** node and select **Analysis** to view analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Access Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/accessanalysis.webp) - -The following analysis tasks are selected by default: - -- Calculate Access Details – Creates the Box_Access_Details table accessible under the job’s Results - node -- Summarize Access by User – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Summarize Access by Group – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the Box_Access Job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------- | ----------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Access (Box Access Overview) | This report highlights groups with access to Box resources, and summarizes them by group. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by access granted - Table – Provides details on top groups by access - Table – Provides details on group access | -| User Access | This report highlights users with access to Box resources, and summarizes them by group. | None | This report is comprised of three elements: - T-Chart – Displays top users by direct access - Table – Provides summary of user access - Table – Provides details on user access | - -# Box_GroupMembership Job - -The Box_GroupMembership Job provides visibility into group membership within an organization's Box -environment. - -## Analysis Tasks for the Box_GroupMembership Job - -Navigate to **Box** > **Box_GroupMembership** > **Configure** node and select **Analysis** to view -analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_GroupMembership Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/groupmembershipanalysis.webp) - -The following analysis task is selected by default: - -- Summarize Group Membership – Creates the Box_GroupMembership_Details table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the Box_Content Job produces the following -pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Membership (Box Group Membership) | This report summarizes Box group membership and lists all group membership across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by member count - Table – Provides summary of group membership - Table – Provides details on group membership | - -# 1-Box_Access Scans Job - -The 1-Box_Access Scans Job collects the data which will be further analyzed in order to provide -details on Box access rights, policies, configurations, and content. - -## Queries for the 1-Box_Access Scans Job - -The Scan Query uses the Box Data Collector to target all Box hosts and has been preconfigured to use -the Scan Box Permissions Category. If this query is not configured but has the access token, a full -scan of all folders at full depth is performed. Optionally, configure the query to limit the depth -of the scan. - -![Queries for the 1-Box_Access Scans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessqueries.webp) - -The 1-Box_Access Scans Job has the following queries: - -- Scan Query – Collects access data which will be further analyzed in order to provide details on - Box access rights, policies, configurations, and content - -Prior to the first execution, it is necessary to authenticate to the targeted Box environment. This -is done on the Authenticate page of the Scan query. Additionally, the following default -configurations are commonly customized: - -- Exclusions page: - - - Not scoped - -- Additional Scoping page: - - - Not scoped - -See the [Configure the 1-Box_Access Scans Job](#configure-the-1-box_access-scans-job) section for -instructions. - -### Configure the 1-Box_Access Scans Job - -The 1-Box_Access Scans Job contains the Scan Query. Follow the steps to configure the query. - -**Step 1 –** Navigate to the **Box** > **0.Collection** > **1-Box_Access Scans** > **Configure** -node and select **Queries**. - -**Step 1 –** In the Query Selection view, select the Scan Query and click **Query Properties**. The -Query Properties window opens. - -**Step 2 –** Select the **Data Source** tab, and click **Configure**. The Box Data Collector Wizard -opens. - -![Box Data Collector Wizard Exclusions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessexclusions.webp) - -**Step 3 –** On the Exclusions Page: - -- Add folders to be excluded -- Add folders to be included (scope scan to only these folders) - -![Box Data Collector Wizard Additional Scoping page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessadditionalscoping.webp) - -**Step 4 –** On the Additional Scoping page: - -- Optionally, select this option to limit the depth of the scan across the targeted Box account - -![Box Data Collector Wizard Scope by User page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessuserscope.webp) - -**Step 5 –** On the Scope By User Page: - -- Optionally, limit the scope of the scan to specified users by providing a CSV file - -![Box Data Collector Wizard Authenticate page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessauthenticate.webp) - -**Step 6 –** The Authenticate page is where the connection to the target Box environment is -configured. Click **Authorize** to launch the BoxLogin window and generate an authorization code. -This code allows Enterprise Auditor to report on the Box Enterprise. - -**NOTE:** Authentication to the target Box environment only needs to be completed once, prior to the -first scan and only in one of the scan jobs. - -**Step 7 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The 1-Box_Access Scans Job will execute according to the connection settings configuration. - -# 1-Box_Activity Scans Job - -The 1-Box_Activity Scans Job collects the data which will be further analyzed in order to provide -visibility into user activity events within Box. - -## Queries for the 1-Box_Activity Scans Job - -The Scan Query uses the Box Data Collector to target all Box hosts and has been preconfigured to use -the Scan Box Permissions Category. - -![Queries for the 1-Box_Activity Scans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityqueries.webp) - -The 1-Box_Activity Scans Job has the following queries: - -- Activity Scan – Collects activity data which will be further analyzed in order to provide - visibility into user activity events within Box. - -Prior to the first execution, it is necessary to authenticate to the targeted Box environment if -this has not already been done when configuring the 1-Box_Access Scans Job. This is done on the -Authenticate page of the Activity Scan query. Additionally, the following default configurations are -commonly customized: - -- Exclusions page: - - - Not scoped - -- Additional Scoping page: - - - Not scoped - -See the [Configure the 1-Box_Activity Scans Job](#configure-the-1-box_activity-scans-job) section -for instructions. - -### Configure the 1-Box_Activity Scans Job - -The 1-Box_Activity Scans Job contains the Activity Scan Query. Follow the steps to configure the -query. - -**Step 1 –** Navigate to the **Box** > **0.Collection** > **1-Box_Activity Scans** > **Configure** -node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the Scan Query and click **Query Properties**. The -Query Properties window displays. - -**Step 3 –** Select the Data Source tab, and click **Configure**. The Box Data Collector Wizard -opens. - -![Box Data Collector Wizard Exclusions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityexclusions.webp) - -**Step 4 –** On the Exclusions page: - -- Add folders to be excluded -- Add folders to be included (scope scan to only these folders) - -![Box Data Collector Wizard Additional Scoping page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityadditionalscoping.webp) - -**Step 5 –** On the Additional Scoping page: - -- Optionally, select this option to limit the depth of the scan across the targeted Box account - -![Box Data Collector Wizard Scope by User page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityuserscope.webp) - -**Step 6 –** On the Scope By User Page: - -- Optionally, limit the scope of the scan to specified users by providing a CSV file - -![Box Data Collector Wizard Activity Timespan Scope page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activitytimespanscope.webp) - -**Step 7 –** On the Activity Timespan Scope page: - -- Collect activity data within a Relative Timespan -- Collect activity data within an Absolute Timespan - -![Box Data Collector Wizard Activity Operation Scope page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityoperationscope.webp) - -**Step 8 –** On the Activity Operation Scope page: - -- Select Box enterprise event operations to collect - -![Box Data Collector Wizard Authenticate page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityauthenticate.webp) - -**Step 9 –** The Authenticate page is where the connection to the target Box environment is -configured. Click **Authorize** to launch the BoxLogin window and generate an authorization code. -This code allows Enterprise Auditor to report on the Box Enterprise. - -**NOTE:** Authentication to the target Box environment only needs to be completed once, prior to the -first scan and only in one of the scan jobs. - -**Step 10 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The 1-Box_Activity Scans Job will execute according to the connection settings configuration. - -# 2-Box_Import Job - -The 2-Box_Import Job takes the data that has been collected from the 1-Box_Access Scans Job and the -1-Box_Activity Scans Job and imports it to the Enterprise Auditor database to be analyzed in order -to provide detailed reports on Box access rights, policies, configurations, activities, and content. - -## Queries for the 2-Box_Import Job - -The Import Query uses the Box Data Collector and has been preconfigured to use the Import Box -Permissions Category. - -![Queries for the 2-Box_Import Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/importqueries.webp) - -The 2-Box_Import Job has the following query: - -- Import - Takes the data that has been collected from Box and imports it to the Enterprise Auditor - database to be analyzed in order to provide detailed reports on Box access rights, policies, - configurations, activities, and content. - -# 0.Collection Job Group - -The 0.Collection Job Group collects data which will be further analyzed in order to provide details -on Box access rights, policies, configurations, activities, and content. - -![Box > Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 0.Collection Job Group is comprised of: - -- [1-Box_Access Scans Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Collects the data which will be further analyzed in order to provide details on Box access - rights, policies, configurations, and content -- [1-Box_Activity Scans Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Collects the data which will be further analyzed in order to provide visibility into user - activity events within Box -- [2-Box_Import Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Takes the data that has been collected from Box and imports it to the Enterprise Auditor - database to be analyzed in order to provide detailed reports on Box access rights, policies, - configurations, activities, and content - -# Box_FileMetrics Job - -The Box_FileMetrics Job offers insight into content sizing, staleness, and ownership of files in the -Box environment. - -**NOTE:** The staleness threshold can be customized within the **File Metrics Details** analysis. - -## Analysis Tasks for the Box_FileMetrics Job - -Navigate to **Box** > **2.Content** > **Box_FileMetrics** > **Configure** node and select -**Analysis** to view analysis tasks. - -**CAUTION:** Most of these analysis tasks should never be modified and never be deselected. - -![Analysis Tasks for the Box_FileMetrics Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/content/filemetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- File Metrics Details – Creates the Box_FileMetrics_Details table accessible under the job’s - Results node - - Set to consider content stale after 30 days which is the @STALETHRESHOLD parameter value - - See the - [Customize Analysis Tasks for the Box_FileMetrics Job](#customize-analysis-tasks-for-the-box_filemetrics-job) - topic for additional information. -- File Count by User – Creates the Box_FileMetrics_UserFileCount table accessible under the job’s - Results node -- Total File Size by User – Creates the Box_FileMetrics_UserFileSize table accessible under the - job’s Results node -- File Counts by File Extension – Creates the Box_FileMetrics_ExtFileCount table accessible under - the job’s Results node -- File Size by File Extension – Creates the Box_FileMetrics_ExtFileSize table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the Box_FileMetrics Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | --------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Files by Extension | This report summarizes the Box content by file extension. | None | This report is comprised of four elements: - Pie Chart – Displays top 20 file counts by file extension - Bar Chart – Displays top 5 file size by file extension - Table – Provides details on file counts by file extension - Table – Provides details on file size by file extension | -| Files by User | This report summarizes the Box content by user. | None | This report is comprised of four elements: - Bar Chart – Displays top 5 file count by user - Bar Chart – Displays top 5 file size by user - Table – Provides details on file count by user - Table – Provides details on file size by user | - -### Customize Analysis Tasks for the Box_FileMetrics Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| -------------------- | --------------------------- | ------------- | ------------------------------------ | -| File Metrics Details | @STALE_THRESHOLD | 30 | Consider content stale after 30 days | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for instructions on how to modify parameters. - -# Box_FolderMetrics Job - -The Box_FolderMetrics Job offers insight into content sizing, staleness, and ownership of folders in -the Box environment. - -**NOTE:** The staleness threshold can be customized within the **Folder Metrics Details** analysis. -Largest and smallest folder size thresholds can be configured in a similar way on their respective -analysis tasks. - -## Analysis Tasks for the Box_FolderMetrics Job - -Navigate to **Box** > **2.Content** > **Box_FolderMetrics** > **Configure** node and select -**Analysis** to view analysis tasks. - -**CAUTION:** Most of these analysis tasks should never be modified and never be deselected. - -![Analysis Tasks for the Box_FolderMetrics Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/content/foldermetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- Folder Metrics Details – Creates the Box_FolderMetrics_Details table accessible under the job’s - Results node - - Set to consider content stale after 30 days which is the @STALETHRESHOLD parameter value - - See the - [Customizable Analysis Tasks for the Box_FolderMetrics Job](#customizable-analysis-tasks-for-the-box_foldermetrics-job) - topic for additional information. -- Largest Folders – Creates the Box_FolderMetrics_Largest table accessible under the job’s Results - node -- Smallest Non-Empty Folders – Creates the Box_FolderMetrics_Smallest table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the Box_FolderMetrics Job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Largest Folders | This report summarizes the Box content by folder size. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 largest folders - Table – Provides details on largest folders | -| Smallest Folders | This report summarizes the Box content by folder size. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 smallest folders with files - Table – Provides details on smallest folders with files - Table – Provides details on empty folders | - -### Customizable Analysis Tasks for the Box_FolderMetrics Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ---------------------- | --------------------------- | ------------- | ------------------------------------ | -| Folder Metrics Details | @STALE_THRESHOLD | 30 | Consider content stale after 30 days | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) topic -for instructions on how to modify parameters. - -# 2.Content Job Group - -The 2.Content Job Group analyzes and summarizes the content of the targeted Box environment, -highlighting users with the most content as well as what type of content exists. This information -can also be used to identify stale content that can be removed or archived to reduce risk. - -![2.Content Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 2.Content Job Group is comprised of: - -- [Box_FileMetrics Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Offers insight into content sizing, staleness, and ownership of files in the Box environment. - The staleness threshold can be customized within the **File Metrics Details** analysis. -- [Box_FolderMetrics Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Offers insight into content sizing, staleness, and ownership of folders in the Box environment. - The staleness threshold can be customized within the **Folder Metrics Details** analysis. Largest - and smallest folder size thresholds can be configured in a similar way in their respective - analysis tasks. - -# Box Solution - -The Box solution set contains jobs to provide visibility into Box access rights, policies, -configurations, activities, and more, ensuring you never lose sight or control of your critical -assets residing in Box. - -Supported Platforms - -- Box for Business - -Requirements, Permissions, and Ports - -See the -[Target Box Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Location - -The Box Solution requires a special Enterprise Auditor license. It can be installed from the Instant -Job Wizard. Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > -**Box**. - -![Box Solution in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 0.Collection Job Group collects the data. The other job groups run analysis on the collected -data and generate reports. - -## Jobs - -The Box solution contains jobs to highlight access, analyze content, and expand group membership in -an organization's Box environment. - -![Box Solution Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The Box Solution has the following job groups and jobs: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Collects the data which will be further analyzed in order to provide details on Box access - rights, policies, configurations, activities, and content -- [1.Activity Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Identifies long term trends of activity providing insight into user activity, usage statistics, - and suspicious behavior by analyzing enterprise events within the Box environment -- [2.Content Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Analyzes and summarizes the content of the Box environment, highlighting users with the most - content as well as what type of content exists -- [Box_Access Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Analyzes access granted to users and groups in an organization's Box environment in order to - report on effective access rights, file-level permissions, and inactive access rights that can be - revoked -- [Box_GroupMembership Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/box-analysis.md) - – Expands group membership in an organization's Box environment - -# Recommended Configurations for the Box Solution - -The jobs that run analysis tasks in the Box Solution requires the host list to be assigned. - -Dependencies - -- The .Active Directory Inventory Job Group must be successfully run prior to running this Job Group -- 2-Box_Import Job – Imports data collected by the 1-Box_Access Scans Job and 1-Box_Activity Scans - Job - -Targeted Hosts - -- Enterprise_ID for the target Box environment - -Within host inventory, the Box hosts will return a HostStatus of **Offline**. - -If multiple Enterprise_IDs are to be scanned, it is necessary to duplicate the jobs within the -0.Collection Job Group for each target host. Since the 2-Box_Import Job must always be run after the -1-Box_Access Scans Job and 1-Box_Activity Scans Job, it is a best practice to set up sub-job groups -for each target named to identify the target, for example EMEA Box. Copying the jobs will append a -number to the job’s name. Once authorization codes have been generated for each 1-Box_Access Scans -Job and 1-Box_Activity Scans Job, then the solution can be scheduled to run as desired. - -Connection Profile - -The Box Solution requires a specific credential for the Connection Profile which has access to the -SA Installer location. It is also necessary to authenticate to the target Box environment, which is -done through the Box Data Collector query configuration. An Enterprise Admin account (or Co-Admin -account with permission to **Run new reports and access existing reports** enabled) credential is -needed to generate an authorization code in the form of an Access Token. This can be done through -the query configuration either in the 1-Box_Access Scans Job’ Authentication wizard page or the -1-Box_Activity Scans Job’s Authentication wizard page of the Box Data Collector Wizard. See the -[Box Data Collector](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/box.md) -topic for additional information. - -Access Token - -The Access Token is valid for 60 days. If Box scans are running on a regular schedule, then the -Access Token automatically refreshes once an hour. However, if it has been more than 60 days since -the last scan, it is necessary to regenerate the Access Token. - -Schedule Frequency - -The Box Job Group can be scheduled to run as desired. - -Query Configuration - -This solution can be run with the default query configuration. However, the following queries in the -0.Collection Job Group can be modified to limit the depth of the scan: - -- 1-Box_Access Scans Scan query -- 1-Box_Activity Scans Activity Scan query - -The Box_Import Job's Import query is preconfigured to run a full import and should not be modified. - -Analysis Configuration - -This solution can be run with the default analysis configuration. However, the following parameters -can be modified: - -- The @STALETHRESHOLD parameter determines the number of days after which content is considered - stale. It is set to default of 30 days. The @STALETHRESHOLD parameter can be customized in the - following analysis tasks: - - 2.Content > Box_FileMetrics in the File Metrics Details analysis task - - 2.Content > Box_FolderMetrics Folder in the Metrics Details analysis task - -Workflow - -**Step 1 –** Prerequisite: Run the .Active Directory Inventory Job Group. - -**Step 2 –** (Optional) Modify query configurations for the 0.Collection Job Group to limit the scan -depth. - -**Step 3 –** In the 1-Box_Access Scans Job, configure the Scan query to generate an authentication -code to authenticate to the targeted Box environment. This step only needs to be run prior to the -first scan. - -**Step 4 –** (Optional) Modify analysis task parameters for the reporting jobs. - -**Step 5 –** Schedule the Box Job Group to run as desired. - -**NOTE:** The 0.Collection > 2-Box_Import Job must be run after the 1-Box_Access Scans Job and -1-Box_Activity Scans Job because it imports the data collected by the scan jobs. - -**Step 6 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md b/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md deleted file mode 100644 index f96628edc3..0000000000 --- a/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md +++ /dev/null @@ -1,619 +0,0 @@ -# 1-Dropbox_Permissions Scan Job - -The 1-Dropbox_Permissions Scan job collects data from the Dropbox environment on access rights, -sharing policies, configurations, and content. - -**CAUTION:** This job should not be run if running sensitive data scans against the Dropbox Business -environment. - -## Queries for the 1-Dropbox_Permissions Scan Job - -The 1-Dropbox_Permissions Scan job has been preconfigured to run with the default settings with the -category of Dropbox Access. - -![Queries for the 1-Dropbox_Permissions Scan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/permissionsscanquery.webp) - -The query for the 1-Dropbox_Permissions Scan job is: - -- Dropbox Access – Collects the data on access rights, sharing policies, configurations, and content - -### Configure the Dropbox Access Query - -Follow the steps to either generate the access token needed for the Connection Profile (only done -prior to first execution) or to set any desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **Dropbox** > **0.Collection** > **1-Dropbox_Permissions -Scan** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties** to open the Query Properties -window. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Dropbox Access Auditor -Data Collector Wizard opens. - -![Dropbox Access Auditor Data Collector Wizard Scan Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsscanoptionspage.webp) - -**Step 4 –** T Use the Scan Options page ito generate the access token prior to the first execution -of the job group. - -- Remember to copy the access token, either from the textbox or using the **Copy to Clipboard** - button, and use it in the Connection Profile assigned to the Dropbox Solution. Once the access - token has been generated and copied, if no customizations are to be made, click **Cancel** to - close the Dropbox Access Auditor Data Collector wizard. -- See the - [DropboxAccess: Scan Options](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) - topic for full instructions on generating the access token - -**Step 5 –** If query customizations are desired, click **Next** to continue. - -![Dropbox Access Auditor Data Collector Wizard Scoping page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsscopingpage.webp) - -**Step 6 –** On the Scoping page, select whether to scan **All Users** or **Limited Users**. If -**Limited Users** is selected, browse to a CSV file with one email address per row for the desired -users. In the File Permissions section, select the **Collect File Level Permissions** checkbox to -collect permissions at the file level. When finished with this page, click **Next**. - -**Step 7 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 1-Dropbox_Permissions Scan job has now been customized. - -# 1-Dropbox_SDD Scan Job - -The 1-Dropbox_SDD Scan job collects data from the Dropbox environment on access rights, sharing -policies, configurations, content and sensitive data. - -## Queries for the 1-Dropbox_SDD Scan Job - -The 1-Dropbox_SDD Scan job has been preconfigured to run under the default settings within the -category of Scan for Sensitive Content. - -![Queries for the 1-Dropbox_SDD Scan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddscanquery.webp) - -The query for the 1-Dropbox_SDD Scan job is: - -- Sensitive Data Scan – Scans Dropbox for sensitive data - -### Configure the Sensitive Data Scan Query - -Follow the steps to either generate the access token needed for the Connection Profile (only done -prior to first execution) or to set any desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **Dropbox** > **0.Collection** > **1-Dropbox_SDD Scan** > -**Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties** to open the Query Properties -window. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Dropbox Access Auditor -Data Collector Wizard opens. - -![Dropbox Access Auditor Data Collector Wizard Scoping page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddscopingpage.webp) - -**Step 4 –** On the Scoping page, select whether to scan **All Users** or **Limited Users**. If -**Limited Users** is selected, browse to a CSV file with one email address per row for the desired -users. In the File Permissions section, select the **Collect File Level Permissions** checkbox to -collect permissions at the file level. See the -[DropboxAccess: Scoping](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) topic -for additional information. - -![Dropbox Access Auditor Data Collector Wizard DLP Audit Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sdddlpsettings.webp) - -**Step 5 –** On theDLP Audit Settings page: - -- Modify the maximum file size to be scanned -- Modify file types to be scanned -- Enable storing of discovered match hits -- Enable differential scanning - -See the -[DropboxAccess: DLP Audit Settings](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -topic for additional information. - -![Dropbox Access Auditor Data Collector Wizard Select DLP criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddselectdlpcriteria.webp) - -**Step 6 –** On the Select DLP Criteria for This Scan page , add or remove criteria as desired. - -- (Optional) Create custom criteria with the **Edit** option. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information. - -See the -[DropboxAccess: Select DLP Criteria](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -topic for additional information. - -**Step 7 –** On the Completion Page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 1-Dropbox_SDD Scan job has now been customized. - -# 2-Dropbox_Permissions Bulk Import Job - -The 2-Dropbox_Permissions Bulk Import job imports the data collected by the 1-Dropbox \_Permissions -Scan job to the Enterprise Auditor database for use by the analysis tasks. - -**CAUTION:** This job should not be run if running sensitive data scans against the Dropbox Business -environment. - -## Queries for the 2-Dropbox_Permissions Bulk Import Job - -The 2-Dropbox_Permissions Bulk Import job has been preconfigured to run with the default settings -with the category of Bulk Import Access Scan Results. - -![Queries for the 2-Dropbox_Permissions Bulk Import Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsbulkimportquery.webp) - -The query for the 2-Dropbox_Permissions Bulk Import job is: - -- Dropbox Bulk Import – Imports data collected by the 1-Dropbox_Permissions Scan job to the - Enterprise Auditor database - -There are no customization options available for this job. The Summary page of the Dropbox Access -Auditor Data Collector wizard can be viewed at the **Jobs** > **Dropbox** > **0.Collection** > -**2-Dropbox_Permissions Bulk Import** > **Configure** > **Queries** node. - -# 2-Dropbox_SDD Bulk Import Job - -The 2-Dropbox_SDD Bulk Import job imports the data collected by the 1-Dropbox_SDD Scan job to the -Enterprise Auditor database for use by the analysis tasks. - -## Queries for the 2-Dropbox_SDD Bulk Import Job - -The 2-Dropbox_SDD Bulk Import Job has been preconfigured to run with the default settings with the -category of Bulk Import Sensitive Content Scan. - -![Queries for the 2-Dropbox_SDD Bulk Import Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddbulkimportquery.webp) - -The query for the 2-Dropbox_SDD Bulk Import job is: - -- DropboxSDD Bulk Import – Imports data collected by the Dropbox 1-SDD Scan Job into the Enterprise - Auditor database - -There are no customization options available for this job. The Summary page of the Dropbox Access -Auditor Data Collector wizard can be viewed at the **Jobs** > **Dropbox** > **0.Collection** > -**2-Dropbox_SDD Bulk Import** > **Configure** > **Queries** node. - -# 0.Collection Job Group - -The **Dropbox** > **0.Collection** job group scans the targeted Dropbox site using the DropboxAccess -Data Collector. The collected data is then available to other job groups in the Dropbox solution and -the Access Information Center for analysis. - -![0.Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 0.Collection job group is comprised of: - -- [1-Dropbox_Permissions Scan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - – This job is responsible for scanning the target Dropbox site -- [1-Dropbox_SDD Scan Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - – This job is responsible for scanning sensitive data in the target Dropbox site. The Sensitive - Data Discovery Add-On is required to run this job. The Dropbox sensitive data Discovery Reports in - the Access Information Center are also populated by this data. See the Resource Audits Overview - topic in the - [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) - for additional information. -- [2-Dropbox_Permissions Bulk Import Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - – This job is responsible for importing the collected data into the Enterprise Auditor database -- [2-Dropbox_SDD Bulk Import Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - – This job is responsible for importing the collected sensitive data into the Enterprise Auditor - database. The Sensitive Data Discovery Add-On is required to run this job. The Dropbox sensitive - data Discovery Reports in the Access Information Center are also populated by this data. See the - Resource Audits Overview topic in the - [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) - for additional information. - -The relationship between the scan and bulk import jobs requires the following considerations: - -- A scan job executed from an Enterprise Auditor Console must be followed by the corresponding bulk - import job from the same Enterprise Auditor Console version -- Two scan jobs processing the same information, for example two 1-Dropbox_Permissions Scan jobs, - cannot be executed consecutively against the same target host. The corresponding bulk import job, - for example 2-Dropbox_Permissions Bulk Import job, must be executed in between. -- For the Dropbox Solution, the bulk import jobs require the same connection profile as used in the - corresponding scan jobs - -**_RECOMMENDED:_** When running the sensitive data jobs, disable the permissions jobs, and vice -versa. - -_Remember,_ prior to running the Dropbox Solution for the first time, it is necessary to generate an -access token to be used in the Connection Profile. This only needs to be done once. See the -[Configure the Dropbox Access Query](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md#configure-the-dropbox-access-query) -topic for additional information. - -# 1.Access > Dropbox_Access Job - -The Dropbox_Access job provides insight into effective access to resources within the targeted -Dropbox environment, specifically highlighting inactive access rights that can be revoked. It is -dependent on data collected by the 0.Collection job group. This job processes analysis tasks and -generates reports. - -![1.Access > Dropbox_Access Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/accessjobstree.webp) - -The Dropbox_Access job is located in the 1.Access job group. - -## Analysis Tasks for the Dropbox_Access Job - -View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **1.Access** > **Dro -pbox_Access** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Dropbox_Access Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/accessanalysis.webp) - -- Get access details – Creates the SA_Dropbox_Access_Details table accessible under the job’s - Results node -- Summarize access details – Creates the SA_Dropbox_Access_Summary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks which display effective access to resources, -the Dropbox_Access job produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Effective Access | This report shows effective access for all files in Dropbox. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays access by team - Table – Provides summary of database access - Table – Provides details on database access | -| Inactive Access | This report identifies instances of inactive access in Dropbox. Inactive access to a shared folder occurs when a user has left the shared folder, but can still rejoin it. | None | This report is comprised of two elements: - Bar Chart – Displays inactive access by team - Table – Provides details on inactive access | - -# 4.Content > Dropbox_Content Job - -The Dropbox_Content job provides insight into the type, size, and age of the content within the -targeted Dropbox environment. It is dependent on data collected by the 0.Collection job group. This -job processes analysis tasks and generates reports. - -![4.Content > Dropbox_Content Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/content/contentjobstree.webp) - -The Dropbox_Content job is located in the 4.Content job group. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The Dropbox_Content job has the following customizable parameter: - -- Days since File Modification before a file is considered stale - -See the -[Customizable Analysis Tasks for the Dropbox_Content Job](#customizable-analysis-tasks-for-the-dropbox_content-job) -topic for additional information. - -## Analysis Tasks for the Dropbox_Content Job - -View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **4.Content** > -**Dropbox_Content** > **Configure** node and select **Analysis**. - -**CAUTION:** Most of the analysis tasks should not be modified or deselected. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Dropbox_Content Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/contentanalysis.webp) - -- Summarizes content by mimetype, classification – Creates an interim processing table in the - database for use by downstream analysis and report generation -- Determines stale data by owner: - - - By default, a stale file has not been modified in the past 365 days. You can modify this - analysis task to edit this number of days. See the - [Customizable Analysis Tasks for the Dropbox_Content Job](#customizable-analysis-tasks-for-the-dropbox_content-job) - topic for additional information. - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_Dropbox_StaleData_OwnerSummary table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display content details, the -Dropbox_Content job produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Content By Type | This report breaks down Dropbox content by mimetype and classification. | None | This report is comprised of two elements: - Pie Chart – Displays content types by size - Table – Provides details on all content | -| Stale Content | This report identifies stale content within Dropbox by owner. | Stale Data | This report is comprised of three elements: - Stacked Bar Chart – Displays data ownership - Table – Provides summary of content - Table – Provides details on owners | - -### Customizable Analysis Tasks for the Dropbox_Content Job - -The time frame used to define stale content is set by default to 365 days. This can be modified -within the **Determines stale data by owner** analysis task. The customizable parameter feature -enables you to easily set this value. - -| Customizable Parameter Name | Default Value | Value Indicates | -| --------------------------- | ------------- | --------------------------------------------------------------------------------------------- | -| @days_since_modified | 365 | How many days since the last modified day in order for a file to be considered stale content. | - -The parameter can be customized and is listed in a section at the bottom of the SQL Script Editor. -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -# 3.Group Membership > Dropbox_GroupMembership Job - -The Dropbox_GroupMembership job provides insight into group membership within the targeted Dropbox -environment, highlighting the largest groups. It is dependent on data collected by the 0.Collection -job group. This job processes analysis tasks and generates a report. - -![3.Group Membership > Dropbox_GroupMembership Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/groupmembershipjobstree.webp) - -The Dropbox_GroupMembership job is located in the 3.Group Membership job group. - -## Analysis Tasks for the Dropbox_GroupMembership Job - -View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **3.Group Membership** > -**Dropbox_GroupMembership** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Dropbox_GroupMembership Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/groupmembershipanalysis.webp) - -- Get group membership details – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Summarize group membership by team – Creates the SA_Dropbox_GroupMembership_Summary table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display group membership details, the -Dropbox_GroupMembership job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ---------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Membership | This report lists membership and owners for all groups within Dropbox. | None | This report is comprised of three elements: - Bar Chart – Displays largest groups - Table – Provides summary of group membership - Table – Provides details on membership | - -# 5.Sensitive Data > Dropbox_SensitiveData Job - -The Dropbox_SensitiveData job identifies locations within Dropbox where sensitive data is present. -It analyzes sensitive data collected and imported by the 0.Collection job group, specifically data -discovered by the Dropbox SDD jobs. The generated reports give visibility into the types of -sensitive data found, where it exists, who has access to it, and the sharing policies configured on -it. - -![5.Sensitive Data > Dropbox_SensitiveData Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) - -The Dropbox_SensitiveData job is located in the 5.Sensitive Data job group. - -## Analysis Tasks for the Dropbox_SensitiveData Job - -View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **5.Sensitive Data** > -**Dropbox_SensitiveData** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Dropbox_SensitiveData Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) - -- 1. Enterprise Summary – Creates the SA_Dropbox_SensitiveData_EnterpriseSummary table accessible - under the job’s Results node -- 2. Folder Details – Creates the SA*Dropbox* SensitiveData_FolderDetails table accessible under - the job’s Results node -- 3. Folder Summary – Creates the SA*Dropbox* SensitiveData_FolderSummary table accessible under - the job’s Results node -- 4. Permission Details – Creates the SA*Dropbox* SensitiveData_PermissionDetails table accessible - under the job’s Results node -- 5. Permission Summary – Creates the SA*Dropbox* SensitiveData_PermissionSummary table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks which display effective access to resources, -the Dropbox_SensitiveData job produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report identifies the type and amount of sensitive content found on Dropbox. | None | This report is comprised of two elements: - Pie Chart – Displays criteria summary by match count - Table – Provides criteria summary by match count | -| Folder Details | This report identifies the location of sensitive data, and flags whether or not this data is accessible through open access. | None | This report is comprised of three elements: - Bar Chart – Displays top sensitive folders by file count - Table – Provides top sensitive folders by file count - Table – Provides top sensitive folder details by match count | -| Sensitive Data Permissions | This report identifies the sensitive data locations and associated permissions. | None | This report is comprised of three elements: - Bar Chart – Displays sensitive data permission summary by file count - Table – Provides sensitive data permission summary by file count - Table – Provides sensitive data permissions by match count | - -# 2.Sharing > Dropbox_Sharing Job - -The Dropbox_Sharing job provides insight into the sharing of resources within the targeted Dropbox -environment. It is dependent on data collected by the 0.Collection job group. This job processes -analysis tasks and generates a report on which resources are being shared and under which policy the -sharing occurs. Best practices often dictate that these resources should be carefully monitored due -to the amount of access to the data. If these resources contain privileged data, the access should -be reevaluated or the sensitive resources relocated. - -![2.Sharing > Dropbox_Sharing Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/sharingjobstree.webp) - -The Dropbox_Sharing job is located in the 2.Sharing job group. - -## Analysis Tasks for the Dropbox_Sharing Job - -View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **2.Sharing** > -**Dropbox_Sharing** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Dropbox_Sharing Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/sharinganalysis.webp) - -- Get shared folder details – Creates the SA_Dropbox_Sharing_Details table accessible under the - job’s Results node -- Summarize sharing by team – Creates the SA_Dropbox_Sharing_TeamSummary table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks which display details on shared resources, -the Dropbox_Sharing job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ---------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Shared Files and Folders | This report lists all shares by team, and provides sharing policy and owner information. | None | This report is comprised of three elements: - Bar Chart – Displays shared folders by team - Table – Provides details on shared folders by team - Table – Provides details on shares | - -# Dropbox Solution - -The Dropbox Solution is an auditing, compliance, and governance solution for Dropbox for Business. -Key capabilities include effective access calculation, sensitive data discovery, file content -inspection, inactive access and stale data identification, and entitlement collection for -integration with Identity & Access Management (IAM) processes. - -The Dropbox Solution is designed to offer an overview of an organization’s Dropbox environment by -scanning the targeted Dropbox site. Key information includes: - -- Effective access to Dropbox resources -- Outline of shared Dropbox resources -- Detailed Dropbox group membership -- Breakdown of Dropbox content by size, type, and owner - -Dropbox can scan the contents of over 400 file types to discover which files contain sensitive data -using the Sensitive Data Discovery Add-on. - -Supported Platforms - -- Dropbox - -Requirements, Permissions, and Ports - -See the -[Target Dropbox Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Location - -The Dropbox Solution requires a special Enterprise Auditor license. It can be installed from the -Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to the solution: -**Jobs** > **Dropbox**. - -The 0.Collection job group collects the data. The other job groups run analyses on the collected -data and generate reports. - -## Job Groups - -The Dropbox Solution offers an overview of an organization’s Dropbox environment by scanning the -targeted Dropbox site. It is comprised of jobs which collect, analyze, and report on data. The data -collection is conducted by the DropboxAccess Data Collector. See the -[Standard Reference Tables & Views for the DropboxAccess Data Collector](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -topic for database table information. - -![Dropbox Solution Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The following jobs comprise the Dropbox Solution: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - – Scans the targeted Dropbox site and generates the standard reference tables and views -- [1.Access > Dropbox_Access Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - – Reports on effective access to Dropbox resources in the targeted environment -- [2.Sharing > Dropbox_Sharing Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - – Reports on the sharing of Dropbox resources in the targeted environment -- [3.Group Membership > Dropbox_GroupMembership Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - – Reports on Dropbox group membership in the targeted environment -- [4.Content > Dropbox_Content Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - – Reports on Dropbox content by size, type, and owner in the targeted environment -- [5.Sensitive Data > Dropbox_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - – Reports on sensitive data in the targeted Dropbox site - -# Recommended Configurations for the Dropbox Solution - -The Dropbox Solution requires the host list to be assigned and the Connection Profile configured -before job execution. Once these are assigned to the job group, it can be run directly or scheduled. - -Targeted Hosts - -The Dropbox solution has been configured to inherit the host list assignment from the collection job -group level. - -The host list assignment should be assigned under the **Dropbox** > **0.Collection** > -**Settings** > **Host List Assignment** node. Select the **Local host** option. - -Connection Profile - -The DropboxAccess Data Collector requires a specific set of permissions to generate an access token -which is used to configure the Connection Profile for Dropbox. The access token is generated in the -Dropbox Access Auditor Data Collector Wizard on the Scan Options page (accessed through the -**1-Dropbox_Permissions Scan** job’s **Queries** node). The access token only needs to be generated -once, prior to running the job group for the first time. Then it is used as the credential in the -Connection Profile. See the -[DropboxAccess: Scan Options](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -topic for additional information. - -The Dropbox solution has been configured to inherit the Connection Profile from the collection job -group level. The Connection Profile should be assigned under the **Dropbox** > **0.Collection** > -**Settings** > **Connection** node. It is set to **Use the Default Profile**, as configured at the -global settings level. However, since this may not be the Connection Profile with the necessary -permissions for Dropbox, select the **Select one of the following user defined profiles** option and -select the appropriate Connection Profile from the drop-down menu. See the -[Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -topic for additional information on configuring the Dropbox credential. The Dropbox bulk import jobs -requires the same connection profile as used in the corresponding Dropbox scan jobs - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information on creating Connection Profiles. - -Schedule Frequency - -The Dropbox solution can be scheduled to run as desired. - -History Retention - -Not supported and should be turned off. - -Multi Console Support - -Not supported. - -Run Order - -The 0.Collection jobs must be run first and in order. Run the **1-Dropbox_Permissions Scan** job and -then the **2-Dropbox_Permissions Bulk Import** job. For the sensitive data jobs, run the -**1-Dropbox_SDD Scan** job and then the **2-Dropbox_SDD Bulk Import** job. - -**_RECOMMENDED:_** When running the sensitive data jobs, disable the permissions jobs, and vice -versa. - -After running the 0.Collection jobs, the other Dropbox solution job groups can be run in any order. -Best practice is to run at the solution level. - -Query Configuration - -This solution can be run with the default query configurations. The Scoping page of the Dropbox -Access Auditor Data Collector Wizard can be customized to target specific user accounts. See the -[DropboxAccess: Scoping](/docs/accessanalyzer/11.6/data-collection/cloud-platforms/dropbox.md) -topic for additional information. - -Analysis Configuration - -This solution should be run with the default analysis configuration. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this solution. - -Though the analysis tasks should not be deselected the time frame used to define staleness can be -modified: - -- Stale content set to default of 365 days - - - Configured within the **4.Content** > **Dropbox_Content** job - - **Determines stale data by owner** analysis task - - See the - [4.Content > Dropbox_Content Job](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md) - topic for additional information - -Additional Consideration - -The jobs contained in the solution use custom SQL scripts to render views on collected data. SQL -views are used to populate report element tables and graphs. Changing or modifying the group, job, -or table names will result in no data displayed within the Access Information Center. - -Workflow - -The following is the recommended workflow: - -**Step 1 –** Run the **1-Dropbox_Permissions Scan** job (for sensitive data, run the **1-Dropbox_SDD -Scan** job). - -**Step 2 –** Run the **2-Dropbox_Permissions Bulk Import** job (for sensitive data, run the -**2-Dropbox_SDD Bulk Import** job). - -**Step 3 –** Run the desired corresponding analysis and reporting sub-job groups. - -_Remember,_ prior to running the Dropbox solution for the first time, it is necessary to generate an -access token to be used in the Connection Profile. This only needs to be done once. See the -[Configure the Dropbox Access Query](/docs/accessanalyzer/11.6/solutions/cloud-platforms/dropbox-analysis.md#configure-the-dropbox-access-query) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/cross-platform/anyid-integration.md b/docs/accessanalyzer/11.6/solutions/cross-platform/anyid-integration.md deleted file mode 100644 index 7449ea7783..0000000000 --- a/docs/accessanalyzer/11.6/solutions/cross-platform/anyid-integration.md +++ /dev/null @@ -1,658 +0,0 @@ -# AnyID_CSV Job - -The AnyID_CSV job imports a list of identities and attributes from a CSV file. Use this when a -native integration may not be available, or an export is the best option. - -**_RECOMMENDED:_** Copy the CSV file to the Enterprise Auditor Console for the best import -performance. - -![AnyID_CSV Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvjoblocation.webp) - -The AnyID_CSV job is located in the **Jobs** > **AnyID Connectors** job group. - -## Recommended Configurations for the AnyID_CSV Job - -The following are recommended configurations for the AnyID_CSV job: - -Dependencies - -None - -Targeted Host - -Local Host - -Connection Profile - -The AnyID_CSV job does not require a connection profile. - -History Retention - -Default Retention Period. See the -[History](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md) topic -for additional information. - -Multi-Console Support - -Not supported - -Schedule Frequency - -Schedule the job as required. - -Query Configuration - -This job contains configurable queries. See the -[Configure the AnyID_CSV Query](#configure-the-anyid_csvquery) topic for additional information. - -Analysis Configuration - -See the [Analysis Tasks for the AnyID_CSV Job](#analysis-tasks-for-the-anyid_csvjob) topic for -additional information. - -Workflow - -**Step 1 –** Prepare a CSV file for import. - -**Step 2 –** Configure the configurable query parameters. - -**Step 3 –** Run the job. - -**Step 4 –** Review the report generated by the job. - -## Queries for the AnyID_CSV Job - -The AnyID_CSV query uses the PowerShell Data Collector. - -![Queries for the AnyID_CSV Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvqueries.webp) - -The query is: - -- CSV Import – Imports identities and attributes from a CSV file. See the - [Configure the AnyID_CSV Query](#configure-the-anyid_csvquery) topic for additional information. - -### Configure the AnyID_CSV Query - -Follow the steps to configure the AnyID_CSV query. - -![ The name of the source repository parameter on the job Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvoverviewpage.webp) - -**Step 1 –** Navigate to and select the **AnyID Connectors** > **AnyID_CSV** node. In the -Configuration section of the job's Overview page, click the configure button for the **The name of -the source repository** parameter. In the Configure Window, enter the name of the source repository -where the list of identities and related attributes were retrieved from. - -**Step 2 –** Navigate to the **AnyID Connectors** > **AnyID_CSV** > **Configure** node and select -**Queries**. - -**Step 3 –** In the Query Selection view, select the CSV Import query and click **Query -Properties**. The Query Properties window opens. - -**Step 4 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector -Wizard opens. - -![Edit Query Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvqueryeditquery.webp) - -**Step 5 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of -the page to expand the Parameters window. Configure the following attributes: - -**CAUTION:** The following attributes must be configured in order for the job to execute properly. - -- $inputfile – File path to the CSV file which contains the identity and attribute information -- $RequiredAttributes – The list of attributes that need to be found in the document in order to - trigger a match - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $Attributes – The list of attributes that will be scanned for during sensitive data scanning - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $ID – Column which uniquely identifies each subject -- $SubjectType – Either a reference to a column in the CSV file or a string which indicates the type - of subjects being imported -- $batchSize – (Optional) The number of rows to process in a batch. Leave at default unless - otherwise required. -- $debugMode – (Optional) When set to true, stores unhashed attribute values for troubleshooting - purposes - -**Step 6 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save -changes. Click **Cancel** to exit the wizard without saving changes. - -The query is now ready to run. - -## Analysis Tasks for the AnyID_CSV Job - -Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_CSV** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AnyID_CSV Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvanalyses.webp) - -The default analysis tasks are: - -- Create Subject Profile Type – Creates subject profile type -- Create Subject Profile Stored Procedure – Creates subject profile stored procedure -- Merge into Subject Profile schema – Merges into subject profile schema -- Calculate completion details – Calculates attribute completion for imported subjects - -In addition to the tables created by the analysis tasks, the AnyID_CSV job produces the following -preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | --------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| CSV Imports | This report highlights subjects imported from the provided CSV file, and summarizes attribute completion. | None | This report is comprised of four elements: - Table – Contains information on imported subjects - Bar Chart – Provides information on subject types - Table – Contains information on the attributes summary - Table – Contains information on subject details | - -# AnyID_EpicClarity Job - -The AnyID_EpicClarity job collects patient information from Epic including MRNs, SSNs, Subscriber -IDs, and Account IDs. An account with read access to the underlying Clarity Oracle database is -required in order to run queries. - -![AnyID_EpicClarity Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityjoblocation.webp) - -The AnyID_EpicClarity job is located in the **Jobs** > **AnyID Connectors** job group. - -## Recommended Configurations for the AnyID_EpicClarity Job - -The following are recommended configurations for the AnyID_EpicClarity job: - -Dependencies - -The AnyID_EpicClarity job requires a CSV file with a filepath configured in the job's query to -collect data. See the -[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for -additional information. - -Targeted Host - -Epic Clarity Database Server - -Connection Profile - -Read Access to the underlying Clarity Oracle database. - -History Retention - -Default Retention Period. See the -[History](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md) topic -for additional information. - -Multi-Console Support - -Not supported - -Schedule Frequency - -This job should be run based on the desired frequency of Sensitive Data Scans. - -Query Configuration - -This job contains configurable queries. See the Configure the -[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for -additional information. - -Analysis Configuration - -Run the solution with the default analysis configuration for best results. - -Workflow - -**Step 1 –** Configure the configurable query parameters for the job. - -**Step 2 –** Run the job. - -**Step 3 –** Review the report generated by the job. - -## Queries for the AnyID_EpicClarity Job - -The AnyID_EpicClarity job uses the PowerShell Data Collector for queries. - -![Queries for the AnyID_EpicClarity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityqueries.webp) - -The queries are: - -- Epic Clarity Patients – Imports Epic Clarity subject profile information for patients -- Epic Clarity Accounts – Imports Epic Clarity subject profile information on accounts -- Epic Clarity Coverage – Imports Epic Clarity subject profile information on coverage -- Epic Clarity Identity IDs – Imports Epic Clarity subject profile information on identity IDs - -The above queries have configurable parameters. See the -[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for -additional information. - -### Configure the AnyID_EpicClarity Queries - -Follow the steps to configure the AnyID_EpicClarity queries. - -**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_EpicClarity** > **Configure** node and -select **Queries**. - -**Step 2 –** In the Query Selection view, select a query and click **Query Properties**. The Query -Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector -Wizard opens. - -![Edit Query Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityqueryeditquery.webp) - -**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of -the page to expand the Parameters window. See the -[PowerShell: Edit Query](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -topic for additional information. Configure the following attributes as needed: - -- $portNumber – The port number used to access the Oracle Database Server -- $fetchCount – The number of rows to process in a batch. Leave at default unless otherwise - required. -- $Attributes – The list of attributes that will be scanned for during sensitive data scanning. - Default values are MRN, SSN, Name, Date of Birth, Subscriber ID, Identity ID, and Account ID. - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $RequiredAttributes – The list of attributes that need to be found in the document in order to - trigger a match. The default values are SSN, MRN, and IdentityID. - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes - -**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save -changes. Click **Cancel** to exit the wizard without saving changes. - -Repeat these steps for each query in the case that a non default port value is required. Once -completed, the queries are ready to run. - -## Analysis Tasks for the AnyID_EpicClarity Job - -Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_EpicClarity** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AnyID_EpicClarity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityanalyses.webp) - -The default analysis tasks are: - -- Create Subject Profile Types – Create subject profile types -- Create Subject Profile Imports Procedure – Create subject profile imports procedure -- Merge into Subject Profile schema – Merge into Subject Profile schema -- Calculate completion details – Calculates attribute completion for Epic Clarity patients - -In addition to the tables created by the analysis tasks, the AnyID_EpicClarity job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Epic Clarity Patients | This report highlights Epic Clarity Patients and summarizes attribute completion by patient identity and by attribute. | None | This report is comprised of four elements: - Table – Contains information on Epic Clarity patients - Bar Chart – Provides information on subject types - Table – Contains information on the attributes summary - Table – Contains information on subject details | - -# AnyID_Paycom Job - -The AnyID_Paycom job pulls employee information from Paycom including name, address, date of Birth, -and SSN. Contact the organization's Paycom administrator in order to generate the CSV export -required for this job. The recommended approach is to copy the CSV file to the Enterprise Auditor -Console for best import performance. - -![AnyID_Paycom Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomjoblocation.webp) - -The AnyID_Paycom job is located in the **Jobs** > **AnyID Connectors** job group. - -## Recommended Configurations for the AnyID_Paycom Job - -The following are recommended configurations for the AnyID_Paycom job: - -Dependencies - -None - -Targeted Host - -Local Host - -Connection Profile - -The AnyID_Paycom job does not require a connection profile. - -History Retention - -Default Retention Period. See the -[History](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md) topic -for additional information. - -Multi-Console Support - -Not supported - -Schedule Frequency - -This job should be run based on the desired frequency of Sensitive Data Scans. - -Query Configuration - -This job contains configurable queries. See the -[Configure the AnyID_Paycom Job](#configure-the-anyid_paycom-job) topic for additional information. - -Analysis Configuration - -Run the job with the default analysis configuration settings for best results. - -Workflow - -**Step 1 –** Prepare a CSV file from Paycom for import. - -**Step 2 –** Configure the configurable query parameters. - -**Step 3 –** Run the job. - -**Step 4 –** Review the report generated by the job. - -## Queries for the AnyID_Paycom Job - -The AnyID_Paycom job uses the PowerShell Data Collector for the query. - -![Queries for the AnyID_Paycom Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomqueries.webp) - -The queries are: - -- Paycom CSV Import – Imports a CSV file with information from Paycom. This query has configurable - parameters. See the [Configure the AnyID_Paycom Job](#configure-the-anyid_paycom-job) topic for - additional information. - -### Configure the AnyID_Paycom Job - -Follow the steps to configure the AnyID_Paycom query. - -**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_Paycom** > **Configure** node and select -**Queries**. - -**Step 2 –** In the Query Selection view, select the Paycom CSV Import query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector -Wizard opens. - -![Edit Query Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomqueryeditquery.webp) - -**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of -the page to expand the Parameters window. See the -[PowerShell: Edit Query](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -topic for additional information. Configure the following attributes as needed: - -- $SAHOSTNAME – Created during execution. This parameter cannot be modified. -- $JobCredential – Created during execution. This parameter cannot be modified. -- $JobCredentials – Created during execution. This parameter cannot be modified. -- $inputfile – File path to the CSV file which contains the identity and attribute information -- $Attributes – The list of attributes that will be scanned for during sensitive data scanning - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $RequiredAttributes – The list of attributes that need to be found in the document in order to - trigger a match - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $ID – Column which uniquely identifies each subject -- $SubjectType – Either a reference to a column in the csv file or a string which indicates the type - of subjects being imported -- $SubjectName – Either a reference to a column in the csv file or a string which indicates the name - of the subjects being imported -- $batchSize – The number of rows to process in a batch. Leave at default unless otherwise required. -- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes - -**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save -changes. Click **Cancel** to exit the wizard without saving changes. - -The query is now ready to run. - -## Analysis Tasks for the AnyID_Paycom Job - -Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_Paycom** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AnyID_Paycom Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomanalyses.webp) - -The default analysis tasks are: - -- Create Subject Profile Types – Creates subject profile types -- Create Subject Profile Stored Procedure – Creates subject profile stored procedure -- Merge into Subject Profile schema – Merges into subject profile schema -- Calculate completion details – Calculates attribute completion for imported subjects - -In addition to the tables created by the analysis tasks, the AnyID_Paycom job produces the following -preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ---------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Paycom Imports | This report highlights subjects imported from the provided Paycom CSV file, and summarizes attribute completion. | None | This report is comprised of four elements: - Table – Contains information on imported subjects - Bar Chart – Provides information on subject types - Table – Contains information on the attribute summary - Table – Contains information on subject details | - -# AnyID_Salesforce Job - -The AnyID_Salesforce job collects Salesforce contact details including phone, address, email, and -date of birth. This job requires API access to Salesforce in order to collect this information. The -list of collected attributes can be adjusted as necessary. - -![AnyID_Salesforce Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforcejoblocation.webp) - -The AnyID_Salesforce job is located in the **Jobs** > **AnyID Connectors** job group. - -## Prerequisites - -The following credentials are required to run the AnyID_Salesforce job: - -- (TASK - Local) – Stores the Consumer Key and Consumer Secret -- (TASK - Local) – Stores the Salesforce Account Username and password -- (TASK - Local) – Stores the URL for Salesforce site and Security Token for Salesforce site (for - example, `https://company.my.salesforce.com`) - -## Permissions - -- API access to Salesforce - -## Recommended Configurations for the AnyID_Salesforce Job - -The following are recommended configurations for the AnyID_Salesforce job: - -Targeted Host - -Local Host - -Connection Profile - -Ensure that a connection profile is configured with the required credentials. See the -[Prerequisites](#prerequisites) topic for additional information. - -History Retention - -Default Retention Period. See the -[History](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/history.md) topic -for additional information. - -Multi-Console Support - -Not supported - -Schedule Frequency - -Schedule the job as required. - -Query Configuration - -This job contains configurable queries. See the -[Configure the AnyID_Salesforce Query](#configure-the-anyid_salesforce-query) topic for additional -information. - -Analysis Configuration - -Run the solution with the default analysis configuration for best results. - -Workflow - -**Step 1 –** Set up a connection profile with the required credentials. - -**Step 2 –** Configure the configurable query parameters for the job. - -**Step 3 –** Run the job. - -**Step 4 –** Review the report generated by the job. - -## Queries for the AnyID_Salesforce Job - -The AnyID_Salesforce job uses the PowerShell Data Collector for the query. - -![Query for the AnyID_Salesforce Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforcequeries.webp) - -The query is: - -- PS Salesforce Import – Imports Salesforce information for analysis. This query has configurable - parameters. See the [Configure the AnyID_Salesforce Query](#configure-the-anyid_salesforce-query) - topic for additional information. - -### Configure the AnyID_Salesforce Query - -Follow the steps to configure the AnyID_Salesforce query. - -**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_Salesforce** > **Configure** node and -select **Queries**. - -**Step 2 –** In the Query Selection view, select the PS Salesforce Import query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector -Wizard opens. - -![Edit Query Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforcequeryeditquery.webp) - -**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of -the page to expand the Parameters window. See the -[PowerShell: Edit Query](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -topic for additional information. Configure the following attributes as needed: - -- $SAHOSTNAME – Created during execution. This parameter cannot be modified. -- $JobCredential – Created during execution. This parameter cannot be modified. -- $JobCredentials – Created during execution. This parameter cannot be modified. -- $Attributes – The list of attributes that will be scanned for during sensitive data scanning - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $RequiredAttributes – The list of attributes that need to be found in the document in order to - trigger a match - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $ID – Column which uniquely identifies each subject -- $SubjectType – A string which indicates the type of subjects being imported -- $SubjectName – A string which indicates the name of the subjects being imported -- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes - -**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save -changes. Click **Cancel** to exit the wizard without saving changes. - -The query is now ready to run. - -## Analysis Tasks for the AnyID_Salesforce Job - -Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_Salesforce** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AnyID_Salesforce Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforceanalyses.webp) - -The default analysis tasks are: - -- Create Subject Profile Types – Creates subject profile types -- Create Subject Profile Imports Procedure – Creates subject profile imports procedure -- Merge into Subject Profile schema – Merges into subject profile schema -- Calculate completion details – Calculates attribute completion for Salesforce contacts - -In addition to the tables created by the analysis tasks, the AnyID_Salesforce job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ----------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Salesforce Contacts | This report highlights Salesforce Contacts and summarizes attribute completion by contact and by attribute. | None | This report is comprised of four elements: - Table – Contains information on Salesforce contacts - Bar Chart – Provides information on contact types - Table – Contains information on the attributes completion - Table – Contains information on subject details | - -# AnyID Connectors Solution - -The AnyID Connectors Solution allows you to quickly find where data for identities are stored, -reducing the response time to Data Subject Access Requests (DSARs). Integration with third party -repositories allows you to perform exact data matching for profiles such as employees, customers, -students, or patients across any data repository. - -Data Privacy Engine works in conjunction with Enterprise Auditor Sensitive Data Discovery scans to -create an efficient, secure IdentityIndex™ that privacy, security, and legal professionals can -leverage to quickly and easily map the location of subject information. Through a series of -preconfigured Identity Connectors,you can easily extract identity-related attributes about customers -and other potential subjects from verified systems of record like Salesforce, Epic, Peoplesoft, and -Paycom, as well as homegrown or alternative platforms. - -Through the creation of a Subject Profile for each individual, Enterprise Auditor’s broad-reaching -Sensitive Data Discovery engine accurately identifies the specific location of a subject’s data -across virtually any cloud or on-premises data repository. With this context in tow, organizations -can now easily perform Data Subject Access Requests (DSARs), zero-in on where the implementation of -Privacy by Design principles are needed most urgently, and know for certain when breach attempts and -activities involve consumer, patient, resident, and other subject data. - -## Supported Platforms - -- CSV -- EpicClarity -- Paycom -- Salesforce - -## Location - -The AnyID Connectors Solution requires a special Enterprise Auditor license. It can be installed -from the Instant Job Wizard. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -![AnyID Connectors Solution in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Once installed into the Jobs tree, navigate to the solution: **Jobs** > **AnyID Connectors**. - -## Jobs - -The AnyID Connectors Solution provides a series of preconfigured jobs which allow end-users to -integrate with third-party systems of record such as Paycom or Salesforce, to extract a list of -potential data subjects along with relevant bits of PII such as Social Security Number, Address, or -Phone Number. - -The jobs within this group create and add to the secure IdentityIndex™ containing identity-related -attributes about potential subjects which are then used by Enterprise Auditor’s Sensitive Data -Discovery engine to perform exact data matching against virtually any cloud or on-premises data -repository. - -![AnyID Connectors Solution Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The jobs in the AnyID Connectors Solution are: - -- [AnyID_CSV Job](/docs/accessanalyzer/11.6/solutions/cross-platform/anyid-integration.md) - – Imports a list of identities and attributes from a CSV file. Use this when a native integration - may not be available, or an export is the best option. -- [AnyID_EpicClarity Job](/docs/accessanalyzer/11.6/solutions/cross-platform/anyid-integration.md) - – Collects patient information from Epic including MRNs, SSNs, Subscriber IDs, and Account IDs. An - account with read access to the underlying Clarity Oracle database is required in order to run - queries. -- [AnyID_Paycom Job](/docs/accessanalyzer/11.6/solutions/cross-platform/anyid-integration.md) - – Pulls employee information from Paycom including Name, Address, Date of Birth, and SSN. Contact - your Paycom administrator in order to generate the CSV export required for this job. -- [AnyID_Salesforce Job](/docs/accessanalyzer/11.6/solutions/cross-platform/anyid-integration.md) - – Collects Salesforce Contact details including Phone, Address, Email, and Date of birth. This job - requires API access to Salesforce in order to collect this information. - -**NOTE:** See the individual job topics for information on recommended configurations. diff --git a/docs/accessanalyzer/11.6/solutions/cross-platform/nis-inventory.md b/docs/accessanalyzer/11.6/solutions/cross-platform/nis-inventory.md deleted file mode 100644 index a34f04352b..0000000000 --- a/docs/accessanalyzer/11.6/solutions/cross-platform/nis-inventory.md +++ /dev/null @@ -1,211 +0,0 @@ -# NIS Scan Job - -The NIS Scan job collects data from the targeted NIS server and then analyzes that data to inventory -users, groups, and group membership. This data can then be used by other built-in Enterprise Auditor -solutions. - -## Query for the NIS Scan Job - -The NIS Scan Job uses the NIS Data Collector for the following query: - -**CAUTION:** This query must be modified. See the -[Configure the NIS Scan Query](#configure-the-nis-scan-query) topic for additional information. - -![Query for the NIS Scan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/nisinventory/nisscanquery.webp) - -- Inventory Scan – Targets a NIS server to collect inventory data for user and group objects - -### Configure the NIS Scan Query - -The NIS Scan job has been preconfigured to run with the default settings with the category of **Scan -NIS Users and Groups**. However, it is necessary to configure the targeted NIS domain. Follow the -steps to set the target NIS domain and any desired customizations. - -**Step 1 –** Navigate to the **.NIS Inventory** > **NIS Scan** > **Configure** node and select -**Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The NIS Data Collector Wizard -opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![NIS Settings page](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) - -**Step 4 –** On the NIS Settings page, enter the **NIS Domain Name** for the targeted NIS domain. -This step is required prior to running this query. See the -[NIS: NIS Settings](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/settings.md) -topic for additional information. - -- Optional: Test the connection to the domain using the Sample NIS Server section of the page - -![SID Mappings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/sidmappings.webp) - -**Step 5 –** On the SID Mappings page, you can add multiple SID mapping entries. See the -[NIS: SID Mappings](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/sidmappings.md) -topic for additional information. - -**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The NIS Scan Job is now ready to run. - -## Analysis Tasks for the NIS Scan Job - -View the analysis tasks by navigating to the **.NIS Inventory** > **NIS Scan** > **Configure** node -and select **Analysis**. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or -deselected. There is one that is deselected by default, as it is for troubleshooting purposes. - -![Analysis Tasks for the NIS Scan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/nisinventory/nisscananalysis.webp) - -The following analysis tasks are selected by default: - -- Users – Enables the SA_NIS_Users table to be accessible under the job’s Results node -- Groups – Enables the SA_NIS_Groups table to be accessible under the job’s Results node -- Members – Enables the SA_NIS_GroupMembersView to be accessible under the job’s Results node - -The following analysis task only needs to be selected when there is a need to remove the tables from -the database: - -**CAUTION:** This analysis task is for troubleshooting and cleanup only. Data will be deleted from -the database. Do not execute this task with the other analysis tasks, as that results in the -deletion of data that was just collected. - -- Drop NIS Tables – Removes all tables and views created by this job from SQL Server database - - - See the [Remove NIS Tables](#remove-nis-tables) topic for additional information - -### Remove NIS Tables - -Sometimes when troubleshooting a NIS Data Collector issue, it becomes necessary to clear the -standard reference tables. Follow these steps. - -**Step 1 –** Navigate to the **.NIS Inventory** > **NIS Scan** > **Configure** node and select -**Analysis**. - -**Step 2 –** Clear all of the other analysis tasks and select only the **Drop NIS Tables** analysis -task. - -**Step 3 –** Use the right-click menu on the analysis data grid to **Execute Analyses**. - -**Step 4 –** After the analysis task has completed execution, the tables have been cleared from the -SQL database. - -**CAUTION:** Do not forget to clear the Drop NIS Tables analysis task and reselect all of the other -analysis tasks. - -The next time the job is run, the standard reference tables are recreated in the database. - -# .NIS Inventory Solution - -Network Information Service (NIS) for Unix provides a central repository for user, group, and other -information Unix systems need for authentication and authorization. The .NIS Inventory Solution is -designed to provide essential user and group membership information from a NIS domain, mapping these -principals to Windows-style SIDs. This provides valuable information to the File Systems Solution -when auditing NFS shares. This information can also be used in the Unix Solution Set. - -Supported Platforms - -- NIS domains - -Permissions - -- No special permissions are needed aside from access to a NIS server - -Ports - -- TCP 111 or UDP 111 -- Randomly allocated high TCP ports - -Location - -The .NIS Inventory Solution is a core component of all Enterprise Auditor installations. It can be -installed from the Enterprise Auditor Instant Job Wizard.. - -![.NIS Inventory Solution in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > **.NIS -Inventory**. This group has been named in such a way to keep it at the top of the Jobs tree. - -## NIS Scan Job - -The .NIS Inventory Solution contains a single job. This job is configured to use the NIS Data -Collector and then runs analysis on the collected data. - -![.NIS Inventory Solution Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The following job comprises the .NIS Inventory job group: - -- [NIS Scan Job](/docs/accessanalyzer/11.6/solutions/cross-platform/nis-inventory.md) - – Provides essential user and group membership details to built-in solution sets - -# Recommended Configuration for the .NIS Inventory Solution - -The .NIS Inventory Solution requires some configuration for the target environment. It can be run -directly or scheduled. - -Dependencies - -This job group does not have dependencies. - -Targeted Hosts - -The host list assignment should be assigned under the **.NIS Inventory** > **NIS Scan** > **Hosts** -node. Select the custom host list containing the NIS servers or manually add the host in the -**Individual hosts** section. See the -[Unix Connection Profile & Host List](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/configurejob.md) -topic for additional information. - -Connection Profile - -The Connection Profile should be assigned in the **.NIS Inventory** > **NIS Scan** > **Job -Properties** window on the **Connection** tab. It is set to **Use the Default Profile**, as -configured at the global settings level. However, if this is not the Connection Profile with the -necessary permissions for targeting the NIS servers, select the **Select one of the following user -defined profiles** option and select the appropriate Connection Profile. See the -[Unix Connection Profile & Host List](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/nis/configurejob.md) -topic for additional information. - -Schedule Frequency - -It is recommended to schedule the .NIS Inventory job group to run once a day. If there are frequent -changes within the target environment, then it can be executed more often. It is best to rerun it -anytime changes might have occurred. - -Run at the Solution Level - -The job in the .NIS Inventory job group can be run at either the job or job group level. - -Query Configuration - -The solution requires the NIS domain to be configured in the **Inventory Scan** query. Navigate to -the **NIS Settings** page of the NIS Data Collector Wizard. Optionally, modifications can be made -for SID mappings within the **NIS Scan** job. See the -[NIS Scan Job](/docs/accessanalyzer/11.6/solutions/cross-platform/nis-inventory.md) topic -for additional information. - -Analysis Configuration - -The solution is best run with the default analysis configuration. However, the **Drop NIS Tables** -analysis task is deselected by default, as it is for troubleshooting purposes only. - -History Retention - -History retention is not supported and should be turned off. - -Multi-console Support - -Multi-console is not supported. - -Workflow - -**Step 1 –** Configure and assign the host list and Connection Profile. - -**Step 2 –** Configure the Inventory Scan query. - -**Step 3 –** Schedule the .NIS Inventory job group to run as desired diff --git a/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md new file mode 100644 index 0000000000..62d080f33a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md @@ -0,0 +1,28 @@ +# 0-AzureSQL_InstanceDiscovery Job + +The Azure SQL Instance Discovery job is responsible for enumerating a list of Azure SQL Server +Instances from target endpoints and populating the necessary instance connection information which +will be used throughout the solution set. + +## Queries for the 0-AzureSQL_InstanceDiscovery Job + +The 0-AzureSQL_InstanceDiscovery job uses the SQL Data Collector for the following query: + +![Query Selection - Instance Discovery](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/instancediscquery.webp) + +- Azure SQL Instance Discovery — Collects the list of Azure SQL Server Instances from target + endpoints and populates the necessary instance connection information + +## Analysis Tasks for the 0-AzureSQL_InstanceDiscovery Job + +Navigate to the **Databases** > **0.Collection** > **AzureSQL** > **0-AzureSQL_InstanceDiscovery** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/instancediscanalysis.webp) + +The default analysis tasks is: + +- SQL Instances — Brings SA_SQL_Instances table to view diff --git a/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md new file mode 100644 index 0000000000..4b26aa4546 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md @@ -0,0 +1,28 @@ +# 2-AzureSQL_SensitiveDataScan Job + +The 2-AzureSQL_SensitiveDataScan Job is designed to discover sensitive data in the Azure SQL +instances and databases based on pre-defined or user-defined search criteria. + +## Queries for the 2–AzureSQL_SensitiveDataScan Job + +The 2–AzureSQL_SensitiveDataScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/sensitivedatascanjob.webp) + +- Sensitive Data Scan — Collects sensitive data from targeted instances + +### Analysis Task for 2-AzureSQL_SensitiveDataScan Job + +Navigate to the **Databases** > **0.Collection** > **AzureSQL** > **2–AzureSQL_SensitiveDataScan** > +**Configure** node and select Analysis to view the analysis task. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp) + +The default analysis tasks are: + +- Azure SQL SSD Matches View — Brings the Azure SQL SSD Matches View to the SA console +- Azure SQL SSD Match Hits View — Brings the Azure SQL SSD Match Hits View to the SA Console +- AIC Impot SSD — Imports Azure SQL SSD to the AIC diff --git a/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/3-azuresql_activityscan.md b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/3-azuresql_activityscan.md new file mode 100644 index 0000000000..b34ed6e1cc --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/3-azuresql_activityscan.md @@ -0,0 +1,26 @@ +# 3-AzureSQL_ActivityScan Job + +The 3–AzureSQL_ActivityScan job captures user activity from all targeted Azure SQL instances and +databases. + +## Queries for the 3–AzureSQL_ActivityScan Job + +The 3–AzureSQL_ActivityScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/activityscanjob.webp) + +- Activity — Collects activity events for Azure SQL + +## Analysis Task for the 3–AzureSQL_ActivityScan Job + +Navigate to the **Databases** > **0.Collection** > **Azure SQL** > +**3–AzureSQL_ActivityScan** > **Configure** node and select **Analysis** to view the analysis task. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![3-AzureSQL_ActivityScan Job - Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/activityscanjobanalysis.webp) + +The default analysis task is: + +- AIC Import – Activity — Imports Azure SQL Activity to the AIC diff --git a/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/4-azuresql_serversettings.md b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/4-azuresql_serversettings.md new file mode 100644 index 0000000000..892878e4cf --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/4-azuresql_serversettings.md @@ -0,0 +1,33 @@ +# 4-AzureSQL_ServerSettings Job + +The 4–AzureSQL_ServerSettings Job is designed to collect Azure SQL instance and database +configuration settings so they can be evaluated against recommended best practices. + +## Queries for the 4–AzureSQL_ServerSettings Job + +The 4–AzureSQL_ServerSettings Job uses the SQL Data Collector for the following query: + +![0.Collection_4–AzureSQL_ServerSettings Job - Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/serversettings.webp) + +- Database Sizing— Returns details on database sizing +- Server Details — Collects Azure SQL Server properties +- Configuration Details— Collects database configuration properties +- Table Row Counts— Returns Azure SQL table row counts for additional data points in the sensitive + data reports +- Standalone Database Sizing— Returns the size of Azure standalone databases + +## Analysis Tasks for the 4–AzureSQL_ServerSettings Job + +Navigate to the **Databases** > **0.Collection** > **Azure SQL** > +**4–AzureSQL_ServerSettings** > **Configure** node and select **Analysis** to view the analysis +task. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/serversettingsanalysis.webp) + +The default analysis tasks are: + +- Update Database Sizing — Updates the database sizing table with the data from the standalone + database sizing table diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/azuresql_permissionscan-1.md b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/azuresql_permissionscan-1.md similarity index 83% rename from docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/azuresql_permissionscan-1.md rename to docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/azuresql_permissionscan-1.md index 0550b5b903..f7454e5996 100644 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/azuresql_permissionscan-1.md +++ b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/azuresql_permissionscan-1.md @@ -7,7 +7,7 @@ permissions from all the targeted instances. The 1–AzureSQL_PermissionsScan Job uses the SQL Data Collector for the following query: -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/permissionjob.webp) +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/permissionjob.webp) - PermissionScan — Collects permissions from the targeted instances @@ -27,10 +27,10 @@ Properties. The Query Properties window appears. **CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this job. -![Filters](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp) +![Filters](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp) **Step 4 –** To query for specific databases/instances, navigate to the -[SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) +[SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) page. The default query target is All databases. The default query scope is Only select database objects and click Retrieve. The Available database objects will be populated. Databases and instances can be added in the following ways: @@ -39,7 +39,7 @@ instances can be added in the following ways: - Use the Import CSV button to import a list from a CSV file, if desired. - Optionally, use the Add Custom Filter button to create and apply a custom filter. -![Managed Connection Window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/managedconnections.webp) +![Managed Connection Window](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/managedconnections.webp) **Step 5 –** To view all managed connections discovered during the 1-AzureSQL_PermissionScan Job run, click Connections within the Filter page. This screen will list the following items retrieved @@ -64,7 +64,7 @@ node and select Analysis to view the analysis tasks. **CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are preconfigured for this job. -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/jobanalysis.webp) +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/jobanalysis.webp) The default analysis tasks are: diff --git a/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/azuresql_permissionscan.md b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/azuresql_permissionscan.md new file mode 100644 index 0000000000..0f6c513d04 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/azuresql_permissionscan.md @@ -0,0 +1,5 @@ +# AzureSQL_PermissionsScan Job + +This job uses the +[SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) +to scan Azure SQL database permissions. diff --git a/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/overview.md b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/overview.md new file mode 100644 index 0000000000..efe2d795ad --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/overview.md @@ -0,0 +1,35 @@ +# 0.Collection > Azure SQL Job Group + +The 0.Collection Job Group, located at **Databases** > **0.Collection** > **AzureSQL** collects +high–level summary information from targeted Azure SQL Instances. This information is used by other +jobs in the Azure SQL solution further analysis and for producing respective reports. + +![0.Collection Job Group - Azure SQL](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/collectionjobmenu.webp) + +The jobs in 0.Collection Jobs Group are: + +- 0-AzureSQL_InstanceDiscovery Job — Enumerates a list of Azure SQL Server Instances from target + endpoints and populates the necessary instance connection information which is used throughout the + solution set +- [1-AzureSQL_PermissionScan Job](/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/azuresql_permissionscan-1.md) + — Collects Azure SQL database level permissions from all targeted Azure SQL database servers +- [2-AzureSQL_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md) + — Discovers sensitive data in Azure SQL databases across all targeted Azure SQL database servers + based on pre-defined or user-defined search criteria +- [3-AzureSQL_ActivityScan Job](/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/3-azuresql_activityscan.md) + — Captures user activity from all targeted Azure SQL instances and databases +- [4-AzureSQL_ServerSettings Job](/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/4-azuresql_serversettings.md) + — Collects Azure SQL instances and database configuration settings to evaluate them against + recommended best practices + +Workflow + +1. Prerequisite: + 1. Successful execution of the .Active Directory Inventory Job Group + 2. For the 1-AzureSQL_PermissionScan Job, configure SQL Server Audit and SQL Server Audit + Specifications on target SQL Server Databases. +2. (Optional) Configure the queries for the jobs in the 0.Collection Job Group +3. Schedule the 0.Collection Job Group to run daily or as desired + + **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the + Azure SQL solution diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md b/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md deleted file mode 100644 index ab0ac15ab9..0000000000 --- a/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md +++ /dev/null @@ -1,539 +0,0 @@ -# 3-Db2_Configuration Job - -This job collects Db2 database configuration settings for use in the following analysis jobs and -respective reports. - -## Queries for the 3-Db2_Configuration Job - -The 3-Db2_Configuration Job uses the SQL Data Collector for queries. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/configurationquery.webp) - -The query is: - -- Database Sizing — Returns the database size for the Db2 databases - -## Recommended Configuration for the Configuration Query - -Prior to running an Db2 0.Collection query, you must establish a connection to the appropriate IBM -Db2 server. As long as that connection is set up first, it is recommended that no configuration -changes be made to the 0.Collection jobs before they run. - -It is also recommended that the connection only be established for the 1-Db2 SensitiveDataScan Job. -Once the connection is established, it applies to all jobs in the 0.Collection job group. It does -not apply to any other job groups. For additional information on establishing a database connection, -see -[1-Db2_SensitiveDataScan](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md). - -# 2-Db2_PermissionScan Job - -This job collects Db2 database level permissions from all the targeted Db2 database servers. - -## Queries for the 2-Db2_PermissionScan Job - -The 2-Db2_PermissionScan Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/permissionsscanquery.webp) - -The query is: - -- Db2 Permission — Scan Db2 databases for permissions - -## Recommended Configuration for the Db2 Permission Query - -Prior to running an Db2 0.Collection query, you must establish a connection to the appropriate IBM -Db2 server. As long as that connection is set up first, it is recommended that no configuration -changes be made to the 0.Collection jobs before they run. - -It is also recommended that the connection only be established for the 1-Db2 SensitiveDataScan Job. -Once the connection is established, it applies to all jobs in the 0.Collection job group. It does -not apply to any other job groups. For additional information on establishing a database connection, -see -[1-Db2_SensitiveDataScan](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md). - -## Analysis Tasks for the 2-Db2_PermissionScan Job - -Navigate to the **Databases** > **0.Collection** > **Db2** > **2-Db2_PermissionScan** > -**Configure** node and select Analysis to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/permissionsscananalysis.webp) - -The default analysis tasks are: - -- Update Instance Name — Updates the instance name with a port if there are multiple instances in a - single host -- AIC Permissions Import — Imports Db2 permissions to the AIC -- AIC Roles Import — Imports roles to the AIC for Db2 - -# 1-Db2_SensitiveDataScan - -This job discovers sensitive data in the Db2 databases across all the targeted Db2 database servers -based on pre-defined or user-defined criteria. - -## Queries for the 1-Db2_Sensitive Data Scan Job - -The 1-Db2 Sensitive Data Job uses the SQL Data Collector for the following queries. - -![sensitivedatascanquery](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatascanquery.webp) - -The query is: - -- Db2 SensitiveData – Scans Db2 databases for sensitive data - -## Recommended Configuration for the SensitiveDataScan Query - -It is only necessary to set up the connection for the 1-Db2 SensitiveDataScan Job. Once the -connection is established, custom configurations apply to all other job queries within the -0.Collection job group. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the Databases > 0.Collection > Db2 > 1-Db2_SensitiveDataScan > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, select the SensitiveDataScan query click on Query -Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens -with Sensitive Data Collection category selected. - -![Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatacategory.webp) - -**Step 4 –** Click **Next**. The Sensitive Data Scan Settings view appears. - -![Sensitive Data Scan Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatajoboptions.webp) - -**Step 5 –** To modify sensitive data scan options, select the desired scan options. See the -[SQL: Options](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page for additional information. - -**CAUTION:** The Sensitive Data Scan Settings are preconfigured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -**Step 6 –** Click **Next**. The Select Criteria view appears. - -![Select Criteria](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatacriteria.webp) - -**Step 7 –** To modify criteria, click on **Use the following selected criteria:** and select your -choices. By default, the Sensitive Data Scan job is set to **Use Global Criteria**. - -**NOTE:** For more information on adding or deleting criteria, navigate to the -[SQL: Criteria](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page or See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) -topic for additional information. - -**Step 8 –** Click **Next**. The Filters view appears. - -![Filters](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatafilter.webp) - -**Step 9 –** Click **Connections** to open the Manage Connections window. - -**NOTE:** SQL databases must be added to the query before they can be scanned. Before you can add a -query, you must establish a connection to the database. - -![Manage Connections](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedataconnection.webp) - -**Step 10 –** In the Manage Connections window, enter the following information: - -- Instance Label — Custom name of the instance -- Database System — A drop down containing all available database servers. Select the Db2LUW server - to configure Db2 queries. -- Service Name — Custom name of the service -- Host — Name or IP address of the host where the database is located. Host list is IBM DB2 -- Port Number — Port number for the selected database -- Default Database — Default Database - -**Step 11 –** After completing the above information fields, click **Test Connection** to validate -the new connection. Once validated, click **Create New Connection** to finalize the connection. - -**Step 12 –** Navigate to the Filter page. Select Only select database objects or **All database -objects**. Collection queries are configured by default to target Only select database objects. - -**NOTE:** For more information on filtering, see the -[SQL: Filter](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. - -**Step 13 –** Click Retrieve. The Available database objects box will populate. - -**Step 14 –** Add the Databases and instances to be audited. Databases and instances can be added in -the following ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Optionally use the Add Custom Filter button to create and apply a custom filter. - -Selected database objects to be audited will display. - -**Step 15 –** Click **Next** and navigate to the Summary page, click Finish to save any setting -modifications or click Cancel if no changes were made. Then click OK to close the Query Properties -window. - -The 1-Db2_SensitsveDataScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 1-Db2_SensitiveDataScan Job - -Navigate to the **Databases** > **0.Collection** > **Db2** > **1-Db2_SensitiveDataScan** > -**Configure** node and select **Analysis** to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp) - -The default analysis tasks are: - -- Update Instance Name — Updates the instance name with a port if there are multiple instances in a - single host -- Db2 Matches — Brings the Db2 SDD Matches View to the Enterprise Auditor console -- Db2 Match Hits — Brings the Db2 Match Hits View to the Enterprise Auditor console -- AIC Sensitive Data Import — Db2 Match Imports discovered Db2 sensitive data to the AIC - -# 0.Collection Job Group - -The Db2 Solution Set Collection Group collects high level summary information from targeted Db2 -Database Servers. Other jobs in the Db2 Solution Set use this information for further analysis and -for producing respective reports. - -![jobstree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 0.Collection Job Group are: - -- [1-Db2_SensitiveDataScan](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) - — Discovers sensitive data in the Db2 databases across all the targeted Db2 database servers based - on pre-defined or user-defined search criteria -- [2-Db2_PermissionScan Job](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) - — Collects Db2 database level permissions from all the targeted Db2 database servers -- [3-Db2_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md)— - Collects Db2 database configuration settings for use in the following analysis jobs and respective - reports - -# Configuration > Db2_DatabaseSizing Job - -The Db2_DatabaseSizing job provides details on overall database sizes. - -![Configuration > Db2_DatabaseSizing Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/configurationjobstree.webp) - -This job is located in the Configuration job group. - -## Analysis Tasks for the Db2_DatabaseSizing Job - -Navigate to the **Jobs** > **Databases** > **Db2** > **Configuration** > **Db2_DatabaseSizing** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Db2_DatabaseSizing Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/databasesizinganalysis.webp) - -The default analysis tasks are: - -- Database Sizing – Returns size details for Db2 databases -- Database Summary – Summarizes Db2 database size by host - -## Report for the Db2_DatabaseSizing Job - -In addition to the tables and views created the analysis task, the Db2_DatabaseSizing job produces -the following preconfigured report. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | Provides details on database tables and sizing | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays top hosts by size (GB) - Table – Displays details on database sizing | - -# Db2 Solution - -The Enterprise Auditor Db2 Solution Set is a comprehensive set of pre-configured audit jobs and -reports that provide visibility into various aspects of Db2: Data Collection, Configuration, user -Permissions, and Sensitive Data. - -Supported Platforms - -- DB2LUW 11+ - -Requirements, Permissions, and Ports - -See the -[Target Db2 Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Location - -The Db2 Solution requires a special Enterprise Auditor license. It can be installed from the -Enterprise Auditor Instant Job Wizard. Once it has been installed in the Jobs tree, navigate to the -solution: Jobs > **Databases** > **Db2**. - -The 0.Collection Job Group collects the data. The Db2 Solution Set Collection group is designed to -collect high level summary information from targeted Db2 Database Servers. This information is used -by other jobs in the Db2 Solution for further analysis and producing respective reports. - -The Database Solution license includes all supported database platforms supported by Enterprise -Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database -content for sensitive data. - -## Db2 Job Group Overview - -The Enterprise Auditor Db2 Solution is a comprehensive set of preconfigured audit jobs and reports -that provide visibility into various aspects of a Db2 Databases: Sensitive Data Discovery and -Objects Permissions. - -![Db2 Overview](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overview.webp) - -The following comprises the Db2 solution: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) - — Collects high level summary information from targeted Db2 Servers. This information is used by - other jobs in the Db2 Solution Set for further analysis and producing respective report. - -- [Configuration > Db2_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) - — Provides insight into Db2 server configuration settings - -- [Permissions Job Group](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md)— - Provides insight into all types of permissions at the database and object level across all the - targeted Db2 database servers - -- [Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) - — Provides insight into where sensitive data exists and who has access to it across all the - targeted Db2 databases - -# Db2_DirectPermissions Job - -This job provides insight into direct user and role permissions to all the database objects in the -targeted Db2 database servers. - -## Analysis Tasks for the Db2_DirectPermissions Job - -Navigate to the **Jobs** > **Databases** > **Db2** > **Permissions** > **Db2_DirectPermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Db2_DirectPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/permissions/directpermissionsanalysis.webp) - -The default analysis tasks are: - -- Direct Permissions – Highlights permissions directly assigned to Db2 objects -- Database Summary – Summarizes Db2 direct permissions by database - -## Report for the Db2_DirectPermissions Job - -In addition to the tables and views created the analysis task, the Db2_DirectPermissions job -produces the following preconfigured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Direct Permissions | This report shows details on the direct permissions in the audited Db2 environment. | None | This report is comprised of three elements: - Bar Chart – Displays Database Summary - Table – Displays Database Summary - Table – Displays permissions details | - -# Db2_EffectivePermissions Job - -This job provides insight into effective user and role permissions to all the database objects in -the targeted Db2 database servers. - -## Analysis Tasks for the Db2 \_EffectivePermissions Job - -Navigate to the **Jobs** > **Databases** > **Db2** > **Permissions** > -**Db2_EffectivePermissions** > **Configure** node and select **Analysis** to view the Analysis -Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Db2 _EffectivePermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp) - -The default analysis tasks are: - -- Effective Permissions – Uses role membership to display effective permissions on Db2 objects -- Database Summary – Summarizes effective permissions by Db2 database - -## Report for the Db2_Effective Job - -In addition to the tables and views created the analysis task, the Db2_EffectivePermissions job -produces the following preconfigured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Effective Permissions | This report shows details on effective permissions in the audited Db2 environment. | None | This report is comprised of three elements: - Bar Chart – Displays Database Summary - Table – Displays Database Summary - Table – Displays permissions details | - -# Permissions Job Group - -This job group provides insight into all types of permissions at the database and object level -across all the targeted Db2 database servers. - -![Permissions Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/permissions/permissionsjobstree.webp) - -The jobs in the Permission job group are: - -- [Db2_DirectPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) - – Provides insight into direct user and role permissions to all the database objects in the - targeted Db2 database servers -- [Db2_EffectivePermissions Job](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) - – Provides insight into effective user and role permissions to all the database objects in the - targeted Db2 database servers - -# Recommended Configuration for the Db2 Solution - -The Db2 Solution has been configured to inherit down from the **Db2** > **Settings** node. However, -it is best practice to assign the host list and the Connection Profile at the data collection level, -the 0.Collection Job Group. Once these are assigned to the job group, it can be run directly or -scheduled. - -Dependencies - -- Successful installation of the IBM Data Server Client. In addition, the following clients and - drivers must be installed: - - - IBM Data Server Driver Package (DS Driver) - - IBM Data Server Driver for JDBC and SQLJ (JCC Driver) - - IBM Data Server Driver for ODBC and CLI (CLI Driver) - - IBM Data Server Runtime Client - - IBM Data Server Client - - IBM Database Add-Ins for Visual Studio - - IBM .NET Driver NuGet - - **NOTE:** All necessary clients and drivers can be found on IBM Support's - [Download initial version 11.5 clients and drivers](https://www.ibm.com/support/pages/download-initial-version-115-clients-and-drivers) - page. - -- .Instance Discovery Job Group run successfully - -Targeted Host(s) - -The Db2 Job Group has been configured to inherit the host list assignment from the collection group -level. - -The host list assignment should be assigned under the **Databases** > **0.Collection** > **Db2** > -**Settings** > **Host List Assignment** node. The Local host box is checked by default. - -Connection Profile - -The SQL Data Collector requires a specific set of permissions. See the Permissions section for -necessary permissions. The account used can be either an Active Directory account or a SQL account. -Once the account has been provisioned, create a custom Connection Profile containing the credentials -for the targeted environment. See the -[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -topic for additional information. - -The Connection Profile should be assigned under the Databases > 0.Collection > Db2 > Settings > -Connection node. It is set to Use the Default Profile, as configured at the global settings level. -However, since this may not be the Connection Profile with the necessary permissions for the -assigned hosts, click the radio button for the Select one of the following user defined profiles -option and select the appropriate Connection Profile drop-down menu. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -This job group can be scheduled to run as desired. - -Run Order - -The 0.Collection Jobs must be run first and in order. The other Db2 sub-job groups can be run in any -order, together or individually, after running the 0.Collection Job Group. - -**_RECOMMENDED:_** Run the solution at the top level. - -**Workflow** - -1. Install IBM Db2 Server Client and required clients and drivers -2. Configure and assign host list and connection profile(s) -3. Define the connection information -4. Schedule the .Instance Discovery job group and 0.Collection job group to run as desired -5. Review the reports generated by the 0.Collection job group - -# Db2_SensitiveData Job - -This job provides information on all the sensitive data that was discovered in the targeted Db2 -database servers based on the selection scan criteria. - -## Analysis Tasks for the Db2 \_SensitiveData Job - -Navigate to the **Jobs** > **Databases** > **Db2** > **Sensitive Data** > **Db2_Sensitive Data** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Db2 _SensitiveData Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) - -The default analysis tasks are: - -- Sensitive Data Details – Provides details on sensitive data in Db2 databases -- Database Summary – Summarizes Db2 sensitive data by database -- Enterprise Summary – Summarizes all discovered sensitive data by category - -## Reports for the Db2_SensitiveData Job - -In addition to the tables and views created the analysis task, the Db2_SensitiveData job produces -the following preconfigured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | Sensitive Data | This report is comprised of two elements: - Bar Chart – Displays Exceptions by March Count - Table – Displays data details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart – Displays Top Databases by Sensitive Data Hits - Table – Displays Top Databases by Sensitive Data Hits - Table – Displays data details | - -# Db2_SensitiveDataPermissions Job - -This job provides all types of permissions on database objects containing sensitive data across all -the targeted Db2 database servers. - -## Analysis Tasks for the Db2_SensitiveDataPermissions Job - -Navigate to the **Jobs** > **Databases** > **Db2** > **Sensitive Data** > -**Db2_SensitiveDataPermissions** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Db2_SensitiveDataPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp) - -The default analysis tasks are: - -- Sensitive Data Permissions – Provides details on which users have permissions on discovered Db2 - Sensitive Data -- Sensitive Data Permissions Database Summary – Summarizes sensitive data permissions by database - -## Report for the Db2_SensitiveDataPermissions Job - -In addition to the tables and views created the analysis task, the Db2_SensitiveDataPermissions job -has the following preconfigured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Top Databases by Permission Count - Table – Displays Database Sensitive Data Permissions Summary - Table – Displays data details | - -# Sensitive Data Job Group - -This job group provides insight into where sensitive data exists and who has access to it across all -the targeted Db2 database servers. - -![Sensitive Data Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) - -The jobs in the Sensitive Data job group are: - -- [Db2_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) - – Provides information on all the sensitive data that was discovered in the targeted Db2 database - servers based on the selection scan criteria -- [Db2_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/db2-analysis.md) - – Provides all types of permissions on database objects containing sensitive data across all the - targeted Db2 database servers diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_configuration.md b/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_configuration.md new file mode 100644 index 0000000000..2dc72a8da3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_configuration.md @@ -0,0 +1,26 @@ +# 3-Db2_Configuration Job + +This job collects Db2 database configuration settings for use in the following analysis jobs and +respective reports. + +## Queries for the 3-Db2_Configuration Job + +The 3-Db2_Configuration Job uses the SQL Data Collector for queries. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/configurationquery.webp) + +The query is: + +- Database Sizing — Returns the database size for the Db2 databases + +## Recommended Configuration for the Configuration Query + +Prior to running an Db2 0.Collection query, you must establish a connection to the appropriate IBM +Db2 server. As long as that connection is set up first, it is recommended that no configuration +changes be made to the 0.Collection jobs before they run. + +It is also recommended that the connection only be established for the 1-Db2 SensitiveDataScan Job. +Once the connection is established, it applies to all jobs in the 0.Collection job group. It does +not apply to any other job groups. For additional information on establishing a database connection, +see +[1-Db2_SensitiveDataScan](/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_sensitivedatascan.md). diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_permissionscan.md b/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_permissionscan.md new file mode 100644 index 0000000000..9bcc051e8c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_permissionscan.md @@ -0,0 +1,44 @@ +# 2-Db2_PermissionScan Job + +This job collects Db2 database level permissions from all the targeted Db2 database servers. + +## Queries for the 2-Db2_PermissionScan Job + +The 2-Db2_PermissionScan Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/permissionsscanquery.webp) + +The query is: + +- Db2 Permission — Scan Db2 databases for permissions + +## Recommended Configuration for the Db2 Permission Query + +Prior to running an Db2 0.Collection query, you must establish a connection to the appropriate IBM +Db2 server. As long as that connection is set up first, it is recommended that no configuration +changes be made to the 0.Collection jobs before they run. + +It is also recommended that the connection only be established for the 1-Db2 SensitiveDataScan Job. +Once the connection is established, it applies to all jobs in the 0.Collection job group. It does +not apply to any other job groups. For additional information on establishing a database connection, +see +[1-Db2_SensitiveDataScan](/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_sensitivedatascan.md). + +## Analysis Tasks for the 2-Db2_PermissionScan Job + +Navigate to the **Databases** > **0.Collection** > **Db2** > **2-Db2_PermissionScan** > +**Configure** node and select Analysis to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/permissionsscananalysis.webp) + +The default analysis tasks are: + +- Update Instance Name — Updates the instance name with a port if there are multiple instances in a + single host +- AIC Permissions Import — Imports Db2 permissions to the AIC +- AIC Roles Import — Imports roles to the AIC for Db2 diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_sensitivedatascan.md b/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_sensitivedatascan.md new file mode 100644 index 0000000000..2d5a7f16ad --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_sensitivedatascan.md @@ -0,0 +1,122 @@ +# 1-Db2_SensitiveDataScan + +This job discovers sensitive data in the Db2 databases across all the targeted Db2 database servers +based on pre-defined or user-defined criteria. + +## Queries for the 1-Db2_Sensitive Data Scan Job + +The 1-Db2 Sensitive Data Job uses the SQL Data Collector for the following queries. + +![sensitivedatascanquery](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatascanquery.webp) + +The query is: + +- Db2 SensitiveData – Scans Db2 databases for sensitive data + +## Recommended Configuration for the SensitiveDataScan Query + +It is only necessary to set up the connection for the 1-Db2 SensitiveDataScan Job. Once the +connection is established, custom configurations apply to all other job queries within the +0.Collection job group. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the Databases > 0.Collection > Db2 > 1-Db2_SensitiveDataScan > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, select the SensitiveDataScan query click on Query +Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens +with Sensitive Data Collection category selected. + +![Category page](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatacategory.webp) + +**Step 4 –** Click **Next**. The Sensitive Data Scan Settings view appears. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatajoboptions.webp) + +**Step 5 –** To modify sensitive data scan options, select the desired scan options. See the +[SQL: Options](/docs/accessanalyzer/11.6/admin/datacollector/sql/options.md) +page for additional information. + +**CAUTION:** The Sensitive Data Scan Settings are preconfigured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +**Step 6 –** Click **Next**. The Select Criteria view appears. + +![Select Criteria](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatacriteria.webp) + +**Step 7 –** To modify criteria, click on **Use the following selected criteria:** and select your +choices. By default, the Sensitive Data Scan job is set to **Use Global Criteria**. + +**NOTE:** For more information on adding or deleting criteria, navigate to the +[SQL: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/sql/criteria.md) +page or See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +**Step 8 –** Click **Next**. The Filters view appears. + +![Filters](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatafilter.webp) + +**Step 9 –** Click **Connections** to open the Manage Connections window. + +**NOTE:** SQL databases must be added to the query before they can be scanned. Before you can add a +query, you must establish a connection to the database. + +![Manage Connections](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedataconnection.webp) + +**Step 10 –** In the Manage Connections window, enter the following information: + +- Instance Label — Custom name of the instance +- Database System — A drop down containing all available database servers. Select the Db2LUW server + to configure Db2 queries. +- Service Name — Custom name of the service +- Host — Name or IP address of the host where the database is located. Host list is IBM DB2 +- Port Number — Port number for the selected database +- Default Database — Default Database + +**Step 11 –** After completing the above information fields, click **Test Connection** to validate +the new connection. Once validated, click **Create New Connection** to finalize the connection. + +**Step 12 –** Navigate to the Filter page. Select Only select database objects or **All database +objects**. Collection queries are configured by default to target Only select database objects. + +**NOTE:** For more information on filtering, see the +[SQL: Filter](/docs/accessanalyzer/11.6/admin/datacollector/sql/filter.md) +page. + +**Step 13 –** Click Retrieve. The Available database objects box will populate. + +**Step 14 –** Add the Databases and instances to be audited. Databases and instances can be added in +the following ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Optionally use the Add Custom Filter button to create and apply a custom filter. + +Selected database objects to be audited will display. + +**Step 15 –** Click **Next** and navigate to the Summary page, click Finish to save any setting +modifications or click Cancel if no changes were made. Then click OK to close the Query Properties +window. + +The 1-Db2_SensitsveDataScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 1-Db2_SensitiveDataScan Job + +Navigate to the **Databases** > **0.Collection** > **Db2** > **1-Db2_SensitiveDataScan** > +**Configure** node and select **Analysis** to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp) + +The default analysis tasks are: + +- Update Instance Name — Updates the instance name with a port if there are multiple instances in a + single host +- Db2 Matches — Brings the Db2 SDD Matches View to the Enterprise Auditor console +- Db2 Match Hits — Brings the Db2 Match Hits View to the Enterprise Auditor console +- AIC Sensitive Data Import — Db2 Match Imports discovered Db2 sensitive data to the AIC diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/collection/overview.md b/docs/accessanalyzer/11.6/solutions/databases/db2/collection/overview.md new file mode 100644 index 0000000000..fe47794455 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/collection/overview.md @@ -0,0 +1,18 @@ +# 0.Collection Job Group + +The Db2 Solution Set Collection Group collects high level summary information from targeted Db2 +Database Servers. Other jobs in the Db2 Solution Set use this information for further analysis and +for producing respective reports. + +![jobstree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 0.Collection Job Group are: + +- [1-Db2_SensitiveDataScan](/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_sensitivedatascan.md) + — Discovers sensitive data in the Db2 databases across all the targeted Db2 database servers based + on pre-defined or user-defined search criteria +- [2-Db2_PermissionScan Job](/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_permissionscan.md) + — Collects Db2 database level permissions from all the targeted Db2 database servers +- [3-Db2_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/db2/collection/db2_configuration.md)— + Collects Db2 database configuration settings for use in the following analysis jobs and respective + reports diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/db2_databasesizing.md b/docs/accessanalyzer/11.6/solutions/databases/db2/db2_databasesizing.md new file mode 100644 index 0000000000..5873247a39 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/db2_databasesizing.md @@ -0,0 +1,31 @@ +# Configuration > Db2_DatabaseSizing Job + +The Db2_DatabaseSizing job provides details on overall database sizes. + +![Configuration > Db2_DatabaseSizing Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/configurationjobstree.webp) + +This job is located in the Configuration job group. + +## Analysis Tasks for the Db2_DatabaseSizing Job + +Navigate to the **Jobs** > **Databases** > **Db2** > **Configuration** > **Db2_DatabaseSizing** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Db2_DatabaseSizing Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/databasesizinganalysis.webp) + +The default analysis tasks are: + +- Database Sizing – Returns size details for Db2 databases +- Database Summary – Summarizes Db2 database size by host + +## Report for the Db2_DatabaseSizing Job + +In addition to the tables and views created the analysis task, the Db2_DatabaseSizing job produces +the following preconfigured report. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | Provides details on database tables and sizing | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays top hosts by size (GB) - Table – Displays details on database sizing | diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/overview.md b/docs/accessanalyzer/11.6/solutions/databases/db2/overview.md new file mode 100644 index 0000000000..137d2fb840 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/overview.md @@ -0,0 +1,68 @@ +# Db2 Solution + +The Enterprise Auditor Db2 Solution Set is a comprehensive set of pre-configured audit jobs and +reports that provide visibility into various aspects of Db2: Data Collection, Configuration, user +Permissions, and Sensitive Data. + +Supported Platforms + +- DB2LUW 11+ + +Requirements, Permissions, and Ports + +See the +[Target Db2 Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databasedb2.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Location + +The Db2 Solution requires a special Enterprise Auditor license. It can be installed from the +Enterprise Auditor Instant Job Wizard. Once it has been installed in the Jobs tree, navigate to the +solution: Jobs > **Databases** > **Db2**. + +The 0.Collection Job Group collects the data. The Db2 Solution Set Collection group is designed to +collect high level summary information from targeted Db2 Database Servers. This information is used +by other jobs in the Db2 Solution for further analysis and producing respective reports. + +The Database Solution license includes all supported database platforms supported by Enterprise +Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database +content for sensitive data. + +## Db2 Job Group Overview + +The Enterprise Auditor Db2 Solution is a comprehensive set of preconfigured audit jobs and reports +that provide visibility into various aspects of a Db2 Databases: Sensitive Data Discovery and +Objects Permissions. + +![Db2 Overview](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overview.webp) + +The following comprises the Db2 solution: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/db2/collection/overview.md) + — Collects high level summary information from targeted Db2 Servers. This information is used by + other jobs in the Db2 Solution Set for further analysis and producing respective report. + +- [Configuration > Db2_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/db2/db2_databasesizing.md) + — Provides insight into Db2 server configuration settings + +- [Permissions Job Group](/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/overview.md)— + Provides insight into all types of permissions at the database and object level across all the + targeted Db2 database servers + +- [Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/overview.md) + — Provides insight into where sensitive data exists and who has access to it across all the + targeted Db2 databases diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/db2_directpermissions.md b/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/db2_directpermissions.md new file mode 100644 index 0000000000..ba70a7026e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/db2_directpermissions.md @@ -0,0 +1,28 @@ +# Db2_DirectPermissions Job + +This job provides insight into direct user and role permissions to all the database objects in the +targeted Db2 database servers. + +## Analysis Tasks for the Db2_DirectPermissions Job + +Navigate to the **Jobs** > **Databases** > **Db2** > **Permissions** > **Db2_DirectPermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Db2_DirectPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/permissions/directpermissionsanalysis.webp) + +The default analysis tasks are: + +- Direct Permissions – Highlights permissions directly assigned to Db2 objects +- Database Summary – Summarizes Db2 direct permissions by database + +## Report for the Db2_DirectPermissions Job + +In addition to the tables and views created the analysis task, the Db2_DirectPermissions job +produces the following preconfigured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Direct Permissions | This report shows details on the direct permissions in the audited Db2 environment. | None | This report is comprised of three elements: - Bar Chart – Displays Database Summary - Table – Displays Database Summary - Table – Displays permissions details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/db2_effectivepermissions.md b/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/db2_effectivepermissions.md new file mode 100644 index 0000000000..7fe33590dc --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/db2_effectivepermissions.md @@ -0,0 +1,29 @@ +# Db2_EffectivePermissions Job + +This job provides insight into effective user and role permissions to all the database objects in +the targeted Db2 database servers. + +## Analysis Tasks for the Db2 _EffectivePermissions Job + +Navigate to the **Jobs** > **Databases** > **Db2** > **Permissions** > +**Db2_EffectivePermissions** > **Configure** node and select **Analysis** to view the Analysis +Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Db2 _EffectivePermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp) + +The default analysis tasks are: + +- Effective Permissions – Uses role membership to display effective permissions on Db2 objects +- Database Summary – Summarizes effective permissions by Db2 database + +## Report for the Db2_Effective Job + +In addition to the tables and views created the analysis task, the Db2_EffectivePermissions job +produces the following preconfigured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Effective Permissions | This report shows details on effective permissions in the audited Db2 environment. | None | This report is comprised of three elements: - Bar Chart – Displays Database Summary - Table – Displays Database Summary - Table – Displays permissions details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/overview.md b/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/overview.md new file mode 100644 index 0000000000..f7c0dd412b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/overview.md @@ -0,0 +1,15 @@ +# Permissions Job Group + +This job group provides insight into all types of permissions at the database and object level +across all the targeted Db2 database servers. + +![Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/permissions/permissionsjobstree.webp) + +The jobs in the Permission job group are: + +- [Db2_DirectPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/db2_directpermissions.md) + – Provides insight into direct user and role permissions to all the database objects in the + targeted Db2 database servers +- [Db2_EffectivePermissions Job](/docs/accessanalyzer/11.6/solutions/databases/db2/permissions/db2_effectivepermissions.md) + – Provides insight into effective user and role permissions to all the database objects in the + targeted Db2 database servers diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/recommended.md b/docs/accessanalyzer/11.6/solutions/databases/db2/recommended.md new file mode 100644 index 0000000000..a971f2b9b5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/recommended.md @@ -0,0 +1,71 @@ +# Recommended Configuration for the Db2 Solution + +The Db2 Solution has been configured to inherit down from the **Db2** > **Settings** node. However, +it is best practice to assign the host list and the Connection Profile at the data collection level, +the 0.Collection Job Group. Once these are assigned to the job group, it can be run directly or +scheduled. + +Dependencies + +- Successful installation of the IBM Data Server Client. In addition, the following clients and + drivers must be installed: + + - IBM Data Server Driver Package (DS Driver) + - IBM Data Server Driver for JDBC and SQLJ (JCC Driver) + - IBM Data Server Driver for ODBC and CLI (CLI Driver) + - IBM Data Server Runtime Client + - IBM Data Server Client + - IBM Database Add-Ins for Visual Studio + - IBM .NET Driver NuGet + + **NOTE:** All necessary clients and drivers can be found on IBM Support's + [Download initial version 11.5 clients and drivers](https://www.ibm.com/support/pages/download-initial-version-115-clients-and-drivers) + page. + +- .Instance Discovery Job Group run successfully + +Targeted Host(s) + +The Db2 Job Group has been configured to inherit the host list assignment from the collection group +level. + +The host list assignment should be assigned under the **Databases** > **0.Collection** > **Db2** > +**Settings** > **Host List Assignment** node. The Local host box is checked by default. + +Connection Profile + +The SQL Data Collector requires a specific set of permissions. See the Permissions section for +necessary permissions. The account used can be either an Active Directory account or a SQL account. +Once the account has been provisioned, create a custom Connection Profile containing the credentials +for the targeted environment. See the +[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/11.6/admin/datacollector/sql/configurejob.md) +topic for additional information. + +The Connection Profile should be assigned under the Databases > 0.Collection > Db2 > Settings > +Connection node. It is set to Use the Default Profile, as configured at the global settings level. +However, since this may not be the Connection Profile with the necessary permissions for the +assigned hosts, click the radio button for the Select one of the following user defined profiles +option and select the appropriate Connection Profile drop-down menu. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +This job group can be scheduled to run as desired. + +Run Order + +The 0.Collection Jobs must be run first and in order. The other Db2 sub-job groups can be run in any +order, together or individually, after running the 0.Collection Job Group. + +**_RECOMMENDED:_** Run the solution at the top level. + +**Workflow** + +1. Install IBM Db2 Server Client and required clients and drivers +2. Configure and assign host list and connection profile(s) +3. Define the connection information +4. Schedule the .Instance Discovery job group and 0.Collection job group to run as desired +5. Review the reports generated by the 0.Collection job group diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/db2_sensitivedata.md b/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/db2_sensitivedata.md new file mode 100644 index 0000000000..89f49bc48c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/db2_sensitivedata.md @@ -0,0 +1,30 @@ +# Db2_SensitiveData Job + +This job provides information on all the sensitive data that was discovered in the targeted Db2 +database servers based on the selection scan criteria. + +## Analysis Tasks for the Db2 _SensitiveData Job + +Navigate to the **Jobs** > **Databases** > **Db2** > **Sensitive Data** > **Db2_Sensitive Data** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Db2 _SensitiveData Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) + +The default analysis tasks are: + +- Sensitive Data Details – Provides details on sensitive data in Db2 databases +- Database Summary – Summarizes Db2 sensitive data by database +- Enterprise Summary – Summarizes all discovered sensitive data by category + +## Reports for the Db2_SensitiveData Job + +In addition to the tables and views created the analysis task, the Db2_SensitiveData job produces +the following preconfigured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | Sensitive Data | This report is comprised of two elements: - Bar Chart – Displays Exceptions by March Count - Table – Displays data details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart – Displays Top Databases by Sensitive Data Hits - Table – Displays Top Databases by Sensitive Data Hits - Table – Displays data details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/db2_sensitivedatapermissions.md b/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/db2_sensitivedatapermissions.md new file mode 100644 index 0000000000..18ed303999 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/db2_sensitivedatapermissions.md @@ -0,0 +1,30 @@ +# Db2_SensitiveDataPermissions Job + +This job provides all types of permissions on database objects containing sensitive data across all +the targeted Db2 database servers. + +## Analysis Tasks for the Db2_SensitiveDataPermissions Job + +Navigate to the **Jobs** > **Databases** > **Db2** > **Sensitive Data** > +**Db2_SensitiveDataPermissions** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Db2_SensitiveDataPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp) + +The default analysis tasks are: + +- Sensitive Data Permissions – Provides details on which users have permissions on discovered Db2 + Sensitive Data +- Sensitive Data Permissions Database Summary – Summarizes sensitive data permissions by database + +## Report for the Db2_SensitiveDataPermissions Job + +In addition to the tables and views created the analysis task, the Db2_SensitiveDataPermissions job +has the following preconfigured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Top Databases by Permission Count - Table – Displays Database Sensitive Data Permissions Summary - Table – Displays data details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/overview.md b/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/overview.md new file mode 100644 index 0000000000..1dd800e80b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/overview.md @@ -0,0 +1,15 @@ +# Sensitive Data Job Group + +This job group provides insight into where sensitive data exists and who has access to it across all +the targeted Db2 database servers. + +![Sensitive Data Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) + +The jobs in the Sensitive Data job group are: + +- [Db2_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/db2_sensitivedata.md) + – Provides information on all the sensitive data that was discovered in the targeted Db2 database + servers based on the selection scan criteria +- [Db2_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/db2_sensitivedatapermissions.md) + – Provides all types of permissions on database objects containing sensitive data across all the + targeted Db2 database servers diff --git a/docs/accessanalyzer/11.6/solutions/databases/mongodb-analysis.md b/docs/accessanalyzer/11.6/solutions/databases/mongodb-analysis.md deleted file mode 100644 index 4198e31506..0000000000 --- a/docs/accessanalyzer/11.6/solutions/databases/mongodb-analysis.md +++ /dev/null @@ -1,375 +0,0 @@ -# MongoDB_Configuration Job - -The MongoDB_Configuration job is designed to collect MongoDB server instance and database -configuration settings for use in the following analysis jobs and respective reports. - -## Queries for the MongoDB_Configuration Job - -The MongoDB_Configuration Job uses the NoSQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection - Mongo DB](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/configurationjob.webp) - -The query is: - -- Database Sizing — Returns size details for the selected MongoDB databases - -# MongoDB_SensitiveDataScan Job - -The MongoDB_SensitiveDataScan Job is designed to discover sensitive data in MongoDB databases based -on pre-defined or user-defined search criteria. - -## Queries for the MongoDB_SensitiveDataScan Job - -The MongoDB_SensitiveDataScan Job uses the NOSQL Data Collector for queries. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/sensitivedatascan_job.webp) - -The query is: - -- MongoDB SDD - Collects sensitive data from MongoDB - - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the MongoDB SDD Query](#configure-the-mongodb-sdd-query) topic for additional - information. - -## Configure the MongoDB SDD Query - -The MongoDB SDD Query is preconfigured to run using the default settings for the Sensitive Data -Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **MongoDB** > -**MongoDB_SensitiveDataScan** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the MongoDB SDD query and click Query Properties. -The Query Properties window opens. - -**Step 3 –** Select the Data Source tab, and click Configure. The NoSQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -**Step 4 –** Navigate to the -[NoSQL: Options](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md). - -![Sensitive Data Scan Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) - -**Step 5 –** Select the desired scan options. - -**Step 6 –** Navigate to the -[NoSQL: Criteria](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -page. - -![Criteria Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -**Step 7 –** To modify criteria, navigate to the -[NoSQL: Criteria](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -page. By default, the Sensitive Data Scan job is configured to scan for criteria configured in the -Global Criteria settings. See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) -topic for additional information. - -**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -**Step 8 –** Navigate to the -[NoSQL: Filter](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -page. - -![Database Selection Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -**Step 9 –** MongoDB databases must be added to the query before they can be scanned. Click -**Connections** to open the Manage Connections window. - -![Manage Connections window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/manageconnections.webp) - -**Step 10 –** In the Manage Connections window, click **Create New** and add the following -information: - -- Is Active Checkbox — Check to include the database on the Servers Pane on the Filter page. -- Server Label — The name of the server -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the database. The default port is 27017. -- Auth Database — Account used to access the database. Admin is recommended. -- Read Preference — Read preference describes how MongoDB clients route read operations to the - members of a replica set. By default, an application directs its read operations to the primary - member in a replica set (i.e. read preference mode "primary"). But, clients can specify a read - preference to send read operations to secondaries. Click the link for additional informatoin. -- Mongo SRV Checkbox — Specifies that the information entered is for clusters or shards - -**Step 11 –** Click to **Test Connection** to verify the connection to the database with the -connection profile applied to the job - -**Step 12 –** Click **Save New Connection** to add the connection to the list, then close the Manage -Connections window. - -**Step 13 –** On the Filter page, click Retrieveto populate the Servers pane with the databases and -collections. - -**Step 14 –** (Optional) Right click on an object in the list to include or exclude it from the -sensitive data scan, or build /edit a pattern to create a custom filter. See the -[NoSQL: Filter](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -topic for additional information. - -**Step 15 –** Click **Validate** and then **Save** to apply the scoping. Navigating away from this -page without saving will undo any changes made. - -**Step 16 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The MongoDB SDD Query is now ready to run with the customized settings. - -## Analysis Tasks for the MongoDB_SensitiveDataScan Job - -Navigate to the Databases > > 0.Collection > MongoDB > MongoDB_SensitiveDataScan > Configure node -and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/analysissensitivedatascan.webp) - -The default analysis tasks are: - -- NoSQL Instances — Brings the SA_NoSQL_Instances to view in SA -- Matches View — Brings the MongoDB matches view to the Enterprise Auditor console -- Match Hits View — Brings the MongoDB match hits view to the Enterprise Auditor console -- MongoDB SDD AIC Import — Imports MongoDB SDD into the AIC - -# 0.Collection Job Group - -The MongoDB Solution Collection group is designed to collect high level summary information from -targeted MongoDB Servers.  This information is used by other jobs in the MongoDB Solution Set for -further analysis and producing respective reports. - -![0](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp) - -The jobs in the 0.Collection Job Group are: - -- [MongoDB_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/mongodb-analysis.md) - — Collects MongoDB server instance and database configuration settings for use in the following - analysis jobs and respective reports. -- [MongoDB_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/mongodb-analysis.md) - — Discovers sensitive data in MongoDB databases based on pre-defined or user-defined search - criteria - -### Analysis Tasks for the MongoDB_Database_Sizing Job - -Navigate to the **Jobs > Databases > MongoDB > Configuration > MongoDB_DatabaseSizing > Configure** -node and select Analysis to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/databasesizingjobanalysis.webp) - -The default analysis tasks are: - -- MongoDB Database Sizing Details — Provides details about MongoDB databases and sizing -- MongoDB Database Sizing Summary — Summarizes MongoDB database sizing by node or cluster - -### Report for the MongoDB_Database_Sizing Job - -In addition to the tables and views created the analysis task, the MongoDB_DatabaseSizing Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------- | -------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report highlights the size of databases in MongoDB. | None. | This report is comprised of three elements: - Bar Chart - Displays top databases by size (MB) - Bar Chart - Displays database size by host (GB) - Table - Displays details on database sizing | - -# Sensitive Data > MongoDB_SensitiveData Job - -The Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who -has access to it across all the targeted MongoDB databases. - -![Sensitive Data Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) - -The job in the Sensitive Data Job Group is: - -- MongoDB_SensitiveData Job - Provides details on all the sensitive data that was discovered in the - targeted MongoDB databases based on the selected scan criteria - -### Analysis Tasks for the MongoDB_SensitiveData Job - -Navigate to the MongoDB > **Databases** > **Sensitive Data**> MongoDB_SensitiveData > Configure node -and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp) - -The default analysis tasks are: - -- Sensitive Data Details — Returns details around sensitive data in MongoDB -- Database Summary — Summarizes MongoDB sensitive data by database -- Enterprise Summary — Summarizes MongoDB sensitive data across the enterprise - -### Reports for the for the MongoDB_SensitiveData Job - -In addition to the tables and views created the analysis task, the MongoDB_SensitiveData Job -produces the following preconfigured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Bar Chart - Displays exceptions by Match Count - Table - Displays exception details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases by Sensitive Data Hits - Table - Provides details | - -# MongoDB Solution - -Data privacy and security is quickly evolving to be on equal footing with traditional security -measures focused on the network, hardware, or software the data is contained within. Organizations -aligning to concepts like Data-Centric Audit and Protection (DCAP) as defined by Gartner, or the -requirements of strict compliance regulations like EU GDPR, are looking to implement processes that -help them understand where sensitive data is stored, who or what is leveraging their privileges to -access the data, and how each database has been configured. - -As part of Stealthbits comprehensive Data Access Governance suite for structured and unstructured -data, Enterprise Auditor for MongoDB automates the process of understanding where MongoDB databases -exist and provides an overview of the MongoDB environment in order to answer questions around data -access: - -- Who has access to your data? -- Where is sensitive data being stored? - -With visibility into every corner of MongoDB, organizations can proactively highlight and prioritize -risks to sensitive data. Additionally, organizations can automate manual, time-consuming, and -expensive processes associated with compliance, security, and operations to easily adhere to best -practices that keep MongoDB Server safe and operational. - -Supported Platforms - -- MongoDB 5.0 -- MongoDB 6.0 -- MongoDB 7.0 -- Windows and Linux distributions supported by MongoDB - -Requirements, Permissions, and Ports - -See the -[Target MongoDB Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -By default, the job is configured to use 10 threads, which can be adjusted based on available -resources on the Enterprise Auditor server. - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Location - -The Structured Sensitive Data Discovery License is required to run the MongoDB Solution. The MongoDB -Solution can be installed from the Enterprise Auditor Instant Job Wizard. Once it has been installed -into the Jobs tree, navigate to the solution: Jobs > **Databases** > MongoDB. - -The 0.Collection Job Group scans MongoDB instances on the target hosts, and collects -configuration and sensitive data. The other job groups analyze the collected data and generate -reports. - -The Database Solution license includes all supported database platforms supported by Enterprise -Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database -content for sensitive data. - -## Job Groups - -The Enterprise Auditor MongoDB Solution Set is a set of pre-configured jobs and reports that -provides visibility into MongoDB Sensitive Data. - -![MongoDB Overview](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/mongdbjobgroupoverview.webp) - -The following job groups comprise the MongoDB Solution: - -- [ 0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/mongodb-analysis.md) - — Collects high level summary information from targeted MongoDB Servers. This information is used - by other jobs in the MongoDB Solution Set for further analysis and producing respective reports. -- [Analysis Tasks for the MongoDB_Database_Sizing Job](/docs/accessanalyzer/11.6/solutions/databases/mongodb-analysis.md) - — Provides insight into MongoDB server configuration settings -- [Sensitive Data > MongoDB_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/mongodb-analysis.md) - — Provides insight into where sensitive data exists and who has access to it across all the - targeted MongoDB databases - -# Recommended Configuration for the MongoDB Solution - -The MongoDB Solution has been configured to inherit down from the MongoDB > Settings node. However, -it is best practice to assign the host list and the Connection Profile at the data collection level, -the 0.Collection Job Group. Once these are assigned to the job group, it can be run directly or -scheduled. - -Dependencies - -- Query must be configured with list of target database clusters / instances -- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the - StealthAUDIT Console server - -Some of the 0.Collection Job Group queries can be scoped to target specific databases/instances. -However, it is necessary to add the databases to the query first. - -Targeted Host(s) - -The 0.Collection Job Group must be set to run against a custom host list containing the MongoDB -database instances / clusters. - -Connection Profile - -The NoSQL Data Collector requires a specific set of permission. See the Permissions section for -necessary permissions. The account used can be either an Active Directory account or a SQL account. -Once the account has been provisioned, create a custom Connection Profile containing the credentials -for the targeted environment. See the -[NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) -topic for additional information. - -The Connection Profile should be assigned under the MongoDB > 0.Collection > Settings > Connection -node. It is set to Use the Default Profile, as configured at the global settings level. However, -since this may not be the Connection Profile with the necessary permissions for the assigned hosts, -click the radio button for the Select one of the following user defined profiles option and select -the appropriate Connection Profile drop-down menu. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -One of the most important decisions to make is how frequently to collect this data. The MongoDB Job -Group can be scheduled to run as desired depending on the types of auditing being conducted and the -scope of the target environment. The general recommendation is to schedule the solution to run -daily. - -Run Order - -The 0.Collection Jobs must be run first and in order. The other MongoDB Solution sub-job groups can -be run in any order, together or individually, after running the 0.Collection Job Group. - -**_RECOMMENDED:_** Run the solution at the top level. - -Workflow - -1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the - Recommended Configurations section. See the - [NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) - topic for additional information. -2. Set the Host list for the 0.Collection Job Group with the servers containing the target - databases. Additionally, the database clusters / instances must be added to the Filter page in - the query configuration. See the - [NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/databases/mongodb.md) - topic for additional information. -3. (Optional) Configure the queries for the jobs in the 0.Collection Job Group -4. Schedule the 0.Collection Job Group to run daily or as desired - - **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the - SQL solution - -5. Review the reports generated by the 0.Collection Job Group’s jobs diff --git a/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/mongodb_configuration.md b/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/mongodb_configuration.md new file mode 100644 index 0000000000..49985d5e92 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/mongodb_configuration.md @@ -0,0 +1,16 @@ +# MongoDB_Configuration Job + +The MongoDB_Configuration job is designed to collect MongoDB server instance and database +configuration settings for use in the following analysis jobs and respective reports. + +## Queries for the MongoDB_Configuration Job + +The MongoDB_Configuration Job uses the NoSQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection - Mongo DB](/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/configurationjob.webp) + +The query is: + +- Database Sizing — Returns size details for the selected MongoDB databases diff --git a/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/mongodb_sensitivedatascan.md b/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/mongodb_sensitivedatascan.md new file mode 100644 index 0000000000..0dd72e948d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/mongodb_sensitivedatascan.md @@ -0,0 +1,122 @@ +# MongoDB_SensitiveDataScan Job + +The MongoDB_SensitiveDataScan Job is designed to discover sensitive data in MongoDB databases based +on pre-defined or user-defined search criteria. + +## Queries for the MongoDB_SensitiveDataScan Job + +The MongoDB_SensitiveDataScan Job uses the NOSQL Data Collector for queries. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/sensitivedatascan_job.webp) + +The query is: + +- MongoDB SDD - Collects sensitive data from MongoDB + + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the MongoDB SDD Query](#configure-the-mongodb-sdd-query) topic for additional + information. + +## Configure the MongoDB SDD Query + +The MongoDB SDD Query is preconfigured to run using the default settings for the Sensitive Data +Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **MongoDB** > +**MongoDB_SensitiveDataScan** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the MongoDB SDD query and click Query Properties. +The Query Properties window opens. + +**Step 3 –** Select the Data Source tab, and click Configure. The NoSQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +**Step 4 –** Navigate to the +[NoSQL: Options](/docs/accessanalyzer/11.6/admin/datacollector/nosql/options.md). + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) + +**Step 5 –** Select the desired scan options. + +**Step 6 –** Navigate to the +[NoSQL: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/nosql/criteria.md) +page. + +![Criteria Page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +**Step 7 –** To modify criteria, navigate to the +[NoSQL: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/nosql/criteria.md) +page. By default, the Sensitive Data Scan job is configured to scan for criteria configured in the +Global Criteria settings. See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +**Step 8 –** Navigate to the +[NoSQL: Filter](/docs/accessanalyzer/11.6/admin/datacollector/nosql/filter.md) +page. + +![Database Selection Settings](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.webp) + +**Step 9 –** MongoDB databases must be added to the query before they can be scanned. Click +**Connections** to open the Manage Connections window. + +![Manage Connections window](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/manageconnections.webp) + +**Step 10 –** In the Manage Connections window, click **Create New** and add the following +information: + +- Is Active Checkbox — Check to include the database on the Servers Pane on the Filter page. +- Server Label — The name of the server +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the database. The default port is 27017. +- Auth Database — Account used to access the database. Admin is recommended. +- Read Preference — Read preference describes how MongoDB clients route read operations to the + members of a replica set. By default, an application directs its read operations to the primary + member in a replica set (i.e. read preference mode "primary"). But, clients can specify a read + preference to send read operations to secondaries. Click the link for additional informatoin. +- Mongo SRV Checkbox — Specifies that the information entered is for clusters or shards + +**Step 11 –** Click to **Test Connection** to verify the connection to the database with the +connection profile applied to the job + +**Step 12 –** Click **Save New Connection** to add the connection to the list, then close the Manage +Connections window. + +**Step 13 –** On the Filter page, click Retrieveto populate the Servers pane with the databases and +collections. + +**Step 14 –** (Optional) Right click on an object in the list to include or exclude it from the +sensitive data scan, or build /edit a pattern to create a custom filter. See the +[NoSQL: Filter](/docs/accessanalyzer/11.6/admin/datacollector/nosql/filter.md) +topic for additional information. + +**Step 15 –** Click **Validate** and then **Save** to apply the scoping. Navigating away from this +page without saving will undo any changes made. + +**Step 16 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The MongoDB SDD Query is now ready to run with the customized settings. + +## Analysis Tasks for the MongoDB_SensitiveDataScan Job + +Navigate to the Databases > > 0.Collection > MongoDB > MongoDB_SensitiveDataScan > Configure node +and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/analysissensitivedatascan.webp) + +The default analysis tasks are: + +- NoSQL Instances — Brings the SA_NoSQL_Instances to view in SA +- Matches View — Brings the MongoDB matches view to the Enterprise Auditor console +- Match Hits View — Brings the MongoDB match hits view to the Enterprise Auditor console +- MongoDB SDD AIC Import — Imports MongoDB SDD into the AIC diff --git a/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/overview.md b/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/overview.md new file mode 100644 index 0000000000..06af3fc89d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/overview.md @@ -0,0 +1,16 @@ +# 0.Collection Job Group + +The MongoDB Solution Collection group is designed to collect high level summary information from +targeted MongoDB Servers.  This information is used by other jobs in the MongoDB Solution Set for +further analysis and producing respective reports. + +![0](/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp) + +The jobs in the 0.Collection Job Group are: + +- [MongoDB_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/mongodb_configuration.md) + — Collects MongoDB server instance and database configuration settings for use in the following + analysis jobs and respective reports. +- [MongoDB_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/mongodb_sensitivedatascan.md) + — Discovers sensitive data in MongoDB databases based on pre-defined or user-defined search + criteria diff --git a/docs/accessanalyzer/11.6/solutions/databases/mongodb/mongodb_databasesizing.md b/docs/accessanalyzer/11.6/solutions/databases/mongodb/mongodb_databasesizing.md new file mode 100644 index 0000000000..e97c20390a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mongodb/mongodb_databasesizing.md @@ -0,0 +1,23 @@ +### Analysis Tasks for the MongoDB_Database_Sizing Job + +Navigate to the **Jobs > Databases > MongoDB > Configuration > MongoDB_DatabaseSizing > Configure** +node and select Analysis to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/databasesizingjobanalysis.webp) + +The default analysis tasks are: + +- MongoDB Database Sizing Details — Provides details about MongoDB databases and sizing +- MongoDB Database Sizing Summary — Summarizes MongoDB database sizing by node or cluster + +### Report for the MongoDB_Database_Sizing Job + +In addition to the tables and views created the analysis task, the MongoDB_DatabaseSizing Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------- | -------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report highlights the size of databases in MongoDB. | None. | This report is comprised of three elements: - Bar Chart - Displays top databases by size (MB) - Bar Chart - Displays database size by host (GB) - Table - Displays details on database sizing | diff --git a/docs/accessanalyzer/11.6/solutions/databases/mongodb/mongodb_sensitivedata.md b/docs/accessanalyzer/11.6/solutions/databases/mongodb/mongodb_sensitivedata.md new file mode 100644 index 0000000000..38ebd01881 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mongodb/mongodb_sensitivedata.md @@ -0,0 +1,37 @@ +# Sensitive Data > MongoDB_SensitiveData Job + +The Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who +has access to it across all the targeted MongoDB databases. + +![Sensitive Data Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) + +The job in the Sensitive Data Job Group is: + +- MongoDB_SensitiveData Job - Provides details on all the sensitive data that was discovered in the + targeted MongoDB databases based on the selected scan criteria + +### Analysis Tasks for the MongoDB_SensitiveData Job + +Navigate to the MongoDB > **Databases** > **Sensitive Data**> MongoDB_SensitiveData > Configure node +and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp) + +The default analysis tasks are: + +- Sensitive Data Details — Returns details around sensitive data in MongoDB +- Database Summary — Summarizes MongoDB sensitive data by database +- Enterprise Summary — Summarizes MongoDB sensitive data across the enterprise + +### Reports for the for the MongoDB_SensitiveData Job + +In addition to the tables and views created the analysis task, the MongoDB_SensitiveData Job +produces the following preconfigured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Bar Chart - Displays exceptions by Match Count - Table - Displays exception details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases by Sensitive Data Hits - Table - Provides details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/mongodb/overview.md b/docs/accessanalyzer/11.6/solutions/databases/mongodb/overview.md new file mode 100644 index 0000000000..ae89092516 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mongodb/overview.md @@ -0,0 +1,83 @@ +# MongoDB Solution + +Data privacy and security is quickly evolving to be on equal footing with traditional security +measures focused on the network, hardware, or software the data is contained within. Organizations +aligning to concepts like Data-Centric Audit and Protection (DCAP) as defined by Gartner, or the +requirements of strict compliance regulations like EU GDPR, are looking to implement processes that +help them understand where sensitive data is stored, who or what is leveraging their privileges to +access the data, and how each database has been configured. + +As part of Stealthbits comprehensive Data Access Governance suite for structured and unstructured +data, Enterprise Auditor for MongoDB automates the process of understanding where MongoDB databases +exist and provides an overview of the MongoDB environment in order to answer questions around data +access: + +- Who has access to your data? +- Where is sensitive data being stored? + +With visibility into every corner of MongoDB, organizations can proactively highlight and prioritize +risks to sensitive data. Additionally, organizations can automate manual, time-consuming, and +expensive processes associated with compliance, security, and operations to easily adhere to best +practices that keep MongoDB Server safe and operational. + +Supported Platforms + +- MongoDB 5.0 +- MongoDB 6.0 +- MongoDB 7.0 +- Windows and Linux distributions supported by MongoDB + +Requirements, Permissions, and Ports + +See the +[Target MongoDB Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databasemongodb.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +By default, the job is configured to use 10 threads, which can be adjusted based on available +resources on the Enterprise Auditor server. + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Location + +The Structured Sensitive Data Discovery License is required to run the MongoDB Solution. The MongoDB +Solution can be installed from the Enterprise Auditor Instant Job Wizard. Once it has been installed +into the Jobs tree, navigate to the solution: Jobs > **Databases** > MongoDB. + +The 0.Collection Job Group scans MongoDB instances on the target hosts, and collects +configuration and sensitive data. The other job groups analyze the collected data and generate +reports. + +The Database Solution license includes all supported database platforms supported by Enterprise +Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database +content for sensitive data. + +## Job Groups + +The Enterprise Auditor MongoDB Solution Set is a set of pre-configured jobs and reports that +provides visibility into MongoDB Sensitive Data. + +![MongoDB Overview](/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/mongdbjobgroupoverview.webp) + +The following job groups comprise the MongoDB Solution: + +- [ 0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/overview.md) + — Collects high level summary information from targeted MongoDB Servers. This information is used + by other jobs in the MongoDB Solution Set for further analysis and producing respective reports. +- [Analysis Tasks for the MongoDB_Database_Sizing Job](/docs/accessanalyzer/11.6/solutions/databases/mongodb/mongodb_databasesizing.md) + — Provides insight into MongoDB server configuration settings +- [Sensitive Data > MongoDB_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/mongodb/mongodb_sensitivedata.md) + — Provides insight into where sensitive data exists and who has access to it across all the + targeted MongoDB databases diff --git a/docs/accessanalyzer/11.6/solutions/databases/mongodb/recommended.md b/docs/accessanalyzer/11.6/solutions/databases/mongodb/recommended.md new file mode 100644 index 0000000000..badff0a930 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mongodb/recommended.md @@ -0,0 +1,72 @@ +# Recommended Configuration for the MongoDB Solution + +The MongoDB Solution has been configured to inherit down from the MongoDB > Settings node. However, +it is best practice to assign the host list and the Connection Profile at the data collection level, +the 0.Collection Job Group. Once these are assigned to the job group, it can be run directly or +scheduled. + +Dependencies + +- Query must be configured with list of target database clusters / instances +- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the + StealthAUDIT Console server + +Some of the 0.Collection Job Group queries can be scoped to target specific databases/instances. +However, it is necessary to add the databases to the query first. + +Targeted Host(s) + +The 0.Collection Job Group must be set to run against a custom host list containing the MongoDB +database instances / clusters. + +Connection Profile + +The NoSQL Data Collector requires a specific set of permission. See the Permissions section for +necessary permissions. The account used can be either an Active Directory account or a SQL account. +Once the account has been provisioned, create a custom Connection Profile containing the credentials +for the targeted environment. See the +[NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/nosql/configurejob.md) +topic for additional information. + +The Connection Profile should be assigned under the MongoDB > 0.Collection > Settings > Connection +node. It is set to Use the Default Profile, as configured at the global settings level. However, +since this may not be the Connection Profile with the necessary permissions for the assigned hosts, +click the radio button for the Select one of the following user defined profiles option and select +the appropriate Connection Profile drop-down menu. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +One of the most important decisions to make is how frequently to collect this data. The MongoDB Job +Group can be scheduled to run as desired depending on the types of auditing being conducted and the +scope of the target environment. The general recommendation is to schedule the solution to run +daily. + +Run Order + +The 0.Collection Jobs must be run first and in order. The other MongoDB Solution sub-job groups can +be run in any order, together or individually, after running the 0.Collection Job Group. + +**_RECOMMENDED:_** Run the solution at the top level. + +Workflow + +1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the + Recommended Configurations section. See the + [NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/nosql/configurejob.md) + topic for additional information. +2. Set the Host list for the 0.Collection Job Group with the servers containing the target + databases. Additionally, the database clusters / instances must be added to the Filter page in + the query configuration. See the + [NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/nosql/configurejob.md) + topic for additional information. +3. (Optional) Configure the queries for the jobs in the 0.Collection Job Group +4. Schedule the 0.Collection Job Group to run daily or as desired + + **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the + SQL solution + +5. Review the reports generated by the 0.Collection Job Group’s jobs diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md b/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md deleted file mode 100644 index 6a07566783..0000000000 --- a/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md +++ /dev/null @@ -1,435 +0,0 @@ -# MySQL_Configuration Job - -The MySQL_Configuration Job is designed to collect MySQL server instance and database configuration -settings for use in the following analysis jobs and respective reports. - -## Queries for the MySQL_Configuration Job - -The MySQL_Configuration Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/configurationjob.webp) - -The query is: - -- Database Sizing - Returns size details for the selected MySQL databases - -# MySQL_SensitiveDataScan Job - -The MySQL_SensitiveDataScan Job is designed to discover sensitive data in MySQL databases based on -pre-defined or user-defined search criteria. - -## Queries for the MySQL_SensitiveDataScan Job - -The MySQL_SensitiveDataScan Job uses the SQL Data Collector for queries. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatascan.webp) - -The query is: - -- Sensitive Data Scan - Discovers MySQL Sensitive Data. See the - [Configure the SensitiveDataScan Query](#configure-the-sensitivedatascan-query) for additional - information. - -### Configure the SensitiveDataScan Query - -The MySQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive -Data Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the Databases > 0.Collection > MySQL > MySQL_SensitiveDataScan > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, select the Sensitive Data Scan query click on Query -Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this -job. - -![Sensitive Data Scan Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp) - -**Step 4 –** To modify sensitive data scan options, select the desired scan options. See the -[SQL: Options](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page for additional information. - -**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -![DLP Criteria for Scan](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp) - -**Step 5 –** To modify criteria, navigate to the -[SQL: Criteria](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. By default, the Sensitive Data Scan job is configured to scan for criteria configured in the -Global Criteria settings. See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) -topic for additional information. - -![Filters Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp) - -**Step 6 –** MySQL databases must be added to the query before they can be scanned. Navigate to the -**Filter** page and click **Connections** to open the Manage Connections window. - -![Manage Connections](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/manageconnectionsmysql.webp) - -**Step 7 –** In the Manage Connections window, click **New Connection** and add the following -information: - -- Instance Label — The name of the instance -- Database System — Select MySQL from the dropdown list -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the database. The default port for MySQL is 3306 - -Exit the Manage Connections window to return to the Filter page. - -**Step 8 –** On the Filter page, the query is configured by default to target Only select database -objects. Click Retrieve. The Available database objects box will populate. The default filter will -scan all MySQL Databases returned, excluding the listed system schemas and tables in red. Databases -and instances can be added in the following ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Use the Add Custom Filter button to create and apply a custom filter. - -**Step 9 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The MySQL_SensitiveDataScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the MySQL_SensitiveDataScan Job - -Navigate to the **Databases** > **0.Collection** > **MySQL** > **MySQL_SensitiveDataScan** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp) - -The default analysis tasks are: - -- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table -- MySQL SDD Matches View — Bring the MySQL SDD Matches View to the SA console -- MySQL SDD Match Hits View — Bring the MySQL SDD Match Hits View to the SA console -- MySQL SDD AIC Import — Imports to MySQL SDD to the AIC - -# MySQL_TablePrivileges Job - -The MySQL_TablePrivileges job is designed to collect MySQL table privileges from all the targeted -servers. - -## Queries for the MySQL_TablePrivileges Job - -The MySQL_TablePrivileges Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/querytableprivileges.webp) - -The query is: - -- Table Privileges - Returns table privileges from all the targeted servers. - -## Analysis Task for the MySQL_TablePrivileges Job - -Navigate to the **Databases** > **0.Collection** > **MySQL** > **MySQL_TablePrivileges** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/analysistableprivileges.webp) - -The default analysis task is: - -- AIC Import - MySQL Permissions – Imports MySQL permissions to the AIC. - -# 0.Collection Job Group - -The MySQL Solution Collection group is designed to collect high level summary information from -targeted MySQL Servers. This information is used by other jobs in the MySQL Solution Set for further -analysis and producing respective reports. - -![0.Collection Job Group for MySQL](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/0.collectionjobgroup.webp) - -The jobs in the 0.Collection Job Group are: - -- [MySQL_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md) - – Designed to collect MySQL server instance and database configuration settings for use in the - following analysis jobs and respective reports -- [MySQL_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md) - – Designed to discover sensitive data in MySQL databases based on pre-defined or user-defined - search criteria -- [MySQL_TablePrivileges Job](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md) - – Designed to collect MySQL table privileges from all the targeted servers. - -Workflow - -1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the - Recommended Configurations section. See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information. -2. For Sensitive Data Discovery Auditing – Ensure the Sensitive Data Discovery Add-On is installed - on the StealthAUDIT Console server. -3. Schedule the solution to run daily or as desired. -4. Review the reports generated by the jobs. - -# Configuration > MySQL_DatabaseSizing Job - -The Configuration Job Group is designed to provide insight into MySQL server configuration settings. - -![Configuration Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp) - -The job in the Configuration Job Group is: - -- MySQL_DatabaseSizing Job - Provides details on database table sizes and overall database size - -### Analysis Tasks for the MySQL_DatabaseSizing Job - -Navigate to the **Jobs > Databases > MySQL > Configuration > MySQL_DatabaseSizing > Configure** node -and select Analysis to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/analysismysqldatabasesizing.webp) - -The default analysis tasks are: - -- Database Details - Returns size details for MySQL databases -- Database Summary - Summarizes database sizes by host - -In addition to the tables and views created the analysis task, the MySQL_DatabaseSizing Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ----------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report provides details on database tables and sizing. | | This report is comprised of three elements: - Bar Chart - Displays top databases by size (MB) - Bar Chart - Displays database size by host (GB) - Table - Displays details on database sizing | - -# MySQL Solution - -Data privacy and security is quickly evolving to be on equal footing with traditional security -measures focused on the network, hardware, or software the data is contained within. Organizations -aligning to concepts like Data-Centric Audit and Protection (DCAP) as defined by Gartner, or the -requirements of strict compliance regulations like EU GDPR, are looking to implement processes that -help them understand where sensitive data is stored, who or what is leveraging their privileges to -access the data, and how each database has been configured. - -As part of Stealthbits comprehensive Data Access Governance suite for structured and unstructured -data, Enterprise Auditor for MySQL automates the process of understanding where MySQL databases -exist and provides an overview of the MySQL environment in order to answer questions around data -access: - -- Who has access to your data? -- Where is sensitive data being stored? - -With visibility into every corner of MySQL, organizations can proactively highlight and prioritize -risks to sensitive data. Additionally, organizations can automate manual, time-consuming, and -expensive processes associated with compliance, security, and operations to easily adhere to best -practices that keep MySQL Server safe and operational. - -The MySQL Solution requires a special Enterprise Auditor license. The Database Solution license -includes all supported database platforms supported by Enterprise Auditor. Additionally, the -Sensitive Data Discovery Add-On enables the solution to search database content for sensitive data. - -By default, the job is configured to use 10 threads, which can be adjusted based on available -resources on the Enterprise Auditor server. - -Supported Platforms - -- MySQL 5.x -- MySQL 8.x -- Amazon MySQL RDS -- Amazon Aurora MySQL Engine -- MariaDB 10.x - -Requirements, Permissions, and Ports - -See the -[Target MySQL Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans.If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host.For example, if the job is configured to scan 8 hosts at a time , then -an extra 16 GB of RAM are required (8x2=16). - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Location - -The Structured Sensitive Data Discovery License is required to run the MySQL Solution. It can be -installed from the Enterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs -tree, navigate to the solution: Jobs > **Databases** > MySQL. - -The 0.Collection Job Group discovers configuration settings and Sensitive Data in MySQL Instances on -the target hosts. The other job groups analyze and report on the data collected by the 0.Collection -Job Group. - -The Database Solution license includes all supported database platforms supported by Enterprise -Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database -content for sensitive data. - -## Job Groups - -The Enterprise Auditor MySQL Solution Set is a set of pre-configured audit jobs and reports that -provides visibility into MySQL Sensitive Data. - -![MySQL Job Group Overview](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/mysqljobgroupoverview.webp) - -The job groups in the MySQL Solution are: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md) - – Designed to collect high level summary information from targeted MySQL Servers. This information - is used by other jobs in the MySQL Solution Set for further analysis and producing respective - reports. -- [Configuration > MySQL_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md) - – Designed to provide insight into MySQL server configuration settings -- [MySQL_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md) - – Designed to provide insight into where sensitive data exists and who has access to it across all - the targeted MySQL databases. - -# Recommended Configurations for the MySQL Solution - -The MySQL Solution has been configured to inherit down from the MySQL > Settings node. However, it -is best practice to assign the host list and the Connection Profile at the data collection level, -0.Collection Job Group. Once these are assigned to the job group, it can be run directly or -scheduled. - -Dependencies - -- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the - Enterprise Auditor Console server -- For AWS RDS and Aurora instances, right-click a job in the **MySQL** > **0.Collection** folder and - open the properties window. Select the **Performance** tab and ensure that the **Skip Hosts that - do not respond to PING**checkbox is not selected. - -Targeted Host(s) - -- The 0.Collection Job Group must be set to run against a custom host list containing the - MySQL database instances / clusters. -- For AWS RDS instances, specify the endpoint when creating a host list. This value may change after - saving the list if the instance is part of a cluster. - -Connection Profile - -The SQL Data Collector requires a specific set of permissions. For the MySQL Solution, the -credentials configured in the Connection Profile must be able to access the MySQL Database. See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information on permissions and creating a SQL custom connection profile. - -The Connection Profile is set to Use the Default Profile, as configured at the global settings -level. However, since this may not be the Connection Profile with the necessary permissions for the -assigned hosts, click the radio button for the Select one of the following user defined profiles -option and select the appropriate Connection Profile drop-down menu. - -Schedule Frequency - -Daily - -Run Order - -The 0.Collection Job Group must be run first before running the other jobs and job groups. - -**_RECOMMENDED:_** Run the solution at the top level: MySQL Job Group - -Query Configuration - -This solution is designed to be run with the default query configurations. However, the -MySQL_SensitiveDataScan Job query can be customized as needed. See the -[Configure the SensitiveDataScan Query](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md#configure-the-sensitivedatascan-query) -topic for additional information. - -Analysis Configuration - -This solution should be run with the default analysis configurations. These analysis tasks are -preconfigured and should not be modified or deselected. - -Disabling obsolete or run-desired jobs allows the solution to run more efficiently. To disable a job -or job group, right-click on the item and select Disable Job. - -**_RECOMMENDED:_** Do not delete any jobs. Instead, jobs should be disabled. - -# MySQL_SensitiveData Job - -The MySQL_SensitiveData Job is designed to provide information on all the sensitive data that was -discovered in the targeted MySQL servers based on the selected scan criteria. - -## Analysis Tasks for the MySQL_SensitiveData Job - -Navigate to the **Jobs > MySQL > Sensitive Data > MySQL_SensitiveData > Configure** node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp) - -The default analysis tasks are: - -- Sensitive Data Details - Returns details around sensitive data in MySQL -- Database Summary - Summarizes sensitive data in MySQL by database -- Enterprise Summary - Summarizes MySQL sensitive data for the organization - -In addition to the tables and views created the analysis task, the MySQL_SensitiveData Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | | This report is comprised of two elements: - Bar Chart - Displays exceptions by match count - Table - Displays exception details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases by sensitive data - Table - Provides details on sensitive data | - -# MySQL_SensitiveDataPermissions Job - -The MySQL_SensitiveDataPermissions Job is designed to provide information on all types of -permissions on database objects containing sensitive data across all the targeted MySQL servers -based on the selected scan criteria. - -## Analysis Tasks for the MySQL_SensitiveData Job - -Navigate to the **Jobs > MySQL > Sensitive Data > MySQL_SensitiveDataPermissions > Configure** node -and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp) - -The default analysis tasks are: - -- Sensitive Data Permission Details – Creates the MySQL_SensitiveDataPermissions_Details table - accessible under the job’s Results node -- Sensitive Data Permissions Database Summary – Creates the - MySQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the -MySQL_SensitiveDataPermissions Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | - -# Sensitive Data Job Group - -The Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who -has access to it across all the targeted MySQL databases. - -![Sensitive Data Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) - -The job in the Sensitive Data Job Group is: - -- [MySQL_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md) - - Designed to provide information on all the sensitive data that was discovered in the targeted - MySQL servers based on the selected scan criteria -- [MySQL_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/mysql-analysis.md) - - Designed to provide information on all types of permissions on database objects containing - sensitive data across all the targeted MySQL servers based on the selected scan criteria. diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_configuration.md b/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_configuration.md new file mode 100644 index 0000000000..6ce3294bce --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_configuration.md @@ -0,0 +1,16 @@ +# MySQL_Configuration Job + +The MySQL_Configuration Job is designed to collect MySQL server instance and database configuration +settings for use in the following analysis jobs and respective reports. + +## Queries for the MySQL_Configuration Job + +The MySQL_Configuration Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/configurationjob.webp) + +The query is: + +- Database Sizing - Returns size details for the selected MySQL databases diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_sensitivedatascan.md b/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_sensitivedatascan.md new file mode 100644 index 0000000000..7a990f9612 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_sensitivedatascan.md @@ -0,0 +1,99 @@ +# MySQL_SensitiveDataScan Job + +The MySQL_SensitiveDataScan Job is designed to discover sensitive data in MySQL databases based on +pre-defined or user-defined search criteria. + +## Queries for the MySQL_SensitiveDataScan Job + +The MySQL_SensitiveDataScan Job uses the SQL Data Collector for queries. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatascan.webp) + +The query is: + +- Sensitive Data Scan - Discovers MySQL Sensitive Data. See the + [Configure the SensitiveDataScan Query](#configure-the-sensitivedatascan-query) for additional + information. + +### Configure the SensitiveDataScan Query + +The MySQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive +Data Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the Databases > 0.Collection > MySQL > MySQL_SensitiveDataScan > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, select the Sensitive Data Scan query click on Query +Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this +job. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp) + +**Step 4 –** To modify sensitive data scan options, select the desired scan options. See the +[SQL: Options](/docs/accessanalyzer/11.6/admin/datacollector/sql/options.md) +page for additional information. + +**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +![DLP Criteria for Scan](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp) + +**Step 5 –** To modify criteria, navigate to the +[SQL: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/sql/criteria.md) +page. By default, the Sensitive Data Scan job is configured to scan for criteria configured in the +Global Criteria settings. See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +![Filters Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp) + +**Step 6 –** MySQL databases must be added to the query before they can be scanned. Navigate to the +**Filter** page and click **Connections** to open the Manage Connections window. + +![Manage Connections](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/manageconnectionsmysql.webp) + +**Step 7 –** In the Manage Connections window, click **New Connection** and add the following +information: + +- Instance Label — The name of the instance +- Database System — Select MySQL from the dropdown list +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the database. The default port for MySQL is 3306 + +Exit the Manage Connections window to return to the Filter page. + +**Step 8 –** On the Filter page, the query is configured by default to target Only select database +objects. Click Retrieve. The Available database objects box will populate. The default filter will +scan all MySQL Databases returned, excluding the listed system schemas and tables in red. Databases +and instances can be added in the following ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Use the Add Custom Filter button to create and apply a custom filter. + +**Step 9 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The MySQL_SensitiveDataScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the MySQL_SensitiveDataScan Job + +Navigate to the **Databases** > **0.Collection** > **MySQL** > **MySQL_SensitiveDataScan** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp) + +The default analysis tasks are: + +- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table +- MySQL SDD Matches View — Bring the MySQL SDD Matches View to the SA console +- MySQL SDD Match Hits View — Bring the MySQL SDD Match Hits View to the SA console +- MySQL SDD AIC Import — Imports to MySQL SDD to the AIC diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_tableprivileges.md b/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_tableprivileges.md new file mode 100644 index 0000000000..caa8906e92 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_tableprivileges.md @@ -0,0 +1,30 @@ +# MySQL_TablePrivileges Job + +The MySQL_TablePrivileges job is designed to collect MySQL table privileges from all the targeted +servers. + +## Queries for the MySQL_TablePrivileges Job + +The MySQL_TablePrivileges Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/querytableprivileges.webp) + +The query is: + +- Table Privileges - Returns table privileges from all the targeted servers. + +## Analysis Task for the MySQL_TablePrivileges Job + +Navigate to the **Databases** > **0.Collection** > **MySQL** > **MySQL_TablePrivileges** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/analysistableprivileges.webp) + +The default analysis task is: + +- AIC Import - MySQL Permissions – Imports MySQL permissions to the AIC. diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/overview.md b/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/overview.md new file mode 100644 index 0000000000..61fbd40f0a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/overview.md @@ -0,0 +1,29 @@ +# 0.Collection Job Group + +The MySQL Solution Collection group is designed to collect high level summary information from +targeted MySQL Servers. This information is used by other jobs in the MySQL Solution Set for further +analysis and producing respective reports. + +![0.Collection Job Group for MySQL](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/0.collectionjobgroup.webp) + +The jobs in the 0.Collection Job Group are: + +- [MySQL_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_configuration.md) + – Designed to collect MySQL server instance and database configuration settings for use in the + following analysis jobs and respective reports +- [MySQL_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_sensitivedatascan.md) + – Designed to discover sensitive data in MySQL databases based on pre-defined or user-defined + search criteria +- [MySQL_TablePrivileges Job](/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_tableprivileges.md) + – Designed to collect MySQL table privileges from all the targeted servers. + +Workflow + +1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the + Recommended Configurations section. See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information. +2. For Sensitive Data Discovery Auditing – Ensure the Sensitive Data Discovery Add-On is installed + on the StealthAUDIT Console server. +3. Schedule the solution to run daily or as desired. +4. Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql/mysql_databasesizing.md b/docs/accessanalyzer/11.6/solutions/databases/mysql/mysql_databasesizing.md new file mode 100644 index 0000000000..7af93389aa --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mysql/mysql_databasesizing.md @@ -0,0 +1,31 @@ +# Configuration > MySQL_DatabaseSizing Job + +The Configuration Job Group is designed to provide insight into MySQL server configuration settings. + +![Configuration Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/configurationjobgroup.webp) + +The job in the Configuration Job Group is: + +- MySQL_DatabaseSizing Job - Provides details on database table sizes and overall database size + +### Analysis Tasks for the MySQL_DatabaseSizing Job + +Navigate to the **Jobs > Databases > MySQL > Configuration > MySQL_DatabaseSizing > Configure** node +and select Analysis to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/analysismysqldatabasesizing.webp) + +The default analysis tasks are: + +- Database Details - Returns size details for MySQL databases +- Database Summary - Summarizes database sizes by host + +In addition to the tables and views created the analysis task, the MySQL_DatabaseSizing Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ----------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report provides details on database tables and sizing. | | This report is comprised of three elements: - Bar Chart - Displays top databases by size (MB) - Bar Chart - Displays database size by host (GB) - Table - Displays details on database sizing | diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql/overview.md b/docs/accessanalyzer/11.6/solutions/databases/mysql/overview.md new file mode 100644 index 0000000000..6b313a9372 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mysql/overview.md @@ -0,0 +1,89 @@ +# MySQL Solution + +Data privacy and security is quickly evolving to be on equal footing with traditional security +measures focused on the network, hardware, or software the data is contained within. Organizations +aligning to concepts like Data-Centric Audit and Protection (DCAP) as defined by Gartner, or the +requirements of strict compliance regulations like EU GDPR, are looking to implement processes that +help them understand where sensitive data is stored, who or what is leveraging their privileges to +access the data, and how each database has been configured. + +As part of Stealthbits comprehensive Data Access Governance suite for structured and unstructured +data, Enterprise Auditor for MySQL automates the process of understanding where MySQL databases +exist and provides an overview of the MySQL environment in order to answer questions around data +access: + +- Who has access to your data? +- Where is sensitive data being stored? + +With visibility into every corner of MySQL, organizations can proactively highlight and prioritize +risks to sensitive data. Additionally, organizations can automate manual, time-consuming, and +expensive processes associated with compliance, security, and operations to easily adhere to best +practices that keep MySQL Server safe and operational. + +The MySQL Solution requires a special Enterprise Auditor license. The Database Solution license +includes all supported database platforms supported by Enterprise Auditor. Additionally, the +Sensitive Data Discovery Add-On enables the solution to search database content for sensitive data. + +By default, the job is configured to use 10 threads, which can be adjusted based on available +resources on the Enterprise Auditor server. + +Supported Platforms + +- MySQL 5.x +- MySQL 8.x +- Amazon MySQL RDS +- Amazon Aurora MySQL Engine +- MariaDB 10.x + +Requirements, Permissions, and Ports + +See the +[Target MySQL Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databasemysql.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans.If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host.For example, if the job is configured to scan 8 hosts at a time , then +an extra 16 GB of RAM are required (8x2=16). + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Location + +The Structured Sensitive Data Discovery License is required to run the MySQL Solution. It can be +installed from the Enterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs +tree, navigate to the solution: Jobs > **Databases** > MySQL. + +The 0.Collection Job Group discovers configuration settings and Sensitive Data in MySQL Instances on +the target hosts. The other job groups analyze and report on the data collected by the 0.Collection +Job Group. + +The Database Solution license includes all supported database platforms supported by Enterprise +Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database +content for sensitive data. + +## Job Groups + +The Enterprise Auditor MySQL Solution Set is a set of pre-configured audit jobs and reports that +provides visibility into MySQL Sensitive Data. + +![MySQL Job Group Overview](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/mysqljobgroupoverview.webp) + +The job groups in the MySQL Solution are: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/overview.md) + – Designed to collect high level summary information from targeted MySQL Servers. This information + is used by other jobs in the MySQL Solution Set for further analysis and producing respective + reports. +- [Configuration > MySQL_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/mysql/mysql_databasesizing.md) + – Designed to provide insight into MySQL server configuration settings +- [MySQL_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/mysql_sensitivedata.md) + – Designed to provide insight into where sensitive data exists and who has access to it across all + the targeted MySQL databases. diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql/recommended.md b/docs/accessanalyzer/11.6/solutions/databases/mysql/recommended.md new file mode 100644 index 0000000000..41be0241c0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mysql/recommended.md @@ -0,0 +1,60 @@ +# Recommended Configurations for the MySQL Solution + +The MySQL Solution has been configured to inherit down from the MySQL > Settings node. However, it +is best practice to assign the host list and the Connection Profile at the data collection level, +0.Collection Job Group. Once these are assigned to the job group, it can be run directly or +scheduled. + +Dependencies + +- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the + Enterprise Auditor Console server +- For AWS RDS and Aurora instances, right-click a job in the **MySQL** > **0.Collection** folder and + open the properties window. Select the **Performance** tab and ensure that the **Skip Hosts that + do not respond to PING**checkbox is not selected. + +Targeted Host(s) + +- The 0.Collection Job Group must be set to run against a custom host list containing the + MySQL database instances / clusters. +- For AWS RDS instances, specify the endpoint when creating a host list. This value may change after + saving the list if the instance is part of a cluster. + +Connection Profile + +The SQL Data Collector requires a specific set of permissions. For the MySQL Solution, the +credentials configured in the Connection Profile must be able to access the MySQL Database. See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information on permissions and creating a SQL custom connection profile. + +The Connection Profile is set to Use the Default Profile, as configured at the global settings +level. However, since this may not be the Connection Profile with the necessary permissions for the +assigned hosts, click the radio button for the Select one of the following user defined profiles +option and select the appropriate Connection Profile drop-down menu. + +Schedule Frequency + +Daily + +Run Order + +The 0.Collection Job Group must be run first before running the other jobs and job groups. + +**_RECOMMENDED:_** Run the solution at the top level: MySQL Job Group + +Query Configuration + +This solution is designed to be run with the default query configurations. However, the +MySQL_SensitiveDataScan Job query can be customized as needed. See the +[Configure the SensitiveDataScan Query](/docs/accessanalyzer/11.6/solutions/databases/mysql/collection/mysql_sensitivedatascan.md#configure-the-sensitivedatascan-query) +topic for additional information. + +Analysis Configuration + +This solution should be run with the default analysis configurations. These analysis tasks are +preconfigured and should not be modified or deselected. + +Disabling obsolete or run-desired jobs allows the solution to run more efficiently. To disable a job +or job group, right-click on the item and select Disable Job. + +**_RECOMMENDED:_** Do not delete any jobs. Instead, jobs should be disabled. diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/mysql_sensitivedata.md b/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/mysql_sensitivedata.md new file mode 100644 index 0000000000..5d130f824e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/mysql_sensitivedata.md @@ -0,0 +1,28 @@ +# MySQL_SensitiveData Job + +The MySQL_SensitiveData Job is designed to provide information on all the sensitive data that was +discovered in the targeted MySQL servers based on the selected scan criteria. + +## Analysis Tasks for the MySQL_SensitiveData Job + +Navigate to the **Jobs > MySQL > Sensitive Data > MySQL_SensitiveData > Configure** node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp) + +The default analysis tasks are: + +- Sensitive Data Details - Returns details around sensitive data in MySQL +- Database Summary - Summarizes sensitive data in MySQL by database +- Enterprise Summary - Summarizes MySQL sensitive data for the organization + +In addition to the tables and views created the analysis task, the MySQL_SensitiveData Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | | This report is comprised of two elements: - Bar Chart - Displays exceptions by match count - Table - Displays exception details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases by sensitive data - Table - Provides details on sensitive data | diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/mysql_sensitivedatapermissions.md b/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/mysql_sensitivedatapermissions.md new file mode 100644 index 0000000000..be7552081b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/mysql_sensitivedatapermissions.md @@ -0,0 +1,29 @@ +# MySQL_SensitiveDataPermissions Job + +The MySQL_SensitiveDataPermissions Job is designed to provide information on all types of +permissions on database objects containing sensitive data across all the targeted MySQL servers +based on the selected scan criteria. + +## Analysis Tasks for the MySQL_SensitiveData Job + +Navigate to the **Jobs > MySQL > Sensitive Data > MySQL_SensitiveDataPermissions > Configure** node +and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp) + +The default analysis tasks are: + +- Sensitive Data Permission Details – Creates the MySQL_SensitiveDataPermissions_Details table + accessible under the job’s Results node +- Sensitive Data Permissions Database Summary – Creates the + MySQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the +MySQL_SensitiveDataPermissions Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/overview.md b/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/overview.md new file mode 100644 index 0000000000..e9500c9849 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/overview.md @@ -0,0 +1,15 @@ +# Sensitive Data Job Group + +The Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who +has access to it across all the targeted MySQL databases. + +![Sensitive Data Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) + +The job in the Sensitive Data Job Group is: + +- [MySQL_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/mysql_sensitivedata.md) - + Designed to provide information on all the sensitive data that was discovered in the targeted + MySQL servers based on the selected scan criteria +- [MySQL_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/mysql_sensitivedatapermissions.md) - + Designed to provide information on all types of permissions on database objects containing + sensitive data across all the targeted MySQL servers based on the selected scan criteria. diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md b/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md deleted file mode 100644 index 301e9c7747..0000000000 --- a/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md +++ /dev/null @@ -1,1480 +0,0 @@ -# Oracle_Activity Job - -The Oracle_Activity Job is designed to provide insight into user activity in target Oracle database -servers and instances based on Oracle Unified Audit settings. - -## Analysis Tasks for the Oracle_Activity Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_Activity** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup26.webp) - -The default analysis tasks are: - -- Oracle Activity Details – Creates the SA_Oracle_Activity_Details table accessible under the job’s - Results node -- Activity Database Summary – Summarizes all activity by database. Creates the - SA_Oracle_Activity_UserDatabaseSummary table accessible under the job’s Results node. -- Activity Instance Summary – Summarizes Oracle activity by Instance. Creates the - SA_Oracle_Activity_UserInstanceSummary table accessible under the job’s Results node. - -In addition to the tables and views created the analysis task, the Oracle_Activity Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ---------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| User Activity Summary | This report lists all Oracle events, and summarizes them by database and instance. | None | This report is comprised of three elements: - Bar Chart – Displays users with most events by instance - Table – Provides details on users with most events by instance - Table – Provides details on event details | - -# Oracle_Logons Job - -The Oracle_Logons Job is designed to provide insight into failed and successful Oracle database -login activity across all targeted Oracle database servers. - -## Analysis Tasks for the Oracle_Logons Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_Logons** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup27.webp) - -The default analysis tasks are: - -- Oracle Logons – Reports on all Oracle logon events. Creates the SA_Oracle_Logons_Details table - accessible under the job’s Results node. -- Logons Summary – Provides a summary of logons by Instance. Creates the SA_Oracle_Logons_Summary - table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the Oracle_Logons Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------- | ----------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Logon Summary | This report outlines successful and failed logins over the last 30 days | None | This report is comprised of three elements: - Bar Chart – Displays top instances by failed logons - Table – Provides details on logon summary - Table – Provides details on logon details | - -# Oracle_PermissionChanges Job - -The Oracle_PermissionsChanges Job is designed to provide detailed information about changes in -permissions across all database objects. Audited activities include granting, altering, and revoking -permissions on database objects. - -## Analysis Tasks for the Oracle_PermissionsChanges Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_PermissionChanges** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup28.webp) - -The default analysis tasks are: - -- Oracle Permission Changes – Highlights activity involving permission changes on audited Oracle - Instances. Creates the SA_Oracle_PermissionChange_Details table accessible under the job’s Results - node. -- Oracle Permission Changes Instance Summary – Summarizes Permission Changes per Instance. Creates - the SA_Oracle_PermissionChange_Summary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_PermissionsChanges Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------- | ----------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Permission Change Activity Summary | This report lists all permission change related Oracle events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission change activity - Table –  Provides details on instances by permission change activity - Table – Provides details on permission change details | - -# Oracle_SchemaChanges Job - -The Oracle_SchemaChanges Job is designed to provide detailed information about changes in schema -across all database objects. - -## Analysis Tasks for the Oracle_SchemaChanges Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_SchemaChanges** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup29.webp) - -The default analysis tasks are: - -- Oracle Schema Change Details – Highlights activity involving schema changes in the audited Oracle - Instances. Creates the SA_Oracle_SchemaChange_Details table accessible under the job’s Results - node. -- Schema Change Summary – Summarizes schema changes per instance. Creates the - SA_Oracle_SchemaChange_Summary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_SchemaChanges Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Schema Change Activity | This report lists all schema change related Oracle events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by schema change activity - Table –  Provides details on instances by schema change activity - Table – Provides details on schema change details | - -# Oracle_SensitiveDataActivity Job - -The Oracle_SensitiveDataActivity Job is designed to provide detailed information about DML (UPDATE, -INSERT, DELETE, TRUNCATE) against objects containing sensitive data. - -## Analysis Tasks for the Oracle_SensitiveDataActivity Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_SensitiveDataActivity** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup30.webp) - -The default analysis tasks are: - -- SDD Activity – Highlights activity on Oracle sensitive data. Creates the - SA_Oracle_SensitiveDataActivity_Details table accessible under the job’s Results node. -- SDD Activity Instance Summary – Summarizes SDD Activity by Instance. Creates the - SA_Oracle_SensitiveDataActivity_UserSummary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the Oracle_SensitiveDataActivity -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | --------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Activity | This report highlights events in databases containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance - Table – Provides details on user activity by instance - Table – Provides details on sensitive data activity details by database | - -# Oracle_SuspiciousActivity Job - -The Oracle_SuspiciousActivity job is designed to provide insight into suspicious behavior based on -user activity that does not conform to normal database activity. - -## Analysis Tasks for the Oracle_SuspiciousActivity Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_SuspiciousActivity** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup31.webp) - -The default analysis tasks are: - -- Oracle Suspicious Activity Details – Analyzes the audited events and collects those that represent - suspicious activity by the database users. Creates the SA_Oracle_SuspiciousActivity_Details table - accessible under the job’s Results node. -- Suspicious Activity Instance Summary – Summarizes all suspicious activity found and groups it by - instance. Creates the SA_Oracle_SuspiciousActivity_Summary table accessible under the job’s - Results node. - -In addition to the tables and views created by the analysis task, the Oracle_SuspiciousActivity Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Suspicious Activity | This report highlights the number of suspicious events found per instance as well as provides the details about those events | None | This report is comprised of three elements: - Bar Chart – Displays suspicious activity by instance - Table –  Provides details on suspicious activity by instance - Table – Provides details on suspicious activity details | - -# Oracle_UnusualActivity Job - -The Oracle_UnusualActivity job has analysis tasks and reports that use data collected by the -0.Collection Job Group to analyze user activity based on audited actions and identify any outliers -based on a modified z-score. Modified z-scores of 3.5 or over are considered possible outliers. - -## Analysis Tasks for the Oracle_UnusualActivity Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_UnusualActivity** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup32.webp) - -The default analysis tasks are: - -- Unusual Hourly Activity Details – Finds user activity outliers based on median hourly activity of - all users in that instance. Creates the SA_Oracle_UnusualHourlyActivity_Details table accessible - under the job’s Results node. -- Hourly Unusual Activity Summary – Groups unusual activity outliers by instance. Creates the - SA_Oracle_UnusualHourlyActivity_Summary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_UnusualActivity Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | -------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Unusual Hourly Activity | This report highlights the number of unusual events found per instance, hourly as well as provides details on those events | None | This report is comprised of three elements: - Bar Chart – Displays unusual user activity - Table – Provides details on number of outliers per instance - Table – Provides details on unusual user activity details | - -# 2.Activity Job Group - -The 2.Activity Job Group is designed to provide insight into user login activity, object permission -changes, unusual database activity, SQL activity against sensitive data, and SQL activity against -selective or all database objects. - -![Activity Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup25.webp) - -The jobs in the 2.Activity Job Group are: - -- [Oracle_Activity Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to provide insight into user activity in target Oracle database server - instances and databases in each instance based on the Oracle Unified Audit settings -- [Oracle_Logons Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job group is designed to provide insight into failed and successful Oracle database login - activity across all the targeted Oracle database servers -- [Oracle_PermissionChanges Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to provide detailed information about the changes in permissions across all - the database objects. Audited activities include granting, altering, and revoking permissions on - database objects. -- [Oracle_SchemaChanges Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to provide detailed information about the changes in permissions across all - the database objects. Audited activities include granting, altering, and revoking permissions on - database objects. -- [Oracle_SensitiveDataActivity Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to provide detailed information about all the DML (UPDATE, INSERT, DELETE, - TRUNCATE) against objects containing sensitive data -- [Oracle_SuspiciousActivity Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to provide insight into suspicious behavior based on user activity that - does not conform to normal database activity -- [Oracle_UnusualActivity Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to analyze user activity based on the audited actions and identify any - outliers based on a modified z-score. Modified z-scores of 3.5 or higher are considered to be - possible outliers. - -# 0-Oracle_Servers Job - -The 0-Oracle_Servers job is designed to enumerate and store the list of Oracle Database Instances -running on the targeted servers. - -## Query for the Oracle_Servers Job - -The Server Discovery query uses the PowerShell Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup3.webp) - -- Oracle Servers – Returns a list of Oracle servers from the specified host list - -Regarding Oracle instance discovery, there may be errors running the query that are not reported. An -additional log to store the issues has been added for instance discoveries named -`Oracle_Server_log_[target_hostname]`. This file can be found in -`%sainstalldir%\Jobs\GROUP_ORACLE_0.Collection\GROUP_1.Discovery\JOB_Oracle_Servers\OUTPUT`. See the -[PowerShell Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -topic for additional information. - -## Analysis Task for the Oracle_Servers Job - -Navigate to the **Databases** > **0.Collection** > **Oracle** > **0-Oracle_Servers** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup4.webp) - -The default analysis task is: - -- Insert Instances in SA_SQL_Instances table – Creates the SA_SQL_Instances table accessible under - the job’s Results node - -# 1-Oracle_PermissionsScan Job - -The 1-Oracle_PermissionsScan Job is designed to collect Oracle database level permissions from all -targeted Oracle database servers. - -## Query for the 1-Oracle_PermissionsScan Job - -The PermissionsScan query uses the SQL Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup6.webp) - -- PermissionsScan – Collects permissions from targeted instances - -### Configure the 1-Oracle_PermissionsScan Query - -The 1-Oracle_PermissionsScan Job is preconfigured to run using the default settings for the -Permissions Collection category in the SQL Data Collector. Follow the steps to customize -configurations: - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > -**1-Oracle_PermissionsScan** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the PermissionScan query and click on Query -Properties. The Query Properties window opens. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -![Filter Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp) - -**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default -query target is All Databases. The default query scope is Only select database objects. Click -Retrieve. The Available database objects section will be populated. Databases and instances can be -added in the following ways: - -- Select the desired database objects and click Add -- Use the Import CSV button to import a list from a CSV file, if desired -- Optionally, use the Add Custom Filter button to create and apply a custom filter - -**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 1-Oracle_PermissionsScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 1-Oracle_PermissionsScan Job - -Navigate to the **Databases** > **0.Collection** > **Oracle** > **1-Oracle_PermissionsScan** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup8.webp) - -The default analysis tasks are: - -- Oracle Setup – Sets up functions and tables for the Oracle Solution Set -- Oracle Permissions Import – Imports Oracle permissions into the AIC -- Oracle Local Groups Import – Creates the SA_AIC_LocalGroupsImport table accessible under the job’s - Results node - -# 2-Oracle_SensitiveDataScan Job - -The 2-Oracle_SensitiveDataScan Job discovers sensitive data in Oracle databases across all targeted -Oracle database servers based on pre-defined or user-defined search criteria. - -Special Dependency - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - - See the - [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) - topic for installation information. - - See the - [Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md) - topic for additional information. - -**NOTE:** Though the job is visible within the console, it requires an additional installer package -before data collection will occur. - -## Query for the 2-Oracle_SensitiveDataScan Job - -The SensitiveDataScan Query uses the SQL Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup9.webp) - -- SensitiveDataScan – Collects Sensitive Data from targeted instances - -### Configure the 2-Oracle_SensitiveDataScan Query - -The 2-Oracle_SensitiveDataScan Job is preconfigured to run using the default settings for the -Sensitive Data Collection category in the SQL Data Collector. Follow the steps to customize -configurations: - -**Step 1 –** Navigate to the **Databases > 0.Collection >** Oracle > > 2-Oracle_SensitiveDataScan > -Configure node and select Queries. - -**Step 2 –** In the Query Selection view, select the SensitiveDataScan query and click on Query -Properties. The Query Properties window opens. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -![Sensitive Data Scan Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/optionspage.webp) - -**Step 4 –** Navigate to the Options page. Enable or disable configuration options as needed. Click -Next to continue. - -![Criteria Page of the SQL Data Collector Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/criteriapage.webp) - -**Step 5 –** Navigate to the Criteria page. Select or deselect criteria used to define sensitive -data. Click Next to continue. - -![Filter Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp) - -**Step 6 –** To query for specific databases/instances, navigate to the Filter page. The default -query target is All Databases. The default query scope is Only select database objects. Click -Retrieve. The Available database objects section will be populated. Databases and instances can be -added in the following ways: - -- Select the desired database objects and click Add -- Use the Import CSV button to import a list from a CSV file, if desired -- Optionally, use the Add Custom Filter button to create and apply a custom filter - -**Step 7 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 2-Oracle_SensitiveDataScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 2-Oracle_SensitiveDataScan Job - -Navigate to the **Databases** > **0.Collection** > **Oracle** > **2-Oracle_SensitiveDataScan** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup13.webp) - -The default analysis tasks are: - -- Oracle SDD Permission View – Creates a view of all permissions on sensitive data -- Oracle Effective SDD Perms – Creates a view of effective permissions on Oracle SDD data -- Oracle SDD Import – Creates the SA_AIC_SddMatchesImport table accessible under the job’s Results - node - -# 3-Oracle_ActivityScan Job - -The 3-Oracle_ActivityScan Job captures user activity from all the targeted Oracle database servers. - -Special Dependency - -- Oracle Server Audit Specifications to be configured on the target databases - - Audit destination must be a binary file - - See the Microsoft - [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) - article for additional information. - -## Query for the 3-Oracle_ActivityScan Job - -The ActivityScan Query uses the SQL Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup14.webp) - -- ActivityScan – Collects activity from targeted instances - -### Configure the 3-Oracle_ActivityScan Query - -The 3-Oracle_ActivityScan Job is preconfigured to run using the default settings for the Server -Audit Events Collection category in the SQL Data Collector. Follow the steps to customize -configurations: - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > -**3-Oracle_ActivityScan** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the ActivityScan query and click on Query -Properties. The Query Properties window opens. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -![Sensitive Data Scan Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/optionspage.webp) - -**Step 4 –** Navigate to the Options page. Enable or disable configuration options as needed. Click -Next to continue. - -![Filter Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp) - -**Step 5 –** To query for specific databases/instances, navigate to the Filter page. The default -query target is All Databases. The default query scope is Only select database objects. Click -Retrieve. The Available database objects section will be populated. Databases and instances can be -added in the following ways: - -- Select the desired database objects and click Add -- Use the Import CSV button to import a list from a CSV file, if desired -- Optionally, use the Add Custom Filter button to create and apply a custom filter - -**Step 6 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 3-Oracle_ActivityScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 3-Oracle_ActivityScan Job - -Navigate to the **Databases** > **0.Collection** > **Oracle** > **3-Oracle_ActivityScan** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup16.webp) - -The default analysis tasks are: - -- Oracle Activity Import – Creates the SA_AIC_ActivityEventsImport table accessible under the job’s - Results node -- Delete Activity Older than 30 Days – Drops Activity from the AIC tables older than 30 days - -# 4-Oracle_DefaultPasswordUsers Job - -The 4-Oracle_DefaultPasswordUsers Job provides a list of users in the database that are configured -to use default passwords. - -## Query for the 4-Oracle_DefaultPasswordUsers Job - -The 4-Oracle_DefaultPasswordUsers Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup17.webp) - -- Users with Default Passwords – Collects usernames of users whose passwords have not been updated - since the database creation - -### Configure the 4-Oracle_DefaultPasswordUsers Query - -The 4-Oracle_DefaultPasswordUsers Job is preconfigured to run using the default settings for the -Permissions Collection category in the SQL Data Collector. Follow the steps to customize -configurations: - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > -**4-Oracle_DefaultPasswordUsers** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the Users with Default Passwords query and click on -Query Properties. The Query Properties window opens. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -![Filters Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp) - -**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default -query target is All Databases. The default query scope is Only select database objects. Click -Retrieve. The Available database objects section will be populated. Databases and instances can be -added in the following ways: - -- Select the desired database objects and click Add -- Use the Import CSV button to import a list from a CSV file, if desired -- Optionally, use the Add Custom Filter button to create and apply a custom filter - -**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 4-Oracle_DefaultPasswordUsers Job is now ready to run with the customized settings. - -# 5-Oracle_Configuration Job - -The 5-Oracle_Configuration Job is designed to return additional configuration settings from Oracle -servers. - -## Queries for the 5-Oracle_Configuration Job - -The queries for the 5-Oracle_Configuration Job query uses the SQL Data Collector. - -![5oracleconfigurationqueries](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp) - -The queries are: - -- Database Sizing – Returns database size data -- Database Links – Returns details about Oracle database links - -### Configure the 5-Oracle_Configuration Queries - -The 5-Oracle_Configuration Job is preconfigured to run using the default settings for the Custom -Oracle Query category in the SQL Data Collector. Follow the steps to customize configurations: - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > -**5-Oracle_Configuration Job** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select one of the queries and click on Query Properties. -The Query Properties window opens. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -![Filters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp) - -**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default -query target is All Databases. The default query scope is Only select database objects. Click -Retrieve. The Available database objects section will be populated. Databases and instances can be -added in the following ways: - -- Select the desired database objects and click Add -- Use the Import CSV button to import a list from a CSV file, if desired -- Optionally, use the Add Custom Filter button to create and apply a custom filter - -**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 5-Oracle_Configuration Job is now ready to run with the customized settings. - -# 0.Collection Job Group - -The Oracle Job Group is designed to collect a high level summary of information from the targeted -Oracle Database Servers. This information is used by other jobs in the Oracle Job Group for further -analysis, and for producing reports. - -![Oracle 0Collection Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/0collection.webp) - -The job groups in the 0.Collection Job Group are: - -- [0-Oracle_Servers Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to enumerate and store the list of Oracle Database Instances running on the - targeted servers -- [1-Oracle_PermissionsScan Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to collect Oracle database level permissions from all the targeted Oracle - database servers -- [2-Oracle_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to discover sensitive data in the Oracle database across all the targeted - Oracle database servers based on pre-defined or user-defined search criteria -- [3-Oracle_ActivityScan Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to capture user activity from all the targeted Oracle database servers -- [4-Oracle_DefaultPasswordUsers Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to provide a list of users in the database that are configured to use - default passwords -- [5-Oracle_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to return additional configuration settings from Oracle servers. - -# Oracle_DatabaseLinks Job - -The Oracle_DatabaseLinks Job contains a report that provides information on Database Links where the -listed Oracle Server is able to execute remote commands. - -## Analysis Tasks for the Oracle_DatabaseLinks Job - -Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DatabaseLinks -Job >Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisdblinks.webp) - -The default analysis tasks are: - -- Database Link Details – Provides details about Oracle Database links -- Oracle Database Link Summary – Summarizes Oracle Database links by instance - -In addition to the tables created by the analysis tasks, the **Oracle_DatabaseLinks Job** produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | -------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Links | This report highlights Database Links where the listed Oracle Server is able to execute remote commands. | None | This report is comprised of three elements: - Bar Chart – Provides information on top five database links by instance - Bar Chart – Provides information on database links by instance (GB) - Table – Provides details on database links | - -# Oracle_DatabaseSizing Job - -The Oracle_DatabaseSizing Job provides details on tablespace file sizes and overall tablespace -sizes. - -## Analysis Tasks for the Oracle_DatabaseSizing Job - -Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DatabaseSizing -Job >Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisdbsizing.webp) - -The default analysis tasks are: - -- Database Sizing Details – Provides details on database files and sizes -- Database Sizing Summary – Summarizes file size by instance - -In addition to the tables created by the analysis tasks, the **Oracle_DatabaseSizing Job** produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | -------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report highlights the size of tablespace files in Oracle. | None | This report is comprised of three elements: - Bar Chart – Provides information on top tablespaces by size - Bar Chart – Provides information on size by host (GB) - Table – Provides details on database sizes | - -# Oracle_DataDictionaryProtection Job - -The Oracle_DataDictionaryProtection Job is designed to identify if the Oracle data dictionary views -are accessible by all schemas. Oracle best practice recommendation is to restrict access to data -dictionary views by default and grant explicit system privileges to access the dictionary views when -needed. - -## Analysis Tasks for the Oracle_DataDictionaryProtection Job - -Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DataDictionaryProtection > -Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisddprotection.webp) - -The default analysis tasks are: - -- Find Instances with Modifiable Data Dictionary – Finds Oracle database instances where data - dictionary can be modified by users with system privilege access. Creates the - SA_Oracle_DictionaryAccessible_Details table accessible under the jobs Result’s node. -- Data Dictionary Accessibility Summary – Highlights the number of database instances with the data - dictionary access enabled and disabled. Creates the SA_Oracle_DictionaryAccessible_Summary table - accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the -**Oracle_DataDictionaryProtection Job** produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | ------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Data Dictionary Accessibility | The report highlights the number of instances with either accessible or inaccessible data dictionaries | None | This report is comprised of two elements: - Pie Chart – Displays data dictionary accessibility - Table – Provides information on dictionary accessibility details | - -# Oracle_InstanceNameIssues Job - -The Oracle_InstanceNameIssues Job discovers if names used for Oracle database instances conform to -Oracle recommended best practices. The job also checks to see if Oracle SIDs conform to DISA STIG -V-61413 – Oracle instance name or SID should not contain Oracle version numbers. - -## Analysis Tasks for the Oracle_InstanceNameIssues Job - -Navigate to the **Jobs > Databases > Oracle > 4.Configuration > Oracle_InstanceNameIssues > -Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisinstancenameissues.webp) - -The default analysis tasks are: - -- Find Weak Instance Names – Checks SID names for default names and version numbers. Creates the - SA_Oracle_WeakInstanceNames_Details table accessible under the job’s Results node. -- Summarize Number of Weak Instance Names – Counts the number of weak instance names in all - instances. Creates the SA_Oracle_WeakInstanceNames_Summary table accessible under the job’s - Results node. - -In addition to the tables and views created by the analysis task, the **Oracle_InstanceNameIssues -Job** produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ---------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Instance Name Issues | This report highlights default instance names or those containing version numbers. | None | This report is comprised of two elements: - Pie Chart – Displays percentage of instance names with issues - Table – Provides details of instance issues | - -# Oracle_RemoteOSAuthentication Job - -The Oracle_RemoteOSAuthentication Job is designed to discover if remote OS authentication is enabled -for the targeted Oracle database servers. - -## Analysis Tasks for the Oracle_RemoteOSAuthentication Job - -Navigate to the **Jobs > Databases > Oracle > 4.Configuration > Oracle_RemoteOSAuthentication > -Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisremoteosauth.webp) - -The default analysis tasks are: - -- Find Instances With Remote OS Authentication Enabled – Finds database instances with remote OS - authentication setting set to “TRUE”. Creates the SA_Oracle_RemoteAuthenticationEnabled_Details - table accessible under the job’s Results node. -- Remote OS Authentication Summary – Counts the number of database instances where the - ‘remote_os_authent’ parameter is set to “TRUE” and also those that are set to “FALSE”. Creates the - SA_Oracle_RemoteOSAuthentication_Summary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_RemoteOSAuthentication -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------- | ------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Oracle Remote OS Authentication | This report shows the number of instances that have remote_os_auth parameter set to “TRUE” | None | This report is comprised of two elements: - Pie Chart – Displays remote OS authentication - Table – Provides information on remote OS authentication details | - -# 4.Configuration Job Group - -The SQL > 4.Configuration Job Group Is designed to provide insight into potential vulnerabilities -related to Oracle Database Instance configuration settings. - -![Configuration Job Group - Oracle](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/configoverview.webp) - -The jobs in the 4.Configuration Job Group are: - -- [Oracle_DatabaseLinks Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – Contains a report that provides information on Database Links where the listed Oracle Server is - able to execute remote commands -- [Oracle_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – Provides details on tablespace file sizes and overall tablespace sizes -- [Oracle_DataDictionaryProtection Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to identify if the Oracle data dictionary views are accessible by all the - schemas or not. Oracle best practice recommendations are to restrict access to data dictionary - views by default and grant explicit system privilege to access the dictionary views when needed. -- [Oracle_InstanceNameIssues Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to find out if the names used for the Oracle database instances conform to - Oracle recommended best practices. The job also checks to see if the Oracle SID conforms to DISA - STIG V-61413 – Oracle instance name or SID should not contain Oracle version numbers. -- [Oracle_RemoteOSAuthentication Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to find out if remote OS authentication is enabled for the targeted Oracle - database servers - -# Oracle_SecurityAssessment Job - -The Oracle_SecurityAssessment Job is designed to summarize and categorize the security findings from -the Oracle Solution into HIGH, MEDIUM, LOW, and NO FINDING categories base on severity. - -![Oracle Security Assessment Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/jobgroup46.webp) - -## Analysis Tasks for the Oracle_SecurityAssessment Job - -Navigate to the **Databases** > **Oracle** > **Oracle_SecurityAssessment** > **Configure** node and -select Analysis to view the analysis tasks. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/jobgroup47.webp) - -The default analysis task is: - -- Summarize Audit Findings – Aggregates all security issues in the Oracle environment. Creates the - #scopeOfAudit table used to create the Oracle Security Assessment report under the Configure > - Reports node - -In addition to the tables and views created by the analysis task, the Oracle_SecurityAssessment Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Oracle Security Assessment | This report summarizes security related results from the Oracle solution set. | Security Assessment | This report is comprised of four elements: - Table – Provides information on the scope of the audit - Pie Chart – Displays remote OS authentication - Table – Displays findings by category - Table – Provides details of the security assessment | - -# Oracle Solution - -Data privacy and security is quickly evolving to be on equal footing with traditional security -measures focused on the network, hardware, or software the data is contained within. Organizations -aligning to concepts like Data-Centric Audit and Protection (DCAP) as defined by Gartner, or the -requirements of strict compliance regulations like EU GDPR, are looking to implement processes that -help them understand where sensitive data is stored, who or what is leveraging their privileges to -access the data, and how each database has been configured. - -This solution is a comprehensive part of the Data Access Governance suite for structured and -unstructured data. Enterprise Auditor for Oracle automates the process of understanding where Oracle -databases exist and provides an overview of the Oracle environment in order to answer questions -around data access: - -- Who HAS access to your data? -- Who IS accessing your data? -- What sensitive data IS being stored and accessed? - -With visibility into every corner of Oracle® server and the Windows® operating system it relies -upon, organizations can proactively highlight and prioritize risks to sensitive data. Additionally, -organizations can automate manual, time-consuming, and expensive processes associated with -compliance, security, and operations to easily adhere to best practices that keep Oracle Server safe -and operational. - -The Oracle Solution requires a special Enterprise Auditor license. The Database Solution license -includes all supported database platforms supported by Enterprise Auditor. Additionally, the -Sensitive Data Discovery Add-On enables the solution to search database content for sensitive data. - -Supported Platforms - -- Oracle Database 12c -- Oracle Database 18c -- Oracle Database 19c - -Requirements, Permissions, and Ports - -See the -[Target Oracle Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For example, if the job is -configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Location - -The Oracle Solution requires a special Enterprise Auditor license. It can be installed from the -Enterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to -the solution: **Jobs** > **Databases** > **0.Collection** > **Oracle** for the 0.Collection job -group for Oracle. - -The 0.Collection Job Group discovers Oracle Instances on the target hosts. The other job groups at -**Jobs** > **Databases** > **Oracle** analyze and report on the data collected by the 0.Collection -Job Group. - -The Database Solution license includes all supported database platforms supported by Enterprise -Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database -content for sensitive data. - -## Job Groups - -The Oracle Solution is a comprehensive set of pre-configured audit jobs and reports that provide -visibility into various aspects of an Oracle Database Server, including information on Users and -Roles, Sensitive Data Discovery, Object Permissions, Configuration, User Activity, and overall -Security Assessment. - -![Oracle Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/oraclejobgroup.webp) - -The job groups/jobs in the Oracle Solution are: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job group is designed to collect high level summary information from targeted Oracle - Database Servers. This information is used by other jobs in the Oracle solution set for further - analysis and for producing respective reports. The O.Collection job group is located at **Jobs** > - **Databases** > **0.Collection** > **Oracle**. -- [1.Users and Roles Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job group is designed to provide insight into user security, roles, and object permissions - on all the Oracle database objects -- [2.Activity Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job group is designed to provide insight into user login activity, object permission - changes, any unusual database activity, SQL activity against sensitive data, and SQL activity - against selective or all database objects -- [3.Permissions Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job group is designed to provide insight into all types of permissions at the instance, - database, and object level across all the targeted Oracle database servers -- [4.Configuration Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job group is designed to provide insight into potential vulnerabilities related to Oracle - Database Instance configuration settings -- [5.Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to provide insight into where sensitive data exists, and who has access to - it across all the targeted Oracle database servers - - Requires the Sensitive Data Discovery Add-On. -- [Oracle_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to summarize and categorize the security findings into HIGH, MEDIUM, LOW, - and NO FINDING categories based on their severity - -# Oracle_DomainUserPermissions Job - -The Oracle_DomainUserPermissions Job provides insight into Microsoft Active Directory domain user -accesses to Oracle database objects both at the instance and object level. - -## Analysis Tasks for the Oracle_DomainUserPermissions Job - -Navigate to the **Oracle** > **3.Permissions** > **Oracle_DomainUserPermissions** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup34.webp) - -The default analysis tasks are: - -- Calculate domain user permissions details – Creates the SA_ORACLE_DomainUserPermissions_Details - table accessible under the job’s Results node -- Summarize domain user permissions – Creates the SA_ORACLE_DomainUserPermissions_Summary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the Oracle_DomainUserPermissions -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | --------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain User Access | This report looks at permissions granted to domain users across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance count - Table – Provides details on access sprawl - Table – Provides information on permission details | - -# Oracle_ObjectPermissions Job - -The Oracle_ObjectPermissions Job provides insight into user and role permissions to database objects -in targeted Oracle database servers. - -## Analysis Tasks for the Oracle_ObjectPermissions Job - -Navigate to the **Oracle** > **3.Permissions** > **Oracle_ObjectPermissions** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup35.webp) - -The default analysis tasks are: - -- Oracle Object Permissions – Highlights permissions on Oracle Objects. Creates the - SA_Oracle_ObjectPermission_Details table accessible under the job’s Results node. -- Object Permissions Instance Summary – Summarizes Object Permissions by Instance. Creates the - SA_Oracle_ObjectPermission_InstanceSummary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_ObjectPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ----------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Oracle Object Permissions | This report highlights Object permissions and summarizes them by instance and domain user | None | This report is comprised of three elements: - Bar Chart – Displays top instances by object permissions - Table –  Provides details on instances by object permission count - Table – Provides details on object permissions | - -# Oracle_PublicPermissions Job - -The Oracle_PublicPermissions Job provides a list of permissions assigned to Public profile in -targeted Oracle database servers. - -## Analysis Tasks for the Oracle_PublicPermissions Job - -Navigate to the **Oracle** > **3.Permissions** > **Oracle_PublicPermissions** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup36.webp) - -The default analysis tasks are: - -- Oracle Public Permissions – Analyzes permissions for the Public Oracle account. Creates the - SA_Oracle_PublicPermission_Details table accessible under the job’s Results node. -- Public Permissions Instance Summary – Summarizes public permissions by Instance. Creates the - SA_Oracle_PublicPermission_InstanceSummary accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_PublicPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Public Permissions | This report highlights public permissions and summarizes them by instance | None | This report is comprised of three elements: - Bar Chart – Displays top instances by public permission - Table – Provides details on instances by public permission count - Table – Provides details on public permission details | - -# Oracle_ServerPermissions Job - -The Oracle_ServerPermissions Job analyzes permissions granted at the database level and reports on -effective database level permissions across all audited Oracle database servers. - -## Analysis Tasks for the Oracle_ServerPermissions Job - -Navigate to the **Oracle** > **3.Permissions** > **Oracle_ServerPermissions** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup37.webp) - -The default analysis tasks are: - -- Determine Server Permissions – Highlights Oracle permissions on the Server. Creates the - SA_Oracle_ServerPermission_Details table accessible under the job’s Results node. -- Server Permissions Instance Summary – Summarizes server permissions by Instance. Creates the - SA_Oracle_ServerPermission_InstanceSummary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_ServerPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Server Permissions | This report highlights server permissions and summarizes them by instance | None | This report is comprised of three elements: - Bar Chart – Displays top instances by server permissions - Table – Provides details on instances by server permission count - Table – Provides details on server permissions | - -# Oracle_SysSchemaPermissions Job - -The Oracle_SysSchemaPermissions Job provides insight into users that have access to objects in the -SYS schema, and the type permissions to those objects across all audited Oracle database servers. - -## Analysis Tasks for the Oracle_SysSchemaPermissions Job - -Navigate to the **Oracle** > **3.Permissions** > **Oracle_SysSchemaPermissions** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup38.webp) - -The default analysis tasks are: - -- Oracle Sys Schema Permissions – Highlights all permissions on tables in the Oracle schema. Creates - the SA_Oracle_SysSchema table accessible under the job’s Results table. -- Oracle Sys Schema Summary – Summarizes sys schema permissions per instance. Creates the - SA_Oracle_SysSchema_InstanceSummary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the Oracle_SysSchemaPermissions -Job produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ---------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SYS Schema Permissions | This report highlights SYS schema permissions across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays sys schema permission by instance - Table – Provides details on sys schema permissions by instance - Table – Provides details on sys schema permission details | - -# 3.Permissions Job Group - -The 3.Permissions Job Group is designed to provide insight into all types of permissions at the -instance, database, and object levels across all targeted Oracle database servers. - -![Permissions Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup33.webp) - -The jobs in the 3.Permissions Job Group are: - -- [Oracle_DomainUserPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job will provide insight into Microsoft Active Directory domain users access to Oracle - database objects both at the instance and object level -- [Oracle_ObjectPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job will provide insight into user and role permissions to all the database objects in the - targeted Oracle database server -- [Oracle_PublicPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job provides the list of all the permission assigned to the PUBLIC profile in all the - targeted Oracle database servers -- [Oracle_ServerPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job analyzes all the permission granted at the database level and repots on the effective - database level permissions across all the audited Oracle database servers -- [Oracle_SysSchemaPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job provides insight into all the users who have access to the objects in the SYS schema - and the type permissions to those objects across all the audited Oracle database servers - -# Recommended Configuration - -The Oracle Solution has been configured to inherit down from the Oracle > Settings node. However, it -is best practice to assign the host list and the Connection Profile at the data collection level, -0.Collection Job Group. Once these are assigned to the job group, it can be run directly or -scheduled. - -Dependencies - -- .Active Directory Inventory Job Group run successfully -- For Activity Auditing – Oracle Server audit specifications to be configured on the target - databases -- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the - Enterprise Auditor Console server - -Some of the queries in the **Jobs** > **Databases** > **0.Collection** > **Oracle Job Group** can be -scoped to target specific databases and/or instances. However, it is necessary for the -SA_SQL_Instances table to be populated before attempting to scope the queries. Therefore, the -0-Oracle_Servers job must be executed before attempting to scope the rest of the 0.Collection Job -Group queries. - -Targeted Host(s) - -The 0.Collection Job Group must be set to run against the following dynamic host list: - -- Oracle Servers - -Default dynamic host lists are populated from hosts in the Host Master Table which meet the host -inventory criteria for the list. Ensure the appropriate host list(s) have been populated through -host inventory results. - -Connection Profile - -The SQL Data Collector requires a specific set of permissions. The account used can be either an -Active Directory account or an Oracle account. - -For a Windows-integrated Oracle instance it is possible to use one Active Directory credential that -has permissions on both the Oracle database and the server. This will not generally be the case in -most customer environments, but it is possible. - -If the required permissions are assigned to one Active Directory credential, once the account has -been provisioned, create a custom Connection Profile containing the credentials for the targeted -environment. See the -[SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -topic for additional information on permissions and creating a SQL custom connection profile. - -Alternatively, create a connection profile with both the Oracle database credentials and the server -credentials for the targeted host. - -A Connection Profile with the applicable permissions should be assigned under each jobs Connection -node as follows: - -- Both the Oracle database credentials and the Server credentials for the targeted host (or the - previously provisioned AD credentials) for: - - 0-Oracle_Servers Job -- Oracle Database credentials only for: - - 1-Oracle_PermissionsScan Job - - 2-Oracle_SensitiveDataScan Job - - 3-Oracle_ActivityScan Job - - 4-Oracle_DefaultPasswordUsers Job - - 5-Oracle_Configuration Job - -The Connection Profile is set to Use the Default Profile, as configured at the global settings -level. However, since this may not be the Connection Profile with the necessary permissions for the -assigned hosts, click the radio button for the Select one of the following user defined profiles -option and select the appropriate Connection Profile drop-down menu. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -One of the most important decisions to make is how frequently to collect this data. The Oracle Job -Group can be scheduled to run as desired depending on the types of auditing being conducted and the -scope of the target environment. The general recommendation is to schedule the solution to run -daily. - -Run Order - -The 0-Oracle_Servers Job within the Oracle 0.Collection Job Group must be run first, before running -the rest of the jobs. - -**_RECOMMENDED:_** Run the solution at the top level: Oracle Job Group - -The other job groups in the Jobs > Databases > Oracle Job Group can be run in any order only after -running the 0.Collection Job Group. - -Query Configuration - -This solution is designed to be run with the default query configurations. However, the following -SQL Data Collector configurations can be modified if desired: - -- Options page – Customize scan options and/or sensitive data (DLP) options in the following jobs: - - 2-Oracle_SensitiveDataScan Job - - 1-Oracle_ActivityScan Job -- Criteria page – Customize the criteria used to define sensitive data in the following job: - - 2-Oracle_SensitiveDataScan Job -- Filter page – Scope the query to target specific databases/instances in the following jobs: - - Remember, it is necessary for the - [0-Oracle_Servers Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - to run at least once before attempting to scope any of the following queries: - - - 1-Oracle_PermissionsScan Job - - 2-Oracle_SensitiveDataScan Job - - 3-Oracle_ActivityScan Job - - 4-Oracle_DefaultPasswordUsers Job - - 5-Oracle_Configuration Job - - **_RECOMMENDED:_** For reporting purposes, scope all queries to target the same - databases/instances if applying a scope. - -Analysis Configuration - -This solution should be run with the default analysis configurations. These analysis tasks are -preconfigured and should not be modified or deselected! - -Remember, disabling obsolete or un-desired jobs allows the solution to run more efficiently. To -disable a job or job group, right-click on the item and select Disable Job. - -**_RECOMMENDED:_** Do not delete any jobs. Instead, jobs should be disabled. - -Workflow - -1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the - Recommended Configurations section. See the - [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - section for additional information. -2. For Sensitive Data Discovery Auditing – Ensure the Sensitive Data Discovery Add-On is installed - on the Enterprise AuditorEnterprise Auditor Console server. -3. Schedule the solution to run daily or as desired. -4. Review the reports generated by the jobs. - -# Oracle_SensitiveData Job - -The Oracle_SensitveData Job is designed to provide information on all sensitive data that was -discovered in targeted Oracle database servers based on selected scan criteria. - -## Analysis Tasks for the Oracle_SensitiveData Job - -Navigate to the **Oracle > 5.Sensitve Data > Oracle_SensitveData > Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup44.webp) - -The default analysis tasks are: - -- Determine sensitive data details – Creates the SA_Oracle_SensitiveData_Details table accessible - under the job’s Results node -- Instance Summary – Creates the SA_Oracle_SensitiveData_InstanceSummary table accessible under the - job’s Results node -- Enterprise Summary – Creates the SA_Oracle_SensitiveData_EnterpriseSummary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the **Oracle_SensitveData Job** -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | --------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise | None | This report is comprised of two elements: - Pie Chart – Displays exceptions by match count - Table – Provides information on exception details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria | None | This report is comprised of three elements: - Bar Chart – Displays top instances by sensitive data hits - Table – Provides details on instances with sensitive data - Table – Provides information on sensitive data details | - -# Oracle_SensitiveDataPermissions Job - -The Oracle_SensitiveDataPermissions Job is designed to provide information on permissions on -database objects containing sensitive data across all targeted Oracle database servers. - -## Analysis Tasks for the Oracle_SensitiveDataPermissions Job - -Navigate to the **Oracle > 5.Sensitive Data > Oracle_SensitiveDataPermissions > Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup45.webp) - -The default analysis tasks are: - -- Detail Oracle SDD Permissions – Creates the SA_Oracle_SensitiveDataPermissions_Details table - accessible under the job’s Results node -- SDD Perms Instance Summary – Creates the SA_Oracle_SensitiveDataPermissions_InstanceSummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the -**Oracle_SensitiveDataPermissions Job** produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ---------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission count - Table – Provides details on instance permission summary - Table – Provides information on sensitive data permission details | - -# 5.Sensitive Data Job Group - -The 5.Sensitive Data Job Group is designed to provide insight into where sensitive data exists and -who has access to said data across all targeted Oracle database servers. - -Special Dependency for Data Collection - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - -![Sensitive Data Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup43.webp) - -The jobs in the 5.Sensitive Data Job Group are: - -- [Oracle_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to provide information on all the sensitive data that was discovered in the - targeted Oracle database servers based on the selected scan criteria -- [Oracle_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to provide all types of permissions on database objects containing - sensitive data across all the targeted Oracle database servers - -# Oracle_PasswordIssues Job - -The Oracle_PasswordIssues Job is designed to analyze the Oracle user passwords and evaluate if they -comply with prescribed password policies. In addition, the job group will also scan for weak -passwords. - -## Query for the Oracle_PasswordIssues Job - -The Oracle_PasswordIssues Job uses the PowerShell Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup20.webp) - -- Weak Password Hash – Locates the dictionary file used to compare Oracle passwords to determine if - they are weak. - -See the -[PowerShell Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) -topic for additional information. - -## Analysis Tasks for the Oracle_PasswordIssues Job - -Navigate to the **Jobs** > **Oracle** > **1.Users and Roles** > **Oracle_PasswordIssues** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup21.webp) - -The default analysis tasks are: - -- Oracle Weak Password Details – Lists details of weak passwords in Oracle. Adds data to the - SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. -- Weak Hashes – Highlights user accounts with weak hashes. Adds data to the - SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. -- Default Passwords – Finds users with default passwords. Adds data to the - SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. -- Weak Password Instance Summary – Summarizes weak passwords per instance. Creates the - SA_Oracle_PasswordIssues_Summary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the Oracle_PasswordIssues Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ---------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Weak Passwords | This report highlights users with weak passwords in the audited Oracle environment | None | This report is comprised of three elements: - Bar Chart – Displays password issues by instance - Table – Provides details on password issues by instance - Table – Provides information on password issue details | - -# Oracle_RoleMembers Job - -The Oracle_RoleMembers Job is designed to analyze and provide information about role members across -all targeted Oracle database servers. - -## Analysis Tasks for the Oracle_RoleMembers Job - -Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_RoleMembers** > Configure node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup22.webp) - -The default analysis tasks are: - -- Role Member Details – Creates the SA_Oracle_RoleMember_Details table accessible under the job’s - Results node -- Role Membership Instances Summary – Creates the SA\_ Oracle_RoleMember_Summary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the Oracle_RoleMembers Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------- | --------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Role Membership | This report shows details on the roles and role membership in the audited Oracle environment. | None | This report is comprised of three elements: - Bar Chart – Displays top roles by role membership - Table – Provides details on roles by role membership - Table – Provides information on role membership details | - -# Oracle_SystemAdministrators Job - -The Oracle_SystemAdministrators Job is designed to provide insight into users who have DBA, SYSDBA, -and SYSOPER roles across all targeted Oracle database servers. - -## Analysis Tasks for the Oracle_SystemAdministrators Job - -Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_SystemAdministrators** > Configure -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup23.webp) - -The default analysis tasks are: - -- Oracle Administrators – Returns members of specified administrator roles. Creates the - SA_Oracle_SystemAdministrators table accessible under the job’s Results node. -- System Admin Instance Summary – Summarizes System Administrators by Instance. Creates the - SA_Oracle_SystemAdministrators_InstanceSummary table accessible under the job’s Results node. -- System Admin Domain Users – Highlights System Administrators which are domain accounts. Creates - the SA_Oracle_SystemAdmins_DomainUsers table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_SystemAdministrators -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Admin Summary | This report highlights all principals which are members of specified administrator roles | None | This report is comprised of three elements: - Bar Chart – Displays top instances by admin count - Table – Provides information on admin details - Table – Provides details on top instances by admin count | - -# Oracle_Users Job - -The Oracle_Users Job is designed to provide insight into all attributes associated with users in all -databases in targeted Oracle database servers. - -## Analysis Tasks for the Oracle_Users Job - -Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_Users** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup24.webp) - -The default analysis tasks are: - -- Determine user details – Creates the SA_Oracle_Users_Details table accessible under the job’s - Results node -- Summarize by Instance – Creates the SA_Oracle_Users_Summary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the Oracle_Users Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------ | -------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Oracle Users | This report shows details on users in the audited Oracle environment | None | This report is comprised of three elements: - Bar Chart – Displays users by instance - Table – Provides details on oracle user instance summary - Table – Provides information on oracle user details | - -# 1.Users and Roles Job Group - -The 1.Users and Roles Job Group is designed to provide insight into user security, roles, and object -permissions on all Oracle database objects. - -![Users and Roles Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup19.webp) - -The jobs in the 1.Users and Roles Job Group are: - -- [Oracle_PasswordIssues Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job group is designed to analyze the Oracle user passwords and evaluate if they comply with - the prescribed password policies. In addition, the job will also scan the passwords for weak - passwords. -- [Oracle_RoleMembers Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job is designed to analyze and provide information about all the role members in each of - the Oracle database roles across all the targeted Oracle database servers -- [Oracle_SystemAdministrators Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job group is designed to provide insight into all the users who have DBA, SYSDBA, and - SYSOPER roles across all the targeted Oracle database servers -- [Oracle_Users Job](/docs/accessanalyzer/11.6/solutions/databases/oracle-analysis.md) - – This job group is designed to provide insight into all the attributes associated with all the - users in the Oracle database across all targeted Oracle database servers diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_activity.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_activity.md new file mode 100644 index 0000000000..9915836d48 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_activity.md @@ -0,0 +1,30 @@ +# Oracle_Activity Job + +The Oracle_Activity Job is designed to provide insight into user activity in target Oracle database +servers and instances based on Oracle Unified Audit settings. + +## Analysis Tasks for the Oracle_Activity Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_Activity** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup26.webp) + +The default analysis tasks are: + +- Oracle Activity Details – Creates the SA_Oracle_Activity_Details table accessible under the job’s + Results node +- Activity Database Summary – Summarizes all activity by database. Creates the + SA_Oracle_Activity_UserDatabaseSummary table accessible under the job’s Results node. +- Activity Instance Summary – Summarizes Oracle activity by Instance. Creates the + SA_Oracle_Activity_UserInstanceSummary table accessible under the job’s Results node. + +In addition to the tables and views created the analysis task, the Oracle_Activity Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ---------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| User Activity Summary | This report lists all Oracle events, and summarizes them by database and instance. | None | This report is comprised of three elements: - Bar Chart – Displays users with most events by instance - Table – Provides details on users with most events by instance - Table – Provides details on event details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_logons.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_logons.md new file mode 100644 index 0000000000..d54d6bdd2c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_logons.md @@ -0,0 +1,28 @@ +# Oracle_Logons Job + +The Oracle_Logons Job is designed to provide insight into failed and successful Oracle database +login activity across all targeted Oracle database servers. + +## Analysis Tasks for the Oracle_Logons Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_Logons** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup27.webp) + +The default analysis tasks are: + +- Oracle Logons – Reports on all Oracle logon events. Creates the SA_Oracle_Logons_Details table + accessible under the job’s Results node. +- Logons Summary – Provides a summary of logons by Instance. Creates the SA_Oracle_Logons_Summary + table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the Oracle_Logons Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------- | ----------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Logon Summary | This report outlines successful and failed logins over the last 30 days | None | This report is comprised of three elements: - Bar Chart – Displays top instances by failed logons - Table – Provides details on logon summary - Table – Provides details on logon details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_permissionchanges.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_permissionchanges.md new file mode 100644 index 0000000000..cdad2fc432 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_permissionchanges.md @@ -0,0 +1,30 @@ +# Oracle_PermissionChanges Job + +The Oracle_PermissionsChanges Job is designed to provide detailed information about changes in +permissions across all database objects. Audited activities include granting, altering, and revoking +permissions on database objects. + +## Analysis Tasks for the Oracle_PermissionsChanges Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_PermissionChanges** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup28.webp) + +The default analysis tasks are: + +- Oracle Permission Changes – Highlights activity involving permission changes on audited Oracle + Instances. Creates the SA_Oracle_PermissionChange_Details table accessible under the job’s Results + node. +- Oracle Permission Changes Instance Summary – Summarizes Permission Changes per Instance. Creates + the SA_Oracle_PermissionChange_Summary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_PermissionsChanges Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------- | ----------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Permission Change Activity Summary | This report lists all permission change related Oracle events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission change activity - Table –  Provides details on instances by permission change activity - Table – Provides details on permission change details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_schemachanges.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_schemachanges.md new file mode 100644 index 0000000000..f14cbf644b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_schemachanges.md @@ -0,0 +1,29 @@ +# Oracle_SchemaChanges Job + +The Oracle_SchemaChanges Job is designed to provide detailed information about changes in schema +across all database objects. + +## Analysis Tasks for the Oracle_SchemaChanges Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_SchemaChanges** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup29.webp) + +The default analysis tasks are: + +- Oracle Schema Change Details – Highlights activity involving schema changes in the audited Oracle + Instances. Creates the SA_Oracle_SchemaChange_Details table accessible under the job’s Results + node. +- Schema Change Summary – Summarizes schema changes per instance. Creates the + SA_Oracle_SchemaChange_Summary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_SchemaChanges Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Schema Change Activity | This report lists all schema change related Oracle events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by schema change activity - Table –  Provides details on instances by schema change activity - Table – Provides details on schema change details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_sensitivedataactivity.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_sensitivedataactivity.md new file mode 100644 index 0000000000..63211fe827 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_sensitivedataactivity.md @@ -0,0 +1,28 @@ +# Oracle_SensitiveDataActivity Job + +The Oracle_SensitiveDataActivity Job is designed to provide detailed information about DML (UPDATE, +INSERT, DELETE, TRUNCATE) against objects containing sensitive data. + +## Analysis Tasks for the Oracle_SensitiveDataActivity Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_SensitiveDataActivity** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup30.webp) + +The default analysis tasks are: + +- SDD Activity – Highlights activity on Oracle sensitive data. Creates the + SA_Oracle_SensitiveDataActivity_Details table accessible under the job’s Results node. +- SDD Activity Instance Summary – Summarizes SDD Activity by Instance. Creates the + SA_Oracle_SensitiveDataActivity_UserSummary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the Oracle_SensitiveDataActivity +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | --------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Activity | This report highlights events in databases containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance - Table – Provides details on user activity by instance - Table – Provides details on sensitive data activity details by database | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_suspiciousactivity.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_suspiciousactivity.md new file mode 100644 index 0000000000..e0ea75c915 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_suspiciousactivity.md @@ -0,0 +1,30 @@ +# Oracle_SuspiciousActivity Job + +The Oracle_SuspiciousActivity job is designed to provide insight into suspicious behavior based on +user activity that does not conform to normal database activity. + +## Analysis Tasks for the Oracle_SuspiciousActivity Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_SuspiciousActivity** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup31.webp) + +The default analysis tasks are: + +- Oracle Suspicious Activity Details – Analyzes the audited events and collects those that represent + suspicious activity by the database users. Creates the SA_Oracle_SuspiciousActivity_Details table + accessible under the job’s Results node. +- Suspicious Activity Instance Summary – Summarizes all suspicious activity found and groups it by + instance. Creates the SA_Oracle_SuspiciousActivity_Summary table accessible under the job’s + Results node. + +In addition to the tables and views created by the analysis task, the Oracle_SuspiciousActivity Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Suspicious Activity | This report highlights the number of suspicious events found per instance as well as provides the details about those events | None | This report is comprised of three elements: - Bar Chart – Displays suspicious activity by instance - Table –  Provides details on suspicious activity by instance - Table – Provides details on suspicious activity details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_unusualactivity.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_unusualactivity.md new file mode 100644 index 0000000000..6166fe3b97 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_unusualactivity.md @@ -0,0 +1,30 @@ +# Oracle_UnusualActivity Job + +The Oracle_UnusualActivity job has analysis tasks and reports that use data collected by the +0.Collection Job Group to analyze user activity based on audited actions and identify any outliers +based on a modified z-score. Modified z-scores of 3.5 or over are considered possible outliers. + +## Analysis Tasks for the Oracle_UnusualActivity Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_UnusualActivity** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup32.webp) + +The default analysis tasks are: + +- Unusual Hourly Activity Details – Finds user activity outliers based on median hourly activity of + all users in that instance. Creates the SA_Oracle_UnusualHourlyActivity_Details table accessible + under the job’s Results node. +- Hourly Unusual Activity Summary – Groups unusual activity outliers by instance. Creates the + SA_Oracle_UnusualHourlyActivity_Summary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_UnusualActivity Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | -------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Unusual Hourly Activity | This report highlights the number of unusual events found per instance, hourly as well as provides details on those events | None | This report is comprised of three elements: - Bar Chart – Displays unusual user activity - Table – Provides details on number of outliers per instance - Table – Provides details on unusual user activity details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/overview.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/overview.md new file mode 100644 index 0000000000..7fcdc7b346 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/overview.md @@ -0,0 +1,34 @@ +# 2.Activity Job Group + +The 2.Activity Job Group is designed to provide insight into user login activity, object permission +changes, unusual database activity, SQL activity against sensitive data, and SQL activity against +selective or all database objects. + +![Activity Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup25.webp) + +The jobs in the 2.Activity Job Group are: + +- [Oracle_Activity Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_activity.md) + – This job is designed to provide insight into user activity in target Oracle database server + instances and databases in each instance based on the Oracle Unified Audit settings +- [Oracle_Logons Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_logons.md) + – This job group is designed to provide insight into failed and successful Oracle database login + activity across all the targeted Oracle database servers +- [Oracle_PermissionChanges Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_permissionchanges.md) + – This job is designed to provide detailed information about the changes in permissions across all + the database objects. Audited activities include granting, altering, and revoking permissions on + database objects. +- [Oracle_SchemaChanges Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_schemachanges.md) + – This job is designed to provide detailed information about the changes in permissions across all + the database objects. Audited activities include granting, altering, and revoking permissions on + database objects. +- [Oracle_SensitiveDataActivity Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_sensitivedataactivity.md) + – This job is designed to provide detailed information about all the DML (UPDATE, INSERT, DELETE, + TRUNCATE) against objects containing sensitive data +- [Oracle_SuspiciousActivity Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_suspiciousactivity.md) + – This job is designed to provide insight into suspicious behavior based on user activity that + does not conform to normal database activity +- [Oracle_UnusualActivity Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/oracle_unusualactivity.md) + – This job is designed to analyze user activity based on the audited actions and identify any + outliers based on a modified z-score. Modified z-scores of 3.5 or higher are considered to be + possible outliers. diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/0-oracle_servers.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/0-oracle_servers.md new file mode 100644 index 0000000000..1f4e37384b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/0-oracle_servers.md @@ -0,0 +1,36 @@ +# 0-Oracle_Servers Job + +The 0-Oracle_Servers job is designed to enumerate and store the list of Oracle Database Instances +running on the targeted servers. + +## Query for the Oracle_Servers Job + +The Server Discovery query uses the PowerShell Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup3.webp) + +- Oracle Servers – Returns a list of Oracle servers from the specified host list + +Regarding Oracle instance discovery, there may be errors running the query that are not reported. An +additional log to store the issues has been added for instance discoveries named +`Oracle_Server_log_[target_hostname]`. This file can be found in +`%sainstalldir%\Jobs\GROUP_ORACLE_0.Collection\GROUP_1.Discovery\JOB_Oracle_Servers\OUTPUT`. See the +[PowerShell Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md) +topic for additional information. + +## Analysis Task for the Oracle_Servers Job + +Navigate to the **Databases** > **0.Collection** > **Oracle** > **0-Oracle_Servers** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup4.webp) + +The default analysis task is: + +- Insert Instances in SA_SQL_Instances table – Creates the SA_SQL_Instances table accessible under + the job’s Results node diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/1-oracle_permissionsscan.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/1-oracle_permissionsscan.md new file mode 100644 index 0000000000..829e8541d1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/1-oracle_permissionsscan.md @@ -0,0 +1,62 @@ +# 1-Oracle_PermissionsScan Job + +The 1-Oracle_PermissionsScan Job is designed to collect Oracle database level permissions from all +targeted Oracle database servers. + +## Query for the 1-Oracle_PermissionsScan Job + +The PermissionsScan query uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup6.webp) + +- PermissionsScan – Collects permissions from targeted instances + +### Configure the 1-Oracle_PermissionsScan Query + +The 1-Oracle_PermissionsScan Job is preconfigured to run using the default settings for the +Permissions Collection category in the SQL Data Collector. Follow the steps to customize +configurations: + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > +**1-Oracle_PermissionsScan** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the PermissionScan query and click on Query +Properties. The Query Properties window opens. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +![Filter Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp) + +**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default +query target is All Databases. The default query scope is Only select database objects. Click +Retrieve. The Available database objects section will be populated. Databases and instances can be +added in the following ways: + +- Select the desired database objects and click Add +- Use the Import CSV button to import a list from a CSV file, if desired +- Optionally, use the Add Custom Filter button to create and apply a custom filter + +**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 1-Oracle_PermissionsScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 1-Oracle_PermissionsScan Job + +Navigate to the **Databases** > **0.Collection** > **Oracle** > **1-Oracle_PermissionsScan** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup8.webp) + +The default analysis tasks are: + +- Oracle Setup – Sets up functions and tables for the Oracle Solution Set +- Oracle Permissions Import – Imports Oracle permissions into the AIC +- Oracle Local Groups Import – Creates the SA_AIC_LocalGroupsImport table accessible under the job’s + Results node diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/2-oracle_sensitivedatascan.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/2-oracle_sensitivedatascan.md new file mode 100644 index 0000000000..72967ad337 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/2-oracle_sensitivedatascan.md @@ -0,0 +1,85 @@ +# 2-Oracle_SensitiveDataScan Job + +The 2-Oracle_SensitiveDataScan Job discovers sensitive data in Oracle databases across all targeted +Oracle database servers based on pre-defined or user-defined search criteria. + +Special Dependency + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + - See the + [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) + topic for installation information. + - See the + [Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md) + topic for additional information. + +**NOTE:** Though the job is visible within the console, it requires an additional installer package +before data collection will occur. + +## Query for the 2-Oracle_SensitiveDataScan Job + +The SensitiveDataScan Query uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup9.webp) + +- SensitiveDataScan – Collects Sensitive Data from targeted instances + +### Configure the 2-Oracle_SensitiveDataScan Query + +The 2-Oracle_SensitiveDataScan Job is preconfigured to run using the default settings for the +Sensitive Data Collection category in the SQL Data Collector. Follow the steps to customize +configurations: + +**Step 1 –** Navigate to the **Databases > 0.Collection >** Oracle > > 2-Oracle_SensitiveDataScan > +Configure node and select Queries. + +**Step 2 –** In the Query Selection view, select the SensitiveDataScan query and click on Query +Properties. The Query Properties window opens. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/optionspage.webp) + +**Step 4 –** Navigate to the Options page. Enable or disable configuration options as needed. Click +Next to continue. + +![Criteria Page of the SQL Data Collector Wizard](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/criteriapage.webp) + +**Step 5 –** Navigate to the Criteria page. Select or deselect criteria used to define sensitive +data. Click Next to continue. + +![Filter Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp) + +**Step 6 –** To query for specific databases/instances, navigate to the Filter page. The default +query target is All Databases. The default query scope is Only select database objects. Click +Retrieve. The Available database objects section will be populated. Databases and instances can be +added in the following ways: + +- Select the desired database objects and click Add +- Use the Import CSV button to import a list from a CSV file, if desired +- Optionally, use the Add Custom Filter button to create and apply a custom filter + +**Step 7 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 2-Oracle_SensitiveDataScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 2-Oracle_SensitiveDataScan Job + +Navigate to the **Databases** > **0.Collection** > **Oracle** > **2-Oracle_SensitiveDataScan** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup13.webp) + +The default analysis tasks are: + +- Oracle SDD Permission View – Creates a view of all permissions on sensitive data +- Oracle Effective SDD Perms – Creates a view of effective permissions on Oracle SDD data +- Oracle SDD Import – Creates the SA_AIC_SddMatchesImport table accessible under the job’s Results + node diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/3-oracle_activityscan.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/3-oracle_activityscan.md new file mode 100644 index 0000000000..b078de635b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/3-oracle_activityscan.md @@ -0,0 +1,73 @@ +# 3-Oracle_ActivityScan Job + +The 3-Oracle_ActivityScan Job captures user activity from all the targeted Oracle database servers. + +Special Dependency + +- Oracle Server Audit Specifications to be configured on the target databases + - Audit destination must be a binary file + - See the Microsoft + [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) + article for additional information. + +## Query for the 3-Oracle_ActivityScan Job + +The ActivityScan Query uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup14.webp) + +- ActivityScan – Collects activity from targeted instances + +### Configure the 3-Oracle_ActivityScan Query + +The 3-Oracle_ActivityScan Job is preconfigured to run using the default settings for the Server +Audit Events Collection category in the SQL Data Collector. Follow the steps to customize +configurations: + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > +**3-Oracle_ActivityScan** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the ActivityScan query and click on Query +Properties. The Query Properties window opens. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/optionspage.webp) + +**Step 4 –** Navigate to the Options page. Enable or disable configuration options as needed. Click +Next to continue. + +![Filter Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp) + +**Step 5 –** To query for specific databases/instances, navigate to the Filter page. The default +query target is All Databases. The default query scope is Only select database objects. Click +Retrieve. The Available database objects section will be populated. Databases and instances can be +added in the following ways: + +- Select the desired database objects and click Add +- Use the Import CSV button to import a list from a CSV file, if desired +- Optionally, use the Add Custom Filter button to create and apply a custom filter + +**Step 6 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 3-Oracle_ActivityScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 3-Oracle_ActivityScan Job + +Navigate to the **Databases** > **0.Collection** > **Oracle** > **3-Oracle_ActivityScan** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup16.webp) + +The default analysis tasks are: + +- Oracle Activity Import – Creates the SA_AIC_ActivityEventsImport table accessible under the job’s + Results node +- Delete Activity Older than 30 Days – Drops Activity from the AIC tables older than 30 days diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/4-oracle_defaultpasswordusers.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/4-oracle_defaultpasswordusers.md new file mode 100644 index 0000000000..44045590fb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/4-oracle_defaultpasswordusers.md @@ -0,0 +1,46 @@ +# 4-Oracle_DefaultPasswordUsers Job + +The 4-Oracle_DefaultPasswordUsers Job provides a list of users in the database that are configured +to use default passwords. + +## Query for the 4-Oracle_DefaultPasswordUsers Job + +The 4-Oracle_DefaultPasswordUsers Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup17.webp) + +- Users with Default Passwords – Collects usernames of users whose passwords have not been updated + since the database creation + +### Configure the 4-Oracle_DefaultPasswordUsers Query + +The 4-Oracle_DefaultPasswordUsers Job is preconfigured to run using the default settings for the +Permissions Collection category in the SQL Data Collector. Follow the steps to customize +configurations: + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > +**4-Oracle_DefaultPasswordUsers** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the Users with Default Passwords query and click on +Query Properties. The Query Properties window opens. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +![Filters Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp) + +**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default +query target is All Databases. The default query scope is Only select database objects. Click +Retrieve. The Available database objects section will be populated. Databases and instances can be +added in the following ways: + +- Select the desired database objects and click Add +- Use the Import CSV button to import a list from a CSV file, if desired +- Optionally, use the Add Custom Filter button to create and apply a custom filter + +**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 4-Oracle_DefaultPasswordUsers Job is now ready to run with the customized settings. diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/5-oracle_configuration.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/5-oracle_configuration.md new file mode 100644 index 0000000000..852231a79c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/5-oracle_configuration.md @@ -0,0 +1,47 @@ +# 5-Oracle_Configuration Job + +The 5-Oracle_Configuration Job is designed to return additional configuration settings from Oracle +servers. + +## Queries for the 5-Oracle_Configuration Job + +The queries for the 5-Oracle_Configuration Job query uses the SQL Data Collector. + +![5oracleconfigurationqueries](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp) + +The queries are: + +- Database Sizing – Returns database size data +- Database Links – Returns details about Oracle database links + +### Configure the 5-Oracle_Configuration Queries + +The 5-Oracle_Configuration Job is preconfigured to run using the default settings for the Custom +Oracle Query category in the SQL Data Collector. Follow the steps to customize configurations: + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > +**5-Oracle_Configuration Job** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select one of the queries and click on Query Properties. +The Query Properties window opens. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +![Filters page](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp) + +**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default +query target is All Databases. The default query scope is Only select database objects. Click +Retrieve. The Available database objects section will be populated. Databases and instances can be +added in the following ways: + +- Select the desired database objects and click Add +- Use the Import CSV button to import a list from a CSV file, if desired +- Optionally, use the Add Custom Filter button to create and apply a custom filter + +**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 5-Oracle_Configuration Job is now ready to run with the customized settings. diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/overview.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/overview.md new file mode 100644 index 0000000000..1a955fe624 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/overview.md @@ -0,0 +1,26 @@ +# 0.Collection Job Group + +The Oracle Job Group is designed to collect a high level summary of information from the targeted +Oracle Database Servers. This information is used by other jobs in the Oracle Job Group for further +analysis, and for producing reports. + +![Oracle 0Collection Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/0collection.webp) + +The job groups in the 0.Collection Job Group are: + +- [0-Oracle_Servers Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/0-oracle_servers.md) + – This job is designed to enumerate and store the list of Oracle Database Instances running on the + targeted servers +- [1-Oracle_PermissionsScan Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/1-oracle_permissionsscan.md) + – This job is designed to collect Oracle database level permissions from all the targeted Oracle + database servers +- [2-Oracle_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/2-oracle_sensitivedatascan.md) + – This job is designed to discover sensitive data in the Oracle database across all the targeted + Oracle database servers based on pre-defined or user-defined search criteria +- [3-Oracle_ActivityScan Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/3-oracle_activityscan.md) + – This job is designed to capture user activity from all the targeted Oracle database servers +- [4-Oracle_DefaultPasswordUsers Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/4-oracle_defaultpasswordusers.md) + – This job is designed to provide a list of users in the database that are configured to use + default passwords +- [5-Oracle_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/5-oracle_configuration.md) + – This job is designed to return additional configuration settings from Oracle servers. diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_databaselinks.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_databaselinks.md new file mode 100644 index 0000000000..ed9741f822 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_databaselinks.md @@ -0,0 +1,26 @@ +# Oracle_DatabaseLinks Job + +The Oracle_DatabaseLinks Job contains a report that provides information on Database Links where the +listed Oracle Server is able to execute remote commands. + +## Analysis Tasks for the Oracle_DatabaseLinks Job + +Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DatabaseLinks +Job >Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisdblinks.webp) + +The default analysis tasks are: + +- Database Link Details – Provides details about Oracle Database links +- Oracle Database Link Summary – Summarizes Oracle Database links by instance + +In addition to the tables created by the analysis tasks, the **Oracle_DatabaseLinks Job** produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | -------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Links | This report highlights Database Links where the listed Oracle Server is able to execute remote commands. | None | This report is comprised of three elements: - Bar Chart – Provides information on top five database links by instance - Bar Chart – Provides information on database links by instance (GB) - Table – Provides details on database links | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_databasesizing.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_databasesizing.md new file mode 100644 index 0000000000..e034aef0c3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_databasesizing.md @@ -0,0 +1,26 @@ +# Oracle_DatabaseSizing Job + +The Oracle_DatabaseSizing Job provides details on tablespace file sizes and overall tablespace +sizes. + +## Analysis Tasks for the Oracle_DatabaseSizing Job + +Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DatabaseSizing +Job >Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisdbsizing.webp) + +The default analysis tasks are: + +- Database Sizing Details – Provides details on database files and sizes +- Database Sizing Summary – Summarizes file size by instance + +In addition to the tables created by the analysis tasks, the **Oracle_DatabaseSizing Job** produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | -------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report highlights the size of tablespace files in Oracle. | None | This report is comprised of three elements: - Bar Chart – Provides information on top tablespaces by size - Bar Chart – Provides information on size by host (GB) - Table – Provides details on database sizes | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_datadictionaryprotection.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_datadictionaryprotection.md new file mode 100644 index 0000000000..4454d78e86 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_datadictionaryprotection.md @@ -0,0 +1,32 @@ +# Oracle_DataDictionaryProtection Job + +The Oracle_DataDictionaryProtection Job is designed to identify if the Oracle data dictionary views +are accessible by all schemas. Oracle best practice recommendation is to restrict access to data +dictionary views by default and grant explicit system privileges to access the dictionary views when +needed. + +## Analysis Tasks for the Oracle_DataDictionaryProtection Job + +Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DataDictionaryProtection > +Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisddprotection.webp) + +The default analysis tasks are: + +- Find Instances with Modifiable Data Dictionary – Finds Oracle database instances where data + dictionary can be modified by users with system privilege access. Creates the + SA_Oracle_DictionaryAccessible_Details table accessible under the jobs Result’s node. +- Data Dictionary Accessibility Summary – Highlights the number of database instances with the data + dictionary access enabled and disabled. Creates the SA_Oracle_DictionaryAccessible_Summary table + accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the +**Oracle_DataDictionaryProtection Job** produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | ------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Data Dictionary Accessibility | The report highlights the number of instances with either accessible or inaccessible data dictionaries | None | This report is comprised of two elements: - Pie Chart – Displays data dictionary accessibility - Table – Provides information on dictionary accessibility details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_instancenameissues.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_instancenameissues.md new file mode 100644 index 0000000000..69277a4b0a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_instancenameissues.md @@ -0,0 +1,30 @@ +# Oracle_InstanceNameIssues Job + +The Oracle_InstanceNameIssues Job discovers if names used for Oracle database instances conform to +Oracle recommended best practices. The job also checks to see if Oracle SIDs conform to DISA STIG +V-61413 – Oracle instance name or SID should not contain Oracle version numbers. + +## Analysis Tasks for the Oracle_InstanceNameIssues Job + +Navigate to the **Jobs > Databases > Oracle > 4.Configuration > Oracle_InstanceNameIssues > +Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisinstancenameissues.webp) + +The default analysis tasks are: + +- Find Weak Instance Names – Checks SID names for default names and version numbers. Creates the + SA_Oracle_WeakInstanceNames_Details table accessible under the job’s Results node. +- Summarize Number of Weak Instance Names – Counts the number of weak instance names in all + instances. Creates the SA_Oracle_WeakInstanceNames_Summary table accessible under the job’s + Results node. + +In addition to the tables and views created by the analysis task, the **Oracle_InstanceNameIssues +Job** produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ---------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Instance Name Issues | This report highlights default instance names or those containing version numbers. | None | This report is comprised of two elements: - Pie Chart – Displays percentage of instance names with issues - Table – Provides details of instance issues | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_remoteosauthentication.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_remoteosauthentication.md new file mode 100644 index 0000000000..b6852718d8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_remoteosauthentication.md @@ -0,0 +1,30 @@ +# Oracle_RemoteOSAuthentication Job + +The Oracle_RemoteOSAuthentication Job is designed to discover if remote OS authentication is enabled +for the targeted Oracle database servers. + +## Analysis Tasks for the Oracle_RemoteOSAuthentication Job + +Navigate to the **Jobs > Databases > Oracle > 4.Configuration > Oracle_RemoteOSAuthentication > +Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisremoteosauth.webp) + +The default analysis tasks are: + +- Find Instances With Remote OS Authentication Enabled – Finds database instances with remote OS + authentication setting set to “TRUE”. Creates the SA_Oracle_RemoteAuthenticationEnabled_Details + table accessible under the job’s Results node. +- Remote OS Authentication Summary – Counts the number of database instances where the + ‘remote_os_authent’ parameter is set to “TRUE” and also those that are set to “FALSE”. Creates the + SA_Oracle_RemoteOSAuthentication_Summary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_RemoteOSAuthentication +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------- | ------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Oracle Remote OS Authentication | This report shows the number of instances that have remote_os_auth parameter set to “TRUE” | None | This report is comprised of two elements: - Pie Chart – Displays remote OS authentication - Table – Provides information on remote OS authentication details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/overview.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/overview.md new file mode 100644 index 0000000000..d7cb9ce2aa --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/overview.md @@ -0,0 +1,25 @@ +# 4.Configuration Job Group + +The SQL > 4.Configuration Job Group Is designed to provide insight into potential vulnerabilities +related to Oracle Database Instance configuration settings. + +![Configuration Job Group - Oracle](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/configoverview.webp) + +The jobs in the 4.Configuration Job Group are: + +- [Oracle_DatabaseLinks Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_databaselinks.md) + – Contains a report that provides information on Database Links where the listed Oracle Server is + able to execute remote commands +- [Oracle_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_databasesizing.md) + – Provides details on tablespace file sizes and overall tablespace sizes +- [Oracle_DataDictionaryProtection Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_datadictionaryprotection.md) + – This job is designed to identify if the Oracle data dictionary views are accessible by all the + schemas or not. Oracle best practice recommendations are to restrict access to data dictionary + views by default and grant explicit system privilege to access the dictionary views when needed. +- [Oracle_InstanceNameIssues Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_instancenameissues.md) + – This job is designed to find out if the names used for the Oracle database instances conform to + Oracle recommended best practices. The job also checks to see if the Oracle SID conforms to DISA + STIG V-61413 – Oracle instance name or SID should not contain Oracle version numbers. +- [Oracle_RemoteOSAuthentication Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/oracle_remoteosauthentication.md) + – This job is designed to find out if remote OS authentication is enabled for the targeted Oracle + database servers diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/oracle_securityassessment.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/oracle_securityassessment.md new file mode 100644 index 0000000000..cc3870f6ea --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/oracle_securityassessment.md @@ -0,0 +1,26 @@ +# Oracle_SecurityAssessment Job + +The Oracle_SecurityAssessment Job is designed to summarize and categorize the security findings from +the Oracle Solution into HIGH, MEDIUM, LOW, and NO FINDING categories base on severity. + +![Oracle Security Assessment Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/jobgroup46.webp) + +## Analysis Tasks for the Oracle_SecurityAssessment Job + +Navigate to the **Databases** > **Oracle** > **Oracle_SecurityAssessment** > **Configure** node and +select Analysis to view the analysis tasks. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/jobgroup47.webp) + +The default analysis task is: + +- Summarize Audit Findings – Aggregates all security issues in the Oracle environment. Creates the + #scopeOfAudit table used to create the Oracle Security Assessment report under the Configure > + Reports node + +In addition to the tables and views created by the analysis task, the Oracle_SecurityAssessment Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Oracle Security Assessment | This report summarizes security related results from the Oracle solution set. | Security Assessment | This report is comprised of four elements: - Table – Provides information on the scope of the audit - Pie Chart – Displays remote OS authentication - Table – Displays findings by category - Table – Provides details of the security assessment | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/overview.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/overview.md new file mode 100644 index 0000000000..d7c177e356 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/overview.md @@ -0,0 +1,103 @@ +# Oracle Solution + +Data privacy and security is quickly evolving to be on equal footing with traditional security +measures focused on the network, hardware, or software the data is contained within. Organizations +aligning to concepts like Data-Centric Audit and Protection (DCAP) as defined by Gartner, or the +requirements of strict compliance regulations like EU GDPR, are looking to implement processes that +help them understand where sensitive data is stored, who or what is leveraging their privileges to +access the data, and how each database has been configured. + +This solution is a comprehensive part of the Data Access Governance suite for structured and +unstructured data. Enterprise Auditor for Oracle automates the process of understanding where Oracle +databases exist and provides an overview of the Oracle environment in order to answer questions +around data access: + +- Who HAS access to your data? +- Who IS accessing your data? +- What sensitive data IS being stored and accessed? + +With visibility into every corner of Oracle® server and the Windows® operating system it relies +upon, organizations can proactively highlight and prioritize risks to sensitive data. Additionally, +organizations can automate manual, time-consuming, and expensive processes associated with +compliance, security, and operations to easily adhere to best practices that keep Oracle Server safe +and operational. + +The Oracle Solution requires a special Enterprise Auditor license. The Database Solution license +includes all supported database platforms supported by Enterprise Auditor. Additionally, the +Sensitive Data Discovery Add-On enables the solution to search database content for sensitive data. + +Supported Platforms + +- Oracle Database 12c +- Oracle Database 18c +- Oracle Database 19c + +Requirements, Permissions, and Ports + +See the +[Target Oracle Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databaseoracle.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For example, if the job is +configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Location + +The Oracle Solution requires a special Enterprise Auditor license. It can be installed from the +Enterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to +the solution: **Jobs** > **Databases** > **0.Collection** > **Oracle** for the 0.Collection job +group for Oracle. + +The 0.Collection Job Group discovers Oracle Instances on the target hosts. The other job groups at +**Jobs** > **Databases** > **Oracle** analyze and report on the data collected by the 0.Collection +Job Group. + +The Database Solution license includes all supported database platforms supported by Enterprise +Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database +content for sensitive data. + +## Job Groups + +The Oracle Solution is a comprehensive set of pre-configured audit jobs and reports that provide +visibility into various aspects of an Oracle Database Server, including information on Users and +Roles, Sensitive Data Discovery, Object Permissions, Configuration, User Activity, and overall +Security Assessment. + +![Oracle Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/oraclejobgroup.webp) + +The job groups/jobs in the Oracle Solution are: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/overview.md) + – This job group is designed to collect high level summary information from targeted Oracle + Database Servers. This information is used by other jobs in the Oracle solution set for further + analysis and for producing respective reports. The O.Collection job group is located at **Jobs** > + **Databases** > **0.Collection** > **Oracle**. +- [1.Users and Roles Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/overview.md) + – This job group is designed to provide insight into user security, roles, and object permissions + on all the Oracle database objects +- [2.Activity Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle/activity/overview.md) + – This job group is designed to provide insight into user login activity, object permission + changes, any unusual database activity, SQL activity against sensitive data, and SQL activity + against selective or all database objects +- [3.Permissions Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/overview.md) + – This job group is designed to provide insight into all types of permissions at the instance, + database, and object level across all the targeted Oracle database servers +- [4.Configuration Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/overview.md) + – This job group is designed to provide insight into potential vulnerabilities related to Oracle + Database Instance configuration settings +- [5.Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/overview.md) + – This job is designed to provide insight into where sensitive data exists, and who has access to + it across all the targeted Oracle database servers + - Requires the Sensitive Data Discovery Add-On. +- [Oracle_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/oracle_securityassessment.md) + – This job is designed to summarize and categorize the security findings into HIGH, MEDIUM, LOW, + and NO FINDING categories based on their severity diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_domainuserpermissions.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_domainuserpermissions.md new file mode 100644 index 0000000000..6854c925b7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_domainuserpermissions.md @@ -0,0 +1,28 @@ +# Oracle_DomainUserPermissions Job + +The Oracle_DomainUserPermissions Job provides insight into Microsoft Active Directory domain user +accesses to Oracle database objects both at the instance and object level. + +## Analysis Tasks for the Oracle_DomainUserPermissions Job + +Navigate to the **Oracle** > **3.Permissions** > **Oracle_DomainUserPermissions** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup34.webp) + +The default analysis tasks are: + +- Calculate domain user permissions details – Creates the SA_ORACLE_DomainUserPermissions_Details + table accessible under the job’s Results node +- Summarize domain user permissions – Creates the SA_ORACLE_DomainUserPermissions_Summary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the Oracle_DomainUserPermissions +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | --------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain User Access | This report looks at permissions granted to domain users across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance count - Table – Provides details on access sprawl - Table – Provides information on permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_objectpermissions.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_objectpermissions.md new file mode 100644 index 0000000000..f6d4e71c10 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_objectpermissions.md @@ -0,0 +1,28 @@ +# Oracle_ObjectPermissions Job + +The Oracle_ObjectPermissions Job provides insight into user and role permissions to database objects +in targeted Oracle database servers. + +## Analysis Tasks for the Oracle_ObjectPermissions Job + +Navigate to the **Oracle** > **3.Permissions** > **Oracle_ObjectPermissions** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup35.webp) + +The default analysis tasks are: + +- Oracle Object Permissions – Highlights permissions on Oracle Objects. Creates the + SA_Oracle_ObjectPermission_Details table accessible under the job’s Results node. +- Object Permissions Instance Summary – Summarizes Object Permissions by Instance. Creates the + SA_Oracle_ObjectPermission_InstanceSummary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_ObjectPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ----------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Oracle Object Permissions | This report highlights Object permissions and summarizes them by instance and domain user | None | This report is comprised of three elements: - Bar Chart – Displays top instances by object permissions - Table –  Provides details on instances by object permission count - Table – Provides details on object permissions | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_publicpermissions.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_publicpermissions.md new file mode 100644 index 0000000000..dcae7000b9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_publicpermissions.md @@ -0,0 +1,28 @@ +# Oracle_PublicPermissions Job + +The Oracle_PublicPermissions Job provides a list of permissions assigned to Public profile in +targeted Oracle database servers. + +## Analysis Tasks for the Oracle_PublicPermissions Job + +Navigate to the **Oracle** > **3.Permissions** > **Oracle_PublicPermissions** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup36.webp) + +The default analysis tasks are: + +- Oracle Public Permissions – Analyzes permissions for the Public Oracle account. Creates the + SA_Oracle_PublicPermission_Details table accessible under the job’s Results node. +- Public Permissions Instance Summary – Summarizes public permissions by Instance. Creates the + SA_Oracle_PublicPermission_InstanceSummary accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_PublicPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Public Permissions | This report highlights public permissions and summarizes them by instance | None | This report is comprised of three elements: - Bar Chart – Displays top instances by public permission - Table – Provides details on instances by public permission count - Table – Provides details on public permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_serverpermissions.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_serverpermissions.md new file mode 100644 index 0000000000..f5d22b28b1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_serverpermissions.md @@ -0,0 +1,28 @@ +# Oracle_ServerPermissions Job + +The Oracle_ServerPermissions Job analyzes permissions granted at the database level and reports on +effective database level permissions across all audited Oracle database servers. + +## Analysis Tasks for the Oracle_ServerPermissions Job + +Navigate to the **Oracle** > **3.Permissions** > **Oracle_ServerPermissions** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup37.webp) + +The default analysis tasks are: + +- Determine Server Permissions – Highlights Oracle permissions on the Server. Creates the + SA_Oracle_ServerPermission_Details table accessible under the job’s Results node. +- Server Permissions Instance Summary – Summarizes server permissions by Instance. Creates the + SA_Oracle_ServerPermission_InstanceSummary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_ServerPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Server Permissions | This report highlights server permissions and summarizes them by instance | None | This report is comprised of three elements: - Bar Chart – Displays top instances by server permissions - Table – Provides details on instances by server permission count - Table – Provides details on server permissions | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_sysschemapermissions.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_sysschemapermissions.md new file mode 100644 index 0000000000..b052bf46bb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_sysschemapermissions.md @@ -0,0 +1,28 @@ +# Oracle_SysSchemaPermissions Job + +The Oracle_SysSchemaPermissions Job provides insight into users that have access to objects in the +SYS schema, and the type permissions to those objects across all audited Oracle database servers. + +## Analysis Tasks for the Oracle_SysSchemaPermissions Job + +Navigate to the **Oracle** > **3.Permissions** > **Oracle_SysSchemaPermissions** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup38.webp) + +The default analysis tasks are: + +- Oracle Sys Schema Permissions – Highlights all permissions on tables in the Oracle schema. Creates + the SA_Oracle_SysSchema table accessible under the job’s Results table. +- Oracle Sys Schema Summary – Summarizes sys schema permissions per instance. Creates the + SA_Oracle_SysSchema_InstanceSummary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the Oracle_SysSchemaPermissions +Job produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ---------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SYS Schema Permissions | This report highlights SYS schema permissions across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays sys schema permission by instance - Table – Provides details on sys schema permissions by instance - Table – Provides details on sys schema permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/overview.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/overview.md new file mode 100644 index 0000000000..8e90e5b3e5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/overview.md @@ -0,0 +1,24 @@ +# 3.Permissions Job Group + +The 3.Permissions Job Group is designed to provide insight into all types of permissions at the +instance, database, and object levels across all targeted Oracle database servers. + +![Permissions Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup33.webp) + +The jobs in the 3.Permissions Job Group are: + +- [Oracle_DomainUserPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_domainuserpermissions.md) + – This job will provide insight into Microsoft Active Directory domain users access to Oracle + database objects both at the instance and object level +- [Oracle_ObjectPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_objectpermissions.md) + – This job will provide insight into user and role permissions to all the database objects in the + targeted Oracle database server +- [Oracle_PublicPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_publicpermissions.md) + – This job provides the list of all the permission assigned to the PUBLIC profile in all the + targeted Oracle database servers +- [Oracle_ServerPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_serverpermissions.md) + – This job analyzes all the permission granted at the database level and repots on the effective + database level permissions across all the audited Oracle database servers +- [Oracle_SysSchemaPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/oracle_sysschemapermissions.md) + – This job provides insight into all the users who have access to the objects in the SYS schema + and the type permissions to those objects across all the audited Oracle database servers diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/recommended.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/recommended.md new file mode 100644 index 0000000000..a7e227f143 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/recommended.md @@ -0,0 +1,133 @@ +# Recommended Configuration + +The Oracle Solution has been configured to inherit down from the Oracle > Settings node. However, it +is best practice to assign the host list and the Connection Profile at the data collection level, +0.Collection Job Group. Once these are assigned to the job group, it can be run directly or +scheduled. + +Dependencies + +- .Active Directory Inventory Job Group run successfully +- For Activity Auditing – Oracle Server audit specifications to be configured on the target + databases +- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the + Enterprise Auditor Console server + +Some of the queries in the **Jobs** > **Databases** > **0.Collection** > **Oracle Job Group** can be +scoped to target specific databases and/or instances. However, it is necessary for the +SA_SQL_Instances table to be populated before attempting to scope the queries. Therefore, the +0-Oracle_Servers job must be executed before attempting to scope the rest of the 0.Collection Job +Group queries. + +Targeted Host(s) + +The 0.Collection Job Group must be set to run against the following dynamic host list: + +- Oracle Servers + +Default dynamic host lists are populated from hosts in the Host Master Table which meet the host +inventory criteria for the list. Ensure the appropriate host list(s) have been populated through +host inventory results. + +Connection Profile + +The SQL Data Collector requires a specific set of permissions. The account used can be either an +Active Directory account or an Oracle account. + +For a Windows-integrated Oracle instance it is possible to use one Active Directory credential that +has permissions on both the Oracle database and the server. This will not generally be the case in +most customer environments, but it is possible. + +If the required permissions are assigned to one Active Directory credential, once the account has +been provisioned, create a custom Connection Profile containing the credentials for the targeted +environment. See the +[SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) +topic for additional information on permissions and creating a SQL custom connection profile. + +Alternatively, create a connection profile with both the Oracle database credentials and the server +credentials for the targeted host. + +A Connection Profile with the applicable permissions should be assigned under each jobs Connection +node as follows: + +- Both the Oracle database credentials and the Server credentials for the targeted host (or the + previously provisioned AD credentials) for: + - 0-Oracle_Servers Job +- Oracle Database credentials only for: + - 1-Oracle_PermissionsScan Job + - 2-Oracle_SensitiveDataScan Job + - 3-Oracle_ActivityScan Job + - 4-Oracle_DefaultPasswordUsers Job + - 5-Oracle_Configuration Job + +The Connection Profile is set to Use the Default Profile, as configured at the global settings +level. However, since this may not be the Connection Profile with the necessary permissions for the +assigned hosts, click the radio button for the Select one of the following user defined profiles +option and select the appropriate Connection Profile drop-down menu. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +One of the most important decisions to make is how frequently to collect this data. The Oracle Job +Group can be scheduled to run as desired depending on the types of auditing being conducted and the +scope of the target environment. The general recommendation is to schedule the solution to run +daily. + +Run Order + +The 0-Oracle_Servers Job within the Oracle 0.Collection Job Group must be run first, before running +the rest of the jobs. + +**_RECOMMENDED:_** Run the solution at the top level: Oracle Job Group + +The other job groups in the Jobs > Databases > Oracle Job Group can be run in any order only after +running the 0.Collection Job Group. + +Query Configuration + +This solution is designed to be run with the default query configurations. However, the following +SQL Data Collector configurations can be modified if desired: + +- Options page – Customize scan options and/or sensitive data (DLP) options in the following jobs: + - 2-Oracle_SensitiveDataScan Job + - 1-Oracle_ActivityScan Job +- Criteria page – Customize the criteria used to define sensitive data in the following job: + - 2-Oracle_SensitiveDataScan Job +- Filter page – Scope the query to target specific databases/instances in the following jobs: + + Remember, it is necessary for the + [0-Oracle_Servers Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/0-oracle_servers.md) + to run at least once before attempting to scope any of the following queries: + + - 1-Oracle_PermissionsScan Job + - 2-Oracle_SensitiveDataScan Job + - 3-Oracle_ActivityScan Job + - 4-Oracle_DefaultPasswordUsers Job + - 5-Oracle_Configuration Job + + **_RECOMMENDED:_** For reporting purposes, scope all queries to target the same + databases/instances if applying a scope. + +Analysis Configuration + +This solution should be run with the default analysis configurations. These analysis tasks are +preconfigured and should not be modified or deselected! + +Remember, disabling obsolete or un-desired jobs allows the solution to run more efficiently. To +disable a job or job group, right-click on the item and select Disable Job. + +**_RECOMMENDED:_** Do not delete any jobs. Instead, jobs should be disabled. + +Workflow + +1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the + Recommended Configurations section. See the + [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/oracle/collection/overview.md) + section for additional information. +2. For Sensitive Data Discovery Auditing – Ensure the Sensitive Data Discovery Add-On is installed + on the Enterprise AuditorEnterprise Auditor Console server. +3. Schedule the solution to run daily or as desired. +4. Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/oracle_sensitivedata.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/oracle_sensitivedata.md new file mode 100644 index 0000000000..f13e15b474 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/oracle_sensitivedata.md @@ -0,0 +1,31 @@ +# Oracle_SensitiveData Job + +The Oracle_SensitveData Job is designed to provide information on all sensitive data that was +discovered in targeted Oracle database servers based on selected scan criteria. + +## Analysis Tasks for the Oracle_SensitiveData Job + +Navigate to the **Oracle > 5.Sensitve Data > Oracle_SensitveData > Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/jobgroup44.webp) + +The default analysis tasks are: + +- Determine sensitive data details – Creates the SA_Oracle_SensitiveData_Details table accessible + under the job’s Results node +- Instance Summary – Creates the SA_Oracle_SensitiveData_InstanceSummary table accessible under the + job’s Results node +- Enterprise Summary – Creates the SA_Oracle_SensitiveData_EnterpriseSummary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the **Oracle_SensitveData Job** +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | --------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise | None | This report is comprised of two elements: - Pie Chart – Displays exceptions by match count - Table – Provides information on exception details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria | None | This report is comprised of three elements: - Bar Chart – Displays top instances by sensitive data hits - Table – Provides details on instances with sensitive data - Table – Provides information on sensitive data details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/oracle_sensitivedatapermissions.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/oracle_sensitivedatapermissions.md new file mode 100644 index 0000000000..96e87b72da --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/oracle_sensitivedatapermissions.md @@ -0,0 +1,28 @@ +# Oracle_SensitiveDataPermissions Job + +The Oracle_SensitiveDataPermissions Job is designed to provide information on permissions on +database objects containing sensitive data across all targeted Oracle database servers. + +## Analysis Tasks for the Oracle_SensitiveDataPermissions Job + +Navigate to the **Oracle > 5.Sensitive Data > Oracle_SensitiveDataPermissions > Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/jobgroup45.webp) + +The default analysis tasks are: + +- Detail Oracle SDD Permissions – Creates the SA_Oracle_SensitiveDataPermissions_Details table + accessible under the job’s Results node +- SDD Perms Instance Summary – Creates the SA_Oracle_SensitiveDataPermissions_InstanceSummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the +**Oracle_SensitiveDataPermissions Job** produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ---------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission count - Table – Provides details on instance permission summary - Table – Provides information on sensitive data permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/overview.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/overview.md new file mode 100644 index 0000000000..c2e9c8b58a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/overview.md @@ -0,0 +1,19 @@ +# 5.Sensitive Data Job Group + +The 5.Sensitive Data Job Group is designed to provide insight into where sensitive data exists and +who has access to said data across all targeted Oracle database servers. + +Special Dependency for Data Collection + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + +![Sensitive Data Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/jobgroup43.webp) + +The jobs in the 5.Sensitive Data Job Group are: + +- [Oracle_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/oracle_sensitivedata.md) + – This job is designed to provide information on all the sensitive data that was discovered in the + targeted Oracle database servers based on the selected scan criteria +- [Oracle_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/oracle_sensitivedatapermissions.md) + – This job is designed to provide all types of permissions on database objects containing + sensitive data across all the targeted Oracle database servers diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_passwordissues.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_passwordissues.md new file mode 100644 index 0000000000..fd9f657bbf --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_passwordissues.md @@ -0,0 +1,48 @@ +# Oracle_PasswordIssues Job + +The Oracle_PasswordIssues Job is designed to analyze the Oracle user passwords and evaluate if they +comply with prescribed password policies. In addition, the job group will also scan for weak +passwords. + +## Query for the Oracle_PasswordIssues Job + +The Oracle_PasswordIssues Job uses the PowerShell Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup20.webp) + +- Weak Password Hash – Locates the dictionary file used to compare Oracle passwords to determine if + they are weak. + +See the +[PowerShell Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md) +topic for additional information. + +## Analysis Tasks for the Oracle_PasswordIssues Job + +Navigate to the **Jobs** > **Oracle** > **1.Users and Roles** > **Oracle_PasswordIssues** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup21.webp) + +The default analysis tasks are: + +- Oracle Weak Password Details – Lists details of weak passwords in Oracle. Adds data to the + SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. +- Weak Hashes – Highlights user accounts with weak hashes. Adds data to the + SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. +- Default Passwords – Finds users with default passwords. Adds data to the + SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. +- Weak Password Instance Summary – Summarizes weak passwords per instance. Creates the + SA_Oracle_PasswordIssues_Summary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the Oracle_PasswordIssues Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ---------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Weak Passwords | This report highlights users with weak passwords in the audited Oracle environment | None | This report is comprised of three elements: - Bar Chart – Displays password issues by instance - Table – Provides details on password issues by instance - Table – Provides information on password issue details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_rolemembers.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_rolemembers.md new file mode 100644 index 0000000000..0a1e6e423c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_rolemembers.md @@ -0,0 +1,28 @@ +# Oracle_RoleMembers Job + +The Oracle_RoleMembers Job is designed to analyze and provide information about role members across +all targeted Oracle database servers. + +## Analysis Tasks for the Oracle_RoleMembers Job + +Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_RoleMembers** > Configure node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup22.webp) + +The default analysis tasks are: + +- Role Member Details – Creates the SA_Oracle_RoleMember_Details table accessible under the job’s + Results node +- Role Membership Instances Summary – Creates the SA_ Oracle_RoleMember_Summary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the Oracle_RoleMembers Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------- | --------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Role Membership | This report shows details on the roles and role membership in the audited Oracle environment. | None | This report is comprised of three elements: - Bar Chart – Displays top roles by role membership - Table – Provides details on roles by role membership - Table – Provides information on role membership details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_systemadministrators.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_systemadministrators.md new file mode 100644 index 0000000000..1ca797ccec --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_systemadministrators.md @@ -0,0 +1,30 @@ +# Oracle_SystemAdministrators Job + +The Oracle_SystemAdministrators Job is designed to provide insight into users who have DBA, SYSDBA, +and SYSOPER roles across all targeted Oracle database servers. + +## Analysis Tasks for the Oracle_SystemAdministrators Job + +Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_SystemAdministrators** > Configure +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup23.webp) + +The default analysis tasks are: + +- Oracle Administrators – Returns members of specified administrator roles. Creates the + SA_Oracle_SystemAdministrators table accessible under the job’s Results node. +- System Admin Instance Summary – Summarizes System Administrators by Instance. Creates the + SA_Oracle_SystemAdministrators_InstanceSummary table accessible under the job’s Results node. +- System Admin Domain Users – Highlights System Administrators which are domain accounts. Creates + the SA_Oracle_SystemAdmins_DomainUsers table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_SystemAdministrators +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Admin Summary | This report highlights all principals which are members of specified administrator roles | None | This report is comprised of three elements: - Bar Chart – Displays top instances by admin count - Table – Provides information on admin details - Table – Provides details on top instances by admin count | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_users.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_users.md new file mode 100644 index 0000000000..1d7ba1db60 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_users.md @@ -0,0 +1,28 @@ +# Oracle_Users Job + +The Oracle_Users Job is designed to provide insight into all attributes associated with users in all +databases in targeted Oracle database servers. + +## Analysis Tasks for the Oracle_Users Job + +Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_Users** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup24.webp) + +The default analysis tasks are: + +- Determine user details – Creates the SA_Oracle_Users_Details table accessible under the job’s + Results node +- Summarize by Instance – Creates the SA_Oracle_Users_Summary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the Oracle_Users Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------ | -------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Oracle Users | This report shows details on users in the audited Oracle environment | None | This report is comprised of three elements: - Bar Chart – Displays users by instance - Table – Provides details on oracle user instance summary - Table – Provides information on oracle user details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/overview.md b/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/overview.md new file mode 100644 index 0000000000..5e31bc7c5a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/overview.md @@ -0,0 +1,22 @@ +# 1.Users and Roles Job Group + +The 1.Users and Roles Job Group is designed to provide insight into user security, roles, and object +permissions on all Oracle database objects. + +![Users and Roles Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup19.webp) + +The jobs in the 1.Users and Roles Job Group are: + +- [Oracle_PasswordIssues Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_passwordissues.md) + – This job group is designed to analyze the Oracle user passwords and evaluate if they comply with + the prescribed password policies. In addition, the job will also scan the passwords for weak + passwords. +- [Oracle_RoleMembers Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_rolemembers.md) + – This job is designed to analyze and provide information about all the role members in each of + the Oracle database roles across all the targeted Oracle database servers +- [Oracle_SystemAdministrators Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_systemadministrators.md) + – This job group is designed to provide insight into all the users who have DBA, SYSDBA, and + SYSOPER roles across all the targeted Oracle database servers +- [Oracle_Users Job](/docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/oracle_users.md) + – This job group is designed to provide insight into all the attributes associated with all the + users in the Oracle database across all targeted Oracle database servers diff --git a/docs/accessanalyzer/11.6/solutions/databases/overview.md b/docs/accessanalyzer/11.6/solutions/databases/overview.md new file mode 100644 index 0000000000..d7e32b1af9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/overview.md @@ -0,0 +1,54 @@ +# Databases Solutions + +Enterprise Auditor Databases Solution Set is a comprehensive set of pre-configured audit jobs and +reports that provide visibility into various aspects of supported databases: + +- [Db2 Solution](/docs/accessanalyzer/11.6/solutions/databases/db2/overview.md) + – Db2 Solution is a comprehensive set of pre-configured audit jobs and reports that provide + visibility into various aspects of Db2, such as Data Collection, Configuration, user Permissions, + and Sensitive Data. +- [MongoDB Solution](/docs/accessanalyzer/11.6/solutions/databases/mongodb/overview.md) + – Enterprise Auditorfor MongoDB automates the process of understanding where MongoDB databases + exist and provides an overview of the MongoDB environment in order to answer questions around data + access. +- [MySQL Solution](/docs/accessanalyzer/11.6/solutions/databases/mysql/overview.md) + – Enterprise Auditor for MySQL automates the process of understanding where MySQL databases exist + and provides an overview of the MySQL environment in order to answer questions around data access. +- [Oracle Solution](/docs/accessanalyzer/11.6/solutions/databases/oracle/overview.md) + – Enterprise Auditor for Oracle automates the process of understanding where Oracle databases + exist and provides an overview of the Oracle environment in order to answer questions around data + access. +- [PostgreSQL Solution](/docs/accessanalyzer/11.6/solutions/databases/postgresql/overview.md) + – Enterprise Auditor for PostgreSQL automates the process of understanding where + PostgreSQL databases exist and provides an overview of the PostgreSQL environment in order to + answer questions around data access. +- [Redshift Solution](/docs/accessanalyzer/11.6/solutions/databases/redshift/overview.md) + – Redshift Solution Set is a comprehensive set of pre-configured audit jobs and reports that + provide visibility into various aspects of Redshift: Data Collection, Configuration, and Sensitive + Data. +- [SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/overview.md) + – SQL Job Group is a comprehensive set of pre-configured audit jobs and reports that provide + information on users and roles, activity, permissions, configuration, sensitive data, and overall + security assessment for both the SQL 0.Collection Job Group and Azure SQL 0.Collection Job Group. + +The Database Solution license includes all supported database platforms supported by Enterprise +Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database +content for sensitive data. + +The following table identifies the type of audit functionality for each supported database platform: + +| Database Platforms | Instance Discovery | Permission Audit | Activity Audit | Sensitive Data Discovery | Configuration Audit | +| ------------------ | ------------------ | --------------------- | --------------- | ------------------------ | ----------------------- | +| SQL Server | Fully Supported | Fully Supported | Fully Supported | Fully Supported | Fully Supported | +| Oracle | Fully Supported | Fully Supported | Fully Supported | Fully Supported | Fully Supported | +| DB2 | | Fully Supported | | Fully Supported | \*\*Partially Supported | +| MongoDB | | | | Fully Supported | \*\*Partially Supported | +| MySQL | | \*Partially Supported | | Fully Supported | \*\*Partially Supported | +| PostgreSQL | | \*Partially Supported | | Fully Supported | \*\*Partially Supported | +| Redshift | | \*Partially Supported | | Fully Supported | \*\*Partially Supported | + +In the above table: + +- \*Partially Supported, "Permission Audit" means the permissions as solely collected at the table + level. +- \*\*Partially Supported, "Permission Audit" means only the database size information is collected. diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md deleted file mode 100644 index 9a7a9bf339..0000000000 --- a/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md +++ /dev/null @@ -1,438 +0,0 @@ -# 0.Collection Job Group - -The PostgreSQL Solution Collection Job Group is designed to collect high level summary information -from targeted PostgreSQL Servers. This information is used by other jobs in the PostgreSQL Solution -Set for further analysis and producing respective reports. - -![0.Collection Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/0.collectionjobgroup.webp) - -The jobs in the 0.Collection Job Group are: - -- [PgSQL_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md) - - Designed to return additional configuration settings from PostgreSQL servers -- [PgSQL_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md) - - Designed to discover sensitive data in PostgreSQL databases based on pre-defined or user-defined - search criteria -- [PgSQL_TablePrivileges Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md) - - Designed to collect PostgreSQL table privileges from all the targeted servers. - -Workflow - -1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the - Recommended Configurations section. See the - [Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) - topic for additional information. -2. For Sensitive Data Discovery Auditing – Ensure the Sensitive Data Discovery Add-On is installed - on the Enterprise Auditor Console server. -3. Schedule the solution to run daily or as desired. -4. Review the reports generated by the jobs. - -# PgSQL_Configuration Job - -The PgSQL_Configuration Job is designed to return additional configuration settings from -PostgreSQL servers. - -## Queries for the PgSQL_Configuration Job - -The PgSQL_Configuration Job uses the SQL Data Collector. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/configurationquery.webp) - -The query is: - -- PostgreSQL Database Sizing - Collects details about PostgreSQL databases. See the - [SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) - topic for additional information. - -# PgSQL_SensitiveDataScan Job - -The PgSQL_SensitiveDataScan Job is designed to discover sensitive data in PostgreSQL databases based -on pre-defined or user-defined search criteria. - -## Queries for the PgSQL_SensitiveDataScan Job - -The PgSQL_SensitiveDataScan Job uses the SQL Data Collector. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataquery.webp) - -The query is: - -- PostgreSQL — Scans the PostgreSQL database for sensitive data. For configuring the - [SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md), - see the SQL Data Collector topic for additional information. - -### Configure the SensitiveDataScan Query - -The PgSQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive -Data Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > -**PgSQL_SensitiveDataScan** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the **PostgreSQL** query click on Query Properties. -The Query Properties window appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this -job. - -![Sensitive Data Scan Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/datascanjobsettings.webp) - -**Step 4 –** To modify sensitive data scan options, navigate to the -[SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. Select the desired scan options. - -**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -![Select DLP Criteria](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp) - -**Step 5 –** To modify criteria, navigate to the -[SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. By default, the Sensitive Data Scan job is configured to scan for criteria configured in the -Global Criteria settings. See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) -topic for additional information. - -![Filters page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp) - -**Step 6 –** PostgreSQL databases must be added to the query before they can be scanned. Navigate to -the **Filter** page and click **Connections** to open the Manage Connections window. - -![Manage Connections](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/manageconnectionspgsql.webp) - -**Step 7 –** In the Manage Connections window, click **New Connection** and add the following -information: - -- Is Active Checkbox — Check to include the database on the Servers Pane on the Filter page. -- Instance Label — The name of the instance -- Database System — Select PostgreSQL from the dropdown list -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the database. The default port for PostgreSQL is 5432 - -Exit the Manage Connections window to return to the Filter page. - -**Step 8 –** On the Filter page, the query is configured by default to target Only select database -objects. Click Retrieve. The Available database objects box will populate. The default filter will -scan all PostgreSQL databases returned, excluding the listed system or default schemas and tables in -red. Databases and instances can be added in the following ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Use the Add Custom Filter button to create and apply a custom filter. - -**Step 9 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The PgSQL_SensitiveDataScan Job is now ready to run with the customized settings. - -## Anaylsis Tasks for the PsgSQL_SensitiveDataScan Job - -Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > **PgSQL_SensitiveDataScan** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) - -The default analysis tasks are: - -- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table -- PostgreSQL SDD Matches View — Bring the PostgreSQL SDD Matches View to the SA console -- PostgreSQL SDD Match Hits View — Bring the PostgreSQL SDD Match Hits View to the SA console -- PostgreSQL SDD AIC Import — Imports PostgreSQL SDD into the AIC - -# PgSQL_TablePrivileges Job - -The PgSQL_TablePrivileges job is designed to collect PostgreSQL table privileges from all the -targeted servers. - -## Queries for the PgSQL_TablePrivileges Job - -The PgSQL_TablePrivileges Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_query.webp) - -The query is: - -- Table Privileges - Returns table privileges from all the targeted servers. - -## Analysis Task for the PgSQL_TablePrivileges Job - -Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > **PgSQL_TablePrivileges** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_analysis.webp) - -The default analysis task is: - -- AIC Import - PostgreSQL Permissions – Imports PostgreSQL permissions to the AIC. -- AIC Import - Databases – Imports PostgreSQL database and schema nodes to the AIC. - -# PostgreSQL Solution - -Data privacy and security is quickly evolving to be on equal footing with traditional security -measures focused on the network, hardware, or software the data is contained within. Organizations -aligning to concepts like Data-Centric Audit and Protection (DCAP) as defined by Gartner, or the -requirements of strict compliance regulations like EU GDPR, are looking to implement processes that -help them understand where sensitive data is stored, who or what is leveraging their privileges to -access the data, and how each database has been configured. - -As part of Netwrix comprehensive Data Access Governance suite for structured and unstructured data, -Enterprise Auditor for PostgreSQL automates the process of understanding where PostgreSQL databases -exist and provides an overview of the PostgreSQL environment in order to answer questions around -data access: - -- Who has access to your data? -- Where is sensitive data being stored? - -With visibility into every corner of PostgreSQL, organizations can proactively highlight and -prioritize risks to sensitive data. Additionally, organizations can automate manual, time-consuming, -and expensive processes associated with compliance, security, and operations to easily adhere to -best practices that keep PostgreSQL Server safe and operational. - -Supported Platforms - -- Open Source PostgreSQL 9x through 12x -- Enterprise DB PostgreSQL (10x trhough 12x) -- Amazon AWS Aurora PostgreSQL Engine (all versions supported by Amazon AWS) -- Azure PostgreSQL (9.6) - -Requirements, Permissions, and Ports - -See the -[Target PostgreSQL Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -By default, the job is configured to use 10 threads, which can be adjusted based on available -resources on the Enterprise Auditor server. - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Location - -The Structured Sensitive Data Discovery License is required to run the PostgreSQL Solution. It can -be installed from theEnterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs -tree, navigate to the solution: Jobs > **Databases** > PostgreSQL. - -The 0.Collection Job Group performs sensitive data discovery and collects information on database -configurations on the target hosts. The other job groups analyze and report on the data collected by -the 0.Collection Job Group. - -The Database Solution license includes all supported database platforms supported by Enterprise -Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database -content for sensitive data. - -## Job Groups - -The Enterprise Auditor PosgreSQL Solution Set is a set of pre-configured audit jobs and reports that -provides visibility into PostgreSQL Sensitive Data. - -![PostgreSQL Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/postgresqljobgroup.webp) - -The job groups in the PostgreSQL Solution are: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md) - - Designed to collect high level summary information from targeted PostgreSQL Servers. This - information is used by other jobs in the PostgreSQL Solution Set for further analysis and - producing respective reports -- [Configuration > PgSQL_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md) - - Designed to provide insight into details about the PostgreSQL environment and potential - vulnerabilities related to instance configuration settings -- [Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md) - - Designed to provide insight into where sensitive data exists and who has access to it across all - the targeted PostgreSQL databases - -# Configuration > PgSQL_DatabaseSizing Job - -The Configuration Job Group is designed to provide insight into details about the -PostgreSQL environment and potential vulnerabilities related to instance configuration settings. - -![Configuration Job Group - PostgreSQL](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp) - -The job in the Configuration Job Groups is: - -- PgSQL_DatabaseSizing Job - Provides details about PostgreSQL databases and overall database size - -## Analysis Tasks for the PgSQL_DatabaseSizing Job - -Navigate to the **Jobs > Databases > PostgreSQL > Configuration > PgSQL_DatabaseSizing > Configure** -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp) - -The default analysis tasks are: - -- Database Sizing Details - Provides details about PostgreSQL databases and sizing -- Database Sizing Summary - Summarizes PostgreSQL database sizing by host - -In addition to the tables and views created the analysis task, the PgSQL_DatabaseSizing Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report highlights the size of databases in PostgreSQL | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays sizes by host (GB) - Table – Provides database details | - -# Recommended Configuration for the PostgreSQL Solution - -The jobs in the PostgreSQL Solution has been configured to inherit down from the **PostgreSQL** > -**Settings** node. However, it is best practice to assign the host list and the Connection Profile -at the data collection level, 0.Collection Job Group. Once these are assigned to the job group, it -can be run directly or scheduled. - -Dependencies - -- **.Active Directory Inventory** Job Group run successfully -- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the - Enterprise Auditor Console server -- For AWS RDS and Aurora instances, right-click a job in the **PostgreSQL** > **0.Collection** - folder and open the properties window. Select the **Performance** tab and ensure that the **Skip - Hosts that do not respond to PING**checkbox is not selected. - -Targeted Host(s) - -- The 0.Collection Job Group must be set to run against a custom host list containing the - PostgreSQL database instances / clusters. -- For AWS RDS instances, specify the endpoint when creating a host list. This value may change after - saving the list if the instance is part of a cluster. - -Connection Profile - -The SQL Data Collector requires a specific set of permissions. For the PostgreSQL Solution, the -credentials configured in the Connection Profile must be able to access the PostgreSQL Database. See -the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information on permissions and creating a SQL custom connection profile. - -The Connection Profile is set to **Use the Default Profile**, as configured at the global settings -level. However, since this may not be the Connection Profile with the necessary permissions for the -assigned hosts, click the radio button for the **Select one of the following user defined profiles** -option and select the appropriate Connection Profile drop-down menu. - -Schedule Frequency - -Daily - -Run Order - -The 0.Collection Job Group must be run first before running the other jobs and job groups. - -**_RECOMMENDED:_** Run the solution at the top level: PostgreSQL Job Group - -Query Configuration - -This solution is designed to be run with the default query configurations. However, the -PostgreSQL_SensitiveDataScan Job query can be customized as needed. See the -[Configure the SensitiveDataScan Query](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md#configure-the-sensitivedatascan-query) -topic for additional information. - -Analysis Configuration - -This solution should be run with the default analysis configurations. These analysis tasks are -preconfigured and should not be modified or deselected! - -Disabling obsolete or run-desired jobs allows the solution to run more efficiently. To disable a job -or job group, right-click on the item and select **Disable Job**. - -**_RECOMMENDED:_** Do not delete any jobs. Instead, jobs should be disabled. - -# Sensitive Data Job Group - -The Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who -has access to it across all the targeted PostgreSQL databases. - -![Sensitive Data Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) - -The job in the Sensitive Data Job Group is: - -- [PgSQL_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md) - - Designed to provide information on all the sensitive data that was discovered in the targeted - PostgreSQL servers based on the selected scan criteria -- [PgSQL_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql-analysis.md) - - Designed to provide information on all types of permissions on database objects containing - sensitive data across all the targeted PostgreSQL servers based on the selected scan criteria. - -# PgSQL_SensitiveData Job - -The PsSQL_SensitiveData Job is designed to provide information on all the sensitive data that was -discovered in the targeted PostgreSQL servers based on the selected scan criteria. - -## Analysis Tasks for the PgSQL_SensitiveData Job - -Navigate to the **Jobs > Databases > PostgreSQL > Sensitive Data > PgSQL_SensitiveData > Configure** -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![pgsqlsensitivedataanalysis](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp) - -The default analysis tasks are: - -- Sensitive Data Details - Returns details around sensitive data in PostgreSQL -- Database Summary - Summarizes sensitive data in PostgreSQL by database -- Enterprise Summary - Summarizes PostgreSQL sensitive data for the organization - -In addition to the tables and views created the analysis task, the PgSQL_SensitiveData Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | --------------------------------------------------------------------------- | -------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise | None | This report is comprised of two elements: - Bar Chart – Displays exceptions by match count - Table – Provides exception details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data crtieria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides information on databases with sensitive data - Table - Provides details on sensitive data | - -# PgSQL_SensitiveDataPermissions Job - -The PgSQL_SensitiveDataPermissions Job is designed to provide information on all types of -permissions on database objects containing sensitive data across all the targeted PostgreSQL servers -based on the selected scan criteria. - -## Analysis Tasks for the PgSQL_SensitiveData Job - -Navigate to the **Jobs > Databases > PostgreSQL > Sensitive -Data > PgSQL_SensitiveDataPermissions > Configure** node and select Analysis to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp) - -The default analysis tasks are: - -- Sensitive Data Permission Details – Creates the PgSQL_SensitiveDataPermissions_Details table - accessible under the job’s Results node -- Sensitive Data Permissions Database Summary – Creates the - PgSQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the -PgSQL_SensitiveDataPermissions Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/overview.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/overview.md new file mode 100644 index 0000000000..41926c1d77 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/overview.md @@ -0,0 +1,28 @@ +# 0.Collection Job Group + +The PostgreSQL Solution Collection Job Group is designed to collect high level summary information +from targeted PostgreSQL Servers. This information is used by other jobs in the PostgreSQL Solution +Set for further analysis and producing respective reports. + +![0.Collection Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/0.collectionjobgroup.webp) + +The jobs in the 0.Collection Job Group are: + +- [PgSQL_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_configuration.md) - + Designed to return additional configuration settings from PostgreSQL servers +- [PgSQL_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_sensitivedatascan.md) - + Designed to discover sensitive data in PostgreSQL databases based on pre-defined or user-defined + search criteria +- [PgSQL_TablePrivileges Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_tableprivileges.md) - + Designed to collect PostgreSQL table privileges from all the targeted servers. + +Workflow + +1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the + Recommended Configurations section. See the + [Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) + topic for additional information. +2. For Sensitive Data Discovery Auditing – Ensure the Sensitive Data Discovery Add-On is installed + on the Enterprise Auditor Console server. +3. Schedule the solution to run daily or as desired. +4. Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_configuration.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_configuration.md new file mode 100644 index 0000000000..322da5b124 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_configuration.md @@ -0,0 +1,18 @@ +# PgSQL_Configuration Job + +The PgSQL_Configuration Job is designed to return additional configuration settings from +PostgreSQL servers. + +## Queries for the PgSQL_Configuration Job + +The PgSQL_Configuration Job uses the SQL Data Collector. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/configurationquery.webp) + +The query is: + +- PostgreSQL Database Sizing - Collects details about PostgreSQL databases. See the + [SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_sensitivedatascan.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_sensitivedatascan.md new file mode 100644 index 0000000000..d5bb3ee8bd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_sensitivedatascan.md @@ -0,0 +1,100 @@ +# PgSQL_SensitiveDataScan Job + +The PgSQL_SensitiveDataScan Job is designed to discover sensitive data in PostgreSQL databases based +on pre-defined or user-defined search criteria. + +## Queries for the PgSQL_SensitiveDataScan Job + +The PgSQL_SensitiveDataScan Job uses the SQL Data Collector. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedataquery.webp) + +The query is: + +- PostgreSQL — Scans the PostgreSQL database for sensitive data. For configuring the + [SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md), + see the SQL Data Collector topic for additional information. + +### Configure the SensitiveDataScan Query + +The PgSQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive +Data Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > +**PgSQL_SensitiveDataScan** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the **PostgreSQL** query click on Query Properties. +The Query Properties window appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this +job. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/datascanjobsettings.webp) + +**Step 4 –** To modify sensitive data scan options, navigate to the +[SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) +page. Select the desired scan options. + +**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +![Select DLP Criteria](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp) + +**Step 5 –** To modify criteria, navigate to the +[SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) +page. By default, the Sensitive Data Scan job is configured to scan for criteria configured in the +Global Criteria settings. See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +![Filters page](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp) + +**Step 6 –** PostgreSQL databases must be added to the query before they can be scanned. Navigate to +the **Filter** page and click **Connections** to open the Manage Connections window. + +![Manage Connections](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/manageconnectionspgsql.webp) + +**Step 7 –** In the Manage Connections window, click **New Connection** and add the following +information: + +- Is Active Checkbox — Check to include the database on the Servers Pane on the Filter page. +- Instance Label — The name of the instance +- Database System — Select PostgreSQL from the dropdown list +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the database. The default port for PostgreSQL is 5432 + +Exit the Manage Connections window to return to the Filter page. + +**Step 8 –** On the Filter page, the query is configured by default to target Only select database +objects. Click Retrieve. The Available database objects box will populate. The default filter will +scan all PostgreSQL databases returned, excluding the listed system or default schemas and tables in +red. Databases and instances can be added in the following ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Use the Add Custom Filter button to create and apply a custom filter. + +**Step 9 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The PgSQL_SensitiveDataScan Job is now ready to run with the customized settings. + +## Anaylsis Tasks for the PsgSQL_SensitiveDataScan Job + +Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > **PgSQL_SensitiveDataScan** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) + +The default analysis tasks are: + +- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table +- PostgreSQL SDD Matches View — Bring the PostgreSQL SDD Matches View to the SA console +- PostgreSQL SDD Match Hits View — Bring the PostgreSQL SDD Match Hits View to the SA console +- PostgreSQL SDD AIC Import — Imports PostgreSQL SDD into the AIC diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_tableprivileges.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_tableprivileges.md new file mode 100644 index 0000000000..aaee171827 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_tableprivileges.md @@ -0,0 +1,31 @@ +# PgSQL_TablePrivileges Job + +The PgSQL_TablePrivileges job is designed to collect PostgreSQL table privileges from all the +targeted servers. + +## Queries for the PgSQL_TablePrivileges Job + +The PgSQL_TablePrivileges Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/tableprivileges_query.webp) + +The query is: + +- Table Privileges - Returns table privileges from all the targeted servers. + +## Analysis Task for the PgSQL_TablePrivileges Job + +Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > **PgSQL_TablePrivileges** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/tableprivileges_analysis.webp) + +The default analysis task is: + +- AIC Import - PostgreSQL Permissions – Imports PostgreSQL permissions to the AIC. +- AIC Import - Databases – Imports PostgreSQL database and schema nodes to the AIC. diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql/overview.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql/overview.md new file mode 100644 index 0000000000..c08991866f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/postgresql/overview.md @@ -0,0 +1,85 @@ +# PostgreSQL Solution + +Data privacy and security is quickly evolving to be on equal footing with traditional security +measures focused on the network, hardware, or software the data is contained within. Organizations +aligning to concepts like Data-Centric Audit and Protection (DCAP) as defined by Gartner, or the +requirements of strict compliance regulations like EU GDPR, are looking to implement processes that +help them understand where sensitive data is stored, who or what is leveraging their privileges to +access the data, and how each database has been configured. + +As part of Netwrix comprehensive Data Access Governance suite for structured and unstructured data, +Enterprise Auditor for PostgreSQL automates the process of understanding where PostgreSQL databases +exist and provides an overview of the PostgreSQL environment in order to answer questions around +data access: + +- Who has access to your data? +- Where is sensitive data being stored? + +With visibility into every corner of PostgreSQL, organizations can proactively highlight and +prioritize risks to sensitive data. Additionally, organizations can automate manual, time-consuming, +and expensive processes associated with compliance, security, and operations to easily adhere to +best practices that keep PostgreSQL Server safe and operational. + +Supported Platforms + +- Open Source PostgreSQL 9x through 12x +- Enterprise DB PostgreSQL (10x trhough 12x) +- Amazon AWS Aurora PostgreSQL Engine (all versions supported by Amazon AWS) +- Azure PostgreSQL (9.6) + +Requirements, Permissions, and Ports + +See the +[Target PostgreSQL Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databasepostgresql.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +By default, the job is configured to use 10 threads, which can be adjusted based on available +resources on the Enterprise Auditor server. + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Location + +The Structured Sensitive Data Discovery License is required to run the PostgreSQL Solution. It can +be installed from theEnterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs +tree, navigate to the solution: Jobs > **Databases** > PostgreSQL. + +The 0.Collection Job Group performs sensitive data discovery and collects information on database +configurations on the target hosts. The other job groups analyze and report on the data collected by +the 0.Collection Job Group. + +The Database Solution license includes all supported database platforms supported by Enterprise +Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database +content for sensitive data. + +## Job Groups + +The Enterprise Auditor PosgreSQL Solution Set is a set of pre-configured audit jobs and reports that +provides visibility into PostgreSQL Sensitive Data. + +![PostgreSQL Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/postgresqljobgroup.webp) + +The job groups in the PostgreSQL Solution are: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/overview.md) - + Designed to collect high level summary information from targeted PostgreSQL Servers. This + information is used by other jobs in the PostgreSQL Solution Set for further analysis and + producing respective reports +- [Configuration > PgSQL_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql/pgsql_databasesizing.md) - + Designed to provide insight into details about the PostgreSQL environment and potential + vulnerabilities related to instance configuration settings +- [Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/overview.md) - + Designed to provide insight into where sensitive data exists and who has access to it across all + the targeted PostgreSQL databases diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql/pgsql_databasesizing.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql/pgsql_databasesizing.md new file mode 100644 index 0000000000..9629835740 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/postgresql/pgsql_databasesizing.md @@ -0,0 +1,32 @@ +# Configuration > PgSQL_DatabaseSizing Job + +The Configuration Job Group is designed to provide insight into details about the +PostgreSQL environment and potential vulnerabilities related to instance configuration settings. + +![Configuration Job Group - PostgreSQL](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/configurationjobgroup.webp) + +The job in the Configuration Job Groups is: + +- PgSQL_DatabaseSizing Job - Provides details about PostgreSQL databases and overall database size + +## Analysis Tasks for the PgSQL_DatabaseSizing Job + +Navigate to the **Jobs > Databases > PostgreSQL > Configuration > PgSQL_DatabaseSizing > Configure** +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp) + +The default analysis tasks are: + +- Database Sizing Details - Provides details about PostgreSQL databases and sizing +- Database Sizing Summary - Summarizes PostgreSQL database sizing by host + +In addition to the tables and views created the analysis task, the PgSQL_DatabaseSizing Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report highlights the size of databases in PostgreSQL | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays sizes by host (GB) - Table – Provides database details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql/recommended.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql/recommended.md new file mode 100644 index 0000000000..c6b30b4a50 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/postgresql/recommended.md @@ -0,0 +1,62 @@ +# Recommended Configuration for the PostgreSQL Solution + +The jobs in the PostgreSQL Solution has been configured to inherit down from the **PostgreSQL** > +**Settings** node. However, it is best practice to assign the host list and the Connection Profile +at the data collection level, 0.Collection Job Group. Once these are assigned to the job group, it +can be run directly or scheduled. + +Dependencies + +- **.Active Directory Inventory** Job Group run successfully +- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the + Enterprise Auditor Console server +- For AWS RDS and Aurora instances, right-click a job in the **PostgreSQL** > **0.Collection** + folder and open the properties window. Select the **Performance** tab and ensure that the **Skip + Hosts that do not respond to PING**checkbox is not selected. + +Targeted Host(s) + +- The 0.Collection Job Group must be set to run against a custom host list containing the + PostgreSQL database instances / clusters. +- For AWS RDS instances, specify the endpoint when creating a host list. This value may change after + saving the list if the instance is part of a cluster. + +Connection Profile + +The SQL Data Collector requires a specific set of permissions. For the PostgreSQL Solution, the +credentials configured in the Connection Profile must be able to access the PostgreSQL Database. See +the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information on permissions and creating a SQL custom connection profile. + +The Connection Profile is set to **Use the Default Profile**, as configured at the global settings +level. However, since this may not be the Connection Profile with the necessary permissions for the +assigned hosts, click the radio button for the **Select one of the following user defined profiles** +option and select the appropriate Connection Profile drop-down menu. + +Schedule Frequency + +Daily + +Run Order + +The 0.Collection Job Group must be run first before running the other jobs and job groups. + +**_RECOMMENDED:_** Run the solution at the top level: PostgreSQL Job Group + +Query Configuration + +This solution is designed to be run with the default query configurations. However, the +PostgreSQL_SensitiveDataScan Job query can be customized as needed. See the +[Configure the SensitiveDataScan Query](/docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/pgsql_sensitivedatascan.md#configure-the-sensitivedatascan-query) +topic for additional information. + +Analysis Configuration + +This solution should be run with the default analysis configurations. These analysis tasks are +preconfigured and should not be modified or deselected! + +Disabling obsolete or run-desired jobs allows the solution to run more efficiently. To disable a job +or job group, right-click on the item and select **Disable Job**. + +**_RECOMMENDED:_** Do not delete any jobs. Instead, jobs should be disabled. diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/overview.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/overview.md new file mode 100644 index 0000000000..adcc0bf665 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/overview.md @@ -0,0 +1,15 @@ +# Sensitive Data Job Group + +The Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who +has access to it across all the targeted PostgreSQL databases. + +![Sensitive Data Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) + +The job in the Sensitive Data Job Group is: + +- [PgSQL_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedata.md) - + Designed to provide information on all the sensitive data that was discovered in the targeted + PostgreSQL servers based on the selected scan criteria +- [PgSQL_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedatapermissions.md) - + Designed to provide information on all types of permissions on database objects containing + sensitive data across all the targeted PostgreSQL servers based on the selected scan criteria. diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedata.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedata.md new file mode 100644 index 0000000000..984945222a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedata.md @@ -0,0 +1,28 @@ +# PgSQL_SensitiveData Job + +The PsSQL_SensitiveData Job is designed to provide information on all the sensitive data that was +discovered in the targeted PostgreSQL servers based on the selected scan criteria. + +## Analysis Tasks for the PgSQL_SensitiveData Job + +Navigate to the **Jobs > Databases > PostgreSQL > Sensitive Data > PgSQL_SensitiveData > Configure** +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![pgsqlsensitivedataanalysis](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp) + +The default analysis tasks are: + +- Sensitive Data Details - Returns details around sensitive data in PostgreSQL +- Database Summary - Summarizes sensitive data in PostgreSQL by database +- Enterprise Summary - Summarizes PostgreSQL sensitive data for the organization + +In addition to the tables and views created the analysis task, the PgSQL_SensitiveData Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | --------------------------------------------------------------------------- | -------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise | None | This report is comprised of two elements: - Bar Chart – Displays exceptions by match count - Table – Provides exception details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data crtieria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides information on databases with sensitive data - Table - Provides details on sensitive data | diff --git a/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedatapermissions.md b/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedatapermissions.md new file mode 100644 index 0000000000..c2e6befb44 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedatapermissions.md @@ -0,0 +1,30 @@ +# PgSQL_SensitiveDataPermissions Job + +The PgSQL_SensitiveDataPermissions Job is designed to provide information on all types of +permissions on database objects containing sensitive data across all the targeted PostgreSQL servers +based on the selected scan criteria. + +## Analysis Tasks for the PgSQL_SensitiveData Job + +Navigate to the **Jobs > Databases > PostgreSQL > Sensitive +Data > PgSQL_SensitiveDataPermissions > Configure** node and select Analysis to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp) + +The default analysis tasks are: + +- Sensitive Data Permission Details – Creates the PgSQL_SensitiveDataPermissions_Details table + accessible under the job’s Results node +- Sensitive Data Permissions Database Summary – Creates the + PgSQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the +PgSQL_SensitiveDataPermissions Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md b/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md deleted file mode 100644 index 34e161ff0c..0000000000 --- a/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md +++ /dev/null @@ -1,440 +0,0 @@ -# 0.Collection Job Group - -The Redshift Solution Collection group collects high level summary information from targeted -Redshift Servers.  Other jobs in the Redshift Solution Set use this information for further analysis -and for producing respective reports. - -![0](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/0.collection.webp) - -The jobs in the 0.Collection Job Group are: - -- [Redshift_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - — Returns additional configuration settings from Redshift servers -- [Redshift_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - — Discovers sensitive data in PostgreSQL databases based on pre-defined or user-defined search - criteria -- [Redshift_TablePrivileges Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - - Designed to collect Redshift table privileges from all the targeted servers. - -# Redshift_Configuration Job - -The Redshift_Configuration job returns additional configuration settings from Redshift servers. - -## Queries for the Redshift_Configuration Job - -The Redshift_Configuration Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![0](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/0.collectionconfiguration.webp) - -The query is: - -- Redshift Database Sizing — Provides details about Redshift databases and overall database size - -# Redshift_SensitiveDataScan Job - -This job discovers sensitive data in PostgreSQL databases on pre-defined or user-defined criteria. - -## Queries for the Redshift_SensitiveData Scan Job - -The Redshift_SensitiveDataScan Job uses the SQL Data Collector for queries. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataquery.webp) - -The query is: - -- Redshift Sensitive Data Scan — Provides information on all the sensitive data that was discovered - in the targeted Redshift servers based on the selected scan criteria. - -## Recommended Configuration for the SensitiveDataScan Query - -The Redshift_SensitiveDataScan Job is preconfigured to run using the default settings for the -Sensitive Data Collection category. It is necessary only to set up the connection for the Redshift- -SensitiveDataScan Job. Once the connection is established, it applies to any other 0.Collection job -query. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Redshift** > -**Redshift_SensitiveDataScan** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the Redshift Sensitive Data Scan query click on -Query Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens -with Sensitive Data Collection category selected. - -![Category Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp) - -**Step 4 –** Click **Next**. The Sensitive Data Scan Settings view appears. - -![Sensitive Data Scan Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp) - -**Step 5 –** To modify sensitive data scan options, select the desired scan options. See the -[SQL: Options](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page for additional information. - -**NOTE:** The Sensitive Data Scan Settings are preconfigured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -**Step 6 –** Click **Next**. The Select Criteria view appears. - -![Select DLP Criteria for Scan](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp) - -**Step 7 –** To modify criteria, click on **Use the following selected criteria:** and select your -choices. By default, the Sensitive Data Scan job is set to **Use Global Criteria**. Also by default, -the following System Criteria have been selected: - -- Credit Cards -- Tax Forms -- US SSN -- User ID -- Password - -**NOTE:** For more information on adding or deleting criteria, navigate to the -[SQL: Criteria](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page or See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) -topic for additional information. - -**Step 8 –** Click **Next**. The Filters view appears. - -![Filters Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp) - -**Step 9 –** Click **Connections** to open the Manage Connections window. - -**NOTE:** SQL databases must be added to the query before they can be scanned. Before you can add a -query, you must establish a connection to the database. - -![Manage Connections](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp) - -**Step 10 –** In the Manage Connections window, click **Create New Connection** and add the -following information: - -- Instance Label — The name of the instance -- Database System — Unique identifier for the database. Select the server to connect to from the - dropdown list. -- Service Name — Unique identifier for the service. Enter a Service Name. -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the selected database -- Default Database — Default Database - -**Step 11 –** Exit the Manage Connections window to return to the Filter page. - -**Step 12 –** Select Only select database objects. or **All database objects**. The query is -configured by default to target Only select database objects. - -**NOTE:** For more information on filtering, see the -[SQL: Filter](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. - -**Step 13 –** Click Retrieve. The Available database objects box will populate. - -**Step 14 –** Add the Databases and instances to be audited. Databases and instances can be added in -the following ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Optionally use the Add Custom Filter button to create and apply a custom filter. - -The selected database objects to be audited display. - -**Step 15 –** Click **Next** and navigate to the Summary page, click Finish to save any setting -modifications or click Cancel if no changes were made. Then click OK to close the Query Properties -window. - -The 1-Db2_SensitsveDataScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the Redshift_SensitiveDataScan - -Navigate to the \_**\_Databases > 0.Collection >**Redshift >\_\_ **Redshift_SensitiveDataScan** > -**Configure** node and select **Analysis** to view the Analysis Tasks. The Analysis tasks do not -require any configuration as they just populate the reports with the collected information and do -not collect data themselves. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp) - -The default analysis tasks are: - -- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table -- Redshift SDD Matches View — Brings the Redshift SDD Matches View to the Enterprise Auditor console -- Redshift SDD Matches Hits View — Brings the SA_SQL Match Hits View to the Enterprise Auditor - console -- Redshift ADD AIC Import —Imports Redshift SDD into the AIC - -# Redshift_TablePrivileges Job - -The Redshift_TablePrivileges job is designed to collect Redshift table privileges from all the -targeted servers. - -## Queries for the Redshift_TablePrivileges Job - -The Redshift_TablePrivileges Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesquery.webp) - -The query is: - -- Table Privileges - Returns table privileges from all the targeted servers. - -## Analysis Task for the Redshift_TablePrivileges Job - -Navigate to the **Databases** > **0.Collection** > **Redshift** > **Redshift_TablePrivileges** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesanalysis.webp) - -The default analysis task is: - -- AIC Import - Redshift Permissions – Imports Redshift table privileges to the AIC. -- AIC Import - Databases – Imports Redshift database and schema nodes to the AIC. - -# Redshift Solution - -The Enterprise Auditor Redshift Solution Set is a comprehensive set of pre-configured audit jobs and -reports that provide visibility into various aspects of Redshift: Data Collection, Configuration, -and Sensitive Data. - -The Redshift Solution requires a special Enterprise Auditor license. Additionally, the Sensitive -Data Discovery Add-On enables the solution to search Redshift and AWS content for sensitive data. - -Supported Platforms - -- Amazon AWS Redshift -- AWS Redshift Cluster - -Requirements, Permissions, and Ports - -See the -[Target Redshift Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -By default, the job is configured to use 10 threads, which can be adjusted based on available -resources on the Enterprise Auditor server. - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Location - -The Redshift Solution requires a special Enterprise Auditor license. It can be installed from the -Enterprise Auditor Instant Job Wizard. Once it has been installed in the **Jobs** tree, navigate to -the solution: **Jobs** > **Databases** > **Redshift Solution**. - -The 0.Collection Job Group discovers SQL instances on the target hosts, and collects the data. The -other job groups analyze the collected data and generate reports. - -The Database Solution license includes all supported database platforms supported by Enterprise -Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database -content for sensitive data. - -## Redshift Job Group - -The Enterprise Auditor Redshift  Solution Set is a set of preconfigured audit jobs and reports that -provides visibility into Redshift Sensitive Data. - -![redshiftjobgrpoverview](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/redshiftjobgrpoverview.webp) - -The following job groups comprise the Redshift Job Group: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - — Collects high level summary information from targeted Redshift Servers. Other jobs in the - Redshift Solution Set use this information for further analysis and producing respective report. - This Job Group is comprised of the following jobs(s) - - - [Redshift_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - - [Redshift_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - - [Redshift_TablePrivileges Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - -- [Configuration > Redshift_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - — Provides insight into details about the Redshift environment and potential vulnerabilities - relating to instance configuration settings. - -- [Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - — Provides insight into where sensitive data exists and who has access to it across all the - targeted Redshift databases.This Job Group is comprised of the following job(s): - - - [Redshift_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - - [Redshift_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - -# Recommended Configuration for the Redshift Solution - -The Redshift Solution is configured to inherit settings from the global Settings node. However, it -is best practice to assign the host list and the Connection Profile at the data collection level, -the 0.Collection Job Group. Once these are assigned to the job group, it can be run directly or -scheduled. - -Dependencies - -- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the - Enterprise Auditor Console server - -Targeted Host(s) - -The Redshift Job Group has been configured to inherit the host list assignment from the collection -group level. - -The host list assignment should be assigned under the **Redshift** > **0.Collection** > -**Settings** > **Host List Assignment** node. The **Local host** box is checked by default. - -Connection Profile - -The SQL Data Collector requires a specific set of permissions. See the Permissions section for -necessary permissions. The account used can be either an Active Directory account or a SQL account. -Once the account has been provisioned, create a custom Connection Profile containing the credentials -for the targeted environment. See the -[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -topic for additional information. - -The Connection Profile should be assigned under the **Redshift** > **0.Collection** > **Settings** > -**Connection** node. It is set to **Use the Default Profile**, as configured at the global settings -level. However, since this may not be the Connection Profile with the necessary permissions for the -assigned hosts, click the radio button for the **Select one of the following user defined profiles** -option and select the appropriate Connection Profile drop-down menu. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -This job group can be scheduled to run as desired. - -Run Order - -The 0.Collection Jobs must be run first and in order. The other Redshift sub-job groups can be run -in any order, together or individually, after running the 0.Collection Job Group. - -**_RECOMMENDED:_** Run the solution at the top level. - -# Configuration > Redshift_DatabaseSizing Job - -This group provides insight into details about the Redshift environment and potential -vulnerabilities related to instance configuration settings. - -![configurationjobgroup](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp) - -The job(s) in the Configuration Job Group are: - -- Redshift_DatabaseSizing Job — Provides details about Redshift databases and overall database size. - -### Analysis Tasks for the Redshift_DatabaseSizing Job - -Navigate to the **Jobs** > **Databases**> **Redshift** > **Configuration** > -**Redshift_DatabaseSizing** > **Configure** node and select **Analysis** to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![analysisredshiftconfigurationjob](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/analysisredshiftconfigurationjob.webp) - -The default analysis tasks are: - -- Database Sizing Details — Provides details about Redshift databases and sizing -- Database Sizing Summary — Summarizes Redshift database sizing by host - -## Report for the Redshift_Database Sizing Job - -In addition to the tables and views created the analysis task, the Redshift_DatabaseSizing Job -produces the following preconfigured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------- | --------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report highlights the size of databases in Redshift. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays sizes by host (GB) - Table – Provides database details | - -# Sensitive Data Job Group - -This job provides insight into where sensitive data exists and who has access to it across all the -targeted Redshift databases. - -![sensitivedatajobgroup](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) - -The job(s) in the Sensitive Data Job Group are: - -- [Redshift_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - - Provides information on all the data that was discovered in the targeted Redshift database servers - based on the selected scan criteria -- [Redshift_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/redshift-analysis.md) - - Designed to provide information on all types of permissions on database objects containing - sensitive data across all the targeted PostgreSQL servers based on the selected scan criteria. - -# Redshift_SensitiveData Job - -This job provides information on all the sensitive data discovered in the targeted Redshift servers -based on the selected scan criteria. - -## Analysis Tasks for the Redshift_SensitiveData Job - -Navigate to the **Jobs** > **Databases** > **Redshift** >  **Sensitive Data** > -**Redshift_SensitiveData** > **Configure** node and select **Analysis** to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp) - -The default analysis tasks are: - -- Sensitive Data Details — Returns details around sensitive data in Redshift -- Database Summary — Summarizes Redshift sensitive data by database -- Enterprise Summary — Summarizes Redshift  sensitive data for the organization - -## Reports for the for the Redshift_SensitiveData Job - -In addition to the tables and views created the analysis task, the Redshift_SensitiveData Job -produces the following preconfigured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Bar Chart - Displays exceptions by Match Count - Table - Displays Exception Details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases with Sensitive Data - Table - Provides Sensitive Data Details | - -# Redshift_SensitiveDataPermissions Job - -The Redshift_SensitiveDataPermissions Job is designed to provide information on all types of -permissions on database objects containing sensitive data across all the targeted Redshift servers -based on the selected scan criteria. - -## Analysis Tasks for the Redshift_SensitiveData Job - -Navigate to the **Jobs > Databases > Redshift > Sensitive -Data > Redshift_SensitiveDataPermissions > Configure** node and select Analysis to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp) - -The default analysis tasks are: - -- Sensitive Data Permission Details – Creates the Redshift_SensitiveDataPermissions_Details table - accessible under the job’s Results node -- Sensitive Data Permissions Database Summary – Creates the - Redshift_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the -Redshift_SensitiveDataPermissions Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/overview.md b/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/overview.md new file mode 100644 index 0000000000..cd521631c8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/overview.md @@ -0,0 +1,17 @@ +# 0.Collection Job Group + +The Redshift Solution Collection group collects high level summary information from targeted +Redshift Servers.  Other jobs in the Redshift Solution Set use this information for further analysis +and for producing respective reports. + +![0](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/0.collection.webp) + +The jobs in the 0.Collection Job Group are: + +- [Redshift_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_configuration.md) + — Returns additional configuration settings from Redshift servers +- [Redshift_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_sensitivedatascan.md) + — Discovers sensitive data in PostgreSQL databases based on pre-defined or user-defined search + criteria +- [Redshift_TablePrivileges Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_tableprivileges.md) - + Designed to collect Redshift table privileges from all the targeted servers. diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_configuration.md b/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_configuration.md new file mode 100644 index 0000000000..1f3d0e5058 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_configuration.md @@ -0,0 +1,15 @@ +# Redshift_Configuration Job + +The Redshift_Configuration job returns additional configuration settings from Redshift servers. + +## Queries for the Redshift_Configuration Job + +The Redshift_Configuration Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![0](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/0.collectionconfiguration.webp) + +The query is: + +- Redshift Database Sizing — Provides details about Redshift databases and overall database size diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_sensitivedatascan.md b/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_sensitivedatascan.md new file mode 100644 index 0000000000..756f6ec99a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_sensitivedatascan.md @@ -0,0 +1,132 @@ +# Redshift_SensitiveDataScan Job + +This job discovers sensitive data in PostgreSQL databases on pre-defined or user-defined criteria. + +## Queries for the Redshift_SensitiveData Scan Job + +The Redshift_SensitiveDataScan Job uses the SQL Data Collector for queries. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedataquery.webp) + +The query is: + +- Redshift Sensitive Data Scan — Provides information on all the sensitive data that was discovered + in the targeted Redshift servers based on the selected scan criteria. + +## Recommended Configuration for the SensitiveDataScan Query + +The Redshift_SensitiveDataScan Job is preconfigured to run using the default settings for the +Sensitive Data Collection category. It is necessary only to set up the connection for the Redshift- +SensitiveDataScan Job. Once the connection is established, it applies to any other 0.Collection job +query. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Redshift** > +**Redshift_SensitiveDataScan** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the Redshift Sensitive Data Scan query click on +Query Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens +with Sensitive Data Collection category selected. + +![Category Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp) + +**Step 4 –** Click **Next**. The Sensitive Data Scan Settings view appears. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp) + +**Step 5 –** To modify sensitive data scan options, select the desired scan options. See the +[SQL: Options](/docs/accessanalyzer/11.6/admin/datacollector/sql/options.md) +page for additional information. + +**NOTE:** The Sensitive Data Scan Settings are preconfigured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +**Step 6 –** Click **Next**. The Select Criteria view appears. + +![Select DLP Criteria for Scan](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp) + +**Step 7 –** To modify criteria, click on **Use the following selected criteria:** and select your +choices. By default, the Sensitive Data Scan job is set to **Use Global Criteria**. Also by default, +the following System Criteria have been selected: + +- Credit Cards +- Tax Forms +- US SSN +- User ID +- Password + +**NOTE:** For more information on adding or deleting criteria, navigate to the +[SQL: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/sql/criteria.md) +page or See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +**Step 8 –** Click **Next**. The Filters view appears. + +![Filters Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp) + +**Step 9 –** Click **Connections** to open the Manage Connections window. + +**NOTE:** SQL databases must be added to the query before they can be scanned. Before you can add a +query, you must establish a connection to the database. + +![Manage Connections](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp) + +**Step 10 –** In the Manage Connections window, click **Create New Connection** and add the +following information: + +- Instance Label — The name of the instance +- Database System — Unique identifier for the database. Select the server to connect to from the + dropdown list. +- Service Name — Unique identifier for the service. Enter a Service Name. +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the selected database +- Default Database — Default Database + +**Step 11 –** Exit the Manage Connections window to return to the Filter page. + +**Step 12 –** Select Only select database objects. or **All database objects**. The query is +configured by default to target Only select database objects. + +**NOTE:** For more information on filtering, see the +[SQL: Filter](/docs/accessanalyzer/11.6/admin/datacollector/sql/filter.md) +page. + +**Step 13 –** Click Retrieve. The Available database objects box will populate. + +**Step 14 –** Add the Databases and instances to be audited. Databases and instances can be added in +the following ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Optionally use the Add Custom Filter button to create and apply a custom filter. + +The selected database objects to be audited display. + +**Step 15 –** Click **Next** and navigate to the Summary page, click Finish to save any setting +modifications or click Cancel if no changes were made. Then click OK to close the Query Properties +window. + +The 1-Db2_SensitsveDataScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the Redshift_SensitiveDataScan + +Navigate to the _**_Databases > 0.Collection >**Redshift >__ **Redshift_SensitiveDataScan** > +**Configure** node and select **Analysis** to view the Analysis Tasks. The Analysis tasks do not +require any configuration as they just populate the reports with the collected information and do +not collect data themselves. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp) + +The default analysis tasks are: + +- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table +- Redshift SDD Matches View — Brings the Redshift SDD Matches View to the Enterprise Auditor console +- Redshift SDD Matches Hits View — Brings the SA_SQL Match Hits View to the Enterprise Auditor + console +- Redshift ADD AIC Import —Imports Redshift SDD into the AIC diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_tableprivileges.md b/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_tableprivileges.md new file mode 100644 index 0000000000..0c7227addd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_tableprivileges.md @@ -0,0 +1,31 @@ +# Redshift_TablePrivileges Job + +The Redshift_TablePrivileges job is designed to collect Redshift table privileges from all the +targeted servers. + +## Queries for the Redshift_TablePrivileges Job + +The Redshift_TablePrivileges Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/tableprivilegesquery.webp) + +The query is: + +- Table Privileges - Returns table privileges from all the targeted servers. + +## Analysis Task for the Redshift_TablePrivileges Job + +Navigate to the **Databases** > **0.Collection** > **Redshift** > **Redshift_TablePrivileges** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/tableprivilegesanalysis.webp) + +The default analysis task is: + +- AIC Import - Redshift Permissions – Imports Redshift table privileges to the AIC. +- AIC Import - Databases – Imports Redshift database and schema nodes to the AIC. diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift/overview.md b/docs/accessanalyzer/11.6/solutions/databases/redshift/overview.md new file mode 100644 index 0000000000..3bb5fe0198 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/redshift/overview.md @@ -0,0 +1,78 @@ +# Redshift Solution + +The Enterprise Auditor Redshift Solution Set is a comprehensive set of pre-configured audit jobs and +reports that provide visibility into various aspects of Redshift: Data Collection, Configuration, +and Sensitive Data. + +The Redshift Solution requires a special Enterprise Auditor license. Additionally, the Sensitive +Data Discovery Add-On enables the solution to search Redshift and AWS content for sensitive data. + +Supported Platforms + +- Amazon AWS Redshift +- AWS Redshift Cluster + +Requirements, Permissions, and Ports + +See the +[Target Redshift Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databaseredshift.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +By default, the job is configured to use 10 threads, which can be adjusted based on available +resources on the Enterprise Auditor server. + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Location + +The Redshift Solution requires a special Enterprise Auditor license. It can be installed from the +Enterprise Auditor Instant Job Wizard. Once it has been installed in the **Jobs** tree, navigate to +the solution: **Jobs** > **Databases** > **Redshift Solution**. + +The 0.Collection Job Group discovers SQL instances on the target hosts, and collects the data. The +other job groups analyze the collected data and generate reports. + +The Database Solution license includes all supported database platforms supported by Enterprise +Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database +content for sensitive data. + +## Redshift Job Group + +The Enterprise Auditor Redshift  Solution Set is a set of preconfigured audit jobs and reports that +provides visibility into Redshift Sensitive Data. + +![redshiftjobgrpoverview](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/redshiftjobgrpoverview.webp) + +The following job groups comprise the Redshift Job Group: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/overview.md) + — Collects high level summary information from targeted Redshift Servers. Other jobs in the + Redshift Solution Set use this information for further analysis and producing respective report. + This Job Group is comprised of the following jobs(s) + + - [Redshift_Configuration Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_configuration.md) + - [Redshift_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_sensitivedatascan.md) + - [Redshift_TablePrivileges Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/collection/redshift_tableprivileges.md) + +- [Configuration > Redshift_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/redshift_databasesizing.md) + — Provides insight into details about the Redshift environment and potential vulnerabilities + relating to instance configuration settings. + +- [Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/overview.md) + — Provides insight into where sensitive data exists and who has access to it across all the + targeted Redshift databases.This Job Group is comprised of the following job(s): + + - [Redshift_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/redshift_sensitivedata.md) + - [Redshift_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/redshift_sensitivedatapermissions.md) diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift/recommended.md b/docs/accessanalyzer/11.6/solutions/databases/redshift/recommended.md new file mode 100644 index 0000000000..c7a897e08a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/redshift/recommended.md @@ -0,0 +1,49 @@ +# Recommended Configuration for the Redshift Solution + +The Redshift Solution is configured to inherit settings from the global Settings node. However, it +is best practice to assign the host list and the Connection Profile at the data collection level, +the 0.Collection Job Group. Once these are assigned to the job group, it can be run directly or +scheduled. + +Dependencies + +- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the + Enterprise Auditor Console server + +Targeted Host(s) + +The Redshift Job Group has been configured to inherit the host list assignment from the collection +group level. + +The host list assignment should be assigned under the **Redshift** > **0.Collection** > +**Settings** > **Host List Assignment** node. The **Local host** box is checked by default. + +Connection Profile + +The SQL Data Collector requires a specific set of permissions. See the Permissions section for +necessary permissions. The account used can be either an Active Directory account or a SQL account. +Once the account has been provisioned, create a custom Connection Profile containing the credentials +for the targeted environment. See the +[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/11.6/admin/datacollector/sql/configurejob.md) +topic for additional information. + +The Connection Profile should be assigned under the **Redshift** > **0.Collection** > **Settings** > +**Connection** node. It is set to **Use the Default Profile**, as configured at the global settings +level. However, since this may not be the Connection Profile with the necessary permissions for the +assigned hosts, click the radio button for the **Select one of the following user defined profiles** +option and select the appropriate Connection Profile drop-down menu. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +This job group can be scheduled to run as desired. + +Run Order + +The 0.Collection Jobs must be run first and in order. The other Redshift sub-job groups can be run +in any order, together or individually, after running the 0.Collection Job Group. + +**_RECOMMENDED:_** Run the solution at the top level. diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift/redshift_databasesizing.md b/docs/accessanalyzer/11.6/solutions/databases/redshift/redshift_databasesizing.md new file mode 100644 index 0000000000..fa066d171c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/redshift/redshift_databasesizing.md @@ -0,0 +1,34 @@ +# Configuration > Redshift_DatabaseSizing Job + +This group provides insight into details about the Redshift environment and potential +vulnerabilities related to instance configuration settings. + +![configurationjobgroup](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/configurationjobgroup.webp) + +The job(s) in the Configuration Job Group are: + +- Redshift_DatabaseSizing Job — Provides details about Redshift databases and overall database size. + +### Analysis Tasks for the Redshift_DatabaseSizing Job + +Navigate to the **Jobs** > **Databases**> **Redshift** > **Configuration** > +**Redshift_DatabaseSizing** > **Configure** node and select **Analysis** to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![analysisredshiftconfigurationjob](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/analysisredshiftconfigurationjob.webp) + +The default analysis tasks are: + +- Database Sizing Details — Provides details about Redshift databases and sizing +- Database Sizing Summary — Summarizes Redshift database sizing by host + +## Report for the Redshift_Database Sizing Job + +In addition to the tables and views created the analysis task, the Redshift_DatabaseSizing Job +produces the following preconfigured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------- | --------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report highlights the size of databases in Redshift. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays sizes by host (GB) - Table – Provides database details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/overview.md b/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/overview.md new file mode 100644 index 0000000000..9532fff7b5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/overview.md @@ -0,0 +1,15 @@ +# Sensitive Data Job Group + +This job provides insight into where sensitive data exists and who has access to it across all the +targeted Redshift databases. + +![sensitivedatajobgroup](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) + +The job(s) in the Sensitive Data Job Group are: + +- [Redshift_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/redshift_sensitivedata.md) - + Provides information on all the data that was discovered in the targeted Redshift database servers + based on the selected scan criteria +- [Redshift_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/redshift_sensitivedatapermissions.md) - + Designed to provide information on all types of permissions on database objects containing + sensitive data across all the targeted PostgreSQL servers based on the selected scan criteria. diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/redshift_sensitivedata.md b/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/redshift_sensitivedata.md new file mode 100644 index 0000000000..e31f3d5809 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/redshift_sensitivedata.md @@ -0,0 +1,30 @@ +# Redshift_SensitiveData Job + +This job provides information on all the sensitive data discovered in the targeted Redshift servers +based on the selected scan criteria. + +## Analysis Tasks for the Redshift_SensitiveData Job + +Navigate to the **Jobs** > **Databases** > **Redshift** >  **Sensitive Data** > +**Redshift_SensitiveData** > **Configure** node and select **Analysis** to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp) + +The default analysis tasks are: + +- Sensitive Data Details — Returns details around sensitive data in Redshift +- Database Summary — Summarizes Redshift sensitive data by database +- Enterprise Summary — Summarizes Redshift  sensitive data for the organization + +## Reports for the for the Redshift_SensitiveData Job + +In addition to the tables and views created the analysis task, the Redshift_SensitiveData Job +produces the following preconfigured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Bar Chart - Displays exceptions by Match Count - Table - Displays Exception Details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases with Sensitive Data - Table - Provides Sensitive Data Details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/redshift_sensitivedatapermissions.md b/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/redshift_sensitivedatapermissions.md new file mode 100644 index 0000000000..3124593c3a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/redshift_sensitivedatapermissions.md @@ -0,0 +1,30 @@ +# Redshift_SensitiveDataPermissions Job + +The Redshift_SensitiveDataPermissions Job is designed to provide information on all types of +permissions on database objects containing sensitive data across all the targeted Redshift servers +based on the selected scan criteria. + +## Analysis Tasks for the Redshift_SensitiveData Job + +Navigate to the **Jobs > Databases > Redshift > Sensitive +Data > Redshift_SensitiveDataPermissions > Configure** node and select Analysis to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp) + +The default analysis tasks are: + +- Sensitive Data Permission Details – Creates the Redshift_SensitiveDataPermissions_Details table + accessible under the job’s Results node +- Sensitive Data Permissions Database Summary – Creates the + Redshift_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the +Redshift_SensitiveDataPermissions Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md b/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md deleted file mode 100644 index e2d8fce825..0000000000 --- a/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md +++ /dev/null @@ -1,1577 +0,0 @@ -# 2.Activity Job Group - -The jobs in the 2. Activity Job Group provides insight into user login activity, object permission -changes, unusual database activity, SQL and Azure SQL activities against sensitive data, and SQL and -Azure SQL activities against selected or all database objects. - -![2.Activity Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup30.webp) - -The jobs in the 2.Activity Job Group are: - -- [SQL_Activity Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to provide insight into user activity in target SQL and Azure SQL server - instances and databases in each instance based on the SQL Server Audit Specification settings -- [SQL_Logons Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to provide insight into failed or successful SQL and Azure SQL server logon - activity across all the targeted SQL and Azure SQL Servers -- [SQL_PermissionChanges Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to provide detailed information about the changes in permissions across all - the database objects, specifically objects containing sensitive data -- [SQL_SensitiveDataActivity Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to provide detailed information about all the DML (UPDATE, INSERT, DELETE, - TRUNCATE) against objects containing selective data -- [SQL_UnusualActivity Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job group is designed to highlight any anomalies related to outlying user activity by - database across all the targeted SQL and Azure SQL server instances. - -# SQL_Activity Job - -The SQL_Activity Job provides insight into user activity in target SQL server instances and -databases based on SQL Server Audit Specification settings. - -## Analysis Tasks for the SQL_Activity Job - -Navigate to the **Databases** > SQL > 2.Activity > SQL_Activity > Configure node and select Analysis -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup31.webp) - -The default analysis tasks are: - -- List SQL User Activity Details – Creates the SA_SQLServer_Activity_Details table accessible under - the job’s Results node -- User Activity Database Summary – Creates the SA_SQLServer_Activity_UserDatabaseSummary table - accessible under the job’s Results node -- User Activity Instance Summary – Creates the SA_SQLServer_Activity_UserInstanceSummary table - accessible under the job’s Results node - -In addition to the tables and views created the analysis task, the SQL_Activity Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| User Activity Summary | This report lists all SQL events, and summarizes them by database and instance. | None | This report is comprised of three elements: - Bar Chart – Displays users with most events by instance - Table – Provides details on users with most events by database - Table – Provides details on event details | - -# SQL_Logons Job - -The SQL_Logons Job provides insight into failed and successful SQL and Azure SQL server logon -activity across all targeted SQL and Azure SQL servers. - -## Analysis Tasks for the SQL_Logons Job - -Navigate to the **Databases** > SQL > 2.Activity > SQL_Logons > Configure node and select Analysis -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup32.webp) - -The default analysis tasks are: - -- Logon Details – Creates the SA_SQLServer_Logons_Details table accessible under the job’s Results - node -- Logons Summary – Creates the SA_SQL_Logons_Summary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_Logons Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Server Logon Details | This report outlines successful and failed logins over the last 30 days | None | This report is comprised of three elements: - Stacked Bar Chart – Displays logon summary - Table – Provides details on logon summary - Table – Provides details on logon details | - -# SQL_PermissionChanges Job - -The SQL_PermissionChanges Job provides detailed information on permission changes for all database -objects, specifically objects containing sensitive data. - -## Analysis Tasks for the SQL_PermissionChanges Job - -Navigate to the **Databases** > SQL > 2.Activity > SQL_PermissionChanges > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup33.webp) - -The default analysis tasks are: - -- SQLServer Permission Changes – Creates the SA_SQLServer_PermissionChanges_Details table accessible - under the job’s Results node -- Permission Changes Instance Summary – Creates the SA_SQLServer_PermissionChanges_InstanceSummary - table accessible under the job’s Results node. This analysis task summarizes permission change - activity per instance. - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | -------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Permission Change Activity | This report lists all permission change related SQL events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission change activity - Table – Provides details on instances by permission change activity - Table – Provides details on event details | - -# SQL_SensitiveDataActivity Job - -The SQL_SensitiveDataActivity Job provides detailed information on DML (UPDATE, INSERT, DELETE, -TRUNCATE) used against objects containing sensitive data. - -## Analysis Tasks for the SQL_SensitiveDataActivity Job - -Navigate to the **Databases** > SQL > 2.Activity > SQL_SensitiveDataActivity > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup34.webp) - -The default analysis tasks are: - -- SDD Activity Details – Creates the SA_SQLServer_SensitiveDataActivity_Details table accessible - under the job’s Results node -- SDD Activity Instance Summary – Creates the SA_SQLServer_SensitiveDataActivity_UserSummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | --------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Activity | This report highlights events in databases containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance - Table – Provides details on user activity by instance - Table – Provides details on sensitive data activity details by database | - -# SQL_UnusualActivity Job - -The SQL_UnusualActivity Job identifies anomalies related to outlier user activity by database for -all targeted SQL and Azure SQL server instances. - -## Analysis Tasks for the SQL_UnusualActivity Job - -Navigate to the **Databases** > SQL > 2.Activity > SQL_UnusualActivity > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup35.webp) - -The default analysis tasks are: - -- Hourly User Activity Outlier Analysis – Creates the SA_SQLServer_UnusualHourlyUserActivity table - accessible under the job’s Results node -- Hourly Unusual Activity Summary – Creates the SA_SQLServer_UnusualActivitySummary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | ---------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Unusual Hourly Activity Report | This report lists abnormal user activity | None | This report is comprised of three elements: - Bar Chart – Displays abnormal user activity - Table – Provides details on number of outliers per instance - Table – Provides details on unusual hourly user activity | - -# 0-SQL_InstanceDiscovery Job - -The 0-SQL_InstanceDiscovery job enumerates and stores the list of SQL Server Instances running on -the targeted servers. - -## Queries for the 0-SQL_InstanceDiscovery Job - -The 0-SQL_InstanceDiscovery job uses the SQL Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/instancedisc_query.webp) - -- SQL Server Instance Discovery — Collects the list of SQL Server Instances from target endpoints - and populates the necessary instance connection information - -## Analysis Tasks for the 0-SQL_InstanceDiscovery Job - -Navigate to the **Databases** > **0.Collection** > **SQL** > **0-SQL_InstanceDiscovery** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/instancedisc_analysis.webp) - -The default analysis tasks is: - -- SQL Instances — Brings SA_SQL_Instances table to view - -# 1-SQL_PermissionsScan - -The 1-SQL_PermissionsScan Job collects SQL server instance and database level permissions from -targeted servers. - -## Queries for the 1-SQL_PermissionsScan Job - -The 1-SQL_PermissionsScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup6.webp) - -- PermissionsScan – Collects permissions from targeted instances - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the PermissionsScan Query](#configure-the-permissionsscan-query) topic for - additional information. - -### Configure the PermissionsScan Query - -The 1-SQL_PermissionScan Job is preconfigured to run using the default settings within the -Permissions Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 1-SQL_PermissionsScan > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, select the PermissionsScan query and click on Query -Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this -job. - -![Filters](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp) - -**Step 4 –** To query for specific databases/instances, navigate to the -[SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. The default query target is All databases. The default query scope is Only select database -objects and click Retrieve. The Available database objects will be populated. Databases and -instances can be added in the following ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Optionally, use the Add Custom Filter button to create and apply a custom filter. - -**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 1-SQL_PermissionsScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 1-SQL_PermissionScan Job - -Navigate to the **Databases** > 0.Collection > SQL > 1-SQL_PermissionsScan > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup8.webp) - -The default analysis tasks are: - -- Remove Old AIC Resources — Removes AIC resources using the old path that did not include the - schema -- AIC Import – Hosts — Imports SQL hosts to the AIC -- AIC Import – Instance Permissions Node — Imports a node for instance permissions for each instance -- AIC Import – Databases — Imports each database in the SQL instances -- AIC Import – Permissions — Imports SQL Permissions to the AIC -- AIC Import – Roles — Imports a Roles node into the AIC for SQL Server Roles -- AIC Import – Database Role Permissions — Imports role permissions at the database level -- AIC Import – Local SQL Groups — Imports SQL local groups to the AIC -- AIC Import – Instance Role Permissions — Imports permissions assigned to roles at the instance - level - -# 2-SQL_SensitiveDataScan Job - -The 2-SQL_SensitiveDataScan Job discovers sensitive data in the database SQL server instances and -databases based on a pre-defined or user defined search criteria. - -Special Dependency - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - - See the - [Installation & Configuration Overview](/docs/accessanalyzer/11.6/installation/application/install.md) - topic for installation information. - - See the - [Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/accessanalyzer/sensitivedatadiscovery/overview.md) - topic for additional information. - -Though the job is visible within the console, it requires an additional installer package before -data collection occurs. - -## Queries for the 2-SQL_SensitiveDataScan Job - -The SensitiveDataScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup9.webp) - -- SensitiveDataScan – Collects Sensitive Data from targeting instances - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the SensitiveDataScan Query](#configure-the-sensitivedatascan-query) topic for - additional information. - -### Configure the SensitiveDataScan Query - -The 2-SQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive -Data Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 2-SQL_SensitiveDataScan > -Configure node and select Queries. - -**Step 2 –** In the Query Selection view, select the SensitiveDataScan query click on Query -Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this -job. - -![2sqlsensitivedatascanoptionspage](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp) - -**Step 4 –** Select the desired scan options. Navigate to the -[SQL: Options](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page for additional information. - -**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -![Criteria Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp) - -**Step 5 –** To modify criteria, navigate to the -[SQL: Criteria](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. By default, the following System Criteria have been selected: - -- Credit Cards -- Tax Forms -- US SSN -- User ID -- Password - - Add or remove criteria if needed. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information. - -![Filter Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp) - -**Step 6 –** To query for specific database/instance, navigate to the -[SQL: Filter](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. The query is configured by default to target Only select database objects. Click Retrieve. The -Available database objects box will populate. Databases and instances can be added in the following -ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Optionally use the Add Custom Filter button to create and apply a custom filter. - -**Step 7 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 2-SQL_SensitsveDataScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 2-SQL_SensitiveDataScan Job - -Navigate to the **Databases** > 0.Collection > SQL > 2-SQL_SensitiveDataScan > Configure node and -select Analysis to view the analysis task. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup13.webp) - -The default analysis task is: - -- SQL Server SDD Matches View — Brings the SQL Server SDD Matches View to the SA console -- SQL Server SDD Match Hits View — Brings the SQL Server SDD Match Hits View to the SA console -- AIC Import — Creates the SA_AIC_SddMatchesImport - -# 3-SQL_ActivityScan Job - -The 3-SQL_ActivityScan Job captures user activity from targeted SQL server instances and databases. - -Special Dependency - -- SQL Server Audit Specifications to be configured on the target databases - - Audit destination must be a binary file - - See the Microsoft - [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) - article for additional information. - -## Queries for the 3-SQL_ActivityScan Job - -The ActivityScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup14.webp) - -- ActivityScan – Collects activity from targeted instances - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the ActivityScan Query](#configure-the-activityscan-query) topic for additional - information. - -### Configure the ActivityScan Query - -The 3-SQL_ActivityScan Job is preconfigured to run using the default settings within the Server -Audits Events Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 3-SQL_ActivityScan > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, click on Query Properties. The Query Properties window -appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Options Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp) - -**Step 4 –** To modify scan options, navigate to the -[SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. Select the desired scan options. The query is preconfigured with the following default -settings: - -- Collect only events since last scan – Collects activity recorded since the previous scan -- Number of days you want to keep events in the database – The default setting is 15 days -- Collect audits by name – Finds available audits in the database -- Collect audits by path – Collects audits by a specified path - -![Filter Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp) - -**Step 5 –** To scope the query for specific database/instance, navigate to the -[SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. The query is configured by default to target Only select database objects. Click Retrieve. The -Available database objects will be populated. Databases and instances can be added in the following -ways: - -Select the desired database objects and click Add. - -Use the Import CSV button to import a list from a CSV file. - -Optionally use the Add Custom Filter button to create and apply a custom filter. - -**Step 6 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 3-SQL_ActivityScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 3-SQL_ActivityScan Job - -Navigate to the **Databases** > 0.Collection > SQL > 3-SQL_ActivityScan > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup17.webp) - -The default analysis tasks are: - -- AIC Import – Activity– Creates the SA_AIC_ActivityEventsImport table accessible under the job’s - Results node. - -# 4-SQL_ServerLogons Job - -The 4-SQL_ServerLogons Job captures SQL server logon activity, which includes successful or failed -logons. - -## Queries for the 4-SQL_ServerLogons Job - -The AppnLogSQL Query uses the SMARTLog Data Collector and has been preconfigured to process the -Windows Event Log Type. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![sqljobgroup18](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup18.webp) - -- AppnLogSQL – Uses SmartLog Data Collector to gather logon events - - See the - [SMARTLog Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/overview.md) - topic for additional information - -# 5-SQL_ServerSettings Job - -The 5-SQL_ServerSettings Job collects SQL server instance and database configuration settings for -evaluation against recommended best practices. - -## Queries for the 5-SQL_ServerSettings Job - -The 5-SQL_ServerSettings Job uses the SQL Data Collector for the following queries: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup19.webp) - -- Configuration – Collects configuration properties - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the Configuration Query](#configure-the-configuration-query) topic for additional - information. -- Server – Collects server properties - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the Server Query](#configure-the-server-query) topic for additional information. -- Connections – Returns connections to the instance -- Asymmetric Key Size – Returns the asymmetric key size -- Symmetric Key Encryption – Returns the symmetric key encryptions being used by the Instance -- CLR Assemblies – Returns CLR Assemblies being used by the Instance -- Instance Details – Provides details on Instance configuration -- Database Details – Returns details for each database in the scanned Instance -- Database Sizing – Returns details on database size -- Linked Servers – Collects information on SQL Linked Servers -- Table Row Count – Returns the number of rows for each table in SQL - -### Configure the Configuration Query - -The 5-SQL_ServerSettings Job’s Configuration Query is configured to run with the default settings -with the Configuration Properties category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 5-SQL_ServerSettings > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, select the Configuration Query and click on Query -Properties. The Query Properties window will appear. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard will -open. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Instance Filters](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp) - -**Step 4 –** To scope the query for specific database/instance, navigate to the -[SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. The query is configured by default to target All instances. Change the query scope to Only -select instances, and click Retrieve. The Available server audits will be populated. Databases and -instances can be added in the following ways: - -- Select the desired instances and click Add. -- Use the Import CSV button to import a list from a CSV file. -- (Optional) Use the Add Custom Filter button to create and apply a custom filter. - -**Step 5 –** On the Summary page, click Finish to save any setting modifications or click Cancel if -no changes were made. Then click OK to close the Query Properties window. - -The 5-SQL_ServerSettings Job is now ready to run with the customized settings. - -### Configure the Server Query - -The 5-SQL_ServerSettingsJob > Server Query has been preconfigured to run with the default settings -with the category of Server Properties. However, the query can be scoped to target specific -databases/instances on the Filters page of the SQL Data Collector Wizard. Follow these steps to -modify the query configuration. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 5-SQL_ServerSettings > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, select the Server query click on Query Properties. The -Query Properties window will appear. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard will -open. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Filter Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp) - -**Step 4 –** To scope the query for specific database/instance, navigate to the -[SQL Data Collector](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -page. The query is configured by default to target All instances. Change the query scope to Only -select instances, and click Retrieve. The Available server audits will be populated. Databases and -instances can be added in the following ways: - -- Select the desired instances and click Add. -- Use the Import CSV button to import a list from a CSV file. -- Optionally use the Add Custom Filter button to create and apply a custom filter. - - Remember, it is necessary for the - [0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - to run before attempting to scope this query. - -**Step 5 –** On the Summary page, click Finish to save any setting modifications or click Cancel if -no changes were made. Then click OK to close the Query Properties window. - -The 5-SQL_ServerSettings Job is now ready to run with the customized settings. - -# 0.Collection > SQL Job Group - -The 0.Collection Job Group is designed to collect high level summary information form targeted -Microsoft SQL Servers. This information is used by other jobs in the SQL solution set for further -analysis and for producing reports. - -![0.Collection Job Group - SQL](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup1.webp) - -The jobs in the 0.Collection Job Group are: - -- [0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to enumerate and store the list of SQL Server Instances running on the - targeted servers -- [1-SQL_PermissionsScan](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to collect SQL Server instance and database level permissions from all - targeted servers -- [2-SQL_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to discover sensitive data in the database SQL Server instances and - databases based on a pre-defined or user-defined search criteria -- [3-SQL_ActivityScan Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to capture user activity from all targeted SQL server instances and - databases -- [4-SQL_ServerLogons Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to capture all types of SQL server logon activity including successful or - failed logons -- [5-SQL_ServerSettings Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to collect SQL server instance and database configuration settings so that - they can be evaluated against recommended best practices - -# 4.Configuration Job Group - -The 4.Configuration Job Group provides information on potential vulnerabilities related to SQL and -Azure SQL server configuration settings. - -![configurationjobgroup](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp) - -The jobs in the 4.Configuration Job Group are: - -- [SQL_Authentication Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job identifies authentication settings on targeted SQL and Azure SQL servers that allow SQL - server authentication in addition to Windows authentication. Microsoft recommends that the SQL and - Azure SQL servers should be generally configured to utilize Windows authentication versus SQL - authentication. -- [SQL_BestPractices Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to analyze SQL and Azure SQL server configuration settings and report on - any findings that deviate from recommended Microsoft Best Practices when it comes to creating, - maintaining, and securing SQL servers -- [SQL_CMDShell Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to report if the `xp_cmdshell `stored procedure is enabled or disabled. - Since `xp_cmdshell` allows a user to execute operating system commands when connected to the SQL - or Azure SQL server, it can be used to launch malicious attacks. Microsoft recommends that the - `xp_cmdshell` stored procedure be disabled. -- [SQL_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – Provides details on database file sizes and overall database sizes -- [SQL_LinkedServers Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – Identifies Linked Servers or remote database servers on which the identified SQL and Azure - SQL server can execute commands. Some of the common remote OLE DB providers include IBM DB2, - Oracle, Access and Excel. Typically, linked servers are used to handle distributed queries in SQL - and Azure SQL server. - -# SQL_Authentication Job - -The SQL_Authentication Job identifies authentication settings on targeted SQL and Azure SQL servers -that allow SQL server authentication in addition to Windows authentication. Microsoft recommends -that SQL and Azure SQL servers should be generally configured to utilize Windows authentication -versus SQL server authentication. - -## Analysis Tasks for the SQL_Authentication Job - -Navigate to the **Databases** > SQL > 4.Configuration > SQL_Authentication > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup43.webp) - -The default analysis tasks are: - -- Determine authentication configurations – Creates the SA_SQLServer_Authentication_Details table - accessible under the job’s Results node -- Authentication Summary – Creates the SA_SQLServer_Authentication_Summary table accessible under - the job’s Results node. Provides a summary of targeted servers with SQL authentication enabled. - -In addition to the tables and views created by the analysis task, the SQL_Authentication Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SQL  Authentication | This report identifies authentication settings on the targeted servers, and highlights those with SQL Authentication enabled. Additionally, the number of SQL logins on a given instance, and whether or not the 'sa' login exists, are indicated. Best practices recommend that SQL instances be integrated login only, and that the 'sa' principal be renamed or removed. | None | This report is comprised of two elements: - Pie Chart – Displays instances with integrated security only - Table – Displays integrated security details by instance | - -# SQL_BestPractices Job - -The SQL_BestPractices Job analyzes SQL and Azure SQL server configuration settings and reports any -findings that deviate from recommended Microsoft Best Practices when it comes to creating, -maintaining, and securing SQL and Azure SQL servers. - -### Analysis Tasks for the SQL_BestPractices Job - -Navigate to the **Databases** > SQL > 4.Configuration > SQL_BestPractices > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup44.webp) - -The default analysis tasks are: - -- SQL Best Practices – Creates the SA_SQL_BestPractices table accessible under the job’s Results - node -- SQL Best Practices Instance Summary – Creates the SA_SQL_BestPractices_Summary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_BestPractices Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | --------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SQL Server Best Practices | Evaluates settings on SQL and Azure SQL Instances and Databases for SQL Best Practices. | None | This report is comprised of three elements: - Pie Chart – Displays best practice adherence - Table– Displays configuration settings - Table – Displays instance summary | - -# SQL_CMDShell Job - -The SQL_CMDShell Job reports on whether the `xp_cmdshell` stored procedure is enabled or disabled. -Since `xp_cmdshell` allows users to execute operating system commands when connected to the SQL or -the Azure SQL server, it can be used to launch malicious attacks. Microsoft recommends that the -`xp_cmdshell` stored procedure be disabled. - -## Analysis Tasks for the SQL_CMDShell Job - -Navigate to the **Databases** > SQL > 4.Configuration > SQL_CMDShell > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup45.webp) - -The default analysis task is: - -- XP CMD Shell – Creates the SA_SQL_CMDShell_Status table accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the SQL_CMDShell Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------- | -| xp_cmdshell Settings | Because malicious users sometimes attempt to elevate their privileges by using xp_cmdshell, xp_cmdshell is disabled by default. Use sp_configure or Policy Based Management to disable it on any instances which have it enabled. | None | This report is comprised of two elements: - Pie Chart – Displays instance summary - Table– Displays configuration details | - -# SQL_DatabaseSizing Job - -The SQL_DatabaseSizing Job provides details on database file sizes and overall database sizes. - -## Analysis Tasks for the SQL_DatabaseSizing Job - -Navigate to the **Databases** > Jobs > SQL > 4.Configuration > SQL_DatabaseSizing Job >Configure -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/analysistask.webp) - -The default analysis tasks are: - -- Database Size Details – Provides details on database files and sizes -- Database Size Summary – Summarizes database file sizes by database - -In addition to the tables created by the analysis tasks, the **SQL_DatabaseSizing Job** produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report provides details on database files and sizing. | None | This report is comprised of three elements: - Bar Chart – Provides information on the top five databases by size (MB) - Bar Chart – Provides information on database sizes by host (GB) - Table – Provides details on database sizing | - -# SQL_LinkedServers Job - -The SQL_LinkedServers Job identifies Linked Servers or remote database servers on which the -identified SQL and Azure SQL servers can execute commands. Some of the common remote -OLE DB providers include IBM DB2, Oracle, Access and Excel. Typically, linked servers are used to -handle distributed queries in SQL and Azure SQL server . - -## Analysis Tasks for the SQL_LinkedServers Job - -Navigate to the **Databases** > Jobs > SQL > 4.Configuration > SQL_LinkedServers Job >Configure node -and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -pre-configured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- Linked Server Details – Provides details on SQL Linked Servers -- Linked Server Summary – Summarizes Linked Servers by instance - -In addition to the tables created by the analysis tasks, the **SQL_DatabaseSizing Job** produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ----------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Linked Servers | This report highlights Linked Servers where the listed SQL Server is able to execute remote commands. | None | This report is comprised of three elements: - Bar Chart – Provides information on top five linked servers by instance - Table – Provides details on linked servers by instance - Table – Provides details on linked servers | - -# SQL Job Group - -The SQL Job Group reports on SQL Server, AzureSQL, or both depending on which collection jobs were -run. The SQL Job Group is a comprehensive set of pre-configured audit jobs and reports that provide -information on users and roles, activity, permissions, configuration, sensitive data, and overall -security assessment. - -Supported Platforms - -- Azure SQL - -- SQL Server 2022 -- SQL Server 2019 -- SQL Server 2017 -- SQL Server 2016 - -Requirements, Permissions, and Ports - -See the -[Target SQL Server Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans.If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host.For example, if the job is configured to scan 8 hosts at a time , then -an extra 16 GB of RAM are required (8x2=16). - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -Location - -The SQL Job Group within the Jobs tree, as part of the Database Solution: Jobs > Database > SQL. - -The Database Solution license includes all supported database platforms supported by Enterprise -Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database -content for sensitive data. - -![SQL Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sqljobgroup.webp) - -The SQL Job Group includes: - -- Databases > 0.Collection > SQL > - [0.Collection > SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job group is designed to collect high level summary information from Microsoft SQL servers. - This information is used by other jobs in the SQL solution set for further analysis and for - producing respective reports. -- Databases > 0.Collection > AzureSQL > - [0.Collection > Azure SQL Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/overview.md) - — This job group is designed to collect high level summary information from targeted Azure SQL - Instances. This information is used by other jobs in the Azure SQL solution set to provide further - analysis and for producing respective reports. -- [1.Users and Roles Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md)– - This job group is designed to provide insight into user security, roles, and object permissions to - all the SQL server objects -- [2.Activity Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job group is designed to provide insight into use login activity, object permission - changes, any unusual database activity, SQL activity against sensitive data, SQL activity against - selective or all database objects -- [3.Permissions Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job group is designed to provide insight into all types of permissions at the instance, - database, and object level across all the targeted SQL servers -- [4.Configuration Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job group is designed to provide insight into potential vulnerabilities related to SQL - server configuration settings -- [5.Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md)– - This job group is designed to provide insight into where sensitive data exists and who has access - to it across all the targeted SQL server databases - - Requires the Sensitive Data Discovery Add-On. -- [SQL_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to summarize and categorize the security findings into HIGH, MEDIUM, LOW, - and NO FINDING categories based on their severity. - -# 3.Permissions Job Group - -The 3.Permissions Job Group provides insight into permissions at the instance, database, and object -level across all targeted SQL and Azure SQL servers. - -![sqljobgroup36](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup36.webp) - -The jobs in the 3.Permissions Job Group are: - -- [SQL_ControlServer Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job will provide information on control server permissions. Users with control server - permissions allow users to command full control of a SQL and Azure SQL server instances -- [SQL_DirectPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job will provide information about the permissions granted to users at the schema, - database, and server levels -- [SQL_DomainUserPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job will provide insight into Microsoft Active Directory domain users’ access to SQL and - Azure SQL server objects both at the instance and database level -- [SQL_PublicPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job analyzes all the permissions granted at the server level and reports on the effective - server level permissions across all the audited SQL and Azure SQL server instances -- [SQL_ServerPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job provides the list of SQL and Azure SQL server logins that have the PUBLIC roles - assigned. In addition, it also provides the list of permissions assigned to the PUBLIC role as - well - -# SQL_ControlServer Job - -The SQL_ControlServer Job provides information on control server permissions. Users with control -server permissions can command full control of a SQL and Azure SQL server instance. - -## Analysis Tasks for the SQL_ControlServer Job - -Navigate to the **Databases** > SQL > 3.Permissions > SQL_ControlServer > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup37.webp) - -The default analysis tasks are: - -- Determine Control Server Rights – Creates the SA_SQL_ControlServer_Details table accessible under - the job’s Results node -- Control Server Domain Users – Creates the SA_SQLServer_ControlServer_DomainUsers table accessible - under the job’s Results node -- Control Server Instance Summary – Creates the SA_SQLServer_ControlServer_InstanceSummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the SQL_ControlServer Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Control Server Permissions | This report highlights control server permissions, and summarizes them by instance and by domain user. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by control server permissions - Table – Provides details on instances by control server permission count - Table – Provides details on control server permissions | - -# SQL_DirectPermissions Job - -The SQL_DirectPermissions Job provides information on permissions granted to users at the schema, -database, and server level. - -## Analysis Tasks for the SQL_DirectPermissions Job - -Navigate to the **Databases** > SQL > 3.Permissions > SQL_DirectPermissions > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup38.webp) - -The default analysis tasks are: - -- Determine database permissions – Creates the SA_SQLServer_DirectPermissions_DatabaseDetails table - accessible under the job’s Results node -- Determine schema permissions – Creates the SA_SQLServer_DirectPermissions_SchemaDetails table - accessible under the job’s Results node -- Determine server permissions – Creates the SA_SQLServer_DirectPermissions_ServerDetails table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_DirectPermissions Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Database Permissions | This report highlights SQL permissions granted at the database level. | None | This report is comprised of three elements: - Bar Chart – Displays database permission summary - Table – Provides details on database permission summary - Table – Provides details on database permission details | -| Schema Permissions | This report lists all SQL permissions granted at the schema level. | None | This report is comprised of three elements: - Bar Chart – Displays top schema by permission count - Table – Provides details on permission summary - Table – Provides details on schema permission details | -| Server Permissions | This report highlights SQL permissions being granted at the server level. | None | This report is comprised of three elements: - Bar Chart – Displays server permission summary - Table – Provides details on server permission summary - Table – Provides details on server permission details | - -# SQL_DomainUserPermissions Job - -The SQL_DomainUserPermissions Job provides insight into Microsoft Active Directory domain users’ -access to SQL and Azure SQL server objects at both the instance and database level. - -## Analysis Tasks for the SQL_DomainUserPermissions Job - -Navigate to the **Databases** > SQL > 3.Permissions > SQL_DomainUserPermissions > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup39.webp) - -The default analysis tasks are: - -- Domain User Permissions Details – Creates the SA_SQLServer_DomainUserPermissions_Details table - accessible under the job’s Results node -- Domain User Permissions Summary – Creates the SA_SQLServer_DomainUserPermissions_Summary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_DomainUserPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | --------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain User SQL Access | This report looks at SQL server permissions granted to domain users across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance count - Table – Provides details on access sprawl - Table – Provides details on permission details | - -# SQL_PublicPermissions Job - -The SQL_PublicPermissions Job provides the list of SQL server logins that have the PUBLIC roles -assigned. In addition, it also provides the list of permissions assigned to the PUBLIC role as well. - -## Analysis Tasks for the SQL_PublicPermissions Job - -Navigate to the **Databases** > SQL > 5.Permissions > SQL_PublicPermissions > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup40.webp) - -The default analysis tasks are: - -- Calculate public permissions – Creates the SA_SQLServer_PublicPermissions_Details table accessible - under the job’s Results node -- Public Permissions Summary – Creates the SA_SQLServer_PublicPermissions_DatabaseSummary table - accessible under the job’s Results node -- Public Permissions Summary – Highlights permissions that have been granted to the public role on - objects that are not-default SQL or Azure SQL server objects -- Public Permissions Instance Summary (Non-Default) – Summarizes non-default SQL and Azure SQL - server public permissions by instance - -In addition to the tables and views created by the analysis task, the SQL_PublicPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | -------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Public Permissions | This report determines highlights objects with public permissions applied. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by public permission count - Table – Provides details on databases by public permission count - Table – Provides details on public permission details | - -# SQL_ServerPermissions Job - -The SQL_ServerPermissions Job analyzes permissions granted at the server level and reports on -effective server level permissions across all audited SQL and Azure SQL server instances. - -## Analysis Tasks for the SQL_ServerPermissions Job - -Navigate to the **Databases** > SQL > 3.Permissions > SQL_ServerPermissions > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup41.webp) - -The default analysis tasks are: - -- Server Permissions – Creates the SA_SQLServer_ServerPermission_Details table accessible under the - job’s Results node -- System Permissions Instance Summary –Creates the SA_SQLServer_ServerPermission_InstanceSummary - table accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the SQL_ServerPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | -------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Server Permissions | This report highlights server permissions and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by server permissions - Table – Provides details on instances by server permission count - Table – Provides details on server permissions | - -# Recommended Configurations - -The following sections describe the recommended configurations for the SQL Solution 0.Collection Job -Group and the Azure SQL 0.Collection Job Group. - -**NOTE:** The SQL Solution Jobs report on both the SQL and Azure SQL Collection Jobs. - -## SQL Solution 0.Collection Job Group - -The SQL Solution has been configured to inherit down from the SQL > Settings node. However, it is -best practice to assign the host list and the Connection Profile at the data collection level, the -0.Collection Job Group. Once these are assigned to the job group, it can be run directly or -scheduled. - -Dependencies - -- .Active Directory Inventory Job Group run successfully -- For Activity Auditing – SQL Server Audit Specifications to be configured on the target databases - - Audit destination must be a binary file - - See the Microsoft - [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) - article for additional information. -- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the - Enterprise Auditor Console server -- For the SQL_SecurityAssessment Job – One or more of the following jobs or job groups must be run - to produce results: - - [0.Collection > SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - - [1.Users and Roles Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - - [3.Permissions Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - - [5.Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - - [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/overview.md) - - [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/overview.md) - -Some of the 0.Collection Job Group queries can be scoped to target specific databases/instances. -However, it is necessary for the SA_SQL_Instances table to be populated before attempting to scope -the queries. Therefore, the -[0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) -must be manually executed before attempting to scope the 0.Collection Job Group queries. - -Targeted Host(s) - -The 0.Collection Job Group has been set to run against the following default dynamic host list: - -- All Microsoft SQL Server Hosts - - **NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which - meet the host inventory criteria for the list. Ensure the appropriate host list(s) have been - populated through host inventory results. - -Connection Profile - -The SQL Data Collector requires a specific set of permissions. See the Permissions section for -necessary permissions. The account used can be either an Active Directory account or a SQL account. -Once the account has been provisioned, create a custom Connection Profile containing the credentials -for the targeted environment. See the -[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -topic for additional information. - -The Connection Profile should be assigned under the SQL > 0.Collection > Settings > Connection node. -It is set to Use the Default Profile, as configured at the global settings level. However, since -this may not be the Connection Profile with the necessary permissions for the assigned hosts, click -the radio button for the Select one of the following user defined profiles option and select the -appropriate Connection Profile drop-down menu. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -One of the most important decisions to make is how frequently to collect this data. The SQL Job -Group can be scheduled to run as desired depending on the types of auditing being conducted and the -scope of the target environment. The general recommendation is to schedule the solution to run -daily. - -Run Order - -The 0.Collection Jobs must be run first and in order. The other SQL Solution sub-job groups can be -run in any order, together or individually, after running the 0.Collection Job Group. - -**_RECOMMENDED:_** Run the solution at the top level. - -Workflow - -Prerequisites: - -- Successful execution of the .Active Directory Inventory Job Group -- For the 3-SQL_ActivityScan, configure SQL Server Audit and SQL Server Audit Specifications on - target SQL Server Databases. Audit destination for the configured server or database audit must be - a binary file. -- The 5-SQL_ServerSettings Job contains the Orphaned Users query which returns users that are - orphaned for each database. The query uses the sp_Change_users_login procedure which requires the - db_owner fixed database to be assigned to the Enterprise Auditor User. See the - [sp_change_users_login (Transact-SQL)](https://docs.microsoft.com/en-us/sql/relational-databases/system-stored-procedures/sp-change-users-login-transact-sql?view=sql-server-ver15) - Microsoft article for additional information. - -1. (Optional) Configure the queries for the jobs in the 0.Collection Job Group -2. Schedule the 0.Collection Job Group to run daily or as desired - - **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the - SQL solution - -3. Review the reports generated by the 0.Collection Job Group’s jobs - -## Azure SQL 0.Collection Job Group - -The Azure SQL Solution has been configured to inherit down from the Azure SQL > Settings node. -However, it is best practice to assign the host list and the Connection Profile at the data -collection level, the 0.Collection Job Group. Once these are assigned to the job group, it can be -run directly or scheduled. - -Dependencies - -- Full registration within Microsoft's Azure portal: - - - Creation of a Enterprise Auditor Azure SQL Role in the Access control (IAM) section - - Successful registration of the Enterprise Auditor app - - Successful creation of an Application (client) ID - -- Successful configuration of an AzureSQL-specific connection profile -- Creation of an Azure Tenancy host list (ex. COMPANY.onmicrosoft.com) and Azure Active Directory - user credential(s) - - **_RECOMMENDED:_** To avoid functional issues with Enterprise Auditor, create multiple - connection profiles to accommodate multiple credentials. - -- Define and validate connection information in the Connection screen -- [0-AzureSQL_InstanceDiscovery Job](/docs/accessanalyzer/11.6/accessanalyzer/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md) - run successfully - -Targeted Host(s) - -The 0.Collection Job Group has been set to run against the following default dynamic host list: - -- All targeted Azure SQL Tenants - -Connection Profile - -The SQL Data Collector requires a specific set of permissions. See the Permissions section for -necessary permissions. The account used can be either an Active Directory account with database -login enabled or a SQL account. Once the account has been provisioned, create a custom Connection -Profile containing the credentials for the targeted environment. See the -[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/11.6/data-collection/databases/sql-server.md) -topic for additional information. - -The Connection Profile should be assigned under the **Databases** > 0.Collection > Azure SQL > -Settings > Connection node. It is set to Use the Default Profile, as configured at the global -settings level. However, since this may not be the Connection Profile with the necessary permissions -for the assigned hosts, click the radio button for the Select one of the following user defined -profiles option and select the appropriate Connection Profile drop-down menu. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -One of the most important decisions to make is how frequently to collect this data. The Azure SQL -Job Group can be scheduled to run as desired depending on the types of auditing being conducted and -the scope of the target environment. The general recommendation is to schedule the solution to run -daily. - -Run Order - -The 0.Collection Jobs must be run first and in order. The other Azure SQL Solution sub-job groups -can be run in any order, together or individually, after running the 0.Collection Job Group. - -**_RECOMMENDED:_** Run the solution at the top level. - -# 5.Sensitive Data Job Group - -The 5.Sensitive Data Job Group provides information on where sensitive data exists, and who has -access to that sensitive data, across all targeted SQL and Azure SQL server databases. - -Special Dependency for Data Collection - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - -![5.Sensitive Data Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup46.webp) - -The jobs in the 5.Sensitive Data Job Group are: - -- [SQL_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to provide information on all the sensitive data that was discovered in the - targeted SQL or Azure SQL servers based on the selected scan criteria -- [SQL_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to provide all types of permissions on database objects containing - sensitive data across all the targeted SQL or Azure SQL servers - -# SQL_SensitiveData Job - -The SQL_SensitiveData Job designed to provide information on all the sensitive data that was -discovered in the targeted SQL or Azure SQL servers based on the selected scan criteria. - -## Analysis Tasks for the SQL_SensitiveData Job - -Navigate to the **Databases** > SQL > 5.Sensitve Data > SQL_SensitiveData > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup47.webp) - -The default analysis tasks are: - -- Determine sensitive data details – Creates the SA_SQLServer_SensitiveData_Details table accessible - under the job’s Results node -- Database summary – Creates the SA_SQLServer_SensitiveData_DatabaseSummary table accessible under - the job’s Results node -- Enterprise summary – Creates the SA_SQLServer_SensitiveData_EnterpriseSummary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveData Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Pie Chart – Displays exceptions by match count - Table – Provides details on exception details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by sensitive data hits - Table – Provides details on databases with sensitive data - Table – Provides details on sensitive data details | - -# SQL_SensitiveDataPermissions Job - -The SQL_SensitiveDataPermissions Job is designed to provide all types of permissions on database -objects containing sensitive data across all the targeted SQL or Azure SQL servers. - -## Analysis Tasks for the SQL_SensitiveDataPermissions Job - -Navigate to the **Databases** > SQL > 5.Sensitve Data > SQL_SensitiveDataPermissions > Configure -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup48.webp) - -The default analysis tasks are: - -- List sensitive data permission details – Creates the SA_SQL_SensitiveDataPermissions_Details table - accessible under the job’s Results node -- Sensitive Data Permissions Database Summary – Creates the - SA_SQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataPermissions -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | - -# SQL_SecurityAssessment Job - -The SQL_SecurityAssessment Job summarizes and categorizes security findings into HIGH, MEDIUM, LOW, -and NO FINDINGS categories based on severity. - -![SQL_SecurityAssessment](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sqljobgroup49.webp) - -Special Dependencies - -One or more of the following jobs or job groups must be run to produce results: - -- [0.Collection > SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) -- [SQL_PasswordIssues Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) -- [SQL_RoleMembers Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) -- [SQL_PublicPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) -- [5.Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) -- [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/overview.md) -- [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/overview.md) - -Only information collected from jobs/groups being run will produce findings. - -### Analysis Task for the SQL_SecurityAssessment Job - -Navigate to the SQL > SQL_SecurityAssesment > Configure node and select Analysis to view the -analysis task. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sqljobgroup50.webp) - -The default analysis task is: - -- Summarize Audit Findings – Pulls data from tables created by the jobs and job groups throughout - the SQL Solution to provide a summary of results in the SQL Security Assessment report - -In addition to the tables and views created by the analysis task, the SQL_SecurityAssessment Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | -------------------------------------------------------------------------- | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| SQL Security Assessment | This report summarizes security related results from the SQL solution set. | Security Assessment | This report is comprised of four elements: - Table – Provides details on the scope of the audit of the SQL Solution set - Pie Chart – Displays job findings by severity - Table – Displays findings by category and provides details on the SQL_SecurityAssessment job results | - -# 1.Users and Roles Job Group - -The 1.Users and Roles Job Group is designed to provide insight into user security, roles, and object -permissions to all SQL or Azure SQL server objects. - -![Users and Roles Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup22.webp) - -The jobs in the 1.Users and Roles Job Group are: - -- [SQL_DatabasePrinciples Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job group is designed to provide detailed information on database principals across all the - targeted SQL or Azure SQL server instances -- [SQL_PasswordIssues Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job group is designed to analyze the SQL or Azure SQL login passwords and evaluate if they - comply with the prescribed password policies. In addition, it checks for weak passwords. -- [SQL_RoleMembers Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to analyze and provide information about all the role members in each o the - SQL or Azure SQL server role groups, both at the instance and database level, across all the - targeted SQL or Azure SQL servers -- [SQL_ServerPrincipals Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to provide information about all the server principals on the instances - across all the targeted SQL or Azure SQL servers -- [SQL_SQLLogins Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job is designed to provide information on both successful and failed SQL or Azure SQL - server logins across all the targeted SQL or Azure SQL servers -- [SQL_SysAdmins Job](/docs/accessanalyzer/11.6/solutions/databases/sql-server-analysis.md) - – This job group is designed to provide insight into all the users who have SQL or Azure SQL - server administration roles across all the targeted SQL or Azure SQL servers - -# SQL_DatabasePrinciples Job - -The SQL_DatabasePrinciplesJob provides detailed information on database principals across all -targeted SQL or Azure SQL server instances. - -## Analysis Tasks for the SQL_DatabasePrinciples Job - -Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_DatabasePrinciples > Configure node -and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup23.webp) - -The default analysis tasks are: - -- Determine user details – Creates the SA_SQLServer_DatabasePrincipals_Details table accessible - under the job’s Results node -- Summarize by instance – Creates the SA_SQLServer_DatabasePrincipals_InstanceSummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_DataPrinciples Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Principles | This report determines all database principals on a per-instance basis. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by domain principal count - Table – Provides details on principal count by instance - Table – Provides details on principal details | - -# SQL_PasswordIssues Job - -The SQL_PasswordIssues Job analyzes SQL or Azure SQL login passwords and evaluates SQL login -password compliance against prescribed password policies. The SQL_PasswordIssues Job also checks for -weak passwords. - -## Queries for the SQL_Passwords Job - -The Collect Weak Passwords Job uses the PowerShell Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup24.webp) - -- Collect Weak Passwords – Locate the dictionary file containing the weak passwords and import the - passwords - - See - [PowerShell Data Collector](/docs/accessanalyzer/11.6/data-collection/custom-collectors/powershell.md) - for additional information. - -## Analysis Tasks for the SQL_PasswordIssues Job - -Navigate to the Jobs > **Databases** > SQL > 3.Users and Roles > SQL_PasswordIssues > Configure node -and select Analysis to view the analysis tasks. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or -deselected unless otherwise specified. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp) - -The default analysis tasks are: - -- Analyze the Weak Passwords – Compare the weak passwords list against the collected password hashes - - This analysis task has a configurable parameter: - - @ShowPassword – Set to **0** by default. Set to **1** to enable the analysis task to bring - back the plain-text password that was found - - See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information on modifying analysis parameters. -- Shared Passwords – Highlights SQL Server Logins with shared password hashes -- No Password – Inserts users that do not have a password set into the details table -- Summarize the Weak Password Results – Summarizes the data that has been collected by the weak - passwords job - -The following analysis task is deselected by default: - -- Drop SQL Login Password Hashes – Nulls the SQL password hashes for the SQLServer_SqlLogins table. - - Enable this analysis task only if needed. This analysis task nulls the password_hash column in - the SA_SqlServer_SqlLogins table. - -In addition to the tables and views created by the analysis tasks, the SQL_PasswordIssues Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Reused Passwords | This report highlights instances where a password hash is being reused. | None | This report is comprised of one element: - Table – Provides details on reused password details | -| Weak Passwords | This report highlights SQL logins that have a weak password. | None | This report is comprised of three elements: - Bar Chart – Displays weak passwords by instance - Table – Provides details on weak passwords by instance data - Table – Provides details on logins with weak passwords | - -# SQL_RoleMembers Job - -The SQL_RoleMembers Job analyzes and provides information on role members in each SQL server role -group, both at the instance and database level, across all targeted SQL servers. - -## Analysis Tasks for the SQL_RoleMembers Job - -Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_RoleMembers > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup26.webp) - -The default analysis tasks are: - -- Role Member Details – Creates the SA_SQLServer_RoleMember_Details table accessible under the job’s - Results node -- Effective SQL Role Membership – Creates the SA_SQLServer_EffectiveMembership table accessible - under the job’s Results node. This analysis task determines the Effective Role Membership for SQL - or Azure SQL Roles. -- Effective AD Role Membership – Creates the SA_SQLServer_EffectiveRoleMembership table accessible - under the job’s Results node. This analysis task determines the AD Effective Role Membership for - SQL or Azure SQL Roles and adds them to the SQL Effective Membership table. -- Role Membership Instances Summary – Creates the SA_SQL_RoleMember_Summary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_RoleMembers Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Role Membership | This report shows details on the roles and role membership in the audited SQL environment. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top instances by server and database role membership - Table – Provides details on instances by server and database role membership - Table – Provides details on role membership details | - -# SQL_ServerPrincipals Job - -The SQL_ServerPrincipals Job provides information on server principals at the instance level across -targeted SQL or Azure SQL servers. - -## Analysis Tasks for the SQL_ServerPrincipals Job - -Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_ServerPrincipals > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup27.webp) - -The default analysis tasks are: - -- Determine user details – Creates the SA_SQL_ServerPrincipals_Details table accessible under the - job’s Results node -- Summarize by Instance – Creates the SA_SQL_ServerPrincipals_InstanceSummary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_ServerPrincipals Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Server Principals | This report determines all server principals on a per-instance basis. Users are considered stale if they have not authenticated to the domain in 60 days. This threshold can be configured in the 3-AD_Exceptions job in the .Active Directory Inventory job group. | None | This report is comprised of three elements: - Bar Chart – Displays top instances - Table – Provides details on principal count by instance - Table – Provides details on principal details | - -# SQL_SQLLogins Job - -The SQL_SQLLogins Job provides information on successful and failed SQL server logins across all -targeted SQL or Azure SQL servers. - -## Analysis Tasks for the SQL_SQLLogins Job - -Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_SQLLogins > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup28.webp) - -The default analysis tasks are: - -- Calculate user login details – Creates the SA_SQL_UserLogin_Details table accessible under the - job’s Results node -- User Logins Instance Summary – Creates the SA_SQLServer_UserLogins_Summary table accessible under - the job's Results node - -In addition to the tables and views created by the analysis task, the SQL_SQLLogins Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------- | ----------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SQL Logins | This report lists user login information. | None | This report is comprised of three elements: - Bar Chart– Displays number of logins by instance - Table – Provides details on login exceptions by instance - Table – Provides details on SQL logins | - -# SQL_SysAdmins Job - -The SQL_SysAdmins Job provides insight into users who have SQL server administration roles across -all targeted SQL or Azure SQL servers. - -## Analysis Tasks for the SQL_SysAdmins Job - -Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_SysAdmins > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup29.webp) - -The default analysis tasks are: - -- Calculate admin details – Creates the SA_SQL_SysAdmins_Details table accessible under the job’s - Results node -- Summarize SysAdmins – Creates the SA_SQL_SysAdmins_InstanceSummary table accessible under the - job’s Results node -- Sys Admin Domain Users - Creates the SA_SQL_SysAdmins_DomainUsers table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis task, the **SQL_SysAdmins Job** produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------- | --------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Admin Summary | This report highlights all principals with the 'sysadmin' role. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by admin count - Table – Provides top instances by admin count - Table – Provides details on admin details - Table – Provides details on domain user admin details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/activity/overview.md b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/overview.md new file mode 100644 index 0000000000..cce0c988da --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/overview.md @@ -0,0 +1,25 @@ +# 2.Activity Job Group + +The jobs in the 2. Activity Job Group provides insight into user login activity, object permission +changes, unusual database activity, SQL and Azure SQL activities against sensitive data, and SQL and +Azure SQL activities against selected or all database objects. + +![2.Activity Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup30.webp) + +The jobs in the 2.Activity Job Group are: + +- [SQL_Activity Job](/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_activity.md) + – This job is designed to provide insight into user activity in target SQL and Azure SQL server + instances and databases in each instance based on the SQL Server Audit Specification settings +- [SQL_Logons Job](/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_logons.md) + – This job is designed to provide insight into failed or successful SQL and Azure SQL server logon + activity across all the targeted SQL and Azure SQL Servers +- [SQL_PermissionChanges Job](/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_permissionchanges.md) + – This job is designed to provide detailed information about the changes in permissions across all + the database objects, specifically objects containing sensitive data +- [SQL_SensitiveDataActivity Job](/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_sensitivedataactivity.md) + – This job is designed to provide detailed information about all the DML (UPDATE, INSERT, DELETE, + TRUNCATE) against objects containing selective data +- [SQL_UnusualActivity Job](/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_unusualactivity.md) + – This job group is designed to highlight any anomalies related to outlying user activity by + database across all the targeted SQL and Azure SQL server instances. diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_activity.md b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_activity.md new file mode 100644 index 0000000000..2d8709deb8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_activity.md @@ -0,0 +1,30 @@ +# SQL_Activity Job + +The SQL_Activity Job provides insight into user activity in target SQL server instances and +databases based on SQL Server Audit Specification settings. + +## Analysis Tasks for the SQL_Activity Job + +Navigate to the **Databases** > SQL > 2.Activity > SQL_Activity > Configure node and select Analysis +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup31.webp) + +The default analysis tasks are: + +- List SQL User Activity Details – Creates the SA_SQLServer_Activity_Details table accessible under + the job’s Results node +- User Activity Database Summary – Creates the SA_SQLServer_Activity_UserDatabaseSummary table + accessible under the job’s Results node +- User Activity Instance Summary – Creates the SA_SQLServer_Activity_UserInstanceSummary table + accessible under the job’s Results node + +In addition to the tables and views created the analysis task, the SQL_Activity Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| User Activity Summary | This report lists all SQL events, and summarizes them by database and instance. | None | This report is comprised of three elements: - Bar Chart – Displays users with most events by instance - Table – Provides details on users with most events by database - Table – Provides details on event details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_logons.md b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_logons.md new file mode 100644 index 0000000000..b8a4c3c070 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_logons.md @@ -0,0 +1,27 @@ +# SQL_Logons Job + +The SQL_Logons Job provides insight into failed and successful SQL and Azure SQL server logon +activity across all targeted SQL and Azure SQL servers. + +## Analysis Tasks for the SQL_Logons Job + +Navigate to the **Databases** > SQL > 2.Activity > SQL_Logons > Configure node and select Analysis +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup32.webp) + +The default analysis tasks are: + +- Logon Details – Creates the SA_SQLServer_Logons_Details table accessible under the job’s Results + node +- Logons Summary – Creates the SA_SQL_Logons_Summary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_Logons Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Server Logon Details | This report outlines successful and failed logins over the last 30 days | None | This report is comprised of three elements: - Stacked Bar Chart – Displays logon summary - Table – Provides details on logon summary - Table – Provides details on logon details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_permissionchanges.md b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_permissionchanges.md new file mode 100644 index 0000000000..277ae3a467 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_permissionchanges.md @@ -0,0 +1,29 @@ +# SQL_PermissionChanges Job + +The SQL_PermissionChanges Job provides detailed information on permission changes for all database +objects, specifically objects containing sensitive data. + +## Analysis Tasks for the SQL_PermissionChanges Job + +Navigate to the **Databases** > SQL > 2.Activity > SQL_PermissionChanges > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup33.webp) + +The default analysis tasks are: + +- SQLServer Permission Changes – Creates the SA_SQLServer_PermissionChanges_Details table accessible + under the job’s Results node +- Permission Changes Instance Summary – Creates the SA_SQLServer_PermissionChanges_InstanceSummary + table accessible under the job’s Results node. This analysis task summarizes permission change + activity per instance. + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | -------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Permission Change Activity | This report lists all permission change related SQL events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission change activity - Table – Provides details on instances by permission change activity - Table – Provides details on event details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_sensitivedataactivity.md b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_sensitivedataactivity.md new file mode 100644 index 0000000000..5083b3b176 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_sensitivedataactivity.md @@ -0,0 +1,28 @@ +# SQL_SensitiveDataActivity Job + +The SQL_SensitiveDataActivity Job provides detailed information on DML (UPDATE, INSERT, DELETE, +TRUNCATE) used against objects containing sensitive data. + +## Analysis Tasks for the SQL_SensitiveDataActivity Job + +Navigate to the **Databases** > SQL > 2.Activity > SQL_SensitiveDataActivity > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup34.webp) + +The default analysis tasks are: + +- SDD Activity Details – Creates the SA_SQLServer_SensitiveDataActivity_Details table accessible + under the job’s Results node +- SDD Activity Instance Summary – Creates the SA_SQLServer_SensitiveDataActivity_UserSummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | --------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Activity | This report highlights events in databases containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance - Table – Provides details on user activity by instance - Table – Provides details on sensitive data activity details by database | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_unusualactivity.md b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_unusualactivity.md new file mode 100644 index 0000000000..f7f0da848e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/activity/sql_unusualactivity.md @@ -0,0 +1,28 @@ +# SQL_UnusualActivity Job + +The SQL_UnusualActivity Job identifies anomalies related to outlier user activity by database for +all targeted SQL and Azure SQL server instances. + +## Analysis Tasks for the SQL_UnusualActivity Job + +Navigate to the **Databases** > SQL > 2.Activity > SQL_UnusualActivity > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup35.webp) + +The default analysis tasks are: + +- Hourly User Activity Outlier Analysis – Creates the SA_SQLServer_UnusualHourlyUserActivity table + accessible under the job’s Results node +- Hourly Unusual Activity Summary – Creates the SA_SQLServer_UnusualActivitySummary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | ---------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Unusual Hourly Activity Report | This report lists abnormal user activity | None | This report is comprised of three elements: - Bar Chart – Displays abnormal user activity - Table – Provides details on number of outliers per instance - Table – Provides details on unusual hourly user activity | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/collection/0-sql_instancediscovery.md b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/0-sql_instancediscovery.md new file mode 100644 index 0000000000..df6d75af81 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/0-sql_instancediscovery.md @@ -0,0 +1,27 @@ +# 0-SQL_InstanceDiscovery Job + +The 0-SQL_InstanceDiscovery job enumerates and stores the list of SQL Server Instances running on +the targeted servers. + +## Queries for the 0-SQL_InstanceDiscovery Job + +The 0-SQL_InstanceDiscovery job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/instancedisc_query.webp) + +- SQL Server Instance Discovery — Collects the list of SQL Server Instances from target endpoints + and populates the necessary instance connection information + +## Analysis Tasks for the 0-SQL_InstanceDiscovery Job + +Navigate to the **Databases** > **0.Collection** > **SQL** > **0-SQL_InstanceDiscovery** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/instancedisc_analysis.webp) + +The default analysis tasks is: + +- SQL Instances — Brings SA_SQL_Instances table to view diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/collection/1-sql_permissionsscan.md b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/1-sql_permissionsscan.md new file mode 100644 index 0000000000..892cc2d381 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/1-sql_permissionsscan.md @@ -0,0 +1,72 @@ +# 1-SQL_PermissionsScan + +The 1-SQL_PermissionsScan Job collects SQL server instance and database level permissions from +targeted servers. + +## Queries for the 1-SQL_PermissionsScan Job + +The 1-SQL_PermissionsScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup6.webp) + +- PermissionsScan – Collects permissions from targeted instances + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the PermissionsScan Query](#configure-the-permissionsscan-query) topic for + additional information. + +### Configure the PermissionsScan Query + +The 1-SQL_PermissionScan Job is preconfigured to run using the default settings within the +Permissions Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 1-SQL_PermissionsScan > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, select the PermissionsScan query and click on Query +Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this +job. + +![Filters](/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp) + +**Step 4 –** To query for specific databases/instances, navigate to the +[SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) +page. The default query target is All databases. The default query scope is Only select database +objects and click Retrieve. The Available database objects will be populated. Databases and +instances can be added in the following ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Optionally, use the Add Custom Filter button to create and apply a custom filter. + +**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 1-SQL_PermissionsScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 1-SQL_PermissionScan Job + +Navigate to the **Databases** > 0.Collection > SQL > 1-SQL_PermissionsScan > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup8.webp) + +The default analysis tasks are: + +- Remove Old AIC Resources — Removes AIC resources using the old path that did not include the + schema +- AIC Import – Hosts — Imports SQL hosts to the AIC +- AIC Import – Instance Permissions Node — Imports a node for instance permissions for each instance +- AIC Import – Databases — Imports each database in the SQL instances +- AIC Import – Permissions — Imports SQL Permissions to the AIC +- AIC Import – Roles — Imports a Roles node into the AIC for SQL Server Roles +- AIC Import – Database Role Permissions — Imports role permissions at the database level +- AIC Import – Local SQL Groups — Imports SQL local groups to the AIC +- AIC Import – Instance Role Permissions — Imports permissions assigned to roles at the instance + level diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/collection/2-sql_sensitivedatascan.md b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/2-sql_sensitivedatascan.md new file mode 100644 index 0000000000..d9b93240eb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/2-sql_sensitivedatascan.md @@ -0,0 +1,103 @@ +# 2-SQL_SensitiveDataScan Job + +The 2-SQL_SensitiveDataScan Job discovers sensitive data in the database SQL server instances and +databases based on a pre-defined or user defined search criteria. + +Special Dependency + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + - See the + [Installation & Configuration Overview](/docs/accessanalyzer/11.6/install/application/overview.md) + topic for installation information. + - See the + [Sensitive Data Discovery Add-On](/docs/accessanalyzer/11.6/sensitivedatadiscovery/overview.md) + topic for additional information. + +Though the job is visible within the console, it requires an additional installer package before +data collection occurs. + +## Queries for the 2-SQL_SensitiveDataScan Job + +The SensitiveDataScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup9.webp) + +- SensitiveDataScan – Collects Sensitive Data from targeting instances + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the SensitiveDataScan Query](#configure-the-sensitivedatascan-query) topic for + additional information. + +### Configure the SensitiveDataScan Query + +The 2-SQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive +Data Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 2-SQL_SensitiveDataScan > +Configure node and select Queries. + +**Step 2 –** In the Query Selection view, select the SensitiveDataScan query click on Query +Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this +job. + +![2sqlsensitivedatascanoptionspage](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp) + +**Step 4 –** Select the desired scan options. Navigate to the +[SQL: Options](/docs/accessanalyzer/11.6/admin/datacollector/sql/options.md) +page for additional information. + +**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +![Criteria Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp) + +**Step 5 –** To modify criteria, navigate to the +[SQL: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/sql/criteria.md) +page. By default, the following System Criteria have been selected: + +- Credit Cards +- Tax Forms +- US SSN +- User ID +- Password + + Add or remove criteria if needed. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. + +![Filter Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp) + +**Step 6 –** To query for specific database/instance, navigate to the +[SQL: Filter](/docs/accessanalyzer/11.6/admin/datacollector/sql/filter.md) +page. The query is configured by default to target Only select database objects. Click Retrieve. The +Available database objects box will populate. Databases and instances can be added in the following +ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Optionally use the Add Custom Filter button to create and apply a custom filter. + +**Step 7 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 2-SQL_SensitsveDataScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 2-SQL_SensitiveDataScan Job + +Navigate to the **Databases** > 0.Collection > SQL > 2-SQL_SensitiveDataScan > Configure node and +select Analysis to view the analysis task. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup13.webp) + +The default analysis task is: + +- SQL Server SDD Matches View — Brings the SQL Server SDD Matches View to the SA console +- SQL Server SDD Match Hits View — Brings the SQL Server SDD Match Hits View to the SA console +- AIC Import — Creates the SA_AIC_SddMatchesImport diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/collection/3-sql_activityscan.md b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/3-sql_activityscan.md new file mode 100644 index 0000000000..c330026d5d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/3-sql_activityscan.md @@ -0,0 +1,84 @@ +# 3-SQL_ActivityScan Job + +The 3-SQL_ActivityScan Job captures user activity from targeted SQL server instances and databases. + +Special Dependency + +- SQL Server Audit Specifications to be configured on the target databases + - Audit destination must be a binary file + - See the Microsoft + [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) + article for additional information. + +## Queries for the 3-SQL_ActivityScan Job + +The ActivityScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup14.webp) + +- ActivityScan – Collects activity from targeted instances + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the ActivityScan Query](#configure-the-activityscan-query) topic for additional + information. + +### Configure the ActivityScan Query + +The 3-SQL_ActivityScan Job is preconfigured to run using the default settings within the Server +Audits Events Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 3-SQL_ActivityScan > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, click on Query Properties. The Query Properties window +appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Options Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp) + +**Step 4 –** To modify scan options, navigate to the +[SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) +page. Select the desired scan options. The query is preconfigured with the following default +settings: + +- Collect only events since last scan – Collects activity recorded since the previous scan +- Number of days you want to keep events in the database – The default setting is 15 days +- Collect audits by name – Finds available audits in the database +- Collect audits by path – Collects audits by a specified path + +![Filter Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp) + +**Step 5 –** To scope the query for specific database/instance, navigate to the +[SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) +page. The query is configured by default to target Only select database objects. Click Retrieve. The +Available database objects will be populated. Databases and instances can be added in the following +ways: + +Select the desired database objects and click Add. + +Use the Import CSV button to import a list from a CSV file. + +Optionally use the Add Custom Filter button to create and apply a custom filter. + +**Step 6 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 3-SQL_ActivityScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 3-SQL_ActivityScan Job + +Navigate to the **Databases** > 0.Collection > SQL > 3-SQL_ActivityScan > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup17.webp) + +The default analysis tasks are: + +- AIC Import – Activity– Creates the SA_AIC_ActivityEventsImport table accessible under the job’s + Results node. diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/collection/4-sql_serverlogons.md b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/4-sql_serverlogons.md new file mode 100644 index 0000000000..172d616d52 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/4-sql_serverlogons.md @@ -0,0 +1,18 @@ +# 4-SQL_ServerLogons Job + +The 4-SQL_ServerLogons Job captures SQL server logon activity, which includes successful or failed +logons. + +## Queries for the 4-SQL_ServerLogons Job + +The AppnLogSQL Query uses the SMARTLog Data Collector and has been preconfigured to process the +Windows Event Log Type. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![sqljobgroup18](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup18.webp) + +- AppnLogSQL – Uses SmartLog Data Collector to gather logon events + - See the + [SMARTLog Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/overview.md) + topic for additional information diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/collection/5-sql_serversettings.md b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/5-sql_serversettings.md new file mode 100644 index 0000000000..4dfa0f6d40 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/5-sql_serversettings.md @@ -0,0 +1,101 @@ +# 5-SQL_ServerSettings Job + +The 5-SQL_ServerSettings Job collects SQL server instance and database configuration settings for +evaluation against recommended best practices. + +## Queries for the 5-SQL_ServerSettings Job + +The 5-SQL_ServerSettings Job uses the SQL Data Collector for the following queries: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup19.webp) + +- Configuration – Collects configuration properties + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the Configuration Query](#configure-the-configuration-query) topic for additional + information. +- Server – Collects server properties + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the Server Query](#configure-the-server-query) topic for additional information. +- Connections – Returns connections to the instance +- Asymmetric Key Size – Returns the asymmetric key size +- Symmetric Key Encryption – Returns the symmetric key encryptions being used by the Instance +- CLR Assemblies – Returns CLR Assemblies being used by the Instance +- Instance Details – Provides details on Instance configuration +- Database Details – Returns details for each database in the scanned Instance +- Database Sizing – Returns details on database size +- Linked Servers – Collects information on SQL Linked Servers +- Table Row Count – Returns the number of rows for each table in SQL + +### Configure the Configuration Query + +The 5-SQL_ServerSettings Job’s Configuration Query is configured to run with the default settings +with the Configuration Properties category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 5-SQL_ServerSettings > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, select the Configuration Query and click on Query +Properties. The Query Properties window will appear. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard will +open. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Instance Filters](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp) + +**Step 4 –** To scope the query for specific database/instance, navigate to the +[SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) +page. The query is configured by default to target All instances. Change the query scope to Only +select instances, and click Retrieve. The Available server audits will be populated. Databases and +instances can be added in the following ways: + +- Select the desired instances and click Add. +- Use the Import CSV button to import a list from a CSV file. +- (Optional) Use the Add Custom Filter button to create and apply a custom filter. + +**Step 5 –** On the Summary page, click Finish to save any setting modifications or click Cancel if +no changes were made. Then click OK to close the Query Properties window. + +The 5-SQL_ServerSettings Job is now ready to run with the customized settings. + +### Configure the Server Query + +The 5-SQL_ServerSettingsJob > Server Query has been preconfigured to run with the default settings +with the category of Server Properties. However, the query can be scoped to target specific +databases/instances on the Filters page of the SQL Data Collector Wizard. Follow these steps to +modify the query configuration. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 5-SQL_ServerSettings > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, select the Server query click on Query Properties. The +Query Properties window will appear. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard will +open. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Filter Page](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp) + +**Step 4 –** To scope the query for specific database/instance, navigate to the +[SQL Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/sql/overview.md) +page. The query is configured by default to target All instances. Change the query scope to Only +select instances, and click Retrieve. The Available server audits will be populated. Databases and +instances can be added in the following ways: + +- Select the desired instances and click Add. +- Use the Import CSV button to import a list from a CSV file. +- Optionally use the Add Custom Filter button to create and apply a custom filter. + + Remember, it is necessary for the + [0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/0-sql_instancediscovery.md) + to run before attempting to scope this query. + +**Step 5 –** On the Summary page, click Finish to save any setting modifications or click Cancel if +no changes were made. Then click OK to close the Query Properties window. + +The 5-SQL_ServerSettings Job is now ready to run with the customized settings. diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/collection/overview.md b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/overview.md new file mode 100644 index 0000000000..f95a13273f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/collection/overview.md @@ -0,0 +1,28 @@ +# 0.Collection > SQL Job Group + +The 0.Collection Job Group is designed to collect high level summary information form targeted +Microsoft SQL Servers. This information is used by other jobs in the SQL solution set for further +analysis and for producing reports. + +![0.Collection Job Group - SQL](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup1.webp) + +The jobs in the 0.Collection Job Group are: + +- [0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/0-sql_instancediscovery.md) + – This job is designed to enumerate and store the list of SQL Server Instances running on the + targeted servers +- [1-SQL_PermissionsScan](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/1-sql_permissionsscan.md) + – This job is designed to collect SQL Server instance and database level permissions from all + targeted servers +- [2-SQL_SensitiveDataScan Job](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/2-sql_sensitivedatascan.md) + – This job is designed to discover sensitive data in the database SQL Server instances and + databases based on a pre-defined or user-defined search criteria +- [3-SQL_ActivityScan Job](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/3-sql_activityscan.md) + – This job is designed to capture user activity from all targeted SQL server instances and + databases +- [4-SQL_ServerLogons Job](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/4-sql_serverlogons.md) + – This job is designed to capture all types of SQL server logon activity including successful or + failed logons +- [5-SQL_ServerSettings Job](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/5-sql_serversettings.md) + – This job is designed to collect SQL server instance and database configuration settings so that + they can be evaluated against recommended best practices diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/overview.md b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/overview.md new file mode 100644 index 0000000000..3e9097bb53 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/overview.md @@ -0,0 +1,30 @@ +# 4.Configuration Job Group + +The 4.Configuration Job Group provides information on potential vulnerabilities related to SQL and +Azure SQL server configuration settings. + +![configurationjobgroup](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/configurationjobgroup.webp) + +The jobs in the 4.Configuration Job Group are: + +- [SQL_Authentication Job](/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_authentication.md) + – This job identifies authentication settings on targeted SQL and Azure SQL servers that allow SQL + server authentication in addition to Windows authentication. Microsoft recommends that the SQL and + Azure SQL servers should be generally configured to utilize Windows authentication versus SQL + authentication. +- [SQL_BestPractices Job](/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_bestpractices.md) + – This job is designed to analyze SQL and Azure SQL server configuration settings and report on + any findings that deviate from recommended Microsoft Best Practices when it comes to creating, + maintaining, and securing SQL servers +- [SQL_CMDShell Job](/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_cmdshell.md) + – This job is designed to report if the `xp_cmdshell `stored procedure is enabled or disabled. + Since `xp_cmdshell` allows a user to execute operating system commands when connected to the SQL + or Azure SQL server, it can be used to launch malicious attacks. Microsoft recommends that the + `xp_cmdshell` stored procedure be disabled. +- [SQL_DatabaseSizing Job](/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_databasesizing.md) + – Provides details on database file sizes and overall database sizes +- [SQL_LinkedServers Job](/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_linkedservers.md) + – Identifies Linked Servers or remote database servers on which the identified SQL and Azure + SQL server can execute commands. Some of the common remote OLE DB providers include IBM DB2, + Oracle, Access and Excel. Typically, linked servers are used to handle distributed queries in SQL + and Azure SQL server. diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_authentication.md b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_authentication.md new file mode 100644 index 0000000000..79275022de --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_authentication.md @@ -0,0 +1,30 @@ +# SQL_Authentication Job + +The SQL_Authentication Job identifies authentication settings on targeted SQL and Azure SQL servers +that allow SQL server authentication in addition to Windows authentication. Microsoft recommends +that SQL and Azure SQL servers should be generally configured to utilize Windows authentication +versus SQL server authentication. + +## Analysis Tasks for the SQL_Authentication Job + +Navigate to the **Databases** > SQL > 4.Configuration > SQL_Authentication > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sqljobgroup43.webp) + +The default analysis tasks are: + +- Determine authentication configurations – Creates the SA_SQLServer_Authentication_Details table + accessible under the job’s Results node +- Authentication Summary – Creates the SA_SQLServer_Authentication_Summary table accessible under + the job’s Results node. Provides a summary of targeted servers with SQL authentication enabled. + +In addition to the tables and views created by the analysis task, the SQL_Authentication Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SQL  Authentication | This report identifies authentication settings on the targeted servers, and highlights those with SQL Authentication enabled. Additionally, the number of SQL logins on a given instance, and whether or not the 'sa' login exists, are indicated. Best practices recommend that SQL instances be integrated login only, and that the 'sa' principal be renamed or removed. | None | This report is comprised of two elements: - Pie Chart – Displays instances with integrated security only - Table – Displays integrated security details by instance | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_bestpractices.md b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_bestpractices.md new file mode 100644 index 0000000000..c6745bc867 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_bestpractices.md @@ -0,0 +1,29 @@ +# SQL_BestPractices Job + +The SQL_BestPractices Job analyzes SQL and Azure SQL server configuration settings and reports any +findings that deviate from recommended Microsoft Best Practices when it comes to creating, +maintaining, and securing SQL and Azure SQL servers. + +### Analysis Tasks for the SQL_BestPractices Job + +Navigate to the **Databases** > SQL > 4.Configuration > SQL_BestPractices > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sqljobgroup44.webp) + +The default analysis tasks are: + +- SQL Best Practices – Creates the SA_SQL_BestPractices table accessible under the job’s Results + node +- SQL Best Practices Instance Summary – Creates the SA_SQL_BestPractices_Summary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_BestPractices Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | --------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SQL Server Best Practices | Evaluates settings on SQL and Azure SQL Instances and Databases for SQL Best Practices. | None | This report is comprised of three elements: - Pie Chart – Displays best practice adherence - Table– Displays configuration settings - Table – Displays instance summary | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_cmdshell.md b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_cmdshell.md new file mode 100644 index 0000000000..838028208b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_cmdshell.md @@ -0,0 +1,27 @@ +# SQL_CMDShell Job + +The SQL_CMDShell Job reports on whether the `xp_cmdshell` stored procedure is enabled or disabled. +Since `xp_cmdshell` allows users to execute operating system commands when connected to the SQL or +the Azure SQL server, it can be used to launch malicious attacks. Microsoft recommends that the +`xp_cmdshell` stored procedure be disabled. + +## Analysis Tasks for the SQL_CMDShell Job + +Navigate to the **Databases** > SQL > 4.Configuration > SQL_CMDShell > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sqljobgroup45.webp) + +The default analysis task is: + +- XP CMD Shell – Creates the SA_SQL_CMDShell_Status table accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the SQL_CMDShell Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------- | +| xp_cmdshell Settings | Because malicious users sometimes attempt to elevate their privileges by using xp_cmdshell, xp_cmdshell is disabled by default. Use sp_configure or Policy Based Management to disable it on any instances which have it enabled. | None | This report is comprised of two elements: - Pie Chart – Displays instance summary - Table– Displays configuration details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_databasesizing.md b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_databasesizing.md new file mode 100644 index 0000000000..7070b8c1fd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_databasesizing.md @@ -0,0 +1,25 @@ +# SQL_DatabaseSizing Job + +The SQL_DatabaseSizing Job provides details on database file sizes and overall database sizes. + +## Analysis Tasks for the SQL_DatabaseSizing Job + +Navigate to the **Databases** > Jobs > SQL > 4.Configuration > SQL_DatabaseSizing Job >Configure +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/analysistask.webp) + +The default analysis tasks are: + +- Database Size Details – Provides details on database files and sizes +- Database Size Summary – Summarizes database file sizes by database + +In addition to the tables created by the analysis tasks, the **SQL_DatabaseSizing Job** produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report provides details on database files and sizing. | None | This report is comprised of three elements: - Bar Chart – Provides information on the top five databases by size (MB) - Bar Chart – Provides information on database sizes by host (GB) - Table – Provides details on database sizing | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_linkedservers.md b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_linkedservers.md new file mode 100644 index 0000000000..242632dc8f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sql_linkedservers.md @@ -0,0 +1,28 @@ +# SQL_LinkedServers Job + +The SQL_LinkedServers Job identifies Linked Servers or remote database servers on which the +identified SQL and Azure SQL servers can execute commands. Some of the common remote +OLE DB providers include IBM DB2, Oracle, Access and Excel. Typically, linked servers are used to +handle distributed queries in SQL and Azure SQL server . + +## Analysis Tasks for the SQL_LinkedServers Job + +Navigate to the **Databases** > Jobs > SQL > 4.Configuration > SQL_LinkedServers Job >Configure node +and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +pre-configured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- Linked Server Details – Provides details on SQL Linked Servers +- Linked Server Summary – Summarizes Linked Servers by instance + +In addition to the tables created by the analysis tasks, the **SQL_DatabaseSizing Job** produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ----------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Linked Servers | This report highlights Linked Servers where the listed SQL Server is able to execute remote commands. | None | This report is comprised of three elements: - Bar Chart – Provides information on top five linked servers by instance - Table – Provides details on linked servers by instance - Table – Provides details on linked servers | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/overview.md b/docs/accessanalyzer/11.6/solutions/databases/sql/overview.md new file mode 100644 index 0000000000..c258c6941b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/overview.md @@ -0,0 +1,78 @@ +# SQL Job Group + +The SQL Job Group reports on SQL Server, AzureSQL, or both depending on which collection jobs were +run. The SQL Job Group is a comprehensive set of pre-configured audit jobs and reports that provide +information on users and roles, activity, permissions, configuration, sensitive data, and overall +security assessment. + +Supported Platforms + +- Azure SQL + +- SQL Server 2022 +- SQL Server 2019 +- SQL Server 2017 +- SQL Server 2016 + +Requirements, Permissions, and Ports + +See the +[Target SQL Server Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/databasesql.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans.If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host.For example, if the job is configured to scan 8 hosts at a time , then +an extra 16 GB of RAM are required (8x2=16). + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Location + +The SQL Job Group within the Jobs tree, as part of the Database Solution: Jobs > Database > SQL. + +The Database Solution license includes all supported database platforms supported by Enterprise +Auditor. Additionally, the Sensitive Data Discovery Add-On enables the solution to search database +content for sensitive data. + +![SQL Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sqljobgroup.webp) + +The SQL Job Group includes: + +- Databases > 0.Collection > SQL > + [0.Collection > SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/overview.md) + – This job group is designed to collect high level summary information from Microsoft SQL servers. + This information is used by other jobs in the SQL solution set for further analysis and for + producing respective reports. +- Databases > 0.Collection > AzureSQL > + [0.Collection > Azure SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/overview.md) + — This job group is designed to collect high level summary information from targeted Azure SQL + Instances. This information is used by other jobs in the Azure SQL solution set to provide further + analysis and for producing respective reports. +- [1.Users and Roles Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/overview.md)– + This job group is designed to provide insight into user security, roles, and object permissions to + all the SQL server objects +- [2.Activity Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/activity/overview.md) + – This job group is designed to provide insight into use login activity, object permission + changes, any unusual database activity, SQL activity against sensitive data, SQL activity against + selective or all database objects +- [3.Permissions Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/overview.md) + – This job group is designed to provide insight into all types of permissions at the instance, + database, and object level across all the targeted SQL servers +- [4.Configuration Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/configuration/overview.md) + – This job group is designed to provide insight into potential vulnerabilities related to SQL + server configuration settings +- [5.Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/overview.md)– + This job group is designed to provide insight into where sensitive data exists and who has access + to it across all the targeted SQL server databases + - Requires the Sensitive Data Discovery Add-On. +- [SQL_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/databases/sql/sql_securityassessment.md) + – This job is designed to summarize and categorize the security findings into HIGH, MEDIUM, LOW, + and NO FINDING categories based on their severity. diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/overview.md b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/overview.md new file mode 100644 index 0000000000..303e3bf0b5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/overview.md @@ -0,0 +1,25 @@ +# 3.Permissions Job Group + +The 3.Permissions Job Group provides insight into permissions at the instance, database, and object +level across all targeted SQL and Azure SQL servers. + +![sqljobgroup36](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup36.webp) + +The jobs in the 3.Permissions Job Group are: + +- [SQL_ControlServer Job](/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_controlserver.md) + – This job will provide information on control server permissions. Users with control server + permissions allow users to command full control of a SQL and Azure SQL server instances +- [SQL_DirectPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_directpermissions.md) + – This job will provide information about the permissions granted to users at the schema, + database, and server levels +- [SQL_DomainUserPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_domainuserpermissions.md) + – This job will provide insight into Microsoft Active Directory domain users’ access to SQL and + Azure SQL server objects both at the instance and database level +- [SQL_PublicPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_publicpermissions.md) + – This job analyzes all the permissions granted at the server level and reports on the effective + server level permissions across all the audited SQL and Azure SQL server instances +- [SQL_ServerPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_serverpermissions.md) + – This job provides the list of SQL and Azure SQL server logins that have the PUBLIC roles + assigned. In addition, it also provides the list of permissions assigned to the PUBLIC role as + well diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_controlserver.md b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_controlserver.md new file mode 100644 index 0000000000..9236365345 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_controlserver.md @@ -0,0 +1,30 @@ +# SQL_ControlServer Job + +The SQL_ControlServer Job provides information on control server permissions. Users with control +server permissions can command full control of a SQL and Azure SQL server instance. + +## Analysis Tasks for the SQL_ControlServer Job + +Navigate to the **Databases** > SQL > 3.Permissions > SQL_ControlServer > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup37.webp) + +The default analysis tasks are: + +- Determine Control Server Rights – Creates the SA_SQL_ControlServer_Details table accessible under + the job’s Results node +- Control Server Domain Users – Creates the SA_SQLServer_ControlServer_DomainUsers table accessible + under the job’s Results node +- Control Server Instance Summary – Creates the SA_SQLServer_ControlServer_InstanceSummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the SQL_ControlServer Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Control Server Permissions | This report highlights control server permissions, and summarizes them by instance and by domain user. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by control server permissions - Table – Provides details on instances by control server permission count - Table – Provides details on control server permissions | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_directpermissions.md b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_directpermissions.md new file mode 100644 index 0000000000..7810dc381e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_directpermissions.md @@ -0,0 +1,32 @@ +# SQL_DirectPermissions Job + +The SQL_DirectPermissions Job provides information on permissions granted to users at the schema, +database, and server level. + +## Analysis Tasks for the SQL_DirectPermissions Job + +Navigate to the **Databases** > SQL > 3.Permissions > SQL_DirectPermissions > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup38.webp) + +The default analysis tasks are: + +- Determine database permissions – Creates the SA_SQLServer_DirectPermissions_DatabaseDetails table + accessible under the job’s Results node +- Determine schema permissions – Creates the SA_SQLServer_DirectPermissions_SchemaDetails table + accessible under the job’s Results node +- Determine server permissions – Creates the SA_SQLServer_DirectPermissions_ServerDetails table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_DirectPermissions Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Database Permissions | This report highlights SQL permissions granted at the database level. | None | This report is comprised of three elements: - Bar Chart – Displays database permission summary - Table – Provides details on database permission summary - Table – Provides details on database permission details | +| Schema Permissions | This report lists all SQL permissions granted at the schema level. | None | This report is comprised of three elements: - Bar Chart – Displays top schema by permission count - Table – Provides details on permission summary - Table – Provides details on schema permission details | +| Server Permissions | This report highlights SQL permissions being granted at the server level. | None | This report is comprised of three elements: - Bar Chart – Displays server permission summary - Table – Provides details on server permission summary - Table – Provides details on server permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_domainuserpermissions.md b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_domainuserpermissions.md new file mode 100644 index 0000000000..207099831d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_domainuserpermissions.md @@ -0,0 +1,28 @@ +# SQL_DomainUserPermissions Job + +The SQL_DomainUserPermissions Job provides insight into Microsoft Active Directory domain users’ +access to SQL and Azure SQL server objects at both the instance and database level. + +## Analysis Tasks for the SQL_DomainUserPermissions Job + +Navigate to the **Databases** > SQL > 3.Permissions > SQL_DomainUserPermissions > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup39.webp) + +The default analysis tasks are: + +- Domain User Permissions Details – Creates the SA_SQLServer_DomainUserPermissions_Details table + accessible under the job’s Results node +- Domain User Permissions Summary – Creates the SA_SQLServer_DomainUserPermissions_Summary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_DomainUserPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | --------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain User SQL Access | This report looks at SQL server permissions granted to domain users across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance count - Table – Provides details on access sprawl - Table – Provides details on permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_publicpermissions.md b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_publicpermissions.md new file mode 100644 index 0000000000..347c44001b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_publicpermissions.md @@ -0,0 +1,32 @@ +# SQL_PublicPermissions Job + +The SQL_PublicPermissions Job provides the list of SQL server logins that have the PUBLIC roles +assigned. In addition, it also provides the list of permissions assigned to the PUBLIC role as well. + +## Analysis Tasks for the SQL_PublicPermissions Job + +Navigate to the **Databases** > SQL > 5.Permissions > SQL_PublicPermissions > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup40.webp) + +The default analysis tasks are: + +- Calculate public permissions – Creates the SA_SQLServer_PublicPermissions_Details table accessible + under the job’s Results node +- Public Permissions Summary – Creates the SA_SQLServer_PublicPermissions_DatabaseSummary table + accessible under the job’s Results node +- Public Permissions Summary – Highlights permissions that have been granted to the public role on + objects that are not-default SQL or Azure SQL server objects +- Public Permissions Instance Summary (Non-Default) – Summarizes non-default SQL and Azure SQL + server public permissions by instance + +In addition to the tables and views created by the analysis task, the SQL_PublicPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | -------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Public Permissions | This report determines highlights objects with public permissions applied. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by public permission count - Table – Provides details on databases by public permission count - Table – Provides details on public permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_serverpermissions.md b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_serverpermissions.md new file mode 100644 index 0000000000..36fdccbf5a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_serverpermissions.md @@ -0,0 +1,28 @@ +# SQL_ServerPermissions Job + +The SQL_ServerPermissions Job analyzes permissions granted at the server level and reports on +effective server level permissions across all audited SQL and Azure SQL server instances. + +## Analysis Tasks for the SQL_ServerPermissions Job + +Navigate to the **Databases** > SQL > 3.Permissions > SQL_ServerPermissions > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup41.webp) + +The default analysis tasks are: + +- Server Permissions – Creates the SA_SQLServer_ServerPermission_Details table accessible under the + job’s Results node +- System Permissions Instance Summary –Creates the SA_SQLServer_ServerPermission_InstanceSummary + table accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the SQL_ServerPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | -------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Server Permissions | This report highlights server permissions and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by server permissions - Table – Provides details on instances by server permission count - Table – Provides details on server permissions | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/recommended.md b/docs/accessanalyzer/11.6/solutions/databases/sql/recommended.md new file mode 100644 index 0000000000..a966b5cc82 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/recommended.md @@ -0,0 +1,168 @@ +# Recommended Configurations + +The following sections describe the recommended configurations for the SQL Solution 0.Collection Job +Group and the Azure SQL 0.Collection Job Group. + +**NOTE:** The SQL Solution Jobs report on both the SQL and Azure SQL Collection Jobs. + +## SQL Solution 0.Collection Job Group + +The SQL Solution has been configured to inherit down from the SQL > Settings node. However, it is +best practice to assign the host list and the Connection Profile at the data collection level, the +0.Collection Job Group. Once these are assigned to the job group, it can be run directly or +scheduled. + +Dependencies + +- .Active Directory Inventory Job Group run successfully +- For Activity Auditing – SQL Server Audit Specifications to be configured on the target databases + - Audit destination must be a binary file + - See the Microsoft + [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) + article for additional information. +- For Sensitive Data Discovery Auditing – Sensitive Data Discovery Add-On installed on the + Enterprise Auditor Console server +- For the SQL_SecurityAssessment Job – One or more of the following jobs or job groups must be run + to produce results: + - [0.Collection > SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/overview.md) + - [1.Users and Roles Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/overview.md) + - [3.Permissions Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/overview.md) + - [5.Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/overview.md) + - [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/overview.md) + - [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/overview.md) + +Some of the 0.Collection Job Group queries can be scoped to target specific databases/instances. +However, it is necessary for the SA_SQL_Instances table to be populated before attempting to scope +the queries. Therefore, the +[0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/0-sql_instancediscovery.md) +must be manually executed before attempting to scope the 0.Collection Job Group queries. + +Targeted Host(s) + +The 0.Collection Job Group has been set to run against the following default dynamic host list: + +- All Microsoft SQL Server Hosts + + **NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which + meet the host inventory criteria for the list. Ensure the appropriate host list(s) have been + populated through host inventory results. + +Connection Profile + +The SQL Data Collector requires a specific set of permissions. See the Permissions section for +necessary permissions. The account used can be either an Active Directory account or a SQL account. +Once the account has been provisioned, create a custom Connection Profile containing the credentials +for the targeted environment. See the +[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/11.6/admin/datacollector/sql/configurejob.md) +topic for additional information. + +The Connection Profile should be assigned under the SQL > 0.Collection > Settings > Connection node. +It is set to Use the Default Profile, as configured at the global settings level. However, since +this may not be the Connection Profile with the necessary permissions for the assigned hosts, click +the radio button for the Select one of the following user defined profiles option and select the +appropriate Connection Profile drop-down menu. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +One of the most important decisions to make is how frequently to collect this data. The SQL Job +Group can be scheduled to run as desired depending on the types of auditing being conducted and the +scope of the target environment. The general recommendation is to schedule the solution to run +daily. + +Run Order + +The 0.Collection Jobs must be run first and in order. The other SQL Solution sub-job groups can be +run in any order, together or individually, after running the 0.Collection Job Group. + +**_RECOMMENDED:_** Run the solution at the top level. + +Workflow + +Prerequisites: + +- Successful execution of the .Active Directory Inventory Job Group +- For the 3-SQL_ActivityScan, configure SQL Server Audit and SQL Server Audit Specifications on + target SQL Server Databases. Audit destination for the configured server or database audit must be + a binary file. +- The 5-SQL_ServerSettings Job contains the Orphaned Users query which returns users that are + orphaned for each database. The query uses the sp_Change_users_login procedure which requires the + db_owner fixed database to be assigned to the Enterprise Auditor User. See the + [sp_change_users_login (Transact-SQL)](https://docs.microsoft.com/en-us/sql/relational-databases/system-stored-procedures/sp-change-users-login-transact-sql?view=sql-server-ver15) + Microsoft article for additional information. + +1. (Optional) Configure the queries for the jobs in the 0.Collection Job Group +2. Schedule the 0.Collection Job Group to run daily or as desired + + **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the + SQL solution + +3. Review the reports generated by the 0.Collection Job Group’s jobs + +## Azure SQL 0.Collection Job Group + +The Azure SQL Solution has been configured to inherit down from the Azure SQL > Settings node. +However, it is best practice to assign the host list and the Connection Profile at the data +collection level, the 0.Collection Job Group. Once these are assigned to the job group, it can be +run directly or scheduled. + +Dependencies + +- Full registration within Microsoft's Azure portal: + + - Creation of a Enterprise Auditor Azure SQL Role in the Access control (IAM) section + - Successful registration of the Enterprise Auditor app + - Successful creation of an Application (client) ID + +- Successful configuration of an AzureSQL-specific connection profile +- Creation of an Azure Tenancy host list (ex. COMPANY.onmicrosoft.com) and Azure Active Directory + user credential(s) + + **_RECOMMENDED:_** To avoid functional issues with Enterprise Auditor, create multiple + connection profiles to accommodate multiple credentials. + +- Define and validate connection information in the Connection screen +- [0-AzureSQL_InstanceDiscovery Job](/docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md) + run successfully + +Targeted Host(s) + +The 0.Collection Job Group has been set to run against the following default dynamic host list: + +- All targeted Azure SQL Tenants + +Connection Profile + +The SQL Data Collector requires a specific set of permissions. See the Permissions section for +necessary permissions. The account used can be either an Active Directory account with database +login enabled or a SQL account. Once the account has been provisioned, create a custom Connection +Profile containing the credentials for the targeted environment. See the +[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/11.6/admin/datacollector/sql/configurejob.md) +topic for additional information. + +The Connection Profile should be assigned under the **Databases** > 0.Collection > Azure SQL > +Settings > Connection node. It is set to Use the Default Profile, as configured at the global +settings level. However, since this may not be the Connection Profile with the necessary permissions +for the assigned hosts, click the radio button for the Select one of the following user defined +profiles option and select the appropriate Connection Profile drop-down menu. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +One of the most important decisions to make is how frequently to collect this data. The Azure SQL +Job Group can be scheduled to run as desired depending on the types of auditing being conducted and +the scope of the target environment. The general recommendation is to schedule the solution to run +daily. + +Run Order + +The 0.Collection Jobs must be run first and in order. The other Azure SQL Solution sub-job groups +can be run in any order, together or individually, after running the 0.Collection Job Group. + +**_RECOMMENDED:_** Run the solution at the top level. diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/overview.md b/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/overview.md new file mode 100644 index 0000000000..47fb67a6a9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/overview.md @@ -0,0 +1,19 @@ +# 5.Sensitive Data Job Group + +The 5.Sensitive Data Job Group provides information on where sensitive data exists, and who has +access to that sensitive data, across all targeted SQL and Azure SQL server databases. + +Special Dependency for Data Collection + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + +![5.Sensitive Data Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sqljobgroup46.webp) + +The jobs in the 5.Sensitive Data Job Group are: + +- [SQL_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sql_sensitivedata.md) + – This job is designed to provide information on all the sensitive data that was discovered in the + targeted SQL or Azure SQL servers based on the selected scan criteria +- [SQL_SensitiveDataPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sql_sensitivedatapermissions.md) + – This job is designed to provide all types of permissions on database objects containing + sensitive data across all the targeted SQL or Azure SQL servers diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sql_sensitivedata.md b/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sql_sensitivedata.md new file mode 100644 index 0000000000..d76db28102 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sql_sensitivedata.md @@ -0,0 +1,31 @@ +# SQL_SensitiveData Job + +The SQL_SensitiveData Job designed to provide information on all the sensitive data that was +discovered in the targeted SQL or Azure SQL servers based on the selected scan criteria. + +## Analysis Tasks for the SQL_SensitiveData Job + +Navigate to the **Databases** > SQL > 5.Sensitve Data > SQL_SensitiveData > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sqljobgroup47.webp) + +The default analysis tasks are: + +- Determine sensitive data details – Creates the SA_SQLServer_SensitiveData_Details table accessible + under the job’s Results node +- Database summary – Creates the SA_SQLServer_SensitiveData_DatabaseSummary table accessible under + the job’s Results node +- Enterprise summary – Creates the SA_SQLServer_SensitiveData_EnterpriseSummary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveData Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Pie Chart – Displays exceptions by match count - Table – Provides details on exception details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by sensitive data hits - Table – Provides details on databases with sensitive data - Table – Provides details on sensitive data details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sql_sensitivedatapermissions.md b/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sql_sensitivedatapermissions.md new file mode 100644 index 0000000000..57cf1b40ef --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sql_sensitivedatapermissions.md @@ -0,0 +1,28 @@ +# SQL_SensitiveDataPermissions Job + +The SQL_SensitiveDataPermissions Job is designed to provide all types of permissions on database +objects containing sensitive data across all the targeted SQL or Azure SQL servers. + +## Analysis Tasks for the SQL_SensitiveDataPermissions Job + +Navigate to the **Databases** > SQL > 5.Sensitve Data > SQL_SensitiveDataPermissions > Configure +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sqljobgroup48.webp) + +The default analysis tasks are: + +- List sensitive data permission details – Creates the SA_SQL_SensitiveDataPermissions_Details table + accessible under the job’s Results node +- Sensitive Data Permissions Database Summary – Creates the + SA_SQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataPermissions +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/sql_securityassessment.md b/docs/accessanalyzer/11.6/solutions/databases/sql/sql_securityassessment.md new file mode 100644 index 0000000000..d4bce51c21 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/sql_securityassessment.md @@ -0,0 +1,39 @@ +# SQL_SecurityAssessment Job + +The SQL_SecurityAssessment Job summarizes and categorizes security findings into HIGH, MEDIUM, LOW, +and NO FINDINGS categories based on severity. + +![SQL_SecurityAssessment](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sqljobgroup49.webp) + +Special Dependencies + +One or more of the following jobs or job groups must be run to produce results: + +- [0.Collection > SQL Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/collection/overview.md) +- [SQL_PasswordIssues Job](/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_passwordissues.md) +- [SQL_RoleMembers Job](/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_rolemembers.md) +- [SQL_PublicPermissions Job](/docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sql_publicpermissions.md) +- [5.Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/overview.md) +- [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/overview.md) +- [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/overview.md) + +Only information collected from jobs/groups being run will produce findings. + +### Analysis Task for the SQL_SecurityAssessment Job + +Navigate to the SQL > SQL_SecurityAssesment > Configure node and select Analysis to view the +analysis task. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sqljobgroup50.webp) + +The default analysis task is: + +- Summarize Audit Findings – Pulls data from tables created by the jobs and job groups throughout + the SQL Solution to provide a summary of results in the SQL Security Assessment report + +In addition to the tables and views created by the analysis task, the SQL_SecurityAssessment Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | -------------------------------------------------------------------------- | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| SQL Security Assessment | This report summarizes security related results from the SQL solution set. | Security Assessment | This report is comprised of four elements: - Table – Provides details on the scope of the audit of the SQL Solution set - Pie Chart – Displays job findings by severity - Table – Displays findings by category and provides details on the SQL_SecurityAssessment job results | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/overview.md b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/overview.md new file mode 100644 index 0000000000..50dedeb9e3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/overview.md @@ -0,0 +1,28 @@ +# 1.Users and Roles Job Group + +The 1.Users and Roles Job Group is designed to provide insight into user security, roles, and object +permissions to all SQL or Azure SQL server objects. + +![Users and Roles Job Group](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup22.webp) + +The jobs in the 1.Users and Roles Job Group are: + +- [SQL_DatabasePrinciples Job](/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_databaseprinciples.md) + – This job group is designed to provide detailed information on database principals across all the + targeted SQL or Azure SQL server instances +- [SQL_PasswordIssues Job](/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_passwordissues.md) + – This job group is designed to analyze the SQL or Azure SQL login passwords and evaluate if they + comply with the prescribed password policies. In addition, it checks for weak passwords. +- [SQL_RoleMembers Job](/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_rolemembers.md) + – This job is designed to analyze and provide information about all the role members in each o the + SQL or Azure SQL server role groups, both at the instance and database level, across all the + targeted SQL or Azure SQL servers +- [SQL_ServerPrincipals Job](/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_serverprincipals.md) + – This job is designed to provide information about all the server principals on the instances + across all the targeted SQL or Azure SQL servers +- [SQL_SQLLogins Job](/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_sqllogins.md) + – This job is designed to provide information on both successful and failed SQL or Azure SQL + server logins across all the targeted SQL or Azure SQL servers +- [SQL_SysAdmins Job](/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_sysadmins.md) + – This job group is designed to provide insight into all the users who have SQL or Azure SQL + server administration roles across all the targeted SQL or Azure SQL servers diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_databaseprinciples.md b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_databaseprinciples.md new file mode 100644 index 0000000000..73c1ef2403 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_databaseprinciples.md @@ -0,0 +1,28 @@ +# SQL_DatabasePrinciples Job + +The SQL_DatabasePrinciplesJob provides detailed information on database principals across all +targeted SQL or Azure SQL server instances. + +## Analysis Tasks for the SQL_DatabasePrinciples Job + +Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_DatabasePrinciples > Configure node +and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup23.webp) + +The default analysis tasks are: + +- Determine user details – Creates the SA_SQLServer_DatabasePrincipals_Details table accessible + under the job’s Results node +- Summarize by instance – Creates the SA_SQLServer_DatabasePrincipals_InstanceSummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_DataPrinciples Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Principles | This report determines all database principals on a per-instance basis. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by domain principal count - Table – Provides details on principal count by instance - Table – Provides details on principal details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_passwordissues.md b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_passwordissues.md new file mode 100644 index 0000000000..c8ea2c03f8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_passwordissues.md @@ -0,0 +1,57 @@ +# SQL_PasswordIssues Job + +The SQL_PasswordIssues Job analyzes SQL or Azure SQL login passwords and evaluates SQL login +password compliance against prescribed password policies. The SQL_PasswordIssues Job also checks for +weak passwords. + +## Queries for the SQL_Passwords Job + +The Collect Weak Passwords Job uses the PowerShell Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup24.webp) + +- Collect Weak Passwords – Locate the dictionary file containing the weak passwords and import the + passwords + - See + [PowerShell Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/powershell/overview.md) + for additional information. + +## Analysis Tasks for the SQL_PasswordIssues Job + +Navigate to the Jobs > **Databases** > SQL > 3.Users and Roles > SQL_PasswordIssues > Configure node +and select Analysis to view the analysis tasks. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or +deselected unless otherwise specified. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp) + +The default analysis tasks are: + +- Analyze the Weak Passwords – Compare the weak passwords list against the collected password hashes + - This analysis task has a configurable parameter: + - @ShowPassword – Set to **0** by default. Set to **1** to enable the analysis task to bring + back the plain-text password that was found + - See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information on modifying analysis parameters. +- Shared Passwords – Highlights SQL Server Logins with shared password hashes +- No Password – Inserts users that do not have a password set into the details table +- Summarize the Weak Password Results – Summarizes the data that has been collected by the weak + passwords job + +The following analysis task is deselected by default: + +- Drop SQL Login Password Hashes – Nulls the SQL password hashes for the SQLServer_SqlLogins table. + - Enable this analysis task only if needed. This analysis task nulls the password_hash column in + the SA_SqlServer_SqlLogins table. + +In addition to the tables and views created by the analysis tasks, the SQL_PasswordIssues Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Reused Passwords | This report highlights instances where a password hash is being reused. | None | This report is comprised of one element: - Table – Provides details on reused password details | +| Weak Passwords | This report highlights SQL logins that have a weak password. | None | This report is comprised of three elements: - Bar Chart – Displays weak passwords by instance - Table – Provides details on weak passwords by instance data - Table – Provides details on logins with weak passwords | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_rolemembers.md b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_rolemembers.md new file mode 100644 index 0000000000..7af58ec4bf --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_rolemembers.md @@ -0,0 +1,34 @@ +# SQL_RoleMembers Job + +The SQL_RoleMembers Job analyzes and provides information on role members in each SQL server role +group, both at the instance and database level, across all targeted SQL servers. + +## Analysis Tasks for the SQL_RoleMembers Job + +Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_RoleMembers > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup26.webp) + +The default analysis tasks are: + +- Role Member Details – Creates the SA_SQLServer_RoleMember_Details table accessible under the job’s + Results node +- Effective SQL Role Membership – Creates the SA_SQLServer_EffectiveMembership table accessible + under the job’s Results node. This analysis task determines the Effective Role Membership for SQL + or Azure SQL Roles. +- Effective AD Role Membership – Creates the SA_SQLServer_EffectiveRoleMembership table accessible + under the job’s Results node. This analysis task determines the AD Effective Role Membership for + SQL or Azure SQL Roles and adds them to the SQL Effective Membership table. +- Role Membership Instances Summary – Creates the SA_SQL_RoleMember_Summary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_RoleMembers Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Role Membership | This report shows details on the roles and role membership in the audited SQL environment. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top instances by server and database role membership - Table – Provides details on instances by server and database role membership - Table – Provides details on role membership details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_serverprincipals.md b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_serverprincipals.md new file mode 100644 index 0000000000..502d39d86c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_serverprincipals.md @@ -0,0 +1,28 @@ +# SQL_ServerPrincipals Job + +The SQL_ServerPrincipals Job provides information on server principals at the instance level across +targeted SQL or Azure SQL servers. + +## Analysis Tasks for the SQL_ServerPrincipals Job + +Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_ServerPrincipals > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup27.webp) + +The default analysis tasks are: + +- Determine user details – Creates the SA_SQL_ServerPrincipals_Details table accessible under the + job’s Results node +- Summarize by Instance – Creates the SA_SQL_ServerPrincipals_InstanceSummary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_ServerPrincipals Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Server Principals | This report determines all server principals on a per-instance basis. Users are considered stale if they have not authenticated to the domain in 60 days. This threshold can be configured in the 3-AD_Exceptions job in the .Active Directory Inventory job group. | None | This report is comprised of three elements: - Bar Chart – Displays top instances - Table – Provides details on principal count by instance - Table – Provides details on principal details | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_sqllogins.md b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_sqllogins.md new file mode 100644 index 0000000000..dbb62c32c9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_sqllogins.md @@ -0,0 +1,28 @@ +# SQL_SQLLogins Job + +The SQL_SQLLogins Job provides information on successful and failed SQL server logins across all +targeted SQL or Azure SQL servers. + +## Analysis Tasks for the SQL_SQLLogins Job + +Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_SQLLogins > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup28.webp) + +The default analysis tasks are: + +- Calculate user login details – Creates the SA_SQL_UserLogin_Details table accessible under the + job’s Results node +- User Logins Instance Summary – Creates the SA_SQLServer_UserLogins_Summary table accessible under + the job's Results node + +In addition to the tables and views created by the analysis task, the SQL_SQLLogins Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------- | ----------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SQL Logins | This report lists user login information. | None | This report is comprised of three elements: - Bar Chart– Displays number of logins by instance - Table – Provides details on login exceptions by instance - Table – Provides details on SQL logins | diff --git a/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_sysadmins.md b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_sysadmins.md new file mode 100644 index 0000000000..4aa3afa289 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sql_sysadmins.md @@ -0,0 +1,30 @@ +# SQL_SysAdmins Job + +The SQL_SysAdmins Job provides insight into users who have SQL server administration roles across +all targeted SQL or Azure SQL servers. + +## Analysis Tasks for the SQL_SysAdmins Job + +Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_SysAdmins > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup29.webp) + +The default analysis tasks are: + +- Calculate admin details – Creates the SA_SQL_SysAdmins_Details table accessible under the job’s + Results node +- Summarize SysAdmins – Creates the SA_SQL_SysAdmins_InstanceSummary table accessible under the + job’s Results node +- Sys Admin Domain Users - Creates the SA_SQL_SysAdmins_DomainUsers table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis task, the **SQL_SysAdmins Job** produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------- | --------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Admin Summary | This report highlights all principals with the 'sysadmin' role. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by admin count - Table – Provides top instances by admin count - Table – Provides details on admin details - Table – Provides details on domain user admin details | diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/collection/1-dropbox_permissions_scan.md b/docs/accessanalyzer/11.6/solutions/dropbox/collection/1-dropbox_permissions_scan.md new file mode 100644 index 0000000000..34a44bc206 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/collection/1-dropbox_permissions_scan.md @@ -0,0 +1,59 @@ +# 1-Dropbox_Permissions Scan Job + +The 1-Dropbox_Permissions Scan job collects data from the Dropbox environment on access rights, +sharing policies, configurations, and content. + +**CAUTION:** This job should not be run if running sensitive data scans against the Dropbox Business +environment. + +## Queries for the 1-Dropbox_Permissions Scan Job + +The 1-Dropbox_Permissions Scan job has been preconfigured to run with the default settings with the +category of Dropbox Access. + +![Queries for the 1-Dropbox_Permissions Scan Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/permissionsscanquery.webp) + +The query for the 1-Dropbox_Permissions Scan job is: + +- Dropbox Access – Collects the data on access rights, sharing policies, configurations, and content + +### Configure the Dropbox Access Query + +Follow the steps to either generate the access token needed for the Connection Profile (only done +prior to first execution) or to set any desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **Dropbox** > **0.Collection** > **1-Dropbox_Permissions +Scan** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties** to open the Query Properties +window. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Dropbox Access Auditor +Data Collector Wizard opens. + +![Dropbox Access Auditor Data Collector Wizard Scan Options page](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsscanoptionspage.webp) + +**Step 4 –** T Use the Scan Options page ito generate the access token prior to the first execution +of the job group. + +- Remember to copy the access token, either from the textbox or using the **Copy to Clipboard** + button, and use it in the Connection Profile assigned to the Dropbox Solution. Once the access + token has been generated and copied, if no customizations are to be made, click **Cancel** to + close the Dropbox Access Auditor Data Collector wizard. +- See the + [DropboxAccess: Scan Options](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.md) + topic for full instructions on generating the access token + +**Step 5 –** If query customizations are desired, click **Next** to continue. + +![Dropbox Access Auditor Data Collector Wizard Scoping page](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsscopingpage.webp) + +**Step 6 –** On the Scoping page, select whether to scan **All Users** or **Limited Users**. If +**Limited Users** is selected, browse to a CSV file with one email address per row for the desired +users. In the File Permissions section, select the **Collect File Level Permissions** checkbox to +collect permissions at the file level. When finished with this page, click **Next**. + +**Step 7 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 1-Dropbox_Permissions Scan job has now been customized. diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/collection/1-dropbox_sdd_scan.md b/docs/accessanalyzer/11.6/solutions/dropbox/collection/1-dropbox_sdd_scan.md new file mode 100644 index 0000000000..5efd5533ac --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/collection/1-dropbox_sdd_scan.md @@ -0,0 +1,68 @@ +# 1-Dropbox_SDD Scan Job + +The 1-Dropbox_SDD Scan job collects data from the Dropbox environment on access rights, sharing +policies, configurations, content and sensitive data. + +## Queries for the 1-Dropbox_SDD Scan Job + +The 1-Dropbox_SDD Scan job has been preconfigured to run under the default settings within the +category of Scan for Sensitive Content. + +![Queries for the 1-Dropbox_SDD Scan Job](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddscanquery.webp) + +The query for the 1-Dropbox_SDD Scan job is: + +- Sensitive Data Scan – Scans Dropbox for sensitive data + +### Configure the Sensitive Data Scan Query + +Follow the steps to either generate the access token needed for the Connection Profile (only done +prior to first execution) or to set any desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **Dropbox** > **0.Collection** > **1-Dropbox_SDD Scan** > +**Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties** to open the Query Properties +window. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Dropbox Access Auditor +Data Collector Wizard opens. + +![Dropbox Access Auditor Data Collector Wizard Scoping page](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddscopingpage.webp) + +**Step 4 –** On the Scoping page, select whether to scan **All Users** or **Limited Users**. If +**Limited Users** is selected, browse to a CSV file with one email address per row for the desired +users. In the File Permissions section, select the **Collect File Level Permissions** checkbox to +collect permissions at the file level. See the +[DropboxAccess: Scoping](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scoping.md) topic +for additional information. + +![Dropbox Access Auditor Data Collector Wizard DLP Audit Settings page](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sdddlpsettings.webp) + +**Step 5 –** On theDLP Audit Settings page: + +- Modify the maximum file size to be scanned +- Modify file types to be scanned +- Enable storing of discovered match hits +- Enable differential scanning + +See the +[DropboxAccess: DLP Audit Settings](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/dlpauditsettings.md) +topic for additional information. + +![Dropbox Access Auditor Data Collector Wizard Select DLP criteria page](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddselectdlpcriteria.webp) + +**Step 6 –** On the Select DLP Criteria for This Scan page , add or remove criteria as desired. + +- (Optional) Create custom criteria with the **Edit** option. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. + +See the +[DropboxAccess: Select DLP Criteria](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/selectdlpcriteria.md) +topic for additional information. + +**Step 7 –** On the Completion Page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 1-Dropbox_SDD Scan job has now been customized. diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/collection/2-dropbox_permissions_bulk_import.md b/docs/accessanalyzer/11.6/solutions/dropbox/collection/2-dropbox_permissions_bulk_import.md new file mode 100644 index 0000000000..b7772be310 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/collection/2-dropbox_permissions_bulk_import.md @@ -0,0 +1,23 @@ +# 2-Dropbox_Permissions Bulk Import Job + +The 2-Dropbox_Permissions Bulk Import job imports the data collected by the 1-Dropbox _Permissions +Scan job to the Enterprise Auditor database for use by the analysis tasks. + +**CAUTION:** This job should not be run if running sensitive data scans against the Dropbox Business +environment. + +## Queries for the 2-Dropbox_Permissions Bulk Import Job + +The 2-Dropbox_Permissions Bulk Import job has been preconfigured to run with the default settings +with the category of Bulk Import Access Scan Results. + +![Queries for the 2-Dropbox_Permissions Bulk Import Job](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsbulkimportquery.webp) + +The query for the 2-Dropbox_Permissions Bulk Import job is: + +- Dropbox Bulk Import – Imports data collected by the 1-Dropbox_Permissions Scan job to the + Enterprise Auditor database + +There are no customization options available for this job. The Summary page of the Dropbox Access +Auditor Data Collector wizard can be viewed at the **Jobs** > **Dropbox** > **0.Collection** > +**2-Dropbox_Permissions Bulk Import** > **Configure** > **Queries** node. diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/collection/2-dropbox_sdd_bulk_import.md b/docs/accessanalyzer/11.6/solutions/dropbox/collection/2-dropbox_sdd_bulk_import.md new file mode 100644 index 0000000000..aa4837dc1f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/collection/2-dropbox_sdd_bulk_import.md @@ -0,0 +1,20 @@ +# 2-Dropbox_SDD Bulk Import Job + +The 2-Dropbox_SDD Bulk Import job imports the data collected by the 1-Dropbox_SDD Scan job to the +Enterprise Auditor database for use by the analysis tasks. + +## Queries for the 2-Dropbox_SDD Bulk Import Job + +The 2-Dropbox_SDD Bulk Import Job has been preconfigured to run with the default settings with the +category of Bulk Import Sensitive Content Scan. + +![Queries for the 2-Dropbox_SDD Bulk Import Job](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddbulkimportquery.webp) + +The query for the 2-Dropbox_SDD Bulk Import job is: + +- DropboxSDD Bulk Import – Imports data collected by the Dropbox 1-SDD Scan Job into the Enterprise + Auditor database + +There are no customization options available for this job. The Summary page of the Dropbox Access +Auditor Data Collector wizard can be viewed at the **Jobs** > **Dropbox** > **0.Collection** > +**2-Dropbox_SDD Bulk Import** > **Configure** > **Queries** node. diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/collection/overview.md b/docs/accessanalyzer/11.6/solutions/dropbox/collection/overview.md new file mode 100644 index 0000000000..fd7ba36b45 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/collection/overview.md @@ -0,0 +1,46 @@ +# 0.Collection Job Group + +The **Dropbox** > **0.Collection** job group scans the targeted Dropbox site using the DropboxAccess +Data Collector. The collected data is then available to other job groups in the Dropbox solution and +the Access Information Center for analysis. + +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 0.Collection job group is comprised of: + +- [1-Dropbox_Permissions Scan Job](/docs/accessanalyzer/11.6/solutions/dropbox/collection/1-dropbox_permissions_scan.md) + – This job is responsible for scanning the target Dropbox site +- [1-Dropbox_SDD Scan Job](/docs/accessanalyzer/11.6/solutions/dropbox/collection/1-dropbox_sdd_scan.md) + – This job is responsible for scanning sensitive data in the target Dropbox site. The Sensitive + Data Discovery Add-On is required to run this job. The Dropbox sensitive data Discovery Reports in + the Access Information Center are also populated by this data. See the Resource Audits Overview + topic in the + [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) + for additional information. +- [2-Dropbox_Permissions Bulk Import Job](/docs/accessanalyzer/11.6/solutions/dropbox/collection/2-dropbox_permissions_bulk_import.md) + – This job is responsible for importing the collected data into the Enterprise Auditor database +- [2-Dropbox_SDD Bulk Import Job](/docs/accessanalyzer/11.6/solutions/dropbox/collection/2-dropbox_sdd_bulk_import.md) + – This job is responsible for importing the collected sensitive data into the Enterprise Auditor + database. The Sensitive Data Discovery Add-On is required to run this job. The Dropbox sensitive + data Discovery Reports in the Access Information Center are also populated by this data. See the + Resource Audits Overview topic in the + [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) + for additional information. + +The relationship between the scan and bulk import jobs requires the following considerations: + +- A scan job executed from an Enterprise Auditor Console must be followed by the corresponding bulk + import job from the same Enterprise Auditor Console version +- Two scan jobs processing the same information, for example two 1-Dropbox_Permissions Scan jobs, + cannot be executed consecutively against the same target host. The corresponding bulk import job, + for example 2-Dropbox_Permissions Bulk Import job, must be executed in between. +- For the Dropbox Solution, the bulk import jobs require the same connection profile as used in the + corresponding scan jobs + +**_RECOMMENDED:_** When running the sensitive data jobs, disable the permissions jobs, and vice +versa. + +_Remember,_ prior to running the Dropbox Solution for the first time, it is necessary to generate an +access token to be used in the Connection Profile. This only needs to be done once. See the +[Configure the Dropbox Access Query](/docs/accessanalyzer/11.6/solutions/dropbox/collection/1-dropbox_permissions_scan.md#configure-the-dropbox-access-query) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_access.md b/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_access.md new file mode 100644 index 0000000000..78d0634249 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_access.md @@ -0,0 +1,33 @@ +# 1.Access > Dropbox_Access Job + +The Dropbox_Access job provides insight into effective access to resources within the targeted +Dropbox environment, specifically highlighting inactive access rights that can be revoked. It is +dependent on data collected by the 0.Collection job group. This job processes analysis tasks and +generates reports. + +![1.Access > Dropbox_Access Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/accessjobstree.webp) + +The Dropbox_Access job is located in the 1.Access job group. + +## Analysis Tasks for the Dropbox_Access Job + +View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **1.Access** > **Dro +pbox_Access** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Dropbox_Access Job](/img/product_docs/accessanalyzer/11.6/solutions/box/accessanalysis.webp) + +- Get access details – Creates the SA_Dropbox_Access_Details table accessible under the job’s + Results node +- Summarize access details – Creates the SA_Dropbox_Access_Summary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks which display effective access to resources, +the Dropbox_Access job produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Effective Access | This report shows effective access for all files in Dropbox. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays access by team - Table – Provides summary of database access - Table – Provides details on database access | +| Inactive Access | This report identifies instances of inactive access in Dropbox. Inactive access to a shared folder occurs when a user has left the shared folder, but can still rejoin it. | None | This report is comprised of two elements: - Bar Chart – Displays inactive access by team - Table – Provides details on inactive access | diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_content.md b/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_content.md new file mode 100644 index 0000000000..8b3bbc6d12 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_content.md @@ -0,0 +1,69 @@ +# 4.Content > Dropbox_Content Job + +The Dropbox_Content job provides insight into the type, size, and age of the content within the +targeted Dropbox environment. It is dependent on data collected by the 0.Collection job group. This +job processes analysis tasks and generates reports. + +![4.Content > Dropbox_Content Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/content/contentjobstree.webp) + +The Dropbox_Content job is located in the 4.Content job group. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The Dropbox_Content job has the following customizable parameter: + +- Days since File Modification before a file is considered stale + +See the +[Customizable Analysis Tasks for the Dropbox_Content Job](#customizable-analysis-tasks-for-the-dropbox_content-job) +topic for additional information. + +## Analysis Tasks for the Dropbox_Content Job + +View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **4.Content** > +**Dropbox_Content** > **Configure** node and select **Analysis**. + +**CAUTION:** Most of the analysis tasks should not be modified or deselected. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Dropbox_Content Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/contentanalysis.webp) + +- Summarizes content by mimetype, classification – Creates an interim processing table in the + database for use by downstream analysis and report generation +- Determines stale data by owner: + + - By default, a stale file has not been modified in the past 365 days. You can modify this + analysis task to edit this number of days. See the + [Customizable Analysis Tasks for the Dropbox_Content Job](#customizable-analysis-tasks-for-the-dropbox_content-job) + topic for additional information. + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_Dropbox_StaleData_OwnerSummary table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display content details, the +Dropbox_Content job produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Content By Type | This report breaks down Dropbox content by mimetype and classification. | None | This report is comprised of two elements: - Pie Chart – Displays content types by size - Table – Provides details on all content | +| Stale Content | This report identifies stale content within Dropbox by owner. | Stale Data | This report is comprised of three elements: - Stacked Bar Chart – Displays data ownership - Table – Provides summary of content - Table – Provides details on owners | + +### Customizable Analysis Tasks for the Dropbox_Content Job + +The time frame used to define stale content is set by default to 365 days. This can be modified +within the **Determines stale data by owner** analysis task. The customizable parameter feature +enables you to easily set this value. + +| Customizable Parameter Name | Default Value | Value Indicates | +| --------------------------- | ------------- | --------------------------------------------------------------------------------------------- | +| @days_since_modified | 365 | How many days since the last modified day in order for a file to be considered stale content. | + +The parameter can be customized and is listed in a section at the bottom of the SQL Script Editor. +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_groupmembership.md b/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_groupmembership.md new file mode 100644 index 0000000000..7ac596ea62 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_groupmembership.md @@ -0,0 +1,31 @@ +# 3.Group Membership > Dropbox_GroupMembership Job + +The Dropbox_GroupMembership job provides insight into group membership within the targeted Dropbox +environment, highlighting the largest groups. It is dependent on data collected by the 0.Collection +job group. This job processes analysis tasks and generates a report. + +![3.Group Membership > Dropbox_GroupMembership Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/groupmembershipjobstree.webp) + +The Dropbox_GroupMembership job is located in the 3.Group Membership job group. + +## Analysis Tasks for the Dropbox_GroupMembership Job + +View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **3.Group Membership** > +**Dropbox_GroupMembership** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Dropbox_GroupMembership Job](/img/product_docs/accessanalyzer/11.6/solutions/box/groupmembershipanalysis.webp) + +- Get group membership details – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Summarize group membership by team – Creates the SA_Dropbox_GroupMembership_Summary table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display group membership details, the +Dropbox_GroupMembership job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ---------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Membership | This report lists membership and owners for all groups within Dropbox. | None | This report is comprised of three elements: - Bar Chart – Displays largest groups - Table – Provides summary of group membership - Table – Provides details on membership | diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_sensitivedata.md b/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_sensitivedata.md new file mode 100644 index 0000000000..2d7c5bfcda --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_sensitivedata.md @@ -0,0 +1,41 @@ +# 5.Sensitive Data > Dropbox_SensitiveData Job + +The Dropbox_SensitiveData job identifies locations within Dropbox where sensitive data is present. +It analyzes sensitive data collected and imported by the 0.Collection job group, specifically data +discovered by the Dropbox SDD jobs. The generated reports give visibility into the types of +sensitive data found, where it exists, who has access to it, and the sharing policies configured on +it. + +![5.Sensitive Data > Dropbox_SensitiveData Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) + +The Dropbox_SensitiveData job is located in the 5.Sensitive Data job group. + +## Analysis Tasks for the Dropbox_SensitiveData Job + +View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **5.Sensitive Data** > +**Dropbox_SensitiveData** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Dropbox_SensitiveData Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) + +- 1. Enterprise Summary – Creates the SA_Dropbox_SensitiveData_EnterpriseSummary table accessible + under the job’s Results node +- 2. Folder Details – Creates the SA*Dropbox* SensitiveData_FolderDetails table accessible under + the job’s Results node +- 3. Folder Summary – Creates the SA*Dropbox* SensitiveData_FolderSummary table accessible under + the job’s Results node +- 4. Permission Details – Creates the SA*Dropbox* SensitiveData_PermissionDetails table accessible + under the job’s Results node +- 5. Permission Summary – Creates the SA*Dropbox* SensitiveData_PermissionSummary table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks which display effective access to resources, +the Dropbox_SensitiveData job produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report identifies the type and amount of sensitive content found on Dropbox. | None | This report is comprised of two elements: - Pie Chart – Displays criteria summary by match count - Table – Provides criteria summary by match count | +| Folder Details | This report identifies the location of sensitive data, and flags whether or not this data is accessible through open access. | None | This report is comprised of three elements: - Bar Chart – Displays top sensitive folders by file count - Table – Provides top sensitive folders by file count - Table – Provides top sensitive folder details by match count | +| Sensitive Data Permissions | This report identifies the sensitive data locations and associated permissions. | None | This report is comprised of three elements: - Bar Chart – Displays sensitive data permission summary by file count - Table – Provides sensitive data permission summary by file count - Table – Provides sensitive data permissions by match count | diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_sharing.md b/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_sharing.md new file mode 100644 index 0000000000..3db8b7b6e2 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_sharing.md @@ -0,0 +1,34 @@ +# 2.Sharing > Dropbox_Sharing Job + +The Dropbox_Sharing job provides insight into the sharing of resources within the targeted Dropbox +environment. It is dependent on data collected by the 0.Collection job group. This job processes +analysis tasks and generates a report on which resources are being shared and under which policy the +sharing occurs. Best practices often dictate that these resources should be carefully monitored due +to the amount of access to the data. If these resources contain privileged data, the access should +be reevaluated or the sensitive resources relocated. + +![2.Sharing > Dropbox_Sharing Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/dropbox/sharingjobstree.webp) + +The Dropbox_Sharing job is located in the 2.Sharing job group. + +## Analysis Tasks for the Dropbox_Sharing Job + +View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **2.Sharing** > +**Dropbox_Sharing** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Dropbox_Sharing Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/sharinganalysis.webp) + +- Get shared folder details – Creates the SA_Dropbox_Sharing_Details table accessible under the + job’s Results node +- Summarize sharing by team – Creates the SA_Dropbox_Sharing_TeamSummary table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks which display details on shared resources, +the Dropbox_Sharing job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ---------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Shared Files and Folders | This report lists all shares by team, and provides sharing policy and owner information. | None | This report is comprised of three elements: - Bar Chart – Displays shared folders by team - Table – Provides details on shared folders by team - Table – Provides details on shares | diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/overview.md b/docs/accessanalyzer/11.6/solutions/dropbox/overview.md new file mode 100644 index 0000000000..b672e0eb01 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/overview.md @@ -0,0 +1,75 @@ +# Dropbox Solution + +The Dropbox Solution is an auditing, compliance, and governance solution for Dropbox for Business. +Key capabilities include effective access calculation, sensitive data discovery, file content +inspection, inactive access and stale data identification, and entitlement collection for +integration with Identity & Access Management (IAM) processes. + +The Dropbox Solution is designed to offer an overview of an organization’s Dropbox environment by +scanning the targeted Dropbox site. Key information includes: + +- Effective access to Dropbox resources +- Outline of shared Dropbox resources +- Detailed Dropbox group membership +- Breakdown of Dropbox content by size, type, and owner + +Dropbox can scan the contents of over 400 file types to discover which files contain sensitive data +using the Sensitive Data Discovery Add-on. + +Supported Platforms + +- Dropbox + +Requirements, Permissions, and Ports + +See the +[Target Dropbox Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/dropbox.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Location + +The Dropbox Solution requires a special Enterprise Auditor license. It can be installed from the +Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to the solution: +**Jobs** > **Dropbox**. + +The 0.Collection job group collects the data. The other job groups run analyses on the collected +data and generate reports. + +## Job Groups + +The Dropbox Solution offers an overview of an organization’s Dropbox environment by scanning the +targeted Dropbox site. It is comprised of jobs which collect, analyze, and report on data. The data +collection is conducted by the DropboxAccess Data Collector. See the +[Standard Reference Tables & Views for the DropboxAccess Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/standardtables.md) +topic for database table information. + +![Dropbox Solution Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The following jobs comprise the Dropbox Solution: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/dropbox/collection/overview.md) + – Scans the targeted Dropbox site and generates the standard reference tables and views +- [1.Access > Dropbox_Access Job](/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_access.md) + – Reports on effective access to Dropbox resources in the targeted environment +- [2.Sharing > Dropbox_Sharing Job](/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_sharing.md) + – Reports on the sharing of Dropbox resources in the targeted environment +- [3.Group Membership > Dropbox_GroupMembership Job](/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_groupmembership.md) + – Reports on Dropbox group membership in the targeted environment +- [4.Content > Dropbox_Content Job](/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_content.md) + – Reports on Dropbox content by size, type, and owner in the targeted environment +- [5.Sensitive Data > Dropbox_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_sensitivedata.md) + – Reports on sensitive data in the targeted Dropbox site diff --git a/docs/accessanalyzer/11.6/solutions/dropbox/recommended.md b/docs/accessanalyzer/11.6/solutions/dropbox/recommended.md new file mode 100644 index 0000000000..91915ff851 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/dropbox/recommended.md @@ -0,0 +1,109 @@ +# Recommended Configurations for the Dropbox Solution + +The Dropbox Solution requires the host list to be assigned and the Connection Profile configured +before job execution. Once these are assigned to the job group, it can be run directly or scheduled. + +Targeted Hosts + +The Dropbox solution has been configured to inherit the host list assignment from the collection job +group level. + +The host list assignment should be assigned under the **Dropbox** > **0.Collection** > +**Settings** > **Host List Assignment** node. Select the **Local host** option. + +Connection Profile + +The DropboxAccess Data Collector requires a specific set of permissions to generate an access token +which is used to configure the Connection Profile for Dropbox. The access token is generated in the +Dropbox Access Auditor Data Collector Wizard on the Scan Options page (accessed through the +**1-Dropbox_Permissions Scan** job’s **Queries** node). The access token only needs to be generated +once, prior to running the job group for the first time. Then it is used as the credential in the +Connection Profile. See the +[DropboxAccess: Scan Options](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.md) +topic for additional information. + +The Dropbox solution has been configured to inherit the Connection Profile from the collection job +group level. The Connection Profile should be assigned under the **Dropbox** > **0.Collection** > +**Settings** > **Connection** node. It is set to **Use the Default Profile**, as configured at the +global settings level. However, since this may not be the Connection Profile with the necessary +permissions for Dropbox, select the **Select one of the following user defined profiles** option and +select the appropriate Connection Profile from the drop-down menu. See the +[Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/configurejob.md) +topic for additional information on configuring the Dropbox credential. The Dropbox bulk import jobs +requires the same connection profile as used in the corresponding Dropbox scan jobs + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information on creating Connection Profiles. + +Schedule Frequency + +The Dropbox solution can be scheduled to run as desired. + +History Retention + +Not supported and should be turned off. + +Multi Console Support + +Not supported. + +Run Order + +The 0.Collection jobs must be run first and in order. Run the **1-Dropbox_Permissions Scan** job and +then the **2-Dropbox_Permissions Bulk Import** job. For the sensitive data jobs, run the +**1-Dropbox_SDD Scan** job and then the **2-Dropbox_SDD Bulk Import** job. + +**_RECOMMENDED:_** When running the sensitive data jobs, disable the permissions jobs, and vice +versa. + +After running the 0.Collection jobs, the other Dropbox solution job groups can be run in any order. +Best practice is to run at the solution level. + +Query Configuration + +This solution can be run with the default query configurations. The Scoping page of the Dropbox +Access Auditor Data Collector Wizard can be customized to target specific user accounts. See the +[DropboxAccess: Scoping](/docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scoping.md) +topic for additional information. + +Analysis Configuration + +This solution should be run with the default analysis configuration. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this solution. + +Though the analysis tasks should not be deselected the time frame used to define staleness can be +modified: + +- Stale content set to default of 365 days + + - Configured within the **4.Content** > **Dropbox_Content** job + - **Determines stale data by owner** analysis task + - See the + [4.Content > Dropbox_Content Job](/docs/accessanalyzer/11.6/solutions/dropbox/dropbox_content.md) + topic for additional information + +Additional Consideration + +The jobs contained in the solution use custom SQL scripts to render views on collected data. SQL +views are used to populate report element tables and graphs. Changing or modifying the group, job, +or table names will result in no data displayed within the Access Information Center. + +Workflow + +The following is the recommended workflow: + +**Step 1 –** Run the **1-Dropbox_Permissions Scan** job (for sensitive data, run the **1-Dropbox_SDD +Scan** job). + +**Step 2 –** Run the **2-Dropbox_Permissions Bulk Import** job (for sensitive data, run the +**2-Dropbox_SDD Bulk Import** job). + +**Step 3 –** Run the desired corresponding analysis and reporting sub-job groups. + +_Remember,_ prior to running the Dropbox solution for the first time, it is necessary to generate an +access token to be used in the Connection Profile. This only needs to be done once. See the +[Configure the Dropbox Access Query](/docs/accessanalyzer/11.6/solutions/dropbox/collection/1-dropbox_permissions_scan.md#configure-the-dropbox-access-query) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md b/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md deleted file mode 100644 index 55e5a75c96..0000000000 --- a/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md +++ /dev/null @@ -1,276 +0,0 @@ -# AAD_CircularNesting Job - -The AAD_CircularNesting Job identifies circularly nested groups within Microsoft Entra ID which can -pose administrative and operational challenges with identifying effective access to resources. - -## Analysis Tasks for the AAD_CircularNesting Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_CircularNesting** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_CircularNesting Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp) - -The default analysis tasks are: - -- Provide detail on instances of circular nesting – Creates the SA_AAD_CircularNesting_Details table - accessible under the job’s Results node -- Summarize circular nesting by domain – Creates the SA_AAD_Circularnesting_DomainSummary table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_CircularNesting Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ----------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Circular Nesting | This report identifies instances of circular nesting within your environment. | None | This report is comprised of three elements: - Bar Chart– Displays circular nesting by domain - Table – Provides details on circular nesting - Table – Provides details on circular nesting by domain | - -# AAD_DuplicateGroups Job - -The AAD_DuplicateGroups Job identifies duplicate groups within Microsoft Entra ID. Duplicate groups -contain the same group membership as one another and are suitable candidates for cleanup. - -## Analysis Tasks for the AAD_DuplicateGroups Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_DuplicateGroups** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Anaylsis tasks for AAD_DuplicateGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/duplicategroupsanalysis.webp) - -The default analysis tasks are: - -- Identify duplicate groups – Creates the AAD_DuplicateGroups_Details table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_DuplicateGroups Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Duplicate Groups | This report identifies duplicate groups within the audited domains. | None | This report is comprised of one elements: - Bar Chart – Displays domains by number of groups with duplicates - Table – Provides duplicate groups details - Table – Provides details on domains by number of groups with duplicates | - -# AAD_EmptyGroups Job - -The AAD_EmptyGroups Job identifies empty groups within Microsoft Entra ID which are suitable -candidates for consolidation or cleanup. - -## Analysis Tasks for the AAD_EmptyGroups Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_EmptyGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_EmptyGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) - -The default analysis tasks are: - -- Empty Groups – Creates the AAD_EmptyGroups_Empty table accessible under the job’s Results node -- Single User Groups – Creates the AAD_EmptyGroups_SingleUser table accessible under the job’s - Results node -- Empty Group Summary – Creates the AAD_EmptyGroups_EmptySummary table accessible under the job’s - Results node -- Single User Group Summary – Creates the AAD_EmptyGroups_SingleUserSummary table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_EmptyGroups Job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | --------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Empty Groups | This report identifies all groups without any members. | None | This report is comprised of three elements: - Bar Chart – Displays domains by number of empty groups - Table – Provides details on empty groups - Table – Provides details on number of empty groups by domain | -| Single User Groups | This report identifies groups which only contain a single user. | | This report is comprised of three elements: - Bar Chart – Displays top domains by single user group count - Table – Provides details on top domains by single user group count - Table – Provides details on single user group details | - -# AAD_GroupDirSync Job - -The AAD_GroupDirSync Job summarizes on-premises Active Directory syncing in the audited Microsoft -Entra ID environment. - -## Analysis Tasks for the AAD_GroupDirSync Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_GroupDirSync** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_GroupDirSync Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/groupdirsyncanalysis.webp) - -The default analysis tasks are: - -- Calculate group DirSync details – Creates the AAD_GroupDirSync_Details table accessible under the - job’s Results node -- Summarize group DirSync details – Creates the AAD_GroupDirSync_EnterpriseSummary table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_GroupDirSync Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Syncing | This report indicates the sync status of groups within the audited environment. | None | This report is comprised of two elements: - Pie Chart – Displays an enterprise group synching summary - Table – Provides group sync details | - -# AAD_LargestGroups Job - -The AAD_LargestGroups Job identifies groups with large effective member counts. These groups may -cause administrative overhead and burden in being able to easily understand who is getting access to -resources, or how much access is being granted to resources through these groups. - -## Analysis Tasks for the AAD_LargestGroups Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_LargestGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_LargestGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp) - -The default analysis tasks are: - -- Calculate large group details – Creates the AAD_LargestGroups_Details table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_LargestGroups Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------- | -| Largest Groups | This report identifies the largest groups within the audited environment | None | This report is comprised of two elements: - Bar Chart – Displays largest groups - Table – Provides group details | - -# AAD_NestedGroups Job - -The AAD_NestedGroups Job identifies nested groups within Microsoft Entra ID and provides details -such as the levels of nesting. While Microsoft Entra ID provides the ability to nest certain types -of groups within other groups, Microsoft recommends nesting does not go beyond two levels in order -to avoid difficulties in understanding effective membership and access. - -## Analysis Tasks for the AAD_NestedGroups Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_NestedGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_NestedGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp) - -The default analysis tasks are: - -- Get nested group details – Creates the AAD_NestedGroups_Details table accessible under the job’s - Results node -- Summarize nested groups – Creates the AAD_NestedGroups_DomainSummary table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_NestedGroups Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Nested Groups | This report identifies the groups with the largest nested group count, as well as their deepest level of nesting. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by group nesting - Table – Provides nested group details - Tables – Provides details on top domains by group nesting | - -# AAD_ProbableOwners Job - -The AAD_ProbableOwners Job determines potential owners for Microsoft Entra ID Groups which can be -used to perform automated membership reviews and enable self-service group management and membership -requests. - -## Analysis Tasks for the AAD_ProbableOwners Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_ProbableOwners** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_ProbableOwners Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/probableownersanalysis.webp) - -The default analysis tasks are: - -- Calculates group probable owners – Creates the AAD_ProbableOwners_Details table accessible under - the job’s Results node -- Summarizes group probable owners by domain – Creates the AAD_ProbableOwners_DomainSummary table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_ProbableOwners Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------- | -------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Probable Owners | This report identifies the most probable manager based on effective member attributes. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top domains by blank manager field - Table – Provides probable owner details - Tables – Provides details on top domains by blank manager field | - -# AAD_StaleGroups Job - -The AAD_StaleGroups Job identifies Microsoft Entra ID groups that contain potentially stale users. -Users are considered stale if they have never logged onto the domain, have not logged onto the -domain in the past 30 days, or are disabled. These group memberships should be reviewed and possibly -removed. - -## Analysis Tasks for the AAD_StaleGroups Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_StaleGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_StaleGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) - -The default analysis tasks are: - -- Stale Group Details – Creates the AAD_StaleGroups_Details table accessible under the job’s Results - node -- Group Summary – Creates the AAD_StaleGroups_GroupSummary table accessible under the job’s Results - node -- Stale Groups Org Summary – Creates the AAD_StaleGroups_OrgSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the AAD_StaleGroups Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Effective Membership (Stale Groups) | This report identifies groups with stale effective membership. A stale user is defined as someone who has not logged into the domain in over 30 days or is currently disabled. | None | This report is comprised of three elements: - Chart – Displays group membership - Table – Provides group membership details - Tables – Provides stale groups organization summary | - -# 1.Groups Job Group - -The jobs in the 1.Groups group identify group conditions and areas of administrative concern within -Microsoft Entra ID, such as toxic group conditions or synchronization issues. - -![1.Groups Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 1.Groups Job Group are: - -- [AAD_CircularNesting Job](/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md) - – Identifies circularly-nested groups within Microsoft Entra ID which can pose administrative and - operational challenges with identifying effective access to resources -- [AAD_DuplicateGroups Job](/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md) - – Identifies duplicate groups within Microsoft Entra ID. Duplicate groups contain the same group - membership as one another and are suitable candidates for cleanup -- [AAD_EmptyGroups Job](/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md) - – Identifies empty groups within Microsoft Entra ID which are suitable candidates for - consolidation or cleanup -- [AAD_GroupDirSync Job](/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md) - – Summarizes on-premises Active Directory syncing in the audited Microsoft Entra ID environment -- [AAD_LargestGroups Job](/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md) - – Identifies groups with large effective member counts. These types of groups may cause - administrative overhead and burden in being able to easily understand who is getting access to - resources, or how much access is being granted to resources through these groups. -- [AAD_NestedGroups Job](/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md) - – Identifies nested groups within Microsoft Entra ID and provides details such as the levels of - nesting. While Microsoft Entra ID provides the ability to nest certain types of groups within - other groups, Microsoft recommends nesting does not go beyond two levels in order to avoid - difficulties in understanding effective membership and access. -- [AAD_ProbableOwners Job](/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md) - – Determines potential owners for Microsoft Entra ID Groups which can be used to perform automated - membership reviews and enable self-service group management and membership requests -- [AAD_StaleGroups Job](/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md)– - Identifies Microsoft Entra ID groups that contain potentially stale users. Users are considered - stale if they have never logged onto the domain, have not logged onto the domain in the past 30 - days, or are disabled. These group memberships should be reviewed and possibly removed. diff --git a/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md b/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md deleted file mode 100644 index 0d5beb04c2..0000000000 --- a/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md +++ /dev/null @@ -1,296 +0,0 @@ -# Entra ID Solution - -The Entra ID Solution is a comprehensive set of audit jobs and reports that provide the information -regarding Microsoft Entra ID configuration, operational management, and troubleshooting. The jobs -within this group help pinpoint potential areas of administrative and security concerns related to -Microsoft Entra ID users and groups, including syncing with on-premises Active Directory. - -Supported Platforms - -- Microsoft Entra ID (formerly Azure AD) - -Requirements, Permissions, and Ports - -See the -[Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md) -topic for additional information. - -Location - -The Entra ID Solution requires a special Enterprise Auditor license. It can be installed from the -Instant Job Wizard, see the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. Once it has been installed into the Jobs tree, navigate to the -solution: **Jobs** > **Entra ID**. - -The .Entra ID Inventory Job Group collects the data. The Entra ID Job Groups run analysis and -generate reports on the collected data. - -## Job Groups - -![Entra ID Job Group Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The job groups in the Entra ID Solution are: - -- [1.Groups Job Group](/docs/accessanalyzer/11.6/solutions/entra-id/group-analysis.md) - – Identifies group conditions and pinpoints potential areas of administrative concern -- [2.Users Job Group](/docs/accessanalyzer/11.6/solutions/entra-id/user-analysis.md) - – Identifies areas of administrative concern related to Microsoft Entra ID users - -# 1-AAD_Scan Job - -The **1-AAD_Scan** Job is responsible for collecting data from Microsoft Entra ID. This job requires -no additional customizations before being used, but can be scoped to disable collecting sign-in -activity with the scan. - -## Queries for the 1-AAD_Scan Job - -The 1-AAD_Scan job uses the AzureADInventory Data Collector for the following query: - -![Query Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scanqueryselection.webp) - -- AAD Inventory – Targets Microsoft Entra tenants to collect inventory data for user group objects - - _(Optional)_ This query can be modified to specify scan options and to collect custom - attributes. See the [Configure the 1-AAD_Scan Query](#configure-the-1-aad_scan-query) topic - for additional information. - -### Configure the 1-AAD_Scan Query - -The 1-AAD_Scan Job is configured to run with the default settings with the category of Scan Entra -ID. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **.Entra ID Inventory** > **1-AAD_Scan** > **Configure** node and -select **Queries**. - -![Query Properties button on Query Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scanqueryselectionproperties.webp) - -**Step 2 –** In the Query Selection view, click on **Query Properties** to open the Query Properties -window. - -![Query Properties window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scanqueryproperties.webp) - -**Step 3 –** Select the **Data Source** tab, and click **Configure** to open the Entra ID Inventory -DC Wizard. - -![Entra ID Inventory DC Wizard Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptions.webp) - -**Step 4 –** On the Options page, select the different Scan Options as needed: - -- Collect only updates since the last scan – Enables differential scanning. - - **NOTE:** Enabling the Collect Open Extensions option on the Custom Attributes page overrides - this function. - -- Collect sign-in activity with scan – Required to collect the LastLogonTimestamp attribute of user - objects. A message will alert users that deselecting this option will disable this function. -- Collect Directory Audit Events – Collect Microsoft Entra ID audit logs - -![Entra ID Inventory DC Wizard Custom Attributes page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp) - -**Step 5 –** On the Custom Attributes page, click **Add** or **Import** to add or import custom -attributes. - -- Select **Collect Open Extensions** to enable the data collector to collect all extension - attributes in Microsoft Entra ID. Enabling this option will increase scan times. - - **NOTE:** Enabling this option overrides the differential scan setting and will direct the data - controller to run a full scan every time the job is run. - -- See the - [AzureADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) - topic for additional information on adding and importing custom attributes. - -**Step 6 –** Navigate to the Summary page. Click **Finish** to save changes or click **Cancel** to -exit without saving. Then click **OK** to close the Query Properties window. - -The 1-AAD_Scan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 1-AAD_Scan Job - -Navigate to the **.Entra ID Inventory** > **1-AAD_Scan** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for 1-AAD_Scan Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scananalysistasks.webp) - -The default analysis tasks are: - -- Import functions – Imports effective group membership function into the database -- Bring Users View to Console – Enables the SA_AzureADInventory_UsersView to be accessible under the - job’s Results node -- Bring Groups View to Console – Enables the SA_AzureADInventory_GroupsView to be accessible under - the job’s Results node -- Bring Group Members View to Console – Enables the SA_AzureADInventory_GroupMemberssView to be - accessible under the job’s Results node -- Summarize Domains – Creates interim processing tables in the database for use by downstream - analysis and report generation -- Summarize Stats – Creates interim processing tables in the database for use by downstream analysis - and report generation - -In addition to the tables and views listed in the -[Standard Reference Tables & Views for the AzureADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -section, the 1-AAD_Scan Job produces the following preconfigured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Entra ID Summary | This report provides a summary of all audited domains and objects. | None | This report has two elements: - Table – Provides details on general statistics on the Users and groups found with each tenant scanned - Table – Provides details on statistical information for each of these Entra ID objects | - -# 2-AAD_Exceptions Job - -The 2-AAD_Exceptions Job identifies toxic conditions that exist within Microsoft Entra ID which may -leave environments at risk or add unnecessary administrative overhead. - -## Analysis Tasks for the 2-AAD_Exceptions Job - -Navigate to the **.Entra ID Inventory** > **2-AAD_Exceptions** > **Configure** node and select -**Analysis**. Analysis tasks with configuration parameters that define security concerns can be -modified. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and not be -deselected. There are a few which are deselected by default, as they are for troubleshooting -purposes. - -![Analysis Tasks for 2-AAD_Exceptions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/exceptionsanalysistasks.webp) - -The default analysis tasks are: - -- Create Exception Type Table – Creates a processing table in the database for use by downstream - analysis and report generation -- Large Groups - - Identifies groups that exceed the defined threshold for effective group membership - - Populates processing tables in the database for use by downstream analysis and report - generation - - This analysis task has configurable parameters - - Definition of a larger group can be customized -- Deeply Nested Groups - - Identifies groups that exceed the defined threshold of deep levels of membership nesting - - Populates processing tables in the database for use by downstream analysis and report - generation - - This analysis task has configurable parameters - - Definition of a deeply nested group can be customized -- Circular Nesting - - Identifies groups with circular references in their effective membership - - Populates processing tables in the database for use by downstream analysis and report - generation -- Empty Groups - - Identifies groups with no membership - - Populates processing tables in the database for use by downstream analysis and report - generation -- Single Member Groups - - Identifies groups with a single direct member - - Populates processing tables in the database for use by downstream analysis and report - generation -- Stale Users - - Identifies user accounts that are disabled or exceed the defined threshold of inactivity - - Populates processing tables in the database for use by downstream analysis and report - generation - - This analysis task has configurable parameters - - Definition of a stale user can be customized -- Stale Membership - - Identifies groups with a high percentage of effective members that are stale users - - Populates processing tables in the database for use by downstream analysis and report - generation - - This analysis task has configurable parameters - - Definition of a stale membership can be customized -- Display Exceptions View – Creates the SA_AzureADInventory_ExceptionsView accessible under the - job’s Results node - -### Customize Analysis Parameters for the 2-AAD_Exceptions Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| -------------------- | --------------------------- | ------------- | --------------------------------------------------------------------- | -| Large Groups | @LARGE_THRESHOLD | 1000 | A group object with 1000 members or more | -| Deeply Nested Groups | @NESTING_THRESHOLD | 10 | A group object nested 10 levels or deeper within another group object | -| Stale Users | @STALE_THRESHOLD | 30 | A user object that has been inactive for 30 days or more | -| | @INCLUDE_DISABLED | True | A user object that has been disabled | -| Stale Membership | @STALE_THRESHOLD | 10 | A group where 10% of its effective members are stale users | - -See the -[Configure the Analysis Tasks for the 2-AAD_Exceptions Job](#configure-the-analysis-tasks-for-the-2-aad_exceptions-job) -section for instructions to modify parameters. See the -[AzureADInventory Exception Types Translated](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md#azureadinventory-exception-types-translated) -topic for an explanation of Exception Types. - -### Configure the Analysis Tasks for the 2-AAD_Exceptions Job - -Customizable parameters enable Enterprise Auditor users to set the values used to classify user and -group objects during this job’s analysis. The parameters can be customized and are listed in a -section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s -parameters. - -**CAUTION:** Modifying these parameters affects solutions with .Entra ID Inventory Job Group -dependency. - -**Step 1 –** Navigate to the **.Entra ID Inventory** > **2-AAD_Exceptions** > **Configure** node and -select **Analysis**. - -![Analysis Configuration option on Analysis Selection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/exceptionsanalysisconfiguration.webp) - -**Step 2 –** In the Analysis Selection view, select an analysis task and click **Analysis -Configuration**. The SQL Script Editor opens. - -**Step 3 –** Click Parameters to open the Parameters section. - -![Change Parameter Value in SQL Script Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/exceptionssqlscripteditor.webp) - -**Step 4 –** Double-click in a field in the Value column and enter a custom value. - -**CAUTION:** Do not change any parameters where the Value states **Created during execution**. - -**Step 5 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. - -Repeat these steps to customize other analysis tasks for this job. - -# .Entra ID Inventory Solution - -The .Entra ID Inventory Solution is designed to inventory, analyze, and report on Microsoft Entra -ID. It provides essential user and group membership details to the Entra ID Solution. Key -information includes managers, email addresses, and direct memberships. Collected data helps an -organization identify toxic conditions like nested groups, circular nesting, disabled users, and -duplicate groups. The user and group information assists with understanding probable group -ownership, group memberships, largest groups, user status, attribute completion, and synchronization -status between on-premises Active Directory and Microsoft Entra ID. - -Supported Platforms - -- Microsoft Entra ID (formerly Azure AD) - -Requirements, Permissions, and Ports - -See the -[Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/11.6/configuration-guides/directory-services/entra-id.md) -topic for additional information. - -Location - -The .Entra ID Inventory Solution is a core component of all Enterprise Auditor installations. It can -be installed from the Enterprise Auditor Instant Job Wizard. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. Navigate to the solution by expanding the Jobs tree and selecting -the **.Entra ID Inventory** Job Group. This group has been named in such a way to keep it at the top -of the Jobs tree. - -## Jobs - -![.Entra ID Inventory overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The jobs in the .Entra ID Inventory Solution are: - -- [1-AAD_Scan Job](/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md) - – Provides essential Microsoft Entra ID User and Group membership details to several Enterprise - Auditor built-in solution sets. Key information includes user status, user attributes, and group - membership. -- [2-AAD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md) - – Runs analysis on the collected data and identifies toxic conditions that exist within Microsoft - Entra ID which may leave your environment at risk or add unnecessary administrative overhead - -The data collection is conducted by the AzureADInventory Data Collector. See the -[Standard Reference Tables & Views for the AzureADInventory Data Collector](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -topic for database table information. - -**NOTE:** This solution is required for SharePoint Online reports in the Netwrix Access Information -Center. diff --git a/docs/accessanalyzer/11.6/solutions/entra-id/recommended-reports.md b/docs/accessanalyzer/11.6/solutions/entra-id/recommended-reports.md deleted file mode 100644 index 8a9b3838ad..0000000000 --- a/docs/accessanalyzer/11.6/solutions/entra-id/recommended-reports.md +++ /dev/null @@ -1,123 +0,0 @@ -# Recommended Configurations for Entra ID Job Group - -The Entra ID Solution has been configured to inherit down from the job group **Settings** node. The -host list must be assigned and the Connection Profile configured before job execution. Once these -are assigned to the job group, it can be run directly or scheduled. - -Dependencies - -Running the .Entra ID Inventory Job Group provides essential data to the Entra ID Solution. - -Running the .Active Directory Inventory Job Group is required to collect on-premises directory -syncing information. See the -[.Active Directory Inventory Solution](/docs/accessanalyzer/11.6/solutions/active-directory/inventory-reports.md) -topic for additional information. - -Targeted Hosts - -The Entra ID Solution does not require a target host because the jobs use data collected from the -.Entra ID Inventory Job Group and the .Active Directory Inventory Job Group. However, Enterprise -Auditor jobs do not execute successfully without a host list assigned. Assign the host list under -the **Entra ID** > **Settings** > **Host Lists Assignment** node. Check the **Local host** box and -click **Save**. - -Connection Profile - -Since the Entra ID Solution is not collecting any data, a specific connection profile is not -necessary. Therefore, the default setting **Use the Default Profile** is sufficient for this -solution. - -Schedule Frequency - -Schedule the Entra ID Job Group to run on a preferred schedule. - -Optional Configuration - -The Entra ID Solution receives user and group membership information from the .Entra ID Inventory -Solution. Information received includes manager, email addresses, and direct membership. Customize -within the **.Entra ID Inventory** > **2-AAD_Exceptions** Job's Deeply Nested Groups and Large -Groups analysis tasks. - -See the -[.Entra ID Inventory Solution](/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md) -topic for additional information. - -Workflow - -The following is the recommended workflow: - -**Step 1 –** Assign the Local host at the solution level as described above. - -**Step 2 –** Run the .Entra ID Inventory Job Group. If on-premises directory syncing information is -desired, run the .Active Directory Inventory Job Group. - -**Step 3 –** Schedule the solution to run as desired with consideration to the run schedules of the -solutions collecting data. - -**Step 4 –** Review the reports generated by the jobs. - -# Recommended Configurations for the .Entra ID Inventory Job Group - -The .Entra ID Inventory Solution is configured to inherit settings from the Global Settings node. -The host list and connection profile must be assigned before job execution. Once these are assigned -to the job group, it can be run directly or scheduled. - -Dependencies - -This job group does not have dependencies. - -Targeted Hosts - -All Microsoft Entra Tenants. - -Connection Profile - -The Connection Profile is assigned under **.Entra ID Inventory** > **Settings** > **Connection**. It -is set to **Use the Default Profile**, as configured at the global **Settings** level. However, if -this is not the Connection Profile with the necessary permissions for targeting the Microsoft Entra -tenants, select the **Select one of the following user defined profiles** option and select the -appropriate Connection Profile. See the -[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/entra-id/configuration.md) -topic for information. - -History Retention - -Not supported. - -Multi-Console Support - -Not supported. - -Schedule Frequency - -**_RECOMMENDED:_** Schedule the .Entra ID Inventory job group to run once a day. If there are -frequent Microsoft Entra ID changes within the target environment, then it can be executed more -often. It is best to rerun it anytime Entra ID changes might have occurred. - -Run at the Solution Level - -The jobs in the .Entra ID Inventory Job Group should be run together and in order by running the -entire solution, instead of the individual jobs. - -Query Configuration - -Run the solution with the default query configuration for best results. While it is recommended to -make no changes to the -[1-AAD_Scan Job](/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md), -a possible modification might be to scope the query to not collect login activity. - -Analysis Configuration - -Run the solution with the default analysis configuration for best results. However, a possible -modification might be to customize exception analysis parameters within the -[2-AAD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/entra-id/inventory-reports.md). - -Workflow - -The following is the recommended workflow: - -**Step 1 –** Configure and assign the host list and Connection Profile. - -**Step 2 –** Schedule the .Entra ID Inventory job group to run as desired. - -**Step 3 –** Review the reports generated by the .Entra ID Inventory Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/entra-id/user-analysis.md b/docs/accessanalyzer/11.6/solutions/entra-id/user-analysis.md deleted file mode 100644 index 31347185e7..0000000000 --- a/docs/accessanalyzer/11.6/solutions/entra-id/user-analysis.md +++ /dev/null @@ -1,171 +0,0 @@ -# AAD_DirectMembership Job - -The AAD_DirectMembership Job identifies Microsoft Entra ID users who do not have any group -membership. This condition may indicate unnecessary user accounts that are suitable candidates for -review and cleanup. - -## Analysis Tasks for the AAD_DirectMembership Job - -Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_DirectMembership** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AAD_DirectMembership Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/directmembershipanalysis.webp) - -The default analysis tasks are: - -- Get user direct membership details – Creates the AAD_DirectMembership_Details table accessible - under the job’s Results node -- Summarize user direct membership details by domain – Creates the - AAD_DirectoryMembership_DomainSummary table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_DirectMembership Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| No Group Membership | This report identifies users with no group membership. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by users with no group membership - Table – Provides details on all users with no group membership - Tables – Provides details on top domains by users with no group membership | - -# AAD_DisabledUsers Job - -The AAD_DisabledUsers Job identifies disabled user accounts within Microsoft Entra ID. These -accounts should be reviewed and cleaned up in order to increase security and reduce complexity. - -## Analysis Tasks for the AAD_DisabledUsers Job - -Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_DisabledUsers** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AAD_DisabledUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/disabledusersanalysis.webp) - -The default analysis tasks are: - -- Get disabled user account information – Creates the AAD_DisabledUsers_Details table accessible - under the job’s Results node -- Summarize disabled user information – Creates the AAD_DisabledUsers_Summary table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_DisabledUsers Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ---------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Disabled User Accounts | This report identifies disabled user accounts and summarizes them by domain. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays disabled users by domain - Table – Provides user details - Tables – Provides details on disabled users by domain | - -# AAD_StaleUsers Job - -The AAD_StaleUsers Job identifies potentially stale users based on a variety of factors. These -accounts should be reviewed and cleaned up in order to increase security and reduce complexity. - -## Analysis Tasks for the AAD_StaleUsers Job - -Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_StaleUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AAD_StaleUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp) - -The default analysis tasks are: - -- Stale User Details – Creates the AAD_StaleUsers_Details table accessible under the job’s Results - node -- Summarize by Domain – Creates the AAD_StaleUsers_DomainSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the AAD_StaleUsers Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Users | This report identifies user accounts which have not logged into the domain for an extended amount of time or are currently disabled. A user account is considered stale if the last logon is over 30 days ago or is currently disabled. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays users by domain - Table – Provides details on users - Tables – Provides details on users by domain | - -# AAD_UserAttributeCompletion Job - -The AAD_UserAttributeCompletion Job identifies which attributes are present within User fields in -Microsoft Entra ID, and which ones are blank for a majority of objects. This may indicate accounts -within Microsoft Entra ID which are lacking appropriate information. - -## Analysis Tasks for the AAD_UserAttributeCompletion Job - -Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_UserAttributeCompletion** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AAD_UserAttributeCompletion Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/userattributecompletionanalysis.webp) - -The default analysis tasks are: - -- Gets details on user attribute completion, by attribute – Creates the - AAD_UserAttributeCompletion_AttributeDetails table accessible under the job’s Results node -- Gets details on user attribute completion, by user – Creates the - AAD_UserAttributeCompletion_UserDetails table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_UserAttributeCompletion Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Attribute Completion | This report identifies which attributes are present within User fields in Microsoft Entra ID, and which ones are blank for a majority of User objects. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays completeness by attribute - Table – Provides details on users with blank attributes - Tables – Provides details om completeness by attribute | - -# AAD_UserDirSync Job - -The AAD_UserDirSync Job summarizes on-premises Active Directory syncing in the audited Microsoft -Entra ID environment. - -## Analysis Tasks for the AAD_UserDirSync Job - -Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_UserDirSync** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AAD_UserDirSync Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/userdirsyncanalysis.webp) - -The default analysis tasks are: - -- Get user DirSync details – Creates the AAD_UserDirSync_Details table accessible under the job’s - Results node -- Summarize user DirSync details – Creates the AAD_UserDirSync_EnterpriseSummary table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_UserDirSync Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------ | -------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | -| User Syncing | This report indicates the sync status of user accounts within the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays enterprise user synchronization summary - Table – Provides user sync details | - -# 2.Users Job Group - -The jobs in the 2.Users group identify user conditions and pinpoint potential areas of -administrative concerns within Microsoft Entra ID such as disabled or stale users. - -![2.Users Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 2.Users Job Group are: - -- [AAD_DirectMembership Job](/docs/accessanalyzer/11.6/solutions/entra-id/user-analysis.md) - – Identifies Microsoft Entra ID users who do not have any group membership. This condition may - indicate unnecessary user accounts that are suitable candidates for review and cleanup. -- [AAD_DisabledUsers Job](/docs/accessanalyzer/11.6/solutions/entra-id/user-analysis.md) - – Identifies disabled user accounts within Microsoft Entra ID. These accounts should be reviewed - and cleaned up in order to increase security and reduce complexity. -- [AAD_StaleUsers Job](/docs/accessanalyzer/11.6/solutions/entra-id/user-analysis.md)– - Identifies potentially stale users based on a variety of factors. These accounts should be - reviewed and cleaned up in order to increase security and reduce complexity. -- [AAD_UserAttributeCompletion Job](/docs/accessanalyzer/11.6/solutions/entra-id/user-analysis.md)– - Identifies which attributes are present within User fields in Microsoft Entra ID, and which ones - are blank for a majority of objects. This may indicate accounts within Microsoft Entra ID which - are lacking appropriate information. -- [AAD_UserDirSync Job](/docs/accessanalyzer/11.6/solutions/entra-id/user-analysis.md) - – Summarizes on-premises Active Directory syncing in the audited Microsoft Entra ID environment diff --git a/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_circularnesting.md b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_circularnesting.md new file mode 100644 index 0000000000..71797e039a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_circularnesting.md @@ -0,0 +1,28 @@ +# AAD_CircularNesting Job + +The AAD_CircularNesting Job identifies circularly nested groups within Microsoft Entra ID which can +pose administrative and operational challenges with identifying effective access to resources. + +## Analysis Tasks for the AAD_CircularNesting Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_CircularNesting** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_CircularNesting Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp) + +The default analysis tasks are: + +- Provide detail on instances of circular nesting – Creates the SA_AAD_CircularNesting_Details table + accessible under the job’s Results node +- Summarize circular nesting by domain – Creates the SA_AAD_Circularnesting_DomainSummary table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_CircularNesting Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ----------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Circular Nesting | This report identifies instances of circular nesting within your environment. | None | This report is comprised of three elements: - Bar Chart– Displays circular nesting by domain - Table – Provides details on circular nesting - Table – Provides details on circular nesting by domain | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_duplicategroups.md b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_duplicategroups.md new file mode 100644 index 0000000000..2d965a56f8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_duplicategroups.md @@ -0,0 +1,26 @@ +# AAD_DuplicateGroups Job + +The AAD_DuplicateGroups Job identifies duplicate groups within Microsoft Entra ID. Duplicate groups +contain the same group membership as one another and are suitable candidates for cleanup. + +## Analysis Tasks for the AAD_DuplicateGroups Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_DuplicateGroups** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Anaylsis tasks for AAD_DuplicateGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/duplicategroupsanalysis.webp) + +The default analysis tasks are: + +- Identify duplicate groups – Creates the AAD_DuplicateGroups_Details table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_DuplicateGroups Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Duplicate Groups | This report identifies duplicate groups within the audited domains. | None | This report is comprised of one elements: - Bar Chart – Displays domains by number of groups with duplicates - Table – Provides duplicate groups details - Table – Provides details on domains by number of groups with duplicates | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_emptygroups.md b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_emptygroups.md new file mode 100644 index 0000000000..51ef36995f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_emptygroups.md @@ -0,0 +1,32 @@ +# AAD_EmptyGroups Job + +The AAD_EmptyGroups Job identifies empty groups within Microsoft Entra ID which are suitable +candidates for consolidation or cleanup. + +## Analysis Tasks for the AAD_EmptyGroups Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_EmptyGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_EmptyGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) + +The default analysis tasks are: + +- Empty Groups – Creates the AAD_EmptyGroups_Empty table accessible under the job’s Results node +- Single User Groups – Creates the AAD_EmptyGroups_SingleUser table accessible under the job’s + Results node +- Empty Group Summary – Creates the AAD_EmptyGroups_EmptySummary table accessible under the job’s + Results node +- Single User Group Summary – Creates the AAD_EmptyGroups_SingleUserSummary table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_EmptyGroups Job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | --------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Empty Groups | This report identifies all groups without any members. | None | This report is comprised of three elements: - Bar Chart – Displays domains by number of empty groups - Table – Provides details on empty groups - Table – Provides details on number of empty groups by domain | +| Single User Groups | This report identifies groups which only contain a single user. | | This report is comprised of three elements: - Bar Chart – Displays top domains by single user group count - Table – Provides details on top domains by single user group count - Table – Provides details on single user group details | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_groupdirsync.md b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_groupdirsync.md new file mode 100644 index 0000000000..01da4c2465 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_groupdirsync.md @@ -0,0 +1,28 @@ +# AAD_GroupDirSync Job + +The AAD_GroupDirSync Job summarizes on-premises Active Directory syncing in the audited Microsoft +Entra ID environment. + +## Analysis Tasks for the AAD_GroupDirSync Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_GroupDirSync** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_GroupDirSync Job](/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/groupdirsyncanalysis.webp) + +The default analysis tasks are: + +- Calculate group DirSync details – Creates the AAD_GroupDirSync_Details table accessible under the + job’s Results node +- Summarize group DirSync details – Creates the AAD_GroupDirSync_EnterpriseSummary table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_GroupDirSync Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Syncing | This report indicates the sync status of groups within the audited environment. | None | This report is comprised of two elements: - Pie Chart – Displays an enterprise group synching summary - Table – Provides group sync details | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_largestgroups.md b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_largestgroups.md new file mode 100644 index 0000000000..6926dbe725 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_largestgroups.md @@ -0,0 +1,27 @@ +# AAD_LargestGroups Job + +The AAD_LargestGroups Job identifies groups with large effective member counts. These groups may +cause administrative overhead and burden in being able to easily understand who is getting access to +resources, or how much access is being granted to resources through these groups. + +## Analysis Tasks for the AAD_LargestGroups Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_LargestGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_LargestGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp) + +The default analysis tasks are: + +- Calculate large group details – Creates the AAD_LargestGroups_Details table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_LargestGroups Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------- | +| Largest Groups | This report identifies the largest groups within the audited environment | None | This report is comprised of two elements: - Bar Chart – Displays largest groups - Table – Provides group details | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_nestedgroups.md b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_nestedgroups.md new file mode 100644 index 0000000000..3333927779 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_nestedgroups.md @@ -0,0 +1,30 @@ +# AAD_NestedGroups Job + +The AAD_NestedGroups Job identifies nested groups within Microsoft Entra ID and provides details +such as the levels of nesting. While Microsoft Entra ID provides the ability to nest certain types +of groups within other groups, Microsoft recommends nesting does not go beyond two levels in order +to avoid difficulties in understanding effective membership and access. + +## Analysis Tasks for the AAD_NestedGroups Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_NestedGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_NestedGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp) + +The default analysis tasks are: + +- Get nested group details – Creates the AAD_NestedGroups_Details table accessible under the job’s + Results node +- Summarize nested groups – Creates the AAD_NestedGroups_DomainSummary table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_NestedGroups Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Nested Groups | This report identifies the groups with the largest nested group count, as well as their deepest level of nesting. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by group nesting - Table – Provides nested group details - Tables – Provides details on top domains by group nesting | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_probableowners.md b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_probableowners.md new file mode 100644 index 0000000000..87cc4c2f2f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_probableowners.md @@ -0,0 +1,29 @@ +# AAD_ProbableOwners Job + +The AAD_ProbableOwners Job determines potential owners for Microsoft Entra ID Groups which can be +used to perform automated membership reviews and enable self-service group management and membership +requests. + +## Analysis Tasks for the AAD_ProbableOwners Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_ProbableOwners** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_ProbableOwners Job](/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/probableownersanalysis.webp) + +The default analysis tasks are: + +- Calculates group probable owners – Creates the AAD_ProbableOwners_Details table accessible under + the job’s Results node +- Summarizes group probable owners by domain – Creates the AAD_ProbableOwners_DomainSummary table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_ProbableOwners Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------- | -------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Probable Owners | This report identifies the most probable manager based on effective member attributes. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top domains by blank manager field - Table – Provides probable owner details - Tables – Provides details on top domains by blank manager field | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_stalegroups.md b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_stalegroups.md new file mode 100644 index 0000000000..403a6b4a6c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_stalegroups.md @@ -0,0 +1,32 @@ +# AAD_StaleGroups Job + +The AAD_StaleGroups Job identifies Microsoft Entra ID groups that contain potentially stale users. +Users are considered stale if they have never logged onto the domain, have not logged onto the +domain in the past 30 days, or are disabled. These group memberships should be reviewed and possibly +removed. + +## Analysis Tasks for the AAD_StaleGroups Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_StaleGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_StaleGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) + +The default analysis tasks are: + +- Stale Group Details – Creates the AAD_StaleGroups_Details table accessible under the job’s Results + node +- Group Summary – Creates the AAD_StaleGroups_GroupSummary table accessible under the job’s Results + node +- Stale Groups Org Summary – Creates the AAD_StaleGroups_OrgSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the AAD_StaleGroups Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Effective Membership (Stale Groups) | This report identifies groups with stale effective membership. A stale user is defined as someone who has not logged into the domain in over 30 days or is currently disabled. | None | This report is comprised of three elements: - Chart – Displays group membership - Table – Provides group membership details - Tables – Provides stale groups organization summary | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/groups/overview.md b/docs/accessanalyzer/11.6/solutions/entraid/groups/overview.md new file mode 100644 index 0000000000..1a48c269f9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/groups/overview.md @@ -0,0 +1,36 @@ +# 1.Groups Job Group + +The jobs in the 1.Groups group identify group conditions and areas of administrative concern within +Microsoft Entra ID, such as toxic group conditions or synchronization issues. + +![1.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 1.Groups Job Group are: + +- [AAD_CircularNesting Job](/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_circularnesting.md) + – Identifies circularly-nested groups within Microsoft Entra ID which can pose administrative and + operational challenges with identifying effective access to resources +- [AAD_DuplicateGroups Job](/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_duplicategroups.md) + – Identifies duplicate groups within Microsoft Entra ID. Duplicate groups contain the same group + membership as one another and are suitable candidates for cleanup +- [AAD_EmptyGroups Job](/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_emptygroups.md) + – Identifies empty groups within Microsoft Entra ID which are suitable candidates for + consolidation or cleanup +- [AAD_GroupDirSync Job](/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_groupdirsync.md) + – Summarizes on-premises Active Directory syncing in the audited Microsoft Entra ID environment +- [AAD_LargestGroups Job](/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_largestgroups.md) + – Identifies groups with large effective member counts. These types of groups may cause + administrative overhead and burden in being able to easily understand who is getting access to + resources, or how much access is being granted to resources through these groups. +- [AAD_NestedGroups Job](/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_nestedgroups.md) + – Identifies nested groups within Microsoft Entra ID and provides details such as the levels of + nesting. While Microsoft Entra ID provides the ability to nest certain types of groups within + other groups, Microsoft recommends nesting does not go beyond two levels in order to avoid + difficulties in understanding effective membership and access. +- [AAD_ProbableOwners Job](/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_probableowners.md) + – Determines potential owners for Microsoft Entra ID Groups which can be used to perform automated + membership reviews and enable self-service group management and membership requests +- [AAD_StaleGroups Job](/docs/accessanalyzer/11.6/solutions/entraid/groups/aad_stalegroups.md)– + Identifies Microsoft Entra ID groups that contain potentially stale users. Users are considered + stale if they have never logged onto the domain, have not logged onto the domain in the past 30 + days, or are disabled. These group memberships should be reviewed and possibly removed. diff --git a/docs/accessanalyzer/11.6/solutions/entraid/overview.md b/docs/accessanalyzer/11.6/solutions/entraid/overview.md new file mode 100644 index 0000000000..0513b63945 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/overview.md @@ -0,0 +1,38 @@ +# Entra ID Solution + +The Entra ID Solution is a comprehensive set of audit jobs and reports that provide the information +regarding Microsoft Entra ID configuration, operational management, and troubleshooting. The jobs +within this group help pinpoint potential areas of administrative and security concerns related to +Microsoft Entra ID users and groups, including syncing with on-premises Active Directory. + +Supported Platforms + +- Microsoft Entra ID (formerly Azure AD) + +Requirements, Permissions, and Ports + +See the +[Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/11.6/config/entraid/overview.md) +topic for additional information. + +Location + +The Entra ID Solution requires a special Enterprise Auditor license. It can be installed from the +Instant Job Wizard, see the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. Once it has been installed into the Jobs tree, navigate to the +solution: **Jobs** > **Entra ID**. + +The .Entra ID Inventory Job Group collects the data. The Entra ID Job Groups run analysis and +generate reports on the collected data. + +## Job Groups + +![Entra ID Job Group Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The job groups in the Entra ID Solution are: + +- [1.Groups Job Group](/docs/accessanalyzer/11.6/solutions/entraid/groups/overview.md) + – Identifies group conditions and pinpoints potential areas of administrative concern +- [2.Users Job Group](/docs/accessanalyzer/11.6/solutions/entraid/users/overview.md) + – Identifies areas of administrative concern related to Microsoft Entra ID users diff --git a/docs/accessanalyzer/11.6/solutions/entraid/recommended.md b/docs/accessanalyzer/11.6/solutions/entraid/recommended.md new file mode 100644 index 0000000000..0c4c7b42cd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/recommended.md @@ -0,0 +1,57 @@ +# Recommended Configurations for Entra ID Job Group + +The Entra ID Solution has been configured to inherit down from the job group **Settings** node. The +host list must be assigned and the Connection Profile configured before job execution. Once these +are assigned to the job group, it can be run directly or scheduled. + +Dependencies + +Running the .Entra ID Inventory Job Group provides essential data to the Entra ID Solution. + +Running the .Active Directory Inventory Job Group is required to collect on-premises directory +syncing information. See the +[.Active Directory Inventory Solution](/docs/accessanalyzer/11.6/solutions/activedirectoryinventory/overview.md) +topic for additional information. + +Targeted Hosts + +The Entra ID Solution does not require a target host because the jobs use data collected from the +.Entra ID Inventory Job Group and the .Active Directory Inventory Job Group. However, Enterprise +Auditor jobs do not execute successfully without a host list assigned. Assign the host list under +the **Entra ID** > **Settings** > **Host Lists Assignment** node. Check the **Local host** box and +click **Save**. + +Connection Profile + +Since the Entra ID Solution is not collecting any data, a specific connection profile is not +necessary. Therefore, the default setting **Use the Default Profile** is sufficient for this +solution. + +Schedule Frequency + +Schedule the Entra ID Job Group to run on a preferred schedule. + +Optional Configuration + +The Entra ID Solution receives user and group membership information from the .Entra ID Inventory +Solution. Information received includes manager, email addresses, and direct membership. Customize +within the **.Entra ID Inventory** > **2-AAD_Exceptions** Job's Deeply Nested Groups and Large +Groups analysis tasks. + +See the +[.Entra ID Inventory Solution](/docs/accessanalyzer/11.6/solutions/entraidinventory/overview.md) +topic for additional information. + +Workflow + +The following is the recommended workflow: + +**Step 1 –** Assign the Local host at the solution level as described above. + +**Step 2 –** Run the .Entra ID Inventory Job Group. If on-premises directory syncing information is +desired, run the .Active Directory Inventory Job Group. + +**Step 3 –** Schedule the solution to run as desired with consideration to the run schedules of the +solutions collecting data. + +**Step 4 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/entraid/users/aad_directmembership.md b/docs/accessanalyzer/11.6/solutions/entraid/users/aad_directmembership.md new file mode 100644 index 0000000000..5d401bb6c6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/users/aad_directmembership.md @@ -0,0 +1,29 @@ +# AAD_DirectMembership Job + +The AAD_DirectMembership Job identifies Microsoft Entra ID users who do not have any group +membership. This condition may indicate unnecessary user accounts that are suitable candidates for +review and cleanup. + +## Analysis Tasks for the AAD_DirectMembership Job + +Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_DirectMembership** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AAD_DirectMembership Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/directmembershipanalysis.webp) + +The default analysis tasks are: + +- Get user direct membership details – Creates the AAD_DirectMembership_Details table accessible + under the job’s Results node +- Summarize user direct membership details by domain – Creates the + AAD_DirectoryMembership_DomainSummary table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_DirectMembership Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| No Group Membership | This report identifies users with no group membership. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by users with no group membership - Table – Provides details on all users with no group membership - Tables – Provides details on top domains by users with no group membership | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/users/aad_disabledusers.md b/docs/accessanalyzer/11.6/solutions/entraid/users/aad_disabledusers.md new file mode 100644 index 0000000000..97ffd35b7b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/users/aad_disabledusers.md @@ -0,0 +1,28 @@ +# AAD_DisabledUsers Job + +The AAD_DisabledUsers Job identifies disabled user accounts within Microsoft Entra ID. These +accounts should be reviewed and cleaned up in order to increase security and reduce complexity. + +## Analysis Tasks for the AAD_DisabledUsers Job + +Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_DisabledUsers** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AAD_DisabledUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/disabledusersanalysis.webp) + +The default analysis tasks are: + +- Get disabled user account information – Creates the AAD_DisabledUsers_Details table accessible + under the job’s Results node +- Summarize disabled user information – Creates the AAD_DisabledUsers_Summary table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_DisabledUsers Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ---------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Disabled User Accounts | This report identifies disabled user accounts and summarizes them by domain. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays disabled users by domain - Table – Provides user details - Tables – Provides details on disabled users by domain | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/users/aad_staleusers.md b/docs/accessanalyzer/11.6/solutions/entraid/users/aad_staleusers.md new file mode 100644 index 0000000000..5677873189 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/users/aad_staleusers.md @@ -0,0 +1,28 @@ +# AAD_StaleUsers Job + +The AAD_StaleUsers Job identifies potentially stale users based on a variety of factors. These +accounts should be reviewed and cleaned up in order to increase security and reduce complexity. + +## Analysis Tasks for the AAD_StaleUsers Job + +Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_StaleUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AAD_StaleUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/staleusersanalysis.webp) + +The default analysis tasks are: + +- Stale User Details – Creates the AAD_StaleUsers_Details table accessible under the job’s Results + node +- Summarize by Domain – Creates the AAD_StaleUsers_DomainSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the AAD_StaleUsers Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Users | This report identifies user accounts which have not logged into the domain for an extended amount of time or are currently disabled. A user account is considered stale if the last logon is over 30 days ago or is currently disabled. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays users by domain - Table – Provides details on users - Tables – Provides details on users by domain | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/users/aad_userattributecompletion.md b/docs/accessanalyzer/11.6/solutions/entraid/users/aad_userattributecompletion.md new file mode 100644 index 0000000000..a09d8e5875 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/users/aad_userattributecompletion.md @@ -0,0 +1,29 @@ +# AAD_UserAttributeCompletion Job + +The AAD_UserAttributeCompletion Job identifies which attributes are present within User fields in +Microsoft Entra ID, and which ones are blank for a majority of objects. This may indicate accounts +within Microsoft Entra ID which are lacking appropriate information. + +## Analysis Tasks for the AAD_UserAttributeCompletion Job + +Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_UserAttributeCompletion** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AAD_UserAttributeCompletion Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/userattributecompletionanalysis.webp) + +The default analysis tasks are: + +- Gets details on user attribute completion, by attribute – Creates the + AAD_UserAttributeCompletion_AttributeDetails table accessible under the job’s Results node +- Gets details on user attribute completion, by user – Creates the + AAD_UserAttributeCompletion_UserDetails table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_UserAttributeCompletion Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Attribute Completion | This report identifies which attributes are present within User fields in Microsoft Entra ID, and which ones are blank for a majority of User objects. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays completeness by attribute - Table – Provides details on users with blank attributes - Tables – Provides details om completeness by attribute | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/users/aad_userdirsync.md b/docs/accessanalyzer/11.6/solutions/entraid/users/aad_userdirsync.md new file mode 100644 index 0000000000..1c3fd37ca9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/users/aad_userdirsync.md @@ -0,0 +1,28 @@ +# AAD_UserDirSync Job + +The AAD_UserDirSync Job summarizes on-premises Active Directory syncing in the audited Microsoft +Entra ID environment. + +## Analysis Tasks for the AAD_UserDirSync Job + +Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_UserDirSync** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AAD_UserDirSync Job](/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/userdirsyncanalysis.webp) + +The default analysis tasks are: + +- Get user DirSync details – Creates the AAD_UserDirSync_Details table accessible under the job’s + Results node +- Summarize user DirSync details – Creates the AAD_UserDirSync_EnterpriseSummary table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_UserDirSync Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------ | -------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | +| User Syncing | This report indicates the sync status of user accounts within the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays enterprise user synchronization summary - Table – Provides user sync details | diff --git a/docs/accessanalyzer/11.6/solutions/entraid/users/overview.md b/docs/accessanalyzer/11.6/solutions/entraid/users/overview.md new file mode 100644 index 0000000000..71833fbbf0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraid/users/overview.md @@ -0,0 +1,24 @@ +# 2.Users Job Group + +The jobs in the 2.Users group identify user conditions and pinpoint potential areas of +administrative concerns within Microsoft Entra ID such as disabled or stale users. + +![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 2.Users Job Group are: + +- [AAD_DirectMembership Job](/docs/accessanalyzer/11.6/solutions/entraid/users/aad_directmembership.md) + – Identifies Microsoft Entra ID users who do not have any group membership. This condition may + indicate unnecessary user accounts that are suitable candidates for review and cleanup. +- [AAD_DisabledUsers Job](/docs/accessanalyzer/11.6/solutions/entraid/users/aad_disabledusers.md) + – Identifies disabled user accounts within Microsoft Entra ID. These accounts should be reviewed + and cleaned up in order to increase security and reduce complexity. +- [AAD_StaleUsers Job](/docs/accessanalyzer/11.6/solutions/entraid/users/aad_staleusers.md)– + Identifies potentially stale users based on a variety of factors. These accounts should be + reviewed and cleaned up in order to increase security and reduce complexity. +- [AAD_UserAttributeCompletion Job](/docs/accessanalyzer/11.6/solutions/entraid/users/aad_userattributecompletion.md)– + Identifies which attributes are present within User fields in Microsoft Entra ID, and which ones + are blank for a majority of objects. This may indicate accounts within Microsoft Entra ID which + are lacking appropriate information. +- [AAD_UserDirSync Job](/docs/accessanalyzer/11.6/solutions/entraid/users/aad_userdirsync.md) + – Summarizes on-premises Active Directory syncing in the audited Microsoft Entra ID environment diff --git a/docs/accessanalyzer/11.6/solutions/entraidinventory/1-aad_scan.md b/docs/accessanalyzer/11.6/solutions/entraidinventory/1-aad_scan.md new file mode 100644 index 0000000000..0ec6983f3b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraidinventory/1-aad_scan.md @@ -0,0 +1,99 @@ +# 1-AAD_Scan Job + +The **1-AAD_Scan** Job is responsible for collecting data from Microsoft Entra ID. This job requires +no additional customizations before being used, but can be scoped to disable collecting sign-in +activity with the scan. + +## Queries for the 1-AAD_Scan Job + +The 1-AAD_Scan job uses the AzureADInventory Data Collector for the following query: + +![Query Selection page](/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scanqueryselection.webp) + +- AAD Inventory – Targets Microsoft Entra tenants to collect inventory data for user group objects + - _(Optional)_ This query can be modified to specify scan options and to collect custom + attributes. See the [Configure the 1-AAD_Scan Query](#configure-the-1-aad_scan-query) topic + for additional information. + +### Configure the 1-AAD_Scan Query + +The 1-AAD_Scan Job is configured to run with the default settings with the category of Scan Entra +ID. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **.Entra ID Inventory** > **1-AAD_Scan** > **Configure** node and +select **Queries**. + +![Query Properties button on Query Selection page](/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scanqueryselectionproperties.webp) + +**Step 2 –** In the Query Selection view, click on **Query Properties** to open the Query Properties +window. + +![Query Properties window](/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scanqueryproperties.webp) + +**Step 3 –** Select the **Data Source** tab, and click **Configure** to open the Entra ID Inventory +DC Wizard. + +![Entra ID Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardoptions.webp) + +**Step 4 –** On the Options page, select the different Scan Options as needed: + +- Collect only updates since the last scan – Enables differential scanning. + + **NOTE:** Enabling the Collect Open Extensions option on the Custom Attributes page overrides + this function. + +- Collect sign-in activity with scan – Required to collect the LastLogonTimestamp attribute of user + objects. A message will alert users that deselecting this option will disable this function. +- Collect Directory Audit Events – Collect Microsoft Entra ID audit logs + +![Entra ID Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp) + +**Step 5 –** On the Custom Attributes page, click **Add** or **Import** to add or import custom +attributes. + +- Select **Collect Open Extensions** to enable the data collector to collect all extension + attributes in Microsoft Entra ID. Enabling this option will increase scan times. + + **NOTE:** Enabling this option overrides the differential scan setting and will direct the data + controller to run a full scan every time the job is run. + +- See the + [AzureADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/overview.md) + topic for additional information on adding and importing custom attributes. + +**Step 6 –** Navigate to the Summary page. Click **Finish** to save changes or click **Cancel** to +exit without saving. Then click **OK** to close the Query Properties window. + +The 1-AAD_Scan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 1-AAD_Scan Job + +Navigate to the **.Entra ID Inventory** > **1-AAD_Scan** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for 1-AAD_Scan Job](/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scananalysistasks.webp) + +The default analysis tasks are: + +- Import functions – Imports effective group membership function into the database +- Bring Users View to Console – Enables the SA_AzureADInventory_UsersView to be accessible under the + job’s Results node +- Bring Groups View to Console – Enables the SA_AzureADInventory_GroupsView to be accessible under + the job’s Results node +- Bring Group Members View to Console – Enables the SA_AzureADInventory_GroupMemberssView to be + accessible under the job’s Results node +- Summarize Domains – Creates interim processing tables in the database for use by downstream + analysis and report generation +- Summarize Stats – Creates interim processing tables in the database for use by downstream analysis + and report generation + +In addition to the tables and views listed in the +[Standard Reference Tables & Views for the AzureADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/standardtables.md) +section, the 1-AAD_Scan Job produces the following preconfigured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Entra ID Summary | This report provides a summary of all audited domains and objects. | None | This report has two elements: - Table – Provides details on general statistics on the Users and groups found with each tenant scanned - Table – Provides details on statistical information for each of these Entra ID objects | diff --git a/docs/accessanalyzer/11.6/solutions/entraidinventory/2-aad_exceptions.md b/docs/accessanalyzer/11.6/solutions/entraidinventory/2-aad_exceptions.md new file mode 100644 index 0000000000..3b8f92c4d7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraidinventory/2-aad_exceptions.md @@ -0,0 +1,107 @@ +# 2-AAD_Exceptions Job + +The 2-AAD_Exceptions Job identifies toxic conditions that exist within Microsoft Entra ID which may +leave environments at risk or add unnecessary administrative overhead. + +## Analysis Tasks for the 2-AAD_Exceptions Job + +Navigate to the **.Entra ID Inventory** > **2-AAD_Exceptions** > **Configure** node and select +**Analysis**. Analysis tasks with configuration parameters that define security concerns can be +modified. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and not be +deselected. There are a few which are deselected by default, as they are for troubleshooting +purposes. + +![Analysis Tasks for 2-AAD_Exceptions Job](/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/exceptionsanalysistasks.webp) + +The default analysis tasks are: + +- Create Exception Type Table – Creates a processing table in the database for use by downstream + analysis and report generation +- Large Groups + - Identifies groups that exceed the defined threshold for effective group membership + - Populates processing tables in the database for use by downstream analysis and report + generation + - This analysis task has configurable parameters + - Definition of a larger group can be customized +- Deeply Nested Groups + - Identifies groups that exceed the defined threshold of deep levels of membership nesting + - Populates processing tables in the database for use by downstream analysis and report + generation + - This analysis task has configurable parameters + - Definition of a deeply nested group can be customized +- Circular Nesting + - Identifies groups with circular references in their effective membership + - Populates processing tables in the database for use by downstream analysis and report + generation +- Empty Groups + - Identifies groups with no membership + - Populates processing tables in the database for use by downstream analysis and report + generation +- Single Member Groups + - Identifies groups with a single direct member + - Populates processing tables in the database for use by downstream analysis and report + generation +- Stale Users + - Identifies user accounts that are disabled or exceed the defined threshold of inactivity + - Populates processing tables in the database for use by downstream analysis and report + generation + - This analysis task has configurable parameters + - Definition of a stale user can be customized +- Stale Membership + - Identifies groups with a high percentage of effective members that are stale users + - Populates processing tables in the database for use by downstream analysis and report + generation + - This analysis task has configurable parameters + - Definition of a stale membership can be customized +- Display Exceptions View – Creates the SA_AzureADInventory_ExceptionsView accessible under the + job’s Results node + +### Customize Analysis Parameters for the 2-AAD_Exceptions Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| -------------------- | --------------------------- | ------------- | --------------------------------------------------------------------- | +| Large Groups | @LARGE_THRESHOLD | 1000 | A group object with 1000 members or more | +| Deeply Nested Groups | @NESTING_THRESHOLD | 10 | A group object nested 10 levels or deeper within another group object | +| Stale Users | @STALE_THRESHOLD | 30 | A user object that has been inactive for 30 days or more | +| | @INCLUDE_DISABLED | True | A user object that has been disabled | +| Stale Membership | @STALE_THRESHOLD | 10 | A group where 10% of its effective members are stale users | + +See the +[Configure the Analysis Tasks for the 2-AAD_Exceptions Job](#configure-the-analysis-tasks-for-the-2-aad_exceptions-job) +section for instructions to modify parameters. See the +[AzureADInventory Exception Types Translated](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/standardtables.md#azureadinventory-exception-types-translated) +topic for an explanation of Exception Types. + +### Configure the Analysis Tasks for the 2-AAD_Exceptions Job + +Customizable parameters enable Enterprise Auditor users to set the values used to classify user and +group objects during this job’s analysis. The parameters can be customized and are listed in a +section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s +parameters. + +**CAUTION:** Modifying these parameters affects solutions with .Entra ID Inventory Job Group +dependency. + +**Step 1 –** Navigate to the **.Entra ID Inventory** > **2-AAD_Exceptions** > **Configure** node and +select **Analysis**. + +![Analysis Configuration option on Analysis Selection page](/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/exceptionsanalysisconfiguration.webp) + +**Step 2 –** In the Analysis Selection view, select an analysis task and click **Analysis +Configuration**. The SQL Script Editor opens. + +**Step 3 –** Click Parameters to open the Parameters section. + +![Change Parameter Value in SQL Script Editor](/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/exceptionssqlscripteditor.webp) + +**Step 4 –** Double-click in a field in the Value column and enter a custom value. + +**CAUTION:** Do not change any parameters where the Value states **Created during execution**. + +**Step 5 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. + +Repeat these steps to customize other analysis tasks for this job. diff --git a/docs/accessanalyzer/11.6/solutions/entraidinventory/overview.md b/docs/accessanalyzer/11.6/solutions/entraidinventory/overview.md new file mode 100644 index 0000000000..9d76ee78e8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraidinventory/overview.md @@ -0,0 +1,49 @@ +# .Entra ID Inventory Solution + +The .Entra ID Inventory Solution is designed to inventory, analyze, and report on Microsoft Entra +ID. It provides essential user and group membership details to the Entra ID Solution. Key +information includes managers, email addresses, and direct memberships. Collected data helps an +organization identify toxic conditions like nested groups, circular nesting, disabled users, and +duplicate groups. The user and group information assists with understanding probable group +ownership, group memberships, largest groups, user status, attribute completion, and synchronization +status between on-premises Active Directory and Microsoft Entra ID. + +Supported Platforms + +- Microsoft Entra ID (formerly Azure AD) + +Requirements, Permissions, and Ports + +See the +[Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/11.6/config/entraid/overview.md) +topic for additional information. + +Location + +The .Entra ID Inventory Solution is a core component of all Enterprise Auditor installations. It can +be installed from the Enterprise Auditor Instant Job Wizard. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. Navigate to the solution by expanding the Jobs tree and selecting +the **.Entra ID Inventory** Job Group. This group has been named in such a way to keep it at the top +of the Jobs tree. + +## Jobs + +![.Entra ID Inventory overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The jobs in the .Entra ID Inventory Solution are: + +- [1-AAD_Scan Job](/docs/accessanalyzer/11.6/solutions/entraidinventory/1-aad_scan.md) + – Provides essential Microsoft Entra ID User and Group membership details to several Enterprise + Auditor built-in solution sets. Key information includes user status, user attributes, and group + membership. +- [2-AAD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/entraidinventory/2-aad_exceptions.md) + – Runs analysis on the collected data and identifies toxic conditions that exist within Microsoft + Entra ID which may leave your environment at risk or add unnecessary administrative overhead + +The data collection is conducted by the AzureADInventory Data Collector. See the +[Standard Reference Tables & Views for the AzureADInventory Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/standardtables.md) +topic for database table information. + +**NOTE:** This solution is required for SharePoint Online reports in the Netwrix Access Information +Center. diff --git a/docs/accessanalyzer/11.6/solutions/entraidinventory/recommended.md b/docs/accessanalyzer/11.6/solutions/entraidinventory/recommended.md new file mode 100644 index 0000000000..277ece7139 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/entraidinventory/recommended.md @@ -0,0 +1,65 @@ +# Recommended Configurations for the .Entra ID Inventory Job Group + +The .Entra ID Inventory Solution is configured to inherit settings from the Global Settings node. +The host list and connection profile must be assigned before job execution. Once these are assigned +to the job group, it can be run directly or scheduled. + +Dependencies + +This job group does not have dependencies. + +Targeted Hosts + +All Microsoft Entra Tenants. + +Connection Profile + +The Connection Profile is assigned under **.Entra ID Inventory** > **Settings** > **Connection**. It +is set to **Use the Default Profile**, as configured at the global **Settings** level. However, if +this is not the Connection Profile with the necessary permissions for targeting the Microsoft Entra +tenants, select the **Select one of the following user defined profiles** option and select the +appropriate Connection Profile. See the +[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/configurejob.md) +topic for information. + +History Retention + +Not supported. + +Multi-Console Support + +Not supported. + +Schedule Frequency + +**_RECOMMENDED:_** Schedule the .Entra ID Inventory job group to run once a day. If there are +frequent Microsoft Entra ID changes within the target environment, then it can be executed more +often. It is best to rerun it anytime Entra ID changes might have occurred. + +Run at the Solution Level + +The jobs in the .Entra ID Inventory Job Group should be run together and in order by running the +entire solution, instead of the individual jobs. + +Query Configuration + +Run the solution with the default query configuration for best results. While it is recommended to +make no changes to the +[1-AAD_Scan Job](/docs/accessanalyzer/11.6/solutions/entraidinventory/1-aad_scan.md), +a possible modification might be to scope the query to not collect login activity. + +Analysis Configuration + +Run the solution with the default analysis configuration for best results. However, a possible +modification might be to customize exception analysis parameters within the +[2-AAD_Exceptions Job](/docs/accessanalyzer/11.6/solutions/entraidinventory/2-aad_exceptions.md). + +Workflow + +The following is the recommended workflow: + +**Step 1 –** Configure and assign the host list and Connection Profile. + +**Step 2 –** Schedule the .Entra ID Inventory job group to run as desired. + +**Step 3 –** Review the reports generated by the .Entra ID Inventory Job Group. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_activesync.md b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_activesync.md new file mode 100644 index 0000000000..62c39f799e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_activesync.md @@ -0,0 +1,66 @@ +# ActiveSync > EX_ActiveSync Job + +The EX_ActiveSync job provides visibility into ActiveSync Traffic in the Organization. + +![ActiveSync > EX_ActiveSync Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/activesyncjobstree.webp) + +The EX_ActiveSync job is located in the ActiveSync job group. + +## Analysis Tasks for the EX_ActiveSync Job + +View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **ActiveSync** > +**EX_ActiveSync** > **Configure** node and select **Analysis**. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or +deselected. There are some that are deselected by default, as they are for troubleshooting purposes. + +![Analysis Tasks for the EX_ActiveSync Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/activesyncanalysis.webp) + +The following analysis tasks are selected by default: + +- 01b. Active Sync Data – Creates the SA_EX_ActiveSync_Details table, accessible under the job’s + Results node +- 2. Last Week Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation +- 3. User Device History – Creates the SA_EX_ActiveSync_UserDeviceHistory table, accessible under + the job’s Results node +- 4. Device Population – Creates the SA_EX_ActiveSync_DevicePopulation table, accessible under the + job’s Results node +- 5. Users Ranked – Creates the SA_EX_ActiveSync_UsersRanked table accessible, under the job’s + Results node +- 6. Servers Ranked – Creates the SA_EX_ActiveSync_ServersRanked table accessible, under the job’s + Results node +- 7. SET HISTORY RETENTION – Sets retention period in months + + - The default is **6 months**. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +The following analysis task deletes table data from the analysis jobs. This analysis task should +remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Deletes all History** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. Delete all History + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +The following analysis task updates the table to clean the data so that any UserAgent information +that is returned as NULL is updated based on existing data in the table: + +- 01a. Clean NULL UserAgent – Updates UserAgent information which was returned as NULL based on + existing data + +In addition to the tables and views created by the analysis tasks, the EX_ActiveSync Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Device Types (Device Population) | This report identifies what device models are currently being used with ActiveSync, and the average load they put on the environment each day. | None | This report is comprised of two elements: - Bar Chart – Displays most popular devices - Table – Provides details on most popular devices | +| Server Traffic (Top Servers by Average Daily Traffic) | This report ranks CAS servers by volume of ActiveSync traffic. | None | This report is comprised of two elements: - Bar Chart – Displays top users by average daily traffic - Table – Provides details on top users by average daily traffic | +| Top Users (Top Users by Average Daily Traffic) | This report shows the top users of ActiveSync. | None | This report is comprised of two elements: - Bar Chart – Displays top users by average daily traffic - Table – Provides details on top users by average daily traffic | +| User Devices (User Phones) | This report identifies all devices which have been associated with a User, and the time frames when they were used. | None | This report is comprised of one element: - Table – Provides details on user devices | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md new file mode 100644 index 0000000000..944d5de22b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md @@ -0,0 +1,81 @@ +# EX_ASPolicies Job + +The EX_ASPolicies Job provides insight into what policies are enabled for which users. + +## Queries for the EX_ASPolicies Job + +The EX_ASPolicies Job uses the ExchangePS Data Collector. + +![Queries for the EX_ASPolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/aspoliciesquery.webp) + +The following query is included in the EX_ASPolicies Job. + +- Exchange Settings – Collects user policy information + + - By default set to search all mailboxes. However, it can be scoped. + - See the [Scope the ExchangePS Data Collector](#scope-the-exchangeps-data-collector) topic for + additional information + +### Scope the ExchangePS Data Collector + +The ExchangePS Data Collector can be scoped if desired. + +Follow the steps to scope the ExchangePS Data Collector: + +**Step 1 –** Navigate to job’s **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the Exchange Settings query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The ExchangePS Data Collector +Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. + +![ExchangePS Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +**Step 4 –** Navigate to the Scope page, and select the desired scoping method from those available. +See the +[ExchangePS: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.md) topic +for additional information. + +- Scope by Database – Select the **Scope by Database Target Host: Local Host** option. Then, click + **Next** and identify the desired databases on the Scope by Databases page. See the + [ExchangePS: Scope by DB](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopedatabases.md) topic + for additional information. +- Scope by Mailbox – Select the **Scope by Mailbox Target Host: Local Host** option. Then, click + **Next** and identify the desired mailboxes on the Scope by Mailboxes page. See the + [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopemailboxes.md) topic + for additional information. +- Scope by Server – Select the **Scope by Server Target Host: Exchange MB Server** option. The job + returns results for specific servers selected in job’s **Configure** > **Hosts** node. +- Scope by Public Folder – Select the **Scope by Public Folder** option. Then, click **Next** and + identify the desired mailboxes on the Scope by Public Folders page. See the + [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfolders.md) topic + for additional information. +- _Remember,_ the scoping options available vary based on the pre-defined query configurations. + +**Step 5 –** Navigate to the Summary page. Click **Finish**. + +The job applies the modification to future job executions. + +## Analysis Tasks for the EX_ASPolicies Job + +View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **EX_ASPolicies** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_ASPolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/aspoliciesanalysis.webp) + +The following analysis task is selected by default: + +- 1. Update Nulls – Updates the NULLs in the table to show information + +In addition to the tables and views created by the analysis task, the EX_ASPolicies Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------- | +| User ActiveSync Policies (ActiveSync Settings) | Exchange introduced many ActiveSync policies and settings which can be applied to users. This report identifies which users have these settings enabled. | None | This report is comprised of two elements: - Pie Chart – Displays ActiveSync Policies - Table – Provides details ActiveSync Policies | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_iislogs.md b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_iislogs.md new file mode 100644 index 0000000000..9a71fd8d40 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_iislogs.md @@ -0,0 +1,57 @@ +# 0.Collection > EX_IISLogs Job + +The 0.Collection > EX_IISLogs Job provides data collection to be utilized in the ActiveSync, Outlook +Web Access, and Outlook Anywhere Reports. This job goes out to each server that contains the +IIS Logs and parses the log to return the data to the Enterprise Auditor database. + +![0.Collection > EX_IISLogs Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The EX_IISLogs job is located in the 0.Collection Job Group. + +## Queries for the EX_IISLogs Job + +The EX_IISLogs Job uses the SMARTLog Data Collector. + +![Queries for the EX_IISLogs Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/iislogsquery.webp) + +The following query is included in the EX_IISLogs Job: + +- IIS Logs – Collects IIS Logs + + - By default set to process log files for the last 3 days. This time frame can be modified + - See the [Configure the IIS Logs Query](#configure-the-iis-logs-query) topic for additional + information + +### Configure the IIS Logs Query + +The EX_IISLogs Job has been preconfigured to run with the default settings with the Log Type of +Internet Information Server Log. However, the time frame for the log files to be processed can be +modified on the Target Log page of the SMART Log DC Wizard. See the +[SMARTLog Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/overview.md) +topic for additional information. + +Follow the steps to modify the query configuration. + +**Step 1 –** Navigate to the **Exchange** > **2. CAS Metrics** > **0. Collection** > +**EX_IISLogs** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The SMART Log DC Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The other wizard pages are pre-configured for this +job. + +![SMART Log DC Wizard Target Log page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/smartlogdctargetlog.webp) + +**Step 4 –** Navigate to the Target Log page, and configure the time frame as required. See the +[SMARTLog: Target Log](/docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlog.md) +topic for additional information. + +_Remember,_ if the date range configuration includes data older than the last scan, the **Persist +Log State** checkbox on the Log State page must be disabled. + +**Step 5 –** Navigate to the Summary page. Click **Finish**. + +The EX_IISLogs Job applies the modifications to future job executions. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_owatraffic.md b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_owatraffic.md new file mode 100644 index 0000000000..7168b4e49a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_owatraffic.md @@ -0,0 +1,53 @@ +# Outlook Web Access > EX_OWATraffic Job + +The EX_OWATraffic Job provides visibility into Outlook Web Access Traffic in the organization. + +![Outlook Web Access > EX_OWATraffic Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp) + +The EX_OWATraffic job is located in the Outlook Web Access Job Group. + +## Analysis Tasks for the EX_OWATraffic Job + +View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **Outlook Web +Access** > **EX_OWATraffic** > **Configure** node and select **Analysis**. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified ordeselected. +There is one that is deselected by default, as it is for troubleshooting purposes. + +![Analysis Tasks for the EX_OWATraffic Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/owatrafficanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. OWA Traffic – Creates the SA_EX_OWATraffic_Details table, accessible under the job’s Results + node +- 2. User Summary – Creates the SA_EX_OWATraffic_UserSummary table, accessible under the job’s + Results node +- 3. Server View – Creates the SA_EX_OWATraffic_ServerSummary table, accessible under the job’s + Results node +- 4. Server View – Creates the SA_EX_OWATraffic_ServerRanked table, accessible under the job’s + Results node +- 5. SET HISTORY RETENTION – Sets retention period in months + + - By default it is set to retain 6 months. This can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Delete all History** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. Deletes all History - LEAVE UNCHECKED – Clears all historical data + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_OWATraffic Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------------- | -------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Top Servers by Average Load | This report shows servers with the highest average load. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by average daily user count - Table – Provides details on top servers by average daily user count | +| Top Users (Outlook Web Access Traffic) | This report identifies top users of OWA. | None | This report is comprised of two elements: - Bar Chart – Displays top users - Table – Provides details on top users | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_rpctraffic.md b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_rpctraffic.md new file mode 100644 index 0000000000..ac5604fccb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_rpctraffic.md @@ -0,0 +1,55 @@ +# Outlook Anywhere > EX_RPCTraffic Job + +The EX_RPCTraffic job provides visibility into Outlook Anywhere or RPC\HTTPs Traffic in the +organization. + +![Outlook Anywhere > EX_RPCTraffic Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/outlookanywherejobstree.webp) + +The EX_RPCTraffic job is located in the Outlook Anywhere job group. + +## Analysis Tasks for the EX_RPCTraffic Job + +View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **Outlook +Anywhere** > **EX_RPCTraffic** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_RPCTraffic Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/rpctrafficanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. RPC View – Creates the SA_EX_RPCTraffic_Details table, accessible under the job’s Results + node +- 2. User Summary – Creates the SA_EX_RPCTraffic_UserSummary table, accessible under the job’s + Results node +- 3. Server View – Creates the SA_EX_RPCTraffic_ServerSummary table, accessible under the job’s + Results node +- 4. Servers Ranked – Creates the SA_EX_RPCTraffic_ServerRanked table, accessible under the job’s + Results node +- 5. SET HISTORY RETENTION – Sets retention period in months + + - The default is 6 months. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +The following analysis tasks deletes table data from data collection and analysis jobs. These +analysis tasks should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Delete all History** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. Delete all History - LEAVE UNCHECKED – Clears all historical data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_RPCTraffic Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------------------------------------------- | -------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Top Servers by Average Load ( Top Servers by Average Daily User Count) | This report shows servers with the highest average load. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top servers by average daily user count - Table – Provides details on top servers by average daily user count | +| Top Users (Outlook Anywhere Traffic) | This report identifies top users of Outlook Anywhere. | None | This report is comprised of two elements: - Bar Chart – Displays top users - Table – Provides details on top users | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/overview.md new file mode 100644 index 0000000000..40865c6fef --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/overview.md @@ -0,0 +1,30 @@ +# 2.CAS Metrics Job Group + +The 2. CAS Metrics Job Group is comprised of data collection, analysis and reports that focus on +remote connections (Outlook Web Access, ActiveSync, and Outlook Anywhere Access) occurring within +your organization. This job group goes out to each server that contains the IIS Logs and parses the +logs to return the data to the Enterprise Auditor database. + +![2.CAS Metrics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 2.CAS Metrics Job Group are: + +- [0.Collection > EX_IISLogs Job](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_iislogs.md) + – Provides data collection to be utilized in the ActiveSync, Outlook Web Access, and Outlook + Anywhere Reports. This job group goes out to each server that contains the IIS Logs and parses the + logs to return the data to the Enterprise Auditor database. +- [ActiveSync > EX_ActiveSync Job](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_activesync.md) + – Provides visibility into ActiveSync Traffic in the Organization +- [Outlook Anywhere > EX_RPCTraffic Job](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_rpctraffic.md) + – Provides visibility into Outlook Anywhere or RPC\HTTPs Traffic in the organization +- [Outlook Web Access > EX_OWATraffic Job](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_owatraffic.md) + – Provides visibility into Outlook Web Access Traffic in the organization +- [EX_ASPolicies Job](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md) + – Comprised of data collection and a report to show information about what policies are enabled + for which users + + **NOTE:** An actual CAS name is required for the data collection. When targeting Exchange 2013 + or 2016, it is possible for the **Settings** > **Exchange** node to have been configured with a + web address instead of an actual server. See the + [ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/11.6/solutions/exchange/recommended.md) + topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/recommended.md b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/recommended.md new file mode 100644 index 0000000000..df5350eebf --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/recommended.md @@ -0,0 +1,92 @@ +# Recommended Configurations for the 2. CAS Metrics Job Group + +Dependencies + +The following job groups need to be successfully run: + +- .Active Directory Inventory Job Group +- .Entra ID Inventory Job Group + +Targeted Hosts + +The 0. Collection Job Group has been set to run against the following default dynamic host list: + +- Exchange CAS Servers + +The EX_ASPolicies Job has been set to run against the following default dynamic host list: + +- Exchange MB Servers + +**NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which meet +the host inventory criteria for the list. Ensure the appropriate host lists have been populated +through host inventory results. + +**_RECOMMENDED:_** Modify hosts lists only in the 0. Collection Job Group or EX_ASPolicies Job. + +Connection Profile + +A Connection Profile must be set directly on the EX_IISLogs Job and the EX_ASPolicies Job. + +See the +[Exchange Remote Connections Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/remoteconnections.md) +topic for the EX_IISLogs Job required permissions. See the +[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) +topic for the EX_ASPolicies Job requirements. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +This job group has been designed to run daily one hour after the 1.HUB Metrics Job Group to process +and collect the previous day’s message tracking logs. + +**_RECOMMENDED:_** Run this Job Group at 2:00 AM. + +History Retention + +History retention should not be enabled on this job group. History is kept through analysis tasks. +Modify the following analysis tasks to customize the amount of history which is kept. + +| Job Name | Analysis Task Name | Default History | +| ------------- | --------------------- | --------------- | +| EX_ActiveSync | SET HISTORY RETENTION | 6 Months | +| EX_RPCTraffic | SET HISTORY RETENTION | 6 Months | +| EX_OWATraffic | SET HISTORY RETENTION | 6 Months | + +Query Configuration + +The 2. CAS Metrics Job Group is designed to be run with the default query configurations. However, +the following queries can be modified: + +- **0. Collection** > **EX_IISLogs** Job – **IIS Logs** Query +- **EX_ASPolicies** Job – **Exchange Settings** Query + +No other queries should be modified. + +Analysis Configuration + +The 2. CAS Metrics Job Group should be run with the default analysis configurations. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or +deselected. There are some that are deselected by default, as they are for troubleshooting purposes. + +The following analysis tasks should not be deselected, but their parameters can be modified: + +- **ActiveSync** > **EX_ActiveSync** Job – **07. SET HISTORY RETENTION** Analysis Task +- **Outlook Anywhere** > **EX_RPCTraffic** Job – **05. SET HISTORY RETENTION** Analysis Task +- **Outlook Web Access** > **OWATraffic** Job – **05. SET HISTORY RETENTION** Analysis Task + +Workflow + +**Step 1 –** Set a Connection Profile on the jobs which run data collection. + +**Step 2 –** Ensure the prerequisite **1. HUB Metrics** job group is successfully executed. + +**Step 3 –** Schedule the **2. CAS Metrics** job group to run daily one hour after running the 1. +HUB Metrics job group. + +**_RECOMMENDED:_** Run Job group at 2:00 AM. + +**Step 4 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/ex_dbinfo.md b/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/ex_dbinfo.md new file mode 100644 index 0000000000..12011a25a8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/ex_dbinfo.md @@ -0,0 +1,28 @@ +# 1.Local > EX_DBInfo Job + +The EX_DBInfo job utilizes Exchange PowerShell to gather 2010/2013 Mailbox Size information. + +![1.Local > EX_DBInfo Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/localjobstree.webp) + +The EX_DBInfo job is located in the 1.Local job group. + +**NOTE:** An actual CAS name is required for the data collection. When targeting Exchange 2013 or +2016, it is possible for the **Settings** > **Exchange** node to have been configured with a web +address instead of an actual server. See the +[ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/11.6/solutions/exchange/recommended.md) +topic for additional information. + +## Queries for the EX_DBInfo Job + +The EX_DBInfo Job uses the ExchangePS Data Collector. + +![Queries for the EX_DBInfo Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/dbinfoquery.webp) + +The following query is included in the EX_DBInfo Job: + +- Exchange 2010 Store Size – Collects mailbox size information + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information diff --git a/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/ex_pfinfo.md b/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/ex_pfinfo.md new file mode 100644 index 0000000000..a7a9f145b2 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/ex_pfinfo.md @@ -0,0 +1,20 @@ +# 2.PF > EX_PFInfo Job + +The EX_PFInfo job utilizes MAPI to gather Public Folder Database Information focusing on database +sizing, growth, and trends. + +![2.PF > EX_PFInfo Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/pfjobstree.webp) + +The EX_PFInfo job is located in the 2.PF job group. + +## Queries for the EX_PFInfo Job + +The EX_PFInfo Job uses the Exchange2K Data Collector for the query. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Queries for the EX_PFInfo Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/pfinfoquery.webp) + +The following query is included in the EX_PFInfo Job: + +- Exchange Public Store Information – Collects Exchange Public Store information diff --git a/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/overview.md new file mode 100644 index 0000000000..7f02d98fd3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/overview.md @@ -0,0 +1,14 @@ +# 0.Collection Job Group + +The 0.Collection Job Group is comprised of data collection, analysis, and reports that focus on +database sizing, growth, and trends. + +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The jobs in the 0.Collection Job Group are: + +- [1.Local > EX_DBInfo Job](/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/ex_dbinfo.md) + – Utilizes Exchange PowerShell to gather 2010/2013 Mailbox Size Information +- [2.PF > EX_PFInfo Job](/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/ex_pfinfo.md) + – Utilizes MAPI to gather Public Folder Database Information focusing on database sizing, growth, + and trends diff --git a/docs/accessanalyzer/11.6/solutions/exchange/databases/ex_dbsizing.md b/docs/accessanalyzer/11.6/solutions/exchange/databases/ex_dbsizing.md new file mode 100644 index 0000000000..ecf7db8765 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/databases/ex_dbsizing.md @@ -0,0 +1,54 @@ +# EX_DBSizing Job + +The EX_DBSizing Job provides visibility into current database sizes, growth statistics, and +historical sizing information. + +## Analysis Tasks for the EX_DBSizing Job + +View the analysis tasks by navigating to the **Exchange** > **3. Databases** > **EX_DBSizing** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_DBSizing Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/dbsizinganalysis.webp) + +The following analysis tasks are selected by default: + +- 2. Database Size History – Creates the SA_EX_DBSizing_SizeHist table, accessible under the job’s + Results node +- SET HISTORY RETENTION – Sets retention period in months + + - The default is 6 months. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +- 3. Database details table – Creates the SA_EX_DBSizing_StoreDetails table, accessible under the + job’s Results node +- 4. 30 day Database growth table – Creates the SA_EX_DBSizing_30DayGrowth table, accessible under + the job’s Results node +- 5. 7 day Database growth table – Creates the SA_EX_DBSizing_7DayGrowth table, accessible under + the job’s Results node + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 1. Deletes all Stored Data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_DBSizing Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Details (Storage Group Details) | This report provides the details of Mailbox Stores grouped by Server, then Storage Group. This report helps administrators locate Storage Groups that may be growing out of control. If a storage group with very few users is extremely large, further investigation may be required. | None | This report is comprised of two elements: - Bar Chart – Displays database sizes - Table – Provides details on database sizes | +| Database Growth Statistics | This report displays the top 10 Databases that grew over the last 30 days in pure MB. This report is filtered on the Rank Column for Top 10 and may be modified to fit any desired Top outcome. | None | This report is comprised of four elements: - Stacked Bar Chart – Displays store size growth - Stacked Bar Chart – Displays WhiteSpace growth - Table – Provides details on store size growth - Table – Provides details on WhiteSpace growth | +| Historical Database Information | This report shows the history of the store size, white space, mailbox count, and hard drive space on all targeted servers. | None | This report is comprised of one element: - Table – Displays details on historical store information | +| Mailbox Counts by Database | This report graphically displays the number of Mailboxes by Database.  It provides an overall picture of the Exchange Mailbox Environment. Having a clear break down of the number of mailboxes per database allows for better planning of architecture in the future. | None | This report is comprised of two elements: - Bar Chart – Displays mailbox counts by database - Table – Provides details on mailbox counts by database | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/databases/ex_dbtrending.md b/docs/accessanalyzer/11.6/solutions/exchange/databases/ex_dbtrending.md new file mode 100644 index 0000000000..fbe4ed8f80 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/databases/ex_dbtrending.md @@ -0,0 +1,33 @@ +# EX_DBTrending + +The EX_DBTrending Job creates trend projections for mailbox and public folder databases for the +entire organization. + +## Analysis Tasks for the EX_DBTrending Job + +View the analysis tasks by navigating to the **Exchange** > **3. Databases** > **EX_DBTrending** > +**Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_DBTrending Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/dbtrendinganalysis.webp) + +The following analysis tasks are selected by default: + +- 0. Drop tables – Drops tables from previous runs +- 1. Store size history – Creates the SA_EX_DBTrending_History table, accessible under the job’s + Results node +- 2. Trend Mailbox Database – Creates the SA_EX_DBTrending_MBTREND table, accessible under the + job’s Results node +- 3. Trend Public Store – Creates the SA_EX_DBTrending_PFTREND table, accessible under the job’s + Results node +- 4. Modify Runtime to be Date – Modifies the runtime for the SA_EX_DBTrending_MBTREND table and + the SA_EX_DBTrending_PFTREND table, to be set to a month/day/year (mdy) date format + +In addition to the tables and views created by the analysis tasks, the EX_DBTrending Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------- | +| Capacity Planning - Databases | This report displays the growth rate trend of your private stores and the growth rate trend of your public stores.  The trend is projected for two months. These reports help identify bad trends in growth on Exchange servers for hard drive space usage is key in avoiding running out of space. | None | This report is comprised of two elements: - Line Chart – Displays private store trend - Line Chart – Displays public store trend | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/databases/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/databases/overview.md new file mode 100644 index 0000000000..77dd196a46 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/databases/overview.md @@ -0,0 +1,26 @@ +# 3.Databases Job Group + +The 3. Databases Job Group is comprised of data collection, analyses, and reports that focus on +database sizing, growth, and trends. + +![3.Databases Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following comprise the 3. Databases Job Group: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/exchange/databases/collection/overview.md) + – Comprised of data collection, analysis, and reports that focus on database sizing, growth, and + trends +- [EX_DBSizing Job](/docs/accessanalyzer/11.6/solutions/exchange/databases/ex_dbsizing.md) + – Comprised of analyses and reports which provide information on current database sizes, growth + statistics, and historical sizing information +- [EX_DBTrending](/docs/accessanalyzer/11.6/solutions/exchange/databases/ex_dbtrending.md) + – Creates trend projections for mailbox and public folder databases for the entire organization + +The 3. Databases Job Group uses a MAPI-based data collector, Exchange2K. Therefore, it requires both +Enterprise Auditor MAPI CDO and Microsoft Exchange MAPI CDO to be installed on the Enterprise +Auditor Console server. Once these have been installed, the **Settings** > **Exchange** node must be +configured for proper connection to the Exchange server. + +See the +[Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/databases/recommended.md b/docs/accessanalyzer/11.6/solutions/exchange/databases/recommended.md new file mode 100644 index 0000000000..cbecad7a3b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/databases/recommended.md @@ -0,0 +1,81 @@ +# Recommended Configurations for the 3. Databases Job Group + +Dependencies + +This job group requires the following items to be installed and configured on the Enterprise Auditor +Console: + +- Microsoft MAPI CDO installed +- Enterprise Auditor MAPI CDO installed +- **Settings** > **Exchange** node configured + +Targeted Hosts + +The **0. Collection** > **1. Local** job group has been set to run against: + +- Local host + +The **0. Collection** > **2. PF** job group has been set to run against the following default +dynamic host list: + +- Exchange MB Servers + +**NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which meet +the host inventory criteria for the list. Ensure the appropriate host lists have been populated +through host inventory results. + +Connection Profile + +A Connection Profile must be set directly on the EX_DBInfo Job and the EX_PFInfo Job. See the +[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) +topic for the Ex_DBInfo Job required permissions. See the +[MAPI-Based Data Collector Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/mapi.md) +topic for the EX_PFInfo Job requirements. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +This job group has been designed to run daily to collect information about the size of databases in +the environment. + +**_RECOMMENDED:_** Run this Job Group at 3:00 AM. + +History Retention + +History retention should not be enabled on this job group. History is kept through analysis tasks. +Modify the following analysis tasks to customize the amount of history which is kept: + +| Job Name | Analysis Task Name | Default History | +| ----------- | --------------------- | --------------- | +| EX_DBSizing | SET HISTORY RETENTION | 6 Months | + +Query Configuration + +The 3. Databases Job Group is designed to be run with the default query configurations. However, the +following query can be modified: + +- **0.Collection** > **1. Local** > **EX_DBInfo** Job – **Exchange 2010 Store Size** Query + +No other queries should be modified. + +Analysis Configuration + +The 3. Databases Job Group should be run with the default analysis configurations. + +**CAUTION:** Most of the analysis tasks are preconfigured and should never be modified or +deselected. There are some that are deselected by default, as they are for troubleshooting purposes. + +The following analysis task should not be deselected, but the parameters can be modified: + +- **EX_DBSizing** Job – **SET HISTORY RETENTION** Analysis Task + +Workflow + +**Step 1 –** Set a Connection Profile on the jobs that run data collection. + +**Step 2 –** Schedule the 3. Databases Job Group to run daily. + +**Step 3 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md b/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md deleted file mode 100644 index 678425aab5..0000000000 --- a/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md +++ /dev/null @@ -1,239 +0,0 @@ -# EX_DLCleanup Job - -The EX_DLCleanup job identifies potentially stale Distribution Groups based on the last domain logon -of the members, membership counts, and last time mail was sent to the distribution lists. These DLs -should be reviewed and cleaned up. - -## Analysis Tasks for the EX_DLCleanup Job - -View the analysis task by navigating to the **Exchange** > **6. Distribution Lists** > -**EX_DLCleanup** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_DLCleanup Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/dlcleanupanalysis.webp) - -The following analysis task is selected by default: - -- 1. DL Cleanup – Creates the SA_EX_GroupCleanup_GroupSummary table, accessible under the job’s - Results node - -In addition to the tables and views created by the analysis task, the EX_DLCleanup job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------- | -| Distribution List Cleanup (Distribution List Overview) | This report identifies common issues which may affect distribution list group membership. | None | This report is comprised of one element: - Table – Provides a distribution list overview | - -# Effective Membership > EX_GroupExpansion Job - -The EX_GroupExpansion job expands the direct membership of distribution groups in the environment. - -![Effective Membership > EX_GroupExpansion Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/effectivemembershipjobstree.webp) - -The EX_GroupExpansion job is located in the Effective Membership job group. - -## Analysis Tasks for the EX_GroupExpansion Job - -View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Effective -Membership** > **EX_GroupExpansion** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_GroupExpansion Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/groupexpansionanalysis.webp) - -The following analysis tasks are selected by default: - -- Drop Tables – Drops all previously-created tables and creates the group expansion function -- 1a. Expand Distribution Groups – Expands the distribution group’s direct members -- 2. Create Group Membership View – Creates an interim processing table in the database for use by - downstream analysis and report generation - -# EX_CircularNesting Job - -The EX_CircularNesting job identifies where circular nesting exists within distribution groups. - -## Analysis Tasks for the EX_CircularNesting Job - -View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership -Analysis** > **EX_CircularNesting** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_CircularNesting Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Circular Nesting Details – Creates the SA_EX_CircularNesting_Details table, accessible under - the job’s Results node -- 2. Domain Summary – Creates the SA_EX_CircularNesting_DomainSummary table, accessible under the - job’s Results node - -# EX_EmptyGroups Job - -The EX_EmptyGroups job identifies empty distribution groups that are candidates for cleanup. - -## Analysis Tasks for the EX_EmptyGroups Job - -View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership -Analysis** > **EX_EmptyGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_EmptyGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- 0. Drop tables – Drops tables from previous runs -- 1. Empty Groups – Creates the SA_EX_EmptyGroups_Empty table, accessible under the job’s Results - node -- 2. Single User Groups – Creates the SA_EX_EmptyGroups_SingleUser table, accessible under the - job’s Results node -- 3. Summarize Empty Groups – Creates the SA_EX_EmptyGroups_EmptySummary table, accessible under - the job’s Results node -- 4. Summarize Single User Groups – Creates the SA_EX_EmptyGroups_SingleUserSummary table, - accessible under the job’s Results node - -# EX_LargestGroups Job - -The EX_LargestGroups job identifies distribution groups with a high member count. - -## Analysis Tasks for the EX_LargestGroups Job - -View the analysis task by navigating to the **Exchange** > **6. Distribution Lists** > **Membership -Analysis** > **EX_LargestGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_LargestGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp) - -The following analysis task is selected by default: - -- 1. Group Details – Creates the SA_EX_LargestGroups_Details table, accessible under the job’s - Results node - -# EX_NestedGroups Job - -The EX_NestedGroups job identifies where nesting exists within distribution groups. - -## Analysis Tasks for the EX_NestedGroups Job - -View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership -Analysis** > **EX_NestedGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_NestedGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Details – Creates the SA_EX_NestedGroups_Details table, accessible under the job’s Results - node -- 2. Summarize by Domain – Creates the SA_EX_NestedGroups_DomainSummary table, accessible under - the job’s Results node - -# EX_StaleGroups Job - -The EX_StaleGroups job identifies potentially stale distribution groups based on the last domain -logon of the members. These groups should be reviewed and cleaned up. - -## Analysis Tasks for the EX_StaleGroups Job - -View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership -Analysis** > **EX_StaleGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_StaleGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Stale User Details – Creates the SA_EX_StaleGroups_Details table, accessible under the job’s - Results node -- 2. Group Summary – Creates the SA_EX_StaleGroups_GroupSummary table, accessible under the job’s - Results node -- 3. Stale Groups – Creates an interim processing table in the database, for use by downstream - analysis and report generations - -# Membership Analysis Job Group - -The Membership Analysis job group provides visibility into toxic conditions contained with the -environment, such as circular nesting, large groups, empty groups, nesting, and potentially stale -groups. - -![Membership Analysis Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp) - -The jobs in the Membership Analysis job group are: - -- [EX_CircularNesting Job](/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md) - – Identifies where circular nesting exists within distribution groups -- [EX_EmptyGroups Job](/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md) - – Identifies empty distribution groups that are candidates for cleanup -- [EX_LargestGroups Job](/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md) - – Identifies distribution groups with a high member count -- [EX_NestedGroups Job](/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md) - – Identifies where nesting exists within distribution groups -- [EX_StaleGroups Job](/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md) - – Identifies potentially stale distribution groups based on the last domain logon of the members. - These groups should be reviewed and cleaned up. - -# 6. Distribution Lists Job Group - -The 6. Distribution Lists job group lists the direct and effective membership to distribution lists, -in addition to providing context around potentially stale distribution lists. - -![6. Distribution Lists Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following comprise the 6. Distribution Lists job group: - -**NOTE:** These jobs are compatible with the Office 365 environment. - -- [Effective Membership > EX_GroupExpansion Job](/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md) - – Expands the direct membership of distribution groups in the environment -- [Membership Analysis Job Group](/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md) - – Provides visibility into toxic conditions contained with the environment, such as circular - nesting, large groups, empty groups, nesting, and potentially stale groups -- [EX_DLCleanup Job](/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md) - – Identifies potentially stale distribution groups based on the last domain logon of the members, - membership counts, and last time mail was sent to the distribution lists. These DLs should be - reviewed and cleaned up. - -# Recommended Configurations for the 6. Distribution Lists Job Group - -Dependencies - -The following job groups need to be successfully run: - -- .Active Directory Inventory Job Group -- .Entra ID Inventory Job Group -- (Optional) Exchange > 1. HUB Metrics Job Group - - - Provides data on distribution list metrics for on-premise Exchange environments and the last - time a distribution list received mail - -- (Optional) Exchange > 8. Exchange Online > Mailflow Job Group - - - Provides data on distribution list metrics for Exchange Online environments and the last time - a distribution list received mail - -Schedule Frequency - -This job group has been designed to run daily after the .Active Directory Inventory Job Group has -been run, to analyze distribution list membership. This job group does not collect data. It uses the -data collection from the .Active Directory Inventory Job Group. - -**_RECOMMENDED:_** Run this job group at 5:00 AM. - -Workflow - -**Step 1 –** Schedule the 6. Distribution Lists job group to run daily after the .Active Directory -Inventory job group has successfully run. - -**Step 2 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/ex_dlcleanup.md b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/ex_dlcleanup.md new file mode 100644 index 0000000000..a2aadd017f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/ex_dlcleanup.md @@ -0,0 +1,27 @@ +# EX_DLCleanup Job + +The EX_DLCleanup job identifies potentially stale Distribution Groups based on the last domain logon +of the members, membership counts, and last time mail was sent to the distribution lists. These DLs +should be reviewed and cleaned up. + +## Analysis Tasks for the EX_DLCleanup Job + +View the analysis task by navigating to the **Exchange** > **6. Distribution Lists** > +**EX_DLCleanup** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_DLCleanup Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/dlcleanupanalysis.webp) + +The following analysis task is selected by default: + +- 1. DL Cleanup – Creates the SA_EX_GroupCleanup_GroupSummary table, accessible under the job’s + Results node + +In addition to the tables and views created by the analysis task, the EX_DLCleanup job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------- | +| Distribution List Cleanup (Distribution List Overview) | This report identifies common issues which may affect distribution list group membership. | None | This report is comprised of one element: - Table – Provides a distribution list overview | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/ex_groupexpansion.md b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/ex_groupexpansion.md new file mode 100644 index 0000000000..9657dd2fb1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/ex_groupexpansion.md @@ -0,0 +1,24 @@ +# Effective Membership > EX_GroupExpansion Job + +The EX_GroupExpansion job expands the direct membership of distribution groups in the environment. + +![Effective Membership > EX_GroupExpansion Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/effectivemembershipjobstree.webp) + +The EX_GroupExpansion job is located in the Effective Membership job group. + +## Analysis Tasks for the EX_GroupExpansion Job + +View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Effective +Membership** > **EX_GroupExpansion** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_GroupExpansion Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/groupexpansionanalysis.webp) + +The following analysis tasks are selected by default: + +- Drop Tables – Drops all previously-created tables and creates the group expansion function +- 1a. Expand Distribution Groups – Expands the distribution group’s direct members +- 2. Create Group Membership View – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_circularnesting.md b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_circularnesting.md new file mode 100644 index 0000000000..a82be6ef49 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_circularnesting.md @@ -0,0 +1,20 @@ +# EX_CircularNesting Job + +The EX_CircularNesting job identifies where circular nesting exists within distribution groups. + +## Analysis Tasks for the EX_CircularNesting Job + +View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership +Analysis** > **EX_CircularNesting** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_CircularNesting Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Circular Nesting Details – Creates the SA_EX_CircularNesting_Details table, accessible under + the job’s Results node +- 2. Domain Summary – Creates the SA_EX_CircularNesting_DomainSummary table, accessible under the + job’s Results node diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_emptygroups.md b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_emptygroups.md new file mode 100644 index 0000000000..3d36eed885 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_emptygroups.md @@ -0,0 +1,25 @@ +# EX_EmptyGroups Job + +The EX_EmptyGroups job identifies empty distribution groups that are candidates for cleanup. + +## Analysis Tasks for the EX_EmptyGroups Job + +View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership +Analysis** > **EX_EmptyGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_EmptyGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- 0. Drop tables – Drops tables from previous runs +- 1. Empty Groups – Creates the SA_EX_EmptyGroups_Empty table, accessible under the job’s Results + node +- 2. Single User Groups – Creates the SA_EX_EmptyGroups_SingleUser table, accessible under the + job’s Results node +- 3. Summarize Empty Groups – Creates the SA_EX_EmptyGroups_EmptySummary table, accessible under + the job’s Results node +- 4. Summarize Single User Groups – Creates the SA_EX_EmptyGroups_SingleUserSummary table, + accessible under the job’s Results node diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_largestgroups.md b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_largestgroups.md new file mode 100644 index 0000000000..1abfc19301 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_largestgroups.md @@ -0,0 +1,18 @@ +# EX_LargestGroups Job + +The EX_LargestGroups job identifies distribution groups with a high member count. + +## Analysis Tasks for the EX_LargestGroups Job + +View the analysis task by navigating to the **Exchange** > **6. Distribution Lists** > **Membership +Analysis** > **EX_LargestGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_LargestGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp) + +The following analysis task is selected by default: + +- 1. Group Details – Creates the SA_EX_LargestGroups_Details table, accessible under the job’s + Results node diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_nestedgroups.md b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_nestedgroups.md new file mode 100644 index 0000000000..47ec8d42ac --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_nestedgroups.md @@ -0,0 +1,20 @@ +# EX_NestedGroups Job + +The EX_NestedGroups job identifies where nesting exists within distribution groups. + +## Analysis Tasks for the EX_NestedGroups Job + +View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership +Analysis** > **EX_NestedGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_NestedGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Details – Creates the SA_EX_NestedGroups_Details table, accessible under the job’s Results + node +- 2. Summarize by Domain – Creates the SA_EX_NestedGroups_DomainSummary table, accessible under + the job’s Results node diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_stalegroups.md b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_stalegroups.md new file mode 100644 index 0000000000..7bc52dce46 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_stalegroups.md @@ -0,0 +1,23 @@ +# EX_StaleGroups Job + +The EX_StaleGroups job identifies potentially stale distribution groups based on the last domain +logon of the members. These groups should be reviewed and cleaned up. + +## Analysis Tasks for the EX_StaleGroups Job + +View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership +Analysis** > **EX_StaleGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_StaleGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Stale User Details – Creates the SA_EX_StaleGroups_Details table, accessible under the job’s + Results node +- 2. Group Summary – Creates the SA_EX_StaleGroups_GroupSummary table, accessible under the job’s + Results node +- 3. Stale Groups – Creates an interim processing table in the database, for use by downstream + analysis and report generations diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/overview.md new file mode 100644 index 0000000000..fc7fbdeb3c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/overview.md @@ -0,0 +1,21 @@ +# Membership Analysis Job Group + +The Membership Analysis job group provides visibility into toxic conditions contained with the +environment, such as circular nesting, large groups, empty groups, nesting, and potentially stale +groups. + +![Membership Analysis Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp) + +The jobs in the Membership Analysis job group are: + +- [EX_CircularNesting Job](/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_circularnesting.md) + – Identifies where circular nesting exists within distribution groups +- [EX_EmptyGroups Job](/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_emptygroups.md) + – Identifies empty distribution groups that are candidates for cleanup +- [EX_LargestGroups Job](/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_largestgroups.md) + – Identifies distribution groups with a high member count +- [EX_NestedGroups Job](/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_nestedgroups.md) + – Identifies where nesting exists within distribution groups +- [EX_StaleGroups Job](/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/ex_stalegroups.md) + – Identifies potentially stale distribution groups based on the last domain logon of the members. + These groups should be reviewed and cleaned up. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/overview.md new file mode 100644 index 0000000000..53385c87c2 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/overview.md @@ -0,0 +1,20 @@ +# 6. Distribution Lists Job Group + +The 6. Distribution Lists job group lists the direct and effective membership to distribution lists, +in addition to providing context around potentially stale distribution lists. + +![6. Distribution Lists Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following comprise the 6. Distribution Lists job group: + +**NOTE:** These jobs are compatible with the Office 365 environment. + +- [Effective Membership > EX_GroupExpansion Job](/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/ex_groupexpansion.md) + – Expands the direct membership of distribution groups in the environment +- [Membership Analysis Job Group](/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/overview.md) + – Provides visibility into toxic conditions contained with the environment, such as circular + nesting, large groups, empty groups, nesting, and potentially stale groups +- [EX_DLCleanup Job](/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/ex_dlcleanup.md) + – Identifies potentially stale distribution groups based on the last domain logon of the members, + membership counts, and last time mail was sent to the distribution lists. These DLs should be + reviewed and cleaned up. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/recommended.md b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/recommended.md new file mode 100644 index 0000000000..31a741377c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/recommended.md @@ -0,0 +1,32 @@ +# Recommended Configurations for the 6. Distribution Lists Job Group + +Dependencies + +The following job groups need to be successfully run: + +- .Active Directory Inventory Job Group +- .Entra ID Inventory Job Group +- (Optional) Exchange > 1. HUB Metrics Job Group + + - Provides data on distribution list metrics for on-premise Exchange environments and the last + time a distribution list received mail + +- (Optional) Exchange > 8. Exchange Online > Mailflow Job Group + + - Provides data on distribution list metrics for Exchange Online environments and the last time + a distribution list received mail + +Schedule Frequency + +This job group has been designed to run daily after the .Active Directory Inventory Job Group has +been run, to analyze distribution list membership. This job group does not collect data. It uses the +data collection from the .Active Directory Inventory Job Group. + +**_RECOMMENDED:_** Run this job group at 5:00 AM. + +Workflow + +**Step 1 –** Schedule the 6. Distribution Lists job group to run daily after the .Active Directory +Inventory job group has successfully run. + +**Step 2 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/ex_useroverview.md b/docs/accessanalyzer/11.6/solutions/exchange/ex_useroverview.md new file mode 100644 index 0000000000..6fd49a2d8c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/ex_useroverview.md @@ -0,0 +1,71 @@ +# EX_UserOverview Job + +The EX_UserOverview job provides correlation from multiple data collection points to show +information for each user about their mailbox size, mailbox access rights, mail flow metrics and +remote connectivity to the Exchange environment. These reports provide user impact analysis on the +environment. + +![EX_UserOverview Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailflowuseroverviewjobstree.webp) + +Dependencies + +The following job groups need to be successfully run prior to this job: + +- **.Active Directory Inventory** Job Group +- **.Entra ID Inventory** Job Group +- **Exchange** > **1. HUB Metrics** Job Group +- **Exchange** > **2. CAS Metrics** Job Group +- **Exchange** > **4. Mailboxes** > **Permissions** Job Group +- **Exchange** > **4.Mailboxes** > **Sizing** Job Group +- **Exchange** > **5. Public Folders** Job Group + +Schedule Frequency + +It is recommended to run this job daily after running its dependencies, but it can be scheduled to +run as desired. + +## Analysis Tasks for the EX_Mailflow_UserOverview Job + +View the analysis task by navigating to the **Exchange** > **EX_UserOverview** > **Configure** node +and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailflow_UserOverview Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailflowuseroverviewanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. User Overview – Creates the SA_EX_UserOverview_Permissions table, accessible under the job’s + Results node +- 2. Add delegate Information to Overview – Adds Delegates to the SA_EX_UserOverview_Permissions + table +- 3. Mailbox Access – Adds Mailbox Rights to the SA_EX_UserOverview_Permissions table +- 4. Send As – Adds Send As Rights to the SA_EX_UserOverview_Permissions table +- 5. Public Folders – Adds Public Folder Permissions to the SA_EX_UserOverview_Permissions table +- 6. DL Membership – Adds DL Membership to the SA_EX_UserOverview_Permissions table +- 7. Mailbox Size – Adds Mailbox Size to the SA_EX_UserOverview_Permissions table +- 8. Permission Listing – Creates a listing of each user and their access rights in the + environment +- 9. Rank by Total Permissions – Adds Ranks to the SA_EX_UserOverview_Permissions table +- 10. Summarize User Message Traffic – Creates the SA_EX_UserOverview_MessageTraffic table, + accessible under the job’s Results node +- 11. Active Sync Devices – Updates table with User ActiveSync Devices +- 12. Message Traffic Date Ranges – Creates the SA_EX_MessageTraffic_DateRange table, accessible + under the job’s Results node +- 13. Summarize User Message Volume – Creates the SA_EX_UserOverview_DataVolume table, accessible + under the job’s Results node +- 14. RPC Volume – Updates SA_EX_UserOverview_Datavolume table with RPC volume +- 15. OWA Volume – Updates SA_EX_UserOverview_Datavolume table with OWA volume +- 16. ActiveSync Volume – Updates SA_EX_UserOverview_Datavolume table with ActiveSync volume +- 17. Data Volume Date Ranges – Creates the SA_EX_TrafficOverview_DateRange table, accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the EX_UserOverview job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Top Users by Message Traffic | This report shows the top users of Exchange based on the past 30 days of message count. | None | This report is comprised of two elements: - Bar Chart– Displays top users by 30 day message traffic - Table – Provides details on top users by 30 day message traffic | +| Top Users by Message Volume | This report shows the top users of Exchange based on the past 30 days of message volume. All statistics are in megabytes | None | This report is comprised of two elements: - Bar Chart – Displays top users by message volume - Table – Provides details on top users by message volume | +| Top Users by Permissions (Exchange User Access) | This report identifies users with a broad range of access across the exchange environment. | None | This report is comprised of three elements: - Bar Chart – Displays top users by permission count - Table – Provides details on top users by permission count - Table – Provides details on permission listing by user | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/appletstatuscheck.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/appletstatuscheck.md new file mode 100644 index 0000000000..f2c67bb33f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/appletstatuscheck.md @@ -0,0 +1,16 @@ +# .AppletStatusCheck Job + +The .AppletStatusCheck Job checks the health and status of the applet deployed to the target +Exchange servers. + +## Queries for the .AppletStatusCheck Job + +The .AppletStatusCheck Job uses the Script Data Collector. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Queries for the .AppletStatusCheck Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp) + +The following query is included with the .AppletStatusCheck Job: + +- Terminate Process – Terminates the metrics applet process diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md new file mode 100644 index 0000000000..ecf8ab5608 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md @@ -0,0 +1,146 @@ +# EX_MetricsCollection Job + +The EX_MetricsCollection Job is comprised of multiple queries that utilize the ExchangeMetrics Data +Collector to process and collect the message tracking logs on the Exchange servers in the +environment. These queries collect server, domain, user, and distribution list traffic including but +not limited to: sent, received, journal, NDRs, and transports messages. These queries are configured +to process and collect that previous 7 days of Message Tracking Logs the first time this job is run, +after that it only collects the previous day unless the **Enable Persistent Log State** option has +been enabled in the query. + +**_RECOMMENDED:_** Run this job with the default configuration settings for all queries. + +See the +[ExchangeMetrics Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/overview.md) +topic for additional information. + +## Queries for the EX_MetricsCollection Job + +The EX_MetricsCollection Job uses the ExchangeMetrics Data Collector. + +![Queries for the EX_MetricsCollection Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp) + +The following queries are included in the EX_MetricsCollection Job: + +- Server Metrics – Collects server metrics +- User Metrics – Collects user metrics +- Internet Traffic Metrics – Collects internet traffic metrics +- Distribution List Metrics – Collects distribution list metrics +- Message Size Metrics – Collects message size metrics +- Delivery Time – Collects delivery times metrics +- Hourly Statistics – Collects server metrics + +## Analysis Tasks for the EX_MetrixCollection Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **0. Collection** > +**EX_MetricsCollection** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_MetrixCollection Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Delivery Times History – Creates the SA_ExhangeMetrics_DeliveryTimes table, accessible under + the job’s Results node +- 2. DL History – Creates the SA*EX* ExhangeMetrics_DistributionLists table, accessible under the + job’s Results node +- 3. Internet Traffic History – Creates the SA_EX_ExhangeMetrics_InternetTraffic table, accessible + under the job’s Results node +- 4. Hourly Traffic History – Creates the SA_EX_ExhangeMetrics_HourlyTraffic table, accessible + under the job’s Results node +- 5. User Traffic History – Creates the SA_EX_ExhangeMetrics_UserTraffic table, accessible under + the job’s Results node +- 6. Message Size History – Creates the SA_EX_ExhangeMetrics_MessageSize table, accessible under + the job’s Results node +- 7. Server Traffic History – Creates the SA_EX_ExhangeMetrics_ServerTraffic table, accessible + under the job’s Results node +- 8. SET HISTORY RETENTION – Sets retention period in months + + - By default set to retain **6 months** + - This retention period can be modified. See the + [Exchange History Retention](#exchange-history-retention) topic for additional information. + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain deselected unless specifically needed: + +**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. Deletes all Stored Data - LEAVE UNCHECKED – Clears all historical data + + - See the [Troubleshooting Data Collection](#troubleshooting-data-collection) topic for + additional information + +## Exchange History Retention + +The **08. SET HISTORY RETENTION** analysis task controls the retention period for the job’s data. +This is why the Data Retention Period options at the global, job group, or job Properties settings +are not supported for the job group. The number of months can be modified. If desired, the parameter +can be set to a specified number of days. Follow these steps to modify the history retention period. + +**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. + +![08. SET HISTORY RETENTION task in the Analysis Selection view](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp) + +**Step 2 –** In the Analysis Selection view, select the **08. SET HISTORY RETENTION** analysis task +and click **Analysis Configuration**. The SQL Script Editor opens. + +![History Retention task in SQL Script Editor](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp) + +**Step 3 –** To modify the number of months: On line 6, modify the value for the months parameter: + +Skip to Step 5. + +**Step 4 –** To change the period parameter from months to days: + +- Comment out lines 4, 6, and 8 which contain the months parameter. To comment out a line add `--` + preceding it. The months parameter section should be as follows: + + ``` + --Sets Retention Period in Months + --Declare @Months Float + --To Change the numbers of months to keep, Modify this value + --set @Months = 6 + --Creates RetentionPeriod to be utilize in Where Clause + --Set @RetentionPeriod = CAST(DATEADD(MM, -@Months, GETDATE()) AS DATE) + ``` + +- Uncomment out (remove `--` from) lines 12, 13, and 14 (which contain the days parameter). The days + parameter section should be as follows: +- If desired, modify the number of days on line 13. The default days parameter is set to 30 days. + +**Step 5 –** Click **Save and Close**. The SQL Script Editor closes. + +The modified history retention period is now applied during future job executions. + +## Troubleshooting Data Collection + +There might be times when it is necessary to purge the data either through dropping the tables from +the database or truncating the data within the tables. This option is provided through ananalysis +task that is not selected by default. Only one analysis task within a job should be enabled when the +desire is to purge that database. + +**CAUTION:** This analysis task deletes information collected or produced by jobs in this solution. + +Follow these steps to troubleshoot data collection: + +**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. + +![Troubleshooting task selection](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp) + +**Step 2 –** In the Analysis Selection view, clear all default analysis tasks (if any) and select +the analysis task which purges data. + +_Remember,_ only one task should be selected. + +**Step 3 –** In the Navigation pane, right-click the **Analysis** node and select **Execute +Analyses**. + +**Step 4 –** After the analysis task has been executed, return to the Analysis Selection view. +Deselect the analysis task which was executed and reselect the default analysis tasks (if any had +been cleared in Step 2). + +The selected purge of data and tables has taken place, and the analysis tasks have been reset to the +default state. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricsdetails.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricsdetails.md new file mode 100644 index 0000000000..5920a0b627 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricsdetails.md @@ -0,0 +1,84 @@ +# EX_MetricsDetails Job + +The EX_MetricsDetails Job collects daily user-to-user Traffic. Walk through this jobs query to +configure the internal domains to collect the sender to recipient traffic from. By default, the +query is configured to collect the previous 1 day of Message Tracking Logs and has @netwrix.com +configured as the domain. If the domains are not configured in the query, then most likely data +collection does not return. + +## Queries for the EX_MetricsDetails Job + +The EX_MetricsDetails Job uses the ExchangeMetrics Data Collector. + +![Queries for the EX_MetricsDetails Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp) + +The following query is included in the EX_MetricsDetails Job: + +- Activity metrics – Collects user to user traffic per day + + - Domains must be configured for data collection to return data + - See the [Configure the Activity Metrics Query](#configure-the-activity-metrics-query) topic + for additional information + +### Configure the Activity Metrics Query + +The Activity Metrics Query has been preconfigured to run with the ExchangeMetrics Data Collector to +collect user traffic per day. The domains must be configured for data collection to return data. + +Follow the steps to configure the Activity Metrics Query. + +**Step 1 –** Navigate to the **Exchange** > **1. HUB Metrics** > **0. Collection** > +**EX_MetricsDetails** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the Activity metrics Query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Exchange Metrics Data +Collector Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. + +![Exchange Metrics Data Collector Wizard Message Activity Filter page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp) + +**Step 4 –** Navigate to the +[ExchangeMetrics: Message Activity Filter](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messageactivityfilter.md) +page to configure the internal domains from which to collect the sender to recipient traffic. The +filter should remain **Ends With**. Replace the `@netwrix.com` variable for both the **Senders** and +**Recipients** with the `@domain.com` variable to be audited. + +**Step 5 –** Navigate to the Summary page and click **Finish**. + +The EX_MetricsDetails Job returns data for the identified sender and recipient domains. + +## Analysis Tasks for the EX_MetricsDetails Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **0. Collection** > +**EX_MetricsDetails** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_MetricsDetails Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. User to User Traffic History – Creates the SA_EX_ExhangeMetrics_MessageTraffic table + accessible under the job’s Results node +- 2. SET HISTORY RETENTION – Sets retention period in months + + - By default set to retain **6 months** + - This retention period can be modified. See the + [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information. + +The following analysis task clears table data from data collection and analysis jobs. This analysis +task should remain deselected unless specifically needed: + +**CAUTION:** Do not select the **00. DROP HISTORY** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. DROP HISTORY - LEAVE UNCHECKED – Clears all historical data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/overview.md new file mode 100644 index 0000000000..cce7a283c4 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/overview.md @@ -0,0 +1,25 @@ +# 0. Collection Job Group + +The 0.Collection Job Group is comprised of jobs that process and analyze the message tracking logs +on the Exchange Servers in the environment. + +![jobstree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 0.Collection Job Group are: + +- [AppletStatusCheck Job](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/appletstatuscheck.md) + – Checks the health and status of the applet deployed to the target Exchange servers +- [EX_MetricsCollection Job](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md) + – Comprised of multiple queries that utilize the Exchange Metrics Data Collect to process and + collect the message tracking logs on the Exchange servers in the environment. These queries + collect server, domain, user, and distribution list traffic including but not limited to sent, + received, journal, NDRs, and transports message. These queries are configured to process and + collect that previous 7 days of Message Tracking Logs the first time this job is run, after that + it only collects the previous day assuming persistence has not been disabled inside the query. +- [EX_MetricsDetails Job](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricsdetails.md) + – Collects user to user traffic per day + + **NOTE:** This job's query needs to be configured to the internal domains from which to collect + the sender to recipient traffic. By default, the query is configured to collect the previous 1 + day of Message Tracking Logs and has @netwrix.com configured as the domain. If the domains are + not configured in the query, then most likely data collection does not return. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_deliverytimes.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_deliverytimes.md new file mode 100644 index 0000000000..94e8657bc8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_deliverytimes.md @@ -0,0 +1,33 @@ +# EX_DeliveryTimes Job + +The EX_DeliveryTimes Job provides information around organizational and server-level delivery times. + +## Analysis Tasks for the EX_DeliveryTimes Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > +**EX_DeliveryTimes** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_DeliveryTimes Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/deliverytimesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Server SLA – Creates the SA_EX_DeliveryTimes_ServerSLA table, accessible under the job’s + Results node +- 2. Org SLA – Creates the SA_EX_DeliveryTimes_OrgSLA table, accessible under the job’s Results + node +- 3. Org pivot – Creates the SA_EX_DeliveryTimes_OrgDeliveryByCount table, accessible under the + job’s Results node +- 4. Org By Volume – Creates the SA_EX_DeliveryTimes_OrgDeliveryByVolume table, accessible under + the job’s Results node +- 5. Org Delivery By Count Last 30 Days – Creates the SA_EX_DeliveryTimes_OrgDeliveryByCountLast30 + table, accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the EX_DeliveryTimes Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | --------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Delivery Times | This report highlights delivery times overall and by server to identify potential issues with SLAs. | None | This report is comprised of three elements: - Line Chart – Displays percent of mail delivered by time frame (last 30 days) - Table – Provides details on mail delivered by time frame - Table – Provides details on percentage of mail delivered in under 1 minute | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_dlmetrics.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_dlmetrics.md new file mode 100644 index 0000000000..71e126a2b1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_dlmetrics.md @@ -0,0 +1,28 @@ +# EX_DLMetrics Job + +The EX_DLMetrics Job provides information around distribution list usage. + +## Analysis Tasks for the EX_DLMetrics Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **EX_DLMetrics** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_DLMetrics Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/dlmetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. DL Metrics – Creates the SA_EX_DLMetrics_Details table, accessible under the job’s Results + node +- 2. Historical Metrics – Creates the SA_EX_DLMetrics_HistoricalStatistics table, accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the EX_DLMetrics Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------------------------ | ------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Distribution Lists by Message Count (Most Active DLs by Message Count) | This report identifies the most active distribution lists by count of messages sent. | None | This report is comprised of two elements: - Bar Chart – Displays top distribution lists by message count (last 30 days) - Table – Provides details on top distribution lists by message count (last 30 days) | +| Distribution Lists by Message Volume (Most Active DLs by Message Volume) | This report identifies the most active distribution lists by volume of messages sent. | None | This report is comprised of two elements: - Bar Chart – Displays top distribution lists by message volume (last 30 days) - Table – Provides details on distribution lists by message volume (last 30 days) | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_domainmetrics.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_domainmetrics.md new file mode 100644 index 0000000000..6b955829c5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_domainmetrics.md @@ -0,0 +1,29 @@ +# EX_DomainMetrics Job + +The EX_DomainMetrics Job provides information about where the domain’s mail flow is going to and +coming from. + +## Analysis Tasks for the EX_DomainMetrics Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > +**EX_DomainMetrics** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_DomainMetrics Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/domainmetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. External Domain Traffic - Count – Creates the SA_EX_DomainMetrics_Count table, accessible + under the job’s Results node +- 2. External Domain Traffic - Volume – Creates the SA_EX_DomainMetrics_Volume table, accessible + under the job’s Results node + +In addition to the tables and views by the analysis tasks, the EX_DomainMetrics Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------------- | -------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Top External Domains by Message Count (Top External Domains) | This report identifies which external domains have the largest traffic flow between organizations. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays access by team - Table – Provides a database access summary - Table – Provides database access details | +| Top External Domains by Message Volume (Top External Domains) | This report identifies which external domains have the largest traffic flow between orgs. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top domain by message count (30 days) - Table – Provides details on top domain by message count (30 days) | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_hourlymetrics.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_hourlymetrics.md new file mode 100644 index 0000000000..f252ec81c4 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_hourlymetrics.md @@ -0,0 +1,32 @@ +# EX_HourlyMetrics Job + +The EX_HourlyMetrics Job provides visibility into how much mail-flow the organization sends and +receives each hour. + +## Analysis Tasks for the EX_HourlyMetrics Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > +**EX_HourlyMetrics** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_HourlyMetrics Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Server Averages – Creates the SA_EX_HourlyMetrics_ServerAverages table, accessible under the + job’s Results node +- 2. Org Averages – Creates the SA_EX_HourlyMetrics_OrgAverages table, accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the EX_HourlyMetrics Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Hourly Traffic (Average Hourly Traffic) | This report identifies which hours during the day have the most traffic by count of messages. | None | This report is comprised of two elements: - Column Chart – Displays average hourly traffic by enterprise - Table – Provides details on average hourly traffic by server | +| Hourly Volume (Average Hourly Volume) | This report identifies which hours during the day have the most traffic by volume of messages. | None | This report is comprised of two elements: - Column Chart – Displays average hourly volume (MB) - Table – Provides details on server averages | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_messagesize.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_messagesize.md new file mode 100644 index 0000000000..558de0a20d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_messagesize.md @@ -0,0 +1,25 @@ +# EX_MessageSize Job + +The EX_MessageSize Job provides information around the size of sent and received messages. + +## Analysis Tasks for the EX_MessageSize Job + +View the analysis task by navigating to the **Exchange** > **1. HUB Metrics** > **EX_MessageSize** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_MessageSize Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/messagesizeanalysis.webp) + +The following analysis task is selected by default: + +- 1. Message Size by Server – Creates the SA_EX_MessageSize_HostSummary table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis task, the EX_MessageSize Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | ------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Message Size | This report identifies servers which handle the largest mail. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by average message size (KB) - Table – Provides details on average message size by server (KB) | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_servermetrics.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_servermetrics.md new file mode 100644 index 0000000000..5c9a4870b7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_servermetrics.md @@ -0,0 +1,40 @@ +# EX_ServerMetrics Job + +The EX_ServerMetrics Job provides visibility into server mail flow statistics, such as, sent, +received, journaling, transport, and NDR counts and sizes. + +## Analysis Tasks for the EX_ServerMetrics Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > +**EX_ServerMetrics** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_ServerMetrics Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/servermetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Transport – Creates the SA_EX_ServerMetrics_Transport table, accessible under the job’s + Results node +- 2. NDRs – Creates the SA_EX_ServerMetrics_NDRs table, accessible under the job’s Results node +- 3. Journaling – Creates the SA_EX_ServerMetrics_Journaling table, accessible under the job’s + Results node +- 4. Yesterday – Creates the SA_EX_ServerMetrics_Yesterday table, accessible under the job’s + Results node +- 5. Last 7 Days – Creates the SA_EX_ServerMetrics_Last7Days table, accessible under the job’s + Results node +- 6. Last 30 Days – Creates the SA_EX_ServerMetrics_Last30Days table, accessible under the job’s + Results node +- 7. Historical Statistics – Creates the SA_EX_ServerMetrics_HistoricalStatistics table, + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the EX_ServerMetrics Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------- | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Journaling (Journaling Traffic) | This report summarizes journaling message traffic across the organization. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by journaling messages (last 30 days) - Table – Provides details on top servers by journaling messages (last 30 days) | +| NDRs (Exchange NDRs) | This report shows NDR counts broken down by server. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by NDRs (last 30 days) - Table – Provides details on top servers by NDRs (last 30 days) | +| Server Traffic (Top Servers by Traffic) | This report summarizes server traffic across the organization for the Last 30 Days. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top servers by total traffic - Table – Provides details top servers by total traffic | +| Transport (Transport Messages) | This report summarizes transport messages across the exchange organization. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by transport messages (last 30 days) - Table – Provides details on top servers by transport messages (last 30 days) | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_usermetrics.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_usermetrics.md new file mode 100644 index 0000000000..84835b66ef --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_usermetrics.md @@ -0,0 +1,30 @@ +# EX_UserMetrics Job + +The EX_UserMetrics Job provides information around each users mail-flow in the organization. + +## Analysis Tasks for the EX_UserMetrics Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > +**EX_UserMetrics** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_UserMetrics Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/usermetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. User Metrics - Volume – Creates the SA_EX_UserMetrics_Volume table, accessible under the + job’s Results node +- 2. User Metrics - Count – Creates the SA_EX_UserMetrics_Count table, accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the EX_UserMetrics Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------- | ----------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Top Receivers by Message Count | This report identifies users who have received the most messages. | None | This report is comprised of two elements: - Bar Chart – Displays top receivers by message count (last 30 days) - Table – Provides details on top receivers by message count (last 30 days) | +| Top Receivers by Message Volume | This report identifies users who have received the most mail by total volume. | None | This report is comprised of two elements: - Bar Chart – Displays top receivers by message volume (last 30 days) - Table – Provides details on top receivers by message volume (last 30 days) | +| Top Senders by Message Count | This report identifies users who have sent the most mail. | None | This report is comprised of two elements: - Bar Chart – Displays top senders by message count (last 30 days) - Table – Provides details on top senders by message count (last 30 days) | +| Top Senders by Message Volume | This report identifies users who have sent the most mail by total volume. | None | This report is comprised of two elements: - Bar Chart – Displays top senders by message volume (last 30 days) - Table – Provides details on top senders by message volume (last 30 days) | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/overview.md new file mode 100644 index 0000000000..0fb9ba076d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/overview.md @@ -0,0 +1,29 @@ +# 1.HUB Metrics Job Group + +The 1. HUB Metrics Job Group is comprised of data collection, analysis and reports that focus on +mail-flow activity occurring within your organization. This job group goes out to each server that +contains the Message Tracking Logs and parse the log to return the data to the Enterprise Auditor +database. + +![1.HUB Metrics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following job groups and jobs comprise the 1. HUB Metrics Job Group: + +- [0. Collection Job Group](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/overview.md) + – Comprised of jobs that process and analyze the message tracking logs on the Exchange Servers in + the environment +- [EX_DeliveryTimes Job](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_deliverytimes.md) + – Provides information around organizational and server level delivery times +- [EX_DLMetrics Job](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_dlmetrics.md) + – Provides information around distribution list usage +- [EX_DomainMetrics Job](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_domainmetrics.md) + – Provides information about which domains mail-flow is going to and coming from +- [EX_HourlyMetrics Job](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_hourlymetrics.md) + – Provides visibility into how much mail-flow the organization sends and receives each hour +- [EX_MessageSize Job](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_messagesize.md) + – Provides information around size of messages sent and received +- [EX_ServerMetrics Job](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_servermetrics.md) + – Provides visibility into server mail-flow statistics, such as, sent, received, journaling, + transport and NDR counts and sizes +- [EX_UserMetrics Job](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/ex_usermetrics.md) + – Provides information around each user’s mail-flow in the organization diff --git a/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/recommended.md b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/recommended.md new file mode 100644 index 0000000000..3fe9287b2b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/recommended.md @@ -0,0 +1,90 @@ +# Recommended Configurations for the 1. HUB Metrics Job Group + +Dependencies + +The following Job Groups need to be successfully run: + +- Active Directory Inventory Job Group + +Targeted Hosts + +The 0. Collection Job Group has been set to run against the following default dynamic host lists: + +- Exchange 2016 MB Servers +- Exchange 2013 MB Servers +- Exchange HUB Servers + +**NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which meet +the host inventory criteria for the list. Ensure the appropriate host lists have been populated +through host inventory results. + +**_RECOMMENDED:_** Only modify host lists in the 0. Collection Job Group. + +Connection Profile + +A Connection Profile must be set directly on the EX_MetricsCollection Job and the EX_MetricsDetails +Job. See the +[Exchange Mail-Flow Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/mailflow.md) +topic for required permissions. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +This job group has been designed to run daily to process and collect the previous day’s message +tracking logs. Run this job after 12:01 AM when the logs on the Exchange servers have rolled over to +the next day. + +**_RECOMMENDED:_** Run this job group at 1:00 AM. + +History Retention + +History retention should not be enabled on this job group. History is kept through analysis tasks. +Modify the following analysis tasks to customize the amount of history which is kept: + +| Job Name | Analysis Task Name | Default History | +| -------------------- | --------------------- | --------------- | +| EX_MetricsCollection | SET HISTORY RETENTION | 6 Months | +| EX_MetricsDetails | SET HISTORY RETENTION | 6 Months | + +See the +[Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) +topic for additional information. + +Query Configuration + +The 1. HUB Metrics Job Group is designed to be run with the default query configurations with the +following exceptions: + +- EX_MetricsDetails Job – The **Activity Metrics** Query requires domains to be configured +- All queries in the 1.HUB Metrics Job Group that use the ExchangeMetrics Data Collector – + (Optional) The **Enable Persistent Log State** option can be enabled on the Options page of the + Exchange Metrics Data Collector Wizard to search the log from where the previous search left off. + See the + [ExchangeMetrics: Options](/docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/options.md) topic + for additional information. + +Analysis Configuration + +The 1. HUB Metrics Job Group should be run with the default analysis configurations. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or +deselected. There are a few which are deselected by default, as they are for troubleshooting +purposes. + +The following analysis tasks should not be deselected, but their parameters can be modified: + +- **0. Collection** > **EX_MetricsCollection** Job – **08. SET HISTORY RETENTION** Analysis Task +- **0. Collection** > **EX_MetricsDetails** Job – **02. SET HISTORY RETENTION** Analysis Task + +Workflow + +**Step 1 –** Set a Connection Profile on the jobs that run data collection. + +**Step 2 –** Schedule the **1. HUB Metrics** Job Group to run daily. + +**_RECOMMENDED:_** Run at 1:00 AM. + +**Step 3 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md b/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md deleted file mode 100644 index be965734a8..0000000000 --- a/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md +++ /dev/null @@ -1,712 +0,0 @@ -# Features > EX_Features Job - -The EX_Features job is comprised of data collection and a report that provides information around -which features have been enabled or disabled on Mailboxes, such as ActiveSync, IMAP, POP and more. - -**_RECOMMENDED:_** Schedule the Features Job Group to run weekly on any desired recurrence. - -![Features > EX_Features Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/featuresjobstree.webp) - -The EX_Features job is located in the Features job group. - -## Queries for the EX_Features Job - -The EX_Features Job uses the ExchangePS Data Collector. - -![Queries for the EX_Features Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/featuresquery.webp) - -The following query is included with the EX_Features Job: - -- User Mailbox Settings – Collects user mailbox settings - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for credential requirements. - -In addition to the table created by the query, the EX_Features Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------- | -| Mailbox Features | This report identifies features introduced in Exchange for each mailbox. | None | This report is comprised of one element: - Table – Provides details on mailbox features | - -# 0.Collection > EX_MailboxActivity Job - -The EX_MailboxActivity job collects logs of Native Mailbox Access Auditing from Exchange to provide -reporting around mailbox logon activity. - -![0.Collection > EX_MailboxActivity Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The EX_MailboxActivity job is located in the 0.Collection job group. - -**NOTE:** This job requires that Exchange Access Auditing is enabled in the Exchange environment. - -## Queries for the EX_MailboxActivity Job - -The EX_MailboxActivity Job uses the ExchangePS Data Collector. - -![Queries for the EX_MailboxActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp) - -The following query is included with the EX_MailboxActivity job: - -- Exchange Mailbox Logons – Collects data on Exchange mailbox access logons - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for credential requirements. - -# EX_MailboxLogons Job - -The EX_MailboxLogons Job provides details around Mailbox logon activity occurring within the -Exchange environment. - -## Analysis Tasks for the EX_MailboxLogons Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Logons** > -**EX_MailboxLogons** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_MailboxLogons Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create History Table – Creates the SA_EX_MailboxLogons_Details table, accessible under the - job’s Results node -- 02.Hourly Activity – Creates the SA_EX_MailboxLogons_HourlyActivity table, accessible under the - job’s Results node -- 03.SET HISTORY RETENTION – Sets retention period in months - - - By default set to retain 6 months. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#exchange-history-retention) - topic for additional information - -- 04.Last Week Top Offenders – Creates the SA_EX_MailboxLogons_LastWeekSummary table, accessible - under the job’s Results node -- 05.Hourly by Client IP – Creates the SA_EX_MailboxLogons_HourlyActivityByClient table, accessible - under the job’s Results node -- 06.Import Logon Activity to AIC – Imports Logon Activity to Access Information Center - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Delete All Historical Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 00.Delete All Historical Data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_MailboxLogons Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Non Owner Mailbox Logons – Last Week (Top Users Logging into Other Mailboxes) | Lists the number of distinct non-owner mailboxes accessed by each user and counts of non-owner logons in the last seven days. | None | This report is comprised of two elements: - Bar Chart – Displays top users for non-owner activity – last week - Table – Provides details on all mailbox logons | -| Top Hourly Activity (By IP) (Top Hourly Activity) | This report shows periods where there was large amounts of traffic coming from a single machine. | None | This report is comprised of two elements: - Bar Chart – Displays top machines by user account activity - Table – Provides details on top machines by user account activity | -| Top Hourly Activity (By User) (Top Hourly Activity) | This report shows periods when users are most active. | None | This report is comprised of two elements: - Bar Chart – Displays top machines by non-owner logons - Table – Provides details on top users by non-owner logons | - -# Logons Job Group - -The Logons Job Group provides collection of Native Mailbox Access Auditing logs from Exchange to -provide reporting around mailbox logon activity. - -**_RECOMMENDED:_** Schedule the Logons Job Group to run daily at 7 PM. - -The data collection job requires that Exchange Access Auditing is enabled in the Exchange -environment. - -![Logons Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the Logons Job Group are: - -- [0.Collection > EX_MailboxActivity Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Collects logs of Native Mailbox Access Auditing from Exchange to provide reporting around - mailbox logon activity -- [EX_MailboxLogons Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Provides details around Mailbox logon activity occurring within the Exchange environment - -# 4.Mailboxes Job Group - -The 4. Mailboxes job group is comprised of data collection, analysis, and reports around mailbox -features, logons, permissions, and sizing. - -![4.Mailboxes Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following comprise the 4. Mailboxes job group: - -**NOTE:** These jobs are compatible with the Office 365 environment. - -- [Features > EX_Features Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Comprised of data collection and a report that provides information around which features have - been enabled or disabled on mailboxes, such as ActiveSync, IMAP, POP and more -- [Logons Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Provides collection of Native Mailbox Access Auditing logs from Exchange to provide reporting - around mailbox logon activity -- [Permissions Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Comprised of data collection, analysis and reports that focus on access granted to each mailbox - in the environment including, Mailbox Rights, Active Directory Permissions, Delegation, and Folder - Permissions -- [Sizing Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Provides data collection, analyses, and reports which focus on mailbox sizing, growth, and - trends - -# EX_Delegates Job - -The EX_Delegates job collects data from Active Directory to identify the delegates applied to a -mailbox. - -## Queries for the EX_Delegates Job - -The EX_Delegates job uses the ExchangePS Data Collector. - -![Queries for the EX_Delegates Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp) - -The following query is included with the EX_Delegates job: - -- Delegates – Collects delegates applied to each mailbox - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for credential requirements. - -# EX_MBRights Job - -The EX_MBRights job collects data from Active Directory to identify the mailbox rights applied to a -mailbox. - -## Queries for the EX_MBRights Job - -The EX_MBRights job uses the ExchangePS Data Collector. - -![Queries for the EX_MBRights Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp) - -The following query is included in the EX_MBRights Job: - -- Mailbox Rights – Collects mailbox rights - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for credential requirements. - -# EX_Perms Job - -The EX_Perms job collects information about permissions applied to the folders within Exchange -mailboxes. - -## Queries for the EX_Perms Job - -The EX_Perms job uses the EWSMailbox Data Collector. - -![Queries for the EX_Perms Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/permsquery.webp) - -The following query is included in the EX_Perms job. - -- Exchange Mailbox Permissions – Returns Exchange mailbox folder permissions - - - By default set to search all mailboxes. It can be scoped. - - See the - [EWSMailbox Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) - topic for additional information - -# EX_SendAs Job - -The EX_SendAs job collects data from Active Directory to identify the Active Directory rights -applied to a mailbox. - -## Queries for the EX_SendAs Job - -The EX_SendAs job uses the ExchangePS Data Collector. - -![Queries for the EX_SendAs Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp) - -The following query is included in the EX_SendAs Job: - -- Send AS - Rights – Collects Exchange mailbox folder permissions - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for credential requirements. - -## Analysis Tasks for the EX_SendAs Job - -View the analysis task by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > -**0.Collection** > **EX_SendAs** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_SendAs Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp) - -The following analysis task is selected by default: - -- Index Collection – Creates an index on the collection for use by downstream analysis and report - generation - -# 0. Collection Job Group - -The 0. Collection job group is comprised of data collection and analysis that focus on access -granted to each mailbox in the environment including: Mailbox Rights, Active Directory Permissions, -Delegation, and Folder Permissions. - -![0.Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The jobs in the 0. Collection job group are: - -- [EX_Delegates Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Collects data from Active Directory to identify the delegates applied to a mailbox -- [EX_MBRights Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Collects data from Active Directory to identify the mailbox rights applied to a mailbox -- [EX_Perms Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Collects information about permissions applied to the folders within Exchange mailboxes -- [EX_SendAs Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Collects data from Active Directory to identify the Active Directory rights applied to a mailbox - -# EX_AdminGroups Job - -The EX_AdminGroups job provides visibility into the direct and effective membership of Exchange -Administrative groups. - -## Analysis Tasks for the EX_AdminGroups Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > -**EX_AdminGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_AdminGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Calculate Effective Membership – Creates the SA_EX_AdminGroups_Membership table accessible - under the job’s Results node -- 01.Rank groups by Size – Creates the SA_EX_AdminGroups_Ranked table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the EX_AdminGroups Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | -------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | -| Exchange Administration Groups | This report shows effective membership for the default Exchange Administration groups. | None | This report is comprised of two elements: - Bar Chart – Displays largest admin groups - Table – Provides membership details | - -# EX_MailboxAccess Job - -The EX_MailboxAccess job provides visibility into access granted to each mailbox in the environment -taking into consideration Mailbox Rights, Active Directory Permissions, Delegation, and Folder -Permissions. - -## Analysis Tasks for the EX_Mailbox Access Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > -**EX_MailboxAccess** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailbox Access Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Regional Send As Rights – Creates the SA_EX_MailboxAccess_SendAs table, accessible under the - job’s Results node -- 01.Regional Full Control Rights – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 02.Regional Delegates – Creates the SA_EX_MailboxAccess_Delegates table, accessible under the - job’s Results node -- 03.Regional Mailbox Permissions – Creates the SA_EX_MailboxAccess_Permissions table, accessible - under the job’s Results node -- 04.Regional Delegated Access – Creates the SA_EX_MailboxAccess_DelegatedAccess table, accessible - under the job’s Results node -- 05.Regional Mailbox Rights – Creates the SA_EX_MailboxAccess_Rights table, accessible under the - job’s Results node -- 06.Missing Anonymous Permissions – Creates the SA_EX_MailboxAccess_MissingAnon table, accessible - under the job’s Results node -- 07.Incorrect Default/Anonymous Rights – Creates the SA_EX_MailboxAccess_DefaultAnonIssues table, - accessible under the job’s Results node -- 08.Expanded Rights – Creates the SA_EX_MailboxAccess_ExpandedRights table, accessible under the - job’s Results node -- 09.Incorrect Default/Anonymous Permissions Summary – Creates the - SA_EX_MailboxAccess_DefaultAnonSummary table, accessible under the job’s Results node -- 10.Permissions Summary – Creates the SA_EX_MailboxAccess_PermissionSummary table, accessible under - the job’s Results node -- 11.Full Control Summary – Creates the SA_EX_MailboxAccess_FullControlSummary table, accessible - under the job’s Results node -- 12.Send As Summary – Creates the SA_EX_MailboxAccess_SendAsSummary table accessible under the - job’s Results node - -The following analysis tasks is selected to export data to the AIC: - -- 13.AIC Import - Export Exchange Permissions – Exports delegates, Send AS rights, mailbox - permissions, and Active Directory rights to the Access Information Center - - **NOTE:** This task sends data to the Access Information Center during future job executions. - See the User Reports and the Group Reports topics in the - [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) - for additional information. - -In addition to the tables and views created by the analysis tasks, the EX_MailboxAccess Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Delegation (Delegates) | This report identifies users where Delegate/Send on Behalf Of rights have been assigned and which objects the users have been given rights to. | None | This report is comprised of two elements: - Bar Chart – Displays top users by number of delegates - Table – Provides details on top users by number of delegates | -| Full Control Access (Mailboxes with Full Control) | This report identifies users with the largest amount of Full Control rights assigned to other individuals. | None | This report is comprised of two elements: - Bar Chart – Displays top users with full control granted - Table – Provides details on top users with full control granted | -| Incorrect Default And Anon Permissions | This report identifies where Default or Anonymous have any role assignment other than **None** or **Free/Busy time**. | None | This report is comprised of three elements: - Bar Chart – Displays top users with incorrect default/anon permissions - Table – Provides details on top users with incorrect default/anon permissions - Table – Provides role details | -| Missing Anonymous Permissions | This report identifies folders where Anonymous permissions are not assigned. | None | This report is comprised of one element: - Table – Provides details on missing anonymous permissions | -| Send As (Send-As Rights) | This report identifies which users have the highest number of users with Send-As rights to their mailbox. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top users by send as rights granted - Table – Provides details on top users by send as right granted - Table – Provides additional details | - -# Permissions Job Group - -The Permissions job group is comprised of data collection, analysis and reports that focus on access -granted to each mailbox in the environment including, Mailbox Rights, Active Directory Permissions, -Delegation, and Folder Permissions. - -**_RECOMMENDED:_** Schedule the Permissions job group to run weekly on Fridays at 6 PM. - -![Permissions Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The job groups and jobs in the Permissions job group are: - -- [0. Collection Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Comprised of data collection and analysis that focus on access granted to each mailbox in the - environment including: Mailbox Rights, Active Directory Permissions, Delegation, and Folder - Permissions -- [EX_AdminGroups Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Provides visibility into the direct and effective membership of Exchange Administrative groups -- [EX_MailboxAccess Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Provides visibility into access granted to each mailbox in the environment taking into - consideration Mailbox Rights, Active Directory Permissions, Delegation, and Folder Permissions - -# Recommended Configurations for the 4. Mailboxes Job Group - -Dependencies - -This job group requires the following items to be enabled: - -- Exchange Access Auditing is enabled in the Exchange environment - - - This is required for the Logons Job Group. See the - [Enable Exchange Mailbox Access Auditing](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md#enable-exchange-mailbox-access-auditing) - topic for additional information. - -The following job groups need to be successfully run: - -- **.Active Directory Inventory** Job Group -- **.Entra ID Inventory** Job Group -- **Exchange** > **1. HUB Metrics** Job Group (Optional) - - Provides data on mailbox metrics for on-premises Exchange environments and the last time a - distribution list received mail -- **Exchange** > **2. CAS Metrics** Job Group (Optional) - - Provides data on mailbox staleness for on-premises Exchange environments -- **Exchange** > **8. Exchange Online** > **Mailflow** Job Group (Optional) - - Provides data on distribution list metrics for Exchange Online environments and the last time - a distribution list received mail - -Targeted Hosts - -The **Features** > **EX_Features** job, **Logons** > **0.Collection** job group, **Permissions** > -**0.Collection** job group, and **Sizing** > **0.Collection** job group have been set for Exchange -on-premises to run against: - -- Local host - -This Job Group can target a custom host list for Exchange Online instead of targeting Exchange -on-premises. However, do not try to target both types of environments. - -Connection Profile - -A Connection Profile must be set directly on the collection jobs within each sub-job group: - -- **Features** > **EX_Features** Job -- **Logons** > **0.Collection** > **EX_MailboxActivity** Job -- **Permissions** > **0. Collection**: - - - EX_Delegates Job - - EX_MBRights Job - - EX_Perms Job - - EX_SendAs Job - -- **Sizing** > **0. Collection** > **EX_MBSize** Job - -See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for the required permissions. See the -[Exchange Custom Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -Schedule Frequency - -It is not recommended to run these jobs at the 4. Mailboxes job group level. The Logons sub-job -group and Sizing job group have been designed to run daily. The Features sub-job group and -Permissions job group have been designed to run weekly. See the table for recommended times: - -| Job Group Name | Frequency | Recommended Time | -| -------------- | --------- | ----------------------------------- | -| Logons | Daily | 4 AM | -| Sizing | Daily | 7 PM | -| Features | Weekly | No recommendation, run when desired | -| Permissions | Weekly | Fridays at 6 PM | - -History Retention - -History retention should not be enabled on this job group. History is kept through analysis tasks. -Modify the following analysis tasks to customize the amount of history which is kept: - -| Job Name | Analysis Task Name | Default History | -| ----------------- | --------------------- | --------------- | -| EX_DMailboxLogons | SET HISTORY RETENTION | 6 Months | -| EX_MailboxSizes | SET HISTORY RETENTION | 6 Months | - -Query Configuration - -The 4. Mailboxes job group is designed to be run with the default query configurations. However, the -following queries can be modified: - -- **Features** > **EX_Features** Job – **User Mailbox Settings** Query -- **Logons** > **0.Collection** > **EX_MailboxActivity** Job – **Exchange Mailbox Logons** Query -- **Permissions** > **0. Collection** > **EX_Delegates** Job – **Delegates** Query -- **Permissions** > **0. Collection** > **EX_MBRights** Job – **Mailbox Rights** Query -- **Permissions** > **0. Collection** > **EX_Perms** Job – **Exchange Mailbox Permissions** Query -- **Permissions** > **0. Collection** > **EX_SendAs** Job – **Send AS - Rights** Query -- **Sizing** > **0. Collection** > **EX_MBSize** Job – **Mailbox Counts and Sizes** Query - -No other queries should be modified. - -Analysis Configuration - -The 4. Mailboxes job group should be run with the default analysis configurations. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or -deselected. There are some tasks that are deselected by default, as they are for troubleshooting -purposes. - -The following analysis tasks should not be deselected, but their parameters can be modified: - -- **Logons** > **EX_MailboxLogons** Job – **03.SET HISTORY RETENTION** Analysis Task -- **Sizing** > **EX_MailboxSizes** Job – **02.SET HISTORY RETENTION** Analysis Task - -The following analysis tasks is enabled to send Exchange mailbox permission data to the -Netwrix Access Information Center: - -- **Permissions** > **EX_MailboxAccess** Job – **13.AIC Import - Export Exchange Permissions** - Analysis Task - -Workflow - -**Step 1 –** Set a Connection Profile on the jobs that run data collection. - -**Step 2 –** Schedule the jobs. The following are the recommended schedules: - -- Daily Execution - - - Schedule the **Logons** job group to run daily - - Schedule the **Sizing** job group to run daily - -- Weekly Execution - - - Schedule the **Features** job group to run weekly - - Schedule the **Permissions** job group to run weekly - -**Step 3 –** Review the reports generated by the jobs. - -# EX_MailboxSizes Job - -The EX_MailboxSizes job provides analysis and reporting around mailbox sizing and growth. - -#### Analysis Tasks for the EX_Mailbox Sizes Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Sizing** > -**EX_MailboxSizes** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailbox Sizes Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp) - -The following analysis tasks are selected by default: - -- 01.Update or Create Details Table – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 02.Regional Track Mailbox Size History – Creates an interim processing table in the database for - use by downstream analysis and report generation -- 03.SET HISTORY RETENTION – Sets retention period in months - - - The default is 6 months. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#exchange-history-retention) - topic for additional information - -- 04.Store History – Creates the SA_EX_MailboxSizes_StoreHistory table, accessible under the job’s - Results node -- 05.Current Sizes – Creates the SA_EX_MailboxSizes_CurrentSnapshot table, accessible under the - job’s Results node -- 06.Dumpster Sizes – Creates the SA_EX_MailboxSizes_DumpstersByStore table, accessible under the - job’s Results node -- 07.Current Store Size – Creates the SA_EX_MailboxSizes_CurrentStoreSize table, accessible under - the job’s Results node - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00.Delete All Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database: - -- 00.Delete All Data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_MailboxAccess Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Largest Recoverable Items Folder (Dumpster) (Dumpster Sizes by User) | This report identifies users with the largest Recoverable Items folder (dumpster). | None | This report is comprised of two elements: - Bar Chart – Displays users with largest Recoverable Items folders - Table – Provides details on user Recoverable Items folders | -| Largest Mailboxes (Top Users by Mailbox Size) | This report identifies users with the largest mailboxes. | None | This report is comprised of two elements: - Bar Chart – Displays users with the largest mailboxes - Table – Provides details on users with largest mailboxes | - -# 0.Collection > EX_MBSize Job - -The EX_MBSize job collects information from the Exchange environment about the mailbox sizes in the -environment. - -![0.Collection > EX_MBSize Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The EX_MBSize job is located in the 0.Collection job group. - -## Queries for the EX_MBSize Job - -The EX_MBSize Job uses the ExchangePS Data Collector. - -![Queries for the EX_MBSize Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/mbsizequery.webp) - -The following query is included in the EX_MBSize Job: - -- Mailbox Counts and Sizes – Identifies the Active Directory rights applied to a mailbox - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for credential requirements. - -# EX_StaleMailboxes Job - -The EX_StaleMailboxes job provides analysis and reporting around orphaned and stale mailboxes. - -## Analysis Tasks for the EX_StaleMailboxes Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Sizing** > -**EX_StaleMailboxes** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_StaleMailboxes Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Mailbox Orphans – Creates the SA_EX_StaleMailboxes_Orphans table, accessible under the job’s - Results node -- 2. Stale User Mailboxes – Creates the SA_EX_StaleMailboxes_Details table, accessible under the - job’s Results node -- 3. Organization Summary – Creates the SA_EX_StaleMailboxes_OrgSummary table, accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the EX_StaleMailboxes Job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Orphaned Mailboxes | Orphaned Mailboxes do not have an Active Directory account associated with them, and generally can be safely deleted. | None | This report is comprised of three elements: - Bar Chart – Displays orphan mailbox storage - Table – Provides details on all orphaned mailboxes - Table – Provides details on orphan mailbox storage | -| Stale Users (Mailboxes associated with Stale AD Accounts) | This report shows mailboxes which are tied to stale user accounts. | None | This report is comprised of three elements: - Bar Chart – Displays stale user mailboxes - Table – Provides details stale user mailboxes - Table – Provides additional details on stale user mailboxes | - -# EX_StoreSizes Job - -The EX_StoreSizes job provides analysis and reporting around database sizing based on mailbox sizes. - -## Analysis Tasks for the EX_StoreSizes Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > -**Sizing** > **EX_StoreSizes** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_StoreSizes Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Users Ranked by Store – Creates the SA_EX_StoreSize_UsersByStore table, accessible under the - job’s Results node -- 01.Rank Stores – Creates the SA_EX_StoreSize_Ranked table, accessible under the job’s Results node -- 02.30 Day Growth – Creates the SA_EX_StaleMailboxes_30DayChange table, accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the EX_StoreSizes Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------ | --------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Store Sizes and Growth (Store Sizes) | This report identifies 30 day growth for every mail store within the environment. | None | This report is comprised of two elements: - Bar Chart – Displays fastest-growing mail stores - Table – Provides details on mail stores – percent change | -| Top Users by Store | This report identifies the top users for every mail store. | None | This report is comprised of one element: - Table – Provides details on top users by store | - -# Sizing Job Group - -The Sizing job group provides data collection, analyses, and reports which focus on mailbox sizing, -growth, and trends. - -**_RECOMMENDED:_** Schedule the Sizing job group to run daily at 4 AM. - -![Sizing Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the Sizing job group are: - -- [0.Collection > EX_MBSize Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Collects information from the environment about the mailbox sizes in the environment -- [EX_MailboxSizes Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Provides analysis and reporting around Mailbox sizing and growth -- [EX_StaleMailboxes Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Provides analysis and reporting around orphaned and Stale Mailboxes -- [EX_StoreSizes Job](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) - – Provides analysis and reporting around Database Sizing based on Mailbox Sizes diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/ex_features.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/ex_features.md new file mode 100644 index 0000000000..3518268f18 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/ex_features.md @@ -0,0 +1,37 @@ +# Features > EX_Features Job + +The EX_Features job is comprised of data collection and a report that provides information around +which features have been enabled or disabled on Mailboxes, such as ActiveSync, IMAP, POP and more. + +**_RECOMMENDED:_** Schedule the Features Job Group to run weekly on any desired recurrence. + +![Features > EX_Features Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/featuresjobstree.webp) + +The EX_Features job is located in the Features job group. + +## Queries for the EX_Features Job + +The EX_Features Job uses the ExchangePS Data Collector. + +![Queries for the EX_Features Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/featuresquery.webp) + +The following query is included with the EX_Features Job: + +- User Mailbox Settings – Collects user mailbox settings + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) + topic for credential requirements. + +In addition to the table created by the query, the EX_Features Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------- | +| Mailbox Features | This report identifies features introduced in Exchange for each mailbox. | None | This report is comprised of one element: - Table – Provides details on mailbox features | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/ex_mailboxactivity.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/ex_mailboxactivity.md new file mode 100644 index 0000000000..4b099be564 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/ex_mailboxactivity.md @@ -0,0 +1,30 @@ +# 0.Collection > EX_MailboxActivity Job + +The EX_MailboxActivity job collects logs of Native Mailbox Access Auditing from Exchange to provide +reporting around mailbox logon activity. + +![0.Collection > EX_MailboxActivity Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The EX_MailboxActivity job is located in the 0.Collection job group. + +**NOTE:** This job requires that Exchange Access Auditing is enabled in the Exchange environment. + +## Queries for the EX_MailboxActivity Job + +The EX_MailboxActivity Job uses the ExchangePS Data Collector. + +![Queries for the EX_MailboxActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp) + +The following query is included with the EX_MailboxActivity job: + +- Exchange Mailbox Logons – Collects data on Exchange mailbox access logons + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) + topic for credential requirements. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/ex_mailboxlogons.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/ex_mailboxlogons.md new file mode 100644 index 0000000000..14ddcce716 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/ex_mailboxlogons.md @@ -0,0 +1,54 @@ +# EX_MailboxLogons Job + +The EX_MailboxLogons Job provides details around Mailbox logon activity occurring within the +Exchange environment. + +## Analysis Tasks for the EX_MailboxLogons Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Logons** > +**EX_MailboxLogons** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_MailboxLogons Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create History Table – Creates the SA_EX_MailboxLogons_Details table, accessible under the + job’s Results node +- 02.Hourly Activity – Creates the SA_EX_MailboxLogons_HourlyActivity table, accessible under the + job’s Results node +- 03.SET HISTORY RETENTION – Sets retention period in months + + - By default set to retain 6 months. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +- 04.Last Week Top Offenders – Creates the SA_EX_MailboxLogons_LastWeekSummary table, accessible + under the job’s Results node +- 05.Hourly by Client IP – Creates the SA_EX_MailboxLogons_HourlyActivityByClient table, accessible + under the job’s Results node +- 06.Import Logon Activity to AIC – Imports Logon Activity to Access Information Center + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Delete All Historical Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 00.Delete All Historical Data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_MailboxLogons Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Non Owner Mailbox Logons – Last Week (Top Users Logging into Other Mailboxes) | Lists the number of distinct non-owner mailboxes accessed by each user and counts of non-owner logons in the last seven days. | None | This report is comprised of two elements: - Bar Chart – Displays top users for non-owner activity – last week - Table – Provides details on all mailbox logons | +| Top Hourly Activity (By IP) (Top Hourly Activity) | This report shows periods where there was large amounts of traffic coming from a single machine. | None | This report is comprised of two elements: - Bar Chart – Displays top machines by user account activity - Table – Provides details on top machines by user account activity | +| Top Hourly Activity (By User) (Top Hourly Activity) | This report shows periods when users are most active. | None | This report is comprised of two elements: - Bar Chart – Displays top machines by non-owner logons - Table – Provides details on top users by non-owner logons | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/overview.md new file mode 100644 index 0000000000..eda4ac430e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/overview.md @@ -0,0 +1,19 @@ +# Logons Job Group + +The Logons Job Group provides collection of Native Mailbox Access Auditing logs from Exchange to +provide reporting around mailbox logon activity. + +**_RECOMMENDED:_** Schedule the Logons Job Group to run daily at 7 PM. + +The data collection job requires that Exchange Access Auditing is enabled in the Exchange +environment. + +![Logons Job Group](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the Logons Job Group are: + +- [0.Collection > EX_MailboxActivity Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/ex_mailboxactivity.md) + – Collects logs of Native Mailbox Access Auditing from Exchange to provide reporting around + mailbox logon activity +- [EX_MailboxLogons Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/ex_mailboxlogons.md) + – Provides details around Mailbox logon activity occurring within the Exchange environment diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/overview.md new file mode 100644 index 0000000000..9fec230182 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/overview.md @@ -0,0 +1,24 @@ +# 4.Mailboxes Job Group + +The 4. Mailboxes job group is comprised of data collection, analysis, and reports around mailbox +features, logons, permissions, and sizing. + +![4.Mailboxes Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following comprise the 4. Mailboxes job group: + +**NOTE:** These jobs are compatible with the Office 365 environment. + +- [Features > EX_Features Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/ex_features.md) + – Comprised of data collection and a report that provides information around which features have + been enabled or disabled on mailboxes, such as ActiveSync, IMAP, POP and more +- [Logons Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/overview.md) + – Provides collection of Native Mailbox Access Auditing logs from Exchange to provide reporting + around mailbox logon activity +- [Permissions Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/overview.md) + – Comprised of data collection, analysis and reports that focus on access granted to each mailbox + in the environment including, Mailbox Rights, Active Directory Permissions, Delegation, and Folder + Permissions +- [Sizing Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/overview.md) + – Provides data collection, analyses, and reports which focus on mailbox sizing, growth, and + trends diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_delegates.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_delegates.md new file mode 100644 index 0000000000..d70f4b462f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_delegates.md @@ -0,0 +1,24 @@ +# EX_Delegates Job + +The EX_Delegates job collects data from Active Directory to identify the delegates applied to a +mailbox. + +## Queries for the EX_Delegates Job + +The EX_Delegates job uses the ExchangePS Data Collector. + +![Queries for the EX_Delegates Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp) + +The following query is included with the EX_Delegates job: + +- Delegates – Collects delegates applied to each mailbox + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) + topic for credential requirements. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_mbrights.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_mbrights.md new file mode 100644 index 0000000000..cc6ca5a49f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_mbrights.md @@ -0,0 +1,24 @@ +# EX_MBRights Job + +The EX_MBRights job collects data from Active Directory to identify the mailbox rights applied to a +mailbox. + +## Queries for the EX_MBRights Job + +The EX_MBRights job uses the ExchangePS Data Collector. + +![Queries for the EX_MBRights Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp) + +The following query is included in the EX_MBRights Job: + +- Mailbox Rights – Collects mailbox rights + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) + topic for credential requirements. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_perms.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_perms.md new file mode 100644 index 0000000000..284592cbd6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_perms.md @@ -0,0 +1,19 @@ +# EX_Perms Job + +The EX_Perms job collects information about permissions applied to the folders within Exchange +mailboxes. + +## Queries for the EX_Perms Job + +The EX_Perms job uses the EWSMailbox Data Collector. + +![Queries for the EX_Perms Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/permsquery.webp) + +The following query is included in the EX_Perms job. + +- Exchange Mailbox Permissions – Returns Exchange mailbox folder permissions + + - By default set to search all mailboxes. It can be scoped. + - See the + [EWSMailbox Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/overview.md) + topic for additional information diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_sendas.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_sendas.md new file mode 100644 index 0000000000..fa7a78d562 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_sendas.md @@ -0,0 +1,39 @@ +# EX_SendAs Job + +The EX_SendAs job collects data from Active Directory to identify the Active Directory rights +applied to a mailbox. + +## Queries for the EX_SendAs Job + +The EX_SendAs job uses the ExchangePS Data Collector. + +![Queries for the EX_SendAs Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp) + +The following query is included in the EX_SendAs Job: + +- Send AS - Rights – Collects Exchange mailbox folder permissions + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) + topic for credential requirements. + +## Analysis Tasks for the EX_SendAs Job + +View the analysis task by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > +**0.Collection** > **EX_SendAs** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_SendAs Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp) + +The following analysis task is selected by default: + +- Index Collection – Creates an index on the collection for use by downstream analysis and report + generation diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/overview.md new file mode 100644 index 0000000000..7795844572 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/overview.md @@ -0,0 +1,18 @@ +# 0. Collection Job Group + +The 0. Collection job group is comprised of data collection and analysis that focus on access +granted to each mailbox in the environment including: Mailbox Rights, Active Directory Permissions, +Delegation, and Folder Permissions. + +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The jobs in the 0. Collection job group are: + +- [EX_Delegates Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_delegates.md) + – Collects data from Active Directory to identify the delegates applied to a mailbox +- [EX_MBRights Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_mbrights.md) + – Collects data from Active Directory to identify the mailbox rights applied to a mailbox +- [EX_Perms Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_perms.md) + – Collects information about permissions applied to the folders within Exchange mailboxes +- [EX_SendAs Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/ex_sendas.md) + – Collects data from Active Directory to identify the Active Directory rights applied to a mailbox diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/ex_admingroups.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/ex_admingroups.md new file mode 100644 index 0000000000..4ab2adf51f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/ex_admingroups.md @@ -0,0 +1,28 @@ +# EX_AdminGroups Job + +The EX_AdminGroups job provides visibility into the direct and effective membership of Exchange +Administrative groups. + +## Analysis Tasks for the EX_AdminGroups Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > +**EX_AdminGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_AdminGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Calculate Effective Membership – Creates the SA_EX_AdminGroups_Membership table accessible + under the job’s Results node +- 01.Rank groups by Size – Creates the SA_EX_AdminGroups_Ranked table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the EX_AdminGroups Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | -------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | +| Exchange Administration Groups | This report shows effective membership for the default Exchange Administration groups. | None | This report is comprised of two elements: - Bar Chart – Displays largest admin groups - Table – Provides membership details | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/ex_mailboxaccess.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/ex_mailboxaccess.md new file mode 100644 index 0000000000..ec4572e852 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/ex_mailboxaccess.md @@ -0,0 +1,65 @@ +# EX_MailboxAccess Job + +The EX_MailboxAccess job provides visibility into access granted to each mailbox in the environment +taking into consideration Mailbox Rights, Active Directory Permissions, Delegation, and Folder +Permissions. + +## Analysis Tasks for the EX_Mailbox Access Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > +**EX_MailboxAccess** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailbox Access Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Regional Send As Rights – Creates the SA_EX_MailboxAccess_SendAs table, accessible under the + job’s Results node +- 01.Regional Full Control Rights – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 02.Regional Delegates – Creates the SA_EX_MailboxAccess_Delegates table, accessible under the + job’s Results node +- 03.Regional Mailbox Permissions – Creates the SA_EX_MailboxAccess_Permissions table, accessible + under the job’s Results node +- 04.Regional Delegated Access – Creates the SA_EX_MailboxAccess_DelegatedAccess table, accessible + under the job’s Results node +- 05.Regional Mailbox Rights – Creates the SA_EX_MailboxAccess_Rights table, accessible under the + job’s Results node +- 06.Missing Anonymous Permissions – Creates the SA_EX_MailboxAccess_MissingAnon table, accessible + under the job’s Results node +- 07.Incorrect Default/Anonymous Rights – Creates the SA_EX_MailboxAccess_DefaultAnonIssues table, + accessible under the job’s Results node +- 08.Expanded Rights – Creates the SA_EX_MailboxAccess_ExpandedRights table, accessible under the + job’s Results node +- 09.Incorrect Default/Anonymous Permissions Summary – Creates the + SA_EX_MailboxAccess_DefaultAnonSummary table, accessible under the job’s Results node +- 10.Permissions Summary – Creates the SA_EX_MailboxAccess_PermissionSummary table, accessible under + the job’s Results node +- 11.Full Control Summary – Creates the SA_EX_MailboxAccess_FullControlSummary table, accessible + under the job’s Results node +- 12.Send As Summary – Creates the SA_EX_MailboxAccess_SendAsSummary table accessible under the + job’s Results node + +The following analysis tasks is selected to export data to the AIC: + +- 13.AIC Import - Export Exchange Permissions – Exports delegates, Send AS rights, mailbox + permissions, and Active Directory rights to the Access Information Center + + **NOTE:** This task sends data to the Access Information Center during future job executions. + See the User Reports and the Group Reports topics in the + [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) + for additional information. + +In addition to the tables and views created by the analysis tasks, the EX_MailboxAccess Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Delegation (Delegates) | This report identifies users where Delegate/Send on Behalf Of rights have been assigned and which objects the users have been given rights to. | None | This report is comprised of two elements: - Bar Chart – Displays top users by number of delegates - Table – Provides details on top users by number of delegates | +| Full Control Access (Mailboxes with Full Control) | This report identifies users with the largest amount of Full Control rights assigned to other individuals. | None | This report is comprised of two elements: - Bar Chart – Displays top users with full control granted - Table – Provides details on top users with full control granted | +| Incorrect Default And Anon Permissions | This report identifies where Default or Anonymous have any role assignment other than **None** or **Free/Busy time**. | None | This report is comprised of three elements: - Bar Chart – Displays top users with incorrect default/anon permissions - Table – Provides details on top users with incorrect default/anon permissions - Table – Provides role details | +| Missing Anonymous Permissions | This report identifies folders where Anonymous permissions are not assigned. | None | This report is comprised of one element: - Table – Provides details on missing anonymous permissions | +| Send As (Send-As Rights) | This report identifies which users have the highest number of users with Send-As rights to their mailbox. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top users by send as rights granted - Table – Provides details on top users by send as right granted - Table – Provides additional details | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/overview.md new file mode 100644 index 0000000000..b1ca854187 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/overview.md @@ -0,0 +1,21 @@ +# Permissions Job Group + +The Permissions job group is comprised of data collection, analysis and reports that focus on access +granted to each mailbox in the environment including, Mailbox Rights, Active Directory Permissions, +Delegation, and Folder Permissions. + +**_RECOMMENDED:_** Schedule the Permissions job group to run weekly on Fridays at 6 PM. + +![Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The job groups and jobs in the Permissions job group are: + +- [0. Collection Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/overview.md) + – Comprised of data collection and analysis that focus on access granted to each mailbox in the + environment including: Mailbox Rights, Active Directory Permissions, Delegation, and Folder + Permissions +- [EX_AdminGroups Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/ex_admingroups.md) + – Provides visibility into the direct and effective membership of Exchange Administrative groups +- [EX_MailboxAccess Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/ex_mailboxaccess.md) + – Provides visibility into access granted to each mailbox in the environment taking into + consideration Mailbox Rights, Active Directory Permissions, Delegation, and Folder Permissions diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/recommended.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/recommended.md new file mode 100644 index 0000000000..5d70bf1cbf --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/recommended.md @@ -0,0 +1,131 @@ +# Recommended Configurations for the 4. Mailboxes Job Group + +Dependencies + +This job group requires the following items to be enabled: + +- Exchange Access Auditing is enabled in the Exchange environment + + - This is required for the Logons Job Group. See the + [Enable Exchange Mailbox Access Auditing](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md#enable-exchange-mailbox-access-auditing) + topic for additional information. + +The following job groups need to be successfully run: + +- **.Active Directory Inventory** Job Group +- **.Entra ID Inventory** Job Group +- **Exchange** > **1. HUB Metrics** Job Group (Optional) + - Provides data on mailbox metrics for on-premises Exchange environments and the last time a + distribution list received mail +- **Exchange** > **2. CAS Metrics** Job Group (Optional) + - Provides data on mailbox staleness for on-premises Exchange environments +- **Exchange** > **8. Exchange Online** > **Mailflow** Job Group (Optional) + - Provides data on distribution list metrics for Exchange Online environments and the last time + a distribution list received mail + +Targeted Hosts + +The **Features** > **EX_Features** job, **Logons** > **0.Collection** job group, **Permissions** > +**0.Collection** job group, and **Sizing** > **0.Collection** job group have been set for Exchange +on-premises to run against: + +- Local host + +This Job Group can target a custom host list for Exchange Online instead of targeting Exchange +on-premises. However, do not try to target both types of environments. + +Connection Profile + +A Connection Profile must be set directly on the collection jobs within each sub-job group: + +- **Features** > **EX_Features** Job +- **Logons** > **0.Collection** > **EX_MailboxActivity** Job +- **Permissions** > **0. Collection**: + + - EX_Delegates Job + - EX_MBRights Job + - EX_Perms Job + - EX_SendAs Job + +- **Sizing** > **0. Collection** > **EX_MBSize** Job + +See the +[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) +topic for the required permissions. See the +[Exchange Custom Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/configurejob.md) +topic for additional information. + +Schedule Frequency + +It is not recommended to run these jobs at the 4. Mailboxes job group level. The Logons sub-job +group and Sizing job group have been designed to run daily. The Features sub-job group and +Permissions job group have been designed to run weekly. See the table for recommended times: + +| Job Group Name | Frequency | Recommended Time | +| -------------- | --------- | ----------------------------------- | +| Logons | Daily | 4 AM | +| Sizing | Daily | 7 PM | +| Features | Weekly | No recommendation, run when desired | +| Permissions | Weekly | Fridays at 6 PM | + +History Retention + +History retention should not be enabled on this job group. History is kept through analysis tasks. +Modify the following analysis tasks to customize the amount of history which is kept: + +| Job Name | Analysis Task Name | Default History | +| ----------------- | --------------------- | --------------- | +| EX_DMailboxLogons | SET HISTORY RETENTION | 6 Months | +| EX_MailboxSizes | SET HISTORY RETENTION | 6 Months | + +Query Configuration + +The 4. Mailboxes job group is designed to be run with the default query configurations. However, the +following queries can be modified: + +- **Features** > **EX_Features** Job – **User Mailbox Settings** Query +- **Logons** > **0.Collection** > **EX_MailboxActivity** Job – **Exchange Mailbox Logons** Query +- **Permissions** > **0. Collection** > **EX_Delegates** Job – **Delegates** Query +- **Permissions** > **0. Collection** > **EX_MBRights** Job – **Mailbox Rights** Query +- **Permissions** > **0. Collection** > **EX_Perms** Job – **Exchange Mailbox Permissions** Query +- **Permissions** > **0. Collection** > **EX_SendAs** Job – **Send AS - Rights** Query +- **Sizing** > **0. Collection** > **EX_MBSize** Job – **Mailbox Counts and Sizes** Query + +No other queries should be modified. + +Analysis Configuration + +The 4. Mailboxes job group should be run with the default analysis configurations. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or +deselected. There are some tasks that are deselected by default, as they are for troubleshooting +purposes. + +The following analysis tasks should not be deselected, but their parameters can be modified: + +- **Logons** > **EX_MailboxLogons** Job – **03.SET HISTORY RETENTION** Analysis Task +- **Sizing** > **EX_MailboxSizes** Job – **02.SET HISTORY RETENTION** Analysis Task + +The following analysis tasks is enabled to send Exchange mailbox permission data to the +Netwrix Access Information Center: + +- **Permissions** > **EX_MailboxAccess** Job – **13.AIC Import - Export Exchange Permissions** + Analysis Task + +Workflow + +**Step 1 –** Set a Connection Profile on the jobs that run data collection. + +**Step 2 –** Schedule the jobs. The following are the recommended schedules: + +- Daily Execution + + - Schedule the **Logons** job group to run daily + - Schedule the **Sizing** job group to run daily + +- Weekly Execution + + - Schedule the **Features** job group to run weekly + - Schedule the **Permissions** job group to run weekly + +**Step 3 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_mailboxsizes.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_mailboxsizes.md new file mode 100644 index 0000000000..264c3f16e8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_mailboxsizes.md @@ -0,0 +1,55 @@ +# EX_MailboxSizes Job + +The EX_MailboxSizes job provides analysis and reporting around mailbox sizing and growth. + +#### Analysis Tasks for the EX_Mailbox Sizes Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Sizing** > +**EX_MailboxSizes** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailbox Sizes Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp) + +The following analysis tasks are selected by default: + +- 01.Update or Create Details Table – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 02.Regional Track Mailbox Size History – Creates an interim processing table in the database for + use by downstream analysis and report generation +- 03.SET HISTORY RETENTION – Sets retention period in months + + - The default is 6 months. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +- 04.Store History – Creates the SA_EX_MailboxSizes_StoreHistory table, accessible under the job’s + Results node +- 05.Current Sizes – Creates the SA_EX_MailboxSizes_CurrentSnapshot table, accessible under the + job’s Results node +- 06.Dumpster Sizes – Creates the SA_EX_MailboxSizes_DumpstersByStore table, accessible under the + job’s Results node +- 07.Current Store Size – Creates the SA_EX_MailboxSizes_CurrentStoreSize table, accessible under + the job’s Results node + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00.Delete All Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database: + +- 00.Delete All Data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_MailboxAccess Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Largest Recoverable Items Folder (Dumpster) (Dumpster Sizes by User) | This report identifies users with the largest Recoverable Items folder (dumpster). | None | This report is comprised of two elements: - Bar Chart – Displays users with largest Recoverable Items folders - Table – Provides details on user Recoverable Items folders | +| Largest Mailboxes (Top Users by Mailbox Size) | This report identifies users with the largest mailboxes. | None | This report is comprised of two elements: - Bar Chart – Displays users with the largest mailboxes - Table – Provides details on users with largest mailboxes | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_mbsize.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_mbsize.md new file mode 100644 index 0000000000..e9529edf17 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_mbsize.md @@ -0,0 +1,28 @@ +# 0.Collection > EX_MBSize Job + +The EX_MBSize job collects information from the Exchange environment about the mailbox sizes in the +environment. + +![0.Collection > EX_MBSize Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The EX_MBSize job is located in the 0.Collection job group. + +## Queries for the EX_MBSize Job + +The EX_MBSize Job uses the ExchangePS Data Collector. + +![Queries for the EX_MBSize Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/mbsizequery.webp) + +The following query is included in the EX_MBSize Job: + +- Mailbox Counts and Sizes – Identifies the Active Directory rights applied to a mailbox + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) + topic for credential requirements. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_stalemailboxes.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_stalemailboxes.md new file mode 100644 index 0000000000..810e7ff451 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_stalemailboxes.md @@ -0,0 +1,30 @@ +# EX_StaleMailboxes Job + +The EX_StaleMailboxes job provides analysis and reporting around orphaned and stale mailboxes. + +## Analysis Tasks for the EX_StaleMailboxes Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Sizing** > +**EX_StaleMailboxes** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_StaleMailboxes Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Mailbox Orphans – Creates the SA_EX_StaleMailboxes_Orphans table, accessible under the job’s + Results node +- 2. Stale User Mailboxes – Creates the SA_EX_StaleMailboxes_Details table, accessible under the + job’s Results node +- 3. Organization Summary – Creates the SA_EX_StaleMailboxes_OrgSummary table, accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the EX_StaleMailboxes Job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Orphaned Mailboxes | Orphaned Mailboxes do not have an Active Directory account associated with them, and generally can be safely deleted. | None | This report is comprised of three elements: - Bar Chart – Displays orphan mailbox storage - Table – Provides details on all orphaned mailboxes - Table – Provides details on orphan mailbox storage | +| Stale Users (Mailboxes associated with Stale AD Accounts) | This report shows mailboxes which are tied to stale user accounts. | None | This report is comprised of three elements: - Bar Chart – Displays stale user mailboxes - Table – Provides details stale user mailboxes - Table – Provides additional details on stale user mailboxes | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_storesizes.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_storesizes.md new file mode 100644 index 0000000000..a90bdb3de6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_storesizes.md @@ -0,0 +1,29 @@ +# EX_StoreSizes Job + +The EX_StoreSizes job provides analysis and reporting around database sizing based on mailbox sizes. + +## Analysis Tasks for the EX_StoreSizes Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > +**Sizing** > **EX_StoreSizes** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_StoreSizes Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Users Ranked by Store – Creates the SA_EX_StoreSize_UsersByStore table, accessible under the + job’s Results node +- 01.Rank Stores – Creates the SA_EX_StoreSize_Ranked table, accessible under the job’s Results node +- 02.30 Day Growth – Creates the SA_EX_StaleMailboxes_30DayChange table, accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the EX_StoreSizes Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------ | --------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Store Sizes and Growth (Store Sizes) | This report identifies 30 day growth for every mail store within the environment. | None | This report is comprised of two elements: - Bar Chart – Displays fastest-growing mail stores - Table – Provides details on mail stores – percent change | +| Top Users by Store | This report identifies the top users for every mail store. | None | This report is comprised of one element: - Table – Provides details on top users by store | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/overview.md new file mode 100644 index 0000000000..a0bb828943 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/overview.md @@ -0,0 +1,19 @@ +# Sizing Job Group + +The Sizing job group provides data collection, analyses, and reports which focus on mailbox sizing, +growth, and trends. + +**_RECOMMENDED:_** Schedule the Sizing job group to run daily at 4 AM. + +![Sizing Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the Sizing job group are: + +- [0.Collection > EX_MBSize Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_mbsize.md) + – Collects information from the environment about the mailbox sizes in the environment +- [EX_MailboxSizes Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_mailboxsizes.md) + – Provides analysis and reporting around Mailbox sizing and growth +- [EX_StaleMailboxes Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_stalemailboxes.md) + – Provides analysis and reporting around orphaned and Stale Mailboxes +- [EX_StoreSizes Job](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/ex_storesizes.md) + – Provides analysis and reporting around Database Sizing based on Mailbox Sizes diff --git a/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md b/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md deleted file mode 100644 index dbf8f36ab7..0000000000 --- a/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md +++ /dev/null @@ -1,1060 +0,0 @@ -# ActiveSync > EX_ActiveSync Job - -The EX_ActiveSync job provides visibility into ActiveSync Traffic in the Organization. - -![ActiveSync > EX_ActiveSync Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/activesyncjobstree.webp) - -The EX_ActiveSync job is located in the ActiveSync job group. - -## Analysis Tasks for the EX_ActiveSync Job - -View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **ActiveSync** > -**EX_ActiveSync** > **Configure** node and select **Analysis**. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or -deselected. There are some that are deselected by default, as they are for troubleshooting purposes. - -![Analysis Tasks for the EX_ActiveSync Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/activesyncanalysis.webp) - -The following analysis tasks are selected by default: - -- 01b. Active Sync Data – Creates the SA_EX_ActiveSync_Details table, accessible under the job’s - Results node -- 2. Last Week Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation -- 3. User Device History – Creates the SA_EX_ActiveSync_UserDeviceHistory table, accessible under - the job’s Results node -- 4. Device Population – Creates the SA_EX_ActiveSync_DevicePopulation table, accessible under the - job’s Results node -- 5. Users Ranked – Creates the SA_EX_ActiveSync_UsersRanked table accessible, under the job’s - Results node -- 6. Servers Ranked – Creates the SA_EX_ActiveSync_ServersRanked table accessible, under the job’s - Results node -- 7. SET HISTORY RETENTION – Sets retention period in months - - - The default is **6 months**. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#exchange-history-retention) - topic for additional information - -The following analysis task deletes table data from the analysis jobs. This analysis task should -remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Deletes all History** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. Delete all History - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#troubleshooting-data-collection) - topic for additional information - -The following analysis task updates the table to clean the data so that any UserAgent information -that is returned as NULL is updated based on existing data in the table: - -- 01a. Clean NULL UserAgent – Updates UserAgent information which was returned as NULL based on - existing data - -In addition to the tables and views created by the analysis tasks, the EX_ActiveSync Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Device Types (Device Population) | This report identifies what device models are currently being used with ActiveSync, and the average load they put on the environment each day. | None | This report is comprised of two elements: - Bar Chart – Displays most popular devices - Table – Provides details on most popular devices | -| Server Traffic (Top Servers by Average Daily Traffic) | This report ranks CAS servers by volume of ActiveSync traffic. | None | This report is comprised of two elements: - Bar Chart – Displays top users by average daily traffic - Table – Provides details on top users by average daily traffic | -| Top Users (Top Users by Average Daily Traffic) | This report shows the top users of ActiveSync. | None | This report is comprised of two elements: - Bar Chart – Displays top users by average daily traffic - Table – Provides details on top users by average daily traffic | -| User Devices (User Phones) | This report identifies all devices which have been associated with a User, and the time frames when they were used. | None | This report is comprised of one element: - Table – Provides details on user devices | - -# EX_ASPolicies Job - -The EX_ASPolicies Job provides insight into what policies are enabled for which users. - -## Queries for the EX_ASPolicies Job - -The EX_ASPolicies Job uses the ExchangePS Data Collector. - -![Queries for the EX_ASPolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/aspoliciesquery.webp) - -The following query is included in the EX_ASPolicies Job. - -- Exchange Settings – Collects user policy information - - - By default set to search all mailboxes. However, it can be scoped. - - See the [Scope the ExchangePS Data Collector](#scope-the-exchangeps-data-collector) topic for - additional information - -### Scope the ExchangePS Data Collector - -The ExchangePS Data Collector can be scoped if desired. - -Follow the steps to scope the ExchangePS Data Collector: - -**Step 1 –** Navigate to job’s **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the Exchange Settings query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The ExchangePS Data Collector -Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. - -![ExchangePS Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -**Step 4 –** Navigate to the Scope page, and select the desired scoping method from those available. -See the -[ExchangePS: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic -for additional information. - -- Scope by Database – Select the **Scope by Database Target Host: Local Host** option. Then, click - **Next** and identify the desired databases on the Scope by Databases page. See the - [ExchangePS: Scope by DB](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic - for additional information. -- Scope by Mailbox – Select the **Scope by Mailbox Target Host: Local Host** option. Then, click - **Next** and identify the desired mailboxes on the Scope by Mailboxes page. See the - [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic - for additional information. -- Scope by Server – Select the **Scope by Server Target Host: Exchange MB Server** option. The job - returns results for specific servers selected in job’s **Configure** > **Hosts** node. -- Scope by Public Folder – Select the **Scope by Public Folder** option. Then, click **Next** and - identify the desired mailboxes on the Scope by Public Folders page. See the - [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic - for additional information. -- _Remember,_ the scoping options available vary based on the pre-defined query configurations. - -**Step 5 –** Navigate to the Summary page. Click **Finish**. - -The job applies the modification to future job executions. - -## Analysis Tasks for the EX_ASPolicies Job - -View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **EX_ASPolicies** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_ASPolicies Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/aspoliciesanalysis.webp) - -The following analysis task is selected by default: - -- 1. Update Nulls – Updates the NULLs in the table to show information - -In addition to the tables and views created by the analysis task, the EX_ASPolicies Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------- | -| User ActiveSync Policies (ActiveSync Settings) | Exchange introduced many ActiveSync policies and settings which can be applied to users. This report identifies which users have these settings enabled. | None | This report is comprised of two elements: - Pie Chart – Displays ActiveSync Policies - Table – Provides details ActiveSync Policies | - -# 0.Collection > EX_IISLogs Job - -The 0.Collection > EX_IISLogs Job provides data collection to be utilized in the ActiveSync, Outlook -Web Access, and Outlook Anywhere Reports. This job goes out to each server that contains the -IIS Logs and parses the log to return the data to the Enterprise Auditor database. - -![0.Collection > EX_IISLogs Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The EX_IISLogs job is located in the 0.Collection Job Group. - -## Queries for the EX_IISLogs Job - -The EX_IISLogs Job uses the SMARTLog Data Collector. - -![Queries for the EX_IISLogs Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/iislogsquery.webp) - -The following query is included in the EX_IISLogs Job: - -- IIS Logs – Collects IIS Logs - - - By default set to process log files for the last 3 days. This time frame can be modified - - See the [Configure the IIS Logs Query](#configure-the-iis-logs-query) topic for additional - information - -### Configure the IIS Logs Query - -The EX_IISLogs Job has been preconfigured to run with the default settings with the Log Type of -Internet Information Server Log. However, the time frame for the log files to be processed can be -modified on the Target Log page of the SMART Log DC Wizard. See the -[SMARTLog Data Collector](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/overview.md) -topic for additional information. - -Follow the steps to modify the query configuration. - -**Step 1 –** Navigate to the **Exchange** > **2. CAS Metrics** > **0. Collection** > -**EX_IISLogs** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The SMART Log DC Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The other wizard pages are pre-configured for this -job. - -![SMART Log DC Wizard Target Log page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/smartlogdctargetlog.webp) - -**Step 4 –** Navigate to the Target Log page, and configure the time frame as required. See the -[SMARTLog: Target Log](/docs/accessanalyzer/11.6/accessanalyzer/admin/datacollector/smartlog/targetlog.md) -topic for additional information. - -_Remember,_ if the date range configuration includes data older than the last scan, the **Persist -Log State** checkbox on the Log State page must be disabled. - -**Step 5 –** Navigate to the Summary page. Click **Finish**. - -The EX_IISLogs Job applies the modifications to future job executions. - -# Outlook Web Access > EX_OWATraffic Job - -The EX_OWATraffic Job provides visibility into Outlook Web Access Traffic in the organization. - -![Outlook Web Access > EX_OWATraffic Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp) - -The EX_OWATraffic job is located in the Outlook Web Access Job Group. - -## Analysis Tasks for the EX_OWATraffic Job - -View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **Outlook Web -Access** > **EX_OWATraffic** > **Configure** node and select **Analysis**. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified ordeselected. -There is one that is deselected by default, as it is for troubleshooting purposes. - -![Analysis Tasks for the EX_OWATraffic Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/owatrafficanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. OWA Traffic – Creates the SA_EX_OWATraffic_Details table, accessible under the job’s Results - node -- 2. User Summary – Creates the SA_EX_OWATraffic_UserSummary table, accessible under the job’s - Results node -- 3. Server View – Creates the SA_EX_OWATraffic_ServerSummary table, accessible under the job’s - Results node -- 4. Server View – Creates the SA_EX_OWATraffic_ServerRanked table, accessible under the job’s - Results node -- 5. SET HISTORY RETENTION – Sets retention period in months - - - By default it is set to retain 6 months. This can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#exchange-history-retention) - topic for additional information - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Delete all History** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. Deletes all History - LEAVE UNCHECKED – Clears all historical data - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_OWATraffic Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------------- | -------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Top Servers by Average Load | This report shows servers with the highest average load. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by average daily user count - Table – Provides details on top servers by average daily user count | -| Top Users (Outlook Web Access Traffic) | This report identifies top users of OWA. | None | This report is comprised of two elements: - Bar Chart – Displays top users - Table – Provides details on top users | - -# Outlook Anywhere > EX_RPCTraffic Job - -The EX_RPCTraffic job provides visibility into Outlook Anywhere or RPC\HTTPs Traffic in the -organization. - -![Outlook Anywhere > EX_RPCTraffic Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/outlookanywherejobstree.webp) - -The EX_RPCTraffic job is located in the Outlook Anywhere job group. - -## Analysis Tasks for the EX_RPCTraffic Job - -View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **Outlook -Anywhere** > **EX_RPCTraffic** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_RPCTraffic Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/rpctrafficanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. RPC View – Creates the SA_EX_RPCTraffic_Details table, accessible under the job’s Results - node -- 2. User Summary – Creates the SA_EX_RPCTraffic_UserSummary table, accessible under the job’s - Results node -- 3. Server View – Creates the SA_EX_RPCTraffic_ServerSummary table, accessible under the job’s - Results node -- 4. Servers Ranked – Creates the SA_EX_RPCTraffic_ServerRanked table, accessible under the job’s - Results node -- 5. SET HISTORY RETENTION – Sets retention period in months - - - The default is 6 months. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#exchange-history-retention) - topic for additional information - -The following analysis tasks deletes table data from data collection and analysis jobs. These -analysis tasks should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Delete all History** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. Delete all History - LEAVE UNCHECKED – Clears all historical data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_RPCTraffic Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------------------------------------------- | -------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Top Servers by Average Load ( Top Servers by Average Daily User Count) | This report shows servers with the highest average load. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top servers by average daily user count - Table – Provides details on top servers by average daily user count | -| Top Users (Outlook Anywhere Traffic) | This report identifies top users of Outlook Anywhere. | None | This report is comprised of two elements: - Bar Chart – Displays top users - Table – Provides details on top users | - -# 2.CAS Metrics Job Group - -The 2. CAS Metrics Job Group is comprised of data collection, analysis and reports that focus on -remote connections (Outlook Web Access, ActiveSync, and Outlook Anywhere Access) occurring within -your organization. This job group goes out to each server that contains the IIS Logs and parses the -logs to return the data to the Enterprise Auditor database. - -![2.CAS Metrics Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 2.CAS Metrics Job Group are: - -- [0.Collection > EX_IISLogs Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides data collection to be utilized in the ActiveSync, Outlook Web Access, and Outlook - Anywhere Reports. This job group goes out to each server that contains the IIS Logs and parses the - logs to return the data to the Enterprise Auditor database. -- [ActiveSync > EX_ActiveSync Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides visibility into ActiveSync Traffic in the Organization -- [Outlook Anywhere > EX_RPCTraffic Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides visibility into Outlook Anywhere or RPC\HTTPs Traffic in the organization -- [Outlook Web Access > EX_OWATraffic Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides visibility into Outlook Web Access Traffic in the organization -- [EX_ASPolicies Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Comprised of data collection and a report to show information about what policies are enabled - for which users - - **NOTE:** An actual CAS name is required for the data collection. When targeting Exchange 2013 - or 2016, it is possible for the **Settings** > **Exchange** node to have been configured with a - web address instead of an actual server. See the - [ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/11.6/solutions/exchange/recommended-reports.md) - topic for additional information. - -# Recommended Configurations for the 2. CAS Metrics Job Group - -Dependencies - -The following job groups need to be successfully run: - -- .Active Directory Inventory Job Group -- .Entra ID Inventory Job Group - -Targeted Hosts - -The 0. Collection Job Group has been set to run against the following default dynamic host list: - -- Exchange CAS Servers - -The EX_ASPolicies Job has been set to run against the following default dynamic host list: - -- Exchange MB Servers - -**NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which meet -the host inventory criteria for the list. Ensure the appropriate host lists have been populated -through host inventory results. - -**_RECOMMENDED:_** Modify hosts lists only in the 0. Collection Job Group or EX_ASPolicies Job. - -Connection Profile - -A Connection Profile must be set directly on the EX_IISLogs Job and the EX_ASPolicies Job. - -See the -[Exchange Remote Connections Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for the EX_IISLogs Job required permissions. See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for the EX_ASPolicies Job requirements. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -This job group has been designed to run daily one hour after the 1.HUB Metrics Job Group to process -and collect the previous day’s message tracking logs. - -**_RECOMMENDED:_** Run this Job Group at 2:00 AM. - -History Retention - -History retention should not be enabled on this job group. History is kept through analysis tasks. -Modify the following analysis tasks to customize the amount of history which is kept. - -| Job Name | Analysis Task Name | Default History | -| ------------- | --------------------- | --------------- | -| EX_ActiveSync | SET HISTORY RETENTION | 6 Months | -| EX_RPCTraffic | SET HISTORY RETENTION | 6 Months | -| EX_OWATraffic | SET HISTORY RETENTION | 6 Months | - -Query Configuration - -The 2. CAS Metrics Job Group is designed to be run with the default query configurations. However, -the following queries can be modified: - -- **0. Collection** > **EX_IISLogs** Job – **IIS Logs** Query -- **EX_ASPolicies** Job – **Exchange Settings** Query - -No other queries should be modified. - -Analysis Configuration - -The 2. CAS Metrics Job Group should be run with the default analysis configurations. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or -deselected. There are some that are deselected by default, as they are for troubleshooting purposes. - -The following analysis tasks should not be deselected, but their parameters can be modified: - -- **ActiveSync** > **EX_ActiveSync** Job – **07. SET HISTORY RETENTION** Analysis Task -- **Outlook Anywhere** > **EX_RPCTraffic** Job – **05. SET HISTORY RETENTION** Analysis Task -- **Outlook Web Access** > **OWATraffic** Job – **05. SET HISTORY RETENTION** Analysis Task - -Workflow - -**Step 1 –** Set a Connection Profile on the jobs which run data collection. - -**Step 2 –** Ensure the prerequisite **1. HUB Metrics** job group is successfully executed. - -**Step 3 –** Schedule the **2. CAS Metrics** job group to run daily one hour after running the 1. -HUB Metrics job group. - -**_RECOMMENDED:_** Run Job group at 2:00 AM. - -**Step 4 –** Review the reports generated by the jobs. - -# .AppletStatusCheck Job - -The .AppletStatusCheck Job checks the health and status of the applet deployed to the target -Exchange servers. - -## Queries for the .AppletStatusCheck Job - -The .AppletStatusCheck Job uses the Script Data Collector. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Queries for the .AppletStatusCheck Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp) - -The following query is included with the .AppletStatusCheck Job: - -- Terminate Process – Terminates the metrics applet process - -# EX_MetricsCollection Job - -The EX_MetricsCollection Job is comprised of multiple queries that utilize the ExchangeMetrics Data -Collector to process and collect the message tracking logs on the Exchange servers in the -environment. These queries collect server, domain, user, and distribution list traffic including but -not limited to: sent, received, journal, NDRs, and transports messages. These queries are configured -to process and collect that previous 7 days of Message Tracking Logs the first time this job is run, -after that it only collects the previous day unless the **Enable Persistent Log State** option has -been enabled in the query. - -**_RECOMMENDED:_** Run this job with the default configuration settings for all queries. - -See the -[ExchangeMetrics Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -## Queries for the EX_MetricsCollection Job - -The EX_MetricsCollection Job uses the ExchangeMetrics Data Collector. - -![Queries for the EX_MetricsCollection Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp) - -The following queries are included in the EX_MetricsCollection Job: - -- Server Metrics – Collects server metrics -- User Metrics – Collects user metrics -- Internet Traffic Metrics – Collects internet traffic metrics -- Distribution List Metrics – Collects distribution list metrics -- Message Size Metrics – Collects message size metrics -- Delivery Time – Collects delivery times metrics -- Hourly Statistics – Collects server metrics - -## Analysis Tasks for the EX_MetrixCollection Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **0. Collection** > -**EX_MetricsCollection** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_MetrixCollection Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Delivery Times History – Creates the SA_ExhangeMetrics_DeliveryTimes table, accessible under - the job’s Results node -- 2. DL History – Creates the SA*EX* ExhangeMetrics_DistributionLists table, accessible under the - job’s Results node -- 3. Internet Traffic History – Creates the SA_EX_ExhangeMetrics_InternetTraffic table, accessible - under the job’s Results node -- 4. Hourly Traffic History – Creates the SA_EX_ExhangeMetrics_HourlyTraffic table, accessible - under the job’s Results node -- 5. User Traffic History – Creates the SA_EX_ExhangeMetrics_UserTraffic table, accessible under - the job’s Results node -- 6. Message Size History – Creates the SA_EX_ExhangeMetrics_MessageSize table, accessible under - the job’s Results node -- 7. Server Traffic History – Creates the SA_EX_ExhangeMetrics_ServerTraffic table, accessible - under the job’s Results node -- 8. SET HISTORY RETENTION – Sets retention period in months - - - By default set to retain **6 months** - - This retention period can be modified. See the - [Exchange History Retention](#exchange-history-retention) topic for additional information. - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain deselected unless specifically needed: - -**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. Deletes all Stored Data - LEAVE UNCHECKED – Clears all historical data - - - See the [Troubleshooting Data Collection](#troubleshooting-data-collection) topic for - additional information - -## Exchange History Retention - -The **08. SET HISTORY RETENTION** analysis task controls the retention period for the job’s data. -This is why the Data Retention Period options at the global, job group, or job Properties settings -are not supported for the job group. The number of months can be modified. If desired, the parameter -can be set to a specified number of days. Follow these steps to modify the history retention period. - -**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. - -![08. SET HISTORY RETENTION task in the Analysis Selection view](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp) - -**Step 2 –** In the Analysis Selection view, select the **08. SET HISTORY RETENTION** analysis task -and click **Analysis Configuration**. The SQL Script Editor opens. - -![History Retention task in SQL Script Editor](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp) - -**Step 3 –** To modify the number of months: On line 6, modify the value for the months parameter: - -Skip to Step 5. - -**Step 4 –** To change the period parameter from months to days: - -- Comment out lines 4, 6, and 8 which contain the months parameter. To comment out a line add `--` - preceding it. The months parameter section should be as follows: - - ``` - --Sets Retention Period in Months - --Declare @Months Float - --To Change the numbers of months to keep, Modify this value - --set @Months = 6 - --Creates RetentionPeriod to be utilize in Where Clause - --Set @RetentionPeriod = CAST(DATEADD(MM, -@Months, GETDATE()) AS DATE) - ``` - -- Uncomment out (remove `--` from) lines 12, 13, and 14 (which contain the days parameter). The days - parameter section should be as follows: -- If desired, modify the number of days on line 13. The default days parameter is set to 30 days. - -**Step 5 –** Click **Save and Close**. The SQL Script Editor closes. - -The modified history retention period is now applied during future job executions. - -## Troubleshooting Data Collection - -There might be times when it is necessary to purge the data either through dropping the tables from -the database or truncating the data within the tables. This option is provided through ananalysis -task that is not selected by default. Only one analysis task within a job should be enabled when the -desire is to purge that database. - -**CAUTION:** This analysis task deletes information collected or produced by jobs in this solution. - -Follow these steps to troubleshoot data collection: - -**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. - -![Troubleshooting task selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp) - -**Step 2 –** In the Analysis Selection view, clear all default analysis tasks (if any) and select -the analysis task which purges data. - -_Remember,_ only one task should be selected. - -**Step 3 –** In the Navigation pane, right-click the **Analysis** node and select **Execute -Analyses**. - -**Step 4 –** After the analysis task has been executed, return to the Analysis Selection view. -Deselect the analysis task which was executed and reselect the default analysis tasks (if any had -been cleared in Step 2). - -The selected purge of data and tables has taken place, and the analysis tasks have been reset to the -default state. - -# EX_MetricsDetails Job - -The EX_MetricsDetails Job collects daily user-to-user Traffic. Walk through this jobs query to -configure the internal domains to collect the sender to recipient traffic from. By default, the -query is configured to collect the previous 1 day of Message Tracking Logs and has @netwrix.com -configured as the domain. If the domains are not configured in the query, then most likely data -collection does not return. - -## Queries for the EX_MetricsDetails Job - -The EX_MetricsDetails Job uses the ExchangeMetrics Data Collector. - -![Queries for the EX_MetricsDetails Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp) - -The following query is included in the EX_MetricsDetails Job: - -- Activity metrics – Collects user to user traffic per day - - - Domains must be configured for data collection to return data - - See the [Configure the Activity Metrics Query](#configure-the-activity-metrics-query) topic - for additional information - -### Configure the Activity Metrics Query - -The Activity Metrics Query has been preconfigured to run with the ExchangeMetrics Data Collector to -collect user traffic per day. The domains must be configured for data collection to return data. - -Follow the steps to configure the Activity Metrics Query. - -**Step 1 –** Navigate to the **Exchange** > **1. HUB Metrics** > **0. Collection** > -**EX_MetricsDetails** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the Activity metrics Query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Exchange Metrics Data -Collector Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. - -![Exchange Metrics Data Collector Wizard Message Activity Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp) - -**Step 4 –** Navigate to the -[ExchangeMetrics: Message Activity Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -page to configure the internal domains from which to collect the sender to recipient traffic. The -filter should remain **Ends With**. Replace the `@netwrix.com` variable for both the **Senders** and -**Recipients** with the `@domain.com` variable to be audited. - -**Step 5 –** Navigate to the Summary page and click **Finish**. - -The EX_MetricsDetails Job returns data for the identified sender and recipient domains. - -## Analysis Tasks for the EX_MetricsDetails Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **0. Collection** > -**EX_MetricsDetails** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_MetricsDetails Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. User to User Traffic History – Creates the SA_EX_ExhangeMetrics_MessageTraffic table - accessible under the job’s Results node -- 2. SET HISTORY RETENTION – Sets retention period in months - - - By default set to retain **6 months** - - This retention period can be modified. See the - [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#exchange-history-retention) - topic for additional information. - -The following analysis task clears table data from data collection and analysis jobs. This analysis -task should remain deselected unless specifically needed: - -**CAUTION:** Do not select the **00. DROP HISTORY** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. DROP HISTORY - LEAVE UNCHECKED – Clears all historical data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#troubleshooting-data-collection) - topic for additional information - -# 0. Collection Job Group - -The 0.Collection Job Group is comprised of jobs that process and analyze the message tracking logs -on the Exchange Servers in the environment. - -![jobstree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 0.Collection Job Group are: - -- [AppletStatusCheck Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Checks the health and status of the applet deployed to the target Exchange servers -- [EX_MetricsCollection Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Comprised of multiple queries that utilize the Exchange Metrics Data Collect to process and - collect the message tracking logs on the Exchange servers in the environment. These queries - collect server, domain, user, and distribution list traffic including but not limited to sent, - received, journal, NDRs, and transports message. These queries are configured to process and - collect that previous 7 days of Message Tracking Logs the first time this job is run, after that - it only collects the previous day assuming persistence has not been disabled inside the query. -- [EX_MetricsDetails Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Collects user to user traffic per day - - **NOTE:** This job's query needs to be configured to the internal domains from which to collect - the sender to recipient traffic. By default, the query is configured to collect the previous 1 - day of Message Tracking Logs and has @netwrix.com configured as the domain. If the domains are - not configured in the query, then most likely data collection does not return. - -# EX_DeliveryTimes Job - -The EX_DeliveryTimes Job provides information around organizational and server-level delivery times. - -## Analysis Tasks for the EX_DeliveryTimes Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > -**EX_DeliveryTimes** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_DeliveryTimes Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/deliverytimesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Server SLA – Creates the SA_EX_DeliveryTimes_ServerSLA table, accessible under the job’s - Results node -- 2. Org SLA – Creates the SA_EX_DeliveryTimes_OrgSLA table, accessible under the job’s Results - node -- 3. Org pivot – Creates the SA_EX_DeliveryTimes_OrgDeliveryByCount table, accessible under the - job’s Results node -- 4. Org By Volume – Creates the SA_EX_DeliveryTimes_OrgDeliveryByVolume table, accessible under - the job’s Results node -- 5. Org Delivery By Count Last 30 Days – Creates the SA_EX_DeliveryTimes_OrgDeliveryByCountLast30 - table, accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the EX_DeliveryTimes Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | --------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Delivery Times | This report highlights delivery times overall and by server to identify potential issues with SLAs. | None | This report is comprised of three elements: - Line Chart – Displays percent of mail delivered by time frame (last 30 days) - Table – Provides details on mail delivered by time frame - Table – Provides details on percentage of mail delivered in under 1 minute | - -# EX_DLMetrics Job - -The EX_DLMetrics Job provides information around distribution list usage. - -## Analysis Tasks for the EX_DLMetrics Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **EX_DLMetrics** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_DLMetrics Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/dlmetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. DL Metrics – Creates the SA_EX_DLMetrics_Details table, accessible under the job’s Results - node -- 2. Historical Metrics – Creates the SA_EX_DLMetrics_HistoricalStatistics table, accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the EX_DLMetrics Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------------------------ | ------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Distribution Lists by Message Count (Most Active DLs by Message Count) | This report identifies the most active distribution lists by count of messages sent. | None | This report is comprised of two elements: - Bar Chart – Displays top distribution lists by message count (last 30 days) - Table – Provides details on top distribution lists by message count (last 30 days) | -| Distribution Lists by Message Volume (Most Active DLs by Message Volume) | This report identifies the most active distribution lists by volume of messages sent. | None | This report is comprised of two elements: - Bar Chart – Displays top distribution lists by message volume (last 30 days) - Table – Provides details on distribution lists by message volume (last 30 days) | - -# EX_DomainMetrics Job - -The EX_DomainMetrics Job provides information about where the domain’s mail flow is going to and -coming from. - -## Analysis Tasks for the EX_DomainMetrics Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > -**EX_DomainMetrics** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_DomainMetrics Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/domainmetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. External Domain Traffic - Count – Creates the SA_EX_DomainMetrics_Count table, accessible - under the job’s Results node -- 2. External Domain Traffic - Volume – Creates the SA_EX_DomainMetrics_Volume table, accessible - under the job’s Results node - -In addition to the tables and views by the analysis tasks, the EX_DomainMetrics Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------------- | -------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Top External Domains by Message Count (Top External Domains) | This report identifies which external domains have the largest traffic flow between organizations. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays access by team - Table – Provides a database access summary - Table – Provides database access details | -| Top External Domains by Message Volume (Top External Domains) | This report identifies which external domains have the largest traffic flow between orgs. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top domain by message count (30 days) - Table – Provides details on top domain by message count (30 days) | - -# EX_HourlyMetrics Job - -The EX_HourlyMetrics Job provides visibility into how much mail-flow the organization sends and -receives each hour. - -## Analysis Tasks for the EX_HourlyMetrics Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > -**EX_HourlyMetrics** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_HourlyMetrics Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Server Averages – Creates the SA_EX_HourlyMetrics_ServerAverages table, accessible under the - job’s Results node -- 2. Org Averages – Creates the SA_EX_HourlyMetrics_OrgAverages table, accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the EX_HourlyMetrics Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Hourly Traffic (Average Hourly Traffic) | This report identifies which hours during the day have the most traffic by count of messages. | None | This report is comprised of two elements: - Column Chart – Displays average hourly traffic by enterprise - Table – Provides details on average hourly traffic by server | -| Hourly Volume (Average Hourly Volume) | This report identifies which hours during the day have the most traffic by volume of messages. | None | This report is comprised of two elements: - Column Chart – Displays average hourly volume (MB) - Table – Provides details on server averages | - -# EX_MessageSize Job - -The EX_MessageSize Job provides information around the size of sent and received messages. - -## Analysis Tasks for the EX_MessageSize Job - -View the analysis task by navigating to the **Exchange** > **1. HUB Metrics** > **EX_MessageSize** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_MessageSize Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/messagesizeanalysis.webp) - -The following analysis task is selected by default: - -- 1. Message Size by Server – Creates the SA_EX_MessageSize_HostSummary table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis task, the EX_MessageSize Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | ------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Message Size | This report identifies servers which handle the largest mail. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by average message size (KB) - Table – Provides details on average message size by server (KB) | - -# EX_ServerMetrics Job - -The EX_ServerMetrics Job provides visibility into server mail flow statistics, such as, sent, -received, journaling, transport, and NDR counts and sizes. - -## Analysis Tasks for the EX_ServerMetrics Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > -**EX_ServerMetrics** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_ServerMetrics Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/servermetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Transport – Creates the SA_EX_ServerMetrics_Transport table, accessible under the job’s - Results node -- 2. NDRs – Creates the SA_EX_ServerMetrics_NDRs table, accessible under the job’s Results node -- 3. Journaling – Creates the SA_EX_ServerMetrics_Journaling table, accessible under the job’s - Results node -- 4. Yesterday – Creates the SA_EX_ServerMetrics_Yesterday table, accessible under the job’s - Results node -- 5. Last 7 Days – Creates the SA_EX_ServerMetrics_Last7Days table, accessible under the job’s - Results node -- 6. Last 30 Days – Creates the SA_EX_ServerMetrics_Last30Days table, accessible under the job’s - Results node -- 7. Historical Statistics – Creates the SA_EX_ServerMetrics_HistoricalStatistics table, - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the EX_ServerMetrics Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------- | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Journaling (Journaling Traffic) | This report summarizes journaling message traffic across the organization. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by journaling messages (last 30 days) - Table – Provides details on top servers by journaling messages (last 30 days) | -| NDRs (Exchange NDRs) | This report shows NDR counts broken down by server. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by NDRs (last 30 days) - Table – Provides details on top servers by NDRs (last 30 days) | -| Server Traffic (Top Servers by Traffic) | This report summarizes server traffic across the organization for the Last 30 Days. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top servers by total traffic - Table – Provides details top servers by total traffic | -| Transport (Transport Messages) | This report summarizes transport messages across the exchange organization. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by transport messages (last 30 days) - Table – Provides details on top servers by transport messages (last 30 days) | - -# EX_UserMetrics Job - -The EX_UserMetrics Job provides information around each users mail-flow in the organization. - -## Analysis Tasks for the EX_UserMetrics Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > -**EX_UserMetrics** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_UserMetrics Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/usermetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. User Metrics - Volume – Creates the SA_EX_UserMetrics_Volume table, accessible under the - job’s Results node -- 2. User Metrics - Count – Creates the SA_EX_UserMetrics_Count table, accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the EX_UserMetrics Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------- | ----------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Top Receivers by Message Count | This report identifies users who have received the most messages. | None | This report is comprised of two elements: - Bar Chart – Displays top receivers by message count (last 30 days) - Table – Provides details on top receivers by message count (last 30 days) | -| Top Receivers by Message Volume | This report identifies users who have received the most mail by total volume. | None | This report is comprised of two elements: - Bar Chart – Displays top receivers by message volume (last 30 days) - Table – Provides details on top receivers by message volume (last 30 days) | -| Top Senders by Message Count | This report identifies users who have sent the most mail. | None | This report is comprised of two elements: - Bar Chart – Displays top senders by message count (last 30 days) - Table – Provides details on top senders by message count (last 30 days) | -| Top Senders by Message Volume | This report identifies users who have sent the most mail by total volume. | None | This report is comprised of two elements: - Bar Chart – Displays top senders by message volume (last 30 days) - Table – Provides details on top senders by message volume (last 30 days) | - -# 1.HUB Metrics Job Group - -The 1. HUB Metrics Job Group is comprised of data collection, analysis and reports that focus on -mail-flow activity occurring within your organization. This job group goes out to each server that -contains the Message Tracking Logs and parse the log to return the data to the Enterprise Auditor -database. - -![1.HUB Metrics Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following job groups and jobs comprise the 1. HUB Metrics Job Group: - -- [0. Collection Job Group](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Comprised of jobs that process and analyze the message tracking logs on the Exchange Servers in - the environment -- [EX_DeliveryTimes Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides information around organizational and server level delivery times -- [EX_DLMetrics Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides information around distribution list usage -- [EX_DomainMetrics Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides information about which domains mail-flow is going to and coming from -- [EX_HourlyMetrics Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides visibility into how much mail-flow the organization sends and receives each hour -- [EX_MessageSize Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides information around size of messages sent and received -- [EX_ServerMetrics Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides visibility into server mail-flow statistics, such as, sent, received, journaling, - transport and NDR counts and sizes -- [EX_UserMetrics Job](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) - – Provides information around each user’s mail-flow in the organization - -# Recommended Configurations for the 1. HUB Metrics Job Group - -Dependencies - -The following Job Groups need to be successfully run: - -- Active Directory Inventory Job Group - -Targeted Hosts - -The 0. Collection Job Group has been set to run against the following default dynamic host lists: - -- Exchange 2016 MB Servers -- Exchange 2013 MB Servers -- Exchange HUB Servers - -**NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which meet -the host inventory criteria for the list. Ensure the appropriate host lists have been populated -through host inventory results. - -**_RECOMMENDED:_** Only modify host lists in the 0. Collection Job Group. - -Connection Profile - -A Connection Profile must be set directly on the EX_MetricsCollection Job and the EX_MetricsDetails -Job. See the -[Exchange Mail-Flow Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for required permissions. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -This job group has been designed to run daily to process and collect the previous day’s message -tracking logs. Run this job after 12:01 AM when the logs on the Exchange servers have rolled over to -the next day. - -**_RECOMMENDED:_** Run this job group at 1:00 AM. - -History Retention - -History retention should not be enabled on this job group. History is kept through analysis tasks. -Modify the following analysis tasks to customize the amount of history which is kept: - -| Job Name | Analysis Task Name | Default History | -| -------------------- | --------------------- | --------------- | -| EX_MetricsCollection | SET HISTORY RETENTION | 6 Months | -| EX_MetricsDetails | SET HISTORY RETENTION | 6 Months | - -See the -[Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#exchange-history-retention) -topic for additional information. - -Query Configuration - -The 1. HUB Metrics Job Group is designed to be run with the default query configurations with the -following exceptions: - -- EX_MetricsDetails Job – The **Activity Metrics** Query requires domains to be configured -- All queries in the 1.HUB Metrics Job Group that use the ExchangeMetrics Data Collector – - (Optional) The **Enable Persistent Log State** option can be enabled on the Options page of the - Exchange Metrics Data Collector Wizard to search the log from where the previous search left off. - See the - [ExchangeMetrics: Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic - for additional information. - -Analysis Configuration - -The 1. HUB Metrics Job Group should be run with the default analysis configurations. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or -deselected. There are a few which are deselected by default, as they are for troubleshooting -purposes. - -The following analysis tasks should not be deselected, but their parameters can be modified: - -- **0. Collection** > **EX_MetricsCollection** Job – **08. SET HISTORY RETENTION** Analysis Task -- **0. Collection** > **EX_MetricsDetails** Job – **02. SET HISTORY RETENTION** Analysis Task - -Workflow - -**Step 1 –** Set a Connection Profile on the jobs that run data collection. - -**Step 2 –** Schedule the **1. HUB Metrics** Job Group to run daily. - -**_RECOMMENDED:_** Run at 1:00 AM. - -**Step 3 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow.md b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow.md new file mode 100644 index 0000000000..a3342c0498 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow.md @@ -0,0 +1,112 @@ +# 0. Collection > EX_Mailflow Job + +The EX_Mailflow job collects message trace data from Office 365. + +![0. Collection > EX_Mailflow Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The EX_Mailflow job is located in the **Mailflow** > **0. Collection** job group. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The EX_Mailflow job has the following configurable parameter: + +- Number of months to keep + +See the [Analysis Tasks for the EX_Mailflow Job](#analysis-tasks-for-the-ex_mailflow-job) topic for +additional information. + +## Queries for the EX_Mailflow Job + +The EX_Mailflow job uses the ExchangePS Data Collector. + +![Queries for the EX_Mailflow Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowqueries.webp) + +The following queries are included in the EX_Mailflow job: + +- MailFlow – Collects Message Tracking data + + - The default is the **Last 7 Days**. It can be modified to a shorter date range + - See the + [Configure the ExchangePS Data Collector for Mail Flow Metrics](#configure-the-exchangeps-data-collector-for-mail-flow-metrics) + topic for additional information + +- LocalDomains – Collects domains local to the Office 365 environment + + **CAUTION:** Do not modify this query. The query is preconfigured for this job. + + - See the + [ExchangePS Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/overview.md) + topic for additional information + +### Configure the ExchangePS Data Collector for Mail Flow Metrics + +The ExchangePS Data Collector configured with the Mail Flow Metrics category can be scoped to +specific report dates. By default, the MailFlow Query is set to report on the Last 7 Days. + +Follow the steps to modify the query configuration: + +**Step 1 –** Navigate to the **Exchange** > **8. Exchange Online** > **0. Collection** > +**EX_Mailflow** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query +Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The ExchangePS Data Collector +Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. + +![ExchangePS Data Collector Wizard Mail Flow page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp) + +**Step 4 –** To modify the report dates, navigate to the Mail Flow page. Set the report data range +as desired. See the +[ExchangePS Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/overview.md) +topic for additional information. + +_Remember,_ the date range must be 7 days or less. + +**Step 5 –** Navigate to the Summary page. Click **Finish**. + +The job applies the modification to future job executions. + +## Analysis Tasks for the EX_Mailflow Job + +View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > **0. +Collection** > **EX_Mailflow** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailflow Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowanalysis.webp) + +The following analysis tasks are selected by default: + +- 01.EX_Mailflow_History – Creates the SA_EX_Mailflow_History table, accessible under the job's + Results node +- 02.Update History Table – Updates the SA_EX_Mailflow_History table, with data from the .Active + Directory Inventory and .Entra ID Inventory solutions to determine local users and distribution + lists +- 3. SET HISTORY RETENTION – Sets retention period in months + + - By default, retention is set to 6 months. This period can be modified. See the + [Parameter Configuration](#parameter-configuration) topic for additional information. + - Alternatively, the `@Months` parameter can be modified in the SQL Script Editor. See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. Deletes all Stored Data - LEAVE UNCHECKED – Deletes all historical data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information diff --git a/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_dl.md b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_dl.md new file mode 100644 index 0000000000..19429eb827 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_dl.md @@ -0,0 +1,28 @@ +# EX_Mailflow_DL Job + +The EX_Mailflow_DL job provides information around distribution list usage. + +## Analysis Tasks for the EX_Mailflow_DL Job + +View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > +**EX_Mailflow_DL** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailflow_DL Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowdlanalysis.webp) + +The following analysis tasks are selected by default: + +- Azure Groups Direct Member Count – Creates the EX_ MailFlow_DL_AzureMemberCount table, accessible + under the job’s Results node. Provides a direct member count for distribution lists from Azure + groups. +- DLs by Count – Creates the EX_ Mailflow_DLsByCount table, accessible under the job’s Results + node. Lists of all distribution lists and how much mail-flow they have received. + +In addition to the tables and views created by the analysis tasks, the EX_Mailflow_DL Jjb produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Top DLs by Received Count | The top distribution lists by total messages received. | None | This report is comprised of two elements: - Bar Chart – Displays top five distribution lists by received count - Table – Provides details on the top five distribution lists by received count | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_domain.md b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_domain.md new file mode 100644 index 0000000000..3b938aac84 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_domain.md @@ -0,0 +1,48 @@ +# EX_Mailflow_Domain Job + +The EX_Mailflow_Domain job provides information about which domain’s mail-flow is going to and +coming from. This job is set to analyze the last 30 days. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The EX_Mailflow_Domain job has the following configurable parameter: + +- Number of days to show in tables and reports + +See the +[Analysis Tasks for the EX_Mailflow_Domain Job](#analysis-tasks-for-the-ex_mailflow_domain-job) +topic for additional information. + +## Analysis Tasks for the EX_Mailflow_Domain Job + +View the analysis task by navigating to the **Exchange** > **8. Exchange Online** > +**EX_Mailflow_Domain** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_Mailflow_Domain Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp) + +The following analysis task is selected by default: + +- Mailflow Domain – Creates the EX_MailFlow_Domain table, accessible under the job’s Results node. + It provides counts for messages sent and received from external domains. + + - By default, the number of days to show in tables and reports is set to 30. This can be + modified. See the [Parameter Configuration](#parameter-configuration) topic for additional + information. + - Alternatively, the `@Days` parameter can be modified in the SQL Script Editor. See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information + +In addition to the tables and views created by the analysis task, the EX_Mailflow_Domain job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ---------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------- | +| Top Domains By Count | Displays top domains by recipient count. | None | This report is comprised of two elements: - Bar Chart – Displays top domains - Table – Provides details on top domains | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md new file mode 100644 index 0000000000..a43ae210b7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md @@ -0,0 +1,62 @@ +# EX_Mailflow_Mailbox Job + +The EX_Mailflow_Mailbox job provides information around each user’s mail flow in the organization. +This job is set to analyze the last 30 days. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The EX_Mailflow_Mailbox job has the following configurable parameter: + +- Number of days to collect counts for – Sets the number of days for the **User Mailboxes By Message + Count** and **User Mailboxes by Message Size** analysis tasks. The default is **30** days. + +See the +[Analysis Tasks for the EX_Mailflow_Mailbox Job](#analysis-tasks-for-the-ex_mailflow_mailbox-job) +topic for additional information. + +## Analysis Tasks for the EX_Mailflow_Mailbox Job + +View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > +**EX_Mailflow_Mailbox** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailflow_Mailbox Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp) + +The following analysis tasks are selected by default: + +- User Message Metrics By Day – Creates the EX_MailFlow_UserByDay table, accessible under the job’s + Results node +- User Mailboxes By Message Count – Creates the EX_MailFlow_UserByCount table, accessible under the + job’s Results node + + - By default, counts are collected for the last 30 days. The number of days can be modified with + the `@Days` parameter. + - See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information + +- User Mailboxes by Message Size – Creates the EX_MailFlow_UserBySize table, accessible under the + job’s Results node + + - By default, sizes are selected for the last 30 days. The number of days can be modified with + the `@Days` parameter. + - See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_Mailflow_Mailbox job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------------------------------------------- | ------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Top Users Message Count by Message ID (Top User Traffic By Message ID) | Displays message counts for users by Message ID. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic by message ID - Table – Provides details on the last 30 days user traffic by message ID | +| Top Users Message Count By Recipient (Top Users Traffic By Recipient) | Displays message counts for users by recipient. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic by recipient - Table – Provides details on the last 30 days user traffic by recipient | +| Top Users Message Size By Message ID (Top Users Traffic Size By Message ID) | Displays message sizes for users by Message ID. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic size by message ID - Table –Details on the last 30 days user traffic size by recipient | +| Top Users Message Size By Recipient (Top Users Traffic Size By Recipient) | Displays message sizes for users by recipient. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic size by recipient - Table – Provides details on the last 30 days user traffic size by recipient | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md new file mode 100644 index 0000000000..12938787cb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md @@ -0,0 +1,45 @@ +# EX_Mailflow_OrgOverview Job + +The EX_Mailflow_OrgOverview job provides information around overall traffic in the organization. +This job is set to analyze the last 30 days. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The EX_Mailflow_OrgOverview job has the following configurable parameter: + +- Number of days of data to display + +See the +[Analysis Tasks for the EX_Mailflow_OrgOverview Job](#analysis-tasks-for-the-ex_mailflow_orgoverview-job) +topic for additional information. + +## Analysis Tasks for the EX_Mailflow_OrgOverview Job + +View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > +**EX_OrgOverview_Mailbox** > **Configure** node and select **Analysis**. + +![Analysis Tasks for the EX_Mailflow_OrgOverview Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp) + +The following analysis task is selected by default: + +- Organization Overview – Creates the EX_MailFlow_OrgOverview table, accessible under the job’s + Results node + + - By default, data for 30 days is displayed. This number of days can be modified by a parameter. + See the [Parameter Configuration](#parameter-configuration) topic for additional information. + - Alternatively, the `@Days` parameter can be modified in the SQL Script Editor. See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information. + +In addition to the tables and views created by the analysis task, the EX_Mailflow_OrgOverview job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Trend By MessageID (Organization Overview) | This report shows an overview of sent and received message statuses for the organization. | None | This report is comprised of two elements: - Line Chart – Displays the last 7 days trend by message ID - Table – Provides details on the last 30 days total traffic by message ID | +| Trend By Recipient | This report shows the trend of sent/received and total traffic by recipient. | None | This report is comprised of two elements: - Line Chart – Displays the last 7 days trend by recipient - Table – Provides details on the last 30 days traffic by recipient | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/overview.md new file mode 100644 index 0000000000..c77878320e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/overview.md @@ -0,0 +1,23 @@ +# Mailflow Job Group + +The Mailbox job group is comprised of jobs that process and analyze the Message Tracking Logs in the +Office 365 environment. This job group parses message tracking and stores the data for analysis and +reporting in the Enterprise Auditor database. + +![Mailflow Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowjobstree.webp) + +The jobs in the Mailflow job group are: + +- [0. Collection > EX_Mailflow Job](/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow.md) + – Collects message trace data from an Office 365 server +- [EX_Mailflow_DL Job](/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_dl.md) + – Comprised of analysis and reports which provide information around distribution list usage +- [EX_Mailflow_Domain Job](/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_domain.md) + – Comprised of analysis and reports which provide information about which domains mail flow is + going to and coming from +- [EX_Mailflow_Mailbox Job](/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md) + – Comprised of analysis and reports which provide information around each user's mail-flow in the + organization +- [EX_Mailflow_OrgOverview Job](/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md) + – Comprised of analysis and reports which provide information around the overall traffic in the + organization diff --git a/docs/accessanalyzer/11.6/solutions/exchange/online/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/online/overview.md new file mode 100644 index 0000000000..18f56959a6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/online/overview.md @@ -0,0 +1,12 @@ +# 8.Exchange Online Job Group + +The 8. Exchange Online job group collects message trace data from Office 365. + +![8.Exchange Online Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The job group in the 8. Exchange Online job group is: + +- [Mailflow Job Group](/docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/overview.md) + – Comprised of Jobs that process and analyze the Message Tracking Logs in the Office 365 + environment. This job group parses message tracking and stores the data for analysis and reporting + in the Enterprise Auditor database. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/online/recommended.md b/docs/accessanalyzer/11.6/solutions/exchange/online/recommended.md new file mode 100644 index 0000000000..f16b0af938 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/online/recommended.md @@ -0,0 +1,83 @@ +# Recommended Configurations for the 8. Exchange Online Job Group + +Dependencies + +The following Enterprise Auditor job groups need to be successfully run: + +- .Active Directory Inventory +- .Entra ID Inventory + +Targeted Hosts + +The Mailflow job group uses Remote PowerShell through the ExchangePS Data Collector and the +PowerShell Data Collector. The host list needs to be set to one of the following: + +- Local Host +- Custom Host List for Exchange Online + + - The host list should include the tenant name of the Microsoft Entra tenant used to connect to + Exchange Online. See the + [Exchange Online Host List](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/configurejob.md#exchange-online-host-list) + topic for additional information. + +Connection Profile + +See the +[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) +topic for the EX_Mailflow job requirements. + +Additionally, the Exchange Online job group needs access to the following Exchange Online URLs to +perform collection: + +- Exchange PowerShell – https://ps.outlook.com/PowerShell +- Autodiscover – https://autodiscover-s.outlook.com/autodiscover/autodiscover.svc +- EWS – https://outlook.office365.com/EWS/Exchange.asmx + +See the +[Exchange Custom Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/configurejob.md) +topic for additional information. + +Schedule Frequency + +This job group has been designed to run daily. + +**_RECOMMENDED:_** Run this job group at 1:00 AM. + +Query Configuration + +The 8. Exchange Online job group is designed to be run with the default query configurations. +However, the following queries can be modified: + +- **Mailflow** > **0. Collection** > **EX_Mailflow** Job – **MailFlow** Query +- **EX_ASPolicies** Job – **Exchange Settings** Query + +No other queries should be modified. + +Analysis Configuration + +The 8. Exchange Online job group should be run with the default analysis configurations. Most of +these analysis tasks are preconfigured and should never be modified or deselected. There are some +that are deselected by default, as they are for troubleshooting purposes. + +The following analysis tasks should not be deselected, but their parameters can be modified: + +- **Mailflow** > **0. Collection** > **EX_Mailflow** Job – **03. SET HISTORY RETENTION** Analysis + Task +- **Mailflow** > **EX_Mailflow_Domain** Job – **Mailflow Domain** Analysis Task +- **Mailflow** > **EX_Mailflow_Mailbox** Job – **User Mailboxes By Message Count** Analysis Task +- **Mailflow** > **EX_Mailflow_Mailbox** Job – **User Mailboxes by Message Size** Analysis Task +- **Mailflow** > **EX_Mailflow_OrgOverview** Job – **Organization Overview** Analysis Task + +Workflow + +**Step 1 –** Set the host on the EX_Mailflow job. + +- The **Mailflow** > **0. Collection** > **EX_Mailflow** job needs to be set to run against one of + the following: + + - Local Host + - Custom Host List + +**Step 2 –** Set a Connection Profile on the jobs which run data collection. + +**Step 3 –** Schedule the 8. Exchange Online job group to run as desired. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/overview.md new file mode 100644 index 0000000000..07c0b29501 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/overview.md @@ -0,0 +1,111 @@ +# Exchange Solution + +The Exchange Solution provides auditing and reporting on multiple aspects of the Exchange +environment to assist with identifying risk, understanding usage, and decreasing bloat. Areas of +focus include Audit and Compliance, Maintenance and Cleanup, Metrics and Capacity, Operations and +Health, Public Folders and Configuration Baseline. Sensitive Data Discovery searches mailboxes and +public folders to discover where sensitive information of any type exists. This requires the +Sensitive Data Discovery Add-on. + +Supported Platforms + +- Exchange Online (Limited) + +- Exchange 2019 (Limited) +- Exchange 2016 (Limited) +- Exchange 2013 +- Exchange 2010 (Limited) + +See the +[Exchange Support and Permissions Explained](/docs/accessanalyzer/11.6/requirements/solutions/exchange/support.md) +topic for additional information. + +Requirements, Permissions, and Ports + +See the +[Target Exchange Servers Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/exchange.md) +and +[Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/exchangeonline.md) +topics for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans.If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host.For example, if the job is configured to scan 8 hosts at a time , then +an extra 16 GB of RAM are required (8x2=16). + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +Location + +The Exchange Solution requires a special Enterprise Auditor license. It can be installed from the +Enterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to +the solution: **Jobs** > **Exchange**. + +Each job group within the solution collects data, analyzes the data, and reports on the target +Exchange environment, with the exception of the 6. Distribution Lists job group that only analyzes +data and generates reports. The EX_UserOverview job runs analysis on the collected data and +generates reports. + +## Job Groups + +The Exchange Solution is divided into categories based upon what is being audited. + +![Exchange Job Group Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The following job groups comprise the Exchange Solution: + +- [1.HUB Metrics Job Group](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/overview.md) + – Comprised of data collection, analysis and reports that focus on mail-flow activity occurring + within your organization. This job group goes out to each server that contains the Message + Tracking Logs and parses the log to return the data to the Enterprise Auditor database. +- [2.CAS Metrics Job Group](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/overview.md) + – Comprised of data collection, analysis and reports that focus on remote connections (Outlook Web + Access, ActiveSync, and Outlook Anywhere Access) occurring within your organization. This job + group goes out to each server that contains the IIS Logs and parses the log to return the data to + the Enterprise Auditor database. +- [3.Databases Job Group](/docs/accessanalyzer/11.6/solutions/exchange/databases/overview.md) + – Comprised of data collection, analysis and reports that focus on database sizing, growth, and + trends +- [4.Mailboxes Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/overview.md) + – Comprised of data collection, analyses, and reports around mailbox features, logons, + permissions, and sizing + + **CAUTION:** It is not recommended to run this job group at this job group level. + + - See the + [Recommended Configurations for the 4. Mailboxes Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/recommended.md) + topic for this job group. All jobs within this group are compatible with the Office 365 + environment. + +- [5. Public Folders Job Group](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/overview.md) + – Comprised of data collection, analysis and reports that focus on public folder sizing, content + aging, entitlement, ownership, and the identification of each public folder’s Most Probable Owner. + The Most Probable Owner is a unique algorithm built into the public folder data collector that is + determined based on folder ownership, content posted, and size of content posted. +- [6. Distribution Lists Job Group](/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/overview.md) + – Lists the direct and effective membership to distribution lists in addition to providing context + around potentially stale distribution lists +- [7.Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/overview.md) + – Comprised of jobs which locate sensitive data found in mailboxes and public folders in the + Exchange environment +- [8.Exchange Online Job Group](/docs/accessanalyzer/11.6/solutions/exchange/online/overview.md) + – Comprised of jobs that locate sensitive data found in mailboxes and public folders in the + Exchange environment +- [EX_UserOverview Job](/docs/accessanalyzer/11.6/solutions/exchange/ex_useroverview.md) + – provides correlation from multiple data collection points to show information for each user + about their mailbox size, mailbox access rights, mail-flow metrics and remote connectivity to the + Exchange environment. These reports provide user impact analysis on the environment. This job + depends upon multiple job groups. + +The MAPI-based data collectors require both Enterprise Auditor MAPI CDO and Microsoft Exchange MAPI +CDO to be installed on the Enterprise Auditor Console server. Once these have been installed, +configure the **Settings** > **Exchange** node for proper connection to the Exchange server. See the +[Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md b/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md deleted file mode 100644 index b69e0408cf..0000000000 --- a/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md +++ /dev/null @@ -1,624 +0,0 @@ -# Content Job Group - -The Content job group provides visibility into public folder sizing and content aging. - -![Content Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the Content job group are: - -- [Collection > PF_ContentScans Job](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Comprised of data collection that focuses on public folder content aging within each public - folder -- [PF_Content Job](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Comprised of analysis and reports which focus on public folder sizing and content aging - -# PF_Content Job - -The PF_Content job is comprised of analyses and reports that focus on public folder sizing and -content aging. - -## Analysis Tasks for the PF_Content Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Content** > -**PF_Content** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_Content Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/contentanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.PF Environment Aging by Size – Creates the SA_PF_Content_AgingBySize table, accessible under - the job’s Results node -- 01.PF Environment Aging by Count – Creates the SA_PF_Content_AgingByCount table, accessible under - the job’s Results node -- 02.Subtree Aging by Size – Creates the SA_PF_Content_SubtreeAgingBySize table, accessible under - the job’s Results node -- 03.Subtree Aging by Count – Creates the SA_PF_Content_SubtreeAgingByCount table, accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the PF_Content job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Aging by File Count (Public Folder Aging by File Count) | This report highlights content aging within the targeted Public Folder environment, with a focus on the number of files. | None | This report is comprised of three elements: - Bar Chart – Displays public folder environment aging - Table – Provides details on public folder environment aging by file count - Table – Provides details on aging by sub tree | -| Aging by File Size (Public Folder Aging by File Size) | This report highlights content aging within the targeted Public Folder environment, with a focus on the size of files. | None | This report is comprised of three elements: - Column Chart – Displays public folder environment aging by file size - Table – Provides details on public folder environment by file size - Table – Provides details on aging by sub tree | - -# Collection > PF_ContentScans Job - -The PF_ContentScans job is comprised of data collection that focuses on public folder content aging -within each public folder. - -![Collection > PF_ContentScans Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The PF_ContentScans job is located in the 0.Collection job group. - -## Queries for the PF_ContentScans Job - -The PF_ContentScans job uses the ExchangePS Data Collector. - -![Queries for the PF_ContentScans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/contentscansquery.webp) - -The following query is included in the PF_ContentScans job: - -- PF Contents – Collects content aging information - - - By default set to search all public folders. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#scope-the-exchangeps-data-collector) - topic for additional information - -## Analysis Tasks for the PF_ContentScans Job - -View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Content** > -**Collection** > **PF_ContentScans** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the PF_ContentScans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/contentscansanalysis.webp) - -The following analysis task is selected by default: - -- Strip Replicas from Reports – Removes duplicates from reports - -# Growth and Size Job Group - -The Growth and Size job group is comprised of data collection, analysis, and reports that focus on -public folder sizing and growth. - -![Growth and Size Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the Growth and Size job group are: - -- [Collection > PF_FolderScans Job](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Comprised of data collection that focuses on collecting sizing information for each public - folder -- [PF_FolderSize Job](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Provides details related to public folder sizing and growth - -# Collection > PF_FolderScans Job - -The PF_FolderScans job is comprised of data collection that focuses on collecting sizing information -for each public folder. - -![Collection > PF_FolderScans Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The PF_FolderScans job is located in the Collection job group. - -## Queries for the PF_FolderScans Job - -The PF_FolderScans job uses the ExchangePS Data Collector. - -![Queries for the PF_FolderScans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansquery.webp) - -The following query is included in the PF_FolderScans Job: - -- PF Size & Msg Counts – Collects public folder size and message counts - - - By default set to search all public folders. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#scope-the-exchangeps-data-collector) - topic for additional information - -## Analysis Tasks for the PF_FolderScans Job - -View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Growth and -Size** > **Collection** > **PF_FolderScans** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the PF_FolderScans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp) - -The following analysis task is selected by default: - -- Strip Replicas from Reports – Removes duplicates from reports - -# PF_FolderSize Job - -The PF_FolderSize job provides details related to public folder sizing and growth. - -## Analysis Tasks for the PF_FolderSize Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Growth and -Size** > **PF_FolderSize** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_FolderSize Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp) - -The following analysis tasks are selected by default: - -- 01.Create History Table – Creates the SA_PF_FolderSize_History table, accessible under the job’s - Results node -- 02.SET HISTORY RETENTION – Sets retention period in months - - - The default is 3 months. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#exchange-history-retention) - topic for additional information - -- 03.Latest Run Per Folder – Creates the SA_PF_FolderSize_Latest table, accessible under the job’s - Results node -- 04.30 Day Growth – Creates the SA_PF_FolderSize_Growth table, accessible under the job’s Results - node - -The following analysis task clears table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Delete all Historical Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 00.Delete all Historical Data - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the PF_FolderSize job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | ----------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | -| Public Folder Size and Growth | This report shows the largest public folders and percent change over 30 days. | None | This report is comprised of two elements: - Bar Chart – Displays largest public folders - Table – Provides details on largest public folders | - -# 5. Public Folders Job Group - -The 5. Public Folders job group is comprised of data collection, analyses, and reports that focus on -public folder sizing, content aging, entitlement, ownership, and the identification of each public -folder’s Most Probable Owner. The Most Probable Owner is a unique algorithm built into the public -folder data collector that is determined based on folder ownership, content posted, and size of -content posted. - -![5.Public Folders Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following comprise the 5. Public Folders job group: - -- [Content Job Group](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Provides visibility into public folder sizing and content aging -- [Growth and Size Job Group](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Comprised of data collection, analysis, and reports that focus on public folder sizing and - growth -- [Ownership Job Group](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Comprised of analysis and reports that focus on public folder ownership, and most importantly - the identification of each public folder's Most Probable Owner -- [Permissions Job Group](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Provides visibility into permissions applied to each public folder -- [PF_Overview Job](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Comprised of analysis and reports that provides a top level summary of each parent public folder - and correlates information from the message tracking logs to identify the last time a public - folder received mail - -The **5. Public Folders** > **Ownership** job group uses the ExchangePublicFolder, a MAPI-based data -collector. Therefore, it requires both Enterprise Auditor MAPI CDO and Microsoft Exchange MAPI CDO -to be installed on the Enterprise Auditor Console server. Once these have been installed, the -**Settings** > **Exchange** node must be configured for proper connection to the Exchange server. -See the -[Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) -topic for additional information. - -# Ownership Job Group - -The Ownership job group is comprised of analysis and reports that focus on public folder ownership, -and most importantly the identification of each public folder's Most Probable Owner. The Most -Probable Owner is a unique algorithm built into the public folder data collector that is determined -based on folder ownership, content posted, and size of content posted. - -![Ownership Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The obs in the Ownership job group are: - -- [Collection > PF_FolderOwnership Job](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Focuses on public folder sizing, content aging, entitlement, ownership, and most importantly the - identification of each public folder's Most Probable Owner -- [PF_Owners Job](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Comprised of analysis and reports that focus on public folder ownership, and most importantly - the identification of each public folder's Most Probable Owner - -# Collection > PF_FolderOwnership Job - -The PF_FolderOwnership job is comprised of data collection that focuses on collecting each public -folder’s owner and identifying the Most Probable Owner. The Most Probable Owner is a unique -algorithm built into the public folder data collector that is determined based on folder ownership, -content posted, and size of content posted. Modifications can be made to the data collector to -change the way the Most Probable Owner is determined. - -![Collection > PF_FolderOwnership Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The PF_FolderOwnership job is located in the Collection job group. - -## Queries for the PF_FolderOwnership Job - -The PF_FolderOwnership job uses the ExchangePublicFolder Data Collector. - -![Queries for the PF_FolderOwnership Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipquery.webp) - -The following queries are included in the PF_FolderOwnership job: - -- Probable Ownership – Collects and calculates probable owners - - - By default set to search all public folders. It can be scoped. - - See the - [Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job](#scope-the-exchangepublicfolder-data-collector-for-the-pf_folderownership-job) - topic for additional information - -- Assigned Ownership – Collects assigned owners - - - By default set to search all public folders. It can be scoped. - - Probable Owner Calculation can be modified - - See the - [Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job](#scope-the-exchangepublicfolder-data-collector-for-the-pf_folderownership-job) - topic for additional information - -### Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job - -The ExchangePublicFolder Data Collector can be scoped if desired. Follow the steps to modify the -query configuration. - -**NOTE:** These instructions include information on modifying the calculation used to determine -probable ownership. Step 5 is only applicable to the Probable Ownership Query in the -PF_FolderOwnership Job. - -**Step 1 –** Navigate to job’s **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query -Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Exchange Public Folder -Data Collector Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. - -![Exchange Public Folder Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) - -**Step 4 –** To modify the scope of the search, navigate to the Scope page. The scope is configured -using the following settings: - -- Choose Type of Public Folder to be queried – Select the type of public folder to be queried: - - - Default Public Folders – Select this option to access folders directly with client - applications such as Microsoft Outlook. In its default configuration, Exchange System Manager - displays these folders when a public folder tree is expanded. - - System Public Folders – Select this option to access folders that cannot be directly accessed. - Client applications, such as Microsoft Outlook, use these folders to store information such as - free and busy data, offline address lists, and organizational forms. Other folders hold - configuration information that is used by custom applications or by Exchange itself. The - Public Folders tree contains extra system folders, such as the EFORMS REGISTRY folder, that do - not exist in general-purpose public folder trees. - -- Choose Scope of Public Folders to be queried – Select a scoping option for public folders: - - - All Public Folders – Select this option to return all public folders within the targeted - environment - - Selected Public Folders – Select this option to return only those public folders specified on - the Scope page of the query - - Selected Table – Select this option to return only those public folders within the table and - field name specified on the Scope page of the query - - _Remember,_ the scoping options available vary based on the pre-defined query configurations. - -See the -[ExchangePublicFolder: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -![Exchange Public Folder Data Collector Wizard Probable Owner Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp) - -**Step 5 –** To modify the probable owner calculation, navigate to the Probable Owner page. The -calculation is configured with the following defaults: - -- Determine Owner – Use custom weights – Allows customization of factors that determine returned - results -- Result weights – Customized when Use Custom Weights is selected under Determine Owner -- Output options – Configures the number of returned probable owners - -See the -[ExchangePublicFolder: Probable Owner](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -**Step 6 –** Navigate to the Summary page. Click **Finish**. - -The job applies the modification to future job executions. - -## Analysis Tasks for the PF_FolderOwnership Job - -View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Ownership** > -**Collection** > **PF_FolderOwnership** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the PF_FolderOwnership Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp) - -The following analysis task is selected by default: - -- Post Process Collection – Applies an index and removes replica duplicates - -# PF_Owners Job - -The PF_Owners job is comprised of analysis and reports that focus on public folder ownership, and -most importantly the identification of each public folder's Most Probable Owner. The Most -Probable Owner is a unique algorithm built into the public folder data collector that is determined -based on folder ownership, content posted, and size of content posted. - -## Analysis Tasks for the PF_Owners Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Ownership** > -**PF_Owners** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_Owners Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/ownersanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Probable Owners – Creates the SA_PF_Ownership_ProbableOwners table, accessible under the job’s - Results node -- 01.ID rate by Root Folder – Creates the SA_PF_Ownership_SuccessRate table, accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the PF_Owners job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Identification Success (Probable Owner Identification Rate) | This report identifies folder trees with a high success rate of probable owners identified. This may help scope initial cleanup campaigns. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays probable owner identification success - Table – Provides details probable owner identification success | -| Probable Owners | This report identifies probable owners for all scanned folders. | None | This report is comprised of one element: - Table – Provides details on probable owners | - -# Permissions Job Group - -The Permissions job group provides visibility into permissions applied to each public folder. - -![Permissions Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the Permissions job group are: - -- [Collection > PF_EntitlementScans Job](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Comprised of data collection that focuses on public folder permissions -- [PF_Entitlements Job](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) - – Comprised of analyses and reports that provide visibility into permissions applied to each - public folder within the Exchange environment - -# PF_Entitlements Job - -The PF_Entitlements job is comprised of analyses and reports that provide visibility into -permissions applied to each public folder within the Exchange environment. - -## Analysis Tasks for the PF_Entitlements Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > -**Permissions** > **PF_Entitlements** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_EntitlementScans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Default + Anonymous ACLs – Creates the SA_PF_Entitlements_DefaultAnonymous table accessible - under the job’s Results node -- 01.No Explicit Permissions – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 02.Stale User Entitlements – Creates the SA_PF_Entitlements_StaleUserEntitlements table, - accessible under the job’s Results node -- 03.Unresolved SID Summary – Creates the SA_PF_Entitlements_UnresolvedSIDSummary table, accessible - under the job’s Results node -- 04.Unresolved SIDs – Creates the SA_PF_Entitlements_UnresolvedSIDDetails table, accessible under - the job’s Results node -- AIC Import - PF Entitlements – Imports public folder entitlements to the Access Information Center - -In addition to the tables and views created by the analysis tasks, the PF_Entitlements job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Default and Anonymous Entitlement | Indicates entitlements that are explicitly assigned to the default or anonymous accounts across all public folders. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays folder trees by default and anonymous entitlements - Table – Provides details on folder trees by default and anonymous entitlements | -| No Explicit Permissions (Leaf Folders with No Explicit Perms) | Provides all leaf Public Folders that only have Default, Anonymous, or unresolved SIDs as the explicit permissions, and have no child folders. These can potentially be deleted since they may not be accessed by active users. | None | This report is comprised of three elements: - Bar Chart – Displays percent of enterprises with issues - Table – Provides details on percent of enterprises with issues - Table – Provides details on folders with no explicit permissions | -| Unresolved SIDs (Unresolved SID Entitlements) | This report identifies any places where unresolved SIDs have been given entitlements. | None | This report is comprised of two elements: - Bar Chart – Displays top level trees by unresolved entitlements - Table – Provides details on top level trees by unresolved entitlements | - -# Collection > PF_EntitlementScans Job - -The PF_EntitlementScans job is comprised of data collection that focuses on public folder -permissions. - -![Collection > PF_EntitlementScans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The PF_EntitlementScans job is located in the Collection job group. - -## Queries for the PF_EntitlementScans Job - -The PF_EntitlementScans job uses the ExchangePS Data Collector. - -![Queries for the PF_EntitlementScans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp) - -The following query is included in the PF_EntitlementScans job: - -- Public Folder Permissions – Collects public folder permissions - - - By default set to search all public folders. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#scope-the-exchangeps-data-collector) - topic for additional information - -## Analysis Tasks for the PF_EntitlementScans Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > -**Permissions** > **Collection** > **PF_EntitlementScans** > **Configure** node and select -**Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_EntitlementScans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp) - -The following analysis tasks are selected by default: - -- Compress and Index Collection – Compresses and indexes the collection -- Strip Replicas from Reports – Updates table to remove replicas - -# PF_Overview Job - -The PF_Overview job is comprised of analyses and reports that provide a top level summary of each -parent public folder and correlates information from the message tracking logs to identify the last -time a public folder received mail. - -## Analysis Tasks for the PF_Overview Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > -**PF_Overview** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_Overview Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/overviewanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Top Level Folder Summary – Creates the SA_PF_Overview_TopLevelRollup table, accessible under - the job’s Results node -- 01.Public Folders Message Traffic – Creates the SA_PF_Overview_ExchangeTraffic table, accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the PF_Overview job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | --------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Public Folder Mail Traffic | This report shows which mail-enabled public folders have mail traffic. | None | This report is comprised of two elements: - Bar Chart – Displays oldest public folders - Table – Provides details on oldest public folders | -| Public Folder Summary | This report shows where data is concentrated within the public folder environment, sorted by the largest top-level folders. | None | This report is comprised of three elements: - Bar Chart – Displays public folder environment - Table – Provides details largest public folder trees - Table – Provides details on the public folder environment | - -# Recommended Configurations for the 5. Public Folders Job Group - -Dependencies - -This job group requires the following items to be installed and configured on the Enterprise Auditor -Console: - -- Microsoft MAPI CDO installed -- Enterprise Auditor MAPI CDO installed -- **Settings** > **Exchange** node configured - -The following job groups need to be successfully run: - -- .Active Directory Inventory Job Group -- .Entra ID Inventory Job Group -- Exchange > 1. HUB Metrics Job Group (Optional) - - - Provides data on public folder metrics for on-premises Exchange environments and the last time - a distribution list received mail - -Targeted Hosts - -The Content, Growth and Size, and Permissions job groups use Remote PowerShell through the -ExchangePS Data Collector and the host list should be set to the following: - -- Local Host - -The **Ownership** > **Collection** job group needs to be set to run against the appropriate host -list: - -- For Exchange 2010 or 2013 – Assign a single host from the 2010/2013 environment - - - This can be assigned at the Collection job group level if the host has been added to a custom - host list - - This can be assigned at the **Collection** > **PF_FolderOwnership** job level by adding the - individual host at the **Configure** > **Hosts** node - - **NOTE:** The target host should be set to an on-premises Exchange server. Exchange Online is - not support. - -Connection Profile - -A Connection Profile must be set directly on the collection jobs. See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for credential requirements and assign the Connection Profile to the following jobs: - -- **Content** > **Collection** > **PF_ContentScans** Job -- **Growth and Size** > **Collection** > **PF_FolderScans** Job -- **Permissions** > **Collection** > **PF_EntitlementScans** Job - -See the -[MAPI-Based Data Collector Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for credential requirements and assign the Connection Profile to the following job: - -- **Ownership** > **Collection** > **PF_FolderOwnership** Job - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -This job group has been designed to run weekly or bi-weekly to collect information about public -folders in the environment. This job group may be run more frequently depending on the size of the -public folders database and public folder count. - -**_RECOMMENDED:_** Run this job group on Fridays at 8:00 PM. - -History Retention - -History retention should not be enabled on this job group. History is kept through analysis tasks. -Modify the following analysis task to customize the amount of history which is kept: - -| Job Name | Analysis Task Name | Default History | -| ------------- | --------------------- | --------------- | -| PF_FolderSize | SET HISTORY RETENTION | 3 Months | - -Query Configuration - -The 5. Public Folders job group is designed to be run with the default query configurations. -However, the following queries can be modified: - -- **Content** > **Collection** > **PF_ContentScans** Job – **PF Contents** Query -- **Growth and Size** > **Collection** > **PF_FolderScans** Job – **PF Size & Msg Counts** Query -- **Ownership** > **Collection** > **PF_FolderOwnership** Job – **Probable Ownership** Query -- **Ownership** > **Collection** > **PF_FolderOwnership** Job – **Assigned Ownership** Query -- **Permissions** > **Collection** > **PF_EntitlementScans** Job – **Public Folder Permissions** - Query - -No other queries should be modified. - -Analysis Configuration - -The 5. Public Folders job group should be run with the default analysis configurations. - -**CAUTION:** Most of these analysis tasks are preconfigured and should never be modified or -deselected. There are some that are deselected by default, as they are for troubleshooting purposes. - -The following analysis tasks should not be deselected, but their parameters can be modified: - -- **Growth and Size** > **PF_FolderSize** Job – **02.SET HISTORY RETENTION** Analysis Task - -Workflow - -**Step 1 –** Set the host on the **Ownership** > **Collection** job group. - -**Step 2 –** Set a Connection Profile on the jobs that run data collection. - -**Step 3 –** Schedule the 5. Public Folders job group to run weekly, biweekly, or as desired. - -**Step 4 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/overview.md new file mode 100644 index 0000000000..18820da0a6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/overview.md @@ -0,0 +1,13 @@ +# Content Job Group + +The Content job group provides visibility into public folder sizing and content aging. + +![Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the Content job group are: + +- [Collection > PF_ContentScans Job](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/pf_contentscans.md) + – Comprised of data collection that focuses on public folder content aging within each public + folder +- [PF_Content Job](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/pf_content.md) + – Comprised of analysis and reports which focus on public folder sizing and content aging diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/pf_content.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/pf_content.md new file mode 100644 index 0000000000..899c6bf87e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/pf_content.md @@ -0,0 +1,33 @@ +# PF_Content Job + +The PF_Content job is comprised of analyses and reports that focus on public folder sizing and +content aging. + +## Analysis Tasks for the PF_Content Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Content** > +**PF_Content** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_Content Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/contentanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.PF Environment Aging by Size – Creates the SA_PF_Content_AgingBySize table, accessible under + the job’s Results node +- 01.PF Environment Aging by Count – Creates the SA_PF_Content_AgingByCount table, accessible under + the job’s Results node +- 02.Subtree Aging by Size – Creates the SA_PF_Content_SubtreeAgingBySize table, accessible under + the job’s Results node +- 03.Subtree Aging by Count – Creates the SA_PF_Content_SubtreeAgingByCount table, accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the PF_Content job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Aging by File Count (Public Folder Aging by File Count) | This report highlights content aging within the targeted Public Folder environment, with a focus on the number of files. | None | This report is comprised of three elements: - Bar Chart – Displays public folder environment aging - Table – Provides details on public folder environment aging by file count - Table – Provides details on aging by sub tree | +| Aging by File Size (Public Folder Aging by File Size) | This report highlights content aging within the targeted Public Folder environment, with a focus on the size of files. | None | This report is comprised of three elements: - Column Chart – Displays public folder environment aging by file size - Table – Provides details on public folder environment by file size - Table – Provides details on aging by sub tree | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/pf_contentscans.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/pf_contentscans.md new file mode 100644 index 0000000000..4f48fbafd9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/pf_contentscans.md @@ -0,0 +1,37 @@ +# Collection > PF_ContentScans Job + +The PF_ContentScans job is comprised of data collection that focuses on public folder content aging +within each public folder. + +![Collection > PF_ContentScans Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The PF_ContentScans job is located in the 0.Collection job group. + +## Queries for the PF_ContentScans Job + +The PF_ContentScans job uses the ExchangePS Data Collector. + +![Queries for the PF_ContentScans Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/contentscansquery.webp) + +The following query is included in the PF_ContentScans job: + +- PF Contents – Collects content aging information + + - By default set to search all public folders. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + +## Analysis Tasks for the PF_ContentScans Job + +View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Content** > +**Collection** > **PF_ContentScans** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the PF_ContentScans Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/contentscansanalysis.webp) + +The following analysis task is selected by default: + +- Strip Replicas from Reports – Removes duplicates from reports diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/overview.md new file mode 100644 index 0000000000..d5f94f7f4f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/overview.md @@ -0,0 +1,14 @@ +# Growth and Size Job Group + +The Growth and Size job group is comprised of data collection, analysis, and reports that focus on +public folder sizing and growth. + +![Growth and Size Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the Growth and Size job group are: + +- [Collection > PF_FolderScans Job](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/pf_folderscans.md) + – Comprised of data collection that focuses on collecting sizing information for each public + folder +- [PF_FolderSize Job](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/pf_foldersize.md) + – Provides details related to public folder sizing and growth diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/pf_folderscans.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/pf_folderscans.md new file mode 100644 index 0000000000..60b4787492 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/pf_folderscans.md @@ -0,0 +1,37 @@ +# Collection > PF_FolderScans Job + +The PF_FolderScans job is comprised of data collection that focuses on collecting sizing information +for each public folder. + +![Collection > PF_FolderScans Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The PF_FolderScans job is located in the Collection job group. + +## Queries for the PF_FolderScans Job + +The PF_FolderScans job uses the ExchangePS Data Collector. + +![Queries for the PF_FolderScans Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/folderscansquery.webp) + +The following query is included in the PF_FolderScans Job: + +- PF Size & Msg Counts – Collects public folder size and message counts + + - By default set to search all public folders. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + +## Analysis Tasks for the PF_FolderScans Job + +View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Growth and +Size** > **Collection** > **PF_FolderScans** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the PF_FolderScans Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp) + +The following analysis task is selected by default: + +- Strip Replicas from Reports – Removes duplicates from reports diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/pf_foldersize.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/pf_foldersize.md new file mode 100644 index 0000000000..83f18d50dd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/pf_foldersize.md @@ -0,0 +1,47 @@ +# PF_FolderSize Job + +The PF_FolderSize job provides details related to public folder sizing and growth. + +## Analysis Tasks for the PF_FolderSize Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Growth and +Size** > **PF_FolderSize** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_FolderSize Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp) + +The following analysis tasks are selected by default: + +- 01.Create History Table – Creates the SA_PF_FolderSize_History table, accessible under the job’s + Results node +- 02.SET HISTORY RETENTION – Sets retention period in months + + - The default is 3 months. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +- 03.Latest Run Per Folder – Creates the SA_PF_FolderSize_Latest table, accessible under the job’s + Results node +- 04.30 Day Growth – Creates the SA_PF_FolderSize_Growth table, accessible under the job’s Results + node + +The following analysis task clears table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Delete all Historical Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 00.Delete all Historical Data + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the PF_FolderSize job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | ----------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | +| Public Folder Size and Growth | This report shows the largest public folders and percent change over 30 days. | None | This report is comprised of two elements: - Bar Chart – Displays largest public folders - Table – Provides details on largest public folders | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/overview.md new file mode 100644 index 0000000000..67ff7367c6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/overview.md @@ -0,0 +1,34 @@ +# 5. Public Folders Job Group + +The 5. Public Folders job group is comprised of data collection, analyses, and reports that focus on +public folder sizing, content aging, entitlement, ownership, and the identification of each public +folder’s Most Probable Owner. The Most Probable Owner is a unique algorithm built into the public +folder data collector that is determined based on folder ownership, content posted, and size of +content posted. + +![5.Public Folders Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following comprise the 5. Public Folders job group: + +- [Content Job Group](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/overview.md) + – Provides visibility into public folder sizing and content aging +- [Growth and Size Job Group](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/overview.md) + – Comprised of data collection, analysis, and reports that focus on public folder sizing and + growth +- [Ownership Job Group](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/overview.md) + – Comprised of analysis and reports that focus on public folder ownership, and most importantly + the identification of each public folder's Most Probable Owner +- [Permissions Job Group](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/overview.md) + – Provides visibility into permissions applied to each public folder +- [PF_Overview Job](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/pf_overview.md) + – Comprised of analysis and reports that provides a top level summary of each parent public folder + and correlates information from the message tracking logs to identify the last time a public + folder received mail + +The **5. Public Folders** > **Ownership** job group uses the ExchangePublicFolder, a MAPI-based data +collector. Therefore, it requires both Enterprise Auditor MAPI CDO and Microsoft Exchange MAPI CDO +to be installed on the Enterprise Auditor Console server. Once these have been installed, the +**Settings** > **Exchange** node must be configured for proper connection to the Exchange server. +See the +[Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/overview.md new file mode 100644 index 0000000000..1ad45c2931 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/overview.md @@ -0,0 +1,17 @@ +# Ownership Job Group + +The Ownership job group is comprised of analysis and reports that focus on public folder ownership, +and most importantly the identification of each public folder's Most Probable Owner. The Most +Probable Owner is a unique algorithm built into the public folder data collector that is determined +based on folder ownership, content posted, and size of content posted. + +![Ownership Job Group](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The obs in the Ownership job group are: + +- [Collection > PF_FolderOwnership Job](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/pf_folderownership.md) + – Focuses on public folder sizing, content aging, entitlement, ownership, and most importantly the + identification of each public folder's Most Probable Owner +- [PF_Owners Job](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/pf_owners.md) + – Comprised of analysis and reports that focus on public folder ownership, and most importantly + the identification of each public folder's Most Probable Owner diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/pf_folderownership.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/pf_folderownership.md new file mode 100644 index 0000000000..5dfe43a78f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/pf_folderownership.md @@ -0,0 +1,117 @@ +# Collection > PF_FolderOwnership Job + +The PF_FolderOwnership job is comprised of data collection that focuses on collecting each public +folder’s owner and identifying the Most Probable Owner. The Most Probable Owner is a unique +algorithm built into the public folder data collector that is determined based on folder ownership, +content posted, and size of content posted. Modifications can be made to the data collector to +change the way the Most Probable Owner is determined. + +![Collection > PF_FolderOwnership Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The PF_FolderOwnership job is located in the Collection job group. + +## Queries for the PF_FolderOwnership Job + +The PF_FolderOwnership job uses the ExchangePublicFolder Data Collector. + +![Queries for the PF_FolderOwnership Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/folderownershipquery.webp) + +The following queries are included in the PF_FolderOwnership job: + +- Probable Ownership – Collects and calculates probable owners + + - By default set to search all public folders. It can be scoped. + - See the + [Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job](#scope-the-exchangepublicfolder-data-collector-for-the-pf_folderownership-job) + topic for additional information + +- Assigned Ownership – Collects assigned owners + + - By default set to search all public folders. It can be scoped. + - Probable Owner Calculation can be modified + - See the + [Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job](#scope-the-exchangepublicfolder-data-collector-for-the-pf_folderownership-job) + topic for additional information + +### Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job + +The ExchangePublicFolder Data Collector can be scoped if desired. Follow the steps to modify the +query configuration. + +**NOTE:** These instructions include information on modifying the calculation used to determine +probable ownership. Step 5 is only applicable to the Probable Ownership Query in the +PF_FolderOwnership Job. + +**Step 1 –** Navigate to job’s **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query +Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Exchange Public Folder +Data Collector Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. + +![Exchange Public Folder Data Collector Wizard Scope page](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/scope.webp) + +**Step 4 –** To modify the scope of the search, navigate to the Scope page. The scope is configured +using the following settings: + +- Choose Type of Public Folder to be queried – Select the type of public folder to be queried: + + - Default Public Folders – Select this option to access folders directly with client + applications such as Microsoft Outlook. In its default configuration, Exchange System Manager + displays these folders when a public folder tree is expanded. + - System Public Folders – Select this option to access folders that cannot be directly accessed. + Client applications, such as Microsoft Outlook, use these folders to store information such as + free and busy data, offline address lists, and organizational forms. Other folders hold + configuration information that is used by custom applications or by Exchange itself. The + Public Folders tree contains extra system folders, such as the EFORMS REGISTRY folder, that do + not exist in general-purpose public folder trees. + +- Choose Scope of Public Folders to be queried – Select a scoping option for public folders: + + - All Public Folders – Select this option to return all public folders within the targeted + environment + - Selected Public Folders – Select this option to return only those public folders specified on + the Scope page of the query + - Selected Table – Select this option to return only those public folders within the table and + field name specified on the Scope page of the query + + _Remember,_ the scoping options available vary based on the pre-defined query configurations. + +See the +[ExchangePublicFolder: Scope](/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scope.md) +topic for additional information. + +![Exchange Public Folder Data Collector Wizard Probable Owner Settings page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp) + +**Step 5 –** To modify the probable owner calculation, navigate to the Probable Owner page. The +calculation is configured with the following defaults: + +- Determine Owner – Use custom weights – Allows customization of factors that determine returned + results +- Result weights – Customized when Use Custom Weights is selected under Determine Owner +- Output options – Configures the number of returned probable owners + +See the +[ExchangePublicFolder: Probable Owner](/docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableowner.md) +topic for additional information. + +**Step 6 –** Navigate to the Summary page. Click **Finish**. + +The job applies the modification to future job executions. + +## Analysis Tasks for the PF_FolderOwnership Job + +View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Ownership** > +**Collection** > **PF_FolderOwnership** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the PF_FolderOwnership Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp) + +The following analysis task is selected by default: + +- Post Process Collection – Applies an index and removes replica duplicates diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/pf_owners.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/pf_owners.md new file mode 100644 index 0000000000..37e3d9b56c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/pf_owners.md @@ -0,0 +1,31 @@ +# PF_Owners Job + +The PF_Owners job is comprised of analysis and reports that focus on public folder ownership, and +most importantly the identification of each public folder's Most Probable Owner. The Most +Probable Owner is a unique algorithm built into the public folder data collector that is determined +based on folder ownership, content posted, and size of content posted. + +## Analysis Tasks for the PF_Owners Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Ownership** > +**PF_Owners** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_Owners Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/ownersanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Probable Owners – Creates the SA_PF_Ownership_ProbableOwners table, accessible under the job’s + Results node +- 01.ID rate by Root Folder – Creates the SA_PF_Ownership_SuccessRate table, accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the PF_Owners job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Identification Success (Probable Owner Identification Rate) | This report identifies folder trees with a high success rate of probable owners identified. This may help scope initial cleanup campaigns. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays probable owner identification success - Table – Provides details probable owner identification success | +| Probable Owners | This report identifies probable owners for all scanned folders. | None | This report is comprised of one element: - Table – Provides details on probable owners | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/overview.md new file mode 100644 index 0000000000..fd2e4d3ae2 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/overview.md @@ -0,0 +1,13 @@ +# Permissions Job Group + +The Permissions job group provides visibility into permissions applied to each public folder. + +![Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the Permissions job group are: + +- [Collection > PF_EntitlementScans Job](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/pf_entitlementscans.md) + – Comprised of data collection that focuses on public folder permissions +- [PF_Entitlements Job](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/pf_entitlements.md) + – Comprised of analyses and reports that provide visibility into permissions applied to each + public folder within the Exchange environment diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/pf_entitlements.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/pf_entitlements.md new file mode 100644 index 0000000000..01442bc62a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/pf_entitlements.md @@ -0,0 +1,37 @@ +# PF_Entitlements Job + +The PF_Entitlements job is comprised of analyses and reports that provide visibility into +permissions applied to each public folder within the Exchange environment. + +## Analysis Tasks for the PF_Entitlements Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > +**Permissions** > **PF_Entitlements** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_EntitlementScans Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Default + Anonymous ACLs – Creates the SA_PF_Entitlements_DefaultAnonymous table accessible + under the job’s Results node +- 01.No Explicit Permissions – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 02.Stale User Entitlements – Creates the SA_PF_Entitlements_StaleUserEntitlements table, + accessible under the job’s Results node +- 03.Unresolved SID Summary – Creates the SA_PF_Entitlements_UnresolvedSIDSummary table, accessible + under the job’s Results node +- 04.Unresolved SIDs – Creates the SA_PF_Entitlements_UnresolvedSIDDetails table, accessible under + the job’s Results node +- AIC Import - PF Entitlements – Imports public folder entitlements to the Access Information Center + +In addition to the tables and views created by the analysis tasks, the PF_Entitlements job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Default and Anonymous Entitlement | Indicates entitlements that are explicitly assigned to the default or anonymous accounts across all public folders. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays folder trees by default and anonymous entitlements - Table – Provides details on folder trees by default and anonymous entitlements | +| No Explicit Permissions (Leaf Folders with No Explicit Perms) | Provides all leaf Public Folders that only have Default, Anonymous, or unresolved SIDs as the explicit permissions, and have no child folders. These can potentially be deleted since they may not be accessed by active users. | None | This report is comprised of three elements: - Bar Chart – Displays percent of enterprises with issues - Table – Provides details on percent of enterprises with issues - Table – Provides details on folders with no explicit permissions | +| Unresolved SIDs (Unresolved SID Entitlements) | This report identifies any places where unresolved SIDs have been given entitlements. | None | This report is comprised of two elements: - Bar Chart – Displays top level trees by unresolved entitlements - Table – Provides details on top level trees by unresolved entitlements | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/pf_entitlementscans.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/pf_entitlementscans.md new file mode 100644 index 0000000000..cccc79bfe5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/pf_entitlementscans.md @@ -0,0 +1,39 @@ +# Collection > PF_EntitlementScans Job + +The PF_EntitlementScans job is comprised of data collection that focuses on public folder +permissions. + +![Collection > PF_EntitlementScans Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The PF_EntitlementScans job is located in the Collection job group. + +## Queries for the PF_EntitlementScans Job + +The PF_EntitlementScans job uses the ExchangePS Data Collector. + +![Queries for the PF_EntitlementScans Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp) + +The following query is included in the PF_EntitlementScans job: + +- Public Folder Permissions – Collects public folder permissions + + - By default set to search all public folders. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + +## Analysis Tasks for the PF_EntitlementScans Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > +**Permissions** > **Collection** > **PF_EntitlementScans** > **Configure** node and select +**Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_EntitlementScans Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp) + +The following analysis tasks are selected by default: + +- Compress and Index Collection – Compresses and indexes the collection +- Strip Replicas from Reports – Updates table to remove replicas diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/pf_overview.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/pf_overview.md new file mode 100644 index 0000000000..2b68d128b6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/pf_overview.md @@ -0,0 +1,30 @@ +# PF_Overview Job + +The PF_Overview job is comprised of analyses and reports that provide a top level summary of each +parent public folder and correlates information from the message tracking logs to identify the last +time a public folder received mail. + +## Analysis Tasks for the PF_Overview Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > +**PF_Overview** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_Overview Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/overviewanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Top Level Folder Summary – Creates the SA_PF_Overview_TopLevelRollup table, accessible under + the job’s Results node +- 01.Public Folders Message Traffic – Creates the SA_PF_Overview_ExchangeTraffic table, accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the PF_Overview job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | --------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Public Folder Mail Traffic | This report shows which mail-enabled public folders have mail traffic. | None | This report is comprised of two elements: - Bar Chart – Displays oldest public folders - Table – Provides details on oldest public folders | +| Public Folder Summary | This report shows where data is concentrated within the public folder environment, sorted by the largest top-level folders. | None | This report is comprised of three elements: - Bar Chart – Displays public folder environment - Table – Provides details largest public folder trees - Table – Provides details on the public folder environment | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/recommended.md b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/recommended.md new file mode 100644 index 0000000000..3c1dd60851 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/recommended.md @@ -0,0 +1,111 @@ +# Recommended Configurations for the 5. Public Folders Job Group + +Dependencies + +This job group requires the following items to be installed and configured on the Enterprise Auditor +Console: + +- Microsoft MAPI CDO installed +- Enterprise Auditor MAPI CDO installed +- **Settings** > **Exchange** node configured + +The following job groups need to be successfully run: + +- .Active Directory Inventory Job Group +- .Entra ID Inventory Job Group +- Exchange > 1. HUB Metrics Job Group (Optional) + + - Provides data on public folder metrics for on-premises Exchange environments and the last time + a distribution list received mail + +Targeted Hosts + +The Content, Growth and Size, and Permissions job groups use Remote PowerShell through the +ExchangePS Data Collector and the host list should be set to the following: + +- Local Host + +The **Ownership** > **Collection** job group needs to be set to run against the appropriate host +list: + +- For Exchange 2010 or 2013 – Assign a single host from the 2010/2013 environment + + - This can be assigned at the Collection job group level if the host has been added to a custom + host list + - This can be assigned at the **Collection** > **PF_FolderOwnership** job level by adding the + individual host at the **Configure** > **Hosts** node + + **NOTE:** The target host should be set to an on-premises Exchange server. Exchange Online is + not support. + +Connection Profile + +A Connection Profile must be set directly on the collection jobs. See the +[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/powershell.md) +topic for credential requirements and assign the Connection Profile to the following jobs: + +- **Content** > **Collection** > **PF_ContentScans** Job +- **Growth and Size** > **Collection** > **PF_FolderScans** Job +- **Permissions** > **Collection** > **PF_EntitlementScans** Job + +See the +[MAPI-Based Data Collector Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/mapi.md) +topic for credential requirements and assign the Connection Profile to the following job: + +- **Ownership** > **Collection** > **PF_FolderOwnership** Job + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +This job group has been designed to run weekly or bi-weekly to collect information about public +folders in the environment. This job group may be run more frequently depending on the size of the +public folders database and public folder count. + +**_RECOMMENDED:_** Run this job group on Fridays at 8:00 PM. + +History Retention + +History retention should not be enabled on this job group. History is kept through analysis tasks. +Modify the following analysis task to customize the amount of history which is kept: + +| Job Name | Analysis Task Name | Default History | +| ------------- | --------------------- | --------------- | +| PF_FolderSize | SET HISTORY RETENTION | 3 Months | + +Query Configuration + +The 5. Public Folders job group is designed to be run with the default query configurations. +However, the following queries can be modified: + +- **Content** > **Collection** > **PF_ContentScans** Job – **PF Contents** Query +- **Growth and Size** > **Collection** > **PF_FolderScans** Job – **PF Size & Msg Counts** Query +- **Ownership** > **Collection** > **PF_FolderOwnership** Job – **Probable Ownership** Query +- **Ownership** > **Collection** > **PF_FolderOwnership** Job – **Assigned Ownership** Query +- **Permissions** > **Collection** > **PF_EntitlementScans** Job – **Public Folder Permissions** + Query + +No other queries should be modified. + +Analysis Configuration + +The 5. Public Folders job group should be run with the default analysis configurations. + +**CAUTION:** Most of these analysis tasks are preconfigured and should never be modified or +deselected. There are some that are deselected by default, as they are for troubleshooting purposes. + +The following analysis tasks should not be deselected, but their parameters can be modified: + +- **Growth and Size** > **PF_FolderSize** Job – **02.SET HISTORY RETENTION** Analysis Task + +Workflow + +**Step 1 –** Set the host on the **Ownership** > **Collection** job group. + +**Step 2 –** Set a Connection Profile on the jobs that run data collection. + +**Step 3 –** Schedule the 5. Public Folders job group to run weekly, biweekly, or as desired. + +**Step 4 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/recommended-reports.md b/docs/accessanalyzer/11.6/solutions/exchange/recommended-reports.md deleted file mode 100644 index 4a1d7780c9..0000000000 --- a/docs/accessanalyzer/11.6/solutions/exchange/recommended-reports.md +++ /dev/null @@ -1,219 +0,0 @@ -# Recommended Configurations for the 3. Databases Job Group - -Dependencies - -This job group requires the following items to be installed and configured on the Enterprise Auditor -Console: - -- Microsoft MAPI CDO installed -- Enterprise Auditor MAPI CDO installed -- **Settings** > **Exchange** node configured - -Targeted Hosts - -The **0. Collection** > **1. Local** job group has been set to run against: - -- Local host - -The **0. Collection** > **2. PF** job group has been set to run against the following default -dynamic host list: - -- Exchange MB Servers - -**NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which meet -the host inventory criteria for the list. Ensure the appropriate host lists have been populated -through host inventory results. - -Connection Profile - -A Connection Profile must be set directly on the EX_DBInfo Job and the EX_PFInfo Job. See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for the Ex_DBInfo Job required permissions. See the -[MAPI-Based Data Collector Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for the EX_PFInfo Job requirements. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -This job group has been designed to run daily to collect information about the size of databases in -the environment. - -**_RECOMMENDED:_** Run this Job Group at 3:00 AM. - -History Retention - -History retention should not be enabled on this job group. History is kept through analysis tasks. -Modify the following analysis tasks to customize the amount of history which is kept: - -| Job Name | Analysis Task Name | Default History | -| ----------- | --------------------- | --------------- | -| EX_DBSizing | SET HISTORY RETENTION | 6 Months | - -Query Configuration - -The 3. Databases Job Group is designed to be run with the default query configurations. However, the -following query can be modified: - -- **0.Collection** > **1. Local** > **EX_DBInfo** Job – **Exchange 2010 Store Size** Query - -No other queries should be modified. - -Analysis Configuration - -The 3. Databases Job Group should be run with the default analysis configurations. - -**CAUTION:** Most of the analysis tasks are preconfigured and should never be modified or -deselected. There are some that are deselected by default, as they are for troubleshooting purposes. - -The following analysis task should not be deselected, but the parameters can be modified: - -- **EX_DBSizing** Job – **SET HISTORY RETENTION** Analysis Task - -Workflow - -**Step 1 –** Set a Connection Profile on the jobs that run data collection. - -**Step 2 –** Schedule the 3. Databases Job Group to run daily. - -**Step 3 –** Review the reports generated by the jobs. - -# Recommended Configurations for the 8. Exchange Online Job Group - -Dependencies - -The following Enterprise Auditor job groups need to be successfully run: - -- .Active Directory Inventory -- .Entra ID Inventory - -Targeted Hosts - -The Mailflow job group uses Remote PowerShell through the ExchangePS Data Collector and the -PowerShell Data Collector. The host list needs to be set to one of the following: - -- Local Host -- Custom Host List for Exchange Online - - - The host list should include the tenant name of the Microsoft Entra tenant used to connect to - Exchange Online. See the - [Exchange Online Host List](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md#exchange-online-host-list) - topic for additional information. - -Connection Profile - -See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for the EX_Mailflow job requirements. - -Additionally, the Exchange Online job group needs access to the following Exchange Online URLs to -perform collection: - -- Exchange PowerShell – https://ps.outlook.com/PowerShell -- Autodiscover – https://autodiscover-s.outlook.com/autodiscover/autodiscover.svc -- EWS – https://outlook.office365.com/EWS/Exchange.asmx - -See the -[Exchange Custom Connection Profile & Host List](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -Schedule Frequency - -This job group has been designed to run daily. - -**_RECOMMENDED:_** Run this job group at 1:00 AM. - -Query Configuration - -The 8. Exchange Online job group is designed to be run with the default query configurations. -However, the following queries can be modified: - -- **Mailflow** > **0. Collection** > **EX_Mailflow** Job – **MailFlow** Query -- **EX_ASPolicies** Job – **Exchange Settings** Query - -No other queries should be modified. - -Analysis Configuration - -The 8. Exchange Online job group should be run with the default analysis configurations. Most of -these analysis tasks are preconfigured and should never be modified or deselected. There are some -that are deselected by default, as they are for troubleshooting purposes. - -The following analysis tasks should not be deselected, but their parameters can be modified: - -- **Mailflow** > **0. Collection** > **EX_Mailflow** Job – **03. SET HISTORY RETENTION** Analysis - Task -- **Mailflow** > **EX_Mailflow_Domain** Job – **Mailflow Domain** Analysis Task -- **Mailflow** > **EX_Mailflow_Mailbox** Job – **User Mailboxes By Message Count** Analysis Task -- **Mailflow** > **EX_Mailflow_Mailbox** Job – **User Mailboxes by Message Size** Analysis Task -- **Mailflow** > **EX_Mailflow_OrgOverview** Job – **Organization Overview** Analysis Task - -Workflow - -**Step 1 –** Set the host on the EX_Mailflow job. - -- The **Mailflow** > **0. Collection** > **EX_Mailflow** job needs to be set to run against one of - the following: - - - Local Host - - Custom Host List - -**Step 2 –** Set a Connection Profile on the jobs which run data collection. - -**Step 3 –** Schedule the 8. Exchange Online job group to run as desired. - -# Recommended Configurations for the Exchange Solution - -Each job group within the Exchange Solution has its own Recommended Configurations topic. See the -relevant topic for specific information on job group settings and recommended schedule frequency. - -- [Recommended Configurations for the 1. HUB Metrics Job Group](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) -- [Recommended Configurations for the 2. CAS Metrics Job Group](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md) -- [Recommended Configurations for the 3. Databases Job Group](/docs/accessanalyzer/11.6/solutions/exchange/recommended-reports.md) -- [Recommended Configurations for the 4. Mailboxes Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailbox-analysis.md) -- [Recommended Configurations for the 5. Public Folders Job Group](/docs/accessanalyzer/11.6/solutions/exchange/public-folder-analysis.md) -- [Recommended Configurations for the 6. Distribution Lists Job Group](/docs/accessanalyzer/11.6/solutions/exchange/distribution-lists.md) -- [Recommended Configurations for the 7. Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/exchange/sensitive-data.md) -- [Recommended Configurations for the 8. Exchange Online Job Group](/docs/accessanalyzer/11.6/solutions/exchange/recommended-reports.md) - -## ExchangePS Data Collector & Client Access Server - -A Client Access Server (CAS) name is required for the ExchangePS Data Collector. When targeting -Exchange 2013 or 2016, it is possible for the **Settings** > **Exchange** node to have been -configured with a web address instead of a CAS. - -- Exchange 2010 Servers – Uses the CAS server set in the global configuration (**Settings** > - **Exchange** node) -- Exchange 2013 & 2016 – May require a CAS name set in the ExchangePS Data Collector configuration: - - - If the **Settings** > **Exchange** node was configured for **MAPI over HTTP**, then a CAS - server name was supplied and that is used by the ExchangePS Data Collector - - If the **Settings** > **Exchange** node was configured for **MAPI over HTTPS**, then the - global configuration has a web address instead of an actual server. Therefore, each query - requires the CAS server to be set as the specific server on the Category page. - -Follow the steps to supply a CAS name for data collection. - -**Step 1 –** Navigate to the job’s **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The ExchangePS Data Collector -Wizard opens. - -**CAUTION:** Unless otherwise indicated within the job group section, do not make changes to other -wizard pages as they have been pre-configured for the purpose of the job. - -![CAS name on ExchangePS Data Collector Wizard Category page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/exchangepscas.webp) - -**Step 4 –** On the Category page, select the **Use specific server** option and enter the CAS name -in the text box. See the -[ExchangePS: Category](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic -for additional information. - -**Step 5 –** Navigate to the Summary page. Click **Finish**. - -The job now successfully targets Exchange 2013 and 2016 environments. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/recommended.md b/docs/accessanalyzer/11.6/solutions/exchange/recommended.md new file mode 100644 index 0000000000..141aeea74a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/recommended.md @@ -0,0 +1,53 @@ +# Recommended Configurations for the Exchange Solution + +Each job group within the Exchange Solution has its own Recommended Configurations topic. See the +relevant topic for specific information on job group settings and recommended schedule frequency. + +- [Recommended Configurations for the 1. HUB Metrics Job Group](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/recommended.md) +- [Recommended Configurations for the 2. CAS Metrics Job Group](/docs/accessanalyzer/11.6/solutions/exchange/casmetrics/recommended.md) +- [Recommended Configurations for the 3. Databases Job Group](/docs/accessanalyzer/11.6/solutions/exchange/databases/recommended.md) +- [Recommended Configurations for the 4. Mailboxes Job Group](/docs/accessanalyzer/11.6/solutions/exchange/mailboxes/recommended.md) +- [Recommended Configurations for the 5. Public Folders Job Group](/docs/accessanalyzer/11.6/solutions/exchange/publicfolders/recommended.md) +- [Recommended Configurations for the 6. Distribution Lists Job Group](/docs/accessanalyzer/11.6/solutions/exchange/distributionlists/recommended.md) +- [Recommended Configurations for the 7. Sensitive Data Job Group](/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/recommended.md) +- [Recommended Configurations for the 8. Exchange Online Job Group](/docs/accessanalyzer/11.6/solutions/exchange/online/recommended.md) + +## ExchangePS Data Collector & Client Access Server + +A Client Access Server (CAS) name is required for the ExchangePS Data Collector. When targeting +Exchange 2013 or 2016, it is possible for the **Settings** > **Exchange** node to have been +configured with a web address instead of a CAS. + +- Exchange 2010 Servers – Uses the CAS server set in the global configuration (**Settings** > + **Exchange** node) +- Exchange 2013 & 2016 – May require a CAS name set in the ExchangePS Data Collector configuration: + + - If the **Settings** > **Exchange** node was configured for **MAPI over HTTP**, then a CAS + server name was supplied and that is used by the ExchangePS Data Collector + - If the **Settings** > **Exchange** node was configured for **MAPI over HTTPS**, then the + global configuration has a web address instead of an actual server. Therefore, each query + requires the CAS server to be set as the specific server on the Category page. + +Follow the steps to supply a CAS name for data collection. + +**Step 1 –** Navigate to the job’s **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The ExchangePS Data Collector +Wizard opens. + +**CAUTION:** Unless otherwise indicated within the job group section, do not make changes to other +wizard pages as they have been pre-configured for the purpose of the job. + +![CAS name on ExchangePS Data Collector Wizard Category page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/exchangepscas.webp) + +**Step 4 –** On the Category page, select the **Use specific server** option and enter the CAS name +in the text box. See the +[ExchangePS: Category](/docs/accessanalyzer/11.6/admin/datacollector/exchangeps/category.md) topic +for additional information. + +**Step 5 –** Navigate to the Summary page. Click **Finish**. + +The job now successfully targets Exchange 2013 and 2016 environments. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/sensitive-data.md b/docs/accessanalyzer/11.6/solutions/exchange/sensitive-data.md deleted file mode 100644 index 827cd1f02b..0000000000 --- a/docs/accessanalyzer/11.6/solutions/exchange/sensitive-data.md +++ /dev/null @@ -1,385 +0,0 @@ -# EX_Mailbox_SDD Job - -The EX_Mailbox_SDD job locates sensitive data found in mailboxes in the Exchange environment. - -Special Dependency - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - - - See the - [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) - topic for additional information - - **NOTE:** Though the job is visible within the console, it requires an additional installer - package before data collection occurs. - -## Queries for the EX_Mailbox_SDD Job - -The EX_Mailbox_SDD job uses the EWSMailbox Data Collector. - -![Queries for the EX_Mailbox_SDD Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp) - -The following query is included in the EX_Mailbox_SDD job: - -- Exchange Sensitive Data Discovery – Collects potentially-sensitive data from mailboxes - - - Set to search all mailboxes. It can be scoped. - - Default sensitive data criteria includes: - - - Birth Records - - Credit Cards - - Passwords - - Tax Forms - - US SSN - -- See the - [Configure the EWSMailbox Data Collector for the EX_Mailbox_SDD Job](#configure-the-ewsmailbox-data-collector-for-the-ex_mailbox_sdd-job) - topic for additional information - -### Configure the EWSMailbox Data Collector for the EX_Mailbox_SDD Job - -The Exchange Sensitive Data Discovery query has been preconfigured to run with the EWSMailbox Data -Collector to scan for sensitive data. - -Follow the steps to configure the scope of the EWSMailbox Data Collector: - -**Step 1 –** Navigate to the **Exchange** > **7. Sensitive Data** > **0. Collection** > -**EX_Mailbox_SDD** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the **Exchange Sensitive Data Discovery** query and -click**Query Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The EWS Mailbox Data Collector -Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![EWS Mailbox Data Collector Wizard Mailbox scope settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp) - -**Step 4 –** To scope the query for specific mailboxes, navigate to the Scope page. The query is -configured by default to target **All mailboxes**. Change the Mailboxes to be queried to **Select -mailboxes from list.**See the -[EWSMailbox: Scope](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -![EWS Mailbox Data Collector Wizard Scope select page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp) - -**Step 5 –** To retrieve available mailboxes, click **Retrieve** on the Scope Select page. Select -the desired mailboxes and click **Add**. See the -[EWSMailbox: Scope Select](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -![EWS Mailbox Data Collector Wizard SDD Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp) - -**Step 6 –** To enable storage of discovered sensitive data, navigate to the SDD Options page. -Sensitive data matches can be limited to reduce storage space. See the -[EWSMailbox: SDD Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -**NOTE:** By default, discovered sensitive data strings are not stored in the Enterprise Auditor -database. - -![EWS Mailbox Data Collector Wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -**Step 7 –** To modify criteria, navigate to the Criteria page. Add or remove criteria as desired. -See the -[EWSMailbox: Criteria](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -- (Optional) To create custom criteria, see the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information - -![EWS Mailbox Data Collector Wizard Filter page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp) - -**Step 8 –** To filter the scan to specific mailbox folders, navigate to the Filter page. Include or -exclude folders and attachments as desired. See the -[EWSMailbox Data Collector](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -- To modify the threshold for message size, set the **Limit message size to** value as desired. The - default is 2000 KB. -- To modify the threshold for large attachment size, set the **Limit attachment size to** value as - desired. The default is 2000 KB. - -![EWS Mailbox Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxresults.webp) - -**Step 9 –** Navigate to the Results page to select which properties are gathered based on category. -See the -[EWSMailbox: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -**NOTE:** By default, all categories are selected under sensitive data. - -**Step 10 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window - -The job now applies the modification to future job executions. - -## Analysis Tasks for the EX_Mailbox_SDD Job - -View the analysis task by navigating to the **Exchange** > **7.Sensitive Data** > -**EX_Mailbox_SDD** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_Mailbox_SDD Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp) - -The following analysis task is selected by default: - -- AIC Import - Exchange SSD – Imports Exchange sensitive data to the Access Information Center - -# EX_PublicFolder_SDD Job - -The EX_PublicFolder_SDD job locates sensitive data found in public folders in the Exchange -environment. - -Special Dependency - -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server - - - See the - [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) - topic for additional information - - **NOTE:** Though the job is visible within the console, it requires an additional installer - package before data collection occurs. - -## Queries for the EX_PublicFolder_SDD Job - -The EX_PublicFolder_SDD job uses the EWSPublicFolder Data Collector. - -![Queries for the EX_PublicFolder_SDD Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp) - -The following query is included in the EX_PublicFolder_SDD job: - -- Exchange Sensitive Data Discovery – Scans Exchange public folders for specified sensitive data - - - Set to search all public folders. It can be scoped. - - Default sensitive data criteria includes: - - - Birth Records - - Credit Cards - - Passwords - - Tax Forms - - US SSN - - - See the [Configure the EX_PublicFolder_SDD Query](#configure-the-ex_publicfolder_sdd-query) - topic for additional information - -### Configure the EX_PublicFolder_SDD Query - -The Exchange Sensitive Data Discovery query has been preconfigured to run with the EWSPublicFolder -Data Collector to scan for sensitive data. - -**Step 1 –** Navigate to the **Exchange** > **7. Sensitive Data** > **0. Collection** > -**EX_EWSPublicFolder_SDD** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select **Exchange Sensitive Data Discovery** and click -**Query Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The EWS Public Folder Data -Collector Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. - -![EWS Public Folder Data Collector Wizard SDD Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp) - -**Step 4 –** To enable storage of discovered sensitive data, navigate to the SDD Options page. -Sensitive data matches can be limited to reduce storage space. See the -[EWSPublicFolder: SDD Options](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic -for additional information. - -**NOTE:** By default, discovered sensitive data strings are not stored in the Enterprise Auditor -database. - -![EWS Public Folder Data Collector Wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -**Step 5 –** To modify criteria, navigate to the Criteria page. Add or remove criteria as desired. -See the -[EWSPublicFolder: Critieria](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) -topic for additional information. - -- (Optional) To create custom criteria, see the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information - -![EWS Public Folder Data Collector Wizard Filter Settings page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp) - -**Step 6 –** To filter the scan to specific mailbox folders, navigate to the Filter page. Include or -exclude folders and attachments as desired. See the -[EWSPublicFolder: Filter](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic -for additional information. - -- To modify the threshold for message size, set the **Limit message size to** value as desired. The - default is 2000 KB. -- To modify the threshold for large attachment size, set the **Limit attachment size to** value as - desired. The default is 2000 KB. - -![EWS Public Folder Data Collector Wizard Results page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderresults.webp) - -**Step 7 –** To select which properties are gathered based on category, navigate to the Results -page.  See the -[EWSPublicFolder: Results](/docs/accessanalyzer/11.6/data-collection/exchange/configuration.md) topic -for additional information. - -**NOTE:** By default, all categories are selected under sensitive data. - -**Step 8 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window - -The job applies the modification to future job executions. - -# 0.Collection Job Group - -The 0.Collection job group locates sensitive data found in mailboxes and public folders in the -Exchange environment. - -![0.Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The jobs in the 0.Collection job group are: - -- [EX_Mailbox_SDD Job](/docs/accessanalyzer/11.6/solutions/exchange/sensitive-data.md) - – Collects potentially sensitive data in mailboxes -- [EX_PublicFolder_SDD Job](/docs/accessanalyzer/11.6/solutions/exchange/sensitive-data.md) - – Collects potentially sensitive data in public folders - -# EX_SDDResults Job - -The EX_SDDResults job contains analyses and reports to provide insight into the types of sensitive -data that is located within Exchange mailboxes and public folders within the environment. - -## Analysis Tasks for the EX_SDDResults Job - -View the analysis tasks by navigating to the **Exchange** > **7. Sensitive Data** > -**EX_SDDResults** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_SDDResults Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/sddresultsanalysis.webp) - -The following analysis tasks are selected by default: - -- Mailbox Details – Creates the EX_SDDResults_MailboxDetails table, accessible under the job’s - Results node. Provides details regarding the number of matches that are found per item in each - mailbox. -- Mailbox Summary – Creates the EX_SDDResults_MailboxSummary table, accessible under the job’s - Results node. Summarizes the items found with matches. -- Public Folder Details – Creates the EX_SDDResults_PublicFolderDetails table, accessible under the - job’s Result node. Provides details regarding the number of matches that are found per item in - each public folder. -- Public Folder Mailstore Summary – Creates the EX_SDDResults_PublicFolderSummary table, accessible - under the job’s Results node. Summarizes the items found with matches. -- Enterprise Summary – Creates the EX_SDDResults_EnterpriseSummary table, accessible under the job’s - Results node. Summarizes the type and amount of sensitive content found in the environment. - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **Deletes all Stored Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- Deletes all Stored Data - LEAVE UNCHECKED – Clears all historical SDD data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/metrics-analysis.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_SDDResults Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary (Sensitive Content) | This report identifies the type and amount of sensitive content found in scanned mailboxes. | None | This report is comprised of two elements: - Bar Chart – Displays exceptions by item count - Table – Provides a criteria summary | -| Mailbox Details (Mailboxes with Sensitive Content) | This report identifies the mailboxes containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top mailboxes by sensitive item count - Table – Provides mailbox details - Table – Provides details on top mailboxes by sensitive item count | -| Public Folder Details (Public Folders with Sensitive Content) | This report identifies the public folders containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top folders by sensitive data item count - Table – Provides public folder details - Table – Provides details on top folders by sensitive item count | - -# 7.Sensitive Data Job Group - -The 7. Sensitive Data job group is comprised of jobs which locate sensitive data found in mailboxes -and public folders in the Exchange environment. - -![7.Sensitive Data Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following comprise the 7. Sensitive Data job group: - -**NOTE:** These jobs are compatible with the Office 365 environment. - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/exchange/sensitive-data.md) - – Locates sensitive data found in mailboxes and public folders in the Exchange environment -- [EX_SDDResults Job](/docs/accessanalyzer/11.6/solutions/exchange/sensitive-data.md) - – Contains analyses and reports to provide insight into the types of sensitive data that was - located within Exchange mailboxes and public folders within the environment - -The 7. Sensitive Data job group is comprised of jobs that utilize the EWSMailbox and EWSPublicFolder -Data Collectors to locate sensitive data found in mailboxes and public folders in the Exchange -environment. It also contains analysis and reporting jobs to order and analyze the data returned by -the queries. See the -[Exchange](/docs/accessanalyzer/11.6/administration/settings/exchange.md) -topic for additional information. - -# Recommended Configurations for the 7. Sensitive Data Job Group - -Dependencies - -This job group requires the following item to be installed and configured on the Enterprise Auditor -Console: - -- Enterprise Auditor Sensitive Data Add-On installed - -The following job groups need to be successfully run: - -- .Active Directory Inventory Job Group - -Targeted Hosts - -The 0.Collection Job Group needs to be set to run against: - -- Local host - -The **0.Collection** > **EX_Mailbox_SDD** and **0.Collection** > **EX_PublicFolder_SDD** jobs need -to be set to run against the version-appropriate default dynamic host list: - -- Exchange 2010 MB Servers -- Exchange 2013 MB Servers -- Exchange 2016 MB Servers -- Exchange 2019 MB Servers - -**NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which meet -the host inventory criteria for the list. Ensure the appropriate host lists have been populated -through host inventory results. - -Connection Profile - -A Connection Profile must be set directly on jobs within the 0.Collection job group. See the -[Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for the EX_PFInfo job requirements. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -This job group has been designed to run as desired. - -Query Configuration - -The 7. Sensitive Data Job Group is designed to be run with the default query configurations. -However, the following queries can be modified: - -- **0.Collection** > **EX_Mailbox_SDD** Job – **Exchange Sensitive Data Discovery** Query -- **0.Collection** > **EX_PublicFolder_SDD** Job – **Exchange Sensitive Data Discovery** Query - -No other queries should be modified. - -Workflow - -**Step 1 –** Set the host on the EX_Mailbox_SDD or EX_PublicFolder_SDD job. - -**Step 2 –** Set a Connection Profile on the jobs which run data collection. - -**Step 3 –** Schedule the 7. Sensitive Data job group to run as desired. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/ex_mailbox_sdd.md b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/ex_mailbox_sdd.md new file mode 100644 index 0000000000..67c4984ca6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/ex_mailbox_sdd.md @@ -0,0 +1,132 @@ +# EX_Mailbox_SDD Job + +The EX_Mailbox_SDD job locates sensitive data found in mailboxes in the Exchange environment. + +Special Dependency + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + + - See the + [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) + topic for additional information + + **NOTE:** Though the job is visible within the console, it requires an additional installer + package before data collection occurs. + +## Queries for the EX_Mailbox_SDD Job + +The EX_Mailbox_SDD job uses the EWSMailbox Data Collector. + +![Queries for the EX_Mailbox_SDD Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp) + +The following query is included in the EX_Mailbox_SDD job: + +- Exchange Sensitive Data Discovery – Collects potentially-sensitive data from mailboxes + + - Set to search all mailboxes. It can be scoped. + - Default sensitive data criteria includes: + + - Birth Records + - Credit Cards + - Passwords + - Tax Forms + - US SSN + +- See the + [Configure the EWSMailbox Data Collector for the EX_Mailbox_SDD Job](#configure-the-ewsmailbox-data-collector-for-the-ex_mailbox_sdd-job) + topic for additional information + +### Configure the EWSMailbox Data Collector for the EX_Mailbox_SDD Job + +The Exchange Sensitive Data Discovery query has been preconfigured to run with the EWSMailbox Data +Collector to scan for sensitive data. + +Follow the steps to configure the scope of the EWSMailbox Data Collector: + +**Step 1 –** Navigate to the **Exchange** > **7. Sensitive Data** > **0. Collection** > +**EX_Mailbox_SDD** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the **Exchange Sensitive Data Discovery** query and +click**Query Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The EWS Mailbox Data Collector +Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![EWS Mailbox Data Collector Wizard Mailbox scope settings page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp) + +**Step 4 –** To scope the query for specific mailboxes, navigate to the Scope page. The query is +configured by default to target **All mailboxes**. Change the Mailboxes to be queried to **Select +mailboxes from list.**See the +[EWSMailbox: Scope](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scope.md) +topic for additional information. + +![EWS Mailbox Data Collector Wizard Scope select page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp) + +**Step 5 –** To retrieve available mailboxes, click **Retrieve** on the Scope Select page. Select +the desired mailboxes and click **Add**. See the +[EWSMailbox: Scope Select](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scopeselect.md) +topic for additional information. + +![EWS Mailbox Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.webp) + +**Step 6 –** To enable storage of discovered sensitive data, navigate to the SDD Options page. +Sensitive data matches can be limited to reduce storage space. See the +[EWSMailbox: SDD Options](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.md) +topic for additional information. + +**NOTE:** By default, discovered sensitive data strings are not stored in the Enterprise Auditor +database. + +![EWS Mailbox Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +**Step 7 –** To modify criteria, navigate to the Criteria page. Add or remove criteria as desired. +See the +[EWSMailbox: Criteria](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.md) +topic for additional information. + +- (Optional) To create custom criteria, see the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information + +![EWS Mailbox Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp) + +**Step 8 –** To filter the scan to specific mailbox folders, navigate to the Filter page. Include or +exclude folders and attachments as desired. See the +[EWSMailbox Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/overview.md) +topic for additional information. + +- To modify the threshold for message size, set the **Limit message size to** value as desired. The + default is 2000 KB. +- To modify the threshold for large attachment size, set the **Limit attachment size to** value as + desired. The default is 2000 KB. + +![EWS Mailbox Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxresults.webp) + +**Step 9 –** Navigate to the Results page to select which properties are gathered based on category. +See the +[EWSMailbox: Results](/docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/results.md) +topic for additional information. + +**NOTE:** By default, all categories are selected under sensitive data. + +**Step 10 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window + +The job now applies the modification to future job executions. + +## Analysis Tasks for the EX_Mailbox_SDD Job + +View the analysis task by navigating to the **Exchange** > **7.Sensitive Data** > +**EX_Mailbox_SDD** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_Mailbox_SDD Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp) + +The following analysis task is selected by default: + +- AIC Import - Exchange SSD – Imports Exchange sensitive data to the Access Information Center diff --git a/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/ex_publicfolder_sdd.md b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/ex_publicfolder_sdd.md new file mode 100644 index 0000000000..116bec7823 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/ex_publicfolder_sdd.md @@ -0,0 +1,100 @@ +# EX_PublicFolder_SDD Job + +The EX_PublicFolder_SDD job locates sensitive data found in public folders in the Exchange +environment. + +Special Dependency + +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server + + - See the + [Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) + topic for additional information + + **NOTE:** Though the job is visible within the console, it requires an additional installer + package before data collection occurs. + +## Queries for the EX_PublicFolder_SDD Job + +The EX_PublicFolder_SDD job uses the EWSPublicFolder Data Collector. + +![Queries for the EX_PublicFolder_SDD Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp) + +The following query is included in the EX_PublicFolder_SDD job: + +- Exchange Sensitive Data Discovery – Scans Exchange public folders for specified sensitive data + + - Set to search all public folders. It can be scoped. + - Default sensitive data criteria includes: + + - Birth Records + - Credit Cards + - Passwords + - Tax Forms + - US SSN + + - See the [Configure the EX_PublicFolder_SDD Query](#configure-the-ex_publicfolder_sdd-query) + topic for additional information + +### Configure the EX_PublicFolder_SDD Query + +The Exchange Sensitive Data Discovery query has been preconfigured to run with the EWSPublicFolder +Data Collector to scan for sensitive data. + +**Step 1 –** Navigate to the **Exchange** > **7. Sensitive Data** > **0. Collection** > +**EX_EWSPublicFolder_SDD** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select **Exchange Sensitive Data Discovery** and click +**Query Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The EWS Public Folder Data +Collector Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. + +![EWS Public Folder Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.webp) + +**Step 4 –** To enable storage of discovered sensitive data, navigate to the SDD Options page. +Sensitive data matches can be limited to reduce storage space. See the +[EWSPublicFolder: SDD Options](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/sddoptions.md) topic +for additional information. + +**NOTE:** By default, discovered sensitive data strings are not stored in the Enterprise Auditor +database. + +![EWS Public Folder Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) + +**Step 5 –** To modify criteria, navigate to the Criteria page. Add or remove criteria as desired. +See the +[EWSPublicFolder: Critieria](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/critieria.md) +topic for additional information. + +- (Optional) To create custom criteria, see the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information + +![EWS Public Folder Data Collector Wizard Filter Settings page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp) + +**Step 6 –** To filter the scan to specific mailbox folders, navigate to the Filter page. Include or +exclude folders and attachments as desired. See the +[EWSPublicFolder: Filter](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filter.md) topic +for additional information. + +- To modify the threshold for message size, set the **Limit message size to** value as desired. The + default is 2000 KB. +- To modify the threshold for large attachment size, set the **Limit attachment size to** value as + desired. The default is 2000 KB. + +![EWS Public Folder Data Collector Wizard Results page](/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/publicfolderresults.webp) + +**Step 7 –** To select which properties are gathered based on category, navigate to the Results +page.  See the +[EWSPublicFolder: Results](/docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/results.md) topic +for additional information. + +**NOTE:** By default, all categories are selected under sensitive data. + +**Step 8 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window + +The job applies the modification to future job executions. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/overview.md new file mode 100644 index 0000000000..15cd11deef --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/overview.md @@ -0,0 +1,13 @@ +# 0.Collection Job Group + +The 0.Collection job group locates sensitive data found in mailboxes and public folders in the +Exchange environment. + +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The jobs in the 0.Collection job group are: + +- [EX_Mailbox_SDD Job](/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/ex_mailbox_sdd.md) + – Collects potentially sensitive data in mailboxes +- [EX_PublicFolder_SDD Job](/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/ex_publicfolder_sdd.md) + – Collects potentially sensitive data in public folders diff --git a/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/ex_sddresults.md b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/ex_sddresults.md new file mode 100644 index 0000000000..876e7c25e8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/ex_sddresults.md @@ -0,0 +1,50 @@ +# EX_SDDResults Job + +The EX_SDDResults job contains analyses and reports to provide insight into the types of sensitive +data that is located within Exchange mailboxes and public folders within the environment. + +## Analysis Tasks for the EX_SDDResults Job + +View the analysis tasks by navigating to the **Exchange** > **7. Sensitive Data** > +**EX_SDDResults** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_SDDResults Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/sddresultsanalysis.webp) + +The following analysis tasks are selected by default: + +- Mailbox Details – Creates the EX_SDDResults_MailboxDetails table, accessible under the job’s + Results node. Provides details regarding the number of matches that are found per item in each + mailbox. +- Mailbox Summary – Creates the EX_SDDResults_MailboxSummary table, accessible under the job’s + Results node. Summarizes the items found with matches. +- Public Folder Details – Creates the EX_SDDResults_PublicFolderDetails table, accessible under the + job’s Result node. Provides details regarding the number of matches that are found per item in + each public folder. +- Public Folder Mailstore Summary – Creates the EX_SDDResults_PublicFolderSummary table, accessible + under the job’s Results node. Summarizes the items found with matches. +- Enterprise Summary – Creates the EX_SDDResults_EnterpriseSummary table, accessible under the job’s + Results node. Summarizes the type and amount of sensitive content found in the environment. + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **Deletes all Stored Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- Deletes all Stored Data - LEAVE UNCHECKED – Clears all historical SDD data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_SDDResults Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary (Sensitive Content) | This report identifies the type and amount of sensitive content found in scanned mailboxes. | None | This report is comprised of two elements: - Bar Chart – Displays exceptions by item count - Table – Provides a criteria summary | +| Mailbox Details (Mailboxes with Sensitive Content) | This report identifies the mailboxes containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top mailboxes by sensitive item count - Table – Provides mailbox details - Table – Provides details on top mailboxes by sensitive item count | +| Public Folder Details (Public Folders with Sensitive Content) | This report identifies the public folders containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top folders by sensitive data item count - Table – Provides public folder details - Table – Provides details on top folders by sensitive item count | diff --git a/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/overview.md b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/overview.md new file mode 100644 index 0000000000..e1b0078d0b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/overview.md @@ -0,0 +1,23 @@ +# 7.Sensitive Data Job Group + +The 7. Sensitive Data job group is comprised of jobs which locate sensitive data found in mailboxes +and public folders in the Exchange environment. + +![7.Sensitive Data Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The following comprise the 7. Sensitive Data job group: + +**NOTE:** These jobs are compatible with the Office 365 environment. + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/overview.md) + – Locates sensitive data found in mailboxes and public folders in the Exchange environment +- [EX_SDDResults Job](/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/ex_sddresults.md) + – Contains analyses and reports to provide insight into the types of sensitive data that was + located within Exchange mailboxes and public folders within the environment + +The 7. Sensitive Data job group is comprised of jobs that utilize the EWSMailbox and EWSPublicFolder +Data Collectors to locate sensitive data found in mailboxes and public folders in the Exchange +environment. It also contains analysis and reporting jobs to order and analyze the data returned by +the queries. See the +[Exchange](/docs/accessanalyzer/11.6/admin/settings/exchange.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/recommended.md b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/recommended.md new file mode 100644 index 0000000000..88cb60ac2c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/recommended.md @@ -0,0 +1,62 @@ +# Recommended Configurations for the 7. Sensitive Data Job Group + +Dependencies + +This job group requires the following item to be installed and configured on the Enterprise Auditor +Console: + +- Enterprise Auditor Sensitive Data Add-On installed + +The following job groups need to be successfully run: + +- .Active Directory Inventory Job Group + +Targeted Hosts + +The 0.Collection Job Group needs to be set to run against: + +- Local host + +The **0.Collection** > **EX_Mailbox_SDD** and **0.Collection** > **EX_PublicFolder_SDD** jobs need +to be set to run against the version-appropriate default dynamic host list: + +- Exchange 2010 MB Servers +- Exchange 2013 MB Servers +- Exchange 2016 MB Servers +- Exchange 2019 MB Servers + +**NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which meet +the host inventory criteria for the list. Ensure the appropriate host lists have been populated +through host inventory results. + +Connection Profile + +A Connection Profile must be set directly on jobs within the 0.Collection job group. See the +[Exchange Web Services API Permissions](/docs/accessanalyzer/11.6/requirements/solutions/exchange/webservicesapi.md) +topic for the EX_PFInfo job requirements. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +This job group has been designed to run as desired. + +Query Configuration + +The 7. Sensitive Data Job Group is designed to be run with the default query configurations. +However, the following queries can be modified: + +- **0.Collection** > **EX_Mailbox_SDD** Job – **Exchange Sensitive Data Discovery** Query +- **0.Collection** > **EX_PublicFolder_SDD** Job – **Exchange Sensitive Data Discovery** Query + +No other queries should be modified. + +Workflow + +**Step 1 –** Set the host on the EX_Mailbox_SDD or EX_PublicFolder_SDD job. + +**Step 2 –** Set a Connection Profile on the jobs which run data collection. + +**Step 3 –** Schedule the 7. Sensitive Data job group to run as desired. diff --git a/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md b/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md deleted file mode 100644 index 82e05c76d9..0000000000 --- a/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md +++ /dev/null @@ -1,863 +0,0 @@ -# FS_Deletions Job - -The FS_Deletions job is designed to report on deletion activity event information from targeted file -servers. - -## Analysis Tasks for the FS_Deletions Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Forensics** > -**FS_Deletions** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_Deletions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/deletionsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create deletions view – Creates the SA_FSAC_DeletesView view accessible under the job’s - Results node -- 2. Last 30 Days – Creates the SA_FS_Deletions_Last30Days table accessible under the job’s - Results node -- 3. Trend – Creates the SA_FS_Deletions_TrendOverTime table accessible under the job’s Results - node -- 4. Create view to alert - Past 24 hours – Creates the SA_FS_Deletions_Notification_NOTIFICATION - table accessible under the job’s Results node -- 6. Raw Details – Creates the SA_FS_Deletions_Details view accessible under the job’s Results - node - -The Notification analysis task is an optional analysis task which requires configuration before -enabling it. The following analysis task is deselected by default: - -- 5. Notify on large number of deletes – Alerts when large number of deletions have occurred - - - Add recipients, notification subject, and email content - - See the [Configure the Notification Analysis Task](#configure-the-notification-analysis-task) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the FS_Deletions job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------- | -| File and Folder Deletions (Deletion Events) | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Line Chart– Displays the last 30 Days - Table – Provides details on deletions | - -### Configure the Notification Analysis Task - -A Notification analysis task sends email notification to recipients when the job is executed. It -requires the global **Notification** settings to be configured (**Settings** > **Notifications**) -for SMTP server information, but it uses the recipient list provided through the analysis task. -Follow the steps to configure a notification analysis task. - -**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. - -**Step 2 –** In the Analysis Selection view, select the Notification analysis task and click -**Analysis Configuration** . The Notification Data Analysis Module wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Notification Data Analysis Module wizard SMTP page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtp.webp) - -**Step 3 –** Navigate to the SMTP page of the wizard. - -![Recipients section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp) - -**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully -qualified address) for those who are to receive this notification. Multiple addresses can be -provided. You can use the following options: - -- Add – Add an email address to the E-mail field -- Remove – Remove an email address from the Recipients list -- Combine multiple messages into single message – Sends one email for all objects in the record set - instead of one email per object to all recipients - - **_RECOMMENDED:_** Leave the **Combine multiple messages into single message** option selected. - -![Message section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp) - -**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any -parameters. Then, customize the email content in the textbox to provide an explanation of the -notification to the recipients. - -**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. The Notification Data Analysis Module wizard closes. - -**Step 7 –** This Notification analysis task is now configured to send emails to the provided -recipient list. In the Analysis Selection view, select this task so that notifications can be sent -automatically during the execution of the job. - -_Remember,_ all of the analysis tasks should remain in the default order indicated by the numbering. -Do not deselect any of the SQLscripting analysis tasks. - -Once the Notification analysis task is configured and enabled alerts are sent when the trigger has -been identified by this job. - -# FS_PermissionChanges Job - -The FS_PermissionChanges job is designed to report on permission change activity event information -from targeted file servers. - -## Analysis Tasks for the FS_PermissionChanges Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Forensics** > -**FS_PermissionChanges** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_PermissionChanges Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/permissionchangesanalysis.webp) - -The following analysis tasks are selected by default: - -- 0. Create Permission Change Events Table – Creates an interim processing table in the database - for use by downstream analysis and report generation -- 1. Create Permission Changes Table and View – Creates the SA_ENG_PermissionChangesView view - accessible under the job’s Results node -- 2. Last 30 Days – Creates the SA_FS_PermissionChanges_Last30Days table accessible under the - job’s Results node -- 3. Trend – Creates the SA_FS_PermissionChanges_TrendOverTime table accessible under the job’s - Results node -- 4. Create view to notify on - By user, per share, for the past 24 hours – Creates the - SA_FS_PermissionChanges_Notification_NOTIFICATION table accessible under the job’s Results - node -- 6. Raw Details – Creates the SA_FS_PermissionChanges_Details view accessible under the job’s - Results node -- 7. High risk permission changes – Creates the SA_FS_PermissionChanges_HighRisk table accessible - under the job’s Results node -- 8. High risk permission changes summary – Creates the SA_FS_PermissionChanges_HighRiskSummary - table accessible under the job’s Results node - -The Notification analysis task is an optional analysis task which requires configuration before -enabling it. The following analysis task is deselected by default: - -- 5. Alert on Permission Changes – Alerts when permission changes have occurred - - - Add recipients, notification subject, and email content - - See the - [Configure the Notification Analysis Task](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md#configure-the-notification-analysis-task) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the FS_PermissionChanges job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| High Risk Changes | This report highlights successful permission changes performed on a high risk trustee. The line chart shows data for the past 30 days only. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Line Chart– Displays last 30 days of high risk changes - Table – Provides details on high risk changes | -| Permission Changes | This report identifies all resources where successful permission changes have occurred. The line chart shows data for the past 30 days only. | None | This report is comprised of two elements: - Line Chart– Displays last 30 days of permission changes - Table – Provides details on permission changes | - -# Forensics Job Group - -The Forensics job group is designed to report on forensic related activity event information from -targeted file servers. - -![Forensics Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The Forensics job group is comprised of: - -- [FS_Deletions Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on deletion activity event information from targeted file servers - - - Includes a Notification analysis task option - - Requires **Access Auditing** component data collection - -- [FS_PermissionChanges Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on permission change activity event information from targeted file servers - - - Includes a Notification analysis task option - - Requires **Access Auditing** component data collection - -# Least Privileged Access > FS_LeastPrivilegedAccess Job - -The FS_LeastPrivilegedAccess job is designed to report on activity event information that can assist -in identifying least privilege from targeted file servers. It identifies where trustees are not -leveraging their permissions to resources from targeted file servers. Requires **Access Auditing** -component data collection. - -![Least Privileged Access > FS_LeastPrivilegedAccess Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp) - -The FS_LeastPrivilegedAccess job is located in the Least Privileged Access job group. - -## Analysis Tasks for the FS_LeastPrivilegedAccess Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Least Privileged -Access** > **FS_LeastPrivilegedAccess** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_LeastPrivilegedAccess Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Join Activity Data to Share – Creates the SA_FS_LeastPrivilegedAccess_ActivityByShare table - accessible under the job’s Results node -- 2. Get Effective Share Access for all Shares with Activity – Creates the - SA_FS_LeastPrivilegedAccess_EffectiveShareAccess table accessible under the job’s Results - node -- 3. Compare Users activity to access – Creates the SA_FS_LeastPrivilegedAccess_Comparision table - accessible under the job’s Results node -- 4. Summarize Comparison by Share – Creates an interim processing table in the database for use - by downstream analysis and report generation -- 5. Rollup by Share - Pie Chart – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 6. Summarize Entitlement Usage - Enterprise Wide – Creates interim processing tables in the - database for use by downstream analysis and report generation -- 7. Recommend Changes to Group ACLs – Creates the SA_FS_LeastPrivilegedAccess_RecommendedChanges - table accessible under the job’s Results node -- 8. Resource Based Groups – Creates the SA_FS_LeastPrivilegedAccess_ResourceGroups table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_LeastPrivilegedAccess job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Overprovisioning Risk by Share | This report identifies shares with the largest amount of unutilized entitlements and assigns a risk rating to each one. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – Displays shares by overprovisioning risk - Table – Provides details on shares by overprovisioning risk | -| Overprovisioning Summary | This report shows the percentage of all entitlements which are being used. An entitlement refers to one user's access to one folder. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – entitlements by level of usage - Table – Provides details on entitlements | -| Remediation | If all members of a group are not using their full access, then modification to group permissions on the share will be suggested here. | None | This report is comprised of one element: - Table – Provides details on recommended changes to permissions | - -# 5.Activity Job Group - -The 5.Activity job group is designed to report on activity event information from targeted file -servers. - -![5.Activity Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 5.Activity job group is comprised of: - -- [Forensics Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on forensic related activity event information from targeted file servers -- [Least Privileged Access > FS_LeastPrivilegedAccess Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on activity event information that can assist in identifying least privilege - from targeted file servers -- [Security Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on security related activity event information from targeted file servers -- [Suspicious Activity Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on potentially suspicious activity event information from targeted file - servers -- [Usage Statistics Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on usage statistics from targeted file servers - -# FS_AdminActvity Job - -The FS_AdminActivity job is designed to report on administrator related activity event information -from targeted file servers. - -## Analysis Tasks for the FS_AdminActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > -**FS_AdminActivity** > **Configure** node and select Analysis. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_AdminActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/adminactivityanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create Admin Activity View – Creates an interim processing view in the database for use by - downstream analysis and report generation -- 2. Effective Access to Locations with Admin Activity – Creates an interim processing table in - the database for use by downstream analysis and report generation -- 3. Suspicious Admin Activity – Creates the SA_FS_AdminActivity_SuspiciousActivity table - accessible under the job’s Results node -- 4. Operations Overview – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 5. Rank admins by activity – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 6. Pivot Admin Activity for Details Report – Creates an interim processing table in the database - for use by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the FS_AdminActivity job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------- | ---------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Administrator Activity Details | This report shows the details of administrator activity on file shares. | None | This report is comprised of one element: - Table – Provides details on last 30 days of administrator activity | -| Administrator Activity Overview | This report identifies the types of actions administrators are performing across your network. | None | This report is comprised of two elements: - Pie Chart – Displays last 30 days of administrator activity - Table – Provides details on types of actions | -| Most Active Administrators | This report ranks administrators by number of shares they have activity in. | None | This report is comprised of two elements: - Bar Chart – Displays last 30 days of administrator activity - Table – Provides details on administrator activity | -| Suspicious Admin Activity | This report highlights all administrator reads in shares where they do not have access. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table – Provides details on last 30 days of administrator activity | - -# FS_HighRiskActivity Job - -The FS_HighRiskActivity job is designed to report on high risk activity event information from -targeted file servers. - -## Analysis Tasks for the FS_HighRiskActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > -**FS_HighRiskActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_HighRiskActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/highriskactivityanalysis.webp) - -- 0. Drop Tables – Drops tables from previous runs -- 1. Analyze for High Risk Activity – Creates the SA_FS_HighRiskActivity_HighRiskUserActivity - table accessible under the job’s Results node -- 2. Pivot High Risk Activity – Creates the SA_FS_HighRiskActivity_HighRiskDetails table - accessible under the job’s Results node -- 3. Summarize Share Activity – Creates the SA_FS_HighRiskActivity_ShareSummary table accessible - under the job’s Results node -- 4. Global User Activity – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the FS_HighRiskActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| High Risk Activity | High Risk Activity is any action performed by a user who has access to a particular resource only through a High Risk Trustee (for example, Everyone, Authenticated Users, or Domain Users). Unless action is taken, these users will lose access once the open access is remediated. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays last 30 days of activity - Table – Provides details on activity by user - Table – Provides details on activity by share | - -# FS_LocalUserActivity Job - -The FS_LocalUserActivity job is designed to report on local user activity event information from -targeted file servers. - -## Analysis Tasks for the LocalUserActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > -**FS_LocalUserActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the LocalUserActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/localuseractivityanalysis.webp) - -- 1. Local User Activity Details – Creates the SA_FS_LocalUserActivity_Details table accessible - under the job’s Results node -- 2. Top Local User Accounts – Creates the SA_FS_LocalUserActivity_TopUsers table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_LocalUserActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ---------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Local User Activity | This report identifies local accounts with file system activity. | None | This report is comprised of two elements: - Bar Chart – Displays top local user account activity (last 30 days) - Table – Provides details on local user activity | - -# Security Job Group - -The Security job group is designed to report on security related activity event information from -targeted file servers. - -![Security Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The Security Job Group is comprised of: - -- [FS_AdminActvity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on administrator related activity event information from targeted file - servers - - - Requires **Access Auditing** component data collection - -- [FS_HighRiskActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on high risk activity event information from targeted file servers - - - Requires **Access Auditing** component data collection - -- [FS_LocalUserActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on local user activity event information from targeted file servers - -# FS_DeniedActivity Job - -The FS_DeniedActivity job is designed to report on denied activity event information from targeted -file servers. - -## Analysis Tasks for the FS_DeniedActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_DeniedActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_DeniedActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp) - -The following analysis tasks are selected by default: - -- Denied Activity Hourly Summary – Creates the SA_FS_DeniedActivity_HourlySummary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_DeniedActivity job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Denied Activity | This report highlights high periods of denied user activity during the past 30 days. | None | This report is comprised of two elements: - Bar Chart – Displays top denied periods for the last 30 days - Table – Provides details on denied activity | - -# FS_HighestHourlyActivity Job - -The FS_HighestHourlyActivity job is designed to report on the highest hourly activity event -information from targeted file servers broken down by user. - -## Analysis Tasks for the FS_HighestHourlyActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_HighestHourlyActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_HighestHourlyActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp) - -The following analysis task is selected by default: - -- Users Ranked – Creates the SA_FS_HighestHourlyActivity_UsersRanked table accessible under the - job’s Results node - -The following analysis task is deselected by default: - -- Create notifications view – Restores the SA_FS_HighestHourlyActivity_Last24Hours_NOTIFICATION view - to be visible under the job’s Results node - -The Notification analysis task is an optional analysis task which requires configuration before -enabling it. The following analysis task is deselected by default: - -- Hour Activity Notification – Alerts when large amounts of activity for a user have occurred within - an hour - - - Add recipients, notification subject, and email content - - See the - [Configure the Notification Analysis Task](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md#configure-the-notification-analysis-task) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the FS_HighestHourlyActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------ | -| Unusual User Activity | This report identifies user accounts and time ranges where there was the largest and widest amount of activity across the file system. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal user activity - Table – Provides details on hourly user activity | - -# FS_HourlyShareActivity Job - -The FS_HourlyShareActivity job is designed to report on the highest hourly activity event -information from targeted file servers broken down by share. - -## Analysis Tasks for the FS_HourlyShareActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_HourlyShareActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_HourlyShareActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp) - -The following analysis task is selected by default: - -- Summarize hourly norms and deviations – Creates the SA_FS_HourlyShareActivity_Deviations table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_HourlyShareActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------- | -| Unusual Share Activity | This report will show any outliers in hourly share activity, broken down by day of week and hour. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal share activity - Table – Provides details on share activity | - -# FS_ModifiedBinaries Job - -The FS_ModifiedBinaries job is designed to report on activity event information where binaries were -modified from targeted file servers. - -## Analysis Tasks for the FS_ModifiedBinaries Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_ModifiedBinaries** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_ModifiedBinaries Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp) - -The following analysis task is selected by default: - -- Summarize modifications to binaries - - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_FS_ModifiedBinaries_Summary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_ModifiedBinaries job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| First Time Binary Modifications | This report highlights recent instances where users have modified binaries for the first time. | None | This report is comprised of two elements: - Bar Chart – Displays first time binary modifications by host - Table – Provides details on modified binaries | - -# FS_PeerGroupActivity Job - -The FS_PeerGroupActivity job is designed to report on abnormal activity event information based on -peer group analysis from targeted file servers. - -## Analysis Tasks for the FS_PeerGroupActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_PeerGroupActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_PeerGroupActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp) - -- Summarize Hourly Norms and Deviations – Creates the SA_FS_PeerGroupActivity_Details table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_PeerGroupActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------- | -| Unusual Peer Group Activity | This report highlights unusual periods of activity based on peer group analysis. When a user accesses an abnormal amount of data from outside of their own department, the failure of separation of duties can indicate a security threat. | None | This report is comprised of one element: - Table – Provides details on abnormal peer group activity | - -# FS_Ransomware Job - -The FS_Ransomware job is comprised of analysis and reports which use the data collected by the -**0.Collection** job group to provide information on periods of time in which users are responsible -for an abnormally high number of updates. This can be indicative of ransomware. Additionally, -activity involving files which are known as ransomware artifacts is highlighted. - -## Analysis Tasks for the FS_Ransomeware Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_Ransomware** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_Ransomeware Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp) - -The following analysis tasks are selected by default: - -- Summarize Hourly Norms and Deviations – Creates the SA_FS_Ransomware_Details table accessible - under the job’s Results node -- Summarize activity on known ransomware artifacts - - - Creates the SA_FS_Ransomware_Artifacts table accessible under the job’s Results node - - Creates an interim processing table in the database for use by downstream analysis and report - generation - -In addition to the tables and views created by the analysis tasks, the FS_Ransomware job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Ransomware Activity | This report summarizes Add or Rename activity involving known ransomware artifacts. | None | This report is comprised of three elements: - Bar Chart – Displays top ransomware patterns - Table – Provides details on ransomware activity - Table – Provides summary of ransomware by pattern | -| Unusual Write Activity (Ransomware) | This report highlights periods of abnormally high update activity involving shared resources. This can be indicative of ransomware attacks. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal update activity - Table – Provides details on abnormal update activity | - -# FS_SensitiveDataActivity Job - -The FS_SensitiveDataActivity job is designed to report on activity event information on resources -identified to contain sensitive information from targeted file servers. - -## Analysis Tasks for the FS_SensitiveDataActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_SensitiveDataActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_SensitiveDataActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp) - -The following analysis tasks are selected by default: - -- Summarize Hourly Norms and Deviations – Creates the SA_FS_SensitiveDataActivity_Details table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_SensitiveDataActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ------------------------------------------------------------------------------------ | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Sensitive Data Activity | This report highlights periods of abnormally high activity involving sensitive data. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays abnormal sensitive data activity - Table – Provides details on sensitive data activity | - -# FS_StaleFileActivity Job - -The FS_StaleFileActivity job is designed to report on user activity event information involving -stale files from targeted file servers. - -## Analysis Tasks for the FS_StaleFileActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_StaleFileActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_StaleFileActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp) - -- Summarize Hourly Norms and Deviations – Creates the SA_FS_StaleFileActivity_Details table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_StaleFileActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | -------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Stale File Activity | This report highlights periods of abnormally high activity involving stale shared resources. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal stale file activity - Table – Provides details on abnormal stale file activity | - -# FS_UserShareActivity Job - -The FS_UserShareActivity job is designed to report on normal user activity within a share from -targeted file servers. - -## Analysis Tasks for the FS_UserShareActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_UserShareActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_UserShareActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp) - -- Track Latest Activity Per User Per Share – Creates the SA_FS_UserShareActivity_LatestActivity - table accessible under the job’s Results node -- Average days since last Access – Creates the SA_FS_UserShareActivity_ShareSummary table accessible - under the job’s Results node -- New Access Last Week – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis tasks, the FS_UserShareActivity job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| First Time Share Activity by User | This report shows the last date that a user accessed a share, ordered by the oldest activity. This lack of access may indicate unused permissions. | None | This report is comprised of two elements: - Bar Chart – Displays shares with new users accessing data - past 7 days - Table – Provides details on first time share access | -| Longest Inactivity | This report shows which users have returned to a share after the longest periods of inactivity. | None | This report is comprised of one element: - Table – Provides details on user share activity | - -# FS_WeekendActivity Job - -The FS_WeekendActivity job is comprised of analysis and reports which use the data collected by the -**0.Collection** job group to provide information on weekend file server activity and the user -accounts which perform the most weekend activity. Best practices often dictate monitoring of weekend -activity for potential security concerns. - -## Analysis Tasks for the FS_WeekendActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_WeekendActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_WeekendActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp) - -The following analysis tasks are selected by default: - -- Weekend Activity – Creates the SA_FS_WeekendActivity_Details table accessible under the job’s - Results node -- User Summary – Creates the SA_FS_WeekendActivity_UserSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the FS_WeekendActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------- | ------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Weekend Activity (Most Active Users on Weekend) | This report shows users who are active on the weekend inside file shares. | None | This report is comprised of two elements: - Bar Chart – Displays weekend share activity - top 5 users - Table – Provides details on weekend share activity by user | - -# Suspicious Activity Job Group - -The Suspicious Activity job group is designed to report on potentially suspicious activity event -information from targeted file servers. - -![Suspicious Activity Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The Suspicious Activity job group is comprised of: - -- [FS_DeniedActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on denied activity event information from targeted file servers - - - Requires **Access Auditing** component data collection - - [FS_HighestHourlyActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on the highest hourly activity event information from targeted file servers - broken down by user - - - Includes a Notification analysis task option - - Requires **Access Auditing** component data collection - -- [FS_HourlyShareActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on the highest hourly activity event information from targeted file servers - broken down by share - - - Requires **Access Auditing** component data collection - -- [FS_ModifiedBinaries Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on activity event information where binaries were modified from targeted file - servers - - - Requires **Access Auditing** component data collection - -- [FS_PeerGroupActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on abnormal activity event information based on peer group analysis from - targeted file servers - - - Requires **Access Auditing** component data collection - - Requires Ownership be assigned within the Access Information Center. See the Resource Owners - Overview topic in the - [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) - for additional information. - -- [FS_Ransomware Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on potential ransomware activity event information based on file extensions - and large number of modified file events from targeted file servers -- [FS_SensitiveDataActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on activity event information on resources identified to contain sensitive - information from targeted file servers - - - Requires **Access Auditing** component data collection - - Requires **Sensitive Data Discovery Auditing** component data collection - -- [FS_StaleFileActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on user activity event information involving stale files from targeted file - servers -- [FS_UserShareActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on normal user activity within a share from targeted file servers - - - Requires **Access Auditing** component data collection - -- [FS_WeekendActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on activity events that occur over the weekend from targeted file servers - - - Requires **Access Auditing** component data collection - -# FS_GroupUsage Job - -The FS_GroupUsage job is designed to report on group usage from targeted file servers. - -## Analysis Tasks for the FS_GroupUsage Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage -Statistics** > **FS_GroupUsage** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_GroupUsage Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp) - -The following analysis task is selected by default: - -- 1. Identify Last Time a Group was used for Access - - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_FS_GroupUsage_DaysSinceUse view accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_GroupUsage job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | ------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------ | -| Stale Groups | This report identifies the last possible time a group was used for providing file system access. | None | This report is comprised of two elements: - Bar Chart – Displays top unused groups - Table – Provides details on unused groups | - -# FS_MostActiveServers Job - -The FS_MostActiveServers job is designed to report on the most active servers within an environment. - -## Analysis Task for the FS_MostActiveServers Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage -Statistics** > **FS_MostActiveServers** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the FS_MostActiveServers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp) - -The following analysis task is selected by default: - -- Last 30 Days – Creates the SA_FS_MostActiveServers_Last30Days table accessible under the job’s - Results node - -In addition to the table and views created by the analysis task, the FS_MostActiveServers job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active Servers – Last 30 Days | This report identifies the top servers for the past 30 days. [Read], [Add], [Update], [Delete], [Permission Change], [Rename] fields reflect the number of unique operations of each type that was performed in that server for this time frame. Unique Folders are the number of distinct folders that have had activity during the time frame. | None | This report is comprised of two elements: - Bar Chart – Displays most active servers - Table – Provides details on most active servers | - -# FS_MostActiveUsers Job - -The FS_MostActiveUsers job is designed to report on the most active users within an environment. - -## Analysis Tasks for the FS_MostActiveUsers Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage -Statistics** > **FS_MostActiveUsers** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_MostActiveUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp) - -The following analysis task is selected by default: - -- Last 30 Days – Creates the SA_FS_MostActiveUsers_Last30Days table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis task, the FS_MostActiveUsers job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active Users – Last 30 Days | This report identifies the top users for the past 30 days. [Read], [Add], [Update], [Delete], [Permission Change], [Rename] fields reflect the number of unique operations of each type that was performed by the user for this time frame. Unique Folders are the number of distinct folders that have had activity during the time frame. | None | This report is comprised of two elements: - Bar Chart – Displays top users by operation count - Table – Provides details on the most active users | - -# FS_StaleShares Job - -The FS_StaleShares job is designed to report on stale shares from targeted file servers. - -## Analysis Tasks for the FS_StaleShares Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage -Statistics** > **FS_StaleShares** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_StaleShares Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Find Date of last Activity - - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_FS_StaleShares_LastActivityPivot view accessible under the job’s Results node - -- 2. Find Shares with no Recorded Activity – Creates the SA_FS_StaleShares_NoRecordedActivity - table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_StaleShares job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | ------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------ | -| Stale Shares | This report identifies the last date there was activity on a share. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 stale shares - Table – Provides details on stale shares | - -# Usage Statistics Job Group - -The Usage Statistics job group is designed to report on usage statistics from targeted file servers. - -![Usage Statistics Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The Usage Statistics job group is comprised of: - -- [FS_GroupUsage Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on group usage from targeted file servers - - - Requires **Access Auditing** component data collection - -- [FS_MostActiveServers Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on the most active servers within an environment -- [FS_MostActiveUsers Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on the most active users within an environment -- [FS_StaleShares Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on stale shares from targeted file servers - - - Requires **Access Auditing** component data collection diff --git a/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md b/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md deleted file mode 100644 index 66be44e25f..0000000000 --- a/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md +++ /dev/null @@ -1,639 +0,0 @@ -# FS_DeleteFiles_Status Job - -The FS_DeleteFiles_Status job is designed to report on deleted resources from targeted file servers -that were deleted from the FS_DeleteFiles job. See the -[FS_DeleteFiles Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) topic -for additional information. - -## Analysis Tasks for the FS_DeleteFiles_Status Job - -Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles_Status** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_DeleteFiles_Status Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp) - -The following analysis task is selected by default: - -- Summarize file deletion actions – Creates the SA_FS_Delete_Status_Summary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_DeleteFiles_Status job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| File Deletions | This report summarizes file deletions which have occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of file deletions - Table – provides details on file deletions | - -# FS_DeleteFiles Job - -The FS_DeleteFiles job is designed to delete resources from targeted file servers that were -previously quarantined and can be deleted. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The FS_DeleteFiles job has the following configurable parameter: - -- Number of days without access after which a file is a deletion candidate - -See the -[Customizable Analysis Tasks for the FS_DeleteFiles Job](#customizable-analysis-tasks-for-the-fs_deletefiles-job) -topic for additional information. - -## Analysis Tasks for the FS_DeleteFiles Job - -Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_DeleteFiles Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp) - -The following analysis tasks are selected by default: - -- Determine candidates for deletion – Creates the SA_FS_Delete_CandidatesView table accessible under - the job’s Results node - - - The threshold for the number of days without access after which a file becomes a candidate for - deletion can be configured. See the [Parameter Configuration](#parameter-configuration) topic - for additional information. - -### Customizable Analysis Tasks for the FS_DeleteFiles Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| --------------------------------- | --------------------------- | ------------- | ----------------------------------------------------------------------------------------- | -| Determine candidates for deletion | @DELETE_THRESHOLD | 180 | Set the number of days without access after which a file becomes a candidate for deletion | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for instructions to modify parameters. - -## Action Tasks for the FS_DeleteFiles Job - -Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles** > **Configure** -node and select **Actions** to view the action tasks. - -**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -![Action Tasks for the FS_DeleteFiles Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesaction.webp) - -The following actions are deselected by default: - -- Delete files – Deletes files that are listed as candidates for deletion in the - FS_Delete_CandidatesView table. The threshold for the number of days without access after which a - file becomes a candidate for deletion can be configured through the **Determines candidates for - deletion** analysis task. - - - See the [Parameter Configuration](#parameter-configuration) topic for additional information - -# 4. Delete Job Group - -The 4. Delete job group is designed to report on and take action against resources from targeted -file servers that can be deleted. - -![4. Delete Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -This job group includes the following jobs: - -- [FS_DeleteFiles Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to delete resources from targeted file servers that were previously quarantined and can - be deleted -- [FS_DeleteFiles_Status Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to report on deleted resources from targeted file servers that were deleted from the - DeleteFiles job - -Workflow - -The following is the recommended workflow for using the job group: - -**Step 1 –** **Prerequisite:** Successfully execute the following job groups: - -- .Active Directory Inventory -- File System > 0.Collection -- File System > Cleanup > 3. Quarantine - -**Step 2 –** Schedule the 4. Delete job group to run as desired after the prerequisites have -completed. - -**Step 3 –** Review the reports generated by the 4. Delete job group. - -# 1. Cleanup Assessment > FS_CleanupAssessment Job - -The FS_CleanupAssessment job is designed to report on and assess the status of target file servers -that can be cleaned up. - -To include share ownership information in the analyses, populate the SA_AIC_ResourceOwnersView prior -to running this job. This view populates when you assign owners to resources through the Access -Information Center Manage Owners page. See the Resource Owners topics in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -![1. Cleanup Assessment > FS_CleanupAssessment Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The FS_CleanupAssessment job is located in the 1. Cleanup Assessment job group. - -Workflow - -The following is the recommended workflow for using the job group: - -**Step 1 –** **Prerequisite:** Successfully execute the following job groups: - -- .Active Directory Inventory -- File System > 0.Collection - -**Step 2 –** Schedule the 1. Cleanup Assessment job group to run as desired after the prerequisites -have completed. - -**Step 3 –** Review the reports generated by the 1. Cleanup Assessment group. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The FS_CleanupAssessment job has the following configurable parameters: - -- Number of days after which a resource’s LastModified timestamp classifies it as stale -- If 1, LastModified will be used to calculate staleness. If 0, LastAccessed will be used. -- UNC Paths of folders to exclude from staleness consideration (recursive) -- Lower bound for files to be included in the FileDetails table (by LastModfied, in days) -- Upper bound for files to be included in the FileDetails table (by LastModfied, in days) - -See the -[Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) -topic for additional information. - -## Analysis Tasks for the FS_CleanupAssessment Job - -Navigate to the **FileSystem** > **Cleanup** > **1. Cleanup Assessment** > -**FS_CleanupAssessment** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_CleanupAssessment Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp) - -The following analysis tasks are selected by default: - -- Create file-level view – Creates the SA_FS_CleanupView table accessible under the job’s Results - node. - - - See the [Include Metadata Tag Information](#include-metadata-tag-information) topic for - instructions on how to include metadata tag information in this table - - Has 3 configurable parameters. See the - [Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) - topic for additional information. - -- Create file-level details table – Creates the SA_FS_CleanupAssessment_FileDetails table accessible - under the job’s Results node - - - Has 2 configurable parameters. See the - [Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) - topic for additional information. - -- Summarize share-level information – Creates the SA_FS_CleanupAssessment_ShareDetails table - accessible under the job’s Results node -- Summarize host-level information – Creates the SA_FS_CleanupAssessment_HostDetails table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_CleanupAssessment job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | -| File System Cleanup - Files | This report highlights file-level cleanup information | None | This report is comprised of two elements: - Pie Chart – Displays enterprise stale file breakdown - Table – Provides details on files | -| File System Cleanup - Hosts | This report highlights host-level cleanup information | None | This report is comprised of two elements: - Stacked Chart – Displays top hosts by stale file percentage - Table – Provides details on hosts | -| File System Cleanup - Shares | This report highlights share-level cleanup information | None | This report is comprised of two elements: - Stacked Chart – Displays top shares by stale file percentage - Table – Provides details on shares | - -### Customizable Analysis Tasks for the FS_CleanupAssessment Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------------------- | --------------------------- | ------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------- | -| Create File-Level View | @STALE_THRESHOLD | 365 | Set the number of days after which a resource’s Last Modified timestamp classifies it as stale | -| @USE_LAST_MODIFIED | 1 | If set to 1, Last Modified will be used to calculate staleness. If set to 0, Last Access will be used. | | -| #FOLDERS_TO_EXCLUDE | BLANK | Specify which UNC Paths of folders to exclude from staleness consideration | | -| Create File Level Details Table | @MIN_STALE_THRESHOLD | 730 | Set the lower bound of the files to be included in the FileDetails table (by Last Modfied, in days) | -| @MAX_STALE_THRESHOLD | 365 | Set the upper bound of the files to be included in the FileDetails table (by Last Modfied, in days) | | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for instructions to modify parameters. - -### Include Metadata Tag Information - -To include metadata tag information in the SA_FS_CleanupView table, the **FileSystem** > -**0.Collection** > **1-FSAA System Scans** job needs configuring to use the required option. Follow -the steps to enable the option on the File Detail Scan Settings page of the File System Scan query. - -**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAA System Scans** > -**Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the **File System Scan** query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor -Data Collector Wizard opens. - -![File Details tab of the FSAA Data Collector Wizard Default Scoping Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp) - -**Step 4 –** Navigate to the **Default Scoping Options** page and click the **File Details** tab. - -![Options to select on File Details tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/includemetadatatagoptions.webp) - -**Step 5 –** On the File Details tab, select the **Scan file-level details** option, and then select -the **Collect tags/keywords from file metadata properties** option. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -**Step 6 –** Navigate to the **Scoping Queries** page of the File System Access Auditor Data -Collector Wizard and click Finish to save the changes and close the wizard. - -Metadata Tag Information will now be included in the SA_FS_CleanupView table the next time the -FS_CleanupAssessment job is run. - -# FS_CleanupProgress Job - -The FS_CleanupProgress job summarizes the progress of the cleanup effort and highlights the amount -of storage reclaimed on each host. - -## Analysis Tasks for the FS_CleanupProgress Job - -Navigate to the **FileSystem** > **Cleanup** > **FS_CleanupProgress** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_CleanupProgress Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp) - -The following analysis tasks are selected by default: - -- Summarize share- and host-level cleanup progress – Creates the SA_FS_CleanupProgress_ShareDetails - table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_CleanupProgress job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | --------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| Cleanup Progress | This report gives a high-level overview of an organization's cleanup effort | None | This report is comprised of two elements: - Bar Chart – Displays the host summary of cleanup progress - Table – provides details on cleanup progress | - -# FS_NotifyOwners_Status Job - -The FS_NotifyOwners_Status job is comprised of analysis and reports that summarize the actions -performed by the FS_NotifyOwners job. See the -[FS_NotifyOwners Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) topic -for additional information. - -## Analysis Tasks for the FS_NotifyOwners_Status Job - -Navigate to the **FileSystem** > **Cleanup** > **2. Notify** > **FS_NotifyOwners_Status** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_NotifyOwners_Status Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp) - -The following analysis tasks are selected by default: - -- Summarize notifications – Creates the SA_FS_CleanupAssessment_ShareDetails_NotifySummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_NotifyOwners_Status job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Owner Notifications (Share Owner Notifications) | This report summarizes share owner notifications which have occurred during the Cleanup effort | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of notify share owners - Table – provides details on notify share owners | - -# FS_NotifyOwners Job - -The FS_NotifyOwners job is comprised of the SendMail action module that uses the data collected by -the **FileSystem** > **Cleanup** > **1. Cleanup Assessment** > **FS_CleanupAssessment** job to -contact owners of shares containing data for which cleanup is pending. - -## Action Tasks for the FS_NotifyOwners Job - -Navigate to the **FileSystem** > **Cleanup** > **2. Notify** > **FS_NotifyOwners** > **Configure** -node and select **Actions** to view the action tasks. - -**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -![Action Tasks for the FS_NotifyOwners Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersaction.webp) - -The following action task is deselected by default. - -- Notify Owners – Notifies share owners using SendMail module - -Prior to running the FS_NotifyOwners job, it is necessary to select the **Notify Owners** task and -configure the properties for the SendMail action module. See the -[Configure the FS_NotifyOwners Action](#configure-the-fs_notifyowners-action) topic for additional -information. - -### Configure the FS_NotifyOwners Action - -The recipients and the text of the email can be customized on the Properties page within the Send -Mail Action Module Wizard. The -[1. Cleanup Assessment > FS_CleanupAssessment Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) -must be run before the Send Mail Action Module Wizard can be opened. Follow these steps to customize -the Notify Owners action task. - -**Step 1 –** Navigate to the job’s **Configure** node and select **Actions**. - -**Step 2 –** In the Action Selection view, select the desired action task and click **Action -Properties** to view the Action Properties page. - -**Step 3 –** Click **Configure Action** to open the Send Mail Action Module Wizard. - -_Remember,_ the FS_CleanupAssessment job must be run before the Send Mail Action Module Wizard can -be opened. - -![Send Mail Action Module Wizard Properties page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp) - -**Step 4 –** On the Properties page, customize the following fields: - -- Carbon copy (CC) – Add the recipient emails within this field - - **NOTE:** Email recipients may also be added within the Notification node under the Global - Settings pane. - -![Send Mail Action Module Wizard Message page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp) - -**Step 5 –** On the Message page, customize the following fields: - -- Subject – Enter text for the display line on delivered emails -- Text Entry Box – Enter text to display on the body of each email - -**Step 6 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Send Mail Action Module -Wizard. - -The action task has been customized. It can now be selected and run as part of the FS_NotifyOwners -job. - -# 2. Notify Job Group - -The 2. Notify job group is designed to report on and notify owners of resources of target file -servers that data is pending cleanup. - -**NOTE:** The SendMail action module requires configuration of the Notification Settings in the -Global Settings. See the -[Notification](/docs/accessanalyzer/11.6/administration/settings/notifications.md) -topic for additional information. - -![2. Notify Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -This job group includes the following jobs: - -- [FS_NotifyOwners Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to notify share owners that there is data within their share pending cleanup -- [FS_NotifyOwners_Status Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to summarize the actions taken by the NotifyOwners job - -Workflow - -The following is the recommended workflow for using the job group: - -**Step 1 –** **Prerequisite:** Successfully execute the following job groups: - -- .Active Directory Inventory -- File System > 0.Collection -- File System > Cleanup > 1. Cleanup Assessment - -**Step 2 –** Schedule the 2. Notify job group to run as desired after the prerequisites have -completed. - -**Step 3 –** Review the reports generated by the 2. Notify job group. - -# Cleanup Job Group - -The Cleanup job group is designed to report on and take action against resources from targeted file -servers that can be cleaned up. Use this job group to assess and remediate stale files according to -the data collected by the **0.Collection** job group. The Cleanup job group runs independently from -the rest of the File System solution. - -**NOTE:** The Cleanup job group requires additional licenses to function. For information, contact -your Netwrix representative. - -![Cleanup Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The Cleanup job group includes the following job groups and jobs: - -- [1. Cleanup Assessment > FS_CleanupAssessment Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to report on and assess the status of target file servers that can be cleaned up -- [2. Notify Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to report on and notify the owners of resources of target file servers that data is - pending cleanup -- [3. Quarantine Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – This job group offers a framework for using the File System actions modules to quarantine files, - and to restore access to quarantined files if necessary -- [4. Delete Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to report on and take action against resources from targeted file servers that can be - deleted -- [FS_CleanupProgress Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Summarizes the progress of the Cleanup effort and highlights the amount of storage reclaimed on - each host - -Many jobs in this group include one or more pre-built actions designed to apply operations to the -data tables generated by the job’s analysis tasks. These actions perform the cleanup operations. By -default, the actions do not execute as part of the job group. You must select the actions you want -to run prior to execution. See the -[Action Modules](/docs/accessanalyzer/11.6/accessanalyzer/admin/action/overview.md) -topic for additional information. - -## Recommended Configurations for the FS Cleanup Job Group - -The Cleanup job group has the following recommended configuration settings. - -Dependencies - -The Cleanup job group has the following prerequisites: - -- Successfully execute the **.Active Directory Inventory** job group prior to running this job group -- The **File System Actions** license must be installed -- Successfully execute the **FileSystem** > **0.Collection** job group with the following options - enabled: - - - Scan file-level details - - Collect ownership and permission information for files - - See the - [FSAA: Default Scoping Options](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - topic for additional information. - -Individual jobs and job groups within the Cleanup job group may have their own prerequisites and -dependencies. See the relevant topic for the job or job group for information about these. - -Target Host - -This job group does not collect data. No target host is required. - -Schedule Frequency - -This job group can be scheduled to run as desired. - -# FS_QuarantineData_Status Job - -The FS_QuarantineData_Status job is designed to report on the FS_QuarantineData job. See the -[FS_QuarantineData Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) topic -for additional information. - -## Analysis Tasks for the FS_QuarantineData_Status Job - -Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_QuarantineData_Status** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_QuarantineData_Status Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp) - -The following analysis task is selected by default: - -- Summarize quarantine actions – Creates the SA_FS_Quarantine_Status_Summary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_QuarantineData_Status job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------- | -------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| File Quarantining | This report summarizes file quarantining which has occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of file quarantining - Table – provides details on file quarantining | - -# FS_QuarantineData Job - -The FS_QuarantineData job is designed to quarantine files subject to be cleaned up. - -## Action Tasks for the FS_QuarantineData Job - -Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_QuarantineData** > -**Configure** node and select **Actions** to view the action tasks. - -**CAUTION:** Do not enable the actions unless they are required. Disable the actions after execution -to prevent making unintended and potentially harmful changes to Active Directory. - -**CAUTION:** Do not modify the action tasks. The action tasks are preconfigured for this job. - -![Action Tasks for the FS_QuarantineData Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp) - -The following action tasks are deselected by default: - -- Give domain user full control – Gives a specified domain user full control over stale files -- Break inherited permissions – Breaks inherited permissions - -Prior to running the FS_QuarantineData job, it is necessary to select the **Give domain user full -control** or **Break inherited permissions** task to perform an action. - -# FS_RestoreInheritance_Status Job - -The FS_RestoreInheritance_Status job is designed to report on inheritance that was restored to -previously quarantined files. - -## Analysis Tasks for the FS_RestoreInheritance_Status Job - -Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > -**FS_RestoredInheritance_Status** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_RestoreInheritance_Status Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp) - -The following analysis tasks are selected by default: - -- Summarize restore inheritance actions – Creates an interim processing table in the database for - use by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the FS_RestoreInheritance_Status -job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Restored Inheritance | This report summarizes restored inheritance which has occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of restored inheritance - Table – provides details on restored inheritance | - -# FS_RestoreInheritance Job - -The FS_RestoreInheritance job is designed to restore inheritance to previously quarantined files. - -## Analysis Tasks for the FS_RestoreInheritance Job - -Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_RestoreInheritance** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_RestoreInheritance Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp) - -The following analysis task is selected by default: - -- Determines candidates for restored inheritance – Creates the - SA_FS_RestoreInheritance_CandidatesView table accessible under the job’s Results node - -## Action Tasks for the FS_RestoreInheritance Job - -Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_RestoreInheritance** > -**Configure** node and select **Actions** to view the action tasks. - -**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -**CAUTION:** Do not modify the action task. The action task is preconfigured for this job. - -![Action Tasks for the FS_RestoreInheritance Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp) - -The following action tasks are deselected by default: - -- Restore Permissions – Restores permission inheritance to quarantined files where activity has - occurred - -# 3. Quarantine Job Group - -The 3. Quarantine job group is designed to report on and quarantine files that are pending cleanup. - -![3. Quarantine Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -This job group includes the following jobs: - -- [FS_QuarantineData Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to quarantine files subject to be cleaned up -- [FS_QuarantineData_Status Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to report on the FS_QuarantineData job -- [FS_RestoreInheritance Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to restore inheritance to previously quarantined files -- [FS_RestoreInheritance_Status Job](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to report on inheritance that was restored to previously quarantined files - -Workflow - -The following is the recommended workflow for using the job group: - -**Step 1 –** **Prerequisite:** Successfully execute the following job groups: - -- .Active Directory Inventory -- File System > 0.Collection -- File System > Cleanup > 1. Cleanup Assessment - -**Step 2 –** Schedule the 3. Quarantine job group to run as desired after the prerequisites have -completed. - -**Step 3 –** Review the reports generated by the 3. Quarantine job group. diff --git a/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md b/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md deleted file mode 100644 index f174fd2ac9..0000000000 --- a/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md +++ /dev/null @@ -1,264 +0,0 @@ -# File Types > FS_FileTypes Job - -The FS_FileTypes job is designed to report on file type information from targeted file servers. - -![File Types > FS_FileTypes Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/filetypesjobstree.webp) - -The FS_FileTypes job is located in the File Types job group. - -## Analysis Tasks for the FS_FileTypes Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **File Types** > -**FS_FileTypes** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_FileTypes Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/filetypesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create File Types View – Creates the SA_ENG_FSAA_FileTypeView view accessible under the job’s - Results node -- 2. Ranked File Extensions – Creates the SA_FS_FileTypes_ExtensionsRanked table accessible under - the job’s Results node -- 3. File Types by Share – Creates the SA_FS_FileTypes_TypesByShare table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_FileTypes job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------- | -| File Types | This report identifies what types of files are located within your distributed file system and how much space they are taking up in gigabytes. | None | This report is comprised of two elements: - Pie Chart – Displays file types extensions ranked - Table – Provides details on file types by share | - -# Stale > FS_StaleContent Job - -The FS_StaleContent job is designed to report on stale content information from targeted file -servers. - -![Stale > FS_StaleContent Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/stalejobstree.webp) - -The FS_StaleContent job is located in the Stale job group. - -## Analysis Tasks for the FS_StaleContent Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Stale** > -**FS_StaleContent** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_StaleContent Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/stalecontentanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create Aging View – Creates the SA_ENG_FSAA_FolderAging table accessible under the job’s - Results node -- 2. Enterprise Summary – Creates the SA_FS_StaleContent_EnterpriseSummary table accessible under - the job’s Results node -- 3. Share Summary – Creates the SA_FS_StaleContent_ShareSummary table accessible under the job’s - Results node -- 4. Host Summary – Creates the SA_FS_StaleContent_HostSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the FS_StaleContent job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Hosts with Stale Content (Servers with Stale Content) | Identifies servers with stale content. Staleness is determined by files' last modified date. For these reports, by default, a file is considered stale after a year. Counts are based on Shares and Folders which contain any stale content. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise aging summary - Stacked Bar Chart– Displays aging summary by host - Table – Provides details on servers with stale content | -| Shares with Stale Content | Identifies shares with stale content. Staleness is determined by files' last modified date. For these reports, by default, a file is considered stale after a year. Counts are based on Shares and Folders which contain any stale content. | None | This report is comprised of two elements: - Bar Chart – Displays share summary - Table – Provides details on shares | - -# 4.Content Job Group - -The 4.Content job group is designed to report on content information from targeted file servers. Key -information reported on in this group is: File Types, File Sizing, Stale Content, and File Tags. - -![4.Content Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 4.Content job group is comprised of: - -- [File Types > FS_FileTypes Job](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) - – Designed to report on file type information from targeted file servers -- [Sizing Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) - – Designed to report on file sizing information from targeted file servers -- [Stale > FS_StaleContent Job](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) - – Designed to report on stale content information from targeted file servers -- [Tags Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) - – Designed to report on content classification information from targeted file servers - -# FS_EmptyResources Job - -The FS_EmptyResources job is designed to report on empty resources from targeted file servers. - -## Analysis Tasks for the FS_EmptyResources Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > -**FS_EmptyResources** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_EmptyResources Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Folder Size View – Creates the SA_ENG_FSAA_FolderSizeView view accessible under the job’s - Results node -- 2. Empty Folders – Creates the SA_FS_EmptyResources_EmptyFolders table accessible under the - job’s Results node -- 3. Empty Shares – Creates the SA_FS_EmptyResources_EmptyShares table accessible under the job’s - Results node -- 4. Summarize by Host – Creates the SA_FS_EmptyResources_HostSummary table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_EmptyResources job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------- | ----------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Empty Folders | Identifies empty folders with no subdirectories. | None | This report is comprised of three elements: - Bar Chart – Displays the top five servers by empty folders - Table – Provides details on empty folders - Table – Provides details on the top servers by empty folders | -| Empty Shares | This report identifies empty shares with no subdirectories. | None | This report is comprised of three elements: - Bar Chart – Displays the top 5 servers by empty shares - Table – Provides details on the empty shares - Table – Provides summary of the share | - -# FS_LargestResources Job - -The FS_LargestResources job is designed to report on the largest resources from targeted file -servers. - -## Analysis Tasks for the FS_LargestResources Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > -**FS_LargestResources** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_LargestResources Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/largestresourcesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Largest Folders Ranked – Creates the SA_FS_LargestResources_Ranked table accessible under the - job’s Results node -- 2. Largest Shares – Creates the SA_FS_LargestResources_SharesRanked table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_LargestResources job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ----------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | -| Largest Folders | This report identifies the largest folders found. | None | This report is comprised of two elements: - Bar Chart – Displays the top 5 largest folders - Table – Provides details on largest folders | -| Largest Shares | This report identifies the largest shares within the environment. | None | This report is comprised of two elements: - Bar Chart – Displays the top 5 largest shares - Table – Provides details on the largest resources | - -# FS_SmallestResources Job - -The FS_SmallestResources job is designed to report on the smallest resources from targeted file -servers. - -## Analysis Tasks for the FS_SmallestResources Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > -**FS_SmallestResources** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_SmallestResources Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Smallest Folders Ranked – Creates the SA_FS_SmallestResources_Ranked table accessible under - the job’s Results node -- 2. Smallest Shares – Creates the SA_FS_SmallestResources_SharesRanked table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_SmallestResources job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------ | -| Smallest Shares | Identifies the smallest shares within the environment. | None | This report is comprised of one element: - Table – Provides details on the smallest shares | - -# Sizing Job Group - -The Sizing job group is designed to report on file sizing information from targeted file servers. - -![Sizing Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/sizingjobstree.webp) - -The Sizing job group is comprised of: - -- [FS_EmptyResources Job](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) - – Designed to report on empty resources from targeted file servers -- [FS_LargestResources Job](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) - – Designed to report on the largest resources from targeted file servers -- [FS_SmallestResources Job](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) - – Designed to report on the smallest resources from targeted file servers - -# FS_AIPLabels Job - -The FS_AIPLabels job is designed to report on resources classified by AIP labels from targeted file -servers. - -## Analysis Tasks for the FS_AIPLabels Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Tags** > -**FS_AIPLabels** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_AIPLabels Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/tags/aiplabelsanalysis.webp) - -The following analysis task is selected by default: - -- AIP Label Details – Creates the SA_FS_FileLabel_Details table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis task, the FS_AIPLabels job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| AIP Labels | This report provides details on labels applied to files. This information is rolled up by folder, and summarized at the enterprise level. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise AIP summary - Table– Provides details on label details by folder - Table – Provides details on labels by file count | - -# FS_FileTags Job - -The FS_FileTags job is designed to report on resources classified with metadata file tags from -targeted file servers. - -## Analysis Tasks for the FS_FileTags Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Tags** > -**FS_FileTags** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_FileTags Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/tags/filetagsanalysis.webp) - -The following analysis task is selected by default: - -- List file tag details – Creates the SA_FS_FileTags_Details table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis task, the FS_FileTags job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------- | --------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| File Tags | This report provides details on tags applied to files. This information is rolled up by folder, and summarized at the enterprise level. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise tag summary - Table– Provides details on tag details by folder - Table – Provides details on tags by file count | - -# Tags Job Group - -The Tags job group is designed to report on content classification information from targeted file -servers. - -![Tags Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/tags/tagsjobstree.webp) - -The Tags job group is comprised of: - -- [FS_AIPLabels Job](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) - – Designed to report on resources classified by AIP labels from targeted file servers -- [FS_FileTags Job](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) - – Designed to report on resources classified with metadata file tags from targeted file servers diff --git a/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md b/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md deleted file mode 100644 index cded324d5f..0000000000 --- a/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md +++ /dev/null @@ -1,2297 +0,0 @@ -# FS_ShareAudit Job - -The FS_ShareAudit Job is designed to report on shares from targeted file servers based on user -input. - -## Analysis Tasks for the FS_ShareAudit Job - -View the analysis tasks by navigating to the FileSystem > Ad Hoc Audits > FS_ShareAudit > Configure -node and select Analysis. - -**CAUTION:** Do not modify or deselect the last three selected analysis tasks. The analysis tasks -are preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/adhocaudits/shareauditanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Identify Selected Shares – Creates the SA_FS_ShareAudit_ShareSummary table accessible under - the job’s Results node - - Parameter is blank by default. - - #UNC parameter must be configured by clicking Analysis Configuration with this task selected - then selecting the #UNC table in the SQL Script Editor window and clicking **Edit Table**. - - This brings up the Edit Table window where the user can manually enter UNC paths of each - share to be audited or upload a CSV file containing one row for each share to be audited. - See the - [SQLscripting Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/scripting.md) - section for additional information. - - List one shared folder per row, using the format: \\HOST\SHARE. -- 2. Direct Permissions – Creates the SA_FS_ShareAudit_DirectPermissions table accessible under - the job’s Results node -- 3. Calculate Effective Access – Creates the SA_FS_ShareAudit_ShareAccess table accessible under - the job’s Results node -- 4. Identify Broken Inheritance - - Creates a temporary table in the database for use by downstream analysis and report - generation. - - Creates the SA_FS_ShareAudit_UniqueTrustees table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the FS_ShareAudit Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | -------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Share Audit | This report displays permission information for the selected shares. | None | This report is comprised of four elements: - Table – Provides details on selected shares - Table – Provides details on permissions - Table – Provides details on effective access - Table – Provides details on broken inheritance | - -# FS_TrusteePermissions Job - -The FS_TrusteePermissions Job is designed to report on trustees from targeted file servers based on -user input. - -## Analysis Tasks for the FS_TrusteePermissions Job - -View the analysis tasks by navigating to the FileSystem > Ad Hoc Audits > FS_TrusteePermissions > -Configure node and select Analysis. - -**CAUTION:** Do not modify or deselect the second selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Find Trustee Information – Creates the SA_FS_TrusteePermissions_TrusteeSummary table - accessible under the job’s Results node. - - Parameter is blank by default. - - `#Trustees` parameter must be configured using the Edit Table option. - - List one trustee per row, using the format: DOMAIN\Name. - - See the Customize Analysis Parameters topic for additional information. -- 2. Find Permission Source – Creates the SA_FS_ShareAudit_TrusteePermissions table accessible - under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the FS_TrusteePermissions Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | -| Trustee Permissions Audit | This report provides an overview of the access sprawl across the environment for the select trustee(s). | None | This report is comprised of two elements: - Bar Chart – Displays summary of trustees - Table – Provides details on trustee permissions | - -# Ad Hoc Audits Job Group - -The Ad Hoc Audits Job Group is designed to report on resources and trustees that have been provided -by the user from targeted file servers. - -The Ad Hoc Audits Job Group tables and reports are blank if the CSV file is not modified to contain -the required information before job execution. - -**_RECOMMENDED:_** Run these jobs independently of the solution. - -![Ad Hoc Audits Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The Ad Hoc Audits Job Group is comprised of: - -- [FS_ShareAudit Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Designed to report on shares from targeted file servers based on user input -- [FS_TrusteePermissions Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Designed to report on trustees from targeted file servers based on user input - -For both of these jobs, the host list is set to Local host at the job level. The assigned Connection -Profile needs to have rights on the Enterprise Auditor Console server to access the CSV file saved -in the job's directory. The Connection Profile can be set at either the Ad Hoc Audits > Settings > -Connection node (applies to both jobs) or in the job's Properties window on the Connection tab. - -# 0-Create Schema Job - -The 0-Create Schema job within the 0.Collection job group creates and updates the schema for the -tables, views, and functions used by the rest of the File System Solution. This job needs to run -prior to the other jobs in the 0.Collection job group for both new installations and upgrades. The -job can be scheduled with any of the collections. Do not delete the job from the job tree. - -**_RECOMMENDED:_** This job does not need to be moved. Leave it to run as part of the 0.Collection -job group. - -## Analysis Tasks for the 0-Create Schema Job - -View the analysis task by navigating to the **FileSystem** > **0.Collection** > **0-Create -Schema** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection for the 0-Create Schema Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/createschemaanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create Tables – Creates all tables prefaced with SA*FSAA* -- 2. Create DFS Tables – Creates all tables prefaced with SA*FSDFS* -- 3. Create DLP Tables – Creates all tables prefaced with SA*FSDLP* -- 4. Create FSAC Tables – Creates all tables prefaced with SA*FSAC* -- 5. Create Rename Targets – Creates the SA_FSAC_Rename Targets tables -- 6. Create Paths View – Creates the SA_FSAA_Paths view -- 7. Update data types – Enterprise Auditor uses custom SQL data types to render data. This - analysis creates updates to those data types. -- 8. Import new functions – Creates functions used in the File System Solution that only reference - the .Active Directory Inventory job group data -- 9. Import new functions – Creates the FSAA functions used in the File System Solution that - reference the 0.Collection job group data -- 10. Create exception types – Creates the SA_FSAA_ExceptionTypes table -- 11. Create views – Creates the SA_FSAA_DirectPermissionsView -- 12. Create Exceptions Schema – Creates the SA_FSAC_Exception table and the - SA_FSAC_ExceptionTypes table -- 13. Create FSAC Views – Creates all views prefaced with SA*FSAC* -- 14. Create Functions – Creates the FSAC functions used in the File System Solution that - reference the 0.Collection job group data -- 15. Create FSDLP Views – Creates all views prefaced with SA*FSDLP* -- 16. Create DFS Functions – Creates the FSDFS functions used in the File System Solution that - reference the 0.Collection job group data - -# 0-FS_Nasuni Job - -The 0-FS_Nasuni job is required in order to target Nasuni Edge Appliances. The job can be added from -the Enterprise Auditor Instant Job Library. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic to add this instant job to the 0.Collection job group. - -**CAUTION:** It is necessary to rename the job after it has been added to the 0.Collection job group -from **FS_Nasuni** to **0-FS_Nasuni**, so that it runs immediately after the 0-Create Schema job. - -_Remember,_ the 0-FS_Nasuni job must be assigned a custom host list containing all on-premise Nasuni -Edge Appliances and cloud filers, and a custom Connection Profile containing the API Access Key and -Passcode for each on-premise Nasuni Edge Appliance and cloud filer in the target environment. Nasuni -API key names are case sensitive. When providing them, ensure they are entered in the exact same -case as generated. - -## Queries for the 0-FS_Nasuni Job - -The queries for the 0-FS_Nasuni job use the PowerShell Data collector to gather system information, -volume data, and share data from the Nasuni environment. - -**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. - -![Queries for the 0-FS_Nasuni Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsnasuniquery.webp) - -The queries for the 0-FS_Nasuni job are: - -- SysInfo – Collects Nasuni system information -- Volumes – Collects Nasuni volume information -- Shares – Collects Nasuni CIFS/SMB share information - -# 0-FSDFS System Scans Job - -The 0-FSDFS System Scans job enumerates a list of all root and link targets in the distributed file -system and creating a dynamic host list that will be used by the components. - -## Query for the 0-FSDFS System Scans Job - -The DFS System Scan Query uses the FSAA Data Collector and has been preconfigured to use the DFS -Scan Category. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the 0-FSDFS System Scans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansquery.webp) - -- DFS System Scan – Scans the DFS System - -## Analysis Tasks for the 0-FSDFS System Scans Job - -View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **0-FSDFS System -Scans** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 0-FSDFS System Scans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansanalysis.webp) - -The following analysis tasks are selected by default: - -- Create Hosts View – Creates the 0-FSDFS_System_HostView visible through the Results node that - contains the dynamic host list -- Create Views – Creates the FSDFS_NamespacesTraversalView visible through the Results node that - contains expansion of all the scanned namespaces - -# 1-FSAA System Scans Job - -The 1-FSAA System Scans job is designed to collect access information from the targeted file -servers. - -## Query for the 1-FSAA System Scans Job - -The File System Scan query uses the FSAA Data Collector. - -![Query for the 1-FSAA System Scans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaasystemscansquery.webp) - -The following default configurations are commonly customized: - -- Default Scoping Options page > File Properties (Folder Summary) tab: - - - Set to limit the **Scan for Probable Owners**, with Limit maximum number of probable owners to - return per folder set to 5 - - Set to **Scan for file types**, with Limit maximum number of file types to return per folder - set to 5 - -- Scan Server Selection page: - - - Set to **Local Server**, or local mode scans - -- Default Scoping Options page > Scan Settings tab: - - - Set to **Limit subfolder scan depth to 2 level(s)** - -See the -[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md) -topic for a complete list of customizable settings. See the -[Configure the (FSAA) File System Scan Query](#configure-the-fsaa-file-system-scan-query) topic for -additional information. - -### Configure the (FSAA) File System Scan Query - -The 1-FSAA System Scans job has been preconfigured to run with the default settings with the -category of File system access/permission auditing Scan. Follow the steps to set any desired -customizations. - -**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAA System Scans** > -**Configure** node and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor -Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Applet Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekappletsettings.webp) - -**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans. If employing proxy -servers, see the -[FSAA: Applet Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for configuration instructions. - -![Scan Server Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekserverselection.webp) - -**Step 5 –** On the Scan Server Selection page, select the server that will execute the scan. See -the -[FSAA: Scan Server Selection](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) topic -for additional information. - -![Scan Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscansettings.webp) - -**Step 6 –** On the Scan Settings page, you can enable streaming. See the -[FSAA: Scan Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) topic -for additional information. - -**NOTE:** If streaming is enabled, the **2-FSAA Bulk Import** job is no longer needed as part of the -**0.Collection** job group. - -![Azure Tennant Mapping](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp) - -**Step 7 –** On the Azure Tenant Mapping page, add the AppPrincipalID (App ID) and Tenant ID. See -the -[FSAA: Azure Tenant Mapping](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -![Default Scoping Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptions.webp) - -**Step 8 –** On the Default Scoping Options page, configure the following on the Scan Setting tab: - -- Limit subfolder scan depth to – Select this checkbox and use the arrow buttons to modify the - subfolder scan depth -- Exclude snapshot directories on NetApp server – Select this checkbox to exclude snapshot - directories on NetApp server -- Exclude system shares – Select this checkbox to exclude system shares -- Exclude hidden shares – Select this checkbox to exclude hidden shares -- Specify action on Last Access Time (LAT) preservation as follows: - - - Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to - enable an operating system feature to preserve the LAT when accessing the file. This operation - may fail for a variety of reasons, which include but are not limited to: the operating system - or file system where the file is located does not support LAT preservation, or insufficient - permissions from the service account trying to access the file. The following configuration - addresses a failure to enable the LAT preservation mode: - - - Continue to scan file silently – FSAA scans the file with the possibility that LAT - preservation is not possible. No warning will be shown. - - Continue to scan file with warning – FSAA scans the file with the possibility that LAT - will not be preserved. A warning will be shown for this file. - - Skip file silently – FSAA will not scan the file. No warning will be shown. - - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating - the file was skipped. - - Abort the scan – FSAA will abort the scan. No further files will be processed. - - - Action on changed LAT After scan – Before scanning each file, the LAT of the current file is - recorded. After scanning, it is verified whether the LAT has changed since then (likely - scenarios are either that the LAT preservation mechanism failed to function as intended, or - that the file was accessed by someone while the scan was occurring). The following - configuration addresses a changed LAT: - - - Continue scan silently – The scan will move on to the next file while updating the LAT for - the processed file. No warning will be shown. - - Continue scan with warning – The scan will continue on to the next file. LAT will be - updated for the processed file. A warning will be shown. - - Force-reset file LAT silently – The scan will reset the file's LAT to its original state - before processing. No warning will be shown. The scan will proceed to the next file. - - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original - state before processing. A warning will be shown. The scan will proceed to the next file. - - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No - other files will be processed - -See the -[Scan Settings Tab](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -![File Details tab of the Default Scoping Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp) - -**Step 9 –** On the File Details tab of the Default Scoping Options page, you can enable file-level -scans. See the -[File Details Tab](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - -**_RECOMMENDED:_** Carefully consider configuring the following settings. Applying filters when file -detail scanning has been enabled reduces the impact on the database. - -![File Properties (Folder Summary) tab of the Default Scoping Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp) - -**Step 10 –** On the File Properties (Folder Summary) tab of the Default Scoping Options page, you -can configure the following: - -- Enable scan for probable owners -- Add a limit to the number of probable owners returned -- Scope file types to scan -- Add collection of tags and keyword -- Enable return of files with only comma-separated values (CSV files). - -See the -[File Properties (Folder Summary) Tab](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -![Scoping Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingoptions.webp) - -**Step 11 –** On the Scoping Options page, add share/folder inclusions and exclusions. See the -[FSAA: Scoping Options](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) topic -for additional information. - -![Scoping Queries](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingqueries.webp) - -**Step 12 –** On the Scoping Queries page: - -- Add folder/share inclusions -- Add folder/share exclusions -- Restrict scans to DFS shares or Open shares - -See the -[FSAA: Scoping Queries](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -**Step 13 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes -were made. Then click **OK** to close the Query Properties window. - -If changes were made, the **1-FSAA System Scans** job is now customized. - -## Analysis Task for the 1-FSAA System Scans Job - -View the analysis task by navigating to the **FileSystem** > **0.Collection** > **1-FSAA System -Scans** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the 1-FSAA System Scans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaasystemscansanalysis.webp) - -The following analysis task is selected by default: - -- 1. Resolve links – Resolves DFS links in standard tables - -# 1-FSAC System Scans Job - -The 1-FSAC System Scans job is designed to collect activity events from the targeted file servers. - -## Query for the 1-FSAC System Scans Job - -The Activity Scan query uses the FSAA Data Collector and has been preconfigured to use the File -system activity Scan category. - -![Query for the 1-FSAC System Scans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacsystemscansquery.webp) - -- Activity Scan – Scans for File System Activity - -The following default configurations are commonly customized: - -- Scan Server Selection page: - - - Set to **Local Server**, or local mode scans - -- Activity Settings page: - - - Set scan filter for detailed activity **60** days - - Set filter for statistics of activity **120** days - -See the -[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md) -topic for a complete list of customizable settings. See the -[Configure the Activity Scan Query](#configure-the-activity-scan-query) topic for instructions. - -### Configure the Activity Scan Query - -The 1-FSAC System Scans job has been preconfigured to run with the default settings with the -category of File system activity Scan. Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAC System Scans** > -**Configure** node and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor -Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Applet Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacappletsettings.webp) - -**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans which are selected -on the Scan Server Level Page. If employing proxy servers, see the -[FSAA: Applet Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for configuration instructions. - -![Scan Server Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacscanserverselection.webp) - -**Step 5 –** The Scan Server Selection page applies to the applet and proxy mode scans. Remember, -each mode has different provisioning requirements. See the -[FSAA: Scan Server Selection](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) topic -for additional information. - -![Activity Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacactivitysettings.webp) - -**Step 6 –** On the Activity Settings page: - -- Modify the number of days detailed activity is kept -- Modify the number of days activity statistics are kept -- Modify log parsing limits - -See the -[FSAA: Activity Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) topic -for additional information. - -**Step 7 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes -were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 1-FSAC System Scans job is now customized. - -# 1-SEEK System Scans Job - -The 1-SEEK System Scans job is designed to collect sensitive data from the targeted file servers. - -## Query for the 1-SEEK System Scans Job - -The File System Scan query uses the FSAA Data Collector and has been preconfigured to use the -Sensitive data Scan category. - -![Query for the 1-SEEK System Scans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seeksystemscansquery.webp) - -- File System Scan – Scans the File System - -The following default configurations are commonly customized: - -- Scan Server Selection page: - - - Set to **Local Server**, or local mode scans - -- Default Scoping Options page > Scan Settings tab: - - - Set to **Limit subfolder scan depth to 2 level(s)** - - Set to **Exclude system shares** - -- Scoping Options - - - Add share and folder inclusions - - Add share and folder exclusions - -- Sensitive Data Settings page: - - - Set to **Don’t process files larger than 2 MB** - - Set to **Store discovered sensitive data** - - Set to scan typical documents - -- SDD Criteria Settings page: - - - Set to the following System Criteria: - - - Credit Cards - - Passwords - - Tax Forms - - US SSN - -See the -[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md) -topic for a complete list of customizable settings. See the -[Configure the (SEEK) File System Scan Query](#configure-the-seek-file-system-scan-query) topic for -instructions. - -### Configure the (SEEK) File System Scan Query - -The 1-SEEK System Scans job has been preconfigured to run with the default settings with the -category of Sensitive data Scan. Follow these steps to set any desired customizations. - -**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-SEEK System Scans** > -**Configure** node and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor -Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Applet Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekappletsettings.webp) - -**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans which are selected -on the Scan Server Level page. If employing proxy servers, see the -[FSAA: Applet Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for configuration instructions. - -![Scan Server Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekserverselection.webp) - -**Step 5 –** The Scan Server Selection page applies to the applet and proxy mode scans. Remember, -each mode has different provisioning requirements. In addition to changing the type of scan mode, -you can modify the scan restart settings. See the -[FSAA: Scan Server Selection](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) topic -for additional information. - -![Scan Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscansettings.webp) - -**Step 6 –** On the Scan Settings page, you can enable streaming. See the -[FSAA: Scan Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) topic -for additional information. - -**NOTE:** If streaming is enabled, the **2-SEEK Bulk Import** job is no longer needed as part of the -**0.Collection** job group. - -![Azure Tenant Mapping](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp) - -**Step 7 –** On the Azure Tenant Mapping page, enable Azure Information Protection (AIP). See the -[FSAA: Azure Tenant Mapping](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -![Default Scoping Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seekdefaultscopingoptions.webp) - -**Step 8 –** On the Default Scoping Options page, configure the following on the Scan Setting tab: - -- Limit subfolder scan depth to – Select this checkbox and use the arrow buttons to modify the - subfolder scan depth -- Exclude snapshot directories on NetApp server – Select this checkbox to exclude snapshot - directories on NetApp server -- Exclude system shares – Select this checkbox to exclude system shares -- Exclude hidden shares - Select this checkbox to exclude hidden shares -- Last Access Time (LAT) preservation – Select this checkbox to specify action on Last Access Time - (LAT) preservation as follows: - - - Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to - enable an operating system feature to preserve the LAT when accessing the file. This operation - may fail for a variety of reasons, which include but are not limited to: the operating system - or file system where the file is located does not support LAT preservation, or insufficient - permissions from the service account trying to access the file. The following configuration - addresses a failure to enable the LAT preservation mode: - - - Continue to scan file silently – FSAA scans the file with the possibility that LAT - preservation is not possible. No warning will be shown. - - Continue to scan file with warning – FSAA scans the file with the possibility that LAT - will not be preserved. A warning will be shown for this file. - - Skip file silently – FSAA will not scan the file. No warning will be shown. - - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating - the file was skipped. - - Abort the scan – FSAA will abort the scan. No further files will be processed. - - - Action on changed LAT After scan – Before scanning each file, the LAT of the current file is - recorded. After scanning, it is verified whether the LAT has changed since then (likely - scenarios are either that the LAT preservation mechanism failed to function as intended, or - that the file was accessed by someone while the scan was occurring). The following - configuration addresses a changed LAT: - - - Continue scan silently – The scan will move on to the next file while updating the LAT for - the processed file. No warning will be shown. - - Continue scan with warning – The scan will continue on to the next file. LAT will be - updated for the processed file. A warning will be shown. - - Force-reset file LAT silently – The scan will reset the file's LAT to its original state - before processing. No warning will be shown. The scan will proceed to the next file. - - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original - state before processing. A warning will be shown. The scan will proceed to the next file. - - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No - other files will be processed - -See the -[Scan Settings Tab](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -![Scoping Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingoptions.webp) - -**Step 9 –** On the Scoping Options page, add share/folder inclusions and exclusions. See the -[FSAA: Scoping Options](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) topic -for additional information: - -![Scoping Queries](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingqueries.webp) - -**Step 10 –** On the Scoping Queries page: - -- Add share and folder inclusions -- Add share and folder exclusions -- Scope to scan only Open shares - -**NOTE:** This option only works in conjunction with File System Access Auditing. - -See the -[FSAA: Scoping Queries](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -![Sensitive Data Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp) - -**Step 11 –** On the Sensitive Data Settings page: - -- Modify maximum file size to be scanned -- Add scanning offline files -- Modify file types to be scanned -- Enable differential scanning -- Modify the number of SDD scan processes - - **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host - should be 1 to 2 times the number of CPU threads available. - -- Enable Optical Character Recognition (OCR) scans - - **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents - directly converted to images, with standard fonts. It will not work for scanning photos of - documents and may not be able to recognize text on images of credit cards, driver's licenses, or - other identity cards. - -See the -[FSAA: Sensitive Data Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information. - -![SDD Criteria Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seeksddcriteriasettings.webp) - -**Step 12 –** On the SDD Criteria Settings page, add or remove criteria as desired. See the -[FSAA: SDD Criteria Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) topic -for additional information. - -- _(Optional)_ To create custom criteria, see the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) - topic for additional information - -**NOTE:** By default, discovered sensitive data strings are not stored in the Enterprise Auditor -database. - -**Step 13 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes -were made. Then click **OK** to close the Query Properties window. - -If changes were made, the **1-SEEK System Scans** Job has now been customized. - -# 2-FSAA Bulk Import Job - -The 2-FSAA Bulk Import job is designed to import collected access information from the targeted file -servers. - -## Query for the 2-FSAA Bulk Import Job - -The Bulk import query uses the FSAA Data Collector and has been preconfigured to use the File system -access/permission auditing Bulk import category. - -![Query for the 2-FSAA Bulk Import Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaabulkimportquery.webp) - -- Bulk import – Imports scan data into SQL Server - - - Typically, this query is not modified. See the - [FileSystemAccess Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - topic for information on when this query should be modified. - -## Analysis Tasks for the 2-FSAA Bulk Import Job - -View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **2-FSAA Bulk -Import** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 2-FSAA Bulk Import Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaabulkimportanalysis.webp) - -The following analysis tasks are selected by default: - -- Update Statistics – Improves performance on the FSAA tables -- Resolve links – Resolves DFS links in standard tables - -The following analysis task is deselected by default: - -- Nasuni – Resolves links for Nasuni Hosts - -# 2-FSAC Bulk Import Job - -The 2-FSAC Bulk Import job is designed to import collected access information from the targeted file -servers. - -## Query for the 2-FSAC Bulk Import Job - -The Bulk Import query uses the FSAA Data Collector and has been preconfigured to use the File system -activity Bulk import category. - -![Query for the 2-FSAC Bulk Import Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacbulkimportquery.webp) - -- Bulk Import – Imports data into SQL Server - - - Typically this query is not modified. See the - [FileSystemAccess Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - topic for information on when this query should be modified. - -# 2-SEEK Bulk Import Job - -The 2-SEEK Bulk Import job is designed to import collected sensitive data information from the -targeted file servers. - -## Query for the 2-SEEK Bulk Import Job - -The Bulk Import query uses the FSAA Data Collector and has been preconfigured to use the Sensitive -data Bulk import category. - -![Query for the 2-SEEK Bulk Import Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seekbulkimportquery.webp) - -- Bulk Import – Imports data into SQL server - - - Typically this query is not modified. See the - [FileSystemAccess Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) - topic for information on when this query should be modified. - -# 3-FSAA Exceptions Job - -The 3-FSAA Exceptions job does not use the FSAA Data Collector. Instead it runs analysis on the data -returned by the Access Auditing collection jobs to identify potential security concerns. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The 3-FSAA Exceptions job has the following customizable parameter: - -- Well Known high risk SIDS – Add any additional custom SIDS, but do not remove the default SIDS. - -See the -[Analysis Tasks for the 3-FSAA Exceptions Job](#analysis-tasks-for-the-3-fsaa-exceptions-job) topic -for additional information. - -## Analysis Tasks for the 3-FSAA Exceptions Job - -View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **3-FSAA -Exceptions** > **Configure** node and select **Analysis**. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or -deselected. While it is possible to deselect particular tasks as specified, it is not recommended. - -![Analysis Tasks for the 3-FSAA Exceptions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaexceptionsanalysis.webp) - -The following analysis tasks are selected by default: - -- Open resources – Any folders that are openly accessible through file shares. Can be deselected if - open resource information is not desired. - - - Well known high risk SIDS have been set in the `#SIDS` parameter. Do not remove these, but - additional custom SIDS can be added. See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. - -- Disabled users – Any folders where disabled users have been granted access - - - Can be deselected if disabled user information is not desired - -- Stale users – Any folders where stale users have been granted access. Stale users are user who - have not logged in for more than 120 days. - - - Can be deselected if stale user information is not desired - -- Reindex Exception IDs – Displays views within the **Results** node of the Enterprise Auditor - Console - -# 3-FSAC Exceptions Job - -The 3-FSAC Exceptions job is designed to analyze collected access information for exceptions. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The 3-FSAC Exceptions job has many customizable parameters. See the -[Customizable Analysis Tasks for the 3-FSAC Exceptions Job](#customizable-analysis-tasks-for-the-3-fsac-exceptions-job) -topic for information on these. - -## Analysis Tasks for the 3-FSAC Exceptions Job - -View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **3-FSAC -Exceptions** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 3-FSAC Exceptions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacexceptionsanalysis.webp) - -The following analysis tasks are selected by default: - -- Unusual share activity – Share exceptions for unusual volumes (spikes) of activity -- First time access to share – Recent share access by users for the first time -- Sensitive data activity – Recent access to sensitive content -- Unusual peer group share activity – Spikes in interdepartmental activity -- Unusual binaries activity – First time user activity performed on binaries -- Unusual user activity – Spikes in activity by user -- Unusual user sensitive data activity – Spikes in sensitive data activity by user -- Ransomware – Spikes in updates by user -- Unusual user stale data activity – Spikes in stale data activity by user - -While it is possible to deselect particular tasks as specified, it is not recommended. The following -analysis tasks are deselected by default: - -- Show view – Displays the SA_FSAC_ExceptionsView within the Results node of the Enterprise Auditor - Console -- Show users view – Displays the SA_FSAC_UserExceptionsView within the Results node of the - Enterprise Auditor Console - -### Customizable Analysis Tasks for the 3-FSAC Exceptions Job - -Customizable parameters enable users to set the values used for classification during the job’s -analysis. The 3-FSAC Exceptions job contains the following customizable parameters: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------------------------ | --------------------------- | ------------- | ------------------------------------------------------------------------------- | -| Unusual share activity | @WEEKS | 3 | Minimum data points required for analysis | -| Unusual share activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Unusual share activity | @EVENTS | 10 | Minimum amount of events for operations exception | -| Unusual share activity | @PEOPLE | 10 | Minimum amount of people for user activity exception | -| Unusual share activity | @FILES | 10 | Minimum amount of files for resource count exception | -| Unusual share activity | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Unusual share activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operation count exception | -| Unusual share activity | @TRUSTEESTDDEVS | 3 | Multiples of standard deviation required to be a user volume exception | -| Unusual share activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a file activity volume exception | -| First time access to share | @DAYS | 7 | Amount of days to generate exceptions for from today | -| First time access to share | @MINDAYS | 30 | minimum amount of days a share needs to determine access | -| Sensitive data activity | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Unusual peer group share activity | @WEEKS | 3 | Minimum data points required for analysis | -| Unusual peer group share activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Unusual peer group share activity | @EVENTS | 10 | Minimum amount of events for operations exception | -| Unusual peer group share activity | @FILES | 10 | Minimum amount of files for resource count exception | -| Unusual peer group share activity | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Unusual peer group share activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operation count exception | -| Unusual peer group share activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a file activity volume exception | -| Unusual binaries activity | @DATE_CUTOFF | 7 | From the current time, how many days to look back when considering exceptions | -| Unusual user activity | @WEEKS | 3 | Minimum data points required for analysis | -| Unusual user activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Unusual user activity | @EVENTS | 10 | Minimum amount of events for operations exception | -| Unusual user activity | @SHARES | 10 | Minimum amount of shares for share activity exception | -| Unusual user activity | @FILES | 10 | Minimum amount of files for resource count exception | -| Unusual user activity | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Unusual user activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | -| Unusual user activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | -| Unusual user activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | -| Unusual user sensitive data activity | @WEEKS | 3 | Minimum data points required for analysis | -| Unusual user sensitive data activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Unusual user sensitive data activity | @EVENTS | 10 | Minimum amount of events for operations exception | -| Unusual user sensitive data activity | @SHARES | 10 | Minimum amount of shares for share activity exception | -| Unusual user sensitive data activity | @FILES | 10 | Minimum amount of files for resource count exception | -| Unusual user sensitive data activity | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Unusual user sensitive data activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | -| Unusual user sensitive data activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | -| Unusual user sensitive data activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | -| Ransomware | @WEEKS | 3 | Minimum data points required for analysis | -| Ransomware | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Ransomware | @EVENTS | 10 | Minimum amount of events for operations exception | -| Ransomware | @SHARES | 10 | Minimum amount of shares for share activity exception | -| Ransomware | @FILES | 10 | Minimum amount of files for resource count exception | -| Ransomware | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Ransomware | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | -| Ransomware | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | -| Ransomware | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | -| Unusual user stale data activity | @WEEKS | 3 | Minimum data points required for analysis | -| Unusual user stale data activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Unusual user stale data activity | @EVENTS | 10 | Minimum amount of events for operations exception | -| Unusual user stale data activity | @SHARES | 10 | Minimum amount of shares for share activity exception | -| Unusual user stale data activity | @FILES | 10 | Minimum amount of files for resource count exception | -| Unusual user stale data activity | @DAYS | 7 | The amount of days to generate exceptions for from today | -| Unusual user stale data activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | -| Unusual user stale data activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | -| Unusual user stale data activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | -| Unusual user stale data activity | @STALETHRESHOLD | 365 | Number of days after which resources are considered stale | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information on modifying analysis parameters. - -# 0.Collection Job Group - -The 0.Collection job group is designed to collect information from targeted file servers. -Information collected includes access control information, activity events, and sensitive data. - -![0.Collection Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 0.Collection job group has the following collection components: - -- File System Access Auditing (FSAA) component – The primary component of this group. Collects file - system information, such as permissions and content metadata. It employs the **1-FSAA System - Scans** job, the **2-FSAA Bulk Import** job, and the **3-FSAA Exceptions** job. See the - [File System Access Auditing](#file-system-access-auditing) topic for additional information. -- File System DFS Auditing (FSDFS) component – Collects Distributed File System (DFS) mappings from - Active Directory or self-hosted DFS servers and compares them to the file system information. It - works in conjunction with the FSAA component and employs the **0-FSDFS System Scans** job. The - results from this component are only available through the Access Information Center. See the - [File System DFS Auditing](#file-system-dfs-auditing) topic for additional information. -- File System Activity Auditing (FSAC) component – Collects event information logged by the Activity - Monitor. This component requires an additional installer package before data collection will - occur. It should be run in conjunction with the FSAA component and employs the **1-FSAC System - Scans** job, the **2-FSAC Bulk Import** job, and the **3-FSAC Exceptions** job. See the - [File System Activity Auditing](#file-system-activity-auditing) topic for additional information. -- File System Sensitive Data Discovery Auditing (SEEK) component – Searches file content for - sensitive data. It can work independently or in conjunction with the FSAA component and employs - the **1-SEEK System Scans** job and the **2-SEEK Bulk Import** job. This component requires an - additional installer package before data collection will occur. See the - [File System Sensitive Data Discovery Auditing (SEEK)](#file-system-sensitive-data-discovery-auditing-seek) - topic for additional information. - -These jobs are numbered to keep them in the necessary run order. Not all jobs need be run. See the -appropriate auditing topic for specific job relationships and recommended workflows. The 0-Create -Schema job ensures the database schema is properly configured for the current version of the data -collector. See the -[0-Create Schema Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -topic for additional information. - -_Remember,_ the relationship between system scans and bulk import jobs requires the following -considerations: - -- A system scans job executed from a Enterprise Auditor Console must be followed by the - corresponding bulk import job from the same Enterprise Auditor Console with the same version of - Enterprise Auditor -- Two system scans processing the same information, for example two 1-FSAA System Scans jobs, cannot - be executed consecutively against the same target host. The corresponding bulk import job, for - example 2-FSAA Bulk Import job, must be executed in between. - -The system scans job collects the data and creates a Tier-2 database, or SQLite database, on the -local host, target host, or proxy host (according to the Applet Gathering Settings configured). The -corresponding bulk import job gathers the information from the Tier-2 database, and pulls it into -the Tier-1 database, or Enterprise Auditor SQL backend database, thus completing the collection -process. The collection does not include a bulk import job, as it streams the collected data -directly into the Tier-1 database. - -## File System Access Auditing - -Access Auditing (FSAA) is the primary component of the 0.Collection job group. It collects file -system permission, content metadata, and additional file system information. The jobs, tables, and -views specifically incorporated into this component are prefixed with `FSAA`. See the -[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information on the data collected. - -The 0.Collection jobs that comprise this auditing component are: - -- [1-FSAA System Scans Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Collects access information from the targeted file servers -- [2-FSAA Bulk Import Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Imports collected access information from the targeted file servers - - - The 2-FSAA Bulk Import job does not need to be run when streaming is enabled - -- [3-FSAA Exceptions Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Analyzes collected access information for exceptions - -The following job groups and jobs in the File System solution depend on data collected by these jobs -to generate reports: - -- [1.Open Access > FS_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -- [2.Direct Permissions Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -- [4.Content Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) -- [5.Activity Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - (also requires Activity Auditing) -- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - (also requires Activity Auditing) -- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - (also requires Activity Auditing and Sensitive Data Discovery Auditing) -- [Ad Hoc Audits Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -- [FileSystemOverview Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -- [FS_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/file-systems/security-assessment.md) - -The File System Access Reports in the Access Information Center are also populated by this data. See -the File System Reports topics in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -It is more efficient to streamline the collection jobs to those desired. Remember, it is a best -practice to scope the 0.Collection job group to only include the collection components desired by -disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. -It is not recommended to delete any jobs. The required collection jobs are listed for the following -workflow. - -Workflow (for Access Auditing only) - -The recommended workflow for Access Auditing only is as follows: - -**Step 1 –** Run the **1-FSAA System Scans** job. - -**Step 2 –** If necessary, run the **2-FSAA Bulk Import** job: - -- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** - job. -- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 3 –** Run the **3-FSAA Exceptions** job. - -**Step 4 –** Run the desired corresponding analysis and reporting sub-job groups. - -**NOTE:** Please see the -[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md) -topic before continuing with this workflow. - -See the other auditing sections for workflows which include multiple auditing types. - -## File System DFS Auditing - -DFS Auditing (FSDFS) is the component of the 0.Collection job group which collects Distributed File -System (DFS) mappings from Active Directory or self-hosted DFS servers and compares them to the file -system information. It works in conjunction with the Access Auditing component. The jobs, tables, -and views specifically incorporated into this component are prefixed with `FSDFS`. See the -[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information on the data collected. - -The 0.Collection jobs that comprise the DFS auditing component are: - -- [0-FSDFS System Scans Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – This job is responsible for enumerating a list of all root and link targets in the distributed - file system and creating a dynamic host list that will be used by the other 0.Collection jobs - - - The Connection Profile and required permissions for the 0-FSDFS System Scans job are the same - as those required for collecting system data from supported Windows operating systems. They - are dependent on the file system scan option being used. See the - [File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) topic - for additional information. - - The target host you should assign to the 0-FSDFS System Scans job depends on the type of - DFS namespace being audited: - - - For domain-based DFS namespaces, assign a host list containing the default domain - controllers for the domains hosting the DFS namespaces - - For standalone DFS namespaces, assign a host list containing the servers hosting the - namespaces - - - When run successfully, the 0-FSDFS System Scans job automatically creates a dynamic host list - called **DFS HOST LIST**. This is added to the Host Management node. You should assign this - **DFS HOST LIST** to other 0.Collection jobs as outlined in the recommended workflows below. - -The components depend on data collected by these jobs to collect within a file system using DFS -mappings. - -It is more efficient to streamline the collection jobs to those desired. Remember, it is a best -practice to scope the 0.Collection job group to only include the collection components desired by -disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. -It is not recommended to delete any jobs. The required collection jobs are listed for each of the -following optional workflows. - -**CAUTION:** The DFS Auditing component must always be run in conjunction with the Access Auditing -component. Access audits are necessary to resolve the target shares and folders of DFS link -destinations. - -Recommended Workflow 1 (for AccessAuditing with DFS Auditing) - -**Step 1 –** Run the **0-FSDFS System Scans** job. - -**Step 2 –** Run the **1-FSAA System Scans** job (with the **DFS HOST LIST** assigned). - -**Step 3 –** If necessary, run the **2-FSAA Bulk Import** job (with the **DFS HOST LIST** assigned): - -- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** - job. -- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 4 –** Run the **3-FSAA Exceptions** job (not specifically needed for DFS Auditing, but -recommended for **0.Collection** job group). - -**Step 5 –** Run the desired corresponding analysis and reporting sub-job groups. - -Recommended Workflow 2 (for AccessAuditing with DFS Auditing and Activity Auditing) - -**Step 1 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once -only). - -**Step 2 –** Run the **0-FSDFS System Scans** job. - -**Step 3 –** Run the **1-FSAA System Scans** job (with the **DFS HOST LIST** assigned). - -**Step 4 –** Run the **1-FSAC System Scans** job (with the **DFS HOST LIST** assigned). - -**Step 5 –** If necessary, run the **2-FSAA Bulk Import** job (with the **DFS HOST LIST** assigned): - -- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** - job. -- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 6 –** Run the **2-FSAC Bulk Import** job (with the **DFS HOST LIST** assigned). - -**Step 7 –** Run the **3-FSAA Exceptions** job. - -**Step 8 –** Run the **3-FSAC Exceptions** job. - -**Step 9 –** Run the desired corresponding analysis and reporting sub-job groups. - -Recommended Workflow 3 (for AccessAuditing with DFS Auditing, Activity, and Sensitive Data Discovery -Auditing) - -**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once -only). - -**Step 2 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once -only). - -**Step 3 –** Run the **0-FSDFS System Scans** job. - -**Step 4 –** Run the **1-FSAA System Scans** job (with the **DFS HOST LIST** assigned). - -**Step 5 –** Run the **1-FSAC System Scans** job (with the **DFS HOST LIST** assigned). - -**Step 6 –** Run the **1-SEEK System Scans** job (with the **DFS HOST LIST** assigned). - -**Step 7 –** If necessary, run the **2-FSAA Bulk Import** job (with the **DFS HOST LIST** assigned): - -- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** - job. -- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 8 –** Run the **2-FSAC Bulk Import** job (with the **DFS HOST LIST** assigned). - -**Step 9 –** If necessary, run the **2-SEEK Bulk Import** job (with the **DFS HOST LIST** assigned): - -- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** - job. -- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** - job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 10 –** Run the **3-FSAA Exceptions** job. - -**Step 11 –** Run the **3-FSAC Exceptions** job. - -**Step 12 –** Run the desired corresponding analysis and reporting sub-job groups. - -**NOTE:** Please see the -[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md) -topic before continuing with these workflows. - -To scope the 0.Collection job group to only collect DFS information, see Step 9 of the -[Configure the (FSAA) File System Scan Query](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md#configure-the-fsaa-file-system-scan-query) -topic. - -## File System Activity Auditing - -Activity Auditing (FSAC) is the component of the 0.Collection job group that imports event -information collected by the Activity Monitor. It can be run independently or in conjunction with -the FSAA component, though it is recommended to run them together. The jobs, tables, and views -specifically incorporated into this component are prefixed with `FSAC`. See the -[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information on the data collected. - -**NOTE:** The Activity Auditing component requires the Activity Monitor be deployed, configured, and -have services running on the target hosts. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for additional information. - -Once the Activity Monitor is installed, the monitored host configuration tells it what to monitor -and how long to retain the activity log files. The monitoring agent writes one log per day of -activity for the host. Then, the FSAA Data Collector gathers the log files to report on file system -activity for the targeted host. While the Activity Monitor can be configured to create multiple -outputs, Enterprise Auditor can only collect one log file per host. Therefore, after the monitored -host has been configured, it is necessary to identify the log file for Enterprise Auditor. See the -[Identify a Log File](#identify-a-log-file) topic for additional information. - -The data retention period needs to be coordinated between the Activity Monitor and Enterprise -Auditor. The number of days theActivity Monitor is configured to retain log files must be higher -than the number of days between Activity Auditing scans. The FSAA Data Collector can be customized -on the Activity Settings page of the File System Access Auditor Data Collector Wizard. See the -[Configure the Activity Scan Query](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md#configure-the-activity-scan-query) -topic for additional information. - -**NOTE:** Integration between Enterprise Auditor and Threat Prevention for Windows File System -monitoring purposes requires the use of the SI Agent to generate the required logs. See the -[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) -for information on the Enterprise Auditor Integration. - -The **0.Collection** jobs that comprise this auditing component are: - -- [1-FSAC System Scans Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Collects activity events from the targeted file servers -- [2-FSAC Bulk Import Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Imports collected activity events from the targeted file servers -- [3-FSAC Exceptions Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Analyzes the collected activity events for exceptions - -The following job groups and jobs in the File System solution depend on data collected by these jobs -to generate reports: - -- [5.Activity Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - (also requires Access Auditing) -- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - (also requires Access Auditing) -- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - (also requires Access Auditing and Sensitive Data Discovery Auditing) -- [FileSystemOverview Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -- [FS_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/file-systems/security-assessment.md) - -The File System Activity Reports in the Access Information Center are also populated by this data. -See the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -It is more efficient to streamline the collection jobs to those desired. Remember, it is a best -practice to scope the 0.Collection job group to only include the collection components desired by -disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. -It is not recommended to delete any jobs. The required collection jobs are listed for each of the -following optional workflows. - -Recommended Workflow 1 (for Access and Activity Auditing) - -**Step 1 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once -only). - -**Step 2 –** Run the **1-FSAA System Scans** job. - -**Step 3 –** Run the **1-FSAC System Scans** job. - -**Step 4 –** If necessary, run the **2-FSAA Bulk Import** job: - -- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** - job. -- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 5 –** Run the **2-FSAC Bulk Import** job. - -**Step 6 –** Run the **3-FSAA Exceptions** job. - -**Step 7 –** Run the **3-FSAC Exceptions** job. - -**Step 8 –** Run the desired corresponding analysis and reporting sub-job groups. - -Recommended Workflow 2 (for Access, Activity, and Sensitive Data Discovery Auditing) - -**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once -only). - -**Step 2 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once -only). - -**Step 3 –** Run the **1-FSAA System Scans** job. - -**Step 4 –** Run the **1-FSAC System Scans** job. - -**Step 5 –** Run the **1-SEEK System Scans** job. - -**Step 6 –** If necessary, run the **2-FSAA Bulk Import** job: - -- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** - job. -- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 7 –** Run the **2-FSAC Bulk Import** job. - -**Step 8 –** If necessary, run the **2-SEEK Bulk Import** job: - -- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** - job. -- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** - job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 9 –** Run the **3-FSAA Exceptions** job. - -**Step 10 –** Run the **3-FSAC Exceptions** job. - -**Step 11 –** Run the desired corresponding analysis and reporting sub-job groups. - -Recommended Workflow 3 (for Access, Activity, DFS, and Sensitive Data Discovery Auditing) - -**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once -only). - -**Step 2 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once -only). - -**Step 3 –** Run the **0-FSDFS System Scans** job. - -**Step 4 –** Run the **1-FSAA System Scans** job. - -**Step 5 –** Run the **1-FSAC System Scans** job. - -**Step 6 –** Run the **1-SEEK System Scans** job. - -**Step 7 –** If necessary, run the **2-FSAA Bulk Import** job: - -- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** - job. -- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 8 –** Run the **2-FSAC Bulk Import** job. - -**Step 9 –** If necessary, run the **2-SEEK Bulk Import** job: - -- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** - job. -- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** - job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 10 –** Run the **3-FSAA Exceptions** job. - -**Step 11 –** Run the **3-FSAC Exceptions** job. - -**Step 12 –** Run the desired corresponding analysis and reporting sub-job groups. - -Optional Workflow (for Activity Auditing data collection only ) - -While activity data can be collected independently, the Activity reports require the Access Auditing -components. - -**Step 1 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once -only). - -**Step 2 –** Run the **1-FSAC System Scans** job. - -**Step 3 –** Run the **2-FSAC Bulk Import** job. - -**Step 4 –** Run the **3-FSAC Exceptions** job. - -**Step 5 –** Run the desired corresponding analysis and reporting sub-job groups. - -**NOTE:** Please see the -[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md) -topic before continuing with these workflows. - -### Identify a Log File - -While the Activity Monitor can have multiple configurations per host, Enterprise Auditor can only -read one of them. Therefore, after the Activity Monitor has been configured to monitor a host, it is -necessary to indicate when that configuration is for Enterprise Auditor. Follow these steps to -identify the Log file to be read by Enterprise Auditor. - -**Step 1 –** Within the Activity Monitor Console on the **Monitored Hosts** tab, select the desired -configuration and click **Edit**. - -**Step 2 –** On the **Log Files** tab, select the **This log file is for Enterprise Auditor** -option. - -**_RECOMMENDED:_** Select the **Comments** tab and identify this output as being configured for -Enterprise Auditor. - -**Step 3 –** Click **OK** to save the setting. - -Enterprise Auditor now reads that Log file when scanning the associated host. - -## File System Sensitive Data Discovery Auditing (SEEK) - -Sensitive Data Discovery Auditing (SEEK) is the component of the 0.Collection job group that -searches file content for sensitive data. It can be run independently or in conjunction with the -Access Auditing component to limit searches to Open Shares. The jobs for this component are prefixed -with `SEEK`. The tables and views are prefixed with `FSDLP`. See the -[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -topic for additional information on the data collected. - -**NOTE:** The Sensitive Data Discovery Auditing (SEEK) component requires an additional installer -package. Though the jobs are visible within the console, the Sensitive Data Discovery Add-on must be -installed before data collection will occur. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -Customized search criteria can be created with the Criteria Editor accessible through the SDD -Criteria Settings page of the File System Access Auditor Data Collector Wizard. See the -[Configure the (SEEK) File System Scan Query](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md#configure-the-seek-file-system-scan-query) -topic for additional information. - -_Remember,_ changes made in the Criteria Editor are global for Sensitive Data Discovery in -Enterprise Auditor. See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) -topic for additional information. - -Option to Enable Last Access Timestamp - -The Last Access Timestamp (LAT) is disabled by default in Windows. This means the LAT does not get -updated by any applications reading the file. As soon as the LAT feature is enabled in Windows, any -attempt to read file contents updates the LAT. It stores the time of the last read operation. - -Since files are read during the Sensitive Data Discovery Auditing scan,when the feature is enabled -in Windows the scan causes each file's LAT to update each time the file is scanned. Therefore, there -is a feature within the job XML file which enables the scan to call a special API in order to keep -each file's LAT from updating when it's scanned. This feature can be enabled by adding -`` tag to the XML. See the -[1-SEEK System Scans Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -topic for additional information and instructions. - -This feature works for all scan modes when targeting Windows machines. - -For additional information on preserving Last Access Time during SDD scans and Metadata tag -collection, see the -[File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic. - -File System Sensitive Data Discovery Auditing (SEEK) Jobs - -The 0.Collection jobs that comprise this auditing component are: - -- [1-SEEK System Scans Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Collects sensitive data from the targeted file servers -- [2-SEEK Bulk Import Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Imports collected sensitive data information from the targeted file servers - - - The 2-SEEK Bulk Import job does not need to be run when streaming is enabled - -The following job group and jobs in the File System solution depend on data collected by these jobs -to generate reports: - -- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - (also requires Access Auditing and Activity Auditing) -- [FileSystemOverview Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -- [FS_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/file-systems/security-assessment.md) - -The File System Sensitive Data Discovery Reports in the Access Information Center are also populated -by this data. See the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -It is more efficient to streamline the collection jobs to those desired. Remember, it is a best -practice to scope the 0.Collection job group to only include the collection components desired by -disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. -It is not recommended to delete any jobs. The required collection jobs are listed for the following -workflows. - -Recommended Workflow 1 (for Access and Sensitive Data Discovery Auditing data collection) - -**NOTE:** While Sensitive Data Discovery data can be collected, the Sensitive Data reports require -the Activity Auditing components. - -**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once -only). - -**Step 2 –** Run the **1-FSAA System Scans** job. - -**Step 3 –** Run the **1-SEEK System Scans** job. - -**Step 4 –** If necessary, run the **2-FSAA Bulk Import** job: - -- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** - job. -- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 5 –** If necessary, run the **2-SEEK Bulk Import** job: - -- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** - job. -- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** - job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 6 –** Run the **3-FSAA Exceptions** job. - -**Step 7 –** Run the desired corresponding analysis and reporting sub-job groups. - -Recommended Workflow 2 (for Access, Activity, and Sensitive Data Discovery Auditing) - -**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once -only). - -**Step 2 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once -only). - -**Step 3 –** Run the **1-FSAA System Scans** job. - -**Step 4 –** Run the **1-FSAC System Scans** job. - -**Step 5 –** Run the **1-SEEK System Scans** job. - -**Step 6 –** If necessary, run the **2-FSAA Bulk Import** job: - -- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** - job. -- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 7 –** Run the **2-FSAC Bulk Import** job. - -**Step 8 –** If necessary, run the **2-SEEK Bulk Import** job: - -- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** - job. -- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** - job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 9 –** Run the **3-FSAA Exceptions** job. - -**Step 10 –** Run the **3-FSAC Exceptions** job. - -**Step 11 –** Run the desired corresponding analysis and reporting sub-job groups. - -Recommended Workflow 3 (for Access, Activity, DFS, and Sensitive Data Discovery Auditing) - -**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once -only). - -**Step 2 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once -only). - -**Step 3 –** Run the **0-FSDFS System Scans** job. - -**Step 4 –** Run the **1-FSAA System Scans** job. - -**Step 5 –** Run the **1-FSAC System Scans** job. - -**Step 6 –** Run the **1-SEEK System Scans** job. - -**Step 7 –** If necessary, run the **2-FSAA Bulk Import** job: - -- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** - job. -- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 8 –** Run the **2-FSAC Bulk Import** job. - -**Step 9 –** If necessary, run the **2-SEEK Bulk Import** job: - -- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** - job. -- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** - job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 10 –** Run the **3-FSAA Exceptions** job. - -**Step 11 –** Run the **3-FSAC Exceptions** job. - -**Step 12 –** Run the desired corresponding analysis and reporting sub-job groups. - -Optional Workflow (for Sensitive Data Discovery Auditing data collection only) - -While Sensitive Data Discovery data can be collected, reports require the Access Auditing and -Activity Auditing components. - -**Step 1 –** Run the **1-SEEK System Scans** job. - -**Step 2 –** If necessary, run the **2-SEEK Bulk Import** job. - -- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** - job. -- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** - job. - - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. - -**Step 3 –** Run the desired corresponding analysis and reporting sub-job groups. - -**NOTE:** Please see the -[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md) -topic before continuing with these workflows. - -# FS_DomainUserACLs Job - -The FS_DomainUserACLs job is designed to report on domain users that have been granted direct -permissions on resources from targeted file servers. - -## Analysis Tasks for the FS_DomainUserACLs Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_DomainUserACLs** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_DomainUserACLs Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp) - -The following analysis tasks are selected by default: - -- 0. Drop tables – Drops tables from previous runs -- 1. Direct User Resource Details – Creates the SA_FS_DomainUserACLs_DirectUserResourceDetails - table accessible under the job’s Results node -- 2. Direct Users: Top 5 Servers – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 3. Direct Users – Creates an interim processing table in the database for use by downstream - analysis and report generation -- 4. Direct Resources – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis tasks which displays all direct user -permissions, the FS_DomainUserACLs job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | -------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain User ACLs | This report identifies all places where a domain user account has direct rights. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 servers affected by folders - Table – Provides details on domain users - Table – Provides details on resources | - -# FS_HighRiskACLs Job - -The FS_HighRiskACLs job is designed to report on high risk security principals that have been -granted direct permissions on resources from targeted file servers. - -## Analysis Tasks for the FS_HighRiskACLs Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_HighRiskACLs** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_HighRiskACLs Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/highriskaclsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. High Risk ACL Details – Creates the SA_FS_HighRiskACLs_Details table accessible under the - job’s Results node -- 2. High Risk Permissions Matrix – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 3. Open Manage Rights – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis task, the FS_HighRiskACLs job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| High Risk ACLs | This report shows permissions of Authenticated Users, Anonymous Login, Everyone, or Domain Users. Applying these trustees to permissions may inadvertently open security holes. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Stacked Bar Chart – Displays high risk permission assignments - Table – Provides details on resources by open manage rights | - -# FS_LocalUsersAndGroups Job - -The FS_LocalUsersAndGroups job is designed to report on local users and groups that have been -granted direct permissions on resources from targeted file servers. - -## Analysis Tasks for the FS_LocalUsersAndGroups Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_LocalUsersAndGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_LocalUsersAndGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Local Groups Resource Details – Creates the - SA_FS_LocalUsersAndGroups_LocalGroupResourceDetails table accessible under the job’s Results - node -- 2. Local Groups – Creates an interim processing table in the database for use by downstream - analysis and report generation -- 3. Local Group Details – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis task, the FS_LocalUsersAndGroups job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Local Users And Groups | This report identifies at the server level, how many local users and groups have direct ACLs, followed by details at the share level. | None | This report is comprised of two elements: - Bar Chart – Displays top five servers with local users and groups by affected folders - Table – Provides details on local users and groups | - -# FS_MissingFullControl Job - -The FS_MissingFullControl job is designed to report on resources from targeted file servers that -have no Full Control rights granted to it. - -## Analysis Tasks for the FS_MissingFullControl Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_MissingFullControl** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_MissingFullControl Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Determine folders which are missing full control – Creates an interim processing table in the - database for use by downstream analysis and report generation -- 2. Summarize folders which are missing full control – Creates an interim processing table in the - database for use by downstream analysis and report generation - -In addition to the tables and views created by the analysis task, the FS_MissingFullControl job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Missing Full Control Rights | This report identifies folders within the environment which currently do not have any trustee with Full Control rights, adding to administrative burden. | None | This report is comprised of three elements: - Bar Chart – Displays shares with missing full control rights - Table – Provides details on folder - Table – Provides details on shares with missing full control rights | - -# FS_NestedShares Job - -The FS_NestedShares job is is designed to report on nested shares that have been granted direct -permissions from targeted file servers. - -## Analysis Tasks for the FS_NestedShares Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_NestedShares** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_NestedShares Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/nestedsharesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Identify Nested Shares - - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_FS_NestedShares_ShareDetails table accessible under the job’s Results node - -- 2. Create function to compare permissions -- 3. Analyze Permission Details - - - Creates the SA_FS_NestedShares_SharePermissions table accessible under the job’s Results node - - Updates the SA_FS_NestedShares_ShareDetails table accessible under the job’s Results node - -- 4. Host Summary – Creates the SA_FS_NestedShares_HostSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the FS_NestedShares job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | -| Nested Shares | This report identifies where folders are exposed through multiple shares. This may cause issues with unwanted access. | None | This report is comprised of two elements: - Bar Chart – Displays hosts by folder count - Table – Provides details on shares | - -# FS_SIDHistory Job - -The **2.Direct Permissions** > **FS_SIDHistory** job is designed to report on trustees that have a -historical SID that has been granted direct permissions on resources from targeted file servers. - -## Analysis Tasks for the FS_SIDHistory Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_SIDHistory** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_SIDHistory Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/sidhistoryanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Find ACEs Through SID History - - - Creates the SA_FS_SIDHistory_Details table accessible under the job’s Results node - - Creates the SA_FS_SIDHistory_TrusteeDetails table accessible under the job’s Results node - -- 2. Host Rollups – Creates the SA_FS_SIDHistory_HostSummary table accessible under the job’s - Results node -- 3. Expose SID Details View – Makes the SA_FS_SIDHistory_TrusteeDetails table visible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_SIDHistory job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SID History Overview | This report identifies any applied ACE which utilizes a trustee's SID history. | None | This report is comprised of three elements: - Bar Chart – Displays the top 5 hosts by affected folders - Table – Provides details on permissions - Table – Provides details on trustees | - -# FS_UnresolvedSIDs Job - -The FS_UnresolvedSIDs job is designed to report on unresolved SIDs that have been granted direct -permissions on resources from targeted file servers. - -## Analysis Tasks for the FS_UnresolvedSIDs Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_UnresolvedSIDs** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_UnresolvedSIDs Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp) - -The following analysis task is selected by default: - -- Unresolved SIDs – Creates the SA_FS_UnresolvedSIDs_SIDsByResourcePath table accessible under the - job's Results node - -In addition to the tables and views created by the analysis task, the FS_UnresolvedSIDs job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | -------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Unresolved SIDs | This report identifies where permissions are assigned for users which no longer exist. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by affected folders - Table – Provides details on top unresolved SIDs - Table – Provides details on top servers by affected folders | - -# 2.Direct Permissions Job Group - -The 2.Direct Permissions job group is designed to report on Direct Permissions information from -targeted file servers. - -![2.Direct Permissions Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 2.Direct Permissions job group is comprised of: - -- [FS_DomainUserACLs Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Reports on domain users that have been granted direct permissions on resources from targeted - file servers -- [FS_HighRiskACLs Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Reports on high risk security principals that have been granted direct permissions on resources - from targeted file servers -- [FS_LocalUsersAndGroups Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Reports on local users and groups that have been granted direct permissions on resources from - targeted file servers -- [FS_MissingFullControl Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Reports on resources from targeted file servers that have no Full Control rights granted to it -- [FS_NestedShares Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Reports on nested shares that have been granted direct permissions from targeted file servers -- [FS_SIDHistory Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Reports on trustees that have a historical SID that has been granted direct permissions on - resources from targeted file servers -- [FS_UnresolvedSIDs Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Reports on unresolved SIDs that have been granted direct permissions on resources from targeted - file servers - -# FileSystemOverview Job - -The FileSystemOverview job provides insight into all targeted file servers. It is dependent on data -collected by the -[File System Access Auditing](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md#file-system-access-auditing) -components and the components of the -[0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md). -It also depends on the running of the sub-job groups within the solution. If only select sub-job -groups have been run, there will be blank sections in the overview report. - -![FileSystemOverview Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/filesystemoverviewjobstree.webp) - -The FileSystemOverview job is designed to provide an overview of all relevant information from -targeted file servers. - -### Analysis Tasks for the FileSystemOverview Job - -View the analysis tasks by navigating to the **FileSystem** > **FileSystemOverview** > **Configure** -node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FileSystemOverview Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/filesystemoverviewanalysis.webp) - -The following analysis task is selected by default: - -- Create Report Views – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis task, the FileSystemOverview job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | -------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------- | -| File System Overview | This report provides an overview of all targeted file servers. | None | This report is comprised of one element: - Table – Provides summary of the targeted file system | - -# 3.Broken Inheritance > FS_BrokenInheritance Job - -The FS_BrokenInheritance job is designed to report on resources with Broken Inheritance from -targeted file servers. - -![3.Broken Inheritance > FS_BrokenInheritance Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritancejobstree.webp) - -The FS_BrokenInheritance job is located in the 3.Broken Inheritance job group. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The FS_BrokenInheritance job has the following configurable parameter: - -- Only analyze folders with changed permissions – Set a value of `1` or `2` to select if only - folders with modified permissions are analyzed: - - - 1 – Only analyze resources with changed permissions from parent - - 2 – Analyze all resources regardless of permission changes between parent and child - -See the -[Analysis Tasks for the FS_BrokenInheritance Job](#analysis-tasks-for-the-fs_brokeninheritance-job) -topic for additional information. - -## Analysis Tasks for the FS_BrokenInheritance Job - -View the analysis tasks by navigating to the **FileSystem** > **3.Broken Inheritance** > -**FS_BrokenInheritance** > **Configure** node and select **Analysis**. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or -deselected. There are some that are deselected by default, as they are for troubleshooting purposes. - -![Analysis Tasks for the FS_BrokenInheritance Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Analyze Broken Inheritance - - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_FS_BrokenInheritance_UniqueTrustees table accessible under the job's Results - node - - Creates the SA_FS_BrokenInheritance_UniqueTrusteesPivot table accessible under the job's - Results node - -- 2. Choose to analyze only folders with modified permissions – Creates an interim processing - table in the database for use by downstream analysis and report generation - - - By default set to only analyze resources with changed permissions from parent - - Can be modified to analyze all resources regardless of permission changes between parent and - child. See the [Parameter Configuration](#parameter-configuration) topic for additional - information. - - Alternatively, this can be set by modifying the `@FILTER_TO_CHANGED_RESOURCES` parameter. See - the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. - -- 3. Determine Permission Changes – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 4. Analyze Trustee Differences – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 5. Inheritance Types. Categorizes Permission Changes – Creates an interim processing table in - the database for use by downstream analysis and report generation -- 6. Summarize by Share – Creates an interim processing table in the database for use by - downstream analysis and report generation - -The following analysis tasks are deselected by default: - -- 7. Bring Table to Console - Unique trustees – Restores the - SA_FS_BrokenInheritance_UniqueTrustees table to be visible under the job's Results node -- 8. Bring Table to Console - Trustees pivot – Restores the - SA_FS_BrokenInheritance_UniqueTrusteesPivot table to be visible under the job's Results node - -In addition to the tables and views created by the analysis tasks, the FS_BrokenInheritance job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Broken Inheritance by Share (Broken Inheritance Details) | Broken inheritance between resources can lead to incorrect access for users, either overprovisioning them, or locking them out of critical data. This report identifies the shares and folders with the most permission changes from the parent resource. | None | This report is comprised of three elements: - Bar Chart – Displays top five shares by permission changes - Table – Provides details on folders - Table – Provides details on shares | -| Unique Trustees | This report identifies permission changes between folders. These trustees have been either removed, added, or had their rights adjusted. | None | This report is comprised of one element: - Table – Provides details on unique trustees | - -# 7.Sensitive Data > FS_DLPResults Job - -The FS_DLPResults job is designed to report on resources that have been identified to contain -sensitive data from targeted file servers. It is comprised of analysis and reports which use the -data collected by the **0.Collection** job group to provide information on where sensitive data is -being shared. Best practices often dictate moving files with sensitive data out of open shares. - -![7.Sensitive Data > FS_DLPResults Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) - -The FS_DLPResults job is located in the 7.Sensitive Data job group. - -## Analysis Tasks for the FS_DLPResults Job - -View the analysis tasks by navigating to the **FileSystem** > **7.Sensitive Data** > -**FS_DLPResults** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_DLPResults Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/dlpresultsanalysis.webp) - -The following analysis tasks are selected by default: - -- Share Details – Creates the SA_FS_DLPResults_ShareDetails table accessible under the job’s Results - node -- Share Summary – Creates the SA_FS_DLPResults_ShareSummary table accessible under the job’s Results - node -- Enterprise Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation -- Sensitive Security Groups – Creates the SA_FS_DLPResults_GroupDetails table accessible under the - job’s Results node -- Identify Probable Owners – Creates the SA_FS_DLPResults_ProbableOwners table accessible under the - job’s Results node -- Activity Details – Creates the SA_FS_DLPResults_ActivityDetails table accessible under the job’s - Results node -- Top Trustees by Activity – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the FS_DLPResults job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary (Sensitive Content) | This report identifies the type and amount of sensitive content found on scanned machines. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – Displays exceptions by file count - Table – Provides details on exceptions by file count | -| File Ownership (Sensitive Data Ownership) | This report identifies the top 3 potential owners of files which have been found to contain sensitive content. | None | This report is comprised of one element: - Table – Provides details on top owners per file | -| Sensitive Data Access | This report shows who is accessing sensitive data. Emphasis is placed on activity within the last 30 days. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays sensitive data access by top users - last 30 days - Table – Provides details on sensitive data access | -| Sensitive Security Groups | This report identifies groups which are used to provide access to sensitive data. Changes to membership should be closely monitored. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Top groups by access to sensitive files - Table – Provides details on group access to sensitive files | -| Share Details (Shares with Sensitive Content) | This report identifies the location of sensitive data, and flags whether or not this data is accessible through open access. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar chart – Displays top shares by sensitive file count - Table – Provides details on files - Table – Provides details on top shares by sensitive file count | - -# 1.Open Access > FS_OpenAccess Job - -The FS_OpenAccess job is designed to report on Open Access information from targeted file servers. -The definition of Open Access is when a security principal, such as Everyone, Authenticated Users, -or Domain Users, have permissions on a resource. - -![1.Open Access > FS_OpenAccess Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/openaccessjobstree.webp) - -The FS_OpenAccess job is located in the 1.Open Access job group. - -## Analysis Tasks for the FS_OpenAccess Job - -View the analysis tasks by navigating to the **FileSystem** > **1.Open Access** > -**FS_OpenAccess** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_OpenAccess Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/openaccessanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Find Open Access – Creates the SA_FS_OpenAccess_OpenResources table accessible under the - job’s Results node -- 2. Sum by Host - Summarized Access Sprawl – Creates the SA_FS_OpenAccess_HostsRanked table - accessible under the job’s Results node -- 3. Sum by Share – Creates the SA_FS_OpenAccess_SharesRanked table accessible under the job’s - Results node -- 4. Content Type in Share - Categorizes shared content: - - - Creates an interim processing view in the database for use by downstream analysis and report - generation - - Creates the SA_FS_OpenAccess_ShareContent view accessible under the job’s Results node - -- 5. Content by Host – Updates the SA_FS_OpenAccess_HostsRanked table accessible under the job’s - Results node -- 6. Remediation Tracking - Track Status of Shares Throughout Time – Creates an interim processing - view in the database for use by downstream analysis and report generation -- 7. Track Remediation by Months - Track Status of Shares Throughout Time – Creates an interim - processing view in the database for use by downstream analysis and report generation -- 8. Assign Risk Ratings to Hosts and Shares – Updates the SA_FS_OpenAccess_HostsRanked and the - SA_FS_OpenAccess_SharesRanked tables accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_OpenAccess job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Folder Details (Open Folder Details) | This report identifies all open folders within the targeted environment. | None | This report is comprised of one element: - Table – Provides details on open folders | -| Hosts with Open Access | This report identifies hosts with the highest number of open folders. | None | This report is comprised of two elements: - Bar Chart – Displays top hosts by open folder count - Table – Provides details on hosts with open folder access | -| Open Shares | This report identifies shares with open resources. The Open Access column shows the highest levels of access given to all users in any one resource inside the share. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays largest open shares by folder count - Table – Provides details on open shares | -| Remediation Status | This report identifies the historical success of the organization's share management effort. | None | This report is comprised of two elements: - Column Chart – Displays the remediation status - Table – Provides details on remediation status | - -## 6.Probable Owner > FS_ProbableOwner Job - -The 6.Probable Owner Job Group is designed to report on probable owners of resources from targeted -file servers. - -![probableownerjobstree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/probableownerjobstree.webp) - -The 6.Probable Owner Job Group is comprised of: - -- FS_ProbableOwner Job – Designed to report on probable owners of resources from targeted file - servers - -## Analysis Tasks for the FS_ProbableOwner Job - -View the analysis tasks by navigating to the FileSystem > 6.Probable Owner > FS_ProbableOwner > -Configure node and select Analysis. - -**CAUTION:** Do not modify or deselect the first and third selected analysis tasks. The analysis -tasks are preconfigured for this job. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/probableowneranalysis.webp) - -The following analysis tasks are selected by default: - -- Create Functions – Creates functions in tier 1 SQL database that are required to calculate - Probable Owners -- Identify Probable Owners – Creates the SA_FS_ProbableOwner_Details table accessible under the - job’s Results node - - Set to “Start listing ownership at the root share” which is `@minlevel` parameter set to - Value0. - - Set to “List ownership as deep into the folder hierarchy as the root share” which is - `@maxlevel` parameter set to Value0. - - Value0 = root share, Value1 = 1 folder deep, Value2 = 2 folders deep, etc. - - Set the variable #FILTERED_TRUSTEES to a CSV file that contains one row for each SID to be - excluded. When the job is run, SIDs specified in the #FILTERED_TRUSTEES variable are excluded - from the analysis and not reported as probable owners. - - See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) - topic for additional information. -- Identify Folders with no Owner Found – Creates the SA_FS_ProbableOwner_NoOwnerFound table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_ProbableOwner Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------- | -| Probable Share Owners (A.K.A. Probable Owners) | This report identifies the number of shares owned by individuals, as determined by a weighted average of ownership of content, management, and level of activity. The top 2 owners per ownership criteria per share are displayed. | None | This report is comprised of one element: - Table – Provides details on probable owners | - -# File System Solution - -The File Systems Solution is an auditing, compliance, and governance solution for Windows, NAS, -Unix, and Linux file systems. Key capabilities include effective access calculation, data owner -identification, governance workflows including entitlement reviews and self-service access requests, -sensitive data discovery and classification, open access remediation, least-privilege access -transformation, and file activity monitoring. - -File systems and NAS devices contain the vast majority of an organization’s data. Each day, more -data is created and stored in the nooks and crannies of the environment, beyond the sight of the -people charged with managing it and keeping it safe. The File System Solution is designed to gather -information from file systems and shared folders in order to answer questions around data access: - -- Who has access to your data? -- Who is accessing your data? -- What sensitive data is being stored and accessed? - -The File System Solution requires a special Enterprise Auditor license. It can be focused to only -conduct Access Auditing (FSAA), including environments with a Distributed File System (DFS). It can -be enhanced with the Netwrix Activity Monitor to also conduct Activity Auditing (FSAC). -Additionally, the Sensitive Data Discovery Add-On enables the solution to search file content for -sensitive data, or Sensitive Data Discovery Auditing (SEEK). - -Supported Platforms - -- See the - [File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for a full list of supported platforms. - -Requirements, Permissions, and Ports - -- Permissions vary based on the Scan Mode Option selected. See the - [File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information. - -- Ports vary based on the Scan Mode Option selected. See the - [File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -_Remember,_ if employing either of the File System Proxy Mode as a Service scan mode options, it is -also necessary for the Sensitive Data Discovery Add-on to be installed on the server where the proxy -service is installed. - -Location - -The File System Solution requires a special Enterprise Auditor license. It can be installed from the -Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to the solution: -**Jobs** > **FileSystem**. - -The -[0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -collects the data. The other job groups run analysis on the collected data. The -[FileSystemOverview Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -generates a statistical overview report of the targeted file systems. - -**NOTE:** The -[Cleanup Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) -and the -[Resource Based Groups Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md) -require additional licenses to function. See the [Job Groups](#job-groups) topic for additional -information. - -## Job Groups - -The File System Solution offers information on multiple aspects of an organization’s file system -infrastructure. This solution is comprised of eleven job groups and an overview job which collect, -analyze, and report on data as well as run action tasks for environmental remediation. The data -collection is conducted by the FileSystemAccess (FSAA) Data Collector. See the -[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -section for database table information. - -![File System Solution](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -Each type of auditing depends on specific jobs within the 0.Collection Job Group to collect the data -and its corresponding analysis and reporting job groups. The Access Auditing components represent -the core of the File System Solution and are required by the other auditing options, with the -exception of the Sensitive Data Discovery Auditing component which can be run independently. The -data collection query options for each type are explained within the 0.Collection Job Group section. -Additionally, the corresponding analysis and reporting job groups are listed for each auditing type. - -If intending to run three or all auditing types, see each auditing type section within the -0.Collection Job Group section for information on query options and requirements. It is recommended -to first run the 0.Collection Job Group components in the default order for the desired auditing -types to ensure successful data collection, and then to run the desired sub-groups for reports. - -See the -[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md) -topic for additional information on run frequency and job group settings. - -The File System Solution is available with the File System Reports license feature and is comprised -of the following jobs: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Designed to collect information from targeted file servers. Information collected includes - access control information, activity events, and sensitive data. - - This job group is available with the File System license feature. -- [1.Open Access > FS_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Designed to report on Open Access information from targeted file servers -- [2.Direct Permissions Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Designed to report on Direct Permissions information from targeted file servers -- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Designed to report on Broken Inheritance information from targeted file servers -- [4.Content Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/content-analysis.md) - – Designed to report on content information from targeted file servers. Key information reported - on in this group is: File Types, File Sizing, Stale Content, and File Tags. -- [5.Activity Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - – Designed to report on activity event information from targeted file servers - - Requires the Activity Monitor -- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Designed to report on probable owners of resources from targeted file servers -- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Designed to report on resources that have been identified to contain sensitive data from - targeted file servers - - Requires the Sensitive Data Discovery Add-On -- [Ad Hoc Audits Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Designed to report on resources and trustees that have been provided by the user from targeted - file servers - - Typically, this is run independently from the rest of the solution -- [Cleanup Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/cleanup-operations.md) - – Designed to report on and take action against resources from targeted file servers that can be - cleaned up - - Requires the File System Actions license feature to function - - This job group is run independently from the rest of the solution -- [Resource Based Groups Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md) - – Designed to report on and take action against resources from targeted file servers that can be - have their permissions structure transformed to a resource-based group implementation - - Requires the File System Actions and Active Directory Actions license features to function - - This job group is run independently from the rest of the solution -- [FileSystemOverview Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - – Designed to provide an overview of all relevant information from targeted file servers -- [FS_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/file-systems/security-assessment.md) - – Designed to provide a security assessment of all relevant information from targeted file servers - -When targeting Nasuni Edge Appliances, it is necessary to add a job from the Instant Job Library -(FS_Nasuni Job) which uses the PowerShell Data collector to gather system information, volume data, -and share data from the Nasuni environment. This job should be added to the 0.Collection Job Group -and should be renamed (0-FS_Nasuni) to run immediately after the 0-Create Schema Job. See the -[0-FS_Nasuni Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md b/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md deleted file mode 100644 index 956fde4464..0000000000 --- a/docs/accessanalyzer/11.6/solutions/file-systems/recommended-reports.md +++ /dev/null @@ -1,290 +0,0 @@ -# Recommended Configuration for the File System Solution - -The File System Solution has been configured to inherit down from the **FileSystem** > **Settings** -node for most jobs. However, it is a best practice to assign the host list and the Connection -Profile at the data collection level. Once these are assigned to the job, it can be run manually or -scheduled. - -_Remember,_ the credential permissions required for the scan and host lists are affected by the scan -mode selected. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic for additional information. - -Dependencies - -- The .Active Directory Inventory Job Group needs to be executed prior to running the File System - Solution -- File System Proxy deployed to targeted proxy servers (for proxy scanning architecture only) -- Activity Monitor deployed, configured, and services running (for Activity Auditing only) -- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server (for Sensitive - Data Discovery Auditing only) -- Sensitive Data Discovery Add-On installed on the proxy server (for Sensitive Data Discovery - Auditing via proxy scanning architecture only) - -Targeted Hosts - -The host list assignment should be assigned under the **FileSystem** > **0.Collection** > -**[job]** > **Host** node. The list should be a custom created list for the file system environments -to be targeted. Check the box for the custom-created host list. It is necessary for the **…System -Scans** jobs and the corresponding **…Bulk Import** jobs to be set to the same host lists. - -The 0-FSDFS System Scans Job is an exception and is set to the Default domain controller. For -standalone namespaces, modify this host list to target the desired File Systems or Storage -Controllers. - -If targeting Nasuni Edge Appliances, the 0-FS_Nasuni Job needs to be assigned a custom host list -containing all on-premise Nasuni Edge Appliances and cloud filers. - -If using multiple proxy servers, these should also be configured within a different custom-created -host list. Then assign the proxy servers host list on the -[FSAA: Applet Settings](/docs/accessanalyzer/11.6/data-collection/file-systems/configuration.md) -page of the File System Access Auditor Data Collector Wizard within the following jobs in the -0.Collection Job Group according to the type of auditing being conducted: - -- 1-FSAA System Scans Job for Access Auditing -- 1-FSAC System Scans Job for Activity Auditing -- 1-SEEK System Scans Job for Sensitive Data Discovery Auditing - -Windows clusters have special needs when it comes to a host list and the host inventory data. It is -necessary to target the Windows File Server Cluster (name of the cluster) of interest when running a -scan against a Windows File System Cluster. Within the Enterprise Auditor Master Host Table, there -should be a host entry for the cluster as well as for each node. Additionally, each of these host -entries must have the name of the cluster in the WinCluster column in the host inventory data. This -may need to be updated manually. See the -[Host Inventory](/docs/accessanalyzer/11.6/accessanalyzer/admin/settings/hostinventory.md) -topic for additional information. - -**NOTE:** The host targeted by the File System scans is only the host entry for the cluster. For -example, the environment has a Windows File System Cluster named `ExampleCluster1` with three nodes -named `ExampleNodeA`, `ExampleNodeB`, and `ExampleNodeC`. There would be four host entries in the -Enterprise Auditor Master Host Table: `ExampleCluster1`, `ExampleNodeA`, `ExampleNodeB`, and -`ExampleNodeC`. Each of these four entries would have the same value of the cluster name in the -**WinCluster** column: `ExampleCluster1`. Only the `ExampleCluster1` host would be in the host list -targeted by the File System scans. - -In order for the selected scan mode to be applied accurately for the target file system, it is -necessary for host inventory to match the values in the table for OSType: - -| Devices | OSType Value | -| ------- | -------------- | -| Windows | Windows | -| NetApp | NAS | -| Celerra | N/A or Unknown | -| Isilon | NAS | -| Nasuni | NAS | -| ARX | N/A or Unknown | -| UNIX | N/A or Unknown | - -Connection Profile - -The FSAA Data Collector requires permissions based on the platform being targeted for data -collection as well as the scan mode selected. See the -[File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -topic and the -[File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topic for necessary permissions for the supported target platforms. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for the necessary permission for collecting activity data. Then create a custom Connection Profile -containing the appropriate credentials for the targeted environment. - -The Connection Profile should be assigned under the **FileSystem** > **0.Collection** job’s -Properties window on the **Connection** tab. It is set to Use the Default Profile, as configured at -the global settings level. However, since this may not be the Connection Profile with the necessary -permissions for the assigned hosts, click the radio button for the **Select one of the following -user defined profiles** option and select the appropriate Connection Profile drop-down menu. - -_Remember,_ if targeting Nasuni Edge Appliances, the 0-FS_Nasuni Job needs to be assigned a custom -Connection Profile containing the **API Access Key** and **Passcode** for each on-premise Nasuni -Edge Appliance and cloud filer in the target environment. Nasuni API key names are case sensitive. -When providing them, ensure they are entered in the exact same case as generated. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -One of the most important decisions to make is how frequently to collect this data. This is -dependent on the size of the target environment. The FileSystem Solution can be scheduled to run -weekly or as desired depending on the types of auditing being conducted and the scope of the target -environment. - -For example, it may be desired in large environments to run Activity Auditing collection jobs on a -daily basis, but to only run Access Auditing and Sensitive Data Discovery Auditing collection jobs -on a weekly basis followed by the analysis and reporting job groups. - -Run Order - -Whatever schedule frequency may be configured, it is also recommended to streamline the collection -jobs to those desired. The jobs in the 0.Collection Job Group must be run in order for the auditing -type. Run …System Scans jobs and then the corresponding …Bulk Import jobs according to the desired -workflow. - -The other File System Solution sub-job groups can be run in any order, together or individually, -after running the 0.Collection Job Group. The FileSystemOverview Job pulls information from both the -0.Collection Job Group and the other sub-job groups, and the report may contain blank sections if -only select sub-job groups are run. - -**_RECOMMENDED:_** If only conducting one or two types of auditing, scope the solution by disabling -the undesired collection jobs. Disabling them allows the solution to run more efficiently. It is not -recommended to delete any jobs. See the -[Disable or Enable a Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -**NOTE:** If targeting Nasuni Edge Appliances, it is necessary to add the -[0-FS_Nasuni Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -to the **0.Collection** Job Group. - -Query Configuration - -This solution can be run with the default query configuration. However, the most common -customizations include: - -- Use proxy scanning architecture, see the - [File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/11.6/installation/filesystem-proxy/configure.md) - topic for instructions -- Default Scoping Options page > File Properties tab, optionally configure the following: - - - In the Scan for Probable Owner section, limit the number of probable owners to return per - folder - - In the Scan for File Types section, add comma-separated values to limit the file types - returned - - Opt to collect file Microsoft Office metadata tags and add comma-separated values to limit the - metadata tags collected. - - Set on the following **0.Collection** Job Group jobs: - - - **1-FSAA System Scans** Job for Access Auditing - -- Default Scoping Options page > File Details tab, configure the file detail collection - - - By default, file detail scans are disabled - - Select the type of file data to be collected and optionally add filters - - Set on the following **0.Collection** Job Group jobs: - - - **1-FSAA System Scans** Job for Access Auditing - -- Applet Settings page, optionally configure the applet settings: - - - Opt to enable strong proxy affinity (only run scans on last proxy to scan host, unless no - longer in proxy host list) - - Configure the following: - - - Maximum concurrent scans to run on any single applet host - - Maximum waiting time for strong proxy affinity - - Scan cancellation timeout - - - Set on the following **0.Collection** Job Group jobs: - - - **1-FSAA System Scans** Job for Access Auditing - - **1-FSAC System Scans** Job for Activity Auditing - - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing - -- Scan Server Selection page, set the type of mode the scans will run on - - - The mode configured must align with the provisioning of the credential and environment. See - the - [File System Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic and the - [File System Supported Platforms](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information. - - Local Mode – All of the data collection processing is conducted by the Enterprise Auditor - Console server across the network - - Applet Mode – The File System applet is deployed to the target host when the job is executed - to conduct data collection. The data is collected on the Windows target host where the applet - is deployed. The final step in data collection is to compress and transfer the data collected - in the SQLite databases, or Tier 2 databases, back to the Enterprise Auditor Console server. - If the target host is a NAS device, the File System scans default to local mode for that host. - - Proxy Mode with Applet – The File System applet is deployed to the Windows proxy server when - the job is executed to conduct data collection. The data collection processing is initiated by - the proxy server where the applet is deployed and leverages a local mode-type scan to each of - the target hosts. The final step in data collection is to compress and transfer the data - collected in the SQLite databases, or Tier 2 databases, back to the Enterprise Auditor Console - server. - - Proxy Mode as a Service – The File System Proxy Service must be installed on the Windows proxy - servers prior to executing the scans. The data collection processing is conducted by the proxy - server where the service is running and leverages a local mode-type scan to each of the target - hosts. The final step in data collection is to compress and transfer the data collected in the - SQLite databases, or Tier 2 databases, back to the Enterprise Auditor Console server. The - credential granted rights to interact with the service must be included in the assigned - Connection Profile. - - Set on the following **0.Collection** Job Group jobs: - - - **1-FSAA System Scans** Job for Access Auditing - - **1-FSAC System Scans** Job for Activity Auditing - - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing - -- Default Scoping Options page > Scan Settings tab, configuring the subfolder depth - - - Recommendation (allows for a proper assessment on runtime for the targeted environment): - - - For first time execution, recommend setting to 0 - - For second execution, recommend setting to 2 - - Then set to the desired depth. - - - Set on the following **0.Collection** Job Group jobs: - - - **1-FSAA System Scans** Job for Access Auditing - - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing - -- SDD Criteria Settings page, scope to scan for specific criteria or customizing criteria for - Sensitive Data Discovery Auditing - - - Set on the **0.Collection** > **1-SEEK System Scans** Job - -- Activity Settings page, configure data retention period - - - Recommendation to run with default setting of 60 days - - Set on the **0.Collection** > **1-FSAC System Scans** Job for Activity Auditing - -Analysis Configuration - -This solution should be run with the default analysis configuration. Most of these analysis tasks -are preconfigured and should not be modified or deselected. There are a few which are deselected by -default, as they are for troubleshooting purposes. - -Though the analysis tasks should not be deselected, the following parameters can be modified: - -- The .Active Directory Inventory Solution defines large groups, deeply nested groups, stale users, - and users with large tokens. These parameters can be customized and are applicable to any - solution, including File System, which incorporate this analyzed data into further analysis. - - - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks - -- Activity Exception parameters which identify potential security concerns - - - Customize within **0.Collection** > **3-FSAC Exceptions** Job analysis tasks - -- Broken inheritance is defined by default to only analyze resources with changed permissions from - parent - - - Customize within **3.Broken Inheritance** > **FS_BrokenInheritance** Job analysis task - -- Probable owner calculations include folder depth parameters - - - Customize within **6.Probable Owner** > **FS_ProbableOwner** Job analysis task - - **NOTE:** Changes to an exception’s definition will impact all jobs dependent upon that - exception as well as all AIC Active Directory Exceptions reports. - -There are also a few Notification analysis tasks which can be configured and then enabled in the -following jobs: - -- **5.Activity** > **Forensics** > **FS_Deletions** Job -- **5.Activity** > **Forensics** > **FS_PermissionChanges** Job -- **5.Activity** > **Suspicious Activity** > **FS_HighestHourlyActivity** Job - -Please see the appropriate topics for details on these tasks. - -Additional Consideration - -The Ad Hoc Audits Job Group is designed to work independent from the rest of the solution, but it is -dependent upon the 0.Collection Job Group. The jobs are scoped to specific shares and trustees -within an analysis task. - -The jobs contained in the group use custom SQL scripts to render views on collected data. SQL views -are used to populate report element tables and graphs. Changing or modifying the group, job, or -table names result in no data displayed within the reports or the AIC. - -_Remember,_ it is recommended to scope the 0.Collection Job Group to only include the collection -components desired by disabling the undesired collection jobs. Disabling them allows the solution to -run more efficiently. It is not recommended to delete any jobs. diff --git a/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md b/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md deleted file mode 100644 index f071029616..0000000000 --- a/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md +++ /dev/null @@ -1,725 +0,0 @@ -# FS_ResourceBasedGroupAICImport Job - -The FS_ResorceBasedGroupsAICImport Job imports resources and access groups from the -FS_ResoureBasedGroup Job into the Netwrix Access Information Center. This job assigns ownership in -the Access Information Center and then assigns resource groups. This step is required if it is -desired to change access through entitlement reviews, self-service, or for publishing resources to -IAM. - -## Recommended Configurations for the FS_ResourceBasedGroupsAICImport Job - -Dependencies - -- The **FS_ResourceBasedGroups** job must be successfully run prior to running this job -- The **.Active Directory Inventory** > **1-AD_Scan** job must be successfully run prior to running - this job -- The **File System** > **0.Collection** > **1-FSAA System Scans** job must be successfully run - prior to running this job -- The **File System** > **0.Collection** > **2-FSAA Bulk Import** job must be successfully run prior - to running this job - -Targeted Hosts - -None - -Schedule Frequency - -This job group can be scheduled to run as desired. Throughout this document reference to executing a -job refers to either manual execution or scheduled execution, according to the needs of the -organization. See the -[Scheduling the Resource Based Groups Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md#scheduling-the-resource-based-groups-job-group) -topic for additional information. - -History Retention - -Not supported - -Workflow - -**Step 1 –** Run the following jobs: - -- FS_ResourceBasedGroups -- .Active Directory Inventory > 1-AD_Scan -- File System > 0.Collection > 1-FSAA System Scans -- File System > 0.Collection > 2-FSAA Bulk Import - -**Step 2 –** Run the FS_ResourceBasedGroupsAICImport job. - -- See the [Run the FS_ResourceBasedGroupsAICImportJob](#run-the-fs_resourcebasedgroupsaicimportjob) - topic for additional information - -**Step 3 –** Review the newly-created resource based groups in the AIC. - -- See the - [Review the New Resource Based Groups in the AIC](#review-the-new-resource-based-groups-in-the-aic) - topic for additional information - -## Run the FS_ResourceBasedGroupsAICImportJob - -Now that the target environment follows a Resource Based Groups model, the new resources can be -imported into the Access Information Center. Follow the steps to import the new resources into the -AIC Ownership Workflow. - -**CAUTION:** It is important to run the .Active Directory Inventory Job Group and **File System** > -**0. Collection** Job Group again so that the AD and permissions changes are captured by Enterprise -Auditor. - -**Step 1 –** Run the **.Active Directory Inventory** Job Group and **FileSystem** > **0.Collection** -Job Group again. - -**Step 2 –** Right click the **FS_ResourceBasedGroupsAICImport** job and select **Run Job**. - -The newly created resource based groups are imported to the AIC. The Owner and Access Groups have -been assigned to the resources by the import process. The AIC can now be used to manage these -resources through Entitlement Reviews, Ad hoc owner changes, and the Self Service access portal. - -## Review the New Resource Based Groups in the AIC - -Use the Access Information Center **Manage Resource Ownership** to review the imported resources. -These resources with the assigned reviewers will now be in the Manage Owners table on the Resource -Owners interface. The next step is to confirm ownership through the Entitlement Review workflow and -the Self-Service Access Requests workflow. See the Resource Review and Access Requests topics in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -# FS_ResourceBasedGroups Job - -The FS_ResourceBasedGroups Job is designed to report on and take action against resources from -targeted file servers that can have their permissions structure transformed to a resource-based -group implementation. - -## Workflow - -**Step 1 –** Ensure that there is up-to-date **.Active Directory Inventory** Job Group data. - -**Step 2 –** Ensure that there is up-to-date **FileSystem** > **0.Collection** Job Group data. - -**Step 3 –** (Optional) Configure a Host List for the job at the job level. - -**NOTE:** If a host list is not configured, this job will analyze and commit actions on every File -System server known to Enterprise Auditor. To scope the actions to target specific servers, -configure a host list at the job level to target only those servers. - -**Step 4 –** Model the intended changes: - -- Configure the Analyze Group Permissions analysis task -- Verify that all actions are disabled - - **CAUTION:** Do not make configuration changes to the analysis tasks after reviewing and - approving the Change Modeling report - -- Execute the analysis tasks to generate the Change Modeling report and review the proposed changes -- See the [Model Intended Changes](#model-intended-changes) topic for additional information - -**Step 5 –** Configure and execute Active Directory actions: - -- Configure and enable the Create Groups action task -- Configure and enable the Update Members action task -- Execute the Active Directory actions -- See the Configure & Execute Active Directory Action Tasks topic for additional information - -**Step 6 –** Execute File System actions: - -- Allow an appropriate grace period for token refresh prior to executing File System action tasks, - for example one week -- Disable the Active Directory action tasks -- Enable the File System action tasks -- Execute the File System action tasks -- See the [Execute File System Action Tasks](#execute-file-system-action-tasks) topic for additional - information - -**Step 7 –** Analyze and report on action history: - -- Disable all action tasks. -- Generate the Action History report and review it. -- See the [Analyze and Report on Action History](#analyze-and-report-on-action-history) topic for - additional information - -Additional Options - -**Step 8 –** (Optional) Create and apply permissions for traverse groups based on previous resource -based groups. See the -[FS_TraverseGroups Job](/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md) -topic for additional information. - -**Step 9 –** (Optional) Import resources and access groups from the FS_ResoureBasedGroup Job into -the Netwrix Access Information Center. See the -[FS_ResourceBasedGroupAICImport Job](/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md) -topic for additional information. - -## Model Intended Changes - -Prior to executing the actions to apply changes, the proposed changes can be modeled and reviewed to -determine if the parameters are configured as desired. - -### Configure the Analyze Group Permissions Analysis Task - -The Analyze Group Permissions analysis task in the FS_ResourceBasedGroups Job contains parameters -for group permissions that should be configured and then reviewed in the Change Modeling report. -View the analysis tasks by navigating to the **Jobs** > **FileSystem** > **ResourceBasedGroups** > -**FS_ResourceBasedGroups** > **Configure** node and select **Analysis**. - -![Analyze Group Permissions analysis task in the FS_ResourceBasedGroups Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbganalysis.webp) - -- Analyze Group Permissions – Creates the FS_ResourceBasedGroups_NewACLs table accessible under the - job’s Results node. - - - This analysis task contains configurable parameters: #SA_Job_Hosts, @levels_down, - @naming_convention, @add_admin_groups, #folders, @activity_filter. - -Configure the following parameters. See the -[SQLscripting Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/scripting.md) -topic for additional information. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------------- | --------------------------- | ---------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Analyze Group Permissions | #SA_Job_Hosts | | List of hosts that are associated with the job. The job acts against these hosts. Review the host list. If the host list requires updating, update the host list at the job level | -| Analyze Group Permissions | @levels_down | 0 | Number of levels down from share to root to assign permissions | -| Analyze Group Permissions | @naming_convention | FS*[HostName]*[ShareName]_[FolderName]_[Permissions] | Naming convention for resource based groups | -| Analyze Group Permissions | @add_admin_groups | 1 | Add full control admin groups. 1=true. 0=false. | -| Analyze Group Permissions | @admin_groups | | ObjectSIDs of admin groups to add to every share if @add_admin_groups = 1 | -| Analyze Group Permissions | #folders | | List of folders to assign RBG to. Overrides @levels_down. | -| Analyze Group Permissions | @activity_filter | 1000 | Filter out users with last activity older than X days ago. Will filter out users who have not accessed the folder within the specified threshold. If activity records show the user has never accessed the folder, users will still be included in resource based groups. | - -### Execute the Analysis Tasks - -Execute the analysis tasks to generate the Change Modeling report and review the proposed changed -prior to executing the actions to apply the changes. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Change Modeling | This report shows proposed changes of access for the targeted folders. | None | This report is comprised of three elements: - Pie Chart – Displays a proposed access changes summary - Table – Provides details on proposed access changes by share - Table – Provides details on access modification | - -The Change Modeling report should be used to gain acceptance on the following areas before -implementing the changes: - -- Group Naming Conventions -- Cases of Changed Access - -Access changes occur in the following cases: - -- The user is granted full access, but is not a member of the administrator group specified in the - analysis parameters -- The user is granted less access, but is a member of the administrator group specified in the - analysis parameters -- The user has not used access within the timeframe configured in the analysis parameters - -Follow the steps to model the proposed changes. - -**Step 1 –** Make sure all of the analysis tasks are enabled. - -**CAUTION:** Prior to executing the analysis tasks, make sure that all action tasks are disabled. -The purpose at this point is only to model the intended changes. - -**Step 2 –** In the Configure node, select **Actions** and make sure that all of the action tasks -are disabled. - -**Step 3 –** Right click on the **Resource Based Groups** folder and select **Run Group**. This will -generate the Change Modeling report. - -- Wait for the queued jobs to execute. - -**Step 4 –** In the **FS_ResourceBasedGroups** node, navigate to **Results** > **Change Modeling** -to review the proposed changes prior to executing the actions to apply the changes. - -The Change Modeling report has been created for review. Ensure the modeled changes are approved -before continuing with implementing them. - -## Configure & Execute Active Directory Action Tasks - -**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and -approved. The approved modeled changes are implemented through the execution of the action tasks. - -The Active Directory action tasks create and populate resource based groups. The Create Groups and -Update Members action tasks must be updated to specify a Target OU for group creation prior to -enabling and executing the actions. It should also be verified that these action tasks are targeting -the same domain controller. - -View the action tasks by navigating to the **Jobs** > **FileSystem** > **Resourced Based Groups** > -**FS_ResourceBasedGroups** > **Configure** node and select **Actions**. - -![Active Directory Action Tasks](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp) - -There are the following two Active Directory action tasks: - -- Create Groups – Creates resource based groups -- Update Members – Adds members to the resource based groups based on permissions - -It is recommended to review the tables used by the actions prior to executing the actions. The -actions act upon the data within the following tables: - -- FS_ResourceBasedGroups_GroupsToCreate -- FS_ResourceBasedGroups_NewACLs - -The actions populate the Create Groups and Update Members tables, which can be viewed under the -job’s Results node. The FS_ResourceBasedGroups Job will run analysis tasks against these tables. - -### Configure & Enable the Create Groups Action Task - -Follow the steps to configure the Create Groups action task. - -**Step 1 –** Select the action and click **Action Properties**. - -**Step 2 –** On the Action Properties page, click **Configure Action**. - -**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Create Groups page. - -![AD Action Module Wizard Create Groups page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/creategroups.webp) - -**Step 4 –** In the OU box, select the OU where the groups will be created. - -**Step 5 –** Navigate to the Options page and verify that the domain controller used to create -groups is the same domain controller used in the Update Members action task. It is a best practice -to identify the domain controller that is closest to the file server and use that domain controller. - -**Step 6 –** Navigate to the Summary page and click **Finish**. - -**Step 7 –** On the Action Selection page, select the Create Groups action's checkbox to enable it. - -The Create Groups action is configured. - -### Configure & Enable the Update Members Action Task - -Follow the steps to configure the Create Groups action task. - -**Step 1 –** Select the action task and click **Action Properties**. - -**Step 2 –** On the Action Properties page, click **Configure Action**. - -**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Group Membership page. - -![AD Action Module Wizard Groups Membership page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp) - -**Step 4 –** On the Create Groups page, **Target Group by OU** is selected by default. In the OU -box, select the target OU. - -**Step 5 –** Navigate to the Options page and verify that the domain controller used to create -groups is the same domain controller used in the Create Groups action task. It is a best practice to -identify the domain controller that is closest to the file server and use that domain controller. - -**Step 6 –** Navigate to the Summary page and click **Finish**. - -**Step 7 –** On the Action Selection page, select the Update Members action's checkbox to enable it. - -The Update Members action is configured. - -### Execute Active Directory Action Tasks - -Make sure that the File System actions are deselected and execute the Active Directory action tasks. -The Create Groups action creates the resource based groups. The Update Members action populates -those groups. - -Enabled action tasks can be manually executed at the Actions node. Action tasks can be scheduled -only at the job level. - -Follow the steps to execute the AD actions. - -**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and -approved. The approved modeled changes are implemented through the execution of the action tasks. - -**_RECOMMENDED:_** Disable the analysis tasks. It is not necessary to collect the data again. - -**Step 1 –** On the Action Selection page, enable the **Create Groups** and **Update Members** -actions. - -**Step 2 –** Right-click on the **Resource Based Groups** folder and select **Run Group**. - -- Wait for the queued jobs to execute. - -The resource based groups are created and populated. - -## Execute File System Action Tasks - -**CAUTION:** Prior to executing the File System action tasks, allow a grace period, for example one -week. This is important for token refresh to occur as users log off and log on again. - -The File System actions modify folder permissions and break inheritance. The Modify Permissions and -Break Inheritance actions modules do not require any configuration. - -View the action tasks by navigating to the **Jobs** > **FileSystem** > **Resourced Based Groups** > -**FS_ResourceBasedGroups** > **Configure** node and select **Actions**. - -![File System action tasks](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp) - -There are the following two File System action tasks: - -- Modify Permissions – Modifies folder permissions -- Break Inheritance – Breaks inheritance and remove all previous permissions - -It is recommended to review the tables used by the actions prior to executing the actions. The -actions act upon the data within the following table: - -- FS_ResourceBasedGroups_GroupsToCreate - -The actions populate the Modify Permissions and Break Inheritance tables, which can viewed under the -job’s Results node. The FS_ResourceBasedGroups Job will run analysis tasks against these tables. - -Follow the steps to execute the FS actions. - -**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and -approved. The approved modeled changes are implemented through the execution of the action tasks. - -**Step 1 –** On the Action Selection page, disable the **Create Groups** and **Update Members** -actions. - -**Step 2 –** Enable the **Modify Permissions** and **Break Inheritance** actions. - -**Step 3 –** Right-click on the **Resource Based Groups** folder and select **Run Group**. - -- Wait for the queued jobs to execute. - -The File System action tasks assign all of the newly-created groups to File System resources with -the configured permissions. All other permissions will have been removed from the resources. - -## Analyze and Report on Action History - -The Action History report generated by the job shows all actions taken on each share for audit trail -purposes. - -| Report | Description | Default Tags | Report Elements | -| -------------- | --------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------- | -| Action History | This report shows all actions taken on each share for audit trail purposes. | None | This report is comprised of one element: - Table – This table provides details on the actions taken on each share | - -Follow the steps to analyze and report on action history. - -**CAUTION:** Disable all of the action tasks prior to generating the Action History report. - -**Step 1 –** On the Action Selection page, disable the **Modify Permissions** and **Break -Inheritance** actions. Make sure all of the action tasks are disabled. - -**Step 2 –** On the Analysis Selection page, enable the **Create view for action status** and -**Summarize Access Changes** analysis tasks. - -**Step 3 –** Run the job to generate the Action History report and review the actions taken on each -share. - -The organization of the users and their permissions now follows a least privileged access (resource -based groups) model. - -# FS_TraverseGroups Job - -The **FS_TraverseGroups** Job can be used to create and apply permissions for traverse groups based -on previous resource based groups. This job would be used in the case where the folder to which -resource based groups permissions are applied is not the root share folder, or at the root of the -share. This job prevents users from losing the ability to navigate through the directory structure -if the folder is nested. The FS_TraverseGroups Job must be installed from the Instant Job library. -See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -## Recommended Configurations for the FS_TraverseGroups Job - -Dependencies - -- The **FS_ResourceBasedGroups** job must be successfully run prior to running this job - -Targeted Hosts - -- None – If targeting all file servers known to Enterprise Auditor -- Scope the actions to a host list – If targeting specific file servers - -Schedule Frequency - -This job can be scheduled to run as desired. Throughout this document reference to executing a job -refers to either manual execution or scheduled execution, according to the needs of the -organization. See the -[Scheduling the Resource Based Groups Job Group](/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md#scheduling-the-resource-based-groups-job-group) -topic for additional information. - -History Retention - -Not supported - -Workflow - -**Step 1 –** Run the **FS_ResourceBasedGroups** job. - -**Step 2 –** Configure a Host List for the job at the job level. - -**NOTE:** If a host list is not configured, this job will analyze and commit actions on every File -System server known to Enterprise Auditor. To scope the actions to target specific servers, -configure a host list at the job level to target only those servers. - -**Step 3 –** Configure and execute analysis tasks. - -- Configure the Create Groups analysis task -- Execute the analysis tasks -- See the Configure & Execute Analysis Tasks topic for additional information - -**Step 4 –** Configure and execute Active Directory action task. - -- Configure & Enable the Create Groups action task -- Execute the Create Groups action task -- See the Configure & Execute Active Directory Action Task topic for additional information - -**Step 5 –** Execute File System action task. - -- Allow an appropriate grace period for token refresh prior to executing File System action task, - for example one week -- Disable the Active Directory action task -- Enable the Modify Permissions action task -- Execute the Modify Permissions action task -- See the [Execute File System Action Task](#execute-file-system-action-task) topic for additional - information - -**Step 6 –** Generate and review the List Traverse Group Changes report. - -- See the - [Generate the List Traverse Group Changes Report](#generate-the-list-traverse-group-changes-report) - topic for additional information - -## Configure & Execute Analysis Tasks - -Prior to executing the action tasks, configure and execute the analysis tasks. - -### Configure the Create Groups Analysis Task - -View the analysis tasks by navigating to the place in the Jobs tree where the Traverse Groups job -was installed from the Instant Jobs library. Then go to the **FS_TraverseGroups** > **Configure** -node and select **Analysis**. The Create Groups analysis task contains an analysis parameter that -should be configured to set the naming convention for list groups. - -![FS_TraverseGroups analysis tasks](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp) - -The job has the following analysis tasks: - -- Create Groups – Creates the FS_ListTraverseGroups_NewGroups table accessible under the job’s - Results node - - - This analysis task contains a configurable parameter: @naming_convention - -- Show Table – Displays the FS_ListTraverseGroups_NewPermissions table accessible under the job’s - Results node -- Show Table – Displays the FS_ListTraverseGroups_NewGroups table accessible under the job’s Results - node - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------- | --------------------------- | --------------------------------------------- | --------------------------------- | -| Create Groups | @naming_convention | FS*[HostName]*[ShareName]\_[FolderName]\_List | Naming convention for list groups | - -For instructions on configuring analysis parameters, see the -[SQLscripting Analysis Module](/docs/accessanalyzer/11.6/analysis-and-actions/analysis/scripting.md) -topic. - -### Execute Analysis Tasks - -Once the Create Groups analysis task has been configured, execute the analysis tasks. The analysis -tasks are selected by default. Follow the steps to execute the analysis tasks. - -**Step 1 –** Make sure all of the analysis tasks are enabled. - -**CAUTION:** Prior to executing the analysis tasks, make sure that all action tasks are disabled. -The purpose at this point is only to create the required traversal tables. - -**Step 2 –** In the Configure node, select **Actions** and make sure that all of the action tasks -are disabled. - -**Step 3 –** Right click on the **FS_TraverseGroups** job and select **Run Job**. This will generate -the Change Modeling report. - -- Wait for the queued jobs to execute. - -The analysis tasks create the required traversal tables accessible under the job’s Results node. - -## Configure & Execute Active Directory Action Task - -The Active Directory action tasks create and populate resource based groups. The Create Groups -action tasks must be updated to specify a Target OU for group creation prior to enabling and -executing the actions. It should also be verified that the action tasks are targeting the same -domain controller. View the actions by navigating to the place in the Jobs tree where the Traverse -Groups job was installed from the Instant Jobs library. Then go to the **FS_TraverseGroups** > -**Configure** node and select **Actions**. The Create Groups action task must be configured to -specify the OU for group creation. - -**_RECOMMENDED:_** It is recommended to execute the actions one at a time and in order as opposed to -running the entire job group with the actions enabled. - -![FS_TraverseGroups action tasks](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseactions.webp) - -There are the following action tasks: - -- Create Groups – Create groups and add resource based groups -- Modify Permissions – Add list groups - -It is recommended to review the tables used by the actions prior to executing the actions. For -instructions on configuring action tables, see the Configure & Enable the Create Groups Action Task -topic. The actions act upon the data within the following tables: - -- FS_ListTraverseGroups_NewGroups -- FS_ListTraverseGroups_NewPermissions - -These tables can be viewed under the job’s Results node. The FS_TraverseGroups Job will run analysis -tasks against these tables. - -### Configure & Enable the Create Groups Action Task - -Follow the steps to configure the Create Groups action task. - -**Step 1 –** Select the action and click **Action Properties**. - -**Step 2 –** On the Action Properties page, click **Configure Action**. - -**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Create Groups page. - -![AD Action Module Wizard Create Groups page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/creategroups.webp) - -**Step 4 –** In the OU box, select the OU where the groups will be created. - -**Step 5 –** Navigate to the Options page and verify that the domain controller used to create -groups is the same domain controller used in the Update Members action task. - -**Step 6 –** Navigate to the Summary page and click **Finish**. - -### Execute Active Directory Action Task - -The Create Groups action creates the resource based groups. Enabled action tasks can be manually -executed at the Actions node. Action tasks can be scheduled only at the job level. Follow the steps -to create the resource based groups. - -**Step 1 –** On the Action Selection page, enable the **Create Groups** action task. - -**Step 2 –** Right-click on the **FS_TraverseGroups** job and select **Run Job**. - -- Wait for the queued job to execute - -The resource based groups are created and populated. - -## Execute File System Action Task - -Once the Create Groups action has been executed, the Modify Permissions action can be executed. -Follow the steps to execute the action. - -**CAUTION:** Prior to executing the File System action tasks, allow a grace period, for example one -week. This is important for token refresh to occur as users log off and log on again. - -**Step 1 –** On the Action Selection page, disable the **Create Groups** action task. - -**Step 2 –** Enable the **Modify Permissions** action task. - -**Step 3 –** Right-click on the **FS_TraverseGroups** job and select Run Job. - -- Wait for the queued job to execute. - -The Modify Permissions action task assigns all of the newly-created groups to File System resources -with the configured permissions. All other permissions will have been removed from the resources. - -## Generate the List Traverse Group Changes Report - -The Generate the List Traverse Group Changes report displays a list of changes made in the -environment by the action modules. - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | -| List Traverse Group Changes | This report shows a list of changes made in the environment by the action modules. | None | This report is comprised of one elements: - Table – This table provides details on the changes made to the environment by the action modules | - - Follow the steps to analyze and report on action history. - -**CAUTION:** Disable all of the action tasks prior to generating the List Traverse Group Changes -report. - -**Step 1 –** On the Action Selection page, disable the **Modify Permissions** action task. Make sure -all of the action tasks are disabled. - -**Step 2 –** On the Analysis Selection page, enable the **Create Groups** and both **Show Table** -analysis tasks. - -**Step 3 –** Run the job to generate the Action History report and review the actions taken on each -share. - -The permissions for traverse groups are applied based on the previously created resource based -groups. Users retain access to nested folders. - -# Resource Based Groups Job Group - -The Resource Based Groups Job Group will transform permissions on specified folders to a resource -based groups model. The jobs which comprise the Resource Based Groups Job Group use the Active -Directory Action Module to create resource based groups and populate resource based groups -membership. The jobs use the File System Action Module to modify folder permissions and break -inheritance. - -## Prerequisites - -Action modules are available with a special Enterprise Auditor license. In order to use the Resource -Based Groups workflow, the following Enterprise Auditor licensing components are required: - -- File System Feature -- File System Reports Add-on -- File System Actions Add-on -- Active Directory Actions Add-on - -The following job groups must be successfully run prior to using this workflow: - -- .Active Directory Inventory Job Group -- FileSystem > 0.Collection Job Group - -## Location - -The **File System** > **Resource Based Groups** Job Group is a separately licensed component of the -Enterprise Auditor File System solution set. Typically this job group is added during installation, -but it can be installed from the Instant Job Wizard. - -![Resource Based Groups Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > **FileSystem** > -**Resource Based Groups**. - -The FS_TraverseGroups Job and the FS_ResourceBasedGroupsAICImport Job must be installed from the -Instant Job library. See the -[Instant Job Wizard](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -## Jobs - -The Resource Based Groups Job Group will transform permissions on specified folders to a resource -based groups model. - -![Job Group Overview page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The following jobs comprise the Resource Based Groups Job Group: - -- [FS_ResourceBasedGroups Job](/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md) - – This job will transform permission on specified folders to a resource based groups model -- [FS_TraverseGroups Job](/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md) - – (Optional) This job can be used to create and apply permissions for traverse groups based on - previous resource based groups. The FS_TraverseGroupsJob must be added from the Instant Job - Library in order to be used. -- [FS_ResourceBasedGroupAICImport Job](/docs/accessanalyzer/11.6/solutions/file-systems/resource-based-groups.md) - – (Optional) This job imports resources and access groups from the FS_ResoureBasedGroup Job into - the Netwrix Access Information Center. The FS_ResourceBasedGroupsAICImport Job must be added from - the Instant Job Library to be used. - -## Recommended Configurations for the Resource Based Groups Job Group - -Dependencies - -- The **.Active Directory Inventory** Job Group must be successfully run prior to running this job -- The **FileSystem** > **0.Collection** Job Group must be successfully run prior to running this job - -Targeted Hosts - -- None – If targeting all file servers known to Enterprise Auditor -- Scope the actions to a host list – If targeting specific file servers - -Schedule Frequency - -This job group can be scheduled to run as desired. Throughout this document reference to executing a -job refers to either manual execution or scheduled execution, according to the needs of the -organization. See the -[Scheduling the Resource Based Groups Job Group](#scheduling-the-resource-based-groups-job-group) -topic for additional information. - -History Retention - -Not supported - -## Scheduling the Resource Based Groups Job Group - -Netwrix recommends that the job be run by a scheduled task with an unlimited timeout to ensure the -job will not be aborted when an interactive session is ended due to logoff (a logoff based on -inactivity is common in enterprise environments). Netwrix also recommends that the job only be -scheduled for discrete one-time runs so that results may be reviewed after each execution. See the -[Schedule Jobs](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/scheduling.md#schedule-jobs) -topic for additional information. - -Throughout this document reference to executing a job refers to either manual execution or scheduled -execution, according to the needs of the organization. diff --git a/docs/accessanalyzer/11.6/solutions/file-systems/security-assessment.md b/docs/accessanalyzer/11.6/solutions/file-systems/security-assessment.md deleted file mode 100644 index 0199bd0b56..0000000000 --- a/docs/accessanalyzer/11.6/solutions/file-systems/security-assessment.md +++ /dev/null @@ -1,52 +0,0 @@ -# FS_SecurityAssessment Job - -The FS_SecurityAssessment job is designed to provide a security assessment of all relevant -information from targeted file servers. It is dependent upon the following jobs: - -- 2.Direct Permissions Job Group - - - [FS_LocalUsersAndGroups Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - - [FS_NestedShares Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - - [FS_SIDHistory Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - -- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) -- 5.Activity Job Group - - - [Least Privileged Access > FS_LeastPrivilegedAccess Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - - Security > - [FS_HighRiskActivity Job](/docs/accessanalyzer/11.6/solutions/file-systems/activity-monitoring.md) - -- 7.Sensitive Data Job Group - - - [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/11.6/solutions/file-systems/permissions-analysis.md) - -If only select sub-job groups have been run, there are blank sections in the overview report. - -![FS_SecurityAssessment Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/securityassessmentjobstree.webp) - -The FS_SecurityAssessment job is comprised of analysis and reports which use the data collected by -the 0.Collection job group and analyzed by the jobs listed above. - -## Analysis Task for the FS_SecurityAssessment Job - -View the analysis tasks by navigating to the **FileSystem** > **FS_SecurityAssessment** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the FS_SecurityAssessment Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/securityassessmentanalysis.webp) - -The following analysis tasks are selected by default: - -- Assess Risk – Creates the SA_FS_SecurityAssessment_Details table accessible under the job’s - Results node -- Summary – Creates the SA_FS_SecurityAssessment_Summary table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis task, the FS_SecurityAssessment job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ---------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Security Assessment | This report identifies common issues and vulnerabilities across your file systems. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of four elements: - Table – Provides details of the scan Scope - Pie Chart – Provides details of findings by risk - Table – Provides details of findings by category - Table – Provides a summary of risk assessment details | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/fs_deletions.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/fs_deletions.md new file mode 100644 index 0000000000..91c41c5ffb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/fs_deletions.md @@ -0,0 +1,94 @@ +# FS_Deletions Job + +The FS_Deletions job is designed to report on deletion activity event information from targeted file +servers. + +## Analysis Tasks for the FS_Deletions Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Forensics** > +**FS_Deletions** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_Deletions Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/deletionsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create deletions view – Creates the SA_FSAC_DeletesView view accessible under the job’s + Results node +- 2. Last 30 Days – Creates the SA_FS_Deletions_Last30Days table accessible under the job’s + Results node +- 3. Trend – Creates the SA_FS_Deletions_TrendOverTime table accessible under the job’s Results + node +- 4. Create view to alert - Past 24 hours – Creates the SA_FS_Deletions_Notification_NOTIFICATION + table accessible under the job’s Results node +- 6. Raw Details – Creates the SA_FS_Deletions_Details view accessible under the job’s Results + node + +The Notification analysis task is an optional analysis task which requires configuration before +enabling it. The following analysis task is deselected by default: + +- 5. Notify on large number of deletes – Alerts when large number of deletions have occurred + + - Add recipients, notification subject, and email content + - See the [Configure the Notification Analysis Task](#configure-the-notification-analysis-task) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the FS_Deletions job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------- | +| File and Folder Deletions (Deletion Events) | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Line Chart– Displays the last 30 Days - Table – Provides details on deletions | + +### Configure the Notification Analysis Task + +A Notification analysis task sends email notification to recipients when the job is executed. It +requires the global **Notification** settings to be configured (**Settings** > **Notifications**) +for SMTP server information, but it uses the recipient list provided through the analysis task. +Follow the steps to configure a notification analysis task. + +**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. + +**Step 2 –** In the Analysis Selection view, select the Notification analysis task and click +**Analysis Configuration** . The Notification Data Analysis Module wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Notification Data Analysis Module wizard SMTP page](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/notificationsmtp.webp) + +**Step 3 –** Navigate to the SMTP page of the wizard. + +![Recipients section](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp) + +**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully +qualified address) for those who are to receive this notification. Multiple addresses can be +provided. You can use the following options: + +- Add – Add an email address to the E-mail field +- Remove – Remove an email address from the Recipients list +- Combine multiple messages into single message – Sends one email for all objects in the record set + instead of one email per object to all recipients + + **_RECOMMENDED:_** Leave the **Combine multiple messages into single message** option selected. + +![Message section](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp) + +**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any +parameters. Then, customize the email content in the textbox to provide an explanation of the +notification to the recipients. + +**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. The Notification Data Analysis Module wizard closes. + +**Step 7 –** This Notification analysis task is now configured to send emails to the provided +recipient list. In the Analysis Selection view, select this task so that notifications can be sent +automatically during the execution of the job. + +_Remember,_ all of the analysis tasks should remain in the default order indicated by the numbering. +Do not deselect any of the SQLscripting analysis tasks. + +Once the Notification analysis task is configured and enabled alerts are sent when the trigger has +been identified by this job. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/fs_permissionchanges.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/fs_permissionchanges.md new file mode 100644 index 0000000000..affc5adcdd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/fs_permissionchanges.md @@ -0,0 +1,52 @@ +# FS_PermissionChanges Job + +The FS_PermissionChanges job is designed to report on permission change activity event information +from targeted file servers. + +## Analysis Tasks for the FS_PermissionChanges Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Forensics** > +**FS_PermissionChanges** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_PermissionChanges Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/permissionchangesanalysis.webp) + +The following analysis tasks are selected by default: + +- 0. Create Permission Change Events Table – Creates an interim processing table in the database + for use by downstream analysis and report generation +- 1. Create Permission Changes Table and View – Creates the SA_ENG_PermissionChangesView view + accessible under the job’s Results node +- 2. Last 30 Days – Creates the SA_FS_PermissionChanges_Last30Days table accessible under the + job’s Results node +- 3. Trend – Creates the SA_FS_PermissionChanges_TrendOverTime table accessible under the job’s + Results node +- 4. Create view to notify on - By user, per share, for the past 24 hours – Creates the + SA_FS_PermissionChanges_Notification_NOTIFICATION table accessible under the job’s Results + node +- 6. Raw Details – Creates the SA_FS_PermissionChanges_Details view accessible under the job’s + Results node +- 7. High risk permission changes – Creates the SA_FS_PermissionChanges_HighRisk table accessible + under the job’s Results node +- 8. High risk permission changes summary – Creates the SA_FS_PermissionChanges_HighRiskSummary + table accessible under the job’s Results node + +The Notification analysis task is an optional analysis task which requires configuration before +enabling it. The following analysis task is deselected by default: + +- 5. Alert on Permission Changes – Alerts when permission changes have occurred + + - Add recipients, notification subject, and email content + - See the + [Configure the Notification Analysis Task](/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/fs_deletions.md#configure-the-notification-analysis-task) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the FS_PermissionChanges job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | +| High Risk Changes | This report highlights successful permission changes performed on a high risk trustee. The line chart shows data for the past 30 days only. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Line Chart– Displays last 30 days of high risk changes - Table – Provides details on high risk changes | +| Permission Changes | This report identifies all resources where successful permission changes have occurred. The line chart shows data for the past 30 days only. | None | This report is comprised of two elements: - Line Chart– Displays last 30 days of permission changes - Table – Provides details on permission changes | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/overview.md new file mode 100644 index 0000000000..7f5888df83 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/overview.md @@ -0,0 +1,20 @@ +# Forensics Job Group + +The Forensics job group is designed to report on forensic related activity event information from +targeted file servers. + +![Forensics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The Forensics job group is comprised of: + +- [FS_Deletions Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/fs_deletions.md) + – Designed to report on deletion activity event information from targeted file servers + + - Includes a Notification analysis task option + - Requires **Access Auditing** component data collection + +- [FS_PermissionChanges Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/fs_permissionchanges.md) + – Designed to report on permission change activity event information from targeted file servers + + - Includes a Notification analysis task option + - Requires **Access Auditing** component data collection diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/fs_leastprivilegedaccess.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/fs_leastprivilegedaccess.md new file mode 100644 index 0000000000..19ddae2b8b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/fs_leastprivilegedaccess.md @@ -0,0 +1,49 @@ +# Least Privileged Access > FS_LeastPrivilegedAccess Job + +The FS_LeastPrivilegedAccess job is designed to report on activity event information that can assist +in identifying least privilege from targeted file servers. It identifies where trustees are not +leveraging their permissions to resources from targeted file servers. Requires **Access Auditing** +component data collection. + +![Least Privileged Access > FS_LeastPrivilegedAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp) + +The FS_LeastPrivilegedAccess job is located in the Least Privileged Access job group. + +## Analysis Tasks for the FS_LeastPrivilegedAccess Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Least Privileged +Access** > **FS_LeastPrivilegedAccess** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_LeastPrivilegedAccess Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Join Activity Data to Share – Creates the SA_FS_LeastPrivilegedAccess_ActivityByShare table + accessible under the job’s Results node +- 2. Get Effective Share Access for all Shares with Activity – Creates the + SA_FS_LeastPrivilegedAccess_EffectiveShareAccess table accessible under the job’s Results + node +- 3. Compare Users activity to access – Creates the SA_FS_LeastPrivilegedAccess_Comparision table + accessible under the job’s Results node +- 4. Summarize Comparison by Share – Creates an interim processing table in the database for use + by downstream analysis and report generation +- 5. Rollup by Share - Pie Chart – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 6. Summarize Entitlement Usage - Enterprise Wide – Creates interim processing tables in the + database for use by downstream analysis and report generation +- 7. Recommend Changes to Group ACLs – Creates the SA_FS_LeastPrivilegedAccess_RecommendedChanges + table accessible under the job’s Results node +- 8. Resource Based Groups – Creates the SA_FS_LeastPrivilegedAccess_ResourceGroups table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_LeastPrivilegedAccess job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Overprovisioning Risk by Share | This report identifies shares with the largest amount of unutilized entitlements and assigns a risk rating to each one. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – Displays shares by overprovisioning risk - Table – Provides details on shares by overprovisioning risk | +| Overprovisioning Summary | This report shows the percentage of all entitlements which are being used. An entitlement refers to one user's access to one folder. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – entitlements by level of usage - Table – Provides details on entitlements | +| Remediation | If all members of a group are not using their full access, then modification to group permissions on the share will be suggested here. | None | This report is comprised of one element: - Table – Provides details on recommended changes to permissions | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/overview.md new file mode 100644 index 0000000000..caa6eca733 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/overview.md @@ -0,0 +1,21 @@ +# 5.Activity Job Group + +The 5.Activity job group is designed to report on activity event information from targeted file +servers. + +![5.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 5.Activity job group is comprised of: + +- [Forensics Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/overview.md) + – Designed to report on forensic related activity event information from targeted file servers +- [Least Privileged Access > FS_LeastPrivilegedAccess Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/fs_leastprivilegedaccess.md) + – Designed to report on activity event information that can assist in identifying least privilege + from targeted file servers +- [Security Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/overview.md) + – Designed to report on security related activity event information from targeted file servers +- [Suspicious Activity Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/overview.md) + – Designed to report on potentially suspicious activity event information from targeted file + servers +- [Usage Statistics Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/overview.md) + – Designed to report on usage statistics from targeted file servers diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_adminactvity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_adminactvity.md new file mode 100644 index 0000000000..4e7afb7c99 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_adminactvity.md @@ -0,0 +1,39 @@ +# FS_AdminActvity Job + +The FS_AdminActivity job is designed to report on administrator related activity event information +from targeted file servers. + +## Analysis Tasks for the FS_AdminActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > +**FS_AdminActivity** > **Configure** node and select Analysis. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_AdminActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/adminactivityanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create Admin Activity View – Creates an interim processing view in the database for use by + downstream analysis and report generation +- 2. Effective Access to Locations with Admin Activity – Creates an interim processing table in + the database for use by downstream analysis and report generation +- 3. Suspicious Admin Activity – Creates the SA_FS_AdminActivity_SuspiciousActivity table + accessible under the job’s Results node +- 4. Operations Overview – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 5. Rank admins by activity – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 6. Pivot Admin Activity for Details Report – Creates an interim processing table in the database + for use by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the FS_AdminActivity job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------- | ---------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Administrator Activity Details | This report shows the details of administrator activity on file shares. | None | This report is comprised of one element: - Table – Provides details on last 30 days of administrator activity | +| Administrator Activity Overview | This report identifies the types of actions administrators are performing across your network. | None | This report is comprised of two elements: - Pie Chart – Displays last 30 days of administrator activity - Table – Provides details on types of actions | +| Most Active Administrators | This report ranks administrators by number of shares they have activity in. | None | This report is comprised of two elements: - Bar Chart – Displays last 30 days of administrator activity - Table – Provides details on administrator activity | +| Suspicious Admin Activity | This report highlights all administrator reads in shares where they do not have access. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table – Provides details on last 30 days of administrator activity | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_highriskactivity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_highriskactivity.md new file mode 100644 index 0000000000..75e7480638 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_highriskactivity.md @@ -0,0 +1,31 @@ +# FS_HighRiskActivity Job + +The FS_HighRiskActivity job is designed to report on high risk activity event information from +targeted file servers. + +## Analysis Tasks for the FS_HighRiskActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > +**FS_HighRiskActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_HighRiskActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/highriskactivityanalysis.webp) + +- 0. Drop Tables – Drops tables from previous runs +- 1. Analyze for High Risk Activity – Creates the SA_FS_HighRiskActivity_HighRiskUserActivity + table accessible under the job’s Results node +- 2. Pivot High Risk Activity – Creates the SA_FS_HighRiskActivity_HighRiskDetails table + accessible under the job’s Results node +- 3. Summarize Share Activity – Creates the SA_FS_HighRiskActivity_ShareSummary table accessible + under the job’s Results node +- 4. Global User Activity – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the FS_HighRiskActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| High Risk Activity | High Risk Activity is any action performed by a user who has access to a particular resource only through a High Risk Trustee (for example, Everyone, Authenticated Users, or Domain Users). Unless action is taken, these users will lose access once the open access is remediated. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays last 30 days of activity - Table – Provides details on activity by user - Table – Provides details on activity by share | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_localuseractivity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_localuseractivity.md new file mode 100644 index 0000000000..9da2724634 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_localuseractivity.md @@ -0,0 +1,26 @@ +# FS_LocalUserActivity Job + +The FS_LocalUserActivity job is designed to report on local user activity event information from +targeted file servers. + +## Analysis Tasks for the LocalUserActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > +**FS_LocalUserActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the LocalUserActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/localuseractivityanalysis.webp) + +- 1. Local User Activity Details – Creates the SA_FS_LocalUserActivity_Details table accessible + under the job’s Results node +- 2. Top Local User Accounts – Creates the SA_FS_LocalUserActivity_TopUsers table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_LocalUserActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ---------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Local User Activity | This report identifies local accounts with file system activity. | None | This report is comprised of two elements: - Bar Chart – Displays top local user account activity (last 30 days) - Table – Provides details on local user activity | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/overview.md new file mode 100644 index 0000000000..2591c09f7c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/overview.md @@ -0,0 +1,22 @@ +# Security Job Group + +The Security job group is designed to report on security related activity event information from +targeted file servers. + +![Security Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The Security Job Group is comprised of: + +- [FS_AdminActvity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_adminactvity.md) + – Designed to report on administrator related activity event information from targeted file + servers + + - Requires **Access Auditing** component data collection + +- [FS_HighRiskActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_highriskactivity.md) + – Designed to report on high risk activity event information from targeted file servers + + - Requires **Access Auditing** component data collection + +- [FS_LocalUserActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_localuseractivity.md) + – Designed to report on local user activity event information from targeted file servers diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_deniedactivity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_deniedactivity.md new file mode 100644 index 0000000000..58e97677a0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_deniedactivity.md @@ -0,0 +1,26 @@ +# FS_DeniedActivity Job + +The FS_DeniedActivity job is designed to report on denied activity event information from targeted +file servers. + +## Analysis Tasks for the FS_DeniedActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_DeniedActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_DeniedActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp) + +The following analysis tasks are selected by default: + +- Denied Activity Hourly Summary – Creates the SA_FS_DeniedActivity_HourlySummary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_DeniedActivity job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Denied Activity | This report highlights high periods of denied user activity during the past 30 days. | None | This report is comprised of two elements: - Bar Chart – Displays top denied periods for the last 30 days - Table – Provides details on denied activity | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_highesthourlyactivity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_highesthourlyactivity.md new file mode 100644 index 0000000000..388ef7bfcd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_highesthourlyactivity.md @@ -0,0 +1,42 @@ +# FS_HighestHourlyActivity Job + +The FS_HighestHourlyActivity job is designed to report on the highest hourly activity event +information from targeted file servers broken down by user. + +## Analysis Tasks for the FS_HighestHourlyActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_HighestHourlyActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_HighestHourlyActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp) + +The following analysis task is selected by default: + +- Users Ranked – Creates the SA_FS_HighestHourlyActivity_UsersRanked table accessible under the + job’s Results node + +The following analysis task is deselected by default: + +- Create notifications view – Restores the SA_FS_HighestHourlyActivity_Last24Hours_NOTIFICATION view + to be visible under the job’s Results node + +The Notification analysis task is an optional analysis task which requires configuration before +enabling it. The following analysis task is deselected by default: + +- Hour Activity Notification – Alerts when large amounts of activity for a user have occurred within + an hour + + - Add recipients, notification subject, and email content + - See the + [Configure the Notification Analysis Task](/docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/fs_deletions.md#configure-the-notification-analysis-task) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the FS_HighestHourlyActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------ | +| Unusual User Activity | This report identifies user accounts and time ranges where there was the largest and widest amount of activity across the file system. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal user activity - Table – Provides details on hourly user activity | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_hourlyshareactivity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_hourlyshareactivity.md new file mode 100644 index 0000000000..8f061157f7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_hourlyshareactivity.md @@ -0,0 +1,26 @@ +# FS_HourlyShareActivity Job + +The FS_HourlyShareActivity job is designed to report on the highest hourly activity event +information from targeted file servers broken down by share. + +## Analysis Tasks for the FS_HourlyShareActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_HourlyShareActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_HourlyShareActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp) + +The following analysis task is selected by default: + +- Summarize hourly norms and deviations – Creates the SA_FS_HourlyShareActivity_Deviations table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_HourlyShareActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------- | +| Unusual Share Activity | This report will show any outliers in hourly share activity, broken down by day of week and hour. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal share activity - Table – Provides details on share activity | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_modifiedbinaries.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_modifiedbinaries.md new file mode 100644 index 0000000000..50e1a7389c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_modifiedbinaries.md @@ -0,0 +1,29 @@ +# FS_ModifiedBinaries Job + +The FS_ModifiedBinaries job is designed to report on activity event information where binaries were +modified from targeted file servers. + +## Analysis Tasks for the FS_ModifiedBinaries Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_ModifiedBinaries** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_ModifiedBinaries Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp) + +The following analysis task is selected by default: + +- Summarize modifications to binaries + + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_FS_ModifiedBinaries_Summary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_ModifiedBinaries job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | +| First Time Binary Modifications | This report highlights recent instances where users have modified binaries for the first time. | None | This report is comprised of two elements: - Bar Chart – Displays first time binary modifications by host - Table – Provides details on modified binaries | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_peergroupactivity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_peergroupactivity.md new file mode 100644 index 0000000000..f2c60d65c6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_peergroupactivity.md @@ -0,0 +1,24 @@ +# FS_PeerGroupActivity Job + +The FS_PeerGroupActivity job is designed to report on abnormal activity event information based on +peer group analysis from targeted file servers. + +## Analysis Tasks for the FS_PeerGroupActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_PeerGroupActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_PeerGroupActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp) + +- Summarize Hourly Norms and Deviations – Creates the SA_FS_PeerGroupActivity_Details table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_PeerGroupActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------- | +| Unusual Peer Group Activity | This report highlights unusual periods of activity based on peer group analysis. When a user accesses an abnormal amount of data from outside of their own department, the failure of separation of duties can indicate a security threat. | None | This report is comprised of one element: - Table – Provides details on abnormal peer group activity | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_ransomware.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_ransomware.md new file mode 100644 index 0000000000..5039423811 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_ransomware.md @@ -0,0 +1,34 @@ +# FS_Ransomware Job + +The FS_Ransomware job is comprised of analysis and reports which use the data collected by the +**0.Collection** job group to provide information on periods of time in which users are responsible +for an abnormally high number of updates. This can be indicative of ransomware. Additionally, +activity involving files which are known as ransomware artifacts is highlighted. + +## Analysis Tasks for the FS_Ransomeware Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_Ransomware** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_Ransomeware Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp) + +The following analysis tasks are selected by default: + +- Summarize Hourly Norms and Deviations – Creates the SA_FS_Ransomware_Details table accessible + under the job’s Results node +- Summarize activity on known ransomware artifacts + + - Creates the SA_FS_Ransomware_Artifacts table accessible under the job’s Results node + - Creates an interim processing table in the database for use by downstream analysis and report + generation + +In addition to the tables and views created by the analysis tasks, the FS_Ransomware job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Ransomware Activity | This report summarizes Add or Rename activity involving known ransomware artifacts. | None | This report is comprised of three elements: - Bar Chart – Displays top ransomware patterns - Table – Provides details on ransomware activity - Table – Provides summary of ransomware by pattern | +| Unusual Write Activity (Ransomware) | This report highlights periods of abnormally high update activity involving shared resources. This can be indicative of ransomware attacks. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal update activity - Table – Provides details on abnormal update activity | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_sensitivedataactivity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_sensitivedataactivity.md new file mode 100644 index 0000000000..702d8f4a4e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_sensitivedataactivity.md @@ -0,0 +1,26 @@ +# FS_SensitiveDataActivity Job + +The FS_SensitiveDataActivity job is designed to report on activity event information on resources +identified to contain sensitive information from targeted file servers. + +## Analysis Tasks for the FS_SensitiveDataActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_SensitiveDataActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_SensitiveDataActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp) + +The following analysis tasks are selected by default: + +- Summarize Hourly Norms and Deviations – Creates the SA_FS_SensitiveDataActivity_Details table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_SensitiveDataActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ------------------------------------------------------------------------------------ | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Sensitive Data Activity | This report highlights periods of abnormally high activity involving sensitive data. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays abnormal sensitive data activity - Table – Provides details on sensitive data activity | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_stalefileactivity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_stalefileactivity.md new file mode 100644 index 0000000000..3778e4d31d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_stalefileactivity.md @@ -0,0 +1,24 @@ +# FS_StaleFileActivity Job + +The FS_StaleFileActivity job is designed to report on user activity event information involving +stale files from targeted file servers. + +## Analysis Tasks for the FS_StaleFileActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_StaleFileActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_StaleFileActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp) + +- Summarize Hourly Norms and Deviations – Creates the SA_FS_StaleFileActivity_Details table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_StaleFileActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | -------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Stale File Activity | This report highlights periods of abnormally high activity involving stale shared resources. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal stale file activity - Table – Provides details on abnormal stale file activity | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_usershareactivity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_usershareactivity.md new file mode 100644 index 0000000000..704b9e09b2 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_usershareactivity.md @@ -0,0 +1,29 @@ +# FS_UserShareActivity Job + +The FS_UserShareActivity job is designed to report on normal user activity within a share from +targeted file servers. + +## Analysis Tasks for the FS_UserShareActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_UserShareActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_UserShareActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp) + +- Track Latest Activity Per User Per Share – Creates the SA_FS_UserShareActivity_LatestActivity + table accessible under the job’s Results node +- Average days since last Access – Creates the SA_FS_UserShareActivity_ShareSummary table accessible + under the job’s Results node +- New Access Last Week – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis tasks, the FS_UserShareActivity job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| First Time Share Activity by User | This report shows the last date that a user accessed a share, ordered by the oldest activity. This lack of access may indicate unused permissions. | None | This report is comprised of two elements: - Bar Chart – Displays shares with new users accessing data - past 7 days - Table – Provides details on first time share access | +| Longest Inactivity | This report shows which users have returned to a share after the longest periods of inactivity. | None | This report is comprised of one element: - Table – Provides details on user share activity | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_weekendactivity.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_weekendactivity.md new file mode 100644 index 0000000000..3b2e4edf4b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_weekendactivity.md @@ -0,0 +1,30 @@ +# FS_WeekendActivity Job + +The FS_WeekendActivity job is comprised of analysis and reports which use the data collected by the +**0.Collection** job group to provide information on weekend file server activity and the user +accounts which perform the most weekend activity. Best practices often dictate monitoring of weekend +activity for potential security concerns. + +## Analysis Tasks for the FS_WeekendActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_WeekendActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_WeekendActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp) + +The following analysis tasks are selected by default: + +- Weekend Activity – Creates the SA_FS_WeekendActivity_Details table accessible under the job’s + Results node +- User Summary – Creates the SA_FS_WeekendActivity_UserSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the FS_WeekendActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------- | ------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Weekend Activity (Most Active Users on Weekend) | This report shows users who are active on the weekend inside file shares. | None | This report is comprised of two elements: - Bar Chart – Displays weekend share activity - top 5 users - Table – Provides details on weekend share activity by user | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/overview.md new file mode 100644 index 0000000000..1b80e307e8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/overview.md @@ -0,0 +1,65 @@ +# Suspicious Activity Job Group + +The Suspicious Activity job group is designed to report on potentially suspicious activity event +information from targeted file servers. + +![Suspicious Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The Suspicious Activity job group is comprised of: + +- [FS_DeniedActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_deniedactivity.md) + – Designed to report on denied activity event information from targeted file servers + + - Requires **Access Auditing** component data collection + + [FS_HighestHourlyActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_highesthourlyactivity.md) + – Designed to report on the highest hourly activity event information from targeted file servers + broken down by user + + - Includes a Notification analysis task option + - Requires **Access Auditing** component data collection + +- [FS_HourlyShareActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_hourlyshareactivity.md) + – Designed to report on the highest hourly activity event information from targeted file servers + broken down by share + + - Requires **Access Auditing** component data collection + +- [FS_ModifiedBinaries Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_modifiedbinaries.md) + – Designed to report on activity event information where binaries were modified from targeted file + servers + + - Requires **Access Auditing** component data collection + +- [FS_PeerGroupActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_peergroupactivity.md) + – Designed to report on abnormal activity event information based on peer group analysis from + targeted file servers + + - Requires **Access Auditing** component data collection + - Requires Ownership be assigned within the Access Information Center. See the Resource Owners + Overview topic in the + [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) + for additional information. + +- [FS_Ransomware Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_ransomware.md) + – Designed to report on potential ransomware activity event information based on file extensions + and large number of modified file events from targeted file servers +- [FS_SensitiveDataActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_sensitivedataactivity.md) + – Designed to report on activity event information on resources identified to contain sensitive + information from targeted file servers + + - Requires **Access Auditing** component data collection + - Requires **Sensitive Data Discovery Auditing** component data collection + +- [FS_StaleFileActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_stalefileactivity.md) + – Designed to report on user activity event information involving stale files from targeted file + servers +- [FS_UserShareActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_usershareactivity.md) + – Designed to report on normal user activity within a share from targeted file servers + + - Requires **Access Auditing** component data collection + +- [FS_WeekendActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/fs_weekendactivity.md) + – Designed to report on activity events that occur over the weekend from targeted file servers + + - Requires **Access Auditing** component data collection diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_groupusage.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_groupusage.md new file mode 100644 index 0000000000..ea42bb6f84 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_groupusage.md @@ -0,0 +1,28 @@ +# FS_GroupUsage Job + +The FS_GroupUsage job is designed to report on group usage from targeted file servers. + +## Analysis Tasks for the FS_GroupUsage Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage +Statistics** > **FS_GroupUsage** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_GroupUsage Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp) + +The following analysis task is selected by default: + +- 1. Identify Last Time a Group was used for Access + + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_FS_GroupUsage_DaysSinceUse view accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_GroupUsage job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | ------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------ | +| Stale Groups | This report identifies the last possible time a group was used for providing file system access. | None | This report is comprised of two elements: - Bar Chart – Displays top unused groups - Table – Provides details on unused groups | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_mostactiveservers.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_mostactiveservers.md new file mode 100644 index 0000000000..690b5394e4 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_mostactiveservers.md @@ -0,0 +1,25 @@ +# FS_MostActiveServers Job + +The FS_MostActiveServers job is designed to report on the most active servers within an environment. + +## Analysis Task for the FS_MostActiveServers Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage +Statistics** > **FS_MostActiveServers** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the FS_MostActiveServers Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp) + +The following analysis task is selected by default: + +- Last 30 Days – Creates the SA_FS_MostActiveServers_Last30Days table accessible under the job’s + Results node + +In addition to the table and views created by the analysis task, the FS_MostActiveServers job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active Servers – Last 30 Days | This report identifies the top servers for the past 30 days. [Read], [Add], [Update], [Delete], [Permission Change], [Rename] fields reflect the number of unique operations of each type that was performed in that server for this time frame. Unique Folders are the number of distinct folders that have had activity during the time frame. | None | This report is comprised of two elements: - Bar Chart – Displays most active servers - Table – Provides details on most active servers | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_mostactiveusers.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_mostactiveusers.md new file mode 100644 index 0000000000..d4b05e110f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_mostactiveusers.md @@ -0,0 +1,25 @@ +# FS_MostActiveUsers Job + +The FS_MostActiveUsers job is designed to report on the most active users within an environment. + +## Analysis Tasks for the FS_MostActiveUsers Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage +Statistics** > **FS_MostActiveUsers** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_MostActiveUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp) + +The following analysis task is selected by default: + +- Last 30 Days – Creates the SA_FS_MostActiveUsers_Last30Days table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis task, the FS_MostActiveUsers job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active Users – Last 30 Days | This report identifies the top users for the past 30 days. [Read], [Add], [Update], [Delete], [Permission Change], [Rename] fields reflect the number of unique operations of each type that was performed by the user for this time frame. Unique Folders are the number of distinct folders that have had activity during the time frame. | None | This report is comprised of two elements: - Bar Chart – Displays top users by operation count - Table – Provides details on the most active users | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_staleshares.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_staleshares.md new file mode 100644 index 0000000000..d349f02cd7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_staleshares.md @@ -0,0 +1,31 @@ +# FS_StaleShares Job + +The FS_StaleShares job is designed to report on stale shares from targeted file servers. + +## Analysis Tasks for the FS_StaleShares Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage +Statistics** > **FS_StaleShares** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_StaleShares Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Find Date of last Activity + + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_FS_StaleShares_LastActivityPivot view accessible under the job’s Results node + +- 2. Find Shares with no Recorded Activity – Creates the SA_FS_StaleShares_NoRecordedActivity + table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_StaleShares job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | ------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------ | +| Stale Shares | This report identifies the last date there was activity on a share. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 stale shares - Table – Provides details on stale shares | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/overview.md new file mode 100644 index 0000000000..a41ef617eb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/overview.md @@ -0,0 +1,21 @@ +# Usage Statistics Job Group + +The Usage Statistics job group is designed to report on usage statistics from targeted file servers. + +![Usage Statistics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The Usage Statistics job group is comprised of: + +- [FS_GroupUsage Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_groupusage.md) + – Designed to report on group usage from targeted file servers + + - Requires **Access Auditing** component data collection + +- [FS_MostActiveServers Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_mostactiveservers.md) + – Designed to report on the most active servers within an environment +- [FS_MostActiveUsers Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_mostactiveusers.md) + – Designed to report on the most active users within an environment +- [FS_StaleShares Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/fs_staleshares.md) + – Designed to report on stale shares from targeted file servers + + - Requires **Access Auditing** component data collection diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/fs_shareaudit.md b/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/fs_shareaudit.md new file mode 100644 index 0000000000..0e21d27832 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/fs_shareaudit.md @@ -0,0 +1,43 @@ +# FS_ShareAudit Job + +The FS_ShareAudit Job is designed to report on shares from targeted file servers based on user +input. + +## Analysis Tasks for the FS_ShareAudit Job + +View the analysis tasks by navigating to the FileSystem > Ad Hoc Audits > FS_ShareAudit > Configure +node and select Analysis. + +**CAUTION:** Do not modify or deselect the last three selected analysis tasks. The analysis tasks +are preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/shareauditanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Identify Selected Shares – Creates the SA_FS_ShareAudit_ShareSummary table accessible under + the job’s Results node + - Parameter is blank by default. + - #UNC parameter must be configured by clicking Analysis Configuration with this task selected + then selecting the #UNC table in the SQL Script Editor window and clicking **Edit Table**. + - This brings up the Edit Table window where the user can manually enter UNC paths of each + share to be audited or upload a CSV file containing one row for each share to be audited. + See the + [SQLscripting Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/sqlscripting.md) + section for additional information. + - List one shared folder per row, using the format: \\HOST\SHARE. +- 2. Direct Permissions – Creates the SA_FS_ShareAudit_DirectPermissions table accessible under + the job’s Results node +- 3. Calculate Effective Access – Creates the SA_FS_ShareAudit_ShareAccess table accessible under + the job’s Results node +- 4. Identify Broken Inheritance + - Creates a temporary table in the database for use by downstream analysis and report + generation. + - Creates the SA_FS_ShareAudit_UniqueTrustees table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the FS_ShareAudit Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | -------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Share Audit | This report displays permission information for the selected shares. | None | This report is comprised of four elements: - Table – Provides details on selected shares - Table – Provides details on permissions - Table – Provides details on effective access - Table – Provides details on broken inheritance | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/fs_trusteepermissions.md b/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/fs_trusteepermissions.md new file mode 100644 index 0000000000..2b09babf0b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/fs_trusteepermissions.md @@ -0,0 +1,32 @@ +# FS_TrusteePermissions Job + +The FS_TrusteePermissions Job is designed to report on trustees from targeted file servers based on +user input. + +## Analysis Tasks for the FS_TrusteePermissions Job + +View the analysis tasks by navigating to the FileSystem > Ad Hoc Audits > FS_TrusteePermissions > +Configure node and select Analysis. + +**CAUTION:** Do not modify or deselect the second selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Find Trustee Information – Creates the SA_FS_TrusteePermissions_TrusteeSummary table + accessible under the job’s Results node. + - Parameter is blank by default. + - `#Trustees` parameter must be configured using the Edit Table option. + - List one trustee per row, using the format: DOMAIN\Name. + - See the Customize Analysis Parameters topic for additional information. +- 2. Find Permission Source – Creates the SA_FS_ShareAudit_TrusteePermissions table accessible + under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the FS_TrusteePermissions Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | +| Trustee Permissions Audit | This report provides an overview of the access sprawl across the environment for the select trustee(s). | None | This report is comprised of two elements: - Bar Chart – Displays summary of trustees - Table – Provides details on trustee permissions | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/overview.md new file mode 100644 index 0000000000..410cf87b99 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/overview.md @@ -0,0 +1,23 @@ +# Ad Hoc Audits Job Group + +The Ad Hoc Audits Job Group is designed to report on resources and trustees that have been provided +by the user from targeted file servers. + +The Ad Hoc Audits Job Group tables and reports are blank if the CSV file is not modified to contain +the required information before job execution. + +**_RECOMMENDED:_** Run these jobs independently of the solution. + +![Ad Hoc Audits Job Group](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The Ad Hoc Audits Job Group is comprised of: + +- [FS_ShareAudit Job](/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/fs_shareaudit.md) + – Designed to report on shares from targeted file servers based on user input +- [FS_TrusteePermissions Job](/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/fs_trusteepermissions.md) + – Designed to report on trustees from targeted file servers based on user input + +For both of these jobs, the host list is set to Local host at the job level. The assigned Connection +Profile needs to have rights on the Enterprise Auditor Console server to access the CSV file saved +in the job's directory. The Connection Profile can be set at either the Ad Hoc Audits > Settings > +Connection node (applies to both jobs) or in the job's Properties window on the Connection tab. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/fs_deletefiles.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/fs_deletefiles.md new file mode 100644 index 0000000000..88a44e95f2 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/fs_deletefiles.md @@ -0,0 +1,69 @@ +# FS_DeleteFiles Job + +The FS_DeleteFiles job is designed to delete resources from targeted file servers that were +previously quarantined and can be deleted. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The FS_DeleteFiles job has the following configurable parameter: + +- Number of days without access after which a file is a deletion candidate + +See the +[Customizable Analysis Tasks for the FS_DeleteFiles Job](#customizable-analysis-tasks-for-the-fs_deletefiles-job) +topic for additional information. + +## Analysis Tasks for the FS_DeleteFiles Job + +Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_DeleteFiles Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp) + +The following analysis tasks are selected by default: + +- Determine candidates for deletion – Creates the SA_FS_Delete_CandidatesView table accessible under + the job’s Results node + + - The threshold for the number of days without access after which a file becomes a candidate for + deletion can be configured. See the [Parameter Configuration](#parameter-configuration) topic + for additional information. + +### Customizable Analysis Tasks for the FS_DeleteFiles Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| --------------------------------- | --------------------------- | ------------- | ----------------------------------------------------------------------------------------- | +| Determine candidates for deletion | @DELETE_THRESHOLD | 180 | Set the number of days without access after which a file becomes a candidate for deletion | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions to modify parameters. + +## Action Tasks for the FS_DeleteFiles Job + +Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles** > **Configure** +node and select **Actions** to view the action tasks. + +**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +![Action Tasks for the FS_DeleteFiles Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/deletefilesaction.webp) + +The following actions are deselected by default: + +- Delete files – Deletes files that are listed as candidates for deletion in the + FS_Delete_CandidatesView table. The threshold for the number of days without access after which a + file becomes a candidate for deletion can be configured through the **Determines candidates for + deletion** analysis task. + + - See the [Parameter Configuration](#parameter-configuration) topic for additional information diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/fs_deletefiles_status.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/fs_deletefiles_status.md new file mode 100644 index 0000000000..7b5a1b0de1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/fs_deletefiles_status.md @@ -0,0 +1,28 @@ +# FS_DeleteFiles_Status Job + +The FS_DeleteFiles_Status job is designed to report on deleted resources from targeted file servers +that were deleted from the FS_DeleteFiles job. See the +[FS_DeleteFiles Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/fs_deletefiles.md) topic +for additional information. + +## Analysis Tasks for the FS_DeleteFiles_Status Job + +Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles_Status** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_DeleteFiles_Status Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp) + +The following analysis task is selected by default: + +- Summarize file deletion actions – Creates the SA_FS_Delete_Status_Summary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_DeleteFiles_Status job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| File Deletions | This report summarizes file deletions which have occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of file deletions - Table – provides details on file deletions | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/overview.md new file mode 100644 index 0000000000..15a5924856 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/overview.md @@ -0,0 +1,30 @@ +# 4. Delete Job Group + +The 4. Delete job group is designed to report on and take action against resources from targeted +file servers that can be deleted. + +![4. Delete Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +This job group includes the following jobs: + +- [FS_DeleteFiles Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/fs_deletefiles.md) + – Designed to delete resources from targeted file servers that were previously quarantined and can + be deleted +- [FS_DeleteFiles_Status Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/fs_deletefiles_status.md) + – Designed to report on deleted resources from targeted file servers that were deleted from the + DeleteFiles job + +Workflow + +The following is the recommended workflow for using the job group: + +**Step 1 –** **Prerequisite:** Successfully execute the following job groups: + +- .Active Directory Inventory +- File System > 0.Collection +- File System > Cleanup > 3. Quarantine + +**Step 2 –** Schedule the 4. Delete job group to run as desired after the prerequisites have +completed. + +**Step 3 –** Review the reports generated by the 4. Delete job group. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/fs_cleanupassessment.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/fs_cleanupassessment.md new file mode 100644 index 0000000000..6aef1c4fd1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/fs_cleanupassessment.md @@ -0,0 +1,138 @@ +# 1. Cleanup Assessment > FS_CleanupAssessment Job + +The FS_CleanupAssessment job is designed to report on and assess the status of target file servers +that can be cleaned up. + +To include share ownership information in the analyses, populate the SA_AIC_ResourceOwnersView prior +to running this job. This view populates when you assign owners to resources through the Access +Information Center Manage Owners page. See the Resource Owners topics in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +![1. Cleanup Assessment > FS_CleanupAssessment Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The FS_CleanupAssessment job is located in the 1. Cleanup Assessment job group. + +Workflow + +The following is the recommended workflow for using the job group: + +**Step 1 –** **Prerequisite:** Successfully execute the following job groups: + +- .Active Directory Inventory +- File System > 0.Collection + +**Step 2 –** Schedule the 1. Cleanup Assessment job group to run as desired after the prerequisites +have completed. + +**Step 3 –** Review the reports generated by the 1. Cleanup Assessment group. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The FS_CleanupAssessment job has the following configurable parameters: + +- Number of days after which a resource’s LastModified timestamp classifies it as stale +- If 1, LastModified will be used to calculate staleness. If 0, LastAccessed will be used. +- UNC Paths of folders to exclude from staleness consideration (recursive) +- Lower bound for files to be included in the FileDetails table (by LastModfied, in days) +- Upper bound for files to be included in the FileDetails table (by LastModfied, in days) + +See the +[Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) +topic for additional information. + +## Analysis Tasks for the FS_CleanupAssessment Job + +Navigate to the **FileSystem** > **Cleanup** > **1. Cleanup Assessment** > +**FS_CleanupAssessment** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_CleanupAssessment Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp) + +The following analysis tasks are selected by default: + +- Create file-level view – Creates the SA_FS_CleanupView table accessible under the job’s Results + node. + + - See the [Include Metadata Tag Information](#include-metadata-tag-information) topic for + instructions on how to include metadata tag information in this table + - Has 3 configurable parameters. See the + [Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) + topic for additional information. + +- Create file-level details table – Creates the SA_FS_CleanupAssessment_FileDetails table accessible + under the job’s Results node + + - Has 2 configurable parameters. See the + [Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) + topic for additional information. + +- Summarize share-level information – Creates the SA_FS_CleanupAssessment_ShareDetails table + accessible under the job’s Results node +- Summarize host-level information – Creates the SA_FS_CleanupAssessment_HostDetails table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_CleanupAssessment job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | +| File System Cleanup - Files | This report highlights file-level cleanup information | None | This report is comprised of two elements: - Pie Chart – Displays enterprise stale file breakdown - Table – Provides details on files | +| File System Cleanup - Hosts | This report highlights host-level cleanup information | None | This report is comprised of two elements: - Stacked Chart – Displays top hosts by stale file percentage - Table – Provides details on hosts | +| File System Cleanup - Shares | This report highlights share-level cleanup information | None | This report is comprised of two elements: - Stacked Chart – Displays top shares by stale file percentage - Table – Provides details on shares | + +### Customizable Analysis Tasks for the FS_CleanupAssessment Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------------------- | --------------------------- | ------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------- | +| Create File-Level View | @STALE_THRESHOLD | 365 | Set the number of days after which a resource’s Last Modified timestamp classifies it as stale | +| @USE_LAST_MODIFIED | 1 | If set to 1, Last Modified will be used to calculate staleness. If set to 0, Last Access will be used. | | +| #FOLDERS_TO_EXCLUDE | BLANK | Specify which UNC Paths of folders to exclude from staleness consideration | | +| Create File Level Details Table | @MIN_STALE_THRESHOLD | 730 | Set the lower bound of the files to be included in the FileDetails table (by Last Modfied, in days) | +| @MAX_STALE_THRESHOLD | 365 | Set the upper bound of the files to be included in the FileDetails table (by Last Modfied, in days) | | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions to modify parameters. + +### Include Metadata Tag Information + +To include metadata tag information in the SA_FS_CleanupView table, the **FileSystem** > +**0.Collection** > **1-FSAA System Scans** job needs configuring to use the required option. Follow +the steps to enable the option on the File Detail Scan Settings page of the File System Scan query. + +**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAA System Scans** > +**Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the **File System Scan** query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor +Data Collector Wizard opens. + +![File Details tab of the FSAA Data Collector Wizard Default Scoping Options page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp) + +**Step 4 –** Navigate to the **Default Scoping Options** page and click the **File Details** tab. + +![Options to select on File Details tab](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/includemetadatatagoptions.webp) + +**Step 5 –** On the File Details tab, select the **Scan file-level details** option, and then select +the **Collect tags/keywords from file metadata properties** option. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +**Step 6 –** Navigate to the **Scoping Queries** page of the File System Access Auditor Data +Collector Wizard and click Finish to save the changes and close the wizard. + +Metadata Tag Information will now be included in the SA_FS_CleanupView table the next time the +FS_CleanupAssessment job is run. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/fs_cleanupprogress.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/fs_cleanupprogress.md new file mode 100644 index 0000000000..9bf46e53c1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/fs_cleanupprogress.md @@ -0,0 +1,26 @@ +# FS_CleanupProgress Job + +The FS_CleanupProgress job summarizes the progress of the cleanup effort and highlights the amount +of storage reclaimed on each host. + +## Analysis Tasks for the FS_CleanupProgress Job + +Navigate to the **FileSystem** > **Cleanup** > **FS_CleanupProgress** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_CleanupProgress Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp) + +The following analysis tasks are selected by default: + +- Summarize share- and host-level cleanup progress – Creates the SA_FS_CleanupProgress_ShareDetails + table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_CleanupProgress job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | --------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | +| Cleanup Progress | This report gives a high-level overview of an organization's cleanup effort | None | This report is comprised of two elements: - Bar Chart – Displays the host summary of cleanup progress - Table – provides details on cleanup progress | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/fs_notifyowners.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/fs_notifyowners.md new file mode 100644 index 0000000000..b811eb62f7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/fs_notifyowners.md @@ -0,0 +1,65 @@ +# FS_NotifyOwners Job + +The FS_NotifyOwners job is comprised of the SendMail action module that uses the data collected by +the **FileSystem** > **Cleanup** > **1. Cleanup Assessment** > **FS_CleanupAssessment** job to +contact owners of shares containing data for which cleanup is pending. + +## Action Tasks for the FS_NotifyOwners Job + +Navigate to the **FileSystem** > **Cleanup** > **2. Notify** > **FS_NotifyOwners** > **Configure** +node and select **Actions** to view the action tasks. + +**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +![Action Tasks for the FS_NotifyOwners Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/notifyownersaction.webp) + +The following action task is deselected by default. + +- Notify Owners – Notifies share owners using SendMail module + +Prior to running the FS_NotifyOwners job, it is necessary to select the **Notify Owners** task and +configure the properties for the SendMail action module. See the +[Configure the FS_NotifyOwners Action](#configure-the-fs_notifyowners-action) topic for additional +information. + +### Configure the FS_NotifyOwners Action + +The recipients and the text of the email can be customized on the Properties page within the Send +Mail Action Module Wizard. The +[1. Cleanup Assessment > FS_CleanupAssessment Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/fs_cleanupassessment.md) +must be run before the Send Mail Action Module Wizard can be opened. Follow these steps to customize +the Notify Owners action task. + +**Step 1 –** Navigate to the job’s **Configure** node and select **Actions**. + +**Step 2 –** In the Action Selection view, select the desired action task and click **Action +Properties** to view the Action Properties page. + +**Step 3 –** Click **Configure Action** to open the Send Mail Action Module Wizard. + +_Remember,_ the FS_CleanupAssessment job must be run before the Send Mail Action Module Wizard can +be opened. + +![Send Mail Action Module Wizard Properties page](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp) + +**Step 4 –** On the Properties page, customize the following fields: + +- Carbon copy (CC) – Add the recipient emails within this field + + **NOTE:** Email recipients may also be added within the Notification node under the Global + Settings pane. + +![Send Mail Action Module Wizard Message page](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp) + +**Step 5 –** On the Message page, customize the following fields: + +- Subject – Enter text for the display line on delivered emails +- Text Entry Box – Enter text to display on the body of each email + +**Step 6 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Send Mail Action Module +Wizard. + +The action task has been customized. It can now be selected and run as part of the FS_NotifyOwners +job. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/fs_notifyowners_status.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/fs_notifyowners_status.md new file mode 100644 index 0000000000..2aa886aa42 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/fs_notifyowners_status.md @@ -0,0 +1,28 @@ +# FS_NotifyOwners_Status Job + +The FS_NotifyOwners_Status job is comprised of analysis and reports that summarize the actions +performed by the FS_NotifyOwners job. See the +[FS_NotifyOwners Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/fs_notifyowners.md) topic +for additional information. + +## Analysis Tasks for the FS_NotifyOwners_Status Job + +Navigate to the **FileSystem** > **Cleanup** > **2. Notify** > **FS_NotifyOwners_Status** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_NotifyOwners_Status Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp) + +The following analysis tasks are selected by default: + +- Summarize notifications – Creates the SA_FS_CleanupAssessment_ShareDetails_NotifySummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_NotifyOwners_Status job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Owner Notifications (Share Owner Notifications) | This report summarizes share owner notifications which have occurred during the Cleanup effort | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of notify share owners - Table – provides details on notify share owners | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/overview.md new file mode 100644 index 0000000000..a9758a8402 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/overview.md @@ -0,0 +1,33 @@ +# 2. Notify Job Group + +The 2. Notify job group is designed to report on and notify owners of resources of target file +servers that data is pending cleanup. + +**NOTE:** The SendMail action module requires configuration of the Notification Settings in the +Global Settings. See the +[Notification](/docs/accessanalyzer/11.6/admin/settings/notification.md) +topic for additional information. + +![2. Notify Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +This job group includes the following jobs: + +- [FS_NotifyOwners Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/fs_notifyowners.md) + – Designed to notify share owners that there is data within their share pending cleanup +- [FS_NotifyOwners_Status Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/fs_notifyowners_status.md) + – Designed to summarize the actions taken by the NotifyOwners job + +Workflow + +The following is the recommended workflow for using the job group: + +**Step 1 –** **Prerequisite:** Successfully execute the following job groups: + +- .Active Directory Inventory +- File System > 0.Collection +- File System > Cleanup > 1. Cleanup Assessment + +**Step 2 –** Schedule the 2. Notify job group to run as desired after the prerequisites have +completed. + +**Step 3 –** Review the reports generated by the 2. Notify job group. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/overview.md new file mode 100644 index 0000000000..03eb294875 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/overview.md @@ -0,0 +1,66 @@ +# Cleanup Job Group + +The Cleanup job group is designed to report on and take action against resources from targeted file +servers that can be cleaned up. Use this job group to assess and remediate stale files according to +the data collected by the **0.Collection** job group. The Cleanup job group runs independently from +the rest of the File System solution. + +**NOTE:** The Cleanup job group requires additional licenses to function. For information, contact +your Netwrix representative. + +![Cleanup Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The Cleanup job group includes the following job groups and jobs: + +- [1. Cleanup Assessment > FS_CleanupAssessment Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/fs_cleanupassessment.md) + – Designed to report on and assess the status of target file servers that can be cleaned up +- [2. Notify Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/overview.md) + – Designed to report on and notify the owners of resources of target file servers that data is + pending cleanup +- [3. Quarantine Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/overview.md) + – This job group offers a framework for using the File System actions modules to quarantine files, + and to restore access to quarantined files if necessary +- [4. Delete Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/overview.md) + – Designed to report on and take action against resources from targeted file servers that can be + deleted +- [FS_CleanupProgress Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/fs_cleanupprogress.md) + – Summarizes the progress of the Cleanup effort and highlights the amount of storage reclaimed on + each host + +Many jobs in this group include one or more pre-built actions designed to apply operations to the +data tables generated by the job’s analysis tasks. These actions perform the cleanup operations. By +default, the actions do not execute as part of the job group. You must select the actions you want +to run prior to execution. See the +[Action Modules](/docs/accessanalyzer/11.6/admin/action/overview.md) +topic for additional information. + +## Recommended Configurations for the FS Cleanup Job Group + +The Cleanup job group has the following recommended configuration settings. + +Dependencies + +The Cleanup job group has the following prerequisites: + +- Successfully execute the **.Active Directory Inventory** job group prior to running this job group +- The **File System Actions** license must be installed +- Successfully execute the **FileSystem** > **0.Collection** job group with the following options + enabled: + + - Scan file-level details + - Collect ownership and permission information for files + + See the + [FSAA: Default Scoping Options](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions.md) + topic for additional information. + +Individual jobs and job groups within the Cleanup job group may have their own prerequisites and +dependencies. See the relevant topic for the job or job group for information about these. + +Target Host + +This job group does not collect data. No target host is required. + +Schedule Frequency + +This job group can be scheduled to run as desired. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_quarantinedata.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_quarantinedata.md new file mode 100644 index 0000000000..8c0d475b78 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_quarantinedata.md @@ -0,0 +1,23 @@ +# FS_QuarantineData Job + +The FS_QuarantineData job is designed to quarantine files subject to be cleaned up. + +## Action Tasks for the FS_QuarantineData Job + +Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_QuarantineData** > +**Configure** node and select **Actions** to view the action tasks. + +**CAUTION:** Do not enable the actions unless they are required. Disable the actions after execution +to prevent making unintended and potentially harmful changes to Active Directory. + +**CAUTION:** Do not modify the action tasks. The action tasks are preconfigured for this job. + +![Action Tasks for the FS_QuarantineData Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp) + +The following action tasks are deselected by default: + +- Give domain user full control – Gives a specified domain user full control over stale files +- Break inherited permissions – Breaks inherited permissions + +Prior to running the FS_QuarantineData job, it is necessary to select the **Give domain user full +control** or **Break inherited permissions** task to perform an action. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_quarantinedata_status.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_quarantinedata_status.md new file mode 100644 index 0000000000..56a5f55a5a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_quarantinedata_status.md @@ -0,0 +1,27 @@ +# FS_QuarantineData_Status Job + +The FS_QuarantineData_Status job is designed to report on the FS_QuarantineData job. See the +[FS_QuarantineData Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_quarantinedata.md) topic +for additional information. + +## Analysis Tasks for the FS_QuarantineData_Status Job + +Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_QuarantineData_Status** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_QuarantineData_Status Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp) + +The following analysis task is selected by default: + +- Summarize quarantine actions – Creates the SA_FS_Quarantine_Status_Summary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_QuarantineData_Status job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------- | -------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| File Quarantining | This report summarizes file quarantining which has occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of file quarantining - Table – provides details on file quarantining | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance.md new file mode 100644 index 0000000000..ad18e23e35 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance.md @@ -0,0 +1,35 @@ +# FS_RestoreInheritance Job + +The FS_RestoreInheritance job is designed to restore inheritance to previously quarantined files. + +## Analysis Tasks for the FS_RestoreInheritance Job + +Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_RestoreInheritance** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_RestoreInheritance Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp) + +The following analysis task is selected by default: + +- Determines candidates for restored inheritance – Creates the + SA_FS_RestoreInheritance_CandidatesView table accessible under the job’s Results node + +## Action Tasks for the FS_RestoreInheritance Job + +Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_RestoreInheritance** > +**Configure** node and select **Actions** to view the action tasks. + +**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +**CAUTION:** Do not modify the action task. The action task is preconfigured for this job. + +![Action Tasks for the FS_RestoreInheritance Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp) + +The following action tasks are deselected by default: + +- Restore Permissions – Restores permission inheritance to quarantined files where activity has + occurred diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance_status.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance_status.md new file mode 100644 index 0000000000..a87c7cfa70 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance_status.md @@ -0,0 +1,27 @@ +# FS_RestoreInheritance_Status Job + +The FS_RestoreInheritance_Status job is designed to report on inheritance that was restored to +previously quarantined files. + +## Analysis Tasks for the FS_RestoreInheritance_Status Job + +Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > +**FS_RestoredInheritance_Status** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_RestoreInheritance_Status Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp) + +The following analysis tasks are selected by default: + +- Summarize restore inheritance actions – Creates an interim processing table in the database for + use by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the FS_RestoreInheritance_Status +job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Restored Inheritance | This report summarizes restored inheritance which has occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of restored inheritance - Table – provides details on restored inheritance | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/overview.md new file mode 100644 index 0000000000..36d0a6aa5b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/overview.md @@ -0,0 +1,31 @@ +# 3. Quarantine Job Group + +The 3. Quarantine job group is designed to report on and quarantine files that are pending cleanup. + +![3. Quarantine Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +This job group includes the following jobs: + +- [FS_QuarantineData Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_quarantinedata.md) + – Designed to quarantine files subject to be cleaned up +- [FS_QuarantineData_Status Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_quarantinedata_status.md) + – Designed to report on the FS_QuarantineData job +- [FS_RestoreInheritance Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance.md) + – Designed to restore inheritance to previously quarantined files +- [FS_RestoreInheritance_Status Job](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance_status.md) + – Designed to report on inheritance that was restored to previously quarantined files + +Workflow + +The following is the recommended workflow for using the job group: + +**Step 1 –** **Prerequisite:** Successfully execute the following job groups: + +- .Active Directory Inventory +- File System > 0.Collection +- File System > Cleanup > 1. Cleanup Assessment + +**Step 2 –** Schedule the 3. Quarantine job group to run as desired after the prerequisites have +completed. + +**Step 3 –** Review the reports generated by the 3. Quarantine job group. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-create_schema.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-create_schema.md new file mode 100644 index 0000000000..f7a39a625a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-create_schema.md @@ -0,0 +1,44 @@ +# 0-Create Schema Job + +The 0-Create Schema job within the 0.Collection job group creates and updates the schema for the +tables, views, and functions used by the rest of the File System Solution. This job needs to run +prior to the other jobs in the 0.Collection job group for both new installations and upgrades. The +job can be scheduled with any of the collections. Do not delete the job from the job tree. + +**_RECOMMENDED:_** This job does not need to be moved. Leave it to run as part of the 0.Collection +job group. + +## Analysis Tasks for the 0-Create Schema Job + +View the analysis task by navigating to the **FileSystem** > **0.Collection** > **0-Create +Schema** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection for the 0-Create Schema Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/createschemaanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create Tables – Creates all tables prefaced with SA*FSAA* +- 2. Create DFS Tables – Creates all tables prefaced with SA*FSDFS* +- 3. Create DLP Tables – Creates all tables prefaced with SA*FSDLP* +- 4. Create FSAC Tables – Creates all tables prefaced with SA*FSAC* +- 5. Create Rename Targets – Creates the SA_FSAC_Rename Targets tables +- 6. Create Paths View – Creates the SA_FSAA_Paths view +- 7. Update data types – Enterprise Auditor uses custom SQL data types to render data. This + analysis creates updates to those data types. +- 8. Import new functions – Creates functions used in the File System Solution that only reference + the .Active Directory Inventory job group data +- 9. Import new functions – Creates the FSAA functions used in the File System Solution that + reference the 0.Collection job group data +- 10. Create exception types – Creates the SA_FSAA_ExceptionTypes table +- 11. Create views – Creates the SA_FSAA_DirectPermissionsView +- 12. Create Exceptions Schema – Creates the SA_FSAC_Exception table and the + SA_FSAC_ExceptionTypes table +- 13. Create FSAC Views – Creates all views prefaced with SA*FSAC* +- 14. Create Functions – Creates the FSAC functions used in the File System Solution that + reference the 0.Collection job group data +- 15. Create FSDLP Views – Creates all views prefaced with SA*FSDLP* +- 16. Create DFS Functions – Creates the FSDFS functions used in the File System Solution that + reference the 0.Collection job group data diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-fs_nasuni.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-fs_nasuni.md new file mode 100644 index 0000000000..7093032031 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-fs_nasuni.md @@ -0,0 +1,30 @@ +# 0-FS_Nasuni Job + +The 0-FS_Nasuni job is required in order to target Nasuni Edge Appliances. The job can be added from +the Enterprise Auditor Instant Job Library. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic to add this instant job to the 0.Collection job group. + +**CAUTION:** It is necessary to rename the job after it has been added to the 0.Collection job group +from **FS_Nasuni** to **0-FS_Nasuni**, so that it runs immediately after the 0-Create Schema job. + +_Remember,_ the 0-FS_Nasuni job must be assigned a custom host list containing all on-premise Nasuni +Edge Appliances and cloud filers, and a custom Connection Profile containing the API Access Key and +Passcode for each on-premise Nasuni Edge Appliance and cloud filer in the target environment. Nasuni +API key names are case sensitive. When providing them, ensure they are entered in the exact same +case as generated. + +## Queries for the 0-FS_Nasuni Job + +The queries for the 0-FS_Nasuni job use the PowerShell Data collector to gather system information, +volume data, and share data from the Nasuni environment. + +**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. + +![Queries for the 0-FS_Nasuni Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsnasuniquery.webp) + +The queries for the 0-FS_Nasuni job are: + +- SysInfo – Collects Nasuni system information +- Volumes – Collects Nasuni volume information +- Shares – Collects Nasuni CIFS/SMB share information diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-fsdfs_system_scans.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-fsdfs_system_scans.md new file mode 100644 index 0000000000..daa2786d4d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-fsdfs_system_scans.md @@ -0,0 +1,32 @@ +# 0-FSDFS System Scans Job + +The 0-FSDFS System Scans job enumerates a list of all root and link targets in the distributed file +system and creating a dynamic host list that will be used by the components. + +## Query for the 0-FSDFS System Scans Job + +The DFS System Scan Query uses the FSAA Data Collector and has been preconfigured to use the DFS +Scan Category. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the 0-FSDFS System Scans Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsdfssystemscansquery.webp) + +- DFS System Scan – Scans the DFS System + +## Analysis Tasks for the 0-FSDFS System Scans Job + +View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **0-FSDFS System +Scans** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 0-FSDFS System Scans Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsdfssystemscansanalysis.webp) + +The following analysis tasks are selected by default: + +- Create Hosts View – Creates the 0-FSDFS_System_HostView visible through the Results node that + contains the dynamic host list +- Create Views – Creates the FSDFS_NamespacesTraversalView visible through the Results node that + contains expansion of all the scanned namespaces diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsaa_system_scans.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsaa_system_scans.md new file mode 100644 index 0000000000..35c04649db --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsaa_system_scans.md @@ -0,0 +1,191 @@ +# 1-FSAA System Scans Job + +The 1-FSAA System Scans job is designed to collect access information from the targeted file +servers. + +## Query for the 1-FSAA System Scans Job + +The File System Scan query uses the FSAA Data Collector. + +![Query for the 1-FSAA System Scans Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaasystemscansquery.webp) + +The following default configurations are commonly customized: + +- Default Scoping Options page > File Properties (Folder Summary) tab: + + - Set to limit the **Scan for Probable Owners**, with Limit maximum number of probable owners to + return per folder set to 5 + - Set to **Scan for file types**, with Limit maximum number of file types to return per folder + set to 5 + +- Scan Server Selection page: + + - Set to **Local Server**, or local mode scans + +- Default Scoping Options page > Scan Settings tab: + + - Set to **Limit subfolder scan depth to 2 level(s)** + +See the +[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md) +topic for a complete list of customizable settings. See the +[Configure the (FSAA) File System Scan Query](#configure-the-fsaa-file-system-scan-query) topic for +additional information. + +### Configure the (FSAA) File System Scan Query + +The 1-FSAA System Scans job has been preconfigured to run with the default settings with the +category of File system access/permission auditing Scan. Follow the steps to set any desired +customizations. + +**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAA System Scans** > +**Configure** node and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor +Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Applet Settings](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekappletsettings.webp) + +**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans. If employing proxy +servers, see the +[FSAA: Applet Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md) +topic for configuration instructions. + +![Scan Server Selection](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekserverselection.webp) + +**Step 5 –** On the Scan Server Selection page, select the server that will execute the scan. See +the +[FSAA: Scan Server Selection](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scanserverselection.md) topic +for additional information. + +![Scan Settings](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscansettings.webp) + +**Step 6 –** On the Scan Settings page, you can enable streaming. See the +[FSAA: Scan Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.md) topic +for additional information. + +**NOTE:** If streaming is enabled, the **2-FSAA Bulk Import** job is no longer needed as part of the +**0.Collection** job group. + +![Azure Tennant Mapping](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp) + +**Step 7 –** On the Azure Tenant Mapping page, add the AppPrincipalID (App ID) and Tenant ID. See +the +[FSAA: Azure Tenant Mapping](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/azuretenantmapping.md) +topic for additional information. + +![Default Scoping Options](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaadefaultscopingoptions.webp) + +**Step 8 –** On the Default Scoping Options page, configure the following on the Scan Setting tab: + +- Limit subfolder scan depth to – Select this checkbox and use the arrow buttons to modify the + subfolder scan depth +- Exclude snapshot directories on NetApp server – Select this checkbox to exclude snapshot + directories on NetApp server +- Exclude system shares – Select this checkbox to exclude system shares +- Exclude hidden shares – Select this checkbox to exclude hidden shares +- Specify action on Last Access Time (LAT) preservation as follows: + + - Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to + enable an operating system feature to preserve the LAT when accessing the file. This operation + may fail for a variety of reasons, which include but are not limited to: the operating system + or file system where the file is located does not support LAT preservation, or insufficient + permissions from the service account trying to access the file. The following configuration + addresses a failure to enable the LAT preservation mode: + + - Continue to scan file silently – FSAA scans the file with the possibility that LAT + preservation is not possible. No warning will be shown. + - Continue to scan file with warning – FSAA scans the file with the possibility that LAT + will not be preserved. A warning will be shown for this file. + - Skip file silently – FSAA will not scan the file. No warning will be shown. + - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating + the file was skipped. + - Abort the scan – FSAA will abort the scan. No further files will be processed. + + - Action on changed LAT After scan – Before scanning each file, the LAT of the current file is + recorded. After scanning, it is verified whether the LAT has changed since then (likely + scenarios are either that the LAT preservation mechanism failed to function as intended, or + that the file was accessed by someone while the scan was occurring). The following + configuration addresses a changed LAT: + + - Continue scan silently – The scan will move on to the next file while updating the LAT for + the processed file. No warning will be shown. + - Continue scan with warning – The scan will continue on to the next file. LAT will be + updated for the processed file. A warning will be shown. + - Force-reset file LAT silently – The scan will reset the file's LAT to its original state + before processing. No warning will be shown. The scan will proceed to the next file. + - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original + state before processing. A warning will be shown. The scan will proceed to the next file. + - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No + other files will be processed + +See the +[Scan Settings Tab](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md) +topic for additional information. + +![File Details tab of the Default Scoping Options page](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp) + +**Step 9 –** On the File Details tab of the Default Scoping Options page, you can enable file-level +scans. See the +[File Details Tab](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md) + +**_RECOMMENDED:_** Carefully consider configuring the following settings. Applying filters when file +detail scanning has been enabled reduces the impact on the database. + +![File Properties (Folder Summary) tab of the Default Scoping Options page](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp) + +**Step 10 –** On the File Properties (Folder Summary) tab of the Default Scoping Options page, you +can configure the following: + +- Enable scan for probable owners +- Add a limit to the number of probable owners returned +- Scope file types to scan +- Add collection of tags and keyword +- Enable return of files with only comma-separated values (CSV files). + +See the +[File Properties (Folder Summary) Tab](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md) +topic for additional information. + +![Scoping Options](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscopingoptions.webp) + +**Step 11 –** On the Scoping Options page, add share/folder inclusions and exclusions. See the +[FSAA: Scoping Options](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptions.md) topic +for additional information. + +![Scoping Queries](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscopingqueries.webp) + +**Step 12 –** On the Scoping Queries page: + +- Add folder/share inclusions +- Add folder/share exclusions +- Restrict scans to DFS shares or Open shares + +See the +[FSAA: Scoping Queries](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueries.md) +topic for additional information. + +**Step 13 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes +were made. Then click **OK** to close the Query Properties window. + +If changes were made, the **1-FSAA System Scans** job is now customized. + +## Analysis Task for the 1-FSAA System Scans Job + +View the analysis task by navigating to the **FileSystem** > **0.Collection** > **1-FSAA System +Scans** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the 1-FSAA System Scans Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaasystemscansanalysis.webp) + +The following analysis task is selected by default: + +- 1. Resolve links – Resolves DFS links in standard tables diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsac_system_scans.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsac_system_scans.md new file mode 100644 index 0000000000..6782d5c4a4 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsac_system_scans.md @@ -0,0 +1,76 @@ +# 1-FSAC System Scans Job + +The 1-FSAC System Scans job is designed to collect activity events from the targeted file servers. + +## Query for the 1-FSAC System Scans Job + +The Activity Scan query uses the FSAA Data Collector and has been preconfigured to use the File +system activity Scan category. + +![Query for the 1-FSAC System Scans Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacsystemscansquery.webp) + +- Activity Scan – Scans for File System Activity + +The following default configurations are commonly customized: + +- Scan Server Selection page: + + - Set to **Local Server**, or local mode scans + +- Activity Settings page: + + - Set scan filter for detailed activity **60** days + - Set filter for statistics of activity **120** days + +See the +[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md) +topic for a complete list of customizable settings. See the +[Configure the Activity Scan Query](#configure-the-activity-scan-query) topic for instructions. + +### Configure the Activity Scan Query + +The 1-FSAC System Scans job has been preconfigured to run with the default settings with the +category of File system activity Scan. Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAC System Scans** > +**Configure** node and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor +Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Applet Settings](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacappletsettings.webp) + +**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans which are selected +on the Scan Server Level Page. If employing proxy servers, see the +[FSAA: Applet Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md) +topic for configuration instructions. + +![Scan Server Selection](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacscanserverselection.webp) + +**Step 5 –** The Scan Server Selection page applies to the applet and proxy mode scans. Remember, +each mode has different provisioning requirements. See the +[FSAA: Scan Server Selection](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scanserverselection.md) topic +for additional information. + +![Activity Settings](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacactivitysettings.webp) + +**Step 6 –** On the Activity Settings page: + +- Modify the number of days detailed activity is kept +- Modify the number of days activity statistics are kept +- Modify log parsing limits + +See the +[FSAA: Activity Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/activitysettings.md) topic +for additional information. + +**Step 7 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes +were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 1-FSAC System Scans job is now customized. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-seek_system_scans.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-seek_system_scans.md new file mode 100644 index 0000000000..d2f8222283 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-seek_system_scans.md @@ -0,0 +1,208 @@ +# 1-SEEK System Scans Job + +The 1-SEEK System Scans job is designed to collect sensitive data from the targeted file servers. + +## Query for the 1-SEEK System Scans Job + +The File System Scan query uses the FSAA Data Collector and has been preconfigured to use the +Sensitive data Scan category. + +![Query for the 1-SEEK System Scans Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seeksystemscansquery.webp) + +- File System Scan – Scans the File System + +The following default configurations are commonly customized: + +- Scan Server Selection page: + + - Set to **Local Server**, or local mode scans + +- Default Scoping Options page > Scan Settings tab: + + - Set to **Limit subfolder scan depth to 2 level(s)** + - Set to **Exclude system shares** + +- Scoping Options + + - Add share and folder inclusions + - Add share and folder exclusions + +- Sensitive Data Settings page: + + - Set to **Don’t process files larger than 2 MB** + - Set to **Store discovered sensitive data** + - Set to scan typical documents + +- SDD Criteria Settings page: + + - Set to the following System Criteria: + + - Credit Cards + - Passwords + - Tax Forms + - US SSN + +See the +[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md) +topic for a complete list of customizable settings. See the +[Configure the (SEEK) File System Scan Query](#configure-the-seek-file-system-scan-query) topic for +instructions. + +### Configure the (SEEK) File System Scan Query + +The 1-SEEK System Scans job has been preconfigured to run with the default settings with the +category of Sensitive data Scan. Follow these steps to set any desired customizations. + +**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-SEEK System Scans** > +**Configure** node and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor +Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Applet Settings](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekappletsettings.webp) + +**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans which are selected +on the Scan Server Level page. If employing proxy servers, see the +[FSAA: Applet Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md) +topic for configuration instructions. + +![Scan Server Selection](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekserverselection.webp) + +**Step 5 –** The Scan Server Selection page applies to the applet and proxy mode scans. Remember, +each mode has different provisioning requirements. In addition to changing the type of scan mode, +you can modify the scan restart settings. See the +[FSAA: Scan Server Selection](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scanserverselection.md) topic +for additional information. + +![Scan Settings](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscansettings.webp) + +**Step 6 –** On the Scan Settings page, you can enable streaming. See the +[FSAA: Scan Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.md) topic +for additional information. + +**NOTE:** If streaming is enabled, the **2-SEEK Bulk Import** job is no longer needed as part of the +**0.Collection** job group. + +![Azure Tenant Mapping](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp) + +**Step 7 –** On the Azure Tenant Mapping page, enable Azure Information Protection (AIP). See the +[FSAA: Azure Tenant Mapping](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/azuretenantmapping.md) +topic for additional information. + +![Default Scoping Options](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seekdefaultscopingoptions.webp) + +**Step 8 –** On the Default Scoping Options page, configure the following on the Scan Setting tab: + +- Limit subfolder scan depth to – Select this checkbox and use the arrow buttons to modify the + subfolder scan depth +- Exclude snapshot directories on NetApp server – Select this checkbox to exclude snapshot + directories on NetApp server +- Exclude system shares – Select this checkbox to exclude system shares +- Exclude hidden shares - Select this checkbox to exclude hidden shares +- Last Access Time (LAT) preservation – Select this checkbox to specify action on Last Access Time + (LAT) preservation as follows: + + - Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to + enable an operating system feature to preserve the LAT when accessing the file. This operation + may fail for a variety of reasons, which include but are not limited to: the operating system + or file system where the file is located does not support LAT preservation, or insufficient + permissions from the service account trying to access the file. The following configuration + addresses a failure to enable the LAT preservation mode: + + - Continue to scan file silently – FSAA scans the file with the possibility that LAT + preservation is not possible. No warning will be shown. + - Continue to scan file with warning – FSAA scans the file with the possibility that LAT + will not be preserved. A warning will be shown for this file. + - Skip file silently – FSAA will not scan the file. No warning will be shown. + - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating + the file was skipped. + - Abort the scan – FSAA will abort the scan. No further files will be processed. + + - Action on changed LAT After scan – Before scanning each file, the LAT of the current file is + recorded. After scanning, it is verified whether the LAT has changed since then (likely + scenarios are either that the LAT preservation mechanism failed to function as intended, or + that the file was accessed by someone while the scan was occurring). The following + configuration addresses a changed LAT: + + - Continue scan silently – The scan will move on to the next file while updating the LAT for + the processed file. No warning will be shown. + - Continue scan with warning – The scan will continue on to the next file. LAT will be + updated for the processed file. A warning will be shown. + - Force-reset file LAT silently – The scan will reset the file's LAT to its original state + before processing. No warning will be shown. The scan will proceed to the next file. + - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original + state before processing. A warning will be shown. The scan will proceed to the next file. + - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No + other files will be processed + +See the +[Scan Settings Tab](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md) +topic for additional information. + +![Scoping Options](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscopingoptions.webp) + +**Step 9 –** On the Scoping Options page, add share/folder inclusions and exclusions. See the +[FSAA: Scoping Options](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptions.md) topic +for additional information: + +![Scoping Queries](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscopingqueries.webp) + +**Step 10 –** On the Scoping Queries page: + +- Add share and folder inclusions +- Add share and folder exclusions +- Scope to scan only Open shares + +**NOTE:** This option only works in conjunction with File System Access Auditing. + +See the +[FSAA: Scoping Queries](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueries.md) +topic for additional information. + +![Sensitive Data Settings](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp) + +**Step 11 –** On the Sensitive Data Settings page: + +- Modify maximum file size to be scanned +- Add scanning offline files +- Modify file types to be scanned +- Enable differential scanning +- Modify the number of SDD scan processes + + **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host + should be 1 to 2 times the number of CPU threads available. + +- Enable Optical Character Recognition (OCR) scans + + **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents + directly converted to images, with standard fonts. It will not work for scanning photos of + documents and may not be able to recognize text on images of credit cards, driver's licenses, or + other identity cards. + +See the +[FSAA: Sensitive Data Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/sensitivedatasettings.md) +topic for additional information. + +![SDD Criteria Settings](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seeksddcriteriasettings.webp) + +**Step 12 –** On the SDD Criteria Settings page, add or remove criteria as desired. See the +[FSAA: SDD Criteria Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/sddcriteria.md) topic +for additional information. + +- _(Optional)_ To create custom criteria, see the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information + +**NOTE:** By default, discovered sensitive data strings are not stored in the Enterprise Auditor +database. + +**Step 13 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes +were made. Then click **OK** to close the Query Properties window. + +If changes were made, the **1-SEEK System Scans** Job has now been customized. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-fsaa_bulk_import.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-fsaa_bulk_import.md new file mode 100644 index 0000000000..66d3eb3247 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-fsaa_bulk_import.md @@ -0,0 +1,36 @@ +# 2-FSAA Bulk Import Job + +The 2-FSAA Bulk Import job is designed to import collected access information from the targeted file +servers. + +## Query for the 2-FSAA Bulk Import Job + +The Bulk import query uses the FSAA Data Collector and has been preconfigured to use the File system +access/permission auditing Bulk import category. + +![Query for the 2-FSAA Bulk Import Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaabulkimportquery.webp) + +- Bulk import – Imports scan data into SQL Server + + - Typically, this query is not modified. See the + [FileSystemAccess Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/overview.md) + topic for information on when this query should be modified. + +## Analysis Tasks for the 2-FSAA Bulk Import Job + +View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **2-FSAA Bulk +Import** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 2-FSAA Bulk Import Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaabulkimportanalysis.webp) + +The following analysis tasks are selected by default: + +- Update Statistics – Improves performance on the FSAA tables +- Resolve links – Resolves DFS links in standard tables + +The following analysis task is deselected by default: + +- Nasuni – Resolves links for Nasuni Hosts diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-fsac_bulk_import.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-fsac_bulk_import.md new file mode 100644 index 0000000000..386c6f740b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-fsac_bulk_import.md @@ -0,0 +1,17 @@ +# 2-FSAC Bulk Import Job + +The 2-FSAC Bulk Import job is designed to import collected access information from the targeted file +servers. + +## Query for the 2-FSAC Bulk Import Job + +The Bulk Import query uses the FSAA Data Collector and has been preconfigured to use the File system +activity Bulk import category. + +![Query for the 2-FSAC Bulk Import Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacbulkimportquery.webp) + +- Bulk Import – Imports data into SQL Server + + - Typically this query is not modified. See the + [FileSystemAccess Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/overview.md) + topic for information on when this query should be modified. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-seek_bulk_import.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-seek_bulk_import.md new file mode 100644 index 0000000000..2c0d82d49a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-seek_bulk_import.md @@ -0,0 +1,17 @@ +# 2-SEEK Bulk Import Job + +The 2-SEEK Bulk Import job is designed to import collected sensitive data information from the +targeted file servers. + +## Query for the 2-SEEK Bulk Import Job + +The Bulk Import query uses the FSAA Data Collector and has been preconfigured to use the Sensitive +data Bulk import category. + +![Query for the 2-SEEK Bulk Import Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seekbulkimportquery.webp) + +- Bulk Import – Imports data into SQL server + + - Typically this query is not modified. See the + [FileSystemAccess Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/overview.md) + topic for information on when this query should be modified. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/3-fsaa_exceptions.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/3-fsaa_exceptions.md new file mode 100644 index 0000000000..35664d709f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/3-fsaa_exceptions.md @@ -0,0 +1,51 @@ +# 3-FSAA Exceptions Job + +The 3-FSAA Exceptions job does not use the FSAA Data Collector. Instead it runs analysis on the data +returned by the Access Auditing collection jobs to identify potential security concerns. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The 3-FSAA Exceptions job has the following customizable parameter: + +- Well Known high risk SIDS – Add any additional custom SIDS, but do not remove the default SIDS. + +See the +[Analysis Tasks for the 3-FSAA Exceptions Job](#analysis-tasks-for-the-3-fsaa-exceptions-job) topic +for additional information. + +## Analysis Tasks for the 3-FSAA Exceptions Job + +View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **3-FSAA +Exceptions** > **Configure** node and select **Analysis**. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or +deselected. While it is possible to deselect particular tasks as specified, it is not recommended. + +![Analysis Tasks for the 3-FSAA Exceptions Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaexceptionsanalysis.webp) + +The following analysis tasks are selected by default: + +- Open resources – Any folders that are openly accessible through file shares. Can be deselected if + open resource information is not desired. + + - Well known high risk SIDS have been set in the `#SIDS` parameter. Do not remove these, but + additional custom SIDS can be added. See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information. + +- Disabled users – Any folders where disabled users have been granted access + + - Can be deselected if disabled user information is not desired + +- Stale users – Any folders where stale users have been granted access. Stale users are user who + have not logged in for more than 120 days. + + - Can be deselected if stale user information is not desired + +- Reindex Exception IDs – Displays views within the **Results** node of the Enterprise Auditor + Console diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/3-fsac_exceptions.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/3-fsac_exceptions.md new file mode 100644 index 0000000000..924599e76b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/3-fsac_exceptions.md @@ -0,0 +1,113 @@ +# 3-FSAC Exceptions Job + +The 3-FSAC Exceptions job is designed to analyze collected access information for exceptions. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The 3-FSAC Exceptions job has many customizable parameters. See the +[Customizable Analysis Tasks for the 3-FSAC Exceptions Job](#customizable-analysis-tasks-for-the-3-fsac-exceptions-job) +topic for information on these. + +## Analysis Tasks for the 3-FSAC Exceptions Job + +View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **3-FSAC +Exceptions** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 3-FSAC Exceptions Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacexceptionsanalysis.webp) + +The following analysis tasks are selected by default: + +- Unusual share activity – Share exceptions for unusual volumes (spikes) of activity +- First time access to share – Recent share access by users for the first time +- Sensitive data activity – Recent access to sensitive content +- Unusual peer group share activity – Spikes in interdepartmental activity +- Unusual binaries activity – First time user activity performed on binaries +- Unusual user activity – Spikes in activity by user +- Unusual user sensitive data activity – Spikes in sensitive data activity by user +- Ransomware – Spikes in updates by user +- Unusual user stale data activity – Spikes in stale data activity by user + +While it is possible to deselect particular tasks as specified, it is not recommended. The following +analysis tasks are deselected by default: + +- Show view – Displays the SA_FSAC_ExceptionsView within the Results node of the Enterprise Auditor + Console +- Show users view – Displays the SA_FSAC_UserExceptionsView within the Results node of the + Enterprise Auditor Console + +### Customizable Analysis Tasks for the 3-FSAC Exceptions Job + +Customizable parameters enable users to set the values used for classification during the job’s +analysis. The 3-FSAC Exceptions job contains the following customizable parameters: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------------------------ | --------------------------- | ------------- | ------------------------------------------------------------------------------- | +| Unusual share activity | @WEEKS | 3 | Minimum data points required for analysis | +| Unusual share activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Unusual share activity | @EVENTS | 10 | Minimum amount of events for operations exception | +| Unusual share activity | @PEOPLE | 10 | Minimum amount of people for user activity exception | +| Unusual share activity | @FILES | 10 | Minimum amount of files for resource count exception | +| Unusual share activity | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Unusual share activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operation count exception | +| Unusual share activity | @TRUSTEESTDDEVS | 3 | Multiples of standard deviation required to be a user volume exception | +| Unusual share activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a file activity volume exception | +| First time access to share | @DAYS | 7 | Amount of days to generate exceptions for from today | +| First time access to share | @MINDAYS | 30 | minimum amount of days a share needs to determine access | +| Sensitive data activity | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Unusual peer group share activity | @WEEKS | 3 | Minimum data points required for analysis | +| Unusual peer group share activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Unusual peer group share activity | @EVENTS | 10 | Minimum amount of events for operations exception | +| Unusual peer group share activity | @FILES | 10 | Minimum amount of files for resource count exception | +| Unusual peer group share activity | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Unusual peer group share activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operation count exception | +| Unusual peer group share activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a file activity volume exception | +| Unusual binaries activity | @DATE_CUTOFF | 7 | From the current time, how many days to look back when considering exceptions | +| Unusual user activity | @WEEKS | 3 | Minimum data points required for analysis | +| Unusual user activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Unusual user activity | @EVENTS | 10 | Minimum amount of events for operations exception | +| Unusual user activity | @SHARES | 10 | Minimum amount of shares for share activity exception | +| Unusual user activity | @FILES | 10 | Minimum amount of files for resource count exception | +| Unusual user activity | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Unusual user activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | +| Unusual user activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | +| Unusual user activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | +| Unusual user sensitive data activity | @WEEKS | 3 | Minimum data points required for analysis | +| Unusual user sensitive data activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Unusual user sensitive data activity | @EVENTS | 10 | Minimum amount of events for operations exception | +| Unusual user sensitive data activity | @SHARES | 10 | Minimum amount of shares for share activity exception | +| Unusual user sensitive data activity | @FILES | 10 | Minimum amount of files for resource count exception | +| Unusual user sensitive data activity | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Unusual user sensitive data activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | +| Unusual user sensitive data activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | +| Unusual user sensitive data activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | +| Ransomware | @WEEKS | 3 | Minimum data points required for analysis | +| Ransomware | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Ransomware | @EVENTS | 10 | Minimum amount of events for operations exception | +| Ransomware | @SHARES | 10 | Minimum amount of shares for share activity exception | +| Ransomware | @FILES | 10 | Minimum amount of files for resource count exception | +| Ransomware | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Ransomware | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | +| Ransomware | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | +| Ransomware | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | +| Unusual user stale data activity | @WEEKS | 3 | Minimum data points required for analysis | +| Unusual user stale data activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Unusual user stale data activity | @EVENTS | 10 | Minimum amount of events for operations exception | +| Unusual user stale data activity | @SHARES | 10 | Minimum amount of shares for share activity exception | +| Unusual user stale data activity | @FILES | 10 | Minimum amount of files for resource count exception | +| Unusual user stale data activity | @DAYS | 7 | The amount of days to generate exceptions for from today | +| Unusual user stale data activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | +| Unusual user stale data activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | +| Unusual user stale data activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | +| Unusual user stale data activity | @STALETHRESHOLD | 365 | Number of days after which resources are considered stale | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information on modifying analysis parameters. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/collection/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/collection/overview.md new file mode 100644 index 0000000000..97c18bd70b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/collection/overview.md @@ -0,0 +1,688 @@ +# 0.Collection Job Group + +The 0.Collection job group is designed to collect information from targeted file servers. +Information collected includes access control information, activity events, and sensitive data. + +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 0.Collection job group has the following collection components: + +- File System Access Auditing (FSAA) component – The primary component of this group. Collects file + system information, such as permissions and content metadata. It employs the **1-FSAA System + Scans** job, the **2-FSAA Bulk Import** job, and the **3-FSAA Exceptions** job. See the + [File System Access Auditing](#file-system-access-auditing) topic for additional information. +- File System DFS Auditing (FSDFS) component – Collects Distributed File System (DFS) mappings from + Active Directory or self-hosted DFS servers and compares them to the file system information. It + works in conjunction with the FSAA component and employs the **0-FSDFS System Scans** job. The + results from this component are only available through the Access Information Center. See the + [File System DFS Auditing](#file-system-dfs-auditing) topic for additional information. +- File System Activity Auditing (FSAC) component – Collects event information logged by the Activity + Monitor. This component requires an additional installer package before data collection will + occur. It should be run in conjunction with the FSAA component and employs the **1-FSAC System + Scans** job, the **2-FSAC Bulk Import** job, and the **3-FSAC Exceptions** job. See the + [File System Activity Auditing](#file-system-activity-auditing) topic for additional information. +- File System Sensitive Data Discovery Auditing (SEEK) component – Searches file content for + sensitive data. It can work independently or in conjunction with the FSAA component and employs + the **1-SEEK System Scans** job and the **2-SEEK Bulk Import** job. This component requires an + additional installer package before data collection will occur. See the + [File System Sensitive Data Discovery Auditing (SEEK)](#file-system-sensitive-data-discovery-auditing-seek) + topic for additional information. + +These jobs are numbered to keep them in the necessary run order. Not all jobs need be run. See the +appropriate auditing topic for specific job relationships and recommended workflows. The 0-Create +Schema job ensures the database schema is properly configured for the current version of the data +collector. See the +[0-Create Schema Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-create_schema.md) +topic for additional information. + +_Remember,_ the relationship between system scans and bulk import jobs requires the following +considerations: + +- A system scans job executed from a Enterprise Auditor Console must be followed by the + corresponding bulk import job from the same Enterprise Auditor Console with the same version of + Enterprise Auditor +- Two system scans processing the same information, for example two 1-FSAA System Scans jobs, cannot + be executed consecutively against the same target host. The corresponding bulk import job, for + example 2-FSAA Bulk Import job, must be executed in between. + +The system scans job collects the data and creates a Tier-2 database, or SQLite database, on the +local host, target host, or proxy host (according to the Applet Gathering Settings configured). The +corresponding bulk import job gathers the information from the Tier-2 database, and pulls it into +the Tier-1 database, or Enterprise Auditor SQL backend database, thus completing the collection +process. The collection does not include a bulk import job, as it streams the collected data +directly into the Tier-1 database. + +## File System Access Auditing + +Access Auditing (FSAA) is the primary component of the 0.Collection job group. It collects file +system permission, content metadata, and additional file system information. The jobs, tables, and +views specifically incorporated into this component are prefixed with `FSAA`. See the +[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/standardtables.md) +topic for additional information on the data collected. + +The 0.Collection jobs that comprise this auditing component are: + +- [1-FSAA System Scans Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsaa_system_scans.md) + – Collects access information from the targeted file servers +- [2-FSAA Bulk Import Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-fsaa_bulk_import.md) + – Imports collected access information from the targeted file servers + + - The 2-FSAA Bulk Import job does not need to be run when streaming is enabled + +- [3-FSAA Exceptions Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/3-fsaa_exceptions.md) + – Analyzes collected access information for exceptions + +The following job groups and jobs in the File System solution depend on data collected by these jobs +to generate reports: + +- [1.Open Access > FS_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_openaccess.md) +- [2.Direct Permissions Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/overview.md) +- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_brokeninheritance.md) +- [4.Content Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/content/overview.md) +- [5.Activity Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/activity/overview.md) + (also requires Activity Auditing) +- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_probableowner.md) + (also requires Activity Auditing) +- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_dlpresults.md) + (also requires Activity Auditing and Sensitive Data Discovery Auditing) +- [Ad Hoc Audits Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/overview.md) +- [FileSystemOverview Job](/docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverview.md) +- [FS_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_securityassessment.md) + +The File System Access Reports in the Access Information Center are also populated by this data. See +the File System Reports topics in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +It is more efficient to streamline the collection jobs to those desired. Remember, it is a best +practice to scope the 0.Collection job group to only include the collection components desired by +disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. +It is not recommended to delete any jobs. The required collection jobs are listed for the following +workflow. + +Workflow (for Access Auditing only) + +The recommended workflow for Access Auditing only is as follows: + +**Step 1 –** Run the **1-FSAA System Scans** job. + +**Step 2 –** If necessary, run the **2-FSAA Bulk Import** job: + +- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** + job. +- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 3 –** Run the **3-FSAA Exceptions** job. + +**Step 4 –** Run the desired corresponding analysis and reporting sub-job groups. + +**NOTE:** Please see the +[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md) +topic before continuing with this workflow. + +See the other auditing sections for workflows which include multiple auditing types. + +## File System DFS Auditing + +DFS Auditing (FSDFS) is the component of the 0.Collection job group which collects Distributed File +System (DFS) mappings from Active Directory or self-hosted DFS servers and compares them to the file +system information. It works in conjunction with the Access Auditing component. The jobs, tables, +and views specifically incorporated into this component are prefixed with `FSDFS`. See the +[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/standardtables.md) +topic for additional information on the data collected. + +The 0.Collection jobs that comprise the DFS auditing component are: + +- [0-FSDFS System Scans Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-fsdfs_system_scans.md) + – This job is responsible for enumerating a list of all root and link targets in the distributed + file system and creating a dynamic host list that will be used by the other 0.Collection jobs + + - The Connection Profile and required permissions for the 0-FSDFS System Scans job are the same + as those required for collecting system data from supported Windows operating systems. They + are dependent on the file system scan option being used. See the + [File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) topic + for additional information. + - The target host you should assign to the 0-FSDFS System Scans job depends on the type of + DFS namespace being audited: + + - For domain-based DFS namespaces, assign a host list containing the default domain + controllers for the domains hosting the DFS namespaces + - For standalone DFS namespaces, assign a host list containing the servers hosting the + namespaces + + - When run successfully, the 0-FSDFS System Scans job automatically creates a dynamic host list + called **DFS HOST LIST**. This is added to the Host Management node. You should assign this + **DFS HOST LIST** to other 0.Collection jobs as outlined in the recommended workflows below. + +The components depend on data collected by these jobs to collect within a file system using DFS +mappings. + +It is more efficient to streamline the collection jobs to those desired. Remember, it is a best +practice to scope the 0.Collection job group to only include the collection components desired by +disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. +It is not recommended to delete any jobs. The required collection jobs are listed for each of the +following optional workflows. + +**CAUTION:** The DFS Auditing component must always be run in conjunction with the Access Auditing +component. Access audits are necessary to resolve the target shares and folders of DFS link +destinations. + +Recommended Workflow 1 (for AccessAuditing with DFS Auditing) + +**Step 1 –** Run the **0-FSDFS System Scans** job. + +**Step 2 –** Run the **1-FSAA System Scans** job (with the **DFS HOST LIST** assigned). + +**Step 3 –** If necessary, run the **2-FSAA Bulk Import** job (with the **DFS HOST LIST** assigned): + +- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** + job. +- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 4 –** Run the **3-FSAA Exceptions** job (not specifically needed for DFS Auditing, but +recommended for **0.Collection** job group). + +**Step 5 –** Run the desired corresponding analysis and reporting sub-job groups. + +Recommended Workflow 2 (for AccessAuditing with DFS Auditing and Activity Auditing) + +**Step 1 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once +only). + +**Step 2 –** Run the **0-FSDFS System Scans** job. + +**Step 3 –** Run the **1-FSAA System Scans** job (with the **DFS HOST LIST** assigned). + +**Step 4 –** Run the **1-FSAC System Scans** job (with the **DFS HOST LIST** assigned). + +**Step 5 –** If necessary, run the **2-FSAA Bulk Import** job (with the **DFS HOST LIST** assigned): + +- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** + job. +- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 6 –** Run the **2-FSAC Bulk Import** job (with the **DFS HOST LIST** assigned). + +**Step 7 –** Run the **3-FSAA Exceptions** job. + +**Step 8 –** Run the **3-FSAC Exceptions** job. + +**Step 9 –** Run the desired corresponding analysis and reporting sub-job groups. + +Recommended Workflow 3 (for AccessAuditing with DFS Auditing, Activity, and Sensitive Data Discovery +Auditing) + +**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once +only). + +**Step 2 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once +only). + +**Step 3 –** Run the **0-FSDFS System Scans** job. + +**Step 4 –** Run the **1-FSAA System Scans** job (with the **DFS HOST LIST** assigned). + +**Step 5 –** Run the **1-FSAC System Scans** job (with the **DFS HOST LIST** assigned). + +**Step 6 –** Run the **1-SEEK System Scans** job (with the **DFS HOST LIST** assigned). + +**Step 7 –** If necessary, run the **2-FSAA Bulk Import** job (with the **DFS HOST LIST** assigned): + +- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** + job. +- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 8 –** Run the **2-FSAC Bulk Import** job (with the **DFS HOST LIST** assigned). + +**Step 9 –** If necessary, run the **2-SEEK Bulk Import** job (with the **DFS HOST LIST** assigned): + +- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** + job. +- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** + job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 10 –** Run the **3-FSAA Exceptions** job. + +**Step 11 –** Run the **3-FSAC Exceptions** job. + +**Step 12 –** Run the desired corresponding analysis and reporting sub-job groups. + +**NOTE:** Please see the +[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md) +topic before continuing with these workflows. + +To scope the 0.Collection job group to only collect DFS information, see Step 9 of the +[Configure the (FSAA) File System Scan Query](/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsaa_system_scans.md#configure-the-fsaa-file-system-scan-query) +topic. + +## File System Activity Auditing + +Activity Auditing (FSAC) is the component of the 0.Collection job group that imports event +information collected by the Activity Monitor. It can be run independently or in conjunction with +the FSAA component, though it is recommended to run them together. The jobs, tables, and views +specifically incorporated into this component are prefixed with `FSAC`. See the +[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/standardtables.md) +topic for additional information on the data collected. + +**NOTE:** The Activity Auditing component requires the Activity Monitor be deployed, configured, and +have services running on the target hosts. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for additional information. + +Once the Activity Monitor is installed, the monitored host configuration tells it what to monitor +and how long to retain the activity log files. The monitoring agent writes one log per day of +activity for the host. Then, the FSAA Data Collector gathers the log files to report on file system +activity for the targeted host. While the Activity Monitor can be configured to create multiple +outputs, Enterprise Auditor can only collect one log file per host. Therefore, after the monitored +host has been configured, it is necessary to identify the log file for Enterprise Auditor. See the +[Identify a Log File](#identify-a-log-file) topic for additional information. + +The data retention period needs to be coordinated between the Activity Monitor and Enterprise +Auditor. The number of days theActivity Monitor is configured to retain log files must be higher +than the number of days between Activity Auditing scans. The FSAA Data Collector can be customized +on the Activity Settings page of the File System Access Auditor Data Collector Wizard. See the +[Configure the Activity Scan Query](/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsac_system_scans.md#configure-the-activity-scan-query) +topic for additional information. + +**NOTE:** Integration between Enterprise Auditor and Threat Prevention for Windows File System +monitoring purposes requires the use of the SI Agent to generate the required logs. See the +[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) +for information on the Enterprise Auditor Integration. + +The **0.Collection** jobs that comprise this auditing component are: + +- [1-FSAC System Scans Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-fsac_system_scans.md) + – Collects activity events from the targeted file servers +- [2-FSAC Bulk Import Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-fsac_bulk_import.md) + – Imports collected activity events from the targeted file servers +- [3-FSAC Exceptions Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/3-fsac_exceptions.md) + – Analyzes the collected activity events for exceptions + +The following job groups and jobs in the File System solution depend on data collected by these jobs +to generate reports: + +- [5.Activity Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/activity/overview.md) + (also requires Access Auditing) +- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_probableowner.md) + (also requires Access Auditing) +- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_dlpresults.md) + (also requires Access Auditing and Sensitive Data Discovery Auditing) +- [FileSystemOverview Job](/docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverview.md) +- [FS_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_securityassessment.md) + +The File System Activity Reports in the Access Information Center are also populated by this data. +See the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +It is more efficient to streamline the collection jobs to those desired. Remember, it is a best +practice to scope the 0.Collection job group to only include the collection components desired by +disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. +It is not recommended to delete any jobs. The required collection jobs are listed for each of the +following optional workflows. + +Recommended Workflow 1 (for Access and Activity Auditing) + +**Step 1 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once +only). + +**Step 2 –** Run the **1-FSAA System Scans** job. + +**Step 3 –** Run the **1-FSAC System Scans** job. + +**Step 4 –** If necessary, run the **2-FSAA Bulk Import** job: + +- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** + job. +- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 5 –** Run the **2-FSAC Bulk Import** job. + +**Step 6 –** Run the **3-FSAA Exceptions** job. + +**Step 7 –** Run the **3-FSAC Exceptions** job. + +**Step 8 –** Run the desired corresponding analysis and reporting sub-job groups. + +Recommended Workflow 2 (for Access, Activity, and Sensitive Data Discovery Auditing) + +**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once +only). + +**Step 2 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once +only). + +**Step 3 –** Run the **1-FSAA System Scans** job. + +**Step 4 –** Run the **1-FSAC System Scans** job. + +**Step 5 –** Run the **1-SEEK System Scans** job. + +**Step 6 –** If necessary, run the **2-FSAA Bulk Import** job: + +- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** + job. +- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 7 –** Run the **2-FSAC Bulk Import** job. + +**Step 8 –** If necessary, run the **2-SEEK Bulk Import** job: + +- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** + job. +- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** + job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 9 –** Run the **3-FSAA Exceptions** job. + +**Step 10 –** Run the **3-FSAC Exceptions** job. + +**Step 11 –** Run the desired corresponding analysis and reporting sub-job groups. + +Recommended Workflow 3 (for Access, Activity, DFS, and Sensitive Data Discovery Auditing) + +**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once +only). + +**Step 2 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once +only). + +**Step 3 –** Run the **0-FSDFS System Scans** job. + +**Step 4 –** Run the **1-FSAA System Scans** job. + +**Step 5 –** Run the **1-FSAC System Scans** job. + +**Step 6 –** Run the **1-SEEK System Scans** job. + +**Step 7 –** If necessary, run the **2-FSAA Bulk Import** job: + +- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** + job. +- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 8 –** Run the **2-FSAC Bulk Import** job. + +**Step 9 –** If necessary, run the **2-SEEK Bulk Import** job: + +- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** + job. +- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** + job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 10 –** Run the **3-FSAA Exceptions** job. + +**Step 11 –** Run the **3-FSAC Exceptions** job. + +**Step 12 –** Run the desired corresponding analysis and reporting sub-job groups. + +Optional Workflow (for Activity Auditing data collection only ) + +While activity data can be collected independently, the Activity reports require the Access Auditing +components. + +**Step 1 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once +only). + +**Step 2 –** Run the **1-FSAC System Scans** job. + +**Step 3 –** Run the **2-FSAC Bulk Import** job. + +**Step 4 –** Run the **3-FSAC Exceptions** job. + +**Step 5 –** Run the desired corresponding analysis and reporting sub-job groups. + +**NOTE:** Please see the +[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md) +topic before continuing with these workflows. + +### Identify a Log File + +While the Activity Monitor can have multiple configurations per host, Enterprise Auditor can only +read one of them. Therefore, after the Activity Monitor has been configured to monitor a host, it is +necessary to indicate when that configuration is for Enterprise Auditor. Follow these steps to +identify the Log file to be read by Enterprise Auditor. + +**Step 1 –** Within the Activity Monitor Console on the **Monitored Hosts** tab, select the desired +configuration and click **Edit**. + +**Step 2 –** On the **Log Files** tab, select the **This log file is for Enterprise Auditor** +option. + +**_RECOMMENDED:_** Select the **Comments** tab and identify this output as being configured for +Enterprise Auditor. + +**Step 3 –** Click **OK** to save the setting. + +Enterprise Auditor now reads that Log file when scanning the associated host. + +## File System Sensitive Data Discovery Auditing (SEEK) + +Sensitive Data Discovery Auditing (SEEK) is the component of the 0.Collection job group that +searches file content for sensitive data. It can be run independently or in conjunction with the +Access Auditing component to limit searches to Open Shares. The jobs for this component are prefixed +with `SEEK`. The tables and views are prefixed with `FSDLP`. See the +[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/standardtables.md) +topic for additional information on the data collected. + +**NOTE:** The Sensitive Data Discovery Auditing (SEEK) component requires an additional installer +package. Though the jobs are visible within the console, the Sensitive Data Discovery Add-on must be +installed before data collection will occur. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +Customized search criteria can be created with the Criteria Editor accessible through the SDD +Criteria Settings page of the File System Access Auditor Data Collector Wizard. See the +[Configure the (SEEK) File System Scan Query](/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-seek_system_scans.md#configure-the-seek-file-system-scan-query) +topic for additional information. + +_Remember,_ changes made in the Criteria Editor are global for Sensitive Data Discovery in +Enterprise Auditor. See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +Option to Enable Last Access Timestamp + +The Last Access Timestamp (LAT) is disabled by default in Windows. This means the LAT does not get +updated by any applications reading the file. As soon as the LAT feature is enabled in Windows, any +attempt to read file contents updates the LAT. It stores the time of the last read operation. + +Since files are read during the Sensitive Data Discovery Auditing scan,when the feature is enabled +in Windows the scan causes each file's LAT to update each time the file is scanned. Therefore, there +is a feature within the job XML file which enables the scan to call a special API in order to keep +each file's LAT from updating when it's scanned. This feature can be enabled by adding +`` tag to the XML. See the +[1-SEEK System Scans Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-seek_system_scans.md) +topic for additional information and instructions. + +This feature works for all scan modes when targeting Windows machines. + +For additional information on preserving Last Access Time during SDD scans and Metadata tag +collection, see the +[File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) +topic. + +File System Sensitive Data Discovery Auditing (SEEK) Jobs + +The 0.Collection jobs that comprise this auditing component are: + +- [1-SEEK System Scans Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/1-seek_system_scans.md) + – Collects sensitive data from the targeted file servers +- [2-SEEK Bulk Import Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/2-seek_bulk_import.md) + – Imports collected sensitive data information from the targeted file servers + + - The 2-SEEK Bulk Import job does not need to be run when streaming is enabled + +The following job group and jobs in the File System solution depend on data collected by these jobs +to generate reports: + +- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_dlpresults.md) + (also requires Access Auditing and Activity Auditing) +- [FileSystemOverview Job](/docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverview.md) +- [FS_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_securityassessment.md) + +The File System Sensitive Data Discovery Reports in the Access Information Center are also populated +by this data. See the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +It is more efficient to streamline the collection jobs to those desired. Remember, it is a best +practice to scope the 0.Collection job group to only include the collection components desired by +disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. +It is not recommended to delete any jobs. The required collection jobs are listed for the following +workflows. + +Recommended Workflow 1 (for Access and Sensitive Data Discovery Auditing data collection) + +**NOTE:** While Sensitive Data Discovery data can be collected, the Sensitive Data reports require +the Activity Auditing components. + +**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once +only). + +**Step 2 –** Run the **1-FSAA System Scans** job. + +**Step 3 –** Run the **1-SEEK System Scans** job. + +**Step 4 –** If necessary, run the **2-FSAA Bulk Import** job: + +- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** + job. +- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 5 –** If necessary, run the **2-SEEK Bulk Import** job: + +- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** + job. +- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** + job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 6 –** Run the **3-FSAA Exceptions** job. + +**Step 7 –** Run the desired corresponding analysis and reporting sub-job groups. + +Recommended Workflow 2 (for Access, Activity, and Sensitive Data Discovery Auditing) + +**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once +only). + +**Step 2 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once +only). + +**Step 3 –** Run the **1-FSAA System Scans** job. + +**Step 4 –** Run the **1-FSAC System Scans** job. + +**Step 5 –** Run the **1-SEEK System Scans** job. + +**Step 6 –** If necessary, run the **2-FSAA Bulk Import** job: + +- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** + job. +- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 7 –** Run the **2-FSAC Bulk Import** job. + +**Step 8 –** If necessary, run the **2-SEEK Bulk Import** job: + +- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** + job. +- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** + job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 9 –** Run the **3-FSAA Exceptions** job. + +**Step 10 –** Run the **3-FSAC Exceptions** job. + +**Step 11 –** Run the desired corresponding analysis and reporting sub-job groups. + +Recommended Workflow 3 (for Access, Activity, DFS, and Sensitive Data Discovery Auditing) + +**Step 1 –** Install the Sensitive Data Discovery Add-On on the Enterprise Auditor Console (once +only). + +**Step 2 –** Install and configure monitoring with the Activity Monitor for targeted hosts (once +only). + +**Step 3 –** Run the **0-FSDFS System Scans** job. + +**Step 4 –** Run the **1-FSAA System Scans** job. + +**Step 5 –** Run the **1-FSAC System Scans** job. + +**Step 6 –** Run the **1-SEEK System Scans** job. + +**Step 7 –** If necessary, run the **2-FSAA Bulk Import** job: + +- If streaming is not enabled in the **1-FSAA System Scans** job, run the **2-FSAA Bulk Import** + job. +- If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 8 –** Run the **2-FSAC Bulk Import** job. + +**Step 9 –** If necessary, run the **2-SEEK Bulk Import** job: + +- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** + job. +- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** + job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 10 –** Run the **3-FSAA Exceptions** job. + +**Step 11 –** Run the **3-FSAC Exceptions** job. + +**Step 12 –** Run the desired corresponding analysis and reporting sub-job groups. + +Optional Workflow (for Sensitive Data Discovery Auditing data collection only) + +While Sensitive Data Discovery data can be collected, reports require the Access Auditing and +Activity Auditing components. + +**Step 1 –** Run the **1-SEEK System Scans** job. + +**Step 2 –** If necessary, run the **2-SEEK Bulk Import** job. + +- If streaming is not enabled in the **1-SEEK System Scans** job, run the **2-SEEK Bulk Import** + job. +- If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** + job. + + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + +**Step 3 –** Run the desired corresponding analysis and reporting sub-job groups. + +**NOTE:** Please see the +[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md) +topic before continuing with these workflows. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/content/fs_filetypes.md b/docs/accessanalyzer/11.6/solutions/filesystem/content/fs_filetypes.md new file mode 100644 index 0000000000..8169bde9e0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/content/fs_filetypes.md @@ -0,0 +1,33 @@ +# File Types > FS_FileTypes Job + +The FS_FileTypes job is designed to report on file type information from targeted file servers. + +![File Types > FS_FileTypes Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/filetypesjobstree.webp) + +The FS_FileTypes job is located in the File Types job group. + +## Analysis Tasks for the FS_FileTypes Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **File Types** > +**FS_FileTypes** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_FileTypes Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/filetypesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create File Types View – Creates the SA_ENG_FSAA_FileTypeView view accessible under the job’s + Results node +- 2. Ranked File Extensions – Creates the SA_FS_FileTypes_ExtensionsRanked table accessible under + the job’s Results node +- 3. File Types by Share – Creates the SA_FS_FileTypes_TypesByShare table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_FileTypes job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------- | +| File Types | This report identifies what types of files are located within your distributed file system and how much space they are taking up in gigabytes. | None | This report is comprised of two elements: - Pie Chart – Displays file types extensions ranked - Table – Provides details on file types by share | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/content/fs_stalecontent.md b/docs/accessanalyzer/11.6/solutions/filesystem/content/fs_stalecontent.md new file mode 100644 index 0000000000..138a4e40d5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/content/fs_stalecontent.md @@ -0,0 +1,37 @@ +# Stale > FS_StaleContent Job + +The FS_StaleContent job is designed to report on stale content information from targeted file +servers. + +![Stale > FS_StaleContent Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/stalejobstree.webp) + +The FS_StaleContent job is located in the Stale job group. + +## Analysis Tasks for the FS_StaleContent Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Stale** > +**FS_StaleContent** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_StaleContent Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/stalecontentanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create Aging View – Creates the SA_ENG_FSAA_FolderAging table accessible under the job’s + Results node +- 2. Enterprise Summary – Creates the SA_FS_StaleContent_EnterpriseSummary table accessible under + the job’s Results node +- 3. Share Summary – Creates the SA_FS_StaleContent_ShareSummary table accessible under the job’s + Results node +- 4. Host Summary – Creates the SA_FS_StaleContent_HostSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the FS_StaleContent job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Hosts with Stale Content (Servers with Stale Content) | Identifies servers with stale content. Staleness is determined by files' last modified date. For these reports, by default, a file is considered stale after a year. Counts are based on Shares and Folders which contain any stale content. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise aging summary - Stacked Bar Chart– Displays aging summary by host - Table – Provides details on servers with stale content | +| Shares with Stale Content | Identifies shares with stale content. Staleness is determined by files' last modified date. For these reports, by default, a file is considered stale after a year. Counts are based on Shares and Folders which contain any stale content. | None | This report is comprised of two elements: - Bar Chart – Displays share summary - Table – Provides details on shares | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/content/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/content/overview.md new file mode 100644 index 0000000000..2dbbe35918 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/content/overview.md @@ -0,0 +1,17 @@ +# 4.Content Job Group + +The 4.Content job group is designed to report on content information from targeted file servers. Key +information reported on in this group is: File Types, File Sizing, Stale Content, and File Tags. + +![4.Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 4.Content job group is comprised of: + +- [File Types > FS_FileTypes Job](/docs/accessanalyzer/11.6/solutions/filesystem/content/fs_filetypes.md) + – Designed to report on file type information from targeted file servers +- [Sizing Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/overview.md) + – Designed to report on file sizing information from targeted file servers +- [Stale > FS_StaleContent Job](/docs/accessanalyzer/11.6/solutions/filesystem/content/fs_stalecontent.md) + – Designed to report on stale content information from targeted file servers +- [Tags Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/overview.md) + – Designed to report on content classification information from targeted file servers diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_emptyresources.md b/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_emptyresources.md new file mode 100644 index 0000000000..84c78e8363 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_emptyresources.md @@ -0,0 +1,32 @@ +# FS_EmptyResources Job + +The FS_EmptyResources job is designed to report on empty resources from targeted file servers. + +## Analysis Tasks for the FS_EmptyResources Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > +**FS_EmptyResources** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_EmptyResources Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Folder Size View – Creates the SA_ENG_FSAA_FolderSizeView view accessible under the job’s + Results node +- 2. Empty Folders – Creates the SA_FS_EmptyResources_EmptyFolders table accessible under the + job’s Results node +- 3. Empty Shares – Creates the SA_FS_EmptyResources_EmptyShares table accessible under the job’s + Results node +- 4. Summarize by Host – Creates the SA_FS_EmptyResources_HostSummary table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_EmptyResources job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------- | ----------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Empty Folders | Identifies empty folders with no subdirectories. | None | This report is comprised of three elements: - Bar Chart – Displays the top five servers by empty folders - Table – Provides details on empty folders - Table – Provides details on the top servers by empty folders | +| Empty Shares | This report identifies empty shares with no subdirectories. | None | This report is comprised of three elements: - Bar Chart – Displays the top 5 servers by empty shares - Table – Provides details on the empty shares - Table – Provides summary of the share | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_largestresources.md b/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_largestresources.md new file mode 100644 index 0000000000..81c02183f5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_largestresources.md @@ -0,0 +1,29 @@ +# FS_LargestResources Job + +The FS_LargestResources job is designed to report on the largest resources from targeted file +servers. + +## Analysis Tasks for the FS_LargestResources Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > +**FS_LargestResources** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_LargestResources Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/largestresourcesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Largest Folders Ranked – Creates the SA_FS_LargestResources_Ranked table accessible under the + job’s Results node +- 2. Largest Shares – Creates the SA_FS_LargestResources_SharesRanked table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_LargestResources job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ----------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | +| Largest Folders | This report identifies the largest folders found. | None | This report is comprised of two elements: - Bar Chart – Displays the top 5 largest folders - Table – Provides details on largest folders | +| Largest Shares | This report identifies the largest shares within the environment. | None | This report is comprised of two elements: - Bar Chart – Displays the top 5 largest shares - Table – Provides details on the largest resources | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_smallestresources.md b/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_smallestresources.md new file mode 100644 index 0000000000..e6ba4cbda8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_smallestresources.md @@ -0,0 +1,28 @@ +# FS_SmallestResources Job + +The FS_SmallestResources job is designed to report on the smallest resources from targeted file +servers. + +## Analysis Tasks for the FS_SmallestResources Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > +**FS_SmallestResources** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_SmallestResources Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Smallest Folders Ranked – Creates the SA_FS_SmallestResources_Ranked table accessible under + the job’s Results node +- 2. Smallest Shares – Creates the SA_FS_SmallestResources_SharesRanked table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_SmallestResources job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------ | +| Smallest Shares | Identifies the smallest shares within the environment. | None | This report is comprised of one element: - Table – Provides details on the smallest shares | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/overview.md new file mode 100644 index 0000000000..03d5d9c32c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/overview.md @@ -0,0 +1,14 @@ +# Sizing Job Group + +The Sizing job group is designed to report on file sizing information from targeted file servers. + +![Sizing Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/sizingjobstree.webp) + +The Sizing job group is comprised of: + +- [FS_EmptyResources Job](/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_emptyresources.md) + – Designed to report on empty resources from targeted file servers +- [FS_LargestResources Job](/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_largestresources.md) + – Designed to report on the largest resources from targeted file servers +- [FS_SmallestResources Job](/docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/fs_smallestresources.md) + – Designed to report on the smallest resources from targeted file servers diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/fs_aiplabels.md b/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/fs_aiplabels.md new file mode 100644 index 0000000000..5a0edfe9ba --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/fs_aiplabels.md @@ -0,0 +1,26 @@ +# FS_AIPLabels Job + +The FS_AIPLabels job is designed to report on resources classified by AIP labels from targeted file +servers. + +## Analysis Tasks for the FS_AIPLabels Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Tags** > +**FS_AIPLabels** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_AIPLabels Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/tags/aiplabelsanalysis.webp) + +The following analysis task is selected by default: + +- AIP Label Details – Creates the SA_FS_FileLabel_Details table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis task, the FS_AIPLabels job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| AIP Labels | This report provides details on labels applied to files. This information is rolled up by folder, and summarized at the enterprise level. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise AIP summary - Table– Provides details on label details by folder - Table – Provides details on labels by file count | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/fs_filetags.md b/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/fs_filetags.md new file mode 100644 index 0000000000..c6f61d0e2b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/fs_filetags.md @@ -0,0 +1,26 @@ +# FS_FileTags Job + +The FS_FileTags job is designed to report on resources classified with metadata file tags from +targeted file servers. + +## Analysis Tasks for the FS_FileTags Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Tags** > +**FS_FileTags** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_FileTags Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/tags/filetagsanalysis.webp) + +The following analysis task is selected by default: + +- List file tag details – Creates the SA_FS_FileTags_Details table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis task, the FS_FileTags job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------- | --------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| File Tags | This report provides details on tags applied to files. This information is rolled up by folder, and summarized at the enterprise level. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise tag summary - Table– Provides details on tag details by folder - Table – Provides details on tags by file count | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/overview.md new file mode 100644 index 0000000000..d4cc46afe7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/overview.md @@ -0,0 +1,13 @@ +# Tags Job Group + +The Tags job group is designed to report on content classification information from targeted file +servers. + +![Tags Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/tags/tagsjobstree.webp) + +The Tags job group is comprised of: + +- [FS_AIPLabels Job](/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/fs_aiplabels.md) + – Designed to report on resources classified by AIP labels from targeted file servers +- [FS_FileTags Job](/docs/accessanalyzer/11.6/solutions/filesystem/content/tags/fs_filetags.md) + – Designed to report on resources classified with metadata file tags from targeted file servers diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_domainuseracls.md b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_domainuseracls.md new file mode 100644 index 0000000000..6153be8cf1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_domainuseracls.md @@ -0,0 +1,33 @@ +# FS_DomainUserACLs Job + +The FS_DomainUserACLs job is designed to report on domain users that have been granted direct +permissions on resources from targeted file servers. + +## Analysis Tasks for the FS_DomainUserACLs Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_DomainUserACLs** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_DomainUserACLs Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp) + +The following analysis tasks are selected by default: + +- 0. Drop tables – Drops tables from previous runs +- 1. Direct User Resource Details – Creates the SA_FS_DomainUserACLs_DirectUserResourceDetails + table accessible under the job’s Results node +- 2. Direct Users: Top 5 Servers – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 3. Direct Users – Creates an interim processing table in the database for use by downstream + analysis and report generation +- 4. Direct Resources – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis tasks which displays all direct user +permissions, the FS_DomainUserACLs job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | -------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain User ACLs | This report identifies all places where a domain user account has direct rights. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 servers affected by folders - Table – Provides details on domain users - Table – Provides details on resources | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_highriskacls.md b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_highriskacls.md new file mode 100644 index 0000000000..7c8f8e08d0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_highriskacls.md @@ -0,0 +1,30 @@ +# FS_HighRiskACLs Job + +The FS_HighRiskACLs job is designed to report on high risk security principals that have been +granted direct permissions on resources from targeted file servers. + +## Analysis Tasks for the FS_HighRiskACLs Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_HighRiskACLs** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_HighRiskACLs Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/highriskaclsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. High Risk ACL Details – Creates the SA_FS_HighRiskACLs_Details table accessible under the + job’s Results node +- 2. High Risk Permissions Matrix – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 3. Open Manage Rights – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis task, the FS_HighRiskACLs job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| High Risk ACLs | This report shows permissions of Authenticated Users, Anonymous Login, Everyone, or Domain Users. Applying these trustees to permissions may inadvertently open security holes. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Stacked Bar Chart – Displays high risk permission assignments - Table – Provides details on resources by open manage rights | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_localusersandgroups.md b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_localusersandgroups.md new file mode 100644 index 0000000000..9198b95249 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_localusersandgroups.md @@ -0,0 +1,31 @@ +# FS_LocalUsersAndGroups Job + +The FS_LocalUsersAndGroups job is designed to report on local users and groups that have been +granted direct permissions on resources from targeted file servers. + +## Analysis Tasks for the FS_LocalUsersAndGroups Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_LocalUsersAndGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_LocalUsersAndGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Local Groups Resource Details – Creates the + SA_FS_LocalUsersAndGroups_LocalGroupResourceDetails table accessible under the job’s Results + node +- 2. Local Groups – Creates an interim processing table in the database for use by downstream + analysis and report generation +- 3. Local Group Details – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis task, the FS_LocalUsersAndGroups job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Local Users And Groups | This report identifies at the server level, how many local users and groups have direct ACLs, followed by details at the share level. | None | This report is comprised of two elements: - Bar Chart – Displays top five servers with local users and groups by affected folders - Table – Provides details on local users and groups | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_missingfullcontrol.md b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_missingfullcontrol.md new file mode 100644 index 0000000000..67a0127436 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_missingfullcontrol.md @@ -0,0 +1,28 @@ +# FS_MissingFullControl Job + +The FS_MissingFullControl job is designed to report on resources from targeted file servers that +have no Full Control rights granted to it. + +## Analysis Tasks for the FS_MissingFullControl Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_MissingFullControl** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_MissingFullControl Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Determine folders which are missing full control – Creates an interim processing table in the + database for use by downstream analysis and report generation +- 2. Summarize folders which are missing full control – Creates an interim processing table in the + database for use by downstream analysis and report generation + +In addition to the tables and views created by the analysis task, the FS_MissingFullControl job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Missing Full Control Rights | This report identifies folders within the environment which currently do not have any trustee with Full Control rights, adding to administrative burden. | None | This report is comprised of three elements: - Bar Chart – Displays shares with missing full control rights - Table – Provides details on folder - Table – Provides details on shares with missing full control rights | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_nestedshares.md b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_nestedshares.md new file mode 100644 index 0000000000..260e282bf0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_nestedshares.md @@ -0,0 +1,38 @@ +# FS_NestedShares Job + +The FS_NestedShares job is is designed to report on nested shares that have been granted direct +permissions from targeted file servers. + +## Analysis Tasks for the FS_NestedShares Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_NestedShares** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_NestedShares Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/nestedsharesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Identify Nested Shares + + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_FS_NestedShares_ShareDetails table accessible under the job’s Results node + +- 2. Create function to compare permissions +- 3. Analyze Permission Details + + - Creates the SA_FS_NestedShares_SharePermissions table accessible under the job’s Results node + - Updates the SA_FS_NestedShares_ShareDetails table accessible under the job’s Results node + +- 4. Host Summary – Creates the SA_FS_NestedShares_HostSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the FS_NestedShares job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | +| Nested Shares | This report identifies where folders are exposed through multiple shares. This may cause issues with unwanted access. | None | This report is comprised of two elements: - Bar Chart – Displays hosts by folder count - Table – Provides details on shares | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_sidhistory.md b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_sidhistory.md new file mode 100644 index 0000000000..3881cf4911 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_sidhistory.md @@ -0,0 +1,33 @@ +# FS_SIDHistory Job + +The **2.Direct Permissions** > **FS_SIDHistory** job is designed to report on trustees that have a +historical SID that has been granted direct permissions on resources from targeted file servers. + +## Analysis Tasks for the FS_SIDHistory Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_SIDHistory** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_SIDHistory Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/sidhistoryanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Find ACEs Through SID History + + - Creates the SA_FS_SIDHistory_Details table accessible under the job’s Results node + - Creates the SA_FS_SIDHistory_TrusteeDetails table accessible under the job’s Results node + +- 2. Host Rollups – Creates the SA_FS_SIDHistory_HostSummary table accessible under the job’s + Results node +- 3. Expose SID Details View – Makes the SA_FS_SIDHistory_TrusteeDetails table visible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_SIDHistory job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SID History Overview | This report identifies any applied ACE which utilizes a trustee's SID history. | None | This report is comprised of three elements: - Bar Chart – Displays the top 5 hosts by affected folders - Table – Provides details on permissions - Table – Provides details on trustees | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_unresolvedsids.md b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_unresolvedsids.md new file mode 100644 index 0000000000..80eb5b8cdb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_unresolvedsids.md @@ -0,0 +1,26 @@ +# FS_UnresolvedSIDs Job + +The FS_UnresolvedSIDs job is designed to report on unresolved SIDs that have been granted direct +permissions on resources from targeted file servers. + +## Analysis Tasks for the FS_UnresolvedSIDs Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_UnresolvedSIDs** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_UnresolvedSIDs Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp) + +The following analysis task is selected by default: + +- Unresolved SIDs – Creates the SA_FS_UnresolvedSIDs_SIDsByResourcePath table accessible under the + job's Results node + +In addition to the tables and views created by the analysis task, the FS_UnresolvedSIDs job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | -------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Unresolved SIDs | This report identifies where permissions are assigned for users which no longer exist. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by affected folders - Table – Provides details on top unresolved SIDs - Table – Provides details on top servers by affected folders | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/overview.md new file mode 100644 index 0000000000..15a20f8d0c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/overview.md @@ -0,0 +1,28 @@ +# 2.Direct Permissions Job Group + +The 2.Direct Permissions job group is designed to report on Direct Permissions information from +targeted file servers. + +![2.Direct Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 2.Direct Permissions job group is comprised of: + +- [FS_DomainUserACLs Job](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_domainuseracls.md) + – Reports on domain users that have been granted direct permissions on resources from targeted + file servers +- [FS_HighRiskACLs Job](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_highriskacls.md) + – Reports on high risk security principals that have been granted direct permissions on resources + from targeted file servers +- [FS_LocalUsersAndGroups Job](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_localusersandgroups.md) + – Reports on local users and groups that have been granted direct permissions on resources from + targeted file servers +- [FS_MissingFullControl Job](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_missingfullcontrol.md) + – Reports on resources from targeted file servers that have no Full Control rights granted to it +- [FS_NestedShares Job](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_nestedshares.md) + – Reports on nested shares that have been granted direct permissions from targeted file servers +- [FS_SIDHistory Job](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_sidhistory.md) + – Reports on trustees that have a historical SID that has been granted direct permissions on + resources from targeted file servers +- [FS_UnresolvedSIDs Job](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_unresolvedsids.md) + – Reports on unresolved SIDs that have been granted direct permissions on resources from targeted + file servers diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverview.md b/docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverview.md new file mode 100644 index 0000000000..2941e29a94 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverview.md @@ -0,0 +1,36 @@ +# FileSystemOverview Job + +The FileSystemOverview job provides insight into all targeted file servers. It is dependent on data +collected by the +[File System Access Auditing](/docs/accessanalyzer/11.6/solutions/filesystem/collection/overview.md#file-system-access-auditing) +components and the components of the +[0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/collection/overview.md). +It also depends on the running of the sub-job groups within the solution. If only select sub-job +groups have been run, there will be blank sections in the overview report. + +![FileSystemOverview Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverviewjobstree.webp) + +The FileSystemOverview job is designed to provide an overview of all relevant information from +targeted file servers. + +### Analysis Tasks for the FileSystemOverview Job + +View the analysis tasks by navigating to the **FileSystem** > **FileSystemOverview** > **Configure** +node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FileSystemOverview Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverviewanalysis.webp) + +The following analysis task is selected by default: + +- Create Report Views – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis task, the FileSystemOverview job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | -------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------- | +| File System Overview | This report provides an overview of all targeted file servers. | None | This report is comprised of one element: - Table – Provides summary of the targeted file system | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/fs_brokeninheritance.md b/docs/accessanalyzer/11.6/solutions/filesystem/fs_brokeninheritance.md new file mode 100644 index 0000000000..0310f11d00 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/fs_brokeninheritance.md @@ -0,0 +1,84 @@ +# 3.Broken Inheritance > FS_BrokenInheritance Job + +The FS_BrokenInheritance job is designed to report on resources with Broken Inheritance from +targeted file servers. + +![3.Broken Inheritance > FS_BrokenInheritance Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritancejobstree.webp) + +The FS_BrokenInheritance job is located in the 3.Broken Inheritance job group. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The FS_BrokenInheritance job has the following configurable parameter: + +- Only analyze folders with changed permissions – Set a value of `1` or `2` to select if only + folders with modified permissions are analyzed: + + - 1 – Only analyze resources with changed permissions from parent + - 2 – Analyze all resources regardless of permission changes between parent and child + +See the +[Analysis Tasks for the FS_BrokenInheritance Job](#analysis-tasks-for-the-fs_brokeninheritance-job) +topic for additional information. + +## Analysis Tasks for the FS_BrokenInheritance Job + +View the analysis tasks by navigating to the **FileSystem** > **3.Broken Inheritance** > +**FS_BrokenInheritance** > **Configure** node and select **Analysis**. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or +deselected. There are some that are deselected by default, as they are for troubleshooting purposes. + +![Analysis Tasks for the FS_BrokenInheritance Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritanceanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Analyze Broken Inheritance + + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_FS_BrokenInheritance_UniqueTrustees table accessible under the job's Results + node + - Creates the SA_FS_BrokenInheritance_UniqueTrusteesPivot table accessible under the job's + Results node + +- 2. Choose to analyze only folders with modified permissions – Creates an interim processing + table in the database for use by downstream analysis and report generation + + - By default set to only analyze resources with changed permissions from parent + - Can be modified to analyze all resources regardless of permission changes between parent and + child. See the [Parameter Configuration](#parameter-configuration) topic for additional + information. + - Alternatively, this can be set by modifying the `@FILTER_TO_CHANGED_RESOURCES` parameter. See + the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information. + +- 3. Determine Permission Changes – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 4. Analyze Trustee Differences – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 5. Inheritance Types. Categorizes Permission Changes – Creates an interim processing table in + the database for use by downstream analysis and report generation +- 6. Summarize by Share – Creates an interim processing table in the database for use by + downstream analysis and report generation + +The following analysis tasks are deselected by default: + +- 7. Bring Table to Console - Unique trustees – Restores the + SA_FS_BrokenInheritance_UniqueTrustees table to be visible under the job's Results node +- 8. Bring Table to Console - Trustees pivot – Restores the + SA_FS_BrokenInheritance_UniqueTrusteesPivot table to be visible under the job's Results node + +In addition to the tables and views created by the analysis tasks, the FS_BrokenInheritance job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Broken Inheritance by Share (Broken Inheritance Details) | Broken inheritance between resources can lead to incorrect access for users, either overprovisioning them, or locking them out of critical data. This report identifies the shares and folders with the most permission changes from the parent resource. | None | This report is comprised of three elements: - Bar Chart – Displays top five shares by permission changes - Table – Provides details on folders - Table – Provides details on shares | +| Unique Trustees | This report identifies permission changes between folders. These trustees have been either removed, added, or had their rights adjusted. | None | This report is comprised of one element: - Table – Provides details on unique trustees | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/fs_dlpresults.md b/docs/accessanalyzer/11.6/solutions/filesystem/fs_dlpresults.md new file mode 100644 index 0000000000..ff71ebb3d7 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/fs_dlpresults.md @@ -0,0 +1,48 @@ +# 7.Sensitive Data > FS_DLPResults Job + +The FS_DLPResults job is designed to report on resources that have been identified to contain +sensitive data from targeted file servers. It is comprised of analysis and reports which use the +data collected by the **0.Collection** job group to provide information on where sensitive data is +being shared. Best practices often dictate moving files with sensitive data out of open shares. + +![7.Sensitive Data > FS_DLPResults Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) + +The FS_DLPResults job is located in the 7.Sensitive Data job group. + +## Analysis Tasks for the FS_DLPResults Job + +View the analysis tasks by navigating to the **FileSystem** > **7.Sensitive Data** > +**FS_DLPResults** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_DLPResults Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/dlpresultsanalysis.webp) + +The following analysis tasks are selected by default: + +- Share Details – Creates the SA_FS_DLPResults_ShareDetails table accessible under the job’s Results + node +- Share Summary – Creates the SA_FS_DLPResults_ShareSummary table accessible under the job’s Results + node +- Enterprise Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation +- Sensitive Security Groups – Creates the SA_FS_DLPResults_GroupDetails table accessible under the + job’s Results node +- Identify Probable Owners – Creates the SA_FS_DLPResults_ProbableOwners table accessible under the + job’s Results node +- Activity Details – Creates the SA_FS_DLPResults_ActivityDetails table accessible under the job’s + Results node +- Top Trustees by Activity – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the FS_DLPResults job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary (Sensitive Content) | This report identifies the type and amount of sensitive content found on scanned machines. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – Displays exceptions by file count - Table – Provides details on exceptions by file count | +| File Ownership (Sensitive Data Ownership) | This report identifies the top 3 potential owners of files which have been found to contain sensitive content. | None | This report is comprised of one element: - Table – Provides details on top owners per file | +| Sensitive Data Access | This report shows who is accessing sensitive data. Emphasis is placed on activity within the last 30 days. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays sensitive data access by top users - last 30 days - Table – Provides details on sensitive data access | +| Sensitive Security Groups | This report identifies groups which are used to provide access to sensitive data. Changes to membership should be closely monitored. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Top groups by access to sensitive files - Table – Provides details on group access to sensitive files | +| Share Details (Shares with Sensitive Content) | This report identifies the location of sensitive data, and flags whether or not this data is accessible through open access. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar chart – Displays top shares by sensitive file count - Table – Provides details on files - Table – Provides details on top shares by sensitive file count | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/fs_openaccess.md b/docs/accessanalyzer/11.6/solutions/filesystem/fs_openaccess.md new file mode 100644 index 0000000000..57da0e5e22 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/fs_openaccess.md @@ -0,0 +1,52 @@ +# 1.Open Access > FS_OpenAccess Job + +The FS_OpenAccess job is designed to report on Open Access information from targeted file servers. +The definition of Open Access is when a security principal, such as Everyone, Authenticated Users, +or Domain Users, have permissions on a resource. + +![1.Open Access > FS_OpenAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/openaccessjobstree.webp) + +The FS_OpenAccess job is located in the 1.Open Access job group. + +## Analysis Tasks for the FS_OpenAccess Job + +View the analysis tasks by navigating to the **FileSystem** > **1.Open Access** > +**FS_OpenAccess** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_OpenAccess Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/openaccessanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Find Open Access – Creates the SA_FS_OpenAccess_OpenResources table accessible under the + job’s Results node +- 2. Sum by Host - Summarized Access Sprawl – Creates the SA_FS_OpenAccess_HostsRanked table + accessible under the job’s Results node +- 3. Sum by Share – Creates the SA_FS_OpenAccess_SharesRanked table accessible under the job’s + Results node +- 4. Content Type in Share - Categorizes shared content: + + - Creates an interim processing view in the database for use by downstream analysis and report + generation + - Creates the SA_FS_OpenAccess_ShareContent view accessible under the job’s Results node + +- 5. Content by Host – Updates the SA_FS_OpenAccess_HostsRanked table accessible under the job’s + Results node +- 6. Remediation Tracking - Track Status of Shares Throughout Time – Creates an interim processing + view in the database for use by downstream analysis and report generation +- 7. Track Remediation by Months - Track Status of Shares Throughout Time – Creates an interim + processing view in the database for use by downstream analysis and report generation +- 8. Assign Risk Ratings to Hosts and Shares – Updates the SA_FS_OpenAccess_HostsRanked and the + SA_FS_OpenAccess_SharesRanked tables accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_OpenAccess job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Folder Details (Open Folder Details) | This report identifies all open folders within the targeted environment. | None | This report is comprised of one element: - Table – Provides details on open folders | +| Hosts with Open Access | This report identifies hosts with the highest number of open folders. | None | This report is comprised of two elements: - Bar Chart – Displays top hosts by open folder count - Table – Provides details on hosts with open folder access | +| Open Shares | This report identifies shares with open resources. The Open Access column shows the highest levels of access given to all users in any one resource inside the share. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays largest open shares by folder count - Table – Provides details on open shares | +| Remediation Status | This report identifies the historical success of the organization's share management effort. | None | This report is comprised of two elements: - Column Chart – Displays the remediation status - Table – Provides details on remediation status | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/fs_probableowner.md b/docs/accessanalyzer/11.6/solutions/filesystem/fs_probableowner.md new file mode 100644 index 0000000000..fe392b0a2d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/fs_probableowner.md @@ -0,0 +1,48 @@ +## 6.Probable Owner > FS_ProbableOwner Job + +The 6.Probable Owner Job Group is designed to report on probable owners of resources from targeted +file servers. + +![probableownerjobstree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/probableownerjobstree.webp) + +The 6.Probable Owner Job Group is comprised of: + +- FS_ProbableOwner Job – Designed to report on probable owners of resources from targeted file + servers + +## Analysis Tasks for the FS_ProbableOwner Job + +View the analysis tasks by navigating to the FileSystem > 6.Probable Owner > FS_ProbableOwner > +Configure node and select Analysis. + +**CAUTION:** Do not modify or deselect the first and third selected analysis tasks. The analysis +tasks are preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/probableowneranalysis.webp) + +The following analysis tasks are selected by default: + +- Create Functions – Creates functions in tier 1 SQL database that are required to calculate + Probable Owners +- Identify Probable Owners – Creates the SA_FS_ProbableOwner_Details table accessible under the + job’s Results node + - Set to “Start listing ownership at the root share” which is `@minlevel` parameter set to + Value0. + - Set to “List ownership as deep into the folder hierarchy as the root share” which is + `@maxlevel` parameter set to Value0. + - Value0 = root share, Value1 = 1 folder deep, Value2 = 2 folders deep, etc. + - Set the variable #FILTERED_TRUSTEES to a CSV file that contains one row for each SID to be + excluded. When the job is run, SIDs specified in the #FILTERED_TRUSTEES variable are excluded + from the analysis and not reported as probable owners. + - See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information. +- Identify Folders with no Owner Found – Creates the SA_FS_ProbableOwner_NoOwnerFound table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_ProbableOwner Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------- | +| Probable Share Owners (A.K.A. Probable Owners) | This report identifies the number of shares owned by individuals, as determined by a weighted average of ownership of content, management, and level of activity. The top 2 owners per ownership criteria per share are displayed. | None | This report is comprised of one element: - Table – Provides details on probable owners | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/fs_securityassessment.md b/docs/accessanalyzer/11.6/solutions/filesystem/fs_securityassessment.md new file mode 100644 index 0000000000..4946e0908d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/fs_securityassessment.md @@ -0,0 +1,52 @@ +# FS_SecurityAssessment Job + +The FS_SecurityAssessment job is designed to provide a security assessment of all relevant +information from targeted file servers. It is dependent upon the following jobs: + +- 2.Direct Permissions Job Group + + - [FS_LocalUsersAndGroups Job](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_localusersandgroups.md) + - [FS_NestedShares Job](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_nestedshares.md) + - [FS_SIDHistory Job](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/fs_sidhistory.md) + +- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_brokeninheritance.md) +- 5.Activity Job Group + + - [Least Privileged Access > FS_LeastPrivilegedAccess Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/fs_leastprivilegedaccess.md) + - Security > + [FS_HighRiskActivity Job](/docs/accessanalyzer/11.6/solutions/filesystem/activity/security/fs_highriskactivity.md) + +- 7.Sensitive Data Job Group + + - [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_dlpresults.md) + +If only select sub-job groups have been run, there are blank sections in the overview report. + +![FS_SecurityAssessment Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/securityassessmentjobstree.webp) + +The FS_SecurityAssessment job is comprised of analysis and reports which use the data collected by +the 0.Collection job group and analyzed by the jobs listed above. + +## Analysis Task for the FS_SecurityAssessment Job + +View the analysis tasks by navigating to the **FileSystem** > **FS_SecurityAssessment** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the FS_SecurityAssessment Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/securityassessmentanalysis.webp) + +The following analysis tasks are selected by default: + +- Assess Risk – Creates the SA_FS_SecurityAssessment_Details table accessible under the job’s + Results node +- Summary – Creates the SA_FS_SecurityAssessment_Summary table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis task, the FS_SecurityAssessment job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ---------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Security Assessment | This report identifies common issues and vulnerabilities across your file systems. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of four elements: - Table – Provides details of the scan Scope - Pie Chart – Provides details of findings by risk - Table – Provides details of findings by category - Table – Provides a summary of risk assessment details | diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/overview.md new file mode 100644 index 0000000000..e55ad72ecb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/overview.md @@ -0,0 +1,153 @@ +# File System Solution + +The File Systems Solution is an auditing, compliance, and governance solution for Windows, NAS, +Unix, and Linux file systems. Key capabilities include effective access calculation, data owner +identification, governance workflows including entitlement reviews and self-service access requests, +sensitive data discovery and classification, open access remediation, least-privilege access +transformation, and file activity monitoring. + +File systems and NAS devices contain the vast majority of an organization’s data. Each day, more +data is created and stored in the nooks and crannies of the environment, beyond the sight of the +people charged with managing it and keeping it safe. The File System Solution is designed to gather +information from file systems and shared folders in order to answer questions around data access: + +- Who has access to your data? +- Who is accessing your data? +- What sensitive data is being stored and accessed? + +The File System Solution requires a special Enterprise Auditor license. It can be focused to only +conduct Access Auditing (FSAA), including environments with a Distributed File System (DFS). It can +be enhanced with the Netwrix Activity Monitor to also conduct Activity Auditing (FSAC). +Additionally, the Sensitive Data Discovery Add-On enables the solution to search file content for +sensitive data, or Sensitive Data Discovery Auditing (SEEK). + +Supported Platforms + +- See the + [File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) + topic for a full list of supported platforms. + +Requirements, Permissions, and Ports + +- Permissions vary based on the Scan Mode Option selected. See the + [File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) + topic for additional information. + +- Ports vary based on the Scan Mode Option selected. See the + [File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) + topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +_Remember,_ if employing either of the File System Proxy Mode as a Service scan mode options, it is +also necessary for the Sensitive Data Discovery Add-on to be installed on the server where the proxy +service is installed. + +Location + +The File System Solution requires a special Enterprise Auditor license. It can be installed from the +Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to the solution: +**Jobs** > **FileSystem**. + +The +[0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/collection/overview.md) +collects the data. The other job groups run analysis on the collected data. The +[FileSystemOverview Job](/docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverview.md) +generates a statistical overview report of the targeted file systems. + +**NOTE:** The +[Cleanup Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/overview.md) +and the +[Resource Based Groups Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/overview.md) +require additional licenses to function. See the [Job Groups](#job-groups) topic for additional +information. + +## Job Groups + +The File System Solution offers information on multiple aspects of an organization’s file system +infrastructure. This solution is comprised of eleven job groups and an overview job which collect, +analyze, and report on data as well as run action tasks for environmental remediation. The data +collection is conducted by the FileSystemAccess (FSAA) Data Collector. See the +[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/standardtables.md) +section for database table information. + +![File System Solution](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +Each type of auditing depends on specific jobs within the 0.Collection Job Group to collect the data +and its corresponding analysis and reporting job groups. The Access Auditing components represent +the core of the File System Solution and are required by the other auditing options, with the +exception of the Sensitive Data Discovery Auditing component which can be run independently. The +data collection query options for each type are explained within the 0.Collection Job Group section. +Additionally, the corresponding analysis and reporting job groups are listed for each auditing type. + +If intending to run three or all auditing types, see each auditing type section within the +0.Collection Job Group section for information on query options and requirements. It is recommended +to first run the 0.Collection Job Group components in the default order for the desired auditing +types to ensure successful data collection, and then to run the desired sub-groups for reports. + +See the +[Recommended Configuration for the File System Solution](/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md) +topic for additional information on run frequency and job group settings. + +The File System Solution is available with the File System Reports license feature and is comprised +of the following jobs: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/collection/overview.md) + – Designed to collect information from targeted file servers. Information collected includes + access control information, activity events, and sensitive data. + - This job group is available with the File System license feature. +- [1.Open Access > FS_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_openaccess.md) + – Designed to report on Open Access information from targeted file servers +- [2.Direct Permissions Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/overview.md) + – Designed to report on Direct Permissions information from targeted file servers +- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_brokeninheritance.md) + – Designed to report on Broken Inheritance information from targeted file servers +- [4.Content Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/content/overview.md) + – Designed to report on content information from targeted file servers. Key information reported + on in this group is: File Types, File Sizing, Stale Content, and File Tags. +- [5.Activity Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/activity/overview.md) + – Designed to report on activity event information from targeted file servers + - Requires the Activity Monitor +- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_probableowner.md) + – Designed to report on probable owners of resources from targeted file servers +- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_dlpresults.md) + – Designed to report on resources that have been identified to contain sensitive data from + targeted file servers + - Requires the Sensitive Data Discovery Add-On +- [Ad Hoc Audits Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/overview.md) + – Designed to report on resources and trustees that have been provided by the user from targeted + file servers + - Typically, this is run independently from the rest of the solution +- [Cleanup Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/cleanup/overview.md) + – Designed to report on and take action against resources from targeted file servers that can be + cleaned up + - Requires the File System Actions license feature to function + - This job group is run independently from the rest of the solution +- [Resource Based Groups Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/overview.md) + – Designed to report on and take action against resources from targeted file servers that can be + have their permissions structure transformed to a resource-based group implementation + - Requires the File System Actions and Active Directory Actions license features to function + - This job group is run independently from the rest of the solution +- [FileSystemOverview Job](/docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverview.md) + – Designed to provide an overview of all relevant information from targeted file servers +- [FS_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/filesystem/fs_securityassessment.md) + – Designed to provide a security assessment of all relevant information from targeted file servers + +When targeting Nasuni Edge Appliances, it is necessary to add a job from the Instant Job Library +(FS_Nasuni Job) which uses the PowerShell Data collector to gather system information, volume data, +and share data from the Nasuni environment. This job should be added to the 0.Collection Job Group +and should be renamed (0-FS_Nasuni) to run immediately after the 0-Create Schema Job. See the +[0-FS_Nasuni Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-fs_nasuni.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md b/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md new file mode 100644 index 0000000000..ba520fb802 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/recommended.md @@ -0,0 +1,290 @@ +# Recommended Configuration for the File System Solution + +The File System Solution has been configured to inherit down from the **FileSystem** > **Settings** +node for most jobs. However, it is a best practice to assign the host list and the Connection +Profile at the data collection level. Once these are assigned to the job, it can be run manually or +scheduled. + +_Remember,_ the credential permissions required for the scan and host lists are affected by the scan +mode selected. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +Dependencies + +- The .Active Directory Inventory Job Group needs to be executed prior to running the File System + Solution +- File System Proxy deployed to targeted proxy servers (for proxy scanning architecture only) +- Activity Monitor deployed, configured, and services running (for Activity Auditing only) +- Sensitive Data Discovery Add-On installed on the Enterprise Auditor Console server (for Sensitive + Data Discovery Auditing only) +- Sensitive Data Discovery Add-On installed on the proxy server (for Sensitive Data Discovery + Auditing via proxy scanning architecture only) + +Targeted Hosts + +The host list assignment should be assigned under the **FileSystem** > **0.Collection** > +**[job]** > **Host** node. The list should be a custom created list for the file system environments +to be targeted. Check the box for the custom-created host list. It is necessary for the **…System +Scans** jobs and the corresponding **…Bulk Import** jobs to be set to the same host lists. + +The 0-FSDFS System Scans Job is an exception and is set to the Default domain controller. For +standalone namespaces, modify this host list to target the desired File Systems or Storage +Controllers. + +If targeting Nasuni Edge Appliances, the 0-FS_Nasuni Job needs to be assigned a custom host list +containing all on-premise Nasuni Edge Appliances and cloud filers. + +If using multiple proxy servers, these should also be configured within a different custom-created +host list. Then assign the proxy servers host list on the +[FSAA: Applet Settings](/docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.md) +page of the File System Access Auditor Data Collector Wizard within the following jobs in the +0.Collection Job Group according to the type of auditing being conducted: + +- 1-FSAA System Scans Job for Access Auditing +- 1-FSAC System Scans Job for Activity Auditing +- 1-SEEK System Scans Job for Sensitive Data Discovery Auditing + +Windows clusters have special needs when it comes to a host list and the host inventory data. It is +necessary to target the Windows File Server Cluster (name of the cluster) of interest when running a +scan against a Windows File System Cluster. Within the Enterprise Auditor Master Host Table, there +should be a host entry for the cluster as well as for each node. Additionally, each of these host +entries must have the name of the cluster in the WinCluster column in the host inventory data. This +may need to be updated manually. See the +[Host Inventory](/docs/accessanalyzer/11.6/admin/settings/hostinventory.md) +topic for additional information. + +**NOTE:** The host targeted by the File System scans is only the host entry for the cluster. For +example, the environment has a Windows File System Cluster named `ExampleCluster1` with three nodes +named `ExampleNodeA`, `ExampleNodeB`, and `ExampleNodeC`. There would be four host entries in the +Enterprise Auditor Master Host Table: `ExampleCluster1`, `ExampleNodeA`, `ExampleNodeB`, and +`ExampleNodeC`. Each of these four entries would have the same value of the cluster name in the +**WinCluster** column: `ExampleCluster1`. Only the `ExampleCluster1` host would be in the host list +targeted by the File System scans. + +In order for the selected scan mode to be applied accurately for the target file system, it is +necessary for host inventory to match the values in the table for OSType: + +| Devices | OSType Value | +| ------- | -------------- | +| Windows | Windows | +| NetApp | NAS | +| Celerra | N/A or Unknown | +| Isilon | NAS | +| Nasuni | NAS | +| ARX | N/A or Unknown | +| UNIX | N/A or Unknown | + +Connection Profile + +The FSAA Data Collector requires permissions based on the platform being targeted for data +collection as well as the scan mode selected. See the +[File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) +topic and the +[File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) +topic for necessary permissions for the supported target platforms. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for the necessary permission for collecting activity data. Then create a custom Connection Profile +containing the appropriate credentials for the targeted environment. + +The Connection Profile should be assigned under the **FileSystem** > **0.Collection** job’s +Properties window on the **Connection** tab. It is set to Use the Default Profile, as configured at +the global settings level. However, since this may not be the Connection Profile with the necessary +permissions for the assigned hosts, click the radio button for the **Select one of the following +user defined profiles** option and select the appropriate Connection Profile drop-down menu. + +_Remember,_ if targeting Nasuni Edge Appliances, the 0-FS_Nasuni Job needs to be assigned a custom +Connection Profile containing the **API Access Key** and **Passcode** for each on-premise Nasuni +Edge Appliance and cloud filer in the target environment. Nasuni API key names are case sensitive. +When providing them, ensure they are entered in the exact same case as generated. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +One of the most important decisions to make is how frequently to collect this data. This is +dependent on the size of the target environment. The FileSystem Solution can be scheduled to run +weekly or as desired depending on the types of auditing being conducted and the scope of the target +environment. + +For example, it may be desired in large environments to run Activity Auditing collection jobs on a +daily basis, but to only run Access Auditing and Sensitive Data Discovery Auditing collection jobs +on a weekly basis followed by the analysis and reporting job groups. + +Run Order + +Whatever schedule frequency may be configured, it is also recommended to streamline the collection +jobs to those desired. The jobs in the 0.Collection Job Group must be run in order for the auditing +type. Run …System Scans jobs and then the corresponding …Bulk Import jobs according to the desired +workflow. + +The other File System Solution sub-job groups can be run in any order, together or individually, +after running the 0.Collection Job Group. The FileSystemOverview Job pulls information from both the +0.Collection Job Group and the other sub-job groups, and the report may contain blank sections if +only select sub-job groups are run. + +**_RECOMMENDED:_** If only conducting one or two types of auditing, scope the solution by disabling +the undesired collection jobs. Disabling them allows the solution to run more efficiently. It is not +recommended to delete any jobs. See the +[Disable or Enable a Job](/docs/accessanalyzer/11.6/admin/jobs/job/disableenable.md) +topic for additional information. + +**NOTE:** If targeting Nasuni Edge Appliances, it is necessary to add the +[0-FS_Nasuni Job](/docs/accessanalyzer/11.6/solutions/filesystem/collection/0-fs_nasuni.md) +to the **0.Collection** Job Group. + +Query Configuration + +This solution can be run with the default query configuration. However, the most common +customizations include: + +- Use proxy scanning architecture, see the + [File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/11.6/install/filesystemproxy/configuredatacollector.md) + topic for instructions +- Default Scoping Options page > File Properties tab, optionally configure the following: + + - In the Scan for Probable Owner section, limit the number of probable owners to return per + folder + - In the Scan for File Types section, add comma-separated values to limit the file types + returned + - Opt to collect file Microsoft Office metadata tags and add comma-separated values to limit the + metadata tags collected. + - Set on the following **0.Collection** Job Group jobs: + + - **1-FSAA System Scans** Job for Access Auditing + +- Default Scoping Options page > File Details tab, configure the file detail collection + + - By default, file detail scans are disabled + - Select the type of file data to be collected and optionally add filters + - Set on the following **0.Collection** Job Group jobs: + + - **1-FSAA System Scans** Job for Access Auditing + +- Applet Settings page, optionally configure the applet settings: + + - Opt to enable strong proxy affinity (only run scans on last proxy to scan host, unless no + longer in proxy host list) + - Configure the following: + + - Maximum concurrent scans to run on any single applet host + - Maximum waiting time for strong proxy affinity + - Scan cancellation timeout + + - Set on the following **0.Collection** Job Group jobs: + + - **1-FSAA System Scans** Job for Access Auditing + - **1-FSAC System Scans** Job for Activity Auditing + - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing + +- Scan Server Selection page, set the type of mode the scans will run on + + - The mode configured must align with the provisioning of the credential and environment. See + the + [File System Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/filesystem/scanoptions.md) + topic and the + [File System Supported Platforms](/docs/accessanalyzer/11.6/requirements/target/filesystems.md) + topic for additional information. + - Local Mode – All of the data collection processing is conducted by the Enterprise Auditor + Console server across the network + - Applet Mode – The File System applet is deployed to the target host when the job is executed + to conduct data collection. The data is collected on the Windows target host where the applet + is deployed. The final step in data collection is to compress and transfer the data collected + in the SQLite databases, or Tier 2 databases, back to the Enterprise Auditor Console server. + If the target host is a NAS device, the File System scans default to local mode for that host. + - Proxy Mode with Applet – The File System applet is deployed to the Windows proxy server when + the job is executed to conduct data collection. The data collection processing is initiated by + the proxy server where the applet is deployed and leverages a local mode-type scan to each of + the target hosts. The final step in data collection is to compress and transfer the data + collected in the SQLite databases, or Tier 2 databases, back to the Enterprise Auditor Console + server. + - Proxy Mode as a Service – The File System Proxy Service must be installed on the Windows proxy + servers prior to executing the scans. The data collection processing is conducted by the proxy + server where the service is running and leverages a local mode-type scan to each of the target + hosts. The final step in data collection is to compress and transfer the data collected in the + SQLite databases, or Tier 2 databases, back to the Enterprise Auditor Console server. The + credential granted rights to interact with the service must be included in the assigned + Connection Profile. + - Set on the following **0.Collection** Job Group jobs: + + - **1-FSAA System Scans** Job for Access Auditing + - **1-FSAC System Scans** Job for Activity Auditing + - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing + +- Default Scoping Options page > Scan Settings tab, configuring the subfolder depth + + - Recommendation (allows for a proper assessment on runtime for the targeted environment): + + - For first time execution, recommend setting to 0 + - For second execution, recommend setting to 2 + - Then set to the desired depth. + + - Set on the following **0.Collection** Job Group jobs: + + - **1-FSAA System Scans** Job for Access Auditing + - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing + +- SDD Criteria Settings page, scope to scan for specific criteria or customizing criteria for + Sensitive Data Discovery Auditing + + - Set on the **0.Collection** > **1-SEEK System Scans** Job + +- Activity Settings page, configure data retention period + + - Recommendation to run with default setting of 60 days + - Set on the **0.Collection** > **1-FSAC System Scans** Job for Activity Auditing + +Analysis Configuration + +This solution should be run with the default analysis configuration. Most of these analysis tasks +are preconfigured and should not be modified or deselected. There are a few which are deselected by +default, as they are for troubleshooting purposes. + +Though the analysis tasks should not be deselected, the following parameters can be modified: + +- The .Active Directory Inventory Solution defines large groups, deeply nested groups, stale users, + and users with large tokens. These parameters can be customized and are applicable to any + solution, including File System, which incorporate this analyzed data into further analysis. + + - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks + +- Activity Exception parameters which identify potential security concerns + + - Customize within **0.Collection** > **3-FSAC Exceptions** Job analysis tasks + +- Broken inheritance is defined by default to only analyze resources with changed permissions from + parent + + - Customize within **3.Broken Inheritance** > **FS_BrokenInheritance** Job analysis task + +- Probable owner calculations include folder depth parameters + + - Customize within **6.Probable Owner** > **FS_ProbableOwner** Job analysis task + + **NOTE:** Changes to an exception’s definition will impact all jobs dependent upon that + exception as well as all AIC Active Directory Exceptions reports. + +There are also a few Notification analysis tasks which can be configured and then enabled in the +following jobs: + +- **5.Activity** > **Forensics** > **FS_Deletions** Job +- **5.Activity** > **Forensics** > **FS_PermissionChanges** Job +- **5.Activity** > **Suspicious Activity** > **FS_HighestHourlyActivity** Job + +Please see the appropriate topics for details on these tasks. + +Additional Consideration + +The Ad Hoc Audits Job Group is designed to work independent from the rest of the solution, but it is +dependent upon the 0.Collection Job Group. The jobs are scoped to specific shares and trustees +within an analysis task. + +The jobs contained in the group use custom SQL scripts to render views on collected data. SQL views +are used to populate report element tables and graphs. Changing or modifying the group, job, or +table names result in no data displayed within the reports or the AIC. + +_Remember,_ it is recommended to scope the 0.Collection Job Group to only include the collection +components desired by disabling the undesired collection jobs. Disabling them allows the solution to +run more efficiently. It is not recommended to delete any jobs. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroupaicimport.md b/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroupaicimport.md new file mode 100644 index 0000000000..d9338ef755 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroupaicimport.md @@ -0,0 +1,83 @@ +# FS_ResourceBasedGroupAICImport Job + +The FS_ResorceBasedGroupsAICImport Job imports resources and access groups from the +FS_ResoureBasedGroup Job into the Netwrix Access Information Center. This job assigns ownership in +the Access Information Center and then assigns resource groups. This step is required if it is +desired to change access through entitlement reviews, self-service, or for publishing resources to +IAM. + +## Recommended Configurations for the FS_ResourceBasedGroupsAICImport Job + +Dependencies + +- The **FS_ResourceBasedGroups** job must be successfully run prior to running this job +- The **.Active Directory Inventory** > **1-AD_Scan** job must be successfully run prior to running + this job +- The **File System** > **0.Collection** > **1-FSAA System Scans** job must be successfully run + prior to running this job +- The **File System** > **0.Collection** > **2-FSAA Bulk Import** job must be successfully run prior + to running this job + +Targeted Hosts + +None + +Schedule Frequency + +This job group can be scheduled to run as desired. Throughout this document reference to executing a +job refers to either manual execution or scheduled execution, according to the needs of the +organization. See the +[Scheduling the Resource Based Groups Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/overview.md#scheduling-the-resource-based-groups-job-group) +topic for additional information. + +History Retention + +Not supported + +Workflow + +**Step 1 –** Run the following jobs: + +- FS_ResourceBasedGroups +- .Active Directory Inventory > 1-AD_Scan +- File System > 0.Collection > 1-FSAA System Scans +- File System > 0.Collection > 2-FSAA Bulk Import + +**Step 2 –** Run the FS_ResourceBasedGroupsAICImport job. + +- See the [Run the FS_ResourceBasedGroupsAICImportJob](#run-the-fs_resourcebasedgroupsaicimportjob) + topic for additional information + +**Step 3 –** Review the newly-created resource based groups in the AIC. + +- See the + [Review the New Resource Based Groups in the AIC](#review-the-new-resource-based-groups-in-the-aic) + topic for additional information + +## Run the FS_ResourceBasedGroupsAICImportJob + +Now that the target environment follows a Resource Based Groups model, the new resources can be +imported into the Access Information Center. Follow the steps to import the new resources into the +AIC Ownership Workflow. + +**CAUTION:** It is important to run the .Active Directory Inventory Job Group and **File System** > +**0. Collection** Job Group again so that the AD and permissions changes are captured by Enterprise +Auditor. + +**Step 1 –** Run the **.Active Directory Inventory** Job Group and **FileSystem** > **0.Collection** +Job Group again. + +**Step 2 –** Right click the **FS_ResourceBasedGroupsAICImport** job and select **Run Job**. + +The newly created resource based groups are imported to the AIC. The Owner and Access Groups have +been assigned to the resources by the import process. The AIC can now be used to manage these +resources through Entitlement Reviews, Ad hoc owner changes, and the Self Service access portal. + +## Review the New Resource Based Groups in the AIC + +Use the Access Information Center **Manage Resource Ownership** to review the imported resources. +These resources with the assigned reviewers will now be in the Manage Owners table on the Resource +Owners interface. The next step is to confirm ownership through the Entitlement Review workflow and +the Self-Service Access Requests workflow. See the Resource Review and Access Requests topics in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroups.md b/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroups.md new file mode 100644 index 0000000000..0a1dfc8034 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroups.md @@ -0,0 +1,313 @@ +# FS_ResourceBasedGroups Job + +The FS_ResourceBasedGroups Job is designed to report on and take action against resources from +targeted file servers that can have their permissions structure transformed to a resource-based +group implementation. + +## Workflow + +**Step 1 –** Ensure that there is up-to-date **.Active Directory Inventory** Job Group data. + +**Step 2 –** Ensure that there is up-to-date **FileSystem** > **0.Collection** Job Group data. + +**Step 3 –** (Optional) Configure a Host List for the job at the job level. + +**NOTE:** If a host list is not configured, this job will analyze and commit actions on every File +System server known to Enterprise Auditor. To scope the actions to target specific servers, +configure a host list at the job level to target only those servers. + +**Step 4 –** Model the intended changes: + +- Configure the Analyze Group Permissions analysis task +- Verify that all actions are disabled + + **CAUTION:** Do not make configuration changes to the analysis tasks after reviewing and + approving the Change Modeling report + +- Execute the analysis tasks to generate the Change Modeling report and review the proposed changes +- See the [Model Intended Changes](#model-intended-changes) topic for additional information + +**Step 5 –** Configure and execute Active Directory actions: + +- Configure and enable the Create Groups action task +- Configure and enable the Update Members action task +- Execute the Active Directory actions +- See the Configure & Execute Active Directory Action Tasks topic for additional information + +**Step 6 –** Execute File System actions: + +- Allow an appropriate grace period for token refresh prior to executing File System action tasks, + for example one week +- Disable the Active Directory action tasks +- Enable the File System action tasks +- Execute the File System action tasks +- See the [Execute File System Action Tasks](#execute-file-system-action-tasks) topic for additional + information + +**Step 7 –** Analyze and report on action history: + +- Disable all action tasks. +- Generate the Action History report and review it. +- See the [Analyze and Report on Action History](#analyze-and-report-on-action-history) topic for + additional information + +Additional Options + +**Step 8 –** (Optional) Create and apply permissions for traverse groups based on previous resource +based groups. See the +[FS_TraverseGroups Job](/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_traversegroups.md) +topic for additional information. + +**Step 9 –** (Optional) Import resources and access groups from the FS_ResoureBasedGroup Job into +the Netwrix Access Information Center. See the +[FS_ResourceBasedGroupAICImport Job](/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroupaicimport.md) +topic for additional information. + +## Model Intended Changes + +Prior to executing the actions to apply changes, the proposed changes can be modeled and reviewed to +determine if the parameters are configured as desired. + +### Configure the Analyze Group Permissions Analysis Task + +The Analyze Group Permissions analysis task in the FS_ResourceBasedGroups Job contains parameters +for group permissions that should be configured and then reviewed in the Change Modeling report. +View the analysis tasks by navigating to the **Jobs** > **FileSystem** > **ResourceBasedGroups** > +**FS_ResourceBasedGroups** > **Configure** node and select **Analysis**. + +![Analyze Group Permissions analysis task in the FS_ResourceBasedGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbganalysis.webp) + +- Analyze Group Permissions – Creates the FS_ResourceBasedGroups_NewACLs table accessible under the + job’s Results node. + + - This analysis task contains configurable parameters: #SA_Job_Hosts, @levels_down, + @naming_convention, @add_admin_groups, #folders, @activity_filter. + +Configure the following parameters. See the +[SQLscripting Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/sqlscripting.md) +topic for additional information. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------------- | --------------------------- | ---------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Analyze Group Permissions | #SA_Job_Hosts | | List of hosts that are associated with the job. The job acts against these hosts. Review the host list. If the host list requires updating, update the host list at the job level | +| Analyze Group Permissions | @levels_down | 0 | Number of levels down from share to root to assign permissions | +| Analyze Group Permissions | @naming_convention | FS*[HostName]*[ShareName]_[FolderName]_[Permissions] | Naming convention for resource based groups | +| Analyze Group Permissions | @add_admin_groups | 1 | Add full control admin groups. 1=true. 0=false. | +| Analyze Group Permissions | @admin_groups | | ObjectSIDs of admin groups to add to every share if @add_admin_groups = 1 | +| Analyze Group Permissions | #folders | | List of folders to assign RBG to. Overrides @levels_down. | +| Analyze Group Permissions | @activity_filter | 1000 | Filter out users with last activity older than X days ago. Will filter out users who have not accessed the folder within the specified threshold. If activity records show the user has never accessed the folder, users will still be included in resource based groups. | + +### Execute the Analysis Tasks + +Execute the analysis tasks to generate the Change Modeling report and review the proposed changed +prior to executing the actions to apply the changes. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Change Modeling | This report shows proposed changes of access for the targeted folders. | None | This report is comprised of three elements: - Pie Chart – Displays a proposed access changes summary - Table – Provides details on proposed access changes by share - Table – Provides details on access modification | + +The Change Modeling report should be used to gain acceptance on the following areas before +implementing the changes: + +- Group Naming Conventions +- Cases of Changed Access + +Access changes occur in the following cases: + +- The user is granted full access, but is not a member of the administrator group specified in the + analysis parameters +- The user is granted less access, but is a member of the administrator group specified in the + analysis parameters +- The user has not used access within the timeframe configured in the analysis parameters + +Follow the steps to model the proposed changes. + +**Step 1 –** Make sure all of the analysis tasks are enabled. + +**CAUTION:** Prior to executing the analysis tasks, make sure that all action tasks are disabled. +The purpose at this point is only to model the intended changes. + +**Step 2 –** In the Configure node, select **Actions** and make sure that all of the action tasks +are disabled. + +**Step 3 –** Right click on the **Resource Based Groups** folder and select **Run Group**. This will +generate the Change Modeling report. + +- Wait for the queued jobs to execute. + +**Step 4 –** In the **FS_ResourceBasedGroups** node, navigate to **Results** > **Change Modeling** +to review the proposed changes prior to executing the actions to apply the changes. + +The Change Modeling report has been created for review. Ensure the modeled changes are approved +before continuing with implementing them. + +## Configure & Execute Active Directory Action Tasks + +**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and +approved. The approved modeled changes are implemented through the execution of the action tasks. + +The Active Directory action tasks create and populate resource based groups. The Create Groups and +Update Members action tasks must be updated to specify a Target OU for group creation prior to +enabling and executing the actions. It should also be verified that these action tasks are targeting +the same domain controller. + +View the action tasks by navigating to the **Jobs** > **FileSystem** > **Resourced Based Groups** > +**FS_ResourceBasedGroups** > **Configure** node and select **Actions**. + +![Active Directory Action Tasks](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp) + +There are the following two Active Directory action tasks: + +- Create Groups – Creates resource based groups +- Update Members – Adds members to the resource based groups based on permissions + +It is recommended to review the tables used by the actions prior to executing the actions. The +actions act upon the data within the following tables: + +- FS_ResourceBasedGroups_GroupsToCreate +- FS_ResourceBasedGroups_NewACLs + +The actions populate the Create Groups and Update Members tables, which can be viewed under the +job’s Results node. The FS_ResourceBasedGroups Job will run analysis tasks against these tables. + +### Configure & Enable the Create Groups Action Task + +Follow the steps to configure the Create Groups action task. + +**Step 1 –** Select the action and click **Action Properties**. + +**Step 2 –** On the Action Properties page, click **Configure Action**. + +**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Create Groups page. + +![AD Action Module Wizard Create Groups page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/creategroups.webp) + +**Step 4 –** In the OU box, select the OU where the groups will be created. + +**Step 5 –** Navigate to the Options page and verify that the domain controller used to create +groups is the same domain controller used in the Update Members action task. It is a best practice +to identify the domain controller that is closest to the file server and use that domain controller. + +**Step 6 –** Navigate to the Summary page and click **Finish**. + +**Step 7 –** On the Action Selection page, select the Create Groups action's checkbox to enable it. + +The Create Groups action is configured. + +### Configure & Enable the Update Members Action Task + +Follow the steps to configure the Create Groups action task. + +**Step 1 –** Select the action task and click **Action Properties**. + +**Step 2 –** On the Action Properties page, click **Configure Action**. + +**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Group Membership page. + +![AD Action Module Wizard Groups Membership page](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp) + +**Step 4 –** On the Create Groups page, **Target Group by OU** is selected by default. In the OU +box, select the target OU. + +**Step 5 –** Navigate to the Options page and verify that the domain controller used to create +groups is the same domain controller used in the Create Groups action task. It is a best practice to +identify the domain controller that is closest to the file server and use that domain controller. + +**Step 6 –** Navigate to the Summary page and click **Finish**. + +**Step 7 –** On the Action Selection page, select the Update Members action's checkbox to enable it. + +The Update Members action is configured. + +### Execute Active Directory Action Tasks + +Make sure that the File System actions are deselected and execute the Active Directory action tasks. +The Create Groups action creates the resource based groups. The Update Members action populates +those groups. + +Enabled action tasks can be manually executed at the Actions node. Action tasks can be scheduled +only at the job level. + +Follow the steps to execute the AD actions. + +**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and +approved. The approved modeled changes are implemented through the execution of the action tasks. + +**_RECOMMENDED:_** Disable the analysis tasks. It is not necessary to collect the data again. + +**Step 1 –** On the Action Selection page, enable the **Create Groups** and **Update Members** +actions. + +**Step 2 –** Right-click on the **Resource Based Groups** folder and select **Run Group**. + +- Wait for the queued jobs to execute. + +The resource based groups are created and populated. + +## Execute File System Action Tasks + +**CAUTION:** Prior to executing the File System action tasks, allow a grace period, for example one +week. This is important for token refresh to occur as users log off and log on again. + +The File System actions modify folder permissions and break inheritance. The Modify Permissions and +Break Inheritance actions modules do not require any configuration. + +View the action tasks by navigating to the **Jobs** > **FileSystem** > **Resourced Based Groups** > +**FS_ResourceBasedGroups** > **Configure** node and select **Actions**. + +![File System action tasks](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp) + +There are the following two File System action tasks: + +- Modify Permissions – Modifies folder permissions +- Break Inheritance – Breaks inheritance and remove all previous permissions + +It is recommended to review the tables used by the actions prior to executing the actions. The +actions act upon the data within the following table: + +- FS_ResourceBasedGroups_GroupsToCreate + +The actions populate the Modify Permissions and Break Inheritance tables, which can viewed under the +job’s Results node. The FS_ResourceBasedGroups Job will run analysis tasks against these tables. + +Follow the steps to execute the FS actions. + +**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and +approved. The approved modeled changes are implemented through the execution of the action tasks. + +**Step 1 –** On the Action Selection page, disable the **Create Groups** and **Update Members** +actions. + +**Step 2 –** Enable the **Modify Permissions** and **Break Inheritance** actions. + +**Step 3 –** Right-click on the **Resource Based Groups** folder and select **Run Group**. + +- Wait for the queued jobs to execute. + +The File System action tasks assign all of the newly-created groups to File System resources with +the configured permissions. All other permissions will have been removed from the resources. + +## Analyze and Report on Action History + +The Action History report generated by the job shows all actions taken on each share for audit trail +purposes. + +| Report | Description | Default Tags | Report Elements | +| -------------- | --------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------- | +| Action History | This report shows all actions taken on each share for audit trail purposes. | None | This report is comprised of one element: - Table – This table provides details on the actions taken on each share | + +Follow the steps to analyze and report on action history. + +**CAUTION:** Disable all of the action tasks prior to generating the Action History report. + +**Step 1 –** On the Action Selection page, disable the **Modify Permissions** and **Break +Inheritance** actions. Make sure all of the action tasks are disabled. + +**Step 2 –** On the Analysis Selection page, enable the **Create view for action status** and +**Summarize Access Changes** analysis tasks. + +**Step 3 –** Run the job to generate the Action History report and review the actions taken on each +share. + +The organization of the users and their permissions now follows a least privileged access (resource +based groups) model. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_traversegroups.md b/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_traversegroups.md new file mode 100644 index 0000000000..3f9a92db4d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_traversegroups.md @@ -0,0 +1,232 @@ +# FS_TraverseGroups Job + +The **FS_TraverseGroups** Job can be used to create and apply permissions for traverse groups based +on previous resource based groups. This job would be used in the case where the folder to which +resource based groups permissions are applied is not the root share folder, or at the root of the +share. This job prevents users from losing the ability to navigate through the directory structure +if the folder is nested. The FS_TraverseGroups Job must be installed from the Instant Job library. +See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. + +## Recommended Configurations for the FS_TraverseGroups Job + +Dependencies + +- The **FS_ResourceBasedGroups** job must be successfully run prior to running this job + +Targeted Hosts + +- None – If targeting all file servers known to Enterprise Auditor +- Scope the actions to a host list – If targeting specific file servers + +Schedule Frequency + +This job can be scheduled to run as desired. Throughout this document reference to executing a job +refers to either manual execution or scheduled execution, according to the needs of the +organization. See the +[Scheduling the Resource Based Groups Job Group](/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/overview.md#scheduling-the-resource-based-groups-job-group) +topic for additional information. + +History Retention + +Not supported + +Workflow + +**Step 1 –** Run the **FS_ResourceBasedGroups** job. + +**Step 2 –** Configure a Host List for the job at the job level. + +**NOTE:** If a host list is not configured, this job will analyze and commit actions on every File +System server known to Enterprise Auditor. To scope the actions to target specific servers, +configure a host list at the job level to target only those servers. + +**Step 3 –** Configure and execute analysis tasks. + +- Configure the Create Groups analysis task +- Execute the analysis tasks +- See the Configure & Execute Analysis Tasks topic for additional information + +**Step 4 –** Configure and execute Active Directory action task. + +- Configure & Enable the Create Groups action task +- Execute the Create Groups action task +- See the Configure & Execute Active Directory Action Task topic for additional information + +**Step 5 –** Execute File System action task. + +- Allow an appropriate grace period for token refresh prior to executing File System action task, + for example one week +- Disable the Active Directory action task +- Enable the Modify Permissions action task +- Execute the Modify Permissions action task +- See the [Execute File System Action Task](#execute-file-system-action-task) topic for additional + information + +**Step 6 –** Generate and review the List Traverse Group Changes report. + +- See the + [Generate the List Traverse Group Changes Report](#generate-the-list-traverse-group-changes-report) + topic for additional information + +## Configure & Execute Analysis Tasks + +Prior to executing the action tasks, configure and execute the analysis tasks. + +### Configure the Create Groups Analysis Task + +View the analysis tasks by navigating to the place in the Jobs tree where the Traverse Groups job +was installed from the Instant Jobs library. Then go to the **FS_TraverseGroups** > **Configure** +node and select **Analysis**. The Create Groups analysis task contains an analysis parameter that +should be configured to set the naming convention for list groups. + +![FS_TraverseGroups analysis tasks](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp) + +The job has the following analysis tasks: + +- Create Groups – Creates the FS_ListTraverseGroups_NewGroups table accessible under the job’s + Results node + + - This analysis task contains a configurable parameter: @naming_convention + +- Show Table – Displays the FS_ListTraverseGroups_NewPermissions table accessible under the job’s + Results node +- Show Table – Displays the FS_ListTraverseGroups_NewGroups table accessible under the job’s Results + node + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------- | --------------------------- | --------------------------------------------- | --------------------------------- | +| Create Groups | @naming_convention | FS*[HostName]*[ShareName]_[FolderName]_List | Naming convention for list groups | + +For instructions on configuring analysis parameters, see the +[SQLscripting Analysis Module](/docs/accessanalyzer/11.6/admin/analysis/sqlscripting.md) +topic. + +### Execute Analysis Tasks + +Once the Create Groups analysis task has been configured, execute the analysis tasks. The analysis +tasks are selected by default. Follow the steps to execute the analysis tasks. + +**Step 1 –** Make sure all of the analysis tasks are enabled. + +**CAUTION:** Prior to executing the analysis tasks, make sure that all action tasks are disabled. +The purpose at this point is only to create the required traversal tables. + +**Step 2 –** In the Configure node, select **Actions** and make sure that all of the action tasks +are disabled. + +**Step 3 –** Right click on the **FS_TraverseGroups** job and select **Run Job**. This will generate +the Change Modeling report. + +- Wait for the queued jobs to execute. + +The analysis tasks create the required traversal tables accessible under the job’s Results node. + +## Configure & Execute Active Directory Action Task + +The Active Directory action tasks create and populate resource based groups. The Create Groups +action tasks must be updated to specify a Target OU for group creation prior to enabling and +executing the actions. It should also be verified that the action tasks are targeting the same +domain controller. View the actions by navigating to the place in the Jobs tree where the Traverse +Groups job was installed from the Instant Jobs library. Then go to the **FS_TraverseGroups** > +**Configure** node and select **Actions**. The Create Groups action task must be configured to +specify the OU for group creation. + +**_RECOMMENDED:_** It is recommended to execute the actions one at a time and in order as opposed to +running the entire job group with the actions enabled. + +![FS_TraverseGroups action tasks](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/traverseactions.webp) + +There are the following action tasks: + +- Create Groups – Create groups and add resource based groups +- Modify Permissions – Add list groups + +It is recommended to review the tables used by the actions prior to executing the actions. For +instructions on configuring action tables, see the Configure & Enable the Create Groups Action Task +topic. The actions act upon the data within the following tables: + +- FS_ListTraverseGroups_NewGroups +- FS_ListTraverseGroups_NewPermissions + +These tables can be viewed under the job’s Results node. The FS_TraverseGroups Job will run analysis +tasks against these tables. + +### Configure & Enable the Create Groups Action Task + +Follow the steps to configure the Create Groups action task. + +**Step 1 –** Select the action and click **Action Properties**. + +**Step 2 –** On the Action Properties page, click **Configure Action**. + +**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Create Groups page. + +![AD Action Module Wizard Create Groups page](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/creategroups.webp) + +**Step 4 –** In the OU box, select the OU where the groups will be created. + +**Step 5 –** Navigate to the Options page and verify that the domain controller used to create +groups is the same domain controller used in the Update Members action task. + +**Step 6 –** Navigate to the Summary page and click **Finish**. + +### Execute Active Directory Action Task + +The Create Groups action creates the resource based groups. Enabled action tasks can be manually +executed at the Actions node. Action tasks can be scheduled only at the job level. Follow the steps +to create the resource based groups. + +**Step 1 –** On the Action Selection page, enable the **Create Groups** action task. + +**Step 2 –** Right-click on the **FS_TraverseGroups** job and select **Run Job**. + +- Wait for the queued job to execute + +The resource based groups are created and populated. + +## Execute File System Action Task + +Once the Create Groups action has been executed, the Modify Permissions action can be executed. +Follow the steps to execute the action. + +**CAUTION:** Prior to executing the File System action tasks, allow a grace period, for example one +week. This is important for token refresh to occur as users log off and log on again. + +**Step 1 –** On the Action Selection page, disable the **Create Groups** action task. + +**Step 2 –** Enable the **Modify Permissions** action task. + +**Step 3 –** Right-click on the **FS_TraverseGroups** job and select Run Job. + +- Wait for the queued job to execute. + +The Modify Permissions action task assigns all of the newly-created groups to File System resources +with the configured permissions. All other permissions will have been removed from the resources. + +## Generate the List Traverse Group Changes Report + +The Generate the List Traverse Group Changes report displays a list of changes made in the +environment by the action modules. + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | +| List Traverse Group Changes | This report shows a list of changes made in the environment by the action modules. | None | This report is comprised of one elements: - Table – This table provides details on the changes made to the environment by the action modules | + + Follow the steps to analyze and report on action history. + +**CAUTION:** Disable all of the action tasks prior to generating the List Traverse Group Changes +report. + +**Step 1 –** On the Action Selection page, disable the **Modify Permissions** action task. Make sure +all of the action tasks are disabled. + +**Step 2 –** On the Analysis Selection page, enable the **Create Groups** and both **Show Table** +analysis tasks. + +**Step 3 –** Run the job to generate the Action History report and review the actions taken on each +share. + +The permissions for traverse groups are applied based on the previously created resource based +groups. Users retain access to nested folders. diff --git a/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/overview.md b/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/overview.md new file mode 100644 index 0000000000..35ccccab44 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/overview.md @@ -0,0 +1,94 @@ +# Resource Based Groups Job Group + +The Resource Based Groups Job Group will transform permissions on specified folders to a resource +based groups model. The jobs which comprise the Resource Based Groups Job Group use the Active +Directory Action Module to create resource based groups and populate resource based groups +membership. The jobs use the File System Action Module to modify folder permissions and break +inheritance. + +## Prerequisites + +Action modules are available with a special Enterprise Auditor license. In order to use the Resource +Based Groups workflow, the following Enterprise Auditor licensing components are required: + +- File System Feature +- File System Reports Add-on +- File System Actions Add-on +- Active Directory Actions Add-on + +The following job groups must be successfully run prior to using this workflow: + +- .Active Directory Inventory Job Group +- FileSystem > 0.Collection Job Group + +## Location + +The **File System** > **Resource Based Groups** Job Group is a separately licensed component of the +Enterprise Auditor File System solution set. Typically this job group is added during installation, +but it can be installed from the Instant Job Wizard. + +![Resource Based Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > **FileSystem** > +**Resource Based Groups**. + +The FS_TraverseGroups Job and the FS_ResourceBasedGroupsAICImport Job must be installed from the +Instant Job library. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. + +## Jobs + +The Resource Based Groups Job Group will transform permissions on specified folders to a resource +based groups model. + +![Job Group Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The following jobs comprise the Resource Based Groups Job Group: + +- [FS_ResourceBasedGroups Job](/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroups.md) + – This job will transform permission on specified folders to a resource based groups model +- [FS_TraverseGroups Job](/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_traversegroups.md) + – (Optional) This job can be used to create and apply permissions for traverse groups based on + previous resource based groups. The FS_TraverseGroupsJob must be added from the Instant Job + Library in order to be used. +- [FS_ResourceBasedGroupAICImport Job](/docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroupaicimport.md) + – (Optional) This job imports resources and access groups from the FS_ResoureBasedGroup Job into + the Netwrix Access Information Center. The FS_ResourceBasedGroupsAICImport Job must be added from + the Instant Job Library to be used. + +## Recommended Configurations for the Resource Based Groups Job Group + +Dependencies + +- The **.Active Directory Inventory** Job Group must be successfully run prior to running this job +- The **FileSystem** > **0.Collection** Job Group must be successfully run prior to running this job + +Targeted Hosts + +- None – If targeting all file servers known to Enterprise Auditor +- Scope the actions to a host list – If targeting specific file servers + +Schedule Frequency + +This job group can be scheduled to run as desired. Throughout this document reference to executing a +job refers to either manual execution or scheduled execution, according to the needs of the +organization. See the +[Scheduling the Resource Based Groups Job Group](#scheduling-the-resource-based-groups-job-group) +topic for additional information. + +History Retention + +Not supported + +## Scheduling the Resource Based Groups Job Group + +Netwrix recommends that the job be run by a scheduled task with an unlimited timeout to ensure the +job will not be aborted when an interactive session is ended due to logoff (a logoff based on +inactivity is common in enterprise environments). Netwrix also recommends that the job only be +scheduled for discrete one-time runs so that results may be reviewed after each execution. See the +[Schedule Jobs](/docs/accessanalyzer/11.6/admin/schedule/overview.md#schedule-jobs) +topic for additional information. + +Throughout this document reference to executing a job refers to either manual execution or scheduled +execution, according to the needs of the organization. diff --git a/docs/accessanalyzer/11.6/solutions/nisinventory/nis_scan.md b/docs/accessanalyzer/11.6/solutions/nisinventory/nis_scan.md new file mode 100644 index 0000000000..4b172a2107 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/nisinventory/nis_scan.md @@ -0,0 +1,102 @@ +# NIS Scan Job + +The NIS Scan job collects data from the targeted NIS server and then analyzes that data to inventory +users, groups, and group membership. This data can then be used by other built-in Enterprise Auditor +solutions. + +## Query for the NIS Scan Job + +The NIS Scan Job uses the NIS Data Collector for the following query: + +**CAUTION:** This query must be modified. See the +[Configure the NIS Scan Query](#configure-the-nis-scan-query) topic for additional information. + +![Query for the NIS Scan Job](/img/product_docs/accessanalyzer/11.6/solutions/nisinventory/nisscanquery.webp) + +- Inventory Scan – Targets a NIS server to collect inventory data for user and group objects + +### Configure the NIS Scan Query + +The NIS Scan job has been preconfigured to run with the default settings with the category of **Scan +NIS Users and Groups**. However, it is necessary to configure the targeted NIS domain. Follow the +steps to set the target NIS domain and any desired customizations. + +**Step 1 –** Navigate to the **.NIS Inventory** > **NIS Scan** > **Configure** node and select +**Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The NIS Data Collector Wizard +opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![NIS Settings page](/img/versioned_docs/activitymonitor_7.1/config/dellpowerscale/settings.webp) + +**Step 4 –** On the NIS Settings page, enter the **NIS Domain Name** for the targeted NIS domain. +This step is required prior to running this query. See the +[NIS: NIS Settings](/docs/accessanalyzer/11.6/admin/datacollector/nis/settings.md) +topic for additional information. + +- Optional: Test the connection to the domain using the Sample NIS Server section of the page + +![SID Mappings page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/sidmappings.webp) + +**Step 5 –** On the SID Mappings page, you can add multiple SID mapping entries. See the +[NIS: SID Mappings](/docs/accessanalyzer/11.6/admin/datacollector/nis/sidmappings.md) +topic for additional information. + +**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The NIS Scan Job is now ready to run. + +## Analysis Tasks for the NIS Scan Job + +View the analysis tasks by navigating to the **.NIS Inventory** > **NIS Scan** > **Configure** node +and select **Analysis**. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or +deselected. There is one that is deselected by default, as it is for troubleshooting purposes. + +![Analysis Tasks for the NIS Scan Job](/img/product_docs/accessanalyzer/11.6/solutions/nisinventory/nisscananalysis.webp) + +The following analysis tasks are selected by default: + +- Users – Enables the SA_NIS_Users table to be accessible under the job’s Results node +- Groups – Enables the SA_NIS_Groups table to be accessible under the job’s Results node +- Members – Enables the SA_NIS_GroupMembersView to be accessible under the job’s Results node + +The following analysis task only needs to be selected when there is a need to remove the tables from +the database: + +**CAUTION:** This analysis task is for troubleshooting and cleanup only. Data will be deleted from +the database. Do not execute this task with the other analysis tasks, as that results in the +deletion of data that was just collected. + +- Drop NIS Tables – Removes all tables and views created by this job from SQL Server database + + - See the [Remove NIS Tables](#remove-nis-tables) topic for additional information + +### Remove NIS Tables + +Sometimes when troubleshooting a NIS Data Collector issue, it becomes necessary to clear the +standard reference tables. Follow these steps. + +**Step 1 –** Navigate to the **.NIS Inventory** > **NIS Scan** > **Configure** node and select +**Analysis**. + +**Step 2 –** Clear all of the other analysis tasks and select only the **Drop NIS Tables** analysis +task. + +**Step 3 –** Use the right-click menu on the analysis data grid to **Execute Analyses**. + +**Step 4 –** After the analysis task has completed execution, the tables have been cleared from the +SQL database. + +**CAUTION:** Do not forget to clear the Drop NIS Tables analysis task and reselect all of the other +analysis tasks. + +The next time the job is run, the standard reference tables are recreated in the database. diff --git a/docs/accessanalyzer/11.6/solutions/nisinventory/overview.md b/docs/accessanalyzer/11.6/solutions/nisinventory/overview.md new file mode 100644 index 0000000000..b39bba8081 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/nisinventory/overview.md @@ -0,0 +1,42 @@ +# .NIS Inventory Solution + +Network Information Service (NIS) for Unix provides a central repository for user, group, and other +information Unix systems need for authentication and authorization. The .NIS Inventory Solution is +designed to provide essential user and group membership information from a NIS domain, mapping these +principals to Windows-style SIDs. This provides valuable information to the File Systems Solution +when auditing NFS shares. This information can also be used in the Unix Solution Set. + +Supported Platforms + +- NIS domains + +Permissions + +- No special permissions are needed aside from access to a NIS server + +Ports + +- TCP 111 or UDP 111 +- Randomly allocated high TCP ports + +Location + +The .NIS Inventory Solution is a core component of all Enterprise Auditor installations. It can be +installed from the Enterprise Auditor Instant Job Wizard.. + +![.NIS Inventory Solution in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > **.NIS +Inventory**. This group has been named in such a way to keep it at the top of the Jobs tree. + +## NIS Scan Job + +The .NIS Inventory Solution contains a single job. This job is configured to use the NIS Data +Collector and then runs analysis on the collected data. + +![.NIS Inventory Solution Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The following job comprises the .NIS Inventory job group: + +- [NIS Scan Job](/docs/accessanalyzer/11.6/solutions/nisinventory/nis_scan.md) + – Provides essential user and group membership details to built-in solution sets diff --git a/docs/accessanalyzer/11.6/solutions/nisinventory/recommended.md b/docs/accessanalyzer/11.6/solutions/nisinventory/recommended.md new file mode 100644 index 0000000000..0200b42665 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/nisinventory/recommended.md @@ -0,0 +1,65 @@ +# Recommended Configuration for the .NIS Inventory Solution + +The .NIS Inventory Solution requires some configuration for the target environment. It can be run +directly or scheduled. + +Dependencies + +This job group does not have dependencies. + +Targeted Hosts + +The host list assignment should be assigned under the **.NIS Inventory** > **NIS Scan** > **Hosts** +node. Select the custom host list containing the NIS servers or manually add the host in the +**Individual hosts** section. See the +[Unix Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/nis/configurejob.md) +topic for additional information. + +Connection Profile + +The Connection Profile should be assigned in the **.NIS Inventory** > **NIS Scan** > **Job +Properties** window on the **Connection** tab. It is set to **Use the Default Profile**, as +configured at the global settings level. However, if this is not the Connection Profile with the +necessary permissions for targeting the NIS servers, select the **Select one of the following user +defined profiles** option and select the appropriate Connection Profile. See the +[Unix Connection Profile & Host List](/docs/accessanalyzer/11.6/admin/datacollector/nis/configurejob.md) +topic for additional information. + +Schedule Frequency + +It is recommended to schedule the .NIS Inventory job group to run once a day. If there are frequent +changes within the target environment, then it can be executed more often. It is best to rerun it +anytime changes might have occurred. + +Run at the Solution Level + +The job in the .NIS Inventory job group can be run at either the job or job group level. + +Query Configuration + +The solution requires the NIS domain to be configured in the **Inventory Scan** query. Navigate to +the **NIS Settings** page of the NIS Data Collector Wizard. Optionally, modifications can be made +for SID mappings within the **NIS Scan** job. See the +[NIS Scan Job](/docs/accessanalyzer/11.6/solutions/nisinventory/nis_scan.md) topic +for additional information. + +Analysis Configuration + +The solution is best run with the default analysis configuration. However, the **Drop NIS Tables** +analysis task is deselected by default, as it is for troubleshooting purposes only. + +History Retention + +History retention is not supported and should be turned off. + +Multi-console Support + +Multi-console is not supported. + +Workflow + +**Step 1 –** Configure and assign the host list and Connection Profile. + +**Step 2 –** Configure the Inventory Scan query. + +**Step 3 –** Schedule the .NIS Inventory job group to run as desired diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/overview.md b/docs/accessanalyzer/11.6/solutions/overview.md similarity index 100% rename from docs/accessanalyzer/11.6/accessanalyzer/solutions/overview.md rename to docs/accessanalyzer/11.6/solutions/overview.md diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md b/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md deleted file mode 100644 index 57344e34b0..0000000000 --- a/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md +++ /dev/null @@ -1,215 +0,0 @@ -# Forensics Job Group - -This group will highlight deletions, group membership changes, permission changes, and activity -around sensitive data. - -![Forensics Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/forensics/forensicsjobstree.webp) - -The jobs in the Forensics Job Group are: - -- [SP_Deletions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md) - – Identifies SharePoint deletion events which have occurred over the past 30 days -- [SP_PermissionChanges Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md) - – Identifies permission changes which have been performed on all monitored SharePoint sites over - the past 30 days -- [SP_SensitiveDataActivity Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md) - – Highlights user activity involving sensitive data and provides details on who is interacting - with your environments sensitive content - -# SP_Deletions Job - -This job identifies SharePoint deletion events which have occurred over the past 30 days. - -## Analysis Tasks for the SP_Deletions Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > **SP_Deletions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_Deletions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/deletionsanalysis.webp) - -The default analysis task is: - -- Analyze SPAC Deletion Events – Creates the SA_SPAC_Deletions_Last30Days table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_Deletions Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Deletion Details | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Bar Chart – Displays total number of deletions in the past 30 days - Table – Provides details on deletions in the past 30 days | - -# SP_PermissionChanges Job - -This job identifies permission changes which have been performed on all monitored SharePoint sites -over the past 30 days. - -## Analysis Tasks for the SP_PermissionChanges Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > -**SP_PermissionChanges** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_PermissionChanges Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/permissionchangesanalysis.webp) - -The default analysis tasks are: - -- Analyze Permission Changes – Creates the SA_SP_PermissionChanges table accessible under the job’s - Results node -- Permission Changes Counts – Creates the SA_SP_PermissionChanges_Counts table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_PermissionChanges Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Permission Changes | This report identifies SharePoint permission changes based on activity events and determines whether or not that permission change is considered a high security risk. | None | This report is comprised of two elements: - Bar Chart – Displays permission change activity in the past seven days - Table – Provides permission change details | - -# SP_SensitiveDataActivity Job - -This job highlights user activity involving sensitive data and provides details on who is -interacting with your environments sensitive content. - -## Analysis Tasks for the SP_SensitiveDataActivity Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > -**SP_SensitiveDataActivity** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_SensitiveDataActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp) - -The default analysis tasks are: - -- Sensitive Data Activity – Creates the SA_SP_SensitiveDataActivity table accessible under the job’s - Results node -- Sensitive Data Activity User Count – Creates an interim processing table in the database for use - by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | -------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Activity | This Report shows user activity on sensitive data. | None | This report is comprised of two elements: - Bar Chart – Displays sensitive data activity - Table – Provides details on sensitive data activity | - -# 7.Activity Job Group - -The 7.Activity job group generates summary and detail reports of SharePoint activity on the -specified sites. These reports can be used for identifying file, folder, and user related activity -across your SharePoint environment. - -![7.Activity Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The job groups in the 7.Activity Job Group are: - -- [Forensics Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md) - – Highlights deletions, group membership changes, permission changes, and activity around - sensitive data -- [Usage Statistics Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md)– - Identifies long term trends of activity across your SharePoint environment highlighting most - active sites and users as well as stale users - -# Usage Statistics Job Group - -The Usage Statistics job group identifies long term trends of activity across your SharePoint -environment highlighting most active sites and users as well as stale sites. - -![Usage Statistics Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp) - -The jobs in the Usage Statistics Job Group are: - -- [SP_InactiveSites Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md) - – Highlights your environments least active Sites or Site Collections -- [SP_MostActiveSites Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md) - – Identifies the top five most active sites monitored by Enterprise Auditor -- [SP_MostActiveUsers Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md) - – Identifies the most active users from the last 30 days on all monitored SharePoint servers with - a view of Reads, Updates, Deletes, and Permission changes performed by a user - -# SP_InactiveSites Job - -This job highlights your environments least active Sites or Site Collections. - -## Analysis Tasks for the SP_InactiveSites Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > -**SP_InactiveSites** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_InactiveSites Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp) - -The default analysis task is: - -- Inactive Sites Last 30 Days – Creates the SA_SP_InactiveSites_Last30Days table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_InactiveSites Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | -| Inactive Sites | This report identifies Sites that have not had activity for at least 30 days. [View], [Delete], [Update], [Delete] fields reflect the number of unique operations of each type that was performed on the inactive site for this time frame. | None | This report is comprised of two elements: - Bar Chart – Displays information on inactive sites - Table – Provides details on inactive sites | - -# SP_MostActiveSites Job - -This job identifies the top five most active monitored sites. - -## Analysis Tasks for the SP_MostActiveSites Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > -**SP_MostActiveSites** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_MostActiveSites Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp) - -The default analysis task is: - -- Most Active Sites Last 30 Days – Creates the SA_SPAC_MostActiveSites_Last30Days table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_MostActiveSites Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active Sites – Last 30 Days | This report identifies the top five most active sites for the past 30 days. [Reads], [Updates], [Deletes], [Permission Changes] fields reflect the number of unique operations of each type that was performed on the site for this time frame. Unique Resources Accessed, number of active user performing operations on the site, as well as whether or not the active site contains sensitive information. | None | This report is comprised of two elements: - Bar Chart – Displays information on most active sites by event count - Table – Provides details on most active sites by event count | - -# SP_MostActiveUsers Job - -This job identifies the most active users from the last 30 days on all monitored SharePoint servers -with a view of Reads, Updates, Deletes, and Permission changes performed by a user. - -## Analysis Tasks for the SP_MostActiveUsers Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > -**SP_MostActiveUsers** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_MostActiveUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp) - -The default analysis task is: - -- Most Active Users Last 30 Days – SA_SPAC_MostActiveUsers_Last30Days table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_MostActiveUsers Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active Users – Last 30 Days | This report identifies the top users for the past 30 days. [View], [Delete], [Update], [Delete] fields reflect the number of unique operations of each type that was performed by the user for this time frame. Unique Resources are the number of distinct resources that have had activity during that time. | None | This report is comprised of two elements: - Bar Chart – Displays information on top users by operation count - Table – Provides details on top users by operation count | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/overview.md b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/overview.md new file mode 100644 index 0000000000..1ef3fd84d5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/overview.md @@ -0,0 +1,17 @@ +# Forensics Job Group + +This group will highlight deletions, group membership changes, permission changes, and activity +around sensitive data. + +![Forensics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/forensicsjobstree.webp) + +The jobs in the Forensics Job Group are: + +- [SP_Deletions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_deletions.md) + – Identifies SharePoint deletion events which have occurred over the past 30 days +- [SP_PermissionChanges Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_permissionchanges.md) + – Identifies permission changes which have been performed on all monitored SharePoint sites over + the past 30 days +- [SP_SensitiveDataActivity Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_sensitivedataactivity.md) + – Highlights user activity involving sensitive data and provides details on who is interacting + with your environments sensitive content diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_deletions.md b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_deletions.md new file mode 100644 index 0000000000..dd7e810018 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_deletions.md @@ -0,0 +1,25 @@ +# SP_Deletions Job + +This job identifies SharePoint deletion events which have occurred over the past 30 days. + +## Analysis Tasks for the SP_Deletions Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > **SP_Deletions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_Deletions Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/deletionsanalysis.webp) + +The default analysis task is: + +- Analyze SPAC Deletion Events – Creates the SA_SPAC_Deletions_Last30Days table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_Deletions Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Deletion Details | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Bar Chart – Displays total number of deletions in the past 30 days - Table – Provides details on deletions in the past 30 days | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_permissionchanges.md b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_permissionchanges.md new file mode 100644 index 0000000000..bdf85e660e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_permissionchanges.md @@ -0,0 +1,28 @@ +# SP_PermissionChanges Job + +This job identifies permission changes which have been performed on all monitored SharePoint sites +over the past 30 days. + +## Analysis Tasks for the SP_PermissionChanges Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > +**SP_PermissionChanges** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_PermissionChanges Job](/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/permissionchangesanalysis.webp) + +The default analysis tasks are: + +- Analyze Permission Changes – Creates the SA_SP_PermissionChanges table accessible under the job’s + Results node +- Permission Changes Counts – Creates the SA_SP_PermissionChanges_Counts table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_PermissionChanges Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Permission Changes | This report identifies SharePoint permission changes based on activity events and determines whether or not that permission change is considered a high security risk. | None | This report is comprised of two elements: - Bar Chart – Displays permission change activity in the past seven days - Table – Provides permission change details | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_sensitivedataactivity.md b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_sensitivedataactivity.md new file mode 100644 index 0000000000..37c26e3cba --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sp_sensitivedataactivity.md @@ -0,0 +1,29 @@ +# SP_SensitiveDataActivity Job + +This job highlights user activity involving sensitive data and provides details on who is +interacting with your environments sensitive content. + +## Analysis Tasks for the SP_SensitiveDataActivity Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > +**SP_SensitiveDataActivity** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_SensitiveDataActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp) + +The default analysis tasks are: + +- Sensitive Data Activity – Creates the SA_SP_SensitiveDataActivity table accessible under the job’s + Results node +- Sensitive Data Activity User Count – Creates an interim processing table in the database for use + by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | -------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Activity | This Report shows user activity on sensitive data. | None | This report is comprised of two elements: - Bar Chart – Displays sensitive data activity - Table – Provides details on sensitive data activity | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/activity/overview.md b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/overview.md new file mode 100644 index 0000000000..46dd93a2af --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/overview.md @@ -0,0 +1,16 @@ +# 7.Activity Job Group + +The 7.Activity job group generates summary and detail reports of SharePoint activity on the +specified sites. These reports can be used for identifying file, folder, and user related activity +across your SharePoint environment. + +![7.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The job groups in the 7.Activity Job Group are: + +- [Forensics Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/overview.md) + – Highlights deletions, group membership changes, permission changes, and activity around + sensitive data +- [Usage Statistics Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/overview.md)– + Identifies long term trends of activity across your SharePoint environment highlighting most + active sites and users as well as stale users diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/overview.md b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/overview.md new file mode 100644 index 0000000000..cc0a29256d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/overview.md @@ -0,0 +1,16 @@ +# Usage Statistics Job Group + +The Usage Statistics job group identifies long term trends of activity across your SharePoint +environment highlighting most active sites and users as well as stale sites. + +![Usage Statistics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp) + +The jobs in the Usage Statistics Job Group are: + +- [SP_InactiveSites Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_inactivesites.md) + – Highlights your environments least active Sites or Site Collections +- [SP_MostActiveSites Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_mostactivesites.md) + – Identifies the top five most active sites monitored by Enterprise Auditor +- [SP_MostActiveUsers Job](/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_mostactiveusers.md) + – Identifies the most active users from the last 30 days on all monitored SharePoint servers with + a view of Reads, Updates, Deletes, and Permission changes performed by a user diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_inactivesites.md b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_inactivesites.md new file mode 100644 index 0000000000..8d597a5eec --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_inactivesites.md @@ -0,0 +1,25 @@ +# SP_InactiveSites Job + +This job highlights your environments least active Sites or Site Collections. + +## Analysis Tasks for the SP_InactiveSites Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > +**SP_InactiveSites** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_InactiveSites Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp) + +The default analysis task is: + +- Inactive Sites Last 30 Days – Creates the SA_SP_InactiveSites_Last30Days table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_InactiveSites Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | +| Inactive Sites | This report identifies Sites that have not had activity for at least 30 days. [View], [Delete], [Update], [Delete] fields reflect the number of unique operations of each type that was performed on the inactive site for this time frame. | None | This report is comprised of two elements: - Bar Chart – Displays information on inactive sites - Table – Provides details on inactive sites | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_mostactivesites.md b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_mostactivesites.md new file mode 100644 index 0000000000..7fbf3c15da --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_mostactivesites.md @@ -0,0 +1,25 @@ +# SP_MostActiveSites Job + +This job identifies the top five most active monitored sites. + +## Analysis Tasks for the SP_MostActiveSites Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > +**SP_MostActiveSites** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_MostActiveSites Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp) + +The default analysis task is: + +- Most Active Sites Last 30 Days – Creates the SA_SPAC_MostActiveSites_Last30Days table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_MostActiveSites Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active Sites – Last 30 Days | This report identifies the top five most active sites for the past 30 days. [Reads], [Updates], [Deletes], [Permission Changes] fields reflect the number of unique operations of each type that was performed on the site for this time frame. Unique Resources Accessed, number of active user performing operations on the site, as well as whether or not the active site contains sensitive information. | None | This report is comprised of two elements: - Bar Chart – Displays information on most active sites by event count - Table – Provides details on most active sites by event count | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_mostactiveusers.md b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_mostactiveusers.md new file mode 100644 index 0000000000..b2f8d78549 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/sp_mostactiveusers.md @@ -0,0 +1,26 @@ +# SP_MostActiveUsers Job + +This job identifies the most active users from the last 30 days on all monitored SharePoint servers +with a view of Reads, Updates, Deletes, and Permission changes performed by a user. + +## Analysis Tasks for the SP_MostActiveUsers Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > +**SP_MostActiveUsers** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_MostActiveUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp) + +The default analysis task is: + +- Most Active Users Last 30 Days – SA_SPAC_MostActiveUsers_Last30Days table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_MostActiveUsers Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active Users – Last 30 Days | This report identifies the top users for the past 30 days. [View], [Delete], [Update], [Delete] fields reflect the number of unique operations of each type that was performed by the user for this time frame. Unique Resources are the number of distinct resources that have had activity during that time. | None | This report is comprised of two elements: - Bar Chart – Displays information on top users by operation count - Table – Provides details on top users by operation count | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/collection/1-spseek_systemscans.md b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/1-spseek_systemscans.md new file mode 100644 index 0000000000..8666307446 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/1-spseek_systemscans.md @@ -0,0 +1,92 @@ +# 1-SPSEEK_SystemScans Job + +This job is responsible for building the Tier2 SPDLP database repositories, which contain +information regarding sensitive content that exists within SharePoint. + +## Queries for the 1-SPSEEK_SystemScans Job + +The 1-SPSEEK SystemScans Job uses the SharePoint Access Data Collector for the following query: + +![The query for the 1-SPSEEK SystemScans Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spseeksystemscansquery.webp) + +The query for the 1-SPSEEK SystemScans Job is: + +- SharePoint Scan – Scans SharePoint for sensitive content + +### Configure the Query for the 1-SPSEEK_SystemScans Job + +The 1-SPSEEK_SystemScans Job has been preconfigured to run with the default settings using the SPAA +Data Collector category of Scan for Sensitive Content, which is not visible within the SharePoint +Access Auditor Data Collector Wizard when opened from within this job. + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > +**1-SPSEEK_SystemScans** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. + +![SharePoint Data Collection Settings](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/datacollectionsettingsspseek.webp) + +**Step 4 –** On the +[SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/settings.md) +page, customize as desired and click **Next**. + +![Scan Scoping Options](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.webp) + +**Step 5 –** On the +[SPAA: Scan Scoping Options](/docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.md) +page, no web applications or site collections have been added. If desired, limit the scope of the +scan to specific web applications or site collections. Click **Next**. + +![Additional Scoping](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/additionalscopingspseek.webp) + +**Step 6 –** On the +[SPAA: Additional Scoping](/docs/accessanalyzer/11.6/admin/datacollector/spaa/additionalscoping.md) +page, **Limit scanned depth to:** is selected with the default set at **2** levels. Customize this +setting as desired and click **Next**. + +![Agent Settings](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/windowsagent.webp) + +**Step 7 –** On the +[SPAA: Agent Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/agentsettings.md) +page, use the default settings unless an agent scan mode is desired. Click **Next**. + +![DLP Audit Settings](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/dlpauditsettingsspseek.webp) + +**Step 8 –** On the +[SPAA: DLP Audit Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/dlpauditsettings.md) +page, the default setting is to **Don’t process files larger than: 2 MB** and to **Scan typical +documents (recommended, fastest)**. These settings can be customized to adjust for scan time or +database size. Click **Next**. + +**NOTE:** The typical documents for this setting are files with the following extensions: .doc, +.docx, .msg, .odt, .pages, .rtf, .wpd, .wps, .abw, .bib, .dotx, .eml, .fb2, .fdx, .gdoc, .lit, .sig, +.sty, .wps, .wpt, .yml, .tex, .pdf, .csv, .xlr, .xls, .xlsx, .gsheet, .nb, .numbers, .ods, .qpw, +.sdc, .wks, .xlsb, .xltm, .xltx, .aws, .fods, .ots, .rdf, .sxc, .uos, .xlsm, .txt + +![Select DLP Criteria Page of the SPAA Data Collector Wizard](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp) + +**Step 9 –** On the +[SPAA: Select DLP Criteria](/docs/accessanalyzer/11.6/admin/datacollector/spaa/selectdlpcriteria.md) +page, add or remove criteria as desired by either manually selecting criteria or using the **Select +All** and **Clear All** buttons. Click **Next**. _(Optional)_ To create custom criteria, see the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +**CAUTION:** Do not configure the options on the Results page. + +**Step 10 –** On the Results page, all Available Properties are selected by default. Click **Next**. + +**Step 11 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 1-SPSEEK_SystemScans Job has now been customized. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/collection/2-spaa_systemscans.md b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/2-spaa_systemscans.md new file mode 100644 index 0000000000..6c2e2860a8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/2-spaa_systemscans.md @@ -0,0 +1,70 @@ +# 2-SPAA_SystemScans Job + +The job collects information on permissions, users, and groups to determine who has access to each +structural level in the SharePoint farm. + +## Queries for the 2-SPAA_SystemScans Job + +The 2-SPAA_SystemScans Job uses the SharePoint Access Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaasystemscansquery.webp) + +The query for the 2-SPAA_SystemScans Job is: + +- Scan SharePoint – Scans SharePoint systems + +### Configure 2-SPAA_SystemScans Job + +The 2-SPAA_SystemScans Job has been preconfigured to run with the default settings using the SPAA +Data Collector category of Scan SharePoint Access, which is not visible within the SharePoint Access +Auditor Data Collector Wizard when opened from within this job. + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **1-SPAA_SystemScans** > +**Configure** node and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. + +![SharePoint Data Collection Settings](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/datacollectionsettingsspaa.webp) + +**Step 4 –** On the +[SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/settings.md) +page, customize as desired and click **Next**. + +![Scan Scoping Options](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.webp) + +**Step 5 –** On the +[SPAA: Scan Scoping Options](/docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.md) +page, no web applications or site collections have been added. If desired, limit the scope of the +scan to specific web applications or site collections. Click **Next**. + +![Additional Scoping](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/additionalscopingspaa.webp) + +**Step 6 –** On the +[SPAA: Additional Scoping](/docs/accessanalyzer/11.6/admin/datacollector/spaa/additionalscoping.md) +page, **Limit scanned depth to:** is selected with the default set at **2** levels. Customize this +setting as desired and click **Next**. + +![Agent Settings](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/windowsagent.webp) + +**Step 7 –** On the +[SPAA: Agent Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/agentsettings.md) +page, use the default settings unless an agent scan mode is desired. Click **Next**. + +**CAUTION:** Do not configure the options on the Results page. + +**Step 8 –** On the Results page, all Available Properties are selected by default. Click **Next**. + +**Step 9 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 1-SPAA_SystemScans Job has now been customized. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/collection/3-spac_systemscans.md b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/3-spac_systemscans.md new file mode 100644 index 0000000000..23ea24b9b8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/3-spac_systemscans.md @@ -0,0 +1,18 @@ +# 3-SPAC_SystemScans Job + +The job collects information on activity, users, and groups to determine who has performed activity +in each structural level in the SharePoint farm. + +## Queries for the 3-SPAC_SystemScans Job + +The 3-SPAC_SystemScans Job has been preconfigured to run with the default settings using the SPAA +Data Collector category of Scan SharePoint Activity, which is not visible within the SharePoint +Access Auditor Data Collector Wizard when opened from within this job. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spacsystemscansquery.webp) + +The query for the 3-SPAC_SystemScans Job is: + +- System Scan – Scans for SharePoint activity diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/collection/4-spseek_bulkimport.md b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/4-spseek_bulkimport.md new file mode 100644 index 0000000000..33b883ca39 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/4-spseek_bulkimport.md @@ -0,0 +1,71 @@ +# 4-SPSEEK_BulkImport Job + +This job is responsible for retrieving the Tier 2 SPDLP database information and importing it to the +SQL Server where Enterprise Auditor stores data. + +## Queries for the 4-SPSEEK_BulkImport Job + +The 4-SPSEEK Bulk Import Job uses the SharePoint Access Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spseekbulkimportquery.webp) + +The query for the 4-SPSEEK Bulk Import Job is: + +- Bulk Import – Imports scan data into the SQL Server + +### Configure 4-SPSEEK_BulkImport Job + +The 4-SPSEEK_BulkImport Job has been preconfigured to run with the default settings with the SPAA +Data Collector category of **Bulk Import Sensitive Content Scan Results**, which is not visible +within the SharePoint Access Auditor Data Collector Wizard when opened from within this job. Follow +the steps to set any desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > +**4-SPSEEK_BulkImport** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. + +![Bulk Import Settings](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.webp) + +**Step 4 –** On the +[SPAA: Bulk Import Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.md) +page, the **Set Host Identifier** is not configured by default. Click **Next**. + +**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host +Identifier** seed. + +**CAUTION:** Do not configure the options on the Results page. + +**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. + +**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 4-SPSEEK_BulkImport Job has now been customized. + +## Analysis Tasks for 4-SPSEEK_BulkImport Job + +Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **4-SPSEEK_BulkImport** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the +selected analysis tasks. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spseekbulkimportanalysis.webp) + +The default analysis tasks are: + +- 1. Update data types – Enterprise Auditor uses custom SQL data types to render data. This + analysis creates updates to those data types. +- 2. Import new functions (for SA Core) – Creates functions used in the SharePoint Solution +- 3. Import new functions (for SA SPAA) – Creates functions used in the SharePoint Solution +- 4. Create exception schema – Creates the SA_SPAA_Exceptions table +- 5. Create DLP views – Creates the SA_SPDLP_MatchesView +- 6. Create exceptions view – Creates the SA_SPAA_ExceptionsView + +The following analysis task is not selected by default, but can be enabled: + +- Display Match Hits – Displays the SA_SPDLP_MatchesHitsView within Enterprise Auditor. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/collection/5-spaa_bulkimport.md b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/5-spaa_bulkimport.md new file mode 100644 index 0000000000..58c53ce783 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/5-spaa_bulkimport.md @@ -0,0 +1,68 @@ +# 5-SPAA_BulkImport Job + +This job is responsible for retrieving the SPAA Tier 2 database information and import it to the +Enterprise Auditor SQL database. + +## Queries for the 5-SPAA_BulkImport Job + +The 5-SPAA_BulkImport Job uses the SharePoint Access Data Collector for the following query: + +![spaabulkimportquery](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaabulkimportquery.webp) + +The query for the 5-SPAA_BulkImport Job is: + +- Bulk Import – Imports scan data into the SQL Server + +### Configure 5-SPAA_BulkImport Job + +The 5-SPAA_BulkImport Job has been preconfigured to run with the default settings with the SPAA Data +Collector category of Bulk Import Access Scan Results, which is not visible within the SharePoint +Access Auditor Data Collector Wizard when opened from within this job. Follow the steps to set any +desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAA_BulkImport** > +**Configure** node and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. + +![Bulk Import Settings](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.webp) + +**Step 4 –** On the +[SPAA: Bulk Import Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.md) +page, the **Set Host Identifier** is not configured by default. Click **Next**. + +**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host +Identifier** seed. + +**CAUTION:** Do not configure the options on the Results page. + +**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. + +**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 5-SPAA_BulkImport Job has now been customized. + +## Analysis Tasks for 5-SPAA_BulkImport Job + +Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAA_BulkImport** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the +selected analysis tasks. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaabulkimportanalysis.webp) + +The default analysis tasks are: + +- 0. TryConvert for UniqueIdentifiers – Simulates Try_Convert functionality for SQL Server 2008 + and below +- 1. Update data types – Enterprise Auditor uses custom SQL data types to render data. This + analysis creates updates to those data types. +- 2. Import new functions (for SA Core) – Creates functions used in the SharePoint Solution +- 3. Import new functions (for SA SPAA) – Creates functions used in the SharePoint Solution +- 4. Create exception schema – Creates the SA_SPAA_Exceptions table +- 5. Create views – Creates views visible through the Results node diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/collection/6-spac_bulkimport.md b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/6-spac_bulkimport.md new file mode 100644 index 0000000000..0e92dd7f72 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/6-spac_bulkimport.md @@ -0,0 +1,62 @@ +# 6-SPAC_BulkImport Job + +This job is responsible for retrieving the SPAC Tier 2 database information and import it to the +Enterprise Auditor SQL database. + +## Queries for the 6-SPAC_BulkImport Job + +The 6-SPAC_BulkImport Job uses the SharePoint Access Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spacbulkimportquery.webp) + +The query for the 6-SPAC_BulkImport Job is: + +- Bulk Import – Imports scan data into the SQL Server + +### Configure the Query for the 6-SPAC_BulkImport Job + +The 6-SPAC_BulkImport Job has been preconfigured to run with the default settings with the category +of Bulk Import SharePoint Activity Scan Results, which is not visible within the SharePoint Access +Auditor Data Collector Wizard when opened from within this job. Follow the steps to set any desired +customizations. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAC_BulkImport** > +**Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. + +![Bulk Import Settings](/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.webp) + +**Step 4 –** On the +[SPAA: Bulk Import Settings](/docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.md) +page, the **Set Host Identifier** is not configured by default. Click **Next**. + +**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host +Identifier** seed. + +**CAUTION:** Do not configure the options on the Results page. + +**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. + +**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 6-SPAC_BulkImport Job has now been customized. + +## Analysis Tasks for 2-SPAC_BulkImport Job + +Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **6-SPAC_BulkImport** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the +selected analysis tasks. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spacbulkimportanalysis.webp) + +The default analysis tasks are: + +- 1. Create Event Name Table – Creates the SA_SPAC_EventNames table associated with SPAC +- 2. Create Views – Creates the views associated with SPAC diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md new file mode 100644 index 0000000000..8a21a3e617 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md @@ -0,0 +1,353 @@ +# 0.Collection Job Group + +The **SharePoint** > **0.Collection** Job Group is designed to collect information from SharePoint +farms using the SPAA Data Collector. The collected data is then available to other SharePoint +Solution sub-job groups and the Access Information Center for analysis. + +![0.Collection Job Group](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 0.Collection Job Group are: + +- [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/1-spseek_systemscans.md) + – Responsible for building the Tier2 SPDLP database repositories, which contain information + regarding sensitive content that exists within SharePoint +- [2-SPAA_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/2-spaa_systemscans.md) + – Collects information on permissions, users, and groups to determine who has access to each + structural level in the SharePoint farm +- [3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/3-spac_systemscans.md) + – Collects information on activity, users, and groups to determine who has performed activity in + each structural level in the SharePoint farm +- [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/4-spseek_bulkimport.md) + – Responsible for retrieving the Tier 2 SPDLP database information and importing it to the SQL + Server where Enterprise Auditor stores data +- [5-SPAA_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/5-spaa_bulkimport.md) + – Responsible for retrieving the SPAA Tier 2 Database information and importing it to the + Enterprise Auditor SQL database +- [6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/6-spac_bulkimport.md) + – Responsible for retrieving the SPAC Tier 2 Database information and importing it to the + Enterprise Auditor SQL database +- [7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md) + – Searches scanned data for resources that match high risk conditions, retrieving a summary of + SharePoint exceptions per host + +Additionally, the jobs in the 0.Collection Job Group are organized into the following collection +components: + +- SharePoint Access Auditing (SPAA) – The SharePoint Access Auditing (SPAA) component is the primary + component of this group and collects SharePoint information with the SPAA Data Collector, such as + permissions and content metadata. It employs the 2-SPAA_SystemScans Job, the 5-SPAA_BulkImport + Job, and the 7-SPAA_Exceptions Job. See the + [SharePoint Access Auditing](#sharepoint-access-auditing) topic for additional information. If + using agent-based scanning, this component requires an additional installer package before data + collection will occur. +- SharePoint Activity Auditing (SPAC) – The SharePoint Activity Auditing (SPAC) component collects + event information from the Enterprise Auditor Activity Monitor log files with the SPAA Data + Collector. It employs the 3-SPAC_SystemScans Job and the 6-SPAC_BulkImport Job. See the + [SharePoint Activity Auditing](#sharepoint-activity-auditing) topic for additional information. +- SharePoint Sensitive Data Discovery Auditing (SEEK) – The SharePoint Sensitive Data Discovery + Auditing (SEEK) component searches file content for sensitive data. It also collects permission + information; therefore, it does not need to be run with the SPAA component. This component employs + the 1-SPSEEK_SystemScans Job, the 5-SPAA_BulkImport Job, the 4-SPSEEK_BulkImport Job, and the + 7-SPAA_Exceptions Job. This component requires an additional installer package before data + collection will occur. See the + [SharePoint Sensitive Data Discovery Auditing (SEEK)](#sharepoint-sensitive-data-discovery-auditing-seek) + topic for additional information. + +These jobs are numbered to keep them in the necessary run order. Not all jobs need be run. See the +appropriate auditing section for specific job relationships and recommended workflows. + +The relationship between system scans and bulk import jobs requires the following considerations: + +- A system scans job executed from a Enterprise Auditor Console must be followed by the + corresponding bulk import job from the same Enterprise Auditor Console with the same version of + Enterprise Auditor +- Two system scans processing the same information, for example two **2-SPAA_SystemScans** jobs, + cannot be executed consecutively against the same target host. The corresponding bulk import job, + for example. **5-SPAA_BulkImport**, must be executed in between. + +The system scans job collects the data and creates a Tier-2 database, or SQLite database, on the +local host or the host where the SharePoint Agent was installed (according to the scan method +configured). The corresponding bulk import job gathers the information from the Tier-2 database, and +pulls it into the Enterprise Auditor SQL backend database, thus completing the collection process. + +## SharePoint Access Auditing + +Access Auditing (SPAA) is the primary component of the 0.Collection Job Group. It collects +information on permissions, users, and groups to determine who has access to each structural level +in the SharePoint farm, on-premises and online, using the SPAA Data Collector. The jobs, tables, and +views specifically incorporated into this component are prefaced with `SPAA`. See the +SharePointAccess Data Collector +[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/spaa/standardtables.md) +topic for additional information on the data collected. + +The 0.Collection jobs that comprise this auditing component are: + +- [2-SPAA_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/2-spaa_systemscans.md) + – Collects information on permissions, users, and groups to determine who has access to each + structural level in the SharePoint farm +- [5-SPAA_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/5-spaa_bulkimport.md) + – Responsible for retrieving the SPAA tier 2 database information and import it to the Enterprise + Auditor SQL database +- [7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md) + – Searches scanned data for resources that match high risk conditions, retrieving a summary of + SharePoint exceptions per host + +The following job groups +and[SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_overview.md) +jobs in the SharePoint Solution depend on data collected by these jobs to generate reports: + +- [1.Direct Permissions Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/overview.md) +- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_openaccess.md) +- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_brokeninheritance.md) +- [4.Content Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/content/overview.md) +- [Effective Access Audits Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/overview.md) +- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_probableowner.md) +- [SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_overview.md) + +The SharePoint Sensitive Data Discovery Reports in the Access Information Center are also populated +by this data. See the SharePoint Reports topics in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +See the +[Recommended Configuration for the SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/recommended.md) +topic for other Runtime Details. + +Workflow + +**Step 1 –** Run +[2-SPAA_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/2-spaa_systemscans.md). + +**Step 2 –** Run +[5-SPAA_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/5-spaa_bulkimport.md). + +**Step 3 –** Run +[7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md). + +**Step 4 –** Run desired corresponding analysis and reporting sub-job groups. + +Please see the +[Recommended Configuration for the SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/recommended.md) +topic before continuing with this workflow. + +**_RECOMMENDED:_** Scope the 0.Collection Job Group to only include the collection components +desired by disabling the undesired collection jobs. Disabling them allows the solution to run more +efficiently. It is not recommended to delete any jobs. See the +[Disable or Enable a Job](/docs/accessanalyzer/11.6/admin/jobs/job/disableenable.md) +topic for additional information. + +## SharePoint Activity Auditing + +Activity Auditing (SPAC) is the component of the 0.Collection Job Group that collects information on +activity, users, and groups to determine who has performed activity in each structural level in the +SharePoint on-premises farm, or SharePoint online tenant, using the SPAA Data Collector. The jobs +and tables specifically incorporated into this component are prefaced with SPAC. See the +[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/spaa/standardtables.md) +topic for additional information on the data collected. + +The Access Auditing components must be run in order to create the tables in the database for the +SPAC component to use. Either the SPAA or SEEK Scan job, run to at least a 0-level scan depth (and +the corresponding Bulk Import job) can be used to create these tables. Once an initial 0-level SPAA +or SPSEEK scan job and corresponding Bulk Import have been run against a particular SharePoint On +Prem farm or SharePoint Online tenant, SPAA or SPSEEK Scan jobs can be run concurrently with SPAC +Scan and Bulk Import jobs as needed. + +The 0.Collection jobs that comprise this auditing component are: + +- [3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/3-spac_systemscans.md) + – Collects information on activity, users, and groups to determine who has perform activity in + each structural level in the SharePoint farm +- [6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/6-spac_bulkimport.md) + – Responsible for retrieving the SPAC tier 2 database information and import it to the Enterprise + Auditor SQL data base + +The +[SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_overview.md) +and +[7.Activity Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/activity/overview.md) +in the SharePoint Solution uses the data collected by these jobs to generate reports. + +The SharePoint Activity Reports in the Access Information Center are also populated by this data. +See the SharePoint Reports topics in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +Recommended Workflow 1 (for Access & Activity Auditing) + +**Step 1 –** Run +[2-SPAA_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/2-spaa_systemscans.md). + +**Step 2 –** Run +[3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/3-spac_systemscans.md). + +**Step 3 –** Run +[5-SPAA_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/5-spaa_bulkimport.md). + +**Step 4 –** Run +[6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/6-spac_bulkimport.md). + +**Step 5 –** Run +[7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md). + +**Step 6 –** Run desired corresponding analysis and reporting sub-job groups. + +**NOTE:** Once an initial 2-SPAA SystemScans job (scoped to at least 0-level depth) and the +corresponding 5-SPAA Bulk Import job have been run, then the SPAA Scans can be run concurrently with +SPAC Scans and Bulk Import jobs as desired. + +Recommended Workflow 2 (for Access, Sensitive Data Discovery & Activity Auditing) + +**CAUTION:** The jobs must be run in the order shown. It is not possible to disable the +1-SPAA_SystemScan and 2-SPAA_BulkImport jobs and run the 0.Collection Job Group because the +remaining jobs are in the wrong order. Renaming the jobs is not an option. + +**Step 1 –** Install the Sensitive Data Discovery Add-on on the Enterprise Auditor Console (once +only). + +**Step 2 –** Run +[1-SPSEEK_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/1-spseek_systemscans.md). + +**Step 3 –** Run +[3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/3-spac_systemscans.md). + +**Step 4 –** Run +[4-SPSEEK_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/4-spseek_bulkimport.md). + +**Step 5 –** Run +[6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/6-spac_bulkimport.md). + +**Step 6 –** Run +[7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md). + +**Step 7 –** Run desired corresponding analysis and reporting sub-job groups. + +**NOTE:** Once an initial 1-SPSEEK SystemScans job (scoped to at least 0-level depth) and the +corresponding 4-SPSEEK Bulk Import job have been run, then the SPSEEK Scans jobs can be run +concurrently with the SPAC Scans and the Bulk Import jobs as desired. + +Optional Workflow (for Activity Auditing Only) + +**Step 1 –** Run +[3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/3-spac_systemscans.md). + +**Step 2 –** Run +[6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/6-spac_bulkimport.md). + +**Step 3 –** Run desired corresponding analysis and reporting sub-job groups. + +**NOTE:** Please see the +[Recommended Configuration for the SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/recommended.md) +topic before continuing with this workflow. + +**_RECOMMENDED:_** Scope the 0.Collection Job Group to only include the collection components +desired by disabling the undesired collection jobs. Disabling them allows the solution to run more +efficiently. It is not recommended to delete any jobs. See the +[Disable or Enable a Job](/docs/accessanalyzer/11.6/admin/jobs/job/disableenable.md) +topic for additional information. + +## SharePoint Sensitive Data Discovery Auditing (SEEK) + +Sensitive Data Discovery Auditing (SEEK) is the component of the 0.Collection Job Group that +searches file content for sensitive data. It also collects information on permissions, users, and +groups to determine who has access to each structural level in the SharePoint farm, on-premises and +online, using the SPAA Data Collector. The jobs for this component are prefaced with `SPSEEK`. The +tables and views are prefaced with `SPDLP`. See the +[SharePoint Sensitive Data Discovery Auditing Tables & Views](/docs/accessanalyzer/11.6/admin/datacollector/spaa/standardtables.md) +topic for additional information on the data collected. + +**NOTE:** The Sensitive Data Discovery Auditing (SEEK) component is an add-on to the SharePoint +Solution. Though the jobs are visible within the console, it requires an additional installer +package before data collection will occur. See the +[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/install/sensitivedatadiscovery/overview.md) +topic for additional information. + +Customized search criteria can be created with the Criteria Editor accessible through the +[SPAA: Select DLP Criteria](/docs/accessanalyzer/11.6/admin/datacollector/spaa/selectdlpcriteria.md) +page of the SharePoint Access Auditor Data Collector Wizard. See the +[Sensitive Data](/docs/accessanalyzer/11.6/admin/settings/sensitivedata/overview.md) +topic for additional information. + +The 0.Collection jobs that comprise this auditing component are: + +- [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/1-spseek_systemscans.md) + – Responsible for building the Tier2 SPDLP database repositories, which contain information + regarding sensitive content that exists within SharePoint +- [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/4-spseek_bulkimport.md) + – Responsible for retrieving the Tier 2 SPDLP database information and importing it to the SQL + Server where Enterprise Auditor stores data +- [7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md) + – Searches scanned data for resources that match high risk conditions, retrieving a summary of + SharePoint exceptions per host + +The following job groups +and[SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_overview.md) +jobs in the SharePoint Solution depend on data collected by these jobs to generate reports: + +- [1.Direct Permissions Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/overview.md) +- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_openaccess.md) +- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_brokeninheritance.md) +- [4.Content Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/content/overview.md) +- [Effective Access Audits Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/overview.md) +- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_probableowner.md) +- [6.Sensitive Data > SP_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_sensitivedata.md) +- [SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_overview.md) + +The SharePoint Sensitive Data Discovery Reports in the Access Information Center are also populated +by this data. See the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +Recommended Workflow 1 (for Access & Sensitive Data Discovery Auditing) + +**Step 1 –** Install the Sensitive Data Discovery Add-on on the Enterprise Auditor Console, and on +the SharePoint application server when applicable (once only). + +**Step 2 –** Run +[1-SPSEEK_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/1-spseek_systemscans.md). + +**Step 3 –** Run +[4-SPSEEK_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/4-spseek_bulkimport.md). + +**Step 4 –** Run +[7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md). + +**Step 5 –** Run desired corresponding analysis and reporting sub-job groups. + +Recommended Workflow 2 (for Access, Sensitive Data Discovery & Activity Auditing) + +**CAUTION:** The jobs must be run in the order shown. It is not possible to disable the +2-SPAA_SystemScan and 5-SPAA_BulkImport jobs and run the 0.Collection Job Group because the +remaining jobs are in the wrong order. Renaming the jobs is not an option. + +**Step 1 –** Install the Sensitive Data Discovery Add-on the Enterprise Auditor Console (once only). + +**Step 2 –** Run +[1-SPSEEK_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/1-spseek_systemscans.md). + +**Step 3 –** Run +[3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/3-spac_systemscans.md). + +**Step 4 –** Run +[4-SPSEEK_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/4-spseek_bulkimport.md). + +**Step 5 –** Run +[6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/6-spac_bulkimport.md). + +**Step 6 –** Run +[7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md). + +**Step 7 –** Run desired corresponding analysis and reporting sub-job groups. + +**NOTE:** Once an initial 1-SPSEEK SystemScans job (scoped to at least 0-level depth) and the +corresponding 4-SPSEEK Bulk Import job have been run, then the SPSEEK Scans can be run concurrently +with the SPAC Scans and the Bulk Import jobs as desired. + +**NOTE:** Please see the +[Recommended Configuration for the SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/recommended.md) +topic before continuing with this workflow. + +**_RECOMMENDED:_** Scope the 0.Collection Job Group to only include the collection components +desired by disabling the undesired collection jobs. Disabling them allows the solution to run more +efficiently. It is not recommended to delete any jobs. See the +[Disable or Enable a Job](/docs/accessanalyzer/11.6/admin/jobs/job/disableenable.md) +topic for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md new file mode 100644 index 0000000000..806fcc672b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions-7.md @@ -0,0 +1,62 @@ +# 7-SPAA_Exceptions Job + +This job searches scanned data for resources that match high risk conditions and retrieving a +summary of SharePoint exceptions per host. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The 7-SPAA_Exceptions page has the following configurable parameters: + +- #opengroups – High-risk groups such as those known to be sensitive or open can be added + + **NOTE:** Groups must be entered exactly as they are listed in SA_SPAA_Trustees. Copy and paste + the Group name as it appears in the Name Column. + +See the +[Customizable Analysis Tasks for the 7-SPAA_Exceptions Job](#customizable-analysis-tasks-for-the-7-spaa_exceptions-job) +for additional information. + +## Analysis Tasks 7-SPAA_Exceptions Job + +The 3-SPAA_Exceptions Job does not use the SPAA Data Collector. Instead it runs analysis on the data +returned by the 2-SPAA_BulkImport Job. View the analysis tasks by navigating to the **Jobs** > +**SharePoint** > **0.Collection** > **3-SPAA_Exceptions** > **Configure** node and select +**Analysis**. + +**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the +selected analysis tasks. + +![Analysis Selection](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaaexceptionsanalysis.webp) + +The default analysis tasks are: + +- Open resources – Any site collections, sites, libraries, lists, or folders that are openly + accessible. Can be deselected if open resource information is not desired. + + - This analysis task contains a configurable parameter: `#opengroups` + +- Disabled users – Any site collections, sites, libraries, lists, or folders where disabled users + have been granted access. Can be deselected if disabled user information is not desired. +- Stale users – Any site collections, sites, libraries, lists, or folders where stale users have + been granted access. Stale users are user who have not logged in for more than 120 days. Can be + deselected if stale user information is not desired. +- Unresolved SID – Matches SIDs to .Active Directory Inventory Job Group data to resolve for those + users using legacy SIDS or deleted users. +- Show view – Displays views within the Results node of the Enterprise Auditor Console. + +### Customizable Analysis Tasks for the 7-SPAA_Exceptions Job + +The default values for customizable parameters are: + +| Analysis Task | Customizable Parameter Name | Default Value | Instruction | +| -------------- | --------------------------- | ------------- | -------------------------------------------------------------------------------------------------------------------------------------- | +| Open resources | #opengroups | Empty | Groups must be entered exactly as they are listed in SA_SPAA_Trustees. Copy and paste the Group name as it appears in the Name Column. | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +for additional information. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions.md b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions.md new file mode 100644 index 0000000000..85814e1bd8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaa_exceptions.md @@ -0,0 +1,6 @@ +# SPAA_Exceptions Job + +This job handles SharePoint exceptions. For information on configuring customizable parameters, see +the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/content-analysis.md b/docs/accessanalyzer/11.6/solutions/sharepoint/content-analysis.md deleted file mode 100644 index 7d93a3f004..0000000000 --- a/docs/accessanalyzer/11.6/solutions/sharepoint/content-analysis.md +++ /dev/null @@ -1,108 +0,0 @@ -# 4.Content Job Group - -This group provides insight into content stored across SharePoint farms in order to help more -efficiently manage that content. It will provide information on the content taking up the most -space, the content that has not been accessed for extended periods of time, and additional data -describing SharePoint content and the configuration of the repositories such as lists and libraries -which store that content. - -![4.Content Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/content/contentjobstree.webp) - -The 4.Content Job Group is comprised of: - -- [SP_LargestFiles Job](/docs/accessanalyzer/11.6/solutions/sharepoint/content-analysis.md) - – Identifies the largest files across SharePoint farms. Changes to a document or its metadata - create new versions that result in added storage. It is therefore important to manage file size - and control versioning. Report includes file names, URLs, total file size, versions, and version - size, along with file owner and file editor information. -- [SP_StaleFiles Job](/docs/accessanalyzer/11.6/solutions/sharepoint/content-analysis.md) - – Identifies files that have been modified in at least a year across SharePoint farms. This aids - administrators and users in cleaning up or archiving old and unchanged files to help maintain a - clean and healthy SharePoint environment. Report includes files, their last modified time, total - file size, versions and version size, along with file owner and file editor information. - -# SP_LargestFiles Job - -The SP_LargestFiles Job identifies the largest files across SharePoint farms. Changes to a document -or its metadata create new versions that result in added storage. It is therefore important to -manage file size and control versioning. Report includes file names, URLs, total file size, -versions, and version size, along with file owner and file editor information. - -## Analysis Tasks for the SP_LargestFiles Job - -Navigate to the **Jobs** > **SharePoint** > **4.Content** > **SP_LargestFiles** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_LargestFiles Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/content/largestfilesanalysis.webp) - -The default analysis task is: - -- Identify Large Files – Creates the SA_SP_LargestFiles_Details table accessible under the job’s - Results node - -In addition to the table created by the analysis task which displays the largest file resources, the -SP_LargestFiles Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Largest Files | This report identifies where the largest files, including versions, are stored. | None | This report is comprised of three elements: - Bar Chart – Displays largest files - Table – Provides a summary of the largest sites - Table – Provides details on largest files | - -# SP_StaleFiles Job - -The SP_StaleFiles Job identifies files that have not been modified in at least a year across -SharePoint farms. This aids administrators and users in cleaning up or archiving old and unchanged -files to help maintain a clean and healthy SharePoint environment. Report includes files, their last -modified time, total file size, versions and version size, along with file owner and file editor -information. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The SP_StaleFiles page has the following configurable parameters: - -- Days since last modification to be considered stale - -See the -[Customizable Analysis Tasks for the SP_StaleFiles Job](#customizable-analysis-tasks-for-the-sp_stalefiles-job) -for additional information. - -## Analysis Tasks for the SP_StaleFiles Job - -Navigate to the **Jobs** > **SharePoint** > **4.Content** > **SP_StaleFiles** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. Only the `@stale` parameter can be configured for the analysis task. - -![Analysis Tasks for the SP_StaleFiles Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/content/stalefilesanalysis.webp) - -The default analysis task is: - -- Stale File Details – Creates the SA_SP_StaleFiles_Details table accessible under the job’s Results - node - - - This analysis task contains a configurable parameter: `@stale`. See the - [Customizable Analysis Tasks for the SP_StaleFiles Job](#customizable-analysis-tasks-for-the-sp_stalefiles-job) - topic for additional information. - -In addition to the table created by the analysis task which displays the stale file resources, the -SP_StaleFiles Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | -------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Files | This report identifies the files which have not been modified in the longest amount of time. | Stale Data | This report is comprised of three elements: - Bar Chart – Provides a comparison of stale vs active content - Bar Chart – Displays top 5 Sites by Stale Data (GB) - Table – Provides details on stale files | - -### Customizable Analysis Tasks for the SP_StaleFiles Job - -The default values for customizable parameters are: - -| Analysis Task | Customizable Parameter Name | Default Value | Instruction | -| ------------------ | --------------------------- | ------------- | ------------------------------------------------------------------------ | -| Stale File Details | @stale | 365 | Determines days since last modification that files are considered stale. | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/content/overview.md b/docs/accessanalyzer/11.6/solutions/sharepoint/content/overview.md new file mode 100644 index 0000000000..03b2fd3d20 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/content/overview.md @@ -0,0 +1,22 @@ +# 4.Content Job Group + +This group provides insight into content stored across SharePoint farms in order to help more +efficiently manage that content. It will provide information on the content taking up the most +space, the content that has not been accessed for extended periods of time, and additional data +describing SharePoint content and the configuration of the repositories such as lists and libraries +which store that content. + +![4.Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/content/contentjobstree.webp) + +The 4.Content Job Group is comprised of: + +- [SP_LargestFiles Job](/docs/accessanalyzer/11.6/solutions/sharepoint/content/sp_largestfiles.md) + – Identifies the largest files across SharePoint farms. Changes to a document or its metadata + create new versions that result in added storage. It is therefore important to manage file size + and control versioning. Report includes file names, URLs, total file size, versions, and version + size, along with file owner and file editor information. +- [SP_StaleFiles Job](/docs/accessanalyzer/11.6/solutions/sharepoint/content/sp_stalefiles.md) + – Identifies files that have been modified in at least a year across SharePoint farms. This aids + administrators and users in cleaning up or archiving old and unchanged files to help maintain a + clean and healthy SharePoint environment. Report includes files, their last modified time, total + file size, versions and version size, along with file owner and file editor information. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/content/sp_largestfiles.md b/docs/accessanalyzer/11.6/solutions/sharepoint/content/sp_largestfiles.md new file mode 100644 index 0000000000..2e5d0e9502 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/content/sp_largestfiles.md @@ -0,0 +1,28 @@ +# SP_LargestFiles Job + +The SP_LargestFiles Job identifies the largest files across SharePoint farms. Changes to a document +or its metadata create new versions that result in added storage. It is therefore important to +manage file size and control versioning. Report includes file names, URLs, total file size, +versions, and version size, along with file owner and file editor information. + +## Analysis Tasks for the SP_LargestFiles Job + +Navigate to the **Jobs** > **SharePoint** > **4.Content** > **SP_LargestFiles** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_LargestFiles Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/content/largestfilesanalysis.webp) + +The default analysis task is: + +- Identify Large Files – Creates the SA_SP_LargestFiles_Details table accessible under the job’s + Results node + +In addition to the table created by the analysis task which displays the largest file resources, the +SP_LargestFiles Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Largest Files | This report identifies where the largest files, including versions, are stored. | None | This report is comprised of three elements: - Bar Chart – Displays largest files - Table – Provides a summary of the largest sites - Table – Provides details on largest files | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/content/sp_stalefiles.md b/docs/accessanalyzer/11.6/solutions/sharepoint/content/sp_stalefiles.md new file mode 100644 index 0000000000..0db7ac27b8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/content/sp_stalefiles.md @@ -0,0 +1,56 @@ +# SP_StaleFiles Job + +The SP_StaleFiles Job identifies files that have not been modified in at least a year across +SharePoint farms. This aids administrators and users in cleaning up or archiving old and unchanged +files to help maintain a clean and healthy SharePoint environment. Report includes files, their last +modified time, total file size, versions and version size, along with file owner and file editor +information. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The SP_StaleFiles page has the following configurable parameters: + +- Days since last modification to be considered stale + +See the +[Customizable Analysis Tasks for the SP_StaleFiles Job](#customizable-analysis-tasks-for-the-sp_stalefiles-job) +for additional information. + +## Analysis Tasks for the SP_StaleFiles Job + +Navigate to the **Jobs** > **SharePoint** > **4.Content** > **SP_StaleFiles** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. Only the `@stale` parameter can be configured for the analysis task. + +![Analysis Tasks for the SP_StaleFiles Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/content/stalefilesanalysis.webp) + +The default analysis task is: + +- Stale File Details – Creates the SA_SP_StaleFiles_Details table accessible under the job’s Results + node + + - This analysis task contains a configurable parameter: `@stale`. See the + [Customizable Analysis Tasks for the SP_StaleFiles Job](#customizable-analysis-tasks-for-the-sp_stalefiles-job) + topic for additional information. + +In addition to the table created by the analysis task which displays the stale file resources, the +SP_StaleFiles Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | -------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Files | This report identifies the files which have not been modified in the longest amount of time. | Stale Data | This report is comprised of three elements: - Bar Chart – Provides a comparison of stale vs active content - Bar Chart – Displays top 5 Sites by Stale Data (GB) - Table – Provides details on stale files | + +### Customizable Analysis Tasks for the SP_StaleFiles Job + +The default values for customizable parameters are: + +| Analysis Task | Customizable Parameter Name | Default Value | Instruction | +| ------------------ | --------------------------- | ------------- | ------------------------------------------------------------------------ | +| Stale File Details | @stale | 365 | Determines days since last modification that files are considered stale. | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/overview.md b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/overview.md new file mode 100644 index 0000000000..2c2d021b92 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/overview.md @@ -0,0 +1,37 @@ +# 1.Direct Permissions Job Group + +The **SharePoint** > **1.Direct Permissions** Job Group provides insight into how directly applied +permissions are configured within the targeted SharePoint environment. It is dependent on data +collected by the +[SharePoint Access Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md#sharepoint-access-auditing) +or +[SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md#sharepoint-sensitive-data-discovery-auditing-seek) +components of the +[0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md). +The jobs which comprise the 1.Direct Permissions Job Group process analysis tasks and generate +reports. + +![1.Direct Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The 1.Direct Permissions Job Group is comprised of: + +- [SP_DomainUsers Job](/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_domainusers.md) + – Identifies locations where there are domain users directly applied on permissions. Best + practices dictate that groups should be used to provide access to resources. +- [SP_EmptyDomainGroupPerms Job](/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_emptydomaingroupperms.md) + – Identifies empty security groups with directly assigned permissions to resources, these groups + should be deleted from SharePoint farms, where found. Inadvertent changes to group membership may + open up unwanted access. +- [SP_HighRiskPermissions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_highriskpermissions.md) + – Identifies where Authenticated Users, Everyone Except External Users, Anonymous Logon, or Domain + users have been directly assigned permissions +- [SP_SiteCollectionPerms Job](/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_sitecollectionperms.md) + – Most content will inherit the permissions configured at the root of the site collection. Having + an understanding of how those permissions are assigned is useful for gaining perspective on the + overall SharePoint permission configuration. +- [SP_StaleUsers Job](/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_staleusers.md) + – Identifies locations where there are stale users directly applied on SharePoint resources. These + permissions can be safely removed. +- [SP_UnresolvedSIDs Job](/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_unresolvedsids.md) + – Identifies Unresolved SIDs that have permissions to any SharePoint resources. Unresolved SIDs + can be safely cleaned up without affecting user access. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_domainusers.md b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_domainusers.md new file mode 100644 index 0000000000..432b9470bc --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_domainusers.md @@ -0,0 +1,30 @@ +# SP_DomainUsers Job + +The SP_DomainUsers Job identifies locations where there are domain users directly applied on +permissions. Best practices dictate that groups should be used to provide access to resources. + +## Analysis Tasks for the SP_DomainUsers Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_DomainUsers** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_DomainUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/domainusersanalysis.webp) + +The default analysis tasks are: + +- 1. Direct Permissions. Shows All Direct User Permissions – Creates the + SA_SP_DomainUsers_DirectPermissions table accessible under the job’s Results node +- 2. Rank Resources by Number of Directly Applied Users – Creates an interim processing table in + the database for use by downstream analysis and report generation +- 3. Rank Domain Users by Number of Direct Assignments – Creates an interim processing table in + the database for use by downstream analysis and report generation + +In addition to the table created by the analysis task which displays all direct user permissions, +the SP_DomainUsers Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Domain User Permissions | This report identifies locations where there are domain users directly applied on permissions. Best practices dictate that groups should be used to provide access to resources. | None | This report is comprised of three elements: - Bar chart – Displays the top 5 resources by directly applied users - Table – Provides details on directly applied users by resource - Table – Provides details on direct permission counts by user | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_emptydomaingroupperms.md b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_emptydomaingroupperms.md new file mode 100644 index 0000000000..ebfb36430d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_emptydomaingroupperms.md @@ -0,0 +1,31 @@ +# SP_EmptyDomainGroupPerms Job + +The SP_EmptyDomainGroupPerms Job identifies empty security groups with directly assigned permissions +to resources, these groups should be deleted from SharePoint farms, where found. Inadvertent changes +to group membership may open up unwanted access. + +## Analysis Tasks for the SP_EmptyDomainGroupPerms Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > +**SP_EmptyDomainGroupPerms** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_EmptyDomainGroupPerms Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp) + +The default analysis tasks are: + +- 1. Find Empty Group Permission – Creates the SA_SP_EmptyDomainGroupPerms_DirectPermissions table + accessible under the job’s Results node +- 2. Find Affected Resource Count per Group – Creates the + SA_SP_EmptyDomainGroupPerms_ResourceCount table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display direct permissions and +resource counts for empty groups, the SP_EmptyDomainGroupPerms Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Empty Domain Group Permissions | This report identifies empty security groups with directly assigned permissions to resources. These groups add no access, and should be deleted from SharePoint farms, where found. Inadvertent changes to group membership may open up unwanted access. | None | This report is comprised of three elements: - Bar chart – Displays the top 5 groups by affected resources - Table – Provides details on permissions - Table – Provides details on top groups by affected resources | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_highriskpermissions.md b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_highriskpermissions.md new file mode 100644 index 0000000000..0e86071bfb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_highriskpermissions.md @@ -0,0 +1,34 @@ +# SP_HighRiskPermissions Job + +The SP_HighRiskPermissions Job identifies where Authenticated Users, Everyone Except External Users, +Anonymous Logon, or Domain users have been directly assigned permissions + +## Analysis Tasks for the SP_HighRiskPermissions Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_HighRiskPermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_HighRiskPermissions Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp) + +The default analysis tasks are: + +- 1. Detailed View – Creates the SA_SP_HighRiskPermissions_Details table accessible under the + job’s Results node +- 2. Permissions Matrix. Resource counts by Permission Level and Trustee – Creates the + SA_SP_HighRiskPermissions_Details table (SP_HighRiskPermissions_Matrix) accessible under the + job’s Results node +- 3.Open Manage Rights – Creates the SA_SP_HighRiskPermissions_ManageRights table accessible under + the job’s Results node +- 4. Pivot Permissions by Resource Type – Creates the + SA_SP_HighRiskPermissions_SiteCollectionSummary table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display information on open resources +from directly applied permissions, the SP_HighRiskPermissions Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| High Risk Permissions | This report shows permissions of Authenticated Users, Anonymous Logon, or Domain users. Applying these trustees to permissions may inadvertently open security holes. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays Open Resources - Table – Provides details on resource counts by permissions and high risk trustees - Table – Provides details top resources with open manage rights | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_sitecollectionperms.md b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_sitecollectionperms.md new file mode 100644 index 0000000000..4415210130 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_sitecollectionperms.md @@ -0,0 +1,35 @@ +# SP_SiteCollectionPerms Job + +Most content will inherit the permissions configured at the root of the site collection. Having an +understanding of how those permissions are assigned is useful for gaining perspective on the overall +SharePoint permission configuration. + +## Analysis Tasks for the SP_SiteCollectionPerms Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_SiteCollectionPerms** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_SiteCollectionPerms Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp) + +They need to remain in the default order: + +- 1. Site Collection Direct Permissions + + - Creates the SA_SP_SiteCollectionPerms_DirectPerms table accessible under the job’s Results + node + - Creates an interim processing table in the database for use by downstream analysis and report + generation + +- 2. Site Collection Details – Creates the SA_SP_SiteCollectionPerms_Details table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks which display direct permissions at the root +of the site collections, the SP_SiteCollectionPerms Job produces the following pre-configured +report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Direct Site Collection Permissions | Most content will inherit the permissions configured at the root of the site collection. Having an understanding of how those permissions are assigned is useful for gaining perspective on the overall SharePoint permission configuration. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 site collections by direct permissions - Table – Provides details on site collections by direct permissions breakdown | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_staleusers.md b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_staleusers.md new file mode 100644 index 0000000000..758cb7aae8 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_staleusers.md @@ -0,0 +1,31 @@ +# SP_StaleUsers Job + +A stale user is defined as either currently disabled within Active Directory, or has not logged onto +the domain for over 90 days. This job will identify locations where there are stale users directly +applied on SharePoint resources. These permissions can be safely removed. + +## Analysis Tasks for the SP_StaleUsers Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_StaleUsers** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_StaleUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/staleusersanalysis.webp) + +The default analysis tasks are: + +- 1. Direct Permissions. Shows all Direct User Permissions – Creates the + SA_SP_StaleUsers_DirectPermissions table accessible under the job’s Results node +- 2. Rank Resources by Number of Stale Users – Creates the SA_SP_StaleUsers_ResourcePermCounts + table accessible under the job’s Results node +- 3. Rank Domain Users by Number of Direct Assignments – Creates the + SA_SP_StaleUsers_UserPermCount table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display direct permissions for stale +users, the SP_StaleUsers Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale User Permissions | A stale user is defined as either currently disabled within Active Directory, or has not logged onto the domain for over 90 days. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 users by affected resources - Table – Provides details on top resource by stale user permissions - Table – Provides details on top stale users by affected resources | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_unresolvedsids.md b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_unresolvedsids.md new file mode 100644 index 0000000000..87e372451a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sp_unresolvedsids.md @@ -0,0 +1,32 @@ +# SP_UnresolvedSIDs Job + +This job identifies Unresolved SIDs that have permissions to any SharePoint resources. Unresolved +SIDs can be safely cleaned up without affecting user access. + +## Analysis Tasks for the SP_UnresolvedSIDs Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_UnresolvedSIDs** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_UnresolvedSIDs Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp) + +They need to remain in the default order: + +- 1. Create Function – Creates an interim processing table in the database for use by downstream + analysis and report generation +- 2. Find Unresolved SID ACLs – Creates the SA_SP_UnresolvedSIDs_DirectPermissions table + accessible under the job’s Results node +- 3. Find Affected Resource Count per SID – Creates the SA_SP_UnresolvedSIDs_ResourceCount table + accessible under the job’s Results node +- 4. Rank Resources by SID Count – Creates the SA_SP_UnresolvedSIDs_DirectPermissions table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display direct permissions for +unresolved SIDs, the SP_UnresolvedSIDs Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Unresolved SID Permissions | Unresolved SIDs can be safely cleaned up without affecting user access. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 unresolved SIDs by affected resources - Table – Provides details on resources with unresolved SIDs applied - Table – Provides details on unresolved SIDs by affected resources | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/overview.md b/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/overview.md new file mode 100644 index 0000000000..cc6fef2ca1 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/overview.md @@ -0,0 +1,22 @@ +# Effective Access Audits Job Group + +This group returns reports identifying specific trustees’ effective access across the entire +SharePoint environment. + +![Effective Access Audits Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The Effective Access Audits Job Group is comprised of: + +- [Scoping > SP_TrusteeAccess Job](/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaccess.md) + – Scopes a list of users to audit their access across the SharePoint environment. This can also be + accomplished by looking users up in the Access Information Center. However, it is recommended to + use this job in scenarios where a report on multiple users’ effective access at once needs to be + generated. +- [SP_TrusteeAudit Job](/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaudit.md) + – Provides functionality similar to the Access Information Center by allowing scoped audits of + users’ access across the environment + +For the SP_TrusteeAccess Job, the host list is set to Local host at the Scoping Job Group level. The +assigned Connection Profile needs to have rights on the Enterprise Auditor Console server to access +the CSV file saved in the job’s directory. The Connection Profile should be set at the **Effective +Access Audits** > **Scoping** > **Settings** > **Connection** node. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaccess.md b/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaccess.md new file mode 100644 index 0000000000..23d6418844 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaccess.md @@ -0,0 +1,49 @@ +# Scoping > SP_TrusteeAccess Job + +The SP_TrusteeAccess job allows you to scope a list of users to audit their access across the +SharePoint environment. You can also accomplish this by looking users up in the Access Information +Center, however you want to utilize this job in scenarios where you want to generate a report on +multiple users’ effective access at once. + +**NOTE:** Trustees can be specified in the `UserScoping.csv` file for the SP_TrusteeAccess Job. See +the +[Configure CSV File for the Query for the SP_TrusteeAccess Job](#configure-csv-file-for-the-query-for-the-sp_trusteeaccess-job) +topic for additional information. + +![Scoping > SP_TrusteeAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp) + +The SP_TrusteeAccess job is located in the Scoping Job Group. + +## Queries for the SP_TrusteeAccess Job + +The SP_TrusteeAccess Job uses the TextSearch Data Collector for the following query: + +![Queries for the SP_TrusteeAccess Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp) + +The default query is: + +- Scoping – Modifies the CSV in the Job Directory. See the + [Configure CSV File for the Query for the SP_TrusteeAccess Job](#configure-csv-file-for-the-query-for-the-sp_trusteeaccess-job) + topic for additional information. + +### Configure CSV File for the Query for the SP_TrusteeAccess Job + +Follow the steps to specify trustees in the `UserScoping.csv` file. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **Effective Access Audits** > **Scoping** > +**SP_TrusteeAccess** Job and right-click on the job. Select **Explore Folder** and the job’s +directory opens. + +![UserScoping.csv in the SP_TrusteeAccess Job folder in File Explorer](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp) + +**Step 2 –** Open the `UserScoping.csv` file with a text editor, for example Notepad. + +![UserScoping.csv file in Notepad](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp) + +**Step 3 –** Enter the trustees using a `Domain\UserName` format. Enter one trustee per row. + +**Step 4 –** Save and close the file. + +The SP_TrusteeAccess Job is now ready to import this list of trustees to scope the Effective Access +Audits Job Group. After job execution, the list of specified trustees will populate the Scope table +accessible under the job’s Results node. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaudit.md b/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaudit.md new file mode 100644 index 0000000000..a18464008b --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaudit.md @@ -0,0 +1,31 @@ +# SP_TrusteeAudit Job + +The SP_TrusteeAudit Job runs analysis tasks and generates a report on effective access of specified +trustees. This job provides functionality similar to the Access Information Center by allowing +scoped audits of user access across the targeted SharePoint environment. + +## Analysis Tasks for the SP_TrusteeAudit Job + +Navigate to the **Jobs** > **SharePoint** > **Effective Access Audits** > **SP_TrusteeAudit** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_TrusteeAudit Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp) + +The default analysis tasks are: + +- 1. Find Effective Access. Returns Only Site Collections – Creates the SA_SP_TrusteeAudit_Results + table accessible under the job’s Results node +- 2. Find Direct Permissions. Unscoped - All Resource Types – Creates the + SA_SP_TrusteeAudit_DirectPermissions table accessible under the job’s Results node +- 3. Summarize Access – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables created by the analysis tasks which display effective access for the +specified trustees, the SP_TrusteeAudit Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Site Collection Access | This report shows what site collections a domain user has effective and direct access to. Audited users are scoped in the SP_TrusteeAccess job. | None | This report is comprised of three elements: - Table – Provides user summary details - Table – Provides details on site collections with effective access - Table – Provides details on direct permissions | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/m365/overview.md b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/overview.md new file mode 100644 index 0000000000..3fe9d381bd --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/overview.md @@ -0,0 +1,27 @@ +# 8.M365 Job Group + +The 8.M365 Job Group generates summary and detail reports of SharePoint Activity on the specified +Teams sites. These reports can be used for identifying file, folder, and user related activity +across your SharePoint environment. + +![8.M365 Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 8.M365 Job Group are: + +- [SP_ExternalUsers Job](/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_externalusers.md) + – Identifies activity of external users on all monitored Sharepoint servers +- [SP_OneDrives Job](/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_onedrives.md) + – Collects the activity, sensitive data, summary level information across OneDrives +- [SP_SharedLinks Job](/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_sharedlinks.md) + – Provides an overview of the shared links configured with Sharpoint Online, with visibility into + Anonymous Sharing, External User Sharing, and activity pertaining to Shared Links +- [SP_StaleTeamSites Job](/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_staleteamsites.md) + – Identifies Teams that have not had activity for a number of days that can be set in the analysis + (Set at 30 Days by Default) +- [SP_Teams](/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teams.md) + – Identifies activities, sensitive data and a summary of collected data for SharePoint Teams +- [SP_TeamsExternalUserActivity Job](/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teamsexternaluseractivity.md) + – Identifies all activity events performed by external users in Teams, including details on the + date/time, resource, and operation +- [SP_TeamsSensitiveData Job](/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teamssensitivedata.md) + – Analyzes sensitive data activity within Teams sites diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_externalusers.md b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_externalusers.md new file mode 100644 index 0000000000..f5fa068008 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_externalusers.md @@ -0,0 +1,30 @@ +# SP_ExternalUsers Job + +The SP_TeamsExternalUsers Job identifies activity of external users on all monitored SharePoint +servers. + +## Analysis Tasks for the SP_ExternalUsers Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_OneDrives** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_ExternalUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/externalusersanalysis.webp) + +The default analysis task is: + +- Analyze External User Activity – Creates the + SA_SPAC_SharePointOnlineMostActiveExternalUsersSummary table accessible under the job's Results + node +- Summarize External User Activity – Creates the SP_ExternalUsersDetails table accessible under the + job's Results node + +In addition to the tables created by the analysis tasks, the SP_TeamsExternalUsers Job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | --------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| External User Activity | This report analyzes activity performed by external users in scanned SharePoint environments. | None | This report is comprised of three elements: - Bar Chart – Provides information on top users by operation count - Table – Provides summary on external users - Table – Provides details on external user activity | +| External User Summary | This report analyzes activity performed by external users in scanned SharePoint environments. | None | This report is comprised of three elements: - Bar Chart – Provides information on top users by operation count - Table – Provides summary on external users - Table – Provides details on external user activity | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_onedrives.md b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_onedrives.md new file mode 100644 index 0000000000..f7f0c454fa --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_onedrives.md @@ -0,0 +1,38 @@ +# SP_OneDrives Job + +The SP_OneDrives Job collects the activity, sensitive data, summary level information across +OneDrives. + +## Analysis Tasks for the OneDrives Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_OneDrives** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the OneDrives Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/onedrivesanalysis.webp) + +The default analysis tasks are: + +- OneDrive Details – Creates the SA_SP_OneDriveDetails table accessible under the job's Results node +- OneDrive Summary – Creates the SA_SP_OneDriveSummary table accessible under the job's Results node +- Top OneDrive by GB Summary – Creates the SA_SP_TopOneDrivesGB table accessible under the job's + Results node +- OneDrive Sensitive Data File Details – Creates the SA_SP_OneDriveFileDetails table accessible + under the job's Results node +- OneDrive Sensitive Data Summary – Creates the SA_SP_OneDriveSensitiveDataSummary table accessible + under the job's Results node +- OneDrive Activity Details – Creates the SA_SP_OneDriveActivityDetails table accessible under the + job's Results node +- OneDrive Activity Summary – Creates the SA_SP_OneDriveActivitySummary table accessible under the + job's Results node + +In addition to the tables created by the analysis tasks, the SP_OneDrives Job produces the following +preconfigured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | -------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| One Drive Activity | This report displays activity information from OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on top OneDrives by Operation Count - Table – Provides details on OneDriveSummary - Table – Provides details on OneDrive Activity Details | +| One Drive Sensitive Data | This report displays sensitive information from OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on top OneDrives by sensitive files - Table – Provides details on sensitive data summary - Table – Provides details on OneDrive file details | +| One Drive Sensitive Data | This report displays summary level information across all OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on OneDrive summary - Table – Provides details on top OneDrives by GB - Table – Provides details on top OneDrives by GB summary - Table – Provides information on OneDrive details | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_sharedlinks.md b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_sharedlinks.md new file mode 100644 index 0000000000..f08206c1b5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_sharedlinks.md @@ -0,0 +1,38 @@ +# SP_SharedLinks Job + +The SP_SharedLinks Job provides an overview of the shared links configured with SharePoint Online, +with visibility into Anonymous Sharing, External User Sharing, and activity pertaining to Shared +Links. + +## Analysis Tasks for the SharedLinks Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_SharedLinks** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SharedLinks Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/sharedlinksanalysis.webp) + +The default analysis tasks are: + +- Calculate anonymous sharing – Creates the SA_SP_AnonynomousSharing_Details table accessible under + the job's Results node +- Summarize anonymous sharing – Creates the SA_SP_AnonynomousSharing_Summary table accessible under + the job's Results node +- Calculate shared links – Creates the SA_SP_SharingLinks_Details table accessible under the job's + Results node +- Summarize shared links – Creates the SA_SP_SharingLinks_SiteCollection and + SA_SP_SharingLinks_Tenant_Summary tables accessible under the job's Results node +- Calculate Shared Links Activity – Creates the SA_SP_SharingLinks_Activity_Details, + SA_SP_SharingLinks_Creation_Detail_Last_7_Days, and + SA_SP_SharingLinks_Creation_Summary_Last_7_Days tables accessible under the job's Results node + +In addition to the tables created by the analysis tasks, the SP_Shared Links Job produces the +following preconfigured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Anonymous Sharing | This report highlights instances where resources are anonymously shared via a shareable link in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart – Provides information on the top site collections and anonymously shared files - Table – Provides details anonymous sharing summary by site collection - Table – Provides details on anonymously sharing details | +| Shared Link Activity | This report highlights instances of activity via shared links in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart – Provides information on the shared link creation for the last 7 days OneDrive summary - Table – Provides details on shared link creation summary for the last 7 days - Table – Provides details on shared link activity | +| Shared Links | This report highlights instances of shared links in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart Table– Provides information on the shared link summary - Bar Chart– Provides details on top site collections by shared files - Table – Provides details on site collection summary - Table – Provides details on shared links | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_staleteamsites.md b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_staleteamsites.md new file mode 100644 index 0000000000..c8ac78f391 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_staleteamsites.md @@ -0,0 +1,54 @@ +# SP_StaleTeamSites Job + +The SP_StaleTeamSites Job identifies Teams that have not had activity for a number of days that can +be set in the analysis (Set as 30 Days by Default). + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The SP_StaleTeamSites page has the following configurable parameters: + +- Desired Number of Days Since Last Activity To Determine Staleness + +See the +[Customizable Analysis Tasks for the SP_StaleTeamSites Job](#customizable-analysis-tasks-for-the-sp_staleteamsites-job) +for additional information. + +## Analysis Tasks for the SP_StaleTeamSites Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_StaleTeamSites** >**Configure** node +and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the SP_StaleTeamSites Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/staleteamsitesanalysis.webp) + +The default analysis task is: + +- Find Stale Teams – Creates the SA_SP_StaleTeamSites table accessible under the job’s Results node + + - This task contains a configurable parameter to set the number of days a Team has not had + activity for before it's considered stale. See the + [Customizable Analysis Tasks for the SP_StaleTeamSites Job](#customizable-analysis-tasks-for-the-sp_staleteamsites-job) + topic for additional information. + +In addition to the table created by the analysis task, the SP_StaleTeamSites Job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Teams | This report identifies Teams that have not had activity for a number of days that can be set in the analysis (Set at 30 Days by Default) | None | This report is comprised of two elements: - Bar Chart – Provides information on the top five least active sites - Table – Provides details on stale Teams sites | + +### Customizable Analysis Tasks for the SP_StaleTeamSites Job + +The default values for customizable parameters are: + +| Analysis Task | Customizable Parameter Name | Default Value | Description | +| ---------------- | --------------------------- | ------------- | ------------------------------------------------------------------ | +| Find Stale Teams | @days | 30 | Desired number of days since last activity to determine staleness. | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on customizing the analysis parameters. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teams.md b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teams.md new file mode 100644 index 0000000000..6287f99e89 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teams.md @@ -0,0 +1,34 @@ +# SP_Teams + +The SP_Teams Job identifies activities, sensitive data and a summary of collected data for +SharePoint Teams. + +## Analysis Tasks for the SP_Teams Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_Teams** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_Teams Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/teamsanalysis.webp) + +The default analysis task is: + +- Teams Details and Summary – Creates the SA_SP_TeamsSummary table to populate the Teams Activity + and Teams Summary reports +- Teams Activity Details – Creates the SA_SP_TeamsActivityDetails table to populate the Teams + Activity report +- Teams Activity Summary – Creates the SA_SP_TeamsActivitySummary table to populate the Teams + Activity report +- Teams Sensitive Data – Creates the SA_SP_TeamsFileDetailsSensitiveData table to populate the Teams + Sensitive Data report + +In addition to the tables created by the analysis tasks, the SP_Teams Job produces the following +preconfigured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Teams Activity | This report identifies and analyzes activity in SharePoint Teams. | None | This report is comprised of three elements: - Bar Chart – Provides Operation count of the Top Teams - Table – Provides a summary of Teams activity - Table – Provides details about Teams activity | +| Teams Sensitive Data | This report identifies and analyzes sensitive data in SharePoint Teams. | None | This report is comprised of three elements: - Bar Chart – Provides the top Teams containing sensitive files - Table – Provides a sensitive data summary - Table – Provides additional details about sensitive files in Teams | +| Teams Summary | This report summarizes collected data for SharePoint Teams. | None | This report is comprised of four elements: - Table – Provides a summary of permissions in Teams - Bar Chart – Provides information about Top Teams by size (GB) - Pie Chart – Provides a comparison of stale vs active Teams sites - Table – Provides additional details about Teams sites permissions | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teamsexternaluseractivity.md b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teamsexternaluseractivity.md new file mode 100644 index 0000000000..bb52e6400c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teamsexternaluseractivity.md @@ -0,0 +1,27 @@ +# SP_TeamsExternalUserActivity Job + +The SP_TeamsExternalUserActivity Job identifies all activity events performed by external users in +Teams, including details on the date/time, resource, and operation. + +## Analysis Tasks for the SP_TeamsExternalUserActivity Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > +**SP_TeamsExternalUserActivity** >**Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_TeamsExternalUserActivity Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp) + +The default analysis task is: + +- Analyze Teams External User Activity – Creates the SA_SPAC_MostActiveTeamsExternalUsers table + accessible under the job's Results node + +In addition to the table created by the analysis task, the SP_TeamsExternalUserActivity Job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Teams External User Activity | This report displays most active external users within Teams, as well as Teams that have the most external users. | None | This report is comprised of three elements: - Bar Chart – Provides information on the most active external team members - Table – Provides details on Teams with the most external users - Table – Provides details on external user activity details | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teamssensitivedata.md b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teamssensitivedata.md new file mode 100644 index 0000000000..907bc6502a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/m365/sp_teamssensitivedata.md @@ -0,0 +1,25 @@ +# SP_TeamsSensitiveData Job + +The SP_TeamsSensitiveData Job analyzes sensitive data activity within Teams Sites. + +## Analysis Tasks for the SP_TeamsSensitiveData Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_TeamsSensitiveData** >**Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_TeamsSensitiveData Job](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/teamssensitivedataanalysis.webp) + +The default analysis task is: + +- Analyze Teams Sensitive Data – Creates the SA_TeamsSensitiveDataActivityDetails table accessible + under the job's Results node + +In addition to the table created by the analysis task, the SP_TeamsSensitiveData Job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Teams Sensitive Data Report | This report analyzes sensitive data activity in Teams sites. | None | This report is comprised of two elements: - Bar Chart – Provides information on the top Teams users by sensitive file interaction count - Table – Provides details on user activity | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/overview.md b/docs/accessanalyzer/11.6/solutions/sharepoint/overview.md new file mode 100644 index 0000000000..d1936dff31 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/overview.md @@ -0,0 +1,155 @@ +# SharePoint Solution + +The SharePoint Solution is a comprehensive set of audit jobs and reports which provide the +information every administrator needs regarding SharePoint on-premises and SharePoint Online +infrastructure, configuration, performance, permissions, required ports, and effective rights. The +Access Auditing and Sensitive Data Discovery Auditing components of this solution can target both +SharePoint on-premises and SharePoint Online. The Activity Auditing components of this solution can +only target SharePoint on-premises. + +Supported Platforms + +- SharePoint Online® (Agent-less mode scans only) + +- OneDrive® for Business (Access Auditing and/or Sensitive Data Discovery Auditing for Agent-less + mode scans only) + +- SharePoint® 2019 +- SharePoint® 2016 +- SharePoint® 2013 + +Requirements, Permissions, and Ports + +- Permissions vary based on the Scan Mode selected and target environment. See the + [SharePoint Support](/docs/accessanalyzer/11.6/requirements/target/sharepoint.md) + topic for additional information. + +- Ports vary based on the Scan Mode selected and target environment. See the + [SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) + topic for additional information. + +**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for +SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and +provisions it with the required permissions. See the +[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/sp_registerazureappauth.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, +which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it +will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 +additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , +then an extra 16 GB of RAM are required (8x2=16). + +**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK +(Java) version on the server. The JDK deployed is prepackaged and does not require any +configuration; it has been preconfigured to work with Enterprise Auditor and should never be +customized through Java. It will not conflict with other JDKs or Java Runtimes in the same +environment. + +_Remember,_ if employing the Enterprise Auditor SharePoint Agent, it is also necessary for the +Sensitive Data Discovery Add-on to be installed on the server where the agent is installed. + +Location + +The SharePoint Solution requires a special Enterprise Auditor license. It can be installed from the +Enterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to +the solution: **Jobs** > **SharePoint**. + +The 0.Collection Job Group collects the data. The other job groups and the SP_Overview Job run +analysis on the collected data and generate reports. + +## SharePoint Job Groups + +This SharePoint solution offers information on multiple aspects of an organization’s SharePoint +on-premises and SharePoint Online environments. This solution is comprised of 10 sub-job groups and +an overview job which collect, analyze, and report on data. The data collection is conducted by the +SharePointAccess (SPAA) Data Collector. See the corresponding +[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/spaa/standardtables.md) +topic for database table information. + +![SharePoint Job Group](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/sharepointjobgroup.webp) + +The following types of auditing can be conducted with the SharePoint Solution: + +- [SharePoint Access Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md#sharepoint-access-auditing) +- [SharePoint Activity Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md#sharepoint-activity-auditing) +- [SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md#sharepoint-sensitive-data-discovery-auditing-seek) + +Each type of auditing depends on specific jobs within the 0.Collection Job Group to collect the data +and its corresponding analysis/reporting job groups. The Access Auditing components represent the +core of the SharePoint Solution. However, the Sensitive Data Discovery Auditing components also +collect the Access Auditing data; therefore it is not necessary to run both sets of collection jobs. +The data collection query options for each type are explained within the 0.Collection Job Group +section. Additionally, the corresponding analysis/reporting job groups are listed for each auditing +type. + +If intending to run two or all auditing types, see each auditing type section within the +0.Collection Job Group section for information on query options and requirements. It is recommended +to first run the 0.Collection Job Group components in the default order for the desired auditing +types to ensure successful data collection, and then to run the desired sub-groups for reports. + +See the +[Recommended Configuration for the SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/recommended.md) +topic for additional information on frequency and job group settings. + +The SharePoint Solution is available with the SharePoint Reports license feature and is comprised of +the following job groups and jobs: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md) + – Designed to collect high level summary information from SharePoint servers. This information is + used to populate the SMP Reports based around the SharePoint and is a requirement for the Access + Information Center – SharePoint reports. + + - This job group is available with the SharePoint license feature + +- [1.Direct Permissions Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/overview.md) + – Provides insight into how directly applied permissions are configured within the SharePoint + environment. The group contains surface-level configuration settings that can quickly assess the + SharePoint permission structure. +- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_openaccess.md) + – Provides insight into any high-risk repositories and high-risk data that may exist within an + organization’s SharePoint environment. High risk data is effectively open to the entire + organization through modification of SharePoint permissions to apply well known security + principles such as NT AUTHORITY\Authenticated Users, Everyone, and Everyone Except External Users. + This data must be monitored closely because of its exposure. +- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_brokeninheritance.md) + – Keeping track of directly applied permissions at mass is not realistic, this job is responsible + for performing data analysis and generating SharePoint broken inheritance reports at the site + level. This includes looking at site broken inheritance and the trustees who are assigned to those + sites where inheritance is broken so that you can remove that access in favor of providing access + via group membership. +- [4.Content Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/content/overview.md) + – Provides insight into content stored across SharePoint farms in order to help more efficiently + manage that content. It will provide information on the content taking up the most space, the + content that has not been accessed for extended periods of time, and additional data describing + SharePoint content and the configuration of the repositories such as lists and libraries which + store that content. +- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_probableowner.md) + – Provides reports about probable ownership. The goal of this report is to help you either + identify who most likely owns the SharePoint resource or at least someone who can tell you who + does. +- [6.Sensitive Data > SP_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_sensitivedata.md) + – Highlights sensitive data identified across targeted SharePoint farms + + - Requires the Data Governance Sensitive Data Discovery Add-on + +- [7.Activity Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/activity/overview.md)– + Generates summary and detail reports of SharePoint activity on the specified sites. These reports + can be used for identifying file, folder, and user related activity across your SharePoint + environment. +- [8.M365 Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/m365/overview.md) + – Generates summary and detail reports of SharePoint Activity on the specified Teams sites. These + reports can be used for identifying file, folder, and user related activity across your SharePoint + environment. +- [Effective Access Audits Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/overview.md) + – Returns reports identifying specific trustees’ effective access across the entire SharePoint + environment + + - Typically, this is run independently from the rest of the solution + +- [SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/sp_overview.md) + – Provides an overview of the SharePoint environment, providing a high level view into what makes + up your SharePoint environment and the types of security risks and toxic permissions found during + scans diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md b/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md deleted file mode 100644 index d71a790db4..0000000000 --- a/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md +++ /dev/null @@ -1,1783 +0,0 @@ -# 1-SPSEEK_SystemScans Job - -This job is responsible for building the Tier2 SPDLP database repositories, which contain -information regarding sensitive content that exists within SharePoint. - -## Queries for the 1-SPSEEK_SystemScans Job - -The 1-SPSEEK SystemScans Job uses the SharePoint Access Data Collector for the following query: - -![The query for the 1-SPSEEK SystemScans Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spseeksystemscansquery.webp) - -The query for the 1-SPSEEK SystemScans Job is: - -- SharePoint Scan – Scans SharePoint for sensitive content - -### Configure the Query for the 1-SPSEEK_SystemScans Job - -The 1-SPSEEK_SystemScans Job has been preconfigured to run with the default settings using the SPAA -Data Collector category of Scan for Sensitive Content, which is not visible within the SharePoint -Access Auditor Data Collector Wizard when opened from within this job. - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > -**1-SPSEEK_SystemScans** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. - -![SharePoint Data Collection Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspseek.webp) - -**Step 4 –** On the -[SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, customize as desired and click **Next**. - -![Scan Scoping Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptions.webp) - -**Step 5 –** On the -[SPAA: Scan Scoping Options](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, no web applications or site collections have been added. If desired, limit the scope of the -scan to specific web applications or site collections. Click **Next**. - -![Additional Scoping](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/additionalscopingspseek.webp) - -**Step 6 –** On the -[SPAA: Additional Scoping](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, **Limit scanned depth to:** is selected with the default set at **2** levels. Customize this -setting as desired and click **Next**. - -![Agent Settings](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/windowsagent.webp) - -**Step 7 –** On the -[SPAA: Agent Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, use the default settings unless an agent scan mode is desired. Click **Next**. - -![DLP Audit Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/dlpauditsettingsspseek.webp) - -**Step 8 –** On the -[SPAA: DLP Audit Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, the default setting is to **Don’t process files larger than: 2 MB** and to **Scan typical -documents (recommended, fastest)**. These settings can be customized to adjust for scan time or -database size. Click **Next**. - -**NOTE:** The typical documents for this setting are files with the following extensions: .doc, -.docx, .msg, .odt, .pages, .rtf, .wpd, .wps, .abw, .bib, .dotx, .eml, .fb2, .fdx, .gdoc, .lit, .sig, -.sty, .wps, .wpt, .yml, .tex, .pdf, .csv, .xlr, .xls, .xlsx, .gsheet, .nb, .numbers, .ods, .qpw, -.sdc, .wks, .xlsb, .xltm, .xltx, .aws, .fods, .ots, .rdf, .sxc, .uos, .xlsm, .txt - -![Select DLP Criteria Page of the SPAA Data Collector Wizard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp) - -**Step 9 –** On the -[SPAA: Select DLP Criteria](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, add or remove criteria as desired by either manually selecting criteria or using the **Select -All** and **Clear All** buttons. Click **Next**. _(Optional)_ To create custom criteria, see the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/11.6/security-and-compliance/sensitive-data-discovery/criteria-editor.md) -topic for additional information. - -**CAUTION:** Do not configure the options on the Results page. - -**Step 10 –** On the Results page, all Available Properties are selected by default. Click **Next**. - -**Step 11 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 1-SPSEEK_SystemScans Job has now been customized. - -# 2-SPAA_SystemScans Job - -The job collects information on permissions, users, and groups to determine who has access to each -structural level in the SharePoint farm. - -## Queries for the 2-SPAA_SystemScans Job - -The 2-SPAA_SystemScans Job uses the SharePoint Access Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaasystemscansquery.webp) - -The query for the 2-SPAA_SystemScans Job is: - -- Scan SharePoint – Scans SharePoint systems - -### Configure 2-SPAA_SystemScans Job - -The 2-SPAA_SystemScans Job has been preconfigured to run with the default settings using the SPAA -Data Collector category of Scan SharePoint Access, which is not visible within the SharePoint Access -Auditor Data Collector Wizard when opened from within this job. - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **1-SPAA_SystemScans** > -**Configure** node and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. - -![SharePoint Data Collection Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspaa.webp) - -**Step 4 –** On the -[SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, customize as desired and click **Next**. - -![Scan Scoping Options](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptions.webp) - -**Step 5 –** On the -[SPAA: Scan Scoping Options](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, no web applications or site collections have been added. If desired, limit the scope of the -scan to specific web applications or site collections. Click **Next**. - -![Additional Scoping](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/additionalscopingspaa.webp) - -**Step 6 –** On the -[SPAA: Additional Scoping](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, **Limit scanned depth to:** is selected with the default set at **2** levels. Customize this -setting as desired and click **Next**. - -![Agent Settings](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/windowsagent.webp) - -**Step 7 –** On the -[SPAA: Agent Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, use the default settings unless an agent scan mode is desired. Click **Next**. - -**CAUTION:** Do not configure the options on the Results page. - -**Step 8 –** On the Results page, all Available Properties are selected by default. Click **Next**. - -**Step 9 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 1-SPAA_SystemScans Job has now been customized. - -# 3-SPAC_SystemScans Job - -The job collects information on activity, users, and groups to determine who has performed activity -in each structural level in the SharePoint farm. - -## Queries for the 3-SPAC_SystemScans Job - -The 3-SPAC_SystemScans Job has been preconfigured to run with the default settings using the SPAA -Data Collector category of Scan SharePoint Activity, which is not visible within the SharePoint -Access Auditor Data Collector Wizard when opened from within this job. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spacsystemscansquery.webp) - -The query for the 3-SPAC_SystemScans Job is: - -- System Scan – Scans for SharePoint activity - -# 4-SPSEEK_BulkImport Job - -This job is responsible for retrieving the Tier 2 SPDLP database information and importing it to the -SQL Server where Enterprise Auditor stores data. - -## Queries for the 4-SPSEEK_BulkImport Job - -The 4-SPSEEK Bulk Import Job uses the SharePoint Access Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportquery.webp) - -The query for the 4-SPSEEK Bulk Import Job is: - -- Bulk Import – Imports scan data into the SQL Server - -### Configure 4-SPSEEK_BulkImport Job - -The 4-SPSEEK_BulkImport Job has been preconfigured to run with the default settings with the SPAA -Data Collector category of **Bulk Import Sensitive Content Scan Results**, which is not visible -within the SharePoint Access Auditor Data Collector Wizard when opened from within this job. Follow -the steps to set any desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > -**4-SPSEEK_BulkImport** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. - -![Bulk Import Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp) - -**Step 4 –** On the -[SPAA: Bulk Import Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, the **Set Host Identifier** is not configured by default. Click **Next**. - -**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host -Identifier** seed. - -**CAUTION:** Do not configure the options on the Results page. - -**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. - -**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 4-SPSEEK_BulkImport Job has now been customized. - -## Analysis Tasks for 4-SPSEEK_BulkImport Job - -Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **4-SPSEEK_BulkImport** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the -selected analysis tasks. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportanalysis.webp) - -The default analysis tasks are: - -- 1. Update data types – Enterprise Auditor uses custom SQL data types to render data. This - analysis creates updates to those data types. -- 2. Import new functions (for SA Core) – Creates functions used in the SharePoint Solution -- 3. Import new functions (for SA SPAA) – Creates functions used in the SharePoint Solution -- 4. Create exception schema – Creates the SA_SPAA_Exceptions table -- 5. Create DLP views – Creates the SA_SPDLP_MatchesView -- 6. Create exceptions view – Creates the SA_SPAA_ExceptionsView - -The following analysis task is not selected by default, but can be enabled: - -- Display Match Hits – Displays the SA_SPDLP_MatchesHitsView within Enterprise Auditor. - -# 5-SPAA_BulkImport Job - -This job is responsible for retrieving the SPAA Tier 2 database information and import it to the -Enterprise Auditor SQL database. - -## Queries for the 5-SPAA_BulkImport Job - -The 5-SPAA_BulkImport Job uses the SharePoint Access Data Collector for the following query: - -![spaabulkimportquery](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaabulkimportquery.webp) - -The query for the 5-SPAA_BulkImport Job is: - -- Bulk Import – Imports scan data into the SQL Server - -### Configure 5-SPAA_BulkImport Job - -The 5-SPAA_BulkImport Job has been preconfigured to run with the default settings with the SPAA Data -Collector category of Bulk Import Access Scan Results, which is not visible within the SharePoint -Access Auditor Data Collector Wizard when opened from within this job. Follow the steps to set any -desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAA_BulkImport** > -**Configure** node and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. - -![Bulk Import Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp) - -**Step 4 –** On the -[SPAA: Bulk Import Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, the **Set Host Identifier** is not configured by default. Click **Next**. - -**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host -Identifier** seed. - -**CAUTION:** Do not configure the options on the Results page. - -**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. - -**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 5-SPAA_BulkImport Job has now been customized. - -## Analysis Tasks for 5-SPAA_BulkImport Job - -Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAA_BulkImport** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the -selected analysis tasks. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaabulkimportanalysis.webp) - -The default analysis tasks are: - -- 0. TryConvert for UniqueIdentifiers – Simulates Try_Convert functionality for SQL Server 2008 - and below -- 1. Update data types – Enterprise Auditor uses custom SQL data types to render data. This - analysis creates updates to those data types. -- 2. Import new functions (for SA Core) – Creates functions used in the SharePoint Solution -- 3. Import new functions (for SA SPAA) – Creates functions used in the SharePoint Solution -- 4. Create exception schema – Creates the SA_SPAA_Exceptions table -- 5. Create views – Creates views visible through the Results node - -# 6-SPAC_BulkImport Job - -This job is responsible for retrieving the SPAC Tier 2 database information and import it to the -Enterprise Auditor SQL database. - -## Queries for the 6-SPAC_BulkImport Job - -The 6-SPAC_BulkImport Job uses the SharePoint Access Data Collector for the following query: - -![Query Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spacbulkimportquery.webp) - -The query for the 6-SPAC_BulkImport Job is: - -- Bulk Import – Imports scan data into the SQL Server - -### Configure the Query for the 6-SPAC_BulkImport Job - -The 6-SPAC_BulkImport Job has been preconfigured to run with the default settings with the category -of Bulk Import SharePoint Activity Scan Results, which is not visible within the SharePoint Access -Auditor Data Collector Wizard when opened from within this job. Follow the steps to set any desired -customizations. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAC_BulkImport** > -**Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. - -![Bulk Import Settings](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp) - -**Step 4 –** On the -[SPAA: Bulk Import Settings](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page, the **Set Host Identifier** is not configured by default. Click **Next**. - -**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host -Identifier** seed. - -**CAUTION:** Do not configure the options on the Results page. - -**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. - -**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 6-SPAC_BulkImport Job has now been customized. - -## Analysis Tasks for 2-SPAC_BulkImport Job - -Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **6-SPAC_BulkImport** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the -selected analysis tasks. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spacbulkimportanalysis.webp) - -The default analysis tasks are: - -- 1. Create Event Name Table – Creates the SA_SPAC_EventNames table associated with SPAC -- 2. Create Views – Creates the views associated with SPAC - -# 0.Collection Job Group - -The **SharePoint** > **0.Collection** Job Group is designed to collect information from SharePoint -farms using the SPAA Data Collector. The collected data is then available to other SharePoint -Solution sub-job groups and the Access Information Center for analysis. - -![0.Collection Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 0.Collection Job Group are: - -- [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Responsible for building the Tier2 SPDLP database repositories, which contain information - regarding sensitive content that exists within SharePoint -- [2-SPAA_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Collects information on permissions, users, and groups to determine who has access to each - structural level in the SharePoint farm -- [3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Collects information on activity, users, and groups to determine who has performed activity in - each structural level in the SharePoint farm -- [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Responsible for retrieving the Tier 2 SPDLP database information and importing it to the SQL - Server where Enterprise Auditor stores data -- [5-SPAA_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Responsible for retrieving the SPAA Tier 2 Database information and importing it to the - Enterprise Auditor SQL database -- [6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Responsible for retrieving the SPAC Tier 2 Database information and importing it to the - Enterprise Auditor SQL database -- [7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Searches scanned data for resources that match high risk conditions, retrieving a summary of - SharePoint exceptions per host - -Additionally, the jobs in the 0.Collection Job Group are organized into the following collection -components: - -- SharePoint Access Auditing (SPAA) – The SharePoint Access Auditing (SPAA) component is the primary - component of this group and collects SharePoint information with the SPAA Data Collector, such as - permissions and content metadata. It employs the 2-SPAA_SystemScans Job, the 5-SPAA_BulkImport - Job, and the 7-SPAA_Exceptions Job. See the - [SharePoint Access Auditing](#sharepoint-access-auditing) topic for additional information. If - using agent-based scanning, this component requires an additional installer package before data - collection will occur. -- SharePoint Activity Auditing (SPAC) – The SharePoint Activity Auditing (SPAC) component collects - event information from the Enterprise Auditor Activity Monitor log files with the SPAA Data - Collector. It employs the 3-SPAC_SystemScans Job and the 6-SPAC_BulkImport Job. See the - [SharePoint Activity Auditing](#sharepoint-activity-auditing) topic for additional information. -- SharePoint Sensitive Data Discovery Auditing (SEEK) – The SharePoint Sensitive Data Discovery - Auditing (SEEK) component searches file content for sensitive data. It also collects permission - information; therefore, it does not need to be run with the SPAA component. This component employs - the 1-SPSEEK_SystemScans Job, the 5-SPAA_BulkImport Job, the 4-SPSEEK_BulkImport Job, and the - 7-SPAA_Exceptions Job. This component requires an additional installer package before data - collection will occur. See the - [SharePoint Sensitive Data Discovery Auditing (SEEK)](#sharepoint-sensitive-data-discovery-auditing-seek) - topic for additional information. - -These jobs are numbered to keep them in the necessary run order. Not all jobs need be run. See the -appropriate auditing section for specific job relationships and recommended workflows. - -The relationship between system scans and bulk import jobs requires the following considerations: - -- A system scans job executed from a Enterprise Auditor Console must be followed by the - corresponding bulk import job from the same Enterprise Auditor Console with the same version of - Enterprise Auditor -- Two system scans processing the same information, for example two **2-SPAA_SystemScans** jobs, - cannot be executed consecutively against the same target host. The corresponding bulk import job, - for example. **5-SPAA_BulkImport**, must be executed in between. - -The system scans job collects the data and creates a Tier-2 database, or SQLite database, on the -local host or the host where the SharePoint Agent was installed (according to the scan method -configured). The corresponding bulk import job gathers the information from the Tier-2 database, and -pulls it into the Enterprise Auditor SQL backend database, thus completing the collection process. - -## SharePoint Access Auditing - -Access Auditing (SPAA) is the primary component of the 0.Collection Job Group. It collects -information on permissions, users, and groups to determine who has access to each structural level -in the SharePoint farm, on-premises and online, using the SPAA Data Collector. The jobs, tables, and -views specifically incorporated into this component are prefaced with `SPAA`. See the -SharePointAccess Data Collector -[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -topic for additional information on the data collected. - -The 0.Collection jobs that comprise this auditing component are: - -- [2-SPAA_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Collects information on permissions, users, and groups to determine who has access to each - structural level in the SharePoint farm -- [5-SPAA_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Responsible for retrieving the SPAA tier 2 database information and import it to the Enterprise - Auditor SQL database -- [7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Searches scanned data for resources that match high risk conditions, retrieving a summary of - SharePoint exceptions per host - -The following job groups -and[SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -jobs in the SharePoint Solution depend on data collected by these jobs to generate reports: - -- [1.Direct Permissions Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [4.Content Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/content-analysis.md) -- [Effective Access Audits Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - -The SharePoint Sensitive Data Discovery Reports in the Access Information Center are also populated -by this data. See the SharePoint Reports topics in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -See the -[Recommended Configuration for the SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/recommended-reports.md) -topic for other Runtime Details. - -Workflow - -**Step 1 –** Run -[2-SPAA_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 2 –** Run -[5-SPAA_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 3 –** Run -[7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 4 –** Run desired corresponding analysis and reporting sub-job groups. - -Please see the -[Recommended Configuration for the SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/recommended-reports.md) -topic before continuing with this workflow. - -**_RECOMMENDED:_** Scope the 0.Collection Job Group to only include the collection components -desired by disabling the undesired collection jobs. Disabling them allows the solution to run more -efficiently. It is not recommended to delete any jobs. See the -[Disable or Enable a Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -## SharePoint Activity Auditing - -Activity Auditing (SPAC) is the component of the 0.Collection Job Group that collects information on -activity, users, and groups to determine who has performed activity in each structural level in the -SharePoint on-premises farm, or SharePoint online tenant, using the SPAA Data Collector. The jobs -and tables specifically incorporated into this component are prefaced with SPAC. See the -[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -topic for additional information on the data collected. - -The Access Auditing components must be run in order to create the tables in the database for the -SPAC component to use. Either the SPAA or SEEK Scan job, run to at least a 0-level scan depth (and -the corresponding Bulk Import job) can be used to create these tables. Once an initial 0-level SPAA -or SPSEEK scan job and corresponding Bulk Import have been run against a particular SharePoint On -Prem farm or SharePoint Online tenant, SPAA or SPSEEK Scan jobs can be run concurrently with SPAC -Scan and Bulk Import jobs as needed. - -The 0.Collection jobs that comprise this auditing component are: - -- [3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Collects information on activity, users, and groups to determine who has perform activity in - each structural level in the SharePoint farm -- [6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Responsible for retrieving the SPAC tier 2 database information and import it to the Enterprise - Auditor SQL data base - -The -[SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -and -[7.Activity Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md) -in the SharePoint Solution uses the data collected by these jobs to generate reports. - -The SharePoint Activity Reports in the Access Information Center are also populated by this data. -See the SharePoint Reports topics in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -Recommended Workflow 1 (for Access & Activity Auditing) - -**Step 1 –** Run -[2-SPAA_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 2 –** Run -[3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 3 –** Run -[5-SPAA_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 4 –** Run -[6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 5 –** Run -[7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 6 –** Run desired corresponding analysis and reporting sub-job groups. - -**NOTE:** Once an initial 2-SPAA SystemScans job (scoped to at least 0-level depth) and the -corresponding 5-SPAA Bulk Import job have been run, then the SPAA Scans can be run concurrently with -SPAC Scans and Bulk Import jobs as desired. - -Recommended Workflow 2 (for Access, Sensitive Data Discovery & Activity Auditing) - -**CAUTION:** The jobs must be run in the order shown. It is not possible to disable the -1-SPAA_SystemScan and 2-SPAA_BulkImport jobs and run the 0.Collection Job Group because the -remaining jobs are in the wrong order. Renaming the jobs is not an option. - -**Step 1 –** Install the Sensitive Data Discovery Add-on on the Enterprise Auditor Console (once -only). - -**Step 2 –** Run -[1-SPSEEK_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 3 –** Run -[3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 4 –** Run -[4-SPSEEK_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 5 –** Run -[6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 6 –** Run -[7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 7 –** Run desired corresponding analysis and reporting sub-job groups. - -**NOTE:** Once an initial 1-SPSEEK SystemScans job (scoped to at least 0-level depth) and the -corresponding 4-SPSEEK Bulk Import job have been run, then the SPSEEK Scans jobs can be run -concurrently with the SPAC Scans and the Bulk Import jobs as desired. - -Optional Workflow (for Activity Auditing Only) - -**Step 1 –** Run -[3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 2 –** Run -[6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 3 –** Run desired corresponding analysis and reporting sub-job groups. - -**NOTE:** Please see the -[Recommended Configuration for the SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/recommended-reports.md) -topic before continuing with this workflow. - -**_RECOMMENDED:_** Scope the 0.Collection Job Group to only include the collection components -desired by disabling the undesired collection jobs. Disabling them allows the solution to run more -efficiently. It is not recommended to delete any jobs. See the -[Disable or Enable a Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -## SharePoint Sensitive Data Discovery Auditing (SEEK) - -Sensitive Data Discovery Auditing (SEEK) is the component of the 0.Collection Job Group that -searches file content for sensitive data. It also collects information on permissions, users, and -groups to determine who has access to each structural level in the SharePoint farm, on-premises and -online, using the SPAA Data Collector. The jobs for this component are prefaced with `SPSEEK`. The -tables and views are prefaced with `SPDLP`. See the -[SharePoint Sensitive Data Discovery Auditing Tables & Views](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -topic for additional information on the data collected. - -**NOTE:** The Sensitive Data Discovery Auditing (SEEK) component is an add-on to the SharePoint -Solution. Though the jobs are visible within the console, it requires an additional installer -package before data collection will occur. See the -[Sensitive Data Discovery Add-On Installation](/docs/accessanalyzer/11.6/installation/sensitive-data-discovery/install.md) -topic for additional information. - -Customized search criteria can be created with the Criteria Editor accessible through the -[SPAA: Select DLP Criteria](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -page of the SharePoint Access Auditor Data Collector Wizard. See the -[Sensitive Data](/docs/accessanalyzer/11.6/administration/settings/sensitive-data-criteria.md) -topic for additional information. - -The 0.Collection jobs that comprise this auditing component are: - -- [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Responsible for building the Tier2 SPDLP database repositories, which contain information - regarding sensitive content that exists within SharePoint -- [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Responsible for retrieving the Tier 2 SPDLP database information and importing it to the SQL - Server where Enterprise Auditor stores data -- [7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Searches scanned data for resources that match high risk conditions, retrieving a summary of - SharePoint exceptions per host - -The following job groups -and[SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -jobs in the SharePoint Solution depend on data collected by these jobs to generate reports: - -- [1.Direct Permissions Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [4.Content Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/content-analysis.md) -- [Effective Access Audits Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [6.Sensitive Data > SP_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) -- [SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - -The SharePoint Sensitive Data Discovery Reports in the Access Information Center are also populated -by this data. See the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -Recommended Workflow 1 (for Access & Sensitive Data Discovery Auditing) - -**Step 1 –** Install the Sensitive Data Discovery Add-on on the Enterprise Auditor Console, and on -the SharePoint application server when applicable (once only). - -**Step 2 –** Run -[1-SPSEEK_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 3 –** Run -[4-SPSEEK_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 4 –** Run -[7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 5 –** Run desired corresponding analysis and reporting sub-job groups. - -Recommended Workflow 2 (for Access, Sensitive Data Discovery & Activity Auditing) - -**CAUTION:** The jobs must be run in the order shown. It is not possible to disable the -2-SPAA_SystemScan and 5-SPAA_BulkImport jobs and run the 0.Collection Job Group because the -remaining jobs are in the wrong order. Renaming the jobs is not an option. - -**Step 1 –** Install the Sensitive Data Discovery Add-on the Enterprise Auditor Console (once only). - -**Step 2 –** Run -[1-SPSEEK_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 3 –** Run -[3-SPAC_SystemScans Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 4 –** Run -[4-SPSEEK_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 5 –** Run -[6-SPAC_BulkImport Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 6 –** Run -[7-SPAA_Exceptions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -**Step 7 –** Run desired corresponding analysis and reporting sub-job groups. - -**NOTE:** Once an initial 1-SPSEEK SystemScans job (scoped to at least 0-level depth) and the -corresponding 4-SPSEEK Bulk Import job have been run, then the SPSEEK Scans can be run concurrently -with the SPAC Scans and the Bulk Import jobs as desired. - -**NOTE:** Please see the -[Recommended Configuration for the SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/recommended-reports.md) -topic before continuing with this workflow. - -**_RECOMMENDED:_** Scope the 0.Collection Job Group to only include the collection components -desired by disabling the undesired collection jobs. Disabling them allows the solution to run more -efficiently. It is not recommended to delete any jobs. See the -[Disable or Enable a Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -# 7-SPAA_Exceptions Job - -This job searches scanned data for resources that match high risk conditions and retrieving a -summary of SharePoint exceptions per host. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The 7-SPAA_Exceptions page has the following configurable parameters: - -- #opengroups – High-risk groups such as those known to be sensitive or open can be added - - **NOTE:** Groups must be entered exactly as they are listed in SA_SPAA_Trustees. Copy and paste - the Group name as it appears in the Name Column. - -See the -[Customizable Analysis Tasks for the 7-SPAA_Exceptions Job](#customizable-analysis-tasks-for-the-7-spaa_exceptions-job) -for additional information. - -## Analysis Tasks 7-SPAA_Exceptions Job - -The 3-SPAA_Exceptions Job does not use the SPAA Data Collector. Instead it runs analysis on the data -returned by the 2-SPAA_BulkImport Job. View the analysis tasks by navigating to the **Jobs** > -**SharePoint** > **0.Collection** > **3-SPAA_Exceptions** > **Configure** node and select -**Analysis**. - -**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the -selected analysis tasks. - -![Analysis Selection](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaaexceptionsanalysis.webp) - -The default analysis tasks are: - -- Open resources – Any site collections, sites, libraries, lists, or folders that are openly - accessible. Can be deselected if open resource information is not desired. - - - This analysis task contains a configurable parameter: `#opengroups` - -- Disabled users – Any site collections, sites, libraries, lists, or folders where disabled users - have been granted access. Can be deselected if disabled user information is not desired. -- Stale users – Any site collections, sites, libraries, lists, or folders where stale users have - been granted access. Stale users are user who have not logged in for more than 120 days. Can be - deselected if stale user information is not desired. -- Unresolved SID – Matches SIDs to .Active Directory Inventory Job Group data to resolve for those - users using legacy SIDS or deleted users. -- Show view – Displays views within the Results node of the Enterprise Auditor Console. - -### Customizable Analysis Tasks for the 7-SPAA_Exceptions Job - -The default values for customizable parameters are: - -| Analysis Task | Customizable Parameter Name | Default Value | Instruction | -| -------------- | --------------------------- | ------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -| Open resources | #opengroups | Empty | Groups must be entered exactly as they are listed in SA_SPAA_Trustees. Copy and paste the Group name as it appears in the Name Column. | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -for additional information. - -# SPAA_Exceptions Job - -This job handles SharePoint exceptions. For information on configuring customizable parameters, see -the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic. - -# 1.Direct Permissions Job Group - -The **SharePoint** > **1.Direct Permissions** Job Group provides insight into how directly applied -permissions are configured within the targeted SharePoint environment. It is dependent on data -collected by the -[SharePoint Access Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md#sharepoint-access-auditing) -or -[SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md#sharepoint-sensitive-data-discovery-auditing-seek) -components of the -[0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). -The jobs which comprise the 1.Direct Permissions Job Group process analysis tasks and generate -reports. - -![1.Direct Permissions Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 1.Direct Permissions Job Group is comprised of: - -- [SP_DomainUsers Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Identifies locations where there are domain users directly applied on permissions. Best - practices dictate that groups should be used to provide access to resources. -- [SP_EmptyDomainGroupPerms Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Identifies empty security groups with directly assigned permissions to resources, these groups - should be deleted from SharePoint farms, where found. Inadvertent changes to group membership may - open up unwanted access. -- [SP_HighRiskPermissions Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Identifies where Authenticated Users, Everyone Except External Users, Anonymous Logon, or Domain - users have been directly assigned permissions -- [SP_SiteCollectionPerms Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Most content will inherit the permissions configured at the root of the site collection. Having - an understanding of how those permissions are assigned is useful for gaining perspective on the - overall SharePoint permission configuration. -- [SP_StaleUsers Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Identifies locations where there are stale users directly applied on SharePoint resources. These - permissions can be safely removed. -- [SP_UnresolvedSIDs Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Identifies Unresolved SIDs that have permissions to any SharePoint resources. Unresolved SIDs - can be safely cleaned up without affecting user access. - -# SP_DomainUsers Job - -The SP_DomainUsers Job identifies locations where there are domain users directly applied on -permissions. Best practices dictate that groups should be used to provide access to resources. - -## Analysis Tasks for the SP_DomainUsers Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_DomainUsers** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_DomainUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/domainusersanalysis.webp) - -The default analysis tasks are: - -- 1. Direct Permissions. Shows All Direct User Permissions – Creates the - SA_SP_DomainUsers_DirectPermissions table accessible under the job’s Results node -- 2. Rank Resources by Number of Directly Applied Users – Creates an interim processing table in - the database for use by downstream analysis and report generation -- 3. Rank Domain Users by Number of Direct Assignments – Creates an interim processing table in - the database for use by downstream analysis and report generation - -In addition to the table created by the analysis task which displays all direct user permissions, -the SP_DomainUsers Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Domain User Permissions | This report identifies locations where there are domain users directly applied on permissions. Best practices dictate that groups should be used to provide access to resources. | None | This report is comprised of three elements: - Bar chart – Displays the top 5 resources by directly applied users - Table – Provides details on directly applied users by resource - Table – Provides details on direct permission counts by user | - -# SP_EmptyDomainGroupPerms Job - -The SP_EmptyDomainGroupPerms Job identifies empty security groups with directly assigned permissions -to resources, these groups should be deleted from SharePoint farms, where found. Inadvertent changes -to group membership may open up unwanted access. - -## Analysis Tasks for the SP_EmptyDomainGroupPerms Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > -**SP_EmptyDomainGroupPerms** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_EmptyDomainGroupPerms Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp) - -The default analysis tasks are: - -- 1. Find Empty Group Permission – Creates the SA_SP_EmptyDomainGroupPerms_DirectPermissions table - accessible under the job’s Results node -- 2. Find Affected Resource Count per Group – Creates the - SA_SP_EmptyDomainGroupPerms_ResourceCount table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display direct permissions and -resource counts for empty groups, the SP_EmptyDomainGroupPerms Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Empty Domain Group Permissions | This report identifies empty security groups with directly assigned permissions to resources. These groups add no access, and should be deleted from SharePoint farms, where found. Inadvertent changes to group membership may open up unwanted access. | None | This report is comprised of three elements: - Bar chart – Displays the top 5 groups by affected resources - Table – Provides details on permissions - Table – Provides details on top groups by affected resources | - -# SP_HighRiskPermissions Job - -The SP_HighRiskPermissions Job identifies where Authenticated Users, Everyone Except External Users, -Anonymous Logon, or Domain users have been directly assigned permissions - -## Analysis Tasks for the SP_HighRiskPermissions Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_HighRiskPermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_HighRiskPermissions Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp) - -The default analysis tasks are: - -- 1. Detailed View – Creates the SA_SP_HighRiskPermissions_Details table accessible under the - job’s Results node -- 2. Permissions Matrix. Resource counts by Permission Level and Trustee – Creates the - SA_SP_HighRiskPermissions_Details table (SP_HighRiskPermissions_Matrix) accessible under the - job’s Results node -- 3.Open Manage Rights – Creates the SA_SP_HighRiskPermissions_ManageRights table accessible under - the job’s Results node -- 4. Pivot Permissions by Resource Type – Creates the - SA_SP_HighRiskPermissions_SiteCollectionSummary table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display information on open resources -from directly applied permissions, the SP_HighRiskPermissions Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| High Risk Permissions | This report shows permissions of Authenticated Users, Anonymous Logon, or Domain users. Applying these trustees to permissions may inadvertently open security holes. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays Open Resources - Table – Provides details on resource counts by permissions and high risk trustees - Table – Provides details top resources with open manage rights | - -# SP_SiteCollectionPerms Job - -Most content will inherit the permissions configured at the root of the site collection. Having an -understanding of how those permissions are assigned is useful for gaining perspective on the overall -SharePoint permission configuration. - -## Analysis Tasks for the SP_SiteCollectionPerms Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_SiteCollectionPerms** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_SiteCollectionPerms Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp) - -They need to remain in the default order: - -- 1. Site Collection Direct Permissions - - - Creates the SA_SP_SiteCollectionPerms_DirectPerms table accessible under the job’s Results - node - - Creates an interim processing table in the database for use by downstream analysis and report - generation - -- 2. Site Collection Details – Creates the SA_SP_SiteCollectionPerms_Details table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks which display direct permissions at the root -of the site collections, the SP_SiteCollectionPerms Job produces the following pre-configured -report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Direct Site Collection Permissions | Most content will inherit the permissions configured at the root of the site collection. Having an understanding of how those permissions are assigned is useful for gaining perspective on the overall SharePoint permission configuration. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 site collections by direct permissions - Table – Provides details on site collections by direct permissions breakdown | - -# SP_StaleUsers Job - -A stale user is defined as either currently disabled within Active Directory, or has not logged onto -the domain for over 90 days. This job will identify locations where there are stale users directly -applied on SharePoint resources. These permissions can be safely removed. - -## Analysis Tasks for the SP_StaleUsers Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_StaleUsers** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_StaleUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp) - -The default analysis tasks are: - -- 1. Direct Permissions. Shows all Direct User Permissions – Creates the - SA_SP_StaleUsers_DirectPermissions table accessible under the job’s Results node -- 2. Rank Resources by Number of Stale Users – Creates the SA_SP_StaleUsers_ResourcePermCounts - table accessible under the job’s Results node -- 3. Rank Domain Users by Number of Direct Assignments – Creates the - SA_SP_StaleUsers_UserPermCount table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display direct permissions for stale -users, the SP_StaleUsers Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale User Permissions | A stale user is defined as either currently disabled within Active Directory, or has not logged onto the domain for over 90 days. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 users by affected resources - Table – Provides details on top resource by stale user permissions - Table – Provides details on top stale users by affected resources | - -# SP_UnresolvedSIDs Job - -This job identifies Unresolved SIDs that have permissions to any SharePoint resources. Unresolved -SIDs can be safely cleaned up without affecting user access. - -## Analysis Tasks for the SP_UnresolvedSIDs Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_UnresolvedSIDs** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_UnresolvedSIDs Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp) - -They need to remain in the default order: - -- 1. Create Function – Creates an interim processing table in the database for use by downstream - analysis and report generation -- 2. Find Unresolved SID ACLs – Creates the SA_SP_UnresolvedSIDs_DirectPermissions table - accessible under the job’s Results node -- 3. Find Affected Resource Count per SID – Creates the SA_SP_UnresolvedSIDs_ResourceCount table - accessible under the job’s Results node -- 4. Rank Resources by SID Count – Creates the SA_SP_UnresolvedSIDs_DirectPermissions table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display direct permissions for -unresolved SIDs, the SP_UnresolvedSIDs Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Unresolved SID Permissions | Unresolved SIDs can be safely cleaned up without affecting user access. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 unresolved SIDs by affected resources - Table – Provides details on resources with unresolved SIDs applied - Table – Provides details on unresolved SIDs by affected resources | - -# Effective Access Audits Job Group - -This group returns reports identifying specific trustees’ effective access across the entire -SharePoint environment. - -![Effective Access Audits Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The Effective Access Audits Job Group is comprised of: - -- [Scoping > SP_TrusteeAccess Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Scopes a list of users to audit their access across the SharePoint environment. This can also be - accomplished by looking users up in the Access Information Center. However, it is recommended to - use this job in scenarios where a report on multiple users’ effective access at once needs to be - generated. -- [SP_TrusteeAudit Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Provides functionality similar to the Access Information Center by allowing scoped audits of - users’ access across the environment - -For the SP_TrusteeAccess Job, the host list is set to Local host at the Scoping Job Group level. The -assigned Connection Profile needs to have rights on the Enterprise Auditor Console server to access -the CSV file saved in the job’s directory. The Connection Profile should be set at the **Effective -Access Audits** > **Scoping** > **Settings** > **Connection** node. - -# Scoping > SP_TrusteeAccess Job - -The SP_TrusteeAccess job allows you to scope a list of users to audit their access across the -SharePoint environment. You can also accomplish this by looking users up in the Access Information -Center, however you want to utilize this job in scenarios where you want to generate a report on -multiple users’ effective access at once. - -**NOTE:** Trustees can be specified in the `UserScoping.csv` file for the SP_TrusteeAccess Job. See -the -[Configure CSV File for the Query for the SP_TrusteeAccess Job](#configure-csv-file-for-the-query-for-the-sp_trusteeaccess-job) -topic for additional information. - -![Scoping > SP_TrusteeAccess Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp) - -The SP_TrusteeAccess job is located in the Scoping Job Group. - -## Queries for the SP_TrusteeAccess Job - -The SP_TrusteeAccess Job uses the TextSearch Data Collector for the following query: - -![Queries for the SP_TrusteeAccess Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp) - -The default query is: - -- Scoping – Modifies the CSV in the Job Directory. See the - [Configure CSV File for the Query for the SP_TrusteeAccess Job](#configure-csv-file-for-the-query-for-the-sp_trusteeaccess-job) - topic for additional information. - -### Configure CSV File for the Query for the SP_TrusteeAccess Job - -Follow the steps to specify trustees in the `UserScoping.csv` file. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **Effective Access Audits** > **Scoping** > -**SP_TrusteeAccess** Job and right-click on the job. Select **Explore Folder** and the job’s -directory opens. - -![UserScoping.csv in the SP_TrusteeAccess Job folder in File Explorer](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp) - -**Step 2 –** Open the `UserScoping.csv` file with a text editor, for example Notepad. - -![UserScoping.csv file in Notepad](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp) - -**Step 3 –** Enter the trustees using a `Domain\UserName` format. Enter one trustee per row. - -**Step 4 –** Save and close the file. - -The SP_TrusteeAccess Job is now ready to import this list of trustees to scope the Effective Access -Audits Job Group. After job execution, the list of specified trustees will populate the Scope table -accessible under the job’s Results node. - -# SP_TrusteeAudit Job - -The SP_TrusteeAudit Job runs analysis tasks and generates a report on effective access of specified -trustees. This job provides functionality similar to the Access Information Center by allowing -scoped audits of user access across the targeted SharePoint environment. - -## Analysis Tasks for the SP_TrusteeAudit Job - -Navigate to the **Jobs** > **SharePoint** > **Effective Access Audits** > **SP_TrusteeAudit** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_TrusteeAudit Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp) - -The default analysis tasks are: - -- 1. Find Effective Access. Returns Only Site Collections – Creates the SA_SP_TrusteeAudit_Results - table accessible under the job’s Results node -- 2. Find Direct Permissions. Unscoped - All Resource Types – Creates the - SA_SP_TrusteeAudit_DirectPermissions table accessible under the job’s Results node -- 3. Summarize Access – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables created by the analysis tasks which display effective access for the -specified trustees, the SP_TrusteeAudit Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Site Collection Access | This report shows what site collections a domain user has effective and direct access to. Audited users are scoped in the SP_TrusteeAccess job. | None | This report is comprised of three elements: - Table – Provides user summary details - Table – Provides details on site collections with effective access - Table – Provides details on direct permissions | - -# 8.M365 Job Group - -The 8.M365 Job Group generates summary and detail reports of SharePoint Activity on the specified -Teams sites. These reports can be used for identifying file, folder, and user related activity -across your SharePoint environment. - -![8.M365 Job Group in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The jobs in the 8.M365 Job Group are: - -- [SP_ExternalUsers Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Identifies activity of external users on all monitored Sharepoint servers -- [SP_OneDrives Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Collects the activity, sensitive data, summary level information across OneDrives -- [SP_SharedLinks Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Provides an overview of the shared links configured with Sharpoint Online, with visibility into - Anonymous Sharing, External User Sharing, and activity pertaining to Shared Links -- [SP_StaleTeamSites Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Identifies Teams that have not had activity for a number of days that can be set in the analysis - (Set at 30 Days by Default) -- [SP_Teams](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Identifies activities, sensitive data and a summary of collected data for SharePoint Teams -- [SP_TeamsExternalUserActivity Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Identifies all activity events performed by external users in Teams, including details on the - date/time, resource, and operation -- [SP_TeamsSensitiveData Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Analyzes sensitive data activity within Teams sites - -# SP_ExternalUsers Job - -The SP_TeamsExternalUsers Job identifies activity of external users on all monitored SharePoint -servers. - -## Analysis Tasks for the SP_ExternalUsers Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_OneDrives** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_ExternalUsers Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/externalusersanalysis.webp) - -The default analysis task is: - -- Analyze External User Activity – Creates the - SA_SPAC_SharePointOnlineMostActiveExternalUsersSummary table accessible under the job's Results - node -- Summarize External User Activity – Creates the SP_ExternalUsersDetails table accessible under the - job's Results node - -In addition to the tables created by the analysis tasks, the SP_TeamsExternalUsers Job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | --------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| External User Activity | This report analyzes activity performed by external users in scanned SharePoint environments. | None | This report is comprised of three elements: - Bar Chart – Provides information on top users by operation count - Table – Provides summary on external users - Table – Provides details on external user activity | -| External User Summary | This report analyzes activity performed by external users in scanned SharePoint environments. | None | This report is comprised of three elements: - Bar Chart – Provides information on top users by operation count - Table – Provides summary on external users - Table – Provides details on external user activity | - -# SP_OneDrives Job - -The SP_OneDrives Job collects the activity, sensitive data, summary level information across -OneDrives. - -## Analysis Tasks for the OneDrives Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_OneDrives** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the OneDrives Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/onedrivesanalysis.webp) - -The default analysis tasks are: - -- OneDrive Details – Creates the SA_SP_OneDriveDetails table accessible under the job's Results node -- OneDrive Summary – Creates the SA_SP_OneDriveSummary table accessible under the job's Results node -- Top OneDrive by GB Summary – Creates the SA_SP_TopOneDrivesGB table accessible under the job's - Results node -- OneDrive Sensitive Data File Details – Creates the SA_SP_OneDriveFileDetails table accessible - under the job's Results node -- OneDrive Sensitive Data Summary – Creates the SA_SP_OneDriveSensitiveDataSummary table accessible - under the job's Results node -- OneDrive Activity Details – Creates the SA_SP_OneDriveActivityDetails table accessible under the - job's Results node -- OneDrive Activity Summary – Creates the SA_SP_OneDriveActivitySummary table accessible under the - job's Results node - -In addition to the tables created by the analysis tasks, the SP_OneDrives Job produces the following -preconfigured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | -------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| One Drive Activity | This report displays activity information from OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on top OneDrives by Operation Count - Table – Provides details on OneDriveSummary - Table – Provides details on OneDrive Activity Details | -| One Drive Sensitive Data | This report displays sensitive information from OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on top OneDrives by sensitive files - Table – Provides details on sensitive data summary - Table – Provides details on OneDrive file details | -| One Drive Sensitive Data | This report displays summary level information across all OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on OneDrive summary - Table – Provides details on top OneDrives by GB - Table – Provides details on top OneDrives by GB summary - Table – Provides information on OneDrive details | - -# SP_SharedLinks Job - -The SP_SharedLinks Job provides an overview of the shared links configured with SharePoint Online, -with visibility into Anonymous Sharing, External User Sharing, and activity pertaining to Shared -Links. - -## Analysis Tasks for the SharedLinks Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_SharedLinks** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SharedLinks Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/sharedlinksanalysis.webp) - -The default analysis tasks are: - -- Calculate anonymous sharing – Creates the SA_SP_AnonynomousSharing_Details table accessible under - the job's Results node -- Summarize anonymous sharing – Creates the SA_SP_AnonynomousSharing_Summary table accessible under - the job's Results node -- Calculate shared links – Creates the SA_SP_SharingLinks_Details table accessible under the job's - Results node -- Summarize shared links – Creates the SA_SP_SharingLinks_SiteCollection and - SA_SP_SharingLinks_Tenant_Summary tables accessible under the job's Results node -- Calculate Shared Links Activity – Creates the SA_SP_SharingLinks_Activity_Details, - SA_SP_SharingLinks_Creation_Detail_Last_7_Days, and - SA_SP_SharingLinks_Creation_Summary_Last_7_Days tables accessible under the job's Results node - -In addition to the tables created by the analysis tasks, the SP_Shared Links Job produces the -following preconfigured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Anonymous Sharing | This report highlights instances where resources are anonymously shared via a shareable link in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart – Provides information on the top site collections and anonymously shared files - Table – Provides details anonymous sharing summary by site collection - Table – Provides details on anonymously sharing details | -| Shared Link Activity | This report highlights instances of activity via shared links in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart – Provides information on the shared link creation for the last 7 days OneDrive summary - Table – Provides details on shared link creation summary for the last 7 days - Table – Provides details on shared link activity | -| Shared Links | This report highlights instances of shared links in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart Table– Provides information on the shared link summary - Bar Chart– Provides details on top site collections by shared files - Table – Provides details on site collection summary - Table – Provides details on shared links | - -# SP_StaleTeamSites Job - -The SP_StaleTeamSites Job identifies Teams that have not had activity for a number of days that can -be set in the analysis (Set as 30 Days by Default). - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md#parameter-configuration) -topic for instructions on how to edit parameters on a job overview page. - -The SP_StaleTeamSites page has the following configurable parameters: - -- Desired Number of Days Since Last Activity To Determine Staleness - -See the -[Customizable Analysis Tasks for the SP_StaleTeamSites Job](#customizable-analysis-tasks-for-the-sp_staleteamsites-job) -for additional information. - -## Analysis Tasks for the SP_StaleTeamSites Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_StaleTeamSites** >**Configure** node -and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the SP_StaleTeamSites Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/staleteamsitesanalysis.webp) - -The default analysis task is: - -- Find Stale Teams – Creates the SA_SP_StaleTeamSites table accessible under the job’s Results node - - - This task contains a configurable parameter to set the number of days a Team has not had - activity for before it's considered stale. See the - [Customizable Analysis Tasks for the SP_StaleTeamSites Job](#customizable-analysis-tasks-for-the-sp_staleteamsites-job) - topic for additional information. - -In addition to the table created by the analysis task, the SP_StaleTeamSites Job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Teams | This report identifies Teams that have not had activity for a number of days that can be set in the analysis (Set at 30 Days by Default) | None | This report is comprised of two elements: - Bar Chart – Provides information on the top five least active sites - Table – Provides details on stale Teams sites | - -### Customizable Analysis Tasks for the SP_StaleTeamSites Job - -The default values for customizable parameters are: - -| Analysis Task | Customizable Parameter Name | Default Value | Description | -| ---------------- | --------------------------- | ------------- | ------------------------------------------------------------------ | -| Find Stale Teams | @days | 30 | Desired number of days since last activity to determine staleness. | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for instructions on customizing the analysis parameters. - -# SP_Teams - -The SP_Teams Job identifies activities, sensitive data and a summary of collected data for -SharePoint Teams. - -## Analysis Tasks for the SP_Teams Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_Teams** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_Teams Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/teamsanalysis.webp) - -The default analysis task is: - -- Teams Details and Summary – Creates the SA_SP_TeamsSummary table to populate the Teams Activity - and Teams Summary reports -- Teams Activity Details – Creates the SA_SP_TeamsActivityDetails table to populate the Teams - Activity report -- Teams Activity Summary – Creates the SA_SP_TeamsActivitySummary table to populate the Teams - Activity report -- Teams Sensitive Data – Creates the SA_SP_TeamsFileDetailsSensitiveData table to populate the Teams - Sensitive Data report - -In addition to the tables created by the analysis tasks, the SP_Teams Job produces the following -preconfigured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Teams Activity | This report identifies and analyzes activity in SharePoint Teams. | None | This report is comprised of three elements: - Bar Chart – Provides Operation count of the Top Teams - Table – Provides a summary of Teams activity - Table – Provides details about Teams activity | -| Teams Sensitive Data | This report identifies and analyzes sensitive data in SharePoint Teams. | None | This report is comprised of three elements: - Bar Chart – Provides the top Teams containing sensitive files - Table – Provides a sensitive data summary - Table – Provides additional details about sensitive files in Teams | -| Teams Summary | This report summarizes collected data for SharePoint Teams. | None | This report is comprised of four elements: - Table – Provides a summary of permissions in Teams - Bar Chart – Provides information about Top Teams by size (GB) - Pie Chart – Provides a comparison of stale vs active Teams sites - Table – Provides additional details about Teams sites permissions | - -# SP_TeamsExternalUserActivity Job - -The SP_TeamsExternalUserActivity Job identifies all activity events performed by external users in -Teams, including details on the date/time, resource, and operation. - -## Analysis Tasks for the SP_TeamsExternalUserActivity Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > -**SP_TeamsExternalUserActivity** >**Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_TeamsExternalUserActivity Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp) - -The default analysis task is: - -- Analyze Teams External User Activity – Creates the SA_SPAC_MostActiveTeamsExternalUsers table - accessible under the job's Results node - -In addition to the table created by the analysis task, the SP_TeamsExternalUserActivity Job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Teams External User Activity | This report displays most active external users within Teams, as well as Teams that have the most external users. | None | This report is comprised of three elements: - Bar Chart – Provides information on the most active external team members - Table – Provides details on Teams with the most external users - Table – Provides details on external user activity details | - -# SP_TeamsSensitiveData Job - -The SP_TeamsSensitiveData Job analyzes sensitive data activity within Teams Sites. - -## Analysis Tasks for the SP_TeamsSensitiveData Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_TeamsSensitiveData** >**Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_TeamsSensitiveData Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/teamssensitivedataanalysis.webp) - -The default analysis task is: - -- Analyze Teams Sensitive Data – Creates the SA_TeamsSensitiveDataActivityDetails table accessible - under the job's Results node - -In addition to the table created by the analysis task, the SP_TeamsSensitiveData Job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Teams Sensitive Data Report | This report analyzes sensitive data activity in Teams sites. | None | This report is comprised of two elements: - Bar Chart – Provides information on the top Teams users by sensitive file interaction count - Table – Provides details on user activity | - -# SharePoint Solution - -The SharePoint Solution is a comprehensive set of audit jobs and reports which provide the -information every administrator needs regarding SharePoint on-premises and SharePoint Online -infrastructure, configuration, performance, permissions, required ports, and effective rights. The -Access Auditing and Sensitive Data Discovery Auditing components of this solution can target both -SharePoint on-premises and SharePoint Online. The Activity Auditing components of this solution can -only target SharePoint on-premises. - -Supported Platforms - -- SharePoint Online® (Agent-less mode scans only) - -- OneDrive® for Business (Access Auditing and/or Sensitive Data Discovery Auditing for Agent-less - mode scans only) - -- SharePoint® 2019 -- SharePoint® 2016 -- SharePoint® 2013 - -Requirements, Permissions, and Ports - -- Permissions vary based on the Scan Mode selected and target environment. See the - [SharePoint Support](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) - topic for additional information. - -- Ports vary based on the Scan Mode selected and target environment. See the - [SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) - topic for additional information. - -**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for -SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and -provisions it with the required permissions. See the -[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/instant-jobs.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -The Sensitive Data Discovery Add-On must be installed on the Enterprise Auditor Console server, -which enables Sensitive Data criteria for scans. If running Sensitive Data Discovery (SDD) scans, it -will be necessary to increase the minimum amount of RAM. Each thread requires a minimum of 2 -additional GB of RAM per host. For example, if the job is configured to scan 8 hosts at a time , -then an extra 16 GB of RAM are required (8x2=16). - -**NOTE:** The Sensitive Data Discovery Add-on installation package installs the appropriate JDK -(Java) version on the server. The JDK deployed is prepackaged and does not require any -configuration; it has been preconfigured to work with Enterprise Auditor and should never be -customized through Java. It will not conflict with other JDKs or Java Runtimes in the same -environment. - -_Remember,_ if employing the Enterprise Auditor SharePoint Agent, it is also necessary for the -Sensitive Data Discovery Add-on to be installed on the server where the agent is installed. - -Location - -The SharePoint Solution requires a special Enterprise Auditor license. It can be installed from the -Enterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to -the solution: **Jobs** > **SharePoint**. - -The 0.Collection Job Group collects the data. The other job groups and the SP_Overview Job run -analysis on the collected data and generate reports. - -## SharePoint Job Groups - -This SharePoint solution offers information on multiple aspects of an organization’s SharePoint -on-premises and SharePoint Online environments. This solution is comprised of 10 sub-job groups and -an overview job which collect, analyze, and report on data. The data collection is conducted by the -SharePointAccess (SPAA) Data Collector. See the corresponding -[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/11.6/data-collection/sharepoint/on-premises.md) -topic for database table information. - -![SharePoint Job Group](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/sharepointjobgroup.webp) - -The following types of auditing can be conducted with the SharePoint Solution: - -- [SharePoint Access Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md#sharepoint-access-auditing) -- [SharePoint Activity Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md#sharepoint-activity-auditing) -- [SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md#sharepoint-sensitive-data-discovery-auditing-seek) - -Each type of auditing depends on specific jobs within the 0.Collection Job Group to collect the data -and its corresponding analysis/reporting job groups. The Access Auditing components represent the -core of the SharePoint Solution. However, the Sensitive Data Discovery Auditing components also -collect the Access Auditing data; therefore it is not necessary to run both sets of collection jobs. -The data collection query options for each type are explained within the 0.Collection Job Group -section. Additionally, the corresponding analysis/reporting job groups are listed for each auditing -type. - -If intending to run two or all auditing types, see each auditing type section within the -0.Collection Job Group section for information on query options and requirements. It is recommended -to first run the 0.Collection Job Group components in the default order for the desired auditing -types to ensure successful data collection, and then to run the desired sub-groups for reports. - -See the -[Recommended Configuration for the SharePoint Solution](/docs/accessanalyzer/11.6/solutions/sharepoint/recommended-reports.md) -topic for additional information on frequency and job group settings. - -The SharePoint Solution is available with the SharePoint Reports license feature and is comprised of -the following job groups and jobs: - -- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Designed to collect high level summary information from SharePoint servers. This information is - used to populate the SMP Reports based around the SharePoint and is a requirement for the Access - Information Center – SharePoint reports. - - - This job group is available with the SharePoint license feature - -- [1.Direct Permissions Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Provides insight into how directly applied permissions are configured within the SharePoint - environment. The group contains surface-level configuration settings that can quickly assess the - SharePoint permission structure. -- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Provides insight into any high-risk repositories and high-risk data that may exist within an - organization’s SharePoint environment. High risk data is effectively open to the entire - organization through modification of SharePoint permissions to apply well known security - principles such as NT AUTHORITY\Authenticated Users, Everyone, and Everyone Except External Users. - This data must be monitored closely because of its exposure. -- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Keeping track of directly applied permissions at mass is not realistic, this job is responsible - for performing data analysis and generating SharePoint broken inheritance reports at the site - level. This includes looking at site broken inheritance and the trustees who are assigned to those - sites where inheritance is broken so that you can remove that access in favor of providing access - via group membership. -- [4.Content Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/content-analysis.md) - – Provides insight into content stored across SharePoint farms in order to help more efficiently - manage that content. It will provide information on the content taking up the most space, the - content that has not been accessed for extended periods of time, and additional data describing - SharePoint content and the configuration of the repositories such as lists and libraries which - store that content. -- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Provides reports about probable ownership. The goal of this report is to help you either - identify who most likely owns the SharePoint resource or at least someone who can tell you who - does. -- [6.Sensitive Data > SP_SensitiveData Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Highlights sensitive data identified across targeted SharePoint farms - - - Requires the Data Governance Sensitive Data Discovery Add-on - -- [7.Activity Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/activity-monitoring.md)– - Generates summary and detail reports of SharePoint activity on the specified sites. These reports - can be used for identifying file, folder, and user related activity across your SharePoint - environment. -- [8.M365 Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Generates summary and detail reports of SharePoint Activity on the specified Teams sites. These - reports can be used for identifying file, folder, and user related activity across your SharePoint - environment. -- [Effective Access Audits Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Returns reports identifying specific trustees’ effective access across the entire SharePoint - environment - - - Typically, this is run independently from the rest of the solution - -- [SP_Overview Job](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md) - – Provides an overview of the SharePoint environment, providing a high level view into what makes - up your SharePoint environment and the types of security risks and toxic permissions found during - scans - -# 3.Broken Inheritance > SP_BrokenInheritance Job - -Keeping track of directly applied permissions at mass is not realistic, the SP_BrokenInheritance job -is responsible for performing data analysis and generating SharePoint broken inheritance reports at -the site level. This includes looking at site broken inheritance and the trustees who are assigned -to those sites where inheritance is broken so that you can remove that access in favor of providing -access via group membership. - -![3.Broken Inheritance > SP_BrokenInheritance Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritancejobstree.webp) - -The SP_BrokenInheritance job is located in the 3.Broken Inheritance Job Group. - -## Analysis Tasks for the SP_BrokenInheritance Job - -Navigate to the **Jobs** > **SharePoint** > **3.Broken Inheritance** > **SP_BrokenInheritance** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_BrokenInheritance Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp) - -They need to remain in the default order: - -- 1. Create Inheritance View – Creates the SA_ENG_SPAA_Inheritance view accessible under the job’s - Results node -- 2. Unique Trustees Table. Identifies where Trustees have been Added/Removed – Creates the - SA_SP_BrokenInheritance_UniqueTrustees table accessible under the job’s Results node -- 3. Pivot Unique Trustees Table – Creates the SA_SP_BrokenInheritance_UniqueTrusteesPivot table - accessible under the job’s Results node -- 4. Summarize by Site Collection – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables created by the analysis tasks which display resources with broken -inheritance, the SP_BrokenInheritance Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Broken Inheritance | This job is responsible for performing data analysis and generating SharePoint direct permission reports at the site level. This includes looking at site broken inheritance and the trustees who are assigned to those sites where inheritance is broken. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 site collections by resources with permission changes - Table – Provides a site collection summary - Table – Provides broken inheritance details | - -# 2.High Risk Sites > SP_OpenAccess Job - -The 2.High Risk Sites Job Group provides insight into any high risk repositories and high risk data -that may exist within the targeted SharePoint environment. High risk data is effectively open to the -entire organization through modification of SharePoint permissions to apply well known security -principals such as NT AUTHORITY\Authenticated Users. The data must be monitored closely because of -its exposure. - -![2.High Risk Sites > SP_OpenAccess Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/openaccessjobstree.webp) - -The job group is comprised of the SP_OpenAccess Job. Minimizing your attack surface is the goal. -Open site collections can potentially provide access to privileged data, greatly increasing your -vulnerability. The SP_OpenAccess Job will identify places in the environment where data is able to -be accessed by a very large amount of employees. - -It is dependent on data collected by the -[SharePoint Access Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md#sharepoint-access-auditing) -or -[SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md#sharepoint-sensitive-data-discovery-auditing-seek) -components of the -[0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). - -## Analysis Tasks for the SP_OpenAccess Job - -Navigate to the **Jobs** > **SharePoint** > **2.High Risk Sites** > **SP_OpenAccess** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_OpenAccess Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/openaccessanalysis.webp) - -The default analysis tasks are: - -- 1. Determine Access to Resources – Creates the SA_SP_OpenAccess_AccessDetails table accessible - under the job’s Results node -- 2. Summarize by Site Collection – Creates the SA_SP_OpenAccess_SiteCollectionSummary table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display resources with open access, -the SP_OpenAccess Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | ------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Open Access | This report identifies site collections with open resources. | Open Access | This report is comprised of two elements: - Stacked Bar – Displays top site collections with open access - Table – Provides site collection details - Table – Provides access details | - -# SP_Overview Job - -The SP_Overview job provides an overview of the SharePoint Environment, providing a high level view -into what makes up a SharePoint Environment and the types of security risks and toxic permissions -found during scans. - -![SP_Overview Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/overviewjobstree.webp) - -It is dependent on data collected by the -[SharePoint Access Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md#sharepoint-access-auditing), -[SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md#sharepoint-sensitive-data-discovery-auditing-seek), -and -[SharePoint Activity Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md#sharepoint-activity-auditing) -components of the -[0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/permissions-analysis.md). -It also depends on the running of the sub-job groups within the solution. If only select sub-job -groups have been run, there will be blank sections of this overview report. - -## Analysis Tasks for the SP_Overview Job - -Navigate to the **Jobs** > **SharePoint** > **SP_Overview** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_Overview Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/overviewanalysis.webp) - -The default analysis tasks is: - -- Generate Overview – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the table created by the analysis task which displays all direct user permissions, -the SP_Overview Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------- | -| SharePoint Overview | This report provides an overview of the targeted SharePoint environment. | None | This report is comprised of one element: - Table – Provides details on the targeted SharePoint environment | - -# 5.Probable Owner > SP_ProbableOwner Job - -The SP_ProbableOwner Job aids in the identification of probable owners for Site Collections and -Sites, which can be used for entitlement reviews. Probably Owner calculation is based on file -ownership, management structure, and file activity. The goal of this report is to help you identify -who most likely owns the SharePoint resource or at least someone who can tell you who does. - -![5.Probable Owner > SP_ProbableOwner Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/probableownerjobstree.webp) - -The SP_ProbableOwner Job is located in the 5.Probable Owner Job Group. - -## Analysis Tasks for the SP_ProbableOwner Job - -Navigate to the **Jobs** > **SharePoint** > **5.Probable Owner** > -**SP_ProbableOwner** >**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_ProbableOwner Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/probableowneranalysis.webp) - -The default analysis tasks are: - -- Identify Probable Owners – Creates the SA_SP_SiteProbablyOwners_Details table accessible under the - job’s Results node - -In addition to the table created by the analysis task which displays probable ownership, the -SP_ProbableOwner Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | --------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------- | -| SharePoint Probable Ownership | This report identifies probable owners based on management structure, file ownership, and activity. | None | This report is comprised of one element: - Table – Provides details on probable owners | - -# 6.Sensitive Data > SP_SensitiveData Job - -The SP_SensitiveData Job identifies where sensitive data is located inside SharePoint farms. Special -care is paid to access and user activity in these locations. - -![6.Sensitve Data > SP_SensitiveData Job in the Jobs Tree](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) - -The SP_SensitiveData Job is located in the 6.Sensitive Data Job Group. - -## Analysis Tasks for the SP_SensitiveData Job - -Navigate to the **Jobs** > **SharePoint** > **6.Sensitive Data** > **SP_SensitiveData** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_SensitiveData Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) - -The default analysis tasks are: - -- Details – Creates the SA_SP_SensitiveData_Details table accessible under the job’s Results node -- Summarize by Site – Creates the SA_SP_SensitiveData_SiteSummary table accessible under the job’s - Results node -- Enterprise Summary – Creates the SA_SP_SensitiveData_Summary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks which display sensitive data, the -SP_SensitiveData Job produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------ | ------------------------------------------------------------------------------------------------------ | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Enterprise Summary (A.K.A. Sensitive Data) | This report summarizes the types and amount of sensitive data discovered on targeted SharePoint farms. | Sensitive Data | This report is comprised of two elements: - Pie Chart – Displays sensitive data discovered on SharePoint farms - Table – Provides details on sensitive data | -| Site Collection Details | This report highlights sites with the largest amount of sensitive data found. | Sensitive Data | This report is comprised of three elements: - Bar Chart – Displays top sites by sensitive files - Table – Provides details on the site collection summary - Table – Provides details the files fetched | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/recommended-reports.md b/docs/accessanalyzer/11.6/solutions/sharepoint/recommended-reports.md deleted file mode 100644 index 5752bd4cac..0000000000 --- a/docs/accessanalyzer/11.6/solutions/sharepoint/recommended-reports.md +++ /dev/null @@ -1,182 +0,0 @@ -# Recommended Configuration for the SharePoint Solution - -The SharePoint Solution has been configured to inherit down from the **SharePoint** > **Settings** -node. However, it is a best practice to assign the host list and the Connection Profile at the data -collection level, 0.Collection Job Group. Once these are assigned to the job group, it can be run -directly or scheduled. - -Dependencies - -- The **.Active Directory Inventory** Job Group needs to be executed prior to running the SharePoint - Solution against a SharePoint on-premises environment -- The **.Entra ID Inventory** Job Group needs to be executed prior to running the SharePoint - Solution against a SharePoint Online environment -- For Agent-based scans, the SharePoint Agent must be installed on the application server (for - Access Auditing & Sensitive Data Discovery Auditing only) -- The Sensitive Data Discovery Add-on must be installed on the Enterprise Auditor Console server - (for Sensitive Data Discovery Auditing only) -- The Sensitive Data Discovery Add-on must be installed on the SharePoint application server (for - Sensitive Data Discovery Auditing with agent-based scans only) - -Targeted Host(s) - -For the 0.Collection Job Group: - -- Single SharePoint Application server hosting Central Administration per SharePoint farm - -The host list assignment should be assigned under the **SharePoint** > **0.Collection** > -**Settings** > **Host List Assignment** node. The list should be a custom-created list for the -SharePoint environments to be targeted. Select the checkbox for the custom-created host list. - -Since SharePoint Online environments can only be targeted for Access Auditing and Sensitive Data -Discovery Auditing, it is best practice to set the host list at the job level. - -See the -[Add Hosts](/docs/accessanalyzer/11.6/administration/host-management/management.md) -topic for additional information. - -Connection Profile - -The SPAA Data Collector requires a specific set of permissions. See the -[SharePoint Scan Options](/docs/accessanalyzer/11.6/getting-started/requirements/solutions-requirements.md) -and -[SharePoint Support](/docs/accessanalyzer/11.6/getting-started/requirements/target-requirements.md) -topics for the necessary permissions for both on-premises and online target environments. Then -create a custom Connection Profile containing the appropriate credentials for the targeted -environment. If a single Connection Profile contains both on-premises and online credentials, it is -necessary for the online credentials to be above the on-premises credentialss in the Connection -Profile credentials list. - -The Connection Profile should be assigned under the **SharePoint** > **0.Collection** > -**Settings** > **Connection** node. It is set to **Use the Default Profile**, as configured at the -global settings level. However, since this may not be the Connection Profile with the necessary -permissions for the assigned hosts, select the the **Select one of the following user defined -profiles** option and select the appropriate Connection Profile from the drop-down menu. - -The jobs within the 5.Effective Access Audits Job Group import CSV files from the jobs’ directories -using the TextSearch Data Collector. Therefore, it is necessary to assign a Connection Profile with -rights on the Enterprise Auditor Console server to access the CSV file saved in the job’s directory. -The Connection Profile can be set at either the **Effective Access Audits** > **Settings** > -**Connection** node (applies to both jobs) or in the job’s Properties window on the Connection tab. - -See the -[Connection](/docs/accessanalyzer/11.6/administration/settings/connections.md) -topic for additional information. - -Schedule Frequency - -The jobs in this job group can be scheduled to run as desired. - -Run Order - -The 0.Collection Jobs must be run first and in order. RunSystem Scans jobs and then the Bulk Import -jobs according to the desired workflow. The other SharePoint Solution sub-job groups can be run in -any order, together or individually, after running the 0.Collection Job Group. It is recommended to -run at the sub-job group level. The SP_Overview Job pulls information from both the 0.Collection Job -Group and the other sub-job groups, and the report may contain blank sections if only select sub-job -groups are run. - -The Access Information Center requires the execution of the 2-SPAA_BulkImport Job default analysis -tasks in order for permission/access reports to be accessible. For activity reports, the Access -Information Center requires the execution of both the 2-SPAA Bulk Import Job default analysis tasks -and the 2-SPAC Bulk Import Job default analysis tasks. - -**_RECOMMENDED:_** If only conducting one or two types of auditing, scope the solution by disabling -the undesired collection jobs. Disabling them allows the solution to run more efficiently. It is not -recommended to delete any jobs. See the -[Disable or Enable a Job](/docs/accessanalyzer/11.6/administration/jobs-and-scheduling/job-management.md) -topic for additional information. - -Query Configuration - -This solution can be run with the default query configuration. However, the most common -customizations include: - -- If using agent-based scanning, it is necessary to enable the agent services on the SharePoint - Access Auditor Data Collector Wizard pages: - - - Agent Settings page, enable agent service scans: - - - Set on the **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing - - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery - Auditing - -- SharePoint Access Auditor Data Collector Wizard pages: - - - SharePoint Data Collection Settings page, configure probable owner scanning: - - - Enable **Scan for Document Metadata** for probable owners calculations - - Set on the: - - - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing - - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing - - - Scan Scoping Options page (optional): - - - Limit scans to specific Web Applications and site collections - - Set on the: - - - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing - - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing - - - Additional Scoping page (optional): - - - Limit scan depth - - Set on the: - - - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing - - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing - - - DLP Audit Settings page, scope to not scan files larger than a specific size for Sensitive - Data Discovery Auditing: - - - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job - - - Select DLP Criteria page, scope to scan for specific criteria or customizing criteria for - Sensitive Data Discovery Auditing: - - - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job - - - Activity Data Scope page: - - - Customize date ranges for activity to be collected - - Set on the **0.Collection** > **1-SPAC_SystemScans** Job for Activity Auditing - - - Activity Log Locations page (optional): - - - Specify the log locations to avoid requiring remote registry access to locate the activity - event log files - - Set on the **0.Collection** > **1-SPAC_SystemScans** Job for Activity Auditing - -Analysis Configuration - -This solution should be run with the default analysis configuration. Most of these analysis tasks -are preconfigured. There are a few which are deselected by default, as they are for troubleshooting -purposes. - -Though the analysis tasks should not be deselected, the following parameters can be modified: - -- Stale File is defined by default to 365 days - - - Customize within the **4.Content** > **SP_StaleFiles** Job - -- Stale Teams is defined by default to 30 days - - - Customize within the **8.M365** > **SP_StaleTeamSites** Job - -The .Active Directory Inventory Solution defines large groups, deeply nested groups, stale users, -and users with large tokens. These parameters can be customized and are applicable to any solution, -including SharePoint, which incorporate this analyzed data into further analysis. - -- Customize within .Active Directory Inventory > 3-AD_Exceptions Job analysis tasks - -Additional Considerations - -The Effective Access Audits Job Group is designed to work independently of the rest of the solution, -but it is dependent upon the 0.Collection Job Group and the user-modified CSV files. - -Additional Notes - -The jobs contained in the group use custom SQL scripts to render views on collected data. SQL views -are used to populate report element tables and graphs. Changing or modifying the group, job, or -table names results in no data displayed within the reports or the Access Information Center. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/recommended.md b/docs/accessanalyzer/11.6/solutions/sharepoint/recommended.md new file mode 100644 index 0000000000..61d7949b96 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/recommended.md @@ -0,0 +1,182 @@ +# Recommended Configuration for the SharePoint Solution + +The SharePoint Solution has been configured to inherit down from the **SharePoint** > **Settings** +node. However, it is a best practice to assign the host list and the Connection Profile at the data +collection level, 0.Collection Job Group. Once these are assigned to the job group, it can be run +directly or scheduled. + +Dependencies + +- The **.Active Directory Inventory** Job Group needs to be executed prior to running the SharePoint + Solution against a SharePoint on-premises environment +- The **.Entra ID Inventory** Job Group needs to be executed prior to running the SharePoint + Solution against a SharePoint Online environment +- For Agent-based scans, the SharePoint Agent must be installed on the application server (for + Access Auditing & Sensitive Data Discovery Auditing only) +- The Sensitive Data Discovery Add-on must be installed on the Enterprise Auditor Console server + (for Sensitive Data Discovery Auditing only) +- The Sensitive Data Discovery Add-on must be installed on the SharePoint application server (for + Sensitive Data Discovery Auditing with agent-based scans only) + +Targeted Host(s) + +For the 0.Collection Job Group: + +- Single SharePoint Application server hosting Central Administration per SharePoint farm + +The host list assignment should be assigned under the **SharePoint** > **0.Collection** > +**Settings** > **Host List Assignment** node. The list should be a custom-created list for the +SharePoint environments to be targeted. Select the checkbox for the custom-created host list. + +Since SharePoint Online environments can only be targeted for Access Auditing and Sensitive Data +Discovery Auditing, it is best practice to set the host list at the job level. + +See the +[Add Hosts](/docs/accessanalyzer/11.6/admin/hostmanagement/actions/add.md) +topic for additional information. + +Connection Profile + +The SPAA Data Collector requires a specific set of permissions. See the +[SharePoint Scan Options](/docs/accessanalyzer/11.6/requirements/solutions/sharepoint/scanoptions.md) +and +[SharePoint Support](/docs/accessanalyzer/11.6/requirements/target/sharepoint.md) +topics for the necessary permissions for both on-premises and online target environments. Then +create a custom Connection Profile containing the appropriate credentials for the targeted +environment. If a single Connection Profile contains both on-premises and online credentials, it is +necessary for the online credentials to be above the on-premises credentialss in the Connection +Profile credentials list. + +The Connection Profile should be assigned under the **SharePoint** > **0.Collection** > +**Settings** > **Connection** node. It is set to **Use the Default Profile**, as configured at the +global settings level. However, since this may not be the Connection Profile with the necessary +permissions for the assigned hosts, select the the **Select one of the following user defined +profiles** option and select the appropriate Connection Profile from the drop-down menu. + +The jobs within the 5.Effective Access Audits Job Group import CSV files from the jobs’ directories +using the TextSearch Data Collector. Therefore, it is necessary to assign a Connection Profile with +rights on the Enterprise Auditor Console server to access the CSV file saved in the job’s directory. +The Connection Profile can be set at either the **Effective Access Audits** > **Settings** > +**Connection** node (applies to both jobs) or in the job’s Properties window on the Connection tab. + +See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +Schedule Frequency + +The jobs in this job group can be scheduled to run as desired. + +Run Order + +The 0.Collection Jobs must be run first and in order. RunSystem Scans jobs and then the Bulk Import +jobs according to the desired workflow. The other SharePoint Solution sub-job groups can be run in +any order, together or individually, after running the 0.Collection Job Group. It is recommended to +run at the sub-job group level. The SP_Overview Job pulls information from both the 0.Collection Job +Group and the other sub-job groups, and the report may contain blank sections if only select sub-job +groups are run. + +The Access Information Center requires the execution of the 2-SPAA_BulkImport Job default analysis +tasks in order for permission/access reports to be accessible. For activity reports, the Access +Information Center requires the execution of both the 2-SPAA Bulk Import Job default analysis tasks +and the 2-SPAC Bulk Import Job default analysis tasks. + +**_RECOMMENDED:_** If only conducting one or two types of auditing, scope the solution by disabling +the undesired collection jobs. Disabling them allows the solution to run more efficiently. It is not +recommended to delete any jobs. See the +[Disable or Enable a Job](/docs/accessanalyzer/11.6/admin/jobs/job/disableenable.md) +topic for additional information. + +Query Configuration + +This solution can be run with the default query configuration. However, the most common +customizations include: + +- If using agent-based scanning, it is necessary to enable the agent services on the SharePoint + Access Auditor Data Collector Wizard pages: + + - Agent Settings page, enable agent service scans: + + - Set on the **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing + - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery + Auditing + +- SharePoint Access Auditor Data Collector Wizard pages: + + - SharePoint Data Collection Settings page, configure probable owner scanning: + + - Enable **Scan for Document Metadata** for probable owners calculations + - Set on the: + + - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing + - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing + + - Scan Scoping Options page (optional): + + - Limit scans to specific Web Applications and site collections + - Set on the: + + - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing + - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing + + - Additional Scoping page (optional): + + - Limit scan depth + - Set on the: + + - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing + - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing + + - DLP Audit Settings page, scope to not scan files larger than a specific size for Sensitive + Data Discovery Auditing: + + - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job + + - Select DLP Criteria page, scope to scan for specific criteria or customizing criteria for + Sensitive Data Discovery Auditing: + + - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job + + - Activity Data Scope page: + + - Customize date ranges for activity to be collected + - Set on the **0.Collection** > **1-SPAC_SystemScans** Job for Activity Auditing + + - Activity Log Locations page (optional): + + - Specify the log locations to avoid requiring remote registry access to locate the activity + event log files + - Set on the **0.Collection** > **1-SPAC_SystemScans** Job for Activity Auditing + +Analysis Configuration + +This solution should be run with the default analysis configuration. Most of these analysis tasks +are preconfigured. There are a few which are deselected by default, as they are for troubleshooting +purposes. + +Though the analysis tasks should not be deselected, the following parameters can be modified: + +- Stale File is defined by default to 365 days + + - Customize within the **4.Content** > **SP_StaleFiles** Job + +- Stale Teams is defined by default to 30 days + + - Customize within the **8.M365** > **SP_StaleTeamSites** Job + +The .Active Directory Inventory Solution defines large groups, deeply nested groups, stale users, +and users with large tokens. These parameters can be customized and are applicable to any solution, +including SharePoint, which incorporate this analyzed data into further analysis. + +- Customize within .Active Directory Inventory > 3-AD_Exceptions Job analysis tasks + +Additional Considerations + +The Effective Access Audits Job Group is designed to work independently of the rest of the solution, +but it is dependent upon the 0.Collection Job Group and the user-modified CSV files. + +Additional Notes + +The jobs contained in the group use custom SQL scripts to render views on collected data. SQL views +are used to populate report element tables and graphs. Changing or modifying the group, job, or +table names results in no data displayed within the reports or the Access Information Center. diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/sp_brokeninheritance.md b/docs/accessanalyzer/11.6/solutions/sharepoint/sp_brokeninheritance.md new file mode 100644 index 0000000000..d967eca763 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/sp_brokeninheritance.md @@ -0,0 +1,39 @@ +# 3.Broken Inheritance > SP_BrokenInheritance Job + +Keeping track of directly applied permissions at mass is not realistic, the SP_BrokenInheritance job +is responsible for performing data analysis and generating SharePoint broken inheritance reports at +the site level. This includes looking at site broken inheritance and the trustees who are assigned +to those sites where inheritance is broken so that you can remove that access in favor of providing +access via group membership. + +![3.Broken Inheritance > SP_BrokenInheritance Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritancejobstree.webp) + +The SP_BrokenInheritance job is located in the 3.Broken Inheritance Job Group. + +## Analysis Tasks for the SP_BrokenInheritance Job + +Navigate to the **Jobs** > **SharePoint** > **3.Broken Inheritance** > **SP_BrokenInheritance** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_BrokenInheritance Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritanceanalysis.webp) + +They need to remain in the default order: + +- 1. Create Inheritance View – Creates the SA_ENG_SPAA_Inheritance view accessible under the job’s + Results node +- 2. Unique Trustees Table. Identifies where Trustees have been Added/Removed – Creates the + SA_SP_BrokenInheritance_UniqueTrustees table accessible under the job’s Results node +- 3. Pivot Unique Trustees Table – Creates the SA_SP_BrokenInheritance_UniqueTrusteesPivot table + accessible under the job’s Results node +- 4. Summarize by Site Collection – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables created by the analysis tasks which display resources with broken +inheritance, the SP_BrokenInheritance Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Broken Inheritance | This job is responsible for performing data analysis and generating SharePoint direct permission reports at the site level. This includes looking at site broken inheritance and the trustees who are assigned to those sites where inheritance is broken. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 site collections by resources with permission changes - Table – Provides a site collection summary - Table – Provides broken inheritance details | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/sp_openaccess.md b/docs/accessanalyzer/11.6/solutions/sharepoint/sp_openaccess.md new file mode 100644 index 0000000000..9a8478c227 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/sp_openaccess.md @@ -0,0 +1,45 @@ +# 2.High Risk Sites > SP_OpenAccess Job + +The 2.High Risk Sites Job Group provides insight into any high risk repositories and high risk data +that may exist within the targeted SharePoint environment. High risk data is effectively open to the +entire organization through modification of SharePoint permissions to apply well known security +principals such as NT AUTHORITY\Authenticated Users. The data must be monitored closely because of +its exposure. + +![2.High Risk Sites > SP_OpenAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/openaccessjobstree.webp) + +The job group is comprised of the SP_OpenAccess Job. Minimizing your attack surface is the goal. +Open site collections can potentially provide access to privileged data, greatly increasing your +vulnerability. The SP_OpenAccess Job will identify places in the environment where data is able to +be accessed by a very large amount of employees. + +It is dependent on data collected by the +[SharePoint Access Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md#sharepoint-access-auditing) +or +[SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md#sharepoint-sensitive-data-discovery-auditing-seek) +components of the +[0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md). + +## Analysis Tasks for the SP_OpenAccess Job + +Navigate to the **Jobs** > **SharePoint** > **2.High Risk Sites** > **SP_OpenAccess** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_OpenAccess Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/openaccessanalysis.webp) + +The default analysis tasks are: + +- 1. Determine Access to Resources – Creates the SA_SP_OpenAccess_AccessDetails table accessible + under the job’s Results node +- 2. Summarize by Site Collection – Creates the SA_SP_OpenAccess_SiteCollectionSummary table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display resources with open access, +the SP_OpenAccess Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | ------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Open Access | This report identifies site collections with open resources. | Open Access | This report is comprised of two elements: - Stacked Bar – Displays top site collections with open access - Table – Provides site collection details - Table – Provides access details | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/sp_overview.md b/docs/accessanalyzer/11.6/solutions/sharepoint/sp_overview.md new file mode 100644 index 0000000000..0c4320a148 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/sp_overview.md @@ -0,0 +1,39 @@ +# SP_Overview Job + +The SP_Overview job provides an overview of the SharePoint Environment, providing a high level view +into what makes up a SharePoint Environment and the types of security risks and toxic permissions +found during scans. + +![SP_Overview Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/overviewjobstree.webp) + +It is dependent on data collected by the +[SharePoint Access Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md#sharepoint-access-auditing), +[SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md#sharepoint-sensitive-data-discovery-auditing-seek), +and +[SharePoint Activity Auditing](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md#sharepoint-activity-auditing) +components of the +[0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/sharepoint/collection/overview.md). +It also depends on the running of the sub-job groups within the solution. If only select sub-job +groups have been run, there will be blank sections of this overview report. + +## Analysis Tasks for the SP_Overview Job + +Navigate to the **Jobs** > **SharePoint** > **SP_Overview** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_Overview Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/overviewanalysis.webp) + +The default analysis tasks is: + +- Generate Overview – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the table created by the analysis task which displays all direct user permissions, +the SP_Overview Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------- | +| SharePoint Overview | This report provides an overview of the targeted SharePoint environment. | None | This report is comprised of one element: - Table – Provides details on the targeted SharePoint environment | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/sp_probableowner.md b/docs/accessanalyzer/11.6/solutions/sharepoint/sp_probableowner.md new file mode 100644 index 0000000000..d10f697118 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/sp_probableowner.md @@ -0,0 +1,32 @@ +# 5.Probable Owner > SP_ProbableOwner Job + +The SP_ProbableOwner Job aids in the identification of probable owners for Site Collections and +Sites, which can be used for entitlement reviews. Probably Owner calculation is based on file +ownership, management structure, and file activity. The goal of this report is to help you identify +who most likely owns the SharePoint resource or at least someone who can tell you who does. + +![5.Probable Owner > SP_ProbableOwner Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/probableownerjobstree.webp) + +The SP_ProbableOwner Job is located in the 5.Probable Owner Job Group. + +## Analysis Tasks for the SP_ProbableOwner Job + +Navigate to the **Jobs** > **SharePoint** > **5.Probable Owner** > +**SP_ProbableOwner** >**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_ProbableOwner Job](/img/product_docs/accessanalyzer/11.6/solutions/filesystem/probableowneranalysis.webp) + +The default analysis tasks are: + +- Identify Probable Owners – Creates the SA_SP_SiteProbablyOwners_Details table accessible under the + job’s Results node + +In addition to the table created by the analysis task which displays probable ownership, the +SP_ProbableOwner Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | --------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------- | +| SharePoint Probable Ownership | This report identifies probable owners based on management structure, file ownership, and activity. | None | This report is comprised of one element: - Table – Provides details on probable owners | diff --git a/docs/accessanalyzer/11.6/solutions/sharepoint/sp_sensitivedata.md b/docs/accessanalyzer/11.6/solutions/sharepoint/sp_sensitivedata.md new file mode 100644 index 0000000000..f37f28c904 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/sharepoint/sp_sensitivedata.md @@ -0,0 +1,34 @@ +# 6.Sensitive Data > SP_SensitiveData Job + +The SP_SensitiveData Job identifies where sensitive data is located inside SharePoint farms. Special +care is paid to access and user activity in these locations. + +![6.Sensitve Data > SP_SensitiveData Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) + +The SP_SensitiveData Job is located in the 6.Sensitive Data Job Group. + +## Analysis Tasks for the SP_SensitiveData Job + +Navigate to the **Jobs** > **SharePoint** > **6.Sensitive Data** > **SP_SensitiveData** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_SensitiveData Job](/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) + +The default analysis tasks are: + +- Details – Creates the SA_SP_SensitiveData_Details table accessible under the job’s Results node +- Summarize by Site – Creates the SA_SP_SensitiveData_SiteSummary table accessible under the job’s + Results node +- Enterprise Summary – Creates the SA_SP_SensitiveData_Summary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks which display sensitive data, the +SP_SensitiveData Job produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------ | ------------------------------------------------------------------------------------------------------ | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Enterprise Summary (A.K.A. Sensitive Data) | This report summarizes the types and amount of sensitive data discovered on targeted SharePoint farms. | Sensitive Data | This report is comprised of two elements: - Pie Chart – Displays sensitive data discovered on SharePoint farms - Table – Provides details on sensitive data | +| Site Collection Details | This report highlights sites with the largest amount of sensitive data found. | Sensitive Data | This report is comprised of three elements: - Bar Chart – Displays top sites by sensitive files - Table – Provides details on the site collection summary - Table – Provides details the files fetched | diff --git a/docs/accessanalyzer/11.6/solutions/unix/overview.md b/docs/accessanalyzer/11.6/solutions/unix/overview.md new file mode 100644 index 0000000000..a064ed537d --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/overview.md @@ -0,0 +1,51 @@ +# Unix Solution + +The Unix Solution reports on areas of administrative concern for Unix and Linux systems. Attention +is given to users and group details, privileged access rights, and NFS and Samba sharing +configurations. + +Supported Platforms + +- AIX® 4+ +- Solaris™ 8+ +- Red Hat® Enterprise Linux® 4+ +- Red Hat® Linux® 5.2+ +- HP-UX® 11+ +- CentOS® 7+ +- SUSE® 10+ + +Requirements, Permissions, and Ports + +See the +[Target Unix Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/unix.md) +topic for additional information. + +Location + +The Unix Solution requires a special Enterprise Auditor license. It can be installed from the +Enterprise Auditor Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to +the solution: **Jobs** > **Unix**. + +## Job Groups + +The Unix solution is a set of audit jobs and reports that provide visibility into important Unix and +Linux administration concepts. + +![Unix Solution Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The job groups in the Unix Solution are: + +- [1.Users and Groups Job Group](/docs/accessanalyzer/11.6/solutions/unix/usersgroups/overview.md) + – The jobs within this group provide visibility into users and groups, helping to pinpoint + potential areas of administrative concern +- [2.Privileged Access Job Group](/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/overview.md) + – The jobs within this group provide visibility into privileged users within audited Unix and + Linux environments by identifying all rights granted via sudoers and the owners of critical files + such as passwd, shadow, sudoers, hosts.deny, and more +- [3.Sharing Job Group](/docs/accessanalyzer/11.6/solutions/unix/sharing/overview.md) + – Provides information on NFS and Samba share configuration, and highlights potentially high-risk + shares + +Each job group within the Unix Solution is designed to run independently. See the +[Recommended Configurations for the Unix Job Group](/docs/accessanalyzer/11.6/solutions/unix/recommended.md) +topic for information on frequency and job group settings. diff --git a/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/overview.md b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/overview.md new file mode 100644 index 0000000000..a1a042ab9a --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/overview.md @@ -0,0 +1,16 @@ +# 2.Privileged Access Job Group + +The 2.Privileged Access job group contains jobs that provide visibility into privileged users within +audited Unix and Linux environments by identifying all rights granted via sudoers and the owners of +critical files such as passwd, shadow, sudoers, hosts.deny, and more. + +![2.Privileged Access Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 2.Privileged Access job group are: + +- [ Sudoers Job Group](/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/overview.md) + – The jobs in this job group provide visibility into all rights granted via sudoers within audited + Unix and Linux environments +- [UX_CriticalFiles Job](/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/ux_criticalfiles.md) + – This job provides visibility into owners of critical files within audited Unix and Linux + environments such as passwd, shadow, sudoers, hosts.deny, and more diff --git a/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/overview.md b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/overview.md new file mode 100644 index 0000000000..9ccbb051c2 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/overview.md @@ -0,0 +1,14 @@ +# 0.Collection Job Group + +The 0.Collection job group collects details on all rights granted via sudoers within audited Unix +and Linux Environments. + +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The jobs in the 0.Collection job group are: + +- [UX_MakeDirectory Job](/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md) + – This job creates a temporary Enterprise Auditor directory on target Unix and Linux environments + to be used by the UX_ParseSudoers job +- [UX_ParseSudeors Job](/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md) + – This job parses all rights granted via sudoers in the audited environment diff --git a/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md new file mode 100644 index 0000000000..69ca76f3b0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md @@ -0,0 +1,14 @@ +# UX_MakeDirectory Job + +The UX_MakeDirectory job creates a temporary Enterprise Auditor directory on the target host to be +used by the UX_ParseSudoers job. + +## Queries for the UX_MakeDirectory Job + +The UX_MakeDirectory job uses the Unix Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the UX_MakeDirectory Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp) + +- MakeDirectory – Makes a directory for the sudoers.pl file on the target host diff --git a/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md new file mode 100644 index 0000000000..00fe263e86 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md @@ -0,0 +1,15 @@ +# UX_ParseSudeors Job + +The UX_ParseSudoers job parses all rights granted via sudoers in the audited environments. + +## Queries for the UX_ParseSudoers Job + +The UX_ParseSudoers job uses the Unix Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the UX_ParseSudoers Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp) + +The query for the UX_ParseSudoers job is: + +- ParseSudoers – Parses the sudoers file on the target host diff --git a/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/overview.md b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/overview.md new file mode 100644 index 0000000000..396f7056b0 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/overview.md @@ -0,0 +1,14 @@ +# Sudoers Job Group + +The Sudoers job group provides visibility into all rights granted via sudoers within audited Unix +and Linux environments. + +![Sudoers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp) + +The jobs in the Sudoers job group are: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/overview.md) + – This group collects details on all rights granted via sudoers within audited Unix and Linux + environments +- [UX_Sudoers Job](/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md) + – This job details all rights granted via sudoers in the audited environment diff --git a/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md new file mode 100644 index 0000000000..301b438533 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md @@ -0,0 +1,30 @@ +# UX_Sudoers Job + +The UX_Sudoers job provides visibility into all rights granted via sudoers within audited Unix and +Linux environments. + +## Analysis Tasks for the UX_Sudoers Job + +Navigate to the **Unix** > **2.Privileged Access** > **Sudoers** > **UX_Sudoers** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_Sudoers Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp) + +The default analysis tasks are: + +- Summarize number of provisioned users by host – Creates an interim processing table in the + database for use by downstream analysis and report generation +- Determine highly provisioned users – Creates an interim processing table in the database for use + by downstream analysis and report generation +- List sudoers entries across the environment – Creates the SA_UX_Sudoers_Details table accessible + under the job’s Results node + +In addition to the table and views created by the analysis tasks, the UX_Sudoers job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | --------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sudo Rights by Host | This report details all rights granted via sudoers across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays Hosts With Most Provisioning - Table – Provides details on Provisioning by Host - Table – Provides information on Sudoers Details | diff --git a/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/ux_criticalfiles.md b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/ux_criticalfiles.md new file mode 100644 index 0000000000..17bd6f9d05 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/ux_criticalfiles.md @@ -0,0 +1,42 @@ +# UX_CriticalFiles Job + +The UX_CriticalFiles job provides visibility into owners of critical files within audited Unix and +Linux environments such as passwd, shadow, sudoers, hosts.deny, and more. + +## Queries for the UX_CriticalFiles Job + +The UX_CriticalFIles job uses the Unix Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the UX_CriticalFiles Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/criticalfilesquery.webp) + +The query for the UX_CriticalFiles job is: + +- Critical File Owners – Finds critical file ownership + +## Analysis Tasks for the UX_CriticalFiles Job + +Navigate to the **Unix** > **2.Privileged Access** > **UX_CriticalFiles** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_CriticalFiles Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/criticalfilesanalysis.webp) + +The default analysis task is: + +- Details critical file ownership, highlights top users + + - Creates SA_UX_PrivilegedAccess_CriticalFileOwnership table accessible under the job’s Results + node + - Creates SA_UX_PrivilegedAccess_CriticalFileOwners table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis task, the UX_CriticalFiles job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Critical File Ownership | This report lists the ownership of critical files across the audited environment. The top non-root users and groups with critical file ownership are highlighted. | None | This report is comprised of three elements: - Table – Provides details on Top 5 Critical File Owners (Users) - Table – Provides details on Top 5 Critical File Owners (Groups) - Table – Provides information on Critical File Ownership Details | diff --git a/docs/accessanalyzer/11.6/solutions/unix/recommended.md b/docs/accessanalyzer/11.6/solutions/unix/recommended.md new file mode 100644 index 0000000000..beddcf4a80 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/recommended.md @@ -0,0 +1,61 @@ +# Recommended Configurations for the Unix Job Group + +The Unix job group has been configured by default to run with the default settings. It can be run +directly or scheduled. + +Dependencies + +If applicable, the **.NIS Inventory** job group can be run to enable reporting on users and groups +from NIS environments. + +Target Host(s) + +All Unix Servers. Create a custom host list in Host Management that contains all Unix servers that +are in scope to be auditing with the Unix solution. + +The Unix job group has been configured to inherit the host list assignment from the solution level. +The host list assignment should be assigned under the **Unix** > **Settings** > **Host List +Assignment** node. Select the UNIX servers host list created previously. + +Connection Profile + +Set a Connection Profile on the Unix job group with root permissions for Unix/Linux. + +If the Root permission is unavailable, a least privileged model can be used. See the +[Least Privilege Model](/docs/accessanalyzer/11.6/requirements/target/unix.md#least-privilege-model) +topic for permissions needed to target the supported platforms for data collection. + +Schedule Frequency + +Schedule the Unix Solution or individual job groups to run as desired. + +History Retention + +This is not supported in this job group and should be turned off. + +Run at the Job Group Level + +It is a common practice to run the job in the **1.Users and Groups** job group by running the entire +job group, instead of the individual jobs. + +Query Configuration + +The queries in this job group are preconfigured to run with the default configurations. + +Analysis Configuration + +The analysis tasks in this job group are preconfigured to run with the default configurations. + +Workflow + +**Step 1 –** Run a Host Discovery Query to create a host list with All Unix Servers, and assign that +host list under the **Unix** > **Settings** > **Host List Assignment** node. + +**Step 2 –** (Optional) If applicable, run the **.NIS Inventory** job group run to enable reporting +on users and groups from NIS environments. + +**Step 3 –** Set a Connection Profile on the Unix job group. + +**Step 4 –** Schedule the Unix solution or individual job groups to run as desired. + +**Step 5 –** Review the reports generated by the Unix Solution. diff --git a/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/overview.md b/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/overview.md new file mode 100644 index 0000000000..9390e9be49 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/overview.md @@ -0,0 +1,15 @@ +# 0.Collection Job Group + +The jobs within this group collect NFS and Samba configuration information which will be further +analyzed to identify and categorize risk within audited Unix and Linux environments. + +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The jobs in the 0.Collection job group are: + +- [UX_NFSConfiguration Job](/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/ux_nfsconfiguration.md) + – Collects NFS configuration information which will be further analyzed to identify and categorize + risk within audited Unix and Linux environments +- [UX_NFSConfiguration Job](/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/ux_nfsconfiguration.md) + – Collects Samba configuration information which will be further analyzed to identify and + categorize risk within audited Unix and Linux environments diff --git a/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/ux_nfsconfiguration.md b/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/ux_nfsconfiguration.md new file mode 100644 index 0000000000..0f80c1f7ef --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/ux_nfsconfiguration.md @@ -0,0 +1,32 @@ +# UX_NFSConfiguration Job + +The **0.Collection** > **UX_NFSConfiguration** job collects NFS configuration information which will +be further analyzed to identify and categorize risk within audited Unix and Linux environments. + +## Queries for the UX_NFSConfiguration Job + +The UX_NFSConfiguration job uses the Unix Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the UX_NFSConfiguration Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/nfsconfigurationqueries.webp) + +The queries for the UX_NFSConfiguration job are: + +- NFS Config – NFS Configuration +- Host OS – Gets the operating system of the target hosts + +## Analysis Tasks for the UX_NFSConfiguration Job + +Navigate to the **Unix** > **3.Sharing** > **0.Collection** > **UX_NFSConfiguration** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the UX_NFSConfiguration Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp) + +The default analysis task is: + +- Create NFS Options table – Creates the SA_UX_Sharing_NFSOptions table accessible under the job’s + Results node diff --git a/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/ux_sambaconfiguration.md b/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/ux_sambaconfiguration.md new file mode 100644 index 0000000000..e142429ad9 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/ux_sambaconfiguration.md @@ -0,0 +1,32 @@ +# UX_SambaConfiguration Job + +The **0.Collection** > **UX_SambaConfiguration** job collects Samba configuration information which +will be further analyzed to identify and categorize risk within audited Unix and Linux environments. + +## Queries for the UX_SambaConfiguration Job + +The UX_SambaConfiguration job uses the Unix Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the UX_SambaConfiguration Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/sambaconfigurationqueries.webp) + +The queries for the UX_SambaConfiguration Job are: + +- Samba Configuration – Uses the Unix Data Collector to parse the smb.conf file +- Host OS – Gets the operating system of the target hosts + +## Analysis Tasks for the UX_SambaConfiguration Job + +Navigate to the **Unix** > **3.Sharing** > **0.Collection** > **UX_SambaConfiguration** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the UX_SambaConfiguration Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp) + +The default analysis task is: + +- Creates Samba Parameters table from scan results – Creates the SA_UX_Sharing_SambaParameters table + accessible under the job’s Results node diff --git a/docs/accessanalyzer/11.6/solutions/unix/sharing/overview.md b/docs/accessanalyzer/11.6/solutions/unix/sharing/overview.md new file mode 100644 index 0000000000..d2ea7ed341 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/sharing/overview.md @@ -0,0 +1,17 @@ +# 3.Sharing Job Group + +The 3.Sharing job group highlights potentially insecure share configurations on Unix hosts. + +![3.Sharing Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 3.Sharing job group are: + +- [0.Collection Job Group](/docs/accessanalyzer/11.6/solutions/unix/sharing/collection/overview.md) - + Collects NFS and Samba configuration information which will be further analyzed to identify and + categorize risk within audited Unix and Linux environments +- [UX_NFS Job](/docs/accessanalyzer/11.6/solutions/unix/sharing/ux_nfs.md) + – This job identifies potentially insecure NFS share options which are categorized by their risk + level. Separate lists of options are checked based on target operating system. +- [UX_Samba Job](/docs/accessanalyzer/11.6/solutions/unix/sharing/ux_samba.md) + – This job identifies potentially insecure Samba share configurations which are categorized by + their risk level diff --git a/docs/accessanalyzer/11.6/solutions/unix/sharing/ux_nfs.md b/docs/accessanalyzer/11.6/solutions/unix/sharing/ux_nfs.md new file mode 100644 index 0000000000..134123bb26 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/sharing/ux_nfs.md @@ -0,0 +1,28 @@ +# UX_NFS Job + +The UX_NFS job identifies potentially insecure NFS share options which are categorized by their risk +level. Separate lists of options are checked based on target operating system. + +## Analysis Tasks for the UX_NFS Job + +Navigate to the **Unix** > **3.Sharing** > **UX_NFS** > **Configure** node and select **Analysis** +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_NFS Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/nfsanalysis.webp) + +The default analysis tasks are: + +- Lists high risk NFS share options – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Highlights hosts with a large number of risky shares – Creates an interim processing table in the + database for use by downstream analysis and report generation + +In addition to the tables and views created by the analysis task, the UX_NFS job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------------------- | ---------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| NFS Shares with Potentially Insecure Options | This report identifies NFS shares with options which may lead to open access | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Potentially Insecure Shares - Table – Provides details on Top Hosts by Potentially Insecure Shares bar chart - Table – Provides details on List of Potentially Insecure Share Options | diff --git a/docs/accessanalyzer/11.6/solutions/unix/sharing/ux_samba.md b/docs/accessanalyzer/11.6/solutions/unix/sharing/ux_samba.md new file mode 100644 index 0000000000..1719d8477f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/sharing/ux_samba.md @@ -0,0 +1,28 @@ +# UX_Samba Job + +The UX_Samba job identifies potentially insecure Samba share configurations which are categorized by +their risk level. + +## Analysis Tasks for the UX_Samba Job + +View the analysis tasks by navigating to the **Unix** > **3.Sharing** > **UX_Samba** > **Configure** +node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_Samba Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/sambaanalysis.webp) + +The default analysis tasks are: + +- Lists high risk Samba share configurations – Creates the SA_UX_Samba_HighRiskSambaShares table + accessible under the job’s Results node +- Highlights hosts with a large number of risky shares – Creates an interim processing table in the + database for use by downstream analysis and report generation + +In addition to the tables and views created by the analysis task, the UX_NFS job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------------- | --------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Samba Shares with Potentially Insecure Configurations | This report identifies Samba shares with parameters which may lead to open access | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Potentially Insecure Shares - Table – Provides details on Top Hosts by Potentially Insecure Shares bar chart - Table – Provides details on List of Potentially Insecure Share Configurations | diff --git a/docs/accessanalyzer/11.6/solutions/unix/usersgroups/overview.md b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/overview.md new file mode 100644 index 0000000000..3fbf62959f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/overview.md @@ -0,0 +1,29 @@ +# 1.Users and Groups Job Group + +The jobs within the 1.Users and Groups job group provide visibility into users and groups, helping +to pinpoint potential areas of administrative concern. + +![1.Users and Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the 1.Users and Groups job group are: + +- [0.Collection > UX_UsersAndGroups Job](/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_usersandgroups.md) + – Collects user and group related information from /etc/shadow and their equivalents in order to + provide details on user and group conditions to help pinpoint areas of administrative concerns +- [UX_DuplicateGroups Job](/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_duplicategroups.md) + – This job identifies duplicate groups within the audited Unix or Linux environment. Duplicate + groups contain the same group membership as one another and are suitable candidates for cleanup. +- [UX_EmptyGroups Job](/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_emptygroups.md) + – This job identifies empty groups found within the audited Unix or Linux environment. These are + suitable candidates for consolidation or cleanup. +- [UX_LargeGroups Job](/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_largegroups.md) + – This job identifies groups with large member counts. These types of groups may cause + administrative overhead and burden in being able to easily understand who is getting access to + resources, or how much access is being granted to resources through these groups. +- [UX_LocalGroups Job](/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_localgroups.md) + – This job provides an overview of all local groups within the audited Unix and Linux environments +- [UX_LocalUsers Job](/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_localusers.md) + – This job provides an overview of all local users within the audited Unix and Linux environments +- [UX_PasswordSettings Job](/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_passwordsettings.md) + – This job provides visibility into user passwords and system password configurations within + audited Unix and Linux environments diff --git a/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_duplicategroups.md b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_duplicategroups.md new file mode 100644 index 0000000000..9c894d88f3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_duplicategroups.md @@ -0,0 +1,29 @@ +# UX_DuplicateGroups Job + +The UX_DuplicateGroups job identifies duplicate groups within the audited Unix or Linux environment. +Duplicate groups contain the same group membership as one another and are suitable candidates for +cleanup. + +## Analysis Tasks for the UX_DuplicateGroups Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_DuplicateGroups** > **Configure** node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_DuplicateGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/duplicategroupsanalysis.webp) + +The default analysis tasks are: + +- Finds duplicate groups – Creates the SA_UX_DuplicateGroups_Details table accessible under the + job’s Results node +- Summarizes duplicate groups – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the table and views created by the analysis tasks, the UX_DuplicateGroups job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | +| Duplicate Groups | This report identifies duplicate groups within the audited domains | None | This report is comprised of two elements: - Bar Chart – Displays Largest Groups with Duplicates - Table – Provides details on Duplicate Group Details | diff --git a/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_emptygroups.md b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_emptygroups.md new file mode 100644 index 0000000000..633194f18f --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_emptygroups.md @@ -0,0 +1,28 @@ +# UX_EmptyGroups Job + +The UX_EmptyGroups job identifies empty groups found within the audited Unix or Linux environment. +These are suitable candidates for consolidation or cleanup. + +## Analysis Tasks for the UX_EmptyGroups Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_EmptyGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_EmptyGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) + +The default analysis tasks are: + +- Finds empty groups – Creates the SA_UX_EmptyGroups_Details table accessible under the job’s + Results node +- Summarizes empty groups – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the table and views created by the analysis tasks, the UX_EmptyGroups job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | -------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Empty Groups | This report identifies empty groups within the audited domains | None | This report is comprised of three elements: - Bar Chart – Displays Empty Groups by Type - Table – Provides details on Empty Groups by Type bar chart - Table – Provides information on Empty Group Details | diff --git a/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_largegroups.md b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_largegroups.md new file mode 100644 index 0000000000..4d7b4b6f01 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_largegroups.md @@ -0,0 +1,43 @@ +# UX_LargeGroups Job + +The UX_LargeGroups job identifies groups with large member counts. These types of groups may cause +administrative overhead and burden in being able to easily understand who is getting access to +resources, or how much access is being granted to resources through these groups. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/11.6/admin/jobs/job/overview.md#parameter-configuration) +topic for instructions on how to edit parameters on a job overview page. + +The UX_LargeGroups job has the following customizable parameter: + +- Minimum size for a group to be considered large – Sets the threshold used by the Find large groups + analysis task to determine if a group is considered to be large. The default is 5. + +## Analysis Tasks for the UX_LargeGroups Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_LargeGroups** > **Configure** node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the UX_LargeGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/largegroupsanalysis.webp) + +The default analysis task is: + +- Finds large groups. The parameter determining the minimum size for a large group can be configured + in the SQL scripting module. – Creates the UX_LargeGroups_Details table accessible under the job’s + Results node + + - The threshold value used to determine if a group is considered large can be customized. See + the [Parameter Configuration](#parameter-configuration) for additional information. + +In addition to the table and views created by the analysis tasks, the UX_LargeGroups job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | -------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | +| Large Groups | This report identifies large groups within the audited domains | None | This report is comprised of two elements: - Bar Chart – Displays Top 5 Large Groups - Table – Provides information on Large Group Details | diff --git a/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_localgroups.md b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_localgroups.md new file mode 100644 index 0000000000..6476fae3db --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_localgroups.md @@ -0,0 +1,28 @@ +# UX_LocalGroups Job + +The UX_LocalGroups job provides an overview of all local groups within the audited Unix and Linux +environments. + +## Analysis Tasks for the UX_LocalGroups Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_LocalGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_LocalGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/localgroupsanalysis.webp) + +The default analysis tasks are: + +- Creates local groups table – Creates the SA_UX_LocalGroups_Details table accessible under the + job’s Results node +- Creates local groups summary table – Creates an interim processing table in the database for use + by downstream analysis and report generation + +In addition to the table and views created by the analysis tasks, the UX_LocalGroups job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------- | +| Local Groups | This report summarizes local groups in the audited environment. Hosts with large numbers of local groups are highlighted, as are local groups with large memberships. | None | This report is comprised of two elements: - Bar Chart – Displays Top Hosts by Local Group Count - Table – Provides details on All Local Groups | diff --git a/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_localusers.md b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_localusers.md new file mode 100644 index 0000000000..95d959fbc6 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_localusers.md @@ -0,0 +1,28 @@ +# UX_LocalUsers Job + +The UX_LocalUsers job provides an overview of all local users within the audited Unix and Linux +environments. + +## Analysis Tasks for the UX_LocalUsers Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_LocalUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_LocalUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/localusersanalysis.webp) + +The default analysis tasks are: + +- Creates local users table – Creates the SA_UX_LocalUsers_Details table accessible under the job’s + Results node +- Creates local users summary table – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the table and views created by the analysis tasks, the UX_LocalUsers job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | ----------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Local Users | This report summarizes local users in the audited environment. Hosts with large numbers of local users are highlighted. | None | This report is comprised of three elements: - Bar Chart – Displays Top 5 Hosts by Local User Count - Table – Provides details on Top 5 Local User Count bar chart - Table – Provides details on All Local Users | diff --git a/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_passwordsettings.md b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_passwordsettings.md new file mode 100644 index 0000000000..fb98ea83d3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_passwordsettings.md @@ -0,0 +1,29 @@ +# UX_PasswordSettings Job + +The UX_PasswordSettings job provides visibility into user passwords and system password +configurations within audited Unix and Linux environments. + +## Analysis Tasks for the UX_PasswordSettings Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_PasswordSettings** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_PasswordSettings Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/passwordsettingsanalysis.webp) + +The default analysis tasks are: + +- Gives information about local user passwords – Creates SA_UX_PasswordSettings_UserDetails table + accessible under the job’s Results node +- Gives information about system password settings – Creates SA_UX_PasswordSettings_SystemDetails + table accessible under the job’s Results node + +In addition to the table and views created by the analysis tasks, the UX_PasswordSettings job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | -------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------- | +| Local User Passwords | This report outlines password information for each local user on each host | None | This report is comprised of one element: - Table – Provides details on User Password Settings | +| Password Security Setting | This report lists password security settings for each audited host | None | This report is comprised of one element: - Table – Provides details on Password Settings | diff --git a/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_usersandgroups.md b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_usersandgroups.md new file mode 100644 index 0000000000..1d4dda15fe --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/unix/usersgroups/ux_usersandgroups.md @@ -0,0 +1,49 @@ +# 0.Collection > UX_UsersAndGroups Job + +The UX_UsersAndGroups job collects user and group information from /etc/passwd, /etc/shadow, and +their equivalents in order to provide details on user and group conditions to help pinpoint +potential areas of administrative concern. + +![0.Collection > UX_UsersAndGroups Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The UX_UsersAndGroups job is located in the 0.Collection job group. + +## Queries for the UX_UsersAndGroups Job + +The UX_UsersandGroups job uses the Unix Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the UX_UsersAndGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/usersandgroupsqueries.webp) + +The queries for the UX_UsersAndGroups job are: + +- UX_LocalUsers – Obtains local user information from /etc/passwd +- UX_LocalGroups – Obtains local group information from /etc/group +- UX_LocalGroupMembers – Obtains local group membership information from /etc/group +- UX_UserPasswords_AIX – Gets shadow file information on AIX hosts +- UX_UserPasswords_Linux – Gets shadow file information on RHEL, CentOS, Debian, SuSE, and Solaris + hosts +- UX_PasswordSettings_AIX – Gets system password settings from /etc/security/user +- UX_PasswordSettings_Linux – Gets system password settings from /etc/login.defs +- UX_PasswordSettings_Solaris – Gets system password settings from /etc/default/passwd +- UX_UserPasswords_AIX_LastUpdate – Gets passwd file information on AIX hosts + +## Analysis Tasks for the UX_UsersAndGroups Job + +Navigate to the **Unix** > **1.Users and Groups** > **0.Collection** > **UX_UsersAndGroups** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_UsersAndGroups Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/usersandgroupsanalysis.webp) + +The default analysis tasks are: + +- Creates UX_Users from LDAP_Users, NIS_Users, and UX_LocalUsers – Creates the UX_Users table + accessible under the job’s Results node +- Creates UX_Groups from LDAP_Groups, NIS_Groups, and UX_LocalGroups – Creates the UX_Groups table + accessible under the job’s Results node +- Creates UX_GroupMembers – Creates the UX_GroupMembers table accessible under the job’s Results + node diff --git a/docs/accessanalyzer/11.6/solutions/windows/applications/overview.md b/docs/accessanalyzer/11.6/solutions/windows/applications/overview.md new file mode 100644 index 0000000000..12fcc93f0e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/applications/overview.md @@ -0,0 +1,16 @@ +# Applications Job Group + +The Applications job group tracks various aspects of installed application management, identifying +installed software and utilization, unauthorized programs and rogue systems, and more. + +![Applications Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the Applications job group are: + +- [SG_InstalledApplications Job](/docs/accessanalyzer/11.6/solutions/windows/applications/sg_installedapplications.md) + – This job identifies installed applications on all targeted hosts, highlighting the most common + applications installed across the audited environment +- [SG_RunAtBoot Job](/docs/accessanalyzer/11.6/solutions/windows/applications/sg_runatboot.md) + – This job lists applications which are set to **Run** or **Run Once** on all targeted hosts +- [SG_ScheduledTasks Job](/docs/accessanalyzer/11.6/solutions/windows/applications/sg_scheduledtasks.md) + – This job lists scheduled task details on all targeted hosts diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/recommended.md b/docs/accessanalyzer/11.6/solutions/windows/applications/recommended.md similarity index 100% rename from docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/applications/recommended.md rename to docs/accessanalyzer/11.6/solutions/windows/applications/recommended.md diff --git a/docs/accessanalyzer/11.6/solutions/windows/applications/sg_installedapplications.md b/docs/accessanalyzer/11.6/solutions/windows/applications/sg_installedapplications.md new file mode 100644 index 0000000000..829ca437eb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/applications/sg_installedapplications.md @@ -0,0 +1,43 @@ +# SG_InstalledApplications Job + +The SG_InstalledApplications job identifies installed applications on all targeted hosts. + +## Queries for the SG_InstalledApplications Job + +The SG_InstalledApplications job uses the WMICollector Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_InstalledApplications Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/installedapplicationsquery.webp) + +The query for the SG_InstalledApplications job are: + +- Installed Applications – Targets all Windows servers known to Enterprise Auditor to determine + installed applications + +## Analysis Tasks for the SG_InstalledApplications Job + +Navigate to the **Windows** > **Applications** > **SG_InstalledApplications** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_InstalledApplications Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/installedapplicationsanalysis.webp) + +The default analysis tasks are: + +- All Installed Applications - Change Tracking – Creates the + SA_SG_InstalledApplications_ChangeTracking table accessible under the job’s Results node +- All Installed Applications - Details – Creates the SA_SG_InstalledApplications_Details table + accessible under the job’s Results node +- MS Applications - Details – Creates the SA_SG_InstalledApplications_MSDetails table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SG_InstalledApplications job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------ | +| All Installed Applications | This report details all installed applications, and highlights the most common installed applications across the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays top installed applications - Table – Provides details on installed applications | +| MS Office Applications | This report provides host-level details on which Microsoft Office applications are installed. | None | This report is comprised of two elements: - Bar Chart – Displays top MS Office applications - Table – Provides details on MS Office applications | diff --git a/docs/accessanalyzer/11.6/solutions/windows/applications/sg_runatboot.md b/docs/accessanalyzer/11.6/solutions/windows/applications/sg_runatboot.md new file mode 100644 index 0000000000..5082999854 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/applications/sg_runatboot.md @@ -0,0 +1,46 @@ +# SG_RunAtBoot Job + +The SG_RunAtBoot job lists applications which are set to **Run** or **Run Once** on all targeted +hosts. + +## Queries for the SG_RunAtBoot Job + +The SG_RunAtBoot job uses the Registry Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the SG_RunAtBoot Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/runatbootqueries.webp) + +The queries for the SG_RunAtBoot job are: + +- Run – Targets all Windows servers known to Enterprise Auditor to run at boot applications +- Run Once – Targets all Windows servers known to Enterprise Auditor to run once at boot + applications + +## Analysis Tasks for the SG_RunAtBoot Job + +Navigate to the **Windows** > **Applications** > **SG_RunAtBoot** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_RunAtBoot Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/runatbootanalysis.webp) + +The default analysis tasks are: + +- Track Changes – Creates the SA_SG_RunAtBoot_ChangeTracking table accessible under the job’s + Results node +- List application details – Creates the SA_SG_RunAtBoot_Details table accessible under the job’s + Results node +- Summarize details by host – Creates the SA_SG_RunAtBoot_HostSummary table accessible under the + job’s Results node +- Summarize details by application – Creates the SA_SG_RunAtBoot_AppSummary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SG_RunAtBoot job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------- | ------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Run at Boot | This report enumerates applications which are set to run at boot across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Applications Run at Boot - Table – Provides details on Top Hosts by Applications Run at Boot bar chart - Table – Provides details on Run / Run Once Applications | diff --git a/docs/accessanalyzer/11.6/solutions/windows/applications/sg_scheduledtasks.md b/docs/accessanalyzer/11.6/solutions/windows/applications/sg_scheduledtasks.md new file mode 100644 index 0000000000..d592b8a970 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/applications/sg_scheduledtasks.md @@ -0,0 +1,44 @@ +# SG_ScheduledTasks Job + +The SG_ScheduledTasks job lists scheduled task details on all targeted hosts. + +## Queries for the SG_ScheduledTasks Job + +The SG_ScheduledTasks job uses the SystemInfo Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_ScheduledTasks Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/scheduledtasksquery.webp) + +The query for the SG_ScheduledTasks job is: + +- Scheduled tasks – Targets all Windows servers known to Enterprise Auditor to determine scheduled + tasks + +## Analysis Tasks for the SG_ScheduledTasks Job + +Navigate to the **Windows** > **Applications** > **SG_ScheduledTasks** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_ScheduledTasks Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/scheduledtasksanalysis.webp) + +The default analysis tasks are: + +- Track Changes – Creates the SA_SG_ScheduledTasks_ChangeTracking table accessible under the job’s + Results node +- List scheduled task details – Creates the SA_SG_ScheduledTasks_Details table accessible under the + job’s Results node +- Domain user summary – Creates the SA_SG_ScheduledTasks_DomainUsers table accessible under the + job’s Results node +- Host summary – Creates the SA_SG_ScheduledTasks_HostSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the SG_ScheduledTasks job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Scheduled Tasks | This report highlights scheduled tasks across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Hosts with Most Scheduled Tasks - Table – Provides details on Hosts with Most Scheduled Tasks bar chart - Table – Provides details on Scheduled Tasks | diff --git a/docs/accessanalyzer/11.6/solutions/windows/authentication/overview.md b/docs/accessanalyzer/11.6/solutions/windows/authentication/overview.md new file mode 100644 index 0000000000..57da2a83b4 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/authentication/overview.md @@ -0,0 +1,24 @@ +# Authentication Job Group + +The Authentication job group provides information on authentication settings within audited systems +to help identify potential security vulnerabilities and reduce risk within the environment. + +![Authentication Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the Authentication job group are: + +- [SG_LSASettings Job](/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_lsasettings.md) + – This job lists LSA settings on all targeted hosts. In particular, the RunAsPPL, + RestrictAnonymous, and ValidateKdcPacSignature keys are examined. If these keys are not set to 1, + a host is vulnerable to mimikatz and other exploitation tools. See the Microsoft + [Configuring Additional LSA Protection](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn408187(v=ws.11)) + article for additional ininformation. +- [SG_SecuritySupportProviders Job](/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_securitysupportproviders.md) + – This job identifies security support providers on all targeted hosts, highlighting potentially + malicious SSPs +- [SG_WDigestSettings Job](/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_wdigestsettings.md) + – This job lists WDigest settings on all targeted hosts. In particular, the UseLogonCredentials + key is examined. If the KB is not installed, and this key is not set properly for a given host, + cleartext passwords will be stored in memory. See the + [Microsoft Security Advisory](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) + article for more information. diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/recommended.md b/docs/accessanalyzer/11.6/solutions/windows/authentication/recommended.md similarity index 100% rename from docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/authentication/recommended.md rename to docs/accessanalyzer/11.6/solutions/windows/authentication/recommended.md diff --git a/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_lsasettings.md b/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_lsasettings.md new file mode 100644 index 0000000000..c3b3864af4 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_lsasettings.md @@ -0,0 +1,55 @@ +# SG_LSASettings Job + +The SG_LASettings job lists settings on all targeted hosts. In particular, the RunAsPPL, +RestrictAnonymous, and ValidateKdcPacSignature keys are examined. If these keys are not set to 1, a +host is vulnerable to mimikatz and other exploitation tools. See the Microsoft +[Configuring Additional LSA Protection](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn408187(v=ws.11)) +article for additional information. + +## Queries for the SG_LSASettings Job + +The SG_LSASettings job uses the Registry Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the SG_LSASettings Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/lsasettingsqueries.webp) + +The queries for the SG_LSASettings Job are: + +- Check LSA registry keys – Checks LSA registry keys +- PAC Validation – Provides PAC Validation + +## Analysis Tasks for the SG_LSASettings Job + +Navigate to the **Windows** > **Authentication** > **SG_LSASettings** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_LSASettings Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/lsasettingsanalysis.webp) + +The default analysis tasks are: + +- TrackRunAsPPL changes – Creates the SG_LSASettings_RunAsPPLChangeTracking table accessible under + the job’s Results node +- List RunAsPPL setting details – Creates the SG_LSASettings_RunAsPPLDetails table accessible under + the job’s Results node +- Summarize RunAsPPL settings – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Track RestrictAnonymous changes – Creates the SG_LSASettings_RestrictAnonymousChangeTracking table + accessible under the job’s Results node +- List RestrictAnonymous setting details – Creates the SG_LSASettings_RestrictAnonymousDetails table + accessible under the job’s Results node +- Summarize RestrictAnonymous settings – Creates an interim processing table in the database for use + by downstream analysis and report generation +- PAC – Creates the SG_LSASettings_PACStatus table accessible under the job’s Results node + +In addition to the tables created by the data collector, the SG_LSASettings job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Additional LSA Protection | This report summarizes RunAsPPL registry settings on targeted hosts. This key governs whether or not additional LSA protection is enabled. See the Microsoft [Configuring Additional LSA Protection](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn408187(v=ws.11)) article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays additional LSA protection by host - Table – Provides additional LSA Protection Details | +| PAC Validation | This report indicates whether or not PAC Validation is enabled on all targeted hosts. This is governed by the ValidateKdcPacSignature key. Default behavior in the event of this key's absence depends on the Windows version installed. See the Microsoft [Understanding Microsoft Kerberos PAC Validation](https://learn.microsoft.com/en-gb/archive/blogs/openspecification/understanding-microsoft-kerberos-pac-validation) article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays PAC validation status - Table – Provides PAC validation details | +| Restrict Anonymous Access | This report summarizes RestrictAnonymous registry settings on targeted hosts. This key governs whether or not access over anonymous connections is enabled. See the Microsoft [Restrict Anonymous check](https://learn.microsoft.com/en-us/previous-versions/tn-archive/bb418944(v=technet.10)) article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays anonymous access by host - Table – Provides anonymous access details | diff --git a/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_securitysupportproviders.md b/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_securitysupportproviders.md new file mode 100644 index 0000000000..b2c41cfb20 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_securitysupportproviders.md @@ -0,0 +1,50 @@ +# SG_SecuritySupportProviders Job + +The SG_SecuritySupportProviders job identifies security support providers on all targeted hosts, +highlighting potentially malicious SSPs. + +## Queries for the SG_SecuritySupportProviders Job + +The SG_SecuritySupportProviders job uses the Registry Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the SG_SecuritySupportProviders Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/securitysupportprovidersqueries.webp) + +The queries for the SG_SecuritySupportProviders job are: + +- Security Support Providers LSA – Determines security support providers in the LSA Key +- Security Support Providers OSConfig – Determines security support providers in the OSConfig key + +## Analysis Tasks for the SG_SecuritySupportProviders Job + +Navigate to the **Windows** > **Authentication** > **SG_SecuritySupportProviders** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_SecuritySupportProviders Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/securitysupportprovidersanalysis.webp) + +The default analysis tasks are: + +- Track changes – Creates the SG_SecuritySupportProviders_ChangeTracking table accessible under the + job’s Results node +- List security support provider details – Creates the SG_SecuritySupportProviders_Details table + accessible under the job’s Results node +- Summarize security support provider details – Creates an interim processing table in the database + for use by downstream analysis and report generation + +The optional analysis tasks are: + +- Bring changes from last run to console – Creates the SG_SecuritySupportProviders_LastRun table + accessible under the job’s Results node +- Notify on changes – Creates the SG_SecuritySupportProviders_LastRun_NOTIFICATION table accessible + under the job’s Results node + +In addition to the tables created by the data collector, the SG_SecuritySupportProviders job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Security Support Providers | This report lists non-standard security support providers in the audited environment. | None | This report is comprised of two elements: - Pie Chart – Displays malicious security support providers by host - Table – Provides malicious security support providers details | diff --git a/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_wdigestsettings.md b/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_wdigestsettings.md new file mode 100644 index 0000000000..3aef2e2c71 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/authentication/sg_wdigestsettings.md @@ -0,0 +1,48 @@ +# SG_WDigestSettings Job + +The SG_WDigestSettings job lists WDigest settings on all targeted hosts. In particular, the +UseLogonCredentials key is examined. If this key is not set properly for a given host, cleartext +passwords will be stored in memory. See the +[Microsoft Security Advisory](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) +article for more information. + +## Queries for the SG_WDigestSettings Job + +The SG_WDigestSettings job uses the Registry and WMICollector Data Collectors for the following +queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the SG_WDigestSettings Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/wdigestsettingsqueries.webp) + +The queries for the SG_WDigestSettings job are: + +- Check WDigest registry keys – Checks WDigest registry keys +- Installed Hotfixes – Returns all hotfixes installed +- OS Versions – Returns OS versions + +## Analysis Tasks for the SG_WDigestSettings Job + +Navigate to the **Windows** > **Authentication** > **SG_WDigestSettings** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_WDigestSettings Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/wdigestsettingsanalysis.webp) + +The default analysis tasks are: + +- Track changes – Creates the SG_WDigestSettings_ChangeTracking table accessible under the job’s + Results node +- List WDigest setting details – Creates the SG_WDigestSettings_Details table accessible under the + job’s Results node +- Summarize WDigest Settings – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables created by the data collector, the SG_WDigestSettings job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------ | +| WDigest Settings | This report summarizes WDigest registry settings on targeted hosts. See the [Microsoft Security Advisory](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) article for additional details. | None | This report is comprised of two elements: - Pie Chart – Displays WDigest settings by host - Table – Provides WDigest setting details | diff --git a/docs/accessanalyzer/11.6/solutions/windows/openaccess/overview.md b/docs/accessanalyzer/11.6/solutions/windows/openaccess/overview.md new file mode 100644 index 0000000000..627dd52e7e --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/openaccess/overview.md @@ -0,0 +1,10 @@ +# Open Access Job Group + +The Open Access job group identifies instances of open access in the audited environment. + +![Open Access Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The job in the Open Access job group is: + +- [SG_OpenFolders Job](/docs/accessanalyzer/11.6/solutions/windows/openaccess/sg_openfolders.md) + – This job enumerates folders with open access across the audited environment diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/openaccess/recommended.md b/docs/accessanalyzer/11.6/solutions/windows/openaccess/recommended.md similarity index 100% rename from docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/openaccess/recommended.md rename to docs/accessanalyzer/11.6/solutions/windows/openaccess/recommended.md diff --git a/docs/accessanalyzer/11.6/solutions/windows/openaccess/sg_openfolders.md b/docs/accessanalyzer/11.6/solutions/windows/openaccess/sg_openfolders.md new file mode 100644 index 0000000000..4e1e8820a5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/openaccess/sg_openfolders.md @@ -0,0 +1,71 @@ +# SG_OpenFolders Job + +The SG_OpenFolders job enumerates folders with open access across the audited environment. + +## Queries for the SG_OpenFolders Job + +The SG_OpenFolders job uses the SystemInfo Data Collector for the following query: + +![Queries for the SG_OpenFolders Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/openfoldersquery.webp) + +The query for the SG_OpenFolders job is: + +- OpenAccess – Checks for folders with open access + + - (Optional) By default, the OpenAccess query used in this job has a search depth of 0 and will + return share-level information. If needed, the subfolder depth can be increased in the query + configuration. See the [Configure the OpenAccess Query](#configure-the-openaccess-query) topic + for additional information. + +### Configure the OpenAccess Query + +The OpenAccess query has been preconfigured to run with the default settings. However, the subfolder +depth can optionally be increased on the Options page in the System Info Data Collector Wizard. +Follow the steps to customize the query. See the +[SystemInfo Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/systeminfo/overview.md) +topic for additional information. + +**Step 1 –** Navigate to the **Jobs** > **Windows** > **Open Access** > **SG_OpenFolders** > +**Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The System Info Data Collector +Wizard opens. + +![System Info Data Collector Wizard Options page](/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/configuresubfolderdepth.webp) + +**Step 4 –** Navigate to the Options page and select the **Enumerate subfolders within shared +folder** checkbox and then the **Limit returned subfolders depth to** checkbox. + +**Step 5 –** Select the desired subfolders depth level using the arrows. Click **Next**. + +**Step 6 –** On the Summary page, click **Finish** to save the changes. + +The subfolders depth is now saved to the configured level. + +## Analysis Tasks for the SG_OpenFolders Job + +Navigate to the **Windows** > **OpenAccess** > **SG_OpenFolders** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_OpenFolders Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/openfoldersanalysis.webp) + +The default analysis tasks are: + +- Enumerates open folders across the audited environment – Creates an interim processing table in + the database for use by downstream analysis and report generation +- Enumerates hosts with open folders across the audited environment – Creates interim processing + tables in the database for use by downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the SG_OpenFolders job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | +| Open Access By Host | This report enumerates hosts with openly accessible folders. | None | This report is comprised of two elements: - Line Chart – Displays hosts with open folders - Table – Provides an open folder count by host | +| Open Folders | This report enumerates folders with open access across the audited environment. | None | This report is comprised of two elements: - Line Chart – Displays open folders over time - Table – Provides details on all open folders | diff --git a/docs/accessanalyzer/11.6/solutions/windows/overview.md b/docs/accessanalyzer/11.6/solutions/windows/overview.md new file mode 100644 index 0000000000..50fdc992ed --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/overview.md @@ -0,0 +1,64 @@ +# Windows Solution + +The Windows Solution is designed to provide both high-level and granular views into any sized +organization's infrastructure. Systems are a critical business asset. In order to optimally support +and benefit the business, these systems must be running optimally and be fully secured. The Windows +Solution allows organizations to quickly inventory, assess, and secure their Windows desktop and +server infrastructure from a central location. Key capabilities include privileged account +discovery, security configuration and vulnerability assessment, compliance reporting, and asset +inventory. + +Supported Platforms + +- Windows 7 and higher +- Windows Server 2016 and later + +Requirements, Permissions, and Ports + +See the +[Target Windows Server and Desktop Requirements, Permissions, and Ports](/docs/accessanalyzer/11.6/requirements/target/windows.md) +topic for additional information. + +Location + +The Windows Solution requires a special Enterprise Auditor license. It can be installed from the +Instant Job Wizard. See the +[Instant Job Wizard](/docs/accessanalyzer/11.6/admin/jobs/instantjobs/overview.md) +topic for additional information. Once it has been installed in the Jobs tree, navigate to the +solution: **Jobs** > **Windows**. + +![Windows Solution in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +Each job group works independently from the other job groups. All of the job groups have their own +collections that are used to analyze and report on data specific to the groups function. The +SG_SecurityAssessment job summarizes security related results from the Windows solution. + +## Job Groups + +The Windows Solution provides both high-level and granular views into any sized organization’s +infrastructure. + +![Windows Solution Overview page](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp) + +The jobs and job groups in the Windows Solution are: + +- [Applications Job Group](/docs/accessanalyzer/11.6/solutions/windows/applications/overview.md) + – The jobs in this group track various aspects of installed application management, highlighting + installed software and utilization, unauthorized programs, rogue systems, and more +- [Authentication Job Group](/docs/accessanalyzer/11.6/solutions/windows/authentication/overview.md) + – This group offers insight into authentication settings within audited systems to help identify + potential security vulnerabilities and reduce risk within the environment +- [Open Access Job Group](/docs/accessanalyzer/11.6/solutions/windows/openaccess/overview.md) + – This group highlights instances of open access across the audited environment +- [Privileged Accounts Job Group](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/overview.md) + – Vital to security is the ability to accurately assess who has administrative privileges to each + system and how. This group provides the collection and correlation capabilities needed to unravel + complex access assignments, including local administrator membership, users with remote logon + rights, and service accounts. +- [Security Utilities Job Group](/docs/accessanalyzer/11.6/solutions/windows/securityutilities/overview.md) + – This group provides a series of security element checks across the audited environment +- [SG_SecurityAssessment Job](/docs/accessanalyzer/11.6/solutions/windows/sg_securityassessment.md) + – This job performs checks against Windows security best practices in order to proactively + identify critical security configurations that leave the environment vulnerable to attack. The + result is a report which provides a listing of findings by severity and category with + corresponding details that can be used to prioritize and remediate security issues. diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/overview.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/overview.md new file mode 100644 index 0000000000..c78fb35029 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/overview.md @@ -0,0 +1,21 @@ +# Local Administrators Job Group + +![Local Administrators Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs in the Local Administrators group are: + +- [SG_LocalAdmins Job](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md) + – This job identifies the effective membership for all local administrator groups to gain an + understanding of what accounts within the environment are privileged and should be monitored + closely +- [SG_MicrosoftLAPS Job](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md) + – This job assesses the LAPS (Local Administrator Password Solution) local policies on all + targeted hosts. This offers insight into LAPS enablement and configuration across an environment. + LAPS allows for centralized local administrator password management within Active Directory. See + the Microsoft + [Local Administrator Password Solution](https://learn.microsoft.com/en-us/previous-versions/mt227395(v=msdn.10)) + article for additional information. +- [SG_Sessions Job](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md) + – This job lists sessions and logged on users from all targeted hosts. These active sessions and + logged on users may have their hashes stored in memory on the target machine, which could be + leveraged in a Pass the Hash attack. diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md new file mode 100644 index 0000000000..693f55ceef --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md @@ -0,0 +1,56 @@ +# SG_LocalAdmins Job + +The SG_LocalAdmins job identifies the effective membership for all local administrator groups. The +purpose of this job is to gain an understanding of what accounts within the environment are +privileged and should be monitored closely. + +## Queries for the SG_LocalAdmins Job + +The SG_LocalAdmins job uses the UsersGroups Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_LocalAdmins Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp) + +The query for the SG_LocalAdmins job is: + +- Direct Membership – Returns direct membership from targeted hosts + +## Analysis Tasks for the SG_LocalAdmins Job + +Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > +**SG_LocalAdmins** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_LocalAdmins Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp) + +The default analysis tasks are: + +- Expand Effective Membership – Creates the SA_SG_LocalAdmins_Details table accessible under the + job’s Results node +- Membership Summary – Creates the SA_SG_LocalAdmins_MembershipSummary table accessible under the + job’s Results node +- Privileged Accounts – Creates the SA_SG_LocalAdmins_PrivilegedAccounts table accessible under the + job’s Results node +- Track Changes – Creates the SA_SG_LocalAdmins_Changes table accessible under the job’s Results + node + +In addition to the tables created by the analysis tasks, the SG_LocalAdmins job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ---------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Local Administrators | This report identifies servers with the largest local administrator groups in the environment. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Chart – Displays largest local administrator groups - Table – Provides membership details - Table – Provides a local administrator groups summary | +| Membership Changes | This report identifies changes in effective membership between two scans of the environment. | None | This report is comprised of one element: - Table – Displays membership changes | +| Privileged Accounts | This report highlights user accounts with a large number of local administrator rights. | None | This report is comprised of two elements: - Stacked Chart – Displays top trustees by administrator rights - Table – Provides details on privileged accounts | + +## Least Privilege Model + +The SG_LocalAdmins job typically uses an account that is a member of the Local Administrators group +on the target host. However if a less-privileged option is required, you can instead use a regular +domain user that has been added to the **Network access: Restrict clients allowed to make remote +calls to SAM** Local Security Policy. + +![User added to the Local Securtiy Policy](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp) diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md new file mode 100644 index 0000000000..6be3ab0edb --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md @@ -0,0 +1,42 @@ +# SG_MicrosoftLAPS Job + +The SG_MicrosoftLAPS job assesses the Local Administrator Password Solution (LAPS) local policies on +all targeted hosts. This offers insight into LAPS enablement and configuration across an +environment. LAPS allows for centralized local administrator password management within Active +Directory. See the Microsoft +[Local Administrator Password Solution](https://learn.microsoft.com/en-us/previous-versions/mt227395(v=msdn.10)) +article for additional information. + +## Queries for the SG_MicrosoftLAPS Job + +The SG_MicrosoftLAPS job uses the Registry Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_MicrosoftLAPS Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp) + +The query for the SG_MicrosoftLAPS job is: + +- Registry Check – Checks for LAPS related registry keys + +## Analysis Tasks for the SG_MicrosoftLAPS Job + +Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > +**SG_MicrosoftLAPS** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SG_MicrosoftLAPS Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp) + +The default analysis task is: + +- List LAPS details – Creates the SG_MicrosoftLAPS_Details table accessible under the job’s Results + node + +In addition to the tables created by the analysis tasks, the SG_MicrosoftLAPS job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | +| Microsoft LAPS Overview | This report gives an overview of LAPS policies in the audited environment. LAPS allows for centralized local administrator password management within Active Directory. | None | This report is comprised of two elements: - Pie Chart – Displays LAPS status by host - Table – Provides LAPS policy details | diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md new file mode 100644 index 0000000000..572cb529dc --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md @@ -0,0 +1,44 @@ +# SG_Sessions Job + +The SG_Sessions job lists sessions and logged on users from all targeted hosts. These active +sessions and logged on users may have their hashes stored in memory on the target machine, which +could be leveraged in a Pass the Hash attack. + +## Queries for the SG_Sessions Job + +The SG_Sessions job uses the SystemInfo Data Collector for the following queries: + +**CAUTION:** The queries) are preconfigured for this job. Never modify the queries. + +![Queries for the SG_Sessions Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp) + +The queries for the SG_Sessions job are: + +- Logged on Users – Returns info for logged on users of local and remote machines +- Sessions – Returns info for local and remote sessions + +## Analysis Tasks for the SG_Sessions Job + +Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > **SG_Sessions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the SG_Sessions Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp) + +The default analysis tasks are: + +- Active Sessions – Lists all sessions and logged on users for local and remote machines. Creates + the SA_SG_Sessions_Details table accessible under the job’s Results node. +- Active Sessions Summary – Summarizes active sessions by host and user +- Logged on Users – Analyzes and retains logged on user data. Creates the SA_SG_Sessions_UserLogons + table accessible under the job’s Results node. +- Logged on Users Summary – Summarizes user logon activity by host and admins +- LoggonOnUsers and Sessions – Joins LoggedOnUsers and Sessions data. Creates the + SA_SG_Sessions_AdminSessions table accessible under the job’s Results node. +- Sessions Scope – Summarizes the scope of the SG_Sessions job + +In addition to the tables created by the analysis tasks, the SG_Sessions job produces the following +pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------- | --------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sessions | This report identifies domain administrators that may have credentials in memory on member servers. | CCPA, GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of four elements: - Table – Details the scope of the SG_Sessions job - Pie Chart – Displays LAPS status by host - Table – Provides LAPS policy details - Table – Provides details on all sessions | diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/overview.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/overview.md new file mode 100644 index 0000000000..c801d91884 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/overview.md @@ -0,0 +1,18 @@ +# Collection Job Group + +The Collection job group collects group policy settings, local users, and local group membership +information from Windows servers which will be further analyzed to provide insight into privileged +users within the environment. + +![Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp) + +The jobs in the Collection job group are: + +- [SG_GroupPolicy Job](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md) + – This job collects policy assignments from all targeted servers. In particular, **Allow log on + locally**, **Log on as a batch job**, **Allow log on through Remote Desktop Services**, and **Log + on as a service** are audited. +- [SG_LocalMembership Job](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md) + – This job collects local group membership details from all targeted servers +- [SG_LocalUsers Job](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md) + – This job collects local user accounts from all targeted servers diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md new file mode 100644 index 0000000000..b595ed5eb3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md @@ -0,0 +1,21 @@ +# SG_GroupPolicy Job + +The SG_GroupPolicy job collects policy assignments from all targeted servers. The following policy +assignments are audited: + +- Allow log on locally +- Log on as a batch job +- Allow log on through Remote Desktop Services +- Log on as a service + +## Queries for the SG_GroupPolicy Job + +The SG_GroupPolicy job uses the GroupPolicy Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_GroupPolicy Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/grouppolicyquery.webp) + +The query for the SG_GroupPolicy job is: + +- GroupPolicy – Collects group policy information diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md new file mode 100644 index 0000000000..b76199c820 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md @@ -0,0 +1,30 @@ +# SG_LocalMembership Job + +The SG_LocalMembership job collects local group membership from all targeted servers. + +## Queries for the SG_LocalMembership Job + +The SG_LocalMembership job uses the UsersGroups Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_LocalMembership Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp) + +The query for the SG_LocalMembership job is: + +- LocalMembers – Collects local membership information + +## Analysis Tasks for the SG_LocalMembership Job + +Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **Collection** > +**SG_LocalMembership** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SG_LocalMembership Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp) + +The default analysis task is: + +- Update LocalMembers – Creates an interim processing table in the database for use by downstream + analysis and report generation diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md new file mode 100644 index 0000000000..a23a3cb278 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md @@ -0,0 +1,30 @@ +# SG_LocalUsers Job + +The SG_LocalUsers job audits local user accounts from all targeted hosts. + +## Queries for the SG_LocalUsers Job + +The SG_LocalMembership job uses the UsersGroups Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_LocalUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp) + +The query for the SG_LocalUsers job is: + +- LocalUsers – Collects local user information + +## Analysis Tasks for the SG_LocalUsers Job + +Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **Collection** > +**SG_LocalUsers** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SG_LocalUsers Job](/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/localusersanalysis.webp) + +The default analysis tasks is: + +- Update LocalUsers – Creates an interim processing table in the database for use by downstream + analysis and report generation diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/overview.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/overview.md new file mode 100644 index 0000000000..793f424586 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/overview.md @@ -0,0 +1,18 @@ +# Logon Rights Job Group + +The Logon Rights job group collects local policy information and reports on privileged users. + +![Logon Rights Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs and job groups in the Logon Rights job group are: + +- [Collection Job Group](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/overview.md) + – The jobs within this group collect group policy settings, local users, and local group + membership from Windows servers which will be further analyzed to provide insight into privileged + users within the environment +- [SG_AccountPrivileges Job](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md) + – This job highlights account privileges across the audited environment, filtering out default + privileges present on Windows servers +- [SG_LocalPolicies Job](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md) + – This job identifies privileged accounts across the audited environments, based on the number of + local security policies assigned diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md new file mode 100644 index 0000000000..c95b668d1c --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md @@ -0,0 +1,41 @@ +# SG_AccountPrivileges Job + +The SG_AccountPrivileges job identifies accounts privileges on hosts in the targeted environment. + +Targeted Hosts + +All Windows Hosts + +## Queries for the SG_AccountPrivileges Job + +The SG_AccountPrivileges job uses the PowerShell Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_AccountPrivileges Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp) + +The query for the SG_AccountPrivileges job is: + +- Account Privilege Check – Determines account privileges on local hosts + +## Analysis Tasks for the SG_AccountPrivileges Job + +Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > +**SG_AccountPrivileges** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SG_AccountPrivileges Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp) + +The default analysis task is: + +- List all assigned privileges – Creates the SA_SG_AccountPrivileges_Details table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the SG_AccountPrivileges job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------- | +| Account Privilege Details | This report highlights account privileges on hosts in the targeted environment. Default privileges present on all Windows hosts have been filtered. | None | This report is comprised of one element: - Table – Provides account privilege details | diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md new file mode 100644 index 0000000000..75c9644f36 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md @@ -0,0 +1,35 @@ +# SG_LocalPolicies Job + +The SG_LocalPolicies job identifies privileged accounts with high levels of server access. + +## Analysis Tasks for the SG_LocalPolicies Job + +Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **SG_LocalPolicies** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_LocalPolicies Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp) + +The default analysis tasks are: + +- Local Policies Summary – Creates the SA_SG_LocalPolicies_Details table accessible under the job’s + Results node +- Policy User Rank – Creates the SA_SG_LocalPolicies_PolicyUserRank table accessible under the job’s + Results node. Also creates an interim processing table in the database for use by downstream + analysis and report generation. +- Trustee Rank – Creates the SA_SG_LocalPolicies_TrusteeRank table accessible under the job’s + Results node. Also creates an interim processing table in the database for use by downstream + analysis and report generation. +- Calculate local amount policy details – Creates an interim processing table in the database for + use by downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the SG_LocalPolicies job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Local Account Network Access | This report highlights whether or not the **Local accounts** and **Local account and member of Administrators group** principals can be used to access a given host across the network. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a local accounts access enterprise summary - Table – Provides local account network access details | +| Local Security Policies | This report identifies effective local security policy assignments. In particular, **Allow log on locally**, **Log on as a batch job**, **Allow log on through Remote Desktop Services**, and **Log on as a service** are considered. Special attention is paid to policies with a large number of trustee assignments. It displays Largest Policies by Number of Domain User Accounts in a graph format, and Trustee Details in a table format. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays largest policies by number of domain user accounts - Table – Provides details largest policies by number of domain user accounts - Table – Provides trustee details | +| Privileged Accounts | This report highlights user accounts with a large number of rights. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top trustees by logon rights - Table – Provides details on all trustees | diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/overview.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/overview.md new file mode 100644 index 0000000000..5b63093170 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/overview.md @@ -0,0 +1,21 @@ +# Privileged Accounts Job Group + +Vital to security is the ability to accurately assess who has administrative privileges to each +system and how. The Privileged Accounts job group provides the collection and correlation +capabilities needed to unravel complex access assignments, including local administrator membership, +users with remote logon rights, and service accounts. + +![Privileged Accounts Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The job groups in the Privileged Accounts job group are: + +- [Local Administrators Job Group](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/overview.md) + – This group identifies the effective membership for all local administrator groups along with + LAPS local policies configured on the target hosts to provide an understanding of what accounts + within the environment are privileged and how they are being secured +- [Logon Rights Job Group](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/overview.md) + – The jobs within this group collect local policy information to provide insight into privileged + users within the environment +- [Service Accounts > SG_ServiceAccounts Job](/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/sg_serviceaccounts.md) + – This job indicates which domain accounts are being used to run services on member servers, + highlighting password age and settings diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/recommended.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/recommended.md similarity index 100% rename from docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/privilegedaccounts/recommended.md rename to docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/recommended.md diff --git a/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/sg_serviceaccounts.md b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/sg_serviceaccounts.md new file mode 100644 index 0000000000..8294350d58 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/sg_serviceaccounts.md @@ -0,0 +1,48 @@ +# Service Accounts > SG_ServiceAccounts Job + +The SG_ServiceAccounts job determines which domain accounts are being used to run services on member +servers, identifying password age and settings. + +![Service Accounts > SG_ServiceAccounts Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp) + +The SG_ServiceAccounts job is located in the Service Account job group. + +## Queries for the SG_ServiceAccounts Job + +The SG_ServiceAccounts job uses the Services Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_ServiceAccounts Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/serviceaccountsquery.webp) + +The query for the SG_ServiceAccounts job is: + +- Service Accounts – Collects information on service accounts + +See the +[Services Data Collector](/docs/accessanalyzer/11.6/admin/datacollector/services.md) +topic for additional information. + +## Analysis Tasks for the SG_ServiceAccounts Job + +Navigate to the **Jobs** > **Windows** > **Privileged Accounts** > **Service Accounts** > +**SG_ServiceAccounts** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_ServiceAccounts Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/serviceaccountsanalysis.webp) + +The default analysis tasks are: + +- Domain Service Accounts – Creates the SA_SG_ServiceAccounts_Details table accessible under the + job’s Results node +- Domain Summary – Creates the SA_SG_ServiceAccounts_DomainSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the SG_ServiceAccounts job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | --------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Service Accounts | This report identifies domain accounts being used for services. | None | This report is comprised of three elements: - Bar Chart – Displays domains by service accounts found - Table – Provides domains by service accounts found - Table – Provides service details | diff --git a/docs/accessanalyzer/11.6/solutions/windows/recommended.md b/docs/accessanalyzer/11.6/solutions/windows/recommended.md new file mode 100644 index 0000000000..10d3b689b5 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/recommended.md @@ -0,0 +1,34 @@ +# Recommended Configurations for the Windows Solution + +Dependencies + +The .Active Directory Inventory job group needs to be executed prior to running the Windows +Solution. + +See individual sub-groups and jobs for the dependencies. + +Target Hosts + +See individual sub-groups and jobs for host list designations. + +Connection Profile + +The Connection Profile used for this job needs to have local administrator privileges. By default, +this job group's Connection Profile is set to **Use Default Profile (Inherit from the parent group, +if any, or the global Default setting)**. See the +[Connection](/docs/accessanalyzer/11.6/admin/settings/connection/overview.md) +topic for additional information. + +History Retention + +See individual sub-groups and jobs for history support. Use Default Settings unless instructed +otherwise. + +Additional Notes + +Some jobs in the Windows Job Group use custom SQL scripts to render views on collected data. SQL +views are used to populate report element tables and graphs. Changing or modifying the group, job, +or tables names will result in no data displayed within the reports. + +See the Recommended Configurations topic for each job group for additional information on frequency +and job group settings. diff --git a/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/overview.md b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/overview.md new file mode 100644 index 0000000000..41e5532907 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/overview.md @@ -0,0 +1,18 @@ +# OpenPortScan Job Group + +The OpenPortScan job group reveals all open ports along with the associated executable on the +targeted systems leveraging the jobs within this group. This is accomplished through remotely +executing a netstat command on the target hosts and collecting the results for reporting. + +![OpenPortScan Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp) + +_Remember,_ both jobs need to be assigned the same host list under the Host List Assignments node in +the OpenPortScan job group’s settings. + +The jobs in the OpenPortScan job group are: + +- [RemoteOpenPort Job](/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenport.md) + – This job remotely executes `netstat -a -b -n` command to gather information about the available + port on the targeted hosts +- [RetrieveNetstat Job](/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/retrievenetstat.md) + – This job reveals all open ports along with the associated executable on  targeted systems diff --git a/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenport.md b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenport.md new file mode 100644 index 0000000000..e2ba562372 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenport.md @@ -0,0 +1,31 @@ +# RemoteOpenPort Job + +The RemoteOpenPort job remotely executes a `netstat -a -b -n` command to gather information about +the available ports on the targeted hosts. + +## Queries for the RemoteOpenPort Job + +The RemoteOpenPort job uses the Script Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the RemoteOpenPort Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp) + +The query for the RemoteOpenPort job is: + +- Remote Execution of NETSTAT – Runs VBScript on a remote host to run NETSTAT and gather information + about the available ports on the targeted hosts + +## Analysis Tasks for the RemoteOpenPort Job + +Navigate to the **Windows** > **Security Utilities** > **OpenPortScan** > **RemoteOpenPort** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the RemoteOpenPort Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp) + +The default analysis task is: + +- 1. Impose 30 Second Wait Timer – Slows processing down to allow remote command to complete diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/retrievenetstat.md b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/retrievenetstat.md similarity index 79% rename from docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/retrievenetstat.md rename to docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/retrievenetstat.md index 1d7568940f..94626b4988 100644 --- a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/retrievenetstat.md +++ b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/retrievenetstat.md @@ -9,7 +9,7 @@ The RetrieveNetstat job is uses the TextSearch Data Collector for the following **CAUTION:** The query is preconfigured for this job. Never modify the query. -![Queries for the RetrieveNetstat Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp) +![Queries for the RetrieveNetstat Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp) The query for the RetrieveNetstat job is: @@ -24,12 +24,12 @@ Navigate to the **Windows** > **Security Utilities** > **OpenPortScan** > **Retr **CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is preconfigured for this job. -![Analysis Tasks for the RetrieveNetstat Job](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp) +![Analysis Tasks for the RetrieveNetstat Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp) The default analysis tasks are: -- 1. NETSTAT Result – Creates the SA_RetrieveNetstat_NETSTAT table accessible under the job’s - Results node +- 1. NETSTAT Result – Creates the SA_RetrieveNetstat_NETSTAT table accessible under the job’s + Results node In addition to the tables and views created by the analysis tasks, the EX_DeliveryTimes job produces the following pre-configured report. diff --git a/docs/accessanalyzer/11.6/solutions/windows/securityutilities/overview.md b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/overview.md new file mode 100644 index 0000000000..32770f3af3 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/overview.md @@ -0,0 +1,17 @@ +# Security Utilities Job Group + +The Security Utilities job group is designed to reveal all open ports along with the associated +executable on the targeted systems. The job remotely executes a netstat command on the target hosts +and collects the results for reporting. + +![Security Utilities Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp) + +The jobs and job groups in the Security Utilities job group are: + +- [OpenPortScan Job Group](/docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/overview.md) + – Reveals all open ports along with the associated executable on the targeted systems leveraging + the jobs within this group. This is accomplished through remotely executing a netstat command on + the target hosts and collecting the results for reporting. +- [SG_PowerShellCommands Job](/docs/accessanalyzer/11.6/solutions/windows/securityutilities/sg_powershellcommands.md) + – This job highlights instances where suspicious PowerShell commands have been found in a host’s + PowerShell log diff --git a/docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/recommended.md b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/recommended.md similarity index 100% rename from docs/accessanalyzer/11.6/accessanalyzer/solutions/windows/securityutilities/recommended.md rename to docs/accessanalyzer/11.6/solutions/windows/securityutilities/recommended.md diff --git a/docs/accessanalyzer/11.6/solutions/windows/securityutilities/sg_powershellcommands.md b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/sg_powershellcommands.md new file mode 100644 index 0000000000..e269a70d34 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/securityutilities/sg_powershellcommands.md @@ -0,0 +1,125 @@ +# SG_PowerShellCommands Job + +The SG_PowerShellCommands job lists suspicious PowerShell commands on all targeted hosts. The list +of commands considered can be customized by configuring the Check PowerShell Log query. + +## Queries for the SG_PowerShellCommands Job + +The SG_PowerShellCommands job uses the SmartLog Data Collector for the following queries: + +**CAUTION:** The Check PowerShell Operations log query is preconfigured for this job. Never modify +the query. + +![Queries for the SG_PowerShellCommands Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsqueries.webp) + +The queries for the SG_PowerShellCommands job are: + +- Check PowerShell log – Checks the PowerShell log + + - (Optional) This query can be configured. See the + [Configure the Check PowerShell log Query](#configure-the-check-powershell-log-query) topic + for additional information. + +- Check PowerShell Operations log – Checks the PowerShell Operational log + +### Configure the Check PowerShell log Query + +The Check PowerShell log query has been preconfigured to run with the default settings. However, the +new criteria can optionally be added on the Criteria page in the Smart Log Data Collector Wizard. + +**Step 1 –** Navigate to the **Jobs** > **Windows** > **Security Utilities** > +**SG_PowerShellCommands** > **Configure** node and select **Queries**. Select the **Check PowerShell +log** query. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Smart Log Data Collector +Wizard opens. + +**Step 4 –** If the **Criteria** tab is grayed out, click **Next** through the windows until the tab +is accessible. + +![Smart Log Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp) + +**Step 5 –** On the Criteria page, click the **press the button to add a new condition** box. + +**Step 6 –** Enter the desired conditions. + +**Step 7 –** Click **Next** to navigate to the Summary page and click **Finish**. + +The Check PowerShell log query has now been saved with the new conditions. + +## Analysis Tasks for the SG_PowerShellCommands Job + +View the analysis tasks by navigating to the **Windows** > **Security Utilities** > +**SG_PowerShellCommands** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_PowerShellCommands Job](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsanalysis.webp) + +The default analysis tasks are: + +- List PowerShell command details – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Summarize PowerShell commands – Creates the SA_PowerShellCommands_HostSummary table accessible + under the job’s Results node + +The optional analysis tasks is: + +- Notify on suspicious commands – Enable this analysis task and the select Analysis Configuration to + open the Notification Data Analysis Module Wizard to configure it to send notifications on + suspicious commands. See the + [Configure the Notify on Suspicious Commands Analysis Task](#configure-the-notify-on-suspicious-commands-analysis-task) + topic for additional information. + +In addition to the tables and views created by the analysis tasks, the EX_DeliveryTimes job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | ----------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Suspicious PowerShell Commands | This report highlights instances where suspicious PowerShell commands have been found in a host's PowerShell log. | None | This report is comprised of three elements: - Bar Chart – Displays suspicious commands by host - Table – Provides details on suspicious commands by host - Table – Provides command details | + +### Configure the Notify on Suspicious Commands Analysis Task + +Follow these steps to configure the notification analysis task. + +**Step 1 –** Navigate to the **Jobs** > **Windows** > **Security Utilities** > +**SG_PowerShellCommands** > **Configure** node and select **Analysis**. + +**Step 2 –** In the Analysis Selection view, select the **Notify on suspicious commands** analysis +task and click **Analysis Configuration**. The Notification Data Analysis Module opens. + +![Notification Data Analysis Module wizard SMTP properties page](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp) + +**Step 3 –** Use the **Next** button to navigate to the SMTP page. Do not make changes to the +preceding pages. + +![Recipients section](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp) + +**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully +qualified address) for those who are to receive this notification. Multiple addresses can be +provided. You can use the following options: + +- Add – Add an email address to the E-mail field +- Remove – Remove an email address from the Recipients list +- Combine multiple messages into single message – Sends one email for all objects in the record set + instead of one email per object to all recipients + +![Message section](/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp) + +**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any +parameters. Then, customize the email content in the textbox to provide an explanation of the +notification to the recipients. + +**Step 6 –** To save these configuration changes, use the **Next** to navigate to the Summary page. +Do not make changes to any other pages. Click **Finish**. The Notification Data Analysis Module +window closes. + +**Step 7 –** This notification analysis task is now configured to send emails. In the Analysis +Selection view, select this task so that notifications can be sent automatically during the +execution of the SG_PowerShellCommands job. + +The Notify on suspicious commands analysis task is now configured to send notifications. diff --git a/docs/accessanalyzer/11.6/solutions/windows/sg_securityassessment.md b/docs/accessanalyzer/11.6/solutions/windows/sg_securityassessment.md new file mode 100644 index 0000000000..2a3a088593 --- /dev/null +++ b/docs/accessanalyzer/11.6/solutions/windows/sg_securityassessment.md @@ -0,0 +1,75 @@ +# SG_SecurityAssessment Job + +The SG_SecurityAssessment job performs checks against Windows security best practices in order to +proactively identify critical security configurations that leave the environment vulnerable to +attack. The result is a report which provides a listing of findings by severity and category with +corresponding details that can be used to prioritize and remediate security issues. + +![SG_SecurityAssessment Job in the Jobs Tree](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/securityassessmentjobstree.webp) + +## Recommended Configurations for the SG_SecurityAssessment Job + +Dependencies + +One or more of the following jobs must be run to generate data for the report: + +- Authentication + + - **SG_LSASettings** + - **SG_SecuritySupportProviders** + - **SG_WDigestSettings** + +- Open Access > **SG_OpenFolders** +- Privileged Accounts + + - Local Administrators + + - **SG_LocalAdmins** + - **SG_MicrosoftLAPS** + + - Logon Rights + + - **SG_AccountPrivileges** + - **SG_LocalPolicies** + + - Service Accounts > **SG_ServiceAccounts** + +- Security Utilities > **SG_PowerShellCommands** + +Targeted Hosts + +None + +Schedule Frequency + +This job can be scheduled to run as desired. + +Workflow + +**Step 1 –** Run one or more of the jobs needed to generate data for this report. + +**Step 2 –** Schedule the SG_SecurityAssessment job to run as desired. + +**Step 3 –** Review the report generated by the job. + +## Analysis Tasks for the SG_SecurityAssessment Job + +Navigate to the **Windows** > **SG_SecurityAssessment** > **Configure** node and select **Analysis** +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SG_SecurityAssessment Job](/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/securityassessmentanalysis.webp) + +The default analysis task is: + +- Summarize Audit Findings – Creates the SG_SecurityAssessment_Results table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the SG_SecurityAssessment job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ------------------------------------------------------------------------------ | --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Systems Security Assessment | This report summarizes security related results from the Windows solution set. | GDPR, SOX, PCI, HIPAA | This report is comprised of four elements: - Pie Chart – Displays a findings by severity - Table – Provides scope of audit details - Table – Displays details on security assessment results - Table – Provides details on findings by category | diff --git a/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix.md b/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix.md new file mode 100644 index 0000000000..181e67ede3 --- /dev/null +++ b/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix.md @@ -0,0 +1,47 @@ +# Appendix for the StealthAUDIT MAPI CDO Installation Guide + +**CAUTION:** The Enterprise Auditor MAPI CDO must be installed first before installing the Microsoft +Exchange MAPI CDO. + +Before installing either binary, close the Enterprise Auditor application and ensure the following +requirements have been met: + +- Exchange System Manager for Exchange 2003 is not installed on the Enterprise Auditor Console + server. +- Microsoft Outlook is not installed on the Enterprise Auditor Console server. + +These programs will interfere with the Microsoft Exchange MAPI CDO installation and with MAPI +connections if they are installed on the Enterprise Auditor Console server. + +Follow these steps to install the Microsoft Exchange MAPI CDO. + +**Step 1 –** Download and run the ExchangeMapiCDO application from Microsoft. + +**NOTE:** The steps may be slightly different than the following. See Microsoft’s website for +additional detail. + +![appendix_for_the_stealthaudit](/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp) + +**Step 2 –** Choose the “Directory For Extracted Files” or accept the default location. Click OK. + +![appendix_for_the_stealthaudit_1](/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp) + +**Step 3 –** When the extraction is complete, click OK. + +![appendix_for_the_stealthaudit_2](/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp) + +**Step 4 –** Open the ExchangeMapiCdo folder and run the ExchangeMapiCdo application installer. + +| | | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ![appendix_for_the_stealthaudit_3](/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_3.webp) | ![appendix_for_the_stealthaudit_4](/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp) | + +**Step 5 –** On the Welcome page of the Installation Wizard, click Next. Accept the license +agreement and click Next. + +![appendix_for_the_stealthaudit_5](/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp) + +**Step 6 –** When the installation is complete, click Finish. + +Reopen the Enterprise Auditor application, and the Settings > Exchange node is enabled for +configuration. diff --git a/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md b/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md new file mode 100644 index 0000000000..53158e2927 --- /dev/null +++ b/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md @@ -0,0 +1,41 @@ +# StealthAUDIT MAPI CDO Installation + +Both the Enterprise Auditor MAPI CDO and the Microsoft® Exchange MAPI CDO must to be installed in +order to enable the Settings > Exchange node. + +![exchangenode](/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp) + +The Microsoft Exchange MAPI CDO is only required to run the MAPI-based data collectors. See the +[Exchange Solution](/docs/accessanalyzer/11.6/solutions/exchange/overview.md) +topic for additional information. + +The Enterprise Auditor MAPI CDO can be downloaded from the +[Product Downloads](https://www.stealthbits.com/product-downloads) page of the Netwrix website. The +Microsoft Exchange MAPI CDO can be downloaded directly from Microsoft. See the +[Appendix for the StealthAUDIT MAPI CDO Installation Guide](/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix.md) +for requirements and installation steps to install the Microsoft Exchange MAPI CDO. + +**CAUTION:** The Enterprise Auditor MAPI CDO must be installed first before installing the Microsoft +Exchange MAPI CDO. + +Before installing either binary, close the Enterprise Auditor application and ensure the following +requirements have been met: + +- Exchange System Manager for Exchange 2003 is not installed on the Enterprise Auditor Console + server. +- Microsoft Outlook is not installed on the Enterprise Auditor Console server. + +These programs interfere with MAPI connections if they are installed on the Enterprise Auditor +Console server. + +Follow the steps to install the Enterprise Auditor MAPI CDO. + +**Step 1 –** Run the StealthAuditMapiCDO executable. + +![stealthaudit_mapi_cdo_installation_1](/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp) + +**Step 2 –** Click OK to confirm the path. + +The application will install and the wizard will close automatically when it is finished. See the +[Appendix for the StealthAUDIT MAPI CDO Installation Guide](/docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix.md) +for information on installing the Microsoft Exchange MAPI CDO. diff --git a/docs/accessanalyzer/11.6/getting-started/whats-new.md b/docs/accessanalyzer/11.6/whatsnew.md similarity index 100% rename from docs/accessanalyzer/11.6/getting-started/whats-new.md rename to docs/accessanalyzer/11.6/whatsnew.md diff --git a/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md b/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md deleted file mode 100644 index 34fc61cff4..0000000000 --- a/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md +++ /dev/null @@ -1,354 +0,0 @@ -# Active Directory Action Operations - -Use Operations page to select one or more operations for the action to perform on the targeted -Active Directory objects. Some operations have wizard pages to specify the configuration settings. - -![Active Directory Action Module Wizard Operations page](/img/product_docs/activitymonitor/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) - -The Operations drop-down menu contains the following operations: - -- [Clear/Set SID History ](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Computer Details](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Disable/Enable Computers](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Create Groups](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Create Users](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Delete Objects](#delete-objects) -- [Disable/Enable Users](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Group Details](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Group Membership](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Groups Remove All Members ](#groups-remove-all-members) -- [Move Objects](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Set/Reset Users Password ](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Unlock Users ](#unlock-users) -- [Users Details ](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) - -Select an operation from the drop-down list and then click **Add**. The selection appears in the -Selections pane as well as the navigation pane if there is an associated configuration page. If -performing multiple operations, the action executes the operations in the order in which they appear -here. To change the order, select an operation and use the **Down** and **Up** buttons. - -## Delete Objects - -**CAUTION:** Once deleted, objects from Active Directory cannot be restored. - -Select this operation to delete objects from Active Directory, such as users, groups, or computers. -The source table determines which objects are deleted from the Active Directory. Therefore, this -operation does not possess its own wizard window. - -## Groups Remove All Members - -Select this operation to remove all members from groups located in the source table. There is not a -wizard window associated with this operation. No configuration is required. - -## Unlock Users - -Select this operation to unlock the account of the specified users in the source table. There is not -a wizard window associated with this operation. No configuration is required. - -# Computer Details - -Use the Computers Details page to select computer attributes to change. - -![Active Directory Action Module Wizard Computer Details page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/computerdetails.webp) - -Highlight the attribute to edit: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then click - the blue arrow to insert the item into the Value box. The executed action replaces the AD Object - property with the specified value from the source table. -- Add Attribute – Adds a custom attribute to the Computer Details attribute list -- Remove Attribute – Removes a selected attribute Computer Details attribute list -- Edit Attribute – Click this icon to change the name of the selected custom attribute -- Import Attribute – Opens the Import Custom Attributes Import Wizard where one or more custom - attributes can be imported. See the - [Custom Attribute Import Wizard](#custom-attribute-import-wizard) topic for additional - information. -- Value – This field contains selections from the Insert field. If the Manager attribute is - selected, click the ellipsis (…) to access the Select User, Contact, or Group window to populate - this field. -- Select the checkboxes next to the computer attributes to enable them for editing when running the - action. - -## Custom Attribute Import Wizard - -The Custom Attributes Import Wizard is used to import a list of custom attributes. Follow the steps -to use the Custom Attributes Import Wizard. - -**Step 1 –** On the Computer Details page of the Active Directory Action Module Wizard, click -**Import**. The Custom Attribute Import Wizard opens. - -![Custom Attributes Import Wizard Credentials page](/img/product_docs/activitymonitor/activitymonitor/install/agent/credentials.webp) - -**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting -one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in -which the Access Analyzer Console server resides. Then set the credentials for reading the -attributes list from the domain: - -- Authenticate as the logged in user – Applies the user account running Access Analyzer -- Use the following credentials to authenticate – Applies the account supplied in the **User Name** - and **Password** fields. - -**Step 3 –** Click **Next**. - -![Custom Attributes Import Wizard Attributes page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/attributescomputer.webp) - -**Step 4 –** The wizard populates available attributes from the domain specified on the Attributes -page. Expand the desired object class and select the checkboxes for the custom attributes to be -imported. Then click **Next**. - -![Custom Attributes Import Wizard Completion page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/completionpage.webp) - -**Step 5 –** On the Completion page, click **Finish**. - -The selected attributes have been added to the attribute list on the Computer Details page. - -# Create Groups - -Use the Create Groups page to configure the action to create groups on the selected target. - -![Active Directory Action Module Wizard Create Groups page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/creategroups.webp) - -Use the following options to configure the action: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the OU, Group name, or Group name (pre Windows 2000) - boxes. -- OU – The organizational unit that contains the group - - - Create target OU location if it does not already exist – Select this checkbox to create the - target OU - -- Group Name – The name of the group that being created. This field is required. -- Group name (pre Windows 2000) – The name of the group being created -- Group scope – The scope of the group being created. Select from the following: - - - Universal - - Global - - DomainLocal - - SqlField – Enter a value from the drop-down list - -- Group type – The type of group being created. Select from the following: - - - Security - - Distribution - - SqlField – Enter a value from the drop-down list - -# Create Users - -Use the Create Users page to create users on the selected target. - -![Active Directory Action Module Wizard Create Users page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/createusers.webp) - -Use the following options to configure the action: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the selected box. -- OU – The organizational unit in which to create the user - - - Create target OU location if it does not already exist - Select this checkbox to create the - target OU. - -- First Name – The first name of the user being created -- Initials – The initials of the user being created -- Last Name – The last name of the user being created -- Full Name – The full name of the user being created. This field is required. -- User logon name – The user logon name and domain for the user being created -- User logon name (pre Windows 2000) – The domain and user logon name for the user being created -- Password – The password for the user being created. This field is required. - -Optionally, select from the following checkboxes: - -- User must change password at next logon – Require the user to change the password at the next - logon -- User cannot change password -- Password never expires -- Account is disabled - -# Disable/Enable Computers - -Use the (Disable/Enable Computers page to configure the action to enable or disable users' operation -options on target computers. - -![Active Directory Action Module Wizard Disable/Enable Computers page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/disableenablecomputers.webp) - -Select the radio button for the desired option: - -- Enable – Enables users' operation options -- Disable – Disables users' operation options - -# Disable/Enable Users - -Use the Disable/Enable Users page to enable or disable target users. - -![Active Directory Action Module Wizard Disable/Enable Users page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/disableenableusers.webp) - -Select the radio button for the desired option: - -- Disable – Select this radio button to disable users' operation options -- Enable – Select this radio button to enable users' operation options - -# Group Details - -Use Groups Details page to edit selected group attributes. - -![Active Directory Action Module Wizard Group Details page](/img/product_docs/threatprevention/threatprevention/reportingmodule/investigations/groupdetails.webp) - -Highlight the attribute to edit. Add or delete attributes using the buttons to the right of Insert -field. - -**NOTE:** The options at the bottom of the page vary based on the highlighted attribute. - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the Value box. -- Add Attribute – Adds a custom attribute to the Computer Details attribute list -- Remove Attribute – Removes a selected attribute from the action -- Edit Attribute – Click this icon to change the name of the selected custom attribute -- Import Attribute – Opens the Import Custom Attributes Import Wizard where current attributes for - an object is viewed and can be imported for editing. See the - [Custom Attribute Import Wizard](#custom-attribute-import-wizard) topic for additional - information. -- Value/Name – This field derives its name from selections made on the page. It can contain - selections from the Insert field or you can click the ellipsis (…) to access the Select User, - Contact, or Group window, via which you can populate this field. - -Select the checkboxes next to the group details attributes to enable them for editing when running -the action. - -## Custom Attribute Import Wizard - -The Custom Attributes Import Wizard is used to import a list of custom attributes. Follow the steps -to use the Custom Attributes Import Wizard. - -**Step 1 –** On the Group Details page of the Active Directory Action Module Wizard, click -**Import**. The Custom Attribute Import Wizard opens. - -![Custom Attributes Import Wizard Credentials page](/img/product_docs/activitymonitor/activitymonitor/install/agent/credentials.webp) - -**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting -one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in -which the Access Analyzer Console server resides. Then set the credentials for reading the -attributes list from the domain: - -- Authenticate as the logged in user – Applies the user account running Access Analyzer -- Use the following credentials to authenticate – Applies the account supplied in the **User Name** - and **Password** fields. - -**Step 3 –** Click **Next**. - -![Custom Attributes Import Wizard Attributes page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/attributesgroup.webp) - -**Step 4 –** The wizard populates available attributes from the domain specified on the Attributes -page. Expand the desired object class and select the checkboxes for the custom attributes to be -imported. Then click **Next**. - -![Custom Attributes Import Wizard Completion page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/completionpage.webp) - -**Step 5 –** On the Completion page, click **Finish**. On the Completion page, click **Finish**. - -The selected attributes have been added to the attribute list on the Group Details page. - -# Group Membership - -Use the Groups Membership page to add or remove group members. Values from the source table can also -be used to specify if the object will be added or removed. - -![Active Directory Action Module Wizard Group Membership page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp) - -Use the following options to configure the action: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the selected box. -- Select one of the following: - - - Target Group by OU - - Target Group by NT Style Name - -- OU – The organizational unit that contains the group. This field is required. - - - Create target OU location if it does not already exist – Select this checkbox to create the - target OU. - -- Group (CN, not a pre-Windows 2000 name) – The group to create. This field is required. - - - Create target Group if it does not already exist - -- Select one of the following: - - - Add members - - Remove members - - Add/Remove members – Enables the ChangeType Column drop down list - -- ChangeType Column – The value to use from the source table to specify if the object is added or - removed. The contents of the ChangeType column should be a 0 for Add or a 1 for Remove. - -# Move Objects - -Use the Move Objects page to specify the OU in which to move objects. - -![Active Directory Action Module Wizard Move Objects page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/moveobject.webp) - -Use the following options to configure the action: - -- Insert Field – Contains available values from populated from the source table -- OU – Use the drop-down list to select a field (column) from the source table. Then, click the blue - arrow to insert the item into the OU box. - - - Create target OU location if it does not already exist – Select this checkbox to create the - target OU - -# Set/Reset Users Password - -Use the Set/Reset Users Password page to set or reset user passwords with the specified value. - -![Active Directory Action Module Wizard Set/Reset Users Password page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/setresetpassword.webp) - -Use the following options to configure the action: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the Password box. -- Password – The field with the passwords to set or reset. This field is required. - - - User must change password at next logon – Select this checkbox to require the user to change - the password at the next logon - -# Clear/Set SID History - -Use the Clear/Set SID History page to overwrite or append to the SID history for targeted objects. -Please review the restrictions for this operation in the Notes box. - -The source table used for this operation must contain a column with the following information: - -- SID History data - -![Active Directory Action Module Wizard Clear/Set SID History page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/sidhistory.webp) - -Configure the action with the following options: - -- Overwrite – Overwrites the SID History -- Append – Adds to the SID History -- Clear – Clears the SID History -- Insert Field – This drop-down list is enabled when the Overwrite or Append radio buttons are - selected. Use the drop-down list to select a field (column) from the source table. Then, click the - blue arrow to insert the item into the SID History box. The SID history is overwritten with the - selected fields or appended to with the selected fields depending on the selected radio button. -- SID History – This box is enabled by selecting the Overwrite or Append radio buttons. The SID - history is overwritten or appended to with the inserted fields, depending on the selected radio - button. Populate the SID History box using either of the following methods: - - - Select one or more fields at the Insert Field drop-down menu - - Click the **ellipsis (…)** to access the Select Users or Groups window to populate this field - -- Reference link – Accesses a Microsoft web page called Using DsAddSidHistory containing important - information on SID history - -# Users Details - -Use the Users Details page to edit user attributes. - -![Active Directory Action Module Wizard Users Details page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/usersdetails.webp) - -Highlight the attribute to edit. The highlighted user attribute in the Selections pane determines -the configuration options available at the bottom of the page. - -Select the checkboxes next to the user details attributes to enable them for editing when running -the action. diff --git a/docs/accessanalyzer/12.0/actions/active-directory-actions/options.md b/docs/accessanalyzer/12.0/actions/active-directory-actions/options.md deleted file mode 100644 index 1b2114864f..0000000000 --- a/docs/accessanalyzer/12.0/actions/active-directory-actions/options.md +++ /dev/null @@ -1,14 +0,0 @@ -# Active Directory Action Options - -The Options page provides the option to select to use the default domain or specific a domain to -use. - -![Active Directory Action Module Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -Use the following options to configure the action: - -- Insert field – Use the drop-down list to select a field (column) from the source table. Then, - click the blue arrow to insert the item into the **Specify domain (controller) to use** box. -- Use default domain (controller) – Use the default domain controller for the action -- Specify domain (controller) to use – Click the ellipsis to open the Browse for Domain window and - select a domain for the action diff --git a/docs/accessanalyzer/12.0/actions/active-directory-actions/overview.md b/docs/accessanalyzer/12.0/actions/active-directory-actions/overview.md deleted file mode 100644 index cb2ff5b5a7..0000000000 --- a/docs/accessanalyzer/12.0/actions/active-directory-actions/overview.md +++ /dev/null @@ -1,62 +0,0 @@ -# Active Directory Action Module - -Use the Active Directory Action Module to make bulk changes to objects in Microsoft Active Directory -(AD) such as deleting users or changing group memberships. It is available with a special Access -Analyzer license. - -**CAUTION:** Be careful when using this action module. Make sure that only the changes required are -applied and only to those target systems desired. Actions perform their functions on all rows in a -table. - -Access Analyzer action modules contain one or more selectable operations. Each operation performs -its function on a single object per row from the source table defined in the action. - -## Source Table Configuration - -Individual action modules, including the Active Directory Action Module, may have their own -requirements for the type of data contained in the columns in the source table. To take action on an -Active Directory object, group, user, or computer, the source table columns must contain values that -uniquely identify each Active Directory object referenced. Active Directory objects correspond to -rows in a Access Analyzer source table. Active Directory object attributes correspond to columns. -Once the source table has been scoped, use the Target page to specify the field that identifies the -target objects along with the field type to indicate the type of data contained in the field. - -The Operations page lists the operations that may be performed by the Active Directory Action -Module. Each operation may have its own source table column requirements as follows: - -| Operation | Requirements | -| ----------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Clear/Set SID History | Column containing SID History information | -| Computer Details | No specific columns required | -| Disable/Enable Computers | No specific columns required | -| Create Groups | No specific columns required | -| Create Users | Column containing the user logon name **_RECOMMENDED:_** It is recommended that the source table has columns containing the following information: - First Name - Last name - Initials - Full name - Password - OU in which to create the user (This can also be created on the Create Users page) | -| Delete Objects (Users, Groups, Computers, etc.) | No specific columns required | -| Disable/Enable Users | No specific columns required | -| Group Details | No specific columns required | -| Group Membership | Column containing the target group OU or the target group NT style name | -| Groups Remove All Members | No specific columns required | -| Move Objects | Column containing an OU (Alternatively, type in the OU or click the ellipsis (…) to select an OU) | -| Set/Reset Users Password | No specific columns required | -| Unlock Users | No specific columns required | -| User Details | No specific columns required | - -## Configuration - -The Active Directory Action module is configured through the Active Directory Action Module Wizard, -which contains the following wizard pages: - -- Welcome -- [Active Directory Action Target](/docs/accessanalyzer/12.0/actions/active-directory-actions/target.md) -- [Active Directory Action Operations](/docs/accessanalyzer/12.0/actions/active-directory-actions/operations.md) -- [Active Directory Action Options](/docs/accessanalyzer/12.0/actions/active-directory-actions/options.md) -- [Active Directory Action Summary](/docs/accessanalyzer/12.0/actions/active-directory-actions/summary.md) - -The Welcome page displays first in the Active Directory Action Module Wizard. Review the -introductory and caution information about the Active Directory Action Module. - -![Active Directory Action Module Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The navigation pane contains links to the pages in the wizard. Note that the operations added on the -Operations page will affect the list of pages in the navigation pane. Several operations have -associated configuration pages. diff --git a/docs/accessanalyzer/12.0/actions/active-directory-actions/summary.md b/docs/accessanalyzer/12.0/actions/active-directory-actions/summary.md deleted file mode 100644 index ebd310a133..0000000000 --- a/docs/accessanalyzer/12.0/actions/active-directory-actions/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# Active Directory Action Summary - -The Summary page displays a summary of the configured settings for the action. - -![Active Directory Action Module Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Action Module Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/actions/active-directory-actions/target.md b/docs/accessanalyzer/12.0/actions/active-directory-actions/target.md deleted file mode 100644 index a572c360d9..0000000000 --- a/docs/accessanalyzer/12.0/actions/active-directory-actions/target.md +++ /dev/null @@ -1,30 +0,0 @@ -# Active Directory Action Target - -Use the Target (Identification Criteria) page to select one or more fields (columns) in the Access -Analyzer source table that uniquely identifies the target Active Directory objects upon which to -perform the action. This process enables Access Analyzer to locate those objects within Active -Directory. Added fields are displayed in the textbox. - -![Active Directory Action Module Wizard Target page](/img/product_docs/activitymonitor/activitymonitor/admin/search/query/target.webp) - -Use the following options to configure the action: - -- Add – Adds the selected field and field type to the Selections pane -- Delete – Removes the highlighted operation from the Selection pane -- Field – The name of the column in the Access Analyzer source table. Select the field that uniquely - identifies the target AD objects (represented by rows in the Access Analyzer table). The drop-down - list displays the fields from the source data table specified on the Action Properties page. The - list excludes any default fields such as HOSTSTATUS, on which actions cannot be performed. -- Field Type – The type of data contained in the specified field. Access Analyzer must know the data - type of the field selected above. Otherwise, errors may appear upon execution of the action and - report results may be incomplete. The drop-down list contains the following field types: - - - Distinguished Name or DN - - GUID - - SID - - WindowsID - - E-Mail - - Employee (employeeID) - -**NOTE:** While one field is usually sufficient to identify AD objects, if specifying multiple -fields, each field type can only be used once. diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/action.md b/docs/accessanalyzer/12.0/actions/file-system-actions/action.md deleted file mode 100644 index 841a9440f5..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/action.md +++ /dev/null @@ -1,18 +0,0 @@ -# File System Action: Action - -On the Action page, select the type of action to be configured, define a new action, and additional -capabilities. - -![File System Action Module Wizard Action page](/img/product_docs/accessanalyzer/admin/action/filesystem/action.webp) - -The following options are available: - -- Define a new action – Enables the Operation page where operations are selected on which the action - is based -- Rollback a previously executed action – Enables the Prior Actions page where lists of previously - executed actions and rollback actions can be selected. Not all operations support rollback. Enable - the Support Rollback option prior to execution for the action in order to perform a rollback. -- Remove the applet service from a host – If an executed action installs an applet service on a host - from a Access Analyzer Console, it remains installed after the action is completed for other - Access Analyzer consoles to perform actions using the same applet service. This setting removes - the action’s applet service from that host. diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/applet-settings.md b/docs/accessanalyzer/12.0/actions/file-system-actions/applet-settings.md deleted file mode 100644 index 658cb06240..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/applet-settings.md +++ /dev/null @@ -1,30 +0,0 @@ -# File System Action: Applet Settings - -Use the Applet Settings page to specify the machines on which to execute the selected operation. - -![File System Action Module Wizard Applet Settings page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettings.webp) - -Specify how the operations will be executed: - -- Automatic – Get host data from the Host Management -- Local Access Analyzer server -- Specific remote server: - - - Fields – Use the drop-down list to select a field (column) from the source table, then click - the blue arrow to insert the item into the **Remote server** field - - Environment Variables – Select an item from the drop-down list, then click the blue arrow to - insert the item into the **Remote Server** field - - Remote Server – Enter the path to the server - - Click the **ellipsis (…)** to browse for server - - Click the **tick** icon to show a preview of the path - - Click the **Help** icon for additional information - -- Preview – Shows what the compound path specified will be resolved in to. The text here is used to - initialize the path specification selection dialog. -- Specific remote servers – Click the **ellipsis (…)** to browse for servers - - - Click **Add** to add the server - - Click **Remove** to remove the server - -- Fall back to the local Access Analyzer server if an applet cannot start – Check to enable this - option diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/destination.md b/docs/accessanalyzer/12.0/actions/file-system-actions/destination.md deleted file mode 100644 index 25316845d0..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/destination.md +++ /dev/null @@ -1,35 +0,0 @@ -# File System Action: Destination - -The Destination page is available only if the following operations are selected: - -- Copy -- Move -- Rename - -Define the destination location of the files that will be copied, moved, or renamed by building the -destination path using the Fields and Environment Variables options as needed. - -![File System Action Module Wizard Destination page](/img/product_docs/accessanalyzer/install/filesystemproxy/destination.webp) - -Use the fields provided to select destination items and hosts from the drop-down lists and populate -the Destination field, or edit the field manually. The Preview field updates based on the contents -of the Destination field. - -- Fields – Use the drop-down list to select a field (column) from the source table, then click the - blue arrow to insert the item into the **Destination** field -- Environment Variables – Select an item from the drop-down list, then click the blue arrow to - insert the item into the **Destination** field -- Target Items – Enter the path to the target file or folder - - - Click the **ellipsis (…)** to browse for pattern path specification - - Click the **tick** icon to show a preview of the specified path - - Click the **Help** icon for additional information - -- Host – Select the field that identifies the systems or manually type the host destination -- Use path type – Choose from the following options: - - - Local – Uses the local path - - UNC – Uses the UNC path - -- Preview – Shows what the compound path specified will be resolved in to. The text here is used to - initialize the file specification selection dialog. diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/environment.md b/docs/accessanalyzer/12.0/actions/file-system-actions/environment.md deleted file mode 100644 index b88dc1b7a8..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/environment.md +++ /dev/null @@ -1,16 +0,0 @@ -# File System Action: Environment - -The Environment (Environment Variables) page is available only if the selected operation requires -the selection of a sample host. - -Use this page to select and connect to a sample host, via which a set of remote environment -variables for use in scoping the action are loaded. Then, on the Target page, use the environment -variables to build dynamic file path locations for the selected operation. - -**NOTE:** The environment variables from the local system load by default. - -![File System Action Module Wizard Environment page](/img/product_docs/accessanalyzer/admin/action/filesystem/environment.webp) - -The connection status displays next to the Host field. To browse for another host, click the -ellipsis (**…**) to open the Browse for Computer window. Once a host name appears in the field, -click the check mark button to attempt to connect to the selected host. diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/operation.md b/docs/accessanalyzer/12.0/actions/file-system-actions/operation.md deleted file mode 100644 index f0921e310d..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/operation.md +++ /dev/null @@ -1,25 +0,0 @@ -# File System Action: Operation - -The Operation page is available when **Define a new action** is selected on the Action page. On the -Operation page, define the action by selecting an operation from the drop-down list. - -![File System Action Module Wizard Operation page](/img/product_docs/accessanalyzer/admin/action/filesystem/operation.webp) - -At the Available Operations drop-down selection list, choose the operation for the action to -perform. The selection determines which pages are available in the wizard. The following operations -are available: - -- Change attributes -- Change permissions and Auditing -- Change permission inheritance -- Change Share permissions -- Copy -- Delete -- Launch Remote Process -- Move -- Remove permissions -- Remove Share permissions -- Rename -- Add tags -- Remove tags -- Change Owner diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md b/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md deleted file mode 100644 index 8cecdd0fec..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md +++ /dev/null @@ -1,200 +0,0 @@ -# Add Tags - -Use the Parameters page to specify the file tags the action adds. - -![File System Action Module Wizard Add Tags Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/addtags.webp) - -Use the fields provided to select tags from the drop-down lists and populate the Tag field, or edit -the field manually. The Preview field updates based on the contents of the Tag field. - -- Add Mode: - - - Append to existing tags - Adds new tags to the existing list of tags - - Overwrite existing tags - Removes all existing tags before adding newly configured tags - -**NOTE:** If choosing the option to overwrite tags, the action module will clear out both normal -tags and Boldon James tags and then proceed to apply the tags configured for overwrite. If choosing -the option to remove all tags, the action module will clear out both normal tags and Boldon James -tags. - -- Fields – Use the drop-down list to select a field (column) from the source table, then click the - blue arrow to insert the item into the **Tag** field -- Environment Variables – Select an item from the drop-down list, then click the blue arrow to - insert the item into the **Tag** field -- Preview – Shows what the compound path specified will be resolved in to -- Click **Add** to add the tag field to the list -- Click **Remove** to remove the tag field from the list - -![Boldon James Column on Add Tags Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/addremovetagsboldonjames.webp) - -- Type - Select which type of tag to add. The two types of tags that can be added are: - - - Regular - Configure new tag as a regular tag - - Boldon James - Configure new tag as a Boldon James tag - - **NOTE:** The Boldon James column indicates whether a file tag is a regular tag or a Boldon - James tag. Regular tags will be identified with **0**. Boldon James tags will be identified - with **1**. - -A list of supported file types appears at the bottom of the page. - -# Change Attributes - -Use the Change File Attributes Parameters page to change the attribute for one or more of the target -systems or data. - -![File System Action Module Wizard Change File Attributes Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/changeattributes.webp) - -Select from the following options: - -- Read-only – Set the file / folder to read only -- Archive – Archive the file / folder -- System – Stop / start a system process -- Hidden – Set the file / folder to hidden -- Compress – Compress the file / folder -- Encrypt – Encrypt the file / folder - -Attribute change options are: - -- Set – Applies the attribute -- Clear – Removes the attribute -- Leave intact – Leaves the attribute unchanged - -# Change Owner - -Use the Change Owner Parameters page to select a trustee to be the new owner. - -![File System Action Module Wizard Change Owner Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changeowner.webp) - -Use the options to enter the trustees: - -- Insert field – Use the drop-down list to select a field (column) from the source table, then click - the blue arrow -- Alternatively click **Select** to select a user or group object -- Replace owner on all child objects – Check to enable - -# Change Permission Inheritance - -Use the Change Permission Inheritance Parameters page to specify how to change inherited -permissions. - -![File System Action Module Wizard Change Permissions Inheritance Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changepermissionsinheritance.webp) - -Select the desired options for adding or removing inheritance. - -# Change Permissions and Auditing - -Use the Change Permissions and Auditing Parameters page to specify the permissions and auditing -settings the action changes. - -![File System Action Module Wizard Change Permissions and Auditing Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changepermissionsauditing.webp) - -Use the following options to enter the Permissions: - -- Insert field – Use the drop-down list to select a field (column) from the source table, then click - the blue arrow -- Group or user names: - - - Click **Add** to select a user or group object - - Click **Remove** to remove a user or group object - - Dynamic – Uses the host id to retrieve the applicable permissions - -In the table, select from the following options: - -- Permission – Permissions for the selected user or group object -- Action – Modify the attribute for the selected permission -- Action Apply To – Select the files or folders to apply the action to. -- Audit – Report the status of the change to the attribute -- Audit Apply To - Select the files or folders to report the status on - -Select from the following options (Multiple options can be selected): - -- Overwrite existing file explicit permissions (target object only) -- Replace permission entries on all child objects -- Apply these permissions to objects within the target container only - -# Change Share Permissions - -Use the Change Share Permissions Parameters page to specify the permission status for what group or -users are to be changed. - -![File System Action Module Wizard Change Share Permissions Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changesharepermissions.webp) - -Select the desired options for changing the permissions control of the selected group or users. - -# Remove File Permissions - -Use the Remove File Permissions Parameters page to specify whose file permissions the action -removes. - -![File System Action Module Wizard Remove File Permissions Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/removefilepermissions.webp) - -Use the options to enter the Permissions: - -- Insert field – Use the drop-down list to select a field (column) from the source table, then click - the blue arrow -- Group or user names: -- Click **Add** to select a user or group object -- Click **Remove** to remove a user or group object - -Specify how to change inherited permissions Select from the following options: - -- Copy others – Make them explicit -- Remove others – Remove all -- Leave all intact – Delete explicit permissions only - -# Remove Share Permissions - -Use the Remove Share Permissions Parameters page to specify whose share permissions the action -removes. - -![File System Action Module Wizard Remove Share Permissions Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/removesharepermissions.webp) - -Use the options to enter the Permissions: - -- Insert field – Use the drop-down list to select a field (column) from the source table, then click - the blue arrow -- Group or user names: - - - Click **Add** to select a user or group object - - Click **Remove** to remove a user or group object - -# Remove Tags - -Use the Parameter page to specify the file tags the action removes. - -![File System Action Module Wizard Remove Tags Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/removetags.webp) - -Use the fields provided to select tags from the drop-down lists and populate the Tag field, or edit -the field manually. The Preview field updates based on the contents of the Tag field. - -- Remove Mode: - - - Remove specified tags - Remove specified tags from the existing list of tags - - Remove all tags - Remove all existing tags - -**NOTE:** If choosing the option to overwrite tags, the action module will clear out both normal -tags and Boldon James tags and then proceed to apply the tags configured for overwrite. If choosing -the option to remove all tags, the action module will clear out both normal tags and Boldon James -tags. - -- Fields – Use the drop-down list to select a field (column) from the source table, then click the - blue arrow to insert the item into the **Tag** field -- Environment Variables – Select an item from the drop-down list, then click the blue arrow to - insert the item into the **Tag** field -- Preview – Shows what the compound path specified will be resolved in to -- Click **Add** to add the tag field to the list for removal -- Click **Remove** to remove the tag field from the list for removal - -![Boldon James Column on Remove Tags Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/addremovetagsboldonjames.webp) - -- Type - Select which type of tag to remove. The two types of tags that can be removed are: - - - Regular - Specify a regular tag for removal - - Boldon James - Specify a Boldon James tag for removal - - **NOTE:** The Boldon James column indicates whether a file tag is a regular tag or a Boldon - James tag. Regular tags will be identified with **0**. Boldon James tags will be identified - with **1**. - -A list of supported file types appears at the bottom of the page. diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/options.md b/docs/accessanalyzer/12.0/actions/file-system-actions/options.md deleted file mode 100644 index 4e2076ec84..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/options.md +++ /dev/null @@ -1,54 +0,0 @@ -# File System Action: Options - -The Options page provides access to additional options for the action. Based on the selection on the -Operation page and other choices made within the wizard, not all options on this page may be -available. - -![File System Action Module Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -Select from the following additional operations: - -- Delete locked files on reboot – Files that are locked can be queued to be deleted at the next - system start up -- Overwrite existing files – Files in the destination location are overwritten. This action cannot - be undone. -- Terminate associated process – Files that are locked cannot be actively moved, renamed or deleted - without stopping the associated process. If selected, this may cause an interruption to any users - of that target system and service. -- Create shortcuts to the moved files in the source directory – A shortcut will be created in the - source directory that points to the new location of a moved file -- Preserve file access – Copy the file ACL from the source directory to the destination to preserve - file access. Child objects, with inherited permissions or broken inheritance, targeted by copy or - move actions retain their permissions. Parent folders with inherited permissions are changed to - explicit. -- Enable SACL modification – Request system security access when opening files in order to make SACL - changes -- Retry failed rows – Enter the following information: - - - Number of times to retry - - Do not retry error codes – Rows of data with error codes listed within this textbox are - excluded from the action performed. Common errors are included for certain actions, and may be - customized to add or remove error codes. See the Microsoft - [System Error Codes](https://docs.microsoft.com/en-us/windows/desktop/Debug/system-error-codes) - article for additional information. - - Delay between retries - -- Enable batching – (For big data sets) Enabling batching breaks the data set into batches so the - action does not attempt to execute all lines at once. Actions performed on tables with a large - number of input rows may fail due to network failure, and it is difficult to determine the actions - that were executed before the failure. - - - Batch size – Specify the batch size. - -Start Process - -Select the desired start process. - -**CAUTION:** Due to system security limitations, some applications and programs cannot be restarted -or run remotely using this option. Additionally, starting interactive processes (such as Word, -Excel, and so on) will load them into memory, but may not make them available for interaction by the -end user. - -Use the fields provided to select target items and hosts from the drop-down lists and populate the -Set working directory field, or edit the field manually. The Preview field updates based on the -contents of the Set working directory field. diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/overview.md b/docs/accessanalyzer/12.0/actions/file-system-actions/overview.md deleted file mode 100644 index 8db588ddd2..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/overview.md +++ /dev/null @@ -1,111 +0,0 @@ -# File System Action Module - -The File System Action Module allows Access Analyzer Administrators to automate the process of -remediating and modifying Windows file system attributes and properties. The File System Action -Module provides options for changing attributes and permissions, as well as copying, deleting, -moving, and renaming file system contents. It is available with a special Access Analyzer license. - -**CAUTION:** Be careful when using this Action Module. Make sure that only the changes required are -applied and only to those target systems desired. Actions perform their functions on all rows in a -table. - -Access Analyzer action modules contain one or more selectable operations. Each operation performs -its function on a single object per row from the source table defined in the action. - -## Permissions - -The File System Action Module requires a Access Analyzer connection profile and privileged access to -file system devices. The Access Analyzer connection profile may be configured to have a Task account -type. The following are the least privileged access model required for Share Permission Changes: - -- Windows – User credential must be member of Power Users group -- NetApp Data ONTAP 7-Mode Device – User credential must be member of Power Users group -- NetApp Data ONTAP Cluster-Mode Device – User credential must have role on SVM that has permission - to modify share permissions - - **NOTE:** Enter the following syntax to create role: - - ``` - ‑security login role create ‑role [DESIRED_ROLE_NAME] ‑cmddirname “vserver cifs share access-control” ‑vserver [VSERVER_NAME] ‑access all - ``` - - Replace the `[DESIRED_ROLE_NAME]` and `[VSERVER_NAME]` variables with the required information. - For example: - - ``` - ‑security login role create ‑role netwrix ‑cmddirname “vserver cifs share access-control” ‑vserver testserver ‑access all - ``` - -## Applet Deployment - -The File System Action Module deploys an applet the first time an action is executed. Applets are -installed within the Access Analyzer Installation Directory if the `%SAInstallDir%` environment is -present. Otherwise, applets are deployed to `C:\Program Files (x86)\STEALTHbits\StealthAUDIT`. - -## Source Table Configuration - -Individual action modules, including File System Action Module, may have their own column -requirements. To take action on a file system resource, the source table must contain a column with -values to uniquely identify it. File System resources correspond to rows in a Access Analyzer table. -File System attributes correspond to columns. Once the source table has been scoped, use the Target -page to specify the field that identifies the target attribute along with any environmental -variables. - -These columns are required to use the File System Action Module. Otherwise, errors may occur upon -execution of the action and with analysis and reports downstream. - -| Required Columns | Description | -| ---------------- | ---------------------------------------------------------------------------------------------------------------------------- | -| rowGUID | Identifies each data row as unique. The datatype in the table is uniqueidentifier (GUID). | -| RowKey | Identifies each data row as unique. Sometimes the value is a GUID, but the datatype in the table is a varchar (text string). | - -_Remember,_ the individual File System actions may have their own column requirements in addition to -the above. These columns are made available through the File System Action Module wizard. - -The Operations page lists the operations that may be performed by the File System Action Module. -Each operation has its own source table column requirements as follows: - -| Operation | Column requirements | -| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | -| Change attributes | Columns containing: - Object to change attributes for - UNC path or local path (files or folders) | -| Change permissions and Auditing | Columns containing: - Object to change permissions for - UNC path or local path - (Optional) Permission values to change (files or folders) | -| Change permission inheritance | Columns containing: - Object to change permission inheritance for - UNC path or local path (files or folders) | -| Change Share permissions | Columns containing: - Share to change permissions for - UNC path or local path (shares) | -| Copy | Columns containing: - Object to copy - Location to copy the object to - UNC path or local path | -| Delete | Columns containing: - Object to delete - UNC Path or local path | -| Launch Remote Process | No specific columns required | -| Move | Columns containing: - Object to move - Location to move the object to - UNC path or local path | -| Remove permissions | Columns containing: - Object to remove permissions for - UNC path or local path (files or folders) | -| Remove Share permissions | Columns containing: - Object to remove Share permissions for - UNC path or local path (shares) | -| Rename | Columns containing: - Object to rename - New name of the object - UNC path or local path | -| Add tags | Columns containing: - Object to add tags to - UNC path or local path (files) | -| Remove tags | Columns containing: - Object to remove tags from - UNC path or local path (files) | -| Change Owner | Columns containing: - Object to change ownership for - UNC path or local path (folders) | - -## Configuration - -The File System Action module is configured through the File System Action Module Wizard, which -contains the following wizard pages: - -**NOTE:** Depending on the selections on the various pages, not all pages may be accessible. - -- Welcome -- [File System Action: Action](/docs/accessanalyzer/12.0/actions/file-system-actions/action.md) -- [File System Action: Operation](/docs/accessanalyzer/12.0/actions/file-system-actions/operation.md) -- [File System Action: Prior Actions](/docs/accessanalyzer/12.0/actions/file-system-actions/prior-actions.md) -- [File System Action: Environment](/docs/accessanalyzer/12.0/actions/file-system-actions/environment.md) -- [File System Action: Target](/docs/accessanalyzer/12.0/actions/file-system-actions/target.md) -- [File System Action: Parameters](/docs/accessanalyzer/12.0/actions/file-system-actions/parameters.md) -- [File System Action: Destination](/docs/accessanalyzer/12.0/actions/file-system-actions/destination.md) -- [File System Action: Rollback](/docs/accessanalyzer/12.0/actions/file-system-actions/rollback.md) -- [File System Action: Options](/docs/accessanalyzer/12.0/actions/file-system-actions/options.md) -- [File System Action: Applet Settings](/docs/accessanalyzer/12.0/actions/file-system-actions/applet-settings.md) -- [File System Action: Summary](/docs/accessanalyzer/12.0/actions/file-system-actions/summary.md) - -The Welcome page displays first and gives an overview of the action module. The navigation pane -contains links to the pages in the wizard, which may change based on the Action selected on the -Action page. - -![File System Action Module Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/parameters.md b/docs/accessanalyzer/12.0/actions/file-system-actions/parameters.md deleted file mode 100644 index 274bc84b87..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/parameters.md +++ /dev/null @@ -1,20 +0,0 @@ -# File System Action: Parameters - -The Parameters page is available for some of the selections on the Operation page. The list of -operations below provides access to the operation-specific versions of the Parameters page for this -wizard. Click on an operation to view its associated Parameters page. - -- [Change Attributes](/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md) -- [Change Permissions and Auditing](/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md) -- [Change Permission Inheritance](/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md) -- [Change Share Permissions](/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md) -- [Remove File Permissions](/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md) -- [Remove Share Permissions](/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md) -- [Add Tags](/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md) -- [Remove Tags](/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md) -- [Change Owner](/docs/accessanalyzer/12.0/actions/file-system-actions/operations.md) - -![File System Action Module Wizard Change File Attributes Parameters page](/img/product_docs/accessanalyzer/admin/action/filesystem/changeattributes.webp) - -The Navigation pane will list this as the Parameters page, but the title for each version indicates -the type of parameter to be configured. diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/prior-actions.md b/docs/accessanalyzer/12.0/actions/file-system-actions/prior-actions.md deleted file mode 100644 index aa91dfd146..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/prior-actions.md +++ /dev/null @@ -1,8 +0,0 @@ -# File System Action: Prior Actions - -The Prior Actions page is available when **Rollback a previously executed action** is selected on -the Action page . - -![File System Action Module Wizard Prior Actions page](/img/product_docs/accessanalyzer/admin/action/filesystem/prioractions.webp) - -Any previously executed actions appear in the table. diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/rollback.md b/docs/accessanalyzer/12.0/actions/file-system-actions/rollback.md deleted file mode 100644 index 56c4e9a4ec..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/rollback.md +++ /dev/null @@ -1,14 +0,0 @@ -# File System Action: Rollback - -Use the Rollback page to apply rollback support to the action. This option provides the ability to -undo failed actions and reapply the original action settings when the action continues from where it -left off. - -**NOTE:** Not all actions support Rollback. - -![File System Action Module Wizard Rollback page](/img/product_docs/accessanalyzer/admin/action/filesystem/rollback.webp) - -Use the following options: - -- Support rollback – Check to enable rollback of this action -- Add comments to be saved with this rollback – Enter a brief description to identify this rollback diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/summary.md b/docs/accessanalyzer/12.0/actions/file-system-actions/summary.md deleted file mode 100644 index a54d3a9cc4..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# File System Action: Summary - -The Summary page displays a summary of the configured action. - -![File System Action Module Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the File System Action Module Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/actions/file-system-actions/target.md b/docs/accessanalyzer/12.0/actions/file-system-actions/target.md deleted file mode 100644 index 7623412d84..0000000000 --- a/docs/accessanalyzer/12.0/actions/file-system-actions/target.md +++ /dev/null @@ -1,32 +0,0 @@ -# File System Action: Target - -Use the Target page to point the action module towards a file path on the specified host. -Environmental variables (for example, Program Files, SystemRoot, SAInstallDir, and so on) can be -used when creating a path as well as fields in the raw table output to populate the **Target items** -field. - -![File System Action Module Wizard Target page](/img/product_docs/activitymonitor/activitymonitor/admin/search/query/target.webp) - -Use the fields provided to select target items and hosts from the drop-down lists and populate the -Target items field, or edit the field manually. The Preview field updates based on the contents of -the Target items field. - -- Fields – Use the drop-down list to select a field (column) from the source table, then click the - blue arrow to insert the item into the **Target items** field -- Environment Variables – Select an item from the drop-down list, then click the blue arrow to - insert the item into the Target items field -- Target items – Enter the path to the target file or folder - - - Click the **ellipsis (…)** to browse for pattern path specification - - Click the **tick** icon to show a preview of the specified path - - Click the **Help** icon for additional information - -- Host – Select the field that identifies the systems or manually type the host to take action - against -- Use path type – Choose from the following options: - - - Local – Uses the local path - - UNC – Uses the UNC path - -- Preview – Shows what the compound path specified will be resolved in to. The text here is used to - initialize the file specification selection dialog. diff --git a/docs/accessanalyzer/12.0/actions/libraries.md b/docs/accessanalyzer/12.0/actions/libraries.md deleted file mode 100644 index f9c4727416..0000000000 --- a/docs/accessanalyzer/12.0/actions/libraries.md +++ /dev/null @@ -1,61 +0,0 @@ -# Action Libraries - -When creating a new action on a job, you have the ability to load action tasks that have been -preconfigured with table input, script body, and parameters. This helps you: - -- Perform operations that are not available in one of the out of the box action modules -- Build custom action workflows to satisfy common use cases -- Build custom remediation workflows, such as: - - - PowerShell Script / Action Body - - Table references - - Parameters - -On the job's **Configure** > **Action** node, the **Add from Library** option opens the Libraries -window with the available Action Libraries and operations: - -![Libraries window](/img/product_docs/accessanalyzer/admin/action/libraries.webp) - -When a specific operation within a library is chosen, the action is added in the disabled state to -the job. The Action Properties page opens, which has a description, action module, and source table -with relevant filters applied. - -When you click the **Configure Action** link, the action module's wizard opens. - -![PowerShell Action Module Wizard](/img/product_docs/accessanalyzer/admin/action/powershellmodulewizard.webp) - -The following Action Libraries and Templates leverage the PowerShell Action module for running -actions within the specific environment: - -- Active Directory -- Azure Active Directory -- ServiceNow -- SharePoint Online -- Windows - -Prerequisite information for each of the PowerShell scripts is included as part of the script -comments. Typically, a script requires necessary cmdlets available and installed, as well as -parameter inputs configured. - -## Create a Custom Action Library - -You can also create and maintain custom libraries of action tasks for easy reference and use. Once -you configure an action task as desired, follow the steps to add it to an Action Library. - -**Step 1 –** From within the Action Selections view where the custom action tasks exists, -right-click and copy the task. - -**Step 2 –** Click the **Add from Library** link to open the Libraries window. - -**Step 3 –** Click the green plus sign on the top left to add a new library. - -![Add custom library on Libraries window](/img/product_docs/accessanalyzer/admin/action/librariescustom.webp) - -**Step 4 –** In the pop-up window, specify a name for the library and click **OK**. - -![Libraries window paste button](/img/product_docs/accessanalyzer/admin/action/librariescustompaste.webp) - -**Step 5 –** Select the new library and paste the copied action task. - -The custom action task is now available for use in other jobs through the **Add from Library** -option. diff --git a/docs/accessanalyzer/12.0/actions/mailbox/affected-mailboxes.md b/docs/accessanalyzer/12.0/actions/mailbox/affected-mailboxes.md deleted file mode 100644 index 61796220d3..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/affected-mailboxes.md +++ /dev/null @@ -1,40 +0,0 @@ -# Mailbox: Affected Mailboxes - -Use the Affected Mailboxes page to select the mailboxes to target for the action. It is a wizard -page for the following operations: - -- Add/Change Permissions -- Remove Permissions -- Add Delegates, Remove Delegates -- Remove Stale SIDs - -![New Mailbox Action Wizard Affected Mailboxes page](/img/product_docs/accessanalyzer/admin/action/mailbox/affectedmailboxes.webp) - -Select mailboxes to process using the following options: - -- Users found in the following column – Select this option to identify users via a data table column - - - Use the drop-down menu to select a data table column containing either the Mailbox display - name or email address - - Select a data type for the selected field using the following options: - - - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data - types: - - - Legacy Exchange DN - - Display Name - - - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active - Directory Data Collector with the following data types: - - - User DN - - Account Name - - SID - - SMTP Email Address - -- The list of users – Identifies users in one of the following ways: - - - Click **Select** to choose from the global address list (GAL) - - Manually enter a user name and click **Add**. Repeat for additional users. - - To restore anonymous permissions to folders, enter `anonymous` and click **Add** - - To remove a user, select it and click **Remove** diff --git a/docs/accessanalyzer/12.0/actions/mailbox/criteria-selection.md b/docs/accessanalyzer/12.0/actions/mailbox/criteria-selection.md deleted file mode 100644 index c3134b9304..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/criteria-selection.md +++ /dev/null @@ -1,16 +0,0 @@ -# Mailbox: Criteria Selection - -Use the Criteria Selection page to choose search criteria saved in a previous Exchange Mailbox Data -Collector query or define new criteria. It is a wizard page for the Delete Mailbox Contents -operation. - -![New Mailbox Action Wizard Criteria Selection page](/img/product_docs/accessanalyzer/admin/action/mailbox/criteriaselection.webp) - -Choose whether to use existing Mailbox Search criteria or determine new criteria: - -- Use the following criteria specified in the task – Applies a predetermined search criteria - - - Use the dropdown menu to select existing Mailbox search criteria (if any) - - Select the checkbox to modify Content Conditions of existing search criteria - -- Define a new criteria – Proceed while establishing new criteria diff --git a/docs/accessanalyzer/12.0/actions/mailbox/delegate-rights.md b/docs/accessanalyzer/12.0/actions/mailbox/delegate-rights.md deleted file mode 100644 index d794e97fb2..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/delegate-rights.md +++ /dev/null @@ -1,39 +0,0 @@ -# Mailbox: Delegate Rights - -Use the Delegate Rights page to specify folder permissions for the selected delegates. A permission -level can be specified for each folder on the page. It is a wizard page for the Add Delegates -operation. - -![New Mailbox Action Wizard Delegate Rights page](/img/product_docs/accessanalyzer/admin/action/mailbox/delegaterights.webp) - -Set delegate rights using the following options: - -- The following delegate rights can be chosen to access each mailbox folder: - - - None - - Reviewer - - Contributor - - Nonediting Author - - Author - - Editor - - Publishing Author - - Publishing Editor - - Owner - -- Select a right from the drop-down menu of any desired mailbox folder, including: - - - Calendar - - **NOTE:** If Editor or a higher rights level is selected, the **Delegate receives copies of - meeting-related messages sent to me** option is enabled for selection. - - - Tasks - - Inbox - - Contacts - - Notes - - Journal - -- Propagate permissions to child folders – Select the checkbox to Propagate permissions to the child - folders of the selected folders -- Delegate can see my private items – Select the checkbox to allow a delegate to access your - personal items of the selected folders diff --git a/docs/accessanalyzer/12.0/actions/mailbox/folder-conditions.md b/docs/accessanalyzer/12.0/actions/mailbox/folder-conditions.md deleted file mode 100644 index 588d972964..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/folder-conditions.md +++ /dev/null @@ -1,84 +0,0 @@ -# Mailbox: Folder Conditions - -Use the Folder Conditions page to customize folder search filter conditions. It is a wizard page for -the **No, the query results do not contain a mailbox identification** column option on the Folder -Identification page. - -![New Mailbox Action Wizard Folder Conditions page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) - -Customize folder search conditions using the following options: - -- Select conditions – Select the checkbox next to any of the following filter conditions to apply - them to the search and add them to the Edit conditions box. Folder Conditions include: - - - With specific folder type - - With search terms in the folder name - - With specific folder(s) to include/exclude - -- Edit conditions – Any selected conditions populate here. To modify filter conditions, click the - underlined portion of the condition, which opens a corresponding window. - -## Folder Type Window - -Use the Folder Type window to select which folder types to run the action against. The Folder Type -window opens if **specific** in **with specific folder type** is selected in the Edit Conditions -box. . - -![Folder Type Window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) - -Select the checkbox next to any desired folder type to include it in the search criteria, including: - -- Calendar -- Contact -- Journal -- Mail -- Notes -- Task -- Reminder -- RSS Feed - -## Search Terms Window - -Use the Search Terms window to select terms contained in folder names to run the action against.The -Search Terms window opens if **search terms** is selected in the Edit Conditions box. - -![Search Terms Window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Edit the search terms using the following options: - -- To add a term to the search, enter the desired term into the upper text box and click **Add** -- To remove a term from the search, select a term in the lower text box and click **Remove** -- Click **Clear** to clear all terms from the lower box -- Select a qualifier option: - - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing one or - more of the search terms - -- Click **Import CSV** to open a file explorer and select a CSV file to import - -## Folder Inclusion/Exclusion Window - -Use the Folder Inclusion/Exclusion window to select individual folders to add to or remove from the -action. The Folder Inclusion/Exclusion window opens if **specific** in **with specific folder(s) to -include/exclude** is selected in the Edit Conditions box. - -![Folder Inclusion/Exclusion Window](/img/product_docs/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindow.webp) - -Include/Exclude folders using the following options: - -- Click **Add** to populate a field to add a folder path - - ![New field added on Folder Inclusion/Exclusion window](/img/product_docs/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindownew.webp) - -- Click the ellipsis (**…**) or enter the path to the desired folder in the text box -- Scope auto-populates with **This folder**. Click **This folder** to reveal a drop-down menu to - select from the following scope options: - - - This folder - - This folder and subfolders - - Subfolders only - -- The Remove button becomes enabled once a folder is added to either section. To remove a folder - from the scope, select it and click **Remove**. diff --git a/docs/accessanalyzer/12.0/actions/mailbox/folder-identification.md b/docs/accessanalyzer/12.0/actions/mailbox/folder-identification.md deleted file mode 100644 index 1a0978f439..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/folder-identification.md +++ /dev/null @@ -1,23 +0,0 @@ -# Mailbox: Folder Identification - -Use the Folder Identification page to specify folders to target. It is a wizard page for the Delete -Mailbox Contents operation. - -![New Mailbox Action Wizard Folder Identification page](/img/product_docs/accessanalyzer/admin/action/mailbox/folderidentification.webp) - -Select whether the query results contain a mailbox identification column using the following -options: - -- Yes, the query results contain a mailbox folder identification column - - - Select the mailbox identification column using the drop-down menu - - Folder Identifier Type – Choose which mailbox identifier the selected column uses: - - - Folder Path and Name – Select this option if the specified field contains a fully - qualified path - - Entry ID – Select this option if the selected field is an EntryID that is a unique - identifier for a folder - -- No, the query results do not contain a mailbox folder identification column – Selecting this - enables the Folder Conditions page, used to identify specific folders to target. See the - [Mailbox: Folder Conditions](/docs/accessanalyzer/12.0/actions/mailbox/folder-conditions.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/actions/mailbox/identification.md b/docs/accessanalyzer/12.0/actions/mailbox/identification.md deleted file mode 100644 index 9910c1d1a2..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/identification.md +++ /dev/null @@ -1,38 +0,0 @@ -# Mailbox: Mailbox Identification - -The Mailbox Identification page specifies the mailboxes the action targets. It is a wizard page for -the Delete Mailbox Contents operation. - -Depending on the data in the source table, users must specify a data table column containing either -the Mailbox display name or email address. - -![New Mailbox Action Wizard Mailbox Identification page](/img/product_docs/accessanalyzer/admin/action/mailbox/identification.webp) - -Select which mailboxes to target using the following options: - -- Users found in the following column – Select this option to identify users via a data table column - - - Use the drop-down menu to select a data table column containing either the Mailbox display - name or email address - - Select a data type for the selected field using the following options: - - - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data - types: - - - Legacy Exchange DN - - Display Name - - - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active - Directory Data Collector with the following data types: - - - User DN - - Account Name - - SID - - SMTP Email Address - -- The list of users – Identifies users in one of the following ways: - - - Click **Select** to choose from the global address list (GAL) - - Manually enter a user name and click **Add**. Repeat for additional users. - - To restore anonymous permissions to folders, enter `anonymous` and click **Add** - - To remove a user, select it and click **Remove** diff --git a/docs/accessanalyzer/12.0/actions/mailbox/message-actions.md b/docs/accessanalyzer/12.0/actions/mailbox/message-actions.md deleted file mode 100644 index 7e4cd1025a..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/message-actions.md +++ /dev/null @@ -1,34 +0,0 @@ -# Mailbox: Message Actions - -Use the Message Actions page to specify the action to take with the messages that meet the search -criteria. It is a wizard page for the **Delete Mailbox Contents** operation. - -![New Mailbox Action Wizard Message Actions page](/img/product_docs/accessanalyzer/admin/action/mailbox/messageactions.webp) - -To select a message action, use the following options: - -- Select an action – Select the checkbox next to a message action to apply it to the search. The - selected action displays in the Edit Actions box. Possible actions include: - - - Delete – Items can be recovered via the Deleted Contents table (folder dumpster) - - Permanent Delete – Items are not recoverable - - Move to Deleted Items folder - - Delete Attachment (Append Text Options) – Deletes attachment and adds **Append Text Options** - to the Edit Conditions box - - Delete Body Text (Append Text Options) – Deletes body text and adds **Append Text Options** to - the Edit Conditions box - -- Edit conditions – Any selected conditions populate here - - - To edit a filter condition, click the underlined portion of the condition to open the - corresponding window - -## Options Window - -Use the Options window to add an appended text. The Options window opens if **Append Text Options** -is selected in the Edit Conditions box. - -![Options Window](/img/product_docs/accessanalyzer/admin/action/mailbox/optionswindow.webp) - -To append text to the attachment or body, select the checkbox to enable editing and enter the -desired text to append in the textbox. diff --git a/docs/accessanalyzer/12.0/actions/mailbox/message-conditions.md b/docs/accessanalyzer/12.0/actions/mailbox/message-conditions.md deleted file mode 100644 index c572626b5f..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/message-conditions.md +++ /dev/null @@ -1,111 +0,0 @@ -# Mailbox: Message Conditions - -Use the Message Conditions page to customize message search filter conditions. It is a wizard page -for the Delete Mailbox Contents operation. - -![New Mailbox Action Wizard Mailbox Message Conditions page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) - -Customize the folder search conditions using the following options: - -- Message Category – Use the drop-down menu to select a message category - - **NOTE:** Each selection may populate various conditions in the Select Conditions section. - -- Select conditions – Select the checkbox next to any desired filter conditions to apply them to the - search. The selected conditions then show in the Edit conditions box. Message Conditions include: - - - with specific message classes - - that is created in specific date - - with search terms in the subject - - with search terms in the body - - with search terms in the subject or body - - with search terms in the message header - - with search terms in the recipient’s address - - with search terms in the sender’s address - - that has an attachment - - that is received in specific date - - with specific message ID - - that occurs in specific date - -- Edit conditions – Any selected conditions populate here - - - To edit filter conditions, click the underlined portion of the condition. This opens a - corresponding window to configure the condition, with the exception of **has attachment(s)**. - - - Clicking **has attachment(s)** changes it to **has no attachment(s** and vice versa - -## MessageClasses Window - -Use the MessageClasses window to select a message class to apply to the scope of the action. The -MessageClasses window opens if **specific** in **with specific message classes** is selected in the -Edit Conditions box. - -![MessageClasses Window](/img/product_docs/accessanalyzer/admin/action/mailbox/messageclasseswindow.webp) - -Modify message classes using the following options: - -- Click **Add** to populate a field to add a message class - - ![New class added in MessageClasses Window](/img/product_docs/accessanalyzer/admin/action/mailbox/messageclasseswindownew.webp) - -- Click the ellipsis (**…**) or enter the path to the desired folder in the text box -- Matching Strategy auto-populates with **Exact Match**. Click **Exact Match** to reveal a drop-down - menu to select from the following scope options: - - - Exact Match - - Starts With - - Contains - -- To remove a message class, select it and click **Remove** -- Click **Import CSV** to open a file explorer and select a CSV file to import - -## Data Range Selection Window - -Use the Date Range Selection window to determine a time period to scope. The Date Range Selection -window opens if **in specific date** in either the **that is created in specific date** or **that is -received in specific date** conditions is selected in the Edit condition box. - -![Data Range Selection Window](/img/product_docs/accessanalyzer/admin/action/mailbox/datarangeselectionwindow.webp) - -To specify a date range, use the following options: - -- Select one of the following qualifier options: - - - Over - - Last - - Before - - After - - Between - -- Configure the date range using the textbox or drop-down menus for the selected option - -## Search Terms Window - -Use the Search Terms window to select terms in messages to run the action against. The Search Terms -window opens if **search terms** in any condition is selected in the Edit Conditions box. - -![Search Terms Window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Edit the search terms using the following options: - -- To add a term to the search, enter the desired term into the upper text box and click **Add** -- To remove a term from the search, select a term in the lower text box and click **Remove** -- Click **Clear** to clear all terms from the lower box -- Specify a qualifier option: - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing any one or - more of the search terms -- Click **Import CSV** to open a file explorer and select a CSV file to import - -## Values Window - -Use the Values window to add or remove values to or from the search. The Values window opens if -**specific** in **with specific Message ID** is selected in the Edit Conditions box. - -![Values Window](/img/product_docs/accessanalyzer/admin/action/mailbox/valueswindow.webp) - -- To add a term to the search, enter the desired term into the upper text box and click **Add** -- To remove a term from the search, select a term in the lower text box and click **Remove** -- Click **Clear** to clear all terms from the lower box -- Click **Import CSV** to open a file explorer and select a CSV file to import diff --git a/docs/accessanalyzer/12.0/actions/mailbox/operations.md b/docs/accessanalyzer/12.0/actions/mailbox/operations.md deleted file mode 100644 index 9cdf762068..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/operations.md +++ /dev/null @@ -1,16 +0,0 @@ -# Mailbox: Operations - -Use the Operations page to specify the operation to be performed as part of the action. - -![New Mailbox Action Wizard Operations page](/img/product_docs/activitymonitor/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) - -Select from the following operations: - -- Delete Mailbox Contents -- Add/Change Permissions -- Remove Permissions -- Add Delegates -- Remove Delegates -- Remove Stale SIDS - -**NOTE:** The Operation selected alters the subsequent steps displayed by the wizard. diff --git a/docs/accessanalyzer/12.0/actions/mailbox/overview.md b/docs/accessanalyzer/12.0/actions/mailbox/overview.md deleted file mode 100644 index 07f80c80ac..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/overview.md +++ /dev/null @@ -1,40 +0,0 @@ -# Mailbox Action Module - -The Mailbox action module allows you to perform bulk operations on Microsoft Exchange mailboxes, for -example deleting mailbox content and modifying permissions and delegates. - -**CAUTION:** This action module can add, change, or remove permissions and delegates from an -environment. Always verify the data and target mailboxes prior to executing any action. - -## Mailbox Action Source Table Configuration - -All data tables used in Access Analyzer action modules require the presence of certain data columns. -In addition, individual action modules including Mailbox may have their own column requirements. The -Mailbox action module requires a column containing mailbox names. - -## Configuration - -Use the New Mailbox Action Wizard to target mailboxes or folders and to define the operation to -perform against the selected objects. The wizard has the following pages: - -- Welcome -- [Mailbox: Operations](/docs/accessanalyzer/12.0/actions/mailbox/operations.md) -- [Mailbox: Criteria Selection](/docs/accessanalyzer/12.0/actions/mailbox/criteria-selection.md) -- [Mailbox: Sampling Host](/docs/accessanalyzer/12.0/actions/mailbox/sampling-host.md) -- [Mailbox: Mailbox Identification](/docs/accessanalyzer/12.0/actions/mailbox/identification.md) -- [Mailbox: Folder Identification](/docs/accessanalyzer/12.0/actions/mailbox/folder-identification.md) -- [Mailbox: Folder Conditions](/docs/accessanalyzer/12.0/actions/mailbox/folder-conditions.md) -- [Mailbox: Message Conditions](/docs/accessanalyzer/12.0/actions/mailbox/message-conditions.md) -- [Mailbox: Message Actions](/docs/accessanalyzer/12.0/actions/mailbox/message-actions.md) -- [Mailbox: Permissions](/docs/accessanalyzer/12.0/actions/mailbox/permissions.md) -- [Mailbox: Affected Mailboxes](/docs/accessanalyzer/12.0/actions/mailbox/affected-mailboxes.md) -- [Mailbox: Trusted Users](/docs/accessanalyzer/12.0/actions/mailbox/trusted-users.md) -- [Mailbox: Delegate Rights](/docs/accessanalyzer/12.0/actions/mailbox/delegate-rights.md) -- [Mailbox: Summary](/docs/accessanalyzer/12.0/actions/mailbox/summary.md) - -The Welcome page gives an overview of the action module. The steps navigation pane contains links to -the pages in the wizard, which change based on the operation selected on the Operations page. - -![New Mailbox Action Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/actions/mailbox/permissions.md b/docs/accessanalyzer/12.0/actions/mailbox/permissions.md deleted file mode 100644 index 4512bcabd5..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/permissions.md +++ /dev/null @@ -1,133 +0,0 @@ -# Mailbox: Permissions - -Use the Permissions page to determine which permissions to remove. It is a wizard page for the -**Add/Change Permissions** and **Remove Permissions** operations. - -![New Mailbox Action Wizard Permissions page](/img/product_docs/threatprevention/threatprevention/admin/policies/permissions.webp) - -Use the following options to add, change or remove Permissions: - -- User – Specifies user permissions to add or change. To select different users, click the - down-arrow to display the User window. See the [User Window](#user-window) topic for additional - information. -- Folder – Specifies the folder for which to change permissions. Click the down-arrow to display the - Folder window. See the [Folder Window](#folder-window) topic for additional information. -- Permission – Selects a permission to assign. Click the down-arrow to display the Permission - window. See the [Permission Window](#permission-window) topic for additional information. -- Propagate permissions to child folders – Propagates permissions to the child folders of the - selected folders -- Once User, Folder, and Permission are selected, click **Add** to add them to the summary of the - action to be taken -- To remove an added Permission, select it in the panel and click **Remove** - -## User Window - -Use the User window to select a user. The User window opens when the **User** down-arrow is selected -on the Permissions page. - -![User Window](/img/product_docs/accessanalyzer/admin/action/mailbox/userwindow.webp) - -Select a user using the following options: - -- Users found in the following column – Select this option to identify users via a data table column - - - Use the drop-down menu to select a data table column containing either the Mailbox display - name or email address - - Select a data type for the selected field using the following options: - - - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data - types: - - - Legacy Exchange DN - - Display Name - - - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active - Directory Data Collector with the following data types: - - - User DN - - Account Name - - SID - - SMTP Email Address - -- The list of users – Identifies users in one of the following ways: - - - Click **Select** to choose from the global address list (GAL) - - Manually enter a user name and click **Add**. Repeat for additional users. - - To restore anonymous permissions to folders, enter `anonymous` and click **Add** - - To remove a user, select it and click **Remove** - -## Folder Window - -Use the Folder window to select folders. The Folder window opens when the **Folder** down-arrow is -selected on the Permissions page. - -![Folder Window](/img/product_docs/accessanalyzer/admin/action/mailbox/folderwindow.webp) - -Select a folder using the following options: - -- Folder names in the following column – Select from folder names present in the column - - - Click the down arrow and select either the folder path or the Entry ID column for that folder - - Select the appropriate folder identifier type: - - - Folder Path - - Entry ID - -- The list of folders – Select one of the default folders - - - Select a folder from the drop-down menu and click **Add** - - To remove a folder, select it and click **Remove** - -## Permission Window - -Use the Permission window to specify permissions. The Permission window opens when the -**Permission** down-arrow is selected on the Permissions page. - -![Permission Window](/img/product_docs/accessanalyzer/admin/action/mailbox/permissionwindow.webp) - -Specify permissions using the following options: - -- Permissions Level – Each permission level has a set of default selections. If a setting is - changed, the Permissions Level field changes to **Custom**. Permission levels are associated with - the different permissions available for assignment through Outlook. Options include: - - - None - - Contributor - - Reviewer - - Nonediting Author - - Author - - Publishing Author - - Editor - - Publishing Editor - - Owner - -- Read – Choose the read permissions from the following: - - - None - - Full Details - -- Write – Select any desired write permissions from the following: - - - Create Items - - Create subfolders - - Edit Own - - Edit all - -- Delete Items – Choose delete permissions from the following: - - - None - - Own - - All - -- Other – Select any other permissions to apply from the following: - - - Folder owner – User has all permissions for the folder - - Folder Contact – User receives automated messages about the folder such as replication - conflict messages, requests from users for additional permissions, and other changes to folder - status - - Folder visible – User can see the folder but cannot read or edit the items within - -- To add anonymous permissions, choose **None** - - - To re-add Anonymous to the folder but not assign any access, select a permission level to - assign diff --git a/docs/accessanalyzer/12.0/actions/mailbox/sampling-host.md b/docs/accessanalyzer/12.0/actions/mailbox/sampling-host.md deleted file mode 100644 index 1d583ecc89..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/sampling-host.md +++ /dev/null @@ -1,26 +0,0 @@ -# Mailbox: Sampling Host - -Use the Sampling Host page to specify the Exchange server to target. It is a wizard page for all -operation types. - -![New Mailbox Action Wizard Sampling Host page](/img/product_docs/accessanalyzer/admin/action/mailbox/samplinghost.webp) - -Select an Exchange server to target using the following options: - -- Select the **Use Global Setting** checkbox to query the global Exchange setting -- Use the radio buttons to select a specific host -- System Attendant (2003 & 2007) – Audits Microsoft Exchange 2007 or older versions -- Use the mailbox associated with the Windows account that Access Analyzer is run with – Uses either - the account logged into the Access Analyzer Console server or the account set to run the Access - Analyzer application to access the Exchange mailbox -- Exchange Mailbox (2010 and newer) – Allows Exhange Mailbox Alias to be specified for MAPI - connections - - - When Exchange Mailbox (2010 and newer) is selected, the textbox is enabled. Enter the Alias - name in the textbox. The Alias needs to be an Exchange 2010 or newer mailbox, not a - mail-enabled service account. However, this mailbox does not need rights on the Exchange - Organization; it only needs to reside within it. - - Client Access Server – Enter the name of the physical CAS in the textbox. This server can be - part of an array, but do enter the name of a CAS Array. This should also be the Exchange CAS - where both Remote PowerShell and Windows Authentication on the PowerShell Virtual Directory - have been enabled. diff --git a/docs/accessanalyzer/12.0/actions/mailbox/summary.md b/docs/accessanalyzer/12.0/actions/mailbox/summary.md deleted file mode 100644 index b8add4729c..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/summary.md +++ /dev/null @@ -1,7 +0,0 @@ -# Mailbox: Summary - -The Summary page summarizes the configuration of the action. - -![New Mailbox Action Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes and exit, or **Cancel** to exit with saving. diff --git a/docs/accessanalyzer/12.0/actions/mailbox/trusted-users.md b/docs/accessanalyzer/12.0/actions/mailbox/trusted-users.md deleted file mode 100644 index b0e62d57e0..0000000000 --- a/docs/accessanalyzer/12.0/actions/mailbox/trusted-users.md +++ /dev/null @@ -1,47 +0,0 @@ -# Mailbox: Trusted Users - -Use the Trusted Users page to select delegates to add. Users can be added individually or from a -server with a mailbox environment. It is a wizard page for the following operations: - -- Add Delegates -- Remove Delegates - -![New Mailbox Action Wizard Trusted Users page](/img/product_docs/accessanalyzer/admin/action/mailbox/trustedusers.webp) - -Select Trusted User delegates using the following options: - -- Users found in the following column – Select this option to identify users via a data table column - - - Use the drop-down menu to select a data table column containing either the Mailbox display - name or email address - - Select a data type for the selected field using the following options: - - - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data - types: - - - Legacy Exchange DN - - Display Name - - - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active - Directory Data Collector with the following data types: - - - User DN - - Account Name - - SID - - SMTP Email Address - -- The list of users – Identifies users in one of the following ways: - - - Click **Select** to choose from the global address list (GAL) - - Manually enter a user name and click **Add**. Repeat for additional users. - - To restore anonymous permissions to folders, enter `anonymous` and click **Add** - - To remove a user, select it and click **Remove** - -The following additional options are available for the Remove Delegates operation: - -- Remove Permissions for Delegate – Remove Mailbox permissions in addition to removing delegate - rights -- Remove Permissions from Child Folders – Removes permissions from child folders - - **NOTE:** This option is only enabled if the **Remove Permissions for Delegate** option is - selected. diff --git a/docs/accessanalyzer/12.0/actions/overview.md b/docs/accessanalyzer/12.0/actions/overview.md deleted file mode 100644 index ebaf3d7332..0000000000 --- a/docs/accessanalyzer/12.0/actions/overview.md +++ /dev/null @@ -1,137 +0,0 @@ -# Action Modules - -This guide describes the **Actions** node and the various action modules available for use in Access -Analyzer. This overview topic describes the basic procedure for creating and executing an action -module as well the initial steps to take when configuring an action. Each action module is described -in detail in the relevant topics. - -The Access Analyzer actions are capable of changing users, permissions, files, and objects from a -variety of environments. Action modules are assigned to a job at the **Configure** > **Actions** -node. See the [Actions Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/actions.md) topic for additional information on -the Action Selection view. - -![Action Selection page](/img/product_docs/accessanalyzer/admin/action/actionselection.webp) - -Configure the action through the Action Properties page. Navigate to the job’s **Configure** > -**Actions** node. Select **Create Action** to add a new action task to a job. Select an existing -action and click **Action Properties** to modify its configuration. The Action Properties page opens -for either option. Pre-configured action tasks can be added from the Action Library. See the -[Action Libraries](/docs/accessanalyzer/12.0/actions/libraries.md) topic for additional information. - -Most action modules are available with a special Access Analyzer License. The following table -provides brief descriptions of the action modules available in Access Analyzer. - -| Action Module | Description | -| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Active Directory | Make changes to Active Directory such as deleting objects, creating users, and changing group membership. See the [Active Directory Action Module](/docs/accessanalyzer/12.0/actions/active-directory-actions/overview.md) for additional information. | -| File System | Change attributes and permissions, as well as copy, delete, move, and rename file system contents. See the [File System Action Module](/docs/accessanalyzer/12.0/actions/file-system-actions/overview.md) for additional information. | -| Mailbox | Add/change permissions, remove permissions, add/remove delegates, remove zombie SIDS, and delete mailbox content. See the [Mailbox Action Module](/docs/accessanalyzer/12.0/actions/mailbox/overview.md) for additional information. | -| PowerShell | Run PowerShell scripts on the local machine or on remote hosts. See the [PowerShell Action Module](/docs/accessanalyzer/12.0/actions/powershell/overview.md) for additional information. | -| PublicFolder | Make changes to Exchange Public Folders. See the [PublicFolder Action Module](/docs/accessanalyzer/12.0/actions/public-folder/overview.md) for additional information. | -| Registry | Make changes to the system registry. See the [Registry Action Module](/docs/accessanalyzer/12.0/actions/registry/overview.md) for additional information. | -| SendMail | Communicate with target audiences to supply users with dynamic content from selected audit data. See the [SendMail Action Module](/docs/accessanalyzer/12.0/actions/send-mail/overview.md) for additional information. | -| ServiceNow | Creates incidents in ServiceNow. See the [ServiceNow Action Module](/docs/accessanalyzer/12.0/actions/service-now/overview.md) for additional information. | -| SharePoint | Add/remove trustees from sites, lists, or libraries in SharePoint on-premise, apply sensitivity labels, and move files. | -| Survey | Solicit feedback from users to expedite and aid in the decision making process. See the [Survey Action Module](/docs/accessanalyzer/12.0/actions/survey/overview.md) for additional information. | -| Web Request | Sends data to Threat Manager. See the [WebRequest Action Module](/docs/accessanalyzer/12.0/actions/web-request/overview.md) for additional information. | - -## Basic Procedure - -Actions perform operations on data tables. They reside within a job node and are associated with -that job. Access Analyzer provides many action modules and each has its own set of operations that -can be applied to selected columns in a selected data table. - -For example, the Active Directory Action Module automates specified Active Directory operations -while the SendMail Action Module can send an email to a dynamic list of users. - -The basic procedure consists of the following steps. - -**Step 1 –** Create a data table containing the target objects to be modified and exclude any -extraneous columns. - -**Step 2 –** Configure an action task using the configuration wizard for the selected action module. -Target the selected objects and apply selected operations to the data. - -**Step 3 –** Execute the action. - -### Executing Actions - -Actions with the checkbox next to their name selected in the Action Selection view are executed -automatically as part of the job’s execution. The actions are executed in the order in which they -appear in the Selection table. You can also manually execute selected actions without running the -job by clicking on the **Action Execute** link on the Action Selection view. - -## Caution on Action Modules - -**CAUTION:** Access Analyzer action modules apply bulk changes to targeted objects within the target -environment. Actions perform operations on selected objects listed in each row of the source table. -Exercise caution to ensure the action applies only the desired changes and only to the desired -target objects. - -**_RECOMMENDED:_** Prior to configuring the action module, scope the source data table to include -only the desired data. It is also recommended to run the action in a test environment before making -changes to a production environment. - -## Action Properties Page - -Use this page to view or specify properties for a selected action, including the name, description, -action module, and source table. Access this page via the Action Selection view. - -![Action Properties page for new action](/img/product_docs/accessanalyzer/admin/action/actionproperties.webp) - -**_RECOMMENDED:_** Provide unique and descriptive names and action task descriptions to all user -created action tasks. - -- Name – Action task name. For new actions, an editable default name displays. -- Description – Action task description. For new actions, this editable field is blank. -- Action Module – Drop-down menu of available action modules - - - Configure Action – Opens the configuration wizard for the selected action module - -- Source Table – Table with objects the action task acts upon. For new actions, this field is blank. - Specify a source table on which to perform the action. -- Show tables from current job only – Restricts the list of source tables available to only those - tables generated by the job where the action task resides. Deselect the checkbox to list all - available data tables. -- ID – Unique identifier, or GUID, of the action task generated by the application. With this ID, - the database can distinguish actions, even those with identical configurations. -- Data Grid – Displays a sample of the selected Source table. This data grid functions the same as - all data grids within Access Analyzer. Data can be filtered, and columns can be regrouped. See the - [Data Grid Functionality](/docs/accessanalyzer/12.0/administration/navigation/data-grid.md) topic for additional information. - -### Source Table Configuration - -All Access Analyzer actions require a source data table. The source table must contain, at a -minimum, the following columns. Include these columns in addition to any other columns required by -the action module being used. Otherwise, errors may occur upon execution of the action and with -analysis and reports downstream. - -| Required Columns | Description | -| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Host | Name of the target server | -| SA_HOST | This column determines the Access Analyzer server to which the data belongs in the event multiple Access Analyzer consoles are connected to a single database | -| JobRunTimeKey | Contains the run time and date for the job. If history is active, Access Analyzer can identify data collected during a specific collection execution. | -| rowGUID | Identifies each data row as unique. The datatype in the table is uniqueidentifier (GUID). | -| RowKey | Identifies each data row as unique. Sometimes the value is a GUID, but the datatype in the table is a varchar (text string). | - -_Remember,_ the individual action modules may have their own column requirements in addition to the -above. - -#### Data Tables - -Access Analyzer native data tables generally contain all of the above columns. However, if all -required columns are not present by default, add them manually. - -**CAUTION:** Do not use native data tables in action modules. Source data tables in actions should -include only the data desired for the operation. Scope the data tables to include only the required -columns prior to configuring the action. - -#### Module-Specific Source Table Requirements - -Access Analyzer action modules contain one or more selectable operations, many of which have their -own column requirements. Thus, in addition to excluding extraneous columns from the data tables, -include in the tables any columns required by the selected operation. The columns can have any name, -but they must contain the data required by the operation. - -For example, in the Active Directory Action Module, the Create Groups operation requires a column -containing the group name. diff --git a/docs/accessanalyzer/12.0/actions/powershell/execution-options.md b/docs/accessanalyzer/12.0/actions/powershell/execution-options.md deleted file mode 100644 index 76ba2ac84e..0000000000 --- a/docs/accessanalyzer/12.0/actions/powershell/execution-options.md +++ /dev/null @@ -1,24 +0,0 @@ -# PowerShell Action: Execution Options - -Specify the execution options for the PowerShell script using the Execution Options page. - -![PowerShell Action Module Wizard Execution Options page](/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/executionoptions.webp) - -The options on the Execution Options page are: - -- Execute script locally on the Access Analyzer server – Enable this to execute the PowerShell - script on the Access Analyzer server - - - Use the same PowerShell session for each row – Select to enable using the same PowerShell - session to run multiple rows - -- Execute script remotely on a target server – Enable this to execute the PowerShell script on a - remote target server - - - Use the **Remote host** dropdown to select the database column that will be used as the target - server name or type in a network host name - - Select the **Fall back to the local Access Analyzer server if the remote execution fails** - option to use the Access Analyzer server if remote execution fails - -- Use impersonation within server executable – Select this option to use impersonation when - executing the PowerShell script diff --git a/docs/accessanalyzer/12.0/actions/powershell/overview.md b/docs/accessanalyzer/12.0/actions/powershell/overview.md deleted file mode 100644 index 2e4fe4f294..0000000000 --- a/docs/accessanalyzer/12.0/actions/powershell/overview.md +++ /dev/null @@ -1,27 +0,0 @@ -# PowerShell Action Module - -The PowerShell action module provides methods of running PowerShell scripts on the local machine or -on remote hosts. Define PowerShell scripting actions using the PowerShell Action Module Wizard. - -**CAUTION:** Ensure that only the changes required are applied and only to those target systems -desired. - -Access Analyzer action modules contain one or more selectable operations. Each operation performs -its function on a single object per row from the source table defined in the action. - -## Configuration - -The PowerShell action module is configured through the PowerShell Action Module Wizard, which -contains the following wizard pages: - -- Welcome -- [PowerShell Action: Script](/docs/accessanalyzer/12.0/actions/powershell/script.md) -- [PowerShell Action: Execution Options](/docs/accessanalyzer/12.0/actions/powershell/execution-options.md) -- [PowerShell Action: Summary](/docs/accessanalyzer/12.0/actions/powershell/summary.md) - -The Welcome page displays first and gives an overview of the action module. The navigation pane -contains links to the pages in the wizard. - -![PowerShell Action Module Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/actions/powershell/script.md b/docs/accessanalyzer/12.0/actions/powershell/script.md deleted file mode 100644 index 132f1f38aa..0000000000 --- a/docs/accessanalyzer/12.0/actions/powershell/script.md +++ /dev/null @@ -1,79 +0,0 @@ -# PowerShell Action: Script - -The Script page enables you to input the PowerShell script that will be used to perform the -requested action. Built-in variables are available for use in the script. - -![PowerShell Action Module Wizard Script page](/img/product_docs/accessanalyzer/admin/action/powershell/script.webp) - -The PowerShell script can be entered manually into the Script window at the top of the Script page. -To open a pre-existing PowerShell script from a file, click **Open** to select the script file. - -At the bottom of the page are three tabs that can be used to configure the PowerShell action module -further. The tabs are: - -- [Columns](#columns) -- [Parameters](#parameters) -- [Input Data](#input-data) - -## Columns - -Use the Columns tab to select the available columns. - -![Columns tab](/img/product_docs/accessanalyzer/admin/action/powershell/scriptcolumns.webp) - -The table in the Columns tab displays the Columns that can be used for the PowerShell script. To use -a Column, select the checkbox under the **Use** column. - -![Right-click menu](/img/product_docs/accessanalyzer/admin/action/powershell/scriptrightclickoption.webp) - -Right-clicking any of the variable names brings up a **Copy variable name** option that enables -users to paste the variable name into the PowerShell script. - -## Parameters - -The Parameters tab contains options to add, edit, or delete user-made PowerShell parameters. - -![Parameters tab](/img/product_docs/accessanalyzer/admin/action/powershell/scriptparamters.webp) - -The options are: - -- Add – Clicking **Add** opens the Add/Edit Variable window. See the - [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. -- Edit – Select an existing parameter and click **Edit** to open the Add/Edit Variable window. See - the [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. - - - Double-clicking an existing parameter also opens the **Add/Edit Variable** window - -- Delete – Delete a selected parameter - -**NOTE:** The built-in default parameters cannot be edited or deleted. - -### Add/Edit Variable Window - -Configure options for a new or existing parameter using the Add/Edit Variable window. - -![Add/Edit Variable Window](/img/product_docs/accessanalyzer/admin/action/powershell/addeditvariable.webp) - -The options are: - -- Name – Enter or edit the name for the custom parameter -- Description – Enter or edit the description for the custom parameter -- Type – Select the Type from a dropdown list. The options are: - - - String - - List - - Filepath - - Boolean - - Long - - Double - -- Value – Enter or edit the value for the custom parameter - -## Input Data - -Preview how the input data will look in the Input Data tab. - -![Input Data tab](/img/product_docs/accessanalyzer/admin/action/powershell/scriptinputdata.webp) - -Information in the Input Data tab varies depending on which source table the PowerShell action -module is configured to pull data from. diff --git a/docs/accessanalyzer/12.0/actions/powershell/summary.md b/docs/accessanalyzer/12.0/actions/powershell/summary.md deleted file mode 100644 index 5f857eb7f6..0000000000 --- a/docs/accessanalyzer/12.0/actions/powershell/summary.md +++ /dev/null @@ -1,8 +0,0 @@ -# PowerShell Action: Summary - -View a summary of configured options on the Summary page. - -![PowerShell Action Module Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save changes and exit the PowerShell Action Module Wizard. Click **Cancel** to -exit the wizard without saving. diff --git a/docs/accessanalyzer/12.0/actions/public-folder/action.md b/docs/accessanalyzer/12.0/actions/public-folder/action.md deleted file mode 100644 index cf57b1236e..0000000000 --- a/docs/accessanalyzer/12.0/actions/public-folder/action.md +++ /dev/null @@ -1,18 +0,0 @@ -# Public Folder: Action - -The Action page specifies the basic action to perform on public folders. The pages available for -selection in the Steps pane adjust based on this selection. - -**NOTE:** Once an action is selected and saved, and the wizard is closed, this page is no longer -available and the selection cannot be altered. - -![Public Folder Action Module Wizard Action page](/img/product_docs/accessanalyzer/admin/action/filesystem/action.webp) - -Choose from the following actions: - -- Define a new action – Enables the Operation page where the operation on which the action is based - is selected -- Rollback a previously executed action – Enables the Prior Actions page where a list of previously - executed actions is displayed and a selected action may be rolled back. Not all operations support - rollback, and the Support Rollback option must be enabled prior to execution for the action to be - eligible for rollback. diff --git a/docs/accessanalyzer/12.0/actions/public-folder/folders.md b/docs/accessanalyzer/12.0/actions/public-folder/folders.md deleted file mode 100644 index 4f4d90d895..0000000000 --- a/docs/accessanalyzer/12.0/actions/public-folder/folders.md +++ /dev/null @@ -1,20 +0,0 @@ -# Public Folder: Folders - -The Folders page identifies which public folders are targeted by this action. - -![Public Folder Action Module Wizard Folders page](/img/product_docs/accessanalyzer/admin/action/publicfolder/folders.webp) - -The options on this page are: - -- Public folder identifier – Select a field using the dropdown menu - - - Field – Column names - - **NOTE:** The displayed fields vary depending on the Source Table selected during the - creation of the new action - -- Folder identifier type – Select a folder type option - - - Entry ID – Select this option if the field contains an Entry ID - - Folder path and name – Select this option if the field contains a fully qualified path and - name diff --git a/docs/accessanalyzer/12.0/actions/public-folder/mapi-settings.md b/docs/accessanalyzer/12.0/actions/public-folder/mapi-settings.md deleted file mode 100644 index 6e11c84cb1..0000000000 --- a/docs/accessanalyzer/12.0/actions/public-folder/mapi-settings.md +++ /dev/null @@ -1,15 +0,0 @@ -# Public Folder: MAPI Settings - -Use the MAPI Settings page to specify the proper MAPI settings. - -![Public Folder Action Module Wizard MAPI Settings page](/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/mapisettings.webp) - -Use the following options to configure the action: - -- Use Global setting – The default setting in the Exchange Global Settings displays -- System Attendant (2003 & 2007) -- Use the mailbox associated with the Windows account on which Access Analyzer is run -- Exchange Mailbox (2010 and newer) – If targeting a 2010 Exchange Server, specify the CAS server. - This is also where the MAPI setting is selected. - - - Client Access Server – Enter the Domain Name in this field diff --git a/docs/accessanalyzer/12.0/actions/public-folder/operations.md b/docs/accessanalyzer/12.0/actions/public-folder/operations.md deleted file mode 100644 index 12ad85b15a..0000000000 --- a/docs/accessanalyzer/12.0/actions/public-folder/operations.md +++ /dev/null @@ -1,171 +0,0 @@ -# Public Folder: Operations - -Use the Operations page to specify the operations to perform as part of the action. - -![Public Folder Action Module Wizard Operations page](/img/product_docs/activitymonitor/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) - -The **Add operation** drop-down menu lists the operations that can be performed. Each operation -opens a corresponding window. Operations include: - -- Rename – See the [Rename Folder Window](#rename-folder-window) topic for additional information -- Change permissions – See the [Change Permissions Window](#change-permissions-window) topic for - additional information -- Custom attributes – See the [Custom Attributes Window](#custom-attributes-window) topic for - additional information -- Replicas – See the [Replicas Window](#replicas-window) topic for additional information -- Limits – See the [Limits Window](#limits-window) topic for additional information -- Delete – See the [Delete Folder Window](#delete-folder-window) topic for additional information - -The buttons to the right of the drop-down control the operations in the field: - -- Edit – Allows you to alter operation settings -- Add – Places selected operation one step above its current position -- Down – Places selected operation one step below its current position -- Delete – Removes a selected operation - -## Rename Folder Window - -Use the Rename Folder window to rename selected folders. It is a wizard page for the Rename -operation. - -![Rename Folder Window](/img/product_docs/accessanalyzer/admin/action/publicfolder/renamefolder.webp) - -Rename folders using the following options: - -- Select a field from the dropdown menu and click **Add** to add it to the list below - - **NOTE:** The available fields vary based on the source table. - -- New name – Enter the name to replace an existing folder name - -## Change Permissions Window - -Use the Change Permissions window to change the permissions. It is a wizard page for the Change -permissions operation. - -![Change Permissions Window](/img/product_docs/accessanalyzer/admin/action/publicfolder/changepermissions.webp) - -Change permissions using the following options: - -- Username – Select a user or create a list of users to edit permissions for - - - To add a user, type in the field to search for a user, select it, and click **Add** - - Click **Select** to open a list with usernames to select from - - To delete a user, select an added user and click **Delete** - -- Dynamic users – Select a user using the dropdown menu -- Mode – Select whether to change or remove permissions -- Permissions – Determine Permission level and assign permissions to the user - - - Permission level – Use the drop-down menu to select a permission level from the following: - - - Reviewer - - Contributor - - Nonediting Author - - Author - - Editor - - Publishing Author - - Publishing Editor - - Owner - - Custom - - - Select the checkbox to assign a permission to any of the following: - - - Create items – User can create items - - Read items – User can read items - - Create Subfolders – User can create subfolders - - Folder owner – User can view and move the public folder, create subfolders, and set - permissions for the folder, but cannot read, edit, delete, or create items - - Folder contact – Set user as the contact for the specified public folder - - Folder visible – User can view the specified public folder but cannot read or edit the - items within - - **NOTE:** Different permissions become automatically selected based on which permission - level is selected. To override this default, select the checkbox of the unwanted permission - to deselect it. If a desired checkbox is blocked by a black square, click the square to - unblock the checkbox. The checkbox can then be selected or unselected. - - - Edit items – Use the drop-down menu to determine user editing permissions from the following: - - - No change - - None - - Allow own - - Deny any - - Own only - - All - - - Delete items – Use the drop-down menu to determine user deletion permissions from the - following: - - - No change - - None - - Allow own - - Deny any - - Own only - - All - -- Overwrite folder permissions with these conditions -- Remove unresolved SIDs - -## Custom Attributes Window - -Use the Custom Attributes window to select custom attributes. It is a wizard page for the Custom -Attributes operation. - -![Custom Attributes Window](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributes.webp) - -Select attributes using the following options: - -- Select a checkbox to set any custom attribute list -- Select a Field from the dropdown list and click **Add** to add the field to the custom attribute - - **NOTE:** Multiple fields may be added to a custom attribute. Fields added to a custom attribute - can be modified or deleted manually. - -## Replicas Window - -Use the Replicas window to replicate servers. It is a wizard page for the Replicas operation. - -![Replicas Window](/img/product_docs/accessanalyzer/admin/action/publicfolder/replicas.webp) - -Replicate servers using the following options: - -- Select a server from the dropdown menu and click **Add**. The servers listed will be replicated. -- Select a server from the list and click **Delete** to remove it from the list of replicated - servers -- Select the **Remove last replica** option to delete the replica created when the action was last - run - -## Limits Window - -Use the Limits window to select limits to the action. It is a wizard page for the Limits operation. - -![Limits Window](/img/product_docs/accessanalyzer/admin/action/publicfolder/limits.webp) - -Use the options to select any changes for the categories. If applicable, use the dropdown to select -desired values related to the corresponding option. - -- Issue warning -- Prohibit post -- Maximum Item Size -- Deletion settings -- Age limits - -## Delete Folder Window - -Use the Delete Folder window to select deletion settings for the action. It is a wizard page for the -Delete operation. - -![Delete Folder Window](/img/product_docs/accessanalyzer/admin/action/publicfolder/deletefolder.webp) - -Select deletion settings using the following options: - -- Select the delete method - - - Soft – Delete the folder but retain a backup copy for a defined period of time - - Hard – Delete the folder permanently, without retaining a backup - -- Optionally, select a checkbox to apply any exception - - - Do not delete folders with subfolders - - Do not delete folders with content diff --git a/docs/accessanalyzer/12.0/actions/public-folder/options.md b/docs/accessanalyzer/12.0/actions/public-folder/options.md deleted file mode 100644 index 47a539a373..0000000000 --- a/docs/accessanalyzer/12.0/actions/public-folder/options.md +++ /dev/null @@ -1,14 +0,0 @@ -# Public Folder: Options - -Use the Options page to edit the thread settings. - -**CAUTION:** Increasing the thread count increases the processing load on the servers. - -![Public Folder Action Module Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -Use the following options to configure the operations: - -- Number of threads per server – Adjust the number of threads the server processes at a time. The - default is set to one. -- Number of servers to process in parallel – Adjust the number of servers to process at a time. The - default is set to two. diff --git a/docs/accessanalyzer/12.0/actions/public-folder/overview.md b/docs/accessanalyzer/12.0/actions/public-folder/overview.md deleted file mode 100644 index db1be12e9a..0000000000 --- a/docs/accessanalyzer/12.0/actions/public-folder/overview.md +++ /dev/null @@ -1,39 +0,0 @@ -# PublicFolder Action Module - -The Public Folder action module allows users to make bulk changes to selected Microsoft Exchange -public folders by adding, changing, or removing folders and permissions from the environment. Use -the Pubic Folder Action Module Wizard to choose the data table column that identifies the folders -and to configure the operations performed against the selected folders. - -Prior to configuring the Pubic Folder Action Module Wizard, scope the source data table to ensure -the actions apply only to the desired folders. - -**CAUTION:** Be careful when using this action module. Make sure that only the changes required are -applied and only to those target folders desired. Always verify the data prior to execution of any -action. - -**_RECOMMENDED:_** Although rollbacks for some actions are available, having to use one should be -avoided - -## Configuration - -The Public Folder action module is configured through the Public Folder Action Module Wizard, which -contains the following wizard pages: - -- Welcome -- [Public Folder: Action](/docs/accessanalyzer/12.0/actions/public-folder/action.md) -- [Public Folder: Prior Actions](/docs/accessanalyzer/12.0/actions/public-folder/prior-actions.md) -- [Public Folder: Folders](/docs/accessanalyzer/12.0/actions/public-folder/folders.md) -- [Public Folder: MAPI Settings](/docs/accessanalyzer/12.0/actions/public-folder/mapi-settings.md) -- [Public Folder: Operations](/docs/accessanalyzer/12.0/actions/public-folder/operations.md) -- [Public Folder: Rollback](/docs/accessanalyzer/12.0/actions/public-folder/rollback.md) -- [Public Folder: Options](/docs/accessanalyzer/12.0/actions/public-folder/options.md) -- [Public Folder: Summary](/docs/accessanalyzer/12.0/actions/public-folder/summary.md) - -The Welcome page gives an overview of the action module. The navigation pane contains links to the -pages in the wizard. Review the introductory and caution information about the Public Folder Action -Module before proceeding. - -![Public Folder Action Module Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/actions/public-folder/prior-actions.md b/docs/accessanalyzer/12.0/actions/public-folder/prior-actions.md deleted file mode 100644 index 1ff25927c0..0000000000 --- a/docs/accessanalyzer/12.0/actions/public-folder/prior-actions.md +++ /dev/null @@ -1,14 +0,0 @@ -# Public Folder: Prior Actions - -The Prior Actions page selects previously executed actions for rollback. It is a wizard page when -**Rollback a previously executed action** is selected on the Action page. - -**NOTE:** Once an action is selected and saved, and the wizard is closed, this page is no longer -available and the selection cannot be altered. - -![Public Folder Action Module Wizard Prior Actions page](/img/product_docs/accessanalyzer/admin/action/filesystem/prioractions.webp) - -The options on this page are: - -- Select a previously executed action (if available) to rollback -- Click **Clear rollback record** to remove all actions from the list diff --git a/docs/accessanalyzer/12.0/actions/public-folder/rollback.md b/docs/accessanalyzer/12.0/actions/public-folder/rollback.md deleted file mode 100644 index acf4a3f928..0000000000 --- a/docs/accessanalyzer/12.0/actions/public-folder/rollback.md +++ /dev/null @@ -1,12 +0,0 @@ -# Public Folder: Rollback - -Use the Rollback page to enable rollback capabilities for the action. If rollback isn’t selected at -this step, the applied operations cannot be rolled back after execution of the action module. - -![Public Folder Action Module Wizard Rollback page](/img/product_docs/accessanalyzer/admin/action/filesystem/rollback.webp) - -The options on this page are: - -- Support rollback – Select to enable rollback of this action -- Add additional comments to be saved with this rollback – Optionally, enter a brief description to - identify this rollback diff --git a/docs/accessanalyzer/12.0/actions/public-folder/summary.md b/docs/accessanalyzer/12.0/actions/public-folder/summary.md deleted file mode 100644 index ceb454f370..0000000000 --- a/docs/accessanalyzer/12.0/actions/public-folder/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# Public Folder: Summary - -The Summary page summarizes the configuration of the action. - -![Public Folder Action Module Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Public Folder Action Module Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/actions/registry/operations.md b/docs/accessanalyzer/12.0/actions/registry/operations.md deleted file mode 100644 index 470cd1595d..0000000000 --- a/docs/accessanalyzer/12.0/actions/registry/operations.md +++ /dev/null @@ -1,136 +0,0 @@ -# Registry: Operations - -Use the Operations page to select the operations to apply to the target hosts. See the -[Registry: Target Hosts](/docs/accessanalyzer/12.0/actions/registry/target-hosts.md) topic for additional information. - -![Registry Action Module Wizard Operations page](/img/product_docs/activitymonitor/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/operations.webp) - -Select and configure the operations using the following options: - -- Add operation – Use the drop-down menu to select an operation to perform on the target host. This - opens a corresponding window for configuration. Operations include: - - **NOTE:** Window options vary based on the operation selected from the drop-down menu. - - - New Registry Value – Used to add a new registry value to the list - - Modify registry value – Used to modify an existing registry value in the list - - Delete registry value – Used to delete an existing registry value - - New registry key – Used to add a new registry key to the list - - Rename registry key – Used to rename a registry key in the list - - Delete registry key – Used to delete a registry key from the list - - Change registry permissions – Used to alter registry permissions - -- Edit – Accesses the editing window for the selected operation -- Up – Moves the selected operation up in the list -- Down – Moves the selected operation up in the list -- Delete – Deletes the selected operation - -## Registry Browser Window - -Use the Registry Browser window to navigate a computer’s registry and select a key. - -![Registry Browser Window](/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/registrybrowser.webp) - -Select a key using the following options: - -- Computer name – By default, the Registry browser connects to the local machine - - - If the desired registry item is on the local machine, browse the registry, and select the item - - To connect to the registry of another machine: - - - Enter the hostname in the **Computer name** textbox - - Click **Connect**, then browse the registry of that machine - - Select the desired registry item - -- Connect – Attempts to connect to the registry of the machine specified in the **Computer name** - field -- 64-bit view – The default view is 32-bit. Select the **64-bit view** checkbox to switch to a - 64-bit view. - -## Select Users or Groups Window - -Use the Select Users or Groups window to select a user, group, or built-in security principal. - -![Select Users or Groups Window](/img/product_docs/accessanalyzer/admin/action/registry/selectusersgroups.webp) - -The options are: - -- Select this object type – Displays types that are queried against - - - Click **Object Types** to open the Object Types window and select the types to query against. - See the [Object Types Window](#object-types-window) topic for additional information. - -- From this location – Displays the location the intended objects are found - - - Click **Locations** to open the Locations window and set the location to be queried. See the - [Locations Window](#locations-window) topic for additional information. - -- Enter the object names to select – Select names of objects to query - - - Click **Check Names** to confirm the selected manually-entered object name is viable - -- Advanced – Click **Advanced** to open an advanced version of the Select Users and Groups Window - and further configure the query. See the - [Advanced Select Users and Groups Window](#advanced-select-users-and-groups-window) topic for - additional information. - -### Object Types Window - -Use the Object Types window to select which types of objects to query. - -![Object Types Window](/img/product_docs/accessanalyzer/admin/action/registry/objecttypes.webp) - -Select any of the following objects: - -- Built-in security principals -- Groups -- Users - -### Locations Window - -Use the Locations window to select a location. - -![Locations Window](/img/product_docs/accessanalyzer/admin/action/registry/locations.webp) - -Select a location using the explorer. - -### Advanced Select Users and Groups Window - -Use the Advanced Select Users and Groups window to search for items with a finer focus. - -![Advanced Select Users and Groups Window](/img/product_docs/accessanalyzer/admin/action/registry/advancedselectusersgroups.webp) - -This window contains the same options as the main Select Users or Groups window, but with the -following additional options: - -- Common Queries - - - Name – Select a name of a user, group, or security principal to search for - - - Select a qualifier from the dropdown - - - Starts with - - Is exactly - - - Manually enter the name - -- Columns – Click **Columns** to open the Choose Columns window. See the - [Choose Columns Window](#choose-columns-window) topic for additional information. -- Find now – Click **Find Now** to search for objects matching the selected criteria -- Stop – While a search is running , the **Stop** button is available. Click **Stop** to halt the - search before it is completed. -- Search Results – Displays results from a search - -#### Choose Columns Window - -Use this window to select columns. The columns available varies based on the source table originally -selected. - -![Choose Columns Window](/img/product_docs/accessanalyzer/admin/action/registry/choosecolumns.webp) - -Choose columns using the following options: - -- To add an available column, select it in **Columns available** and click **Add** to place it in - **Columns shown** -- To remove a column, select it in **Columns shown** and click **Remove** to place it in **Columns - available** diff --git a/docs/accessanalyzer/12.0/actions/registry/overview.md b/docs/accessanalyzer/12.0/actions/registry/overview.md deleted file mode 100644 index 96a2ceeb64..0000000000 --- a/docs/accessanalyzer/12.0/actions/registry/overview.md +++ /dev/null @@ -1,39 +0,0 @@ -# Registry Action Module - -The Registry action module allows users to make bulk changes to the Microsoft Windows Registry. Use -the Registry Action Module Wizard to choose the data table column that identifies the folders and to -configure the operations performed against the selected folders. The Registry action module requires -a column containing the hosts to be targeted. - -Prior to configuring the Registry Action Module Wizard, scope the source data table to ensure the -actions apply only to the desired hosts. - -**CAUTION:** Unexpected values in the registry can cause major system failures when deleting or -modifying registry items. - -**_RECOMMENDED:_** Backup the system registry before making changes using the Registry action -module. - -## Registry Action Source Table Configuration - -All data tables used in Access Analyzer action modules require the presence of certain data columns. -In addition, individual action modules including Registry may have their own column requirements. -The Registry action module requires a column containing the hosts that are going to be targeted. - -## Configuration - -The Registry action module is configured through the Registry Action Module Wizard, which contains -the following wizard pages: - -- Welcome -- [Registry: Target Hosts](/docs/accessanalyzer/12.0/actions/registry/target-hosts.md) -- [Registry: Operations](/docs/accessanalyzer/12.0/actions/registry/operations.md) -- [Registry: Summary](/docs/accessanalyzer/12.0/actions/registry/summary.md) - -The Welcome page gives an overview of the Registry Action Module Wizard. The steps navigation pane -contains links to the pages in the wizard. Review the introductory and caution information about the -Registry Action Module before proceeding. - -![Registry Action Module Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -To proceed, click Next or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/actions/registry/summary.md b/docs/accessanalyzer/12.0/actions/registry/summary.md deleted file mode 100644 index 21c1738315..0000000000 --- a/docs/accessanalyzer/12.0/actions/registry/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# Registry: Summary - -The Summary page summarizes the configuration of the action. - -![Registry Action Module Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -When done configuring the action, click **Finish**. If no changes were made, it is a best practice -to click **Cancel** to close the Registry Action Module Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/actions/registry/target-hosts.md b/docs/accessanalyzer/12.0/actions/registry/target-hosts.md deleted file mode 100644 index be9b0fe1a2..0000000000 --- a/docs/accessanalyzer/12.0/actions/registry/target-hosts.md +++ /dev/null @@ -1,10 +0,0 @@ -# Registry: Target Hosts - -Use the Target Hosts page to identify the target hosts whose registries the action examines or -alters. - -![Registry Action Module Wizard Target hosts page](/img/product_docs/accessanalyzer/admin/action/registry/targethosts.webp) - -Use the drop-down menu to select the field that identifies the systems to be targeted. The list -displays columns from the specified source table. The action applies the specified operations to all -systems in the field. diff --git a/docs/accessanalyzer/12.0/actions/send-mail/message.md b/docs/accessanalyzer/12.0/actions/send-mail/message.md deleted file mode 100644 index 3cf10477fa..0000000000 --- a/docs/accessanalyzer/12.0/actions/send-mail/message.md +++ /dev/null @@ -1,79 +0,0 @@ -# SendMail Action: Message - -Use the Message page to specify the text of the email. - -![Send Mail Action Module Wizard Message page](/img/product_docs/accessanalyzer/admin/action/sendmail/message.webp) - -Use the following fields to specify the text of the email: - -- Subject – Specify a subject for the email. The contents of this field displays as the subject line - of the delivered email. Enter text directly and optionally use the Insert field to insert one or - more data fields. This is a required field. -- Insert Field – Inserts a data field into the subject or body of the email. The drop-down menu - displays a list of available fields. Once a selection displays in the field, click on the blue Up - and Down arrows to insert the field into the body or the subject, respectively. This field is - optional. -- Show sample input source data – To display a table of sample source data, click the icon next to - the blue arrows. -- Show dialog to set SMTP options – To override the global SMTP settings, click the icon next to the - blue arrows to display the SMTP Options dialog box -- Preview – Displays the Message Preview window containing a preview of the current SendMail. Click - **Send** to send a single message to the addresses in the Recipient field in the Message Preview - window. The Preview button is active only if the Recipients field is populated on the Properties - page of the Send Mail Action Module Wizard. See the - [Messages Preview Window](#messages-preview-window) topic for additional information. -- Clear Template – Clears any content from the Subject and Text Entry box -- Load from template – Accesses a list of message templates. This field is optional. The following - templates are available: - - - Active Directory Cleanup - - Distribution List Cleanup - - Mailbox Cleanup - - Open Shares Lockdown - - Public Folder Cleanup - - Sensitive Group Review - - Shared Folder Cleanup - - Unauthorized Software Cleanup - -- Message templates include sample email text describing the reason for the message and the next - steps requested of, or required by, the user. They may also include dynamic content taken from the - specified table, for example the user name. - - - Save to template – Saves the current email subject and content to a template. If an existing - template name appears in the Load from template field, clicking this button updates that - template. If the Load from template field is empty or contains a name other than one of the - existing templates, clicking this button opens the Save SendMail Template window and saves the - changes to a new template. Templates reside locally on the host computer as XML files, in the - `Actions/SM_Templates` folder. - -## Text Entry Box - -The Text Entry box allows you to compose a message. A Microsoft Word-style editor provides -formatting options including the ability to insert dynamic text from the specified table (such as a -username) through the Insert field option. Use the editor to personalize the content and appearance -of each message. - -Example: - -Assume the source table includes a column containing the names of intended recipients. Place the -cursor in the greeting section of the email. Next, select that field from the Insert field drop-down -list and click the down arrow to insert a dynamic field. The column name appears in the Text Entry -box, enclosed by brackets: - -Dear [ProbableOwner]; - -You are approaching your Mailbox storage quota. Please clean up any unneeded items. - -Thank you, - -The Messaging Team - -## Messages Preview Window - -The Messages Preview window displays a preview of the email, including any dynamic fields. This -window displays after clicking the **Preview** button. - -![Messages preview window](/img/product_docs/accessanalyzer/admin/action/survey/messagespreview.webp) - -- Blue arrow buttons – Click to view other recipients -- Send – Sends a single message to the addresses in the Recipients field diff --git a/docs/accessanalyzer/12.0/actions/send-mail/overview.md b/docs/accessanalyzer/12.0/actions/send-mail/overview.md deleted file mode 100644 index 0bf8b5d0ad..0000000000 --- a/docs/accessanalyzer/12.0/actions/send-mail/overview.md +++ /dev/null @@ -1,37 +0,0 @@ -# SendMail Action Module - -Use this action module to send dynamic and static content from selected audit data to targeted -audiences. - -The SendMail Action Module has multiple uses, for example: - -- Send notifications of important IT initiatives or planned service outages -- In combination with other Access Analyzer action modules such as Survey, create an end-to-end - workflow to contact clients and solicit feedback for use in the decision-making process - -**CAUTION:** This module sends one or more electronic messages to a selected audience. Prior to -executing the action, ensure the audience consists of only the desired members. - -## Source Table Configuration - -All data tables used in Access Analyzer action modules require the presence of certain data columns. -In addition, individual action modules including SendMail may have their own column requirements. -The SendMail Action Module requires a column containing well-formatted email addresses (for example, -`hfinn@netwrix.com`) for your recipients. - -## Configuration - -The SendMail Action module is configured through the SendMail Action Module Wizard, which contains -the following wizard pages: - -- Welcome -- [SendMail Action: Properties](/docs/accessanalyzer/12.0/actions/send-mail/properties.md) -- [SendMail Action: Message](/docs/accessanalyzer/12.0/actions/send-mail/message.md) -- [SendMail Action: Summary](/docs/accessanalyzer/12.0/actions/send-mail/summary.md) - -The Welcome page displays first and gives an overview of the action module. The navigation pane -contains links to the pages in the wizard. - -![Send Mail Action Module Wizard Welcome page](/img/product_docs/threatprevention/threatprevention/siemdashboard/qradar/dashboard/overview.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/actions/send-mail/properties.md b/docs/accessanalyzer/12.0/actions/send-mail/properties.md deleted file mode 100644 index 7fc8c46fc7..0000000000 --- a/docs/accessanalyzer/12.0/actions/send-mail/properties.md +++ /dev/null @@ -1,22 +0,0 @@ -# SendMail Action: Properties - -Use the Properties page to specify the recipients of the email. - -![Send Mail Action Module Wizard Properties page](/img/product_docs/activitymonitor/activitymonitor/install/agent/properties.webp) - -Use the following fields to specify the recipient information: - -- Recipient column – Use the drop-down menu to specify the column from the data table containing - intended recipients, for example a column containing email addresses -- Recipient type – Use the drop-down menu to specify the data type of the Recipient column, for - example SMTP mail address -- Carbon copy (CC) – Optionally, specify one or more additional email addresses to receive a - carbon-copy of the SendMail message, for example an address not included in the source table. - - - Use the following email address – Enter one or more additional email addresses. Separate - multiple addresses with a semi-colon and a space. - - Use a column from the table – Use the drop-down menu to specify a column from the data table - -- Combine multiple messages into a single message when all recipients are the same – Select this - checkbox to send only one message to each recipient as a result of this action (even recipients - who appear more than once in the job results) diff --git a/docs/accessanalyzer/12.0/actions/send-mail/summary.md b/docs/accessanalyzer/12.0/actions/send-mail/summary.md deleted file mode 100644 index c34e86ac5f..0000000000 --- a/docs/accessanalyzer/12.0/actions/send-mail/summary.md +++ /dev/null @@ -1,12 +0,0 @@ -# SendMail Action: Summary - -The Summary page displays the SendMail configuration. - -![Send Mail Action Module Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Send Mail Action Module Wizard to ensure that no accidental clicks are -saved. - -To view the status of executed SendMail actions, see the -[Viewing the Status of SendMail Actions](/docs/accessanalyzer/12.0/actions/send-mail/view-status.md) for additional information. diff --git a/docs/accessanalyzer/12.0/actions/send-mail/view-status.md b/docs/accessanalyzer/12.0/actions/send-mail/view-status.md deleted file mode 100644 index 7c07bdf919..0000000000 --- a/docs/accessanalyzer/12.0/actions/send-mail/view-status.md +++ /dev/null @@ -1,38 +0,0 @@ -# Viewing the Status of SendMail Actions - -Follow the steps to view the status of an executed SendMail action: - -![Analysis Properties page for SendMail View Status Analysis task](/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusanalysisproperties.webp) - -**Step 1 –** Create a new SQLViewCreation analysis and choose **Configure Analysis**. The View and -Table Creation Analysis Module wizard opens. - -![Input Source wizard page](/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusinputsource.webp) - -**Step 2 –** On the Input Source page, choose the original source table for the SendMail action as -the first table and `tablename_ActionStatus` as the second table. For example, if the source table -is `MailEnabledPF`, then select `MailEnabledPF_ActionStatus` as the second table. - -![Join Columns wizard page](/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusjoincolumns.webp) - -**Step 3 –** For **Table 1 join property**, specify the column recipient of the SendMail action. For -example, if sent to SMTP address, specify **SMTPaddress** as the column. For **Table 2 join -property**, select **srcRowKey**. Leave everything else at the default settings. - -![Result Columns wizard page](/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusresultcolumns.webp) - -**Step 4 –** On the Results Columns page, select the columns to return from each table. Leave all -other settings at their default. - -![Result Type wizard page](/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusresulttype.webp) - -**Step 5 –** On the Result Type page, leave it as a table and provide a descriptive name, for -example `SendMailStatus`. - -![Results Sample wizard page](/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusresultsample.webp) - -**Step 6 –** Click through the rest of the options. On the Result Sample page, click **Show -Preview** to display the columns selected within the Columns page. Click **Summary** to navigate to -the Summary page and click **Finish** to exit the wizard. - -This analysis now reports the status of the SendMail action. diff --git a/docs/accessanalyzer/12.0/actions/service-now/authentication.md b/docs/accessanalyzer/12.0/actions/service-now/authentication.md deleted file mode 100644 index 4aafc68222..0000000000 --- a/docs/accessanalyzer/12.0/actions/service-now/authentication.md +++ /dev/null @@ -1,20 +0,0 @@ -# ServiceNow Action: Authentication - -The Authentication page implements signing into a ServiceNow account. - -A ServiceNow account must be set up and configured to determine which incidents will be visible on -the Incident Creation page. - -![ServiceNow Action Module wizard Authentication page](/img/product_docs/accessanalyzer/admin/datacollector/box/authentication.webp) - -Use the following options to log into a ServiceNow account: - -- Select the **Use global ServiceNow credentials** to access the ServiceNow credentials entered into - the Access Analyzer console’s global setting -- To break inheritance, deselect the checkbox and enter information into the following fields: - - - Instance – Domain name for the ServiceNow account - - User Name/Password – Specify the credentials to access the ServiceNow account - -**NOTE:** ServiceNow accounts must have an administrator role to modify incidents on the -configuration page. diff --git a/docs/accessanalyzer/12.0/actions/service-now/description.md b/docs/accessanalyzer/12.0/actions/service-now/description.md deleted file mode 100644 index 73f0fab761..0000000000 --- a/docs/accessanalyzer/12.0/actions/service-now/description.md +++ /dev/null @@ -1,32 +0,0 @@ -# ServiceNow Action: Description - -The Description page provides details on the incidents entered into a field on the Incident Creation -page. A description of the incident and related comments are included with the incident’s report to -provide additional feedback to the system administrator, and may be saved to a template. - -![ServiceNow Action Module wizard Description page](/img/product_docs/accessanalyzer/admin/action/servicenow/description.webp) - -Create a report using the following options: - -- Short Description – Displays entered words or phrases used to summarize the incident -- Insert Field – Use the drop-down menu to select a field (column) from the source table - - - Click the **blue down arrow** to insert the item into the Short Description section - - Click the **blue up arrow** to insert the item in to the Comments section - - Click the file icon with the magnifying glass to preview the sourced table for values. The - default is 1000 rows. - - ![Sample Source Data window](/img/product_docs/accessanalyzer/admin/action/servicenow/samplesourcedata.webp) - -- Click the **Clear Template** button to remove content from the Short Description section and - Comments section -- Comments – Displays entered information that may be helpful to resolve an incident -- Load from Template – Displays preconfigured Short Description and Comments section by name of - template - - - Click the **Save to Template** link to preserve the Short Description and Comments sections - for later use under a template name. - - ![Save ServiceNow Template window](/img/product_docs/accessanalyzer/admin/action/servicenow/savetemplate.webp) - - Enter a name for the template, and click **OK**. diff --git a/docs/accessanalyzer/12.0/actions/service-now/incident-creation.md b/docs/accessanalyzer/12.0/actions/service-now/incident-creation.md deleted file mode 100644 index 82fe455450..0000000000 --- a/docs/accessanalyzer/12.0/actions/service-now/incident-creation.md +++ /dev/null @@ -1,16 +0,0 @@ -# ServiceNow Action: Incident Creation - -The Incident Creation page is available once the ServiceNow credentials are approved. Incidents on -this page belong to two fields: Mandatory and Optional. The type of field and its incidents are -chosen within ServiceNow’s configuration page. Selecting a field and entering a value will include -the incident within ServiceNow’s incident report. - -![ServiceNow Action Module wizard New Incident page](/img/product_docs/accessanalyzer/admin/action/servicenow/incidentcreation.webp) - -At the New Incident field list section, enter the fields for which incident to include on -ServiceNow’s incident report. The ServiceNow account entered on the Authentication page determines -which incidents are available within the fields on the Incidents Creation page and are adjusted in -ServiceNow. - -Fields with a drop-down menu have a set of preconfigured options to select. Fields with ellipsis -choose members from a preconfigured list. diff --git a/docs/accessanalyzer/12.0/actions/service-now/overview.md b/docs/accessanalyzer/12.0/actions/service-now/overview.md deleted file mode 100644 index f7fdfbcc5f..0000000000 --- a/docs/accessanalyzer/12.0/actions/service-now/overview.md +++ /dev/null @@ -1,94 +0,0 @@ -# ServiceNow Action Module - -The ServiceNow Action Module is primarily intended to allow for the automated creation of ServiceNow -incidents from data collected by the Netwrix suite of data security tools. By facilitating -communication between tools like Access Analyzer and ServiceNow’s incident management capability, -security risks in an organization’s environment can not only be identified, but presented to admins, -managers, and other stakeholders in a familiar way, with respect to chains of command and approval -as dictated by employee relationships and business workflows implemented in ServiceNow. - -When account lockouts occur, the Active Directory Inventory Data Collector makes that information -available. From the Access Analyzer console, the ServiceNow Action Module transmits customized -information regarding the locked out accounts directly to those responsible for account management, -alerting them of the issue and requesting that appropriate action is taken to re-enable user -accounts before effected users are aware of the problem. - -This section describes the following pages in the configuration wizard. - -## Dependencies - -The ServiceNow Action Module requires an active ServiceNow account with: - -- Import Multiple Web Service Plugin -- Web Service Import Sets -- System Web Service plugins enabled -- An instance of Access Analyzer with the Stealthbits ServiceNow Action Module enabled - -## Permissions - -The following permissions are required to utilize Access Analyzer’s ServiceNow Action Module: - -- ServiceNow admin account – An Administrator Role by an organization’s ServiceNow administrator -- The **Settings** > **ServiceNow** node at the global level can be configured with a credential - provisioned to create incidents as Callers in the **Assigned to** field, and any other ServiceNow - incident field that references the sys_user table. - -## Connecting ServiceNow - -The following instructions can only be performed with a ServiceNow admin account and access to the -ServiceNow Action Module XML file. - -![ServiceNow Action Module XML file in Windows file explorer](/img/product_docs/accessanalyzer/admin/action/servicenow/actionmodulexmlfile.webp) - -**Step 1 –** Navigate to the file path …\STEALTHbits\StealthAUDIT\Actions to access the -`STEALTHbits SN Action Module v1.0_merged_rev2.0` file to use on ServiceNow’s website. - -**Step 2 –** Visit servicenow.com, sign into the administrator account, expand **System Update -Sets**, and click on **Retrieved Update Sets**. - -**Step 3 –** Under **Related Links**, click on **Import Update Set from XML**. - -**Step 4 –** Attach the `STEALTHbits SN Action Module v1.0_merged_rev2.0` file, and then click -**Upload**. - -**Step 5 –** After the file is uploaded, click on the **STEALTHbits SN Action Module** within the -list of updated sets. - -**Step 6 –** Click on the **Preview Update Set** button. Wait until the update set preview is -finished and then click **Commit Update Set**. Then, close the Update Set Commit window. - -**Step 7 –** On the navigation page, expand **System Definitions** and click **Plugins**. Then click -on the **Insert Multiple Web Service plugin** - -**Step 8 –** Under **Related Links**, click on **Activate/Upgrade** and click **Activate** on the -Activate Plugin window. When the Activation is complete, click **Close** to close the window. - -**Step 9 –** Click **Reload** on the System Plugin page and confirm the Status is Active. - -Access Analyzer is now connected with the ServiceNow platform. - -## Source Table Configuration - -Individual action modules, including the ServiceNow Action Module, may have their own column -requirements. To take action on a resource, the source table must contain columns with RowGUID -values to uniquely identify them. - -## Configuration - -The ServiceNow Action module is configured through the ServiceNow Action Module Wizard, which -contains the following wizard pages: - -- Welcome -- [ServiceNow Action: Authentication](/docs/accessanalyzer/12.0/actions/service-now/authentication.md) -- [ServiceNow Action: Incident Creation](/docs/accessanalyzer/12.0/actions/service-now/incident-creation.md) -- [ServiceNow Action: Description](/docs/accessanalyzer/12.0/actions/service-now/description.md) -- [ServiceNow Action: Summary](/docs/accessanalyzer/12.0/actions/service-now/summary.md) - -**NOTE:** Not all pages may be accessible unless the user has a configured ServiceNow account. - -The Welcome page displays first in the ServiceNow Action Module Wizard. Review the introductory and -caution information about the ServiceNow Action Module. - -![ServiceNow Action Module wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/actions/service-now/summary.md b/docs/accessanalyzer/12.0/actions/service-now/summary.md deleted file mode 100644 index 5c37b5e5e7..0000000000 --- a/docs/accessanalyzer/12.0/actions/service-now/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# ServiceNow Action: Summary - -The Summary page displays a summary of the configured query. - -![ServiceNow Action Module wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the ServiceNow Action Module Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/actions/survey/html-style.md b/docs/accessanalyzer/12.0/actions/survey/html-style.md deleted file mode 100644 index db007e8b14..0000000000 --- a/docs/accessanalyzer/12.0/actions/survey/html-style.md +++ /dev/null @@ -1,12 +0,0 @@ -# Survey HTML Style - -Choose an HTML style from the HTML Styles list. The Sample pane displays a preview of the style. - -![Survey Action Module Wizard HTML Style page](/img/product_docs/accessanalyzer/admin/action/survey/htmlstyle.webp) - -The configurable options are: - -- HTML Style List – Select which HTML Style is used for Surveys using the HTML Style list. An - example of the style shows in the Sample box at the bottom of the wizard. -- Hide and Lock Previous Responses – Select the checkbox to prevent users from changing their survey - responses once they exit the survey diff --git a/docs/accessanalyzer/12.0/actions/survey/introduction.md b/docs/accessanalyzer/12.0/actions/survey/introduction.md deleted file mode 100644 index eab2082b00..0000000000 --- a/docs/accessanalyzer/12.0/actions/survey/introduction.md +++ /dev/null @@ -1,25 +0,0 @@ -# Survey: Introduction - -Use this page to specify web page introductory text (if any) for the web page specified on the Web -Server page. See the [Survey: Web Server](/docs/accessanalyzer/12.0/actions/survey/web-server.md) topic for additional information. The -introductory text appears on the landing page when recipients click on the survey link in the email. - -![Survey Action Module Wizard Introduction Page](/img/product_docs/accessanalyzer/admin/action/survey/introduction.webp) - -The configurable options are: - -- Insert Field – Inserts a dynamic field into the message content. Dynamic fields such as - **username** can personalize the survey for each recipient. The options available at this field - are limited to data from the SQL table specified at the Source Table field on the Action - Properties page. - - Place the cursor in the text where a field should appear. Next, click on the drop-down and - select a field from the list. When a selection appears in the field, click the blue down arrow. - The field appears in the text. - -## Text Entry Box - -Use the Text Entry box to compose an introductory message. Above the text box is a tool bar -containing various Microsoft Word-style editing tools. Use the editor to personalize the content and -appearance of each message. Use the Insert field option to insert dynamic text from the specified -data table. diff --git a/docs/accessanalyzer/12.0/actions/survey/mail-message.md b/docs/accessanalyzer/12.0/actions/survey/mail-message.md deleted file mode 100644 index 270eea5b94..0000000000 --- a/docs/accessanalyzer/12.0/actions/survey/mail-message.md +++ /dev/null @@ -1,55 +0,0 @@ -# Survey: Mail – Message - -Use this page to specify the text of the email. When first accessing this page, the cursor appears -in the **Load from template** field. Survey templates are a legacy feature and Netwrix recommends -not using them. - -![Survey Action Module Wizard Mail – Message page](/img/product_docs/accessanalyzer/admin/action/survey/mailmessage.webp) - -Placeholder text displays in the Message box. This text includes a hyperlink to the web page hosting -the survey. Placeholder text can be modified but the link cannot be removed. The link does not -activate until the message is sent. - -Use the following fields to specify the text of the email: - -- Subject – Specify subject text for the email. The contents of this field displays as the Subject - line of the delivered email. Enter text directly and use the **Insert field** to insert one or - more data fields. This is a required field. -- Insert Field – Inserts a data field into the subject or body of the email. The drop-down menu - displays a list of available fields. Once a selection displays in the field, click on the blue - Down and Up arrows to insert the field into the body or the subject, respectively. This field is - optional. -- The following are buttons appearing on a bar below the Subject field: - - - Show sample input source data – To display a table of sample source data, click the icon next - to the blue arrows - - Show dialog to set SMTP options – To override the global SMTP settings, click the icon next to - the blue arrows to display the SMTP Options dialog box - - Preview – Displays the Messages Preview window containing a preview of the current email - message. Click **Send** to send a single message to the addresses in the Recipient field in - the Message Preview window. The Preview button is active only if the Recipients field is - populated. See the [Messages Preview Window](#messages-preview-window) topic for additional - information. - - Clear Template – Clears any content from the Subject and Text Entry box - -- Load from template – Survey templates are a legacy feature. It is strongly recommended not use - templates when creating surveys. -- Save to template – Saves the current email subject and content to a template. If an existing - template name appears in the **Load from template** field, clicking this button updates that - template. If the **Load from template** field is empty or contains a name other than one of the - existing templates, clicking this button accesses the Save SendMail Template window and changes - can be saved to a new template. Templates reside locally on the host computer as XML files, in the - `Actions/SM_Templates` folder. - -## Messages Preview Window - -The Messages preview window opens when you click **Preview** on the Mail – Message page of the -Survey Action Module Wizard. This window displays a preview of the email, including any dynamic -fields. - -![Messages preview window](/img/product_docs/accessanalyzer/admin/action/survey/messagespreview.webp) - -The window has the following options: - -- Blue arrow buttons – Click to view other recipients -- Send – Sends a single message to the addresses in the **Recipients** field diff --git a/docs/accessanalyzer/12.0/actions/survey/mail-properties.md b/docs/accessanalyzer/12.0/actions/survey/mail-properties.md deleted file mode 100644 index dc178eff2b..0000000000 --- a/docs/accessanalyzer/12.0/actions/survey/mail-properties.md +++ /dev/null @@ -1,21 +0,0 @@ -# Survey: Mail – Properties - -Use this page to specify the email recipients. - -![Survey Action Module Wizard Mail – Properties page](/img/product_docs/accessanalyzer/admin/action/survey/mailproperties.webp) - -Use the following fields to specify the recipient information: - -- Recipient column – Specify the data table columns containing intended recipient information - - - For example, a column containing email addresses. The drop-down menu displays a list of - possible column types. - -- Recipient type – Specify the data type of the Recipient column. The drop-down menu displays a list - of recipient types, for example **SMTP email address**. -- Carbon copy (CC) – (Optional) Specify one or more additional email addresses to receive a - carbon-copy of the SendMail message, for example an address not included in the source table. - Separate multiple address with a semi-colon and a space. -- Combine multiple messages to a recipient into one message when all recipients are the same – - Select this option to send only one message to each recipient as a result of this action (even - recipients who appear more than once in the job results) diff --git a/docs/accessanalyzer/12.0/actions/survey/overview.md b/docs/accessanalyzer/12.0/actions/survey/overview.md deleted file mode 100644 index 98e1aa878c..0000000000 --- a/docs/accessanalyzer/12.0/actions/survey/overview.md +++ /dev/null @@ -1,43 +0,0 @@ -# Survey Action Module - -Use this action module to create surveys and make them available to targeted recipients via email. -For example, a survey can solicit feedback from clients or poll employees on company issues. - -The Survey Action Module Wizard builds customizable, web-based surveys containing questions created -by the user. Once the survey is defined, a list of recipients can then be specified. When executing -the action, the process simultaneously sends an email to the recipients containing a link to the -survey and creates a web page to host the survey. - -**CAUTION:** This module sends one or more electronic messages to a selected audience. Prior to -executing the action, ensure the audience consists of only the desired members. Netwrix recommends -using this and all other Access Analyzer actions with caution. - -## Survey Action Source Table Configuration - -All data tables used in Access Analyzer action modules require the presence of certain data columns. -In addition, individual action modules including Survey may have their own column requirements. The -Survey action module requires a column containing well-formatted email addresses (for example, -`hfinn@netwrix.com`) for your recipients. - -## Survey Action Module Wizard - -The Survey action module is configured through the Survey Action Module Wizard, which contains the -following wizard pages: - -- Welcome -- [Survey: Template](/docs/accessanalyzer/12.0/actions/survey/template.md) (Legacy feature) -- [Survey: Introduction](/docs/accessanalyzer/12.0/actions/survey/introduction.md) -- [Survey: Questions](/docs/accessanalyzer/12.0/actions/survey/questions.md) -- [Survey HTML Style](/docs/accessanalyzer/12.0/actions/survey/html-style.md) -- [Survey: Web Server](/docs/accessanalyzer/12.0/actions/survey/web-server.md) -- [Survey: Mail – Properties](/docs/accessanalyzer/12.0/actions/survey/mail-properties.md) -- [Survey: Mail – Message](/docs/accessanalyzer/12.0/actions/survey/mail-message.md) -- [Survey: Test Survey](/docs/accessanalyzer/12.0/actions/survey/test-survey.md) -- [Survey: Summary](/docs/accessanalyzer/12.0/actions/survey/summary.md) - -The Welcome page displays first and gives an overview of the action module. The navigation pane -contains links to the pages in the wizard. - -![Survey Action Module Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/actions/survey/questions.md b/docs/accessanalyzer/12.0/actions/survey/questions.md deleted file mode 100644 index 332c68a2c6..0000000000 --- a/docs/accessanalyzer/12.0/actions/survey/questions.md +++ /dev/null @@ -1,64 +0,0 @@ -# Survey: Questions - -Use this page to specify the questions on the survey. Configure the following for each question: - -- The text of the question - - - Example: `Are you the owner of the following stale AD objects?` - -- The subject of the question – The subject is the object to which the question is directed, such as - a user who has access to AD objects. Specify the subject via a dynamic field. - - - Example: **UserName** - - The data table must contain a column with the subject of each question on the survey - -- A name for the answer column in the result table. This column stores the answers to the survey - question. -- The question type (**Yes/No**, **Text**, or **Multiple Choice**) -- Any additional descriptive text to include for the question - -![Survey Action Module Wizard Questions page](/img/product_docs/accessanalyzer/admin/action/survey/questions.webp) - -The configurable options are: - -- Questions List – Any existing questions appear in the Question List box. The following buttons are - available: - - - Add new question – Adds a new question to the Questions list. Use the Question Details section - to customize the question. - - Remove question – Remove selected question from the Questions list - - Up and Down arrows – Re-order questions - -- Question Details – Use this section to define your survey questions. The following options are - available: - - - Text – Specify the survey question - - Subjects – Click on the ellipses (**…**) to open the Select subjects window. Specify the - object to which a question is directed. The selected subjects show in the Subjects field. See - the [Select Subjects Window](#select-subjects-window) topic for additional information. - - Answer Column Name – The Survey action module inserts the results of the survey directly into - the SQL table on which a survey is based, creating an answer column for each question in the - survey. Give each column a unique name that corresponds to the associated survey question. - - Question type – Specify a question type. The options are: - - - Yes/No - - Text - - Multiple Choice – If this option is selected, the **Answers** button activates. Click this - button to open the Answers window and specify the response options to the multiple choice - question via the **Add** button. - - - Answers – This button activates if Multiple Choice in the Question Type field is selected. - Click to access the Answers window. - - Description – Specify any additional explanation of the survey question. The text appears on - the survey below the associated question. - -## Select Subjects Window - -Select which subjects to use for the Survey question using the Select subjects window. - -![Select subjects window](/img/product_docs/accessanalyzer/admin/action/survey/selectsubjects.webp) - -Select a subject from the Available subjects list, then click the **Right Arrow** to move it into -the Selected Subjects list. Remove a subject from the Selected Subjects list by selecting a subject -and clicking the **Left Arrow**. Change the priority of the subjects in the Selected Subjects list -by using the **Up and Down Arrows**. diff --git a/docs/accessanalyzer/12.0/actions/survey/summary.md b/docs/accessanalyzer/12.0/actions/survey/summary.md deleted file mode 100644 index 9db0d0a1a1..0000000000 --- a/docs/accessanalyzer/12.0/actions/survey/summary.md +++ /dev/null @@ -1,13 +0,0 @@ -# Survey: Summary - -A summary of the survey configuration displays. - -![Survey Action Module Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Save Template** to access the Save Survey Template window. - -![Save Survey Template window](/img/product_docs/accessanalyzer/admin/action/survey/savesurveytemplate.webp) - -Specify a name for the survey for future use. Click **OK** to return to the Summary page. - -When done, click **Finish** to finalize survey configurations. diff --git a/docs/accessanalyzer/12.0/actions/survey/template.md b/docs/accessanalyzer/12.0/actions/survey/template.md deleted file mode 100644 index 334a0da9a8..0000000000 --- a/docs/accessanalyzer/12.0/actions/survey/template.md +++ /dev/null @@ -1,6 +0,0 @@ -# Survey: Template - -Survey templates require customization to meet the customer's business needs. Contact -[Netwrix Support](https://www.netwrix.com/support.html) for additional information. - -![Survey Action Module Wizard Survey Template page](/img/product_docs/accessanalyzer/admin/action/survey/surveytemplate.webp) diff --git a/docs/accessanalyzer/12.0/actions/survey/test-survey.md b/docs/accessanalyzer/12.0/actions/survey/test-survey.md deleted file mode 100644 index 9f747a081c..0000000000 --- a/docs/accessanalyzer/12.0/actions/survey/test-survey.md +++ /dev/null @@ -1,12 +0,0 @@ -# Survey: Test Survey - -Use this page to test a survey and verify proper configuration. - -![Survey Action Module Wizard Test Survey page](/img/product_docs/accessanalyzer/admin/action/survey/testsurvey.webp) - -The configurable options are: - -- Start test – Click to test your survey configuration -- Survey full test – Once the survey configuration test passes inspection, a full survey can be - tested against a single user (for example, your own email account) to verify a survey matches - design criteria diff --git a/docs/accessanalyzer/12.0/actions/survey/web-server.md b/docs/accessanalyzer/12.0/actions/survey/web-server.md deleted file mode 100644 index 7d73334552..0000000000 --- a/docs/accessanalyzer/12.0/actions/survey/web-server.md +++ /dev/null @@ -1,16 +0,0 @@ -# Survey: Web Server - -Use this page to specify information about the web server hosting the survey website. - -![Survey Action Module Wizard Web Server page](/img/product_docs/accessanalyzer/admin/action/survey/webserver.webp) - -The configurable options are: - -- Web Server Name – Specify the name of the server hosting the survey -- Web server path (Survey root path) – Specify the root path to the folder on the web server - containing the scripts used to build and operate the survey web page - - - Click the ellipses (**...**) to open the Browse For Folder window to navigate to the folder on - the web server containing the scripts used to build and operate the survey web page - -- URL (Survey root path) – Specify the root path of the web page location diff --git a/docs/accessanalyzer/12.0/actions/web-request/destination.md b/docs/accessanalyzer/12.0/actions/web-request/destination.md deleted file mode 100644 index ffa0b93d5f..0000000000 --- a/docs/accessanalyzer/12.0/actions/web-request/destination.md +++ /dev/null @@ -1,65 +0,0 @@ -# Web Request: Destination - -Use the Destination page to specify all settings for the destination of the web request. - -![Web Request Action Module Wizard Destination page](/img/product_docs/accessanalyzer/install/filesystemproxy/destination.webp) - -Use the following categories to establish the location of the web request: - -- Insert field – Select a field using the drop-down menu - - **NOTE:** The fields available varies based on the source table columns. - -Destination Information - -- Method – Use the dropdown to select a method from the following: - - - GET - - POST - - PUT - - DELETE - - HEAD - - OPTIONS - - PATCH - - MERGE - - COPY - -- Follow Redirects – Enables the web request to follow redirects -- Combine SQL rows into single request – Enables bulk insertion of the number of rows specified into - a single web request - - - Rows – Select the number of rows to combine. The default is 50. - -- Resource – URL destination to send the data via the web request - - - Select a field using the drop-down menu, place the cursor in the Resource textbox, and click - the blue down-arrow to add it to the Resource box - - Manually enter a resource in the textbox - - **NOTE:** A red circle with an x indicates that the Resource field cannot be empty. - -- Authentication – Select an authentication method from the following: - - - None – No authentication - - Basic – Basic authentication - - JWT – JSON Web Token, a URL-safe authentication method - - Basic and JWT authentications are pulled from the credential profile set in the job. It inserts - that data into the authentication header of the web request with the proper format expected (for - example, Basic [Base64 encoded credentials] or Bearer [JWT token] for Basic and JWT - authentication respectively). - -Test Connection - -- Drop-down menu – Select a method to test. Currently locked to GET. -- URI textbox – Input the resource to receive the test message - - - Select a field using the drop-down menu, place the cursor in text area, and click the blue - down-arrow to add it to the URI textbox - - Manually enter a resource in the field - - **NOTE:** Red circle with x indicates - `Invalid URI: The format of the URI could not be determined`. - -- Test – Tests the connection for the request using the first row of the source table -- Text box – Shows log messages from the connection test diff --git a/docs/accessanalyzer/12.0/actions/web-request/header.md b/docs/accessanalyzer/12.0/actions/web-request/header.md deleted file mode 100644 index 14c52da452..0000000000 --- a/docs/accessanalyzer/12.0/actions/web-request/header.md +++ /dev/null @@ -1,22 +0,0 @@ -# Web Request: Header - -Use the Header page to enter the header values for the request. - -![Web Request Action Module Wizard Header page](/img/product_docs/accessanalyzer/admin/action/webrequest/header.webp) - -Use the following options to enter header values: - -- Insert field – Select a field to include in the request using the drop-down menu - - **NOTE:** The fields available varies based on the source table columns. - -- Use the radio buttons to indicate: - - - Parameters – Key value pairs to insert in the headers field of the web request - - Raw edit – Disabled for headers - -- Key / Value fields – The name or value of the attribute - - - Select a field using the drop-down menu, place the cursor in the cell of the desired Key or - Value, and click the blue down-arrow to add it to the selected cell - - Manually enter a field in the cell diff --git a/docs/accessanalyzer/12.0/actions/web-request/overview.md b/docs/accessanalyzer/12.0/actions/web-request/overview.md deleted file mode 100644 index 9d30508bbb..0000000000 --- a/docs/accessanalyzer/12.0/actions/web-request/overview.md +++ /dev/null @@ -1,27 +0,0 @@ -# WebRequest Action Module - -The Web Request action module provides methods of applying bulk changes to REST endpoints. At this -stage, target endpoints should be identified to invoke web requests against. This wizard allows the -definition of requests to perform. - -**CAUTION:** Ensure that only the changes required are applied and only those target systems desired -when using this action module. - -## Configuration - -The Web Request action module is configured through the Web Request Action Module Wizard, which -contains the following wizard pages: - -- Welcome -- [Web Request: Destination](/docs/accessanalyzer/12.0/actions/web-request/destination.md) -- [Web Request: Header](/docs/accessanalyzer/12.0/actions/web-request/header.md) -- [Web Request: Parameters](/docs/accessanalyzer/12.0/actions/web-request/parameters.md) -- [Web Request: Settings](/docs/accessanalyzer/12.0/actions/web-request/settings.md) -- [Web Request: Summary](/docs/accessanalyzer/12.0/actions/web-request/summary.md) - -The Welcome page gives an overview of the action module. The navigation pane contains links to the -pages in the wizard. - -![Web Request Action Module Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/actions/web-request/parameters.md b/docs/accessanalyzer/12.0/actions/web-request/parameters.md deleted file mode 100644 index d0798ff8b0..0000000000 --- a/docs/accessanalyzer/12.0/actions/web-request/parameters.md +++ /dev/null @@ -1,61 +0,0 @@ -# Web Request: Parameters - -Use the Parameters page to enter the parameter values. - -![Web Request Action Module Wizard Parameters page](/img/product_docs/accessanalyzer/admin/action/webrequest/parameters.webp) - -Enter parameter values using the following options: - -- Insert Field – Select a field to include in the request from the drop-down menu. - - **NOTE:** The fields available varies based on the source table. - -- Green circle with plus sign – Add a custom attribute. This opens the Custom Attribute Editor - Window. See the [Custom Attribute Editor Window](#custom-attribute-editor-window) topic for - additional information. -- Red circle with minus sign – Remove a custom attribute - - - Select a cell or row to remove the custom attributes - -- Paper and pencil – Edit a custom attribute. This opens the Custom Attribute Editor Window. See the - [Custom Attribute Editor Window](#custom-attribute-editor-window) topic for additional - information. -- Use the radio buttons to indicate: - - - Parameters – Key value pairs to insert in the headers field of the web request - - Raw edit – Disabled for Parameters - -- Key / Value Fields – The name or value of the attribute - - - Select a field using the drop-down menu, place the cursor in the cell of the desired Key or - Value, and click the blue down-arrow to add it to the selected cell - - Select a cell and click the green circle with plus sign to open the Custom Attribute Editor - window and add the attribute to the cell - - Manually enter a field in the cell - -### Custom Attribute Editor Window - -Use the Custom Attribute Editor window to create a custom attribute using the existing attributes -and advanced functions. - -![Custom Attribute Editor Window](/img/product_docs/accessanalyzer/admin/action/webrequest/customattributeeditor.webp) - -Create custom attributes using the following options: - -- Insert field – Select a field to insert using the drop-down menu -- Unique name – Name of the custom attribute that will be created - - - Select a field using the drop-down menu, place the cursor in the Unique name textbox, and - click the blue down-arrow to add it to the Unique name textbox - - Manually enter the name - -- Data – The actual value of the custom attribute (can be database value or manually specified) - - - Select a field using the drop-down menu, place the cursor in the Data textbox, and click the - blue down-arrow to add it to the Data textbox - - Manually enter the data - -- Advanced Functions - - - Split on – Split the data on the character specified in the text box. The default is comma - `,`. diff --git a/docs/accessanalyzer/12.0/actions/web-request/settings.md b/docs/accessanalyzer/12.0/actions/web-request/settings.md deleted file mode 100644 index ee314fea5b..0000000000 --- a/docs/accessanalyzer/12.0/actions/web-request/settings.md +++ /dev/null @@ -1,16 +0,0 @@ -# Web Request: Settings - -Use the settings page to specify the settings for the web request. - -![Web Request Action Module Wizard Settings page](/img/product_docs/activitymonitor/config/dellpowerscale/settings.webp) - -Establish the settings using the following options: - -- Insert field – not applicable on this page -- Input Table Rowkey – Select the column to use as the Access Analyzer key for reporting and - built-in Access Analyzer functions -- Include response in output table – When enabled, it records the body of the server’s response - message in the actions output table -- Execute multiple requests asynchronously – use a thread pool to manage requests - - - Request count – Select the number of asynchronous requests to run simultaneously diff --git a/docs/accessanalyzer/12.0/actions/web-request/summary.md b/docs/accessanalyzer/12.0/actions/web-request/summary.md deleted file mode 100644 index 1af65fb6a7..0000000000 --- a/docs/accessanalyzer/12.0/actions/web-request/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# Web Request: Summary - -The Summary page displays a summary of the configured action. - -![Web Request Action Module Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Web Request Action Module Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations.md new file mode 100644 index 0000000000..c50df8640c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations.md @@ -0,0 +1,46 @@ +# Active Directory Action Operations + +Use Operations page to select one or more operations for the action to perform on the targeted +Active Directory objects. Some operations have wizard pages to specify the configuration settings. + +![Active Directory Action Module Wizard Operations page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations.webp) + +The Operations drop-down menu contains the following operations: + +- [Clear/Set SID History ](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/sidhistory.md) +- [Computer Details](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/computerdetails.md) +- [Disable/Enable Computers](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenablecomputers.md) +- [Create Groups](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/creategroups.md) +- [Create Users](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/createusers.md) +- [Delete Objects](#delete-objects) +- [Disable/Enable Users](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenableusers.md) +- [Group Details](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupdetails.md) +- [Group Membership](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.md) +- [Groups Remove All Members ](#groups-remove-all-members) +- [Move Objects](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/moveobjects.md) +- [Set/Reset Users Password ](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/setresetpassword.md) +- [Unlock Users ](#unlock-users) +- [Users Details ](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/usersdetails.md) + +Select an operation from the drop-down list and then click **Add**. The selection appears in the +Selections pane as well as the navigation pane if there is an associated configuration page. If +performing multiple operations, the action executes the operations in the order in which they appear +here. To change the order, select an operation and use the **Down** and **Up** buttons. + +## Delete Objects + +**CAUTION:** Once deleted, objects from Active Directory cannot be restored. + +Select this operation to delete objects from Active Directory, such as users, groups, or computers. +The source table determines which objects are deleted from the Active Directory. Therefore, this +operation does not possess its own wizard window. + +## Groups Remove All Members + +Select this operation to remove all members from groups located in the source table. There is not a +wizard window associated with this operation. No configuration is required. + +## Unlock Users + +Select this operation to unlock the account of the specified users in the source table. There is not +a wizard window associated with this operation. No configuration is required. diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/computerdetails.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/computerdetails.md new file mode 100644 index 0000000000..5bd70262a6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/computerdetails.md @@ -0,0 +1,56 @@ +# Computer Details + +Use the Computers Details page to select computer attributes to change. + +![Active Directory Action Module Wizard Computer Details page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/computerdetails.webp) + +Highlight the attribute to edit: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then click + the blue arrow to insert the item into the Value box. The executed action replaces the AD Object + property with the specified value from the source table. +- Add Attribute – Adds a custom attribute to the Computer Details attribute list +- Remove Attribute – Removes a selected attribute Computer Details attribute list +- Edit Attribute – Click this icon to change the name of the selected custom attribute +- Import Attribute – Opens the Import Custom Attributes Import Wizard where one or more custom + attributes can be imported. See the + [Custom Attribute Import Wizard](#custom-attribute-import-wizard) topic for additional + information. +- Value – This field contains selections from the Insert field. If the Manager attribute is + selected, click the ellipsis (…) to access the Select User, Contact, or Group window to populate + this field. +- Select the checkboxes next to the computer attributes to enable them for editing when running the + action. + +## Custom Attribute Import Wizard + +The Custom Attributes Import Wizard is used to import a list of custom attributes. Follow the steps +to use the Custom Attributes Import Wizard. + +**Step 1 –** On the Computer Details page of the Active Directory Action Module Wizard, click +**Import**. The Custom Attribute Import Wizard opens. + +![Custom Attributes Import Wizard Credentials page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/credentials.webp) + +**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting +one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in +which the Access Analyzer Console server resides. Then set the credentials for reading the +attributes list from the domain: + +- Authenticate as the logged in user – Applies the user account running Access Analyzer +- Use the following credentials to authenticate – Applies the account supplied in the **User Name** + and **Password** fields. + +**Step 3 –** Click **Next**. + +![Custom Attributes Import Wizard Attributes page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/attributescomputer.webp) + +**Step 4 –** The wizard populates available attributes from the domain specified on the Attributes +page. Expand the desired object class and select the checkboxes for the custom attributes to be +imported. Then click **Next**. + +![Custom Attributes Import Wizard Completion page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/completionpage.webp) + +**Step 5 –** On the Completion page, click **Finish**. + +The selected attributes have been added to the attribute list on the Computer Details page. diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/creategroups.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/creategroups.md new file mode 100644 index 0000000000..916fb5eade --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/creategroups.md @@ -0,0 +1,30 @@ +# Create Groups + +Use the Create Groups page to configure the action to create groups on the selected target. + +![Active Directory Action Module Wizard Create Groups page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/creategroups.webp) + +Use the following options to configure the action: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the OU, Group name, or Group name (pre Windows 2000) + boxes. +- OU – The organizational unit that contains the group + + - Create target OU location if it does not already exist – Select this checkbox to create the + target OU + +- Group Name – The name of the group that being created. This field is required. +- Group name (pre Windows 2000) – The name of the group being created +- Group scope – The scope of the group being created. Select from the following: + + - Universal + - Global + - DomainLocal + - SqlField – Enter a value from the drop-down list + +- Group type – The type of group being created. Select from the following: + + - Security + - Distribution + - SqlField – Enter a value from the drop-down list diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/createusers.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/createusers.md new file mode 100644 index 0000000000..88c67049c8 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/createusers.md @@ -0,0 +1,30 @@ +# Create Users + +Use the Create Users page to create users on the selected target. + +![Active Directory Action Module Wizard Create Users page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/createusers.webp) + +Use the following options to configure the action: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the selected box. +- OU – The organizational unit in which to create the user + + - Create target OU location if it does not already exist - Select this checkbox to create the + target OU. + +- First Name – The first name of the user being created +- Initials – The initials of the user being created +- Last Name – The last name of the user being created +- Full Name – The full name of the user being created. This field is required. +- User logon name – The user logon name and domain for the user being created +- User logon name (pre Windows 2000) – The domain and user logon name for the user being created +- Password – The password for the user being created. This field is required. + +Optionally, select from the following checkboxes: + +- User must change password at next logon – Require the user to change the password at the next + logon +- User cannot change password +- Password never expires +- Account is disabled diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenablecomputers.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenablecomputers.md new file mode 100644 index 0000000000..1b4b4dd640 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenablecomputers.md @@ -0,0 +1,11 @@ +# Disable/Enable Computers + +Use the (Disable/Enable Computers page to configure the action to enable or disable users' operation +options on target computers. + +![Active Directory Action Module Wizard Disable/Enable Computers page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenablecomputers.webp) + +Select the radio button for the desired option: + +- Enable – Enables users' operation options +- Disable – Disables users' operation options diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenableusers.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenableusers.md new file mode 100644 index 0000000000..6a485dc0be --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenableusers.md @@ -0,0 +1,10 @@ +# Disable/Enable Users + +Use the Disable/Enable Users page to enable or disable target users. + +![Active Directory Action Module Wizard Disable/Enable Users page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenableusers.webp) + +Select the radio button for the desired option: + +- Disable – Select this radio button to disable users' operation options +- Enable – Select this radio button to enable users' operation options diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupdetails.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupdetails.md new file mode 100644 index 0000000000..f47d78b383 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupdetails.md @@ -0,0 +1,59 @@ +# Group Details + +Use Groups Details page to edit selected group attributes. + +![Active Directory Action Module Wizard Group Details page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupdetails.webp) + +Highlight the attribute to edit. Add or delete attributes using the buttons to the right of Insert +field. + +**NOTE:** The options at the bottom of the page vary based on the highlighted attribute. + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the Value box. +- Add Attribute – Adds a custom attribute to the Computer Details attribute list +- Remove Attribute – Removes a selected attribute from the action +- Edit Attribute – Click this icon to change the name of the selected custom attribute +- Import Attribute – Opens the Import Custom Attributes Import Wizard where current attributes for + an object is viewed and can be imported for editing. See the + [Custom Attribute Import Wizard](#custom-attribute-import-wizard) topic for additional + information. +- Value/Name – This field derives its name from selections made on the page. It can contain + selections from the Insert field or you can click the ellipsis (…) to access the Select User, + Contact, or Group window, via which you can populate this field. + +Select the checkboxes next to the group details attributes to enable them for editing when running +the action. + +## Custom Attribute Import Wizard + +The Custom Attributes Import Wizard is used to import a list of custom attributes. Follow the steps +to use the Custom Attributes Import Wizard. + +**Step 1 –** On the Group Details page of the Active Directory Action Module Wizard, click +**Import**. The Custom Attribute Import Wizard opens. + +![Custom Attributes Import Wizard Credentials page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/credentials.webp) + +**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting +one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in +which the Access Analyzer Console server resides. Then set the credentials for reading the +attributes list from the domain: + +- Authenticate as the logged in user – Applies the user account running Access Analyzer +- Use the following credentials to authenticate – Applies the account supplied in the **User Name** + and **Password** fields. + +**Step 3 –** Click **Next**. + +![Custom Attributes Import Wizard Attributes page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/attributesgroup.webp) + +**Step 4 –** The wizard populates available attributes from the domain specified on the Attributes +page. Expand the desired object class and select the checkboxes for the custom attributes to be +imported. Then click **Next**. + +![Custom Attributes Import Wizard Completion page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/completionpage.webp) + +**Step 5 –** On the Completion page, click **Finish**. On the Completion page, click **Finish**. + +The selected attributes have been added to the attribute list on the Group Details page. diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.md new file mode 100644 index 0000000000..6bab5e8baf --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.md @@ -0,0 +1,33 @@ +# Group Membership + +Use the Groups Membership page to add or remove group members. Values from the source table can also +be used to specify if the object will be added or removed. + +![Active Directory Action Module Wizard Group Membership page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.webp) + +Use the following options to configure the action: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the selected box. +- Select one of the following: + + - Target Group by OU + - Target Group by NT Style Name + +- OU – The organizational unit that contains the group. This field is required. + + - Create target OU location if it does not already exist – Select this checkbox to create the + target OU. + +- Group (CN, not a pre-Windows 2000 name) – The group to create. This field is required. + + - Create target Group if it does not already exist + +- Select one of the following: + + - Add members + - Remove members + - Add/Remove members – Enables the ChangeType Column drop down list + +- ChangeType Column – The value to use from the source table to specify if the object is added or + removed. The contents of the ChangeType column should be a 0 for Add or a 1 for Remove. diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/moveobjects.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/moveobjects.md new file mode 100644 index 0000000000..903b2be58e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/moveobjects.md @@ -0,0 +1,14 @@ +# Move Objects + +Use the Move Objects page to specify the OU in which to move objects. + +![Active Directory Action Module Wizard Move Objects page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/moveobject.webp) + +Use the following options to configure the action: + +- Insert Field – Contains available values from populated from the source table +- OU – Use the drop-down list to select a field (column) from the source table. Then, click the blue + arrow to insert the item into the OU box. + + - Create target OU location if it does not already exist – Select this checkbox to create the + target OU diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/setresetpassword.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/setresetpassword.md new file mode 100644 index 0000000000..ef301ce083 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/setresetpassword.md @@ -0,0 +1,14 @@ +# Set/Reset Users Password + +Use the Set/Reset Users Password page to set or reset user passwords with the specified value. + +![Active Directory Action Module Wizard Set/Reset Users Password page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/setresetpassword.webp) + +Use the following options to configure the action: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the Password box. +- Password – The field with the passwords to set or reset. This field is required. + + - User must change password at next logon – Select this checkbox to require the user to change + the password at the next logon diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/sidhistory.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/sidhistory.md new file mode 100644 index 0000000000..f30ee0ccba --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/sidhistory.md @@ -0,0 +1,29 @@ +# Clear/Set SID History + +Use the Clear/Set SID History page to overwrite or append to the SID history for targeted objects. +Please review the restrictions for this operation in the Notes box. + +The source table used for this operation must contain a column with the following information: + +- SID History data + +![Active Directory Action Module Wizard Clear/Set SID History page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/sidhistory.webp) + +Configure the action with the following options: + +- Overwrite – Overwrites the SID History +- Append – Adds to the SID History +- Clear – Clears the SID History +- Insert Field – This drop-down list is enabled when the Overwrite or Append radio buttons are + selected. Use the drop-down list to select a field (column) from the source table. Then, click the + blue arrow to insert the item into the SID History box. The SID history is overwritten with the + selected fields or appended to with the selected fields depending on the selected radio button. +- SID History – This box is enabled by selecting the Overwrite or Append radio buttons. The SID + history is overwritten or appended to with the inserted fields, depending on the selected radio + button. Populate the SID History box using either of the following methods: + + - Select one or more fields at the Insert Field drop-down menu + - Click the **ellipsis (…)** to access the Select Users or Groups window to populate this field + +- Reference link – Accesses a Microsoft web page called Using DsAddSidHistory containing important + information on SID history diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/usersdetails.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/usersdetails.md new file mode 100644 index 0000000000..ebe175d163 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/operations/usersdetails.md @@ -0,0 +1,11 @@ +# Users Details + +Use the Users Details page to edit user attributes. + +![Active Directory Action Module Wizard Users Details page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/usersdetails.webp) + +Highlight the attribute to edit. The highlighted user attribute in the Selections pane determines +the configuration options available at the bottom of the page. + +Select the checkboxes next to the user details attributes to enable them for editing when running +the action. diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/options.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/options.md new file mode 100644 index 0000000000..192b5e72c6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/options.md @@ -0,0 +1,14 @@ +# Active Directory Action Options + +The Options page provides the option to select to use the default domain or specific a domain to +use. + +![Active Directory Action Module Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/options.webp) + +Use the following options to configure the action: + +- Insert field – Use the drop-down list to select a field (column) from the source table. Then, + click the blue arrow to insert the item into the **Specify domain (controller) to use** box. +- Use default domain (controller) – Use the default domain controller for the action +- Specify domain (controller) to use – Click the ellipsis to open the Browse for Domain window and + select a domain for the action diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/overview.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/overview.md new file mode 100644 index 0000000000..be21809308 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/overview.md @@ -0,0 +1,62 @@ +# Active Directory Action Module + +Use the Active Directory Action Module to make bulk changes to objects in Microsoft Active Directory +(AD) such as deleting users or changing group memberships. It is available with a special Access +Analyzer license. + +**CAUTION:** Be careful when using this action module. Make sure that only the changes required are +applied and only to those target systems desired. Actions perform their functions on all rows in a +table. + +Access Analyzer action modules contain one or more selectable operations. Each operation performs +its function on a single object per row from the source table defined in the action. + +## Source Table Configuration + +Individual action modules, including the Active Directory Action Module, may have their own +requirements for the type of data contained in the columns in the source table. To take action on an +Active Directory object, group, user, or computer, the source table columns must contain values that +uniquely identify each Active Directory object referenced. Active Directory objects correspond to +rows in a Access Analyzer source table. Active Directory object attributes correspond to columns. +Once the source table has been scoped, use the Target page to specify the field that identifies the +target objects along with the field type to indicate the type of data contained in the field. + +The Operations page lists the operations that may be performed by the Active Directory Action +Module. Each operation may have its own source table column requirements as follows: + +| Operation | Requirements | +| ----------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Clear/Set SID History | Column containing SID History information | +| Computer Details | No specific columns required | +| Disable/Enable Computers | No specific columns required | +| Create Groups | No specific columns required | +| Create Users | Column containing the user logon name **_RECOMMENDED:_** It is recommended that the source table has columns containing the following information: - First Name - Last name - Initials - Full name - Password - OU in which to create the user (This can also be created on the Create Users page) | +| Delete Objects (Users, Groups, Computers, etc.) | No specific columns required | +| Disable/Enable Users | No specific columns required | +| Group Details | No specific columns required | +| Group Membership | Column containing the target group OU or the target group NT style name | +| Groups Remove All Members | No specific columns required | +| Move Objects | Column containing an OU (Alternatively, type in the OU or click the ellipsis (…) to select an OU) | +| Set/Reset Users Password | No specific columns required | +| Unlock Users | No specific columns required | +| User Details | No specific columns required | + +## Configuration + +The Active Directory Action module is configured through the Active Directory Action Module Wizard, +which contains the following wizard pages: + +- Welcome +- [Active Directory Action Target](/docs/accessanalyzer/12.0/admin/action/activedirectory/target.md) +- [Active Directory Action Operations](/docs/accessanalyzer/12.0/admin/action/activedirectory/operations.md) +- [Active Directory Action Options](/docs/accessanalyzer/12.0/admin/action/activedirectory/options.md) +- [Active Directory Action Summary](/docs/accessanalyzer/12.0/admin/action/activedirectory/summary.md) + +The Welcome page displays first in the Active Directory Action Module Wizard. Review the +introductory and caution information about the Active Directory Action Module. + +![Active Directory Action Module Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/welcome.webp) + +The navigation pane contains links to the pages in the wizard. Note that the operations added on the +Operations page will affect the list of pages in the navigation pane. Several operations have +associated configuration pages. diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/summary.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/summary.md new file mode 100644 index 0000000000..f33f67437d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/summary.md @@ -0,0 +1,9 @@ +# Active Directory Action Summary + +The Summary page displays a summary of the configured settings for the action. + +![Active Directory Action Module Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Action Module Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/action/activedirectory/target.md b/docs/accessanalyzer/12.0/admin/action/activedirectory/target.md new file mode 100644 index 0000000000..d20497ba71 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/activedirectory/target.md @@ -0,0 +1,30 @@ +# Active Directory Action Target + +Use the Target (Identification Criteria) page to select one or more fields (columns) in the Access +Analyzer source table that uniquely identifies the target Active Directory objects upon which to +perform the action. This process enables Access Analyzer to locate those objects within Active +Directory. Added fields are displayed in the textbox. + +![Active Directory Action Module Wizard Target page](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/target.webp) + +Use the following options to configure the action: + +- Add – Adds the selected field and field type to the Selections pane +- Delete – Removes the highlighted operation from the Selection pane +- Field – The name of the column in the Access Analyzer source table. Select the field that uniquely + identifies the target AD objects (represented by rows in the Access Analyzer table). The drop-down + list displays the fields from the source data table specified on the Action Properties page. The + list excludes any default fields such as HOSTSTATUS, on which actions cannot be performed. +- Field Type – The type of data contained in the specified field. Access Analyzer must know the data + type of the field selected above. Otherwise, errors may appear upon execution of the action and + report results may be incomplete. The drop-down list contains the following field types: + + - Distinguished Name or DN + - GUID + - SID + - WindowsID + - E-Mail + - Employee (employeeID) + +**NOTE:** While one field is usually sufficient to identify AD objects, if specifying multiple +fields, each field type can only be used once. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/action.md b/docs/accessanalyzer/12.0/admin/action/filesystem/action.md new file mode 100644 index 0000000000..ccefa5ea4a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/action.md @@ -0,0 +1,18 @@ +# File System Action: Action + +On the Action page, select the type of action to be configured, define a new action, and additional +capabilities. + +![File System Action Module Wizard Action page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/action.webp) + +The following options are available: + +- Define a new action – Enables the Operation page where operations are selected on which the action + is based +- Rollback a previously executed action – Enables the Prior Actions page where lists of previously + executed actions and rollback actions can be selected. Not all operations support rollback. Enable + the Support Rollback option prior to execution for the action in order to perform a rollback. +- Remove the applet service from a host – If an executed action installs an applet service on a host + from a Access Analyzer Console, it remains installed after the action is completed for other + Access Analyzer consoles to perform actions using the same applet service. This setting removes + the action’s applet service from that host. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/appletsettings.md b/docs/accessanalyzer/12.0/admin/action/filesystem/appletsettings.md new file mode 100644 index 0000000000..1e30040a56 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/appletsettings.md @@ -0,0 +1,30 @@ +# File System Action: Applet Settings + +Use the Applet Settings page to specify the machines on which to execute the selected operation. + +![File System Action Module Wizard Applet Settings page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/appletsettings.webp) + +Specify how the operations will be executed: + +- Automatic – Get host data from the Host Management +- Local Access Analyzer server +- Specific remote server: + + - Fields – Use the drop-down list to select a field (column) from the source table, then click + the blue arrow to insert the item into the **Remote server** field + - Environment Variables – Select an item from the drop-down list, then click the blue arrow to + insert the item into the **Remote Server** field + - Remote Server – Enter the path to the server + - Click the **ellipsis (…)** to browse for server + - Click the **tick** icon to show a preview of the path + - Click the **Help** icon for additional information + +- Preview – Shows what the compound path specified will be resolved in to. The text here is used to + initialize the path specification selection dialog. +- Specific remote servers – Click the **ellipsis (…)** to browse for servers + + - Click **Add** to add the server + - Click **Remove** to remove the server + +- Fall back to the local Access Analyzer server if an applet cannot start – Check to enable this + option diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/destination.md b/docs/accessanalyzer/12.0/admin/action/filesystem/destination.md new file mode 100644 index 0000000000..4ae43bf929 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/destination.md @@ -0,0 +1,35 @@ +# File System Action: Destination + +The Destination page is available only if the following operations are selected: + +- Copy +- Move +- Rename + +Define the destination location of the files that will be copied, moved, or renamed by building the +destination path using the Fields and Environment Variables options as needed. + +![File System Action Module Wizard Destination page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/destination.webp) + +Use the fields provided to select destination items and hosts from the drop-down lists and populate +the Destination field, or edit the field manually. The Preview field updates based on the contents +of the Destination field. + +- Fields – Use the drop-down list to select a field (column) from the source table, then click the + blue arrow to insert the item into the **Destination** field +- Environment Variables – Select an item from the drop-down list, then click the blue arrow to + insert the item into the **Destination** field +- Target Items – Enter the path to the target file or folder + + - Click the **ellipsis (…)** to browse for pattern path specification + - Click the **tick** icon to show a preview of the specified path + - Click the **Help** icon for additional information + +- Host – Select the field that identifies the systems or manually type the host destination +- Use path type – Choose from the following options: + + - Local – Uses the local path + - UNC – Uses the UNC path + +- Preview – Shows what the compound path specified will be resolved in to. The text here is used to + initialize the file specification selection dialog. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/environment.md b/docs/accessanalyzer/12.0/admin/action/filesystem/environment.md new file mode 100644 index 0000000000..60c86c910d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/environment.md @@ -0,0 +1,16 @@ +# File System Action: Environment + +The Environment (Environment Variables) page is available only if the selected operation requires +the selection of a sample host. + +Use this page to select and connect to a sample host, via which a set of remote environment +variables for use in scoping the action are loaded. Then, on the Target page, use the environment +variables to build dynamic file path locations for the selected operation. + +**NOTE:** The environment variables from the local system load by default. + +![File System Action Module Wizard Environment page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/environment.webp) + +The connection status displays next to the Host field. To browse for another host, click the +ellipsis (**…**) to open the Browse for Computer window. Once a host name appears in the field, +click the check mark button to attempt to connect to the selected host. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/operation.md b/docs/accessanalyzer/12.0/admin/action/filesystem/operation.md new file mode 100644 index 0000000000..3863cf6ec6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/operation.md @@ -0,0 +1,25 @@ +# File System Action: Operation + +The Operation page is available when **Define a new action** is selected on the Action page. On the +Operation page, define the action by selecting an operation from the drop-down list. + +![File System Action Module Wizard Operation page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/operation.webp) + +At the Available Operations drop-down selection list, choose the operation for the action to +perform. The selection determines which pages are available in the wizard. The following operations +are available: + +- Change attributes +- Change permissions and Auditing +- Change permission inheritance +- Change Share permissions +- Copy +- Delete +- Launch Remote Process +- Move +- Remove permissions +- Remove Share permissions +- Rename +- Add tags +- Remove tags +- Change Owner diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/options.md b/docs/accessanalyzer/12.0/admin/action/filesystem/options.md new file mode 100644 index 0000000000..669157b52b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/options.md @@ -0,0 +1,54 @@ +# File System Action: Options + +The Options page provides access to additional options for the action. Based on the selection on the +Operation page and other choices made within the wizard, not all options on this page may be +available. + +![File System Action Module Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/options.webp) + +Select from the following additional operations: + +- Delete locked files on reboot – Files that are locked can be queued to be deleted at the next + system start up +- Overwrite existing files – Files in the destination location are overwritten. This action cannot + be undone. +- Terminate associated process – Files that are locked cannot be actively moved, renamed or deleted + without stopping the associated process. If selected, this may cause an interruption to any users + of that target system and service. +- Create shortcuts to the moved files in the source directory – A shortcut will be created in the + source directory that points to the new location of a moved file +- Preserve file access – Copy the file ACL from the source directory to the destination to preserve + file access. Child objects, with inherited permissions or broken inheritance, targeted by copy or + move actions retain their permissions. Parent folders with inherited permissions are changed to + explicit. +- Enable SACL modification – Request system security access when opening files in order to make SACL + changes +- Retry failed rows – Enter the following information: + + - Number of times to retry + - Do not retry error codes – Rows of data with error codes listed within this textbox are + excluded from the action performed. Common errors are included for certain actions, and may be + customized to add or remove error codes. See the Microsoft + [System Error Codes](https://docs.microsoft.com/en-us/windows/desktop/Debug/system-error-codes) + article for additional information. + - Delay between retries + +- Enable batching – (For big data sets) Enabling batching breaks the data set into batches so the + action does not attempt to execute all lines at once. Actions performed on tables with a large + number of input rows may fail due to network failure, and it is difficult to determine the actions + that were executed before the failure. + + - Batch size – Specify the batch size. + +Start Process + +Select the desired start process. + +**CAUTION:** Due to system security limitations, some applications and programs cannot be restarted +or run remotely using this option. Additionally, starting interactive processes (such as Word, +Excel, and so on) will load them into memory, but may not make them available for interaction by the +end user. + +Use the fields provided to select target items and hosts from the drop-down lists and populate the +Set working directory field, or edit the field manually. The Preview field updates based on the +contents of the Set working directory field. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/overview.md b/docs/accessanalyzer/12.0/admin/action/filesystem/overview.md new file mode 100644 index 0000000000..363dda6211 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/overview.md @@ -0,0 +1,111 @@ +# File System Action Module + +The File System Action Module allows Access Analyzer Administrators to automate the process of +remediating and modifying Windows file system attributes and properties. The File System Action +Module provides options for changing attributes and permissions, as well as copying, deleting, +moving, and renaming file system contents. It is available with a special Access Analyzer license. + +**CAUTION:** Be careful when using this Action Module. Make sure that only the changes required are +applied and only to those target systems desired. Actions perform their functions on all rows in a +table. + +Access Analyzer action modules contain one or more selectable operations. Each operation performs +its function on a single object per row from the source table defined in the action. + +## Permissions + +The File System Action Module requires a Access Analyzer connection profile and privileged access to +file system devices. The Access Analyzer connection profile may be configured to have a Task account +type. The following are the least privileged access model required for Share Permission Changes: + +- Windows – User credential must be member of Power Users group +- NetApp Data ONTAP 7-Mode Device – User credential must be member of Power Users group +- NetApp Data ONTAP Cluster-Mode Device – User credential must have role on SVM that has permission + to modify share permissions + + **NOTE:** Enter the following syntax to create role: + + ``` + ‑security login role create ‑role [DESIRED_ROLE_NAME] ‑cmddirname “vserver cifs share access-control” ‑vserver [VSERVER_NAME] ‑access all + ``` + + Replace the `[DESIRED_ROLE_NAME]` and `[VSERVER_NAME]` variables with the required information. + For example: + + ``` + ‑security login role create ‑role netwrix ‑cmddirname “vserver cifs share access-control” ‑vserver testserver ‑access all + ``` + +## Applet Deployment + +The File System Action Module deploys an applet the first time an action is executed. Applets are +installed within the Access Analyzer Installation Directory if the `%SAInstallDir%` environment is +present. Otherwise, applets are deployed to `C:\Program Files (x86)\STEALTHbits\StealthAUDIT`. + +## Source Table Configuration + +Individual action modules, including File System Action Module, may have their own column +requirements. To take action on a file system resource, the source table must contain a column with +values to uniquely identify it. File System resources correspond to rows in a Access Analyzer table. +File System attributes correspond to columns. Once the source table has been scoped, use the Target +page to specify the field that identifies the target attribute along with any environmental +variables. + +These columns are required to use the File System Action Module. Otherwise, errors may occur upon +execution of the action and with analysis and reports downstream. + +| Required Columns | Description | +| ---------------- | ---------------------------------------------------------------------------------------------------------------------------- | +| rowGUID | Identifies each data row as unique. The datatype in the table is uniqueidentifier (GUID). | +| RowKey | Identifies each data row as unique. Sometimes the value is a GUID, but the datatype in the table is a varchar (text string). | + +_Remember,_ the individual File System actions may have their own column requirements in addition to +the above. These columns are made available through the File System Action Module wizard. + +The Operations page lists the operations that may be performed by the File System Action Module. +Each operation has its own source table column requirements as follows: + +| Operation | Column requirements | +| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | +| Change attributes | Columns containing: - Object to change attributes for - UNC path or local path (files or folders) | +| Change permissions and Auditing | Columns containing: - Object to change permissions for - UNC path or local path - (Optional) Permission values to change (files or folders) | +| Change permission inheritance | Columns containing: - Object to change permission inheritance for - UNC path or local path (files or folders) | +| Change Share permissions | Columns containing: - Share to change permissions for - UNC path or local path (shares) | +| Copy | Columns containing: - Object to copy - Location to copy the object to - UNC path or local path | +| Delete | Columns containing: - Object to delete - UNC Path or local path | +| Launch Remote Process | No specific columns required | +| Move | Columns containing: - Object to move - Location to move the object to - UNC path or local path | +| Remove permissions | Columns containing: - Object to remove permissions for - UNC path or local path (files or folders) | +| Remove Share permissions | Columns containing: - Object to remove Share permissions for - UNC path or local path (shares) | +| Rename | Columns containing: - Object to rename - New name of the object - UNC path or local path | +| Add tags | Columns containing: - Object to add tags to - UNC path or local path (files) | +| Remove tags | Columns containing: - Object to remove tags from - UNC path or local path (files) | +| Change Owner | Columns containing: - Object to change ownership for - UNC path or local path (folders) | + +## Configuration + +The File System Action module is configured through the File System Action Module Wizard, which +contains the following wizard pages: + +**NOTE:** Depending on the selections on the various pages, not all pages may be accessible. + +- Welcome +- [File System Action: Action](/docs/accessanalyzer/12.0/admin/action/filesystem/action.md) +- [File System Action: Operation](/docs/accessanalyzer/12.0/admin/action/filesystem/operation.md) +- [File System Action: Prior Actions](/docs/accessanalyzer/12.0/admin/action/filesystem/prioractions.md) +- [File System Action: Environment](/docs/accessanalyzer/12.0/admin/action/filesystem/environment.md) +- [File System Action: Target](/docs/accessanalyzer/12.0/admin/action/filesystem/target.md) +- [File System Action: Parameters](/docs/accessanalyzer/12.0/admin/action/filesystem/parameters.md) +- [File System Action: Destination](/docs/accessanalyzer/12.0/admin/action/filesystem/destination.md) +- [File System Action: Rollback](/docs/accessanalyzer/12.0/admin/action/filesystem/rollback.md) +- [File System Action: Options](/docs/accessanalyzer/12.0/admin/action/filesystem/options.md) +- [File System Action: Applet Settings](/docs/accessanalyzer/12.0/admin/action/filesystem/appletsettings.md) +- [File System Action: Summary](/docs/accessanalyzer/12.0/admin/action/filesystem/summary.md) + +The Welcome page displays first and gives an overview of the action module. The navigation pane +contains links to the pages in the wizard, which may change based on the Action selected on the +Action page. + +![File System Action Module Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/parameters.md b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters.md new file mode 100644 index 0000000000..866ef0c56d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters.md @@ -0,0 +1,20 @@ +# File System Action: Parameters + +The Parameters page is available for some of the selections on the Operation page. The list of +operations below provides access to the operation-specific versions of the Parameters page for this +wizard. Click on an operation to view its associated Parameters page. + +- [Change Attributes](/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeattributes.md) +- [Change Permissions and Auditing](/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissionsauditing.md) +- [Change Permission Inheritance](/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissioninheritance.md) +- [Change Share Permissions](/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changesharepermissions.md) +- [Remove File Permissions](/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removefilepermissions.md) +- [Remove Share Permissions](/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removesharepermissions.md) +- [Add Tags](/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addtags.md) +- [Remove Tags](/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removetags.md) +- [Change Owner](/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeowner.md) + +![File System Action Module Wizard Change File Attributes Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/changeattributes.webp) + +The Navigation pane will list this as the Parameters page, but the title for each version indicates +the type of parameter to be configured. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addtags.md b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addtags.md new file mode 100644 index 0000000000..9289746c80 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addtags.md @@ -0,0 +1,39 @@ +# Add Tags + +Use the Parameters page to specify the file tags the action adds. + +![File System Action Module Wizard Add Tags Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addtags.webp) + +Use the fields provided to select tags from the drop-down lists and populate the Tag field, or edit +the field manually. The Preview field updates based on the contents of the Tag field. + +- Add Mode: + + - Append to existing tags - Adds new tags to the existing list of tags + - Overwrite existing tags - Removes all existing tags before adding newly configured tags + +**NOTE:** If choosing the option to overwrite tags, the action module will clear out both normal +tags and Boldon James tags and then proceed to apply the tags configured for overwrite. If choosing +the option to remove all tags, the action module will clear out both normal tags and Boldon James +tags. + +- Fields – Use the drop-down list to select a field (column) from the source table, then click the + blue arrow to insert the item into the **Tag** field +- Environment Variables – Select an item from the drop-down list, then click the blue arrow to + insert the item into the **Tag** field +- Preview – Shows what the compound path specified will be resolved in to +- Click **Add** to add the tag field to the list +- Click **Remove** to remove the tag field from the list + +![Boldon James Column on Add Tags Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addremovetagsboldonjames.webp) + +- Type - Select which type of tag to add. The two types of tags that can be added are: + + - Regular - Configure new tag as a regular tag + - Boldon James - Configure new tag as a Boldon James tag + + **NOTE:** The Boldon James column indicates whether a file tag is a regular tag or a Boldon + James tag. Regular tags will be identified with **0**. Boldon James tags will be identified + with **1**. + +A list of supported file types appears at the bottom of the page. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeattributes.md b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeattributes.md new file mode 100644 index 0000000000..483860c352 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeattributes.md @@ -0,0 +1,21 @@ +# Change Attributes + +Use the Change File Attributes Parameters page to change the attribute for one or more of the target +systems or data. + +![File System Action Module Wizard Change File Attributes Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/changeattributes.webp) + +Select from the following options: + +- Read-only – Set the file / folder to read only +- Archive – Archive the file / folder +- System – Stop / start a system process +- Hidden – Set the file / folder to hidden +- Compress – Compress the file / folder +- Encrypt – Encrypt the file / folder + +Attribute change options are: + +- Set – Applies the attribute +- Clear – Removes the attribute +- Leave intact – Leaves the attribute unchanged diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeowner.md b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeowner.md new file mode 100644 index 0000000000..6476c8d489 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeowner.md @@ -0,0 +1,12 @@ +# Change Owner + +Use the Change Owner Parameters page to select a trustee to be the new owner. + +![File System Action Module Wizard Change Owner Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeowner.webp) + +Use the options to enter the trustees: + +- Insert field – Use the drop-down list to select a field (column) from the source table, then click + the blue arrow +- Alternatively click **Select** to select a user or group object +- Replace owner on all child objects – Check to enable diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissioninheritance.md b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissioninheritance.md new file mode 100644 index 0000000000..e4c6577896 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissioninheritance.md @@ -0,0 +1,8 @@ +# Change Permission Inheritance + +Use the Change Permission Inheritance Parameters page to specify how to change inherited +permissions. + +![File System Action Module Wizard Change Permissions Inheritance Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissionsinheritance.webp) + +Select the desired options for adding or removing inheritance. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissionsauditing.md b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissionsauditing.md new file mode 100644 index 0000000000..eceb8c9638 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissionsauditing.md @@ -0,0 +1,30 @@ +# Change Permissions and Auditing + +Use the Change Permissions and Auditing Parameters page to specify the permissions and auditing +settings the action changes. + +![File System Action Module Wizard Change Permissions and Auditing Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissionsauditing.webp) + +Use the following options to enter the Permissions: + +- Insert field – Use the drop-down list to select a field (column) from the source table, then click + the blue arrow +- Group or user names: + + - Click **Add** to select a user or group object + - Click **Remove** to remove a user or group object + - Dynamic – Uses the host id to retrieve the applicable permissions + +In the table, select from the following options: + +- Permission – Permissions for the selected user or group object +- Action – Modify the attribute for the selected permission +- Action Apply To – Select the files or folders to apply the action to. +- Audit – Report the status of the change to the attribute +- Audit Apply To - Select the files or folders to report the status on + +Select from the following options (Multiple options can be selected): + +- Overwrite existing file explicit permissions (target object only) +- Replace permission entries on all child objects +- Apply these permissions to objects within the target container only diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changesharepermissions.md b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changesharepermissions.md new file mode 100644 index 0000000000..0c427cf6fa --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changesharepermissions.md @@ -0,0 +1,8 @@ +# Change Share Permissions + +Use the Change Share Permissions Parameters page to specify the permission status for what group or +users are to be changed. + +![File System Action Module Wizard Change Share Permissions Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changesharepermissions.webp) + +Select the desired options for changing the permissions control of the selected group or users. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removefilepermissions.md b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removefilepermissions.md new file mode 100644 index 0000000000..5fed03b34b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removefilepermissions.md @@ -0,0 +1,20 @@ +# Remove File Permissions + +Use the Remove File Permissions Parameters page to specify whose file permissions the action +removes. + +![File System Action Module Wizard Remove File Permissions Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removefilepermissions.webp) + +Use the options to enter the Permissions: + +- Insert field – Use the drop-down list to select a field (column) from the source table, then click + the blue arrow +- Group or user names: +- Click **Add** to select a user or group object +- Click **Remove** to remove a user or group object + +Specify how to change inherited permissions Select from the following options: + +- Copy others – Make them explicit +- Remove others – Remove all +- Leave all intact – Delete explicit permissions only diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removesharepermissions.md b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removesharepermissions.md new file mode 100644 index 0000000000..9b3da75b3b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removesharepermissions.md @@ -0,0 +1,15 @@ +# Remove Share Permissions + +Use the Remove Share Permissions Parameters page to specify whose share permissions the action +removes. + +![File System Action Module Wizard Remove Share Permissions Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removesharepermissions.webp) + +Use the options to enter the Permissions: + +- Insert field – Use the drop-down list to select a field (column) from the source table, then click + the blue arrow +- Group or user names: + + - Click **Add** to select a user or group object + - Click **Remove** to remove a user or group object diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removetags.md b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removetags.md new file mode 100644 index 0000000000..ca8163b4c2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removetags.md @@ -0,0 +1,39 @@ +# Remove Tags + +Use the Parameter page to specify the file tags the action removes. + +![File System Action Module Wizard Remove Tags Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removetags.webp) + +Use the fields provided to select tags from the drop-down lists and populate the Tag field, or edit +the field manually. The Preview field updates based on the contents of the Tag field. + +- Remove Mode: + + - Remove specified tags - Remove specified tags from the existing list of tags + - Remove all tags - Remove all existing tags + +**NOTE:** If choosing the option to overwrite tags, the action module will clear out both normal +tags and Boldon James tags and then proceed to apply the tags configured for overwrite. If choosing +the option to remove all tags, the action module will clear out both normal tags and Boldon James +tags. + +- Fields – Use the drop-down list to select a field (column) from the source table, then click the + blue arrow to insert the item into the **Tag** field +- Environment Variables – Select an item from the drop-down list, then click the blue arrow to + insert the item into the **Tag** field +- Preview – Shows what the compound path specified will be resolved in to +- Click **Add** to add the tag field to the list for removal +- Click **Remove** to remove the tag field from the list for removal + +![Boldon James Column on Remove Tags Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addremovetagsboldonjames.webp) + +- Type - Select which type of tag to remove. The two types of tags that can be removed are: + + - Regular - Specify a regular tag for removal + - Boldon James - Specify a Boldon James tag for removal + + **NOTE:** The Boldon James column indicates whether a file tag is a regular tag or a Boldon + James tag. Regular tags will be identified with **0**. Boldon James tags will be identified + with **1**. + +A list of supported file types appears at the bottom of the page. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/prioractions.md b/docs/accessanalyzer/12.0/admin/action/filesystem/prioractions.md new file mode 100644 index 0000000000..1348d767b5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/prioractions.md @@ -0,0 +1,8 @@ +# File System Action: Prior Actions + +The Prior Actions page is available when **Rollback a previously executed action** is selected on +the Action page . + +![File System Action Module Wizard Prior Actions page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/prioractions.webp) + +Any previously executed actions appear in the table. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/rollback.md b/docs/accessanalyzer/12.0/admin/action/filesystem/rollback.md new file mode 100644 index 0000000000..604e208e5b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/rollback.md @@ -0,0 +1,14 @@ +# File System Action: Rollback + +Use the Rollback page to apply rollback support to the action. This option provides the ability to +undo failed actions and reapply the original action settings when the action continues from where it +left off. + +**NOTE:** Not all actions support Rollback. + +![File System Action Module Wizard Rollback page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/rollback.webp) + +Use the following options: + +- Support rollback – Check to enable rollback of this action +- Add comments to be saved with this rollback – Enter a brief description to identify this rollback diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/summary.md b/docs/accessanalyzer/12.0/admin/action/filesystem/summary.md new file mode 100644 index 0000000000..219d65da33 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/summary.md @@ -0,0 +1,9 @@ +# File System Action: Summary + +The Summary page displays a summary of the configured action. + +![File System Action Module Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the File System Action Module Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/action/filesystem/target.md b/docs/accessanalyzer/12.0/admin/action/filesystem/target.md new file mode 100644 index 0000000000..7c06f1fa74 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/filesystem/target.md @@ -0,0 +1,32 @@ +# File System Action: Target + +Use the Target page to point the action module towards a file path on the specified host. +Environmental variables (for example, Program Files, SystemRoot, SAInstallDir, and so on) can be +used when creating a path as well as fields in the raw table output to populate the **Target items** +field. + +![File System Action Module Wizard Target page](/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/target.webp) + +Use the fields provided to select target items and hosts from the drop-down lists and populate the +Target items field, or edit the field manually. The Preview field updates based on the contents of +the Target items field. + +- Fields – Use the drop-down list to select a field (column) from the source table, then click the + blue arrow to insert the item into the **Target items** field +- Environment Variables – Select an item from the drop-down list, then click the blue arrow to + insert the item into the Target items field +- Target items – Enter the path to the target file or folder + + - Click the **ellipsis (…)** to browse for pattern path specification + - Click the **tick** icon to show a preview of the specified path + - Click the **Help** icon for additional information + +- Host – Select the field that identifies the systems or manually type the host to take action + against +- Use path type – Choose from the following options: + + - Local – Uses the local path + - UNC – Uses the UNC path + +- Preview – Shows what the compound path specified will be resolved in to. The text here is used to + initialize the file specification selection dialog. diff --git a/docs/accessanalyzer/12.0/admin/action/libraries.md b/docs/accessanalyzer/12.0/admin/action/libraries.md new file mode 100644 index 0000000000..878db8c207 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/libraries.md @@ -0,0 +1,61 @@ +# Action Libraries + +When creating a new action on a job, you have the ability to load action tasks that have been +preconfigured with table input, script body, and parameters. This helps you: + +- Perform operations that are not available in one of the out of the box action modules +- Build custom action workflows to satisfy common use cases +- Build custom remediation workflows, such as: + + - PowerShell Script / Action Body + - Table references + - Parameters + +On the job's **Configure** > **Action** node, the **Add from Library** option opens the Libraries +window with the available Action Libraries and operations: + +![Libraries window](/img/product_docs/accessanalyzer/12.0/admin/action/libraries.webp) + +When a specific operation within a library is chosen, the action is added in the disabled state to +the job. The Action Properties page opens, which has a description, action module, and source table +with relevant filters applied. + +When you click the **Configure Action** link, the action module's wizard opens. + +![PowerShell Action Module Wizard](/img/product_docs/accessanalyzer/12.0/admin/action/powershellmodulewizard.webp) + +The following Action Libraries and Templates leverage the PowerShell Action module for running +actions within the specific environment: + +- Active Directory +- Azure Active Directory +- ServiceNow +- SharePoint Online +- Windows + +Prerequisite information for each of the PowerShell scripts is included as part of the script +comments. Typically, a script requires necessary cmdlets available and installed, as well as +parameter inputs configured. + +## Create a Custom Action Library + +You can also create and maintain custom libraries of action tasks for easy reference and use. Once +you configure an action task as desired, follow the steps to add it to an Action Library. + +**Step 1 –** From within the Action Selections view where the custom action tasks exists, +right-click and copy the task. + +**Step 2 –** Click the **Add from Library** link to open the Libraries window. + +**Step 3 –** Click the green plus sign on the top left to add a new library. + +![Add custom library on Libraries window](/img/product_docs/accessanalyzer/12.0/admin/action/librariescustom.webp) + +**Step 4 –** In the pop-up window, specify a name for the library and click **OK**. + +![Libraries window paste button](/img/product_docs/accessanalyzer/12.0/admin/action/librariescustompaste.webp) + +**Step 5 –** Select the new library and paste the copied action task. + +The custom action task is now available for use in other jobs through the **Add from Library** +option. diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/affectedmailboxes.md b/docs/accessanalyzer/12.0/admin/action/mailbox/affectedmailboxes.md new file mode 100644 index 0000000000..36fc77d863 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/affectedmailboxes.md @@ -0,0 +1,40 @@ +# Mailbox: Affected Mailboxes + +Use the Affected Mailboxes page to select the mailboxes to target for the action. It is a wizard +page for the following operations: + +- Add/Change Permissions +- Remove Permissions +- Add Delegates, Remove Delegates +- Remove Stale SIDs + +![New Mailbox Action Wizard Affected Mailboxes page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/affectedmailboxes.webp) + +Select mailboxes to process using the following options: + +- Users found in the following column – Select this option to identify users via a data table column + + - Use the drop-down menu to select a data table column containing either the Mailbox display + name or email address + - Select a data type for the selected field using the following options: + + - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data + types: + + - Legacy Exchange DN + - Display Name + + - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active + Directory Data Collector with the following data types: + + - User DN + - Account Name + - SID + - SMTP Email Address + +- The list of users – Identifies users in one of the following ways: + + - Click **Select** to choose from the global address list (GAL) + - Manually enter a user name and click **Add**. Repeat for additional users. + - To restore anonymous permissions to folders, enter `anonymous` and click **Add** + - To remove a user, select it and click **Remove** diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/criteriaselection.md b/docs/accessanalyzer/12.0/admin/action/mailbox/criteriaselection.md new file mode 100644 index 0000000000..663759271e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/criteriaselection.md @@ -0,0 +1,16 @@ +# Mailbox: Criteria Selection + +Use the Criteria Selection page to choose search criteria saved in a previous Exchange Mailbox Data +Collector query or define new criteria. It is a wizard page for the Delete Mailbox Contents +operation. + +![New Mailbox Action Wizard Criteria Selection page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/criteriaselection.webp) + +Choose whether to use existing Mailbox Search criteria or determine new criteria: + +- Use the following criteria specified in the task – Applies a predetermined search criteria + + - Use the dropdown menu to select existing Mailbox search criteria (if any) + - Select the checkbox to modify Content Conditions of existing search criteria + +- Define a new criteria – Proceed while establishing new criteria diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/delegaterights.md b/docs/accessanalyzer/12.0/admin/action/mailbox/delegaterights.md new file mode 100644 index 0000000000..607ae60c1e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/delegaterights.md @@ -0,0 +1,39 @@ +# Mailbox: Delegate Rights + +Use the Delegate Rights page to specify folder permissions for the selected delegates. A permission +level can be specified for each folder on the page. It is a wizard page for the Add Delegates +operation. + +![New Mailbox Action Wizard Delegate Rights page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/delegaterights.webp) + +Set delegate rights using the following options: + +- The following delegate rights can be chosen to access each mailbox folder: + + - None + - Reviewer + - Contributor + - Nonediting Author + - Author + - Editor + - Publishing Author + - Publishing Editor + - Owner + +- Select a right from the drop-down menu of any desired mailbox folder, including: + + - Calendar + + **NOTE:** If Editor or a higher rights level is selected, the **Delegate receives copies of + meeting-related messages sent to me** option is enabled for selection. + + - Tasks + - Inbox + - Contacts + - Notes + - Journal + +- Propagate permissions to child folders – Select the checkbox to Propagate permissions to the child + folders of the selected folders +- Delegate can see my private items – Select the checkbox to allow a delegate to access your + personal items of the selected folders diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/folderconditions.md b/docs/accessanalyzer/12.0/admin/action/mailbox/folderconditions.md new file mode 100644 index 0000000000..b20609feb6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/folderconditions.md @@ -0,0 +1,84 @@ +# Mailbox: Folder Conditions + +Use the Folder Conditions page to customize folder search filter conditions. It is a wizard page for +the **No, the query results do not contain a mailbox identification** column option on the Folder +Identification page. + +![New Mailbox Action Wizard Folder Conditions page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderconditions.webp) + +Customize folder search conditions using the following options: + +- Select conditions – Select the checkbox next to any of the following filter conditions to apply + them to the search and add them to the Edit conditions box. Folder Conditions include: + + - With specific folder type + - With search terms in the folder name + - With specific folder(s) to include/exclude + +- Edit conditions – Any selected conditions populate here. To modify filter conditions, click the + underlined portion of the condition, which opens a corresponding window. + +## Folder Type Window + +Use the Folder Type window to select which folder types to run the action against. The Folder Type +window opens if **specific** in **with specific folder type** is selected in the Edit Conditions +box. . + +![Folder Type Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/foldertypewindow.webp) + +Select the checkbox next to any desired folder type to include it in the search criteria, including: + +- Calendar +- Contact +- Journal +- Mail +- Notes +- Task +- Reminder +- RSS Feed + +## Search Terms Window + +Use the Search Terms window to select terms contained in folder names to run the action against.The +Search Terms window opens if **search terms** is selected in the Edit Conditions box. + +![Search Terms Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/searchtermswindow.webp) + +Edit the search terms using the following options: + +- To add a term to the search, enter the desired term into the upper text box and click **Add** +- To remove a term from the search, select a term in the lower text box and click **Remove** +- Click **Clear** to clear all terms from the lower box +- Select a qualifier option: + + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing one or + more of the search terms + +- Click **Import CSV** to open a file explorer and select a CSV file to import + +## Folder Inclusion/Exclusion Window + +Use the Folder Inclusion/Exclusion window to select individual folders to add to or remove from the +action. The Folder Inclusion/Exclusion window opens if **specific** in **with specific folder(s) to +include/exclude** is selected in the Edit Conditions box. + +![Folder Inclusion/Exclusion Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderinclusionexclusionwindow.webp) + +Include/Exclude folders using the following options: + +- Click **Add** to populate a field to add a folder path + + ![New field added on Folder Inclusion/Exclusion window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderinclusionexclusionwindownew.webp) + +- Click the ellipsis (**…**) or enter the path to the desired folder in the text box +- Scope auto-populates with **This folder**. Click **This folder** to reveal a drop-down menu to + select from the following scope options: + + - This folder + - This folder and subfolders + - Subfolders only + +- The Remove button becomes enabled once a folder is added to either section. To remove a folder + from the scope, select it and click **Remove**. diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/folderidentification.md b/docs/accessanalyzer/12.0/admin/action/mailbox/folderidentification.md new file mode 100644 index 0000000000..4b53fee891 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/folderidentification.md @@ -0,0 +1,23 @@ +# Mailbox: Folder Identification + +Use the Folder Identification page to specify folders to target. It is a wizard page for the Delete +Mailbox Contents operation. + +![New Mailbox Action Wizard Folder Identification page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderidentification.webp) + +Select whether the query results contain a mailbox identification column using the following +options: + +- Yes, the query results contain a mailbox folder identification column + + - Select the mailbox identification column using the drop-down menu + - Folder Identifier Type – Choose which mailbox identifier the selected column uses: + + - Folder Path and Name – Select this option if the specified field contains a fully + qualified path + - Entry ID – Select this option if the selected field is an EntryID that is a unique + identifier for a folder + +- No, the query results do not contain a mailbox folder identification column – Selecting this + enables the Folder Conditions page, used to identify specific folders to target. See the + [Mailbox: Folder Conditions](/docs/accessanalyzer/12.0/admin/action/mailbox/folderconditions.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/identification.md b/docs/accessanalyzer/12.0/admin/action/mailbox/identification.md new file mode 100644 index 0000000000..d6b7e1c574 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/identification.md @@ -0,0 +1,38 @@ +# Mailbox: Mailbox Identification + +The Mailbox Identification page specifies the mailboxes the action targets. It is a wizard page for +the Delete Mailbox Contents operation. + +Depending on the data in the source table, users must specify a data table column containing either +the Mailbox display name or email address. + +![New Mailbox Action Wizard Mailbox Identification page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/identification.webp) + +Select which mailboxes to target using the following options: + +- Users found in the following column – Select this option to identify users via a data table column + + - Use the drop-down menu to select a data table column containing either the Mailbox display + name or email address + - Select a data type for the selected field using the following options: + + - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data + types: + + - Legacy Exchange DN + - Display Name + + - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active + Directory Data Collector with the following data types: + + - User DN + - Account Name + - SID + - SMTP Email Address + +- The list of users – Identifies users in one of the following ways: + + - Click **Select** to choose from the global address list (GAL) + - Manually enter a user name and click **Add**. Repeat for additional users. + - To restore anonymous permissions to folders, enter `anonymous` and click **Add** + - To remove a user, select it and click **Remove** diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/messageactions.md b/docs/accessanalyzer/12.0/admin/action/mailbox/messageactions.md new file mode 100644 index 0000000000..e1b23ccdb0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/messageactions.md @@ -0,0 +1,34 @@ +# Mailbox: Message Actions + +Use the Message Actions page to specify the action to take with the messages that meet the search +criteria. It is a wizard page for the **Delete Mailbox Contents** operation. + +![New Mailbox Action Wizard Message Actions page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageactions.webp) + +To select a message action, use the following options: + +- Select an action – Select the checkbox next to a message action to apply it to the search. The + selected action displays in the Edit Actions box. Possible actions include: + + - Delete – Items can be recovered via the Deleted Contents table (folder dumpster) + - Permanent Delete – Items are not recoverable + - Move to Deleted Items folder + - Delete Attachment (Append Text Options) – Deletes attachment and adds **Append Text Options** + to the Edit Conditions box + - Delete Body Text (Append Text Options) – Deletes body text and adds **Append Text Options** to + the Edit Conditions box + +- Edit conditions – Any selected conditions populate here + + - To edit a filter condition, click the underlined portion of the condition to open the + corresponding window + +## Options Window + +Use the Options window to add an appended text. The Options window opens if **Append Text Options** +is selected in the Edit Conditions box. + +![Options Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/optionswindow.webp) + +To append text to the attachment or body, select the checkbox to enable editing and enter the +desired text to append in the textbox. diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/messageconditions.md b/docs/accessanalyzer/12.0/admin/action/mailbox/messageconditions.md new file mode 100644 index 0000000000..1b49dec0fa --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/messageconditions.md @@ -0,0 +1,111 @@ +# Mailbox: Message Conditions + +Use the Message Conditions page to customize message search filter conditions. It is a wizard page +for the Delete Mailbox Contents operation. + +![New Mailbox Action Wizard Mailbox Message Conditions page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageconditions.webp) + +Customize the folder search conditions using the following options: + +- Message Category – Use the drop-down menu to select a message category + + **NOTE:** Each selection may populate various conditions in the Select Conditions section. + +- Select conditions – Select the checkbox next to any desired filter conditions to apply them to the + search. The selected conditions then show in the Edit conditions box. Message Conditions include: + + - with specific message classes + - that is created in specific date + - with search terms in the subject + - with search terms in the body + - with search terms in the subject or body + - with search terms in the message header + - with search terms in the recipient’s address + - with search terms in the sender’s address + - that has an attachment + - that is received in specific date + - with specific message ID + - that occurs in specific date + +- Edit conditions – Any selected conditions populate here + + - To edit filter conditions, click the underlined portion of the condition. This opens a + corresponding window to configure the condition, with the exception of **has attachment(s)**. + + - Clicking **has attachment(s)** changes it to **has no attachment(s** and vice versa + +## MessageClasses Window + +Use the MessageClasses window to select a message class to apply to the scope of the action. The +MessageClasses window opens if **specific** in **with specific message classes** is selected in the +Edit Conditions box. + +![MessageClasses Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageclasseswindow.webp) + +Modify message classes using the following options: + +- Click **Add** to populate a field to add a message class + + ![New class added in MessageClasses Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageclasseswindownew.webp) + +- Click the ellipsis (**…**) or enter the path to the desired folder in the text box +- Matching Strategy auto-populates with **Exact Match**. Click **Exact Match** to reveal a drop-down + menu to select from the following scope options: + + - Exact Match + - Starts With + - Contains + +- To remove a message class, select it and click **Remove** +- Click **Import CSV** to open a file explorer and select a CSV file to import + +## Data Range Selection Window + +Use the Date Range Selection window to determine a time period to scope. The Date Range Selection +window opens if **in specific date** in either the **that is created in specific date** or **that is +received in specific date** conditions is selected in the Edit condition box. + +![Data Range Selection Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/datarangeselectionwindow.webp) + +To specify a date range, use the following options: + +- Select one of the following qualifier options: + + - Over + - Last + - Before + - After + - Between + +- Configure the date range using the textbox or drop-down menus for the selected option + +## Search Terms Window + +Use the Search Terms window to select terms in messages to run the action against. The Search Terms +window opens if **search terms** in any condition is selected in the Edit Conditions box. + +![Search Terms Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/searchtermswindow.webp) + +Edit the search terms using the following options: + +- To add a term to the search, enter the desired term into the upper text box and click **Add** +- To remove a term from the search, select a term in the lower text box and click **Remove** +- Click **Clear** to clear all terms from the lower box +- Specify a qualifier option: + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing any one or + more of the search terms +- Click **Import CSV** to open a file explorer and select a CSV file to import + +## Values Window + +Use the Values window to add or remove values to or from the search. The Values window opens if +**specific** in **with specific Message ID** is selected in the Edit Conditions box. + +![Values Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/valueswindow.webp) + +- To add a term to the search, enter the desired term into the upper text box and click **Add** +- To remove a term from the search, select a term in the lower text box and click **Remove** +- Click **Clear** to clear all terms from the lower box +- Click **Import CSV** to open a file explorer and select a CSV file to import diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/operations.md b/docs/accessanalyzer/12.0/admin/action/mailbox/operations.md new file mode 100644 index 0000000000..fb15e1a534 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/operations.md @@ -0,0 +1,16 @@ +# Mailbox: Operations + +Use the Operations page to specify the operation to be performed as part of the action. + +![New Mailbox Action Wizard Operations page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/operations.webp) + +Select from the following operations: + +- Delete Mailbox Contents +- Add/Change Permissions +- Remove Permissions +- Add Delegates +- Remove Delegates +- Remove Stale SIDS + +**NOTE:** The Operation selected alters the subsequent steps displayed by the wizard. diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/overview.md b/docs/accessanalyzer/12.0/admin/action/mailbox/overview.md new file mode 100644 index 0000000000..9044022a83 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/overview.md @@ -0,0 +1,40 @@ +# Mailbox Action Module + +The Mailbox action module allows you to perform bulk operations on Microsoft Exchange mailboxes, for +example deleting mailbox content and modifying permissions and delegates. + +**CAUTION:** This action module can add, change, or remove permissions and delegates from an +environment. Always verify the data and target mailboxes prior to executing any action. + +## Mailbox Action Source Table Configuration + +All data tables used in Access Analyzer action modules require the presence of certain data columns. +In addition, individual action modules including Mailbox may have their own column requirements. The +Mailbox action module requires a column containing mailbox names. + +## Configuration + +Use the New Mailbox Action Wizard to target mailboxes or folders and to define the operation to +perform against the selected objects. The wizard has the following pages: + +- Welcome +- [Mailbox: Operations](/docs/accessanalyzer/12.0/admin/action/mailbox/operations.md) +- [Mailbox: Criteria Selection](/docs/accessanalyzer/12.0/admin/action/mailbox/criteriaselection.md) +- [Mailbox: Sampling Host](/docs/accessanalyzer/12.0/admin/action/mailbox/samplinghost.md) +- [Mailbox: Mailbox Identification](/docs/accessanalyzer/12.0/admin/action/mailbox/identification.md) +- [Mailbox: Folder Identification](/docs/accessanalyzer/12.0/admin/action/mailbox/folderidentification.md) +- [Mailbox: Folder Conditions](/docs/accessanalyzer/12.0/admin/action/mailbox/folderconditions.md) +- [Mailbox: Message Conditions](/docs/accessanalyzer/12.0/admin/action/mailbox/messageconditions.md) +- [Mailbox: Message Actions](/docs/accessanalyzer/12.0/admin/action/mailbox/messageactions.md) +- [Mailbox: Permissions](/docs/accessanalyzer/12.0/admin/action/mailbox/permissions.md) +- [Mailbox: Affected Mailboxes](/docs/accessanalyzer/12.0/admin/action/mailbox/affectedmailboxes.md) +- [Mailbox: Trusted Users](/docs/accessanalyzer/12.0/admin/action/mailbox/trustedusers.md) +- [Mailbox: Delegate Rights](/docs/accessanalyzer/12.0/admin/action/mailbox/delegaterights.md) +- [Mailbox: Summary](/docs/accessanalyzer/12.0/admin/action/mailbox/summary.md) + +The Welcome page gives an overview of the action module. The steps navigation pane contains links to +the pages in the wizard, which change based on the operation selected on the Operations page. + +![New Mailbox Action Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/permissions.md b/docs/accessanalyzer/12.0/admin/action/mailbox/permissions.md new file mode 100644 index 0000000000..f72ab334c3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/permissions.md @@ -0,0 +1,133 @@ +# Mailbox: Permissions + +Use the Permissions page to determine which permissions to remove. It is a wizard page for the +**Add/Change Permissions** and **Remove Permissions** operations. + +![New Mailbox Action Wizard Permissions page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/permissions.webp) + +Use the following options to add, change or remove Permissions: + +- User – Specifies user permissions to add or change. To select different users, click the + down-arrow to display the User window. See the [User Window](#user-window) topic for additional + information. +- Folder – Specifies the folder for which to change permissions. Click the down-arrow to display the + Folder window. See the [Folder Window](#folder-window) topic for additional information. +- Permission – Selects a permission to assign. Click the down-arrow to display the Permission + window. See the [Permission Window](#permission-window) topic for additional information. +- Propagate permissions to child folders – Propagates permissions to the child folders of the + selected folders +- Once User, Folder, and Permission are selected, click **Add** to add them to the summary of the + action to be taken +- To remove an added Permission, select it in the panel and click **Remove** + +## User Window + +Use the User window to select a user. The User window opens when the **User** down-arrow is selected +on the Permissions page. + +![User Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/userwindow.webp) + +Select a user using the following options: + +- Users found in the following column – Select this option to identify users via a data table column + + - Use the drop-down menu to select a data table column containing either the Mailbox display + name or email address + - Select a data type for the selected field using the following options: + + - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data + types: + + - Legacy Exchange DN + - Display Name + + - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active + Directory Data Collector with the following data types: + + - User DN + - Account Name + - SID + - SMTP Email Address + +- The list of users – Identifies users in one of the following ways: + + - Click **Select** to choose from the global address list (GAL) + - Manually enter a user name and click **Add**. Repeat for additional users. + - To restore anonymous permissions to folders, enter `anonymous` and click **Add** + - To remove a user, select it and click **Remove** + +## Folder Window + +Use the Folder window to select folders. The Folder window opens when the **Folder** down-arrow is +selected on the Permissions page. + +![Folder Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderwindow.webp) + +Select a folder using the following options: + +- Folder names in the following column – Select from folder names present in the column + + - Click the down arrow and select either the folder path or the Entry ID column for that folder + - Select the appropriate folder identifier type: + + - Folder Path + - Entry ID + +- The list of folders – Select one of the default folders + + - Select a folder from the drop-down menu and click **Add** + - To remove a folder, select it and click **Remove** + +## Permission Window + +Use the Permission window to specify permissions. The Permission window opens when the +**Permission** down-arrow is selected on the Permissions page. + +![Permission Window](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/permissionwindow.webp) + +Specify permissions using the following options: + +- Permissions Level – Each permission level has a set of default selections. If a setting is + changed, the Permissions Level field changes to **Custom**. Permission levels are associated with + the different permissions available for assignment through Outlook. Options include: + + - None + - Contributor + - Reviewer + - Nonediting Author + - Author + - Publishing Author + - Editor + - Publishing Editor + - Owner + +- Read – Choose the read permissions from the following: + + - None + - Full Details + +- Write – Select any desired write permissions from the following: + + - Create Items + - Create subfolders + - Edit Own + - Edit all + +- Delete Items – Choose delete permissions from the following: + + - None + - Own + - All + +- Other – Select any other permissions to apply from the following: + + - Folder owner – User has all permissions for the folder + - Folder Contact – User receives automated messages about the folder such as replication + conflict messages, requests from users for additional permissions, and other changes to folder + status + - Folder visible – User can see the folder but cannot read or edit the items within + +- To add anonymous permissions, choose **None** + + - To re-add Anonymous to the folder but not assign any access, select a permission level to + assign diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/samplinghost.md b/docs/accessanalyzer/12.0/admin/action/mailbox/samplinghost.md new file mode 100644 index 0000000000..a811044fea --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/samplinghost.md @@ -0,0 +1,26 @@ +# Mailbox: Sampling Host + +Use the Sampling Host page to specify the Exchange server to target. It is a wizard page for all +operation types. + +![New Mailbox Action Wizard Sampling Host page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/samplinghost.webp) + +Select an Exchange server to target using the following options: + +- Select the **Use Global Setting** checkbox to query the global Exchange setting +- Use the radio buttons to select a specific host +- System Attendant (2003 & 2007) – Audits Microsoft Exchange 2007 or older versions +- Use the mailbox associated with the Windows account that Access Analyzer is run with – Uses either + the account logged into the Access Analyzer Console server or the account set to run the Access + Analyzer application to access the Exchange mailbox +- Exchange Mailbox (2010 and newer) – Allows Exhange Mailbox Alias to be specified for MAPI + connections + + - When Exchange Mailbox (2010 and newer) is selected, the textbox is enabled. Enter the Alias + name in the textbox. The Alias needs to be an Exchange 2010 or newer mailbox, not a + mail-enabled service account. However, this mailbox does not need rights on the Exchange + Organization; it only needs to reside within it. + - Client Access Server – Enter the name of the physical CAS in the textbox. This server can be + part of an array, but do enter the name of a CAS Array. This should also be the Exchange CAS + where both Remote PowerShell and Windows Authentication on the PowerShell Virtual Directory + have been enabled. diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/summary.md b/docs/accessanalyzer/12.0/admin/action/mailbox/summary.md new file mode 100644 index 0000000000..7b6d82dae6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/summary.md @@ -0,0 +1,7 @@ +# Mailbox: Summary + +The Summary page summarizes the configuration of the action. + +![New Mailbox Action Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/summary.webp) + +Click **Finish** to save configuration changes and exit, or **Cancel** to exit with saving. diff --git a/docs/accessanalyzer/12.0/admin/action/mailbox/trustedusers.md b/docs/accessanalyzer/12.0/admin/action/mailbox/trustedusers.md new file mode 100644 index 0000000000..d0054068cb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/mailbox/trustedusers.md @@ -0,0 +1,47 @@ +# Mailbox: Trusted Users + +Use the Trusted Users page to select delegates to add. Users can be added individually or from a +server with a mailbox environment. It is a wizard page for the following operations: + +- Add Delegates +- Remove Delegates + +![New Mailbox Action Wizard Trusted Users page](/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/trustedusers.webp) + +Select Trusted User delegates using the following options: + +- Users found in the following column – Select this option to identify users via a data table column + + - Use the drop-down menu to select a data table column containing either the Mailbox display + name or email address + - Select a data type for the selected field using the following options: + + - Exchange (Direct and Faster) – Connects to Exchange Mailboxes using the following data + types: + + - Legacy Exchange DN + - Display Name + + - Active Directory (Cross-Call and Slower) – Connects to Exchange mailboxes using the Active + Directory Data Collector with the following data types: + + - User DN + - Account Name + - SID + - SMTP Email Address + +- The list of users – Identifies users in one of the following ways: + + - Click **Select** to choose from the global address list (GAL) + - Manually enter a user name and click **Add**. Repeat for additional users. + - To restore anonymous permissions to folders, enter `anonymous` and click **Add** + - To remove a user, select it and click **Remove** + +The following additional options are available for the Remove Delegates operation: + +- Remove Permissions for Delegate – Remove Mailbox permissions in addition to removing delegate + rights +- Remove Permissions from Child Folders – Removes permissions from child folders + + **NOTE:** This option is only enabled if the **Remove Permissions for Delegate** option is + selected. diff --git a/docs/accessanalyzer/12.0/admin/action/overview.md b/docs/accessanalyzer/12.0/admin/action/overview.md new file mode 100644 index 0000000000..5732652e01 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/overview.md @@ -0,0 +1,137 @@ +# Action Modules + +This guide describes the **Actions** node and the various action modules available for use in Access +Analyzer. This overview topic describes the basic procedure for creating and executing an action +module as well the initial steps to take when configuring an action. Each action module is described +in detail in the relevant topics. + +The Access Analyzer actions are capable of changing users, permissions, files, and objects from a +variety of environments. Action modules are assigned to a job at the **Configure** > **Actions** +node. See the [Actions Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/actions.md) topic for additional information on +the Action Selection view. + +![Action Selection page](/img/product_docs/accessanalyzer/12.0/admin/action/actionselection.webp) + +Configure the action through the Action Properties page. Navigate to the job’s **Configure** > +**Actions** node. Select **Create Action** to add a new action task to a job. Select an existing +action and click **Action Properties** to modify its configuration. The Action Properties page opens +for either option. Pre-configured action tasks can be added from the Action Library. See the +[Action Libraries](/docs/accessanalyzer/12.0/admin/action/libraries.md) topic for additional information. + +Most action modules are available with a special Access Analyzer License. The following table +provides brief descriptions of the action modules available in Access Analyzer. + +| Action Module | Description | +| ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Active Directory | Make changes to Active Directory such as deleting objects, creating users, and changing group membership. See the [Active Directory Action Module](/docs/accessanalyzer/12.0/admin/action/activedirectory/overview.md) for additional information. | +| File System | Change attributes and permissions, as well as copy, delete, move, and rename file system contents. See the [File System Action Module](/docs/accessanalyzer/12.0/admin/action/filesystem/overview.md) for additional information. | +| Mailbox | Add/change permissions, remove permissions, add/remove delegates, remove zombie SIDS, and delete mailbox content. See the [Mailbox Action Module](/docs/accessanalyzer/12.0/admin/action/mailbox/overview.md) for additional information. | +| PowerShell | Run PowerShell scripts on the local machine or on remote hosts. See the [PowerShell Action Module](/docs/accessanalyzer/12.0/admin/action/powershell/overview.md) for additional information. | +| PublicFolder | Make changes to Exchange Public Folders. See the [PublicFolder Action Module](/docs/accessanalyzer/12.0/admin/action/publicfolder/overview.md) for additional information. | +| Registry | Make changes to the system registry. See the [Registry Action Module](/docs/accessanalyzer/12.0/admin/action/registry/overview.md) for additional information. | +| SendMail | Communicate with target audiences to supply users with dynamic content from selected audit data. See the [SendMail Action Module](/docs/accessanalyzer/12.0/admin/action/sendmail/overview.md) for additional information. | +| ServiceNow | Creates incidents in ServiceNow. See the [ServiceNow Action Module](/docs/accessanalyzer/12.0/admin/action/servicenow/overview.md) for additional information. | +| SharePoint | Add/remove trustees from sites, lists, or libraries in SharePoint on-premise, apply sensitivity labels, and move files. | +| Survey | Solicit feedback from users to expedite and aid in the decision making process. See the [Survey Action Module](/docs/accessanalyzer/12.0/admin/action/survey/overview.md) for additional information. | +| Web Request | Sends data to Threat Manager. See the [WebRequest Action Module](/docs/accessanalyzer/12.0/admin/action/webrequest/overview.md) for additional information. | + +## Basic Procedure + +Actions perform operations on data tables. They reside within a job node and are associated with +that job. Access Analyzer provides many action modules and each has its own set of operations that +can be applied to selected columns in a selected data table. + +For example, the Active Directory Action Module automates specified Active Directory operations +while the SendMail Action Module can send an email to a dynamic list of users. + +The basic procedure consists of the following steps. + +**Step 1 –** Create a data table containing the target objects to be modified and exclude any +extraneous columns. + +**Step 2 –** Configure an action task using the configuration wizard for the selected action module. +Target the selected objects and apply selected operations to the data. + +**Step 3 –** Execute the action. + +### Executing Actions + +Actions with the checkbox next to their name selected in the Action Selection view are executed +automatically as part of the job’s execution. The actions are executed in the order in which they +appear in the Selection table. You can also manually execute selected actions without running the +job by clicking on the **Action Execute** link on the Action Selection view. + +## Caution on Action Modules + +**CAUTION:** Access Analyzer action modules apply bulk changes to targeted objects within the target +environment. Actions perform operations on selected objects listed in each row of the source table. +Exercise caution to ensure the action applies only the desired changes and only to the desired +target objects. + +**_RECOMMENDED:_** Prior to configuring the action module, scope the source data table to include +only the desired data. It is also recommended to run the action in a test environment before making +changes to a production environment. + +## Action Properties Page + +Use this page to view or specify properties for a selected action, including the name, description, +action module, and source table. Access this page via the Action Selection view. + +![Action Properties page for new action](/img/product_docs/accessanalyzer/12.0/admin/action/actionproperties.webp) + +**_RECOMMENDED:_** Provide unique and descriptive names and action task descriptions to all user +created action tasks. + +- Name – Action task name. For new actions, an editable default name displays. +- Description – Action task description. For new actions, this editable field is blank. +- Action Module – Drop-down menu of available action modules + + - Configure Action – Opens the configuration wizard for the selected action module + +- Source Table – Table with objects the action task acts upon. For new actions, this field is blank. + Specify a source table on which to perform the action. +- Show tables from current job only – Restricts the list of source tables available to only those + tables generated by the job where the action task resides. Deselect the checkbox to list all + available data tables. +- ID – Unique identifier, or GUID, of the action task generated by the application. With this ID, + the database can distinguish actions, even those with identical configurations. +- Data Grid – Displays a sample of the selected Source table. This data grid functions the same as + all data grids within Access Analyzer. Data can be filtered, and columns can be regrouped. See the + [Data Grid Functionality](/docs/accessanalyzer/12.0/admin/navigate/datagrid.md) topic for additional information. + +### Source Table Configuration + +All Access Analyzer actions require a source data table. The source table must contain, at a +minimum, the following columns. Include these columns in addition to any other columns required by +the action module being used. Otherwise, errors may occur upon execution of the action and with +analysis and reports downstream. + +| Required Columns | Description | +| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Host | Name of the target server | +| SA_HOST | This column determines the Access Analyzer server to which the data belongs in the event multiple Access Analyzer consoles are connected to a single database | +| JobRunTimeKey | Contains the run time and date for the job. If history is active, Access Analyzer can identify data collected during a specific collection execution. | +| rowGUID | Identifies each data row as unique. The datatype in the table is uniqueidentifier (GUID). | +| RowKey | Identifies each data row as unique. Sometimes the value is a GUID, but the datatype in the table is a varchar (text string). | + +_Remember,_ the individual action modules may have their own column requirements in addition to the +above. + +#### Data Tables + +Access Analyzer native data tables generally contain all of the above columns. However, if all +required columns are not present by default, add them manually. + +**CAUTION:** Do not use native data tables in action modules. Source data tables in actions should +include only the data desired for the operation. Scope the data tables to include only the required +columns prior to configuring the action. + +#### Module-Specific Source Table Requirements + +Access Analyzer action modules contain one or more selectable operations, many of which have their +own column requirements. Thus, in addition to excluding extraneous columns from the data tables, +include in the tables any columns required by the selected operation. The columns can have any name, +but they must contain the data required by the operation. + +For example, in the Active Directory Action Module, the Create Groups operation requires a column +containing the group name. diff --git a/docs/accessanalyzer/12.0/admin/action/powershell/executionoptions.md b/docs/accessanalyzer/12.0/admin/action/powershell/executionoptions.md new file mode 100644 index 0000000000..8c29dc143e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/powershell/executionoptions.md @@ -0,0 +1,24 @@ +# PowerShell Action: Execution Options + +Specify the execution options for the PowerShell script using the Execution Options page. + +![PowerShell Action Module Wizard Execution Options page](/img/product_docs/accessanalyzer/12.0/admin/action/powershell/executionoptions.webp) + +The options on the Execution Options page are: + +- Execute script locally on the Access Analyzer server – Enable this to execute the PowerShell + script on the Access Analyzer server + + - Use the same PowerShell session for each row – Select to enable using the same PowerShell + session to run multiple rows + +- Execute script remotely on a target server – Enable this to execute the PowerShell script on a + remote target server + + - Use the **Remote host** dropdown to select the database column that will be used as the target + server name or type in a network host name + - Select the **Fall back to the local Access Analyzer server if the remote execution fails** + option to use the Access Analyzer server if remote execution fails + +- Use impersonation within server executable – Select this option to use impersonation when + executing the PowerShell script diff --git a/docs/accessanalyzer/12.0/admin/action/powershell/overview.md b/docs/accessanalyzer/12.0/admin/action/powershell/overview.md new file mode 100644 index 0000000000..4250c9f155 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/powershell/overview.md @@ -0,0 +1,27 @@ +# PowerShell Action Module + +The PowerShell action module provides methods of running PowerShell scripts on the local machine or +on remote hosts. Define PowerShell scripting actions using the PowerShell Action Module Wizard. + +**CAUTION:** Ensure that only the changes required are applied and only to those target systems +desired. + +Access Analyzer action modules contain one or more selectable operations. Each operation performs +its function on a single object per row from the source table defined in the action. + +## Configuration + +The PowerShell action module is configured through the PowerShell Action Module Wizard, which +contains the following wizard pages: + +- Welcome +- [PowerShell Action: Script](/docs/accessanalyzer/12.0/admin/action/powershell/script.md) +- [PowerShell Action: Execution Options](/docs/accessanalyzer/12.0/admin/action/powershell/executionoptions.md) +- [PowerShell Action: Summary](/docs/accessanalyzer/12.0/admin/action/powershell/summary.md) + +The Welcome page displays first and gives an overview of the action module. The navigation pane +contains links to the pages in the wizard. + +![PowerShell Action Module Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/action/powershell/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/action/powershell/script.md b/docs/accessanalyzer/12.0/admin/action/powershell/script.md new file mode 100644 index 0000000000..3b954cb1f5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/powershell/script.md @@ -0,0 +1,79 @@ +# PowerShell Action: Script + +The Script page enables you to input the PowerShell script that will be used to perform the +requested action. Built-in variables are available for use in the script. + +![PowerShell Action Module Wizard Script page](/img/product_docs/accessanalyzer/12.0/admin/action/powershell/script.webp) + +The PowerShell script can be entered manually into the Script window at the top of the Script page. +To open a pre-existing PowerShell script from a file, click **Open** to select the script file. + +At the bottom of the page are three tabs that can be used to configure the PowerShell action module +further. The tabs are: + +- [Columns](#columns) +- [Parameters](#parameters) +- [Input Data](#input-data) + +## Columns + +Use the Columns tab to select the available columns. + +![Columns tab](/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptcolumns.webp) + +The table in the Columns tab displays the Columns that can be used for the PowerShell script. To use +a Column, select the checkbox under the **Use** column. + +![Right-click menu](/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptrightclickoption.webp) + +Right-clicking any of the variable names brings up a **Copy variable name** option that enables +users to paste the variable name into the PowerShell script. + +## Parameters + +The Parameters tab contains options to add, edit, or delete user-made PowerShell parameters. + +![Parameters tab](/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptparamters.webp) + +The options are: + +- Add – Clicking **Add** opens the Add/Edit Variable window. See the + [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. +- Edit – Select an existing parameter and click **Edit** to open the Add/Edit Variable window. See + the [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. + + - Double-clicking an existing parameter also opens the **Add/Edit Variable** window + +- Delete – Delete a selected parameter + +**NOTE:** The built-in default parameters cannot be edited or deleted. + +### Add/Edit Variable Window + +Configure options for a new or existing parameter using the Add/Edit Variable window. + +![Add/Edit Variable Window](/img/product_docs/accessanalyzer/12.0/admin/action/powershell/addeditvariable.webp) + +The options are: + +- Name – Enter or edit the name for the custom parameter +- Description – Enter or edit the description for the custom parameter +- Type – Select the Type from a dropdown list. The options are: + + - String + - List + - Filepath + - Boolean + - Long + - Double + +- Value – Enter or edit the value for the custom parameter + +## Input Data + +Preview how the input data will look in the Input Data tab. + +![Input Data tab](/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptinputdata.webp) + +Information in the Input Data tab varies depending on which source table the PowerShell action +module is configured to pull data from. diff --git a/docs/accessanalyzer/12.0/admin/action/powershell/summary.md b/docs/accessanalyzer/12.0/admin/action/powershell/summary.md new file mode 100644 index 0000000000..22cc3a93a0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/powershell/summary.md @@ -0,0 +1,8 @@ +# PowerShell Action: Summary + +View a summary of configured options on the Summary page. + +![PowerShell Action Module Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/action/powershell/summary.webp) + +Click **Finish** to save changes and exit the PowerShell Action Module Wizard. Click **Cancel** to +exit the wizard without saving. diff --git a/docs/accessanalyzer/12.0/admin/action/publicfolder/action.md b/docs/accessanalyzer/12.0/admin/action/publicfolder/action.md new file mode 100644 index 0000000000..4e5661aa07 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/publicfolder/action.md @@ -0,0 +1,18 @@ +# Public Folder: Action + +The Action page specifies the basic action to perform on public folders. The pages available for +selection in the Steps pane adjust based on this selection. + +**NOTE:** Once an action is selected and saved, and the wizard is closed, this page is no longer +available and the selection cannot be altered. + +![Public Folder Action Module Wizard Action page](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/action.webp) + +Choose from the following actions: + +- Define a new action – Enables the Operation page where the operation on which the action is based + is selected +- Rollback a previously executed action – Enables the Prior Actions page where a list of previously + executed actions is displayed and a selected action may be rolled back. Not all operations support + rollback, and the Support Rollback option must be enabled prior to execution for the action to be + eligible for rollback. diff --git a/docs/accessanalyzer/12.0/admin/action/publicfolder/folders.md b/docs/accessanalyzer/12.0/admin/action/publicfolder/folders.md new file mode 100644 index 0000000000..3aa9b45add --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/publicfolder/folders.md @@ -0,0 +1,20 @@ +# Public Folder: Folders + +The Folders page identifies which public folders are targeted by this action. + +![Public Folder Action Module Wizard Folders page](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/folders.webp) + +The options on this page are: + +- Public folder identifier – Select a field using the dropdown menu + + - Field – Column names + + **NOTE:** The displayed fields vary depending on the Source Table selected during the + creation of the new action + +- Folder identifier type – Select a folder type option + + - Entry ID – Select this option if the field contains an Entry ID + - Folder path and name – Select this option if the field contains a fully qualified path and + name diff --git a/docs/accessanalyzer/12.0/admin/action/publicfolder/mapisettings.md b/docs/accessanalyzer/12.0/admin/action/publicfolder/mapisettings.md new file mode 100644 index 0000000000..62a5873f46 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/publicfolder/mapisettings.md @@ -0,0 +1,15 @@ +# Public Folder: MAPI Settings + +Use the MAPI Settings page to specify the proper MAPI settings. + +![Public Folder Action Module Wizard MAPI Settings page](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/mapisettings.webp) + +Use the following options to configure the action: + +- Use Global setting – The default setting in the Exchange Global Settings displays +- System Attendant (2003 & 2007) +- Use the mailbox associated with the Windows account on which Access Analyzer is run +- Exchange Mailbox (2010 and newer) – If targeting a 2010 Exchange Server, specify the CAS server. + This is also where the MAPI setting is selected. + + - Client Access Server – Enter the Domain Name in this field diff --git a/docs/accessanalyzer/12.0/admin/action/publicfolder/operations.md b/docs/accessanalyzer/12.0/admin/action/publicfolder/operations.md new file mode 100644 index 0000000000..48d792aecb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/publicfolder/operations.md @@ -0,0 +1,171 @@ +# Public Folder: Operations + +Use the Operations page to specify the operations to perform as part of the action. + +![Public Folder Action Module Wizard Operations page](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/operations.webp) + +The **Add operation** drop-down menu lists the operations that can be performed. Each operation +opens a corresponding window. Operations include: + +- Rename – See the [Rename Folder Window](#rename-folder-window) topic for additional information +- Change permissions – See the [Change Permissions Window](#change-permissions-window) topic for + additional information +- Custom attributes – See the [Custom Attributes Window](#custom-attributes-window) topic for + additional information +- Replicas – See the [Replicas Window](#replicas-window) topic for additional information +- Limits – See the [Limits Window](#limits-window) topic for additional information +- Delete – See the [Delete Folder Window](#delete-folder-window) topic for additional information + +The buttons to the right of the drop-down control the operations in the field: + +- Edit – Allows you to alter operation settings +- Add – Places selected operation one step above its current position +- Down – Places selected operation one step below its current position +- Delete – Removes a selected operation + +## Rename Folder Window + +Use the Rename Folder window to rename selected folders. It is a wizard page for the Rename +operation. + +![Rename Folder Window](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/renamefolder.webp) + +Rename folders using the following options: + +- Select a field from the dropdown menu and click **Add** to add it to the list below + + **NOTE:** The available fields vary based on the source table. + +- New name – Enter the name to replace an existing folder name + +## Change Permissions Window + +Use the Change Permissions window to change the permissions. It is a wizard page for the Change +permissions operation. + +![Change Permissions Window](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/changepermissions.webp) + +Change permissions using the following options: + +- Username – Select a user or create a list of users to edit permissions for + + - To add a user, type in the field to search for a user, select it, and click **Add** + - Click **Select** to open a list with usernames to select from + - To delete a user, select an added user and click **Delete** + +- Dynamic users – Select a user using the dropdown menu +- Mode – Select whether to change or remove permissions +- Permissions – Determine Permission level and assign permissions to the user + + - Permission level – Use the drop-down menu to select a permission level from the following: + + - Reviewer + - Contributor + - Nonediting Author + - Author + - Editor + - Publishing Author + - Publishing Editor + - Owner + - Custom + + - Select the checkbox to assign a permission to any of the following: + + - Create items – User can create items + - Read items – User can read items + - Create Subfolders – User can create subfolders + - Folder owner – User can view and move the public folder, create subfolders, and set + permissions for the folder, but cannot read, edit, delete, or create items + - Folder contact – Set user as the contact for the specified public folder + - Folder visible – User can view the specified public folder but cannot read or edit the + items within + + **NOTE:** Different permissions become automatically selected based on which permission + level is selected. To override this default, select the checkbox of the unwanted permission + to deselect it. If a desired checkbox is blocked by a black square, click the square to + unblock the checkbox. The checkbox can then be selected or unselected. + + - Edit items – Use the drop-down menu to determine user editing permissions from the following: + + - No change + - None + - Allow own + - Deny any + - Own only + - All + + - Delete items – Use the drop-down menu to determine user deletion permissions from the + following: + + - No change + - None + - Allow own + - Deny any + - Own only + - All + +- Overwrite folder permissions with these conditions +- Remove unresolved SIDs + +## Custom Attributes Window + +Use the Custom Attributes window to select custom attributes. It is a wizard page for the Custom +Attributes operation. + +![Custom Attributes Window](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/customattributes.webp) + +Select attributes using the following options: + +- Select a checkbox to set any custom attribute list +- Select a Field from the dropdown list and click **Add** to add the field to the custom attribute + + **NOTE:** Multiple fields may be added to a custom attribute. Fields added to a custom attribute + can be modified or deleted manually. + +## Replicas Window + +Use the Replicas window to replicate servers. It is a wizard page for the Replicas operation. + +![Replicas Window](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/replicas.webp) + +Replicate servers using the following options: + +- Select a server from the dropdown menu and click **Add**. The servers listed will be replicated. +- Select a server from the list and click **Delete** to remove it from the list of replicated + servers +- Select the **Remove last replica** option to delete the replica created when the action was last + run + +## Limits Window + +Use the Limits window to select limits to the action. It is a wizard page for the Limits operation. + +![Limits Window](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/limits.webp) + +Use the options to select any changes for the categories. If applicable, use the dropdown to select +desired values related to the corresponding option. + +- Issue warning +- Prohibit post +- Maximum Item Size +- Deletion settings +- Age limits + +## Delete Folder Window + +Use the Delete Folder window to select deletion settings for the action. It is a wizard page for the +Delete operation. + +![Delete Folder Window](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/deletefolder.webp) + +Select deletion settings using the following options: + +- Select the delete method + + - Soft – Delete the folder but retain a backup copy for a defined period of time + - Hard – Delete the folder permanently, without retaining a backup + +- Optionally, select a checkbox to apply any exception + + - Do not delete folders with subfolders + - Do not delete folders with content diff --git a/docs/accessanalyzer/12.0/admin/action/publicfolder/options.md b/docs/accessanalyzer/12.0/admin/action/publicfolder/options.md new file mode 100644 index 0000000000..274aea5d8d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/publicfolder/options.md @@ -0,0 +1,14 @@ +# Public Folder: Options + +Use the Options page to edit the thread settings. + +**CAUTION:** Increasing the thread count increases the processing load on the servers. + +![Public Folder Action Module Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/options.webp) + +Use the following options to configure the operations: + +- Number of threads per server – Adjust the number of threads the server processes at a time. The + default is set to one. +- Number of servers to process in parallel – Adjust the number of servers to process at a time. The + default is set to two. diff --git a/docs/accessanalyzer/12.0/admin/action/publicfolder/overview.md b/docs/accessanalyzer/12.0/admin/action/publicfolder/overview.md new file mode 100644 index 0000000000..5021379d03 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/publicfolder/overview.md @@ -0,0 +1,39 @@ +# PublicFolder Action Module + +The Public Folder action module allows users to make bulk changes to selected Microsoft Exchange +public folders by adding, changing, or removing folders and permissions from the environment. Use +the Pubic Folder Action Module Wizard to choose the data table column that identifies the folders +and to configure the operations performed against the selected folders. + +Prior to configuring the Pubic Folder Action Module Wizard, scope the source data table to ensure +the actions apply only to the desired folders. + +**CAUTION:** Be careful when using this action module. Make sure that only the changes required are +applied and only to those target folders desired. Always verify the data prior to execution of any +action. + +**_RECOMMENDED:_** Although rollbacks for some actions are available, having to use one should be +avoided + +## Configuration + +The Public Folder action module is configured through the Public Folder Action Module Wizard, which +contains the following wizard pages: + +- Welcome +- [Public Folder: Action](/docs/accessanalyzer/12.0/admin/action/publicfolder/action.md) +- [Public Folder: Prior Actions](/docs/accessanalyzer/12.0/admin/action/publicfolder/prioractions.md) +- [Public Folder: Folders](/docs/accessanalyzer/12.0/admin/action/publicfolder/folders.md) +- [Public Folder: MAPI Settings](/docs/accessanalyzer/12.0/admin/action/publicfolder/mapisettings.md) +- [Public Folder: Operations](/docs/accessanalyzer/12.0/admin/action/publicfolder/operations.md) +- [Public Folder: Rollback](/docs/accessanalyzer/12.0/admin/action/publicfolder/rollback.md) +- [Public Folder: Options](/docs/accessanalyzer/12.0/admin/action/publicfolder/options.md) +- [Public Folder: Summary](/docs/accessanalyzer/12.0/admin/action/publicfolder/summary.md) + +The Welcome page gives an overview of the action module. The navigation pane contains links to the +pages in the wizard. Review the introductory and caution information about the Public Folder Action +Module before proceeding. + +![Public Folder Action Module Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/action/publicfolder/prioractions.md b/docs/accessanalyzer/12.0/admin/action/publicfolder/prioractions.md new file mode 100644 index 0000000000..2b66004f36 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/publicfolder/prioractions.md @@ -0,0 +1,14 @@ +# Public Folder: Prior Actions + +The Prior Actions page selects previously executed actions for rollback. It is a wizard page when +**Rollback a previously executed action** is selected on the Action page. + +**NOTE:** Once an action is selected and saved, and the wizard is closed, this page is no longer +available and the selection cannot be altered. + +![Public Folder Action Module Wizard Prior Actions page](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/prioractions.webp) + +The options on this page are: + +- Select a previously executed action (if available) to rollback +- Click **Clear rollback record** to remove all actions from the list diff --git a/docs/accessanalyzer/12.0/admin/action/publicfolder/rollback.md b/docs/accessanalyzer/12.0/admin/action/publicfolder/rollback.md new file mode 100644 index 0000000000..c4598ea666 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/publicfolder/rollback.md @@ -0,0 +1,12 @@ +# Public Folder: Rollback + +Use the Rollback page to enable rollback capabilities for the action. If rollback isn’t selected at +this step, the applied operations cannot be rolled back after execution of the action module. + +![Public Folder Action Module Wizard Rollback page](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/rollback.webp) + +The options on this page are: + +- Support rollback – Select to enable rollback of this action +- Add additional comments to be saved with this rollback – Optionally, enter a brief description to + identify this rollback diff --git a/docs/accessanalyzer/12.0/admin/action/publicfolder/summary.md b/docs/accessanalyzer/12.0/admin/action/publicfolder/summary.md new file mode 100644 index 0000000000..ad7ca56a97 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/publicfolder/summary.md @@ -0,0 +1,9 @@ +# Public Folder: Summary + +The Summary page summarizes the configuration of the action. + +![Public Folder Action Module Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Public Folder Action Module Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/action/registry/operations.md b/docs/accessanalyzer/12.0/admin/action/registry/operations.md new file mode 100644 index 0000000000..c904874cdb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/registry/operations.md @@ -0,0 +1,136 @@ +# Registry: Operations + +Use the Operations page to select the operations to apply to the target hosts. See the +[Registry: Target Hosts](/docs/accessanalyzer/12.0/admin/action/registry/targethosts.md) topic for additional information. + +![Registry Action Module Wizard Operations page](/img/product_docs/accessanalyzer/12.0/admin/action/registry/operations.webp) + +Select and configure the operations using the following options: + +- Add operation – Use the drop-down menu to select an operation to perform on the target host. This + opens a corresponding window for configuration. Operations include: + + **NOTE:** Window options vary based on the operation selected from the drop-down menu. + + - New Registry Value – Used to add a new registry value to the list + - Modify registry value – Used to modify an existing registry value in the list + - Delete registry value – Used to delete an existing registry value + - New registry key – Used to add a new registry key to the list + - Rename registry key – Used to rename a registry key in the list + - Delete registry key – Used to delete a registry key from the list + - Change registry permissions – Used to alter registry permissions + +- Edit – Accesses the editing window for the selected operation +- Up – Moves the selected operation up in the list +- Down – Moves the selected operation up in the list +- Delete – Deletes the selected operation + +## Registry Browser Window + +Use the Registry Browser window to navigate a computer’s registry and select a key. + +![Registry Browser Window](/img/product_docs/accessanalyzer/12.0/admin/action/registry/registrybrowser.webp) + +Select a key using the following options: + +- Computer name – By default, the Registry browser connects to the local machine + + - If the desired registry item is on the local machine, browse the registry, and select the item + - To connect to the registry of another machine: + + - Enter the hostname in the **Computer name** textbox + - Click **Connect**, then browse the registry of that machine + - Select the desired registry item + +- Connect – Attempts to connect to the registry of the machine specified in the **Computer name** + field +- 64-bit view – The default view is 32-bit. Select the **64-bit view** checkbox to switch to a + 64-bit view. + +## Select Users or Groups Window + +Use the Select Users or Groups window to select a user, group, or built-in security principal. + +![Select Users or Groups Window](/img/product_docs/accessanalyzer/12.0/admin/action/registry/selectusersgroups.webp) + +The options are: + +- Select this object type – Displays types that are queried against + + - Click **Object Types** to open the Object Types window and select the types to query against. + See the [Object Types Window](#object-types-window) topic for additional information. + +- From this location – Displays the location the intended objects are found + + - Click **Locations** to open the Locations window and set the location to be queried. See the + [Locations Window](#locations-window) topic for additional information. + +- Enter the object names to select – Select names of objects to query + + - Click **Check Names** to confirm the selected manually-entered object name is viable + +- Advanced – Click **Advanced** to open an advanced version of the Select Users and Groups Window + and further configure the query. See the + [Advanced Select Users and Groups Window](#advanced-select-users-and-groups-window) topic for + additional information. + +### Object Types Window + +Use the Object Types window to select which types of objects to query. + +![Object Types Window](/img/product_docs/accessanalyzer/12.0/admin/action/registry/objecttypes.webp) + +Select any of the following objects: + +- Built-in security principals +- Groups +- Users + +### Locations Window + +Use the Locations window to select a location. + +![Locations Window](/img/product_docs/accessanalyzer/12.0/admin/action/registry/locations.webp) + +Select a location using the explorer. + +### Advanced Select Users and Groups Window + +Use the Advanced Select Users and Groups window to search for items with a finer focus. + +![Advanced Select Users and Groups Window](/img/product_docs/accessanalyzer/12.0/admin/action/registry/advancedselectusersgroups.webp) + +This window contains the same options as the main Select Users or Groups window, but with the +following additional options: + +- Common Queries + + - Name – Select a name of a user, group, or security principal to search for + + - Select a qualifier from the dropdown + + - Starts with + - Is exactly + + - Manually enter the name + +- Columns – Click **Columns** to open the Choose Columns window. See the + [Choose Columns Window](#choose-columns-window) topic for additional information. +- Find now – Click **Find Now** to search for objects matching the selected criteria +- Stop – While a search is running , the **Stop** button is available. Click **Stop** to halt the + search before it is completed. +- Search Results – Displays results from a search + +#### Choose Columns Window + +Use this window to select columns. The columns available varies based on the source table originally +selected. + +![Choose Columns Window](/img/product_docs/accessanalyzer/12.0/admin/action/registry/choosecolumns.webp) + +Choose columns using the following options: + +- To add an available column, select it in **Columns available** and click **Add** to place it in + **Columns shown** +- To remove a column, select it in **Columns shown** and click **Remove** to place it in **Columns + available** diff --git a/docs/accessanalyzer/12.0/admin/action/registry/overview.md b/docs/accessanalyzer/12.0/admin/action/registry/overview.md new file mode 100644 index 0000000000..ec61a9ae5c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/registry/overview.md @@ -0,0 +1,39 @@ +# Registry Action Module + +The Registry action module allows users to make bulk changes to the Microsoft Windows Registry. Use +the Registry Action Module Wizard to choose the data table column that identifies the folders and to +configure the operations performed against the selected folders. The Registry action module requires +a column containing the hosts to be targeted. + +Prior to configuring the Registry Action Module Wizard, scope the source data table to ensure the +actions apply only to the desired hosts. + +**CAUTION:** Unexpected values in the registry can cause major system failures when deleting or +modifying registry items. + +**_RECOMMENDED:_** Backup the system registry before making changes using the Registry action +module. + +## Registry Action Source Table Configuration + +All data tables used in Access Analyzer action modules require the presence of certain data columns. +In addition, individual action modules including Registry may have their own column requirements. +The Registry action module requires a column containing the hosts that are going to be targeted. + +## Configuration + +The Registry action module is configured through the Registry Action Module Wizard, which contains +the following wizard pages: + +- Welcome +- [Registry: Target Hosts](/docs/accessanalyzer/12.0/admin/action/registry/targethosts.md) +- [Registry: Operations](/docs/accessanalyzer/12.0/admin/action/registry/operations.md) +- [Registry: Summary](/docs/accessanalyzer/12.0/admin/action/registry/summary.md) + +The Welcome page gives an overview of the Registry Action Module Wizard. The steps navigation pane +contains links to the pages in the wizard. Review the introductory and caution information about the +Registry Action Module before proceeding. + +![Registry Action Module Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/action/registry/welcome.webp) + +To proceed, click Next or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/action/registry/summary.md b/docs/accessanalyzer/12.0/admin/action/registry/summary.md new file mode 100644 index 0000000000..5394ec7f6c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/registry/summary.md @@ -0,0 +1,9 @@ +# Registry: Summary + +The Summary page summarizes the configuration of the action. + +![Registry Action Module Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/action/registry/summary.webp) + +When done configuring the action, click **Finish**. If no changes were made, it is a best practice +to click **Cancel** to close the Registry Action Module Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/action/registry/targethosts.md b/docs/accessanalyzer/12.0/admin/action/registry/targethosts.md new file mode 100644 index 0000000000..4cd7a3b709 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/registry/targethosts.md @@ -0,0 +1,10 @@ +# Registry: Target Hosts + +Use the Target Hosts page to identify the target hosts whose registries the action examines or +alters. + +![Registry Action Module Wizard Target hosts page](/img/product_docs/accessanalyzer/12.0/admin/action/registry/targethosts.webp) + +Use the drop-down menu to select the field that identifies the systems to be targeted. The list +displays columns from the specified source table. The action applies the specified operations to all +systems in the field. diff --git a/docs/accessanalyzer/12.0/admin/action/sendmail/message.md b/docs/accessanalyzer/12.0/admin/action/sendmail/message.md new file mode 100644 index 0000000000..2e98396622 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/sendmail/message.md @@ -0,0 +1,79 @@ +# SendMail Action: Message + +Use the Message page to specify the text of the email. + +![Send Mail Action Module Wizard Message page](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/message.webp) + +Use the following fields to specify the text of the email: + +- Subject – Specify a subject for the email. The contents of this field displays as the subject line + of the delivered email. Enter text directly and optionally use the Insert field to insert one or + more data fields. This is a required field. +- Insert Field – Inserts a data field into the subject or body of the email. The drop-down menu + displays a list of available fields. Once a selection displays in the field, click on the blue Up + and Down arrows to insert the field into the body or the subject, respectively. This field is + optional. +- Show sample input source data – To display a table of sample source data, click the icon next to + the blue arrows. +- Show dialog to set SMTP options – To override the global SMTP settings, click the icon next to the + blue arrows to display the SMTP Options dialog box +- Preview – Displays the Message Preview window containing a preview of the current SendMail. Click + **Send** to send a single message to the addresses in the Recipient field in the Message Preview + window. The Preview button is active only if the Recipients field is populated on the Properties + page of the Send Mail Action Module Wizard. See the + [Messages Preview Window](#messages-preview-window) topic for additional information. +- Clear Template – Clears any content from the Subject and Text Entry box +- Load from template – Accesses a list of message templates. This field is optional. The following + templates are available: + + - Active Directory Cleanup + - Distribution List Cleanup + - Mailbox Cleanup + - Open Shares Lockdown + - Public Folder Cleanup + - Sensitive Group Review + - Shared Folder Cleanup + - Unauthorized Software Cleanup + +- Message templates include sample email text describing the reason for the message and the next + steps requested of, or required by, the user. They may also include dynamic content taken from the + specified table, for example the user name. + + - Save to template – Saves the current email subject and content to a template. If an existing + template name appears in the Load from template field, clicking this button updates that + template. If the Load from template field is empty or contains a name other than one of the + existing templates, clicking this button opens the Save SendMail Template window and saves the + changes to a new template. Templates reside locally on the host computer as XML files, in the + `Actions/SM_Templates` folder. + +## Text Entry Box + +The Text Entry box allows you to compose a message. A Microsoft Word-style editor provides +formatting options including the ability to insert dynamic text from the specified table (such as a +username) through the Insert field option. Use the editor to personalize the content and appearance +of each message. + +Example: + +Assume the source table includes a column containing the names of intended recipients. Place the +cursor in the greeting section of the email. Next, select that field from the Insert field drop-down +list and click the down arrow to insert a dynamic field. The column name appears in the Text Entry +box, enclosed by brackets: + +Dear [ProbableOwner]; + +You are approaching your Mailbox storage quota. Please clean up any unneeded items. + +Thank you, + +The Messaging Team + +## Messages Preview Window + +The Messages Preview window displays a preview of the email, including any dynamic fields. This +window displays after clicking the **Preview** button. + +![Messages preview window](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/messagespreview.webp) + +- Blue arrow buttons – Click to view other recipients +- Send – Sends a single message to the addresses in the Recipients field diff --git a/docs/accessanalyzer/12.0/admin/action/sendmail/overview.md b/docs/accessanalyzer/12.0/admin/action/sendmail/overview.md new file mode 100644 index 0000000000..c6f166a8cf --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/sendmail/overview.md @@ -0,0 +1,37 @@ +# SendMail Action Module + +Use this action module to send dynamic and static content from selected audit data to targeted +audiences. + +The SendMail Action Module has multiple uses, for example: + +- Send notifications of important IT initiatives or planned service outages +- In combination with other Access Analyzer action modules such as Survey, create an end-to-end + workflow to contact clients and solicit feedback for use in the decision-making process + +**CAUTION:** This module sends one or more electronic messages to a selected audience. Prior to +executing the action, ensure the audience consists of only the desired members. + +## Source Table Configuration + +All data tables used in Access Analyzer action modules require the presence of certain data columns. +In addition, individual action modules including SendMail may have their own column requirements. +The SendMail Action Module requires a column containing well-formatted email addresses (for example, +`hfinn@netwrix.com`) for your recipients. + +## Configuration + +The SendMail Action module is configured through the SendMail Action Module Wizard, which contains +the following wizard pages: + +- Welcome +- [SendMail Action: Properties](/docs/accessanalyzer/12.0/admin/action/sendmail/properties.md) +- [SendMail Action: Message](/docs/accessanalyzer/12.0/admin/action/sendmail/message.md) +- [SendMail Action: Summary](/docs/accessanalyzer/12.0/admin/action/sendmail/summary.md) + +The Welcome page displays first and gives an overview of the action module. The navigation pane +contains links to the pages in the wizard. + +![Send Mail Action Module Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/overview.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/action/sendmail/properties.md b/docs/accessanalyzer/12.0/admin/action/sendmail/properties.md new file mode 100644 index 0000000000..b2827bfd44 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/sendmail/properties.md @@ -0,0 +1,22 @@ +# SendMail Action: Properties + +Use the Properties page to specify the recipients of the email. + +![Send Mail Action Module Wizard Properties page](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/properties.webp) + +Use the following fields to specify the recipient information: + +- Recipient column – Use the drop-down menu to specify the column from the data table containing + intended recipients, for example a column containing email addresses +- Recipient type – Use the drop-down menu to specify the data type of the Recipient column, for + example SMTP mail address +- Carbon copy (CC) – Optionally, specify one or more additional email addresses to receive a + carbon-copy of the SendMail message, for example an address not included in the source table. + + - Use the following email address – Enter one or more additional email addresses. Separate + multiple addresses with a semi-colon and a space. + - Use a column from the table – Use the drop-down menu to specify a column from the data table + +- Combine multiple messages into a single message when all recipients are the same – Select this + checkbox to send only one message to each recipient as a result of this action (even recipients + who appear more than once in the job results) diff --git a/docs/accessanalyzer/12.0/admin/action/sendmail/summary.md b/docs/accessanalyzer/12.0/admin/action/sendmail/summary.md new file mode 100644 index 0000000000..77a39289a5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/sendmail/summary.md @@ -0,0 +1,12 @@ +# SendMail Action: Summary + +The Summary page displays the SendMail configuration. + +![Send Mail Action Module Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Send Mail Action Module Wizard to ensure that no accidental clicks are +saved. + +To view the status of executed SendMail actions, see the +[Viewing the Status of SendMail Actions](/docs/accessanalyzer/12.0/admin/action/sendmail/viewstatus.md) for additional information. diff --git a/docs/accessanalyzer/12.0/admin/action/sendmail/viewstatus.md b/docs/accessanalyzer/12.0/admin/action/sendmail/viewstatus.md new file mode 100644 index 0000000000..cb5d065e58 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/sendmail/viewstatus.md @@ -0,0 +1,38 @@ +# Viewing the Status of SendMail Actions + +Follow the steps to view the status of an executed SendMail action: + +![Analysis Properties page for SendMail View Status Analysis task](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusanalysisproperties.webp) + +**Step 1 –** Create a new SQLViewCreation analysis and choose **Configure Analysis**. The View and +Table Creation Analysis Module wizard opens. + +![Input Source wizard page](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusinputsource.webp) + +**Step 2 –** On the Input Source page, choose the original source table for the SendMail action as +the first table and `tablename_ActionStatus` as the second table. For example, if the source table +is `MailEnabledPF`, then select `MailEnabledPF_ActionStatus` as the second table. + +![Join Columns wizard page](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusjoincolumns.webp) + +**Step 3 –** For **Table 1 join property**, specify the column recipient of the SendMail action. For +example, if sent to SMTP address, specify **SMTPaddress** as the column. For **Table 2 join +property**, select **srcRowKey**. Leave everything else at the default settings. + +![Result Columns wizard page](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusresultcolumns.webp) + +**Step 4 –** On the Results Columns page, select the columns to return from each table. Leave all +other settings at their default. + +![Result Type wizard page](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusresulttype.webp) + +**Step 5 –** On the Result Type page, leave it as a table and provide a descriptive name, for +example `SendMailStatus`. + +![Results Sample wizard page](/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusresultsample.webp) + +**Step 6 –** Click through the rest of the options. On the Result Sample page, click **Show +Preview** to display the columns selected within the Columns page. Click **Summary** to navigate to +the Summary page and click **Finish** to exit the wizard. + +This analysis now reports the status of the SendMail action. diff --git a/docs/accessanalyzer/12.0/admin/action/servicenow/authentication.md b/docs/accessanalyzer/12.0/admin/action/servicenow/authentication.md new file mode 100644 index 0000000000..32d8ea72c0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/servicenow/authentication.md @@ -0,0 +1,20 @@ +# ServiceNow Action: Authentication + +The Authentication page implements signing into a ServiceNow account. + +A ServiceNow account must be set up and configured to determine which incidents will be visible on +the Incident Creation page. + +![ServiceNow Action Module wizard Authentication page](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/authentication.webp) + +Use the following options to log into a ServiceNow account: + +- Select the **Use global ServiceNow credentials** to access the ServiceNow credentials entered into + the Access Analyzer console’s global setting +- To break inheritance, deselect the checkbox and enter information into the following fields: + + - Instance – Domain name for the ServiceNow account + - User Name/Password – Specify the credentials to access the ServiceNow account + +**NOTE:** ServiceNow accounts must have an administrator role to modify incidents on the +configuration page. diff --git a/docs/accessanalyzer/12.0/admin/action/servicenow/description.md b/docs/accessanalyzer/12.0/admin/action/servicenow/description.md new file mode 100644 index 0000000000..4b2bb1f0c1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/servicenow/description.md @@ -0,0 +1,32 @@ +# ServiceNow Action: Description + +The Description page provides details on the incidents entered into a field on the Incident Creation +page. A description of the incident and related comments are included with the incident’s report to +provide additional feedback to the system administrator, and may be saved to a template. + +![ServiceNow Action Module wizard Description page](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/description.webp) + +Create a report using the following options: + +- Short Description – Displays entered words or phrases used to summarize the incident +- Insert Field – Use the drop-down menu to select a field (column) from the source table + + - Click the **blue down arrow** to insert the item into the Short Description section + - Click the **blue up arrow** to insert the item in to the Comments section + - Click the file icon with the magnifying glass to preview the sourced table for values. The + default is 1000 rows. + + ![Sample Source Data window](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/samplesourcedata.webp) + +- Click the **Clear Template** button to remove content from the Short Description section and + Comments section +- Comments – Displays entered information that may be helpful to resolve an incident +- Load from Template – Displays preconfigured Short Description and Comments section by name of + template + + - Click the **Save to Template** link to preserve the Short Description and Comments sections + for later use under a template name. + + ![Save ServiceNow Template window](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/savetemplate.webp) + + Enter a name for the template, and click **OK**. diff --git a/docs/accessanalyzer/12.0/admin/action/servicenow/incidentcreation.md b/docs/accessanalyzer/12.0/admin/action/servicenow/incidentcreation.md new file mode 100644 index 0000000000..80f0b864d2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/servicenow/incidentcreation.md @@ -0,0 +1,16 @@ +# ServiceNow Action: Incident Creation + +The Incident Creation page is available once the ServiceNow credentials are approved. Incidents on +this page belong to two fields: Mandatory and Optional. The type of field and its incidents are +chosen within ServiceNow’s configuration page. Selecting a field and entering a value will include +the incident within ServiceNow’s incident report. + +![ServiceNow Action Module wizard New Incident page](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/incidentcreation.webp) + +At the New Incident field list section, enter the fields for which incident to include on +ServiceNow’s incident report. The ServiceNow account entered on the Authentication page determines +which incidents are available within the fields on the Incidents Creation page and are adjusted in +ServiceNow. + +Fields with a drop-down menu have a set of preconfigured options to select. Fields with ellipsis +choose members from a preconfigured list. diff --git a/docs/accessanalyzer/12.0/admin/action/servicenow/overview.md b/docs/accessanalyzer/12.0/admin/action/servicenow/overview.md new file mode 100644 index 0000000000..292590b6aa --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/servicenow/overview.md @@ -0,0 +1,94 @@ +# ServiceNow Action Module + +The ServiceNow Action Module is primarily intended to allow for the automated creation of ServiceNow +incidents from data collected by the Netwrix suite of data security tools. By facilitating +communication between tools like Access Analyzer and ServiceNow’s incident management capability, +security risks in an organization’s environment can not only be identified, but presented to admins, +managers, and other stakeholders in a familiar way, with respect to chains of command and approval +as dictated by employee relationships and business workflows implemented in ServiceNow. + +When account lockouts occur, the Active Directory Inventory Data Collector makes that information +available. From the Access Analyzer console, the ServiceNow Action Module transmits customized +information regarding the locked out accounts directly to those responsible for account management, +alerting them of the issue and requesting that appropriate action is taken to re-enable user +accounts before effected users are aware of the problem. + +This section describes the following pages in the configuration wizard. + +## Dependencies + +The ServiceNow Action Module requires an active ServiceNow account with: + +- Import Multiple Web Service Plugin +- Web Service Import Sets +- System Web Service plugins enabled +- An instance of Access Analyzer with the Stealthbits ServiceNow Action Module enabled + +## Permissions + +The following permissions are required to utilize Access Analyzer’s ServiceNow Action Module: + +- ServiceNow admin account – An Administrator Role by an organization’s ServiceNow administrator +- The **Settings** > **ServiceNow** node at the global level can be configured with a credential + provisioned to create incidents as Callers in the **Assigned to** field, and any other ServiceNow + incident field that references the sys_user table. + +## Connecting ServiceNow + +The following instructions can only be performed with a ServiceNow admin account and access to the +ServiceNow Action Module XML file. + +![ServiceNow Action Module XML file in Windows file explorer](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/actionmodulexmlfile.webp) + +**Step 1 –** Navigate to the file path …\STEALTHbits\StealthAUDIT\Actions to access the +`STEALTHbits SN Action Module v1.0_merged_rev2.0` file to use on ServiceNow’s website. + +**Step 2 –** Visit servicenow.com, sign into the administrator account, expand **System Update +Sets**, and click on **Retrieved Update Sets**. + +**Step 3 –** Under **Related Links**, click on **Import Update Set from XML**. + +**Step 4 –** Attach the `STEALTHbits SN Action Module v1.0_merged_rev2.0` file, and then click +**Upload**. + +**Step 5 –** After the file is uploaded, click on the **STEALTHbits SN Action Module** within the +list of updated sets. + +**Step 6 –** Click on the **Preview Update Set** button. Wait until the update set preview is +finished and then click **Commit Update Set**. Then, close the Update Set Commit window. + +**Step 7 –** On the navigation page, expand **System Definitions** and click **Plugins**. Then click +on the **Insert Multiple Web Service plugin** + +**Step 8 –** Under **Related Links**, click on **Activate/Upgrade** and click **Activate** on the +Activate Plugin window. When the Activation is complete, click **Close** to close the window. + +**Step 9 –** Click **Reload** on the System Plugin page and confirm the Status is Active. + +Access Analyzer is now connected with the ServiceNow platform. + +## Source Table Configuration + +Individual action modules, including the ServiceNow Action Module, may have their own column +requirements. To take action on a resource, the source table must contain columns with RowGUID +values to uniquely identify them. + +## Configuration + +The ServiceNow Action module is configured through the ServiceNow Action Module Wizard, which +contains the following wizard pages: + +- Welcome +- [ServiceNow Action: Authentication](/docs/accessanalyzer/12.0/admin/action/servicenow/authentication.md) +- [ServiceNow Action: Incident Creation](/docs/accessanalyzer/12.0/admin/action/servicenow/incidentcreation.md) +- [ServiceNow Action: Description](/docs/accessanalyzer/12.0/admin/action/servicenow/description.md) +- [ServiceNow Action: Summary](/docs/accessanalyzer/12.0/admin/action/servicenow/summary.md) + +**NOTE:** Not all pages may be accessible unless the user has a configured ServiceNow account. + +The Welcome page displays first in the ServiceNow Action Module Wizard. Review the introductory and +caution information about the ServiceNow Action Module. + +![ServiceNow Action Module wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/action/servicenow/summary.md b/docs/accessanalyzer/12.0/admin/action/servicenow/summary.md new file mode 100644 index 0000000000..d3e1cb6425 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/servicenow/summary.md @@ -0,0 +1,9 @@ +# ServiceNow Action: Summary + +The Summary page displays a summary of the configured query. + +![ServiceNow Action Module wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the ServiceNow Action Module Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/action/survey/htmlstyle.md b/docs/accessanalyzer/12.0/admin/action/survey/htmlstyle.md new file mode 100644 index 0000000000..0279a186aa --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/survey/htmlstyle.md @@ -0,0 +1,12 @@ +# Survey HTML Style + +Choose an HTML style from the HTML Styles list. The Sample pane displays a preview of the style. + +![Survey Action Module Wizard HTML Style page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/htmlstyle.webp) + +The configurable options are: + +- HTML Style List – Select which HTML Style is used for Surveys using the HTML Style list. An + example of the style shows in the Sample box at the bottom of the wizard. +- Hide and Lock Previous Responses – Select the checkbox to prevent users from changing their survey + responses once they exit the survey diff --git a/docs/accessanalyzer/12.0/admin/action/survey/introduction.md b/docs/accessanalyzer/12.0/admin/action/survey/introduction.md new file mode 100644 index 0000000000..512c586ecd --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/survey/introduction.md @@ -0,0 +1,25 @@ +# Survey: Introduction + +Use this page to specify web page introductory text (if any) for the web page specified on the Web +Server page. See the [Survey: Web Server](/docs/accessanalyzer/12.0/admin/action/survey/webserver.md) topic for additional information. The +introductory text appears on the landing page when recipients click on the survey link in the email. + +![Survey Action Module Wizard Introduction Page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/introduction.webp) + +The configurable options are: + +- Insert Field – Inserts a dynamic field into the message content. Dynamic fields such as + **username** can personalize the survey for each recipient. The options available at this field + are limited to data from the SQL table specified at the Source Table field on the Action + Properties page. + + Place the cursor in the text where a field should appear. Next, click on the drop-down and + select a field from the list. When a selection appears in the field, click the blue down arrow. + The field appears in the text. + +## Text Entry Box + +Use the Text Entry box to compose an introductory message. Above the text box is a tool bar +containing various Microsoft Word-style editing tools. Use the editor to personalize the content and +appearance of each message. Use the Insert field option to insert dynamic text from the specified +data table. diff --git a/docs/accessanalyzer/12.0/admin/action/survey/mailmessage.md b/docs/accessanalyzer/12.0/admin/action/survey/mailmessage.md new file mode 100644 index 0000000000..5327f0198b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/survey/mailmessage.md @@ -0,0 +1,55 @@ +# Survey: Mail – Message + +Use this page to specify the text of the email. When first accessing this page, the cursor appears +in the **Load from template** field. Survey templates are a legacy feature and Netwrix recommends +not using them. + +![Survey Action Module Wizard Mail – Message page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/mailmessage.webp) + +Placeholder text displays in the Message box. This text includes a hyperlink to the web page hosting +the survey. Placeholder text can be modified but the link cannot be removed. The link does not +activate until the message is sent. + +Use the following fields to specify the text of the email: + +- Subject – Specify subject text for the email. The contents of this field displays as the Subject + line of the delivered email. Enter text directly and use the **Insert field** to insert one or + more data fields. This is a required field. +- Insert Field – Inserts a data field into the subject or body of the email. The drop-down menu + displays a list of available fields. Once a selection displays in the field, click on the blue + Down and Up arrows to insert the field into the body or the subject, respectively. This field is + optional. +- The following are buttons appearing on a bar below the Subject field: + + - Show sample input source data – To display a table of sample source data, click the icon next + to the blue arrows + - Show dialog to set SMTP options – To override the global SMTP settings, click the icon next to + the blue arrows to display the SMTP Options dialog box + - Preview – Displays the Messages Preview window containing a preview of the current email + message. Click **Send** to send a single message to the addresses in the Recipient field in + the Message Preview window. The Preview button is active only if the Recipients field is + populated. See the [Messages Preview Window](#messages-preview-window) topic for additional + information. + - Clear Template – Clears any content from the Subject and Text Entry box + +- Load from template – Survey templates are a legacy feature. It is strongly recommended not use + templates when creating surveys. +- Save to template – Saves the current email subject and content to a template. If an existing + template name appears in the **Load from template** field, clicking this button updates that + template. If the **Load from template** field is empty or contains a name other than one of the + existing templates, clicking this button accesses the Save SendMail Template window and changes + can be saved to a new template. Templates reside locally on the host computer as XML files, in the + `Actions/SM_Templates` folder. + +## Messages Preview Window + +The Messages preview window opens when you click **Preview** on the Mail – Message page of the +Survey Action Module Wizard. This window displays a preview of the email, including any dynamic +fields. + +![Messages preview window](/img/product_docs/accessanalyzer/12.0/admin/action/survey/messagespreview.webp) + +The window has the following options: + +- Blue arrow buttons – Click to view other recipients +- Send – Sends a single message to the addresses in the **Recipients** field diff --git a/docs/accessanalyzer/12.0/admin/action/survey/mailproperties.md b/docs/accessanalyzer/12.0/admin/action/survey/mailproperties.md new file mode 100644 index 0000000000..fa94e0b817 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/survey/mailproperties.md @@ -0,0 +1,21 @@ +# Survey: Mail – Properties + +Use this page to specify the email recipients. + +![Survey Action Module Wizard Mail – Properties page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/mailproperties.webp) + +Use the following fields to specify the recipient information: + +- Recipient column – Specify the data table columns containing intended recipient information + + - For example, a column containing email addresses. The drop-down menu displays a list of + possible column types. + +- Recipient type – Specify the data type of the Recipient column. The drop-down menu displays a list + of recipient types, for example **SMTP email address**. +- Carbon copy (CC) – (Optional) Specify one or more additional email addresses to receive a + carbon-copy of the SendMail message, for example an address not included in the source table. + Separate multiple address with a semi-colon and a space. +- Combine multiple messages to a recipient into one message when all recipients are the same – + Select this option to send only one message to each recipient as a result of this action (even + recipients who appear more than once in the job results) diff --git a/docs/accessanalyzer/12.0/admin/action/survey/overview.md b/docs/accessanalyzer/12.0/admin/action/survey/overview.md new file mode 100644 index 0000000000..d20a957cd2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/survey/overview.md @@ -0,0 +1,43 @@ +# Survey Action Module + +Use this action module to create surveys and make them available to targeted recipients via email. +For example, a survey can solicit feedback from clients or poll employees on company issues. + +The Survey Action Module Wizard builds customizable, web-based surveys containing questions created +by the user. Once the survey is defined, a list of recipients can then be specified. When executing +the action, the process simultaneously sends an email to the recipients containing a link to the +survey and creates a web page to host the survey. + +**CAUTION:** This module sends one or more electronic messages to a selected audience. Prior to +executing the action, ensure the audience consists of only the desired members. Netwrix recommends +using this and all other Access Analyzer actions with caution. + +## Survey Action Source Table Configuration + +All data tables used in Access Analyzer action modules require the presence of certain data columns. +In addition, individual action modules including Survey may have their own column requirements. The +Survey action module requires a column containing well-formatted email addresses (for example, +`hfinn@netwrix.com`) for your recipients. + +## Survey Action Module Wizard + +The Survey action module is configured through the Survey Action Module Wizard, which contains the +following wizard pages: + +- Welcome +- [Survey: Template](/docs/accessanalyzer/12.0/admin/action/survey/template.md) (Legacy feature) +- [Survey: Introduction](/docs/accessanalyzer/12.0/admin/action/survey/introduction.md) +- [Survey: Questions](/docs/accessanalyzer/12.0/admin/action/survey/questions.md) +- [Survey HTML Style](/docs/accessanalyzer/12.0/admin/action/survey/htmlstyle.md) +- [Survey: Web Server](/docs/accessanalyzer/12.0/admin/action/survey/webserver.md) +- [Survey: Mail – Properties](/docs/accessanalyzer/12.0/admin/action/survey/mailproperties.md) +- [Survey: Mail – Message](/docs/accessanalyzer/12.0/admin/action/survey/mailmessage.md) +- [Survey: Test Survey](/docs/accessanalyzer/12.0/admin/action/survey/testsurvey.md) +- [Survey: Summary](/docs/accessanalyzer/12.0/admin/action/survey/summary.md) + +The Welcome page displays first and gives an overview of the action module. The navigation pane +contains links to the pages in the wizard. + +![Survey Action Module Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/action/survey/questions.md b/docs/accessanalyzer/12.0/admin/action/survey/questions.md new file mode 100644 index 0000000000..d623ab0a88 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/survey/questions.md @@ -0,0 +1,64 @@ +# Survey: Questions + +Use this page to specify the questions on the survey. Configure the following for each question: + +- The text of the question + + - Example: `Are you the owner of the following stale AD objects?` + +- The subject of the question – The subject is the object to which the question is directed, such as + a user who has access to AD objects. Specify the subject via a dynamic field. + + - Example: **UserName** + - The data table must contain a column with the subject of each question on the survey + +- A name for the answer column in the result table. This column stores the answers to the survey + question. +- The question type (**Yes/No**, **Text**, or **Multiple Choice**) +- Any additional descriptive text to include for the question + +![Survey Action Module Wizard Questions page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/questions.webp) + +The configurable options are: + +- Questions List – Any existing questions appear in the Question List box. The following buttons are + available: + + - Add new question – Adds a new question to the Questions list. Use the Question Details section + to customize the question. + - Remove question – Remove selected question from the Questions list + - Up and Down arrows – Re-order questions + +- Question Details – Use this section to define your survey questions. The following options are + available: + + - Text – Specify the survey question + - Subjects – Click on the ellipses (**…**) to open the Select subjects window. Specify the + object to which a question is directed. The selected subjects show in the Subjects field. See + the [Select Subjects Window](#select-subjects-window) topic for additional information. + - Answer Column Name – The Survey action module inserts the results of the survey directly into + the SQL table on which a survey is based, creating an answer column for each question in the + survey. Give each column a unique name that corresponds to the associated survey question. + - Question type – Specify a question type. The options are: + + - Yes/No + - Text + - Multiple Choice – If this option is selected, the **Answers** button activates. Click this + button to open the Answers window and specify the response options to the multiple choice + question via the **Add** button. + + - Answers – This button activates if Multiple Choice in the Question Type field is selected. + Click to access the Answers window. + - Description – Specify any additional explanation of the survey question. The text appears on + the survey below the associated question. + +## Select Subjects Window + +Select which subjects to use for the Survey question using the Select subjects window. + +![Select subjects window](/img/product_docs/accessanalyzer/12.0/admin/action/survey/selectsubjects.webp) + +Select a subject from the Available subjects list, then click the **Right Arrow** to move it into +the Selected Subjects list. Remove a subject from the Selected Subjects list by selecting a subject +and clicking the **Left Arrow**. Change the priority of the subjects in the Selected Subjects list +by using the **Up and Down Arrows**. diff --git a/docs/accessanalyzer/12.0/admin/action/survey/summary.md b/docs/accessanalyzer/12.0/admin/action/survey/summary.md new file mode 100644 index 0000000000..c0ed49e6da --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/survey/summary.md @@ -0,0 +1,13 @@ +# Survey: Summary + +A summary of the survey configuration displays. + +![Survey Action Module Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/summary.webp) + +Click **Save Template** to access the Save Survey Template window. + +![Save Survey Template window](/img/product_docs/accessanalyzer/12.0/admin/action/survey/savesurveytemplate.webp) + +Specify a name for the survey for future use. Click **OK** to return to the Summary page. + +When done, click **Finish** to finalize survey configurations. diff --git a/docs/accessanalyzer/12.0/admin/action/survey/template.md b/docs/accessanalyzer/12.0/admin/action/survey/template.md new file mode 100644 index 0000000000..19b4289e9b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/survey/template.md @@ -0,0 +1,6 @@ +# Survey: Template + +Survey templates require customization to meet the customer's business needs. Contact +[Netwrix Support](https://www.netwrix.com/support.html) for additional information. + +![Survey Action Module Wizard Survey Template page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/surveytemplate.webp) diff --git a/docs/accessanalyzer/12.0/admin/action/survey/testsurvey.md b/docs/accessanalyzer/12.0/admin/action/survey/testsurvey.md new file mode 100644 index 0000000000..398a7c0b56 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/survey/testsurvey.md @@ -0,0 +1,12 @@ +# Survey: Test Survey + +Use this page to test a survey and verify proper configuration. + +![Survey Action Module Wizard Test Survey page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/testsurvey.webp) + +The configurable options are: + +- Start test – Click to test your survey configuration +- Survey full test – Once the survey configuration test passes inspection, a full survey can be + tested against a single user (for example, your own email account) to verify a survey matches + design criteria diff --git a/docs/accessanalyzer/12.0/admin/action/survey/webserver.md b/docs/accessanalyzer/12.0/admin/action/survey/webserver.md new file mode 100644 index 0000000000..40bc960cd9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/survey/webserver.md @@ -0,0 +1,16 @@ +# Survey: Web Server + +Use this page to specify information about the web server hosting the survey website. + +![Survey Action Module Wizard Web Server page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/webserver.webp) + +The configurable options are: + +- Web Server Name – Specify the name of the server hosting the survey +- Web server path (Survey root path) – Specify the root path to the folder on the web server + containing the scripts used to build and operate the survey web page + + - Click the ellipses (**...**) to open the Browse For Folder window to navigate to the folder on + the web server containing the scripts used to build and operate the survey web page + +- URL (Survey root path) – Specify the root path of the web page location diff --git a/docs/accessanalyzer/12.0/admin/action/webrequest/destination.md b/docs/accessanalyzer/12.0/admin/action/webrequest/destination.md new file mode 100644 index 0000000000..a8de3af43b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/webrequest/destination.md @@ -0,0 +1,65 @@ +# Web Request: Destination + +Use the Destination page to specify all settings for the destination of the web request. + +![Web Request Action Module Wizard Destination page](/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/destination.webp) + +Use the following categories to establish the location of the web request: + +- Insert field – Select a field using the drop-down menu + + **NOTE:** The fields available varies based on the source table columns. + +Destination Information + +- Method – Use the dropdown to select a method from the following: + + - GET + - POST + - PUT + - DELETE + - HEAD + - OPTIONS + - PATCH + - MERGE + - COPY + +- Follow Redirects – Enables the web request to follow redirects +- Combine SQL rows into single request – Enables bulk insertion of the number of rows specified into + a single web request + + - Rows – Select the number of rows to combine. The default is 50. + +- Resource – URL destination to send the data via the web request + + - Select a field using the drop-down menu, place the cursor in the Resource textbox, and click + the blue down-arrow to add it to the Resource box + - Manually enter a resource in the textbox + + **NOTE:** A red circle with an x indicates that the Resource field cannot be empty. + +- Authentication – Select an authentication method from the following: + + - None – No authentication + - Basic – Basic authentication + - JWT – JSON Web Token, a URL-safe authentication method + + Basic and JWT authentications are pulled from the credential profile set in the job. It inserts + that data into the authentication header of the web request with the proper format expected (for + example, Basic [Base64 encoded credentials] or Bearer [JWT token] for Basic and JWT + authentication respectively). + +Test Connection + +- Drop-down menu – Select a method to test. Currently locked to GET. +- URI textbox – Input the resource to receive the test message + + - Select a field using the drop-down menu, place the cursor in text area, and click the blue + down-arrow to add it to the URI textbox + - Manually enter a resource in the field + + **NOTE:** Red circle with x indicates + `Invalid URI: The format of the URI could not be determined`. + +- Test – Tests the connection for the request using the first row of the source table +- Text box – Shows log messages from the connection test diff --git a/docs/accessanalyzer/12.0/admin/action/webrequest/header.md b/docs/accessanalyzer/12.0/admin/action/webrequest/header.md new file mode 100644 index 0000000000..2689699be4 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/webrequest/header.md @@ -0,0 +1,22 @@ +# Web Request: Header + +Use the Header page to enter the header values for the request. + +![Web Request Action Module Wizard Header page](/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/header.webp) + +Use the following options to enter header values: + +- Insert field – Select a field to include in the request using the drop-down menu + + **NOTE:** The fields available varies based on the source table columns. + +- Use the radio buttons to indicate: + + - Parameters – Key value pairs to insert in the headers field of the web request + - Raw edit – Disabled for headers + +- Key / Value fields – The name or value of the attribute + + - Select a field using the drop-down menu, place the cursor in the cell of the desired Key or + Value, and click the blue down-arrow to add it to the selected cell + - Manually enter a field in the cell diff --git a/docs/accessanalyzer/12.0/admin/action/webrequest/overview.md b/docs/accessanalyzer/12.0/admin/action/webrequest/overview.md new file mode 100644 index 0000000000..9e91d7f65d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/webrequest/overview.md @@ -0,0 +1,27 @@ +# WebRequest Action Module + +The Web Request action module provides methods of applying bulk changes to REST endpoints. At this +stage, target endpoints should be identified to invoke web requests against. This wizard allows the +definition of requests to perform. + +**CAUTION:** Ensure that only the changes required are applied and only those target systems desired +when using this action module. + +## Configuration + +The Web Request action module is configured through the Web Request Action Module Wizard, which +contains the following wizard pages: + +- Welcome +- [Web Request: Destination](/docs/accessanalyzer/12.0/admin/action/webrequest/destination.md) +- [Web Request: Header](/docs/accessanalyzer/12.0/admin/action/webrequest/header.md) +- [Web Request: Parameters](/docs/accessanalyzer/12.0/admin/action/webrequest/parameters.md) +- [Web Request: Settings](/docs/accessanalyzer/12.0/admin/action/webrequest/settings.md) +- [Web Request: Summary](/docs/accessanalyzer/12.0/admin/action/webrequest/summary.md) + +The Welcome page gives an overview of the action module. The navigation pane contains links to the +pages in the wizard. + +![Web Request Action Module Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/welcome.webp) + +To proceed, click **Next** or use the Steps navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/action/webrequest/parameters.md b/docs/accessanalyzer/12.0/admin/action/webrequest/parameters.md new file mode 100644 index 0000000000..c99fc323e2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/webrequest/parameters.md @@ -0,0 +1,61 @@ +# Web Request: Parameters + +Use the Parameters page to enter the parameter values. + +![Web Request Action Module Wizard Parameters page](/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/parameters.webp) + +Enter parameter values using the following options: + +- Insert Field – Select a field to include in the request from the drop-down menu. + + **NOTE:** The fields available varies based on the source table. + +- Green circle with plus sign – Add a custom attribute. This opens the Custom Attribute Editor + Window. See the [Custom Attribute Editor Window](#custom-attribute-editor-window) topic for + additional information. +- Red circle with minus sign – Remove a custom attribute + + - Select a cell or row to remove the custom attributes + +- Paper and pencil – Edit a custom attribute. This opens the Custom Attribute Editor Window. See the + [Custom Attribute Editor Window](#custom-attribute-editor-window) topic for additional + information. +- Use the radio buttons to indicate: + + - Parameters – Key value pairs to insert in the headers field of the web request + - Raw edit – Disabled for Parameters + +- Key / Value Fields – The name or value of the attribute + + - Select a field using the drop-down menu, place the cursor in the cell of the desired Key or + Value, and click the blue down-arrow to add it to the selected cell + - Select a cell and click the green circle with plus sign to open the Custom Attribute Editor + window and add the attribute to the cell + - Manually enter a field in the cell + +### Custom Attribute Editor Window + +Use the Custom Attribute Editor window to create a custom attribute using the existing attributes +and advanced functions. + +![Custom Attribute Editor Window](/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/customattributeeditor.webp) + +Create custom attributes using the following options: + +- Insert field – Select a field to insert using the drop-down menu +- Unique name – Name of the custom attribute that will be created + + - Select a field using the drop-down menu, place the cursor in the Unique name textbox, and + click the blue down-arrow to add it to the Unique name textbox + - Manually enter the name + +- Data – The actual value of the custom attribute (can be database value or manually specified) + + - Select a field using the drop-down menu, place the cursor in the Data textbox, and click the + blue down-arrow to add it to the Data textbox + - Manually enter the data + +- Advanced Functions + + - Split on – Split the data on the character specified in the text box. The default is comma + `,`. diff --git a/docs/accessanalyzer/12.0/admin/action/webrequest/settings.md b/docs/accessanalyzer/12.0/admin/action/webrequest/settings.md new file mode 100644 index 0000000000..9e035ecda7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/webrequest/settings.md @@ -0,0 +1,16 @@ +# Web Request: Settings + +Use the settings page to specify the settings for the web request. + +![Web Request Action Module Wizard Settings page](/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/settings.webp) + +Establish the settings using the following options: + +- Insert field – not applicable on this page +- Input Table Rowkey – Select the column to use as the Access Analyzer key for reporting and + built-in Access Analyzer functions +- Include response in output table – When enabled, it records the body of the server’s response + message in the actions output table +- Execute multiple requests asynchronously – use a thread pool to manage requests + + - Request count – Select the number of asynchronous requests to run simultaneously diff --git a/docs/accessanalyzer/12.0/admin/action/webrequest/summary.md b/docs/accessanalyzer/12.0/admin/action/webrequest/summary.md new file mode 100644 index 0000000000..70a7e66bad --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/action/webrequest/summary.md @@ -0,0 +1,9 @@ +# Web Request: Summary + +The Summary page displays a summary of the configured action. + +![Web Request Action Module Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Web Request Action Module Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/analysis/autoaction.md b/docs/accessanalyzer/12.0/admin/analysis/autoaction.md new file mode 100644 index 0000000000..4c665e5aea --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/autoaction.md @@ -0,0 +1,21 @@ +# AutoAction Analysis Module + +The Auto Action analysis module executes a pre-configured action as part of the analysis task +execution. To add an action to an analysis via the Auto Action analysis module, the action must +already exist and it must reside within the current job. + +**NOTE:** The Actions node can also automatically execute actions. See the +[Action Modules](/docs/accessanalyzer/12.0/admin/action/overview.md) topic for additional information. + +## Select Action Window + +The Select Action window lists the actions that currently exist within the Job that can be selected +to automatically run upon job execution. + +![Select Action Window](/img/product_docs/accessanalyzer/12.0/admin/analysis/autoaction.webp) + +Select an action from the list. Click **OK** to exit the window, and then click **Save** to preserve +the changes made to the analysis module. The action now executes as part of the analysis task. If no +actions were selected, it is best practice to click **Cancel** to close the Select Action window to +ensure no accidental selections are saved. Actions only display if they exist within the Actions +node of the current Job. diff --git a/docs/accessanalyzer/12.0/admin/analysis/businessrules/appliesto.md b/docs/accessanalyzer/12.0/admin/analysis/businessrules/appliesto.md new file mode 100644 index 0000000000..4dfab791c9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/businessrules/appliesto.md @@ -0,0 +1,30 @@ +# Applies To Tab + +Use the Applies To tab to specify the scope for application of the analysis rules. Rules are applied +to data collected from all hosts, from specific hosts, or from the specific host running the job +(local data). Data is filtered based on a specified time window. + +![Edit Rules window Applies To tab](/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/appliesto.webp) + +The Applies To tab provides the following options: + +- Source and Time Window – Specify whether to exclude data from outside of the Access Analyzer + console and apply a filter to the time window of the data + + - All Source Data – Select this option to run the action using all data + - Source Data from this Console only – Select this option to run the action specifically using + data from only this Access Analyzer console + - Time Window for source table – Use the drop-down menu to specify a time window from the + following options: + + - Most recent data – Use only the most recently collected data + - Cumulative data for offline hosts – Use data collected from offline hosts + - Most recent data filtering duplicate and offline hosts – Use most recent data excluding + duplicate and offline hosts + - Do not filter data – Use unfiltered data + +- Hosts Filtering – Specify source hosts + + - Apply to All Hosts – Select this checkbox to use all hosts to query + - Host List – Select any desired hosts to query. If **Apply to All Hosts** is selected, the list + is unavailable. diff --git a/docs/accessanalyzer/12.0/admin/analysis/businessrules/logic.md b/docs/accessanalyzer/12.0/admin/analysis/businessrules/logic.md new file mode 100644 index 0000000000..c78414a135 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/businessrules/logic.md @@ -0,0 +1,121 @@ +# Logic Tab + +Use the Logic tab to specify conditions and actions for the Business Rule. + +![Edit Rules window Logic tab](/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/logic.webp) + +The Logic tab contains the following sections and options: + +- Rule Details – Create a title for the rule and select a source table: + + - Rule Name – The field defaults with the name on the Analysis Properties page and is manually + editable + - Table – Select a table from the drop-down menu containing the baseline values to evaluate + + - To view data from a selected table, click the ellipsis (**…**) to open the Sample Data + Viewer window, or select a table within the viewer. See the + [Sample Data Viewer Window](#sample-data-viewer-window) topic for additional information. + +- Conditions – Apply conditions to the table + + - Click **Add Condition** to open the EditConditionsForm window and add a condition to the + Conditions list. See the [EditConditionsForm Window](#editconditionsform-window) topic for + additional information. + - Exceptions textbox – Lists added conditions. By default, it says `Add Exception to Scorecard` + but updates with any conditions selected. + - To check the SQL statement executed, click the green checkmark SQL symbol. This opens the SQL + Extract Preview window. See the + [SQL Extract Preview Window](#sql-extract-preview-window) topic for additional information. + +- Actions – Add exceptions to the scorecard action + + - Select **Edit Action** or double click **Add Exception To Scorecard** to open the Configure + Scorecard Action window. See the + [Configure Scorecard Action Window](#configure-scorecard-action-window) topic for additional + information. + +## Sample Data Viewer Window + +Use the Sample Data Viewer window to examine data in a selected table. + +![Sample Data Viewer Window](/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/sampledataviewer.webp) + +The Sample Data Viewer window provides the following options: + +- Use the drop-down menu to select a table to view the table’s data. The field defaults with the + table selected in the Logic tab if previously selected. +- Show First [Number] rows – Adjusts the presentation of the number of rows of the selected table. + The default value is 50. It can be manually adjusted with values between 0 and all. + +## EditConditionsForm Window + +Use the EditConditionsForm to configure conditions to be applied to the table. + +![EditConditionsForm Window](/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/editconditionsform.webp) + +The EditConditionsForm contains the following options: + +- Column – Use the drop-down menu to select a column from the table selected in the Logic tab +- Operator – Use the dropdown to select an operator: + + - `<` – Search for items in the selected column with values less than a selected value + - `>` – Search for items in the selected column with values greater than a selected value + - `=` – Search for items in the selected column of equal value to the selected value + - `!=` – Search for items in the selected column not equal to the selected value + - `like` – Search for items in the selected column of similar or value to the selected value + +- Value – Manually set a comparator value. The default is 0. + +## SQL Extract Preview Window + +The SQL Extract Preview window previews results of the conditions added to the table in the +Conditions section. + +![SQL Extract Preview Window](/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/sqlextractpreviewwindow.webp) + +The SQL script requires the table have these columns: `HOST`, `SA_Host`, and `JobRunTimeKey`. If +there is a mismatch between table and SQL script, a SQL Syntax Check window describes any detected +issue. + +![SQL Syntax Check window](/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/sqlsyntaxcheck.webp) + +For example, this SQL Syntax Check window is reporting an error of missing information of an object +or column. + +## Configure Scorecard Action Window + +Use this window to add exceptions to the scorecard. + +![Configure Scorecard Action Window](/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/configurescorecardaction.webp) + +The Configure Scorecard Options window provides the following options: + +- Scorecard Action Description – Use this section to label the scorecard action + + - Action Name – Enter a name for the action + - Description – Enter a description for the action + +- Action Classification – This section allows you to group scorecard action results for reporting + purposes + + - Category – Enter a desired category name in the field or use the dropdown to select from + previously titled categories + - Index – Enter a desired index value for the scorecard action + +- Action Score – This section allows you to rank the action’s importance relative to other scorecard + actions + + - Score – Enter a desired score value for the scorecard action + - Severity – Enter a desired severity value or use the dropdown to select from previously + selected values + +- Knowledge – This section provides information that may assist with resolving this issue + + - Knowledge – Enter information to assist issue resolution, for example a website URL + +- Captured Values – This section allows you to select up to five optional properties whose values + will be captured and stored with the scorecard entry. For each property selected, a name column + and value column appear in the scorecard. + + - Property [1-5] – Select a property from the selected table using the drop-down menu to capture + and store its values with the scorecard diff --git a/docs/accessanalyzer/12.0/admin/analysis/businessrules/overview.md b/docs/accessanalyzer/12.0/admin/analysis/businessrules/overview.md new file mode 100644 index 0000000000..a3c9465be3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/businessrules/overview.md @@ -0,0 +1,28 @@ +# Business Rules Analysis Module + +The Business Rules analysis module measures and evaluates a configured value from an object (the +baseline value) and compares it against a stated value (the business rule) to find an exception or +deviation. Any deviations or differences found the execution of a business rule appear in a +resultant table called a scorecard. + +Create one or more jobs to collect the data to be analyzed. Then configure one or business rules to +analyze the data. Examine the scoreboard to determine how an object is performing with regard to its +original baseline expectations. + +## Scorecard + +Business Rules analysis module results are displayed in a table called a scorecard. The scorecard +determines which of the rules are applied, and in what order. A scorecard table contains only +exceptions and deviations from the business rule criteria when compared to a baseline value. The +table does not include matches to the criteria. All scorecard table names are suffixed with +`_SCORECARD` for easy identification. + +## Edit Rules Window + +To access and modify the Business Rules analysis module, navigate to the Job's **Configure** > +**Analysis** node and click **Configure Analysis** to open the Edit Rules window. The Edit Rules +window has the following tabs: + +- [Logic Tab](/docs/accessanalyzer/12.0/admin/analysis/businessrules/logic.md) +- [Variables Tab](/docs/accessanalyzer/12.0/admin/analysis/businessrules/variables.md) +- [Applies To Tab](/docs/accessanalyzer/12.0/admin/analysis/businessrules/appliesto.md) diff --git a/docs/accessanalyzer/12.0/admin/analysis/businessrules/variables.md b/docs/accessanalyzer/12.0/admin/analysis/businessrules/variables.md new file mode 100644 index 0000000000..966ad7ad2f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/businessrules/variables.md @@ -0,0 +1,16 @@ +# Variables Tab + +Use the Variables tab to specify values to substitute in the rule logic at run time. + +![Edit Rules window Variables tab](/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/variables.webp) + +This tab contains the following options: + +- Sort by Variable or Value in descending order by clicking the preferred column header. To sort by + ascending Value, click the column header again. The default is by ascending Value. +- To delete a variable, select it and click **Delete** + + ![JobVariables TSV file](/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/jobvariablestsv.webp) + +- Click **View all variables for this job** to open the `JobVariables.TSV` file containing any + variables for the current job diff --git a/docs/accessanalyzer/12.0/admin/analysis/changedetection/additionalfields.md b/docs/accessanalyzer/12.0/admin/analysis/changedetection/additionalfields.md new file mode 100644 index 0000000000..ef54cea913 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/changedetection/additionalfields.md @@ -0,0 +1,16 @@ +# Change Detection: Additional Fields + +Use the Additional Fields page to choose any additional fields to include with the change analysis. +These fields do not detect change, but may provide additional information to help diagnose and +analyze the changes reported. + +![Change Detection Data Analysis Module wizard Additional Fields page](/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/additionalfields.webp) + +Choose any additional fields to be collected with change analysis using the following options: + +- Select the checkbox of any desired fields +- Check All – Select all fields in the table +- Uncheck All – Clear all fields in the table +- Hide system columns – Hide columns +- Checked – Order the list by selected items +- Column Name – Name of the field diff --git a/docs/accessanalyzer/12.0/admin/analysis/changedetection/fields.md b/docs/accessanalyzer/12.0/admin/analysis/changedetection/fields.md new file mode 100644 index 0000000000..be6730ee95 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/changedetection/fields.md @@ -0,0 +1,16 @@ +# Change Detection: Fields + +Use the Change Detection Fields page to select the columns on which to report changes. + +![Change Detection Data Analysis Module wizard Fields page](/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/fields.webp) + +Choose which fields change detection analyzes using the following options: + +- Select the checkbox next to any desired fields +- Check All – Select all fields in the table +- Uncheck All – Clear all fields in the table +- Hide system columns – Hide columns +- Checked – Order the list by selected items +- Column Name – Name of the field +- Combine multiple changes into a single change record – Select to combine multiple changes into a + single change record diff --git a/docs/accessanalyzer/12.0/admin/analysis/changedetection/input.md b/docs/accessanalyzer/12.0/admin/analysis/changedetection/input.md new file mode 100644 index 0000000000..7637f49b51 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/changedetection/input.md @@ -0,0 +1,12 @@ +# Change Detection: Input + +Use the Input Data Source page to choose a data source to analyze for changes. + +![Change Detection Data Analysis Module wizard Input Data Source page](/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/input.webp) + +The configurable option is: + +- Please select a data source – Select a data source table from the list + + **NOTE:** The selectable data sources change based on which option is selected on the Input + Scope page. diff --git a/docs/accessanalyzer/12.0/admin/analysis/changedetection/inputscope.md b/docs/accessanalyzer/12.0/admin/analysis/changedetection/inputscope.md new file mode 100644 index 0000000000..f9a8bdca0d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/changedetection/inputscope.md @@ -0,0 +1,13 @@ +# Change Detection: Input Scope + +Use the Input Scope page to specify the input scope of the data source. + +![Change Detection Data Analysis Module wizard Input Scope page](/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/inputscope.webp) + +Identify the scope of the data source from the following options: + +- Tables from Current Job – Select tables from only the currently selected job +- All Access Analyzer Tables – Select from all Access Analyzer tables within the SQL Server database +- All tables in the database – Select all tables within the SQL Server database + +**NOTE:** This selection affects the tables that are available for selection on the Input page. diff --git a/docs/accessanalyzer/12.0/admin/analysis/changedetection/options.md b/docs/accessanalyzer/12.0/admin/analysis/changedetection/options.md new file mode 100644 index 0000000000..6139573914 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/changedetection/options.md @@ -0,0 +1,13 @@ +# Change Detection: Options + +Use the Options page to specify whether to save history, including a running tally of all changes +made within a certain time period, or only changes between the last two runs of the source set. + +![Change Detection Data Analysis Module wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/options.webp) + +Configure the additional options using the following: + +- Save change detection results for xx days – Modify the number of days that results for the Change + Detection task are saved for +- Only save most recent change (per unique key) – Select the checkbox to only save changes between + the last two runs of the source set diff --git a/docs/accessanalyzer/12.0/admin/analysis/changedetection/overview.md b/docs/accessanalyzer/12.0/admin/analysis/changedetection/overview.md new file mode 100644 index 0000000000..2cb1386f11 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/changedetection/overview.md @@ -0,0 +1,34 @@ +# Change Detection Analysis Module + +Use the Change Detection analysis module to track changes within a specific Access Analyzer view or +table for use in reporting and notifications. This module tracks additional, changed, or missing +selected data items and compares result rows from previous collection activity with rows from the +most recent collection. + +This module compares values collected for two different query instances. Therefore, as change +detection depends on the existence of a **JobRunTimeKey**, history must be enabled and data +collected at least twice to produce the desired results. Configure History settings under the job’s +**Settings** > **History** node. See the [History](/docs/accessanalyzer/12.0/admin/settings/history.md) topic for additional +information. + +## Configuration + +The Change Detection Data Analysis Module wizard has the following pages: + +- Welcome +- [Change Detection: Input Scope](/docs/accessanalyzer/12.0/admin/analysis/changedetection/inputscope.md) +- [Change Detection: Input](/docs/accessanalyzer/12.0/admin/analysis/changedetection/input.md) +- [Change Detection: Unique Key](/docs/accessanalyzer/12.0/admin/analysis/changedetection/uniquekey.md) +- [Change Detection: Fields](/docs/accessanalyzer/12.0/admin/analysis/changedetection/fields.md) +- [Change Detection: Additional Fields](/docs/accessanalyzer/12.0/admin/analysis/changedetection/additionalfields.md) +- [Change Detection: Options](/docs/accessanalyzer/12.0/admin/analysis/changedetection/options.md) +- [Change Detection: Result Sample](/docs/accessanalyzer/12.0/admin/analysis/changedetection/resultsample.md) +- [Change Detection: Summary](/docs/accessanalyzer/12.0/admin/analysis/changedetection/summary.md) + +The Welcome page gives an overview of the action module. The navigation pane contains links to the +pages in the wizard. + +![Change Detection Data Analysis Module wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/welcome.webp) + +There are no configurable settings on the Welcome page. To proceed, click **Next** or use the Steps +navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/analysis/changedetection/resultsample.md b/docs/accessanalyzer/12.0/admin/analysis/changedetection/resultsample.md new file mode 100644 index 0000000000..31958b6e3f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/changedetection/resultsample.md @@ -0,0 +1,9 @@ +# Change Detection: Result Sample + +The Result Sample page generates a preview of the output based on the configurations selected on the +previous pages. + +![Change Detection Data Analysis Module wizard Result Sample page](/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/resultsample.webp) + +Click **Show Preview** to generate a preview of the results, which may take several minutes to +populate. diff --git a/docs/accessanalyzer/12.0/admin/analysis/changedetection/summary.md b/docs/accessanalyzer/12.0/admin/analysis/changedetection/summary.md new file mode 100644 index 0000000000..4fe46b2d13 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/changedetection/summary.md @@ -0,0 +1,8 @@ +# Change Detection: Summary + +The Summary page summarizes the configuration of the action. + +![Change Detection Data Analysis Module wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, click **Cancel** to close +the Change Detection Data Analysis Module wizard to ensure no accidental configurations are saved. diff --git a/docs/accessanalyzer/12.0/admin/analysis/changedetection/uniquekey.md b/docs/accessanalyzer/12.0/admin/analysis/changedetection/uniquekey.md new file mode 100644 index 0000000000..1f0375f8b4 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/changedetection/uniquekey.md @@ -0,0 +1,9 @@ +# Change Detection: Unique Key + +Use the Unique Key page to select one or more columns that, when put together as a ROWKEY, uniquely +identify each row of data in the source table. Available fields vary based on data source selected +on the Input page. See the [Change Detection: Input](/docs/accessanalyzer/12.0/admin/analysis/changedetection/input.md) topic for additional information. + +![Change Detection Data Analysis Module wizard Unique Key page](/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/uniquekey.webp) + +Select one or more fields to form a unique key for the selected table and its columns. diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/changetype.md b/docs/accessanalyzer/12.0/admin/analysis/notification/changetype.md new file mode 100644 index 0000000000..63695d5791 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/changetype.md @@ -0,0 +1,16 @@ +# Notification: Change Type + +Use the Select Change Type page to choose the types of changes for which to trigger a notification. +The selections on this page are optional. This page is only active if Change Detection Table is +selected on the Table Type page. + +![Notification Data Analysis Module wizard Select Change Type page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/changetype.webp) + +The following options are available: + +- Notify me when a property changes – Used to watch for changes in settings, such as a change to a + registry value or a service user account assignment change +- Notify me when something new is detected – Used to watch for something new, such as a new + permissions assignment or someone being added to a group +- Notify me when something is removed – Used to watch for something being removed, such as a user + being removed from a group or an application uninstalled diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/commandline.md b/docs/accessanalyzer/12.0/admin/analysis/notification/commandline.md new file mode 100644 index 0000000000..06d9d91738 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/commandline.md @@ -0,0 +1,17 @@ +# Notification: Command Line + +The Command Line properties page is available when the Command-line Executable notification type is +selected on the Type page. + +![Notification Data Analysis Module wizard Command Line properties page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/commandline.webp) + +The following options are available: + +- Application – Specify an application to receive the notification. Click the ellipsis (**…**) to + view and select from a list of executable files. +- Arguments – If required, specify command line inputs for the application in the text box. If the + argument must come from a value in the database (for example, a timeout value), insert it here via + the Fields drop-down menu above. + + - Fields – To pass one or more fields into the command line arguments, click the drop-down menu, + select a field from the lists, and click **Add** diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/criteria.md b/docs/accessanalyzer/12.0/admin/analysis/notification/criteria.md new file mode 100644 index 0000000000..4931e7b065 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/criteria.md @@ -0,0 +1,16 @@ +# Notification: Criteria + +Use the Notification Criteria page to specify criteria to trigger a notification. + +![Notification Data Analysis Module wizard Criteria page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/criteria.webp) + +The following options are available: + +- No Criteria – Set no criteria to trigger a notification if any property changes. If selected, any + row will trigger the notification. +- Simple Criteria – Select criteria to send a notification based on the value of a specific property + or column in the database. The trigger can be if the property or column value is greater than, + equal to, or less than the value provided. +- Advanced Criteria – Use the Filter Builder to create custom triggers when a value meets the + defined conditions. See the [Advanced Search](/docs/accessanalyzer/12.0/admin/navigate/datagrid.md#advanced-search) topic + for additional information. diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/eventlog.md b/docs/accessanalyzer/12.0/admin/analysis/notification/eventlog.md new file mode 100644 index 0000000000..7e0243614c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/eventlog.md @@ -0,0 +1,24 @@ +# Notification: Event Log + +The Event Log properties page is available when the Event log notification type is selected on the +Type page. Use this page to specify the type of event, the event ID, and the description for the +event. + +![Notification Data Analysis Module wizard Event Log properties page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/eventlog.webp) + +The following options are available: + +- Log – The event log name is Access Analyzer +- Type – Specify the log type. The drop-down menu displays the following options: + + - Information + - Warning + - Error + - FailureAudit + - SuccessAudit + +- Event ID – Specify the event ID +- Description – Enter a description of the event + + - Fields – To pass fields into the description, click on the drop-down list, select a field from + the list, then click **Add** diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/frequency.md b/docs/accessanalyzer/12.0/admin/analysis/notification/frequency.md new file mode 100644 index 0000000000..91d331aa5c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/frequency.md @@ -0,0 +1,10 @@ +# Notification: Frequency + +Use the Notification Frequency page to specify the frequency by which to generate the notifications. + +![Notification Data Analysis Module wizard Notification Frequency page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/frequency.webp) + +The following options are available: + +- Generate notifications immediately +- Delay notifications until conditions have been met – Set the frequency condition diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/hosts.md b/docs/accessanalyzer/12.0/admin/analysis/notification/hosts.md new file mode 100644 index 0000000000..05afe99b57 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/hosts.md @@ -0,0 +1,20 @@ +# Notification: Hosts + +Use the Select Hosts page to scope hosts and to select specific hosts to target. + +![Notification Data Analysis Module wizard Select Hosts page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/hosts.webp) + +The following options are available: + +- I want notification sent for all hosts +- I want notifications sent only for the hosts listed below +- I want notifications sent for all hosts except the ones listed below + +If the first option is selected, the host list selection window is not enabled. If either the second +or third option is selected, the following options are enabled: + +- Show me all host lists – Activates the host list selection window, from which individual host + lists can be selected +- Enter hosts manually – Manually enter specific host names. Once the name is entered, click the add + (**+**) button to add it to the selection box. Ensure the checkbox next to the host name is + selected to include it in the list of hosts. diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/overview.md b/docs/accessanalyzer/12.0/admin/analysis/notification/overview.md new file mode 100644 index 0000000000..96ec227f67 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/overview.md @@ -0,0 +1,41 @@ +# Notification Analysis Module + +The Notification Data analysis module provides the ability to send an email or command-line +notification to selected targets based on the values contains in any table. + +The Notification Data Analysis Module has the following prerequisites: + +- Configure the **Notification** node in the global settings + + - See the [Notification](/docs/accessanalyzer/12.0/admin/settings/notification.md) topic for additional information + +- Enable History for the table specified as the source + + - Only required if configuring Frequency or Time Window, or when using the Change Detection + table as a source on the Table Type page + +## Configuration + +The Notification analysis module is configured through the Notification Data Analysis Module wizard, +which contains the following wizard pages: + +- Welcome +- [Notification: Table Type](/docs/accessanalyzer/12.0/admin/analysis/notification/tabletype.md) +- [Notification: Select Table](/docs/accessanalyzer/12.0/admin/analysis/notification/selecttable.md) +- [Notification: Change Type](/docs/accessanalyzer/12.0/admin/analysis/notification/changetype.md) +- [Notification: Criteria](/docs/accessanalyzer/12.0/admin/analysis/notification/criteria.md) +- [Notification: Hosts](/docs/accessanalyzer/12.0/admin/analysis/notification/hosts.md) +- [Notification: Type](/docs/accessanalyzer/12.0/admin/analysis/notification/type.md) +- [Notification: SMTP](/docs/accessanalyzer/12.0/admin/analysis/notification/smtp.md) +- [Notification: Command Line](/docs/accessanalyzer/12.0/admin/analysis/notification/commandline.md) +- [Notification: Event Log](/docs/accessanalyzer/12.0/admin/analysis/notification/eventlog.md) +- [Notification: Frequency](/docs/accessanalyzer/12.0/admin/analysis/notification/frequency.md) +- [Notification: Time Window](/docs/accessanalyzer/12.0/admin/analysis/notification/timewindow.md) +- [Notification: Summary](/docs/accessanalyzer/12.0/admin/analysis/notification/summary.md) + +The Welcome page lists the prerequisites needed for the Notification Analysis Module to function +properly. + +![Notification Data Analysis Module wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/welcome.webp) + +There are no configurable settings on the Welcome page. To proceed, click **Next**. diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/selecttable.md b/docs/accessanalyzer/12.0/admin/analysis/notification/selecttable.md new file mode 100644 index 0000000000..502f0fe69b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/selecttable.md @@ -0,0 +1,13 @@ +# Notification: Select Table + +Select the table containing data on which to trigger a notification. The selection on the Table Type +page determines the options available on this page. See the +[Notification: Table Type](/docs/accessanalyzer/12.0/admin/analysis/notification/tabletype.md) topic for additional information. + +![Notification Data Analysis Module wizard Select Table page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/selecttable.webp) + +The Select table page has the following options: + +- Show All Tables – All tables within the SQL Server database +- Show All SA Tables – All Access Analyzer tables within the SQL Server database +- Show only tables for this job diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/smtp.md b/docs/accessanalyzer/12.0/admin/analysis/notification/smtp.md new file mode 100644 index 0000000000..5c1e23e2cb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/smtp.md @@ -0,0 +1,45 @@ +# Notification: SMTP + +The SMTP properties page is available when the Email notification type is selected on the Type page. +Use this page to specify SMTP notification properties, including recipients, subject line, and email +body. + +![Notification Data Analysis Module wizard SMTP properties page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/smtp.webp) + +The following options are available: + +- E-mail – Enter an email address to add to the notification list + + - Add – Add an email address to the E-mail field + - Remove – Remove an email address from the Recipients list + - Combine multiple messages into single message – Sends one email for all objects in the record + set instead of one email per object to all recipients + +- Subject – Specify a subject for the email. The subject can include field variables. + + **_RECOMMENDED:_** If configuring a Notification analysis module for a pre-configured job, it is + recommended not to change the existing field variables. + +- Insert Field – Select a source data column to add to the message body or subject line. Click the + drop-down to see a list of columns. Once the column displays in the field, click an arrow to + insert the field. + + - Down arrow – Adds the selected source column to the message text + - Up arrow – Adds the selected source column to the subject text + +- Embed HTML Report – Embed a HTML report in the notification email. Click the Embed HTML Report + button to navigate to the HTML file. +- Show sample input source data – Opens the Sample Source Data window, containing sample input + source data as it currently exists in the database +- Show dialog to set SMTP options – Opens the SMTP Options window, where SMTP global settings can be + overwritten through manual configuration +- Preview – Displays a preview of the email. + + **NOTE:** The preview may not show any or all of the filters applied in previous steps. + +- Clear Template – Clears all data from the subject and message boxes. Does not clear e-mail + addresses. +- Text Box – Specify the text of the email message. The toolbar above the text box contains various + icons providing access to text editing and formatting tools. To insert fields from Access + Analyzer, choose a field from the drop-down menu and click the Down arrow. Block tag formatting is + supported. diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/summary.md b/docs/accessanalyzer/12.0/admin/analysis/notification/summary.md new file mode 100644 index 0000000000..1868e0813e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/summary.md @@ -0,0 +1,10 @@ +# Notification: Summary + +The Summary Page displays all the information input in each of the configured options from the +previous pages of the wizard. + +![Notification Data Analysis Module wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is best practice to +click **Cancel** to close the Notification Data Analysis Module wizard to ensure no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/tabletype.md b/docs/accessanalyzer/12.0/admin/analysis/notification/tabletype.md new file mode 100644 index 0000000000..cc5dc54ff4 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/tabletype.md @@ -0,0 +1,29 @@ +# Notification: Table Type + +Use the Source Table Selection page to choose the type of table to use as the data source for +notifications. + +![Notification Data Analysis Module wizard Source Table Selection page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/tabletype.webp) + +The following options are available: + +- Change Detection Table – Sends notifications when changes are detected in the data. When selected, + the option of **Show only tables for this job** becomes the default selection on the Select Table + page. This option targets only change detection tables within the current job. Possible tables (if + any) display on the Select Table page. See the [Notification: Select Table](/docs/accessanalyzer/12.0/admin/analysis/notification/selecttable.md) topic + for additional information. + + **NOTE:** Change Detection Table also locks selections to tables on the Select Table page that + are selected through Other. To select tables outside of **Show only tables for this job**, + select Other on the Table Type page, then select either **Show All Tables** or **Show All SA + Tables**, then click back to return to the Table Type page. Now selecting Change Detection Table + and proceeding defaults the selection on the Select Table page to whichever was previously + selected through Other. + +- Other – Sends a notification based on a value within a selected table. Selecting this option + enables the following options on the Select Table page, each of which lists a specific set of + tables available for selection: + + - Show All Tables + - Show All SA Tables + - Show only tables for this job diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/timewindow.md b/docs/accessanalyzer/12.0/admin/analysis/notification/timewindow.md new file mode 100644 index 0000000000..5612746276 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/timewindow.md @@ -0,0 +1,13 @@ +# Notification: Time Window + +Use this page to specify whether to include only rows collected in the last execution. + +![Notification Data Analysis Module wizard Time window page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/timewindow.webp) + +The following option is available: + +- Only include rows from most recent run for `[table name]` – Select the checkbox to scope the task + to the most recent data + + **NOTE:** The checkbox is only enabled if the table selected on the Select Table page has a + Access Analyzer **JobRunTimeKey** property. Otherwise, the checkbox is cleared by default. diff --git a/docs/accessanalyzer/12.0/admin/analysis/notification/type.md b/docs/accessanalyzer/12.0/admin/analysis/notification/type.md new file mode 100644 index 0000000000..78763640e6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/notification/type.md @@ -0,0 +1,21 @@ +# Notification: Type + +Use the Notification Type page to specify one or more notification types. + +![Notification Data Analysis Module wizard Notification Type page](/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/type.webp) + +The following options are available: + +- Email – Sends a notification email to specified addresses defined on the SMTP page. See the + [Notification: SMTP](/docs/accessanalyzer/12.0/admin/analysis/notification/smtp.md) topic for additional information. +- Command-line Executable – Runs a command-line program such as a batch file. On the Command Line + page, define the specific application to run and any flags or arguments that must be set at + runtime. See the [Notification: Command Line](/docs/accessanalyzer/12.0/admin/analysis/notification/commandline.md) topic for additional information. +- Event Log – Creates a Windows Event Log item on the Access Analyzer Event Log. On the Event Log + page, define the following: + + - Type of event (Information, Warning, Error, SuccessAudit, FailureAudit) + - Event ID + - Description of the event + + See the [Notification: Event Log](/docs/accessanalyzer/12.0/admin/analysis/notification/eventlog.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/analysis/overview.md b/docs/accessanalyzer/12.0/admin/analysis/overview.md new file mode 100644 index 0000000000..9a316bdcb3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/overview.md @@ -0,0 +1,90 @@ +# Analysis Modules + +The Access Analyzer analysis modules are capable of finding unique data and notifying users of its +location from a variety of environments. Analysis modules are assigned to a job at the +**Configure** > **Analysis** node. See the [Analysis Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysis.md) topic +for information on the Analysis Selection view. + +![Configure an analysis](/img/product_docs/accessanalyzer/12.0/admin/analysis/configure.webp) + +Analysis tasks are configured through the Analysis Properties page. Navigate to the job’s +**Configure** > Analysis node. The Analysis Properties page is opened from the Analysis Selection +page by either of the following options: + +- Select **Create Analysis** to add a new analysis task to a job +- Select an existing analysis and click **Analysis Properties** to modify its configuration + +See the [Analysis Selection Page](#analysis-selection-page) and +[Analysis Properties Page](#analysis-properties-page) topics for additional information. + +The following table provides brief descriptions of the analysis modules available in Access +Analyzer. + +| Analysis Module | Description | +| --------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | +| [AutoAction Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/autoaction.md) | Performs a specified action at the conclusion of an analysis task’s execution | +| [Business Rules Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/businessrules/overview.md) | Finds data that does not match user expectations for the target environment | +| [Change Detection Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/changedetection/overview.md) | Notifies when a change occurs in the results of a job and identifies the location of the change | +| [Notification Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/notification/overview.md) | Sends notifications to specified recipients when a specified event occurs | +| [SQLscripting Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/sqlscripting.md) | Executes free-form SQL scripts | +| SQLTrend | Legacy action module | +| [SQLViewCreation Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/overview.md) | Provides a scripting wizard for creating SQL tables or views | +| [VBscripting Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/vbscripting.md) | Executes free-form VB scripts | + +## Executing Analyses + +Analysis tasks execute automatically if enabled through the Analysis Selection page for jobs with +analysis modules configured. Analysis tasks can be enabled or disabled by selecting the checkbox +next to the analysis tasks. Analysis tasks execute in the order shown in the Analysis Selection +window. Tasks can be manually executed without running the job by right-clicking on the task and +selecting **Execute Analyses** from the dropdown menu. + +## Analysis Selection Page + +Analysis tasks can be created, deleted, and configured through the Analysis Selection page. For jobs +with existing analysis tasks, the Analysis Selection page is used to change the order in which tasks +are run, as well as enabling or disabling tasks. + +![Analysis Selection Page](/img/product_docs/accessanalyzer/12.0/admin/analysis/analysisselectionpage.webp) + +The Analysis Selection page has the following options: + +- Create Analysis – Opens the Analysis Properties page for a newly created task +- Delete Analysis – Deletes the selected analysis task in the Analysis Selection list +- Analysis Properties – Opens the Analysis Properties page for the selected existing analysis task +- Analysis Configuration – Opens the configuration wizard for the analysis task +- Select the checkbox next to an analysis task to enable it, or clear the checkbox to disable it +- Move Up/Move Down – Moves the selected analysis tasks up or down the Analysis Selection task list. + Moving tasks up or down the list changes the order in which the task is run when the job is + executed. + + **NOTE:** Tasks can be drag-and-dropped to change position in the list. + +- Select All – Enables/disables all tasks in the list +- The **Validate**, **Validate Selected**, and **Edit Rules** buttons are specific to the Business + Rules Analysis Module. See the [Business Rules Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/businessrules/overview.md) topic + for additional information on these buttons. + +## Analysis Properties Page + +Configure task properties through the Analysis Properties page. The Analysis Properties page is +accessed through the Analysis Selection page. + +![Analysis Properties Page](/img/product_docs/accessanalyzer/12.0/admin/analysis/analysispropertiespage.webp) + +The Analysis Properties page has the following options: + +- Name – Name of the analysis task. Default names can be changed. +- Description – Description of the analysis task. Analysis tasks for default solutions reference + associate data tables. Descriptions for new tasks are blank by default. +- Analysis Module – Click the drop-down to select an analysis module for the task +- Configure Analysis – Click to access the configuration wizard for the selected analysis module +- ID – Unique identifying number of the analysis task. The database uses distinct IDs to distinguish + between analysis tasks, even those with identical configurations. +- Enable execution of this task when the job is run – Select this option to automatically execute + the task as part of the job execution. This box can also be selected through the Analysis + Selection page. +- View XML – Opens the XML Text window to display the `DataAnalysisTasks.XML` file for the selected + job. The file is stored in the job’s directory. +- Cancel – Return to the Analysis Selection page without saving changes +- Save – Save changes and return to the Analysis Selection page diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlscripting.md b/docs/accessanalyzer/12.0/admin/analysis/sqlscripting.md new file mode 100644 index 0000000000..17d1b2c6bc --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlscripting.md @@ -0,0 +1,108 @@ +# SQLscripting Analysis Module + +Use the SQLscripting analysis module to apply SQL scripting to the selected job. + +![SQL Script Editor](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlscripteditor.webp) + +The SQLscripting analysis module evaluates the Access Analyzer user’s permission level to determine +whether to allow the connected user to run the scripted command. Since this evaluation is based on +specific SQL database permissions and is not always under Access Analyzer’s control, some scripts +with correct syntax may fail due to insufficient permissions. + +The SQL Script Editor window has the following options: + +- Save and Close – Saves script and closes window +- Parameters – Establishes parameters for SQL scripts in the editor + + - Clicking **Parameters** opens the Parameters interface. See the [Parameters](#parameters) + topic for additional information. + +- Syntax Check – Checks SQL script syntax + + - Syntax Check does not identify logic errors, only instances where syntax is incorrect. Click + **Syntax Check** to open the Script Errors window which identifies syntax errors. + - Syntax Check reports back syntax errors starting from the beginning of the script to the end. + Syntax Check does not return a list of errors. + +- Load file – Opens a File Explorer which can be used to navigate to a SQL file +- Save to File – Saves the currently configured script into a SQL file +- Undo – Undo the previous changes made to script (Ctrl+Z) +- Redo – Redo the previous changes made to script (Ctrl+Y) +- Cut – Cuts the highlighted script from the SQL script editor (Ctrl+X) +- Copy – Copies the highlighted script into the SQL script editor (Ctrl+C) +- Paste – Pastes cut or copied script into the SQL script editor (Ctrl+V) +- Online SQL Language Reference – Opens the Microsoft + [Transact-SQL Reference](https://learn.microsoft.com/en-us/previous-versions/sql/sql-server-2005/ms189826(v=sql.90)) + article + +Click **Save and Close** to return to the Analysis Properties page. If no changes were made or +intended, it is best practice to click **Cancel** to close the SQL Script Editor wizard to ensure no +accidental changes are saved. + +## Parameters + +Use the Parameters window to add, edit, and delete temporary variables and tables defined by +SQLscripting and users. The window only displays when **Parameters** is clicked. + +![Parameters window](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlscriptparameters.webp) + +**CAUTION:** not modify any parameters where the Value states `Created during execution`. + +The Parameters window has the following options: + +- Add Variable – Adds a new variable + + - Double-click in the **Name**, **Description**, and **Value** fields to enter custom labels + - Select the variable **Type** from the dropdown menu + - Variable names must begin with the `@` sign + +- Add Table – Adds a new table +- Edit Table – Opens the Edit Table window. See the [Edit Table](#edit-table) topic for additional + information. +- Delete – Deletes the selected variable or table + +The parameters have the following properties: + +- Name – Name of the variable or table +- Type – Type of variable or table + + - String variables utilize a text string input + - Integers and floats are able to handle invalid inputs + - Boolean variables only take True/False input, in SQL they are 1/0 + - Percentages only take whole numbers 0-100, converted to 0.0 to 1.0 in SQL + - Temporary and Variable Tables + +- Description – Description of the variable or table. See the [Edit Table](#edit-table) topic for + additional information. +- Value – Input value + +### Edit Table + +Click **Edit Table** to open the Edit Table window to modify parameters for the selected table. + +![Edit Table window](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlscriptedittablewindow.webp) + +The Edit table window has the following options: + +- Name – Use the Parameters window to edit the table name. + + - If the name begins with a `#` it is a temporary table + - If the name begins with a `@` it is a table variable + + - In SQLCommand, these can be passed in as structured table parameters + + - If neither is specified, Access Analyzer assumes it is a temporary table + +- Description – Use the Parameters window to edit the description +- Values – Add, edit, and remove values from the table + + - Add – Select from the dropdown to either **Add New Row** or **Add New Column** to the table + - Edit a value – Edits the selected value + - Delete – Deletes the selected value + - Up/Down – Changes the value position higher or lower + +A CSV file is created under the job’s directory when a parameter table is added to the analysis. A +pre-existing CSV file can also be uploaded to populate the table. + +Click **OK** to confirm changes to the table. If no changes were made or intended, click **Cancel** +to close the Edit Table window to ensure no accidental changes are saved. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/columns.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/columns.md new file mode 100644 index 0000000000..9b2591a997 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/columns.md @@ -0,0 +1,52 @@ +# SQLViewCreations: Columns + +The Result Columns page lists the tables selected on the Input Select page. + +![View and Table Creation Analysis Module wizard Result Columns page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/columns.webp) + +Expand the table to show its columns. Then, select the checkbox next to the column to include it in +the resulting table or view. If two data tables are being joined, the resulting table displays at +the bottom of the grid. Use the scroll bar to view any hidden tables or data points. + +The grid provides the following options for formatting the resulting table or view: + +- Check All – Selects all checkboxes in the Checked column +- Uncheck All – Clears all checkboxes in the Checked column +- Add Column – Opens the New Trend Column window, where columns can be added to the table +- Delete – Deletes a selected column + + - Original columns cannot be deleted. Only columns that have been added by users can be deleted. + +- Show All Columns/Hide Unchecked Columns – Hides rows that are not currently selected ,or if + columns are currently hidden, displays all columns in the table +- Checked – Selects data columns for inclusion in the resulting table or view +- Column Name – Displays the data column name +- Group Operation – Accesses the available group operations that can be applied to individual data + points. Click on a cell in this column to display the drop-down arrow. The following operations + are available: + + - (none) + - Average + - Count + - Maximum + - Minimum + - Sum + - Variance + +- Data Label – Displays any data label for the associated data point. Data labels override the + column name on the materialized table or view. If applying a group operation, a default data label + shows. To apply a custom label, click in the cell and enter the label. +- Order By Operation – Accesses the available order-by operations that can be applied to individual + data points. Click on a cell in this column to display the drop-down arrow. The following + operations are available: + + - None + - Ascending + - Descending + +**NOTE:** If at least one columns is sorted by value, the **With ties** option is enabled on the +Result Constraints page. See the [SQLViewCreation: Result Constraints](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultconstraints.md) topic +for additional information. + +After selecting the columns to include in the resulting table or view, click **Next** to further +filter the sourced data. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/export.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/export.md new file mode 100644 index 0000000000..2d08acbe37 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/export.md @@ -0,0 +1,26 @@ +# SQLViewCreation: Export + +Use the Export settings page to specify data export settings. + +![View and Table Creation Analysis Module wizard Export page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/export.webp) + +Select the **Export results data** checkbox to enable the settings. The following options control +the file type and destination of the exported data: + +- Format – Use the drop-down menu to select the file format of the exported data + + - MS Excel file – Converts file to Microsoft Excel format. If Excel is not installed on the + console, a warning message shows and another export file format needs to be selected. + - CSV file – Converts file to Comma-Separated Values format. Includes the option to compress the + file to a zip file. + - ML file – Converts file to Extensible Markup Language format. Includes the option to compress + the file to a zip file. + +- Location – Displays the export location path. To edit this field, clear the **Use the job output + folder** checkbox. Click the ellipsis (**…**) to browse for a location, or edit the field + directly. +- Use the job output folder – Use the default export location and displays the path within the + **Location** field. To specify a different location, clear the checkbox and edit the **Location** + field. + +Once the options are selected, click **Next**. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/filter.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/filter.md new file mode 100644 index 0000000000..74cebc83d8 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/filter.md @@ -0,0 +1,16 @@ +# SQLViewCreation: Filter + +Use this page to add custom filters to the table using the Filter Builder. + +![View and Table Creation Analysis Module wizard Filter page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/filter.webp) + +Filters reduce the amount of data visible in a column imported to the resulting table or view. By +default, when the filter page is blank, all the data within each column is included. Use the +following options to add and remove filters: + +- Edit – Opens the Filter window + + - See the [Advanced Search](/docs/accessanalyzer/12.0/admin/navigate/datagrid.md#advanced-search) topic for additional + information + +- Clear – Clears any specified filters diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/input.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/input.md new file mode 100644 index 0000000000..3165fce733 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/input.md @@ -0,0 +1,17 @@ +# SQLViewCreation: Input Source + +Use the Input Source page to select the source tables or views, containing data, to join or +aggregate into a resulting table or view. + +![View and Table Creation Analysis Module wizard Input Source page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/input.webp) + +At the first drop-down, select a table. The drop-down lists on this page are determined by the +selection made on the Input Scope page. To join or aggregate data from two tables, select a second +table at the second drop-down menu. To remove the second table from the field, click the **X** +button. + +**NOTE:** It is important to choose tables that are compatible with one another or share similar +columns. + +When the two sources of data are selected, click **Next** to create a joint column within the +resulting table or view. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/inputscope.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/inputscope.md new file mode 100644 index 0000000000..9ac8c3360a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/inputscope.md @@ -0,0 +1,15 @@ +# SQLViewCreation: Input Scope + +Use the Input Selection page to scope the source data tables. This option affects the tables +available for selection on the subsequent pages. + +![View and Table Creation Analysis Module wizard Input Selection page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/inputscope.webp) + +Select the source data to be used from the following options: + +- Tables from Current Job – Targets all tables generated by the current job within the SQL Server + database +- All Access Analyzer Tables – Targets tables within the SQL Server database that begin with `SA` +- All tables in the database – Targets all tables within the SQL Server database + +After selecting the initial scope for the data sources, click **Next**. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/joincolumns.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/joincolumns.md new file mode 100644 index 0000000000..9c866cb3d2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/joincolumns.md @@ -0,0 +1,41 @@ +# SQLViewCreations: Join Columns + +Use the Join Columns page to select a column from each source table to join together on the +resulting table or view. The options on this page are only enabled if two tables are selected on the +Input Source page. + +**NOTE:** The SQLViewCreation analysis module can join two tables, using a simple equi-join +condition of two predicates. For composite joins with two or more tables using a conjunction of +predicates, use the SQLscripting analysis module. See the +[SQLscripting Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/sqlscripting.md) topic for additional information. + +![View and Table Creation Analysis Module wizard Join Columns page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/joincolumns.webp) + +Use the **Table 1 join property** and **Table 2 join property** fields to select join predicates +from both tables. Join predicates are columns containing analogous values that are used to match +records in referenced tables. + +Next, specify how to join these tables. To automatically select the appropriate join type, select +one or more of the checkboxes. The selection in the **Join Type** field updates based on user +selections. + +To manually select, use the **Join Type** field. The selection here may update the above checkboxes. +The following options are available: + +- Join Type – Select a join type from the drop-down: + + **NOTE:** Left is the first table referenced, right is the second table. + + - Inner Join – Returns records that have matching values in both tables + - Right Outer Join – Returns all records from the left table, and the matched records from the + right table + - Left Outer Join – Return all records from the right table, and the matched records from the + left table + - Full Outer Join – Return all records when there is a match in either left or right table + +**NOTE:** The join property is the column found within both tables. The two columns can have +different names. However, in the results set, everywhere a value in the first column matches the +value in the second column, rows from the respective tables are joined together. + +After selecting a column from each data source to join, click **Next** to select columns to transfer +to the resulting table or view. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/overview.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/overview.md new file mode 100644 index 0000000000..2d459a1d06 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/overview.md @@ -0,0 +1,35 @@ +# SQLViewCreation Analysis Module + +The SQLViewCreation analysis module provides the ability to create new views or tables that are used +in Access Analyzer actions and reports. These views or tables are re-created during job execution. + +**CAUTION:** Consider the impact on storage and performance when choosing to create views versus +tables. Tables require more storage space in the database. + +## Configuration + +This analysis module provides the View and Table Creation Analysis Module wizard to assist in +configuring the module. Before the wizard, collect the desired data for manipulation. + +The wizard contains the following pages: + +- Welcome +- [SQLViewCreation: Input Scope](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/inputscope.md) +- [SQLViewCreation: Input Source](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/input.md) +- [SQLViewCreations: Join Columns](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/joincolumns.md) +- [SQLViewCreations: Columns](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/columns.md) +- [SQLViewCreation: Filter](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/filter.md) +- [SQLViewCreation: Time Window](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/timewindow.md) +- [SQLViewCreation: Result Constraints](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultconstraints.md) +- [SQLViewCreation: Result Type](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/result.md) +- [SQLViewCreation: Result Sample](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultsample.md) +- [SQLViewCreation: Export](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/export.md) +- [SQLViewCreation: Summary](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/summary.md) + +The Welcome page provides an overview of the analysis module. + +![View and Table Creation Analysis Module wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/welcome.webp) + +There are no configurable settings on the Welcome page. Click **Next** to begin configuring a custom +table or view using two formatted data sources, or use the Steps navigation pane to open another +page in the wizard. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/result.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/result.md new file mode 100644 index 0000000000..78253340a8 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/result.md @@ -0,0 +1,18 @@ +# SQLViewCreation: Result Type + +Use the Result Type page to choose a SQL database table or view for the result’s output. + +![View and Table Creation Analysis Module wizard Result Type page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resulttype.webp) + +The options on this page determine the visual representation and name of the combined data from the +two sourced tables. Select from the following two options: + +- Create Table – Creates a table output for the resulting dataset +- Create View – Creates a view output for the resulting dataset + +A default name of `SA_[job name]_Result` is provided in the name field. You can customize this name +for the resulting table or view. + +The name must start with `SA` to be recognized as a Access Analyzer table or view. + +After selecting the resulting table or view’s visual representation and name, click **Next**. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultconstraints.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultconstraints.md new file mode 100644 index 0000000000..0e128d6971 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultconstraints.md @@ -0,0 +1,43 @@ +# SQLViewCreation: Result Constraints + +Use the Result Constraints page to impose restraints on the dataset. + +![View and Table Creation Analysis Module wizard Result constraints page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultconstraints.webp) + +Select one of the following options to choose if and how much data should be returned: + +- Duplicate rows can appear in the result set +- Only unique rows can appear in the result set +- Return only [number] [unit] of the rows – Select this checkbox to specify a numeric value and unit + of measurement to return for the rows that appear in the resulting table or view + + - With ties – Include all instances of identical values in the sorted columns with the results. + To include only one instance of identical values, do not select this option.. See the + [With Ties Example](#with-ties-example) topic for additional information. + + **NOTE:** This field is enabled by sorting at least one column in the table by value (for + SQL, only a sorted column can contain ties). To sort columns, use the **Order By Operation** + field on the Columns page. See the [SQLViewCreations: Columns](/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/columns.md) topic for + additional information. + +## With Ties Example + +The following example explains how the **With ties** option works. + +![cid:image027.webp@01D4CF75.96F2E110](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/examplefull.webp) + +Consider a table that has ten rows with one repeating entry under the value column. + +![cid:image025.webp@01D4CF74.8A56D750](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/examplereduced.webp) + +If the table is sorted by the value column in ascending order and the **Return only** option is set +to **40 percent**, then there should be four rows visible in the resulting table or view output. + +![cid:image026.webp@01D4CF74.8A56D750](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/examplereducedwithties.webp) + +However, if the first three values in the sort column are unique but the fourth value matches the +fifth, selecting the **With ties** option returns the first three rows as well as both the fourth +and fifth rows for a total of five rows. + +**NOTE:** If sorting multiple columns, **With ties** evaluates all sorted columns to determine ties +between columns with the same inputs. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultsample.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultsample.md new file mode 100644 index 0000000000..44586b8045 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultsample.md @@ -0,0 +1,13 @@ +# SQLViewCreation: Result Sample + +Use this page to preview a sampling of the completed data manipulation. + +![View and Table Creation Analysis Module wizard Result Sample page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultsample.webp) + +Click **Show Preview** to populate the window with the selections from the previous pages. If the +window does not populate, check the configurations for errors and try again. + +**NOTE:** The **Show Preview** option does not always apply the filter conditions specified within +the wizard, but the resulting table or view applies all filters. + +If the preview is satisfactory, click **Next** to continue. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/summary.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/summary.md new file mode 100644 index 0000000000..4660643ef9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/summary.md @@ -0,0 +1,9 @@ +# SQLViewCreation: Summary + +This page provides an overview of all the settings configured in the wizard. + +![View and Table Creation Analysis Module wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the View and Table Creation Analysis Module wizard to ensure that no +accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/timewindow.md b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/timewindow.md new file mode 100644 index 0000000000..7863a58f0e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/timewindow.md @@ -0,0 +1,23 @@ +# SQLViewCreation: Time Window + +Use the Source and Time Window page to specify which data to access if using multiple Access +Analyzer Consoles or history is enabled. + +![View and Table Creation Analysis Module wizard Source and Time Window page](/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/timewindow.webp) + +Use the following options to select which sources of data to permit and the time frame in which the +data was collected: + +- Source Data Details – Choose a data source. This option is for when the selected tables are from + two separate Access Analyzer Consoles using tables generated by the same job. + + **NOTE:** This section is enabled after selecting **All Access Analyzer Tables** or **All tables + in the database** on the Input Scope page. + + - All data – Uses all data available from the selected option on the Input Scope page and merges + the data + - Data from this Access Analyzer Console only – Uses only data from the Access Analyzer Console + generating the current analysis module + +- Time Window – Select a time window for each table in the analysis. The drop-down menu selections + vary based on each table's history settings. diff --git a/docs/accessanalyzer/12.0/admin/analysis/vbscripting.md b/docs/accessanalyzer/12.0/admin/analysis/vbscripting.md new file mode 100644 index 0000000000..36ff7b0dba --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/analysis/vbscripting.md @@ -0,0 +1,27 @@ +# VBscripting Analysis Module + +Use the VBscripting analysis module to access the VBScript Editor and apply VB scripting to the +current analysis. + +![VBScript Editor](/img/product_docs/accessanalyzer/12.0/admin/analysis/vbscripteditor.webp) + +The VBScript Editor has the following options: + +- Save and Close – Saves the script and closes the window +- Syntax Check – Checks VB script syntax + + - Syntax Check does not identify logic errors, only instances where syntax is incorrect. Click + **Syntax Check** to open the Script Errors window which identifies syntax errors. + - Syntax Check reports back syntax errors starting from the beginning of the script to the end. + Syntax Check does not return a list of errors. + +- Load file – Opens a File Explorer which can be used to navigate to a VBS file +- Save to File – Saves the currently configured script into a VBS file +- Undo – Undo the previous changes made to script (Ctrl+Z) +- Redo – Redo the previous changes made to script (Ctrl+Y) +- Cut – Cuts the highlighted script from the VB script editor (Ctrl+X) +- Copy – Copies the highlighted script in the VB script editor (Ctrl+C) +- Paste – Pastes cut or copied script into the VB script editor (Ctrl+V) + +When done using the editor, click **Save and Close** to return to the Analysis Properties page. Make +sure to save the analysis. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/category.md b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/category.md new file mode 100644 index 0000000000..438c3881d5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/category.md @@ -0,0 +1,57 @@ +# ActiveDirectory: Category + +The ActiveDirectory Data Collector Category page contains the following query categories, +sub-divided by auditing focus: + +![Active Directory Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/category.webp) + +The categories are: + +- Domains + + - Domains – Domains in an organization’s forest + - Trusted Domains – List of domains and their trust relationships + - FSMO Role Holders – FSMO Role Holders (Significant Domain Controllers) + - Domain Object Counts – Number of users and servers with each Domain + +- Directory Objects By Domain + + - Containers – Containers under given scope + - Organizational Units – Organizational units under given scope + - Computers – List of computer objects under scope + - Shared Folders – Shared folders under the scope + - Printers – Printer objects + - Users – All user objects under the scope + - Contacts – Contact objects + - Groups – Domain/global/universal distribution groups + +- Sites and Topology + + - Sites – List of AD sites + - Servers – Servers list + - Site Object Counts – Number of users and servers within each AD Site + +- Inter-site transports + + - Transports – Inter-site transports in AD + - SiteLinks – Connections between two sites + - SiteLinkBridges – Object for tracking transitively connected site links + +- DNS Services + + - Subnets – Known subnets list + - DNS Zones – DNS zone objects list + +- Directory Security + + - Extended Control Access Rights – Extended rights dump + - Security Principals – Well-known security principals from external sources + +- Directory Schema + + - Schema Attributes – Dumps all defined attributes in Active Directory + - Schema Classes – Dumps all defined classes in Active Directory + +- AD Replication + + - AD Replication Links – Active Directory replication links diff --git a/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/directoryscope.md b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/directoryscope.md new file mode 100644 index 0000000000..e9689b423b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/directoryscope.md @@ -0,0 +1,19 @@ +# ActiveDirectory: Directory Scope + +The Directory Scope page provides configuration settings for the directory connection and the scope +for the query. It is a wizard page for the category of **Directory Objects by Domain**. + +![Active Directory Data Collector Wizard Directory Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/directoryscope.webp) + +The Directory Scope page has the following options: + +- Connect to – Identifies the target domain + + - Default domain – Domain in which the Access Analyzer Console server resides + - This domain – Domain specified in the textbox + +- Connect – Connects to the target domain to provide a list of directories +- Add – Add an OU to the query scope +- Remove – Removes an OU from the query scope +- Scope – List of OUs to be scanned +- Sub tree – Sub-OUs included in the scan if checked diff --git a/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/options.md b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/options.md new file mode 100644 index 0000000000..e34a4eb0c2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/options.md @@ -0,0 +1,24 @@ +# ActiveDirectory: Options + +The Options page provides format options for returned data. It is a wizard page for all categories. + +![Active Directory Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/options.webp) + +- How to format collected results – Select from the following options: + + - Return data as collected + - Return data in a separate row for each property set in the following group + + - Select the group from the drop-down menu + + - Return each value of the following property in a separate row + + - Select the property from the drop-down menu + +- How to return multi-valued properties in one cell – Select from the following options: + + - Concatenated – All values are listed in one cell using the delimiter specified + + - Delimiter – Symbol used to separate values in the cell + + - First value only – Only the first value is listed in the cell diff --git a/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/overview.md new file mode 100644 index 0000000000..63a9613b8b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/overview.md @@ -0,0 +1,40 @@ +# ActiveDirectory Data Collector + +The ActiveDirectory Data Collector audits objects published in Active Directory. It has been +preconfigured within the Active Directory Solution. Both this data collector and the solution are +available with a special Access Analyzer license. See the +[Active Directory Solution](/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md) topic for additional +information. + +Protocols + +- ADSI +- LDAP +- RPC + +Ports + +- TCP 389/636 +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Domain Administrators group + +## ActiveDirectory Query Configuration + +The ActiveDirectory Data Collector is configured through the Active Directory Data Collector Wizard, +which contains the following wizard pages: + +- Welcome +- [ActiveDirectory: Category](/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/category.md) +- [ActiveDirectory: Directory Scope](/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/directoryscope.md) +- [ActiveDirectory: Results](/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/results.md) +- [ActiveDirectory: Options](/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/options.md) +- [ActiveDirectory: Summary](/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/summary.md) + +![Active Directory Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/results.md b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/results.md new file mode 100644 index 0000000000..b0ceaf8e8e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/results.md @@ -0,0 +1,10 @@ +# ActiveDirectory: Results + +The Results page is where Active Directory object properties to be gathered are selected. It is a +wizard page for all categories. + +![Active Directory Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/results.webp) + +Properties can be selected individually or the **Check all**, **Uncheck all**, and **Reset to +defaults** buttons can be used. All selected properties are gathered. Available properties vary +based on the category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/summary.md new file mode 100644 index 0000000000..1996cc7c64 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/summary.md @@ -0,0 +1,9 @@ +# ActiveDirectory: Summary + +The Summary page displays a summary of the configured query. It wizard page for all categories. + +![Active Directory Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adactivity/category.md b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/category.md new file mode 100644 index 0000000000..bb863adc51 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/category.md @@ -0,0 +1,13 @@ +# ADActivity: Category + +Use the Category page to identify how activity data is retrieved or removed. + +![Active Directory Activity DC wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/category.webp) + +The ADActivity Data Collector Category page contains three query categories: + +- Import From SAM – Import activity from a Netwrix Activity Monitor archive +- Import From Share – Import activity from a network share +- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for + troubleshooting. When this option is selected, the next wizard page is the Summary page. See the + [Clear ADActivity Tables](/docs/accessanalyzer/12.0/admin/datacollector/adactivity/cleartables.md) topic for more information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adactivity/cleartables.md b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/cleartables.md new file mode 100644 index 0000000000..f5b80399c0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/cleartables.md @@ -0,0 +1,22 @@ +# Clear ADActivity Tables + +Sometimes when troubleshooting an ADActivity issue, it becomes necessary to clear the standard +reference tables. Follow the steps. + +**Step 1 –** Create a new job and assign a query using the ADActivity Data Collector. + +![Active Directory Activity DC wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/categoryremovetables.webp) + +**Step 2 –** In the Active Directory Activity DC Wizard on the Category page, select the **Remove +Tables** category task. + +![Active Directory Activity DC wizard Results page for Remove Tables category](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/resultsremovetables.webp) + +**Step 3 –** Click **Next** to go to the Results page. Optionally, select the **Success** checkbox +to display a confirmation of successful removal in the results after the job is run. + +**Step 4 –** Click **Next** and then Click **Finish** to close the Active Directory Activity DC +Wizard. Click **OK** to close the Query Properties window. + +**CAUTION:** When the job is run, all of the ADActivity standard reference tables are removed from +the database. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adactivity/connection.md b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/connection.md new file mode 100644 index 0000000000..c5a5aac176 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/connection.md @@ -0,0 +1,30 @@ +# ADActivity: SAM Connection + +The SAM connection page is where the port number is configured to send Active Directory data from +Netwrix Activity Monitor. It is a wizard page for the category of: + +- Import from SAM + +![Active Directory Activity DC wizard SAM connection settings page](/img/product_docs/activitymonitor/config/activedirectory/namconnection.webp) + +The following connection setting can be configured to connect to the Netwrix Activity Monitor +archive via an API Server: + +- Port – Enter the API server port. The default is 4494. +- Encrypt communication with target server (SSL) – Allows the Active Directory Activity Data + Collector to communicate with the SAM API Server over a secure channel + + - Ignore certificate errors? – Ignores untrusted certificate authority errors and allows the + scan to continue + +- Test SAM host – Enter the Activity Monitor API server name in a qualified domain name format. + Click Connect to test the connection. A successful result populates the section underneath with a + Refresh token. +- Exclude – Select archives to be ignored by the Active Directory Activity DC scan + + **CAUTION:** Save the Refresh token to a Text Editor for later use. The Refresh token resets + each time the Test SAM host option is connected to. It must be replaced in the Connection + profile if it is regenerated. + +- Refresh token – After generation, it must replace the old Access Token from the SAM API Server + configuration in the Connection Profiles required to connect to the API Server diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adactivity/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/overview.md new file mode 100644 index 0000000000..81cd00d0e5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/overview.md @@ -0,0 +1,34 @@ +# ADActivity Data Collector + +The ADActivity Data Collector integrates with the Netwrix Activity Monitor by reading the Active +Directory activity log files. It has been preconfigured within the Active Directory Solution. Both +this data collector and the solution are available with a special Access Analyzer license. See the +[Active Directory Solution](/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md) topic for additional +information. + +Protocols + +- HTTP +- RPC + +Ports + +- TCP 4494 (configurable within the Netwrix Activity Monitor) + +Permissions + +- Netwrix Activity Monitor API Access activity data +- Netwrix Activity Monitor API Read +- Read access to the Netwrix Activity Monitor Log Archive location + +## ADActivity Query Configuration + +The ADActivity Data Collector is configured through the Active Directory Activity DC wizard, which +contains the following wizard pages, which change based up on the query category selected: + +- [ADActivity: Category](/docs/accessanalyzer/12.0/admin/datacollector/adactivity/category.md) +- [ADActivity: SAM Connection](/docs/accessanalyzer/12.0/admin/datacollector/adactivity/connection.md) +- [ADActivity: Share](/docs/accessanalyzer/12.0/admin/datacollector/adactivity/share.md) +- [ADActivity: Scope](/docs/accessanalyzer/12.0/admin/datacollector/adactivity/scope.md) +- [ADActivity: Results](/docs/accessanalyzer/12.0/admin/datacollector/adactivity/results.md) +- [ADActivity: Summary](/docs/accessanalyzer/12.0/admin/datacollector/adactivity/summary.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adactivity/results.md b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/results.md new file mode 100644 index 0000000000..b6750b347c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/results.md @@ -0,0 +1,9 @@ +# ADActivity: Results + +The Results page is where the properties to be gathered are selected. It is a wizard page for all of +the categories. + +![Active Directory Activity DC wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/results.webp) + +Properties can be selected individually or the **Select All** and **Clear All** buttons can be used. +All selected properties are gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adactivity/scope.md b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/scope.md new file mode 100644 index 0000000000..cfb01017be --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/scope.md @@ -0,0 +1,31 @@ +# ADActivity: Scope + +Use the Scoping and Retention page to configure additional settings. This page is a wizard page for +the categories of: + +- Import From SAM +- Import From Share + +![Active Directory Activity DC wizard Scoping and Retention page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) + +The Timespan is defined according to the following two elements: + +- Relative Timespan – Number of days AD Activity is collected when the scan is run +- Absolute Timespan – Set the date range for the scan to collect AD Activity + + **_RECOMMENDED:_** The threshold should be set for after the Netwrix Activity Monitor collects + and archives its data but before they are deleted after a set retention period. + +The Retention section sets what event type is collected and how many days Access Analyzer keeps the +collected data in its SQL database. The table has the following columns: + +- Event Type – The event type that may be enabled for the scan. The event types are: + + - AD Change + - AD Replication + - Authentication + - LDAP + - Process Injection + +- Days to Store – Specify the number of days to store the collected data for the event type +- Enable Collection – When selected, the corresponding event type is collected diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adactivity/share.md b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/share.md new file mode 100644 index 0000000000..1a0f6ad63f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/share.md @@ -0,0 +1,20 @@ +# ADActivity: Share + +The Share page provides options for configuring share settings. It is a wizard page for the category +of: + +- Import from Share + +![Active Directory Activity DC wizard Share settings page](/img/product_docs/activitymonitor/config/activedirectory/share.webp) + +The following connection setting can be configured to connect to the AD activity archives that must +be located on a Domain Controller share: + +- UNC Path – Enter the path of the share that stores AD Activity from the AD Agent(s). The ellipsis + (**…**) opens a file explorer where the path can be navigated to and selected. + + - _Remember,_ all AD Agent logs must be archived to this location or the AD Activity data is not + queried by Access Analyzer + +- Include Sub-Directories – Select to include sub-directories on the targeted share. Use this option + if there are multiple archives in the same location. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-activity/standard-tables.md b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/standardtables.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/ad-activity/standard-tables.md rename to docs/accessanalyzer/12.0/admin/datacollector/adactivity/standardtables.md diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adactivity/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/summary.md new file mode 100644 index 0000000000..582f8c169e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adactivity/summary.md @@ -0,0 +1,10 @@ +# ADActivity: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![Active Directory Activity DC wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Activity DC wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adinventory/category.md b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/category.md new file mode 100644 index 0000000000..2a46a840b0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/category.md @@ -0,0 +1,21 @@ +# ADInventory: Category + +Use the category page to identify which Active Directory task to perform. + +![Active Directory Inventory DC Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/category.webp) + +The categories include the following tasks: + +- Scan Active Directory – Scans Active Directory objects and imports the information into SQL Server + database, creating the standard reference tables. This task is also responsible for maintaining + the schema for tables and views. This is the standard option for this data collector. +- Update SQL Indexes – Reorganizes or rebuilds indexes in the Access Analyzer SQL storage database. + When this option is selected, the next wizard page is the Results page. +- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for + troubleshooting. When this option is selected, the next wizard page is the Summary page. See the + [Clear ADInventory Tables](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/cleartables.md) topic for more information. +- Drop Domain – Remove host domain related data from SQL server + +**NOTE:** The Scan Active Directory category is the pre-configured setting for the .Active Directory +Inventory Job Group. Therefore, accessing the Active Directory Inventory DC Wizard from the query +within that job group does not display the Category wizard page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adinventory/cleartables.md b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/cleartables.md new file mode 100644 index 0000000000..6e32c4d4a1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/cleartables.md @@ -0,0 +1,25 @@ +# Clear ADInventory Tables + +Sometimes when troubleshooting an ADInventory issue, it becomes necessary to clear the standard +reference tables. Follow the steps. + +**CAUTION:** Be careful when using this query task. It will result in the deletion of collected +data. + +**Step 1 –** Create a new job and assign a query using the **ADInventory** Data Collector. + +![Remove Tables task selected on Active Directory Inventory DC Wizard Category page ](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/categoryremovetables.webp) + +**Step 2 –** In the Active Directory Inventory DC Wizard on the Category page, select the **Remove +Tables** category task. + +**Step 3 –** Click **Next** and then **Finish** to close the Active Directory Inventory DC Wizard. +Click **OK** to close the Query Properties window. + +When the job is run, all of the ADInventory standard reference tables are removed from the database. + +**CAUTION:** Never leave the query task selected after job execution. Accidental data loss can +occur. + +_Remember,_ this job deletes data from the Access Analyzer database. Check the job has been +configured correctly prior to job execution. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributes.md b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributes.md new file mode 100644 index 0000000000..8b37b3b248 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributes.md @@ -0,0 +1,86 @@ +# ADInventory: Custom Attributes + +The Custom Attributes page provides ability to add Active Directory attributes that are unique to +the environment or not collected by default to be gathered. It is a wizard page for the category of +Scan Active Directory. + +The [Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/standardtables.md) topic +provides information on what is collected by default. Custom attributes added on this page are +stored in the **SA_ADInventory_ExtendedAttributes** table. + +![Active Directory Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributes.webp) + +The Custom Attribute is defined according to the following three elements: + +- Domain Filter – Short or fully qualified name +- Object Class – User, Group, or Computer +- Attribute Name – As listed within Active Directory + +Use the **Add**, **Edit**, and **Remove** buttons at the bottom of the window to configure the +custom attributes to be gathered by the scan. See the +[Manually Add Custom Attributes](#manually-add-custom-attributes) topic for additional information. + +The **Import** button opens the Custom Attributes Import Wizard. See the +[Custom Attributes Import Wizard](#custom-attributes-import-wizard) topic for additional +information. + +Microsoft Active Directory Schema is detailed in the Microsoft +[Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) +article. + +#### Manually Add Custom Attributes + +The **Add** and **Edit** buttons on the Custom Attributes page open the Custom Attribute window. +Follow the steps to manually add custom attributes. + +**Step 1 –** On the Custom Attributes page of the Active Directory Inventory DC Wizard, click +**Add**. The Custom Attribute window opens. + +![Custom Attribute window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesadd.webp) + +**Step 2 –** Enter the **Domain Filter**. This can be entered either as the short domain name or the +fully qualified domain name. + +**Step 3 –** Select the checkbox for the desired **Object Class**. + +**Step 4 –** Enter the **Attribute Name** as it appears in Active Directory. + +**Step 5 –** Click **OK**. The Custom Attribute window closes and the specified attribute is added +in the Custom Attributes page. + +Repeat this process until all desired Custom Attributes have been included. + +#### Custom Attributes Import Wizard + +The Custom Attributes Import Wizard is used to import a list of custom attributes into the +ADInventory Data Collector configurations. Follow the steps to use the Custom Attributes Import +Wizard. + +**Step 1 –** On the Custom Attributes page of the Active Directory Inventory DC Wizard, click +**Import**. The Custom Attribute Import Wizard opens. + +![Custom Attributes Import Wizard Credentials page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesimportcredentials.webp) + +**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting +one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in +which the Access Analyzer Console server resides. Then set the credentials for reading the +attributes list from the domain: + +- Authenticate as the logged in user – Applies the user account running Access Analyzer +- Use the following credentials to authenticate – Applies the account supplied in the **User Name** + and **Password** fields + +Click **Next** to continue. + +![Custom Attributes Import Wizard Attributes page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesimportattributes.webp) + +**Step 3 –** The wizard populates available attributes from the domain specified on the Attributes +page. Expand the desired object class and select the checkboxes for the custom attributes to be +imported. Then click **Next**. + +![Custom Attributes Import Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesimportsummary.webp) + +**Step 4 –** On the Summary page, click **Finish**. + +The selected attributes are added on the Custom Attributes page of the Active Directory Inventory DC +Wizard. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adinventory/domains.md b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/domains.md new file mode 100644 index 0000000000..1b1b5e5d34 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/domains.md @@ -0,0 +1,8 @@ +# ADInventory: Domains + +The Domains page removes host domain-related data from the SQL server for the selected domains. + +![Active Directory Inventory DC Wizard Domains page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/domains.webp) + +Select the checkbox next to a domain to remove host-related data from the SQL server for that +domain. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adinventory/indexupdateoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/indexupdateoptions.md new file mode 100644 index 0000000000..94d33b9c66 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/indexupdateoptions.md @@ -0,0 +1,22 @@ +# ADInventory: Index Update Options + +Configure options for maintaining SQL Server indexes while running queries using the Index Update +Options page. + +![Active Directory Inventory DC Wizard Index Update Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/indexupdateoptions.webp) + +The options on the Index Update Options page are: + +- SQL Index Update Options: + + - Maximum Degree of Parallelism – Set the maximum limit of the Degree of Parallelism used for + the query. Default is **1**. + - Minimum Index Reorganization Threshold – Set the minimum index reorganization threshold that + is performed while running the query. Default is **5** percent. + - Minimum Index Rebuilding Threshold – Set the minimum index rebuilding threshold that is + performed while running the query. Default is **31** percent. + +- Select Data Collector Schemas– Select which schemas to maintain when running the query by + selecting them from the table. Enable a schema for indexing by selecting the checkbox next to it. + Right-click in the table to show options for **Check All**, **Clear All**, **Check All Selected + Items**, and **Clear All Selected Items**. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adinventory/options.md b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/options.md new file mode 100644 index 0000000000..2811529433 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/options.md @@ -0,0 +1,46 @@ +# ADInventory: Options + +The Options page provides options for Active Directory data collection. It is a wizard page for the +category of Scan Active Directory. + +![Active Directory Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/options.webp) + +The Options page has the following configuration options: + +- Encrypt communication with Active Directory (SSL) – Allows the ADInventory Data Collector to + communicate with Active Directory over a secure channel + + - Ignore certificate errors? (For testing only) – Ignores untrusted certificate authority errors + and allows the scan to continue. This option is for testing purposes only. + +- Collect SID History from domain migrations – During a domain migration, the new infrastructure is + created alongside the old infrastructure. The old account SID is typically added to the SID + history attribute for the new account. The option to collect SID history is made available within + the ADInventory Data Collector to assist resolving SIDs for domain migrations. +- Collect only updates since the last scan (recommended) – Default setting for differential + scanning. The updates collected are any changes to: group membership, attributes on user objects, + attributes on group objects, and so on. + + - Track changes into Change tracking tables – Records all changes since the last scan in + separate tables + - Limit Last Logon TimeStamp Changes – When selected, changes to the Last Logon TimeStamp + Attribute are not recorded + + **_RECOMMENDED:_** If tracking changes, use the Limit Last Logon TimeStamp Changes option. + + - Number of days you want to keep changes in the database – Use the arrow buttons or manually + enter a number to set the number of days to keep changes + - Target previously scanned domain controller – Collects updated information from the last + domain controller targeted to reduce the scan time. Below are some considerations: + + - If the last domain controller is unavailable, the targeted domain controller is the + specified domain controller from the host list. If using the domain name, it attempts to + find the last scanned domain controller. + - If that domain controller is determined to be unavailable, then it runs a full scan on the + next domain controller that responds. Then, it will scan the new domain controller for + changes going forward. + + Selecting the **Track changes into Change tracking tables** option enables the **Number of days + you want to keep changes in the database** box. This allows for changes in Active Directory to + be tracked. When change tracking is enabled, notification analysis tasks can be used to send + alerts. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md new file mode 100644 index 0000000000..d75623d9e9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md @@ -0,0 +1,59 @@ +# ADInventory Data Collector + +The extraction and correlation of user, group, and computer attributes drastically transforms the +meaning of data collected across the many systems and applications that are linked to Active +Directory. The ADInventory Data Collector is designed as a highly scalable and useful data +collection mechanism to catalogue user, group, and computer object information that can be used by +other solutions within Access Analyzer. + +The ADInventory Data Collector is a core component of Access Analyzer and has been preconfigured to +be used within the .Active Directory Inventory Solution. Both this data collector and the solution +are available with all Access Analyzer license options. See the +[.Active Directory Inventory Solution](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.md) +topic for additional information. + +Protocols + +- LDAP + +Ports + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +## Functional Design of the ADInventory Data Collector + +The ADInventory Data Collector has been designed to update incrementally. Once it has run against a +domain controller, additional collections gather changes made since the last scan. This enables the +ADInventory Data Collector to function efficiently within large environments. Each time it is run +against different domain controllers, it restarts the cycle. + +## ADInventory Query Configuration + +The ADInventory Data Collector is configured through the Active Directory Inventory DC Wizard, which +contains the following wizard pages: + +- Welcome +- [ADInventory: Category](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/category.md) +- [ADInventory: Results](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/results.md) +- [ADInventory: Options](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/options.md) +- [ADInventory: Index Update Options](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/indexupdateoptions.md) +- [ADInventory: Custom Attributes](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributes.md) +- [ADInventory: Summary](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.md) + +![Active Directory Inventory DC Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adinventory/results.md b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/results.md new file mode 100644 index 0000000000..f308a23a9c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/results.md @@ -0,0 +1,13 @@ +# ADInventory: Results + +The Results page is where properties from Active Directory to be gathered are selected. It is a +wizard page for the category of Scan Active Directory. + +![Active Directory Inventory DC Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/results.webp) + +Properties can be selected individually or the **Select All** or **Clear All** buttons can be used. +All selected properties are gathered. + +This information is not available within the standard reference tables and views. Instead, this +information can be viewed in the SA_ADInventory_DEFAULT table, which is created when any of these +properties are selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adinventory/standardtables.md b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/standardtables.md new file mode 100644 index 0000000000..33b9204a63 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/standardtables.md @@ -0,0 +1,59 @@ +# Standard Reference Tables & Views for the ADInventory Data Collector + +The ADInventory Data Collector gathers essential user and group inventory information into standard +reference tables. Unlike other Access Analyzer data collectors, the ADInventory Data Collector +writes data to these tables regardless of the job executing the query. + +These tables and their associated views are outlined below: + +| Table | Details | AD Object Reference Article | +| ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | +| SA_ADInventory_AttributeChanges | Contains a list of principal identifiers and their corresponding attribute changes for each differential scan that is performed against a domain. | [Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) | +| SA_ADInventory_Computers | Contains extended information about computers, operating systems, service packs, etc. | [Computer class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-computer) | +| SA_ADInventory_DistinguishedNames | Contains every distinguished name collected from principals and group membership. | [Attribute distinguishedName](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-ada1/56da5a9b-485d-4d7c-a226-1a54a43d9013) | +| SA_ADInventory_Domains | Contains information about the domain such as its naming context and when it was last scanned. | [Domain class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-domain) | +| SA_ADInventory_EffectiveGroupMembers | Contains expanded group membership which includes a flattened representation of members. | | +| SA_ADInventory_Exceptions | Contains information about security issues and concerns. **NOTE:** See the [AD Exception Types Translated](#ad-exception-types-translated) topic for an explanation of Exception Types. | | +| SA_ADInventory_ExceptionTypes | Identifies how many instances of exceptions exist on the audited domain. **NOTE:** See the [AD Exception Types Translated](#ad-exception-types-translated) topic for an explanation of Exception Types. | | +| SA_ADInventory_Exchange | Contains information about the Exchange Server, each database and storage group, and the HomeMDB property. | [ms-Exch-Home-MDB Attribute](https://learn.microsoft.com/en-us/previous-versions/office/developer/exchange-server-2003/ms980583(v=exchg.65)) | +| SA_ADInventory_ExtendedAttributes | Contains information gathered by the custom attributes component of the query configuration. | [Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) | +| SA_ADInventory_GroupMemberChanges | Contains a list of group principal identifiers and their corresponding membership changes for each differential scan that is performed against a domain. | [Member attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-member) | +| SA_ADInventory_GroupMembers | Contains a map of groups to member distinguished names. | [Member attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-member) | +| SA_ADInventory_Groups | Contains extended information about groups, group type, managed by, etc. | [Group class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-group) | +| SA_ADInventory_ImportHistory | Contains a list of all imports performed against a particular domain along with when the import happened and the GUID of the domain controller that was scanned. | | +| SA_ADInventory_Principals | Contains common attributes for users, groups, and computers as well as references to their primary distinguished name and security identifiers. | [Security-Principal class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-securityprincipal) | +| SA_ADInventory_SecurityIdentifiers | Contains every SID collected from the principals, including historical identifiers. | [Security-Identifier attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-securityidentifier) | +| SA_ADInventory_Users | Contains extended information about users, department, title, etc. | [User class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-user) | + +Views are the recommended way for you to obtain the information gathered by the ADInventory Data +Collector. They contain additional information for building queries easily. + +The following is an explanation of the corresponding views created for some of the tables generated +by the ADInventory Data Collector: + +| Views | Details | +| ---------------------------------------- | ---------------------------------------------------------------------------------------- | +| SA_ADInventory_AttributeChangesView | Contains attribute change information | +| SA_ADInventory_ComputersView | Contains computer information | +| SA_ADInventory_EffectiveGroupMembersView | Contains effective group membership information | +| SA_ADInventory_ExceptionsView | Contains principals that are identified to have security concerns | +| SA_ADInventory_GroupMemberChangesView | Contains group membership change information | +| SA_ADInventory_GroupMembersView | Contains group membership information | +| SA_ADInventory_GroupsView | Contains group level information | +| SA_ADInventory_PrincipalsView | Contains common attributes from the principals table including additional domain details | +| SA_ADInventory_UsersView | Contains user information | + +### AD Exception Types Translated + +The following table translates the Type of Exceptions that can found. + +| Type | Exception | Description | +| ---- | -------------------- | ------------------------------------------------------------------------- | +| 1 | Large Groups | Groups with a large amount of effective members | +| 2 | Deeply Nested | Groups with deep levels of membership nesting | +| 3 | Circular Nesting | Groups with circular references in their effective membership | +| 4 | Empty Groups | Groups with no membership | +| 5 | Single Member Groups | Groups with a single direct member | +| 6 | Stale Users | Users that have not logged onto the domain for an extended period of time | +| 7 | Stale Membership | Groups with a high percentage of effective members that are stale users | +| 8 | Large Token | Users with a large amount of authorization groups in their token | diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.md new file mode 100644 index 0000000000..d8b2c3f57f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.md @@ -0,0 +1,10 @@ +# ADInventory: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![Active Directory Inventory DC Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Inventory DC Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/category.md b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/category.md new file mode 100644 index 0000000000..c74eb07efe --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/category.md @@ -0,0 +1,13 @@ +# ADPermissions: Category + +The ADPermissions Data Collector Category page identifies what kind of information to retrieve using +the Category wizard page. + +![ADPermissions Data Collector wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/category.webp) + +The categories on the ADPermissions Category page are: + +- Scan Active Directory Permissions – Scan permissions applied to objects +- Scan Active Directory Audits – Scan audits applied to objects +- Remove Tables – Remove all tables and views from SQL server. See the + [Remove ADPermissions Tables](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/removetables.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/customfilter.md b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/customfilter.md new file mode 100644 index 0000000000..402e5ecc89 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/customfilter.md @@ -0,0 +1,28 @@ +# ADPermissions: Custom Filter + +The Custom Filter page provides options to configure settings for object permission collection. It +is only available if the Custom Filter option is checked on the Scope page. It is a wizard page for +the categories of: + +- Scan Active Directory Permissions +- Scan Active Directory Audits + +![ADPermissions Data Collector wizard Custom Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/customfilter.webp) + +The configurable options are: + +- Root Path – Enter the AD root path + + - Select the distinguished name from the drop-down menu to the right of the Root Path + - Click **Preview** to show an example of the complete path + +- LDAP Filter – Enter a custom filter string +- Scope – Select an option from the drop-down menu: + + - Base – Limits the scope to the base object. The maximum number of objects returned is always + one. + - One Level – Restricted to the immediate children of a base object, but excludes the base + object itself + - Sub tree – (or a deep scope) includes all child objects as well as the base object + +- Click **Add** to add the filter criteria to the list. Multiple filters can be used. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/options.md b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/options.md new file mode 100644 index 0000000000..8d849bf214 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/options.md @@ -0,0 +1,23 @@ +# ADPermissions: Options + +The Options page is provides additional options for collecting the Active Directory information. It +is a wizard page for the categories of: + +- Scan Active Directory Permissions +- Scan Active Directory Audits + +![ADPermissions Data Collector wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/options.webp) + +The configurable options are: + +- Encrypt communication with Active Directory (SSL) – Enables SSL encryption + + - Ignore Certificate errors – Select to ignore errors for testing only + +- Collect only updates since the last scan – Enables differential scanning + + - Target previously scanned domain controller – Select to use the same domain controller as the + previous scan + - Track changes into change tracking tables – Enable to track changes + - Number of days you want to keep changes in the database – Set the number of days to keep + changes in the database diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md new file mode 100644 index 0000000000..b1682e86fe --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md @@ -0,0 +1,38 @@ +# ADPermissions Data Collector + +The ADPermissions Data Collector collects the advanced security permissions of objects in AD. It is +preconfigured within the Active Directory Permissions Analyzer Solution. Both this data collector +and the solution are available with a special Access Analyzer license. See the +[Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/overview.md) +topic for additional information. + +Protocols + +- ADSI +- LDAP +- RPC + +Ports + +- TCP 389 +- TCP 135 – 139 +- Randomly allocated high TCP ports + +Permissions + +- LDAP Read permissions +- Read on all AD objects +- Read permissions on all AD Objects + +## ADPermissions Query Configuration + +The ADPermissions Data Collector is configured through the Active Directory Permissions Data +Collector Wizard. The wizard contains the following pages, which change based upon the query +category selected: + +- [ADPermissions: Category](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/category.md) +- [ADPermissions: Scope](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/scope.md) +- [ADPermissions: Custom Filter](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/customfilter.md) +- [ADPermissions: Options](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/options.md) +- [ADPermissions: Results](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/results.md) +- [ADPermissions: Summary](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/ad-permissions/remove-tables.md b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/removetables.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/ad-permissions/remove-tables.md rename to docs/accessanalyzer/12.0/admin/datacollector/adpermissions/removetables.md diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/results.md b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/results.md new file mode 100644 index 0000000000..5e48e3e825 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/results.md @@ -0,0 +1,9 @@ +# ADPermissions: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +of the categories. + +![ADPermissions Data Collector wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/results.webp) + +Available properties vary based on the category selected. Properties can be selected individually or +the **Select All** and **Clear All** buttons can be used. All selected properties are gathered. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/scope.md b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/scope.md new file mode 100644 index 0000000000..a76236c121 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/scope.md @@ -0,0 +1,40 @@ +# ADPermissions: Scope + +The Scope page is where the scope for the Active Directory permissions scan is configured. It is a +wizard page for the categories of: + +- Scan Active Directory Permissions +- Scan Active Directory Audits + +![ADPermissions Data Collector wizard Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/scope.webp) + +The configurable options are: + +- Built-in: + + - Certificate Templates – All certificate templates in Active Directory + - Computers – Computer objects under scope + - Contacts – Contact objects + - Containers – Containers under given scope + - DNS Zones – DNS zone object list + - Domains – Domains in an organizations forest + - Extended Control Access Rights – Access control rights list + - Foreign Security Principals – Well known security principles from external sources + - Group – Domain, global, universal distribution groups + - NTAuth Certificates Container – NTAuth Certificates Container + - Organizational Units – Organizational units under given scope + - Printer – Printer objects + - Schema Attributes – All defined attributes in Active Directory + - Schema Classes – All defined classes in Active Directory + - Servers – Server objects + - Shared Folders – Shared folders under the scope + - Site Link Bridges – Object for tracking transitively connected site links + - Site links – Connections between sites + - Site Transports – Inter-site transports in Active Directory + - Sites – List of Active Directory sites + - Subnets – Known subnet objects + - Users – All user objects under the scope + +- Custom: + + - Custom Filter – Custom filter for collecting objects diff --git a/docs/accessanalyzer/12.0/data-collection/ad-permissions/standard-tables.md b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/standardtables.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/ad-permissions/standard-tables.md rename to docs/accessanalyzer/12.0/admin/datacollector/adpermissions/standardtables.md diff --git a/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/summary.md new file mode 100644 index 0000000000..9acd2bbeea --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/summary.md @@ -0,0 +1,10 @@ +# ADPermissions: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![ADPermissions Data Collector wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Permissions Data Collector Wizard ensuring that no +accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/aws/category.md b/docs/accessanalyzer/12.0/admin/datacollector/aws/category.md new file mode 100644 index 0000000000..d7f3827e74 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/aws/category.md @@ -0,0 +1,20 @@ +# AWS: Category + +Use the Category page to select the type of scan for the targeted AWS instance or maintenance task +to perform. + +![AWS Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/category.webp) + +The options on the Category page are: + +- AWS scan jobs + + - Collect Org data – Collects all organization info from an AWS instance + - Collect IAM data – Collects all users, groups, and roles from an AWS instance + - Collect S3 – Collects S3 data + - Collect SDD data – Scans S3 objects for potentially sensitive data + +- Maintenance + + - Drop AWS DC Tables – Removes AWS data collector data and tables from the Access Analyzer + database. See the [Drop AWS Tables](/docs/accessanalyzer/12.0/admin/datacollector/aws/droptables.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/aws/criteria.md b/docs/accessanalyzer/12.0/admin/datacollector/aws/criteria.md new file mode 100644 index 0000000000..1d655f9b4a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/aws/criteria.md @@ -0,0 +1,23 @@ +# AWS: Criteria + +The Criteria (Select DLP criteria for this scan) page is where criteria to be used for discovering +sensitive data during a scan is configured. It is a wizard page for the category of Collect SDD +Data. + +![AWS Query SDD Criteria](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/criteria.webp) + +Default criteria is set at the **Global Settings** > **Sensitive Data** node. Choose between the +**Use Global Criteria** Selection and the **Use the Following Selected Criteria** radio buttons. + +For custom criteria, select the checkbox for the criteria to be used to search for sensitive data. +There are **Select All** and **Clear All** buttons that can be used. + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + +User-defined criteria is created in the Criteria Editor, accessed through the **Global Settings** > +**Sensitive Data** node. See the +[Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitivedatadiscovery/overview.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/aws/droptables.md b/docs/accessanalyzer/12.0/admin/datacollector/aws/droptables.md new file mode 100644 index 0000000000..6abb2c7572 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/aws/droptables.md @@ -0,0 +1,24 @@ +# Drop AWS Tables + +Sometimes when troubleshooting an AWS issue, it becomes necessary to clear the AWS DC data and +tables from the Access Analyzer database. Follow the steps to configure a job to remove tables. + +**Step 1 –** Create a new job. + +**Step 2 –** Configure the target host as **Local host**. + +**Step 3 –** Assign a query using the **AWS** Data Collector. + +![Drop AWS DC Tables option on Amazon Web Services Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/droptables.webp) + +**Step 4 –** In the Amazon Web Services Data Collector Wizard on the Category page, select the +**Drop AWS DC Tables** category task. Click **Next**. + +**Step 5 –** Click **Next** and then click **Finish** to close the Amazon Web Services Data +Collector Wizard. Click **OK** to close the Query Properties window. + +**CAUTION:** When the job is run, all of the AWS DC data and tables are removed from the database. + +The job is now configured and ready to run. + +**NOTE:** An AWS connection profile is not required for the Drop AWS DC Tables task. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.md b/docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.md new file mode 100644 index 0000000000..c46e5f2cba --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.md @@ -0,0 +1,40 @@ +# AWS: Filter S3 Objects + +The Filter S3 Objects page provides the options to filter which objects stored in S3 should be +queried for permissions and sensitive data. It is a wizard page for the categories of: + +- Collect S3 +- Collect SDD Data + +![Filter S3 Objects page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.webp) + +Use the buttons to customize the filter list: + +- Add – Opens the Select a bucket window. See the [Add Filter](#add-filter) topic for additional + information. +- Add Custom Filter – Create a custom filter. See the [Add Custom Filter](#add-custom-filter) topic + for additional information. +- Remove – Remove a filter from the list + +## Add Filter + +The Select a Bucket window shows the available buckets in the AWS instance. + +![Select a bucket window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/selectabucket.webp) + +Select from the available buckets and click **OK** to add them to the Filter S3 Objects page. + +## Add Custom Filter + +The Add Custom Filter window allows a custom filter to be configured. + +![Add Custom Filter window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/customfilter.webp) + +Configure a custom filter using the following format: + +- The characters `*` and `?` are wildcards + - `*` – matches any number of characters + - `?` – matches a single character +- ARN should follow the format: `arn:aws:s3:::/` + +Click **Save** to add the custom filter to the Filter S3 Objects page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.md b/docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.md new file mode 100644 index 0000000000..ca720c9f2f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.md @@ -0,0 +1,23 @@ +# AWS: Login Roles + +The Login Roles page is where the previously created AWS Roles are added. It is a wizard page for +the categories of: + +- Collect Org data +- Collect IAM data +- Collect S3 + +![AWS Query Login Roles](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.webp) + +Add the login roles that will allow Access Analyzer to scan the AWS accounts. See the +[Configure AWS for Scans](/docs/accessanalyzer/12.0/requirements/target/config/aws.md) topic for additional +information. The page has the following options: + +- Import From File – Browse to the location of a CSV file from which to import the roles +- Role Name – Enter the name of the role +- Add – Add the role from the Role Name textbox to the list +- Remove – Remove the selected role from the list +- Clear – Remove all roles from the list +- Max Session Duration (hours) – Specify the maximum time the account can be logged in for. This + value should not exceed the SessionDuration configured for the role in AWS. The default value is 1 + and the maximum value is 12. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/aws/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/aws/overview.md new file mode 100644 index 0000000000..e196377567 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/aws/overview.md @@ -0,0 +1,56 @@ +# AWS Data Collector + +The AWS Data Collector collects IAM users, groups, roles, and policies, as well as S3 permissions, +content, and sensitive data from the target Amazon Web Services (AWS) accounts. The AWS Data +Collector has been preconfigured for the AWS Solution. Both this data collector and the solution are +available with a special Access Analyzer license. See the +[AWS Solution](/docs/accessanalyzer/12.0/solutions/aws/overview.md) topic for additional information. + +Protocols + +- 443 + +Ports + +- 443 + +Permissions + +- To collect details about the AWS Organization, the following permission is required: + + - organizations:DescribeOrganization + +- To collect details regarding IAM, the following permissions are required: + + - iam:GenerateCredentialReport + - iam:GenerateServiceLastAccessedDetails + - iam:Get\* + - iam:List\* + - iam:Simulate\* + - sts:GetAccessKeyInfo + +- To collect details related to S3 buckets and objects, the following permissions are required: + + - s3:Describe\* + - s3:Get\* + - s3:HeadBucket + - s3:List\* + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## AWS Query Configuration + +The AWS Data Collector is configured through the Amazon Web Services Data Collector Wizard. The +wizard contains the following pages, which change based up on the query category selected: + +- [AWS: Category](/docs/accessanalyzer/12.0/admin/datacollector/aws/category.md) +- [AWS: Login Roles](/docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.md) +- [AWS: Filter S3 Objects](/docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.md) +- [AWS: Sensitive Data Settings](/docs/accessanalyzer/12.0/admin/datacollector/aws/sensitivedata.md) +- [AWS: Criteria ](/docs/accessanalyzer/12.0/admin/datacollector/aws/criteria.md) +- [AWS: Results](/docs/accessanalyzer/12.0/admin/datacollector/aws/results.md) +- [AWS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/aws/summary.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/aws/results.md b/docs/accessanalyzer/12.0/admin/datacollector/aws/results.md new file mode 100644 index 0000000000..e7f7782e24 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/aws/results.md @@ -0,0 +1,9 @@ +# AWS: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +of the categories. + +![Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/results.webp) + +Properties can be checked individually or the **Select All** or **Clear All** buttons can be used. +All checked properties are gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/aws/sensitivedata.md b/docs/accessanalyzer/12.0/admin/datacollector/aws/sensitivedata.md new file mode 100644 index 0000000000..a586255145 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/aws/sensitivedata.md @@ -0,0 +1,49 @@ +# AWS: Sensitive Data Settings + +The Sensitive Data Settings page is where sensitive data discovery settings are configured. It is a +wizard page for the category of Collect SDD Data. + +![Sensitive Data Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/sensitivedata.webp) + +Configure the following options: + +- Don’t process files larger than: [number] MB – Limits the files to be scanned for sensitive + content to only files smaller than the specified size +- Include offline files (this may significantly increase scan times) – Includes offline files in the + scan +- Perform Optical Character Recognition for image files – Enables the data collector to scan for + sensitive data within digital images of physical documents + + **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents + directly converted to images, with standard fonts. It will not work for scanning photos of + documents and may not be able to recognize text on images of credit cards, driver's licenses, or + other identity cards. + +- Store discovered sensitive data – Stores discovered sensitive data in the database +- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria + for discovered sensitive data +- Use the radio buttons to select the File types to scan: + + - Scan all file types – Scans everything in a given environment + - Scan custom file types – Select the checkboxes from the list of file and document types that + are included in a sensitive data scan. The table contains the following categories and their + sub-options: + + - Compressed Archive files + - Documents + - Email + - Image files + - Presentations + - Spreadsheets + - Text/Markup files + +- Perform differential scan of – Enables you to choose whether to employ incremental scanning: + + - Files modified since last scan – Scans only files modified since the last scan + - Files modified since [date] – Only scans files modified after the specified date + - Files modified since the last [number] days – Scans files modified within the specified number + of days + +- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn + as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU + threads available. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/aws/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/aws/summary.md new file mode 100644 index 0000000000..acc4ce4c0a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/aws/summary.md @@ -0,0 +1,9 @@ +# AWS: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all categories. + +![summary](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Amazon Web Services Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/category.md b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/category.md new file mode 100644 index 0000000000..e09fb48947 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/category.md @@ -0,0 +1,18 @@ +# AzureADInventory: Category + +The Category page identifies which Inventory task to perform. + +![Entra ID Inventory DC Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/category.webp) + +The two categories are: + +- Scan Entra ID – Scans Microsoft Entra ID objects and imports the information into the SQL Server + database, creating the standard reference tables. This task also maintains the schema for tables + and views. This is the standard option for this data collector. +- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for + troubleshooting. When this option is selected, the next wizard page is the Summary page. See the + [Troubleshooting AzureADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/troubleshooting.md) topic for more information. + +The Scan Entra ID category is the pre-configured setting for the .Entra ID Inventory Job Group. +Therefore, accessing the Entra ID Inventory DC Wizard from the query within that job group does not +display the Category wizard page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/configurejob.md b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/configurejob.md new file mode 100644 index 0000000000..a4c1ea8c61 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/configurejob.md @@ -0,0 +1,43 @@ +# Microsoft Entra ID Connection Profile & Host List + +The AzureADInventory Data Collector requires a custom Connection Profile and host list to be created +and assigned to the job or job group conducting the data collection. The host inventory option +during host list creation makes it necessary to configure the Connection Profile first. + +## Connection Profile + +Creating the Connection Profile requires having the Client ID and Key that was generated when Access +Analyzer was registered as a web application with Microsoft Entra ID. See the +[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/12.0/config/entraid/access.md) for additional +information. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Azure Active Directory +- Client ID – Application (client) ID of the Access Analyzer application registered with Microsoft + Entra ID. See the + [Identify the Client ID](/docs/accessanalyzer/12.0/config/entraid/access.md#identify-the-client-id) topic for + additional information. +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) + topic for additional information.) +- Key – Client secret value for the Access Analyzer application registered with Microsoft Entra ID. + See the + [Generate the Client Secret Key](/docs/accessanalyzer/12.0/config/entraid/access.md#generate-the-client-secret-key) + topic for additional information. + +Once the Connection Profile is created, it is time to create the custom host list. See the +[Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. + +## Custom Host List + +The custom host list should include: + +- All Microsoft Entra ID tenants to be targeted. If there are multiple tenants, the Connection + Profile should contain a credential for each. +- The host name must be the domain name of the tenant, for example `company.onmicrosoft.com`. See + the [Identify the Client ID](/docs/accessanalyzer/12.0/config/entraid/access.md#identify-the-client-id) topic + for additional information. + +See the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) topic for instructions on creating a custom +static host list. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributes.md b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributes.md new file mode 100644 index 0000000000..9541f48a72 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributes.md @@ -0,0 +1,102 @@ +# AzureADInventory: Custom Attributes + +Use the Custom Attributes wizard page to define custom attributes that will be used in the Microsoft +Entra ID scan. + +![Entra ID Inventory Data Collector Wizard Custom Attributes page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributes.webp) + +Configuration options for Custom Attributes include: + +- Collect Open Extensions – If enabled, data collector will perform a full scan and collect all + extension attributes for Microsoft Entra ID objects + + - Enabling this option will increase the time it takes for the data collector to complete the + scan. Disabling this option will configure the data collector run a differential scan, which + will only scan changes since the last scan was performed. + + **CAUTION:** A full scan is required when new attributes are added or removed. + +- Add – Adds a manually entered attribute that is included in the scan. This option opens the Custom + Attribute window. +- Edit – Make changes to a previously added attribute. This option opens the Custom Attribute + window. +- Remove – Deletes the attribute from the table and therefore the scan +- Import – Use the Azure Connection Profile credentials or manually inputted credentials to import + custom attributes for the scan using a valid tenant name. This option opens up the Custom + Attributes Import Wizard. + +Use the **Add**, **Edit**, and **Remove** buttons at the bottom of the window to configure the +custom attributes to be gathered by the scan. Use the **Add** button to open the +[Custom Attribute Window](#custom-attribute-window). The **Import** button opens the +[Custom Attributes Import Wizard](#custom-attributes-import-wizard). + +#### Custom Attribute Window + +Input custom attributes from Microsoft Entra ID environments using the Custom Attribute pop-up +window. + +![Custom Attribute Window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributewindow.webp) + +The options on the Custom Attributes window are: + +- Tenant Filter – Use a Tenant Name or wildcard to target the desired environment. Wildcards (\*) + can be used. +- Object Class – One or more object class for the attribute can be selected: + - User + - Group + - Contact +- Attribute Name – Microsoft Entra ID attribute name +- Collect all sub-attributes – Allows the collection of sub-attributes + - Sub-Attribute Name – Define the sub-attribute name. Wildcards (\*) can be used. + +Repeat this process until all desired Custom Attributes have been included. Click **OK** to save the +attribute. + +#### Custom Attributes Import Wizard + +The Custom Attributes Import wizard adds a list of custom schema and application attributes from the +targeted tenant environment into the AzureADInventory Data Collector configurations. Follow the +steps to use this window: + +**Step 1 –** On the Custom Attributes page of the Entra Inventory DC wizard, click **Import**. The +Custom Attributes Import Wizard opens. + +![Custom Attributes Import Wizard](/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributesimportwizard.webp) + +**Step 2 –** On the Connection page, enter the Tenant Name of the instance of Microsoft Entra ID to +be targeted, and then select the method of supplying credentials for the specified tenant instance: + +- Use the following connection profile entry – Select an Azure Connection Profile from the dropdown + list +- Use the following credentials to authenticate – Enter the credentials to use + - App Id –Client ID + - App key – Client Secret Key + +**_RECOMMENDED:_** Add a valid Azure Connection Profile to the **Jobs** > **.Entra ID Inventory** > +**Settings** > **Connection** settings as a user defined profile. This ensures the connection +profile displays in the dropdown menu. + +See the [Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/12.0/config/entraid/access.md) or the +[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/configurejob.md) topics for additional +information. + +**Step 3 –** Click **Test Connection** in order to connect to the tenant with the supplied +credentials. If they are correct, the Schema Attributes and Application Attributes pages become +available. Click **Next** to navigate to them. + +| | | +| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ![customattributesimportwizardschema](/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp) | +| Schema Extended Attributes page | Application Extended Attributes page | + +**Step 4 –** On the Schema and Application Attributes pages, the wizard populates with the available +attributes from the Azure tenant. Expand the object classes and select the checkboxes next to the +required attributes to import the custom attributes. Click Next to continue. + +- Load More – Adds additional object classes from the Microsoft Entra ID tenant environment that are + not located in the current list +- Refresh Nodes – Wipes selections from all object class folders + +**Step 5 –** On the Summary page, review your selections and click **Finish**. + +The selected attributes display on the Custom Attributes page of the Entra ID Inventory DC wizard. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/options.md b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/options.md new file mode 100644 index 0000000000..c8d558b680 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/options.md @@ -0,0 +1,13 @@ +# AzureADInventory: Options + +The Options page provides scan options to use when gathering Microsoft Entra ID information. It is a +wizard page for the Scan Entra ID category. + +![Entra ID Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/options.webp) + +Scan options for collecting Microsoft Entra ID information include: + +- Collect only updates since the last scan +- Collect sign-in activity with scan + - This option is required to collect the LastLogonTimestamp attribute of user objects +- Collect directory audit events diff --git a/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/overview.md new file mode 100644 index 0000000000..8da16a68d6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/overview.md @@ -0,0 +1,59 @@ +# AzureADInventory Data Collector + +The AzureADInventory Data Collector catalogs user and group object information from Microsoft Entra +ID, formerly Azure Active Directory. This data collector is a core component of Access Analyzer and +is preconfigured in the .Entra ID Inventory Solution. + +Both this data collector and the solution are available with all Access Analyzer license options. +See the [.Entra ID Inventory Solution](/docs/accessanalyzer/12.0/solutions/entraidinventory/overview.md) topic for +additional information. + +Protocols + +- HTTP +- HTTPS +- REST + +Ports + +- TCP 80 and 443 + +Permissions + +- Microsoft Graph API + + - Application Permissions: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + + - Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +- Access URLs + + - https://login.windows.net + - https://graph.windows.net + - https://login.microsoftonline.com + - https://graph.microsoft.com + + - All sub-directories of the access URLs listed + +## AzureADInventory Query Configuration + +The AzureADInventory Data Collector is configured through the Entra ID Inventory DC Wizard, which +contains the following wizard pages: + +- Welcome +- [AzureADInventory: Category](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/category.md) +- [AzureADInventory: Options](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/options.md) +- [AzureADInventory: Custom Attributes](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributes.md) +- [AzureADInventory: Results](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/results.md) +- [AzureADInventory: Summary](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/summary.md) + +![Entra ID Inventory Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/welcome.webp) + +Hide the Welcome page the next time this data collected is accessed by selecting the **Do not +display this page the next time** checkbox. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/results.md b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/results.md new file mode 100644 index 0000000000..8c86d37d6f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/results.md @@ -0,0 +1,11 @@ +# AzureADInventory: Results + +The Results page is where the properties from Microsoft Entra ID to be gathered are selected. It is +a wizard page for the category of Scan Entra ID. + +![Entra ID Inventory DC Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/results.webp) + +Properties can be checked individually or the **Select All** and **Clear All** buttons can be used. +All checked properties are collected. This information is not available within the standard +reference tables and views. Instead, this information can be viewed in the +**SA_AzureADInventory_DEFAULT** table, which is created when any of these properties are selected. diff --git a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/standard-tables.md b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/standardtables.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/standard-tables.md rename to docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/standardtables.md diff --git a/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/summary.md new file mode 100644 index 0000000000..c84172d7d3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/summary.md @@ -0,0 +1,10 @@ +# AzureADInventory: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for both of the +categories. + +![Entra ID Inventory DC Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Entra ID Inventory DC Wizard to ensure that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/troubleshooting.md b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/troubleshooting.md new file mode 100644 index 0000000000..caea365fdd --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/troubleshooting.md @@ -0,0 +1,32 @@ +# Troubleshooting AzureADInventory Data Collector + +## Clear AzureADInventory Tables + +Sometimes when troubleshooting an AzureADInventory issue, it becomes necessary to clear the standard +reference tables. Follow the steps. + +**Step 1 –** Create a new job and assign a query using the **AZUREADINVENTORY** Data Collector. + +**Step 2 –** In the Entra ID Inventory DC Wizard on the Category page, select the **Remove Tables** +category task. + +**Step 3 –** Click **Next** and then **Finish** to close the Entra ID Inventory DC Wizard. Click +**OK** to close the Query Properties window. + +When the job is run, all of the AzureADInventory standard reference tables are removed from the +database. + +## Troubleshooting Error Messages + +Change the XML parameters to address the following errors: + +Error: Microsoft.Graph.ServiceException: Code: timeout Message: The request timed out + +Update the `` parameter to update the number of retries to run the query. +The default is 3. + +Error: An existing connection was forcible closed by the remote host + +Update the `` parameter to update the max delta token age. The default is 6. + +See the [View Job XML File](/docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxml.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/box/activityoperationscope.md b/docs/accessanalyzer/12.0/admin/datacollector/box/activityoperationscope.md new file mode 100644 index 0000000000..82e33e608f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/box/activityoperationscope.md @@ -0,0 +1,23 @@ +# Box: Activity Operation Scope + +The Activity Operation Scope page (ActivityOperationScope) is where Box Enterprise events can be +selected or unselected for scans. It is a wizard page for the Scan Box Activity category. + +![Box DC Wizard Activity Operation Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/activityoperation.webp) + +Event filters can be selected by group or the group may be expanded and the filters selected +individually. All selected filters are gathered from the Box environment. + +Event filters include: + +- Collaboration +- File Activity +- Group +- Login +- Metadata +- Misc +- Security +- Sharing +- Task +- Users +- Workflow diff --git a/docs/accessanalyzer/12.0/admin/datacollector/box/activitytimeframescope.md b/docs/accessanalyzer/12.0/admin/datacollector/box/activitytimeframescope.md new file mode 100644 index 0000000000..73cbe90a74 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/box/activitytimeframescope.md @@ -0,0 +1,23 @@ +# Box: Activity Timeframe Scope + +The Activity Timespan Scope page (ActivityTimeframeScope) is where Box activity data collection is +configured. It is a wizard page for the Scan Box Activity category. + +![Box DC Wizard Activity Timespan Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/activitytimeframe.webp) + +Select one of the following options to configure the timeframe for Box data collection: + +- Relative Timespan – Collects activity from a set number of days relative to the present + + - Collect activity from the last [number] Days – Enter the number of days for which activity + data collection is required. The default is 180. The maximum timespan is 365 days. + - Data retention settings – Select a preferred retention setting + + - Within timespan – Deletes all data outside of the selected timespan + - Retain all data – Retains all data collected inside or outside of the selected timespan + +- Absolute Timespan – Enter the interval of days for which activity data collection is required. The + default End Date is the current day. + + **NOTE:** Choosing an absolute timespan will not affect activity data during relative timespan + scans. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/box/additionalscoping.md b/docs/accessanalyzer/12.0/admin/datacollector/box/additionalscoping.md new file mode 100644 index 0000000000..cf407bff04 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/box/additionalscoping.md @@ -0,0 +1,14 @@ +# Box: Additional Scoping + +The Additional Scoping page is where the scan can be limited by depth of the scan. It is a wizard +page for the Scan Box Permissions category. + +![Box DC Wizard Additional Scoping page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/additionalscoping.webp) + +Configure the scan depth level: + +- Limit scanned depth to: [number] level – Select the checkbox and set the scan depth level to the + desired depth. If this checkbox is not selected, then the entire Box environment will be scanned, + according to the [Box: Exclusions Page](/docs/accessanalyzer/12.0/admin/datacollector/box/exclusions.md) settings. If the scoping depth is set to + **0** then only root will be scanned. Each increment will add another level of depth from root + level. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/box/authenticate.md b/docs/accessanalyzer/12.0/admin/datacollector/box/authenticate.md new file mode 100644 index 0000000000..f374df1434 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/box/authenticate.md @@ -0,0 +1,15 @@ +# Box: Authenticate + +The Authenticate page is where connection to the Box environment is configured. It is a wizard page +for all categories. + +![Box DC Wizard Authentication page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/authentication.webp) + +Click **Authorize** to launch the BoxLogin window and generate an authorization code. This code will +allow Access Analyzer to report on the Box Enterprise. + +![BoxLogin window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/boxlogin.webp) + +Enter an email address and password for an account with Enterprise Admin credentials in the targeted +Box environment. Then click **Authorize** to grant access to Box and generate the code. The **Use +Single Sign On (SSO)** option is an alternative log in method. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/box/category.md b/docs/accessanalyzer/12.0/admin/datacollector/box/category.md new file mode 100644 index 0000000000..22fa890564 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/box/category.md @@ -0,0 +1,17 @@ +# Box: Category + +Use the Category page to select the type of scan or import for the Box Enterprise targeted. + +![Box DC Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/category.webp) + +The Box Data Collector contains the following query categories: + +- Box Activity Audit – Scan Box activity + + - Scan Box Activity – Performs an audit of Box activity + - Bulk Import Box Activity – Performs a bulk import of Box activity + +- Box Permission Audit – Scan Box permissions + + - Scan Box Permissions – Performs an audit for Box permissions + - Import Box Permissions – Performs an import of Box permissions diff --git a/docs/accessanalyzer/12.0/admin/datacollector/box/exclusions.md b/docs/accessanalyzer/12.0/admin/datacollector/box/exclusions.md new file mode 100644 index 0000000000..812806ec4c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/box/exclusions.md @@ -0,0 +1,20 @@ +# Box: Exclusions Page + +The Exclude or Include folders page (ExclusionsPage) is where the scan can be limited to include or +to exclude folders within the Box Enterprise. It is a wizard page for of Scan Box Permissions +category. + +![Box DC Wizard Exclude or Include folders page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/exclusions.webp) + +The options on the Exclusions Page are: + +- Add as inclusion – Type the path of a folder in the text box to include in the scan. The folder + path must not include a slash at the end. + + - Example format: `/All Files/Folder/SubFolder` + - Incorrect format: `/All Files/Folder/SubFolder/` + +- Add as exclusion – Type the path of a folder in the text box to exclude from the scan + +The **Remove** option will delete a selected folder from the list. The **Clear List** option will +remove all folders from the list. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/box/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/box/overview.md new file mode 100644 index 0000000000..9c163a1099 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/box/overview.md @@ -0,0 +1,50 @@ +# Box Data Collector + +The Box Data Collector audits access, group membership, and content within a Box enterprise. + +**NOTE:** If the Box Data Collector is used in a new job, outside of the Box Solution, it is +necessary to deselect the **Skip Hosts that do not respond to PING** option on the job’s +**Properties** > **Performance** tab. + +The Box Data Collector has been preconfigured within the Box Solution. Both this data collector and +the solution are available with a special Access Analyzer license. See the +[Box Solution](/docs/accessanalyzer/12.0/solutions/box/overview.md) topic for additional information. + +Protocols + +- HTTP +- HTTPS + +Ports + +- TCP 80 +- TCP 443 + +Permissions + +- Box Enterprise Administrator + +## Box Query Configuration + +The Box Data Collector is configured through the Box Data Collector Wizard. The wizard contains the +following pages, which change based up on the query category selected: + +- Welcome +- [Box: Category](/docs/accessanalyzer/12.0/admin/datacollector/box/category.md) +- [Box: Exclusions Page](/docs/accessanalyzer/12.0/admin/datacollector/box/exclusions.md) +- [Box: Scope by User Page](/docs/accessanalyzer/12.0/admin/datacollector/box/scopebyuser.md) +- [Box: Additional Scoping](/docs/accessanalyzer/12.0/admin/datacollector/box/additionalscoping.md) +- [Box: Activity Timeframe Scope](/docs/accessanalyzer/12.0/admin/datacollector/box/activitytimeframescope.md) +- [Box: Activity Operation Scope](/docs/accessanalyzer/12.0/admin/datacollector/box/activityoperationscope.md) +- [Box: Authenticate](/docs/accessanalyzer/12.0/admin/datacollector/box/authenticate.md) +- [Box: Results](/docs/accessanalyzer/12.0/admin/datacollector/box/results.md) +- [Box: Summary](/docs/accessanalyzer/12.0/admin/datacollector/box/summary.md) + +The Welcome page gives an overview of the data collector. To proceed through the pages, click +**Next** or use the Steps navigation pane to open another page in the wizard. Review the +introductory and caution information about the Box Data Collector before proceeding. + +![Box DC Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/welcome.webp) + +The Welcome page can be hidden by checking the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/box/results.md b/docs/accessanalyzer/12.0/admin/datacollector/box/results.md new file mode 100644 index 0000000000..19a333e81a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/box/results.md @@ -0,0 +1,9 @@ +# Box: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +categories. + +![Box DC Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/results.webp) + +Properties can be selected individually or the **Select All** or **Clear All** buttons can be used. +All selected properties will be gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/box/scopebyuser.md b/docs/accessanalyzer/12.0/admin/datacollector/box/scopebyuser.md new file mode 100644 index 0000000000..c68e53b933 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/box/scopebyuser.md @@ -0,0 +1,16 @@ +# Box: Scope by User Page + +The User Scope Settings page (ScopeByUserPage) is where the scope of the scan can be limited to +specified users and the resulting scan will only scan for the specified users. It is a wizard page +for the Scan Box Permissions category. + +![Box DC Wizard User Scope Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/scopebyuser.webp) + +Select whether to scan **All Users** or **Limited Users**. If scanning for **Limited Users**, click +**Browse** and navigate to the path of the CSV file that contains the email addresses of users to be +included in the scan. The CSV file should have one email address per row. + +**NOTE:** The query will collect information related to User names and Group membership for all +users in a target environment. However, if the query is scoped to specific users, no additional +information is collected for users outside out of the scope. User names and group membership for the +target environment is necessary to generate the Box Solution reports. diff --git a/docs/accessanalyzer/12.0/data-collection/box/standard-tables.md b/docs/accessanalyzer/12.0/admin/datacollector/box/standardtables.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/box/standard-tables.md rename to docs/accessanalyzer/12.0/admin/datacollector/box/standardtables.md diff --git a/docs/accessanalyzer/12.0/admin/datacollector/box/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/box/summary.md new file mode 100644 index 0000000000..35de2fc679 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/box/summary.md @@ -0,0 +1,10 @@ +# Box: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![Box DC Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Box Data Collector Wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/definefields.md b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/definefields.md new file mode 100644 index 0000000000..c39144045f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/definefields.md @@ -0,0 +1,9 @@ +# CLU: Define Fields + +The Define Fields page provides options to define and configure fields for the Command Line Utility +output. It is a wizard page for the **Edit Profile** and **Create a New Profile** profile types. + +![Command Line Utility Data Collector Wizard Define Fields page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/definefields.webp) + +**CAUTION:** Do not modify this page without guidance from Netwrix or the data may not be processed +by Access Analyzer. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/executionoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/executionoptions.md new file mode 100644 index 0000000000..9c0bd8babe --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/executionoptions.md @@ -0,0 +1,50 @@ +# CLU: Execution Options + +The Execution Options page provides options to define the mode of execution. It is a wizard page for +the **Edit Profile** and **Create a New Profile** selections on the Profile Type page. + +![Command Line Utility Data Collector Wizard Execution Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/executionoptions.webp) + +The available options on the page vary depending on the selected profile type. The possible options +are as follows: + +Execution Type + +The Execution Type section identifies the mode of execution: + +- Local – Execute the utility within the Access Analyzer Console +- Remote – Execute the utility on the target host + +Output options + +The output options include: + +- Write Output to a text file – Writes task output to a text file which is thenprocessed to collect + properties +- Preserve Output file – Stores the output file on the local machine +- .Exe Present in Installed CLU Directory – Select the checkbox if the .exe utility is present in + the installed CLU directory. The path on the Profile Parameters page should be the utility name + instead of the full path. See the [CLU: Profile Parameters](/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profileparameters.md) topic for + additional information. + +Remote Execution Options + +The Remote Execution Options apply to the Remote mode of execution: + +- Copy .exe to remote host – Copies the executable from the local machine to the remote machine + before executing it +- Leave .exe on remote host – Keeps the executable on the remote machine after execution + +Other Settings + +The Other Settings section provides additional options: + +- Ignore Error Code – Error code to skip while executing the command line utility using the task + scheduler + + - The `0` code is always skipped during execution + - If no error code is required, enter `0` + +- Timeout – Timeout limit in seconds for the task to finish + + - The default value is 1200 seconds, or 20 minutes diff --git a/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/overview.md new file mode 100644 index 0000000000..898e8716ae --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/overview.md @@ -0,0 +1,40 @@ +# CommandLineUtility Data Collector + +The CommandLineUtility Data Collector provides the ability to remotely spawn, execute, and extract +data provided by a Microsoft native or third-party command line utility. It allows users to easily +execute a command line utility and capture its output as Access Analyzer data. This data collector +is a core component of Access Analyzer and is available with all Access Analyzer licenses. + +Protocols + +- Remote Registry +- RPC + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the local Administrators group + +## CommandLineUtility Query Configuration + +The CommandLineUtility Data Collector executes a command line utility and captures the output. It is +configured through the Command Line Utility Data Collector Wizard, which contains the following +pages: + +- Welcome +- [CLU: Profile Type](/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profiletype.md) +- [CLU: Profile Parameters](/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profileparameters.md) +- [CLU: Execution Options](/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/executionoptions.md) +- [CLU: Define Fields](/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/definefields.md) +- [CLU: Script Editor](/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/scripteditor.md) +- [CLU: Results](/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/results.md) +- [CLU: Summary](/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/summary.md) + +![Command Line Utility Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profileparameters.md b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profileparameters.md new file mode 100644 index 0000000000..2275719f90 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profileparameters.md @@ -0,0 +1,24 @@ +# CLU: Profile Parameters + +The Profile Parameters page provides settings to configure the parameters for the profile. It is a +wizard page for the **Edit Profile** or **Create a New Profile** selections on the Profile Type +page. + +![Command Line Utility Data Collector Wizard Profile Parameters page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profileparameters.webp) + +Profile parameters include: + +- Profile Name – Name of the profile. If **Edit Profile** was selected on the Profile Type page, + then this is the name of an existing profile to be edited. If **Create a New Profile** was + selected, then this is the name of a new profile. +- Path – Path of the utility (.exe) from the local or remote machine. If stored on the local + machine, give the local path. If the utility is located on multiple paths in the same machine, + each can be entered on a new line in this field. If the .exe file is present in the installed CLU + directory, then enter the utility name rather than the full path. +- Start in path for task (Optional) – Working directory for the command line that executes the + program or script. This should be either the path to the program or script file, or the path to + the files that are used by the executable file. +- Command Line – Command that the utility executes. If the utility is self-executable and does not + need a command, leave this field blank. +- Output File Name – Enter the desired name for the output file. By default, the output file name + matches the profile name. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profiletype.md b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profiletype.md new file mode 100644 index 0000000000..4244316448 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profiletype.md @@ -0,0 +1,15 @@ +# CLU: Profile Type + +The Profile Type page contains options to select a new or existing profile. + +![Command Line Utility Data Collector Wizard Profile Type page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profiletype.webp) + +The options on the Profile Type page are: + +- Select Profile – Allows you to change the properties of a profile from the results page +- Edit Profile – Allows you to edit a profile's execution options and properties. Enables the Define + Fields and Script Editor pages. +- Create a New Profile – Allows you to create a new profile. Enables the Define Fields and Script + Editor pages. + +The profile type selected may alter the availability of the subsequent wizard steps. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/results.md b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/results.md new file mode 100644 index 0000000000..488c7356f1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/results.md @@ -0,0 +1,10 @@ +# CLU: Results + +The Results page is where the properties to be returned as columns in the results table are +selected. It is a wizard page for all profile types. + +![Command Line Utility Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/results.webp) + +Select one or more properties to be returned as columns in the results table. Click **Select All** +to select all of the properties, or click **Clear All** to clear all the currently selected +properties. The available properties vary based on the selections on previous wizard pages. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/scripteditor.md b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/scripteditor.md new file mode 100644 index 0000000000..c7ba6d071f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/scripteditor.md @@ -0,0 +1,11 @@ +# CLU: Script Editor + +The Script Editor page provides options to create or edit a Visual Basic script that is used to +parse the output file created by the data collector after execution. The Script Editor page is +enabled when **Edit Profile** or **Create a New Profile** is selected on the Profile Type page. The +page is disabled when the **Select Profile** option is selected on the Profile Type page. + +![Command Line Utility Data Collector Wizard Script Editor page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/scripteditor.webp) + +**CAUTION:** Do not modify this page without guidance from Netwrix or the data may not be processed +by Access Analyzer. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/summary.md new file mode 100644 index 0000000000..171bc5cc73 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/summary.md @@ -0,0 +1,10 @@ +# CLU: Summary + +The Summary page provides a summary of the query that has been created or edited. It is a wizard +page for all profile types. + +![Command Line Utility Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Command Line Utility Data Collector Wizard to ensure that no +accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/overview.md new file mode 100644 index 0000000000..a2269bdd02 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/overview.md @@ -0,0 +1,35 @@ +# DiskInfo Data Collector + +The DiskInfo Data Collector provides enumeration of disks and their associated properties. When +targeting the local host for a DiskInfo query, it is necessary to select the **Systems Default** +option as the connection profile. This data collector is a core component of Access Analyzer and is +available with all Access Analyzer licenses. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the local Administrators group + +## DiskInfo Query Configuration + +The DiskInfo Data Collector is configured through the Disk Info wizard, which contains the following +wizard pages: + +- Welcome +- [DiskInfo: Target Disks](/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/targetdisks.md) +- [DiskInfo: Results](/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/results.md) +- [DiskInfo: Summary](/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/summary.md) + +![Disk Info wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/results.md b/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/results.md new file mode 100644 index 0000000000..0aafac4af2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/results.md @@ -0,0 +1,26 @@ +# DiskInfo: Results + +The Results page provides a checklist of the data that is available for return by the query. Any +number of options can be selected at once, but at least one must be selected in order to complete +the wizard. + +![Disk Info wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/results.webp) + +Properties can be selected individually, or you can use the **Select all** and **Clear all** +buttons. The table below describes the available options. + +| Checklist Result | Description | +| ----------------------------- | ------------------------------------------------------------------------------------------------------------------- | +| DriveLetter | Drive Letter of the drive being scanned | +| GBDiskFreeSpace | Total amount of free space on the scanned drive in GB | +| GBDiskSize | Total size of scanned disk in GB | +| MBDiskFreeSpace | Total amount of free space on the scanned drive in MB | +| MBDiskSize | Total size of scanned disk in MB | +| PercentFree | Percentage of the scanned drive that is free | +| VolumeLabel | Name of drive (if it exists) | +| FileSystemType | Type of FileSystem configuration. This can include NTFS, FAT(12, 16, 32) and others | +| DiskType | Kind of disk that is being used. These can include fixed, removable, shared, and so on. | +| ClusterSizer | If scanning a disk that is part of a cluster, this indicates the total size of the cluster that the disk is part of | +| FilePercentFragmentation | Percent of used disk space that shows fragmentation | +| FreeSpacePercentFragmentation | Percentage of free space on the disk that shows fragmentation | +| TotalPercentFragmentation | Percentage of total disk space that shows fragmentation | diff --git a/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/summary.md new file mode 100644 index 0000000000..893aab8704 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/summary.md @@ -0,0 +1,9 @@ +# DiskInfo: Summary + +The Summary page displays a summary of the configured query. + +![Disk Info wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Disk Info Data Collector Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/targetdisks.md b/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/targetdisks.md new file mode 100644 index 0000000000..c61bff598a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/diskinfo/targetdisks.md @@ -0,0 +1,48 @@ +# DiskInfo: Target Disks + +The Target Disks page provides a selection of storage devices from which to return data from the +target host after a query. + +![Disk Info wizard Target Disks page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/targetdisks.webp) + +Use the options to select the desired target disk. + +- The Enumerate all storage devices – Allows all internal drives to be scanned. In order to expand + the scan, two sub-options can be included together, separately, or not at all. + + - Include removable storage devices – Scans removable devices that are plugged into the target + host + - Include network storage devices – Scans mapped drives that exist through a connected network + +- Single drive letter – Allows information to be collected from a single drive (`A:` through `Z:`) + during a single query. This option includes both operating system drives and removable disks. +- Enumerate all mount points (available for Windows 2003+ systems) – Targets any drive letter on the + target host that points to a mapped share drive +- Registry lookup – Provides the path of connection to gather information from the Access Analyzer + Registry Browser. By default, the local host will be targeted unless modified. The Registry value + are instructions for the data found within the subfolders of the registry. + + - The browse button **(…)** under the Registry lookup option opens the Access Analyzer Registry + Browser window. Use the registry browser to find registry keys and values that are on a target + host in the environment. See the [DiskInfo: Registry Browser](#diskinfo-registry-browser) + topic for additional information. + +## DiskInfo: Registry Browser + +Clicking the browse button on the Target Disks wizard page opens the Access Analyzer Registry +Browser. Use this page to find registry keys and values that exist on a target host in the +environment. + +![Registry Browser](/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/registrybrowser.webp) + +The configurable options on the Registry Browser are: + +- Sample from Host – Host for which the Registry will be browsed. If this box is left blank, the + Registry on the local host is used. +- 64-bit view – Default view is 32-bit. Select the 64-bit checkbox to switch to a 64-bit view. +- Connect – Click **Connect** to browse the Registry +- Table Columns – Select the Registry from the navigation pane to view keys in the table + + - Name – Registry key value + - Type – Key value type + - Data – Key value path diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dns/category.md b/docs/accessanalyzer/12.0/admin/datacollector/dns/category.md new file mode 100644 index 0000000000..edd9bdaae6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dns/category.md @@ -0,0 +1,45 @@ +# DNS: Category + +The DNS Data Collector Category page contains the following query categories, sub-divided by +auditing focus: + +![Domain Name System Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/category.webp) + +- DNS Configuration – Collect data from the DNS configuration + + - Cache – DNS Cache information + - Server – DNS Server Configuration information + - RootHints – Root Hints stored in the cache file + - Statistics – Statistics collected + - Zone – DNS Zone information + +- DNS Record Types – Collect data on the individual DNS records + + - AFSDB – Andrew File System database server (AFSDB) resource records + - ATMA – ATM address to name (ATMA) records + - CNAME – Canonical Name (CNAME) records + - A – Host address (A) resource records + - HINFO – Host Information (HINFO) records + - AAAA – IPv6 address (AAAA) resource records + - ISDN – ISDN resource records + - KEY – KEY resource records + - MD – Mail Agent for domain (MD) records + - MB – Mailbox (MB) records + - MX – Mail Exchanger (MX) records + - MF – Mail Forwarding Agent (MF) records + - MG – Mail Group (MG) resource records + - MINFO – Mail Information (MINFO) records + - MR – Mailbox Rename (MR) records + - NXT – Next (NXT) resource records + - NS – Name Server (NS) records + - PTR – Pointer (PTR) records + - RP – Responsible person (RP) records + - RT – Route through (RT) records + - SOA – Start of authority (SOA) records + - SRV – Service (SRV) records + - SIG – Signature (SIG) resource records + - TXT – Text (TXT) records + - WKS – Well-known service (WKS) records + - WINS – Windows Internet Name Service (WINS) records + - WINSR – Windows Internet Name Service (WINS) reverse lookup records + - X25 – X.25 records diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dns/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/dns/overview.md new file mode 100644 index 0000000000..46cb1c7167 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dns/overview.md @@ -0,0 +1,33 @@ +# DNS Data Collector + +The DNS Data Collector provides information regarding DNS configuration and records. It is available +with the Active Directory Solution. Both this data collector and the solution are available with a +special Access Analyzer license. + +Protocols + +- RPC + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Domain Administrators group + +## DNS Query Configuration + +The DNS Data Collector is configured through the Domain Name System Data Collector Wizard, which +contains the following wizard pages: + +- Welcome +- [DNS: Category](/docs/accessanalyzer/12.0/admin/datacollector/dns/category.md) +- [DNS: Results](/docs/accessanalyzer/12.0/admin/datacollector/dns/results.md) +- [DNS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/dns/summary.md) + +![Domain Name System Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/welcome.webp) + +The Welcome page can be hidden by selecting the Do not display this page the next time checkbox when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dns/results.md b/docs/accessanalyzer/12.0/admin/datacollector/dns/results.md new file mode 100644 index 0000000000..1006f400fc --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dns/results.md @@ -0,0 +1,10 @@ +# DNS: Results + +The Results page is where DNS properties to be gathered are selected. It is a wizard page for all +categories. + +![Domain Name System Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/results.webp) + +Available properties can be selected individually, or the **Select All**, **Clear All**, and **Reset +to defaults** buttons can be used. All selected properties are gathered. Available properties vary +based on the category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dns/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/dns/summary.md new file mode 100644 index 0000000000..b71d620e57 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dns/summary.md @@ -0,0 +1,9 @@ +# DNS: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all categories. + +![Domain Name System Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Domain Name System Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/category.md b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/category.md new file mode 100644 index 0000000000..1b7c75190d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/category.md @@ -0,0 +1,20 @@ +# DropboxAccess: Category + +Use the Category Selection Page to identify the type of information to retrieve. The DropboxAccess +Data Collector contains the following query categories, sub-divided by auditing focus: + +![Dropbox Access Auditor Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/category.webp) + +- The Dropbox Access Audits scans for Dropbox access information: + + - Scan Dropbox Access – Performs a Dropbox access audit to collection permissions information + - Bulk Import Access Scan Results – Imports Dropbox access scan results into the Access Analyzer + database and creates SQL views + +- The Sensitive Content scans for sensitive data information: + + - Scan for Sensitive Content – Scans for sensitive data content on Dropbox + - Bulk Import Sensitive Content Scan Results – Imports sensitive content scan results into the + Access Analyzer database and creates SQL views + +The selection made on the Category Selection Page determines the wizard pages available. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/completion.md b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/completion.md new file mode 100644 index 0000000000..bdaf6eeca5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/completion.md @@ -0,0 +1,15 @@ +# DropboxAccess: Summary (Completion) + +The Completion page, is where configuration settings are summarized. This page is a wizard page for +all categories. + +![Dropbox Access Auditor Data Collector Wizard Completion page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/completion.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Dropbox Access Auditor Data Collector Wizard ensuring that no +accidental clicks are saved. + +_Remember,_ if an Access Token was generated, use it as the credential within the Connection +Profile. Then assign it to the job group or job which will be scanning the targeted Dropbox +environment. See the [Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/configurejob.md) topic for +additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/configurejob.md b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/configurejob.md new file mode 100644 index 0000000000..8f6cf3cc7b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/configurejob.md @@ -0,0 +1,27 @@ +# Custom Dropbox Connection Profile & Host List + +The DropboxAccess Data Collector requires a custom Connection Profile to be created and assigned to +the job or job group conducting the data collection. + +## Connection Profile + +Creating the Connection Profile requires an access token. The access token is generated on the Scan +Options page of the Dropbox Access Auditor Data Collector Wizard. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Dropbox +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) + topic for additional information.) +- Access Token – Copy and paste the Access Token after it has been generated from the Scan Options + page of the Dropbox Access Auditor Data Collector Wizard. See the + [DropboxAccess: Scan Options](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.md) topic for additional information. + +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. + +## Host List + +The host list should be set to: + +- Local host diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/dlpauditsettings.md b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/dlpauditsettings.md new file mode 100644 index 0000000000..3fddfa1069 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/dlpauditsettings.md @@ -0,0 +1,35 @@ +# DropboxAccess: DLP Audit Settings + +Use the DLP Audit Settings page to configure sensitive data discovery settings. This page is a +wizard page for the Scan for Sensitive Content category. + +![Dropbox Access Auditor Data Collector Wizard DLP Audit Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/dlpauditsettings.webp) + +Configure the DLP audit settings: + +- Scan Performance: + + - Don’t process files larger than – Limits the files to be scanned for sensitive content to + files smaller than the specified size + +- File types to scan: + + - Scan typical documents (recommended, fastest) – Scans most common file types + - Scan all document types (slower) – Scans all file types except those excluded + +- Store Match Hits –  Choose whether to store copies of potentially sensitive data discovered during + the scan: + + - Store discovered sensitive data – Stores a copy of any potentially sensitive data that matches + the selected criteria in the Access Analyzer database. This copy can be used to check for + false positives, data that matches the selected criteria but is not actually sensitive. + - Limit stored matches per criteria to [number] – Identifies the number of potentially sensitive + data matches that are copied to the database. The default is 5 matches. This option is + available only if the **Store discovered sensitive data** option is selected. + +- Perform differential scan of – Enables users to choose whether to employ incremental scanning: + + - Files modified since last scan – Scans only files modified since the last scan + - Files modified since [date] – Only scans files modified after the specified date + - Files modified since the last [number] days – Scans files modified within the specified number + of days diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/overview.md new file mode 100644 index 0000000000..22756a8061 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/overview.md @@ -0,0 +1,47 @@ +# DropboxAccess Data Collector + +The DropboxAccess Data Collector audits access, group membership, and content within a Dropbox +environment. Dropbox can scan the contents of over 400 file types to discover which files contain +sensitive data using Sensitive Data Discovery. The DropboxAccess Data Collector has been +preconfigured within the Dropbox Solution. Both this data collector and the solution are available +with a special Access Analyzer license. See the +[Dropbox Solution](/docs/accessanalyzer/12.0/solutions/dropbox/overview.md) topic for additional information. + +Protocols + +- HTTP +- HTTPS + +Ports + +- TCP 80 +- TCP443 + +Permissions + +- Dropbox Team Administrator + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## Query Configuration + +The DropboxAccess Data Collector is configured through the Dropbox Access Auditor Data Collector +Wizard. The wizard contains the following pages, which change based upon the query category +selected: + +- Welcome +- [DropboxAccess: Category](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/category.md) +- [DropboxAccess: Scan Options](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.md) +- [DropboxAccess: Scoping](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scoping.md) +- [DropboxAccess: DLP Audit Settings](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/dlpauditsettings.md) +- [DropboxAccess: Select DLP Criteria](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/selectdlpcriteria.md) +- [DropboxAccess: Summary (Completion)](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/completion.md) + +![Dropbox Access Auditor Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.md new file mode 100644 index 0000000000..20ff82fc24 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.md @@ -0,0 +1,36 @@ +# DropboxAccess: Scan Options + +Use the Scan Options page to authorize Access Analyzer to generate an Access Token allowing the +DropboxAccess Data Collector to access and scan an organization’s Dropbox environment. The Access +Token is used as the credential in the Connection Profile. + +**NOTE:** The Access Token needs to be generated only once, prior to the first execution of any job +in which the DropboxAccess Data Collector is used in a query. + +The Scan Options page is a wizard page for the following categories: + +- Scan Dropbox Access +- Scan for Sensitive Content + +Follow the steps to create the Access Token: + +![Dropbox Access Auditor Data Collector Wizard Scan Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.webp) + +**Step 1 –** Click the **Authorize** button to access the Dropbox Authentication page. + +![Dropbox Log in page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp) + +**Step 2 –** On the Dropbox Authentication page, log in as the Team Administrator. + +![Copy Access Token](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp) + +**Step 3 –** Once the Access Token has been generated, click **Copy to Clipboard**. Click **Next** +to finish choosing the configuration options or click **Cancel** to close the Dropbox Access Auditor +Data Collector Wizard. + +Create a Connection Profile using this access token as the credential. See the +[Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/configurejob.md) topic for additional information on +configuring the Dropbox credential. + +_Remember,_ assign this Connection Profile to the job group or job where the host assignment for the +Dropbox environment to be targeted has been assigned. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scoping.md b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scoping.md new file mode 100644 index 0000000000..0f7a23513b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scoping.md @@ -0,0 +1,22 @@ +# DropboxAccess: Scoping + +The Scoping page configures the data collector to scan either the entire Dropbox environment or +limit the scan to specific users. The page is a wizard page for the following categories: + +- Scan Dropbox Access +- Scan for Sensitive Content + +![Dropbox Access Auditor Data Collector Wizard Scoping Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scoping.webp) + +Use the scoping options to select the depth of the scan: + +- User Scoping: + + - All Users – Scans all users in the Dropbox environment + - Limited Users – Click **Browse** and navigate to the path of the CSV file that contains the + email addresses of users to include in the scan. The CSV file should have one email address + per row. + +- File Permissions: + + - Collect File Level Permissions – Select the checkbox to collect permissions at the file level diff --git a/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/selectdlpcriteria.md b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/selectdlpcriteria.md new file mode 100644 index 0000000000..2694efd70e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/selectdlpcriteria.md @@ -0,0 +1,19 @@ +# DropboxAccess: Select DLP Criteria + +Use the Select DLP criteria for this scan page to configure criteria to use for discovering +sensitive data. It is a wizard page for the Scan for Sensitive Content category. + +![Dropbox Access Auditor Data Collector Wizard Select DLP criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/selectdlpcriteria.webp) + +Select the checkbox next to each criteria to be included in the search for sensitive data. You can +also use the **Select All** and **Clear All** buttons. + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + +Use the **Edit** button to access the Criteria Editor where user-defined criteria can be created or +customized. See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) topic +for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/dropbox-access/standard-tables.md b/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/standardtables.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/dropbox-access/standard-tables.md rename to docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/standardtables.md diff --git a/docs/accessanalyzer/12.0/admin/datacollector/entra/options.md b/docs/accessanalyzer/12.0/admin/datacollector/entra/options.md new file mode 100644 index 0000000000..d47049e3bf --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/entra/options.md @@ -0,0 +1,16 @@ +# Entra: Scan options + +The Scan options page provides options to use when gathering Microsoft Entra Roles information. + +![Scan options page of the Entra Data Collector Wizard](/img/product_docs/accessanalyzer/12.0/admin/datacollector/entra/options.webp) + +The scan options are: + +- Region – Select the API region for your Microsoft Entra tenant. The default is Public. The + following options are available: + + - Public + - USGovL4 + - USGovL5 + - DEGov + - CNGov diff --git a/docs/accessanalyzer/12.0/admin/datacollector/entra/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/entra/overview.md new file mode 100644 index 0000000000..3c1b180875 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/entra/overview.md @@ -0,0 +1,45 @@ +# Entra Data Collector + +The Entra data collector collects Microsoft Entra roles information from the target Microsoft Entra +tenant. This data collector is preconfigured in the .Entra ID Inventory solution. + +Both this data collector and the .Entra Inventory solution are available with all Access Analyzer +license options. See the +[.Entra ID Inventory Solution](/docs/accessanalyzer/12.0/solutions/entraidinventory/overview.md) topic for additional +information. + +Protocols + +- HTTP +- HTTPS +- REST + +Ports + +- TCP 80 and 443 + +Permissions + +- Microsoft Graph API Application permissions: + + - RoleManagement.Read.Directory + +- Resource Manager permissions: + + - Microsoft.Authorization/roleAssignments/read + - Microsoft.Authorization/roleDefinitions/read + - Microsoft.Resources/resources/read + - Microsoft.Resources/subscriptions/read + - Microsoft.Resources/subscriptions/resources/read + - Microsoft.Resources/subscriptions/resourceGroups/read + - Microsoft.Authorization/providerOperations/read + - Microsoft.Management/managementGroups/read + +## Query Configuration + +The Entra data collector is configured through the Entra Data Collector Wizard, which contains the +following wizard pages: + +- [Entra: Scan options](/docs/accessanalyzer/12.0/admin/datacollector/entra/options.md) +- [Entra: Results](/docs/accessanalyzer/12.0/admin/datacollector/entra/results.md) +- [Entra: Summary](/docs/accessanalyzer/12.0/admin/datacollector/entra/summary.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/entra/results.md b/docs/accessanalyzer/12.0/admin/datacollector/entra/results.md new file mode 100644 index 0000000000..9a8329ec56 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/entra/results.md @@ -0,0 +1,8 @@ +# Entra: Results + +The Results page is where the properties from Microsoft Entra ID to be gathered are selected. + +![Results page of the Entra Data Collector Wizard](/img/product_docs/accessanalyzer/12.0/admin/datacollector/entra/results.webp) + +Properties can be selected individually or the **Select All** and **Clear All** buttons can be used. +All selected properties are collected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/entra/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/entra/summary.md new file mode 100644 index 0000000000..54f04648e0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/entra/summary.md @@ -0,0 +1,9 @@ +# Entra: Summary + +The Summary page is where configuration settings are summarized. + +![Summary page of the Entra Data Collector Wizard](/img/product_docs/accessanalyzer/12.0/admin/datacollector/entra/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Entra Data Collector Wizard to ensure that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/eventlog.md b/docs/accessanalyzer/12.0/admin/datacollector/eventlog.md new file mode 100644 index 0000000000..6a277d35a2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/eventlog.md @@ -0,0 +1,97 @@ +# EventLog Data Collector + +The EventLog Data Collector provides search and extraction of details from event logs on target +systems. This data collector is a core component of Access Analyzer and is available with all Access +Analyzer licenses. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group +- Member of the Domain Administrators group (if targeting domain controllers) + +## EventLog Query Configuration + +The EventLog Data Collector is configured through the Event Log Browser window. + +![Event Log Browser window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/eventlogbrowser.webp) + +Sample + +In the Sample section, select from the following options: + +- From log + + - Host – Enter a sample host that contains a log with the type of events desired for the query. + Click **Connect** to generate a list of logs available for extraction. + - Log name – Select a log from the drop-down list. Events from the selected log are populated in + the table. + +- From file + + - Click the folder icon next to the File name box to open the Log sample browser window and + select a log, or manually enter the log path in the box + +- Show – Click to preview the elements in the event log file for log paths manually entered in the + File path box + + **NOTE:** A preview displays automatically if the folder icons is used to navigate to the log. + +- Lookup user name – Select this checkbox to resolve SID or GUID values to friendly display values + +Search Criteria + +In the Search Criteria section, add a search filter to the table by configuring the following +criteria: + +- Event Source – Select the event source from the drop-down list. Typically, select **Any Source**. +- Even Type – Select the event type from the drop-down list. Typically, select **Any Type**. +- Event ID – Enter the event ID for the type of event to search + +Once the information above has been entered, click **Add** to add the configured event to the query. +Add as many events as desired. + +- Latest event only – Select this checkbox to only search the latest event + +Click the **Add** button to add the search filters to the table. Click the **Remove** button to +remove search criteria from the filters. + +- Event Date/Time – Enter the last number of hours the event time must be in. A value of `0` can be + used to specify any time. +- Retrieve oldest event – Select this checkbox to retrieve the oldest event +- Retrieve latest event – Select this checkbox to retrieve the latest event + +Click **Apply Filter** to filter the list of sample events to the search criteria. + +Options + +In the Options section, select the desired processing options: + +- Process offline logs only – Select this checkbox to process only offline logs +- Process offline logs if required – Select this checkbox to process offline logs if needed +- Specify explicit path\mask for archives – Enabled if the **Process offline logs only** or + **Process offline logs if required** checkboxes are selected. Specify the path and name of the + archive. + +Available Properties + +In the Available Properties section, select which properties will be collected by the browser. + +- Add Icon – Add properties from those available in the list to add the properties to the search + + - The Description properties provide the ability to extract the bracketed pieces of information + found within the description and display each bracketed piece of information in its own column + +- Remove Icon – Use to remove properties from the search + +Once all options have been configured, click **OK** to save changes and exit the browser. Click +**Cancel** to exit without saving. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/category.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/category.md new file mode 100644 index 0000000000..825fb1854b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/category.md @@ -0,0 +1,25 @@ +# EWSMailbox: Category + +The Category page identifies which type of EWSMailbox information is retrieved during the scan. + +![EWS Mailbox Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/category.webp) + +Identify the EWS mailbox information type using the following options: + +- Mailbox contents + + - MailboxContent – Scan contents of mailboxes + +- Mailbox permissions + + - MailboxPermissions – Scan permissions of mailboxes + +- Sensitive Data + + - SDDScan – Scan mailboxes for sensitive data + +- Mailbox search + + - MailboxSearchMailboxes – Search for mailboxes containing messages + - MailboxSearchFolders – Search for folders containing messages + - MailboxSearchMessages – Search for messages diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.md new file mode 100644 index 0000000000..d3129b4df6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.md @@ -0,0 +1,28 @@ +# EWSMailbox: Criteria + +The Select DLP criteria for this scan page is where to select the criteria to use for the sensitive +data scan are selected. It is a wizard page for the Sensitive Data category. + +![EWS Mailbox Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.webp) + +The options on the Criteria page are: + +- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings + from the **Settings** > **Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for +- Select All - Click **Select All** to enable all sensitive data criteria for scanning +- Clear All - Click **Clear All** to remove all selections from the table +- Select the checkboxes next to the sensitive data criteria options to enable it to be scanned for + during job execution + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit + user-defined criteria. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filter.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filter.md new file mode 100644 index 0000000000..078790b343 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filter.md @@ -0,0 +1,25 @@ +# EWSMailbox: Filter + +The Filter settings page provides options to filter folders and attachments. It is a wizard page for +the categories of: + +- Mailbox Contents +- Mailbox permissions +- Sensitive data + +![EWS Mailbox Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filter.webp) + +All folders and attachments are scanned by default. Scope the scan for specific folders and +attachments: + +- Include Folders – Type the folder paths to filter the scan to specific mailbox folders +- Include Attachments – Type the attachment file names to filter to specific attachments +- Exclude Folders – Type the folder paths to exclude mailbox folders from the scan +- Exclude Attachments – Type the file names for the attachments to exclude attachments from the scan + +Use `*` and `?` for matching wildcard and single characters. + +- Limit message size to [numerical value] – Select to limit message size and define the threshold + for maximum size of a message. The default value is 20000 KB. +- Limit attachments size to [numerical value] – Select to limit attachment size and define a + threshold for maximum size of an attachment returned in the scan. The default value is 20000 KB. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.md new file mode 100644 index 0000000000..6c3a203af0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.md @@ -0,0 +1,11 @@ +# EWSMailbox FW: BodyOptions + +Use the BodyOptions page to select the size unit of messages. + +![Filter Wizard BodyOptions page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp) + +Select the desired message size unit: + +- KB +- MB +- GB diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/folderconditions.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/folderconditions.md new file mode 100644 index 0000000000..fb99062bd1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/folderconditions.md @@ -0,0 +1,54 @@ +# EWSMailbox FW: Folder Conditions + +Use the Folder Conditions page to apply folder-related filter criteria to the search. + +![Filter Wizard Folder Conditions page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) + +Customize folder search conditions using the following options: + +- Select conditions – To add it to the search, select any of the following conditions: + + - with specific folder type + - with search terms in the folder name + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click **specific** in the Edit conditions box to open the Folder Type Window. See the + [Folder Type Window](#folder-type-window) topic for additional information. + - Click **search terms** to open the Search Terms Window. See the + [Search Terms Window](#search-terms-window) topic for additional information. + +## Folder Type Window + +Use the Folder Type window to determine folder types to search for. The Folder Type window opens if +**specific** is selected in the Edit Conditions box on the Folder Conditions page. + +![Folder Type window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) + +Select the checkbox next to any folder type to include it in the search filter. + +## Search Terms Window + +Use the Search Terms window to determine terms for the search. The Search Terms window opens if +**search terms** is selected in the Edit Conditions box. + +![Search Terms window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) + +Determine terms for the search using the following options: + +- Type the desired term into the upper text box and click **Add** to add the term to the lower text + box, which adds the term to the search +- Select a term in the lower text box, and click **Remove** to remove the term from the search +- Click **Clear** to clear all terms from the lower box +- Select the desired qualifier option: + + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing any one or + more of the search terms + +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageconditions.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageconditions.md new file mode 100644 index 0000000000..6508fa2397 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageconditions.md @@ -0,0 +1,116 @@ +# EWSMailbox FW: Message Conditions + +Use the Message Conditions page to apply filters to the message category part of the search. + +![Filter Wizard Message Conditions page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) + +Customize message search filter conditions using the following options: + +- Message category – Select a message category using the dropdown menu from the following: + + - Common + - Email + - Appointment + - Schedule + - Contact + - Task + - Journal + - Note + - Post + - RSS Feed + - Unified Messaging + +- Select conditions – To add it to the search, select any of the following conditions: + + **NOTE:** The conditions that are available in the Select Conditions box depends on the selected + **Message category**. + + - with specific message classes + - that is created in specific date + - with search terms in the subject + - with search terms in the body + - with search terms in the subject or body + - with search terms in the message header + - with search terms in the recipient’s address + - with search terms in the sender’s address + - that has an attachment + - that is received in specific date + - with specific Message ID + - that occurs in specific date + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click **specific** to open the MessageClasses Window. See the + [MessageClasses Window (Message Conditions)](#messageclasses-window-message-conditions) topic + for additional information. + - Click **in specific date** to open the Date Range Selection Window. See the + [Date Range Selection Window](#date-range-selection-window) topic for additional information. + - Click **search terms** to open the Search Terms Window. See the + [Search Terms Window (Message Conditions)](#search-terms-window-message-conditions) topic for + additional information. + - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice + versa + +## MessageClasses Window (Message Conditions) + +Use the MessageClasses window to alter criteria related to message class. The Message Classes window +opens if **specific** is clicked in the Edit Conditions box on the Message Conditions page. + +![MessagesClasses window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp) + +Determine MessageClass-related criteria using the following options: + +- To add a class, click **Add** +- Enter the desired Message Class in the corresponding textbox +- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy + and select the preferred option: + + - Exact Match + - Starts With + - Contains + +- To remove a message class, select it and click **Remove** +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms + +## Date Range Selection Window + +Use the Date Range Selection window to select a time period or range for the search. The Date Range +Selection window opens if **in specific date** is clicked in the Edit Conditions box on the Message +Conditions page. + +![Date Range Selection window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp) + +Determine the time period or range of the search using the following options: + +- Over [Number] [Time Period] ago +- Last [Number] [Time Period] +- Before [Date] +- After [Date] +- Between [Date] and [Date] + +## Search Terms Window (Message Conditions) + +Use the Search Terms window to determine terms for the search. The Search Terms window opens if +**search terms** is selected in the Edit Conditions box. + +![Search Terms window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) + +Determine terms for the search using the following options: + +- Type the desired term into the upper text box and click **Add** to add the term to the lower text + box, which adds the term to the search +- Select a term in the lower text box, and click **Remove** to remove the term from the search +- Click **Clear** to clear all terms from the lower box +- Select the desired qualifier option: + + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing any one or + more of the search terms + +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/savefilter.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/savefilter.md new file mode 100644 index 0000000000..dd752ccc01 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/savefilter.md @@ -0,0 +1,10 @@ +# EWSMailbox FW: Save Filter + +Use the Save Filter Page to name and describe the custom filter created in the wizard. + +![Filter Wizard Save Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp) + +Label the custom filter using the following options: + +- Enter a name for the filter in the Filter Name textbox +- Enter any desired description for the filter in the Description textbox diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchfilter.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchfilter.md new file mode 100644 index 0000000000..8d14a900da --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchfilter.md @@ -0,0 +1,65 @@ +# EWSMailbox FW: Search Filter + +Use the Search Filter page to choose a filter template for the search. + +![Filter Wizard Search Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchfilter.webp) + +Customize folder search conditions using the following options: + +- Select template – Select any of the following template options: + + - Blank + - All non-archived items over 90 days ago + - All calendar items that contains attachment that occurred over 90 days ago + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click either **IPM.Note** or **IPM.Appointment**, to open the MessageClasses Window with + IPM.Note or IPM.Appointment class populated, respectively. See the + [MessageClasses Window ](#messageclasses-window) topic for additional information. + - Click **over 90 Day ago** to open the Date Range Selection Window. See the + [Date Range Selection Window](#date-range-selection-window) topic for additional information. + - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice + versa + +## MessageClasses Window + +Use the MessageClasses window to alter criteria related to message class. The Message Classes window +opens if **Ipm.Note** or **Ipm.Appointment** is clicked in the Edit Conditions box on the Search +Filter page. + +![MessagesClasses window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp) + +Determine MessageClass-related criteria using the following options: + +- To add a class, click **Add** +- Enter the desired Message Class in the corresponding textbox +- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy + and select the preferred option: + + - Exact Match + - Starts With + - Contains + +- To remove a message class, select it and click **Remove** +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms + +## Date Range Selection Window + +Use the Date Range Selection window to select a time period or range for the search. The Date Range +Selection window opens if **over 90 Day ago** is clicked in the Edit Conditions box on the Search +Filter page. + +![Date Range Selection window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp) + +Determine the time period or range of the search using the following options: + +- Over [Number] [Time Period] ago +- Last [Number] [Time Period] +- Before [Date] +- After [Date] +- Between [Date] and [Date] diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/options.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/options.md new file mode 100644 index 0000000000..36d81e53dc --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/options.md @@ -0,0 +1,27 @@ +# EWSMailbox: Options + +The Scan options page provides general scan options. It is a wizard page for all categories. + +![EWS Mailbox Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/options.webp) + +Select the checkboxes to apply any desired scan options: + +- Ignore certificate errors – Ignores certificate errors when connecting to Exchange Web Services +- Match job host against autodiscovered host – Matches the name of the job host against the host + name returned from autodiscover + + **_RECOMMENDED:_** Use this option when scanning multiple Exchange environments with a single + job and the Connection Profile has multiple credentials in it. + +- Scan options + + - Scan archives – Scans for archived mailbox data + - Scan recoverable items – Scans for recoverable items + +- Authentication – Select an Authentication type from the drop down: + + - Negotiate + - Basic + - NTLM + - Kerberos + - Digest diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/overview.md new file mode 100644 index 0000000000..692530a283 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/overview.md @@ -0,0 +1,48 @@ +# EWSMailbox Data Collector + +The EWSMailbox Data Collector provides configuration options to scan mailbox contents, permissions, +and sensitive data, and is preconfigured within the Exchange Solution. Both this data collector and +the solution are available with a special Access Analyzer license. See the +[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. + +Protocols + +- HTTPS +- ADSI +- LDAP + +Ports + +- TCP 389 +- TCP 443 + +Permissions + +- Exchange Admin Role +- Discovery Management Role +- Application Impersonation Role +- Exchange Online License + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## EWSMailbox Query Configuration + +The EWSMailbox Data Collector is configured through the Exchange Mailbox Data Collector Wizard, +which contains the following wizard pages: + +**NOTE:** The Category selected may alter the subsequent steps displayed by the wizard. + +- [EWSMailbox: Category](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/category.md) +- [EWSMailbox: Options](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/options.md) +- [EWSMailbox: Scope](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scope.md) +- [EWSMailbox: Scope Select](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scopeselect.md) +- [EWSMailbox: SDD Options](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/sddoptions.md) +- [EWSMailbox: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.md) +- [EWSMailbox: Filter](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filter.md) +- [EWSMailbox: Search Filter](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/searchfilter.md) +- [EWSMailbox: Results](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/results.md) +- [EWSMailbox: Summary](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/summary.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/results.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/results.md new file mode 100644 index 0000000000..35f86a2e3a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/results.md @@ -0,0 +1,16 @@ +# EWSMailbox: Results + +Use the Results page to select which properties are gathered out of those available for the +category. It is a wizard page for all of the categories. + +![EWS Mailbox Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/results.webp) + +Select criteria using the following options: + +- Select the checkbox of any property to include it in the summary. All selected properties will be + gathered. + + **NOTE:** Available properties vary based on the category selected. + +- Click **Select All** to select all properties +- Click **Clear All** to clear all selected properties diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scope.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scope.md new file mode 100644 index 0000000000..e4440dd037 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scope.md @@ -0,0 +1,12 @@ +# EWSMailbox: Scope + +The Mailbox scope settings page is used to select which mailboxes are searched by the scan. It is a +wizard page for all categories. + +![EWS Mailbox Data Collector Wizard Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scope.webp) + +Select an option to specify which mailboxes are searched: + +- All mailboxes – Search all mailboxes +- Select mailboxes from list – Search only specific selected mailboxes. This option enables the + [EWSMailbox: Scope Select](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scopeselect.md) page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scopeselect.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scopeselect.md new file mode 100644 index 0000000000..ff31721c55 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scopeselect.md @@ -0,0 +1,16 @@ +# EWSMailbox: Scope Select + +The Scope select page is used to select specific mailboxes to scan. It is a wizard page for all +categories when the **Select mailboxes from list** option is selected on the +[EWSMailbox: Scope](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scope.md) page. + +![EWS Mailbox Data Collector Wizard Scope select page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scopeselect.webp) + +Use the following options to scope the scan to specific mailboxes: + +- Retrieve – Loads the list of mailboxes available for scanning in the Available box +- Add – Select mailboxes from the Available list and click to add them to the Selected box to be + scanned +- Select All – Selects all mailboxes in the list +- Deselect All – Deselects all selected mailboxes from the list +- Remove – Select mailboxes from the Selected box and click to remove them from the list diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/sddoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/sddoptions.md new file mode 100644 index 0000000000..e3bd4a1f95 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/sddoptions.md @@ -0,0 +1,14 @@ +# EWSMailbox: SDD Options + +The Sensitive data scan options page is where options to be used for discovering sensitive data are +configured. It is a wizard page for the Sensitive Data category. + +![EWS Mailbox Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/sddoptions.webp) + +Select the applicable Sensitive data scan options: + +- Store discovered sensitive data – Stores discovered sensitive data in the database +- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria + for discovered sensitive data + + **NOTE:** This option is only available if **Store discovered sensitive data** is selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/searchfilter.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/searchfilter.md new file mode 100644 index 0000000000..72ecc5e6a2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/searchfilter.md @@ -0,0 +1,18 @@ +# EWSMailbox: Search Filter + +The Search filter settings page applies a filter used to search mailboxes in the environment. It is +a wizard page for the Mailbox Search categories. + +![EWS Mailbox Data Collector Wizard Search filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/searchfilter.webp) + +Click **Add Filter** to open the Filter Wizard. + +## EWSMailbox Filter Wizard (FW) + +The Filter Wizard manages properties of the search filter. The Filter Wizard pages are: + +- [EWSMailbox FW: Search Filter](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchfilter.md) +- [EWSMailbox FW: Folder Conditions](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/folderconditions.md) +- [EWSMailbox FW: Message Conditions](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageconditions.md) +- [EWSMailbox FW: BodyOptions](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.md) +- [EWSMailbox FW: Save Filter](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/savefilter.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/summary.md new file mode 100644 index 0000000000..660e658443 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/summary.md @@ -0,0 +1,9 @@ +# EWSMailbox: Summary + +The Summary page displays a summary of the configured query. It wizard page for all categories. + +![EWS Mailbox Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the EWS Mailbox Data Collector Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/category.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/category.md new file mode 100644 index 0000000000..1099a6399c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/category.md @@ -0,0 +1,24 @@ +# EWSPublicFolder: Category + +The Category page contains the following Exchange Web Service categories to search: + +![EWS Public Folder Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/category.webp) + +Select which type of EWS public folder information to retrieve from the following: + +- Public Folder contents + + - PublicFolderContent – Scan contents of public folders + +- Public Folder permissions + + - PublicFolderPermissions – Scan permissions of public folders + +- Sensitive Data + + - SDDScan – Scan public folders for sensitive data + +- Public folder search + + - PublicFolderSearchFolders – Search for folders containing messages + - PublicFolderSearchMessages – Search for messages diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/critieria.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/critieria.md new file mode 100644 index 0000000000..5ab1911c70 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/critieria.md @@ -0,0 +1,28 @@ +# EWSPublicFolder: Critieria + +Use the Select DLP criteria for this scan page to select criteria for the sensitive data scan. It is +a wizard page for the Sensitive Data category. + +![EWS Public Folder Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/criteria.webp) + +The options on the Criteria page are: + +- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings + from the **Settings** > **Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for +- Select All - Click **Select All** to enable all sensitive data criteria for scanning +- Clear All - Click **Clear All** to remove all selections from the table +- Select the checkboxes next to the sensitive data criteria options to enable it to be scanned for + during job execution + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit + user-defined criteria. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filter.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filter.md new file mode 100644 index 0000000000..dab789e275 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filter.md @@ -0,0 +1,42 @@ +# EWSPublicFolder: Filter + +The Filter settings page provides options to filter folders and attachments. It is a wizard page for +the categories of: + +- Public Folder contents +- Public Folder permissions +- Sensitive Data + +![EWS Public Folder Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filter.webp) + +All folders and attachments are scanned by default. Scope the scan for specific folders and +attachments: + +- Include Folders – Type the folder paths to filter the scan to specific mailbox folders +- Include Attachments – Type the attachment file names to filter to specific attachments +- Exclude Folders – Type the folder paths to exclude mailbox folders from the scan +- Exclude Attachments – Type the file names for the attachments to exclude attachments from the scan + +Use `*` and `?` for matching wildcard and single characters. + +- Limit message size to [numerical value] – Select to limit message size and define the threshold + for maximum size of a message. The default value is 20000 KB. +- Limit attachments size to [numerical value] – Select to limit attachment size and define a + threshold for maximum size of an attachment returned in the scan. The default value is 20000 KB. + +Public folders can also be included or excluded from the scan by retrieving a list of public folders +and selecting the desired folders. + +Follow the steps to filter the scan by selecting public folders from a list. + +![Choose folder to include window on Filter settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterpublicfolders.webp) + +**Step 1 –** Click the **+** button to the right of the Include Folders or Exclude Folders box to +open the Choose folders to include or Choose folders to exclude window. + +**Step 2 –** Click **Retrieve** to load the list of public folders that can be selected. + +**Step 3 –** Select the desired public folders and click **Add** to add the folders to the Include +Folders or Exclude Folders list. + +After the configuration changes are saved, scans are filtered by the selected public folders. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/bodyoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/bodyoptions.md new file mode 100644 index 0000000000..6482841b53 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/bodyoptions.md @@ -0,0 +1,11 @@ +# EWSPublicFolder FW: BodyOptions + +The BodyOptions page is where the size of messages is selected. + +![Filter Wizard BodyOptions page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp) + +Select the desired message size unit: + +- KB +- MB +- GB diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/folderconditions.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/folderconditions.md new file mode 100644 index 0000000000..e94e8487be --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/folderconditions.md @@ -0,0 +1,54 @@ +# EWSPublicFolder FW: Folder Conditions + +The Folder Conditions page is where folder-related filter criteria can be applied to the search. + +![Filter Wizard Folder Conditions page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) + +Customize folder search conditions using the following options: + +- Select conditions – To add it to the search, select any of the following conditions: + + - with specific folder type + - with search terms in the folder name + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click **specific** in the Edit conditions box to open the Folder Type Window. See the + [Folder Type Window](#folder-type-window)topic for additional information + - Click **search terms** to open the Search Terms Window. See the + [Search Terms Window](#search-terms-window) topic for additional information + +## Folder Type Window + +Use the Folder Type window to determine folder types to search for. The Folder Type window opens if +**specific** is selected in the Edit Conditions box on the Folder Conditions page. + +![Folder Type window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) + +Select the checkbox next to any folder type to include it in the search filter. + +## Search Terms Window + +Use the Search Terms window to determine terms for the search. The Search Terms window opens if +**search terms** is selected in the Edit Conditions box. + +![Search Terms window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) + +Determine terms for the search using the following options: + +- Type the desired term into the upper text box and click **Add** to add the term to the lower text + box, which adds the term to the search +- Select a term in the lower text box, and click **Remove** to remove the term from the search +- Click **Clear** to clear all terms from the lower box +- Select the desired qualifier option: + + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing any one or + more of the search terms + +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/messageconditions.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/messageconditions.md new file mode 100644 index 0000000000..4e199ae767 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/messageconditions.md @@ -0,0 +1,114 @@ +# EWSPublicFolder FW: Message Conditions + +Use the Message Conditions page to apply filters to the message category part of the search. + +![Filter Wizard Message Conditions page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) + +Customize message search filter conditions using the following options: + +- Message category – Select a message category using the dropdown menu from the following: + + - Common + - Email + - Appointment + - Schedule + - Contact + - Task + - Journal + - Note + - Post + - RSS Feed + - Unified Messaging + +- Select conditions – To add it to the search, select any of the following conditions: + + **NOTE:** The conditions that are available in the Select Conditions box depends on the selected + **Message category**. + + - with specific message classes + - that is created in specific date + - with search terms in the subject + - with search terms in the body + - with search terms in the subject or body + - with search terms in the message header + - with search terms in the recipient’s address + - with search terms in the sender’s address + - that has an attachment + - that is received in specific date + - with specific Message ID + - that occurs in specific date + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click **specific** to open the MessageClasses Window. See the + [MessageClasses Window](#messageclasses-window) topic for additional information. + - Click **in specific date** to open the Date Range Selection Window. See the + [Date Range Selection Window](#date-range-selection-window) topic for additional information. + - Click **search terms** to open the Search Terms Window. See the + [Search Terms Window](#search-terms-window) topic for additional information. + - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice + versa + +## MessageClasses Window + +Use the MessageClasses window to alter criteria related to message class. The Message Classes window +opens if **specific** is clicked in the Edit Conditions box on the Message Conditions page. + +![MessagesClasses window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp) + +Determine MessageClass-related criteria using the following options: + +- To add a class, click **Add** +- Enter the desired Message Class in the corresponding textbox +- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy + and select the preferred option: + + - Exact Match + - Starts With + - Contains + +- To remove a message class, select it and click **Remove** +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms + +## Date Range Selection Window + +Use the Date Range Selection window to select a time period or range for the search. The Date Range +Selection window opens if **in specific date** is clicked in the Edit Conditions box on the Message +Conditions page. + +![Date Range Selection window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp) + +Determine the time period or range of the search using the following options: + +- Over [Number] [Time Period] ago +- Last [Number] [Time Period] +- Before [Date] +- After [Date] +- Between [Date] and [Date] + +## Search Terms Window + +Use the Search Terms window to determine terms for the search. The Search Terms window opens if +**search terms** is selected in the Edit Conditions box. + +![Search Terms window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) + +Determine terms for the search using the following options: + +- Type the desired term into the upper text box and click **Add** to add the term to the lower text + box, which adds the term to the search +- Select a term in the lower text box, and click **Remove** to remove the term from the search +- Click **Clear** to clear all terms from the lower box +- Select the desired qualifier option: + + - Contains ALL of the following search terms (And) – Search only returns results containing all + of the search terms + - Contains ANY of the following search terms (Or) – Search returns results containing any one or + more of the search terms + +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/savefilter.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/savefilter.md new file mode 100644 index 0000000000..7b5ab708ce --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/savefilter.md @@ -0,0 +1,10 @@ +# EWSPublicFolder FW: Save Filter + +Use the Save Filter Page to name and describe the custom filter created in the wizard. + +![Filter Wizard Save Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp) + +Label the custom filter using the following options: + +- Enter a name for the filter in the Filter Name textbox +- Enter any desired description for the filter in the Description textbox diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/searchfilter.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/searchfilter.md new file mode 100644 index 0000000000..87722780bb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/searchfilter.md @@ -0,0 +1,65 @@ +# EWSPublicFolder FW: Search Filter + +Use the Search Filter page to choose a filter template for the search. + +![Filter Wizard Search Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/searchfilter.webp) + +Customize folder search conditions using the following options: + +- Select template – Select any of the following template options: + + - Blank + - All non-archived items over 90 days ago + - All calendar items that contains attachment that occurred over 90 days ago + +- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any + of the template conditions + + **NOTE:** The values present depends on the selections made in the Select conditions box. + + - Click either **IPM.Note** or **IPM.Appointment**, to open the MessageClasses Window with + IPM.Note or IPM.Appointment class populated, respectively. See the + [MessageClasses Window](#messageclasses-window) topic for additional information. + - Click **over 90 Day ago** to open the Date Range Selection Window. See the + [Date Range Selection Window](#date-range-selection-window) + - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice + versa + +## MessageClasses Window + +Use the MessageClasses window to alter criteria related to message class. The Message Classes window +opens if **Ipm.Note** or **Ipm.Appointment** is clicked in the Edit Conditions box on the Search +Filter page. + +![MessagesClasses window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp) + +Determine MessageClass-related criteria using the following options: + +- To add a class, click **Add** +- Enter the desired Message Class in the corresponding textbox +- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy + and select the preferred option: + + - Exact Match + - Starts With + - Contains + +- To remove a message class, select it and click **Remove** +- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing + search terms + +## Date Range Selection Window + +Use the Date Range Selection window to select a time period or range for the search. The Date Range +Selection window opens if **over 90 Day ago** is clicked in the Edit Conditions box on the Search +Filter page. + +![Date Range Selection window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp) + +Determine the time period or range of the search using the following options: + +- Over [Number] [Time Period] ago +- Last [Number] [Time Period] +- Before [Date] +- After [Date] +- Between [Date] and [Date] diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/options.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/options.md new file mode 100644 index 0000000000..5c678d876d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/options.md @@ -0,0 +1,22 @@ +# EWSPublicFolder: Options + +The Scan options page provides general scan options. It is a wizard page for all of the categories. + +![options](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/options.webp) + +Select any desired scan options: + +- Ignore certificate errors – Ignores certificate errors when connecting to Exchange Web Services +- Match job host against autodiscovered host – Matches the name of the job host against the host + name returned from autodiscover + + **_RECOMMENDED:_** Use this option when scanning multiple Exchange environments with a single + job and the Connection Profile has multiple credentials in it. + +- Authentication – Select an Authentication type from the drop down: + + - Negotiate + - Basic + - NTLM + - Kerberos + - Digest diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/overview.md new file mode 100644 index 0000000000..8e4e1e9445 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/overview.md @@ -0,0 +1,46 @@ +# EWSPublicFolder Data Collector + +The EWSPublicFolder Data Collector provides configuration options to extract public folder contents, +permissions, and sensitive data, and is preconfigured within the Exchange Solution. Both this data +collector and the solution are available with a special Access Analyzer license. See the +[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. + +Protocols + +- HTTPS +- ADSI +- LDAP + +Ports + +- TCP 389 +- TCP 443 + +Permissions + +- Exchange Admin Role +- Discovery Management Role +- Application Impersonation Role +- Exchange Online License with a mailbox + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## EWSPublicFolder Query Configuration + +The EWSPublicFolder Data Collector is configured through the Exchange Public Folder Data Collector +Wizard. The wizard contains the following pages: + +**NOTE:** The Category selected may alter the subsequent steps displayed by the wizard. + +- [EWSPublicFolder: Category](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/category.md) +- [EWSPublicFolder: Options](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/options.md) +- [EWSPublicFolder: SDD Options](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/sddoptions.md) +- [EWSPublicFolder: Critieria](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/critieria.md) +- [EWSPublicFolder: Filter](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filter.md) +- [EWSPublicFolder: Search Filter](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/searchfilter.md) +- [EWSPublicFolder: Results](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/results.md) +- [EWSPublicFolder: Summary](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/summary.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/results.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/results.md new file mode 100644 index 0000000000..37a46e303d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/results.md @@ -0,0 +1,16 @@ +# EWSPublicFolder: Results + +The Results page is used to select which properties will be gathered out of those available for the +category. It is a wizard page for all of the categories. + +![EWS Public Folder Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/results.webp) + +Select criteria using the following options: + +- Select the checkbox of any property to include it in the summary. All selected properties will be + gathered. + + **NOTE:** Available properties vary based on the category selected. + +- Click **Select All** to select all properties +- Click **Clear All** to clear all selected properties diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/sddoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/sddoptions.md new file mode 100644 index 0000000000..25689391cd --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/sddoptions.md @@ -0,0 +1,14 @@ +# EWSPublicFolder: SDD Options + +Use the Sensitive data scan options page to configure options to for discovering sensitive data. It +is a wizard page for the Sensitive Data category. + +![EWS Public Folder Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/sddoptions.webp) + +Select the applicable Sensitive data scan options: + +- Store discovered sensitive data – Stores discovered sensitive data in the database +- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria + for discovered sensitive data + + **NOTE:** This option is only available if **Store discovered sensitive data** is selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/searchfilter.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/searchfilter.md new file mode 100644 index 0000000000..e9a303af2b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/searchfilter.md @@ -0,0 +1,20 @@ +# EWSPublicFolder: Search Filter + +The Search filter settings page applies a filter used to search mailboxes in the environment. It is +a wizard page for the category of: + +- PublicFolder search + +![EWS Public Folder Data Collector Wizard Search Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/searchfilter.webp) + +Click **Add Filter** to open the Filter Wizard + +## EWSPublicFolder Filter Wizard (FW) + +The Filter Wizard manages properties of the search filter. The Filter Wizard pages are: + +- [EWSPublicFolder FW: Search Filter](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/searchfilter.md) +- [EWSPublicFolder FW: Folder Conditions](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/folderconditions.md) +- [EWSPublicFolder FW: Message Conditions](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/messageconditions.md) +- [EWSPublicFolder FW: BodyOptions](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/bodyoptions.md) +- [EWSPublicFolder FW: Save Filter](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterwizard/savefilter.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/summary.md new file mode 100644 index 0000000000..ea5076bb01 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/summary.md @@ -0,0 +1,9 @@ +# EWSPublicFolder: Summary + +The Summary page displays a summary of the configured query. It wizard page for all categories. + +![EWS Public Folder Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the EWS Public Folder Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/category.md b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/category.md new file mode 100644 index 0000000000..92c1518b6a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/category.md @@ -0,0 +1,104 @@ +# Exchange2K: Category + +The Exchange2K Data Collector contains the following query categories, sub-divided by auditing +focus: + +![Exchange 2K+ Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/category.webp) + +- Exchange Organization + + - Organization – Exchange organization properties + - Administrative Groups + - Exchange Servers + - Storage Groups + - Exchange 2007/2010 Users – User properties from PowerShell commands + - Users – Mail-enabled and mailbox-enabled user + - Groups – Mail-enabled groups + - Contacts + - QBDGs – Query-Based Distribution Groups + +- Exchange Server Configuration + + - Recipient Update Services + - Message Delivery – System-wide message settings + - Instant Messaging – Instant messaging settings + - Exchange Mailbox Store Logons – The users currently logged on to Microsoft Exchange 2007 and + 2010 + +- Exchange 2007/2010 Hub Transport Configuration + + - Accepted Domains + - Remote Domains + - Transport Rules + - Journaling + +- Exchange 2007 CCR/SCR + + - Server Status + - CCR Storage Group Status + - SCR Storage Group Status + - Replication Health + +- Exchange 2007/2010 Unified Messaging + + - Dial plans + - IP gateways + - Mailbox policies + - Auto attendants + +- Exchange 2010 DAG + + - Exchange 2010 Mailbox Database Copy Status + - Exchange 2010 Data Availability Group + - Replication Health + +- Connectors + + - SMTP Connectors + - Exchange 2007/2010 Receive Connectors + - Exchange 2007/2010 Send Connectors + - Routing Group Connectors + - TCPX 400 Connectors + - X25X 400 Connectors + +- Protocols + + - HTTP Virtual Servers + - IMAP4 Virtual Servers + - NNTP Virtual Servers + - POP3 Virtual Servers + - SMTP Virtual Servers + - X400 Protocol + - Exchange 2007/2010 IMAP4 protocol + - Exchange 2007/2010 POP3 protocol + - Exchange 2007/2010 ActiveSync Protocols + +- Queues + + - Exchange Queues + - Exchange 2007/2010 Queries + +- Policies + + - Recipient Policies + - Exchange Server Policies + - Exchange 2007/2010 Email Policies + - Mailbox Store Policies + - Public Store Policies + - Exchange 2007/2010 ActiveSync Mailbox Policies + - Exchange 2010 Throttling Policies + +- Address Lists + + - Address Lists + - Global Address Lists + - Offline Address Lists + +- Internet Message Formats +- Mailbox Stores +- Public Stores +- Public Folders +- Anti-Virus Software +- OrphanedMailboxes +- OrphanedPublicFolders +- Exchange 2007/2010 ActiveSync Mobile Devices diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/mapisettings.md b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/mapisettings.md new file mode 100644 index 0000000000..9048ead4c3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/mapisettings.md @@ -0,0 +1,31 @@ +# Exchange2K: MAPI Settings + +The MAPI Settings page is used to enter configurations to connect to target Exchange servers. By +default, Access Analyzer connects to Exchange using System Attendant. For Exchange 2010 and 2013, a +mailbox and a client access server need to be entered in order to make a MAPI connection. These +settings only need to be configured if not configured at the Global Settings level. It is a wizard +page for the categories of: + +- Exchange Organization > Users +- Mailbox Stores +- Public Folders +- OrphanedMailboxes +- OrphanedPublicFolders + +![Exchange 2K+ Data Collector Wizard MAPI Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/mapisettings.webp) + +Configure the Connection Setting by selecting from the following: + +- Use Global settings: +- System Attendant (2003 & 2007) +- Use the mailbox associated with the Windows account that Access Analyzer is run with +- Exchange Mailbox (2010 and newer) +- Client Access Server + +Enter a server to Test Connection Setting: + +- Exchange Server – Enter the Exchange Mailbox Server to use to test the connection setting to make + sure that there is access to the server entered +- Test connection setting – Click to test the connection to the Exchange server + +The box at the bottom of the page displays information regarding the test connection in progress. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/options.md b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/options.md new file mode 100644 index 0000000000..2c95e1b328 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/options.md @@ -0,0 +1,32 @@ +# Exchange2K: Options + +The Options page provides additional configuration options for the query. Available options vary +depending on the category selected. It is a wizard page for all of the categories. + +![Exchange 2K+ Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/options.webp) + +Configure the Options step using the following options: + +- How to format collected – Select how the table will be formatted according to the return data + + - Return data as collected + - Return each value of the following property in a separate row – Enabled for specific + properties selected on the Results page + - Return data in a separate row for each property set in the following group – Enabled for + specific properties selected on the Results page + +- How to return multi-valued properties – Select how the table will be formatted when the return + data contains multi-valued properties + + - Concatenated – Return the data in a continuous string without gaps + + - Delimiter – Enter the desired delimiter to be used between values + + - First-value only – Only display the first value + +- Message size units – Available for the Exchange Organization > Users, Mailbox Stores, and Public + Stores categories. Choose between: + + - KB + - MB + - GB diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/overview.md new file mode 100644 index 0000000000..715333a5ee --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/overview.md @@ -0,0 +1,49 @@ +# Exchange2K Data Collector + +The Exchange2K Data Collector extracts configuration details from Exchange organizations for +versions 2003 and later. This is a MAPI-based data collector which requires the **Settings** > +**Exchange** node to be enabled and configured. See the [Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) topic +for additional information. + +The Exchange2K Data Collector has been preconfigured within the Exchange Solution. Both this data +collector and the solution are available with a special Access Analyzer license. See the +[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. + +Protocols + +- LDAP +- MAPI +- PowerShell +- RPC +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports +- TCP 389 +- Optional TCP 445 + +Permissions + +- Member of the Exchange Administrator group +- Domain Admin for AD property collection +- Public Folder Management + +## Exchange2K Query Configuration + +The Exchange2K Data Collector is configured through the Exchange 2K+ Data Collector Wizard, which +contains the following wizard pages: + +- Welcome +- [Exchange2K: Category](/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/category.md) +- [Exchange2K: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/scope.md) +- [Exchange2K: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/results.md) +- [Exchange2K: MAPI Settings](/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/mapisettings.md) +- [Exchange2K: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/options.md) +- [Exchange2K: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/summary.md) + +![Exchange 2K+ Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not show this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/results.md b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/results.md new file mode 100644 index 0000000000..0a5f853278 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/results.md @@ -0,0 +1,11 @@ +# Exchange2K: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for +all. + +![Exchange 2K+ Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/results.webp) + +Properties can be selected individually or the **Check All**, **Uncheck All**, or **Reset Defaults** +buttons can be used. All Selected properties will be gathered. Click **Expand All** to expand all +properties, or **Collapse All** to collapse all properties. Available properties vary based on the +category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/scope.md b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/scope.md new file mode 100644 index 0000000000..575bdbf6d1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/scope.md @@ -0,0 +1,19 @@ +# Exchange2K: Scope + +The Scope page is used to define where to search. It is a wizard page for the categories of: + +- Exchange Organization > Users +- Exchange Organization > Groups +- Exchange Organization > Contacts +- Exchange Organization > QBDGs + +![Exchange 2K+ Data Collector Wizard Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/scope.webp) + +Select where to connect for the search and click **Connect** to add the domain or server: + +- Default domain – Select this option to search the default domain +- This domain or server – Click the ellipsis to open the Browse for Domain window and select a + domain or server. + +Click **Add** to add the OUs highlighted in the top box to the scope. Click **Remove** to remove the +selected OU. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/summary.md new file mode 100644 index 0000000000..bd4dc185c5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/summary.md @@ -0,0 +1,10 @@ +# Exchange2K: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all of the +categories. + +![Exchange 2K+ Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Exchange 2K+ Data Collector Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/category.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/category.md new file mode 100644 index 0000000000..7956e1f8d9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/category.md @@ -0,0 +1,17 @@ +# ExchangeMailbox: Category + +The Exchange Mailbox Data Collector contains the following Exchange Mailbox categories for +searching: + +![Exchange Mailbox Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/category.webp) + +The Category page contains a list of objects the query searches for: + +- Mailboxes +- Mailbox contents +- Mailbox permissions +- Mailbox sensitive data discovery +- Mailbox search – Enables the Return data options: + + - Per mailbox + - Per folder diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/options.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/options.md new file mode 100644 index 0000000000..4f33bd510a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/options.md @@ -0,0 +1,44 @@ +# ExchangeMailbox: Options + +The Options page provides different configuration options for the search. It is a wizard page for +the following categories: + +- Mailboxes +- Mailbox contents +- Mailbox permissions +- Mailbox sensitive data discovery + +![Exchange Mailbox Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/options.webp) + +The following options can be configured: + +**NOTE:** Options available vary based upon the category selected. + +- Message size units: + + - KB + - MB + +- Folders + + - All Folders – Select to include all folders in the query. When deselected, the other options + of the category become available. + - Include root folder – Include root folders of the selected folders in the query + + - - – Enter the name of a folder to include and click **+** to add it to the list of + included folders + - - – Select a folder from the list of included folders ad click **–** to remove it + + - Include subfolders in message counters – Include messages contained in subfolders of the + selected folders in the message count + +- Attachment Types + + - Count attachment types – Counts attachment types as part of the query. When selected, this + enables the following options: + + - Add New – Adds another line to the list of attachment types which is manually edited + - Load Defaults – Reverts the list to default attachment types + - Remove – Remove selected attachment type from the list + +- Large Attachment Threshold (KB) – Default is 500 diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/overview.md new file mode 100644 index 0000000000..712ef87f84 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/overview.md @@ -0,0 +1,77 @@ +# ExchangeMailbox Data Collector + +The ExchangeMailbox Data Collector extracts configuration details from the Exchange Store to provide +statistical, content, permission, and sensitive data reporting on mailboxes. This is a MAPI-based +data collector which requires the **Settings** > **Exchange** node to be enabled and configured. See +the [Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) topic for additional information. + +The ExchangeMailbox Data Collector is available with a special Access Analyzer license. See the +[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. + +Protocols + +- MAPI +- RPC + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Exchange Administrator group +- Organization Management +- Discovery Management + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## ExchangeMailbox Query Configuration + +The ExchangeMailbox Data Collector is configured through the Exchange Mailbox Data Collector Wizard, +which contains the following wizard pages: + +- Welcome +- [ExchangeMailbox: Category](/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/category.md) +- [ExchangeMailbox: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scope.md) +- [ExchangeMailbox: Properties](/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/properties.md) +- [ExchangeMailbox: SDD Criteria](/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/sddcriteria.md) +- [ExchangeMailbox: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/options.md) +- [ExchangeMailbox: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/summary.md) + +The query requires special permissions to connect to target Exchange servers. Assign these +permissions on the Welcome page. + +![Exchange Mailbox Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/welcome.webp) + +Connection Setting + +Select one of the following options for the connection setting: + +- Use Global setting – The configured Global Setting is displayed next to this checkbox. Select the + checkbox to use the global setting. +- System Attendant (2003 & 2007) – Enabled when the **Use Global Setting** checkbox is not selected. + Select this option to use System Attendant (2003 & 2007) for the connection. +- Use the mailbox associated with the Windows account that Access Analyzer is run with – Enabled + when the **Use Global Setting** checkbox is not selected. Select this option to use the mailbox + associated with the Windows account that Access Analyzer is run with for the connection. +- Exchange Mailbox (2010 and newer) – Enabled when the **Use Global Setting** checkbox is not + selected. Select this option to use an Exchange Mailbox (2010 and newer) for the connection. The + Client Access Server must be entered unless specified in the Global Settings. + + - Client Access Server – A private store server is needed if the Exchange server only has public + stores + +Test Connection Setting + +Enter a server to test the connection string: + +- Exchange Server – Enter the Exchange Mailbox Server to use to test the connection setting to make + sure that there is access to the server entered +- Test – Click **Test** to test the connection to the Exchange server + +The box at the bottom of the page displays information regarding the test connection in progress. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/properties.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/properties.md new file mode 100644 index 0000000000..638d465d17 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/properties.md @@ -0,0 +1,16 @@ +# ExchangeMailbox: Properties + +The Properties page is where properties that will be gathered are selected. The available properties +depend on the category selected. It is a wizard page for all of the categories. + +![Exchange Mailbox Data Collector Wizard Properties page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/properties.webp) + +Properties can be selected individually or you can use the Select All, Clear All, and Reset All +buttons. All selected properties will be gathered. Click **Message Classes** to open the Message +classes filters window. + +![Message classes filters window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/messageclassesfilterswindow.webp) + +The wildcard (`*`) returns all message class filters. Enter the name of the class filter and click +**Add** to add it to the list. **Delete** will remove the selected class filter from the list. The +**Load defaults** option will restore the class filter default settings. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scope.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scope.md new file mode 100644 index 0000000000..bfbeac5178 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scope.md @@ -0,0 +1,34 @@ +# ExchangeMailbox: Scope + +The Scope page is used to define which mailboxes are to be queried. It is a wizard page for all of +the categories. + +![Exchange Mailbox Data Collector Wizard Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scope.webp) + +At the top, configure the mailboxes to be queried. The selected option changes how the mailboxes are +identified for scoping. + +- All mailboxes – Searches all mailboxes +- Selected mailboxes from server – Retrieves all mailboxes in the Exchange organization, making them + visible within the **Available mailboxes on connected server** list. The following options + display: + + ![Scope page with Selected mailboxes from server selected](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp) + + - Retrieve – Enter the server and select Retrieve to display the list of mailboxes on that + server + - Add – Select the desired mailboxes to add to the query. The added mailboxes display in the + **Selected mailboxes** list. + - Remove – Deletes selected mailboxes from the list + - Select All – Click the Select All icon to select all mailboxes in the list + - Clear All – Click the Clear All icon to clear all current selections in the list + +- Selected table – Populates the **Available tables** list with tables from the Access Analyzer + database + + ![Scope page with Selected table selected](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scopeselectedtable.webp) + + - Table – Filters this list by tables. Select the table which hosts the list of mailboxes for + which this query will be scoped. + - Field containing EmailAddressDNs – This list will be populated with columns from the selected + table. Select the appropriate column from the list. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/sddcriteria.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/sddcriteria.md new file mode 100644 index 0000000000..74b35b83de --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/sddcriteria.md @@ -0,0 +1,25 @@ +# ExchangeMailbox: SDD Criteria + +The SDD Criteria page is where criteria to be used for discovering sensitive data are configured. It +is a wizard page for the Mailbox sensitive data discovery category. + +![Exchange Mailbox Data Collector Wizard SDD Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/sddcriteria.webp) + +Select the checkbox for the criteria to be used to search for sensitive data. Criteria can also be +selected using the **Select All** and **Select None** buttons. + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria +- Edit – Click this button to access the Criteria Editor where user-defined criteria can be created + or customized. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) topic + for additional information. +- Store discovered sensitive data – Stores the potentially sensitive data that matches the selected + criteria in the Access Analyzer database. Select this checkbox to store a copy of the criteria + match data. This copy can be used to check for false positives, data that matches the selected + criteria but is not actually sensitive. +- Limit stored matches per criteria to [number] – Identifies the number of potentially sensitive + data matches that are copied to the database. The default is 5 matches. This option is only + available if the **Store discovered sensitive data** option is selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/summary.md new file mode 100644 index 0000000000..b63f89d1c9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/summary.md @@ -0,0 +1,9 @@ +# ExchangeMailbox: Summary + +The Summary page displays a summary of the configured query. It wizard page for all categories. + +![Exchange Mailbox Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Exchange Mailbox Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/category.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/category.md new file mode 100644 index 0000000000..bdcbfdd35a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/category.md @@ -0,0 +1,35 @@ +# ExchangeMetrics: Category + +The Category page is used to identify the type of Exchange Metrics information to retrieve. + +![Exchange Metrics Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/category.webp) + +The ExchangeMetrics Data Collector contains the following query categories: + +- Exchange Metrics Queries + + - Server Volume – Summary metrics by server for all messages sent and received inside and + outside of the Exchange organization + - Internal Traffic Summary – Summary metrics by server for all messages sent and received inside + of the Exchange organization + - Internet Traffic Summary – Summary metrics by external domain for messages sent and received + outside of the Exchange organization + - Delivery Time – Summary metrics by server for all messages delivered within specified delivery + time window + - Delivery Time Custom – Summary metrics by server for all messages delivered within delivery + time windows + - User Statistics – Summary metrics by user for all messages sent and received by each user + - DL Statistics – Summary metrics by distribution list (DL) for all messages received by each DL + - Hour Statistics – Summary metrics by server for all messages delivered within specified hour + slot + - Message Size Statistics – Summary metrics by server for all messages of specified sizes + - Message Size Statistics Custom – Summary metrics by serer for message size windows + - User’s Message Activity – Message activity per user + - User’s Message Activity Per Hour – Message activity per user per hour + +- Exchange Metrics Applet Maintenance + + - Deploy or Change Applet Settings – Deploys a data collector applet to an Exchange Server, or + update its settings + - Check Applet State – Information about a deployed data collector applet + - Remove Applet Settings – Removes a deployed data collector applet from an Exchange Server diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/collectmode.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/collectmode.md new file mode 100644 index 0000000000..1d15c83e8d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/collectmode.md @@ -0,0 +1,31 @@ +# ExchangeMetrics: Collect Mode + +The Collect Mode page is where to set the collection mode. It is a wizard page for the categories +of: + +- Server Volume +- Internal Traffic Summary +- Internet Traffic Summary +- Delivery Time +- Delivery Time Custom +- User Statistics +- DL Statistics +- Hour Statistics +- Message Size Statistics +- Message Size Statistics Custom +- User’s Message Activity +- User’s Message Activity Per Hour + +![Exchange Metrics Data Collector Wizard Collect Mode page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/collectmode.webp) + +There are two types of collection modes: + +- Query Summary Data Only – In this mode, the applet gathers only existing summary data and returns + it to the Access Analyzer Console. In order to process Exchange tracking log files, another + instance of the applet must be configured. +- Process Exchange Tracking Logs and Query Summary Data – In this mode, the applet processes missing + summary data and returns it to the Access Analyzer Console. This mode includes an additional + setting for **Summary data path**. Choose between: + + - Default location + - Specific location – Specify the folder location diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messageactivityfilter.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messageactivityfilter.md new file mode 100644 index 0000000000..bcf9174924 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messageactivityfilter.md @@ -0,0 +1,30 @@ +# ExchangeMetrics: Message Activity Filter + +The Message Activity Filter page configures which domains the data collector should return mail flow +from specific senders and to specific recipients. For example, if `@netwrix.com` is entered in the +Senders list and `@netwrix.com` in the Recipients list, message activity will be returned only for +mail sent to and received from an `@netwrix.com` address. It is a wizard page for the categories of: + +- User’s Message Activity +- User’s Message Activity Per Hour + +![Exchange Metrics Data Collector Wizard Message Activity Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messageactivityfilter.webp) + +Configure the Message Activity Filter using the following options: + +- Add – To add a filter to the desired category, click **Add** in the desired category to add an + entry to that category +- Select **Exact Match** in the added filter to reveal a drop-down list with the following condition + options: + + - Exact matches + - Contains + - Begins with + - Ends with + +- Kind – Select **(Custom…)** to open the Custom Filter menu. The Custom Filter menu provides + options to create and configure other filters. +- Value – Type the filter to be applied + +The columns in the entry tables can be sorted and or filtered, using the same sorting and filtering +methods of Access Analyzer data grids. The **Remove** option will delete a selected filter. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messagesizes.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messagesizes.md new file mode 100644 index 0000000000..0a9c67bd21 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messagesizes.md @@ -0,0 +1,26 @@ +# ExchangeMetrics: Message Sizes + +The Message Sizes page is used to configure message size frames for which to return summary metrics +by server. It is a wizard page for the category of: + +- Message Size Statistics Custom. + +![Exchange Metrics Data Collector Wizard Message Sizes page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messagesizes.webp) + +Configure the desired message size frames using the following options: + +- Frame name – Name the configured message size parameters. Can either be entered manually or a + default will populate when query limits are set. +- Start – Specify the lower limit of the message sizes (in MB) +- End – Specify the upper limit of the message sizes (in MB) + +For example, a **Start** value of **1** and an **End** value of **2** returns messages between 1 and +2 megabytes. + +- Infinite – Select the checkbox to remove the **End** value from the scan. For example, a **Start** + value of **5** with the **Infinite** checkbox selected retrieves all messages which are 5 + megabytes or larger. + +Once the frame is configured, click **Add**. The configured message size frame will appear in the +list. Multiple frames can be configured. Select a frame and click **Replace** to modify an existing +frame. Use **Remove** to delete an existing frame. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/options.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/options.md new file mode 100644 index 0000000000..2a3144783b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/options.md @@ -0,0 +1,57 @@ +# ExchangeMetrics: Options + +The Options page provides additional configuration options for the query. Options vary depending on +the category selected. It is a wizard page for the categories of: + +- Server Volume +- Internal Traffic Summary +- Internet Traffic Summary +- Delivery Time +- Delivery Time Custom +- User Statistics +- DL Statistics +- Hour Statistics +- Message Size Statistics +- Message Size Statistics Custom +- User’s Message Activity +- User’s Message Activity Per Hour +- Deploy or Change Applet Settings +- Remove Applet Settings + +![Exchange Metrics Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/options.webp) + +Select the checkbox of any of the following options to configure the query: + +**NOTE:** Available options vary depending on Category selected. + +- Host-side Cleanup + + - Remove applet after task is completed + - Remove all summary data after task is completed (Not recommended) + - Remove summary data older than [number] days + - Remove AD database after task is completed + +- Applet Logging + + - Enable Logging – Enables the applet to log + - Applet log level – Select the desired log level using the dropdown list: + + - None + - Debug + - Information + - Warning + - Error + + - Set Default – Returns the Applet log level to the default of **Error** + +- Applet History + + - Enable Persistent Log State – Search the log from where the previous search left off. A state + file is created for each host configured in the query. State files can be viewed within Access + Analyzer and are named by the query GUID. State files display the record the previous search + left off on, the event log, and the date of the last entry. + +- AD Database Creation + + - Recreate AD DB if existing DB is older than [number] days + - Create AD DB locally diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/overview.md new file mode 100644 index 0000000000..5f665af1cf --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/overview.md @@ -0,0 +1,52 @@ +# ExchangeMetrics Data Collector + +The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking +Logs on the Exchange servers. Some examples of this include server volume and message size +statistics. This data collector runs as an applet over RPC connection to process and collect +summarized metrics from the Message Tracking Log. See the +[Exchange Support and Permissions Explained](/docs/accessanalyzer/12.0/requirements/solutions/exchange/support.md) +topic for a complete list of supported platforms. + +The ExchangeMetrics Data Collector has been preconfigured within the Exchange Solution. Both this +data collector and the solution are available with a special Access Analyzer license. See the +[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the local Administrator group on the targeted Exchange server(s) + +See the [Exchange Mail-Flow Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/mailflow.md) topic +for additional information. + +## ExchangeMetrics Query Configuration + +The ExchangeMetrics Data Collector is configured through the Exchange Metrics Data Collector Wizard, +which contains the following wizard pages: + +- Welcome +- [ExchangeMetrics: Category](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/category.md) +- [ExchangeMetrics: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/scope.md) +- [ExchangeMetrics: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/results.md) +- [ExchangeMetrics: Collect Mode](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/collectmode.md) +- [ExchangeMetrics: Time Frames](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/timeframes.md) +- [ExchangeMetrics: Message Sizes](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messagesizes.md) +- [ExchangeMetrics: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/options.md) +- [ExchangeMetrics: Message Activity Filter](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messageactivityfilter.md) +- [ExchangeMetrics: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/summary.md) + + **NOTE:** Pages available vary depending on the Category selected. + +![Exchange Metrics Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/welcome.webp) + +The Welcome page can be hidden by checking the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/results.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/results.md new file mode 100644 index 0000000000..f05f7e855a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/results.md @@ -0,0 +1,10 @@ +# ExchangeMetrics: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +of the categories. + +![Exchange Metrics Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/results.webp) + +Properties can be selected individually or the **Check All**, **Uncheck All**, or **Reset Defaults** +buttons can be used. Click **Expand All** to expand all property categories. All selected properties +will be gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/scope.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/scope.md new file mode 100644 index 0000000000..34e99cafad --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/scope.md @@ -0,0 +1,46 @@ +# ExchangeMetrics: Scope + +The Scope page is used to define where to search. It is a wizard page for the categories of: + +- Server Volume +- Internal Traffic Summary +- Internet Traffic Summary +- Delivery Time +- Delivery Time Custom +- User Statistics +- DL Statistics +- Hour Statistics +- Message Size Statistics +- Message Size Statistics Custom +- User’s Message Activity +- User’s Message Activity Per Hour +- Deploy or Change Applet Settings + +![Exchange Metrics Data Collector Wizard Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/scope.webp) + +Define the scope of the query using the following options: + +- Return data for section – Select the time period for which data will be collected. GMT time is + used by Exchange Metrics to calculate the result. + + - Today + - Yesterday + - This Week (from last Sunday till today) + - Last Week (from Sunday till Saturday) + - This Month + - Last Month + - Last [number] days + - Within time frame: + - From [calendar date] to [calendar date] – Use the drop-down arrows to select calendar dates. + +- Return results section – Select the table design for the collected data + + - One row for – Use the drop-down list to select one of the following options: + + - All period + - Day + - Week + - Month + + - Add summary values as last row – Select this checkbox to add summary values as the last row. + This option is enabled when **Day**, **Week**, or **Month** are selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/summary.md new file mode 100644 index 0000000000..b9103bd174 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/summary.md @@ -0,0 +1,10 @@ +# ExchangeMetrics: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all of the +categories. + +![Exchange Metrics Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Exchange Metrics Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/timeframes.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/timeframes.md new file mode 100644 index 0000000000..83108e3e8c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/timeframes.md @@ -0,0 +1,31 @@ +# ExchangeMetrics: Time Frames + +The Time Frames page is used to configure message delivery time frames for which to return summary +metrics by server. It is a wizard page for the category of: + +- Delivery Time Custom. + +![Exchange Metrics Data Collector Wizard Time Frames page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/timeframes.webp) + +Configure the desired time frames using the following options: + +- Frame name – Name the configured time frame. Can either be entered manually or a default will + populate when frame limits are set. +- Start – Specify the lower limit of the delivery time frame +- End – Specify the upper limit of the delivery time frame +- Select the time unit of the time frame: + + - Seconds + - Minutes + - Hours + +For example, a **Start** value of **1** and an **End** value of **2** with the **Minutes** unit +selected returns messages delivered in 1 to 2 minutes. + +- Infinite – Select the checkbox to eliminate the **End** value from the scan. For example, a + **Start** value of **2** with the **Infinite** checkbox selected retrieves all messages that took + 2 seconds/minutes/hours or longer to deliver. + +Once the frame is configured, click **Add**. The configured message time frame will appear in the +list. Multiple time frames can be configured. Select a frame and click **Replace** to modify an +existing frame. Use **Remove** to delete an existing frame. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/category.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/category.md new file mode 100644 index 0000000000..ae5d17983f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/category.md @@ -0,0 +1,333 @@ +# ExchangePS: Category + +The Category page contains a connection section where connection options are defined. It is also +where the query category is selected. The available query categories are sub-divided by auditing +focus. + +![ExchangePS Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/category.webp) + +## Connection + +In the Connection section, select the method for connecting to the target Exchange environment: + +- Use Global setting – Reads from the global configuration from the **Settings** > **Exchange** + node, specifically the **Client Access Server** (CAS) field + + - See the [Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) topic for additional information on these + settings + +- Use specific server – Use a different server from what is set in core + + - Exchange 2010 Servers – Can use the CAS server set in the global configuration (**Settings** > + **Exchange** node) + - Exchange 2013 & 2016 – Require an actual CAS server name: + + - If the **Settings** > **Exchange** node was configured for MAPI over HTTP, then an actual + CAS server name was supplied and will be used by the ExchangePS Data Collector + - If the **Settings** > **Exchange** node was configured for MAPI over HTTPS, then the + global configuration will have a web address instead of an actual server. Therefore, each + query requires the CAS server to be set as the specific server on the Category page. + +- Use Office 365 – Connect to Office 365 +- Use pipelined PowerShell – Processes each mailbox object in turn. When selected, the data + collector streams data to the database instead of transferring batches of data. + + - This option uses less memory but is more sensitive to network conditions + - Only available for Exchange 2013+ target environments + +## Query Categories + +The ExchangePS Data Collector contains the following query categories, sub-divided by auditing +focus: + +- Mailbox Information + + - Mailboxes – Collects mailbox information + - Mailbox Permissions – Collects permissions on mailbox folders (Exchange 2010 or later) + - Mailbox Databases – Collects information on mailbox databases + + **NOTE:** This option is not available for Office 365 target environments + + - Mailbox Rights – Collects information on mailbox rights + - Mailbox AD Rights – Collects information on mailbox Active Directory rights + - Mailbox Search – Search mailboxes (Exchange 2010 or later) + - Mailbox Access Logons – Collects information on mailbox access logons + +- Exchange Organization + + - Exchange Users – Collects Exchange user properties + +- Exchange ActiveSync + + - Exchange ActiveSync Mobile Devices – Collects Exchange ActiveSync for mobile devices + +- Public Folder Information + + - Public Folder Content – Collects general statistics and sizing for the public folder + environment + - Public Folder Permissions – Collects permission information for the public folder environment + +- Office 365 – Only available for Office 365 target environments + + - Mail Flow Metrics – Collects information about mail flow in the Exchange Online environment + +- Domain Information + + - Domains – Collects information about Domains in the Exchange environment + +Each category has specific requirements and capabilities per auditing focus: + +- [Mailbox Information](#mailbox-information) +- [Exchange Organization](#exchange-organization) +- [Exchange ActiveSync](#exchange-activesync) +- [Public Folder Information](#public-folder-information) +- [Office 365](#office-365) +- [Domain Information](#domain-information) + +### Mailbox Information + +Mailbox Information audit focus contains the following categories: + +Mailboxes + +This category gathers high-level statistics about the Mailboxes in the environment. It can be run +with quick properties or all properties. The quick properties are the first 14 properties and +significantly reduce the time it takes to return the information. The PowerShell queries this +category runs are as follows: + +``` +Get-Mailbox +Get-MailboxStatistics +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +Mailbox Permissions + +This category returns Mailbox Folder permissions and folder level statistics about the mailboxes. +The PowerShell queries this category runs are as follows: + +``` +Get-Mailbox +Get-MailboxFolderPermission +Get-MailboxStatistics +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +Mailbox Databases + +This category returns information about the Mailbox Databases which reside in the organization. The +PowerShell query this category runs is as follows: + +``` +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +Mailbox Rights + +This category returns Mailbox Rights assigned to each Mailbox, such as Full Mailbox Access. The +PowerShell query this category runs is as follows: + +``` +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +Mailbox AD Rights + +This category returns information about the Mailbox Databases which reside in the organization. The +PowerShell query this category runs is as follows: + +``` +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +Mailbox Search + +This category provides the capability to search the Mailbox for any criteria configured inside the +data collector. The PowerShell queries this category runs are as follows: + +``` +Search-Mailbox +Get-Mailbox +Get-MailboxDatabase +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Filter by Message](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/filtermessage.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +Mailbox Access Logons + +This category returns the Mailbox Access Auditing log details. Mailbox Access Auditing does need to +be enabled on the Mailboxes in order for this job to return any information. The PowerShell queries +this category runs are as follows: + +``` +Search-MailboxAuditLog +Get-Mailbox +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Mailbox Logons](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailboxlogons.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +### Exchange Organization + +Exchange Organization audit focus contains the following category: + +Exchange Users + +This category returns information about the Mail-Enabled Users in the Exchange environment. The +PowerShell queries this category runs are as follows: + +``` +Get-User +Get-CASMailbox +Get-Mailbox +Get-ThrottlingPolicyAssociation +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +### Exchange ActiveSync + +Exchange ActiveSync audit focus contains the following category: + +Exchange ActiveSync Mobile Devices + +This category returns ActiveSync device properties and the Exchange Mailboxes they are associated +to. The PowerShell queries this category runs are as follows: + +``` +Get-ActiveSyncDeviceStatistics +Get-Mailbox +``` + +When this category is selected, the following ExchangePS Data Collector Wizard pages are available +for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +### Public Folder Information + +Public Folder Information audit focus contains the following categories: + +Public Folder Content + +This category returns general statistics and sizing for the public folder environment. When it is +selected, the following ExchangePS Data Collector Wizard pages are available for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +Public Folder Permissions + +This category returns permissions information for the public folder environment. When it is +selected, the following ExchangePS Data Collector Wizard pages are available for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +### Office 365 + +Office 365 audit focus contains the following category: + +Mail Flow Metrics + +This category returns information about mail flow in the target Exchange Online environment. When it +is selected, the following ExchangePS Data Collector Wizard pages are available for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Mail Flow](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailflow.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +### Domain Information + +Domain Information audit focus contains the following category: + +Domains + +This category returns information about domains in the Exchange environment. When it is selected, +the following ExchangePS Data Collector Wizard pages are available for configuration: + +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/configurejob.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/configurejob.md new file mode 100644 index 0000000000..6bb0e37829 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/configurejob.md @@ -0,0 +1,80 @@ +# Exchange Custom Connection Profile & Host List + +The ExchangePS Data Collector requires a custom Connection Profile and host list to be created and +assigned to the job conducting the data collection. The host inventory option during host list +creation makes it necessary to configure the Connection Profile first. + +**NOTE:** It is not possible to target both Exchange Online and on-premises Exchange environments +from the same job. Therefore, the Connection Profile should only contain the credentials for one +type of environment. + +## Exchange On-Premises + +This section describes the process to configure the Connection Profile and host list for Exchange +on-premises environments. + +### Exchange On-Premise Credential for a Connection Profile + +The provisioned credential used should be an Active Directory account. Create a Connection Profile +and set the following information on the User Credentials window: + +- Select Account Type – Active Directory Account +- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain + name in the textbox or select a domain from the menu. +- User name – Type the user name +- Password Storage – Choose the for credential password storage: + + - Application – Uses the configured Profile Security setting as selected at the **Settings** > + **Application** node + - CyberArk – Uses the CyberArk Enterprise Password Vault + +- Password – Type the password +- Confirm – Re-type the password + +### Exchange On-Premise Host List + +The ExchangePS Data Collector should be set to run against: + +- Local host + +## Exchange Online + +This section describes the process to configure the Connection Profile and custom host list for +Exchange Online. + +### Exchange Online Credential for a Connection Profile + +The provisioned credential must be created with the Exchange Modern Authentication account type. +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Exchange Modern Authentication +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) + topic for additional information.) +- Organization – The primary domain name of the Microsoft Entra tenant being leveraged to make the + connection. See the + [Identify the Tenant's Name](/docs/accessanalyzer/12.0/config/exchangeonline/access.md#identify-the-tenants-name) + topic for additional information. +- Email Address – The email address for the mailbox to be leveraged in Exchange Online environment + scans. The mailbox must belong to the primary domain used in the Organization field. +- AppID – Application (client) ID of the Access Analyzer application registered with Microsoft Entra + ID. See the + [Identify the Client ID](/docs/accessanalyzer/12.0/config/exchangeonline/access.md#identify-the-client-id) + topic for additional information. +- Certificate Thumbprint – The thumbprint value of the certificate uploaded to the Microsoft Entra + ID application. See the + [Upload Self-Signed Certificate](/docs/accessanalyzer/12.0/config/exchangeonline/access.md#upload-self-signed-certificate) + topic for additional information. + +### Exchange Online Host List + +Exchange Online requires a custom host list. The host list should include the tenant name of the +Microsoft Entra tenant used to connect to Exchange Online. + +- The host name must be the domain name of the tenant, for example `company.onmicrosoft.com`. See + the + [Identify the Tenant's Name](/docs/accessanalyzer/12.0/config/exchangeonline/access.md#identify-the-tenants-name) + topic for additional information. + +See the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) topic for instructions on creating a custom +host list. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md new file mode 100644 index 0000000000..7bba926e07 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md @@ -0,0 +1,16 @@ +# ExchangePS: Error Logging + +The Error Logging page is used to configure how long to keep the PowerShell logs. It is a wizard +page for all of the categories. + +![ExchangePS Data Collector Wizard Error Logging page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.webp) + +Select from the following options: + +- Remove all log files – Removes the PowerShell logs when data collection completes +- Keep log files newer than [number] days – Removes PowerShell logs older than the specified age + when data collection completes + +These log files are stored in the following location on the target host: + +…\STEALTHbits\StealthAUDIT\ExchangePS diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/filtermessage.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/filtermessage.md new file mode 100644 index 0000000000..4b8451013d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/filtermessage.md @@ -0,0 +1,79 @@ +# ExchangePS: Filter by Message + +The Filter by Message page is used to define the filter conditions of the search. It is a wizard +page for the category of: + +- Mailbox Search + +![ExchangePS Data Collector Wizard Filter by Message Conditions page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/filtermessage.webp) + +In the Select Conditions section, choose the filter logic: + +- All Conditions – All selected conditions must be met +- Any condition – Any of the selected conditions must be met + +Available conditions to select from include: + +- date when message expires according to policy – If selected, specify date range through the Date + Range Selection window +- with specific words in the retention policy – If selected, specify words through the Words window +- with specific words in the subject – If selected, specify words through the Words window +- with specific words in the body – If selected, specify words through the Words window +- with specific words in the subject or body – If selected, specify words through the Words window +- with specific words in the recipient’s address – If selected, specify words through the Words + window +- with specific words in the sender’s address – If selected, specify words through the Words window +- that was received in a specific date range – If selected, specify date range through the Date + Range Selection window +- with specific words in the attachment – If selected, specify words through the Words window + +See the [Date Range Selection Window](#date-range-selection-window) and +[Words Window](#words-window) topics for additional information. + +In the Select Search Mailbox Parameters section, select the desired filter parameters: + +- Do not Include Archive +- Include Unsearchable Items +- Search Dumpster +- Search Dumpster Only + +#### Date Range Selection Window + +The Date Range Selection window is opened by the **Specify Date Range...** option for a date related +filter on the Filter by Message page. + +![Date Range Selection window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/daterangeselectionwindow.webp) + +Select the range category on the left and configure the range setting in the enabled fields: + +- Over – Select the number and time units. The available time units are: **Days**, **Months**, or + **Years**. +- Last – Select the number and time units. The available time units are: **Days**, **Months**, or + **Years**. +- Before – Drop-down menu opens a calendar selection view, choose the end date +- After – Drop-down menu opens a calendar selection view, choose the start date +- Between (Date) – Drop-down menus open calendar selection view, choose the start and end dates +- Between – Select the numbers for the lower and upper range boundary, and the desired time units. + The available time units are: **Days**, **Months**, or **Years**. + +When the date range is specified, click **OK**. The selected date range shows as a filter on the +Filter by Message page. Click the filter to open the Date Range Selection window to modify the date +range. + +#### Words Window + +The Words window is opened by the **Specify words...** option for a word related filter on the +Filter by Message page. + +![Words window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/wordswindow.webp) + +In the Search property section, choose the filter logic: + +- All Words – All selected word filters must be met +- Any Words – Any of the selected word filters must be met + +Then, configure the required words in the filter list. Enter the word in the textbox and click +**Add**. To delete a word from the filter list, select the word and click **Remove**. + +When the word list is complete, click **OK**. The specified words show as a filter on the Filter by +Message page. Click the filter to open the Words window to modify the list. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailboxlogons.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailboxlogons.md new file mode 100644 index 0000000000..bb9150b2e5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailboxlogons.md @@ -0,0 +1,21 @@ +# ExchangePS: Mailbox Logons + +The Mailbox Logons page is used to define the type of mailbox logon events to return, as well as the +date range to be returned. It is a wizard page for the category of Mailbox Information > Mailbox +Access Logons. + +![ExchangePS Data Collector Wizard Mailbox Logons page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailboxlogons.webp) + +Select the desired checkboxes to indicate which logons to audit: + +- Delegate +- Admin +- Owner + +Specify the date range for the logons: + +- Last – Select the number and time units + + **NOTE:** Available units are **Days**, **Months**, or **Years**. + +- Between (Date) – Use the drop-down menus to open calendars to select the start and end dates diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailflow.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailflow.md new file mode 100644 index 0000000000..3b6920fc43 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailflow.md @@ -0,0 +1,16 @@ +# ExchangePS: Mail Flow + +The Mail Flow page returns permissions information for the public folder environment. It is a wizard +page for the category of: + +- Office 365 > Mail Flow Metrics + +![ExchangePS Data Collector Wizard Mail Flow page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailflow.webp) + +Select and configure a date range from the following options: + +**NOTE:** Date range must be 7 days or less. + +- Last – Select the number of days +- Between (Date) – Use the drop-down menus to open the calendar selection view to choose the start + and end dates diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md new file mode 100644 index 0000000000..91c89093a8 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md @@ -0,0 +1,31 @@ +# ExchangePS: Options + +The Options page is used to configure additional options. It is a wizard page for all of the +categories. + +![ExchangePS Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.webp) + +The following options can be configured: + +- Message size units - Select the message size for the query: + + - KB + - MB + - GB + +- How to format collected results – Select how table will be formatted according to the return data: + + - Return data as collected + - Return each value of the following property in a separate row – Enabled for specific + properties selected on the Results page + - Return data in a separate row for each property set in the following group – Enabled for + specific properties selected on the Results page + +- How to return multi-valued properties – Select how the table will be formatted when the return + data contains multi-valued properties: + + - Concatenated + + - Delimiter – Enter the desired delimiter to be used between values + + - First-value only diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/overview.md new file mode 100644 index 0000000000..a4ee5a9922 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/overview.md @@ -0,0 +1,83 @@ +# ExchangePS Data Collector + +The ExchangePS Data Collector utilizes the Exchange CMDlets to return information about the Exchange +environment utilizing PowerShell. This data collector has been designed to work with Exchange 2010 +and newer. The ExchangePS Data Collector has been preconfigured within the Exchange Solution. Both +this data collector and the solution are available with a special Access Analyzer license. See the +[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. + +Protocols + +- PowerShell + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Remote PowerShell enabled on a single Exchange server +- Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server + where Remote PowerShell has been enabled +- View-Only Organization Management Role Group +- Discovery Search Management Role Group +- Public Folder Management Role Group +- Mailbox Search Role + +- Discovery Management Role +- Organization Management Role + +See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) +topic for additional information. + +## Remote PowerShell + +The ExchangePS Data Collector will utilize Remote PowerShell when connecting to Exchange 2010 or +newer. This behavior simulates what the Exchange Management Shell does when loading. The below +PowerShell syntax is an example of how the connection is loaded through PowerShell. + +``` +$JobUserName = '{insert domain\username}' +$JobPassword = '{insert password}' +$secpasswd = ConvertTo-SecureString $JobPassword -AsPlainText -Force +$JobCredential = New-Object System.Management.Automation.PSCredential ($JobUserName, $secpasswd) +$relaxed=New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck +$sess=New-PSSession -ConnectionUri 'https://{exchangeserver}/powershell?serializationLevel=Full' -ConfigurationName 'Microsoft.Exchange' -AllowRedirection -Authentication Negotiate -Credential $JobCredential -SessionOption $relaxed  +Import-PSSession $sess +``` + +See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) +topic for instructions on enabling Remote PowerShell. + +## The Exchange Applet + +The Exchange Applet will run on the Exchange server by the ExchangePS Data Collector in the +following circumstances: + +- An actual Client Access Server (CAS) server is not specified either in the global configuration + (**Settings** > **Exchange** node) or on the Category page of the ExchangePS Data Collector Wizard +- Remote PowerShell has not been enabled for targeting Exchange 2010 + +The following Exchange Snap-in is used when the applet is utilized: + +- Add-pssnapin Microsoft.Exchange.Management.Powershell.E2010 + +## ExchangePS Query Configuration + +The ExchangePS Data Collector is configured through the ExchangePS Data Collector Wizard, which +contains the following wizard pages: + +- [ExchangePS: Category](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/category.md) +- [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) +- [ExchangePS: Scope by DB](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopedatabases.md) +- [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopemailboxes.md) +- [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfolders.md) +- [ExchangePS: Filter by Message](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/filtermessage.md) +- [ExchangePS: Mailbox Logons](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailboxlogons.md) +- [ExchangePS: Results](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md) +- [ExchangePS: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.md) +- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.md) +- [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) + +Available pages vary according to selections made throughout the wizard. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md new file mode 100644 index 0000000000..e3c83fc7e3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.md @@ -0,0 +1,9 @@ +# ExchangePS: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +of the categories. + +![ExchangePS Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.webp) + +Properties can be selected individually or the **Select All** and **Clear All** buttons can be used. +All selected properties will be gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md new file mode 100644 index 0000000000..05a40de64c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md @@ -0,0 +1,42 @@ +# ExchangePS: Scope + +The Scope page establishes how mailboxes are scoped. It is a wizard page for all of the categories. + +![ExchangePS Data Collector Wizard Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.webp) + +Available scoping options vary based on the category selected. Scoping options include: + +- No Scoping Target Host: Local Host – Returns all results for the entire targeted Exchange + Organization + + - If this option is selected, then the data collector should be run against the host specified + on the Summary page. See the [ExchangePS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md) topic for additional + information. + - When using the applet, the data collector gathers information about the Exchange Forest in + which the Access Analyzer Console currently resides + - For Remote PowerShell, the data collector gathers information about the Exchange Organization + to which the Remote PowerShell connection was made. This refers to the server entered in the + Client Access Server (CAS) field of the global configuration from the **Settings** > + **Exchange** node or on the this page. + +- Scope by Database Target Host: Local Host – Scope query to return results for specific databases. + If this option is selected, the Scope by Database page is enabled in the wizard. See the + [ExchangePS: Scope by DB](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopedatabases.md) topic for additional information. +- Scope by Mailbox Target Host: Local Host – Scope query to return results for specific mailboxes. + If this option is selected, the Scope by Mailboxes page is enabled in the wizard. See the + [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopemailboxes.md) topic for additional information. +- Scope by Server Target Host: Exchange MB Server – Scope query to return results for specific + servers selected in the job’s **Configure** > **Hosts** node + + - When using the applet, the data collector deploys a process to the targeted host to run the + PowerShell on that server + - For Remote PowerShell, the data collector does not deploy anapplet and utilizes the WinRM + protocol to gather information about the objects on that server. See the + [Remote PowerShell](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/overview#remote-powershell) and + [The Exchange Applet](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/overview#the-exchange-applet) topics for additional information. + +- Scope by Public Folder – Scope query to return results for specific Public Folders. If this option + is selected, the Scope by Public Folders page is enabled in the wizard. See the + [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfolders.md) topic for additional information. +- View entire forest when querying for objects – Select this checkbox to scan the entire forest when + querying for objects diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopedatabases.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopedatabases.md new file mode 100644 index 0000000000..f15ba88be7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopedatabases.md @@ -0,0 +1,18 @@ +# ExchangePS: Scope by DB + +The Scope by Databases page is used to define specific databases to search. This page is enabled +when **Scope by Database Target Host: Local Host** option is selected on the Scope page. See the +[ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) topic for additional information. + +When using the applet, the data collector returns databases for the Exchange Organization in which +the Access Analyzer Console currently resides, and only returns information about those databases. +For Remote PowerShell, the data collector returns databases for the Exchange Forest and only returns +information about those databases. + +![ExchangePS Data Collector Wizard Scope by Databases page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopedatabases.webp) + +Click **Retrieve** to return all databases in the Exchange Organization and populate them in the +Available Databases list. Select the desired databases from Available Databases and click **Add**. +The selected databases are added in the Selected Databases list. To remove undesired databases from +Selected Databases, select them and click **Remove**. The Select All and Clear All buttons can be +used for quick selection. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopemailboxes.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopemailboxes.md new file mode 100644 index 0000000000..ef20280ac4 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopemailboxes.md @@ -0,0 +1,18 @@ +# ExchangePS: Scope by Mailboxes + +The Scope by Mailboxes page is used to define specific mailboxes to search. This page is enabled +when the **Scope by Mailbox Target Host: Local Host** option is selected on the Scope page. See the +[ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) topic for additional information. + +When using the applet, the data collector will return mailboxes for the Exchange Forest in which the +Access Analyzer Console currently resides, and only return information about those mailboxes. For +Remote PowerShell, the data collector will return mailboxes for the Exchange Forest as well as +return information about those mailboxes. + +![ExchangePS Data Collector Wizard Scope by Mailboxes page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopemailboxes.webp) + +Click **Retrieve** to return all mailboxes in the Exchange Organization and populate them in the +Available Mailboxes list. Select desired mailboxes from the Available Mailboxes list and click +**Add**. The selected mailboxes are added in the Selected Mailboxes list. To remove undesired +mailboxes from Selected Mailboxes, select them and click **Remove**. The Select All and Clear All +buttons can be used for quick selection. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfolders.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfolders.md new file mode 100644 index 0000000000..03c28143f3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfolders.md @@ -0,0 +1,39 @@ +# ExchangePS: Scope by Public Folders + +The Scope by Public Folders page is used to define specific public folders to search. This page is +enabled when the **Scope by Public Folder** option is selected on the Scope page. See the +[ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) topic for additional information. + +Configure the **Scope** option using the drop-down. The available options are: + +- Selected Public Folder +- Selected Table + +The option selected changes how the public folders are identified for scoping. + +## Selected Public Folder + +The **Selected Public Folders** scope option retrieves all public folders in the Exchange +organization, populating them in the Available list. + +![ExchangePS Data Collector Wizard Scope by Public Folders page with Selected Public Folders option](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfolders.webp) + +The **Search** feature filters this list. Select the desired public folders and click **Add**. The +selected public folders are added to the Selected list. Use the **Remove** option to delete selected +public folders from the list. The Select All or Deselect All buttons can be used for quick +selection. Additional scoping options include: + +- Return only these folders – Audits only the selected public folders +- Return all children – Audits the selected public folders and all sub-folders +- Return only direct children – Audits the selected public folders and one folder deeper + +## Selected Table + +The **Selected Table** scope option populates the Available tables list with tables from the Access +Analyzer database. + +![ExchangePS Data Collector Wizard Scope by Public Folders page with Selected Table option](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp) + +The **Search** feature filters this list. Select the table that houses the list of public folders +for which this query will be scoped. The Field containing EntryIDs list is populated with columns +from the selected table. Select the appropriate column from the list. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md new file mode 100644 index 0000000000..958e1b0b37 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.md @@ -0,0 +1,10 @@ +# ExchangePS: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![ExchangePS Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the ExchangePS Data Collector Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/category.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/category.md new file mode 100644 index 0000000000..4651d091f5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/category.md @@ -0,0 +1,12 @@ +# ExchangePublicFolder: Category + +The Category page is used to select the objects to search. + +![Exchange Public Folder Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/category.webp) + +The ExchangePublicFolder Data Collector contains the following query categories: + +- Contents – Returns information on the contents of each folder within the scope +- Permissions – Returns permissions on the each folder within the scope +- Ownership – Returns trustees which have the owner permission role +- Replicas – Returns a listing for each folder within the scope, including the replicas diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/options.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/options.md new file mode 100644 index 0000000000..068faeb891 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/options.md @@ -0,0 +1,32 @@ +# ExchangePublicFolder: Options + +The Options page provides additional configuration options for the query. It is a wizard page for +all of the categories. Available options vary based on the category selected. + +![Exchange Public Folder Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/options.webp) + +The Options page contains the following options: + +- Process folders that physically reside on the target server only – This option will limit + extraction to only the subset of public folders which reside on this server when selected. Clear + this option if targeting the Exchange 2010 Public Folder Server. The ability to scope to the + targeted server is not available for Exchange 2010. The entire public folder hierarchy is + returned. +- Message size units: + + - KB + - MB + +- Include subfolders in message counters – This option is only available for the Contents category. + When this option is selected, it will include subfolders in message counters, according to the + Scope page settings. See the [ExchangeMetrics: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/scope.md) topic for + additional information. +- Large attachment threshold (Kb) – Configure the desired size limit for attachments. The default + value is 500. + +In the Attachment types section, configure attachment count types. + +- Count attachment types – Selecting this option enables the Content Types settings +- Add New – Add classifications and provide the file extensions for those classifications +- Load Defaults – Resets the **Attachment types** configuration to its original settings +- Remove – Deletes a selected classification from the filter list diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/overview.md new file mode 100644 index 0000000000..0e8bd44e81 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/overview.md @@ -0,0 +1,66 @@ +# ExchangePublicFolder Data Collector + +The ExchangePublicFolder Data Collector audits an Exchange Public Folder, including contents, +permissions, ownership, and replicas. This is a MAPI-based data collector which requires the +**Settings > Exchange** node to be enabled and configured. See the +[Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) topic for additional information. + +The ExchangePublicFolder Data Collector has been preconfigured within the Exchange Solution. Both +this data collector and the solution are available with a special Access Analyzer license. See the +[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. + +Protocols + +- MAPI +- RPC + +Ports + +- TCP 135 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Exchange Administrator group +- Organization Management + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## ExchangePublicFolder Query Configuration + +The ExchangePublicFolder Data Collector is configured through the Exchange Public Folder Data +Collector Wizard, which contains the following wizard pages: + +- Welcome +- [ExchangePublicFolder: Category](/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/category.md) +- [ExchangePublicFolder: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scope.md) +- [ExchangePublicFolder: Properties](/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/properties.md) +- [ExchangePublicFolder: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/options.md) +- [ExchangePublicFolder: Probable Owner](/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableowner.md) +- [ExchangePublicFolder: Summary](/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/summary.md) + +The query requires special permissions to connect to target Exchange servers. Configure these +permissions on the Welcome page. + +![Exchange Public Folder Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/welcome.webp) + +In the Connection Setting section, choose to either maintain the global inheritance, or configure +query specific settings. + +The **Use Global setting** option specifies what setting is being inherited. Clear this option to +break inheritance, and then select one of the following options: + +- System Attendant (2003 & 2007) +- Use the maibox associated with the Windows account that Access Analyzer is run with +- Exchange Mailbox (2010 and newer) – Enter the Exchange mailbox +- Client Access Server – Enter the CAS + +See the [Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) topic for additional information. + +In the Sampling server section, enter the Exchange server in the textbox to be used to test the +connection settings. Click **Test sampling server** to ensure there is access to the server. The box +at the bottom of the page displays information regarding the test connection in progress. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableowner.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableowner.md new file mode 100644 index 0000000000..4b6974bb39 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableowner.md @@ -0,0 +1,55 @@ +# ExchangePublicFolder: Probable Owner + +The Probable Owner Settings page provides configuration options to determine an owner. It is enabled +when the Probable Owner property is selected on the Properties page. See the +[ExchangePublicFolder: Properties](/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/properties.md) topic for additional information. + +![Exchange Public Folder Data Collector Wizard Probable Owner page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableowner.webp) + +In the Determine owner section, select the desired option to specify what setting to use to +determine an owner: + +- Determine owner from folder hierarchy – Select to determine the probable owner with a weight of + one hundred percent on file hierarchy +- Determine owner from content count – Select to determine the probable owner with a weight of one + hundred percent of content count +- Determine owner from content size – Select to determine the probable owner with weight of 100 + percent on content size +- Use custom weights – Select to enable the **Result weights** option to assign custom weights to + the ownership categories + + ![Probable Owner Settings window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp) + +- Result weights – This option is enabled when the **Use custom weights** option is selected. Click + the ellipses to open the Probable Owner Settings window and assign ownership weights to distribute + between the parameters. + +In the Exclusions section, select one or more of the following checkboxes to specify exclusions: + +- Exclude locked out users +- Exclude disabled users +- Exclude Zombie Owners +- Exclude users from analysis – Select this checkbox to enable the Exclude users list and add users + for exclusion. + + - Add user – Enter a user in the box and click **Add user** to add the user to the exclusion + list + - Import from file – Click **Import from file** to open the Import File Dialog page and browse + for a file to import + - Select from GAL – Click **Select from GAL** to select a user from the Global Address Book + - Clear list – Click **Clear list** to remove all users from the Exclude users list + - Remove selected – Select a user or users to remove from the Exclude users list and click + **Remove selected** to remove the users + +In the Output Options section, select the desired output option: + +- Get one most probable owner – Return one probable owner +- Get probable owners with relative deviation to the most probable owner – Return probable owners + based on the deviation from percentage from the most probable owner + + - Maximum deviation [number] percents – Use the arrow buttonss to enter the desired percent of + deviation from the most probable owner from which to return probable owners + +- Get multiple probable owners – Return multiple probable owners + + - Count – Use the arrow buttons to enter the desired number of probable owners to return diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/properties.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/properties.md new file mode 100644 index 0000000000..e4896fc9c5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/properties.md @@ -0,0 +1,16 @@ +# ExchangePublicFolder: Properties + +The Properties page is where properties that will be gathered are selected. It is a wizard page for +all of the categories. + +![Exchange Public Folder Data Collector Wizard Properties page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/properties.webp) + +Properties can be selected individually or you can use the **Select All**, **Clear All**, or **Reset +All** buttons. All selected properties will be gathered. The **Message Classes** button opens the +Message classes filters window. + +![Message classes filters window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp) + +The wildcard (`*`) returns all message class filters. Enter the name of a class filter and click +**Add** to add it to the list. **Delete** will remove the selected class filter from the list. The +**Load defaults** option will restore the class filter default settings. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scope.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scope.md new file mode 100644 index 0000000000..91262597d3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scope.md @@ -0,0 +1,70 @@ +# ExchangePublicFolder: Scope + +The Scope page is used to define which folders will be included will be searched by this query. It +is a wizard page for all of the categories. + +![Exchange Public Folder Data Collector Wizard Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scope.webp) + +In the Choose Type of Public Folders to be queried section, select either: + +- Default Public Folders – User can access these folders directly with client applications such as + Microsoft Outlook. In its default configuration, Exchange System Manager displays these folders + when a public folder tree is expanded. +- System Public Folders – Users cannot access these folders directly. Client applications, such as + Microsoft Outlook, use these folders to store information such as free and busy data, offline + address lists, and organizational forms. Other folders hold configuration information that is used + by custom applications or by Exchange itself. The Public Folders tree contains extra system + folders, such as the EFORMS REGISTRY folder, that do not exist in general-purpose public folder + trees. + +In the Choose Scope of Public Folders to be queried section, select one of the following options: + +- All Public Folders – Returns all public folders within the targeted environment +- Selected Public Folders – Returns only those public folders specified on the Scope page of the + query + + - See the [Scope to the Selected Public Folders](#scope-to-the-selected-public-folders) topic + for additional information + +- Selected Table – Returns only those public folders within the table and field name specified on + the Scope page of the query + + - See the [Scope to Selected Table](#scope-to-selected-table) topic for additional information. + +## Scope to the Selected Public Folders + +When Scope to **Selected Public Folders** is selected on the Scope page, the options to specify the +desired folders are enabled. + +![Scope page with Selected Public Folders option selected](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp) + +Configure the scope of the selected public folders to be queried: + +- Select public folders from – Enter the name of the server hosting the desired public folders and + click **Retrieve**. The box will populate with available public folders. +- Add – Adds the selected folders +- Add Recursive – Adds the selected folders and all child folders. Not adding recursive folders will + add only the selected folder without its child folders. +- Highlight selected host folders – Highlights all the folders that are physically housed on the + selected host. If enabled, physically housed folders show in bold text in the list that is + returned after clicking **Retrieve**. + +The selected public folders are added in the table at the bottom. Click **Remove** to delete a +selected word from the filter list. + +## Scope to Selected Table + +When Scope to **Selected Table** is selected on the Scope page, the options to specify the desired +tables are enabled. + +![Scope page with Selected Table option selected](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp) + +Configure the selected tables to be queried: + +- Table Name – retrieves the list of selected public folders from a Access Analyzer database table. + Click **Retrieve** to populate the Table name box with all available tables within the database. + + - The Table name box can be filtered by entering a name in the textbox and clicking **Retrieve** + +- Field name – Select the desired table and the available fields will populate the Field names box. + Select the field containing the public folder names. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/summary.md new file mode 100644 index 0000000000..cf29c0ddcd --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/summary.md @@ -0,0 +1,10 @@ +# ExchangePublicFolder: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all of the +categories. + +![Exchange Public Folder Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Exchange Public Folder Data Collector Wizard to ensure that no +accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/file/category.md b/docs/accessanalyzer/12.0/admin/datacollector/file/category.md new file mode 100644 index 0000000000..bac9b7a69e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/file/category.md @@ -0,0 +1,15 @@ +# File: Category + +Use the Category page to identify the type of information to retrieve in this query. + +![File Search Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/category.webp) + +The categories are: + +- Calculate Group Size (Files Only) – Scans of disk space for the amount used by files in each + folder location. This option scopes the query to files so that any information involving the + folders that hold the files is not retrieved. +- File or Folder Properties – Scans the target host for specific attributes and properties + associated with certain files and folders in the environment. This option is selected by default. +- File or Folder Permissions – Scans files or folders for permission settings and effective + permission results for both users and groups diff --git a/docs/accessanalyzer/12.0/admin/datacollector/file/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/file/overview.md new file mode 100644 index 0000000000..82e340b343 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/file/overview.md @@ -0,0 +1,46 @@ +# File Data Collector + +The File Data Collector provides file and folder enumeration, properties, and permissions. It is +used to find files and folders on a target host. The File Data Collector finds one or more files on +the target hosts. It can target any file extension. This data collector is a core component of +Access Analyzer and is available with all Access Analyzer licenses. + +**NOTE:** For enhanced file system data collections, use the +[FileSystemAccess Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/overview.md). + +Supported Platforms + +This data collector can target the same servers supported for the FileSystemAccess Data Collector. +See the [File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) topic for a +full list of supported platforms. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports +- Optional TCP 445 + +Permissions + +- Member of the Local Administrators group + +## File Query Configuration + +The **File** Data Collector is configured through the File Search Wizard, which contains the +following wizard pages: + +- Welcome +- [File: Category](/docs/accessanalyzer/12.0/admin/datacollector/file/category.md) +- [File: Target Files](/docs/accessanalyzer/12.0/admin/datacollector/file/targetfiles.md) +- [File: Results](/docs/accessanalyzer/12.0/admin/datacollector/file/results.md) +- [File: Summary](/docs/accessanalyzer/12.0/admin/datacollector/file/summary.md) + +![File Search Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/file/results.md b/docs/accessanalyzer/12.0/admin/datacollector/file/results.md new file mode 100644 index 0000000000..77c7f763e9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/file/results.md @@ -0,0 +1,31 @@ +# File: Results + +The Results page provides a list of available properties to be searched for and returned by the job +execution. The properties selected display as table columns in the results of the query. It is a +wizard page for all of the categories. + +![File Search Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/results.webp) + +Properties can be selected individually or in groups with the **Select All** or **Clear All** +buttons. The properties available vary based on the category selected. + +**NOTE:** When the **Calculate Group Size (Files Only)** category is selected, the properties and +options on the Results page are grayed out. + +- Disable properties that require opening file – Disables properties that require opening files that + trigger the last accessed date timestamp + + - This option is available for the **File or Folder Properties** category + +- Only return permissions for the following user(s) – Defines users for the query. Enter the desired + users in the textbox. + + - This option is available for the **File or Folder Permissions** category + +- Only return permissions for the following group(s) – Defines groups for the query. Enter the + desired users in the textbox. + + - This option is available for the **File or Folder Permissions** category + +- Size Units – Identifies the unit in which the values will be displayed. The options are: + **Bytes**, **Kb**, **Mb**, or **Gb**. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/file/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/file/summary.md new file mode 100644 index 0000000000..fb83b0e6d3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/file/summary.md @@ -0,0 +1,10 @@ +# File: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +![File Search Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the File Data Collector Wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/file/targetfiles.md b/docs/accessanalyzer/12.0/admin/datacollector/file/targetfiles.md new file mode 100644 index 0000000000..67d15cdf6d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/file/targetfiles.md @@ -0,0 +1,115 @@ +# File: Target Files + +The Target Files page provides filters to scope the data collection. This can provide better search +results for the specific folder or file. It is a wizard page for all of the categories. + +![File Search Wizard Target Files page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/targetfiles.webp) + +Within the Target files configuration page, select the desired method to refine the query. + +**NOTE:** Some options are grayed out depending on the option selected. + +Where is the file or folder? + +This section supplies options for using a fixed path (wildcards and system variables) or registry +lookup values that are supported by the data collector. This header is available for all Category +selections. + +For either option, enter the path in the text box or click the browse button (**…**) to select from +the popup windows. + +**CAUTION:** When selecting a **Fixed path**, avoid using file paths from network drives or from the +network neighborhoods which begin with `\\`. + +- Fixed path – Specify a specific path to the target files. Use the following format: + `drive\filepath` (for example, `C:\WINNT\System32`). The browse button (**…**) opens the Remote + Folder Explorer window. + + **NOTE:** Further information for the Fixed path option is provided by clicking the tooltip + button (**?**). + +- System environment variables – Supply a traditional system root or previously defined variable + that maps to a physical path within the file system. This is typically used when the system root + is installed on a secondary volume. The following are variables that can be entered at the + beginning of the file path: + + - `%SYSTEMROOT%\Temp` – Expands to `C:\WINNT\Temp` on some target hosts + - `%WibnDir%\System32` – Expands to `C:\WINDOWS\System32` on some target hosts + - `%ProgramFiles%` – Expands to `C:\Program Files` on some target hosts + +- Registry Lookup – Find registry keys and values that exist on a target host in the environment. + Click the browse button (**…**) to open the Access Analyzer Registry Browser window. + + - Access Analyzer Registry – Connect to a host, then select a registry key and path to be used + for the lookup by the query + + - Registry Value – This value is automatically populated from the registry key + - Levels – After a registry path has been selected, the Levels slider can be used to + truncate the path for the key value in the Adjust Path dialog box + - Current Value – Displays the type of data each registry value contains + - Query 32-bit View – Select this checkbox to query a 32-bit view + - Query 64-bit View – Select this checkbox to query a 64-bit view + + When a **Fixed path** or **Registry Lookup** is mapped, select options to better refine + the search. Select one, none, or both. + +- Include network drives – Includes all mapped shared drives in the network in the query + + **CAUTION:** Including subfolders may result in hundreds of thousands of files being returned + depending on the environment being targeted. + +- Include subfolders – Searches all subfolders within the environment + +What is the file or folder name? + +The options in this section limit the search to folders or files with a specified name against the +targeted host. When the **I am looking for folders** option is selected, more options become +available for further refinement. + +**NOTE:** The **I am looking for folders** option and it's associated options are unavailable +(grayed out) when the **Calculate Group Size (Files Only)** category is selected. + +- I am looking for files – Identifies files that exist on the target location and returning property + information on these files +- I am looking for folders – Identifies folders that exist on the target location and returning + property information on these folders + + - Include root folder in results – Returns all information within the root folder + - Only include root folder – Returns information only for the root folder. This checkbox is + enabled when the **Include root folder in results** checkbox is selected. + +- With this name – Specific name of a file or folder. A wildcard is used to match any file or folder + to a specific naming convention. When searching for multiple objects, use a semicolon (`;`) to + separate the objects in the list. + +Last Modification Time Filter + +Last Modification Time Filter is an additional filtration clause. It filters the information +provided in the **Where is the file or folder** and **What is the file or folder name** criteria by +a specific time frames. The following options are available: + +- None – No time filter is applied. This option is selected by default. +- Between – Manually enter start and end dates in the following format (`MM/DD/YYYY`) or use the + dropdown calendar to set the date. By default, the date range is set for the current day. Select + **Today** to set the filter to the current date or **Clear** to reset the dates to a blank box. +- Most recent file – Filter the selected criteria by the most recent files since last modification +- Oldest file – Filter the **With this name** and selected fixed path or registry value by the + oldest files available +- In the last – Filter the selected criteria for the specified number of desired **days** or + **hours** + +File Size Filter + +The File Size Filter option is only available when the **Calculate Group Size (Files Only)** +category is selected. Select an option to activate the filter and narrow the query. + +- None – No file size filter is applied. This option is selected by default. +- Below – Filter to files smaller than the specified values + + - Enter the number in the first text box and then select the size (**Bytes**, **Kb**, **Mb**, or + **Gb**) from the dropdown menu + +- Above – Filter to files larger than the specified values + + - Enter the number in the first text box and then select the size (**Bytes**, **Kb**, **Mb**, or + **Gb**) from the dropdown menu diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/activitysettings.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/activitysettings.md new file mode 100644 index 0000000000..60840f36d7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/activitysettings.md @@ -0,0 +1,90 @@ +# FSAA: Activity Settings + +The File System Activity Auditor Scan Filter Settings page is where activity scan filter settings +are configured. It is a wizard page for the category of File System Activity Scan. + +![FSAA Data Collector Wizard Activity Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/activitysettings.webp) + +In the Scan Filters section, choose from the following options: + +- Set Scan Filter for Detailed Activity – Enables the **Days** number box. Select the number of past + days for activity details to be collected. +- Set Filter for Statistics of Activity – Enables the **Days** number box. Select the number of past + days for activity statistics to be collected. + +In the Log Parsing Limits section, choose from the following option: + +- Number of Threads – Number of parsing threads FSAC can use at any given time. The default is four + threads. + +In the Scan Limit section, configure the following: + +- Set Log Processing Limit – Stops the scan after the set number of MB or GB of log files are + processed and the threshold number is reached + +These filters affect what data is collected from the activity logs. However, enabling these filters +also causes the corresponding bulk import query to purge the database of selected activity +information older than the time filter specified here. + +If either is left deselected, all available log files are collected and stored. This has a direct +impact on both scan time and database size. + +_Remember,_ the file activity options require the Activity Monitor to be deployed, configured, and +services running. + +In the Host Mapping section, configure the following: + +- Host Mapping – Provides a mapping between the target host and the hosts where activity logs + reside. Select **Configure Query** to open the File System Activity Scan Host Mapping page. This + feature requires advanced SQL scripting knowledge to build the query. See the + [Host Mapping](#host-mapping) topic for additional information. + +## Host Mapping + +If desired, enable the host mapping feature and select **Configure Query** to open the Host Mapping +Query window. + +![Host Mapping Query window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/hostmappingquery.webp) + +When the Enable host mapping checkbox is selected, the query textbox is enabled. The SQL query +provided by a user should return a set of log locations, target hosts, and host names of the +Monitored Hosts in the Activity Monitor. The target tables must reside within the Access Analyzer +database and contain at least the following columns: + +- LogLocation – Name of the hosts where activity logs reside. The required column name is case + sensitive and must be exactly `LogLocation`. +- HostName – Name of the configured HOST value in the Activity Monitor. The required column name is + case sensitive and must be exactly `HostName`. + + - Format must match exactly how the host is known to the Activity Monitor, on the Monitored Host + tab + +- Host – Name of the host being targeted in the FSAC scan and Bulk Import which the activity events + will be mapped to + +Enter the SQL query by clicking Sample Query then replacing the sample text in the textbox, as shown +above. The SQL query must target tables that have the required columns populated with the host +mapping. + +(Optional) Enter a host in the **Host parameter value (@host)** textbox to test the query to +retrieve the data for that host. + +Select **Test Query** to open a preview of the results in the Query Results window. Ensure that the +data being retrieved by the query is expected. When this option is selected, the data collector runs +against the target table. + +### Host-Agent Mapping + +Access Analyzer can be configured via the Host Mapping feature to support the use of Multiple +Activity Monitor Agents for a single targeted Host. See the examples below: + +Single-Host Single-Agent Example: + +![Query Results window for single agent example](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp) + +Single-Host Multiple-Agent Example: + +![Query Results window for multiple agent example](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp) + +**NOTE:** For multiple-agent setup, the configured Host Mapping table must have the same value for +HostName and Host, as shown in the Single-Host Multiple-Agent example. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md new file mode 100644 index 0000000000..28b3364f9b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md @@ -0,0 +1,122 @@ +# FSAA: Applet Settings + +The Applet Settings page is where the Applet Launch Mechanism and Applet Settings are configured. It +is a wizard page for the categories of: + +- File System Access/Permission Auditing Scan +- File System Activity Scan +- Sensitive Data Scan + +**NOTE:** This wizard page identifies options associated with the scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic for +additional information. + +![FSAA Data Collector Wizard Applet Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.webp) + +In the Applet Launch Mechanism section, choose one of three radio buttons: + +- MSTask Task Scheduler – Creates a scheduled task on the target host that runs the applet +- Windows Service – Automatically installs the FSAA Applet as a proxy service + - The Applet service runs as a Connection Profile credential unless the Local System checkbox is + selected in the Applet Settings options below. Then it runs the service in Local mode. +- Require applet to be running as a service on target (does not deploy or launch applet) + - See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md) + topic for additional information. + - It requires the `FSAAAppletServer.exe` to run as a service on the proxy host in order to run a + successful scan. When this radio button is selected, Access Analyzer does not deploy an applet + on the target or proxy machine. Therefore, if the File System Proxy service is not running, + the FSAA scan will fail. + - To avoid a failed scan when an applet cannot be deployed or the File System Proxy service is + not running, the Applet Gathering Settings page contains the **Fallback to local mode if + applet can’t start** option. This option allows the scan to run in local mode when an applet + cannot be deployed or the service is not running. + +![Applet Settings section of the Applet Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettingsappletsettings.webp) + +In the Applet Settings section, configure the following options: + +- Port number – Default port number is 8766 + - See + [Custom Parameters for File System Proxy Service](/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md#custom-parameters-for-file-system-proxy-service) + topic for additional information. +- Applet Log level – The type of log created on the target host. Checking the box to Enable Logging + enables the Applet log level drop-down menu. The **Set To Default** button resets the log level to + **Information**. + - Debug – Most verbose logging method, records everything that happens while the applet is + processing + - Information – Records the steps the applet takes while processing as well as errors and + warnings + - Warning – Record when the applet encounters both errors and warnings while processing + - Error – Least verbose logging method, only records when the applet encounters an error while + processing +- Keep log files for last [number] scan(s) – Data retention period. The default is set to **15**. +- Run service as Local System (only applies to Windows Service) + - When this checkbox is selected, the applet is deployed to run as a service on the target host. + The credentials in the Connection Profile are used to deploy and run the service unless + **System Default** is selected as the Connection Profile. + - This option is active when the Windows Service radio button in the Applet Launch Mechanism + section is selected +- Strong proxy affinity (only run scans on last proxy to scan host, unless no longer in proxy host + list) + - This is an optional setting when using proxy architecture + - If this checkbox is selected and a host was previously scanned with a given proxy, it will + only be rescanned with that same proxy. If that proxy is unreachable for any reason and no + connection can be made, Access Analyzer will not try another proxy on the host list and will + fail to scan that host. However, if that proxy is no longer on the host list, it will choose + another proxy on the list and rescan. + - If unchecked, proxy affinity is still considered, though rather than the scan failing if the + proxy is unreachable, a new proxy will be chosen and will scan the host + - If a host has not yet been scanned by a proxy server, the data collector should choose the + least loaded proxy at that time. After that host has been scanned, it will follow the proxy + affinity mapped out above. +- Maximum concurrent scans [number] – This option dictates a set limit to the number of simultaneous + scans allowed to run on a proxy host regardless of max threads set on the job + - For example, if there are two proxy servers with max concurrent scans set to ten per proxy and + one proxy is offline, the remaining proxy should never exceed the value set in the query + configuration for this option, even if the job is configured with 20 threads +- Strong proxy affinity timeout [number] minute(s) – This option determines the time a host waits, + while the proxy server is busy, before it gets pushed into the job engine queue +- Applet communication timeout: [number] minute(s) – This option determines the length of time (in + minutes) the Access Analyzer Console attempts to reach the proxy before giving up. Depending on + the job configuration, the data collector behaves in one of three ways after the timeout value has + been exceeded: + - If a communication timeout is reached and the **Stop scan on applet communication timeout** + option is unchecked, the scan continues running. When the proxy is available again, the data + collector gets the database files on the next scan of that host. It will either bring the + database files back, if the scan has finished, or display the current state of the scan in a + **Running Job** node if it is still running. + - If the communication timeout is reached and the **Stop scan on applet communication timeout** + option is checked, the remote scan is either automatically suspended or canceled. If the + **Restart incomplete scans after (0 always restarts) [number] days** option or the **Rescan + unimported hosts after (0 always rescans) [number] days** option on the Applet Gathering + Settings page are both set to zero or unchecked, the scan cancels. + - If either of these options on the Applet Gathering Settings page are checked with values + higher than zero, the scan is suspended after the communication timeout value has been + exceeded +- Scan cancellation timeout: [number] minute(s) – When checked, this option will timeout the applet + if there is an attempt to pause the scan and the applet does not respond + +![Certificate Exchange Options section of the Applet Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp) + +In the Certificate Exchange Options section, configure the following options: + +- Mechanism – Select one of the following options: + + - Automatic – Certificate exchange is handled automatically by the FSAA Data Collector. This is + the default option. + - Manual – The FSSA Data Collector and applet server expect all certificates to be valid and in + their respective stores beforehand. See the + [FSAA Manual Certificate Configuration](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/manualcertificate.md) topic for additional + information. + + **NOTE:** If the FSAA Data Collector and the applet server are on separate domains without a + trust, this option must be used. + + - Provide Certificate Authority – Enables the **Select** button, which allows you to upload an + existing certificate + +- Port – Select the checkbox to specify the port number for certificate exchange. The Default port + number is 8767. + +See the [FSAA Applet Certificate Management Overview](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/certificatemanagement.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/azuretenantmapping.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/azuretenantmapping.md new file mode 100644 index 0000000000..931da65aaf --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/azuretenantmapping.md @@ -0,0 +1,23 @@ +# FSAA: Azure Tenant Mapping + +The Azure Tenant Mapping page is where the target domain or Tenant ID are configured for Azure +Information Protection (AIP) scanning. It is a wizard page for the categories of: + +- File System Access/Permission Auditing Scan +- File System SDD Scan + +Remember, select the **Enable scanning of files protected by Azure Information Protection** checkbox +on the [FSAA: Scan Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.md) page to enable this page in the data collector wizard. +In order for FSAA to scan files protected by AIP, ensure that the prerequisites are met and an Azure +Connection Profile is successfully created. See the +[Azure Information Protection Target Requirements](/docs/accessanalyzer/12.0/requirements/target/config/azureinformationprotection.md) +topic for additional information on configuring the File System solution to scan for AIP labels. + +![FSAA Data Collector Wizard Azure Tenant Mapping page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/azuretenantmapping.webp) + +Populate this page with the App ID (created during prerequisites) and a domain name or Tenant ID for +an Azure environment. These values must be associated with each application ID in the Azure +Connection Profile. + +Use the **Add** and **Remove** buttons and manually enter or **Paste** into the textbox the required +information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/bulkimport.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/bulkimport.md new file mode 100644 index 0000000000..9dd3038454 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/bulkimport.md @@ -0,0 +1,14 @@ +# FSAA: Bulk Import Settings + +The Bulk Import Settings page is where the bulk import process settings are configured. It is a +wizard page for the categories of: + +- Bulk Import File System Access/Permission Auditing +- Bulk Import File System Activity +- Bulk Import Sensitive Data + +![FSAA Data Collector Wizard Bulk Import Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/bulkimport.webp) + +Select the **Import incomplete scan data** checkbox to enable imports of partial scan data. If the +scan is stopped before successful completion, this option must be checked in order to bulk import +the data from a partially scanned host. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/certificatemanagement.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/certificatemanagement.md new file mode 100644 index 0000000000..b0f3aee546 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/certificatemanagement.md @@ -0,0 +1,61 @@ +# FSAA Applet Certificate Management Overview + +Communication between the FSAA Data Collector and the FSAA Applet is secure by default using HTTPS. +For authentication, at least three certificates are required and need to be stored in the correct +certificate store managed by the FSAA Data Collector. These three certificates are: + +- The certificate authority (stored in the FSAA Certificate Authority Store) +- The server certificate (stored in the FSAA Server Certificate Store) +- The client certificate (stored in the FSAA Client Certificate Store) + +**NOTE:** The FSAA Data Collector and Applet server support certificates in both the user’s +certificate store and the computer’s certificate store. It is recommended to store certificates in +the user's certificate store that is running the FSAA Data Collector or Applet server because +administrative access is required for the computer's certificate store. When certificates are +generated using the Automatic option below, they are stored in the user’s certificate store. + +![Certificate Exchange Options section of the Applet Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp) + +There are three Certificate Exchange Options provided by the FSAA Data collector: + +- Automatic (Default Option) – The creation of a self-signed certificate and certificate exchange + between the FSAA Data Collector and Applet are handled entirely by the FSAA Data Collector and + Applet server + + - The self-signed CA generated will be valid for two years and the FSAA Data Collector and + Applet server will also manage expired certificates and remove certificates that are no longer + valid from the FSAA stores + +- Manual – The FSAA Data Collector will expect all certificates to be valid and in their respective + certificate stores prior to running a scan + + - To create and store certificates, the `FSAACertificateManager.exe` tool can be used. This + application was created to simplify the process of creating certificates and will store the + certificates in the location that the FSAA Data Collector and Applet server expect them to be + stored. See the [FSAA Manual Certificate Configuration](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/manualcertificate.md) topic for + additional information. + + The `FSAACertificateManager.exe` tool is located in the + `StealthAUDIT\PrivateAssemblies\FILESYSTEMACCESS\Applet` directory. For complete + instructions and examples on how to use the tool, run `FSAACertificateExchangeManager.exe` + with the `-help` command. + + **NOTE:** If the FSAA Data Collector and Applet are on separate domains without a trust, this + option must be used. + +- Provide Certificate Authority – The certificate exchange process is the same as with the Automatic + option. However, instead of creating a self-signed certificate, the FSAA Data Collector uses a + certificate you provide through the FSAA Data Collector Wizard. The provided certificate is stored + in the FSAA Certificate Authority Store. + + **NOTE:** If the provided certificate is not self-signed as the Certificate Authority, the root + certificate and the Certificate Authority’s certificate chain must also be stored in the FSAA + Certificate Authority Store on both the client and server hosts. + + **CAUTION:** The FSAA Applet does not support password-protected certificates. Certificates + generated when the Automatic option is selected have no password. When manually creating a + certificate for use with the FSAA Applet the password parameter should be omitted. + +Additionally, the port used for secure certificate exchange can be configured by selecting the +Specify certificate exchange port checkbox on the Applet Settings page of the FSAA Data Collector +Wizard. The default port is 8767. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions.md new file mode 100644 index 0000000000..e4e379dc59 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions.md @@ -0,0 +1,17 @@ +# FSAA: Default Scoping Options + +The Default Scoping Options page is where scan settings, file details, and file properties settings +can be configured for every resource in the targeted environment by the data collector. The settings +assigned on this page are used by all resources involved in the scan. It is a wizard page for the +categories of: + +- File System Access/Permission Auditing Scan +- Sensitive Data Scan + +![FSAA Data Collector Wizard Default Scoping Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.webp) + +See the Scoping Options tab setting topics to target individual resources for the scan: + +- [Scan Settings Tab](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md) +- [File Details Tab](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md) +- [File Properties (Folder Summary) Tab](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md new file mode 100644 index 0000000000..0bcc9d75a5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md @@ -0,0 +1,46 @@ +# File Details Tab + +The File Details tab allows configuration of settings for file detail collection. + +![FSAA Data Collector Wizard Default Scoping Options page File Details tab](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp) + +Select the desired settings for additional scoping: + +- Scan file-level details – Turns on file-level scanning and collects a full list of files, file + size, last modified, and last accessed +- Scan file permissions – Turns on file permission scanning and collects a full list of who has + access to which files + +File tag metadata collection + +- Collect tags/keywords from file metadata properties – Enables the collection of file Microsoft + Office metadata tags and stores the tags into the tables when the **Scan file-level details** + checkbox and the **Collect File Metadata Tags** checkbox are selected on the page. It only scans + the files that satisfy the scan filter settings. +- Include offline files – Include offline files in the scan +- Only collect tags/keywords with the following comma-separated values (case-insensitive) – Collects + tags from the files and stores the tags into the tables. Filters results to only collect from + files with extensions matching to the list of file types entered. + - This option is enabled when the **Scan file-level details** and the **Collect tags/keywords + from file metadata properties** checkboxes are selected. + +The FSAA scan collects the tags from the files and stores the information at the folder level, which +provides a count for the number of occurrences of each tag. + +Scan filter settings + +The Scan filter settings options are enabled if the **Scan file-level details** checkbox is +selected. + +- Only files larger than [number] [size unit] – Filters the results to only collect file data on + files larger than the set value. If this option is not set, all file sizes are collected. +- Only files last modified more than [number] [time period] ago – Filters results to only collect + file data on files modified older than the set value +- Only files last modified less than [number] [time period] ago – Filters results to only collect + file data on files modified younger than the set value +- Only files matching one of these comma-separated types (without leading dots) – Filters results to + only collect files with extensions matching to the list of file types entered. If this option is + not set, all file types are collected. + +**CAUTION:** Be careful when configuring these settings. If no filters are applied when file detail +scanning has been enabled, it can result in returning large amounts of data to the database. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md new file mode 100644 index 0000000000..9e57b955a8 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md @@ -0,0 +1,28 @@ +# File Properties (Folder Summary) Tab + +The File Properties (Folder Summary) tab is where file property collection settings for the scan is +configured. + +![FSAA Data Collector Wizard Default Scoping Options page File Properties (Folder Summary) tab](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp) + +- Scan for probable owners – Gathers file ownership information to determine the most probable owner + of every resource + - Limit maximum number of probable owners to return per folder [number] – Stops the collection + of probable owners when the number provided is reached +- Scan for File Types – Gathers file type information within the audited folders + - Limit maximum number of file types to return per folder [number] – Stops the collection of + file types when the number provided is reached per folder + - Only return file types with these comma-separated values (without leading dots) – Enter the + file types that will be returned from the scan. Any types not provided are ignored. +- Collect tags/keywords from file metadata properties (this may significantly increase scan times) – + Scans the files and collects metadata tags from Microsoft Office files + - Include offline files – Scans network files that have the offline files feature enabled + - Include AIP Protected Files – Scans for files protected by Azure Information Protection (AIP) + that have protection labels + - This option is only available when the Enable scanning of files protected by Azure + Information Protection checkbox is enabled on the Scan Settings page + - Only collect tags/keywords with these comma-separated values (case-insensitive) – scopes the + scan to only collect tags from the files with the tags specified by comma-separated values + +The FSAA scan collects the tags from the files and stores the information at the folder level, which +provides a count for the number of occurrences of each tag. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md new file mode 100644 index 0000000000..2ee70a54a6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md @@ -0,0 +1,65 @@ +# Scan Settings Tab + +The Scan Settings tab allows configuration of data collection settings. + +![FSAA Data Collector Wizard Default Scoping Options page Scan Settings tab](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.webp) + +The Scan Settings tab has the following configurable options: + +- Limit returned subfolder depth to: [number] level – Value indicates the depth of the scan + + - Higher numbers increases scan time but return more thorough data + +- Exclude snapshot directories on NetApp server – Excludes folders on NetApp Filers that begin with + ~snapshot +- Exclude system shares – Part of the OS that most users don’t have access to so its hidden by + Microsoft +- Exclude hidden shares – Excludes shares with names ending with $ +- Last Access Time (LAT) preservation – Preserves Data Access timestamp attribute on files that are + scanned for Metadata tags and sensitive data + + - Warn if unable to preserve Last Access Time – Scan throws a warning if the LAT cannot be + preserved. The file is still scanned unless the Skip file if unable to preserve Last Access + Time checkbox is also selected. + - Skip file if unable to preserve Last Access Time – Scan skips the file if the LAT cannot be + preserved + +Selecting the **Last Access Time (LAT) preservation** checkbox enables the **Action on failure to +enable LAT preservation** and **Action on changed LAT after scan** dropdown menus. + +![Action on failure to enable LAT preservation dropdown options](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp) + +- Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to enable + an operating system feature to preserve the LAT when accessing the file. This operation may fail + for a variety of reasons, which include but are not limited to: the operating system or file + system where the file is located does not support LAT preservation, or insufficient permissions + from the service account trying to access the file. The following configuration addresses a + failure to enable the LAT preservation mode: + + - Continue to scan file silently – FSAA scans the file with the possibility that LAT + preservation is not possible. No warning will be shown. + - Continue to scan file with warning – FSAA scans the file with the possibility that LAT will + not be preserved. A warning will be shown for this file. + - Skip file silently – FSAA will not scan the file. No warning will be shown. + - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating the + file was skipped. + - Abort the scan – FSAA will abort the scan. No further files will be processed. + +![Action on changed LAT after scan dropdown options](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp) + +- Action on changed LAT After scan – Before scanning each file, the LAT of the current file is + recorded. After scanning, it is verified whether the LAT has changed since then (likely scenarios + are either that the LAT preservation mechanism failed to function as intended, or that the file + was accessed by someone while the scan was occurring). The following configuration addresses a + changed LAT: + + - Continue scan silently – The scan will move on to the next file while updating the LAT for the + processed file. No warning will be shown. + - Continue scan with warning – The scan will continue on to the next file. LAT will be updated + for the processed file. A warning will be shown. + - Force-reset file LAT silently – The scan will reset the file's LAT to its original state + before processing. No warning will be shown. The scan will proceed to the next file. + - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original state + before processing. A warning will be shown. The scan will proceed to the next file. + - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No + other files will be processed diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/manualcertificate.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/manualcertificate.md new file mode 100644 index 0000000000..77768b06da --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/manualcertificate.md @@ -0,0 +1,178 @@ +# FSAA Manual Certificate Configuration + +To create and store the certificates needed to set up FSAA scans using manual certificate exchange, +use the `FSAACertificateManager.exe` tool. The `FSAACertificateManager.exe` tool is located in the +`StealthAUDIT\PrivateAssemblies\FILESYSTEMACCESS\Applet` directory. All commands in the tool are +case-sensitive. + +Follow the steps to use the tool to create and store the required certificates. + +**NOTE:** In these steps, some commands need to be run on the Access Analyzer console and some on +the Proxy host. In the provided example commands: + +- All files that are generated by the Certificate Manager or copied to the Access Analyzer console + are placed in the `%SAInstallDir%\PrivateAssemblies\FILESYSTEMACCESS\Applet\My Certificates` + directory. This folder is created by the tool if it does not already exist. +- When operating on the proxy host, files are placed into the root of the **FSAA** folder + +_Remember,_ all commands in the `FSAACertificateManager.exe` tool are case-sensitive. + +**Step 1 –** Create a Certificate Authority (CA). The CA is a self signed certificate that will be +used to sign the client and server certificates. On the Access Analyzer console, run the following +command: + +``` +.\FSAACertificateManager.exe -createCertificate -subjectDN CN=FSAA CA NEAConsole.my.domain.com -purpose CertificateAuthority -friendlyName FSAA_CA -outputPath ".\My Certificates" -name MyFSAACA +``` + +- Replace the Common Name (CN) in this example command (`FSAA CA NEAConsole.my.domain.com`) with a + unique and descriptive name +- The output file is stored at the specified output path `.\My Certificates` + +The following message is returned when the command completes successfully: + +``` +Successfully wrote certificate to .\My Certificates\MyFSAACA.pfx +``` + +**Step 2 –** Create a client certificate using the CA from the previous step. On the Access Analyzer +console, run the following command: + +``` +.\FSAACertificateManager.exe -createCertificate -issuer ".\My Certificates\MyFSAACA.pfx" -subjectDN CN=NEAConsole.my.domain.com -purpose ClientAuth -subjectAlternativeNames NEAConsole -friendlyName FSAA_Client_Auth -outputPath ".\My Certificates" -name MyFSAAClientCert +``` + +- Replace the CN (`NEAConsole.my.domain.com`) with the fully qualified domain name (FQDN) of your + Access Analyzer console +- Replace the alternate subject name (`NEAConsole`) with the short name for the Access Analyzer + console +- The output file is stored at the specified output path `.\My Certificates` + +The following message is returned when the command completes successfully: + +``` +Successfully wrote certificate to .\My Certificates\MyFSAAClientCert.pfx +``` + +**Step 3 –** Store the CA in an FSAA managed certificate store. As the user that runs the Access +Analyzer console, run the following command on the Access Analyzer console: + +``` +.\FSAACertificateManager.exe -storeCertificate -certificate ".\My Certificates\MyFSAACA.pfx" -store CertificateAuthority -location CurrentUser +``` + +The following message is returned when the command completes successfully: + +``` +Successfully added FSAA_CA to CertificateAuthority +``` + +**Step 4 –** Store the client certificate in an FSAA managed certificates store. As the user that +runs the Access Analyzer console, run the following command on the Access Analyzer console: + +``` +.\FSAACertificateManager.exe -storeCertificate -certificate ".\My Certificates\MyFSAAClientCert.pfx" -store Client -location CurrentUser +``` + +The following message is returned when the command completes successfully: + +``` +Successfully added FSAA_Client_Auth to Client +``` + +**Step 5 –** Convert the CA from a PFX file to a CER file. On the Access Analyzer console, run the +following command: + +**NOTE:** This conversion to a CER file is necessary so that the private key of the CA is not +shared. + +``` +.\FSAACertificateManager.exe -createCER -certificate ".\My Certificates\MyFSAACA.pfx" -outputPath ".\My Certificates" -name MyFSAACA +``` + +The following message is returned when the command completes successfully: + +``` +Successfully wrote CER certificate to .\My Certificates\MyFSAACA.cer +``` + +**Step 6 –** Copy `FSAACertficateManager.exe` and the CA CER file (`.\My Certificates\MyFSAACA.cer`) +to the proxy host that will be running `FSAAAppletServer.exe`. These files must be copied to the +same directory. + +**NOTE:** These copied files will be deleted from the destination directory later in Step 12. + +**Step 7 –** Generate the server certificate signing request and key on the Proxy host. On the proxy +host, run the following command out of the FSAA folder where the `FSAACertificateManager.exe` was +copied to: + +``` +.\FSAACertificateManager.exe -createCertificateSigningRequest -subjectDN CN=proxy01.my.domain.com -subjectAlternativeNames Proxy01 -outputPath . -name Proxy01 +``` + +- Replace the CN (`proxy01.my.domain.com`) with the FQDN of the proxy host +- Replace the alternate subject name (`proxy01`) with the short name for the proxy host +- The generated certificate signing request and key are stored in the same directory as + `FSAACertificateManager.exe` on the proxy host + +The following message is returned when the command completes successfully: + +``` +Successfully wrote certificate signing request to .\Proxy01.csr +Successfully wrote certificate key to .\Proxy01.key +``` + +**Step 8 –** Store the CA on the proxy host in an FSAA managed certificate store. As the user that +runs the proxy scanner (`FSAAAppletServer.exe`), run the following command on the proxy host: + +``` +.\FSAACertificateManager.exe -storeCertificate -certificate .\MyFSAACA.cer -store CertificateAuthority -location CurrentUser +``` + +The following message is returned when the command completes successfully: + +``` +Successfully added FSAA_CA to CertificateAuthority +``` + +**Step 9 –** Complete the server certificate signing request on the Access Analyzer console. Copy +the CSR file from the proxy host to the **My Certificates** directory on the Access Analyzer console +(where the original CA PFX file is located), then run the following command on the Access Analyzer +console: + +``` +.\FSAACertificateManager.exe -completeCertificateSigningRequest -certificateSigningRequest ".\My Certificates\Proxy01.csr" -purpose ServerAuth -issuer ".\My Certificates\MyFSAACA.pfx" -days 365 -outputPath ".\My Certificates" -name Proxy01 +``` + +The following message is returned when the command completes successfully: + +``` +Successfully completed certificate signing request to .\My Certificates\Proxy01.cer +``` + +**Step 10 –** Store the server certificate on the proxy host in an FSAA managed certificate store. +Copy the Proxy CER file back to the proxy host from the Access Analyzer console. Then, as the user +that runs the proxy scanner (`FSAAAppletServer.exe`), run the following command on the proxy host: + +``` +.\FSAACertificateManager.exe -storeCertificate -certificate .\Proxy01.cer -key .\Proxy01.key -friendlyName FSAA_Server_Auth -store Server -location CurrentUser +``` + +The following message is returned when the command completes successfully: + +``` +Successfully added FSAA_Server_Auth to Server +``` + +**Step 11 –** Repeat Steps 6-10 for each proxy host. + +**Step 12 –** Delete all the PFX, CER, and Key files that were generated or copied in the above +steps from the output locations. + +All of the required FSAA certificates have been stored in the FSAA managed certificate stores. The +FSAA queries need to be configured to use the **Manual** certificate exchange option. This option +can be found under Applet Settings in the FSAA Data Collector Wizard. See the +[FSAA: Applet Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md) topic for additional information. + +For additional information on how to use the `FSAACertificateManager.exe` tool, run the +`.\FSAACertificateManager.exe -help` command. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/overview.md new file mode 100644 index 0000000000..7badb292b0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/overview.md @@ -0,0 +1,50 @@ +# FileSystemAccess Data Collector + +The FileSystemAccess (FSAA) Data Collector collects permissions, content, and activity, and +sensitive data information for Windows and NAS file systems. The FSAA Data Collector has been +preconfigured within the File System Solution. Both this data collector and the solution are +available with a special Access Analyzer license. See the +[File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) topic for additional information. + +Protocols + +- Remote Registry +- WMI + +Ports + +- Ports vary based on the Scan Mode Option selected. See the + [File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic for + additional information. + +Permissions + +- Permissions vary based on the Scan Mode Option selected. See the + [File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) topic for + additional information. + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By default, SDD scans are +configured to run two concurrent threads. For example, if the job is configured to scan 8 hosts at a +time with two concurrent SDD threads, then an extra 32 GB of RAM are required (8x2x2=32). + +## FSAA Query Configuration + +The FSAA Data Collector is configured through the File System Access Auditor Data Collector Wizard. +The wizard contains the following pages, which change based up on the query category selected: + +- [FSAA: Query Selection](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselection.md) +- [FSAA: Applet Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md) +- [FSAA: Scan Server Selection](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scanserverselection.md) +- [FSAA: Scan Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.md) +- [FSAA: Azure Tenant Mapping](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/azuretenantmapping.md) +- [FSAA: Activity Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/activitysettings.md) +- [FSAA: Default Scoping Options](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions.md) +- [FSAA: Scoping Options](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptions.md) +- [FSAA: Scoping Queries](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueries.md) +- [FSAA: Sensitive Data Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/sensitivedatasettings.md) +- [FSAA: SDD Criteria Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/sddcriteria.md) +- [FSAA: Bulk Import Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/bulkimport.md) +- [FSAA: FSAA Update Service Setting](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/updateservicesettings.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselection.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselection.md new file mode 100644 index 0000000000..9c4de6548c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselection.md @@ -0,0 +1,96 @@ +# FSAA: Query Selection + +The FSAA Data Collector Query Selection page contains the following query categories, sub-divided by +auditing focus: + +![FSAA Data Collector Wizard Query Selection page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselection.webp) + +- The File System Access/Permission Auditing options scan hosts for file system information, and + there are two categories to choose from: + + - Scan – Scans file systems for permission information, ownership, and content profiling + - Bulk import– Imports access scan data into the SQL database + +- The File System Activity options runs user and group activity and inactivity related queries based + on FSAC data, and there are two categories to choose from: + + - Scan – Performs file system activity scan for the target host + - Bulk import – Imports File System Activity scan data into the SQL database + +- The Sensitive Data options scan hosts for sensitive data, and there are two categories to choose + from: + + - Scan – Scans file system content for sensitive information + - Bulk import – Imports SDD scan data into the SQL database + +- The DFS options collect Distributed File System information, and there is one category: + + - Scan and import – Collects Distributed File System information + + **NOTE:** Starting with v8.1, DFS Audits are completed with a streaming method and do not + require a bulk import query following the scan query. + +- The Azure options collects Azure Files storage account information, and there is one category: + + - Scan and import – Collects Azure Files storage account information. The instant job + preconfigured to use this query category must be used. See the + [FS_AzureTenantScan Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/fs_azuretenantscan.md) topic + for additional information. + +- The Maintenance options perform maintenance for the FSAA Data Collector, and there are three + categories to choose from: + + - Remove scan executables and data – Removes file system access audit scan applet and data from + the remote server + - Upgrade proxy service – Update FSAA binaries for hosts running the File System Proxy Service + + **NOTE:** The Upgrade proxy service category only applies to updating a v8.0+ File System + Proxy installation to a newer version. Manual updating is necessary for v7.x File System + Proxy installations. + + - Remove Host Data – Removes host from all SQL tables created by the FSAA Data Collector and + deletes StrucMap (removes host assigned to job where query exists) + +_Remember,_ the Sensitive Data category options require the Sensitive Data Discovery Add-On to be +installed on the Access Analyzer Console before the FSAA Data Collector can collect sensitive data. + +Once a query scan using the FSAA DC has been executed, the **Maintenance** button is enabled to +allow troubleshooting of scan errors that may have occurred. + +**CAUTION:** Do not use the Maintenance button unless instructed by +[Netwrix Support](https://www.netwrix.com/support.html). It is possible to cause corruption of the +database and loss of data to occur. + +## Maintenance Wizard + +The Maintenance Wizard is opened by clicking the **Maintenance** button on the Query Selection page +of the FSAA Data Collector Wizard. You can use the wizard to reset hosts or repair file system data +errors. + +![Maintenance Wizard Maintenance Selection page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maintenancewizardselection.webp) + +The Maintenance Selection page allows you to select the type of maintenance to be performed: + +- Reset Hosts – Resets the Access GUID column value in the SA_FSAA_Hosts table for the Hosts + selected. Allows data to be bulk imported when there is a GUID mismatch. +- Repair – Resets the MinResourceID and MinTrusteeID column values to 0. Removes duplicate and data + consistency issues, including resources with nonexistent parents. Deletes StrucMap database. + +Select the required option and click **Next**. The subsequent wizard page is determined by the +selection made. + +- If Reset Hosts was selected, the Reset Hosts page displays: + + ![Maintenance Wizard Reset Hosts page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maintenancewizardresethosts.webp) + + Select the desired hosts to reset the SQL data for, and click **Reset Hosts** to perform the + maintenance. + +- If Repair was selected, the Repair Tool page displays: + + ![Maintenance Wizard Repair Tool page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maintenancewizardrepair.webp) + + Select the desired hosts to repair the SQL data for, and click **Run** to perform the + maintenance. + +Click **Finish** to close the wizard when you have completed the required maintenance. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scanserverselection.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scanserverselection.md new file mode 100644 index 0000000000..83cdd12332 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scanserverselection.md @@ -0,0 +1,57 @@ +# FSAA: Scan Server Selection + +The Scan Server Selection page is where the server that executes the scan is configured. It is a +wizard page for the categories of: + +- File System Access/Permission Auditing Scan +- File System Activity Scan +- Sensitive Data Scan + +![FSAA Data Collector Wizard Scan Server Selection page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scanserverselection.webp) + +Using the radio buttons, select where the execution of the applet will take place: + +- Automatic (Local for NAS device hosts, Remote for Windows hosts) – Applet is deployed to all + targeted Windows servers. Other targeted devices, for example NAS, are scanned locally by the + Access Analyzer Console server. + + - The scan identifies Windows servers through the host inventory field OSType + +- Local Server – Assigns all scanning to the Access Analyzer Console server +- Specific Remote Server – Assign a specified server for scanning by entering a server name in the + textbox. This option uses proxy architecture and requires the targeted server to have the File + System Proxy deployed. + + - See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md) + topic for additional information + +- Specific Remote Servers by Host List – Assign hosts from a custom created host list for scanning. + This option uses proxy architecture and requires the targeted servers to have the File System + Proxy deployed + + - See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md) + topic for additional information + + ![Select Host Lists window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/selecthostlists.webp) + +- Select Host Lists – Opens the Select Host Lists window displaying all the available hosts to + choose from. If more than one list is selected, scanning is distributed across each host. + +**_RECOMMENDED:_** + +It is best practice in global implementations to utilize a specific remote server or proxy scanner +that is located in the same data center as the target hosts. This is particularly beneficial if the +Access Analyzer Console server is in a different data center. See the +[Proxy Scanning Architecture](/docs/accessanalyzer/12.0/install/filesystemproxy/overview.md#proxy-scanning-architecture) +topic for additional information. + +In the bottom section, the checkbox options affect the execution of the applet: + +- Fallback to local mode if applet can't start – If the applet cannot be deployed on the target + host, it is deployed locally on the same server as the Access Analyzer Console and the scan + collects data across the network +- Run remote applet with normal priority (non-proxy applet server uses background priority by + default) – Select this option to run the applet with normal priority. Running at low-priority + allows other normal priority applications to take precedent over the scan when consuming + processing power and system resources. Running at low priority allows the scan to run with little + or no impact on the applet host. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.md new file mode 100644 index 0000000000..985ade774a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.md @@ -0,0 +1,141 @@ +# FSAA: Scan Settings + +The Scan Settings page is where additional scan protocols and settings are configured. It is a +wizard page for the categories of: + +- System Access/Permission Auditing Scan +- Sensitive Data + +![FSAA Data Collector Wizard Scan Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.webp) + +In the Scan Protocols section, select the desired checkboxes for including certain types of shared +folders: + +- Scan Windows (SMB/CIFS) shares – Includes types of Windows and NAS shares +- Scan NFS exports (shares) – Includes this type of UNIX and NAS shares + +In the middle section, select the desired checkboxes for additional settings: + +- Enable file system scan streaming – Sends the streamed data directly to the Access Analyzer + database. A bulk import query is not required when this option is selected +- Enable scanning of files protected by Azure Information Protection – Adds additional options to + this wizard to scan for protection labels and encrypted files for sensitive data + + - See the + [Azure Information Protection Target Requirements](/docs/accessanalyzer/12.0/requirements/target/config/azureinformationprotection.md) + for additional information. + +- Use SQL query to manually specify shares – For advanced SQL users. This option provides a least + privileged model for enumerating shares. It bypasses share permission requirements and eliminates + the need for the Connection Profile credentials to have local Administrator or Power User + permissions. Click **Configure Query** to open the Manual Shares Query window. See the + [Enable the Use SQL Query to Manually Specify Shares](#enable-the-use-sql-query-to-manually-specify-shares) + topic for additional information. +- NetApp communication security – This option provides the ability to choose levels of encryption + and authentication applied during Access Auditing scans of NetApp devices + + ![NetApp communication security options](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettingsnetapp.webp) + + - HTTPS – Encrypts communication and verifies the targeted server’s SSL certificate + - HTTPS, Ignore Certificate Errors – Encrypts communication but ignores certificate errors + + - This option is primarily used for troubleshooting + - Alternative use for this option would be for access scans within a trusted and secured + network + + - HTTP – Applies no encryption or authentication of communication + + The HTTPS options require Access Analyzer to have access to the targeted server’s SSL + certificate. Access Analyzer ships with a file containing trusted certificates from a trusted + Certification Authority (`cacert.pem`). If the organization uses a self-signed certificate, see + the + [HTTPS Encryption Certificate for FSAA & NetApp Communication](#https-encryption-certificate-for-fsaa--netapp-communication) + topic for information on adding the organization’s certificate. + +The bottom section is only available for the File System Access/Permission Auditing Scan and +Sensitive Data Scan categories and contains the following options: + +- Restart incomplete scans after (0 always restarts) [number] days – Determines when the saved + progress should be discarded and the scan restarted +- Rescan unimported hosts after (0 always rescans) [number] days – Controls when the host is + rescanned even if its data has not been imported yet + + - When this option is enabled, set to a value higher than zero, and results in a host not being + scanned, a warning message is logged + - The Messages table records the + `No need to scan, Tier 2 DB USN > Tier 1 DB USN, needs to bulk import` warning + +## Enable the Use SQL Query to Manually Specify Shares + +If desired, enable this feature and click **Configure Query** to open the Manual Share Query window. + +![Maual Shares Query window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maualsharesquery.webp) + +The SQL query provided by a user should return a list of all shares in the target environment. The +target tables must reside within the Access Analyzer database and contain at least the following +columns for all shares in the target environment: + +- Host – Name of host where the share resides matching the Host Master table Name field value + + **_RECOMMENDED:_** Use this column but it is not required. + +- Share – Name of the share +- Folder – Landing folder path of the share on the host +- ShareType – Integer representing the protocol for the type of share: + + - 0 = CIFS share + - 1 = NFS share + +For example, if the share has a path of `\\cec-fs01\Documentation`, then the columns are populated +in this way: + +- Host – `cec-fs01` +- Share – `Documentation` +- Folder – `C:\Documentation` +- ShareType – `0` + +**CAUTION:** If the FSAA Data Collector has identified a share in a previous scan, but that share is +not in a table targeted by this query, then it is marked as a deleted share. + +Enter the SQL query by replacing the sample text in the textbox. The SQL query must target tables +that have the required columns populated with the list of all shares in the target environment. + +_(Optional)_ Enter a host in the Host parameter value (@host) textbox to test the query to retrieve +the data for that host. + +Select **Test Query** to open a preview of the results in the Query Results window. Ensure that the +data being retrieved by the query is expected. + +When this option is selected, the data collector runs against the target table to enumerate shares +in the environment. + +_Remember,_ if a share is not in the target table, the data collector assumes that the share does +not exist and marks it as deleted. + +## HTTPS Encryption Certificate for FSAA & NetApp Communication + +The HTTPS encryption options for the NetApp communication security setting of the global Remote Data +Collection Configuration page in the File System Access Auditor Data Collector Wizard requires a +certificate. If the organization uses a self-signed certificate, it is necessary to add this +certificate to enable HTTPS encryption of Access Analyzer communications. + +The certificate (`cacert.pem`) which is shipped with Access Analyzer is in the DC folder of the +installation directory. The default location is: + +…\STEALTHbits\StealthAUDIT\DC + +If employing remote applet mode or proxy servers, then the certificate (`cacert.pem`) must exist in +the FSAA folder where the `FSAAAppletServer.exe` process is running (applet/proxy host). Therefore, +it is necessary to also copy it to the FSAA folder on the target hosts andr proxy servers. This is +done at runtime when using remote applet mode, but any updates or custom certificates must be copied +manually. The default location is: + +…\STEALTHbits\StealthAUDIT\FSAA + +**_RECOMMENDED:_** Do not overwrite this certificate. It is fully trusted by Netwrix. Instead, add +an underscore (\_) character to the start of the file name. Then copy the organization’s self-signed +certificate to this location with the name `cacert.pem`. + +There is another `cacert.perm` file within the Access Analyzer installation directory used by the +Notification SSL encryption options. While these files have the same name, they serve different +purposes and are stored in different locations. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptions.md new file mode 100644 index 0000000000..0f7b2599f6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptions.md @@ -0,0 +1,177 @@ +# FSAA: Scoping Options + +The Scoping Options page is where scan settings, file details, and file properties settings can be +configured for a specified resource in the targeted environment. It is a wizard page for the +following categories: + +- File System Access/Permission Auditing Scan +- Sensitive Data + +![FSAA Data Collector Wizard Scoping Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptions.webp) + +The Scoping Options buttons have the following: + +- Add – Add a resource to be included or excluded in the scan. Opens the Scoping Configuration + window. +- View/Edit – Make changes to a previously added resource. Opens the Scoping Configuration window. +- Remove – Deletes the resource from the table and therefore the scan +- Increase Priority – Sets a lower numerical value to the resource, which sets a higher priority + when conflicting settings occur with one resource +- Decrease Priority – Sets a higher value to the resource, which sets a lower priority when + conflicting settings occur with one resource +- Import – Import scoping options from a `.fsaascope` file. + + - If a conflict arises between an existing configured scoping option and an option that is being + imported, the user will be prompted to resolve the conflict by either keeping the existing + configuration or importing the new one, which will overwrite the scoping option. + +- Export – Take the currently configured scoping options in the job and export it to a `.fsaascope` + file + +By default, priority is assigned in the order it is added to the table. Priority can also be +manually assigned with the Increase Priority and Decrease Priority buttons or in the +[Scoping Configuration Window](#scoping-configuration-window). If there is a conflict between an +inclusion scoping option and an exclusion scoping option with the same priority, the inclusion takes +precedence. + +See the [Common Scoping Scenarios](#common-scoping-scenarios) section for example configurations of +scoping options and the expected results. + +## Scoping Configuration Window + +The Scoping Configuration Window allows a specific share or folder to be included or excluded from +the scan. Only included resources require additional scoping. Remember, these settings override the +default scoping settings for the selected resource. + +![Scoping Configuration Window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingconfigurationwindow.webp) + +Set the Resource Name and Host Name: + +- Resource Name – Specify a local path or individual share to the target folder or the share name +- Host Name – Apply scoping options to a specific target host. If a host name is not supplied, all + hosts targeted by the job have the scoping options applied. + +Both the Resource Name and Host Name textboxes support regular expressions and pattern matching. + +- For wildcards – Use the `?` or `*` as the share or folder name. Example of Wildcard Support: You + have three shares named `Share1`, `Share2`, and `MyShare`. You want to include `Share1` and + `Share2`. You can enter into this field: + + - `share*` + - `share?` + - `Share*` + - `SHARE?` + +- For regular expressions – Use the prefix `RE:` and escape the backslash characters. Example of + Regular Expression: To provide an expression that would include all shares or files that start + with the letter `A`: + + **NOTE:** This option is case sensitive. + + - `RE:\\\\[^\\[+\\A` + +Then set Scoping Type and Priority: + +- Scoping Type – Choose from the dropdown menu the type of resource to scan: + + - Share Include – Provided share name is included in the scan. All scoping options must match or + it is excluded. + - Share Exclude – Provided share is excluded from the scan + - Folder Include – Provided folder name is included in the scan. All scoping options must match + or the scan ignores the resource. + - Folder Exclude – Provided folder is excluded from the scan. All scoping options must match or + it is excluded. + + **NOTE:** Any included files or folders inherit all options previously checked in the + [FSAA: Default Scoping Options](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions.md) page. Manually apply new options if + the default ones are not desired in this scan. + +- Priority – Numerical value that determines which options are used in the case of more than one + scoping option overlaps for a particular resource. Lower numerical values have a higher priority + for this scan. When multiple scoping options are added to a single resource, and there is no + conflict, the scoping options are merged. However, in some instances, the settings conflict. Below + are some known conflicts and their results: + - Conflict between two options for a single resource – Higher priority takes precedence + - Folder scoping option conflicts with a share scoping option – Folder takes precedence + - Conflict between two scoping options with the same priority – Path determines which option is + used. The scoping option with the child takes precedence over the parent. +- Enable Button – Adds the scoping option to the scan criteria + +See the [Scan Settings Tab](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md), +[File Details Tab](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md), and +[File Properties (Folder Summary) Tab](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md) tabs for more detail +on these scoping options. + +## Common Scoping Scenarios + +The following examples show some common configurations of scoping options and the expected results. + +Scenario 1 + +Scan for all shares except one. + +![Common Scoping Options example Scenario 1](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp) + +All shares included except for the ProbableOwner share. + +Scenario 2 + +Scan for one share and exclude all others. + +![Common Scoping Options example Scenario 2](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp) + +The ProbableOwner Share is included. All other shares are excluded. Share Inclusion must have a +priority that is greater than or equal to the Share Exclusion. + +Scenario 3 + +Scan all folders except one. + +![Common Scoping Options example Scenario 3](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp) + +All Shares are scanned and all folders are included except for C:\ProbableOwner\DifferentOwner. + +Scenario 4 + +Scan one folder and exclude all others. + +![Common Scoping Options example Scenario 4](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp) + +The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner +Share, Folder path C:\ProbableOwner\DifferentOwner is included. All other folder paths are excluded. + +Scenario 5 + +Scan one folder and all of its children and exclude all others. + +![Common Scoping Options example Scenario 5](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp) + +The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner +Share, Folder path C:\ProbableOwner\DifferentOwner is included along with all of its children +(Notice the \\\* at the end of folder include path). All other folder paths are excluded. + +Scenario 6 + +Scan for all content within a folder except one sub-folder. + +![Common Scoping Options example Scenario 6](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp) + +The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner +Share, Folder path C:\ProbableOwner\DifferentOwner is included along with all of its children +(Notice the \\\* at the end of folder include path). Within the DifferentOwner folder the path +C:\ProbableOwner\DifferentOwner\Test2 is excluded (Notice the higher priority for the exclusion). +All other folder paths are excluded. + +Additional Considerations + +The scoping options listed above can be used to scope for SMB shares and NFS exports but NFS exports +are enumerated differently. The include/exclude logic outlined above should be the same for both, +but when scoping for NFS exports the Resource Name should be the full path to the export. + +For example, in the scenario below, the NFS export named NFS_Export is included. All other exports +are excluded. Within the NFS_Export export, folder path \ifs\NFS_Export\Test_Folder is included. All +other folder paths are excluded. + +![FSAA Scoping Options NFS export example](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp) + +Note the different slash types for exports compared to folders. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueries.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueries.md new file mode 100644 index 0000000000..2a634d7fa2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueries.md @@ -0,0 +1,104 @@ +# FSAA: Scoping Queries + +Use the Scoping Queries page to query the SQL database and return exclude and include resources from +a specified host. This feature bypasses share permission requirements and eliminates the need for +the Connection Profile credentials to have local Administrator or Power User permissions. It is a +wizard page for the following categories: + +- File System Access/Permission Auditing Scan +- Sensitive Data + +![FSAA Data Collector Wizard Scoping Queries page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueries.webp) + +The Scoping Queries buttons have the following functionality: + +- Add – Add a resource to be included or excluded in the scoping query. Opens the Scoping Query + Configuration window. See the + [Scoping Query Configuration Window](#scoping-query-configuration-window) topic for additional + information. +- View / Edit – Make changes to a previously added scoping query. Opens the Scoping Query + Configuration window. See the + [Scoping Query Configuration Window](#scoping-query-configuration-window) topic for additional + information. +- Remove – Deletes the resource from the table and therefore the scan +- Migrate Scan Resource Filters – Migrates configured scan resource filters from the + `FSAAConfig.xml` file and imports them into the FSAA data collector + + - There are two Scan Resource Filters migrated by default: + + - DFS Shares + + - Scoping Query that will query the SQL database and return a list of Distributed File + System (DFS) Shares from the targeted host to include in the Scan + - Requires the 0-FSDFS System Scans, 1-FSAA System Scans, and 2-FSAA Bulk Import jobs to + have been run as a prerequisite + + - DG Open Shares + + - Scoping Query that will query the SQL database and return a list of Open Shares as + identified by the 3-FSAA Exceptions job + - Requires the 1-FSAA System Scans, 2-FSAA Bulk Import, and 3-FSAA Exceptions jobs to + have been run as a prerequisite + +**NOTE:** These two Scan Resource Filters are both Share Include queries by default. To restrict the +scan to only Open Shares or only DFS Shares it is necessary to also configure the Scoping Options on +the previous page of the wizard to exclude all other shares. + +For example, to restrict the scan to only Open Shares and exclude all other shares, the Scoping +Options page should be configured as shown: + +![FSAA Data Collector Wizard Scoping Options page Open shares configuration](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptionsopenshares.webp) + +The Scoping Queries page should be configured as shown: + +![FSAA Data Collector Wizard Scoping Queries page Open shares configuration](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueriesopenshares.webp) + +See the [FSAA: Scoping Options](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptions.md) topic for additional information and common +scoping scenarios. + +## Scoping Query Configuration Window + +The Scoping Query Configuration window allows you to create a custom Scoping Query to specify shares +and folders to be included in or excluded from the scan. + +![Scoping Query Configuration window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueryconfiguration.webp) + +Configure the following fields: + +- Name – Enter a unique name for the scoping query +- Scoping Type – Choose from the dropdown menu the type of resource to scan +- Configure Query – Select **Configure Query** to open the Advanced Scoping Options Query + Configuration window. See the + [Advanced Scoping Options Query Configuration Window](#advanced-scoping-options-query-configuration-window) topic + for additional information. + +**_RECOMMENDED:_** Provide a descriptive Comment on the Scoping Queries page. + +### Advanced Scoping Options Query Configuration Window + +Clicking **Configure Query** on the Scoping Query Configuration Window brings up the Advanced +Scoping Options Query Configuration window. + +![Advanced Scoping Options Query Configuration window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp) + +Follow the steps to configure a query. + +**Step 1 –** Enter a SQL Query that will return a list of resources to be included in or excluded +from the scan. + +**NOTE:** The target tables must reside within the Access Analyzer database and the result must +return at least the following columns: + +- Name +- Priority + +**Step 2 –** (Optional) Enter a host in the Host parameter value (@host) textbox to test the query +to retrieve the data for that host. + +**Step 3 –** Select **Test Query** to open a preview of the results in the Query Results window. +Ensure that the data being retrieved by the query is expected. + +**Step 4 –** Click **OK**. + +When a query configuration is enabled, the data collector runs against the target table to configure +scoping for shares or folders in the environment. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/sddcriteria.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/sddcriteria.md new file mode 100644 index 0000000000..c2f38e3900 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/sddcriteria.md @@ -0,0 +1,28 @@ +# FSAA: SDD Criteria Settings + +The SDD Criteria Settings page is where criteria to be used for discovering sensitive data during a +scan is configured. It is a wizard page for the category of Sensitive Data Scan. + +![FSAA Data Collector Wizard SDD Criteria Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sddcriteria.webp) + +The options on the SDD Criteria Settings page are: + +- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings + from the **Settings** > **Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for +- Select All - Click **Select All** to enable all sensitive data criteria for scanning +- Clear All - Click **Clear All** to remove all selections from the table +- Select the checkboxes next to the sensitive data criteria options to enable them to be scanned for + during job execution + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in the **Settings** > **Sensitive Data** to create and + edit user-defined criteria. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/sensitivedatasettings.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/sensitivedatasettings.md new file mode 100644 index 0000000000..8742054719 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/sensitivedatasettings.md @@ -0,0 +1,54 @@ +# FSAA: Sensitive Data Settings + +The Sensitive Data Settings page is where sensitive data discovery settings are configured. It is a +wizard page for the category of Sensitive Data Scan. + +![FSAA Data Collector Wizard Sensitive Data Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sensitivedata.webp) + +- Don’t process files larger than: [number] MB – Limits the files to be scanned for sensitive + content to only files smaller than the specified size +- Include offline files (this may significantly increase scan times) – Includes offline files in the + scan +- Perform Optical Character Recognition for image files – Enables the data collector to scan for + sensitive data within digital images of physical documents + + **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents + directly converted to images, with standard fonts. It will not work for scanning photos of + documents and may not be able to recognize text on images of credit cards, driver's licenses, or + other identity cards. + +- Store discovered sensitive data – Stores discovered sensitive data in the database +- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria + for discovered sensitive data + +Use the radio buttons to select the File types to scan: + +- Scan all file types – Scans everything in a given environment +- Scan custom file types – Select the checkboxes from the list of file and document types that are + included in a sensitive data scan. The table contains the following categories and their + sub-options available: + + - Compressed Archive files + - Documents + - Email + - Image files + - Presentations + - Spreadsheets + - Text/Markup files + +- Perform differential scan of – Enables users to choose whether to employ incremental scanning: + + - Files modified or newly discovered since last scan – Scans newly discovered files and files + with a modified date after the previous scan date + - Files modified since [date] – Only scans files with a modified date after the specified date + - Files modified within the last [number] days – Only scans files with a modified date within + the specified date range + +The Performance Options section allows the user to modulate the efficiency of SDD scans. + +- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn + as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU + threads available. + + **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host + should be 1 to 2 times the number of CPU threads available. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/standard-tables.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/standardtables.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/fsaa/standard-tables.md rename to docs/accessanalyzer/12.0/admin/datacollector/fsaa/standardtables.md diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/updateservicesettings.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/updateservicesettings.md new file mode 100644 index 0000000000..4455fb349c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/updateservicesettings.md @@ -0,0 +1,20 @@ +# FSAA: FSAA Update Service Setting + +The FSAA Update Service Setting page is where the File System Proxy Service can be automatically +updated on hosts where the service has already been installed. It requires the File System Proxy +Service to be v8.0 or later prior to using this feature. It is a wizard page for the category of +Update Proxy Service. + +![FSAA Data Collector Wizard FSAA Update Service Setting page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/updateservice.webp) + +Configure the settings for the targeted File System Proxy Service: + +- Port number – The default port number is 8766 +- Applet communication timeout: [number] minute(s) – This option determines the length of time (in + minutes) the Access Analyzer Console attempts to reach the proxy before giving up. Depending on + the job configuration, the data collector behaves in one of three ways after the timeout value has + been exceeded. +- Scan cancellation timeout: [number] minute(s) – When selected, this option will timeout the applet + if there is an attempt to pause the scan and the applet does not respond + +See the [FSAA: Applet Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/fsaa/workflows.md b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/workflows.md new file mode 100644 index 0000000000..8910dc5539 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/fsaa/workflows.md @@ -0,0 +1,242 @@ +# Additional FSAA Workflows + +The following FSAA Data Collector query categories that provide additional functionality: + +- Remove scan executables and data – Removes file system access audit scan applet and data from + remote server +- Update proxy service – Update FSAA binaries for hosts running the File System Proxy Service + + **NOTE:** Requires the existing File System Proxy Service to be v8.0 or later. + +- Remove host data – Removes host from all SQL tables created by the FSAA Data Collector and deletes + StrucMap (removes host assigned to job where query exists) + +Additional workflows include: + +- Remove Host and Criteria SDD Data – Removes SDD data for a host or a criteria from the SQL tables +- Drop Tables & Views – Drops the standard reference tables and views + +_Remember,_ the FSAA Data Collector always records data in Standard Reference Tables, no matter what +job it is applied to. + +## Remove File System Access Scan Category + +The FSAA Data Collector can be used to clean-up or troubleshoot the applet and proxy scanning +servers. This would need to be done through a new job’s query. Set the host list and Connection +Profile to target the desired applet and proxy servers. + +Follow these steps to build a new query using the FSAA Data Collector with the Remove scan +executables and data category. + +**Step 1 –** Navigate to the **Configure** node of a new or chosen job and select the **Queries** +node. + +**Step 2 –** In the Query Selection view, click the **Create Query** link. The Query Properties +window displays. + +**Step 3 –** Select the **Data Source** tab. From the **Data Collector** drop-down menu, select +**FILESYSTEMACCESS** and then click the **Configure** button. The File System Access Auditor Data +Collector Wizard opens. + +![FSAA Data Collector Wizard Query Selection page with Remove scan executables and data option selected](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp) + +**Step 4 –** On the Query Selection page, select the **Remove scan executables and data** category. + +**Step 5 –** Click **Finish** to save the selection and close the wizard. Then click **OK** to close +the Query Properties window. + +This job has now been configured to run the FSAA Data Collector to remove the file system access +audit scan applet and data from the target server. Run the job to clean-up the targeted hosts. + +## Update Proxy Service Category + +The FSAA Data Collector can be used to upgrade the File System Proxy Service already installed on +proxy servers. The FS_UpdateProxy Job is preconfigured to run with the default settings with the +category of Update proxy service. It is available through the Instant Job Library under the File +System library. + +The Update Proxy Service category option enables users with the ability to update v8.0+ File System +Proxy Service installations to newer versions. When this query is employed, the job compresses the +updated binaries and deploy them to the proxy server. Once the proxy server has no active sessions, +the Netwrix Access Analyzer (formerly Enterprise Auditor) FSAA Proxy Scanner service shuts down and +the components are updated. Finally, the service restarts itself. + +**NOTE:** This option is not for updating v7.x File System Proxy installations. Those must be +manually updated to at least v8.0 on the proxy server before this query can be used to automate the +process. + +Follow the [Upgrade Proxy Service Procedure](/docs/accessanalyzer/12.0/install/filesystemproxy/upgrade.md) and use +the FS_UpdateProxy Job. + +## Remove Host Category + +The FSAA Data Collector can be used to clean-up the Standard Reference Tables by removing data for +particular hosts. This would need to be done through a new job’s query. The host to be removed is +set as the host list for the new job. The Connection Profile applied should be the same as the one +used for the associated **FileSystem** > **0.Collection** > … **Bulk Import** Job. + +**CAUTION:** Be careful when applying this query task, as it results in the deletion of collected +data. Ensure proper configuration prior to job execution. + +**_RECOMMENDED:_** Manually enter individual hosts into the host list executing this query. + +Follow the steps to build a new query using the FSAA Data Collector with the Remove host data +category. + +**Step 1 –** Navigate to the **Configure** node of a new or chosen job and select the **Queries** +node. + +**Step 2 –** In the Query Selection view, click the **Create Query** link. The Query Properties +window displays. + +**Step 3 –** Select the **Data Source** tab. From the **Data Collector** drop-down menu, select +**FILESYSTEMACCESS** and then click **Configure**. The File System Access Auditor Data Collector +Wizard opens. + +![FSAA Data Collector Wizard Query Selection page with Remove host data option selected](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselectionremovehostdata.webp) + +**Step 4 –** On the Query Selection page, select the **Remove host data** category. + +**Step 5 –** Click **Finish** to save the selection and close the wizard. Then click **OK** to close +the Query Properties window. + +This job has now been configured to run the FSAA Data Collector to remove the host identified in the +job’s **Configure** > **Hosts** node. Run the job to clean-up the targeted hosts. + +_Remember,_ this job deletes data from the Access Analyzer database. Use caution and ensure proper +configuration prior to job execution. + +## Remove Host and Criteria SDD Data + +The FS_SDD_DELETE job removes host and criteria sensitive data matches from the Tier 1 database. It +is preconfigured to run analysis tasks with temporary tables that requires modification prior to job +execution. It is available through the Instant Job Library under the File System library. See the +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional information. + +![FS_SDD_DELETE Job in Job's Tree](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddelete.webp) + +The 0.Collection Job Group must be run before executing the FS_SDD_DELETE Job. + +### Analysis Tasks for the FS_SDD_DELETE Job + +The analysis tasks are deselected by default. View the analysis tasks by navigating to the +**Jobs** > **FS_SDD_DELETE** > **Configure** node and select **Analysis**. + +**CAUTION:** Applying these analysis tasks result in the deletion of collected data. + +![FS_SDD_DELETE Job Analysis Selection page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddeleteanalysistasks.webp) + +- Delete Criteria – Remove all SDD Data for a Specified Criteria +- Delete Host – Remove all SDD Data Related to a Host +- Remove Host & Criteria – Remove all SDD Data for a Specific Host and Criteria Combination + +### Configure the FS_SDD_DELETE Analysis Tasks + +Follow the steps to configure and run the analysis tasks. + +**Step 1 –** Prior to job execution, modify the desired analysis tasks using the +[Customizable Analysis Parameters for FS_SDD_DELETE Job](#customizable-analysis-parameters-for-fs_sdd_delete-job) +instructions. + +**Step 2 –** In the Analysis Selection Pane, check the type of analysis task that will be run. + +**Step 3 –** Right-click the **FS_SDD_DELETE** Job and select **Run Job**. The analysis execution +status is visible from the **Running Instances** node. + +**Step 4 –** When the job has completed, return to the Analysis Selection Pane and deselect all +analysis tasks. + +**CAUTION:** Do not leave these analysis tasks checked in order to avoid accidental data loss. + +All of these tables have been dropped from the SQL Server database and the data is no longer +available. + +### Customizable Analysis Parameters for FS_SDD_DELETE Job + +A customizable parameter enables Access Analyzer users to set the sensitive data values that will be +deleted during this job’s analysis. + +| Analysis Task | Customizable Parameter Name | Value Indicates | +| ---------------------- | --------------------------- | --------------------------------------------- | +| Delete Host | #hosts | List of Host Names to be removed | +| Delete Criteria | #Criteria | List of Criteria to be removed | +| Remove Host & Criteria | #Criteria #hosts | List of Criteria and Host Names to be removed | + +The parameters that can be customized are listed in a section at the bottom of the SQL Script +Editor. Follow the steps to customize analysis task parameters. + +**Step 1 –** Navigate to the **FS_SDD_DELETE** > **Configure** node and select **Analysis**. + +**Step 2 –** In the Analysis Selection view, select the desired analysis task and click on +**Analysis Configuration**. The SQL Script Editor opens. + +![ FS_SDD_DELETE Job Analysis Task in SQL Script Editor](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp) + +**Step 3 –** In the Parameters section at the bottom of the editor, select either the **#Criteria** +or **#hosts** row, depending on the analysis task chosen, and then **Edit Table**. The Edit Table +window opens. + +**CAUTION:** Do not change any parameters where the Value states `Created during execution`. + +![SQL Script Editor Edit Table window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp) + +**Step 4 –** Use the **Add New Item** button to enter host names or criteria to the temporary table +list manually, or select the **Browse** button to upload a list of hosts in CSV format. Click **OK** +to save any changes. Other Edit Table buttons include: + +- Edit a Value +- Delete this row/column +- Move up +- Move down + +**Step 5 –** Click Save and Close to finalize the customization and close the SQL Script Editor. + +The job is now ready to be executed. + +## Drop Tables & Views + +If it becomes necessary to clear the FSAA Data Collector tables and views to resolve an issue, the +FS_DropTables Job is preconfigured to run analysis tasks that drop functions and views for the File +System Solution as well as the standard tables and views generated by the FSAA Data Collector. + +It is available through the Instant Job Library under the File System library. Since this job does +not require a host to target, select Local host on the Hosts page of the Instant Job Wizard. See the +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional information. + +![FS_DropTables Job in Job's Tree](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/droptables.webp) + +The 0.Collection Job Group must be run before executing the FS_DropTables Job. + +### Analysis Tasks for the FS_DropTables Job + +The analysis tasks are deselected by default. View the analysis tasks by navigating to the +**Jobs** > **FS_DropTables** > **Configure** node and select **Analysis**. + +**CAUTION:** Applying these analysis tasks result in the deletion of collected data. + +![FS_DropTables Job Analysis Selection page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/droptablesanalysistasks.webp) + +- 1. Drop FSAA functions – Removes all functions and views from previous runs of the File System + Solution +- 2. Drop FSAC tables – Drops the File System Activity Auditing tables imported from the previous + runs +- 3. Drop FSDLP Tables – Drops the File System Sensitive Data Discovery Auditing tables imported + from the previous runs +- 4. Drop FSDFS Tables – Drops the File System DFS Auditing tables imported from the previous runs +- 5. Drop FSAA Tables – Drops File System Access Auditing tables imported from the previous runs + +Do not try to run these tasks separately, as they are designed to work together. Follow these steps +to run the analysis tasks: + +**Step 1 –** In the Analysis Selection Pane, click **Select All**. All tasks will be checked. + +**Step 2 –** Right-click the **FS_DropTables** Job and select **Run Job**. The analysis execution +status is visible from the **Running Job** node. + +**Step 3 –** When the job has completed, return to the Analysis Selection Pane and click **Select +All** to deselect these analysis tasks. + +**CAUTION:** Do not leave these analysis tasks checked in order to avoid accidental data loss. + +All of these tables have been dropped from the SQL Server database and the data is no longer +available. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/category.md b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/category.md new file mode 100644 index 0000000000..4861727ca6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/category.md @@ -0,0 +1,22 @@ +# GroupPolicy: Category + +On the GroupPolicy Data Collector Category page, select the required query category to be executed. + +![Group Policy Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/category.webp) + +The available categories are: + +- Group Policy Objects – Retrieves the GPO’s list in the domain and where each is linked +- Policies State – Provides the ability to return information on configured policies and policy + parts from the individual policies which have been selected + + - For example, selecting **Account Policies** > **Policy Password** will result in **Account + Policies** > **Policy Password** being returned for the targeted domains + +- Policies State for all GPOs – Provides the ability to return information on selected policy parts + from all policies within the domain + + - For example, selecting **Account Policies** > **Password Policy** will result in **Password + Policy** being returned for all policies in the targeted domains + +- Local policies – Returns effective security policies in effect at the individual workstation diff --git a/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/options.md b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/options.md new file mode 100644 index 0000000000..099d5b16bd --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/options.md @@ -0,0 +1,26 @@ +# GroupPolicy: Options + +The Options page is used to configure how to return multi-valued properties and how policy results +are presented. It is a wizard page for all categories. + +![Group Policy Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/options.webp) + +The configurable options are: + +- Result Presentation – Select one of the following options. This section is not available for the + Group Policy Objects category. + + - Each part of each policy on a new row + - All parts of each policy on the same row + + **_RECOMMENDED:_** Use the Each part of each policy on a new row for best results + +- Multi-Valued Properties – Select one of the following options: + + - Concatenated – Specify the delimiter to use in the Delimiter box + - First value only + - Each value on a new row + + **_RECOMMENDED:_** Use the Each value on a new row option for best results. + +The available options vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/overview.md new file mode 100644 index 0000000000..c7a3e6babc --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/overview.md @@ -0,0 +1,49 @@ +# GroupPolicy Data Collector + +The GroupPolicy Data Collector provides the ability to retrieve the GPO’s list in the domain and +where they are linked, return information on configured policies and policy parts from the +individual policies that have been selected, return information on selected policy parts from all +policies within the domain, and return effective security policies in effect at the individual +workstation. + +The GroupPolicy Data Collector is a core component of Access Analyzer, but it has been preconfigured +within the Active Directory Solution and the Windows Solution. While the data collector is available +with all Access Analyzer license options, the Windows Solution is only available with a special +Access Analyzer licenses. See the following topics for additional information: + +- [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md) +- [Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) + +Protocols + +- LDAP +- RPC + +Ports + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Domain Administrators group (if targeting domain controllers) +- Member of the Local Administrators group + +## GroupPolicy Query Configuration + +The GroupPolicy Data Collector is configured through the Group Policy Data Collector Wizard. The +available pages change based upon the query category selected. It contains the following wizard +pages: + +- Welcome +- [GroupPolicy: Category](/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/category.md) +- [GroupPolicy: Target](/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/target.md) +- [GroupPolicy: Policies List](/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/policieslist.md) +- [GroupPolicy: Options](/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/options.md) +- [GroupPolicy: Summary](/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/summary.md) + +![Group Policy Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/policieslist.md b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/policieslist.md new file mode 100644 index 0000000000..12cf39bf6d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/policieslist.md @@ -0,0 +1,21 @@ +# GroupPolicy: Policies List + +The Policies List page is where the policies from the desired GPOs to be queried are selected. It is +a wizard page for the categories of: + +- Policies State +- Policies State for all GPOs +- Local Policies + +![Group Policy Data Collector Wizard Policies List page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/policieslist.webp) + +Select the policies or policy parts to be audited. The category dictates how this selection is +applied across the domain or local host. + +To search parts of a policy, drill into the policy and select the desired policy parts. Click +**Check all** to select all properties, and click **Uncheck all** to deselect all properties. Search +for a policy by entering a policy name in the Search box and clicking **Search**. + +**NOTE:** The policy parts returned may have multiple values. + +At least one policy or policy part must be selected in order to proceed to the next wizard page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/summary.md new file mode 100644 index 0000000000..945b0786f0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/summary.md @@ -0,0 +1,9 @@ +# GroupPolicy: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all categories. + +![Group Policy Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Group Policy Data Collector Wizard to ensure that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/target.md b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/target.md new file mode 100644 index 0000000000..34bc851dd6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/target.md @@ -0,0 +1,29 @@ +# GroupPolicy: Target + +The Target page is where a host from which to get data (in wizard only) and .admx source are +identified. It is a wizard page for the categories of: + +- Policies State +- Policies State for all GPOs +- Local Policies + +![Group Policy Data Collector Wizard Target page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/target.webp) + +In the Connect to section of the page, select from the following options: + +- Default domain – Select this option to connect to the default domain +- This domain – Select this option and click the ellipsis to open the Browse for Domain window. Then + select the desired domain. Click **OK**. + +In the Use these job credentials to browse section of the page, if multiple credentials are set up, +select the credentials to use for the query from the dropdown menu. + +**NOTE:** If the Default Connection profile has only one set of credentials, the dropdown will be +grayed out and will only display the default credentials for that profile. + +In the Get .admx policy definitions from section of the page, select from the following options: + +- Central Store/target host – Select thisoption to get .admx policy definitions from the central + store/target host +- This archive – Select this option to get .admx policy definitions from an archive and click the + ellipsis to open the Select Archive File window. Then select an archive. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/inifile/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/inifile/overview.md new file mode 100644 index 0000000000..5561bc6a38 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/inifile/overview.md @@ -0,0 +1,34 @@ +# INIFile Data Collector + +The INIFile Data Collector provides options to configure a task to collect information about log +entries on target hosts. This data collector is a core component of Access Analyzer and is available +with all Access Analyzer licenses. + +Protocols + +- RPC + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports +- Optional TCP 445 + +Permissions + +- Member of the Local Administrators group + +## INIFile Query Configuration + +The INIFile Data Collector is configured through the INI File Data Collector Wizard. It contains the +following wizard pages: + +- Welcome +- [INIFile: Target Files](/docs/accessanalyzer/12.0/admin/datacollector/inifile/targetfiles.md) +- [INIFile: Properties](/docs/accessanalyzer/12.0/admin/datacollector/inifile/properties.md) +- [INIFile: Summary](/docs/accessanalyzer/12.0/admin/datacollector/inifile/summary.md) + +![INI File Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/inifile/properties.md b/docs/accessanalyzer/12.0/admin/datacollector/inifile/properties.md new file mode 100644 index 0000000000..ba8c52831f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/inifile/properties.md @@ -0,0 +1,24 @@ +# INIFile: Properties + +The Properties page identifies data about the INI file for auditing. + +![INI File Data Collector Wizard Properties page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/properties.webp) + +Use the following options to determine which data to adult: + +- All contents – Collect all contents from the INI file + + **NOTE:** `*` can be used for matching wildcard or single characters. + + - Section name – Collect data matching section name from the INI file + - Key name – Collect data matching key name from the INI file + +- Differences from standard – Select a master control file to compare the current target against + + - Click the ellipses (**…**) to open a file explorer window + - Select an appropriate .INI file + +- Properties – Select a checkbox next to any desired properties. **Select All** or **Clear All** can + also be used. + + If **Differences from standard** is selected, all properties are selected and cannot be altered. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/inifile/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/inifile/summary.md new file mode 100644 index 0000000000..a28691aee2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/inifile/summary.md @@ -0,0 +1,9 @@ +# INIFile: Summary + +The Summary page is where the selected configuration settings are listed. + +![INI File Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the INIFile Data Collector Wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/inifile/targetfiles.md b/docs/accessanalyzer/12.0/admin/datacollector/inifile/targetfiles.md new file mode 100644 index 0000000000..e98945a660 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/inifile/targetfiles.md @@ -0,0 +1,21 @@ +# INIFile: Target Files + +The Target Files page identifies the location and name of the INI file from which to collect +information. + +![INI File Data Collector Wizard Target Files page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/targetfiles.webp) + +Configure the Target Files options: + +- Fixed path – Path to the INI file. Fixed paths are typically entered using the following format: + `drive:\filepath` +- Registry Lookup – Select this option to obtain a path from a registry key that exists on the + target host in the environment. Click the ellipsis (**…**) to open the Access Analyzer Registry + Browser and connect to a host to select a registry key and path to be used for the lookup. + + - Registry Value – This value is automatically populated from the registry key + - Levels – The Levels slider can be used to truncate the path for the key value in the Adjust + Path dialog box + - Current value – Displays the current value for the registry key + +- INI File Name – Name of the INI file diff --git a/docs/accessanalyzer/12.0/admin/datacollector/ldap.md b/docs/accessanalyzer/12.0/admin/datacollector/ldap.md new file mode 100644 index 0000000000..0105ea91a5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/ldap.md @@ -0,0 +1,146 @@ +# LDAP Data Collector + +The LDAP Data Collector uses LDAP to query Active Directory returning the specified objects and +attributes. For example, a query can be configured to return all user objects at the selected level. +Another query can be configured to return a master list of all user objects found within the target +domain. Wildcards and LDAP filters can be applied to the query configurations. + +The LDAP Data Collector is a core component of Access Analyzer, but it has been preconfigured within +the Active Directory Solution. While the data collector is available with all Access Analyzer +license options, the Active Directory Solution is only available with a special Access Analyzer +license. See the [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md) topic for +additional information. + +Protocols + +- LDAP + +Ports + +- TCP 389 + +Permissions + +- Member of the Domain Administrators group + +## LDAP Query Configuration + +The LDAP Data Collector is configured through the LDAP template form. The LDAP template form has the +following configuration options: + +![LDAP template form](/img/product_docs/accessanalyzer/12.0/admin/datacollector/templateform.webp) + +- Connect to the server – Use the default domain controller entered in the box, or enter an + alternate server +- Naming context – Select a directory partition from the drop-down list: **Default Context**, + **Configuration Context**, or **Schema Context** +- Connect – Connects to the domain specified. The root folder of the domain is displayed in the left + pane of the window. + + **NOTE:** Before clicking **Connect**, the server port must be configured. To configure the + server port, click **Options** to open the Options window and configure the server port as + described in the Options Window section. + +- Options – Opens the Options window to configure connection options and multi-value results + options. See the [Options Window](#options-window) topic for additional information. +- List of attributes – Table in the upper right corner lists attributes for the object selected in + the left pane +- Root path – The Root path textbox is populated with the path to the highlighted attributes to be + collected +- LDAP filter – The LDAP filter textbox shows the filters applied to the objects. Click the ellipses + (**…**) to open the Filter Options window. See the [Filter Options Window](#filter-options-window) + topic for additional information. + +The button bar provides additional options for selecting objects and attributes. See the +[Button Bar](#button-bar) topic for additional information. + +### Options Window + +The Options window contains configure connection options and multi-value results options. Click the +**Options** button located in the upper right corner of the LDAP template form to open it. + +![Options Window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/options.webp) + +- Connect Securely with TL/SSL – Connect using TLS/SSL. If the checkbox is selected, the server port + defaults to `636`. +- Ignore Certificate Errors – Ignores certificate errors during connection when encrypted + communication is enabled +- Server Port + + - If the Connect Securely with TLS/SSL option is selected, use Server Port `686` + - If the Connect Securely with TLS/SSL option is not selected, use Server Port `389` + +- Authentication Type + + - Negotiate – Default authentication type + - Simple + +- TreeView Node Limit – Typically set to 500 +- Multi-valued attributes – Indicates how multi-valued properties are returned + + - Concatenated – All values are listed in one cell using the delimiter specified + + - Delimiter – Symbol used to separate values in the cell + + - First Value Only – Only the first value is listed in the cell + +### Filter Options Window + +The Filter Options window is where to add filters to the query. Click the ellipses (**…**) button +located to the right of the **LDAP filter** box in the LDAP template form to open this window. + +![filteroptions](/img/product_docs/accessanalyzer/12.0/admin/datacollector/filteroptions.webp) + +- Extract all objects (no filter) – No filters applied +- Extract only objects of the following classes – Applies class filter for selected classes + + - Users + - Groups + - Contacts + - Computers + - Printers + - Shared Folders + +- Custom Filter – Applies a custom filter configured in the Custom Filter window. See the + [Custom Filter Window](#custom-filter-window) topic for additional information. + +#### Custom Filter Window + +The Custom Filter window provides options for creating a complex filter. + +![Custom Filter window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/customfilter.webp) + +Select a **Field** and **Condition** from the drop-down lists. Enter a **Value** for the condition. +Click **Add** to add the filter to the Filter Lines table. + +- Filter Lines will be combined with a logical – Select the **AND** or **OR** option. **AND** is + selected by default. +- Edit Raw Filter – Opens the Raw Filter Edit window + + ![Raw Filter Edit window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/rawfilteredit.webp) + + Enter the entire LDAP filter in the textbox. Click **Verify** to confirm the filter, and then + **OK** to add it to the custom filter list. + +- Clear Filter – Deletes the selected filter + +Click **OK** to save the changes and close the Custom Filter window. + +### Button Bar + +The button bar provides several options for configuring the query. + +![buttonbar](/img/product_docs/accessanalyzer/12.0/admin/datacollector/buttonbar.webp) + +| Button | Name | Description | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------- | ------------------------------------------------------------------------- | +| ![Include sublevels button](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sublevels.webp) | Include sublevels | Include sublevel folders of the selected folder. | +| ![Org wildcard button](/img/product_docs/accessanalyzer/12.0/admin/datacollector/orgwildcard.webp) | Org wildcard | Search for the attribute across multiple domains. | +| ![Wildcard the level button](/img/product_docs/accessanalyzer/12.0/admin/datacollector/wildcard.webp) | Wildcard the level | Search everything on the selected level. | +| ![Unwildcard all levels button](/img/product_docs/accessanalyzer/12.0/admin/datacollector/unwildcard.webp) | Unwildcard all levels | Removes the wildcard and returns the search scope to the selected domain. | +| ![Include a HostName Tag button](/img/product_docs/accessanalyzer/12.0/admin/datacollector/includehostname.webp) | Include a HostName Tag | Replaces the OU with a HostName Tag. | +| ![Remove all HostName Tags button](/img/product_docs/accessanalyzer/12.0/admin/datacollector/removehostname.webp) | Remove all HostName Tags | Removes the HostName Tag. | +| ![Add Security Properties for Selected Key button](/img/product_docs/accessanalyzer/12.0/admin/datacollector/addsecurityproperties.webp) | Add Security Properties for Selected Key | Adds the list of security properties. | +| ![Select Highlighted Attributes button](/img/product_docs/accessanalyzer/12.0/admin/datacollector/addattributes.webp) | Select Highlighted Attributes | Adds the highlighted attributes to the list. | +| ![Delete the Highlighted Selected Attributes button](/img/product_docs/accessanalyzer/12.0/admin/datacollector/deleteattributes.webp) | Delete the Highlighted Selected Attributes | Deletes the highlighted attributes from the list. | +| ![Find the Root Path in the Directory Objects button](/img/product_docs/accessanalyzer/12.0/admin/datacollector/rootpath.webp) | Find the Root Path in the Directory Objects | Returns the root path to the selected root. | diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nis/category.md b/docs/accessanalyzer/12.0/admin/datacollector/nis/category.md new file mode 100644 index 0000000000..a643ed5c5a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nis/category.md @@ -0,0 +1,18 @@ +# NIS: Category + +The Category page is used to identify which type of NIS information to retrieve. + +![NIS Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/category.webp) + +The NIS Data Collector contains two query categories: + +- Scan NIS Users and Groups – Scans a NIS domain for user and group information, map them to + Windows-style SIDS, and import the information into SQL server creating the standard reference + tables. This task is also responsible for maintaining the schema for tables and views. This is the + standard option for this data collector. +- Custom NIS Scan –Scan and parse a specified NIS map and import the information into the SQL Server + database creating tables specific to the job configuration + +The Scan NIS Users and Groups category is the pre-configured setting for the .NIS Inventory job +group. To use the Custom NIS Scan category, create a query in a new job using the NIS Data Collector +and configure the query as desired. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nis/configurejob.md b/docs/accessanalyzer/12.0/admin/datacollector/nis/configurejob.md new file mode 100644 index 0000000000..ca39eb3fc5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nis/configurejob.md @@ -0,0 +1,50 @@ +# Unix Connection Profile & Host List + +The NIS Data Collector requires a custom Connection Profile and host list be created and assigned to +the job or job group conducting the data collection. The host inventory option during host list +creation makes it necessary to configure the Connection Profile first. + +## Connection Profile + +Creating the Connection Profile requires having an account with access to the targeted NIS server. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Unix Account +- User name – Enter user name +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) + topic for additional information.) +- Password/Confirm + + - If not using a private key, enter the **Password** and re-type in the **Confirm** field + - If using a private key, then the password is not needed. Provide the private key information + in the **Use the following private key when connecting** field. + +- Use the following port/ports(CSV) for SSH + + - The SSH port needs to be opened in software and hardware firewalls + - If desired, select this option and provide the port value + +- Use the following private key when connecting + + - This option uses the authentication method of an SSH Private Key + - Supported Key types: + + - Open SSH + - PuTTY Private Key + + - If desired, select this option and provide the key value + +Once the Connection Profile is created, it is time to create the custom host list. See the +[Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. + +## Custom Host List + +The custom host list only needs to include a single NIS server in the targeted NIS domain. Follow +the steps in the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) topic for instructions on how to +create a custom static host list. + +See the +[Recommended Configuration for the .NIS Inventory Solution](/docs/accessanalyzer/12.0/solutions/nisinventory/recommended.md) +topic for information on where to assign the Connection Profile and host list. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nis/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/nis/overview.md new file mode 100644 index 0000000000..880b3367d9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nis/overview.md @@ -0,0 +1,39 @@ +# NIS Data Collector + +The NIS Data Collector inventories a NIS domain for user and group information, mapping to +Windows-style SIDs. This data collector is a core component of Access Analyzer and has been +preconfigured within the .NIS Inventory Solution. Both this data collector and the solution are +available with all Access Analyzer license options. See the +[.NIS Inventory Solution](/docs/accessanalyzer/12.0/solutions/nisinventory/overview.md) topic for additional +information. + +Protocols + +- NIS + +Ports + +- TCP 111 or UDP 111 +- Randomly allocated high TCP ports + +Permissions + +- No special permissions are needed aside from access to a NIS server + +## NIS Query Configuration + +The NIS Data Collector is configured through the NIS Data Collector Wizard, which contains the +following wizard pages: + +- Welcome +- [NIS: Category](/docs/accessanalyzer/12.0/admin/datacollector/nis/category.md) +- [NIS: NIS Settings](/docs/accessanalyzer/12.0/admin/datacollector/nis/settings.md) +- [NIS: SID Mappings](/docs/accessanalyzer/12.0/admin/datacollector/nis/sidmappings.md) +- [NIS: NIS Query](/docs/accessanalyzer/12.0/admin/datacollector/nis/query.md) +- [NIS: Results](/docs/accessanalyzer/12.0/admin/datacollector/nis/results.md) +- [NIS: Summary](/docs/accessanalyzer/12.0/admin/datacollector/nis/summary.md) + +![NIS Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nis/query.md b/docs/accessanalyzer/12.0/admin/datacollector/nis/query.md new file mode 100644 index 0000000000..81146b654e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nis/query.md @@ -0,0 +1,26 @@ +# NIS: NIS Query + +The NIS Query page is where the NIS query regular expressions are configured and tested. It is a +wizard page for the category of: + +- Custom NIS Scan + +![NIS Data Collector Wizard NIS Query page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/query.webp) + +The Data Source configuration options are: + +- NIS Map – Specify the name of the NIS map to query +- Load Data – Fetches the first 50 rows of data of the specified NIS map from the test host +- Paste Data – Uses text from the clipboard as the test data source +- Open File – Allows using a text file as test data. The test data is shown in the preview box. + +The Query Expressions configuration options are: + +- Per-Row Query – A regular expression that is evaluated once per source row, and the + sub-expressions returned make up the first columns of the result rows +- Per-Value Query – This value is evaluated multiple times per source row, generating one result row + for each evaluation +- Use map key as first column of results – When selected, this option sets the map key as the first + column in the data table +- Insert row when there is no per-value match – When selected, this option generates a blank row for + evaluations that return no per-value match diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nis/results.md b/docs/accessanalyzer/12.0/admin/datacollector/nis/results.md new file mode 100644 index 0000000000..29998b31fd --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nis/results.md @@ -0,0 +1,14 @@ +# NIS: Results + +The Results page is where properties from Unix to be gathered are selected. It is a wizard page for +both categories. + +![NIS Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/results.webp) + +Available properties have checkboxes that can be selected individually, or you can use the **Select +All**, **Clear All**, and **Reset to defaults** buttons. All selected properties are gathered. +Available properties vary based on the category selected. + +This information is not available within the standard reference tables and views. Instead, this +information can be viewed in the `SA_[Job Name]_DEFAULT` table, which is created when any of these +properties are selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nis/settings.md b/docs/accessanalyzer/12.0/admin/datacollector/nis/settings.md new file mode 100644 index 0000000000..95da392e53 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nis/settings.md @@ -0,0 +1,16 @@ +# NIS: NIS Settings + +The NIS Settings page is where the NIS domain and a NIS server are configured for testing. It is a +wizard page for both categories. + +![NIS Data Collector Wizard NIS Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/settings.webp) + +Configure the NIS domain and sample NIS server: + +- NIS Domain Name – Enter the case-sensitive name of the NIS domain to scan. This is the value + returned by `/bin/domainname` on UNIX systems. +- (Optional) Sample NIS Server – Enter the host name or IP address of a NIS server for the above + domain to use for testing. This system should be running the `ypserv` process and be accessible + from the Access Analyzer Console. Then, click **Test**. +- Test – The data collector attempts to connect to the specified server and access information from + the specified domain. It returns a message indicating success or failure. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nis/sidmappings.md b/docs/accessanalyzer/12.0/admin/datacollector/nis/sidmappings.md new file mode 100644 index 0000000000..5fb14a1eae --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nis/sidmappings.md @@ -0,0 +1,12 @@ +# NIS: SID Mappings + +The SID Mappings page is where the Windows-style SID mappings for the Unix User ID and Group ID are +specified. It is a wizard page for the category of: + +- Scan NIS User and Groups + +![NIS Data Collector Wizard SID Mappings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/sidmappings.webp) + +The default settings work for most environments. Use this page to **Add**, **Edit**, or **Remove** +ID Mappings. Multiple entries are allowed. For each range of User ID or Group ID entered, the offset +is added to the ID and the resulting SID is the format with `%d` replaced by the ID. diff --git a/docs/accessanalyzer/12.0/data-collection/nis/standard-tables.md b/docs/accessanalyzer/12.0/admin/datacollector/nis/standardtables.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/nis/standard-tables.md rename to docs/accessanalyzer/12.0/admin/datacollector/nis/standardtables.md diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nis/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/nis/summary.md new file mode 100644 index 0000000000..e5b6ed9afc --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nis/summary.md @@ -0,0 +1,10 @@ +# NIS: Summary + +The Summary page is where configuration settings are summarized. It is a wizard page for both +categories. + +![NIS Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the NIS Data Collector Wizard to ensure that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nosql/category.md b/docs/accessanalyzer/12.0/admin/datacollector/nosql/category.md new file mode 100644 index 0000000000..bf259fddee --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nosql/category.md @@ -0,0 +1,29 @@ +# NoSQL: Category + +The Category page in the NoSQL Data Collector Wizard lists the following query categories, +sub-divided by auditing focus: + +![NoSQL Data Collector Wizard Category Page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/category.webp) + +The query categories are: + +- Sensitive Data + + - Sensitive Data Collection – Scan databases for sensitive data + +- MongoDB + + - Utilities + + - Remove Storage Tables — Removes the tables created for the MongoDB Data Collector + + - Database Sizing + + - Database Sizing — Determines MongoDB database size + +- NoSQL + + - NoSQL Utilities + + - Remove NoSQL Storage Tables — All connection related and filter data will be removed for + NoSQL databases diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nosql/configurejob.md b/docs/accessanalyzer/12.0/admin/datacollector/nosql/configurejob.md new file mode 100644 index 0000000000..5200e6b07a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nosql/configurejob.md @@ -0,0 +1,55 @@ +# NoSQL Custom Connection Profile & Host List + +The NoSQL Data Collector requires a custom connection profile and host list. + +## Connection Profile + +The credential used for MongoDB Server auditing can be either an Active Directory account or a SQL +account. Create a Connection Profile and set the following information on the User Credentials +window. + +Active Directory + +For an Active Directory account, set the following on the User Credentials window: + +- Select Account Type – Active Directory Account +- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain + name in the textbox or select a domain from the menu. +- User name – Type the user name +- Password Storage – Choose the option for credential password storage: + + - Application – Uses the configured Profile Security setting as selected at the **Settings** > + **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for + additional information. + - CyberArk – Uses the CyberArk Enterprise Password Vault. See the + [CyberArk Integration](/docs/accessanalyzer/12.0/admin/settings/connection/cyberarkintegration.md) topic for additional + information. The password fields do not apply for CyberArk password storage. + +- Password – Type the password +- Confirm – Re-type the password + +SQL + +For a SQL account, set the following on the User Credentials window: + +- Select Account Type – SQL Authentication +- User name – Enter user name +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) + topic for additional information.) +- Password – Type the password +- Confirm – Re-type the password + +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) and +[Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topics for additional information. + +## Host List + +Jobs using the NoSQL Data Collector must create a host list with the servers containing the target +databases. Setup the list of MongoDB hosts that needs to be monitored. Be sure to use a specific +host name (if forcing the connection to a secondary host) or just the cluster name if connecting to +the cluster. See the [Host Management](/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md) topic for additional +information. + +Additionally, the database clusters / instances must be added to the Filter page in the query +configuration. See the [NoSQL: Filter](/docs/accessanalyzer/12.0/admin/datacollector/nosql/filter.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nosql/criteria.md b/docs/accessanalyzer/12.0/admin/datacollector/nosql/criteria.md new file mode 100644 index 0000000000..5b13e750c6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nosql/criteria.md @@ -0,0 +1,33 @@ +# NoSQL: Criteria + +The Criteria page is where the criteria to be used for discovering sensitive data is configured. It +is a wizard page for the category of Sensitive Data Collection. + +![NoSQL Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/criteria.webp) + +The options on the Criteria page are: + +- Use Global Criteria Selection – Select this option to inherit sensitive data criteria settings + from the **Settings** > **Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for + + - Select All – Click **Select All** to enable all sensitive data criteria for scanning + - Clear All – Click **Clear All** to remove all selections from the table + - Select the checkboxes next to the sensitive data criteria options to enable it to be scanned + for during job execution + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit + user-defined criteria. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. + +**NOTE:** Adding unnecessary criteria can adversely impact the scanner performance and can cause the +scanning job to take a long time. If performance is adversely affected, revisit the sensitive data +scanning criteria and remove criteria that is not required. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nosql/filter.md b/docs/accessanalyzer/12.0/admin/datacollector/nosql/filter.md new file mode 100644 index 0000000000..2e3b1edfcb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nosql/filter.md @@ -0,0 +1,101 @@ +# NoSQL: Filter + +The Filter page is where the query can be scoped to target specific databases or instances. It is a +wizard page for the Sensitive Data Collection category. + +It is necessary to populate the available Mongo databases/instances before the query can be scoped. +See the [Manage Connections Window](#manage-connections-window) topic for additional information. + +![NoSQL Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/filter.webp) + +The Filter page has the following buttons: + +- Connections — Opens the Manage Connections window to add or modify database instances. See the + [Manage Connections Window](#manage-connections-window) topic for additional information. +- Retrieve — Click to populate the Server pane with the database instances added in the Manage + Connections window +- Validate Selections — Validate the include /exclude filters shown in the Selections pane +- Find — Select an item in the Servers list and click find to search for any objects that match the + search string +- Save — Click to save the selected filters +- Orientation — Alternate between a vertical and horizontal split + +The configurable filter options are: + +- Servers — Displays known databases and instances for query scoping. Click **Retrieve** to + populate. Right click to open context menu: + + - Exclude — Excludes selected databases/instances and displays them in red + - Include — Reverts an exclusion. By default, all sub tables are included. + - Build Pattern — Opens the Build Pattern dialogue to build a custom filter to be applied to the + selected database objects. See the [Build or Edit Pattern](#build-or-edit-pattern) topic for + additional information. + +- Selections — Displays selected database objects for which the query has been scoped. Right click + to open context menu: + + - Remove Pattern — Selected database/instance will be removed from the query + - Edit Pattern — Opens the Edit Pattern dialogue with the following options (See the + [Build or Edit Pattern](#build-or-edit-pattern) topic for additional information): + + - Exclude — Excludes selected databases/instances and displays them in red + - Include — Reverts an exclusion. By default, all sub tables are included. + - Pattern — Build a custom filter to be applied to the selected database objects + +## Manage Connections Window + +The Manage Connections window enables users to add MongoDB database instances to search for +sensitive data. Click **Connections** to open the window. + +![Manage Connections window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/manageconnections.webp) + +The Manage Connections table lists the previously added database instances and their attributes. + +Select a row in the table to edit that instance, or create a new instance to add to the table. For +additional information on how to connect to a MongoDB database, see the MongoDB +[Get Connection String](https://docs.mongodb.com/guides/server/drivers/) article. + +- Is Active — Select the checkbox to include the database on the Servers Pane on the Filter page +- Server Label — The name of the server +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the database. The default port is 27017. If a non-default port is + being used, it should be specified in the Port Number section. +- Auth Database — The database used for authorization. Typically it is the **admin** database. +- Read Preference — Read preference describes how MongoDB clients route read operations to the + members of a replica set by default, an application directs its read operations to the primary + member in a replica set (that is, read preference mode **primary**). Howevert, clients can specify + a read preference to send read operations to secondaries. Click the link for additional + information. +- Mongo SRV — Specifies that the information entered is for clusters or shards + +In the Manage Connections table, the following information is also listed: + +- Was Inspected — Indicates whether information for a connection was validated. **Y** indicates the + information has been validated. **N** indicates the information has not been validated. +- Last Inspected — Indicates the date and time of when the connection information was last + inspected. If blank, the connection information has not yet been validated. +- Enable Impersonation – Impersonation does not apply to MongoDB and this column will be blank. + +The Manage Connections window has the following buttons: + +- Test Connection — Click to verify the connection to the database with the connection profile + applied to the job group +- Edit Connection — Click to edit information for the selected connection +- Delete Connection — Click to delete the selected connection +- Create New — Click to create a new connection + +#### Build or Edit Pattern + +The Build / Edit Pattern window enables users to apply a custom scoping filter to the query. + +![Edit Existing Pattern window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/editpattern.webp) + +The Build / Edit Pattern window has the following features: + +- Selected Location — The location within the database / collection +- Exclude — Excludes selected database / instances and displays them in red +- Include — Reverts an exclusion. By default, all sub tables are included. +- Pattern — Build a custom filter to be applied to the selected database objects + + **NOTE:** Color-coding indicating Excluded and Included objects does not display until after a + selection is validated using the **Validate Selections** button on the Filter page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nosql/options.md b/docs/accessanalyzer/12.0/admin/datacollector/nosql/options.md new file mode 100644 index 0000000000..f621f17022 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nosql/options.md @@ -0,0 +1,49 @@ +# NoSQL: Options + +Use the Sensitive Data Scan Settings (Options) page to configure additional settings for the +sensitive data scan. It is a wizard page for the Sensitive Data Collection category. + +![NoSQL Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/options.webp) + +The sensitive data scan settings are: + +Scan Options + +- Data Settings: + + - Scan all documents for sensitive data — Scan all the documents in a collection in the targeted + database or cluster + - Limit of documents to scan — Scan limited number of documents in each database or cluster. + This option is ideal when discovering sensitive data and has minimal impact on the MongoDB + cluster performance. However, if the Subject Profile Request feature is being leveraged, then + all the documents in all the database or cluster need to be scanned. + - Scan documents randomly — Access Analyzer requests a set of documents from each database when + scanning for sensitive data. The database engine does not return random data from a + collection. Instead, Access Analyzer returns sequential documents in a collection. In order to + ensure a statistical discrete uniform distribution of data being scanned, this option can be + selected. When selected, the Access Analyzer sensitive data scanner requests randomized + documents from each collection in all the targeted databases. + +- Scan database names for sensitive data – Scans database names for sensitive data if the database + names are included as part of the keyword list in the scanning criteria +- Scan collection names for sensitive data – Scans collection names within the database for + sensitive data if the collection names are included as part of the keyword list in the scanning + criteria + +DLP Options + +- Store discovered sensitive data – Stores potentially sensitive data in the Access Analyzer + database. Any sampled sensitive data discovered based on the matched criteria is stored in the + Access Analyzer database. This functionality can be disabled by clearing this checkbox. + + **NOTE:** The **Store discovered sensitive data** option is required to view Content Audit + reports in the Access Information Center for MongoDB data. + + **CAUTION:** Changing scan options, criteria, or filters when resuming a scan may prevent the + scan from resuming properly. + +- Resume scan from last point on error — Resumes scan from where the previous scan left off when the + scan was stopped as a result of an error + +_Remember,_ the Sensitive Data Discovery Add-on is required to use the sensitive data collection +option. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nosql/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/nosql/overview.md new file mode 100644 index 0000000000..3edf77eb51 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nosql/overview.md @@ -0,0 +1,52 @@ +# NoSQL Data Collector + +The NoSQL Data Collector for MongoDB provides information on MongoDB Cluster configuration, limited +user permissions, scans collections for sensitive data, and identifies who has access to sensitive +data. It also supports the execution of custom queries against all targeted MongoDB cluster nodes. + +The NoSQL Data Collector has been preconfigured within the MongoDB Solution. Both this data +collector and the solution are available with a special Access Analyzer license. See the +[MongoDB Solution](/docs/accessanalyzer/12.0/solutions/databases/mongodb/overview.md) topic for additional +information. + +Protocols + +- TCP/IP + +Ports + +- MongoDB Cluster +- Default port is 27017 (A custom port can be configured) + +Permissions + +- Read Only access to ALL databases in the MongoDB Cluster including: + + - Admin databases + - Config databases + - Local databases + +- Read Only access to any user databases is required for sensitive data discovery +- Read access to NOSQL instance +- Read access to MongoDB instance +- Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target + NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard + page + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## NoSQL Query Configuration + +The NoSQL Data Collector is configured through the NoSQL Data Collector Wizard. The wizard contains +the following pages, which change based upon the query category selected: + +- [NoSQL: Category](/docs/accessanalyzer/12.0/admin/datacollector/nosql/category.md) +- [NoSQL: Options](/docs/accessanalyzer/12.0/admin/datacollector/nosql/options.md) +- [NoSQL: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/nosql/criteria.md) +- [NoSQL: Filter](/docs/accessanalyzer/12.0/admin/datacollector/nosql/filter.md) +- [NoSQL: Results](/docs/accessanalyzer/12.0/admin/datacollector/nosql/results.md) +- [NoSQL: Summary](/docs/accessanalyzer/12.0/admin/datacollector/nosql/summary.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nosql/results.md b/docs/accessanalyzer/12.0/admin/datacollector/nosql/results.md new file mode 100644 index 0000000000..1feb00ddd8 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nosql/results.md @@ -0,0 +1,10 @@ +# NoSQL: Results + +The Results page is where the properties that will be gathered are selected. It is a wizard page for +all of the categories. + +![NoSQL Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/results.webp) + +Properties can be selected individually, or the **Select All**, **Clear All**, and **Reset to +Defaults** buttons can be used. All selected properties are gathered. Available properties vary +based on the category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/nosql/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/nosql/summary.md new file mode 100644 index 0000000000..22d077524e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/nosql/summary.md @@ -0,0 +1,10 @@ +# NoSQL: Summary + +The Summary page is where the configuration settings are summarized. It is a wizard page for all of +the categories. + +![NoSQL Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the NoSQL Data Collector Wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/overview.md new file mode 100644 index 0000000000..9a295d7c2f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/overview.md @@ -0,0 +1,146 @@ +# Data Collectors + +This topic covers the configuration wizards that are unique to each data collector. See the +[Jobs Tree](/docs/accessanalyzer/12.0/admin/jobs/overview.md) topic for additional information on job configuration. + +## Query Selection + +The Access Analyzer data collectors can collect information from a wide range of environments. Data +collection tasks are assigned to jobs at the **Configure** > **Queries** node level. See the +[Queries Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/queries.md) topic for additional information. + +![Query Selection page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/queryselection.webp) + +The Query Selection page is split into the Tables and Queries sections. The Tables section has the +following options: + +- Table – Select a pre-configured table or select DEFAULT to create a new one +- Add Table – Add a new table to the Table dropdown list +- Rename Table – Rename the current table selected +- Delete Table – Delete the current table selected + +The Queries section is where the Data Collectors are configured. The Queries section has the +following options: + +- Add from Library – Opens the Libraries window. Add a pre-built query from the Access Analyzer + library. See the [Add Query from Library](#add-query-from-library) topic for additional + information. +- Create Query – Click **Create Query** to add a new query task to a job. See the + [Create or Modify a Query](#create-or-modify-a-query) topic for additional information. +- Delete Query – Delete the currently selected query +- Query Properties – Select an existing query and click **Query Properties** to modify its + configuration + +### Add Query from Library + +Pre-built queries can be added to the Data Collector job through the Libraries window. + +![Libraries window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/addqueryfromlibrary.webp) + +The Libraries window toolbar has the following options: + +- Create New Library – Create a new library entry. The new Library will be added to the Library + dropdown menu. +- Delete Library – Deletes the currently selected library +- Cut – Cut the selected task in the library to the clipboard +- Copy – Copy the selected task in the library to the clipboard +- Paste – Paste cut or copied item from the clipboard into the currently selected library +- Delete Selected Task – Deletes the currently selected task + +Click **Add** to confirm the query selection and add it to the Queries list on the Query Selection +page. If no selection is needed or intended, click **Cancel** to close the Libraries window without +adding a pre-built query into the Queries list. + +### Create or Modify a Query + +To open the Query Properties window, click **Create Query** for a new query or **Query Properties** +for an existing query. There are three tabs in the Query Properties window where queries can be +configured. These tabs are:. + +- [General Tab](#general-tab) +- [Data Source Tab](#data-source-tab) +- [Filters Tab](#filters-tab) + +To access the XML Text version of the Query Properties window, click **View XML**. This applies to +all three tabs listed. + +#### General Tab + +Use the General tab to modify the name or description of the query. + +![General tab of the Query Properties window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesgeneral.webp) + +The General tab displays: + +- Name – Name of the query supplied by the creator of the query +- Description – Description of the query supplied by the creator of the query +- Table – Name of the native data table for this query + - The table name is supplied by the creator in the Query Selection view + - Tables are named DEFAULT, unless modified + - Within the SQL database, the table name will be prefaced with `SA_[Job Name]_` +- ID – Query GUID generated by Access Analyzer for this query task. + + - The query GUID is referenced by the **SMARTLog** Data Collector, **ExchangeMetrics** Data + Collector, and the **PowerShell** Data Collector. + - When using the **SMARTLog** Data Collector or the **ExchangeMetrics** Data Collector, the + `state` file for the query’s Persist log state feature can be found in the SA_CommonData + folder in the Access Analyzer installation directory: + + …/STEALTHbits/StealthAUDIT/Jobs/SA_CommonData/[Data Collector]/[Query GUID]/[Target + Host]/state + +When creating a new query, provide a unique, descriptive **Name** and **Description**. This +information displays in the table on the Query Selection view. See the +[Queries Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/queries.md) topic for additional information. + +#### Data Source Tab + +Use the Data Source tab to configure the data collector and query. + +| ![Data Source tab of Query Properties for new Query](/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesdatasourceexisting.webp) | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| New Query | Existing Query | + +The Data Source tab displays: + +- Data Collector – Data collector selected from the drop-down menu. +- Query – Query configuration string. +- Configure – Opens the wizard for the selected data collector. Each Data Collector task has its own + Configuration Wizard. +- Properties – Configured query properties. + +When creating a new query, expand the **Data Collector** drop-down menu, which provides a list of +all licensed data collectors in alphabetical order. The **Query** and **Property** sections are +auto-filled according to the configuration. The buttons at the bottom of the Property section are +for advanced features to manipulate the query. The **+** and **–** buttons manually add or remove +individual properties from the query. The script button opens the VBScript Editor window for query +manipulation scripts. + +**_RECOMMENDED:_** Use the Data Collector Configuration wizards for basic query modifications. For +more complex modifications, contact [Netwrix Support](https://www.netwrix.com/support.html). + +See the individual data collector section for configuration wizard page information. + +#### Filters Tab + +Use the Filters tab to include filters into the data collection process. + +| ![Filters tab of Query Properties window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesdatafilterswithfilter.webp) | +| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| No FIlter | With FIlter | + +The Filter tab has the following items: + +- Filter – Sort through a list of filters that are applied to the current query + - Use the **+** and **–** buttons to add and remove filters from the query +- Key – Labels identifying the configurable value in the filter +- Value – When applicable, add a new value to the filter using the dropdown menu. Otherwise, create + a new one by typing in the desired value. + +**_RECOMMENDED:_** Use the default settings for filters. Filters can be used to substitute or delete +data values during data collection. For more information on the impacts of adding filters to +queries, contact [Netwrix Support](https://www.netwrix.com/support.html). + +Click **OK** to save changes and exist the Query Properties window. If no changes were made or +intended, it is best practice to click **Cancel** to exit the Query Properties window to ensure +unintended changes are not saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/category.md b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/category.md new file mode 100644 index 0000000000..3558bc285e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/category.md @@ -0,0 +1,12 @@ +# PasswordSecurity: Category + +This Category page in the Password Security Data Collection Wizard identifies the kind of password +information retrieved during a scan of the Active Directory. + +![Password Security Data Collection Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/category.webp) + +The Password Security Data Collection contains the following type of scan: + +- WeakPasswordScan – Scans an Active Directory for weak passwords. Returns password information per + the configurable scan options including clear-text passwords. For additional information on scan + options, see the[PasswordSecurity: Options](/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/options.md) topic. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/dictionaries.md b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/dictionaries.md new file mode 100644 index 0000000000..192eb9c5d3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/dictionaries.md @@ -0,0 +1,147 @@ +# PasswordSecurity: Dictionaries + +The Dictionaries page provides configuration settings for storing passwords to be used as a +reference for the scan. + +![Password Security Data Collection Wizard Dictionary options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/dictionaries.webp) + +The configurable dictionary options are: + +- Use Stealthbits dictionary (> 100,000 passwords) – If enabled, compares passwords against + out-of-the-box dictionary comprised of commonly used password hashes +- Automatically update the Stealthbits dictionary – Checks for the latest version of the Netwrix + weak password dictionary file when the job is executed, and downloads the latest version from the + [Netwrix website](https://www.netwrix.com/) + + - If the Access Analyzer server does not have an internet connection, the weak password + dictionary can be downloaded directly from the + [My Products](https://www.netwrix.com/my_products.html) page of the Netwrix website. See the + [Download the Netwrix Weak Password Dictionary](#download-the-netwrix-weak-password-dictionary) + topic for additional information. + +- Update Dictionary – Checks for the latest version of the dictionary file, and updates if necessary +- Add – Add a custom dictionary file in one of the following formats: + + - Plaintext – Line separated in a text file + - NLTM Hashes – Can be added with hashes or sorted hashes. The haveibeenpwned dictionary can be + used. See the + [Download and Configure the Have I Been Pwnd (HIBP) Hash List](#download-and-configure-the-have-i-been-pwnd-hibp-hash-list) + topic for additional information. + + **_RECOMMENDED:_** Use the sorted hash dictionary if adding an NLTM format + +- Remove – Removes a custom dictionary file from the query scope + +## Download the Netwrix Weak Password Dictionary + +**Step 1 –** If the Access Analyzer server does not have an internet connection, the weak passwords +dictionary can be downloaded directly from the +[My Products](https://www.netwrix.com/my_products.html) page of the Netwrix website. + +**Step 2 –** After downloading the dictionary file manually do one the following: + +- If an internet connection exists on the Access Analyzer server: + + - Place the `dictionary.dat` file in the following location: + `%sainstalldir%\Jobs\SA_CommonData\PasswordSecurity\Dictionaries` + - Rename the file to `sadictionary_hashed_sorted.dat` + +- If no internet connection exists on the Access Analyzer server: + + - Copy the file to the Access Analyzer server and put it in a location of your choosing. The + default location is `%sainstalldir%\Jobs\SA_CommonData\PasswordSecurity\Dictionaries` + - Open the PasswordSecurity data collector configuration for the **AD_WeakPasswords** job + - On the Dictionaries page, deselect the **Use STEALTHbits dictionary** checkbox + - On the Dictionaries page, click **Add...** and select the previously downloaded + `dictionary.dat` file + +## Download and Configure the Have I Been Pwnd (HIBP) Hash List + +If you don't have internet access on the Netwrix Access Analyzer (formerly Enterprise Auditor) +server or want to download the files from another location that has internet access, you can do so +by using the Pwnd Passwords Downloader. + +The Pwnd Passwords Downloader is a Dotnet tool used to download all Pwned Passwords hash ranges and +save them offline so they can be used without a dependency on the k-anonymity API. Use this tool to +get the latest breached hashes from the Have I Been Pwnd (HIBP) database. + +**NOTE:** The +[](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader)[Pwnd Passwords Downloader](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader) +is a third party, open source tool, created by the HaveIBeenPwned team and distributed under a BSD +3-Clause License. You might experience issues during the hash download process, depending on your +threading settings or the load on the CloudFlare backend. The Pwnd Passwords Downloader tool will +automatically retry to continue downloading the hashes until it fully completes the download +process. + +### Prerequisites + +The Pwnd Passwords Downloader has the following prerequisite: + +- Install .NET 6 before installing the + [Pwnd Passwords Downloader ](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader)tool. You + can download .NET 6 from Microsoft: + [https://dotnet.microsoft.com/en-us/download/dotnet/6.0](https://dotnet.microsoft.com/en-us/download/dotnet/6.0) + +The HIBP database takes up additional space on the machine where it is copied (approximately 13 GB, +but subject to change). The Have I Been Pwnd database (HIBP) hashes can take up to 30 GB. Make sure +that you have enough free space on your disk in your Netwrix Access Analyzer (formerly Enterprise +Auditor) install directory (`%sainstalldir%`). + +### Install the Pwnd Passwords Downloader + +Follow the steps to install the Pwnd Passwords Downloader. + +**Step 3 –** Open command prompt, and navigate to your .NET install folder (for example, +`C:\Program Files (x86)\dotnet`). + +**Step 4 –** Run the following command: + +``` +dotnet tool install --global haveibeenpwned-downloader +``` + +![hibp_installation_0](/img/product_docs/threatprevention/threatprevention/admin/configuration/hibp_installation_0.webp) + +**Step 5 –** Close the command prompt. + +### Update an Installed Pwnd Passwords Downloader + +Follow the steps to update an installed Pwnd Passwords Downloader. + +**Step 1 –** Open the command prompt. + +**Step 2 –** Run the following command: + +``` +dotnet tool update --global haveibeenpwned-downloader +``` + +![hibp_installation_1](/img/product_docs/threatprevention/threatprevention/admin/configuration/hibp_installation_1.webp) + +### Download NTML Hashes with the Pwnd Passwords Downloader + +Follow the steps to download NTLM hashes. + +**Step 1 –** Navigate to the folder where you want to download the hashes. + +**Step 2 –** Download all NTLM hashes to a single txt file, called for example +`pwnedpasswords_ntlm.txt`. + +Run: + +``` +haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm +``` + +![hibp_installation_3](/img/product_docs/threatprevention/threatprevention/admin/configuration/hibp_installation_3.webp) + +This screenshot shows the completed download. + +**Step 3 –** To overwrite an existing hash list, run: + +``` +haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm -o +``` + +For a complete list of available parameters, please check the +[Pwnd Passwords Downloader GitHub page](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader). diff --git a/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/options.md b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/options.md new file mode 100644 index 0000000000..222dcbe187 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/options.md @@ -0,0 +1,19 @@ +# PasswordSecurity: Options + +The Options page provides format options for returned data. + +![Password Security Data Collection Wizard Scan options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/options.webp) + +The configurable scan options are: + +- Encrypt communications with Active Directory (SSL) – Enables communication to the domain + controller over SSL +- Analyze historical passwords – Scans historical passwords that have been stored in Active + Directory + + **CAUTION:** Enabling the following option will return clear text passwords to be stored in the + Access Analyzer database for the following exceptions: **Clear Text Password**, **Potential + Keytab Password**, and **Weak Password** (when leveraging a plaintext password dictionary). + +- Return cleartext passwords when possible – Returns stored clear-text passwords to the Access + Analyzer database diff --git a/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/overview.md new file mode 100644 index 0000000000..26a6b4ecf7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/overview.md @@ -0,0 +1,41 @@ +# PasswordSecurity Data Collector + +The PasswordSecurity Data Collector compares passwords stored in Active Directory to known, breached +passwords in the Netwrix weak password dictionary or custom dictionaries. The PasswordSecurity Data +Collector also checks for common misconfigurations with passwords in Active Directory. + +The PasswordSecurity Data Collector is a core component of Access Analyzer, but it has been +preconfigured within the Active Directory Solution. While the data collector is available with all +Access Analyzer license options, the Active Directory Solution is only available with a special +Access Analyzer license. See the +[Active Directory Solution](/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md) topic for additional +information. + +Protocols + +- LDAP + +Ports + +- TCP 389/636 + +Permissions + +- At the domain level: + + - Read + - Replicating Directory Changes + - Replicating Directory Changes All + - Replicating Directory Changes in a Filtered Set + - Replication Synchronization + +## PasswordSecurity Query Configuration + +The PasswordSecurity Data Collector is configured through the Password Security Data Collector +Wizard, which contains the following wizard pages: + +- [PasswordSecurity: Category](/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/category.md) +- [PasswordSecurity: Options](/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/options.md) +- [PasswordSecurity: Dictionaries](/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/dictionaries.md) +- [PasswordSecurity: Results](/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/results.md) +- [PasswordSecurity: Summary](/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/summary.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/results.md b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/results.md new file mode 100644 index 0000000000..1395d0840b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/results.md @@ -0,0 +1,8 @@ +# PasswordSecurity: Results + +The Results page is where Active Directory properties to be gathered are selected. + +![Password Security Data Collection Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/results.webp) + +Properties can be selected individually or by using the **Select All** or **Clear All** buttons. All +selected properties are gathered. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/summary.md new file mode 100644 index 0000000000..935dbc3352 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/summary.md @@ -0,0 +1,9 @@ +# PasswordSecurity: Summary + +The Summary page displays a summary of the configured query. + +![Password Security Data Collection Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Active Directory Data Collector Wizard to ensure that no accidental +clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/permissionmatrix.md b/docs/accessanalyzer/12.0/admin/datacollector/permissionmatrix.md new file mode 100644 index 0000000000..5e90991281 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/permissionmatrix.md @@ -0,0 +1,54 @@ +# Permissions by Data Collector (Matrix) + +The Access Analyzer data collectors are capable of collecting information from a variety of sources. +Each data collector requires specific protocols, ports, and permissions for the collection of data +to occur. + +Many data collectors are included as core components. However, some data collectors require specific +license features. The following table provides a quick reference for each data collector. + +| Data Collector | Description | Protocols | Ports Used | Recommended Permissions | +| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| ActiveDirectory _\*requires license_ | The ActiveDirectory Data Collector audits objects published in Active Directory. | - ADSI - LDAP - RPC | - TCP 389/636 - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Domain Administrators group | +| ADActivity _\*requires license_ | The ADActivity Data Collector integrates with the Netwrix Activity Monitor by reading the Active Directory activity log files. | - HTTP - RPC | - TCP 4494 (configurable within the Netwrix Activity Monitor) | - Netwrix Activity Monitor API Access activity data - Netwrix Activity Monitor API Read - Read access to the Netwrix Activity Monitor Log Archive location | +| ADInventory | The ADInventory Data Collector is designed as a highly scalable and useful data collection mechanism to catalogue user, group, and computer object information that can be used by other solutions within Access Analyzer. | - LDAP | - TCP 389 - TCP 135-139 - Randomly allocated high TCP ports | - Read access to directory tree - List Contents & Read Property on the Deleted Objects Container **NOTE:** See the Microsoft [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) article and the Microsoft [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for additional information. | +| ADPermissions _\*requires license_ | The ADPermissions Data Collector collects the advanced security permissions of objects in AD. | - ADSI - LDAP - RPC | - TCP 389 - TCP 135 – 139 - Randomly allocated high TCP ports | - LDAP Read permissions - Read on all AD objects - Read permissions on all AD Objects | +| AWS | The AWS Data Collector collects IAM users, groups, roles, and policies, as well as S3 permissions, content, and sensitive data from the target Amazon Web Services (AWS) accounts. | - HTTPS | - 443 | - To collect details about the AWS Organization, the following permission is required: - organizations:DescribeOrganization - To collect details regarding IAM, the following permissions are required: - iam:GenerateCredentialReport - iam:GenerateServiceLastAccessedDetails - iam:Get\* - iam:List\* - iam:Simulate\* - sts:GetAccessKeyInfo - To collect details related to S3 buckets and objects, the following permissions are required: - s3:Describe\* - s3:Get\* - s3:HeadBucket - s3:List\* | +| AzureADInventory | The AzureADInventory Data Collector catalogs user and group object information from Microsoft Entra ID, formerly Azure Active Directory. This data collector is a core component of Access Analyzer and is preconfigured in the .Entra ID Inventory Solution. | - HTTP - HTTPS - REST | - TCP 80 and 443 | - Microsoft Graph API - Application Permissions: - AuditLog.Read.All – Read all audit log data - Directory.Read.All – Read directory data - Delegated Permissions: - Group.Read.All – Read all groups - User.Read.All – Read all users' full profiles - Access URLs - https://login.windows.net - https://graph.windows.net - https://login.microsoftonline.com - https://graph.microsoft.com - All sub-directories of the access URLs listed | +| Box _\*requires license_ | The Box Data Collector audits access, group membership, and content within a Box enterprise. | - HTTP - HTTPS | - TCP 80 - TCP 443 | - Box Enterprise Administrator | +| CommandLineUtility | The CommandLineUtility Data Collector provides the ability to remotely spawn, execute, and extract data provided by a Microsoft native or third-party command line utility. | - Remote Registry - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the local Administrators group | +| DiskInfo | The DiskInfo Data Collector provides enumeration of disks and their associated properties. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the local Administrators group | +| DNS _\*requires license_ | The DNS Data Collector provides information regarding DNS configuration and records. | - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Domain Administrators group | +| DropboxAccess _\*requires license_ | The DropboxAccess Data Collector audits access, group membership, and content within a Dropbox environment. | - HTTP - HTTPS | - TCP 80 - TCP443 | - Dropbox Team Administrator | +| Entra | The Entra data collector collects Microsoft Entra roles information from the target Microsoft Entra tenant. This data collector is preconfigured in the .Entra ID Inventory solution. | - HTTP - HTTPS - REST | - TCP 80 and 443 | - Microsoft Graph API Application permissions: - RoleManagement.Read.Directory - Resource Manager permissions: - Microsoft.Authorization/roleAssignments/read - Microsoft.Authorization/roleDefinitions/read - Microsoft.Resources/resources/read - Microsoft.Resources/subscriptions/read - Microsoft.Resources/subscriptions/resources/read - Microsoft.Resources/subscriptions/resourceGroups/read - Microsoft.Authorization/providerOperations/read - Microsoft.Management/managementGroups/read | +| EventLog | The EventLog Data Collector provides search and extraction of details from event logs on target systems. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the Local Administrators group - Member of the Domain Administrators group (if targeting domain controllers) | +| EWSMailbox _\*requires license_ | The EWSMailbox Data Collector provides configuration options to scan mailbox contents, permissions, and sensitive data, and is preconfigured within the Exchange Solution. | - HTTPS - ADSI - LDAP | - TCP 389 - TCP 443 | For Exchange servers: - Exchange Admin Role - Discovery Management Role - Application Impersonation Role - Exchange Online License For Exchange Online: - Exchange Admin Role - Discovery Management Role - Exchange Online License | +| EWSPublicFolder _\*requires license_ | The EWSPublicFolder Data Collector provides configuration options to extract public folder contents, permissions, and sensitive data, and is preconfigured within the Exchange Solution. | - HTTPS - ADSI - LDAP | - TCP 389 - TCP 443 | For Exchange servers: - Exchange Admin Role - Discovery Management Role - Application Impersonation Role - Exchange Online License with a mailbox For Exchange Online: - Exchange Admin Role - Discovery Management Role - Exchange Online License with a mailbox | +| Exchange2K _\*requires license_ | The Exchange2K Data Collector extracts configuration details from Exchange organizations for versions 2003 and later. | - LDAP - MAPI - PowerShell - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports - TCP 389 - Optional TCP 445 | - Member of the Exchange Administrator group - Domain Admin for AD property collection - Public Folder Management | +| ExchangeMailbox _\*requires license_ | The ExchangeMailbox Data Collector extracts configuration details from the Exchange Store to provide statistical, content, permission, and sensitive data reporting on mailboxes. | - MAPI - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Exchange Administrator group - Organization Management - Discovery Management | +| ExchangeMetrics _\*requires license_ | The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking Logs on the Exchange servers. Some examples of this include server volume and message size statistics. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the local Administrator group on the targeted Exchange server(s) | +| ExchangePS _\*requires license_ | The ExchangePS Data Collector utilizes the Exchange CMDlets to return information about the Exchange environment utilizing PowerShell. This data collector has been designed to work with Exchange 2010 and newer. | - PowerShell | - TCP 135 - Randomly allocated high TCP ports | For Exchange servers: - Remote PowerShell enabled on a single Exchange server - Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server where Remote PowerShell has been enabled - View-Only Organization Management Role Group - Discovery Search Management Role Group - Public Folder Management Role Group - Mailbox Search Role For Exchange Online: - Discovery Management Role - Organization Management Role | +| ExchangePublicFolder _\*requires license_ | The ExchangePublicFolder Data Collector audits an Exchange Public Folder, including contents, permissions, ownership, and replicas. | - MAPI - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Exchange Administrator group - Organization Management | +| File | The File Data Collector provides file and folder enumeration, properties, and permissions. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports - Optional TCP 445 | - Member of the Local Administrators group | +| FileSystemAccess (FSAA) _\*requires license_ | The FileSystemAccess (FSAA) Data Collector collects permissions, content, and activity, and sensitive data information for Windows and NAS file systems. | - Remote Registry - WMI | - Ports vary based on the Scan Mode Option selected. See the [File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic for additional information. | - Permissions vary based on the Scan Mode Option selected. See the [File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) topic for additional information. | +| GroupPolicy | The GroupPolicy Data Collector provides the ability to retrieve the GPO’s list in the domain and where they are linked, return information on configured policies and policy parts from the individual policies that have been selected, return information on selected policy parts from all policies within the domain, and return effective security policies in effect at the individual workstation. | - LDAP - RPC | - TCP 389 - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the Local Administrators group | +| INIFile | The INIFile Data Collector provides options to configure a task to collect information about log entries on target hosts. | - RPC | - TCP 135-139 - Randomly allocated high TCP ports - Optional TCP 445 | - Member of the Local Administrators group | +| LDAP | The LDAP Data Collector uses LDAP to query Active Directory returning the specified objects and attributes. | - LDAP | - TCP 389 | - Member of the Domain Administrators group | +| NIS | The NIS Data Collector inventories a NIS domain for user and group information, mapping to Windows-style SIDs. | - NIS | - TCP 111 or UDP 111 - Randomly allocated high TCP ports | - No special permissions are needed aside from access to a NIS server | +| NoSQL | The NoSQL Data Collector for MongoDB provides information on MongoDB Cluster configuration, limited user permissions, scans collections for sensitive data, and identifies who has access to sensitive data. | - TCP/IP | - MongoDB Cluster - Default port is 27017 (A custom port can be configured) | - Read Only access to ALL databases in the MongoDB Cluster including: - Admin databases - Config databases - Local databases - Read Only access to any user databases is required for sensitive data discovery - Read access to NOSQL instance - Read access to MongoDB instance - Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard page | +| ODBC | Queries ODBC compliant databases for tables and table properties | - OCBC | - TCP 1433 | - Database Read access | +| PasswordSecurity | The PasswordSecurity Data Collector compares passwords stored in Active Directory to known, breached passwords in the Netwrix weak password dictionary or custom dictionaries. The PasswordSecurity Data Collector also checks for common misconfigurations with passwords in Active Directory. | - LDAP | - TCP 389/636 | - At the domain level: - Read - Replicating Directory Changes - Replicating Directory Changes All - Replicating Directory Changes in a Filtered Set - Replication Synchronization | +| PatchCheck | Provides patch verification and optional automatic bulletin downloads from Microsoft | - HTTP - ICMP - RPC | - TCP 135-139 - Randomly allocated high TCP ports - TCP 80 - TCP 7 | - Member of the Local Administrators group | +| Perfmon | Provides performance monitor counter data samples | - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | +| PowerShell | The PowerShell Data Collector provides PowerShell script exit from Access Analyzer. | - PowerShell | - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the Local Administrators group | +| Registry | The Registry Data Collector queries the registry and returns keys, key values, and permissions on the keys. | - Remote Registry - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | +| Script | The Script Data Collector provides VB Script exit from Access Analyzer. | - VB Script | - Randomly allocated high TCP ports | - Member of the Local Administrators group - Member of the Domain Administrators group (if targeting domain controllers) | +| Services | The Services Data Collector enumerates status and settings from remote services. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | +| SharePointAccess (SPAA) _\*requires license_ | The SharePointAccess (SPAA) Data Collector audits access, group membership, and content within a SharePoint on-premises and SharePoint Online environment. The SPAA Data Collector has been preconfigured within the SharePoint Solution. | - MS SQL - Remote Registry - SP CSOM (Web Services via HTTP & HTTPS) - SP Server API - WCF AUTH via TCP (configurable) | - Ports vary based on the Scan Mode selected and target environment. See the [SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) topic for additional information. | - Permissions vary based on the Scan Mode selected and target environment. See the [SharePoint Support](/docs/accessanalyzer/12.0/requirements/target/sharepoint.md) topic for additional information. | +| SMARTLog | The SMARTLog Data Collector provides search and extraction of details from Windows Event Logs (online or offline) and Microsoft Exchange Internet Information Server (IIS) logs. | - Log - Remote Event - RPC | - TCP 135 - TCP 445 - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the local Administrators group | +| SQL _\*requires license_ | The SQL Data Collector provides information on database configuration, permissions, data extraction, application name of the application responsible for activity events, an IP Address or Host name of the client server, and sensitive data reports. This data collector also provides information on Oracle databases including infrastructure and operations. | TCP | For Db2 Target: - Specified by Instances table (default is 5000) For MySQL Target: - Specified by Instances table (default is 3306) For Oracle Target: - Specified by Instances table (default is 1521) For PostgreSQL Target: - Specified by Instances table (default is 5432) For SQL Target: - Specified by Instances table (default is 1433) | For MySQL Target: - Read access to MySQL instance to include all databases contained within each instance - Windows Only — Domain Admin or Local Admin privilege For Oracle Target: - User with SYSDBA role - Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or Unix operating systems For PostgreSQL Target: - Read access to all the databases in PostgreSQL cluster or instance - Windows Only — Domain Admin or Local Admin privilege For Redshift Target: - Read-access to the following tables: - pg_tables - pg_user For SQL Target: - For Instance Discovery, local rights on the target SQL Servers: - Local group membership to Remote Management Users - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` - For permissions for data collection: - Read access to SQL instance - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the target SQL instance(s) when using the **Scan full rows for sensitive data** option on the Options wizard page - Grant Authenticate Server to [DOMAIN\USER] - Grant Connect SQL to [DOMAIN\USER] - Grant View any database to [DOMAIN\USER] - Grant View any definition to [DOMAIN\USER] - Grant View server state to [DOMAIN\USER] - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) | +| SystemInfo | The SystemInfo Data Collector extracts information from the target system based on the selected category. | - Remote Registry - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | +| TextSearch | The TextSearch Data Collector enables searches through text based log files. | - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | +| Unix _\*requires license_ | The Unix Data collector provides host inventory, software inventory, and logical volume inventory on UNIX & Linux platforms. | - SSH | - TCP 22 - User configurable | - Root permissions in Unix/Linux | +| UserGroups _\*requires license_ | The UsersGroups Data Collector audits user and group accounts for both local and domain, extracting system policies. | - RPC - SMBV2 - WMI | - TCP 135-139 - Randomly allocated high TCP ports - 445 | - Member of the Local Administrators group - If a less-privileged option is required, you can use a regular domain user that has been added to the **Network access: Restrict clients allowed to make remote calls to SAM** Local Security Policy - Member of the Domain Administrators group (if targeting domain controllers) | +| WMICollector | The WMICollector Data Collector identifies data for certain types of WMI classes and namespaces. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | diff --git a/docs/accessanalyzer/12.0/admin/datacollector/powershell/editquery.md b/docs/accessanalyzer/12.0/admin/datacollector/powershell/editquery.md new file mode 100644 index 0000000000..8e2c7202a5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/powershell/editquery.md @@ -0,0 +1,76 @@ +# PowerShell: Edit Query + +The Edit Query page provides a screen to edit the query to execute. Users can import PowerShell +script as well as use an input table to create and edit the PowerShell script. + +![PowerShell Data Collector Wizard Edit Query page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editquery.webp) + +The options on the Edit Query page are: + +- Open – Click to import and open a PowerShell script +- Script Editor – Input PowerShell script to use for the configured job +- Parameters – The Parameters tab located on the right-hand side of the Edit Query page is used to + bring up the Parameters window. See the [Parameters](#parameters) topic for additional + information. +- Use table input for PowerShell script – select the checkbox to bring up the Input options for the + PowerShell script. See the [Input Options](#input-options) topic for additional information. + +## Parameters + +Add, edit, and delete parameters for the PowerShell data collector using the Parameters window. + +![Parameters Window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryparameters.webp) + +The options in the Parameters Window are: + +- Add – Add a parameter by opening the Add/Edit Variable Window. See the + [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. +- Edit – Edit the selected parameter by opening the Add/Edit Variable Window. See the + [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. +- Delete – Delete a parameter + +**NOTE:** Only user created parameters can be edited or deleted. Pre-configured parameters cannot be +edited or deleted. + +### Add/Edit Variable Window + +Use the Add/Edit Variable Window to add and edit parameters for the PowerShell Data Collector. + +![Add/Edit Variable Window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryvariable.webp) + +The options in the Add/Edit Variable window are: + +- Name – Enter or edit the name for the custom parameter +- Description – (Optional) Enter or edit the description for the custom parameter +- Type – Select the Type from the dropdown list. The options are: + + - String + - List + - Filepath + - Boolean + - Long + - Double + +- Value – Enter or edit the value for the custom parameter + +## Input Options + +When the Use table input for PowerShell script option is selected on the Edit Query page, additional +options display to define the source for input data. + +![Edit Query page input options](/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryinput.webp) + +The input options are: + +- Please select name – Select the input table to be used from the drop-down menu +- Filter nulls – Excludes values that are null from input +- Filter duplicates – Excludes any values that are duplicate from input +- Text Box – Displays an example of how the input can be used in a PowerShell script +- Columns – Displays the columns in the selected input table. If applicable, select the checkbox to + include the column in the input. +- Input Data – Preview how the input data will look in the Input Data tab + +![Text Box and the Columns tab populated with information](/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryinputtable.webp) + +Selecting an input table in the **Please select name** dropdown populates the Text Box and the +Columns tab with information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/powershell/options.md b/docs/accessanalyzer/12.0/admin/datacollector/powershell/options.md new file mode 100644 index 0000000000..ed35a3dcfb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/powershell/options.md @@ -0,0 +1,16 @@ +# PowerShell: Options + +The Options page provides the option to execute the script remotely on the target host. + +![PowerShell Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/options.webp) + +The configurable options are: + +- Execute remotely – Remotely executes the script on the target host. If this checkbox is not + selected, the script will be executed from the Access Analyzer Console server. +- Use impersonation within server executable – Executes the script with the job credentials + +For cmdlets requiring explicit credentials, a single credential set from the job's Connection +Profile can be referenced using `Get-Credential` or the `$JobCredential` variable, a `PSCredential` +type object. All credentials from the job’s Connection Profile may be accessed via the +`$JobCredentials` array. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md new file mode 100644 index 0000000000..39c9b081da --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md @@ -0,0 +1,35 @@ +# PowerShell Data Collector + +The PowerShell Data Collector provides PowerShell script exit from Access Analyzer. It has +configuration options for creating and configuring a PowerShell query. This data collector is a core +component of Access Analyzer and is available with all Access Analyzer licenses. + +Protocols + +- PowerShell + +Ports + +- Randomly allocated high TCP ports + +Permissions + +- Member of the Domain Administrators group (if targeting domain controllers) +- Member of the Local Administrators group + +## PowerShell Query Configuration + +The PowerShell Data Collector is configured through the PowerShell Data Collector Wizard, which +contains the following pages: + +- Welcome +- [PowerShell: Edit Query](/docs/accessanalyzer/12.0/admin/datacollector/powershell/editquery.md) +- [PowerShell: Options](/docs/accessanalyzer/12.0/admin/datacollector/powershell/options.md) +- [PowerShell: Sample Server](/docs/accessanalyzer/12.0/admin/datacollector/powershell/sampleserver.md) +- [PowerShell: Results](/docs/accessanalyzer/12.0/admin/datacollector/powershell/results.md) +- [PowerShell: Summary](/docs/accessanalyzer/12.0/admin/datacollector/powershell/summary.md) + +![PowerShell Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/welcome.webp) + +The Welcome page can be hidden by checking the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/powershell/results.md b/docs/accessanalyzer/12.0/admin/datacollector/powershell/results.md new file mode 100644 index 0000000000..14ab356ffb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/powershell/results.md @@ -0,0 +1,11 @@ +# PowerShell: Results + +The Results page provides configuration settings for the Properties to return and ROWKEY's +components. + +![PowerShell Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/results.webp) + +The Results page options are: + +- Properties to return – List of available properties which can be gathered for the PowerShell query +- ROWKEY's components – List of available properties based on which ROWKEY will be built diff --git a/docs/accessanalyzer/12.0/admin/datacollector/powershell/sampleserver.md b/docs/accessanalyzer/12.0/admin/datacollector/powershell/sampleserver.md new file mode 100644 index 0000000000..f4213953d9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/powershell/sampleserver.md @@ -0,0 +1,16 @@ +# PowerShell: Sample Server + +The Sample Server page provides a box to select a server to generate the result columns. + +![PowerShell Data Collector Wizard Select Server page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/selectserver.webp) + +The Select Server page options are: + +- Server name – Server to be used during configuration +- Validate – Validates the script results and retrieves result columns. Validation must be run in + order to populate and enable the Results page. + +The server selected here replaces any `[SAHOSTNAME]` tokens in the PowerShell script. During +execution, the `[SAHOSTNAME]` tokens are replaced in turn by each host in the host list. If no +`[SAHOSTHAME]` tokens exist in the PowerShell script, then the server name and the hosts in the host +list have no effect. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/powershell/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/powershell/summary.md new file mode 100644 index 0000000000..1497478ca6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/powershell/summary.md @@ -0,0 +1,10 @@ +# PowerShell: Summary + +The Summary page summarizes the selected configurations from the previous pages in the PowerShell +Data Collector Wizard. + +![PowerShell Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the PowerShell Data Collector Wizard ensuring that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/registry.md b/docs/accessanalyzer/12.0/admin/datacollector/registry.md new file mode 100644 index 0000000000..0f50ad3367 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/registry.md @@ -0,0 +1,75 @@ +# Registry Data Collector + +The Registry Data Collector queries the registry and returns keys, key values, and permissions on +the keys. The data in the native tables returned by the Registry Data Collector is dependent upon +the query configuration. For example, a query could be configured to only show permissions on +registry keys in a 32-bit view. Another query could be configured to show a listing of all keys and +key values in a 64-bit view. Wildcards can also be used in query configurations. + +The Registry Data Collector is a core component of Access Analyzer, but it has been preconfigured +within both the Active Directory Solution and the Windows Solution. While the data collector is +available with all Access Analyzer license options, these solutions are only available with a +special Access Analyzer licenses. See the following topics for additional information: + +- [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md) +- [Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) + +Protocols + +- Remote Registry +- RPC + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group + +## Registry Query Configuration + +The Registry Data Collector is configured through the Registry Browser window. + +![Registry Browser window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/browser.webp) + +The configurable options are: + +- Sample Host – The host to connect to. If this box is left blank, the connection is to the local + host. +- 64-bit view – The default view is 32-bit. Select the **64-bit view** checkbox to switch to a + 64-bit view. +- Connect – Connect to host’s registry. If no host is specified in the Sample Host box, the + connection is to the local host’s registry. +- Query 32-bit view – Select this checkbox to query the 32-bit view of the registry +- Query 64-bit view – Select this checkbox to query the 64-bit view of the registry +- Name – The key value. Key values can be added to the Selected Properties list by pressing the + **ctrl** key, selecting the keys to add, and then clicking the **Add currently selected value** + button. +- Type – The key value type +- Data – The key value path +- Root Path – The path to the selected key +- Enumerate child nodes – Select this checkbox to do a recursive search of all child nodes + +The button bar provides additional options for selecting keys. See the [Button Bar](#button-bar) +topic for additional information. + +### Button Bar + +The button bar is located right above the Selected Properties window. The button bar enables users +to do the following: + +![Button Bar](/img/product_docs/accessanalyzer/12.0/admin/datacollector/buttonbar.webp) + +| Icon | Name | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------- | +| ![Select all peer keys for this node](/img/product_docs/accessanalyzer/12.0/admin/datacollector/selectall.webp) | Select all peer keys for this node | +| ![Add name of currently selected key](/img/product_docs/accessanalyzer/12.0/admin/datacollector/addname.webp) | Add name of currently selected key | +| ![Add full path of the currently selected key](/img/product_docs/accessanalyzer/12.0/admin/datacollector/addpath.webp) | Add full path of the currently selected key | +| ![Add last write date/time of currently selected key](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adddatetime.webp) | Add last write date/time of currently selected key | +| ![Add security properties for selected key](/img/product_docs/accessanalyzer/12.0/admin/datacollector/addproperties.webp) | Add security properties for selected key | +| ![Enumerate all values for this key](/img/product_docs/accessanalyzer/12.0/admin/datacollector/enumeratevalues.webp) | Enumerate all values for this key | +| ![Add currently selected value](/img/product_docs/accessanalyzer/12.0/admin/datacollector/addvalue.webp) | Add currently selected value | +| ![Delete properties from selection](/img/product_docs/accessanalyzer/12.0/admin/datacollector/delete.webp) | Delete properties from selection | +| ![Go to selected key](/img/product_docs/accessanalyzer/12.0/admin/datacollector/goto.webp) | Go to selected key | diff --git a/docs/accessanalyzer/12.0/admin/datacollector/script/add.md b/docs/accessanalyzer/12.0/admin/datacollector/script/add.md new file mode 100644 index 0000000000..975e2b8c2b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/script/add.md @@ -0,0 +1,20 @@ +# Add a Script to an Existing Query + +The Query Properties window provides the ability to add a script to an existing query. Typically, a +script is used to augment a query providing services such as conversion of returned data. + +Follow the steps to add a script. + +**Step 1 –** Navigate to the job's **Configure** node and select **Queries**. + +**Step 2 –** Click **Create Query** to open the Query Properties window. + +**Step 3 –** Select the **Data Source** tab and select the desired data collector in the Data +Collector drop-down menu. + +![Query Properties window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/querypropertiesexisting.webp) + +**Step 4 –** Click the **Browse Data Source** button to open the VBScript Editor page and add the +script to run after data collection. + +See the [VBScript Editor](/docs/accessanalyzer/12.0/admin/datacollector/script/editor.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/script/editor.md b/docs/accessanalyzer/12.0/admin/datacollector/script/editor.md new file mode 100644 index 0000000000..a575344d0b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/script/editor.md @@ -0,0 +1,28 @@ +# VBScript Editor + +The VBScript Editor window provides the means to add a script. The window is ideal for editing small +scripts and for pasting larger scripts from external scripting tools. + +![VBScript Editor window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/vbscripteditor.webp) + +The options in the VBScript Editor are: + +- Save and Close – Use this option to save the script and close the window +- Syntax Check – Use this option to check the syntax of your script. This does not identify logic + errors, only cases where the script syntax is incorrect. It helps reduce the overhead of debugging + a script. When selected, a Script Errors window opens and a syntax check is performed. Any + syntactical errors are displayed within the window. +- Load from file – Use this option to load a VB script from a .vbs file +- Save to file – Use this option to save the current script in the Editor +- Undo – Undo previous changes made to the script (Shortcut is Ctrl+Z) +- Redo – Redo previous changes made to the script (Shortcut is Shift+Ctrl+Z) +- Cut – Cut the highlighted text +- Copy – Copy the highlighted text +- Paste – Paste cut or copied text into the VB Script Editor +- Online VBScript Language Reference – Opens internet browser to the Microsoft Technical + Documentation website from where documentation for Visual Basic Script can be navigated to + +After adding or modifying a script, click **Save and close**. + +See the [Script Example 1: Conversion of Data](/docs/accessanalyzer/12.0/admin/datacollector/script/example1.md) and +[Script Example 2: Command Query](/docs/accessanalyzer/12.0/admin/datacollector/script/example2.md) topics for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/script/example1.md b/docs/accessanalyzer/12.0/admin/datacollector/script/example1.md new file mode 100644 index 0000000000..5d721f0bd7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/script/example1.md @@ -0,0 +1,60 @@ +# Script Example 1: Conversion of Data + +This script example demonstrates how to perform a query and modify returned data. The script +provides the data collector with the information that would have been provided if the user interface +had been used to design the query. However, in this case it is all done through script. The data +collector returns a value that is then converted and stored by Access Analyzer. + +This script starts by defining a query using the Perfmon Data Collector. Notice that the +**WorkingQuery** object is used, not the Query object. This is done to preserve the Query object, +since the Query object will be used to store the results that are different from what the data +collector is providing. + +The script then issues the query by calling `WorkingQuery.Execute`. When the query completes, +**WorkingQuery** is set to view the first row of results by setting the **ResultRow** property. The +value within the **System Up Time** property is then transferred into the `REMAINDER` variable so +that it can be more easily manipulated. + +The script then takes the value of `REMAINDER`, which is in seconds, and converts it to days, hours, +minutes, and seconds. These values are then recorded in the Query object so that Access Analyzer can +store this data. + +**NOTE:** In this task, the hours, minutes, and seconds properties were specified manually using the +task dialog. See the [Script Properties](/docs/accessanalyzer/12.0/admin/datacollector/script/properties.md) topic for additional information. + +## Example of Conversion of Data Script + +The conversation of data script example is: + +``` +Sub Task() +Dim DAYS +Dim HRS +Dim MINS +Dim SECS +Dim REMAINDER  +WorkingQuery.Host=Query.Host +WorkingQuery.Source="Perfmon" +WorkingQuery.Paths=1 +WorkingQuery.Path(0)="System\System Up Time" +WorkingQuery.AddProperty  "NAME=System Up Time,DATATYPE=NUMERIC,VALUE=,COLUMN=UPTIME" +WorkingQuery.Execute +WorkingQuery.ResultRow=0 +REMAINDER=WorkingQuery.ResultData("System Up Time")  +Query.ResultRows=1 +Query.ResultRow=0  +'Calculate days/hrs/mins/secs +DAYS=INT(REMAINDER/86400) +REMAINDER=REMAINDER-(DAYS*86400) +HRS=INT(REMAINDER/3600) +REMAINDER=REMAINDER-(HRS*3600) +MINS=INT(REMAINDER/60) +SECS=INT(REMAINDER-(MINS*60))  +Query.ResultData("SecondsElapsed")=INT(WorkingQuery.ResultData("System Up Time")) +Query.ResultData("Days")=DAYS +Query.ResultData("Hrs")=HRS +Query.ResultData("Mins")=MINS +Query.ResultData("Secs")=SECS +End Sub + +``` diff --git a/docs/accessanalyzer/12.0/data-collection/script/example-2.md b/docs/accessanalyzer/12.0/admin/datacollector/script/example2.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/script/example-2.md rename to docs/accessanalyzer/12.0/admin/datacollector/script/example2.md diff --git a/docs/accessanalyzer/12.0/data-collection/script/methods-properties.md b/docs/accessanalyzer/12.0/admin/datacollector/script/methodsproperties.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/script/methods-properties.md rename to docs/accessanalyzer/12.0/admin/datacollector/script/methodsproperties.md diff --git a/docs/accessanalyzer/12.0/admin/datacollector/script/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/script/overview.md new file mode 100644 index 0000000000..3f1b2218d6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/script/overview.md @@ -0,0 +1,34 @@ +# Script Data Collector + +The Script Data Collector provides VB Script exit from Access Analyzer. Static queries are sometimes +inadequate for demanding auditing tasks. The Script Data Collector provides a means to add a custom +script to a query. Access Analyzer implements Microsoft Visual Basic Script (VB Script) with +extensions that provide script writers the ability to interface directly with Access Analyzer. + +The following examples describe situations where using a script may be useful: + +- Conversions – One of the most frequent uses of a scriptis for converting a value from one thing to + another, for example `build1230` to `at risk`. See the + [Script Example 1: Conversion of Data](/docs/accessanalyzer/12.0/admin/datacollector/script/example1.md) topic for additional information. +- Compound Queries – This is a query that cannot be performed using a single query. See the + [Script Example 2: Command Query](/docs/accessanalyzer/12.0/admin/datacollector/script/example2.md) topic for additional information. +- Interfacing with External Systems – This is a query that requires access to external data. For + example, the query needs to access a corporate database to obtain a location code. + +The Script Data Collector is a core component of Access Analyzer, but it has been preconfigured +within the Windows Solution. While the data collector is available with all Access Analyzer license +options, the Windows Solution is only available with a special Access Analyzer license. See the +[Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information. + +Protocols + +- VB Script + +Ports + +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group +- Member of the Domain Administrators group (if targeting domain controllers) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/script/properties.md b/docs/accessanalyzer/12.0/admin/datacollector/script/properties.md new file mode 100644 index 0000000000..b83fa9f784 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/script/properties.md @@ -0,0 +1,58 @@ +# Script Properties + +The Data Source tab is used to select the data collector to be used. The configurable options are: + +- Source – Used to select data collector +- Path – Displays the returned path from the data collector + + **CAUTION:** Editing the path is considered an advanced operation. Entering an incorrect value + may render the query inoperable. + + - The path is used to identify the selection from within the data collector. The path + essentially tells the data collector where the data is and depending on the data collector, + may define selected options. It is sometimes convenient to edit the path manually. + - For example: If defining a file system query using the File System Data Collector, the path + would automatically be filled in with the selected details. A minor change like changing the + file location can be done manually by editing the path. + +- Properties – As the Path is used to define where the target data is, the properties are used to + define what data is desired. Each property has a series of attributes including: + + - Name – Identifies the target data. Modifying this affects what data the data collector + returns. + - Column – Specifies the column name within the result data. Use this to specify the column name + that will be used within the report output. This is set by default to match the **Name** + attribute. + - DataType – Used to determine the format of the data for reporting purposes. It affects sorting + order and the ability to graph content. In some cases, the data collector is unable to + determine the correct data type for the returned data. + + **CAUTION:** Setting this value manually to an incorrect data type may render your results + invalid and inaccessible by Access Analyzer. + + - For example: Querying the registry for a value stored as **REG_SZ** returns a string, as + **REG_SZ** is a string type in the registry. However, sometimes numbers are recorded in + **REG_SZ** entries. If you determine that the content returned could always be interpreted as + numeric, you could override the default `STRING` value and set it to `NUMERIC`. This provides + proper sorting and charting ability. + +- Size – Used to determine the width of the field used to hold String data. Setting the size smaller + than the actual returned data will cause Access Analyzer to truncate the data in the view. + However, the actual stored data in the result table will contain the full result. +- Value – Reserved for internal use +- Key – Used to identify a key property. A key property is used to identify the property that + contains a unique value for enumerated tasks. A Key value is required for Change Detection and + Conformance Management on enumerated tasks. To identify a property that uniquely identifies each + row, set the Key attribute to `YES`. + +## Adding and Removing Properties Manually + +Although the property list is automatically populated by the data collectors, additional properties +may be added manually. Doing so allocates storage within Access Analyzer during data collection and +creates corresponding columns in the output table. Use a script to reference and populate these +properties. + +![Properties on the Query Properties window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/properties.webp) + +To add properties manually, click the plus (**+**) button at the bottom of the property window. To +remove properties, click the minus (-) button. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/script/reference.md b/docs/accessanalyzer/12.0/admin/datacollector/script/reference.md new file mode 100644 index 0000000000..b2b2522af1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/script/reference.md @@ -0,0 +1,20 @@ +# Script Reference + +Access Analyzer provides extensions to standard Visual Basic Script. These extensions allow access +to and manipulation of task data, in addition to invoking queries. They are implemented through two +objects. + +Query Object + +The Query object provides access to the current query configuration and data. Use this to examine +the results of a query or to manipulate the query before it is executed. Changing properties of this +object will change the way the task is executed by Access Analyzer. + +Working Query Object + +The Working Query object is identical to the Query object. This object supports the same methods and +properties as the Query object but its properties and methods do not access the current query. Think +of this object as allowing the ability to create a task on the fly. Use this object to perform +queries, while leaving the original task undisturbed. This is valuable when performing compound +queries isneeded. See the [Script Example 2: Command Query](/docs/accessanalyzer/12.0/admin/datacollector/script/example2.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/script/run.md b/docs/accessanalyzer/12.0/admin/datacollector/script/run.md new file mode 100644 index 0000000000..5e59e7f337 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/script/run.md @@ -0,0 +1,20 @@ +# Run a Stand-Alone Script + +Some situations require a script to be used exclusively without defining a data source. The Query +Properties window provides the ability to add and run a script. + +Follow the steps to add a script. + +**Step 1 –** Go to the job's **Configure** node and select **Queries**. + +**Step 2 –** Click **Create Query** to open the Query Properties window. + +**Step 3 –** Select the **Data Source** tab, and select **SCRIPT** in the Data Collector drop-down +menu. + +![Query Properties window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/querypropertiesstandalone.webp) + +**Step 4 –** Click **Configure** or the **Browse Data Source** button to open the VBScript Editor +page and add the script to run. + +See the [VBScript Editor](/docs/accessanalyzer/12.0/admin/datacollector/script/editor.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/services.md b/docs/accessanalyzer/12.0/admin/datacollector/services.md new file mode 100644 index 0000000000..3dd5bf71e3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/services.md @@ -0,0 +1,40 @@ +# Services Data Collector + +The Services Data Collector enumerates status and settings from remote services. The Services Data +Collector is a core component of Access Analyzer, but it has been preconfigured within the Windows +Solution. While the data collector is available with all Access Analyzer license options, the +Windows Solution is only available with a special Access Analyzer license. See the +[Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group + +## Services Query Configuration + +The Services Data Collector is configured through the Service Browser window. + +![Service Browser window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/servicebrowser.webp) + +- Host – Enter a sample host which contains all of the services desired for the query +- All Services – Select this option to build the query to extract information from all services on + the target host +- Specific Services – Select this option to build the query to extract information from specific + services on the target host. Select the checkboxes next to the desired services for the query + after clicking **Connect**. +- Connect – Click **Connect** to connect to the host and display a list of all services found +- Available Properties – Select the properties to be returned + +**NOTE:** In cases where the query does not find the selected services on the target host, the +`InternalName` column that is returned reflects the `DisplayName` column and no other values are +retrieved. If the services are found on the host, the `DisplayName` value in the table is resolved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/collectionmethod.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/collectionmethod.md new file mode 100644 index 0000000000..276fd60f82 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/collectionmethod.md @@ -0,0 +1,28 @@ +# SMARTLog: Collection Method + +The Collection Method page is used to select the collection method employed by the data collector. +It is a wizard page for all log types. + +![SMART Log DC Wizard Collection Method page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/collectionmethod.webp) + +Select the collection method from the following options to set how the collection routine is +executed to collect the data from the target. + +- Using network query – Connects to the target log over the network via RPC and reads events +- Using server side applet – Deploys a remote executable to the target host and then runs as a + process on the target host. It connects to the log, retrieves information, and returns it to the + Access Analyzer Console. + + **NOTE:** The applet cannot be used to target the local host. + +- Copy the log locally and process (Not available for all query scenarios) – Extract events from an + offline log by moving the log to the Access Analyzer Console and having it processed on the local + host instead of the target host. In order to use this option, the log type selected for the query + must be **Windows Event Log (Archived)**. + +The Applet Options section is only visible when the **Using server side applet** collection method +is selected. + +- Connection retries count – The number of times to retry a failed connection. The default is 15. +- Retry delay (ms) – The time between retries of a failed connection. The default is 5000 + milliseconds (5 seconds). diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteria.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteria.md new file mode 100644 index 0000000000..7f85211b82 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteria.md @@ -0,0 +1,41 @@ +# SMARTLog: Criteria + +The Criteria page is used to specify the search criteria. A test query can be run with the sample +host entered on the Sample Host page to confirm the results that will be returned by the query. It +is a wizard page for all log types. + +![SMART Log DC Wizard Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteria.webp) + +The **Limit number of records to** setting has a default of `1000`. + +Follow the steps to configure the search criteria. + +![Filter button on Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteriafilter.webp) + +**Step 1 –** Click **Filter** to add a condition or a group to the root of the query. + +- Click the ellipsis (**…**) to add a new condition or group under an existing group + +![Configure search](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteriarecordnumber.webp) + +**Step 2 –** Click **RecordNumber** to configure the search to look for specific events or a range +of events. + +**Step 3 –** Click **equals** and **``** to further configure the condition as required. + +**Step 4 –** (Optional) At the root or group level, click **AND** to change the logical operator for +that level. The available options are **AND**, **OR**, **NOT AND**, and **NOT OR**. + +**Step 5 –** Repeat steps 1 to 4 to configure all necessary criteria. + +- To remove a row (condition or group), click the ellipsis (**…**) on the row and select **Remove + Row** +- To remove all currently configured criteria, click **Filter** and select **Clear All** + +**Step 6 –** Click **Show data** to run a test query and sample the data that will be returned that +is connected to a target log based upon the configured criteria. The data is displayed in the +Records found table. + +The search criteria has now been configured and the results it returns tested. Configure the +criteria further if the returned results are not as expected, or click **Next** to continue to the +next wizard page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/eventlogoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/eventlogoptions.md new file mode 100644 index 0000000000..c3c43d0e04 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/eventlogoptions.md @@ -0,0 +1,11 @@ +# SMARTLog: Event Log Options + +The Event Log Options page is used to configure additional options. It is a wizard page for all log +types. + +![SMART Log DC Wizard Event Log Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/eventlogoptions.webp) + +The following additional options can be selected: + +- Lookup user name – Resolves SIDs found in the event descriptions to friendly display name values +- Resolve GUIDs – Resolves GUIDs found in the event descriptions to friendly display name values diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/logstate.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/logstate.md new file mode 100644 index 0000000000..41f710a486 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/logstate.md @@ -0,0 +1,11 @@ +# SMARTLog: Log State + +The Log State page is used to configure how to search the log. It is a wizard page for all log +types. + +![SMART Log DC Wizard Log State page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/logstate.webp) + +Select the **Persist log state** checkbox to search the log from where the search last left off. A +state file is created for each host configured in the query. State files can be viewed within Access +Analyzer and are named by the query GUID. State files display the record the search last left off +on, the event log, and the date of the last entry. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/logtype.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/logtype.md new file mode 100644 index 0000000000..f958dcc6b1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/logtype.md @@ -0,0 +1,37 @@ +# SMARTLog: Log Type + +The Log Type page is used to select the log type to be processed. + +![SMART Log DC Wizard Log Type page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/logtype.webp) + +The log types are: + +- Windows Event Log – Connects to and extract information from any Windows event log made available + on the target host +- Windows Event Log (Archived) – Extract events from an offline log by moving the log to the Access + Analyzer Console and having it processed on the local host instead of the target host +- Internet Information Server Log – An Exchange query that returns information from Outlook Web + Access IIS logs found on CAS servers + + - The IIS log must be configured to generate specific columns in order for the SMARTLog Data + Collector to audit them. See the + [IIS Log Auditing Requirements](#iis-log-auditing-requirements) topic for additional + information. + +- File Change Detection Log – This is a legacy option. It should not be selected. + +## IIS Log Auditing Requirements + +The SMARTLog Data Collector needs the IIS logs to generate the following columns: + +- Date (date) +- Time (time) +- ClientIP (c-ip) +- UserName (cs-username) +- UriSteam (cs-uri-stem) +- UriQuery (cs-uri-query) +- Protocol Status (HttpStatus) +- Protocol substatus (HttpSubStatus) +- BytesSent (sc-bytes) +- BytesRecv (cs-bytes) +- UserAgent (cs(User-Agent)) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/overview.md new file mode 100644 index 0000000000..b9a12f8c4e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/overview.md @@ -0,0 +1,57 @@ +# SMARTLog Data Collector + +The SMARTLog Data Collector provides search and extraction of details from Windows Event Logs +(online or offline) and Microsoft Exchange Internet Information Server (IIS) logs. + +The SMARTLog Data Collector is a core component of Access Analyzer, but it has been preconfigured +within the Active Directory Solution, Exchange Solution, SQL Solution, and the Windows Solution. +While the data collector is available with all Access Analyzer license options, these solutions are +only available with a special Access Analyzer licenses. See following sections for additional +information: + +- [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md) +- [Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) +- [SQL Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/overview.md) +- [Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) + +Protocols + +- Log +- Remote Event +- RPC + +Ports + +- TCP 135 +- TCP 445 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Domain Administrators group (if targeting domain controllers) +- Member of the local Administrators group + +See the +[Exchange Remote Connections Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/remoteconnections.md) +topic for additional information related to permissions required for targeting Exchange servers. + +## SMARTLog Query Configuration + +The SMARTLog Data Collector is configured through the SMART Log DC Wizard, which contains the +following wizard pages: + +- Welcome +- [SMARTLog: Log Type](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/logtype.md) +- [SMARTLog: Sample Host](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/samplehost.md) +- [SMARTLog: Target Log](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlog.md) +- [SMARTLog: Results](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/results.md) +- [SMARTLog: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteria.md) +- [SMARTLog: Collection Method](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/collectionmethod.md) +- [SMARTLog: Log State](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/logstate.md) +- [SMARTLog: Event Log Options](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/eventlogoptions.md) +- [SMARTLog: Summary](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/summary.md) + +![SMART Log DC Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/welcome.webp) + +There are no configurable settings on the Welcome page. Click **Next** to proceed to the Log Type +page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/results.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/results.md new file mode 100644 index 0000000000..3ec1796e33 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/results.md @@ -0,0 +1,11 @@ +# SMARTLog: Results + +The Results page is where the events to be returned by the query are selected. It is a wizard page +for all log types. The description strings within the log records can also be selected for the +query. + +![SMART Log DC Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/results.webp) + +Click **Check all** to select all properties, **Uncheck all** to deselect all properties, or **Reset +Defaults** to return to the default settings. Available properties vary based on the category +selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/samplehost.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/samplehost.md new file mode 100644 index 0000000000..47060efc89 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/samplehost.md @@ -0,0 +1,54 @@ +# SMARTLog: Sample Host + +The Sample Host page is used to configure the host. It is a wizard page for all log types. + +![SMART Log DC Wizard Sample Host page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/samplehost.webp) + +Select a host for running a test query on the Criteria page from the following radio buttons: + +- Local Computer – localhost +- Another computer – If selecting another computer for the host, click the ellipsis to open the + Select Computer window. See the [Select Computer Window](#select-computer-window) topic for + additional information. + +## Select Computer Window + +![Select Computer window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/selectcomputerwindow.webp) + +If selecting another computer for the host, click the ellipsis to open the Select Computer window +and select a computer. The options in the Select Computer window are: + +- Object Types – Either enter the object type name in the textbox or click **Object Types** to + select the types of objects to find. The default is **Computer**. +- Locations – Click to select the location to search. The default is **Entire Directory**. +- Enter the object name to select – Manually enter objects into the text field + + - Click the **examples** link to access the Microsoft + [Object Picker UI](https://docs.microsoft.com/en-us/previous-versions/orphan-topics/ws.11/dn789205(v=ws.11)?redirectedfrom=MSDN) + article for additional information + +- Check Names – Click to verify the object names in the text field +- Advanced – Opens a window to perform advanced configurations of the Select Computer function + +![Advanced Select Computer window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp) + +The Common Queries section is included on the advanced Select Computer window in addition to object +type and location in the original Select Computer window. + +- Name – Select a qualifier from the drop-down menu and enter a name of an object in the associated + text box +- Description – Select a qualifier from the drop-down menu and enter a description in the associated + text box +- Select the **Disabled accounts** checkbox to include disabled accounts in the search +- Select the **Non-expiring password** checkbox to include non-expiring passwords in the search +- Select the number of **Days since last logon** from the drop-down menu +- Click the **Columns** button to open the Choose Columns window + + ![Choose Columns window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/choosecolumnswindow.webp) + + Select a column from the Columns available or Columns shown lists and click **Add** or + **Remove** to add or remove them from each column + +- Click **Find Now** to run a search for items matching the selected criteria in the location of the + object selected +- Click **Stop** to stop a search in progress diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/summary.md new file mode 100644 index 0000000000..d56c59fb41 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/summary.md @@ -0,0 +1,8 @@ +# SMARTLog: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all log types. + +![SMART Log DC Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the SMART Log DC Wizard to ensure that no accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlog.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlog.md new file mode 100644 index 0000000000..27909a4a62 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlog.md @@ -0,0 +1,25 @@ +# SMARTLog: Target Log + +The Target Log page is where logs are selected to be collected. There are three versions of this +wizard page that change based on log type. This version is a wizard page for the log types of: + +- Windows Event Log (Archived) +- Internet Information Server Log + +See the [SMARTLog: Target Log for Windows Event Log Type](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/windowseventlog.md) and +[SMARTLog: Target Log for File Detection Log Type](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md) topics for +information on the other versions of this wizard page. + +![SMART Log DC Wizard Target Log page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlog.webp) + +The configurable options are: + +- Path – Enter or browse to the path to the log +- File mask – Enter file names to limit the file names to return from the path entered. Asterisks + can be used for wildcards. For example, `u_ex*.log` would match **u_ex170530.log**. When no mask + is set, all files from the listed path are returned. +- Log files to be processed – Select from the following options: + + - All + - Today + - For the last – Select the number of days or hours diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md new file mode 100644 index 0000000000..538b48c90d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/filedetectionlog.md @@ -0,0 +1,15 @@ +# SMARTLog: Target Log for File Detection Log Type + +The Target Log page is where logs are selected to be collected. This version is a wizard page for +the File Change Detection log type. + +![SMART Log DC Wizard Target Log page for File Change Detection Log](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp) + +In the Exec server section, identify the server that will run the data collection by selecting one +of the following options: + +- Automatic (Local for NAS device hosts, Remote for Windows hosts) +- Local Access Analyzer Server +- Specific Remote Server – If selected, enter the server name in the Server textbox + +In the Log files to be processed section, set the filter criteria. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/windowseventlog.md b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/windowseventlog.md new file mode 100644 index 0000000000..5c2593588a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/windowseventlog.md @@ -0,0 +1,9 @@ +# SMARTLog: Target Log for Windows Event Log Type + +The Target Log page is where logs are selected to be collected. This version is a wizard page for +the log type of Windows Event Log. + +![SMART Log DC Wizard Target Log page for Windows Event Log](/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp) + +Only one log can be targeted per query task. The selected log is displayed at the bottom of the +wizard page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/activitydatescope.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/activitydatescope.md new file mode 100644 index 0000000000..57fbbc8bc3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/activitydatescope.md @@ -0,0 +1,24 @@ +# SPAA: Activity Date Scope + +The Activity Date Scope page is where the range of dates for which the SharePoint activity scan will +collect data is configured. It is a wizard page for the category of Scan SharePoint Activity. + +![Activity Date Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/activitydatescope.webp) + +Use the radio buttons to select the **Scan Filters**. + +- Relative Timespan + - Collect Activity from the last 180 days – The number of days to collect activity can be + configured with the up and down arrows + - Retain data – The timespan for data retention. Select from the drop-down list: + - within timespan + - forever +- Absolute Timespan + + - Start date – Click the down arrow to access the calendar and select the start date for data + collection + - End date – Click the down arrow to access the calendar and select the end date for data + collection + + **NOTE:** Selecting Absolute Timespan will not affect activity data collected during Relative + Timespan scans. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/activityloglocations.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/activityloglocations.md new file mode 100644 index 0000000000..b1d3e71f79 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/activityloglocations.md @@ -0,0 +1,38 @@ +# SPAA: Activity Log Locations + +The Activity Log Locations page is where to manually configure log locations to avoid requiring +remote registry access to locate the activity event log files. It is a wizard page for the category +of Scan SharePoint Activity. + +![Activity Log Locations page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/activityloglocations.webp) + +The options in the Activity Log Locations page are: + +- Add – Opens the Customize Activity Log UNC Paths location window to add a new host +- Add Default – Opens the Customize Activity Log UNC Paths location window for the default host +- Edit – Opens the Customize Activity Log UNC Paths window for the selected host. If edits are made, + click **OK** to save the changes. +- Remove – Removes the selected host + +![Customize Activity Log UNC Paths Window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/customizeactivityloguncpaths.webp) + +The options in the Customize Activity Log UNC Paths Window are: + +- Host name – Host name of the targeted SharePoint On-Premises server or SharePoint Online tenant +- SBTFileMon.ini UNC path – UNC path to the location of the **SBTFileMon.ini** file (as configured + in **Activity Monitor** > **Monitored Hosts**) +- Activity log UNC path – UNC path to the location of the **SBTFileMon_Logs** folder containing the + Activity Logs (as configured in **Activity Monitor** > **Monitored Hosts**) + + **NOTE:** For On-Premises environments you do not need to specify an Activity Log UNC path as + the Data Collector will default to finding the log locations via the registry. + +- Activity archive UNC path – UNC path to the archive location of Activity Logs (as configured in + **Activity Monitor** > **Agents**). If archiving is not enabled in Activity Monitor this can be + left blank. + +**NOTE:** In any UNC paths, `%HOST%` will be replaced with the host name. + +See the Getting Started with SharePoint & SharePoint Online Activity Monitor topic in the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/additionalscoping.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/additionalscoping.md new file mode 100644 index 0000000000..bb1dfce1fc --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/additionalscoping.md @@ -0,0 +1,26 @@ +# SPAA: Additional Scoping + +The Additional Scoping page is where the scan can be limited by depth of the scan. It is a wizard +page for the categories of: + +- Scan SharePoint Access +- Scan For Sensitive Content + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +![Additional Scoping page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/additionalscoping.webp) + +If checked, set the **Limit scanned depth to: [number] level(s)** option to the desired depth. If +this option is not checked then the entire farm is scanned. If the scoping depth is set to **0** +then only root site collections are scanned. Each increment to the depth adds an additional level of +depth from that point. + +Check the **Perform differential scan** box to enable the job to run a differential scan. +Differential scanning is enabled by default. When this option is enabled, SPAA scan will only parse +files for content/SDD if it has been modified since the last scan. + +**NOTE:** This option only applies to Tag collection and Sensitive data collection. Files will be +still be scanned for permissions regardless of whether this option is checked or not. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/agentsettings.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/agentsettings.md new file mode 100644 index 0000000000..bb7e54e1be --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/agentsettings.md @@ -0,0 +1,19 @@ +# SPAA: Agent Settings + +The Agent Settings page is where the SharePoint Agent Service is configured. It is a wizard page for +the category of Scan SharePoint Access. + +![Agent Settings page](/img/product_docs/activitymonitor/activitymonitor/install/agent/windowsagent.webp) + +The **Enable Agent Service Scans** checkbox enables collecting SharePoint data through the agent +services instead of directly from SharePoint. This option requires a **Network Port** to be entered. +Agent Service Identity radio buttons are: + +- Use Job Credentials when job has same credentials as agent services +- Use Custom Identity for other agent service credential scenarios + - Specify identity in the format `spn:name` or `upn:name` + - The token `%HOST%` may be substituted for the host name + +This option requires the SharePoint Agent to be installed on the application server. See the +[SharePoint Agent Installation](/docs/accessanalyzer/12.0/install/sharepointagent/overview.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/bulkimportsettings.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/bulkimportsettings.md new file mode 100644 index 0000000000..9e04c579f6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/bulkimportsettings.md @@ -0,0 +1,14 @@ +# SPAA: Bulk Import Settings + +The Bulk Import Settings page is where the bulk import process settings are configured. It is a +wizard page for the categories of: + +- Bulk Import Access Scan Results +- Bulk Import Sensitive Content Scan Results + +![Bulk Import Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/bulkimportsettings.webp) + +Subsequent hosts in job lists will get host IDs incremented by 1. The Host Identifier may require an +offset to avoid overlapping IDs in collected data. If the **Set Host ID** checkbox is left +unchecked, then Access Analyzer assigns values starting from 1 to every host. This feature is +intended only for SQL Server Replication. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/category.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/category.md new file mode 100644 index 0000000000..ff2be2ad29 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/category.md @@ -0,0 +1,28 @@ +# SPAA: Category + +The SPAA Data Collector Category page contains the following query categories, sub-divided by +auditing focus: + +![Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/category.webp) + +The options on the Category page are: + +- The **SharePoint Access Audits** category scans hosts for SharePoint access information and has + two selections to choose from: + - Scan SharePoint Access – Performs SharePoint access audits + - Bulk Import Access Scan Results – Imports SharePoint access scan results into the Access + Analyzer database +- The **Sensitive Content** category scans hosts for sensitive data information and has two + selections to choose from: + - Scan for Sensitive Content – Scans for sensitive content on SharePoint + - Bulk Import Sensitive Content Scan Results – Imports sensitive content scan results into the + Access Analyzer database +- The **SharePoint Activity Audits** category scans hosts for SharePoint activity information and + has two selections to choose from: + - Scan SharePoint Activity – Scans SharePoint activity log files + - Bulk Import SharePoint Activity Scan Results – Imports SharePoint activity into the Access + Analyzer database + +_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to be +installed on the Access Analyzer Console. If the SharePoint Agent is used, then it must also be +installed on the application server that hosts the Central Administration component. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/configurejob.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/configurejob.md new file mode 100644 index 0000000000..224749cc29 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/configurejob.md @@ -0,0 +1,104 @@ +# SharePoint Custom Connection Profile & Host List + +The SPAA Data Collector requires a custom Connection Profile and a custom host list to be created +and assigned to the job conducting the data collection. The host inventory option during host list +creation makes it necessary to configure the Connection Profile first. While SharePoint on-premises +uses the Active Directory account type for the credential within a Connection Profile, it is +necessary for online credentials to be listed first in the credentials list within a Connection +Profile housing credentials to both environments. + +## SharePoint Farm + +This section describes the process to configure the Connection Profile and custom host list for +scanning SharePoint On-Premises. + +### SharePoint Farm Credential for a Connection Profile + +The provisioned credential used should be an Active Directory account. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Active Directory Account +- Domain – Drop-down menu with available trusted domains displays. Either type the short domain name + in the textbox or select a domain from the menu. +- User name – Type the user name +- Password Storage – Choose the for credential password storage: + - Application – Uses Access Analyzer’s configured Profile Security setting as selected at the + **Settings** > **Application** node + - CyberArk – Uses the CyberArk Enterprise Password Vault +- Password – Type the password +- Confirm – Re-type the password + +Once the Connection Profile is created, it is time to create the custom host list. See the +[Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. + +### SharePoint Farm Host in a Custom Host List + +The custom host list should include: + +- One application server per farm +- Host name without a domain suffix, this means the host name should not contain a period character + +See the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) section for instruction on creating a +custom static host list. + +## SharePoint Online + +This section describes the process to configure the Connection Profile and custom host list for +scanning SharePoint Online using Modern Authentication. + +### SharePoint Online Credential for a Connection Profile using Modern Authentication + +The provisioned credential should be an Microsoft Entra ID Application. See the +[SharePoint Online Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/sharepointonline/access.md) +topic for instructions on registering and provisioning the Microsoft Entra ID Application manually +or via the SP_RegisterAzureAppAuth Instant Job. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Azure Active Directory +- Client ID – Application (client) ID of the Access Analyzer application registered with Microsoft + Entra ID +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) + topic for additional information.) +- Key – The comma delimited string containing the path to the certificate PFX file, certificate + password, and the Microsoft Entra ID environment identifier ( + `CertPath,CertPassword,AzureEnvironment`) + + The `AzureEnvironment` is typically 0 for the default Azure Production Environment. Other + possible values are: + + - 1 – PPE + - 2 – China + - 3 – Germany + - 4 – US Government + - 5 – US Government-High + - 6 – US Government-DoD + + An example string matching the configuration from above is: + + C:\Program Files + (x86)\STEALTHbits\StealthAUDIT\PrivateAssemblies\spaa_cert_myorg.pfx,PasswordGoesHere,0 + + **NOTE:** `PasswordGoesHere` should be replaced with the password used when generating the + self-signed X.509 certificate if the Microsoft Entra ID Application was Registered and + Provisioned manually or the $appPassword parameter used in the SP_RegisterAzureAppAuth Instant + Job if that method was used. + +Once the Connection Profile is created, it is time to create the custom host list. See the +[Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. + +### SharePoint Online Host in a Custom Host List + +The custom host list should include: + +- Web or cloud hosts should be specified using the full web DNS part of the site URL, for example an + Office 365 site with the URL http://TestSite.sharepoint.com should be added as a host with name + TestSite.sharepoint.com +- Do not use the admin site, for example TestSite-admin.sharepoint.com +- Do not use IP Addresses +- Host name must be in DNS format + +See the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) topic for instructions on creating a custom +static host list. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/dlpauditsettings.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/dlpauditsettings.md new file mode 100644 index 0000000000..04d786d5c0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/dlpauditsettings.md @@ -0,0 +1,40 @@ +# SPAA: DLP Audit Settings + +The DLP Audit Settings page is where sensitive data discovery settings are configured. It is a +wizard page for the category of Scan For Sensitive Content. + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +![DLP Audit Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/dlpauditsettings.webp) + +Configure the **Scan Performance** options: + +- Don’t process files larger than: Size Limit [number] MB – Limits the files to be scanned for + sensitive content to only files smaller than the specified size. The checkbox is selected by + default. The default size is 2 MB. +- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn + as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU + threads available. + +Use the radio buttons to select the **File types to scan**: + +- Scan typical documents (recommended, fastest) – Scans most common file types +- Scan all document types (slower) – Scans all file types except those excluded +- Scan image files for OCR content – Use optical character recognition to scan image files for + sensitive data content + + **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents + directly converted to images, with standard fonts. It will not work for scanning photos of + documents and may not be able to recognize text on images of credit cards, driver's licenses, or + other identity cards. + +Use the checkboxes to select to **Store Match Hits**: + +- Store discovered sensitive data – Stores match hits for sensitive data in the SPAA Tier 2 + database. If this option is not selected, then the match hits for sensitive data are still + reported but the data columns are masked in the database. +- Limit stored matches per criteria to [number] – Enabled when the Store discovered sensitive data + checkbox is selected. Limits the number of stored matches per criteria to the specified number. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/droptables.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/droptables.md new file mode 100644 index 0000000000..20f6d0acdc --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/droptables.md @@ -0,0 +1,45 @@ +# SPAA Drop Tables & Views Workflow + +If it becomes necessary to clear the SPAA Data Collector tables and views to resolve an issue, the +SP_DropTables Job is preconfigured to run analysis tasks that drop functions and views for the +SharePoint Solution as well as the standard tables and views generated by the **SPAA** Data +Collector. It is available through the Instant Job Library under the SharePoint library. Since this +job does not require a host to target, select **Local host** on the Hosts page of the Access +Analyzer Instant Job Wizard. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic +for additional information. + +## Analysis Tasks for the SP_DropTables Job + +Navigate to the **Jobs** > **SP_DropTables** > **Configure** node and select **Analysis** to view +the analysis tasks. + +**CAUTION:** Applying these analysis tasks will result in the deletion of collected data. + +![SP_DropTables Job Analysis tasks](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/droptablesanalysis.webp) + +The default analysis tasks are: + +- 1. Drop SPAA functions – Removes all functions and views from previous runs of the SharePoint + Solution +- 2. Drop SPAC imports – Drops the SharePoint Activity Auditing tables imported from the previous + runs +- 3. Drop SPDLP Tables – Drops the SharePoint Sensitive Data Discovery Auditing (SEEK) tables + imported from the previous runs +- 4. Drop SPAA Tables – Drops the SharePoint Access Auditing tables imported from the previous + runs + +Do not try to run these tasks separately, as they are designed to work together. Follow these steps +to run the analysis tasks: + +**Step 1 –** In the Analysis Selection Pane, click **Select All**. All tasks will be checked. + +**Step 2 –** Right-click the **SP_DropTables** Job and select **Run Job**. The analysis execution +status will be visible from the **Running Jobs** node. + +**Step 3 –** When the job has completed, return to the Analysis Selection Pane and click **Select +All** to deselect these analysis tasks. + +**_RECOMMENDED:_** Do not leave these analysis tasks checked in order to avoid accidental data loss. + +All of these tables have been dropped from the SQL Server database and the data is no longer +available. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/overview.md new file mode 100644 index 0000000000..55196a419e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/overview.md @@ -0,0 +1,59 @@ +# SharePointAccess Data Collector + +The SharePointAccess (SPAA) Data Collector audits access, group membership, and content within a +SharePoint on-premises and SharePoint Online environment. The SPAA Data Collector has been +preconfigured within the SharePoint Solution. Both this data collector and the solution are +available with a special Access Analyzer license. See the +[SharePoint Solution](/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md) topic for additional information. +The SPAA Data Collector has the following requirements: + +Protocols + +- MS SQL +- Remote Registry +- SP CSOM (Web Services via HTTP & HTTPS) +- SP Server API +- WCF AUTH via TCP (configurable) + +Ports + +- Ports vary based on the Scan Mode selected and target environment. See the + [SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) topic for + additional information. + +Permissions + +- Permissions vary based on the Scan Mode selected and target environment. See the + [SharePoint Support](/docs/accessanalyzer/12.0/requirements/target/sharepoint.md) topic for additional information. + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## SPAA Query Configuration + +The SharePointAccess Data Collector is configured through the SharePoint Access Auditor Data +Collector Wizard. The wizard contains the following pages, which change based up on the query +Category selected: + +- Welcome +- [SPAA: Category](/docs/accessanalyzer/12.0/admin/datacollector/spaa/category.md) +- [SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/settings.md) +- [SPAA: Scan Scoping Options](/docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptions.md) +- [SPAA: Additional Scoping](/docs/accessanalyzer/12.0/admin/datacollector/spaa/additionalscoping.md) +- [SPAA: Agent Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/agentsettings.md) +- [SPAA: Bulk Import Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/bulkimportsettings.md) +- [SPAA: DLP Audit Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/dlpauditsettings.md) +- [SPAA: Select DLP Criteria](/docs/accessanalyzer/12.0/admin/datacollector/spaa/selectdlpcriteria.md) +- [SPAA: Activity Date Scope](/docs/accessanalyzer/12.0/admin/datacollector/spaa/activitydatescope.md) +- [SPAA: Activity Log Locations](/docs/accessanalyzer/12.0/admin/datacollector/spaa/activityloglocations.md) +- [SPAA: Test Access](/docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccess.md) +- [SPAA: Results](/docs/accessanalyzer/12.0/admin/datacollector/spaa/results.md) +- [SPAA: Summary Page](/docs/accessanalyzer/12.0/admin/datacollector/spaa/summary.md) + +![SPAA Data Collector Wizard Welcome Page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/welcomepage.webp) + +The Welcome page can be hidden by checking the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/results.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/results.md new file mode 100644 index 0000000000..8274828d35 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/results.md @@ -0,0 +1,11 @@ +# SPAA: Results + +The Results page is where properties that will be gathered are selected. It is a wizard page for all +of the categories. + +![Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/results.webp) + +Properties can be checked individually, or the **Select All**and **Clear All** buttons can be used. +All checked properties are gathered. Available properties vary based on the category selected. This +information is not available within the standard reference tables. Instead, this information can be +viewed in the table created by the query task, for example SA_1-SPAA_SystemScans_Access table. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptions.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptions.md new file mode 100644 index 0000000000..57388e586c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptions.md @@ -0,0 +1,90 @@ +# SPAA: Scan Scoping Options + +The Scan Scoping Options page provides scoping options to specify the list of URLs to be scanned. It +is a wizard page for the categories of: + +- Scan SharePoint Access +- Scan For Sensitive Content + +![Scan Scoping Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptions.webp) + +The options on the Scan Scoping Options page are: + +- Add – When a URL is entered in the text box, adds the URL to the Scope box + + - To scope for a SharePoint Host Named Site Collections, use the text box to enter the URL for + both the Web App and the HNSC with custom non-existent URL extensions added. See the + [Scoping to SharePoint Host Named Site Collections](#scoping-to-sharepoint-host-named-site-collections) + topic for additional information. + + **NOTE:** If sites are included in the Scope box, all other sites are excluded from the scan. + +- Import CSV – Opens a file explorer to browse for a CSV file +- Scope box – Lists all added URLs +- Scope drop-down list – Select include to include a URL in the scan. Select exclude to exclude a + URL from the scan. +- Remove – Removes the selected URL from the Scope box + +## Scoping to SharePoint Host Named Site Collections + +In order to scope to objects within host named site collections, add a scope line which includes the +URL of the web application containing the host named site collection. To scope the host named site +collection URL `http://sample.com/documents/` for a host named site collection that exists under the +web application URL `http://example.com`, follow the steps: + +**Step 1 –** Navigate to the **Scan Scoping Options** page. + +![Enter URL on Scan Scoping Options page example](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptionswebappurl.webp) + +**Step 2 –** In the text box, enter an invalid URL prefixed with the **Web App URL** which contains +the HNSCs. Click **Add**. + +- In the example the invalid Web App URL is: `http://example.com/hnsc_indicator/` + +**Step 3 –** In the text box, enter the HNSC URL to scope for. Click **Add**. + +- In the example, the HNSC URL entered to filter for is: `http://sample.com/documents/` + +![Scan Scoping Options example](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptionsexample.webp) + +**Step 4 –** The Web App URL must appear above the HNSC URL, as depicted in the example above. + +**Step 5 –** The SharePoint Access Auditor Data Collector Wizard is now configured to filter for the +URL inside the SharePoint Host Named Site Collections. + +## Virtual Hosts + +In order to decrease the scan time in large SharePoint Online environments, it is possible to break +Site Collections for a single host down into subsets, or **Virtual Hosts**, that are treated as +separate hosts by Access Analyzer. This allows multiple scans of a single host to be run +concurrently. Follow the steps to configure this. + +![CSV file with host and site collection information](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/virtualhostscsv.webp) + +**Step 1 –** Create a new CSV file. Add into rows the information for the host and site collection +URLs you want to scan in the format `HOSTNAME#DESIGNATOR;URL`. + +- Each unique `DESIGNATOR` is treated as a separate host comprised of the specified URLs. + +![Host List for targeting the Virtual Hosts](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/virtualhostshostlist.webp) + +**Step 2 –** Configure the Host List for SPAA or SPSEEK scans to target these Virtual Hosts using +the format `HOSTNAME#DESIGNATOR`. + +![SPAA Data Collector Wizard Scan Scoping Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp) + +**Step 3 –** On the Scan Scoping Options page of the SharePoint Access Auditor Data Collector +Wizard, use the **Import CSV** button to import the information from the CSV file created in Step 1. + +**Step 4 –** Click **Next** to continue through the other pages of the SharePoint Access Auditor +Data Collector Wizard. Then click **Finish** on the Summary Page. + +Access Analyzer is now configured to scan multiple site collections for the same host concurrently. + +A new host folder is created for each Virtual Host in `Jobs/SA_CommonData/SHAREPOINTACCESS`. You +will also see a separate line on the Running Instances tab for each Virtual Host included in the +scan. + +**NOTE:** The Host List for Bulk Import should be configured to contain each Virtual Host included +in the above scan using the `HOSTNAME#DESIGNATOR` format. After Bulk Import, the data contained in +Tier 1 Database tables and views will resemble a scan run against multiple hosts. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/selectdlpcriteria.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/selectdlpcriteria.md new file mode 100644 index 0000000000..40c2e63118 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/selectdlpcriteria.md @@ -0,0 +1,33 @@ +# SPAA: Select DLP Criteria + +The Select Criteria page is where criteria to be used for discovering sensitive data are configured. +It is a wizard page for the category of Scan For Sensitive Content. + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +![Select DLP criteria for this scan page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/selectdlpcriteria.webp) + +The options on the Select DLP Criteria page are: + +- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings + from the **Settings** > **Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for +- Select All – Click **Select All** to enable all sensitive data criteria for scanning +- Clear All – Click **Clear All** to remove all selections from the table +- Select the checkboxes next to the sensitive data criteria options to enable it to be scanned for + during job execution + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit + user-defined criteria. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/settings.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/settings.md new file mode 100644 index 0000000000..90c423f1e5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/settings.md @@ -0,0 +1,76 @@ +# SPAA: SharePoint Data Collection Settings + +The SharePoint data collection settings page is where additional scan settings are configured. It is +a wizard page for the categories of: + +- Scan SharePoint Access +- Scan For Sensitive Content + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +![SharePoint data collection settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/datacollectionsettings.webp) + +The Probable Owners section provides options for how probable ownership will be calculated: + +- Limit maximum number of Probable Owners per resource: [number] – Return the maximum user supplied + number of probable owners per resource + +The Collect Personal Sites checkbox enables or disables collection during the scan of personal site +collections of individual users. Personal site collections are a SharePoint feature which gives +every user their own site collection, and which are used by Office 365 to store a user’s OneDrive +files. Personal sites are configured by default to only be accessible by the user to whom they +belong, and so it is likely that the Connection Profile that the data collector is assigned may not +have access to some users’ personal sites. There are three radio buttons for identifying how the +query treats personal sites to which it does not have access: + +- Skip inaccessible personal sites – Inaccessible personal sites are not scanned +- Force scan account as admin of inaccessible personal sites – Make the Connection Profile + credentials a Site Collection Administrator of any personal sites to which it does not have + access: + + - The personal sites will be scanned + - When the scan is complete, the permissions are restored to what they were prior to the scan, + referring to those credentials made a Site Collection Administrator of personal sites in order + to conduct the scan. + - Requires the account used in the Connection Profile credentials to have the Global + Administrator role for SharePoint Online or be a Farm Administrator for SharePoint on premise. + This permission is required to facilitate altering the administrators of site collections. + + **NOTE:** The Microsoft SharePoint API employed to remove personal Site Collection + Administrator is unreliable, and occasionally the scanning account is left as a Site + Collection Administrator of personal sites. This may leave the scanning account visible to + SharePoint users on the permissions of the files in their personal sites. + + **_RECOMMENDED:_** Only use this option if that account is clearly identifiable as an + administrative account, and users are advised of the possibility that the account could + appear on the permissions of their personal site collection documents. + +- Force Company Administrator as admin of inaccessible personal sites – Make the special Company + Administrator account an administrator of any personal sites to which it does not have access + + - The personal sites will be scanned + - When the scan is complete, the Company Administrator account is left as an administrator of + the users’ personal site collections + - Requires the account used in the Connection Profile credentials to have the Global + Administrator role for SharePoint Online or be a Farm Administrator for SharePoint on premise. + This permission is required to facilitate altering the administrators of site collections. + + **NOTE:** The Company Administrator account is a special SharePoint Online and SharePoint + 2013 group which contains all accounts which have the Global Administrators role. + +The **Extract Document Tags** option enables the collection of metadata tags from Microsoft Office +files in SharePoint. Since this option requires the retrieval and scanning of each document, it +results in a noticeable increase in scan time. + +- Select a preferred zone – Use the drop-down list to select a preferred zone within the web + application to target the scan. If a targeted web application does not have the selected preferred + zone, the scan targets the default zone for that web application. Options include: + + - Default + - Intranet + - Internet + - Custom + - Extranet diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/standard-tables.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/standardtables.md similarity index 100% rename from docs/accessanalyzer/12.0/data-collection/spaa/standard-tables.md rename to docs/accessanalyzer/12.0/admin/datacollector/spaa/standardtables.md diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/summary.md new file mode 100644 index 0000000000..c32f3dc918 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/summary.md @@ -0,0 +1,10 @@ +# SPAA: Summary Page + +The Summary page is where configuration settings are summarized. It is a wizard page for all of the +categories. + +-![Summary Page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/summarypage.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the SharePoint Access Auditor Data Collector Wizard ensuring that no +accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccess.md b/docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccess.md new file mode 100644 index 0000000000..df4f2ada13 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccess.md @@ -0,0 +1,30 @@ +# SPAA: Test Access + +Use the Test Access page to check access to SharePoint On-Premises environments. The Test Access +function uses each credential in a job's Connection profile to test access to a SharePoint +environment. The Test Access page tests access to the following: + +- Access to the remote registry +- SQL Access (for databases associated with the SharePoint farms) +- All Web Applications in the SharePoint environment + +![Test Access page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccess.webp) + +The options and sections on the Test Access page are: + +- SharePoint App Server – Enter the server name for the SharePoint environment in the SharePoint App + Server text box. Click **Check Access** to test access to the SharePoint environment. + + - For example – `sbnjqasp30` or `sbnjqasp3.qa.com` + - Do not include `http[s]://` or use a URL for the server name. The Test Access function cannot + be scoped to individual Web applications. + +- Access Test Results – Displays information on test results. Test criteria are listed in the + **Description** column. Test results will be returned as either **Pass** or **Fail** in the + Results column. +- Save Report – Click **Save Report** to export and save a text version of the test results + +| | | +| ------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ![Successful test example](/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccessbadtest.webp) | +| **Successful Test (Correct Credentials)** | **Unsuccessful Test (Incorrect Credentials)** | diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/category.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/category.md new file mode 100644 index 0000000000..58bf083f2a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/category.md @@ -0,0 +1,141 @@ +# SQL: Category + +The Category page in the SQL Data Collector Wizard lists the available query categories, sub-divided +by auditing focus. + +![SQL Data Collector Wizard Category Page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/category.webp) + +The query categories are: + +- Permissions + + - Permissions Collection – Gather permissions on server and database objects + +- Server Audits + + - Server Audits Events Collection – Gather events from SQL server audits + +- Sensitive Data + + - Sensitive Data Collection – Scan databases for sensitive data + +- Microsoft SQL Server + + - Discovery + + - Enumerate Network – Enumerate local network for browsable SQL server instances visible to + the storage host + + - Custom SQL Query + + - Custom Query – Run a custom SQL query against a SQL database + + - Infrastructure + + - Server Properties – Information about the server + - Configuration Properties – Information about server configuration + - Version Information – Version information about Microsoft SQL server + - File Groups – File group information + - Files – File information + - Database Information – Information about databases + + - Operations + + - Database Without Backups – List of all databases without backups + - Latest Week Backups – List of latest week database backups + + - Utilities + + - Remove Storage Tables – Removes the tables created and used by the SQL server data + collector + + - Legacy Queries + + - Server Principles – Data for every server level principal + - Database Principles – Data for every database level principal + - Server Permissions – Data about server permissions + - Database Permissions – Data about database permissions + - Server Roles – Data about server roles + - Database Roles – Data about database roles + - System Objects – Data about system objects + - Object Collection – Collects SQL server objects + +- Oracle + + - Custom Oracle Query + + - Custom Oracle Query – Run a custom SQL query against an Oracle container + + - Infrastructure + + - Version Information – Version information about the Oracle database + - File Group Information – Information about file groups and tablespaces + - Data File Information – Information about data files + - Database Information – Information about database configurations + - Initialization Parameter Information – Information about initialization parameters + - System Parameter Information – Information about system parameters + - Container Information – Information about the containers of the databases, both root and + pluggable + - Pluggable Databases History – View of the pluggable databases (PBD) history + - Database Instance Information – Shows information about the current instance of the + database + - Free Space in Tablespaces – Describes the free extents in all tablespaces in the database + + - Operations + + - Latest Week Backup – Information about the latest week backup + - Oldest and Newest Backup – Information about the oldest and the most recent backups + - Database File Without Backup – Indicates file names of the files that are not present in + the RMAN backup + + - Utilities + + - Remove Storage Tables – Removes the tables created and used by the Oracle Data Collector + +- Azure SQL + + - Discovery + + - Enumerate Azure SQL Instances – Enumerate Azure SQL instances and Azure resources + + - Utilities + + - Remove Storage tables – Removes the tables created and used by Azure SQL Discovery + +- MySQL + + - Custom MySQL Query + + - Custom Query – Run a custom SQL query against a SQL database + + - Utilities + + - Remove Storage Tables – Removes tables created for MySQL Data Collector + +- PostgreSQL + + - Custom PostgreSQL Query + + - Custom Query – Run a custom SQL query against a SQL database + + - Utilities + + - Remove Storage Tables – Removes tables created for PostgreSQL Data Collector + +- Db2LUW + + - Custom Db2LUW Query + + - Custom Query – Run a custom SQL query against a SQL database + + - Utilities + + - Remove Storage Tables – Removes tables created for Db2LUW Data Collector + + - Db2LUW Permissions Scan + + - Db2LUW Permissions Scan – Collect permissions from the targeted instances + +- Utilities + + - Remove Storage Data – Removes stored data for specific instances on a specific host diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/configurejob.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/configurejob.md new file mode 100644 index 0000000000..6e8ccd02e7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/configurejob.md @@ -0,0 +1,62 @@ +# SQL Custom Connection Profile & Default Dynamic Host List + +The SQL Data Collector requires a custom Connection Profile and Host List. The **SQL SERVERS** +default host list can be used with this data collector for the SQL Solution. The host inventory +option during host list creation makes it necessary to configure the Connection Profile first. + +## Connection Profile + +Create a Connection Profile and set the following information on the User Credentials window. + +- For an Active Directory account: + + - Select Account Type – Active Directory Account + - Domain – Drop-down menu with available trusted domains will appear. Either type the short + domain name in the textbox or select a domain from the menu. + - User name – Type the user name + - Password Storage – Choose the desired option for credential password storage: + + - Application – Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for additional information. + - CyberArk – Uses the CyberArk Enterprise Password Vault. See the + [CyberArk Integration](/docs/accessanalyzer/12.0/admin/settings/connection/cyberarkintegration.md) topic for + additional information. The password fields do not apply for CyberArk password storage. + + - Password – Type the password + - Confirm – Re-type the password + +- For a SQL account: + + - Select Account Type – SQL Authentication + - User name – Enter user name + - Password Storage – Application (Uses the configured Profile Security setting as selected at + the **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for additional information.) + - Password – Type the password + - Confirm – Re-type the password + +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. + +## Host List + +The required host list depends on the database that the SQL data collector is being used for. + +### Default Dynamic Host List (SQL) + +Jobs using the SQL Data Collector can use the SQL Servers default host list. This is a dynamic host +list that is populated from hosts in the Host Master Table which meet the host inventory criteria +for the list, `IsSQLServer = True`. Since the SQL Servers host list is default, it is available to +jobs and job groups for host assignment. See the [Host Management](/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md) +topic for additional information. + +### Oracle / MySQL / PostgreSQL / Db2 + +Jobs in the Oracle, MySQL, Postgre SQL, or Db2 solution using the SQL Data Collector must be +configured to query a host list with the servers containing the target databases. Setup the list of +hosts that needs to be monitored. Be sure to use a specific host name (if forcing the connection to +a secondary host) or just the server name if connecting to the server. See the +[Host Management](/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md) topic for additional information. + +Additionally, the database instances must be added to the Filter page in the query configuration. +See the [SQL: Filter](/docs/accessanalyzer/12.0/admin/datacollector/sql/filter.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.md new file mode 100644 index 0000000000..b4d1b255b1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.md @@ -0,0 +1,33 @@ +# SQL: Criteria + +The Criteria page is where criteria to be used for discovering sensitive data are configured. It is +a wizard page for the Sensitive Data Collection category. + +![SQL Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.webp) + +The options on the Criteria page are: + +- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings + from the **Settings > Sensitive Data** node. See the + [Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) topic for additional information. +- Use the following selected criteria – Select this option to use the table to select which + sensitive data criteria to scan for + + - Select All– Click **Select All** to enable all sensitive data criteria for scanning + - Clear All – Click **Clear All** to remove all selections from the table + - Select the checkboxes next to the sensitive data criteria options to enable it to be scanned + for during job execution + +The table contains the following types of criteria: + +- System Criteria – Lists pre-defined criteria +- User Criteria – Lists user-defined criteria + + Use the Sensitive Data Criteria Editor in the **Settings > Sensitive Data** to create and edit + user-defined criteria. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. + +**NOTE:** Adding unnecessary criteria can adversely impact the scanner performance and can cause the +scanning job to take a long time. If performance is adversely affected, revisit the sensitive data +scanning criteria and remove criteria that is not required. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/customqueryoracle.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/customqueryoracle.md new file mode 100644 index 0000000000..33cbf3dd81 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/customqueryoracle.md @@ -0,0 +1,20 @@ +# SQL: Custom Oracle Query + +The Custom Query page for a Custom Oracle Query contains the same options as the Custom Query page +for a custom SQL query, with the addition of the **Convert CDB to DBA on non-container databases** +checkbox. It is a wizard page for the Custom Oracle Query category. + +![SQL Data Collector Wizard Custom Query page for a Custom Oracle Query](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/customqueryoracle.webp) + +The configurable options are: + +- Test Database: + + - Data Source – Select the host\instance from the drop-down menu + - Database – Select the database from the drop-down menu + + - Convert CDB to DBA on non-container databases + +- SQL Query textbox – Enter the custom SQL script +- Validate Query – Click to test the query, results display in the box +- Row limit – Enter a number to limit the rows the query is tested on diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/customquerysql.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/customquerysql.md new file mode 100644 index 0000000000..1712d6c3ca --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/customquerysql.md @@ -0,0 +1,22 @@ +# SQL: Custom SQL Query + +The Custom Query page for a Custom SQL Query contains the following configuration options. It is a +wizard page for the following categories: + +- Custom MySQL Query +- Custom PostgreSQL Query +- Custom SQL Query +- Custom Db2LUW Query + +![SQL Data Collector Wizard Custom SQL Query Page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/customsqlquery.webp) + +The configurable options are: + +- Test Database: + + - Data Source – Select the host\instance from the drop-down menu + - Database – Select the database from the drop-down menu + +- SQL Query textbox – Enter the custom SQL script +- Validate Query – Click to test the query, results display in the box +- Row limit – Enter a number to limit the rows the query is tested on diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/filter.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/filter.md new file mode 100644 index 0000000000..7649d007ae --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/filter.md @@ -0,0 +1,154 @@ +# SQL: Filter + +The Filter page is where the query can be scoped to target specific databases or instances. It is a +wizard page for the categories of: + +- Permissions > Permissions Collection +- Server Audits > Server Audit Events Collection +- Sensitive Data > Sensitive Data Collection +- Microsoft SQL Server: + + - Discovery + - Custom SQL Query + - Infrastructure + - Operations + - Utilities > Remove Storage Tables + - Legacy Queries + +- Oracle: + + - Custom Oracle Query + - Infrastructure + - Operations + - Utilities > Remove Storage Tables + +- MySQL: + + - Custom MySQL Query + - Utilities > Remove Storage Tables + +- PostgreSQL: + + - Custom PostgreSQL Query + - Utilities > Remove Storage Tables + +- Db2LUW: + + - Custom Db2LUW Query + - Utilities > Remove Storage Tables + - Db2LUW Permissions Scan + +- Utilities – Remove Storage Data + +It is necessary for the SA_SQL_Instances table to be populated before available databases/instances +can populate the Available Server audits list. For Oracle and SQL, the SA_SQL_Instances table is +populated through an instance discovery query. See the +[0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql_instancediscovery.md) +topic for additional information. For PostgreSQL and MySQL Scans, the SA_SQL_Instances table is +populated manually in the Manage Connections window. See the +[Manage Connections Window](#manage-connections-window) topic for additional information. Once the +table has been populated, a query can be scoped. + +![SQL Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/filter.webp) + +The configurable filter options are: + +- Connections — Opens the Manage Connections window to add or modify database instances. See the + [Manage Connections Window](#manage-connections-window) topic for additional information. +- Filter options + + - All database objects — No scoping + - Only select database objects — Scope to specific databases + + - Click **Retrieve** to display available server audits + +- Available database objects — Displays known databases and instances for query scoping + + - Select from the available list and click **Add** + +- Selected databases or instances — Displays selected database objects for which the query has been + scoped. Additional options include: + + - Remove — Removes the selected database/instance from the query + - Include — Reverts an exclusion. By default, all sub tables are included. + - Exclude — Excludes selected databases/instances and displays them in red + - Add Custom Filter — Opens the Add custom filter window to build a custom filter to be applied + to the selected databases/instances. See the + [Add Custom Filter Window](#add-custom-filter-window) topic for additional information. + - Import CSV — Import a list of databases/instances from a CSV file + - Export CSV — Exports the list of databases/instance to a CSV file through the Save As window + +## Manage Connections Window + +The Manage Connections window enables you to add database instances to search. Click the +**Connections** button to open it. + +![Manage Connections window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/manageconnections.webp) + +The Manage Connections table lists the previously added database instances and their attributes. +Select a row in the table to edit that instance, or create a new instance to add to the table: + +- Is Active — Select the checkbox to include the database on the Servers Pane on the Filter page +- Instance Label — The name of the server +- Database System — Select from a list of available databases +- Service Name — Name of the service +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the database. If a non-default port is being used, it should be + specified in the Port Number section. +- Default Database — Account used to access the database. Admin is recommended. +- Enable impersonation — Select to enable impersonation +- Service Type— If applicable, select whether the service type is **Service** or **SID** + +In the Manage Connections Table, the following information is also listed: + +- Was Inspected — Indicates whether information for a connection was validated. **Y** indicates the + information has been validated. **N** indicates the information has not been validated. +- Last Inspected — Indicates the date and time of when the connection information was last + inspected. If blank, the connection information has not yet been validated. + +The Manage Connections window has the following buttons: + +- Test Connection — Click to verify the connection to the database with the connection profile + applied to the job group +- Edit Connection — Click to edit information for the selected connection +- Delete Connection — Click to delete the selected connection +- Create New — Click to create a new connection + +#### Add Custom Filter Window + +The Add custom filter window opens from the Filter page of the SQL Data Collector Wizard. It enables +you to apply a custom scoping filter to the query. + +![Add custom filter window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/addcustomfilter.webp) + +Type the filter in the window and click Save. The following characters can be used in the filter: + +- Forward slash (/) – Path separator +- Asterisk (\*) – Wild card for any combination of characters +- Question mark (?) – Wild card for a single character + +Use the following format to add a custom filter for a server: + +- SQL: + + [SQL Server Name]/[Host or IP Address]/[Database Name]/[TableName] + +- Oracle: + + [Oracle Server Name]/[Host or IP Address]/[Container Name]/[Schema]/[Table Name] + +- Azure SQL: + + [Azure SQL Server Name]/[Host or IP Address]/[Database Name]/[Table Name] + +- MySQL: + + [MySQL Server Name]/[Host or IP Address]/[DastabaseName]/[TableName] + +- PostgreSQL: + + [PostgreSQL Server Name]/[Host or IP Address]/[DastabaseName]/[Schema]/[TableName] + +- Db2: + + [Db2LUW Server Name]/[Host or IP Address]/[DastabaseName]/[TableName] diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/options.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/options.md new file mode 100644 index 0000000000..72d866f83f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/options.md @@ -0,0 +1,85 @@ +# SQL: Options + +Use the Options page to configure additional settings. The contents of the page vary according to +the category selected. The Options page is a wizard page for the categories of: + +- Server Audits +- Sensitive Data + +## Server Audits + +Use the Options page to specify collection options to use when gathering server audits. This is a +page for the Server Audits Events Collection category. + +![SQL Data Collector Wizard Options page for Server Audit](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/optionsserveraudits.webp) + +The scan options are: + +- Collect only events since last scan – Differential scanning +- Process each audit file individually +- Number of days you want to keep events in the database – Data retention period, set to 15 days by + default +- Collection Method – Choose a collection method: + + - Collect audits by name + - Collect audits by path + +## Sensitive Data + +Use the Sensitive Data Scan Settings (Options) page to specify collection options to use when +gathering server audits. This is a page for the Sensitive Data Collection category. + +![SQL Data Collector Wizard Options page for Sensitive Data](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/optionssensitivedata.webp) + +The sensitive data scan settings are: + +Scan Options + +- Scan tables for sensitive data – Scans the tables within the database for sensitive data + + - The Oracle default is set for optimal performance for a high-level scan of only tables + +- Scan views for sensitive data – Scans views for sensitive data + +Data Settings + +- Scan individual columns for sensitive data – Scans individual columns within the database for + sensitive data +- Scan full rows for sensitive data – Scans full rows within the database for sensitive data +- Scan all rows for sensitive data – Scans all rows within the database for sensitive data +- Limit rows to scan – Select the number of rows to scan for sensitive data. Select the **Use random + sampling** checkbox to enable random sampling for checking for sensitive data. + +Meta Data Options + +- Scan database names for sensitive data – Scans database names for sensitive data if the database + names are included as part of the keyword list in the scanning criteria +- Scan table names for sensitive data – Scans table names within the database for sensitive data if + the table names are included as part of the keyword list in the scanning criteria +- Scan column names for sensitive data – Scans column names within the database for sensitive data. + This scans all column names of every table for sensitive data if the column names are included as + part of the keyword list in the scanning criteria. + +Large Data Type Options + +- Included binary data types (BLOB, NLOB, LONGRAW, VARBINARY) – Select to include the listed binary + data types +- Include character data types (NCLOB, CLOB, LONG) – Select to include the listed character data + types + +SDD Options + +- Store discovered sensitive data – Stores potentially sensitive data in the Access Analyzer + database. Any sampled sensitive data discovered based on the matched criteria is stored in the + Access Analyzer database. This functionality can be disabled by clearing this option. + + **NOTE:** The **Store discovered sensitive data** option is required to view Content Audit + reports in the Access Information Center for SQL data. + + **CAUTION:** Changing scan options, criteria, or filters when resuming a scan may prevent the + can from resuming properly. + +- Resume scan from last point on error – Resumes scan from where the previous scan left off when the + previous scan was stopped as a result of an error + +_Remember,_ Sensitive Data Discovery is required to use the sensitive data collection option. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md new file mode 100644 index 0000000000..1dca2fefd8 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md @@ -0,0 +1,119 @@ +# SQL Data Collector + +The SQL Data Collector provides information on database configuration, permissions, data extraction, +application name of the application responsible for activity events, an IP Address or Host name of +the client server, and sensitive data reports. This data collector also provides information on +Oracle databases including infrastructure and operations. + +The SQL Data Collector has been preconfigured within the Database data collection jobs for Db2, +MySQL, Oracle, PostgreSQL, Redshift, and SQL Server databases. Both this data collector and the +Database Solution are available with a special Access Analyzer license. See the following topics for +additional information: + +- [Db2 Solution](/docs/accessanalyzer/12.0/solutions/databases/db2/overview.md) +- [MySQL Solution](/docs/accessanalyzer/12.0/solutions/databases/mysql/overview.md) +- [PostgreSQL Solution](/docs/accessanalyzer/12.0/solutions/databases/postgresql/overview.md) +- [Oracle Solution](/docs/accessanalyzer/12.0/solutions/databases/oracle/overview.md) +- [Redshift Solution](/docs/accessanalyzer/12.0/solutions/databases/redshift/overview.md) +- [SQL Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/overview.md) + +Protocols + +TCP + +Ports + +For Db2: + +- Specified by Instances table (default is 5000) + +For MySQL: + +- Specified by Instances table (default is 3306) + +For Oracle: + +- Specified by Instances table (default is 1521) + +For PostgreSQL: + +- Specified by Instances table (default is 5432) + +For SQL: + +- Specified by Instances table (default is 1433) + +Permissions + +For MySQL: + +- Read access to MySQL instance to include all databases contained within each instance +- Windows Only — Domain Admin or Local Admin privilege + +For Oracle: + +- User with SYSDBA role +- Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or + Unix operating systems + +For PostgreSQL: + +- Read access to all the databases in PostgreSQL cluster or instance +- Windows Only — Domain Admin or Local Admin privilege + +For Redshift: + +- Read-access to the following tables: + + - pg_tables + - pg_user + +For SQL: + +- For Instance Discovery, local rights on the target SQL Servers: + + - Local group membership to Remote Management Users + - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` + +- For permissions for data collection: + + - Read access to SQL instance + - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the + target SQL instance(s) when using the **Scan full rows for sensitive data** option on the + Options wizard page + - Grant Authenticate Server to [DOMAIN\USER] + - Grant Connect SQL to [DOMAIN\USER] + - Grant View any database to [DOMAIN\USER] + - Grant View any definition to [DOMAIN\USER] + - Grant View server state to [DOMAIN\USER] + - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) + +See the [Azure SQL Auditing Configuration](/docs/accessanalyzer/12.0/requirements/target/config/azuresqlaccess.md) +topic and the +[AzureSQL Target Least Privilege Model](/docs/accessanalyzer/12.0/requirements/target/config/databaseazuresql.md) +topic for additional information. + +Sensitive Data Discovery Considerations + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## SQL Query Configuration + +The SQL Data Collector is configured through the SQL Data Collector Wizard. The wizard contains the +following pages, which change based upon the query category selected: + +**NOTE:** The SQL Data Collector is used in multiple Access Analyzer Solutions, and the query +categories used are dependent on the solution. + +- [SQL: Category](/docs/accessanalyzer/12.0/admin/datacollector/sql/category.md) +- [SQL: Options](/docs/accessanalyzer/12.0/admin/datacollector/sql/options.md) +- [SQL: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.md) +- [SQL: Filter](/docs/accessanalyzer/12.0/admin/datacollector/sql/filter.md) +- [SQL: Settings](/docs/accessanalyzer/12.0/admin/datacollector/sql/settings.md) +- [SQL: Custom SQL Query](/docs/accessanalyzer/12.0/admin/datacollector/sql/customquerysql.md) +- [SQL: Custom Oracle Query](/docs/accessanalyzer/12.0/admin/datacollector/sql/customqueryoracle.md) +- [SQL: Results](/docs/accessanalyzer/12.0/admin/datacollector/sql/results.md) +- [SQL: Rowkey](/docs/accessanalyzer/12.0/admin/datacollector/sql/rowkey.md) +- [SQL: Summary](/docs/accessanalyzer/12.0/admin/datacollector/sql/summary.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/results.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/results.md new file mode 100644 index 0000000000..f8773dcf9a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/results.md @@ -0,0 +1,10 @@ +# SQL: Results + +The Results page is where the properties that will be gathered are selected. It is a wizard page for +all of the categories. + +![SQL Data Collector Wizard Results Page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/results.webp) + +Properties can be selected individually, or the **Select All** and **Clear All** buttons can be +used. All selected properties are gathered. Available properties vary based on the category +selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/rowkey.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/rowkey.md new file mode 100644 index 0000000000..71808dacbc --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/rowkey.md @@ -0,0 +1,10 @@ +# SQL: Rowkey + +The Rowkey page configures the Rowkey for the SQL query. It is a wizard page for the Custom Query +categories. + +![SQL Data Collector Wizard Rowkey Page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/rowkey.webp) + +Properties selected on the Results page are listed. Select the property or properties to act as the +Rowkey. Properties can be selected individually, or the **Select All** and **Clear All** buttons can +be used. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/settings.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/settings.md new file mode 100644 index 0000000000..618ff6b1f1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/settings.md @@ -0,0 +1,13 @@ +# SQL: Settings + +The Settings page configures the removal of data from the Access Analyzer database for specific +instances. It is a wizard page for the category of Utilities. + +![SQL Data Collector Wizard Data removal settings Page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/settings.webp) + +Data from the selected categories will be removed from the Access Analyzer database: + +- Permissions +- Audits +- Sensitive Data +- Orphaned Rows diff --git a/docs/accessanalyzer/12.0/admin/datacollector/sql/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/sql/summary.md new file mode 100644 index 0000000000..c2c379bcd4 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/sql/summary.md @@ -0,0 +1,10 @@ +# SQL: Summary + +The Summary page is where the configuration settings are summarized. It is a wizard page for all of +the categories. + +![SQL Data Collector Wizard Summary Page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the SQL Data Collector Wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/category.md b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/category.md new file mode 100644 index 0000000000..296eb77a85 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/category.md @@ -0,0 +1,16 @@ +# SystemInfo: Category + +The Category page contains the following categories: + +![System Info Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/category.webp) + +The report categories are: + +- Computer System – Returns hardware and software related information +- Files Shares – Returns file share, permissions, and content information +- Logged On Users – Returns information about users logged on to local and remote machines +- Network Interface(NIC) – Returns network adapter configuration information +- Open File Shares – Returns information on accessible file shares +- Open Files – Returns information on locked and in use files +- Scheduled Tasks – Returns information on scheduled tasks +- Sessions – Returns information on local and remote sessions diff --git a/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/filetypes.md b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/filetypes.md new file mode 100644 index 0000000000..ac4c2707d6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/filetypes.md @@ -0,0 +1,11 @@ +# SystemInfo: File Types + +The File Types page is where to enable count file types and specify filename masks if it is desired +to count files of given types. Two properties are generated for every mask provided, one for size +and one for count. It is a wizard page for the category of File Shares. + +![System Info Data Collector Wizard File Types page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/filetypes.webp) + +To enable counting file types, select the **Count file types** checkbox. To add new file types, +click **Add New**. To load a list of default file types for counting, click **Load Defaults**. To +remove a file type, select the file type and click **Remove**. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/jobscope.md b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/jobscope.md new file mode 100644 index 0000000000..18a78713f7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/jobscope.md @@ -0,0 +1,11 @@ +# SystemInfo: Job Scope + +The Job Scope page is where to select whether or not scoping should be used during execution. It is +a wizard page for the category of File Shares. + +![System Info Data Collector Wizard Job Scope page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/jobscope.webp) + +Select from the following options: + +- Don’t Use Scoping +- Use Scoping diff --git a/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/options.md b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/options.md new file mode 100644 index 0000000000..a39e2b1dbf --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/options.md @@ -0,0 +1,48 @@ +# SystemInfo: Options + +The Options page contains options for the Files Shares category. It is a wizard page for the +categories of: + +- File Shares +- Network Interface (NIC) +- Open File Shares + +**NOTE:** This is a legacy feature, as it is more efficient to use the **FileSystemAccess** (FSAA) +Data Collector to gather this information. + +## File Shares and Open File Shares + +For the File Shares and Open File Shares categories: + +![System Info Data Collector Wizard Options page for File Shares category](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/optionsfileshares.webp) + +Select from the following options to control the depth of processing and the amount of information +to be returned by the query: + +- Include file level permissions + + - Do not collect inherited file permissions + + - Return All Folders + +- Enumerate subfolders within shared folders + + - Limit returned subfolders depth to – Specify the number of levels + +- Size units for corresponding properties – Select the desired size unit: + + - Bytes + - KBytes + - Mbytes + - GBytes + +## Network Interface (NIC) + +For the Network Interface (NIC) category: + +![System Info Data Collector Wizard Options page for NIC category](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/optionsnic.webp) + +The configurable option is: + +- Show primary IP address only – Select this checkbox to return data for the primary network + interface only diff --git a/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/overview.md new file mode 100644 index 0000000000..377a1d87fc --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/overview.md @@ -0,0 +1,43 @@ +# SystemInfo Data Collector + +The SystemInfo Data Collector extracts information from the target system based on the selected +category. The SystemInfo Data Collector is a core component of Access Analyzer, but it has been +preconfigured within the Windows Solution. While the data collector is available with all Access +Analyzer license options, the Windows Solution is only available with a special Access Analyzer +license. See the [Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional +information. + +Protocols + +- Remote Registry +- RPC +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group + +## SystemInfo Query Configuration + +The SystemInfo Data Collector is configured through the System Info Data Collector Wizard, which +contains the following wizard pages: + +- Welcome +- [SystemInfo: Category](/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/category.md) +- [SystemInfo: Results](/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/results.md) +- [SystemInfo: Shares List](/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/shareslist.md) +- [SystemInfo: Probable Owner](/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/probableowner.md) +- [SystemInfo: VIP Membership](/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/vipmembership.md) +- [SystemInfo: File Types](/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/filetypes.md) +- [SystemInfo: Options](/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/options.md) +- [SystemInfo: Summary](/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/summary.md) + +![System Info Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/probableowner.md b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/probableowner.md new file mode 100644 index 0000000000..a344905e87 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/probableowner.md @@ -0,0 +1,62 @@ +# SystemInfo: Probable Owner + +On the Probable Owner page, select options for determining the owner using weighted calculations. +This page is enabled when the **Probable Owner** property is selected on the Results page. + +![System Info Data Collector Wizard Probable Owner page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/probableowner.webp) + +Determine owner + +In the Determine owner section, select from the following options: + +- Determine owner from User Profile Last Modified Date +- Determine owner from User Profile Size +- Determine owner from Current User +- Determine owner from Last User +- Custom weights – Select this radio button to use custom weights to determine the probable owner. + These weights can be set by clicking the ellipsis next to the Result weights box to open the + Probable Owner Settings window. + +![Custom weights Probable Owner Settings window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/customweights.webp) + +The Result weights box displays the custom weights set in the Probable Owner Settings window. + +Exclude users list + +In the Exclude users list section, select from the following checkboxes: + +- Exclude users by list – Enables the **Set List of Users to Exclude** button +- Exclude locked out users +- Exclude disabled users + +![Exclude users Probable Owner Settings window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/excludeusers.webp) + +Click **Set Users to Exclude** to open the Probable Owner Settings window: + +- User – Enter users in the following format: `Domain\Username` +- Add user – Click **Add user** to add the users entered in the User box to the excluded users list +- Removed selected – Select a user and click **Removed selected** to remove the user +- Clear list – Click **Clear list** to remove the list of excluded users +- Select users or groups – Click **Select users or groups** to open the Select User or Group window + and select users or groups to add the excluded users list +- Import from file – Select **Import from file** to open the Import File Dialog and import files to + add to the excluded users list + +Output options + +In the Output options section, select from the following options: + +- Get the most probable owner(s) +- Get probable owners with relative deviation to the most probable owner – Enables the following + option: + + - Maximum deviation: **[number]** percents + +- Get probable owners limited by probability – Enables the following options: + + - Probability threshold **[number]** percents + - Return at least one probable owner regardless of probability + +Select the following checkbox if desired: + +- Return the top **[number]** ranked probable owners diff --git a/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/results.md b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/results.md new file mode 100644 index 0000000000..728d06f11a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/results.md @@ -0,0 +1,10 @@ +# SystemInfo: Results + +The Results page is used to select which properties are gathered out of those available for the +category. It is a wizard page for all categories. + +![System Info Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/results.webp) + +Properties can be selected individually or the **Check all**, **Uncheck all**, and **Reset to +defaults** buttons can be used. All selected properties are gathered. Available properties vary +based on the category selected. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/shareslist.md b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/shareslist.md new file mode 100644 index 0000000000..0a6634c5ec --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/shareslist.md @@ -0,0 +1,19 @@ +# SystemInfo: Shares List + +On the Shares List page, configure the shares to include and exclude. It is a wizard page for the +category of File Shares. + +![System Info Data Collector Wizard Shares List page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/shareslist.webp) + +Select from the following options to exclude system or hidden shared folders from enumeration: + +- Exclude system and special shared folders +- Exclude hidden shared folders + +Select the following checkbox to identify nested shares and exclude them from the output: + +- Skip Nested Shares + +To configure individual shares to include or exclude, enter a share name and click **Add as +inclusion** or **Add as exclusion**. To remove the share from the list, select the share and click +**Remove selected**. To clear the list of inclusions and exclusions, click **Clear list**. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/summary.md new file mode 100644 index 0000000000..b7cd1d41db --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/summary.md @@ -0,0 +1,9 @@ +# SystemInfo: Summary + +The Summary page displays a summary of the configured query. It is a wizard page for all categories. + +![System Info Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the System Info Data Collector Wizard ensuring that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/vipmembership.md b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/vipmembership.md new file mode 100644 index 0000000000..9e7f99c3bf --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/vipmembership.md @@ -0,0 +1,15 @@ +# SystemInfo: VIP Membership + +The VIP Membership provides the option to add members to a VIP List and exclude them from contact +about probable ownership. Any users can be added to VIP membership. This page is enabled when the +VIPList property is selected on the Results page. + +![System Info Data Collector Wizard VIP Membership page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/vipmembership.webp) + +To add a user to the VIPList members table, enter the username in the User box in the +`Domain\Username` format and click **Add user**. To remove a user from the list, select the user and +click **Remove selected**. To clear the list, click **Clear list**. + +To select users or groups to add to the VIPList members table, click **Select users or groups** to +open the Select User or Group browser window and add a user or group. To import a file, click +**Import from file** to open the Import File Dialog browser window. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/textsearch/advancedcriteria.md b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/advancedcriteria.md new file mode 100644 index 0000000000..aa6d6f2a63 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/advancedcriteria.md @@ -0,0 +1,23 @@ +# TextSearch: Advanced Criteria + +The Advanced Criteria page is displayed if the **Use advanced criteria (instead of simple +criteria)** checkbox is selected on the Search Criteria page. This page provides configuration +options to specify the text to search for across the entire row of each file or within the specified +column in each row. + +![Text Search Data Collector Wizard Advanced Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/advancedcriteria.webp) + +The configurable options are: + +- Return Multiple Columns – Return data values in multiple columns +- Load Sample Data – Click this button to browse for sample data to test the filters entered. If the + sample data file is large, it is recommended to sample an excerpt of the file to reduce the amount + of time it takes to load the data. +- Customize – Click this button to open the Filter builder + + ![Filter builder window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/filterbuilder.webp) + + See the [Filtration Dialog](/docs/accessanalyzer/12.0/admin/navigate/datagrid.md#filtration-dialog) topic for information + on using the Filter builder. + +The filter section cannot be blank. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/textsearch/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/overview.md new file mode 100644 index 0000000000..286dd44c18 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/overview.md @@ -0,0 +1,37 @@ +# TextSearch Data Collector + +The TextSearch Data Collector enables searches through text based log files. The TextSearch Data +Collector is a core component of Access Analyzer, but it has been preconfigured within the Windows +Solution. While the data collector is available with all Access Analyzer license options, the +Windows Solution is only available with a special Access Analyzer license. See the +[Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information. + +Protocols + +- RPC + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group + +## TextSearch Query Configuration + +The TextSearch Data Collector is configured through the Text Search Data Collector Wizard, which +contains the following wizard pages: + +- Welcome +- [TextSearch: Source Files](/docs/accessanalyzer/12.0/admin/datacollector/textsearch/sourcefiles.md) +- [TextSearch: Search Criteria](/docs/accessanalyzer/12.0/admin/datacollector/textsearch/searchcriteria.md) +- [TextSearch: Advanced Criteria](/docs/accessanalyzer/12.0/admin/datacollector/textsearch/advancedcriteria.md) +- [TextSearch: Results](/docs/accessanalyzer/12.0/admin/datacollector/textsearch/results.md) +- [TextSearch: Summary](/docs/accessanalyzer/12.0/admin/datacollector/textsearch/summary.md) + +![Text Search Data Collector Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/textsearch/results.md b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/results.md new file mode 100644 index 0000000000..92b97eb462 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/results.md @@ -0,0 +1,18 @@ +# TextSearch: Results + +The Results page is where properties that will be gathered are selected. + +![Text Search Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/results.webp) + +Properties can be selected individually or the **Check all**, **Uncheck All**, and **Reset to +Defaults** buttons can be used. All selected properties are gathered. Available properties vary +based on the category selected. + +- Size units – Select from the following: + + - Bytes + - KBytes + - MBytes + - GBytes + +- Only return results for files with at least one match diff --git a/docs/accessanalyzer/12.0/admin/datacollector/textsearch/searchcriteria.md b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/searchcriteria.md new file mode 100644 index 0000000000..68919817b2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/searchcriteria.md @@ -0,0 +1,17 @@ +# TextSearch: Search Criteria + +The Search Criteria page provides configuration options to specify the text to search for across the +entire row of each file. + +![Text Search Data Collector Wizard Search Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/searchcriteria.webp) + +The configurable functions are: + +- Use advanced criteria (instead of simple criteria) – Select this checkbox to display the Advanced + Criteria page and configure the search with additional filtering options. Advanced search criteria + is configured on the Advanced Criteria page. See the + [TextSearch: Advanced Criteria](/docs/accessanalyzer/12.0/admin/datacollector/textsearch/advancedcriteria.md) topic for additional information. +- Simple Criteria + + - Text to match – Find files that contain the text string entered + - Exact match – Select this option to find files that contain only the exact text string entered diff --git a/docs/accessanalyzer/12.0/admin/datacollector/textsearch/sourcefiles.md b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/sourcefiles.md new file mode 100644 index 0000000000..efae2f5f8f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/sourcefiles.md @@ -0,0 +1,81 @@ +# TextSearch: Source Files + +The Source Files page provides options to specify which files to search. + +![Text Search Data Collector Wizard Source Files page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/sourcefiles.webp) + +Location + +The Location section provides options to scope the search. + +- Fixed path – Supply a fixed path or use wildcards and system variables. Fixed paths are typically + entered in the following format: `drive\filepath` (for example, `C:\WINNT\System32`). Click the + ellipsis to open the Remote Folder Explorer and browse to add file paths to the search scope. See + the [Remote Folder Explorer](#remote-folder-explorer) topic for additional information. +- Current Job Directory – Search the job’s root folder for the specified file +- Registry Lookup – Select this option to programmatically obtain a file path from a registry key + that exists on the target host in the environment. Click the ellipsis to open the Access Analyzer + Registry Browser and connect to a host to select a registry key and path to be used for the + lookup. + + - Value Name – This value is automatically populated from the registry key + - Levels – The Levels slider can be used to truncate the path for the key value in the Adjust + Path dialog box + - Current value data – Displays the current value for the registry key + - Query 32-bit – Select this checkbox to query a 32-bit view + - Query 64-bit – Select this checkbox to query a 64-bit view + +Files + +The Files section provides options to define the object or set of objects to find. + +- File name – Enter file names to search in the following format: `filename.extension`. Separate + multiple file names with a semicolon and no spaces between the names. Wild cards can be used. +- File type – Select the extension type of the file name entered above to tell the collection + routine how the data within the underlying file is structured and should be handled: + + - Autodetect – Select this when the data type is unknown. The data collection routine will + attempt to figure out what type of data it is and handle it appropriately. + - Plain Text + - CSV + - TSV + - Binary + - Space Separated Text + +- First line is header captions line – Enabled when CSV, TSV, or Space Separated Text is selected + +Options + +The Options section provides options to scope the search. + +- Ignore files larger than [number]MB +- Include subfolders + +Last Modification Time Filter + +The Last Modification Time Filter section provides options to apply time filters to the search. + +- None +- Oldest file +- Most recent file +- Between [date] and [date] +- In the last [number] [days] or [hours] + +## Remote Folder Explorer + +Clicking the ellipsis in the Location section of the Source Files page opens the Remote Folder +Explorer search window. In the Remote Folder Explorer window, navigate to the file folder location +and add the path to the scope. Multiple paths can be added to the scope. + +![Remote Folder Explorer window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/remotefolderexplorer.webp) + +The Remote Folder Explorer functions are: + +- Sample from host (path) – If the desired file does not exist on the local Access Analyzer Console, + enter the name of the host that contains the file and click **Connect** to browse that host +- Selected Path – Displays the path selected in the box above +- Add path – Click **Add path** to add the selected path to the Path box. This adds the path to the + search scope. +- Delete path – Select a path in the Path box and click **Delete path** to delete the path from the + search scope +- Path – Displays the paths that have been added to the search scope diff --git a/docs/accessanalyzer/12.0/admin/datacollector/textsearch/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/summary.md new file mode 100644 index 0000000000..732f01037d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/textsearch/summary.md @@ -0,0 +1,9 @@ +# TextSearch: Summary + +The Summary page displays a summary of the configured query. + +![Text Search Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Text Search Data Collector Wizard ensuring that no accidental clicks +are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/unix/editscript.md b/docs/accessanalyzer/12.0/admin/datacollector/unix/editscript.md new file mode 100644 index 0000000000..44c4b797c5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/unix/editscript.md @@ -0,0 +1,9 @@ +# Unix: Edit Script + +The Edit Script page allows the script to be customized. + +![Unix Data Collector Wizard Edit Script page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/editscript.webp) + +Edit the shell script in the textbox if desired. + +Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/unix/input.md b/docs/accessanalyzer/12.0/admin/datacollector/unix/input.md new file mode 100644 index 0000000000..5dae4e2054 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/unix/input.md @@ -0,0 +1,25 @@ +# Unix: Input + +The Input page configures the source for input data. + +![Unix Data Collector Wizard Input page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/input.webp) + +The configurable options are: + +- Use SQL table for scoping input – Select the checkbox to enable scoping options +- Input Table + + - Name – Select the SQL table from the drop-down menu + - Filter Nulls – Select the checkbox to ignore blank rows in the table + - Filter Duplicates – Select the checkbox to ignore duplicate rows in the table + - Filter by host column – Select the checkbox to sort rows by host + +- Columns – Select the desired rows from the SQL table +- Data Input Method + + - Run command once per table row + - Send table data via standard input + +- Column Separator – Specify the column delimiter + +Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/unix/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/unix/overview.md new file mode 100644 index 0000000000..f25aba8cde --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/unix/overview.md @@ -0,0 +1,34 @@ +# Unix Data Collector + +The Unix Data collector provides host inventory, software inventory, and logical volume inventory on +UNIX & Linux platforms. The Unix Data Collector has been preconfigured within the Unix Solution. +Both this data collector and the solution are available with a special Access Analyzer license. See +the [Unix Solution](/docs/accessanalyzer/12.0/solutions/unix/overview.md) topic for additional information. + +Protocols + +- SSH + +Ports + +- TCP 22 +- User configurable + +Permissions + +- Root permissions in Unix/Linux + +If the Root permission is unavailable, a least privileged model can be used. See the +[Least Privilege Model](/docs/accessanalyzer/12.0/requirements/target/unix.md#least-privilege-model) topic additional +information. + +## Unix Query Configuration + +The Unix Data Collector is configured through the Unix Data Collector Wizard. It is designed to scan +and import information from UNIX / Linux systems. The Unix Data Collector has these pages: + +- [Unix: Settings](/docs/accessanalyzer/12.0/admin/datacollector/unix/settings.md) +- [Unix: Input](/docs/accessanalyzer/12.0/admin/datacollector/unix/input.md) +- [Unix: Edit Script](/docs/accessanalyzer/12.0/admin/datacollector/unix/editscript.md) +- [Unix: Parsing](/docs/accessanalyzer/12.0/admin/datacollector/unix/parsing.md) +- [Unix: Results](/docs/accessanalyzer/12.0/admin/datacollector/unix/results.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/unix/parsing.md b/docs/accessanalyzer/12.0/admin/datacollector/unix/parsing.md new file mode 100644 index 0000000000..15378fd32d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/unix/parsing.md @@ -0,0 +1,31 @@ +# Unix: Parsing + +The Parsing Configuration page configures the columns to return from the remote command and the +parameters used to parse that output into those columns. + +![Unix Data Collector Wizard Parsing Configuration page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/parsing.webp) + +The configurable options are: + +- Parse Columns – Select the checkbox to enable the parsing parameters options + + - Delimiter – Specify the delimiter + - Ignore duplicate delimiters – Check the checkbox to enable + - Delimiter Type – Select one of the following options: + + - Split on any delimiter character + - Split on entire delimiter string + - Split on delimiter regular expression + + - Handle additional delimited fields by – Select one of the following options: + + - Ignoring them + - Inserting them as the last column in additional rows + - Including them in the last column + +- Columns – Use the buttons to add or remove columns + + - **Add** – Opens the New Column window. Enter a new column name and click **OK**. + - **Remove** – Removes the selected column + +Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/unix/results.md b/docs/accessanalyzer/12.0/admin/datacollector/unix/results.md new file mode 100644 index 0000000000..f167a1abde --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/unix/results.md @@ -0,0 +1,15 @@ +# Unix: Results + +On the Results page, select which properties will be gathered out of those available for the query. +Additionally select properties based on which ROWKEY will be built. + +![Unix Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/results.webp) + +The configurable options are: + +- Properties to return – Select the desired columns +- ROWKEY's components – Select the desired columns + +Click **Finish** to save the configuration changes, or **Back** to return to the previous page. If +no changes were made, it is a best practice to click **Cancel** to close the Unix Data Collector +Wizard to make sure that no accidental settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/unix/settings.md b/docs/accessanalyzer/12.0/admin/datacollector/unix/settings.md new file mode 100644 index 0000000000..1bf875a81a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/unix/settings.md @@ -0,0 +1,36 @@ +# Unix: Settings + +The Settings page configures the Unix Data Collector settings. + +![Unix Data Collector Wizard Settings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/settings.webp) + +The configurable options are: + +- Time Out Settings + + - Connection Timeout – Set the connection timeout + - Processing Timeout – Set the processing timeout + +- Pre-Execution File Copy + + The Unix Data Collector can use SCP to copy a file from the Access Analyzer console to the + target system before running the script command. + + - Enable pre-execution file copy – Select the checkbox to enable + + - Source File – Enter a file path or click the ellipsis (…) to browse to the file location + - Target Location – Enter the file path to copy the file to + +- Credential Selection Settings + + - Only use Unix Account type credentials from connection profile + - Use both Unix Account and Active Directory Account type credentials from connection profile + + - AD Account user name format – Select from the dropdown the format of the user name from + the following: + + - username + - domain\username + - username@domain + +Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/groups.md b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/groups.md new file mode 100644 index 0000000000..655f349772 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/groups.md @@ -0,0 +1,43 @@ +# UsersGroups: Groups Category + +The Groups Query category collects information for groups in different contexts. + +![Users and Groups Browser wizard Results page for Groups category](/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/groups.webp) + +In the Groups section, select from the following options: + +- All groups +- All global groups +- All local groups +- All groups containing the following users – Click the ellipsis (**…**) to open the Find a User + browser screen and select users. See the [Find a Group/User Browser](#find-a-groupuser-browser) + topic for additional information. +- These groups – Click the ellipsis (**…**) to open the Find a Group browser window and select + groups. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic for additional + information. + +In the Additional Properties section, select the **What rights does this group have?** checkbox to +return rights for the selected groups. + +**CAUTION:** The number of offline Groups can significantly increase the time for a scan. + +**_RECOMMENDED:_** For large networks, configure the length of time for a scan when Groups are +offline. + +- Retry Attempts [number] +- Retry Interval [number] seconds + +## Find a Group/User Browser + +Clicking the ellipses for the **All groups containing the following users** and the **These groups** +options opens the Find a Group or Find a User browser. + +![Find a group window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/findagroup.webp) + +The Find a Group and Find a User browsers display a list of groups or users, depending on which one +is being used, that can be selected for the option. Select from a specific host using the Sample +from host option, or leave the text field blank and click **Connect** to retrieve all user groups or +users that are selectable. + +Select a group or user by selecting the checkbox next to it, and click **OK** to confirm selection. +Click **Cancel** to leave the window without a selection. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/security.md b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/security.md new file mode 100644 index 0000000000..36ec581f23 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/security.md @@ -0,0 +1,27 @@ +# UsersGroups: Security Category + +This Security policy is used to audit security policies. + +![Users and Groups Browser wizard Results page Security category](/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/security.webp) + +Select from the following options for what data will be returned: + +- Security Policy (User Rights Assignment) – Identifies user rights assignment for each individual + policy part that grants or removes rights + + - Resolve Nested Group Membership – Returns nested group membership + - Find all users and groups who have the following right – Select the checkboxes next to the + rights desired for the query + +- Password Policy – Returns a password policy audit for the target +- Audit Policy – Returns an audit policy audit for the target +- Account Lockout Policy – Returns an account lockout policy audit for the target + +**CAUTION:** The number of offline hosts with policies can significantly increase the time for a +scan. + +**_RECOMMENDED:_** For large networks, configure the length of time for a scan when hosts with +policies are offline. + +- Retry Attempts [number] +- Retry Interval [number] seconds diff --git a/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/users.md b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/users.md new file mode 100644 index 0000000000..285948d4c8 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/users.md @@ -0,0 +1,61 @@ +# UsersGroups: Users Category + +The Users Query category collects information for users in different contexts. + +![Users and Groups Browser wizard Results page Users category](/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/users.webp) + +In the Users section, select from the following options: + +- All users – All users found on the target host +- All users in the following groups – Click the ellipsis (**…**) to open the Find a Group browser + window and specify a group. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic + for additional information. A specific group can also be entered manually into the text field. +- These users – Click the ellipsis (**…**) to open the Find a User browser window and specify one or + more users. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic for additional + information. A specific user can also be entered manually into the text field. +- Special users – The users found can be flagged as special users in the following categories: + + - Administrator + - Guest + - Check if account has been renamed – Select this checkbox to check if the Administrator or + Guest account has been renamed + - Resolve nested group membership – Returns nested group membership + - Include every occurrence of a user – Show every group in which the user is a member + +In the Additional Properties section, select from the following checkboxes to return additional +information on user objects: + +- Is the user account enabled? +- Is the user account locked out? +- Can the user change their password? +- Does the user’s password expire? +- What rights does the user have? +- Does the user require a password? +- When was this user’s password last changed? +- What is this user’s password age in days? +- When did this user last logon? + +Click **Select all** to select all properties. Click **Clear all** to deselect all properties + +**CAUTION:** The number of offline Users can significantly increase the time for a scan. + +**_RECOMMENDED:_** For large networks, configure the length of time for a scan when Users are +offline. + +- Retry Attempts [number] +- Retry Interval [number] seconds + +## Find a Group/User Browser + +Clicking the ellipses for the **All users in the following groups** and the **These users** options +opens the Find a Group or Find a User browser. + +![Find a group window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/findagroup.webp) + +The Find a Group and Find a User browsers display a list of groups or users, depending on which one +is being used, that can be selected for the option. Select from a specific host using the Sample +from host option, or leave the text field blank and click **Connect** to retrieve all user groups or +users that are selectable. + +Select a group or user by selecting the checkbox next to it, and click **OK** to confirm selection. +Click **Cancel** to leave the window without a selection. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/overview.md new file mode 100644 index 0000000000..71514b9633 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/overview.md @@ -0,0 +1,44 @@ +# UsersGroups Data Collector + +The UsersGroups Data Collector audits user and group accounts for both local and domain, extracting +system policies. + +The UsersGroups Data Collector has been preconfigured within the Windows Solution. Both this data +collector and the solution are available with a special Access Analyzer license. See the +[Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information. + +Protocols + +- RPC +- SMBV2 +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports +- 445 + +Permissions + +- Member of the Local Administrators group + + - If a less-privileged option is required, you can use a regular domain user that has been added + to the **Network access: Restrict clients allowed to make remote calls to SAM** Local Security + Policy + +- Member of the Domain Administrators group (if targeting domain controllers) + +## UsersGroups Query Configuration + +The UsersGroups Data Collector is configured through the Users and Groups Browser wizard, which +contains the following wizard pages: + +- Welcome +- [UsersGroups: Results](/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/results.md) +- [UsersGroups: Summary](/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/summary.md) + +![Users and Groups Browser wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** box when +the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/results.md b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/results.md new file mode 100644 index 0000000000..3b60985c36 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/results.md @@ -0,0 +1,12 @@ +# UsersGroups: Results + +The Results page is where the type of data to be returned is configured. Each type has a different +set of options. + +![Users and Groups Browser wizard Results page Category selection](/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/results.webp) + +Choose from the following query categories: + +- [UsersGroups: Users Category](/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/users.md) +- [UsersGroups: Groups Category](/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/groups.md) +- [UsersGroups: Security Category](/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/security.md) diff --git a/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/summary.md new file mode 100644 index 0000000000..e29a22c0b6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/summary.md @@ -0,0 +1,9 @@ +# UsersGroups: Summary + +The Summary page displays a summary of the configured query. + +![Users and Groups Browser wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the Users and Groups Browser wizard ensuring that no accidental clicks are +saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/classes.md b/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/classes.md new file mode 100644 index 0000000000..69101bdd27 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/classes.md @@ -0,0 +1,9 @@ +# WMICollector: Classes + +On the Classes page, configure the WMICollector namespaces and classes to use as a data source. + +![WMI Browser wizard Classes page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/classes.webp) + +Select the **Namespace** and **Class** from the drop-down lists to use as a data source. The default +namespace, **root\CIMV2**, is typically what should be used. Select the **Win32 classes only** +checkbox to use only Win32 classes. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/overview.md b/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/overview.md new file mode 100644 index 0000000000..ec4005cc89 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/overview.md @@ -0,0 +1,37 @@ +# WMICollector Data Collector + +The WMICollector Data Collector identifies data for certain types of WMI classes and namespaces. The +WMICollector Data Collector is a core component of Access Analyzer, but it has been preconfigured +within the Windows Solution. While the data collector is available with all Access Analyzer license +options, the Windows Solution is only available with a special Access Analyzer license. See the +[Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information. + +Protocols + +- RPC +- WMI + +Ports + +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions + +- Member of the Local Administrators group + +## WMICollector Query Configuration + +The WMICollector Data Collector is configured through the WMI Browser wizard, which contains the +following wizard pages: + +- Welcome +- [WMICollector: Sample Host](/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/samplehost.md) +- [WMICollector: Classes](/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/classes.md) +- [WMICollector: Properties](/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/properties.md) +- [WMICollector: Summary (Results)](/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/summary.md) + +![WMI Browser wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/welcome.webp) + +The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox +when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/properties.md b/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/properties.md new file mode 100644 index 0000000000..81210cdfc3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/properties.md @@ -0,0 +1,13 @@ +# WMICollector: Properties + +On the Properties page, select the properties to extract. + +![WMI Browser wizard Properties page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/properties.webp) + +If the **Extract only selected instances** checkbox is not selected, data is returned from all +process instances displayed in the **Instances of `\`** box. To return data from a +single process instance, select an instance and select the **Extract only selected instances** +checkbox. Only one instance can be selected at a time. + +In the **Instance data** box, select the checkboxes next to the desired properties to return during +query execution. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/samplehost.md b/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/samplehost.md new file mode 100644 index 0000000000..9ba40c4863 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/samplehost.md @@ -0,0 +1,10 @@ +# WMICollector: Sample Host + +On the Sample Host page, enter a sample host to populate options for the query. + +![WMI Browser wizard Sample Host page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/samplehost.webp) + +On the Sample Host page, if the desired classes and namespaces to audit reside on the local host, +click **Next**. (The local host is represented by `.` in the **Sample host name** box). If a +different sample host is needed to populate the namespace and class options, enter the name for the +remote host and click **Next**. diff --git a/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/summary.md b/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/summary.md new file mode 100644 index 0000000000..ece694fa22 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/summary.md @@ -0,0 +1,8 @@ +# WMICollector: Summary (Results) + +The Summary page, or Results page, displays a summary of the configured query. + +![WMI Browser wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/summary.webp) + +Click **Finish** to save configuration changes. If no changes were made, it is a best practice to +click **Cancel** to close the WMI Browser wizard ensuring that no accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/activities.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/activities.md new file mode 100644 index 0000000000..c95b9b9487 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/activities.md @@ -0,0 +1,35 @@ +# Host Discovery Queries Activities Pane + +The Activities pane provides several options for managing Host Discovery queries. + +![Activities pane](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/activities.webp) + +The options are: + +- Create Query – Opens the Host Discovery Wizard to create a new query +- Edit Query – Opens the Host Discovery Wizard with the selected query’s configuration +- Delete Query – Deletes the selected query and its generated host list + + - A confirmation window displays. Click **Yes** to complete the deletion + +- Run Query – Begins an immediate execution of the selected query +- Stop Query – Stops the selected query which is currently running + + - No action occurs if the query is **Idle** + +- Suspend Query Queue – Removes the selected query from a scheduled queue + + - The Activities pane listing changes to **Resume Query Queue**. Click again to resume scheduled + queue. + +- Schedule – Opens the Schedule wizard to schedule query execution + + - See the [Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) topic for additional information on the Schedule + wizard + +- View Host List – Opens the [Host Management](/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md) node directly to the + selected query’s generated host list + +These options are also available through a pop-up menu accessed by right-clicking on a query. +**Create Query** and **Suspend Query Queue** are additionally available through a pop-up menu +accessed by right-clicking on the **Host Discovery** node. diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/log.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/log.md new file mode 100644 index 0000000000..0c07d7dc0f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/log.md @@ -0,0 +1,26 @@ +# Discovery Log + +The **Host Discovery** > **Discovery Log** node lists host discovery logs. These logs house +transactions that transpire during the running of host discovery and host inventory tasks. + +![Discovery Log](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/discoverylog.webp) + +The Discovery Log logging level is configured within the **Settings** > **Host Discovery** node. See +the [Host Discovery](/docs/accessanalyzer/12.0/admin/settings/hostdiscovery.md) topic for additional information. + +The following options are above the data grid: + +- Reload Log – Refresh the log data for the selected Log date and Query Name +- Log date – Select the desired **Log date** from the drop-down menu to view transactions +- Query Name – The default selection is **All Queries**. To narrow the data to a desired query, + select a query name from the drop-down menu. + +The data grid contains the following columns: + +- Date – Date timestamp of transaction +- Kind – Type of transaction recorded (Error, Warning, Info, Debug), controlled by the configured + logging level +- Source – Selectively used, the source value reflects the core component responsible for producing + the message +- HostName – Name of the targeted host where the transaction occurred +- Message – Log transaction message diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/overview.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/overview.md new file mode 100644 index 0000000000..794ce69081 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/overview.md @@ -0,0 +1,18 @@ +# Host Discovery Node + +Use the **Host Discovery** node to discover hosts to audit. Host Discovery queries are created in +the Host Discovery node to discover hosts within the targeted environment that match the desired +criteria (for example, all domain controllers for Active Directory auditing). + +The Host Discovery queries view displays a list of previously configured queries, opens the Host +Discovery Wizard to create new queries, and is where host inventory process can be automated. The +**Host Discovery** node houses the Discovery Log. The **Settings** > **Host Discovery** node +contains the global settings that affect discovery queries. See the +[Host Discovery](/docs/accessanalyzer/12.0/admin/settings/hostdiscovery.md) topic for additional information. + +The Discovery node has four main panes: + +- [Host Discovery Queries](/docs/accessanalyzer/12.0/admin/hostdiscovery/queries.md) +- [Host Discovery Queries Activities Pane](/docs/accessanalyzer/12.0/admin/hostdiscovery/activities.md) +- [Host Discovery Wizard](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/overview.md) +- [Discovery Log](/docs/accessanalyzer/12.0/admin/hostdiscovery/log.md) diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/queries.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/queries.md new file mode 100644 index 0000000000..556869595b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/queries.md @@ -0,0 +1,45 @@ +# Host Discovery Queries + +The Host Discovery Queries Pane contains a list of previously-configured queries. + +![Host Discovery Queries Pane](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queries.webp) + +The list of previously configured queries is provided in a table format with the following columns: + +- Name – Displays the name assigned to the query during creation +- Query Source – Identifies where the query searches for hosts +- Query State – Displays the query’s current status (active or idle) +- Last count – Identifies the number of hosts found from the last scan +- Last Queried – Displays the date and time stamp for the last running of the query +- Connection Profile – Identifies the Connection Profile assigned to the query for access to the + Query Source +- ID – GUID of the query task +- SANode – Name of the Access Analyzer Console server +- Snapshot mode – Identifies the type of discovery query: + + - Cumulative – Grows the host list by appending newly discovered hosts with each query execution + - Snapshot – Only shows host found during the most recent query execution + + **NOTE:** The Snapshot mode is configured on the Options page of the Host Discovery Wizard. + +## View Hidden Columns + +Follow the steps to view the hidden columns in the table: + +**Step 1 –** Right-click a header in the table, which opens a context menu. + +![Field Chooser option on context menu](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queriesfieldchooser.webp) + +**Step 2 –** Select **Field Chooser**, which opens the Customization window. + +![Customization window](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queriescustomizationwindow.webp) + +**Step 3 –** Select the **Columns** tab. + +![Drag hidden colum into table](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queriesaddhiddencolumn.webp) + +**Step 4 –** Drag and drop the desired column between any header of the table. + +![Host Discovery Queries table with column added](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/querieshiddencolumnadded.webp) + +The header is now present in the table. diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/addomaincontrollers.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/addomaincontrollers.md new file mode 100644 index 0000000000..5198246f9a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/addomaincontrollers.md @@ -0,0 +1,121 @@ +# Query an Active Directory server (Discover Domain Controllers) + +Follow the steps to create a Host Discovery query using the **Query an Active Directory server +(Discover Domain Controllers)** source option. This option scans the default domain controller or a +specified server but is scoped to return only machines that are domain controllers. + +![Host Discovey Wizard Source page for AD Domain Controllers query](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Query an Active +Directory server (Discover Domain Controllers)** option. Click **Next**. + +![Host Discovey Wizard Query page for AD Domain Controllers query](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_2.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovey Wizard Domains & Sites page](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/domainssites.webp) + +**Step 3 –** The Domains & Sites page is scoped to return all domain controllers in the targeted +domains and sites. By default, all domains and sites are selected. If desired, scope to target +specific domains and sites. + +- Connection – Select the radio button to specify the server to be connected to and searched: + + - Connect to default directory – Selects a default domain controller from the domain in which + the Access Analyzer Console server resides + - Specify server – Specify a particular server or domain controller. Type the server name in the + textbox. Click **Connect** to confirm the connection to the specified server and populate the + domains and sites choices. + +- Filter by domains – Lists discovered domains + + - Search all domains – The default option. To narrow the scope to specific domains, deselect + this option to enable the selection box. + - Exclude domain – Deselect the checkbox for a domain in the list to exclude it from the scope. + The **Check All** and **Uncheck All** buttons are enabled when scoping by domain. + +- Filter by sites – Lists discovered sites + + - Search all sites – The default option. To narrow the scope to specific sites, deselect this + option to enable the Selection box. + - Exclude site – Deselect the checkbox for a site in the list to exclude it from the scope. The + **Check All** and **Uncheck All** buttons are enabled when scoping by site. + +Click **Next** to continue. + +![Host Discovey Wizard Options page for AD Domain Controllers query](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_2.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovey Wizard Inventory page for AD Domain Controllers query](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovey Wizard Summary page for AD Domain Controllers query](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_2.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/adexchange.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/adexchange.md new file mode 100644 index 0000000000..15dac53e62 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/adexchange.md @@ -0,0 +1,100 @@ +# Query an Active Directory Server (Discover Exchange servers) + +Follow the steps to create a Host Discovery query using the Query an Active Directory server +(Discover Exchange servers) source option. This option scans the default domain controller or a +specified server but is scoped to return only computer objects residing in the configuration +container for Exchange servers. + +![Host Discovery Wizard Source page for AD Exchange](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source Page, select the **Query an Active +Directory server (Discover Exchange servers)** option. Click **Next**. + +![Host Discovery Wizard Query page for AD Exchange](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_5.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Exchange Server Query page](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/exchangeserver.webp) + +**Step 3 –** The Exchange Server Query page is scoped to the default Microsoft container where all +Exchange servers are housed. + +Leave this page unchanged. If you must modify this page, see the +[Query an Active Directory Server (General)](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/adgeneral.md) topic for instructions. Click **Next**. + +![Host Discovery Wizard Options page for AD Exchange](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_5.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovery Wizard Inventory page for AD Exchange](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Summary page for AD Exchange](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_5.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/adgeneral.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/adgeneral.md new file mode 100644 index 0000000000..b4a195a943 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/adgeneral.md @@ -0,0 +1,122 @@ +# Query an Active Directory Server (General) + +Follow the steps to create a Host Discovery query using the Query an Active Directory server +(General) source option. This option scans the default domain controller or a specified server for +all computer objects. The query can be scoped to only return computer objects in specified +containers or individual computer objects. See Step 3 for additional information. + +![Host Discovery Wizard Source page for AD General](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Query an Active +Directory server (General)** option. Click **Next**. + +![Host Discovery Wizard Query page for AD General](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_4.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Active Directory page](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/activedirectory.webp) + +**Step 3 –** On the Active Directory page, identify the organizational units (OUs) to scan. + +**_RECOMMENDED:_** Scope the query when using this source option. + +- Connection – Select the server to connect to and search for computer objects using the radio + buttons: + + - Connect to default directory – Selects a default domain controller from the domain in which + the Access Analyzer Console server resides + - Specify server – Allows you to specify a particular server or domain controller. Type the + server name in the textbox. Click **Connect** to confirm the connection to the specified + server and populate the OU choices. + +- Use Configuration directory partition (contains all Exchange servers) – If selected, the + Configuration directory opens in the Selection box +- Selection box – Expand the domain to select containers and individual hosts. Click **Add** to + include the selected container or host in the OUs to be searched box. +- OUs to be searched box – Displays the selected OUs. Use the buttons at the top of the box to edit + the list: + + - Add – Adds the selection from the Selection Box into the list + - Remove – Removes the selected OU from the list + +- Search sub-OUs – This checkbox in the OUs to be searched box indicates scan depth for the selected + OU + +Click **Next** to continue. + +![Host Discovery Wizard Options page for AD General](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_4.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovery Wizard Inventory page for AD General](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Summary page for AD General](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_4.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/csv.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/csv.md new file mode 100644 index 0000000000..b4d4e2b1bb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/csv.md @@ -0,0 +1,111 @@ +# Import From a Local CSV File + +Follow the steps to create a Host Discovery query using the **Import from a CSV file** source +option. + +**CAUTION:** Each time a query refresh occurs for a query with an import option set as the source, +it re-imports the host list. Therefore, deleting, renaming, or moving the import source file causes +the query to fail. + +![Host Discovery Wizard Source page for CSV import](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Import from a CSV +file** option on the Source page. Click **Next**. + +![Host Discovery Wizard Query page for CSV import](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_3.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +**NOTE:** The source in this case is the Access Analyzer Console server. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard CSV File Import page](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/fileimport.webp) + +**Step 3 –** On the CSV File Import page, identify the CSV file to import and the column from within +the file where the host names are located: + +- File name – Identify the CSV file with the full file path. Use the ellipsis (**…**) to open a + browser window. +- Includes header row – If the first row of the CSV file is a header row, select this option to + remove it from the list of hosts to be imported +- Column – The drop-down menu is populated from the selected CSV file. Select the column containing + the host names. The selection is highlighted in the Sample data box. +- Sample data box – Displays a preview of the selected CSV file + +Click **Next** to continue. + +![Host Discovery Wizard Options page for CSV import](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_3.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovery Wizard Inventory page for CSV import](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Summary page for CSV import](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_3.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/database.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/database.md new file mode 100644 index 0000000000..336845462a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/database.md @@ -0,0 +1,138 @@ +# Import From a Database + +Follow the steps to create a Host Discovery query using the **Import from a database** source +option. + +**CAUTION:** Each time a query refresh occurs for a query with an import option set as the source, +it re-imports the host list. Therefore, deleting, renaming, or moving the import source file causes +the query to fail. + +![Host Discovery Wizard Source page for database import](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Import from a +database** option. Click **Next**. + +![Host Discovery Wizard Query page for database import](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Database Import page](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/databaseimport.webp) + +**Step 3 –** On the Database Import page, identify the database, table, and column where the host +names are located: + +- Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link Properties + window. Then provide the required information on the Connection tab. + + ![Data Link Properties window Connection tab](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/datalinkproperties.webp) + + - Server name – Use the drop-down menu to select the server. The **Refresh** button refreshes + the list of available servers. + - Credentials – Select the credentials to use to log on to the server: + + - Use Windows NT Integrated security – This option applies the credentials used to run the + Access Analyzer application + - Use a specific user name and password – Provide the user name and password and select the + **Allow saving password** option + - If selected, the **Blank password** option indicates that no password is required + + ![Test connection succeeded confirmation window](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp) + + - Click **Test Connection** to confirm a connection has been established. Click **OK** on the + confirmation window. + - Database – Select the **Select the database on the server** option and use the drop-down menu + to select the database + - The other tabs in the Data Link Properties window should not be modified + + - Provider tab – The database connector, dictated by the source of the data and the data + sources that are available on the Access Analyzer Console server. This is set by default + to the **Microsoft OLE DB Provider for SQL Server**. + - Advanced tab – Allows modifications of the connection timeout to the database server in + case the server is slow or far away + - All tab – Do not modify this tab + + - Click **OK** to close the Data Link Properties window + +- Table – Use the drop-down menu to select a table from the database +- Column – Use the drop-down menu to select the column where the host names are located. The + selection is highlighted in the Sample data box. +- Sample data Box – Displays a preview of the selected database table + +Click **Next** to continue. + +![Host Discovery Wizard Options page for database import](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovery Wizard Inventory page for database import](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovery Wizard Summary page for database import](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/ipnetwork.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/ipnetwork.md new file mode 100644 index 0000000000..ddafb2e730 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/ipnetwork.md @@ -0,0 +1,132 @@ +# Scan IP Network + +Follow the steps to create a Host Discovery query using the Scan your IP network source option. This +option scans a specified range of IP Addresses for active hosts and resolves the names of machines +using DNS. + +![Host Discovey Wizard Source page for IP network scan](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source.webp) + +**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Scan your IP network** +option. Click **Next**. + +![Host Discovey Wizard Query page for IP network scan](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_1.webp) + +**Step 2 –** On the Query page, name the query and select the credentials used to access the source. + +- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` + default name. Two queries cannot have the same name. If you use an existing name, a number is + automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for querying the source: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovey Wizard IPSweep page](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/ipsweep.webp) + +**Step 3 –** On the IPSweep page, specify the range of IP Addresses to scan. + +- Specification Type – Specify the type of IP range to scan. The selected Specification Type + determines the IP Address options available for specifying the IP range. The default is **Specify + IP Address Range**, but the following options are available: + + - Specify Windows IP Configuration Information – Provide **Hostname or IP address** and **Subnet + mask** values + - Specify IP Address Range – Provide **Starting IP Address** and **Ending IP Address** + - Specify Advance IP Address Range – Provide **IP Address Range** + +- IP Address options – The help [?] button at the end of each textbox provides example formats + + - Hostname or IP address – Example: `192.168.2.35` or `target.example.com` + - Subnet mask – Example: `255.255.255.0` + - Starting IP Address – Example: `192.168.2.1` + - Ending IP Address – Example: `192.168.2.255` + - IP Address Range – Example: `192.168.2.*` + - See the help button for full list of examples + +- IP Ranges box – Displays the selected range of IP Addresses. Use the links at the top of the box + to edit the list: + + - Add as inclusion – Adds information provided in the IP Address Textboxes into the to be + collected list + - Add as exclusion – Adds information provided in the IP Address Textboxes into the to be + ignored list + - Remove – Removes the selection from the IP Ranges box + +- (Optional) Only include host with the following ports open – If selected, this option limits the + Host Discovery query to return only the hosts found in the IP Sweep with the specified open ports. + When specifying multiple ports, separate them with commas or semicolons but not spaces. For + example, to specify ports 10 and 80 enter: `10,80`. The help **[?]** button at the end of the + textbox provides example entry formats. +- (Optional) Only include Windows hosts – If selected, this option limits the Host Discovery query + to return only the hosts found in the IP Sweep that have Windows operating systems + +Click **Next** to continue. + +![Host Discovey Wizard Options page for IP network scan](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_1.webp) + +**Step 4 –** On the Options page, configure the query options as required. + +- Run the query when jobs that reference it are run – Select this option to automatically execute + the Host Discovery query prior to executing a job that has the host list generated by this query + assigned. This ensures any new hosts have been discovered and are available for auditing. + + **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require + up-to-date host lists. + +- Query Result Retention – Select how to maintain the host list generated by this discovery query: + + - Yes, grow the host list by appending newly discovered hosts – The host list includes every + host the query has ever discovered + - No, only show hosts that were found during the most recent run – The host list generated by + this query includes only hosts found in the most recent query execution. This option removes + hosts from the generated host list, but does not remove hosts from the Host Master Table. + +Click **Next** to continue. + +![Host Discovey Wizard Inventory page for IP network scan](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory.webp) + +**Step 5 –** On the Inventory page, the host inventory process can be automatically included with +the discovery query. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Credentials – Select a Connection Profile. These credentials require the appropriate permissions + for gathering inventory information from the discovered hosts: + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +Click **Next** to continue. + +![Host Discovey Wizard Summary page for IP network scan](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_1.webp) + +**Step 6 –** The Summary page displays all the selected query configuration settings. To make +changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the +configuration process. + +![Confirm dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) + +**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the +query at another time. + +Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the +Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/overview.md b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/overview.md new file mode 100644 index 0000000000..e2770094a6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/overview.md @@ -0,0 +1,35 @@ +# Host Discovery Wizard + +The Host Discovery Wizard gives complete control over how hosts are discovered on the targeted +network and which hosts are discovered. + +![Console with Create Query Option Highlighted](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/createqueryhighlighted.webp) + +Use the Host Discovery Wizard to create new queries. The wizard opens in the Results pane. Use any +of the following methods in order to access the Host Discovery Wizard from the Host Discovery node: + +- Select **Create Query** in the Activities pane +- Right-click the **Host Discovery** node and select **Create Query** from the pop-up menu +- Right-click anywhere in the Host Discovery Queries table and select **Create Query** from the + pop-up menu + +![Host Discovery Wizard](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/hostdiscoverywizard.webp) + +The first step in creating a Host Discovery query is to select the source where the query searches +for hosts. Hosts are discoverable using one of the following options: + +- [Scan IP Network](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/ipnetwork.md) – Scans a specified range of IP Addresses for active hosts and + resolves the names of machines using DNS +- [Query an Active Directory Server (General)](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/adgeneral.md) – Scans the default domain controller + or a specified server for all computer objects, can be scoped +- [Query an Active Directory Server (Discover Exchange servers)](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/adexchange.md) – Scans the default + domain controller or a specified server but is scoped to return only computer objects sitting in + the configuration container for Exchange servers +- [Query an Active Directory server (Discover Domain Controllers)](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/addomaincontrollers.md) – Scans + the default domain controller or a specified server but is scoped to return only machines which + are domain controllers +- [Import From a Local CSV File](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/csv.md) – Imports a host list from a specified CSV file +- [Import From a Database](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/database.md) – Imports a host list from a specified SQL Server database + +**NOTE:** The Advanced Options checkbox in the lower-left corner is a legacy item and should not be +selected. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md new file mode 100644 index 0000000000..b2346388ec --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md @@ -0,0 +1,53 @@ +# Add Hosts + +The **Add Hosts** option creates a new host list. It can be accessed through the **Host Management** +node. Follow the steps to add a new host list. + +![Add Hosts option on Activities pane of the Host Management node](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/addhosts.webp) + +**Step 1 –** Click **Add Hosts** to open the Host List Wizard in the Results pane. + +![Host List Wizard Specify Manual Host Entry page](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistwizardhostentry.webp) + +**Step 2 –** On the Manual Host Entry page, choose to either enter the hosts manually one at a time, +or use the **Import** option. When the list is completed, click **Next**. + +- To enter hosts manually, type the host name in the **Host name** textbox. Then click **Add**. The + entry will appear in the **Host list** box. Repeat the process until all hosts for this list have + been entered. +- The **Import** option opens the Import Hosts window. See the [Import Hosts Option](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhost.md) + topic for additional information. +- Use **Remove** to delete a selected host from the **Host list** box + +![Host List Wizard Specify Host List Properties page](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistwizardproperties.webp) + +**Step 3 –** On the Specify Host List Properties page, provide a unique descriptive **Host List +Name**. + +- There cannot be two host lists with the same name. Access Analyzer automatically appends a numeral + to the end of a host list name to avoid duplicates. + +**Step 4 –** On the Specify Host List Properties page, configure when inventory fields should be +refreshed for hosts in the list and set the credentials to use to conduct the host inventory. + +- Refresh inventory every time when the host discovery query completes – Automates the host + inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for + the age of previously inventoried records. Leaving this option deselected applies the global + settings for host inventory. +- Set the credentials to use to conduct the host inventory. + + - Default credentials (credentials the application is run with) – Applies the credentials used + to launch the Access Analyzer application + - Credentials in my default connection profile – Applies the default Connection Profile + configured at the global level (**Settings** > **Connection**) + - Credentials in this connection profile – Use the dropdown list to select a Connection Profile + from those preconfigured at the global level (**Settings** > **Connection**) + + See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on + Connection Profiles. + +**Step 5 –** Click **Finish** to save the host list and close the Host Lost Wizard. + +The new list displays at the bottom of the host lists under the **Host Management** node in the +Navigation pane. Every host added is included in the host master table at the Host Management node +as well as in the newly created host list. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/deletehost.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/deletehost.md new file mode 100644 index 0000000000..937a39d06b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/deletehost.md @@ -0,0 +1,51 @@ +# Delete Host(s) + +Use the **Delete Host(s)** option at the **Host Management** node to permanently delete a host from +the master host table, or at an individual host list node to remove the host from the selected list. + +## Delete From Host Management Node + +Follow the steps to delete a host from the Host Management node. + +**Step 1 –** In the Host Management node, select the host in the data grid and click **Delete +Host(s)** on the Activities pane. + +![Confirm dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletehost.webp) + +**CAUTION:** A deletion from the host master table at the Host Management node cannot be undone, as +it deletes it from the host management database tables. It also removes the host from any host list +to which it has been assigned. Click **Cancel** to stop the deletion. + +**Step 2 –** A dialog box asks for confirmation of the action. Click **OK** to proceed with the +deletion. + +The host is no longer in the master host table. + +## Delete From Individual Host List + +Follow the steps to delete a host from an individual host list. + +**Step 1 –** In the host list, select the host in the data grid and click **Delete Host(s)** on the +Activities pane. + +![Confirm dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletehost.webp) + +**Step 2 –** A dialog box asks for confirmation of the action. Click **OK** to proceed with the +deletion. + +Access Analyzer checks to see if the host exists in any other static host lists. If so, the deletion +is limited to removing the selected host from the current host list. + +![Confirm deletion from master host table dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletehostmaster.webp) + +**CAUTION:** A deletion from the host master table cannot be undone, as it deletes it from the host +management database tables. + +**Step 3 –** If the host is not found in another static host list, Access Analyzer asks if you also +want to remove the host from the Host Master Table. On the Confirm dialog, select the desired +action. + +- Click **Yes** to remove the host from all dynamic host lists and from the host master table +- Click **No** to remove only the host for the current host list + +The host is no longer in the host list. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/deletelist.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/deletelist.md new file mode 100644 index 0000000000..bed3e066da --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/deletelist.md @@ -0,0 +1,32 @@ +# Delete List + +Use the **Delete List** option to remove the selected list. This option is available only at an +individual host list node. + +**_RECOMMENDED:_** Before deleting a host list, first ensure it is not assigned to a job. + +**Step 1 –** In the Navigation pane, select the host list to delete and click **Delete List**. + +![Confirm dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletelist.webp) + +**CAUTION:** This action cannot be undone. Click **Cancel** to stop the deletion. + +**Step 2 –** On the Confirm dialog box, click **OK** to continue with the deletion. + +Access Analyzer checks to see if any hosts within the host list are found in any other static host +lists. + +![Confirm deletion of orphaned hosts from master host table dialog box](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletelistmaster.webp) + +**Step 3 –** If no hosts are found in any other host list, then Access Analyzer asks if you want to +remove the host from the master host table. On the Confirm dialog box, select the desired option. + +- Yes – Deletes the specified host from the master host table +- No – Does not delete the specified host from the master host table +- No to All – Does not delete other hosts that are not found in another static host list from the + master host table +- Yes to All – Deletes other hosts not found in any other static host list from the master host + table + +When the operation is complete, the list is no longer visible under the Host Management node in the +Navigation pane and it cannot be used to execute jobs against. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/editlist.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/editlist.md new file mode 100644 index 0000000000..1f72365401 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/editlist.md @@ -0,0 +1,21 @@ +# Edit List + +Use the **Edit List** option to edit properties for the selected host list. This option is available +only from an individual host list node. + +![Edit List option on Activities pane](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/editlist.webp) + +Select the host list to edit and click **Edit List**. The Host List Wizard opens for the selected +host list. If the selected host list is a custom static host list, the wizard opens on the Manual +Host Entry page where you can add and remove hosts from the list. Other host lists open directly to +the Specify Host List Properties page where you can modify the following: + +- Host List Name + + **CAUTION:** Changing the name of a host list that has been assigned to a job can cause the job + to fail. + +- Refresh inventory setting +- Credentials used for host inventory + +See the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) topic for information on modifying these settings. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/editquery.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/editquery.md new file mode 100644 index 0000000000..097f094853 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/editquery.md @@ -0,0 +1,11 @@ +# Edit Query + +Use the **Edit Query** option to modify host lists created by a Host Discovery query. + +![Edit Query option on Activities pane](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/editquery.webp) + +In the Navigation pane, select the query-created host list to edit and click **Edit Query**. The +Host Discovery Wizard opens to the Query page where the query settings for the selected +query-created host list are modified. See the +[Host Discovery Wizard](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/overview.md) topic for information on modifying +these settings. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/export.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/export.md new file mode 100644 index 0000000000..81313db62c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/export.md @@ -0,0 +1,37 @@ +# Export Data + +Use the **Export Data** option to export all information available in the current grid view for the +selected host list to a HTML, XML , or CSV file. Follow the steps to export data. + +**Step 1 –** Select the Host Management or individual host list node to export data from, and +configure the data grid to contain all the columns you want to export. See the +[Host Inventory Data Grid](/docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.md) topic for additional information. + +![Export Data option on the Activities pane](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/export.webp) + +**Step 2 –** When the data grid contains all columns desired for export, click **Export Data**. A +Save As window opens. + +![Save As window](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportsaveas.webp) + +**Step 3 –** On the Save As window, select the required format (HTML Files, XML Files, or CSV Files) +and provide a name and location for the export file. + +This export is now shareable. Unlike the [View/Edit Host](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewhost.md) export option, this file will +be in the same format as the data grid. + +## Export Examples + +The following examples show the different export format options. + +Example HTML File Export + +![Example HTML File Export](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportexamplehtml.webp) + +Example XML File Export + +![Example XML File Export](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportexamplexml.webp) + +Example CSV File Export + +![Example CSV File Export](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportexamplecsv.webp) diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhost.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhost.md new file mode 100644 index 0000000000..d315845fdb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhost.md @@ -0,0 +1,56 @@ +# Import Hosts Option + +On the Manual Host Entry page of the Host List Wizard, the **Import** option allows hosts to be +imported from either a CSV file or a database into the host list being created. + +Follow the steps to import hosts. + +![Import option on the Manual Host Entry page of the Host List Wizard](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistwizardimport.webp) + +**Step 1 –** On the Manual Host Entry page of the Host List Wizard, click **Import**. The Import +Hosts window opens. + +![Import Hosts window](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhosts.webp) + +**Step 2 –** On the Import Hosts window, use the **Import from** dropdown to select the source as +either **CSV File** or **Database**. + +**Step 3 –** Configure the source file. The necessary fields depend on the selection in the previous +step. + +![Import Hosts window for importing from CSV File](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhostscsv.webp) + +- CSV File + + - File Name – Click the ellipsis (**…**) to open a browser window and select the CSV file. This + file needs to be stored on the Access Analyzer Console server. Once selected, a preview of the + file is shown in the preview box. + - Includes header row – Select this checkbox if the file contains a header row. Otherwise, the + header row will be included in the import (visible within the preview box). + +![Import Hosts window for importing from Database](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhostsdatabase.webp) + +- Database + + - Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link + Properties window. Provide the required information on the Connection tab of the Data Link + Properties window, and then click **OK**. See the + [Import From a Database](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/database.md) topic for additional + information. + + **NOTE:** The Provider, Advanced, and All tabs of the Data Link Properties window should not + be modified. + + - Table – Use the dropdown to select the table that contains the hosts to be imported. A preview + of the selected table is displayed in the preview box. + +**Step 4 –** Use either the drop-down menu or click on the column in the preview box to select the +column containing the host names. The selected column is highlighted in the preview box. + +**Step 5 –** Click **OK** to complete the import. + +![Imported hosts added in the Host list box on the Manual Host Entry page of the Host List Wizard](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhostscomplete.webp) + +The Import Hosts window closes, and the imported list of host names is added in the Host list box on +the Manual Host Entry page of the Host List Wizard. Click **Next** to proceed with configuring the +host list. See the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) topic for additional information on the Host List Wizard. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocation.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocation.md new file mode 100644 index 0000000000..1ab034824c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocation.md @@ -0,0 +1,68 @@ +# Import Location + +Use the **Import Location** option to import the physical location data for hosts and opens a +customized version of the Import Hosts window. Add host locations from a CSV file or SQL Server +database without creating a new host list. See the [Host Inventory Data Grid](/docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.md) topic +for information on the Location column of host inventory. + +Follow the steps to import physical location data for hosts. + +**Step 1 –** Ensure the import source file has columns for both the host name as it is identified +within Access Analyzer and the location. + +**NOTE:** When a host name does not match any existing hosts within the Host Master Table, it can be +added as a new host. + +![Import Location option on Activities pane](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocation.webp) + +**Step 2 –** Select the host list and click **Import Location**. + +![Import Hosts window for importing location](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocationwindow.webp) + +**Step 3 –** On the Import Hosts window, use the **Import from** dropdown to select the source as +either **CSV File** or **Database**. + +**Step 4 –** Configure the source file. The necessary fields depend on the selection in the previous +step. + +- CSV File + + - File Name – Click the ellipsis (**…**) to open a browser window and select the CSV file. This + file needs to be stored on the Access Analyzer Console server. Once selected, a preview of the + file is shown in the preview box. + - Includes header row – Select this checkbox if the file contains a header row. Otherwise, the + header row will be included in the import (visible within the preview box). + +- Database + + - Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link + Properties window. Provide the required information on the Connection tab of the Data Link + Properties window, and then click **OK**. See the + [Import From a Database](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/database.md) topic for additional + information. + + **NOTE:** The Provider, Advanced, and All tabs of the Data Link Properties window should not + be modified. + + - Table – Use the dropdown to select the table that contains the hosts to be imported. A preview + of the selected table is displayed in the preview box. + +**Step 5 –** Use either the drop-down menu or click on the column in the preview box to select the +column containing the host names. The selected column is highlighted in the preview box. + +![Import Hosts window Location column selection](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocationcsv.webp) + +**Step 6 –** Use the **Import column** drop-down menu to select the column containing the location +information. The selected column is highlighted a lighter color in the preview box. + +**Step 7 –** Click **OK** to complete the import. + +![Imported Location column data in the data grid](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocationcomplete.webp) + +The Location column now contains the imported information. If any of the hosts included in the +import file are not already in the Host Master Table, Access Analyzer prompts for confirmation on +whether or not to import the host. Selecting **Yes** or **Yes to All** adds the new hosts to the +Host Master Table but not to any individual host lists. + +**NOTE:** Any new hosts that match dynamic host list criteria will be added to the appropriate +dynamic host lists. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/overview.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/overview.md new file mode 100644 index 0000000000..c79a25c55f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/overview.md @@ -0,0 +1,50 @@ +# Host Management Activities + +The Activities pane available at the Host Management node and at the individual host list nodes +provides the tools needed to manage hosts and host lists. + +| ![Activities pane in Host Management node](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/activitiesindividualhost.webp) | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Host Management Node | Individual Host List Nodes | + +The available actions are: + +- [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) – Create a new host list by manually entering hosts or importing a host list + (only available in the Host Management node) +- [View/Edit Host](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewhost.md) – Open the Host Details View, which displays the collected host + inventory information for the selected host in an easier-to-read format and allows you to manually + edit the host inventory information +- [Delete Host(s)](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/deletehost.md) – Delete host from the selected list (permanently deletes host + from the host master table if used in the Host Management node) +- [Import Location](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocation.md) – Import the physical location data for hosts from a CSV file + or database without creating a new host list. Location column is in the + [Host Inventory Data Grid](/docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.md). +- [Refresh Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/refresh.md) – Manually executes the host inventory query for the selection +- [Save Current View](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/saveview.md) – Create a dynamic host list from the current (filtered) data + grid view +- [Save Selected To List](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/savetolist.md) – Create a static host list from the selected hosts within + the current data grid +- [Schedule (Activities Pane Option)](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedule.md) – Opens a customized Schedule Properties window + to schedule a host inventory query +- [Export Data](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/export.md) – Export the current data grid to a HTML, XML, or CSV file +- [Suspend/Resume Host Inventory](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/suspend.md) – Pause an **In progress** host inventory or resume a + paused **In queue** host inventory +- External commands – Sub-header (not activity) that separates the Activities above which occur + within the Access Analyzer Console from the Activities below which open external processes: + + - Manage Host – Opens the Microsoft Management Console interface for the selected host if it has + that feature enabled + - Explore Host – Opens Windows Explorer, displaying the shares on the selected host + - Ping Host – Opens a Command Prompt to run a ping command targeting the selected host + - Trace Route to Host – Opens a Command Prompt to run the `TraceRoute` command, locating a path + to the selected machine in less than 30 hops + +Activities available only at the individual host list nodes are: + +- [Edit List](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/editlist.md) – Edit the selected host list in the Host List Wizard +- [Edit Query](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/editquery.md) – Edit the Host Discovery query settings for the selected query-created + host list +- [Rename List](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/rename.md) – Rename the selected host list (should not be used if the host list has + already been assigned to a job for execution) +- [Delete List](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/deletelist.md) – Delete the selected host list +- [View Query](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewquery.md) – Opens the Host Discovery Queries window diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/refresh.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/refresh.md new file mode 100644 index 0000000000..520f8eea58 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/refresh.md @@ -0,0 +1,18 @@ +# Refresh Hosts + +Use the **Refresh Hosts** option to manually execute the Host Inventory query. It can be selected +for the following: + +- All hosts – Use from the Host Management node +- Individual host list – Use from a host list node to refresh all hosts in the selected host list +- Selected hosts in a list – Select hosts using the Windows Ctrl and left-click function or by + filtering the data grid view +- Individual host – Select a host from the current view + +![Refresh Hosts option on Activities pane](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/refreshhosts.webp) + +Select the hosts or host list to inventory and then click **Refresh Hosts** in the Activities pane. + +![Refresh Hosts Confirm dialog](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/refreshhostsconfirm.webp) + +When only particular hosts are selected in a list, a dialog box asks for confirmation of the action. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/rename.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/rename.md new file mode 100644 index 0000000000..ffb1dbf4c2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/rename.md @@ -0,0 +1,15 @@ +# Rename List + +Use the Rename List option to change the name of a selected host list. This option is available only +from an individual host list node. + +**CAUTION:** Changing the name on a host list that has been assigned to a job can cause the job to +fail. + +![Host list name window](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistname.webp) + +Select the host list to rename and click **Rename List** to open the Host list name window. Enter +the new name for the host list and click **OK**. + +**NOTE:** Host list names can also be changed using the **Edit List** option, see the +[Edit List](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/editlist.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/savetolist.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/savetolist.md new file mode 100644 index 0000000000..3d68167f3a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/savetolist.md @@ -0,0 +1,13 @@ +# Save Selected To List + +Use the **Save Selected To List** option to create a static host list. This option is available from +either the Host Management node or an individual host list node. See the +[Static Host Lists](/docs/accessanalyzer/12.0/admin/hostmanagement/lists.md#static-host-lists) topic for additional information on static host +lists. This option is inactive until at least one host within the data grid is selected. + +![Save Selected To List option in Host Management node](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/savetolist.webp) + +Use the Windows Ctrl + left-click function to select multiple hosts from the data grid. In the +Activities pane, click **Save Selected To List**. The Host List Wizard opens with the selected hosts +in the Host list box on the Manual Host Entry page. See the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) topic for +information on creating a host list. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/saveview.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/saveview.md new file mode 100644 index 0000000000..2e34d7eec8 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/saveview.md @@ -0,0 +1,30 @@ +# Save Current View + +Use the **Save Current View** option to create a dynamic host list. This option is available from +either the Host Management node or an individual host list node. The option is inactive until you +apply a filter to the data grid. Follow the steps to create a dynamic host list. + +**Step 1 –** Select the Host Management or individual host list node to create the host list from. + +**Step 2 –** Filter the data grid for the desired criteria. See the +[Host Inventory Data Grid](/docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.md) topic for additional information. + +![savecurrentview](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/savecurrentview.webp) + +**Step 3 –** Click **Save Current View** in the Activities pane. + +![Host List name window](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistname.webp) + +**Step 4 –** On the Host list name window, provide a unique, descriptive name for the new host list +and click **OK**. + +The new host list displays under the Host Management node. When the Access Analyzer Console closes +the host lists under the Host Management node, the hosts reorganize in alphanumeric order. Like the +default host lists, custom dynamic host lists are auto-populated and updated according to host +inventory. + +**_RECOMMENDED:_** Do not modify the criteria once a dynamic based list has been created. It is +better to delete and recreate the list in order to modify a dynamic-based list. + +See the [Dynamic Host Lists](/docs/accessanalyzer/12.0/admin/hostmanagement/lists.md#dynamic-host-lists) topic for more information on dynamic +host lists. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedule.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedule.md new file mode 100644 index 0000000000..b580c8c994 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedule.md @@ -0,0 +1,22 @@ +# Schedule (Activities Pane Option) + +Use the **Schedule** option in the Activities pane to schedule a host inventory query to run for any +of the following: + +- All hosts in the Host Master Table +- An individual host list +- Selected hosts in a list + +![Schedule option on the Activities pane](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedule.webp) + +Select the hosts or host list to inventory and click **Schedule** in the Activities pane. The +Schedule Wizard opens for the selected host or host list. + +![Schedule Wizard for Host Inventory Query](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedulewizardhostmanagement.webp) + +Use the Schedule Wizard to configure the scheduled task. See the +[Schedule Wizard](/docs/accessanalyzer/12.0/admin/schedule/wizard.md) topic for additional information. + +The details of the scheduled Inventory query are available in the **Schedules** view, including the +next run date and time. See the [Schedules](/docs/accessanalyzer/12.0/admin/schedule/overview.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/suspend.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/suspend.md new file mode 100644 index 0000000000..82f7b16e28 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/suspend.md @@ -0,0 +1,15 @@ +# Suspend/Resume Host Inventory + +Use the **Suspend Host Inventory** option to pause an in progress inventory. + +![Suspend Host Inventory](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/suspendhostinventory.webp) + +Once clicked, the option changes to **Resume Host Inventory** and the **In progress** host +inventories change to an **In queue** state. + +**NOTE:** Clicking **Refresh Hosts** while inventory is suspended adds to the queue but does not +resume the inventory. + +![Resume Host Inventory](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/resumehostinventory.webp) + +Click **Resume Host Inventory** to resume the inventory queries. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewhost.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewhost.md new file mode 100644 index 0000000000..91934db7e7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewhost.md @@ -0,0 +1,22 @@ +# View/Edit Host + +Use the **View/Edit Host** option to open the Host Details View. This view displays the collected +host inventory information for the selected host in an easy-to-read format. + +![View/Edit Host option](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewedithost.webp) + +Select a host from either the Host Master Table or an individual host list and click **View/Edit +Host**. + +![Host Details View](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostdetailsview.webp) + +The Host Details View displays in the Results pane, and the rest of the Access Analyzer Console is +unavailable while it is open. You can use the view to manually edit the host inventory information. + +- Edit – Enables the textboxes and checkboxes for editing +- Apply – Saves any changes. This button appears when **Edit** is clicked. +- Save as HTML – Exports the current view of the selected host’s inventory to an HTML file. Click, + then provide a name and location for the export. The export is now sharable as desired. This + button is inactive while in edit mode. +- Cancel – Abandons any changes. This button displays when **Edit** is clicked. +- Close – Exits the Host Details View diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewquery.md b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewquery.md new file mode 100644 index 0000000000..4f509d99d9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewquery.md @@ -0,0 +1,8 @@ +# View Query + +Use the **View Query** option to open the Host Discovery Queries pane. + +![View Query option on Activities pane](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewquery.webp) + +Click **View Query** to go to the Host Discovery Queries pane. See the +[Host Discovery Queries](/docs/accessanalyzer/12.0/admin/hostdiscovery/queries.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.md b/docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.md new file mode 100644 index 0000000000..1a23ce3bc3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.md @@ -0,0 +1,91 @@ +# Host Inventory Data Grid + +The data grid provides all host inventory information collected on the hosts. View this information +at the **Host Management** node (the Host Master Table) or at individual host list nodes. See the +[Hosts Lists](/docs/accessanalyzer/12.0/admin/hostmanagement/lists.md) topic for information on host lists. + +![Host Inventory Data Grid](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.webp) + +The icon for each host entry is an indicator of its inventory state: + +| Icon | Inventory State | +| ---------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- | +| ![Idle inventory state icon](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/inventoryidle.webp) | Idle | +| ![In Queue inventory state icon](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/inventoryinqueue.webp) | In Queue | +| ![In Progress inventory state icon](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/inventoryinprogress.webp) | In Progress | + +The **Name**, **HostStatus**, and **InventoryState** grid columns are fixed by default. If desired, +you can move these columns to the scrollable section of the table. + +Use the horizontal scrollbar at the bottom to view the host inventory data, which includes: + +- Name – Unique host name +- HostStatus – Status of the host during the last time it was queried for host inventory collection +- InventoryState – Last known status of the host inventory query (**Idle**, **In progress**, or **In + queue**) + + **NOTE:** If the Access Analyzer application is stopped during host inventory collection, hosts + queued for inventory retain the **InventoryState** of **In queue** within the Host Management + node data grid, as this is the last known state of inventory. It retains that state until the + next host inventory collection is executed against the host. + +- IPAddress – Last known IP Address for the host from host inventory collection +- Subnet – Subnet mask for the host’s IP Address +- DNSDomain – Domain in which the host participates +- FQDN – Fully Qualified Domain Name of host +- OSName – Name of host’s operating system +- OSType – Type of host’s operating system +- TimeZone – Configured time zone for the host +- LastOnline – Timestamp for the last time the host was found to be online during a host inventory + query +- LastAudit – Timestamp for the last time the host was executed against at the job level +- LastUpdate – Timestamp for the last time the host inventory record was updated +- WindowsDomain – Domain in which the host resides +- OSVersion – Version of the host’s operating system +- ServicePack – Operating system Service Pack for the host +- Role – Estimated role of the workstation or server (only applicable to Windows devices) +- Manufacturer – Name of the manufacturer of the device, if applicable +- SerialNumber – Serial number of the device, if applicable +- ADSite – Active Directory site in which the host resides +- isDNSServer – True or False if the host serves the role of DNS server +- isDomainController – True or False if host serves the role of domain controller +- isGlobalCatalog – True or False if host serves the role of Global Catalog +- isExchangeServer – True or False if host serves the role of Exchange server +- Model – Model of the device, if applicable +- FirstDiscovered – Timestamp of the Host Discovery query which introduced the host +- LastUpdatedBy – Name of the Access Analyzer Console server which last updated the host’s inventory + record +- MACAddress – Media Access Control address, if applicable +- ServerRole – Indicates what role is served by the server (only applicable to Exchange servers) +- isIIS – True or False if IIS is present on the server +- Location – Distinct physical location, entered manually through the + [Import Location](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocation.md) activity +- ExchLocation – Distinct physical location of Exchange server, entered manually through the + [Import Location](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocation.md) activity +- AltLocation – Alternate physical location, entered manually through the + [Import Location](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocation.md) activity +- WinCluster – Name of the Windows cluster in which the host is a part, if applicable +- ExchCluster – Name of the Exchange cluster in which the host is a part, if applicable +- ExchangeServerRole – Name of the Exchange server roles served by the host +- ExchangeVersion – Exchange Server application version obtained from the registry +- IsSQLServer – True or False if host serves the role of SQL Server +- hostID – Unique identifier of the host within the Access Analyzer inventory tables + +See the [Data Grid Functionality](/docs/accessanalyzer/12.0/admin/navigate/datagrid.md) topic for information on how to sort, +filter, and search within the data grid. + +The Activities pane provides several options for managing hosts within the Host Management node. See +the [Host Management Activities](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/overview.md) topic for information on these options. + +## Host List Data Grid Right-Click Menus + +The right-click menu available in the Host Management data grid varies according to the selection in +the Navigation pane. + +| ![Host Management node right-click menu](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/rightclickquerycreated.webp) | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Host Management Node | Individual Host List | Query-Created Host List | + +These right-click menu options contain the Host Management Activities available for the selection. +See the [Host Management Activities](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/overview.md) topic for additional information on these +options. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/lists.md b/docs/accessanalyzer/12.0/admin/hostmanagement/lists.md new file mode 100644 index 0000000000..81fa308a11 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/lists.md @@ -0,0 +1,68 @@ +# Hosts Lists + +A host list is a grouping of hosts for the purpose of executing jobs against. Every host list +created can be accessed by expanding the **Host Management** node in the Navigation pane. + +![Host Management Node in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/jobstree.webp) + +There are two types of host lists: + +- Dynamic host lists – Auto-populated and updated according to the most recent inventory information + available for the hosts. They include both the default host lists and custom created dynamic host + lists. See the [Dynamic Host Lists](#dynamic-host-lists) topic for additional information. +- Static host lists – Only changed manually or through a scheduled host discovery query. They + include both host lists created during host discovery queries and custom created static host + lists. See the [Static Host Lists](#static-host-lists) topic for additional information. + +A newly created host list will appear in alphanumerical order under the Host Management node. The +icon in front of the host list will indicate which type of host list it is: + +| Icon | Type of Host List | +| ------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | +| ![Static Host List icon](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/statichostlist.webp) | Default Host List or Custom Host List (Static or Dynamic) | +| ![Host Discovery Query List icon](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/discoveryquerylist.webp) | Host Discovery Query List | +| ![Dynamic Host List icon](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/dynamichostlist.webp) | Host List created by Job | + +You can view host inventory information at the Host Discovery node (the Host Master Table) or at +individual host list nodes. See the [Host Inventory Data Grid](/docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.md) topic for information on +the data collected by host inventory. + +## Dynamic Host Lists + +Dynamic host lists are lists of hosts that are grouped according to selected criteria within the +host inventory. Each time a host inventory record is refreshed, the hosts are automatically added to +or removed from dynamic host lists in accordance with the criteria set for the list. They include +both the default host lists and custom created dynamic host lists. See the +[Host Inventory](/docs/accessanalyzer/12.0/admin/settings/hostinventory.md) topic for a list of the default host lists and +instructions on controlling which of these lists are visible under the Host Management node. + +Custom dynamic host lists are created by filtering the data grid and using the +[Save Current View](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/saveview.md) option in the Activities pane or right-click menu. This can +be done at the Host Management node with the Host Master Table or at any host list node. See the +[Filter](/docs/accessanalyzer/12.0/admin/navigate/datagrid.md#filter) topic for additional information on filtering data grids. + +**_RECOMMENDED:_** Do not modify the criteria once a dynamic based list has been created. It is +better to delete and recreate the list in order to modify a dynamic-based list. + +## Static Host Lists + +Static host lists are created either through host discovery queries or manually entered within the +**Host Management** node. Lists created by [Host Discovery Node](/docs/accessanalyzer/12.0/admin/hostdiscovery/overview.md) +queries are updated each time the query is run, manually or scheduled. Other static host lists can +only be changed manually. Custom host lists are frequently created in order to scope a job to +execute against a select set of hosts. + +For example, a user running the Exchange Solution might create a list to just run Mailbox queries +against. Whereas a user running the File System Solution might create a list of servers being used +for file shares. + +There are two common ways to create static host lists: + +- Use the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) option in the Activities pane or right-click menu to access + the Host List Wizard +- Select multiple hosts from the data grid using the Windows Ctrl and left-click function. This can + be done from the Host Mast Table or any host list under the Host Management node. Then use the + [Save Selected To List](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/savetolist.md) option in the Activities pane or right-click menu + to open the Host List Wizard with a pre-filled in Manual Host Entry page. + +See the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) section for information using the Host List Wizard. diff --git a/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md b/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md new file mode 100644 index 0000000000..8547340de2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md @@ -0,0 +1,39 @@ +# Host Management + +The **Host Management** node is used to manage hosts in a targeted environment. Hosts configured +under the **Host Management** node can be audited using other features in Access Analyzer. This node +maintains information for audited computers. To view information on all computers in the +environment, use the +[.Active Directory Inventory Solution](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.md), +specifically the Active Directory Summary report. + +The Host Management node provides a master list of every host ever introduced to Access Analyzer. +Introduce hosts through [Host Discovery Node](/docs/accessanalyzer/12.0/admin/hostdiscovery/overview.md) queries or by entering +them manually. Hosts are removed from this list only by manually deleting them. This master listing +of hosts, or the Host Master Table, is designed around unique host names, not necessarily unique +hosts themselves. The data grid provides all host inventory information collected on the hosts. See +the [Host Inventory Data Grid](/docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.md) topic for additional information. + +The Host Management process consists of the following phases: + +- Host Discovery – The process of discovering hosts to audit through Host Discovery queries, which + can be scoped to identify computers with commonalities. These queries are managed under the Host + Discovery node. See the [Host Discovery Node](/docs/accessanalyzer/12.0/admin/hostdiscovery/overview.md) topic for additional + information. +- Host Inventory – The process of collecting key pieces of information about each host to aid in + segregating the hosts into logical sub-groupings for targeted auditing. Use either the Host + Discovery or Host Management nodes. +- Host List Creation – Access Analyzer creates Default host lists based on Host Inventory results. + Create and manage Custom host lists under the Host Management node. See the + [Hosts Lists](/docs/accessanalyzer/12.0/admin/hostmanagement/lists.md) topic for additional information. + +![Host Management Node in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/jobstree.webp) + +The nodes under the Host Management node are: + +- Default hosts lists +- Host lists generated by Host Discovery queries +- Custom host lists + +See the [Host Inventory](/docs/accessanalyzer/12.0/admin/settings/hostinventory.md) topic for global settings that affect Host +Management. diff --git a/docs/accessanalyzer/12.0/admin/jobs/features.md b/docs/accessanalyzer/12.0/admin/jobs/features.md new file mode 100644 index 0000000000..72ca657f4b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/features.md @@ -0,0 +1,98 @@ +# Special Features & Functions + +There are several special features and functions available for jobs and job components with which +Access Analyzer users should be familiar. + +View XML Files + +Job, query, analysis, and action property windows all have the **View XML** option. These provide +the ability to edit through an XML text window. + +Open Explore Folder + +Access Analyzer users can directly open a selected job or job group folder from the Jobs tree using +the **Explore Folder** option in the right-click menu. + +Publish Reports after Report Generation + +Reports that have been generated but not published can be sent to the Web Console using the +**Publish** option in the right-click menu from the selected Jobs tree, job group, or job node. See +the [Publish Reports Window](#publish-reports-window) topic for additional information. + +Job Configuration Change Tracking + +Jobs configuration changes can be tracked using the **Changes** option in the right-click menu from +the selected Jobs tree, job group, or job node. See the [Changes Window](/docs/accessanalyzer/12.0/admin/jobs/overview#changes-window) +topic for additional information. + +Job Export + +Jobs can be exported to a ZIP file using the **Export** option in the right-click menu from the +selected job group or job node. See the +[Export Job to Zip Archive Window](#export-job-to-zip-archive-window) topic for additional +information. + +See the [Jobs Tree Right-click Menus](/docs/accessanalyzer/12.0/admin/navigate/pane.md#jobs-tree-right-click-menus) section for +additional features. + +## Export Job to Zip Archive Window + +The Export Job to Zip Archive window opens from the **Export** option in the right-click menu from +the selected job group or job node. + +![Export from Jobs Tree menu](/img/product_docs/accessanalyzer/12.0/admin/jobs/export.webp) + +Select **Export** from the right-click menu to open the Export Group to Zip Archive window. + +![Export Group to Zip Archive window](/img/product_docs/accessanalyzer/12.0/admin/jobs/exportgrouptoziparchive.webp) + +The **Include all job components** option will zip the job’s directory, the reports, the job log, +and the SA_Debug log. The **Select specific components to export** option allows Access Analyzer +users to select which components to include in the ZIP file. + +There are two options for where to save the ZIP file: + +- Save in the exported folder – Saves the file in the job’s directory, for example + `%sainstalldir%Jobs\GROUP_.Active Directory Inventory\.Active Directory Inventory.zip` +- Save in the following location – Allows you to either type or browse to the desired save location + +The **Email this archive**checkbox provides the opportunity to send an email notification with the +attached ZIP file. + +![Support Email window](/img/product_docs/accessanalyzer/12.0/admin/jobs/supportemail.webp) + +When the archive has been created, the Access Analyzer Support Email window opens. By default, the +recipient is set to [Netwrix Support](https://www.netwrix.com/support.html) but it can be modified +prior to sending. Additional recipients can be added, and the Subject and email body can be +modified. + +## Publish Reports Window + +The **Publish Reports** wizard allows you to better manage the list of reports published to the Web +Console. + +When you right-click on a job group or job and select **Publish**, the Publish Reports wizard opens. +You can choose the list of reports to be published or removed from the Web Console. + +Follow the steps to publish the reports. + +**Step 1 –** Right-click on a job group or job and select **Publish** from the drop-down list. + +![Publish Reports wizard Action Type page](/img/product_docs/accessanalyzer/12.0/admin/jobs/publishreportsactiontype.webp) + +**Step 2 –** On the Action Type page, select the type of action to be performed on the reports and +click **Next**: + +- Publish Reports +- Delete Reports + +![Publish Reports wizard Report Tree page](/img/product_docs/accessanalyzer/12.0/admin/jobs/publishreportsreporttree.webp) + +**Step 3 –** On the Report Tree page, select the reports to be published or removed (depending on +the Action Type selected in the previous step). Click **Next** to proceed with the action. + +**Step 4 –** The Progress page shows you the status of the action. When it has completed, click +**Finish** to exit the wizard. + +Published reports can be viewed under the **[Job]** > **Results** node or through the Web Console. +See the [Reporting](/docs/accessanalyzer/12.0/admin/report/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/jobs/group/connection.md b/docs/accessanalyzer/12.0/admin/jobs/group/connection.md new file mode 100644 index 0000000000..ccbdde789c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/group/connection.md @@ -0,0 +1,28 @@ +# Connection Node + +At the job group level, the **Connection** node identifies the Connection Profile assigned for the +job group. All Connection Profiles are created at the global level (**Settings** > **Connection**). + +![Job Group Connection Settings](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/connection.webp) + +By default, all job groups are set to inherit the **Use Default Profile** option from the global +level or a parent job group. See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for +additional information. + +If the Default Setting is not preferred, select the custom type of connection settings desired +below: + +- System default + + - For manual or ad hoc job execution, the account logged into the Access Analyzer Console is + applied to the target hosts for authentication + - For scheduled job execution, the account supplied as the Schedule Service account at the + **Settings** > **Schedule** node is applied to the target hosts for authentication + +- Select one of the following user defined profiles + + - Select a pre-configured Connection Profile from the drop-down menu + +Selecting the **Set all the child objects to inherit these settings** option forces inheritance of +this setting to all sub-groups and jobs within the job group. When enabled, this option overrides +any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/12.0/admin/jobs/group/history.md b/docs/accessanalyzer/12.0/admin/jobs/group/history.md new file mode 100644 index 0000000000..a80addeaf3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/group/history.md @@ -0,0 +1,29 @@ +# History Node + +At the job group level, the History node identifies data retention and log retention periods +assigned for the job group. + +![Job Group History Settings](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/history.webp) + +By default, all job groups are set to inherit **Use Default Setting** option from the global level +(**Settings** > **History**) or a parent job group. See the [History](/docs/accessanalyzer/12.0/admin/settings/history.md) +topic for additional information. + +**CAUTION:** It is important to understand that some pre-configured jobs require history retention +while others do not support it. See job group and job descriptions for additional information. + +If the Default Setting is not preferred, select the custom type of retention settings desired below: + +- Data Retention Period + + - Never retain previous job data + - Retain previous job data for [number] [time period] + - Always retain previous job data + +- Log Retention Period + + - Retain previous job logs for [number] [time period] + +Selecting the **Set all the child objects to inherit these settings** option forces inheritance of +this setting to all sub-groups and jobs within the job group. When enabled, this option overrides +any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/12.0/admin/jobs/group/hostlistsassignment.md b/docs/accessanalyzer/12.0/admin/jobs/group/hostlistsassignment.md new file mode 100644 index 0000000000..95a8d51f8e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/group/hostlistsassignment.md @@ -0,0 +1,25 @@ +# Host Lists Assignment + +At the job group level, the Host Lists Assignment node identifies target host lists assigned for the +job group. + +![Job Group Host Lists Assignment](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/hostlistassignment.webp) + +At a top-level job group, there is no host list to be inherited. The **Use Default Settings** option +is grayed-out. However, a sub-job group can inherit host lists from a parent job group. Host lists +are configured through the **Host Management** node. See the +[Host Management](/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md) topic for additional information. + +Several pre-defined solutions have default host lists already assigned to the solution, for example +the .Active Directory Inventory Job Group has the Default domain controller assigned at the job +group and inherited to the jobs. + +Select the host lists to be targeted by the job group. The **Filter host lists by** feature scopes +the list to match the search string provided. At the bottom of the list is an indicator of how many +hosts lists have been selected out of the total number of hosts lists known to the Access Analyzer +Console. If a filter has been applied, there is also an indicator of how many host lists matched the +search string. + +Selecting the **Set all the child objects to inherit these settings** option forces inheritance of +this setting to all sub-groups and jobs within the job group. When enabled, this option overrides +any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/12.0/admin/jobs/group/overview.md b/docs/accessanalyzer/12.0/admin/jobs/group/overview.md new file mode 100644 index 0000000000..abbc97bea8 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/group/overview.md @@ -0,0 +1,107 @@ +# Job Groups + +Job groups are designed to manage related jobs and can contain sub-job groups to ensure that related +jobs are executed in the correct order. To create a new job group, right-click on the desired +location (Jobs tree or another job group) and select **Create Group**. Then provide a unique, +descriptive name taking into consideration the alphanumeric ordering of the Jobs tree. + +![Example of Job Group Structure](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/jobgroupstructure.webp) + +Job groups are organized similar to the Jobs tree, with the Settings node at the top, followed by +sub-job groups (job group for collection first, if applicable), then followed by analysis and +reporting jobs. Both are sorted in alphanumeric order. This is necessary because data collection +jobs must run prior to the analysis and reporting jobs that rely on the collected data without +consideration to the job’s name (alphanumeric order). + +## Job Group Description Page + +The Job Group Description page displays shortcuts, links, and important information on the job group +and the jobs contained within the Job Group. Depending on the type of job group, the description +page will appear different and display information specific to the job group selected. + +| ![Job Group Description page for a pre-configured job group](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/descriptionpagenewgroup.webp) | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Pre-Configured Job Group | User-Created Job Group | + +The two types of job groups in Access Analyzer are: + +- Pre-configured – The job group description page provides a brief summary of the purpose of the job + group, the jobs contained within, and special requirements if applicable +- User Created – Job group description of job description only provides generic information and + options + +**NOTE:** Every job group’s description includes options for creating a group, opening the Instant +Job Library, and creating a job. + +Pre-configured job group description pages provide users with shortcuts and links to many of the +functions that can be accessed in the Jobs Tree in the Navigation Pane. + +![Job Group Description page](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/descriptionpage.webp) + +The sections of the job group description page are: + +- Job Group Settings Shortcuts – These pages can also be accessed through the job group Settings + Nodes in the Navigation Pane. See the [Job Groups Settings Node](/docs/accessanalyzer/12.0/admin/jobs/group/settings.md) topic for additional + information. + + - Storage – Configure the job group’s Storage options + - History – Configure the job group’s History options + - Connection – Configure the job group’s Connection options + - Reporting – Configure the job group’s Reporting options + - Host Lists Assignment – Select the targeted host list in the job group’s Host Lists Assignment + +- Help – Opens the [Netwrix Technical Knowledge Center](https://helpcenter.netwrix.com/) in a + browser to a relevant landing page for the job group +- Run Now – Runs the currently selected job group +- Schedule – Opens the Schedule page to schedule the job group +- Open Folder – Opens the job group’s folder location with supporting files in the Windows Explorer +- Create Group – Creates a job group within the currently selected job group +- Create Job – Creates a job within the currently selected Job +- Add Instant Job – Add an Instant Job using the Instant Job Wizard. See the + [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional information. + +![Overview section of Job Group description page](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/descriptionpageoverview.webp) + +The Overview section provides summary information about the job group. This section includes the +following information: + +- Assigned Host List – Hovering over the **Assigned Host List** button shows a tool-tip with + information on the hosts lists are assigned to the job group + + - Click on the **Assigned Host List** button to go to the Job Group's Host List Assignment node. + See the [Host Lists Assignment](/docs/accessanalyzer/12.0/admin/jobs/group/hostlistsassignment.md) topic for additional information. + +- Show Inherited Settings – Click on the **Show Inherited Settings** button to view information on + the following: + + - Connection Profile + - Data Retention Period + - Log Retention Period + - Reporting Settings + - Storage Account + +- Contents – Shows the job groups and jobs contained within the currently selected job group + +**NOTE:** If applicable, the page shows special instructions for which hosts need to be targeted for +proper job group execution. + +### Job Settings: Inherited and Directly Applied + +Job group settings can be applied directly or inherited. On the job group level, it is considered +that all settings are applied directly. + +![Show Inherited Settings on Job Overview page](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/showinheritedsettings.webp) + +If not, click the **Show inherited settings** button to expand the inherited settings list (they are +highlighted in blue). + +The following inherited settings are available: + +| Setting | Description | +| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Connection profile | The tooltip shows the account name used in the connection profile. Clicking the button opens the parent Connection settings for the selected job group. See [Connection Node](/docs/accessanalyzer/12.0/admin/jobs/group/connection.md) for more information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit the Profile – Clicking the link opens the Connection settings for the current profile - Use Default Profile – Clicking the link applies the connection profile set as default on a global level to a job. In this case, this setting is hidden under the **Show Inherited Settings** button. - List of profiles – Allows switching between existing connection profiles and apply a desired one to a job | +| Data Retention Period | The tooltip shows the current value for the data retention period (by default, **Never retain previous job data**). Clicking the button opens the parent History settings for the selected job group. See the [History Node](/docs/accessanalyzer/12.0/admin/jobs/group/history.md) topic for additional information. | +| Log Retention Period | The tooltip shows the current value for log retention period (by default, **Retain previous job log for 7 times**). Clicking the button opens the parent History settings for the selected job group. See the [History Node](/docs/accessanalyzer/12.0/admin/jobs/group/history.md) topic for additional information. | +| Hosts Lists | The tooltip shows the names of the host lists assigned to this job group. If you have more than three host lists assigned to a job group, the tooltip shows 3 hosts name and the number of other hosts lists assigned (for example, if 5 hosts are assigned it shows `Host1, Host2, Host3 + 2 more`). Clicking the button opens the parent Host Lists setting for the selected job group. See the [Host Lists Assignment](/docs/accessanalyzer/12.0/admin/jobs/group/hostlistsassignment.md) topic for additional information. | +| Reporting Settings | Clicking the Reporting Settings button opens the parent Reporting settings for the selected job group including publishing options, email settings, and roles. See the [Reporting Node](/docs/accessanalyzer/12.0/admin/jobs/group/reporting.md) topic for additional information. | +| Storage Profile | The tooltip shows the current SQL Server instance, database name, user account, and authentication type used for the selected job group. See the [Storage Node](/docs/accessanalyzer/12.0/admin/jobs/group/storage.md)s topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit This Profile – Clicking the link opens the Storage settings for the current profile - Use Default Profile – Clicking the link applies the storage profile set as default on a global level to a job. In this case, this setting is hidden under the **Show Inherited Settings** button - List of existing profiles – Allows switching between existing storage profiles and apply a desired one to a job | diff --git a/docs/accessanalyzer/12.0/admin/jobs/group/reporting.md b/docs/accessanalyzer/12.0/admin/jobs/group/reporting.md new file mode 100644 index 0000000000..9c5ff06261 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/group/reporting.md @@ -0,0 +1,22 @@ +# Reporting Node + +At the job group level, the **Reporting** node identifies the report publishing and email +configurations assigned for the job group. By default, all job groups are set to inherit the +reporting settings, the **Use default setting** option, from the global level (**Settings** > +**Reporting**), or a parent job group. See the [Reporting](/docs/accessanalyzer/12.0/admin/settings/reporting.md) topic for +additional information. + +**NOTE:** If the Role Based Access feature is enabled, it also displays a list of all accounts +granted access to the published reports via the Web Console that are generated by any jobs within +the job group. + +![Job Group Reporting Settings page](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/reporting.webp) + +Checking the **Set all the child objects to inherit these settings** option at the bottom of the +page forces inheritance of these settings to all sub-groups and jobs within the job group. When +enabled, this option overrides any custom settings configured for the child objects. + +**NOTE:** The **Set all the child objects to inherit these settings** option has no impact on the +inheritance of Report Roles. + +## Publish diff --git a/docs/accessanalyzer/12.0/admin/jobs/group/settings.md b/docs/accessanalyzer/12.0/admin/jobs/group/settings.md new file mode 100644 index 0000000000..a56d6c3faa --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/group/settings.md @@ -0,0 +1,38 @@ +# Job Groups Settings Node + +A job group’s Settings node is where custom configurations can be set and where the host lists are +assigned to a job group. + +![Job group settings in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/settings.webp) + +These settings inherit the global settings down by default unless inheritance is broken at a job +group or a job level. + +- [Connection Node](/docs/accessanalyzer/12.0/admin/jobs/group/connection.md) – Use the default Connection Profile or break inheritance to + select the Connection Profile needed for the assigned host lists for this job group +- [History Node](/docs/accessanalyzer/12.0/admin/jobs/group/history.md) – Use the default history settings or break inheritance on data + retention and log retention settings for this job group +- [Host Lists Assignment](/docs/accessanalyzer/12.0/admin/jobs/group/hostlistsassignment.md) – Use the default host list configured on a parent + job group or break inheritance on assigned host lists for this job group + + **NOTE:** Host List Assignments is not a global setting. The pre-configured solutions may + contain Host List Assignments configured to use Global Default Host Lists, for example All + Domain Controllers. See the + [Default Host Lists](/docs/accessanalyzer/12.0/admin/settings/hostinventory.md#default-host-lists) topic for additional + information. + +- [Reporting Node](/docs/accessanalyzer/12.0/admin/jobs/group/reporting.md) – Use the default report settings or break inheritance on Published + Report settings, Email settings, and Report role assignment for this job group +- [Storage Node](/docs/accessanalyzer/12.0/admin/jobs/group/storage.md) – Use the default storage profile or break inheritance on where this + job group's data is stored + +If changes are made, click **Save** to implement the changes. Changes are not implemented unless +they are saved. + +**Host List Assignment** and **Connection** are the two settings that should always be confirmed +before executing a job group or job when data collection is included. The assigned host lists +contains the hosts that are targeted by the job’s data collection queries. The assigned Connection +Profile must have the appropriate level of permissions in order for the data collection to be +successful. See the +[Permissions by Data Collector (Matrix)](/docs/accessanalyzer/12.0/admin/datacollector/permissionmatrix.md) topic for +information on the recommended permissions needed on the targeted hosts in order to collect data. diff --git a/docs/accessanalyzer/12.0/admin/jobs/group/storage.md b/docs/accessanalyzer/12.0/admin/jobs/group/storage.md new file mode 100644 index 0000000000..d933a0d672 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/group/storage.md @@ -0,0 +1,16 @@ +# Storage Node + +At the job group level, the Storage node identifies the Storage Profile assigned for the job group. +All Storage Profiles are created at the global level (**Settings** > **Storage**). See the +[Storage](/docs/accessanalyzer/12.0/admin/settings/storage/overview.md) topic for additional information. + +![Job Group Storage Settings](/img/product_docs/accessanalyzer/12.0/admin/jobs/group/storage.webp) + +By default, all job groups are set to inherit the **Use Default Profile** option from the global +level or a parent job group. If it is necessary for a job group to send data to a different +database, the Storage Profile must already exist at the global level. Select the **Use This +Profile** radio button and choose the non-default Storage Profile from the drop-down menu. + +Selecting the **Set all the child objects to inherit these settings** option forces inheritance of +this setting to all sub-groups and jobs within the job group. When enabled, this option overrides +any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/12.0/admin/jobs/instantiate.md b/docs/accessanalyzer/12.0/admin/jobs/instantiate.md new file mode 100644 index 0000000000..3b3db0cf55 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/instantiate.md @@ -0,0 +1,63 @@ +# Instantiating Jobs into the Jobs Tree + +Access Analyzer jobs and solutions are comprised of files contained within the file system of the +installation directory. All jobs and job groups contained within the Jobs tree are housed in the +Jobs directory. The default location is: + +…\STEALTHbits\StealthAUDIT\Jobs + +![Explore Folder option from Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/explorefolder.webp) + +The folder is opened from within the Access Analyzer Console by right-clicking on the desired +**Jobs** node and selecting **Explore Folder**. + +![Jobs folder in File Explorer](/img/product_docs/accessanalyzer/12.0/admin/jobs/explorefolderfileexplorer.webp) + +The naming convention of the folders controls what is visible in the Jobs tree. `GROUP_` is the +prefix for all job groups. `JOB_` is the prefix for all jobs. Changing the prefix removes the object +from the Jobs tree without deleting it. + +Instantiating new, external jobs is as easy as copying and pasting the job or job group into this +location. However, copying an existing job within the Jobs directory is not supported. If the job +already exists within the Access Analyzer Console server, copying outside of the console may result +in reporting issues. + +**CAUTION:** Do not use these steps to copy an existing job. + +There is no need to close the Access Analyzer application to instantiate a new job. Follow the steps +to instantiate a new job into the Access Analyzer Jobs tree: + +**Step 1 –** Obtain the job or job group to be instantiated. If it has been sent by Netwrix, a +colleague, or other entity, it is most likely in one of two formats: + +- Archive (.zip, .rar, and so on) +- Folder containing the job content (JOB*[name of job] or GROUP*[name of job group]) + +**Step 2 –** Open the Jobs directory. The default location is: + +…\STEALTHbits\StealthAUDIT\Jobs + +**Step 3 –** Place the job or job group into the Jobs directory. + +![Extract zip file contents to the Jobs folder](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantiateextract.webp) + +- If in archive format, extract the desired content to the Jobs directory + + - Use the default path or specify a specific path using the browse button (…) + - Select whether to **Show extracted files when complete**. This option is selected by default. + +- If in a folder format, copy and paste the job or job group folder into the Jobs directory + +![New job added in the Jobs folder ](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantiatefileexplorer.webp) + +The new job or job group should be visible in the Jobs directory, and the naming convention should +match that of the jobs or job groups that are already there. + +![Refresh Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/refreshtree.webp) + +**Step 4 –** In the Access Analyzer Console, right-click on the **Jobs** node and select **Refresh +Tree**. + +![Job displayed in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantiatejobstree.webp) + +The new job or job group now displays in the **Jobs** tree in alphanumeric order. diff --git a/docs/accessanalyzer/12.0/admin/jobs/instantjobs/ad_passwordexpirationnotification.md b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/ad_passwordexpirationnotification.md new file mode 100644 index 0000000000..a07874a516 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/ad_passwordexpirationnotification.md @@ -0,0 +1,240 @@ +# AD_PasswordExpirationNotification Job + +The AD_PasswordExpirationNotification Job determines when Active Directory user passwords are about +to expire and can be configured to send notifications to users prior to password expiration. It is +available through the Instant Job Library under the Active Directory library. See the +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) section for instructions to add this instant job into the Jobs +tree. Since this job does not require a host to target, select Local host on the Hosts page of the +Instant Job Wizard. + +![AD_PasswordExpirationNotification job in the Jobs tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_3.webp) + +Runtime Details: + +- Dependencies – The .Active Directory Inventory Job Group must be successfully run before running + this job +- Target Hosts – None +- Scheduling – This job should be scheduled to run as desired +- History Retention – Not supported and should be turned off +- Multi-console Support – Not supported + +The AD_PasswordExpirationNotification Job runs analysis tasks that generate tables and configure +password expiration notifications. It also generates a report on passwords expiring within a +specified parameter, by default within 15 days. If desired, notifications of password expiration can +be configured to send to a help desk email (through an analysis task) and to the user (through an +action task). + +## Analysis Tasks for the AD_PasswordExpirationNotification Job + +Navigate to the **Jobs** > **AD_PasswordExpirationNotification** > **Configure** node and select +**Analysis** to view the analysis tasks. + +![Default Analysis Tasks for the Job](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- 1. User Password Information – Creates the PasswordExpirationNotification_Details table + accessible under the job’s Results node + - Contains a configurable parameter for the number of days until a password expires to be + identified + - See the + [Customizable Analysis Tasks for the AD_PasswordExpirationNotification Job](#customizable-analysis-tasks-for-the-ad_passwordexpirationnotification-job) + topic for additional information. +- 2. Domain Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation +- 3. Passwords Set to Expire Within 15 Days – Creates the + PasswordExpirationNotification_ExpiresWithin15Days table accessible under the job’s Results + node +- 4. Notification Data Table – Creates the + PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table accessible under + the job’s Results node +- 5. Help Desk Notification – Sends notification of users with passwords set to expire in X days + - See the + [Notification Analysis Task in the AD_PasswordExpirationNotification Job](#notification-analysis-task-in-the-ad_passwordexpirationnotification-job) + topic for additional information. + +## Action for the AD_PasswordExpirationNotification Job + +Navigate to the **Jobs** > **AD_PasswordExpirationNotification** > **Configure** node and select +**Actions** to view the action modules. + +**CAUTION:** This action is enabled by default. + +![Default Action Tasks for the Job](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/actiontasks.webp) + +The default actions are: + +- 1. User Notification – Uses the SendMail Action Module to send notifications to users on + password expiration + - Requires the Notification Actions license feature + - See the + [Action Task in the AD_PasswordExpirationNotification Job](#action-task-in-the-ad_passwordexpirationnotification-job) + topic for additional information. + +In addition to the tables created by the analysis and action tasks, the +AD_PasswordExpirationNotification Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------------------- | -------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------- | +| Passwords Expiring Within 15 Days | This report displays users accounts with passwords set to expire within 15 days. | None | This report is comprised of one element: - Table – Displays details on passwords expiring within 15 days | + +## Customizable Analysis Tasks for the AD_PasswordExpirationNotification Job + +Customizable parameters enable Access Analyzer users to set the values used to classify user and +group objects during this job’s analysis. The parameters can be customized and are listed in a +section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s +parameters. + +**CAUTION:** Do not change the table names or report name to align with a different value supplied +for this parameter. Modifying the table names will result in analysis and report errors downstream. +Only the report title and descriptions can be modified within the report configuration. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ---------------------------- | --------------------------- | ------------- | ------------------------------------------------------------------------------------------------- | +| 1. User Password Information | @pswLen | 15 | Number of days left until a password expires, should be set according to an organizations policy. | + +The parameters that can be customized are listed in a section at the bottom of the SQL Script +Editor. Follow the steps to customize an analysis task’s parameters. + +**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**Step 2 –** In the Analysis Selection view, select the **1. User Password Information** Analysis +Task and click on **Analysis Configuration**. The SQL Script Editor opens. + +![1. User Password Information Analysis Task in SQL Script Editor](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/customizeanalysistask.webp) + +**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. +Double-click on the current value and change as desired. + +**CAUTION:** Do not change any parameters where the Value states **Created during execution**. + +**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. + +The new value will be applied to the next job execution. + +## Notification Analysis Task in the AD_PasswordExpirationNotification Job + +The Notification Analysis Task can be used to send a single email to specified recipients containing +a list of all users whose passwords will expire in the specified number of days, that is the users +listed in the PasswordExpirationNotification_ExpiresWithin15Days table. The analysis is enabled by +default. Therefore, when the job is executed the following message is sent to the specified +recipient, such as the organization’s help desk, with information from the associated table: + +_Subject:_ Users with Passwords About To Expire + +Support Team, + +Heads-up.  The following users are facing password expiration in seven days or less: + +**[[ -- Password for [User] ([NTAccount]) expires in [DaysUntilExpiration] days** + +**]** + +Thank you, + +Netwrix + +**CAUTION:** Do not modify the tags, highlighted in bold text above. + +The Subject or message body can be modified, for example to replace `Netwrix` with the +organization’s name. Follow the steps to configure the 5. Help Desk Notification Analysis Task. + +**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select +**Analysis** to view the Analysis tasks. + +**Step 2 –** In the Analysis Selection view, select the **5. Help Desk Notification Analysis Task** +and click on **Analysis Configuration**. The Notification Data Analysis Module opens. + +![SMTP properties page](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/smtpproperties.webp) + +**Step 3 –** Use the **Next** button to navigate to the SMTP properties page. Do not make changes to +the preceding pages. The email configuration takes place on the SMTP page. Provide the recipients’ +email addresses, Message Subject, and add the notification email content. + +![SMTP properties add email recipients](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/smtppropertiesrecipients.webp) + +In the Recipients section, provide the email addresses in the text box or distribution lists in the +E-mail field (fully qualified address) for those who are to receive this notification, for example +the organization’s Help Desk. Multiple addresses can be input by adding a semicolon (;) and space +between entries. + +Use the **Add** and **Remove** buttons to add or remove the address in the E-mail field from the +Recipients list. There is an option to **Combine multiple messages into single message**, which is +checked by default so that it sends one email for all users in the record set instead of one email +per user. + +![Message section of SMTP properties page](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/smtppropertiesmessage.webp) + +In the Message section, the **Subject** should be configured. Then set the email content in the text +box as desired. + +**Step 4 –** To save these configuration changes, use the **Next** button to navigate to the Summary +page. Do not make changes to any other pages. Click **Finish**. The Notification Data Analysis +Module window closes. + +![Analyis Tasks view](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp) + +**Step 5 –** This notification analysis task is now configured to send emails. In the Analysis +Selection view, ensure the 5. Help Desk Notification Analysis Task is checked so that notifications +can be sent automatically during the execution of the AD_PasswordExpirationNotification Job. + +The recipients added in Step 3 receive a notification when the AD_PasswordExpirationNotification Job +is executed. + +## Action Task in the AD_PasswordExpirationNotification Job + +The 1. User Notification Action Task uses the SendMail Action Module to send users notification of +password expiration. It targets the SMTP Address Column of the users whose passwords are going to +expire within the desired number of days, that is the users listed in the +PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table. The action is enabled by +default. Therefore, when the job is executed the following message is sent to all users in the +associated table: + +_Subject:_ Attention **[User]** - Your Password Expires in **[DaysUntilExpiration]** Days + +Hello **[User]**, + +The password for the account **[NTAccount]** expires on **[ExpirationDate]**. Please change the +password prior to the expiration date.  If account profiles are used on mobile devices, please +remember to update the password on each device used. + +Thank you, + +Netwrix + +**CAUTION:** Do not change the recipient for the action task. While the tags can be moved, do not +remove or modify the tags, which are highlighted in bold text above. + +The subject or message body can be modified, for example to replace `Netwrix` with the +organization’s name. Follow the steps to modify the Subject or message body within the 1. User +Notification Action Task. + +**NOTE:** It is necessary for the +PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table to exist in the database +before this action task can be modified. + +**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select +**Actions**. + +**Step 2 –** In the Action Selection view, select the **1. User Notification** Action Task and click +on **Action Properties** to view the actions. + +**CAUTION:** Do not modify the action task properties. + +**Step 3 –** In the Action Properties view, the action properties and a preview of the users from +the associated table are displayed. Click **Configure Action**. The Send Mail Action Module Wizard +opens. + +![Send Mail Action Module Wizard Message page](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/actionwizardmessage.webp) + +**Step 4 –** Click **Next** to navigate to the Message page. Modify the message **Subject** and +email content as desired. + +**Step 5 –** Click **Next** and then **Finish** to save the changes. The Send Mail Action Module +Wizard closes. + +**Step 6 –** Click **Save** on the Action Properties view. + +When the action task is enabled, it executes as part of the job. Optionally, the action task can be +manually executed. diff --git a/docs/accessanalyzer/12.0/admin/jobs/instantjobs/ex_registerazureappauth.md b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/ex_registerazureappauth.md new file mode 100644 index 0000000000..09d698e6d5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/ex_registerazureappauth.md @@ -0,0 +1,90 @@ +# EX_RegisterAzureAppAuth Job + +EX_RegisterAzureAppAuth will register an Microsoft Entra ID (formerly Azure AD) application for +authentication and provision appropriate permissions for Exchange Online scans. It requires: + +- A Connection Profile containing a Microsoft Entra ID Global Admin credential with an Account Type + of **Task (Local)** +- Exchange Online Management v3.4.0 + + - You can install this module with the following command: + + ``` + Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 + ``` + +- Azure AD PowerShell module installed on targeted hosts + + **NOTE:** If the module is not already installed, the job will attempt to install it. + + - You can install the module with the following command: + + ``` + Install-Module AzureAD + ``` + + - TLS 1.2 is required for the Azure AD PowerShell module. Run the following command to configure + it: + + ``` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + ``` + +- Microsoft Graph PowerShell module installed on targeted hosts + + - You can install the module with the following command: + + ``` + Install-Module Microsoft.Graph + ``` + +## Using the EX_RegisterAzureAppAuth Job + +Follow the steps to configure and run the EX_RegisterAzureAppAuth Job. + +**Step 1 –** In Access Analyzer navigate to the Exchange Job Group (or any other Job Group you wish +to place the EX_RegistureAzureApp job into). + +**Step 2 –** Click **Add Instant Job** to open the Instant Job Wizard. + +**Step 3 –** Install the EX_RegisterAzureAppAuth Job from the Instant Job Library under the Exchange +General library. After installation, the job tree automatically refreshes with the new job available +within the selected Job Group. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional +information. + +**Step 4 –** On the job description page, in the Configuration section, select the edit button for +**Name of the app as it will appear in the Azure applications list** and enter the name you want to +apply to the registered Microsoft Entra ID application. Click **Save**. + +**Step 5 –** In the same section, select the edit button for **Password used for the Azure +application and to encrypt the certificate file in the local file system** and enter the password to +use for the Microsoft Entra ID application. Click **Save**. + +**Step 6 –** (Optional) For non-standard tenant types, edit the **Azure Environment Name...** option +to provide the full environment name. For a standard tenant, leave this option blank. + +- For example, if leveraging a government (or GCC) tenant, enter **AzureGovernment** +- Additional options include: AzureChinaCloud, AzureCloud, AzureGermanyCloud, AzurePPE, + AzureGovernment2, and AzureGovernment3 + +**Step 7 –** On the **Configure** > **Hosts** node, select the target hosts. The targeted hosts +should be the Microsoft Entra tenant name (for example, `myorg.onmicrosoft.com`). Click **Save**. +The job is now ready to be run. + +**Step 8 –** Run the EX_RegisterAzureAppAuth Job. + +**Step 9 –** After the job successfully runs, it opens a browser window to Microsoft Entra ID. +Log-in as a Global Administrator, and grant administrator consent to the Application's configured +API Permissions. + +- If this login attempt fails or you close the browser, you will need to login to Microsoft Entra ID + as a Global Administrator and navigate to the Application's API Permissions to grant Admin Consent + before the Application can be used for Exchange scans in Access Analyzer. + +The Microsoft Entra ID application is now provisioned with the necessary permissions for Exchange +Online scans. There will be a new Connection Profile for this Application. Restart the Access +Analyzer Console and enter a password to use this Connection Profile. + +_Remember,_ the required rights and roles for Exchange Online still need to be configured. See the +[Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/exchangeonline.md) +topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/jobs/instantjobs/fs_defend_sdd.md b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/fs_defend_sdd.md new file mode 100644 index 0000000000..65fe9a2fb9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/fs_defend_sdd.md @@ -0,0 +1,86 @@ +# FS_DEFEND_SDD Job + +The FS_DEFEND_SDD Job exports sensitive data matches collected by the File System Solution Sensitive +Data Discovery Auditing jobs to Threat Manager. It is available through the Instant Job Library +under the File System library. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for instructions to +add this instant job into the Jobs tree. + +For installing the job, select **Local host** on the Hosts page of the Instant Job Wizard. Then set +the host list according to the following information. + +![FS_DEFEND_SDD job in the Jobs tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_2.webp) + +Runtime Details: + +- Dependencies – The following job groups must be successfully run before running this job + - **FileSystem** > **0.Collection** Job Group + - **FileSystem** > **7.Sensitive Data** Job Group +- Special Instructions + - A Connection Profile must be created using the Web Services (JWT) credential account type with + the specified Threat Manager App Token and assigned to this job + - See the + [Custom Connection Profile for FS_DEFEND_SDD Job](#custom-connection-profile-for-fs_defend_sdd-job) + topic for additional information + - Assign the Connection Profile on the Connection tab of the job’s Properties + - The Threat Manager host name with port, [HOST]:8080, and App Token are generated within Threat + Manager: + - Navigate to the **Configuration** > **App Tokens** page + - Create a new app token + - Copy the Host Name and Token + - See the Access Analyzer Integration topic of the + [Netwrix Threat Manager Documentation](https://helpcenter.netwrix.com/category/stealthdefend) + for additional information. +- Target Hosts – Custom Host List + - Threat Manager target host is the Threat Manager host name with port, [HOST]:8080 + - Format – [HOST]:8080 + - Assign host list at the **FS_DEFEND_SDD** > **Configure** > **Hosts** (see the + [Hosts Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/hosts.md) topic for additional information) +- Scheduling – This job should be scheduled to run as desired +- History Retention – Not supported and should be turned off +- Multi-console Support – Not supported + +The FS_DEFEND_SDD Job runs an analysis task that generates the SA_FSAA_SDD_RESULTS table, which +places the data in a compatible format for Threat Manager. It then runs an action task using the Web +Request Action Module to send the data to Threat Manager. + +## Analysis Tasks for the FS_DEFEND_SDD Job + +Navigate to the **Jobs** > **FS_DEFEND_SDD** > **Configure** node and select **Analysis** to view +the analysis tasks. + +![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- Create FSAA DEFEND table – Creates the FSAA_SDD_RESULTS table accessible under the job’s Results + node + +## Actions for the FS_DEFEND_SDD Job + +Navigate to the **Jobs** > **FS_DEFEND_SDD** > **Configure** node and select **Actions** to view the +actions. + +**CAUTION:** This action is enabled by default. + +![Default Action Tasks for the Job](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/actiontasks.webp) + +The default action is: + +- Integrate – Uses the Web Request Action Module to send data to Threat Manager + +## Custom Connection Profile for FS_DEFEND_SDD Job + +The FS_DEFEND_SDD Job requires a custom Connection Profile to authenticate to Threat Manager. The +credential for the Connection Profile must be created with the Web Services (JWT) account type. +Remember, the Threat Manager App Token is generated within Threat Manager. + +Create a Connection Profile and set the following information on the User Credentials window: + +- Select Account Type – Web Services (JWT) +- Domain – Not a field for this type of credential, defaults to `` +- User name – Not a field for this type of credential +- Password Storage: Application – Uses Access Analyzer’s configured Profile Security setting as + selected at the **Settings** > **Application** node +- Access Token – Copy and paste the Threat Manager App Token + +See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/jobs/instantjobs/fs_migrateschema.md b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/fs_migrateschema.md new file mode 100644 index 0000000000..11f2f66509 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/fs_migrateschema.md @@ -0,0 +1,55 @@ +# FS_MigrateSchema Job + +The FS_Migrate_Schema Job migrates the schema in order to support the use of 64-bit ResourceID's +without affecting data. It is available through the Instant Job Library under the File System +library. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for instructions to add this instant job +into the Jobs tree. + +For installing the job, select **Local host** on the Hosts page of the Instant Job Wizard. + +![FS_MigrateSchema job in the Jobs tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree.webp) + +Runtime Details: + +- Dependencies – None +- Target Hosts – None +- Scheduling – This job should be scheduled to run as desired +- History Retention – Not supported and should be turned off +- Multi-console Support – Not supported +- Additional Notes – None + +The FS_Migrate Schema Job migrates the schema in order to support the use of 64-bit ResourceID's +without affecting data. + +## Analysis Tasks for the FS_MigrateSchema Job + +Navigate to the **Jobs** > **FS_MigrateSchema** > **Configure** node and select **Analysis** to view +the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- 1.Migrate Resources – Migrates the SA_FSAA_Resources table to leverage 64-bit IDs +- 2.Migrate UnixRights – Migrates the SA_FSAA_UnixRights table to leverage 64-bit IDs +- 3.Migrate Gates – Migrates the SA_Gates table to leverage 64-bit IDs +- 4.Migrate GatesProxy – Migrates the SA_FSAA_GatesProxy table to leverage 64-bit IDs +- 5.Migrate Exceptions – Migrates the SA_FSAA_Exceptions table to leverage 64-bit IDs +- 6.Migrate ProbableOwners – Migrates the SA_FSAA_ProbableOwners table to leverage 64-bit IDs +- 7.Migrate FileSizes – Migrates the SA_FSAA_FileSizes table to leverage 64-bit IDs +- 8.Migrate FileTypes – Migrates the SA_FSAA_FileTypes table to leverage 64-bit IDs +- 9.Migrate FileAges – Migrates the SA_FSAA_FileAges table to leverage 64-bit IDs +- 10.Migrate FileTags – Migrates the SA_FSAA_FileTags table to leverage 64-bit IDs +- 11.Migrate DFS Links – Migrates the SA_FSDFS_Links table to leverage 64-bit IDs +- 12.Migrate DLP Matches – Migrates the SA_FSDLP_Matches table to leverage 64-bit IDs +- 13.Migrate DLP MatchHits – Migrates the SA_FSDLP_MatchHits table to leverage 64-bit IDs +- 14.Migrate DLP MatchHits Subject Profile – Migrates the SA_FSDLP_MatchHits_SubjectProfile table to + leverage 64-bit IDs +- 15.Migrate FSAC ActivityEvents – Migrates the SA_FSAC_ActivityEvents table to leverage 64-bit IDs +- 16.Migrate DailyActivity – Migrates the SA_FSAC_DailyActivity table to leverage 64-bit IDs +- 17.Migrate FSAC RenameTargets – Migrates the SA_FSAC_RenameTargets table to leverage 64-bit IDs +- 18.Migrate FSAC Exceptions – Migrates the SA_FSAC_Exceptions table to leverage 64-bit IDs +- 19.Refresh Views – Updates viewable metadata diff --git a/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md new file mode 100644 index 0000000000..3eba798137 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md @@ -0,0 +1,55 @@ +# Instant Job Wizard + +The Access Analyzer Instant Job Wizard provides access to a library of instant solutions and instant +jobs, which are pre-configured for Access Analyzer. Instant solutions contain groups of jobs to help +solve a wide range of problems within each category. Instant jobs help solve specific problems. The +instant solutions available align to an organization’s license key. See +the[Solutions](/docs/accessanalyzer/12.0/solutions/overview.md) topic for additional information. + +Follow the steps to install an instant solution or an instant job with the Instant Job Wizard. + +![Add Instant Job from context menu](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/addinstantjob.webp) + +**Step 1 –** Select the Jobs tree (for an instant solution) or the desired job group (for an instant +job), right-click on the node, and select **Add Instant Job**. + +![Instant Job Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/welcome.webp) + +**Step 2 –** On the Welcome page, click **Next**. + +![Instant Job page](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/instantjob.webp) + +**Step 3 –** On the Instant Job page, use the filter menu to only view instant jobs in a particular +category, or click the plus icon (+) to expand a category group. + +![Selected Instant Job](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/selectinstantjob.webp) + +**Step 4 –** Select the desired instant solution or job. To select multiple instant solutions or +jobs, press the Windows **Ctrl** key and select the items to install. Click **Next**. + +![Host Assignment page](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/hostassignment.webp) + +**Step 5 –** Some of the Library selections add a Host Assignment page. If this page does not +appear, skip to Step 7. If the page does appear, select either the **Use default settings (Inherit +from the parent group, if any)** or **Specify individual hosts or hosts lists** option. If the first +option is selected, skip to Step 7. If the second option is selected, click **Next** to go to the +Host Lists and Individual Hosts wizard pages. + +| ![Host Lists page](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/individualhosts.webp) | +| ------------------------------------------------------------------------------------------------------------------------------------ | --- | ------------------------------------------------------------------------------------------------------------------------------------------------ | +| Host Lists page | | Individual Hosts page | + +**Step 6 –** Some of the Library selections add a Host Lists, and Individual Hosts page. If these +pages do not appear with the selection, skip to Step 7. If the pages do appear, check the host list +to be assigned to the job group or job. Alternatively enter hosts manually. Then click **Next**. + +![Summary page](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/summary.webp) + +**Step 7 –** On the Summary page, click **Save & Exit**. + +![Instant Solutions installation dialog](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/installationcomplete.webp) + +**Step 8 –** For Instant Solutions, when the installation is complete, click **Finish**. + +The Instant Job Wizard closes, and the Jobs tree refreshes automatically. See the individual +sections in the [Solutions](/docs/accessanalyzer/12.0/solutions/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sas_executionstatistics.md b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sas_executionstatistics.md new file mode 100644 index 0000000000..33111b06e0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sas_executionstatistics.md @@ -0,0 +1,56 @@ +# SAS_ExecutionStatistics Job + +The SAS_ExecutionStatistics Job tracks historical performance of Access Analyzer job and analysis +functions and highlights when a particular task takes an abnormal length of time to execute. It is +available through the Instant Job Library under the Access Analyzer Utilities library. See the +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) section for instructions to add this instant job into the Jobs +tree. Since this job does not require a host to target, select Local host on the Hosts page of the +Instant Job Wizard. + +The job is dependent upon the Job Statistics Retention configuration in the **Settings** > +**Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for +additional information. + +![SAS_ExecutionStatistics job in the Jobs tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_4.webp) + +Runtime Details: + +- Dependencies – None +- Target Hosts – None +- Scheduling – This job should be scheduled to run as desired +- History Retention – Not supported and should be turned off +- Multi-console Support – Not supported +- Additional Notes – The jobs uses custom SQL scripts to render views on collected data. SQL views + are used to populate report element tables and graphs. Changing or modifying the Group, Job, or + Table names will result in no data displayed within the reports. + +The SAS_ExecutionStatistics Job runs analysis tasks and generates reports on the latest job +executions, analysis history, host query details, and analysis details. + +## Analysis Tasks for the SAS_ExecutionStatistics Job + +Navigate to the **Jobs** > **SAS_ExecutionStatistics** > **Configure** node and select **Analysis** +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- Analyze Jobs – Collects and analyzes all job-level execution statistics from the database based on + the statistics retention settings set in the Application node +- Analyze All Statistics – Collects and analyzes all task-level execution statistics from the + database based on the statistics retention settings set in the Application node +- Query Execution Details – Organizes query-related statistics +- Analysis Details – Organizes analysis-related statistics + +In addition to the tables created by the analysis tasks, the SAS_ExecutionStatistics Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ----------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------ | +| Analysis Execution | This report identifies abnormally long analysis times. | None | This report is comprised of two elements: - Bar graph – Displays Abnormally Long Analysis Times - Table – Displays details on analysis times | +| Collection Statistics | This report identifies abnormally long collection times. | None | This report is comprised of two elements: - Bar graph – Displays Abnormally Long Collection Times - Table – Displays details on collection times | +| Job Execution Statistics | This report identifies jobs which have abnormally long run times. | None | This report is comprised of two elements: - Pie chart – Displays Job Status - Table – Displays details on job status | diff --git a/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_registerazureappauth.md b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_registerazureappauth.md new file mode 100644 index 0000000000..7e714d15fc --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_registerazureappauth.md @@ -0,0 +1,56 @@ +# SP_RegisterAzureAppAuth Job + +SP_RegisterAzureAppAuth will register an Microsoft Entra ID (formerly Azure AD) application for +authentication and provision appropriate permissions for SharePoint Online scans. It requires: + +- A Connection Profile containing the following two user credentials, both with an Account Type of + **Task (Local)**: + + - Microsoft Entra ID Global Admin credential + - A credential with the username `newapp` that contains the password for the new application + +- Microsoft Graph API PowerShell module to be installed on targeted hosts + +## Instantiate the SP_RegisterAzureAppAuth Job. + +Follow the steps to instantiate the SP_RegisterAzureAppAuth Job. + +**Step 1 –** In Access Analyzer navigate to the SharePoint Job Group (or any other Job Group you +wish to place the SP_RegistureAzureApp job into). + +**Step 2 –** Click **Add Instant Job** to open the Instant Job Wizard. + +**Step 3 –** Install the SP_RegisterAzureAppAuth Job from the Instant Job Library under the +SharePoint library. After installation, the job tree automatically refreshes with the new job +available within the selected Job Group. + +**Step 4 –** On the job description page, in the Configuration section, select the edit button for +**The new application’s display name** and enter the name you want to apply to the registered +Microsoft Entra ID application. Click **Save**. + +**Step 5 –** On the **Configure** > **Hosts** node, select the targeted host. The targeted host +should be the Microsoft Entra ID tenant on which you want to install the Microsoft Entra ID +application (for example, `myorg.onmicrosoft.com`). Click **Save**. The job is now ready to be run. + +After the job successfully runs it will open a browser window to Microsoft Entra ID that, when +logged-in as a Global Administrator, allows the user to grant administrator consent to the +Application's configured API Permissions. If the login attempt fails, or the user closes the +browser, they will need to login to Microsoft Entra ID as a Global Administrator and navigate to the +Application's API Permissions to grant Admin Consent before the Application can be used for +SharePoint scans in Access Analyzer. + +Additional Considerations + +- After the job successfully runs, there will be a new Connection Profile for this Application. + Restart the Access Analyzer Console and enter a password to use this Connection Profile. +- The password is the location of the PFX file generated by the script (in the \PrivateAssemblies + directory), the Microsoft Entra ID application's password, and a numeric designator for the + Microsoft 365 environment (0 is the default for production environments; the other supported + options are 1 for pre-production environments, 2 for China, 3 for Germany, 4 for US Government, 5 + for US Government-High, and 6 for US Government-DoD). To allow for multiple unique certificates + for different Microsoft Entra ID tenants to be stored on the same Access Analyzer server, the + script appends the targeted host name (without the domain) to the filename of the PFX file + generated by the script. For example, if the targeted host is `myorg.onmicrosoft.com`, then the + password for the connection profile would be: + + ...\STEALTHbits\StealthAUDIT\PrivateAssemblies\spaa_cert_myorg.pfx,YourPasswordHere,0 diff --git a/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_removehost.md b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_removehost.md new file mode 100644 index 0000000000..8ec6364f09 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_removehost.md @@ -0,0 +1,33 @@ +# SP_RemoveHost Job + +The SP_RemoveHost Job removes desired SharePoint hosts from the Access Analyzer database. It is +available through the Instant Job Library under the SharePoint library. See the +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for instructions to add this instant job into the Jobs tree. + +![SP_RemoveHost job in the Jobs tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_1.webp) + +Runtime Details: + +- Dependencies – None +- Target Hosts – SharePoint host to be deleted +- Scheduling – This job should be scheduled to run as desired +- History Retention – Not supported and should be turned off +- Multi-console Support – Not supported +- Additional Notes – None + +The SP_RemoveHosts Job removes desired SharePoint hosts from the Access Analyzer database, target +the hosts on the job and run it to delete the respective hosts SharePoint data. + +## Analysis Tasks for the SP_RemoveHost Job + +Navigate to the **Jobs** > **SP_RemoveHost** > **Configure** node and select **Analysis** to view +the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks.webp) + +The default analysis tasks are: + +- Remove Host(s) — Remove Scanned Hosts from Tier 1 diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/configure/actions.md b/docs/accessanalyzer/12.0/admin/jobs/job/configure/actions.md new file mode 100644 index 0000000000..4441600c8c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/configure/actions.md @@ -0,0 +1,67 @@ +# Actions Node + +The Actions node uses Access Analyzer action modules to take action on collected and analyzed data. +Action can be taken on objects leveraging collected data or analyzed data, for example from a +listing of locked-out accounts, an action can be executed to unlock those accounts. + +**NOTE:** Action modules are available with a special Access Analyzer license. + +![Action Selection page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionselection.webp) + +The Action Selection view lists all action tasks for the selected job. The listed information +includes: + +- Name – Name of the action task (as provided by the creator of the task) +- Description – Description of the action task (as provided by the creator of the task) +- Module – Name of the Access Analyzer action module +- Table – Name of the source table for the action + +![Options at the top of the Action Selection page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionselectionoptions.webp) + +The Actions section at the top has five options: + +- Add from Library – Opens the Libraries window for adding and configuring pre-made action tasks +- Create Action – Opens the Action Properties window for creating and configuring action tasks +- Delete Action – Deletes the selected action task from the list + + - This action does require confirmation + +- Action Properties – Opens the Action Properties window for the selected action task + + - See the [Action Properties Page](/docs/accessanalyzer/12.0/admin/action/overview.md#action-properties-page) topic for + additional information + - See the [Action Modules](/docs/accessanalyzer/12.0/admin/action/overview.md) topic for additional information + + **NOTE:** The AutoAction task appears in the Analysis Selection view, not in the Action + Selection view. + +- Execute Action – Opens the Action Execution window and starts executing the selected action + + - Does not require an action task to be checked, only selected + +![Buttons at the bottom of Action Selection page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionselectiontablebuttons.webp) + +At the bottom of the Action Selection view, there are action buttons that apply to the table: + +- Move Up – Moves the selected action task up the list, which is important since action tasks are + executed in the order listed in the table +- Move Down – Moves the selected action task down the list, which is important since action tasks + are executed in the order listed in the table +- Select All – Selects all action tasks in the table for execution + +The Action Selection view also has its own right-click menu for taking action on the action task or +the job. + +![Actions Right-Click Menu](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionsrightclickmenu.webp) + +The options for the Actions node right-click menu are: + +- Create Action – Opens the Action Properties window +- Copy Action – Copies the selected action to the clipboard +- Paste Action – Opens the Action Properties window for modifying copied action tasks +- Delete Action – Deletes selected action task +- Properties – Opens the Action Properties window +- Execute Action – Opens the Action execution window and runs an action +- Run Job – Starts job execution for the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Create Job (Ctrl + Alt + A) – Creates a new job at the same location as the selected job diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysis.md b/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysis.md new file mode 100644 index 0000000000..33ce87bda6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysis.md @@ -0,0 +1,71 @@ +# Analysis Node + +The Analysis node uses Access Analyzer analysis modules to run analysis tasks on collected data. +There are two basic types of analysis modules. Most analysis modules correlate, format, and +transform collected data into powerful data views for end-stage reports and graphs. + +The Notification analysis module allows for the ability to send an email notice when a trigger is +met, for example an email can be sent to an administrator to notify that disk space has reached a +particular point (the trigger) and needs to be addressed before space runs out. + +![Analysis Selection page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisselection.webp) + +The Analysis Selection view lists all analysis tasks for the selected job. The listed information +includes: + +- Name – Name of the analysis task (as provided by the creator of the task) +- Description – Description of the analysis task (as provided by the creator of the task) +- Module – Name of the Access Analyzer analysis module +- HostLists – Indicates the analysis task is applicable to hosts found in the referenced host lists, + applies to analysis modules that use host list filters, for example **Business Rules** analysis + module + +![Option at the top of the Analysis Section](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisbuttonstop.webp) + +The Analysis section at the top has four options: + +- Create Analysis – Opens the Analysis Properties window for creating and configuring analysis tasks +- Delete Analysis – Deletes the selected analysis task from the list + - This action does require confirmation +- Analysis Properties – Opens the Analysis Properties window for the selected analysis task + - See the [Analysis Properties Page](/docs/accessanalyzer/12.0/admin/analysis/overview.md#analysis-properties-page) + topic for additional information. + - See the individual analysis module sections in the + [Analysis Modules](/docs/accessanalyzer/12.0/admin/analysis/overview.md) topic for additional information. +- Analysis Configuration – Opens the selected analysis task’s configuration window + +![Buttons at the bottom of the Analysis Selection page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisbuttonsbottom.webp) + +At the bottom of the Analysis Selection view, there are action buttons that apply to the table: + +- Move Up – Moves the selected analysis task up the list, which is important since analysis tasks + are executed in the order listed in the table +- Move Down – Moves the selected analysis task down the list, which is important since analysis + tasks are executed in the order listed in the table +- Select All – Selects all analysis tasks in the table for execution +- Validate – Validates all analysis tasks where the **Business Rules** analysis module was used +- Validate selected – Validates selected analysis tasks where the **Business Rules** analysis module + was used +- Edit Rules – Edits the rule for selected analysis task where the **Business Rules** analysis + module was used + +The Analysis Selection view also has its own right-click menu for taking action on the analysis task +or the job. + +![Analysis Selection page right-click menu](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisrightclickmenu.webp) + +The options for the Analysis node right-click menu are: + +- Create Analysis – Opens the Analysis Properties window +- Cut Analysis – Cuts selected analysis task +- Copy Analysis – Copies selected analysis task +- Paste Analysis – Pastes a copied/cut analysis task to the selected location +- Delete Analysis – Deletes selected analysis task +- Properties – Opens the Analysis Properties window +- Configuration – Opens the selected analysis task’s configuration window +- Test Scorecard SQL – Validates all analysis tasks where the Business Rules analysis module was + used +- Execute Analyses – Executes or runs the checked (enabled) analysis tasks +- Run Job – Starts job execution for the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Create Job (Ctrl + Alt + A) – Creates a new job at the same location as the selected job diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md b/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md new file mode 100644 index 0000000000..6836bb8149 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md @@ -0,0 +1,29 @@ +# Configure the Customizable Parameters in an Analysis Task + +The parameters that can be customized and are listed in a section at the bottom of the SQL Script +Editor. Follow the steps to customize an analysis task’s parameters. + +**Step 1 –** Navigate to the Job’s **Configure** node and select **Analysis**. + +**Step 2 –** In the Analysis Selection view, select the desired analysis task and click **Analysis +Configuration**. The SQL Script Editor opens. + +**Step 3 –** At the top of the SQL Script Editor, select **Parameters**. + +**NOTE:** The image shown is a generic example. Table names and customizable parameters will change +based on the Job. + +![SQL Script Editor](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/customizableparameters.webp) + +**Step 4 –** In the parameters section at the bottom of the editor, find the Value column. + +**CAUTION:** Do not change any parameters where the Value states **Created during execution**. + +- Double-click on the customizable value and change as desired + +**Step 5 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. + +Repeat the steps as needed to customize analysis parameters. + +See the [SQLscripting Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/sqlscripting.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/configure/hosts.md b/docs/accessanalyzer/12.0/admin/jobs/job/configure/hosts.md new file mode 100644 index 0000000000..9c01f46695 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/configure/hosts.md @@ -0,0 +1,39 @@ +# Hosts Node + +The Hosts node provides the option to assign a preconfigured host list at the job level. It also +provides a way to manually assign hosts to be targeted by the job using Host Selection pane. + +![Host Selection page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/hostselection.webp) + +Use the default settings by selecting the **Use Default Setting** checkbox and inherit the job +group’s assigned host lists. To break inheritance and assign host lists at the job level select from +the available host lists. + +Hosts added manually at the job level are added to the Master Host Table if not already there, and +it triggers a host inventory query according to the global settings. The host will not be added to +any individual host lists. See the [Manually Add Hosts to a Job](#manually-add-hosts-to-a-job) topic +for additional information. + +Click **Save** to apply any changes to the host selection. Changes are not implemented unless they +are saved. + +## Manually Add Hosts to a Job + +Hosts can be added manually at the job level even when inheritance (Use Default Setting) is used for +host list assignment. The job targets the hosts in any assigned host lists as well as any manually +added at the job level. Follow these directions to manually add a host to a job. + +![Job's Configure > Hosts node](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/hostsnode.webp) + +**Step 1 –** Navigate to the job’s **Configure** > **Hosts** node. + +![Individual hosts section of the Host Selection view](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/hostselectionindividualhosts.webp) + +**Step 2 –** In the Individual hosts section of the Host Selection view, enter the Host name in the +textbox and click **Add**. + +**Step 3 –** Repeat the previous step for each host to be added. + +**Step 4 –** Click **Save** and then **OK** to confirm the changes. + +The manually added host is now targeted by the job. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/configure/overview.md b/docs/accessanalyzer/12.0/admin/jobs/job/configure/overview.md new file mode 100644 index 0000000000..931f226586 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/configure/overview.md @@ -0,0 +1,55 @@ +# Configure Node + +Changes to configurations for the job’s assigned Host Lists, Queries, Analyses, Actions, and Reports +are created through the **[Job]** > **Configure** node or through the Configure shortcut on the +job’s Description page. + +| | | +| -------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ![Configure Node](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/configurelinkjobpage.webp) | +| Configure Node | Configure link on job description page | + +The sub-nodes under the **[Job]** > **Configure** node are: + +- [Hosts Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/hosts.md) – Assign a host list at the job level or manually add hosts to be targeted + by the job +- [Queries Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/queries.md) – Select and configure a Access Analyzer data collector to scan + targeted hosts +- [Analysis Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysis.md) – Create and configure Analysis and Notification tasks for collected + data +- [Actions Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/actions.md) – Create and configure Action tasks for taking action on collected and + analyzed data +- [Reports Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/reports.md) – Create and configure Reports to be generated during job execution + +## Configure Page + +The job's Configure Page provides an overview with shortcuts for options that are configured in the +job's Configure Node. + +![Configure page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/configurepage.webp) + +The options on the Configure Page are: + +- Hosts - Navigates to the job's Hosts node +- Queries - Navigates to the job's Queries node +- Analysis - Navigates to the Analysis node +- Actions - Navigates to the Actions node +- Reports - Navigates to the Reports node +- Run Now - Executes the job +- Open Folder - Opens the job folder location with supporting files in the Windows Explorer +- View Log - Opens the job’s log + +The options in the Configure section are: + +- Tasks - If applicable, displays a list of the job's Queries, Analysis Tasks, and Action Modules + + - Click **Properties** to view the task's properties + - Click **Output Table** to view the Results for the task under the + [Results Node](/docs/accessanalyzer/12.0/admin/jobs/job/results.md) + +- Hosts - Lists the assigned hosts for the job +- Reports - If applicable, displays a list of the job's Reports + + - Click the reports name to access a report under the job's [Results Node](/docs/accessanalyzer/12.0/admin/jobs/job/results.md) + - Click **Configure** to edit the report parameters in the + [Report Configuration Wizard](/docs/accessanalyzer/12.0/admin/report/wizard/overview.md) diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/configure/queries.md b/docs/accessanalyzer/12.0/admin/jobs/job/configure/queries.md new file mode 100644 index 0000000000..a1d0fcea5f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/configure/queries.md @@ -0,0 +1,107 @@ +# Queries Node + +The Queries node uses a Access Analyzer data collector to run scans against the targeted hosts. +Different data collectors are designed for different types of collection. It is necessary for the +Connection Profile associated with the target hosts to have a sufficient level of rights for the +selected data collector. See the +[Permissions by Data Collector (Matrix)](/docs/accessanalyzer/12.0/admin/datacollector/permissionmatrix.md) topic for a +chart with recommended permissions per data collector. + +![Query Selection page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryselection.webp) + +The Query Selection view lists all queries for the selected job. Though it is possible to have +multiple queries in a single job, it is not usually recommended. The listed information includes: + +- Name – Name of the query (as provided by the creator of the query) +- Source – Name of the Access Analyzer data collector +- Table – Name of the Native Data table +- Enumerates – Whether or not the data collector will return enumerated data, or multiple lines of + data per target host + - If **Yes**, only one query can write to a single table + - If **No**, then multiple related queries can write to a single table +- Properties – Number of the properties to be returned +- Filters – Number of in-line filters applied to the data being returned by the query +- Script – Whether or not a VB Script was added to the query + - If **Yes**, a VB Script was added to query execution + - If **No**, a VB Script was not added to query execution +- Description – Description of the query (as provided by the creator of the query) + +## Tables + +Add and configure native data tables through the Tables section in the Query Selection view. + +![Tables section of Query Selection page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryselectiontables.webp) + +The Tables section at the top has three options: + +- Add Table – Adds an additional native data table and associated query to the selected job +- Rename Table – Opens the Rename Table window for changing the native data table name +- Delete Table – Deletes the selected table from the list, all associated query tasks, and the + database table if it has already been created. This action does require confirmation. + + **CAUTION:** Do not delete the last table in a job’s Query Selection view. Doing so will also + delete the Messages table. In order to delete the last table, it is necessary to delete the job. + +## Queries + +The Queries section is where the job’s preconfigured queries can be edited and where new queries can +be added. + +![Queries section of Query Selection page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryselectionqueries.webp) + +The Queries section has four options and includes the list of queries for the selected job: + +- Add from Library – Opens the Libraries window to select preconfigured data collection queries. See + the [Add Query from Library](/docs/accessanalyzer/12.0/admin/datacollector/overview.md#add-query-from-library) topic for + additional information. +- Create Query – Opens the Query Properties window for creating and configuring queries +- Delete Query – Deletes the selected query from the list. This action does require confirmation. +- Query Properties – Opens the Query Properties window for the selected query + - This option is used for query modifications + - See the + [Create or Modify a Query](/docs/accessanalyzer/12.0/admin/datacollector/overview.md#create-or-modify-a-query) topic + for additional information + - See the topics for the individual [Data Collectors](/docs/accessanalyzer/12.0/admin/datacollector/overview.md) for + additional information + +## Right-click Menu + +The Query Selection view also has its own right-click menu for taking action on the queries, tables, +or the job. + +![Right-click menu on the Query Selection page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryrightclickmenu.webp) + +The options in the Queries node right-click menu are: + +- Add from Library – Opens the Libraries window +- Quick Add – Quickly add a new query from a list of non-configured data collector queries +- Create Query – Creates a new query to be configured +- Cut Query – Cuts selected query +- Copy Query – Copies selected query +- Paste Query – Pastes a cut or copied query to the selected location +- Delete Query – Deletes a selected query +- Properties – Opens the Query Properties window +- Add Table – Adds a Native Data table to the selected query +- Delete Table – Deletes the selected table +- Rename Table – Opens the Rename Table window +- Run Job – Starts job execution for the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Create Job (**Ctrl + Alt + A**) – Creates a new job at the same location as the selected job + +## Host List + +Jobs with configured queries require a host list to be assigned. This can be done at either the Job +Group or Job level. Whichever location is used to set the host list for query execution should also +be the location where the Connection Profile is assigned. See the +[Job Properties](/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md) topic for additional information. + +- Job Groups + - Host List Assigned – **[Job Group]** > **Settings** > **Host Lists Assignment**. See the + [Host Lists Assignment](/docs/accessanalyzer/12.0/admin/jobs/group/hostlistsassignment.md) topic for additional information. + - Connection Profile Selected – **[Job Group]** > **Settings** > **Connection**. See the + [Connection Node](/docs/accessanalyzer/12.0/admin/jobs/group/connection.md) topic for additional information. +- Job Level + - Host List Assigned – **[Job]** > **Configure** > **Hosts**. See the [Hosts Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/hosts.md) + topic for additional information. + - Connection Profile Selected – Connection tab of the Job’s Properties Window. See the + [Connection Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/connection.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/configure/reports.md b/docs/accessanalyzer/12.0/admin/jobs/job/configure/reports.md new file mode 100644 index 0000000000..bbd7861af0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/configure/reports.md @@ -0,0 +1,45 @@ +# Reports Node + +The Reports node is for configuring reports to be generated during job execution. + +![Reports page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/reports.webp) + +The Reports view lists any reports that have been configured for the selected job and options +related to configuring reports. The options at the top of the Reports view are: + +- Properties – Opens the [Job Properties](/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md) page for the job that the + report is for +- Run Now – Runs the currently selected job that the report is for +- Open Folder – Opens the Report’s folder location with supporting files in the Windows Explorer +- View Log – Opens the log for the job that the report is for + +![Options on the Reports table header row](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/reportstableheaderoptions.webp) + +The Reports table contains all of the configured reports for the job. The header row of the table +contains the following options for adding reports to the table: + +- Create – Creates a new report for the selected job + + - See the [Creating a Report](/docs/accessanalyzer/12.0/admin/report/create.md) topic for additional information + +- Paste – Paste a cut or copied report into the selected job + + - The paste option is accessed from the vertical ellipsis menu of the header row of the Reports + table + +![Reports table row options](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/reportstablerowoptions.webp) + +Clicking on the name of a report opens it in the Results node. Clicking **Configure** next to a +report's name opens the Report Configuration wizard for the report, see the +[Report Configuration Wizard](/docs/accessanalyzer/12.0/admin/report/wizard/overview.md) topic for additional information. +Additional options are available from the vertical ellipsis menu on a reports row: + +- Generate – Generates the report +- Copy – Copies the report to the clipboard +- Delete – Deletes the report + +Once a report is generated, it can be viewed in several locations depending on the configuration. +Report configurations may also be copied to other reports to generate preferred outputs for +alternate jobs. However, all generated reports can be viewed in the job’s **Results** node. + +See the [Reporting](/docs/accessanalyzer/12.0/admin/report/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/create.md b/docs/accessanalyzer/12.0/admin/jobs/job/create.md new file mode 100644 index 0000000000..9b249b684b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/create.md @@ -0,0 +1,29 @@ +# Create a New Job + +Follow the steps to create a new job. + +![Create Job from Jobs Tree context menu](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/createjob.webp) + +**Step 1 –** Select the Jobs tree or the desired job group to add the new job to. Right-click and +select **Create Job**. + +![New Job added to Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/newjob.webp) + +**Step 2 –** Provide a unique, descriptive name for the job. The default name is `NewJob`. Some +considerations for naming conventions: + +**CAUTION:** Do not end a job name with a space. + +- There can never be two jobs with the same name. Access Analyzer automatically appends a numeral to + the end of a job name to avoid duplicates, for example `NewJob1`. +- No special characters can be used. See the Microsoft + [Naming Conventions](https://learn.microsoft.com/en-us/windows/win32/fileio/naming-a-file#naming-conventions) + article for limitations. +- Jobs in a group are run alphanumerically +- When possible, keep names short to avoid report path errors caused by Microsoft’s maximum path + length. See the Microsoft article referenced above. + +The new job is now ready to be configured. See the +[Data Collectors](/docs/accessanalyzer/12.0/admin/datacollector/overview.md), [Analysis Modules](/docs/accessanalyzer/12.0/admin/analysis/overview.md), +[Action Modules](/docs/accessanalyzer/12.0/admin/action/overview.md), and [Reporting](/docs/accessanalyzer/12.0/admin/report/overview.md) topics for +additional information. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/disableenable.md b/docs/accessanalyzer/12.0/admin/jobs/job/disableenable.md new file mode 100644 index 0000000000..4849d35bc2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/disableenable.md @@ -0,0 +1,52 @@ +# Disable or Enable a Job + +Job groups may contain individual jobs that should not be run when the entire job group is run. Some +job groups also contain jobs that can optionally be run separately from the rest of the job group. +Individual jobs can be disabled or enabled at the job group or job level. Disabled jobs do not +execute when the parent job group is run. + +If the role based access feature is enabled, the ability to enable and disable jobs is limited by +the assigned role. See the [Role Based Access](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md) topic +for additional information. + +## Disable a Job + +Jobs can be disabled from the Jobs tree. Disabled jobs cannot be run manually, through a scheduled +task, or executed as part of the job group. Follow the steps to disable a job. + +**Step 1 –** Select a job group or job. + +**NOTE:** When disabling jobs at the job group level, all jobs contained in the job group are +disabled, but the job group is not disabled. Any additional jobs added to that job group at a later +time will be enabled by default. + +![Disable Job from Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/disablejob.webp) + +**Step 2 –** Right-click on the job group or job and select **Disable Job(s)** from the menu. + +![Disabled Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/disabledjob.webp) + +The job is now disabled. If a job group was selected, all the jobs in the group are now disabled. +Disabled jobs are grayed out, and a red cross is displayed in front of the job. + +![Disabled Job Description page banner](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/disabledjob2.webp) + +A yellow banner also notifies users that a job is disabled in the Job’s Description page. + +Additionally, if a disabled job is run, a warning message appears in the Messages table stating: +`[UserName] requested [JobName] to run but it is in a disabled state`. Job statistics also do not +display on the job’s description page. + +## Enable a Job + +Jobs that have been disabled can be enabled from the Jobs tree. Following the steps to enable a +disabled job. + +**Step 1 –** Select the disabled job. If multiple jobs in a job group are disabled, select the job +group to enable all of the disabled jobs. + +![Enable Job from Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/enablejob.webp) + +**Step 2 –** Right-click on the job group or job and select **Enable Job(s)** from the menu. + +The job is now enabled. If a job group was selected, all the jobs in the group are now enabled. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/overview.md b/docs/accessanalyzer/12.0/admin/jobs/job/overview.md new file mode 100644 index 0000000000..ce5c70dee5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/overview.md @@ -0,0 +1,155 @@ +# Jobs + +An Access Analyzer job is responsible for running data collection, conducting data analysis, +executing actions on collected or analyzed data, or generating reports. Each of these are configured +in the corresponding section under the job’s Configure node. A single job can be configured to +execute one or multiple tasks. See the [Configure Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/overview.md) topic for additional +information. + +![Job structure in the Job's Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/jobnode.webp) + +**_RECOMMENDED:_** Use job group organization to spread these tasks across jobs. For example, create +a job to run a query and a second job to run analysis or generate a report. Then use the job group +structure to run those jobs together in the proper order. + +Jobs do not have a Settings node like a job group. Job Properties provide the option to break +inheritance on global or job group settings. See the [Job Properties](/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md) topic +for additional information. + +Once a job has been configured and is being executed, job progress can be viewed at the **Running +Instances** node on the Navigation pane. See the +[Running Instances Node](/docs/accessanalyzer/12.0/admin/runninginstances/overview.md) topic for additional information. + +![Running Job](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/jobrunning.webp) + +At the bottom of the Access Analyzer Console, there is an indication of how many jobs are in queue +and the **View Job Progress** link, which opens the Running Instances node. + +When a job execution has completed, the tables, views, and reports generated by the job are +accessible under the job’s Status and Results nodes. See the [Status Node](/docs/accessanalyzer/12.0/admin/jobs/job/status.md) and +[Results Node](/docs/accessanalyzer/12.0/admin/jobs/job/results.md) topics for additional information. Reports are also accessible through +the Web Console. + +## Job Description Page + +The Job Description page displays shortcuts, links, and important information on the job. The Job +Page allows users to view and modify common job configurations, such as Connection and Storage +profiles, job properties, SQL analysis parameters, and PowerShell parameters. Depending on the type +of job, the description page will appear different and display information specific to the job +selected. + +| ![Pre-Configured Job Description page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpagenewjob.webp) | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Pre-Configured Job | User-Created Job | + +The two types of Job Groups in Access Analyzer are: + +- Pre-configured – The job description page provides a brief summary of the purpose of the job, the + reports and data contained within it, and summary information of the last five times the job was + executed +- User Created – The job description page of User Created jobs will be blank until the job is + configured + +Pre-configured job description pages provide users with shortcuts and links to many of the functions +that can be accessed under the **[Job Group]** > **[Job]** node in the Jobs Tree in the Navigation +Pane. + +![Job Description page options](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpageoptions.webp) + +The sections and options of the job description page are: + +- Properties – Opens the Job Properties window. See the [Job Properties](/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md) + topic for additional information. +- Status – Opens the job Status page. See the [Status Node](/docs/accessanalyzer/12.0/admin/jobs/job/status.md) topic for additional + information. +- Results – Opens the job Results page. See the [Results Node](/docs/accessanalyzer/12.0/admin/jobs/job/results.md) topic for additional + information. +- Configure – Opens the job Configure page. See the [Configure Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/overview.md) topic + for additional information. +- Run Now – Executes the job +- Schedule – Opens the Schedule Wizard +- Open Folder – Opens the job folder location with supporting files in the Windows Explorer +- View Log – Opens the job’s log + +![Job Description page Overview section](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpageoverview.webp) + +The Overview section provides summary information about the job, and includes the following +information: + +- Inherited settings – Job settings can be applied directly or inherited from a parent job group or + even the General Settings level. See the + [Jobs with Inherited Settings](#jobs-with-inherited-settings) topic for additional information. +- Reports – Displays a list of reports that are generated by this job +- Results – Displays a list of data tables and views created and populated by the job +- Configuration - If applicable, configure parameters for the job's analysis tasks + + - See the [Parameter Configuration](#parameter-configuration) topic for additional information. + +- Job Statistics – Displays important information for the last five times the job was executed + including: + + - Timestamp – Date timestamp of when job was initiated + - Status – Displays information on job status (Running, Success, Error) + - Duration – Displays length of time each job took + +- Graph – Displays a line graph that has information for the last five times the job was executed + +Prior to running any job or job group, ensure the following have been properly configured: + +- Queries, Analysis, Actions, and Reports are configured as desired +- If collecting data, at least one host list has been assigned +- If a host list is assigned, the appropriate Connection Profile with credentials to collect data + from the targeted hosts has been assigned + +Finally, ensure these settings are configured at the recommended location for the job or job group +and that the inheritance of settings is adjusted accordingly. + +### Jobs with Inherited Settings + +Job settings can be applied directly or inherited from a parent job group or even the General +Settings level. If settings are applied directly to a job, these are shown in the Overview section +under the job description: + +![Job Inherited settings](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/inheritedsettings.webp) + +In the example above, the **Assigned 1 Host List** setting is applied directly to the job. Other +settings are inherited from the parent job group. Clicking the **Show inherited settings** button +opens this list of the inherited settings. + +The following settings can be inherited from a parent: + +| Setting | Description | +| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Connection profile | The tooltip shows the account name used in the connection profile. Clicking the button opens the parent Connection settings for the selected job. See the [Connection Node](/docs/accessanalyzer/12.0/admin/jobs/group/connection.md) topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit the Profile – Clicking the link opens the Connection settings for the current profile - Use Default Profile – Clicking the link applies the connection profile set as default on a global level to a job. In this case, this setting will be hidden under the **Show Inherited Settings** button. - List of existing profiles – Allows switching between existing connection profiles and apply a desired one to a job | +| Data Retention Period | The tooltip shows the current value for the data retention period (by default, Never retain previous job data). Clicking the button opens the parent History settings for the selected job. See the [History Node](/docs/accessanalyzer/12.0/admin/jobs/group/history.md) topic for additional information. | +| Log Retention Period | The tooltip shows the current value for the log retention period (by default, Retain previous job log for 7 times). Clicking the button opens the parent History settings for the selected job. See the [History Node](/docs/accessanalyzer/12.0/admin/jobs/group/history.md) topic for additional information. | +| Hosts Lists | The tooltip shows the number and the names of the host lists assigned to this job. If you have more than three host lists assigned to a job, the tooltip shows 3 hosts name and the number of other hosts lists assigned (for example, if 5 hosts are assigned it shows `Host1, Host2, Host3 + 2 more`). Clicking the button opens the parent Host Lists setting for the selected job. See the [Hosts Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/hosts.md) topic for additional information. | +| Reporting Settings | Clicking the Reporting Settings button opens the parent Reporting settings for the selected job including publishing options, email settings, and roles. See the [Reporting Node](/docs/accessanalyzer/12.0/admin/jobs/group/reporting.md) topic for additional information. | +| Storage Profile | The tooltip shows the current SQL Server instance, database name, user account, and authentication type used for the selected job. See the [Storage Node](/docs/accessanalyzer/12.0/admin/jobs/group/storage.md) topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available - Edit This Profile – Clicking the link opens the Storage settings for the current profile - Use Default Profile – Clicking the link applies the storage profile set as default on a global level to a job. In this case, this setting will be hidden under the **Show Inherited Settings** button - List of existing profiles – Allows switching between existing storage profiles and apply a desired one to a job | + +### Parameter Configuration + +If a job has analysis parameters that can be customized, those parameters can be configured in the +Configuration section of the Job Description Page. + +Follow the steps to configure customizable parameters using the Configuration option on the Job +Description Page: + +**Step 1 –** Navigate to the **Jobs > [Job Group] > [Job]** node. If the job has customizable +parameters, they will be located under Configuration in the job's Overview section. + +![Configuration section of Job description page](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpageconfigurationsection.webp) + +**Step 2 –** Click on a parameter to open the Parameter Configuration window. + +**NOTE:** To view a tool-tip that contains information about the Variable Name and the Task Name +that the parameter is associated with, hover the mouse over the parameter. + +![Parameter Configuration Window](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/parameterconfigurationwindow.webp) + +**Step 3 –** Configure the parameter in the Parameter Configuration window. Click **Save** to save +changes and exit the window. Click **Cancel** to exit without saving. + +The parameter has now been configured. The parameters can also be configured in the Analysis Node +under the job's Configure Node. See the [Analysis Node](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysis.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/autoretry.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/autoretry.md new file mode 100644 index 0000000000..e2eb852df7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/autoretry.md @@ -0,0 +1,16 @@ +# Auto Retry Tab + +The Auto Retry tab provides the option to schedule the job to re-execute against hosts that match +the selected host status values: Offline, Failed, Errors, and Warnings. + +![Auto Retry tab of Job Properties](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/autoretry.webp) + +Check the desired Host Status values to generate a retry, and then configure the Refresh Data and +Retry Options settings. Finally, enter a User name (domain\user) and Password in the Scheduler +Authentication section. + +**NOTE:** To update the password for an existing account, enter a new password in the Password +field. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/connection.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/connection.md new file mode 100644 index 0000000000..740fc4cef7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/connection.md @@ -0,0 +1,20 @@ +# Connection Tab + +The Connection tab is for configuring the Connection Profile. Choose to use the default settings +(the global configuration or configuration set via broken inheritance at a job group level), to use +the system default (the account being used to run Access Analyzer), or to select another Connection +Profile. + +**NOTE:** It is a best practice to set the Connection Profile at the same level where the job’s host +list is set. For example, if the host list is set under the job group’s **Settings** node, then that +is where the Connection Profile should be configured. If the host list is set under the **[Job]** > +**Configure** node, then this is where the Connection Profile should be configured. + +![Connection tab of the Jop Properties](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxml.webp) + +Select the desired option to identify the required Connection Profile for the job. See the +[Connection Node](/docs/accessanalyzer/12.0/admin/jobs/group/connection.md) topic for additional information for the three +connection options. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/general.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/general.md new file mode 100644 index 0000000000..bb6efa2434 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/general.md @@ -0,0 +1,50 @@ +# General Tab + +The General tab is for changing the job name and description. + +![General tab of Job Properties](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/general.webp) + +The following options are available: + +- Job Name +- Description +- Log Level – Indicates the job log level, which can be inherited from the global **Settings** > + **Application** log level or customized here. See below for additional information. +- Write CSV Files To Job Output Directory – Exports the native data table created by a query to a + CSV file in the job’s output directory. If there are multiple tables in the job, this option + creates one file per table. +- Timeout [value] minutes – Job’s thread timeout value +- Command – Provides the ability to enter a command that will be executed from the command line upon + job completion + +## Log Level + +The log level feature includes the following options: + +- Use global setting – use the Application log level feature, configured at the global level. + + **NOTE:** By selecting the another option from the drop-down list, you break inheritance for + this job. + +- Debug – Records everything that happens during job execution, most verbose level of logging + - Records all Info level information + - Records everything else that happens + - Creates the largest file +- Info – Records information about what stage of the job is being performed when errors or warnings + occurred + - Records all Warning level information + - Records job progress information +- Warning – Records all warnings which occur during job execution + - Records all Error level information + - Records all warnings and the time of occurrence +- Error – Records all errors which occur during job execution + - Records job start time + - Records errors and the time of occurrence + - Records job completion time + +**NOTE:** You can switch between log levels. All the levels, including the one that you choose, +shall be set for messaging in the application. + +![Log Level Options](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/generalloglevel.webp) + +For example, this is where you set the messaging for Info, Warning, or Error at a job level. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/history.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/history.md new file mode 100644 index 0000000000..83dbbbe7b6 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/history.md @@ -0,0 +1,15 @@ +# History Tab + +The History tab is for configuring the Data Retention and Log Retention periods. Choose either to +use the default settings, which could be either the global configuration or configuration set via +broken inheritance at a job group level, or to configure settings just for this job. + +![History tab of the Job Properties](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/history.webp) + +By default, all jobs are set to inherit the Data Retention Period and Log Retention Period settings, +the **Use Default Setting** option. Deselect the **Use Default Settings** option to configure custom +settings for the job. Then provide the desired Data Retention Period and Log Retention Period +settings. See the [History](/docs/accessanalyzer/12.0/admin/settings/history.md) topic for additional information. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/notification.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/notification.md new file mode 100644 index 0000000000..e1b8879a84 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/notification.md @@ -0,0 +1,14 @@ +# Notification Tab + +The Notification tab is where email notifications are configured at the job level. Choose either to +inherit the global configuration or to configure settings just for this job. + +![Notification tab of Job Properties](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/notification.webp) + +Deselect the **Use Global Settings** option to configure custom settings for the job. Then provide a +specific list of recipients for email notifications generated by this job. Multiple email addresses +can be input by adding a semicolon (;) and space between entries. This is specific to Notification +analysis module tasks. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md new file mode 100644 index 0000000000..7568dc1988 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md @@ -0,0 +1,28 @@ +# Job Properties + +Jobs can be configured to inherit global settings down through parent job groups or to be +individually configured at the job level through the Job Properties window. + +![Open Job Properties from Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/jobstree.webp) + +To configure a job’s properties, open the Job Properties window by right-clicking on the job's node +in the Navigation pane and selecting **Properties**. + +The properties can be configured at the job level within the Job Properties window using the +following tabs: + +- [General Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/general.md) +- [Performance Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/performance.md) +- [Notification Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/notification.md) +- [Report Settings Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportsettings.md) +- [Report Roles Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportroles.md) +- [Storage Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/storage.md) +- [Connection Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/connection.md) +- [Auto Retry Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/autoretry.md) +- [History Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/history.md) + +You can click the **View XML** button at the bottom of the window to open the job’s XML file. See +the [View Job XML File](/docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxml.md) for additional information. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/performance.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/performance.md new file mode 100644 index 0000000000..06017154d7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/performance.md @@ -0,0 +1,23 @@ +# Performance Tab + +The Performance tab provides options that can be used to improve job performance and runtime. + +![Performance tab of Job Properties](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/performance.webp) + +Adjust the following settings by sliding the needle up and down the line: + +- Concurrent Worker Threads – The number of worker threads selected equals the number of hosts being + queried concurrently. If needed, this value can be increased. +- Skip Hosts that do not respond to PING – Selected by default. Deselect if a target host has been + configured to not respond to PING requests, allowing Access Analyzer to scan the target host + without a PING response. + + **NOTE:** In most cases, it is not recommend to deselect this option, as it causes the job to + continue querying offline hosts until the job timeout value is reached, set by default to 20 + minutes. + +- PING Timeout – The PING timeout value is the number of seconds before a host is identified as + offline for not responding to PING + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportroles.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportroles.md new file mode 100644 index 0000000000..477819bbc0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportroles.md @@ -0,0 +1,36 @@ +# Report Roles Tab + +The Report Roles tab is part of the Role Bases Access feature of Access Analyzer. If Role Based +Access has been enabled, the table displays all accounts that can view reports within the Web +Console. If Role Based Access has not been enabled, all accounts have access to all reports, and the +table is blank. See the [Role Based Access](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md) topic +for additional information. + +![Report Roles tab of Job Properties](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/reportroles.webp) + +On the Report Roles tab, report role inheritance cannot be broken. Access to reports is inherited +from the global level to job groups to jobs to report configuration. All user roles configured at +the global level (**Settings** > **Roles**) are inherited down to all reports. Only the Global +Options Administrator, the Access Administrator, and the Host Management Administrator do not have +access to reports. + +The **Include Report Viewers from this object's parent** option can be unchecked to automatically +remove any user with the Report Viewer role inherited from a parent object to the job. Remember, +this does not apply to global inheritance. + +Additional accounts can be added with the Report Viewer role at the job level and inherited down to +all reports generated by the job. Click **Add Report Viewer** to open the Select User or Group +window and grant a new account access to these reports. Inheritance can be broken for accounts that +have not inherited the report role from the global level. Select an account and click **Delete +Report Viewer** to deny access to the reports. + +The table displays the following information: + +- Account Name – NT Style account name +- Type – Account type (user or group) +- Role – Role assigned to account which grants access to reports +- Inherited From – Indicates the level at which the account was granted access to reports. Remember, + global inheritance cannot be broken. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportsettings.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportsettings.md new file mode 100644 index 0000000000..d58c430311 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportsettings.md @@ -0,0 +1,17 @@ +# Report Settings Tab + +The Report Settings tab is for configuring publishing of Access Analyzer reports generated by this +job. Choose either to use the default settings, which could be either the global configuration or +configuration set via broken inheritance at a job group level, or to configure settings just for +this job. + +![Report Settings tab of Job Properties](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/reportsettings.webp) + +Use the Publish Options drop-down menu to customize the publish setting for the job. To configure +custom Email settings for the job, select the **Use These Email Settings** option and then provide +the desired Email information. Multiple email addresses can be input by adding a semicolon (;) and +space between entries. See the [Reporting Node](/docs/accessanalyzer/12.0/admin/jobs/group/reporting.md) topic for additional +information on the Publish and Email options. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/storage.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/storage.md new file mode 100644 index 0000000000..d915d09ae4 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/storage.md @@ -0,0 +1,16 @@ +# Storage Tab + +The Storage tab is for configuring the Storage Profile. Choose either to use the default settings, +which could be either the global configuration or configuration set via broken inheritance at a job +group level, or to configure settings just for this job. + +![Storage tab of the Job Properties](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/storage.webp) + +By default, all jobs are set to inherit the storage setting, the **Use Default** option. To +configure a different profile for the job, select the **Use This Profile** option and select the +desired Storage Profile from the drop-down menu. Storage Profiles can only be configured at the +**Settings** > **Storage** node. See the [Storage](/docs/accessanalyzer/12.0/admin/settings/storage/overview.md) topic for +additional information. + +Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if +no changes were made. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxml.md b/docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxml.md new file mode 100644 index 0000000000..f36aa6027a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxml.md @@ -0,0 +1,19 @@ +# View Job XML File + +At the bottom of the Job Properties window is the **View XML** button. To view the XML file, click +**View** XML. + +| ![View XML button on Job Properties window](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxml.webp) | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | +| Job Properties Window | Job XML File | + +This opens the job’s XML file, which contains all of the job, query, and reporting configurations. +When the log level is directly set at job level, the job XML `` parameter will show a +value of: + +- 0 for Debug +- 1 for Info +- 2 for Warning +- 3 for Error + +**NOTE:** Job analysis configurations are kept in a separate XML file. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/results.md b/docs/accessanalyzer/12.0/admin/jobs/job/results.md new file mode 100644 index 0000000000..20131a4bad --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/results.md @@ -0,0 +1,27 @@ +# Results Node + +Once a job has been executed, the query populated native data tables, the analysis and action +populated materialized tables and views, and the generated reports can be viewed under the job’s +Results node. + +**NOTE:** Native data tables are only populated by jobs with configured queries. Materialized tables +and views are only generated by jobs with configured analysis or action tasks. Reports are only +generated by jobs with configured reports. + +![Results Node](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/resultsnode.webp) + +Every job generates a native data table when executed, which appears at the top of the Results node. +The native data table, or raw data table, is produced by query execution. It contains all raw data +collected by the scan. It is often named DEFAULT, but may have another name that is set during query +configuration. If no query is executed by the job, the DEFAULT table is listed as a placeholder only +and will be empty (0 rows). It is possible to have multiple queries in the same job, though not +recommended. These queries could write to the same native data table, or each query could write to +its own native data table. If multiple native data tables are being generated by one job, they are +listed in alphanumeric order at the top of the Results node list. + +Analysis tasks can be configured to generate materialized tables and views. Action tasks create +action status tables. These appear beneath the native data tables under the Results node in +alphanumeric order. + +Finally, any reports generated by the job, both published and unpublished, will be listed beneath +the materialized tables and views in alphanumeric order. diff --git a/docs/accessanalyzer/12.0/admin/jobs/job/status.md b/docs/accessanalyzer/12.0/admin/jobs/job/status.md new file mode 100644 index 0000000000..18a8fd2afe --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/job/status.md @@ -0,0 +1,32 @@ +# Status Node + +Once a job has been executed, it always generates the tables providing information on host +connection status, job statistics, job task statistics, and error and warning messages can be viewed +under the job’s Status node: + +![Status Node](/img/product_docs/accessanalyzer/12.0/admin/jobs/job/statusnode.webp) + +The Status node tables are: + +- ConnectStatus table – Lists all hosts queried during job execution and the access status of the + scan, unless the System Default is being used +- Job Stats table – Provides information on the selected job’s runtime details, according to the + global configuration set in the **Settings** > **Application** node. By default, this is set to + not filter the data. +- Task Stats table – Provides information for each task run during job execution, according to the + global configuration set in the **Settings** > **Application** node. By default, this is set to + filter to the most recent data. + + **NOTE:** The Job Statistics Retention settings in the **Settings** > **Application** node + control how long the job statistics history is kept in the database and displayed Job Stats and + Task Stats tables. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for + additional information. + +- Messages table – Provides a list of any warning or error messages that occurred during the + execution of the job. For example, a frequently generated message is + `WARNING: No Host found for processing`. + + - If this message is generated by an analysis or reporting job, then there is no problem as that + type of job does not need a host list assigned + - However, if this message is generated by a job running a data collection query, this warning + would explain why the native data table is empty diff --git a/docs/accessanalyzer/12.0/admin/jobs/overview.md b/docs/accessanalyzer/12.0/admin/jobs/overview.md new file mode 100644 index 0000000000..737f385b63 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/jobs/overview.md @@ -0,0 +1,107 @@ +# Jobs Tree + +Jobs are the fundamental unit of Access Analyzer. It is through jobs that all data collection +queries, analysis tasks, notification tasks, action tasks, and report generation occur. Jobs are +housed within the Jobs tree of the Navigation pane. + +The Jobs Tree is located in the Navigation Pane on the Access Analyzer Console. + +![Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/jobs/jobstreeoverview.webp) + +Clicking on the arrow next to the Jobs node will expand it. The Jobs tree is organized +alphanumerically, first by job groups and then by any jobs that are independent of job groups. + +Each component within the Jobs tree has an icon for quick reference. The icons are: + +| Icon Description | Description | +| -------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | +| ![jobgroup](/img/product_docs/accessanalyzer/12.0/admin/jobs/jobgroup.webp) | Job Group | +| ![modifiedjobgroup](/img/product_docs/accessanalyzer/12.0/admin/jobs/modifiedjobgroup.webp) | Modified Job Group | +| ![settings](/img/product_docs/accessanalyzer/12.0/admin/jobs/settings.webp) | Settings node for a Job Group/ Configure node for a job | +| ![job](/img/product_docs/accessanalyzer/12.0/admin/jobs/job.webp) | Job | +| ![modifiedjob](/img/product_docs/accessanalyzer/12.0/admin/jobs/modifiedjob.webp) | Modified Job | +| ![lockedjob](/img/product_docs/accessanalyzer/12.0/admin/jobs/lockedjob.webp) | Locked Job (Only applicable to Role Based Access feature) | +| ![status](/img/product_docs/accessanalyzer/12.0/admin/jobs/status.webp) | Status node for a Job | +| ![connectstatus](/img/product_docs/accessanalyzer/12.0/admin/jobs/connectstatus.webp) | Job’s ConnectStatus Node | +| ![jobstatus](/img/product_docs/accessanalyzer/12.0/admin/jobs/jobstatus.webp) | Job Status for a Job | +| ![taskstatus](/img/product_docs/accessanalyzer/12.0/admin/jobs/taskstatus.webp) | Task Status for a Job | +| ![results](/img/product_docs/accessanalyzer/12.0/admin/jobs/results.webp) | Results node for a Job | +| ![messages](/img/product_docs/accessanalyzer/12.0/admin/jobs/messages.webp) | Job’s Messages table | +| ![jobsdata](/img/product_docs/accessanalyzer/12.0/admin/jobs/jobsdata.webp) | Job’s Data Table or View | +| ![jobsreport](/img/product_docs/accessanalyzer/12.0/admin/jobs/jobsreport.webp) | Job’s Report | + +A green checkmark over a Job or Job Group icon indicates a configuration change has been made to the +job or job group. The global settings configured under the Settings node are inherited down through +the Jobs tree to the job unless inheritance is broken in a job group’s Settings node, a job’s +Configure node, or a job’s Properties window. See the +[Navigating the Console](/docs/accessanalyzer/12.0/admin/navigate/overview.md) for additional information. + +## Job Execution Options + +Access Analyzer is designed to execute jobs one at a time in the order assigned. If a job group is +run, the jobs execute in the order listed within the job group. Job groups are designed to run data +collection jobs before running analysis and reporting jobs. If multiple jobs are independently +triggered to run, the jobs execute in the order triggered. + +Jobs execution options include: + +- Manual or Ad Hoc + - Applies logged in user’s credentials to execute the job on the Access Analyzer Console server + - Job progress can be monitored through the **Running Instances** node + - Order of job execution can be manipulated on the **Running Instances** node + - Closing the Access Analyzer Console terminates the running job and clear the jobs queue +- Schedule + - Applies Schedule Service Account credentials to execute the job through Windows Task Scheduler + - Each scheduled task independently employs the Access Analyzer application, allowing unrelated + tasks to run simultaneously + - Runs on schedule whether a user is logged in or not + +## Changes Window + +The Changes window is where jobs are created by customers or professional services engineers. Custom +jobs can be enabled to track changes to configuration settings. When enabled, configuration changes +are tracked in change logs stored within the job folder. Changes can also be viewed within this +window. + +Remember, custom jobs are not shipped with Access Analyzer but instead user created. + +The Changes window opens from the **Changes** option in the right-click menu from the selected Jobs +tree, job group, or job node. + +![Changes Window](/img/product_docs/accessanalyzer/12.0/admin/jobs/changeswindow.webp) + +Select **Enabled** from the drop-down menu in the upper-left corner to turn on change tracking of +configuration settings. Select a modification from the table and click **Undo** to revert the +change. + +The window columns display the following information: + +- Job Path – Path to the job where the configuration change occurred, only visible when viewed at + the Jobs tree or job group level +- Component – Component of the job where the configuration change occurred, for example Job, Query, + or Analysis +- Modification – Type of change that was made, for example Add or Update +- Task – Name of the analysis or action task modified, only populated when the change occurred to an + Analysis or Action component +- Setting – A changed setting +- Value – New setting value. If the modification was an update, this displays both the old and the + new setting value. + +Select a modification from the table and click **Undo** to revert the change. + +If configuration change tracking is **Disabled**, configuration changes are only written directly to +the job’s XML file. If the configuration change tracking feature was previously enabled and then +disabled at a later time, an option is provided to merge changes back into the job’s XML file. + +![Change Window Merge Changes](/img/product_docs/accessanalyzer/12.0/admin/jobs/changeswindowmerge.webp) + +To merge the changes into the job’s XML file without disabling the configuration change tracking +feature, click **Merge** on the bottom left corner of the Changes window and then click **Yes** on +the Access Analyzer pop-up window to confirm the merge. + +![Changes Window Locked](/img/product_docs/accessanalyzer/12.0/admin/jobs/changeswindowlocked.webp) + +Changes between releases are tracked. Only jobs that are locked can be upgraded. + +**NOTE:** Jobs that are included in Access Analyzer are locked and changes cannot be made to those +jobs. diff --git a/docs/accessanalyzer/12.0/administration/maintenance/antivirus-exclusions.md b/docs/accessanalyzer/12.0/admin/maintenance/antivirusexclusions.md similarity index 100% rename from docs/accessanalyzer/12.0/administration/maintenance/antivirus-exclusions.md rename to docs/accessanalyzer/12.0/admin/maintenance/antivirusexclusions.md diff --git a/docs/accessanalyzer/12.0/admin/maintenance/backuprecovery.md b/docs/accessanalyzer/12.0/admin/maintenance/backuprecovery.md new file mode 100644 index 0000000000..43ca1e6989 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/maintenance/backuprecovery.md @@ -0,0 +1,96 @@ +# Backup and Recovery + +For data recovery purposes, the Access Analyzer does not need a complete image back up of the Access +Analyzer Console server. Rather a standard file level back up of a few key components is all that is +necessary. This document contains a step-by-step guide for back up and recovery. The choice of back +up utility is left to the Access Analyzer user. + +**NOTE:** This does not cover back up of the Access Analyzer database. + +## Steps to Back Up the Console Server + +Follow these steps to back up the key components necessary for data recovery of the Access Analyzer +Console server. + +**Step 1 –** Obtain or save the installation media for Access Analyzer. + +**Step 2 –** Back up the following files and folders from the Access Analyzer folder (Typically +found at `C:\Program Files(x86)\STEALTHbits\StealthAUDIT` and can be more directly found with the +built-in environment variable `%SAINSTALLDIR%`): + +- ...\STEALTHbits\StealthAUDIT\Jobs: Contains the jobs from the Access Analyzer jobs tree +- … \STEALTHbits\StealthAUDIT\CLU: Contains any CLU parameters +- … \STEALTHbits\StealthAUDIT\ODBCProfiles\Custom: Contains any custom ODBC connect strings +- …\STEALTHbits\StealthAUDIT\SADatabase\Views: Contains the host list definitions +- ...\ STEALTHbits\StealthAUDIT\SecurityMap: Contains all of the Connection Profiles +- ... \STEALTHbits\StealthAUDIT\GlobalOptions.XML: Contains the Global Options +- ...\ STEALTHbits\StealthAUDIT\SPProfiles.XML: Contains the Storage Profiles (SQL connection) +- ...\ STEALTHbits\StealthAUDIT\rba.conf: Contains the Role Based Access Configuration +- ...\ STEALTHbits\StealthAUDIT\StealthAUDIT.LIC: The license key + +**Step 3 –** Back up all Scheduled Tasks. The method of back up is determined by the Access Analyzer +user. This can be as simple as copying the contents of the tasks folder from the following two +locations: + +![C:\Windows\Tasks](/img/product_docs/accessanalyzer/12.0/admin/maintenance/maintenance_3.webp) + +- C:\Windows\Tasks + +![C:\Windows\System32\Tasks](/img/product_docs/accessanalyzer/12.0/admin/maintenance/maintenance_4.webp) + +- C:\Windows\System32\Tasks + +All key components necessary for data recovery have now been backed up. + +## Steps to Restore the Console Server + +Follow these steps for data recovery of the Access Analyzer Console server. + +**Step 1 –** Confirm the prerequisites have been met on the Access Analyzer Console Server. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for specific prerequisites. + +**Step 2 –** Install the Access Analyzer application. Do not start the Access Analyzer application +at this time. + +**Step 3 –** Restore all of the backed up files and folders from Step 2 of Steps to Back up the +Access Analyzer Console Server to their corresponding location. + +**Step 4 –** Restore all of the backed up scheduled tasks from Step 3 of Steps to Back up the Access +Analyzer Console Server to the corresponding tasks folder of the operating system. + +**Step 5 –** For Host Management and Host List Replication in a new host scenario, run the following +code within the SQL Studio on the Access Analyzer database. + +- Replace `OldServer` and `NewServer` in the script below with the names of the old and new Access + Analyzer servers + +``` +Declare @OHost varchar (128) +Declare @NHost varchar (128) +Set @OHost = 'OldServer' +Set @NHost = 'NewServer' +Update [HostMaster_SANodeFilter] +SET SA_Node = @NHost +Where SA_Node = @OHost; +Update [HostListsTbl] +SET SA_Node = @NHost +Where SA_Node = @OHost +and ListID not in (Select ListID from [HostListsTbl] where SA_Node = @NHost); +Update [QueryTbl] +SET SA_Node = @NHost +Where SA_Node = @OHost; +``` + +**Step 6 –** Start Access Analyzer and confirm all settings and jobs have been restored. + +**Step 7 –** Enable Role Based Access to write the necessary registry keys: + +![Role Based Access](/img/product_docs/accessanalyzer/12.0/admin/maintenance/maintenance_5.webp) + +- Navigate to the **Settings** > **Access** node in the Access Analyzer Console and select + **Access** +- Use the **Add Access**, **Edit Member Role**, and **Delete Member Role** buttons to add, remove, + and edit roles +- See the [Role Based Access](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md) topic for more information + +The Access Analyzer Console Server is now restored. diff --git a/docs/accessanalyzer/12.0/administration/maintenance/best-practices.md b/docs/accessanalyzer/12.0/admin/maintenance/bestpractices.md similarity index 100% rename from docs/accessanalyzer/12.0/administration/maintenance/best-practices.md rename to docs/accessanalyzer/12.0/admin/maintenance/bestpractices.md diff --git a/docs/accessanalyzer/12.0/admin/maintenance/overview.md b/docs/accessanalyzer/12.0/admin/maintenance/overview.md new file mode 100644 index 0000000000..447be2ea11 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/maintenance/overview.md @@ -0,0 +1,10 @@ +# Application Maintenance and Best Practices + +The following topics contain information needed for application maintenance and troubleshooting for +the Access Analyzer Console: + +- [Antivirus Exclusions](/docs/accessanalyzer/12.0/admin/maintenance/antivirusexclusions.md) +- [Updating Passwords](/docs/accessanalyzer/12.0/admin/maintenance/updatepasswords.md) +- [Backup and Recovery](/docs/accessanalyzer/12.0/admin/maintenance/backuprecovery.md) +- [Troubleshooting](/docs/accessanalyzer/12.0/admin/maintenance/troubleshooting.md) +- [Best Practices](/docs/accessanalyzer/12.0/admin/maintenance/bestpractices.md) diff --git a/docs/accessanalyzer/12.0/admin/maintenance/troubleshooting.md b/docs/accessanalyzer/12.0/admin/maintenance/troubleshooting.md new file mode 100644 index 0000000000..2f28496e30 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/maintenance/troubleshooting.md @@ -0,0 +1,77 @@ +# Troubleshooting + +There are some general things to know when getting started troubleshooting Access Analyzer: + +- Access Analyzer Install Directory Shortcut – `%sainstalldir%` + +The shortcut opens the installation folder location where the Access Analyzer application is +installed. The default installation directory is: + +C:\Program Files (x86)\STEALTHbits\StealthAUDIT\ + +If the installation directory was customized during installation, it will be: + +…\STEALTHbits\StealthAUDIT\ + +The Access Analyzer install directory has several logs that can be accessed for troubleshooting +purposes. This includes: + +- The Application log which contains logging of all activities within Access Analyzer +- The Upgrade log which logs activities related to the upgrade process +- The upgrade archive which is a zip file containing all of your Access Analyzer jobs prior to the + upgrade process +- Sensitive Data logs that contain details from sensitive data scans performed against various + repositories +- Artifacts from various data collection routines such as tier 2 database files created from File + System or SharePoint scanning + +See the [Logs](#logs) topic for additional information. + +## Logs + +Access Analyzer has a few areas where it stores logs. Make sure the log level is set to DEBUG in +Access Analyzer to gather all necessary information. Once the logs have been created and sent to +Netwrix Support, then reset the logging level to save disc space. + +To set your logging level to debug go to **Settings** > **Application** – **Set the Application log +level to Debug** and restart the application. + +#### Where Are the Logs Located? + +| Log Name | Log Location | +| --------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SADebug (Access Analyzer Console) | `%sainstalldir%SADatabase\Logs\Application` SADebug Logs will be saved in the format: SADebug-[timestamp]-[PID].tsv | +| Job Log (Access Analyzer Console) | Windows File Explorer Shortcut: `%sainstalldir%Jobs\Group_Name\Job_Name\Output\nameofjob.tsv` Console Shortcut: **Right click job** > **Explore folder** > `nameofjob.tsv` | +| ExchangePS logs (Access Analyzer Console) | `%sainstalldir%PrivateAssemblies\GUID` | +| PowerShell Logs (Access Analyzer Console) | `%sainstalldir%Jobs\SA_CommonData\PowerShell` | +| PowerShell logs (Remote Host): | ` C:\Program Files(x86)\STEALTHbits\StealthAUDIT\Applet\Powershell\GUID` | +| RPC logs (File System Action Module) | `FileSystemAM\RPCLogs` | +| SMARTLog logs (Remote Host) | `C:\Program Files(x86)\STEALTHbits\StealthAUDIT\Applet\SmartLog` | +| SMARTLog logs (Access Analyzer Console) | `%SAInstallDir%Jobs\SA_CommonData\SmartLog` | +| SMARTLog Persistence File (Access Analyzer Console) | `%SAInstallDir%Jobs\SA_CommonData\SmartLog\GUID\Host` | +| Metrics Logs (Remote Host) | `{Location of Message Tracking Logs}\ SA_ExchangeMetricsData\NameofQuery` | +| Metrics Persistence File (Access Analyzer Console) | `%SAInstallDir%Jobs\SA_CommonData\Metrics\GUID\Host` | +| Web Server Logs | `%sainstalldir%SADatabase\Logs\Web` | + +## FSAA Log Naming Conventions + +FSAA Applet Logs: + +All FSAA applet logs have the following naming convention for permissions, activity, sensitive data, +and DFS scan types: + +- `[SCAN TYPE]_[HOSTNAME]_[YEAR]_[MONTH]_[DAY]_[TIME]_{JOB_GUID}_[SessionID].log` + +FSAA Trace Logs: + +Below are two types of FSAA trace logs created while in local, applet, or proxy modes: + +- Parent Trace Log – StealthAUDITRPC*[YYYYMMDD_hhmmss]*[Execution_Host].log + - ProccessID is logged in the job log +- Child Trace Log – + StealthAUDITRPC*[session_id]*[ScanType]_[Execution_host]_[Target_host]\_[YYMMDD_hhmmss].log + - ProcessID is logged in the Parent trace log + +When running StealthAUDITRPC as a service, the parent trace log reads as: + +- StealthAUDITRPC.log diff --git a/docs/accessanalyzer/12.0/admin/maintenance/updatepasswords.md b/docs/accessanalyzer/12.0/admin/maintenance/updatepasswords.md new file mode 100644 index 0000000000..23880fda3d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/maintenance/updatepasswords.md @@ -0,0 +1,92 @@ +# Updating Passwords + +Credential passwords in Access Analyzer occasionally need to be updated due to reasons such as the +password expiring due to existing password expiration polices or for security purposes. If a +password change is required, there are multiple types of accounts where credential passwords must be +updated: + +- [Storage Profiles](#storage-profiles) +- [Connection Profiles ](#connection-profiles) +- [Schedule Service Accounts ](#schedule-service-accounts) + + - [Settings > Schedule Node](#settings-schedule-node) + - [Schedules Node](#schedules-node) + - [Jobs](#jobs) + +- [Notifications (if enabled)](#notifications-if-enabled) +- [ServiceNow (if enabled)](#servicenow-if-enabled) +- [Services](#services) + +**NOTE:** When updating passwords in Access Analyzer, you should also check the passwords in Netwrix +Activity Monitor. See the Update Credential Passwords topic in the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for additional information. + +## Storage Profiles + +Storage Profiles manage user authentication with the database. See the +[Update Authentication Credentials in a Storage Profile](/docs/accessanalyzer/12.0/admin/settings/storage/updateauth.md) topic +for information about updating Storage Profile authentication credentials in the Access Analyzer +Console. + +## Connection Profiles + +Connection Profiles are used for scan authentication in the Access Analyzer console. See the +[Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for details on how to edit user credentials +for a Connection Profile. + +For Entra ID, formerly Microsoft Azure Active Directory, accounts, see the +[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/12.0/config/entraid/access.md) topic for additional +information. + +## Schedule Service Accounts + +Access Analyzer uses the Schedule Service Account to run scheduled tasks on the Access Analyzer +Console server. The global account is configured at the Settings > Schedule node. However, a custom +account can be assigned to either a Job or a Scheduled Task. + +### Settings > Schedule Node + +The Settings > Schedule Node displays the Schedule page where you can configure the account used for +executing a scheduled task. See the +[Edit a Schedule Service Account](/docs/accessanalyzer/12.0/admin/settings/schedule.md#edit-a-schedule-service-account) topic for +additional information on editing the user credentials for the account. + +### Schedules Node + +The Schedules Node opens the Scheduled Actions pages where scheduled tasks are listed. From this +page, actions can be scheduled using the Schedule wizard. See the +[Schedule Wizard](/docs/accessanalyzer/12.0/admin/schedule/wizard.md) topic for additional information on updating the +credentials password in the Schedule wizard. + +### Jobs + +Jobs are typically scheduled with the global scheduled account. However, Jobs can also be scheduled +with a custom account. See the [Auto Retry Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/autoretry.md) topic for +information on updating the Schedule Authentication credentials. + +## Notifications (if enabled) + +Email notifications are configured in the Notifications node. The following steps only apply if +Notification authentication has been enabled for the Access Analyzer Console. See the +[Update Notification Authentication Credentials](/docs/accessanalyzer/12.0/admin/settings/notification.md#update-notification-authentication-credentials) +topic for information on updating Notification authentication credentials. + +## ServiceNow (if enabled) + +The ServiceNow Node controls the integration between Access Analyzer and ServiceNow. See the +[Update ServiceNow Authentication Credentials](/docs/accessanalyzer/12.0/admin/settings/servicenow.md#update-servicenow-authentication-credentials) +topic for information on updating ServiceNow authentication credentials. + +## Services + +Depending on your configuration, the credentials for the accounts running the following Netwrix +Access Analyzer (formerly Enterprise Auditor) services may need updating: + +- File System Proxy Service – This service is on the proxy server. See the + [File System Proxy Service Installation](/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md) topic for + additional information. +- Vault Service – See the [Vault](/docs/accessanalyzer/12.0/admin/settings/application/vault.md) topic for additional information +- Web Server Service – See the + [Reports via the Web Console](/docs/accessanalyzer/12.0/install/application/reports/overview.md) topic for additional + information diff --git a/docs/accessanalyzer/12.0/admin/navigate/activitiespane.md b/docs/accessanalyzer/12.0/admin/navigate/activitiespane.md new file mode 100644 index 0000000000..5b7a045a45 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/navigate/activitiespane.md @@ -0,0 +1,20 @@ +# Activities Pane + +The Activities pane displays a list of activities which can be conducted within the currently +selected console section. It is only visible if there are activities available for the selected +section. In the few cases where the Results pane is a wizard, this pane becomes the navigation pane +for the wizard, e.g. the Access Analyzer Host Discovery Wizard. If the currently selected console +section has an associated Activities Pane, it can be found on the right-hand side of the Access +Analyzer Console. + +![activitiespane](/img/product_docs/accessanalyzer/12.0/admin/navigate/activitiespane.webp) + +The following console sections have associated Activities Panes: + +- All Global Settings > [Settings] nodes +- Host Management nodes +- **Host Discovery** node +- Jobs > [Job Group/Job] > Settings node + +The Guidance section of the Activities Pane will display context sensitive information depending on +what the currently selected console section is. diff --git a/docs/accessanalyzer/12.0/admin/navigate/datagrid.md b/docs/accessanalyzer/12.0/admin/navigate/datagrid.md new file mode 100644 index 0000000000..e74ff0ed2b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/navigate/datagrid.md @@ -0,0 +1,262 @@ +# Data Grid Functionality + +All data grids within the Access Analyzer Console have functions and features that allow Access +Analyzer users to group by, filter, and sort via the filtration dialog through the data. + +![Search Methods - Data Grid](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality.webp) + +The different grouping, filtering, and search methods in the Data Grid are: + +- [Data Grid Right-Click Menu](#data-grid-right-click-menu) +- [Sort](#sort) +- [Group By](#group-by) +- [Filter](#filter) + +The Show maximum [value] of total [value] rows, located in the upper-right hand corner of the Data +Grid view in the Results Pane, indicates how many rows of data are available within this data grid +(the first value) and how many rows of data are available in the Access Analyzer database for this +data grid (the second value). The maximum value can be changed by the user and only affects the +maximum number of rows available for this data grid within the Access Analyzer Console. The total +value is automatically supplied from the Access Analyzer database and cannot be changed by the user. +If the total value is less than the maximum value, then all available data for this grid is present +for sorting, filtering, and searching. + +## Data Grid Right-Click Menu + +The right-click menu that affects data grid functionality is accessible by right-clicking on the +data grid header row. + +![Data Grid Functionality](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality1.webp) + +The Data Grid Right-click menu contains the following selections: + +- Sort Ascending – Sorts data by selected column in alphanumeric order +- Sort Descending – Sorts data by selected column in alphanumeric order +- Clear Sorting – Removes all sorting from selected column +- Group By This Field – Groups data or clears grouping of data by selected column +- Group By Box – Hides or shows the Group By Box where headers can be dragged-and-dropped to group + the data +- Footer – Provides a data grid summation row at the bottom of the data grid (see the + [Footer](#footer) section) +- Group Footers – Provides a data grid summation row at the bottom of each group (see the + [Footer](#footer) section) +- Remove This Column – Removes selected column from the data grid +- Field Chooser – Opens the Customization window (see the + [Customization Window](#customization-window) section) +- Best Fit – Changes column width to fit the data within the selected column +- Best Fit (all columns) – Changes column width for all columns to fit the data + +Some data grids include right-click menus for actions on the data. See the corresponding sections +for information on right-click menus within a data grid. + +### Customization Window + +The Customization window can be used to customize the data grid to only display specific columns. + +![Customization Window](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality2.webp) + +To open the Customization window, select Field Chooser from the column header right-click menu. + +![Customization Window](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality3.webp) + +Any column that has been removed from the data grid, either by dragging it off the screen or by +dropping it into this window, will be listed here. A column not currently displayed can be returned +to the data grid by dragging-and-dropping it from this window onto the header row. + +### Footer + +The footer provides a data grid summation row. The summation capabilities exist for every column on +the footer either for the entire data grid or by grouped sections of the data grid. + +![Footer Option](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality4.webp) + +To enable the footer, right-click in a column header and select Footer from the right-click menu. + +![Footer display](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality5.webp) + +The footer appears as a gray bar at the bottom of the grid (or grid group). Right-click on the +footer under the desired column. Only the options applicable to the desired column will be valid for +selection. + +![Footer options](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality6.webp) + +The different footer options are: + +- Sum – Available for columns with numeric values, adds all values in the column +- Min – Available for columns with numeric values, identifies the minimum value in the column +- Max – Available for columns with numeric values, identifies the maximum value in the column +- Count – Counts the number of records within the column +- Average – Available for columns with numeric values, calculates the average value for the column +- None – Removes the selected summation + +## Sort + +The data grid can be sorted in alphanumeric order by clicking on a column header. + +![Sort Order](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality7.webp) + +An arrow displays on the column header indicating if the sort is increasing or decreasing. This +feature only works on one column at a time. + +## Group By + +Users can interact and search through data grids in the Results Pane. + +| ![Default Group By View](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality9.webp) | +| -------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | +| Default view | Organized by Column Header | + +To use this feature, drag a column header into the “Drag a column header here to group by that +column” area. The data grid groups according to the data within that column. The sub-header provides +a ‘count’ of records within each group. Expand the group to view the data. + +![Expand Group View](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality10.webp) + +Multiple columns can be dragged into the Group By area to form tiered groupings. + +**NOTE:** Sorting by the FQDN column is an easy way to see if there are two entries for the same +host. + +![Column Header](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality11.webp) + +The data grid can also be grouped by dragging a column header beneath the other column headers +either to the stationary section on the left or to the mobile section on the right. Each record +counts as a single row for the total rows value, but displays in two rows with the second row +dedicated for the moved column. + +Drag the column header(s) back to the table to remove the grouping or use the Clear Sort option in +the [Data Grid Right-Click Menu](#data-grid-right-click-menu). Additionally, the sort will clear +when the user navigates to another place in the console. + +## Filter + +Users can filter and search data in the Data Grid by using the dropdown arrow in the column headers +to select from a list of filters, configuring a custom filter, or by using the Data Grid filtration +dialog located above the Activities Pane. + +![Filter](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality12.webp) + +In the header of every column is a drop-down arrow. This provides users with the ability to filter +the data grid for a particular item or items within a column. The drop-down menu has the options of +(All), (Custom…), and an alphabetical listing of all items currently within that column for the data +grid. + +- [Custom Filter](#custom-filter) – Click Custom Filter in the header dropdown to open the Custom + Filter window +- [Filtration Dialog](#filtration-dialog) – Click the Magnifying Glass icon in the Filtration Dialog + to select a specific filter + +### Custom Filter + +The Custom option opens a Custom Filter builder for the selected column. + +![Custom Filter](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality13.webp) + +The Custom Filter window options are: + +- Show rows where + - First Comparison Operator – Select from a list of different logical operators that will apply + to the first custom filter criteria + - AND/OR radio buttons – Select logical relationship between the first and second custom filter + criteria + - Second Comparison Operator – Select from a list of different logical operators that will apply + to the second custom filter criteria. +- Two wildcard options: + - The underscore (\_) can be used to represent any single character + - The asterisk (\*) can be used to represent any series of characters + +#### Creating a Custom Filter + +Follow the steps to create a Custom Filter: + +**Step 1 –** Click the dropdown arrow in the column header for the column where the Custom Filter is +going to be applied and select (Custom…) from the list. The Custom Filter window opens. + +![Creating a Custom Filter](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality14.webp) + +**Step 2 –** Set the desired criteria for the custom filter. Select the logical operator from the +drop-down menu on the left and set the criteria in the textbox on the right. + +**Step 3 –** Select either AND/OR and set the second criteria field, following the same method as +Step 2. + +**Step 4 –** Click OK to confirm changes. The custom filter criteria is now applied to the Data +Grid. + +In the example above, OSName is like \*2008\* AND not like \*Standard\*, the filter returns all data +records with an operating system name that contains “2008” but not “Standard,” e.g. Windows Server +2008 Enterprise Edition, 64 bit and Windows Server 2008 R2 Datacenter Edition, 64-bit, etc. Complex +filters can be created using the Advanced Search option in the Filtration Dialog. + +![Selected Filter Criteria](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality15.webp) + +The selected filter criteria will appear at the top of the data grid. A red X appears in the +filtration dialog, and the total rows value drops to the number of records that match the filter +criteria. Additional filter statements can be added for other columns by repeating the process to +build complex filters. The filtration dialog also provides other ways to filter and search the data +set. See the [Filtration Dialog](#filtration-dialog) topic for additional information on this +feature. + +Filters can be cleared by clicking the red X in the filtration dialog (to clear all filter +statements), selecting All from the column’s drop-down menu (to clear filters one column at a time), +or by navigating to another place in the console (to clear all filter statements). However, the +Recent Filters option in the filtration dialog provides a list of the most recent filters applied to +the data set for users to quickly return to a filtered view. + +### Filtration Dialog + +The filtration dialog in the upper-right corner with the magnifying glass icon provides additional +filtering options. + +![Filtration Dialog](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality16.webp) + +The magnifying glass icon opens a dropdown list of columns for the selected data grid, the Advanced +Search option, and the Recent Filters list. Typing in the textbox at the top filters the data grid +for the selected column (identified by the black dot). Hover over the Recent Filters menu item to +open the list of the last server filters applied to this data grid. + +#### Advanced Search + +The Advanced Search option opens a Set Filter builder for users to build a filter for multiple +columns using multiple logical operators. + +![Advanced Search](/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality17.webp) + +The filter options and logical operators are: + +- Filter Button – The Filter button opens a menu with the options to: + - Add Condition + - Add Group + - Clear All +- Logical Operator – The logical operator (red text) beside the Filter button can be changed by + clicking on it to open a menu with: + - AND + - OR + - NOT AND + - NOT OR +- Ellipsis Button – The ellipsis (…) button at the beginning of each row opens a menu with options + to: + - Add Condition + - Add Group + - Remove Row +- Column Selection – The selected column (green text) can be changed by clicking on it to open a + menu with all available columns for the data grid. +- Comparison Operator – The comparison operator (dark red text) can be changed by clicking on it to + open a menu with: + - equals + - does not equal + - is less than + - is less than or equal to + - is greater than + - is greater than or equal to + - like + - not like + - is blank + - is not blank + - between + - not between + - in + - not in +- Filter Criteria – The filter criteria (blue text) can be changed by clicking on it and typing in + the textbox that appears. The Custom Filter builder wildcards can also be used in the Set Filter + builder. diff --git a/docs/accessanalyzer/12.0/admin/navigate/overview.md b/docs/accessanalyzer/12.0/admin/navigate/overview.md new file mode 100644 index 0000000000..c6f1c42365 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/navigate/overview.md @@ -0,0 +1,22 @@ +# Navigating the Console + +There are several options that can be used to navigate the Access Analyzer Console. This section +covers basic Access Analyzer Console navigation, including menu options, buttons, and the different +panes through which users can access Access Analyzer’s various functions and options. + +![Console Navigation Overview](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationoverview.webp) + +The primary sections of the Access Analyzer Console are: + +- [Top Navigation](/docs/accessanalyzer/12.0/admin/navigate/top.md) – Comprised of the Menu Bar and the Actions Bar +- [Navigation Pane](/docs/accessanalyzer/12.0/admin/navigate/pane.md) – Navigate through all of Access Analyzer’s major functions using the + Navigation Pane. Selecting a node or sub-folder in the Navigation Pane will change what can be + done in the Results Pane. +- [Results Pane](/docs/accessanalyzer/12.0/admin/navigate/resultspane.md) – Displays various interfaces based on what is selected in the + Navigation Pane or Activities Pane +- [Activities Pane](/docs/accessanalyzer/12.0/admin/navigate/activitiespane.md) – Displays a list of activities which can be conducted within + the currently selected console section + +Access Analyzer Data Grids also have specific navigation options that enable users to filter, group, +and search through data. See the [Data Grid Functionality](/docs/accessanalyzer/12.0/admin/navigate/datagrid.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/navigate/pane.md b/docs/accessanalyzer/12.0/admin/navigate/pane.md new file mode 100644 index 0000000000..5192c0c893 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/navigate/pane.md @@ -0,0 +1,300 @@ +# Navigation Pane + +The Navigation Pane, located on the left-hand side of the Access Analyzer Console, lists all the +major functions of Access Analyzer in a collapsible list format. Clicking on any node with an arrow +will open a collapsible list that shows more navigation, configuration, and use options. + +![Configuration Settings](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationmenu.webp) + +The items in the Navigation Pane are: + +- Settings – Opens the Global Settings section for configurations which affect the running of Access + Analyzer jobs. See the [Global Settings](/docs/accessanalyzer/12.0/admin/settings/overview.md) topic for additional + information. +- Host Management – Opens the Host Management section for inventorying and managing hosts to be + targeted by Access Analyzer jobs. See the [Host Management](/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md) topic + for additional information. +- Host Discovery - Opens the Host Discovery section for discovering hosts to be targeted by the + Access Analyzer jobs. See the Host Discovery topic for additional information. +- Running Instances – Displays progress for all running jobs. This includes jobs that are run by a + scheduled task, interactively within the open Access Analyzer instance, or interactively in any + other running instance of Access Analyzer See the + [Running Instances Node](/docs/accessanalyzer/12.0/admin/runninginstances/overview.md) topic for additional information. +- Schedules – Opens the Scheduled Actions view which displays information on all scheduled tasks. + See the [Schedules](/docs/accessanalyzer/12.0/admin/schedule/overview.md) topic for additional information. +- Jobs – Lists all solutions, job groups, and jobs within a folder structure. See the + [Jobs Tree](/docs/accessanalyzer/12.0/admin/jobs/overview.md) topic for additional information. + +The title above the Navigation Pane will change depending on what is selected. There are also +several right-click or context menus available throughout the console. See the +[Navigation Pane Right-click Menus](#navigation-pane-right-click-menus) topic for additional +information. + +## Navigation Pane Right-click Menus + +There are several contextual right-click menus that are accessed by right-clicking on individual +nodes or sub-nodes in the Navigation Pane. The different right-click menus are: + +- Host Management Right-click Menus +- Jobs Tree Right-click Menus + +### Host Management Right-click Menus + +The following right-click menus are available within the Host Management node. + +See the [Host Management](/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md) topic for additional information on these +actions. + +#### Discovery Node + +The Discovery node right click-menu can be accessed in the Host Management node in the Navigation +Pane. + +![Discovery Node options](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane1.webp) + +The Discovery node right-click menu options are: + +- Create Query – Opens the [Host Discovery Wizard](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/overview.md) +- Suspend/Resume Query Queue – Pauses or resumes the host discovery queue + +#### All Hosts Node + +The All Hosts node right-click menu can be accessed in the Host Management node in the Navigation +Pane. + +![All Hosts Node options](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane2.webp) + +The All Hosts right-click menu options are: + +- Add Hosts – Opens the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) window +- Refresh Lists – Refreshes host list +- Refresh Hosts – Executes the host inventory query +- Save Selected to Lists – Opens the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) window with the + selected hosts already added to a new list +- Schedule – Opens the [Schedule (Activities Pane Option)](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedule.md) + window to schedule a host inventory query +- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file +- Suspend/Resume Host Inventory – Pauses or resumes a host inventory query + +#### All Hosts > [Host List] Node + +The All Hosts > [Host List] right-click menu can be accessed in the Host Management node in the +Navigation Pane. + +![Host List Node options](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane3.webp) + +The All Hosts > [Host List] node right-click menu options are: + +- Edit List – Opens the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) window for the selected list +- Rename List – Opens the Host list name window +- Delete List – Delete the selected host list +- Refresh List – Refreshes host list +- Refresh Hosts – Executes the host inventory query +- Save Selected to List – Opens the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) window with the + selected hosts already added to a new list +- Schedule – Opens the [Schedule (Activities Pane Option)](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedule.md) + window to schedule a host inventory query +- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file +- Suspend Host Inventory – Pauses or resumes a host inventory query + +### Jobs Tree Right-click Menus + +The following right-click menus are available within the Jobs tree. + +See the [Jobs Tree](/docs/accessanalyzer/12.0/admin/jobs/overview.md) topic for additional information on these actions. + +#### Jobs Tree Primary Nodes + +The Job tree primary nodes have the following right-click menu items: + +**NOTE:** These menu items apply to a Jobs Tree, Job Group, and a Job. Depending on the chosen +selection, some menu items are grayed out. + +| ![Jobs Tree Primary Nodes](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane6.webp) | +| --------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | +| Jobs Tree Node | A Job Group Node | A Job Node | + +Menu items include: + +- Run Group/Jobs – Executes the selected job group or job +- Publish – Publishes the reports from the selected job group or job without regenerating the + report. See the [Reporting](/docs/accessanalyzer/12.0/admin/report/overview.md) topic for additional information. +- Lock Group/Job – Locks job group or job, indicating configuration has been approved and the job + group or job is ready to be scheduled/run. This option only applies to Role Based Access. See the + [Role Based Access](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md) topic for additional information. +- Unlock Group/Job – Unlocks job group or job, indicating the configuration has not been approved or + needs to be modified. Unlocking a job will prevent Job Initiators from scheduling or running the + job. This option only applies to Role Based Access. See the + [Role Based Access](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md) for additional information. +- Enable/Disable Job(s) – Disables the selected job or job group and skips them during scan + execution. When a job group is disabled, all existing jobs within the job group are disabled. See + the [Disable or Enable a Job](/docs/accessanalyzer/12.0/admin/jobs/job/disableenable.md) topic for more information. +- Schedules – Opens the [Schedule Jobs](/docs/accessanalyzer/12.0/admin/schedule/overview.md#schedule-jobs) to schedule job group + or job execution +- Refresh Tree – Refreshes the Jobs tree +- Changes – Opens the [Changes Window](/docs/accessanalyzer/12.0/admin/jobs/overview.md#changes-window) to track changes to job + configuration in a change log +- Cut – Cuts the selected job group or job (Ctrl+X) +- Copy – Copies the selected job group or job (Ctrl+C) +- Paste – Pastes a copied/cut job group or job to the selected location (Ctrl+V) + + **CAUTION:** Delete Group/Job will also delete all tables that match the job’s naming convention + from the database. + +- Delete Group/Job – Deletes the selected job group or job. See the + [Report Cleanup when Deleting a Job or Job Group](/docs/accessanalyzer/12.0/admin/report/cleanup.md) topic for additional + information. + + **CAUTION:** Rename Group/Job will rename all tables that match the job’s naming convention + within the database. + +- Rename Group/Job – Opens a textbox over the selected job group or job to rename +- Export – Zips the selected job group or job. Options allow for including the job, the reports, + and/or the job log and SA_Debug log. + - Save the ZIP file to a desired location, and optionally attach it to an email to + [Netwrix Support](https://www.netwrix.com/support.html). + - Email option requires [Notification](/docs/accessanalyzer/12.0/admin/settings/notification.md) settings to be configured. +- Create Job (Ctrl+Alt+A) – Creates a new job at the same location as the selected job group or job. + See the [Create a New Job](/docs/accessanalyzer/12.0/admin/jobs/job/create.md) topic for additional information. +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md). +- Create Group – Creates a new job group within the selected location +- Explore Folder – Opens the Windows Explorer folder for the select object +- Properties – Opens the [Job Properties](/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md) window + +#### [Job] > Status Node + +The [Job] > Status node has the following right-click menu items: + +![Status Node](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane7.webp) + +The Status node right-click menu items are: + +- Run Job – Executes the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + +#### [Job] > Status > [Table/View] Nodes + +The [Job] > Status > [Table/View] nodes have the following right-click menu items: + +| ![Table/View Nodes](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane10.webp) | +| -------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | +| ConnectStatus Table | Job Stats & Task Stats Tables | Messages Table | + +These menu items apply to the ConnectStatus Tables, Job Stats and Task Stats Tables, and the +Messages Table. Depending on the chosen selection, some menu items are grayed out. The menu items +are: + +- Create Hostlist From Data – Opens the New host list from job results window +- Edit Host List – Opens the Edit Dynamic Job Host Lists window +- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file +- Run Job – Executes the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Creates Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + +#### [Job] > Results Node + +The [Job] > Results node has the following right-click menu items: + +![Results Node](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane11.webp) + +The menu items are: + +- Refresh Tree – Refreshes the Jobs Tree +- Run Job – Executes the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + +#### [Job] > Results > [Table/View] Nodes + +The [Job] > Results > [Table/View] nodes have the following right-click menu items: + +![Results-Table View Nodes](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane12.webp) + +The menu items are: + +- Create Hostlist From Data – Opens the New host list from job results window. See the + [Host Management](/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md) topic for additional information. +- Edit Host List – Opens the Edit Dynamic Job Host Lists window. See the + [Host Management](/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md) topic for additional information. +- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file +- Actions – Opens the selected [Action Modules](/docs/accessanalyzer/12.0/admin/action/overview.md) for the selected table/view +- Run Job – Executes the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Create Job - Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + +#### [Job] > Results > [Report] Nodes + +The [Job] > Results > [Report] nodes have the following right-click menu items: + +![Results-Report Nodes](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane13.webp) + +The [Job] > Results > [Report] node right-click menu items are: + +- Run Job – Executes the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + +#### [Job] > Configure Node + +The [Job] >Configure node have the following right-click menu items: + +![Configure Nodes](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane13.webp) + +The [Job] > Configure node right-click menu items are: + +- Run Job – Executes the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) + + **NOTE:** This right-click menu is also opened at the Configure > Hosts node. + +#### [Job] > Configure > [Configuration] Nodes + +The right-click menu items for the [Job] > Configure > [Configuration] node are the same right-click +menus as those available within the job’s individual configuration views: + +| ![Configure-Configuration Nodes](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane16.webp) | +| ---------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | +| Queries Node | Analysis Node | Actions Node | + +Each configuration node has a different right-click menu. For additional information on each: + +- For the Queries node, see the [Jobs](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md) section for information on these + options +- For the Analysis node, see the [Jobs](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md) section for information on these + options +- For the Actions node, see the [Jobs](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md) section for information on these + options + +#### [Job] > Configure > Reports Node + +The [Job] >Configure > Reports node has the following right-click menu items: + +![Configure-Reports Node](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane17.webp) + +The [Job] > Configure > Reports node right-click menu items are: + +- Create Report – Opens a new report Configuration under the job’s **Configure > Reports Node** +- Paste Report – Paste a copied report from a different job into this job’s Reports node +- Run Job – Executes the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job + +#### [Job] > Configure > Reports > [Report Configuration] Node + +The [Job] >Configure > Reports > [Report Configuration] node has the following right-click menu +items: + +![Reports Configuration Node](/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane18.webp) + +The [Job] > Configure > Reports > [Report Configuration] node right-click menu items are: + +- Generate Report – Generates the selected report +- Rename Report – Opens a textbox over the selected report to rename +- Delete Report – Deletes the selected report +- Copy Report – Copies the report configuration to clipboard. The copied report will have only the + roles inherited from the parent job when pasted. +- Run Job – Executes the selected job +- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) +- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) diff --git a/docs/accessanalyzer/12.0/admin/navigate/resultspane.md b/docs/accessanalyzer/12.0/admin/navigate/resultspane.md new file mode 100644 index 0000000000..5076567095 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/navigate/resultspane.md @@ -0,0 +1,9 @@ +# Results Pane + +The Results pane displays all views for the selected console section. + +![Results Pane](/img/product_docs/accessanalyzer/12.0/admin/navigate/resultspane.webp) + +The Results pane displays all views for the selected console section. This includes solution, job +group, and job descriptions, configuration views, native and materialized data tables and views, and +reports. diff --git a/docs/accessanalyzer/12.0/admin/navigate/top.md b/docs/accessanalyzer/12.0/admin/navigate/top.md new file mode 100644 index 0000000000..a6544a9522 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/navigate/top.md @@ -0,0 +1,144 @@ +# Top Navigation + +The Top Navigation bars provide users quick access to various options and functions in Access +Analyzer. The two parts of the Top Navigation section are: + +- [Menu Bar on the Console](#menu-bar-on-the-console) +- [Button Bar on the Console](#button-bar-on-the-console) + +## Menu Bar on the Console + +Users can access various Access Analyzer functions and actions in the Menu Bar. + +![Menu Bar on Console](/img/product_docs/accessanalyzer/12.0/admin/navigate/menubar.webp) + +The Menu Bar options are: + +- File + + - Create Job – Creates a new job (Ctrl+Alt+A) at the selected location within the Jobs tree + - Add Instant Job – Opens the Access Analyzer Instant Job Wizard to install an instant job set + at the selected location within the Jobs tree. See the + [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) section for information on installing + instant solutions from the Access Analyzer Library. + + **CAUTION:** Delete Job will also delete all data tables with the job’s base naming + convention from the SQL database. + + - Delete Job – Deletes the selected job from the Jobs tree + - Properties – Opens the Job Properties window for the selected job. See the + [Job Properties](/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md) topic for additional information. + - Export Data – Exports the selected data table or view to an HTML, XML, or CSV file format + - Exit – Closes the Access Analyzer application + +- Edit + + - Cut – Cuts (Ctrl+X) the selected job group or job + - Copy – Copies (Ctrl+C) the selected job group or job + - Paste – Pastes (Ctrl+V) a copied job group or job to the selected job group folder (or into + the Jobs tree) + + **CAUTION:** Delete will also delete all data tables with the job’s base naming convention + from the SQL database. + + - Delete – Deletes the job group or job at the selected location within the Jobs tree + +- View + - Refresh Tree – Refreshes the Jobs tree + - Reset Current Data View – This is a legacy feature + - Show Change Deltas – This is a legacy feature + - Show Job Progress – Redirects the Access Analyzer Console to the Running Job Node to view the + running job’s progress. See the [Running Instances Node](/docs/accessanalyzer/12.0/admin/runninginstances/overview.md) + topic for additional information. +- Job + + - Add Instant Job – Opens the Access Analyzer Instant Job Wizard to install an instant job set + at the selected location within the Jobs tree. See the + [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) section for information on installing + instant solutions from the Access Analyzer Library. + - Create Job – Creates a new job (Ctrl + Alt + A) at the selected location within the Jobs tree + + **CAUTION:** Delete Job will also delete all data tables with the job’s base naming + convention from the SQL database. + + - Delete Job – Deletes the selected job from the Jobs tree + + **CAUTION:** Rename Job will also rename all data tables with the job’s base naming + convention within the SQL database. + + - Rename Job – Renames the selected job + - Properties – Opens the Job Properties window for the selected job. See the + [Job Properties](/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md) topic for additional information. + - Execute: + - Run Job or Group – Starts job execution for the selected job group or job + - Stop Job or Group – Stops job execution for the selected job group or job + - Schedule – Opens the selected job’s Schedule window. See the + [Schedule Jobs](/docs/accessanalyzer/12.0/admin/schedule/overview.md#schedule-jobs) topic for additional information. + - Queries: + + - Add from Library – Opens the Library to add a query to the selected job’s Query Selection + view. See the Query Selection topic for additional information. + - Create Query – Opens the Query Selection window to create a new query at the selected + job’s Query Selection view + - Cut Query – Deletes the selected query from the selected job’s Query Selection view + - Properties – Opens the Query Selection window for the selected query + - Add Table – Opens the Query Selection window to add a table to the selected query + - Delete Table – Opens the Delete Table window which identifies associated tasks to be + deleted and asks for confirmation of the deletion action. See the Query Selection topic + for additional information. + - Rename Table – Opens the Rename Table window to enter a new table name for the selected + query. See the Query Selection topic for additional information. + + See the Data Collectors topic for additional information. See the + [Data Collectors](/docs/accessanalyzer/12.0/admin/datacollector/overview.md) topic for additional information. + + - Reports + - Create Report – Creates a new report at the selected Reports node + - Generate Report – Generates the selected report and opens the report in a browser window + - Rename Report – Rename the selected report for the database and how it is seen in the Jobs + tree + - Delete Report – Delete the selected report + +- Schedules + - Schedule – Opens the selected object’s Schedule window to create a new scheduled action. The + Access Analyzer Console is redirected to the Schedules node. See the + [Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) topic for additional information. + - Delete – Delete the selected scheduled task from the Scheduled Actions view of the Schedules + node + - Properties – Opens the selected scheduled task’s Schedule window. See the + [Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) topic for additional information. +- Tools + - Libraries – Opens the Add Query from Library window to add a query to the selected job’s Query + Selection view. See the [Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) topic for additional information. + - Options – Redirects the Access Analyzer Console to the Settings node +- Help + - Content – Opens Access Analyzer help documentation + - User Details – Opens an information window display Current Logged In User and Role Assigned To + Current User (when applicable) + - Reference – This is a legacy feature + - Enable Support Mode – Enables Support Mode for Netwrix Support Engineers + - About – Opens the About window with the Access Analyzer Console’s version and license + information, including License Expiration date, Host Limit, and Licensed Features + +## Button Bar on the Console + +The Button bar provides quick links to various actions and functions in Access Analyzer. + +![Button Bar](/img/product_docs/accessanalyzer/12.0/admin/navigate/buttonbar.webp) + +The options in the Button Bar are: + +| Icon | Icon Description | Name | +| --------------------------------------------------------------------------------------------------------------------------------- | --------------------------- | --------------------------------------------------- | +| ![selectinstantjob](/img/product_docs/accessanalyzer/12.0/admin/navigate/selectinstantjob.webp) | Paper with plus sign | Select an Instant Job | +| ![newjob](/img/product_docs/accessanalyzer/12.0/admin/navigate/newjob.webp) | Paper with pencil | Create a new job (Ctrl + Alt + A) | +| ![newgroup](/img/product_docs/accessanalyzer/12.0/admin/navigate/newgroup.webp) | Folder with plus sign | Create a new group | +| ![newquery](/img/product_docs/accessanalyzer/12.0/admin/navigate/newquery.webp) | Puzzle piece with plus sign | Create a new query and add it to the selected table | +| ![addreport](/img/product_docs/accessanalyzer/12.0/admin/navigate/addreport.webp) | Graph with plus sign | Add a report | +| ![addquery](/img/product_docs/accessanalyzer/12.0/admin/navigate/addquery.webp) | Book with plus sign | Add a query from a library | +| ![cut](/img/product_docs/accessanalyzer/12.0/admin/navigate/cut.webp) | Scissors | Cut the selected query to the clipboard (Ctrl + X) | +| ![copy](/img/product_docs/accessanalyzer/12.0/admin/navigate/copy.webp) | Duplicate papers | Copy the selected query to the clipboard (Ctrl + C) | +| ![paste](/img/product_docs/accessanalyzer/12.0/admin/navigate/paste.webp) | Clipboard with paper | Paste the query from the clipboard (Ctrl + V) | +| ![delete](/img/product_docs/accessanalyzer/12.0/admin/navigate/delete.webp) | Red X | Delete the selected query | + +Select a button for the desired action. diff --git a/docs/accessanalyzer/12.0/admin/overview.md b/docs/accessanalyzer/12.0/admin/overview.md new file mode 100644 index 0000000000..8a5cc88a23 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/overview.md @@ -0,0 +1,65 @@ +# Administration + +The Access Analyzer application is the power behind the solutions. It has the automation, +management, and integration building blocks that ensure the solutions’ advanced data collection and +analysis deliver meaningful results to an organization’s infrastructure and other technologies. +Users manage and control access to unstructured and structured data, systems, and critical +applications with the application. + +## Data Collectors Overview + +Access Analyzer leverages a wide variety of APIs and protocols to connect to and communicate with +the systems and applications in an organization’s environment. From MAPI to PowerShell, WMI, LDAP, +CIFS, and more. It uses the best, most appropriate data collection methodology for every data +collection task. The majority of Access Analyzer data comes from agentless scans and log collection. +This enables remote collection of thousands of data points across dozens of system and application +types. + +Though Access Analyzer does use applets and kernel-level drivers for certain data collection +requirements, e.g. real-time file level activity monitoring, these agent-based advanced data +collection methods allow the kind of deep rich information, which can usually be obtained only by +substantial manual effort. + +See the [Data Collectors](/docs/accessanalyzer/12.0/admin/datacollector/overview.md) topic for additional information. + +## Analysis Modules Overview + +Access Analyzer employs a series of powerful, yet easy-to-use Analysis Modules which provide +end-users with the ability to perform very simple and sophisticated data analysis routines with +ease: + +- Correlation – Easily correlate data from multiple datasets to create meaningful views +- Policy – Create rules and policies which automatically categorize your data output, i.e. Severity, + Classifications, etc. +- Change – Turn on change detection to see exactly what has changed between time periods +- Trend – See what is happening over time and when thresholds will be met +- Conformance – Create a baseline or designate a “golden” image to see what deviates from the + organization’s desired standards +- Notification – Get alerts based upon any condition within any dataset, with control over how and + how often alerts are generated + +See the [Analysis Modules](/docs/accessanalyzer/12.0/admin/analysis/overview.md) topic for additional information. + +## Action Modules Overview + +The Access Analyzer Action Module framework enables administrators to make bulk changes across +various system and application resources such as File Systems, Exchange Mailboxes, Public Folders, +Distribution Lists, SharePoint sites, and Windows Registry. The Mail and Survey Action Modules work +in conjunction with other Action Modules and datasets to instantiate workflows involving end-users +such as data custodians to obtain answers and verifications. + +See the [Action Modules](/docs/accessanalyzer/12.0/admin/action/overview.md) topic for additional information. + +## Reporting Overview + +The Access Analyzer custom report authoring engine, dashboards, and open data views provide +information to multiple audiences within an organization, both technical and non-technical. Its +reporting capabilities include a distribution and viewing mechanism allowing reports to be +automatically distributed via email or posted to one or more network locations and/or websites for +simple, secure, and on-demand access to information. The Access Analyzer Report Index provides +access to published Access Analyzer reports through a web-based console, granting access to reports +without requiring access to the Access Analyzer Console. It is accessed through the Stealthbits Web +Console, which is created during the installation of Access Analyzer. The Web Console can also +provide access to the Access Information Center, and other Stealthbits products. + +See the [Reporting](/docs/accessanalyzer/12.0/admin/report/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/report/chartwizard/chartformat.md b/docs/accessanalyzer/12.0/admin/report/chartwizard/chartformat.md new file mode 100644 index 0000000000..1e74584c5f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/chartwizard/chartformat.md @@ -0,0 +1,31 @@ +# Chart Format + +The Chart Format page of the Chart Configuration wizard is where you can select the chart type and +configure additional format options. + +![Chart Configuration wizard Chart Format page](/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/chartformat.webp) + +The Chart Format page has the following options: + +- Element Title – Enter a title for the element in the text box. This will be displayed in the + element's header on the generated report. It can contain characters, numbers, or both. +- Select the type of chart you want to build – Select the chart type using the dropdown from the + following options: + + - Area – Shaded region beneath line to indicate a group’s proportion within a column + - Bar – Horizontal rectangles that represent discrete units of measurement + - Column – Vertical bar chart + - Line – Vertical line chart + - Pie – Circular statistical graphic that demonstrates numerical proportion. First grouped + column can be numeric or string, but the second column should always be numeric. + - Stacked – Consolidated bar chart for comparing values + +- Show Data Labels – Select this option to show data labels on the generated chart +- Limit the number of data points – Select this option to limit the number of data points displayed + on the chart to the specified number. The default limit value is 20 for pie charts and 150 for all + other chart types. You can customize this value, but the value must not exceed the default value + for the chart type. If a value greater than the default is entered, then the value automatically + resets back to the default. + +Once you have configured the options as required, click **Next** to proceed to the Data Source page. +See the [Data Source](/docs/accessanalyzer/12.0/admin/report/chartwizard/datasource.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/report/chartwizard/configure.md b/docs/accessanalyzer/12.0/admin/report/chartwizard/configure.md new file mode 100644 index 0000000000..9efcc32d74 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/chartwizard/configure.md @@ -0,0 +1,118 @@ +# Configure + +The Configure page of the Chart Configuration wizard allows you to configure the chart as required. +The page consist of two tabs, Chart Configuration and Data Preview. + +## Chart Configuration + +The Chart Configuration tab is split into three sections, label column selection, series +configuration, and a chart preview. Use this tab to configure the columns from the data source to be +shown in the chart. + +![Chart Configuration wizard Configure page](/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/configure.webp) + +The left side shows all the columns from the data source table that can be used for the label axis. +For example, the label column is the x-axis on a line chart and the y-axis on a bar chart. Select +the checkbox of the desired label column from the list. You can use the search bar to filter this +list of columns. + +If a datetime label column has been selected, you can optionally select a transformation function +using the dropdown menu. Transformation functions group the column data by the selected function and +the function is then used as the label. The possible transformation functions are Day, Month, or +Year. + +The table on the right is where the data series are configured. For configured data series, the +table displays the series type (XAxis, YAxis, or DataValue), column name, aggregation function, +friendly alias name, and legend color. Use the buttons above the table to add new or configure +existing data series. The following options are available: + +- Add – Opens the Add new series window to configure a new data series. See the + [Add New Series / Edit Series Window](#add-new-series--edit-series-window) topic for additional + information. +- Remove – Removes the selected data series from the chart +- Edit – Opens the Edit series window for the selected series. See the + [Add New Series / Edit Series Window](#add-new-series--edit-series-window) topic for additional + information. +- Color Picker – Available only for pie charts. Opens the Pie slices color window, which allows you + to customize the color for each slice of the pie chart. On the Pie slices color window: + + - Select the row of the desired value to customize and click **Change Color** + - Use the color picker to choose the desired color, then click **OK** + - Repeat for each color you want to customize + - Click **OK** to save your selections and close the Pie slices color window, or click + **Cancel** to close the window without changing the colors + +At the bottom of the page is a preview of the chart as it is currently configured using the +available data. See the [Chart Preview](#chart-preview) topic for additional information. +Additionally, you can see a preview of the source data table in the Data Preview tab. See the +[Data Preview](#data-preview) topic for additional information. + +Once you have finished configuring the chart, click **Finish** to close the wizard. You are returned +to the Widgets page of the Report Configuration wizard, where the newly configured chart is shown. +You must complete the Report Configuration wizard to save the chart on the report. See the +[Widgets Page](/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md) topic for additional information. + +### Add New Series / Edit Series Window + +The Add new series and Edit series windows allow you to configure the data series of the chart. The +appropriate window is opened by clicking **Add** to create a new series, or by selecting an existing +series and clicking **Edit**. + +![Add new series window](/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/addnewseries.webp) + +These windows contain the following options for the data series: + +- Column table – This table displays the available columns in the source table that are not + currently selected in a series for the chart. Select the checkbox for column that contains the + data for the series. You can use the search bar to filter the list of columns. + + **NOTE:** The other options on the window are disabled until a column is selected. + +- Select a function to aggregate the column by – Use the drop-down to select an aggregation + function. The available options vary depending on the column selected. The possible options are: + + - None + - Average + - Count + - Count Distinct + - Maximum + - Minimum + - Sum + +- Provide a friendly name for the column in the legend – If an alias name is provided here, it is + displayed on the chart instead of the column name +- Select a color for this series – Click **Change** to open the color picker to customize the color + for the series + +Click **OK** on the window to save the new or modified series, or click **Cancel** to close the +window without saving. + +### Chart Preview + +At the bottom of the page a preview of the currently configured chart is displayed. + +![Chart preview](/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/configurechartpreview.webp) + +If the configuration is incomplete or invalid, a message with instructions to fix the configuration +is displayed in the preview window instead. The following are possible messages and scenarios that +would cause them: + +| Message | Scenario | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Following is the minimum requirement to generate preview: - From columns(left side) above, select at least one label column. - From series(right side) above, configure at least one series column. | - Series column not configured - Series with function and no label selected - None selected | +| Following is the minimum requirement to generate preview with the transformation function: - From columns(left side) above, select only one column of type Datetime. - From series(right side) above, configure all the series column with an aggregate function. | - Transformation function enabled with multiple label columns selected - Transformation function enabled but no aggregate function configured - Transformation function enabled, but no Datetime column selected | +| Following series should be configured with a function | - The transformation function is enabled but no aggregate function is configured for the series | + +## Data Preview + +The Data Preview tab allows you to see and customize the data that is to be shown in the chart. + +![Data Preview tab](/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/configuredatapreview.webp) + +The buttons above the column names provide you the following options for configuring the table +arrangement: + +- Filter Editor – Opens the Filter Editor which allows you to add custom filters with conditional + statements and logical connectives +- Best Fit (all columns) –  Adjusts the width of the columns to display all the data within the + cells diff --git a/docs/accessanalyzer/12.0/admin/report/chartwizard/datasource.md b/docs/accessanalyzer/12.0/admin/report/chartwizard/datasource.md new file mode 100644 index 0000000000..8c141d695f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/chartwizard/datasource.md @@ -0,0 +1,24 @@ +# Data Source + +On the Data Source page of the Chart Configuration wizard configure the data source for the chart. + +![Chart Configuration wizard Data Source page](/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/datasource.webp) + +In order to generate results, a location must first be selected as the source of the data. The table +on this wizard page contains a list of tables and views within Access Analyzer from jobs that have +been executed. Select the required data source from the table. + +You can use the search bar located above the table to easily find a desired table. The **Limit +selection to tables from the current job**option limits the displayed data to tables from the +current job. This option is selected by default. You can clear the option to widen the available +data to all jobs. + +There are the following additional data source options: + +- Show data from all instances – Select this option to display data from all Access Analyzer data + jobs +- Show historical data – If there is historical data, selecting this option displays all + collections. It is keyed off of the Jobruntimekey column. + +Once you have selected the data source, click **Next** to proceed to the Configure page. See the +[Configure](/docs/accessanalyzer/12.0/admin/report/chartwizard/configure.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/report/chartwizard/overview.md b/docs/accessanalyzer/12.0/admin/report/chartwizard/overview.md new file mode 100644 index 0000000000..6cfd85249b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/chartwizard/overview.md @@ -0,0 +1,15 @@ +# Chart Configuration Wizard + +The Chart Configuration wizard allows you to configure the charts that display on reports. The +wizard opens when you select to configure a Chart widget from the Widgets page of the Report +Configuration Wizard. See the [Widgets Page](/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md) topic for additional information. + +The Chart Configuration wizard consists of three pages: + +- [Chart Format](/docs/accessanalyzer/12.0/admin/report/chartwizard/chartformat.md) +- [Data Source](/docs/accessanalyzer/12.0/admin/report/chartwizard/datasource.md) +- [Configure](/docs/accessanalyzer/12.0/admin/report/chartwizard/configure.md) + +Once you have finished configuring the chart, click **Finish** to close the wizard. You are returned +to the Widgets page of the Report Configuration wizard, where the newly configured chart is shown. +You must complete the Report Configuration wizard to save the chart on the report. diff --git a/docs/accessanalyzer/12.0/admin/report/cleanup.md b/docs/accessanalyzer/12.0/admin/report/cleanup.md new file mode 100644 index 0000000000..6722897902 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/cleanup.md @@ -0,0 +1,40 @@ +# Report Cleanup when Deleting a Job or Job Group + +When deleting a job or job group, the Delete Job and Delete Group wizards allow you to delete any +published reports contained in the jobs that are being deleted. Follow the steps to delete a job or +job group that contains published reports. + +**CAUTION:** Deleted objects cannot be restored. + +![Delete Group on right-click menu](/img/product_docs/accessanalyzer/12.0/admin/report/jobstree.webp) + +**Step 1 –** In the Jobs tree, right-click on the job or group that you want to delete and select +**Delete Job/Group**. + +![Delete Group wizard page](/img/product_docs/accessanalyzer/12.0/admin/report/deletegroup.webp) + +**Step 2 –** On the Delete Job/Group page of the wizard, confirm it shows the correct job or group +that you want to delete, then click **Next**. + +**NOTE:** If there are no published reports, clicking **Next** starts the deletion (skip to step 4). + +![Delete Published Reports wizard page](/img/product_docs/accessanalyzer/12.0/admin/report/reporttree.webp) + +**Step 3 –** The Delete Published Reports page of the wizard shows the tree of published reports. +Select the checkboxes next to all the reports you want to delete. You can also select reports by job +group or job. Click **Next** to proceed with the deletion. + +![Progress wizard page](/img/product_docs/accessanalyzer/12.0/admin/report/progress.webp) + +**Step 4 –** The Progress page shows you the status of the deletion process. When it has completed, +click **Finish** to exit the wizard. + +The job or job group and all of the selected published reports have been deleted. If you chose not +to delete any of the published reports contained in any of the deleted jobs, then those remaining +reports can still be viewed in the Web Console, even though the parent has been removed from the +Access Analyzer Console. + +![Delete Published Reports page with a report from previous deletion](/img/product_docs/accessanalyzer/12.0/admin/report/reportfrompreviousdeletion.webp) + +The remaining published reports that weren't deleted are shown in the wizard if you are deleting the +parent group of the previously deleted job or group. diff --git a/docs/accessanalyzer/12.0/admin/report/create.md b/docs/accessanalyzer/12.0/admin/report/create.md new file mode 100644 index 0000000000..e677be23a5 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/create.md @@ -0,0 +1,70 @@ +# Creating a Report + +Creating and customizing reports allows you to design outputs uniquely crafted to your requirements. +Reports can vary by section order, sourced data, file format, and other elements within the reports +configuration. + +You can add additional reports by the following methods: + +- [Create a Custom Report](#create-a-custom-report) +- [Copy an Existing Report](#copy-an-existing-report) + +**NOTE:** It is important to consider whether a report should be added to an existing job, or a new +job created to generate the report. Contact [Netwrix Support](https://www.netwrix.com/support.html) +for additional information on report outputs. + +## Create a Custom Report + +You can create a new custom report for an existing job from the job’s Reports node. Follow the steps +to create a new report. + +**Step 1 –** Navigate to **Jobs** > **[Job]** > **Configure** and select the **Reports** node. + +![Create report option](/img/product_docs/accessanalyzer/12.0/admin/report/create.webp) + +**Step 2 –** On the Reports page, click Create. + +**Step 3 –** The Report Configuration wizard is automatically launched. Use the wizard to configure +the new report as required, see the [Report Configuration Wizard](/docs/accessanalyzer/12.0/admin/report/wizard/overview.md) topic for +instructions. Click **Finish** on the final page of the wizard to create the report. + +The new report is added to the Reports table. + +![Generate report](/img/product_docs/accessanalyzer/12.0/admin/report/generate.webp) + +**Step 4 –** Click the vertical ellipsis menu next to the report and select Generate. + +The report is now created. To access the new report, see the [Viewing Generated Reports](/docs/accessanalyzer/12.0/admin/report/view.md) +topic. + +## Copy an Existing Report + +You can create a new report by copying an existing report and pasting it in a job’s Reports node. +You can then optionally customize the report as required. Follow the steps to create a copy of an +existing report. + +![Copy Report](/img/product_docs/accessanalyzer/12.0/admin/report/copy.webp) + +**Step 1 –** Navigate to the Reports node where the desired report to copy is located. Click the +vertical ellipsis menu next to the report and select Copy. + +![Paste Report](/img/product_docs/accessanalyzer/12.0/admin/report/paste.webp) + +**Step 2 –** Navigate to the Reports node in the desired destination for the new report. Click the +vertical ellipsis menu in the header row of the Reports table and select Paste. + +The copy of the report is added to the Reports table. Reports that are copied maintain the same +configuration settings as the original report. + +**NOTE:** If the report copied to the job’s Reports node has the same name as an existing report, +the copied report adds a numerical value to the name sequentially. For example if the existing +report is named Exceptions Summary, then the new report is named `Exceptions Summary1`. + +**Step 3 –** (Optional) Click the **Configure** button next to the report. Use the Report +Configuration wizard to modify the reports settings. See the +[Report Configuration Wizard](/docs/accessanalyzer/12.0/admin/report/wizard/overview.md) topic for instructions. + +**Step 4 –** Click the vertical ellipsis menu next to the report and select Generate. + +The report is now created. To access the new report, see the [Viewing Generated Reports](/docs/accessanalyzer/12.0/admin/report/view.md) +topic. diff --git a/docs/accessanalyzer/12.0/admin/report/edit.md b/docs/accessanalyzer/12.0/admin/report/edit.md new file mode 100644 index 0000000000..9a6cd5c33a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/edit.md @@ -0,0 +1,27 @@ +# Editing Existing Reports + +It is not recommended to edit existing reports unless there are changes to a job’s settings at the +global level, job group level, or job level. Changes to when data is collected, the types of data +collected, and the properties of collected data are not reflected in a report’s configuration. As a +result, generated reports could appear with blank fields or misleading information about the purpose +of the collected data, unless the report is modified to reflect the changes to the job's settings. +To modify a report, use the Report Configuration Wizard. + +Follow the steps to modify an existing report. + +**Step 1 –** Navigate to the Reports node that contains the report. + +![Configure Report](/img/product_docs/accessanalyzer/12.0/admin/report/configure.webp) + +**Step 2 –** Click the **Configure** button next to the report you want to modify. + +**Step 3 –** Use the Report Configuration wizard to make any required changes. See the +[Report Configuration Wizard](/docs/accessanalyzer/12.0/admin/report/wizard/overview.md) topic for instructions. + +- You must go through all pages of the wizard, and click **Finish** on the final page to save your + changes. Skip any sections or pages that do not require changes to the existing configuration. You + can click **Cancel** on any page to exit the wizard without saving your changes. + +Your configuration updates have been saved. To view the updated report you need to first generate +the report or run it's associated job. See the [Viewing Generated Reports](/docs/accessanalyzer/12.0/admin/report/view.md) topic for +additional information. diff --git a/docs/accessanalyzer/12.0/admin/report/interactivegrids/copyingcells.md b/docs/accessanalyzer/12.0/admin/report/interactivegrids/copyingcells.md new file mode 100644 index 0000000000..82a1175f5d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/interactivegrids/copyingcells.md @@ -0,0 +1,12 @@ +# Copying Cells + +Copying an individual cell within a generated report enables easier searching for information using +the AIC or other tools. The copy feature can only be used on interactive grids. Each cell listed +under a column can be selected and copied to the clipboard. + +![Copy Cell Data](/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/copycell.webp) + +To copy a cell, select the cell, then right-click on it and select **Copy Cell Data**. + +**NOTE:** You may need to allow programmatic clipboard access for your browser the first time you +attempt to copy a cell. diff --git a/docs/accessanalyzer/12.0/admin/report/interactivegrids/grouping.md b/docs/accessanalyzer/12.0/admin/report/interactivegrids/grouping.md new file mode 100644 index 0000000000..5319c09f7f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/interactivegrids/grouping.md @@ -0,0 +1,15 @@ +# Grouping Data + +If grouping is enabled, the **Group by** field provides a drop-down list of categories by which the +data can be grouped. + +**NOTE:** Grouping and filtering cannot be enabled at the same time. If grouping is enabled, the +Filter icon is disabled in the report. + +The following example shows an interactive grid in which grouping has been enabled. See the +[Grid](/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md#grid) topic for additional information. + +![Group by option](/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/groupby.webp) + +The drop-down list to the right of the Group by field can be accessed by clicking the down arrow. +Click an item from the drop-down list to group the report by that category. diff --git a/docs/accessanalyzer/12.0/admin/report/interactivegrids/overview.md b/docs/accessanalyzer/12.0/admin/report/interactivegrids/overview.md new file mode 100644 index 0000000000..0c64283d0a --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/interactivegrids/overview.md @@ -0,0 +1,28 @@ +# Interactive Grids + +Interactive grids in the table section of a report provide the ability to interact with the data and +filter it as required. Interactive grids allow you to perform the following actions: + +- Group data +- Search and filter data +- Paging +- Download data to a CSV file + +![Interactive Grid actions bar](/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/interactivegridoptions.webp) + +The toolbar in an interactive grid can display the following options: + +- Filter icon – Click this icon to activate searching and filter the data +- Group by – Provides a drop-down list of available categories to select for grouping. When grouping + is enabled, searching is disabled. +- Up arrow and down arrow – Click to expand or collapse the groups +- Download Data – Click to download all data to a CSV file. This option is displayed when the + **Export table data as CSV** checkbox has been selected for the report, see the + [Grid](/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md#grid) topic for additional information. + +When enumeration is set on an interactive grid, a second download button is displayed. A CSV file +can be downloaded that contains only data for the selected enumeration. + +![Group by loading data](/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/groupbyloadingdata.webp) + +When grouping data, interactive grids display the percentage of data that has loaded on the page. diff --git a/docs/accessanalyzer/12.0/admin/report/interactivegrids/paging.md b/docs/accessanalyzer/12.0/admin/report/interactivegrids/paging.md new file mode 100644 index 0000000000..88d3c81846 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/interactivegrids/paging.md @@ -0,0 +1,16 @@ +# Paging + +Paging allows users to interact with large sets of data more efficiently when viewing, filtering, +and sorting generated report tables by limiting the amount of data being displayed at a given time. +Reports provide the ability to navigate to specific pages using arrows at the bottom of the report. +Paging is enabled by default. See the [Grid](/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md#grid) topic for additional +information. + +**NOTE:** Paging and grouping cannot be enabled at the same time. When Paging is enabled, the +Grouping options are disabled for the report. + +![Paging](/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/paging.webp) + +When paging is enabled, arrows are displayed that allow you to navigate to the next page, last page, +previous page, or first page. If the data is filtered, it is indicated at the end of the line. Each +page contains 10 records. diff --git a/docs/accessanalyzer/12.0/admin/report/interactivegrids/searchfilter.md b/docs/accessanalyzer/12.0/admin/report/interactivegrids/searchfilter.md new file mode 100644 index 0000000000..1d6e612bfb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/interactivegrids/searchfilter.md @@ -0,0 +1,62 @@ +# Searching and Filtering Data + +When dealing with large sets of data, it may be useful to search for a desired attribute. This can +be done using the Filter icon. + +**NOTE:** Searching and grouping cannot be enabled at the same time. If grouping is enabled, the +Search icon is disabled in the report. + +The following example shows an interactive grid in which searching has been enabled. See the +[Grid](/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md#grid) topic for additional information. + +![Search](/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/search.webp) + +Enter search criteria in the boxes under the columns to filter the data. Click the search icon again +to clear the filters. + +Click on a column to sort by that column. Clicking on a cell in a column automatically expands the +column size to fit the largest length of text contained in the column. + +## Searching Enumerated Tables + +Enabling the enumerated column option, and choosing a column from the data set adds a list of column +types to display as enumerated tables. + +![Enumerated Table](/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/enumerated.webp) + +To change the enumeration in the report, select an option from the enumerated column list. When +enumeration is set on an interactive grid, a second download button is displayed with the name of +the currently selected enumerated column. You can use this to download a CSV file that only contains +the data for the selected enumeration. + +## Filtering on Dates & Times + +Data can also be filtered on dates and times. Expanding the column's width activates hyperlinks to +filter on specific time periods. + +![Date column filter](/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/datefilter.webp) + +Enter a Start and End date and select the desired time period. + +## Filtering on Numeric Columns + +Comparison operators can also be used for filtering. Comparison operators which can be used for +filtering include the following: + +| Description | Operator | +| ------------------------ | -------- | +| Equal to | = | +| Greater than | > | +| Less than | < | +| Less than or equal to | <= | +| Greater than or equal to | >= | +| A range of values | n1..n2 | + +## Adding & Removing Columns + +Columns can be added or removed from the table. + +![Add and remove columns](/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/addremovecolumns.webp) + +Right-click on a column to display a list of the available columns. Select the checkboxes of the +columns you want to be displayed. Click the up or down arrows to scroll through the list of columns. diff --git a/docs/accessanalyzer/12.0/admin/report/overview.md b/docs/accessanalyzer/12.0/admin/report/overview.md new file mode 100644 index 0000000000..7bb3778369 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/overview.md @@ -0,0 +1,23 @@ +# Reporting + +Access Analyzer provides the ability to report on collected data in multiple ways such as tables, +views, graphs, and emails. Depending on the type of data collected, different reporting methods can +simplify how to present and understand the information. + +![Reports node](/img/product_docs/accessanalyzer/12.0/admin/report/reports.webp) + +The Reports node, contained within a job’s Configure node, lists any reports that are configured for +the job. The page contains options to create a report, configure existing reports, and a link to +view generated reports. The configuration of reports vary by use case, but they contain the same +elements. The layout and elements of a report are configured using the +[Report Configuration Wizard](/docs/accessanalyzer/12.0/admin/report/wizard/overview.md). + +In addition, there are various ways to view and interact with generated reports. Generated reports +can be viewed in the Access Analyzer Console or in the Web Console. Reports can also be configured +to be downloaded as a CSV file, or sent as an email in various forms. See the +[Viewing Generated Reports](/docs/accessanalyzer/12.0/admin/report/view.md) topic for additional information. + +The global settings configured under the Settings node are inherited down through the Jobs tree to +the job unless inheritance is broken in a job group’s Settings node, a job’s Properties window, or +in the Report Configuration Wizard. See the [Reporting](/docs/accessanalyzer/12.0/admin/settings/reporting.md) topic for +additional information. diff --git a/docs/accessanalyzer/12.0/admin/report/tags.md b/docs/accessanalyzer/12.0/admin/report/tags.md new file mode 100644 index 0000000000..0878878a06 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/tags.md @@ -0,0 +1,98 @@ +# Tags + +Tags can be added to reports to describe the content of the report and use cases for the report. For +example, tags can be included in a report to show the compliance frameworks to which the report +maps. To view tags or click on tag links, reports must be viewed in the Web Console. Tags are not +supported in reports in the Jobs tree. + +![Web Console Home Page](/img/product_docs/accessanalyzer/12.0/admin/report/webconsolehome.webp) + +If Reports from solutions that have been run have tags added to them, those tags can be found under +the Tags tab in the Navigation section on the right-hand side of the Published Reports homepage. + +| ![Tags tab on Web Console homepage](/img/product_docs/accessanalyzer/12.0/admin/report/privilegedaccountstag.webp) | +| -------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | +| Privileged Accounts Tag on Published Reports homepage | Privileged Accounts Tag page | + +Click on a tag to view all reports that contain the selected tag. + +![Job Group view in the Web Console](/img/product_docs/accessanalyzer/12.0/admin/report/jobgroupview.webp) + +Clicking on a job group in the Published Reports menu displays the reports contained in that job +group. Jobs within that job group that have tags are identified with a tag icon along with the tag +name. + +![Report header](/img/product_docs/accessanalyzer/12.0/admin/report/reportheader.webp) + +When viewing a report in either the Web Console or the Access Analyzer console, tags are displayed +below the report title. Click on a tag to view all reports that contain that tag. If the tag is +selected from the Reports view in the Access Analyzer Console, the Published Reports Web Console +opens and direct users to the tag page. + +## Default Tags in Reports + +The following sections list out of the box reports that contain each tag. The tags are: + +### Open Access + +The Open Access tag is included in the following reports: + +- Active Directory Permissions Analyzer > 5.Open Access > AD_OpenAccess > Open Access by Domain +- Exchange > 4. Mailboxes > Permissions > EX_MailboxAccess > Incorrect Default and Anon Permissions +- SharePoint > 2.High Risk Sites >ALL REPORTS +- FileSystem > 1.Open Access > FS_OpenAccess > ALL REPORTS +- SQL > 5.Permissions > SQL_PublicPermissions > Public Permissions +- Oracle > 5.Permissions > Oracle_PublicPermissions > Public Permissions + +### Sensitive Data + +The Sensitive Data tag is included in the following reports: + +- Dropbox > 5.Sensitive Data > Dropbox SensitiveData > ALL REPORTS +- Exchange > 7. Sensitive Data > EX_SDDResults > ALL REPORTS +- FileSystem > 7.Sensitive Data > FS_DLPResults > ALL REPORTS +- Oracle > 7.Sensitive Data > Oracle_SensitiveData > ALL REPORTS +- SharePoint > 7.Sensitive Data Discovery > SP_SensitiveData > ALL REPORTS +- SQL > 7.Sensitive Data > SQL_SensitiveData > ALL REPORTS + +### Stale Data + +The Stale Data tag is included in the following reports: + +- Dropbox > 4.Content >Dropbox_Content > Stale Data +- Exchange > 4. Mailboxes > Sizing >EX_StaleMailboxes > Stale Users +- FileSystem > 4.Content > Stale > FS_StaleContent > Shares with Stale Content +- SharePoint > 4.Content > SP_StaleFiles > Stale Files +- Box > 2.Content > Box_FileMetrics > Files by User +- Box > 2.Content > Box_FileMetrics > Files by Extension + +### Stale Principals + +The Stale Principals tag is included in the following reports: + +- Active Directory > 2.Users > AD_StaleUsers > Stale Users +- Active Directory > 1.Groups > AD_StaleGroups > Stale Effective Membership +- Entra ID > 1.Groups > AAD_StaleGroups +- Entra ID > 2.Users > AAD_StaleUsers +- Oracle > 3.Users and Roles >Oracle_Users +- SQL > 3.Users and Roles > SQL_DatabasePrincipals + +### Security Assessment + +The Security Assessment tag is included in the following reports: + +- Active Directory > AD_SecurityAssessment > AD Security Assessment +- FileSystem > FS_SecurityAssessment > Security Assessment +- Windows > SG_SecurityAssessment > Systems Security Assessment +- SQL > SQL_SecurityAssessment > SQL Security Assessment +- Oracle > Oracle_SecurityAssessment > Oracle Security Assessment + +### Privileged Access + +The Privileged Access tag is included in the following reports: + +- Active Directory > 2.Users > AD_ServiceAccounts > Service Accounts +- Windows > Privileged Accounts > Local Administrators > SG_LocalAdmins > Local Administrators +- Unix > 2.Privileged Access > Sudoers > UX_Sudoers > Sudo Rights by Host +- Active Directory > 1.Groups > AD_SensitiveSecurityGroups > Sensitive Security Group Membership +- Shadow Access (when added) diff --git a/docs/accessanalyzer/12.0/admin/report/view.md b/docs/accessanalyzer/12.0/admin/report/view.md new file mode 100644 index 0000000000..5eb05d9c79 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/view.md @@ -0,0 +1,52 @@ +# Viewing Generated Reports + +Reports can be viewed either in the Access Analyzer Console in the Results Node of the related job, +or published reports can be viewed in the Web Console. + +- [Results Node](#results-node) – All reports generated by a job are always accessible under the + job’s Results node +- [Web Console](#web-console) – All published reports generated by all jobs appear in the Published + Reports Web Console + +## Results Node + +Each job contains a results node where reports generated by that job can be viewed. Even if the +report is unpublished, the report is still displayed here. + +![Report in the Results node](/img/product_docs/accessanalyzer/12.0/admin/report/viewresultsnode.webp) + +Select the desired report to be viewed. The report displays in the Results pane of the console. + +![Access report from configure page](/img/product_docs/accessanalyzer/12.0/admin/report/viewconfigure.webp) + +You can also access the report from the **Configure** > **Reports** page for the job. Click the +report title to view the report. + +## Web Console + +The most common place to view reports is the Web Console. For information on how to access the Web +Console, see the +[Log into the Web Console](/docs/accessanalyzer/12.0/install/application/reports/overview.md#log-into-the-web-console) +topic. + +![Web Console Home page](/img/product_docs/accessanalyzer/12.0/admin/report/webconsolehome.webp) + +On the home page of the Web Console, select a solution to view a list of all published reports for +that solution’s job group. This list includes reports with changed Publish Path locations. + +![Web Console .Active Directory Inventory](/img/product_docs/accessanalyzer/12.0/admin/report/webconsolesolutioninventory.webp) + +Clicking a report name link opens the selected report, or navigate through the folders to select a +report. + +From within the Web Console, reports cannot be edited or deleted. However, the interactive grid +functions are enabled. See the [Interactive Grids](/docs/accessanalyzer/12.0/admin/report/interactivegrids/overview.md) topic for +additional information. An additional feature available within the Web Console is the option to +download data as a CSV file, which can be enabled for grid elements. This exports the data within +tables, both interactive grid and plain HTML tables. See the [Grid](wizard/widgets.md#grid) topic +for additional information. + +**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See +the +[Configure JavaScript Settings for the Web Console](/docs/accessanalyzer/12.0/admin/settings/reporting.md#configure-javascript-settings-for-the-web-console) +topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/report/wizard/authoring.md b/docs/accessanalyzer/12.0/admin/report/wizard/authoring.md new file mode 100644 index 0000000000..162f8dea53 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/wizard/authoring.md @@ -0,0 +1,63 @@ +# Authoring Page + +On the Authoring page of the Report Configuration wizard, you can configure the name, header +information, and publish settings for the report. + +![Report Configuration wizard Authoring page](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/authoring.webp) + +Configure the following settings as required: + +![name](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/name.webp) + +- Name – The name used for the report in the Access Analyzer console and Web Console. + +Header Options + +![header](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/header.webp) + +- Title – The title of the report as displayed at the top of the generated report +- Author – Name of the person or group who created the report. This is displayed at the top of the + generated report. +- Tags – Use the tag editor to add and remove tags, see the + [Add Tags to a Report](#add-tags-to-a-report) topic below for more information. Tags are displayed + in the header of the generated reported. +- Description – A description of the report content. It is displayed beneath the report Title in the + generated report. + +Publish Options + +- Publish Report – Select an option to configure if the report should be published to the Web + Console when it is generated. + - Use default setting – Applies the Global report settings, or the settings configured at the + job group or job levels if inheritance has been broken. (See the + [Publish Option](/docs/accessanalyzer/12.0/admin/settings/reporting.md#publish-option), + [Reporting Node](/docs/accessanalyzer/12.0/admin/jobs/group/reporting.md), and + [Report Settings Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportsettings.md) topics for additional + information.) + - Publish report – Select this option to publish the report + - Do not publish report – Select this option to not publish the report +- Publish State – Shows the current publish state of the report. If the report is already published, + you can click the link to open the report in the Web Console. + +## Add Tags to a Report + +You can add tags to reports to describe the content and use cases of the report (see the +[Tags](/docs/accessanalyzer/12.0/admin/report/tags.md) topic for additional information). The Tag Editor allows you to select the tags +for a report, including creating new ones to select. + +Follow the steps to select tags using the Tag Editor. + +**Step 1 –** On the Authoring page of the Report Configuration wizard, click the **Edit** button +located next to the Tags text box. + +![Tag Editor](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/tageditor.webp) + +**Step 2 –** In the Tag editor, select the checkbox next to the tags that should be applied to the +report. + +- In addition to selecting existing tags, you can also add new tags to be selected. To create a tag, + enter the desired tag name in the text box and click **Add**. + +**Step 3 –** Click **OK**. + +The selected tags are now shown in the Tags field as a comma separated list. diff --git a/docs/accessanalyzer/12.0/admin/report/wizard/email.md b/docs/accessanalyzer/12.0/admin/report/wizard/email.md new file mode 100644 index 0000000000..3ccfff40fd --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/wizard/email.md @@ -0,0 +1,53 @@ +# E-mail Page + +The E-mail page of the Report Configuration wizard gives you the option to break inheritance and +select report specific settings for emailing the report. + +![Report Configuration wizard E-mail page](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/email.webp) + +The default setting for new and included reports is **Use default setting**, which keeps the +inheritance from the global, job group, or job settings (see the +[Email Report Options](/docs/accessanalyzer/12.0/admin/settings/reporting.md#email-report-options), +[Reporting Node](/docs/accessanalyzer/12.0/admin/jobs/group/reporting.md), and +[Report Settings Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportsettings.md) topics for additional +information). If you want to keep the default, then you can skip this page of the wizard by clicking +**Next**. + +**NOTE:** In order for reports to be emailed, the SMTP server information must be configured in the +**Settings** > **Notification** node. See the [Notification](/docs/accessanalyzer/12.0/admin/settings/notification.md) topic +for additional information. + +To configure the setting for the report, use the Settings drop-down menu to select one of the +following options: + +- Use default setting – The default option. Applies the Global notification settings, or whatever + settings have been configured at the job group or job levels if inheritance has been broken. If + **Email this report** is enabled by default, then using this option sends the report to the + recipients configured at the parent level where the inheritance begins. +- Email this report – Select this option if you want to email the report and the inherited setting + is **Do not email this report**, or if you want to configure specific email settings for the + report. If it is selected, you must then configure the additional fields below. +- Do not email this report – Select this option to not email the report + +![Settings configured to email the report](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/emailconfigured.webp) + +If the **Email this report** setting is selected, then the following fields are enabled for you to +configure: + +- Format – Select the format of the report to be contained in the email. + - Web Link – Sends an email notice that the report has been published and provides the recipient + with a link to it in the Web console + - Embedded HTML – Sends the report embedded inside the email using HTML format + - Data Tables as CSV (No Charts) – Attaches the complete data set (as configured within the + report, without row limit) to an email as a CSV file, excluding any charts + - PDF – Attaches the report to an email as a PDF file +- Subject – The subject line of the e-mail. By default it is + `Netwrix Access Analyzer (formerly Enterprise Auditor) Report: [ReportName]`, with the + `[ReportName]`variable being automatically populated. +- Send-To / Send-Cc / Send-Bcc – Enter the email addresses of the required recipients for the email + notification. Use a semicolon (;) to separate multiple recipients. +- Do not e-mail this report if blank – Select this checkbox to not email the report if all elements + of it are blank when it is generated + - A blank report can occur if there is an error in data collection or if the report is + configured for data which might not always be present (for example, new computer objects + created since last scan) diff --git a/docs/accessanalyzer/12.0/admin/report/wizard/layout.md b/docs/accessanalyzer/12.0/admin/report/wizard/layout.md new file mode 100644 index 0000000000..7d0363beca --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/wizard/layout.md @@ -0,0 +1,30 @@ +# Layout Page + +The Layout page allows you to configure the layout of the report's content. + +![layout](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/layout.webp) + +Follow the steps to select the layout: + +**Step 1 –** Click the **Select the number of rows** drop-down menu and select an option from: 1 +row, 2 rows, or 3 rows. + +**Step 2 –** Click on the layout tile you want for the report. + +The layout for the report has been selected. Each box on the selected tile corresponds to a separate +widget that you next need to configure on the [Widgets Page](/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md) page of the Report +Configuration wizard. + +## Element Downgrade Editor + +If you are editing an existing report and you select a layout that has fewer elements than the +number of already configured widgets, then the Element Downgrade Editor automatically displays. + +![Element Downgrade Editor](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/elementdowngradeeditor.webp) + +The maximum number of elements allowed by the correctly selected layout is specified at the top of +the editor. Select the checkboxes next to the title of all the configured widgets you want to keep +up to this limit, then click **OK**. Any widgets not selected will be removed from the report. + +**NOTE:** You can click **Cancel** to return to the layout page to select a different layout with +more elements. diff --git a/docs/accessanalyzer/12.0/admin/report/wizard/overview.md b/docs/accessanalyzer/12.0/admin/report/wizard/overview.md new file mode 100644 index 0000000000..6646e65802 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/wizard/overview.md @@ -0,0 +1,36 @@ +# Report Configuration Wizard + +You can use the Report Configuration Wizard to configure reports. The wizard can be launched for an +existing report or when creating a new report. See the [Creating a Report](/docs/accessanalyzer/12.0/admin/report/create.md) and +[Editing Existing Reports](/docs/accessanalyzer/12.0/admin/report/edit.md) topics for additional information. + +Follow the steps to configure a report using the wizard. + +**NOTE:** Skip any sections or pages that do not require changes to the existing configuration. + +**Step 1 –** Create a new report or open the Report Configuration wizard for an existing report. + +**Step 2 –** Configure the settings on the [Authoring Page](/docs/accessanalyzer/12.0/admin/report/wizard/authoring.md) page. These include Name, +Header information, and publish settings. Click **Next**. + +**Step 3 –** On the [E-mail Page](/docs/accessanalyzer/12.0/admin/report/wizard/email.md) page, use the inherited settings or configure report +specific settings. Click **Next**. + +**Step 4 –** The [Publish Security Page](/docs/accessanalyzer/12.0/admin/report/wizard/publishsecurity.md) page is only enabled if role-based +access is configured for the Access Analyzer console. On this page you can view and configure +accounts with permissions to view the report. If you are not using role-based access, you can skip +this page. Click **Next**. + +**Step 5 –** On the [Layout Page](/docs/accessanalyzer/12.0/admin/report/wizard/layout.md) page, select the number of rows using the dropdown +menu. Then select the desired pre-defined layout from the options displayed. Click **Next**. + +**Step 6 –** On the [Widgets Page](/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md) page, configure widgets for each element of the +layout. + +**Step 7 –** Click **Finish** to save your changes. + +- If you do not want to save your changes or have not made any changes, click **Cancel** on any page + to exit the wizard without saving your changes. + +Your configuration has been saved. For information on how to view your report, see the +[Viewing Generated Reports](/docs/accessanalyzer/12.0/admin/report/view.md) topic. diff --git a/docs/accessanalyzer/12.0/admin/report/wizard/publishsecurity.md b/docs/accessanalyzer/12.0/admin/report/wizard/publishsecurity.md new file mode 100644 index 0000000000..59399b59a4 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/wizard/publishsecurity.md @@ -0,0 +1,34 @@ +# Publish Security Page + +The Publish Security page of the Report Configuration wizard contains the account names of users +with inherited permissions to view the generated report. + +**NOTE:** This page is only enabled if Role Based Access is configured for the Access Analyzer +Console. See the [Role Based Access](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md) topic for +additional information. + +![Publish Security page](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/publishsecurity.webp) + +Roles assigned at the global level are inherited down to the report configuration. Additional report +viewer privileges can also be added at the job group or job levels. + +De-select the Include Report Reviewers from this object's parent checkbox to remove all inherited +accounts with the Report Viewer role. + +You can add additional users, groups, and service accounts with the Report Viewer role at the Report +level. This gives them the permission to view the specific report in the Web Console. Follow the +steps to add an account. + +**Step 1 –** Click **Add**. + +![Select User, Service Account, or Group window](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/addreportviewer.webp) + +**Step 2 –** On the Select User, Service Account or Group window, select the desired account and +then click **OK**. + +![Report Viewer user added in wizard](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/reportviewer.webp) + +The selected account is added to the list with a Role of Report Viewer. + +**NOTE:** The permission for accounts that are not Inherited can also be removed using the wizard. +To remove an account, select it and then click **Remove**. diff --git a/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md b/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md new file mode 100644 index 0000000000..4651b4eca9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/report/wizard/widgets.md @@ -0,0 +1,217 @@ +# Widgets Page + +The Widgets page of the Report Configuration wizard allows you to configure the tables, charts, and +text that form the report. + +![Widgets page](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgets.webp) + +At the top of the page the selected layout is described. The table contains the available element +locations where widgets need to be configured. + +![Configure widgets](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetsconfigure.webp) + +To add a new widget to an empty element, click **Configure** and select the desired widget type from +the drop-down menu. The following widgets are available: + +- [Grid](#grid) +- [Chart](#chart) +- [Text](#text) + +The editor or wizard for the selected widget opens. See the relevant section below for information +about configuring it. + +![Table with configured widgets](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetsconfigured.webp) + +For configured widgets the table shows the title, type, and data source. You can perform the +following actions by selecting a row and clicking the relevant button: + +- Configure – Opens the editor for the configured widget +- Clear – Deletes the configured widget from the selected element +- Up / Down – Moves the widget up or down to the next element of the selected layout. If another + widget is already configured in the element you are moving it to, the two widgets exchange places. + +## Grid + +The Grid widget type allows you to configure a table to be displayed on generated reports. + +![Grid configuration window](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgrid.webp) + +### Options + +The Options section allows you to configure the title and data source for the Grid element. + +![Options section](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgridoptions.webp) + +The section contains the following options: + +- Element Title – Enter a title for the element in the text box. This will be displayed in the + element's header on the generated report. + +DataSource Options + +In order to generate results, a location must first be selected as the source of the data. + +- Table – Use the drop-down to select the required data source. The drop-down contains the list of + jobs within Access Analyzer that have been executed. +- Current job only – Select this checkbox to only display data from the current job. This option is + selected by default. +- Include all SA nodes data – Select this checkbox to display data from all Access Analyzer data + tables +- Show Historical Data – If there is historical data, selecting this option displays all + collections. It is keyed off of the Job Runtime column. +- Limit maximum number of displayed rows to [number] – Limits the number of rows of data displayed + to less than or equal to the number chosen. By default it is set to **1000**. + + **NOTE:** Limits that are larger than the default may slow down the run time. + +Export CSV Options + +You can configure the table to allow the data to be exported as a CSV file. + +- Export table data as CSV – Select this option to enable a report’s table section to be exportable + as a CSV file from the generated report + - When it is configured, you can click the **All Data** button on the table section of the + report to save the report as a CSV file. See the + [Interactive Grids](/docs/accessanalyzer/12.0/admin/report/interactivegrids/overview.md) topic for more information. +- Rows – Limits the amount of rows exported to the CSV file. The default is **Visible**. + - Visible – Only includes the amount of rows set by the **Limit Maximum number of displayed rows + to** option in the DataSource Options section + - All – Includes all rows of the data set +- Columns – Limits the amount of columns exported to the CSV file. The default is **Visible**. + - Visible – Only exports the visible columns (excludes any columns removed using the Column + Chooser) + - All – Includes all columns, including those in the Column Chooser + +### Table Properties + +The Table Properties section allows you to configure the display features of the grid. + +![Table Properties section](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgridtableproperties.webp) + +There are two types of grid displays: + +- Interactive grid – Allows the viewer to interact with the table in the generated report. See the + [Interactive Grids](/docs/accessanalyzer/12.0/admin/report/interactivegrids/overview.md) topic for additional information. +- Non Interactive grid – Creates a report with fixed settings and stationary elements. This option + disables all the fields within the Table Properties section. + + **NOTE:** In order to view user configured Grouping in emailed reports, the report must be + emailed as a **Non Interactive Grid**. + +The following settings are available when Interactive grid is selected: + +Grid Properties + +- Treat interactive grid contents as plain text (not HTML) – Enables interactive grid functionality. + This option is selected by default. +- Enable Paging – Enables Paging in reports. Paging allows users to interact with large sets of data + more efficiently when viewing, filtering, and sorting generated report tables by limiting the + amount of data being displayed at a given time. Paging is enabled by default. See the + [Paging](/docs/accessanalyzer/12.0/admin/report/interactivegrids/paging.md) topic for additional information. + +Column Properties + +- Group Column – Arranges the table to be grouped by the attributes of the selected column + + **NOTE:** Paging and grouping are not compatible. When Paging is enabled, the Grouping options + are disabled in the Table Properties section and in the generated report. + +- Enum Column – Groups the data in tables based on the selected column +- Color Column – Colors a column data displayed on the report’s table section +- Icon Column – Creates an icon that appears next to column name on the report’s table section +- Path Column – Creates a column that displays the attack path within the report + +### Data + +The selected data for the table is shown in the section at the bottom of the window. This section +allows you to configure the data to be displayed in the table. + +![Data display](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgriddata.webp) + +The buttons above the column names provide you options for configuring the table arrangement. + +- Clear Sorting – Restores columns to the default placement +- Column Chooser – Opens a pane where you can remove unwanted columns or add hidden columns +- Filter Editor – Opens the Filter Editor which allows you to add custom filters with conditional + statements and logical connectives +- Best Fit (all columns) –  Adjusts the width of the columns to display all the data within the + cells + +## Chart + +Chart widgets allow you to create various chart types to represent data. A Chart Section can only +display one chart type at a time. Charts are configured using the Chart Configuration wizard. See +the [Chart Configuration Wizard](/docs/accessanalyzer/12.0/admin/report/chartwizard/overview.md) topic for additional information. + +## Text + +There are two types of text editor that allow you to configure a text element on a report. + +- Basic Text Editor – Provides basic functionality like font size and style. Works with HTML script. +- Advanced Text Editor – Provides advanced functionality like document formatting, inserting tables, + and adding hyperlinks + +![Text Editor selection window](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/texteditorselection.webp) + +When you first configure a new text element, a dialog displays allowing you to select the type of +Text Editor. On this dialog, select either the Basic or Advanced Text Editor and click **Open +Editor**. The selected editor then opens. + +**NOTE:** Once a Text Editor is selected for a Text element, it cannot be changed. + +### Basic Text Editor + +![Basic Text Editor](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/basictexteditor.webp) + +The Basic Text Editor has the following options: + +- Element Title – Enter a title for the element in the text box. This will be displayed in the + element's header on the generated report. +- Editor / Preview tabs – You can switch between the Editor and Preview tabs. The Editor tab allows + you to edit the text and apply formatting. The Preview tab shows you how the formatted text will + look in the generated report.. +- Convert Carriage Returns to HTML – This checkbox is selected by default. When selected, text + displays on a new line in the generated output where a carriage return has been used. If it is not + selected, the text continues on the same line. + +The icons listed in the table below are available in the Basic Editor (and Advanced Editor) to +provide basic editing options for text entries. + +| Icon | Description | +| ---------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | +| ![Undo](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/undo.webp) | Undo a change to the text | +| ![Redo](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/redo.webp) | Redo a change to the text | +| ![Paste](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/paste.webp) | Paste the contents of the clipboard | +| ![Paste Special](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/pastespecial.webp) | Paste as either formatted text, unformatted text, or metafile | +| ![Cut](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/cut.webp) | Cut the selected text and put it on the clipboard | +| ![Find](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/find.webp) | Find and replace specified text | +| ![Font](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/font.webp) | Change the font face | +| ![Font Size](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/fontsize.webp) | Change the font size | + +### Advanced Text Editor + +![Advanced Text Editor](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/advancedtexteditor.webp) + +The Advanced Text Editor has the following options: + +- Element Title – Enter a title for the element in the text box. This will be displayed in the + element's header on the generated report. +- Editor / Preview tabs – You can switch between the Editor and Preview tabs. The Editor tab allows + you to edit the text and apply formatting. The Preview tab shows you how the formatted text will + look in the generated report.. + +The Advanced Editor contains all the icons from the Basic Editor, see above. In addition to these, +it has the icons with higher level editing options for text entries that are listed in the table +below. + +| Icon | Description | +| -------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------- | +| ![Bold](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/bold.webp) | Makes the selected text bold | +| ![Italic](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/italic.webp) | Italicize the selected text | +| ![Decrease Indent](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/decreaseindent.webp) | Decrease the indent level of the paragraph | +| ![Increase Indent](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/increaseindent.webp) | Increase the indent level of the paragraph | +| ![Hyperlink](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/hyperlink.webp) | Create a link to a Web page, picture, email address, or program | +| ![Multilevel List](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/multilevel.webp) | Start a multilevel list | +| ![Numbering](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/numbering.webp) | Start a numbered list | +| ![Bullets](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/bullets.webp) | Start a bulleted list | +| ![Table](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/table.webp) | Insert a table | diff --git a/docs/accessanalyzer/12.0/admin/runninginstances/jobdetails.md b/docs/accessanalyzer/12.0/admin/runninginstances/jobdetails.md new file mode 100644 index 0000000000..7e7e3364ba --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/runninginstances/jobdetails.md @@ -0,0 +1,84 @@ +# Running Job Details + +Both the Process ID and the View Details links open the running job's Details page. The path of the +job and the component are displayed at the top. + +- Path – Folder path in the Jobs directory. For example, + `Jobs\GROUP_.Active Directory Inventory\JOB_3-AD_Exceptions`. + + - The link opens the job’s directory in a Windows Explorer window + +- Status – While the job is running, this field displays the component that is running. When the job + has completed execution, it displays a completed status and lists the completion time. + + - Job configuration components include Query, Data Analysis, Action, and Report + +There are three tabs: Current, History, and Queued Jobs. + +## Current Tab + +The **Current** tab displays information on the job actively being executed. + +![Current tab](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailscurrent.webp) + +The tab includes: + +- Order – Order in which the tasks in the job are being run +- Host Name – Name of the targeted host, only visible when a query is executing +- Query – Name of the running query task, only visible when a query is executing +- Task Name – Name of the running task, when applicable to Data Analysis, Actions, or Reports. This + information is only visible when an analysis task or an action task are executing, or a report is + being generated. +- Status – Execution status, for example **Queued**, **Running**, **Success**, or **Warning**. +- Message – Access Analyzer message regarding runtime activity +- Runtime – Duration of task execution +- Stop – Aborts all currently running instances + +## History Tab + +The History tab only displays information for the last job that completed. + +![History tab](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailshistory.webp) + +The tab includes: + +- Order – Order in which the tasks within the job ran +- Task Type – Name of the component associated to the task +- Task Name – Name of the task +- Host Name – Name of the targeted host associated with the running job, if any +- Status – Status of the completed task +- Message – Access Analyzer message associated to the **Status** +- Runtime – Duration of task execution + +### Messages + +In the bottom pane, the History tab includes a section to display any messages for individual job +components returned from a job execution. Clicking a Task Name displays the messages for that +component. + +You can filter what messages display by using the three filters in the message pane. By clicking on +a filter arrow in the column header and selecting an available option, you can filter by Time, Type, +or Message. + +![Custom Filter window](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailshistorycustomfilter.webp) + +If you select Custom, you can create a complex filter. See the +[Custom Filter](/docs/accessanalyzer/12.0/admin/navigate/datagrid.md#custom-filter) topic for additional information. + +## Queued Jobs Tab + +The Queued Jobs tab displays a list of jobs in queue and the order in which they are executed. + +![Queued Jobs tab](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailsqueuedjobs.webp) + +The tab includes: + +- Order – Order in which the queued jobs are executed. This order can be changed on the Queued Jobs + tab by using the buttons at the bottom. +- Job Path – Folder path in Jobs directory +- State – Queue status, for example **Running** or  **Waiting** +- Connection Profile – The Connection Profile assigned to the job, if applicable +- Host Lists – The host list assigned to the job, if applicable + +The **Move Up**, **Move Down**, and **Remove** buttons are for changing the order or removing a job +from the queue. diff --git a/docs/accessanalyzer/12.0/admin/runninginstances/overview.md b/docs/accessanalyzer/12.0/admin/runninginstances/overview.md new file mode 100644 index 0000000000..9ca6be5f67 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/runninginstances/overview.md @@ -0,0 +1,127 @@ +# Running Instances Node + +The Running Instances node displays progress for all running jobs. This includes jobs that are run +by a scheduled task, interactively within the open Access Analyzer instance, or interactively in any +other running instance of Access Analyzer. The Running Instances node displays the instance name, +its status and position in the queue, run times for all instances, and detailed views of each +instance. + +![Running Instances node Overview page](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/overviewpage.webp) + +This is the primary view of the Running Instances node that displays the progress of all jobs +running. + +## Overview + +The Overview page displays information about all running jobs on the current server. + +![Overview page](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/overview.webp) + +For each instance this screen provides : + +- Job path +- Credential used +- Running time of the job +- Status of the running job +- Number of jobs scheduled in queue + +It also has hyperlinks for: + +- Process ID +- Host Name +- Connection Profile +- View Details +- View Log +- Stop +- View Schedule + +Clicking on any of the hyperlinks displays more information about the running job. The +**ProcessID**, **View Details, View Log**, and **Stop** links only work while the job is running. +Once the job is complete, these links are disabled. The host and Connection Profile links continue +to work. The **View Schedule** link only displays and is valid for jobs that are running via a +scheduled task and is not enabled for interactive job executions. + +![Number of jobs running on bottom bar](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/overviewbottombar.webp) + +The number of jobs currently being run can be found in the lower-left-hand corner of the Access +Analyzer Console. + +## View Host + +This view identifies the host list associated with the running job. + +![Host list link](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewhost.webp) + +Click the host list link to display the hosts assigned to the running job. + +![Host list in Host Management node](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewhostlist.webp) + +This view displays the host list table with host inventory data. + +## Process ID + +The Process ID correlates to the Process ID of the running instance of Access Analyzer in Task +Manager. In addition, the Process ID comes coupled with the file path of associated scheduled tasks, +an identifier for the account running the current instance of Access Analyzer, and a timestamp for +the length of the instance. + +![Process ID link](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/processid.webp) + +Click the Process ID link for additional details of the job status and queue. + +![Job details page](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetails.webp) + +The Process ID link displays a page with three tabs of information with details about the running +job. See the [Running Job Details](/docs/accessanalyzer/12.0/admin/runninginstances/jobdetails.md) topic for additional information. + +## View Details + +Additional details on the status of the tasks the job is running are available. + +![View Details link](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewdetails.webp) + +Click the **View Details** link to display additional details of the job status and queue. + +![Job details page](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetails.webp) + +The View Details link opens the running job's details with three tabs of information. See the +[Running Job Details](/docs/accessanalyzer/12.0/admin/runninginstances/jobdetails.md) topic for additional information. + +## View Log + +The log for this running job can be opened in a text editor, such as Notepad. + +![View Log link](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewlog.webp) + +Click **View Log** to display the current job log. The View Log link is only enabled while a job is +running. + +![Log file in Notepad](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/logfile.webp) + +The Log displays such details as errors, aborts, and terminations. + +## View Schedule + +The Access Analyzer Console can only run one job at a time. However, with the Schedule Service +Account, the StealthAUDIT application can run multiple jobs simultaneously via Windows Task +Scheduler. + +![View Schedule link](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewschedule.webp) + +Click the **View Schedule** link to display the corresponding Scheduled Task for the running job or +job group. This link is only enabled for jobs that are running via scheduled task and will not be +enabled for interactive job executions. + +![Schedule wizard](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/schedulewizard.webp) + +The Schedule wizard for the running task opens. See the +[Schedule Wizard](/docs/accessanalyzer/12.0/admin/schedule/wizard.md) topic for additional information. + +## Stop + +The job execution can be stopped if needed. + +![Stop button](/img/product_docs/accessanalyzer/12.0/admin/runninginstances/stop.webp) + +Click **Stop** to abort all instances in the job queue. This link is only enabled while a job is +running. diff --git a/docs/accessanalyzer/12.0/admin/schedule/overview.md b/docs/accessanalyzer/12.0/admin/schedule/overview.md new file mode 100644 index 0000000000..96d5b588ce --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/schedule/overview.md @@ -0,0 +1,42 @@ +# Schedules + +The Access Analyzer Console can only run one task at a time. However, with the Schedule Service +Account, the Access Analyzer application can run multiple tasks simultaneously. See the +[Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) topic for information on configuring the Schedule Service +Account. + +The following tasks can be scheduled: + +- Job or Job Group – Schedule jobs to run at the job or job group level. See the + [Schedule Jobs](#schedule-jobs) topic for additional information. +- Host Discovery Query – Schedule Host Discovery queries from the Host Discovery node. See the + [Host Discovery Queries Activities Pane](/docs/accessanalyzer/12.0/admin/hostdiscovery/activities.md) topic for additional + information. +- Host Inventory Query – Schedule Host Inventory queries from within the Host Management node. See + the [Schedule (Activities Pane Option)](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedule.md) topic for + additional information. + +**NOTE:** If you attempt to rename a task after a scheduled task using custom credentials has been +created, then the Rename Scheduled Task wizard displays to update the credentials. See the +[Rename Scheduled Task Wizard](/docs/accessanalyzer/12.0/admin/schedule/renamewizard.md) topic for additional information. + +## Schedule Jobs + +Jobs can be scheduled at the job group or job level. + +![Schedule option from Job Tree](/img/product_docs/accessanalyzer/12.0/admin/schedule/jobtree.webp) + +Select the desired job group or job. Right-click on the node and select **Schedule** to open the +Schedule wizard. + +![Schedule Job wizard](/img/product_docs/accessanalyzer/12.0/admin/schedule/schedule.webp) + +The Schedule wizard has five pages with options for setting up the schedule task: + +- Schedule +- Host List +- Connection +- Run as +- Options + +See the [Schedule Wizard](/docs/accessanalyzer/12.0/admin/schedule/wizard.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/schedule/renamewizard.md b/docs/accessanalyzer/12.0/admin/schedule/renamewizard.md new file mode 100644 index 0000000000..4d12ce2e43 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/schedule/renamewizard.md @@ -0,0 +1,58 @@ +# Rename Scheduled Task Wizard + +If a scheduled task has custom credentials set, then the Rename Scheduled Task wizard displays when +renaming the associated job, job group, inventory query, or discovery query. The wizard forces you +to provide the credentials needed for the scheduled task, so that the task is still able to run +after it has been renamed. Custom credentials are configured on the Run as page of the Schedule +wizard. See the [Run As](wizard.md#run-as) topic for additional information. + +If a scheduled task does not contain custom credentials, then the job, job group, inventory query, +or discovery query can be renamed and the scheduled task is automatically renamed without requiring +the wizard. + +Follow the steps to update the credential for a scheduled task. + +![Rename Scheduled Task wizard Tasks page](/img/product_docs/accessanalyzer/12.0/admin/schedule/tasks.webp) + +**Step 1 –** The Rename Scheduled Task wizard opens on the Tasks page , which displays the task that +is to be renamed and a table containing the credentials that need updating. The table shows you the +account the task is set to run as, the status as a blue clock icon to indicate it is waiting for +credential, and the host list set in the scheduled task. Select the account to provide credentials +for and click **Update**. + +![Group with multiple sub-group credentials to be updated](/img/product_docs/accessanalyzer/12.0/admin/schedule/taskssubgroups.webp) + +- If you are renaming a group that has sub-groups that use custom credentials, then the wizard + displays these accounts even if the parent group does not use custom credentials. For sub-groups, + the table additionally shows the path to the sub-group, and only the sub-groups that have custom + credentials set are displayed in the wizard. If there are multiple groups requiring credentials, + then all of them must be updated. +- For discovery queries that also have an Inventory query scheduled task created through the Host + Management node, the wizard displays if either of the two scheduled tasks uses custom credentials + +![Set Account window](/img/product_docs/accessanalyzer/12.0/admin/schedule/setaccount.webp) + +**Step 2 –** On the Set Account window, click **Change User**. + +![Schedule Custom Credentials window](/img/product_docs/accessanalyzer/12.0/admin/schedule/schedulecustomcredentials.webp) + +**Step 3 –** On the Schedule Custom Credentials window, reenter the Password for the selected user, +and Click **OK**. Then, click **OK** again on the Set Account window. The Status icon updates to a +green checkmark to indicate the credential has been provided. + +![Tasks page after credentials updated](/img/product_docs/accessanalyzer/12.0/admin/schedule/tasksupdated.webp) + +**Step 4 –** Repeat Steps 1 to 3 for each credential that needs updating. Once all the credentials +show a green checkmark, click **Next**. + +**NOTE:** At this stage you can click **Cancel** to close the wizard and the task will not be +renamed. + +![Rename Scheduled Task wizard Progress page](/img/product_docs/accessanalyzer/12.0/admin/schedule/progress.webp) + +**Step 5 –** The Progress page shows a progress bar and message. Once the scheduled tasks have been +renamed successfully, click **Finish** to close the wizard. + +The scheduled tasks have now been renamed and will run as before . The modified task name shows in +the Jobs tree, Host Management, or Host Discovery node, the Scheduled Actions grid, and in the +corresponding task's argument in the Windows Task Scheduler. diff --git a/docs/accessanalyzer/12.0/admin/schedule/wizard.md b/docs/accessanalyzer/12.0/admin/schedule/wizard.md new file mode 100644 index 0000000000..82c99a1e01 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/schedule/wizard.md @@ -0,0 +1,142 @@ +# Schedule Wizard + +The schedule wizard allows you to configure scheduled tasks for jobs, job groups, Host Discovery +queries, and Host Inventory queries. The wizard has five wizard pages with options for setting up +the schedule task: + +- [Schedule](#schedule) +- [Host List](#host-list) +- [Connection](#connection) +- [Run As](#run-as) +- [Options](#options) + +On the Schedule page, click **New** to schedule when the task will run. The Host List and Connection +pages are optional customizations. See the relevant section below for more information on the +settings on each wizard page. + +When the settings on the wizard pages are configured as desired, click **OK** to save the changes +and close the window. The task is visible in the Schedule Actions view, at the Schedules node. + +## Schedule + +The Schedule page is for setting the schedule of when and how often the task will run. This tab +needs to be properly configured for every scheduled task. + +![Schedule wizard page](/img/product_docs/accessanalyzer/12.0/admin/schedule/schedule.webp) + +The options on the Schedule page are: + +- New – Opens the Trigger window to create a trigger for when the selected task will run +- Edit – Edits the selected Trigger in the Schedule view +- Delete – Deletes the selected trigger + +![Trigger window](/img/product_docs/accessanalyzer/12.0/admin/schedule/triggerwindow.webp) + +The options in the Trigger window are: + +- Begin the task – Select when the scheduled task will execute from a list of options +- Settings Section – Select the time interval that the scheduled task will execute. Access Analyzer + pulls schedule frequency options from Windows Task Scheduler. The following options are applicable + for scheduling Access Analyzer tasks on the Schedule page: + + - For **One time** recurrence, set the Start time and date of the single execution + - For **Daily** recurrence, set the Start time and the daily interval of Recur every [value] + days + - For **Weekly** recurrence, set the Start time and the weekly interval of Recur every [value] + weeks on. Then select the days of the week for the execution. + - For **Monthly** recurrence, set the Start time. Then select either the monthly interval of + Days [value] of the month or the [value] [Day of the Week] of the month. By default, this is + set to recur every month. To select only specific months, use Months dropdown menu and + deselect the undesired months. + - The drop-down menu next to **Start** opens a calendar view for selecting the date + - Selecting the **Synchronize across time zones** checkbox will synchronize the scheduled task + to run without respect to the time zone + +The remaining schedule frequencies are supplied by Windows Task Scheduler and not applicable to +Access Analyzer task scheduling. See the Microsoft +[Task Scheduler Overview](https://technet.microsoft.com/en-us/library/cc721871.aspx) article for +additional information. + +![Trigger window Advanced settings](/img/product_docs/accessanalyzer/12.0/admin/schedule/triggerwindowadvancedsettings.webp) + +The options in the Advanced settings section are: + +- Stop task if it runs longer than – Create a threshold for when the task will stop if it runs + beyond a certain duration +- Enabled – If checked, the configurations made in the Trigger window will be enabled + +## Host List + +The Host List page identifies the host list the task being scheduled queries. Customizations to the +configuration of this tab is optional. + +![Host List wizard page](/img/product_docs/accessanalyzer/12.0/admin/schedule/hostlist.webp) + +Choose the desired setting from the following options: + +- Use Host list from Job – A default setting and applies the host list designated at the job or job + group level. This is also the recommended setting. +- Use Alternate Host List – Allows a host list to be selected from the list of Hosts Lists provided. + The list is from the Host Management host lists. + +Under the selection window, the number of selected hosts are identified. In addition, the **Select +All** and **Clear All** links provide for quick selection and deselection. + +## Connection + +The Connection page identifies the Connection Profile that is applied to the targeted hosts being +queried by the task being scheduled. Customizations to the configuration of this tab is optional. + +![Connection wizard page](/img/product_docs/accessanalyzer/12.0/admin/schedule/connection.webp) + +Choose the desired setting from the following options: + +- Use Profile from Job – A default setting and applies the Connection Profile designated at the job + or job group level + + **_RECOMMENDED:_** In most cases, this is the recommended setting + +- Use the Windows account that the application is run with (System default) – Applies the account + used to open the Access Analyzer Console +- Use Alternate Profile – Allows a Connection Profile to be selected form the Profiles list + provided. The list is from the global **Settings** > **Connection** list of Connection Profiles. + +## Run As + +Select the Schedule Service account to run this task with on the Run as wizard page. To create or +edit Schedule Service accounts, go to the **Settings** > **Schedule** node. See the +[Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) topic for additional information. + +![Run as wizard page](/img/product_docs/accessanalyzer/12.0/admin/schedule/runas.webp) + +The options on the Run as wizard page are: + +- Use default Schedule Service Account – Uses the default Schedule Service Account that is set at + the **Settings** > **Schedule** node +- Use selected Schedule Service Account – Select the Schedule Service Account to use for the task + from a list of available accounts in the drop-down menu +- Use Custom Credentials – Use custom credentials not stored in the Access Analyzer Console. Enter + the User Name for the custom credentials. + + - Change User – Click this button to open the Schedule Custom Credentials window and specify a + user name and password + - To update the password for an existing account, click the **Change User** button and enter a + new password + - If you rename a task (job, job group, Host Discovery query, or Host Inventory query) after it + has been scheduled using custom credentials, then the Rename Scheduled Task wizard displays + for you to update these credentials. See the [Rename Scheduled Task Wizard](/docs/accessanalyzer/12.0/admin/schedule/renamewizard.md) + topic for additional information. + +## Options + +Configure additional options for the task on the Options wizard page. + +![Options wizard page](/img/product_docs/accessanalyzer/12.0/admin/schedule/options.webp) + +The configurable options are: + +- Comments – Enter custom comments for the scheduled task +- Stop the task if it runs for – Create the threshold for when the scheduled task will stop if it + exceeds a configured duration +- Scheduled task is enabled – Selecting this checkbox will enable the scheduled task. Deselecting it + will disable the scheduled task. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/overview.md b/docs/accessanalyzer/12.0/admin/settings/access/overview.md new file mode 100644 index 0000000000..f1311a04ca --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/overview.md @@ -0,0 +1,22 @@ +# Access + +Configure what applications, users, and groups have access to Access Analyzer using the Access node + +![Access Window](/img/product_docs/accessanalyzer/12.0/admin/settings/access/access.webp) + +The first type of access that can be granted is Role Based Access for a user or group accessing the +Access Analyzer Console. The second type of access grants access to an application accessing data +remotely through the Web Service using the REST API. See these sections for additional information: + +- [Role Based Access](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md) +- [Web Service REST API for Applications Accessing Data Remotely](/docs/accessanalyzer/12.0/admin/settings/access/restapi/overview.md) + +The Access Analyzer vault provides enhanced security through enhanced encryption to various +credentials stored by the Access Analyzer application. See the +[Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for additional information. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Roles view. These buttons +are enabled when modifications are made to the Roles global setting. + +Whenever changes are made at the global level, click **Save** and then **OK** to confirm the +changes. Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/restapi/assignappaccess.md b/docs/accessanalyzer/12.0/admin/settings/access/restapi/assignappaccess.md new file mode 100644 index 0000000000..cc4d61f631 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/restapi/assignappaccess.md @@ -0,0 +1,58 @@ +# Assign Application Access through the Web Service + +An application can be assigned to access data remotely through the Web Service. Follow the steps to +assign roles in the Console. + +![Add Access option on Access page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/addaccess.webp) + +**Step 1 –** Navigate to **Settings** > **Access** and click **Add Access**. The Access Type wizard +opens. + +![Access Type page of the Access Role wizard](/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/accesstypeapplication.webp) + +**Step 2 –** Select the **An application accessing data remotely through Web Service** option. Click +**Next**. The Application Access window opens. + +![Application Access page of the Access Role Wizard](/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/applicationaccess.webp) + +**Step 3 –** The Application Access window displays a list of objects available in the database that +are available for access. Select the database objects the application will access and click **Add** +to open the Select database objects window. + +![Select database objects window](/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/selectdatabaseobjects.webp) + +**Step 4 –** Select the database objects to access and then click **OK** to return to the +Application Access page. + +- Selecting a parent node in the tree automatically selects all children in addition to the parent +- Selecting a child automatically selects the parent +- Deselecting a child when the parent is selected automatically puts the parent into an + indeterminate state +- Selecting any child puts the parent into an intermediate state + +Click Next to proceed. + +**NOTE:** Only select items that the application needs to access. Type in the **Filter objects by +name** box to filter the list of objects by the characters entered. + +![Application Details page of the Access Role Wizard](/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/applicationdetails.webp) + +**Step 5 –** On the Application Details page, define the name of the application and generate the +app token. + +- Application name – The name of the application accessing that data +- Access Expiration – The expiration for the client secret. Select an option for the desired access + expiration: + + - Access expires within – Select a time frame from the drop-down list. The default is 72 hours. + - Access expires on specified date – Select a date from the drop-down list + +- Generate – Click this button to generate the Client ID and Client secret +- Client ID – Copy the Client ID into the application accessing data remotely through the Web + Service +- Client secret – Copy the Client secret into the application accessing data remotely through the + Web Service + +**Step 6 –** Click **Finish** to confirm the changes. + +The application is added to the table on the Access page. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/rest-api/get-data.md b/docs/accessanalyzer/12.0/admin/settings/access/restapi/getdata.md similarity index 100% rename from docs/accessanalyzer/12.0/administration/settings/access/rest-api/get-data.md rename to docs/accessanalyzer/12.0/admin/settings/access/restapi/getdata.md diff --git a/docs/accessanalyzer/12.0/admin/settings/access/restapi/obtaintoken.md b/docs/accessanalyzer/12.0/admin/settings/access/restapi/obtaintoken.md new file mode 100644 index 0000000000..09695da3e3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/restapi/obtaintoken.md @@ -0,0 +1,60 @@ +# Use the Client Credentials Grant to Obtain an Access Token + +An access token is a credential that can be used by an application to access an API. To obtain an +access token, the application accessing data remotely through the Web Service must connect to the +Access Analyzer token endpoint and use the Client ID and Client Secret to authenticate the access +request. This is done using the Client Credentials grant. The Client Credentials grant is used when +applications request an access token to access their own resources, not on behalf of a user. The +following request parameters should be used: + +- `grant_type` (required) – The `grant_type` parameter must be set to `client_credentials` +- `scope` (optional) – Your service may support different scopes for the client credentials grant + +The client must then be authenticated for the request. Typically, the service will allow either +additional request parameters, `client_ID` and `client_secret`, or accept those parameters in the +HTTP Basic auth header. + +The following example shows how to retrieve an access token: + +``` +POST /token HTTP/1.1 +Host: authorization-server.com +grant_type=client_credentials +&client_id=xxxxxxxxxx +&client_secret=xxxxxxxxxx +``` + +**_RECOMMENDED:_** Tokens contain sensitive information and should be stored securely. See the +Microsoft +[ConvertTo-SecureString](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/convertto-securestring?view=powershell-7.4) +article for additional information. + +If the token does not have the ability to perform this request, is invalid, or the specific resource +has been blocked from access remotely, an HTTP status code of 401 is returned. + +If the request for an access token is valid, the authorization server generates an access token and +returns it to the client. The following example shows a successful access token response: + +``` +HTTP/1.1 200 OK +Content-Type: application/json +Cache-Control: no-store +Pragma: no-cache  +{ +  "access_token":"MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3", +  "token_type":"bearer", +  "expires_in":3600, +  "refresh_token":"IwOGYzYTlmM2YxOTQ5MGE3YmNmMDFkNTVk", +  "scope":"create" +} +``` + +See the Okta +[Access Token Response](https://www.oauth.com/oauth2-servers/access-tokens/access-token-response/) +article for additional information on successful and unsuccessful responses to requests for access +tokens. + +The Client Secret expires after 72 hours. The access token expires after 1 hour after which time you +can request a refresh token. See the +[Use the Client Credentials to Grant a Refesh Token](/docs/accessanalyzer/12.0/admin/settings/access/restapi/refreshtoken.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/restapi/overview.md b/docs/accessanalyzer/12.0/admin/settings/access/restapi/overview.md new file mode 100644 index 0000000000..6401ad6e44 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/restapi/overview.md @@ -0,0 +1,21 @@ +# Web Service REST API for Applications Accessing Data Remotely + +The Access Analyzer REST API is integrated into the Web Service as an endpoint using an OAuth 2.0 +client credentials grant for authentication and providing the following access role: + +- Read-Only – Read data only + +See the [Use the Client Credentials Grant to Obtain an Access Token](/docs/accessanalyzer/12.0/admin/settings/access/restapi/obtaintoken.md) topic for +additional information. + +The client provides the access token in the HTTP header in the following format: + +``` +GET /api/v1/data/SA_ADInventory_UsersView/rows HTTP/1.1 +Host: accessgovernance.company.com  +Authorization: Bearer N4ahquT7rXuiEEeUiNfKD0TjUq7JB9DS +``` + +See the MDN Web Docs +[The general HTTP authentication framework](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication) +article for additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/restapi/powershellcommands.md b/docs/accessanalyzer/12.0/admin/settings/access/restapi/powershellcommands.md new file mode 100644 index 0000000000..507ca2bf47 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/restapi/powershellcommands.md @@ -0,0 +1,36 @@ +# PowerShell Commands for the REST API + +The following examples show PowerShell commands commonly performed with the REST API. + +## Retrieve an Access Token + +The following example shows how to retrieve an access token. + +``` +$body = @{ +  client_id="[Insert Client ID Here]" +  client_secret="[Insert Client Secret Here]" +  grant_type="client_credentials" +}  +$response = Invoke-WebRequest -Method POST -uri http://localhost:8082/api/v1/token -Body $body -ContentType "application/json" +$content = $response.Content | ConvertFrom-Json   +$access_token = $content.access_token; +$refresh_token = $content.refresh_token; +``` + +**_RECOMMENDED:_** Tokens contain sensitive information and should be stored securely. See the +Microsoft +[ConvertTo-SecureString](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/convertto-securestring?view=powershell-7.4) +article for additional information. + +## Retrieve Data from a Table or View + +The following example shows how to retrieve data from a table or view. + +``` +$headers = @{   +Authorization="Bearer $access_token" +} +$response = Invoke-WebRequest -Method GET -uri http://localhost:8082/api/v1/data/SA_ADInventory_ComputersView/rows -Headers $headers +$content = $response.Content | ConvertFrom-Json +``` diff --git a/docs/accessanalyzer/12.0/admin/settings/access/restapi/refreshtoken.md b/docs/accessanalyzer/12.0/admin/settings/access/restapi/refreshtoken.md new file mode 100644 index 0000000000..27811f30fd --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/restapi/refreshtoken.md @@ -0,0 +1,49 @@ +# Use the Client Credentials to Grant a Refesh Token + +A refresh token contains the information required to obtain a renewed access token. Request a +refresh token when the access token expires. + +- `grant_type` (Required) – The `grant_type` parameter must be set to `client_credentials` +- `refresh_token` (Required) – The refresh token previously issue to the client +- `scope` (Optional) – The requested scope must not include additional scopes that were not issued + in the original access token. If the scope is not included in the request, the service issues an + access token with the same scope as previously issued. +- Client Authentication – Required if the client was issued a secret + +The authentication server then verifies the access request. If the request is valid, the service +generates an access token. + +The following example shows a refresh token grant: + +``` +POST /api/v1/token HTTP/1.1 +Host: authorization-server.com +grant_type=refresh_token +&refresh_token=xxxxxxxxxxx +&client_id=xxxxxxxxxx +&client_secret=xxxxxxxxxx +``` + +If the token does not have the ability to perform this request, is invalid, or the specific resource +has been blocked from access remotely, an HTTP status code of 401 is returned. + +The response for a refresh token is the same as the response for an access token. Optionally, a new +refresh token can be included in the response. If a new refresh token is not included in the +response, the current refresh token will continue to be valid. The following example shows a +successful access token response: + +``` +POST /oauth/token HTTP/1.1 +Host: authorization-server.com +grant_type=refresh_token +&refresh_token=xxxxxxxxxxx +&client_id=xxxxxxxxxx +&client_secret=xxxxxxxxxx +``` + +See the Okta +[Access Token Response](https://www.oauth.com/oauth2-servers/access-tokens/access-token-response/) +article for additional information on successful and unsuccessful responses to requests for access +tokens. + +The refresh token expires after 7 days. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/rolebased/assignroles.md b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/assignroles.md new file mode 100644 index 0000000000..7d0e9d9575 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/assignroles.md @@ -0,0 +1,112 @@ +# Assign User to Role Members + +Role Based Access becomes enabled within Access Analyzer as soon as the first role has been assigned +in the Access Role wizard. When saving the first role or set of roles added to the Role Membership +list in the Roles view, the Administrator role must be included for a least one user or an error +message displays. + +**NOTE:** You must have local administrator rights on the Access Analyzer Console server to assign +roles and enable Role Based Access. + +Follow the steps to assign roles in the Access Analyzer Console. + +![Add Access option on the Access page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/addaccess.webp) + +**Step 1 –** On the Access page, click **Add Access**. The Access Type wizard opens. + +![Access Type page of the Access Role wizard](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/accesstypeuser.webp) + +**Step 2 –** Select the **A user or group accessing this console** option. Click **Next**. + +![Console Access page of the Access Role wizard](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccess.webp) + +**Step 3 –** On the Console Access page, specify a group or user in the **Name** field. Use the +ellipsis (**…**) to browse for accounts with the Select User or Group window. + +- (Optional) To use previously configured MSA and gMSAs for authentication, select the gMSA option + from the Object Types list. See the Microsoft + [Group Managed Service Accounts](https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview) + article for additional information. + + - Change the location to the desired domain and click **Object Types**, then select **Service + Accounts**. + - Add the gMSA name (`gMSAadmin$`), then click **OK**. + - The Member Type will show as `msDS-GroupManagedServiceAccount` on the Access page. + +![Console Access page with user added](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccessfinish.webp) + +**Step 4 –** Select a role for the group or user from the Role list. Click **Finish**. The group or +user and role is added to the Role Membership list in the Roles view. + +**Step 5 –** Repeat Steps 1-4 to assign roles to other groups or users. + +**Step 6 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if +they are not saved. + +Role Based Access is enabled when the first role has been assigned. + +![Error message when Administrator role is not specified](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/noadminerror.webp) + +The first role or set of roles saved must include the Administrator role. Clicking **Save** for the +first role or set or roles without including the Administrator generates an error message in the +Access Analyzer Console. + +When Role Based Access is first enabled, restart the Access Analyzer application to ensure all roles +are properly active. When saving roles for the first time, an NEAUsers local group is created on the +Access Analyzer Console server with permissions to the Access Analyzer application directory. When +users are assigned roles, they are added to this NEAUsers group to give them the necessary +permissions. This allows roles to be leveraged without requiring local Administrator rights. + +**NOTE:** The Web Administrator and Report Viewer roles do not require access to the Access Analyzer +console, so users assigned these roles are not added to the NEAUsers group. + +![NEAUsers group](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/neausersgroup.webp) + +There are two separate sets of permissions: + +- Applies to **This folder only** +- Applies to **Subfolders and files only** + +## Edit Role Members' Responsibilities + +Follow the steps to edit a Access Analyzer user’s role. + +![Edit Member Role](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/editmemberrole.webp) + +**Step 1 –** On the Access page, select the desired user and click **Edit Member Role**. + +![Edit Console Access wizard page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccessedit.webp) + +**Step 2 –** Select a new role for the user from the Roles list. + +**Step 3 –** Click **Finish**. The role is updated on the Access page. + +**Step 4 –** Repeat Steps 1-3 to edit other users’ roles. + +**Step 5 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if +they are not saved. + +The changed roles take affect the next time the users logs into the Access Analyzer application. If +a user is actively logged into Access Analyzer at the same time the role for that user is changed, +then the user needs to exit and re-launch the application for the role to take effect. + +## Delete Role Member + +Follow the steps to delete a user from having access to the Access Analyzer Console. + +![Delete Role Member](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/deleterolemember.webp) + +**Step 1 –** On the Access page, select the desired user and click **Delete Role Member**. The +selected user will be removed from the list. + +**NOTE:** No confirmation will be requested. However the changes will not be finalized until Step 3 +is completed. + +**Step 2 –** Repeat Step 1 to remove other users as desired. + +**Step 3 –** Click **Save** and then **OK** to confirm the deletions. The users will not be deleted +if the changes are not saved. + +The deleted users will no longer be able to log into the Access Analyzer application. If a user is +actively logged into Access Analyzer at the same time of the deletion, the user will need to exit +the application for the deletion to take effect. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/rolebased/configureroles.md b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/configureroles.md new file mode 100644 index 0000000000..b362af914f --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/configureroles.md @@ -0,0 +1,150 @@ +# Configuring Roles + +To ensure a least privilege access model, roles need to be configured within both the Access +Analyzer Console for folder rights and SQL Management Studio for database access rights. + +This is a three-part process: + +- Configure the Access Analyzer Installation Account +- Configure Roles in SQL Management Studio + + - Create SQL Server Database Roles + - Assign Users to SQL Roles + +- Assign User Roles in the Access Analyzer Console + + - Edit Role Members’ Responsibilities + - Delete Role Members + +**NOTE:** This configuration process is not required if only using Role Based Access to secure +Published Reports. See the [Securing Published Reports Only](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/securereports.md) topic for additional +information. + +## Configure the Installation Account + +The Access Analyzer Installation Account is used both to perform the initial installation of Access +Analyzer and to change Storage Profile settings. It needs additional rights in order to query +objects in the master database. This is only necessary so the user can enumerate the available +databases to choose from when configuring the Access Analyzer Storage Profile. + +The following script can be executed to give these necessary rights only to the account performing +the initial installation of Access Analyzer and any changes to the database where Access Analyzer +writes data: + +``` +--Create a login for the user if one does not already exist +IF NOT EXISTS (SELECT *FROM sys.server_principals WHERE [name] = '\') +BEGIN +    create login [\] from windows +END +GO +--Grant that user rights to query the master database to get a list of all database objects +USE [master] +GRANT VIEW ANY DEFINITION TO [\] +GRANT CREATE DATABASE TO [\] +GO +``` + +## Configure Roles in SQL Management Studio + +It is necessary to provision rights to the SQL Server database so the Access Analyzer application +rights and database access rights are consistent and provide the minimum rights necessary to support +the Access Analyzer roles. This approach involves creating custom database roles which will be +assigned rights and privileges. Then, individual domain user accounts must be assigned to these +roles. + +**NOTE:** For any SQL Server version prior to 2012, Windows groups cannot be used because SQL Server +does not allow the assignment of default schemas to Windows groups. Access Analyzer requires the +default schema of [dbo] to function properly. + +### Create SQL Server Database Roles + +To create the roles within the SQL Server database, run the following script. + +![Query Window](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqlcreateroles.webp) + +Be sure to set the context of this query to the Access Analyzer database by selecting the right +database from the drop-down window. Alternatively, prefix the script with a +`USE [Access Analyzer DATABASE NAME]` clause. + +``` +--create SMP Viewer role +CREATE ROLE SMP_Viewer  +--grant role permissions at the schema level +GRANT SELECT +ON SCHEMA::dbo +TO SMP_Viewer +Go  +--create SMP Builder role +CREATE ROLE SMP_Builder  +--grant role permissions at the schema level +GRANT SELECT,INSERT,DELETE +ON SCHEMA::dbo +TO SMP_Builder +Go  +--grant additional creation rights +GRANT CREATE TABLE TO [SMP_Builder] +GO  +--create SMP Admin role +CREATE ROLE SMP_Admin  +--grant role permissions at the schema level +GRANT ALTER,EXECUTE,INSERT,UPDATE,REFERENCES +ON SCHEMA::dbo +TO SMP_Admin +Go  +--grant additional creation rights +GRANT CREATE TABLE TO [SMP_Admin] +GO +GRANT CREATE VIEW TO [SMP_Admin] +GO +GRANT CREATE PROCEDURE TO [SMP_Admin] +GO +GRANT CREATE FUNCTION TO [SMP_Admin] +GO +GRANT CREATE TYPE TO [SMP_Admin] +GO + +``` + +Once the script has been successfully executed, assign domain users to these database roles. + +### Assigning Users to SQL Roles + +Now that the SQL Server database roles have been created the next step is to assign domain users to +those roles. This can be done interactively in SQL Management Studio. Follow the steps to assign +users to SQL Server database roles. + +**Step 1 –** Connect to the Access Analyzer database through SQL Management Studio. + +![Database Roles](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqldatabaseroles.webp) + +**Step 2 –** Validate that the roles have been properly created by navigating to **Security** > +**Roles** > **Database Roles**. The three new roles should be visible: + +- SMP_Admin +- SMP_Builder +- SMP_Viewer + +| | | +| ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | +| ![New User Option](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqlusersnewuser.webp) | + +**Step 3 –** After confirmation of role creation, the next step is to map users to these roles. +Right-click on the **Security** > **Users** node and select **New User**. + +![Database User Window](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqluserwindow.webp) + +**Step 4 –** Enter the user information in the dialog as follows: + +- User Name – Display name given to the user which is shown under the user’s folder. + + **_RECOMMENDED:_** Use a descriptive name. + +- Login name – Qualified domain name of the user: `[DOMAIN]\[Username]` +- Default Schema – Should be set to `dbo` +- Database role membership – Should be set to the appropriate role for this user. See the + [Role Definitions](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/roledefinitions.md) topic for more information. + +When all of the users have been assigned to the appropriate SQL Server database roles, complete the +process by assigning users to roles within the Access Analyzer Console. See the +[Assign User to Role Members](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/assignroles.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/role-based/custom-roles.md b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/customroles.md similarity index 100% rename from docs/accessanalyzer/12.0/administration/settings/access/role-based/custom-roles.md rename to docs/accessanalyzer/12.0/admin/settings/access/rolebased/customroles.md diff --git a/docs/accessanalyzer/12.0/admin/settings/access/rolebased/eventlog.md b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/eventlog.md new file mode 100644 index 0000000000..31ce7aea8b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/eventlog.md @@ -0,0 +1,24 @@ +# Roles and the Event Log + +The Access Analyzer Event Log includes a list of the following activities related to Role Based +Access. The logged activities include information regarding the user who initiated the activity and +their corresponding role: + +- Job Query Modifications +- Host List Modifications +- All Global Settings Modifications + + - Connection Profiles + - Role Based Access + - All other settings found in Settings node + +- Job and Group Properties/Settings +- Job Schedules +- Job Deletions +- Job Creations +- Job Moves in the Jobs tree +- Job/Group Executions +- Access Analyzer Console launches and exits + +See the [Application Maintenance and Best Practices](/docs/accessanalyzer/12.0/admin/maintenance/overview.md) topic for +additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/rolebased/faq.md b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/faq.md new file mode 100644 index 0000000000..da801a146b --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/faq.md @@ -0,0 +1,87 @@ +# Role Based Access: FAQ + +This topic lists some commonly asked questions about Role Based Access functionality in Access +Analyzer. + +How do locked jobs affect the role functionality? + +A lock on a job represents the approval by the Job Approver, and is therefore deemed acceptable to +execute. Once a job is locked, Job Builders can no longer modify the job configuration. Furthermore, +only locked jobs can be run. Therefore, the Job Initiator can only run or schedule jobs which have +already been locked. + +**NOTE:** Locked jobs do not affect the functionality of the Administrator role. See the +[Role Definitions](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/roledefinitions.md) topic for more information. + +How can I make sure that a lock on a job will not get tampered with through the associated XML file? + +The Scheduling Service Account provides limited rights for the Job Approver. Previously, the Job +Approver required permissions on the Jobs folder in order to apply the lock to a job. Now, the +credentials specified in the Scheduling Service Account will be used to apply the locks. Therefore, +the Job Approver no longer needs access to the Jobs folder and cannot manually remove or tamper with +the associated XML file. + +**NOTE:** If using a Job Initiator’s credentials for a Schedule Service Account, all jobs must be +locked in order for them to be executed. See the [Role Definitions](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/roledefinitions.md) and +[Roles & the Schedule Service Account](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/scheduleserviceaccount.md) topics for more information. + +Why can the Host Management Administrator not manage settings for the Host Discovery and Host +Inventory nodes under Settings? + +The Host Management Administrator role is designed specifically to access the Host Management node. +Therefore, this role does not grant access to the global settings menu under the Settings node. + +**NOTE:** In order to access this node, the user must have either the Administrator or the Global +Options Administrator role. See the [Role Definitions](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/roledefinitions.md) topic for more +information. + +What rights do I need to give the user on the local machine in order to use Access Analyzer? + +Enabling Role Based Access removes the necessity to explicitly provide users rights on the Access +Analyzer folder structure. Instead, when the Administrator role is first assigned and Role Based +Access is enabled, a new local group called NEAUsers is created on Access Analyzer Console server. +This NEAUsers group is given the necessary permissions on the Access Analyzer application directory. +When a user is assigned a role, they are added to the NEAUsers group to give them the necessary +access to Access Analyzer. + +See the [Assign User to Role Members](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/assignroles.md) topic for additional information. + +When a user’s role is changed, when does the new role take affect? + +If a user’s role has been altered while they are in an active Access Analyzer session, the user must +exit the Access Analyzer Console and re-open the application for the new role to take effect. This +is also true if a user has been given an additional role or removed from role membership. The +capabilities of the new role will not come into effect until the Access Analyzer application has +been restarted. + +**NOTE:** See the +[Edit Role Members' Responsibilities](assignroles.md#edit-role-members-responsibilities) and +[Delete Role Member](assignroles.md#delete-role-member) topics for more information. + +I locked a job, but when going back to it, it appears to be unlocked. Why? + +A locked job signifies that the job has been approved for execution and should not be modified. If a +job is modified in any way, the lock is immediately removed. Although most roles should not be able +to modify locked jobs, the Administrator role can. This role is not governed by the limitations of +Role Based Access. Thus, if a locked job is modified by an Administrator, the job will become +unlocked. This event will be logged as a job-change related event by Administrator in the Access +Analyzer Event Log. + +**NOTE:** If using a Job Initiator’s credentials for the Schedule Service Account, all jobs must be +locked in order for them to execute. See the [Role Definitions](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/roledefinitions.md), +[Workflow with Role Based Access Enabled](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/workflow.md), and [Roles and the Event Log](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/eventlog.md) +topics for more information. + +What should be the group type when assigning Role Based Access to an AD group in a multi-domain +environment? + +When assigning an Role Based Access to an AD group, it is important to consider the domain +relationship between the AD group and the Access Analyzer server. + +If the Access Analyzer server and the AD group are in different domains then the AD group must be a +universal group. If the group type is not universal then it will result in the RBA being unable to +access the user's group membership and the user who is a member of that AD group will be unable to +view any reports. + +However, if both the Access Analyzer server and the AD group are in the same domain, the AD group +can be either a local group, global group, or universal group. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md new file mode 100644 index 0000000000..ab92b0ada7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md @@ -0,0 +1,41 @@ +# Role Based Access + +Role Based Access allows Access Analyzer users to not have local Administrator rights on the console +server. This is done through the creation of different roles which cover all aspects of the Access +Analyzer work flow introduced by enabling Role Based Access. These roles can be leveraged without +such elevated rights. Responsibilities within the Access Analyzer Console have been divided among +these roles. + +Role Based Access also allows users to secure published reports when accessed through the Web +Console. This is done by first enabling Role Based Access and then by assigning users/groups as +viewers to the reports to which they should have access. + +Report security through Role Based Access can be applied without implementing a least privileged +access model to the Access Analyzer Console. See the +[Securing Published Reports Only](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/securereports.md) topic for additional information. + +**NOTE:** The least privileged access model to the Access Analyzer Console does not work in +conjunction with the Exchange Solution. Role Based Access can be enabled, but the Administrator role +is required to run the Exchange Solution jobs. + +**CAUTION:** Please use caution when enabling Role Based Access, as it is a very powerful tool +within the console designed to be difficult to disable once activated. If Role Based Access is +enabled by accident, please contact [Netwrix Support](https://www.netwrix.com/support.html) for +assistance in disabling it. + +The account used to perform the initial Access Analyzer installation, as well as to change Storage +Profile settings after installation, require additional rights in order to query objects in the +master database. See the +[Configure the Installation Account](configureroles.md#configure-the-installation-account) topic for +additional information on this account. + +To enable Role Based Access within Access Analyzer, corresponding roles must first be created within +SQL Management Studio. Then Access Analyzer users must be assigned roles both in SQL Management +Studio and in Access Analyzer. + +The first Access Analyzer user assigned a role must be an Administrator. Assigning this first user +role officially enables Role Based Access within Access Analyzer. When Role Based access is first +enabled, an NEAUsers local group is created on the Access Analyzer server with the required +permissions to the Access Analyzer application directory. When a user is assigned a role, they are +added to the NEAUsers group to give them the necessary access. See the +[Assign User to Role Members](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/assignroles.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/rolebased/roledefinitions.md b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/roledefinitions.md new file mode 100644 index 0000000000..aafe74656c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/roledefinitions.md @@ -0,0 +1,232 @@ +# Role Definitions + +The following is a list of all roles leveraged within Access Analyzer once Role Based Access is +enabled, including their intended functionality. A user may have more than one role assigned to +them. + +**NOTE:** When a job is moved or copied to a separate job group, it inherits the assigned roles at +the parent and global level from the new job group. Any previous role inheritance is overwritten. + +- OS Administrator – Used only for installation purposes + + - This is not not a configured role, but rather the access required during installation + +- Administrator – At least one must be set before any other roles are assigned + + - Full functionality from all roles within the Access Analyzer Console + - Rights to view all reports, tags, and report permissions within the Web Console + - Rights to preform an upgrade on Access Analyzer + +**NOTE:** In order to use Role Base Access with the Exchange Solution, all Exchange users must be +assigned the Administrator role. This is because the solution requires local Administrator rights on +the Access Analyzer Console server. + +- Power User + + - Rights to add, modify, and delete global settings, except for the **Setting** > **Access** + node + - Not able to view or modify Roles at the global level + - Has rights to add and break inheritance on report viewers at the job group, job, and report + configuration levels + - Rights to modify host management settings as well as run host inventory queries + - Rights to create, modify, and delete jobs as well as view the results of a job. They need to + be able to manage all configuration settings related to those jobs. + - Rights to view previously configured jobs and approve them to be run. They are also able to + view the results of a job. + - Rights to run jobs which have been approved, as well as disable or enable jobs and job groups + - Rights to view all reports, tags, and report permissions within the Web Console + +- Access Administrator + + - Rights to add, modify, and delete global roles except for own roles. This is to restrict + Access Administrators from stepping outside intended rights. + - Not able to view or modify report roles at any other level + - Rights to view report Tags within the Web Console but not report content or permissions + +- Global Options Administrator + + - Able to modify global settings, except for the **Setting** > **Access** node + - The Exchange node is the exception due to its requirements. Therefore, this node cannot be + modified by the Global Options Administrator. + - Rights to view report Tags within the Web Console but not report content or permissions + +- Host Management Administrator + + - Rights to modify host management settings as well as run host inventory queries + - Rights to view report Tags within the Web Console but not report content or permissions + +- Job Builder + + - Rights to create, modify, and delete jobs as well as view the results of a job. They need to + be able to manage all configuration settings related to those jobs. + - Rights to view or modify report viewers at the job group, job, and report levels but not the + global level + - Rights to view all reports and tags within the Web Console but not the report permissions + +- Job Approver + + - Rights to view previously configured jobs and approve them to be run. They are also able to + view the results of a job. + - Rights to view all reports and tags within the Web Console but not the report permissions + +- Job Initiator + + - Rights to start jobs which have been approved as well as view the results of a job + - Rights to disable and enable job and job groups + - Rights to view all reports and tags within the Web Console but not the report permissions + +- Job Initiator (No Actions) + + - Rights to start jobs which have been approved as long as there are no configured Actions in + the job. They are also able to view the results of a job. + - Rights to disable and enable job and job groups + - Rights to view all reports and tags within the Web Console but not the report permissions + +- Job Viewer + + - Only able to view the results of a job + - Rights to view all reports and tags within the Web Console but not the report permissions + +- Web Administrator + + - Not able to access the Access Analyzer Console + - Rights to view all reports, tags, and report permissions within the Web Console + +- Report Viewer + + - Not able to access the Access Analyzer Console + - Only able to view reports and tags within the Web Console but not the report permissions + - Access to reports is restricted according to where the Report Viewer role is assigned: + + - Assigned at the Global level (**Settings** > **Roles**) – Able to view all published + reports + - Assigned at the Job Group level (**Jobs** > **[Job Group]** > **Settings**  > + **Reporting**) – Able to view all reports published by the jobs within this job group + - Assigned at the Job level (**Jobs** > **[Job Group]** > **[Job]** > **Job Properties** > + **Report Roles** tab) – Able to view all reports published by this job + - Assigned at the Report configuration level (**Jobs** >**[Job Group]** >**[Job]** > + **Configure** > **Reports**> **Configure** > **Publish Security** page) – Able to view + only this report + +By default, many roles are granted rights to view all reports and report content. The inheritance of +the Report Viewer role can be broken at the job group, job, or report configuration levels. See the +[Report Viewer Inheritance](#report-viewer-inheritance) topic for additional information. + +## Access Analyzer Console Roles & Rights + +These tables show the rights granted to different user levels to the Access Analyzer Console. + +### Administrators + +This table identifies the rights granted to administrative users to the Access Analyzer Console. + +| Action | Administrator | Global Options Administrator | Access Administrator | Host Management Administrator | OS Administrator | +| ----------------------------------------------------------------------------------------------------------------------------------- | ------------- | ---------------------------- | -------------------- | ----------------------------- | ---------------- | +| View Reports within the Web Console | Yes | No | No | No | No | +| View Report Tags within the Web Console | Yes | Yes | Yes | Yes | No | +| View Report Permissions within the Web Console | Yes | No | No | No | No | +| Access the Access Analyzer Console (after Role Based Access is enabled) | Yes | Yes | Yes | Yes | No | +| Read All Configuration Logs | Yes | Yes | Yes | Yes | No | +| Manage / Edit Access Roles | Yes | No | Yes | No | No | +| Manage Global Settings (includes Connection Profiles) | Yes | Yes | No | No | No | +| Manage / Edit Hosts in Job | Yes | No | No | No | No | +| Manage / Edit Job Definitions | Yes | No | No | No | No | +| Run Jobs | Yes | No | No | No | No | +| Manage / Edit Job Schedules | Yes | No | No | No | No | +| Manage Host Management Settings (includes scheduling and running of host discovery, but not host related nodes in Global  Settings) | Yes | No | No | Yes | No | +| Lock / Unlock Jobs | Yes | No | No | No | No | +| Enable/Disable Jobs | Yes | No | No | No | No | +| Install / Uninstall Data Collectors (or other tool components) | Yes | No | No | No | Yes | +| Upgrade Access Analyzer Console | Yes | No | No | No | No | + +### Users + +This table identifies the rights granted to users who have access to the Access Analyzer Console. + +| Action | Power User | Job Builder | Job Approver | Job Initiator | Job Initiator (No Actions) | Job Viewer | +| ---------------------------------------------------------------------------------------------------------------------------------- | ---------- | ----------- | ------------ | ------------- | -------------------------- | ---------- | +| View Reports within the Web Console | Yes | Yes | Yes | Yes | Yes | Yes | +| View Report Tags within the Web Console | Yes | Yes | Yes | Yes | Yes | Yes | +| View Report Permissions within the Web Console | Yes | No | No | No | No | No | +| Access the Access Analyzer Console (after Role Based Access is enabled) | Yes | Yes | Yes | Yes | Yes | Yes | +| Read All Configuration Logs | Yes | Yes | Yes | Yes | Yes | Yes | +| Manage / Edit Access Roles | No | No | No | No | No | No | +| Manage Global Settings (includes Connection Profiles) | Yes | No | No | No | No | No | +| Manage / Edit Hosts in Job | Yes | Yes\* | No | No | No | No | +| Manage / Edit Job Definitions | Yes | Yes\* | No | No | No | No | +| Run Jobs | Yes | No | No | Yes\*\* | Yes\*\*\* | No | +| Manage / Edit Job Schedules | Yes | No | No | Yes\*\* | Yes\*\*\* | No | +| Manage Host Management Settings (includes scheduling and running of host discovery, but not host related nodes in Global Settings) | Yes | No | No | No | No | No | +| Lock / Unlock Jobs | Yes | No | Yes | No | No | No | +| Enable/Disable Jobs | Yes | No | No | Yes | Yes | No | +| Install / Uninstall Data Collectors (or other tool components) | Yes | No | No | No | No | No | +| Upgrade Access Analyzer Console | No | No | No | No | No | No | + +\*When jobs are unlocked + +\*\*When jobs are locked + +\*\*\*When jobs are locked and have no actions + +## Web Console Roles & Rights + +This table identifies the rights granted to users who have access only to the Web Console. + +| Action | Web Administrator | Report Viewer | +| ---------------------------------------------- | ----------------- | ------------- | +| View Reports within the Web Console | Yes | Yes\* | +| View Report Tags within the Web Console | Yes | Yes\* | +| View Report Permissions within the Web Console | Yes | No | + +\*According to where the role is assigned + +## SQL Server Database Roles & Rights + +This table describes the roles that will be created within the SQL Server database and what rights +they will have to the Access Analyzer database. It also describes which Access Analyzer roles they +are mapped to. + +| Database Role(s) | Access Analyzer Role | Rights | Role Description | +| --------------------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SMP Administrator db_datareader db_datawriter | Administrator Job Initiator Job Initiator (No Actions) | On the dbo schema: ALTER, EXECUTE, INSERT, UPDATE, REFERENCES On the Access Analyzer database: CREATE TABLE, CREATE VIEW, CREATE PROCEDURE, CREATE FUNCTION, CREATE TYPE | This role is used by full Administrators and Job Initiators who must run the 2-FSAA Bulk Import Job which requires manipulation of the Access Analyzer database | +| SMP Builder | Job Builder Host Management Administrator | On the dbo schema: ELECT, INSERT, DELETE On the Access Analyzer database: CREATE TABLE | This role is used by the Job Builder who must be able to create/delete tables, view data, and insert and delete hosts from the Access Analyzer Console | +| SMP Viewer | Job Viewer Access Administrator Job Approver All other roles | On the dbo schema: SELECT | This role is used by all roles who do not require anything more than just reading data and information from the database | + +## Report Viewer Inheritance + +When Role-Based Access is enabled, users assigned the following roles inherit rights to view all +reports and their content: + +- Administrator role +- Power User role +- Job Builder role +- Job Approver role +- Job Initiator role +- Job Initiator (No Actions) role +- Job Viewer +- Web Administrator + +Additional users can be assigned the Report Viewer role at the global, job group, job, or report +configuration levels. These rights are inherited down through child objects. However, the Report +Viewer role inheritance can be broken at any level. Break inheritance to remove the right to view +specific reports at: + +- Job Group level – **[Job Group]** >**Settings** > **Reporting** node +- Job level – **[Job]** > **Properties** >**Report Roles** tab +- Report Configuration level – **[Job]** > **Configure** > **Reports** node. Click **Configure** + next to the report, and navigate to the Publish Security page of the Report Configuration wizard. + See the [Publish Security Page](/docs/accessanalyzer/12.0/admin/report/wizard/publishsecurity.md) topic for additional + information. + +| ![Job Group Level](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/reportviewerreport.webp) | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Job Group Level | Job Level | Report Configuration Level | + +There are two options that control inheritance for Report Viewers when selected: + +- Include Report Viewers from this object’s parent – Automatically removes any user with the Report + Viewer role inherited from a parent object at the lower levels +- Set all the child objects to inherit these settings – Only available at the Job Group level. Sets + all Jobs and Reports to inherit group settings for all child objects by automatically selecting + the **Include Report Viewers from this object’s parent** option. Any previous configurations are + overwritten once **Yes** is selected in the confirmation window. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/rolebased/scheduleserviceaccount.md b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/scheduleserviceaccount.md new file mode 100644 index 0000000000..80a9acff00 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/scheduleserviceaccount.md @@ -0,0 +1,65 @@ +# Roles & the Schedule Service Account + +Once Role-Based Access is enabled, a user or group with the appropriate access role has the ability +to schedule a job or job group as a Schedule Service Account at the **Settings** > **Schedule** +node. Multiple accounts can be added as needed. + +Who Configures This Account? + +- Administrator role +- Power User role +- Global Options Administrator role + +Whose Credentials Should Be Used as the Schedule Service Account? + +- A user with either: + + - Administrator role + - Power User role + - Job Initiator role + +**NOTE:** In order to run or schedule a Host Inventory query, the Schedule Service Account must have +an Administrator, Power User, or Host Management Administrator role. Therefore, if the account has +the Job Initiator role assigned, it must have the Host Management Administrator role as well. + +The Schedule Service Account is used to access the Task folders when scheduling tasks and to apply +locks on jobs. + +- Schedule Tasks + + - In order to have the appropriate level of rights to schedule tasks, the credentials specified + must at least have the following: + + - Create Files/Write Data rights on the Windows Task Folder + - Create Files/Write Data rights on the System 32 Task folder + - Otherwise, they should have local Administrator privileges on the Access Analyzer Console + server + + - The user whose credentials are specified must also have a role that allows the scheduling of + tasks – Administrator, Power User, or Job Initiator + +- Apply Locks + + **NOTE:** If the Access Analyzer user whose credentials are used has the role of Job Initiator, + the job must be locked in order for it to execute successfully. + + - These credentials are used to apply locks on jobs, enabling the Job Approver to have fewer + rights on the Jobs directory. Therefore, the credentials specified must at least have the + following: + + - Modify rights on this directory + - Otherwise, these credentials should have local Administrator privileges on the Access + Analyzer Console server + + - The Job Approver uses these credentials to apply locks. Therefore, the Job Approver must be + added to the local policy **Impersonate a client after Authentication**. + +Do not choose the **Use local System account to schedule tasks** option. This account does not have +the appropriate rights to apply locks on jobs. Therefore, it does not work in conjunction with Role +Based Access. + +See the [Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) topic for additional instructions on configuring the Schedule +Service Account. + +_Remember,_ these credentials must be for a user with local Administrator privileges or rights to +the Windows Task Folder and the System 32 Task folder on the Access Analyzer Console server. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/rolebased/securereports.md b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/securereports.md new file mode 100644 index 0000000000..c5a16bcb05 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/securereports.md @@ -0,0 +1,67 @@ +# Securing Published Reports Only + +In order to secure published reports through the Web Console, it is necessary to enable Role Based +Access within the Access Analyzer Console. If that is the only reason the Role Based Access feature +is being enabled, ensure the following requirements are met: + +- Administrator role assigned to all Access Analyzer Console users + + - Anyone not assigned an Administrator role are unable to access the Access Analyzer Console + after Role Based Access is enabled + +- Web Administrator role assigned to individuals who should have access to all reports, tags, and + report permissions but not the Access Analyzer Console +- Report Viewer assigned to individuals who should have access to reports and tags but not report + permissions or the Access Analyzer Console + + - Global Level Assignment – Access to all reports + - Job Group Level Assignment – Access to reports published by jobs within the job group + - Job Level Assignment – Access to reports published by the job + - Report Configuration Level Assignment – Access to the specific report + +Follow the steps to assign roles at the global level. + +**Step 1 –** Navigate to the **Settings** > **Access** node. + +![Add Access option on the Access page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/addaccess.webp) + +**Step 2 –** On the Access page, click **Add Access**. The Access Type wizard opens. + +![Access Type page of the Access Role wizard](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/accesstypeuser.webp) + +**Step 3 –** Select the **A user or group accessing this console** option. Click **Next**. + +![Console Access page of the Access Role wizard](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccess.webp) + +**Step 4 –** On the Console Access page, specify a group or user in the **Name** field. Use the +ellipsis (**…**) to browse for accounts with the Select User or Group window. + +![Console Access page with user added](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccessfinish.webp) + +**Step 5 –** Select a role for the group or user from the Role list. Click **Finish**. The group or +user and role is added to the Role Membership list in the Roles view. + +**CAUTION:** The first role or set of roles saved must include the Administrator role. Clicking Save +for the first role or set or roles without including the Administrator generates an error message in +the Access Analyzer Console. + +**Step 6 –** Repeat Steps 2-4 to assign the Administrator, Web Administrator, and Report Viewer +roles to other groups or users. + +**Step 7 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if +they are not saved. + +Role Based Access is enabled when the first role has been assigned. + +![Error message when Administrator role is not specified](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/noadminerror.webp) + +The first role or set of roles saved must include the Administrator role. Clicking **Save** for the +first role or set or roles without including the Administrator generates an error message in the +Access Analyzer Console. + +When Role Based Access is first enabled, restart the Access Analyzer application to ensure all roles +are properly active. The Report Viewer role can be assigned at the job group, job, and report +configuration levels. See the [Reporting Node](/docs/accessanalyzer/12.0/admin/jobs/group/reporting.md), +[Report Roles Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportroles.md), and +[Publish Security Page](/docs/accessanalyzer/12.0/admin/report/wizard/publishsecurity.md) topics for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/settings/access/rolebased/workflow.md b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/workflow.md new file mode 100644 index 0000000000..182c75ebdf --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/access/rolebased/workflow.md @@ -0,0 +1,73 @@ +# Workflow with Role Based Access Enabled + +The following workflow summarizes the necessary steps involved to deploy a job once Role Based +Access is enabled and roles have been assigned. + +**Step 1 –** The Job Builder creates and configures a Access Analyzer job + +**Step 2 –** The Job Approver reviews a new or edited job’s configuration, and either approves or +rejects it + +![Lock Job option in right-click menu](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/lockjob.webp) + +- If a job is approved, then a lock needs to be applied by right-clicking the job title in the Jobs + tree and selecting **Lock Job** +- If a job is rejected, then the job remains unlocked +- If the **Lock Job** option is visible, then the job has not yet been approved +- If the **Lock Job** option is not visible, then the job has been approved + +![Unlock Job option in right-click menu](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/unlockjob.webp) + +**Step 3 –** The Job Initiator can choose to run the job directly through the Access Analyzer +Console or schedule it to run with the Schedule Service Account. This user will know the job was +approved by the grayed-out **Unlock Job** option in the right-click menu. + +- Job Initiator/Job Initiator (No Actions) – The Job Initiator can only execute locked job. + + - For the Job Initiator (No Actions) role, the user is unable to execute a job which contains + configured actions, even if it is approved and locked + - Both roles can enable and disable job groups and jobs regardless of whether or not they are + locked. Disabled jobs are grayed out with a red x next to it and are not executed with the job + group. When applied at the job group level, all nested jobs are disabled and do not run. + However, any new job added to that group is enabled by default. + + **NOTE:** The Job initiator can also publish the reports already generated by the job. + +- Publish – To publish reports which have already been generated to the Web Console + + - See the [Report Settings Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/reportsettings.md) topic for + additional information + +![Report under the Results Node in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/reportjobstree.webp) + +**Step 4 –** After a job has been successfully run, the **Job Viewer** can now view the results of +the job under the job’s Status and Results node, or in the Web Console. See the +[Viewing Generated Reports](/docs/accessanalyzer/12.0/admin/report/view.md) topic for additional information. + +**NOTE:** The Job Builder, Job Approver, and Job Initiator may also view these results within the +Access Analyzer Console. Additionally, users with these roles can view reports within the Web +Console. + +## Other Console Roles + +Any modifications needed in the Settings or Host Management nodes must be done by the corresponding +administrator role (Global Options Administrator, Access Administrator, or Host Management +Administrator). These roles can be used in conjunction with any other role (for example, a user can +be a Job Builder and Global Options Administrator in order to build jobs and manage corresponding +Connection Profiles). + +### Web Administrator + +The Web Administrator can view all reports within the Web Console. + +In addition to viewing report content, Web Administrators can view tags and report permissions. + +_Remember,_ a user with only the Web Administrator role is unable to access the Access Analyzer +Console. + +### Report Viewer + +The Report Viewer can view reports within the Web Console according to where the user’s role was +assigned: global, job group, job, or report configuration. + +_Remember,_ a user with only the Report Viewer role is unable to access the Access Analyzer Console. diff --git a/docs/accessanalyzer/12.0/admin/settings/application/overview.md b/docs/accessanalyzer/12.0/admin/settings/application/overview.md new file mode 100644 index 0000000000..83846ff906 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/application/overview.md @@ -0,0 +1,161 @@ +# Application + +The **Application** node is for configuring general settings which affect the way the Access +Analyzer Console functions. + +![Application](/img/product_docs/accessanalyzer/12.0/admin/settings/application/application.webp) + +Application Log + +The Access Analyzer Application Log section determines what information is stored in the Access +Analyzer application log. + +![Application Log](/img/product_docs/accessanalyzer/12.0/admin/settings/application/applicationlog.webp) + +The Application log level controls the types of messages generated for each job and the application. +It can be modified at the job level in the **Job Properties** window. See the +[General Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/general.md) topic for additional information. Options +available in the Application log level drop-down menu include: + +- Debug – Records everything that happens during job execution, most verbose level of logging + + - Records all Info level information + - Records everything else that happens + - Creates the largest file + +- Info – Records information about what stage of the job is being performed when errors or warnings + occurred + + - Records all Warning level information + - Records job progress information + +- Warning – Records all warnings which occur during job execution + + - Records all Error level information + - Records all warnings and the time of occurrence + +- Error – Records all errors which occur during job execution + + - Records job start time + - Records errors and the time of occurrence + - Records job completion time + +**_RECOMMENDED:_** Set the log level to **Warning**. + +The other log levels are designed to assist with troubleshooting job execution issues. The Debug +level is only recommended when experiencing problems. After the problem is fixed or the Application +log has been sent to [Netwrix Support](https://www.netwrix.com/support.html), reduce the logging +level to **Warning** or **Info**. + +Profile Security + +The Profile Security section provides the option to enable an enhanced method of encryption to +various credentials stored by the Access Analyzer application. + +![Profile Security](/img/product_docs/accessanalyzer/12.0/admin/settings/application/profilesecurity.webp). + +There are two options available in the Profiles stored with drop-down menu: + +- Application – Default setting, does not employ the enhanced encryption +- Vault – Enables the enhanced encryption of stored credentials. See the [Vault](/docs/accessanalyzer/12.0/admin/settings/application/vault.md) topic for + requirements and additional information. + +Usage Statistics + +The Usage Statistics section allows you to select whether to send usage statistics data to Netwrix +to help us improve our product. + +![Usage Statistics](/img/product_docs/accessanalyzer/12.0/admin/settings/application/usagestatistics.webp) + +- If selected, usage statistics are collected and sent to Netwrix + + - Upon startup of the Access Analyzer console, the system checks if usage statistics have been + sent in the last 7 days. If they have not been, stored procedures run against the Access + Analyzer database and gather data about job runs, access times, and environmental details like + resource counts, users counts, number of exceptions, and so on. This data is then sent back to + Netwrix to help us identify usage trends and common pain points, so that we can use this + information to improve the product. + - Only anonymous statistic-level data is included. No private company or personal data is + collected or sent to Netwrix. + +- If cleared, no usage statistics are collected or sent to Netwrix + +Host Target Options + +The Host Target Options section provides radio buttons to select the source that Access Analyzer +should use to connect to hosts. + +![Host Target Options](/img/product_docs/accessanalyzer/12.0/admin/settings/application/hosttargetoptions.webp) + +Select from the following two options: + +- Use host name +- Prefer DNS name if available + +Grid View Parameters + +The Grid View Parameters section controls how the data grids display within the Access Analyzer +Console. + +![Grid View Parameters](/img/product_docs/accessanalyzer/12.0/admin/settings/application/gridviewparameters.webp) + +- Automatically rename duplicate columns within a table – Checks for and renames columns with + duplicate names +- Automatically correct invalid column names – Checks for and corrects column names which contain + characters SQL cannot handle + + **_RECOMMENDED:_** Leave both options selected. + +- Save filters and grouping on data grids – Maintains filters configured for a data grid for the + next viewing. If not selected, filtered data grids reset between viewings. +- Maximum row count for interactive grid view – Indicates the number of rows displayed in tables + accessible in under a job’s Status and Results nodes + + - Maximum row count is set to 1000 by default and has a cap of 99,999 rows. This number does not + impact the number of rows within the SQL database. To view the full row count for a table + exceeding this size, use the SQL Server Management Studio or another SQL Server interface tool + which displays the full table. + +Filtered data grids are not lost if persistent filters are not saved. The Filtration Dialog +available for every data grid maintains a list of recent filters. See the +[Data Grid Functionality](/docs/accessanalyzer/12.0/admin/navigate/datagrid.md) topic for additional information. + +Cleanup + +The Cleanup section is designed to conserve space in the SQL Database Transaction Log. It only works +when the database is configured to use Simple Recovery Model. + +![Cleanup Options](/img/product_docs/accessanalyzer/12.0/admin/settings/application/cleanup.webp) + +- Compact Database Transaction Log – If selected, every time the Access Analyzer application is + closed, the Database Transaction Log is compacted + + **_RECOMMENDED:_** In most environments, it is recommended to leave this option selected. If a + scheduled task ends while multiple tasks are still running, the process of compacting the + database freezes it and causes the running tasks to fail. + +- Run Post Processing SQL Script to Set Host Status – If selected, this option ascribes the values + of SUCCESS, WARNING, or ERROR to indicate what happened on that host during job execution + + **_RECOMMENDED:_** It is recommended that this option be left selected. + +Application Exit Options + +The Application Exit Options section controls whether or not a confirmation is displayed when the +Access Analyzer application is closed. + +![Application Exit Options](/img/product_docs/accessanalyzer/12.0/admin/settings/application/applicationexitoptions.webp) + +If selected, the **Show Confirmation Dialog** option causes a Confirm Exit window to open when the +Access Analyzer user attempts to exit the application. If deselected, the Access Analyzer +application closes without confirmation. + +![Confirm Exit](/img/product_docs/accessanalyzer/12.0/admin/settings/application/confirmexitwindow.webp) + +The Confirm Exit window requires the **Yes** button to be clicked before the Access Analyzer +application closes. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Application view. These +buttons become enabled when modifications are made to the Application global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/12.0/admin/settings/application/vault.md b/docs/accessanalyzer/12.0/admin/settings/application/vault.md new file mode 100644 index 0000000000..352a435335 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/application/vault.md @@ -0,0 +1,66 @@ +# Vault + +The Access Analyzer vault provides additional security through enhanced encryption to various +credentials stored by the Access Analyzer application, such as Connection Profile credentials or +Schedule Service Account credentials. In order to enable the vault, the following prerequisites must +be met in the order listed: + +- Access Analyzer Vault Service must be running + + - This service was installed during the Access Analyzer installation and is configured for + Manual Startup Type + - It needs to be configured to Log On (Service > Properties) with a service account which has + Log on as Service rights, as well as Read and Execute rights to the VaultService.exe file + located within the Access Analyzer installation directory + +- Role Base Access must be enabled within Access Analyzer + + - The vault was designed to provide enhanced security when employing the Role Based Access, or + least privilege, option of Access Analyzer + - At least one Administrator role must be assigned to enable the vault: + + - If full Role Based Access is not desired but enabling the vault is, all of the Access + Analyzer users should be given the Administrator role + - No additional Role Based Access prerequisites are required for this option + + - See the [Access](/docs/accessanalyzer/12.0/admin/settings/access/overview.md) topic for additional information on Role Based Access + + **NOTE:** Once the vault has been enabled, it is not possible to disable Role Based Access + without first disabling the vault. Please contact + [Netwrix Support](https://www.netwrix.com/support.html) for assistance in disabling Role Based + Access. + +- The Profile Security section of the Application node must be set to **Vault** + + ![Vault Security](/img/product_docs/accessanalyzer/12.0/admin/settings/application/vaultrbaerror.webp) + + If the previous prerequisites have not been met, then one of the following errors will occur + when attempting to save the Vault Profile Security setting: + + - Role Based Access Error – Role Based Access must be configured in order to use the Access + Analyzer Vault. Please configure Role Based Access and try again + - Access Analyzer Vault Service Error – Access Analyzer is not running + +- The Netwrix Access Analyzer (formerly Enterprise Auditor) Web Server service must be run with an + account that has the Administrator role assigned + + - If the Administrator role is not assigned, the vault service does not allow the web server to + access the SQL profile and throws an access denied error in the web server log file + +The credentials which are encrypted once the vault has been enabled are: + +- Storage Profile credentials +- Connection Profile credentials +- Schedule Service Account credentials +- Role Definitions +- Role Assignments + +Once encrypted, the files with these stored credentials are moved into a new directory location. + +This location is protected by the service account used to run the Access Analyzer Vault Service. + +## Disabling the Vault + +To disable the vault, navigate to the **Settings** > **Application** node and change the Profile +Security section setting to **Application**. It is a best practice to also stop the Access Analyzer +Vault Service. diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/cyberarkintegration.md b/docs/accessanalyzer/12.0/admin/settings/connection/cyberarkintegration.md new file mode 100644 index 0000000000..6af9cb38ac --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/cyberarkintegration.md @@ -0,0 +1,162 @@ +# CyberArk Integration + +In order for Access Analyzer to be able to retrieve service account passwords from the CyberArk +Password Vault, the following prerequisites must be completed: + +- The Secrets Manager must be installed on the Access Analyzer Console server. The organization’s + Vault administrator can provide the Secrets Manager installation package and most likely needs to + be present during the installation to provide credentials in order for the Secrets Manager + installation to complete. See the CyberArk + [Credential Provider (CP)](https://docs.cyberark.com/credential-providers/Latest/en/Content/CP%20and%20ASCP/Installing-CP.htm) article + for additional information. +- An application must be added to CyberArk for the integration with Access Analyzer. The Application + Id of this application must then be added to the `GlobalOptions.xml` file for Access Analyzer. See + the [Customize CyberArk Application Id](#customize-cyberark-application-id) topic for additional + information. The application can be locked down by providing an OS User, a Path, or a Hash. See + the CyberArk + [Add applications](https://docs.cyberark.com/credential-providers/14.0/en/Content/Common/Adding-Applications.htm) article + for additional information. + + - The OS User needs to be the account running Access Analyzer. This could be the account used to + launch the Access Analyzer application or an account used as the Schedule Service Account + within Access Analyzer. More than one OS User can be added. + - The Path should be a local path to the `StealthAUDIT.exe` file. The path should end with the + file name: `…\StealthAUDIT.exe`. + - The Hash should be generated using the **AimGetAppInfo** tool in the + `…\CyberArk\ApplicationPasswordProvider\Utils` folder on the server where Secrets Manager is + installed. AimGetAppInfo should be run in an Administrator Command Prompt. Run the following + command: + + ``` + ..\CyberArk\ApplicationPasswordProvider\Utils\NETAimGetAppInfo.exe GetHash /AppExecutablesPattern \PrivateAssemblies\Stealthbits.StealthAUDIT.Console.dll + ``` + + **_RECOMMENDED:_** Pipe the output hash value to a file to easily copy and paste it to the + CyberArk application. + + See the CyberArk + [Generate an application hash value](https://docs.cyberark.com/credential-providers/Latest/en/Content/CP%20and%20ASCP/Generating-Application-Hash-Value.htm) article + for additional information. + + ![Application Details page for the CyberArk Application](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/applicationidhash.webp) + + Add the generated hash value in the Authentication tab of the Application Details page for + the CyberArk Application. + + ![Allowed Machines list for the CyberArk application](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/allowedmachines.webp) + + - The machine name for the Access Analyzer console needs to be added on the Allowed Machines + list for the CyberArk application + +- Once the Secrets Manager installation has completed and the Access Analyzer application has been + created, the necessary CyberArk accounts must be given access to the Safes in which the Access + Analyzer service accounts are stored. This includes the account which was created automatically + during the Secrets Manager installation, as well as the account created automatically as a result + of the application creation. + + ![Owners window for the Safe containing the credentials](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/vaultownerswindow.webp) + + - The account created during the AIM installation is under the naming convention + `Prov_[COMPUTERNAME]`, where `COMPUTERNAME` is the name of the computer on which AIM is + installed. This account should be given **Retrieve accounts**, **List accounts**, and **View + Safe Members** rights on the desired Safes. + - The account created during the application creation has the same name as the application + itself and should be given **Retrieve accounts** rights on the desired Safes + +## Customize CyberArk Application Id + +The Application id value of the application created within CyberArk for the integration with Access +Analyzer must be configured within Access Analyzer. This is done in the `GlobalOptions.xml` file +within the Access Analyzer installation directory. The default location is +`…\STEALTHbits\StealthAUDIT\`. + +Follow the steps to customize the CyberArk Application Id within Access Analyzer. + +**Step 1 –** Navigate to the `GlobalOptions.xml` file. Open it with a text editor, for example +Notepad. + +**CAUTION:** Ensure Access Analyzer is closed when modifying this file. + +![GlobalOptions.xml file in Notepad](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/globaloptions.webp) + +**Step 2 –** Find the `` section of the `GlobalOptions.xml` file. Add the +Application Id of the configured CyberArk application for the integration in the `` tag. If +required, customize the Command Timeout and Connection Port properties. + +``` + +    CyberArkApplicationID +    30 +    18923 + +``` + +- AppId – The name of the CyberArk application +- CommandTimeout – Set to the suggested default of 30 +- ConnectionPort – This is a configurable option found during the installation of the CyberArk + Credential Provider. After installation, it can be found in the configuration file located in the + installation folder. + + See the CyberArk + [TCP parameters](https://docs.cyberark.com/credential-providers/13.0/en/Content/CP%20and%20ASCP/Credential-Provider-Configuration-Files.htm#tcp-parameters) article + for additional information. + +**Step 3 –** Save and close the file. + +Access Analyzer now uses the CyberArk Application Id identified in the XML string. + +## User Credentials Window + +In Access Analyzer, the CyberArk option for Password Storage is available on the User Credentials +window when configuring an **Active Directory Account** or **Local Windows Account**. + +The credential information supplied in the User Credentials window must be an exact match to what is +in CyberArk as the privileged account for which it is linked. It is case-sensitive. + +If the Connection Profile with a Local Windows Account credential using CyberArk password storage is +used to target multiple hosts, then the local credential on each host needs to have the exact same +username and password combination. + +![Connection view with CyberArk credentials](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/usercredentials.webp) + +The Connection view displays `CyberArk` in the Source column of the User Credentials list for the +selected Connection Profile. + +### Active Directory Account + +Match the User Credentials window settings in Access Analyzer with the privilege account properties +in CyberArk. These values are case-sensitive, and must be an exact match. + +![User Credentials window for Active Directory Account](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/usercredentialsad.webp) + +The table below shows the values from your CyberArk configuration that the User Credentials window +should be populated with: + +| Access Analyzer | CyberArk Property | CyberArk Description | Example Value | +| --------------- | ----------------- | -------------------------------------- | ----------------- | +| Domain | Address | Domain address | ExampleDomain.com | +| User name | Username | Privilege account | ExampleUser | +| Safe | Safe | Vault managing the privileged accounts | Test | +| Folder | Folder | Folder within Safe | Root | + +### Local Windows Account + +Match the User Credentials window settings in Access Analyzer with the privilege account properties +in CyberArk. These values are case-sensitive, and must be an exact match. The Access Analyzer Domain +value is `` and the CyberArk Address property value is the server address. + +![User Credentials window for Local Windows Account](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/usercredentialslocal.webp) + +The table below shows the values from your CyberArk configuration that the User Credentials window +should be populated with: + +| Access Analyzer | CyberArk Property | CyberArk Description | Example Value | +| --------------- | ----------------- | -------------------------------------- | ------------- | +| User name | Username | Privilege account | ExampleUser2 | +| Safe | Safe | Vault managing the privileged accounts | Test | +| Folder | Folder | Folder within Safe | Root | + +**_RECOMMENDED:_** Only use one Local Windows Account credential with CyberArk password storage in a +Connection Profile. As part of the Access Analyzer to CyberArk integration, the Access Analyzer job +is stopped immediately if the query from Access Analyzer to CyberArk for the credential fails. +Therefore, a second credential within the Connection Profile would not be queried. diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/gmsa.md b/docs/accessanalyzer/12.0/admin/settings/connection/gmsa.md new file mode 100644 index 0000000000..42ecd5bdd1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/gmsa.md @@ -0,0 +1,23 @@ +# Group Managed Service Accounts (gMSA) Configuration + +Access Analyzer can use a previously-configured Group Managed Service Accounts (gMSA/MSA) account. +Make sure that Managed Service Account is selected in the User Credentials window. See the +[Create a Connection Profile](/docs/accessanalyzer/12.0/admin/settings/connection/profile/create.md) or +[Create a Schedule Service Account](/docs/accessanalyzer/12.0/admin/settings/schedule.md#create-a-schedule-service-account) topic for +additional information. + +To run a job or scheduled task with a gMSA/MSA account, the following prerequisites must be met: + +- The account that Access Analyzer is run with must have permissions to retrieve the gMSA account + password +- The gMSA account must be a Local Admin in the target hosts +- The gMSA account does not have to be a local admin in the Access Analyzer Console +- The Data Collector used must support unicode characters in the Connection Profile's credential + password to retrieve the gMSA account password + +**NOTE:** For FSAA, remote scans using gMSA credentials need to use the Windows Service launch +mechanism in the query configuration. + +See the Microsoft +[Group Managed Service Accounts](https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview) +article for additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/overview.md b/docs/accessanalyzer/12.0/admin/settings/connection/overview.md new file mode 100644 index 0000000000..9566f66ea7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/overview.md @@ -0,0 +1,72 @@ +# Connection + +The Connection node contains objects referred to as Connection Profiles. A Connection Profile houses +the information Access Analyzer uses to connect to the target hosts during job execution. + +![Connection](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/connectionpage.webp) + +There are two methods for authentication to a targeted host: + +- Use Local Login Credentials +- Use a Connection Profile + +## Use Local Login Credentials + +This method is traditionally assigned through the **Only use the Windows account that the +application is run with System default** option. It is generally referred to as the System Default +or trusted method. When used, Access Analyzer authenticates to the target hosts during host +inventory or job execution with the Windows account used to launch Access Analyzer. This can be: + +- Account which was used to log on to the Access Analyzer Console server and start the application +- Account which was used to launch the Access Analyzer application through the run-as security + context +- Account which was used to provision a Windows scheduled task when running a job group or job via a + scheduled task + +## Use a Connection Profile + +This method allows you to define a Connection Profile which houses one or several sets of +credentials to be used for authentication on the target hosts during host inventory or job +execution. The credentials specified in a Connection Profile could be any of the following: + +- Local machine account +- Active Directory account +- Unix account +- SQL account +- Microsoft Entra ID (formerly, Azure Active Directory) key +- Dropbox access token +- Web service JWT +- Oracle account + +For the majority of auditing scenarios, domain-based accounts are preferred if not required by the +nature of the auditing task. The credentials must have the permissions required by the data +collector being used. + +### Password Storage Options + +The password for the credential provided can be stored in Access Analyzer application or Access +Analyzer Vault. Certain types of credentials can be stored in CyberArk®. + +Choosing to store passwords in either the Access Analyzer application or the Access Analyzer Vault +is a global setting configured in the **Settings** > **Application** node. See the +[Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for additional information. + +The Access Analyzer vault provides enhanced security through enhanced encryption to various +credentials stored by the Access Analyzer application. See the [Vault](/docs/accessanalyzer/12.0/admin/settings/application/vault.md) +topic for additional information. + +CyberArk integration stores supported credentials in the CyberArk Enterprise Password Vault. +CyberArk Privileged Account Security Solution offers components designed to discover, secure, +rotate, and control access to privileged account passwords used to access systems through the +enterprise IT environment. See the [CyberArk Integration](/docs/accessanalyzer/12.0/admin/settings/connection/cyberarkintegration.md) topic for +additional information. + +![Cancel and Save options](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/cancelsavebuttons.webp) + +The **Cancel** and **Save** buttons are in the lower-right corner of the Connection view. These +buttons become enabled when modifications are made to the Connection global setting. + +![Information update message box](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/settingssavedmessage.webp) + +Whenever changes are made at the global level, click **Save** and then **OK** to confirm the +changes. Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/activedirectory.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/activedirectory.md new file mode 100644 index 0000000000..21ef62443d --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/activedirectory.md @@ -0,0 +1,25 @@ +# Active Directory Account for User Credentials + +If the account type selected on the User Credentials window is **Active Directory Account**, the +following information is required for the credential: + +![User Credentials Window - Active Directory](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/activedirectoryaccount.webp) + +- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain + name in the textbox or select a domain from the menu. +- User name – Type the user name +- Password Storage – Choose the option for credential password storage: + + - Application – Uses the configured Profile Security setting as selected at the **Settings** > + **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for + additional information. + - CyberArk – Uses the CyberArk Enterprise Password Vault. See the + [CyberArk Integration](/docs/accessanalyzer/12.0/admin/settings/connection/cyberarkintegration.md) topic for additional information. The + password fields do not apply for CyberArk password storage. + - Managed Service Account – Use previously configured MSA and gMSAs for authentication. The + password fields are not applicable when this option is selected. See the + [Group Managed Service Accounts (gMSA) Configuration](/docs/accessanalyzer/12.0/admin/settings/connection/gmsa.md) topic for additional + information. + +- Password – Type the password +- Confirm – Re-type the password diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/aws.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/aws.md new file mode 100644 index 0000000000..250024bea2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/aws.md @@ -0,0 +1,35 @@ +# Amazon Web Services for User Credentials + +The information in this section applies to **Select Account Type > Amazon Web Services** account +type in the User Credentials window. + +![User Credentials Window - AWS](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/connectionaws.webp) + +The required credentials for Amazon Web Services are: + +- Access Key ID — Used to sign programmatic requests made to AWS. If access keys are not available, + create them with the IAM console. +- Password Storage: Application – Uses the configured Profile Security setting as selected at the + **Settings >** **Application** node +- Secret Key — Used to sign programmatic requests made to AWS. If secret keys are not available, + create them with the IAM console. +- Scan Roles — Role used to scan other organization accounts + +## Create a Connection Profile for AWS + +A new connection profile will need to be created to be leveraged in the AWS Solution. + +**Step 1 –** Under Settings > Connection, click Add Connection profile. + +**Step 2 –** Click Add User credential and select the Amazon Web Services account type. + +**Step 3 –** Input the Access Key ID into the Username section, and the Secret Access Key into the +Access Token section. + +_Remember,_ these are obtained from AWS when the permissions are configured. See the +[Configure AWS for Scans](/docs/accessanalyzer/12.0/requirements/target/config/aws.md) topic for additional +information. + +**Step 4 –** Click OK in the User Credentials modal, name the Connection Profile, and click Save. + +This connection profile can now be assigned to the AWS Solution. diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/create.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/create.md new file mode 100644 index 0000000000..03caeeda40 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/create.md @@ -0,0 +1,155 @@ +# Create a Connection Profile + +Follow the steps to create a Connection Profile. + +![Add Connection Profile](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/addconnectionprofile.webp) + +**Step 1 –** Click Add Connection profile at the top of the Connection view. + +![Connection - Add Connection Profile](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/connectionprofilename.webp) + +**Step 2 –** A new profile displays in the list with a generic name. Provide a unique, descriptive +name in the Connection profile name textbox. + +**NOTE:** A good profile name should be chosen so that it does not need to be changed at a later +time. If the profile name is changed after being applied to job groups or jobs, it requires the user +to go back through all of those job groups or jobs and re-apply the Connection Profile. + +![Add User Credential](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/addusercredential.webp) + +**Step 3 –** Now it is time to add credentials to this profile. Click Add User credential and the +User Credentials window opens. + +![User Credentials](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/activedirectoryaccount.webp) + +**Step 4 –** The window options change according to the value for the Selected Account Type field. +Select the appropriate account type and then provide the required information. The account types +are: + +- [Active Directory Account for User Credentials ](/docs/accessanalyzer/12.0/admin/settings/connection/profile/activedirectory.md) +- [Local Windows Account for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/localwindows.md) +- [Unix Account for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/unix.md) +- [SQL Authentication for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/sql.md) +- [Task for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/task.md) +- [Azure Active Directory for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/entraid.md) +- [Dropbox for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/dropbox.md) +- [Web Services (JWT) for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/webservices.md) +- [Oracle for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/oracle.md) +- [Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/exchangemodernauth.md) + +See the individual account type sections for information on the fields. Then click OK. + +![Error Message for Password](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/passworddifferserror.webp) + +**NOTE:** If the entered passwords are not the same, an error message will pop-up after clicking OK +on the User Credentials window. Click OK on the error message and re-type the passwords. + +![User Credentials](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/usercredentialslist.webp) + +**Step 5 –** Repeat Steps 3-4 until the User Credentials list for this profile is complete. + +When Access Analyzer authenticates to a target host, it looks at the value of the WindowsDomain +field in the Host Inventory for the target host. It then matches the first credential in the +Connection Profile which matches that domain. If authentication fails, it moves consecutively +through the User Credentials list. It will first match to all credentials listed for target host’s +domain, and then proceed through all other credentials until authentication is successful or there +are no more credentials to try. + +**_RECOMMENDED:_** Limit the User Credentials list to a minimal number per profile, especially when +considering that a successful authentication does not automatically mean that particular credential +has the appropriate level of permissions in order for the data collection to occur. + +![Arrange Priority](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/moveupdown.webp) + +There are Move Up and Move Down buttons for arranging priority within the User Credentials list. + +![Apply local login credentials](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/usewindowsaccountoption.webp) + +**Step 6 –** (Optional): At the bottom of the Connection view, is the Use the Windows account that +Access Analyzer runs with before trying the user credentials above option. This option is per +Connection Profile. If checked, Access Analyzer applies the local login credentials prior to any of +the credentials saved to the Connection Profile. + +**NOTE:** If a data collector utilizes an applet, this option must be unchecked. + +**Step 7 –** When the user credentials have been added and ordered, click Save and then OK to +confirm the changes to the Connection Profile. + +The new Connection Profile is now visible in the Profile list and available for use at the job group +or job level. + +## Edit User Credentials within a Connection Profile + +Follow the steps to edit user credentials within a Connection Profile. + +![Edit Connection Profile](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/editusercredentials.webp) + +**Step 1 –** Select the Connection Profile to be modified from the Profile list. Remember, changing +the Connection Profile name results in breaking job groups or jobs that are assigned this profile. + +**Step 2 –** Select the user credential to be edited from the User Credentials list. Click Edit. + +![User Credentials](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/selectaccounttype.webp) + +**Step 3 –** Modify the information in the User Credentials window. For the password, choose between +the Use the existing password option or the Specify a new password below option. Click OK. + +**Step 4 –** When the Connection Profile’s user credentials have been edited as desired, click Save +and then OK to confirm the changes to the Connection Profile. + +The edited user credentials are now used for authentication to target hosts for this Connection +Profile. + +## Delete a User Credential from a Connection Profile + +Follow the steps to delete a user credential from a Connection Profile. + +![Delete User Credentials](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteusercredentials.webp) + +**Step 1 –** Select the Connection Profile to be modified from the Profile list. Remember, changing +the Connection Profile name results in breaking job groups or jobs that are assigned this profile. + +**Step 2 –** Select the user credential to be edited from the User Credentials list. Click Delete. + +![Confirmation message for deletion](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteusercredentialsconfirm.webp) + +**Step 3 –** Click OK to confirm the deletion. + +**Step 4 –** The selected credential is no longer visible in the User Credentials list. Click Save +and then OK to confirm the changes to the Connection Profile. + +The deleted user credentials are no longer available for authentication to target hosts for this +Connection Profile. + +## Set a Default Connection Profile + +The default profile is marked with the green checkmark. + +![defaultconnectionprofile](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/defaultconnectionprofile.webp) + +Follow the steps to set a new default Connection Profile. + +![Set a Default Connection Profile](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/setasdefaultconnectionprofile.webp) + +**Step 1 –** Select the desired profile in the Connection Profile list and click Set as default. + +**Step 2 –** The green checkmark moves. Click Save and then OK to confirm the changes. + +This Connection Profile is now used as the default Connection Profile. + +## Delete a Connection Profile + +Follow the steps to delete a Connection Profile. + +![Delete a Connection Profile](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteconnectionprofile.webp) + +**Step 1 –** Select the profile from the Connection Profile list and click Delete. + +![Confirmation message for deletion](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp) + +**Step 2 –** Click OK to confirm the deletion. + +**Step 3 –** The selected profile is no longer visible in the Connection Profiles list. Click Save +and then OK to confirm the changes. + +The deleted Connection Profile is no longer available for authentication to target hosts. diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/dropbox.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/dropbox.md new file mode 100644 index 0000000000..493e8e6666 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/dropbox.md @@ -0,0 +1,15 @@ +# Dropbox for User Credentials + +The information in this topic applies to **Select Account Type** > **Dropbox** in the User +Credentials window. + +![User Credentials - Dropbox](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/dropbox.webp) + +The required credentials for Dropbox are: + +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic + for additional information.) +- Access Token – Copy and paste the access token after it has been generated from the Scan Options + page of the DropboxAccess Data Collector configuration wizard. See the Dropbox for User + Credentials topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/entraid.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/entraid.md new file mode 100644 index 0000000000..74b8526351 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/entraid.md @@ -0,0 +1,28 @@ +# Azure Active Directory for User Credentials + +The information in this topic applies to **Select Account Type** > **Azure Active Directory** in the +User Credentials window. This account type is for Microsoft Entra ID, formerly Azure Active +Directory. + +![User Credentials Window - Azure Active Directory](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/entraid.webp) + +The required credentials for this account type are: + +- Client ID – Application (client) ID of the Access Analyzer application registered with Microsoft + Entra ID. See the + [Identify the Client ID](/docs/accessanalyzer/12.0/config/entraid/access.md#identify-the-client-id) topic for + additional information. +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic + for additional information.) +- Key – The required Key depends on the target environment the Connection Profile is being used for: + + - Entra ID – Client secret value for the Access Analyzer application registered with Microsoft + Entra ID. See the + [Generate the Client Secret Key](/docs/accessanalyzer/12.0/config/entraid/access.md#generate-the-client-secret-key) + topic for additional information. + - SharePoint Online – The comma delimited string containing the path to the certificate PFX + file, certificate password, and the Microsoft Entra ID environment identifier ( + `CertPath,CertPassword,AzureEnvironment`). See the + [SharePoint Online Credential for a Connection Profile using Modern Authentication](/docs/accessanalyzer/12.0/admin/datacollector/spaa/configurejob.md#sharepoint-online-credential-for-a-connection-profile-using-modern-authentication)topic + for additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/exchangemodernauth.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/exchangemodernauth.md new file mode 100644 index 0000000000..5280ed3593 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/exchangemodernauth.md @@ -0,0 +1,26 @@ +# Exchange Modern Authentication for User Credentials + +The information in this topic applies to **Select Account Type** > **Exchange Modern +Authentication** account type in the User Credentials window. + +![User Credentials - Exchange Modern Authentication ](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/exchangemodernauthentication.webp) + +The values for the required credentials for the Exchange Modern Authentication account are: + +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic + for additional information.) +- Organization – The primary domain name of the Microsoft Entra tenant being leveraged to make the + connection. See the + [Identify the Tenant's Name](/docs/accessanalyzer/12.0/config/exchangeonline/access.md#identify-the-tenants-name) + topic for additional information. +- Email Address – The email address for the mailbox to be leveraged in Exchange Online environment + scans. The mailbox must belong to the primary domain used in the Organization field. +- AppID – Application (client) ID of the Access Analyzer application registered with Microsoft Entra + ID. See the + [Identify the Client ID](/docs/accessanalyzer/12.0/config/exchangeonline/access.md#identify-the-client-id) + topic for additional information. +- Certificate Thumbprint – The thumbprint value of the certificate uploaded to the Microsoft Entra + ID application. See the + [Upload Self-Signed Certificate](/docs/accessanalyzer/12.0/config/exchangeonline/access.md#upload-self-signed-certificate) + topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/localwindows.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/localwindows.md new file mode 100644 index 0000000000..e29f8a6dea --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/localwindows.md @@ -0,0 +1,25 @@ +# Local Windows Account for User Credentials + +The information in this topic applies to **Select Account Type** > **Local Windows Account** in the +User Credentials window. + +![User Credentials - Local Windows Account](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/localwindowsaccount.webp) + +The required credentials for the Local Windows Account are: + +- User name – Type the user name +- Password Storage – Choose the option for credential password storage: + + - Application – Uses the configured Profile Security setting as selected at the **Settings** > + **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for + additional information. + - CyberArk – Uses the CyberArk Enterprise Password Vault. See the + [CyberArk Integration](/docs/accessanalyzer/12.0/admin/settings/connection/cyberarkintegration.md) topic for additional information. The + password fields do not apply for CyberArk password storage. + + **NOTE:** If using the CyberArk option, then the associated Connection Profile can only have + one user credential in it. Multiple user credentials are not supported with the CyberArk + integration when using local Windows accounts. + +- Password – Type the password +- Confirm – Re-type the password diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/oracle.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/oracle.md new file mode 100644 index 0000000000..62c4a37637 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/oracle.md @@ -0,0 +1,38 @@ +# Oracle for User Credentials + +The information in this section applies to Select Account Type > Oracle in the User Credentials +window. + +![User Credentials - Oracle](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/oracle.webp) + +The required credentials for Oracle are: + +- Domain – Field options are dependent upon the additional account type option selected: + - Oracle Account – Domain is not a field for this type of credential + - Windows account that Access Analyzer is run with – (Domain is not a field for this type of + credential) + - Active Directory – Drop-down menu with available trusted domains displays. Either type the + short domain name in the textbox or select a domain from the menu. +- User name – Type the user name + - This is not a field for the additional account type of Windows account that Access Analyzer is + run with is selected +- Password Storage: Application – Uses the configured Profile Security setting as selected at the + **Settings >** **Application** node +- Password – Type the password + - This is not a field for the additional account type of Windows account that Access Analyzer is + run with +- Confirm – Re-type the password + - This is not a field for the additional account type of Windows account that Access Analyzer is + run with +- Role – Specify an Oracle role, if desired. The drop-down menu provides a list of roles. Either + type the role name in the textbox or select a role from the menu. + - **NOTE:** When using a least privileged model for Oracle, **SYSDBA** must be selected for the + Role. +- Additional Account type – Select radio button of the secondary account type from the list at the + bottom of the window: + - Oracle Account – Use an Oracle account for target host authentication + - Windows account that Access Analyzer is run with – Use the account that launched the Access + Analyzer application through the run-as security context + - Active Directory – Use an Active Directory account for target host authentication + +Selecting default from the list is the same as leaving the field blank. diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/sql.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/sql.md new file mode 100644 index 0000000000..9003fad207 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/sql.md @@ -0,0 +1,18 @@ +# SQL Authentication for User Credentials + +This information applies to **Select Account Type** > **SQL Authentication** in the User Credentials +window. + +**NOTE:** SQL Authentication credentials are used in the Connection Profiles for the SQL, MySQL, and +PostgreSQL Solutions. + +![User Credentials - SQL Authentication](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/sqlauthentication.webp) + +The required credentials for SQL Authentication are: + +- User name – Enter user name +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic + for additional information.) +- Password – Type the password +- Confirm – Re-type the password diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/task.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/task.md new file mode 100644 index 0000000000..247a0a3de1 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/task.md @@ -0,0 +1,20 @@ +# Task for User Credentials + +The information in this section applies to Select Account Type > Task (Local) or Task (Domain) in +the User Credentials window. + +| ![User Credentials - Task (Local)](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/taskdomain.webp) | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| _Task (Local)_ | _Task (Domain)_ | + +The required credentials for Task (Local) and Task (Domain) are: + +- Domain + - Local – Not a field for this type of credential, defaults to `` + - Domain – Drop-down menu with available trusted domains displays. Either type the short domain + name in the textbox or select a domain from the menu. +- User name – Type the user name +- Password Storage: Application – Uses the configured Profile Security setting as selected at the + **Settings > Application** node +- Password – Type the password +- Confirm – Re-type the password diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/unix.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/unix.md new file mode 100644 index 0000000000..5b3af3a3c2 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/unix.md @@ -0,0 +1,33 @@ +# Unix Account for User Credentials + +The information in this topic applies to **Select Account Type** > **Unix Account** in the User +Credentials window. + +![User Credentials - Unix](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/unixaccount.webp) + +The required credentials for the Unix Account are: + +- User name – Enter user name +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic + for additional information.) +- Password/Confirm + + - If not using a private key, enter the **Password** and re-type in the **Confirm** field + - If using a private key, then the password is not needed. Provide the private key information + in the **Use the following private key when connecting** field. + +- Use the following port/ports (CSV) for SSH + + - The SSH port needs to be opened in software and hardware firewalls + - If desired, select this option and provide the port value + +- Use the following private key when connecting + + - This option uses the authentication method of an SSH Private Key + - Supported Key types: + + - Open SSH + - PuTTY Private Key + + - If desired, select this option and provide the key value diff --git a/docs/accessanalyzer/12.0/admin/settings/connection/profile/webservices.md b/docs/accessanalyzer/12.0/admin/settings/connection/profile/webservices.md new file mode 100644 index 0000000000..3a310fcfe9 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/connection/profile/webservices.md @@ -0,0 +1,15 @@ +# Web Services (JWT) for User Credentials + +The information in this section applies to Select Account Type > Web Services (JWT) in the User +Credentials window. + +![User Credentials - Web Services (JWT)](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/webservicesjwt.webp) + +The required credentials for Web Services (JWT) are: + +- User name – `{not a field for this type of credential}` +- Password Storage: Application – Uses the configured Profile Security setting as selected at the + **Settings > Application** node +- Access Token – Copy and paste the StealthDEFEND App Token after it has been generated within + StealthDEFEND. See the [FS_DEFEND_SDD Job](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/fs_defend_sdd.md) topic for + additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/exchange.md b/docs/accessanalyzer/12.0/admin/settings/exchange.md new file mode 100644 index 0000000000..95b8ab88f4 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/exchange.md @@ -0,0 +1,67 @@ +# Exchange + +The Exchange node is for configuring the settings needed to query Microsoft® Exchange Servers. +These settings are exclusive to the Access Analyzer for Exchange Solution. + +![Exchange - Set up the connection](/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_1.webp) + +The Exchange node is grayed-out by default. In order for these settings to be enabled, it is +necessary to install both Access Analyzer MAPI CDO and Microsoft Exchange MAPI CDO on the Access +Analyzer Console server. See the +[StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md) +topic for additional information. + +Once the requirements have been met, the Exchange node is enabled for configuration. These settings +are utilized to make MAPI connections to the Exchange Server for the Mailbox, PublicFolder, +Exchange2K, and ExchangePS Data Collectors. The Client Access Server field, or CAS, is also utilized +by the ExchangePS Data Collector in order to make Remote PowerShell connections for Exchange 2010 or +newer. The data collectors apply these settings unless modified inside the job query. + +![Set up the connection](/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_3.webp) + +The three options in the Exchange Connection Setting section at the top of the window are dependent +on which version of Exchange is audited. + +- For Auditing Microsoft Exchange 2007 or Older Versions: + - Select the radio button for System Attendant (2003 & 2007) – The System Attendant Account is + built into Exchange 2007 and older versions and allows Access Analyzer to make the necessary + MAPI connections. +- For Auditing Microsoft Exchange 2010 or Newer Versions: + + - Select either of the other two options: + + - Use the mailbox associated with the Windows account that Access Analyzer is run with – + This option uses either the account logged into the Access Analyzer Console server or the + account set to run the Access Analyzer application. + - Exchange Mailbox (2010 and newer) – This option allows an Exchange Mailbox Alias to be + specified for MAPI connections. + + - Enter the Alias name in the textbox. The Alias needs to be an Exchange 2010 or newer + mailbox, not a mail-enabled service account. However, this mailbox does not need + rights on the Exchange Organization; it only needs to reside within it. + + - Enter the name of the physical CAS in the Client Access Server textbox. This server can be + part of an array, but do not enter the name of a CAS Array. This should also be the + Exchange CAS where both Remote PowerShell and Windows Authentication on the PowerShell + Virtual Directory have been enabled. + +**_RECOMMENDED:_** Once the Exchange Connection Settings have been properly configured for the +version of Exchange to be audited, it is strongly recommended that the settings be tested. + +In the Test Exchange Connection Settings section: + +- Enter a Mailbox Server with mailboxes to be audited in the Exchange Server textbox. +- Click the Test Exchange settings link. + + ![Test Exchange Connection Setting](/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_4.webp) + +If the Exchange Connection Settings are correct, an output field opens. At the bottom of the output +field, a mailbox count is stated and a message appears which says, “You have successfully connected +to this Exchange Server.” Click OK. + +![exchange_6](/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_6.webp) + +The Cancel and Save buttons are in the lower-right corner of the Exchange view. These buttons become +enabled when modifications are made to the Exchange global setting. Whenever changes are made at the +global level, click Save and then OK to confirm the changes. Otherwise, click Cancel if no changes +were intended. diff --git a/docs/accessanalyzer/12.0/admin/settings/history.md b/docs/accessanalyzer/12.0/admin/settings/history.md new file mode 100644 index 0000000000..c8ec7729ea --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/history.md @@ -0,0 +1,89 @@ +# History + +The History node is where the history retention of job data and job logs are configured. The setting +specified here at the global level applies to all jobs in the Jobs tree unless specifically changed +at the job group or job level. See the [History Node](/docs/accessanalyzer/12.0/admin/jobs/group/history.md) and +[History Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/history.md) topics for additional information. + +![History Global Settings](/img/product_docs/accessanalyzer/12.0/admin/settings/history.webp) + +The Data Retention Period settings are for configuring the job data history retention within the +database. There are three options: + +- Never retain previous job data +- Retain previous job data for [number] [time period] +- Always retain previous job data + +Set the Data Retention Period at the global level to **Never retain previous job data**. This allows +for more control over the quantity of data by applying history retention at the job group or job +level. All jobs run with this default setting only keep the most current record set. + +**CAUTION:** It is important to understand that some pre-configured jobs require history retention +while others do not support it. Changing the history retention settings at the global level can +cause issues with data analysis and reporting on jobs that don't support it. See the relevant job +group and job descriptions for additional information. + +The Diagnostics Retention Period settings determine how long this data is retained for all jobs that +do not have an explicit setting. Setting the retention period for a specific job overrides the +default setting. There are two settings: + +- Logs and Messages + + - Retain previous application logs, job logs, and messages for [number] [time period] – Controls + how long the messages for previous job executions are stored in the SA_Messages table for each + job. Older job execution messages are cleared. + - The default value is 7 Times. With this setting, the messages are stored for the previous + seven job executions. + +- Job Statistics + + - Retain job statistics in database for [number] [time period] – Controls how long job + statistics history is stored within the Access Analyzer database in the following two tables: + + - SA_JobStatsTbl + - SA_JobTaskStatsTbl + + - This setting is only available at the global settings level. The default value is 100 days. + This directly affects each job’s **Status** node. See the [Status Node](/docs/accessanalyzer/12.0/admin/jobs/job/status.md) + topic for additional information. + +For both the **Logs and Messages** and **Job Statistics** options above: + +- Enter a number in the first textbox and select the desired time period from the drop-down menu in + the second box. Retention can be set to a specific number of **Days**, **Weeks**, **Months**, or + **Times** for both. +- All jobs run with this setting add the newly collected data set or job logs on top of the + previously collected record sets or logs. Any record sets or logs outside the specified historical + retention limit are dropped. + +The **Cancel** and **Save** buttons are in the lower-right corner of the History view. These buttons +become enabled when modifications are made to the History global settings. Whenever changes are made +at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, click +**Cancel** if no changes were intended. + +## Job Data History Retention & Database Size Concerns + +A major concern around job data history retention is the impact it can have on database size. The +following scenario explains a common concern. + +- The **Retain previous application logs, job logs, and message for** or **Retain job statistics in + database for** setting is set to an extended time period and the database size is unmanageable + + - To reduce data retention periods, navigate to the **Settings** > **History** node. Change the + time period to a smaller interval, for example 90 days. Click **Save** and rerun the jobs. + - All of the record sets outside the new retention limit are dropped, and the database size is + back down where it belongs + +## Job Logs + +The job logs are stored within the output folder of each job. They can be read in the Access +Analyzer Console within the job’s **Status** > **Messages** table. To access the logs within the +job’s directory, right-click on the job’s node in the Navigation pane and select **Explore Folder**. + +![Job Logs in the job's Output folder in File Explorer](/img/product_docs/accessanalyzer/12.0/admin/settings/historyjoblogs.webp) + +The most recent log is open. Older jobs are stored as zip files, according to the Log Retention +Period setting. Each log is named in the following format: + +- Open/Latest Log Name – `[Jobname]_Log.tsv` +- Older/Zipped Log Name – `[Jobname]_Log_[Date]_[Time].zip` diff --git a/docs/accessanalyzer/12.0/admin/settings/hostdiscovery.md b/docs/accessanalyzer/12.0/admin/settings/hostdiscovery.md new file mode 100644 index 0000000000..ea69499b87 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/hostdiscovery.md @@ -0,0 +1,63 @@ +# Host Discovery + +The Host Discovery node is for configuring the settings which dictate how Access Analyzer handles +newly discovered hosts, what information is logged during the host discovery process, and how long +the logged information is stored. + +![Host Discovery page](/img/product_docs/accessanalyzer/12.0/admin/settings/hostdiscovery.webp) + +In the Host Discovery Options section at the top is a checkbox for the **Perform the first inventory +right away for newly discovered hosts** option. This option is selected by default. + +- If selected, Access Analyzer retrieves information about a host as soon as it is discovered +- If deselected, the host inventory information can be obtained later according to the Host + Inventory node options + +The configurable options in the Discovery Log section are: + +- Retention period – Determines how long the Host Discovery query log is kept. This is set by + default to 14 days which is based on average Access Analyzer usage. +- Log level – Determines what information is stored in the Host Discover query log + +![Log level options](/img/product_docs/accessanalyzer/12.0/admin/settings/hostdiscoveryloglevels.webp) + +The log levels are: + +- Debug – Records everything that happens during the host discovery process, most verbose level of + logging + + - Records all Info level information + - If files are referenced or updated during the process of running the query then the path to + the affected file is shown + - Helps [Netwrix Support](https://www.netwrix.com/support.html) to assist in diagnosing issues + which may be causing host inventories to fail + - Creates the largest file + +- Info – Records information on the steps which occur during the host discovery process, in addition + to warnings and errors + + - Records all Warning level information + - Records start actions of each query + - Records end actions of each query + +- Warning – Records all warnings which occur during the host discovery process + + - Records all Error level information + - When Access Analyzer encounters a host which only grants partial access + - When Access Analyzer encounters something which allows for only partial data gathering + - When Access Analyzer encounters something which causes it to produce a larger log file + +- Error – Records all errors which occur during the host discovery process + + **_RECOMMENDED:_** Set the Log Level to Error. The default setting is Info, but it is + recommended that the setting for daily use be set to Error. The other log levels are designed to + assist with troubleshooting host discovery and host inventory issues. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Host Discovery view. These +buttons become enabled when modifications are made to the Host Discovery global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +![Host Discovery Log under Host Discovery node](/img/product_docs/accessanalyzer/12.0/admin/settings/hostdiscoverylog.webp) + +The Host Discovery Log is located under the **Host Discovery** node. diff --git a/docs/accessanalyzer/12.0/admin/settings/hostinventory.md b/docs/accessanalyzer/12.0/admin/settings/hostinventory.md new file mode 100644 index 0000000000..0f8e326ceb --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/hostinventory.md @@ -0,0 +1,167 @@ +# Host Inventory + +The Host Inventory node is for selecting what information to collect from the target host during the +host inventory process, for allocating console resources to the host inventory process, and for +setting what out-of-the box host lists are visible in the Host Management node. + +![Host Inventory Settings page](/img/product_docs/accessanalyzer/12.0/admin/settings/hostinventory.webp) + +In the Inventory Items section, there are four program property groups: + +- Operating System – Includes 7 Items +- Application – Includes 7 Items +- Network – Includes 6 Items +- Hardware – Includes 4 Items + +Each of these groups brings back the properties enumerated in the list below the group title. These +collected properties correspond to the columns in the Host Management tables. Deselecting a checkbox +prevents that information from being collected for target hosts. However, some solutions require +this information. + +**_RECOMMENDED:_** Leave the default setting of all the groups selected. Consult with +[Netwrix Support](https://www.netwrix.com/support.html) prior to turning off any of these property +groups. + +In the Performance Tuning section, there are five settings which allocate console resources to the +host inventory process: + +- Threads – Indicates the number of job threads that are employed during the host inventory process + + - The default setting is 20 Threads + - Maximum thread count is 100. Thread count will revert back to 100 if values over 100 are + entered. + - Restart Access Analyzer if thread count is changed for changes to take place + +- Thread timeout [in seconds] – Indicates the time a thread will spend in retrieving information + from a host + + - Default setting is 1200 seconds + - If thread cannot receive an active response from target host, the thread will move on to the + next host in the queue + +- Stop on Failed Ping – If the Stop on Failed Ping checkbox is selected, hosts that do not respond + to pings are not queried. Otherwise, hosts will be queried regardless. +- PING timeout [in seconds] – Indicates the time a thread will spend pinging a host + + - Default setting is 4 seconds + - If thread cannot connect with a host, the host will be designated as being offline and the + thread will move on to the next host in the queue + +- Only refresh inventory items older than [time selected] – Indicates the time that needs to pass + before the host inventory process is automatically refreshed + + - Default setting is 60 days + - The number textbox has a five-character limit + - The drop-down menu includes the time-units of: + + - Hours + - Days + - Weeks + - Months + + - This setting affects the Inventory page options on the Host Discovery Wizard. See the + [Host Discovery Wizard](/docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/overview.md) topic for additional information. + +The Desired Host List Views section at the bottom contains all available host lists, both +out-of-the-box lists and custom-created lists. There are seven Default Hosts Lists which correspond +to the solutions that target them. During the host inventory process, hosts which meet the filter +criteria for these default lists are automatically populated into that host list. A checkmark in +front of the host list indicates that the list is visible in the **Host Management** > **All Hosts** +node. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Host Inventory view. These +buttons become enabled when modifications are made to the Host Inventory global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +## Default Host Lists + +The seven default lists are auto-populated during the host inventory process based on specific +filter criteria. These lists correspond to the pre-configured solution jobs which target them. + +### AD Host List + +The **AD** Host List can be expanded and contains five sub-groups utilized by the Active Directory +Solution and the Active Directory Inventory Solution: + +![AD Host List](/img/product_docs/accessanalyzer/12.0/admin/settings/ad.webp) + +The sub-groups are: + +- ALL DNS SERVERS +- ALL DOMAIN CONTROLLERS +- ALL GLOBAL CATALOG SERVERS +- ONE DOMAIN CONTROLLER PER DOMAIN +- ONE GLOBAL CATALOG SERVER PER DOMAIN + +### ALL WINDOWS HOSTS Host List + +The **ALL WINDOWS HOSTS** Host List is utilized primarily by the Windows Solution. + +![ALL WINDOWS HOSTS Host List](/img/product_docs/accessanalyzer/12.0/admin/settings/allwindowshosts.webp) + +There are no sub-groups for ALL WINDOWS HOSTS. + +### DG Host List + +The **DG** Host List can be expanded and contains three sub-groups utilized by the Data Access +Governance for File System Solution. + +![DG Host List](/img/product_docs/accessanalyzer/12.0/admin/settings/dg.webp) + +The sub-groups are: + +- ALL CELERA SERVERS +- ALL INTERNET INFORMATION SERVERS +- ALL NETAPP SERVERS + +### EXCHANGE Host List + +The **EXCHANGE** Host List can be expanded and contains six sub-groups utilized by the Exchange +Solution. Four of these sub-groups can also be expand. + +![EXCHANGE Host List](/img/product_docs/accessanalyzer/12.0/admin/settings/exchange.webp) + +The sub-groups are: + +- EXCHANGE GENERAL + + - ALL EXCHANGE SERVERS (ACTIVE HOSTS) + - ALL EXCHANGE SERVERS (ALL HOSTS) + - EXCHANGE CAS SERVERS + - EXCHANGE HUB SERVERS + - EXCHANGE MB SERVERS + +- EXCHANGE 2016 + +### SQL Servers Host List + +The **SQL SERVERS** Host List is utilized primarily by the SQL Solution. + +![SQL Servers Host List](/img/product_docs/accessanalyzer/12.0/admin/settings/sqlservers.webp) + +There are no sub-groups for SQL SERVERS. + +### Windows Server Host List + +The **Windows Server** Host List can be expanded and contains three sub-groups utilized by the +Windows Solution. + +![Windows Server Host List](/img/product_docs/accessanalyzer/12.0/admin/settings/windowsserver.webp) + +The sub-groups are: + +- ALL WINDOWS SERVERS (ACTIVE HOSTS) +- ALL WINDOWS SERVERS (ALL HOSTS) +- ALL WINDOWS SERVERS (NO DCS) + +### Work Station Host List + +The **Work Station** Host List can be expanded and contains one sub-group utilized by the Windows +Solution. + +![Work Station Host List](/img/product_docs/accessanalyzer/12.0/admin/settings/workstation.webp) + +The single sub-group is: + +- ALL WINDOWS WORKSTATIONS diff --git a/docs/accessanalyzer/12.0/admin/settings/notification.md b/docs/accessanalyzer/12.0/admin/settings/notification.md new file mode 100644 index 0000000000..b03f112a51 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/notification.md @@ -0,0 +1,115 @@ +# Notification + +The Notification node is where email notifications are configured. Emails can be sent from the +Access Analyzer Console for a variety of purposes: reports on collected data, change detection +alerts, conformance analysis notification, and more. + +![Global Settings Notification page](/img/product_docs/accessanalyzer/12.0/admin/settings/notification.webp) + +To enable notifications from the Access Analyzer Console, a mail server must be configured for +Access Analyzer to employ for sending emails. + +Access Analyzer supports authentication and encryption when sending email notifications. +Notifications can be configured based on the requirements of an organizations mail environment. + +Enable Access Analyzer notifications by configuring the Mail Server and Sender Information. It is +recommended to send a test email to yourself after initial configuration to ensure proper settings. +See the [Test Notification Settings](#test-notification-settings) topic for additional information. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Notification view. These +buttons become enabled when modifications are made to the Notification global setting. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +## Configure SMTP Server Information + +The Mail Server section at the top of the page is where an organization’s SMTP Server information is +provided. + +![Mail Server settings on Notification page](/img/product_docs/accessanalyzer/12.0/admin/settings/server.webp) + +Provide the following information to enable notifications from Access Analyzer. + +**NOTE:** Check with your Messaging Team if you are unsure of this information. + +- Mail Server – Enter the organization’s SMTP Server name +- Encryption – Allows Access Analyzer users to enable notification encryption according to the + supported protocol on the configured SMTP Server. The default setting is **No Encryption**. Select + an encryption method: + - No Encryption + - Encryption + - Encryption, Ignore Certificate Error +- Port – Enter the SMTP Server port number. The default port setting changes based on the selected + Encryption Option: + - For the **No Encryption** option, the default port is 25, since this is common for most SMTP + Servers + - For the **Encryption** and **Encryption, Ignore Certificate Error** options, the default port + is 587 + +### Notification Authentication Credentials + +If the SMTP Server requires authentication, select the **My Mail Server requires authentication** +checkbox and provide the necessary credentials in the User name and Password boxes. + +#### Update Notification Authentication Credentials + +**Step 1 –** In the My Mail server requires authentication section, enter a new **Password** for the +account. + +**Step 2 –** Click **Save**. + +The credentials for Mail Server authentication account have been updated and committed to the +Console. + +## Sender Information + +The Sender Information section is where the sender information is provided. + +![Sender Information section on Notification page](/img/product_docs/accessanalyzer/12.0/admin/settings/senderinformation.webp) + +Configure the sender information for all Access Analyzer notifications. Since this is a global +settings, any recipients configured at this level receive all notifications sent from Access +Analyzer, and are sent to this recipient list unless inheritance is broken at the job group or job +level. + +- Sender Name – Name displayed in the sent from field of the email +- Sender Address – Sender’s email address. This does not have to be a real email address, unless + required by the organization. It can be something as simple as `accessanalyzer@yourdomain.com`. + +## Email Content + +The Email Content section is where the recipient information is provided. + +![Email Content section on Notification page](/img/product_docs/accessanalyzer/12.0/admin/settings/emailcontent.webp) + +- To / CC / BCC – Enter the email addresses for the recipients of the email notifications. Use a + semicolon (;) to separate multiple recipients. + - Recipients listed at this global level receive all email notifications sent by Access Analyzer + unless inheritance is broken at the job group or job levels + +## Test Notification Settings + +Once the global **Notification** settings have been configured, it is recommended to send a test +email to ensure proper configuration. This verifies all settings are correct and email is received +as expected. + +![Test Email Settings button](/img/product_docs/accessanalyzer/12.0/admin/settings/test.webp) + +The Test Email Settings button sends a test email to the recipient list. It is recommended that you +test by sending an email to yourself. Once all Notification settings are configured, click the +**Test Email Settings** button. + +![Test email sent successfully message](/img/product_docs/accessanalyzer/12.0/admin/settings/testsuccess.webp) + +A message displays stating that the test e-mail was sent successfully. + +![Test email error message example](/img/product_docs/accessanalyzer/12.0/admin/settings/testerror.webp) + +**NOTE:** If there are any problems with the information, an error message will appear during the +Test Email settings process. Correct the Notification settings until the test email is sent +successfully. + +![Netwrix Enterprise Auditor test e-mail](/img/product_docs/accessanalyzer/12.0/admin/settings/testemail.webp) + +This email is sent to all recipients when the **Test Email settings** link is clicked. When the +Notification settings are configured, click **Save** and then **Ok** to complete the configuration. diff --git a/docs/accessanalyzer/12.0/admin/settings/overview.md b/docs/accessanalyzer/12.0/admin/settings/overview.md new file mode 100644 index 0000000000..4a47afef9e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/overview.md @@ -0,0 +1,80 @@ +# Global Settings + +The global settings have an overall impact on the running ofAccess Analyzer jobs. Settings are +inherited through a parent-child structure from the Settings node through the Jobs tree to the +individual jobs unless inheritance is broken by direct assignment at either the job group or the +individual job level. + +![Configuration Settings](/img/product_docs/accessanalyzer/12.0/admin/settings/globalsettings.webp) + +Some of these settings are configured during the initial launching of theAccess Analyzer Console. +Others are configured as desired by the end-user. Expand the Settings node in the Navigation pane to +select a global setting to configure: + +- [Access](/docs/accessanalyzer/12.0/admin/settings/access/overview.md) + - Configure what applications users, and groups have access to Access Analyzer + - Configure Role Based Access control of Access Analyzer and the Web Console + - Configure REST API +- [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) + - Configure the Access Analyzer application logging level + - Configure profile security + - Configure options to connecting to host targets + - Configure grid view parameters for data tables and views + - Configure database cleanup options + - Configure the Access Analyzer application’s exit options +- [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) + - Optional configuration during the initial launch, but required for host inventory query + execution and job execution + - Provide credential sets with adequate permissions to remotely contact and gather information + from target hosts + - Creating a Connection Profile requires credentials with appropriate levels of permissions + according to the data collector being used +- [Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) + - Required for auditing an organization’s Exchange environment + - Only enabled for configuration once the Access Analyzer for Exchange Solution prerequisites + are installed + - Configure Microsoft Exchange server connections and requires Exchange server versions and + names + - The ExchangeMailbox, Exchange2K, ExchangePS, and ExchangePublicFolder Data Collectors utilize + these global settings +- [History](/docs/accessanalyzer/12.0/admin/settings/history.md) + - Configure job data retention period settings + - Configure diagnostics retention period settings +- [Host Discovery](/docs/accessanalyzer/12.0/admin/settings/hostdiscovery.md) + - Configure host discovery settings + - Configure discovery log settings +- [Host Inventory](/docs/accessanalyzer/12.0/admin/settings/hostinventory.md) + - Configure inventory items, performance tuning, and desired host list views +- [Notification](/docs/accessanalyzer/12.0/admin/settings/notification.md) + - Required for the Access Analyzer application to send email + - Provide SMTP server information and sender information + - Configuration requires an organization’s SMTP server name and authentication credentials (if + applicable) + - Encryption Options can be configured +- [Reporting](/docs/accessanalyzer/12.0/admin/settings/reporting.md) + - Required for report publishing + - Configure settings for publishing reports outside of the Access Analyzer Console (e.g. + distribution via email, posting to an internal share, or posting to the Report Index) + - Use information to configure accessing published reports via the Web Console +- [Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) + - Optional configuration during the initial launch if Windows authentication is used with the + Storage Profile + - Required in order to schedule host inventory, job, analysis task, and action task execution + - Provide credentials used against the Access Analyzer Console server to execute scheduled jobs + with the Windows Task Scheduler + - Creating a Schedule Service Account requires credentials on the Access Analyzer Console server + - Multiple Schedule Service Accounts can be configured +- [Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) + - Flag locations which are known to contain false positive criteria matches to be filtered out + of Sensitive Data Discovery reports +- [ServiceNow](/docs/accessanalyzer/12.0/admin/settings/servicenow.md) + - Required for integration between Access Analyzer and ServiceNow® + - Configure the ServiceNow Action Module authentication credentials + - Configuration requires an organization’s ServiceNow instance name and authentication + credentials +- [Storage](/docs/accessanalyzer/12.0/admin/settings/storage/overview.md) + - Required configuration during the initial launch + - Create profiles for storing output data from queries + - Creating a Storage Profiles requires Microsoft® SQL® Server information + +See the [Getting Started](/docs/accessanalyzer/12.0/gettingstarted.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/reporting.md b/docs/accessanalyzer/12.0/admin/settings/reporting.md new file mode 100644 index 0000000000..2e90c1bee7 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/reporting.md @@ -0,0 +1,115 @@ +# Reporting + +The Reporting node is for configuring the global settings for publishing Access Analyzer reports. +The Web Console is where any reports which have been published can be viewed outside of the Access +Analyzer Console. The Web Console provides a consolidated logon housing both the published reports +and the AIC (when applicable). + +![Global Settings Reporting page](/img/product_docs/accessanalyzer/12.0/admin/settings/reporting.webp) + +The publishing of reports can be disabled at the global level by selecting **Do not publish +reports** from the Publish Option drop-down menu. It can also be disabled at the job group, job, or +report configuration level. See the [Jobs Tree](/docs/accessanalyzer/12.0/admin/jobs/overview.md) topic for additional +information. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Reporting view. These +buttons become enabled when modifications are made to the Reporting global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +## Website URL + +The Website URL field contains address for the hosted website, the Web Console, where the published +reports reside. + +![Website URL on Global Settings Reporting page](/img/product_docs/accessanalyzer/12.0/admin/settings/websiteurl.webp) + +The default address is: + +http://[Fully Qualified Domain Name of the Access Analyzer Console server]:8082 + +This link is used to access the Web Console, and it is used for the web link in an emailed report. +The protocol and port number may need to be modified to align with the organization’s environment, +but it must match the information in the website’s configuration file. If the Web Console has been +secured, this address must be manually updated: + +https://[Fully Qualified Domain Name of the StealthAUDIT Console server]:[Port Number] + +**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See +the +[Configure JavaScript Settings for the Web Console](#configure-javascript-settings-for-the-web-console) +topic for additional information. + +## Publish Option + +The Publish Option allows you to enable or disable the publishing of reports at the global level. + +![Publish Option on Global Settings Reporting page](/img/product_docs/accessanalyzer/12.0/admin/settings/publish.webp) + +Select the **Publish reports** option to publish all Access Analyzer reports or select **Do not +publish reports** to disable the publishing. The inheritance of this setting can be broken at the +job group, job, or report levels. + +### Email Report Options + +Configure email reports sent out by Access Analyzer using the Email Report options. + +![Email options on Global Settings Reporting page](/img/product_docs/accessanalyzer/12.0/admin/settings/email.webp) + +The **E-mail reports** checkbox enables recipients to receive all published reports, unless +inheritance is broken at the job group, job, or report level. Separate multiple recipients with a +semicolon. If commas are used as delimiters for email addresses, they will be converted into +semicolons when the settings are saved. + +**_RECOMMENDED:_** Configure email reporting at a specific level to ensure recipients only receive +reports which apply to them. + +**NOTE:** Email reports does not work unless Access Analyzer has been configured to send email +notifications through the **Notification** node. See the [Notification](/docs/accessanalyzer/12.0/admin/settings/notification.md) topic for +additional information. + +The **Do Not Email Report If Blank** checkbox prevents reports from being sent via email if all +elements are blank when generated. A blank report can occur if there is an error in data collection +or if the report is configured for data which might not always be present (for example, new computer +objects created since last scan). + +**_RECOMMENDED:_** Enable the **Do Not Email Report If Blank** option. + +The report can be sent using the desired **Email Content** option: + +- Web Link – Sends an email notice that the report has been published and provides the recipient + with a link to it in the Web console +- Embedded HTML – Sends the report embedded inside the email using HTML format +- Data Tables as CSV (No Charts) – Attaches the complete data set (as configured within the report, + without row limit) to an email as a CSV file, excluding any charts +- PDF – Attaches the report to an email as a PDF file + +The **Subject(Prefix)** field identifies the prefix of the email subject line, unless inheritance is +broken at the job group, job, or report level. The prefix appears in the email header preceding the +report name. If left blank, Access Analyzer applies a prefix of `Access Analyzer Report` to the +email subject line. + +## Configure JavaScript Settings for the Web Console + +Any browser used to access the Web Console must have JavaScript allowed for all features of the Web +Console to function correctly. If the JavaScript permission is not set as allowed for the entire +browser, you must add the Web Console as an allowed site. + +Follow the steps to allow JavaScript on the Web Console in Microsoft Edge. + +**Step 1 –** Open Microsoft Edge Settings. + +![javascriptsitepermissions](/img/product_docs/accessanalyzer/12.0/admin/settings/javascriptsitepermissions.webp) + +**Step 2 –** Go to the **Cookies and site permissions** settings page, and click **JavaScript** +under All permissions. + +![javascriptsettings](/img/product_docs/accessanalyzer/12.0/admin/settings/javascriptsettings.webp) + +**Step 3 –** Click **Add** in the Allow section. On the Add a site window, enter the URL for the Web +Console and click **Add**. + +**NOTE:** If the global Allowed option is selected, you do not need to specifically add the Web +Console as an allowed site. + +The Web Console's URL is added to the Allow list and JavaScript is enabled for the Web Console. diff --git a/docs/accessanalyzer/12.0/admin/settings/schedule.md b/docs/accessanalyzer/12.0/admin/settings/schedule.md new file mode 100644 index 0000000000..6d41a31dc3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/schedule.md @@ -0,0 +1,219 @@ +# Schedule + +The Schedule node contains objects referred to as Schedule Service Accounts. A Schedule Service +Account is used to run scheduled tasks on the Access Analyzer Console server. + +![Schedule node](/img/product_docs/accessanalyzer/12.0/admin/settings/schedule.webp) + +Jobs can be executed manually as desired or scheduled to execute at designated times. For example, +you could schedule a job to run during hours when the office is closed and network traffic is low. +Windows uses the Schedule Service Account to access the task folders when launching scheduled tasks. +Schedule Service Accounts are configured at the global level, and this account can be used to +schedule jobs in the Schedule Wizard. See the [Schedules](/docs/accessanalyzer/12.0/admin/schedule/overview.md) topic for +additional information. + +**CAUTION:** On Windows 2016 servers, the Schedule Service Account cannot be signed into an active +session when the time comes for a scheduled task to start. Windows blocks the starting or running of +scheduled tasks using an account that is logged into the server. + +Password Storage Options + +The password for the credential provided can be stored in the Access Analyzer application or the +Access Analyzer Vault. + +Choosing between the Access Analyzer application and Access Analyzer Vault is a global setting +configured in the **Settings** > **Application** node. See the +[Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for additional information. + +Permissions + +Regardless of the account type, any account used to schedule tasks must have credentials with at +least the following to meet Least Privileged specifications: + +- Create Files/Write Data rights on the following Task folders: + + - Windows Task folder + - System 32 Task folder + - Member of **Log on as a Batch Job** local policy + + Otherwise, credentials must have local Administrator privileges on the Access Analyzer Console + server. + +- The following NTFS permissions for **Subfolders and Files Only** in the Access Analyzer Directory: + + - Create Files/Write Data + - Create Folders/Append Data + - Write Attributes + - Write Extended Attributes + +- To configure Least Privilege Model Schedule Service Accounts when Role Based Access is enabled, + see the [Role Based Access](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md) topic for additional information +- If using Windows authentication for the Storage Profile, the Schedule Service Account must have a + sufficient level of rights to connect to and interact with the Access Analyzer database. See the + [Storage](/docs/accessanalyzer/12.0/admin/settings/storage/overview.md) topic for additional information. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Schedule view. These +buttons become enabled when modifications are made to the Schedule global settings. Whenever changes +are made at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, +click **Cancel** if no changes were intended. + +The Access Analyzer vault provides enhanced security through enhanced encryption to various +credentials stored by the Access Analyzer application. See the [Vault](/docs/accessanalyzer/12.0/admin/settings/application/vault.md) topic +for additional information. + +## Schedule Service Account Types + +There are two types of accounts that can be used to configure the Schedule Service Account. + +![serviceaccounttypes](/img/product_docs/accessanalyzer/12.0/admin/settings/serviceaccounttypes.webp) + +Use one of the following options for the Schedule Service Account: + +- Use the local system account to schedule tasks – This option applies the credentials logged into + the Access Analyzer Console server + + - Credentials must have privileges sufficient for scheduling tasks on the Access Analyzer + Console server. If not, scheduled tasks fail to start. + - This option cannot be edited or deleted + +- User-supplied credentials – Provide credentials for a specific account with sufficient rights to + schedule tasks on the Access Analyzer Console server + + - The account can be either a domain account or a local Windows account + - A local Windows account is a specific account and not the default local system account + +_Remember,_ the Schedule Service Account cannot be signed into an active session on the Access +Analyzer Console server when the time comes for a scheduled task to start when it has a Windows 2016 +operating system. + +## Create a Schedule Service Account + +Follow the steps to create a Schedule Service Account. + +_Remember,_ the Schedule Service Account cannot be signed into an active session on the Access +Analyzer Console server when the time comes for a scheduled task to start when it has a Windows 2016 +operating system. + +![Add User credential option in the Schedule view](/img/product_docs/accessanalyzer/12.0/admin/settings/addusercredential.webp) + +**Step 1 –** Click **Add User credential** at the top of the Schedule view. The User Credentials +window opens. + +![User Credentials window](/img/product_docs/accessanalyzer/12.0/admin/settings/usercredentialswindow.webp) + +**Step 2 –** The window options change according to the value for the **Selected Account Type** +field. Select the appropriate account type and then provide the required information. The account +types are: + +- Active Directory Account – Use this option to specify a domain account + + - Domain – Auto-filled with the domain where the Access Analyzer Console server resides, change + by typing the domain name in the textbox or select a domain from the menu + - User name – Provide a domain account user name + - Password Storage – Choose the option for credential password storage: + + - Application – Uses Access Analyzer’s configured Profile Security setting as selected at + the **Settings** > **Application** node + - Managed Service Account – Use previously configured MSA and gMSAs for authentication. The + password fields are not applicable when this option is selected. See the + [Group Managed Service Accounts (gMSA) Configuration](/docs/accessanalyzer/12.0/admin/settings/connection/gmsa.md) topic for + additional information. + + - Password – Type the password + - Confirm – Re-type the password + +- Local Account – Use this option to specify a local account for the Access Analyzer Console server + + - User name – Provide the local account user name + - Password Storage – Choose the option for credential password storage: + + - Application – Uses Access Analyzer’s configured Profile Security setting as selected at + the **Settings** > **Application** node + + - Password – Type the password + - Confirm – Re-type the password + +**Step 3 –** Click **OK** and the credentials are verified. If there are no problems with the +provided credentials, the User Credentials window closes. Otherwise, one of the following error +messages might appear: + +- Passwords Do Not Match Error + + ![Passwords Do Not Match Error](/img/product_docs/accessanalyzer/12.0/admin/settings/passwordsdontmatch.webp) + + - This error indicates the two password entries do not match. Click **OK** and reenter the + passwords. + +- Bad User Name or Password Error + + ![Bad User Name or Password Error](/img/product_docs/accessanalyzer/12.0/admin/settings/incorrectlogondetails.webp) + + - This error indicates either the user account does not exist or the username and password do + not match. Click **OK** and reenter the information. + +- Insufficient Rights Error + + ![Insufficient Rights Error](/img/product_docs/accessanalyzer/12.0/admin/settings/insufficientrights.webp) + + - This error indicates the account supplied does not have sufficient rights to create and run + scheduled tasks. Click **OK** and provide credentials with sufficient rights. + +- GPO Network Security Error + + ![GPO Network Security Error](/img/product_docs/accessanalyzer/12.0/admin/settings/gponetworksecurity.webp) + + - This error indicates that the GPO Network Security settings are configured to not allow + storage of passwords and credentials for network authentication. Click OK. Disable the + domain’s GPO Network Security settings or exempt the Access Analyzer Server from GPO. + - This error will also appear when trying to schedule a task using the domain’s Schedule Service + Account where GPO Network Security is set to not allow storage of passwords and credentials + for network authentication + +**Step 4 –** The credential information appears in the User Credentials table. Click **Save** and +then **OK** to confirm the changes. To ensure these credentials take effect, exit and restart the +Access Analyzer application before scheduling any tasks. + +Access Analyzer can now schedule tasks with this Scheduled Service Account. + +## Edit a Schedule Service Account + +Follow the steps to edit a Schedule Service Account credentials. + +_Remember,_ the Schedule Service Account cannot be signed into an active session on the Access +Analyzer Console server when the time comes for a scheduled task to start when it has a Windows 2016 +operating system. + +![Edit option in the Schedule view](/img/product_docs/accessanalyzer/12.0/admin/settings/edit.webp) + +**Step 1 –** Select a credential from the User Credentials list and click on **Edit**. The User +Credentials window opens. + +**Step 2 –** Modify the credential information as needed. See Step 2 of the +[Create a Schedule Service Account](#create-a-schedule-service-account) topic for additional +information. + +**Step 3 –** Click **OK** and the credentials will be verified. If there are no problems with the +provided credentials, the User Credentials window closes. + +Access Analyzer can now schedule tasks with this Scheduled Service Account. + +## Delete a Schedule Service Account + +Follow the steps to delete a Schedule Service Account. + +![Delete option in the Schedule view](/img/product_docs/accessanalyzer/12.0/admin/settings/delete.webp) + +**Step 1 –** Select the credential from the User Credentials list and click **Delete**. The Delete +Credentials confirmation window appears. + +![Delete Credentials confirmation window](/img/product_docs/accessanalyzer/12.0/admin/settings/deletecredentials.webp) + +**Step 2 –** Click **OK** to confirm the deletion or **Cancel** to exit the deletion process. + +**Step 3 –** The User Credentials list now reflects the absence of the deleted Schedule Service +Account. Click **Save** and then **OK** to confirm the changes. To ensure these changes take effect, +exit and restart the Access Analyzer application. + +If all Schedule Service Accounts are removed and only the local System account remains, Access +Analyzer cannot create or run scheduled tasks unless the local system account has adequate +permissions. diff --git a/docs/accessanalyzer/12.0/admin/settings/sensitivedata/criteria.md b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/criteria.md new file mode 100644 index 0000000000..8947a87053 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/criteria.md @@ -0,0 +1,43 @@ +# Criteria Tab + +Configure the list of selected sensitive data criteria that will be used within sensitive data scan +jobs using the Criteria Tab. + +![Sensitive Data Criteria tab](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/criteriatab.webp) + +The options on the Criteria Tab are: + +- Add – Opens the Select Criteria window to add search criteria that will be inherited by Sensitive + Data scan jobs. See the [Select Criteria Window](#select-criteria-window) topic for additional + information. +- Remove – Removes the selected criteria from being inherited by Sensitive Data scan jobs +- Launch Editor – Opens the Sensitive Data Criteria Editor. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) topic + for additional information. +- Search selected criteria – Filter the criteria listed in the Criteria tab + +The **Cancel** and **Save** buttons are in the lower-right corner of the Sensitive Data view. These +buttons become enabled when modifications are made to the Sensitive Data global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +## Select Criteria Window + +Follow the steps to add Search Criteria for Sensitive Data scan jobs. + +![Add criteria](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/addcriteria.webp) + +**Step 1 –** Click **Add** to open the Select Criteria window. + +![Select Criteria window](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/selectcriteria.webp) + +**Step 2 –** Select the checkbox to select the criteria. Use the **Search Criteria** text field to +filter the list using keywords or expand each category to view and select individual Sensitive Data +search criteria. + +**Step 3 –** Click **OK** to confirm changes. The Select Criteria window closes. + +**Step 4 –** Click **Save** on the Sensitive Data view to save changes. + +The selected Search Criteria are now inherited by Sensitive Data scan jobs that are set to use +global sensitive data criteria settings. diff --git a/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/add.md b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/add.md new file mode 100644 index 0000000000..686191fe6c --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/add.md @@ -0,0 +1,24 @@ +# Adding False Positive Exclusion Filters + +Follow the steps to add a False Positive Exclusion Filter. + +![Add Filter on False Positives tab](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/addfilter.webp) + +**Step 1 –** Click **Add Filter** to open the Add False Positive Exclusion Filter window. + +![Add False Positive Exclusion Filter window](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp) + +**Step 2 –** Enter the **File Path** according to the type of format for the repository. + +**Step 3 –** Indicate the type of repository by selecting either **File System** or **SharePoint** +from the **Source** drop-down menu. + +**Step 4 –** Select the required criteria from the list by selecting the relevant checkboxes. You +can use the **Search Criteria** textbox to filter the list by keywords. + +**Step 5 –** Click **OK** to add the filter to the False Criteria list. The Add False Positive +Exclusion Filter window closes. + +**Step 6 –** Click **Save** on the Sensitive Data view to save changes. + +The false positive exclusion filter is now applied to Sensitive Data reports. diff --git a/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/delete.md b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/delete.md new file mode 100644 index 0000000000..ee887a0823 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/delete.md @@ -0,0 +1,11 @@ +# Deleting False Positive Exclusion Filters + +Follow the steps to delete a False Positive Exclusion Filter. + +![Delete Filter on False Positives tab](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/deletefilter.webp) + +**Step 1 –** Select a filter from the list and click **Delete Filter**. + +**Step 2 –** Click **Save** on the Sensitive Data view to save changes. + +The false positive exclusion filter has been successfully deleted. diff --git a/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/edit.md b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/edit.md new file mode 100644 index 0000000000..5d931cb441 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/edit.md @@ -0,0 +1,18 @@ +# Editing False Positive Exclusion Filters + +Follow the steps to edit a False Positive Exclusion Filter. + +![Edit Filter on False Positives tab](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/editfilter.webp) + +**Step 1 –** Click **Edit Filter** to open the Edit False Positive Exclusion Filter window. + +![Edit False Positive Exclusion Filter window](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp) + +**Step 2 –** Make modifications to the File Path, Source type, and Search Criteria. + +**Step 3 –** Click **OK** to confirm changes. The Edit False Positive Exclusion Filter window +closes. + +**Step 4 –** Click **Save** on the Sensitive Data view to save changes. + +The false positive exclusion filter has been successfully edited. diff --git a/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/export.md b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/export.md new file mode 100644 index 0000000000..e0f20e2d40 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/export.md @@ -0,0 +1,15 @@ +# Exporting False Positive Exclusion Filters + +Follow the steps to export selected False Positive Exclusion Filters into a TXT file. + +![Export on False Positives tab](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/exportfilter.webp) + +**Step 1 –** Select the false positive exclusion filters to export and click **Export**. The File +Explorer opens. + +![Select False Positive Exclusion filter file to export File Explorer window](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp) + +**Step 2 –** Enter a File name for the TXT file that the exported false positive exclusion filters +will be contained in. Click **Save**. + +The False Positive Exclusion Filters are now exported. diff --git a/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/import.md b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/import.md new file mode 100644 index 0000000000..bfaebb5af0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/import.md @@ -0,0 +1,33 @@ +# Importing False Positive Exclusion Filters + +Create an import (TXT) file containing a list of file paths for the files to be excluded from +Sensitive Data reports. The text file should have one file path per row. The import file needs to be +scoped to a single solution and a criteria set. + +Follow the steps to import a list of False Positive Exclusion Filter. + +![Import on False Positives tab](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/importfilter.webp) + +**Step 1 –** Click **Import** to open the Select False Positive Exclusion Filter file to import +window. + +![Select False Positive Exclusion Filter file to import window](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/importfileexplorer.webp) + +**Step 2 –** Navigate to the file that will be imported. Select the file and click **Open**. The +Configure Imported False Positive Exclusion Filters window opens. + +![Configure Imported False Positive Exclusion Filters window](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp) + +**Step 3 –** Select the repository type from the **Source** drop-down menu. + +**Step 4 –** Select the required criteria from the list. You can use the **Search Criteria** textbox +to filter the list by keywords. + +**Step 5 –** Click **OK** to confirm configurations. The Configure Imported False Positive Exclusion +Filters window closes. + +**Step 6 –** Click **Save** on the Sensitive Data view to save changes. + +The imported list of False Positive Exclusion Filters are now applied to Sensitive Data reports. If +all of the files in the import were not meant to have the same Source and Criteria set, see the +[Editing False Positive Exclusion Filters](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/edit.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/overview.md b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/overview.md new file mode 100644 index 0000000000..6e8c272404 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/overview.md @@ -0,0 +1,39 @@ +# False Positives Tab + +Configure False Positive exclusion filters using the options in the False Positives tab. False +Positives Filters listed here as False Positives results in the corresponding matches being removed +from Access Analyzer and Access Information Center reports. + +![False Positives tab](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/falsepositivestab.webp) + +The options under the False Positives Tab are: + +- Add Filter – Opens the Add False Positive Exclusion Filter window to add False Positive Exclusion + Filters. See the [Adding False Positive Exclusion Filters](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/add.md) topic for additional + information. +- Edit Filter – Opens the Edit False Positive Exclusion Filter window to edit the selected filters + in the list. See the [Editing False Positive Exclusion Filters](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/edit.md) topic for additional + information. +- Delete Filter – Deletes the selected false positive exclusion filter. See the + [Deleting False Positive Exclusion Filters](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/delete.md) topic for additional information. +- Import – Imports a text file to populate the False Positives tab with False Positive Exclusion + Filters. See the [Importing False Positive Exclusion Filters](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/import.md) topic for additional + information. +- Export – Exports selected false positive exclusion filters in a text file. See the + [Exporting False Positive Exclusion Filters](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/export.md) topic for additional information. + +The False Positives view displays the following information for the False Positive Exclusion +Filters: + +- File Path – Path of the file to be excluded from Sensitive Data reports +- Solution – Solution source of the exclusion filter. The two solution sources are: + + - File System + - SharePoint + +- Criteria – Sensitive Data criteria where the exclusion filter is applied + +The **Cancel** and **Save** buttons are in the lower-right corner of the Sensitive Data view. These +buttons become enabled when modifications are made to the Sensitive Data global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md new file mode 100644 index 0000000000..5a0b0e70ec --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md @@ -0,0 +1,19 @@ +# Sensitive Data + +The Sensitive Data node provides configuration options to manage sensitive data criteria and false +positive exclusion filters. These settings require Sensitive Data Discovery to be licensed. See the +[Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitivedatadiscovery/overview.md) topic for additional +information. + +**NOTE:** Sensitive data exclusion filters can only be applied to the +[File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) and the +[SharePoint Solution](/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md). + +![Sensitive Data settings](/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/sensitivedata.webp) + +The tabs in the Sensitive Data node are: + +- Criteria – Configure Search Criteria to be used in Sensitive Data scan jobs. See the + [Criteria Tab](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/criteria.md) topic for additional information. +- False Positives – Configure False Positive exclusion filters. See the + [False Positives Tab](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/admin/settings/servicenow.md b/docs/accessanalyzer/12.0/admin/settings/servicenow.md new file mode 100644 index 0000000000..674bfbc15e --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/servicenow.md @@ -0,0 +1,31 @@ +# ServiceNow + +The ServiceNow® node is for configuring the settings needed to integrate with ServiceNow. These +settings are exclusive to the Access Analyzer integration with ServiceNow and are used by the +ServiceNow Action Module. See the [ServiceNow Action Module](/docs/accessanalyzer/12.0/admin/action/servicenow/overview.md) topic +for additional information. + +![ServiceNow node](/img/product_docs/accessanalyzer/12.0/admin/settings/servicenow.webp) + +Provide ServiceNow authentication information to your ServiceNow instance. + +- Instance – The ServiceNow instance, for example `example.service-now.com` +- User Name and Password – The **Settings** > **ServiceNow** node at the global level can be + configured with a credential provisioned to create incidents as Callers in the **Assigned to** + field, and any other ServiceNow incident field that references the **sys_user** table. + +The **Cancel** and **Save** buttons are in the lower-right corner of the ServiceNow view. These +buttons become enabled when modifications are made to the ServiceNow global settings. Whenever +changes are made at the global level, click **Save** and then **OK** to confirm the changes. +Otherwise, click **Cancel** if no changes were intended. + +## Update ServiceNow Authentication Credentials + +Follow the steps to update the ServiceNow authentication credentials. + +**Step 1 –** In the ServiceNow Authentication section, enter a new **Password** for the user +account. + +**Step 2 –** Click **Save**. + +The credentials have been updated for ServiceNow authentication. diff --git a/docs/accessanalyzer/12.0/admin/settings/storage/add.md b/docs/accessanalyzer/12.0/admin/settings/storage/add.md new file mode 100644 index 0000000000..2c319eeef3 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/storage/add.md @@ -0,0 +1,64 @@ +# Add a Storage Profile + +Follow the steps to create a Storage Profile. + +![Add Storage profile option](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofile.webp) + +**Step 1 –** Click **Add Storage profile** at the top of the Storage view. + +![New Storage profile added](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofilename.webp) + +**Step 2 –** A new profile line appears in the Storage Profiles list with a generic name. Change the +Profile name to a unique and descriptive name. + +![Server Name field](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofileservername.webp) + +**Step 3 –** Type the SQL **Server name** in the textbox provided. This can be a NetBIOS name, a +fully qualified domain name, or an IP Address. If the SQL Server specified is configured to use a +named instance, provide the **Instance name** in the next textbox. + +![Command timeout field](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofiletimeout.webp) + +**Step 4 –** Specify the time in minutes that must expire before Access Analyzer halts any SQL +queries running for that amount of time. + +![Authentication options](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofileauthentication.webp) + +**Step 5 –** Select the radio button for the appropriate authentication mode. If using **SQL Server +authentication** , provide a **User name** and **Password** in the textboxes. + +**_RECOMMENDED:_** When possible, use Windows Authentication. Windows Authentication is more secure +than SQL Server Authentication. See the Microsoft +[Choose an authentication mode](https://learn.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode) article +for additional information. + +| ![Good connection test](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofilebadconnection.webp) | +| -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Good Connection Test | Bad Connection Test | + +**Step 6 –** It is recommended to test the credentials provided at this point. The radio button for +**Use existing database** should be selected by default. Test the SQL Server connection by clicking +the drop-down arrow for an existing database. If the connection is established, a listing of +databases appears. If the connection cannot be established, an error warning displays. + +![Database options](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofiledatabase.webp) + +**Step 7 –** Set the database through one of the following options: + +- Use existing database – Click this radio button and select a database from this list provided in + the drop-down menu +- Create new database – Click this radio button and provide a unique, descriptive name in the + textbox + +![Connection report](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/connectionreport.webp) + +**Step 8 –** Click **Apply** and a Connection report window opens. The Connection report checks for +the appropriate permissions and lists any that are missing. If no permissions are present, an error +message appears in the Connection report window. When there is a `Successful connection test`, click +**Close**. + +**Step 9 –** If **Create new database** was selected, the new database now exists. If **Use existing +database** was selected, the Storage Profile is now linked to the database. Click **Save** and then +**OK** to complete the creation of the new Storage Profile. + +The new Storage Profile is available to be used by Access Analyzer. diff --git a/docs/accessanalyzer/12.0/admin/settings/storage/default.md b/docs/accessanalyzer/12.0/admin/settings/storage/default.md new file mode 100644 index 0000000000..d125831bf4 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/storage/default.md @@ -0,0 +1,50 @@ +# Set a Default Storage Profile + +While multiple Storage Profiles can exist, only one profile can be set as the default. A green +checkmark next to the profile name indicates the default Storage Profile. Follow the steps to change +the default Storage Profile at the global level. + +![Set as Default option on Storage page](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/default.webp) + +**Step 1 –** Select the profile to be the new default, and click **Set as default**. The Change +storage profile window opens. + +![Change storage profile window](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/changestorageprofile.webp) + +**Step 2 –** There are three options for host management data migration. Select the desired option, +choose whether or not to apply the secondary option, and click **OK**. + +- Merge your host management data with data in the destination table (Recommended) – This option + keeps existing hosts and host discovery tasks in the destination and updates the tasks based on + the information found in the source database + + - Use destination value on conflict – If selected, any conflicting information between the + destination table and the source database is resolved in favor of the destination table + +- Overwrite data in the destination table – This option replaces existing hosts and host discovery + tasks with ones found in the source database + + - Also overwrite shared host inventory data – If selected, host inventory data is also replaced + with data found in the source database + +- Don’t copy your host management data to destination table – This option does not copy, update, or + overwrite information between databases + + - Clear data in destination table – If selected, all host management data in the destination + table is deleted + +![Change storage profile window when transfer is complete](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/changestorageprofilefinish.webp) + +**Step 3 –** When the host management data migration has completed, click **Finish**. + +![Storage page with new default storage profile](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/defaultsave.webp) + +**Step 4 –** A blue arrow now points to the new default Storage Profile. However, the arrow is also +an indication that the new default is not fully recognized by Access Analyzer. Click **Save** and +then **OK** to confirm the changes. + +**Step 5 –** Finally, to ensure these changes take effect, exit the Access Analyzer application and +relaunch it. + +The blue arrow is replaced by the green checkmark, indicating the new default Storage Profile is +recognized. diff --git a/docs/accessanalyzer/12.0/admin/settings/storage/delete.md b/docs/accessanalyzer/12.0/admin/settings/storage/delete.md new file mode 100644 index 0000000000..7707dab9a0 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/storage/delete.md @@ -0,0 +1,19 @@ +# Delete a Storage Profile + +Follow the steps to delete a Storage Profile. + +**NOTE:** This procedure does not delete databases from the SQL Server. It only removes the selected +Storage Profile from this Access Analyzer Console. + +![Delete Storage Profile option](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/delete.webp) + +**Step 1 –** Select the Storage Profile to be removed, and click **Delete**. + +![Confirm delete selected profile dialog](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/deleteconfirm.webp) + +**Step 2 –** Confirm the operation by clicking **OK**. + +**Step 3 –** The profile disappears from the Storage Profiles list. Click **Save** and then **OK** +to confirm the changes. + +The Storage Profile has now been deleted. diff --git a/docs/accessanalyzer/12.0/admin/settings/storage/overview.md b/docs/accessanalyzer/12.0/admin/settings/storage/overview.md new file mode 100644 index 0000000000..a41f526dc4 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/storage/overview.md @@ -0,0 +1,72 @@ +# Storage + +The Storage node contains objects known as Storage Profiles. Storage Profiles house the information +Access Analyzer uses to connect to a SQL Server database within your environment. + +![Storage Node](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/storage.webp) + +Each Storage Profile consists of the following parts: + +- Profile name – Unique, descriptive name which distinguishes the profile from others in cases where + multiple profiles exist +- Server name – Name of the SQL Server serving the database to be used for the Access Analyzer + database. The value format can be either a NetBIOS name, a fully qualified domain name, or an IP + Address. +- Instance name – Value of the named instance, if the SQL Server being connected to is configured to + use a named instance + + - To change the instance port number, provide the instance name in the format + `,`. For example, if using the default **MSSQLSERVER** instance and port + **12345**, the instance name should be entered as `MSSQLSERVER,12345`. + +- Command Timeout – Number of minutes before Access Analyzer halts any SQL queries running for that + amount of time. This prevents SQL queries from running excessively long. The default is 1440 + minutes. +- Authentication – Mode of authentication to the SQL Server. In general, it is recommended to + connect with an account configured with the DBO role (database owner rights) and provisioned to + use DBO Schema. + + **_RECOMMENDED:_** When possible, use Windows Authentication. Windows Authentication is more + secure than SQL Server Authentication. See the Microsoft + [Choose an authentication mode](https://learn.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode) article + for additional information. + + - Windows authentication – Leverages the account used to run the Access Analyzer Console + + **NOTE:** This option affects the credentials used for Schedule Service Accounts. See the + [Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) topic for additional information. + + - SQL Server authentication – Leverages the account provided in the **User name** and + **Password** textboxes + - Use existing password – Use the password configured for the Storage Profile account + - Specify a new password below – Enter a new password for the selected Storage Profile account + +- Database name – Name of the Access Analyzer database to use in this storage profile + + - Use existing database – Drop-down menu provides a list of databases on the named SQL Server, + provided the connection information supplied is correct. If the menu is empty, then a + connection to the SQL Server was not established. + - Create new database – Access Analyzer automatically creates a new database using the name + provided in the textbox. This value should be a unique, descriptive name. + +![Operations on the Storage view](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/storageoperations.webp) + +At the Storage view, the following operations are available: + +- Add Storage profile – Create a new Storage Profile. See the [Add a Storage Profile](/docs/accessanalyzer/12.0/admin/settings/storage/add.md) topic + for additional information. +- Set as default – Change the default Storage Profile. See the + [Set a Default Storage Profile](/docs/accessanalyzer/12.0/admin/settings/storage/default.md) topic for additional information. +- Delete – Remove a Storage Profile. See the [Delete a Storage Profile](/docs/accessanalyzer/12.0/admin/settings/storage/delete.md) topic for + additional information. + +**NOTE:** A green checkmark in the Storage Profiles list indicates the default Storage Profile. + +The **Cancel** and **Save** buttons are in the lower-right corner of the Storage view. These buttons +become enabled when modifications are made to the Storage global setting. Whenever changes are made +at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, click +**Cancel** if no changes were intended. + +The vault provides enhanced security through enhanced encryption to various credentials stored by +the Access Analyzer application. See the [Vault](/docs/accessanalyzer/12.0/admin/settings/application/vault.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/admin/settings/storage/updateauth.md b/docs/accessanalyzer/12.0/admin/settings/storage/updateauth.md new file mode 100644 index 0000000000..9febaf1f06 --- /dev/null +++ b/docs/accessanalyzer/12.0/admin/settings/storage/updateauth.md @@ -0,0 +1,18 @@ +# Update Authentication Credentials in a Storage Profile + +Follow the steps to update authentication credentials for a Storage Profile in the Access Analyzer +Console. + +**Step 1 –** Navigate to the **Settings** > **Storage** page. + +**Step 2 –** Locate and select a **Storage Profile** to update. + +![Specify a new password below option on Storage page](/img/product_docs/accessanalyzer/12.0/admin/settings/storage/updateauth.webp) + +**Step 3 –** In the Authentication section, click the **Specify a new password below** radio button. + +**Step 4 –** Enter a new **Password**. + +**Step 5 –** Click **Apply**. + +A new password has been added to a Storage profile. diff --git a/docs/accessanalyzer/12.0/administration/job-management/features.md b/docs/accessanalyzer/12.0/administration/job-management/features.md deleted file mode 100644 index d3eecfc896..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/features.md +++ /dev/null @@ -1,98 +0,0 @@ -# Special Features & Functions - -There are several special features and functions available for jobs and job components with which -Access Analyzer users should be familiar. - -View XML Files - -Job, query, analysis, and action property windows all have the **View XML** option. These provide -the ability to edit through an XML text window. - -Open Explore Folder - -Access Analyzer users can directly open a selected job or job group folder from the Jobs tree using -the **Explore Folder** option in the right-click menu. - -Publish Reports after Report Generation - -Reports that have been generated but not published can be sent to the Web Console using the -**Publish** option in the right-click menu from the selected Jobs tree, job group, or job node. See -the [Publish Reports Window](#publish-reports-window) topic for additional information. - -Job Configuration Change Tracking - -Jobs configuration changes can be tracked using the **Changes** option in the right-click menu from -the selected Jobs tree, job group, or job node. See the [Changes Window](/docs/accessanalyzer/12.0/administration/job-management/overview.md#changes-window) -topic for additional information. - -Job Export - -Jobs can be exported to a ZIP file using the **Export** option in the right-click menu from the -selected job group or job node. See the -[Export Job to Zip Archive Window](#export-job-to-zip-archive-window) topic for additional -information. - -See the [Jobs Tree Right-click Menus](/docs/accessanalyzer/12.0/administration/navigation/pane.md#jobs-tree-right-click-menus) section for -additional features. - -## Export Job to Zip Archive Window - -The Export Job to Zip Archive window opens from the **Export** option in the right-click menu from -the selected job group or job node. - -![Export from Jobs Tree menu](/img/product_docs/threatprevention/threatprevention/admin/navigation/export.webp) - -Select **Export** from the right-click menu to open the Export Group to Zip Archive window. - -![Export Group to Zip Archive window](/img/product_docs/accessanalyzer/admin/jobs/exportgrouptoziparchive.webp) - -The **Include all job components** option will zip the job’s directory, the reports, the job log, -and the SA_Debug log. The **Select specific components to export** option allows Access Analyzer -users to select which components to include in the ZIP file. - -There are two options for where to save the ZIP file: - -- Save in the exported folder – Saves the file in the job’s directory, for example - `%sainstalldir%Jobs\GROUP_.Active Directory Inventory\.Active Directory Inventory.zip` -- Save in the following location – Allows you to either type or browse to the desired save location - -The **Email this archive**checkbox provides the opportunity to send an email notification with the -attached ZIP file. - -![Support Email window](/img/product_docs/accessanalyzer/admin/jobs/supportemail.webp) - -When the archive has been created, the Access Analyzer Support Email window opens. By default, the -recipient is set to [Netwrix Support](https://www.netwrix.com/support.html) but it can be modified -prior to sending. Additional recipients can be added, and the Subject and email body can be -modified. - -## Publish Reports Window - -The **Publish Reports** wizard allows you to better manage the list of reports published to the Web -Console. - -When you right-click on a job group or job and select **Publish**, the Publish Reports wizard opens. -You can choose the list of reports to be published or removed from the Web Console. - -Follow the steps to publish the reports. - -**Step 1 –** Right-click on a job group or job and select **Publish** from the drop-down list. - -![Publish Reports wizard Action Type page](/img/product_docs/accessanalyzer/admin/jobs/publishreportsactiontype.webp) - -**Step 2 –** On the Action Type page, select the type of action to be performed on the reports and -click **Next**: - -- Publish Reports -- Delete Reports - -![Publish Reports wizard Report Tree page](/img/product_docs/accessanalyzer/admin/jobs/publishreportsreporttree.webp) - -**Step 3 –** On the Report Tree page, select the reports to be published or removed (depending on -the Action Type selected in the previous step). Click **Next** to proceed with the action. - -**Step 4 –** The Progress page shows you the status of the action. When it has completed, click -**Finish** to exit the wizard. - -Published reports can be viewed under the **[Job]** > **Results** node or through the Web Console. -See the [Reporting](/docs/accessanalyzer/12.0/reporting/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/job-management/group/connection.md b/docs/accessanalyzer/12.0/administration/job-management/group/connection.md deleted file mode 100644 index 804cf97c48..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/group/connection.md +++ /dev/null @@ -1,28 +0,0 @@ -# Connection Node - -At the job group level, the **Connection** node identifies the Connection Profile assigned for the -job group. All Connection Profiles are created at the global level (**Settings** > **Connection**). - -![Job Group Connection Settings](/img/product_docs/activitymonitor/activitymonitor/admin/monitoredhosts/add/connection.webp) - -By default, all job groups are set to inherit the **Use Default Profile** option from the global -level or a parent job group. See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for -additional information. - -If the Default Setting is not preferred, select the custom type of connection settings desired -below: - -- System default - - - For manual or ad hoc job execution, the account logged into the Access Analyzer Console is - applied to the target hosts for authentication - - For scheduled job execution, the account supplied as the Schedule Service account at the - **Settings** > **Schedule** node is applied to the target hosts for authentication - -- Select one of the following user defined profiles - - - Select a pre-configured Connection Profile from the drop-down menu - -Selecting the **Set all the child objects to inherit these settings** option forces inheritance of -this setting to all sub-groups and jobs within the job group. When enabled, this option overrides -any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/12.0/administration/job-management/group/history.md b/docs/accessanalyzer/12.0/administration/job-management/group/history.md deleted file mode 100644 index 33aa77f3eb..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/group/history.md +++ /dev/null @@ -1,29 +0,0 @@ -# History Node - -At the job group level, the History node identifies data retention and log retention periods -assigned for the job group. - -![Job Group History Settings](/img/product_docs/threatprevention/threatprevention/admin/policies/history.webp) - -By default, all job groups are set to inherit **Use Default Setting** option from the global level -(**Settings** > **History**) or a parent job group. See the [History](/docs/accessanalyzer/12.0/administration/settings/history.md) -topic for additional information. - -**CAUTION:** It is important to understand that some pre-configured jobs require history retention -while others do not support it. See job group and job descriptions for additional information. - -If the Default Setting is not preferred, select the custom type of retention settings desired below: - -- Data Retention Period - - - Never retain previous job data - - Retain previous job data for [number] [time period] - - Always retain previous job data - -- Log Retention Period - - - Retain previous job logs for [number] [time period] - -Selecting the **Set all the child objects to inherit these settings** option forces inheritance of -this setting to all sub-groups and jobs within the job group. When enabled, this option overrides -any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/12.0/administration/job-management/group/host-lists-assignment.md b/docs/accessanalyzer/12.0/administration/job-management/group/host-lists-assignment.md deleted file mode 100644 index c9c03d1df7..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/group/host-lists-assignment.md +++ /dev/null @@ -1,25 +0,0 @@ -# Host Lists Assignment - -At the job group level, the Host Lists Assignment node identifies target host lists assigned for the -job group. - -![Job Group Host Lists Assignment](/img/product_docs/accessanalyzer/admin/jobs/group/hostlistassignment.webp) - -At a top-level job group, there is no host list to be inherited. The **Use Default Settings** option -is grayed-out. However, a sub-job group can inherit host lists from a parent job group. Host lists -are configured through the **Host Management** node. See the -[Host Management](/docs/accessanalyzer/12.0/host-management/overview.md) topic for additional information. - -Several pre-defined solutions have default host lists already assigned to the solution, for example -the .Active Directory Inventory Job Group has the Default domain controller assigned at the job -group and inherited to the jobs. - -Select the host lists to be targeted by the job group. The **Filter host lists by** feature scopes -the list to match the search string provided. At the bottom of the list is an indicator of how many -hosts lists have been selected out of the total number of hosts lists known to the Access Analyzer -Console. If a filter has been applied, there is also an indicator of how many host lists matched the -search string. - -Selecting the **Set all the child objects to inherit these settings** option forces inheritance of -this setting to all sub-groups and jobs within the job group. When enabled, this option overrides -any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/12.0/administration/job-management/group/overview.md b/docs/accessanalyzer/12.0/administration/job-management/group/overview.md deleted file mode 100644 index c37d2d6bc3..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/group/overview.md +++ /dev/null @@ -1,107 +0,0 @@ -# Job Groups - -Job groups are designed to manage related jobs and can contain sub-job groups to ensure that related -jobs are executed in the correct order. To create a new job group, right-click on the desired -location (Jobs tree or another job group) and select **Create Group**. Then provide a unique, -descriptive name taking into consideration the alphanumeric ordering of the Jobs tree. - -![Example of Job Group Structure](/img/product_docs/accessanalyzer/admin/jobs/group/jobgroupstructure.webp) - -Job groups are organized similar to the Jobs tree, with the Settings node at the top, followed by -sub-job groups (job group for collection first, if applicable), then followed by analysis and -reporting jobs. Both are sorted in alphanumeric order. This is necessary because data collection -jobs must run prior to the analysis and reporting jobs that rely on the collected data without -consideration to the job’s name (alphanumeric order). - -## Job Group Description Page - -The Job Group Description page displays shortcuts, links, and important information on the job group -and the jobs contained within the Job Group. Depending on the type of job group, the description -page will appear different and display information specific to the job group selected. - -| ![Job Group Description page for a pre-configured job group](/img/product_docs/accessanalyzer/admin/jobs/group/descriptionpagenewgroup.webp) | -| -------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| Pre-Configured Job Group | User-Created Job Group | - -The two types of job groups in Access Analyzer are: - -- Pre-configured – The job group description page provides a brief summary of the purpose of the job - group, the jobs contained within, and special requirements if applicable -- User Created – Job group description of job description only provides generic information and - options - -**NOTE:** Every job group’s description includes options for creating a group, opening the Instant -Job Library, and creating a job. - -Pre-configured job group description pages provide users with shortcuts and links to many of the -functions that can be accessed in the Jobs Tree in the Navigation Pane. - -![Job Group Description page](/img/product_docs/accessanalyzer/admin/jobs/group/descriptionpage.webp) - -The sections of the job group description page are: - -- Job Group Settings Shortcuts – These pages can also be accessed through the job group Settings - Nodes in the Navigation Pane. See the [Job Groups Settings Node](/docs/accessanalyzer/12.0/administration/job-management/group/settings.md) topic for additional - information. - - - Storage – Configure the job group’s Storage options - - History – Configure the job group’s History options - - Connection – Configure the job group’s Connection options - - Reporting – Configure the job group’s Reporting options - - Host Lists Assignment – Select the targeted host list in the job group’s Host Lists Assignment - -- Help – Opens the [Netwrix Technical Knowledge Center](https://helpcenter.netwrix.com/) in a - browser to a relevant landing page for the job group -- Run Now – Runs the currently selected job group -- Schedule – Opens the Schedule page to schedule the job group -- Open Folder – Opens the job group’s folder location with supporting files in the Windows Explorer -- Create Group – Creates a job group within the currently selected job group -- Create Job – Creates a job within the currently selected Job -- Add Instant Job – Add an Instant Job using the Instant Job Wizard. See the - [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for additional information. - -![Overview section of Job Group description page](/img/product_docs/accessanalyzer/admin/jobs/group/descriptionpageoverview.webp) - -The Overview section provides summary information about the job group. This section includes the -following information: - -- Assigned Host List – Hovering over the **Assigned Host List** button shows a tool-tip with - information on the hosts lists are assigned to the job group - - - Click on the **Assigned Host List** button to go to the Job Group's Host List Assignment node. - See the [Host Lists Assignment](/docs/accessanalyzer/12.0/administration/job-management/group/host-lists-assignment.md) topic for additional information. - -- Show Inherited Settings – Click on the **Show Inherited Settings** button to view information on - the following: - - - Connection Profile - - Data Retention Period - - Log Retention Period - - Reporting Settings - - Storage Account - -- Contents – Shows the job groups and jobs contained within the currently selected job group - -**NOTE:** If applicable, the page shows special instructions for which hosts need to be targeted for -proper job group execution. - -### Job Settings: Inherited and Directly Applied - -Job group settings can be applied directly or inherited. On the job group level, it is considered -that all settings are applied directly. - -![Show Inherited Settings on Job Overview page](/img/product_docs/accessanalyzer/admin/jobs/group/showinheritedsettings.webp) - -If not, click the **Show inherited settings** button to expand the inherited settings list (they are -highlighted in blue). - -The following inherited settings are available: - -| Setting | Description | -| --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Connection profile | The tooltip shows the account name used in the connection profile. Clicking the button opens the parent Connection settings for the selected job group. See [Connection Node](/docs/accessanalyzer/12.0/administration/job-management/group/connection.md) for more information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit the Profile – Clicking the link opens the Connection settings for the current profile - Use Default Profile – Clicking the link applies the connection profile set as default on a global level to a job. In this case, this setting is hidden under the **Show Inherited Settings** button. - List of profiles – Allows switching between existing connection profiles and apply a desired one to a job | -| Data Retention Period | The tooltip shows the current value for the data retention period (by default, **Never retain previous job data**). Clicking the button opens the parent History settings for the selected job group. See the [History Node](/docs/accessanalyzer/12.0/administration/job-management/group/history.md) topic for additional information. | -| Log Retention Period | The tooltip shows the current value for log retention period (by default, **Retain previous job log for 7 times**). Clicking the button opens the parent History settings for the selected job group. See the [History Node](/docs/accessanalyzer/12.0/administration/job-management/group/history.md) topic for additional information. | -| Hosts Lists | The tooltip shows the names of the host lists assigned to this job group. If you have more than three host lists assigned to a job group, the tooltip shows 3 hosts name and the number of other hosts lists assigned (for example, if 5 hosts are assigned it shows `Host1, Host2, Host3 + 2 more`). Clicking the button opens the parent Host Lists setting for the selected job group. See the [Host Lists Assignment](/docs/accessanalyzer/12.0/administration/job-management/group/host-lists-assignment.md) topic for additional information. | -| Reporting Settings | Clicking the Reporting Settings button opens the parent Reporting settings for the selected job group including publishing options, email settings, and roles. See the [Reporting Node](/docs/accessanalyzer/12.0/administration/job-management/group/reporting.md) topic for additional information. | -| Storage Profile | The tooltip shows the current SQL Server instance, database name, user account, and authentication type used for the selected job group. See the [Storage Node](/docs/accessanalyzer/12.0/administration/job-management/group/storage.md)s topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit This Profile – Clicking the link opens the Storage settings for the current profile - Use Default Profile – Clicking the link applies the storage profile set as default on a global level to a job. In this case, this setting is hidden under the **Show Inherited Settings** button - List of existing profiles – Allows switching between existing storage profiles and apply a desired one to a job | diff --git a/docs/accessanalyzer/12.0/administration/job-management/group/reporting.md b/docs/accessanalyzer/12.0/administration/job-management/group/reporting.md deleted file mode 100644 index 6f64805891..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/group/reporting.md +++ /dev/null @@ -1,22 +0,0 @@ -# Reporting Node - -At the job group level, the **Reporting** node identifies the report publishing and email -configurations assigned for the job group. By default, all job groups are set to inherit the -reporting settings, the **Use default setting** option, from the global level (**Settings** > -**Reporting**), or a parent job group. See the [Reporting](/docs/accessanalyzer/12.0/administration/settings/reporting.md) topic for -additional information. - -**NOTE:** If the Role Based Access feature is enabled, it also displays a list of all accounts -granted access to the published reports via the Web Console that are generated by any jobs within -the job group. - -![Job Group Reporting Settings page](/img/product_docs/accessanalyzer/admin/settings/reporting.webp) - -Checking the **Set all the child objects to inherit these settings** option at the bottom of the -page forces inheritance of these settings to all sub-groups and jobs within the job group. When -enabled, this option overrides any custom settings configured for the child objects. - -**NOTE:** The **Set all the child objects to inherit these settings** option has no impact on the -inheritance of Report Roles. - -## Publish diff --git a/docs/accessanalyzer/12.0/administration/job-management/group/settings.md b/docs/accessanalyzer/12.0/administration/job-management/group/settings.md deleted file mode 100644 index ce9fac8ff4..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/group/settings.md +++ /dev/null @@ -1,38 +0,0 @@ -# Job Groups Settings Node - -A job group’s Settings node is where custom configurations can be set and where the host lists are -assigned to a job group. - -![Job group settings in the Jobs Tree](/img/product_docs/activitymonitor/config/dellpowerscale/settings.webp) - -These settings inherit the global settings down by default unless inheritance is broken at a job -group or a job level. - -- [Connection Node](/docs/accessanalyzer/12.0/administration/job-management/group/connection.md) – Use the default Connection Profile or break inheritance to - select the Connection Profile needed for the assigned host lists for this job group -- [History Node](/docs/accessanalyzer/12.0/administration/job-management/group/history.md) – Use the default history settings or break inheritance on data - retention and log retention settings for this job group -- [Host Lists Assignment](/docs/accessanalyzer/12.0/administration/job-management/group/host-lists-assignment.md) – Use the default host list configured on a parent - job group or break inheritance on assigned host lists for this job group - - **NOTE:** Host List Assignments is not a global setting. The pre-configured solutions may - contain Host List Assignments configured to use Global Default Host Lists, for example All - Domain Controllers. See the - [Default Host Lists](/docs/accessanalyzer/12.0/administration/settings/host-inventory.md#default-host-lists) topic for additional - information. - -- [Reporting Node](/docs/accessanalyzer/12.0/administration/job-management/group/reporting.md) – Use the default report settings or break inheritance on Published - Report settings, Email settings, and Report role assignment for this job group -- [Storage Node](/docs/accessanalyzer/12.0/administration/job-management/group/storage.md) – Use the default storage profile or break inheritance on where this - job group's data is stored - -If changes are made, click **Save** to implement the changes. Changes are not implemented unless -they are saved. - -**Host List Assignment** and **Connection** are the two settings that should always be confirmed -before executing a job group or job when data collection is included. The assigned host lists -contains the hosts that are targeted by the job’s data collection queries. The assigned Connection -Profile must have the appropriate level of permissions in order for the data collection to be -successful. See the -[Permissions by Data Collector (Matrix)](/docs/accessanalyzer/12.0/data-collection/permission-matrix/index.md) topic for -information on the recommended permissions needed on the targeted hosts in order to collect data. diff --git a/docs/accessanalyzer/12.0/administration/job-management/group/storage.md b/docs/accessanalyzer/12.0/administration/job-management/group/storage.md deleted file mode 100644 index 77ad426a91..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/group/storage.md +++ /dev/null @@ -1,16 +0,0 @@ -# Storage Node - -At the job group level, the Storage node identifies the Storage Profile assigned for the job group. -All Storage Profiles are created at the global level (**Settings** > **Storage**). See the -[Storage](/docs/accessanalyzer/12.0/administration/settings/storage/overview.md) topic for additional information. - -![Job Group Storage Settings](/img/product_docs/accessanalyzer/admin/settings/storage/storage.webp) - -By default, all job groups are set to inherit the **Use Default Profile** option from the global -level or a parent job group. If it is necessary for a job group to send data to a different -database, the Storage Profile must already exist at the global level. Select the **Use This -Profile** radio button and choose the non-default Storage Profile from the drop-down menu. - -Selecting the **Set all the child objects to inherit these settings** option forces inheritance of -this setting to all sub-groups and jobs within the job group. When enabled, this option overrides -any custom settings configured for the child objects. diff --git a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/ad-password-expiration-notification.md b/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/ad-password-expiration-notification.md deleted file mode 100644 index 964ca98752..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/ad-password-expiration-notification.md +++ /dev/null @@ -1,240 +0,0 @@ -# AD_PasswordExpirationNotification Job - -The AD_PasswordExpirationNotification Job determines when Active Directory user passwords are about -to expire and can be configured to send notifications to users prior to password expiration. It is -available through the Instant Job Library under the Active Directory library. See the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) section for instructions to add this instant job into the Jobs -tree. Since this job does not require a host to target, select Local host on the Hosts page of the -Instant Job Wizard. - -![AD_PasswordExpirationNotification job in the Jobs tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Runtime Details: - -- Dependencies – The .Active Directory Inventory Job Group must be successfully run before running - this job -- Target Hosts – None -- Scheduling – This job should be scheduled to run as desired -- History Retention – Not supported and should be turned off -- Multi-console Support – Not supported - -The AD_PasswordExpirationNotification Job runs analysis tasks that generate tables and configure -password expiration notifications. It also generates a report on passwords expiring within a -specified parameter, by default within 15 days. If desired, notifications of password expiration can -be configured to send to a help desk email (through an analysis task) and to the user (through an -action task). - -## Analysis Tasks for the AD_PasswordExpirationNotification Job - -Navigate to the **Jobs** > **AD_PasswordExpirationNotification** > **Configure** node and select -**Analysis** to view the analysis tasks. - -![Default Analysis Tasks for the Job](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- 1. User Password Information – Creates the PasswordExpirationNotification_Details table - accessible under the job’s Results node - - Contains a configurable parameter for the number of days until a password expires to be - identified - - See the - [Customizable Analysis Tasks for the AD_PasswordExpirationNotification Job](#customizable-analysis-tasks-for-the-ad_passwordexpirationnotification-job) - topic for additional information. -- 2. Domain Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation -- 3. Passwords Set to Expire Within 15 Days – Creates the - PasswordExpirationNotification_ExpiresWithin15Days table accessible under the job’s Results - node -- 4. Notification Data Table – Creates the - PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table accessible under - the job’s Results node -- 5. Help Desk Notification – Sends notification of users with passwords set to expire in X days - - See the - [Notification Analysis Task in the AD_PasswordExpirationNotification Job](#notification-analysis-task-in-the-ad_passwordexpirationnotification-job) - topic for additional information. - -## Action for the AD_PasswordExpirationNotification Job - -Navigate to the **Jobs** > **AD_PasswordExpirationNotification** > **Configure** node and select -**Actions** to view the action modules. - -**CAUTION:** This action is enabled by default. - -![Default Action Tasks for the Job](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/actiontasks.webp) - -The default actions are: - -- 1. User Notification – Uses the SendMail Action Module to send notifications to users on - password expiration - - Requires the Notification Actions license feature - - See the - [Action Task in the AD_PasswordExpirationNotification Job](#action-task-in-the-ad_passwordexpirationnotification-job) - topic for additional information. - -In addition to the tables created by the analysis and action tasks, the -AD_PasswordExpirationNotification Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------------------- | -------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------- | -| Passwords Expiring Within 15 Days | This report displays users accounts with passwords set to expire within 15 days. | None | This report is comprised of one element: - Table – Displays details on passwords expiring within 15 days | - -## Customizable Analysis Tasks for the AD_PasswordExpirationNotification Job - -Customizable parameters enable Access Analyzer users to set the values used to classify user and -group objects during this job’s analysis. The parameters can be customized and are listed in a -section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s -parameters. - -**CAUTION:** Do not change the table names or report name to align with a different value supplied -for this parameter. Modifying the table names will result in analysis and report errors downstream. -Only the report title and descriptions can be modified within the report configuration. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ---------------------------- | --------------------------- | ------------- | ------------------------------------------------------------------------------------------------- | -| 1. User Password Information | @pswLen | 15 | Number of days left until a password expires, should be set according to an organizations policy. | - -The parameters that can be customized are listed in a section at the bottom of the SQL Script -Editor. Follow the steps to customize an analysis task’s parameters. - -**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**Step 2 –** In the Analysis Selection view, select the **1. User Password Information** Analysis -Task and click on **Analysis Configuration**. The SQL Script Editor opens. - -![1. User Password Information Analysis Task in SQL Script Editor](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/customizeanalysistask.webp) - -**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. -Double-click on the current value and change as desired. - -**CAUTION:** Do not change any parameters where the Value states **Created during execution**. - -**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. - -The new value will be applied to the next job execution. - -## Notification Analysis Task in the AD_PasswordExpirationNotification Job - -The Notification Analysis Task can be used to send a single email to specified recipients containing -a list of all users whose passwords will expire in the specified number of days, that is the users -listed in the PasswordExpirationNotification_ExpiresWithin15Days table. The analysis is enabled by -default. Therefore, when the job is executed the following message is sent to the specified -recipient, such as the organization’s help desk, with information from the associated table: - -_Subject:_ Users with Passwords About To Expire - -Support Team, - -Heads-up.  The following users are facing password expiration in seven days or less: - -**[[ -- Password for [User] ([NTAccount]) expires in [DaysUntilExpiration] days** - -**]** - -Thank you, - -Netwrix - -**CAUTION:** Do not modify the tags, highlighted in bold text above. - -The Subject or message body can be modified, for example to replace `Netwrix` with the -organization’s name. Follow the steps to configure the 5. Help Desk Notification Analysis Task. - -**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select -**Analysis** to view the Analysis tasks. - -**Step 2 –** In the Analysis Selection view, select the **5. Help Desk Notification Analysis Task** -and click on **Analysis Configuration**. The Notification Data Analysis Module opens. - -![SMTP properties page](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/smtpproperties.webp) - -**Step 3 –** Use the **Next** button to navigate to the SMTP properties page. Do not make changes to -the preceding pages. The email configuration takes place on the SMTP page. Provide the recipients’ -email addresses, Message Subject, and add the notification email content. - -![SMTP properties add email recipients](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/smtppropertiesrecipients.webp) - -In the Recipients section, provide the email addresses in the text box or distribution lists in the -E-mail field (fully qualified address) for those who are to receive this notification, for example -the organization’s Help Desk. Multiple addresses can be input by adding a semicolon (;) and space -between entries. - -Use the **Add** and **Remove** buttons to add or remove the address in the E-mail field from the -Recipients list. There is an option to **Combine multiple messages into single message**, which is -checked by default so that it sends one email for all users in the record set instead of one email -per user. - -![Message section of SMTP properties page](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/smtppropertiesmessage.webp) - -In the Message section, the **Subject** should be configured. Then set the email content in the text -box as desired. - -**Step 4 –** To save these configuration changes, use the **Next** button to navigate to the Summary -page. Do not make changes to any other pages. Click **Finish**. The Notification Data Analysis -Module window closes. - -![Analyis Tasks view](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp) - -**Step 5 –** This notification analysis task is now configured to send emails. In the Analysis -Selection view, ensure the 5. Help Desk Notification Analysis Task is checked so that notifications -can be sent automatically during the execution of the AD_PasswordExpirationNotification Job. - -The recipients added in Step 3 receive a notification when the AD_PasswordExpirationNotification Job -is executed. - -## Action Task in the AD_PasswordExpirationNotification Job - -The 1. User Notification Action Task uses the SendMail Action Module to send users notification of -password expiration. It targets the SMTP Address Column of the users whose passwords are going to -expire within the desired number of days, that is the users listed in the -PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table. The action is enabled by -default. Therefore, when the job is executed the following message is sent to all users in the -associated table: - -_Subject:_ Attention **[User]** - Your Password Expires in **[DaysUntilExpiration]** Days - -Hello **[User]**, - -The password for the account **[NTAccount]** expires on **[ExpirationDate]**. Please change the -password prior to the expiration date.  If account profiles are used on mobile devices, please -remember to update the password on each device used. - -Thank you, - -Netwrix - -**CAUTION:** Do not change the recipient for the action task. While the tags can be moved, do not -remove or modify the tags, which are highlighted in bold text above. - -The subject or message body can be modified, for example to replace `Netwrix` with the -organization’s name. Follow the steps to modify the Subject or message body within the 1. User -Notification Action Task. - -**NOTE:** It is necessary for the -PasswordExpirationNotification_ExpiresWithin15Days_UserNotifications table to exist in the database -before this action task can be modified. - -**Step 1 –** Navigate to the **AD_PasswordExpirationNotification** > **Configure** node and select -**Actions**. - -**Step 2 –** In the Action Selection view, select the **1. User Notification** Action Task and click -on **Action Properties** to view the actions. - -**CAUTION:** Do not modify the action task properties. - -**Step 3 –** In the Action Properties view, the action properties and a preview of the users from -the associated table are displayed. Click **Configure Action**. The Send Mail Action Module Wizard -opens. - -![Send Mail Action Module Wizard Message page](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/actionwizardmessage.webp) - -**Step 4 –** Click **Next** to navigate to the Message page. Modify the message **Subject** and -email content as desired. - -**Step 5 –** Click **Next** and then **Finish** to save the changes. The Send Mail Action Module -Wizard closes. - -**Step 6 –** Click **Save** on the Action Properties view. - -When the action task is enabled, it executes as part of the job. Optionally, the action task can be -manually executed. diff --git a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/ex-register-azure-app-auth.md b/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/ex-register-azure-app-auth.md deleted file mode 100644 index 4ceb077243..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/ex-register-azure-app-auth.md +++ /dev/null @@ -1,90 +0,0 @@ -# EX_RegisterAzureAppAuth Job - -EX_RegisterAzureAppAuth will register an Microsoft Entra ID (formerly Azure AD) application for -authentication and provision appropriate permissions for Exchange Online scans. It requires: - -- A Connection Profile containing a Microsoft Entra ID Global Admin credential with an Account Type - of **Task (Local)** -- Exchange Online Management v3.4.0 - - - You can install this module with the following command: - - ``` - Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 - ``` - -- Azure AD PowerShell module installed on targeted hosts - - **NOTE:** If the module is not already installed, the job will attempt to install it. - - - You can install the module with the following command: - - ``` - Install-Module AzureAD - ``` - - - TLS 1.2 is required for the Azure AD PowerShell module. Run the following command to configure - it: - - ``` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - ``` - -- Microsoft Graph PowerShell module installed on targeted hosts - - - You can install the module with the following command: - - ``` - Install-Module Microsoft.Graph - ``` - -## Using the EX_RegisterAzureAppAuth Job - -Follow the steps to configure and run the EX_RegisterAzureAppAuth Job. - -**Step 1 –** In Access Analyzer navigate to the Exchange Job Group (or any other Job Group you wish -to place the EX_RegistureAzureApp job into). - -**Step 2 –** Click **Add Instant Job** to open the Instant Job Wizard. - -**Step 3 –** Install the EX_RegisterAzureAppAuth Job from the Instant Job Library under the Exchange -General library. After installation, the job tree automatically refreshes with the new job available -within the selected Job Group. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for additional -information. - -**Step 4 –** On the job description page, in the Configuration section, select the edit button for -**Name of the app as it will appear in the Azure applications list** and enter the name you want to -apply to the registered Microsoft Entra ID application. Click **Save**. - -**Step 5 –** In the same section, select the edit button for **Password used for the Azure -application and to encrypt the certificate file in the local file system** and enter the password to -use for the Microsoft Entra ID application. Click **Save**. - -**Step 6 –** (Optional) For non-standard tenant types, edit the **Azure Environment Name...** option -to provide the full environment name. For a standard tenant, leave this option blank. - -- For example, if leveraging a government (or GCC) tenant, enter **AzureGovernment** -- Additional options include: AzureChinaCloud, AzureCloud, AzureGermanyCloud, AzurePPE, - AzureGovernment2, and AzureGovernment3 - -**Step 7 –** On the **Configure** > **Hosts** node, select the target hosts. The targeted hosts -should be the Microsoft Entra tenant name (for example, `myorg.onmicrosoft.com`). Click **Save**. -The job is now ready to be run. - -**Step 8 –** Run the EX_RegisterAzureAppAuth Job. - -**Step 9 –** After the job successfully runs, it opens a browser window to Microsoft Entra ID. -Log-in as a Global Administrator, and grant administrator consent to the Application's configured -API Permissions. - -- If this login attempt fails or you close the browser, you will need to login to Microsoft Entra ID - as a Global Administrator and navigate to the Application's API Permissions to grant Admin Consent - before the Application can be used for Exchange scans in Access Analyzer. - -The Microsoft Entra ID application is now provisioned with the necessary permissions for Exchange -Online scans. There will be a new Connection Profile for this Application. Restart the Access -Analyzer Console and enter a password to use this Connection Profile. - -_Remember,_ the required rights and roles for Exchange Online still need to be configured. See the -[Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange-online.md) -topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/fs-defend-sdd.md b/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/fs-defend-sdd.md deleted file mode 100644 index 670d08056a..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/fs-defend-sdd.md +++ /dev/null @@ -1,86 +0,0 @@ -# FS_DEFEND_SDD Job - -The FS_DEFEND_SDD Job exports sensitive data matches collected by the File System Solution Sensitive -Data Discovery Auditing jobs to Threat Manager. It is available through the Instant Job Library -under the File System library. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for instructions to -add this instant job into the Jobs tree. - -For installing the job, select **Local host** on the Hosts page of the Instant Job Wizard. Then set -the host list according to the following information. - -![FS_DEFEND_SDD job in the Jobs tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Runtime Details: - -- Dependencies – The following job groups must be successfully run before running this job - - **FileSystem** > **0.Collection** Job Group - - **FileSystem** > **7.Sensitive Data** Job Group -- Special Instructions - - A Connection Profile must be created using the Web Services (JWT) credential account type with - the specified Threat Manager App Token and assigned to this job - - See the - [Custom Connection Profile for FS_DEFEND_SDD Job](#custom-connection-profile-for-fs_defend_sdd-job) - topic for additional information - - Assign the Connection Profile on the Connection tab of the job’s Properties - - The Threat Manager host name with port, [HOST]:8080, and App Token are generated within Threat - Manager: - - Navigate to the **Configuration** > **App Tokens** page - - Create a new app token - - Copy the Host Name and Token - - See the Access Analyzer Integration topic of the - [Netwrix Threat Manager Documentation](https://helpcenter.netwrix.com/category/stealthdefend) - for additional information. -- Target Hosts – Custom Host List - - Threat Manager target host is the Threat Manager host name with port, [HOST]:8080 - - Format – [HOST]:8080 - - Assign host list at the **FS_DEFEND_SDD** > **Configure** > **Hosts** (see the - [Hosts Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/hosts.md) topic for additional information) -- Scheduling – This job should be scheduled to run as desired -- History Retention – Not supported and should be turned off -- Multi-console Support – Not supported - -The FS_DEFEND_SDD Job runs an analysis task that generates the SA_FSAA_SDD_RESULTS table, which -places the data in a compatible format for Threat Manager. It then runs an action task using the Web -Request Action Module to send the data to Threat Manager. - -## Analysis Tasks for the FS_DEFEND_SDD Job - -Navigate to the **Jobs** > **FS_DEFEND_SDD** > **Configure** node and select **Analysis** to view -the analysis tasks. - -![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- Create FSAA DEFEND table – Creates the FSAA_SDD_RESULTS table accessible under the job’s Results - node - -## Actions for the FS_DEFEND_SDD Job - -Navigate to the **Jobs** > **FS_DEFEND_SDD** > **Configure** node and select **Actions** to view the -actions. - -**CAUTION:** This action is enabled by default. - -![Default Action Tasks for the Job](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/actiontasks.webp) - -The default action is: - -- Integrate – Uses the Web Request Action Module to send data to Threat Manager - -## Custom Connection Profile for FS_DEFEND_SDD Job - -The FS_DEFEND_SDD Job requires a custom Connection Profile to authenticate to Threat Manager. The -credential for the Connection Profile must be created with the Web Services (JWT) account type. -Remember, the Threat Manager App Token is generated within Threat Manager. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Web Services (JWT) -- Domain – Not a field for this type of credential, defaults to `` -- User name – Not a field for this type of credential -- Password Storage: Application – Uses Access Analyzer’s configured Profile Security setting as - selected at the **Settings** > **Application** node -- Access Token – Copy and paste the Threat Manager App Token - -See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/fs-migrate-schema.md b/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/fs-migrate-schema.md deleted file mode 100644 index c4a1936fe8..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/fs-migrate-schema.md +++ /dev/null @@ -1,55 +0,0 @@ -# FS_MigrateSchema Job - -The FS_Migrate_Schema Job migrates the schema in order to support the use of 64-bit ResourceID's -without affecting data. It is available through the Instant Job Library under the File System -library. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for instructions to add this instant job -into the Jobs tree. - -For installing the job, select **Local host** on the Hosts page of the Instant Job Wizard. - -![FS_MigrateSchema job in the Jobs tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Runtime Details: - -- Dependencies – None -- Target Hosts – None -- Scheduling – This job should be scheduled to run as desired -- History Retention – Not supported and should be turned off -- Multi-console Support – Not supported -- Additional Notes – None - -The FS_Migrate Schema Job migrates the schema in order to support the use of 64-bit ResourceID's -without affecting data. - -## Analysis Tasks for the FS_MigrateSchema Job - -Navigate to the **Jobs** > **FS_MigrateSchema** > **Configure** node and select **Analysis** to view -the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- 1.Migrate Resources – Migrates the SA_FSAA_Resources table to leverage 64-bit IDs -- 2.Migrate UnixRights – Migrates the SA_FSAA_UnixRights table to leverage 64-bit IDs -- 3.Migrate Gates – Migrates the SA_Gates table to leverage 64-bit IDs -- 4.Migrate GatesProxy – Migrates the SA_FSAA_GatesProxy table to leverage 64-bit IDs -- 5.Migrate Exceptions – Migrates the SA_FSAA_Exceptions table to leverage 64-bit IDs -- 6.Migrate ProbableOwners – Migrates the SA_FSAA_ProbableOwners table to leverage 64-bit IDs -- 7.Migrate FileSizes – Migrates the SA_FSAA_FileSizes table to leverage 64-bit IDs -- 8.Migrate FileTypes – Migrates the SA_FSAA_FileTypes table to leverage 64-bit IDs -- 9.Migrate FileAges – Migrates the SA_FSAA_FileAges table to leverage 64-bit IDs -- 10.Migrate FileTags – Migrates the SA_FSAA_FileTags table to leverage 64-bit IDs -- 11.Migrate DFS Links – Migrates the SA_FSDFS_Links table to leverage 64-bit IDs -- 12.Migrate DLP Matches – Migrates the SA_FSDLP_Matches table to leverage 64-bit IDs -- 13.Migrate DLP MatchHits – Migrates the SA_FSDLP_MatchHits table to leverage 64-bit IDs -- 14.Migrate DLP MatchHits Subject Profile – Migrates the SA_FSDLP_MatchHits_SubjectProfile table to - leverage 64-bit IDs -- 15.Migrate FSAC ActivityEvents – Migrates the SA_FSAC_ActivityEvents table to leverage 64-bit IDs -- 16.Migrate DailyActivity – Migrates the SA_FSAC_DailyActivity table to leverage 64-bit IDs -- 17.Migrate FSAC RenameTargets – Migrates the SA_FSAC_RenameTargets table to leverage 64-bit IDs -- 18.Migrate FSAC Exceptions – Migrates the SA_FSAC_Exceptions table to leverage 64-bit IDs -- 19.Refresh Views – Updates viewable metadata diff --git a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md b/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md deleted file mode 100644 index 00b4886d2f..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md +++ /dev/null @@ -1,55 +0,0 @@ -# Instant Job Wizard - -The Access Analyzer Instant Job Wizard provides access to a library of instant solutions and instant -jobs, which are pre-configured for Access Analyzer. Instant solutions contain groups of jobs to help -solve a wide range of problems within each category. Instant jobs help solve specific problems. The -instant solutions available align to an organization’s license key. See -the[Solutions](/docs/accessanalyzer/12.0/solutions/index.md) topic for additional information. - -Follow the steps to install an instant solution or an instant job with the Instant Job Wizard. - -![Add Instant Job from context menu](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/addinstantjob.webp) - -**Step 1 –** Select the Jobs tree (for an instant solution) or the desired job group (for an instant -job), right-click on the node, and select **Add Instant Job**. - -![Instant Job Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page, click **Next**. - -![Instant Job page](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/instantjob.webp) - -**Step 3 –** On the Instant Job page, use the filter menu to only view instant jobs in a particular -category, or click the plus icon (+) to expand a category group. - -![Selected Instant Job](/img/product_docs/accessanalyzer/admin/navigate/selectinstantjob.webp) - -**Step 4 –** Select the desired instant solution or job. To select multiple instant solutions or -jobs, press the Windows **Ctrl** key and select the items to install. Click **Next**. - -![Host Assignment page](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/hostassignment.webp) - -**Step 5 –** Some of the Library selections add a Host Assignment page. If this page does not -appear, skip to Step 7. If the page does appear, select either the **Use default settings (Inherit -from the parent group, if any)** or **Specify individual hosts or hosts lists** option. If the first -option is selected, skip to Step 7. If the second option is selected, click **Next** to go to the -Host Lists and Individual Hosts wizard pages. - -| ![Host Lists page](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/individualhosts.webp) | -| ------------------------------------------------------------------------------------------------ | --- | --------------------- | -| Host Lists page | | Individual Hosts page | - -**Step 6 –** Some of the Library selections add a Host Lists, and Individual Hosts page. If these -pages do not appear with the selection, skip to Step 7. If the pages do appear, check the host list -to be assigned to the job group or job. Alternatively enter hosts manually. Then click **Next**. - -![Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 7 –** On the Summary page, click **Save & Exit**. - -![Instant Solutions installation dialog](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/installationcomplete.webp) - -**Step 8 –** For Instant Solutions, when the installation is complete, click **Finish**. - -The Instant Job Wizard closes, and the Jobs tree refreshes automatically. See the individual -sections in the [Solutions](/docs/accessanalyzer/12.0/solutions/index.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sas-execution-statistics.md b/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sas-execution-statistics.md deleted file mode 100644 index 9ba314df87..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sas-execution-statistics.md +++ /dev/null @@ -1,56 +0,0 @@ -# SAS_ExecutionStatistics Job - -The SAS_ExecutionStatistics Job tracks historical performance of Access Analyzer job and analysis -functions and highlights when a particular task takes an abnormal length of time to execute. It is -available through the Instant Job Library under the Access Analyzer Utilities library. See the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) section for instructions to add this instant job into the Jobs -tree. Since this job does not require a host to target, select Local host on the Hosts page of the -Instant Job Wizard. - -The job is dependent upon the Job Statistics Retention configuration in the **Settings** > -**Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for -additional information. - -![SAS_ExecutionStatistics job in the Jobs tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Runtime Details: - -- Dependencies – None -- Target Hosts – None -- Scheduling – This job should be scheduled to run as desired -- History Retention – Not supported and should be turned off -- Multi-console Support – Not supported -- Additional Notes – The jobs uses custom SQL scripts to render views on collected data. SQL views - are used to populate report element tables and graphs. Changing or modifying the Group, Job, or - Table names will result in no data displayed within the reports. - -The SAS_ExecutionStatistics Job runs analysis tasks and generates reports on the latest job -executions, analysis history, host query details, and analysis details. - -## Analysis Tasks for the SAS_ExecutionStatistics Job - -Navigate to the **Jobs** > **SAS_ExecutionStatistics** > **Configure** node and select **Analysis** -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- Analyze Jobs – Collects and analyzes all job-level execution statistics from the database based on - the statistics retention settings set in the Application node -- Analyze All Statistics – Collects and analyzes all task-level execution statistics from the - database based on the statistics retention settings set in the Application node -- Query Execution Details – Organizes query-related statistics -- Analysis Details – Organizes analysis-related statistics - -In addition to the tables created by the analysis tasks, the SAS_ExecutionStatistics Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ----------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------ | -| Analysis Execution | This report identifies abnormally long analysis times. | None | This report is comprised of two elements: - Bar graph – Displays Abnormally Long Analysis Times - Table – Displays details on analysis times | -| Collection Statistics | This report identifies abnormally long collection times. | None | This report is comprised of two elements: - Bar graph – Displays Abnormally Long Collection Times - Table – Displays details on collection times | -| Job Execution Statistics | This report identifies jobs which have abnormally long run times. | None | This report is comprised of two elements: - Pie chart – Displays Job Status - Table – Displays details on job status | diff --git a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-register-azure-app-auth.md b/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-register-azure-app-auth.md deleted file mode 100644 index a2b501a03b..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-register-azure-app-auth.md +++ /dev/null @@ -1,56 +0,0 @@ -# SP_RegisterAzureAppAuth Job - -SP_RegisterAzureAppAuth will register an Microsoft Entra ID (formerly Azure AD) application for -authentication and provision appropriate permissions for SharePoint Online scans. It requires: - -- A Connection Profile containing the following two user credentials, both with an Account Type of - **Task (Local)**: - - - Microsoft Entra ID Global Admin credential - - A credential with the username `newapp` that contains the password for the new application - -- Microsoft Graph API PowerShell module to be installed on targeted hosts - -## Instantiate the SP_RegisterAzureAppAuth Job. - -Follow the steps to instantiate the SP_RegisterAzureAppAuth Job. - -**Step 1 –** In Access Analyzer navigate to the SharePoint Job Group (or any other Job Group you -wish to place the SP_RegistureAzureApp job into). - -**Step 2 –** Click **Add Instant Job** to open the Instant Job Wizard. - -**Step 3 –** Install the SP_RegisterAzureAppAuth Job from the Instant Job Library under the -SharePoint library. After installation, the job tree automatically refreshes with the new job -available within the selected Job Group. - -**Step 4 –** On the job description page, in the Configuration section, select the edit button for -**The new application’s display name** and enter the name you want to apply to the registered -Microsoft Entra ID application. Click **Save**. - -**Step 5 –** On the **Configure** > **Hosts** node, select the targeted host. The targeted host -should be the Microsoft Entra ID tenant on which you want to install the Microsoft Entra ID -application (for example, `myorg.onmicrosoft.com`). Click **Save**. The job is now ready to be run. - -After the job successfully runs it will open a browser window to Microsoft Entra ID that, when -logged-in as a Global Administrator, allows the user to grant administrator consent to the -Application's configured API Permissions. If the login attempt fails, or the user closes the -browser, they will need to login to Microsoft Entra ID as a Global Administrator and navigate to the -Application's API Permissions to grant Admin Consent before the Application can be used for -SharePoint scans in Access Analyzer. - -Additional Considerations - -- After the job successfully runs, there will be a new Connection Profile for this Application. - Restart the Access Analyzer Console and enter a password to use this Connection Profile. -- The password is the location of the PFX file generated by the script (in the \PrivateAssemblies - directory), the Microsoft Entra ID application's password, and a numeric designator for the - Microsoft 365 environment (0 is the default for production environments; the other supported - options are 1 for pre-production environments, 2 for China, 3 for Germany, 4 for US Government, 5 - for US Government-High, and 6 for US Government-DoD). To allow for multiple unique certificates - for different Microsoft Entra ID tenants to be stored on the same Access Analyzer server, the - script appends the targeted host name (without the domain) to the filename of the PFX file - generated by the script. For example, if the targeted host is `myorg.onmicrosoft.com`, then the - password for the connection profile would be: - - ...\STEALTHbits\StealthAUDIT\PrivateAssemblies\spaa_cert_myorg.pfx,YourPasswordHere,0 diff --git a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-remove-host.md b/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-remove-host.md deleted file mode 100644 index a4798edc88..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-remove-host.md +++ /dev/null @@ -1,33 +0,0 @@ -# SP_RemoveHost Job - -The SP_RemoveHost Job removes desired SharePoint hosts from the Access Analyzer database. It is -available through the Instant Job Library under the SharePoint library. See the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for instructions to add this instant job into the Jobs tree. - -![SP_RemoveHost job in the Jobs tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -Runtime Details: - -- Dependencies – None -- Target Hosts – SharePoint host to be deleted -- Scheduling – This job should be scheduled to run as desired -- History Retention – Not supported and should be turned off -- Multi-console Support – Not supported -- Additional Notes – None - -The SP_RemoveHosts Job removes desired SharePoint hosts from the Access Analyzer database, target -the hosts on the job and run it to delete the respective hosts SharePoint data. - -## Analysis Tasks for the SP_RemoveHost Job - -Navigate to the **Jobs** > **SP_RemoveHost** > **Configure** node and select **Analysis** to view -the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Default Analysis tasks for the job](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- Remove Host(s) — Remove Scanned Hosts from Tier 1 diff --git a/docs/accessanalyzer/12.0/administration/job-management/instantiate.md b/docs/accessanalyzer/12.0/administration/job-management/instantiate.md deleted file mode 100644 index 13aa21ef4d..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/instantiate.md +++ /dev/null @@ -1,63 +0,0 @@ -# Instantiating Jobs into the Jobs Tree - -Access Analyzer jobs and solutions are comprised of files contained within the file system of the -installation directory. All jobs and job groups contained within the Jobs tree are housed in the -Jobs directory. The default location is: - -…\STEALTHbits\StealthAUDIT\Jobs - -![Explore Folder option from Jobs Tree](/img/product_docs/accessanalyzer/admin/jobs/explorefolder.webp) - -The folder is opened from within the Access Analyzer Console by right-clicking on the desired -**Jobs** node and selecting **Explore Folder**. - -![Jobs folder in File Explorer](/img/product_docs/accessanalyzer/admin/jobs/explorefolderfileexplorer.webp) - -The naming convention of the folders controls what is visible in the Jobs tree. `GROUP_` is the -prefix for all job groups. `JOB_` is the prefix for all jobs. Changing the prefix removes the object -from the Jobs tree without deleting it. - -Instantiating new, external jobs is as easy as copying and pasting the job or job group into this -location. However, copying an existing job within the Jobs directory is not supported. If the job -already exists within the Access Analyzer Console server, copying outside of the console may result -in reporting issues. - -**CAUTION:** Do not use these steps to copy an existing job. - -There is no need to close the Access Analyzer application to instantiate a new job. Follow the steps -to instantiate a new job into the Access Analyzer Jobs tree: - -**Step 1 –** Obtain the job or job group to be instantiated. If it has been sent by Netwrix, a -colleague, or other entity, it is most likely in one of two formats: - -- Archive (.zip, .rar, and so on) -- Folder containing the job content (JOB*[name of job] or GROUP*[name of job group]) - -**Step 2 –** Open the Jobs directory. The default location is: - -…\STEALTHbits\StealthAUDIT\Jobs - -**Step 3 –** Place the job or job group into the Jobs directory. - -![Extract zip file contents to the Jobs folder](/img/product_docs/accessanalyzer/admin/jobs/instantiateextract.webp) - -- If in archive format, extract the desired content to the Jobs directory - - - Use the default path or specify a specific path using the browse button (…) - - Select whether to **Show extracted files when complete**. This option is selected by default. - -- If in a folder format, copy and paste the job or job group folder into the Jobs directory - -![New job added in the Jobs folder ](/img/product_docs/accessanalyzer/admin/jobs/instantiatefileexplorer.webp) - -The new job or job group should be visible in the Jobs directory, and the naming convention should -match that of the jobs or job groups that are already there. - -![Refresh Tree](/img/product_docs/accessanalyzer/admin/jobs/refreshtree.webp) - -**Step 4 –** In the Access Analyzer Console, right-click on the **Jobs** node and select **Refresh -Tree**. - -![Job displayed in the Jobs Tree](/img/product_docs/accessanalyzer/admin/jobs/instantiatejobstree.webp) - -The new job or job group now displays in the **Jobs** tree in alphanumeric order. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/configure/actions.md b/docs/accessanalyzer/12.0/administration/job-management/job/configure/actions.md deleted file mode 100644 index 68554715c7..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/configure/actions.md +++ /dev/null @@ -1,67 +0,0 @@ -# Actions Node - -The Actions node uses Access Analyzer action modules to take action on collected and analyzed data. -Action can be taken on objects leveraging collected data or analyzed data, for example from a -listing of locked-out accounts, an action can be executed to unlock those accounts. - -**NOTE:** Action modules are available with a special Access Analyzer license. - -![Action Selection page](/img/product_docs/accessanalyzer/admin/action/actionselection.webp) - -The Action Selection view lists all action tasks for the selected job. The listed information -includes: - -- Name – Name of the action task (as provided by the creator of the task) -- Description – Description of the action task (as provided by the creator of the task) -- Module – Name of the Access Analyzer action module -- Table – Name of the source table for the action - -![Options at the top of the Action Selection page](/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionselectionoptions.webp) - -The Actions section at the top has five options: - -- Add from Library – Opens the Libraries window for adding and configuring pre-made action tasks -- Create Action – Opens the Action Properties window for creating and configuring action tasks -- Delete Action – Deletes the selected action task from the list - - - This action does require confirmation - -- Action Properties – Opens the Action Properties window for the selected action task - - - See the [Action Properties Page](/docs/accessanalyzer/12.0/actions/overview.md#action-properties-page) topic for - additional information - - See the [Action Modules](/docs/accessanalyzer/12.0/actions/overview.md) topic for additional information - - **NOTE:** The AutoAction task appears in the Analysis Selection view, not in the Action - Selection view. - -- Execute Action – Opens the Action Execution window and starts executing the selected action - - - Does not require an action task to be checked, only selected - -![Buttons at the bottom of Action Selection page](/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionselectiontablebuttons.webp) - -At the bottom of the Action Selection view, there are action buttons that apply to the table: - -- Move Up – Moves the selected action task up the list, which is important since action tasks are - executed in the order listed in the table -- Move Down – Moves the selected action task down the list, which is important since action tasks - are executed in the order listed in the table -- Select All – Selects all action tasks in the table for execution - -The Action Selection view also has its own right-click menu for taking action on the action task or -the job. - -![Actions Right-Click Menu](/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionsrightclickmenu.webp) - -The options for the Actions node right-click menu are: - -- Create Action – Opens the Action Properties window -- Copy Action – Copies the selected action to the clipboard -- Paste Action – Opens the Action Properties window for modifying copied action tasks -- Delete Action – Deletes selected action task -- Properties – Opens the Action Properties window -- Execute Action – Opens the Action execution window and runs an action -- Run Job – Starts job execution for the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Create Job (Ctrl + Alt + A) – Creates a new job at the same location as the selected job diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md b/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md deleted file mode 100644 index 1e810f509f..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md +++ /dev/null @@ -1,29 +0,0 @@ -# Configure the Customizable Parameters in an Analysis Task - -The parameters that can be customized and are listed in a section at the bottom of the SQL Script -Editor. Follow the steps to customize an analysis task’s parameters. - -**Step 1 –** Navigate to the Job’s **Configure** node and select **Analysis**. - -**Step 2 –** In the Analysis Selection view, select the desired analysis task and click **Analysis -Configuration**. The SQL Script Editor opens. - -**Step 3 –** At the top of the SQL Script Editor, select **Parameters**. - -**NOTE:** The image shown is a generic example. Table names and customizable parameters will change -based on the Job. - -![SQL Script Editor](/img/product_docs/accessanalyzer/admin/jobs/job/configure/customizableparameters.webp) - -**Step 4 –** In the parameters section at the bottom of the editor, find the Value column. - -**CAUTION:** Do not change any parameters where the Value states **Created during execution**. - -- Double-click on the customizable value and change as desired - -**Step 5 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. - -Repeat the steps as needed to customize analysis parameters. - -See the [SQLscripting Analysis Module](/docs/accessanalyzer/12.0/analysis/sql-scripting.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis.md b/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis.md deleted file mode 100644 index 4cbe1b1524..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis.md +++ /dev/null @@ -1,71 +0,0 @@ -# Analysis Node - -The Analysis node uses Access Analyzer analysis modules to run analysis tasks on collected data. -There are two basic types of analysis modules. Most analysis modules correlate, format, and -transform collected data into powerful data views for end-stage reports and graphs. - -The Notification analysis module allows for the ability to send an email notice when a trigger is -met, for example an email can be sent to an administrator to notify that disk space has reached a -particular point (the trigger) and needs to be addressed before space runs out. - -![Analysis Selection page](/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisselection.webp) - -The Analysis Selection view lists all analysis tasks for the selected job. The listed information -includes: - -- Name – Name of the analysis task (as provided by the creator of the task) -- Description – Description of the analysis task (as provided by the creator of the task) -- Module – Name of the Access Analyzer analysis module -- HostLists – Indicates the analysis task is applicable to hosts found in the referenced host lists, - applies to analysis modules that use host list filters, for example **Business Rules** analysis - module - -![Option at the top of the Analysis Section](/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisbuttonstop.webp) - -The Analysis section at the top has four options: - -- Create Analysis – Opens the Analysis Properties window for creating and configuring analysis tasks -- Delete Analysis – Deletes the selected analysis task from the list - - This action does require confirmation -- Analysis Properties – Opens the Analysis Properties window for the selected analysis task - - See the [Analysis Properties Page](/docs/accessanalyzer/12.0/analysis/overview.md#analysis-properties-page) - topic for additional information. - - See the individual analysis module sections in the - [Analysis Modules](/docs/accessanalyzer/12.0/analysis/overview.md) topic for additional information. -- Analysis Configuration – Opens the selected analysis task’s configuration window - -![Buttons at the bottom of the Analysis Selection page](/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisbuttonsbottom.webp) - -At the bottom of the Analysis Selection view, there are action buttons that apply to the table: - -- Move Up – Moves the selected analysis task up the list, which is important since analysis tasks - are executed in the order listed in the table -- Move Down – Moves the selected analysis task down the list, which is important since analysis - tasks are executed in the order listed in the table -- Select All – Selects all analysis tasks in the table for execution -- Validate – Validates all analysis tasks where the **Business Rules** analysis module was used -- Validate selected – Validates selected analysis tasks where the **Business Rules** analysis module - was used -- Edit Rules – Edits the rule for selected analysis task where the **Business Rules** analysis - module was used - -The Analysis Selection view also has its own right-click menu for taking action on the analysis task -or the job. - -![Analysis Selection page right-click menu](/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisrightclickmenu.webp) - -The options for the Analysis node right-click menu are: - -- Create Analysis – Opens the Analysis Properties window -- Cut Analysis – Cuts selected analysis task -- Copy Analysis – Copies selected analysis task -- Paste Analysis – Pastes a copied/cut analysis task to the selected location -- Delete Analysis – Deletes selected analysis task -- Properties – Opens the Analysis Properties window -- Configuration – Opens the selected analysis task’s configuration window -- Test Scorecard SQL – Validates all analysis tasks where the Business Rules analysis module was - used -- Execute Analyses – Executes or runs the checked (enabled) analysis tasks -- Run Job – Starts job execution for the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Create Job (Ctrl + Alt + A) – Creates a new job at the same location as the selected job diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/configure/hosts.md b/docs/accessanalyzer/12.0/administration/job-management/job/configure/hosts.md deleted file mode 100644 index b5fcc8d258..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/configure/hosts.md +++ /dev/null @@ -1,39 +0,0 @@ -# Hosts Node - -The Hosts node provides the option to assign a preconfigured host list at the job level. It also -provides a way to manually assign hosts to be targeted by the job using Host Selection pane. - -![Host Selection page](/img/product_docs/accessanalyzer/admin/jobs/job/configure/hostselection.webp) - -Use the default settings by selecting the **Use Default Setting** checkbox and inherit the job -group’s assigned host lists. To break inheritance and assign host lists at the job level select from -the available host lists. - -Hosts added manually at the job level are added to the Master Host Table if not already there, and -it triggers a host inventory query according to the global settings. The host will not be added to -any individual host lists. See the [Manually Add Hosts to a Job](#manually-add-hosts-to-a-job) topic -for additional information. - -Click **Save** to apply any changes to the host selection. Changes are not implemented unless they -are saved. - -## Manually Add Hosts to a Job - -Hosts can be added manually at the job level even when inheritance (Use Default Setting) is used for -host list assignment. The job targets the hosts in any assigned host lists as well as any manually -added at the job level. Follow these directions to manually add a host to a job. - -![Job's Configure > Hosts node](/img/product_docs/accessanalyzer/admin/jobs/job/configure/hostsnode.webp) - -**Step 1 –** Navigate to the job’s **Configure** > **Hosts** node. - -![Individual hosts section of the Host Selection view](/img/product_docs/accessanalyzer/admin/jobs/job/configure/hostselectionindividualhosts.webp) - -**Step 2 –** In the Individual hosts section of the Host Selection view, enter the Host name in the -textbox and click **Add**. - -**Step 3 –** Repeat the previous step for each host to be added. - -**Step 4 –** Click **Save** and then **OK** to confirm the changes. - -The manually added host is now targeted by the job. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/configure/overview.md b/docs/accessanalyzer/12.0/administration/job-management/job/configure/overview.md deleted file mode 100644 index b29d96bcfb..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/configure/overview.md +++ /dev/null @@ -1,55 +0,0 @@ -# Configure Node - -Changes to configurations for the job’s assigned Host Lists, Queries, Analyses, Actions, and Reports -are created through the **[Job]** > **Configure** node or through the Configure shortcut on the -job’s Description page. - -| | | -| ------------------------------------------------------------------------------------------------------ | -------------------------------------- | -| ![Configure Node](/img/product_docs/accessanalyzer/admin/jobs/job/configure/configurelinkjobpage.webp) | -| Configure Node | Configure link on job description page | - -The sub-nodes under the **[Job]** > **Configure** node are: - -- [Hosts Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/hosts.md) – Assign a host list at the job level or manually add hosts to be targeted - by the job -- [Queries Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/queries.md) – Select and configure a Access Analyzer data collector to scan - targeted hosts -- [Analysis Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis.md) – Create and configure Analysis and Notification tasks for collected - data -- [Actions Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/actions.md) – Create and configure Action tasks for taking action on collected and - analyzed data -- [Reports Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/reports.md) – Create and configure Reports to be generated during job execution - -## Configure Page - -The job's Configure Page provides an overview with shortcuts for options that are configured in the -job's Configure Node. - -![Configure page](/img/product_docs/accessanalyzer/admin/jobs/job/configure/configurepage.webp) - -The options on the Configure Page are: - -- Hosts - Navigates to the job's Hosts node -- Queries - Navigates to the job's Queries node -- Analysis - Navigates to the Analysis node -- Actions - Navigates to the Actions node -- Reports - Navigates to the Reports node -- Run Now - Executes the job -- Open Folder - Opens the job folder location with supporting files in the Windows Explorer -- View Log - Opens the job’s log - -The options in the Configure section are: - -- Tasks - If applicable, displays a list of the job's Queries, Analysis Tasks, and Action Modules - - - Click **Properties** to view the task's properties - - Click **Output Table** to view the Results for the task under the - [Results Node](/docs/accessanalyzer/12.0/administration/job-management/job/results.md) - -- Hosts - Lists the assigned hosts for the job -- Reports - If applicable, displays a list of the job's Reports - - - Click the reports name to access a report under the job's [Results Node](/docs/accessanalyzer/12.0/administration/job-management/job/results.md) - - Click **Configure** to edit the report parameters in the - [Report Configuration Wizard](/docs/accessanalyzer/12.0/reporting/wizard/overview.md) diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/configure/queries.md b/docs/accessanalyzer/12.0/administration/job-management/job/configure/queries.md deleted file mode 100644 index bf3b1dcafa..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/configure/queries.md +++ /dev/null @@ -1,107 +0,0 @@ -# Queries Node - -The Queries node uses a Access Analyzer data collector to run scans against the targeted hosts. -Different data collectors are designed for different types of collection. It is necessary for the -Connection Profile associated with the target hosts to have a sufficient level of rights for the -selected data collector. See the -[Permissions by Data Collector (Matrix)](/docs/accessanalyzer/12.0/data-collection/permission-matrix/index.md) topic for a -chart with recommended permissions per data collector. - -![Query Selection page](/img/product_docs/accessanalyzer/admin/datacollector/queryselection.webp) - -The Query Selection view lists all queries for the selected job. Though it is possible to have -multiple queries in a single job, it is not usually recommended. The listed information includes: - -- Name – Name of the query (as provided by the creator of the query) -- Source – Name of the Access Analyzer data collector -- Table – Name of the Native Data table -- Enumerates – Whether or not the data collector will return enumerated data, or multiple lines of - data per target host - - If **Yes**, only one query can write to a single table - - If **No**, then multiple related queries can write to a single table -- Properties – Number of the properties to be returned -- Filters – Number of in-line filters applied to the data being returned by the query -- Script – Whether or not a VB Script was added to the query - - If **Yes**, a VB Script was added to query execution - - If **No**, a VB Script was not added to query execution -- Description – Description of the query (as provided by the creator of the query) - -## Tables - -Add and configure native data tables through the Tables section in the Query Selection view. - -![Tables section of Query Selection page](/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryselectiontables.webp) - -The Tables section at the top has three options: - -- Add Table – Adds an additional native data table and associated query to the selected job -- Rename Table – Opens the Rename Table window for changing the native data table name -- Delete Table – Deletes the selected table from the list, all associated query tasks, and the - database table if it has already been created. This action does require confirmation. - - **CAUTION:** Do not delete the last table in a job’s Query Selection view. Doing so will also - delete the Messages table. In order to delete the last table, it is necessary to delete the job. - -## Queries - -The Queries section is where the job’s preconfigured queries can be edited and where new queries can -be added. - -![Queries section of Query Selection page](/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryselectionqueries.webp) - -The Queries section has four options and includes the list of queries for the selected job: - -- Add from Library – Opens the Libraries window to select preconfigured data collection queries. See - the [Add Query from Library](/docs/accessanalyzer/12.0/data-collection/overview.md#add-query-from-library) topic for - additional information. -- Create Query – Opens the Query Properties window for creating and configuring queries -- Delete Query – Deletes the selected query from the list. This action does require confirmation. -- Query Properties – Opens the Query Properties window for the selected query - - This option is used for query modifications - - See the - [Create or Modify a Query](/docs/accessanalyzer/12.0/data-collection/overview.md#create-or-modify-a-query) topic - for additional information - - See the topics for the individual [Data Collectors](/docs/accessanalyzer/12.0/data-collection/overview.md) for - additional information - -## Right-click Menu - -The Query Selection view also has its own right-click menu for taking action on the queries, tables, -or the job. - -![Right-click menu on the Query Selection page](/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryrightclickmenu.webp) - -The options in the Queries node right-click menu are: - -- Add from Library – Opens the Libraries window -- Quick Add – Quickly add a new query from a list of non-configured data collector queries -- Create Query – Creates a new query to be configured -- Cut Query – Cuts selected query -- Copy Query – Copies selected query -- Paste Query – Pastes a cut or copied query to the selected location -- Delete Query – Deletes a selected query -- Properties – Opens the Query Properties window -- Add Table – Adds a Native Data table to the selected query -- Delete Table – Deletes the selected table -- Rename Table – Opens the Rename Table window -- Run Job – Starts job execution for the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Create Job (**Ctrl + Alt + A**) – Creates a new job at the same location as the selected job - -## Host List - -Jobs with configured queries require a host list to be assigned. This can be done at either the Job -Group or Job level. Whichever location is used to set the host list for query execution should also -be the location where the Connection Profile is assigned. See the -[Job Properties](/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md) topic for additional information. - -- Job Groups - - Host List Assigned – **[Job Group]** > **Settings** > **Host Lists Assignment**. See the - [Host Lists Assignment](/docs/accessanalyzer/12.0/administration/job-management/group/host-lists-assignment.md) topic for additional information. - - Connection Profile Selected – **[Job Group]** > **Settings** > **Connection**. See the - [Connection Node](/docs/accessanalyzer/12.0/administration/job-management/group/connection.md) topic for additional information. -- Job Level - - Host List Assigned – **[Job]** > **Configure** > **Hosts**. See the [Hosts Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/hosts.md) - topic for additional information. - - Connection Profile Selected – Connection tab of the Job’s Properties Window. See the - [Connection Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/connection.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/configure/reports.md b/docs/accessanalyzer/12.0/administration/job-management/job/configure/reports.md deleted file mode 100644 index 138e17029d..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/configure/reports.md +++ /dev/null @@ -1,45 +0,0 @@ -# Reports Node - -The Reports node is for configuring reports to be generated during job execution. - -![Reports page](/img/product_docs/accessanalyzer/admin/report/reports.webp) - -The Reports view lists any reports that have been configured for the selected job and options -related to configuring reports. The options at the top of the Reports view are: - -- Properties – Opens the [Job Properties](/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md) page for the job that the - report is for -- Run Now – Runs the currently selected job that the report is for -- Open Folder – Opens the Report’s folder location with supporting files in the Windows Explorer -- View Log – Opens the log for the job that the report is for - -![Options on the Reports table header row](/img/product_docs/accessanalyzer/admin/jobs/job/configure/reportstableheaderoptions.webp) - -The Reports table contains all of the configured reports for the job. The header row of the table -contains the following options for adding reports to the table: - -- Create – Creates a new report for the selected job - - - See the [Creating a Report](/docs/accessanalyzer/12.0/reporting/create.md) topic for additional information - -- Paste – Paste a cut or copied report into the selected job - - - The paste option is accessed from the vertical ellipsis menu of the header row of the Reports - table - -![Reports table row options](/img/product_docs/accessanalyzer/admin/jobs/job/configure/reportstablerowoptions.webp) - -Clicking on the name of a report opens it in the Results node. Clicking **Configure** next to a -report's name opens the Report Configuration wizard for the report, see the -[Report Configuration Wizard](/docs/accessanalyzer/12.0/reporting/wizard/overview.md) topic for additional information. -Additional options are available from the vertical ellipsis menu on a reports row: - -- Generate – Generates the report -- Copy – Copies the report to the clipboard -- Delete – Deletes the report - -Once a report is generated, it can be viewed in several locations depending on the configuration. -Report configurations may also be copied to other reports to generate preferred outputs for -alternate jobs. However, all generated reports can be viewed in the job’s **Results** node. - -See the [Reporting](/docs/accessanalyzer/12.0/reporting/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/create.md b/docs/accessanalyzer/12.0/administration/job-management/job/create.md deleted file mode 100644 index ff0161f7a1..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/create.md +++ /dev/null @@ -1,29 +0,0 @@ -# Create a New Job - -Follow the steps to create a new job. - -![Create Job from Jobs Tree context menu](/img/product_docs/accessanalyzer/admin/jobs/job/createjob.webp) - -**Step 1 –** Select the Jobs tree or the desired job group to add the new job to. Right-click and -select **Create Job**. - -![New Job added to Jobs Tree](/img/product_docs/accessanalyzer/admin/navigate/newjob.webp) - -**Step 2 –** Provide a unique, descriptive name for the job. The default name is `NewJob`. Some -considerations for naming conventions: - -**CAUTION:** Do not end a job name with a space. - -- There can never be two jobs with the same name. Access Analyzer automatically appends a numeral to - the end of a job name to avoid duplicates, for example `NewJob1`. -- No special characters can be used. See the Microsoft - [Naming Conventions](https://learn.microsoft.com/en-us/windows/win32/fileio/naming-a-file#naming-conventions) - article for limitations. -- Jobs in a group are run alphanumerically -- When possible, keep names short to avoid report path errors caused by Microsoft’s maximum path - length. See the Microsoft article referenced above. - -The new job is now ready to be configured. See the -[Data Collectors](/docs/accessanalyzer/12.0/data-collection/overview.md), [Analysis Modules](/docs/accessanalyzer/12.0/analysis/overview.md), -[Action Modules](/docs/accessanalyzer/12.0/actions/overview.md), and [Reporting](/docs/accessanalyzer/12.0/reporting/overview.md) topics for -additional information. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/disable-enable.md b/docs/accessanalyzer/12.0/administration/job-management/job/disable-enable.md deleted file mode 100644 index 9bb1e88952..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/disable-enable.md +++ /dev/null @@ -1,52 +0,0 @@ -# Disable or Enable a Job - -Job groups may contain individual jobs that should not be run when the entire job group is run. Some -job groups also contain jobs that can optionally be run separately from the rest of the job group. -Individual jobs can be disabled or enabled at the job group or job level. Disabled jobs do not -execute when the parent job group is run. - -If the role based access feature is enabled, the ability to enable and disable jobs is limited by -the assigned role. See the [Role Based Access](/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md) topic -for additional information. - -## Disable a Job - -Jobs can be disabled from the Jobs tree. Disabled jobs cannot be run manually, through a scheduled -task, or executed as part of the job group. Follow the steps to disable a job. - -**Step 1 –** Select a job group or job. - -**NOTE:** When disabling jobs at the job group level, all jobs contained in the job group are -disabled, but the job group is not disabled. Any additional jobs added to that job group at a later -time will be enabled by default. - -![Disable Job from Jobs Tree](/img/product_docs/accessanalyzer/admin/jobs/job/disablejob.webp) - -**Step 2 –** Right-click on the job group or job and select **Disable Job(s)** from the menu. - -![Disabled Job in the Jobs Tree](/img/product_docs/accessanalyzer/admin/jobs/job/disabledjob.webp) - -The job is now disabled. If a job group was selected, all the jobs in the group are now disabled. -Disabled jobs are grayed out, and a red cross is displayed in front of the job. - -![Disabled Job Description page banner](/img/product_docs/accessanalyzer/admin/jobs/job/disabledjob2.webp) - -A yellow banner also notifies users that a job is disabled in the Job’s Description page. - -Additionally, if a disabled job is run, a warning message appears in the Messages table stating: -`[UserName] requested [JobName] to run but it is in a disabled state`. Job statistics also do not -display on the job’s description page. - -## Enable a Job - -Jobs that have been disabled can be enabled from the Jobs tree. Following the steps to enable a -disabled job. - -**Step 1 –** Select the disabled job. If multiple jobs in a job group are disabled, select the job -group to enable all of the disabled jobs. - -![Enable Job from Jobs Tree](/img/product_docs/accessanalyzer/admin/jobs/job/enablejob.webp) - -**Step 2 –** Right-click on the job group or job and select **Enable Job(s)** from the menu. - -The job is now enabled. If a job group was selected, all the jobs in the group are now enabled. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/overview.md b/docs/accessanalyzer/12.0/administration/job-management/job/overview.md deleted file mode 100644 index e98798c131..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/overview.md +++ /dev/null @@ -1,155 +0,0 @@ -# Jobs - -An Access Analyzer job is responsible for running data collection, conducting data analysis, -executing actions on collected or analyzed data, or generating reports. Each of these are configured -in the corresponding section under the job’s Configure node. A single job can be configured to -execute one or multiple tasks. See the [Configure Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/overview.md) topic for additional -information. - -![Job structure in the Job's Tree](/img/product_docs/accessanalyzer/admin/jobs/job/jobnode.webp) - -**_RECOMMENDED:_** Use job group organization to spread these tasks across jobs. For example, create -a job to run a query and a second job to run analysis or generate a report. Then use the job group -structure to run those jobs together in the proper order. - -Jobs do not have a Settings node like a job group. Job Properties provide the option to break -inheritance on global or job group settings. See the [Job Properties](/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md) topic -for additional information. - -Once a job has been configured and is being executed, job progress can be viewed at the **Running -Instances** node on the Navigation pane. See the -[Running Instances Node](/docs/accessanalyzer/12.0/administration/job-management/running-instances/overview.md) topic for additional information. - -![Running Job](/img/product_docs/accessanalyzer/admin/jobs/job/jobrunning.webp) - -At the bottom of the Access Analyzer Console, there is an indication of how many jobs are in queue -and the **View Job Progress** link, which opens the Running Instances node. - -When a job execution has completed, the tables, views, and reports generated by the job are -accessible under the job’s Status and Results nodes. See the [Status Node](/docs/accessanalyzer/12.0/administration/job-management/job/status.md) and -[Results Node](/docs/accessanalyzer/12.0/administration/job-management/job/results.md) topics for additional information. Reports are also accessible through -the Web Console. - -## Job Description Page - -The Job Description page displays shortcuts, links, and important information on the job. The Job -Page allows users to view and modify common job configurations, such as Connection and Storage -profiles, job properties, SQL analysis parameters, and PowerShell parameters. Depending on the type -of job, the description page will appear different and display information specific to the job -selected. - -| ![Pre-Configured Job Description page](/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpagenewjob.webp) | -| ------------------------------------------------------------------------------------------------------------------ | ---------------- | -| Pre-Configured Job | User-Created Job | - -The two types of Job Groups in Access Analyzer are: - -- Pre-configured – The job description page provides a brief summary of the purpose of the job, the - reports and data contained within it, and summary information of the last five times the job was - executed -- User Created – The job description page of User Created jobs will be blank until the job is - configured - -Pre-configured job description pages provide users with shortcuts and links to many of the functions -that can be accessed under the **[Job Group]** > **[Job]** node in the Jobs Tree in the Navigation -Pane. - -![Job Description page options](/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpageoptions.webp) - -The sections and options of the job description page are: - -- Properties – Opens the Job Properties window. See the [Job Properties](/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md) - topic for additional information. -- Status – Opens the job Status page. See the [Status Node](/docs/accessanalyzer/12.0/administration/job-management/job/status.md) topic for additional - information. -- Results – Opens the job Results page. See the [Results Node](/docs/accessanalyzer/12.0/administration/job-management/job/results.md) topic for additional - information. -- Configure – Opens the job Configure page. See the [Configure Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/overview.md) topic - for additional information. -- Run Now – Executes the job -- Schedule – Opens the Schedule Wizard -- Open Folder – Opens the job folder location with supporting files in the Windows Explorer -- View Log – Opens the job’s log - -![Job Description page Overview section](/img/product_docs/accessanalyzer/admin/jobs/group/descriptionpageoverview.webp) - -The Overview section provides summary information about the job, and includes the following -information: - -- Inherited settings – Job settings can be applied directly or inherited from a parent job group or - even the General Settings level. See the - [Jobs with Inherited Settings](#jobs-with-inherited-settings) topic for additional information. -- Reports – Displays a list of reports that are generated by this job -- Results – Displays a list of data tables and views created and populated by the job -- Configuration - If applicable, configure parameters for the job's analysis tasks - - - See the [Parameter Configuration](#parameter-configuration) topic for additional information. - -- Job Statistics – Displays important information for the last five times the job was executed - including: - - - Timestamp – Date timestamp of when job was initiated - - Status – Displays information on job status (Running, Success, Error) - - Duration – Displays length of time each job took - -- Graph – Displays a line graph that has information for the last five times the job was executed - -Prior to running any job or job group, ensure the following have been properly configured: - -- Queries, Analysis, Actions, and Reports are configured as desired -- If collecting data, at least one host list has been assigned -- If a host list is assigned, the appropriate Connection Profile with credentials to collect data - from the targeted hosts has been assigned - -Finally, ensure these settings are configured at the recommended location for the job or job group -and that the inheritance of settings is adjusted accordingly. - -### Jobs with Inherited Settings - -Job settings can be applied directly or inherited from a parent job group or even the General -Settings level. If settings are applied directly to a job, these are shown in the Overview section -under the job description: - -![Job Inherited settings](/img/product_docs/accessanalyzer/admin/jobs/job/inheritedsettings.webp) - -In the example above, the **Assigned 1 Host List** setting is applied directly to the job. Other -settings are inherited from the parent job group. Clicking the **Show inherited settings** button -opens this list of the inherited settings. - -The following settings can be inherited from a parent: - -| Setting | Description | -| --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Connection profile | The tooltip shows the account name used in the connection profile. Clicking the button opens the parent Connection settings for the selected job. See the [Connection Node](/docs/accessanalyzer/12.0/administration/job-management/group/connection.md) topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available: - Edit the Profile – Clicking the link opens the Connection settings for the current profile - Use Default Profile – Clicking the link applies the connection profile set as default on a global level to a job. In this case, this setting will be hidden under the **Show Inherited Settings** button. - List of existing profiles – Allows switching between existing connection profiles and apply a desired one to a job | -| Data Retention Period | The tooltip shows the current value for the data retention period (by default, Never retain previous job data). Clicking the button opens the parent History settings for the selected job. See the [History Node](/docs/accessanalyzer/12.0/administration/job-management/group/history.md) topic for additional information. | -| Log Retention Period | The tooltip shows the current value for the log retention period (by default, Retain previous job log for 7 times). Clicking the button opens the parent History settings for the selected job. See the [History Node](/docs/accessanalyzer/12.0/administration/job-management/group/history.md) topic for additional information. | -| Hosts Lists | The tooltip shows the number and the names of the host lists assigned to this job. If you have more than three host lists assigned to a job, the tooltip shows 3 hosts name and the number of other hosts lists assigned (for example, if 5 hosts are assigned it shows `Host1, Host2, Host3 + 2 more`). Clicking the button opens the parent Host Lists setting for the selected job. See the [Hosts Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/hosts.md) topic for additional information. | -| Reporting Settings | Clicking the Reporting Settings button opens the parent Reporting settings for the selected job including publishing options, email settings, and roles. See the [Reporting Node](/docs/accessanalyzer/12.0/administration/job-management/group/reporting.md) topic for additional information. | -| Storage Profile | The tooltip shows the current SQL Server instance, database name, user account, and authentication type used for the selected job. See the [Storage Node](/docs/accessanalyzer/12.0/administration/job-management/group/storage.md) topic for additional information. Clicking the three dots menu on the right part of the button opens the Edit menu. The following options are available - Edit This Profile – Clicking the link opens the Storage settings for the current profile - Use Default Profile – Clicking the link applies the storage profile set as default on a global level to a job. In this case, this setting will be hidden under the **Show Inherited Settings** button - List of existing profiles – Allows switching between existing storage profiles and apply a desired one to a job | - -### Parameter Configuration - -If a job has analysis parameters that can be customized, those parameters can be configured in the -Configuration section of the Job Description Page. - -Follow the steps to configure customizable parameters using the Configuration option on the Job -Description Page: - -**Step 1 –** Navigate to the **Jobs > [Job Group] > [Job]** node. If the job has customizable -parameters, they will be located under Configuration in the job's Overview section. - -![Configuration section of Job description page](/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpageconfigurationsection.webp) - -**Step 2 –** Click on a parameter to open the Parameter Configuration window. - -**NOTE:** To view a tool-tip that contains information about the Variable Name and the Task Name -that the parameter is associated with, hover the mouse over the parameter. - -![Parameter Configuration Window](/img/product_docs/accessanalyzer/admin/jobs/job/parameterconfigurationwindow.webp) - -**Step 3 –** Configure the parameter in the Parameter Configuration window. Click **Save** to save -changes and exit the window. Click **Cancel** to exit without saving. - -The parameter has now been configured. The parameters can also be configured in the Analysis Node -under the job's Configure Node. See the [Analysis Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/auto-retry.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/auto-retry.md deleted file mode 100644 index 1b434480c2..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/auto-retry.md +++ /dev/null @@ -1,16 +0,0 @@ -# Auto Retry Tab - -The Auto Retry tab provides the option to schedule the job to re-execute against hosts that match -the selected host status values: Offline, Failed, Errors, and Warnings. - -![Auto Retry tab of Job Properties](/img/product_docs/accessanalyzer/admin/jobs/job/properties/autoretry.webp) - -Check the desired Host Status values to generate a retry, and then configure the Refresh Data and -Retry Options settings. Finally, enter a User name (domain\user) and Password in the Scheduler -Authentication section. - -**NOTE:** To update the password for an existing account, enter a new password in the Password -field. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/connection.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/connection.md deleted file mode 100644 index 2ecf472693..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/connection.md +++ /dev/null @@ -1,20 +0,0 @@ -# Connection Tab - -The Connection tab is for configuring the Connection Profile. Choose to use the default settings -(the global configuration or configuration set via broken inheritance at a job group level), to use -the system default (the account being used to run Access Analyzer), or to select another Connection -Profile. - -**NOTE:** It is a best practice to set the Connection Profile at the same level where the job’s host -list is set. For example, if the host list is set under the job group’s **Settings** node, then that -is where the Connection Profile should be configured. If the host list is set under the **[Job]** > -**Configure** node, then this is where the Connection Profile should be configured. - -![Connection tab of the Jop Properties](/img/product_docs/accessanalyzer/admin/jobs/job/properties/viewxml.webp) - -Select the desired option to identify the required Connection Profile for the job. See the -[Connection Node](/docs/accessanalyzer/12.0/administration/job-management/group/connection.md) topic for additional information for the three -connection options. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/general.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/general.md deleted file mode 100644 index 1e158a558b..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/general.md +++ /dev/null @@ -1,50 +0,0 @@ -# General Tab - -The General tab is for changing the job name and description. - -![General tab of Job Properties](/img/product_docs/activitymonitor/activitymonitor/admin/search/query/general.webp) - -The following options are available: - -- Job Name -- Description -- Log Level – Indicates the job log level, which can be inherited from the global **Settings** > - **Application** log level or customized here. See below for additional information. -- Write CSV Files To Job Output Directory – Exports the native data table created by a query to a - CSV file in the job’s output directory. If there are multiple tables in the job, this option - creates one file per table. -- Timeout [value] minutes – Job’s thread timeout value -- Command – Provides the ability to enter a command that will be executed from the command line upon - job completion - -## Log Level - -The log level feature includes the following options: - -- Use global setting – use the Application log level feature, configured at the global level. - - **NOTE:** By selecting the another option from the drop-down list, you break inheritance for - this job. - -- Debug – Records everything that happens during job execution, most verbose level of logging - - Records all Info level information - - Records everything else that happens - - Creates the largest file -- Info – Records information about what stage of the job is being performed when errors or warnings - occurred - - Records all Warning level information - - Records job progress information -- Warning – Records all warnings which occur during job execution - - Records all Error level information - - Records all warnings and the time of occurrence -- Error – Records all errors which occur during job execution - - Records job start time - - Records errors and the time of occurrence - - Records job completion time - -**NOTE:** You can switch between log levels. All the levels, including the one that you choose, -shall be set for messaging in the application. - -![Log Level Options](/img/product_docs/accessanalyzer/admin/jobs/job/properties/generalloglevel.webp) - -For example, this is where you set the messaging for Info, Warning, or Error at a job level. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/history.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/history.md deleted file mode 100644 index de9785e372..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/history.md +++ /dev/null @@ -1,15 +0,0 @@ -# History Tab - -The History tab is for configuring the Data Retention and Log Retention periods. Choose either to -use the default settings, which could be either the global configuration or configuration set via -broken inheritance at a job group level, or to configure settings just for this job. - -![History tab of the Job Properties](/img/product_docs/threatprevention/threatprevention/admin/policies/history.webp) - -By default, all jobs are set to inherit the Data Retention Period and Log Retention Period settings, -the **Use Default Setting** option. Deselect the **Use Default Settings** option to configure custom -settings for the job. Then provide the desired Data Retention Period and Log Retention Period -settings. See the [History](/docs/accessanalyzer/12.0/administration/settings/history.md) topic for additional information. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/notification.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/notification.md deleted file mode 100644 index fc7c650c4f..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/notification.md +++ /dev/null @@ -1,14 +0,0 @@ -# Notification Tab - -The Notification tab is where email notifications are configured at the job level. Choose either to -inherit the global configuration or to configure settings just for this job. - -![Notification tab of Job Properties](/img/product_docs/accessanalyzer/admin/settings/notification.webp) - -Deselect the **Use Global Settings** option to configure custom settings for the job. Then provide a -specific list of recipients for email notifications generated by this job. Multiple email addresses -can be input by adding a semicolon (;) and space between entries. This is specific to Notification -analysis module tasks. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md deleted file mode 100644 index 51cccaf3ef..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md +++ /dev/null @@ -1,28 +0,0 @@ -# Job Properties - -Jobs can be configured to inherit global settings down through parent job groups or to be -individually configured at the job level through the Job Properties window. - -![Open Job Properties from Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -To configure a job’s properties, open the Job Properties window by right-clicking on the job's node -in the Navigation pane and selecting **Properties**. - -The properties can be configured at the job level within the Job Properties window using the -following tabs: - -- [General Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/general.md) -- [Performance Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/performance.md) -- [Notification Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/notification.md) -- [Report Settings Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-settings.md) -- [Report Roles Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-roles.md) -- [Storage Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/storage.md) -- [Connection Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/connection.md) -- [Auto Retry Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/auto-retry.md) -- [History Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/history.md) - -You can click the **View XML** button at the bottom of the window to open the job’s XML file. See -the [View Job XML File](/docs/accessanalyzer/12.0/administration/job-management/job/properties/view-xml.md) for additional information. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/performance.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/performance.md deleted file mode 100644 index f581ffacb9..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/performance.md +++ /dev/null @@ -1,23 +0,0 @@ -# Performance Tab - -The Performance tab provides options that can be used to improve job performance and runtime. - -![Performance tab of Job Properties](/img/product_docs/accessanalyzer/admin/jobs/job/properties/performance.webp) - -Adjust the following settings by sliding the needle up and down the line: - -- Concurrent Worker Threads – The number of worker threads selected equals the number of hosts being - queried concurrently. If needed, this value can be increased. -- Skip Hosts that do not respond to PING – Selected by default. Deselect if a target host has been - configured to not respond to PING requests, allowing Access Analyzer to scan the target host - without a PING response. - - **NOTE:** In most cases, it is not recommend to deselect this option, as it causes the job to - continue querying offline hosts until the job timeout value is reached, set by default to 20 - minutes. - -- PING Timeout – The PING timeout value is the number of seconds before a host is identified as - offline for not responding to PING - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-roles.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-roles.md deleted file mode 100644 index 5a706bf8fd..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-roles.md +++ /dev/null @@ -1,36 +0,0 @@ -# Report Roles Tab - -The Report Roles tab is part of the Role Bases Access feature of Access Analyzer. If Role Based -Access has been enabled, the table displays all accounts that can view reports within the Web -Console. If Role Based Access has not been enabled, all accounts have access to all reports, and the -table is blank. See the [Role Based Access](/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md) topic -for additional information. - -![Report Roles tab of Job Properties](/img/product_docs/accessanalyzer/admin/jobs/job/properties/reportroles.webp) - -On the Report Roles tab, report role inheritance cannot be broken. Access to reports is inherited -from the global level to job groups to jobs to report configuration. All user roles configured at -the global level (**Settings** > **Roles**) are inherited down to all reports. Only the Global -Options Administrator, the Access Administrator, and the Host Management Administrator do not have -access to reports. - -The **Include Report Viewers from this object's parent** option can be unchecked to automatically -remove any user with the Report Viewer role inherited from a parent object to the job. Remember, -this does not apply to global inheritance. - -Additional accounts can be added with the Report Viewer role at the job level and inherited down to -all reports generated by the job. Click **Add Report Viewer** to open the Select User or Group -window and grant a new account access to these reports. Inheritance can be broken for accounts that -have not inherited the report role from the global level. Select an account and click **Delete -Report Viewer** to deny access to the reports. - -The table displays the following information: - -- Account Name – NT Style account name -- Type – Account type (user or group) -- Role – Role assigned to account which grants access to reports -- Inherited From – Indicates the level at which the account was granted access to reports. Remember, - global inheritance cannot be broken. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-settings.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-settings.md deleted file mode 100644 index 740563ff26..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-settings.md +++ /dev/null @@ -1,17 +0,0 @@ -# Report Settings Tab - -The Report Settings tab is for configuring publishing of Access Analyzer reports generated by this -job. Choose either to use the default settings, which could be either the global configuration or -configuration set via broken inheritance at a job group level, or to configure settings just for -this job. - -![Report Settings tab of Job Properties](/img/product_docs/threatprevention/threatprevention/reportingmodule/configuration/systemsettings/reportsettings.webp) - -Use the Publish Options drop-down menu to customize the publish setting for the job. To configure -custom Email settings for the job, select the **Use These Email Settings** option and then provide -the desired Email information. Multiple email addresses can be input by adding a semicolon (;) and -space between entries. See the [Reporting Node](/docs/accessanalyzer/12.0/administration/job-management/group/reporting.md) topic for additional -information on the Publish and Email options. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/storage.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/storage.md deleted file mode 100644 index 15f86dd5a8..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/storage.md +++ /dev/null @@ -1,16 +0,0 @@ -# Storage Tab - -The Storage tab is for configuring the Storage Profile. Choose either to use the default settings, -which could be either the global configuration or configuration set via broken inheritance at a job -group level, or to configure settings just for this job. - -![Storage tab of the Job Properties](/img/product_docs/accessanalyzer/admin/settings/storage/storage.webp) - -By default, all jobs are set to inherit the storage setting, the **Use Default** option. To -configure a different profile for the job, select the **Use This Profile** option and select the -desired Storage Profile from the drop-down menu. Storage Profiles can only be configured at the -**Settings** > **Storage** node. See the [Storage](/docs/accessanalyzer/12.0/administration/settings/storage/overview.md) topic for -additional information. - -Click **OK** to save configuration changes and close the Job Properties window. Click **Cancel** if -no changes were made. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/properties/view-xml.md b/docs/accessanalyzer/12.0/administration/job-management/job/properties/view-xml.md deleted file mode 100644 index 9088bd6541..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/properties/view-xml.md +++ /dev/null @@ -1,19 +0,0 @@ -# View Job XML File - -At the bottom of the Job Properties window is the **View XML** button. To view the XML file, click -**View** XML. - -| ![View XML button on Job Properties window](/img/product_docs/accessanalyzer/admin/jobs/job/properties/viewxml.webp) | -| -------------------------------------------------------------------------------------------------------------------- | ------------ | -| Job Properties Window | Job XML File | - -This opens the job’s XML file, which contains all of the job, query, and reporting configurations. -When the log level is directly set at job level, the job XML `` parameter will show a -value of: - -- 0 for Debug -- 1 for Info -- 2 for Warning -- 3 for Error - -**NOTE:** Job analysis configurations are kept in a separate XML file. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/results.md b/docs/accessanalyzer/12.0/administration/job-management/job/results.md deleted file mode 100644 index 11e680f4e9..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/results.md +++ /dev/null @@ -1,27 +0,0 @@ -# Results Node - -Once a job has been executed, the query populated native data tables, the analysis and action -populated materialized tables and views, and the generated reports can be viewed under the job’s -Results node. - -**NOTE:** Native data tables are only populated by jobs with configured queries. Materialized tables -and views are only generated by jobs with configured analysis or action tasks. Reports are only -generated by jobs with configured reports. - -![Results Node](/img/product_docs/accessanalyzer/admin/jobs/job/resultsnode.webp) - -Every job generates a native data table when executed, which appears at the top of the Results node. -The native data table, or raw data table, is produced by query execution. It contains all raw data -collected by the scan. It is often named DEFAULT, but may have another name that is set during query -configuration. If no query is executed by the job, the DEFAULT table is listed as a placeholder only -and will be empty (0 rows). It is possible to have multiple queries in the same job, though not -recommended. These queries could write to the same native data table, or each query could write to -its own native data table. If multiple native data tables are being generated by one job, they are -listed in alphanumeric order at the top of the Results node list. - -Analysis tasks can be configured to generate materialized tables and views. Action tasks create -action status tables. These appear beneath the native data tables under the Results node in -alphanumeric order. - -Finally, any reports generated by the job, both published and unpublished, will be listed beneath -the materialized tables and views in alphanumeric order. diff --git a/docs/accessanalyzer/12.0/administration/job-management/job/status.md b/docs/accessanalyzer/12.0/administration/job-management/job/status.md deleted file mode 100644 index b4827ec7a8..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/job/status.md +++ /dev/null @@ -1,32 +0,0 @@ -# Status Node - -Once a job has been executed, it always generates the tables providing information on host -connection status, job statistics, job task statistics, and error and warning messages can be viewed -under the job’s Status node: - -![Status Node](/img/product_docs/accessanalyzer/admin/jobs/job/statusnode.webp) - -The Status node tables are: - -- ConnectStatus table – Lists all hosts queried during job execution and the access status of the - scan, unless the System Default is being used -- Job Stats table – Provides information on the selected job’s runtime details, according to the - global configuration set in the **Settings** > **Application** node. By default, this is set to - not filter the data. -- Task Stats table – Provides information for each task run during job execution, according to the - global configuration set in the **Settings** > **Application** node. By default, this is set to - filter to the most recent data. - - **NOTE:** The Job Statistics Retention settings in the **Settings** > **Application** node - control how long the job statistics history is kept in the database and displayed Job Stats and - Task Stats tables. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for - additional information. - -- Messages table – Provides a list of any warning or error messages that occurred during the - execution of the job. For example, a frequently generated message is - `WARNING: No Host found for processing`. - - - If this message is generated by an analysis or reporting job, then there is no problem as that - type of job does not need a host list assigned - - However, if this message is generated by a job running a data collection query, this warning - would explain why the native data table is empty diff --git a/docs/accessanalyzer/12.0/administration/job-management/overview.md b/docs/accessanalyzer/12.0/administration/job-management/overview.md deleted file mode 100644 index 6fa056a2cc..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/overview.md +++ /dev/null @@ -1,107 +0,0 @@ -# Jobs Tree - -Jobs are the fundamental unit of Access Analyzer. It is through jobs that all data collection -queries, analysis tasks, notification tasks, action tasks, and report generation occur. Jobs are -housed within the Jobs tree of the Navigation pane. - -The Jobs Tree is located in the Navigation Pane on the Access Analyzer Console. - -![Jobs Tree](/img/product_docs/accessanalyzer/admin/jobs/jobstreeoverview.webp) - -Clicking on the arrow next to the Jobs node will expand it. The Jobs tree is organized -alphanumerically, first by job groups and then by any jobs that are independent of job groups. - -Each component within the Jobs tree has an icon for quick reference. The icons are: - -| Icon Description | Description | -| ----------------------------------------------------------------------------------------- | --------------------------------------------------------- | -| ![jobgroup](/img/product_docs/accessanalyzer/admin/jobs/jobgroup.webp) | Job Group | -| ![modifiedjobgroup](/img/product_docs/accessanalyzer/admin/jobs/modifiedjobgroup.webp) | Modified Job Group | -| ![settings](/img/product_docs/activitymonitor/config/dellpowerscale/settings.webp) | Settings node for a Job Group/ Configure node for a job | -| ![job](/img/product_docs/accessanalyzer/admin/jobs/job.webp) | Job | -| ![modifiedjob](/img/product_docs/accessanalyzer/admin/jobs/modifiedjob.webp) | Modified Job | -| ![lockedjob](/img/product_docs/accessanalyzer/admin/jobs/lockedjob.webp) | Locked Job (Only applicable to Role Based Access feature) | -| ![status](/img/product_docs/dataclassification/ndc/admin/sources/status.webp) | Status node for a Job | -| ![connectstatus](/img/product_docs/accessanalyzer/admin/jobs/connectstatus.webp) | Job’s ConnectStatus Node | -| ![jobstatus](/img/product_docs/platgovnetsuite/clean_up/jobstatus.webp) | Job Status for a Job | -| ![taskstatus](/img/product_docs/accessanalyzer/admin/jobs/taskstatus.webp) | Task Status for a Job | -| ![results](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) | Results node for a Job | -| ![messages](/img/product_docs/accessanalyzer/admin/jobs/messages.webp) | Job’s Messages table | -| ![jobsdata](/img/product_docs/accessanalyzer/admin/jobs/jobsdata.webp) | Job’s Data Table or View | -| ![jobsreport](/img/product_docs/accessanalyzer/admin/jobs/jobsreport.webp) | Job’s Report | - -A green checkmark over a Job or Job Group icon indicates a configuration change has been made to the -job or job group. The global settings configured under the Settings node are inherited down through -the Jobs tree to the job unless inheritance is broken in a job group’s Settings node, a job’s -Configure node, or a job’s Properties window. See the -[Navigating the Console](/docs/accessanalyzer/12.0/administration/navigation/overview.md) for additional information. - -## Job Execution Options - -Access Analyzer is designed to execute jobs one at a time in the order assigned. If a job group is -run, the jobs execute in the order listed within the job group. Job groups are designed to run data -collection jobs before running analysis and reporting jobs. If multiple jobs are independently -triggered to run, the jobs execute in the order triggered. - -Jobs execution options include: - -- Manual or Ad Hoc - - Applies logged in user’s credentials to execute the job on the Access Analyzer Console server - - Job progress can be monitored through the **Running Instances** node - - Order of job execution can be manipulated on the **Running Instances** node - - Closing the Access Analyzer Console terminates the running job and clear the jobs queue -- Schedule - - Applies Schedule Service Account credentials to execute the job through Windows Task Scheduler - - Each scheduled task independently employs the Access Analyzer application, allowing unrelated - tasks to run simultaneously - - Runs on schedule whether a user is logged in or not - -## Changes Window - -The Changes window is where jobs are created by customers or professional services engineers. Custom -jobs can be enabled to track changes to configuration settings. When enabled, configuration changes -are tracked in change logs stored within the job folder. Changes can also be viewed within this -window. - -Remember, custom jobs are not shipped with Access Analyzer but instead user created. - -The Changes window opens from the **Changes** option in the right-click menu from the selected Jobs -tree, job group, or job node. - -![Changes Window](/img/product_docs/accessanalyzer/admin/jobs/changeswindow.webp) - -Select **Enabled** from the drop-down menu in the upper-left corner to turn on change tracking of -configuration settings. Select a modification from the table and click **Undo** to revert the -change. - -The window columns display the following information: - -- Job Path – Path to the job where the configuration change occurred, only visible when viewed at - the Jobs tree or job group level -- Component – Component of the job where the configuration change occurred, for example Job, Query, - or Analysis -- Modification – Type of change that was made, for example Add or Update -- Task – Name of the analysis or action task modified, only populated when the change occurred to an - Analysis or Action component -- Setting – A changed setting -- Value – New setting value. If the modification was an update, this displays both the old and the - new setting value. - -Select a modification from the table and click **Undo** to revert the change. - -If configuration change tracking is **Disabled**, configuration changes are only written directly to -the job’s XML file. If the configuration change tracking feature was previously enabled and then -disabled at a later time, an option is provided to merge changes back into the job’s XML file. - -![Change Window Merge Changes](/img/product_docs/accessanalyzer/admin/jobs/changeswindowmerge.webp) - -To merge the changes into the job’s XML file without disabling the configuration change tracking -feature, click **Merge** on the bottom left corner of the Changes window and then click **Yes** on -the Access Analyzer pop-up window to confirm the merge. - -![Changes Window Locked](/img/product_docs/accessanalyzer/admin/jobs/changeswindowlocked.webp) - -Changes between releases are tracked. Only jobs that are locked can be upgraded. - -**NOTE:** Jobs that are included in Access Analyzer are locked and changes cannot be made to those -jobs. diff --git a/docs/accessanalyzer/12.0/administration/job-management/running-instances/job-details.md b/docs/accessanalyzer/12.0/administration/job-management/running-instances/job-details.md deleted file mode 100644 index f1ff45fc5d..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/running-instances/job-details.md +++ /dev/null @@ -1,84 +0,0 @@ -# Running Job Details - -Both the Process ID and the View Details links open the running job's Details page. The path of the -job and the component are displayed at the top. - -- Path – Folder path in the Jobs directory. For example, - `Jobs\GROUP_.Active Directory Inventory\JOB_3-AD_Exceptions`. - - - The link opens the job’s directory in a Windows Explorer window - -- Status – While the job is running, this field displays the component that is running. When the job - has completed execution, it displays a completed status and lists the completion time. - - - Job configuration components include Query, Data Analysis, Action, and Report - -There are three tabs: Current, History, and Queued Jobs. - -## Current Tab - -The **Current** tab displays information on the job actively being executed. - -![Current tab](/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailscurrent.webp) - -The tab includes: - -- Order – Order in which the tasks in the job are being run -- Host Name – Name of the targeted host, only visible when a query is executing -- Query – Name of the running query task, only visible when a query is executing -- Task Name – Name of the running task, when applicable to Data Analysis, Actions, or Reports. This - information is only visible when an analysis task or an action task are executing, or a report is - being generated. -- Status – Execution status, for example **Queued**, **Running**, **Success**, or **Warning**. -- Message – Access Analyzer message regarding runtime activity -- Runtime – Duration of task execution -- Stop – Aborts all currently running instances - -## History Tab - -The History tab only displays information for the last job that completed. - -![History tab](/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailshistory.webp) - -The tab includes: - -- Order – Order in which the tasks within the job ran -- Task Type – Name of the component associated to the task -- Task Name – Name of the task -- Host Name – Name of the targeted host associated with the running job, if any -- Status – Status of the completed task -- Message – Access Analyzer message associated to the **Status** -- Runtime – Duration of task execution - -### Messages - -In the bottom pane, the History tab includes a section to display any messages for individual job -components returned from a job execution. Clicking a Task Name displays the messages for that -component. - -You can filter what messages display by using the three filters in the message pane. By clicking on -a filter arrow in the column header and selecting an available option, you can filter by Time, Type, -or Message. - -![Custom Filter window](/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailshistorycustomfilter.webp) - -If you select Custom, you can create a complex filter. See the -[Custom Filter](/docs/accessanalyzer/12.0/administration/navigation/data-grid.md#custom-filter) topic for additional information. - -## Queued Jobs Tab - -The Queued Jobs tab displays a list of jobs in queue and the order in which they are executed. - -![Queued Jobs tab](/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailsqueuedjobs.webp) - -The tab includes: - -- Order – Order in which the queued jobs are executed. This order can be changed on the Queued Jobs - tab by using the buttons at the bottom. -- Job Path – Folder path in Jobs directory -- State – Queue status, for example **Running** or  **Waiting** -- Connection Profile – The Connection Profile assigned to the job, if applicable -- Host Lists – The host list assigned to the job, if applicable - -The **Move Up**, **Move Down**, and **Remove** buttons are for changing the order or removing a job -from the queue. diff --git a/docs/accessanalyzer/12.0/administration/job-management/running-instances/overview.md b/docs/accessanalyzer/12.0/administration/job-management/running-instances/overview.md deleted file mode 100644 index 20db94bb1b..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/running-instances/overview.md +++ /dev/null @@ -1,127 +0,0 @@ -# Running Instances Node - -The Running Instances node displays progress for all running jobs. This includes jobs that are run -by a scheduled task, interactively within the open Access Analyzer instance, or interactively in any -other running instance of Access Analyzer. The Running Instances node displays the instance name, -its status and position in the queue, run times for all instances, and detailed views of each -instance. - -![Running Instances node Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) - -This is the primary view of the Running Instances node that displays the progress of all jobs -running. - -## Overview - -The Overview page displays information about all running jobs on the current server. - -![Overview page](/img/product_docs/threatprevention/threatprevention/siemdashboard/qradar/dashboard/overview.webp) - -For each instance this screen provides : - -- Job path -- Credential used -- Running time of the job -- Status of the running job -- Number of jobs scheduled in queue - -It also has hyperlinks for: - -- Process ID -- Host Name -- Connection Profile -- View Details -- View Log -- Stop -- View Schedule - -Clicking on any of the hyperlinks displays more information about the running job. The -**ProcessID**, **View Details, View Log**, and **Stop** links only work while the job is running. -Once the job is complete, these links are disabled. The host and Connection Profile links continue -to work. The **View Schedule** link only displays and is valid for jobs that are running via a -scheduled task and is not enabled for interactive job executions. - -![Number of jobs running on bottom bar](/img/product_docs/accessanalyzer/admin/runninginstances/overviewbottombar.webp) - -The number of jobs currently being run can be found in the lower-left-hand corner of the Access -Analyzer Console. - -## View Host - -This view identifies the host list associated with the running job. - -![Host list link](/img/product_docs/accessanalyzer/admin/runninginstances/viewhost.webp) - -Click the host list link to display the hosts assigned to the running job. - -![Host list in Host Management node](/img/product_docs/accessanalyzer/admin/runninginstances/viewhostlist.webp) - -This view displays the host list table with host inventory data. - -## Process ID - -The Process ID correlates to the Process ID of the running instance of Access Analyzer in Task -Manager. In addition, the Process ID comes coupled with the file path of associated scheduled tasks, -an identifier for the account running the current instance of Access Analyzer, and a timestamp for -the length of the instance. - -![Process ID link](/img/product_docs/accessanalyzer/admin/runninginstances/processid.webp) - -Click the Process ID link for additional details of the job status and queue. - -![Job details page](/img/product_docs/accessanalyzer/admin/runninginstances/jobdetails.webp) - -The Process ID link displays a page with three tabs of information with details about the running -job. See the [Running Job Details](/docs/accessanalyzer/12.0/administration/job-management/running-instances/job-details.md) topic for additional information. - -## View Details - -Additional details on the status of the tasks the job is running are available. - -![View Details link](/img/product_docs/accessanalyzer/admin/runninginstances/viewdetails.webp) - -Click the **View Details** link to display additional details of the job status and queue. - -![Job details page](/img/product_docs/accessanalyzer/admin/runninginstances/jobdetails.webp) - -The View Details link opens the running job's details with three tabs of information. See the -[Running Job Details](/docs/accessanalyzer/12.0/administration/job-management/running-instances/job-details.md) topic for additional information. - -## View Log - -The log for this running job can be opened in a text editor, such as Notepad. - -![View Log link](/img/product_docs/accessanalyzer/admin/runninginstances/viewlog.webp) - -Click **View Log** to display the current job log. The View Log link is only enabled while a job is -running. - -![Log file in Notepad](/img/product_docs/accessanalyzer/admin/runninginstances/logfile.webp) - -The Log displays such details as errors, aborts, and terminations. - -## View Schedule - -The Access Analyzer Console can only run one job at a time. However, with the Schedule Service -Account, the StealthAUDIT application can run multiple jobs simultaneously via Windows Task -Scheduler. - -![View Schedule link](/img/product_docs/accessanalyzer/admin/runninginstances/viewschedule.webp) - -Click the **View Schedule** link to display the corresponding Scheduled Task for the running job or -job group. This link is only enabled for jobs that are running via scheduled task and will not be -enabled for interactive job executions. - -![Schedule wizard](/img/product_docs/accessanalyzer/admin/runninginstances/schedulewizard.webp) - -The Schedule wizard for the running task opens. See the -[Schedule Wizard](/docs/accessanalyzer/12.0/administration/job-management/schedule/wizard.md) topic for additional information. - -## Stop - -The job execution can be stopped if needed. - -![Stop button](/img/product_docs/accessanalyzer/admin/runninginstances/stop.webp) - -Click **Stop** to abort all instances in the job queue. This link is only enabled while a job is -running. diff --git a/docs/accessanalyzer/12.0/administration/job-management/schedule/overview.md b/docs/accessanalyzer/12.0/administration/job-management/schedule/overview.md deleted file mode 100644 index 2763324751..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/schedule/overview.md +++ /dev/null @@ -1,42 +0,0 @@ -# Schedules - -The Access Analyzer Console can only run one task at a time. However, with the Schedule Service -Account, the Access Analyzer application can run multiple tasks simultaneously. See the -[Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) topic for information on configuring the Schedule Service -Account. - -The following tasks can be scheduled: - -- Job or Job Group – Schedule jobs to run at the job or job group level. See the - [Schedule Jobs](#schedule-jobs) topic for additional information. -- Host Discovery Query – Schedule Host Discovery queries from the Host Discovery node. See the - [Host Discovery Queries Activities Pane](/docs/accessanalyzer/12.0/host-management/discovery/activities.md) topic for additional - information. -- Host Inventory Query – Schedule Host Inventory queries from within the Host Management node. See - the [Schedule (Activities Pane Option)](/docs/accessanalyzer/12.0/host-management/actions/schedule.md) topic for - additional information. - -**NOTE:** If you attempt to rename a task after a scheduled task using custom credentials has been -created, then the Rename Scheduled Task wizard displays to update the credentials. See the -[Rename Scheduled Task Wizard](/docs/accessanalyzer/12.0/administration/job-management/schedule/rename-wizard.md) topic for additional information. - -## Schedule Jobs - -Jobs can be scheduled at the job group or job level. - -![Schedule option from Job Tree](/img/product_docs/accessanalyzer/admin/schedule/jobtree.webp) - -Select the desired job group or job. Right-click on the node and select **Schedule** to open the -Schedule wizard. - -![Schedule Job wizard](/img/product_docs/threatprevention/threatprevention/admin/configuration/databasemaintenance/schedule.webp) - -The Schedule wizard has five pages with options for setting up the schedule task: - -- Schedule -- Host List -- Connection -- Run as -- Options - -See the [Schedule Wizard](/docs/accessanalyzer/12.0/administration/job-management/schedule/wizard.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/job-management/schedule/rename-wizard.md b/docs/accessanalyzer/12.0/administration/job-management/schedule/rename-wizard.md deleted file mode 100644 index b02f1766f3..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/schedule/rename-wizard.md +++ /dev/null @@ -1,58 +0,0 @@ -# Rename Scheduled Task Wizard - -If a scheduled task has custom credentials set, then the Rename Scheduled Task wizard displays when -renaming the associated job, job group, inventory query, or discovery query. The wizard forces you -to provide the credentials needed for the scheduled task, so that the task is still able to run -after it has been renamed. Custom credentials are configured on the Run as page of the Schedule -wizard. See the [Run As](/docs/accessanalyzer/12.0/administration/job-management/schedule/wizard.md#run-as) topic for additional information. - -If a scheduled task does not contain custom credentials, then the job, job group, inventory query, -or discovery query can be renamed and the scheduled task is automatically renamed without requiring -the wizard. - -Follow the steps to update the credential for a scheduled task. - -![Rename Scheduled Task wizard Tasks page](/img/product_docs/accessanalyzer/admin/schedule/tasks.webp) - -**Step 1 –** The Rename Scheduled Task wizard opens on the Tasks page , which displays the task that -is to be renamed and a table containing the credentials that need updating. The table shows you the -account the task is set to run as, the status as a blue clock icon to indicate it is waiting for -credential, and the host list set in the scheduled task. Select the account to provide credentials -for and click **Update**. - -![Group with multiple sub-group credentials to be updated](/img/product_docs/accessanalyzer/admin/schedule/taskssubgroups.webp) - -- If you are renaming a group that has sub-groups that use custom credentials, then the wizard - displays these accounts even if the parent group does not use custom credentials. For sub-groups, - the table additionally shows the path to the sub-group, and only the sub-groups that have custom - credentials set are displayed in the wizard. If there are multiple groups requiring credentials, - then all of them must be updated. -- For discovery queries that also have an Inventory query scheduled task created through the Host - Management node, the wizard displays if either of the two scheduled tasks uses custom credentials - -![Set Account window](/img/product_docs/accessanalyzer/admin/schedule/setaccount.webp) - -**Step 2 –** On the Set Account window, click **Change User**. - -![Schedule Custom Credentials window](/img/product_docs/accessanalyzer/admin/schedule/schedulecustomcredentials.webp) - -**Step 3 –** On the Schedule Custom Credentials window, reenter the Password for the selected user, -and Click **OK**. Then, click **OK** again on the Set Account window. The Status icon updates to a -green checkmark to indicate the credential has been provided. - -![Tasks page after credentials updated](/img/product_docs/accessanalyzer/admin/schedule/tasksupdated.webp) - -**Step 4 –** Repeat Steps 1 to 3 for each credential that needs updating. Once all the credentials -show a green checkmark, click **Next**. - -**NOTE:** At this stage you can click **Cancel** to close the wizard and the task will not be -renamed. - -![Rename Scheduled Task wizard Progress page](/img/product_docs/accessanalyzer/install/application/upgrade/progress.webp) - -**Step 5 –** The Progress page shows a progress bar and message. Once the scheduled tasks have been -renamed successfully, click **Finish** to close the wizard. - -The scheduled tasks have now been renamed and will run as before . The modified task name shows in -the Jobs tree, Host Management, or Host Discovery node, the Scheduled Actions grid, and in the -corresponding task's argument in the Windows Task Scheduler. diff --git a/docs/accessanalyzer/12.0/administration/job-management/schedule/wizard.md b/docs/accessanalyzer/12.0/administration/job-management/schedule/wizard.md deleted file mode 100644 index b72321ed2c..0000000000 --- a/docs/accessanalyzer/12.0/administration/job-management/schedule/wizard.md +++ /dev/null @@ -1,142 +0,0 @@ -# Schedule Wizard - -The schedule wizard allows you to configure scheduled tasks for jobs, job groups, Host Discovery -queries, and Host Inventory queries. The wizard has five wizard pages with options for setting up -the schedule task: - -- [Schedule](#schedule) -- [Host List](#host-list) -- [Connection](#connection) -- [Run As](#run-as) -- [Options](#options) - -On the Schedule page, click **New** to schedule when the task will run. The Host List and Connection -pages are optional customizations. See the relevant section below for more information on the -settings on each wizard page. - -When the settings on the wizard pages are configured as desired, click **OK** to save the changes -and close the window. The task is visible in the Schedule Actions view, at the Schedules node. - -## Schedule - -The Schedule page is for setting the schedule of when and how often the task will run. This tab -needs to be properly configured for every scheduled task. - -![Schedule wizard page](/img/product_docs/threatprevention/threatprevention/admin/configuration/databasemaintenance/schedule.webp) - -The options on the Schedule page are: - -- New – Opens the Trigger window to create a trigger for when the selected task will run -- Edit – Edits the selected Trigger in the Schedule view -- Delete – Deletes the selected trigger - -![Trigger window](/img/product_docs/accessanalyzer/admin/schedule/triggerwindow.webp) - -The options in the Trigger window are: - -- Begin the task – Select when the scheduled task will execute from a list of options -- Settings Section – Select the time interval that the scheduled task will execute. Access Analyzer - pulls schedule frequency options from Windows Task Scheduler. The following options are applicable - for scheduling Access Analyzer tasks on the Schedule page: - - - For **One time** recurrence, set the Start time and date of the single execution - - For **Daily** recurrence, set the Start time and the daily interval of Recur every [value] - days - - For **Weekly** recurrence, set the Start time and the weekly interval of Recur every [value] - weeks on. Then select the days of the week for the execution. - - For **Monthly** recurrence, set the Start time. Then select either the monthly interval of - Days [value] of the month or the [value] [Day of the Week] of the month. By default, this is - set to recur every month. To select only specific months, use Months dropdown menu and - deselect the undesired months. - - The drop-down menu next to **Start** opens a calendar view for selecting the date - - Selecting the **Synchronize across time zones** checkbox will synchronize the scheduled task - to run without respect to the time zone - -The remaining schedule frequencies are supplied by Windows Task Scheduler and not applicable to -Access Analyzer task scheduling. See the Microsoft -[Task Scheduler Overview](https://technet.microsoft.com/en-us/library/cc721871.aspx) article for -additional information. - -![Trigger window Advanced settings](/img/product_docs/accessanalyzer/admin/schedule/triggerwindowadvancedsettings.webp) - -The options in the Advanced settings section are: - -- Stop task if it runs longer than – Create a threshold for when the task will stop if it runs - beyond a certain duration -- Enabled – If checked, the configurations made in the Trigger window will be enabled - -## Host List - -The Host List page identifies the host list the task being scheduled queries. Customizations to the -configuration of this tab is optional. - -![Host List wizard page](/img/product_docs/accessanalyzer/admin/schedule/hostlist.webp) - -Choose the desired setting from the following options: - -- Use Host list from Job – A default setting and applies the host list designated at the job or job - group level. This is also the recommended setting. -- Use Alternate Host List – Allows a host list to be selected from the list of Hosts Lists provided. - The list is from the Host Management host lists. - -Under the selection window, the number of selected hosts are identified. In addition, the **Select -All** and **Clear All** links provide for quick selection and deselection. - -## Connection - -The Connection page identifies the Connection Profile that is applied to the targeted hosts being -queried by the task being scheduled. Customizations to the configuration of this tab is optional. - -![Connection wizard page](/img/product_docs/activitymonitor/activitymonitor/admin/monitoredhosts/add/connection.webp) - -Choose the desired setting from the following options: - -- Use Profile from Job – A default setting and applies the Connection Profile designated at the job - or job group level - - **_RECOMMENDED:_** In most cases, this is the recommended setting - -- Use the Windows account that the application is run with (System default) – Applies the account - used to open the Access Analyzer Console -- Use Alternate Profile – Allows a Connection Profile to be selected form the Profiles list - provided. The list is from the global **Settings** > **Connection** list of Connection Profiles. - -## Run As - -Select the Schedule Service account to run this task with on the Run as wizard page. To create or -edit Schedule Service accounts, go to the **Settings** > **Schedule** node. See the -[Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) topic for additional information. - -![Run as wizard page](/img/product_docs/accessanalyzer/admin/schedule/runas.webp) - -The options on the Run as wizard page are: - -- Use default Schedule Service Account – Uses the default Schedule Service Account that is set at - the **Settings** > **Schedule** node -- Use selected Schedule Service Account – Select the Schedule Service Account to use for the task - from a list of available accounts in the drop-down menu -- Use Custom Credentials – Use custom credentials not stored in the Access Analyzer Console. Enter - the User Name for the custom credentials. - - - Change User – Click this button to open the Schedule Custom Credentials window and specify a - user name and password - - To update the password for an existing account, click the **Change User** button and enter a - new password - - If you rename a task (job, job group, Host Discovery query, or Host Inventory query) after it - has been scheduled using custom credentials, then the Rename Scheduled Task wizard displays - for you to update these credentials. See the [Rename Scheduled Task Wizard](/docs/accessanalyzer/12.0/administration/job-management/schedule/rename-wizard.md) - topic for additional information. - -## Options - -Configure additional options for the task on the Options wizard page. - -![Options wizard page](/img/product_docs/accessanalyzer/install/application/options.webp) - -The configurable options are: - -- Comments – Enter custom comments for the scheduled task -- Stop the task if it runs for – Create the threshold for when the scheduled task will stop if it - exceeds a configured duration -- Scheduled task is enabled – Selecting this checkbox will enable the scheduled task. Deselecting it - will disable the scheduled task. diff --git a/docs/accessanalyzer/12.0/administration/maintenance/backup-recovery.md b/docs/accessanalyzer/12.0/administration/maintenance/backup-recovery.md deleted file mode 100644 index 277a58d9a5..0000000000 --- a/docs/accessanalyzer/12.0/administration/maintenance/backup-recovery.md +++ /dev/null @@ -1,96 +0,0 @@ -# Backup and Recovery - -For data recovery purposes, the Access Analyzer does not need a complete image back up of the Access -Analyzer Console server. Rather a standard file level back up of a few key components is all that is -necessary. This document contains a step-by-step guide for back up and recovery. The choice of back -up utility is left to the Access Analyzer user. - -**NOTE:** This does not cover back up of the Access Analyzer database. - -## Steps to Back Up the Console Server - -Follow these steps to back up the key components necessary for data recovery of the Access Analyzer -Console server. - -**Step 1 –** Obtain or save the installation media for Access Analyzer. - -**Step 2 –** Back up the following files and folders from the Access Analyzer folder (Typically -found at `C:\Program Files(x86)\STEALTHbits\StealthAUDIT` and can be more directly found with the -built-in environment variable `%SAINSTALLDIR%`): - -- ...\STEALTHbits\StealthAUDIT\Jobs: Contains the jobs from the Access Analyzer jobs tree -- … \STEALTHbits\StealthAUDIT\CLU: Contains any CLU parameters -- … \STEALTHbits\StealthAUDIT\ODBCProfiles\Custom: Contains any custom ODBC connect strings -- …\STEALTHbits\StealthAUDIT\SADatabase\Views: Contains the host list definitions -- ...\ STEALTHbits\StealthAUDIT\SecurityMap: Contains all of the Connection Profiles -- ... \STEALTHbits\StealthAUDIT\GlobalOptions.XML: Contains the Global Options -- ...\ STEALTHbits\StealthAUDIT\SPProfiles.XML: Contains the Storage Profiles (SQL connection) -- ...\ STEALTHbits\StealthAUDIT\rba.conf: Contains the Role Based Access Configuration -- ...\ STEALTHbits\StealthAUDIT\StealthAUDIT.LIC: The license key - -**Step 3 –** Back up all Scheduled Tasks. The method of back up is determined by the Access Analyzer -user. This can be as simple as copying the contents of the tasks folder from the following two -locations: - -![C:\Windows\Tasks](/img/product_docs/accessanalyzer/admin/maintenance/maintenance_3.webp) - -- C:\Windows\Tasks - -![C:\Windows\System32\Tasks](/img/product_docs/accessanalyzer/admin/maintenance/maintenance_4.webp) - -- C:\Windows\System32\Tasks - -All key components necessary for data recovery have now been backed up. - -## Steps to Restore the Console Server - -Follow these steps for data recovery of the Access Analyzer Console server. - -**Step 1 –** Confirm the prerequisites have been met on the Access Analyzer Console Server. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for specific prerequisites. - -**Step 2 –** Install the Access Analyzer application. Do not start the Access Analyzer application -at this time. - -**Step 3 –** Restore all of the backed up files and folders from Step 2 of Steps to Back up the -Access Analyzer Console Server to their corresponding location. - -**Step 4 –** Restore all of the backed up scheduled tasks from Step 3 of Steps to Back up the Access -Analyzer Console Server to the corresponding tasks folder of the operating system. - -**Step 5 –** For Host Management and Host List Replication in a new host scenario, run the following -code within the SQL Studio on the Access Analyzer database. - -- Replace `OldServer` and `NewServer` in the script below with the names of the old and new Access - Analyzer servers - -``` -Declare @OHost varchar (128) -Declare @NHost varchar (128) -Set @OHost = 'OldServer' -Set @NHost = 'NewServer' -Update [HostMaster_SANodeFilter] -SET SA_Node = @NHost -Where SA_Node = @OHost; -Update [HostListsTbl] -SET SA_Node = @NHost -Where SA_Node = @OHost -and ListID not in (Select ListID from [HostListsTbl] where SA_Node = @NHost); -Update [QueryTbl] -SET SA_Node = @NHost -Where SA_Node = @OHost; -``` - -**Step 6 –** Start Access Analyzer and confirm all settings and jobs have been restored. - -**Step 7 –** Enable Role Based Access to write the necessary registry keys: - -![Role Based Access](/img/product_docs/accessanalyzer/admin/maintenance/maintenance_5.webp) - -- Navigate to the **Settings** > **Access** node in the Access Analyzer Console and select - **Access** -- Use the **Add Access**, **Edit Member Role**, and **Delete Member Role** buttons to add, remove, - and edit roles -- See the [Role Based Access](/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md) topic for more information - -The Access Analyzer Console Server is now restored. diff --git a/docs/accessanalyzer/12.0/administration/maintenance/overview.md b/docs/accessanalyzer/12.0/administration/maintenance/overview.md deleted file mode 100644 index 55ad485018..0000000000 --- a/docs/accessanalyzer/12.0/administration/maintenance/overview.md +++ /dev/null @@ -1,10 +0,0 @@ -# Application Maintenance and Best Practices - -The following topics contain information needed for application maintenance and troubleshooting for -the Access Analyzer Console: - -- [Antivirus Exclusions](/docs/accessanalyzer/12.0/administration/maintenance/antivirus-exclusions.md) -- [Updating Passwords](/docs/accessanalyzer/12.0/administration/maintenance/update-passwords.md) -- [Backup and Recovery](/docs/accessanalyzer/12.0/administration/maintenance/backup-recovery.md) -- [Troubleshooting](/docs/accessanalyzer/12.0/administration/maintenance/troubleshooting.md) -- [Best Practices](/docs/accessanalyzer/12.0/administration/maintenance/best-practices.md) diff --git a/docs/accessanalyzer/12.0/administration/maintenance/troubleshooting.md b/docs/accessanalyzer/12.0/administration/maintenance/troubleshooting.md deleted file mode 100644 index ce2079de58..0000000000 --- a/docs/accessanalyzer/12.0/administration/maintenance/troubleshooting.md +++ /dev/null @@ -1,77 +0,0 @@ -# Troubleshooting - -There are some general things to know when getting started troubleshooting Access Analyzer: - -- Access Analyzer Install Directory Shortcut – `%sainstalldir%` - -The shortcut opens the installation folder location where the Access Analyzer application is -installed. The default installation directory is: - -C:\Program Files (x86)\STEALTHbits\StealthAUDIT\ - -If the installation directory was customized during installation, it will be: - -…\STEALTHbits\StealthAUDIT\ - -The Access Analyzer install directory has several logs that can be accessed for troubleshooting -purposes. This includes: - -- The Application log which contains logging of all activities within Access Analyzer -- The Upgrade log which logs activities related to the upgrade process -- The upgrade archive which is a zip file containing all of your Access Analyzer jobs prior to the - upgrade process -- Sensitive Data logs that contain details from sensitive data scans performed against various - repositories -- Artifacts from various data collection routines such as tier 2 database files created from File - System or SharePoint scanning - -See the [Logs](#logs) topic for additional information. - -## Logs - -Access Analyzer has a few areas where it stores logs. Make sure the log level is set to DEBUG in -Access Analyzer to gather all necessary information. Once the logs have been created and sent to -Netwrix Support, then reset the logging level to save disc space. - -To set your logging level to debug go to **Settings** > **Application** – **Set the Application log -level to Debug** and restart the application. - -#### Where Are the Logs Located? - -| Log Name | Log Location | -| --------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SADebug (Access Analyzer Console) | `%sainstalldir%SADatabase\Logs\Application` SADebug Logs will be saved in the format: SADebug-[timestamp]-[PID].tsv | -| Job Log (Access Analyzer Console) | Windows File Explorer Shortcut: `%sainstalldir%Jobs\Group_Name\Job_Name\Output\nameofjob.tsv` Console Shortcut: **Right click job** > **Explore folder** > `nameofjob.tsv` | -| ExchangePS logs (Access Analyzer Console) | `%sainstalldir%PrivateAssemblies\GUID` | -| PowerShell Logs (Access Analyzer Console) | `%sainstalldir%Jobs\SA_CommonData\PowerShell` | -| PowerShell logs (Remote Host): | ` C:\Program Files(x86)\STEALTHbits\StealthAUDIT\Applet\Powershell\GUID` | -| RPC logs (File System Action Module) | `FileSystemAM\RPCLogs` | -| SMARTLog logs (Remote Host) | `C:\Program Files(x86)\STEALTHbits\StealthAUDIT\Applet\SmartLog` | -| SMARTLog logs (Access Analyzer Console) | `%SAInstallDir%Jobs\SA_CommonData\SmartLog` | -| SMARTLog Persistence File (Access Analyzer Console) | `%SAInstallDir%Jobs\SA_CommonData\SmartLog\GUID\Host` | -| Metrics Logs (Remote Host) | `{Location of Message Tracking Logs}\ SA_ExchangeMetricsData\NameofQuery` | -| Metrics Persistence File (Access Analyzer Console) | `%SAInstallDir%Jobs\SA_CommonData\Metrics\GUID\Host` | -| Web Server Logs | `%sainstalldir%SADatabase\Logs\Web` | - -## FSAA Log Naming Conventions - -FSAA Applet Logs: - -All FSAA applet logs have the following naming convention for permissions, activity, sensitive data, -and DFS scan types: - -- `[SCAN TYPE]_[HOSTNAME]_[YEAR]_[MONTH]_[DAY]_[TIME]_{JOB_GUID}_[SessionID].log` - -FSAA Trace Logs: - -Below are two types of FSAA trace logs created while in local, applet, or proxy modes: - -- Parent Trace Log – StealthAUDITRPC*[YYYYMMDD_hhmmss]*[Execution_Host].log - - ProccessID is logged in the job log -- Child Trace Log – - StealthAUDITRPC*[session_id]*[ScanType]_[Execution_host]_[Target_host]\_[YYMMDD_hhmmss].log - - ProcessID is logged in the Parent trace log - -When running StealthAUDITRPC as a service, the parent trace log reads as: - -- StealthAUDITRPC.log diff --git a/docs/accessanalyzer/12.0/administration/maintenance/update-passwords.md b/docs/accessanalyzer/12.0/administration/maintenance/update-passwords.md deleted file mode 100644 index 4f90771701..0000000000 --- a/docs/accessanalyzer/12.0/administration/maintenance/update-passwords.md +++ /dev/null @@ -1,92 +0,0 @@ -# Updating Passwords - -Credential passwords in Access Analyzer occasionally need to be updated due to reasons such as the -password expiring due to existing password expiration polices or for security purposes. If a -password change is required, there are multiple types of accounts where credential passwords must be -updated: - -- [Storage Profiles](#storage-profiles) -- [Connection Profiles ](#connection-profiles) -- [Schedule Service Accounts ](#schedule-service-accounts) - - - [Settings > Schedule Node](#settings-schedule-node) - - [Schedules Node](#schedules-node) - - [Jobs](#jobs) - -- [Notifications (if enabled)](#notifications-if-enabled) -- [ServiceNow (if enabled)](#servicenow-if-enabled) -- [Services](#services) - -**NOTE:** When updating passwords in Access Analyzer, you should also check the passwords in Netwrix -Activity Monitor. See the Update Credential Passwords topic in the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for additional information. - -## Storage Profiles - -Storage Profiles manage user authentication with the database. See the -[Update Authentication Credentials in a Storage Profile](/docs/accessanalyzer/12.0/administration/settings/storage/update-auth.md) topic -for information about updating Storage Profile authentication credentials in the Access Analyzer -Console. - -## Connection Profiles - -Connection Profiles are used for scan authentication in the Access Analyzer console. See the -[Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for details on how to edit user credentials -for a Connection Profile. - -For Entra ID, formerly Microsoft Azure Active Directory, accounts, see the -[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/12.0/configuration/entra-id/access.md) topic for additional -information. - -## Schedule Service Accounts - -Access Analyzer uses the Schedule Service Account to run scheduled tasks on the Access Analyzer -Console server. The global account is configured at the Settings > Schedule node. However, a custom -account can be assigned to either a Job or a Scheduled Task. - -### Settings > Schedule Node - -The Settings > Schedule Node displays the Schedule page where you can configure the account used for -executing a scheduled task. See the -[Edit a Schedule Service Account](/docs/accessanalyzer/12.0/administration/settings/schedule.md#edit-a-schedule-service-account) topic for -additional information on editing the user credentials for the account. - -### Schedules Node - -The Schedules Node opens the Scheduled Actions pages where scheduled tasks are listed. From this -page, actions can be scheduled using the Schedule wizard. See the -[Schedule Wizard](/docs/accessanalyzer/12.0/administration/job-management/schedule/wizard.md) topic for additional information on updating the -credentials password in the Schedule wizard. - -### Jobs - -Jobs are typically scheduled with the global scheduled account. However, Jobs can also be scheduled -with a custom account. See the [Auto Retry Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/auto-retry.md) topic for -information on updating the Schedule Authentication credentials. - -## Notifications (if enabled) - -Email notifications are configured in the Notifications node. The following steps only apply if -Notification authentication has been enabled for the Access Analyzer Console. See the -[Update Notification Authentication Credentials](/docs/accessanalyzer/12.0/administration/settings/notification.md#update-notification-authentication-credentials) -topic for information on updating Notification authentication credentials. - -## ServiceNow (if enabled) - -The ServiceNow Node controls the integration between Access Analyzer and ServiceNow. See the -[Update ServiceNow Authentication Credentials](/docs/accessanalyzer/12.0/administration/settings/service-now.md#update-servicenow-authentication-credentials) -topic for information on updating ServiceNow authentication credentials. - -## Services - -Depending on your configuration, the credentials for the accounts running the following Netwrix -Access Analyzer (formerly Enterprise Auditor) services may need updating: - -- File System Proxy Service – This service is on the proxy server. See the - [File System Proxy Service Installation](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md) topic for - additional information. -- Vault Service – See the [Vault](/docs/accessanalyzer/12.0/administration/settings/application/vault.md) topic for additional information -- Web Server Service – See the - [Reports via the Web Console](/docs/accessanalyzer/12.0/getting-started/installation/application/reports/overview.md) topic for additional - information diff --git a/docs/accessanalyzer/12.0/administration/navigation/activities-pane.md b/docs/accessanalyzer/12.0/administration/navigation/activities-pane.md deleted file mode 100644 index f260f131ae..0000000000 --- a/docs/accessanalyzer/12.0/administration/navigation/activities-pane.md +++ /dev/null @@ -1,20 +0,0 @@ -# Activities Pane - -The Activities pane displays a list of activities which can be conducted within the currently -selected console section. It is only visible if there are activities available for the selected -section. In the few cases where the Results pane is a wizard, this pane becomes the navigation pane -for the wizard, e.g. the Access Analyzer Host Discovery Wizard. If the currently selected console -section has an associated Activities Pane, it can be found on the right-hand side of the Access -Analyzer Console. - -![activitiespane](/img/product_docs/accessanalyzer/admin/navigate/activitiespane.webp) - -The following console sections have associated Activities Panes: - -- All Global Settings > [Settings] nodes -- Host Management nodes -- **Host Discovery** node -- Jobs > [Job Group/Job] > Settings node - -The Guidance section of the Activities Pane will display context sensitive information depending on -what the currently selected console section is. diff --git a/docs/accessanalyzer/12.0/administration/navigation/data-grid.md b/docs/accessanalyzer/12.0/administration/navigation/data-grid.md deleted file mode 100644 index ea3e291d88..0000000000 --- a/docs/accessanalyzer/12.0/administration/navigation/data-grid.md +++ /dev/null @@ -1,262 +0,0 @@ -# Data Grid Functionality - -All data grids within the Access Analyzer Console have functions and features that allow Access -Analyzer users to group by, filter, and sort via the filtration dialog through the data. - -![Search Methods - Data Grid](/img/product_docs/threatprevention/threatprevention/admin/navigation/datagridfunctionality.webp) - -The different grouping, filtering, and search methods in the Data Grid are: - -- [Data Grid Right-Click Menu](#data-grid-right-click-menu) -- [Sort](#sort) -- [Group By](#group-by) -- [Filter](#filter) - -The Show maximum [value] of total [value] rows, located in the upper-right hand corner of the Data -Grid view in the Results Pane, indicates how many rows of data are available within this data grid -(the first value) and how many rows of data are available in the Access Analyzer database for this -data grid (the second value). The maximum value can be changed by the user and only affects the -maximum number of rows available for this data grid within the Access Analyzer Console. The total -value is automatically supplied from the Access Analyzer database and cannot be changed by the user. -If the total value is less than the maximum value, then all available data for this grid is present -for sorting, filtering, and searching. - -## Data Grid Right-Click Menu - -The right-click menu that affects data grid functionality is accessible by right-clicking on the -data grid header row. - -![Data Grid Functionality](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality1.webp) - -The Data Grid Right-click menu contains the following selections: - -- Sort Ascending – Sorts data by selected column in alphanumeric order -- Sort Descending – Sorts data by selected column in alphanumeric order -- Clear Sorting – Removes all sorting from selected column -- Group By This Field – Groups data or clears grouping of data by selected column -- Group By Box – Hides or shows the Group By Box where headers can be dragged-and-dropped to group - the data -- Footer – Provides a data grid summation row at the bottom of the data grid (see the - [Footer](#footer) section) -- Group Footers – Provides a data grid summation row at the bottom of each group (see the - [Footer](#footer) section) -- Remove This Column – Removes selected column from the data grid -- Field Chooser – Opens the Customization window (see the - [Customization Window](#customization-window) section) -- Best Fit – Changes column width to fit the data within the selected column -- Best Fit (all columns) – Changes column width for all columns to fit the data - -Some data grids include right-click menus for actions on the data. See the corresponding sections -for information on right-click menus within a data grid. - -### Customization Window - -The Customization window can be used to customize the data grid to only display specific columns. - -![Customization Window](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality2.webp) - -To open the Customization window, select Field Chooser from the column header right-click menu. - -![Customization Window](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality3.webp) - -Any column that has been removed from the data grid, either by dragging it off the screen or by -dropping it into this window, will be listed here. A column not currently displayed can be returned -to the data grid by dragging-and-dropping it from this window onto the header row. - -### Footer - -The footer provides a data grid summation row. The summation capabilities exist for every column on -the footer either for the entire data grid or by grouped sections of the data grid. - -![Footer Option](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality4.webp) - -To enable the footer, right-click in a column header and select Footer from the right-click menu. - -![Footer display](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality5.webp) - -The footer appears as a gray bar at the bottom of the grid (or grid group). Right-click on the -footer under the desired column. Only the options applicable to the desired column will be valid for -selection. - -![Footer options](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality6.webp) - -The different footer options are: - -- Sum – Available for columns with numeric values, adds all values in the column -- Min – Available for columns with numeric values, identifies the minimum value in the column -- Max – Available for columns with numeric values, identifies the maximum value in the column -- Count – Counts the number of records within the column -- Average – Available for columns with numeric values, calculates the average value for the column -- None – Removes the selected summation - -## Sort - -The data grid can be sorted in alphanumeric order by clicking on a column header. - -![Sort Order](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality7.webp) - -An arrow displays on the column header indicating if the sort is increasing or decreasing. This -feature only works on one column at a time. - -## Group By - -Users can interact and search through data grids in the Results Pane. - -| ![Default Group By View](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality9.webp) | -| ----------------------------------------------------------------------------------------------------- | -------------------------- | -| Default view | Organized by Column Header | - -To use this feature, drag a column header into the “Drag a column header here to group by that -column” area. The data grid groups according to the data within that column. The sub-header provides -a ‘count’ of records within each group. Expand the group to view the data. - -![Expand Group View](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality10.webp) - -Multiple columns can be dragged into the Group By area to form tiered groupings. - -**NOTE:** Sorting by the FQDN column is an easy way to see if there are two entries for the same -host. - -![Column Header](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality11.webp) - -The data grid can also be grouped by dragging a column header beneath the other column headers -either to the stationary section on the left or to the mobile section on the right. Each record -counts as a single row for the total rows value, but displays in two rows with the second row -dedicated for the moved column. - -Drag the column header(s) back to the table to remove the grouping or use the Clear Sort option in -the [Data Grid Right-Click Menu](#data-grid-right-click-menu). Additionally, the sort will clear -when the user navigates to another place in the console. - -## Filter - -Users can filter and search data in the Data Grid by using the dropdown arrow in the column headers -to select from a list of filters, configuring a custom filter, or by using the Data Grid filtration -dialog located above the Activities Pane. - -![Filter](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality12.webp) - -In the header of every column is a drop-down arrow. This provides users with the ability to filter -the data grid for a particular item or items within a column. The drop-down menu has the options of -(All), (Custom…), and an alphabetical listing of all items currently within that column for the data -grid. - -- [Custom Filter](#custom-filter) – Click Custom Filter in the header dropdown to open the Custom - Filter window -- [Filtration Dialog](#filtration-dialog) – Click the Magnifying Glass icon in the Filtration Dialog - to select a specific filter - -### Custom Filter - -The Custom option opens a Custom Filter builder for the selected column. - -![Custom Filter](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality13.webp) - -The Custom Filter window options are: - -- Show rows where - - First Comparison Operator – Select from a list of different logical operators that will apply - to the first custom filter criteria - - AND/OR radio buttons – Select logical relationship between the first and second custom filter - criteria - - Second Comparison Operator – Select from a list of different logical operators that will apply - to the second custom filter criteria. -- Two wildcard options: - - The underscore (\_) can be used to represent any single character - - The asterisk (\*) can be used to represent any series of characters - -#### Creating a Custom Filter - -Follow the steps to create a Custom Filter: - -**Step 1 –** Click the dropdown arrow in the column header for the column where the Custom Filter is -going to be applied and select (Custom…) from the list. The Custom Filter window opens. - -![Creating a Custom Filter](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality14.webp) - -**Step 2 –** Set the desired criteria for the custom filter. Select the logical operator from the -drop-down menu on the left and set the criteria in the textbox on the right. - -**Step 3 –** Select either AND/OR and set the second criteria field, following the same method as -Step 2. - -**Step 4 –** Click OK to confirm changes. The custom filter criteria is now applied to the Data -Grid. - -In the example above, OSName is like \*2008\* AND not like \*Standard\*, the filter returns all data -records with an operating system name that contains “2008” but not “Standard,” e.g. Windows Server -2008 Enterprise Edition, 64 bit and Windows Server 2008 R2 Datacenter Edition, 64-bit, etc. Complex -filters can be created using the Advanced Search option in the Filtration Dialog. - -![Selected Filter Criteria](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality15.webp) - -The selected filter criteria will appear at the top of the data grid. A red X appears in the -filtration dialog, and the total rows value drops to the number of records that match the filter -criteria. Additional filter statements can be added for other columns by repeating the process to -build complex filters. The filtration dialog also provides other ways to filter and search the data -set. See the [Filtration Dialog](#filtration-dialog) topic for additional information on this -feature. - -Filters can be cleared by clicking the red X in the filtration dialog (to clear all filter -statements), selecting All from the column’s drop-down menu (to clear filters one column at a time), -or by navigating to another place in the console (to clear all filter statements). However, the -Recent Filters option in the filtration dialog provides a list of the most recent filters applied to -the data set for users to quickly return to a filtered view. - -### Filtration Dialog - -The filtration dialog in the upper-right corner with the magnifying glass icon provides additional -filtering options. - -![Filtration Dialog](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality16.webp) - -The magnifying glass icon opens a dropdown list of columns for the selected data grid, the Advanced -Search option, and the Recent Filters list. Typing in the textbox at the top filters the data grid -for the selected column (identified by the black dot). Hover over the Recent Filters menu item to -open the list of the last server filters applied to this data grid. - -#### Advanced Search - -The Advanced Search option opens a Set Filter builder for users to build a filter for multiple -columns using multiple logical operators. - -![Advanced Search](/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality17.webp) - -The filter options and logical operators are: - -- Filter Button – The Filter button opens a menu with the options to: - - Add Condition - - Add Group - - Clear All -- Logical Operator – The logical operator (red text) beside the Filter button can be changed by - clicking on it to open a menu with: - - AND - - OR - - NOT AND - - NOT OR -- Ellipsis Button – The ellipsis (…) button at the beginning of each row opens a menu with options - to: - - Add Condition - - Add Group - - Remove Row -- Column Selection – The selected column (green text) can be changed by clicking on it to open a - menu with all available columns for the data grid. -- Comparison Operator – The comparison operator (dark red text) can be changed by clicking on it to - open a menu with: - - equals - - does not equal - - is less than - - is less than or equal to - - is greater than - - is greater than or equal to - - like - - not like - - is blank - - is not blank - - between - - not between - - in - - not in -- Filter Criteria – The filter criteria (blue text) can be changed by clicking on it and typing in - the textbox that appears. The Custom Filter builder wildcards can also be used in the Set Filter - builder. diff --git a/docs/accessanalyzer/12.0/administration/navigation/overview.md b/docs/accessanalyzer/12.0/administration/navigation/overview.md deleted file mode 100644 index f1c2f914aa..0000000000 --- a/docs/accessanalyzer/12.0/administration/navigation/overview.md +++ /dev/null @@ -1,22 +0,0 @@ -# Navigating the Console - -There are several options that can be used to navigate the Access Analyzer Console. This section -covers basic Access Analyzer Console navigation, including menu options, buttons, and the different -panes through which users can access Access Analyzer’s various functions and options. - -![Console Navigation Overview](/img/product_docs/accessanalyzer/admin/navigate/navigationoverview.webp) - -The primary sections of the Access Analyzer Console are: - -- [Top Navigation](/docs/accessanalyzer/12.0/administration/navigation/top.md) – Comprised of the Menu Bar and the Actions Bar -- [Navigation Pane](/docs/accessanalyzer/12.0/administration/navigation/pane.md) – Navigate through all of Access Analyzer’s major functions using the - Navigation Pane. Selecting a node or sub-folder in the Navigation Pane will change what can be - done in the Results Pane. -- [Results Pane](/docs/accessanalyzer/12.0/administration/navigation/results-pane.md) – Displays various interfaces based on what is selected in the - Navigation Pane or Activities Pane -- [Activities Pane](/docs/accessanalyzer/12.0/administration/navigation/activities-pane.md) – Displays a list of activities which can be conducted within - the currently selected console section - -Access Analyzer Data Grids also have specific navigation options that enable users to filter, group, -and search through data. See the [Data Grid Functionality](/docs/accessanalyzer/12.0/administration/navigation/data-grid.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/administration/navigation/pane.md b/docs/accessanalyzer/12.0/administration/navigation/pane.md deleted file mode 100644 index f2228021ee..0000000000 --- a/docs/accessanalyzer/12.0/administration/navigation/pane.md +++ /dev/null @@ -1,300 +0,0 @@ -# Navigation Pane - -The Navigation Pane, located on the left-hand side of the Access Analyzer Console, lists all the -major functions of Access Analyzer in a collapsible list format. Clicking on any node with an arrow -will open a collapsible list that shows more navigation, configuration, and use options. - -![Configuration Settings](/img/product_docs/accessanalyzer/admin/navigate/navigationmenu.webp) - -The items in the Navigation Pane are: - -- Settings – Opens the Global Settings section for configurations which affect the running of Access - Analyzer jobs. See the [Global Settings](/docs/accessanalyzer/12.0/administration/settings/overview.md) topic for additional - information. -- Host Management – Opens the Host Management section for inventorying and managing hosts to be - targeted by Access Analyzer jobs. See the [Host Management](/docs/accessanalyzer/12.0/host-management/overview.md) topic - for additional information. -- Host Discovery - Opens the Host Discovery section for discovering hosts to be targeted by the - Access Analyzer jobs. See the Host Discovery topic for additional information. -- Running Instances – Displays progress for all running jobs. This includes jobs that are run by a - scheduled task, interactively within the open Access Analyzer instance, or interactively in any - other running instance of Access Analyzer See the - [Running Instances Node](/docs/accessanalyzer/12.0/administration/job-management/running-instances/overview.md) topic for additional information. -- Schedules – Opens the Scheduled Actions view which displays information on all scheduled tasks. - See the [Schedules](/docs/accessanalyzer/12.0/administration/job-management/schedule/overview.md) topic for additional information. -- Jobs – Lists all solutions, job groups, and jobs within a folder structure. See the - [Jobs Tree](/docs/accessanalyzer/12.0/administration/job-management/overview.md) topic for additional information. - -The title above the Navigation Pane will change depending on what is selected. There are also -several right-click or context menus available throughout the console. See the -[Navigation Pane Right-click Menus](#navigation-pane-right-click-menus) topic for additional -information. - -## Navigation Pane Right-click Menus - -There are several contextual right-click menus that are accessed by right-clicking on individual -nodes or sub-nodes in the Navigation Pane. The different right-click menus are: - -- Host Management Right-click Menus -- Jobs Tree Right-click Menus - -### Host Management Right-click Menus - -The following right-click menus are available within the Host Management node. - -See the [Host Management](/docs/accessanalyzer/12.0/host-management/overview.md) topic for additional information on these -actions. - -#### Discovery Node - -The Discovery node right click-menu can be accessed in the Host Management node in the Navigation -Pane. - -![Discovery Node options](/img/product_docs/accessanalyzer/admin/navigate/navigationpane1.webp) - -The Discovery node right-click menu options are: - -- Create Query – Opens the [Host Discovery Wizard](/docs/accessanalyzer/12.0/host-management/discovery/wizard/overview.md) -- Suspend/Resume Query Queue – Pauses or resumes the host discovery queue - -#### All Hosts Node - -The All Hosts node right-click menu can be accessed in the Host Management node in the Navigation -Pane. - -![All Hosts Node options](/img/product_docs/accessanalyzer/admin/navigate/navigationpane2.webp) - -The All Hosts right-click menu options are: - -- Add Hosts – Opens the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) window -- Refresh Lists – Refreshes host list -- Refresh Hosts – Executes the host inventory query -- Save Selected to Lists – Opens the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) window with the - selected hosts already added to a new list -- Schedule – Opens the [Schedule (Activities Pane Option)](/docs/accessanalyzer/12.0/host-management/actions/schedule.md) - window to schedule a host inventory query -- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file -- Suspend/Resume Host Inventory – Pauses or resumes a host inventory query - -#### All Hosts > [Host List] Node - -The All Hosts > [Host List] right-click menu can be accessed in the Host Management node in the -Navigation Pane. - -![Host List Node options](/img/product_docs/accessanalyzer/admin/navigate/navigationpane3.webp) - -The All Hosts > [Host List] node right-click menu options are: - -- Edit List – Opens the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) window for the selected list -- Rename List – Opens the Host list name window -- Delete List – Delete the selected host list -- Refresh List – Refreshes host list -- Refresh Hosts – Executes the host inventory query -- Save Selected to List – Opens the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) window with the - selected hosts already added to a new list -- Schedule – Opens the [Schedule (Activities Pane Option)](/docs/accessanalyzer/12.0/host-management/actions/schedule.md) - window to schedule a host inventory query -- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file -- Suspend Host Inventory – Pauses or resumes a host inventory query - -### Jobs Tree Right-click Menus - -The following right-click menus are available within the Jobs tree. - -See the [Jobs Tree](/docs/accessanalyzer/12.0/administration/job-management/overview.md) topic for additional information on these actions. - -#### Jobs Tree Primary Nodes - -The Job tree primary nodes have the following right-click menu items: - -**NOTE:** These menu items apply to a Jobs Tree, Job Group, and a Job. Depending on the chosen -selection, some menu items are grayed out. - -| ![Jobs Tree Primary Nodes](/img/product_docs/accessanalyzer/admin/navigate/navigationpane6.webp) | -| ------------------------------------------------------------------------------------------------ | ---------------- | ---------- | -| Jobs Tree Node | A Job Group Node | A Job Node | - -Menu items include: - -- Run Group/Jobs – Executes the selected job group or job -- Publish – Publishes the reports from the selected job group or job without regenerating the - report. See the [Reporting](/docs/accessanalyzer/12.0/reporting/overview.md) topic for additional information. -- Lock Group/Job – Locks job group or job, indicating configuration has been approved and the job - group or job is ready to be scheduled/run. This option only applies to Role Based Access. See the - [Role Based Access](/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md) topic for additional information. -- Unlock Group/Job – Unlocks job group or job, indicating the configuration has not been approved or - needs to be modified. Unlocking a job will prevent Job Initiators from scheduling or running the - job. This option only applies to Role Based Access. See the - [Role Based Access](/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md) for additional information. -- Enable/Disable Job(s) – Disables the selected job or job group and skips them during scan - execution. When a job group is disabled, all existing jobs within the job group are disabled. See - the [Disable or Enable a Job](/docs/accessanalyzer/12.0/administration/job-management/job/disable-enable.md) topic for more information. -- Schedules – Opens the [Schedule Jobs](/docs/accessanalyzer/12.0/administration/job-management/schedule/overview.md#schedule-jobs) to schedule job group - or job execution -- Refresh Tree – Refreshes the Jobs tree -- Changes – Opens the [Changes Window](/docs/accessanalyzer/12.0/administration/job-management/overview.md#changes-window) to track changes to job - configuration in a change log -- Cut – Cuts the selected job group or job (Ctrl+X) -- Copy – Copies the selected job group or job (Ctrl+C) -- Paste – Pastes a copied/cut job group or job to the selected location (Ctrl+V) - - **CAUTION:** Delete Group/Job will also delete all tables that match the job’s naming convention - from the database. - -- Delete Group/Job – Deletes the selected job group or job. See the - [Report Cleanup when Deleting a Job or Job Group](/docs/accessanalyzer/12.0/reporting/cleanup.md) topic for additional - information. - - **CAUTION:** Rename Group/Job will rename all tables that match the job’s naming convention - within the database. - -- Rename Group/Job – Opens a textbox over the selected job group or job to rename -- Export – Zips the selected job group or job. Options allow for including the job, the reports, - and/or the job log and SA_Debug log. - - Save the ZIP file to a desired location, and optionally attach it to an email to - [Netwrix Support](https://www.netwrix.com/support.html). - - Email option requires [Notification](/docs/accessanalyzer/12.0/administration/settings/notification.md) settings to be configured. -- Create Job (Ctrl+Alt+A) – Creates a new job at the same location as the selected job group or job. - See the [Create a New Job](/docs/accessanalyzer/12.0/administration/job-management/job/create.md) topic for additional information. -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md). -- Create Group – Creates a new job group within the selected location -- Explore Folder – Opens the Windows Explorer folder for the select object -- Properties – Opens the [Job Properties](/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md) window - -#### [Job] > Status Node - -The [Job] > Status node has the following right-click menu items: - -![Status Node](/img/product_docs/accessanalyzer/admin/navigate/navigationpane7.webp) - -The Status node right-click menu items are: - -- Run Job – Executes the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -#### [Job] > Status > [Table/View] Nodes - -The [Job] > Status > [Table/View] nodes have the following right-click menu items: - -| ![Table/View Nodes](/img/product_docs/accessanalyzer/admin/navigate/navigationpane10.webp) | -| ------------------------------------------------------------------------------------------ | ----------------------------- | -------------- | -| ConnectStatus Table | Job Stats & Task Stats Tables | Messages Table | - -These menu items apply to the ConnectStatus Tables, Job Stats and Task Stats Tables, and the -Messages Table. Depending on the chosen selection, some menu items are grayed out. The menu items -are: - -- Create Hostlist From Data – Opens the New host list from job results window -- Edit Host List – Opens the Edit Dynamic Job Host Lists window -- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file -- Run Job – Executes the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Creates Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -#### [Job] > Results Node - -The [Job] > Results node has the following right-click menu items: - -![Results Node](/img/product_docs/accessanalyzer/admin/navigate/navigationpane11.webp) - -The menu items are: - -- Refresh Tree – Refreshes the Jobs Tree -- Run Job – Executes the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -#### [Job] > Results > [Table/View] Nodes - -The [Job] > Results > [Table/View] nodes have the following right-click menu items: - -![Results-Table View Nodes](/img/product_docs/accessanalyzer/admin/navigate/navigationpane12.webp) - -The menu items are: - -- Create Hostlist From Data – Opens the New host list from job results window. See the - [Host Management](/docs/accessanalyzer/12.0/host-management/overview.md) topic for additional information. -- Edit Host List – Opens the Edit Dynamic Job Host Lists window. See the - [Host Management](/docs/accessanalyzer/12.0/host-management/overview.md) topic for additional information. -- Export Data – Export the current data grid to an HTML file, an XML file, or a CSV file -- Actions – Opens the selected [Action Modules](/docs/accessanalyzer/12.0/actions/overview.md) for the selected table/view -- Run Job – Executes the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Create Job - Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -#### [Job] > Results > [Report] Nodes - -The [Job] > Results > [Report] nodes have the following right-click menu items: - -![Results-Report Nodes](/img/product_docs/accessanalyzer/admin/navigate/navigationpane13.webp) - -The [Job] > Results > [Report] node right-click menu items are: - -- Run Job – Executes the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - -#### [Job] > Configure Node - -The [Job] >Configure node have the following right-click menu items: - -![Configure Nodes](/img/product_docs/accessanalyzer/admin/navigate/navigationpane13.webp) - -The [Job] > Configure node right-click menu items are: - -- Run Job – Executes the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) - - **NOTE:** This right-click menu is also opened at the Configure > Hosts node. - -#### [Job] > Configure > [Configuration] Nodes - -The right-click menu items for the [Job] > Configure > [Configuration] node are the same right-click -menus as those available within the job’s individual configuration views: - -| ![Configure-Configuration Nodes](/img/product_docs/accessanalyzer/admin/navigate/navigationpane16.webp) | -| ------------------------------------------------------------------------------------------------------- | ------------- | ------------ | -| Queries Node | Analysis Node | Actions Node | - -Each configuration node has a different right-click menu. For additional information on each: - -- For the Queries node, see the [Jobs](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md) section for information on these - options -- For the Analysis node, see the [Jobs](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md) section for information on these - options -- For the Actions node, see the [Jobs](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md) section for information on these - options - -#### [Job] > Configure > Reports Node - -The [Job] >Configure > Reports node has the following right-click menu items: - -![Configure-Reports Node](/img/product_docs/accessanalyzer/admin/navigate/navigationpane17.webp) - -The [Job] > Configure > Reports node right-click menu items are: - -- Create Report – Opens a new report Configuration under the job’s **Configure > Reports Node** -- Paste Report – Paste a copied report from a different job into this job’s Reports node -- Run Job – Executes the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Create Job – Creates a new job at the same location as the selected job group or job - -#### [Job] > Configure > Reports > [Report Configuration] Node - -The [Job] >Configure > Reports > [Report Configuration] node has the following right-click menu -items: - -![Reports Configuration Node](/img/product_docs/accessanalyzer/admin/navigate/navigationpane18.webp) - -The [Job] > Configure > Reports > [Report Configuration] node right-click menu items are: - -- Generate Report – Generates the selected report -- Rename Report – Opens a textbox over the selected report to rename -- Delete Report – Deletes the selected report -- Copy Report – Copies the report configuration to clipboard. The copied report will have only the - roles inherited from the parent job when pasted. -- Run Job – Executes the selected job -- Add Instant Job – Opens the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) -- Create Job – Creates a new job at the same location as the selected job group or job (Ctrl+Alt+A) diff --git a/docs/accessanalyzer/12.0/administration/navigation/results-pane.md b/docs/accessanalyzer/12.0/administration/navigation/results-pane.md deleted file mode 100644 index fb3440a9df..0000000000 --- a/docs/accessanalyzer/12.0/administration/navigation/results-pane.md +++ /dev/null @@ -1,9 +0,0 @@ -# Results Pane - -The Results pane displays all views for the selected console section. - -![Results Pane](/img/product_docs/accessanalyzer/admin/navigate/resultspane.webp) - -The Results pane displays all views for the selected console section. This includes solution, job -group, and job descriptions, configuration views, native and materialized data tables and views, and -reports. diff --git a/docs/accessanalyzer/12.0/administration/navigation/top.md b/docs/accessanalyzer/12.0/administration/navigation/top.md deleted file mode 100644 index 986a75f292..0000000000 --- a/docs/accessanalyzer/12.0/administration/navigation/top.md +++ /dev/null @@ -1,144 +0,0 @@ -# Top Navigation - -The Top Navigation bars provide users quick access to various options and functions in Access -Analyzer. The two parts of the Top Navigation section are: - -- [Menu Bar on the Console](#menu-bar-on-the-console) -- [Button Bar on the Console](#button-bar-on-the-console) - -## Menu Bar on the Console - -Users can access various Access Analyzer functions and actions in the Menu Bar. - -![Menu Bar on Console](/img/product_docs/accessanalyzer/admin/navigate/menubar.webp) - -The Menu Bar options are: - -- File - - - Create Job – Creates a new job (Ctrl+Alt+A) at the selected location within the Jobs tree - - Add Instant Job – Opens the Access Analyzer Instant Job Wizard to install an instant job set - at the selected location within the Jobs tree. See the - [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) section for information on installing - instant solutions from the Access Analyzer Library. - - **CAUTION:** Delete Job will also delete all data tables with the job’s base naming - convention from the SQL database. - - - Delete Job – Deletes the selected job from the Jobs tree - - Properties – Opens the Job Properties window for the selected job. See the - [Job Properties](/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md) topic for additional information. - - Export Data – Exports the selected data table or view to an HTML, XML, or CSV file format - - Exit – Closes the Access Analyzer application - -- Edit - - - Cut – Cuts (Ctrl+X) the selected job group or job - - Copy – Copies (Ctrl+C) the selected job group or job - - Paste – Pastes (Ctrl+V) a copied job group or job to the selected job group folder (or into - the Jobs tree) - - **CAUTION:** Delete will also delete all data tables with the job’s base naming convention - from the SQL database. - - - Delete – Deletes the job group or job at the selected location within the Jobs tree - -- View - - Refresh Tree – Refreshes the Jobs tree - - Reset Current Data View – This is a legacy feature - - Show Change Deltas – This is a legacy feature - - Show Job Progress – Redirects the Access Analyzer Console to the Running Job Node to view the - running job’s progress. See the [Running Instances Node](/docs/accessanalyzer/12.0/administration/job-management/running-instances/overview.md) - topic for additional information. -- Job - - - Add Instant Job – Opens the Access Analyzer Instant Job Wizard to install an instant job set - at the selected location within the Jobs tree. See the - [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) section for information on installing - instant solutions from the Access Analyzer Library. - - Create Job – Creates a new job (Ctrl + Alt + A) at the selected location within the Jobs tree - - **CAUTION:** Delete Job will also delete all data tables with the job’s base naming - convention from the SQL database. - - - Delete Job – Deletes the selected job from the Jobs tree - - **CAUTION:** Rename Job will also rename all data tables with the job’s base naming - convention within the SQL database. - - - Rename Job – Renames the selected job - - Properties – Opens the Job Properties window for the selected job. See the - [Job Properties](/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md) topic for additional information. - - Execute: - - Run Job or Group – Starts job execution for the selected job group or job - - Stop Job or Group – Stops job execution for the selected job group or job - - Schedule – Opens the selected job’s Schedule window. See the - [Schedule Jobs](/docs/accessanalyzer/12.0/administration/job-management/schedule/overview.md#schedule-jobs) topic for additional information. - - Queries: - - - Add from Library – Opens the Library to add a query to the selected job’s Query Selection - view. See the Query Selection topic for additional information. - - Create Query – Opens the Query Selection window to create a new query at the selected - job’s Query Selection view - - Cut Query – Deletes the selected query from the selected job’s Query Selection view - - Properties – Opens the Query Selection window for the selected query - - Add Table – Opens the Query Selection window to add a table to the selected query - - Delete Table – Opens the Delete Table window which identifies associated tasks to be - deleted and asks for confirmation of the deletion action. See the Query Selection topic - for additional information. - - Rename Table – Opens the Rename Table window to enter a new table name for the selected - query. See the Query Selection topic for additional information. - - See the Data Collectors topic for additional information. See the - [Data Collectors](/docs/accessanalyzer/12.0/data-collection/overview.md) topic for additional information. - - - Reports - - Create Report – Creates a new report at the selected Reports node - - Generate Report – Generates the selected report and opens the report in a browser window - - Rename Report – Rename the selected report for the database and how it is seen in the Jobs - tree - - Delete Report – Delete the selected report - -- Schedules - - Schedule – Opens the selected object’s Schedule window to create a new scheduled action. The - Access Analyzer Console is redirected to the Schedules node. See the - [Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) topic for additional information. - - Delete – Delete the selected scheduled task from the Scheduled Actions view of the Schedules - node - - Properties – Opens the selected scheduled task’s Schedule window. See the - [Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) topic for additional information. -- Tools - - Libraries – Opens the Add Query from Library window to add a query to the selected job’s Query - Selection view. See the [Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) topic for additional information. - - Options – Redirects the Access Analyzer Console to the Settings node -- Help - - Content – Opens Access Analyzer help documentation - - User Details – Opens an information window display Current Logged In User and Role Assigned To - Current User (when applicable) - - Reference – This is a legacy feature - - Enable Support Mode – Enables Support Mode for Netwrix Support Engineers - - About – Opens the About window with the Access Analyzer Console’s version and license - information, including License Expiration date, Host Limit, and Licensed Features - -## Button Bar on the Console - -The Button bar provides quick links to various actions and functions in Access Analyzer. - -![Button Bar](/img/product_docs/accessanalyzer/admin/datacollector/buttonbar.webp) - -The options in the Button Bar are: - -| Icon | Icon Description | Name | -| ------------------------------------------------------------------------------------------ | --------------------------- | --------------------------------------------------- | -| ![selectinstantjob](/img/product_docs/accessanalyzer/admin/navigate/selectinstantjob.webp) | Paper with plus sign | Select an Instant Job | -| ![newjob](/img/product_docs/accessanalyzer/admin/navigate/newjob.webp) | Paper with pencil | Create a new job (Ctrl + Alt + A) | -| ![newgroup](/img/product_docs/accessanalyzer/admin/navigate/newgroup.webp) | Folder with plus sign | Create a new group | -| ![newquery](/img/product_docs/accessanalyzer/admin/navigate/newquery.webp) | Puzzle piece with plus sign | Create a new query and add it to the selected table | -| ![addreport](/img/product_docs/accessanalyzer/admin/navigate/addreport.webp) | Graph with plus sign | Add a report | -| ![addquery](/img/product_docs/accessanalyzer/admin/navigate/addquery.webp) | Book with plus sign | Add a query from a library | -| ![cut](/img/product_docs/accessanalyzer/admin/navigate/cut.webp) | Scissors | Cut the selected query to the clipboard (Ctrl + X) | -| ![copy](/img/product_docs/accessanalyzer/admin/navigate/copy.webp) | Duplicate papers | Copy the selected query to the clipboard (Ctrl + C) | -| ![paste](/img/product_docs/accessanalyzer/admin/navigate/paste.webp) | Clipboard with paper | Paste the query from the clipboard (Ctrl + V) | -| ![delete](/img/product_docs/platgovnetsuite/integrations/delete.webp) | Red X | Delete the selected query | - -Select a button for the desired action. diff --git a/docs/accessanalyzer/12.0/administration/overview.md b/docs/accessanalyzer/12.0/administration/overview.md deleted file mode 100644 index 9694bce14d..0000000000 --- a/docs/accessanalyzer/12.0/administration/overview.md +++ /dev/null @@ -1,65 +0,0 @@ -# Administration - -The Access Analyzer application is the power behind the solutions. It has the automation, -management, and integration building blocks that ensure the solutions’ advanced data collection and -analysis deliver meaningful results to an organization’s infrastructure and other technologies. -Users manage and control access to unstructured and structured data, systems, and critical -applications with the application. - -## Data Collectors Overview - -Access Analyzer leverages a wide variety of APIs and protocols to connect to and communicate with -the systems and applications in an organization’s environment. From MAPI to PowerShell, WMI, LDAP, -CIFS, and more. It uses the best, most appropriate data collection methodology for every data -collection task. The majority of Access Analyzer data comes from agentless scans and log collection. -This enables remote collection of thousands of data points across dozens of system and application -types. - -Though Access Analyzer does use applets and kernel-level drivers for certain data collection -requirements, e.g. real-time file level activity monitoring, these agent-based advanced data -collection methods allow the kind of deep rich information, which can usually be obtained only by -substantial manual effort. - -See the [Data Collectors](/docs/accessanalyzer/12.0/data-collection/overview.md) topic for additional information. - -## Analysis Modules Overview - -Access Analyzer employs a series of powerful, yet easy-to-use Analysis Modules which provide -end-users with the ability to perform very simple and sophisticated data analysis routines with -ease: - -- Correlation – Easily correlate data from multiple datasets to create meaningful views -- Policy – Create rules and policies which automatically categorize your data output, i.e. Severity, - Classifications, etc. -- Change – Turn on change detection to see exactly what has changed between time periods -- Trend – See what is happening over time and when thresholds will be met -- Conformance – Create a baseline or designate a “golden” image to see what deviates from the - organization’s desired standards -- Notification – Get alerts based upon any condition within any dataset, with control over how and - how often alerts are generated - -See the [Analysis Modules](/docs/accessanalyzer/12.0/analysis/overview.md) topic for additional information. - -## Action Modules Overview - -The Access Analyzer Action Module framework enables administrators to make bulk changes across -various system and application resources such as File Systems, Exchange Mailboxes, Public Folders, -Distribution Lists, SharePoint sites, and Windows Registry. The Mail and Survey Action Modules work -in conjunction with other Action Modules and datasets to instantiate workflows involving end-users -such as data custodians to obtain answers and verifications. - -See the [Action Modules](/docs/accessanalyzer/12.0/actions/overview.md) topic for additional information. - -## Reporting Overview - -The Access Analyzer custom report authoring engine, dashboards, and open data views provide -information to multiple audiences within an organization, both technical and non-technical. Its -reporting capabilities include a distribution and viewing mechanism allowing reports to be -automatically distributed via email or posted to one or more network locations and/or websites for -simple, secure, and on-demand access to information. The Access Analyzer Report Index provides -access to published Access Analyzer reports through a web-based console, granting access to reports -without requiring access to the Access Analyzer Console. It is accessed through the Stealthbits Web -Console, which is created during the installation of Access Analyzer. The Web Console can also -provide access to the Access Information Center, and other Stealthbits products. - -See the [Reporting](/docs/accessanalyzer/12.0/reporting/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/overview.md b/docs/accessanalyzer/12.0/administration/settings/access/overview.md deleted file mode 100644 index e3b6114d7a..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/overview.md +++ /dev/null @@ -1,22 +0,0 @@ -# Access - -Configure what applications, users, and groups have access to Access Analyzer using the Access node - -![Access Window](/img/product_docs/accessanalyzer/admin/settings/access/access.webp) - -The first type of access that can be granted is Role Based Access for a user or group accessing the -Access Analyzer Console. The second type of access grants access to an application accessing data -remotely through the Web Service using the REST API. See these sections for additional information: - -- [Role Based Access](/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md) -- [Web Service REST API for Applications Accessing Data Remotely](/docs/accessanalyzer/12.0/administration/settings/access/rest-api/overview.md) - -The Access Analyzer vault provides enhanced security through enhanced encryption to various -credentials stored by the Access Analyzer application. See the -[Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for additional information. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Roles view. These buttons -are enabled when modifications are made to the Roles global setting. - -Whenever changes are made at the global level, click **Save** and then **OK** to confirm the -changes. Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/rest-api/assign-app-access.md b/docs/accessanalyzer/12.0/administration/settings/access/rest-api/assign-app-access.md deleted file mode 100644 index 98d7ca8fed..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/rest-api/assign-app-access.md +++ /dev/null @@ -1,58 +0,0 @@ -# Assign Application Access through the Web Service - -An application can be assigned to access data remotely through the Web Service. Follow the steps to -assign roles in the Console. - -![Add Access option on Access page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/addaccess.webp) - -**Step 1 –** Navigate to **Settings** > **Access** and click **Add Access**. The Access Type wizard -opens. - -![Access Type page of the Access Role wizard](/img/product_docs/accessanalyzer/admin/settings/access/restapi/accesstypeapplication.webp) - -**Step 2 –** Select the **An application accessing data remotely through Web Service** option. Click -**Next**. The Application Access window opens. - -![Application Access page of the Access Role Wizard](/img/product_docs/accessanalyzer/admin/settings/access/restapi/applicationaccess.webp) - -**Step 3 –** The Application Access window displays a list of objects available in the database that -are available for access. Select the database objects the application will access and click **Add** -to open the Select database objects window. - -![Select database objects window](/img/product_docs/accessanalyzer/admin/settings/access/restapi/selectdatabaseobjects.webp) - -**Step 4 –** Select the database objects to access and then click **OK** to return to the -Application Access page. - -- Selecting a parent node in the tree automatically selects all children in addition to the parent -- Selecting a child automatically selects the parent -- Deselecting a child when the parent is selected automatically puts the parent into an - indeterminate state -- Selecting any child puts the parent into an intermediate state - -Click Next to proceed. - -**NOTE:** Only select items that the application needs to access. Type in the **Filter objects by -name** box to filter the list of objects by the characters entered. - -![Application Details page of the Access Role Wizard](/img/product_docs/accessanalyzer/admin/settings/access/restapi/applicationdetails.webp) - -**Step 5 –** On the Application Details page, define the name of the application and generate the -app token. - -- Application name – The name of the application accessing that data -- Access Expiration – The expiration for the client secret. Select an option for the desired access - expiration: - - - Access expires within – Select a time frame from the drop-down list. The default is 72 hours. - - Access expires on specified date – Select a date from the drop-down list - -- Generate – Click this button to generate the Client ID and Client secret -- Client ID – Copy the Client ID into the application accessing data remotely through the Web - Service -- Client secret – Copy the Client secret into the application accessing data remotely through the - Web Service - -**Step 6 –** Click **Finish** to confirm the changes. - -The application is added to the table on the Access page. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/rest-api/obtain-token.md b/docs/accessanalyzer/12.0/administration/settings/access/rest-api/obtain-token.md deleted file mode 100644 index 56e49276f2..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/rest-api/obtain-token.md +++ /dev/null @@ -1,60 +0,0 @@ -# Use the Client Credentials Grant to Obtain an Access Token - -An access token is a credential that can be used by an application to access an API. To obtain an -access token, the application accessing data remotely through the Web Service must connect to the -Access Analyzer token endpoint and use the Client ID and Client Secret to authenticate the access -request. This is done using the Client Credentials grant. The Client Credentials grant is used when -applications request an access token to access their own resources, not on behalf of a user. The -following request parameters should be used: - -- `grant_type` (required) – The `grant_type` parameter must be set to `client_credentials` -- `scope` (optional) – Your service may support different scopes for the client credentials grant - -The client must then be authenticated for the request. Typically, the service will allow either -additional request parameters, `client_ID` and `client_secret`, or accept those parameters in the -HTTP Basic auth header. - -The following example shows how to retrieve an access token: - -``` -POST /token HTTP/1.1 -Host: authorization-server.com -grant_type=client_credentials -&client_id=xxxxxxxxxx -&client_secret=xxxxxxxxxx -``` - -**_RECOMMENDED:_** Tokens contain sensitive information and should be stored securely. See the -Microsoft -[ConvertTo-SecureString](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/convertto-securestring?view=powershell-7.4) -article for additional information. - -If the token does not have the ability to perform this request, is invalid, or the specific resource -has been blocked from access remotely, an HTTP status code of 401 is returned. - -If the request for an access token is valid, the authorization server generates an access token and -returns it to the client. The following example shows a successful access token response: - -``` -HTTP/1.1 200 OK -Content-Type: application/json -Cache-Control: no-store -Pragma: no-cache  -{ -  "access_token":"MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3", -  "token_type":"bearer", -  "expires_in":3600, -  "refresh_token":"IwOGYzYTlmM2YxOTQ5MGE3YmNmMDFkNTVk", -  "scope":"create" -} -``` - -See the Okta -[Access Token Response](https://www.oauth.com/oauth2-servers/access-tokens/access-token-response/) -article for additional information on successful and unsuccessful responses to requests for access -tokens. - -The Client Secret expires after 72 hours. The access token expires after 1 hour after which time you -can request a refresh token. See the -[Use the Client Credentials to Grant a Refesh Token](/docs/accessanalyzer/12.0/administration/settings/access/rest-api/refresh-token.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/rest-api/overview.md b/docs/accessanalyzer/12.0/administration/settings/access/rest-api/overview.md deleted file mode 100644 index 2f5c63d902..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/rest-api/overview.md +++ /dev/null @@ -1,21 +0,0 @@ -# Web Service REST API for Applications Accessing Data Remotely - -The Access Analyzer REST API is integrated into the Web Service as an endpoint using an OAuth 2.0 -client credentials grant for authentication and providing the following access role: - -- Read-Only – Read data only - -See the [Use the Client Credentials Grant to Obtain an Access Token](/docs/accessanalyzer/12.0/administration/settings/access/rest-api/obtain-token.md) topic for -additional information. - -The client provides the access token in the HTTP header in the following format: - -``` -GET /api/v1/data/SA_ADInventory_UsersView/rows HTTP/1.1 -Host: accessgovernance.company.com  -Authorization: Bearer N4ahquT7rXuiEEeUiNfKD0TjUq7JB9DS -``` - -See the MDN Web Docs -[The general HTTP authentication framework](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication) -article for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/role-based/assign-roles.md b/docs/accessanalyzer/12.0/administration/settings/access/role-based/assign-roles.md deleted file mode 100644 index 327dbc869a..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/role-based/assign-roles.md +++ /dev/null @@ -1,112 +0,0 @@ -# Assign User to Role Members - -Role Based Access becomes enabled within Access Analyzer as soon as the first role has been assigned -in the Access Role wizard. When saving the first role or set of roles added to the Role Membership -list in the Roles view, the Administrator role must be included for a least one user or an error -message displays. - -**NOTE:** You must have local administrator rights on the Access Analyzer Console server to assign -roles and enable Role Based Access. - -Follow the steps to assign roles in the Access Analyzer Console. - -![Add Access option on the Access page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/addaccess.webp) - -**Step 1 –** On the Access page, click **Add Access**. The Access Type wizard opens. - -![Access Type page of the Access Role wizard](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/accesstypeuser.webp) - -**Step 2 –** Select the **A user or group accessing this console** option. Click **Next**. - -![Console Access page of the Access Role wizard](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) - -**Step 3 –** On the Console Access page, specify a group or user in the **Name** field. Use the -ellipsis (**…**) to browse for accounts with the Select User or Group window. - -- (Optional) To use previously configured MSA and gMSAs for authentication, select the gMSA option - from the Object Types list. See the Microsoft - [Group Managed Service Accounts](https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview) - article for additional information. - - - Change the location to the desired domain and click **Object Types**, then select **Service - Accounts**. - - Add the gMSA name (`gMSAadmin$`), then click **OK**. - - The Member Type will show as `msDS-GroupManagedServiceAccount` on the Access page. - -![Console Access page with user added](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccessfinish.webp) - -**Step 4 –** Select a role for the group or user from the Role list. Click **Finish**. The group or -user and role is added to the Role Membership list in the Roles view. - -**Step 5 –** Repeat Steps 1-4 to assign roles to other groups or users. - -**Step 6 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if -they are not saved. - -Role Based Access is enabled when the first role has been assigned. - -![Error message when Administrator role is not specified](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/noadminerror.webp) - -The first role or set of roles saved must include the Administrator role. Clicking **Save** for the -first role or set or roles without including the Administrator generates an error message in the -Access Analyzer Console. - -When Role Based Access is first enabled, restart the Access Analyzer application to ensure all roles -are properly active. When saving roles for the first time, an NEAUsers local group is created on the -Access Analyzer Console server with permissions to the Access Analyzer application directory. When -users are assigned roles, they are added to this NEAUsers group to give them the necessary -permissions. This allows roles to be leveraged without requiring local Administrator rights. - -**NOTE:** The Web Administrator and Report Viewer roles do not require access to the Access Analyzer -console, so users assigned these roles are not added to the NEAUsers group. - -![NEAUsers group](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/neausersgroup.webp) - -There are two separate sets of permissions: - -- Applies to **This folder only** -- Applies to **Subfolders and files only** - -## Edit Role Members' Responsibilities - -Follow the steps to edit a Access Analyzer user’s role. - -![Edit Member Role](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/editmemberrole.webp) - -**Step 1 –** On the Access page, select the desired user and click **Edit Member Role**. - -![Edit Console Access wizard page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccessedit.webp) - -**Step 2 –** Select a new role for the user from the Roles list. - -**Step 3 –** Click **Finish**. The role is updated on the Access page. - -**Step 4 –** Repeat Steps 1-3 to edit other users’ roles. - -**Step 5 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if -they are not saved. - -The changed roles take affect the next time the users logs into the Access Analyzer application. If -a user is actively logged into Access Analyzer at the same time the role for that user is changed, -then the user needs to exit and re-launch the application for the role to take effect. - -## Delete Role Member - -Follow the steps to delete a user from having access to the Access Analyzer Console. - -![Delete Role Member](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/deleterolemember.webp) - -**Step 1 –** On the Access page, select the desired user and click **Delete Role Member**. The -selected user will be removed from the list. - -**NOTE:** No confirmation will be requested. However the changes will not be finalized until Step 3 -is completed. - -**Step 2 –** Repeat Step 1 to remove other users as desired. - -**Step 3 –** Click **Save** and then **OK** to confirm the deletions. The users will not be deleted -if the changes are not saved. - -The deleted users will no longer be able to log into the Access Analyzer application. If a user is -actively logged into Access Analyzer at the same time of the deletion, the user will need to exit -the application for the deletion to take effect. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/role-based/configure-roles.md b/docs/accessanalyzer/12.0/administration/settings/access/role-based/configure-roles.md deleted file mode 100644 index 97d3dbde6d..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/role-based/configure-roles.md +++ /dev/null @@ -1,150 +0,0 @@ -# Configuring Roles - -To ensure a least privilege access model, roles need to be configured within both the Access -Analyzer Console for folder rights and SQL Management Studio for database access rights. - -This is a three-part process: - -- Configure the Access Analyzer Installation Account -- Configure Roles in SQL Management Studio - - - Create SQL Server Database Roles - - Assign Users to SQL Roles - -- Assign User Roles in the Access Analyzer Console - - - Edit Role Members’ Responsibilities - - Delete Role Members - -**NOTE:** This configuration process is not required if only using Role Based Access to secure -Published Reports. See the [Securing Published Reports Only](/docs/accessanalyzer/12.0/administration/settings/access/role-based/secure-reports.md) topic for additional -information. - -## Configure the Installation Account - -The Access Analyzer Installation Account is used both to perform the initial installation of Access -Analyzer and to change Storage Profile settings. It needs additional rights in order to query -objects in the master database. This is only necessary so the user can enumerate the available -databases to choose from when configuring the Access Analyzer Storage Profile. - -The following script can be executed to give these necessary rights only to the account performing -the initial installation of Access Analyzer and any changes to the database where Access Analyzer -writes data: - -``` ---Create a login for the user if one does not already exist -IF NOT EXISTS (SELECT *FROM sys.server_principals WHERE [name] = '\') -BEGIN -    create login [\] from windows -END -GO ---Grant that user rights to query the master database to get a list of all database objects -USE [master] -GRANT VIEW ANY DEFINITION TO [\] -GRANT CREATE DATABASE TO [\] -GO -``` - -## Configure Roles in SQL Management Studio - -It is necessary to provision rights to the SQL Server database so the Access Analyzer application -rights and database access rights are consistent and provide the minimum rights necessary to support -the Access Analyzer roles. This approach involves creating custom database roles which will be -assigned rights and privileges. Then, individual domain user accounts must be assigned to these -roles. - -**NOTE:** For any SQL Server version prior to 2012, Windows groups cannot be used because SQL Server -does not allow the assignment of default schemas to Windows groups. Access Analyzer requires the -default schema of [dbo] to function properly. - -### Create SQL Server Database Roles - -To create the roles within the SQL Server database, run the following script. - -![Query Window](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqlcreateroles.webp) - -Be sure to set the context of this query to the Access Analyzer database by selecting the right -database from the drop-down window. Alternatively, prefix the script with a -`USE [Access Analyzer DATABASE NAME]` clause. - -``` ---create SMP Viewer role -CREATE ROLE SMP_Viewer  ---grant role permissions at the schema level -GRANT SELECT -ON SCHEMA::dbo -TO SMP_Viewer -Go  ---create SMP Builder role -CREATE ROLE SMP_Builder  ---grant role permissions at the schema level -GRANT SELECT,INSERT,DELETE -ON SCHEMA::dbo -TO SMP_Builder -Go  ---grant additional creation rights -GRANT CREATE TABLE TO [SMP_Builder] -GO  ---create SMP Admin role -CREATE ROLE SMP_Admin  ---grant role permissions at the schema level -GRANT ALTER,EXECUTE,INSERT,UPDATE,REFERENCES -ON SCHEMA::dbo -TO SMP_Admin -Go  ---grant additional creation rights -GRANT CREATE TABLE TO [SMP_Admin] -GO -GRANT CREATE VIEW TO [SMP_Admin] -GO -GRANT CREATE PROCEDURE TO [SMP_Admin] -GO -GRANT CREATE FUNCTION TO [SMP_Admin] -GO -GRANT CREATE TYPE TO [SMP_Admin] -GO - -``` - -Once the script has been successfully executed, assign domain users to these database roles. - -### Assigning Users to SQL Roles - -Now that the SQL Server database roles have been created the next step is to assign domain users to -those roles. This can be done interactively in SQL Management Studio. Follow the steps to assign -users to SQL Server database roles. - -**Step 1 –** Connect to the Access Analyzer database through SQL Management Studio. - -![Database Roles](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqldatabaseroles.webp) - -**Step 2 –** Validate that the roles have been properly created by navigating to **Security** > -**Roles** > **Database Roles**. The three new roles should be visible: - -- SMP_Admin -- SMP_Builder -- SMP_Viewer - -| | | -| --------------------------------------------------------------------------------------------------------- | --- | -| ![New User Option](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqlusersnewuser.webp) | - -**Step 3 –** After confirmation of role creation, the next step is to map users to these roles. -Right-click on the **Security** > **Users** node and select **New User**. - -![Database User Window](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqluserwindow.webp) - -**Step 4 –** Enter the user information in the dialog as follows: - -- User Name – Display name given to the user which is shown under the user’s folder. - - **_RECOMMENDED:_** Use a descriptive name. - -- Login name – Qualified domain name of the user: `[DOMAIN]\[Username]` -- Default Schema – Should be set to `dbo` -- Database role membership – Should be set to the appropriate role for this user. See the - [Role Definitions](/docs/accessanalyzer/12.0/administration/settings/access/role-based/role-definitions.md) topic for more information. - -When all of the users have been assigned to the appropriate SQL Server database roles, complete the -process by assigning users to roles within the Access Analyzer Console. See the -[Assign User to Role Members](/docs/accessanalyzer/12.0/administration/settings/access/role-based/assign-roles.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/role-based/event-log.md b/docs/accessanalyzer/12.0/administration/settings/access/role-based/event-log.md deleted file mode 100644 index f0963daefe..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/role-based/event-log.md +++ /dev/null @@ -1,24 +0,0 @@ -# Roles and the Event Log - -The Access Analyzer Event Log includes a list of the following activities related to Role Based -Access. The logged activities include information regarding the user who initiated the activity and -their corresponding role: - -- Job Query Modifications -- Host List Modifications -- All Global Settings Modifications - - - Connection Profiles - - Role Based Access - - All other settings found in Settings node - -- Job and Group Properties/Settings -- Job Schedules -- Job Deletions -- Job Creations -- Job Moves in the Jobs tree -- Job/Group Executions -- Access Analyzer Console launches and exits - -See the [Application Maintenance and Best Practices](/docs/accessanalyzer/12.0/administration/maintenance/overview.md) topic for -additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/role-based/faq.md b/docs/accessanalyzer/12.0/administration/settings/access/role-based/faq.md deleted file mode 100644 index b675076665..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/role-based/faq.md +++ /dev/null @@ -1,87 +0,0 @@ -# Role Based Access: FAQ - -This topic lists some commonly asked questions about Role Based Access functionality in Access -Analyzer. - -How do locked jobs affect the role functionality? - -A lock on a job represents the approval by the Job Approver, and is therefore deemed acceptable to -execute. Once a job is locked, Job Builders can no longer modify the job configuration. Furthermore, -only locked jobs can be run. Therefore, the Job Initiator can only run or schedule jobs which have -already been locked. - -**NOTE:** Locked jobs do not affect the functionality of the Administrator role. See the -[Role Definitions](/docs/accessanalyzer/12.0/administration/settings/access/role-based/role-definitions.md) topic for more information. - -How can I make sure that a lock on a job will not get tampered with through the associated XML file? - -The Scheduling Service Account provides limited rights for the Job Approver. Previously, the Job -Approver required permissions on the Jobs folder in order to apply the lock to a job. Now, the -credentials specified in the Scheduling Service Account will be used to apply the locks. Therefore, -the Job Approver no longer needs access to the Jobs folder and cannot manually remove or tamper with -the associated XML file. - -**NOTE:** If using a Job Initiator’s credentials for a Schedule Service Account, all jobs must be -locked in order for them to be executed. See the [Role Definitions](/docs/accessanalyzer/12.0/administration/settings/access/role-based/role-definitions.md) and -[Roles & the Schedule Service Account](/docs/accessanalyzer/12.0/administration/settings/access/role-based/schedule-service-account.md) topics for more information. - -Why can the Host Management Administrator not manage settings for the Host Discovery and Host -Inventory nodes under Settings? - -The Host Management Administrator role is designed specifically to access the Host Management node. -Therefore, this role does not grant access to the global settings menu under the Settings node. - -**NOTE:** In order to access this node, the user must have either the Administrator or the Global -Options Administrator role. See the [Role Definitions](/docs/accessanalyzer/12.0/administration/settings/access/role-based/role-definitions.md) topic for more -information. - -What rights do I need to give the user on the local machine in order to use Access Analyzer? - -Enabling Role Based Access removes the necessity to explicitly provide users rights on the Access -Analyzer folder structure. Instead, when the Administrator role is first assigned and Role Based -Access is enabled, a new local group called NEAUsers is created on Access Analyzer Console server. -This NEAUsers group is given the necessary permissions on the Access Analyzer application directory. -When a user is assigned a role, they are added to the NEAUsers group to give them the necessary -access to Access Analyzer. - -See the [Assign User to Role Members](/docs/accessanalyzer/12.0/administration/settings/access/role-based/assign-roles.md) topic for additional information. - -When a user’s role is changed, when does the new role take affect? - -If a user’s role has been altered while they are in an active Access Analyzer session, the user must -exit the Access Analyzer Console and re-open the application for the new role to take effect. This -is also true if a user has been given an additional role or removed from role membership. The -capabilities of the new role will not come into effect until the Access Analyzer application has -been restarted. - -**NOTE:** See the -[Edit Role Members' Responsibilities](/docs/accessanalyzer/12.0/administration/settings/access/role-based/assign-roles.md#edit-role-members-responsibilities) and -[Delete Role Member](/docs/accessanalyzer/12.0/administration/settings/access/role-based/assign-roles.md#delete-role-member) topics for more information. - -I locked a job, but when going back to it, it appears to be unlocked. Why? - -A locked job signifies that the job has been approved for execution and should not be modified. If a -job is modified in any way, the lock is immediately removed. Although most roles should not be able -to modify locked jobs, the Administrator role can. This role is not governed by the limitations of -Role Based Access. Thus, if a locked job is modified by an Administrator, the job will become -unlocked. This event will be logged as a job-change related event by Administrator in the Access -Analyzer Event Log. - -**NOTE:** If using a Job Initiator’s credentials for the Schedule Service Account, all jobs must be -locked in order for them to execute. See the [Role Definitions](/docs/accessanalyzer/12.0/administration/settings/access/role-based/role-definitions.md), -[Workflow with Role Based Access Enabled](/docs/accessanalyzer/12.0/administration/settings/access/role-based/workflow.md), and [Roles and the Event Log](/docs/accessanalyzer/12.0/administration/settings/access/role-based/event-log.md) -topics for more information. - -What should be the group type when assigning Role Based Access to an AD group in a multi-domain -environment? - -When assigning an Role Based Access to an AD group, it is important to consider the domain -relationship between the AD group and the Access Analyzer server. - -If the Access Analyzer server and the AD group are in different domains then the AD group must be a -universal group. If the group type is not universal then it will result in the RBA being unable to -access the user's group membership and the user who is a member of that AD group will be unable to -view any reports. - -However, if both the Access Analyzer server and the AD group are in the same domain, the AD group -can be either a local group, global group, or universal group. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md b/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md deleted file mode 100644 index 67ff242704..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md +++ /dev/null @@ -1,41 +0,0 @@ -# Role Based Access - -Role Based Access allows Access Analyzer users to not have local Administrator rights on the console -server. This is done through the creation of different roles which cover all aspects of the Access -Analyzer work flow introduced by enabling Role Based Access. These roles can be leveraged without -such elevated rights. Responsibilities within the Access Analyzer Console have been divided among -these roles. - -Role Based Access also allows users to secure published reports when accessed through the Web -Console. This is done by first enabling Role Based Access and then by assigning users/groups as -viewers to the reports to which they should have access. - -Report security through Role Based Access can be applied without implementing a least privileged -access model to the Access Analyzer Console. See the -[Securing Published Reports Only](/docs/accessanalyzer/12.0/administration/settings/access/role-based/secure-reports.md) topic for additional information. - -**NOTE:** The least privileged access model to the Access Analyzer Console does not work in -conjunction with the Exchange Solution. Role Based Access can be enabled, but the Administrator role -is required to run the Exchange Solution jobs. - -**CAUTION:** Please use caution when enabling Role Based Access, as it is a very powerful tool -within the console designed to be difficult to disable once activated. If Role Based Access is -enabled by accident, please contact [Netwrix Support](https://www.netwrix.com/support.html) for -assistance in disabling it. - -The account used to perform the initial Access Analyzer installation, as well as to change Storage -Profile settings after installation, require additional rights in order to query objects in the -master database. See the -[Configure the Installation Account](/docs/accessanalyzer/12.0/administration/settings/access/role-based/configure-roles.md#configure-the-installation-account) topic for -additional information on this account. - -To enable Role Based Access within Access Analyzer, corresponding roles must first be created within -SQL Management Studio. Then Access Analyzer users must be assigned roles both in SQL Management -Studio and in Access Analyzer. - -The first Access Analyzer user assigned a role must be an Administrator. Assigning this first user -role officially enables Role Based Access within Access Analyzer. When Role Based access is first -enabled, an NEAUsers local group is created on the Access Analyzer server with the required -permissions to the Access Analyzer application directory. When a user is assigned a role, they are -added to the NEAUsers group to give them the necessary access. See the -[Assign User to Role Members](/docs/accessanalyzer/12.0/administration/settings/access/role-based/assign-roles.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/role-based/role-definitions.md b/docs/accessanalyzer/12.0/administration/settings/access/role-based/role-definitions.md deleted file mode 100644 index 9e8012307f..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/role-based/role-definitions.md +++ /dev/null @@ -1,232 +0,0 @@ -# Role Definitions - -The following is a list of all roles leveraged within Access Analyzer once Role Based Access is -enabled, including their intended functionality. A user may have more than one role assigned to -them. - -**NOTE:** When a job is moved or copied to a separate job group, it inherits the assigned roles at -the parent and global level from the new job group. Any previous role inheritance is overwritten. - -- OS Administrator – Used only for installation purposes - - - This is not not a configured role, but rather the access required during installation - -- Administrator – At least one must be set before any other roles are assigned - - - Full functionality from all roles within the Access Analyzer Console - - Rights to view all reports, tags, and report permissions within the Web Console - - Rights to preform an upgrade on Access Analyzer - -**NOTE:** In order to use Role Base Access with the Exchange Solution, all Exchange users must be -assigned the Administrator role. This is because the solution requires local Administrator rights on -the Access Analyzer Console server. - -- Power User - - - Rights to add, modify, and delete global settings, except for the **Setting** > **Access** - node - - Not able to view or modify Roles at the global level - - Has rights to add and break inheritance on report viewers at the job group, job, and report - configuration levels - - Rights to modify host management settings as well as run host inventory queries - - Rights to create, modify, and delete jobs as well as view the results of a job. They need to - be able to manage all configuration settings related to those jobs. - - Rights to view previously configured jobs and approve them to be run. They are also able to - view the results of a job. - - Rights to run jobs which have been approved, as well as disable or enable jobs and job groups - - Rights to view all reports, tags, and report permissions within the Web Console - -- Access Administrator - - - Rights to add, modify, and delete global roles except for own roles. This is to restrict - Access Administrators from stepping outside intended rights. - - Not able to view or modify report roles at any other level - - Rights to view report Tags within the Web Console but not report content or permissions - -- Global Options Administrator - - - Able to modify global settings, except for the **Setting** > **Access** node - - The Exchange node is the exception due to its requirements. Therefore, this node cannot be - modified by the Global Options Administrator. - - Rights to view report Tags within the Web Console but not report content or permissions - -- Host Management Administrator - - - Rights to modify host management settings as well as run host inventory queries - - Rights to view report Tags within the Web Console but not report content or permissions - -- Job Builder - - - Rights to create, modify, and delete jobs as well as view the results of a job. They need to - be able to manage all configuration settings related to those jobs. - - Rights to view or modify report viewers at the job group, job, and report levels but not the - global level - - Rights to view all reports and tags within the Web Console but not the report permissions - -- Job Approver - - - Rights to view previously configured jobs and approve them to be run. They are also able to - view the results of a job. - - Rights to view all reports and tags within the Web Console but not the report permissions - -- Job Initiator - - - Rights to start jobs which have been approved as well as view the results of a job - - Rights to disable and enable job and job groups - - Rights to view all reports and tags within the Web Console but not the report permissions - -- Job Initiator (No Actions) - - - Rights to start jobs which have been approved as long as there are no configured Actions in - the job. They are also able to view the results of a job. - - Rights to disable and enable job and job groups - - Rights to view all reports and tags within the Web Console but not the report permissions - -- Job Viewer - - - Only able to view the results of a job - - Rights to view all reports and tags within the Web Console but not the report permissions - -- Web Administrator - - - Not able to access the Access Analyzer Console - - Rights to view all reports, tags, and report permissions within the Web Console - -- Report Viewer - - - Not able to access the Access Analyzer Console - - Only able to view reports and tags within the Web Console but not the report permissions - - Access to reports is restricted according to where the Report Viewer role is assigned: - - - Assigned at the Global level (**Settings** > **Roles**) – Able to view all published - reports - - Assigned at the Job Group level (**Jobs** > **[Job Group]** > **Settings**  > - **Reporting**) – Able to view all reports published by the jobs within this job group - - Assigned at the Job level (**Jobs** > **[Job Group]** > **[Job]** > **Job Properties** > - **Report Roles** tab) – Able to view all reports published by this job - - Assigned at the Report configuration level (**Jobs** >**[Job Group]** >**[Job]** > - **Configure** > **Reports**> **Configure** > **Publish Security** page) – Able to view - only this report - -By default, many roles are granted rights to view all reports and report content. The inheritance of -the Report Viewer role can be broken at the job group, job, or report configuration levels. See the -[Report Viewer Inheritance](#report-viewer-inheritance) topic for additional information. - -## Access Analyzer Console Roles & Rights - -These tables show the rights granted to different user levels to the Access Analyzer Console. - -### Administrators - -This table identifies the rights granted to administrative users to the Access Analyzer Console. - -| Action | Administrator | Global Options Administrator | Access Administrator | Host Management Administrator | OS Administrator | -| ----------------------------------------------------------------------------------------------------------------------------------- | ------------- | ---------------------------- | -------------------- | ----------------------------- | ---------------- | -| View Reports within the Web Console | Yes | No | No | No | No | -| View Report Tags within the Web Console | Yes | Yes | Yes | Yes | No | -| View Report Permissions within the Web Console | Yes | No | No | No | No | -| Access the Access Analyzer Console (after Role Based Access is enabled) | Yes | Yes | Yes | Yes | No | -| Read All Configuration Logs | Yes | Yes | Yes | Yes | No | -| Manage / Edit Access Roles | Yes | No | Yes | No | No | -| Manage Global Settings (includes Connection Profiles) | Yes | Yes | No | No | No | -| Manage / Edit Hosts in Job | Yes | No | No | No | No | -| Manage / Edit Job Definitions | Yes | No | No | No | No | -| Run Jobs | Yes | No | No | No | No | -| Manage / Edit Job Schedules | Yes | No | No | No | No | -| Manage Host Management Settings (includes scheduling and running of host discovery, but not host related nodes in Global  Settings) | Yes | No | No | Yes | No | -| Lock / Unlock Jobs | Yes | No | No | No | No | -| Enable/Disable Jobs | Yes | No | No | No | No | -| Install / Uninstall Data Collectors (or other tool components) | Yes | No | No | No | Yes | -| Upgrade Access Analyzer Console | Yes | No | No | No | No | - -### Users - -This table identifies the rights granted to users who have access to the Access Analyzer Console. - -| Action | Power User | Job Builder | Job Approver | Job Initiator | Job Initiator (No Actions) | Job Viewer | -| ---------------------------------------------------------------------------------------------------------------------------------- | ---------- | ----------- | ------------ | ------------- | -------------------------- | ---------- | -| View Reports within the Web Console | Yes | Yes | Yes | Yes | Yes | Yes | -| View Report Tags within the Web Console | Yes | Yes | Yes | Yes | Yes | Yes | -| View Report Permissions within the Web Console | Yes | No | No | No | No | No | -| Access the Access Analyzer Console (after Role Based Access is enabled) | Yes | Yes | Yes | Yes | Yes | Yes | -| Read All Configuration Logs | Yes | Yes | Yes | Yes | Yes | Yes | -| Manage / Edit Access Roles | No | No | No | No | No | No | -| Manage Global Settings (includes Connection Profiles) | Yes | No | No | No | No | No | -| Manage / Edit Hosts in Job | Yes | Yes\* | No | No | No | No | -| Manage / Edit Job Definitions | Yes | Yes\* | No | No | No | No | -| Run Jobs | Yes | No | No | Yes\*\* | Yes\*\*\* | No | -| Manage / Edit Job Schedules | Yes | No | No | Yes\*\* | Yes\*\*\* | No | -| Manage Host Management Settings (includes scheduling and running of host discovery, but not host related nodes in Global Settings) | Yes | No | No | No | No | No | -| Lock / Unlock Jobs | Yes | No | Yes | No | No | No | -| Enable/Disable Jobs | Yes | No | No | Yes | Yes | No | -| Install / Uninstall Data Collectors (or other tool components) | Yes | No | No | No | No | No | -| Upgrade Access Analyzer Console | No | No | No | No | No | No | - -\*When jobs are unlocked - -\*\*When jobs are locked - -\*\*\*When jobs are locked and have no actions - -## Web Console Roles & Rights - -This table identifies the rights granted to users who have access only to the Web Console. - -| Action | Web Administrator | Report Viewer | -| ---------------------------------------------- | ----------------- | ------------- | -| View Reports within the Web Console | Yes | Yes\* | -| View Report Tags within the Web Console | Yes | Yes\* | -| View Report Permissions within the Web Console | Yes | No | - -\*According to where the role is assigned - -## SQL Server Database Roles & Rights - -This table describes the roles that will be created within the SQL Server database and what rights -they will have to the Access Analyzer database. It also describes which Access Analyzer roles they -are mapped to. - -| Database Role(s) | Access Analyzer Role | Rights | Role Description | -| --------------------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SMP Administrator db_datareader db_datawriter | Administrator Job Initiator Job Initiator (No Actions) | On the dbo schema: ALTER, EXECUTE, INSERT, UPDATE, REFERENCES On the Access Analyzer database: CREATE TABLE, CREATE VIEW, CREATE PROCEDURE, CREATE FUNCTION, CREATE TYPE | This role is used by full Administrators and Job Initiators who must run the 2-FSAA Bulk Import Job which requires manipulation of the Access Analyzer database | -| SMP Builder | Job Builder Host Management Administrator | On the dbo schema: ELECT, INSERT, DELETE On the Access Analyzer database: CREATE TABLE | This role is used by the Job Builder who must be able to create/delete tables, view data, and insert and delete hosts from the Access Analyzer Console | -| SMP Viewer | Job Viewer Access Administrator Job Approver All other roles | On the dbo schema: SELECT | This role is used by all roles who do not require anything more than just reading data and information from the database | - -## Report Viewer Inheritance - -When Role-Based Access is enabled, users assigned the following roles inherit rights to view all -reports and their content: - -- Administrator role -- Power User role -- Job Builder role -- Job Approver role -- Job Initiator role -- Job Initiator (No Actions) role -- Job Viewer -- Web Administrator - -Additional users can be assigned the Report Viewer role at the global, job group, job, or report -configuration levels. These rights are inherited down through child objects. However, the Report -Viewer role inheritance can be broken at any level. Break inheritance to remove the right to view -specific reports at: - -- Job Group level – **[Job Group]** >**Settings** > **Reporting** node -- Job level – **[Job]** > **Properties** >**Report Roles** tab -- Report Configuration level – **[Job]** > **Configure** > **Reports** node. Click **Configure** - next to the report, and navigate to the Publish Security page of the Report Configuration wizard. - See the [Publish Security Page](/docs/accessanalyzer/12.0/reporting/wizard/publish-security.md) topic for additional - information. - -| ![Job Group Level](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/reportviewerreport.webp) | -| ------------------------------------------------------------------------------------------------------------ | --------- | -------------------------- | -| Job Group Level | Job Level | Report Configuration Level | - -There are two options that control inheritance for Report Viewers when selected: - -- Include Report Viewers from this object’s parent – Automatically removes any user with the Report - Viewer role inherited from a parent object at the lower levels -- Set all the child objects to inherit these settings – Only available at the Job Group level. Sets - all Jobs and Reports to inherit group settings for all child objects by automatically selecting - the **Include Report Viewers from this object’s parent** option. Any previous configurations are - overwritten once **Yes** is selected in the confirmation window. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/role-based/schedule-service-account.md b/docs/accessanalyzer/12.0/administration/settings/access/role-based/schedule-service-account.md deleted file mode 100644 index f3ed30150d..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/role-based/schedule-service-account.md +++ /dev/null @@ -1,65 +0,0 @@ -# Roles & the Schedule Service Account - -Once Role-Based Access is enabled, a user or group with the appropriate access role has the ability -to schedule a job or job group as a Schedule Service Account at the **Settings** > **Schedule** -node. Multiple accounts can be added as needed. - -Who Configures This Account? - -- Administrator role -- Power User role -- Global Options Administrator role - -Whose Credentials Should Be Used as the Schedule Service Account? - -- A user with either: - - - Administrator role - - Power User role - - Job Initiator role - -**NOTE:** In order to run or schedule a Host Inventory query, the Schedule Service Account must have -an Administrator, Power User, or Host Management Administrator role. Therefore, if the account has -the Job Initiator role assigned, it must have the Host Management Administrator role as well. - -The Schedule Service Account is used to access the Task folders when scheduling tasks and to apply -locks on jobs. - -- Schedule Tasks - - - In order to have the appropriate level of rights to schedule tasks, the credentials specified - must at least have the following: - - - Create Files/Write Data rights on the Windows Task Folder - - Create Files/Write Data rights on the System 32 Task folder - - Otherwise, they should have local Administrator privileges on the Access Analyzer Console - server - - - The user whose credentials are specified must also have a role that allows the scheduling of - tasks – Administrator, Power User, or Job Initiator - -- Apply Locks - - **NOTE:** If the Access Analyzer user whose credentials are used has the role of Job Initiator, - the job must be locked in order for it to execute successfully. - - - These credentials are used to apply locks on jobs, enabling the Job Approver to have fewer - rights on the Jobs directory. Therefore, the credentials specified must at least have the - following: - - - Modify rights on this directory - - Otherwise, these credentials should have local Administrator privileges on the Access - Analyzer Console server - - - The Job Approver uses these credentials to apply locks. Therefore, the Job Approver must be - added to the local policy **Impersonate a client after Authentication**. - -Do not choose the **Use local System account to schedule tasks** option. This account does not have -the appropriate rights to apply locks on jobs. Therefore, it does not work in conjunction with Role -Based Access. - -See the [Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) topic for additional instructions on configuring the Schedule -Service Account. - -_Remember,_ these credentials must be for a user with local Administrator privileges or rights to -the Windows Task Folder and the System 32 Task folder on the Access Analyzer Console server. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/role-based/secure-reports.md b/docs/accessanalyzer/12.0/administration/settings/access/role-based/secure-reports.md deleted file mode 100644 index 28998e123e..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/role-based/secure-reports.md +++ /dev/null @@ -1,67 +0,0 @@ -# Securing Published Reports Only - -In order to secure published reports through the Web Console, it is necessary to enable Role Based -Access within the Access Analyzer Console. If that is the only reason the Role Based Access feature -is being enabled, ensure the following requirements are met: - -- Administrator role assigned to all Access Analyzer Console users - - - Anyone not assigned an Administrator role are unable to access the Access Analyzer Console - after Role Based Access is enabled - -- Web Administrator role assigned to individuals who should have access to all reports, tags, and - report permissions but not the Access Analyzer Console -- Report Viewer assigned to individuals who should have access to reports and tags but not report - permissions or the Access Analyzer Console - - - Global Level Assignment – Access to all reports - - Job Group Level Assignment – Access to reports published by jobs within the job group - - Job Level Assignment – Access to reports published by the job - - Report Configuration Level Assignment – Access to the specific report - -Follow the steps to assign roles at the global level. - -**Step 1 –** Navigate to the **Settings** > **Access** node. - -![Add Access option on the Access page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/addaccess.webp) - -**Step 2 –** On the Access page, click **Add Access**. The Access Type wizard opens. - -![Access Type page of the Access Role wizard](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/accesstypeuser.webp) - -**Step 3 –** Select the **A user or group accessing this console** option. Click **Next**. - -![Console Access page of the Access Role wizard](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) - -**Step 4 –** On the Console Access page, specify a group or user in the **Name** field. Use the -ellipsis (**…**) to browse for accounts with the Select User or Group window. - -![Console Access page with user added](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccessfinish.webp) - -**Step 5 –** Select a role for the group or user from the Role list. Click **Finish**. The group or -user and role is added to the Role Membership list in the Roles view. - -**CAUTION:** The first role or set of roles saved must include the Administrator role. Clicking Save -for the first role or set or roles without including the Administrator generates an error message in -the Access Analyzer Console. - -**Step 6 –** Repeat Steps 2-4 to assign the Administrator, Web Administrator, and Report Viewer -roles to other groups or users. - -**Step 7 –** Click **Save** and then **OK** to confirm the changes. All applied roles are lost if -they are not saved. - -Role Based Access is enabled when the first role has been assigned. - -![Error message when Administrator role is not specified](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/noadminerror.webp) - -The first role or set of roles saved must include the Administrator role. Clicking **Save** for the -first role or set or roles without including the Administrator generates an error message in the -Access Analyzer Console. - -When Role Based Access is first enabled, restart the Access Analyzer application to ensure all roles -are properly active. The Report Viewer role can be assigned at the job group, job, and report -configuration levels. See the [Reporting Node](/docs/accessanalyzer/12.0/administration/job-management/group/reporting.md), -[Report Roles Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-roles.md), and -[Publish Security Page](/docs/accessanalyzer/12.0/reporting/wizard/publish-security.md) topics for additional -information. diff --git a/docs/accessanalyzer/12.0/administration/settings/access/role-based/workflow.md b/docs/accessanalyzer/12.0/administration/settings/access/role-based/workflow.md deleted file mode 100644 index 5a677c146e..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/access/role-based/workflow.md +++ /dev/null @@ -1,73 +0,0 @@ -# Workflow with Role Based Access Enabled - -The following workflow summarizes the necessary steps involved to deploy a job once Role Based -Access is enabled and roles have been assigned. - -**Step 1 –** The Job Builder creates and configures a Access Analyzer job - -**Step 2 –** The Job Approver reviews a new or edited job’s configuration, and either approves or -rejects it - -![Lock Job option in right-click menu](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/lockjob.webp) - -- If a job is approved, then a lock needs to be applied by right-clicking the job title in the Jobs - tree and selecting **Lock Job** -- If a job is rejected, then the job remains unlocked -- If the **Lock Job** option is visible, then the job has not yet been approved -- If the **Lock Job** option is not visible, then the job has been approved - -![Unlock Job option in right-click menu](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/unlockjob.webp) - -**Step 3 –** The Job Initiator can choose to run the job directly through the Access Analyzer -Console or schedule it to run with the Schedule Service Account. This user will know the job was -approved by the grayed-out **Unlock Job** option in the right-click menu. - -- Job Initiator/Job Initiator (No Actions) – The Job Initiator can only execute locked job. - - - For the Job Initiator (No Actions) role, the user is unable to execute a job which contains - configured actions, even if it is approved and locked - - Both roles can enable and disable job groups and jobs regardless of whether or not they are - locked. Disabled jobs are grayed out with a red x next to it and are not executed with the job - group. When applied at the job group level, all nested jobs are disabled and do not run. - However, any new job added to that group is enabled by default. - - **NOTE:** The Job initiator can also publish the reports already generated by the job. - -- Publish – To publish reports which have already been generated to the Web Console - - - See the [Report Settings Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-settings.md) topic for - additional information - -![Report under the Results Node in the Jobs Tree](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/reportjobstree.webp) - -**Step 4 –** After a job has been successfully run, the **Job Viewer** can now view the results of -the job under the job’s Status and Results node, or in the Web Console. See the -[Viewing Generated Reports](/docs/accessanalyzer/12.0/reporting/view.md) topic for additional information. - -**NOTE:** The Job Builder, Job Approver, and Job Initiator may also view these results within the -Access Analyzer Console. Additionally, users with these roles can view reports within the Web -Console. - -## Other Console Roles - -Any modifications needed in the Settings or Host Management nodes must be done by the corresponding -administrator role (Global Options Administrator, Access Administrator, or Host Management -Administrator). These roles can be used in conjunction with any other role (for example, a user can -be a Job Builder and Global Options Administrator in order to build jobs and manage corresponding -Connection Profiles). - -### Web Administrator - -The Web Administrator can view all reports within the Web Console. - -In addition to viewing report content, Web Administrators can view tags and report permissions. - -_Remember,_ a user with only the Web Administrator role is unable to access the Access Analyzer -Console. - -### Report Viewer - -The Report Viewer can view reports within the Web Console according to where the user’s role was -assigned: global, job group, job, or report configuration. - -_Remember,_ a user with only the Report Viewer role is unable to access the Access Analyzer Console. diff --git a/docs/accessanalyzer/12.0/administration/settings/application/overview.md b/docs/accessanalyzer/12.0/administration/settings/application/overview.md deleted file mode 100644 index 7d6c8e5737..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/application/overview.md +++ /dev/null @@ -1,161 +0,0 @@ -# Application - -The **Application** node is for configuring general settings which affect the way the Access -Analyzer Console functions. - -![Application](/img/product_docs/accessanalyzer/admin/settings/application/application.webp) - -Application Log - -The Access Analyzer Application Log section determines what information is stored in the Access -Analyzer application log. - -![Application Log](/img/product_docs/accessanalyzer/admin/settings/application/applicationlog.webp) - -The Application log level controls the types of messages generated for each job and the application. -It can be modified at the job level in the **Job Properties** window. See the -[General Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/general.md) topic for additional information. Options -available in the Application log level drop-down menu include: - -- Debug – Records everything that happens during job execution, most verbose level of logging - - - Records all Info level information - - Records everything else that happens - - Creates the largest file - -- Info – Records information about what stage of the job is being performed when errors or warnings - occurred - - - Records all Warning level information - - Records job progress information - -- Warning – Records all warnings which occur during job execution - - - Records all Error level information - - Records all warnings and the time of occurrence - -- Error – Records all errors which occur during job execution - - - Records job start time - - Records errors and the time of occurrence - - Records job completion time - -**_RECOMMENDED:_** Set the log level to **Warning**. - -The other log levels are designed to assist with troubleshooting job execution issues. The Debug -level is only recommended when experiencing problems. After the problem is fixed or the Application -log has been sent to [Netwrix Support](https://www.netwrix.com/support.html), reduce the logging -level to **Warning** or **Info**. - -Profile Security - -The Profile Security section provides the option to enable an enhanced method of encryption to -various credentials stored by the Access Analyzer application. - -![Profile Security](/img/product_docs/accessanalyzer/admin/settings/application/profilesecurity.webp). - -There are two options available in the Profiles stored with drop-down menu: - -- Application – Default setting, does not employ the enhanced encryption -- Vault – Enables the enhanced encryption of stored credentials. See the [Vault](/docs/accessanalyzer/12.0/administration/settings/application/vault.md) topic for - requirements and additional information. - -Usage Statistics - -The Usage Statistics section allows you to select whether to send usage statistics data to Netwrix -to help us improve our product. - -![Usage Statistics](/img/product_docs/accessanalyzer/admin/settings/application/usagestatistics.webp) - -- If selected, usage statistics are collected and sent to Netwrix - - - Upon startup of the Access Analyzer console, the system checks if usage statistics have been - sent in the last 7 days. If they have not been, stored procedures run against the Access - Analyzer database and gather data about job runs, access times, and environmental details like - resource counts, users counts, number of exceptions, and so on. This data is then sent back to - Netwrix to help us identify usage trends and common pain points, so that we can use this - information to improve the product. - - Only anonymous statistic-level data is included. No private company or personal data is - collected or sent to Netwrix. - -- If cleared, no usage statistics are collected or sent to Netwrix - -Host Target Options - -The Host Target Options section provides radio buttons to select the source that Access Analyzer -should use to connect to hosts. - -![Host Target Options](/img/product_docs/accessanalyzer/admin/settings/application/hosttargetoptions.webp) - -Select from the following two options: - -- Use host name -- Prefer DNS name if available - -Grid View Parameters - -The Grid View Parameters section controls how the data grids display within the Access Analyzer -Console. - -![Grid View Parameters](/img/product_docs/accessanalyzer/admin/settings/application/gridviewparameters.webp) - -- Automatically rename duplicate columns within a table – Checks for and renames columns with - duplicate names -- Automatically correct invalid column names – Checks for and corrects column names which contain - characters SQL cannot handle - - **_RECOMMENDED:_** Leave both options selected. - -- Save filters and grouping on data grids – Maintains filters configured for a data grid for the - next viewing. If not selected, filtered data grids reset between viewings. -- Maximum row count for interactive grid view – Indicates the number of rows displayed in tables - accessible in under a job’s Status and Results nodes - - - Maximum row count is set to 1000 by default and has a cap of 99,999 rows. This number does not - impact the number of rows within the SQL database. To view the full row count for a table - exceeding this size, use the SQL Server Management Studio or another SQL Server interface tool - which displays the full table. - -Filtered data grids are not lost if persistent filters are not saved. The Filtration Dialog -available for every data grid maintains a list of recent filters. See the -[Data Grid Functionality](/docs/accessanalyzer/12.0/administration/navigation/data-grid.md) topic for additional information. - -Cleanup - -The Cleanup section is designed to conserve space in the SQL Database Transaction Log. It only works -when the database is configured to use Simple Recovery Model. - -![Cleanup Options](/img/product_docs/accessanalyzer/admin/settings/application/cleanup.webp) - -- Compact Database Transaction Log – If selected, every time the Access Analyzer application is - closed, the Database Transaction Log is compacted - - **_RECOMMENDED:_** In most environments, it is recommended to leave this option selected. If a - scheduled task ends while multiple tasks are still running, the process of compacting the - database freezes it and causes the running tasks to fail. - -- Run Post Processing SQL Script to Set Host Status – If selected, this option ascribes the values - of SUCCESS, WARNING, or ERROR to indicate what happened on that host during job execution - - **_RECOMMENDED:_** It is recommended that this option be left selected. - -Application Exit Options - -The Application Exit Options section controls whether or not a confirmation is displayed when the -Access Analyzer application is closed. - -![Application Exit Options](/img/product_docs/accessanalyzer/admin/settings/application/applicationexitoptions.webp) - -If selected, the **Show Confirmation Dialog** option causes a Confirm Exit window to open when the -Access Analyzer user attempts to exit the application. If deselected, the Access Analyzer -application closes without confirmation. - -![Confirm Exit](/img/product_docs/accessanalyzer/admin/settings/application/confirmexitwindow.webp) - -The Confirm Exit window requires the **Yes** button to be clicked before the Access Analyzer -application closes. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Application view. These -buttons become enabled when modifications are made to the Application global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/12.0/administration/settings/application/vault.md b/docs/accessanalyzer/12.0/administration/settings/application/vault.md deleted file mode 100644 index 1504ff7a57..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/application/vault.md +++ /dev/null @@ -1,66 +0,0 @@ -# Vault - -The Access Analyzer vault provides additional security through enhanced encryption to various -credentials stored by the Access Analyzer application, such as Connection Profile credentials or -Schedule Service Account credentials. In order to enable the vault, the following prerequisites must -be met in the order listed: - -- Access Analyzer Vault Service must be running - - - This service was installed during the Access Analyzer installation and is configured for - Manual Startup Type - - It needs to be configured to Log On (Service > Properties) with a service account which has - Log on as Service rights, as well as Read and Execute rights to the VaultService.exe file - located within the Access Analyzer installation directory - -- Role Base Access must be enabled within Access Analyzer - - - The vault was designed to provide enhanced security when employing the Role Based Access, or - least privilege, option of Access Analyzer - - At least one Administrator role must be assigned to enable the vault: - - - If full Role Based Access is not desired but enabling the vault is, all of the Access - Analyzer users should be given the Administrator role - - No additional Role Based Access prerequisites are required for this option - - - See the [Access](/docs/accessanalyzer/12.0/administration/settings/access/overview.md) topic for additional information on Role Based Access - - **NOTE:** Once the vault has been enabled, it is not possible to disable Role Based Access - without first disabling the vault. Please contact - [Netwrix Support](https://www.netwrix.com/support.html) for assistance in disabling Role Based - Access. - -- The Profile Security section of the Application node must be set to **Vault** - - ![Vault Security](/img/product_docs/accessanalyzer/admin/settings/application/vaultrbaerror.webp) - - If the previous prerequisites have not been met, then one of the following errors will occur - when attempting to save the Vault Profile Security setting: - - - Role Based Access Error – Role Based Access must be configured in order to use the Access - Analyzer Vault. Please configure Role Based Access and try again - - Access Analyzer Vault Service Error – Access Analyzer is not running - -- The Netwrix Access Analyzer (formerly Enterprise Auditor) Web Server service must be run with an - account that has the Administrator role assigned - - - If the Administrator role is not assigned, the vault service does not allow the web server to - access the SQL profile and throws an access denied error in the web server log file - -The credentials which are encrypted once the vault has been enabled are: - -- Storage Profile credentials -- Connection Profile credentials -- Schedule Service Account credentials -- Role Definitions -- Role Assignments - -Once encrypted, the files with these stored credentials are moved into a new directory location. - -This location is protected by the service account used to run the Access Analyzer Vault Service. - -## Disabling the Vault - -To disable the vault, navigate to the **Settings** > **Application** node and change the Profile -Security section setting to **Application**. It is a best practice to also stop the Access Analyzer -Vault Service. diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/cyberark-integration.md b/docs/accessanalyzer/12.0/administration/settings/connection/cyberark-integration.md deleted file mode 100644 index ba0dfe79c1..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/cyberark-integration.md +++ /dev/null @@ -1,162 +0,0 @@ -# CyberArk Integration - -In order for Access Analyzer to be able to retrieve service account passwords from the CyberArk -Password Vault, the following prerequisites must be completed: - -- The Secrets Manager must be installed on the Access Analyzer Console server. The organization’s - Vault administrator can provide the Secrets Manager installation package and most likely needs to - be present during the installation to provide credentials in order for the Secrets Manager - installation to complete. See the CyberArk - [Credential Provider (CP)](https://docs.cyberark.com/credential-providers/Latest/en/Content/CP%20and%20ASCP/Installing-CP.htm) article - for additional information. -- An application must be added to CyberArk for the integration with Access Analyzer. The Application - Id of this application must then be added to the `GlobalOptions.xml` file for Access Analyzer. See - the [Customize CyberArk Application Id](#customize-cyberark-application-id) topic for additional - information. The application can be locked down by providing an OS User, a Path, or a Hash. See - the CyberArk - [Add applications](https://docs.cyberark.com/credential-providers/14.0/en/Content/Common/Adding-Applications.htm) article - for additional information. - - - The OS User needs to be the account running Access Analyzer. This could be the account used to - launch the Access Analyzer application or an account used as the Schedule Service Account - within Access Analyzer. More than one OS User can be added. - - The Path should be a local path to the `StealthAUDIT.exe` file. The path should end with the - file name: `…\StealthAUDIT.exe`. - - The Hash should be generated using the **AimGetAppInfo** tool in the - `…\CyberArk\ApplicationPasswordProvider\Utils` folder on the server where Secrets Manager is - installed. AimGetAppInfo should be run in an Administrator Command Prompt. Run the following - command: - - ``` - ..\CyberArk\ApplicationPasswordProvider\Utils\NETAimGetAppInfo.exe GetHash /AppExecutablesPattern \PrivateAssemblies\Stealthbits.StealthAUDIT.Console.dll - ``` - - **_RECOMMENDED:_** Pipe the output hash value to a file to easily copy and paste it to the - CyberArk application. - - See the CyberArk - [Generate an application hash value](https://docs.cyberark.com/credential-providers/Latest/en/Content/CP%20and%20ASCP/Generating-Application-Hash-Value.htm) article - for additional information. - - ![Application Details page for the CyberArk Application](/img/product_docs/accessanalyzer/admin/settings/connection/applicationidhash.webp) - - Add the generated hash value in the Authentication tab of the Application Details page for - the CyberArk Application. - - ![Allowed Machines list for the CyberArk application](/img/product_docs/accessanalyzer/admin/settings/connection/allowedmachines.webp) - - - The machine name for the Access Analyzer console needs to be added on the Allowed Machines - list for the CyberArk application - -- Once the Secrets Manager installation has completed and the Access Analyzer application has been - created, the necessary CyberArk accounts must be given access to the Safes in which the Access - Analyzer service accounts are stored. This includes the account which was created automatically - during the Secrets Manager installation, as well as the account created automatically as a result - of the application creation. - - ![Owners window for the Safe containing the credentials](/img/product_docs/accessanalyzer/admin/settings/connection/vaultownerswindow.webp) - - - The account created during the AIM installation is under the naming convention - `Prov_[COMPUTERNAME]`, where `COMPUTERNAME` is the name of the computer on which AIM is - installed. This account should be given **Retrieve accounts**, **List accounts**, and **View - Safe Members** rights on the desired Safes. - - The account created during the application creation has the same name as the application - itself and should be given **Retrieve accounts** rights on the desired Safes - -## Customize CyberArk Application Id - -The Application id value of the application created within CyberArk for the integration with Access -Analyzer must be configured within Access Analyzer. This is done in the `GlobalOptions.xml` file -within the Access Analyzer installation directory. The default location is -`…\STEALTHbits\StealthAUDIT\`. - -Follow the steps to customize the CyberArk Application Id within Access Analyzer. - -**Step 1 –** Navigate to the `GlobalOptions.xml` file. Open it with a text editor, for example -Notepad. - -**CAUTION:** Ensure Access Analyzer is closed when modifying this file. - -![GlobalOptions.xml file in Notepad](/img/product_docs/accessanalyzer/admin/settings/connection/globaloptions.webp) - -**Step 2 –** Find the `` section of the `GlobalOptions.xml` file. Add the -Application Id of the configured CyberArk application for the integration in the `` tag. If -required, customize the Command Timeout and Connection Port properties. - -``` - -    CyberArkApplicationID -    30 -    18923 - -``` - -- AppId – The name of the CyberArk application -- CommandTimeout – Set to the suggested default of 30 -- ConnectionPort – This is a configurable option found during the installation of the CyberArk - Credential Provider. After installation, it can be found in the configuration file located in the - installation folder. - - See the CyberArk - [TCP parameters](https://docs.cyberark.com/credential-providers/13.0/en/Content/CP%20and%20ASCP/Credential-Provider-Configuration-Files.htm#tcp-parameters) article - for additional information. - -**Step 3 –** Save and close the file. - -Access Analyzer now uses the CyberArk Application Id identified in the XML string. - -## User Credentials Window - -In Access Analyzer, the CyberArk option for Password Storage is available on the User Credentials -window when configuring an **Active Directory Account** or **Local Windows Account**. - -The credential information supplied in the User Credentials window must be an exact match to what is -in CyberArk as the privileged account for which it is linked. It is case-sensitive. - -If the Connection Profile with a Local Windows Account credential using CyberArk password storage is -used to target multiple hosts, then the local credential on each host needs to have the exact same -username and password combination. - -![Connection view with CyberArk credentials](/img/product_docs/accessanalyzer/admin/settings/connection/usercredentials.webp) - -The Connection view displays `CyberArk` in the Source column of the User Credentials list for the -selected Connection Profile. - -### Active Directory Account - -Match the User Credentials window settings in Access Analyzer with the privilege account properties -in CyberArk. These values are case-sensitive, and must be an exact match. - -![User Credentials window for Active Directory Account](/img/product_docs/accessanalyzer/admin/settings/connection/usercredentialsad.webp) - -The table below shows the values from your CyberArk configuration that the User Credentials window -should be populated with: - -| Access Analyzer | CyberArk Property | CyberArk Description | Example Value | -| --------------- | ----------------- | -------------------------------------- | ----------------- | -| Domain | Address | Domain address | ExampleDomain.com | -| User name | Username | Privilege account | ExampleUser | -| Safe | Safe | Vault managing the privileged accounts | Test | -| Folder | Folder | Folder within Safe | Root | - -### Local Windows Account - -Match the User Credentials window settings in Access Analyzer with the privilege account properties -in CyberArk. These values are case-sensitive, and must be an exact match. The Access Analyzer Domain -value is `` and the CyberArk Address property value is the server address. - -![User Credentials window for Local Windows Account](/img/product_docs/accessanalyzer/admin/settings/connection/usercredentialslocal.webp) - -The table below shows the values from your CyberArk configuration that the User Credentials window -should be populated with: - -| Access Analyzer | CyberArk Property | CyberArk Description | Example Value | -| --------------- | ----------------- | -------------------------------------- | ------------- | -| User name | Username | Privilege account | ExampleUser2 | -| Safe | Safe | Vault managing the privileged accounts | Test | -| Folder | Folder | Folder within Safe | Root | - -**_RECOMMENDED:_** Only use one Local Windows Account credential with CyberArk password storage in a -Connection Profile. As part of the Access Analyzer to CyberArk integration, the Access Analyzer job -is stopped immediately if the query from Access Analyzer to CyberArk for the credential fails. -Therefore, a second credential within the Connection Profile would not be queried. diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/gmsa.md b/docs/accessanalyzer/12.0/administration/settings/connection/gmsa.md deleted file mode 100644 index ea8414c871..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/gmsa.md +++ /dev/null @@ -1,23 +0,0 @@ -# Group Managed Service Accounts (gMSA) Configuration - -Access Analyzer can use a previously-configured Group Managed Service Accounts (gMSA/MSA) account. -Make sure that Managed Service Account is selected in the User Credentials window. See the -[Create a Connection Profile](/docs/accessanalyzer/12.0/administration/settings/connection/profile/create.md) or -[Create a Schedule Service Account](/docs/accessanalyzer/12.0/administration/settings/schedule.md#create-a-schedule-service-account) topic for -additional information. - -To run a job or scheduled task with a gMSA/MSA account, the following prerequisites must be met: - -- The account that Access Analyzer is run with must have permissions to retrieve the gMSA account - password -- The gMSA account must be a Local Admin in the target hosts -- The gMSA account does not have to be a local admin in the Access Analyzer Console -- The Data Collector used must support unicode characters in the Connection Profile's credential - password to retrieve the gMSA account password - -**NOTE:** For FSAA, remote scans using gMSA credentials need to use the Windows Service launch -mechanism in the query configuration. - -See the Microsoft -[Group Managed Service Accounts](https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/group-managed-service-accounts-overview) -article for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/overview.md b/docs/accessanalyzer/12.0/administration/settings/connection/overview.md deleted file mode 100644 index f29316c718..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/overview.md +++ /dev/null @@ -1,72 +0,0 @@ -# Connection - -The Connection node contains objects referred to as Connection Profiles. A Connection Profile houses -the information Access Analyzer uses to connect to the target hosts during job execution. - -![Connection](/img/product_docs/accessanalyzer/admin/settings/connection/connectionpage.webp) - -There are two methods for authentication to a targeted host: - -- Use Local Login Credentials -- Use a Connection Profile - -## Use Local Login Credentials - -This method is traditionally assigned through the **Only use the Windows account that the -application is run with System default** option. It is generally referred to as the System Default -or trusted method. When used, Access Analyzer authenticates to the target hosts during host -inventory or job execution with the Windows account used to launch Access Analyzer. This can be: - -- Account which was used to log on to the Access Analyzer Console server and start the application -- Account which was used to launch the Access Analyzer application through the run-as security - context -- Account which was used to provision a Windows scheduled task when running a job group or job via a - scheduled task - -## Use a Connection Profile - -This method allows you to define a Connection Profile which houses one or several sets of -credentials to be used for authentication on the target hosts during host inventory or job -execution. The credentials specified in a Connection Profile could be any of the following: - -- Local machine account -- Active Directory account -- Unix account -- SQL account -- Microsoft Entra ID (formerly, Azure Active Directory) key -- Dropbox access token -- Web service JWT -- Oracle account - -For the majority of auditing scenarios, domain-based accounts are preferred if not required by the -nature of the auditing task. The credentials must have the permissions required by the data -collector being used. - -### Password Storage Options - -The password for the credential provided can be stored in Access Analyzer application or Access -Analyzer Vault. Certain types of credentials can be stored in CyberArk®. - -Choosing to store passwords in either the Access Analyzer application or the Access Analyzer Vault -is a global setting configured in the **Settings** > **Application** node. See the -[Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for additional information. - -The Access Analyzer vault provides enhanced security through enhanced encryption to various -credentials stored by the Access Analyzer application. See the [Vault](/docs/accessanalyzer/12.0/administration/settings/application/vault.md) -topic for additional information. - -CyberArk integration stores supported credentials in the CyberArk Enterprise Password Vault. -CyberArk Privileged Account Security Solution offers components designed to discover, secure, -rotate, and control access to privileged account passwords used to access systems through the -enterprise IT environment. See the [CyberArk Integration](/docs/accessanalyzer/12.0/administration/settings/connection/cyberark-integration.md) topic for -additional information. - -![Cancel and Save options](/img/product_docs/accessanalyzer/admin/settings/connection/cancelsavebuttons.webp) - -The **Cancel** and **Save** buttons are in the lower-right corner of the Connection view. These -buttons become enabled when modifications are made to the Connection global setting. - -![Information update message box](/img/product_docs/accessanalyzer/admin/settings/connection/settingssavedmessage.webp) - -Whenever changes are made at the global level, click **Save** and then **OK** to confirm the -changes. Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/active-directory.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/active-directory.md deleted file mode 100644 index 6968a6e9cc..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/active-directory.md +++ /dev/null @@ -1,25 +0,0 @@ -# Active Directory Account for User Credentials - -If the account type selected on the User Credentials window is **Active Directory Account**, the -following information is required for the credential: - -![User Credentials Window - Active Directory](/img/product_docs/accessanalyzer/admin/settings/connection/profile/activedirectoryaccount.webp) - -- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain - name in the textbox or select a domain from the menu. -- User name – Type the user name -- Password Storage – Choose the option for credential password storage: - - - Application – Uses the configured Profile Security setting as selected at the **Settings** > - **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for - additional information. - - CyberArk – Uses the CyberArk Enterprise Password Vault. See the - [CyberArk Integration](/docs/accessanalyzer/12.0/administration/settings/connection/cyberark-integration.md) topic for additional information. The - password fields do not apply for CyberArk password storage. - - Managed Service Account – Use previously configured MSA and gMSAs for authentication. The - password fields are not applicable when this option is selected. See the - [Group Managed Service Accounts (gMSA) Configuration](/docs/accessanalyzer/12.0/administration/settings/connection/gmsa.md) topic for additional - information. - -- Password – Type the password -- Confirm – Re-type the password diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/aws.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/aws.md deleted file mode 100644 index acd1acb1b4..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/aws.md +++ /dev/null @@ -1,35 +0,0 @@ -# Amazon Web Services for User Credentials - -The information in this section applies to **Select Account Type > Amazon Web Services** account -type in the User Credentials window. - -![User Credentials Window - AWS](/img/product_docs/accessanalyzer/admin/settings/connection/profile/connectionaws.webp) - -The required credentials for Amazon Web Services are: - -- Access Key ID — Used to sign programmatic requests made to AWS. If access keys are not available, - create them with the IAM console. -- Password Storage: Application – Uses the configured Profile Security setting as selected at the - **Settings >** **Application** node -- Secret Key — Used to sign programmatic requests made to AWS. If secret keys are not available, - create them with the IAM console. -- Scan Roles — Role used to scan other organization accounts - -## Create a Connection Profile for AWS - -A new connection profile will need to be created to be leveraged in the AWS Solution. - -**Step 1 –** Under Settings > Connection, click Add Connection profile. - -**Step 2 –** Click Add User credential and select the Amazon Web Services account type. - -**Step 3 –** Input the Access Key ID into the Username section, and the Secret Access Key into the -Access Token section. - -_Remember,_ these are obtained from AWS when the permissions are configured. See the -[Configure AWS for Scans](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md) topic for additional -information. - -**Step 4 –** Click OK in the User Credentials modal, name the Connection Profile, and click Save. - -This connection profile can now be assigned to the AWS Solution. diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/create.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/create.md deleted file mode 100644 index fa386feec2..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/create.md +++ /dev/null @@ -1,155 +0,0 @@ -# Create a Connection Profile - -Follow the steps to create a Connection Profile. - -![Add Connection Profile](/img/product_docs/accessanalyzer/admin/settings/connection/profile/addconnectionprofile.webp) - -**Step 1 –** Click Add Connection profile at the top of the Connection view. - -![Connection - Add Connection Profile](/img/product_docs/accessanalyzer/admin/settings/connection/profile/connectionprofilename.webp) - -**Step 2 –** A new profile displays in the list with a generic name. Provide a unique, descriptive -name in the Connection profile name textbox. - -**NOTE:** A good profile name should be chosen so that it does not need to be changed at a later -time. If the profile name is changed after being applied to job groups or jobs, it requires the user -to go back through all of those job groups or jobs and re-apply the Connection Profile. - -![Add User Credential](/img/product_docs/accessanalyzer/admin/settings/addusercredential.webp) - -**Step 3 –** Now it is time to add credentials to this profile. Click Add User credential and the -User Credentials window opens. - -![User Credentials](/img/product_docs/accessanalyzer/admin/settings/connection/profile/activedirectoryaccount.webp) - -**Step 4 –** The window options change according to the value for the Selected Account Type field. -Select the appropriate account type and then provide the required information. The account types -are: - -- [Active Directory Account for User Credentials ](/docs/accessanalyzer/12.0/administration/settings/connection/profile/active-directory.md) -- [Local Windows Account for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/local-windows.md) -- [Unix Account for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/unix.md) -- [SQL Authentication for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/sql.md) -- [Task for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/task.md) -- [Azure Active Directory for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/entra-id.md) -- [Dropbox for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/dropbox.md) -- [Web Services (JWT) for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/web-services.md) -- [Oracle for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/oracle.md) -- [Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/exchange-modern-auth.md) - -See the individual account type sections for information on the fields. Then click OK. - -![Error Message for Password](/img/product_docs/accessanalyzer/admin/settings/connection/profile/passworddifferserror.webp) - -**NOTE:** If the entered passwords are not the same, an error message will pop-up after clicking OK -on the User Credentials window. Click OK on the error message and re-type the passwords. - -![User Credentials](/img/product_docs/accessanalyzer/admin/settings/connection/profile/usercredentialslist.webp) - -**Step 5 –** Repeat Steps 3-4 until the User Credentials list for this profile is complete. - -When Access Analyzer authenticates to a target host, it looks at the value of the WindowsDomain -field in the Host Inventory for the target host. It then matches the first credential in the -Connection Profile which matches that domain. If authentication fails, it moves consecutively -through the User Credentials list. It will first match to all credentials listed for target host’s -domain, and then proceed through all other credentials until authentication is successful or there -are no more credentials to try. - -**_RECOMMENDED:_** Limit the User Credentials list to a minimal number per profile, especially when -considering that a successful authentication does not automatically mean that particular credential -has the appropriate level of permissions in order for the data collection to occur. - -![Arrange Priority](/img/product_docs/accessanalyzer/admin/settings/connection/profile/moveupdown.webp) - -There are Move Up and Move Down buttons for arranging priority within the User Credentials list. - -![Apply local login credentials](/img/product_docs/accessanalyzer/admin/settings/connection/profile/usewindowsaccountoption.webp) - -**Step 6 –** (Optional): At the bottom of the Connection view, is the Use the Windows account that -Access Analyzer runs with before trying the user credentials above option. This option is per -Connection Profile. If checked, Access Analyzer applies the local login credentials prior to any of -the credentials saved to the Connection Profile. - -**NOTE:** If a data collector utilizes an applet, this option must be unchecked. - -**Step 7 –** When the user credentials have been added and ordered, click Save and then OK to -confirm the changes to the Connection Profile. - -The new Connection Profile is now visible in the Profile list and available for use at the job group -or job level. - -## Edit User Credentials within a Connection Profile - -Follow the steps to edit user credentials within a Connection Profile. - -![Edit Connection Profile](/img/product_docs/accessanalyzer/admin/settings/connection/profile/editusercredentials.webp) - -**Step 1 –** Select the Connection Profile to be modified from the Profile list. Remember, changing -the Connection Profile name results in breaking job groups or jobs that are assigned this profile. - -**Step 2 –** Select the user credential to be edited from the User Credentials list. Click Edit. - -![User Credentials](/img/product_docs/accessanalyzer/admin/settings/connection/profile/selectaccounttype.webp) - -**Step 3 –** Modify the information in the User Credentials window. For the password, choose between -the Use the existing password option or the Specify a new password below option. Click OK. - -**Step 4 –** When the Connection Profile’s user credentials have been edited as desired, click Save -and then OK to confirm the changes to the Connection Profile. - -The edited user credentials are now used for authentication to target hosts for this Connection -Profile. - -## Delete a User Credential from a Connection Profile - -Follow the steps to delete a user credential from a Connection Profile. - -![Delete User Credentials](/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteusercredentials.webp) - -**Step 1 –** Select the Connection Profile to be modified from the Profile list. Remember, changing -the Connection Profile name results in breaking job groups or jobs that are assigned this profile. - -**Step 2 –** Select the user credential to be edited from the User Credentials list. Click Delete. - -![Confirmation message for deletion](/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteusercredentialsconfirm.webp) - -**Step 3 –** Click OK to confirm the deletion. - -**Step 4 –** The selected credential is no longer visible in the User Credentials list. Click Save -and then OK to confirm the changes to the Connection Profile. - -The deleted user credentials are no longer available for authentication to target hosts for this -Connection Profile. - -## Set a Default Connection Profile - -The default profile is marked with the green checkmark. - -![defaultconnectionprofile](/img/product_docs/accessanalyzer/admin/settings/connection/profile/defaultconnectionprofile.webp) - -Follow the steps to set a new default Connection Profile. - -![Set a Default Connection Profile](/img/product_docs/accessanalyzer/admin/settings/connection/profile/setasdefaultconnectionprofile.webp) - -**Step 1 –** Select the desired profile in the Connection Profile list and click Set as default. - -**Step 2 –** The green checkmark moves. Click Save and then OK to confirm the changes. - -This Connection Profile is now used as the default Connection Profile. - -## Delete a Connection Profile - -Follow the steps to delete a Connection Profile. - -![Delete a Connection Profile](/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofile.webp) - -**Step 1 –** Select the profile from the Connection Profile list and click Delete. - -![Confirmation message for deletion](/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp) - -**Step 2 –** Click OK to confirm the deletion. - -**Step 3 –** The selected profile is no longer visible in the Connection Profiles list. Click Save -and then OK to confirm the changes. - -The deleted Connection Profile is no longer available for authentication to target hosts. diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/dropbox.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/dropbox.md deleted file mode 100644 index a8d9d2760f..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/dropbox.md +++ /dev/null @@ -1,15 +0,0 @@ -# Dropbox for User Credentials - -The information in this topic applies to **Select Account Type** > **Dropbox** in the User -Credentials window. - -![User Credentials - Dropbox](/img/product_docs/accessanalyzer/admin/settings/connection/profile/dropbox.webp) - -The required credentials for Dropbox are: - -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic - for additional information.) -- Access Token – Copy and paste the access token after it has been generated from the Scan Options - page of the DropboxAccess Data Collector configuration wizard. See the Dropbox for User - Credentials topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/entra-id.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/entra-id.md deleted file mode 100644 index 04eb675e18..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/entra-id.md +++ /dev/null @@ -1,28 +0,0 @@ -# Azure Active Directory for User Credentials - -The information in this topic applies to **Select Account Type** > **Azure Active Directory** in the -User Credentials window. This account type is for Microsoft Entra ID, formerly Azure Active -Directory. - -![User Credentials Window - Azure Active Directory](/img/product_docs/accessanalyzer/admin/settings/connection/profile/entraid.webp) - -The required credentials for this account type are: - -- Client ID – Application (client) ID of the Access Analyzer application registered with Microsoft - Entra ID. See the - [Identify the Client ID](/docs/accessanalyzer/12.0/configuration/entra-id/access.md#identify-the-client-id) topic for - additional information. -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic - for additional information.) -- Key – The required Key depends on the target environment the Connection Profile is being used for: - - - Entra ID – Client secret value for the Access Analyzer application registered with Microsoft - Entra ID. See the - [Generate the Client Secret Key](/docs/accessanalyzer/12.0/configuration/entra-id/access.md#generate-the-client-secret-key) - topic for additional information. - - SharePoint Online – The comma delimited string containing the path to the certificate PFX - file, certificate password, and the Microsoft Entra ID environment identifier ( - `CertPath,CertPassword,AzureEnvironment`). See the - [SharePoint Online Credential for a Connection Profile using Modern Authentication](/docs/accessanalyzer/12.0/data-collection/spaa/configure-job.md#sharepoint-online-credential-for-a-connection-profile-using-modern-authentication)topic - for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/exchange-modern-auth.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/exchange-modern-auth.md deleted file mode 100644 index 544232f272..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/exchange-modern-auth.md +++ /dev/null @@ -1,26 +0,0 @@ -# Exchange Modern Authentication for User Credentials - -The information in this topic applies to **Select Account Type** > **Exchange Modern -Authentication** account type in the User Credentials window. - -![User Credentials - Exchange Modern Authentication ](/img/product_docs/accessanalyzer/admin/settings/connection/profile/exchangemodernauthentication.webp) - -The values for the required credentials for the Exchange Modern Authentication account are: - -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic - for additional information.) -- Organization – The primary domain name of the Microsoft Entra tenant being leveraged to make the - connection. See the - [Identify the Tenant's Name](/docs/accessanalyzer/12.0/configuration/exchange-online/access.md#identify-the-tenants-name) - topic for additional information. -- Email Address – The email address for the mailbox to be leveraged in Exchange Online environment - scans. The mailbox must belong to the primary domain used in the Organization field. -- AppID – Application (client) ID of the Access Analyzer application registered with Microsoft Entra - ID. See the - [Identify the Client ID](/docs/accessanalyzer/12.0/configuration/exchange-online/access.md#identify-the-client-id) - topic for additional information. -- Certificate Thumbprint – The thumbprint value of the certificate uploaded to the Microsoft Entra - ID application. See the - [Upload Self-Signed Certificate](/docs/accessanalyzer/12.0/configuration/exchange-online/access.md#upload-self-signed-certificate) - topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/local-windows.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/local-windows.md deleted file mode 100644 index 1e6a19af3e..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/local-windows.md +++ /dev/null @@ -1,25 +0,0 @@ -# Local Windows Account for User Credentials - -The information in this topic applies to **Select Account Type** > **Local Windows Account** in the -User Credentials window. - -![User Credentials - Local Windows Account](/img/product_docs/accessanalyzer/admin/settings/connection/profile/localwindowsaccount.webp) - -The required credentials for the Local Windows Account are: - -- User name – Type the user name -- Password Storage – Choose the option for credential password storage: - - - Application – Uses the configured Profile Security setting as selected at the **Settings** > - **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for - additional information. - - CyberArk – Uses the CyberArk Enterprise Password Vault. See the - [CyberArk Integration](/docs/accessanalyzer/12.0/administration/settings/connection/cyberark-integration.md) topic for additional information. The - password fields do not apply for CyberArk password storage. - - **NOTE:** If using the CyberArk option, then the associated Connection Profile can only have - one user credential in it. Multiple user credentials are not supported with the CyberArk - integration when using local Windows accounts. - -- Password – Type the password -- Confirm – Re-type the password diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/oracle.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/oracle.md deleted file mode 100644 index bfac21bd3b..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/oracle.md +++ /dev/null @@ -1,38 +0,0 @@ -# Oracle for User Credentials - -The information in this section applies to Select Account Type > Oracle in the User Credentials -window. - -![User Credentials - Oracle](/img/product_docs/accessanalyzer/admin/settings/connection/profile/oracle.webp) - -The required credentials for Oracle are: - -- Domain – Field options are dependent upon the additional account type option selected: - - Oracle Account – Domain is not a field for this type of credential - - Windows account that Access Analyzer is run with – (Domain is not a field for this type of - credential) - - Active Directory – Drop-down menu with available trusted domains displays. Either type the - short domain name in the textbox or select a domain from the menu. -- User name – Type the user name - - This is not a field for the additional account type of Windows account that Access Analyzer is - run with is selected -- Password Storage: Application – Uses the configured Profile Security setting as selected at the - **Settings >** **Application** node -- Password – Type the password - - This is not a field for the additional account type of Windows account that Access Analyzer is - run with -- Confirm – Re-type the password - - This is not a field for the additional account type of Windows account that Access Analyzer is - run with -- Role – Specify an Oracle role, if desired. The drop-down menu provides a list of roles. Either - type the role name in the textbox or select a role from the menu. - - **NOTE:** When using a least privileged model for Oracle, **SYSDBA** must be selected for the - Role. -- Additional Account type – Select radio button of the secondary account type from the list at the - bottom of the window: - - Oracle Account – Use an Oracle account for target host authentication - - Windows account that Access Analyzer is run with – Use the account that launched the Access - Analyzer application through the run-as security context - - Active Directory – Use an Active Directory account for target host authentication - -Selecting default from the list is the same as leaving the field blank. diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/sql.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/sql.md deleted file mode 100644 index 93c3f11c66..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/sql.md +++ /dev/null @@ -1,18 +0,0 @@ -# SQL Authentication for User Credentials - -This information applies to **Select Account Type** > **SQL Authentication** in the User Credentials -window. - -**NOTE:** SQL Authentication credentials are used in the Connection Profiles for the SQL, MySQL, and -PostgreSQL Solutions. - -![User Credentials - SQL Authentication](/img/product_docs/accessanalyzer/admin/settings/connection/profile/sqlauthentication.webp) - -The required credentials for SQL Authentication are: - -- User name – Enter user name -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic - for additional information.) -- Password – Type the password -- Confirm – Re-type the password diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/task.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/task.md deleted file mode 100644 index 46561f68d9..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/task.md +++ /dev/null @@ -1,20 +0,0 @@ -# Task for User Credentials - -The information in this section applies to Select Account Type > Task (Local) or Task (Domain) in -the User Credentials window. - -| ![User Credentials - Task (Local)](/img/product_docs/accessanalyzer/admin/settings/connection/profile/taskdomain.webp) | -| ---------------------------------------------------------------------------------------------------------------------- | --------------- | -| _Task (Local)_ | _Task (Domain)_ | - -The required credentials for Task (Local) and Task (Domain) are: - -- Domain - - Local – Not a field for this type of credential, defaults to `` - - Domain – Drop-down menu with available trusted domains displays. Either type the short domain - name in the textbox or select a domain from the menu. -- User name – Type the user name -- Password Storage: Application – Uses the configured Profile Security setting as selected at the - **Settings > Application** node -- Password – Type the password -- Confirm – Re-type the password diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/unix.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/unix.md deleted file mode 100644 index 06dbcae33b..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/unix.md +++ /dev/null @@ -1,33 +0,0 @@ -# Unix Account for User Credentials - -The information in this topic applies to **Select Account Type** > **Unix Account** in the User -Credentials window. - -![User Credentials - Unix](/img/product_docs/accessanalyzer/admin/settings/connection/profile/unixaccount.webp) - -The required credentials for the Unix Account are: - -- User name – Enter user name -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic - for additional information.) -- Password/Confirm - - - If not using a private key, enter the **Password** and re-type in the **Confirm** field - - If using a private key, then the password is not needed. Provide the private key information - in the **Use the following private key when connecting** field. - -- Use the following port/ports (CSV) for SSH - - - The SSH port needs to be opened in software and hardware firewalls - - If desired, select this option and provide the port value - -- Use the following private key when connecting - - - This option uses the authentication method of an SSH Private Key - - Supported Key types: - - - Open SSH - - PuTTY Private Key - - - If desired, select this option and provide the key value diff --git a/docs/accessanalyzer/12.0/administration/settings/connection/profile/web-services.md b/docs/accessanalyzer/12.0/administration/settings/connection/profile/web-services.md deleted file mode 100644 index 273945120c..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/connection/profile/web-services.md +++ /dev/null @@ -1,15 +0,0 @@ -# Web Services (JWT) for User Credentials - -The information in this section applies to Select Account Type > Web Services (JWT) in the User -Credentials window. - -![User Credentials - Web Services (JWT)](/img/product_docs/accessanalyzer/admin/settings/connection/profile/webservicesjwt.webp) - -The required credentials for Web Services (JWT) are: - -- User name – `{not a field for this type of credential}` -- Password Storage: Application – Uses the configured Profile Security setting as selected at the - **Settings > Application** node -- Access Token – Copy and paste the StealthDEFEND App Token after it has been generated within - StealthDEFEND. See the [FS_DEFEND_SDD Job](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/fs-defend-sdd.md) topic for - additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/exchange.md b/docs/accessanalyzer/12.0/administration/settings/exchange.md deleted file mode 100644 index 98b18c7d58..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/exchange.md +++ /dev/null @@ -1,67 +0,0 @@ -# Exchange - -The Exchange node is for configuring the settings needed to query Microsoft® Exchange Servers. -These settings are exclusive to the Access Analyzer for Exchange Solution. - -![Exchange - Set up the connection](/img/product_docs/accessanalyzer/admin/settings/exchange_1.webp) - -The Exchange node is grayed-out by default. In order for these settings to be enabled, it is -necessary to install both Access Analyzer MAPI CDO and Microsoft Exchange MAPI CDO on the Access -Analyzer Console server. See the -[StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/stealthaudit-mapi-cdo-installation.md) -topic for additional information. - -Once the requirements have been met, the Exchange node is enabled for configuration. These settings -are utilized to make MAPI connections to the Exchange Server for the Mailbox, PublicFolder, -Exchange2K, and ExchangePS Data Collectors. The Client Access Server field, or CAS, is also utilized -by the ExchangePS Data Collector in order to make Remote PowerShell connections for Exchange 2010 or -newer. The data collectors apply these settings unless modified inside the job query. - -![Set up the connection](/img/product_docs/accessanalyzer/admin/settings/exchange_3.webp) - -The three options in the Exchange Connection Setting section at the top of the window are dependent -on which version of Exchange is audited. - -- For Auditing Microsoft Exchange 2007 or Older Versions: - - Select the radio button for System Attendant (2003 & 2007) – The System Attendant Account is - built into Exchange 2007 and older versions and allows Access Analyzer to make the necessary - MAPI connections. -- For Auditing Microsoft Exchange 2010 or Newer Versions: - - - Select either of the other two options: - - - Use the mailbox associated with the Windows account that Access Analyzer is run with – - This option uses either the account logged into the Access Analyzer Console server or the - account set to run the Access Analyzer application. - - Exchange Mailbox (2010 and newer) – This option allows an Exchange Mailbox Alias to be - specified for MAPI connections. - - - Enter the Alias name in the textbox. The Alias needs to be an Exchange 2010 or newer - mailbox, not a mail-enabled service account. However, this mailbox does not need - rights on the Exchange Organization; it only needs to reside within it. - - - Enter the name of the physical CAS in the Client Access Server textbox. This server can be - part of an array, but do not enter the name of a CAS Array. This should also be the - Exchange CAS where both Remote PowerShell and Windows Authentication on the PowerShell - Virtual Directory have been enabled. - -**_RECOMMENDED:_** Once the Exchange Connection Settings have been properly configured for the -version of Exchange to be audited, it is strongly recommended that the settings be tested. - -In the Test Exchange Connection Settings section: - -- Enter a Mailbox Server with mailboxes to be audited in the Exchange Server textbox. -- Click the Test Exchange settings link. - - ![Test Exchange Connection Setting](/img/product_docs/accessanalyzer/admin/settings/exchange_4.webp) - -If the Exchange Connection Settings are correct, an output field opens. At the bottom of the output -field, a mailbox count is stated and a message appears which says, “You have successfully connected -to this Exchange Server.” Click OK. - -![exchange_6](/img/product_docs/accessanalyzer/admin/settings/exchange_6.webp) - -The Cancel and Save buttons are in the lower-right corner of the Exchange view. These buttons become -enabled when modifications are made to the Exchange global setting. Whenever changes are made at the -global level, click Save and then OK to confirm the changes. Otherwise, click Cancel if no changes -were intended. diff --git a/docs/accessanalyzer/12.0/administration/settings/history.md b/docs/accessanalyzer/12.0/administration/settings/history.md deleted file mode 100644 index 4d12031b59..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/history.md +++ /dev/null @@ -1,89 +0,0 @@ -# History - -The History node is where the history retention of job data and job logs are configured. The setting -specified here at the global level applies to all jobs in the Jobs tree unless specifically changed -at the job group or job level. See the [History Node](/docs/accessanalyzer/12.0/administration/job-management/group/history.md) and -[History Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/history.md) topics for additional information. - -![History Global Settings](/img/product_docs/threatprevention/threatprevention/admin/policies/history.webp) - -The Data Retention Period settings are for configuring the job data history retention within the -database. There are three options: - -- Never retain previous job data -- Retain previous job data for [number] [time period] -- Always retain previous job data - -Set the Data Retention Period at the global level to **Never retain previous job data**. This allows -for more control over the quantity of data by applying history retention at the job group or job -level. All jobs run with this default setting only keep the most current record set. - -**CAUTION:** It is important to understand that some pre-configured jobs require history retention -while others do not support it. Changing the history retention settings at the global level can -cause issues with data analysis and reporting on jobs that don't support it. See the relevant job -group and job descriptions for additional information. - -The Diagnostics Retention Period settings determine how long this data is retained for all jobs that -do not have an explicit setting. Setting the retention period for a specific job overrides the -default setting. There are two settings: - -- Logs and Messages - - - Retain previous application logs, job logs, and messages for [number] [time period] – Controls - how long the messages for previous job executions are stored in the SA_Messages table for each - job. Older job execution messages are cleared. - - The default value is 7 Times. With this setting, the messages are stored for the previous - seven job executions. - -- Job Statistics - - - Retain job statistics in database for [number] [time period] – Controls how long job - statistics history is stored within the Access Analyzer database in the following two tables: - - - SA_JobStatsTbl - - SA_JobTaskStatsTbl - - - This setting is only available at the global settings level. The default value is 100 days. - This directly affects each job’s **Status** node. See the [Status Node](/docs/accessanalyzer/12.0/administration/job-management/job/status.md) - topic for additional information. - -For both the **Logs and Messages** and **Job Statistics** options above: - -- Enter a number in the first textbox and select the desired time period from the drop-down menu in - the second box. Retention can be set to a specific number of **Days**, **Weeks**, **Months**, or - **Times** for both. -- All jobs run with this setting add the newly collected data set or job logs on top of the - previously collected record sets or logs. Any record sets or logs outside the specified historical - retention limit are dropped. - -The **Cancel** and **Save** buttons are in the lower-right corner of the History view. These buttons -become enabled when modifications are made to the History global settings. Whenever changes are made -at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, click -**Cancel** if no changes were intended. - -## Job Data History Retention & Database Size Concerns - -A major concern around job data history retention is the impact it can have on database size. The -following scenario explains a common concern. - -- The **Retain previous application logs, job logs, and message for** or **Retain job statistics in - database for** setting is set to an extended time period and the database size is unmanageable - - - To reduce data retention periods, navigate to the **Settings** > **History** node. Change the - time period to a smaller interval, for example 90 days. Click **Save** and rerun the jobs. - - All of the record sets outside the new retention limit are dropped, and the database size is - back down where it belongs - -## Job Logs - -The job logs are stored within the output folder of each job. They can be read in the Access -Analyzer Console within the job’s **Status** > **Messages** table. To access the logs within the -job’s directory, right-click on the job’s node in the Navigation pane and select **Explore Folder**. - -![Job Logs in the job's Output folder in File Explorer](/img/product_docs/accessanalyzer/admin/settings/historyjoblogs.webp) - -The most recent log is open. Older jobs are stored as zip files, according to the Log Retention -Period setting. Each log is named in the following format: - -- Open/Latest Log Name – `[Jobname]_Log.tsv` -- Older/Zipped Log Name – `[Jobname]_Log_[Date]_[Time].zip` diff --git a/docs/accessanalyzer/12.0/administration/settings/host-discovery.md b/docs/accessanalyzer/12.0/administration/settings/host-discovery.md deleted file mode 100644 index 57667fd491..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/host-discovery.md +++ /dev/null @@ -1,63 +0,0 @@ -# Host Discovery - -The Host Discovery node is for configuring the settings which dictate how Access Analyzer handles -newly discovered hosts, what information is logged during the host discovery process, and how long -the logged information is stored. - -![Host Discovery page](/img/product_docs/accessanalyzer/admin/settings/hostdiscovery.webp) - -In the Host Discovery Options section at the top is a checkbox for the **Perform the first inventory -right away for newly discovered hosts** option. This option is selected by default. - -- If selected, Access Analyzer retrieves information about a host as soon as it is discovered -- If deselected, the host inventory information can be obtained later according to the Host - Inventory node options - -The configurable options in the Discovery Log section are: - -- Retention period – Determines how long the Host Discovery query log is kept. This is set by - default to 14 days which is based on average Access Analyzer usage. -- Log level – Determines what information is stored in the Host Discover query log - -![Log level options](/img/product_docs/accessanalyzer/admin/settings/hostdiscoveryloglevels.webp) - -The log levels are: - -- Debug – Records everything that happens during the host discovery process, most verbose level of - logging - - - Records all Info level information - - If files are referenced or updated during the process of running the query then the path to - the affected file is shown - - Helps [Netwrix Support](https://www.netwrix.com/support.html) to assist in diagnosing issues - which may be causing host inventories to fail - - Creates the largest file - -- Info – Records information on the steps which occur during the host discovery process, in addition - to warnings and errors - - - Records all Warning level information - - Records start actions of each query - - Records end actions of each query - -- Warning – Records all warnings which occur during the host discovery process - - - Records all Error level information - - When Access Analyzer encounters a host which only grants partial access - - When Access Analyzer encounters something which allows for only partial data gathering - - When Access Analyzer encounters something which causes it to produce a larger log file - -- Error – Records all errors which occur during the host discovery process - - **_RECOMMENDED:_** Set the Log Level to Error. The default setting is Info, but it is - recommended that the setting for daily use be set to Error. The other log levels are designed to - assist with troubleshooting host discovery and host inventory issues. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Host Discovery view. These -buttons become enabled when modifications are made to the Host Discovery global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -![Host Discovery Log under Host Discovery node](/img/product_docs/accessanalyzer/admin/settings/hostdiscoverylog.webp) - -The Host Discovery Log is located under the **Host Discovery** node. diff --git a/docs/accessanalyzer/12.0/administration/settings/host-inventory.md b/docs/accessanalyzer/12.0/administration/settings/host-inventory.md deleted file mode 100644 index 92e6a38781..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/host-inventory.md +++ /dev/null @@ -1,167 +0,0 @@ -# Host Inventory - -The Host Inventory node is for selecting what information to collect from the target host during the -host inventory process, for allocating console resources to the host inventory process, and for -setting what out-of-the box host lists are visible in the Host Management node. - -![Host Inventory Settings page](/img/product_docs/accessanalyzer/admin/settings/hostinventory.webp) - -In the Inventory Items section, there are four program property groups: - -- Operating System – Includes 7 Items -- Application – Includes 7 Items -- Network – Includes 6 Items -- Hardware – Includes 4 Items - -Each of these groups brings back the properties enumerated in the list below the group title. These -collected properties correspond to the columns in the Host Management tables. Deselecting a checkbox -prevents that information from being collected for target hosts. However, some solutions require -this information. - -**_RECOMMENDED:_** Leave the default setting of all the groups selected. Consult with -[Netwrix Support](https://www.netwrix.com/support.html) prior to turning off any of these property -groups. - -In the Performance Tuning section, there are five settings which allocate console resources to the -host inventory process: - -- Threads – Indicates the number of job threads that are employed during the host inventory process - - - The default setting is 20 Threads - - Maximum thread count is 100. Thread count will revert back to 100 if values over 100 are - entered. - - Restart Access Analyzer if thread count is changed for changes to take place - -- Thread timeout [in seconds] – Indicates the time a thread will spend in retrieving information - from a host - - - Default setting is 1200 seconds - - If thread cannot receive an active response from target host, the thread will move on to the - next host in the queue - -- Stop on Failed Ping – If the Stop on Failed Ping checkbox is selected, hosts that do not respond - to pings are not queried. Otherwise, hosts will be queried regardless. -- PING timeout [in seconds] – Indicates the time a thread will spend pinging a host - - - Default setting is 4 seconds - - If thread cannot connect with a host, the host will be designated as being offline and the - thread will move on to the next host in the queue - -- Only refresh inventory items older than [time selected] – Indicates the time that needs to pass - before the host inventory process is automatically refreshed - - - Default setting is 60 days - - The number textbox has a five-character limit - - The drop-down menu includes the time-units of: - - - Hours - - Days - - Weeks - - Months - - - This setting affects the Inventory page options on the Host Discovery Wizard. See the - [Host Discovery Wizard](/docs/accessanalyzer/12.0/host-management/discovery/wizard/overview.md) topic for additional information. - -The Desired Host List Views section at the bottom contains all available host lists, both -out-of-the-box lists and custom-created lists. There are seven Default Hosts Lists which correspond -to the solutions that target them. During the host inventory process, hosts which meet the filter -criteria for these default lists are automatically populated into that host list. A checkmark in -front of the host list indicates that the list is visible in the **Host Management** > **All Hosts** -node. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Host Inventory view. These -buttons become enabled when modifications are made to the Host Inventory global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -## Default Host Lists - -The seven default lists are auto-populated during the host inventory process based on specific -filter criteria. These lists correspond to the pre-configured solution jobs which target them. - -### AD Host List - -The **AD** Host List can be expanded and contains five sub-groups utilized by the Active Directory -Solution and the Active Directory Inventory Solution: - -![AD Host List](/img/product_docs/accessanalyzer/admin/settings/ad.webp) - -The sub-groups are: - -- ALL DNS SERVERS -- ALL DOMAIN CONTROLLERS -- ALL GLOBAL CATALOG SERVERS -- ONE DOMAIN CONTROLLER PER DOMAIN -- ONE GLOBAL CATALOG SERVER PER DOMAIN - -### ALL WINDOWS HOSTS Host List - -The **ALL WINDOWS HOSTS** Host List is utilized primarily by the Windows Solution. - -![ALL WINDOWS HOSTS Host List](/img/product_docs/accessanalyzer/admin/settings/allwindowshosts.webp) - -There are no sub-groups for ALL WINDOWS HOSTS. - -### DG Host List - -The **DG** Host List can be expanded and contains three sub-groups utilized by the Data Access -Governance for File System Solution. - -![DG Host List](/img/product_docs/accessanalyzer/admin/settings/dg.webp) - -The sub-groups are: - -- ALL CELERA SERVERS -- ALL INTERNET INFORMATION SERVERS -- ALL NETAPP SERVERS - -### EXCHANGE Host List - -The **EXCHANGE** Host List can be expanded and contains six sub-groups utilized by the Exchange -Solution. Four of these sub-groups can also be expand. - -![EXCHANGE Host List](/img/product_docs/accessanalyzer/admin/settings/exchange.webp) - -The sub-groups are: - -- EXCHANGE GENERAL - - - ALL EXCHANGE SERVERS (ACTIVE HOSTS) - - ALL EXCHANGE SERVERS (ALL HOSTS) - - EXCHANGE CAS SERVERS - - EXCHANGE HUB SERVERS - - EXCHANGE MB SERVERS - -- EXCHANGE 2016 - -### SQL Servers Host List - -The **SQL SERVERS** Host List is utilized primarily by the SQL Solution. - -![SQL Servers Host List](/img/product_docs/accessanalyzer/admin/settings/sqlservers.webp) - -There are no sub-groups for SQL SERVERS. - -### Windows Server Host List - -The **Windows Server** Host List can be expanded and contains three sub-groups utilized by the -Windows Solution. - -![Windows Server Host List](/img/product_docs/accessanalyzer/admin/settings/windowsserver.webp) - -The sub-groups are: - -- ALL WINDOWS SERVERS (ACTIVE HOSTS) -- ALL WINDOWS SERVERS (ALL HOSTS) -- ALL WINDOWS SERVERS (NO DCS) - -### Work Station Host List - -The **Work Station** Host List can be expanded and contains one sub-group utilized by the Windows -Solution. - -![Work Station Host List](/img/product_docs/accessanalyzer/admin/settings/workstation.webp) - -The single sub-group is: - -- ALL WINDOWS WORKSTATIONS diff --git a/docs/accessanalyzer/12.0/administration/settings/notification.md b/docs/accessanalyzer/12.0/administration/settings/notification.md deleted file mode 100644 index b70a7f7962..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/notification.md +++ /dev/null @@ -1,115 +0,0 @@ -# Notification - -The Notification node is where email notifications are configured. Emails can be sent from the -Access Analyzer Console for a variety of purposes: reports on collected data, change detection -alerts, conformance analysis notification, and more. - -![Global Settings Notification page](/img/product_docs/accessanalyzer/admin/settings/notification.webp) - -To enable notifications from the Access Analyzer Console, a mail server must be configured for -Access Analyzer to employ for sending emails. - -Access Analyzer supports authentication and encryption when sending email notifications. -Notifications can be configured based on the requirements of an organizations mail environment. - -Enable Access Analyzer notifications by configuring the Mail Server and Sender Information. It is -recommended to send a test email to yourself after initial configuration to ensure proper settings. -See the [Test Notification Settings](#test-notification-settings) topic for additional information. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Notification view. These -buttons become enabled when modifications are made to the Notification global setting. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -## Configure SMTP Server Information - -The Mail Server section at the top of the page is where an organization’s SMTP Server information is -provided. - -![Mail Server settings on Notification page](/img/product_docs/accessanalyzer/admin/settings/server.webp) - -Provide the following information to enable notifications from Access Analyzer. - -**NOTE:** Check with your Messaging Team if you are unsure of this information. - -- Mail Server – Enter the organization’s SMTP Server name -- Encryption – Allows Access Analyzer users to enable notification encryption according to the - supported protocol on the configured SMTP Server. The default setting is **No Encryption**. Select - an encryption method: - - No Encryption - - Encryption - - Encryption, Ignore Certificate Error -- Port – Enter the SMTP Server port number. The default port setting changes based on the selected - Encryption Option: - - For the **No Encryption** option, the default port is 25, since this is common for most SMTP - Servers - - For the **Encryption** and **Encryption, Ignore Certificate Error** options, the default port - is 587 - -### Notification Authentication Credentials - -If the SMTP Server requires authentication, select the **My Mail Server requires authentication** -checkbox and provide the necessary credentials in the User name and Password boxes. - -#### Update Notification Authentication Credentials - -**Step 1 –** In the My Mail server requires authentication section, enter a new **Password** for the -account. - -**Step 2 –** Click **Save**. - -The credentials for Mail Server authentication account have been updated and committed to the -Console. - -## Sender Information - -The Sender Information section is where the sender information is provided. - -![Sender Information section on Notification page](/img/product_docs/accessanalyzer/admin/settings/senderinformation.webp) - -Configure the sender information for all Access Analyzer notifications. Since this is a global -settings, any recipients configured at this level receive all notifications sent from Access -Analyzer, and are sent to this recipient list unless inheritance is broken at the job group or job -level. - -- Sender Name – Name displayed in the sent from field of the email -- Sender Address – Sender’s email address. This does not have to be a real email address, unless - required by the organization. It can be something as simple as `accessanalyzer@yourdomain.com`. - -## Email Content - -The Email Content section is where the recipient information is provided. - -![Email Content section on Notification page](/img/product_docs/accessanalyzer/admin/settings/emailcontent.webp) - -- To / CC / BCC – Enter the email addresses for the recipients of the email notifications. Use a - semicolon (;) to separate multiple recipients. - - Recipients listed at this global level receive all email notifications sent by Access Analyzer - unless inheritance is broken at the job group or job levels - -## Test Notification Settings - -Once the global **Notification** settings have been configured, it is recommended to send a test -email to ensure proper configuration. This verifies all settings are correct and email is received -as expected. - -![Test Email Settings button](/img/product_docs/accessanalyzer/admin/settings/test.webp) - -The Test Email Settings button sends a test email to the recipient list. It is recommended that you -test by sending an email to yourself. Once all Notification settings are configured, click the -**Test Email Settings** button. - -![Test email sent successfully message](/img/product_docs/accessanalyzer/admin/settings/testsuccess.webp) - -A message displays stating that the test e-mail was sent successfully. - -![Test email error message example](/img/product_docs/accessanalyzer/admin/settings/testerror.webp) - -**NOTE:** If there are any problems with the information, an error message will appear during the -Test Email settings process. Correct the Notification settings until the test email is sent -successfully. - -![Netwrix Enterprise Auditor test e-mail](/img/product_docs/accessanalyzer/admin/settings/testemail.webp) - -This email is sent to all recipients when the **Test Email settings** link is clicked. When the -Notification settings are configured, click **Save** and then **Ok** to complete the configuration. diff --git a/docs/accessanalyzer/12.0/administration/settings/overview.md b/docs/accessanalyzer/12.0/administration/settings/overview.md deleted file mode 100644 index 5877fd7f74..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/overview.md +++ /dev/null @@ -1,80 +0,0 @@ -# Global Settings - -The global settings have an overall impact on the running ofAccess Analyzer jobs. Settings are -inherited through a parent-child structure from the Settings node through the Jobs tree to the -individual jobs unless inheritance is broken by direct assignment at either the job group or the -individual job level. - -![Configuration Settings](/img/product_docs/dataclassification/ndc/admin/taxonomies/globalsettings.webp) - -Some of these settings are configured during the initial launching of theAccess Analyzer Console. -Others are configured as desired by the end-user. Expand the Settings node in the Navigation pane to -select a global setting to configure: - -- [Access](/docs/accessanalyzer/12.0/administration/settings/access/overview.md) - - Configure what applications users, and groups have access to Access Analyzer - - Configure Role Based Access control of Access Analyzer and the Web Console - - Configure REST API -- [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) - - Configure the Access Analyzer application logging level - - Configure profile security - - Configure options to connecting to host targets - - Configure grid view parameters for data tables and views - - Configure database cleanup options - - Configure the Access Analyzer application’s exit options -- [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) - - Optional configuration during the initial launch, but required for host inventory query - execution and job execution - - Provide credential sets with adequate permissions to remotely contact and gather information - from target hosts - - Creating a Connection Profile requires credentials with appropriate levels of permissions - according to the data collector being used -- [Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) - - Required for auditing an organization’s Exchange environment - - Only enabled for configuration once the Access Analyzer for Exchange Solution prerequisites - are installed - - Configure Microsoft Exchange server connections and requires Exchange server versions and - names - - The ExchangeMailbox, Exchange2K, ExchangePS, and ExchangePublicFolder Data Collectors utilize - these global settings -- [History](/docs/accessanalyzer/12.0/administration/settings/history.md) - - Configure job data retention period settings - - Configure diagnostics retention period settings -- [Host Discovery](/docs/accessanalyzer/12.0/administration/settings/host-discovery.md) - - Configure host discovery settings - - Configure discovery log settings -- [Host Inventory](/docs/accessanalyzer/12.0/administration/settings/host-inventory.md) - - Configure inventory items, performance tuning, and desired host list views -- [Notification](/docs/accessanalyzer/12.0/administration/settings/notification.md) - - Required for the Access Analyzer application to send email - - Provide SMTP server information and sender information - - Configuration requires an organization’s SMTP server name and authentication credentials (if - applicable) - - Encryption Options can be configured -- [Reporting](/docs/accessanalyzer/12.0/administration/settings/reporting.md) - - Required for report publishing - - Configure settings for publishing reports outside of the Access Analyzer Console (e.g. - distribution via email, posting to an internal share, or posting to the Report Index) - - Use information to configure accessing published reports via the Web Console -- [Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) - - Optional configuration during the initial launch if Windows authentication is used with the - Storage Profile - - Required in order to schedule host inventory, job, analysis task, and action task execution - - Provide credentials used against the Access Analyzer Console server to execute scheduled jobs - with the Windows Task Scheduler - - Creating a Schedule Service Account requires credentials on the Access Analyzer Console server - - Multiple Schedule Service Accounts can be configured -- [Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) - - Flag locations which are known to contain false positive criteria matches to be filtered out - of Sensitive Data Discovery reports -- [ServiceNow](/docs/accessanalyzer/12.0/administration/settings/service-now.md) - - Required for integration between Access Analyzer and ServiceNow® - - Configure the ServiceNow Action Module authentication credentials - - Configuration requires an organization’s ServiceNow instance name and authentication - credentials -- [Storage](/docs/accessanalyzer/12.0/administration/settings/storage/overview.md) - - Required configuration during the initial launch - - Create profiles for storing output data from queries - - Creating a Storage Profiles requires Microsoft® SQL® Server information - -See the [Getting Started](/docs/accessanalyzer/12.0/getting-started/index.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/reporting.md b/docs/accessanalyzer/12.0/administration/settings/reporting.md deleted file mode 100644 index e88ebcc9a1..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/reporting.md +++ /dev/null @@ -1,115 +0,0 @@ -# Reporting - -The Reporting node is for configuring the global settings for publishing Access Analyzer reports. -The Web Console is where any reports which have been published can be viewed outside of the Access -Analyzer Console. The Web Console provides a consolidated logon housing both the published reports -and the AIC (when applicable). - -![Global Settings Reporting page](/img/product_docs/accessanalyzer/admin/settings/reporting.webp) - -The publishing of reports can be disabled at the global level by selecting **Do not publish -reports** from the Publish Option drop-down menu. It can also be disabled at the job group, job, or -report configuration level. See the [Jobs Tree](/docs/accessanalyzer/12.0/administration/job-management/overview.md) topic for additional -information. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Reporting view. These -buttons become enabled when modifications are made to the Reporting global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -## Website URL - -The Website URL field contains address for the hosted website, the Web Console, where the published -reports reside. - -![Website URL on Global Settings Reporting page](/img/product_docs/accessanalyzer/admin/settings/websiteurl.webp) - -The default address is: - -http://[Fully Qualified Domain Name of the Access Analyzer Console server]:8082 - -This link is used to access the Web Console, and it is used for the web link in an emailed report. -The protocol and port number may need to be modified to align with the organization’s environment, -but it must match the information in the website’s configuration file. If the Web Console has been -secured, this address must be manually updated: - -https://[Fully Qualified Domain Name of the StealthAUDIT Console server]:[Port Number] - -**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See -the -[Configure JavaScript Settings for the Web Console](#configure-javascript-settings-for-the-web-console) -topic for additional information. - -## Publish Option - -The Publish Option allows you to enable or disable the publishing of reports at the global level. - -![Publish Option on Global Settings Reporting page](/img/product_docs/accessanalyzer/admin/settings/publish.webp) - -Select the **Publish reports** option to publish all Access Analyzer reports or select **Do not -publish reports** to disable the publishing. The inheritance of this setting can be broken at the -job group, job, or report levels. - -### Email Report Options - -Configure email reports sent out by Access Analyzer using the Email Report options. - -![Email options on Global Settings Reporting page](/img/product_docs/accessanalyzer/admin/settings/email.webp) - -The **E-mail reports** checkbox enables recipients to receive all published reports, unless -inheritance is broken at the job group, job, or report level. Separate multiple recipients with a -semicolon. If commas are used as delimiters for email addresses, they will be converted into -semicolons when the settings are saved. - -**_RECOMMENDED:_** Configure email reporting at a specific level to ensure recipients only receive -reports which apply to them. - -**NOTE:** Email reports does not work unless Access Analyzer has been configured to send email -notifications through the **Notification** node. See the [Notification](/docs/accessanalyzer/12.0/administration/settings/notification.md) topic for -additional information. - -The **Do Not Email Report If Blank** checkbox prevents reports from being sent via email if all -elements are blank when generated. A blank report can occur if there is an error in data collection -or if the report is configured for data which might not always be present (for example, new computer -objects created since last scan). - -**_RECOMMENDED:_** Enable the **Do Not Email Report If Blank** option. - -The report can be sent using the desired **Email Content** option: - -- Web Link – Sends an email notice that the report has been published and provides the recipient - with a link to it in the Web console -- Embedded HTML – Sends the report embedded inside the email using HTML format -- Data Tables as CSV (No Charts) – Attaches the complete data set (as configured within the report, - without row limit) to an email as a CSV file, excluding any charts -- PDF – Attaches the report to an email as a PDF file - -The **Subject(Prefix)** field identifies the prefix of the email subject line, unless inheritance is -broken at the job group, job, or report level. The prefix appears in the email header preceding the -report name. If left blank, Access Analyzer applies a prefix of `Access Analyzer Report` to the -email subject line. - -## Configure JavaScript Settings for the Web Console - -Any browser used to access the Web Console must have JavaScript allowed for all features of the Web -Console to function correctly. If the JavaScript permission is not set as allowed for the entire -browser, you must add the Web Console as an allowed site. - -Follow the steps to allow JavaScript on the Web Console in Microsoft Edge. - -**Step 1 –** Open Microsoft Edge Settings. - -![javascriptsitepermissions](/img/product_docs/accessanalyzer/admin/settings/javascriptsitepermissions.webp) - -**Step 2 –** Go to the **Cookies and site permissions** settings page, and click **JavaScript** -under All permissions. - -![javascriptsettings](/img/product_docs/accessanalyzer/admin/settings/javascriptsettings.webp) - -**Step 3 –** Click **Add** in the Allow section. On the Add a site window, enter the URL for the Web -Console and click **Add**. - -**NOTE:** If the global Allowed option is selected, you do not need to specifically add the Web -Console as an allowed site. - -The Web Console's URL is added to the Allow list and JavaScript is enabled for the Web Console. diff --git a/docs/accessanalyzer/12.0/administration/settings/schedule.md b/docs/accessanalyzer/12.0/administration/settings/schedule.md deleted file mode 100644 index 1963d7c509..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/schedule.md +++ /dev/null @@ -1,219 +0,0 @@ -# Schedule - -The Schedule node contains objects referred to as Schedule Service Accounts. A Schedule Service -Account is used to run scheduled tasks on the Access Analyzer Console server. - -![Schedule node](/img/product_docs/threatprevention/threatprevention/admin/configuration/databasemaintenance/schedule.webp) - -Jobs can be executed manually as desired or scheduled to execute at designated times. For example, -you could schedule a job to run during hours when the office is closed and network traffic is low. -Windows uses the Schedule Service Account to access the task folders when launching scheduled tasks. -Schedule Service Accounts are configured at the global level, and this account can be used to -schedule jobs in the Schedule Wizard. See the [Schedules](/docs/accessanalyzer/12.0/administration/job-management/schedule/overview.md) topic for -additional information. - -**CAUTION:** On Windows 2016 servers, the Schedule Service Account cannot be signed into an active -session when the time comes for a scheduled task to start. Windows blocks the starting or running of -scheduled tasks using an account that is logged into the server. - -Password Storage Options - -The password for the credential provided can be stored in the Access Analyzer application or the -Access Analyzer Vault. - -Choosing between the Access Analyzer application and Access Analyzer Vault is a global setting -configured in the **Settings** > **Application** node. See the -[Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for additional information. - -Permissions - -Regardless of the account type, any account used to schedule tasks must have credentials with at -least the following to meet Least Privileged specifications: - -- Create Files/Write Data rights on the following Task folders: - - - Windows Task folder - - System 32 Task folder - - Member of **Log on as a Batch Job** local policy - - Otherwise, credentials must have local Administrator privileges on the Access Analyzer Console - server. - -- The following NTFS permissions for **Subfolders and Files Only** in the Access Analyzer Directory: - - - Create Files/Write Data - - Create Folders/Append Data - - Write Attributes - - Write Extended Attributes - -- To configure Least Privilege Model Schedule Service Accounts when Role Based Access is enabled, - see the [Role Based Access](/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md) topic for additional information -- If using Windows authentication for the Storage Profile, the Schedule Service Account must have a - sufficient level of rights to connect to and interact with the Access Analyzer database. See the - [Storage](/docs/accessanalyzer/12.0/administration/settings/storage/overview.md) topic for additional information. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Schedule view. These -buttons become enabled when modifications are made to the Schedule global settings. Whenever changes -are made at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, -click **Cancel** if no changes were intended. - -The Access Analyzer vault provides enhanced security through enhanced encryption to various -credentials stored by the Access Analyzer application. See the [Vault](/docs/accessanalyzer/12.0/administration/settings/application/vault.md) topic -for additional information. - -## Schedule Service Account Types - -There are two types of accounts that can be used to configure the Schedule Service Account. - -![serviceaccounttypes](/img/product_docs/accessanalyzer/admin/settings/serviceaccounttypes.webp) - -Use one of the following options for the Schedule Service Account: - -- Use the local system account to schedule tasks – This option applies the credentials logged into - the Access Analyzer Console server - - - Credentials must have privileges sufficient for scheduling tasks on the Access Analyzer - Console server. If not, scheduled tasks fail to start. - - This option cannot be edited or deleted - -- User-supplied credentials – Provide credentials for a specific account with sufficient rights to - schedule tasks on the Access Analyzer Console server - - - The account can be either a domain account or a local Windows account - - A local Windows account is a specific account and not the default local system account - -_Remember,_ the Schedule Service Account cannot be signed into an active session on the Access -Analyzer Console server when the time comes for a scheduled task to start when it has a Windows 2016 -operating system. - -## Create a Schedule Service Account - -Follow the steps to create a Schedule Service Account. - -_Remember,_ the Schedule Service Account cannot be signed into an active session on the Access -Analyzer Console server when the time comes for a scheduled task to start when it has a Windows 2016 -operating system. - -![Add User credential option in the Schedule view](/img/product_docs/accessanalyzer/admin/settings/addusercredential.webp) - -**Step 1 –** Click **Add User credential** at the top of the Schedule view. The User Credentials -window opens. - -![User Credentials window](/img/product_docs/accessanalyzer/admin/settings/usercredentialswindow.webp) - -**Step 2 –** The window options change according to the value for the **Selected Account Type** -field. Select the appropriate account type and then provide the required information. The account -types are: - -- Active Directory Account – Use this option to specify a domain account - - - Domain – Auto-filled with the domain where the Access Analyzer Console server resides, change - by typing the domain name in the textbox or select a domain from the menu - - User name – Provide a domain account user name - - Password Storage – Choose the option for credential password storage: - - - Application – Uses Access Analyzer’s configured Profile Security setting as selected at - the **Settings** > **Application** node - - Managed Service Account – Use previously configured MSA and gMSAs for authentication. The - password fields are not applicable when this option is selected. See the - [Group Managed Service Accounts (gMSA) Configuration](/docs/accessanalyzer/12.0/administration/settings/connection/gmsa.md) topic for - additional information. - - - Password – Type the password - - Confirm – Re-type the password - -- Local Account – Use this option to specify a local account for the Access Analyzer Console server - - - User name – Provide the local account user name - - Password Storage – Choose the option for credential password storage: - - - Application – Uses Access Analyzer’s configured Profile Security setting as selected at - the **Settings** > **Application** node - - - Password – Type the password - - Confirm – Re-type the password - -**Step 3 –** Click **OK** and the credentials are verified. If there are no problems with the -provided credentials, the User Credentials window closes. Otherwise, one of the following error -messages might appear: - -- Passwords Do Not Match Error - - ![Passwords Do Not Match Error](/img/product_docs/accessanalyzer/admin/settings/passwordsdontmatch.webp) - - - This error indicates the two password entries do not match. Click **OK** and reenter the - passwords. - -- Bad User Name or Password Error - - ![Bad User Name or Password Error](/img/product_docs/accessanalyzer/admin/settings/incorrectlogondetails.webp) - - - This error indicates either the user account does not exist or the username and password do - not match. Click **OK** and reenter the information. - -- Insufficient Rights Error - - ![Insufficient Rights Error](/img/product_docs/accessanalyzer/admin/settings/insufficientrights.webp) - - - This error indicates the account supplied does not have sufficient rights to create and run - scheduled tasks. Click **OK** and provide credentials with sufficient rights. - -- GPO Network Security Error - - ![GPO Network Security Error](/img/product_docs/accessanalyzer/admin/settings/gponetworksecurity.webp) - - - This error indicates that the GPO Network Security settings are configured to not allow - storage of passwords and credentials for network authentication. Click OK. Disable the - domain’s GPO Network Security settings or exempt the Access Analyzer Server from GPO. - - This error will also appear when trying to schedule a task using the domain’s Schedule Service - Account where GPO Network Security is set to not allow storage of passwords and credentials - for network authentication - -**Step 4 –** The credential information appears in the User Credentials table. Click **Save** and -then **OK** to confirm the changes. To ensure these credentials take effect, exit and restart the -Access Analyzer application before scheduling any tasks. - -Access Analyzer can now schedule tasks with this Scheduled Service Account. - -## Edit a Schedule Service Account - -Follow the steps to edit a Schedule Service Account credentials. - -_Remember,_ the Schedule Service Account cannot be signed into an active session on the Access -Analyzer Console server when the time comes for a scheduled task to start when it has a Windows 2016 -operating system. - -![Edit option in the Schedule view](/img/product_docs/accessanalyzer/admin/settings/edit.webp) - -**Step 1 –** Select a credential from the User Credentials list and click on **Edit**. The User -Credentials window opens. - -**Step 2 –** Modify the credential information as needed. See Step 2 of the -[Create a Schedule Service Account](#create-a-schedule-service-account) topic for additional -information. - -**Step 3 –** Click **OK** and the credentials will be verified. If there are no problems with the -provided credentials, the User Credentials window closes. - -Access Analyzer can now schedule tasks with this Scheduled Service Account. - -## Delete a Schedule Service Account - -Follow the steps to delete a Schedule Service Account. - -![Delete option in the Schedule view](/img/product_docs/platgovnetsuite/integrations/delete.webp) - -**Step 1 –** Select the credential from the User Credentials list and click **Delete**. The Delete -Credentials confirmation window appears. - -![Delete Credentials confirmation window](/img/product_docs/accessanalyzer/admin/settings/deletecredentials.webp) - -**Step 2 –** Click **OK** to confirm the deletion or **Cancel** to exit the deletion process. - -**Step 3 –** The User Credentials list now reflects the absence of the deleted Schedule Service -Account. Click **Save** and then **OK** to confirm the changes. To ensure these changes take effect, -exit and restart the Access Analyzer application. - -If all Schedule Service Accounts are removed and only the local System account remains, Access -Analyzer cannot create or run scheduled tasks unless the local system account has adequate -permissions. diff --git a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/criteria.md b/docs/accessanalyzer/12.0/administration/settings/sensitive-data/criteria.md deleted file mode 100644 index 906522f7c1..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/criteria.md +++ /dev/null @@ -1,43 +0,0 @@ -# Criteria Tab - -Configure the list of selected sensitive data criteria that will be used within sensitive data scan -jobs using the Criteria Tab. - -![Sensitive Data Criteria tab](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/criteriatab.webp) - -The options on the Criteria Tab are: - -- Add – Opens the Select Criteria window to add search criteria that will be inherited by Sensitive - Data scan jobs. See the [Select Criteria Window](#select-criteria-window) topic for additional - information. -- Remove – Removes the selected criteria from being inherited by Sensitive Data scan jobs -- Launch Editor – Opens the Sensitive Data Criteria Editor. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) topic - for additional information. -- Search selected criteria – Filter the criteria listed in the Criteria tab - -The **Cancel** and **Save** buttons are in the lower-right corner of the Sensitive Data view. These -buttons become enabled when modifications are made to the Sensitive Data global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -## Select Criteria Window - -Follow the steps to add Search Criteria for Sensitive Data scan jobs. - -![Add criteria](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/addcriteria.webp) - -**Step 1 –** Click **Add** to open the Select Criteria window. - -![Select Criteria window](/img/product_docs/accessanalyzer/install/application/upgrade/selectcriteria.webp) - -**Step 2 –** Select the checkbox to select the criteria. Use the **Search Criteria** text field to -filter the list using keywords or expand each category to view and select individual Sensitive Data -search criteria. - -**Step 3 –** Click **OK** to confirm changes. The Select Criteria window closes. - -**Step 4 –** Click **Save** on the Sensitive Data view to save changes. - -The selected Search Criteria are now inherited by Sensitive Data scan jobs that are set to use -global sensitive data criteria settings. diff --git a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/add.md b/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/add.md deleted file mode 100644 index 938c5d589c..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/add.md +++ /dev/null @@ -1,24 +0,0 @@ -# Adding False Positive Exclusion Filters - -Follow the steps to add a False Positive Exclusion Filter. - -![Add Filter on False Positives tab](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/addfilter.webp) - -**Step 1 –** Click **Add Filter** to open the Add False Positive Exclusion Filter window. - -![Add False Positive Exclusion Filter window](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp) - -**Step 2 –** Enter the **File Path** according to the type of format for the repository. - -**Step 3 –** Indicate the type of repository by selecting either **File System** or **SharePoint** -from the **Source** drop-down menu. - -**Step 4 –** Select the required criteria from the list by selecting the relevant checkboxes. You -can use the **Search Criteria** textbox to filter the list by keywords. - -**Step 5 –** Click **OK** to add the filter to the False Criteria list. The Add False Positive -Exclusion Filter window closes. - -**Step 6 –** Click **Save** on the Sensitive Data view to save changes. - -The false positive exclusion filter is now applied to Sensitive Data reports. diff --git a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/delete.md b/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/delete.md deleted file mode 100644 index be58cf5cf0..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/delete.md +++ /dev/null @@ -1,11 +0,0 @@ -# Deleting False Positive Exclusion Filters - -Follow the steps to delete a False Positive Exclusion Filter. - -![Delete Filter on False Positives tab](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/deletefilter.webp) - -**Step 1 –** Select a filter from the list and click **Delete Filter**. - -**Step 2 –** Click **Save** on the Sensitive Data view to save changes. - -The false positive exclusion filter has been successfully deleted. diff --git a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/edit.md b/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/edit.md deleted file mode 100644 index 43234d3115..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/edit.md +++ /dev/null @@ -1,18 +0,0 @@ -# Editing False Positive Exclusion Filters - -Follow the steps to edit a False Positive Exclusion Filter. - -![Edit Filter on False Positives tab](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/editfilter.webp) - -**Step 1 –** Click **Edit Filter** to open the Edit False Positive Exclusion Filter window. - -![Edit False Positive Exclusion Filter window](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp) - -**Step 2 –** Make modifications to the File Path, Source type, and Search Criteria. - -**Step 3 –** Click **OK** to confirm changes. The Edit False Positive Exclusion Filter window -closes. - -**Step 4 –** Click **Save** on the Sensitive Data view to save changes. - -The false positive exclusion filter has been successfully edited. diff --git a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/export.md b/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/export.md deleted file mode 100644 index 4e30ff2415..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/export.md +++ /dev/null @@ -1,15 +0,0 @@ -# Exporting False Positive Exclusion Filters - -Follow the steps to export selected False Positive Exclusion Filters into a TXT file. - -![Export on False Positives tab](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfilter.webp) - -**Step 1 –** Select the false positive exclusion filters to export and click **Export**. The File -Explorer opens. - -![Select False Positive Exclusion filter file to export File Explorer window](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp) - -**Step 2 –** Enter a File name for the TXT file that the exported false positive exclusion filters -will be contained in. Click **Save**. - -The False Positive Exclusion Filters are now exported. diff --git a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/import.md b/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/import.md deleted file mode 100644 index 62737be71c..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/import.md +++ /dev/null @@ -1,33 +0,0 @@ -# Importing False Positive Exclusion Filters - -Create an import (TXT) file containing a list of file paths for the files to be excluded from -Sensitive Data reports. The text file should have one file path per row. The import file needs to be -scoped to a single solution and a criteria set. - -Follow the steps to import a list of False Positive Exclusion Filter. - -![Import on False Positives tab](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/importfilter.webp) - -**Step 1 –** Click **Import** to open the Select False Positive Exclusion Filter file to import -window. - -![Select False Positive Exclusion Filter file to import window](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/importfileexplorer.webp) - -**Step 2 –** Navigate to the file that will be imported. Select the file and click **Open**. The -Configure Imported False Positive Exclusion Filters window opens. - -![Configure Imported False Positive Exclusion Filters window](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp) - -**Step 3 –** Select the repository type from the **Source** drop-down menu. - -**Step 4 –** Select the required criteria from the list. You can use the **Search Criteria** textbox -to filter the list by keywords. - -**Step 5 –** Click **OK** to confirm configurations. The Configure Imported False Positive Exclusion -Filters window closes. - -**Step 6 –** Click **Save** on the Sensitive Data view to save changes. - -The imported list of False Positive Exclusion Filters are now applied to Sensitive Data reports. If -all of the files in the import were not meant to have the same Source and Criteria set, see the -[Editing False Positive Exclusion Filters](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/edit.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/overview.md b/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/overview.md deleted file mode 100644 index 2ca991293e..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/overview.md +++ /dev/null @@ -1,39 +0,0 @@ -# False Positives Tab - -Configure False Positive exclusion filters using the options in the False Positives tab. False -Positives Filters listed here as False Positives results in the corresponding matches being removed -from Access Analyzer and Access Information Center reports. - -![False Positives tab](/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/falsepositivestab.webp) - -The options under the False Positives Tab are: - -- Add Filter – Opens the Add False Positive Exclusion Filter window to add False Positive Exclusion - Filters. See the [Adding False Positive Exclusion Filters](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/add.md) topic for additional - information. -- Edit Filter – Opens the Edit False Positive Exclusion Filter window to edit the selected filters - in the list. See the [Editing False Positive Exclusion Filters](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/edit.md) topic for additional - information. -- Delete Filter – Deletes the selected false positive exclusion filter. See the - [Deleting False Positive Exclusion Filters](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/delete.md) topic for additional information. -- Import – Imports a text file to populate the False Positives tab with False Positive Exclusion - Filters. See the [Importing False Positive Exclusion Filters](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/import.md) topic for additional - information. -- Export – Exports selected false positive exclusion filters in a text file. See the - [Exporting False Positive Exclusion Filters](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/export.md) topic for additional information. - -The False Positives view displays the following information for the False Positive Exclusion -Filters: - -- File Path – Path of the file to be excluded from Sensitive Data reports -- Solution – Solution source of the exclusion filter. The two solution sources are: - - - File System - - SharePoint - -- Criteria – Sensitive Data criteria where the exclusion filter is applied - -The **Cancel** and **Save** buttons are in the lower-right corner of the Sensitive Data view. These -buttons become enabled when modifications are made to the Sensitive Data global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. diff --git a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md b/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md deleted file mode 100644 index 349aa70e30..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md +++ /dev/null @@ -1,19 +0,0 @@ -# Sensitive Data - -The Sensitive Data node provides configuration options to manage sensitive data criteria and false -positive exclusion filters. These settings require Sensitive Data Discovery to be licensed. See the -[Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitive-data-discovery/overview.md) topic for additional -information. - -**NOTE:** Sensitive data exclusion filters can only be applied to the -[File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) and the -[SharePoint Solution](/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md). - -![Sensitive Data settings](/img/product_docs/accessanalyzer/install/application/upgrade/sensitivedata.webp) - -The tabs in the Sensitive Data node are: - -- Criteria – Configure Search Criteria to be used in Sensitive Data scan jobs. See the - [Criteria Tab](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/criteria.md) topic for additional information. -- False Positives – Configure False Positive exclusion filters. See the - [False Positives Tab](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/exclusions/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/administration/settings/service-now.md b/docs/accessanalyzer/12.0/administration/settings/service-now.md deleted file mode 100644 index 84ee0f1eb8..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/service-now.md +++ /dev/null @@ -1,31 +0,0 @@ -# ServiceNow - -The ServiceNow® node is for configuring the settings needed to integrate with ServiceNow. These -settings are exclusive to the Access Analyzer integration with ServiceNow and are used by the -ServiceNow Action Module. See the [ServiceNow Action Module](/docs/accessanalyzer/12.0/actions/service-now/overview.md) topic -for additional information. - -![ServiceNow node](/img/product_docs/accessanalyzer/admin/settings/servicenow.webp) - -Provide ServiceNow authentication information to your ServiceNow instance. - -- Instance – The ServiceNow instance, for example `example.service-now.com` -- User Name and Password – The **Settings** > **ServiceNow** node at the global level can be - configured with a credential provisioned to create incidents as Callers in the **Assigned to** - field, and any other ServiceNow incident field that references the **sys_user** table. - -The **Cancel** and **Save** buttons are in the lower-right corner of the ServiceNow view. These -buttons become enabled when modifications are made to the ServiceNow global settings. Whenever -changes are made at the global level, click **Save** and then **OK** to confirm the changes. -Otherwise, click **Cancel** if no changes were intended. - -## Update ServiceNow Authentication Credentials - -Follow the steps to update the ServiceNow authentication credentials. - -**Step 1 –** In the ServiceNow Authentication section, enter a new **Password** for the user -account. - -**Step 2 –** Click **Save**. - -The credentials have been updated for ServiceNow authentication. diff --git a/docs/accessanalyzer/12.0/administration/settings/storage/add.md b/docs/accessanalyzer/12.0/administration/settings/storage/add.md deleted file mode 100644 index 866b32a059..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/storage/add.md +++ /dev/null @@ -1,64 +0,0 @@ -# Add a Storage Profile - -Follow the steps to create a Storage Profile. - -![Add Storage profile option](/img/product_docs/accessanalyzer/admin/settings/storage/addprofile.webp) - -**Step 1 –** Click **Add Storage profile** at the top of the Storage view. - -![New Storage profile added](/img/product_docs/accessanalyzer/admin/settings/storage/addprofilename.webp) - -**Step 2 –** A new profile line appears in the Storage Profiles list with a generic name. Change the -Profile name to a unique and descriptive name. - -![Server Name field](/img/product_docs/accessanalyzer/admin/settings/storage/addprofileservername.webp) - -**Step 3 –** Type the SQL **Server name** in the textbox provided. This can be a NetBIOS name, a -fully qualified domain name, or an IP Address. If the SQL Server specified is configured to use a -named instance, provide the **Instance name** in the next textbox. - -![Command timeout field](/img/product_docs/accessanalyzer/admin/settings/storage/addprofiletimeout.webp) - -**Step 4 –** Specify the time in minutes that must expire before Access Analyzer halts any SQL -queries running for that amount of time. - -![Authentication options](/img/product_docs/accessanalyzer/admin/settings/storage/addprofileauthentication.webp) - -**Step 5 –** Select the radio button for the appropriate authentication mode. If using **SQL Server -authentication** , provide a **User name** and **Password** in the textboxes. - -**_RECOMMENDED:_** When possible, use Windows Authentication. Windows Authentication is more secure -than SQL Server Authentication. See the Microsoft -[Choose an authentication mode](https://learn.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode) article -for additional information. - -| ![Good connection test](/img/product_docs/accessanalyzer/admin/settings/storage/addprofilebadconnection.webp) | -| ------------------------------------------------------------------------------------------------------------- | ------------------- | -| Good Connection Test | Bad Connection Test | - -**Step 6 –** It is recommended to test the credentials provided at this point. The radio button for -**Use existing database** should be selected by default. Test the SQL Server connection by clicking -the drop-down arrow for an existing database. If the connection is established, a listing of -databases appears. If the connection cannot be established, an error warning displays. - -![Database options](/img/product_docs/accessanalyzer/admin/settings/storage/addprofiledatabase.webp) - -**Step 7 –** Set the database through one of the following options: - -- Use existing database – Click this radio button and select a database from this list provided in - the drop-down menu -- Create new database – Click this radio button and provide a unique, descriptive name in the - textbox - -![Connection report](/img/product_docs/accessanalyzer/install/application/connectionreport.webp) - -**Step 8 –** Click **Apply** and a Connection report window opens. The Connection report checks for -the appropriate permissions and lists any that are missing. If no permissions are present, an error -message appears in the Connection report window. When there is a `Successful connection test`, click -**Close**. - -**Step 9 –** If **Create new database** was selected, the new database now exists. If **Use existing -database** was selected, the Storage Profile is now linked to the database. Click **Save** and then -**OK** to complete the creation of the new Storage Profile. - -The new Storage Profile is available to be used by Access Analyzer. diff --git a/docs/accessanalyzer/12.0/administration/settings/storage/default.md b/docs/accessanalyzer/12.0/administration/settings/storage/default.md deleted file mode 100644 index 2cf871d8a3..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/storage/default.md +++ /dev/null @@ -1,50 +0,0 @@ -# Set a Default Storage Profile - -While multiple Storage Profiles can exist, only one profile can be set as the default. A green -checkmark next to the profile name indicates the default Storage Profile. Follow the steps to change -the default Storage Profile at the global level. - -![Set as Default option on Storage page](/img/product_docs/accessanalyzer/admin/settings/storage/default.webp) - -**Step 1 –** Select the profile to be the new default, and click **Set as default**. The Change -storage profile window opens. - -![Change storage profile window](/img/product_docs/accessanalyzer/install/application/changestorageprofile.webp) - -**Step 2 –** There are three options for host management data migration. Select the desired option, -choose whether or not to apply the secondary option, and click **OK**. - -- Merge your host management data with data in the destination table (Recommended) – This option - keeps existing hosts and host discovery tasks in the destination and updates the tasks based on - the information found in the source database - - - Use destination value on conflict – If selected, any conflicting information between the - destination table and the source database is resolved in favor of the destination table - -- Overwrite data in the destination table – This option replaces existing hosts and host discovery - tasks with ones found in the source database - - - Also overwrite shared host inventory data – If selected, host inventory data is also replaced - with data found in the source database - -- Don’t copy your host management data to destination table – This option does not copy, update, or - overwrite information between databases - - - Clear data in destination table – If selected, all host management data in the destination - table is deleted - -![Change storage profile window when transfer is complete](/img/product_docs/accessanalyzer/admin/settings/storage/changestorageprofilefinish.webp) - -**Step 3 –** When the host management data migration has completed, click **Finish**. - -![Storage page with new default storage profile](/img/product_docs/accessanalyzer/admin/settings/storage/defaultsave.webp) - -**Step 4 –** A blue arrow now points to the new default Storage Profile. However, the arrow is also -an indication that the new default is not fully recognized by Access Analyzer. Click **Save** and -then **OK** to confirm the changes. - -**Step 5 –** Finally, to ensure these changes take effect, exit the Access Analyzer application and -relaunch it. - -The blue arrow is replaced by the green checkmark, indicating the new default Storage Profile is -recognized. diff --git a/docs/accessanalyzer/12.0/administration/settings/storage/delete.md b/docs/accessanalyzer/12.0/administration/settings/storage/delete.md deleted file mode 100644 index 5aa873b4cf..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/storage/delete.md +++ /dev/null @@ -1,19 +0,0 @@ -# Delete a Storage Profile - -Follow the steps to delete a Storage Profile. - -**NOTE:** This procedure does not delete databases from the SQL Server. It only removes the selected -Storage Profile from this Access Analyzer Console. - -![Delete Storage Profile option](/img/product_docs/platgovnetsuite/integrations/delete.webp) - -**Step 1 –** Select the Storage Profile to be removed, and click **Delete**. - -![Confirm delete selected profile dialog](/img/product_docs/accessanalyzer/admin/settings/storage/deleteconfirm.webp) - -**Step 2 –** Confirm the operation by clicking **OK**. - -**Step 3 –** The profile disappears from the Storage Profiles list. Click **Save** and then **OK** -to confirm the changes. - -The Storage Profile has now been deleted. diff --git a/docs/accessanalyzer/12.0/administration/settings/storage/overview.md b/docs/accessanalyzer/12.0/administration/settings/storage/overview.md deleted file mode 100644 index 9f9e8f1686..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/storage/overview.md +++ /dev/null @@ -1,72 +0,0 @@ -# Storage - -The Storage node contains objects known as Storage Profiles. Storage Profiles house the information -Access Analyzer uses to connect to a SQL Server database within your environment. - -![Storage Node](/img/product_docs/accessanalyzer/admin/settings/storage/storage.webp) - -Each Storage Profile consists of the following parts: - -- Profile name – Unique, descriptive name which distinguishes the profile from others in cases where - multiple profiles exist -- Server name – Name of the SQL Server serving the database to be used for the Access Analyzer - database. The value format can be either a NetBIOS name, a fully qualified domain name, or an IP - Address. -- Instance name – Value of the named instance, if the SQL Server being connected to is configured to - use a named instance - - - To change the instance port number, provide the instance name in the format - `,`. For example, if using the default **MSSQLSERVER** instance and port - **12345**, the instance name should be entered as `MSSQLSERVER,12345`. - -- Command Timeout – Number of minutes before Access Analyzer halts any SQL queries running for that - amount of time. This prevents SQL queries from running excessively long. The default is 1440 - minutes. -- Authentication – Mode of authentication to the SQL Server. In general, it is recommended to - connect with an account configured with the DBO role (database owner rights) and provisioned to - use DBO Schema. - - **_RECOMMENDED:_** When possible, use Windows Authentication. Windows Authentication is more - secure than SQL Server Authentication. See the Microsoft - [Choose an authentication mode](https://learn.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode) article - for additional information. - - - Windows authentication – Leverages the account used to run the Access Analyzer Console - - **NOTE:** This option affects the credentials used for Schedule Service Accounts. See the - [Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) topic for additional information. - - - SQL Server authentication – Leverages the account provided in the **User name** and - **Password** textboxes - - Use existing password – Use the password configured for the Storage Profile account - - Specify a new password below – Enter a new password for the selected Storage Profile account - -- Database name – Name of the Access Analyzer database to use in this storage profile - - - Use existing database – Drop-down menu provides a list of databases on the named SQL Server, - provided the connection information supplied is correct. If the menu is empty, then a - connection to the SQL Server was not established. - - Create new database – Access Analyzer automatically creates a new database using the name - provided in the textbox. This value should be a unique, descriptive name. - -![Operations on the Storage view](/img/product_docs/accessanalyzer/admin/settings/storage/storageoperations.webp) - -At the Storage view, the following operations are available: - -- Add Storage profile – Create a new Storage Profile. See the [Add a Storage Profile](/docs/accessanalyzer/12.0/administration/settings/storage/add.md) topic - for additional information. -- Set as default – Change the default Storage Profile. See the - [Set a Default Storage Profile](/docs/accessanalyzer/12.0/administration/settings/storage/default.md) topic for additional information. -- Delete – Remove a Storage Profile. See the [Delete a Storage Profile](/docs/accessanalyzer/12.0/administration/settings/storage/delete.md) topic for - additional information. - -**NOTE:** A green checkmark in the Storage Profiles list indicates the default Storage Profile. - -The **Cancel** and **Save** buttons are in the lower-right corner of the Storage view. These buttons -become enabled when modifications are made to the Storage global setting. Whenever changes are made -at the global level, click **Save** and then **OK** to confirm the changes. Otherwise, click -**Cancel** if no changes were intended. - -The vault provides enhanced security through enhanced encryption to various credentials stored by -the Access Analyzer application. See the [Vault](/docs/accessanalyzer/12.0/administration/settings/application/vault.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/administration/settings/storage/update-auth.md b/docs/accessanalyzer/12.0/administration/settings/storage/update-auth.md deleted file mode 100644 index b694ff571b..0000000000 --- a/docs/accessanalyzer/12.0/administration/settings/storage/update-auth.md +++ /dev/null @@ -1,18 +0,0 @@ -# Update Authentication Credentials in a Storage Profile - -Follow the steps to update authentication credentials for a Storage Profile in the Access Analyzer -Console. - -**Step 1 –** Navigate to the **Settings** > **Storage** page. - -**Step 2 –** Locate and select a **Storage Profile** to update. - -![Specify a new password below option on Storage page](/img/product_docs/accessanalyzer/admin/settings/storage/updateauth.webp) - -**Step 3 –** In the Authentication section, click the **Specify a new password below** radio button. - -**Step 4 –** Enter a new **Password**. - -**Step 5 –** Click **Apply**. - -A new password has been added to a Storage profile. diff --git a/docs/accessanalyzer/12.0/all_md_files.txt b/docs/accessanalyzer/12.0/all_md_files.txt deleted file mode 100644 index 70db4be06b..0000000000 --- a/docs/accessanalyzer/12.0/all_md_files.txt +++ /dev/null @@ -1,1646 +0,0 @@ -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/comments.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/disableofficeelements.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/existinggpos.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/export.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/collection.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/computerside.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/userside.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/priority.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/settings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/versions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/findfixgpos.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/gpotouchutility.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/storage/central.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/storage/local.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/storage/sharebased.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/versioncontrol.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/centralstore.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/advanced.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/controlpanel.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/hkeylocalmachine.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/javabased.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/mozillabased.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/virtualized.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/applockguids.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/appdata.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/programfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/sysinternalsprocessmonitor.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/virtualstore.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationdata/setup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/additionalconfiguration.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/commonerrors.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/defaultdataroots.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/comboboxes.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/filefolderbrowsers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/fontbrowsers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/radiobuttons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/slidersspinboxes.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/textnumericboxes.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/knownvalues.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/usage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/deleteelements.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/grayswizard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/compilation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/errorlist.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/hierarchy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/properties.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/propertiesproject.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/vocabulary.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/quickstart/createappset.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/quickstart/creationstation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/quickstart/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/registrykeys.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/scrollablepanels.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/batchcompile.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/globalsearchreplace.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/options/compilation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/options/java.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/options/misc.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/options/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/options/uicapture.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/options/virtualstore.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/pakpreview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/pxmlmergewizard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/tools/showelementslist.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/capturewizard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualadd.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/elementmodifications.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/elementtransformations.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/hiddentext.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/nonstandard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/notmanaged.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/subdialogs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/userinterface/unexpectedresults.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/dllstorage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/extras/itemleveltargeting/appsetentry.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/extras/itemleveltargeting/appsetinternal.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/extras/managedby.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/extras/multipleappsetspriority.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/extras/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/extras/settingdescription.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/acllockdown.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/applock.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/deliversettingsvalues.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/enforcement.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/mouseshortcuts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/reversion.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/settingsdeliveryreinforcementoptions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/switched.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/onetime.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/certificates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/extratabs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/home.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/localfileaccess.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/proxysettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/discoveringids.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/enabledisable.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/enabledisableid.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/forceinstallation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/tipstricks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/wildcard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/allowremember.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/applicationhandlers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/bookmarks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/authority.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/darktheme.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/ntlmpassthru.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/permissions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preventupdates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/revertoptions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/securityenterpriseroots.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/specialfeatures.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/specialsections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/stopsenddatamessage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/uninstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/addons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/certificates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/customsettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/mode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/normalsections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/specialsections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/advanced.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/compatibilityview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/connections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/content.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/enterprisemode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/extras.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/favoriteslinks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/general.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/privacy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/programs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/security.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/bydefault.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/bypassinternal.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/internalpredefined.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/java/runapplication.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/java/securitypopup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/java/tasktray.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/java/useraccountcontrol.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/java/versioninsecure.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/java/versionoutofdate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/acllockdown.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/automaticreapplicationchanges.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/leverageexisting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/revertappset.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/specialnotes.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/testapplication.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/testclient.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/side.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/printers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/rolesresponsibilities.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/side.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/thinapp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/upgrade.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/variables.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/windowsremoteassistance.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/xenapp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/acrobatxpro.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/admxfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/applock.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/autoupdater.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/designstudiofirefox.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/designstudiojava.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/differentusers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/gotomeeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/ie10.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/ie9.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/infranview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/itemleveltartgeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/java.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/massdeploy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/modenuke.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/office2013.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/operanext.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/parcctesting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/preferencesexporter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/symantecworkspace.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/tattooing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/upgrading.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/vmware.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/vmwarefilesettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/vmwarehorizonmirage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/vmwaresupplements.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/xenapp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/basicconcepts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/advancedblockingmessage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/commandlinearguments.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/defined.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/edgelegacybrowser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/editpolicytemplate/browsermode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/editpolicytemplate/commandlinearguments.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/editpolicytemplate/securityzone.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/exportcollections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/forcebrowser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/install/chromemanual.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/install/removeagent.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/convertxmls.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/specialtypes.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/navigation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/osweb.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/block.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/custom.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/ports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/processorderprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/rules.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/shortcuticons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/suppresspopup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/add/administrator.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/adduser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/cheksum.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/concepts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/creditcard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/downloads.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/emailoptout.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/eventcollection/childgroups.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/eventcollection/report.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/eventcollection/splunk.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/fakedc.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/groups.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/install/mac/client.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/install/mac/sha.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/install/mac/signature.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/install/mac/signingid.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/install/uninstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/billing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/addcompanyadmin.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/changeemail.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/loginrestrictionseditor.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/notificationeditor.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/resendwelcomeletter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/rolemanagement.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/twofactoroptions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/configureentraidaccess.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/downloads.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/editcustomerlevelportalpolicies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/editnotificationconfiguration.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/exportcompanycertificatepfx.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/loginrestrictions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/revokecompanycertificate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/computergroups/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/computergroups/workingwith.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/licensestatus.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/reports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicytemplate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/delete.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/download.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/duplicate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/importpolicies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/itemleveltargetingcollections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/modify.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/showreport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/computeraccountdeletion.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/licensemanagement.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/otherpolicydeliverymechanisms.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/reconnectionperiod.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/serversessionvirtualization.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/vdi.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/logons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/policy/edit.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/policy/type.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/profileupdate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/quickstart.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/remoteworkdeliverymanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/publickeypoliciessettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/syncfrequency.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/targetingeditor.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/twofactorauthentication.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/unlink.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/updatefrequency.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/verify.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/version.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/globaldevicemanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/helpertool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/troubleshooting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/registry.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/serialnumber.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/usbdrive.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/paks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/addremove/collections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/addremove/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/addremove/policies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/addremove/test.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/advanced/createcollection.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/advanced/deletepolicies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/advanced/editcollection.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/advanced/editpolicy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/advanced/mixedrule.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/advanced/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/gettoknow.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/exportcollections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/processorderprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/windowsservers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/applymode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/collections/gpos.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/collections/policies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/collections/preconfigured.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/defaultbrowser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/helperutility.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/insouts/advantages.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/insouts/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/insouts/windows10.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/insouts/windows7.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/processorderprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/mapextensions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/oemdefaultassociations.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/productwizard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/registeredextensions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/downloadcontents.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/guide.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/guideinstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/prepareendpoint.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/rightclick.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/delivercertificates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/securitysettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/usercontext.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/insertuserinfo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/itemleveltargeting/cacheengine.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/itemleveltargeting/cachepreferences.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/pdqdeploy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/concepts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/grouppolicyresults.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/install.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/basis.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/compliancereports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/expire.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/minimum.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/multiyear.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/tool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/trueup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/types.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/userlimit.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/difference.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/history.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/results.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/snapshots.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/tests.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/clientlessauditing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/concepts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/install.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/resultsreports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/setup/auditorpath.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/setup/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/setup/selectauditedcomputers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/setup/specifyserver.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/setup/taskdelivery.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/switchmode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/trial.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/client.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/configurationwizard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/trialmode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/scenarios.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/shareacrossteam.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/testsrctorder.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/index.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/antivirus.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/citrixapplayering.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension/guids.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension/why.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/activedirectory.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/client.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientdomainnondomain.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientremote.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientsilent.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/removeendpoint.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/slowinternet.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/methods.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/node.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/powershell.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/ringsupgrade.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/sccm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/services.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/uninstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/commandline.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/config.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/frequency.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/frequency.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/finalthoughts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/applocker.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/appv.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/permissions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/reports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/createpolicies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/pdqdeploy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/credentialbased/policymatch.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/credentialbased/releaseresults.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/credentialbased/setuppolicy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/client.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/gui.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/together.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/mmc.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/resourcebased/closingbrokeredprocesses.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/resourcebased/policymatch.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/resourcebased/storedvideos.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/servicenow.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/vdisolutions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/applypreferences.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/entraidgroups.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/entraidsids.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/securitygroup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/virtualdesktops.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/windows11.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/windowsendpoint.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/windowsserver2019.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/evaluateurls.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/exportcollections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/manageria.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/processorderprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/firefox.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/firefoxinternetexplorer.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/internetexplorer/message1.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/internetexplorer/message2.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/internetexplorer/message3.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/internetexplorer/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/theory.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/usage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/virtualizedbrowsers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/wildcards.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/accountelevatedprocess.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/avoidpopups.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/secretkey.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/secretkeysecure.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/test.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/allow/nonadminuser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/allow/uipathassistant.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/childprocesses.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/dontelevate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/examplesavoid.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/fileinfo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/overviewmisc.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/commandline.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/executablecombo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/brandcustomize.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/custommenuitemtext.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/dlls.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/standard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/windowsuniversal.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/digitalsignature.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/editrights.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/activexitems.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/allfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/applicationextension.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/com_cslidclass.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/controlpanelapplets.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/dragdrop.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installfonts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/javajarfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/mmcsnapin.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/msiinstallerfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/mspfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/registry.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/scripts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/singlelinecommands.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/windowsdefender.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/auditingsettings/localadmins.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/auditingsettings/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/auditingsettings/standardusers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/auditingsettings/standardusersuntrusted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/client.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/operational.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/license.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/mac/logs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/macroattacks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/parentprocessfilter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/activexcontrol.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/optionsshowpopupmessage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/selfelevation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/powershell/block.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/powershell/maliciousattacks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preferences.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/processorderprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reduceadminrights.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/ondemand.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/selfelevation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/customizedtoken.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockadmins.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockapp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockpowershell.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/enhancedsecurerun.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securecopy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/adminapprovalwork.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/allowinlinecommands.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/avoiduac.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/blockedscripttypes.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/chromeextension.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/enablepowershell.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/inlinecommands.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/mykipasswordmanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/webex.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/subprocesses.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/synapticspointingdevicedriver.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/admx.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/uacprompts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/rulesgenerator/automatic.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/wildcards.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/windowseventforwarding.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/disabledcomputer.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domain.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainmultiple.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainou.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/enforced.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/ou.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/ousub.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/scope.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/server.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/users.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/wizard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/cloud/billing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/cloud/licensestatus.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/cloud/notifications.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/cloud/onpremise.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/cloud/reclaimed.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/cloud/usage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/components.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/filemultiple.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/adminrights.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/autopilot.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/domainmultiple.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/entraid.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/intune.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/jointype.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/name.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/setup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/tool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/tool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/universal.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/components.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentsexclude.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/options.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/reset.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/virtualization/count.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/virtualization/desktops.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/virtualization/multisession.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/virtualization/terminalservices.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/virtualization/tool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/applicationlaunch.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/installclient.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/conditions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/launchcontrol.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/packageinstallation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/systemsettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/microsoftintune.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/mobileiron.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/vmwareworkspaceone.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/stackmsi.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/tips/copypaste.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/tips/enableprioritymode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/tips/manual.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/tips/modify.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/tips/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/tips/processorder.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/tips/recycle.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/uemtools.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/administrativetemplates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/applicationssettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/browserrouter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/feature.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/fileassociations.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/javaenterpriserules.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/leastprivilegemanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/preferences.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/scripts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/securitysettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/startscreen.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/taskbar.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/componentlicense.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/deploymsis.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/drivemappings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/maintaincompliance.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/makemsis.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/passwords.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/printerdeploy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/settings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/setup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/startservice.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/importrdpfile.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/itemleveltargeting/exportcollections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/itemleveltargeting/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/itemleveltargeting/processorderprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/policiessettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/advanced/standard/multiplefiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/advanced/standard/recursion.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/collections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/computerside.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/gettingstarted/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/gettingstarted/policiesstandard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/gettingstarted/policiesweb.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/gettoknow.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/insouts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/installsequentially.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/installuwp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/printers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/processorderprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/savetime.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/updateclientsideextension.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/variables.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/gpocompilancereporter/sqlserver.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/applicationvirtualization.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/appvsequences.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/designstudioadditional.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/designstudiowindows7.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/firefox/esr.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/firefox/frontmotion.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/firefox/nonstandardlocation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/firefox/version.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/xenapp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/arm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/javaenterpriserules/version64bit.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/javaenterpriserules/versionjava.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/operatingsystem.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/scriptstriggers/vpnsolutions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/startscreentaskbar/mappeddrives.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/startscreentaskbar/windowserver.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/windows.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/windows11.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/windows7.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/windows7.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/advantages.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/bitlockerdeployment.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/cylance.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/edgefirstlogon.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/gettoknow/computerside.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/gettoknow/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/gettoknow/shortcuts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/gettoknow/usage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/insouts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/processorderprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/localaccountpassword.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/localscheduledtask.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/mappeddrives/eventlogtriggers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/mappeddrives/powershell.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/mappeddrives/vpn.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/onapplyscript.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/powershellscripts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/processesdetails.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/resetsecurechannel.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/screensavers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/scriptlocation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/shortcutpublicdesktop.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/silentbrowserinstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/teamsminimized.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/temperatureunit.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/updateregistry.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/vpnconnection.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/windows10modifyscript.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/windows7tls.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/wlandropbox.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/wlannetwork.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/exportwizard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/gettoknow.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/appx/addremovepackages.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/appx/helpertool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/appx/installpackage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/appx/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/appx/removepackage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/exportcollections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/processorderprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/winget.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/addlink.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/collectionssettingsilt.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/expectedbehavior.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/explorer.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/foldershortcut.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/gettoknow.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helperutility.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/insouts/advantages.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/insouts/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/insouts/windows10.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/modes.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/processorderprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/sccmsoftwarecenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/settings/startscreen/groupaction.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/settings/startscreen/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/settings/startscreen/placeholder.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/settings/taskbar.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/startscreen/desktopapplications.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/startscreen/edgetiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/startscreen/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/startscreen/uwpapplications.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/startscreen/windows10.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/taskbar.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/emailoptout.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventcategories.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/folderredirection.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/mmcdisplay.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/onpremisecloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/services.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/administrativetemplates/missingcollections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/administrativetemplates/settingsreport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/administrativetemplates/vulnerability/windowsprintspooler.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/antivirus.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/advancednotes.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applicationissue.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/extendedlogs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/feature.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/someapplications.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/creation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/localmissing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/other.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/storage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/unavailable.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/updates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/versions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/versionsupport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/files.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/gpos.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/basicsteps.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/checkmarks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/chrome/homebuttonurl.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/chrome/policies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/designstudio.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/downgrade.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/entrysettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/export/gpos.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/firefox/applicationshandlerfunction.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/firefox/bookmarkpopups.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/firefox/certificates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/fontsetting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/forcepoint.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/gpmc.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/gpooutofscope.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/internetexplorer/11enterprisemode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/internetexplorer/httpsites.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/internetexplorer/launchfail.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/internetexplorer/launchfailstig.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/issue.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/itemleveltargeting/reports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/itemleveltargeting/tuningbypassing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/itemsunavailable.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/java/issue.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/java/sitelistexceptions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/language.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/license/expires.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/license/gpo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/limitations.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/logs/client.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/logs/settings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/lyncclient.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/microsoftdefender.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/microsoftremoteassistance.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/mmc.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/modifydll.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/onegpo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/permissions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/reapplylaunch.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/reapplylaunchdisable.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/redirectedfolder.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/removeclientsideextension.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/replication.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/settings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/support/clientissues.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/support/enhancedclientlogging.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/supportpolicy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/symantecendpointprotection.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/underhood/deliveredreverted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/underhood/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/underhood/precedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/underhood/reporting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/updatedcommands.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/versionnumbers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/assignmentremovalfailed.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/bitversion.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/adobelinks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/betweenbrowsers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/citrixproblems.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/extensioninactive.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/forceinstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/launch.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/routing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/clientsideextension/chromeextension.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/clientsideextension/chromeextensionid.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/clientsideextension/chromerouting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/criticalwebsiteincompatibility.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/dnscall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/edge/fromtootherbroswers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/edge/stop.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/editpolicytemplate/keeporiginaltab.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/firefox.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/install/defaultbrowser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/install/iepromptdll.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/install/preventiequestions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/install/twologons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/install/windowsopenprompt.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/internetexplorer/fromtootherbrowsers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/internetexplorer/removed.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/internetexplorer/tabissue.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/office365.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/pattern.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/quick.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/versions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/wildcardrule.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/clientsideextension/registrydebug.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/clientsideextension/rollback.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/clientsideextension/syspreperror.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/clientsideextension/uninstallpassword.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/autoupdates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/entraid.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/expired.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/grouppolicyeditors.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/install/clientsideextension.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/install/incomplete.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/integration/ciscoanyconnect.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/log/mac.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/log/verbose.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/login.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/outage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/printers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/proxyserver.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/proxyservices.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/registrationlimit.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/registrationmode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/servicecommunication.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/syncfail.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/transition.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/twofactorauthenticationcode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/clientcommands.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/installation.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/xmldatastorage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/versions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/waitinglist.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/computersidersop.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/conflictresolved.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cpuslowdown.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/customdialog.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/admintemplates/namespacealreadydefined.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/admintemplates/policyduplicates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/applicationsettings/code0xc000428.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/applicationsettings/exception.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/browserrouter/automaticallydisabled.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/browserrouter/contactsupport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/browserrouter/dllcompatible.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/cloud/invalidcertificate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/cloud/securitytoken.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/cloud/sync.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/cloud/verifysecurity.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/feature/code0x800f0954.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/gpocompilancereporter/systeminvalidoperationexception.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/gpocompilancereporter/systeminvalidoperationexceptionmsdtc.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/gpsvcfailed.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/install/sufficientprivileges.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/leastprivilege/emailsettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/leastprivilege/establishtrust.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/leastprivilege/serverbusy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/startscreentaskbar/appcantrun.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/feature/events.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/feature/logs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/feature/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/cortana.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/defaultassociationsconfiguration.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/logs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/specificbrowser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/windowsphotoviewer.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/xmlfile.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/forepointdlp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/gpoexport/onpremisecloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/gpoexport/securitysettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/admxregistry.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/auditing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/clientendpoint.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/eventlogs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/logenhanced.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/processauditor.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/scheduledtasks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/server.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/serverside.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/tuning/admx.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/tuning/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/unsupporteditem.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/hangingprocess.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/install/clientsideextension.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/install/digitallysigneddriver.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/install/newversionissues.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/install/uninstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/intelgraphicdriver.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/itemleveltargeting/evaluations.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/deploymentruleset.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/eventviewer.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/javaprompts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/licensefile.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/logfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/processorder.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/version.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/versionlatest.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/latestupdates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/drivemaps.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/explorercrash.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/fileinfodeny/ssms.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/fileinfodeny/winscp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/kaseyaagentservice.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/ruleprecedence.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/ruleproductinfo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/securerun/correctsyntax.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/securerun/inlinecommands.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/securerun/onedrive.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/supportedenvironments.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/uninstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/wildcards.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/components.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/expires.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/graceperiod.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/logs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/mmcsnapinlogs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/toollogs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/universal.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/log/debug.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/log/grouppolicy/guid.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/log/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/log/itemleveltargeting/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/log/itemleveltargeting/preferences.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/log/leastprivilege/determinewhy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/log/leastprivilege/restorecontextmenu.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/log/manual.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/log/minidumpfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mac/cloudlog.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mac/eventcollectiion.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mac/logs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mac/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mac/reports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mdm/ensuringenrollment.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mdm/installhand.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mdm/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mdm/successevents.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/chrome.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/edge.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/limitations.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/outlook.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/powershell/datadirectives.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/powershell/pplogsprompt.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/clientmachines.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/domainjoined.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/logs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/logsenhanced.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/procmon.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/remotedesktopprotocol/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/remoteworkdelivery/dropboxlink.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/remoteworkdelivery/events.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/remoteworkdelivery/logs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/remoteworkdelivery/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/remoteworkdelivery/refreshtiming.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/remoteworkdelivery/securityconcerns.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/remoteworkdelivery/tips/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/remoteworkdelivery/tips/specialvariables.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/remoteworkdelivery/tips/wildcards.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/reportingadm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/restoredetails.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/savesettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/scriptstriggers/adminapproval.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/scriptstriggers/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/scriptstriggers/systemprocesses.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/settingsrevert.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/slowlogins.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/crash.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/customicons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/existingicons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/linked.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/logons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/logonworkaround.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/logsusercomputerside.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/office365.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/overview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/pinnedcollection.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/rollback.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/windows10.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/windows10disablenotification.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/windowsdefault.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/xmlfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/versions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/watcherservice.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/watcherservicememoryusage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/administrativetemplates/collections.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/administrativetemplates/deployinternet.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/administrativetemplates/reducegpos.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/administrativetemplates/screensavers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/administrativetemplates/switchedpolicies.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/acllockdown.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/acrobat.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/applicationlaunch.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/centralstorecreate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/centralstoreupdate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/centralstorework.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/certificatesevil.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/chrome/bookmarks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/chrome/clearbrowsing.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/chrome/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/chromebookmarks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/chromerevert.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/chromerevertfix.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/citrix/demo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/citrix/demo2.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/citrix/integration.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/citrix/rds.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/citrix/sealapproval.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/citrix/xenapp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/citrix/xendesktop.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/designstudio/addelements.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/designstudio/firefox_plugins.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/designstudio/firstpak.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/designstudio/foxitprinter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/designstudio/importregistry.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/designstudio/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/dllorphans.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/dllreconnect.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/addons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/adobe.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/bookmarks.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/bookmarksmodify.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/certificates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/defaultsearch.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/disable.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/extensions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/extratabs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/miscsettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/popups.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefox/removeelements.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefoxabout.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/firefoxplugins.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/flashplayer.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/grouppolicy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/ieproxyserver.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/integration/microsoftintune.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/integration/pdqdeploy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/integration/pdqdeployfirefox.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/integration/sccmsoftwarecenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/integration/specops.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/internetexplorer/certificates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/internetexplorer/connectionstab.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/internetexplorer/contenttab.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/internetexplorer/favorites.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/internetexplorer/generaltab.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/internetexplorer/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/internetexplorer/privacytab.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/internetexplorer/programstab.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/internetexplorer/securitytab.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/internetexplorer/settings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/invincea.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/irfanview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/itemleveltargetingbypass.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/java/disable.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/java/jre.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/java/lockdown.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/java/securityslider.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/managers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/manualupdate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/office.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/onpremise.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/oraclejava.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/pak.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/paksbig.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/passwordsecure.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/proxysettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/quickrundown.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/shares.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/skype.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/superpowers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/teams.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/thunderbird.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/touchutility.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/uptodate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/variables.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/vdi/dedicated.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/vdi/integration.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/vdi/localmode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/vdi/thinapp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/vdi/thinappworkspace.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/vdi/vmware.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/virtualization/appv.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/virtualization/spoonnovell.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/virtualization/symantec.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/virtualization/thinapp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/virtualization/uev.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/virtualization/xenapp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/blockwebsites.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/browsericon.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/chrome.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/chromenondomainjoined.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/citrix.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/custombrowsers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/defaultwindows10.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/edge.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/edgespecial.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/edgesupport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/firefox.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/ie.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/ieedgemode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/ieforce.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/iesitelists.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/ports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/rightbrowser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/browserrouter/userselecteddefault.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cameyo/applicationsettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cameyo/browserright.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cameyo/startscreen.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cameyo/uacprompts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/changemanagementutilities/advancedgrouppolicymanagement.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/changemanagementutilities/gpoadmintool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/changemanagementutilities/history.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/changemanagementutilities/netiq.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/changemanagementutilities/scriptlogicactiveadministrator.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/changemanagementutilities/sdmchangemanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/add/administrator.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/admxfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/admxsettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/armsupport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/deploy/endpointpolicymanagersettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/deploy/grouppolicysettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/groups.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/import.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/install/leastprivilegemanagerrule.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/integration/entraid.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/integration/fileinfoviewer.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/integration/onpremise.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/integration/onpremiseexport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/introduction.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/jointoken.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/preferences.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/quickstart.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/registrationmode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/reports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/restricted_groups_editor.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/security/emaillogs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/security/features.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/security/immutablelog.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/securitysettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/testlab/createdc.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/testlab/onpremise.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/testlab/renameendpoint.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/testlab/start.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/device/bitlockerdrives.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/device/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/device/dmapprovalautorules.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/device/dmhelpertool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/device/enduser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/device/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/device/serialnumber.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/device/usbdrive.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/device/usbdriveallowuser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/device/usbdriveallowvendor.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/feature/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/feature/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/feature/windows.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/feature/windowsservers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/acroreader.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/adobereader.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/applyonce.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/cloudusage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/firstlogin.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/helperapplication.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/helpertool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/mailto.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/pdqdeploy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/preconfiguredadvice.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/universalwindowsapps.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/windows10.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/windows10modify.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/windows10questions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/wizard.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fslogix/appmasking.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fslogix/broswerright.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fslogix/browserconfiguration.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fslogix/browserdefault.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fslogix/elevatingapplications.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fslogix/profiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fslogix/startmenu.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gettingstarted/admx.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gettingstarted/arm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gettingstarted/editor.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gettingstarted/freetraining.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gettingstarted/sidexporter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gettingstarted/solutionmethods.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/existinggpos.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/firewallports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/importgpos.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/importstig.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/install.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/modepull.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/modepush.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/modeserver.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/modestandalone.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/overviewmanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/overviewtechnical.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpocompilancereporter/securityenhanced.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpoexport/cloudimport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpoexport/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpoexport/mergetool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpoexport/realgposettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/gpoexport/sccm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/grouppolicy/explained.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/grouppolicy/flatlegacyview.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/grouppolicy/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/grouppolicy/install.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/grouppolicy/integration.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/grouppolicy/itemleveltargeting/editmanual.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/grouppolicy/mmcconsole.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/grouppolicy/renameendpoint.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/install/autoupdate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/integration/auditordemo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/integration/auditorsetup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/block.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/browserrouter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/integration/pdqdeploy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/oracledeploymentrulesets.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/sccm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/versionsmultiple.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/javaenterpriserules/xmlsurgery.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/acltraverse/deleteicons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/acltraverse/modifyhosts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/acltraverse/ntfspermissions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/acltraverse/registry.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/adminapproval/additionaldetails.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/adminapproval/demo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/adminapproval/email.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/adminapproval/enforce.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/adminapproval/setup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/applicationcontrol.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/applyondemand.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/autorulesfromadmin.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/autorulesgeneratortool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/appblock.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/elevateuwp.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/elevatinguserbasedinstalls.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/msi.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/opensavedialogs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/powershellblock.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/securerun/usersystemexecutables.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/securitychildprocesses.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/selfelevatemode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/serviceaccountrights.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/bestpractices/wildcards.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/branding.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/cloudevents.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/cloudrules.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/comsupport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/denymessages.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/denyselfelevate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/discovery.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/elevate/installfonts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/elevate/scripts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/events.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/globalauditevent.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/helperdesktopshortcut.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/installapplications.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/integration/license.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/integration/pdqdeploy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/integration/pdqdeployblockmalware.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/integration/privilegesecure.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/integration/privilegesecureclient.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/integration/selfelevatemode.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/localadminrights.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/longcodes.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/adminapproval.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/applicationlaunch.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/applicationpackage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/cloudinstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/collectdiagnostics.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/eventscollector.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/finder.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/macjointoken.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/mountunmounpart2.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/mountunmountpart1.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/policycandidates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/privilege.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/sudosupport.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/systemsettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mac/wildcards.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/microsoftrecommendations.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/ntprintdialog.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/preventedge.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/preventevents.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/preventusercommands.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/printeruacprompts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/removelocaladmin.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/securecopy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/securerun/feature.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/securerun/preventunsigned.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/securerun/stopransomware.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/securitycomborules.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/selfelevatemode/demo.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/selfelevatemode/justificationandauthentication.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/selfelevatemode/overrideselfelevate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/selfelevatemode/reauthenticate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/selfelevatemode/selfelevate.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/toolssetup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/uacprompts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/uacpromptsactivex.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/userfilter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/windowseventforwarding.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/windowsuniversalapplications.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/winget.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/wingui.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/license/cleanup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/license/installuniversal.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/license/legacy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/license/licenserequestkey.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/license/lttool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/license/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/license/unlicense.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/license/upgrades.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/admintemplates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/citrixendpointmanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/exporterutility.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/exportgpos.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/itemleveltargeting/entraid.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/itemleveltargeting/entraidgroupdetermine.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/itemleveltargeting/entraidgroupmembership.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/microsoftintune.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/mobileiron.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/realgrouppolicy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/testsample.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/mdm/workspaceone.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/methods/exporterutility.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/methods/sccmendpointpolicymanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/methods/sccmgrouppolicy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/applicationsports.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/auditingevents.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/basics.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/domainnames.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/globalsettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/preferences/cloudlocaluser.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/preferences/consolidateprinter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/preferences/consolidateregistry.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/preferences/delivergpprefs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/preferences/drivemaps.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/preferences/shortcuts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/vdiscenarios.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remoteworkdelivery/azureblobstorage.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remoteworkdelivery/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remoteworkdelivery/localfilecopy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remoteworkdelivery/masscopy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remoteworkdelivery/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remoteworkdelivery/patching.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remoteworkdelivery/smb.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remoteworkdelivery/updateclientsideextension.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remoteworkdelivery/webbasedshares.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/bitlocker.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/customdefaultfileassociations.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/events.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/gettingstarted/cloud.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/gettingstarted/onpremise.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/integration/anyconnect.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/integration/auditpol.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/integration/chocolaty.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/integration/pdqdeploy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/lockunlocksession.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/mapdrivetriggers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/printers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/printersetup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/scripttriggers.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/shutdownscripts.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/unwantedapps.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/vpnconnect.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/windows10prolockscreen.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/scriptstriggers/x509certificates.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/softwarepackage/appxmanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/softwarepackage/blockapps.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/softwarepackage/extrastool.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/softwarepackage/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/softwarepackage/removeapps.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/softwarepackage/winget/deployapplications.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/softwarepackage/winget/run.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/customicons.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/demotaskbar.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/helperutility.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/integration/citrix.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/integration/pdqdeploy.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/linksie.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/mdmitemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/nondomainjoined.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/onetime.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/windows10startmenu.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/admxfiles.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/applicationsettings/chrome.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/backup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/backupoptions.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/gpobackup.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/grouppolicy/remotedesktopconnection.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/itemleveltargeting.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/logs.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/mdm.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/powershell.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/processmonitor.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/startscreentaskbar/revertstartmenu.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/troubleshooting/unlicense.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/windowsvirtualdesktops/admintemplatemanager.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/windowsvirtualdesktops/applicationsettings.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/windowsvirtualdesktops/browserrouter.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/windowsvirtualdesktops/elevateapplication.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/windowsvirtualdesktops/elevateinstall.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/windowsvirtualdesktops/gettingstarted.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/windowsvirtualdesktops/leastprivilege.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/windowsvirtualdesktops/startscreen.md -/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/windowsvirtualdesktops/tour.md diff --git a/docs/accessanalyzer/12.0/analysis/auto-action.md b/docs/accessanalyzer/12.0/analysis/auto-action.md deleted file mode 100644 index 1255c37d4a..0000000000 --- a/docs/accessanalyzer/12.0/analysis/auto-action.md +++ /dev/null @@ -1,21 +0,0 @@ -# AutoAction Analysis Module - -The Auto Action analysis module executes a pre-configured action as part of the analysis task -execution. To add an action to an analysis via the Auto Action analysis module, the action must -already exist and it must reside within the current job. - -**NOTE:** The Actions node can also automatically execute actions. See the -[Action Modules](/docs/accessanalyzer/12.0/actions/overview.md) topic for additional information. - -## Select Action Window - -The Select Action window lists the actions that currently exist within the Job that can be selected -to automatically run upon job execution. - -![Select Action Window](/img/product_docs/accessanalyzer/admin/analysis/autoaction.webp) - -Select an action from the list. Click **OK** to exit the window, and then click **Save** to preserve -the changes made to the analysis module. The action now executes as part of the analysis task. If no -actions were selected, it is best practice to click **Cancel** to close the Select Action window to -ensure no accidental selections are saved. Actions only display if they exist within the Actions -node of the current Job. diff --git a/docs/accessanalyzer/12.0/analysis/business-rules/applies-to.md b/docs/accessanalyzer/12.0/analysis/business-rules/applies-to.md deleted file mode 100644 index 2388f3bcb3..0000000000 --- a/docs/accessanalyzer/12.0/analysis/business-rules/applies-to.md +++ /dev/null @@ -1,30 +0,0 @@ -# Applies To Tab - -Use the Applies To tab to specify the scope for application of the analysis rules. Rules are applied -to data collected from all hosts, from specific hosts, or from the specific host running the job -(local data). Data is filtered based on a specified time window. - -![Edit Rules window Applies To tab](/img/product_docs/accessanalyzer/admin/analysis/businessrules/appliesto.webp) - -The Applies To tab provides the following options: - -- Source and Time Window – Specify whether to exclude data from outside of the Access Analyzer - console and apply a filter to the time window of the data - - - All Source Data – Select this option to run the action using all data - - Source Data from this Console only – Select this option to run the action specifically using - data from only this Access Analyzer console - - Time Window for source table – Use the drop-down menu to specify a time window from the - following options: - - - Most recent data – Use only the most recently collected data - - Cumulative data for offline hosts – Use data collected from offline hosts - - Most recent data filtering duplicate and offline hosts – Use most recent data excluding - duplicate and offline hosts - - Do not filter data – Use unfiltered data - -- Hosts Filtering – Specify source hosts - - - Apply to All Hosts – Select this checkbox to use all hosts to query - - Host List – Select any desired hosts to query. If **Apply to All Hosts** is selected, the list - is unavailable. diff --git a/docs/accessanalyzer/12.0/analysis/business-rules/logic.md b/docs/accessanalyzer/12.0/analysis/business-rules/logic.md deleted file mode 100644 index 7e723eae64..0000000000 --- a/docs/accessanalyzer/12.0/analysis/business-rules/logic.md +++ /dev/null @@ -1,121 +0,0 @@ -# Logic Tab - -Use the Logic tab to specify conditions and actions for the Business Rule. - -![Edit Rules window Logic tab](/img/product_docs/accessanalyzer/admin/analysis/businessrules/logic.webp) - -The Logic tab contains the following sections and options: - -- Rule Details – Create a title for the rule and select a source table: - - - Rule Name – The field defaults with the name on the Analysis Properties page and is manually - editable - - Table – Select a table from the drop-down menu containing the baseline values to evaluate - - - To view data from a selected table, click the ellipsis (**…**) to open the Sample Data - Viewer window, or select a table within the viewer. See the - [Sample Data Viewer Window](#sample-data-viewer-window) topic for additional information. - -- Conditions – Apply conditions to the table - - - Click **Add Condition** to open the EditConditionsForm window and add a condition to the - Conditions list. See the [EditConditionsForm Window](#editconditionsform-window) topic for - additional information. - - Exceptions textbox – Lists added conditions. By default, it says `Add Exception to Scorecard` - but updates with any conditions selected. - - To check the SQL statement executed, click the green checkmark SQL symbol. This opens the SQL - Extract Preview window. See the - [SQL Extract Preview Window](#sql-extract-preview-window) topic for additional information. - -- Actions – Add exceptions to the scorecard action - - - Select **Edit Action** or double click **Add Exception To Scorecard** to open the Configure - Scorecard Action window. See the - [Configure Scorecard Action Window](#configure-scorecard-action-window) topic for additional - information. - -## Sample Data Viewer Window - -Use the Sample Data Viewer window to examine data in a selected table. - -![Sample Data Viewer Window](/img/product_docs/accessanalyzer/admin/analysis/businessrules/sampledataviewer.webp) - -The Sample Data Viewer window provides the following options: - -- Use the drop-down menu to select a table to view the table’s data. The field defaults with the - table selected in the Logic tab if previously selected. -- Show First [Number] rows – Adjusts the presentation of the number of rows of the selected table. - The default value is 50. It can be manually adjusted with values between 0 and all. - -## EditConditionsForm Window - -Use the EditConditionsForm to configure conditions to be applied to the table. - -![EditConditionsForm Window](/img/product_docs/accessanalyzer/admin/analysis/businessrules/editconditionsform.webp) - -The EditConditionsForm contains the following options: - -- Column – Use the drop-down menu to select a column from the table selected in the Logic tab -- Operator – Use the dropdown to select an operator: - - - `<` – Search for items in the selected column with values less than a selected value - - `>` – Search for items in the selected column with values greater than a selected value - - `=` – Search for items in the selected column of equal value to the selected value - - `!=` – Search for items in the selected column not equal to the selected value - - `like` – Search for items in the selected column of similar or value to the selected value - -- Value – Manually set a comparator value. The default is 0. - -## SQL Extract Preview Window - -The SQL Extract Preview window previews results of the conditions added to the table in the -Conditions section. - -![SQL Extract Preview Window](/img/product_docs/accessanalyzer/admin/analysis/businessrules/sqlextractpreviewwindow.webp) - -The SQL script requires the table have these columns: `HOST`, `SA_Host`, and `JobRunTimeKey`. If -there is a mismatch between table and SQL script, a SQL Syntax Check window describes any detected -issue. - -![SQL Syntax Check window](/img/product_docs/accessanalyzer/admin/analysis/businessrules/sqlsyntaxcheck.webp) - -For example, this SQL Syntax Check window is reporting an error of missing information of an object -or column. - -## Configure Scorecard Action Window - -Use this window to add exceptions to the scorecard. - -![Configure Scorecard Action Window](/img/product_docs/accessanalyzer/admin/analysis/businessrules/configurescorecardaction.webp) - -The Configure Scorecard Options window provides the following options: - -- Scorecard Action Description – Use this section to label the scorecard action - - - Action Name – Enter a name for the action - - Description – Enter a description for the action - -- Action Classification – This section allows you to group scorecard action results for reporting - purposes - - - Category – Enter a desired category name in the field or use the dropdown to select from - previously titled categories - - Index – Enter a desired index value for the scorecard action - -- Action Score – This section allows you to rank the action’s importance relative to other scorecard - actions - - - Score – Enter a desired score value for the scorecard action - - Severity – Enter a desired severity value or use the dropdown to select from previously - selected values - -- Knowledge – This section provides information that may assist with resolving this issue - - - Knowledge – Enter information to assist issue resolution, for example a website URL - -- Captured Values – This section allows you to select up to five optional properties whose values - will be captured and stored with the scorecard entry. For each property selected, a name column - and value column appear in the scorecard. - - - Property [1-5] – Select a property from the selected table using the drop-down menu to capture - and store its values with the scorecard diff --git a/docs/accessanalyzer/12.0/analysis/business-rules/overview.md b/docs/accessanalyzer/12.0/analysis/business-rules/overview.md deleted file mode 100644 index 450d43cf19..0000000000 --- a/docs/accessanalyzer/12.0/analysis/business-rules/overview.md +++ /dev/null @@ -1,28 +0,0 @@ -# Business Rules Analysis Module - -The Business Rules analysis module measures and evaluates a configured value from an object (the -baseline value) and compares it against a stated value (the business rule) to find an exception or -deviation. Any deviations or differences found the execution of a business rule appear in a -resultant table called a scorecard. - -Create one or more jobs to collect the data to be analyzed. Then configure one or business rules to -analyze the data. Examine the scoreboard to determine how an object is performing with regard to its -original baseline expectations. - -## Scorecard - -Business Rules analysis module results are displayed in a table called a scorecard. The scorecard -determines which of the rules are applied, and in what order. A scorecard table contains only -exceptions and deviations from the business rule criteria when compared to a baseline value. The -table does not include matches to the criteria. All scorecard table names are suffixed with -`_SCORECARD` for easy identification. - -## Edit Rules Window - -To access and modify the Business Rules analysis module, navigate to the Job's **Configure** > -**Analysis** node and click **Configure Analysis** to open the Edit Rules window. The Edit Rules -window has the following tabs: - -- [Logic Tab](/docs/accessanalyzer/12.0/analysis/business-rules/logic.md) -- [Variables Tab](/docs/accessanalyzer/12.0/analysis/business-rules/variables.md) -- [Applies To Tab](/docs/accessanalyzer/12.0/analysis/business-rules/applies-to.md) diff --git a/docs/accessanalyzer/12.0/analysis/business-rules/variables.md b/docs/accessanalyzer/12.0/analysis/business-rules/variables.md deleted file mode 100644 index 54280e64da..0000000000 --- a/docs/accessanalyzer/12.0/analysis/business-rules/variables.md +++ /dev/null @@ -1,16 +0,0 @@ -# Variables Tab - -Use the Variables tab to specify values to substitute in the rule logic at run time. - -![Edit Rules window Variables tab](/img/product_docs/accessanalyzer/admin/analysis/businessrules/variables.webp) - -This tab contains the following options: - -- Sort by Variable or Value in descending order by clicking the preferred column header. To sort by - ascending Value, click the column header again. The default is by ascending Value. -- To delete a variable, select it and click **Delete** - - ![JobVariables TSV file](/img/product_docs/accessanalyzer/admin/analysis/businessrules/jobvariablestsv.webp) - -- Click **View all variables for this job** to open the `JobVariables.TSV` file containing any - variables for the current job diff --git a/docs/accessanalyzer/12.0/analysis/change-detection/additional-fields.md b/docs/accessanalyzer/12.0/analysis/change-detection/additional-fields.md deleted file mode 100644 index 3cfa32de59..0000000000 --- a/docs/accessanalyzer/12.0/analysis/change-detection/additional-fields.md +++ /dev/null @@ -1,16 +0,0 @@ -# Change Detection: Additional Fields - -Use the Additional Fields page to choose any additional fields to include with the change analysis. -These fields do not detect change, but may provide additional information to help diagnose and -analyze the changes reported. - -![Change Detection Data Analysis Module wizard Additional Fields page](/img/product_docs/accessanalyzer/admin/analysis/changedetection/additionalfields.webp) - -Choose any additional fields to be collected with change analysis using the following options: - -- Select the checkbox of any desired fields -- Check All – Select all fields in the table -- Uncheck All – Clear all fields in the table -- Hide system columns – Hide columns -- Checked – Order the list by selected items -- Column Name – Name of the field diff --git a/docs/accessanalyzer/12.0/analysis/change-detection/fields.md b/docs/accessanalyzer/12.0/analysis/change-detection/fields.md deleted file mode 100644 index 57fc0eb7d9..0000000000 --- a/docs/accessanalyzer/12.0/analysis/change-detection/fields.md +++ /dev/null @@ -1,16 +0,0 @@ -# Change Detection: Fields - -Use the Change Detection Fields page to select the columns on which to report changes. - -![Change Detection Data Analysis Module wizard Fields page](/img/product_docs/accessanalyzer/admin/analysis/changedetection/fields.webp) - -Choose which fields change detection analyzes using the following options: - -- Select the checkbox next to any desired fields -- Check All – Select all fields in the table -- Uncheck All – Clear all fields in the table -- Hide system columns – Hide columns -- Checked – Order the list by selected items -- Column Name – Name of the field -- Combine multiple changes into a single change record – Select to combine multiple changes into a - single change record diff --git a/docs/accessanalyzer/12.0/analysis/change-detection/input-scope.md b/docs/accessanalyzer/12.0/analysis/change-detection/input-scope.md deleted file mode 100644 index 7a3f061b01..0000000000 --- a/docs/accessanalyzer/12.0/analysis/change-detection/input-scope.md +++ /dev/null @@ -1,13 +0,0 @@ -# Change Detection: Input Scope - -Use the Input Scope page to specify the input scope of the data source. - -![Change Detection Data Analysis Module wizard Input Scope page](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/inputscope.webp) - -Identify the scope of the data source from the following options: - -- Tables from Current Job – Select tables from only the currently selected job -- All Access Analyzer Tables – Select from all Access Analyzer tables within the SQL Server database -- All tables in the database – Select all tables within the SQL Server database - -**NOTE:** This selection affects the tables that are available for selection on the Input page. diff --git a/docs/accessanalyzer/12.0/analysis/change-detection/input.md b/docs/accessanalyzer/12.0/analysis/change-detection/input.md deleted file mode 100644 index 17a8142009..0000000000 --- a/docs/accessanalyzer/12.0/analysis/change-detection/input.md +++ /dev/null @@ -1,12 +0,0 @@ -# Change Detection: Input - -Use the Input Data Source page to choose a data source to analyze for changes. - -![Change Detection Data Analysis Module wizard Input Data Source page](/img/product_docs/accessanalyzer/admin/datacollector/unix/input.webp) - -The configurable option is: - -- Please select a data source – Select a data source table from the list - - **NOTE:** The selectable data sources change based on which option is selected on the Input - Scope page. diff --git a/docs/accessanalyzer/12.0/analysis/change-detection/options.md b/docs/accessanalyzer/12.0/analysis/change-detection/options.md deleted file mode 100644 index 769270bd9a..0000000000 --- a/docs/accessanalyzer/12.0/analysis/change-detection/options.md +++ /dev/null @@ -1,13 +0,0 @@ -# Change Detection: Options - -Use the Options page to specify whether to save history, including a running tally of all changes -made within a certain time period, or only changes between the last two runs of the source set. - -![Change Detection Data Analysis Module wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -Configure the additional options using the following: - -- Save change detection results for xx days – Modify the number of days that results for the Change - Detection task are saved for -- Only save most recent change (per unique key) – Select the checkbox to only save changes between - the last two runs of the source set diff --git a/docs/accessanalyzer/12.0/analysis/change-detection/overview.md b/docs/accessanalyzer/12.0/analysis/change-detection/overview.md deleted file mode 100644 index b534782976..0000000000 --- a/docs/accessanalyzer/12.0/analysis/change-detection/overview.md +++ /dev/null @@ -1,34 +0,0 @@ -# Change Detection Analysis Module - -Use the Change Detection analysis module to track changes within a specific Access Analyzer view or -table for use in reporting and notifications. This module tracks additional, changed, or missing -selected data items and compares result rows from previous collection activity with rows from the -most recent collection. - -This module compares values collected for two different query instances. Therefore, as change -detection depends on the existence of a **JobRunTimeKey**, history must be enabled and data -collected at least twice to produce the desired results. Configure History settings under the job’s -**Settings** > **History** node. See the [History](/docs/accessanalyzer/12.0/administration/settings/history.md) topic for additional -information. - -## Configuration - -The Change Detection Data Analysis Module wizard has the following pages: - -- Welcome -- [Change Detection: Input Scope](/docs/accessanalyzer/12.0/analysis/change-detection/input-scope.md) -- [Change Detection: Input](/docs/accessanalyzer/12.0/analysis/change-detection/input.md) -- [Change Detection: Unique Key](/docs/accessanalyzer/12.0/analysis/change-detection/unique-key.md) -- [Change Detection: Fields](/docs/accessanalyzer/12.0/analysis/change-detection/fields.md) -- [Change Detection: Additional Fields](/docs/accessanalyzer/12.0/analysis/change-detection/additional-fields.md) -- [Change Detection: Options](/docs/accessanalyzer/12.0/analysis/change-detection/options.md) -- [Change Detection: Result Sample](/docs/accessanalyzer/12.0/analysis/change-detection/result-sample.md) -- [Change Detection: Summary](/docs/accessanalyzer/12.0/analysis/change-detection/summary.md) - -The Welcome page gives an overview of the action module. The navigation pane contains links to the -pages in the wizard. - -![Change Detection Data Analysis Module wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -There are no configurable settings on the Welcome page. To proceed, click **Next** or use the Steps -navigation pane to open another page in the wizard. diff --git a/docs/accessanalyzer/12.0/analysis/change-detection/result-sample.md b/docs/accessanalyzer/12.0/analysis/change-detection/result-sample.md deleted file mode 100644 index fe021e48c1..0000000000 --- a/docs/accessanalyzer/12.0/analysis/change-detection/result-sample.md +++ /dev/null @@ -1,9 +0,0 @@ -# Change Detection: Result Sample - -The Result Sample page generates a preview of the output based on the configurations selected on the -previous pages. - -![Change Detection Data Analysis Module wizard Result Sample page](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/resultsample.webp) - -Click **Show Preview** to generate a preview of the results, which may take several minutes to -populate. diff --git a/docs/accessanalyzer/12.0/analysis/change-detection/summary.md b/docs/accessanalyzer/12.0/analysis/change-detection/summary.md deleted file mode 100644 index 5ea991bdbb..0000000000 --- a/docs/accessanalyzer/12.0/analysis/change-detection/summary.md +++ /dev/null @@ -1,8 +0,0 @@ -# Change Detection: Summary - -The Summary page summarizes the configuration of the action. - -![Change Detection Data Analysis Module wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, click **Cancel** to close -the Change Detection Data Analysis Module wizard to ensure no accidental configurations are saved. diff --git a/docs/accessanalyzer/12.0/analysis/change-detection/unique-key.md b/docs/accessanalyzer/12.0/analysis/change-detection/unique-key.md deleted file mode 100644 index 0fef6a389e..0000000000 --- a/docs/accessanalyzer/12.0/analysis/change-detection/unique-key.md +++ /dev/null @@ -1,9 +0,0 @@ -# Change Detection: Unique Key - -Use the Unique Key page to select one or more columns that, when put together as a ROWKEY, uniquely -identify each row of data in the source table. Available fields vary based on data source selected -on the Input page. See the [Change Detection: Input](/docs/accessanalyzer/12.0/analysis/change-detection/input.md) topic for additional information. - -![Change Detection Data Analysis Module wizard Unique Key page](/img/product_docs/accessanalyzer/admin/analysis/changedetection/uniquekey.webp) - -Select one or more fields to form a unique key for the selected table and its columns. diff --git a/docs/accessanalyzer/12.0/analysis/notification/change-type.md b/docs/accessanalyzer/12.0/analysis/notification/change-type.md deleted file mode 100644 index 5ae3252b34..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/change-type.md +++ /dev/null @@ -1,16 +0,0 @@ -# Notification: Change Type - -Use the Select Change Type page to choose the types of changes for which to trigger a notification. -The selections on this page are optional. This page is only active if Change Detection Table is -selected on the Table Type page. - -![Notification Data Analysis Module wizard Select Change Type page](/img/product_docs/accessanalyzer/admin/analysis/notification/changetype.webp) - -The following options are available: - -- Notify me when a property changes – Used to watch for changes in settings, such as a change to a - registry value or a service user account assignment change -- Notify me when something new is detected – Used to watch for something new, such as a new - permissions assignment or someone being added to a group -- Notify me when something is removed – Used to watch for something being removed, such as a user - being removed from a group or an application uninstalled diff --git a/docs/accessanalyzer/12.0/analysis/notification/command-line.md b/docs/accessanalyzer/12.0/analysis/notification/command-line.md deleted file mode 100644 index 747e05ebe0..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/command-line.md +++ /dev/null @@ -1,17 +0,0 @@ -# Notification: Command Line - -The Command Line properties page is available when the Command-line Executable notification type is -selected on the Type page. - -![Notification Data Analysis Module wizard Command Line properties page](/img/product_docs/accessanalyzer/admin/analysis/notification/commandline.webp) - -The following options are available: - -- Application – Specify an application to receive the notification. Click the ellipsis (**…**) to - view and select from a list of executable files. -- Arguments – If required, specify command line inputs for the application in the text box. If the - argument must come from a value in the database (for example, a timeout value), insert it here via - the Fields drop-down menu above. - - - Fields – To pass one or more fields into the command line arguments, click the drop-down menu, - select a field from the lists, and click **Add** diff --git a/docs/accessanalyzer/12.0/analysis/notification/criteria.md b/docs/accessanalyzer/12.0/analysis/notification/criteria.md deleted file mode 100644 index f2ac0d780c..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/criteria.md +++ /dev/null @@ -1,16 +0,0 @@ -# Notification: Criteria - -Use the Notification Criteria page to specify criteria to trigger a notification. - -![Notification Data Analysis Module wizard Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The following options are available: - -- No Criteria – Set no criteria to trigger a notification if any property changes. If selected, any - row will trigger the notification. -- Simple Criteria – Select criteria to send a notification based on the value of a specific property - or column in the database. The trigger can be if the property or column value is greater than, - equal to, or less than the value provided. -- Advanced Criteria – Use the Filter Builder to create custom triggers when a value meets the - defined conditions. See the [Advanced Search](/docs/accessanalyzer/12.0/administration/navigation/data-grid.md#advanced-search) topic - for additional information. diff --git a/docs/accessanalyzer/12.0/analysis/notification/event-log.md b/docs/accessanalyzer/12.0/analysis/notification/event-log.md deleted file mode 100644 index 6c700aede3..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/event-log.md +++ /dev/null @@ -1,24 +0,0 @@ -# Notification: Event Log - -The Event Log properties page is available when the Event log notification type is selected on the -Type page. Use this page to specify the type of event, the event ID, and the description for the -event. - -![Notification Data Analysis Module wizard Event Log properties page](/img/product_docs/threatprevention/threatprevention/admin/configuration/systemalerting/eventlog.webp) - -The following options are available: - -- Log – The event log name is Access Analyzer -- Type – Specify the log type. The drop-down menu displays the following options: - - - Information - - Warning - - Error - - FailureAudit - - SuccessAudit - -- Event ID – Specify the event ID -- Description – Enter a description of the event - - - Fields – To pass fields into the description, click on the drop-down list, select a field from - the list, then click **Add** diff --git a/docs/accessanalyzer/12.0/analysis/notification/frequency.md b/docs/accessanalyzer/12.0/analysis/notification/frequency.md deleted file mode 100644 index 14413fea34..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/frequency.md +++ /dev/null @@ -1,10 +0,0 @@ -# Notification: Frequency - -Use the Notification Frequency page to specify the frequency by which to generate the notifications. - -![Notification Data Analysis Module wizard Notification Frequency page](/img/product_docs/accessanalyzer/admin/analysis/notification/frequency.webp) - -The following options are available: - -- Generate notifications immediately -- Delay notifications until conditions have been met – Set the frequency condition diff --git a/docs/accessanalyzer/12.0/analysis/notification/hosts.md b/docs/accessanalyzer/12.0/analysis/notification/hosts.md deleted file mode 100644 index aa2412b31b..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/hosts.md +++ /dev/null @@ -1,20 +0,0 @@ -# Notification: Hosts - -Use the Select Hosts page to scope hosts and to select specific hosts to target. - -![Notification Data Analysis Module wizard Select Hosts page](/img/product_docs/accessanalyzer/admin/analysis/notification/hosts.webp) - -The following options are available: - -- I want notification sent for all hosts -- I want notifications sent only for the hosts listed below -- I want notifications sent for all hosts except the ones listed below - -If the first option is selected, the host list selection window is not enabled. If either the second -or third option is selected, the following options are enabled: - -- Show me all host lists – Activates the host list selection window, from which individual host - lists can be selected -- Enter hosts manually – Manually enter specific host names. Once the name is entered, click the add - (**+**) button to add it to the selection box. Ensure the checkbox next to the host name is - selected to include it in the list of hosts. diff --git a/docs/accessanalyzer/12.0/analysis/notification/overview.md b/docs/accessanalyzer/12.0/analysis/notification/overview.md deleted file mode 100644 index e84bfea52e..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/overview.md +++ /dev/null @@ -1,41 +0,0 @@ -# Notification Analysis Module - -The Notification Data analysis module provides the ability to send an email or command-line -notification to selected targets based on the values contains in any table. - -The Notification Data Analysis Module has the following prerequisites: - -- Configure the **Notification** node in the global settings - - - See the [Notification](/docs/accessanalyzer/12.0/administration/settings/notification.md) topic for additional information - -- Enable History for the table specified as the source - - - Only required if configuring Frequency or Time Window, or when using the Change Detection - table as a source on the Table Type page - -## Configuration - -The Notification analysis module is configured through the Notification Data Analysis Module wizard, -which contains the following wizard pages: - -- Welcome -- [Notification: Table Type](/docs/accessanalyzer/12.0/analysis/notification/table-type.md) -- [Notification: Select Table](/docs/accessanalyzer/12.0/analysis/notification/select-table.md) -- [Notification: Change Type](/docs/accessanalyzer/12.0/analysis/notification/change-type.md) -- [Notification: Criteria](/docs/accessanalyzer/12.0/analysis/notification/criteria.md) -- [Notification: Hosts](/docs/accessanalyzer/12.0/analysis/notification/hosts.md) -- [Notification: Type](/docs/accessanalyzer/12.0/analysis/notification/type.md) -- [Notification: SMTP](/docs/accessanalyzer/12.0/analysis/notification/smtp.md) -- [Notification: Command Line](/docs/accessanalyzer/12.0/analysis/notification/command-line.md) -- [Notification: Event Log](/docs/accessanalyzer/12.0/analysis/notification/event-log.md) -- [Notification: Frequency](/docs/accessanalyzer/12.0/analysis/notification/frequency.md) -- [Notification: Time Window](/docs/accessanalyzer/12.0/analysis/notification/time-window.md) -- [Notification: Summary](/docs/accessanalyzer/12.0/analysis/notification/summary.md) - -The Welcome page lists the prerequisites needed for the Notification Analysis Module to function -properly. - -![Notification Data Analysis Module wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -There are no configurable settings on the Welcome page. To proceed, click **Next**. diff --git a/docs/accessanalyzer/12.0/analysis/notification/select-table.md b/docs/accessanalyzer/12.0/analysis/notification/select-table.md deleted file mode 100644 index b6440495b8..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/select-table.md +++ /dev/null @@ -1,13 +0,0 @@ -# Notification: Select Table - -Select the table containing data on which to trigger a notification. The selection on the Table Type -page determines the options available on this page. See the -[Notification: Table Type](/docs/accessanalyzer/12.0/analysis/notification/table-type.md) topic for additional information. - -![Notification Data Analysis Module wizard Select Table page](/img/product_docs/accessanalyzer/admin/analysis/notification/selecttable.webp) - -The Select table page has the following options: - -- Show All Tables – All tables within the SQL Server database -- Show All SA Tables – All Access Analyzer tables within the SQL Server database -- Show only tables for this job diff --git a/docs/accessanalyzer/12.0/analysis/notification/smtp.md b/docs/accessanalyzer/12.0/analysis/notification/smtp.md deleted file mode 100644 index e82cf9e674..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/smtp.md +++ /dev/null @@ -1,45 +0,0 @@ -# Notification: SMTP - -The SMTP properties page is available when the Email notification type is selected on the Type page. -Use this page to specify SMTP notification properties, including recipients, subject line, and email -body. - -![Notification Data Analysis Module wizard SMTP properties page](/img/product_docs/accessanalyzer/admin/analysis/notification/smtp.webp) - -The following options are available: - -- E-mail – Enter an email address to add to the notification list - - - Add – Add an email address to the E-mail field - - Remove – Remove an email address from the Recipients list - - Combine multiple messages into single message – Sends one email for all objects in the record - set instead of one email per object to all recipients - -- Subject – Specify a subject for the email. The subject can include field variables. - - **_RECOMMENDED:_** If configuring a Notification analysis module for a pre-configured job, it is - recommended not to change the existing field variables. - -- Insert Field – Select a source data column to add to the message body or subject line. Click the - drop-down to see a list of columns. Once the column displays in the field, click an arrow to - insert the field. - - - Down arrow – Adds the selected source column to the message text - - Up arrow – Adds the selected source column to the subject text - -- Embed HTML Report – Embed a HTML report in the notification email. Click the Embed HTML Report - button to navigate to the HTML file. -- Show sample input source data – Opens the Sample Source Data window, containing sample input - source data as it currently exists in the database -- Show dialog to set SMTP options – Opens the SMTP Options window, where SMTP global settings can be - overwritten through manual configuration -- Preview – Displays a preview of the email. - - **NOTE:** The preview may not show any or all of the filters applied in previous steps. - -- Clear Template – Clears all data from the subject and message boxes. Does not clear e-mail - addresses. -- Text Box – Specify the text of the email message. The toolbar above the text box contains various - icons providing access to text editing and formatting tools. To insert fields from Access - Analyzer, choose a field from the drop-down menu and click the Down arrow. Block tag formatting is - supported. diff --git a/docs/accessanalyzer/12.0/analysis/notification/summary.md b/docs/accessanalyzer/12.0/analysis/notification/summary.md deleted file mode 100644 index 9aa53355e3..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# Notification: Summary - -The Summary Page displays all the information input in each of the configured options from the -previous pages of the wizard. - -![Notification Data Analysis Module wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is best practice to -click **Cancel** to close the Notification Data Analysis Module wizard to ensure no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/analysis/notification/table-type.md b/docs/accessanalyzer/12.0/analysis/notification/table-type.md deleted file mode 100644 index 69ae130b7c..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/table-type.md +++ /dev/null @@ -1,29 +0,0 @@ -# Notification: Table Type - -Use the Source Table Selection page to choose the type of table to use as the data source for -notifications. - -![Notification Data Analysis Module wizard Source Table Selection page](/img/product_docs/accessanalyzer/admin/analysis/notification/tabletype.webp) - -The following options are available: - -- Change Detection Table – Sends notifications when changes are detected in the data. When selected, - the option of **Show only tables for this job** becomes the default selection on the Select Table - page. This option targets only change detection tables within the current job. Possible tables (if - any) display on the Select Table page. See the [Notification: Select Table](/docs/accessanalyzer/12.0/analysis/notification/select-table.md) topic - for additional information. - - **NOTE:** Change Detection Table also locks selections to tables on the Select Table page that - are selected through Other. To select tables outside of **Show only tables for this job**, - select Other on the Table Type page, then select either **Show All Tables** or **Show All SA - Tables**, then click back to return to the Table Type page. Now selecting Change Detection Table - and proceeding defaults the selection on the Select Table page to whichever was previously - selected through Other. - -- Other – Sends a notification based on a value within a selected table. Selecting this option - enables the following options on the Select Table page, each of which lists a specific set of - tables available for selection: - - - Show All Tables - - Show All SA Tables - - Show only tables for this job diff --git a/docs/accessanalyzer/12.0/analysis/notification/time-window.md b/docs/accessanalyzer/12.0/analysis/notification/time-window.md deleted file mode 100644 index 85bf1130f1..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/time-window.md +++ /dev/null @@ -1,13 +0,0 @@ -# Notification: Time Window - -Use this page to specify whether to include only rows collected in the last execution. - -![Notification Data Analysis Module wizard Time window page](/img/product_docs/accessanalyzer/admin/analysis/notification/timewindow.webp) - -The following option is available: - -- Only include rows from most recent run for `[table name]` – Select the checkbox to scope the task - to the most recent data - - **NOTE:** The checkbox is only enabled if the table selected on the Select Table page has a - Access Analyzer **JobRunTimeKey** property. Otherwise, the checkbox is cleared by default. diff --git a/docs/accessanalyzer/12.0/analysis/notification/type.md b/docs/accessanalyzer/12.0/analysis/notification/type.md deleted file mode 100644 index d4b56f05e7..0000000000 --- a/docs/accessanalyzer/12.0/analysis/notification/type.md +++ /dev/null @@ -1,21 +0,0 @@ -# Notification: Type - -Use the Notification Type page to specify one or more notification types. - -![Notification Data Analysis Module wizard Notification Type page](/img/product_docs/threatprevention/threatprevention/reportingmodule/configuration/integrations/authenticationprovider/type.webp) - -The following options are available: - -- Email – Sends a notification email to specified addresses defined on the SMTP page. See the - [Notification: SMTP](/docs/accessanalyzer/12.0/analysis/notification/smtp.md) topic for additional information. -- Command-line Executable – Runs a command-line program such as a batch file. On the Command Line - page, define the specific application to run and any flags or arguments that must be set at - runtime. See the [Notification: Command Line](/docs/accessanalyzer/12.0/analysis/notification/command-line.md) topic for additional information. -- Event Log – Creates a Windows Event Log item on the Access Analyzer Event Log. On the Event Log - page, define the following: - - - Type of event (Information, Warning, Error, SuccessAudit, FailureAudit) - - Event ID - - Description of the event - - See the [Notification: Event Log](/docs/accessanalyzer/12.0/analysis/notification/event-log.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/analysis/overview.md b/docs/accessanalyzer/12.0/analysis/overview.md deleted file mode 100644 index 8b6134bda0..0000000000 --- a/docs/accessanalyzer/12.0/analysis/overview.md +++ /dev/null @@ -1,90 +0,0 @@ -# Analysis Modules - -The Access Analyzer analysis modules are capable of finding unique data and notifying users of its -location from a variety of environments. Analysis modules are assigned to a job at the -**Configure** > **Analysis** node. See the [Analysis Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis.md) topic -for information on the Analysis Selection view. - -![Configure an analysis](/img/product_docs/accessanalyzer/admin/analysis/configure.webp) - -Analysis tasks are configured through the Analysis Properties page. Navigate to the job’s -**Configure** > Analysis node. The Analysis Properties page is opened from the Analysis Selection -page by either of the following options: - -- Select **Create Analysis** to add a new analysis task to a job -- Select an existing analysis and click **Analysis Properties** to modify its configuration - -See the [Analysis Selection Page](#analysis-selection-page) and -[Analysis Properties Page](#analysis-properties-page) topics for additional information. - -The following table provides brief descriptions of the analysis modules available in Access -Analyzer. - -| Analysis Module | Description | -| --------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | -| [AutoAction Analysis Module](/docs/accessanalyzer/12.0/analysis/auto-action.md) | Performs a specified action at the conclusion of an analysis task’s execution | -| [Business Rules Analysis Module](/docs/accessanalyzer/12.0/analysis/business-rules/overview.md) | Finds data that does not match user expectations for the target environment | -| [Change Detection Analysis Module](/docs/accessanalyzer/12.0/analysis/change-detection/overview.md) | Notifies when a change occurs in the results of a job and identifies the location of the change | -| [Notification Analysis Module](/docs/accessanalyzer/12.0/analysis/notification/overview.md) | Sends notifications to specified recipients when a specified event occurs | -| [SQLscripting Analysis Module](/docs/accessanalyzer/12.0/analysis/sql-scripting.md) | Executes free-form SQL scripts | -| SQLTrend | Legacy action module | -| [SQLViewCreation Analysis Module](/docs/accessanalyzer/12.0/analysis/sql-view-creation/overview.md) | Provides a scripting wizard for creating SQL tables or views | -| [VBscripting Analysis Module](/docs/accessanalyzer/12.0/analysis/vb-scripting.md) | Executes free-form VB scripts | - -## Executing Analyses - -Analysis tasks execute automatically if enabled through the Analysis Selection page for jobs with -analysis modules configured. Analysis tasks can be enabled or disabled by selecting the checkbox -next to the analysis tasks. Analysis tasks execute in the order shown in the Analysis Selection -window. Tasks can be manually executed without running the job by right-clicking on the task and -selecting **Execute Analyses** from the dropdown menu. - -## Analysis Selection Page - -Analysis tasks can be created, deleted, and configured through the Analysis Selection page. For jobs -with existing analysis tasks, the Analysis Selection page is used to change the order in which tasks -are run, as well as enabling or disabling tasks. - -![Analysis Selection Page](/img/product_docs/accessanalyzer/admin/analysis/analysisselectionpage.webp) - -The Analysis Selection page has the following options: - -- Create Analysis – Opens the Analysis Properties page for a newly created task -- Delete Analysis – Deletes the selected analysis task in the Analysis Selection list -- Analysis Properties – Opens the Analysis Properties page for the selected existing analysis task -- Analysis Configuration – Opens the configuration wizard for the analysis task -- Select the checkbox next to an analysis task to enable it, or clear the checkbox to disable it -- Move Up/Move Down – Moves the selected analysis tasks up or down the Analysis Selection task list. - Moving tasks up or down the list changes the order in which the task is run when the job is - executed. - - **NOTE:** Tasks can be drag-and-dropped to change position in the list. - -- Select All – Enables/disables all tasks in the list -- The **Validate**, **Validate Selected**, and **Edit Rules** buttons are specific to the Business - Rules Analysis Module. See the [Business Rules Analysis Module](/docs/accessanalyzer/12.0/analysis/business-rules/overview.md) topic - for additional information on these buttons. - -## Analysis Properties Page - -Configure task properties through the Analysis Properties page. The Analysis Properties page is -accessed through the Analysis Selection page. - -![Analysis Properties Page](/img/product_docs/accessanalyzer/admin/analysis/analysispropertiespage.webp) - -The Analysis Properties page has the following options: - -- Name – Name of the analysis task. Default names can be changed. -- Description – Description of the analysis task. Analysis tasks for default solutions reference - associate data tables. Descriptions for new tasks are blank by default. -- Analysis Module – Click the drop-down to select an analysis module for the task -- Configure Analysis – Click to access the configuration wizard for the selected analysis module -- ID – Unique identifying number of the analysis task. The database uses distinct IDs to distinguish - between analysis tasks, even those with identical configurations. -- Enable execution of this task when the job is run – Select this option to automatically execute - the task as part of the job execution. This box can also be selected through the Analysis - Selection page. -- View XML – Opens the XML Text window to display the `DataAnalysisTasks.XML` file for the selected - job. The file is stored in the job’s directory. -- Cancel – Return to the Analysis Selection page without saving changes -- Save – Save changes and return to the Analysis Selection page diff --git a/docs/accessanalyzer/12.0/analysis/sql-scripting.md b/docs/accessanalyzer/12.0/analysis/sql-scripting.md deleted file mode 100644 index ebcbee4b88..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-scripting.md +++ /dev/null @@ -1,108 +0,0 @@ -# SQLscripting Analysis Module - -Use the SQLscripting analysis module to apply SQL scripting to the selected job. - -![SQL Script Editor](/img/product_docs/accessanalyzer/admin/analysis/sqlscripteditor.webp) - -The SQLscripting analysis module evaluates the Access Analyzer user’s permission level to determine -whether to allow the connected user to run the scripted command. Since this evaluation is based on -specific SQL database permissions and is not always under Access Analyzer’s control, some scripts -with correct syntax may fail due to insufficient permissions. - -The SQL Script Editor window has the following options: - -- Save and Close – Saves script and closes window -- Parameters – Establishes parameters for SQL scripts in the editor - - - Clicking **Parameters** opens the Parameters interface. See the [Parameters](#parameters) - topic for additional information. - -- Syntax Check – Checks SQL script syntax - - - Syntax Check does not identify logic errors, only instances where syntax is incorrect. Click - **Syntax Check** to open the Script Errors window which identifies syntax errors. - - Syntax Check reports back syntax errors starting from the beginning of the script to the end. - Syntax Check does not return a list of errors. - -- Load file – Opens a File Explorer which can be used to navigate to a SQL file -- Save to File – Saves the currently configured script into a SQL file -- Undo – Undo the previous changes made to script (Ctrl+Z) -- Redo – Redo the previous changes made to script (Ctrl+Y) -- Cut – Cuts the highlighted script from the SQL script editor (Ctrl+X) -- Copy – Copies the highlighted script into the SQL script editor (Ctrl+C) -- Paste – Pastes cut or copied script into the SQL script editor (Ctrl+V) -- Online SQL Language Reference – Opens the Microsoft - [Transact-SQL Reference]() - article - -Click **Save and Close** to return to the Analysis Properties page. If no changes were made or -intended, it is best practice to click **Cancel** to close the SQL Script Editor wizard to ensure no -accidental changes are saved. - -## Parameters - -Use the Parameters window to add, edit, and delete temporary variables and tables defined by -SQLscripting and users. The window only displays when **Parameters** is clicked. - -![Parameters window](/img/product_docs/accessanalyzer/admin/analysis/sqlscriptparameters.webp) - -**CAUTION:** not modify any parameters where the Value states `Created during execution`. - -The Parameters window has the following options: - -- Add Variable – Adds a new variable - - - Double-click in the **Name**, **Description**, and **Value** fields to enter custom labels - - Select the variable **Type** from the dropdown menu - - Variable names must begin with the `@` sign - -- Add Table – Adds a new table -- Edit Table – Opens the Edit Table window. See the [Edit Table](#edit-table) topic for additional - information. -- Delete – Deletes the selected variable or table - -The parameters have the following properties: - -- Name – Name of the variable or table -- Type – Type of variable or table - - - String variables utilize a text string input - - Integers and floats are able to handle invalid inputs - - Boolean variables only take True/False input, in SQL they are 1/0 - - Percentages only take whole numbers 0-100, converted to 0.0 to 1.0 in SQL - - Temporary and Variable Tables - -- Description – Description of the variable or table. See the [Edit Table](#edit-table) topic for - additional information. -- Value – Input value - -### Edit Table - -Click **Edit Table** to open the Edit Table window to modify parameters for the selected table. - -![Edit Table window](/img/product_docs/accessanalyzer/admin/analysis/sqlscriptedittablewindow.webp) - -The Edit table window has the following options: - -- Name – Use the Parameters window to edit the table name. - - - If the name begins with a `#` it is a temporary table - - If the name begins with a `@` it is a table variable - - - In SQLCommand, these can be passed in as structured table parameters - - - If neither is specified, Access Analyzer assumes it is a temporary table - -- Description – Use the Parameters window to edit the description -- Values – Add, edit, and remove values from the table - - - Add – Select from the dropdown to either **Add New Row** or **Add New Column** to the table - - Edit a value – Edits the selected value - - Delete – Deletes the selected value - - Up/Down – Changes the value position higher or lower - -A CSV file is created under the job’s directory when a parameter table is added to the analysis. A -pre-existing CSV file can also be uploaded to populate the table. - -Click **OK** to confirm changes to the table. If no changes were made or intended, click **Cancel** -to close the Edit Table window to ensure no accidental changes are saved. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/columns.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/columns.md deleted file mode 100644 index bf7ef8fbb1..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/columns.md +++ /dev/null @@ -1,52 +0,0 @@ -# SQLViewCreations: Columns - -The Result Columns page lists the tables selected on the Input Select page. - -![View and Table Creation Analysis Module wizard Result Columns page](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/columns.webp) - -Expand the table to show its columns. Then, select the checkbox next to the column to include it in -the resulting table or view. If two data tables are being joined, the resulting table displays at -the bottom of the grid. Use the scroll bar to view any hidden tables or data points. - -The grid provides the following options for formatting the resulting table or view: - -- Check All – Selects all checkboxes in the Checked column -- Uncheck All – Clears all checkboxes in the Checked column -- Add Column – Opens the New Trend Column window, where columns can be added to the table -- Delete – Deletes a selected column - - - Original columns cannot be deleted. Only columns that have been added by users can be deleted. - -- Show All Columns/Hide Unchecked Columns – Hides rows that are not currently selected ,or if - columns are currently hidden, displays all columns in the table -- Checked – Selects data columns for inclusion in the resulting table or view -- Column Name – Displays the data column name -- Group Operation – Accesses the available group operations that can be applied to individual data - points. Click on a cell in this column to display the drop-down arrow. The following operations - are available: - - - (none) - - Average - - Count - - Maximum - - Minimum - - Sum - - Variance - -- Data Label – Displays any data label for the associated data point. Data labels override the - column name on the materialized table or view. If applying a group operation, a default data label - shows. To apply a custom label, click in the cell and enter the label. -- Order By Operation – Accesses the available order-by operations that can be applied to individual - data points. Click on a cell in this column to display the drop-down arrow. The following - operations are available: - - - None - - Ascending - - Descending - -**NOTE:** If at least one columns is sorted by value, the **With ties** option is enabled on the -Result Constraints page. See the [SQLViewCreation: Result Constraints](/docs/accessanalyzer/12.0/analysis/sql-view-creation/result-constraints.md) topic -for additional information. - -After selecting the columns to include in the resulting table or view, click **Next** to further -filter the sourced data. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/export.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/export.md deleted file mode 100644 index 61d1e368a5..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/export.md +++ /dev/null @@ -1,26 +0,0 @@ -# SQLViewCreation: Export - -Use the Export settings page to specify data export settings. - -![View and Table Creation Analysis Module wizard Export page](/img/product_docs/threatprevention/threatprevention/admin/navigation/export.webp) - -Select the **Export results data** checkbox to enable the settings. The following options control -the file type and destination of the exported data: - -- Format – Use the drop-down menu to select the file format of the exported data - - - MS Excel file – Converts file to Microsoft Excel format. If Excel is not installed on the - console, a warning message shows and another export file format needs to be selected. - - CSV file – Converts file to Comma-Separated Values format. Includes the option to compress the - file to a zip file. - - ML file – Converts file to Extensible Markup Language format. Includes the option to compress - the file to a zip file. - -- Location – Displays the export location path. To edit this field, clear the **Use the job output - folder** checkbox. Click the ellipsis (**…**) to browse for a location, or edit the field - directly. -- Use the job output folder – Use the default export location and displays the path within the - **Location** field. To specify a different location, clear the checkbox and edit the **Location** - field. - -Once the options are selected, click **Next**. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/filter.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/filter.md deleted file mode 100644 index f6727e9110..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/filter.md +++ /dev/null @@ -1,16 +0,0 @@ -# SQLViewCreation: Filter - -Use this page to add custom filters to the table using the Filter Builder. - -![View and Table Creation Analysis Module wizard Filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -Filters reduce the amount of data visible in a column imported to the resulting table or view. By -default, when the filter page is blank, all the data within each column is included. Use the -following options to add and remove filters: - -- Edit – Opens the Filter window - - - See the [Advanced Search](/docs/accessanalyzer/12.0/administration/navigation/data-grid.md#advanced-search) topic for additional - information - -- Clear – Clears any specified filters diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/input-scope.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/input-scope.md deleted file mode 100644 index 317ab773a1..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/input-scope.md +++ /dev/null @@ -1,15 +0,0 @@ -# SQLViewCreation: Input Scope - -Use the Input Selection page to scope the source data tables. This option affects the tables -available for selection on the subsequent pages. - -![View and Table Creation Analysis Module wizard Input Selection page](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/inputscope.webp) - -Select the source data to be used from the following options: - -- Tables from Current Job – Targets all tables generated by the current job within the SQL Server - database -- All Access Analyzer Tables – Targets tables within the SQL Server database that begin with `SA` -- All tables in the database – Targets all tables within the SQL Server database - -After selecting the initial scope for the data sources, click **Next**. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/input.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/input.md deleted file mode 100644 index 62e759420c..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/input.md +++ /dev/null @@ -1,17 +0,0 @@ -# SQLViewCreation: Input Source - -Use the Input Source page to select the source tables or views, containing data, to join or -aggregate into a resulting table or view. - -![View and Table Creation Analysis Module wizard Input Source page](/img/product_docs/accessanalyzer/admin/datacollector/unix/input.webp) - -At the first drop-down, select a table. The drop-down lists on this page are determined by the -selection made on the Input Scope page. To join or aggregate data from two tables, select a second -table at the second drop-down menu. To remove the second table from the field, click the **X** -button. - -**NOTE:** It is important to choose tables that are compatible with one another or share similar -columns. - -When the two sources of data are selected, click **Next** to create a joint column within the -resulting table or view. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/join-columns.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/join-columns.md deleted file mode 100644 index c2c5e1185b..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/join-columns.md +++ /dev/null @@ -1,41 +0,0 @@ -# SQLViewCreations: Join Columns - -Use the Join Columns page to select a column from each source table to join together on the -resulting table or view. The options on this page are only enabled if two tables are selected on the -Input Source page. - -**NOTE:** The SQLViewCreation analysis module can join two tables, using a simple equi-join -condition of two predicates. For composite joins with two or more tables using a conjunction of -predicates, use the SQLscripting analysis module. See the -[SQLscripting Analysis Module](/docs/accessanalyzer/12.0/analysis/sql-scripting.md) topic for additional information. - -![View and Table Creation Analysis Module wizard Join Columns page](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/joincolumns.webp) - -Use the **Table 1 join property** and **Table 2 join property** fields to select join predicates -from both tables. Join predicates are columns containing analogous values that are used to match -records in referenced tables. - -Next, specify how to join these tables. To automatically select the appropriate join type, select -one or more of the checkboxes. The selection in the **Join Type** field updates based on user -selections. - -To manually select, use the **Join Type** field. The selection here may update the above checkboxes. -The following options are available: - -- Join Type – Select a join type from the drop-down: - - **NOTE:** Left is the first table referenced, right is the second table. - - - Inner Join – Returns records that have matching values in both tables - - Right Outer Join – Returns all records from the left table, and the matched records from the - right table - - Left Outer Join – Return all records from the right table, and the matched records from the - left table - - Full Outer Join – Return all records when there is a match in either left or right table - -**NOTE:** The join property is the column found within both tables. The two columns can have -different names. However, in the results set, everywhere a value in the first column matches the -value in the second column, rows from the respective tables are joined together. - -After selecting a column from each data source to join, click **Next** to select columns to transfer -to the resulting table or view. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/overview.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/overview.md deleted file mode 100644 index 21a4761471..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/overview.md +++ /dev/null @@ -1,35 +0,0 @@ -# SQLViewCreation Analysis Module - -The SQLViewCreation analysis module provides the ability to create new views or tables that are used -in Access Analyzer actions and reports. These views or tables are re-created during job execution. - -**CAUTION:** Consider the impact on storage and performance when choosing to create views versus -tables. Tables require more storage space in the database. - -## Configuration - -This analysis module provides the View and Table Creation Analysis Module wizard to assist in -configuring the module. Before the wizard, collect the desired data for manipulation. - -The wizard contains the following pages: - -- Welcome -- [SQLViewCreation: Input Scope](/docs/accessanalyzer/12.0/analysis/sql-view-creation/input-scope.md) -- [SQLViewCreation: Input Source](/docs/accessanalyzer/12.0/analysis/sql-view-creation/input.md) -- [SQLViewCreations: Join Columns](/docs/accessanalyzer/12.0/analysis/sql-view-creation/join-columns.md) -- [SQLViewCreations: Columns](/docs/accessanalyzer/12.0/analysis/sql-view-creation/columns.md) -- [SQLViewCreation: Filter](/docs/accessanalyzer/12.0/analysis/sql-view-creation/filter.md) -- [SQLViewCreation: Time Window](/docs/accessanalyzer/12.0/analysis/sql-view-creation/time-window.md) -- [SQLViewCreation: Result Constraints](/docs/accessanalyzer/12.0/analysis/sql-view-creation/result-constraints.md) -- [SQLViewCreation: Result Type](/docs/accessanalyzer/12.0/analysis/sql-view-creation/result.md) -- [SQLViewCreation: Result Sample](/docs/accessanalyzer/12.0/analysis/sql-view-creation/result-sample.md) -- [SQLViewCreation: Export](/docs/accessanalyzer/12.0/analysis/sql-view-creation/export.md) -- [SQLViewCreation: Summary](/docs/accessanalyzer/12.0/analysis/sql-view-creation/summary.md) - -The Welcome page provides an overview of the analysis module. - -![View and Table Creation Analysis Module wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -There are no configurable settings on the Welcome page. Click **Next** to begin configuring a custom -table or view using two formatted data sources, or use the Steps navigation pane to open another -page in the wizard. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/result-constraints.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/result-constraints.md deleted file mode 100644 index 7726e0edfa..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/result-constraints.md +++ /dev/null @@ -1,43 +0,0 @@ -# SQLViewCreation: Result Constraints - -Use the Result Constraints page to impose restraints on the dataset. - -![View and Table Creation Analysis Module wizard Result constraints page](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/resultconstraints.webp) - -Select one of the following options to choose if and how much data should be returned: - -- Duplicate rows can appear in the result set -- Only unique rows can appear in the result set -- Return only [number] [unit] of the rows – Select this checkbox to specify a numeric value and unit - of measurement to return for the rows that appear in the resulting table or view - - - With ties – Include all instances of identical values in the sorted columns with the results. - To include only one instance of identical values, do not select this option.. See the - [With Ties Example](#with-ties-example) topic for additional information. - - **NOTE:** This field is enabled by sorting at least one column in the table by value (for - SQL, only a sorted column can contain ties). To sort columns, use the **Order By Operation** - field on the Columns page. See the [SQLViewCreations: Columns](/docs/accessanalyzer/12.0/analysis/sql-view-creation/columns.md) topic for - additional information. - -## With Ties Example - -The following example explains how the **With ties** option works. - -![cid:image027.webp@01D4CF75.96F2E110](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/examplefull.webp) - -Consider a table that has ten rows with one repeating entry under the value column. - -![cid:image025.webp@01D4CF74.8A56D750](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/examplereduced.webp) - -If the table is sorted by the value column in ascending order and the **Return only** option is set -to **40 percent**, then there should be four rows visible in the resulting table or view output. - -![cid:image026.webp@01D4CF74.8A56D750](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/examplereducedwithties.webp) - -However, if the first three values in the sort column are unique but the fourth value matches the -fifth, selecting the **With ties** option returns the first three rows as well as both the fourth -and fifth rows for a total of five rows. - -**NOTE:** If sorting multiple columns, **With ties** evaluates all sorted columns to determine ties -between columns with the same inputs. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/result-sample.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/result-sample.md deleted file mode 100644 index bb443f0dce..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/result-sample.md +++ /dev/null @@ -1,13 +0,0 @@ -# SQLViewCreation: Result Sample - -Use this page to preview a sampling of the completed data manipulation. - -![View and Table Creation Analysis Module wizard Result Sample page](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/resultsample.webp) - -Click **Show Preview** to populate the window with the selections from the previous pages. If the -window does not populate, check the configurations for errors and try again. - -**NOTE:** The **Show Preview** option does not always apply the filter conditions specified within -the wizard, but the resulting table or view applies all filters. - -If the preview is satisfactory, click **Next** to continue. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/result.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/result.md deleted file mode 100644 index 10319727f3..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/result.md +++ /dev/null @@ -1,18 +0,0 @@ -# SQLViewCreation: Result Type - -Use the Result Type page to choose a SQL database table or view for the result’s output. - -![View and Table Creation Analysis Module wizard Result Type page](/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/resulttype.webp) - -The options on this page determine the visual representation and name of the combined data from the -two sourced tables. Select from the following two options: - -- Create Table – Creates a table output for the resulting dataset -- Create View – Creates a view output for the resulting dataset - -A default name of `SA_[job name]_Result` is provided in the name field. You can customize this name -for the resulting table or view. - -The name must start with `SA` to be recognized as a Access Analyzer table or view. - -After selecting the resulting table or view’s visual representation and name, click **Next**. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/summary.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/summary.md deleted file mode 100644 index 536ec701b0..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# SQLViewCreation: Summary - -This page provides an overview of all the settings configured in the wizard. - -![View and Table Creation Analysis Module wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the View and Table Creation Analysis Module wizard to ensure that no -accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/analysis/sql-view-creation/time-window.md b/docs/accessanalyzer/12.0/analysis/sql-view-creation/time-window.md deleted file mode 100644 index a7901a8dba..0000000000 --- a/docs/accessanalyzer/12.0/analysis/sql-view-creation/time-window.md +++ /dev/null @@ -1,23 +0,0 @@ -# SQLViewCreation: Time Window - -Use the Source and Time Window page to specify which data to access if using multiple Access -Analyzer Consoles or history is enabled. - -![View and Table Creation Analysis Module wizard Source and Time Window page](/img/product_docs/accessanalyzer/admin/analysis/notification/timewindow.webp) - -Use the following options to select which sources of data to permit and the time frame in which the -data was collected: - -- Source Data Details – Choose a data source. This option is for when the selected tables are from - two separate Access Analyzer Consoles using tables generated by the same job. - - **NOTE:** This section is enabled after selecting **All Access Analyzer Tables** or **All tables - in the database** on the Input Scope page. - - - All data – Uses all data available from the selected option on the Input Scope page and merges - the data - - Data from this Access Analyzer Console only – Uses only data from the Access Analyzer Console - generating the current analysis module - -- Time Window – Select a time window for each table in the analysis. The drop-down menu selections - vary based on each table's history settings. diff --git a/docs/accessanalyzer/12.0/analysis/vb-scripting.md b/docs/accessanalyzer/12.0/analysis/vb-scripting.md deleted file mode 100644 index a78d094db9..0000000000 --- a/docs/accessanalyzer/12.0/analysis/vb-scripting.md +++ /dev/null @@ -1,27 +0,0 @@ -# VBscripting Analysis Module - -Use the VBscripting analysis module to access the VBScript Editor and apply VB scripting to the -current analysis. - -![VBScript Editor](/img/product_docs/accessanalyzer/admin/datacollector/script/vbscripteditor.webp) - -The VBScript Editor has the following options: - -- Save and Close – Saves the script and closes the window -- Syntax Check – Checks VB script syntax - - - Syntax Check does not identify logic errors, only instances where syntax is incorrect. Click - **Syntax Check** to open the Script Errors window which identifies syntax errors. - - Syntax Check reports back syntax errors starting from the beginning of the script to the end. - Syntax Check does not return a list of errors. - -- Load file – Opens a File Explorer which can be used to navigate to a VBS file -- Save to File – Saves the currently configured script into a VBS file -- Undo – Undo the previous changes made to script (Ctrl+Z) -- Redo – Redo the previous changes made to script (Ctrl+Y) -- Cut – Cuts the highlighted script from the VB script editor (Ctrl+X) -- Copy – Copies the highlighted script in the VB script editor (Ctrl+C) -- Paste – Pastes cut or copied script into the VB script editor (Ctrl+V) - -When done using the editor, click **Save and Close** to return to the Analysis Properties page. Make -sure to save the analysis. diff --git a/docs/accessanalyzer/12.0/apply_final_fixes.py b/docs/accessanalyzer/12.0/apply_final_fixes.py deleted file mode 100644 index 3b839b2ba0..0000000000 --- a/docs/accessanalyzer/12.0/apply_final_fixes.py +++ /dev/null @@ -1,118 +0,0 @@ -#!/usr/bin/env python3 - -import os -import re - -def apply_final_fixes(): - """Apply the final fixes based on user selections""" - - # Define the mappings based on user selections - mappings = { - # 1A-5A: Administrative templates fixes (administrativetemplates -> adminstrativetemplates) - '/docs/endpointpolicymanager/administrativetemplates/itemleveltargeting.md': '/docs/endpointpolicymanager/adminstrativetemplates/itemleveltargeting.md', - '/docs/endpointpolicymanager/administrativetemplates/overview.md': '/docs/endpointpolicymanager/adminstrativetemplates/overview.md', - '/docs/endpointpolicymanager/administrativetemplates/settings.md': '/docs/endpointpolicymanager/adminstrativetemplates/settings.md', - '/docs/endpointpolicymanager/administrativetemplates/disableofficeelements.md': '/docs/endpointpolicymanager/adminstrativetemplates/disableofficeelements.md', - '/docs/endpointpolicymanager/administrativetemplates/versions.md': '/docs/endpointpolicymanager/adminstrativetemplates/versions.md', - - # 6A: Reference -> index.md - '/docs/endpointpolicymanager/reference.md': '/docs/endpointpolicymanager/index.md', - - # 7A: Double path fix - '/docs/endpointpolicymanager/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md': '/docs/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md', - - # 8-29A: Archive links (remove archived-guides subfolder) - '/docs/endpointpolicymanager/archive/archived-guides/acrobatxpro.md': '/docs/endpointpolicymanager/archive/acrobatxpro.md', - '/docs/endpointpolicymanager/archive/archived-guides/admxfiles.md': '/docs/endpointpolicymanager/archive/admxfiles.md', - '/docs/endpointpolicymanager/archive/archived-guides/applock.md': '/docs/endpointpolicymanager/archive/applock.md', - '/docs/endpointpolicymanager/archive/archived-guides/autoupdater.md': '/docs/endpointpolicymanager/archive/autoupdater.md', - '/docs/endpointpolicymanager/archive/archived-guides/cloud.md': '/docs/endpointpolicymanager/archive/cloud.md', - '/docs/endpointpolicymanager/archive/archived-guides/designstudiofirefox.md': '/docs/endpointpolicymanager/archive/designstudiofirefox.md', - '/docs/endpointpolicymanager/archive/archived-guides/designstudiojava.md': '/docs/endpointpolicymanager/archive/designstudiojava.md', - '/docs/endpointpolicymanager/archive/archived-guides/differentusers.md': '/docs/endpointpolicymanager/archive/differentusers.md', - '/docs/endpointpolicymanager/archive/archived-guides/gotomeeting.md': '/docs/endpointpolicymanager/archive/gotomeeting.md', - '/docs/endpointpolicymanager/archive/archived-guides/ie10.md': '/docs/endpointpolicymanager/archive/ie10.md', - '/docs/endpointpolicymanager/archive/archived-guides/ie9.md': '/docs/endpointpolicymanager/archive/ie9.md', - '/docs/endpointpolicymanager/archive/archived-guides/infranview.md': '/docs/endpointpolicymanager/archive/infranview.md', - '/docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md': '/docs/endpointpolicymanager/archive/itemleveltartgeting.md', - '/docs/endpointpolicymanager/archive/archived-guides/java.md': '/docs/endpointpolicymanager/archive/java.md', - '/docs/endpointpolicymanager/archive/archived-guides/massdeploy.md': '/docs/endpointpolicymanager/archive/massdeploy.md', - '/docs/endpointpolicymanager/archive/archived-guides/modenuke.md': '/docs/endpointpolicymanager/archive/modenuke.md', - '/docs/endpointpolicymanager/archive/archived-guides/office2013.md': '/docs/endpointpolicymanager/archive/office2013.md', - '/docs/endpointpolicymanager/archive/archived-guides/operanext.md': '/docs/endpointpolicymanager/archive/operanext.md', - '/docs/endpointpolicymanager/archive/archived-guides/overview.md': '/docs/endpointpolicymanager/archive/overview.md', - '/docs/endpointpolicymanager/archive/archived-guides/parcctesting.md': '/docs/endpointpolicymanager/archive/parcctesting.md', - '/docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md': '/docs/endpointpolicymanager/archive/preferencesexporter.md', - '/docs/endpointpolicymanager/archive/archived-guides/symantecworkspace.md': '/docs/endpointpolicymanager/archive/symantecworkspace.md', - '/docs/endpointpolicymanager/archive/archived-guides/tattooing.md': '/docs/endpointpolicymanager/archive/tattooing.md', - '/docs/endpointpolicymanager/archive/archived-guides/upgrading.md': '/docs/endpointpolicymanager/archive/upgrading.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmware.md': '/docs/endpointpolicymanager/archive/vmware.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmwarefilesettings.md': '/docs/endpointpolicymanager/archive/vmwarefilesettings.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmwarehorizonmirage.md': '/docs/endpointpolicymanager/archive/vmwarehorizonmirage.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmwaresupplements.md': '/docs/endpointpolicymanager/archive/vmwaresupplements.md', - '/docs/endpointpolicymanager/archive/archived-guides/xenapp.md': '/docs/endpointpolicymanager/archive/xenapp.md', - - # 30A: Knowledge base - '/docs/endpointpolicymanager/resources/knowledge-base.md': '/docs/endpointpolicymanager/knowledgebase.md', - - # 31: Video index (will create index.md) - '/docs/endpointpolicymanager/video/': '/docs/endpointpolicymanager/video/index.md', - - # 32B: Design studio how-to - '/docs/endpointpolicymanager/video/#designstudio-how-to': '/docs/endpointpolicymanager/applicationsettings/designstudio/overview.md', - - # 33B: Getting started - '/docs/endpointpolicymanager/video/#getting-started': '/docs/endpointpolicymanager/gettingstarted/overview.md', - } - - fixed_count = 0 - error_count = 0 - - print(f"Applying {len(mappings)} final fixes...") - - for broken_link, correct_link in mappings.items(): - print(f"Processing: {broken_link} -> {correct_link}") - - # Search for files containing this broken link - try: - result = os.popen(f'grep -r "{broken_link}" /Users/jordan.violet/development/docs/docs/endpointpolicymanager/ --include="*.md" 2>/dev/null').read() - - if result.strip(): - for line in result.strip().split('\n'): - if ':' in line: - file_path = line.split(':')[0] - print(f" Found in: {file_path}") - - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - if broken_link in content: - new_content = content.replace(broken_link, correct_link) - - with open(file_path, 'w', encoding='utf-8') as f: - f.write(new_content) - - print(f" ✅ Fixed: {broken_link} -> {correct_link}") - fixed_count += 1 - else: - print(f" ⚠️ Link not found in file content") - - except Exception as e: - print(f" ❌ Error processing {file_path}: {e}") - error_count += 1 - else: - print(f" ℹ️ Link not found in any files") - - except Exception as e: - print(f" ❌ Error searching for link: {e}") - error_count += 1 - - print(f"\n📊 Summary:") - print(f" Fixed: {fixed_count}") - print(f" Errors: {error_count}") - - return fixed_count, error_count - -if __name__ == "__main__": - apply_final_fixes() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/apply_specific_29_mappings.py b/docs/accessanalyzer/12.0/apply_specific_29_mappings.py deleted file mode 100644 index 0f66b141ac..0000000000 --- a/docs/accessanalyzer/12.0/apply_specific_29_mappings.py +++ /dev/null @@ -1,116 +0,0 @@ -#!/usr/bin/env python3 - -import os - -def apply_specific_29_mappings(): - """Apply only the specific 29 mappings selected by the user""" - - print("Applying the specific 29 mappings you selected...") - - # Define the exact mappings based on user selections (1A, 2A, 3A, etc.) - mappings = { - # 1A-5A: Administrative templates fixes (administrativetemplates -> adminstrativetemplates) - '/docs/endpointpolicymanager/administrativetemplates/itemleveltargeting.md': '/docs/endpointpolicymanager/adminstrativetemplates/itemleveltargeting.md', - '/docs/endpointpolicymanager/administrativetemplates/overview.md': '/docs/endpointpolicymanager/adminstrativetemplates/overview.md', - '/docs/endpointpolicymanager/administrativetemplates/settings.md': '/docs/endpointpolicymanager/adminstrativetemplates/settings.md', - '/docs/endpointpolicymanager/administrativetemplates/disableofficeelements.md': '/docs/endpointpolicymanager/adminstrativetemplates/disableofficeelements.md', - '/docs/endpointpolicymanager/administrativetemplates/versions.md': '/docs/endpointpolicymanager/adminstrativetemplates/versions.md', - - # 6A: Reference -> index.md - '/docs/endpointpolicymanager/reference.md': '/docs/endpointpolicymanager/index.md', - - # 7A: Double path fix - '/docs/endpointpolicymanager/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md': '/docs/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md', - - # 8-29A: Archive links (remove archived-guides subfolder) - '/docs/endpointpolicymanager/archive/archived-guides/acrobatxpro.md': '/docs/endpointpolicymanager/archive/acrobatxpro.md', - '/docs/endpointpolicymanager/archive/archived-guides/admxfiles.md': '/docs/endpointpolicymanager/archive/admxfiles.md', - '/docs/endpointpolicymanager/archive/archived-guides/applock.md': '/docs/endpointpolicymanager/archive/applock.md', - '/docs/endpointpolicymanager/archive/archived-guides/autoupdater.md': '/docs/endpointpolicymanager/archive/autoupdater.md', - '/docs/endpointpolicymanager/archive/archived-guides/cloud.md': '/docs/endpointpolicymanager/archive/cloud.md', - '/docs/endpointpolicymanager/archive/archived-guides/designstudiofirefox.md': '/docs/endpointpolicymanager/archive/designstudiofirefox.md', - '/docs/endpointpolicymanager/archive/archived-guides/designstudiojava.md': '/docs/endpointpolicymanager/archive/designstudiojava.md', - '/docs/endpointpolicymanager/archive/archived-guides/differentusers.md': '/docs/endpointpolicymanager/archive/differentusers.md', - '/docs/endpointpolicymanager/archive/archived-guides/gotomeeting.md': '/docs/endpointpolicymanager/archive/gotomeeting.md', - '/docs/endpointpolicymanager/archive/archived-guides/ie10.md': '/docs/endpointpolicymanager/archive/ie10.md', - '/docs/endpointpolicymanager/archive/archived-guides/ie9.md': '/docs/endpointpolicymanager/archive/ie9.md', - '/docs/endpointpolicymanager/archive/archived-guides/infranview.md': '/docs/endpointpolicymanager/archive/infranview.md', - '/docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md': '/docs/endpointpolicymanager/archive/itemleveltartgeting.md', - '/docs/endpointpolicymanager/archive/archived-guides/java.md': '/docs/endpointpolicymanager/archive/java.md', - '/docs/endpointpolicymanager/archive/archived-guides/massdeploy.md': '/docs/endpointpolicymanager/archive/massdeploy.md', - '/docs/endpointpolicymanager/archive/archived-guides/modenuke.md': '/docs/endpointpolicymanager/archive/modenuke.md', - '/docs/endpointpolicymanager/archive/archived-guides/office2013.md': '/docs/endpointpolicymanager/archive/office2013.md', - '/docs/endpointpolicymanager/archive/archived-guides/operanext.md': '/docs/endpointpolicymanager/archive/operanext.md', - '/docs/endpointpolicymanager/archive/archived-guides/overview.md': '/docs/endpointpolicymanager/archive/overview.md', - '/docs/endpointpolicymanager/archive/archived-guides/parcctesting.md': '/docs/endpointpolicymanager/archive/parcctesting.md', - '/docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md': '/docs/endpointpolicymanager/archive/preferencesexporter.md', - '/docs/endpointpolicymanager/archive/archived-guides/symantecworkspace.md': '/docs/endpointpolicymanager/archive/symantecworkspace.md', - '/docs/endpointpolicymanager/archive/archived-guides/tattooing.md': '/docs/endpointpolicymanager/archive/tattooing.md', - '/docs/endpointpolicymanager/archive/archived-guides/upgrading.md': '/docs/endpointpolicymanager/archive/upgrading.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmware.md': '/docs/endpointpolicymanager/archive/vmware.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmwarefilesettings.md': '/docs/endpointpolicymanager/archive/vmwarefilesettings.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmwarehorizonmirage.md': '/docs/endpointpolicymanager/archive/vmwarehorizonmirage.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmwaresupplements.md': '/docs/endpointpolicymanager/archive/vmwaresupplements.md', - '/docs/endpointpolicymanager/archive/archived-guides/xenapp.md': '/docs/endpointpolicymanager/archive/xenapp.md', - - # 30A: Knowledge base - '/docs/endpointpolicymanager/resources/knowledge-base.md': '/docs/endpointpolicymanager/knowledgebase.md', - - # 32B: Design studio how-to - '/docs/endpointpolicymanager/video/#designstudio-how-to': '/docs/endpointpolicymanager/applicationsettings/designstudio/overview.md', - - # 33B: Getting started - '/docs/endpointpolicymanager/video/#getting-started': '/docs/endpointpolicymanager/gettingstarted/overview.md', - } - - fixed_count = 0 - error_count = 0 - - print(f"Applying {len(mappings)} specific mappings...") - - for broken_link, correct_link in mappings.items(): - print(f"Processing: {broken_link} -> {correct_link}") - - # Search for files containing this broken link - try: - result = os.popen(f'grep -r "{broken_link}" /Users/jordan.violet/development/docs/docs/endpointpolicymanager/ --include="*.md" 2>/dev/null').read() - - if result.strip(): - for line in result.strip().split('\n'): - if ':' in line: - file_path = line.split(':')[0] - print(f" Found in: {file_path}") - - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - if broken_link in content: - new_content = content.replace(broken_link, correct_link) - - with open(file_path, 'w', encoding='utf-8') as f: - f.write(new_content) - - print(f" ✅ Fixed: {broken_link} -> {correct_link}") - fixed_count += 1 - else: - print(f" ⚠️ Link not found in file content") - - except Exception as e: - print(f" ❌ Error processing {file_path}: {e}") - error_count += 1 - else: - print(f" ℹ️ Link not found in any files") - - except Exception as e: - print(f" ❌ Error searching for link: {e}") - error_count += 1 - - print(f"\n📊 Summary:") - print(f" Fixed: {fixed_count}") - print(f" Errors: {error_count}") - - return fixed_count, error_count - -if __name__ == "__main__": - apply_specific_29_mappings() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/apply_video_index_mapping.py b/docs/accessanalyzer/12.0/apply_video_index_mapping.py deleted file mode 100644 index a2c801d5c8..0000000000 --- a/docs/accessanalyzer/12.0/apply_video_index_mapping.py +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env python3 - -import os - -def apply_video_index_mapping(): - """Apply the final video index mapping: 31: Video index (create index.md)""" - - print("Applying video index mapping...") - - # 31: Video index mapping - /docs/endpointpolicymanager/video/ should link to the index.md - broken_link = '/docs/endpointpolicymanager/video/' - correct_link = '/docs/endpointpolicymanager/video/index.md' - - fixed_count = 0 - error_count = 0 - - print(f"Processing: {broken_link} -> {correct_link}") - - # Search for files containing this broken link - try: - result = os.popen(f'grep -r "{broken_link}" /Users/jordan.violet/development/docs/docs/endpointpolicymanager/ --include="*.md" 2>/dev/null').read() - - if result.strip(): - for line in result.strip().split('\n'): - if ':' in line: - file_path = line.split(':')[0] - print(f" Found in: {file_path}") - - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - if broken_link in content: - new_content = content.replace(broken_link, correct_link) - - with open(file_path, 'w', encoding='utf-8') as f: - f.write(new_content) - - print(f" ✅ Fixed: {broken_link} -> {correct_link}") - fixed_count += 1 - else: - print(f" ⚠️ Link not found in file content") - - except Exception as e: - print(f" ❌ Error processing {file_path}: {e}") - error_count += 1 - else: - print(f" ℹ️ Link not found in any files") - - except Exception as e: - print(f" ❌ Error searching for link: {e}") - error_count += 1 - - print(f"\n📊 Summary:") - print(f" Fixed: {fixed_count}") - print(f" Errors: {error_count}") - - return fixed_count, error_count - -if __name__ == "__main__": - apply_video_index_mapping() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/apply_video_mappings.py b/docs/accessanalyzer/12.0/apply_video_mappings.py deleted file mode 100644 index 97eb36f2ac..0000000000 --- a/docs/accessanalyzer/12.0/apply_video_mappings.py +++ /dev/null @@ -1,62 +0,0 @@ -#!/usr/bin/env python3 - -import os -import glob - -def apply_video_mappings(): - """Apply specific video path mappings from the original 29 broken links""" - - # Only the specific video mappings from the original analysis - video_mappings = { - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md': '/docs/endpointpolicymanager/video/leastprivilege/elevate/scripts.md', - '/docs/endpointpolicymanager/resources/video-tutorials/cloud/install/leastprivilegemanagerrule.md': '/docs/endpointpolicymanager/video/cloud/install/leastprivilegemanagerrule.md', - '/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md': '/docs/endpointpolicymanager/video/applicationsettings/shares.md', - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md': '/docs/endpointpolicymanager/video/leastprivilege/integration/privilegesecure.md', - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md': '/docs/endpointpolicymanager/video/leastprivilege/bestpractices/elevatinguserbasedinstalls.md', - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacpromptsactivex.md': '/docs/endpointpolicymanager/video/leastprivilege/uacpromptsactivex.md', - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmountpart1.md': '/docs/endpointpolicymanager/video/leastprivilege/mac/mountunmountpart1.md', - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmounpart2.md': '/docs/endpointpolicymanager/video/leastprivilege/mac/mountunmounpart2.md', - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md': '/docs/endpointpolicymanager/video/leastprivilege/installapplications.md', - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md': '/docs/endpointpolicymanager/video/leastprivilege/mac/adminapproval.md', - '/docs/endpointpolicymanager/resources/video-tutorials.md': '/docs/endpointpolicymanager/video/index.md', - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/systemsettings.md': '/docs/endpointpolicymanager/video/leastprivilege/mac/systemsettings.md', - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securecopy.md': '/docs/endpointpolicymanager/video/leastprivilege/securecopy.md', - '/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md': '/docs/endpointpolicymanager/video/leastprivilege/branding.md' - } - - files_processed = 0 - replacements_made = 0 - - # Find all .md files in the endpointpolicymanager directory - pattern = '/Users/jordan.violet/development/docs/docs/endpointpolicymanager/**/*.md' - md_files = glob.glob(pattern, recursive=True) - - for file_path in md_files: - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - original_content = content - - # Apply each specific mapping - for old_path, new_path in video_mappings.items(): - if old_path in content: - content = content.replace(old_path, new_path) - replacements_made += 1 - print(f"Fixed: {old_path} -> {new_path} in {file_path}") - - # Only write if content changed - if content != original_content: - with open(file_path, 'w', encoding='utf-8') as f: - f.write(content) - files_processed += 1 - - except Exception as e: - print(f"Error processing {file_path}: {e}") - - print(f"\nCompleted video mapping fixes:") - print(f"Files processed: {files_processed}") - print(f"Replacements made: {replacements_made}") - -if __name__ == "__main__": - apply_video_mappings() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/broken_links.json b/docs/accessanalyzer/12.0/broken_links.json deleted file mode 100644 index fe51488c70..0000000000 --- a/docs/accessanalyzer/12.0/broken_links.json +++ /dev/null @@ -1 +0,0 @@ -[] diff --git a/docs/accessanalyzer/12.0/broken_links_complete.json b/docs/accessanalyzer/12.0/broken_links_complete.json deleted file mode 100644 index c1da880f8c..0000000000 --- a/docs/accessanalyzer/12.0/broken_links_complete.json +++ /dev/null @@ -1,6578 +0,0 @@ -[ - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/javajarfiles.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/install/leastprivilegemanagerrule.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientremote.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/rules/executablecombo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/avoiduac.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/wizard.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacpromptsactivex.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/activexitems.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/javathunderbird.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/side.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmountpart1.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmounpart2.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/domainjoined.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/applicationlaunch.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/systemsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/systemsettings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/notificationeditor.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securecopy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securecopy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/brandcustomize.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/executablecombo.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationpackage.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/packageinstallation.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/powershell/maliciousattacks.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/dlls.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/applicationvirtualization.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/addons.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/virtualization/multisession.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/serversessionvirtualization.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/guide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/windows7.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/connectionstab.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/proxysettings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/differentusers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/massdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/upgrading.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/designstudiofirefox.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/tattooing.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/infranview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/operanext.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/gotomeeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/parcctesting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/vmware.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/vmwarefilesettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/java.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/vmwarehorizonmirage.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/office2013.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/designstudiojava.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/ie10.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/modenuke.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/acrobatxpro.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/ie9.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/vmwaresupplements.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/xenapp.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/applock.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/symantecworkspace.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/autoupdater.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/groups.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/digitalsignature.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/dontelevate.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/virtualization/multisession.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/grouppolicy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/settings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/reduceadminrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/scripttriggers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/userfilter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/entraidgroups.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/childprocesses.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/freetraining.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/centralstore.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/sudosupport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/wildcards.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/preventusercommands.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/commandline.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preferences.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainou.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/certificates.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/basicsteps.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/vdiscenarios.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/clientcommands.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/clientcommands.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/client.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/components.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/uninstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/modifyhosts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/deleteicons.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/ntfspermissions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/registry.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/basic-concepts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/clientmachines.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/wildcards.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/wildcards.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/trial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/device-manager/serialnumber.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/device-manager/usbdrive.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/components.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/install/uninstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/firstlogin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/insouts/advantages.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/scripts.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/certificates.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/components.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/reconnectionperiod.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/email.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/guideinstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/concepts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/uacprompts.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/customizedtoken.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/customizedtoken.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/componentlicense.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/export.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/deployinternet.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/export.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/com_cslidclass.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/basic-concepts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/upgrade/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/mac-support/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/device-manager/devicemanager/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/java-enterprise-rules/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/file-associations/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/feature-management/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/administrative-templates/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/deployment-methods/software-packages/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/networksecuritymanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/components.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/frequency.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/bypassinternal.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/tool.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowsuniversalapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/windowsuniversal.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/addons.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/cloud.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/enablepowershell.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/blockedscripttypes.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/msiinstallerfiles.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/trial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/add/administrator.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/add/administrator.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/appxmanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applyondemand.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/ondemand.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/ondemand.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/entrysettings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/trial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firstpak.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/quickstart/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/selfelevation.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/operational.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/storage.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ie.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows11.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/windows7tls.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainmultiple.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/scriptstriggers/systemprocesses.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/onetime.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/rollback.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/standard.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/existinggpos.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationlaunch.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/launchcontrol.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/specialtypes.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/webbasedshares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/gettingstarted/policiesweb.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/ports.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/securitysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/usercontext.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/administrative-templates/settings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/administrative-templates/disableofficeelements.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/administrative-templates/versions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/settings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/printerdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/drivemappings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/startservice.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/passwords.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/delivercertificates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/userfilter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacpromptsactivex.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/installfonts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowsuniversalapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/denymessages.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/preventedge.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/stopransomware.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeployblockmalware.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevateuwp.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/msi.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/deleteicons.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/modifyhosts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/ntfspermissions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/registry.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/enforce.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/email.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applyondemand.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securecopy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesfromadmin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowseventforwarding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/winget.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/printeruacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/microsoftrecommendations.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/denyselfelevate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/selfelevatemode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/license.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/cloudinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/macjointoken.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationpackage.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/systemsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/sudosupport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/wildcards.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationlaunch.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/eventscollector.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmountpart1.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmounpart2.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/privilege.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/collectdiagnostics.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/administrative-templates/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/deployment-methods/software-packages/winget.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/install/chromemanual.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/advancedblockingmessage.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/forcebrowser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/securityzone.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/suppresspopup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/install/removeagent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/useselectablebrowser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/browsermode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/shortcuticons.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/commandlinearguments.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/edgelegacybrowser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/rolesresponsibilities.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/centralstore.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/side.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/printers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/onetime.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/designstudiowindows7.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/windowsremoteassistance.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/upgrade.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/dllstorage.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/bypassinternal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/home.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/certificates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/proxysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/localfileaccess.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/extratabs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/transition.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/certificate/authority.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/preventupdates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/revertoptions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/ntlmpassthru.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/version.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/addons.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/certificate/certificates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/securityenterpriseroots.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/javathunderbird.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/frontmotion.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/nonstandardlocation.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/esr.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/allowremember.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/stopsenddatamessage.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/darktheme.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/side.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/addons.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/certificates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/customsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/mode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/securitypopup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/versionoutofdate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/versioninsecure.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/runapplication.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/useraccountcontrol.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/tasktray.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/internalpredefined.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/bydefault.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/appvsequences.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/applicationvirtualization.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/thinapp.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/xenapp.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/xenapp.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/designstudioadditional.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/fastest.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/guide.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/guideinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/history.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows11.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows7.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/arm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/rightclick.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/prepare.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/item-level-targeting/applypreferences.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/item-level-targeting/securitygroup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/emailoptout.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/item-level-targeting/windows11.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/mmcdisplay.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsserver2019.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidgroups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/onpremisecloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/folderredirection.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/embedclient.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/operatingsystem.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/thirdpartyadvice.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/services.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/item-level-targeting/virtualdesktops.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsendpoint.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/adduser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/twofactorauthentication.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/emailoptout.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/cheksum.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/profileupdate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/services.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/mmcsnapin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/permissions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installsequentially.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installuwp.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/variables.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/printers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/entraid.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/intune.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/intune.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/feature/windows.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/feature/windowsservers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/feature/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/feature/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/upgrades.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/legacy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/java-enterprise-rules/wildcards.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/java-enterprise-rules/virtualizedbrowsers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/java-enterprise-rules/evaluateurls.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/javaenterpriserules/version64bit.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/javaenterpriserules/versionjava.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/freetraining.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/sidexporter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/arm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/editor.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/processmonitor.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/gpobackup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/powershell.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/unlicense.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/admx.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/integration/auditordemo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/integration/auditorsetup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/methods/sccmgrouppolicy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/gettingstarted.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/elevateinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/elevateapplication.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/startscreen.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/applicationsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/admintemplatemanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/browserrouter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/tour.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/leastprivilege.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fslogix/appmasking.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fslogix/profiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fslogix/startmenu.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fslogix/browserdefault.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fslogix/broswerright.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fslogix/browserconfiguration.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fslogix/elevatingapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cameyo/uacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cameyo/browserright.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cameyo/startscreen.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cameyo/applicationsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/history.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/sdmchangemanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/antivirus.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/slowlogins.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/slowlogins.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/rings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/commandline.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/rings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/commandline.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/managers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/pak.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/grouppolicy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorecreate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstoreupdate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/quickrundown.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/manualupdate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/uptodate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllreconnect.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/applicationlaunch.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/variables.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/proxysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/trustedappsets.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/ieproxyserver.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/certificatesevil.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/invincea.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefoxplugins.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromerevert.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromerevertfix.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/oraclejava.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefoxabout.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromebookmarks.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/paksbig.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firstpak.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/addelements.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/foxitprinter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firefox_plugins.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/sealapproval.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/integration.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/demo2.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/xenapp.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/xendesktop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/rds.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/microsoftintune.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/sccmsoftwarecenter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/specops.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeployfirefox.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/integration.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/vmware.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/dedicated.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/localmode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/thinapp.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/thinappworkspace.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/appv.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/xenapp.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/uev.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/thinapp.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/symantec.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/spoonnovell.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/applicationsettings/chrome.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/gettingstarted.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/connectionstab.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/contenttab.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/generaltab.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/privacytab.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/securitytab.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/settings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/favorites.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/gettingstarted.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/clearbrowsing.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/bookmarks.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/gettingstarted.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/defaultsearch.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/popups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extensions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/bookmarks.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extratabs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/disable.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/removeelements.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/miscsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/certificates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/adobe.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/addons.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/bookmarksmodify.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/disable.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/jre.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/securityslider.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/passwordsecure.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/teams.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acrobat.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/flashplayer.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/irfanview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/office.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/skype.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/cylance.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/onapplyscript.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/scriptlocation.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/scriptstriggers/vpnsolutions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/powershellscripts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows7tls.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlannetwork.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlandropbox.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/silentbrowserinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/shortcutpublicdesktop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/powershell.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/updateregistry.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/resetsecurechannel.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/temperatureunit.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/bitlockerdeployment.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows10modifyscript.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/teamsminimized.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/vpnconnection.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/eventlogtriggers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localaccountpassword.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/vpn.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/screensavers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/processesdetails.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/edgefirstlogon.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localscheduledtask.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/overviewmanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/overviewtechnical.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modestandalone.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modeserver.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepull.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepush.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/securityenhanced.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/existinggpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importgpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importstig.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/firewallports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/stackmsi.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/rightbrowser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgesupport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/blockwebsites.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ie.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/citrix.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/custombrowsers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chromenondomainjoined.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieforce.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/firefox.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chrome.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edge.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/browsericon.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/server.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/ou.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/ousub.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/ousub.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/domainou.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/gpoedit.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/domain.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/domainmultiple.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/scope.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/disabledcomputer.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/users.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/wizard.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/enforced.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/cloud/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/cloud/notifications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/cloud/licensestatus.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/cloud/billing.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/cloud/reclaimed.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/trial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/tool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/intune.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/edit.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/virtualization/terminalservices.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/virtualization/multisession.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/virtualization/tool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/virtualization/count.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/virtualization/desktops.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/setup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/entraid.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/domainmultiple.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/hybrid.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/jointype.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/tool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/name.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/adminrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/universal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/filemultiple.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/components.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/options.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/fileold.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/reset.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/whenwhy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/components.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/transition.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cachepreferences.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cacheengine.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/deployment-methods/group-policy/insertuserinfo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/deployment-methods/group-policy/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/appxmanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/removeapps.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/blockapps.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/winget/deployapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/winget/run.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/extrastool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/smb.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/basic-concepts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeployblockmalware.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/install/autoupdate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/introduction.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremiseexport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/securitysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/preferences.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/features.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/emaillogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/add/administrator.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/install/leastprivilegemanagerrule.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/entraid.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/fileinfoviewer.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/restricted_groups_editor.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/registrationmode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/file-associations/collections/gpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/file-associations/oemdefaultassociations.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/transition.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/cloud/client.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/cloud/clientdomainnondomain.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/cloud/activedirectory.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/fakedc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/cloud/clientremote.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/cloud/slowinternet.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/creditcard.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/security/datasafety.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/add/administrator.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/cloud/usage.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/client.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/signature.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/sha.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/signingid.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/edit.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/unlink.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/remoteworkdeliverymanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/cloud/removeendpoint.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/updatefrequency.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/syncfrequency.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/security/publickeypoliciessettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/targetingeditor.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/cloud/clientsilent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/type.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/groups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/version.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/splunk.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/universalwindowsapps.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/wizard.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/preconfiguredadvice.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloudusage.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/adobereader.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/mailto.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10modify.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helpertool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/firstlogin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helperapplication.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/acroreader.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10questions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/acroreader.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/chocolaty.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/windows10prolockscreen.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/customdefaultfileassociations.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/unwantedapps.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/printers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/bitlocker.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/x509certificates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/printersetup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/auditpol.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/scripttriggers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/lockunlocksession.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/shutdownscripts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/vpnconnect.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/anyconnect.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/events.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/windows10startmenu.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/realgrouppolicy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/mobileiron.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/workspaceone.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/citrixendpointmanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/admintemplates.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/renameendpoint.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraid.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraidgroupmembership.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraidgroupdetermine.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/install/autoupdate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/gettingstarted.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/browserrouter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/block.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/oracledeploymentrulesets.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/integration/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/versionsmultiple.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/sccm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/xmlsurgery.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/renameendpoint.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/integration.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/itemleveltargeting/editmanual.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/flatlegacyview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/mmcconsole.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/grouppolicy/remotedesktopconnection.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/scenarios.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/deliveryreports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/gpocompilancereporter/sqlserver.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/install.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/basis.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/types.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/userlimit.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/compliancereports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/shareacrossteam.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/difference.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/trial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/minimum.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/expire.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/trueup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/tool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/multiyear.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/domainmultiple.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/realgposettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/cloudimport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/sccm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/mergetool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/deployinternet.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/screensavers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/preferences/consolidateprinter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/preferences/drivemaps.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/preferences/consolidateregistry.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/preferences/shortcuts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/preferences/delivergpprefs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/preferences/cloudlocaluser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/license.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/accountelevatedprocess.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/macroattacks.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/digitalsignature.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/applocker.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/runasadmin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/synapticspointingdevicedriver.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/installfonts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mmcsnapin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/registry.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/windowsdefender.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/installers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/editrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/applicationextension.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mspfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/allfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/setup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/enablepowershell.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/blockedscripttypes.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/webex.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/mykipasswordmanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/chromeextension.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/bestpractices.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/adminapprovalwork.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/reduceadminrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/scope.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/activexcontrol.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/powershell/maliciousattacks.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/servicenow.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/selfelevation.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/optionsshowpopupmessage.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/custommenuitemtext.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/singlelinecommands.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/printerdriverinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/mmc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/createpolicies.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/basics.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/domainnames.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/applicationsports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/globalsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/auditingevents.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/vdiscenarios.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/rightbrowser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/citrix.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/usbdrive.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowuser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowvendor.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/serialnumber.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/bitlockerdrives.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/enduser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/dmhelpertool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/dmapprovalautorules.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/smb.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/webbasedshares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/masscopy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/patching.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/localfilecopy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/azureblobstorage.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/vdi.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/vdi.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/windows10startmenu.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/demotaskbar.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/linksie.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/customicons.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/startscreentaskbar/revertstartmenu.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/mdmitemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/integration/citrix.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/integration/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/onetime.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/startscreentaskbar/windowserver.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/modes.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/startscreentaskbar/mappeddrives.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/explorer.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/sccmsoftwarecenter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/appv.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/helpertools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/foldershortcut.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/addlink.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/adminconsole.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/node.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/methods.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/sccm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/citrixapplayering.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/antivirus.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/why.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/windows7.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/rings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/upgrade/frequency.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/update/frequency.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/update/commandline.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/update/config.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/uninstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/enforce.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/avoidpopups.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/windowseventforwarding.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/itemleveltargeting.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/xmldatafiles/upload.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/securitysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/restricted_groups_editor.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/preferences.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/administrative-templates/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/collection.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/editpolicytemplate/browsermode.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/java-enterprise-rules/exportcollections.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/processorderprecedence.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/navigation.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/passwords.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/preconfiguredadvice.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/collections/preconfigured.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/storage/central.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/cortana.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/wizard.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/productwizard.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/mapextensions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/applicationextension.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/trial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/types.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientsilent.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/office365.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremiseexport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/specialnotes.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/client.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/add/administrator.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/adduser.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editcustomerlevelportalpolicies.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/rolemanagement.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/rolemanagement.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/startscreen/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/arm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/prepareendpoint.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/prepareendpoint.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/someapplications.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/preferences.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/install/defaultbrowser.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/applymode.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/java-enterprise-rules/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/java-enterprise-rules/prompts/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/gettoknow/usage.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/rings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/securitysettings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/exportwizard.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/firefoxinternetexplorer.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/onpremisecloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/rules/apply/ondemand.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/browserrouter.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/servicenow.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/together.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/emaillogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/entraid.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/configureentraidaccess.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/gui.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/mobileiron.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/mobileiron.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/procmon.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/integration.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/restoredetails.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepull.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installers.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/itemleveltargeting/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/changeemail.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/resendwelcomeletter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/loginrestrictionseditor.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/notificationeditor.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/computerside.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/eventcollection/report.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/rulesgenerator/automatic.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/modes/applock.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/reapplylaunchdisable.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/grouppolicyeditors.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/enhancedsecurerun.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/convertxmls.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/demotaskbar.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/taskbar.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/delivercertificates.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/publickeypoliciessettings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/programs.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/securityenhanced.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/install.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/defined.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helperapplication.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/helperutility.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockapp.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/vdisolutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/antivirus.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/browserrouter/contactsupport.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/forceinstall.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/blockwebsites.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/block.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/realgrouppolicy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/processmonitor.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/hangingprocess.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/runasadmin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/intelgraphicdriver.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/custombrowsers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/custom.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/cloud.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/centralstore.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/localmissing.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/acllockdown.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/browsericon.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/shortcuticons.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extensions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/forceinstallation.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/gpotouchutility.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/embedclient.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/slowinternet.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/slowinternet.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mac/eventcollectiion.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/microsoftintune.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/antivirus.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/install/sufficientprivileges.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/makemsis.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/makemsis.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/betweenbrowsers.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/propertiesproject.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/otherpolicydeliverymechanisms.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/stackmsi.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/virtualization/terminalservices.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/virtualization/tool.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/fileold.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/expires.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/expires.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/ntlmpassthru.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/permissions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/version.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/firefox/certificates.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/downloads.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/revokecompanycertificate.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/upgrade/rings/activedirectory.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/services.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/edge.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/masscopy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/advanced/standard/recursion.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/importpolicies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/antivirus.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/mmc.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/disable.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/removeelements.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/java/issue.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helperutility.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/downloads.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/findfixgpos.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockadmins.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/workspaceone.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/vmwareworkspaceone.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importstig.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/existinggpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/platform-specific/windows-requirements/support/scriptstriggers/vpnsolutions.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/mappeddrives/vpn.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/rings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/firewallports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/clientendpoint.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/reports.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/legacy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/rings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/components.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/preferences/settings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/webex.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/history.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/sdmchangemanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepush.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/methods.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/adminconsole.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/blockedscripttypes.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/securerun/inlinecommands.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/setup.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/entraid.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/setup.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/folderredirection.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/methods.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/antivirus.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/antivirus.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/customicons.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/customicons.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/computergroups/workingwith.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/computergroups/workingwith.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/cloud/clientsilent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/verify.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/rings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/graceperiod.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/uptodate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentsexclude.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentsexclude.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/basics.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/auditingevents.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/executables.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/rules/executablecombo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/applicationsports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/globalsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/integration/auditorsetup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/rings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/ringsupgrade.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/sccmsoftwarecenter.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeployfirefox.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/methods/sccmgrouppolicy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/mac/logs.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/antivirus.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/adobelinks.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/remoteworkdeliverymanager.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/installfonts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installfonts.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/settingsdeliveryreinforcementoptions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/javaprompts.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/allowremember.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/javaprompts.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/stopransomware.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/windowsremoteassistance.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/fakedc.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mmcsnapin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/windowsdefender.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/leastprivilege/serverbusy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/installation-and-deployment/rings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/trial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/trial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/introduction.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/trial.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/setup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/admxregistry.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/clientsideextension/uninstallpassword.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowseventforwarding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/install.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/dmapprovalautorules.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/enduser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/usbdrive.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/name.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/privilege.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowuser.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/serialnumber.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/device/bitlockerdrives.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/scope.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/powershell.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/reports.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chromenondomainjoined.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/limitations.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/features.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/registrationmode.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/computergroups/workingwith.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/tool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/options.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/tool.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/options.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/powershell.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/grouppolicy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/mdm.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/cloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/downloadcontents.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/reference/index.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/integrations/third-party-integrations/pdqdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/massdeploy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/upgrading.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/archive/archived-guides/upgrading.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/versioncontrol.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/mdm/setup.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/installation.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/knowledge-base.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/uemtools.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/options.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/entraid.md" - } -] diff --git a/docs/accessanalyzer/12.0/broken_links_fix_summary.md b/docs/accessanalyzer/12.0/broken_links_fix_summary.md deleted file mode 100644 index e439abc30c..0000000000 --- a/docs/accessanalyzer/12.0/broken_links_fix_summary.md +++ /dev/null @@ -1,123 +0,0 @@ -# Broken Links Fix Summary - -## Overview - -Successfully processed and fixed broken links in the endpointpolicymanager documentation. - -## Results - -- **Initial broken links**: 1,644 -- **Final broken links**: 102 -- **Links fixed**: 1,542 -- **Success rate**: 94% - -## Patterns Fixed - -### 1. Video Tutorial Paths ✅ - -**Pattern**: `/resources/video-tutorials/` → `/video/` - -- **Example**: `/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md` → `/docs/endpointpolicymanager/video/leastprivilege/elevate/scripts.md` -- **Files affected**: ~800+ links - -### 2. Security and Privilege Management ✅ - -**Pattern**: `/security-and-privilege-management/least-privilege-manager/` → `/leastprivilege/` - -- **Example**: `/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/rules/executablecombo.md` → `/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/executablecombo.md` -- **Files affected**: ~200+ links - -### 3. Application Management ✅ - -**Pattern**: `/application-management/application-settings/` → `/applicationsettings/` - -- **Example**: `/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/` → `/docs/endpointpolicymanager/applicationsettings/preconfigured/` -- **Files affected**: ~150+ links - -### 4. Installation and Deployment ✅ - -**Pattern**: `/installation-and-deployment/` → `/install/` - -- **Example**: `/docs/endpointpolicymanager/installation-and-deployment/adminconsole.md` → `/docs/endpointpolicymanager/install/adminconsole.md` -- **Files affected**: ~100+ links - -### 5. Cloud and Remote Management ✅ - -**Pattern**: `/cloud-and-remote-management/cloud-management/` → `/cloud/` -**Pattern**: `/cloud-and-remote-management/mdm-integration/` → `/mdm/` - -- **Files affected**: ~100+ links - -### 6. Other Path Corrections ✅ - -- Licensing paths: `/licensing/` → `/license/` -- Getting started: `/getting-started/` → `/gettingstarted/` -- Policy management: `/policy-management/administrative-templates/` → `/administrativetemplates/` -- Troubleshooting: `/troubleshooting/tips/` → `/troubleshooting/` - -## Remaining Issues (102 links) - -### Categories of remaining broken links: - -1. **Archive Links** (~25 links) - - - These point to `/archive/archived-guides/` files that may not exist - - May need to be removed or redirected - -2. **Missing Module Structure** (~40 links) - - - Links to modules not yet restructured (e.g., `application-management`, `device-and-desktop-management`) - - These modules may need similar restructuring - -3. **Generic Resource Links** (~15 links) - - - `/resources/video-tutorials.md` - generic landing page - - `/resources/knowledge-base.md` - generic knowledge base page - - These may need to be replaced with specific content - -4. **Complex Path Mappings** (~22 links) - - Links that require more complex path analysis - - May need manual review and custom mapping - -## Next Steps - -### Immediate Actions: - -1. **Review Archive Links**: Decide whether to remove or redirect archived content -2. **Create Missing Landing Pages**: For generic resource links -3. **Module Restructuring**: Apply similar fixes to remaining modules - -### For Consideration: - -1. **Automated Testing**: Set up automated link checking in CI/CD -2. **Redirect Rules**: Consider setting up redirect rules for common old paths -3. **Documentation Standards**: Establish guidelines for internal link formatting - -## Tools Created - -### Scripts: - -1. `fix_broken_links.py` - Main script for bulk link fixing -2. `fix_remaining_links.py` - Enhanced script for complex patterns - -### Data Files: - -1. `broken_links_complete.json` - Complete list of original broken links -2. `broken_links_sample.json` - Sample for testing -3. `final_build_report.log` - Final build output with remaining issues - -## Manual Fixes Applied - -The first two video tutorial links were manually fixed as examples: - -- `/docs/endpointpolicymanager/leastprivilege/elevate/javajarfiles.md` -- `/docs/endpointpolicymanager/install/cloud/clientremote.md` - -## Impact - -This fix significantly improves the documentation experience by: - -- Reducing broken internal links by 94% -- Ensuring video tutorials are properly linked -- Maintaining consistent URL structure -- Improving navigation reliability diff --git a/docs/accessanalyzer/12.0/broken_links_raw.txt b/docs/accessanalyzer/12.0/broken_links_raw.txt deleted file mode 100644 index fc0ceaa33e..0000000000 --- a/docs/accessanalyzer/12.0/broken_links_raw.txt +++ /dev/null @@ -1,1644 +0,0 @@ -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/javajarfiles.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/install/leastprivilegemanagerrule.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientremote.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/rules/executablecombo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/avoiduac.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/wizard.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacpromptsactivex.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/activexitems.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/javathunderbird.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/side.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmountpart1.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmounpart2.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/domainjoined.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/applicationlaunch.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/systemsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/systemsettings.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/notificationeditor.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securecopy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securecopy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/brandcustomize.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/executablecombo.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationpackage.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/packageinstallation.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/powershell/maliciousattacks.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/dlls.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/applicationvirtualization.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/addons.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/virtualization/multisession.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/serversessionvirtualization.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/guide.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/windows7.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/connectionstab.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/proxysettings.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/differentusers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/massdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/upgrading.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/designstudiofirefox.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/tattooing.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/infranview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/operanext.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/gotomeeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/parcctesting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/vmware.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/vmwarefilesettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/java.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/vmwarehorizonmirage.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/office2013.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/designstudiojava.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/ie10.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/modenuke.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/acrobatxpro.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/ie9.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/vmwaresupplements.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/xenapp.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/applock.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/symantecworkspace.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/autoupdater.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/groups.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/digitalsignature.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/dontelevate.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/virtualization/multisession.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/grouppolicy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/settings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/reduceadminrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/scripttriggers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/userfilter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/entraidgroups.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/childprocesses.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/freetraining.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/centralstore.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/sudosupport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/wildcards.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/preventusercommands.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/commandline.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preferences.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainou.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/certificates.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/basicsteps.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/vdiscenarios.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/clientcommands.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/clientcommands.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/client.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/components.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/uninstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/modifyhosts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/deleteicons.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/ntfspermissions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/registry.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/basic-concepts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/clientmachines.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/wildcards.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/wildcards.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/trial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/device-manager/serialnumber.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/device-manager/usbdrive.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/components.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/install/uninstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/firstlogin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/insouts/advantages.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/scripts.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/certificates.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/components.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/reconnectionperiod.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/email.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/guideinstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/concepts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/uacprompts.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/customizedtoken.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/customizedtoken.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/componentlicense.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/export.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/deployinternet.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/export.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/com_cslidclass.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/basic-concepts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/upgrade/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/mac-support/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/device-manager/devicemanager/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/java-enterprise-rules/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/file-associations/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/feature-management/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/administrative-templates/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/deployment-methods/software-packages/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/networksecuritymanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/components.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/frequency.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/bypassinternal.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/tool.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowsuniversalapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/windowsuniversal.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/addons.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/cloud.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/enablepowershell.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/blockedscripttypes.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/msiinstallerfiles.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/trial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/add/administrator.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/add/administrator.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/appxmanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applyondemand.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/ondemand.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/ondemand.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/entrysettings.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/trial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firstpak.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/quickstart/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/selfelevation.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/operational.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/storage.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ie.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows11.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/windows7tls.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainmultiple.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/scriptstriggers/systemprocesses.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/onetime.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/rollback.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/standard.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/existinggpos.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationlaunch.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/launchcontrol.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/specialtypes.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/webbasedshares.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/gettingstarted/policiesweb.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/ports.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/securitysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/usercontext.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/administrative-templates/settings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/administrative-templates/disableofficeelements.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/administrative-templates/versions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/settings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/printerdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/drivemappings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/startservice.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/passwords.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/delivercertificates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/userfilter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacpromptsactivex.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/installfonts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowsuniversalapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/denymessages.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/preventedge.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/stopransomware.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeployblockmalware.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevateuwp.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/msi.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/deleteicons.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/modifyhosts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/ntfspermissions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/registry.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/enforce.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/email.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applyondemand.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securecopy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesfromadmin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowseventforwarding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/winget.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/printeruacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/microsoftrecommendations.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/denyselfelevate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/selfelevatemode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/license.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/cloudinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/macjointoken.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationpackage.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/systemsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/sudosupport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/wildcards.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationlaunch.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/eventscollector.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmountpart1.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmounpart2.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/privilege.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/collectdiagnostics.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/administrative-templates/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md""} -{"broken_link": "(/docs/endpointpolicymanager/deployment-methods/software-packages/winget.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/install/chromemanual.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/advancedblockingmessage.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/forcebrowser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/securityzone.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/suppresspopup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/install/removeagent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/useselectablebrowser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/browsermode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/shortcuticons.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/commandlinearguments.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/edgelegacybrowser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/rolesresponsibilities.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/centralstore.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/side.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/printers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/onetime.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/designstudiowindows7.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/windowsremoteassistance.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/upgrade.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/dllstorage.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/bypassinternal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/home.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/certificates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/proxysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/localfileaccess.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/extratabs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/transition.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/certificate/authority.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/preventupdates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/revertoptions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/ntlmpassthru.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/version.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/addons.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/certificate/certificates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/securityenterpriseroots.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/javathunderbird.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/frontmotion.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/nonstandardlocation.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/esr.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/allowremember.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/stopsenddatamessage.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/darktheme.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/side.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/addons.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/certificates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/customsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/mode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/securitypopup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/versionoutofdate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/versioninsecure.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/runapplication.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/useraccountcontrol.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/tasktray.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/internalpredefined.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/bydefault.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/appvsequences.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/applicationvirtualization.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/thinapp.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/xenapp.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/xenapp.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/designstudioadditional.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/fastest.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/guide.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/guideinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/history.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows11.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows7.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/arm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/rightclick.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/prepare.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/item-level-targeting/applypreferences.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/item-level-targeting/securitygroup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/emailoptout.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/item-level-targeting/windows11.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/mmcdisplay.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsserver2019.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidgroups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/onpremisecloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/folderredirection.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/embedclient.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/operatingsystem.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/thirdpartyadvice.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/services.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/item-level-targeting/virtualdesktops.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsendpoint.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/adduser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/twofactorauthentication.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/emailoptout.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/cheksum.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/profileupdate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/services.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/mmcsnapin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/permissions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installsequentially.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installuwp.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/variables.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/printers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/entraid.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/intune.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/intune.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/feature/windows.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/feature/windowsservers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/feature/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/feature/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/upgrades.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/legacy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/java-enterprise-rules/wildcards.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/java-enterprise-rules/virtualizedbrowsers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/java-enterprise-rules/evaluateurls.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/javaenterpriserules/version64bit.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/javaenterpriserules/versionjava.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/freetraining.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/sidexporter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/arm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/editor.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/processmonitor.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/gpobackup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/powershell.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/unlicense.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/admx.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/integration/auditordemo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/integration/auditorsetup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/methods/sccmgrouppolicy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/gettingstarted.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/elevateinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/elevateapplication.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/startscreen.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/applicationsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/admintemplatemanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/browserrouter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/tour.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/leastprivilege.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fslogix/appmasking.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fslogix/profiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fslogix/startmenu.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fslogix/browserdefault.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fslogix/broswerright.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fslogix/browserconfiguration.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fslogix/elevatingapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cameyo/uacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cameyo/browserright.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cameyo/startscreen.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cameyo/applicationsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/history.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/sdmchangemanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/antivirus.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/slowlogins.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/slowlogins.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/rings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/commandline.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/rings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/commandline.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/managers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/pak.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/grouppolicy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorecreate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstoreupdate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/quickrundown.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/manualupdate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/uptodate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllreconnect.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/applicationlaunch.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/variables.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/proxysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/trustedappsets.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/ieproxyserver.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/certificatesevil.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/invincea.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefoxplugins.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromerevert.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromerevertfix.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/oraclejava.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefoxabout.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromebookmarks.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/paksbig.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firstpak.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/addelements.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/foxitprinter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firefox_plugins.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/sealapproval.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/integration.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/demo2.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/xenapp.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/xendesktop.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/rds.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/microsoftintune.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/sccmsoftwarecenter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/specops.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeployfirefox.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/integration.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/vmware.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/dedicated.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/localmode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/thinapp.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/thinappworkspace.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/appv.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/xenapp.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/uev.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/thinapp.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/symantec.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/spoonnovell.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/applicationsettings/chrome.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/gettingstarted.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/connectionstab.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/contenttab.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/generaltab.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/privacytab.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/securitytab.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/settings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/favorites.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/gettingstarted.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/clearbrowsing.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/bookmarks.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/gettingstarted.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/defaultsearch.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/popups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extensions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/bookmarks.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extratabs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/disable.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/removeelements.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/miscsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/certificates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/adobe.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/addons.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/bookmarksmodify.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/disable.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/jre.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/securityslider.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/passwordsecure.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/teams.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acrobat.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/flashplayer.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/irfanview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/office.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/skype.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/cylance.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/onapplyscript.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/scriptlocation.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/scriptstriggers/vpnsolutions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/powershellscripts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows7tls.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlannetwork.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlandropbox.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/silentbrowserinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/shortcutpublicdesktop.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/powershell.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/updateregistry.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/resetsecurechannel.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/temperatureunit.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/bitlockerdeployment.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows10modifyscript.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/teamsminimized.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/vpnconnection.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/eventlogtriggers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localaccountpassword.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/vpn.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/screensavers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/processesdetails.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/edgefirstlogon.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localscheduledtask.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/overviewmanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/overviewtechnical.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modestandalone.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modeserver.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepull.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepush.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/securityenhanced.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/existinggpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importgpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importstig.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/firewallports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/stackmsi.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/rightbrowser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgesupport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/blockwebsites.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ie.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/citrix.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/custombrowsers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chromenondomainjoined.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieforce.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/firefox.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chrome.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edge.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/browsericon.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/server.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/ou.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/ousub.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/ousub.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/domainou.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/gpoedit.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/domain.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/domainmultiple.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/scope.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/disabledcomputer.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/users.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/wizard.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/enforced.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/cloud/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/cloud/notifications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/cloud/licensestatus.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/cloud/billing.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/cloud/reclaimed.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/trial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/tool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/intune.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/edit.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/virtualization/terminalservices.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/virtualization/multisession.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/virtualization/tool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/virtualization/count.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/virtualization/desktops.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/setup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/entraid.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/domainmultiple.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/hybrid.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/jointype.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/tool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/name.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/adminrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/universal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/filemultiple.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/components.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/options.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/fileold.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/reset.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/whenwhy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/components.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/transition.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cachepreferences.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cacheengine.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/deployment-methods/group-policy/insertuserinfo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/deployment-methods/group-policy/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/appxmanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/removeapps.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/blockapps.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/winget/deployapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/winget/run.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/extrastool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/smb.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/basic-concepts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeployblockmalware.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/install/autoupdate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/introduction.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremiseexport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/securitysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/preferences.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/features.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/emaillogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/add/administrator.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/install/leastprivilegemanagerrule.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/entraid.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/fileinfoviewer.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/restricted_groups_editor.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/registrationmode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/file-associations/collections/gpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/file-associations/oemdefaultassociations.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/transition.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/cloud/client.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/cloud/clientdomainnondomain.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/cloud/activedirectory.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/fakedc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/cloud/clientremote.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/cloud/slowinternet.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/creditcard.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/security/datasafety.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/add/administrator.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/cloud/usage.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/client.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/signature.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/sha.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/signingid.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/edit.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/unlink.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/remoteworkdeliverymanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/cloud/removeendpoint.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/updatefrequency.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/syncfrequency.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/security/publickeypoliciessettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/targetingeditor.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/cloud/clientsilent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/type.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/groups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/version.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/splunk.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/universalwindowsapps.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/wizard.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/preconfiguredadvice.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloudusage.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/adobereader.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/mailto.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10modify.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helpertool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/firstlogin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helperapplication.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/acroreader.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10questions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/acroreader.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/chocolaty.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/windows10prolockscreen.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/customdefaultfileassociations.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/unwantedapps.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/printers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/bitlocker.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/x509certificates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/printersetup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/auditpol.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/scripttriggers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/lockunlocksession.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/shutdownscripts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/vpnconnect.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/anyconnect.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/events.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/windows10startmenu.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/realgrouppolicy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/mobileiron.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/workspaceone.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/citrixendpointmanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/admintemplates.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/renameendpoint.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraid.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraidgroupmembership.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraidgroupdetermine.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/install/autoupdate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/gettingstarted.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/browserrouter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/block.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/oracledeploymentrulesets.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/integration/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/versionsmultiple.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/sccm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/xmlsurgery.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/renameendpoint.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/integration.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/itemleveltargeting/editmanual.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/flatlegacyview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/mmcconsole.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/grouppolicy/remotedesktopconnection.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/scenarios.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/deliveryreports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/gpocompilancereporter/sqlserver.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/install.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/basis.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/types.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/userlimit.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/compliancereports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/shareacrossteam.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/difference.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/trial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/minimum.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/expire.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/trueup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/tool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/multiyear.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/domainmultiple.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/realgposettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/cloudimport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/sccm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/mergetool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/deployinternet.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/screensavers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/preferences/consolidateprinter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/preferences/drivemaps.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/preferences/consolidateregistry.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/preferences/shortcuts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/preferences/delivergpprefs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/preferences/cloudlocaluser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/license.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/accountelevatedprocess.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/macroattacks.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/digitalsignature.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/applocker.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/runasadmin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/synapticspointingdevicedriver.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/installfonts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mmcsnapin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/registry.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/windowsdefender.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/installers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/editrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/applicationextension.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mspfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/allfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/setup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/enablepowershell.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/blockedscripttypes.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/webex.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/mykipasswordmanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/chromeextension.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/bestpractices.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/adminapprovalwork.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/reduceadminrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/scope.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/activexcontrol.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/powershell/maliciousattacks.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/servicenow.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/selfelevation.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/optionsshowpopupmessage.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/custommenuitemtext.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/singlelinecommands.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/printerdriverinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/mmc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/createpolicies.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/basics.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/domainnames.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/applicationsports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/globalsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/auditingevents.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/vdiscenarios.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/rightbrowser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/citrix.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/usbdrive.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowuser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowvendor.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/serialnumber.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/bitlockerdrives.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/enduser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/dmhelpertool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/dmapprovalautorules.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/smb.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/webbasedshares.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/masscopy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/patching.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/localfilecopy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/azureblobstorage.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/vdi.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/vdi.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/windows10startmenu.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/demotaskbar.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/linksie.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/customicons.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/startscreentaskbar/revertstartmenu.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/mdmitemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/integration/citrix.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/integration/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/onetime.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/startscreentaskbar/windowserver.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/modes.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/startscreentaskbar/mappeddrives.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/explorer.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/sccmsoftwarecenter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/appv.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/helpertools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/foldershortcut.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/addlink.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/adminconsole.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/node.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/methods.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/sccm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/citrixapplayering.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/antivirus.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/why.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/windows7.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/rings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/upgrade/frequency.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/update/frequency.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/update/commandline.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/update/config.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/uninstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/enforce.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/avoidpopups.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/windowseventforwarding.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/itemleveltargeting.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/xmldatafiles/upload.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/securitysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/restricted_groups_editor.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/preferences.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/administrative-templates/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/collection.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/editpolicytemplate/browsermode.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/java-enterprise-rules/exportcollections.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/processorderprecedence.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/navigation.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/passwords.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/preconfiguredadvice.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/collections/preconfigured.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/storage/central.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/cortana.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/wizard.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/productwizard.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/mapextensions.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/applicationextension.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/trial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/types.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientsilent.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/office365.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremiseexport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/specialnotes.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/client.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/add/administrator.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/adduser.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editcustomerlevelportalpolicies.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/rolemanagement.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/rolemanagement.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/startscreen/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/arm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/prepareendpoint.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/prepareendpoint.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/someapplications.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/preferences.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/install/defaultbrowser.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/applymode.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/java-enterprise-rules/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/java-enterprise-rules/prompts/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/gettoknow/usage.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/rings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/securitysettings.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/exportwizard.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/firefoxinternetexplorer.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/onpremisecloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/rules/apply/ondemand.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/browserrouter.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/servicenow.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/together.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/emaillogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/entraid.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/configureentraidaccess.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/gui.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/mobileiron.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/mobileiron.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/procmon.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/integration.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/restoredetails.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepull.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installers.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/itemleveltargeting/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/changeemail.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/resendwelcomeletter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/loginrestrictionseditor.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/notificationeditor.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/computerside.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/eventcollection/report.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/rulesgenerator/automatic.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/modes/applock.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/reapplylaunchdisable.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/grouppolicyeditors.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/enhancedsecurerun.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/convertxmls.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/demotaskbar.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/taskbar.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/delivercertificates.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/publickeypoliciessettings.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/programs.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/securityenhanced.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/install.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/defined.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helperapplication.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/helperutility.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockapp.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/vdisolutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/antivirus.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/browserrouter/contactsupport.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/forceinstall.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/blockwebsites.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/block.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/realgrouppolicy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/processmonitor.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/hangingprocess.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/runasadmin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/intelgraphicdriver.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/custombrowsers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/custom.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/cloud.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/centralstore.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/localmissing.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/acllockdown.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/browsericon.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/shortcuticons.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extensions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/forceinstallation.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/gpotouchutility.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/embedclient.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/slowinternet.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/slowinternet.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mac/eventcollectiion.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/microsoftintune.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/antivirus.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/install/sufficientprivileges.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/makemsis.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/makemsis.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/betweenbrowsers.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/propertiesproject.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/otherpolicydeliverymechanisms.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/stackmsi.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/virtualization/terminalservices.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/virtualization/tool.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/fileold.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/expires.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/expires.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/ntlmpassthru.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/permissions.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/version.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/firefox/certificates.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/downloads.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/revokecompanycertificate.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/upgrade/rings/activedirectory.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/services.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/edge.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/masscopy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/advanced/standard/recursion.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/importpolicies.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/antivirus.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/mmc.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/disable.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/removeelements.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/java/issue.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helperutility.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/downloads.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/findfixgpos.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockadmins.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/workspaceone.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/vmwareworkspaceone.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importstig.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/existinggpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md""} -{"broken_link": "(/docs/endpointpolicymanager/platform-specific/windows-requirements/support/scriptstriggers/vpnsolutions.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/mappeddrives/vpn.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/rings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/firewallports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/clientendpoint.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/reports.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/legacy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/rings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/components.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/preferences/settings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/webex.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/history.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/sdmchangemanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepush.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/methods.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/adminconsole.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/blockedscripttypes.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/securerun/inlinecommands.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/setup.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/entraid.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/setup.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/folderredirection.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/methods.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/antivirus.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/antivirus.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/customicons.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/customicons.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/computergroups/workingwith.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/computergroups/workingwith.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/cloud/clientsilent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/verify.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/rings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/graceperiod.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/uptodate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentsexclude.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentsexclude.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/basics.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/auditingevents.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/executables.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/rules/executablecombo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/applicationsports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/globalsettings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/integration/auditorsetup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/rings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/ringsupgrade.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/sccmsoftwarecenter.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeployfirefox.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/methods/sccmgrouppolicy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/mac/logs.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/antivirus.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/adobelinks.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/remoteworkdeliverymanager.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/installfonts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installfonts.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/settingsdeliveryreinforcementoptions.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/javaprompts.md""} -{"broken_link": "(/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/allowremember.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/javaprompts.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/stopransomware.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/windowsremoteassistance.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/fakedc.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mmcsnapin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/windowsdefender.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/leastprivilege/serverbusy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md""} -{"broken_link": "(/docs/endpointpolicymanager/installation-and-deployment/rings.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/trial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/trial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/introduction.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/trial.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/setup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/admxregistry.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/clientsideextension/uninstallpassword.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowseventforwarding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/install.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/dmapprovalautorules.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md""} -{"broken_link": "(/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/enduser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/usbdrive.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/name.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/privilege.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md""} -{"broken_link": "(/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowuser.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/serialnumber.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/device/bitlockerdrives.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/activedirectory/scope.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/powershell.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/reports.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chromenondomainjoined.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/limitations.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/features.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/registrationmode.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/computergroups/workingwith.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/tool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/options.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/tool.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/options.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/powershell.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/grouppolicy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/mdm.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/cloud.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/downloadcontents.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md""} -{"broken_link": "(/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md""} -{"broken_link": "(/docs/endpointpolicymanager/reference/index.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md""} -{"broken_link": "(/docs/endpointpolicymanager/integrations/third-party-integrations/pdqdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/massdeploy.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/upgrading.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md""} -{"broken_link": "(/docs/endpointpolicymanager/archive/archived-guides/upgrading.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md""} -{"broken_link": "(/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/overview.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/versioncontrol.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/mdm/setup.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/installation.md""} -{"broken_link": "(/docs/endpointpolicymanager/resources/knowledge-base.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/uemtools.md""} -{"broken_link": "(/docs/endpointpolicymanager/licensing/unlicense/options.md)", "source_file": ""/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/entraid.md""} diff --git a/docs/accessanalyzer/12.0/broken_links_sample.json b/docs/accessanalyzer/12.0/broken_links_sample.json deleted file mode 100644 index dda84cebf2..0000000000 --- a/docs/accessanalyzer/12.0/broken_links_sample.json +++ /dev/null @@ -1,82 +0,0 @@ -[ - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/javajarfiles.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/cloud/install/leastprivilegemanagerrule.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientremote.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/rules/executablecombo.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/avoiduac.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/activedirectory/wizard.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacpromptsactivex.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/activexitems.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/javathunderbird.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/side.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmountpart1.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmounpart2.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/domainjoined.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/applicationlaunch.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/overview.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/systemsettings.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/systemsettings.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/notificationeditor.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securecopy.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securecopy.md" - }, - { - "broken_link": "/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md", - "source_file": "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/brandcustomize.md" - } -] diff --git a/docs/accessanalyzer/12.0/build_final.log b/docs/accessanalyzer/12.0/build_final.log deleted file mode 100644 index 63fea5a767..0000000000 --- a/docs/accessanalyzer/12.0/build_final.log +++ /dev/null @@ -1,471 +0,0 @@ - -> netwrix-docs@0.1 build:single -> node scripts/build-single.js endpointpolicymanager - -Building single product: endpointpolicymanager -Using plugin ID: endpointpolicymanager -Starting build... -[INFO] [en] Creating an optimized production build... -[WARNING] Docusaurus site warnings: -- Your site is using the SWC js loader. You can safely remove the Babel config file at `babel.config.js`. -[WARNING] Docusaurus found broken links! - -Please check the pages of your site in the list below, and make sure you don't reference any path that does not exist. -Note: it's possible to ignore broken links with the 'onBrokenLinks' Docusaurus configuration, and let the build pass. - -It looks like some of the broken links we found appear in many pages of your site. -Maybe those broken links appear on all pages through your site layout? -We recommend that you check your theme configuration for such links (particularly, theme navbar and footer). -Frequent broken links are linking to: -- /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- /docs/endpointpolicymanager/resources/video-tutorials.md -- /docs/endpointpolicymanager/resources/knowledge-base.md -- /docs/endpointpolicymanager/installation-and-deployment/rings.md -- /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md -- /docs/endpointpolicymanager/installation-and-deployment/antivirus.md - -Exhaustive list of all broken links found: -- Broken link on source page path = /adminstrativetemplates/export: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /adminstrativetemplates/gettoknow/collection: - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/itemleveltargeting.md -- Broken link on source page path = /adminstrativetemplates/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /applicationsettings/designstudio/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md#designstudio-how-to -- Broken link on source page path = /applicationsettings/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/itemleveltargeting/bypassinternal.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/chrome/home.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/chrome/certificates.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/chrome/proxysettings.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/chrome/localfileaccess.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/chrome/extratabs.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/transition.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/certificate/authority.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/preventupdates.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/revertoptions.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/ntlmpassthru.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/addons.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/certificate/certificates.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/securityenterpriseroots.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/javathunderbird.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/allowremember.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/stopsenddatamessage.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/darktheme.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/side.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/internetexplorer/addons.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/internetexplorer/certificates.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/internetexplorer/customsettings.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/internetexplorer/mode.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/java/securitypopup.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/java/versionoutofdate.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/java/versioninsecure.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/java/runapplication.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/java/useraccountcontrol.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/java/tasktray.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/itemleveltargeting/internalpredefined.md - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/itemleveltargeting/bydefault.md - -> linking to /docs/endpointpolicymanager/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md -- Broken link on source page path = /applicationsettings/preconfigured/side: - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/javathunderbird.md -- Broken link on source page path = /archive/overview: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/admxfiles.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/differentusers.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/massdeploy.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/upgrading.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/designstudiofirefox.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/cloud.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/tattooing.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/infranview.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/operanext.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/gotomeeting.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/parcctesting.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmware.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmwarefilesettings.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/java.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmwarehorizonmirage.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/office2013.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/designstudiojava.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/ie10.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/modenuke.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/acrobatxpro.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/ie9.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmwaresupplements.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/xenapp.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/applock.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/symantecworkspace.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/autoupdater.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md -- Broken link on source page path = /browserrouter/navigation: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/processorderprecedence.md -- Broken link on source page path = /browserrouter/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /browserrouter/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/install/chromemanual.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/advancedblockingmessage.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/forcebrowser.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/securityzone.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/suppresspopup.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/install/removeagent.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/useselectablebrowser.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/browsermode.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/shortcuticons.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/commandlinearguments.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/edgelegacybrowser.md -- Broken link on source page path = /browserrouter/useselectablebrowser: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md -- Broken link on source page path = /cloud/eventcollection/report: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- Broken link on source page path = /cloud/fakedc: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /cloud/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /cloud/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/client.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/clientdomainnondomain.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/activedirectory.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/clientremote.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/slowinternet.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/removeendpoint.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/clientsilent.md -- Broken link on source page path = /cloud/security/datasafety: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- Broken link on source page path = /cloud/transition: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/clientsilent.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md -- Broken link on source page path = /device/devicemanager/devicemanagerpolicies: - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md -- Broken link on source page path = /device/devicemanager/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /device/devicemanager/rules: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md -- Broken link on source page path = /device/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/serialnumber.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/usbdrive.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md -- Broken link on source page path = /editions/policies: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/overview.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/componentlicense.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md -- Broken link on source page path = /editions/solutions: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /feature/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/itemleveltargeting/overview.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /feature/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md -- Broken link on source page path = /fileassociations/itemleveltargeting/exportcollection: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /fileassociations/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/collections/gpos.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/oemdefaultassociations.md -- Broken link on source page path = /gettingstarted: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /gettingstarted/fastest: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/reference/index.md -- Broken link on source page path = /gettingstarted/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/applypreferences.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/securitygroup.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/emailoptout.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windows11.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/mmcdisplay.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windowsserver2019.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidgroups.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/onpremisecloud.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/folderredirection.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/embedclient.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/thirdpartyadvice.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/services.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/virtualdesktops.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windowsendpoint.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/services.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md -- Broken link on source page path = /gettingstarted/prepare: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/methods.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md -- Broken link on source page path = /gettingstarted/quickstart/overviewinstall: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /gettingstarted/quickstart/preparemanagementstation: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/methods.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/adminconsole.md -- Broken link on source page path = /gettingstarted/quickstart/specificcomponents: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md#getting-started - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /gpoexport/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/securitysettings.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/usercontext.md - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/settings.md - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/disableofficeelements.md - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/versions.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/componentlicense.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/settings.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/printerdeploy.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/drivemappings.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/startservice.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/passwords.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/delivercertificates.md -- Broken link on source page path = /grouppolicy/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cachepreferences.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cacheengine.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/insertuserinfo.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/pdqdeploy.md -- Broken link on source page path = /grouppolicycompliancereporter/deliveryreports: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/onpremisecloud.md -- Broken link on source page path = /grouppolicycompliancereporter/overview: - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/concepts.md -- Broken link on source page path = /grouppolicycompliancereporter/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/scenarios.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/deliveryreports.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/install.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/basis.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/types.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/userlimit.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/compliancereports.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/shareacrossteam.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/difference.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/trial.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/minimum.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/expire.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/trueup.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/tool.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/multiyear.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/domainmultiple.md -- Broken link on source page path = /install/clientsideextension: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/massdeploy.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/upgrading.md -- Broken link on source page path = /install/cloud/slowinternet: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/embedclient.md -- Broken link on source page path = /install/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/adminconsole.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/node.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/methods.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/sccm.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/citrixapplayering.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/clientsideextension/why.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/upgrade/frequency.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/update/frequency.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/update/commandline.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/update/config.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/uninstall.md -- Broken link on source page path = /install/rings: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md -- Broken link on source page path = /install/ringsupgrade: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md -- Broken link on source page path = /install/services: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/upgrade/rings/activedirectory.md -- Broken link on source page path = /install/update/commandline: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md -- Broken link on source page path = /install/upgrade/rings/activedirectory: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/tips: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md -- Broken link on source page path = /integration/auditor/permissions: - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/ntlmpassthru.md -- Broken link on source page path = /integration/auditor/reports: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- Broken link on source page path = /itemleveltargeting/entraidgroups: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /javaenterpriserules/gettingstarted: - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/prompts/overview.md -- Broken link on source page path = /javaenterpriserules/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/exportcollections.md -- Broken link on source page path = /javaenterpriserules/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/wildcards.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/virtualizedbrowsers.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/evaluateurls.md -- Broken link on source page path = /knowledgebase: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/overview.md -- Broken link on source page path = /leastprivilege/events/createpolicy/cloud: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- Broken link on source page path = /leastprivilege/events/operational: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- Broken link on source page path = /leastprivilege/events/overview: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md -- Broken link on source page path = /leastprivilege/export: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md -- Broken link on source page path = /leastprivilege/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md -- Broken link on source page path = /leastprivilege/pplpmimplementationguide: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md -- Broken link on source page path = /leastprivilege/runasadmin: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /leastprivilege/securerun/webex: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /license/mdm/hybrid: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /license/trial: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /license/unlicense/componentsexclude: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md -- Broken link on source page path = /manuals: - -> linking to /docs/endpointpolicymanager/gettingstarted/basic-concepts.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/upgrade/overview.md - -> linking to /docs/endpointpolicymanager/platform-specific/mac-support/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/devicemanager/overview.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/overview.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/overview.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/feature-management/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/overview.md - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/overview.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/overview.md - -> linking to /docs/endpointpolicymanager/deployment-methods/software-packages/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/networksecuritymanager.md -- Broken link on source page path = /mdm/gettingstarted: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /mdm/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/stackmsi.md -- Broken link on source page path = /mdm/uemtools: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /mdm/xmldatafiles/browserrouter: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/overview.md -- Broken link on source page path = /mdm/xmldatafiles/preferences: - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md -- Broken link on source page path = /mdm/xmldatafiles/securitysettings: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md -- Broken link on source page path = /preferences/itemleveltargeting: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md -- Broken link on source page path = /preferences/makemsis: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /preferences/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/settings.md -- Broken link on source page path = /remoteworkdelivery/exportcollections: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /remoteworkdelivery/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/gettingstarted/basic-concepts.md -- Broken link on source page path = /remoteworkdelivery/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installsequentially.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installuwp.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/variables.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/printers.md -- Broken link on source page path = /requirements/support/applicationsettings/applicationvirtualization: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /scriptstriggers/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /scriptstriggers/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /scriptstriggers/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/cylance.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/onapplyscript.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/scriptlocation.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/powershellscripts.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows7tls.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlannetwork.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlandropbox.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/silentbrowserinstall.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/shortcutpublicdesktop.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/powershell.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/updateregistry.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/resetsecurechannel.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/temperatureunit.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/bitlockerdeployment.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows10modifyscript.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/teamsminimized.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/vpnconnection.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/eventlogtriggers.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localaccountpassword.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/vpn.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/screensavers.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/processesdetails.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/edgefirstlogon.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localscheduledtask.md -- Broken link on source page path = /securitysettings/exportwizard: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /securitysettings/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /softwarepackage/exportcollections: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /softwarepackage/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/deployment-methods/software-packages/winget.md -- Broken link on source page path = /startscreentaskbar/exportcollections: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /startscreentaskbar/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /startscreentaskbar/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/modes.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/explorer.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/helpertools.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/foldershortcut.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/addlink.md -- Broken link on source page path = /startscreentaskbar/startscreen/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /troubleshooting/applicationsettings/mmc: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md -- Broken link on source page path = /troubleshooting/browserrouter/adobelinks: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md -- Broken link on source page path = /troubleshooting/browserrouter/betweenbrowsers: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/browserrouter/default: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md -- Broken link on source page path = /troubleshooting/browserrouter/install/defaultbrowser: - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md -- Broken link on source page path = /troubleshooting/cloud/underhood/installation: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/error/browserrouter/contactsupport: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md -- Broken link on source page path = /troubleshooting/error/install/sufficientprivileges: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md -- Broken link on source page path = /troubleshooting/fastsupport: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md -- Broken link on source page path = /troubleshooting/fileassociations/cortana: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md -- Broken link on source page path = /troubleshooting/grouppolicycompliancereporter/admxregistry: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/javaenterpriserules/javaprompts: - -> linking to /docs/endpointpolicymanager/applicationsettings/preconfigured-applications/firefox/allowremember.md -- Broken link on source page path = /troubleshooting/license/enterprisefull: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md -- Broken link on source page path = /troubleshooting/license/legacy: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md -- Broken link on source page path = /troubleshooting/nondomain/edge: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/preferences/clientmachines: - -> linking to /docs/endpointpolicymanager/gettingstarted/basic-concepts.md -- Broken link on source page path = /troubleshooting/slowlogins: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md - -[SUCCESS] Generated static files in "build". -[INFO] Use `npm run serve` command to test your build locally. -Build completed successfully! diff --git a/docs/accessanalyzer/12.0/build_output.log b/docs/accessanalyzer/12.0/build_output.log deleted file mode 100644 index bc68a03d19..0000000000 --- a/docs/accessanalyzer/12.0/build_output.log +++ /dev/null @@ -1,3556 +0,0 @@ - -> netwrix-docs@0.1 build:single -> node scripts/build-single.js endpointpolicymanager - -Building single product: endpointpolicymanager -Using plugin ID: endpointpolicymanager -Starting build... -[INFO] [en] Creating an optimized production build... -[WARNING] Docusaurus site warnings: -- Your site is using the SWC js loader. You can safely remove the Babel config file at `babel.config.js`. -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/javajarfiles.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/install/leastprivilegemanagerrule.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientremote.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/rules/executablecombo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/avoiduac.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacpromptsactivex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/activexitems.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/javathunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/side.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/domainjoined.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/applicationlaunch.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/systemsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/systemsettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/notificationeditor.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securecopy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/brandcustomize.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/executablecombo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationpackage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/packageinstallation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/powershell/maliciousattacks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/dlls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/applicationvirtualization.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/addons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/virtualization/multisession.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/serversessionvirtualization.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/guide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/windows7.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/connectionstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/proxysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/differentusers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/massdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/upgrading.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/designstudiofirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/tattooing.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/infranview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/operanext.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/gotomeeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/parcctesting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/vmware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/vmwarefilesettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/java.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/vmwarehorizonmirage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/office2013.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/designstudiojava.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/ie10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/modenuke.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/acrobatxpro.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/ie9.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/vmwaresupplements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/applock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/symantecworkspace.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/autoupdater.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/archive/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/groups.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/digitalsignature.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/dontelevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/virtualization/multisession.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/reduceadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/scripttriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/entraidgroups.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/childprocesses.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/freetraining.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/centralstore.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/preventusercommands.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/commandline.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainou.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/certificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/basicsteps.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/vdiscenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/clientcommands.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/clientcommands.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/client.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/components.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/uninstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/basic-concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/clientmachines.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/wildcards.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/wildcards.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/components.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/install/uninstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/firstlogin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/insouts/advantages.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/scripts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/certificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/components.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/reconnectionperiod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/guideinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/uacprompts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/customizedtoken.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/customizedtoken.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/componentlicense.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/deployinternet.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/com_cslidclass.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/basic-concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/upgrade/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/mac-support/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/devicemanager/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/feature-management/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/administrative-templates/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/software-packages/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/networksecuritymanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/components.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/frequency.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/bypassinternal.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/tool.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowsuniversalapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/windowsuniversal.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/enablepowershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/blockedscripttypes.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/msiinstallerfiles.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/cloud/add/administrator.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/appxmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applyondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/ondemand.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/ondemand.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/entrysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firstpak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/quickstart/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/selfelevation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/operational.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/storage.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows11.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/windows7tls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/scriptstriggers/systemprocesses.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/onetime.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/rollback.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/standard.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/existinggpos.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/launchcontrol.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/specialtypes.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/webbasedshares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/gettingstarted/policiesweb.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/ports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/usercontext.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/administrative-templates/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/administrative-templates/disableofficeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/administrative-templates/versions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/printerdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/drivemappings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/startservice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/passwords.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/delivercertificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacpromptsactivex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowsuniversalapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/denymessages.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/preventedge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevateuwp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/msi.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/enforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applyondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesfromadmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/winget.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/printeruacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/microsoftrecommendations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/denyselfelevate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/license.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/cloudinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/macjointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationpackage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/systemsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/eventscollector.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/collectdiagnostics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/administrative-templates/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/software-packages/winget.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/install/chromemanual.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/advancedblockingmessage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/forcebrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/securityzone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/suppresspopup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/install/removeagent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/useselectablebrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/browsermode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/shortcuticons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/commandlinearguments.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/edgelegacybrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/rolesresponsibilities.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/centralstore.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/side.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/printers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/onetime.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/designstudiowindows7.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/windowsremoteassistance.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/upgrade.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/dllstorage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/bypassinternal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/home.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/proxysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/localfileaccess.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/extratabs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/transition.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/certificate/authority.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/preventupdates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/revertoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/ntlmpassthru.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/version.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/certificate/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/securityenterpriseroots.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/javathunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/frontmotion.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/nonstandardlocation.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/esr.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/allowremember.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/stopsenddatamessage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/darktheme.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/side.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/customsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/mode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/securitypopup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/versionoutofdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/versioninsecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/runapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/useraccountcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/tasktray.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/internalpredefined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/bydefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/appvsequences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/applicationvirtualization.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/designstudioadditional.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/fastest.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/guide.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/guideinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows11.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows7.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/arm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/rightclick.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/prepare.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/applypreferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/securitygroup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/emailoptout.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/windows11.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/mmcdisplay.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsserver2019.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidgroups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/onpremisecloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/folderredirection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/embedclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/operatingsystem.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/thirdpartyadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/services.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/virtualdesktops.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/adduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/twofactorauthentication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/emailoptout.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/cheksum.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/profileupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/services.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/mmcsnapin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/permissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installsequentially.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installuwp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/variables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/printers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/intune.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/intune.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/feature/windows.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/feature/windowsservers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/feature/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/feature/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/upgrades.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/legacy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/virtualizedbrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/evaluateurls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/javaenterpriserules/version64bit.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/javaenterpriserules/versionjava.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/freetraining.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/sidexporter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/arm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/processmonitor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/gpobackup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/admx.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/integration/auditordemo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/integration/auditorsetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/methods/sccmgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/elevateinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/elevateapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/startscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/applicationsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/admintemplatemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/browserrouter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/tour.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/leastprivilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fslogix/appmasking.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fslogix/profiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fslogix/startmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fslogix/browserdefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fslogix/broswerright.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fslogix/browserconfiguration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fslogix/elevatingapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cameyo/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cameyo/browserright.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cameyo/startscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cameyo/applicationsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/sdmchangemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/antivirus.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/slowlogins.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/slowlogins.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/rings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/commandline.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/rings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/update/commandline.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/managers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/pak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorecreate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstoreupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/quickrundown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/manualupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/uptodate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllreconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/variables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/proxysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/trustedappsets.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/ieproxyserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/certificatesevil.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/invincea.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefoxplugins.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromerevert.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromerevertfix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/oraclejava.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefoxabout.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromebookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/paksbig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firstpak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/addelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/foxitprinter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firefox_plugins.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/sealapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/demo2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/xendesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/rds.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/specops.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeployfirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/vmware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/dedicated.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/localmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/thinappworkspace.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/appv.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/uev.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/symantec.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/spoonnovell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/applicationsettings/chrome.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/connectionstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/contenttab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/generaltab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/privacytab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/securitytab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/favorites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/clearbrowsing.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/bookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/defaultsearch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/popups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extensions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/bookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extratabs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/removeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/miscsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/adobe.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/bookmarksmodify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/jre.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/securityslider.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/passwordsecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/teams.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acrobat.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/flashplayer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/irfanview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/office.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/skype.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/cylance.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/onapplyscript.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/scriptlocation.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/scriptstriggers/vpnsolutions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/powershellscripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows7tls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlannetwork.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlandropbox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/silentbrowserinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/shortcutpublicdesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/updateregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/resetsecurechannel.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/temperatureunit.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/bitlockerdeployment.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows10modifyscript.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/teamsminimized.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/vpnconnection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/eventlogtriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localaccountpassword.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/vpn.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/screensavers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/processesdetails.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/edgefirstlogon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localscheduledtask.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/overviewmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/overviewtechnical.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modestandalone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modeserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepull.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepush.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/securityenhanced.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/existinggpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importstig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/firewallports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/stackmsi.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/rightbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgesupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/blockwebsites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/custombrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chromenondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/firefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chrome.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/browsericon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/server.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/ou.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/ousub.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/ousub.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/domainou.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/gpoedit.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/domain.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/domainmultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/scope.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/disabledcomputer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/users.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/enforced.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/cloud/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/cloud/notifications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/cloud/licensestatus.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/cloud/billing.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/cloud/reclaimed.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/tool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/intune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/edit.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/virtualization/terminalservices.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/virtualization/multisession.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/virtualization/tool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/virtualization/count.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/virtualization/desktops.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/setup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/domainmultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/hybrid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/jointype.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/tool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/name.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/adminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/universal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/filemultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/components.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/options.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/fileold.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/reset.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/whenwhy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/components.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/transition.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cachepreferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cacheengine.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/insertuserinfo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/appxmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/removeapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/blockapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/winget/deployapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/winget/run.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/extrastool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/smb.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/basic-concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/install/autoupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremiseexport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/preferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/features.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/emaillogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/install/leastprivilegemanagerrule.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/fileinfoviewer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/restricted_groups_editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/registrationmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/collections/gpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/oemdefaultassociations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/transition.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/cloud/client.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/cloud/clientdomainnondomain.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/cloud/activedirectory.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/fakedc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/cloud/clientremote.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/cloud/slowinternet.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/creditcard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/security/datasafety.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/cloud/usage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/client.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/signature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/sha.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/signingid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/edit.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/unlink.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/remoteworkdeliverymanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/cloud/removeendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/updatefrequency.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/syncfrequency.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/security/publickeypoliciessettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/targetingeditor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/cloud/clientsilent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/type.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/version.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/splunk.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/universalwindowsapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/preconfiguredadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloudusage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/adobereader.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/mailto.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10modify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helpertool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/firstlogin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helperapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/acroreader.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10questions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/acroreader.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/chocolaty.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/windows10prolockscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/customdefaultfileassociations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/unwantedapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/printers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/bitlocker.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/x509certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/printersetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/auditpol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/scripttriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/lockunlocksession.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/shutdownscripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/vpnconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/anyconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/windows10startmenu.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/realgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/mobileiron.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/workspaceone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/citrixendpointmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/admintemplates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraidgroupmembership.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraidgroupdetermine.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/install/autoupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/browserrouter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/block.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/oracledeploymentrulesets.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/versionsmultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/xmlsurgery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/itemleveltargeting/editmanual.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/flatlegacyview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/mmcconsole.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/grouppolicy/remotedesktopconnection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/scenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/deliveryreports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/gpocompilancereporter/sqlserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/basis.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/types.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/userlimit.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/compliancereports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/shareacrossteam.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/difference.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/minimum.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/expire.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/trueup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/tool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/multiyear.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/domainmultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/realgposettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/cloudimport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpoexport/mergetool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/deployinternet.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/screensavers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/preferences/consolidateprinter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/preferences/drivemaps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/preferences/consolidateregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/preferences/shortcuts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/preferences/delivergpprefs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/preferences/cloudlocaluser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/license.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/accountelevatedprocess.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/macroattacks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/digitalsignature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/applocker.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/runasadmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/synapticspointingdevicedriver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mmcsnapin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/windowsdefender.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/installers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/editrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/applicationextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mspfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/allfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/setup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/enablepowershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/blockedscripttypes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/webex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/mykipasswordmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/chromeextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/bestpractices.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/adminapprovalwork.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/reduceadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/scope.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/activexcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/powershell/maliciousattacks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/servicenow.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/selfelevation.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/optionsshowpopupmessage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/custommenuitemtext.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/singlelinecommands.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/printerdriverinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/mmc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/createpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/basics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/domainnames.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/applicationsports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/globalsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/auditingevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/vdiscenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/rightbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowvendor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/dmhelpertool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/smb.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/webbasedshares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/masscopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/patching.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/localfilecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/azureblobstorage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/vdi.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/vdi.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/windows10startmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/demotaskbar.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/linksie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/customicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/startscreentaskbar/revertstartmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/mdmitemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/integration/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/onetime.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/startscreentaskbar/windowserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/modes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/startscreentaskbar/mappeddrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/explorer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/appv.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/helpertools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/foldershortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/addlink.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/adminconsole.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/node.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/methods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/citrixapplayering.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/antivirus.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/why.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/windows7.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/rings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/upgrade/frequency.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/update/frequency.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/update/commandline.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/update/config.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/uninstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/enforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/avoidpopups.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/leastprivilege/windowseventforwarding.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/xmldatafiles/upload.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/restricted_groups_editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/preferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/administrative-templates/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/collection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/editpolicytemplate/browsermode.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/exportcollections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/processorderprecedence.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/navigation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/passwords.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/preconfiguredadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/collections/preconfigured.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/storage/central.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/cortana.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/productwizard.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/mapextensions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/applicationextension.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/license/types.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientsilent.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/office365.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremiseexport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/specialnotes.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/client.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/adduser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editcustomerlevelportalpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/rolemanagement.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/rolemanagement.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/startscreen/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/arm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/prepareendpoint.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/prepareendpoint.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/someapplications.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/install/defaultbrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/applymode.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/prompts/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/gettoknow/usage.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/rings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/securitysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/exportwizard.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/firefoxinternetexplorer.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/onpremisecloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/rules/apply/ondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/browserrouter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/servicenow.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/together.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/emaillogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/configureentraidaccess.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/gui.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/mobileiron.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/mobileiron.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/procmon.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/restoredetails.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepull.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installers.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/itemleveltargeting/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/changeemail.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/resendwelcomeletter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/loginrestrictionseditor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/notificationeditor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/computerside.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/eventcollection/report.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/rulesgenerator/automatic.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/modes/applock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/reapplylaunchdisable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/grouppolicyeditors.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/enhancedsecurerun.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/convertxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/demotaskbar.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/taskbar.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/delivercertificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/publickeypoliciessettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/programs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/securityenhanced.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/install.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/defined.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helperapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/helperutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockapp.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/vdisolutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/antivirus.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/browserrouter/contactsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/forceinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/blockwebsites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/block.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/realgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/processmonitor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/hangingprocess.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/runasadmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/intelgraphicdriver.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/custombrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/custom.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/centralstore.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/localmissing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/acllockdown.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/browsericon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/shortcuticons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extensions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/forceinstallation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/gpotouchutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/embedclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/slowinternet.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/slowinternet.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/mac/eventcollectiion.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/microsoftintune.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/antivirus.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/install/sufficientprivileges.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/makemsis.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/makemsis.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/betweenbrowsers.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/propertiesproject.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/otherpolicydeliverymechanisms.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/stackmsi.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/virtualization/terminalservices.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/virtualization/tool.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/fileold.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/expires.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/expires.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/ntlmpassthru.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/permissions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/version.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/firefox/certificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/downloads.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/revokecompanycertificate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/upgrade/rings/activedirectory.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/services.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/edge.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/masscopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/advanced/standard/recursion.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/importpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/antivirus.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/mmc.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/removeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/java/issue.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helperutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/downloads.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/findfixgpos.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockadmins.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/workspaceone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/vmwareworkspaceone.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importstig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/existinggpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/windows-requirements/support/scriptstriggers/vpnsolutions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/mappeddrives/vpn.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/rings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/firewallports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/clientendpoint.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/reports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/legacy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/rings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/components.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/webex.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/sdmchangemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepush.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/methods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/adminconsole.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/blockedscripttypes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/securerun/inlinecommands.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/folderredirection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/methods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/antivirus.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/antivirus.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/customicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/customicons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/computergroups/workingwith.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/computergroups/workingwith.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/cloud/clientsilent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/verify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/rings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/graceperiod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/uptodate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/componentscloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentsexclude.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentsexclude.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/basics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/auditingevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/executables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/rules/executablecombo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/applicationsports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/networksecurity/globalsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/integration/auditorsetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/rings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/ringsupgrade.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeployfirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/methods/sccmgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/mac/logs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/antivirus.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/adobelinks.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/remoteworkdeliverymanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installfonts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/settingsdeliveryreinforcementoptions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/javaprompts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/allowremember.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/javaprompts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/windowsremoteassistance.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/fakedc.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mmcsnapin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/windowsdefender.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/leastprivilege/serverbusy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/installation-and-deployment/rings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/setup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/admxregistry.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/clientsideextension/uninstallpassword.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/install.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/name.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/device/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/activedirectory/scope.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/powershell.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/reports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chromenondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/limitations.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/security/features.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/registrationmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/computergroups/workingwith.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/tool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/options.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/tool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/options.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/downloadcontents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/reference/index.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/integrations/third-party-integrations/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/massdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/upgrading.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/archive/archived-guides/upgrading.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/clientsideextension.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/securitysettings/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/versioncontrol.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/mdm/setup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/underhood/installation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/resources/knowledge-base.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/uemtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/licensing/unlicense/options.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/entraid.md" for version current -[WARNING] Docusaurus found broken links! - -Please check the pages of your site in the list below, and make sure you don't reference any path that does not exist. -Note: it's possible to ignore broken links with the 'onBrokenLinks' Docusaurus configuration, and let the build pass. - -It looks like some of the broken links we found appear in many pages of your site. -Maybe those broken links appear on all pages through your site layout? -We recommend that you check your theme configuration for such links (particularly, theme navbar and footer). -Frequent broken links are linking to: -- /docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md -- /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md -- /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md -- /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md -- /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md -- /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md -- /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- /docs/endpointpolicymanager/resources/video-tutorials.md -- /docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md -- /docs/endpointpolicymanager/licensing/unlicense/components.md -- /docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md -- /docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md -- /docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md -- /docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md -- /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md -- /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md -- /docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md -- /docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md -- /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md -- /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md -- /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md -- /docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md -- /docs/endpointpolicymanager/resources/knowledge-base.md -- /docs/endpointpolicymanager/installation-and-deployment/rings.md -- /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md -- /docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md -- /docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md -- /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md -- /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md -- /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md -- /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md -- /docs/endpointpolicymanager/installation-and-deployment/antivirus.md -- /docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md -- /docs/endpointpolicymanager/licensing/trial.md -- /docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md -- /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md -- /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md - -Exhaustive list of all broken links found: -- Broken link on source page path = /adminstrativetemplates/existinggpos: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md -- Broken link on source page path = /adminstrativetemplates/export: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/deployinternet.md -- Broken link on source page path = /adminstrativetemplates/gettoknow/collection: - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/itemleveltargeting.md -- Broken link on source page path = /adminstrativetemplates/gettoknow/computerside: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md -- Broken link on source page path = /adminstrativetemplates/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md -- Broken link on source page path = /applicationsettings/appsetfiles/findfixgpos: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/appsetfiles/gpotouchutility: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md -- Broken link on source page path = /applicationsettings/appsetfiles/storage/central: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/appsetfiles/versioncontrol: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/centralstore: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md -- Broken link on source page path = /applicationsettings/designstudio/navigation/tab/propertiesproject: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md -- Broken link on source page path = /applicationsettings/designstudio/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md#designstudio-how-to -- Broken link on source page path = /applicationsettings/designstudio/quickstart/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firstpak.md -- Broken link on source page path = /applicationsettings/designstudio/regimporteruitility: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md -- Broken link on source page path = /applicationsettings/modes/acllockdown: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md -- Broken link on source page path = /applicationsettings/modes/settingsdeliveryreinforcementoptions: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md -- Broken link on source page path = /applicationsettings/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/application-settings/rolesresponsibilities.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/centralstore.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/side.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/printers.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/onetime.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/designstudiowindows7.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/windowsremoteassistance.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/upgrade.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/dllstorage.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/bypassinternal.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/home.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/certificates.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/proxysettings.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/localfileaccess.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/chrome/extratabs.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/transition.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/certificate/authority.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/preventupdates.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/revertoptions.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/ntlmpassthru.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/version.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/addons.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/certificate/certificates.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/securityenterpriseroots.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/javathunderbird.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/frontmotion.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/nonstandardlocation.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/esr.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/allowremember.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/stopsenddatamessage.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/darktheme.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/side.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/addons.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/certificates.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/customsettings.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/internetexplorer/mode.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/securitypopup.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/versionoutofdate.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/versioninsecure.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/runapplication.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/useraccountcontrol.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/java/tasktray.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/internalpredefined.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/itemleveltargeting/bydefault.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/appvsequences.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/applicationvirtualization.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/thinapp.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/xenapp.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/xenapp.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/designstudioadditional.md - -> linking to /docs/endpointpolicymanager/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md -- Broken link on source page path = /applicationsettings/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/managers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/pak.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/onpremise.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorecreate.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstoreupdate.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/quickrundown.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/manualupdate.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllreconnect.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/variables.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/proxysettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/trustedappsets.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/ieproxyserver.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/certificatesevil.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/invincea.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefoxplugins.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromerevert.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromerevertfix.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/oraclejava.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefoxabout.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chromebookmarks.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/paksbig.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firstpak.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/importregistry.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/addelements.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/foxitprinter.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/firefox_plugins.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/sealapproval.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/integration.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/demo.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/demo2.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/xenapp.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/xendesktop.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/citrix/rds.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/microsoftintune.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/specops.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/integration.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/vmware.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/dedicated.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/localmode.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/thinapp.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/vdi/thinappworkspace.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/appv.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/xenapp.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/uev.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/thinapp.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/symantec.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/virtualization/spoonnovell.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/applicationsettings/chrome.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/gettingstarted.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/connectionstab.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/contenttab.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/generaltab.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/privacytab.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/securitytab.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/favorites.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/gettingstarted.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/clearbrowsing.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/chrome/bookmarks.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/gettingstarted.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/defaultsearch.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/popups.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extensions.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/bookmarks.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extratabs.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/removeelements.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/miscsettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/certificates.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/adobe.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/addons.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/bookmarksmodify.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/disable.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/jre.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/securityslider.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/passwordsecure.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/teams.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acrobat.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/flashplayer.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/irfanview.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/office.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/skype.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/chrome/certificates: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md -- Broken link on source page path = /applicationsettings/preconfigured/chrome/proxysettings: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/connectionstab.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/addons: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/addons.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/addons/forceinstallation: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/extensions.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/javathunderbird: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/preferences: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/firefox/removeelements.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/transition: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/addons: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/certificates: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/certificates.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/tab/programs: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/programstab.md -- Broken link on source page path = /applicationsettings/preconfigured/itemleveltargeting/bypassinternal: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /applicationsettings/preconfigured/quickstart/specialnotes: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/preconfigured/side: - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/javathunderbird.md -- Broken link on source page path = /applicationsettings/windowsremoteassistance: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/cloud.md -- Broken link on source page path = /archive/overview: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/admxfiles.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/differentusers.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/massdeploy.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/upgrading.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/designstudiofirefox.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/cloud.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/tattooing.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/infranview.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/operanext.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/gotomeeting.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/parcctesting.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmware.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmwarefilesettings.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/java.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmwarehorizonmirage.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/office2013.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/designstudiojava.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/ie10.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/modenuke.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/acrobatxpro.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/ie9.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmwaresupplements.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/xenapp.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/applock.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/symantecworkspace.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/autoupdater.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md -- Broken link on source page path = /browserrouter/defaultbrowser/defined: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md -- Broken link on source page path = /browserrouter/defaultbrowser/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md -- Broken link on source page path = /browserrouter/editpolicytemplate/browsermode: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md -- Broken link on source page path = /browserrouter/internetexplorer/convertxmls: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md -- Broken link on source page path = /browserrouter/internetexplorer/edgemod: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/internetexplorer/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md -- Broken link on source page path = /browserrouter/internetexplorer/specialtypes: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/navigation: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/processorderprecedence.md -- Broken link on source page path = /browserrouter/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/citrix.md -- Broken link on source page path = /browserrouter/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/install/chromemanual.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/advancedblockingmessage.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/forcebrowser.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/securityzone.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/suppresspopup.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/install/removeagent.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/useselectablebrowser.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/browsermode.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/shortcuticons.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/commandlinearguments.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/edgelegacybrowser.md -- Broken link on source page path = /browserrouter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgesupport.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/blockwebsites.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edgespecial.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ports.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ie.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/citrix.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/custombrowsers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chromenondomainjoined.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieforce.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/firefox.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chrome.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/edge.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/browsericon.md -- Broken link on source page path = /browserrouter/policy/block: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/blockwebsites.md -- Broken link on source page path = /browserrouter/policy/custom: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/custombrowsers.md -- Broken link on source page path = /browserrouter/ports: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ports.md -- Broken link on source page path = /browserrouter/shortcuticons: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/browsericon.md -- Broken link on source page path = /browserrouter/useselectablebrowser: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/userselecteddefault.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md -- Broken link on source page path = /cloud/adduser: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/add/administrator.md -- Broken link on source page path = /cloud/eventcollection/report: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- Broken link on source page path = /cloud/fakedc: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /cloud/groups: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md -- Broken link on source page path = /cloud/install/uninstall: - -> linking to /docs/endpointpolicymanager/licensing/unlicense/components.md -- Broken link on source page path = /cloud/interface/companydetails/companyadministrators/generalinfo/notificationeditor: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md -- Broken link on source page path = /cloud/interface/companydetails/companyadministrators/generalinfo/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/changeemail.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/resendwelcomeletter.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/loginrestrictionseditor.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/companyadministrators/generalinfo/notificationeditor.md -- Broken link on source page path = /cloud/interface/companydetails/companyadministrators/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md -- Broken link on source page path = /cloud/interface/companydetails/companyadministrators/rolemanagement: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editcustomerlevelportalpolicies.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/editnotificationconfiguration.md -- Broken link on source page path = /cloud/interface/companydetails/configureentraidaccess: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/entraid.md -- Broken link on source page path = /cloud/interface/companydetails/customerlog: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/security/emaillogs.md -- Broken link on source page path = /cloud/interface/companydetails/downloads: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md -- Broken link on source page path = /cloud/interface/companydetails/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/security/features.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/registrationmode.md -- Broken link on source page path = /cloud/interface/companydetails/revokecompanycertificate: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/companydetails/downloads.md -- Broken link on source page path = /cloud/interface/computergroups/workingwith: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md -- Broken link on source page path = /cloud/interface/filebox: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/remoteworkdeliverymanager.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md -- Broken link on source page path = /cloud/interface/reports: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md -- Broken link on source page path = /cloud/interface/tools: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md -- Broken link on source page path = /cloud/interface/xmldatafiles/createpolicy: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/xmldatafiles/upload.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/preferences.md -- Broken link on source page path = /cloud/interface/xmldatafiles/importpolicies: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md -- Broken link on source page path = /cloud/interface/xmldatafiles/upload: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /cloud/licensing/otherpolicydeliverymechanisms: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md -- Broken link on source page path = /cloud/licensing/reconnectionperiod: - -> linking to /docs/endpointpolicymanager/licensing/unlicense/components.md -- Broken link on source page path = /cloud/licensing/serversessionvirtualization: - -> linking to /docs/endpointpolicymanager/licensing/virtualization/multisession.md -- Broken link on source page path = /cloud/licensing/vdi: - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md -- Broken link on source page path = /cloud/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /cloud/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/transition.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/cloud.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/client.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/clientdomainnondomain.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/activedirectory.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/fakedc.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/clientremote.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/slowinternet.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/creditcard.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/security/datasafety.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/add/administrator.md - -> linking to /docs/endpointpolicymanager/licensing/cloud/usage.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/client.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/signature.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/sha.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/install/mac/signingid.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/edit.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/unlink.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/remoteworkdeliverymanager.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/removeendpoint.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/updatefrequency.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/syncfrequency.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/security/publickeypoliciessettings.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/targetingeditor.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/clientsilent.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/type.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/groups.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/version.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/splunk.md -- Broken link on source page path = /cloud/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/introduction.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/preferences.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/onpremise.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/security/features.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/security/emaillogs.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/add/administrator.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/install/leastprivilegemanagerrule.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/entraid.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/fileinfoviewer.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/registrationmode.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md -- Broken link on source page path = /cloud/security/datasafety: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- Broken link on source page path = /cloud/security/publickeypoliciessettings: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md -- Broken link on source page path = /cloud/testlab: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/onpremise.md -- Broken link on source page path = /cloud/transition: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/interface/computergroups/workingwith.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/cloud/clientsilent.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/verify.md#manually-syncing-with-policypak-cloud - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md -- Broken link on source page path = /device/devicemanager/devicemanagerpolicies: - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/serialnumber.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/bitlockerdrives.md -- Broken link on source page path = /device/devicemanager/overview: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/usbdrive.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/cloud.md -- Broken link on source page path = /device/devicemanager/rules: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/enduser.md -- Broken link on source page path = /device/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/serialnumber.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/usbdrive.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md -- Broken link on source page path = /device/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/usbdrive.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/usbdriveallowvendor.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/serialnumber.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/bitlockerdrives.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/enduser.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/dmhelpertool.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/device/mdm.md -- Broken link on source page path = /editions/policies: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/overview.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/componentlicense.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md -- Broken link on source page path = /editions/solutions: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md -- Broken link on source page path = /feature/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/itemleveltargeting/overview.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /feature/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md -- Broken link on source page path = /feature/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/feature/windows.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/feature/windowsservers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/feature/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/feature/mdm.md -- Broken link on source page path = /fileassociations/applymode: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md -- Broken link on source page path = /fileassociations/collections/preconfigured: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/preconfiguredadvice.md -- Broken link on source page path = /fileassociations/helperutility: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helperapplication.md -- Broken link on source page path = /fileassociations/insouts/advantages: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/firstlogin.md -- Broken link on source page path = /fileassociations/itemleveltargeting/exportcollection: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md -- Broken link on source page path = /fileassociations/mapextensions: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloud.md -- Broken link on source page path = /fileassociations/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md -- Broken link on source page path = /fileassociations/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/collections/gpos.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/oemdefaultassociations.md -- Broken link on source page path = /fileassociations/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/universalwindowsapps.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/wizard.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/preconfiguredadvice.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/cloudusage.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/adobereader.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/mailto.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10modify.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helpertool.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/firstlogin.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/helperapplication.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/acroreader.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10questions.md -- Broken link on source page path = /fileassociations/productwizard: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/wizard.md -- Broken link on source page path = /gettingstarted: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /gettingstarted/fastest: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/grouppolicy.md - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/mdm.md - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/cloud.md - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/downloadcontents.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/overview.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/reference/index.md -- Broken link on source page path = /gettingstarted/history: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/ie.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md -- Broken link on source page path = /gettingstarted/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/getting-started/fastest.md - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/guide.md - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/guideinstall.md - -> linking to /docs/endpointpolicymanager/getting-started/history.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows11.md - -> linking[SUCCESS] Generated static files in "build". -[INFO] Use `npm run serve` command to test your build locally. - to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows7.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/arm.md - -> linking to /docs/endpointpolicymanager/getting-started/rightclick.md - -> linking to /docs/endpointpolicymanager/getting-started/prepare.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/applypreferences.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/securitygroup.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/emailoptout.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windows11.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/mmcdisplay.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windowsserver2019.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidgroups.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/onpremisecloud.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/folderredirection.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/embedclient.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/operatingsystem.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/thirdpartyadvice.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/services.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/virtualdesktops.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windowsendpoint.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/adduser.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/twofactorauthentication.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/emailoptout.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/cheksum.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/profileupdate.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/services.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/auditor/mmcsnapin.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/auditor/permissions.md -- Broken link on source page path = /gettingstarted/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/freetraining.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/sidexporter.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/arm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/editor.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/processmonitor.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/gpobackup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/unlicense.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/admx.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/integration/auditordemo.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/integration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/methods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/gettingstarted.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/elevateinstall.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/elevateapplication.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/startscreen.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/applicationsettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/admintemplatemanager.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/browserrouter.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/tour.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/windowsvirtualdesktops/leastprivilege.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fslogix/appmasking.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fslogix/profiles.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fslogix/startmenu.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fslogix/browserdefault.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fslogix/broswerright.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fslogix/browserconfiguration.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fslogix/elevatingapplications.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cameyo/uacprompts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cameyo/browserright.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cameyo/startscreen.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cameyo/applicationsettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /gettingstarted/prepare: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/methods.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md -- Broken link on source page path = /gettingstarted/quickstart/cloud: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /gettingstarted/quickstart/grouppolicy: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md - -> linking to /docs/endpointpolicymanager/licensing/trial.md -- Broken link on source page path = /gettingstarted/quickstart/guide: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overview.md -- Broken link on source page path = /gettingstarted/quickstart/guideinstall: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md -- Broken link on source page path = /gettingstarted/quickstart/mdm: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md - -> linking to /docs/endpointpolicymanager/licensing/trial.md -- Broken link on source page path = /gettingstarted/quickstart/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/freetraining.md -- Broken link on source page path = /gettingstarted/quickstart/overviewinstall: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md -- Broken link on source page path = /gettingstarted/quickstart/prepareendpoint: - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/arm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/mdm.md -- Broken link on source page path = /gettingstarted/quickstart/preparemanagementstation: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/methods.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/adminconsole.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md -- Broken link on source page path = /gettingstarted/quickstart/specificcomponents: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md#getting-started - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /gpoexport/delivercertificates: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md -- Broken link on source page path = /gpoexport/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/securitysettings.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/usercontext.md - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/settings.md - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/disableofficeelements.md - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/versions.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/componentlicense.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/settings.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/printerdeploy.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/drivemappings.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/startservice.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/passwords.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/delivercertificates.md -- Broken link on source page path = /gpoexport/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpoexport/realgposettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpoexport/cloudimport.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpoexport/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpoexport/sccm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpoexport/mergetool.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/deployinternet.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/screensavers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/preferences/consolidateprinter.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/preferences/drivemaps.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/preferences/consolidateregistry.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/preferences/shortcuts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/preferences/delivergpprefs.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/preferences/cloudlocaluser.md -- Broken link on source page path = /grouppolicy/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cachepreferences.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cacheengine.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/insertuserinfo.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/pdqdeploy.md -- Broken link on source page path = /grouppolicy/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/install.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/integration.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/itemleveltargeting/editmanual.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/flatlegacyview.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/mmcconsole.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/grouppolicy/remotedesktopconnection.md -- Broken link on source page path = /grouppolicycompliancereporter/deliveryreports: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/onpremisecloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md -- Broken link on source page path = /grouppolicycompliancereporter/domainmultiple: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepush.md -- Broken link on source page path = /grouppolicycompliancereporter/install: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md -- Broken link on source page path = /grouppolicycompliancereporter/license/types: - -> linking to /docs/endpointpolicymanager/licensing/trial.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/pull/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepull.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/push/install: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/securityenhanced.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/trial: - -> linking to /docs/endpointpolicymanager/licensing/trial.md -- Broken link on source page path = /grouppolicycompliancereporter/overview: - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/concepts.md -- Broken link on source page path = /grouppolicycompliancereporter/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/scenarios.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/deliveryreports.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/gpocompilancereporter/sqlserver.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/install.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/basis.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/types.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/userlimit.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/compliancereports.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/shareacrossteam.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/difference.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/trial.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/minimum.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/expire.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/trueup.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/tool.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/multiyear.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/domainmultiple.md -- Broken link on source page path = /grouppolicycompliancereporter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/overviewmanager.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/overviewtechnical.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modestandalone.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modeserver.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepull.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/modepush.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/securityenhanced.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importgpos.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/firewallports.md -- Broken link on source page path = /grouppolicycompliancereporter/prepare/licensing: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md -- Broken link on source page path = /install/adminconsole: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md -- Broken link on source page path = /install/clientsideextension: - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/massdeploy.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/upgrading.md -- Broken link on source page path = /install/cloud/client: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md -- Broken link on source page path = /install/cloud/clientremote: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/install/leastprivilegemanagerrule.md -- Broken link on source page path = /install/cloud/clientsilent: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md -- Broken link on source page path = /install/cloud/slowinternet: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/embedclient.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md -- Broken link on source page path = /install/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/adminconsole.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/node.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/methods.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/sccm.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/citrixapplayering.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/clientsideextension/why.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/windows7.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/upgrade/frequency.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/update/frequency.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/update/commandline.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/update/config.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/uninstall.md -- Broken link on source page path = /install/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/install/autoupdate.md -- Broken link on source page path = /install/powershell: - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/scope.md -- Broken link on source page path = /install/rings: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/ringsupgrade: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md -- Broken link on source page path = /install/services: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/upgrade/rings/activedirectory.md -- Broken link on source page path = /install/uninstall: - -> linking to /docs/endpointpolicymanager/licensing/unlicense/components.md -- Broken link on source page path = /install/update/commandline: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md -- Broken link on source page path = /install/update/frequency: - -> linking to /docs/endpointpolicymanager/licensing/components.md -- Broken link on source page path = /install/upgrade/rings/activedirectory: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/ringsupgrade.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/rings/cloud: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md -- Broken link on source page path = /install/upgrade/settings: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/touchutility.md -- Broken link on source page path = /install/upgrade/tips: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md -- Broken link on source page path = /integration/auditor/mmcsnapin: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/integration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md -- Broken link on source page path = /integration/auditor/permissions: - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/ntlmpassthru.md -- Broken link on source page path = /integration/auditor/reports: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- Broken link on source page path = /integration/azurevirutaldesktop: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/client: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/gui: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/together: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md -- Broken link on source page path = /integration/privilegesecure/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/servicenow: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md -- Broken link on source page path = /integration/vdisolutions: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/jointoken.md -- Broken link on source page path = /itemleveltargeting/entraidgroups: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /javaenterpriserules/gettingstarted: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/prompts/overview.md -- Broken link on source page path = /javaenterpriserules/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/exportcollections.md -- Broken link on source page path = /javaenterpriserules/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/wildcards.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/virtualizedbrowsers.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/evaluateurls.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/javaenterpriserules/version64bit.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/javaenterpriserules/versionjava.md -- Broken link on source page path = /javaenterpriserules/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/gettingstarted.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/browserrouter.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/block.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/oracledeploymentrulesets.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/versionsmultiple.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/sccm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/javaenterpriserules/xmlsurgery.md -- Broken link on source page path = /javaenterpriserules/prompts/firefoxinternetexplorer: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md -- Broken link on source page path = /knowledgebase: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/overview.md -- Broken link on source page path = /leastprivilege/acltraverse: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/registry.md -- Broken link on source page path = /leastprivilege/adminapproval/avoidpopups: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/enforce.md -- Broken link on source page path = /leastprivilege/adminapproval/gettingstarted: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md -- Broken link on source page path = /leastprivilege/adminapproval/useemail: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/email.md -- Broken link on source page path = /leastprivilege/bestpractices/childprocesses: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md -- Broken link on source page path = /leastprivilege/bestpractices/dontelevate: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md -- Broken link on source page path = /leastprivilege/bestpractices/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md -- Broken link on source page path = /leastprivilege/bestpractices/rules/commandline: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/preventusercommands.md -- Broken link on source page path = /leastprivilege/bestpractices/rules/executablecombo: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md -- Broken link on source page path = /leastprivilege/brandcustomize: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md -- Broken link on source page path = /leastprivilege/deny/dlls: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/powershell/maliciousattacks.md -- Broken link on source page path = /leastprivilege/deny/standard: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md -- Broken link on source page path = /leastprivilege/deny/windowsuniversal: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowsuniversalapplications.md -- Broken link on source page path = /leastprivilege/digitalsignature: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md -- Broken link on source page path = /leastprivilege/elevate/activexitems: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacpromptsactivex.md -- Broken link on source page path = /leastprivilege/elevate/applicationextension: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md -- Broken link on source page path = /leastprivilege/elevate/com_cslidclass: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md -- Broken link on source page path = /leastprivilege/elevate/executables: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/rules/apply/ondemand.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md -- Broken link on source page path = /leastprivilege/elevate/installers: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md -- Broken link on source page path = /leastprivilege/elevate/installfonts: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/installfonts.md -- Broken link on source page path = /leastprivilege/elevate/javajarfiles: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md -- Broken link on source page path = /leastprivilege/elevate/msiinstallerfiles: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md -- Broken link on source page path = /leastprivilege/elevate/printerdriverinstall: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/elevate/scripts: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md -- Broken link on source page path = /leastprivilege/elevate/windowsdefender: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mmcsnapin.md -- Broken link on source page path = /leastprivilege/events/createpolicy/audit: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md -- Broken link on source page path = /leastprivilege/events/createpolicy/cloud: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- Broken link on source page path = /leastprivilege/events/operational: - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventcategories.md -- Broken link on source page path = /leastprivilege/events/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md -- Broken link on source page path = /leastprivilege/export: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md -- Broken link on source page path = /leastprivilege/itemleveltargeting: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/userfilter.md -- Broken link on source page path = /leastprivilege/mac/logs: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md -- Broken link on source page path = /leastprivilege/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md -- Broken link on source page path = /leastprivilege/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/license.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/accountelevatedprocess.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/macroattacks.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/digitalsignature.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/applocker.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/runasadmin.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/synapticspointingdevicedriver.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/installfonts.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mmcsnapin.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/registry.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/windowsdefender.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/installers.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/editrights.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/applicationextension.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/mspfiles.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/allfiles.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/setup.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/enablepowershell.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/blockedscripttypes.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/webex.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/mykipasswordmanager.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/chromeextension.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/bestpractices.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/adminapprovalwork.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/reduceadminrights.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/scope.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/activexcontrol.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/powershell/maliciousattacks.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/servicenow.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/selfelevation.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/policyeditor/optionsshowpopupmessage.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/custommenuitemtext.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/singlelinecommands.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/printerdriverinstall.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/mmc.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/createpolicies.md -- Broken link on source page path = /leastprivilege/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/userfilter.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacpromptsactivex.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/scripts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/elevate/installfonts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowsuniversalapplications.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securitycomborules.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/denymessages.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/preventedge.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeployblockmalware.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevateuwp.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/msi.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/acltraverse/registry.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/enforce.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/email.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applyondemand.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securecopy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesfromadmin.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/winget.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/printeruacprompts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/microsoftrecommendations.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/denyselfelevate.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecure.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/license.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/cloudinstall.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/macjointoken.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationpackage.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/systemsettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/wildcards.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/eventscollector.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmounpart2.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/collectdiagnostics.md -- Broken link on source page path = /leastprivilege/policyeditor/scope: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/pplpmimplementationguide: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overview.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/licensing/trial.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/events.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/auditor/reports.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/troubleshooting/tips/eventlogs.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/allowinlinecommands.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/introduction.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md -- Broken link on source page path = /leastprivilege/preconfiguredxmls: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/preferences: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/removelocaladmin.md -- Broken link on source page path = /leastprivilege/reauthentication: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/reauthenticate.md -- Broken link on source page path = /leastprivilege/rules/apply/ondemand: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applyondemand.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overviewmisc.md -- Broken link on source page path = /leastprivilege/rules/apply/selfelevation: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/selfelevatemode.md -- Broken link on source page path = /leastprivilege/rules/customizedtoken: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md -- Broken link on source page path = /leastprivilege/rules/overview: - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/privilegesecure/overview.md -- Broken link on source page path = /leastprivilege/runasadmin: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /leastprivilege/scopefilters/blockadmins: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/appblock.md -- Broken link on source page path = /leastprivilege/scopefilters/blockapp: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md -- Broken link on source page path = /leastprivilege/scopefilters/elevateserviceaccount: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/scopefilters/enhancedsecurerun: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md -- Broken link on source page path = /leastprivilege/securecopy: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securecopy.md -- Broken link on source page path = /leastprivilege/securerun/avoiduac: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/rules/executablecombo.md -- Broken link on source page path = /leastprivilege/securerun/bestpractices: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/selfelevatemode/demo.md -- Broken link on source page path = /leastprivilege/securerun/blockedscripttypes: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/enablepowershell.md -- Broken link on source page path = /leastprivilege/securerun/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/integration/pdqdeployblockmalware.md -- Broken link on source page path = /leastprivilege/securerun/setup: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/securerun/webex: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /leastprivilege/tool/helper/elevate: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/helperdesktopshortcut.md -- Broken link on source page path = /leastprivilege/tool/helper/uacprompts: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md -- Broken link on source page path = /leastprivilege/tool/rulesgenerator/automatic: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/wildcards: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/overview.md -- Broken link on source page path = /license/activedirectory/domainmultiple: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md -- Broken link on source page path = /license/activedirectory/domainou: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md -- Broken link on source page path = /license/activedirectory/gpoedit: - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/wizard.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md -- Broken link on source page path = /license/editpolicies: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md -- Broken link on source page path = /license/mdm/entraid: - -> linking to /docs/endpointpolicymanager/licensing/unlicense/options.md -- Broken link on source page path = /license/mdm/hybrid: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/quickstart.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/setup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /license/mdm/intune: - -> linking to /docs/endpointpolicymanager/licensing/mdm/entraid.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md -- Broken link on source page path = /license/mdm/setup: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/entraid.md -- Broken link on source page path = /license/mdm/tool: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md -- Broken link on source page path = /license/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/server.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/ou.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/ousub.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/domainou.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/gpoedit.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/domain.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/domainmultiple.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/scope.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/disabledcomputer.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/users.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/wizard.md - -> linking to /docs/endpointpolicymanager/licensing/activedirectory/enforced.md - -> linking to /docs/endpointpolicymanager/licensing/cloud/onpremise.md - -> linking to /docs/endpointpolicymanager/licensing/cloud/notifications.md - -> linking to /docs/endpointpolicymanager/licensing/cloud/licensestatus.md - -> linking to /docs/endpointpolicymanager/licensing/cloud/billing.md - -> linking to /docs/endpointpolicymanager/licensing/cloud/reclaimed.md - -> linking to /docs/endpointpolicymanager/licensing/trial.md - -> linking to /docs/endpointpolicymanager/licensing/tool.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/intune.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/policy/edit.md - -> linking to /docs/endpointpolicymanager/licensing/virtualization/terminalservices.md - -> linking to /docs/endpointpolicymanager/licensing/virtualization/multisession.md - -> linking to /docs/endpointpolicymanager/licensing/virtualization/tool.md - -> linking to /docs/endpointpolicymanager/licensing/virtualization/count.md - -> linking to /docs/endpointpolicymanager/licensing/virtualization/desktops.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/setup.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/entraid.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/domainmultiple.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/hybrid.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/jointype.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/tool.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/name.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/adminrights.md - -> linking to /docs/endpointpolicymanager/licensing/universal.md - -> linking to /docs/endpointpolicymanager/licensing/filemultiple.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/components.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/options.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/componentscloud.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/fileold.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/reset.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md - -> linking to /docs/endpointpolicymanager/licensing/whenwhy.md - -> linking to /docs/endpointpolicymanager/licensing/components.md - -> linking to /docs/endpointpolicymanager/licensing/transition.md -- Broken link on source page path = /license/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/upgrades.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/legacy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/mdm.md -- Broken link on source page path = /license/transition: - -> linking to /docs/endpointpolicymanager/licensing/mdm/name.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md -- Broken link on source page path = /license/trial: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md -- Broken link on source page path = /license/unlicense/componentscloud: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md -- Broken link on source page path = /license/unlicense/componentsexclude: - -> linking to /docs/endpointpolicymanager/licensing/unlicense/componentscloud.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md -- Broken link on source page path = /license/unlicense/fileold: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md -- Broken link on source page path = /license/unlicense/forceddisabled: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/unlicense.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md -- Broken link on source page path = /license/unlicense/options: - -> linking to /docs/endpointpolicymanager/licensing/tool.md -- Broken link on source page path = /license/virtualization/tool: - -> linking to /docs/endpointpolicymanager/licensing/virtualization/terminalservices.md -- Broken link on source page path = /license/whenwhy: - -> linking to /docs/endpointpolicymanager/licensing/virtualization/multisession.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/reduceadminrights.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/switchedpolicies.md -- Broken link on source page path = /licensing: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/licensing/mdm/setup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md -- Broken link on source page path = /mac/applicationlaunch: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/launchcontrol: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationlaunch.md -- Broken link on source page path = /mac/scenarios/macfinder: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/finder.md -- Broken link on source page path = /mac/scenarios/macprivhelper: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/mountunmount: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/mountunmounpart2.md -- Broken link on source page path = /mac/scenarios/packageinstallation: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/applicationpackage.md -- Broken link on source page path = /mac/scenarios/sudo: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/wildcards.md -- Broken link on source page path = /mac/scenarios/systemsettings: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/mac/systemsettings.md -- Broken link on source page path = /manuals: - -> linking to /docs/endpointpolicymanager/getting-started/basic-concepts.md - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overview.md - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/overview.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/upgrade/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/pplpmimplementationguide.md - -> linking to /docs/endpointpolicymanager/platform-specific/mac-support/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/devicemanager/overview.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/overview.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/overview.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/overview.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/feature-management/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/overview.md - -> linking to /docs/endpointpolicymanager/policy-management/administrative-templates/overview.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/overview.md - -> linking to /docs/endpointpolicymanager/deployment-methods/software-packages/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/networksecuritymanager.md -- Broken link on source page path = /mdm/gettingstarted: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/methods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /mdm/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md -- Broken link on source page path = /mdm/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/stackmsi.md -- Broken link on source page path = /mdm/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/mobileiron.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/workspaceone.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/citrixendpointmanager.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/admintemplates.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraid.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraidgroupmembership.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/itemleveltargeting/entraidgroupdetermine.md -- Broken link on source page path = /mdm/service/microsoftintune: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md -- Broken link on source page path = /mdm/service/mobileiron: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/mobileiron.md -- Broken link on source page path = /mdm/service/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md -- Broken link on source page path = /mdm/service/vmwareworkspaceone: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/workspaceone.md -- Broken link on source page path = /mdm/stackmsi: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md -- Broken link on source page path = /mdm/uemtools: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /mdm/xmldatafiles/browserrouter: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/overview.md -- Broken link on source page path = /mdm/xmldatafiles/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md -- Broken link on source page path = /mdm/xmldatafiles/preferences: - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md -- Broken link on source page path = /mdm/xmldatafiles/securitysettings: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md -- Broken link on source page path = /preferences/componentlicense: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/methods/exporterutility.md -- Broken link on source page path = /preferences/gettingstarted: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md -- Broken link on source page path = /preferences/itemleveltargeting: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md -- Broken link on source page path = /preferences/makemsis: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /preferences/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/quickstart.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/settings.md -- Broken link on source page path = /preferences/passwords: - -> linking to /docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md -- Broken link on source page path = /remotedesktopprotocol/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/vdiscenarios.md -- Broken link on source page path = /remoteworkdelivery/advanced/standard/recursion: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/masscopy.md -- Broken link on source page path = /remoteworkdelivery/cloudmdm: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md -- Broken link on source page path = /remoteworkdelivery/exportcollections: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md -- Broken link on source page path = /remoteworkdelivery/gettingstarted/policiesweb: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/webbasedshares.md -- Broken link on source page path = /remoteworkdelivery/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/smb.md - -> linking to /docs/endpointpolicymanager/getting-started/basic-concepts.md -- Broken link on source page path = /remoteworkdelivery/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installsequentially.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installuwp.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/variables.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/printers.md -- Broken link on source page path = /remoteworkdelivery/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/smb.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/webbasedshares.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/masscopy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/patching.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/localfilecopy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/azureblobstorage.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /requirements/support/applicationsettings/applicationvirtualization: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /requirements/support/windows7: - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows.md -- Broken link on source page path = /scriptstriggers/gettoknow/usage: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md -- Broken link on source page path = /scriptstriggers/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/exporterutility.md -- Broken link on source page path = /scriptstriggers/mappeddrives/vpn: - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/scriptstriggers/vpnsolutions.md -- Broken link on source page path = /scriptstriggers/networksecuritymanager: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/networksecurity/basics.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/networksecurity/auditingevents.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/executables.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/bestpractices/rules/executablecombo.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/networksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/networksecurity/globalsettings.md -- Broken link on source page path = /scriptstriggers/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/onpremise.md -- Broken link on source page path = /scriptstriggers/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/cylance.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/onapplyscript.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/scriptlocation.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/scriptstriggers/vpnsolutions.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/powershellscripts.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows7tls.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlannetwork.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlandropbox.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/silentbrowserinstall.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/shortcutpublicdesktop.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/powershell.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/updateregistry.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/resetsecurechannel.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/temperatureunit.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/bitlockerdeployment.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows10modifyscript.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/teamsminimized.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/vpnconnection.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/eventlogtriggers.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localaccountpassword.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/vpn.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/screensavers.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/processesdetails.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/edgefirstlogon.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localscheduledtask.md -- Broken link on source page path = /scriptstriggers/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/onpremise.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/gettingstarted/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/chocolaty.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/windows10prolockscreen.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/customdefaultfileassociations.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/unwantedapps.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/printers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/bitlocker.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/x509certificates.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/printersetup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/auditpol.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/lockunlocksession.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/shutdownscripts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/vpnconnect.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/anyconnect.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/events.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/integration/pdqdeploy.md -- Broken link on source page path = /scriptstriggers/windows7tls: - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/windows11.md -- Broken link on source page path = /securitysettings/exportwizard: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /securitysettings/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /softwarepackage/exportcollections: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /softwarepackage/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/appxmanager.md -- Broken link on source page path = /softwarepackage/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/deployment-methods/software-packages/winget.md -- Broken link on source page path = /softwarepackage/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/appxmanager.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/removeapps.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/blockapps.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/winget/deployapplications.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/winget/run.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/extrastool.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/softwarepackage/mdm.md -- Broken link on source page path = /startscreentaskbar/exportcollections: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/testsample.md -- Broken link on source page path = /startscreentaskbar/helpertools: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/toolssetup.md -- Broken link on source page path = /startscreentaskbar/helperutility: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md -- Broken link on source page path = /startscreentaskbar/overview: - -> linking to /docs/endpointpolicymanager/getting-started/quickstart/overviewinstall.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/uemtools.md -- Broken link on source page path = /startscreentaskbar/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/startscreentaskbar/windowserver.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/modes.md - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/startscreentaskbar/mappeddrives.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/explorer.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/appv.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/helpertools.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/foldershortcut.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/addlink.md -- Broken link on source page path = /startscreentaskbar/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/windows10startmenu.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/demotaskbar.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/linksie.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/customicons.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/startscreentaskbar/revertstartmenu.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/mdmitemleveltargeting.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/integration/citrix.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/onetime.md -- Broken link on source page path = /startscreentaskbar/startscreen/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials.md -- Broken link on source page path = /startscreentaskbar/taskbar: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/demotaskbar.md -- Broken link on source page path = /tips/embedclient: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/install/autoupdate.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/groups.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md -- Broken link on source page path = /tips/eventlogs: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/scriptstriggers/cloud.md -- Broken link on source page path = /tips/folderredirection: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md -- Broken link on source page path = /tips/thirdpartyadvice: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/administrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/mdm/microsoftintune.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/disable: - -> linking to /docs/endpointpolicymanager/application-management/application-settings/modes/applock.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/someapplications: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/acllockdown.md -- Broken link on source page path = /troubleshooting/applicationsettings/appset/localmissing: - -> linking to /docs/endpointpolicymanager/application-management/application-settings/centralstore.md -- Broken link on source page path = /troubleshooting/applicationsettings/appset/storage: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/shares.md -- Broken link on source page path = /troubleshooting/applicationsettings/backup/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md -- Broken link on source page path = /troubleshooting/applicationsettings/basicsteps: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/entrysettings: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/firefox/certificates: - -> linking to /docs/endpointpolicymanager/platform-specific/windows-requirements/support/applicationsettings/firefox/version.md -- Broken link on source page path = /troubleshooting/applicationsettings/java/issue: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/mmc: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md -- Broken link on source page path = /troubleshooting/applicationsettings/reapplylaunchdisable: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/adobelinks: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md -- Broken link on source page path = /troubleshooting/browserrouter/betweenbrowsers: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/browserrouter/chrome/forceinstall: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/default: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md -- Broken link on source page path = /troubleshooting/browserrouter/install/defaultbrowser: - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md -- Broken link on source page path = /troubleshooting/browserrouter/overview: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/revertlegacy: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md -- Broken link on source page path = /troubleshooting/changemanagementtools: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/changemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /troubleshooting/clientsideextension/uninstallpassword: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/cloud/grouppolicyeditors: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/reports.md -- Broken link on source page path = /troubleshooting/cloud/underhood/clientcommands: - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/azurevirutaldesktop.md - -> linking to /docs/endpointpolicymanager/integrations/third-party-integrations/vdisolutions.md -- Broken link on source page path = /troubleshooting/cloud/underhood/installation: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/error/browserrouter/contactsupport: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md -- Broken link on source page path = /troubleshooting/error/install/sufficientprivileges: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md -- Broken link on source page path = /troubleshooting/error/leastprivilege/serverbusy: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/opensavedialogs.md -- Broken link on source page path = /troubleshooting/fastsupport: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md -- Broken link on source page path = /troubleshooting/fileassociations/cortana: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md -- Broken link on source page path = /troubleshooting/fileassociations/legacy: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/admxfiles.md -- Broken link on source page path = /troubleshooting/grouppolicycompliancereporter/admxregistry: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/grouppolicycompliancereporter/clientendpoint: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/gpocompilancereporter/firewallports.md -- Broken link on source page path = /troubleshooting/hangingprocess: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/processmonitor.md -- Broken link on source page path = /troubleshooting/intelgraphicdriver: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/runasadmin.md -- Broken link on source page path = /troubleshooting/javaenterpriserules/javaprompts: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/applicationsettings/java/lockdown.md - -> linking to /docs/endpointpolicymanager/application-management/application-settings/preconfigured-applications/firefox/allowremember.md -- Broken link on source page path = /troubleshooting/leastprivilege/sage50: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/elevate/dragdrop.md -- Broken link on source page path = /troubleshooting/leastprivilege/securerun/inlinecommands: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/securerun/blockedscripttypes.md -- Broken link on source page path = /troubleshooting/license/enterprisefull: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/componentscloud.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/forceddisabled.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/componentsexclude.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/clientsideextension/guids.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md -- Broken link on source page path = /troubleshooting/license/expires: - -> linking to /docs/endpointpolicymanager/licensing/unlicense/fileold.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/cleanup.md -- Broken link on source page path = /troubleshooting/license/graceperiod: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md -- Broken link on source page path = /troubleshooting/license/legacy: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/legacy.md - -> linking to /docs/endpointpolicymanager/installation-and-deployment/rings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/license/installuniversal.md - -> linking to /docs/endpointpolicymanager/licensing/unlicense/components.md -- Broken link on source page path = /troubleshooting/mac/eventcollectiion: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/eventcollection/childgroups.md -- Broken link on source page path = /troubleshooting/nondomain/edge: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/nondomain/limitations: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/browserrouter/chromenondomainjoined.md -- Broken link on source page path = /troubleshooting/preferences/clientmachines: - -> linking to /docs/endpointpolicymanager/getting-started/basic-concepts.md -- Broken link on source page path = /troubleshooting/preferences/domainjoined: - -> linking to /docs/endpointpolicymanager/licensing/unlicense/componentscloud.md -- Broken link on source page path = /troubleshooting/procmon: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/logs.md -- Broken link on source page path = /troubleshooting/restoredetails: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/grouppolicy/integration.md -- Broken link on source page path = /troubleshooting/scriptstriggers/systemprocesses: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/leastprivilege/bestpractices/securerun/usersystemexecutables.md -- Broken link on source page path = /troubleshooting/slowlogins: - -> linking to /docs/endpointpolicymanager/installation-and-deployment/antivirus.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/cloud/import.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/customicons: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/customicons.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/office365: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/helperutility.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/rollback: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/startscreentaskbar/onetime.md -- Broken link on source page path = /video/applicationsettings/trustedappsets: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/troubleshooting/backupoptions.md -- Broken link on source page path = /video/cloud/add/administrator: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/cloud-management/add/administrator.md -- Broken link on source page path = /video/fileassociations/acroreader: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md -- Broken link on source page path = /video/leastprivilege/windowseventforwarding: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/least-privilege-manager/windowseventforwarding.md -- Broken link on source page path = /video/networksecurity/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/networksecurity/basics.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/networksecurity/domainnames.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/networksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/networksecurity/globalsettings.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/networksecurity/auditingevents.md -- Broken link on source page path = /video/remotedesktopprotocol/videolearningcenter: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/vdiscenarios.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/cloud.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/mdm.md - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/remotedesktopprotocol/itemleveltargeting.md -- Broken link on source page path = /video/startscreentaskbar/windows10startmenu: - -> linking to /docs/endpointpolicymanager/resources/video-tutorials/fileassociations/windows10.md - -Build completed successfully! diff --git a/docs/accessanalyzer/12.0/cdsa/job.md b/docs/accessanalyzer/12.0/cdsa/job.md index 05ff5c49b3..a0c7db3315 100644 --- a/docs/accessanalyzer/12.0/cdsa/job.md +++ b/docs/accessanalyzer/12.0/cdsa/job.md @@ -1,7 +1,7 @@ # CDSA Job The CDSA Job is available through the Instant Job Library under the CDSA library. See the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for instructions of how to add +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for instructions of how to add this instant job to the Jobs tree. When installing the job, select **Local host** on the Host pages of the Instant Job Wizard. @@ -13,14 +13,14 @@ The CDSA job generates three PowerPoint files: - For the Presenter - - The **Netwrix_CDSA_Presentation.pptx** file is designed to be presented live to the customer + - The **Netwrix_CDSA_Presentation.pptx** file is designed to be presented live to the customer - For the Customer as printable assets - - The **Netwrix_CDSA_8.5x11_Presentation.pptx** file is designed to be given to the customer for - self-review as a PDF file - - The **Netwrix_CDSA_A4_Presentation.pptx** file is designed to be given to the customer for - self-review as a PDF file + - The **Netwrix_CDSA_8.5x11_Presentation.pptx** file is designed to be given to the customer for + self-review as a PDF file + - The **Netwrix_CDSA_A4_Presentation.pptx** file is designed to be given to the customer for + self-review as a PDF file **CAUTION:** Do not send any these presentations to a customer in PowerPoint format. diff --git a/docs/accessanalyzer/12.0/cdsa/overview.md b/docs/accessanalyzer/12.0/cdsa/overview.md index 407e3513c5..4c517e1172 100644 --- a/docs/accessanalyzer/12.0/cdsa/overview.md +++ b/docs/accessanalyzer/12.0/cdsa/overview.md @@ -5,7 +5,7 @@ Proper data security begins with a strong foundation. The Credential & Data Secu Directory, and Windows infrastructure. The CDSA job depends upon several Access Analyzer solutions for data collection. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for installation and database requirements. +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for installation and database requirements. ## Supporting Solutions @@ -14,33 +14,33 @@ generate the CDSA presentations: - .Active Directory Inventory Solution - - See the - [.Active Directory Inventory Solution](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/overview.md) - topic for additional information + - See the + [.Active Directory Inventory Solution](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.md) + topic for additional information - Active Directory Solution - - See the [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/active-directory/overview.md) topic for - additional information + - See the [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md) topic for + additional information - Active Directory Permissions Analyzer Solution - - See the - [Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/12.0/solutions/active-directory-permissions-analyzer/overview.md) - topic for additional information + - See the + [Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/overview.md) + topic for additional information - File System Solution - - See the [File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) topic for additional - information + - See the [File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) topic for additional + information - Windows Solution - - See the [Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information + - See the [Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information The following additional solutions also provide data to the CDSA job: -- [Entra ID Solution](/docs/accessanalyzer/12.0/solutions/entra-id/overview.md) +- [Entra ID Solution](/docs/accessanalyzer/12.0/solutions/entraid/overview.md) - [AWS Solution](/docs/accessanalyzer/12.0/solutions/aws/overview.md) - [Box Solution](/docs/accessanalyzer/12.0/solutions/box/overview.md) - [Dropbox Solution](/docs/accessanalyzer/12.0/solutions/dropbox/overview.md) @@ -50,5 +50,5 @@ The following additional solutions also provide data to the CDSA job: - [SQL Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/overview.md) Additionally, the Sensitive Data Discovery Add-On also contributes to the CDSA presentations. See -the [Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitive-data-discovery/overview.md) topic for additional +the [Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitivedatadiscovery/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/cdsa/presentation.md b/docs/accessanalyzer/12.0/cdsa/presentation.md index 71385e0aca..2de630e269 100644 --- a/docs/accessanalyzer/12.0/cdsa/presentation.md +++ b/docs/accessanalyzer/12.0/cdsa/presentation.md @@ -19,46 +19,46 @@ The Data Security slide (Slide 3) has the following primary job dependencies: - .Active Directory Inventory - - **1-AD_Scan** + - **1-AD_Scan** - FileSystem - - **0.Collection > 1-FSAA System Scans** - - **0.Collection > 2-FSAA Bulk Import** + - **0.Collection > 1-FSAA System Scans** + - **0.Collection > 2-FSAA Bulk Import** Data is also supplied by the following jobs when they have been executed: - AWS - - **0.Collection > 1.AWS_OrgScan** - - **0.Collection > 2.AWS_S3Scan** + - **0.Collection > 1.AWS_OrgScan** + - **0.Collection > 2.AWS_S3Scan** - Box - - **0.Collection > 1-Box_Access Scans** - - **0.Collection > 2-Box_Import** + - **0.Collection > 1-Box_Access Scans** + - **0.Collection > 2-Box_Import** - Databases - - **0.Collection > Oracle > 0-Oracle_Servers** - - **0.Collection > Oracle > 1-Oracle_PermissionsScan** - - **0.Collection > SQL > 0-SQL_InstanceDiscovery** - - **0.Collection > SQL > 1-SQL_PermissionsScan** + - **0.Collection > Oracle > 0-Oracle_Servers** + - **0.Collection > Oracle > 1-Oracle_PermissionsScan** + - **0.Collection > SQL > 0-SQL_InstanceDiscovery** + - **0.Collection > SQL > 1-SQL_PermissionsScan** - Dropbox - - **0.Collection > 1-Dropbox_Permissions Scan** - - **0.Collection > 2-Dropbox_Permissions Bulk Import** + - **0.Collection > 1-Dropbox_Permissions Scan** + - **0.Collection > 2-Dropbox_Permissions Bulk Import** - Exchange - - **4. Mailboxes > Sizing > 0. Collection > EX_MBSize** - - **5. Public Folders > Growth and Size > Collection > PF_FolderScans** + - **4. Mailboxes > Sizing > 0. Collection > EX_MBSize** + - **5. Public Folders > Growth and Size > Collection > PF_FolderScans** - SharePoint - - **0.Collection > 2-SPAA_SystemScans** - - **0.Collection > 5-SPAA_BulkImport** + - **0.Collection > 2-SPAA_SystemScans** + - **0.Collection > 5-SPAA_BulkImport** ## Condition: Open Access Slide @@ -66,57 +66,57 @@ The Condition: Open Access slide (Slide 4) has the following primary job depende - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - FileSystem - - 0.Collection > 1-FSAA System Scans - - 0.Collection > 2-FSAA Bulk Import - - **1.Open Access >FS_OpenAccess** + - 0.Collection > 1-FSAA System Scans + - 0.Collection > 2-FSAA Bulk Import + - **1.Open Access >FS_OpenAccess** Data is also supplied by the following jobs when they have been executed: - AWS - - 0.Collection > 1.AWS_OrgScan - - 0.Collection > 2.AWS_S3Scan - - **6.S3 Permissions > AWS_OpenBuckets** + - 0.Collection > 1.AWS_OrgScan + - 0.Collection > 2.AWS_S3Scan + - **6.S3 Permissions > AWS_OpenBuckets** - Box - - 0.Collection > 1-Box_Access Scans - - 0.Collection > 2-Box_Import + - 0.Collection > 1-Box_Access Scans + - 0.Collection > 2-Box_Import - Databases - - 0.Collection > Oracle > 0-Oracle_Servers - - 0.Collection > Oracle > 1-Oracle_PermissionsScan - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - **Oracle > 3.Permissions > Oracle_PublicPermissions** - - **SQL > 3.Permissions > SQL_PublicPermissions** + - 0.Collection > Oracle > 0-Oracle_Servers + - 0.Collection > Oracle > 1-Oracle_PermissionsScan + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - **Oracle > 3.Permissions > Oracle_PublicPermissions** + - **SQL > 3.Permissions > SQL_PublicPermissions** - Dropbox - - 0.Collection > 1-Dropbox_Permissions Scan - - 0.Collection > 2-Dropbox_Permissions Bulk Import + - 0.Collection > 1-Dropbox_Permissions Scan + - 0.Collection > 2-Dropbox_Permissions Bulk Import - Exchange - - **4. Mailboxes > Permissions > 0. Collection > EX_Delegates** - - **4. Mailboxes > Permissions > 0. Collection > EX_MBRights** - - **4. Mailboxes > Permissions > 0. Collection > EX_Perms** - - **4. Mailboxes > Permissions > 0. Collection > EX_SendAs** - - **4. Mailboxes > Permissions > EX_MailboxAccess** - - 4. Mailboxes > Sizing > 0. Collection > EX_MBSize - - 5. Public Folders > Growth and Size > Collection > PF_FolderScans - - **5. Public Folders > Permissions > Collection > PF_EntitlementScans** + - **4. Mailboxes > Permissions > 0. Collection > EX_Delegates** + - **4. Mailboxes > Permissions > 0. Collection > EX_MBRights** + - **4. Mailboxes > Permissions > 0. Collection > EX_Perms** + - **4. Mailboxes > Permissions > 0. Collection > EX_SendAs** + - **4. Mailboxes > Permissions > EX_MailboxAccess** + - 4. Mailboxes > Sizing > 0. Collection > EX_MBSize + - 5. Public Folders > Growth and Size > Collection > PF_FolderScans + - **5. Public Folders > Permissions > Collection > PF_EntitlementScans** - SharePoint - - 0.Collection > 2-SPAA_SystemScans - - 0.Collection > 5-SPAA_BulkImport - - **2.High Risk Sites > SP_OpenAccess** + - 0.Collection > 2-SPAA_SystemScans + - 0.Collection > 5-SPAA_BulkImport + - **2.High Risk Sites > SP_OpenAccess** ## Sensitive Data Slide @@ -124,50 +124,50 @@ The Sensitive Data slide (Slide 5) has the following primary job dependencies: - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - FileSystem - - **0.Collection > 1-SEEK System Scans** - - **0.Collection > 2-SEEK Bulk Import** - - **7.Sensitive Data > FS_DLPResults** + - **0.Collection > 1-SEEK System Scans** + - **0.Collection > 2-SEEK Bulk Import** + - **7.Sensitive Data > FS_DLPResults** Data is also supplied by the following jobs when they have been executed: - AWS - - 0.Collection > 1.AWS_OrgScan - - **0.Collection > 4.AWS_S3SDDScan** - - **8.S3 Sensitive Data > AWS_SensitiveData** + - 0.Collection > 1.AWS_OrgScan + - **0.Collection > 4.AWS_S3SDDScan** + - **8.S3 Sensitive Data > AWS_SensitiveData** - Databases - - 0.Collection > Oracle > 0-Oracle_Servers - - 0.Collection > Oracle > 1-Oracle_PermissionsScan - - **0.Collection > Oracle > 2-Oracle_SensitiveDataScan** - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - **0.Collection > SQL > 2-SQL_SensitiveDataScan** - - **Oracle > 5.Sensitive Data > Oracle_SensitiveData** - - **SQL > 5.Sensitive Data > SQL_SensitiveData** + - 0.Collection > Oracle > 0-Oracle_Servers + - 0.Collection > Oracle > 1-Oracle_PermissionsScan + - **0.Collection > Oracle > 2-Oracle_SensitiveDataScan** + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - **0.Collection > SQL > 2-SQL_SensitiveDataScan** + - **Oracle > 5.Sensitive Data > Oracle_SensitiveData** + - **SQL > 5.Sensitive Data > SQL_SensitiveData** - Dropbox - - **0.Collection > 1-Dropbox_SDD Scan** - - **0.Collection > 2-Dropbox_SDD Bulk Import** - - **5.Sensitive Data > Dropbox SensitiveData** + - **0.Collection > 1-Dropbox_SDD Scan** + - **0.Collection > 2-Dropbox_SDD Bulk Import** + - **5.Sensitive Data > Dropbox SensitiveData** - Exchange - - **7. Sensitive Data > 0.Collection > EX_Mailbox_SDD** - - **7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD** - - **7. Sensitive Data > EX_SDDResults** + - **7. Sensitive Data > 0.Collection > EX_Mailbox_SDD** + - **7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD** + - **7. Sensitive Data > EX_SDDResults** - SharePoint - - **0.Collection > 1-SPSEEK_SystemScans** - - **0.Collection > 4-SPSEEK_BulkImport** - - **6.Sensitive Data > SP_SensitiveData** + - **0.Collection > 1-SPSEEK_SystemScans** + - **0.Collection > 4-SPSEEK_BulkImport** + - **6.Sensitive Data > SP_SensitiveData** ## Stale Data Slide @@ -175,42 +175,42 @@ The Stale Data slide (Slide 6) has the following primary job dependencies: - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - FileSystem - - 0.Collection > 1-FSAA System Scans - - 0.Collection > 2-FSAA Bulk Import - - **4.Content > Stale > FS_StaleContent** + - 0.Collection > 1-FSAA System Scans + - 0.Collection > 2-FSAA Bulk Import + - **4.Content > Stale > FS_StaleContent** Data is also supplied by the following jobs when they have been executed: - Box - - 0.Collection > 1-Box_Access Scans - - 0.Collection > 2-Box_Import + - 0.Collection > 1-Box_Access Scans + - 0.Collection > 2-Box_Import - Databases - - 0.Collection > Oracle > 0-Oracle_Servers - - 0.Collection > Oracle > 1-Oracle_PermissionsScan - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan + - 0.Collection > Oracle > 0-Oracle_Servers + - 0.Collection > Oracle > 1-Oracle_PermissionsScan + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan - Dropbox - - 0.Collection > 1-Dropbox_Permissions Scan - - 0.Collection > 2-Dropbox_Permissions Bulk Import + - 0.Collection > 1-Dropbox_Permissions Scan + - 0.Collection > 2-Dropbox_Permissions Bulk Import - Exchange - - **5. Public Folders > Content > Collection > PF_ContentScans** + - **5. Public Folders > Content > Collection > PF_ContentScans** - SharePoint - - 0.Collection > 2-SPAA_SystemScans - - 0.Collection > 5-SPAA_BulkImport - - **4.Content > SP_StaleFiles** + - 0.Collection > 2-SPAA_SystemScans + - 0.Collection > 5-SPAA_BulkImport + - **4.Content > SP_StaleFiles** ## Active Directory Security Slide @@ -218,23 +218,23 @@ The Active Directory Security slide (Slide 7) has the following primary job depe - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Active Directory Permissions Analyzer - - **0.Collection > AD_ComputerRights** - - **0.Collection > AD_ContainerRights** - - **0.Collection > AD_DomainRights** - - **0.Collection > AD_GroupRights** - - **0.Collection > AD_OURights** - - **0.Collection > AD_SiteRights** - - **0.Collection > AD_UserRights** + - **0.Collection > AD_ComputerRights** + - **0.Collection > AD_ContainerRights** + - **0.Collection > AD_DomainRights** + - **0.Collection > AD_GroupRights** + - **0.Collection > AD_OURights** + - **0.Collection > AD_SiteRights** + - **0.Collection > AD_UserRights** Data is also supplied by the following jobs when they have been executed: - .Entra ID Inventory - - **1-AAD_Scan** + - **1-AAD_Scan** ## Password Issues Slide @@ -242,13 +242,13 @@ The Password Issues slide (Slide 8) has the following primary job dependencies: - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Active Directory - - **2.Users > AD_WeakPasswords** - - **2.Users > AD_PasswordStatus** - - **4.Group Policy > AD_CPassword** + - **2.Users > AD_WeakPasswords** + - **2.Users > AD_PasswordStatus** + - **4.Group Policy > AD_CPassword** ## Toxic Active Directory Conditions Slide @@ -256,17 +256,17 @@ The Toxic Active Directory Conditions slide (Slide 9) has the following primary - .Active Directory Inventory - - 1-AD_Scan - - **3-AD_Exceptions** + - 1-AD_Scan + - **3-AD_Exceptions** - Active Directory - - **1.Groups > AD_CircularNesting** - - **1.Groups > AD_EmptyGroups** - - **1.Groups > AD_SensitiveSecurityGroups** - - **1.Groups > AD_StaleGroups** - - **2.Users > AD_SIDHistory** - - **2.Users > AD_StaleUsers** + - **1.Groups > AD_CircularNesting** + - **1.Groups > AD_EmptyGroups** + - **1.Groups > AD_SensitiveSecurityGroups** + - **1.Groups > AD_StaleGroups** + - **2.Users > AD_SIDHistory** + - **2.Users > AD_StaleUsers** ## Non-Administrators that can Perform Sensitive AD Actions Slide @@ -275,20 +275,20 @@ primary job dependencies: - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Active Directory Permissions Analyzer - - 0.Collection > AD_ComputerRights - - 0.Collection > AD_ContainerRights - - 0.Collection > AD_DomainRights - - 0.Collection > AD_GroupRights - - 0.Collection > AD_OURights - - 0.Collection > AD_SiteRights - - 0.Collection > AD_UserRights - - **1.Users > AD_ResetPasswordPermissions** - - **2.Groups > AD_GroupMembershipPermissions** - - **8.Domains > AD_DomainReplication** + - 0.Collection > AD_ComputerRights + - 0.Collection > AD_ContainerRights + - 0.Collection > AD_DomainRights + - 0.Collection > AD_GroupRights + - 0.Collection > AD_OURights + - 0.Collection > AD_SiteRights + - 0.Collection > AD_UserRights + - **1.Users > AD_ResetPasswordPermissions** + - **2.Groups > AD_GroupMembershipPermissions** + - **8.Domains > AD_DomainReplication** ## Active Directory Sensitive Security Groups Slide @@ -297,7 +297,7 @@ dependencies: - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan ## Windows: Assessment Summary Slide @@ -305,19 +305,19 @@ The Windows: Assessment Summary slide (Slide 12) has the following primary job d - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Windows - - **Authentication > SG_LSASettings** - - **Authentication > SG_SecuritySupportProviders** - - **Authentication > SG_WDigestSettings** - - **Open Access > SG_OpenFolders** - - **Privileged Accounts > Local Administrators > SG_LocalAdmins** - - **Privileged Accounts > Local Administrators > SG_MicrosoftLAPS** - - **Privileged Accounts > Logon Rights > SG_LocalPolicies** - - **Privileged Accounts > Service Accounts > SG_ServiceAccounts** - - **Security Utilities > SG_PowerShellCommands** + - **Authentication > SG_LSASettings** + - **Authentication > SG_SecuritySupportProviders** + - **Authentication > SG_WDigestSettings** + - **Open Access > SG_OpenFolders** + - **Privileged Accounts > Local Administrators > SG_LocalAdmins** + - **Privileged Accounts > Local Administrators > SG_MicrosoftLAPS** + - **Privileged Accounts > Logon Rights > SG_LocalPolicies** + - **Privileged Accounts > Service Accounts > SG_ServiceAccounts** + - **Security Utilities > SG_PowerShellCommands** ## Local Administrators Slide @@ -325,12 +325,12 @@ The Local Administrators slide (Slide 13) has the following primary job dependen - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Windows - - Privileged Accounts > Local Administrators > SG_LocalAdmins - - Privileged Accounts > Logon Rights > SG_LocalPolicies + - Privileged Accounts > Local Administrators > SG_LocalAdmins + - Privileged Accounts > Logon Rights > SG_LocalPolicies ## Service Accounts Slide @@ -338,14 +338,14 @@ The Service Accounts slide (Slide 14) has the following primary job dependencies - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Windows - - Authentication > SG_LSASettings - - Authentication > SG_WDigestSettings - - Privileged Accounts > Service Accounts > SG_ServiceAccounts - - Security Utilities > SG_PowerShellCommands + - Authentication > SG_LSASettings + - Authentication > SG_WDigestSettings + - Privileged Accounts > Service Accounts > SG_ServiceAccounts + - Security Utilities > SG_PowerShellCommands ## Ticket and Credential Management Slide @@ -353,13 +353,13 @@ The Ticket and Credential Management slide (Slide 15) has the following primary - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Windows - - Authentication > SG_LSASettings - - Authentication > SG_WDigestSettings - - Security Utilities > SG_PowerShellCommands + - Authentication > SG_LSASettings + - Authentication > SG_WDigestSettings + - Security Utilities > SG_PowerShellCommands ## Shadow Access Rights Slide @@ -367,46 +367,46 @@ The Shadow Access Rights slide (Slide 16) has the following primary job dependen - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Active Directory - - 1.Groups > AD_SensitiveSecurityGroups - - 2.Users > AD_WeakPasswords + - 1.Groups > AD_SensitiveSecurityGroups + - 2.Users > AD_WeakPasswords - Active Directory Permissions Analyzer - - 0.Collection > AD_ComputerRights - - 0.Collection > AD_ContainerRights - - 0.Collection > AD_DomainRights - - 0.Collection > AD_GroupRights - - 0.Collection > AD_OURights - - 0.Collection > AD_SiteRights - - 0.Collection > AD_UserRights - - 1.Users > AD_ResetPasswordPermissions - - 2.Groups > AD_GroupMembershipPermissions - - **7.Containers > AD_AdminSDHolder** - - 8.Domains > AD_DomainReplication + - 0.Collection > AD_ComputerRights + - 0.Collection > AD_ContainerRights + - 0.Collection > AD_DomainRights + - 0.Collection > AD_GroupRights + - 0.Collection > AD_OURights + - 0.Collection > AD_SiteRights + - 0.Collection > AD_UserRights + - 1.Users > AD_ResetPasswordPermissions + - 2.Groups > AD_GroupMembershipPermissions + - **7.Containers > AD_AdminSDHolder** + - 8.Domains > AD_DomainReplication - FileSystem - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-SEEK Bulk Import - - 7.Sensitive Data > FS_DLPResults + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-SEEK Bulk Import + - 7.Sensitive Data > FS_DLPResults - Windows - - Privileged Accounts > Local Administrators > SG_LocalAdmins - - **Privileged Accounts > Local Administrators > SG_Sessions** + - Privileged Accounts > Local Administrators > SG_LocalAdmins + - **Privileged Accounts > Local Administrators > SG_Sessions** Data is also supplied by the following jobs when they have been executed: - Databases - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - 0.Collection > SQL > 2-SQL_SensitiveDataScan - - SQL > 5.Sensitive Data > SQL_SensitiveData + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - 0.Collection > SQL > 2-SQL_SensitiveDataScan + - SQL > 5.Sensitive Data > SQL_SensitiveData ## Additional Findings (FS, AD, Windows OS) Slide @@ -416,35 +416,35 @@ an alternative to slides 18-20. It has the following primary job dependencies: - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Active Directory - - 1.Groups > AD_StaleGroups - - **2.Users > AD_ServiceAccounts** - - 2.Users > AD_StaleUsers - - **2.Users > AD_UserToken** - - **3.Computers > AD_StaleComputers** - - 4.Group Policy > AD_CPassword - - 8.Domains > AD_DomainReplication + - 1.Groups > AD_StaleGroups + - **2.Users > AD_ServiceAccounts** + - 2.Users > AD_StaleUsers + - **2.Users > AD_UserToken** + - **3.Computers > AD_StaleComputers** + - 4.Group Policy > AD_CPassword + - 8.Domains > AD_DomainReplication - FileSystem - - 0.Collection > 1-FSAA System Scans - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-FSAA Bulk Import - - 0.Collection > 2-SEEK Bulk Import - - **2.Direct Permissions > FS_DomainUserACLs** - - **3.Broken Inheritance > FS_BrokenInheritance** - - 4.Content > Stale > FS_StaleContent - - 7.Sensitive Data > FS_DLPResults + - 0.Collection > 1-FSAA System Scans + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-FSAA Bulk Import + - 0.Collection > 2-SEEK Bulk Import + - **2.Direct Permissions > FS_DomainUserACLs** + - **3.Broken Inheritance > FS_BrokenInheritance** + - 4.Content > Stale > FS_StaleContent + - 7.Sensitive Data > FS_DLPResults - Windows - - Authentication > SG_LSASettings - - Authentication > SG_WDigestSettings - - Privileged Accounts > Local Administrators > SG_LocalAdmins - - Privileged Accounts > Service Accounts > SG_ServiceAccounts + - Authentication > SG_LSASettings + - Authentication > SG_WDigestSettings + - Privileged Accounts > Local Administrators > SG_LocalAdmins + - Privileged Accounts > Service Accounts > SG_ServiceAccounts ## Additional Findings (FS, SharePoint, Box, Dropbox) Slide @@ -453,41 +453,41 @@ job dependencies: - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - FileSystem - - 0.Collection > 1-FSAA System Scans - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-FSAA Bulk Import - - 0.Collection > 2-SEEK Bulk Import - - **2.Direct Permissions > FS_DomainUserACLs** - - **3.Broken Inheritance > FS_BrokenInheritance** - - 4.Content > Stale > FS_StaleContent - - 7.Sensitive Data > FS_DLPResults + - 0.Collection > 1-FSAA System Scans + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-FSAA Bulk Import + - 0.Collection > 2-SEEK Bulk Import + - **2.Direct Permissions > FS_DomainUserACLs** + - **3.Broken Inheritance > FS_BrokenInheritance** + - 4.Content > Stale > FS_StaleContent + - 7.Sensitive Data > FS_DLPResults Data is also supplied by the following jobs when they have been executed: - Box - - 0.Collection > 1-Box_Access Scans - - 0.Collection > 2-Box_Import + - 0.Collection > 1-Box_Access Scans + - 0.Collection > 2-Box_Import - Dropbox - - 0.Collection > 1-Dropbox_SDD Scan - - 0.Collection > 2-Dropbox_SDD Bulk Import - - **1.Access > Dropbox_Access** + - 0.Collection > 1-Dropbox_SDD Scan + - 0.Collection > 2-Dropbox_SDD Bulk Import + - **1.Access > Dropbox_Access** - SharePoint - - 0.Collection > 2-SPAA_SystemScans - - 0.Collection > 5-SPAA_BulkImport - - **2.High Risk Sites > SP_AnonymousSharing** - - 2.High Risk Sites > SP_OpenAccess - - **3.Broken Inheritance > SP_BrokenInheritance** - - 4.Content > SP_StaleFiles - - 7.Sensitive Data > SP_SensitiveData + - 0.Collection > 2-SPAA_SystemScans + - 0.Collection > 5-SPAA_BulkImport + - **2.High Risk Sites > SP_AnonymousSharing** + - 2.High Risk Sites > SP_OpenAccess + - **3.Broken Inheritance > SP_BrokenInheritance** + - 4.Content > SP_StaleFiles + - 7.Sensitive Data > SP_SensitiveData ## Additional Findings (Exchange, Databases) Slide @@ -496,45 +496,45 @@ dependencies: - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan Data is also supplied by the following jobs when they have been executed: - Databases - - 0.Collection > Oracle > 0-Oracle_Servers - - 0.Collection > Oracle > 1-Oracle_PermissionsScan - - 0.Collection > Oracle > 2-Oracle_SensitiveDataScan - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - 0.Collection > SQL > 2-SQL_SensitiveDataScan - - **Oracle > 1. Users and Roles > Oracle_PasswordIssues** - - Oracle > 3.Permissions > Oracle_PublicPermissions - - **Oracle > 4. Configuration > Oracle_DataDictionaryProtection** - - **Oracle > 4. Configuration > Oracle_InstanceNameIssues** - - **Oracle > 4. Configuration > Oracle_RemoteOSAuthentication** - - Oracle > 5.Sensitive Data > Oracle_SensitiveData - - **SQL > 1. Users and Roles > SQL_PasswordIssues** - - SQL > 3.Permissions > SQL_PublicPermissions - - **SQL > 4.Configuration > SQL_Authentication** - - **SQL > 4. Configuration > SQL_BestPractices** - - **SQL > 4.Configuration > SQL_CMDShell** - - SQL > 5.Sensitive Data > SQL_SensitiveData + - 0.Collection > Oracle > 0-Oracle_Servers + - 0.Collection > Oracle > 1-Oracle_PermissionsScan + - 0.Collection > Oracle > 2-Oracle_SensitiveDataScan + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - 0.Collection > SQL > 2-SQL_SensitiveDataScan + - **Oracle > 1. Users and Roles > Oracle_PasswordIssues** + - Oracle > 3.Permissions > Oracle_PublicPermissions + - **Oracle > 4. Configuration > Oracle_DataDictionaryProtection** + - **Oracle > 4. Configuration > Oracle_InstanceNameIssues** + - **Oracle > 4. Configuration > Oracle_RemoteOSAuthentication** + - Oracle > 5.Sensitive Data > Oracle_SensitiveData + - **SQL > 1. Users and Roles > SQL_PasswordIssues** + - SQL > 3.Permissions > SQL_PublicPermissions + - **SQL > 4.Configuration > SQL_Authentication** + - **SQL > 4. Configuration > SQL_BestPractices** + - **SQL > 4.Configuration > SQL_CMDShell** + - SQL > 5.Sensitive Data > SQL_SensitiveData - Exchange - - 4. Mailboxes > Permissions > 0. Collection > EX_Delegates - - 4. Mailboxes > Permissions > 0. Collection > EX_MBRights - - 4. Mailboxes > Permissions > 0. Collection > EX_Perms - - 4. Mailboxes > Permissions > 0. Collection > EX_SendAs - - **4. Mailboxes > Permissions > EX_AdminGroups** - - 4. Mailboxes > Permissions > EX_MailboxAccess - - **4. Mailboxes > Sizing > EX_StaleMailboxes** - - 5. Public Folders > Content > Collection > PF_ContentScans - - 5. Public Folders > Permissions > Collection > PF_EntitlementScans - - 7. Sensitive Data > 0.Collection > EX_Mailbox_SDD - - 7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD - - 7. Sensitive Data > EX_SDDResults + - 4. Mailboxes > Permissions > 0. Collection > EX_Delegates + - 4. Mailboxes > Permissions > 0. Collection > EX_MBRights + - 4. Mailboxes > Permissions > 0. Collection > EX_Perms + - 4. Mailboxes > Permissions > 0. Collection > EX_SendAs + - **4. Mailboxes > Permissions > EX_AdminGroups** + - 4. Mailboxes > Permissions > EX_MailboxAccess + - **4. Mailboxes > Sizing > EX_StaleMailboxes** + - 5. Public Folders > Content > Collection > PF_ContentScans + - 5. Public Folders > Permissions > Collection > PF_EntitlementScans + - 7. Sensitive Data > 0.Collection > EX_Mailbox_SDD + - 7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD + - 7. Sensitive Data > EX_SDDResults ## Additional Findings (AD, Windows OS) Slide @@ -543,23 +543,23 @@ dependencies: - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Active Directory - - 1.Groups > AD_StaleGroups - - **2.Users > AD_ServiceAccounts** - - 2.Users > AD_StaleUsers - - **2.Users > AD_UserToken** - - **3.Computers > AD_StaleComputers** - - 4.Group Policy > AD_CPassword - - 8.Domains > AD_DomainReplication + - 1.Groups > AD_StaleGroups + - **2.Users > AD_ServiceAccounts** + - 2.Users > AD_StaleUsers + - **2.Users > AD_UserToken** + - **3.Computers > AD_StaleComputers** + - 4.Group Policy > AD_CPassword + - 8.Domains > AD_DomainReplication - Windows - - Authentication > SG_LSASettings - - Authentication > SG_WDigestSettings - - Privileged Accounts > Local Administrators > SG_LocalAdmins + - Authentication > SG_LSASettings + - Authentication > SG_WDigestSettings + - Privileged Accounts > Local Administrators > SG_LocalAdmins ## Product Portfolio Slide @@ -591,64 +591,64 @@ The ePHI Data slide (Slide 27) has the following primary job dependencies: - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - FileSystem - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-SEEK Bulk Import - - **0.Collection > 3-FSAA-Exceptions** - - 7.Sensitive Data > FS_DLPResults + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-SEEK Bulk Import + - **0.Collection > 3-FSAA-Exceptions** + - 7.Sensitive Data > FS_DLPResults Data is also supplied by the following jobs when they have been executed: - AWS - - 0.Collection > 1.AWS_OrgScan - - 0.Collection > 4.AWS_S3SDDScan - - 8.S3 Sensitive Data > AWS_SensitiveData + - 0.Collection > 1.AWS_OrgScan + - 0.Collection > 4.AWS_S3SDDScan + - 8.S3 Sensitive Data > AWS_SensitiveData - Box - - 0.Collection > 1-Box_Access Scans - - 0.Collection > 2-Box_Import + - 0.Collection > 1-Box_Access Scans + - 0.Collection > 2-Box_Import - Databases - - 0.Collection > Oracle > 0-Oracle_Servers - - 0.Collection > Oracle > 1-Oracle_PermissionsScan - - 0.Collection > Oracle > 2-Oracle_SensitiveDataScan - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - 0.Collection > SQL > 2-SQL_SensitiveDataScan - - Oracle > 3.Permissions > Oracle_PublicPermissions - - Oracle > 5.Sensitive Data > Oracle_SensitiveData - - SQL > 3.Permissions > SQL_PublicPermissions - - SQL > 5.Sensitive Data > SQL_SensitiveData + - 0.Collection > Oracle > 0-Oracle_Servers + - 0.Collection > Oracle > 1-Oracle_PermissionsScan + - 0.Collection > Oracle > 2-Oracle_SensitiveDataScan + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - 0.Collection > SQL > 2-SQL_SensitiveDataScan + - Oracle > 3.Permissions > Oracle_PublicPermissions + - Oracle > 5.Sensitive Data > Oracle_SensitiveData + - SQL > 3.Permissions > SQL_PublicPermissions + - SQL > 5.Sensitive Data > SQL_SensitiveData - Dropbox - - 0.Collection > 1-Dropbox_SDD Scan - - 0.Collection > 2-Dropbox_SDD Bulk Import - - 5.Sensitive Data > Dropbox_SensitiveData + - 0.Collection > 1-Dropbox_SDD Scan + - 0.Collection > 2-Dropbox_SDD Bulk Import + - 5.Sensitive Data > Dropbox_SensitiveData - Exchange - - 7. Sensitive Data > 0.Collection > EX_Mailbox_SDD - - 7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD - - 7. Sensitive Data > SDDResults - - 4. Mailboxes > Permissions > 0. Collection > EX_Delegates - - 4. Mailboxes > Permissions > 0. Collection > EX_MBRights - - 4. Mailboxes > Permissions > 0. Collection > EX_Perms - - 4. Mailboxes > Permissions > 0. Collection > EX_SendAs - - 4. Mailboxes > Permissions > EX_MailboxAccess + - 7. Sensitive Data > 0.Collection > EX_Mailbox_SDD + - 7. Sensitive Data > 0.Collection > EX_PublicFolder_SDD + - 7. Sensitive Data > SDDResults + - 4. Mailboxes > Permissions > 0. Collection > EX_Delegates + - 4. Mailboxes > Permissions > 0. Collection > EX_MBRights + - 4. Mailboxes > Permissions > 0. Collection > EX_Perms + - 4. Mailboxes > Permissions > 0. Collection > EX_SendAs + - 4. Mailboxes > Permissions > EX_MailboxAccess - SharePoint - - 0.Collection > 1-SPSEEK_SystemScans - - 0.Collection > 4-SPSEEK_BulkImport - - **0.Collection > 7-SPAA_Exceptions** - - 6.Sensitive Data > SP_SensitiveData + - 0.Collection > 1-SPSEEK_SystemScans + - 0.Collection > 4-SPSEEK_BulkImport + - **0.Collection > 7-SPAA_Exceptions** + - 6.Sensitive Data > SP_SensitiveData ## Condition: Stale Data Slide @@ -656,27 +656,27 @@ The Condition: Stale Data slide (Slide 28) has the following primary job depende - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - FileSystem - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-SEEK Bulk Import - - 7.Sensitive Data > FS_DLPResults + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-SEEK Bulk Import + - 7.Sensitive Data > FS_DLPResults Data is also supplied by the following jobs when they have been executed: - Dropbox - - 0.Collection > 1-Dropbox_SDD Scan - - 0.Collection > 2-Dropbox_SDD Bulk Import - - 5.Sensitive Data > Dropbox_SensitiveData + - 0.Collection > 1-Dropbox_SDD Scan + - 0.Collection > 2-Dropbox_SDD Bulk Import + - 5.Sensitive Data > Dropbox_SensitiveData - SharePoint - - 0.Collection > 1-SPSEEK_SystemScans - - 0.Collection > 4-SPSEEK_BulkImport - - 6.Sensitive Data > SP_SensitiveData + - 0.Collection > 1-SPSEEK_SystemScans + - 0.Collection > 4-SPSEEK_BulkImport + - 6.Sensitive Data > SP_SensitiveData ## AD Security Assessment Slide @@ -684,21 +684,21 @@ The AD Security Assessment slide (Slide 29) has the following primary job depend - .Active Directory Inventory - - 1-AD_Scan - - 3-AD_Exceptions + - 1-AD_Scan + - 3-AD_Exceptions - Active Directory - - 1.Groups > AD_SensitiveSecurityGroups - - 2.Users > AD_WeakPasswords - - 2.Users > AD_PasswordStatus - - 4.Group Policy > AD_CPassword + - 1.Groups > AD_SensitiveSecurityGroups + - 2.Users > AD_WeakPasswords + - 2.Users > AD_PasswordStatus + - 4.Group Policy > AD_CPassword - Active Directory Permissions Analyzer - - 1.Users > AD_ResetPasswordPermissions - - 2.Groups > AD_GroupMembershipPermissions - - 8.Domains > AD_DomainReplication + - 1.Users > AD_ResetPasswordPermissions + - 2.Groups > AD_GroupMembershipPermissions + - 8.Domains > AD_DomainReplication ## Windows: Security Assessment Slide @@ -706,14 +706,14 @@ The Windows: Security Assessment slide (Slide 30) has the following primary job - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Windows - - Authentication > SG_LSASettings - - Authentication > SG_WDigestSettings - - Privileged Accounts > Local Administrators > SG_LocalAdmins - - Privileged Accounts > Service Accounts > SG_ServiceAccounts + - Authentication > SG_LSASettings + - Authentication > SG_WDigestSettings + - Privileged Accounts > Local Administrators > SG_LocalAdmins + - Privileged Accounts > Service Accounts > SG_ServiceAccounts ## Shadow Access Rights to ePHI Data Slide @@ -721,43 +721,43 @@ The Shadow Access Rights to ePHI Data slide (Slide 31) has the following primary - .Active Directory Inventory - - 1-AD_Scan + - 1-AD_Scan - Active Directory - - 1.Groups > AD_SensitiveSecurityGroups - - 2.Users > AD_WeakPasswords + - 1.Groups > AD_SensitiveSecurityGroups + - 2.Users > AD_WeakPasswords - Active Directory Permissions Analyzer - - 0.Collection > AD_ComputerRights - - 0.Collection > AD_ContainerRights - - 0.Collection > AD_DomainRights - - 0.Collection > AD_GroupRights - - 0.Collection > AD_OURights - - 0.Collection > AD_SiteRights - - 0.Collection > AD_UserRights - - 1.Users > AD_ResetPasswordPermissions - - 2.Groups > AD_GroupMembershipPermissions - - 7.Containers > AD_AdminSDHolder - - 8.Domains > AD_DomainReplication + - 0.Collection > AD_ComputerRights + - 0.Collection > AD_ContainerRights + - 0.Collection > AD_DomainRights + - 0.Collection > AD_GroupRights + - 0.Collection > AD_OURights + - 0.Collection > AD_SiteRights + - 0.Collection > AD_UserRights + - 1.Users > AD_ResetPasswordPermissions + - 2.Groups > AD_GroupMembershipPermissions + - 7.Containers > AD_AdminSDHolder + - 8.Domains > AD_DomainReplication - FileSystem - - 0.Collection > 1-SEEK System Scans - - 0.Collection > 2-SEEK Bulk Import - - 7.Sensitive Data > FS_DLPResults + - 0.Collection > 1-SEEK System Scans + - 0.Collection > 2-SEEK Bulk Import + - 7.Sensitive Data > FS_DLPResults - Windows - - Privileged Accounts > Local Administrators > SG_LocalAdmins - - Privileged Accounts > Local Administrators > SG_Sessions + - Privileged Accounts > Local Administrators > SG_LocalAdmins + - Privileged Accounts > Local Administrators > SG_Sessions Data is also supplied by the following jobs when they have been executed: - Databases - - 0.Collection > SQL > 0-SQL_InstanceDiscovery - - 0.Collection > SQL > 1-SQL_PermissionsScan - - 0.Collection > SQL > 2-SQL_SensitiveDataScan - - SQL > 5.Sensitive Data > SQL_SensitiveData + - 0.Collection > SQL > 0-SQL_InstanceDiscovery + - 0.Collection > SQL > 1-SQL_PermissionsScan + - 0.Collection > SQL > 2-SQL_SensitiveDataScan + - SQL > 5.Sensitive Data > SQL_SensitiveData diff --git a/docs/accessanalyzer/12.0/config/activedirectory/access.md b/docs/accessanalyzer/12.0/config/activedirectory/access.md new file mode 100644 index 0000000000..f3e1a862bc --- /dev/null +++ b/docs/accessanalyzer/12.0/config/activedirectory/access.md @@ -0,0 +1,221 @@ +# Active Directory Auditing Configuration + +The Access Analyzer for Active Directory Solution is compatible with the following Active Directory +versions as targets: + +- Windows Server 2016 and later +- Windows 2003 Forest level or higher + +**NOTE:** See the Microsoft +[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) +article for additional information. + +Domain Controller Requirements + +The following are requirements for the domain controllers to be scanned: + +- .NET Framework 4.5+ installed +- WINRM Service installed + +Data Collectors + +Successful use of the Access Analyzer Active Directory solution requires the necessary settings and +permissions in a Microsoft® Active Directory® environment described in this topic and its +subtopics. This solution employs the following data collectors to scan for groups, users, computers, +passwords, permissions, group policies, and domain information: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [ActiveDirectory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/activedirectory/overview.md) +- [ADActivity Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adactivity/overview.md) +- [GroupPolicy Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/overview.md) +- [LDAP Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/ldap.md) +- [PasswordSecurity Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/overview.md) +- [PowerShell Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md) +- [Registry Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/registry.md) + +## Permissions + +- Member of the Domain Administrators group + +The majority of jobs in the Active Directory solutions rely on tables with queried data from the +data collectors mentioned above to perform analysis and generate reports. The remaining jobs utilize +data collectors to scan environments, and require additional permissions on the target host. + +**_RECOMMENDED:_** Use Domain/Local Administrator privileges to run Access Analyzer against an +Active Directory domain controller. + +There is a least privilege model for scanning your domain. See the +[Least Privilege Model](#least-privilege-model) topic for additional information. + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For ActiveDirectory Data Collector + +- TCP 389/636 +- TCP 135-139 +- Randomly allocated high TCP ports + +For ADActivity Data Collector + +- TCP 4494 (configurable within the Netwrix Activity Monitor) + +For GroupPolicy Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For LDAP Data Collector + +- TCP 389 + +For PasswordSecurity Collector + +- TCP 389/636 + +For PowerShell Data Collector + +- Randomly allocated high TCP ports + +For Registry Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports + +## Least Privilege Model + +A least privilege model can be configured based on your auditing needs and the data collection jobs +you will be using. The following jobs and their corresponding data collectors can be run with a +least privilege permissions model. + +1-AD_Scan Job Permissions + +The ADInventory Data Collector in the .Active Directory Inventory > 1-AD_Scan Job has the following +minimum requirements, which must be configured at the Domain level in Active Directory: + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +AD_WeakPasswords Job Permissions + +The PasswordSecurity Data Collector in the 2.Users > AD_WeakPasswords Job has the following minimum +requirements: + +- At the domain level: + + - Read + - Replicating Directory Changes + - Replicating Directory Changes All + - Replicating Directory Changes in a Filtered Set + - Replication Synchronization + +AD_CPassword Job Permissions + +While the PowerShell Data Collector typically requires Domain Administrator permissions when +targeting a domain controller, that level of access is not required to run the 4.Group Policy > +AD_CPasswords job. The minimum requirements for running this job are: + +- Read access to SYSVOL on the targeted Domain Controller(s) and all of its children + +AD_GroupPolicy Job Permissions + +While the GroupPolicy Data Collector typically requires Domain Administrator permissions when +targeting a domain controller, that level of access is not required to run the 4.Group Policy > +AD_GroupPolicy Job. The minimum requirements for running this job are: + +- Requires Read permissions on Group Policy Objects + +AD_PasswordPolicies Job Permissions + +While the LDAP Data Collector typically requires Domain Administrator permissions when targeting a +domain controller, that level of access is not required to run the 4.Group Policy > +AD_PasswordPolicies Job. The minimum requirements for running this job are: + +- Requires Read permissions on the Password Settings Container + +AD_DomainControllers Job Permissions + +While the LDAP Data Collector and Active Directory Data Collector typically requires Domain +Administrator permissions when targeting a domain controller, that level of access is not required +to run the 5.Domains > 0.Collection > AD_DomainControllers Job. The minimum requirements for running +this job are: + +- Read access to CN=Servers,%SITEDN% and its children +- Read access to: %PARTITIONDNS% and its children +- Read access to: %SCHEMADN% +- Read access to: %SITESDN% and its children + +See the [Variable Definitions](#variable-definitions) for variable definitions. + +AD_DSRM Job Permissions + +While the Registry Data Collector typically requires Domain Administrator permissions when targeting +a domain controller, that level of access is not required to run the 5.Domains > 0.Collection > +AD_DSRM Job. The minimum requirements for running this job are: + +- Requires read access to the following Registry key and its children: + HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa + +AD_TimeSync Job Permissions + +While the Registry Data Collector typically requires Domain Administrator permissions when targeting +a domain controller, that level of access is not required to run the 5.Domains > 0.Collection > +AD_TimeSync Job. The minimum requirements for running this job are: + +- Requires Read access to the following Registry keys and its children: + HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time + +AD_DomainInfo Job Permissions + +While the LDAP Data Collector and Active Directory Data Collector typically requires Domain +Administrator permissions when targeting a domain controller, that level of access is not required +to run the 5.Domains > AD_DomainInfo Job. The minimum requirements for running this job, which must +be configured at the Domain level in Active Directory, are: + +- Read access to: %DOMAINDN% and its children +- Read access to: CN=System,%DOMAINDN% and its children +- Read access to: %SITEDN% and its children +- Read access to: %PARTITIONDNS% and its children + +See the [Variable Definitions](#variable-definitions) for variable definitions. + +AD_ActivityCollection Job Permission + +The ADActivity Data Collector in the 6.Activity > 0.Collection > AD_ActivityCollection Job has the +following minimum requirements: + +- Netwrix Activity Monitor API Access activity data +- Netwrix Activity Monitor API Read +- Read access to the Netwrix Activity Monitor Log Archive location + +### Variable Definitions + +The following variables are referenced for Active Directory Least Privileged Models: + +`%PARTITIONDNS%` is the distinguished name of the accessed partition; +`CN=Partitions,CN=Configuration,DC=contoso,DC=com` + +`%SITEDN%` is the distinguished name of the accessed site; +`CN=Sites,CN=Configuration,DC=contoso,DC=com` + +`%CONFIGDN%` is the distinguished name of the configuration naming context; +`CN=Configuration,DC=company,DC=com` + +`%SCHEMADN%` is the distinguished name of the accessed schema; +`CN=Schema,CN=Configuration,DC=company,DC=com` + +`%DOMAINDN%`" is the distinguished name of the accessed domain object; `DC=company,DC=com` diff --git a/docs/accessanalyzer/12.0/config/activedirectory/activity.md b/docs/accessanalyzer/12.0/config/activedirectory/activity.md new file mode 100644 index 0000000000..b2d375f600 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/activedirectory/activity.md @@ -0,0 +1,251 @@ +# Active Directory Activity Auditing Configuration + +There are two methods to configure Activity Monitor to provide Active Directory domain activity to +Access Analyzer: + +- API Server +- File Archive Repository + +See the [File Archive Repository Option](/docs/accessanalyzer/12.0/config/activedirectory/filearchive.md) topic for additional information on that +option. + +## API Server Option + +In this method, you will be deploying two agents: + +- First, deploy an Activity Agent to a Windows server that will act as the API server. This is a + non-domain controller server. + + **_RECOMMENDED:_** Deploy the API Server to the same server where the Activity Monitor Console + resides. + +- Next, deploy the AD Agent to all domain controllers in the target domain. + +Follow the steps to setup integration between Activity Monitor and Access Analyzer through an API +server. + +**Step 1 –** Deploy the Activity Agent to the API server. + +**Step 2 –** Deploy the AD Agent to each domain controller in the target domain. + +The next step is to configure the agent deployed to the API server. + +## Configure API Server Agent + +Follow the steps to configure the agent deployed to the API server. + +**Step 1 –** On the Agents tab of the Activity Monitor Console, select the agent deployed to the +API server. + +**Step 2 –** Click **Edit**. The Agent properties window opens. + +**Step 3 –** Select the **API Server** tab and configure the following: + +- Select the **Enable API access on this agent** checkbox. +- The default **API server port (TCP)** is 4494, but it can be modified if desired. Ensure the + modified port is also used by Access Analyzer. +- Click **Add Application**. The Add or edit API client window opens. +- Configure the following: + + - Provide a descriptive and unique **Application name**, for example `Access Analyzer`. + - Select the **Read** checkbox to grant this permission to this application. + - Click **Generate** to generate the Client ID and Client Secret. + - Copy the Client ID value to a text file. + - Click **Copy** and save the Client Secret value to a text file. + + **CAUTION:** It is not possible to retrieve the value after closing the Add or edit + API client window. It must be copied first. + + - By default, the **Secret Expires** in 3 days. That means it must be used in the Access + Analyzer Connection Profile within 72 hours or a new secret will need to be generated. Modify + if desired. + - Click **OK** to save the configuration and close the Add or edit API client window. + +- If the Activity Monitor Console server is not the API Server, then click **Use this console** to + grant the Activity Monitor the ability to manage the API server. +- The IPv4 or IPv6 allowlist allows you to limit access to the API server data to specific hosts. + +**Step 4 –** Click **OK** to save the configuration and close the Agent properties window. + +The next step is to configure the agents deployed to the domain controllers. + +## Configure Domain Controller Agent + +Follow the steps to configure the agent deployed to the domain controller. + +**Step 1 –** On the Agents tab of the Activity Monitor Console, select an agent deployed to domain +controller. + +**Step 2 –** Click **Edit**. The Agent properties window opens. + +**Step 3 –** Select the **Archiving** tab and configure the following: + +- Select the **Enable Archiving for this agent** checkbox. +- Select the **Archive log files on a UNC path** option. Click the **...** button and navigate to + the desired network share on the API server. +- The **User name** and **User password** fields only need to be filled in if the account used to + install the agent does not have access to this share. + + _Remember,_ The account used to install the agent on a domain controller is a Domain + Administrator account. + +- Click **Test** to ensure a successful connection to the network share. + +**Step 4 –** Click **OK** to save the configuration and close the Agent properties window. + +**Step 5 –** Repeat Steps 1-4 for each agent deployed to domain controller. + +These agent are configured to save the Archive logs to the selected share. + +## Configure Monitored Domain Output + +Follow the steps configure the monitored domain output for Netwrix Access Analyzer (formerly +Enterprise Auditor). + +**Step 1 –** Select the **Monitored Domains** tab. + +**Step 2 –** Select the desired domain and click **Add Output**. The Add New Ouptut window opens. + +**Step 3 –** Configure the following: + +- Configure the desired number of days for the **Period to keep Log files**. This is the number of + days the log files are kept on the API server configured in the sections above. This needs to be + set to a greater value than the days between Access Analyzer scans. + + - For example, if Access Analyzer runs the **AD_ActivityCollection** Job once a week (every 7 + days), then the Activity Monitor output should be configured to retain at least 10 days of log + files. + +- Check the **This log file is for StealthAUDIT** box. +- Optionally select the **Enable periodic AD Status Check event reporting** checkbox. When enabled, + the agent will send out status messages every five minutes to verify whether the connection is + still active. + +**Step 4 –** Click **Add Output** to save and close the Add New Output window. + +Access Analyzer now has access to the agent log files for this domain. + +## Configure Connection Profile + +Follow the steps to configure the Connection Profile in Access Analyzer. + +_Remember,_ the Client ID and Client Secret were generated by the API server and copied to a text +file. If the secret expired before the Connection Profile is configured, it will need to be +re-generated. + +**Step 1 –** On the **Settings** > **Connection** node of the Access Analyzer Console, select the +Connection Profile for the Active Directory solution. If you haven't yet created a Connection +Profile or desire a specific one for AD Activity, create a new one and provide a unique descriptive +name. + +**Step 2 –** Click **Add User credential**. The User Credentials window opens. + +**Step 3 –** Configure the following: + +- Select Account Type – Select **Web Services (JWT)** +- User name – Enter the Client ID generated by the Activity Monitor API Server +- Access Token – Enter the Client Secret generated by the Activity Monitor API Server + +**Step 4 –** Click **OK** to save and close the User Credentials window. + +**Step 5 –** Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +**Step 6 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** Job +Group. Select the **Settings > Connection** node. + +**Step 7 –** Select the **Select one of the following user defined profiles** option. Expand the +drop-down menu and select the Connection Profile with this credential. + +**Step 8 –** Click **Save** and then **OK** to confirm the changes to the job group settings. + +The Connection Profile will now be used for AD Activity collection. + +## Configure the AD_ActivityCollection Job + +The Access Analyzer requires additional configurations in order to collect domain activity data. +Follow the steps to configure the **AD_ActivityCollection** Job. + +**NOTE:** Ensure that the **.Active Directory Inventory** Job Group has been successfully run +against the target domain. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. + +**Step 2 –** Click **Query Properties**. The Query Properties window displays. + +**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard +opens. + +![Active Directory Activity DC wizard Category page](/img/product_docs/activitymonitor/config/activedirectory/categoryimportfromnam.webp) + +**Step 4 –** On the Category page, choose **Import from SAM** option and click **Next**. + +![Active Directory Activity DC wizard SAM connection settings page](/img/product_docs/activitymonitor/config/activedirectory/namconnection.webp) + +**Step 5 –** On the SAM connection page, the **Port** is set to the default 4494. This needs to +match the port configured for the Activity Monitor API Server agent. + +**Step 6 –** In the **Test SAM host** textbox, enter the Activity Monitor API Server name using +fully qualified domain format. For example, `NEWYORKSRV30.NWXTech.com`. Click **Connect**. + +**Step 7 –** If connection is successful, the archive location displays along with a Refresh token. +Copy the **Refresh token**. This will replace the Client Secret in the Connection Profile in the +last step. + +**Step 8 –** Click **Next**. + +![Active Directory Activity DC wizard Scoping and Retention page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) + +**Step 9 –** On the Scope page, set the Timespan as desired. There are two options: + +- Relative Timespan – Set the number of days of activity logs to collect when the scan is run +- Absolute Timespan – Set the date range for activity logs to collect when the scan is run + +**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity +Monitor domain output log retention expires. For example, if Access Analyzer runs the +**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be +configured to retain at least 10 days of log files. + +**Step 10 –** Set the Retention period as desired. This is the number of days Access Analyzer keeps +the collected data in the SQL Server database. + +**Step 11 –** Click **Next** and then **Finish** to save the changes and close the wizard. + +**Step 12 –** Click **OK** to save the changes and close the Query Properties page. + +**Step 13 –** Navigate to the global **Settings** > **Connection** node to update the User +Credential with the Refresh token: + +- Select the Connection Profile assigned to the **6.Activity** > **0.Collection** Job Group. +- Select the Web Services (JWT) User Credential and click **Edit**. +- Replace the Access Token with the Refresh token generated by the data collector in Step 7. +- Click **OK** to save and close the User Credentials window. +- Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +The query is now configured to target the Activity Monitor API Server to collect domain activity +logs. + +### (Optional) Configure Import of AD Activity into Netwrix Access Information Center + +AD Activity data can be imported into Netwrix Access Information Center by the +**AD_ActivityCollection** Job. However, this is disabled by default. Follow the steps to enable the +importing of AD activity data into the Access Information Center. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. + +**Step 2 –** On the job's Overview page, enable the import of AD Events. + +- Click on the **Enable to import AD events into the AIC** parameter. +- On the Parameter Configuration window, select the **Enabled** checkbox and click **Save**. + +**Step 3 –** On the job's Overview page, enable the import of authentication Events. + +- Click on the **Enable to import authentication events into the AIC** parameter. +- On the Parameter Configuration window, select the **Enabled** checkbox and click **Save**. + +**Step 4 –** Optionally, modify the **List of attributes to track for Object Modified changes** and +**Number of days to retain activity data in the AIC** parameters. + +The **AD_ActivityCollection** Job is now configured to import both AD events and authentication +events into the Netwrix Access Information Center. diff --git a/docs/accessanalyzer/12.0/config/activedirectory/filearchive.md b/docs/accessanalyzer/12.0/config/activedirectory/filearchive.md new file mode 100644 index 0000000000..2fc64b5f9d --- /dev/null +++ b/docs/accessanalyzer/12.0/config/activedirectory/filearchive.md @@ -0,0 +1,154 @@ +# File Archive Repository Option + +As an alternative to using an API Server, Netwrix Activity Monitor can be configured to store all +archived logs to a network share. This option requires all of the domain logs to be stored in the +same share location in order for Access Analyzer to collect the AD Activity data. + +Prerequisite + +Deploy the AD Agent to each domain controller in the target domain. + +## Configure Domain Controller Agent + +Follow the steps to configure the agent deployed to the domain controller. + +**NOTE:** These steps assume the network share where the activity log files will be archived already +exists. + +**Step 1 –** On the Agents tab of the Activity Monitor Console, select an agent deployed to domain +controller. + +**Step 2 –** Click Edit. The Agent properties window opens. + +**Step 3 –** Select the Archiving tab and configure the following: + +- Check the Enable Archiving for this agent box. +- Select the **Archive log files on a UNC path** option. Click the ... button and navigate to the + desired network share. +- The **User name** and **User password** fields only need to be filled in if the account used to + install the agent does not have access to this share. + + _Remember,_ The account used to install the agent on a domain controller is a Domain + Administrator account. This is typically the credential that will be used in the Netwrix Access + Analyzer (formerly Enterprise Auditor) Connection Profile. However, a least privilege option is + a domain user account with Read access to this share. + +- Click **Test** to ensure a successful connection to the network share. + +**Step 4 –** Click OK to save the configuration and close the Agent properties window. + +**Step 5 –** Repeat Steps 1-4 for each agent deployed to domain controller pointing to the same +network share in Step 3 for each agent. + +These agent are configured to save the Archive logs to the selected share. + +## Configure Monitored Domain Output + +Follow the steps configure the monitored domain output for Netwrix Access Analyzer (formerly +Enterprise Auditor). + +**Step 1 –** Select the **Monitored Domains** tab. + +**Step 2 –** Select the desired domain and click **Add Output**. The Add New Ouptut window opens. + +**Step 3 –** Configure the following: + +- Configure the desired number of days for the **Period to keep Log files**. This is the number of + days the log files are kept on the API server configured in the sections above. This needs to be + set to a greater value than the days between Access Analyzer scans. + + - For example, if Access Analyzer runs the **AD_ActivityCollection** Job once a week (every 7 + days), then the Activity Monitor output should be configured to retain at least 10 days of log + files. + +- Check the **This log file is for StealthAUDIT** box. +- Optionally select the **Enable periodic AD Status Check event reporting** checkbox. When enabled, + the agent will send out status messages every five minutes to verify whether the connection is + still active. + +**Step 4 –** Click **Add Output** to save and close the Add New Output window. + +Access Analyzer now has access to the agent log files for this domain. + +## Configure Connection Profile + +Follow the steps to configure the Connection Profile in Access Analyzer. + +**Step 1 –** On the Settings > Connection node of the Access Analyzer Console, select the Connection +Profile for the Active Directory solution. If you haven't yet created a Connection Profile or desire +a specific one for AD Activity, create a new one and provide a unique descriptive name. + +**Step 2 –** Click Add User credential. The User Credentials window opens. + +**Step 3 –** Configure the following: + +- Select Account Type – Select **Active Directory Account** +- Domain – Select the domain where the network share resides +- User name – Enter the account with Read access to the network share +- Provide the account password: + + - Password Storage – Select the password storage location, if it is being stored in a vault, + like CyberArk + - Password / Confirm – Enter the account password in both fields + +**Step 4 –** Click OK to save and close the User Credentials window. + +**Step 5 –** Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +**Step 6 –** Navigate to the Jobs > Active Directory > 6.Activity > 0.Collection Job Group. Select +the **Settings > Connection** node. + +**Step 7 –** Select the **Select one of the following user defined profiles** option. Expand the +drop-down menu and select the Connection Profile with this credential. + +**Step 8 –** Click **Save** and then **OK** to confirm the changes to the job group settings. + +The Connection Profile will now be used for AD Activity collection. + +## Configure the AD_ActivityCollection Job + +Access Analyzer requires additional configurations in order to collect domain activity data. Follow +the steps to configure the **AD_ActivityCollection** Job. + +**NOTE:** Ensure that the .Active Directory Inventory Job Group has been successfully run against +the target domain. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. + +**Step 2 –** Click **Query Properties**. The Query Properties window displays. + +**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard +opens. + +![Active Directory Activity DC wizard Category page](/img/product_docs/activitymonitor/config/activedirectory/categoryimportfromshare.webp) + +**Step 4 –** On the Category page, choose **Import from Share** option and click **Next**. + +![Active Directory Activity DC wizard Share settings page](/img/product_docs/activitymonitor/config/activedirectory/share.webp) + +**Step 5 –** On the Share page, provide the UNC path to the AD Activity share archive location. If +there are multiple archives in the same network share, check the **Include Sub-Directories** box. +Click **Next**. + +![Active Directory Activity DC wizard Scoping and Retention page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) + +**Step 6 –** On the Scope page, set the Timespan as desired. There are two options: + +- Relative Timespan – Set the number of days of activity logs to collect when the scan is run +- Absolute Timespan – Set the date range for activity logs to collect when the scan is run + +**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity +Monitor domain output log retention expires. For example, if Access Analyzer runs the +**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be +configured to retain at least 10 days of log files. + +**Step 7 –** Set the Retention period as desired. This is the number of days Access Analyzer keeps +the collected data in the SQL Server database. + +**Step 8 –** Click **Next** and then **Finish** to save the changes and close the wizard. + +**Step 9 –** Click **OK** to save the changes and close the Query Properties page. + +The query is now configured to target the network share where the Activity Monitor domain activity +logs are archived. diff --git a/docs/accessanalyzer/12.0/config/activedirectory/overview.md b/docs/accessanalyzer/12.0/config/activedirectory/overview.md new file mode 100644 index 0000000000..859d143f58 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/activedirectory/overview.md @@ -0,0 +1,79 @@ +# Active Directory Domain Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute scans on Active Directory domains. +The Netwrix Activity Monitor can be configured to monitor activity on Active Directory domains and +make the event data available for Access Analyzer Active Directory Activity scans. + +## Auditing Permissions + +The following permission is needed: + +- Member of the Domain Administrators group + +Some collection jobs do allow for a least privilege model. See the +[Active Directory Auditing Configuration](/docs/accessanalyzer/12.0/config/activedirectory/access.md) topic for additional information. + +## Auditing Port Requirements + +Ports vary based on the data collector being used. See the +[Active Directory Auditing Configuration](/docs/accessanalyzer/12.0/config/activedirectory/access.md) topic for additional information. + +## Activity Auditing Permissions + +**NOTE:** Active Directory domain activity events can also be monitored through Netwrix Threat +Prevention. This requires integration between it and Netwrix Activity Monitor to enable access to +the data for Access Analyzer Active Directory Activity scans. See the +[Send Active Directory Event Data from Netwrix Threat Prevention to Netwrix Access Analyzer](/docs/accessanalyzer/12.0/config/activedirectory/threatprevention.md) +topic for additional information. + +Requirements to Deploy the AD Agent on the Domain Controller + +The Netwrix Activity Monitor must have an AD Agent deployed on the domain controller to be +monitored. While actively monitoring, the AD Agent generates activity log files stored on the +server. The credential used to deploy the AD Agent must have the following permissions on the +server: + +- Membership in the Domain Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +**NOTE:** For monitoring an Active Directory domain, the AD Agent must be installed on all domain +controllers within the domain to be monitored. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +Integration with Access Analyzer + +See the [Active Directory Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/activedirectory/activity.md) topic for target environment +requirements. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/config/activedirectory/threatprevention.md b/docs/accessanalyzer/12.0/config/activedirectory/threatprevention.md new file mode 100644 index 0000000000..d9a28213e3 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/activedirectory/threatprevention.md @@ -0,0 +1,40 @@ +# Send Active Directory Event Data from Netwrix Threat Prevention to Netwrix Access Analyzer + +When Netwrix Threat Prevention is configured to monitor a domain, the event data collected by the +policies can be provided to Netwrix Access Analyzer (formerly Enterprise Auditor) for auditing and +analysis. This is accomplished by configuring Threat Prevention to send data to Netwrix Activity +Monitor, which in turn creates the activity log files that Access Analyzer collects. + +**NOTE:** Threat Prevention can only be configured to send event data to one Netwrix application, +either Netwrix Activity Monitor or Netwrix Threat Manager but not both. However, the Activity +Monitor can be configured with outputs for Access Analyzer and Threat Manager. + +Follow the steps to configure this integration. + +**_RECOMMENDED:_** It is a best practice to use the API Server option of the Activity Monitor for +this integration between Threat Prevention and Access Analyzer. + +**Step 1 –** In the Threat Prevention Administration Console, click **Configuration** > **Netwrix +Threat Manager Configuration** on the menu. The Netwrix Threat Manager Configuration window opens. + +**Step 2 –** On the Event Sink tab, configure the following: + +- Netwrix Threat Manager URI – Enter the name of the Activity Monitor agent host and port, which is + 4499 by default, in the following format: + + `amqp://localhost:4499` + + You must use localhost, even if Activity Monitor and Threat Prevention are installed on + different servers. + +- App Token – Leave this field blank for integration with Activity Monitor +- Policies – The table displays all policies created in Threat Prevention along with a State icon + indicating if the policy is active. Check the **Send** box for the desired policies monitoring the + target domain activity. + +**Step 3 –** Click **Save**. + +All real-time event data from the selected policies is now sent to Activity Monitor. Additional +policies can be added to this data stream through the Netwrix Threat Manager Configuration window or +by selecting the **Send to Netwrix Threat Manager** option on the Actions tab of the respective +policy. diff --git a/docs/accessanalyzer/12.0/config/dellcelerravnx/access.md b/docs/accessanalyzer/12.0/config/dellcelerravnx/access.md new file mode 100644 index 0000000000..af6da7e40a --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellcelerravnx/access.md @@ -0,0 +1,22 @@ +# Dell Celerra & Dell VNX Access & Sensitive Data Auditing Configuration + +This topic provides instructions for assigning group membership for Dell Celerra & Dell VNX devices. + +## Assign Group Membership for Dell Devices + +Follow the steps assign group membership through Computer Management. + +**Step 1 –** Open Computer Management (`compmgmt.msc`). + +**Step 2 –** Right-click on the Computer Management (local) node and select Connect to another +computer. + +**Step 3 –** Enter the name of the Dell device in the textbox and click OK. + +**Step 4 –** Navigate to the Local Users and Groups > Groups node for the device. + +**Step 5 –** Select the Backup Operators group and add the account being provisioned. + +**Step 6 –** Select the Power Users group and add the account being provisioned. + +The account has been provisioned for Access Auditing and Sensitive Data Discovery Auditing. diff --git a/docs/accessanalyzer/12.0/config/dellcelerravnx/activity.md b/docs/accessanalyzer/12.0/config/dellcelerravnx/activity.md new file mode 100644 index 0000000000..ff1db57e1c --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellcelerravnx/activity.md @@ -0,0 +1,54 @@ +# Dell Celerra & Dell VNX Activity Auditing Configuration + +An Dell Celerra or VNX device can be configured to audit Server Message Block (SMB) protocol access +events. All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Activity Monitor +listens for all events coming through the Dell CEE and translates all relevant information into +entries in the Log files or syslog messages. + +Complete the following checklist prior to configuring the Activity Monitor to monitor the host. +Instructions for each item of the checklist are detailed within the following sections. + +Checklist Item 1: Plan Deployment + +- Prior to beginning the deployment, gather the following: + + - DNS name of Celerra or VNX CIFS share(s) to be monitored + - Data Mover or Virtual Data Mover hosting the share(s) to be monitored + - Account with access to the CLI + - Download the Dell CEE from: + + - [https://www.dell.com/support](https://www.dell.com/support) + +Checklist Item 2: Install Dell CEE + +- Dell CEE can be installed on the same Windows server as the Activity Agent, or on a different + server. If it is installed on the same host, the activity agent can configure it automatically. + + **_RECOMMENDED:_** The latest version of Dell CEE is the recommended version to use with the + asynchronous bulk delivery (VCAPS) feature. + +- Important: + + - Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE + is installed + - Dell CEE 8.4.2 through Dell CEE 8.6.1 are not supported for use with the VCAPS feature + - Dell CEE requires .NET Framework 3.5 to be installed on the Windows proxy server + +- See the [Install & Configure Dell CEE](/docs/accessanalyzer/12.0/config/dellcelerravnx/installcee.md) topic for instructions. + +Checklist Item 3: Dell Device Configuration + +- Configure the `cepp.conf` file on the Celerra VNX Cluster +- See the + [Connect Data Movers to the Dell CEE Server](installcee.md#connect-data-movers-to-the-dell-cee-server) + topic for instructions. + +Checklist Item 4: Activity Monitor Configuration + +- Deploy the Activity Monitor Activity Agent, preferably on the same server where Dell CEE is + installed + + - After activity agent deployment, configure the Dell CEE Options tab of the agent’s Properties + window within the Activity Monitor Console + +Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent diff --git a/docs/accessanalyzer/12.0/config/dellcelerravnx/installcee.md b/docs/accessanalyzer/12.0/config/dellcelerravnx/installcee.md new file mode 100644 index 0000000000..40b05af2f7 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellcelerravnx/installcee.md @@ -0,0 +1,183 @@ +# Install & Configure Dell CEE + +Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix +product. Dell customers have a support account with Dell to access the download. + +_Remember,_ the latest version is the recommended version of Dell CEE. + +**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity +Monitor agent will be deployed (recommended) or on any other Windows or Linux server. + +Follow the steps to install the Dell CEE. + +**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for +this component. It is recommended to use the most current version. + +**Step 2 –** Follow the instructions in the Dell +[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) +guide to install and configure the CEE. The installation will add two services to the machine: + +- EMC Checker Service (Display Name: EMC CAVA) +- EMC CEE Monitor (Display Name: EMC CEE Monitor) + +**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the +asynchronous bulk delivery (VCAPS) feature. + +See the [CEE Debug Logs](/docs/accessanalyzer/12.0/config/dellunity/validate.md#cee-debug-logs) section for information on +troubleshooting issues related to Dell CEE. + +After Dell CEE installation is complete, it is necessary to +[Connect Data Movers to the Dell CEE Server](#connect-data-movers-to-the-dell-cee-server). + +## Configure Dell Registry Key Settings + +There may be situations when Dell CEE needs to be installed on a different Windows server than the +one where the Activity Monitor activity agent is deployed. In those cases it is necessary to +manually set the Dell CEE registry key to forward events. + +**Step 1 –** Open the Registry Editor (run regedit). + +![registryeditor](/img/product_docs/activitymonitor/config/dellpowerstore/registryeditor.webp) + +**Step 2 –** Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration + +**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. + +**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value +window closes. + +**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. + +**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the +Windows proxy server hosting the Activity Monitor activity agent. Use the following format: + +StealthAUDIT@[IP ADDRESS] + +Examples: + +StealthAUDIT@192.168.30.15 + +**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. + +![services](/img/product_docs/activitymonitor/config/dellpowerstore/services.webp) + +**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. + +The Dell CEE registry key is now properly configured to forward event to the Activity Monitor +activity agent. + +## Connect Data Movers to the Dell CEE Server + +The `cepp.conf` file contains information that is necessary to connect the Data Movers to the Dell +CEE server. An administrator must create a configuration file which contains at least one event, one +pool, and one server. All other parameters are optional. The `cepp.conf` file resides on the Data +Mover. + +**Step 1 –** Log into the Dell Celerra or VNX server with an administrator account. The +administrative account should have a $ character in the terminal. + +**NOTE:** Do not use a # charter. + +**Step 2 –** Create or retrieve the `cepp.conf` file. + +If there is not a `cepp.conf` file on the Data Mover(s), use a text editor to create a new blank +file in the home directory named `cepp.conf`. The following is an example command if using the text +editor ‘vi’ to create a new blank file: + +$ vi cepp.conf + +> If a `cepp.conf` file already exists, it can be retrieved from the Data Movers for modification +> with the following command: + +$ server_file [DATA_MOVER_NAME] -get cepp.conf cepp.conf + +**Step 3 –** Configure the `cepp.conf` file. For information on the `cepp.conf` file, see the Dell +[Using the Common Event Enabler for Windows Platforms](https://www.dellemc.com/en-us/collaterals/unauth/technical-guides-support-information/products/storage-3/docu48055.pdf) +guide instructions on how to add parameters or edit the values or existing parameters. + +**NOTE:** The information can be added to the file on one line or separate lines by using a space +and a ”\” at the end of each line, except for the last line and the lines that contain global +options: `cifsserver`, `surveytime`, `ft`, and `msrpcuser`. + +The Activity Monitor requires the following parameters to be set in the `cepp.conf` file: + +- `pool name= ` + - This should equal the name assigned to the configuration container. This container is composed + of the server(s) IP Address or FQDN where the Dell CEE is installed and where the list of + events to be monitored is located. It can be named as desired but must be a pool name. +- `servers= ` + - This should equal the IP Address or FQDN of the Windows server where the Dell CEE is + installed. If several servers are specified, separate them with the vertical bar (|) or a + colon (:). +- `postevents= ` + - The following events are required (separated with the vertical bar): + `CloseModified|CloseUnmodified|CreateDir|CreateFile|DeleteDir|DeleteFile|RenameDir|RenameFile|SetAclDir|SetAclFile ` + - If "Directory Read/List" operations are needed, append `OpenDir` to the list. +- `msrpcuser= ` + + - This should equal the domain account used to run the Dell CEE Monitor and Dell CAVA services + on the Windows server. This parameter is a security measure used to ensure events are only + sent to the appropriate servers. + + All unspecified parameters use the default setting. For most configurations, the default + setting is sufficient. + + Example cepp.conf file format: + + msrpcuser=[DOMAIN\DOMAINUSER] + + pool name=[POOL_NAME] \ + + servers=[IP_ADDRESS1]|[IP_ADDRESS2]|... \ + + postevents=[EVENT1]|[EVENT2]|... + + Example cepp.conf file format for the Activity Monitor: + + msrpcuser=[DOMAIN\DOMAINUSER running CEE services] + + pool name=[POOL_NAME for configuration container] \ + + servers=[IP_ADDRESS where CEE is installed]|... \ + + postevents=[EVENT1]|[EVENT2]|... + + Example of a completed cepp.conf file for the Activity Monitor: + + msrpcuser=example\user1 + + pool name=pool \ + + servers=192.168.30.15 \ + + postevents=CloseModified|CloseUnmodified|CreateDir|CreateFile|DeleteDir|DeleteFile|RenameDir|RenameFile|SetAclDir|SetAclFile + +**Step 4 –** Move the `cepp.conf` file to the Data Mover(s) root file system. Run the following +command: + +$ server_file [DATA_MOVER_NAME]‑put cepp.conf cepp.conf + +**NOTE:** Each Data Mover which runs Celerra Event Publishing Agent (CEPA) must have a `cepp.conf` +file, but each configuration file can specify different events. + +**Step 5 –** (This step is required only if using the `msrpcuser` parameter) Register the MSRPC user +(see Step 3 for additional information on this parameter). Before starting CEPA for the first time, +the administrator must issue the following command from the Control Station and follow the prompts +for entering information: + +/nas/sbin/server_user server_2 -add -md5 -passwd [DOMAIN\DOMAINUSER for msrpcuser] + +**Step 6 –** Start the CEPA facility on the Data Mover. Use the following command: + +server_cepp [DATA_MOVER_NAME] -service –start + +Then verify the CEPA status using the following command: + +server_cepp [DATA_MOVER_NAME] -service –status + +Once the `cepp.config` file has been configured, it is time to configure and enable monitoring with +the Activity Monitor. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for additional information. diff --git a/docs/accessanalyzer/12.0/config/dellcelerravnx/overview.md b/docs/accessanalyzer/12.0/config/dellcelerravnx/overview.md new file mode 100644 index 0000000000..d27f90392e --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellcelerravnx/overview.md @@ -0,0 +1,116 @@ +# Dell Celerra & Dell VNX Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or +Sensitive Data Discovery Auditing scans on Dell Celerra or Dell VNX devices. The Netwrix Activity +Monitor can be configured to monitor activity on Dell Celerra or Dell VNX devices and make the event +data available for Access Analyzer Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Access Analyzer scans must have the following permissions on the target +host: + +- Group membership in both of the following groups: + + - Power Users + - Backup Operators + +These permissions grant the credential the ability to enumerate shares, access the remote registry, +and bypass NTFS security on folders. The credential used within the assigned Connection Profile for +these target hosts requires these permissions. See the +[Dell Celerra & Dell VNX Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/dellcelerravnx/access.md) topic for +instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +Troubleshooting Dell Celerra & Dell VNX Denied Access Errors + +If there are folders to which the credential is denied access, it is likely that the Backup +Operators group does not have the “Back up files and directories” right. In that case, it is +necessary to assign additional the “Back up files and directories” right to those groups or to +create a new local group, using Computer Management from a Windows server. Then assign rights to it +using the CelerraManagementTool.msc plugin, which is available to Dell customers. For further +information, see the Celerra guide Using Windows Administrative Tools on VNX found on the Celerra +website. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of Dell Celerra or Dell VNX + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +Dell Celerra & Dell VNX Requirements + +Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, +where the activity agent is deployed. + +**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. + +EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC +CEE service to start. + +See the [Dell Celerra & Dell VNX Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/dellcelerravnx/activity.md) topic for +instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Dell Celerra & Dell VNX Devices + +The following firewall settings are required for communication between the CEE server/ Activity +Monitor Activity Agent server and the target Dell device: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | +| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | +| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/config/dellcelerravnx/validate.md b/docs/accessanalyzer/12.0/config/dellcelerravnx/validate.md new file mode 100644 index 0000000000..01e0906c40 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellcelerravnx/validate.md @@ -0,0 +1,136 @@ +# Validate Setup + +Once the Activity Monitor agent is configured to monitor the Dell device, the automated +configuration must be validated to ensure events are being monitored. + +## Validate Dell CEE Registry Key Settings + +**NOTE:** See the +[Configure Dell Registry Key Settings](/docs/accessanalyzer/12.0/config/dellunity/installcee.md#configure-dell-registry-key-settings) +topic for information on manually setting the registry key. + +After the Activity Monitor activity agent has been configured to monitor the Dell device, it will +configure the Dell CEE automatically if it is installed on the same server as the agent. This needs +to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on +a different server than the Windows proxy server(s) where the Activity Monitor activity agent is +deployed. + +If the monitoring agent is not registering events, validate that the EndPoint is accurately set. +Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the +following steps. + +**Step 1 –** Navigate to the following windows registry key: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration + +![registryeditorendpoint](/img/product_docs/activitymonitor/config/dellunity/registryeditorendpoint.webp) + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` + +- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` + +**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. + +**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. + +For Asynchronous Bulk Delivery Mode + +For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events +(VCAPS), use the following steps. + +**Step 1 –** Navigate to the following windows registry key: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` +- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` + +**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. + +**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the +MaxEventsPerFeed - between 10 and 10000. + +**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. + +Set the following values under the Data column: + +- Enabled – 1 +- EndPoint – StealthAUDIT + +If this is configured correctly, validate that the Dell CEE services are running. See the +[Validate Dell CEE Services are Running](#validate-dell-cee-services-are-running) topic for +additional information. + +## Validate Dell CEE Services are Running + +After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell +CEE services should be running. If the Activity Agent is not registering events and the EndPoint is +set accurately, validate that the Dell CEE services are running. Open the Services (run +`services.msc`). + +![services](/img/product_docs/activitymonitor/config/dellpowerstore/services.webp) + +The following services laid down by the Dell CEE installer should have Running as their status: + +- Dell CAVA +- Dell CEE Monitor + +## Dell CEE Debug Logs + +If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs +need to be enabled for troubleshooting purposes. Follow the steps. + +**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right +corner to Trace. + +**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list +and Disable monitoring. + +**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: + +> [http://docs.microsoft.com/en-us/sysinternals/downloads/debugview](http://docs.microsoft.com/en-us/sysinternals/downloads/debugview) + +**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration + +**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the +Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +**NOTE:** If the Debug DWORD Value does not exist, it needs to be added. + +**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In +the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +**NOTE:** If the Verbose DWORD Value does not exist, it needs to be added. + +**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: + +- Capture Win32 +- Capture Global Win32 +- Capture Events + +**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list +and Enable monitoring. + +**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. + +**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): + +- Debug View Log (from Dell Debug View tool) +- Use the **Collect Logs** button to collect debug logs from the activity agent + +**_RECOMMENDED:_** After the logs have been gathered and sent to Netwrix Support, reset these +configurations. diff --git a/docs/accessanalyzer/12.0/config/dellpowerscale/activity.md b/docs/accessanalyzer/12.0/config/dellpowerscale/activity.md new file mode 100644 index 0000000000..7082e66423 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellpowerscale/activity.md @@ -0,0 +1,134 @@ +# Dell Isilon/PowerScale Activity Auditing Configuration + +Dell Isilon/PowerScale can be configured to audit Server Message Block (SMB) and NFS protocol access +events on the Dell Isilon/PowerScale cluster. All audit data can be forwarded to the Dell Common +Event Enabler (CEE). The Activity Monitor listens for all events coming through the Dell CEE and +translates all relevant information into entries in the log files or syslog messages. + +Protocol auditing must be enabled and then configured on a per-access zone basis. For example, all +SMB protocol events on a particular access zone can be audited, while only attempts to delete files +on a different access zone can be audited. + +The audit events are logged and stored on the individual OneFS nodes where the SMB/NFS client +initiated the activity. The stored events are then forwarded by the node to the Dell CEE instance or +concurrently to several instances. At this point, Dell CEE forwards the audit event to a defined +endpoint, such as Activity Monitor agent. + +Complete the following checklist prior to configuring Activity Monitor to monitor the host. +Instructions for each item of the checklist are detailed within the following sections. + +Checklist Item 1: Plan Deployment + +- Prior to beginning the deployment, gather the following: + + - DNS name of Isilon/PowerScale CIFS share(s) to be monitored + - Access Zone(s) containing the CIFS shares to be monitored + - Account with access to the OneFS UI or CLI + - Download the Dell CEE from: + + - [https://www.dell.com/support/home/en-us/](https://www.dell.com/support/home/en-us/) + +**_RECOMMENDED:_** You can achieve higher throughput and fault tolerance by monitoring the +Isilon/PowerScale cluster with more than one pair of Dell CEE and Activity Monitor Agent. The +activity will be evenly distributed between the pairs. + +Checklist Item 2: [Install Dell CEE](/docs/accessanalyzer/12.0/config/dellpowerscale/installcee.md) + +- Dell CEE should be installed on a Windows or a Linux server. + + **_RECOMMENDED:_** Dell CEE can be installed on the same server as the Activity Agent, or on a + different Windows or Linux server. If CEE is installed on the same server, the Activity Agent + can configure it automatically. + +- Important: + + - Dell CEE 8.8 is the minimum supported version. It is recommended to use the latest available + version. + - Dell CEE requires .NET Framework 3.5 to be installed on the Windows server + +Checklist Item 3: Configure Auditing on the Dell Isilon/PowerScale Cluster + +- Select method: + + - **_RECOMMENDED:_** Allow the Activity Monitor to configure auditing automatically. + + - Automation completed while the Activity Monitor is configured to monitor the + Isilon/PowerScale device + - Automatically sets CEE Server with the IP Address of the server where CEE is installed + - Automatically sets Storage Cluster Name to exactly match the name known to the Activity + Monitor + - Choose between monitoring all Access Zones or scoping to specific Access Zones + + - [Manually Configure Auditing in OneFS](/docs/accessanalyzer/12.0/config/dellpowerscale/manualconfiguration.md) + + - After configuration, add the Isilon/PowerScale device to be monitored by the Activity + Monitor + +- Important: + + - Value of the **Storage Cluster Name** field must exactly match the name entered for the + monitored host in the Activity Monitor Console. If the Storage Cluster Name cannot be modified + (for example, another 3rd party depends on it), you need to set the Host Aliases parameter in + the Activity Monitor Console. Otherwise, if for some reason the Storage Cluster Name must be + left empty, one can list OneFS cluster node names in the Host Aliases. + + - If the Storage Cluster Name is not empty, set the Host Aliases parameter to its value + - If the Storage Cluster Name is empty, set the Host Aliases to a semicolon-separated list + of OneFS node names + + - Include all Access Zones to be monitored in the auditing configuration + - As soon as the first CEE is installed, Isilon/PowerScale will start to send all activity, + including all previous audit events, to the agent. The start time can be modified to exclude + previously recorded audit events to prevent the agent from becoming overloaded with data. It + can be done using OneFS CLI only with isi audit modify command to edit the start time. + + - Start time command: + + ``` + isi audit settings global modify --cee-log-time [Protocol@2021-04-23 14:00:00] + ``` + + - View progress: + + ``` + isi_for_array isi audit progress view + ``` + + - See the Audit log time adjustment section of the Dell + [File System Auditing with Dell PowerScale and Dell Common Event Enabler](https://www.dellemc.com/resources/en-us/asset/white-papers/products/storage/h12428-wp-best-practice-guide-isilon-file-system-auditing.pdf) + documentation for additional information. + +For automatic configuration, an account needs to be provisioned with the following privileges: + +Read-only Privileges + +- ISI_PRIV_LOGIN_PAPI +- ISI_PRIV_AUTH +- ISI_PRIV_SMB +- ISI_PRIV_NFS + +Read-Write Privilege + +- ISI_PRIV_AUDIT + +Privileges can be added to a role and then the role can be assigned to an account. Use the following +commands to create a role, add privileges, and assign the role to an account: + +``` +isi auth role create --name=activity_monitor +isi auth roles modify activity_monitor --add-priv-read="ISI_PRIV_LOGIN_PAPI,ISI_PRIV_AUTH,ISI_PRIV_SMB,ISI_PRIV_NFS" +isi auth roles modify activity_monitor --add-priv-write="ISI_PRIV_AUDIT" +isi auth roles modify activity_monitor --add-user="ACCOUNT_NAME" +``` + +Assigned privileges can be verified with the following command: + +``` +isi auth mapping token "ACCOUNT_NAME" +``` + +Another way to check the privileges is to use the **OneFS Web UI** in the **OneFS** > +**Membership** > **User Mapping** > **Test User Mapping** section. + +Checklist Item 4: Configure Dell CEE to Forward Events to the Activity Agent. See the +[Validate Setup](/docs/accessanalyzer/12.0/config/dellpowerscale/validate.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/config/dellpowerscale/installcee.md b/docs/accessanalyzer/12.0/config/dellpowerscale/installcee.md new file mode 100644 index 0000000000..0a3f846de3 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellpowerscale/installcee.md @@ -0,0 +1,67 @@ +# Install Dell CEE + +Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix +product. Dell customers have a support account with Dell to access the download. + +_Remember,_ the latest version is the recommended version of Dell CEE. + +**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity +Monitor agent will be deployed (recommended) or on any other Windows or Linux server. + +Follow the steps to install the Dell CEE. + +**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for +this component. It is recommended to use the most current version. + +**Step 2 –** Follow the instructions in the Dell +[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) +guide to install and configure the CEE. The installation will add two services to the machine: + +- EMC Checker Service (Display Name: EMC CAVA) +- EMC CEE Monitor (Display Name: EMC CEE Monitor) + +**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the +asynchronous bulk delivery (VCAPS) feature. + +After installation, open MS-RPC ports between the Dell device and the Dell CEE server. See the +[Dell CEE Debug Logs](validate.md#dell-cee-debug-logs) section for information on troubleshooting +issues related to Dell CEE. + +## Configure Dell Registry Key Settings + +There may be situations when Dell CEE needs to be installed on a different Windows server than the +one where the Activity Monitor activity agent is deployed. In those cases it is necessary to +manually set the Dell CEE registry key to forward events. + +**Step 1 –** Open the Registry Editor (run regedit). + +![registryeditor](/img/product_docs/activitymonitor/config/dellpowerstore/registryeditor.webp) + +**Step 2 –** Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration + +**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. + +**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value +window closes. + +**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. + +**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the +Windows proxy server hosting the Activity Monitor activity agent. Use the following format: + +StealthAUDIT@[IP ADDRESS] + +Examples: + +StealthAUDIT@192.168.30.15 + +**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. + +![services](/img/product_docs/activitymonitor/config/dellpowerstore/services.webp) + +**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. + +The Dell CEE registry key is now properly configured to forward event to the Activity Monitor +activity agent. diff --git a/docs/accessanalyzer/12.0/config/dellpowerscale/manualconfiguration.md b/docs/accessanalyzer/12.0/config/dellpowerscale/manualconfiguration.md new file mode 100644 index 0000000000..1e61850caf --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellpowerscale/manualconfiguration.md @@ -0,0 +1,74 @@ +# Manually Configure Auditing in OneFS + +Manual configuration for auditing is optional for newer versions as the Activity Agent can configure +the auditing automatically using the OneFS API. Follow the steps through the OneFS Storage +Administration Console. + +**Step 1 –** Navigate to the **Cluster Management** tab, and select **Auditing**. + +![settings](/img/product_docs/activitymonitor/config/dellpowerscale/settings.webp) + +**Step 2 –** In the Settings section, check the Enable Protocol Access Auditing box. + +**Step 3 –** In the Audited Zones section, add at least one zone to be audited. The **System** zone +is typically used. If the CIFS or NFS shares are accessible through different zones on the OneFS +cluster, include all relevant zones. + +Ensure that OneFS collects only events you are interested in. By default, OneFS may monitor things +like directory reads, which can take up a large amount of space. Configuring the OneFS events that +need monitoring is not done through the Activity Monitor console. Configure OneFS event monitoring +using OneFS CLI with the isi audit modify command for each access zone. Enabling monitoring for only +what is needed for the environment will reduce the data load to the agent. + +Activity Monitor monitors the following events: `close_file_modified`, `close_file_unmodified`, +`create_file`, `create_directory`, `delete_file`, `delete_directory`, `rename_file`, +`rename_directory`, `set_security_file`, `set_security_directory`, and `open_directory` (if you want +to monitor Directory List/Read events). + +For each monitored access zone: + +- Use isi audit settings view `isi --zone ZONENAME` to check current settings. +- Disable reporting of failure and syslog audit events with: + + isi audit settings modify --zone ZONENAME --clear-audit-failure --clear-syslog-audit-events + +- Set the success audit events with: + + isi audit settings modify --zone ZONENAME + --audit-success=close_file_modified,close_file_unmodified,create_file,create_directory,delete_file,delete_directory,rename_file,rename_directory,set_security_file,set_security_directory + +![eventforwarding](/img/product_docs/activitymonitor/config/dellpowerscale/eventforwarding.webp) + +**Step 4 –** In the Event Forwarding section, add the CEE Server URI value for the Windows or Linux +server hosting CEE. Use either of the following format: + +http://[IP ADDRESS]:[PORT]/cee + +http://[SERVER Name]:[PORT]/cee + +**_RECOMMENDED:_** When deploying multiple Dell CEE instances at scale, it is recommended that an +accommodating agent must be configured with each CEE instance. If multiple CEE instances send events +to just one agent, it may create an overflow of data and overload the agent. Distributing the +activity stream into pairs will be the most efficient way of monitoring large data sets at scale. + +**Step 5 –** Also in the Event Forwarding section, set the **Storage Cluster Name** value. It must +be an exact match to the name which is entered in the Activity Monitor for the **Monitored Host** +list. + +This name is used as a ‘tag’ on all events coming through the CEE. This name must exactly match what +is in the Activity Monitor or it does not recognize the events. + +**_RECOMMENDED:_** Use the CIFS DNS name for Dell OneFS. + +**NOTE:** To use the Activity Monitor with Access Analyzer for Activity Auditing (FSAC) scans, the +name entered here must exactly match what is used for Access Analyzer as a target host. + +If the Storage Cluster Name cannot be modified (for example, another third-party depends on it), you +need to set the Host Aliases parameter in the Activity Monitor Console: + +- If the Storage Cluster Name is not empty, set the Host Aliases parameter to its value +- If the Storage Cluster Name is empty, set the Host Aliases to a semicolon-separated list of OneFS + node names + +Next, it is time to configure the monitoring agent on the Windows server to monitor the +Isilon/PowerScale device. diff --git a/docs/accessanalyzer/12.0/config/dellpowerscale/overview.md b/docs/accessanalyzer/12.0/config/dellpowerscale/overview.md new file mode 100644 index 0000000000..c83568a2ca --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellpowerscale/overview.md @@ -0,0 +1,210 @@ +# Dell Isilon/PowerScale Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or +Sensitive Data Discovery Auditing scans on Dell Isilon/PowerScale devices. The Netwrix Activity +Monitor can be configured to monitor activity on Dell Isilon/PowerScale devices and make the event +data available for Access Analyzer Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Access Analyzer scans must have the following permissions on the target +host: + +- Group membership in the local Administrators group – LOCAL:System Provider +- Rights on the actual file tree or to the IFS root share + + - Share Permissions: + + - Read access + +These permissions grant the credential the ability to enumerate shares, access the remote registry, +and bypass NTFS security on folders. The credential used within the assigned Connection Profile for +these target hosts requires these permissions. See the topic for instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +Additional Sensitive Data Discovery Auditing Permission + +In order to execute scoped Sensitive Data Discovery Auditing scans, the credential must also have +the LOCAL:System provider selected in each access zone in which the shares to be scanned reside. + +The credential must have an Authentication Provider configured for the Isilon/PowerScale device. For +example, if the credential is an Active Directory account, then the domain where the account resides +must be an Active Directory Authentication Provider. This is configured in the OneFS® Storage +Administration Console. Navigate to the Access tab, and select Authentication Providers. + +## Local Administrator Group Membership for Isilon + +Follow the steps assign membership in the local Administrators group through the OneFS Storage +Administration Console. + +**Step 1 –** Navigate to the **Access** tab, and select **Membership & Roles** for the System Access +Zone. + +![Groups tab](/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/groupstab.webp) + +**Step 2 –** On the **Groups** tab, set the Providers to **LOCAL: System**. Then select **View / +Edit** for the Administrators group. The View Group Details window opens. + +![Edit Group window](/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/editgroup.webp) + +**Step 3 –** Click **Edit Group** and the Edit Group window opens. Click **Add Members**, and enter +the User Name and Provider in the Select a User window. Click **Select**, and then click **Save +Changes**. The Edit Group window closes. + +**Step 4 –** Click **Close**. The View Group Details window closes. + +Share permissions can now be granted to this credential. + +## BackupAdmin Role Assignment for OneFS + +Follow the steps to assign the credential to the **BackupAdmin** role through OneFS Storage +Administration Console. + +**Step 1 –** Navigate to the **Access** tab > **Membership & Roles** for the System Access Zone. + +![One FS Dashboard](/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/rolestab.webp) + +**Step 2 –** On the Roles tab, select **View / Edit** for the BackupAdmin role. The View Role +Details window opens. + +![One FS Role Details Window](/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/viewroledetails.webp) + +**Step 3 –** Click **Edit** role and the Edit role details window opens. + +**Step 4 –** Click **Add a member to this role**. + +**Step 5 –** Enter the **User Name** and **Provider** in the Select a User window then click Search. +The user appears in the Search Results table. + +**Step 6 –** Click **Select** and the Edit role window closes. + +**Step 7 –** Click **Save Changes** and the successful save notification appears. + +**Step 8 –** Click **Close**. + +The View role details window closes. + +## NFS Export Scan Requirements for Isilon/PowerScale + +Access Analyzer supports scanning Isilon/PowerScale NFSv3 exports. The following settings need to be +configured in OneFS for the Access Analyzer server's IP address for each Isilon/PowerScale NFS +export to be scanned. + +The Access Analyzer server IP needs to be added to the following fields in each NFS export's +settings, in the OneFS UI under **Protocols** > **UNIX sharing (NFS)** > **View/Edit** > **Edit +export** (per NFS export): + +- Always read-only clients +- Root Clients + +The NFS export to be scanned also needs to be configured so root squash is disabled, which is +performed in the same Edit export menu as the above settings. + +**Step 1 –** Navigate to the export's **Root user mapping** settings. + +**Step 2 –** Select **Map root users to a specified user**. + +**Step 3 –** Set both User and Group to **0** (effectively mapping root client UID/GID to 0). + +Both of these steps need to be performed in each NFS export's settings that a user would like to +scan. + +### Troubleshooting NFSv3 Export Access + +If Access Analyzer is not discovering the expected NFS export, it is possible that the export policy +is not properly configured to allow the Access Analyzer server or proxy server IP Address to mount +the NFS export. One step in troubleshooting this issue is to confirm a Unix client (or WSL for +Windows) in the same IP range as the Access Analyzer server or proxy server can mount the NFS +export. + +Run the following command from a Unix host to verify the NFS mount is available: + +``` +showmount ‑e[NFS_HOSTNAME_OR_IP] +``` + +If the NFS export is returned as a result of the previous command, then Access Analyzer should also +be able to mount it. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of Dell Isilon/PowerScale + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +Dell Isilon/PowerScale Requirements + +Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, +where the activity agent is deployed. + +**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. + +EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC +CEE service to start. + +See the [Dell Isilon/PowerScale Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/dellpowerscale/activity.md) topic for +instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Dell Isilon/PowerScale Devices + +The following firewall settings are required for communication between the CEE server/ Activity +Monitor Activity Agent server and the target Dell Isilon/PowerScale device: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | +| Dell Isilon/PowerScale to CEE Server | TCP | TCP 12228 | CEE Communication | +| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/dell-powerscale/validate.md b/docs/accessanalyzer/12.0/config/dellpowerscale/validate.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/dell-powerscale/validate.md rename to docs/accessanalyzer/12.0/config/dellpowerscale/validate.md diff --git a/docs/accessanalyzer/12.0/config/dellunity/access.md b/docs/accessanalyzer/12.0/config/dellunity/access.md new file mode 100644 index 0000000000..b7e3ed3fb0 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellunity/access.md @@ -0,0 +1,22 @@ +# Dell Unity Access & Sensitive Data Auditing Configuration + +This topic provides instructions for assigning group membership for Dell Unity devices. + +## Assign Group Membership for Dell Devices + +Follow the steps assign group membership through Computer Management. + +**Step 1 –** Open Computer Management (`compmgmt.msc`). + +**Step 2 –** Right-click on the Computer Management (local) node and select Connect to another +computer. + +**Step 3 –** Enter the name of the Dell device in the textbox and click OK. + +**Step 4 –** Navigate to the Local Users and Groups > Groups node for the device. + +**Step 5 –** Select the Backup Operators group and add the account being provisioned. + +**Step 6 –** Select the Power Users group and add the account being provisioned. + +The account has been provisioned for Access Auditing and Sensitive Data Discovery Auditing. diff --git a/docs/accessanalyzer/12.0/config/dellunity/activity.md b/docs/accessanalyzer/12.0/config/dellunity/activity.md new file mode 100644 index 0000000000..3d4f226473 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellunity/activity.md @@ -0,0 +1,67 @@ +# Dell Unity Activity Auditing Configuration + +A Dell Unity device can be configured to audit Server Message Block (SMB) protocol access events. +All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Netwrix Activity Monitor +listens for all events coming through the Dell CEE and translates all relevant information into +entries in the TSV files or syslog messages. + +If the service is turned off, a notification will be sent to the Dell CEE framework to turn off the +associated Activity Monitor filter, but the policy will not be removed. + +The Dell CEE Framework uses a “push” mechanism so a notification is sent only to the activity agent +when a transaction occurs. Daily activity log files are created only if activity is performed. No +activity log file is created if there is no activity for the day. + +Configuration Checklist + +Complete the following checklist prior to configuring activity monitoring of Dell Unity devices. +Instructions for each item of the checklist are detailed within the following topics. + +Checklist Item 1: Plan Deployment + +- Prior to beginning the deployment, gather the following: + + - Data Mover or Virtual Data Mover hosting the share(s) to be monitored + - Account with access to the CLI + - Download the Dell CEE from: + + - [http://support.emc.com](http://support.emc.com/) + +Checklist Item 2: [Install Dell CEE](/docs/accessanalyzer/12.0/config/dellunity/installcee.md) + +- Dell CEE should be installed on the Windows proxy server(s) where the Activity Monitor activity + agent will be deployed + + **_RECOMMENDED:_** The latest version of Dell CEE is the recommended version to use with the + asynchronous bulk delivery (VCAPS) feature. + +- Important: + + - Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE + is installed + - Dell CEE 8.4.2 through Dell CEE 8.6.1 are not supported for use with the VCAPS feature + - Dell CEE requires .NET Framework 3.5 to be installed on the Windows proxy server + +Checklist Item 3: Dell Unity Device Configuration + +- Configure initial setup for a Unity device + + - [Unity Initial Setup with Unisphere](/docs/accessanalyzer/12.0/config/dellunity/setupunisphere.md) + +Checklist Item 4: Activity Monitor Configuration + +- Deploy the Activity Monitor activity agent to a Windows proxy server where Dell CEE was installed + + - After activity agent deployment, configure the Dell CEE Options tab of the agent’s Properties + window within the Activity Monitor Console + + - Automatically sets the Dell registry key settings + +Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent + +**NOTE:** When Dell CEE is installed on Windows proxy server(s) where the Activity Monitor activity +agent will be deployed, the following steps are not needed. + +- Ensure the Dell CEE registry key has enabled set to 1 and has an EndPoint set to StealthAUDIT. +- Ensure the Dell CAVA service and the Dell CEE Monitor service are running. +- See the [Validate Setup](/docs/accessanalyzer/12.0/config/dellunity/validate.md) topic for instructions. diff --git a/docs/accessanalyzer/12.0/config/dellunity/installcee.md b/docs/accessanalyzer/12.0/config/dellunity/installcee.md new file mode 100644 index 0000000000..7454943874 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellunity/installcee.md @@ -0,0 +1,66 @@ +# Install Dell CEE + +Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix +product. Dell customers have a support account with Dell to access the download. + +_Remember,_ the latest version is the recommended version of Dell CEE. + +**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity +Monitor agent will be deployed (recommended) or on any other Windows or Linux server. + +Follow the steps to install the Dell CEE. + +**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for +this component. It is recommended to use the most current version. + +**Step 2 –** Follow the instructions in the Dell +[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) +guide to install and configure the CEE. The installation will add two services to the machine: + +- EMC Checker Service (Display Name: EMC CAVA) +- EMC CEE Monitor (Display Name: EMC CEE Monitor) + +**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the +asynchronous bulk delivery (VCAPS) feature. + +After Dell CEE installation is complete, it is necessary to complete the +[Unity Initial Setup with Unisphere](/docs/accessanalyzer/12.0/config/dellunity/setupunisphere.md). + +## Configure Dell Registry Key Settings + +There may be situations when Dell CEE needs to be installed on a different Windows server than the +one where the Activity Monitor activity agent is deployed. In those cases it is necessary to +manually set the Dell CEE registry key to forward events. + +**Step 1 –** Open the Registry Editor (run regedit). + +![registryeditor](/img/product_docs/activitymonitor/config/dellpowerstore/registryeditor.webp) + +**Step 2 –** Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration + +**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. + +**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value +window closes. + +**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. + +**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the +Windows proxy server hosting the Activity Monitor activity agent. Use the following format: + +StealthAUDIT@[IP ADDRESS] + +Examples: + +StealthAUDIT@192.168.30.15 + +**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. + +![services](/img/product_docs/activitymonitor/config/dellpowerstore/services.webp) + +**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. + +The Dell CEE registry key is now properly configured to forward event to the Activity Monitor +activity agent. diff --git a/docs/accessanalyzer/12.0/config/dellunity/overview.md b/docs/accessanalyzer/12.0/config/dellunity/overview.md new file mode 100644 index 0000000000..93bb001984 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellunity/overview.md @@ -0,0 +1,114 @@ +# Dell Unity Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or +Sensitive Data Discovery Auditing scans on Dell Unity devices. The Netwrix Activity Monitor can be +configured to monitor activity on Dell Unity devices and make the event data available for Access +Analyzer Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Access Analyzer scans must have the following permissions on the target +host: + +- Group membership in both of the following groups: + + - Power Users + - Backup Operators + +These permissions grant the credential the ability to enumerate shares, access the remote registry, +and bypass NTFS security on folders. The credential used within the assigned Connection Profile for +these target hosts requires these permissions. See the +[Dell Unity Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/dellunity/access.md) topic for instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +Troubleshooting Dell Unity Denied Access Errors + +If there are folders to which the credential is denied access, it is likely that the Backup +Operators group does not have the “Back up files and directories” right. In that case, it is +necessary to assign additional the “Back up files and directories” right to those groups or to +create a new local group, using Computer Management from a Windows server. Then assign rights to it +using the CelerraManagementTool.msc plugin, which is available to Dell customers. For further +information, see the Celerra guide Using Windows Administrative Tools on VNX found on the Celerra +website. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of Dell Unity + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +Dell Unity Requirements + +Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, +where the activity agent is deployed. + +**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. + +EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC +CEE service to start. + +See the [Dell Unity Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/dellunity/activity.md) topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Dell Unity Devices + +The following firewall settings are required for communication between the CEE server/ Activity +Monitor Activity Agent server and the target Dell device: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | +| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | +| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/config/dellunity/setupunisphere.md b/docs/accessanalyzer/12.0/config/dellunity/setupunisphere.md new file mode 100644 index 0000000000..4f6c53a7c7 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellunity/setupunisphere.md @@ -0,0 +1,27 @@ +# Unity Initial Setup with Unisphere + +Follow the steps to configure the initial setup for a Unity device with Unisphere. + +**Step 1 –** Edit the NAS Server > Protection and Events > Events Publishing > Select Pool settings: + +- Add CEPA server – This is the server where CEE is installed. It is recommended that this is also + the server were the Activity Monitor activity agent is deployed. +- Enable the following events for Post Events. + +Required Unity events needed for CIFS Activity: + +![NAM Required Events For CIFS](/img/product_docs/activitymonitor/config/dellunity/eventscifs.webp) + +Required Unity events needed for NFS Activity: + +![NAM Required Events For NFS](/img/product_docs/activitymonitor/config/dellunity/eventsnfs.webp) + +**Step 2 –** Enable Events Publishing: + +- Edit the FileSystem > Advanced settings: + + - NFS Events Publishing – Enabled (required for NFS protocol monitoring) + - SMB Events publishing – Enabled (required for SMB / CIFS protocol monitoring) + +Once Unity setup is complete, it is time to configure and enable monitoring with the Activity +Monitor. diff --git a/docs/accessanalyzer/12.0/config/dellunity/validate.md b/docs/accessanalyzer/12.0/config/dellunity/validate.md new file mode 100644 index 0000000000..ab3dc81383 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/dellunity/validate.md @@ -0,0 +1,136 @@ +# Validate Setup + +Once the Activity Monitor agent is configured to monitor the Dell device, the automated +configuration must be validated to ensure events are being monitored. + +## Validate CEE Registry Key Settings + +**NOTE:** See the +[Configure Dell Registry Key Settings](/docs/accessanalyzer/12.0/config/dellcelerravnx/installcee.md#configure-dell-registry-key-settings) +topic for information on manually setting the registry key. + +After the Activity Monitor activity agent has been configured to monitor the Dell device, it will +configure the Dell CEE automatically if it is installed on the same server as the agent. This needs +to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on +a different server than the Windows proxy server(s) where the Activity Monitor activity agent is +deployed. + +If the monitoring agent is not registering events, validate that the EndPoint is accurately set. +Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the +following steps. + +**Step 1 –** Navigate to the following windows registry key: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration + +![registryeditorendpoint](/img/product_docs/activitymonitor/config/dellunity/registryeditorendpoint.webp) + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` + +- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` + +**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. + +**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. + +For Asynchronous Bulk Delivery Mode + +For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events +(VCAPS), use the following steps. + +**Step 1 –** Navigate to the following windows registry key: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` +- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` + +**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. + +**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the +MaxEventsPerFeed - between 10 and 10000. + +**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. + +Set the following values under the Data column: + +- Enabled – 1 +- EndPoint – StealthAUDIT + +If this is configured correctly, validate that the Dell CEE services are running. See the +[Validate Dell CEE Services are Running](#validate-dell-cee-services-are-running) topic for +additional information. + +## Validate Dell CEE Services are Running + +After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell +CEE services should be running. If the Activity Agent is not registering events and the EndPoint is +set accurately, validate that the Dell CEE services are running. Open the Services (run +`services.msc`). + +![services](/img/product_docs/activitymonitor/config/dellpowerstore/services.webp) + +The following services laid down by the Dell CEE installer should have Running as their status: + +- Dell CAVA +- Dell CEE Monitor + +## CEE Debug Logs + +If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs +need to be enabled for troubleshooting purposes. Follow the steps. + +**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right +corner to Trace. + +**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list +and Disable monitoring. + +**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: + +> [http://docs.microsoft.com/en-us/sysinternals/downloads/debugview](http://docs.microsoft.com/en-us/sysinternals/downloads/debugview) + +**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: + +HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration + +**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the +Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +**NOTE:** If the Debug DWORD Value does not exist, it needs to be added. + +**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In +the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +**NOTE:** If the Verbose DWORD Value does not exist, it needs to be added. + +**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: + +- Capture Win32 +- Capture Global Win32 +- Capture Events + +**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list +and Enable monitoring. + +**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. + +**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): + +- Debug View Log (from Dell Debug View tool) +- Use the **Collect Logs** button to collect debug logs from the activity agent + +**_RECOMMENDED:_** After the logs have been gathered and sent to Netwrix Support, reset these +configurations. diff --git a/docs/accessanalyzer/12.0/config/entraid/access.md b/docs/accessanalyzer/12.0/config/entraid/access.md new file mode 100644 index 0000000000..dec6b93a7f --- /dev/null +++ b/docs/accessanalyzer/12.0/config/entraid/access.md @@ -0,0 +1,210 @@ +# Microsoft Entra ID Auditing Configuration + +The Access Analyzer for Entra ID Solution provides the ability to audit Microsoft Entra ID, formerly +Azure Active Directory. It scans: + +- Microsoft Entra ID (formerly Azure AD) + +**NOTE:** A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. + +Data Collector + +- [AzureADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/overview.md) + +Configuration Settings from the Registered Application + +The following settings are needed from your tenant once you have registered the application: + +- Client ID – This is the Application (client) ID for the registered application +- Key – This is the Client Secret Value generated when a new secret is created + + **CAUTION:** It is not possible to retrieve the value after saving the new key. It must be + copied first. + +**NOTE:** In order to add custom attributes, you will also need to know the Tenant name of the Entra +ID environment. + +## Permissions + +The following permissions are required: + +- Microsoft Graph API + + - Application Permissions: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + + - Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +- Access URLs + + - https://login.windows.net + - https://graph.windows.net + - https://login.microsoftonline.com + - https://graph.microsoft.com + + - All sub-directories of the access URLs listed + +## Register a Microsoft Entra ID Application + +Follow the steps to register Access Analyzer with Microsoft Entra ID. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Access Analyzer + (formerly Enterprise Auditor) Entra ID +- Supported account types – Select **Accounts in this organizational directory only** + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Grant Permissions to the Registered Application + +Follow the steps to grant permissions to the registered application. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs +tab. Select the following permissions: + +- Under Application Permissions, select: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + +- Under Delegated Permissions, select: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the Connection Profile and host settings for +Access Analyzer need to be collected. + +**NOTE:** Additional permissions need to be configured to collect Microsoft Entra roles information. +See the +[Microsoft Entra Roles Auditing Configuration](/docs/accessanalyzer/12.0/requirements/solutions/entraid/entraroles.md) +topic for additional information. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This Application (client) ID value is needed for the Access Analyzer Connection Profile and the +Custom Attributes page of the AzureADInventory Data Collector. See the +[Azure Active Directory for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/entraid.md) +topic and the +[AzureADInventory: Custom Attributes](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributes.md) +topic for additional information. Next generate the application’s Client Secret Key. + +## Generate the Client Secret Key + +Follow the steps to find the registered application's Client Secret, create a new key, and save its +value when saving the new key. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**CAUTION:** It is not possible to retrieve the value after saving the new key. It must be copied +first. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** In the top toolbar, click **New client secret**. + +**Step 4 –** On the Add a client secret blade, complete the following: + +- Description – Enter a unique description for this secret +- Expires – Select the duration. + + **NOTE:** Setting the duration on the key to expire requires reconfiguration at the time of + expiration. It is best to configure it to expire in 1 or 2 years. + +**Step 5 –** Click **Add** to generate the key. + +**CAUTION:** If this page is left before the key is copied, then the key is not retrievable, and +this process will have to be repeated. + +**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the +Copy to clipboard button to copy the Client Secret. + +**Step 7 –** Save this value in a text file. + +This Client Secret value is needed for the Access Analyzer Connection Profile and the Custom +Attributes page of the AzureADInventory Data Collector. See the +[Azure Active Directory for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/entraid.md) +topic and the +[AzureADInventory: Custom Attributes](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributes.md) +topic for additional information. + +## Identify the Tenant Name + +Follow the steps to find the Tenant Name where the registered application resides. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Settings** and click **Domain +names** to open the Custom domain names list. + +**Step 3 –** Copy the domain name from the list of domains. + +**Step 4 –** Save this value in a text file. + +This is needed for the Host List and the Custom Attributes page of the AzureADInventory Data +Collector. See the +[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/configurejob.md) +and [AzureADInventory: Custom Attributes](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributes.md) +topics for additional information. diff --git a/docs/accessanalyzer/12.0/config/entraid/overview.md b/docs/accessanalyzer/12.0/config/entraid/overview.md new file mode 100644 index 0000000000..21b54fe91b --- /dev/null +++ b/docs/accessanalyzer/12.0/config/entraid/overview.md @@ -0,0 +1,29 @@ +# Microsoft Entra ID Tenant Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute scans on Microsoft Entra ID, +formerly Azure Active Directory. + +## Auditing Permissions + +It is necessary to register Access Analyzer as a web application to the targeted Microsoft Entra ID +in order for Access Analyzer to scan the environment. This generates the Client ID (App ID) and Key +(App Key) needed for the Connection Profile credentials and the Custom Attributes Import Wizard +page. + +See the [Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/12.0/config/entraid/access.md) topic for additional information. + +## Entra Roles Permissions + +To collect Microsoft Entra roles information from the Microsoft Entra tenant additional permissions +are required to be assigned to the registered application. This includes creating a custom role with +the required resource manager permissions. + +See the +[Microsoft Entra Roles Auditing Configuration](/docs/accessanalyzer/12.0/requirements/solutions/entraid/entraroles.md) +topic for additional information. + +## Auditing Port Requirements + +The following firewall ports are needed by the AzureADInventory and Entra Data Collectors: + +- TCP 80 and 443 diff --git a/docs/accessanalyzer/12.0/config/exchangeonline/access.md b/docs/accessanalyzer/12.0/config/exchangeonline/access.md new file mode 100644 index 0000000000..01dc3e86be --- /dev/null +++ b/docs/accessanalyzer/12.0/config/exchangeonline/access.md @@ -0,0 +1,282 @@ +# Exchange Online Auditing Configuration + +It is necessary to register Access Analyzer as a web application to the targeted Microsoft Entra ID, +formerly Azure Active Directory, in order for Access Analyzer to scan the environment. This +generates the Client ID (App ID) and self-signed certificate (Certificate Thumbprint) needed for the +Connection Profile credentials and/or the Custom Attributes Import Wizard page. See +[Microsoft Support](https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-api-prerequisites-azure-portal) +for assistance in configuring the Microsoft Entra ID web application. + +**NOTE:** A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. + +Configuration Settings from the Registered Application + +The following settings are needed from your tenant once you have registered the application: + +- Client ID – This is the Application (client) ID for the registered application +- Tenant name – This is the primary domain name of the Microsoft Entra tenant +- Certificate Thumbprint – This is thumbprint value of the certificate uploaded to the Microsoft + Entra ID application + +Configure Modern Authentication for Exchange Online using EX_RegisterAzureAppAuth Instant Job + +Registering a Microsoft Entra ID application and provisioning it to grant permissions to Exchange +Online can be automated using the EX_RegisterAzureAppAuth job from the Access Analyzer Instant Job +Library. The EX_RegisterAzureAppAuth job uses the PowerShell Data Collector to automatically +configure modern authentication for Exchange Online. It requires: + +- A Connection Profile containing a Microsoft Entra ID Global Admin credential with an Account Type + of **Task (Local)** +- Exchange Online Management v3.4.0 + + - You can install this module with the following command: + + ``` + Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 + ``` + +- Azure AD PowerShell module installed on targeted hosts + + **NOTE:** If the module is not already installed, the job will attempt to install it. + + - You can install the module with the following command: + + ``` + Install-Module AzureAD + ``` + + - TLS 1.2 is required for the Azure AD PowerShell module. Run the following command to configure + it: + + ``` + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + ``` + +- Microsoft Graph PowerShell module installed on targeted hosts + + - You can install the module with the following command: + + ``` + Install-Module Microsoft.Graph + ``` + +See the +[EX_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/ex_registerazureappauth.md) +topic for additional information. + +## Prerequisites + +The following prerequisites are required to use Modern Authentication for Exchange Online in Access +Analyzer. + +- Exchange Online Management v3.4.0 + + - You can install this module with the following command: + + ``` + Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 + ``` + +- Create a self-signed certificate that will be used by Access Analyzer for Modern Authentication + +## Permissions + +The following permissions are required: + +Permissions for Office 365 Exchange Online + +- Application Permissions: + + - Exchange.ManageAsApp – Manage Exchange As Application + - full_access_as_app – Use Exchange Web Services with full access to all mailboxes + +- Exchange Administrator role assigned to the registered application's service principal + +## Create Self–Signed Certificate + +A self signed certificate needs to be created on the Access Analyzer console server. This is used by +Access Analyzer to connect to the Microsoft Entra tenant. + +Follow the steps create the self-signed certificate. + +**Step 1 –** To generate a certificate, use the sample PowerShell command below: + +- Change the following parameters in the sample PowerShell command. See the Microsoft + [New-SelfSignedCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate) + article for additional information. + + - DNS Name – Specifies a DNS name to put into the subject alternative name extension of the + certificate + - Subject – A unique name for the new App (always starts with CN=, to denote a canonical name) + - FriendlyName – Same as Subject name minus the canonical name prefix + - NotAfter – A datetime string denoting the certificate's expiration date - in the above sample, + Get-Date.AddYears(11) specifies that the certificate will expire 11 years from the current + datetime + +Example PowerShell: + +``` +$cert=New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My -DnsName stealthbits.com -Subject "CN=NEA Exchange Online" -FriendlyName "NEA Exchange Online" -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddYears(11) +``` + +**Step 2 –** Export the certificate public key as a .cer file to the PrivateAssemblies folder in +Access Analyzer with the Export–Certificate cmdlet using the certificate path stored in the +$certPath variable (see Step 1). + +**NOTE:** The environment variable `SAINSTALLDIR` always points to the base Access Analyzer install +directory; simply append the PrivateAssemblies to point to that folder with the following cmdlet: + +``` +Export-Certificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\exchange_cert.cer" -Type CERT +``` + +- See the Microsoft + [Export-Certificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-certificate) + article for additional information. + +**Step 3 –** Export the certificate private key as a .pfx file to the same folder by running the +following cmdlet: + +**_RECOMMENDED:_** Change the string in the Password parameter from "PasswordGoesHere" to something +more secure before running this cmdlet. + +``` +Export-PfxCertificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\exchange_cert.pfx" -Password (ConvertTo-SecureString -String "PasswordGoesHere" -Force -AsPlainText) +``` + +- See the Microsoft + [Export-PfxCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-pfxcertificate) + article for additional information. + +The self signed certificate has been created. The next steps are to create a Microsoft Entra ID +application and then upload this certificate to it. + +## Register a Microsoft Entra ID Application + +Follow the steps to register Access Analyzer with Microsoft Entra ID. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Access Analyzer + (formerly Enterprise Auditor) for Exchange +- Supported account types – Select **Accounts in this organizational directory only** + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Upload Self-Signed Certificate + +Follow the steps upload your self-signed certificate. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** Select the Certificates tab. + +**Step 4 –** In the tool bar, click **Upload Certificate**. + +**Step 5 –** Navigate to the to PrivateAssemblies folder and select the `exchange_cert.cer` file. +Optionally add a Description. + +**Step 6 –** Click **Add**. + +The Certificate Thumbprint of this uploaded certificate is needed for the Access Analyzer Connection +Profile. See the +[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/exchangemodernauth.md) +topic for additional information. + +## Grant Permissions to the Registered Application + +Follow the steps to grant permissions to the registered application. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, use the search bar on the APIs my organization +uses tab to find and select Office 365 Exchange Online. Select the following permissions: + +- Application Permissions: + + - Exchange.ManageAsApp – Manage Exchange As Application + - full_access_as_app – Use Exchange Web Services with full access to all mailboxes + +- Exchange Administrator role assigned to the registered application's service principal + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the Connection Profile and host settings for +Access Analyzer need to be collected. + +## Identify the Tenant's Name + +Follow the steps to find the Tenant Name where the registered application resides. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Settings** and click **Domain +names** to open the Custom domain names list. + +**Step 3 –** Copy the domain name from the list of domains. + +**Step 4 –** Save this value in a text file. + +This is needed for the Access Analyzer Connection Profile. See the +[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/exchangemodernauth.md) +topic for additional information. Next identify the application’s Client ID. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This is needed for the Access Analyzer Connection Profile. See the +[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/exchangemodernauth.md) +topic for additional information. diff --git a/docs/accessanalyzer/12.0/config/hitachi/activity.md b/docs/accessanalyzer/12.0/config/hitachi/activity.md new file mode 100644 index 0000000000..d1c6d073cd --- /dev/null +++ b/docs/accessanalyzer/12.0/config/hitachi/activity.md @@ -0,0 +1,52 @@ +# Hitachi Activity Auditing Configuration + +The Hitachi NAS (HNAS) server can host multiple Enterprise Virtual Servers (EVS). Each EVS has +multiple file systems. Auditing is enabled and configured per file system. This guide explains how +to enable auditing on an HNAS and to configure the Activity Monitor to monitor activity coming from +the Hitachi device auditing. + +The Activity Monitor does not use the EVS or file system name to connect to HNAS. Therefore, all +that is required of the user for HNAS activity collection is the following: + +- Logs path (UNC) + + - Active Log file name – Active Log File name needs with an `.evt` extension, and it should be + the same as in the HNAS configuration. This is usually `audit.evt`. + +- Credentials to access the HNAS log files + + - The only requirement for the credentials is the ability to read files from the `logs` + directory. + +- A polling interval between log collections (15 seconds by default) + + - The Activity Monitor minimizes IO by remembering a file offset where it stopped reading and + continuing from that offset next time. + +**CAUTION:** The following disclaimer is provided by Hitachi: + +“Because CIFS defines open and close operations, auditing file system object access performed by +clients using other protocols would be costly in terms of system performance, because each I/O +operation would have to be audited as an open operation. **Therefore, when file system auditing is +enabled, by default, only clients connecting through the CIFS protocol are allowed access to the +file system.** Access by clients using other protocols, like NFS, can, however, be allowed. When +such access is allowed, access to file system objects through these protocols is not audited.” + +**NOTE:** File system auditing can be configured to deny access to clients connecting with protocols +that cannot be audited (NFS). Please see the Hitachi +[Server and Cluster Administration Guide](https://support.hds.com/download/epcra/hnas0106.pdf) for +additional information. + +Configuration Checklist + +Complete the following checklist prior to configuring activity monitoring of Hitachi devices. +Instructions for each item of the checklist are detailed within the following topics. + +Checklist Item 1: [Configure Audit Logs on HNAS](/docs/accessanalyzer/12.0/config/hitachi/configurelogs.md) + +Checklist Item 2: +[Configure Access to HNAS Audit Logs on Activity Agent Server](/docs/accessanalyzer/12.0/config/hitachi/configureaccesstologs.md) + +Checklist Item 3: Activity Monitor Configuration + +- Deploy the Activity Monitor Activity Agent to a Windows proxy server diff --git a/docs/accessanalyzer/12.0/config/hitachi/configureaccesstologs.md b/docs/accessanalyzer/12.0/config/hitachi/configureaccesstologs.md new file mode 100644 index 0000000000..1e7d596869 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/hitachi/configureaccesstologs.md @@ -0,0 +1,24 @@ +# Configure Access to HNAS Audit Logs on Activity Agent Server + +Follow the steps to configure access to the HNAS audit logs on the Windows server hosting the +Activity Monitor activity agent. + +**Step 1 –** On the Windows computer, go to Run and type `compmgmt.msc`. + +**Step 2 –** In the right-hand panel, select More Actions > Connect to another computer. + +**Step 3 –** In the Select Computer dialog box, enter the IP Address for EVS for HNAS and then click +OK. + +**Step 4 –** In the Computer Management window, go to Computer Management > System tools > Shared +Folders > Shares. + +**Step 5 –** Select the Security tab and click Advanced. + +**Step 6 –** In the Advanced Security Settings dialog box, select the Audit tab. Click Add or Edit +to select the users and groups to be audited and add the desired user or group. + +**Step 7 –** Select All for Type, and Full Control for Basic permissions. + +Once access has been configured on both the Hitachi device and the Activity Agent server, it is time +to configure and enable monitoring with the Activity Monitor Console. diff --git a/docs/accessanalyzer/12.0/config/hitachi/configurelogs.md b/docs/accessanalyzer/12.0/config/hitachi/configurelogs.md new file mode 100644 index 0000000000..be826a50dc --- /dev/null +++ b/docs/accessanalyzer/12.0/config/hitachi/configurelogs.md @@ -0,0 +1,33 @@ +# Configure Audit Logs on HNAS + +Follow the steps to configure access to the HNAS audit logs on the Hitachi device. + +**Step 1 –** Open a browser and enter the IP Address for HNAS in the address bar to launch the +Hitachi Storage Navigator (SN). Enter the username and password. + +**Step 2 –** At the Storage Navigator home page, click File Services. + +**Step 3 –** On the File Services screen, click Enable File Service. + +**Step 4 –** On the Enable File Services screen, verify that the CIFS/Windows service is selected. + +**Step 5 –** On the File Services screen, click File System Security. + +**Step 6 –** Click Switch Mode and set the default file system security mode to Mixed (Windows and +UNIX) for all virtual file systems. + +**Step 7 –** Configure the Hitachi NAS Platform audit policy by returning to the File Services page. + +**Step 8 –** Click File System Audit Policies. + +**Step 9 –** Select the correct EVS and click details for the file system to enable auditing. + +**Step 10 –** In the Access via Unsupported Protocols section, select Allow Access (without +auditing). In the Audit Log section, set the maximum log file size to a value of at least 8 MB. It +is recommended to set it to 16 MB. In the Log roll over policy section, select New. The product does +not support the Wrap policy. Click OK to close. + +Once access has been configured on the Hitachi device, it is necessary to configure access to the +HNAS audit logs on the Windows server. See the +[Configure Access to HNAS Audit Logs on Activity Agent Server](/docs/accessanalyzer/12.0/config/hitachi/configureaccesstologs.md) topic for +additional information. diff --git a/docs/accessanalyzer/12.0/config/hitachi/overview.md b/docs/accessanalyzer/12.0/config/hitachi/overview.md new file mode 100644 index 0000000000..54bd396e08 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/hitachi/overview.md @@ -0,0 +1,92 @@ +# Hitachi Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or +Sensitive Data Discovery Auditing scans on Hitachi devices. The Netwrix Activity Monitor can be +configured to monitor activity on Hitachi devices and make the event data available for Access +Analyzer Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Access Analyzer scans must have the following permissions on the target +host: + +- Group membership in the Backup Operators local group + +This permission grants the credential read access to all target folders and files. The credential +used within the assigned Connection Profile for these target hosts requires these permissions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of Hitachi + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +Hitachi Requirements + +A Hitachi device can host multiple Enterprise Virtual Servers (EVS). Each EVS has multiple file +systems. Auditing is enabled and configured per file system. HNAS generates the audit log files in +[EVT format](https://technet.microsoft.com/en-us/sysinternals/bb309026) (a standard event log format +in Windows XP/2003 and earlier). Hitachi stores the generated audit logs in a user specified +location on the file system. The activity agent deployed on the Windows proxy server accesses this +location to collect the audit log files as they are generated. The credential used to monitor +activity must be provisioned with: + +- Capability of enabling a File System Audit Policy on the Hitachi device +- Audit rights to the Hitachi log directory + +See the [Hitachi Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/hitachi/activity.md) topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/nasuni/access.md b/docs/accessanalyzer/12.0/config/nasuni/access.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/nasuni/access.md rename to docs/accessanalyzer/12.0/config/nasuni/access.md diff --git a/docs/accessanalyzer/12.0/config/nasuni/activity.md b/docs/accessanalyzer/12.0/config/nasuni/activity.md new file mode 100644 index 0000000000..381e5979ac --- /dev/null +++ b/docs/accessanalyzer/12.0/config/nasuni/activity.md @@ -0,0 +1,68 @@ +# Nasuni Edge Appliance Activity Auditing Configuration + +Generation of an API Access Key is required for Nasuni activity monitoring. The Nasuni Edge +Appliance generates its own audit trail. An API Access Key is used by the Activity Monitor to form a +network connection to the appliance. Nasuni will then stream event data to the activity agent. See +[Nasuni Support Documentation](https://www.nasuni.com/support/) for additional information. + +Configuration Checklist + +Complete the following checklist prior to configuring activity monitoring of Nasuni Edge Appliances. +Instructions for each item of the checklist are detailed within the following topics. + +Checklist Item 1: Generate Nasuni API Access Key + +- Generate an API Access Key for each Nasuni Edge Appliance to be monitored through one of the + following: + + - Nasuni Filer Management Interface + - Nasuni Management Console + +Checklist Item 2: Activity Monitor Configuration + +- Deploy the Activity Monitor activity agent to a Windows proxy server + +## Nasuni Filer Management Interface + +Follow the steps to generate a Nasuni API Access Key in the Nasuni Filer Management Interface. + +**Step 1 –** Within the **Configuration** menu, under **USERS & SECURITY**, select API Access Keys. +The API Access Keys page opens. + +**Step 2 –** Click Add API Key button. The Add API Key window opens. + +**Step 3 –** Enter a Name for thekey; for example, the name of the application. + +**Step 4 –** Click Create Key. + +**Step 5 –** In the Successfully Generated API Key window, copy the Key Passcode. + +Both the Key Name and the Key Passcode are required by the Activity Monitor in order to connect to +the Nasuni Edge Appliance. Once the API Key has been generated, it is time to configure and enable +monitoring with the Activity Monitor console. + +**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in +the exact same case as generated. + +## Nasuni Management Console + +Follow the steps to generate a Nasuni API Access Key in the Nasuni Management Console. + +**Step 1 –** Click Filers and select API Keys from the menu on the left. The Filer API Access Key +Settings page opens. + +**Step 2 –** Click New API Key button. The Add API Access Key window opens. + +**Step 3 –** From the Filer drop-down menu, select the desired Nasuni Edge Appliance. Then enter a +Name for the key; for example, the name of the application. + +**Step 4 –** Click Add API Key. + +**Step 5 –** A message appears which includes the Key Passcode; copy the Key Passcode. + +Both the Key Name and the Key Passcode are required by the Activity Monitor in order to connect to +the Nasuni Edge Appliance. Once the API Key has been generated, it is time to configure and enable +monitoring with the Activity Monitor console. + +**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in +the exact same case as generated. diff --git a/docs/accessanalyzer/12.0/config/nasuni/overview.md b/docs/accessanalyzer/12.0/config/nasuni/overview.md new file mode 100644 index 0000000000..90c1ccda8a --- /dev/null +++ b/docs/accessanalyzer/12.0/config/nasuni/overview.md @@ -0,0 +1,95 @@ +# Nasuni Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or +Sensitive Data Discovery Auditing scans on on-premise Nasuni Edge Appliances. The Netwrix Activity +Monitor can be configured to monitor activity on on-premise Nasuni Edge Appliances and make the +event data available for Access Analyzer Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Access Analyzer scans must have the following permissions on the target +host: + +- Group membership in the local Administrators group + +This is in addition to the API Key Name and Passcode which must be generated for each on-premise +Nasuni Edge Appliance and cloud filer. The credential used within the assigned Connection Profile +for these target hosts requires these permissions. See the +[Nasuni Edge Appliance Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/nasuni/access.md) topic for +instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of Nasuni Edge Appliance + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +Nasuni Edge Appliance Requirements + +Additionally, it is necessary to generate an API Access Key for Nasuni activity monitoring. See the +[Nasuni Edge Appliance Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/nasuni/activity.md) topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Nasuni Edge Appliance + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target Nasuni Edge Appliance: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | ------------- | ----- | ---------------------- | +| Agent Server to Nasuni | HTTPS | 8443 | Nasuni API calls | +| Nasuni to Activity Agent Server | AMQP over TCP | 5671 | Nasuni event reporting | + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/config/netapp7mode/access.md b/docs/accessanalyzer/12.0/config/netapp7mode/access.md new file mode 100644 index 0000000000..5664691509 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netapp7mode/access.md @@ -0,0 +1,55 @@ +# NetApp Data ONTAP 7-Mode Access & Sensitive Data Auditing Configuration + +This topic provides instructions for configuring API calls and bypassing NTFS security for NetApp +Data ONTAP 7-Mode devices. + +## Share Enumeration – API Calls for 7-Mode + +To enumerate the shares on a NetApp Data ONTAP 7-Mode device, File System scans require a credential +provisioned with access to (at minimum) the following API calls: + +``` +login-http-admin +api-system-api-list +api-system-get-version +api-cifs-share-list-iter-* +``` + +If the query configuration option to “Exclude system shares” is deselected, the credential must also +have the ability to run the following command, which is also configuration-specific: + +``` +api-volume-list-info-iter-* +``` + +## Bypass NTFS Security for 7-Mode + +In order to bypass NTFS, the credential needs to at least have the following permissions on the +NetApp device: + +- Group membership in both of the following groups: + + - Power Users + - Backup Operators + +If the query configuration option to “Exclude system shares” is deselected, the credential must +have: + +- Group membership in the local Administrators group + +**NOTE:** All NetApp groups are assigned an RID. Built-in NetApp groups such as Power Users and +Backup Operators are assigned specific RID values. On 7-Mode NetApp devices, system access checks +for a group are identified by the RID assigned to the group and not by the role it has. Therefore, +application’s ability to bypass access checks with the Power Users and Backup Operators group has +nothing to do with the power role or the backup role. Neither role is required. For example, the +built-in Power User group, even when stripped of all roles, still has more file system access +capabilities than any other non-built-in group. + +If only running the Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, proceed +to the [Provision Account](/docs/accessanalyzer/12.0/config/netapp7mode/provisionaccess.md) topic for instructions. If also running Activity +Auditing (FSAC) scan, then the FPolicy Account Provisioned for the Netwrix Activity Monitor will +meet the needs of the Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans. Proceed +to the [NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/netapp7mode/activity.md) topic for +instructions. + +This credential is used within the Connection Profile assigned to the File System scans. diff --git a/docs/accessanalyzer/12.0/config/netapp7mode/activity.md b/docs/accessanalyzer/12.0/config/netapp7mode/activity.md new file mode 100644 index 0000000000..f9ff5a5099 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netapp7mode/activity.md @@ -0,0 +1,96 @@ +# NetApp Data ONTAP 7-Mode Activity Auditing Configuration + +The Activity Monitor agent employed to monitor NetApp leverages 128-bit encrypted Remote Procedure +Calls (RPC), NetApp ONTAP-API, and NetApp FPolicy to monitor file system events. This includes both +NetApp 7-Mode and Cluster-Mode configurations. To learn more about FPolicy please visit the NetApp +website and read the +[What FPolicy is](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-54FE1A84-6CF0-447E-9AAE-F43B61CA2138.html) +article. + +If the activity agent is stopped, a notification will be sent to the NetApp device to disconnect and +disable the associated FPolicy policy, but it will not be removed. + +If the network connection is lost between the activity agent and the NetApp device, the NetApp +device is configured with a default timeout to wait for a response. If a response is not received +from the Activity Agent within the timeout, then the NetApp device will disconnect and disable the +FPolicy policy. The Activity Agent will check every minute by default to see if the FPolicy policy +has been disabled and will enable it (if the auto-enable functionality is enabled for the agent). +The default setting to check every minute is configurable. + +The NetApp FPolicy uses a “push” mechanism such that notification will only be sent to the activity +agent when a transaction occurs. Daily activity log files are created only if activity is performed. +No activity log file will be created if there is no activity for the day. + +Configuration Checklist + +Complete the following checklist prior to configuring activity monitoring of NetApp Data ONTAP +7-Mode devices. Instructions for each item of the checklist are detailed within the following +topics. + +Checklist Item 1: Plan Deployment + +- Gather the following information: + - Names of the vFiler™(s) to be monitored + - DNS name of the CIFS shares(s) to be monitored + +Checklist Item 2: [Provision FPolicy Account](/docs/accessanalyzer/12.0/config/netapp7mode/provisionactivity.md) + +- Group membership with a role granting access to the following commands: + + ``` + login-http-admin + api-system-api-list + api-system-get-version + api-cifs-share-list-iter-* + api-volume-list-info-iter-* + ``` + +- For Automatic FPolicy creation (Checklist Item 4), group membership with a role granting access to + the following command: + + ``` + api-fpolicy* + ``` + +- To use the “Enable and connect FPolicy” option within the Activity Monitor, group membership with + a role granting access to the following command: + + ``` + cli-fpolicy* + ``` + +- Group membership in: + + - ONTAP Power Users + - ONTAP Backup Operators + +Checklist Item 3: Firewall Configuration + +- HTTP (80) or HTTPS (443) +- HTTP or HTTPS protocols need to be enabled on the NetApp filer +- TCP 135 +- TCP 445 +- Dynamic port range: TCP/UDP 137-139 +- See the [Enable HTTP or HTTPS](/docs/accessanalyzer/12.0/config/netapp7mode/enablehttp.md) topic for instructions. + +Checklist Item 4: [Configure FPolicy](/docs/accessanalyzer/12.0/config/netapp7mode/configurefpolicy.md) + +- If using vFilers: + + - FPolicy operates on the vFiler so the FPolicy must be created on the vFiler + + **NOTE:** Activity Monitor must target the vFiler + +- Select method: + + **_RECOMMENDED:_** Configure FPolicy Manually – A tailored FPolicy + + - Allow the Activity Monitor to create an FPolicy automatically + - This option is enabled when the Activity Monitor agent is configured to monitor the NetApp + device on the NetApp FPolicy Configuration page of the Add New Hosts window. + - It monitors all file system activity. + +Checklist Item 5: Activity Monitor Configuration + +- Deploy the Activity Monitor Activity Agent to a Windows proxy server +- Configure the Activity Agent to monitor the NetApp device diff --git a/docs/accessanalyzer/12.0/config/netapp7mode/configurefpolicy.md b/docs/accessanalyzer/12.0/config/netapp7mode/configurefpolicy.md new file mode 100644 index 0000000000..86d207021b --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netapp7mode/configurefpolicy.md @@ -0,0 +1,171 @@ +# Configure FPolicy + +Select a method to configure the FPolicy for NetApp Data ONTAP 7-Mode devices: + +**_RECOMMENDED:_** +[Manually Configure FPolicy (Recommended Option)](#manually-configure-fpolicy-recommended-option) – +A tailored FPolicy + +- If using vFilers the FPolicy must be created on the vFiler, and the Activity Monitor must target + the vFiler. This is because FPolicy operates on the affected vFiler. Therefore, when executing + these commands on a vFiler, the commands must be run from a vFiler context (e.g. via the vFiler + run command). +- Allow the Activity Monitor to create an FPolicy automatically. See the + [Automatic Configuration of FPolicy](#automatic-configuration-of-fpolicy) topic for additional + information. + + - This option is enabled when the Activity Monitor Activity Agent is configured to monitor the + NetApp device on the NetApp FPolicy Configuration page of the Add New Hosts window. + - It monitors all file system activity. + +## Manually Configure FPolicy (Recommended Option) + +This section describes how to manually configure FPolicy. Manual configuration of the FPolicy is +recommended so that the policy can be scoped. It is necessary to create six FPolicy components and +then enable the FPolicy. See the sections corresponding to each part of this list: + +- [Part 1: Create FPolicy](#part-1-create-fpolicy) +- [Part 2: Set FPolicy Required to Off](#part-2-set-fpolicy-required-to-off) +- [Part 3: Set FPolicy to Collect Permission Changes](#part-3-set-fpolicy-to-collect-permission-changes) +- [Part 4: Set FPolicy to Monitor Alternate Data Streams](#part-4-set-fpolicy-to-monitor-alternate-data-streams) +- [Part 5: Set FPolicy to Monitor Disconnected Sessions](#part-5-set-fpolicy-to-monitor-disconnected-sessions) +- [Part 6: Scope FPolicy for Specific Volumes](#part-6-scope-fpolicy-for-specific-volumes) +- [Part 7: Enable FPolicy](#part-7-enable-fpolicy) + +If using vFilers the FPolicy must be created on the vFiler, and the Activity Monitor must target the +vFiler. This is because FPolicy operates on the affected vFiler. Therefore, when executing these +commands on a vFiler, the commands must be run from a vFiler context (e.g. via the vFiler run +command). + +Relevant NetApp Documentation: To learn more about configuring file policies, please visit the +NetApp website and read +[na_fpolicy – configure file policies](https://library.netapp.com/ecmdocs/ECMP1196890/html/man1/na_fpolicy.1.html) +article. + +### Part 1: Create FPolicy + +Create the FPolicy on the vFiler. + +IMPORTANT: + +- The policy should be named "StealthAUDIT" +- The only supported policy type is "screen" for file screening. + +Use the following command to create the FPolicy: + +``` +fpolicy create StealthAUDIT screen +``` + +### Part 2: Set FPolicy Required to Off + +If the `FPolicy Required` value is set to on, user requests are denied if an FPolicy server is not +available to implement the policy. If it is set to off, user requests are allowed when it is not +possible to apply the policy to the file because no FPolicy server is available. + +IMPORTANT: + +- The `FPolicy Required` value should be set to **off** + +Use the following command to set the `FPolicy Required` value to off: + +``` +fpolicy options StealthAUDIT required off +``` + +### Part 3: Set FPolicy to Collect Permission Changes + +The cifs_setattr value must be set to on in order for CIFS requests to change file security +descriptors to be screened by the policy. + +IMPORTANT: + +- The `cifs_setattr` value must be set to **on** + +Use the following command to enable the FPolicy to collect permission changes: + +``` +fpolicy options StealthAUDIT cifs_setattr on +``` + +### Part 4: Set FPolicy to Monitor Alternate Data Streams + +The monitor_ads value must be set to on in order for CIFS requests for alternate data streams (ADS) +to be monitored by the policy. + +IMPORTANT: + +- The `monitor_ads` value must be set to **on** + +Use the following command to enable the FPolicy to monitor ADS: + +``` +fpolicy options StealthAUDIT monitor_ads on +``` + +### Part 5: Set FPolicy to Monitor Disconnected Sessions + +The cifs_disconnect_check value must be set to on in order for CIFS requests associated with +disconnected sessions to be monitored by the policy. + +IMPORTANT: + +- The `cifs_disconnect_check` value must be set to **on** + +Use the following command to enable the FPolicy to monitor disconnected sessions: + +``` +fpolicy options StealthAUDIT cifs_disconnect_check on +``` + +### Part 6: Scope FPolicy for Specific Volumes + +The FPolicy can be scoped either to monitor only specified volumes (inclusion) or to not monitor +specific volumes (exclusion). + +IMPORTANT: + +- Choose to scope by including or excluding volumes + +Use the following command to scope the FPolicy by volume: + +``` +fpolicy ‑volume [INCLUDE OR EXCLUSION] ‑add StealthAUDIT [VOLUME_NAME],[VOLUME_NAME] +``` + +Inclusion Example: + +``` +fpolicy ‑volume include ‑add StealthAUDIT samplevolume1,samplevolume2 +``` + +Exclusion Example: + +``` +fpolicy ‑volume exclusion ‑add StealthAUDIT samplevolume1,samplevolume2 +``` + +### Part 7: Enable FPolicy + +The FPolicy must be enabled before the Activity Monitor Activity Agent can be configured to monitor +the NetApp device. + +IMPORTANT: + +- The Activity Monitor must register with the NetApp device as an FPolicy server. By default, it + looks for a policy named `StealthAUDIT`. See the + [Customize FPolicy Policy Name](/docs/accessanalyzer/12.0/config/netapp7mode/customizefpolicy.md) section for information on using a different + policy name. + +Use the following command to enable the FPolicy to monitor disconnected sessions: + +``` +fpolicy enable StealthAUDIT +``` + +## Automatic Configuration of FPolicy + +The Activity Monitor can automatically configure FPolicy on the targeted NetApp Data ONTAP 7-Mode +device. The FPolicy created monitors all file system activity. This is done when the NetApp device +is assigned to the agent for monitoring. This option is enabled on the NetApp FPolicy Configuration +page of the Add New Host window. diff --git a/docs/accessanalyzer/12.0/config/netapp7mode/customizefpolicy.md b/docs/accessanalyzer/12.0/config/netapp7mode/customizefpolicy.md new file mode 100644 index 0000000000..72a8bfa49e --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netapp7mode/customizefpolicy.md @@ -0,0 +1,26 @@ +# Customize FPolicy Policy Name + +There may be situations when FPolicy needs to be named something other than StealthAUDIT. In those +cases it is necessary to manually add a parameter to the Activity Monitor agent’s `sbtfilemon.ini` +file. After the monitoring agent has been deployed, follow the steps. + +**Step 1 –** Open to the `sbtfilemon.ini` file on the agent server in a text editor: + +…\STEALTHbits\StealthAUDIT\FSAC + +**Step 2 –** Add the following parameter: + +``` +FPOLICY_POLICY_NAME=[POLICY_NAME] +``` + +Example: + +``` +FPOLICY_POLICY_NAME=EnterpriseAuditor +``` + +**Step 3 –** Save and close the `sbtfilemon.ini` file. + +When the Activity Agent is configured to monitor a NetApp device, it looks for the FPolicy named in +the parameter. diff --git a/docs/accessanalyzer/12.0/config/netapp7mode/enablehttp.md b/docs/accessanalyzer/12.0/config/netapp7mode/enablehttp.md new file mode 100644 index 0000000000..6ff686bfb3 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netapp7mode/enablehttp.md @@ -0,0 +1,29 @@ +# Enable HTTP or HTTPS + +The Activity Monitor Activity Agent must be able to send ONTAPI calls to the vFiler’s data LIF over +HTTP or HTTPS. The following commands will enable the HTTP or HTTPS communication between the vFiler +and the Activity Monitor. + +Use the following command to enable HTTP: + +``` +options httpd.admin.enable on +``` + +Check HTTP Status: + +``` +options httpd.admin.enable +``` + +Use the following command to enable HTTPS: + +``` +options httpd.admin.ssl.enable on +``` + +Check HTTP Status: + +``` +options httpd.admin.ssl.enable +``` diff --git a/docs/accessanalyzer/12.0/config/netapp7mode/overview.md b/docs/accessanalyzer/12.0/config/netapp7mode/overview.md new file mode 100644 index 0000000000..20a9cd1789 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netapp7mode/overview.md @@ -0,0 +1,144 @@ +# NetApp Data ONTAP 7-Mode Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or +Sensitive Data Discovery Auditing scans on NetApp Data ONTAP 7-Mode devices. The Netwrix Activity +Monitor can be configured to monitor activity on NetApp Data ONTAP 7-Mode devices and make the event +data available for Access Analyzer Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Access Analyzer scans must have the following permissions on the target +host: + +- Enumerate shares by executing specific API calls +- Bypass NTFS security to read the entire folder structure to be scanned and collect file/folder + permissions + +These permissions grant the credential the ability to enumerate shares, access the remote registry, +and bypass NTFS security on folders. The credential used within the assigned Connection Profile for +these target hosts requires these permissions. See the +[NetApp Data ONTAP 7-Mode Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/netapp7mode/access.md) topic for +instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of NetApp Data ONTAP 7-Mode Device + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +NetApp Data ONTAP 7-Mode Device Requirements + +An FPolicy must be configured on the target device for Activity Auditing (FSAC) scans. A tailored +FPolicy is recommended as it decreases the impact on the NetApp device. The credential associated +with the FPolicy used to monitor activity must be provisioned with access to the following API +calls: + +``` +login-http-admin +api-system-api-list +api-system-get-version +api-cifs-share-list-iter-* +api-volume-list-info-iter-* +``` + +If the Activity Monitor will be automatically configuring the FPolicy, then the following command is +also needed: + +``` +api-fpolicy* +``` + +If the Activity Monitor will be configured to use the “Enable and connect to the FPolicy” option, +then the following command is also needed: + +``` +cli-fpolicy* +``` + +The credential must also have the following permissions on the target device: + +- Group membership in both of the following groups: + + - ONTAP Power Users + - ONTAP Backup Operators + +See the [NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/netapp7mode/activity.md) topic for +instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for NetApp Data ONTAP 7-Mode Device + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target NetApp Data ONTAP 7-Mode device: + +| Communication Direction | Protocol | Ports | Description | +| --------------------------------- | ---------------- | ------------------------------------ | ----------- | +| Activity Agent Server to NetApp\* | HTTP (optional) | 80 | ONTAPI | +| Activity Agent Server to NetApp\* | HTTPS (optional) | 443 | ONTAPI | +| Activity Agent Server to NetApp | TCP | 135, 139 Dynamic Range (49152-65535) | RPC | +| Activity Agent Server to NetApp | TCP | 445 | SMB | +| Activity Agent Server to NetApp | UDP | 137, 138 | RPC | +| NetApp to Activity Agent Server | TCP | 135, 139 Dynamic Range (49152-65535) | RPC | +| NetApp to Activity Agent Server | TCP | 445 | SMB | +| NetApp to Activity Agent Server | UDP | 137, 138 | RPC | + +\*Only required if using the FPolicy Configuration and FPolicy Enable and Connect options in +Activity Monitor. + +**NOTE:** If either HTTP or HTTPS are not enabled, the FPolicy on the NetApp Data ONTAP 7-Mode +device must be configured manually. Also, the External Engine will not reconnect automatically in +the case of a server reboot or service restart. + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/provision-access.md b/docs/accessanalyzer/12.0/config/netapp7mode/provisionaccess.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/netapp-7-mode/provision-access.md rename to docs/accessanalyzer/12.0/config/netapp7mode/provisionaccess.md diff --git a/docs/accessanalyzer/12.0/config/netapp7mode/provisionactivity.md b/docs/accessanalyzer/12.0/config/netapp7mode/provisionactivity.md new file mode 100644 index 0000000000..fc85e26dea --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netapp7mode/provisionactivity.md @@ -0,0 +1,96 @@ +# Provision FPolicy Account + +This topic describes the steps needed to create a user account with the privileges required to +connect the Activity Monitor Activity Agent to the FPolicy engine and to execute the NetApp API +calls required for activity monitoring and configuration. + +Provisioning this account is a three part process: + +- Part 1: Create Role with API/CLI Access +- Part 2: Create a Group & Assign Role +- Part 3: Add User to Group + +Relevant NetApp Documentation: To learn more about node access controls, please visit the NetApp +website and read the +[na_useradmin – Administers node access controls](https://library.netapp.com/ecmdocs/ECMP1511537/html/man1/na_useradmin.1.html) +article. + +## Part 1: Create Role with API/CLI Access + +This section provides instructions for creating a role with access to the following commands: + +``` +login-http-admin +api-system-api-list +api-system-get-version +api-cifs-share-list-iter-* +api-volume-list-info-iter-* +api-fpolicy* +cli-fpolicy* +``` + +**NOTE:** The `api-fpolicy*` command is required for automatic configuration of FPolicy. The +`cli-fpolicy*` command is required to use the “Enable and connect FPolicy” option for a Monitored +Host configuration. + +The following command needs to be run to create the role. + +Run the following command when provisioning an account for manual configuration of FPolicy; it +includes the "Enable and connect FPolicy" option requirement: + +``` +useradmin role ‑add [ROLE_NAME] ‑c "[ROLE_DESCRIPTION]" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter‑*,cli‑fpolicy* +``` + +Example: + +``` +useradmin role ‑add enterpriseauditor ‑c "Role for Enterprise Auditor" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter‑*,cli‑fpolicy* +``` + +Run the following command when provisioning an account for automatic configuration of FPolicy; it +includes the "Enable and connect FPolicy" option requirement: + +``` +useradmin role ‑add [ROLE_NAME] ‑c "[ROLE_DESCRIPTION]" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter‑*,api‑fpolicy*,cli‑fpolicy* +``` + +Example: + +``` +useradmin role ‑add enterpriseauditor ‑c "Role for Enterprise Auditor" ‑a login‑http‑admin,api‑system‑api‑list,api‑system‑get‑version,api‑cifs‑share‑list‑iter‑*,api‑volume‑list‑info‑iter‑*,api‑fpolicy*,cli‑fpolicy* +``` + +After the role is created, complete Part 2: Create a Group & Assign Role. + +## Part 2: Create a Group & Assign Role + +Once the role has been created, it must be attached to a group. The following command needs to be +run to create a group and assign the role to it. + +``` +useradmin group ‑add [GROUP_NAME] ‑r [ROLE_NAME] +``` + +Example: + +``` +useradmin group ‑add nwxgroup ‑r enterpriseauditor +``` + +After the group is created and the role is assigned, complete Part 3: Add User to Group. + +## Part 3: Add User to Group + +The final step is to add the domain user to the new group, Backup Operators group, and Power Users +group. The following command needs to be run to add the user to all three groups. + +``` +useradmin domainuser ‑add [DOMAIN\USER] ‑g [GROUP_NAME, WITHIN " MARKS IF MULTIPLE WORDS],"Backup Operators","Power Users" +``` + +Example: + +``` +useradmin domainuser ‑add example\user1 ‑g nwxgroup,"Backup Operators","Power Users" +``` diff --git a/docs/accessanalyzer/12.0/config/netappcmode/access.md b/docs/accessanalyzer/12.0/config/netappcmode/access.md new file mode 100644 index 0000000000..74c18ffd87 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netappcmode/access.md @@ -0,0 +1,261 @@ +# NetApp Data ONTAP Cluster-Mode Access & Sensitive Data Auditing Configuration + +This topic provides instructions for configuring NetApp Data ONTAP Cluster-Mode devices. + +## CIFS Method 1 Credential Configuration + +Configuring access to CIFS shares using FPolicy and ONTAP API for Access Analyzer requires the +following: + +- Configure Data LIF to Allow HTTPS Traffic +- [Configure Empty FPolicy](/docs/accessanalyzer/12.0/config/netappcmode/configureemptyfpolicy.md) + +See the [CIFS Method 2 Credential Configuration](#cifs-method-2-credential-configuration) topic for +an alternative method. + +### Configure Data LIF to Allow HTTPS Traffic + +As of NetApp Clustered ONTAP 9.6, users can assign service policies (instead of LIF roles) to LIFs +that determine the kind of traffic that is supported for the LIFs. + +- Starting with ONTAP 9.5, ONTAP supports service policies +- Starting with ONTAP 9.6, LIF roles are deprecated and service policies are supported for all types + of services + +For users running ONTAP 9.6+, data LIFs used for HTTPS communication with Access Analyzer are +required to use a LIF service policy that includes the `management-https` service. Without this +service applied to a data LIF’s service policy, HTTPS communication will not be possible. + +The following examples offer guidance for managing service policies, but may vary depending on the +NetApp environment’s specific configuration and needs. + +Use the following command to display available services: + +``` +network interface service show +``` + +Use the following command to create a service policy (example includes NFS, CIFS, and HTTPS +traffic): + +``` +network interface service-policy create -vserver [SVM_NAME] -policy [SERVICE_POLICY_NAME] -services [LIST_OF_SERVICES_COMMA-SEPARARTED] -allowed-addresses [IP_CIDR_NOTATION] +``` + +Example with the NFS, CIFS, and HTTPS protocols being allowed: + +``` +network interface service-policy create -vserver testserver -policy new_service_policy -services data-nfx,data-cifs,management-https,data-core -allowed-addresses 0.0.0.0/0 +``` + +Use the following command to verify if the service policy was properly created: + +``` +network interface service-policy show +``` + +Use the following command to add the created service policy to an existing data LIF: + +``` +network interface modify -vserver [SVM_NAME] -lif [LIF_NAME] -service-policy [SERVICE_POLICY_NAME] +``` + +Example: + +``` +network interface modify -vserver testserver -lif lif_1 -service-policy new_service_policy +``` + +A service policy can only be used by LIFs in the same SVM that is specified when creating the +service policy. + +## CIFS Method 2 Credential Configuration + +Configuring access to CIFS shares using the special C$ share is an alternative least privileged +access option for NetApp Data ONTAP Cluster-Mode devices v9.0+. See the +[CIFS Method 1 Credential Configuration](#cifs-method-1-credential-configuration) topic for an +alternative method. + +The following permissions are required: + +- Group membership in the Backup Operators group on either the file system proxy server for Proxy + Mode scans or the Access Analyzer server for Local Mode scans (to get a high integrity token) +- Group membership in the NetApp SVM's Power Users group (to enumerate shares) + + - Use the following command to add the Service Account to BUILTIN\Power Users: + + ``` + cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Power Users" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] + ``` + +- Group membership in the NetApp SVM's Backup Operators group (to bypass NTFS permissions) + + - NetApp SVM's SeBackupPrivilege needs to be applied to this group + - This group must have read-only access to the SVM's C$ share + - Use the following command to add the Service Account to BUILTIN\Backup Operators: + + ``` + cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Backup Operators" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] + ``` + +If an ACE does not already exist for a specific user/group on an SVM's c$ share, then it needs to be +added with the desired rights (No_access, Read, Change, or Full_Control). To check the current ACE +for a user or group on each SVM's c$ share, the following ONTAP CLI command should be used at the +cluster management level. + +``` +vserver cifs share access-control show -share c$ +``` + +The output will list each SVM's ACL for its c$ share. For example: + +![ONTAP CLI Command Output Example](/img/product_docs/accessanalyzer/12.0/config/netappcmode/accesscifsmethod2.webp) + +If the desired ACE does not exist on an SVM's c$ share, then one can be created with the following +command: + +``` +vserver cifs share access-control create -share c$ -user-or-group [USER_OR_GROUP_NAME] -permission Read -vserver [SVM_NAME] +``` + +If an existing ACE needs to be modified, the following command should be used: + +**CAUTION:** The following command will overwrite an existing ACE. For example, it is possible to +downgrade a user with Full_Control to Read, or vice versa. + +``` +vserver cifs share access-control modify -share c$ -user-or-group [USER_OR_GROUP_NAME] -permission Read -vserver [SVM_NAME] +``` + +**NOTE:** If users would prefer to avoid permissioning C$, then there is an alternative. Users can +instead give the SVM's Backup Operators group read-only access to each share to be scanned. + +In order to utilize Access Analyzer’s LAT Preservation (Last Access Time) feature during sensitive +data scans and metadata tag collection, applying ONTAP’s SeRestorePrivilege to the service account +is also required. + +As an alternative to membership in BUILTIN\Backup Operators, SeBackupPrivilege can be directly +applied to a user via the NetApp command line. + +The following commands can be used to grant these permissions to the service account to be used for +scanning by Access Analyzer. + +Use the following commands to add SeBackupPrivilege to the Service Account (or a BUILTIN Group): + +``` +cifs users-and-groups privilege add-privilege ‑user-or-group-name [USER_OR_GROUP_NAME] ‑privileges SeBackupPrivilege ‑vserver [SVM_NAME] +``` + +Use the following commands to add the Service Account to BUILTIN\Power Users: + +``` +cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Power Users" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] +``` + +Use the following commands to add the Service Account to BUILTIN\Backup Operators: + +``` +cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Backup Operators" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] +``` + +Use the following commands to verify the results from the previous commands: + +``` +cifs users-and-groups privilege show ‑vserver [SVM_NAME] ‑user-or-group-name [USER_OR_GROUP_NAME] +``` + +Use the following commands to give the Service Account Read-only Access to NetApp SVM's c$ Share: + +``` +cifs share access-control create ‑vserver [SVM_NAME] ‑share c$ ‑user-or-group [USER_OR_GROUP_NAME] ‑permission Read +``` + +**NOTE:** In the previous command, "create" needs to be replaced with "modify" if the CIFS share ACE +already exists for the share/user combination. + +Use the following commands to verify the results from the previous command: + +``` +cifs share access-control show ‑vserver [SVM_NAME] ‑share c$ +``` + +## NFSv3 Credential Configuration + +The following is a list of example commands that can be used to configure a NetApp export policy to +scan a volume via NFSv3 using the Access Analyzer File System Solution. + +**CAUTION:** The export policy for a volume's parent (ex. the SVM's root volume), or the export +policy for a qtree's parent, must have access rights that are equal or wider in scope to the export +policy for the target volume/qtree. If Access Analyzer cannot access all segments of a target +volume/qtree's junction path, then NFS access will be denied. + +Use the following command to create an export policy: + +``` +vserver export-policy create ‑vserver [SVM_NAME] ‑policyname [EXPORT_POLICY_NAME] +``` + +Example: + +``` +vserver export-policy create ‑vserver testserver ‑policyname testNFS +``` + +Use the following command to add a rule to the previous export policy, using the nfsv3, auth_sys +(aka auth_unix), and superuser properties: + +``` +vserver export-policy rule create ‑vserver [SVM_NAME] ‑policyname [EXPORT_POLICY_NAME] ‑clientmatch [IP_CIDR_NOTATION] ‑rorule sys ‑rwrule sys ‑superuser sys -protocol nfs3 +``` + +Example: + +``` +vserver export-policy rule create ‑vserver testserver ‑policyname testNFS ‑clientmatch 0.0.0.0/0 ‑rorule sys ‑rwrule sys ‑superuser sys -protocol nfs3 +``` + +Use the following command to show each volume’s export policy: + +``` +volume show ‑vserver [SVM_NAME] ‑fields policy +``` + +Example: + +``` +volume show ‑vserver testserver ‑fields policy +``` + +Use the following command to change a volume’s export policy: + +``` +volume modify ‑vserver [SVM_NAME] ‑volume [VOLUME_NAME] ‑policy [EXPORT_POLICY_NAME] +``` + +Example: + +``` +volume modify ‑vserver testserver ‑volume testVolume ‑policy testNFS +``` + +### Troubleshooting NFSv3 Export Access + +If Access Analyzeris not discovering the expected NFS export, it is possible that the export policy +is not properly configured to allow the Access Analyzer server or proxy server IP Address to mount +the NFS export. One step in troubleshooting this issue is to confirm a Unix client (or WSL for +Windows) in the same IP range as the Access Analyzer server or proxy server can mount the NFS +export. + +Run the following command from a Unix host to verify the NFS mount is available: + +``` +showmount ‑e [NFS_HOSTNAME_OR_IP] +``` + +If the NFS export is returned as a result of the previous command, then Access Analyzer should also +be able to mount it. If not, it may be necessary to run the following command on the NetApp SVM to +get the NFS export to be returned by the `showmount` command: + +``` +vserver nfs modify ‑vserver [SVM_NAME] ‑showmount enabled +``` diff --git a/docs/accessanalyzer/12.0/config/netappcmode/activity.md b/docs/accessanalyzer/12.0/config/netappcmode/activity.md new file mode 100644 index 0000000000..1932c7095d --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netappcmode/activity.md @@ -0,0 +1,217 @@ +# NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration + +The Activity Monitor agent employed to monitor NetApp leverages NetApp ONTAP API, and the NetApp +FPolicy framework to monitor file system events. This includes both NetApp 7-Mode and Cluster-Mode +configurations. For more information about FPolicy read the +[What are the two parts of the FPolicy solution ](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-54FE1A84-6CF0-447E-9AAE-F43B61CA2138.html) +article. + +Activity Monitor requires two communication channels for ONTAP monitoring: + +1. Activity Monitor Agent connects to ONTAP on port 80 or 443 for access to ONTAP API (ONTAPI/ZAPI + or REST API). +2. Data LIFs of the SVM connect to Activity Monitor Agent on port 9999 for FPolicy notifications. + +The ONTAP API access is mandatory; without the API access the agent will not be able to receive and +translate events from FPolicy. Both classic ONTAPI/ZAPI and the new REST API are supported. The +agent uses the API to retrieve information about the storage virtual machines (SVM): CIFS settings, +list of volumes, list of LIFs. Depending on the configuration, the agent can also retrieve the state +of FPolicy to ensure it is enabled; configure FPolicy and register or unregister itself. + +The FPolicy framework enables the collection of audit events on the ONTAP side and their transfer to +the agent(s) via the designated Data LIFs. Each LIF establishes its own connection with one or +several agents and sends notifications as soon as the file transaction occurs. The FPolicy +connection is asynchronous and buffered; both ONTAP and Activity Monitor have techniques in place to +make sure that connections are alive and working. The connection can be secured using TLS with +server or mutual authentication. + +FPolicy may have a significant impact on file system throughput, and it is always a best practice to +monitor performance when enabling FPolicy. + +**_RECOMMENDED:_** Create a tailored FPolicy which only collects the desired activity from the +environment to limit the scope and impact. + +For scale-out and fault tolerance purposes, the product supports a range of deployment options. A +single agent can receive events from multiple SVMs. Or events from a single SVM can be distributed +among multiple agents. Or a set of SVMs can distribute events among a set of agents. The choice +depends on the fault tolerance requirements and the expected event flow. As a rule of thumb, the +_average_ load on a single agent should not exceed 5000 events per second. + +Starting with ONTAP 9.15.1, the FPolicy Persistent Store provides resilience and predictable latency +during scenarios such as network delays or bursts of activity. The feature uses a dedicated volume +for each SVM as a staging buffer before events are sent to the agent. FPolicy will automatically +create a volume if one does not already exist. + +**_RECOMMENDED:_** Enable the Persistent Store feature and allow it to create a volume +automatically. + +## Configuration Checklist + +Complete the following checklist prior to configuring the activity monitoring of NetApp Data ONTAP +Cluster-Mode devices. Instructions for each item of the checklist are detailed within the following +sections. + +Checklist Item 1: Plan Deployment + +- Gather the following information: + + - Names of the SVM(s) to be monitored + + - FPolicy is configured for each SVM separately + - This should be the SVM(s) hosting the CIFS or NFS shares(s) to be monitored + + - Credentials to access ONTAP to provision a role and account. + - Desired functionality level: + + - _Manual_. A user configures FPolicy manually and ensures it stays enabled. + - _Enable and Connect FPolicy_. The product ensures that FPolicy stays enabled and connected + all the time. RECOMMENDED. + - _Configure FPolicy_. The product configures FPolicy automatically and ensures it stays + enabled and connected all the time. RECOMMENDED. + + - Volumes or shares on each SVM to be monitored + + - Limiting the FPolicy to select volumes or shares is an effective way to limit the + performance impact of FPolicy + + - Successful/failed file operations to be monitored + + - Limiting the FPolicy to specific file operations is an effective way to limit the + performance impact of FPolicy + + - IP Address of the server(s) where the Activity Monitor Agent is deployed + - API enabled in ONTAP: the classic ONTAPI/ZAPI or the new REST API + + - The product supports the REST API for ONTAP 9.13.1 and above. + - Volume names and sizes to be used as a Persistent Store for each SVM. This is recommended. + - The product supports the Persistent Store feature for ONTAP 9.15.1 and later. + - At least one local tier (aggregate) is assigned to the SVM. + + - Encryption and Authentication protocol for FPolicy connection + + - No Authentication (default) + - TLS, server authentication (the SVM authenticates the agent) + - TLS, mutual authentication (both the SVM and the agent authenticate each other) + +Persistent Store provides resilience and predictable latency in scenarios such as network delays or +bursts of activity events. + +It uses a dedicated volume for each SVM as a staging buffer before the events are sent to Activity +Monitor Agent. + +Checklist Item 2: [Provision ONTAP Account](/docs/accessanalyzer/12.0/config/netappcmode/provisionactivity.md) + +- Permission names depend on the API used, ONTAPI/ZAPI or REST API. +- The case of domain and username created during the account provisioning process must match exactly + to the credentials provided to the activity agent for authentication to work. +- The credential associated with the FPolicy used to monitor activity must be provisioned with + access to (at minimum) the following CLI or API commands, according to the level of collection + desired: + + - Manual, Collect Activity Events Only (Least Privilege) + + - ONTAPI/ZAPI + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + + - REST API + + - `/api/cluster` – Readonly access + - `/api/protocols/cifs/services` – Readonly access + - `/api/storage/volumes` – Readonly access + - `/api/svm/svms` – Readonly access + + - Employ the “Enable and connect FPolicy” Option (Less Privilege) – RECOMMENDED + + - ONTAPI/ZAPI + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + - `network interface` – Readonly access + - `vserver fpolicy disable` – All access + - `vserver fpolicy enable` – All access + - `vserver fpolicy engine-connect` – All access + + - REST API + + - `/api/cluster` – Readonly access + - `/api/protocols/cifs/services` – Readonly access + - `/api/storage/volumes` – Readonly access + - `/api/svm/svms` – Readonly access + - `/api/network/ip/interfaces` – Readonly access + - `/api/protocols/fpolicy` – All access + + - Employ the “Configure FPolicy” Option (Automatic Configuration of FPolicy) – RECOMMENDED + + - ONTAPI/ZAPI + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + - `network interface` – Readonly access + - `vserver fpolicy` – All access + - `security certificate install` – All access (only if FPolicy uses a TLS connection) + + - REST API + + - `/api/cluster` – Readonly access + - `/api/protocols/cifs/services` – Readonly access + - `/api/storage/volumes` – Readonly access + - `/api/svm/svms` – Readonly access + - `/api/network/ip/interfaces` – Readonly access + - `/api/protocols/fpolicy` – All access + - `/api/security/certificates` – All access (only if FPolicy uses a TLS connection) + + - Access Analyzer Integration requires the addition of the following CLI command: + + - `security login role show-ontapi` – Readonly access + +Checklist Item 3: [Configure Network](/docs/accessanalyzer/12.0/config/netappcmode/configurefirewall.md) + +- Agent must be able to connect to ONTAP API via a management LIF on ports HTTP (80) or HTTPS (443) + + - NetApp firewall policy may need to be modified. + - LIF's service policy may need to be modified to include `management-https` or + `management-http` services. + - Either of these ports is required. Activity Monitor requires ONTAP API access. + +- ONTAP cluster nodes, which serve the SVM, must be able to connect to the agent on port 9999. + + - LIFs' service policy may need to be modified to include `data-fpolicy-client` service. + - Each data serving node should have its own LIF with the `data-fpolicy-client` service. + - The default port 9999 can be changed in the agent's settings. + +Checklist Item 4: [Configure FPolicy](/docs/accessanalyzer/12.0/config/netappcmode/configurefpolicy.md) + +- Remember: all FPolicy objects and SVM names are case sensitive. +- FPolicy must be configured for each SVM to be monitored. +- If using TLS, … authentication options, generate needed certificates and PEM files +- Select method: + + - Configure FPolicy Manually – If you want to exclude certain volumes or shares; a tailored + FPolicy decreases the impact on NetApp. + + - Required when the FPolicy account is provisioned for either Least Privileged or Less + Privilege permission model + - If using TLS, … authentication options, set authentication + + - Allow the Activity Monitor to create an FPolicy automatically + + - If using TLS, … authentication options, set authentication + - This option is enabled using the **Configure FPolicy. Create or modify FPolicy objects if + needed** checkbox for each monitored SVM. + - It monitors file system activity on all volumes and shares of the SVM. + - FPolicy configuration is automatically updated to reflect the Activity Monitor + configuration. + - Requires a Privileged Access credential be provided. + +- Enable the Persistent Store to increase the resilience and control the latency in case of network + outages or bursts of activity + +Checklist Item 5: Activity Monitor Configuration + +- Deploy the Activity Monitor Agent to a Windows server. +- Configure the Agent to monitor the SVM. diff --git a/docs/accessanalyzer/12.0/config/netappcmode/configureemptyfpolicy.md b/docs/accessanalyzer/12.0/config/netappcmode/configureemptyfpolicy.md new file mode 100644 index 0000000000..f802d1892e --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netappcmode/configureemptyfpolicy.md @@ -0,0 +1,382 @@ +# Configure Empty FPolicy + +The credential used to just run Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing +scans requires access to the specified API calls as well as association to an FPolicy. Therefore, it +is necessary to: + +- [Create Security Role for FSAA Scans](#create-security-role-for-fsaa-scans) +- [Create Security Login for FSAA Scans](#create-security-login-for-fsaa-scans) +- [Create External Engine for Empty FPolicy](#create-external-engine-for-empty-fpolicy) +- [Create FPolicy Event for Empty FPolicy](#create-fpolicy-event-for-empty-fpolicy) +- [Create Empty FPolicy Policy](#create-empty-fpolicy-policy) +- [Create Empty FPolicy Scope](#create-empty-fpolicy-scope) +- [Enable the Empty FPolicy](#enable-the-empty-fpolicy) + +**NOTE:** The commands in the following sections have been verified for NetApp Data ONTAP 9.6+. +Users of older versions should consult the NetApp documentation to find the appropriate syntax. + +## Create Security Role for FSAA Scans + +This section provides instructions for creating an access-control role. An access-control role +consists of a role name and a command to which the role has access. It optionally includes an access +level (none, read-only, or all) and a query that applies to the specified command or command +directory. The following commands need to be run to create the security role. + +Use the following command to provision read-only access to Version\* commands: + +``` +security login role create ‑role [ROLE_NAME] ‑cmddirname "version" ‑access readonly ‑query "" ‑vserver [SVM_NAME] +``` + +Example: + +``` +security login role create ‑role enterpriseauditor ‑cmddirname "version" ‑access readonly ‑query "" ‑vserver testserver +``` + +Use the following command to provision read-only access to Volume\* commands: + +``` +security login role create ‑role [ROLE_NAME] ‑cmddirname "volume" ‑access readonly ‑query "" ‑vserver [SVM_NAME] +``` + +Example: + +``` +security login role create ‑role enterpriseauditor ‑cmddirname "volume" ‑access readonly ‑query "" ‑vserver testserver +``` + +Use the following command to provision read-only access to SVM\* commands: + +``` +security login role create ‑role [ROLE_NAME] ‑cmddirname "vserver" ‑access readonly ‑query "" ‑vserver [SVM_NAME] +``` + +Example: + +``` +security login role create ‑role enterpriseauditor ‑cmddirname "vserver" ‑access readonly ‑query "" ‑vserver testserver +``` + +Use the following command to provision read-only access to security login role show-ontapi commands: + +``` +security login role create ‑role [ROLE_NAME] ‑cmddirname "security login role show-ontapi" ‑access readonly ‑query "" ‑vserver [SVM_NAME] +``` + +Example: + +``` +security login role create ‑role enterpriseauditor ‑cmddirname "security login role show-ontapi" ‑access readonly ‑query "" ‑vserver testserver +``` + +Before creating the Security Login, validate this configuration. + +### Validate Security Role Configuration + +Run the following command to validate the security role configuration: + +``` +security login role show [ROLE_NAME] +``` + +Example: + +``` +security login role show enterpriseauditor +``` + +Relevant NetApp Documentation: To learn more about creating security login roles, please visit the +NetApp website and read the +[security login role create](https://library.netapp.com/ecmdocs/ECMP1196817/html/security/login/role/create.html) +article. + +## Create Security Login for FSAA Scans + +Once the access control role has been created, apply it to a domain account. + +**CAUTION:** + +- The SVM used in the following command must be the same SVM used when creating the role. See the + [Create Security Role for FSAA Scans](#create-security-role-for-fsaa-scans) topic for additional + information. + + **CAUTION:** Cluster-Mode is case sensitive. + +- It is recommended to use lowercase for both domain and username. The case of domain and username + created during the account provisioning process must match exactly to the credentials provided to + the Access Analyzer for authentication to work. + +Use the following command to create the security login for the security role: + +``` +security login create ‑user-or-group-name [DOMAIN\DOMAINUSER] ‑application ontapi ‑authentication‑method domain ‑role [ROLE_NAME] ‑vserver [SVM_NAME] +``` + +Example: + +``` +security login create ‑user-or-group-name example\user1 ‑application ontapi ‑authentication‑method domain ‑role enterpriseauditor ‑vserver testserver +``` + +Before creating the External Engine, validate this security login. + +### Validate Security Login Creation + +Run the following command to validate security login: + +``` +security login show [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +security login show example\user1 +``` + +Verify that the output is displayed as follows: + +![validatesecuritylogincreation](/img/product_docs/activitymonitor/config/netappcmode/validatesecuritylogincreation.webp) + +Relevant NetApp Documentation: To learn more about creating security logins, please visit the NetApp +website and read the +[security login create](https://library.netapp.com/ecmdocs/ECMP12452955/html/security/login/create.html) +article. + +## Create External Engine for Empty FPolicy + +The External Engine defines how FPolicy makes and manages connections to external FPolicy servers. + +IMPORTANT: + +- The `-primary-servers` must be the server from which the StealthAUDIT scans will be executed: + + - StealthAUDIT Console server for local mode + - proxy server if running in any of the proxy mode options + +- The following values are required: + + - `engine-name StealthAUDITEngine` + - `port 9999` + + - Port number can be customized, but it is recommended to use 9999. + + - `extern-engine-type asynchronous` + - `ssl-option no-auth` + +**CAUTION:** Cluster-Mode is case sensitive. + +Use the following command to create the external engine: + +``` +vserver fpolicy policy external-engine create ‑vserver [SVM_NAME] ‑engine-name StealthAUDITEngine ‑primary-servers [IP_ADDRESS,…] ‑port 9999 ‑extern-engine-type asynchronous ‑ssl-option no-auth +``` + +Example: + +``` +vserver fpolicy policy external-engine create ‑vserver testserver ‑engine-name StealthAUDITEngine ‑primary-servers 192.168.30.15 ‑port 9999 ‑extern-engine-type asynchronous ‑ssl-option no-auth +``` + +Before creating the FPolicy Event, validate this external engine was created. + +### Validate External Engine Creation + +Run the following command to validate the creation of the external engine: + +``` +fpolicy policy external-engine show ‑instance +``` + +Verify that the output is displayed as follows: + +![validateexternalenginecreation](/img/product_docs/accessanalyzer/12.0/config/netappcmode/validateexternalenginecreation.webp) + +Relevant NetApp Documentation: To learn more about creating an external engine, please visit the +NetApp website and read the +[vserver fpolicy policy external-engine create](https://library.netapp.com/ecmdocs/ECMP1366832/html/vserver/fpolicy/policy/external-engine/create.html) +article. + +## Create FPolicy Event for Empty FPolicy + +An event defines which protocol and which file operations are associated with the FPolicy. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares. +- The following values are required: + + - `event-name StealthAUDITScreening` + - `volume-operation true` + +**CAUTION:** Cluster-Mode is case sensitive. + +Use the following command to create the FPolicy event: + +``` +vserver fpolicy policy event create ‑vserver [SVM_NAME] ‑event-name StealthAUDITScreening ‑volume-operation true ‑protocol [PROTOCOL] ‑file-operations "" +``` + +Example: + +``` +vserver fpolicy policy event create ‑vserver testserver ‑event-name StealthAUDITScreening ‑volume-operation true ‑protocol cifs ‑file-operations "" +``` + +Before creating the FPolicy Policy, validate this FPolicy Event was created. + +### Validate FPolicy Event Creation + +Run the following command to validate the creation of the FPolicy event: + +``` +fpolicy policy event show ‑event-name StealthAUDITScreening‑instance +``` + +Verify that the output is displayed as follows: + +![validatefpolciyeventcreation](/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolciyeventcreation.webp) + +Relevant NetApp Documentation: To learn more about creating an event, please visit the NetApp +website and read the +[vserver fpolicy policy event create](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/policy/event/create.html) +article. + +## Create Empty FPolicy Policy + +The FPolicy policy associates the other three FPolicy components and allows for the designation of a +privileged FPolicy user, or the account granted Security Login. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares. +- The External Engine and FPolicy Event used in this command must be the External Engine and the + FPolicy Event created for this purpose. See the + [Create External Engine for Empty FPolicy](#create-external-engine-for-empty-fpolicy) and + [Create FPolicy Event for Empty FPolicy](#create-fpolicy-event-for-empty-fpolicy) sections for + additional information. +- The following values are required: + + - `privileged-user-name` must be the account granted Security Login. See the + [Create Security Login for FSAA Scans](#create-security-login-for-fsaa-scans) topic for + additional information. + - `policy-name StealthAUDIT` + +**CAUTION:** Cluster-Mode is case sensitive. + +Use the following command to create the FPolicy policy: + +``` +vserver fpolicy policy create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑events StealthAUDITScreening ‑engine StealthAUDITEngine ‑is-mandatory false ‑allow-privileged-access yes ‑privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create ‑vserver testserver ‑policy-name StealthAUDIT ‑events StealthAUDITScreening ‑engine StealthAUDITEngine ‑is-mandatory false ‑allow-privileged-access yes ‑privileged-user-name example\user1 +``` + +Before creating the FPolicy Scope, validate this FPolicy Policy was created. + +### Validate FPolicy Policy Creation + +Run the following command to validate the creation of the FPolicy policy: + +``` +fpolicy policy show ‑instance +``` + +![validatefpolicypolicycreation](/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolicypolicycreation.webp) + +Relevant NetApp Documentation: To learn more about creating a policy, please visit the NetApp +website and read the +[vserver fpolicy policy create](https://library.netapp.com/ecmdocs/ECMP1366832/html/vserver/fpolicy/policy/create.html) +article. + +## Create Empty FPolicy Scope + +The FPolicy scope creates the filters necessary to perform scans on specific shares or volumes. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS shares. +- It is not necessary to specify both volumes and shares. One or the other is sufficient. + +Use the following command to create the FPolicy scope by volume(s): + +``` +vserver fpolicy policy scope create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑volumes-to-include +``` + +Example: + +``` +vserver fpolicy policy scope create ‑vserver testserver ‑policy-name StealthAUDIT ‑volumes-to-include +``` + +Use the following command to create the FPolicy scope by share(s): + +``` +vserver fpolicy policy scope create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑shares-to-include +``` + +Example: + +``` +vserver fpolicy policy scope create ‑vserver testserver ‑policy-name StealthAUDIT ‑shares-to-include +``` + +Before enabling the FPolicy, validate this FPolicy Scope was created. + +### Validate FPolicy Scope Creation + +Run the following command to validate the FPolicy scope creation: + +``` +fpolicy policy scope show ‑instance +``` + +![validatefpolicyscopecreation](/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolicyscopecreation.webp) + +Relevant NetApp Documentation: To learn more about creating scope, please visit the NetApp website +and read the +[vserver fpolicy policy scope create](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/policy/scope/create.html) +article. + +## Enable the Empty FPolicy + +Once the empty FPolicy has been created, it must be enabled. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares. + +Use the following command to enable the FPolicy: + +``` +vserver fpolicy enable ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑sequence-number [INTEGER] +``` + +Example: + +``` +vserver fpolicy enable ‑vserver testserver ‑policy-name StealthAUDIT ‑sequence-number 10 +``` + +Validate this FPolicy was enabled. + +### Validate FPolicy Enabled + +Run the following command to validate the FPolicy scope creation: + +``` +vserver fpolicy show +``` + +![validatefpolicyenabled](/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolicyenabled.webp) + +Relevant NetApp Documentation: To learn more about enabling a policy, please visit the NetApp +website and read the +[vserver fpolicy enable](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/enable.html) +article. diff --git a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-firewall.md b/docs/accessanalyzer/12.0/config/netappcmode/configurefirewall.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-firewall.md rename to docs/accessanalyzer/12.0/config/netappcmode/configurefirewall.md diff --git a/docs/accessanalyzer/12.0/config/netappcmode/configurefpolicy.md b/docs/accessanalyzer/12.0/config/netappcmode/configurefpolicy.md new file mode 100644 index 0000000000..16f8a203d9 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netappcmode/configurefpolicy.md @@ -0,0 +1,912 @@ +# Configure FPolicy + +Activity Monitor relies on the NetApp FPolicy framework for monitoring of file access events on +Storage Virtual Machines (SVM). FPolicy needs to be configured for each SVM. + +There are two ways to configure FPolicy: + +- Activity Monitor agent can facilitate the + [Automatic Configuration of FPolicy](#automatic-configuration-of-fpolicy) for the monitored SVM + using the ONTAP API. This mode is simple, but does not allow you to exclude certain volumes or + shares of the SVM from being monitored. It also requires additional permissions to create and + modify FPolicy. +- Another option is to [Manually Configure FPolicy](#manually-configure-fpolicy) for each SVM. This + mode allows you to fine tune FPolicy by excluding certain volumes or shares from being monitored. + It also reduces product permissions. + +Regardless of the chosen approach for FPolicy configuration, one also needs to perform extra steps +if the FPolicy communication has to be secured with TLS. + +## TLS Authentication Options + +There are two TLS FPolicy Authentication options that can be used: + +- TLS, server authentication – Server only authentication + + - A certificate (Server Certificate) for the Agent server needs to be generated and copied to a + PEM file. The Server Certificate PEM file needs to be saved locally on the Activity Monitor + Console server. + - For manual FPolicy configuration, the Server Certificate needs to be installed on the SVM, and + then server-authentication set. + - For automatic FPolicy configuration, the Activity Monitor manages installation of the Server + Certificate. + +- TLS, mutual authentication – Mutual authentication + + - A certificate (Server Certificate) for the Agent server needs to be generated and copied to a + PEM file. The Server Certificate PEM file needs to be saved locally on the Activity Monitor + Console server. + - A certificate (Client Certificate) for the SVM needs to be copied to a PEM file and saved + locally on the Activity Monitor Console server. + - For manual FPolicy configuration, the Server Certificate needs to be installed on the SVM and + then mutual-authentication set. + - For automatic FPolicy configuration, mutual-authentication set before the configuration + process. The Activity Monitor manages installation of both certificates. + +### Generate Server Certificate + +A certificate (Server Certificate) for the Agent server needs to be generated and copied to a PEM +file. This is required for both of the TLS authentication options. + +The PEM file must contain both Public Key and Private Key parts. A certificate may be self-signed or +issued by a certification authority. Below are the steps for generation of a self-signed certificate +using OpenSSL toolkit. + +Use the following command on the agent server to create the Server Certificate and copy it to a .pem +file: + +``` +openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=[ACTIVITY_AGENT_SERVER_NAME]"  +copy cert.pem+key.pem [CERTIFICATE_FILE_NAME.pem] +del cert.pem key.pem .rnd +``` + +Example: + +``` +openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=testagentserver"  +copy cert.pem+key.pem agentkey.pem +del cert.pem key.pem .rnd +``` + +In this example ` agentkey.pem` would be used as the Server Certificate. Save the Server Certificate +locally on the Activity Monitor Console server. + +### Create PEM File for Client Certificate + +A certificate (Client Certificate) for the SVM needs to be copied to a PEM file. This is required +for the TLS, mutual authentication option. Follow the steps to create the PEM file for the Client +Certificate. + +**Step 1 –** On the SVM , use the following command to show the security certificate details: + +``` +security certificate show -vserver [SVM_NAME] -type server instance +``` + +Example: + +``` +security certificate show -vserver testserver -type server instance +``` + +**Step 2 –** Copy the security certificate details into a text file and copy the public key to a PEM +file. The following variables from security details will be needed to set mutual-authentication +during Part 6 of manual configuration and prior to automatic configuration: + +- SVM +- Common Name +- Certificate Serial +- Public Key Certificate + +**Step 3 –** Copy the value of Public Key Certificate field to a PEM file. The value spans multiple +lines, starts with "`----BEGIN CERTIFICATE-----`" and ends with "`-----END CERTIFICATE-----`". + +The Client Certificate PEM file has been created. + +## Persistent Store + +For ONTAP 9.15.1 and later, enabling the Persistent Store feature is recommended regardless of the +chosen FPolicy configuration approach. The Persistent Store provides resilience and predictable +latency in scenarios such as network delays or bursts of activity events. The feature uses a +dedicated volume for each SVM as a staging buffer before events are sent to the agent. + +Persistent Store requires the following parameters: + +- Volume name – If the volume does not exist, it will be created automatically (recommended). +- Initial volume size – Specifies the starting size of the volume. +- Autosize mode – Options include Off, Grow, or Grow/Shrink. + +The size depends on the time duration for which you want to persist the events and the rate of +events. For example, if you want 30 minutes of events to persist in an SVM with a capacity of 5000 +events per second and the average event record size of 0.6 KB, the required volume size is +`5000 * 30 * 60 * 0.6 KB = 5400000 KB ≈ 5 GB`. + +**NOTE:** To find the approximate event rate, use the FPolicy counter `requests_dispatched_rate`. + +**NOTE:** For the Persistent Store to automatically create a volume, the SVM must have at least one +local tier (aggregate) assigned. + +To check that the SVM has assigned local tiers, use the following command: + +vserver show -vserver [SVM_NAME] -fields aggr-list + +The command shows currently local tiers. If no tiers are assigned, "-" is displayed. + +To assign local tiers to the SVM use the following command: + +vserver add-aggregates -vserver [SVM_NAME] -aggregates [AGGREGATE_LIST] + +Example: + +vserver add-aggregates -vserver testserver -aggregates aggr1,aggr2 + +**NOTE:** This command is available to cluster administrators at the admin privilege level. + +It is recommended to allow the volume to be created automatically. In this case, the FPolicy +subsystem manages the volume, maintains the directory structure, and protects it from accidental +deletion by marking it as not mountable. + +If you choose to create the volume manually, ensure the following: + +- The volume is not mounted and has no junction point. +- The snapshot policy for the volume is set to none. + +For additional and up-to-date recommendations on volumes for the Persistent Store, refer to the +NetApp documentation. + +## Manually Configure FPolicy + +This section describes how to manually configure FPolicy. Manual configuration of the FPolicy is +recommended if the policy needs to be scoped to monitor select volumes or shares. It is necessary to +create several FPolicy components and then enable the FPolicy. See the sections corresponding to +each part of this list: + +- Part 1: Install Server Certificate on the SVM (only if using TLS authentication) + + - This is only needed if using either of the TLS, … authentication options. + +- Part 2: Create External Engine + + - The External Engine defines how FPolicy makes and manages connections to external FPolicy + servers like Activity Monitor Agent. + +- Part 3: Create FPolicy Events + + - An FPolicy event defines which protocol(s) to monitor and which file access events to monitor. + +- Part 4: Create Persistent Store (only if Persistent Store is used. RECOMMENDED) + + - A Persistent Store is used as a temporary on-disk storage before the events are sent to + Activity Monitor Agent. + +- Part 5: Create FPolicy Policy + + - The FPolicy policy associates the other three FPolicy components and allows for the + designation of a privileged FPolicy user + - If running the Access Auditing (FSAA), Activity Auditing (FSAC), and/or Sensitive Data + Discovery Auditing scans, then this is the user account credential to be added to the Access + Analyzer Connection Profile. + +- Part 6: Create FPolicy Scope + + - The FPolicy scope creates the filters necessary to perform scans on specific shares or + volumes. + +- Part 7: Set TLS Authentication (optional) + + - This is only needed if using either of the TLS authentication options. + +- Part 8: Enable the FPolicy + + - Once the FPolicy is enabled, the Activity Monitor Agent can be configured to monitor the SVM. + +- Part 9: Connect FPolicy Server / Agent to Cluster Node (optional) + + - This is only needed if there is an issue with connection to the Cluster node or for + troubleshooting a disconnection issue. + +### Part 1: Install Server Certificate on the SVM + +If using the TLS authentication options, it is necessary to install the Server Certificate on the +SVM. + +Use the following command to install the Server Certificate: + +``` +security certificate install type client-ca -vserver [SVM_NAME] +``` + +Example: + +``` +security certificate install type client-ca -vserver testserver +``` + +The command will ask you to provide a public certificate. Copy the public key from the Server +Certificate PEM file, i.e. the block starting with "`-----BEGIN CERTIFICATE-----`" and ending with +"`-----END CERTIFICATE-----`". Paste the block to the terminal window. + +#### Validate Part 1: Server Certificate Install + +Run the following command to validate the Server Certificate is installed: + +``` +security certificate show -vserver [SVM_NAME] -commonname [ACTIVITY_AGENT_SERVER_NAME] -type client-ca instance +``` + +Example: + +``` +security certificate show -vserver testserver -commonname testagentserver -type client-ca instance +``` + +### Part 2: Create External Engine + +The External Engine defines how FPolicy makes and manages connections to external FPolicy servers. + +IMPORTANT: + +- The `-primary-servers` must be the server or servers hosting the Activity Monitor Agent. +- If intending to use the Activity Monitor with Access Analyzer, then the primary server must also + be the proxy server from which the Access Analyzer Access Auditing (FSAC) scans are running, e.g. + the Access Analyzer Console server for local mode or the proxy server if running in any of the + proxy mode options. +- The following values are required: + + - `engine-name StealthAUDITEngine`, the names of the external engine object can be customized + (see below). + - `port 9999`, Port number can be customized, but it is recommended to use 9999. + - `extern-engine-type asynchronous` + - `ssl-option no-auth` + - `send-buffer-size 6291456`, for ONTAP 9.10+ use `send-buffer-size 8388608` + +**CAUTION:** All parameters are case sensitive. + +Use the following command to create the external engine: + +``` +set -privilege advanced +vserver fpolicy policy external-engine create -vserver [SVM_NAME] -engine-name StealthAUDITEngine -primary-servers [IP_ADDRESS,…] -port 9999 -extern-engine-type asynchronous -ssl-option no-auth -send-buffer-size 6291456 +``` + +Example: + +``` +set -privilege advanced +vserver fpolicy policy external-engine create -vserver testserver -engine-name StealthAUDITEngine -primary-servers 192.168.30.15 -port 9999 -extern-engine-type asynchronous -ssl-option no-auth -send-buffer-size 6291456 +``` + +#### Validate Part 2: External Engine Creation + +Run the following command to validate the creation of the external engine: + +``` +fpolicy policy external-engine show -vserver [SVM_NAME] -engine-name StealthAUDITEngine -instance +``` + +Verify that the output is displayed as follows: + +``` +Ontap915::> fpolicy policy external-engine show -vserver svm0 -engine-name StealthAUDITEngine -instance +  (vserver fpolicy policy external-engine show) +                                Vserver: svm0 +                                 Engine: StealthAUDITEngine +                Primary FPolicy Servers: 192.168.11.35 +         Port Number of FPolicy Service: 9999 +              Secondary FPolicy Servers: - +                   External Engine Type: asynchronous +  SSL Option for External Communication: no-auth +             FQDN or Custom Common Name: - +           Serial Number of Certificate: - +                  Certificate Authority: - +          Is Resiliency Feature Enabled: false +Maximum Notification Retention Duration: 3m +     Directory for Notification Storage: - +                 External Engine Format: xml +``` + +Relevant NetApp Documentation: To learn more about creating an external engine, please visit the +NetApp website and read the +[vserver fpolicy policy external-engine create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-external-engine-create.html) +article. + +### Part 3: Create FPolicy Event + +An event defines which protocol to monitor and which file access events to monitor. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. +- Access Analyzer and the Activity Monitor are capable of monitoring both NFS and CIFS. However, it + is necessary to create separate events for each protocol. +- The following values are required: + + - `event-name` + + - For CIFS shares – ` StealthAUDITScreeningCifs` for successful events; + `StealthAUDITScreeningFailedCifs` for failed events. + - For NFS shares – `StealthAUDITScreeningNfsV3, StealthAUDITScreeningNfsV4` for successful + events; `StealthAUDITScreeningFailedNfsV3, StealthAUDITScreeningFailedNfsV4` for failed + events. + The names of the event objects can be customized (see + [Customization of FPolicy Object Names](#customization-of-fpolicy-object-names)). + + - `volume-operation true` + - `protocol` – one of the following `cifs`, `nfsv3`, `nfsv4` + - `monitor-fileop-failure` – `true `or `false`, indicates whether failed file operations are + reported. + +- Limiting the file operations to be monitored is an excellent way to limit the performance impact + the FPolicy will have on the NetApp device. The file operations from which to choose are below + with additional filter options: + + - `create` – File create operations + - `create_dir` – Directory create operations + - `close` – File close operations + + - Enable this operation for NFSv4 to capture all read operations + + - `delete` – File delete operations + - `delete_dir` – Directory delete operations + - `link` – Link operations + - `open` – File open operations for CIFS protocol + + - `open-with-delete-intent` – Limits notification to only when an attempt is made to open a + file with the intent to delete it, according to the `FILE_DELETE_ON_CLOSE` flag + specification + + **NOTE:** File open operations are only supported with the `open-with-delete-intent` + filter applied. + + - `read` – File read operations + + - `first-read` – Limits notification to only first read operations for CIFS protocol. For + ONTAP 9.2+, this filter can be used for both CIFS and NFS protocols. + + - `rename`– File rename operations + - `rename_dir`– Directory rename operations + - `setattr` – Set attribute operations and permission changes. The following filters are + available for ONTAP 9.0+ to limit events to permission changes only: + + - CIFS: + + - `setattr-with-owner-change` + - `setattr-with-group-change` + - `setattr-with-sacl-change` + - `setattr-with-dacl-change` + + - NFSv3: + + - `setattr-with-owner-change` + - `setattr-with-group-change` + - `setattr-with-mode-change` + + - NFSv4: + + - `setattr-with-owner-change` + - `setattr-with-group-change` + - `setattr-with-mode-change` + - `setattr-with-sacl-change` + - `setattr-with-dacl-change` + + - `symlink` – Symbolic link operations + - `write` – File write operations + + - `first-write` – Limits notification to only first write operations for CIFS protocol. For + ONTAP 9.2+, this filter can be used for both CIFS and NFS protocols. + +- For failed/denied events, the list of supported file operations is limited to the following + values: + + - CIFS: `open` + - NFSv3: + `create, create_dir, read, write, delete, delete_dir, rename, rename_dir, setattr, link` + - NFSv4: + `open, create, create_dir, read, write, delete, delete_dir, rename, rename_dir, setattr, link` + +**CAUTION:** All parameters are case sensitive. + +Use the following command to create the FPolicy event for CIFS protocols: + +``` +vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningCifs -volume-operation true -protocol cifs -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] +``` + +Example: + +``` +vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningCifs -volume-operation true -protocol cifs -file-operations create,create_dir,delete,delete_dir,open,read,write,rename,rename_dir,setattr -filters first-read,first-write,open-with-delete-intent,setattr-with-owner-change,setattr-with-group-change,setattr-with-sacl-change,setattr-with-dacl-change +``` + +Use the following command to create the FPolicy event for NFSv3 protocols: + +``` +vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningNfsV3 -volume-operation true -protocol nfsv3 -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] +``` + +Example: + +``` +vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningNfsV3 -volume-operation true -protocol nfsv3 -file-operations create,create_dir,delete,delete_dir,read,write,rename,rename_dir,setattr,link,symlink -filters first-read,first-write,setattr-with-owner-change,setattr-with-group-change,setattr-with-mode-change +``` + +Use the following command to create the FPolicy event for NFSv4 protocols: + +``` +vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningNfsV4 -volume-operation true -protocol nfsv4 -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] +``` + +Example: + +``` +vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningNfsV4 -volume-operation true -protocol nfsv4 -file-operations create,create_dir,delete,delete_dir,read,write,rename,rename_dir,setattr,link,symlink,close -filters setattr-with-group-change,setattr-with-mode-change,setattr-with-sacl-change,setattr-with-dacl-change +``` + +#### Validate Part 3: FPolicy Event Creation + +Run the following command to validate the creation of the FPolicy event: + +``` +fpolicy policy event show -vserver [SVM_NAME] -event-name [StealthAUDITScreeningCifs or StealthAUDITScreeningNfsV3 or StealthAUDITScreeningNfsV4 or ...] -instance +``` + +Example: + +``` +fpolicy policy event show -vserver [SVM_NAME] -event-name StealthAUDITScreeningCifs -instance +``` + +Verify that the output is displayed as follows: + +``` +Ontap915::> fpolicy policy event show -vserver svm0 -event-name StealthAUDITScreeningCifs +  (vserver fpolicy policy event show) +                                 Vserver: svm0 +                                   Event: StealthAUDITScreeningCifs +                                Protocol: cifs +                         File Operations: create, create_dir, delete, +                                          delete_dir, open, read, write, +                                          rename, rename_dir, setattr +                                 Filters: first-read, first-write, +                                          open-with-delete-intent, +                                          setattr-with-owner-change, +                                          setattr-with-group-change, +                                          setattr-with-sacl-change, +                                          setattr-with-dacl-change, +                                          setattr-with-mode-change +     Send Volume Operation Notifications: true +Send Failed File Operation Notifications: false +``` + +Relevant NetApp Documentation: To learn more about creating an event, please visit the NetApp +website and read the +[vserver fpolicy policy event create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-event-create.html) +article. + +### Part 4: Create Persistent Store + +The Persistent Store provides a temporary on-disk storage for activity events before they are sent +to Activity Monitor Agent. The Persistent Store is optional but recommended for ONTAP 9.15.1 and +later versions. + +IMPORTANT: + +- Persistent Store is supported for ONTAP 9.15.1 and later versions. +- The SVM used must be the one hosting the CIFS or NFS shares to be monitored. +- There is no need to use an existing volume. A new volume will be created automatically and managed + by the FPolicy subsystem. +- The volume size depends on the duration for which the events persist and the event rate. For + example, if you want 30 minutes of events to persist in an SVM with a capacity of 5000 + events/second and the average event record size of 0.6 KB, the required volume size is + `5000 * 30 * 60 * 0.6 KB = 5400000 KB ≈ 5 GB`. +- For the Persistent Store to create a volume automatically, at least one local tier (aggregate) + must be assigned to the SVM. Use `vserver add-aggregates` to assign local tiers. + + The following values are required: + + - `vserver` – The name of the SVM where you want to create the Persistent Store. + - `persistent-store` – The name of the Persistent Store object. + + - The default name is `StealthAUDITPersistentStore`. + The names of the event objects can be customized (see + [Customization of FPolicy Object Names](#customization-of-fpolicy-object-names)). + + - `volume` – The name of the volume used for event storage. + + - If the volume does not exist, it will be automatically created on an assigned local tier. + This is recommended. + + - `size` – The initial size of the volume. The format is `[KB|MB|GB]`. + + The following values are optional: + + - `autosize-mode` – Specifies the auto size behavior for the volume. Options include `off` + (default), `grow`, or `grow_shrink`. + +**CAUTION:** All parameters are case sensitive. + +Use the following command to create the Persistent Store: + +vserver fpolicy persistent-store create -vserver [SVM_NAME] -persistent-store [STORE_NAME] -volume +[VOLUME_NAME] -size [SIZE] -autosize-mode [AUTOSIZE] + +Example: + +vserver fpolicy persistent-store create -vserver testserver -persistent-store +StealthAUDITPersistentStore -volume testserver_ps_vol -size 5GB -autosize-mode grow_shrink + +#### Validate Part 4: Create Persistent Store + +Run the following command to validate the creation of the Persistent Store: + +vserver fpolicy persistent-store show -vserver [SVM_NAME] -persistent-store +StealthAUDITPersistentStore -instance + +Ensure that the output is displayed as follows: + +cluster1::> vserver fpolicy persistent-store show -vserver testserver -persistent-store +StealthAUDITPersistentStore -instance + Vserver: testserver + Persistent Store Name: StealthAUDITPersistentStore + Volume name of the Persistent store: testserver_ps_vol + Size of the Persistent Store: 5GB + Autosize Mode for the Volume: grow_shrink + +Visit the NetApp website and see the +[vserver fpolicy persistent store create](https://docs.netapp.com/us-en/ontap-cli/vserver-fpolicy-persistent-store-create.html) +article for additional information about creating a Persistent Store. + +### Part 5: Create FPolicy Policy + +The FPolicy policy associates the other three FPolicy components and allows for the designation of a +privileged FPolicy user, or the provisioned FPolicy account. If running the Access Auditing (FSAA), +Activity Auditing (FSAC), and/or Sensitive Data Discovery Auditing scans in Access Analyzer, then +this is also the user account credential to be added to the Access Analyzer Connection Profile. + +IMPORTANT: + +- To monitor both CIFS and NFS protocols, two FPolicy Event were created. Multiple events can be + included in the FPolicy policy. +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. +- The External Engine, FPolicy Event, Persistent Store used in this command must be configuration + objects created in the preceding steps. + + The following values are required: + + - `vserver` – The name of SVM. + - `policy-name StealthAUDIT` – The name of the policy object can be customized (see + [Customization of FPolicy Object Names](#customization-of-fpolicy-object-names)). + - `engine` – The name of the External Engine created in + [Part 2: Create External Engine](#part-2-create-external-engine). + - `events` – A list of FPolicy Event objects created in + [Part 3: Create FPolicy Event](#part-3-create-fpolicy-event). + - `persistent-store` – The name of the Persistent Store created in + [Part 4: Create Persistent Store](#part-4-create-persistent-store). Required only if the + Persistent Store is used. + + The following values are required for Access Analyzer integration: + + - `privileged-user-name` – Must be a provisioned FPolicy account. + - `allow-privileged-access` – Set to yes. + +**CAUTION:** All parameters are case sensitive. + +Use the following command to create the FPolicy policy to monitor both CIFS and NFS protocols: + +``` +vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningCifs,StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningCifs,StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 +``` + +Use the following command to create the FPolicy policy to monitor only CIFS protocols: + +``` +vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningCifs -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningCifs -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 +``` + +Use the following command to create the FPolicy policy to monitor only NFS protocols: + +``` +vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 +``` + +#### Validate Part 5: FPolicy Policy Creation + +Run the following command to validate the creation of the FPolicy policy: + +``` +fpolicy policy show -vserver [SVM_NAME] -policy-name StealthAUDIT -instance +``` + +``` +Ontap915::> fpolicy policy show -instance +  (vserver fpolicy policy show) +                        Vserver: svm0 +                         Policy: StealthAUDIT +              Events to Monitor: StealthAUDITScreeningCifs, +                                 StealthAUDITScreeningFailedCifs, +                                 StealthAUDITScreeningNfsV3, +                                 StealthAUDITScreeningFailedNfsV3, +                                 StealthAUDITScreeningNfsV4, +                                 StealthAUDITScreeningFailedNfsV4 +                 FPolicy Engine: StealthAUDITEngine +Is Mandatory Screening Required: false +        Allow Privileged Access: no +User Name for Privileged Access: - +    Is Passthrough Read Enabled: false +          Persistent Store Name: - +``` + +Relevant NetApp Documentation: To learn more about creating a policy, please visit the NetApp +website and read the +[vserver fpolicy policy create](https://docs.netapp.com/us-en/ontap-cli/vserver-fpolicy-policy-create.html) +article. + +### Part 6: Create FPolicy Scope + +The FPolicy scope creates the filters necessary to perform scans on specific shares or volumes. It +is possible to set the scope to monitor all volumes or all shares by replacing the volume/share name +variable [SVM_NAME] in the command with an asterisk (\*). + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. +- It is not necessary to specify both volumes and shares. One or the other is sufficient. +- If you want to monitor everything, set the "`volumes-to-include`" value to "`*`". + +Use the following command to create the FPolicy scope by specifying volume(s): + +``` +vserver fpolicy policy scope create -vserver [SVM_NAME] -policy-name StealthAUDIT -volumes-to-include [VOLUME_NAME],[VOLUME_NAME] +``` + +Example: + +``` +vserver fpolicy policy scope create -vserver testserver -policy-name StealthAUDIT -volumes-to-include samplevolume1,samplevolume2 +``` + +Use the following command to create the FPolicy scope by specifying share(s): + +``` +vserver fpolicy policy scope create -vserver [SVM_NAME] -policy-name StealthAUDIT -shares-to-include [SHARE_NAME],[SHARE_NAME] +``` + +Example: + +``` +vserver fpolicy policy scope create -vserver testserver -policy-name StealthAUDIT -shares-to-include sampleshare1,sampleshare2 +``` + +#### Validate Part 6: FPolicy Scope Creation + +Run the following command to validate the FPolicy scope creation: + +``` +fpolicy policy scope show -instance +``` + +``` +Ontap915::> fpolicy policy scope show -instance +  (vserver fpolicy policy scope show) +                   Vserver: svm0 +                    Policy: StealthAUDIT +         Shares to Include: * +         Shares to Exclude: - +        Volumes to Include: * +        Volumes to Exclude: - +Export Policies to Include: * +Export Policies to Exclude: - +File Extensions to Include: - +File Extensions to Exclude: - +``` + +Relevant NetApp Documentation: To learn more about creating scope, please visit the NetApp website +and read the +[vserver fpolicy policy scope create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-scope-create.html) +article. + +### Part 7: Set TLS Authentication + +If using the TLS authentication options, it is necessary to set authentication for the type of +authentication. + +#### Set Server-Authentication + +Use the following command to set server-authentication: + +``` +vserver fpolicy policy externalengine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option server-auth +``` + +Example: + +``` +vserver fpolicy policy externalengine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option server-auth +``` + +#### Set Mutual-Authentication + +Use the following command to set mutual-authentication: + +``` +vserver fpolicy policy external-engine modify ‑vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name [COMMON_NAME] -certificate-serial [CERTIFICATE_SERIAL] -certificate-ca [CERTIFICATE_AUTHORITY] +``` + +Example: + +``` +vserver fpolicy policy external-engine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name testserver -certificate-serial 461AC46521B31321330EBBE4321AC51D -certificate-ca "VeriSign Universal Root Certification Authority" +``` + +#### Validate Mutual-Authentication Is Set + +Run the following command to confirm mutual-authentication is set: + +``` +vserver fpolicy policy external-engine show -fields ssl-option +``` + +### Part 8: Enable the FPolicy + +The FPolicy must be enabled before the Activity Monitor Agent can be configured to monitor the SVM. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. + +Use the following command to enable the FPolicy: + +``` +vserver fpolicy enable -vserver [SVM_NAME] -policy-name StealthAUDIT -sequence-number [INTEGER] +``` + +Example: + +``` +vserver fpolicy enable -vserver testserver -policy-name StealthAUDIT -sequence-number 10 +``` + +#### Validate Part 8: FPolicy Enabled + +Run the following command to validate the FPolicy scope creation: + +``` +vserver fpolicy show +``` + +``` +Ontap915::> fpolicy show +    show                             show-enabled +    show-engine                      show-passthrough-read-connection +Ontap915::> fpolicy show +  (vserver fpolicy show) +                                      Sequence +Vserver       Policy Name               Number  Status   Engine +------------- ----------------------- --------  -------- --------- +svm0          StealthAUDIT                  10  on       StealthAU +                                                         DITEngine +``` + +Relevant NetApp Documentation: To learn more about enabling a policy, please visit the NetApp +website and read the +[vserver fpolicy enable](https://docs.netapp.com/us-en/ontap-cli-9121//vserver-fpolicy-enable.html) +article. + +### Part 9: Connect FPolicy Server / Agent to Cluster Node + +Manually connecting the FPolicy server (or Agent server) to the Cluster Node is only needed if there +is an issue with connection to the Cluster Node or for troubleshooting a disconnection issue. + +Use the following command to connect the `StealthAUDITEngine` that belongs to the `StealthAUDIT` +policy to all Cluster Nodes: + +``` +policy engine-connect -vserver [SVM_NAME] -policy-name StealthAUDIT -node * +``` + +Example: + +``` +policy engine-connect -vserver testserver -policy-name StealthAUDIT -node * +``` + +#### Validate Part 9: Connection to Cluster Node + +Run the following command to validate connection to the Cluster Node: + +``` +fpolicy show-engine -vserver [SVM_NAME] -policy-name StealthAUDIT -node * +``` + +``` +Ontap915::> fpolicy show-engine -vserver svm0 -policy-name StealthAUDIT -node * +  (vserver fpolicy show-engine) +                                   FPolicy           Server         Server +Vserver Policy Name   Node         Server            Status         Type +------- ------------- ------------ ----------------- -------------- ----------- +svm0    StealthAUDIT  Ontap915-01  192.168.11.35     disconnected   primary +``` + +## Automatic Configuration of FPolicy + +The Activity Monitor can automatically configure FPolicy on the targeted SVM. The FPolicy created +will monitor file system activity from all volumes and shares of the SVM. This feature can be +enabled using the **Configure FPolicy. Create or modify FPolicy objects if needed** checkbox on the +FPolicy page in the monitored host's properties in the Activity Monitor. + +Starting ONTAP 9.15.1 and later versions, it is recommended to enable the Persistent Store feature +that stores events on disk before they are sent to the Activity Monitor Agent. This reduces +client-side latency and increases resilience during network delays or bursts of activity. To enable +the Persistent Store, specify a volume name and size on the Persistent Store tab of the FPolicy page +in the monitored host properties. The volume will be automatically created if it does not already +exist. See the [Persistent Store](#persistent-store) topic for additional information on the +recommended volume size. + +If using the TLS, mutual authentication option, you will need to create the PEM file for the Client +Certification, which is needed during the monitored host configuration in the Activity Monitor. It +will also be necessary to set mutual authentication on the SVM. + +### Set TLS Mutual-Authentication + +If using the TLS, mutual authentication options, it is necessary to set authentication. + +Use the following command to set mutual-authentication: + +``` +vserver fpolicy policy external-engine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name [COMMON_NAME] -certificate-serial [CERTIFICATE_SERIAL] -certificate-ca [CERTIFICATE_AUTHORITY] +``` + +Example: + +``` +vserver fpolicy policy external-engine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name testserver -certificate-serial 461AC46521B31321330EBBE4321AC51D -certificate-ca "VeriSign Universal Root Certification Authority" +``` + +#### Validate: Mutual-Authentication + +Run the following command to confirm mutual-authentication is set: + +``` +vserver fpolicy policy external-engine show -fields ssl-option +``` + +## Customization of FPolicy Object Names + +Activity Monitor uses the following FPolicy object names by default: + +- Policy name – `StealthAUDIT` +- External Engine name – `StealthAUDITEngine` +- CIFS Event name – `StealthAUDITScreeningCifs` +- NFS v3 Event name – `StealthAUDITScreeningNfsV3` +- NFS v4 Event name – `StealthAUDITScreeningNfsV4` +- Failed CIFS Event name – `StealthAUDITScreeningFailedCifs` +- Failed NFS v3 Event name – `StealthAUDITScreeningFailedNfsV3` +- Failed NFS v4 Event name – `StealthAUDITScreeningFailedNfsV4` +- Persistent Store name – `StealthAUDITPersistentStore` + +These names can be customized in the monitored host's settings in the Activity Monitor. It can be +useful in two scenarios: + +- You want the names to match the company policies; +- You want to configure FPolicy manually using your custom names, but also want to leverage the + "Enable and Connect FPolicy" feature of the Activity Monitor, so that the product ensures that + FPolicy stays enabled and connected at all times. diff --git a/docs/accessanalyzer/12.0/config/netappcmode/overview.md b/docs/accessanalyzer/12.0/config/netappcmode/overview.md new file mode 100644 index 0000000000..39eb2beb52 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netappcmode/overview.md @@ -0,0 +1,156 @@ +# NetApp Data ONTAP Cluster-Mode Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or +Sensitive Data Discovery Auditing scans on NetApp Data ONTAP Cluster-Mode devices. The Netwrix +Activity Monitor can be configured to monitor activity on NetApp Data ONTAP Cluster-Mode devices and +make the event data available for Access Analyzer Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Access Analyzer scans must have the following permissions on the target +host: + +- For CIFS access: + + - Method 1 – Use FPolicy & ONTAP API + + - Enumerate shares by executing specific NetApp API calls + - Bypass NTFS security to read the entire folder structure to be scanned and collect + file/folder permissions + + - Method 2 – Use the c$ Share + + - Enumerate shares with standard Windows file sharing APIs. + - Bypass NTFS security to read the entire folder structure to be scanned and collect + file/folder permissions + +- For NFSv3 access: + + - IP Address of scanning server in the export policy for each volume + +These permissions grant the credential the ability to enumerate shares, access the remote registry, +and bypass NTFS security on folders. The credential used within the assigned Connection Profile for +these target hosts requires these permissions. See the +[NetApp Data ONTAP Cluster-Mode Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/netappcmode/access.md) topic for +instructions. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of NetApp Data ONTAP Cluser-Mode Device + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +NetApp Data ONTAP Cluster-Mode Device Requirements + +An FPolicy must be configured on the target device for Activity Auditing (FSAC) scans. A tailored +FPolicy is recommended as it decreases the impact on the NetApp device. The credential associated +with the FPolicy used to monitor activity must be provisioned with access to (at minimum) the +following CLI commands, according to the level of collection desired: + +- Collect Activity Events (Least Privilege) + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + +- Employ the “Enable and connect FPolicy” Option (Less Privilege) + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + - `vserver fpolicy disable` – All access + - `vserver fpolicy enable` – All access + - `vserver fpolicy engine-connect` – All access + - `network interface` – Readonly access + +- Employ the “Configure FPolicy Option (Automatic Configuration of FPolicy) + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + - `vserver fpolicy` – All access + - `network interface` – Readonly access + +- If FPolicy uses a TLS connection, the following CLI command is also needed: + + - `security certificate install` – All access + +- StealthAUDIT Integration requires the addition of the following CLI command: + + - `security login role show-ontapi` – Readonly access + +See the [NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/netappcmode/activity.md) topic for +instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for NetApp Data ONTAP Cluster-Mode Device + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target NetApp Data ONTAP Cluster-Mode device: + +| Communication Direction | Protocol | Ports | Description | +| --------------------------------- | ---------------- | ----- | -------------- | +| Activity Agent Server to NetApp\* | HTTP (optional) | 80 | ONTAPI | +| Activity Agent Server to NetApp\* | HTTPS (optional) | 443 | ONTAPI | +| NetApp to Activity Agent Server | TCP | 9999 | FPolicy events | + +\*Only required if using the FPolicy Configuration and FPolicy Enable and Connect options in +Activity Monitor. + +**NOTE:** If either HTTP or HTTPS are not enabled, the FPolicy on the NetApp Data ONTAP 7-Mode +device must be configured manually. Also, the External Engine will not reconnect automatically in +the case of a server reboot or service restart. + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/config/netappcmode/provisionactivity.md b/docs/accessanalyzer/12.0/config/netappcmode/provisionactivity.md new file mode 100644 index 0000000000..48b473c27f --- /dev/null +++ b/docs/accessanalyzer/12.0/config/netappcmode/provisionactivity.md @@ -0,0 +1,368 @@ +# Provision ONTAP Account + +This topic describes the steps needed to create a user account with the privileges required to +connect the Activity Monitor Agent to ONTAP API and to execute the API calls required for activity +monitoring and configuration. + +Provisioning this account is a two part process: + +- Part 1: Create Security Role +- Part 2: Create Security Login + +## Part 1: Create Security Role + +This section provides instructions for creating an access-control role. An access-control role +consists of a role name and a set of commands or API endpoints to which the role has access. It also +includes an access level (none, read-only, or all) and a query that applies to the specified command +or API endpoint. + +The permissions needed depends on the functionality level: + +- Least Privileged: ONLY Collect Events – This is the minimal functionality level. A user manually + configures FPolicy and ensures that it stays enabled and connected. The product only collects + events. This functionality level is not recommended as it requires an additional solution that + tracks the state of FPolicy and fixes the problem should ONTAP disconnect or should the policy + become disabled. +- **_RECOMMENDED:_** Less Privileged: Enable/Connect Policy & Collect Events – With this level, the + user still performs the initial FPolicy configuration manually. The product tracks the state of + FPolicy with periodic checks to ensure it stays enabled and connected all the time. +- **_RECOMMENDED:_** Automatically Configure the FPolicy – With this full-blown level, no manual + configuration is needed. The product performs the initial FPolicy configuration; updates FPolicy + to reflect configuration changes; ensures that FPolicy stays enabled and connected all the time. + +No matter which set of permissions you provision, validate the configuration before continuing to +Part 2. See the +[Validate Part 1: Security Role Configuration](#validate-part-1-security-role-configuration) topic +for additional information. + +If the FPolicy is to be used for both the Activity Monitor and Access Analyzer, the account also +needs to be provisioned with an additional permission. See the +[Access Analyzer Integration](#access-analyzer-integration) topic for additional information. + +The commands to create a role and names of permissions depend on the ONTAP API used. The product +supports both the classic ONTAPI/ZAPI and the new REST API. For ONTAPI/ZAPI you need to use +`security login role create` command to create a RBAC access control role. The required commands are +listed in the `cmddirname` parameter. For REST API, use `security login rest-role create` command to +create a REST access control role. The required API endpoint is specified in the `api` parameter. +The following sections provide instructions for both API modes. + +### Least Privileged: ONLY Collect Events + +If the desire is for a least privileged model, the Activity Monitor requires the following +permissions to collect events. + +#### ONTAPI/ZAPI + +- `version` – Readonly access +- `volume` – Readonly access +- `vserver` – Readonly access + +Use the following commands to provision read-only access to all required commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME]     +``` + +Example: + +``` +security login role create -role enterpriseauditor -cmddirname "version" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditor -cmddirname "volume" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditor -cmddirname "vserver" -access readonly -query "" -vserver testserver +``` + +#### REST API + +- `/api/cluster` – Readonly access +- `/api/protocols/cifs/services` – Readonly access +- `/api/storage/volumes` – Readonly access +- `/api/svm/svms` – Readonly access + +Use the following commands to provision read-only access to all required API endpoints: + +``` +security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] +``` + +Example: + +``` +security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver +``` + +**NOTE:** If the FPolicy account is configured with these permissions, it is necessary to manually +configure the FPolicy. See the [Configure FPolicy](/docs/accessanalyzer/12.0/config/netappcmode/configurefpolicy.md) topic for additional +information. + +### Less Privileged: Enable/Connect FPolicy & Collect Events + +If the desire is for a less privileged model, the Activity Monitor requires the following +permissions to collect events: + +#### ONTAPI/ZAPI + +- `version` – Readonly access +- `volume` – Readonly access +- `vserver` – Readonly access + + `network interface` – Readonly access + +- `vserver fpolicy disable` – All access +- `vserver fpolicy enable` – All access + + _Remember,_ this permission permits the Activity Monitor to enable the FPolicy. If the “Enable + and connect FPolicy” option is employed but the permission is not provided, the agent will + encounter “Failed to enable policy” errors, but it will still be able to connect to the FPolicy. + Since this permission model requires a manual configuration of the FPolicy, then the need to + manually enable the FPolicy will be met. + +- `vserver fpolicy engine-connect` – All access + +Use the following command to provision access to all required commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "network interface" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy disable" -access all -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy enable" -access all -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy engine-connect" -access all -query "" -vserver [SVM_NAME] +``` + +Example: + +``` +security login role create -role enterpriseauditorrest -cmddirname "version" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "volume" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "network interface" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy disable" -access all -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy enable" -access all -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy engine-connect" -access all -query "" -vserver testserver +``` + +#### REST API + +- `/api/cluster` – Readonly access +- `/api/protocols/cifs/services` – Readonly access +- `/api/storage/volumes` – Readonly access +- `/api/svm/svms` – Readonly access +- `/api/network/ip/interfaces` – Readonly access +- `/api/protocols/fpolicy` – All access + +Use the following commands to provision read-only access to all required API endpoints: + +``` +security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/network/ip/interfaces" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/fpolicy" -access all -vserver [SVM_NAME] +``` + +Example: + +``` +security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/network/ip/interfaces" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/fpolicy" -access all -vserver testserver +``` + +**NOTE:** If the FPolicy account is configured with these permissions, it is necessary to manually +configure the FPolicy. See the [Configure FPolicy](/docs/accessanalyzer/12.0/config/netappcmode/configurefpolicy.md) topic for additional +information. + +### Automatically Configure the FPolicy + +If the desire is for the Activity Monitor to automatically configure the FPolicy, the security role +requires the following permissions: + +#### ONTAPI/ZAPI + +- `version` – Readonly access +- `volume` – Readonly access +- `vserver` – Readonly access + + `network interface` – Readonly access + +- `vserver fpolicy` – All access +- `security certificate install` – All access + + _Remember,_ this permission is only needed for FPolicy TLS connections. + +Use the following command to provision access to all required commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "network interface" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy" -access all -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "security certificate install" -access all -query "" -vserver [SVM_NAME] +``` + +Example: + +``` +security login role create -role enterpriseauditorrest -cmddirname "version" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "volume" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "network interface" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy" -access all -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "security certificate install" -access all -query "" -vserver testserver +``` + +#### REST API + +- `/api/cluster` – Readonly access +- `/api/protocols/cifs/services` – Readonly access +- `/api/storage/volumes` – Readonly access +- `/api/svm/svms` – Readonly access +- `/api/network/ip/interfaces` – Readonly access +- `/api/protocols/fpolicy` – All access +- `/api/security/certificates` – All access + + Remember, this permission is only needed for FPolicy TLS connections. + +Use the following commands to provision access to all required API endpoints: + +``` +security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/network/ip/interfaces" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/fpolicy" -access all -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/security/certificates" -access all -vserver [SVM_NAME] +``` + +Example: + +``` +security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/network/ip/interfaces" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/fpolicy" -access all -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/security/certificates" -access all -vserver testserver +``` + +**NOTE:** If the FPolicy account is configured with these permissions, the Activity Monitor can +automatically configure the FPolicy. See the [Configure FPolicy](/docs/accessanalyzer/12.0/config/netappcmode/configurefpolicy.md) topic for +additional information. + +### Access Analyzer Integration + +If the desire is for FPolicy to be used with both the Activity Monitor and Access Analyzer, then the +following permission is also required: + +- `security login role show-ontapi` – Readonly access + +Use the following command to provision read-only access to security login role show-ontapi commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "security login role show-ontapi" -access readonly -query "" -vserver [SVM_NAME] +``` + +Example: + +``` +security login role create -role enterpriseauditor -cmddirname "security login role show-ontapi" -access readonly -query "" -vserver testserver +``` + +### Validate Part 1: Security Role Configuration + +For ONTAPI, run the following command to validate the RBAC security role configuration: + +``` +security login role show [ROLE_NAME] +``` + +Example: + +``` +security login role show enterpriseauditor +``` + +Relevant NetApp Documentation: For more information about creating RBAC access control roles, read +the +[security login role create](https://docs.netapp.com/us-en/ontap-cli-9141//security-login-role-create.html) +article. + +For REST API, run the following command to validate the REST security role configuration: + +``` +security login rest-role show [ROLE_NAME] +``` + +Example: + +``` +security login rest-role show enterpriseauditorrest +``` + +For more information about creating REST access control roles, read the +[security login rest-role create](https://docs.netapp.com/us-en/ontap-cli-9141/security-login-rest-role-create.html) +article. + +## Part 2: Create Security Login + +Once the access control role has been created, apply it to a domain account. Ensure the following +requirements are met: + +- The SVM used in the following command must be the same SVM used when creating the access control + role in Part 1. +- All parameters are case sensitive. +- It is recommended to use lowercase for both domain and username. The case of domain and username + created during the account provisioning process must match exactly to the credentials provided to + the Activity Monitor activity agent for authentication to work. + +Use the following command to create the security login for the security role created in Part 1: + +``` +security login create -user-or-group-name [DOMAIN\DOMAINUSER] -application ontapi -authentication-method [DOMAIN_OR_PASSWORD_AUTH] -role [ROLE_NAME] -vserver [SVM_NAME] +``` + +Example: + +``` +security login create -user-or-group-name example\user1 -application ontapi -authentication-method domain -role enterpriseauditor -vserver testserver +``` + +Validate this security login was created. + +### Validate Part 2: Security Login Creation + +Run the following command to validate security login: + +``` +security login show [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +security login show example\user1 +``` + +Verify that the output is displayed as follows: + +![validatesecuritylogincreation](/img/product_docs/activitymonitor/config/netappcmode/validatesecuritylogincreation.webp) + +For more information about creating security logins, read the +[security login create](https://docs.netapp.com/us-en/ontap-cli-9141/security-login-create.html) +article. diff --git a/docs/accessanalyzer/12.0/config/nutanix/access.md b/docs/accessanalyzer/12.0/config/nutanix/access.md new file mode 100644 index 0000000000..16636ea38f --- /dev/null +++ b/docs/accessanalyzer/12.0/config/nutanix/access.md @@ -0,0 +1,22 @@ +# Nutanix Appliance Access & Sensitive Data Auditing Configuration + +The credentials used to run Access Analyzer scans on Nutanix appliances must have the **Backup +Admin: Backup Access only** role assigned. + +## Nutanix Prism Central Interface + +Follow the steps to configure the required account in the Nutanix Prism Central Interface. + +**Step 1 –** Select the **Home** dropdown and select **File Server**. + +**Step 2 –** On the file server page, under actions select **Launch Files Console**. + +**Step 3 –** On the new files URL page, locate the **Configuration** dropdown and select **Manage +Roles**. + +![Nutanix Backup Admin: Backup Access only role](/img/product_docs/accessanalyzer/12.0/config/nutanix/nutanixbackupadminrole.webp) + +**Step 4 –** On the Manage Roles window, add an account with the **Backup Admin: Backup Access +only** role. + +This account must be used for running the Access Analyzer scans on Nutanix appliances. diff --git a/docs/accessanalyzer/12.0/configuration/nutanix/activity.md b/docs/accessanalyzer/12.0/config/nutanix/activity.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/nutanix/activity.md rename to docs/accessanalyzer/12.0/config/nutanix/activity.md diff --git a/docs/accessanalyzer/12.0/config/nutanix/overview.md b/docs/accessanalyzer/12.0/config/nutanix/overview.md new file mode 100644 index 0000000000..9da78402e9 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/nutanix/overview.md @@ -0,0 +1,71 @@ +# Nutanix Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or +Sensitive Data Discovery Auditing scans on Nutanix Appliances. The Netwrix Activity Monitor can be +configured to monitor activity on Nutanix Appliances and make the event data available for Access +Analyzer Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Access Analyzer scans must have the following permissions on the target +host: + +- Group membership in the role **Backup Admin: Backup Access Only** + +See the [Nutanix Appliance Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/nutanix/access.md) topic for +additional information. + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +The Netwrix Activity Monitor can be configured to monitor activity on Nutanix devices. See the +[Nutanix Files Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/nutanix/activity.md) topic for instructions. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Nutanix Appliances + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target Nutanix device: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ----------------------- | +| Activity Agent Server to Nutanix | TCP | 9440 | Nutanix API | +| Nutanix to Activity Agent Server | TCP | 4501 | Nutanix Event Reporting | + +Protect the port with a username and password. The credentials will be configured in Nutanix. + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/qumulo/activity.md b/docs/accessanalyzer/12.0/config/qumulo/activity.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/qumulo/activity.md rename to docs/accessanalyzer/12.0/config/qumulo/activity.md diff --git a/docs/accessanalyzer/12.0/config/qumulo/overview.md b/docs/accessanalyzer/12.0/config/qumulo/overview.md new file mode 100644 index 0000000000..106bf250b4 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/qumulo/overview.md @@ -0,0 +1,68 @@ +# Qumulo Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or +Sensitive Data Discovery Auditing scans on Qumulo devices. The Netwrix Activity Monitor can be +configured to monitor activity on Qumulo devices and make the event data available for Access +Analyzer Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +The credentials used by the Access Analyzer scans must have the following permissions on the target +host: + +- Group membership in the Data-Administrators role + +**NOTE:** These permissions are in addition to those needed to either deploy applet scans for +running scans in proxy mode with applet or installing the File System Proxy Service Permissions for +running scans in proxy mode as a service. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Netwrix Activity Monitor requires an account with the Observers role to monitor a Qumulo cluster. +See the [Qumulo Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/qumulo/activity.md) topic for instructions. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Qumulo Devices + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target Qumulo device: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ----- | ---------------------- | +| Activity Agent Server to Qumulo | TCP | 8000 | Qumulo API | +| Qumulo to Activity Agent Server | TCP | 4496 | Qumulo Event Reporting | + +Protect the port with a username and password. The credentials will be configured in Qumulo. + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/config/sharepoint/access.md b/docs/accessanalyzer/12.0/config/sharepoint/access.md new file mode 100644 index 0000000000..16dcd12b5b --- /dev/null +++ b/docs/accessanalyzer/12.0/config/sharepoint/access.md @@ -0,0 +1,80 @@ +# SharePoint Access & Sensitive Data Auditing Configuration + +Permissions are required on the SharePoint Farm, Web Application, and the SharePoint Database in +order for Access Analyzer to execute Access Auditing (SPAA) and/or Sensitive Data Discovery Auditing +scans. + +## Configure SharePoint Farm Permissions + +Follow the steps to configure the SharePoint Farm level permissions on SharePoint 2013 through +SharePoint 2019 farms. + +**Step 1 –** In the SharePoint Central Administration Center, navigate to the Security section. + +**Step 2 –** Select the Manage the farm administrators group option under Users. + +**Step 3 –** If the Farm Read group exists, add the service account to that group. If the Farm Read +group has been deleted, it is necessary to create a new group with Read privileges at the Farm +level: + +- Select More under the Groups section. +- Select New Group from the New drop-down menu. +- Ensure the group has the Read – Can view pages and list items and download documents permission. +- Add the service account to this new group. + +The service account has Read level access at the Farm level. + +## Configure SharePoint Web Application Permissions + +Follow the steps to configure the SharePoint web application level permissions on SharePoint 2013 +through SharePoint 2019 farms. + +**Step 1 –** In the SharePoint Central Administration Center, navigate to the Application Management +section. + +**Step 2 –** Select Manage web applications option under Web Applications. + +**Step 3 –** Create a new policy for the desired web application. Follow these steps: + +- Click Permission Policy. The Manage Permission Policy Levels window opens. +- Click Add Permission Policy Level. Select the following: + + - Check the Site Collection Auditor permission. + - Check the Open Items box in the Site Permissions Grant column. + - Click Save. + +**Step 4 –** Repeat Step 3 for each web application in scope. It is recommended to give these +policies the same name. + +**Step 5 –** Add the service account to the newly created roles. Follow these steps: + +- Select a web application with the newly created role. +- Click User Policy. The Policy for Web Application window opens. +- Click Add Users. Leave all zones select and click Next. +- Add the service account in the Users textbox. +- Check the newly created role with site collection auditor in the Permissions section. Click + Finish. + +**Step 6 –** Repeat Step 5 for each web application in scope. + +The service account is provisioned as a Site Collection Auditor on all web applications to be +audited. + +## Configure SharePoint Database Server Permissions + +Follow the steps to configure the SharePoint database server permissions on SharePoint 2013 through +SharePoint 2019 farms. + +**Step 1 –** Navigate to the SharePoint database server user configuration via SQL Management +Studio. + +**Step 2 –** Provision the service account to have: + +- SPDataAccess Database role membership +- This database role membership needs to be configured on: + + - SharePoint Configuration database (ShaerPoint_Config) + - All SharePoint Content databases housing web application data (by default the content + databases begin with WSS*Content*, but they can be customized) + +The service account is provisioned with SharePoint database permissions. diff --git a/docs/accessanalyzer/12.0/config/sharepoint/activity.md b/docs/accessanalyzer/12.0/config/sharepoint/activity.md new file mode 100644 index 0000000000..c7f8578b86 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/sharepoint/activity.md @@ -0,0 +1,44 @@ +# SharePoint On-Premise Activity Auditing Configuration + +SharePoint Event Auditing must be enabled for each site collection to be monitored by the Netwrix +Activity Monitor and/or audited by Netwrix Access Analyzer (formerly Enterprise Auditor). + +## User Requirements + +Following are the SharePoint On-Premise user requirements: + +- Local Administrator on SharePoint server (that hosts Central Administration) +- SharePoint SQL server, which includes login on SharePoint Admin, Config, and all content + databases, with the following role permissions: + + - SharePoint 2013+ + + - SPDataAccess + + - SharePoint 2010 + + - db_owner + +## Enable Event Auditing + +Follow the steps for each site collection within a SharePoint 2013 through SharePoint 2019 farm. + +**Step 1 –** Select Settings > Site settings. + +**Step 2 –** Under Site Collection Administration, click Go to top level site settings. + +**Step 3 –** On the Site Settings page, under Site Collection Administration, select Site collection +audit settings. + +**Step 4 –** On the Configure Audit Settings page, in the Documents and Items section select the +events to be audited. + +**Step 5 –** Still on the Configure Audit Settings page, in the List, Libraries, and Site section +select the events to be audited. + +**Step 6 –** Click OK to save the changes. + +SharePoint will create the audit logs to be monitored by the Netwrix Activity Monitor and/or audited +by Access Analyzer. See the Microsoft +[Configure audit settings for a site collection (SharePoint 2013/2016/2019)](https://support.office.com/en-us/article/Configure-audit-settings-for-a-site-collection-a9920c97-38c0-44f2-8bcb-4cf1e2ae22d2) +article for additional information. diff --git a/docs/accessanalyzer/12.0/config/sharepoint/overview.md b/docs/accessanalyzer/12.0/config/sharepoint/overview.md new file mode 100644 index 0000000000..e0b5d57058 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/sharepoint/overview.md @@ -0,0 +1,73 @@ +# SharePoint Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (SPAA) and/or +Sensitive Data Discovery Auditing scans on SharePoint farms. The Netwrix Activity Monitor can be +configured to monitor activity on SharePoint farms and make the event data available for Access +Analyzer Activity Auditing (SPAC) scans. + +## Access & Sensitive Data Auditing Permissions + +- Permissions vary based on the Scan Mode selected and target environment. See the + [SharePoint Support](/docs/accessanalyzer/12.0/requirements/target/sharepoint.md) topic for + additional information. + +See the [SharePoint Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/sharepoint/access.md) topic for +instructions. + +## Access & Sensitive Data Auditing Port Requirements + +- Ports vary based on the Scan Mode selected and target environment. See the + [SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) + topic for additional information. + +## Activity Auditing Permissions + +Requirements to Deploy the Activity Agent on the “Central Administration” SharePoint Server + +The Netwrix Activity Monitor must have an Activity Agent deployed on one instance of a SharePoint +Application server that hosts the “Central Administration” component. While actively monitoring, the +Activity Agent generates activity log files stored on the server. The credential used to deploy the +Activity Agent must have the following permissions on the proxy server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +SharePoint Requirements + +See the [SharePoint On-Premise Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/sharepoint/activity.md) topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/config/sharepointonline/access.md b/docs/accessanalyzer/12.0/config/sharepointonline/access.md new file mode 100644 index 0000000000..af96c6c995 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/sharepointonline/access.md @@ -0,0 +1,298 @@ +# SharePoint Online Access & Sensitive Data Auditing Configuration + +Netwrix Access Analyzer (formerly Enterprise Auditor) uses Modern Authentication to execute Access +Auditing (SPAA) and/or Sensitive Data Discovery Auditing scans for the target SharePoint Online & +OneDrive for Business environments. This involves creating and defining a Microsoft Entra +ID application for app–only access to SharePoint Online. + +**NOTE:** A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. + +Configuration Settings from the Registered Application + +The following settings are needed from your tenant once you have registered the application: + +- Client ID – This is the Application (client) ID for the registered application +- Key – The comma delimited string containing the path to the certificate PFX file, certificate + password, and the Microsoft Entra ID environment identifier ( + `CertPath,CertPassword,AzureEnvironment`) + +Configure Modern Authentication for SharePoint Online using SP_RegisterAzureAppAuth Instant Job + +Registering a Microsoft Entra ID application and provisioning it to grant permissions to SharePoint +Online can be automated using the SP_RegisterAzureAppAuth job from the Access Analyzer Instant Job +Library. The SP_RegisterAzureAppAuth job uses the PowerShell Data Collector to automatically +configure modern authentication for SharePoint Online. It requires: + +- A Connection Profile containing the following two user credentials, both with an Account Type of + **Task (Local)**: + + - Microsoft Entra ID Global Admin credential + - A credential with the username `newapp` that contains the password for the new application + +- Microsoft Graph API PowerShell module to be installed on targeted hosts + +See the +[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_registerazureappauth.md) +topic for additional information. + +## Permissions + +The following permissions are required: + +Permissions for Microsoft Graph API + +- Application Permissions: + + - Application.Read.All – Read all applications + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + - Domain.Read.All – Read domains + - Files.Read.All – Read files in all site collections + - GroupMember.Read.All – Read all group memberships + - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an + organization + - Member.Read.Hidden – Read all hidden memberships + - Organization.Read.All – Read organization information + - OrgContact.Read.All – Read organization contact + - Policy.Read.All – Read your organization's policies + - Policy.Read.ConditionalAccess – Read you organization's conditional access policies + - Policy.Read.PermissionGrant – Read consent and permission grant policies + - ServiceHealth.Read.All – Read service health + - ServiceMessage.Read.All – Read service messages + - Sites.Read.All – Read items in all site collections + - Team.ReadBasic.All – Get a list of all teamss + - TeamMember.Read.All – Read the members of all teams + +- Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +Permissions for Office 365 Management APIs + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + - ServiceHealth.Read – Read service health information for your organization + +Permissions for SharePoint + +- Application Permissions: + + - Sites.FullControl.All – Have full control of all site collections + - Sites.Read.All – Read items in all site collections + - TermStore.Read.All – Read managed metadata + - User.Read.All – Read user profiles + +## Create Self–Signed Certificate + +To configure the Entra ID Application for invoking SharePoint Online with an App Only access token, +create and configure a self–signed X.509 certificate. This certificate authenticates the application +against Entra ID while requesting the App Only access token. See the Microsoft +[Granting access via Azure AD App-Only](https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread) +article for additional information. + +Follow the steps create the self-signed X.509 certificate. + +**Step 1 –** To generate a certificate, use the sample PowerShell command below: + +- Change the following parameters in the sample PowerShell command. See the Microsoft + [New-SelfSignedCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate) + article for additional information. + + - DNS Name – Specifies a DNS name to put into the subject alternative name extension of the + certificate + - Subject – A unique name for the new App (always starts with CN=, to denote a canonical name) + - FriendlyName – Same as Subject name minus the canonical name prefix + - NotAfter – A datetime string denoting the certificate's expiration date - in the above sample, + Get-Date.AddYears(11) specifies that the certificate will expire 11 years from the current + datetime + +Example PowerShell: + +``` +$cert=New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My -DnsName stealthbits.com -Subject "CN=StealthAUDIT SharePoint Auditor" -FriendlyName "StealthAUDIT SharePoint Auditor" -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddYears(11) +``` + +**Step 2 –** Export the certificate public key as a .cer file to the PrivateAssemblies folder in +Access Analyzer with the Export–Certificate cmdlet using the certificate path stored in the +$certPath variable (see Step 1). + +**NOTE:** The environment variable `SAINSTALLDIR` always points to the base Access Analyzer install +directory; simply append the PrivateAssemblies to point to that folder with the following cmdlet: + +``` +Export-Certificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\spaa_cert.cer" -Type CERT +``` + +- See the Microsoft + [Export-Certificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-certificate) + article for additional information. + +**Step 3 –** Export the certificate private key as a .pfx file to the same folder by running the +following cmdlet: + +``` +Export-PfxCertificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\spaa_cert.pfx" -Password (ConvertTo-SecureString -String "PasswordGoesHere" -Force -AsPlainText) +``` + +**_RECOMMENDED:_** Change the string in the Password parameter from "PasswordGoesHere" to something +more secure before running this cmdlet. + +- See the Microsoft + [Export-PfxCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-pfxcertificate) + article for additional information. + +## Register a Microsoft Entra ID Application + +Follow the steps to register Access Analyzer with Microsoft Entra ID. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Access Analyzer + (formerly Enterprise Auditor) Entra ID for SharePoint +- Supported account types – Select **Accounts in this organizational directory only** + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Upload Self-Signed Certificate + +Follow the steps to provision the upload your self-signed certificate. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** Select the Certificates tab. + +**Step 4 –** In the tool bar, click **Upload Certificate**. + +**Step 5 –** Navigate to the to PrivateAssemblies folder and select the `spaa_cert.cer` file. +Optionally add a Description. + +**Step 6 –** Click **Add**. + +The upload certificate public key .cer file is an application key credential. + +## Grant Permissions to the Registered Application + +Follow the steps to grant permissions to the registered application. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs +tab. Select the following permissions: + +- Application Permissions: + + - Application.Read.All – Read all applications + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + - Domain.Read.All – Read domains + - Files.Read.All – Read files in all site collections + - GroupMember.Read.All – Read all group memberships + - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an + organization + - Member.Read.Hidden – Read all hidden memberships + - Organization.Read.All – Read organization information + - OrgContact.Read.All – Read organization contact + - Policy.Read.All – Read your organization's policies + - Policy.Read.ConditionalAccess – Read you organization's conditional access policies + - Policy.Read.PermissionGrant – Read consent and permission grant policies + - ServiceHealth.Read.All – Read service health + - ServiceMessage.Read.All – Read service messages + - Sites.Read.All – Read items in all site collections + - Team.ReadBasic.All – Get a list of all teamss + - TeamMember.Read.All – Read the members of all teams + +- Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** In the top toolbar, click **Add a permission**. + +**Step 7 –** On the Request API permissions blade, select **Office 365 Management APIs** on the +Microsoft APIs tab. Select the following permissions: + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + - ServiceHealth.Read – Read service health information for your organization + +**Step 8 –** At the bottom of the page, click **Add Permissions**. + +**Step 9 –** In the top toolbar, click **Add a permission**. + +**Step 10 –** On the Request API permissions blade, select **SharePoint** on the Microsoft APIs tab. +Select the following permissions: + +- Application Permissions: + + - Sites.FullControl.All – Have full control of all site collections + - Sites.Read.All – Read items in all site collections + - TermStore.Read.All – Read managed metadata + - User.Read.All – Read user profiles + +**Step 11 –** At the bottom of the page, click **Add Permissions**. + +**Step 12 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the Connection Profile and host settings for +Access Analyzer need to be collected. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This is needed for the Access Analyzer Connection Profile. See the +[Azure Active Directory for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/entraid.md) +topic for additional information. diff --git a/docs/accessanalyzer/12.0/config/sharepointonline/activity.md b/docs/accessanalyzer/12.0/config/sharepointonline/activity.md new file mode 100644 index 0000000000..a5c6840c8f --- /dev/null +++ b/docs/accessanalyzer/12.0/config/sharepointonline/activity.md @@ -0,0 +1,229 @@ +# SharePoint Online Activity Auditing Configuration + +In order to collect logs and monitor SharePoint Online activity using the Netwrix Activity Monitor, +it needs to be registered with Microsoft® Entra ID® (formerly Azure AD). + +**NOTE:** A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. + +Additional Requirement + +In addition to registering the application with Microsoft Entra ID, the following is required: + +- Enable Auditing for SharePoint Online + +See the [Enable Auditing for SharePoint Online](#enable-auditing-for-sharepoint-online) topic for +additional information. + +Configuration Settings from the Registered Application + +The following settings are needed from your tenant once you have registered the application: + +- Tenant ID – This is the Tenant ID for Microsoft Entra ID +- Client ID – This is the Application (client) ID for the registered application +- Client Secret – This is the Client Secret Value generated when a new secret is created + + **CAUTION:** It is not possible to retrieve the value after saving the new key. It must be + copied first. + +Permissions for Microsoft Graph API + +- Application: + + - Directory.Read.All – Read directory data + - Sites.Read.All – Read items in all site collections + - User.Read.All – Read all users' full profiles + +Permissions for Office 365 Management APIs + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + +## Register a Microsoft Entra ID Application + +Follow the steps to register Activity Monitor with Microsoft Entra ID. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Activity Monitor + for SharePoint +- Supported account types – Select **Accounts in this organizational directory only** +- Redirect URI – Set the Redirect URI to **Public client/native** (Mobile and desktop) from the drop + down menu. In the text box, enter the following: + + Urn:ietf:wg:oauth:2.0:oob + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Grant Permissions to the Registered Application + +Follow the steps to grant permissions to the registered application. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs +tab. Select the following permissions: + +- Application: + + - Directory.Read.All – Read directory data + - Sites.Read.All – Read items in all site collections + - User.Read.All – Read all users' full profiles + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** In the top toolbar, click **Add a permission**. + +**Step 7 –** On the Request API permissions blade, select **Office 365 Management APIs** on the +Microsoft APIs tab. Select the following permissions: + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + +**Step 8 –** At the bottom of the page, click **Add Permissions**. + +**Step 9 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the settings required for Activity Monitor need to +be collected. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. Next identify the Tenant +ID. + +## Identify the Tenant ID + +The Tenant ID is available in two locations within Microsoft Entra ID. + +Registered Application Overview Blade + +You can copy the Tenant ID from the same page where you just copied the Client ID. Follow the steps +to copy the Tenant ID from the registered application Overview blade. + +**Step 1 –** Copy the Directory (tenant) ID value. + +**Step 2 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. Next generate the +application’s Client Secret Key. + +Overview Page + +Follow the steps to find the tenant name where the registered application resides. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** Copy the Tenant ID value. + +**Step 3 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. Next generate the +application’s Client Secret Key. + +## Generate the Client Secret Key + +Follow the steps to find the registered application's Client Secret, create a new key, and save its +value when saving the new key. + +**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. + +**CAUTION:** It is not possible to retrieve the value after saving the new key. It must be copied +first. + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** In the top toolbar, click **New client secret**. + +**Step 4 –** On the Add a client secret blade, complete the following: + +- Description – Enter a unique description for this secret +- Expires – Select the duration. + + **NOTE:** Setting the duration on the key to expire requires reconfiguration at the time of + expiration. It is best to configure it to expire in 1 or 2 years. + +**Step 5 –** Click **Add** to generate the key. + +**CAUTION:** If this page is left before the key is copied, then the key is not retrievable, and +this process will have to be repeated. + +**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the +Copy to clipboard button to copy the Client Secret. + +**Step 7 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. + +## Enable Auditing for SharePoint Online + +Follow the steps to enable auditing for SharePoint Online so the Activity Monitor can receive +events. + +**Step 1 –** In the Microsoft Purview compliance portal at +[https://purview.microsoft.com](https://purview.microsoft.com/), go to **Solutions** > **Audit**. +Or, to go directly to the Audit page at +[https://purview.microsoft.com/audit/auditsearch](https://purview.microsoft.com/audit/auditsearch). + +**Step 2 –** If auditing is not turned on for your organization, a banner is displayed prompting you +start recording user and admin activity. + +**Step 3 –** Select the **Start recording** user and **admin activity** banner. + +It may take up to 60 minutes for the change to take effect. The Activity Monitor now has SharePoint +Online auditing enabled as needed to receive events. See the Microsoft +[Turn auditing on or off](https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-log-enable-disable?view=o365-worldwide) +article for additional information on enabling or disabling auditing. diff --git a/docs/accessanalyzer/12.0/config/sharepointonline/overview.md b/docs/accessanalyzer/12.0/config/sharepointonline/overview.md new file mode 100644 index 0000000000..12fca7a779 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/sharepointonline/overview.md @@ -0,0 +1,79 @@ +# SharePoint Online Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (SPAA) and +Sensitive Data Discovery Auditing scans on SharePoint Online. The Netwrix Activity Monitor can be +configured to monitor activity on SharePoint Online and make the event data available for Access +Analyzer Activity Auditing (SPAC) scans. + +## Access & Sensitive Data Auditing Permissions + +- Permissions vary based on the Scan Mode selected and target environment. See the + [SharePoint Support](/docs/accessanalyzer/12.0/requirements/target/sharepoint.md) topic for + additional information. + +See the [SharePoint Online Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/sharepointonline/access.md) topic for +instructions. + +**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for +SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and +provisions it with the required permissions. See the +[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_registerazureappauth.md) +topic for additional information. + +## Access & Sensitive Data Auditing Port Requirements + +- Ports vary based on the Scan Mode selected and target environment. See the + [SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) + topic for additional information. + +## Activity Auditing Permissions + +Windows Proxy Server for Activity Agent Monitoring of SharePoint Online + +The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While +actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The +credential used to deploy the Activity Agent must have the following permissions on the proxy +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +SharePoint Requirements + +See the [SharePoint Online Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/sharepointonline/activity.md) topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/config/windowsfile/access.md b/docs/accessanalyzer/12.0/config/windowsfile/access.md new file mode 100644 index 0000000000..c746a8aab1 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/windowsfile/access.md @@ -0,0 +1,131 @@ +# Windows File Server Access & Sensitive Data Auditing Configuration + +Permissions required for Access Analyzer to execute Access Auditing (SPAA) and/or Sensitive Data +Discovery Auditing scans on a Windows file server are dependent upon the Scan Mode Option selected. +See the +[File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) topic +for additional information. + +However, additional considerations are needed when targeting a Windows File System Clusters or DFS +Namespaces. + +## Windows File System Clusters + +The permissions necessary to collect file system data from a Windows File System Cluster must be set +for all nodes that comprise the cluster. + +**NOTE:** It is necessary to target the Windows File Server Cluster (name of the cluster) of +interest when running a File System scan against a Windows File System Cluster. + +Configure credentials on all cluster nodes according to the Windows Operating Systems required +permissions for the desired scan mode with these additional considerations: + +- For + [Applet Mode](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md#applet-mode) + and + [Proxy Mode with Applet](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md#proxy-mode-with-applet): + + - Applet will be deployed to each node + - Credential used in the Connection Profile must have rights to deploy the applet to each node + +- For + [Proxy Mode as a Service](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md#proxy-mode-as-a-service): + + - Proxy Service must be installed on each node + - For Sensitive Data Discovery Auditing scans, the Sensitive Data Discovery Add-on must be + installed on each node + +Additionally, the credential used within the Connection Profile must have rights to remotely access +the registry on each individual cluster node. + +_Remember,_ Remote Registry Service must be enabled on all nodes that comprise the cluster. +Configure the credential(s) with the following rights on all nodes: + +- Group membership in the local Administrators group +- Granted the “Log on as a batch” privilege + +Host List Consideration + +It is necessary to target the Windows File Server Cluster (name of the cluster) of interest when +running a File System scan against a Windows File System Cluster. Within the Master Host Table, +there should be a host entry for the cluster as well as for each node. Additionally, each of these +host entries must have the name of the cluster in the `WinCluster` column in the host inventory +data. This may need to be updated manually. + +See the View/Edit section of the +[Host Management Activities](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/overview.md) topic +for additional information on host inventory. + +- For FSAA and SDD scans, configure a custom host list to target the cluster's Role Server. +- For FSAC scans, configure a custom host list to target the Windows File Server Cluster. + +The host targeted by the File System scans is only the host entry for the cluster. For example: + +The environment has a Windows File System Cluster named `ExampleCluster1` with three nodes named +`ExampleNodeA`, `ExampleNodeB`, and `ExampleNodeC`. There would be four host entries in the +StealthAUDIT Master Host Table: `ExampleCluster1`, `ExampleNodeA`, `ExampleNodeB`, and +`ExampleNodeC`. Each of these four entries would have the same value of the cluster name in the +`WinCluster` column: `ExampleCluster1`. Only the `ExampleCluster1` host would be in the host list +targeted by the File System scans. + +Sensitive Data Discovery Scans + +For Sensitive Data Discovery Auditing scans on a Windows File System Cluster it is necessary for the +credential to also have Group membership in both of the following local groups for all nodes which +comprise the cluster: + +- Power Users +- Backup Operators + +Activity Auditing Scans + +The Netwrix Activity Monitor must deploy an Activity Agent on all nodes that comprise the Windows +File System Cluster. The Activity Agent generates activity log files stored on each node. Access +Analyzer targets the Windows File Server Cluster (name of the cluster) of interest in order to read +the activity. See the [Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/windowsfile/activity.md) topic for +additional information. + +The credential used Access Analyzer to read the activity log files must have: + +- Membership in the local Administrators group + +The FileSystemAccess Data Collector needs to be specially configured to run the +[1-FSAC System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac_system_scans.md) +against a Windows File System Cluster. On the +[FSAA: Activity Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/activitysettings.md), +configure the Host Mapping option. This provides a method for mapping between the target host and +the hosts where activity logs reside. However, this feature requires **advanced SQL scripting +knowledge** to build the query. + +Membership in the local Administrators group + +### Least Privilege Permission Model for Windows Cluster + +If a least privilege model is required by the organization, then the credential must have READ +access on the following registry keys: + +- `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SBTLogging\Parameters` +- `HKEY_LOCAL_MACHINE\Cluster\Nodes` + +Additionally, the credential must have READ access to the path where the activity log files are +located. + +## DFS Namespaces + +The FileSystem > 0.Collection > 0-FSDFS System Scans Job is configured by default to target the +default domain controller for the domain in which Access Analyzer resides. This is the appropriate +target host for this job when targeting a domain-based namespace. To target a standalone namespace +or multiple namespaces, create a custom host list of the server(s) hosting the namespace(s). Then +assign the custom host list to the 0-FSDFS System Scans Job. No additional host list is require for +the FileSystem > 0.Collection Job Group unless additional file servers are also being targeted. + +DFS as Part of a Windows Cluster Consideration + +If the DFS hosting server is part of a Windows Cluster, then the Windows File System Clusters +requirements must be included with the credential. + +DFS and Activity Auditing Consideration + +For activity monitoring, the Netwrix Activity Monitor must have a deployed Activity Agent on all DFS +servers identified by the 0-FSDFS System Scans Job and populated into the dynamic host list. See the +[Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/windowsfile/activity.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/configuration/windows-file/activity.md b/docs/accessanalyzer/12.0/config/windowsfile/activity.md similarity index 100% rename from docs/accessanalyzer/12.0/configuration/windows-file/activity.md rename to docs/accessanalyzer/12.0/config/windowsfile/activity.md diff --git a/docs/accessanalyzer/12.0/config/windowsfile/overview.md b/docs/accessanalyzer/12.0/config/windowsfile/overview.md new file mode 100644 index 0000000000..ffed99f7d6 --- /dev/null +++ b/docs/accessanalyzer/12.0/config/windowsfile/overview.md @@ -0,0 +1,85 @@ +# Windows File Server Target Requirements + +Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or +Sensitive Data Discovery Auditing scans on Windows file servers. The Netwrix Activity Monitor can be +configured to monitor activity on Windows file servers and make the event data available for Access +Analyzer Activity Auditing (FSAC) scans. + +## Access & Sensitive Data Auditing Permissions + +- Permissions vary based on the Scan Mode Option selected. See the + [File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) + topic for additional information. + +Windows File System Cluster Requirements + +See the [Windows File Server Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/windowsfile/access.md) topic for +instructions. + +Windows File System DFS Namespaces Requirements + +See the [Windows File Server Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/config/windowsfile/access.md) topic for +instructions. + +## Access & Sensitive Data Auditing Port Requirements + +The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data +Discovery Auditing scans are based on the File System scan mode to be used. See the +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +topic for additional information. + +## Activity Auditing Permissions + +Requirements to Deploy the Activity Agent on the Windows File Server + +The Netwrix Activity Monitor must have an Activity Agent deployed on the Windows file server to be +monitored. While actively monitoring, the Activity Agent generates activity log files stored on the +server. The credential used to deploy the Activity Agent must have the following permissions on the +server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +Windows File System Cluster Requirements + +See the [Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/windowsfile/activity.md) topic for instructions. + +Windows File System DFS Namespaces Requirements + +See the [Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/windowsfile/activity.md) topic for instructions. + +Activity Monitor Archive Location + +If the activity log files are being archived, configurable within the Netwrix Activity Monitor +Console, then the credential used by Access Analyzer to read the activity log files must also have +READ and WRITE permissions on the archive location. + +## Activity Auditing Port Requirements + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/active-directory/access.md b/docs/accessanalyzer/12.0/configuration/active-directory/access.md deleted file mode 100644 index 4a61985287..0000000000 --- a/docs/accessanalyzer/12.0/configuration/active-directory/access.md +++ /dev/null @@ -1,221 +0,0 @@ -# Active Directory Auditing Configuration - -The Access Analyzer for Active Directory Solution is compatible with the following Active Directory -versions as targets: - -- Windows Server 2016 and later -- Windows 2003 Forest level or higher - -**NOTE:** See the Microsoft -[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) -article for additional information. - -Domain Controller Requirements - -The following are requirements for the domain controllers to be scanned: - -- .NET Framework 4.5+ installed -- WINRM Service installed - -Data Collectors - -Successful use of the Access Analyzer Active Directory solution requires the necessary settings and -permissions in a Microsoft® Active Directory® environment described in this topic and its -subtopics. This solution employs the following data collectors to scan for groups, users, computers, -passwords, permissions, group policies, and domain information: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [ActiveDirectory Data Collector](/docs/accessanalyzer/12.0/data-collection/active-directory/overview.md) -- [ADActivity Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-activity/overview.md) -- [GroupPolicy Data Collector](/docs/accessanalyzer/12.0/data-collection/group-policy/overview.md) -- [LDAP Data Collector](/docs/accessanalyzer/12.0/data-collection/ldap/index.md) -- [PasswordSecurity Data Collector](/docs/accessanalyzer/12.0/data-collection/password-security/overview.md) -- [PowerShell Data Collector](/docs/accessanalyzer/12.0/data-collection/powershell/overview.md) -- [Registry Data Collector](/docs/accessanalyzer/12.0/data-collection/registry/index.md) - -## Permissions - -- Member of the Domain Administrators group - -The majority of jobs in the Active Directory solutions rely on tables with queried data from the -data collectors mentioned above to perform analysis and generate reports. The remaining jobs utilize -data collectors to scan environments, and require additional permissions on the target host. - -**_RECOMMENDED:_** Use Domain/Local Administrator privileges to run Access Analyzer against an -Active Directory domain controller. - -There is a least privilege model for scanning your domain. See the -[Least Privilege Model](#least-privilege-model) topic for additional information. - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For ActiveDirectory Data Collector - -- TCP 389/636 -- TCP 135-139 -- Randomly allocated high TCP ports - -For ADActivity Data Collector - -- TCP 4494 (configurable within the Netwrix Activity Monitor) - -For GroupPolicy Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For LDAP Data Collector - -- TCP 389 - -For PasswordSecurity Collector - -- TCP 389/636 - -For PowerShell Data Collector - -- Randomly allocated high TCP ports - -For Registry Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports - -## Least Privilege Model - -A least privilege model can be configured based on your auditing needs and the data collection jobs -you will be using. The following jobs and their corresponding data collectors can be run with a -least privilege permissions model. - -1-AD_Scan Job Permissions - -The ADInventory Data Collector in the .Active Directory Inventory > 1-AD_Scan Job has the following -minimum requirements, which must be configured at the Domain level in Active Directory: - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -AD_WeakPasswords Job Permissions - -The PasswordSecurity Data Collector in the 2.Users > AD_WeakPasswords Job has the following minimum -requirements: - -- At the domain level: - - - Read - - Replicating Directory Changes - - Replicating Directory Changes All - - Replicating Directory Changes in a Filtered Set - - Replication Synchronization - -AD_CPassword Job Permissions - -While the PowerShell Data Collector typically requires Domain Administrator permissions when -targeting a domain controller, that level of access is not required to run the 4.Group Policy > -AD_CPasswords job. The minimum requirements for running this job are: - -- Read access to SYSVOL on the targeted Domain Controller(s) and all of its children - -AD_GroupPolicy Job Permissions - -While the GroupPolicy Data Collector typically requires Domain Administrator permissions when -targeting a domain controller, that level of access is not required to run the 4.Group Policy > -AD_GroupPolicy Job. The minimum requirements for running this job are: - -- Requires Read permissions on Group Policy Objects - -AD_PasswordPolicies Job Permissions - -While the LDAP Data Collector typically requires Domain Administrator permissions when targeting a -domain controller, that level of access is not required to run the 4.Group Policy > -AD_PasswordPolicies Job. The minimum requirements for running this job are: - -- Requires Read permissions on the Password Settings Container - -AD_DomainControllers Job Permissions - -While the LDAP Data Collector and Active Directory Data Collector typically requires Domain -Administrator permissions when targeting a domain controller, that level of access is not required -to run the 5.Domains > 0.Collection > AD_DomainControllers Job. The minimum requirements for running -this job are: - -- Read access to CN=Servers,%SITEDN% and its children -- Read access to: %PARTITIONDNS% and its children -- Read access to: %SCHEMADN% -- Read access to: %SITESDN% and its children - -See the [Variable Definitions](#variable-definitions) for variable definitions. - -AD_DSRM Job Permissions - -While the Registry Data Collector typically requires Domain Administrator permissions when targeting -a domain controller, that level of access is not required to run the 5.Domains > 0.Collection > -AD_DSRM Job. The minimum requirements for running this job are: - -- Requires read access to the following Registry key and its children: - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa - -AD_TimeSync Job Permissions - -While the Registry Data Collector typically requires Domain Administrator permissions when targeting -a domain controller, that level of access is not required to run the 5.Domains > 0.Collection > -AD_TimeSync Job. The minimum requirements for running this job are: - -- Requires Read access to the following Registry keys and its children: - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time - -AD_DomainInfo Job Permissions - -While the LDAP Data Collector and Active Directory Data Collector typically requires Domain -Administrator permissions when targeting a domain controller, that level of access is not required -to run the 5.Domains > AD_DomainInfo Job. The minimum requirements for running this job, which must -be configured at the Domain level in Active Directory, are: - -- Read access to: %DOMAINDN% and its children -- Read access to: CN=System,%DOMAINDN% and its children -- Read access to: %SITEDN% and its children -- Read access to: %PARTITIONDNS% and its children - -See the [Variable Definitions](#variable-definitions) for variable definitions. - -AD_ActivityCollection Job Permission - -The ADActivity Data Collector in the 6.Activity > 0.Collection > AD_ActivityCollection Job has the -following minimum requirements: - -- Netwrix Activity Monitor API Access activity data -- Netwrix Activity Monitor API Read -- Read access to the Netwrix Activity Monitor Log Archive location - -### Variable Definitions - -The following variables are referenced for Active Directory Least Privileged Models: - -`%PARTITIONDNS%` is the distinguished name of the accessed partition; -`CN=Partitions,CN=Configuration,DC=contoso,DC=com` - -`%SITEDN%` is the distinguished name of the accessed site; -`CN=Sites,CN=Configuration,DC=contoso,DC=com` - -`%CONFIGDN%` is the distinguished name of the configuration naming context; -`CN=Configuration,DC=company,DC=com` - -`%SCHEMADN%` is the distinguished name of the accessed schema; -`CN=Schema,CN=Configuration,DC=company,DC=com` - -`%DOMAINDN%`" is the distinguished name of the accessed domain object; `DC=company,DC=com` diff --git a/docs/accessanalyzer/12.0/configuration/active-directory/activity.md b/docs/accessanalyzer/12.0/configuration/active-directory/activity.md deleted file mode 100644 index 206afb88ea..0000000000 --- a/docs/accessanalyzer/12.0/configuration/active-directory/activity.md +++ /dev/null @@ -1,251 +0,0 @@ -# Active Directory Activity Auditing Configuration - -There are two methods to configure Activity Monitor to provide Active Directory domain activity to -Access Analyzer: - -- API Server -- File Archive Repository - -See the [File Archive Repository Option](/docs/accessanalyzer/12.0/configuration/active-directory/file-archive.md) topic for additional information on that -option. - -## API Server Option - -In this method, you will be deploying two agents: - -- First, deploy an Activity Agent to a Windows server that will act as the API server. This is a - non-domain controller server. - - **_RECOMMENDED:_** Deploy the API Server to the same server where the Activity Monitor Console - resides. - -- Next, deploy the AD Agent to all domain controllers in the target domain. - -Follow the steps to setup integration between Activity Monitor and Access Analyzer through an API -server. - -**Step 1 –** Deploy the Activity Agent to the API server. - -**Step 2 –** Deploy the AD Agent to each domain controller in the target domain. - -The next step is to configure the agent deployed to the API server. - -## Configure API Server Agent - -Follow the steps to configure the agent deployed to the API server. - -**Step 1 –** On the Agents tab of the Activity Monitor Console, select the agent deployed to the -API server. - -**Step 2 –** Click **Edit**. The Agent properties window opens. - -**Step 3 –** Select the **API Server** tab and configure the following: - -- Select the **Enable API access on this agent** checkbox. -- The default **API server port (TCP)** is 4494, but it can be modified if desired. Ensure the - modified port is also used by Access Analyzer. -- Click **Add Application**. The Add or edit API client window opens. -- Configure the following: - - - Provide a descriptive and unique **Application name**, for example `Access Analyzer`. - - Select the **Read** checkbox to grant this permission to this application. - - Click **Generate** to generate the Client ID and Client Secret. - - Copy the Client ID value to a text file. - - Click **Copy** and save the Client Secret value to a text file. - - **CAUTION:** It is not possible to retrieve the value after closing the Add or edit - API client window. It must be copied first. - - - By default, the **Secret Expires** in 3 days. That means it must be used in the Access - Analyzer Connection Profile within 72 hours or a new secret will need to be generated. Modify - if desired. - - Click **OK** to save the configuration and close the Add or edit API client window. - -- If the Activity Monitor Console server is not the API Server, then click **Use this console** to - grant the Activity Monitor the ability to manage the API server. -- The IPv4 or IPv6 allowlist allows you to limit access to the API server data to specific hosts. - -**Step 4 –** Click **OK** to save the configuration and close the Agent properties window. - -The next step is to configure the agents deployed to the domain controllers. - -## Configure Domain Controller Agent - -Follow the steps to configure the agent deployed to the domain controller. - -**Step 1 –** On the Agents tab of the Activity Monitor Console, select an agent deployed to domain -controller. - -**Step 2 –** Click **Edit**. The Agent properties window opens. - -**Step 3 –** Select the **Archiving** tab and configure the following: - -- Select the **Enable Archiving for this agent** checkbox. -- Select the **Archive log files on a UNC path** option. Click the **...** button and navigate to - the desired network share on the API server. -- The **User name** and **User password** fields only need to be filled in if the account used to - install the agent does not have access to this share. - - _Remember,_ The account used to install the agent on a domain controller is a Domain - Administrator account. - -- Click **Test** to ensure a successful connection to the network share. - -**Step 4 –** Click **OK** to save the configuration and close the Agent properties window. - -**Step 5 –** Repeat Steps 1-4 for each agent deployed to domain controller. - -These agent are configured to save the Archive logs to the selected share. - -## Configure Monitored Domain Output - -Follow the steps configure the monitored domain output for Netwrix Access Analyzer (formerly -Enterprise Auditor). - -**Step 1 –** Select the **Monitored Domains** tab. - -**Step 2 –** Select the desired domain and click **Add Output**. The Add New Ouptut window opens. - -**Step 3 –** Configure the following: - -- Configure the desired number of days for the **Period to keep Log files**. This is the number of - days the log files are kept on the API server configured in the sections above. This needs to be - set to a greater value than the days between Access Analyzer scans. - - - For example, if Access Analyzer runs the **AD_ActivityCollection** Job once a week (every 7 - days), then the Activity Monitor output should be configured to retain at least 10 days of log - files. - -- Check the **This log file is for StealthAUDIT** box. -- Optionally select the **Enable periodic AD Status Check event reporting** checkbox. When enabled, - the agent will send out status messages every five minutes to verify whether the connection is - still active. - -**Step 4 –** Click **Add Output** to save and close the Add New Output window. - -Access Analyzer now has access to the agent log files for this domain. - -## Configure Connection Profile - -Follow the steps to configure the Connection Profile in Access Analyzer. - -_Remember,_ the Client ID and Client Secret were generated by the API server and copied to a text -file. If the secret expired before the Connection Profile is configured, it will need to be -re-generated. - -**Step 1 –** On the **Settings** > **Connection** node of the Access Analyzer Console, select the -Connection Profile for the Active Directory solution. If you haven't yet created a Connection -Profile or desire a specific one for AD Activity, create a new one and provide a unique descriptive -name. - -**Step 2 –** Click **Add User credential**. The User Credentials window opens. - -**Step 3 –** Configure the following: - -- Select Account Type – Select **Web Services (JWT)** -- User name – Enter the Client ID generated by the Activity Monitor API Server -- Access Token – Enter the Client Secret generated by the Activity Monitor API Server - -**Step 4 –** Click **OK** to save and close the User Credentials window. - -**Step 5 –** Click **Save** and then **OK** to confirm the changes to the Connection Profile. - -**Step 6 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** Job -Group. Select the **Settings > Connection** node. - -**Step 7 –** Select the **Select one of the following user defined profiles** option. Expand the -drop-down menu and select the Connection Profile with this credential. - -**Step 8 –** Click **Save** and then **OK** to confirm the changes to the job group settings. - -The Connection Profile will now be used for AD Activity collection. - -## Configure the AD_ActivityCollection Job - -The Access Analyzer requires additional configurations in order to collect domain activity data. -Follow the steps to configure the **AD_ActivityCollection** Job. - -**NOTE:** Ensure that the **.Active Directory Inventory** Job Group has been successfully run -against the target domain. - -**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. - -**Step 2 –** Click **Query Properties**. The Query Properties window displays. - -**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard -opens. - -![Active Directory Activity DC wizard Category page](/img/product_docs/activitymonitor/config/activedirectory/categoryimportfromnam.webp) - -**Step 4 –** On the Category page, choose **Import from SAM** option and click **Next**. - -![Active Directory Activity DC wizard SAM connection settings page](/img/product_docs/activitymonitor/config/activedirectory/namconnection.webp) - -**Step 5 –** On the SAM connection page, the **Port** is set to the default 4494. This needs to -match the port configured for the Activity Monitor API Server agent. - -**Step 6 –** In the **Test SAM host** textbox, enter the Activity Monitor API Server name using -fully qualified domain format. For example, `NEWYORKSRV30.NWXTech.com`. Click **Connect**. - -**Step 7 –** If connection is successful, the archive location displays along with a Refresh token. -Copy the **Refresh token**. This will replace the Client Secret in the Connection Profile in the -last step. - -**Step 8 –** Click **Next**. - -![Active Directory Activity DC wizard Scoping and Retention page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -**Step 9 –** On the Scope page, set the Timespan as desired. There are two options: - -- Relative Timespan – Set the number of days of activity logs to collect when the scan is run -- Absolute Timespan – Set the date range for activity logs to collect when the scan is run - -**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity -Monitor domain output log retention expires. For example, if Access Analyzer runs the -**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be -configured to retain at least 10 days of log files. - -**Step 10 –** Set the Retention period as desired. This is the number of days Access Analyzer keeps -the collected data in the SQL Server database. - -**Step 11 –** Click **Next** and then **Finish** to save the changes and close the wizard. - -**Step 12 –** Click **OK** to save the changes and close the Query Properties page. - -**Step 13 –** Navigate to the global **Settings** > **Connection** node to update the User -Credential with the Refresh token: - -- Select the Connection Profile assigned to the **6.Activity** > **0.Collection** Job Group. -- Select the Web Services (JWT) User Credential and click **Edit**. -- Replace the Access Token with the Refresh token generated by the data collector in Step 7. -- Click **OK** to save and close the User Credentials window. -- Click **Save** and then **OK** to confirm the changes to the Connection Profile. - -The query is now configured to target the Activity Monitor API Server to collect domain activity -logs. - -### (Optional) Configure Import of AD Activity into Netwrix Access Information Center - -AD Activity data can be imported into Netwrix Access Information Center by the -**AD_ActivityCollection** Job. However, this is disabled by default. Follow the steps to enable the -importing of AD activity data into the Access Information Center. - -**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. - -**Step 2 –** On the job's Overview page, enable the import of AD Events. - -- Click on the **Enable to import AD events into the AIC** parameter. -- On the Parameter Configuration window, select the **Enabled** checkbox and click **Save**. - -**Step 3 –** On the job's Overview page, enable the import of authentication Events. - -- Click on the **Enable to import authentication events into the AIC** parameter. -- On the Parameter Configuration window, select the **Enabled** checkbox and click **Save**. - -**Step 4 –** Optionally, modify the **List of attributes to track for Object Modified changes** and -**Number of days to retain activity data in the AIC** parameters. - -The **AD_ActivityCollection** Job is now configured to import both AD events and authentication -events into the Netwrix Access Information Center. diff --git a/docs/accessanalyzer/12.0/configuration/active-directory/file-archive.md b/docs/accessanalyzer/12.0/configuration/active-directory/file-archive.md deleted file mode 100644 index 5723857d92..0000000000 --- a/docs/accessanalyzer/12.0/configuration/active-directory/file-archive.md +++ /dev/null @@ -1,154 +0,0 @@ -# File Archive Repository Option - -As an alternative to using an API Server, Netwrix Activity Monitor can be configured to store all -archived logs to a network share. This option requires all of the domain logs to be stored in the -same share location in order for Access Analyzer to collect the AD Activity data. - -Prerequisite - -Deploy the AD Agent to each domain controller in the target domain. - -## Configure Domain Controller Agent - -Follow the steps to configure the agent deployed to the domain controller. - -**NOTE:** These steps assume the network share where the activity log files will be archived already -exists. - -**Step 1 –** On the Agents tab of the Activity Monitor Console, select an agent deployed to domain -controller. - -**Step 2 –** Click Edit. The Agent properties window opens. - -**Step 3 –** Select the Archiving tab and configure the following: - -- Check the Enable Archiving for this agent box. -- Select the **Archive log files on a UNC path** option. Click the ... button and navigate to the - desired network share. -- The **User name** and **User password** fields only need to be filled in if the account used to - install the agent does not have access to this share. - - _Remember,_ The account used to install the agent on a domain controller is a Domain - Administrator account. This is typically the credential that will be used in the Netwrix Access - Analyzer (formerly Enterprise Auditor) Connection Profile. However, a least privilege option is - a domain user account with Read access to this share. - -- Click **Test** to ensure a successful connection to the network share. - -**Step 4 –** Click OK to save the configuration and close the Agent properties window. - -**Step 5 –** Repeat Steps 1-4 for each agent deployed to domain controller pointing to the same -network share in Step 3 for each agent. - -These agent are configured to save the Archive logs to the selected share. - -## Configure Monitored Domain Output - -Follow the steps configure the monitored domain output for Netwrix Access Analyzer (formerly -Enterprise Auditor). - -**Step 1 –** Select the **Monitored Domains** tab. - -**Step 2 –** Select the desired domain and click **Add Output**. The Add New Ouptut window opens. - -**Step 3 –** Configure the following: - -- Configure the desired number of days for the **Period to keep Log files**. This is the number of - days the log files are kept on the API server configured in the sections above. This needs to be - set to a greater value than the days between Access Analyzer scans. - - - For example, if Access Analyzer runs the **AD_ActivityCollection** Job once a week (every 7 - days), then the Activity Monitor output should be configured to retain at least 10 days of log - files. - -- Check the **This log file is for StealthAUDIT** box. -- Optionally select the **Enable periodic AD Status Check event reporting** checkbox. When enabled, - the agent will send out status messages every five minutes to verify whether the connection is - still active. - -**Step 4 –** Click **Add Output** to save and close the Add New Output window. - -Access Analyzer now has access to the agent log files for this domain. - -## Configure Connection Profile - -Follow the steps to configure the Connection Profile in Access Analyzer. - -**Step 1 –** On the Settings > Connection node of the Access Analyzer Console, select the Connection -Profile for the Active Directory solution. If you haven't yet created a Connection Profile or desire -a specific one for AD Activity, create a new one and provide a unique descriptive name. - -**Step 2 –** Click Add User credential. The User Credentials window opens. - -**Step 3 –** Configure the following: - -- Select Account Type – Select **Active Directory Account** -- Domain – Select the domain where the network share resides -- User name – Enter the account with Read access to the network share -- Provide the account password: - - - Password Storage – Select the password storage location, if it is being stored in a vault, - like CyberArk - - Password / Confirm – Enter the account password in both fields - -**Step 4 –** Click OK to save and close the User Credentials window. - -**Step 5 –** Click **Save** and then **OK** to confirm the changes to the Connection Profile. - -**Step 6 –** Navigate to the Jobs > Active Directory > 6.Activity > 0.Collection Job Group. Select -the **Settings > Connection** node. - -**Step 7 –** Select the **Select one of the following user defined profiles** option. Expand the -drop-down menu and select the Connection Profile with this credential. - -**Step 8 –** Click **Save** and then **OK** to confirm the changes to the job group settings. - -The Connection Profile will now be used for AD Activity collection. - -## Configure the AD_ActivityCollection Job - -Access Analyzer requires additional configurations in order to collect domain activity data. Follow -the steps to configure the **AD_ActivityCollection** Job. - -**NOTE:** Ensure that the .Active Directory Inventory Job Group has been successfully run against -the target domain. - -**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. - -**Step 2 –** Click **Query Properties**. The Query Properties window displays. - -**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard -opens. - -![Active Directory Activity DC wizard Category page](/img/product_docs/activitymonitor/config/activedirectory/categoryimportfromshare.webp) - -**Step 4 –** On the Category page, choose **Import from Share** option and click **Next**. - -![Active Directory Activity DC wizard Share settings page](/img/product_docs/activitymonitor/config/activedirectory/share.webp) - -**Step 5 –** On the Share page, provide the UNC path to the AD Activity share archive location. If -there are multiple archives in the same network share, check the **Include Sub-Directories** box. -Click **Next**. - -![Active Directory Activity DC wizard Scoping and Retention page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -**Step 6 –** On the Scope page, set the Timespan as desired. There are two options: - -- Relative Timespan – Set the number of days of activity logs to collect when the scan is run -- Absolute Timespan – Set the date range for activity logs to collect when the scan is run - -**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity -Monitor domain output log retention expires. For example, if Access Analyzer runs the -**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be -configured to retain at least 10 days of log files. - -**Step 7 –** Set the Retention period as desired. This is the number of days Access Analyzer keeps -the collected data in the SQL Server database. - -**Step 8 –** Click **Next** and then **Finish** to save the changes and close the wizard. - -**Step 9 –** Click **OK** to save the changes and close the Query Properties page. - -The query is now configured to target the network share where the Activity Monitor domain activity -logs are archived. diff --git a/docs/accessanalyzer/12.0/configuration/active-directory/overview.md b/docs/accessanalyzer/12.0/configuration/active-directory/overview.md deleted file mode 100644 index f195aed396..0000000000 --- a/docs/accessanalyzer/12.0/configuration/active-directory/overview.md +++ /dev/null @@ -1,79 +0,0 @@ -# Active Directory Domain Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute scans on Active Directory domains. -The Netwrix Activity Monitor can be configured to monitor activity on Active Directory domains and -make the event data available for Access Analyzer Active Directory Activity scans. - -## Auditing Permissions - -The following permission is needed: - -- Member of the Domain Administrators group - -Some collection jobs do allow for a least privilege model. See the -[Active Directory Auditing Configuration](/docs/accessanalyzer/12.0/configuration/active-directory/access.md) topic for additional information. - -## Auditing Port Requirements - -Ports vary based on the data collector being used. See the -[Active Directory Auditing Configuration](/docs/accessanalyzer/12.0/configuration/active-directory/access.md) topic for additional information. - -## Activity Auditing Permissions - -**NOTE:** Active Directory domain activity events can also be monitored through Netwrix Threat -Prevention. This requires integration between it and Netwrix Activity Monitor to enable access to -the data for Access Analyzer Active Directory Activity scans. See the -[Send Active Directory Event Data from Netwrix Threat Prevention to Netwrix Access Analyzer](/docs/accessanalyzer/12.0/configuration/active-directory/threat-prevention.md) -topic for additional information. - -Requirements to Deploy the AD Agent on the Domain Controller - -The Netwrix Activity Monitor must have an AD Agent deployed on the domain controller to be -monitored. While actively monitoring, the AD Agent generates activity log files stored on the -server. The credential used to deploy the AD Agent must have the following permissions on the -server: - -- Membership in the Domain Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -**NOTE:** For monitoring an Active Directory domain, the AD Agent must be installed on all domain -controllers within the domain to be monitored. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -Integration with Access Analyzer - -See the [Active Directory Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/active-directory/activity.md) topic for target environment -requirements. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/active-directory/threat-prevention.md b/docs/accessanalyzer/12.0/configuration/active-directory/threat-prevention.md deleted file mode 100644 index e261bd909b..0000000000 --- a/docs/accessanalyzer/12.0/configuration/active-directory/threat-prevention.md +++ /dev/null @@ -1,40 +0,0 @@ -# Send Active Directory Event Data from Netwrix Threat Prevention to Netwrix Access Analyzer - -When Netwrix Threat Prevention is configured to monitor a domain, the event data collected by the -policies can be provided to Netwrix Access Analyzer (formerly Enterprise Auditor) for auditing and -analysis. This is accomplished by configuring Threat Prevention to send data to Netwrix Activity -Monitor, which in turn creates the activity log files that Access Analyzer collects. - -**NOTE:** Threat Prevention can only be configured to send event data to one Netwrix application, -either Netwrix Activity Monitor or Netwrix Threat Manager but not both. However, the Activity -Monitor can be configured with outputs for Access Analyzer and Threat Manager. - -Follow the steps to configure this integration. - -**_RECOMMENDED:_** It is a best practice to use the API Server option of the Activity Monitor for -this integration between Threat Prevention and Access Analyzer. - -**Step 1 –** In the Threat Prevention Administration Console, click **Configuration** > **Netwrix -Threat Manager Configuration** on the menu. The Netwrix Threat Manager Configuration window opens. - -**Step 2 –** On the Event Sink tab, configure the following: - -- Netwrix Threat Manager URI – Enter the name of the Activity Monitor agent host and port, which is - 4499 by default, in the following format: - - `amqp://localhost:4499` - - You must use localhost, even if Activity Monitor and Threat Prevention are installed on - different servers. - -- App Token – Leave this field blank for integration with Activity Monitor -- Policies – The table displays all policies created in Threat Prevention along with a State icon - indicating if the policy is active. Check the **Send** box for the desired policies monitoring the - target domain activity. - -**Step 3 –** Click **Save**. - -All real-time event data from the selected policies is now sent to Activity Monitor. Additional -policies can be added to this data stream through the Netwrix Threat Manager Configuration window or -by selecting the **Send to Netwrix Threat Manager** option on the Actions tab of the respective -policy. diff --git a/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/activity.md b/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/activity.md deleted file mode 100644 index 839e9696f2..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/activity.md +++ /dev/null @@ -1,54 +0,0 @@ -# Dell Celerra & Dell VNX Activity Auditing Configuration - -An Dell Celerra or VNX device can be configured to audit Server Message Block (SMB) protocol access -events. All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Activity Monitor -listens for all events coming through the Dell CEE and translates all relevant information into -entries in the Log files or syslog messages. - -Complete the following checklist prior to configuring the Activity Monitor to monitor the host. -Instructions for each item of the checklist are detailed within the following sections. - -Checklist Item 1: Plan Deployment - -- Prior to beginning the deployment, gather the following: - - - DNS name of Celerra or VNX CIFS share(s) to be monitored - - Data Mover or Virtual Data Mover hosting the share(s) to be monitored - - Account with access to the CLI - - Download the Dell CEE from: - - - [https://www.dell.com/support](https://www.dell.com/support) - -Checklist Item 2: Install Dell CEE - -- Dell CEE can be installed on the same Windows server as the Activity Agent, or on a different - server. If it is installed on the same host, the activity agent can configure it automatically. - - **_RECOMMENDED:_** The latest version of Dell CEE is the recommended version to use with the - asynchronous bulk delivery (VCAPS) feature. - -- Important: - - - Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE - is installed - - Dell CEE 8.4.2 through Dell CEE 8.6.1 are not supported for use with the VCAPS feature - - Dell CEE requires .NET Framework 3.5 to be installed on the Windows proxy server - -- See the [Install & Configure Dell CEE](/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/install-cee.md) topic for instructions. - -Checklist Item 3: Dell Device Configuration - -- Configure the `cepp.conf` file on the Celerra VNX Cluster -- See the - [Connect Data Movers to the Dell CEE Server](/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/install-cee.md#connect-data-movers-to-the-dell-cee-server) - topic for instructions. - -Checklist Item 4: Activity Monitor Configuration - -- Deploy the Activity Monitor Activity Agent, preferably on the same server where Dell CEE is - installed - - - After activity agent deployment, configure the Dell CEE Options tab of the agent’s Properties - window within the Activity Monitor Console - -Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent diff --git a/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/install-cee.md b/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/install-cee.md deleted file mode 100644 index 3db7f7ce92..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/install-cee.md +++ /dev/null @@ -1,183 +0,0 @@ -# Install & Configure Dell CEE - -Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix -product. Dell customers have a support account with Dell to access the download. - -_Remember,_ the latest version is the recommended version of Dell CEE. - -**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity -Monitor agent will be deployed (recommended) or on any other Windows or Linux server. - -Follow the steps to install the Dell CEE. - -**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for -this component. It is recommended to use the most current version. - -**Step 2 –** Follow the instructions in the Dell -[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) -guide to install and configure the CEE. The installation will add two services to the machine: - -- EMC Checker Service (Display Name: EMC CAVA) -- EMC CEE Monitor (Display Name: EMC CEE Monitor) - -**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the -asynchronous bulk delivery (VCAPS) feature. - -See the [CEE Debug Logs](/docs/accessanalyzer/12.0/configuration/dell-unity/validate.md#cee-debug-logs) section for information on -troubleshooting issues related to Dell CEE. - -After Dell CEE installation is complete, it is necessary to -[Connect Data Movers to the Dell CEE Server](#connect-data-movers-to-the-dell-cee-server). - -## Configure Dell Registry Key Settings - -There may be situations when Dell CEE needs to be installed on a different Windows server than the -one where the Activity Monitor activity agent is deployed. In those cases it is necessary to -manually set the Dell CEE registry key to forward events. - -**Step 1 –** Open the Registry Editor (run regedit). - -![registryeditor](/img/product_docs/activitymonitor/config/dellpowerstore/registryeditor.webp) - -**Step 2 –** Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration - -**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. - -**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value -window closes. - -**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. - -**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the -Windows proxy server hosting the Activity Monitor activity agent. Use the following format: - -StealthAUDIT@[IP ADDRESS] - -Examples: - -StealthAUDIT@192.168.30.15 - -**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. - -![services](/img/product_docs/activitymonitor/config/dellpowerstore/services.webp) - -**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. - -The Dell CEE registry key is now properly configured to forward event to the Activity Monitor -activity agent. - -## Connect Data Movers to the Dell CEE Server - -The `cepp.conf` file contains information that is necessary to connect the Data Movers to the Dell -CEE server. An administrator must create a configuration file which contains at least one event, one -pool, and one server. All other parameters are optional. The `cepp.conf` file resides on the Data -Mover. - -**Step 1 –** Log into the Dell Celerra or VNX server with an administrator account. The -administrative account should have a $ character in the terminal. - -**NOTE:** Do not use a # charter. - -**Step 2 –** Create or retrieve the `cepp.conf` file. - -If there is not a `cepp.conf` file on the Data Mover(s), use a text editor to create a new blank -file in the home directory named `cepp.conf`. The following is an example command if using the text -editor ‘vi’ to create a new blank file: - -$ vi cepp.conf - -> If a `cepp.conf` file already exists, it can be retrieved from the Data Movers for modification -> with the following command: - -$ server_file [DATA_MOVER_NAME] -get cepp.conf cepp.conf - -**Step 3 –** Configure the `cepp.conf` file. For information on the `cepp.conf` file, see the Dell -[Using the Common Event Enabler for Windows Platforms](https://www.dellemc.com/en-us/collaterals/unauth/technical-guides-support-information/products/storage-3/docu48055.pdf) -guide instructions on how to add parameters or edit the values or existing parameters. - -**NOTE:** The information can be added to the file on one line or separate lines by using a space -and a ”\” at the end of each line, except for the last line and the lines that contain global -options: `cifsserver`, `surveytime`, `ft`, and `msrpcuser`. - -The Activity Monitor requires the following parameters to be set in the `cepp.conf` file: - -- `pool name= ` - - This should equal the name assigned to the configuration container. This container is composed - of the server(s) IP Address or FQDN where the Dell CEE is installed and where the list of - events to be monitored is located. It can be named as desired but must be a pool name. -- `servers= ` - - This should equal the IP Address or FQDN of the Windows server where the Dell CEE is - installed. If several servers are specified, separate them with the vertical bar (|) or a - colon (:). -- `postevents= ` - - The following events are required (separated with the vertical bar): - `CloseModified|CloseUnmodified|CreateDir|CreateFile|DeleteDir|DeleteFile|RenameDir|RenameFile|SetAclDir|SetAclFile ` - - If "Directory Read/List" operations are needed, append `OpenDir` to the list. -- `msrpcuser= ` - - - This should equal the domain account used to run the Dell CEE Monitor and Dell CAVA services - on the Windows server. This parameter is a security measure used to ensure events are only - sent to the appropriate servers. - - All unspecified parameters use the default setting. For most configurations, the default - setting is sufficient. - - Example cepp.conf file format: - - msrpcuser=[DOMAIN\DOMAINUSER] - - pool name=[POOL_NAME] \ - - servers=[IP_ADDRESS1]|[IP_ADDRESS2]|... \ - - postevents=[EVENT1]|[EVENT2]|... - - Example cepp.conf file format for the Activity Monitor: - - msrpcuser=[DOMAIN\DOMAINUSER running CEE services] - - pool name=[POOL_NAME for configuration container] \ - - servers=[IP_ADDRESS where CEE is installed]|... \ - - postevents=[EVENT1]|[EVENT2]|... - - Example of a completed cepp.conf file for the Activity Monitor: - - msrpcuser=example\user1 - - pool name=pool \ - - servers=192.168.30.15 \ - - postevents=CloseModified|CloseUnmodified|CreateDir|CreateFile|DeleteDir|DeleteFile|RenameDir|RenameFile|SetAclDir|SetAclFile - -**Step 4 –** Move the `cepp.conf` file to the Data Mover(s) root file system. Run the following -command: - -$ server_file [DATA_MOVER_NAME]‑put cepp.conf cepp.conf - -**NOTE:** Each Data Mover which runs Celerra Event Publishing Agent (CEPA) must have a `cepp.conf` -file, but each configuration file can specify different events. - -**Step 5 –** (This step is required only if using the `msrpcuser` parameter) Register the MSRPC user -(see Step 3 for additional information on this parameter). Before starting CEPA for the first time, -the administrator must issue the following command from the Control Station and follow the prompts -for entering information: - -/nas/sbin/server_user server_2 -add -md5 -passwd [DOMAIN\DOMAINUSER for msrpcuser] - -**Step 6 –** Start the CEPA facility on the Data Mover. Use the following command: - -server_cepp [DATA_MOVER_NAME] -service –start - -Then verify the CEPA status using the following command: - -server_cepp [DATA_MOVER_NAME] -service –status - -Once the `cepp.config` file has been configured, it is time to configure and enable monitoring with -the Activity Monitor. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for additional information. diff --git a/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/overview.md b/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/overview.md deleted file mode 100644 index f50e8f742a..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/overview.md +++ /dev/null @@ -1,116 +0,0 @@ -# Dell Celerra & Dell VNX Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or -Sensitive Data Discovery Auditing scans on Dell Celerra or Dell VNX devices. The Netwrix Activity -Monitor can be configured to monitor activity on Dell Celerra or Dell VNX devices and make the event -data available for Access Analyzer Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Access Analyzer scans must have the following permissions on the target -host: - -- Group membership in both of the following groups: - - - Power Users - - Backup Operators - -These permissions grant the credential the ability to enumerate shares, access the remote registry, -and bypass NTFS security on folders. The credential used within the assigned Connection Profile for -these target hosts requires these permissions. See the -[Dell Celerra & Dell VNX Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/access.md) topic for -instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -Troubleshooting Dell Celerra & Dell VNX Denied Access Errors - -If there are folders to which the credential is denied access, it is likely that the Backup -Operators group does not have the “Back up files and directories” right. In that case, it is -necessary to assign additional the “Back up files and directories” right to those groups or to -create a new local group, using Computer Management from a Windows server. Then assign rights to it -using the CelerraManagementTool.msc plugin, which is available to Dell customers. For further -information, see the Celerra guide Using Windows Administrative Tools on VNX found on the Celerra -website. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of Dell Celerra or Dell VNX - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -Dell Celerra & Dell VNX Requirements - -Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, -where the activity agent is deployed. - -**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. - -EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC -CEE service to start. - -See the [Dell Celerra & Dell VNX Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/activity.md) topic for -instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Dell Celerra & Dell VNX Devices - -The following firewall settings are required for communication between the CEE server/ Activity -Monitor Activity Agent server and the target Dell device: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | -| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | -| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/validate.md b/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/validate.md deleted file mode 100644 index ba232dd73e..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/validate.md +++ /dev/null @@ -1,136 +0,0 @@ -# Validate Setup - -Once the Activity Monitor agent is configured to monitor the Dell device, the automated -configuration must be validated to ensure events are being monitored. - -## Validate Dell CEE Registry Key Settings - -**NOTE:** See the -[Configure Dell Registry Key Settings](/docs/accessanalyzer/12.0/configuration/dell-unity/install-cee.md#configure-dell-registry-key-settings) -topic for information on manually setting the registry key. - -After the Activity Monitor activity agent has been configured to monitor the Dell device, it will -configure the Dell CEE automatically if it is installed on the same server as the agent. This needs -to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on -a different server than the Windows proxy server(s) where the Activity Monitor activity agent is -deployed. - -If the monitoring agent is not registering events, validate that the EndPoint is accurately set. -Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the -following steps. - -**Step 1 –** Navigate to the following windows registry key: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration - -![registryeditorendpoint](/img/product_docs/activitymonitor/config/dellunity/registryeditorendpoint.webp) - -**Step 2 –** Ensure that the Enabled parameter is set to 1. - -**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor -agent in the following formats: - -- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` - -- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` - -**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values -for other applications, separated with semicolons. - -**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. - -For Asynchronous Bulk Delivery Mode - -For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events -(VCAPS), use the following steps. - -**Step 1 –** Navigate to the following windows registry key: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration - -**Step 2 –** Ensure that the Enabled parameter is set to 1. - -**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor -agent in the following formats: - -- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` -- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` - -**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values -for other applications, separated with semicolons. - -**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the -MaxEventsPerFeed - between 10 and 10000. - -**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. - -Set the following values under the Data column: - -- Enabled – 1 -- EndPoint – StealthAUDIT - -If this is configured correctly, validate that the Dell CEE services are running. See the -[Validate Dell CEE Services are Running](#validate-dell-cee-services-are-running) topic for -additional information. - -## Validate Dell CEE Services are Running - -After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell -CEE services should be running. If the Activity Agent is not registering events and the EndPoint is -set accurately, validate that the Dell CEE services are running. Open the Services (run -`services.msc`). - -![services](/img/product_docs/activitymonitor/config/dellpowerstore/services.webp) - -The following services laid down by the Dell CEE installer should have Running as their status: - -- Dell CAVA -- Dell CEE Monitor - -## Dell CEE Debug Logs - -If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs -need to be enabled for troubleshooting purposes. Follow the steps. - -**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right -corner to Trace. - -**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list -and Disable monitoring. - -**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: - -> [http://docs.microsoft.com/en-us/sysinternals/downloads/debugview](http://docs.microsoft.com/en-us/sysinternals/downloads/debugview) - -**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration - -**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the -Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. - -**NOTE:** If the Debug DWORD Value does not exist, it needs to be added. - -**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In -the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. - -**NOTE:** If the Verbose DWORD Value does not exist, it needs to be added. - -**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: - -- Capture Win32 -- Capture Global Win32 -- Capture Events - -**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list -and Enable monitoring. - -**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. - -**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): - -- Debug View Log (from Dell Debug View tool) -- Use the **Collect Logs** button to collect debug logs from the activity agent - -**_RECOMMENDED:_** After the logs have been gathered and sent to Netwrix Support, reset these -configurations. diff --git a/docs/accessanalyzer/12.0/configuration/dell-powerscale/activity.md b/docs/accessanalyzer/12.0/configuration/dell-powerscale/activity.md deleted file mode 100644 index 778d612640..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-powerscale/activity.md +++ /dev/null @@ -1,134 +0,0 @@ -# Dell Isilon/PowerScale Activity Auditing Configuration - -Dell Isilon/PowerScale can be configured to audit Server Message Block (SMB) and NFS protocol access -events on the Dell Isilon/PowerScale cluster. All audit data can be forwarded to the Dell Common -Event Enabler (CEE). The Activity Monitor listens for all events coming through the Dell CEE and -translates all relevant information into entries in the log files or syslog messages. - -Protocol auditing must be enabled and then configured on a per-access zone basis. For example, all -SMB protocol events on a particular access zone can be audited, while only attempts to delete files -on a different access zone can be audited. - -The audit events are logged and stored on the individual OneFS nodes where the SMB/NFS client -initiated the activity. The stored events are then forwarded by the node to the Dell CEE instance or -concurrently to several instances. At this point, Dell CEE forwards the audit event to a defined -endpoint, such as Activity Monitor agent. - -Complete the following checklist prior to configuring Activity Monitor to monitor the host. -Instructions for each item of the checklist are detailed within the following sections. - -Checklist Item 1: Plan Deployment - -- Prior to beginning the deployment, gather the following: - - - DNS name of Isilon/PowerScale CIFS share(s) to be monitored - - Access Zone(s) containing the CIFS shares to be monitored - - Account with access to the OneFS UI or CLI - - Download the Dell CEE from: - - - [https://www.dell.com/support/home/en-us/](https://www.dell.com/support/home/en-us/) - -**_RECOMMENDED:_** You can achieve higher throughput and fault tolerance by monitoring the -Isilon/PowerScale cluster with more than one pair of Dell CEE and Activity Monitor Agent. The -activity will be evenly distributed between the pairs. - -Checklist Item 2: [Install Dell CEE](/docs/accessanalyzer/12.0/configuration/dell-powerscale/install-cee.md) - -- Dell CEE should be installed on a Windows or a Linux server. - - **_RECOMMENDED:_** Dell CEE can be installed on the same server as the Activity Agent, or on a - different Windows or Linux server. If CEE is installed on the same server, the Activity Agent - can configure it automatically. - -- Important: - - - Dell CEE 8.8 is the minimum supported version. It is recommended to use the latest available - version. - - Dell CEE requires .NET Framework 3.5 to be installed on the Windows server - -Checklist Item 3: Configure Auditing on the Dell Isilon/PowerScale Cluster - -- Select method: - - - **_RECOMMENDED:_** Allow the Activity Monitor to configure auditing automatically. - - - Automation completed while the Activity Monitor is configured to monitor the - Isilon/PowerScale device - - Automatically sets CEE Server with the IP Address of the server where CEE is installed - - Automatically sets Storage Cluster Name to exactly match the name known to the Activity - Monitor - - Choose between monitoring all Access Zones or scoping to specific Access Zones - - - [Manually Configure Auditing in OneFS](/docs/accessanalyzer/12.0/configuration/dell-powerscale/manual-configuration.md) - - - After configuration, add the Isilon/PowerScale device to be monitored by the Activity - Monitor - -- Important: - - - Value of the **Storage Cluster Name** field must exactly match the name entered for the - monitored host in the Activity Monitor Console. If the Storage Cluster Name cannot be modified - (for example, another 3rd party depends on it), you need to set the Host Aliases parameter in - the Activity Monitor Console. Otherwise, if for some reason the Storage Cluster Name must be - left empty, one can list OneFS cluster node names in the Host Aliases. - - - If the Storage Cluster Name is not empty, set the Host Aliases parameter to its value - - If the Storage Cluster Name is empty, set the Host Aliases to a semicolon-separated list - of OneFS node names - - - Include all Access Zones to be monitored in the auditing configuration - - As soon as the first CEE is installed, Isilon/PowerScale will start to send all activity, - including all previous audit events, to the agent. The start time can be modified to exclude - previously recorded audit events to prevent the agent from becoming overloaded with data. It - can be done using OneFS CLI only with isi audit modify command to edit the start time. - - - Start time command: - - ``` - isi audit settings global modify --cee-log-time [Protocol@2021-04-23 14:00:00] - ``` - - - View progress: - - ``` - isi_for_array isi audit progress view - ``` - - - See the Audit log time adjustment section of the Dell - [File System Auditing with Dell PowerScale and Dell Common Event Enabler](https://www.dellemc.com/resources/en-us/asset/white-papers/products/storage/h12428-wp-best-practice-guide-isilon-file-system-auditing.pdf) - documentation for additional information. - -For automatic configuration, an account needs to be provisioned with the following privileges: - -Read-only Privileges - -- ISI_PRIV_LOGIN_PAPI -- ISI_PRIV_AUTH -- ISI_PRIV_SMB -- ISI_PRIV_NFS - -Read-Write Privilege - -- ISI_PRIV_AUDIT - -Privileges can be added to a role and then the role can be assigned to an account. Use the following -commands to create a role, add privileges, and assign the role to an account: - -``` -isi auth role create --name=activity_monitor -isi auth roles modify activity_monitor --add-priv-read="ISI_PRIV_LOGIN_PAPI,ISI_PRIV_AUTH,ISI_PRIV_SMB,ISI_PRIV_NFS" -isi auth roles modify activity_monitor --add-priv-write="ISI_PRIV_AUDIT" -isi auth roles modify activity_monitor --add-user="ACCOUNT_NAME" -``` - -Assigned privileges can be verified with the following command: - -``` -isi auth mapping token "ACCOUNT_NAME" -``` - -Another way to check the privileges is to use the **OneFS Web UI** in the **OneFS** > -**Membership** > **User Mapping** > **Test User Mapping** section. - -Checklist Item 4: Configure Dell CEE to Forward Events to the Activity Agent. See the -[Validate Setup](/docs/accessanalyzer/12.0/configuration/dell-powerscale/validate.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/configuration/dell-powerscale/install-cee.md b/docs/accessanalyzer/12.0/configuration/dell-powerscale/install-cee.md deleted file mode 100644 index 61ac7f78af..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-powerscale/install-cee.md +++ /dev/null @@ -1,67 +0,0 @@ -# Install Dell CEE - -Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix -product. Dell customers have a support account with Dell to access the download. - -_Remember,_ the latest version is the recommended version of Dell CEE. - -**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity -Monitor agent will be deployed (recommended) or on any other Windows or Linux server. - -Follow the steps to install the Dell CEE. - -**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for -this component. It is recommended to use the most current version. - -**Step 2 –** Follow the instructions in the Dell -[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) -guide to install and configure the CEE. The installation will add two services to the machine: - -- EMC Checker Service (Display Name: EMC CAVA) -- EMC CEE Monitor (Display Name: EMC CEE Monitor) - -**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the -asynchronous bulk delivery (VCAPS) feature. - -After installation, open MS-RPC ports between the Dell device and the Dell CEE server. See the -[Dell CEE Debug Logs](/docs/accessanalyzer/12.0/configuration/dell-powerscale/validate.md#dell-cee-debug-logs) section for information on troubleshooting -issues related to Dell CEE. - -## Configure Dell Registry Key Settings - -There may be situations when Dell CEE needs to be installed on a different Windows server than the -one where the Activity Monitor activity agent is deployed. In those cases it is necessary to -manually set the Dell CEE registry key to forward events. - -**Step 1 –** Open the Registry Editor (run regedit). - -![registryeditor](/img/product_docs/activitymonitor/config/dellpowerstore/registryeditor.webp) - -**Step 2 –** Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration - -**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. - -**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value -window closes. - -**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. - -**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the -Windows proxy server hosting the Activity Monitor activity agent. Use the following format: - -StealthAUDIT@[IP ADDRESS] - -Examples: - -StealthAUDIT@192.168.30.15 - -**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. - -![services](/img/product_docs/activitymonitor/config/dellpowerstore/services.webp) - -**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. - -The Dell CEE registry key is now properly configured to forward event to the Activity Monitor -activity agent. diff --git a/docs/accessanalyzer/12.0/configuration/dell-powerscale/manual-configuration.md b/docs/accessanalyzer/12.0/configuration/dell-powerscale/manual-configuration.md deleted file mode 100644 index 9b2aaf97ea..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-powerscale/manual-configuration.md +++ /dev/null @@ -1,74 +0,0 @@ -# Manually Configure Auditing in OneFS - -Manual configuration for auditing is optional for newer versions as the Activity Agent can configure -the auditing automatically using the OneFS API. Follow the steps through the OneFS Storage -Administration Console. - -**Step 1 –** Navigate to the **Cluster Management** tab, and select **Auditing**. - -![settings](/img/product_docs/activitymonitor/config/dellpowerscale/settings.webp) - -**Step 2 –** In the Settings section, check the Enable Protocol Access Auditing box. - -**Step 3 –** In the Audited Zones section, add at least one zone to be audited. The **System** zone -is typically used. If the CIFS or NFS shares are accessible through different zones on the OneFS -cluster, include all relevant zones. - -Ensure that OneFS collects only events you are interested in. By default, OneFS may monitor things -like directory reads, which can take up a large amount of space. Configuring the OneFS events that -need monitoring is not done through the Activity Monitor console. Configure OneFS event monitoring -using OneFS CLI with the isi audit modify command for each access zone. Enabling monitoring for only -what is needed for the environment will reduce the data load to the agent. - -Activity Monitor monitors the following events: `close_file_modified`, `close_file_unmodified`, -`create_file`, `create_directory`, `delete_file`, `delete_directory`, `rename_file`, -`rename_directory`, `set_security_file`, `set_security_directory`, and `open_directory` (if you want -to monitor Directory List/Read events). - -For each monitored access zone: - -- Use isi audit settings view `isi --zone ZONENAME` to check current settings. -- Disable reporting of failure and syslog audit events with: - - isi audit settings modify --zone ZONENAME --clear-audit-failure --clear-syslog-audit-events - -- Set the success audit events with: - - isi audit settings modify --zone ZONENAME - --audit-success=close_file_modified,close_file_unmodified,create_file,create_directory,delete_file,delete_directory,rename_file,rename_directory,set_security_file,set_security_directory - -![eventforwarding](/img/product_docs/activitymonitor/config/dellpowerscale/eventforwarding.webp) - -**Step 4 –** In the Event Forwarding section, add the CEE Server URI value for the Windows or Linux -server hosting CEE. Use either of the following format: - -http://[IP ADDRESS]:[PORT]/cee - -http://[SERVER Name]:[PORT]/cee - -**_RECOMMENDED:_** When deploying multiple Dell CEE instances at scale, it is recommended that an -accommodating agent must be configured with each CEE instance. If multiple CEE instances send events -to just one agent, it may create an overflow of data and overload the agent. Distributing the -activity stream into pairs will be the most efficient way of monitoring large data sets at scale. - -**Step 5 –** Also in the Event Forwarding section, set the **Storage Cluster Name** value. It must -be an exact match to the name which is entered in the Activity Monitor for the **Monitored Host** -list. - -This name is used as a ‘tag’ on all events coming through the CEE. This name must exactly match what -is in the Activity Monitor or it does not recognize the events. - -**_RECOMMENDED:_** Use the CIFS DNS name for Dell OneFS. - -**NOTE:** To use the Activity Monitor with Access Analyzer for Activity Auditing (FSAC) scans, the -name entered here must exactly match what is used for Access Analyzer as a target host. - -If the Storage Cluster Name cannot be modified (for example, another third-party depends on it), you -need to set the Host Aliases parameter in the Activity Monitor Console: - -- If the Storage Cluster Name is not empty, set the Host Aliases parameter to its value -- If the Storage Cluster Name is empty, set the Host Aliases to a semicolon-separated list of OneFS - node names - -Next, it is time to configure the monitoring agent on the Windows server to monitor the -Isilon/PowerScale device. diff --git a/docs/accessanalyzer/12.0/configuration/dell-powerscale/overview.md b/docs/accessanalyzer/12.0/configuration/dell-powerscale/overview.md deleted file mode 100644 index 7021c4b576..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-powerscale/overview.md +++ /dev/null @@ -1,210 +0,0 @@ -# Dell Isilon/PowerScale Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or -Sensitive Data Discovery Auditing scans on Dell Isilon/PowerScale devices. The Netwrix Activity -Monitor can be configured to monitor activity on Dell Isilon/PowerScale devices and make the event -data available for Access Analyzer Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Access Analyzer scans must have the following permissions on the target -host: - -- Group membership in the local Administrators group – LOCAL:System Provider -- Rights on the actual file tree or to the IFS root share - - - Share Permissions: - - - Read access - -These permissions grant the credential the ability to enumerate shares, access the remote registry, -and bypass NTFS security on folders. The credential used within the assigned Connection Profile for -these target hosts requires these permissions. See the topic for instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -Additional Sensitive Data Discovery Auditing Permission - -In order to execute scoped Sensitive Data Discovery Auditing scans, the credential must also have -the LOCAL:System provider selected in each access zone in which the shares to be scanned reside. - -The credential must have an Authentication Provider configured for the Isilon/PowerScale device. For -example, if the credential is an Active Directory account, then the domain where the account resides -must be an Active Directory Authentication Provider. This is configured in the OneFS® Storage -Administration Console. Navigate to the Access tab, and select Authentication Providers. - -## Local Administrator Group Membership for Isilon - -Follow the steps assign membership in the local Administrators group through the OneFS Storage -Administration Console. - -**Step 1 –** Navigate to the **Access** tab, and select **Membership & Roles** for the System Access -Zone. - -![Groups tab](/img/product_docs/accessanalyzer/config/dellpowerscale/groupstab.webp) - -**Step 2 –** On the **Groups** tab, set the Providers to **LOCAL: System**. Then select **View / -Edit** for the Administrators group. The View Group Details window opens. - -![Edit Group window](/img/product_docs/dataclassification/ndc/admin/sources/sourcegroups/editgroup.webp) - -**Step 3 –** Click **Edit Group** and the Edit Group window opens. Click **Add Members**, and enter -the User Name and Provider in the Select a User window. Click **Select**, and then click **Save -Changes**. The Edit Group window closes. - -**Step 4 –** Click **Close**. The View Group Details window closes. - -Share permissions can now be granted to this credential. - -## BackupAdmin Role Assignment for OneFS - -Follow the steps to assign the credential to the **BackupAdmin** role through OneFS Storage -Administration Console. - -**Step 1 –** Navigate to the **Access** tab > **Membership & Roles** for the System Access Zone. - -![One FS Dashboard](/img/product_docs/accessanalyzer/config/dellpowerscale/rolestab.webp) - -**Step 2 –** On the Roles tab, select **View / Edit** for the BackupAdmin role. The View Role -Details window opens. - -![One FS Role Details Window](/img/product_docs/accessanalyzer/config/dellpowerscale/viewroledetails.webp) - -**Step 3 –** Click **Edit** role and the Edit role details window opens. - -**Step 4 –** Click **Add a member to this role**. - -**Step 5 –** Enter the **User Name** and **Provider** in the Select a User window then click Search. -The user appears in the Search Results table. - -**Step 6 –** Click **Select** and the Edit role window closes. - -**Step 7 –** Click **Save Changes** and the successful save notification appears. - -**Step 8 –** Click **Close**. - -The View role details window closes. - -## NFS Export Scan Requirements for Isilon/PowerScale - -Access Analyzer supports scanning Isilon/PowerScale NFSv3 exports. The following settings need to be -configured in OneFS for the Access Analyzer server's IP address for each Isilon/PowerScale NFS -export to be scanned. - -The Access Analyzer server IP needs to be added to the following fields in each NFS export's -settings, in the OneFS UI under **Protocols** > **UNIX sharing (NFS)** > **View/Edit** > **Edit -export** (per NFS export): - -- Always read-only clients -- Root Clients - -The NFS export to be scanned also needs to be configured so root squash is disabled, which is -performed in the same Edit export menu as the above settings. - -**Step 1 –** Navigate to the export's **Root user mapping** settings. - -**Step 2 –** Select **Map root users to a specified user**. - -**Step 3 –** Set both User and Group to **0** (effectively mapping root client UID/GID to 0). - -Both of these steps need to be performed in each NFS export's settings that a user would like to -scan. - -### Troubleshooting NFSv3 Export Access - -If Access Analyzer is not discovering the expected NFS export, it is possible that the export policy -is not properly configured to allow the Access Analyzer server or proxy server IP Address to mount -the NFS export. One step in troubleshooting this issue is to confirm a Unix client (or WSL for -Windows) in the same IP range as the Access Analyzer server or proxy server can mount the NFS -export. - -Run the following command from a Unix host to verify the NFS mount is available: - -``` -showmount ‑e[NFS_HOSTNAME_OR_IP] -``` - -If the NFS export is returned as a result of the previous command, then Access Analyzer should also -be able to mount it. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of Dell Isilon/PowerScale - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -Dell Isilon/PowerScale Requirements - -Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, -where the activity agent is deployed. - -**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. - -EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC -CEE service to start. - -See the [Dell Isilon/PowerScale Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/dell-powerscale/activity.md) topic for -instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Dell Isilon/PowerScale Devices - -The following firewall settings are required for communication between the CEE server/ Activity -Monitor Activity Agent server and the target Dell Isilon/PowerScale device: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | -| Dell Isilon/PowerScale to CEE Server | TCP | TCP 12228 | CEE Communication | -| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/dell-unity/activity.md b/docs/accessanalyzer/12.0/configuration/dell-unity/activity.md deleted file mode 100644 index 62991fa691..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-unity/activity.md +++ /dev/null @@ -1,67 +0,0 @@ -# Dell Unity Activity Auditing Configuration - -A Dell Unity device can be configured to audit Server Message Block (SMB) protocol access events. -All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Netwrix Activity Monitor -listens for all events coming through the Dell CEE and translates all relevant information into -entries in the TSV files or syslog messages. - -If the service is turned off, a notification will be sent to the Dell CEE framework to turn off the -associated Activity Monitor filter, but the policy will not be removed. - -The Dell CEE Framework uses a “push” mechanism so a notification is sent only to the activity agent -when a transaction occurs. Daily activity log files are created only if activity is performed. No -activity log file is created if there is no activity for the day. - -Configuration Checklist - -Complete the following checklist prior to configuring activity monitoring of Dell Unity devices. -Instructions for each item of the checklist are detailed within the following topics. - -Checklist Item 1: Plan Deployment - -- Prior to beginning the deployment, gather the following: - - - Data Mover or Virtual Data Mover hosting the share(s) to be monitored - - Account with access to the CLI - - Download the Dell CEE from: - - - [http://support.emc.com](http://support.emc.com/) - -Checklist Item 2: [Install Dell CEE](/docs/accessanalyzer/12.0/configuration/dell-unity/install-cee.md) - -- Dell CEE should be installed on the Windows proxy server(s) where the Activity Monitor activity - agent will be deployed - - **_RECOMMENDED:_** The latest version of Dell CEE is the recommended version to use with the - asynchronous bulk delivery (VCAPS) feature. - -- Important: - - - Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE - is installed - - Dell CEE 8.4.2 through Dell CEE 8.6.1 are not supported for use with the VCAPS feature - - Dell CEE requires .NET Framework 3.5 to be installed on the Windows proxy server - -Checklist Item 3: Dell Unity Device Configuration - -- Configure initial setup for a Unity device - - - [Unity Initial Setup with Unisphere](/docs/accessanalyzer/12.0/configuration/dell-unity/setup-unisphere.md) - -Checklist Item 4: Activity Monitor Configuration - -- Deploy the Activity Monitor activity agent to a Windows proxy server where Dell CEE was installed - - - After activity agent deployment, configure the Dell CEE Options tab of the agent’s Properties - window within the Activity Monitor Console - - - Automatically sets the Dell registry key settings - -Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent - -**NOTE:** When Dell CEE is installed on Windows proxy server(s) where the Activity Monitor activity -agent will be deployed, the following steps are not needed. - -- Ensure the Dell CEE registry key has enabled set to 1 and has an EndPoint set to StealthAUDIT. -- Ensure the Dell CAVA service and the Dell CEE Monitor service are running. -- See the [Validate Setup](/docs/accessanalyzer/12.0/configuration/dell-unity/validate.md) topic for instructions. diff --git a/docs/accessanalyzer/12.0/configuration/dell-unity/install-cee.md b/docs/accessanalyzer/12.0/configuration/dell-unity/install-cee.md deleted file mode 100644 index 87b4bc0c85..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-unity/install-cee.md +++ /dev/null @@ -1,66 +0,0 @@ -# Install Dell CEE - -Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix -product. Dell customers have a support account with Dell to access the download. - -_Remember,_ the latest version is the recommended version of Dell CEE. - -**_RECOMMENDED:_** The Dell CEE package can be installed on the Windows server where the Activity -Monitor agent will be deployed (recommended) or on any other Windows or Linux server. - -Follow the steps to install the Dell CEE. - -**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for -this component. It is recommended to use the most current version. - -**Step 2 –** Follow the instructions in the Dell -[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) -guide to install and configure the CEE. The installation will add two services to the machine: - -- EMC Checker Service (Display Name: EMC CAVA) -- EMC CEE Monitor (Display Name: EMC CEE Monitor) - -**_RECOMMENDED:_** The latest version of .NET Framework and Dell CEE is recommended to use with the -asynchronous bulk delivery (VCAPS) feature. - -After Dell CEE installation is complete, it is necessary to complete the -[Unity Initial Setup with Unisphere](/docs/accessanalyzer/12.0/configuration/dell-unity/setup-unisphere.md). - -## Configure Dell Registry Key Settings - -There may be situations when Dell CEE needs to be installed on a different Windows server than the -one where the Activity Monitor activity agent is deployed. In those cases it is necessary to -manually set the Dell CEE registry key to forward events. - -**Step 1 –** Open the Registry Editor (run regedit). - -![registryeditor](/img/product_docs/activitymonitor/config/dellpowerstore/registryeditor.webp) - -**Step 2 –** Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration - -**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. - -**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value -window closes. - -**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. - -**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the -Windows proxy server hosting the Activity Monitor activity agent. Use the following format: - -StealthAUDIT@[IP ADDRESS] - -Examples: - -StealthAUDIT@192.168.30.15 - -**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. - -![services](/img/product_docs/activitymonitor/config/dellpowerstore/services.webp) - -**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. - -The Dell CEE registry key is now properly configured to forward event to the Activity Monitor -activity agent. diff --git a/docs/accessanalyzer/12.0/configuration/dell-unity/overview.md b/docs/accessanalyzer/12.0/configuration/dell-unity/overview.md deleted file mode 100644 index 53e7d5393a..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-unity/overview.md +++ /dev/null @@ -1,114 +0,0 @@ -# Dell Unity Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or -Sensitive Data Discovery Auditing scans on Dell Unity devices. The Netwrix Activity Monitor can be -configured to monitor activity on Dell Unity devices and make the event data available for Access -Analyzer Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Access Analyzer scans must have the following permissions on the target -host: - -- Group membership in both of the following groups: - - - Power Users - - Backup Operators - -These permissions grant the credential the ability to enumerate shares, access the remote registry, -and bypass NTFS security on folders. The credential used within the assigned Connection Profile for -these target hosts requires these permissions. See the -[Dell Unity Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/dell-unity/access.md) topic for instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -Troubleshooting Dell Unity Denied Access Errors - -If there are folders to which the credential is denied access, it is likely that the Backup -Operators group does not have the “Back up files and directories” right. In that case, it is -necessary to assign additional the “Back up files and directories” right to those groups or to -create a new local group, using Computer Management from a Windows server. Then assign rights to it -using the CelerraManagementTool.msc plugin, which is available to Dell customers. For further -information, see the Celerra guide Using Windows Administrative Tools on VNX found on the Celerra -website. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of Dell Unity - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -Dell Unity Requirements - -Additionally, the EMC Common Event Enabler (CEE) should be installed on the Windows proxy server, -where the activity agent is deployed. - -**_RECOMMENDED:_** Use the latest available CEE version from the Dell Support website. - -EMC CEE requires .NET Framework 3.5 to be installed on the Windows proxy server in order for the EMC -CEE service to start. - -See the [Dell Unity Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/dell-unity/activity.md) topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Dell Unity Devices - -The following firewall settings are required for communication between the CEE server/ Activity -Monitor Activity Agent server and the target Dell device: - -| Communication Direction | Protocol | Ports | Description | -| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | -| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | -| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/dell-unity/setup-unisphere.md b/docs/accessanalyzer/12.0/configuration/dell-unity/setup-unisphere.md deleted file mode 100644 index be937782e2..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-unity/setup-unisphere.md +++ /dev/null @@ -1,27 +0,0 @@ -# Unity Initial Setup with Unisphere - -Follow the steps to configure the initial setup for a Unity device with Unisphere. - -**Step 1 –** Edit the NAS Server > Protection and Events > Events Publishing > Select Pool settings: - -- Add CEPA server – This is the server where CEE is installed. It is recommended that this is also - the server were the Activity Monitor activity agent is deployed. -- Enable the following events for Post Events. - -Required Unity events needed for CIFS Activity: - -![NAM Required Events For CIFS](/img/product_docs/activitymonitor/config/dellunity/eventscifs.webp) - -Required Unity events needed for NFS Activity: - -![NAM Required Events For NFS](/img/product_docs/activitymonitor/config/dellunity/eventsnfs.webp) - -**Step 2 –** Enable Events Publishing: - -- Edit the FileSystem > Advanced settings: - - - NFS Events Publishing – Enabled (required for NFS protocol monitoring) - - SMB Events publishing – Enabled (required for SMB / CIFS protocol monitoring) - -Once Unity setup is complete, it is time to configure and enable monitoring with the Activity -Monitor. diff --git a/docs/accessanalyzer/12.0/configuration/dell-unity/validate.md b/docs/accessanalyzer/12.0/configuration/dell-unity/validate.md deleted file mode 100644 index fbbdd1de75..0000000000 --- a/docs/accessanalyzer/12.0/configuration/dell-unity/validate.md +++ /dev/null @@ -1,136 +0,0 @@ -# Validate Setup - -Once the Activity Monitor agent is configured to monitor the Dell device, the automated -configuration must be validated to ensure events are being monitored. - -## Validate CEE Registry Key Settings - -**NOTE:** See the -[Configure Dell Registry Key Settings](/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/install-cee.md#configure-dell-registry-key-settings) -topic for information on manually setting the registry key. - -After the Activity Monitor activity agent has been configured to monitor the Dell device, it will -configure the Dell CEE automatically if it is installed on the same server as the agent. This needs -to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on -a different server than the Windows proxy server(s) where the Activity Monitor activity agent is -deployed. - -If the monitoring agent is not registering events, validate that the EndPoint is accurately set. -Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the -following steps. - -**Step 1 –** Navigate to the following windows registry key: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration - -![registryeditorendpoint](/img/product_docs/activitymonitor/config/dellunity/registryeditorendpoint.webp) - -**Step 2 –** Ensure that the Enabled parameter is set to 1. - -**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor -agent in the following formats: - -- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` - -- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` - -**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values -for other applications, separated with semicolons. - -**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. - -For Asynchronous Bulk Delivery Mode - -For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events -(VCAPS), use the following steps. - -**Step 1 –** Navigate to the following windows registry key: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration - -**Step 2 –** Ensure that the Enabled parameter is set to 1. - -**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor -agent in the following formats: - -- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` -- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` - -**NOTE:** All protocol strings are case sensitive. The EndPoint parameter may also contain values -for other applications, separated with semicolons. - -**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the -MaxEventsPerFeed - between 10 and 10000. - -**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. - -Set the following values under the Data column: - -- Enabled – 1 -- EndPoint – StealthAUDIT - -If this is configured correctly, validate that the Dell CEE services are running. See the -[Validate Dell CEE Services are Running](#validate-dell-cee-services-are-running) topic for -additional information. - -## Validate Dell CEE Services are Running - -After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell -CEE services should be running. If the Activity Agent is not registering events and the EndPoint is -set accurately, validate that the Dell CEE services are running. Open the Services (run -`services.msc`). - -![services](/img/product_docs/activitymonitor/config/dellpowerstore/services.webp) - -The following services laid down by the Dell CEE installer should have Running as their status: - -- Dell CAVA -- Dell CEE Monitor - -## CEE Debug Logs - -If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs -need to be enabled for troubleshooting purposes. Follow the steps. - -**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right -corner to Trace. - -**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list -and Disable monitoring. - -**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: - -> [http://docs.microsoft.com/en-us/sysinternals/downloads/debugview](http://docs.microsoft.com/en-us/sysinternals/downloads/debugview) - -**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: - -HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration - -**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the -Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. - -**NOTE:** If the Debug DWORD Value does not exist, it needs to be added. - -**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In -the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. - -**NOTE:** If the Verbose DWORD Value does not exist, it needs to be added. - -**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: - -- Capture Win32 -- Capture Global Win32 -- Capture Events - -**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts list -and Enable monitoring. - -**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. - -**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): - -- Debug View Log (from Dell Debug View tool) -- Use the **Collect Logs** button to collect debug logs from the activity agent - -**_RECOMMENDED:_** After the logs have been gathered and sent to Netwrix Support, reset these -configurations. diff --git a/docs/accessanalyzer/12.0/configuration/entra-id/access.md b/docs/accessanalyzer/12.0/configuration/entra-id/access.md deleted file mode 100644 index 375a07d00f..0000000000 --- a/docs/accessanalyzer/12.0/configuration/entra-id/access.md +++ /dev/null @@ -1,210 +0,0 @@ -# Microsoft Entra ID Auditing Configuration - -The Access Analyzer for Entra ID Solution provides the ability to audit Microsoft Entra ID, formerly -Azure Active Directory. It scans: - -- Microsoft Entra ID (formerly Azure AD) - -**NOTE:** A user account with the Global Administrator role is required to register an app with -Microsoft Entra ID. - -Data Collector - -- [AzureADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/overview.md) - -Configuration Settings from the Registered Application - -The following settings are needed from your tenant once you have registered the application: - -- Client ID – This is the Application (client) ID for the registered application -- Key – This is the Client Secret Value generated when a new secret is created - - **CAUTION:** It is not possible to retrieve the value after saving the new key. It must be - copied first. - -**NOTE:** In order to add custom attributes, you will also need to know the Tenant name of the Entra -ID environment. - -## Permissions - -The following permissions are required: - -- Microsoft Graph API - - - Application Permissions: - - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - - Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -- Access URLs - - - https://login.windows.net - - https://graph.windows.net - - https://login.microsoftonline.com - - https://graph.microsoft.com - - - All sub-directories of the access URLs listed - -## Register a Microsoft Entra ID Application - -Follow the steps to register Access Analyzer with Microsoft Entra ID. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App -registrations. - -**Step 3 –** In the top toolbar, click **New registration**. - -**Step 4 –** Enter the following information in the Register an application page: - -- Name – Enter a user-facing display name for the application, for example Netwrix Access Analyzer - (formerly Enterprise Auditor) Entra ID -- Supported account types – Select **Accounts in this organizational directory only** - -**Step 5 –** Click **Register**. - -The Overview page for the newly registered app opens. Review the newly created registered -application. Now that the application has been registered, permissions need to be granted to it. - -## Grant Permissions to the Registered Application - -Follow the steps to grant permissions to the registered application. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. - -**Step 3 –** In the top toolbar, click **Add a permission**. - -**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs -tab. Select the following permissions: - -- Under Application Permissions, select: - - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - -- Under Delegated Permissions, select: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -**Step 5 –** At the bottom of the page, click **Add Permissions**. - -**Step 6 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation -window. - -Now that the permissions have been granted to it, the Connection Profile and host settings for -Access Analyzer need to be collected. - -**NOTE:** Additional permissions need to be configured to collect Microsoft Entra roles information. -See the -[Microsoft Entra Roles Auditing Configuration](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/entra-id/entra-roles.md) -topic for additional information. - -## Identify the Client ID - -Follow the steps to find the registered application's Client ID. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** Copy the **Application (client) ID** value. - -**Step 3 –** Save this value in a text file. - -This Application (client) ID value is needed for the Access Analyzer Connection Profile and the -Custom Attributes page of the AzureADInventory Data Collector. See the -[Azure Active Directory for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/entra-id.md) -topic and the -[AzureADInventory: Custom Attributes](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/custom-attributes.md) -topic for additional information. Next generate the application’s Client Secret Key. - -## Generate the Client Secret Key - -Follow the steps to find the registered application's Client Secret, create a new key, and save its -value when saving the new key. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**CAUTION:** It is not possible to retrieve the value after saving the new key. It must be copied -first. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. - -**Step 3 –** In the top toolbar, click **New client secret**. - -**Step 4 –** On the Add a client secret blade, complete the following: - -- Description – Enter a unique description for this secret -- Expires – Select the duration. - - **NOTE:** Setting the duration on the key to expire requires reconfiguration at the time of - expiration. It is best to configure it to expire in 1 or 2 years. - -**Step 5 –** Click **Add** to generate the key. - -**CAUTION:** If this page is left before the key is copied, then the key is not retrievable, and -this process will have to be repeated. - -**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the -Copy to clipboard button to copy the Client Secret. - -**Step 7 –** Save this value in a text file. - -This Client Secret value is needed for the Access Analyzer Connection Profile and the Custom -Attributes page of the AzureADInventory Data Collector. See the -[Azure Active Directory for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/entra-id.md) -topic and the -[AzureADInventory: Custom Attributes](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/custom-attributes.md) -topic for additional information. - -## Identify the Tenant Name - -Follow the steps to find the Tenant Name where the registered application resides. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Settings** and click **Domain -names** to open the Custom domain names list. - -**Step 3 –** Copy the domain name from the list of domains. - -**Step 4 –** Save this value in a text file. - -This is needed for the Host List and the Custom Attributes page of the AzureADInventory Data -Collector. See the -[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/configure-job.md) -and [AzureADInventory: Custom Attributes](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/custom-attributes.md) -topics for additional information. diff --git a/docs/accessanalyzer/12.0/configuration/entra-id/overview.md b/docs/accessanalyzer/12.0/configuration/entra-id/overview.md deleted file mode 100644 index 878561c9bd..0000000000 --- a/docs/accessanalyzer/12.0/configuration/entra-id/overview.md +++ /dev/null @@ -1,29 +0,0 @@ -# Microsoft Entra ID Tenant Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute scans on Microsoft Entra ID, -formerly Azure Active Directory. - -## Auditing Permissions - -It is necessary to register Access Analyzer as a web application to the targeted Microsoft Entra ID -in order for Access Analyzer to scan the environment. This generates the Client ID (App ID) and Key -(App Key) needed for the Connection Profile credentials and the Custom Attributes Import Wizard -page. - -See the [Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/12.0/configuration/entra-id/access.md) topic for additional information. - -## Entra Roles Permissions - -To collect Microsoft Entra roles information from the Microsoft Entra tenant additional permissions -are required to be assigned to the registered application. This includes creating a custom role with -the required resource manager permissions. - -See the -[Microsoft Entra Roles Auditing Configuration](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/entra-id/entra-roles.md) -topic for additional information. - -## Auditing Port Requirements - -The following firewall ports are needed by the AzureADInventory and Entra Data Collectors: - -- TCP 80 and 443 diff --git a/docs/accessanalyzer/12.0/configuration/exchange-online/access.md b/docs/accessanalyzer/12.0/configuration/exchange-online/access.md deleted file mode 100644 index 6fddb4b283..0000000000 --- a/docs/accessanalyzer/12.0/configuration/exchange-online/access.md +++ /dev/null @@ -1,282 +0,0 @@ -# Exchange Online Auditing Configuration - -It is necessary to register Access Analyzer as a web application to the targeted Microsoft Entra ID, -formerly Azure Active Directory, in order for Access Analyzer to scan the environment. This -generates the Client ID (App ID) and self-signed certificate (Certificate Thumbprint) needed for the -Connection Profile credentials and/or the Custom Attributes Import Wizard page. See -[Microsoft Support](https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-api-prerequisites-azure-portal) -for assistance in configuring the Microsoft Entra ID web application. - -**NOTE:** A user account with the Global Administrator role is required to register an app with -Microsoft Entra ID. - -Configuration Settings from the Registered Application - -The following settings are needed from your tenant once you have registered the application: - -- Client ID – This is the Application (client) ID for the registered application -- Tenant name – This is the primary domain name of the Microsoft Entra tenant -- Certificate Thumbprint – This is thumbprint value of the certificate uploaded to the Microsoft - Entra ID application - -Configure Modern Authentication for Exchange Online using EX_RegisterAzureAppAuth Instant Job - -Registering a Microsoft Entra ID application and provisioning it to grant permissions to Exchange -Online can be automated using the EX_RegisterAzureAppAuth job from the Access Analyzer Instant Job -Library. The EX_RegisterAzureAppAuth job uses the PowerShell Data Collector to automatically -configure modern authentication for Exchange Online. It requires: - -- A Connection Profile containing a Microsoft Entra ID Global Admin credential with an Account Type - of **Task (Local)** -- Exchange Online Management v3.4.0 - - - You can install this module with the following command: - - ``` - Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 - ``` - -- Azure AD PowerShell module installed on targeted hosts - - **NOTE:** If the module is not already installed, the job will attempt to install it. - - - You can install the module with the following command: - - ``` - Install-Module AzureAD - ``` - - - TLS 1.2 is required for the Azure AD PowerShell module. Run the following command to configure - it: - - ``` - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - ``` - -- Microsoft Graph PowerShell module installed on targeted hosts - - - You can install the module with the following command: - - ``` - Install-Module Microsoft.Graph - ``` - -See the -[EX_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/ex-register-azure-app-auth.md) -topic for additional information. - -## Prerequisites - -The following prerequisites are required to use Modern Authentication for Exchange Online in Access -Analyzer. - -- Exchange Online Management v3.4.0 - - - You can install this module with the following command: - - ``` - Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 - ``` - -- Create a self-signed certificate that will be used by Access Analyzer for Modern Authentication - -## Permissions - -The following permissions are required: - -Permissions for Office 365 Exchange Online - -- Application Permissions: - - - Exchange.ManageAsApp – Manage Exchange As Application - - full_access_as_app – Use Exchange Web Services with full access to all mailboxes - -- Exchange Administrator role assigned to the registered application's service principal - -## Create Self–Signed Certificate - -A self signed certificate needs to be created on the Access Analyzer console server. This is used by -Access Analyzer to connect to the Microsoft Entra tenant. - -Follow the steps create the self-signed certificate. - -**Step 1 –** To generate a certificate, use the sample PowerShell command below: - -- Change the following parameters in the sample PowerShell command. See the Microsoft - [New-SelfSignedCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate) - article for additional information. - - - DNS Name – Specifies a DNS name to put into the subject alternative name extension of the - certificate - - Subject – A unique name for the new App (always starts with CN=, to denote a canonical name) - - FriendlyName – Same as Subject name minus the canonical name prefix - - NotAfter – A datetime string denoting the certificate's expiration date - in the above sample, - Get-Date.AddYears(11) specifies that the certificate will expire 11 years from the current - datetime - -Example PowerShell: - -``` -$cert=New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My -DnsName stealthbits.com -Subject "CN=NEA Exchange Online" -FriendlyName "NEA Exchange Online" -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddYears(11) -``` - -**Step 2 –** Export the certificate public key as a .cer file to the PrivateAssemblies folder in -Access Analyzer with the Export–Certificate cmdlet using the certificate path stored in the -$certPath variable (see Step 1). - -**NOTE:** The environment variable `SAINSTALLDIR` always points to the base Access Analyzer install -directory; simply append the PrivateAssemblies to point to that folder with the following cmdlet: - -``` -Export-Certificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\exchange_cert.cer" -Type CERT -``` - -- See the Microsoft - [Export-Certificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-certificate) - article for additional information. - -**Step 3 –** Export the certificate private key as a .pfx file to the same folder by running the -following cmdlet: - -**_RECOMMENDED:_** Change the string in the Password parameter from "PasswordGoesHere" to something -more secure before running this cmdlet. - -``` -Export-PfxCertificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\exchange_cert.pfx" -Password (ConvertTo-SecureString -String "PasswordGoesHere" -Force -AsPlainText) -``` - -- See the Microsoft - [Export-PfxCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-pfxcertificate) - article for additional information. - -The self signed certificate has been created. The next steps are to create a Microsoft Entra ID -application and then upload this certificate to it. - -## Register a Microsoft Entra ID Application - -Follow the steps to register Access Analyzer with Microsoft Entra ID. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App -registrations. - -**Step 3 –** In the top toolbar, click **New registration**. - -**Step 4 –** Enter the following information in the Register an application page: - -- Name – Enter a user-facing display name for the application, for example Netwrix Access Analyzer - (formerly Enterprise Auditor) for Exchange -- Supported account types – Select **Accounts in this organizational directory only** - -**Step 5 –** Click **Register**. - -The Overview page for the newly registered app opens. Review the newly created registered -application. Now that the application has been registered, permissions need to be granted to it. - -## Upload Self-Signed Certificate - -Follow the steps upload your self-signed certificate. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. - -**Step 3 –** Select the Certificates tab. - -**Step 4 –** In the tool bar, click **Upload Certificate**. - -**Step 5 –** Navigate to the to PrivateAssemblies folder and select the `exchange_cert.cer` file. -Optionally add a Description. - -**Step 6 –** Click **Add**. - -The Certificate Thumbprint of this uploaded certificate is needed for the Access Analyzer Connection -Profile. See the -[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/exchange-modern-auth.md) -topic for additional information. - -## Grant Permissions to the Registered Application - -Follow the steps to grant permissions to the registered application. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. - -**Step 3 –** In the top toolbar, click **Add a permission**. - -**Step 4 –** On the Request API permissions blade, use the search bar on the APIs my organization -uses tab to find and select Office 365 Exchange Online. Select the following permissions: - -- Application Permissions: - - - Exchange.ManageAsApp – Manage Exchange As Application - - full_access_as_app – Use Exchange Web Services with full access to all mailboxes - -- Exchange Administrator role assigned to the registered application's service principal - -**Step 5 –** At the bottom of the page, click **Add Permissions**. - -**Step 6 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation -window. - -Now that the permissions have been granted to it, the Connection Profile and host settings for -Access Analyzer need to be collected. - -## Identify the Tenant's Name - -Follow the steps to find the Tenant Name where the registered application resides. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Settings** and click **Domain -names** to open the Custom domain names list. - -**Step 3 –** Copy the domain name from the list of domains. - -**Step 4 –** Save this value in a text file. - -This is needed for the Access Analyzer Connection Profile. See the -[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/exchange-modern-auth.md) -topic for additional information. Next identify the application’s Client ID. - -## Identify the Client ID - -Follow the steps to find the registered application's Client ID. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** Copy the **Application (client) ID** value. - -**Step 3 –** Save this value in a text file. - -This is needed for the Access Analyzer Connection Profile. See the -[Exchange Modern Authentication for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/exchange-modern-auth.md) -topic for additional information. diff --git a/docs/accessanalyzer/12.0/configuration/hitachi/activity.md b/docs/accessanalyzer/12.0/configuration/hitachi/activity.md deleted file mode 100644 index 6b37e7f7b4..0000000000 --- a/docs/accessanalyzer/12.0/configuration/hitachi/activity.md +++ /dev/null @@ -1,52 +0,0 @@ -# Hitachi Activity Auditing Configuration - -The Hitachi NAS (HNAS) server can host multiple Enterprise Virtual Servers (EVS). Each EVS has -multiple file systems. Auditing is enabled and configured per file system. This guide explains how -to enable auditing on an HNAS and to configure the Activity Monitor to monitor activity coming from -the Hitachi device auditing. - -The Activity Monitor does not use the EVS or file system name to connect to HNAS. Therefore, all -that is required of the user for HNAS activity collection is the following: - -- Logs path (UNC) - - - Active Log file name – Active Log File name needs with an `.evt` extension, and it should be - the same as in the HNAS configuration. This is usually `audit.evt`. - -- Credentials to access the HNAS log files - - - The only requirement for the credentials is the ability to read files from the `logs` - directory. - -- A polling interval between log collections (15 seconds by default) - - - The Activity Monitor minimizes IO by remembering a file offset where it stopped reading and - continuing from that offset next time. - -**CAUTION:** The following disclaimer is provided by Hitachi: - -“Because CIFS defines open and close operations, auditing file system object access performed by -clients using other protocols would be costly in terms of system performance, because each I/O -operation would have to be audited as an open operation. **Therefore, when file system auditing is -enabled, by default, only clients connecting through the CIFS protocol are allowed access to the -file system.** Access by clients using other protocols, like NFS, can, however, be allowed. When -such access is allowed, access to file system objects through these protocols is not audited.” - -**NOTE:** File system auditing can be configured to deny access to clients connecting with protocols -that cannot be audited (NFS). Please see the Hitachi -[Server and Cluster Administration Guide](https://support.hds.com/download/epcra/hnas0106.pdf) for -additional information. - -Configuration Checklist - -Complete the following checklist prior to configuring activity monitoring of Hitachi devices. -Instructions for each item of the checklist are detailed within the following topics. - -Checklist Item 1: [Configure Audit Logs on HNAS](/docs/accessanalyzer/12.0/configuration/hitachi/configure-logs.md) - -Checklist Item 2: -[Configure Access to HNAS Audit Logs on Activity Agent Server](/docs/accessanalyzer/12.0/configuration/hitachi/configure-access-to-logs.md) - -Checklist Item 3: Activity Monitor Configuration - -- Deploy the Activity Monitor Activity Agent to a Windows proxy server diff --git a/docs/accessanalyzer/12.0/configuration/hitachi/configure-logs.md b/docs/accessanalyzer/12.0/configuration/hitachi/configure-logs.md deleted file mode 100644 index 6526a104a6..0000000000 --- a/docs/accessanalyzer/12.0/configuration/hitachi/configure-logs.md +++ /dev/null @@ -1,33 +0,0 @@ -# Configure Audit Logs on HNAS - -Follow the steps to configure access to the HNAS audit logs on the Hitachi device. - -**Step 1 –** Open a browser and enter the IP Address for HNAS in the address bar to launch the -Hitachi Storage Navigator (SN). Enter the username and password. - -**Step 2 –** At the Storage Navigator home page, click File Services. - -**Step 3 –** On the File Services screen, click Enable File Service. - -**Step 4 –** On the Enable File Services screen, verify that the CIFS/Windows service is selected. - -**Step 5 –** On the File Services screen, click File System Security. - -**Step 6 –** Click Switch Mode and set the default file system security mode to Mixed (Windows and -UNIX) for all virtual file systems. - -**Step 7 –** Configure the Hitachi NAS Platform audit policy by returning to the File Services page. - -**Step 8 –** Click File System Audit Policies. - -**Step 9 –** Select the correct EVS and click details for the file system to enable auditing. - -**Step 10 –** In the Access via Unsupported Protocols section, select Allow Access (without -auditing). In the Audit Log section, set the maximum log file size to a value of at least 8 MB. It -is recommended to set it to 16 MB. In the Log roll over policy section, select New. The product does -not support the Wrap policy. Click OK to close. - -Once access has been configured on the Hitachi device, it is necessary to configure access to the -HNAS audit logs on the Windows server. See the -[Configure Access to HNAS Audit Logs on Activity Agent Server](/docs/accessanalyzer/12.0/configuration/hitachi/configure-access-to-logs.md) topic for -additional information. diff --git a/docs/accessanalyzer/12.0/configuration/hitachi/overview.md b/docs/accessanalyzer/12.0/configuration/hitachi/overview.md deleted file mode 100644 index e59709b6a1..0000000000 --- a/docs/accessanalyzer/12.0/configuration/hitachi/overview.md +++ /dev/null @@ -1,92 +0,0 @@ -# Hitachi Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or -Sensitive Data Discovery Auditing scans on Hitachi devices. The Netwrix Activity Monitor can be -configured to monitor activity on Hitachi devices and make the event data available for Access -Analyzer Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Access Analyzer scans must have the following permissions on the target -host: - -- Group membership in the Backup Operators local group - -This permission grants the credential read access to all target folders and files. The credential -used within the assigned Connection Profile for these target hosts requires these permissions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of Hitachi - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -Hitachi Requirements - -A Hitachi device can host multiple Enterprise Virtual Servers (EVS). Each EVS has multiple file -systems. Auditing is enabled and configured per file system. HNAS generates the audit log files in -[EVT format](https://technet.microsoft.com/en-us/sysinternals/bb309026) (a standard event log format -in Windows XP/2003 and earlier). Hitachi stores the generated audit logs in a user specified -location on the file system. The activity agent deployed on the Windows proxy server accesses this -location to collect the audit log files as they are generated. The credential used to monitor -activity must be provisioned with: - -- Capability of enabling a File System Audit Policy on the Hitachi device -- Audit rights to the Hitachi log directory - -See the [Hitachi Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/hitachi/activity.md) topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/nasuni/activity.md b/docs/accessanalyzer/12.0/configuration/nasuni/activity.md deleted file mode 100644 index 379de9dddb..0000000000 --- a/docs/accessanalyzer/12.0/configuration/nasuni/activity.md +++ /dev/null @@ -1,68 +0,0 @@ -# Nasuni Edge Appliance Activity Auditing Configuration - -Generation of an API Access Key is required for Nasuni activity monitoring. The Nasuni Edge -Appliance generates its own audit trail. An API Access Key is used by the Activity Monitor to form a -network connection to the appliance. Nasuni will then stream event data to the activity agent. See -[Nasuni Support Documentation](https://www.nasuni.com/support/) for additional information. - -Configuration Checklist - -Complete the following checklist prior to configuring activity monitoring of Nasuni Edge Appliances. -Instructions for each item of the checklist are detailed within the following topics. - -Checklist Item 1: Generate Nasuni API Access Key - -- Generate an API Access Key for each Nasuni Edge Appliance to be monitored through one of the - following: - - - Nasuni Filer Management Interface - - Nasuni Management Console - -Checklist Item 2: Activity Monitor Configuration - -- Deploy the Activity Monitor activity agent to a Windows proxy server - -## Nasuni Filer Management Interface - -Follow the steps to generate a Nasuni API Access Key in the Nasuni Filer Management Interface. - -**Step 1 –** Within the **Configuration** menu, under **USERS & SECURITY**, select API Access Keys. -The API Access Keys page opens. - -**Step 2 –** Click Add API Key button. The Add API Key window opens. - -**Step 3 –** Enter a Name for thekey; for example, the name of the application. - -**Step 4 –** Click Create Key. - -**Step 5 –** In the Successfully Generated API Key window, copy the Key Passcode. - -Both the Key Name and the Key Passcode are required by the Activity Monitor in order to connect to -the Nasuni Edge Appliance. Once the API Key has been generated, it is time to configure and enable -monitoring with the Activity Monitor console. - -**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in -the exact same case as generated. - -## Nasuni Management Console - -Follow the steps to generate a Nasuni API Access Key in the Nasuni Management Console. - -**Step 1 –** Click Filers and select API Keys from the menu on the left. The Filer API Access Key -Settings page opens. - -**Step 2 –** Click New API Key button. The Add API Access Key window opens. - -**Step 3 –** From the Filer drop-down menu, select the desired Nasuni Edge Appliance. Then enter a -Name for the key; for example, the name of the application. - -**Step 4 –** Click Add API Key. - -**Step 5 –** A message appears which includes the Key Passcode; copy the Key Passcode. - -Both the Key Name and the Key Passcode are required by the Activity Monitor in order to connect to -the Nasuni Edge Appliance. Once the API Key has been generated, it is time to configure and enable -monitoring with the Activity Monitor console. - -**NOTE:** Nasuni API key names are case sensitive. When providing them, ensure they are entered in -the exact same case as generated. diff --git a/docs/accessanalyzer/12.0/configuration/nasuni/overview.md b/docs/accessanalyzer/12.0/configuration/nasuni/overview.md deleted file mode 100644 index f0248b85fa..0000000000 --- a/docs/accessanalyzer/12.0/configuration/nasuni/overview.md +++ /dev/null @@ -1,95 +0,0 @@ -# Nasuni Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or -Sensitive Data Discovery Auditing scans on on-premise Nasuni Edge Appliances. The Netwrix Activity -Monitor can be configured to monitor activity on on-premise Nasuni Edge Appliances and make the -event data available for Access Analyzer Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Access Analyzer scans must have the following permissions on the target -host: - -- Group membership in the local Administrators group - -This is in addition to the API Key Name and Passcode which must be generated for each on-premise -Nasuni Edge Appliance and cloud filer. The credential used within the assigned Connection Profile -for these target hosts requires these permissions. See the -[Nasuni Edge Appliance Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/nasuni/access.md) topic for -instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of Nasuni Edge Appliance - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -Nasuni Edge Appliance Requirements - -Additionally, it is necessary to generate an API Access Key for Nasuni activity monitoring. See the -[Nasuni Edge Appliance Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/nasuni/activity.md) topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Nasuni Edge Appliance - -The following firewall settings are required for communication between the Activity Monitor Activity -Agent server and the target Nasuni Edge Appliance: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | ------------- | ----- | ---------------------- | -| Agent Server to Nasuni | HTTPS | 8443 | Nasuni API calls | -| Nasuni to Activity Agent Server | AMQP over TCP | 5671 | Nasuni event reporting | - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/access.md b/docs/accessanalyzer/12.0/configuration/netapp-7-mode/access.md deleted file mode 100644 index 7c6ef5f669..0000000000 --- a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/access.md +++ /dev/null @@ -1,55 +0,0 @@ -# NetApp Data ONTAP 7-Mode Access & Sensitive Data Auditing Configuration - -This topic provides instructions for configuring API calls and bypassing NTFS security for NetApp -Data ONTAP 7-Mode devices. - -## Share Enumeration – API Calls for 7-Mode - -To enumerate the shares on a NetApp Data ONTAP 7-Mode device, File System scans require a credential -provisioned with access to (at minimum) the following API calls: - -``` -login-http-admin -api-system-api-list -api-system-get-version -api-cifs-share-list-iter-* -``` - -If the query configuration option to “Exclude system shares” is deselected, the credential must also -have the ability to run the following command, which is also configuration-specific: - -``` -api-volume-list-info-iter-* -``` - -## Bypass NTFS Security for 7-Mode - -In order to bypass NTFS, the credential needs to at least have the following permissions on the -NetApp device: - -- Group membership in both of the following groups: - - - Power Users - - Backup Operators - -If the query configuration option to “Exclude system shares” is deselected, the credential must -have: - -- Group membership in the local Administrators group - -**NOTE:** All NetApp groups are assigned an RID. Built-in NetApp groups such as Power Users and -Backup Operators are assigned specific RID values. On 7-Mode NetApp devices, system access checks -for a group are identified by the RID assigned to the group and not by the role it has. Therefore, -application’s ability to bypass access checks with the Power Users and Backup Operators group has -nothing to do with the power role or the backup role. Neither role is required. For example, the -built-in Power User group, even when stripped of all roles, still has more file system access -capabilities than any other non-built-in group. - -If only running the Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, proceed -to the [Provision Account](/docs/accessanalyzer/12.0/configuration/netapp-7-mode/provision-access.md) topic for instructions. If also running Activity -Auditing (FSAC) scan, then the FPolicy Account Provisioned for the Netwrix Activity Monitor will -meet the needs of the Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans. Proceed -to the [NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/netapp-7-mode/activity.md) topic for -instructions. - -This credential is used within the Connection Profile assigned to the File System scans. diff --git a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/activity.md b/docs/accessanalyzer/12.0/configuration/netapp-7-mode/activity.md deleted file mode 100644 index 6e63e8cff5..0000000000 --- a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/activity.md +++ /dev/null @@ -1,96 +0,0 @@ -# NetApp Data ONTAP 7-Mode Activity Auditing Configuration - -The Activity Monitor agent employed to monitor NetApp leverages 128-bit encrypted Remote Procedure -Calls (RPC), NetApp ONTAP-API, and NetApp FPolicy to monitor file system events. This includes both -NetApp 7-Mode and Cluster-Mode configurations. To learn more about FPolicy please visit the NetApp -website and read the -[What FPolicy is](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-54FE1A84-6CF0-447E-9AAE-F43B61CA2138.html) -article. - -If the activity agent is stopped, a notification will be sent to the NetApp device to disconnect and -disable the associated FPolicy policy, but it will not be removed. - -If the network connection is lost between the activity agent and the NetApp device, the NetApp -device is configured with a default timeout to wait for a response. If a response is not received -from the Activity Agent within the timeout, then the NetApp device will disconnect and disable the -FPolicy policy. The Activity Agent will check every minute by default to see if the FPolicy policy -has been disabled and will enable it (if the auto-enable functionality is enabled for the agent). -The default setting to check every minute is configurable. - -The NetApp FPolicy uses a “push” mechanism such that notification will only be sent to the activity -agent when a transaction occurs. Daily activity log files are created only if activity is performed. -No activity log file will be created if there is no activity for the day. - -Configuration Checklist - -Complete the following checklist prior to configuring activity monitoring of NetApp Data ONTAP -7-Mode devices. Instructions for each item of the checklist are detailed within the following -topics. - -Checklist Item 1: Plan Deployment - -- Gather the following information: - - Names of the vFiler™(s) to be monitored - - DNS name of the CIFS shares(s) to be monitored - -Checklist Item 2: [Provision FPolicy Account](/docs/accessanalyzer/12.0/configuration/netapp-7-mode/provision-activity.md) - -- Group membership with a role granting access to the following commands: - - ``` - login-http-admin - api-system-api-list - api-system-get-version - api-cifs-share-list-iter-* - api-volume-list-info-iter-* - ``` - -- For Automatic FPolicy creation (Checklist Item 4), group membership with a role granting access to - the following command: - - ``` - api-fpolicy* - ``` - -- To use the “Enable and connect FPolicy” option within the Activity Monitor, group membership with - a role granting access to the following command: - - ``` - cli-fpolicy* - ``` - -- Group membership in: - - - ONTAP Power Users - - ONTAP Backup Operators - -Checklist Item 3: Firewall Configuration - -- HTTP (80) or HTTPS (443) -- HTTP or HTTPS protocols need to be enabled on the NetApp filer -- TCP 135 -- TCP 445 -- Dynamic port range: TCP/UDP 137-139 -- See the [Enable HTTP or HTTPS](/docs/accessanalyzer/12.0/configuration/netapp-7-mode/enable-http.md) topic for instructions. - -Checklist Item 4: [Configure FPolicy](/docs/accessanalyzer/12.0/configuration/netapp-7-mode/configure-fpolicy.md) - -- If using vFilers: - - - FPolicy operates on the vFiler so the FPolicy must be created on the vFiler - - **NOTE:** Activity Monitor must target the vFiler - -- Select method: - - **_RECOMMENDED:_** Configure FPolicy Manually – A tailored FPolicy - - - Allow the Activity Monitor to create an FPolicy automatically - - This option is enabled when the Activity Monitor agent is configured to monitor the NetApp - device on the NetApp FPolicy Configuration page of the Add New Hosts window. - - It monitors all file system activity. - -Checklist Item 5: Activity Monitor Configuration - -- Deploy the Activity Monitor Activity Agent to a Windows proxy server -- Configure the Activity Agent to monitor the NetApp device diff --git a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/configure-fpolicy.md b/docs/accessanalyzer/12.0/configuration/netapp-7-mode/configure-fpolicy.md deleted file mode 100644 index c8ce363c1b..0000000000 --- a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/configure-fpolicy.md +++ /dev/null @@ -1,171 +0,0 @@ -# Configure FPolicy - -Select a method to configure the FPolicy for NetApp Data ONTAP 7-Mode devices: - -**_RECOMMENDED:_** -[Manually Configure FPolicy (Recommended Option)](#manually-configure-fpolicy-recommended-option) – -A tailored FPolicy - -- If using vFilers the FPolicy must be created on the vFiler, and the Activity Monitor must target - the vFiler. This is because FPolicy operates on the affected vFiler. Therefore, when executing - these commands on a vFiler, the commands must be run from a vFiler context (e.g. via the vFiler - run command). -- Allow the Activity Monitor to create an FPolicy automatically. See the - [Automatic Configuration of FPolicy](#automatic-configuration-of-fpolicy) topic for additional - information. - - - This option is enabled when the Activity Monitor Activity Agent is configured to monitor the - NetApp device on the NetApp FPolicy Configuration page of the Add New Hosts window. - - It monitors all file system activity. - -## Manually Configure FPolicy (Recommended Option) - -This section describes how to manually configure FPolicy. Manual configuration of the FPolicy is -recommended so that the policy can be scoped. It is necessary to create six FPolicy components and -then enable the FPolicy. See the sections corresponding to each part of this list: - -- [Part 1: Create FPolicy](#part-1-create-fpolicy) -- [Part 2: Set FPolicy Required to Off](#part-2-set-fpolicy-required-to-off) -- [Part 3: Set FPolicy to Collect Permission Changes](#part-3-set-fpolicy-to-collect-permission-changes) -- [Part 4: Set FPolicy to Monitor Alternate Data Streams](#part-4-set-fpolicy-to-monitor-alternate-data-streams) -- [Part 5: Set FPolicy to Monitor Disconnected Sessions](#part-5-set-fpolicy-to-monitor-disconnected-sessions) -- [Part 6: Scope FPolicy for Specific Volumes](#part-6-scope-fpolicy-for-specific-volumes) -- [Part 7: Enable FPolicy](#part-7-enable-fpolicy) - -If using vFilers the FPolicy must be created on the vFiler, and the Activity Monitor must target the -vFiler. This is because FPolicy operates on the affected vFiler. Therefore, when executing these -commands on a vFiler, the commands must be run from a vFiler context (e.g. via the vFiler run -command). - -Relevant NetApp Documentation: To learn more about configuring file policies, please visit the -NetApp website and read -[na_fpolicy – configure file policies](https://library.netapp.com/ecmdocs/ECMP1196890/html/man1/na_fpolicy.1.html) -article. - -### Part 1: Create FPolicy - -Create the FPolicy on the vFiler. - -IMPORTANT: - -- The policy should be named "StealthAUDIT" -- The only supported policy type is "screen" for file screening. - -Use the following command to create the FPolicy: - -``` -fpolicy create StealthAUDIT screen -``` - -### Part 2: Set FPolicy Required to Off - -If the `FPolicy Required` value is set to on, user requests are denied if an FPolicy server is not -available to implement the policy. If it is set to off, user requests are allowed when it is not -possible to apply the policy to the file because no FPolicy server is available. - -IMPORTANT: - -- The `FPolicy Required` value should be set to **off** - -Use the following command to set the `FPolicy Required` value to off: - -``` -fpolicy options StealthAUDIT required off -``` - -### Part 3: Set FPolicy to Collect Permission Changes - -The cifs_setattr value must be set to on in order for CIFS requests to change file security -descriptors to be screened by the policy. - -IMPORTANT: - -- The `cifs_setattr` value must be set to **on** - -Use the following command to enable the FPolicy to collect permission changes: - -``` -fpolicy options StealthAUDIT cifs_setattr on -``` - -### Part 4: Set FPolicy to Monitor Alternate Data Streams - -The monitor_ads value must be set to on in order for CIFS requests for alternate data streams (ADS) -to be monitored by the policy. - -IMPORTANT: - -- The `monitor_ads` value must be set to **on** - -Use the following command to enable the FPolicy to monitor ADS: - -``` -fpolicy options StealthAUDIT monitor_ads on -``` - -### Part 5: Set FPolicy to Monitor Disconnected Sessions - -The cifs_disconnect_check value must be set to on in order for CIFS requests associated with -disconnected sessions to be monitored by the policy. - -IMPORTANT: - -- The `cifs_disconnect_check` value must be set to **on** - -Use the following command to enable the FPolicy to monitor disconnected sessions: - -``` -fpolicy options StealthAUDIT cifs_disconnect_check on -``` - -### Part 6: Scope FPolicy for Specific Volumes - -The FPolicy can be scoped either to monitor only specified volumes (inclusion) or to not monitor -specific volumes (exclusion). - -IMPORTANT: - -- Choose to scope by including or excluding volumes - -Use the following command to scope the FPolicy by volume: - -``` -fpolicy ‑volume [INCLUDE OR EXCLUSION] ‑add StealthAUDIT [VOLUME_NAME],[VOLUME_NAME] -``` - -Inclusion Example: - -``` -fpolicy ‑volume include ‑add StealthAUDIT samplevolume1,samplevolume2 -``` - -Exclusion Example: - -``` -fpolicy ‑volume exclusion ‑add StealthAUDIT samplevolume1,samplevolume2 -``` - -### Part 7: Enable FPolicy - -The FPolicy must be enabled before the Activity Monitor Activity Agent can be configured to monitor -the NetApp device. - -IMPORTANT: - -- The Activity Monitor must register with the NetApp device as an FPolicy server. By default, it - looks for a policy named `StealthAUDIT`. See the - [Customize FPolicy Policy Name](/docs/accessanalyzer/12.0/configuration/netapp-7-mode/customize-fpolicy.md) section for information on using a different - policy name. - -Use the following command to enable the FPolicy to monitor disconnected sessions: - -``` -fpolicy enable StealthAUDIT -``` - -## Automatic Configuration of FPolicy - -The Activity Monitor can automatically configure FPolicy on the targeted NetApp Data ONTAP 7-Mode -device. The FPolicy created monitors all file system activity. This is done when the NetApp device -is assigned to the agent for monitoring. This option is enabled on the NetApp FPolicy Configuration -page of the Add New Host window. diff --git a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/overview.md b/docs/accessanalyzer/12.0/configuration/netapp-7-mode/overview.md deleted file mode 100644 index 67dfaa8554..0000000000 --- a/docs/accessanalyzer/12.0/configuration/netapp-7-mode/overview.md +++ /dev/null @@ -1,144 +0,0 @@ -# NetApp Data ONTAP 7-Mode Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or -Sensitive Data Discovery Auditing scans on NetApp Data ONTAP 7-Mode devices. The Netwrix Activity -Monitor can be configured to monitor activity on NetApp Data ONTAP 7-Mode devices and make the event -data available for Access Analyzer Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Access Analyzer scans must have the following permissions on the target -host: - -- Enumerate shares by executing specific API calls -- Bypass NTFS security to read the entire folder structure to be scanned and collect file/folder - permissions - -These permissions grant the credential the ability to enumerate shares, access the remote registry, -and bypass NTFS security on folders. The credential used within the assigned Connection Profile for -these target hosts requires these permissions. See the -[NetApp Data ONTAP 7-Mode Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/netapp-7-mode/access.md) topic for -instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of NetApp Data ONTAP 7-Mode Device - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -NetApp Data ONTAP 7-Mode Device Requirements - -An FPolicy must be configured on the target device for Activity Auditing (FSAC) scans. A tailored -FPolicy is recommended as it decreases the impact on the NetApp device. The credential associated -with the FPolicy used to monitor activity must be provisioned with access to the following API -calls: - -``` -login-http-admin -api-system-api-list -api-system-get-version -api-cifs-share-list-iter-* -api-volume-list-info-iter-* -``` - -If the Activity Monitor will be automatically configuring the FPolicy, then the following command is -also needed: - -``` -api-fpolicy* -``` - -If the Activity Monitor will be configured to use the “Enable and connect to the FPolicy” option, -then the following command is also needed: - -``` -cli-fpolicy* -``` - -The credential must also have the following permissions on the target device: - -- Group membership in both of the following groups: - - - ONTAP Power Users - - ONTAP Backup Operators - -See the [NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/netapp-7-mode/activity.md) topic for -instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for NetApp Data ONTAP 7-Mode Device - -The following firewall settings are required for communication between the Activity Monitor Activity -Agent server and the target NetApp Data ONTAP 7-Mode device: - -| Communication Direction | Protocol | Ports | Description | -| --------------------------------- | ---------------- | ------------------------------------ | ----------- | -| Activity Agent Server to NetApp\* | HTTP (optional) | 80 | ONTAPI | -| Activity Agent Server to NetApp\* | HTTPS (optional) | 443 | ONTAPI | -| Activity Agent Server to NetApp | TCP | 135, 139 Dynamic Range (49152-65535) | RPC | -| Activity Agent Server to NetApp | TCP | 445 | SMB | -| Activity Agent Server to NetApp | UDP | 137, 138 | RPC | -| NetApp to Activity Agent Server | TCP | 135, 139 Dynamic Range (49152-65535) | RPC | -| NetApp to Activity Agent Server | TCP | 445 | SMB | -| NetApp to Activity Agent Server | UDP | 137, 138 | RPC | - -\*Only required if using the FPolicy Configuration and FPolicy Enable and Connect options in -Activity Monitor. - -**NOTE:** If either HTTP or HTTPS are not enabled, the FPolicy on the NetApp Data ONTAP 7-Mode -device must be configured manually. Also, the External Engine will not reconnect automatically in -the case of a server reboot or service restart. - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/access.md b/docs/accessanalyzer/12.0/configuration/netapp-c-mode/access.md deleted file mode 100644 index f002716541..0000000000 --- a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/access.md +++ /dev/null @@ -1,261 +0,0 @@ -# NetApp Data ONTAP Cluster-Mode Access & Sensitive Data Auditing Configuration - -This topic provides instructions for configuring NetApp Data ONTAP Cluster-Mode devices. - -## CIFS Method 1 Credential Configuration - -Configuring access to CIFS shares using FPolicy and ONTAP API for Access Analyzer requires the -following: - -- Configure Data LIF to Allow HTTPS Traffic -- [Configure Empty FPolicy](/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-empty-fpolicy.md) - -See the [CIFS Method 2 Credential Configuration](#cifs-method-2-credential-configuration) topic for -an alternative method. - -### Configure Data LIF to Allow HTTPS Traffic - -As of NetApp Clustered ONTAP 9.6, users can assign service policies (instead of LIF roles) to LIFs -that determine the kind of traffic that is supported for the LIFs. - -- Starting with ONTAP 9.5, ONTAP supports service policies -- Starting with ONTAP 9.6, LIF roles are deprecated and service policies are supported for all types - of services - -For users running ONTAP 9.6+, data LIFs used for HTTPS communication with Access Analyzer are -required to use a LIF service policy that includes the `management-https` service. Without this -service applied to a data LIF’s service policy, HTTPS communication will not be possible. - -The following examples offer guidance for managing service policies, but may vary depending on the -NetApp environment’s specific configuration and needs. - -Use the following command to display available services: - -``` -network interface service show -``` - -Use the following command to create a service policy (example includes NFS, CIFS, and HTTPS -traffic): - -``` -network interface service-policy create -vserver [SVM_NAME] -policy [SERVICE_POLICY_NAME] -services [LIST_OF_SERVICES_COMMA-SEPARARTED] -allowed-addresses [IP_CIDR_NOTATION] -``` - -Example with the NFS, CIFS, and HTTPS protocols being allowed: - -``` -network interface service-policy create -vserver testserver -policy new_service_policy -services data-nfx,data-cifs,management-https,data-core -allowed-addresses 0.0.0.0/0 -``` - -Use the following command to verify if the service policy was properly created: - -``` -network interface service-policy show -``` - -Use the following command to add the created service policy to an existing data LIF: - -``` -network interface modify -vserver [SVM_NAME] -lif [LIF_NAME] -service-policy [SERVICE_POLICY_NAME] -``` - -Example: - -``` -network interface modify -vserver testserver -lif lif_1 -service-policy new_service_policy -``` - -A service policy can only be used by LIFs in the same SVM that is specified when creating the -service policy. - -## CIFS Method 2 Credential Configuration - -Configuring access to CIFS shares using the special C$ share is an alternative least privileged -access option for NetApp Data ONTAP Cluster-Mode devices v9.0+. See the -[CIFS Method 1 Credential Configuration](#cifs-method-1-credential-configuration) topic for an -alternative method. - -The following permissions are required: - -- Group membership in the Backup Operators group on either the file system proxy server for Proxy - Mode scans or the Access Analyzer server for Local Mode scans (to get a high integrity token) -- Group membership in the NetApp SVM's Power Users group (to enumerate shares) - - - Use the following command to add the Service Account to BUILTIN\Power Users: - - ``` - cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Power Users" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] - ``` - -- Group membership in the NetApp SVM's Backup Operators group (to bypass NTFS permissions) - - - NetApp SVM's SeBackupPrivilege needs to be applied to this group - - This group must have read-only access to the SVM's C$ share - - Use the following command to add the Service Account to BUILTIN\Backup Operators: - - ``` - cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Backup Operators" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] - ``` - -If an ACE does not already exist for a specific user/group on an SVM's c$ share, then it needs to be -added with the desired rights (No_access, Read, Change, or Full_Control). To check the current ACE -for a user or group on each SVM's c$ share, the following ONTAP CLI command should be used at the -cluster management level. - -``` -vserver cifs share access-control show -share c$ -``` - -The output will list each SVM's ACL for its c$ share. For example: - -![ONTAP CLI Command Output Example](/img/product_docs/accessanalyzer/config/netappcmode/accesscifsmethod2.webp) - -If the desired ACE does not exist on an SVM's c$ share, then one can be created with the following -command: - -``` -vserver cifs share access-control create -share c$ -user-or-group [USER_OR_GROUP_NAME] -permission Read -vserver [SVM_NAME] -``` - -If an existing ACE needs to be modified, the following command should be used: - -**CAUTION:** The following command will overwrite an existing ACE. For example, it is possible to -downgrade a user with Full_Control to Read, or vice versa. - -``` -vserver cifs share access-control modify -share c$ -user-or-group [USER_OR_GROUP_NAME] -permission Read -vserver [SVM_NAME] -``` - -**NOTE:** If users would prefer to avoid permissioning C$, then there is an alternative. Users can -instead give the SVM's Backup Operators group read-only access to each share to be scanned. - -In order to utilize Access Analyzer’s LAT Preservation (Last Access Time) feature during sensitive -data scans and metadata tag collection, applying ONTAP’s SeRestorePrivilege to the service account -is also required. - -As an alternative to membership in BUILTIN\Backup Operators, SeBackupPrivilege can be directly -applied to a user via the NetApp command line. - -The following commands can be used to grant these permissions to the service account to be used for -scanning by Access Analyzer. - -Use the following commands to add SeBackupPrivilege to the Service Account (or a BUILTIN Group): - -``` -cifs users-and-groups privilege add-privilege ‑user-or-group-name [USER_OR_GROUP_NAME] ‑privileges SeBackupPrivilege ‑vserver [SVM_NAME] -``` - -Use the following commands to add the Service Account to BUILTIN\Power Users: - -``` -cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Power Users" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] -``` - -Use the following commands to add the Service Account to BUILTIN\Backup Operators: - -``` -cifs users-and-groups local-group add-members ‑group-name "BUILTIN\Backup Operators" ‑member-names [DOMAIN_USER] ‑vserver [SVM_NAME] -``` - -Use the following commands to verify the results from the previous commands: - -``` -cifs users-and-groups privilege show ‑vserver [SVM_NAME] ‑user-or-group-name [USER_OR_GROUP_NAME] -``` - -Use the following commands to give the Service Account Read-only Access to NetApp SVM's c$ Share: - -``` -cifs share access-control create ‑vserver [SVM_NAME] ‑share c$ ‑user-or-group [USER_OR_GROUP_NAME] ‑permission Read -``` - -**NOTE:** In the previous command, "create" needs to be replaced with "modify" if the CIFS share ACE -already exists for the share/user combination. - -Use the following commands to verify the results from the previous command: - -``` -cifs share access-control show ‑vserver [SVM_NAME] ‑share c$ -``` - -## NFSv3 Credential Configuration - -The following is a list of example commands that can be used to configure a NetApp export policy to -scan a volume via NFSv3 using the Access Analyzer File System Solution. - -**CAUTION:** The export policy for a volume's parent (ex. the SVM's root volume), or the export -policy for a qtree's parent, must have access rights that are equal or wider in scope to the export -policy for the target volume/qtree. If Access Analyzer cannot access all segments of a target -volume/qtree's junction path, then NFS access will be denied. - -Use the following command to create an export policy: - -``` -vserver export-policy create ‑vserver [SVM_NAME] ‑policyname [EXPORT_POLICY_NAME] -``` - -Example: - -``` -vserver export-policy create ‑vserver testserver ‑policyname testNFS -``` - -Use the following command to add a rule to the previous export policy, using the nfsv3, auth_sys -(aka auth_unix), and superuser properties: - -``` -vserver export-policy rule create ‑vserver [SVM_NAME] ‑policyname [EXPORT_POLICY_NAME] ‑clientmatch [IP_CIDR_NOTATION] ‑rorule sys ‑rwrule sys ‑superuser sys -protocol nfs3 -``` - -Example: - -``` -vserver export-policy rule create ‑vserver testserver ‑policyname testNFS ‑clientmatch 0.0.0.0/0 ‑rorule sys ‑rwrule sys ‑superuser sys -protocol nfs3 -``` - -Use the following command to show each volume’s export policy: - -``` -volume show ‑vserver [SVM_NAME] ‑fields policy -``` - -Example: - -``` -volume show ‑vserver testserver ‑fields policy -``` - -Use the following command to change a volume’s export policy: - -``` -volume modify ‑vserver [SVM_NAME] ‑volume [VOLUME_NAME] ‑policy [EXPORT_POLICY_NAME] -``` - -Example: - -``` -volume modify ‑vserver testserver ‑volume testVolume ‑policy testNFS -``` - -### Troubleshooting NFSv3 Export Access - -If Access Analyzeris not discovering the expected NFS export, it is possible that the export policy -is not properly configured to allow the Access Analyzer server or proxy server IP Address to mount -the NFS export. One step in troubleshooting this issue is to confirm a Unix client (or WSL for -Windows) in the same IP range as the Access Analyzer server or proxy server can mount the NFS -export. - -Run the following command from a Unix host to verify the NFS mount is available: - -``` -showmount ‑e [NFS_HOSTNAME_OR_IP] -``` - -If the NFS export is returned as a result of the previous command, then Access Analyzer should also -be able to mount it. If not, it may be necessary to run the following command on the NetApp SVM to -get the NFS export to be returned by the `showmount` command: - -``` -vserver nfs modify ‑vserver [SVM_NAME] ‑showmount enabled -``` diff --git a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/activity.md b/docs/accessanalyzer/12.0/configuration/netapp-c-mode/activity.md deleted file mode 100644 index 175d390ea4..0000000000 --- a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/activity.md +++ /dev/null @@ -1,217 +0,0 @@ -# NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration - -The Activity Monitor agent employed to monitor NetApp leverages NetApp ONTAP API, and the NetApp -FPolicy framework to monitor file system events. This includes both NetApp 7-Mode and Cluster-Mode -configurations. For more information about FPolicy read the -[What are the two parts of the FPolicy solution ](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-54FE1A84-6CF0-447E-9AAE-F43B61CA2138.html) -article. - -Activity Monitor requires two communication channels for ONTAP monitoring: - -1. Activity Monitor Agent connects to ONTAP on port 80 or 443 for access to ONTAP API (ONTAPI/ZAPI - or REST API). -2. Data LIFs of the SVM connect to Activity Monitor Agent on port 9999 for FPolicy notifications. - -The ONTAP API access is mandatory; without the API access the agent will not be able to receive and -translate events from FPolicy. Both classic ONTAPI/ZAPI and the new REST API are supported. The -agent uses the API to retrieve information about the storage virtual machines (SVM): CIFS settings, -list of volumes, list of LIFs. Depending on the configuration, the agent can also retrieve the state -of FPolicy to ensure it is enabled; configure FPolicy and register or unregister itself. - -The FPolicy framework enables the collection of audit events on the ONTAP side and their transfer to -the agent(s) via the designated Data LIFs. Each LIF establishes its own connection with one or -several agents and sends notifications as soon as the file transaction occurs. The FPolicy -connection is asynchronous and buffered; both ONTAP and Activity Monitor have techniques in place to -make sure that connections are alive and working. The connection can be secured using TLS with -server or mutual authentication. - -FPolicy may have a significant impact on file system throughput, and it is always a best practice to -monitor performance when enabling FPolicy. - -**_RECOMMENDED:_** Create a tailored FPolicy which only collects the desired activity from the -environment to limit the scope and impact. - -For scale-out and fault tolerance purposes, the product supports a range of deployment options. A -single agent can receive events from multiple SVMs. Or events from a single SVM can be distributed -among multiple agents. Or a set of SVMs can distribute events among a set of agents. The choice -depends on the fault tolerance requirements and the expected event flow. As a rule of thumb, the -_average_ load on a single agent should not exceed 5000 events per second. - -Starting with ONTAP 9.15.1, the FPolicy Persistent Store provides resilience and predictable latency -during scenarios such as network delays or bursts of activity. The feature uses a dedicated volume -for each SVM as a staging buffer before events are sent to the agent. FPolicy will automatically -create a volume if one does not already exist. - -**_RECOMMENDED:_** Enable the Persistent Store feature and allow it to create a volume -automatically. - -## Configuration Checklist - -Complete the following checklist prior to configuring the activity monitoring of NetApp Data ONTAP -Cluster-Mode devices. Instructions for each item of the checklist are detailed within the following -sections. - -Checklist Item 1: Plan Deployment - -- Gather the following information: - - - Names of the SVM(s) to be monitored - - - FPolicy is configured for each SVM separately - - This should be the SVM(s) hosting the CIFS or NFS shares(s) to be monitored - - - Credentials to access ONTAP to provision a role and account. - - Desired functionality level: - - - _Manual_. A user configures FPolicy manually and ensures it stays enabled. - - _Enable and Connect FPolicy_. The product ensures that FPolicy stays enabled and connected - all the time. RECOMMENDED. - - _Configure FPolicy_. The product configures FPolicy automatically and ensures it stays - enabled and connected all the time. RECOMMENDED. - - - Volumes or shares on each SVM to be monitored - - - Limiting the FPolicy to select volumes or shares is an effective way to limit the - performance impact of FPolicy - - - Successful/failed file operations to be monitored - - - Limiting the FPolicy to specific file operations is an effective way to limit the - performance impact of FPolicy - - - IP Address of the server(s) where the Activity Monitor Agent is deployed - - API enabled in ONTAP: the classic ONTAPI/ZAPI or the new REST API - - - The product supports the REST API for ONTAP 9.13.1 and above. - - Volume names and sizes to be used as a Persistent Store for each SVM. This is recommended. - - The product supports the Persistent Store feature for ONTAP 9.15.1 and later. - - At least one local tier (aggregate) is assigned to the SVM. - - - Encryption and Authentication protocol for FPolicy connection - - - No Authentication (default) - - TLS, server authentication (the SVM authenticates the agent) - - TLS, mutual authentication (both the SVM and the agent authenticate each other) - -Persistent Store provides resilience and predictable latency in scenarios such as network delays or -bursts of activity events. - -It uses a dedicated volume for each SVM as a staging buffer before the events are sent to Activity -Monitor Agent. - -Checklist Item 2: [Provision ONTAP Account](/docs/accessanalyzer/12.0/configuration/netapp-c-mode/provision-activity.md) - -- Permission names depend on the API used, ONTAPI/ZAPI or REST API. -- The case of domain and username created during the account provisioning process must match exactly - to the credentials provided to the activity agent for authentication to work. -- The credential associated with the FPolicy used to monitor activity must be provisioned with - access to (at minimum) the following CLI or API commands, according to the level of collection - desired: - - - Manual, Collect Activity Events Only (Least Privilege) - - - ONTAPI/ZAPI - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - - - REST API - - - `/api/cluster` – Readonly access - - `/api/protocols/cifs/services` – Readonly access - - `/api/storage/volumes` – Readonly access - - `/api/svm/svms` – Readonly access - - - Employ the “Enable and connect FPolicy” Option (Less Privilege) – RECOMMENDED - - - ONTAPI/ZAPI - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - - `network interface` – Readonly access - - `vserver fpolicy disable` – All access - - `vserver fpolicy enable` – All access - - `vserver fpolicy engine-connect` – All access - - - REST API - - - `/api/cluster` – Readonly access - - `/api/protocols/cifs/services` – Readonly access - - `/api/storage/volumes` – Readonly access - - `/api/svm/svms` – Readonly access - - `/api/network/ip/interfaces` – Readonly access - - `/api/protocols/fpolicy` – All access - - - Employ the “Configure FPolicy” Option (Automatic Configuration of FPolicy) – RECOMMENDED - - - ONTAPI/ZAPI - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - - `network interface` – Readonly access - - `vserver fpolicy` – All access - - `security certificate install` – All access (only if FPolicy uses a TLS connection) - - - REST API - - - `/api/cluster` – Readonly access - - `/api/protocols/cifs/services` – Readonly access - - `/api/storage/volumes` – Readonly access - - `/api/svm/svms` – Readonly access - - `/api/network/ip/interfaces` – Readonly access - - `/api/protocols/fpolicy` – All access - - `/api/security/certificates` – All access (only if FPolicy uses a TLS connection) - - - Access Analyzer Integration requires the addition of the following CLI command: - - - `security login role show-ontapi` – Readonly access - -Checklist Item 3: [Configure Network](/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-firewall.md) - -- Agent must be able to connect to ONTAP API via a management LIF on ports HTTP (80) or HTTPS (443) - - - NetApp firewall policy may need to be modified. - - LIF's service policy may need to be modified to include `management-https` or - `management-http` services. - - Either of these ports is required. Activity Monitor requires ONTAP API access. - -- ONTAP cluster nodes, which serve the SVM, must be able to connect to the agent on port 9999. - - - LIFs' service policy may need to be modified to include `data-fpolicy-client` service. - - Each data serving node should have its own LIF with the `data-fpolicy-client` service. - - The default port 9999 can be changed in the agent's settings. - -Checklist Item 4: [Configure FPolicy](/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-fpolicy.md) - -- Remember: all FPolicy objects and SVM names are case sensitive. -- FPolicy must be configured for each SVM to be monitored. -- If using TLS, … authentication options, generate needed certificates and PEM files -- Select method: - - - Configure FPolicy Manually – If you want to exclude certain volumes or shares; a tailored - FPolicy decreases the impact on NetApp. - - - Required when the FPolicy account is provisioned for either Least Privileged or Less - Privilege permission model - - If using TLS, … authentication options, set authentication - - - Allow the Activity Monitor to create an FPolicy automatically - - - If using TLS, … authentication options, set authentication - - This option is enabled using the **Configure FPolicy. Create or modify FPolicy objects if - needed** checkbox for each monitored SVM. - - It monitors file system activity on all volumes and shares of the SVM. - - FPolicy configuration is automatically updated to reflect the Activity Monitor - configuration. - - Requires a Privileged Access credential be provided. - -- Enable the Persistent Store to increase the resilience and control the latency in case of network - outages or bursts of activity - -Checklist Item 5: Activity Monitor Configuration - -- Deploy the Activity Monitor Agent to a Windows server. -- Configure the Agent to monitor the SVM. diff --git a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-empty-fpolicy.md b/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-empty-fpolicy.md deleted file mode 100644 index fda4f5d1fc..0000000000 --- a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-empty-fpolicy.md +++ /dev/null @@ -1,382 +0,0 @@ -# Configure Empty FPolicy - -The credential used to just run Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing -scans requires access to the specified API calls as well as association to an FPolicy. Therefore, it -is necessary to: - -- [Create Security Role for FSAA Scans](#create-security-role-for-fsaa-scans) -- [Create Security Login for FSAA Scans](#create-security-login-for-fsaa-scans) -- [Create External Engine for Empty FPolicy](#create-external-engine-for-empty-fpolicy) -- [Create FPolicy Event for Empty FPolicy](#create-fpolicy-event-for-empty-fpolicy) -- [Create Empty FPolicy Policy](#create-empty-fpolicy-policy) -- [Create Empty FPolicy Scope](#create-empty-fpolicy-scope) -- [Enable the Empty FPolicy](#enable-the-empty-fpolicy) - -**NOTE:** The commands in the following sections have been verified for NetApp Data ONTAP 9.6+. -Users of older versions should consult the NetApp documentation to find the appropriate syntax. - -## Create Security Role for FSAA Scans - -This section provides instructions for creating an access-control role. An access-control role -consists of a role name and a command to which the role has access. It optionally includes an access -level (none, read-only, or all) and a query that applies to the specified command or command -directory. The following commands need to be run to create the security role. - -Use the following command to provision read-only access to Version\* commands: - -``` -security login role create ‑role [ROLE_NAME] ‑cmddirname "version" ‑access readonly ‑query "" ‑vserver [SVM_NAME] -``` - -Example: - -``` -security login role create ‑role enterpriseauditor ‑cmddirname "version" ‑access readonly ‑query "" ‑vserver testserver -``` - -Use the following command to provision read-only access to Volume\* commands: - -``` -security login role create ‑role [ROLE_NAME] ‑cmddirname "volume" ‑access readonly ‑query "" ‑vserver [SVM_NAME] -``` - -Example: - -``` -security login role create ‑role enterpriseauditor ‑cmddirname "volume" ‑access readonly ‑query "" ‑vserver testserver -``` - -Use the following command to provision read-only access to SVM\* commands: - -``` -security login role create ‑role [ROLE_NAME] ‑cmddirname "vserver" ‑access readonly ‑query "" ‑vserver [SVM_NAME] -``` - -Example: - -``` -security login role create ‑role enterpriseauditor ‑cmddirname "vserver" ‑access readonly ‑query "" ‑vserver testserver -``` - -Use the following command to provision read-only access to security login role show-ontapi commands: - -``` -security login role create ‑role [ROLE_NAME] ‑cmddirname "security login role show-ontapi" ‑access readonly ‑query "" ‑vserver [SVM_NAME] -``` - -Example: - -``` -security login role create ‑role enterpriseauditor ‑cmddirname "security login role show-ontapi" ‑access readonly ‑query "" ‑vserver testserver -``` - -Before creating the Security Login, validate this configuration. - -### Validate Security Role Configuration - -Run the following command to validate the security role configuration: - -``` -security login role show [ROLE_NAME] -``` - -Example: - -``` -security login role show enterpriseauditor -``` - -Relevant NetApp Documentation: To learn more about creating security login roles, please visit the -NetApp website and read the -[security login role create](https://library.netapp.com/ecmdocs/ECMP1196817/html/security/login/role/create.html) -article. - -## Create Security Login for FSAA Scans - -Once the access control role has been created, apply it to a domain account. - -**CAUTION:** - -- The SVM used in the following command must be the same SVM used when creating the role. See the - [Create Security Role for FSAA Scans](#create-security-role-for-fsaa-scans) topic for additional - information. - - **CAUTION:** Cluster-Mode is case sensitive. - -- It is recommended to use lowercase for both domain and username. The case of domain and username - created during the account provisioning process must match exactly to the credentials provided to - the Access Analyzer for authentication to work. - -Use the following command to create the security login for the security role: - -``` -security login create ‑user-or-group-name [DOMAIN\DOMAINUSER] ‑application ontapi ‑authentication‑method domain ‑role [ROLE_NAME] ‑vserver [SVM_NAME] -``` - -Example: - -``` -security login create ‑user-or-group-name example\user1 ‑application ontapi ‑authentication‑method domain ‑role enterpriseauditor ‑vserver testserver -``` - -Before creating the External Engine, validate this security login. - -### Validate Security Login Creation - -Run the following command to validate security login: - -``` -security login show [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -security login show example\user1 -``` - -Verify that the output is displayed as follows: - -![validatesecuritylogincreation](/img/product_docs/activitymonitor/config/netappcmode/validatesecuritylogincreation.webp) - -Relevant NetApp Documentation: To learn more about creating security logins, please visit the NetApp -website and read the -[security login create](https://library.netapp.com/ecmdocs/ECMP12452955/html/security/login/create.html) -article. - -## Create External Engine for Empty FPolicy - -The External Engine defines how FPolicy makes and manages connections to external FPolicy servers. - -IMPORTANT: - -- The `-primary-servers` must be the server from which the StealthAUDIT scans will be executed: - - - StealthAUDIT Console server for local mode - - proxy server if running in any of the proxy mode options - -- The following values are required: - - - `engine-name StealthAUDITEngine` - - `port 9999` - - - Port number can be customized, but it is recommended to use 9999. - - - `extern-engine-type asynchronous` - - `ssl-option no-auth` - -**CAUTION:** Cluster-Mode is case sensitive. - -Use the following command to create the external engine: - -``` -vserver fpolicy policy external-engine create ‑vserver [SVM_NAME] ‑engine-name StealthAUDITEngine ‑primary-servers [IP_ADDRESS,…] ‑port 9999 ‑extern-engine-type asynchronous ‑ssl-option no-auth -``` - -Example: - -``` -vserver fpolicy policy external-engine create ‑vserver testserver ‑engine-name StealthAUDITEngine ‑primary-servers 192.168.30.15 ‑port 9999 ‑extern-engine-type asynchronous ‑ssl-option no-auth -``` - -Before creating the FPolicy Event, validate this external engine was created. - -### Validate External Engine Creation - -Run the following command to validate the creation of the external engine: - -``` -fpolicy policy external-engine show ‑instance -``` - -Verify that the output is displayed as follows: - -![validateexternalenginecreation](/img/product_docs/accessanalyzer/config/netappcmode/validateexternalenginecreation.webp) - -Relevant NetApp Documentation: To learn more about creating an external engine, please visit the -NetApp website and read the -[vserver fpolicy policy external-engine create](https://library.netapp.com/ecmdocs/ECMP1366832/html/vserver/fpolicy/policy/external-engine/create.html) -article. - -## Create FPolicy Event for Empty FPolicy - -An event defines which protocol and which file operations are associated with the FPolicy. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares. -- The following values are required: - - - `event-name StealthAUDITScreening` - - `volume-operation true` - -**CAUTION:** Cluster-Mode is case sensitive. - -Use the following command to create the FPolicy event: - -``` -vserver fpolicy policy event create ‑vserver [SVM_NAME] ‑event-name StealthAUDITScreening ‑volume-operation true ‑protocol [PROTOCOL] ‑file-operations "" -``` - -Example: - -``` -vserver fpolicy policy event create ‑vserver testserver ‑event-name StealthAUDITScreening ‑volume-operation true ‑protocol cifs ‑file-operations "" -``` - -Before creating the FPolicy Policy, validate this FPolicy Event was created. - -### Validate FPolicy Event Creation - -Run the following command to validate the creation of the FPolicy event: - -``` -fpolicy policy event show ‑event-name StealthAUDITScreening‑instance -``` - -Verify that the output is displayed as follows: - -![validatefpolciyeventcreation](/img/product_docs/accessanalyzer/config/netappcmode/validatefpolciyeventcreation.webp) - -Relevant NetApp Documentation: To learn more about creating an event, please visit the NetApp -website and read the -[vserver fpolicy policy event create](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/policy/event/create.html) -article. - -## Create Empty FPolicy Policy - -The FPolicy policy associates the other three FPolicy components and allows for the designation of a -privileged FPolicy user, or the account granted Security Login. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares. -- The External Engine and FPolicy Event used in this command must be the External Engine and the - FPolicy Event created for this purpose. See the - [Create External Engine for Empty FPolicy](#create-external-engine-for-empty-fpolicy) and - [Create FPolicy Event for Empty FPolicy](#create-fpolicy-event-for-empty-fpolicy) sections for - additional information. -- The following values are required: - - - `privileged-user-name` must be the account granted Security Login. See the - [Create Security Login for FSAA Scans](#create-security-login-for-fsaa-scans) topic for - additional information. - - `policy-name StealthAUDIT` - -**CAUTION:** Cluster-Mode is case sensitive. - -Use the following command to create the FPolicy policy: - -``` -vserver fpolicy policy create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑events StealthAUDITScreening ‑engine StealthAUDITEngine ‑is-mandatory false ‑allow-privileged-access yes ‑privileged-user-name [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -vserver fpolicy policy create ‑vserver testserver ‑policy-name StealthAUDIT ‑events StealthAUDITScreening ‑engine StealthAUDITEngine ‑is-mandatory false ‑allow-privileged-access yes ‑privileged-user-name example\user1 -``` - -Before creating the FPolicy Scope, validate this FPolicy Policy was created. - -### Validate FPolicy Policy Creation - -Run the following command to validate the creation of the FPolicy policy: - -``` -fpolicy policy show ‑instance -``` - -![validatefpolicypolicycreation](/img/product_docs/accessanalyzer/config/netappcmode/validatefpolicypolicycreation.webp) - -Relevant NetApp Documentation: To learn more about creating a policy, please visit the NetApp -website and read the -[vserver fpolicy policy create](https://library.netapp.com/ecmdocs/ECMP1366832/html/vserver/fpolicy/policy/create.html) -article. - -## Create Empty FPolicy Scope - -The FPolicy scope creates the filters necessary to perform scans on specific shares or volumes. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS shares. -- It is not necessary to specify both volumes and shares. One or the other is sufficient. - -Use the following command to create the FPolicy scope by volume(s): - -``` -vserver fpolicy policy scope create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑volumes-to-include -``` - -Example: - -``` -vserver fpolicy policy scope create ‑vserver testserver ‑policy-name StealthAUDIT ‑volumes-to-include -``` - -Use the following command to create the FPolicy scope by share(s): - -``` -vserver fpolicy policy scope create ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑shares-to-include -``` - -Example: - -``` -vserver fpolicy policy scope create ‑vserver testserver ‑policy-name StealthAUDIT ‑shares-to-include -``` - -Before enabling the FPolicy, validate this FPolicy Scope was created. - -### Validate FPolicy Scope Creation - -Run the following command to validate the FPolicy scope creation: - -``` -fpolicy policy scope show ‑instance -``` - -![validatefpolicyscopecreation](/img/product_docs/accessanalyzer/config/netappcmode/validatefpolicyscopecreation.webp) - -Relevant NetApp Documentation: To learn more about creating scope, please visit the NetApp website -and read the -[vserver fpolicy policy scope create](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/policy/scope/create.html) -article. - -## Enable the Empty FPolicy - -Once the empty FPolicy has been created, it must be enabled. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares. - -Use the following command to enable the FPolicy: - -``` -vserver fpolicy enable ‑vserver [SVM_NAME] ‑policy-name StealthAUDIT ‑sequence-number [INTEGER] -``` - -Example: - -``` -vserver fpolicy enable ‑vserver testserver ‑policy-name StealthAUDIT ‑sequence-number 10 -``` - -Validate this FPolicy was enabled. - -### Validate FPolicy Enabled - -Run the following command to validate the FPolicy scope creation: - -``` -vserver fpolicy show -``` - -![validatefpolicyenabled](/img/product_docs/accessanalyzer/config/netappcmode/validatefpolicyenabled.webp) - -Relevant NetApp Documentation: To learn more about enabling a policy, please visit the NetApp -website and read the -[vserver fpolicy enable](https://library.netapp.com/ecmdocs/ECMP1196817/html/vserver/fpolicy/enable.html) -article. diff --git a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-fpolicy.md b/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-fpolicy.md deleted file mode 100644 index b598a83b64..0000000000 --- a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-fpolicy.md +++ /dev/null @@ -1,912 +0,0 @@ -# Configure FPolicy - -Activity Monitor relies on the NetApp FPolicy framework for monitoring of file access events on -Storage Virtual Machines (SVM). FPolicy needs to be configured for each SVM. - -There are two ways to configure FPolicy: - -- Activity Monitor agent can facilitate the - [Automatic Configuration of FPolicy](#automatic-configuration-of-fpolicy) for the monitored SVM - using the ONTAP API. This mode is simple, but does not allow you to exclude certain volumes or - shares of the SVM from being monitored. It also requires additional permissions to create and - modify FPolicy. -- Another option is to [Manually Configure FPolicy](#manually-configure-fpolicy) for each SVM. This - mode allows you to fine tune FPolicy by excluding certain volumes or shares from being monitored. - It also reduces product permissions. - -Regardless of the chosen approach for FPolicy configuration, one also needs to perform extra steps -if the FPolicy communication has to be secured with TLS. - -## TLS Authentication Options - -There are two TLS FPolicy Authentication options that can be used: - -- TLS, server authentication – Server only authentication - - - A certificate (Server Certificate) for the Agent server needs to be generated and copied to a - PEM file. The Server Certificate PEM file needs to be saved locally on the Activity Monitor - Console server. - - For manual FPolicy configuration, the Server Certificate needs to be installed on the SVM, and - then server-authentication set. - - For automatic FPolicy configuration, the Activity Monitor manages installation of the Server - Certificate. - -- TLS, mutual authentication – Mutual authentication - - - A certificate (Server Certificate) for the Agent server needs to be generated and copied to a - PEM file. The Server Certificate PEM file needs to be saved locally on the Activity Monitor - Console server. - - A certificate (Client Certificate) for the SVM needs to be copied to a PEM file and saved - locally on the Activity Monitor Console server. - - For manual FPolicy configuration, the Server Certificate needs to be installed on the SVM and - then mutual-authentication set. - - For automatic FPolicy configuration, mutual-authentication set before the configuration - process. The Activity Monitor manages installation of both certificates. - -### Generate Server Certificate - -A certificate (Server Certificate) for the Agent server needs to be generated and copied to a PEM -file. This is required for both of the TLS authentication options. - -The PEM file must contain both Public Key and Private Key parts. A certificate may be self-signed or -issued by a certification authority. Below are the steps for generation of a self-signed certificate -using OpenSSL toolkit. - -Use the following command on the agent server to create the Server Certificate and copy it to a .pem -file: - -``` -openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=[ACTIVITY_AGENT_SERVER_NAME]"  -copy cert.pem+key.pem [CERTIFICATE_FILE_NAME.pem] -del cert.pem key.pem .rnd -``` - -Example: - -``` -openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=testagentserver"  -copy cert.pem+key.pem agentkey.pem -del cert.pem key.pem .rnd -``` - -In this example ` agentkey.pem` would be used as the Server Certificate. Save the Server Certificate -locally on the Activity Monitor Console server. - -### Create PEM File for Client Certificate - -A certificate (Client Certificate) for the SVM needs to be copied to a PEM file. This is required -for the TLS, mutual authentication option. Follow the steps to create the PEM file for the Client -Certificate. - -**Step 1 –** On the SVM , use the following command to show the security certificate details: - -``` -security certificate show -vserver [SVM_NAME] -type server instance -``` - -Example: - -``` -security certificate show -vserver testserver -type server instance -``` - -**Step 2 –** Copy the security certificate details into a text file and copy the public key to a PEM -file. The following variables from security details will be needed to set mutual-authentication -during Part 6 of manual configuration and prior to automatic configuration: - -- SVM -- Common Name -- Certificate Serial -- Public Key Certificate - -**Step 3 –** Copy the value of Public Key Certificate field to a PEM file. The value spans multiple -lines, starts with "`----BEGIN CERTIFICATE-----`" and ends with "`-----END CERTIFICATE-----`". - -The Client Certificate PEM file has been created. - -## Persistent Store - -For ONTAP 9.15.1 and later, enabling the Persistent Store feature is recommended regardless of the -chosen FPolicy configuration approach. The Persistent Store provides resilience and predictable -latency in scenarios such as network delays or bursts of activity events. The feature uses a -dedicated volume for each SVM as a staging buffer before events are sent to the agent. - -Persistent Store requires the following parameters: - -- Volume name – If the volume does not exist, it will be created automatically (recommended). -- Initial volume size – Specifies the starting size of the volume. -- Autosize mode – Options include Off, Grow, or Grow/Shrink. - -The size depends on the time duration for which you want to persist the events and the rate of -events. For example, if you want 30 minutes of events to persist in an SVM with a capacity of 5000 -events per second and the average event record size of 0.6 KB, the required volume size is -`5000 * 30 * 60 * 0.6 KB = 5400000 KB ≈ 5 GB`. - -**NOTE:** To find the approximate event rate, use the FPolicy counter `requests_dispatched_rate`. - -**NOTE:** For the Persistent Store to automatically create a volume, the SVM must have at least one -local tier (aggregate) assigned. - -To check that the SVM has assigned local tiers, use the following command: - -vserver show -vserver [SVM_NAME] -fields aggr-list - -The command shows currently local tiers. If no tiers are assigned, "-" is displayed. - -To assign local tiers to the SVM use the following command: - -vserver add-aggregates -vserver [SVM_NAME] -aggregates [AGGREGATE_LIST] - -Example: - -vserver add-aggregates -vserver testserver -aggregates aggr1,aggr2 - -**NOTE:** This command is available to cluster administrators at the admin privilege level. - -It is recommended to allow the volume to be created automatically. In this case, the FPolicy -subsystem manages the volume, maintains the directory structure, and protects it from accidental -deletion by marking it as not mountable. - -If you choose to create the volume manually, ensure the following: - -- The volume is not mounted and has no junction point. -- The snapshot policy for the volume is set to none. - -For additional and up-to-date recommendations on volumes for the Persistent Store, refer to the -NetApp documentation. - -## Manually Configure FPolicy - -This section describes how to manually configure FPolicy. Manual configuration of the FPolicy is -recommended if the policy needs to be scoped to monitor select volumes or shares. It is necessary to -create several FPolicy components and then enable the FPolicy. See the sections corresponding to -each part of this list: - -- Part 1: Install Server Certificate on the SVM (only if using TLS authentication) - - - This is only needed if using either of the TLS, … authentication options. - -- Part 2: Create External Engine - - - The External Engine defines how FPolicy makes and manages connections to external FPolicy - servers like Activity Monitor Agent. - -- Part 3: Create FPolicy Events - - - An FPolicy event defines which protocol(s) to monitor and which file access events to monitor. - -- Part 4: Create Persistent Store (only if Persistent Store is used. RECOMMENDED) - - - A Persistent Store is used as a temporary on-disk storage before the events are sent to - Activity Monitor Agent. - -- Part 5: Create FPolicy Policy - - - The FPolicy policy associates the other three FPolicy components and allows for the - designation of a privileged FPolicy user - - If running the Access Auditing (FSAA), Activity Auditing (FSAC), and/or Sensitive Data - Discovery Auditing scans, then this is the user account credential to be added to the Access - Analyzer Connection Profile. - -- Part 6: Create FPolicy Scope - - - The FPolicy scope creates the filters necessary to perform scans on specific shares or - volumes. - -- Part 7: Set TLS Authentication (optional) - - - This is only needed if using either of the TLS authentication options. - -- Part 8: Enable the FPolicy - - - Once the FPolicy is enabled, the Activity Monitor Agent can be configured to monitor the SVM. - -- Part 9: Connect FPolicy Server / Agent to Cluster Node (optional) - - - This is only needed if there is an issue with connection to the Cluster node or for - troubleshooting a disconnection issue. - -### Part 1: Install Server Certificate on the SVM - -If using the TLS authentication options, it is necessary to install the Server Certificate on the -SVM. - -Use the following command to install the Server Certificate: - -``` -security certificate install type client-ca -vserver [SVM_NAME] -``` - -Example: - -``` -security certificate install type client-ca -vserver testserver -``` - -The command will ask you to provide a public certificate. Copy the public key from the Server -Certificate PEM file, i.e. the block starting with "`-----BEGIN CERTIFICATE-----`" and ending with -"`-----END CERTIFICATE-----`". Paste the block to the terminal window. - -#### Validate Part 1: Server Certificate Install - -Run the following command to validate the Server Certificate is installed: - -``` -security certificate show -vserver [SVM_NAME] -commonname [ACTIVITY_AGENT_SERVER_NAME] -type client-ca instance -``` - -Example: - -``` -security certificate show -vserver testserver -commonname testagentserver -type client-ca instance -``` - -### Part 2: Create External Engine - -The External Engine defines how FPolicy makes and manages connections to external FPolicy servers. - -IMPORTANT: - -- The `-primary-servers` must be the server or servers hosting the Activity Monitor Agent. -- If intending to use the Activity Monitor with Access Analyzer, then the primary server must also - be the proxy server from which the Access Analyzer Access Auditing (FSAC) scans are running, e.g. - the Access Analyzer Console server for local mode or the proxy server if running in any of the - proxy mode options. -- The following values are required: - - - `engine-name StealthAUDITEngine`, the names of the external engine object can be customized - (see below). - - `port 9999`, Port number can be customized, but it is recommended to use 9999. - - `extern-engine-type asynchronous` - - `ssl-option no-auth` - - `send-buffer-size 6291456`, for ONTAP 9.10+ use `send-buffer-size 8388608` - -**CAUTION:** All parameters are case sensitive. - -Use the following command to create the external engine: - -``` -set -privilege advanced -vserver fpolicy policy external-engine create -vserver [SVM_NAME] -engine-name StealthAUDITEngine -primary-servers [IP_ADDRESS,…] -port 9999 -extern-engine-type asynchronous -ssl-option no-auth -send-buffer-size 6291456 -``` - -Example: - -``` -set -privilege advanced -vserver fpolicy policy external-engine create -vserver testserver -engine-name StealthAUDITEngine -primary-servers 192.168.30.15 -port 9999 -extern-engine-type asynchronous -ssl-option no-auth -send-buffer-size 6291456 -``` - -#### Validate Part 2: External Engine Creation - -Run the following command to validate the creation of the external engine: - -``` -fpolicy policy external-engine show -vserver [SVM_NAME] -engine-name StealthAUDITEngine -instance -``` - -Verify that the output is displayed as follows: - -``` -Ontap915::> fpolicy policy external-engine show -vserver svm0 -engine-name StealthAUDITEngine -instance -  (vserver fpolicy policy external-engine show) -                                Vserver: svm0 -                                 Engine: StealthAUDITEngine -                Primary FPolicy Servers: 192.168.11.35 -         Port Number of FPolicy Service: 9999 -              Secondary FPolicy Servers: - -                   External Engine Type: asynchronous -  SSL Option for External Communication: no-auth -             FQDN or Custom Common Name: - -           Serial Number of Certificate: - -                  Certificate Authority: - -          Is Resiliency Feature Enabled: false -Maximum Notification Retention Duration: 3m -     Directory for Notification Storage: - -                 External Engine Format: xml -``` - -Relevant NetApp Documentation: To learn more about creating an external engine, please visit the -NetApp website and read the -[vserver fpolicy policy external-engine create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-external-engine-create.html) -article. - -### Part 3: Create FPolicy Event - -An event defines which protocol to monitor and which file access events to monitor. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. -- Access Analyzer and the Activity Monitor are capable of monitoring both NFS and CIFS. However, it - is necessary to create separate events for each protocol. -- The following values are required: - - - `event-name` - - - For CIFS shares – ` StealthAUDITScreeningCifs` for successful events; - `StealthAUDITScreeningFailedCifs` for failed events. - - For NFS shares – `StealthAUDITScreeningNfsV3, StealthAUDITScreeningNfsV4` for successful - events; `StealthAUDITScreeningFailedNfsV3, StealthAUDITScreeningFailedNfsV4` for failed - events. - The names of the event objects can be customized (see - [Customization of FPolicy Object Names](#customization-of-fpolicy-object-names)). - - - `volume-operation true` - - `protocol` – one of the following `cifs`, `nfsv3`, `nfsv4` - - `monitor-fileop-failure` – `true `or `false`, indicates whether failed file operations are - reported. - -- Limiting the file operations to be monitored is an excellent way to limit the performance impact - the FPolicy will have on the NetApp device. The file operations from which to choose are below - with additional filter options: - - - `create` – File create operations - - `create_dir` – Directory create operations - - `close` – File close operations - - - Enable this operation for NFSv4 to capture all read operations - - - `delete` – File delete operations - - `delete_dir` – Directory delete operations - - `link` – Link operations - - `open` – File open operations for CIFS protocol - - - `open-with-delete-intent` – Limits notification to only when an attempt is made to open a - file with the intent to delete it, according to the `FILE_DELETE_ON_CLOSE` flag - specification - - **NOTE:** File open operations are only supported with the `open-with-delete-intent` - filter applied. - - - `read` – File read operations - - - `first-read` – Limits notification to only first read operations for CIFS protocol. For - ONTAP 9.2+, this filter can be used for both CIFS and NFS protocols. - - - `rename`– File rename operations - - `rename_dir`– Directory rename operations - - `setattr` – Set attribute operations and permission changes. The following filters are - available for ONTAP 9.0+ to limit events to permission changes only: - - - CIFS: - - - `setattr-with-owner-change` - - `setattr-with-group-change` - - `setattr-with-sacl-change` - - `setattr-with-dacl-change` - - - NFSv3: - - - `setattr-with-owner-change` - - `setattr-with-group-change` - - `setattr-with-mode-change` - - - NFSv4: - - - `setattr-with-owner-change` - - `setattr-with-group-change` - - `setattr-with-mode-change` - - `setattr-with-sacl-change` - - `setattr-with-dacl-change` - - - `symlink` – Symbolic link operations - - `write` – File write operations - - - `first-write` – Limits notification to only first write operations for CIFS protocol. For - ONTAP 9.2+, this filter can be used for both CIFS and NFS protocols. - -- For failed/denied events, the list of supported file operations is limited to the following - values: - - - CIFS: `open` - - NFSv3: - `create, create_dir, read, write, delete, delete_dir, rename, rename_dir, setattr, link` - - NFSv4: - `open, create, create_dir, read, write, delete, delete_dir, rename, rename_dir, setattr, link` - -**CAUTION:** All parameters are case sensitive. - -Use the following command to create the FPolicy event for CIFS protocols: - -``` -vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningCifs -volume-operation true -protocol cifs -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] -``` - -Example: - -``` -vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningCifs -volume-operation true -protocol cifs -file-operations create,create_dir,delete,delete_dir,open,read,write,rename,rename_dir,setattr -filters first-read,first-write,open-with-delete-intent,setattr-with-owner-change,setattr-with-group-change,setattr-with-sacl-change,setattr-with-dacl-change -``` - -Use the following command to create the FPolicy event for NFSv3 protocols: - -``` -vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningNfsV3 -volume-operation true -protocol nfsv3 -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] -``` - -Example: - -``` -vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningNfsV3 -volume-operation true -protocol nfsv3 -file-operations create,create_dir,delete,delete_dir,read,write,rename,rename_dir,setattr,link,symlink -filters first-read,first-write,setattr-with-owner-change,setattr-with-group-change,setattr-with-mode-change -``` - -Use the following command to create the FPolicy event for NFSv4 protocols: - -``` -vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningNfsV4 -volume-operation true -protocol nfsv4 -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] -``` - -Example: - -``` -vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningNfsV4 -volume-operation true -protocol nfsv4 -file-operations create,create_dir,delete,delete_dir,read,write,rename,rename_dir,setattr,link,symlink,close -filters setattr-with-group-change,setattr-with-mode-change,setattr-with-sacl-change,setattr-with-dacl-change -``` - -#### Validate Part 3: FPolicy Event Creation - -Run the following command to validate the creation of the FPolicy event: - -``` -fpolicy policy event show -vserver [SVM_NAME] -event-name [StealthAUDITScreeningCifs or StealthAUDITScreeningNfsV3 or StealthAUDITScreeningNfsV4 or ...] -instance -``` - -Example: - -``` -fpolicy policy event show -vserver [SVM_NAME] -event-name StealthAUDITScreeningCifs -instance -``` - -Verify that the output is displayed as follows: - -``` -Ontap915::> fpolicy policy event show -vserver svm0 -event-name StealthAUDITScreeningCifs -  (vserver fpolicy policy event show) -                                 Vserver: svm0 -                                   Event: StealthAUDITScreeningCifs -                                Protocol: cifs -                         File Operations: create, create_dir, delete, -                                          delete_dir, open, read, write, -                                          rename, rename_dir, setattr -                                 Filters: first-read, first-write, -                                          open-with-delete-intent, -                                          setattr-with-owner-change, -                                          setattr-with-group-change, -                                          setattr-with-sacl-change, -                                          setattr-with-dacl-change, -                                          setattr-with-mode-change -     Send Volume Operation Notifications: true -Send Failed File Operation Notifications: false -``` - -Relevant NetApp Documentation: To learn more about creating an event, please visit the NetApp -website and read the -[vserver fpolicy policy event create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-event-create.html) -article. - -### Part 4: Create Persistent Store - -The Persistent Store provides a temporary on-disk storage for activity events before they are sent -to Activity Monitor Agent. The Persistent Store is optional but recommended for ONTAP 9.15.1 and -later versions. - -IMPORTANT: - -- Persistent Store is supported for ONTAP 9.15.1 and later versions. -- The SVM used must be the one hosting the CIFS or NFS shares to be monitored. -- There is no need to use an existing volume. A new volume will be created automatically and managed - by the FPolicy subsystem. -- The volume size depends on the duration for which the events persist and the event rate. For - example, if you want 30 minutes of events to persist in an SVM with a capacity of 5000 - events/second and the average event record size of 0.6 KB, the required volume size is - `5000 * 30 * 60 * 0.6 KB = 5400000 KB ≈ 5 GB`. -- For the Persistent Store to create a volume automatically, at least one local tier (aggregate) - must be assigned to the SVM. Use `vserver add-aggregates` to assign local tiers. - - The following values are required: - - - `vserver` – The name of the SVM where you want to create the Persistent Store. - - `persistent-store` – The name of the Persistent Store object. - - - The default name is `StealthAUDITPersistentStore`. - The names of the event objects can be customized (see - [Customization of FPolicy Object Names](#customization-of-fpolicy-object-names)). - - - `volume` – The name of the volume used for event storage. - - - If the volume does not exist, it will be automatically created on an assigned local tier. - This is recommended. - - - `size` – The initial size of the volume. The format is `[KB|MB|GB]`. - - The following values are optional: - - - `autosize-mode` – Specifies the auto size behavior for the volume. Options include `off` - (default), `grow`, or `grow_shrink`. - -**CAUTION:** All parameters are case sensitive. - -Use the following command to create the Persistent Store: - -vserver fpolicy persistent-store create -vserver [SVM_NAME] -persistent-store [STORE_NAME] -volume -[VOLUME_NAME] -size [SIZE] -autosize-mode [AUTOSIZE] - -Example: - -vserver fpolicy persistent-store create -vserver testserver -persistent-store -StealthAUDITPersistentStore -volume testserver_ps_vol -size 5GB -autosize-mode grow_shrink - -#### Validate Part 4: Create Persistent Store - -Run the following command to validate the creation of the Persistent Store: - -vserver fpolicy persistent-store show -vserver [SVM_NAME] -persistent-store -StealthAUDITPersistentStore -instance - -Ensure that the output is displayed as follows: - -cluster1::> vserver fpolicy persistent-store show -vserver testserver -persistent-store -StealthAUDITPersistentStore -instance - Vserver: testserver - Persistent Store Name: StealthAUDITPersistentStore - Volume name of the Persistent store: testserver_ps_vol - Size of the Persistent Store: 5GB - Autosize Mode for the Volume: grow_shrink - -Visit the NetApp website and see the -[vserver fpolicy persistent store create](https://docs.netapp.com/us-en/ontap-cli/vserver-fpolicy-persistent-store-create.html) -article for additional information about creating a Persistent Store. - -### Part 5: Create FPolicy Policy - -The FPolicy policy associates the other three FPolicy components and allows for the designation of a -privileged FPolicy user, or the provisioned FPolicy account. If running the Access Auditing (FSAA), -Activity Auditing (FSAC), and/or Sensitive Data Discovery Auditing scans in Access Analyzer, then -this is also the user account credential to be added to the Access Analyzer Connection Profile. - -IMPORTANT: - -- To monitor both CIFS and NFS protocols, two FPolicy Event were created. Multiple events can be - included in the FPolicy policy. -- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. -- The External Engine, FPolicy Event, Persistent Store used in this command must be configuration - objects created in the preceding steps. - - The following values are required: - - - `vserver` – The name of SVM. - - `policy-name StealthAUDIT` – The name of the policy object can be customized (see - [Customization of FPolicy Object Names](#customization-of-fpolicy-object-names)). - - `engine` – The name of the External Engine created in - [Part 2: Create External Engine](#part-2-create-external-engine). - - `events` – A list of FPolicy Event objects created in - [Part 3: Create FPolicy Event](#part-3-create-fpolicy-event). - - `persistent-store` – The name of the Persistent Store created in - [Part 4: Create Persistent Store](#part-4-create-persistent-store). Required only if the - Persistent Store is used. - - The following values are required for Access Analyzer integration: - - - `privileged-user-name` – Must be a provisioned FPolicy account. - - `allow-privileged-access` – Set to yes. - -**CAUTION:** All parameters are case sensitive. - -Use the following command to create the FPolicy policy to monitor both CIFS and NFS protocols: - -``` -vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningCifs,StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningCifs,StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 -``` - -Use the following command to create the FPolicy policy to monitor only CIFS protocols: - -``` -vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningCifs -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningCifs -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 -``` - -Use the following command to create the FPolicy policy to monitor only NFS protocols: - -``` -vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 -``` - -#### Validate Part 5: FPolicy Policy Creation - -Run the following command to validate the creation of the FPolicy policy: - -``` -fpolicy policy show -vserver [SVM_NAME] -policy-name StealthAUDIT -instance -``` - -``` -Ontap915::> fpolicy policy show -instance -  (vserver fpolicy policy show) -                        Vserver: svm0 -                         Policy: StealthAUDIT -              Events to Monitor: StealthAUDITScreeningCifs, -                                 StealthAUDITScreeningFailedCifs, -                                 StealthAUDITScreeningNfsV3, -                                 StealthAUDITScreeningFailedNfsV3, -                                 StealthAUDITScreeningNfsV4, -                                 StealthAUDITScreeningFailedNfsV4 -                 FPolicy Engine: StealthAUDITEngine -Is Mandatory Screening Required: false -        Allow Privileged Access: no -User Name for Privileged Access: - -    Is Passthrough Read Enabled: false -          Persistent Store Name: - -``` - -Relevant NetApp Documentation: To learn more about creating a policy, please visit the NetApp -website and read the -[vserver fpolicy policy create](https://docs.netapp.com/us-en/ontap-cli/vserver-fpolicy-policy-create.html) -article. - -### Part 6: Create FPolicy Scope - -The FPolicy scope creates the filters necessary to perform scans on specific shares or volumes. It -is possible to set the scope to monitor all volumes or all shares by replacing the volume/share name -variable [SVM_NAME] in the command with an asterisk (\*). - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. -- It is not necessary to specify both volumes and shares. One or the other is sufficient. -- If you want to monitor everything, set the "`volumes-to-include`" value to "`*`". - -Use the following command to create the FPolicy scope by specifying volume(s): - -``` -vserver fpolicy policy scope create -vserver [SVM_NAME] -policy-name StealthAUDIT -volumes-to-include [VOLUME_NAME],[VOLUME_NAME] -``` - -Example: - -``` -vserver fpolicy policy scope create -vserver testserver -policy-name StealthAUDIT -volumes-to-include samplevolume1,samplevolume2 -``` - -Use the following command to create the FPolicy scope by specifying share(s): - -``` -vserver fpolicy policy scope create -vserver [SVM_NAME] -policy-name StealthAUDIT -shares-to-include [SHARE_NAME],[SHARE_NAME] -``` - -Example: - -``` -vserver fpolicy policy scope create -vserver testserver -policy-name StealthAUDIT -shares-to-include sampleshare1,sampleshare2 -``` - -#### Validate Part 6: FPolicy Scope Creation - -Run the following command to validate the FPolicy scope creation: - -``` -fpolicy policy scope show -instance -``` - -``` -Ontap915::> fpolicy policy scope show -instance -  (vserver fpolicy policy scope show) -                   Vserver: svm0 -                    Policy: StealthAUDIT -         Shares to Include: * -         Shares to Exclude: - -        Volumes to Include: * -        Volumes to Exclude: - -Export Policies to Include: * -Export Policies to Exclude: - -File Extensions to Include: - -File Extensions to Exclude: - -``` - -Relevant NetApp Documentation: To learn more about creating scope, please visit the NetApp website -and read the -[vserver fpolicy policy scope create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-scope-create.html) -article. - -### Part 7: Set TLS Authentication - -If using the TLS authentication options, it is necessary to set authentication for the type of -authentication. - -#### Set Server-Authentication - -Use the following command to set server-authentication: - -``` -vserver fpolicy policy externalengine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option server-auth -``` - -Example: - -``` -vserver fpolicy policy externalengine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option server-auth -``` - -#### Set Mutual-Authentication - -Use the following command to set mutual-authentication: - -``` -vserver fpolicy policy external-engine modify ‑vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name [COMMON_NAME] -certificate-serial [CERTIFICATE_SERIAL] -certificate-ca [CERTIFICATE_AUTHORITY] -``` - -Example: - -``` -vserver fpolicy policy external-engine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name testserver -certificate-serial 461AC46521B31321330EBBE4321AC51D -certificate-ca "VeriSign Universal Root Certification Authority" -``` - -#### Validate Mutual-Authentication Is Set - -Run the following command to confirm mutual-authentication is set: - -``` -vserver fpolicy policy external-engine show -fields ssl-option -``` - -### Part 8: Enable the FPolicy - -The FPolicy must be enabled before the Activity Monitor Agent can be configured to monitor the SVM. - -IMPORTANT: - -- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. - -Use the following command to enable the FPolicy: - -``` -vserver fpolicy enable -vserver [SVM_NAME] -policy-name StealthAUDIT -sequence-number [INTEGER] -``` - -Example: - -``` -vserver fpolicy enable -vserver testserver -policy-name StealthAUDIT -sequence-number 10 -``` - -#### Validate Part 8: FPolicy Enabled - -Run the following command to validate the FPolicy scope creation: - -``` -vserver fpolicy show -``` - -``` -Ontap915::> fpolicy show -    show                             show-enabled -    show-engine                      show-passthrough-read-connection -Ontap915::> fpolicy show -  (vserver fpolicy show) -                                      Sequence -Vserver       Policy Name               Number  Status   Engine -------------- ----------------------- --------  -------- --------- -svm0          StealthAUDIT                  10  on       StealthAU -                                                         DITEngine -``` - -Relevant NetApp Documentation: To learn more about enabling a policy, please visit the NetApp -website and read the -[vserver fpolicy enable](https://docs.netapp.com/us-en/ontap-cli-9121//vserver-fpolicy-enable.html) -article. - -### Part 9: Connect FPolicy Server / Agent to Cluster Node - -Manually connecting the FPolicy server (or Agent server) to the Cluster Node is only needed if there -is an issue with connection to the Cluster Node or for troubleshooting a disconnection issue. - -Use the following command to connect the `StealthAUDITEngine` that belongs to the `StealthAUDIT` -policy to all Cluster Nodes: - -``` -policy engine-connect -vserver [SVM_NAME] -policy-name StealthAUDIT -node * -``` - -Example: - -``` -policy engine-connect -vserver testserver -policy-name StealthAUDIT -node * -``` - -#### Validate Part 9: Connection to Cluster Node - -Run the following command to validate connection to the Cluster Node: - -``` -fpolicy show-engine -vserver [SVM_NAME] -policy-name StealthAUDIT -node * -``` - -``` -Ontap915::> fpolicy show-engine -vserver svm0 -policy-name StealthAUDIT -node * -  (vserver fpolicy show-engine) -                                   FPolicy           Server         Server -Vserver Policy Name   Node         Server            Status         Type -------- ------------- ------------ ----------------- -------------- ----------- -svm0    StealthAUDIT  Ontap915-01  192.168.11.35     disconnected   primary -``` - -## Automatic Configuration of FPolicy - -The Activity Monitor can automatically configure FPolicy on the targeted SVM. The FPolicy created -will monitor file system activity from all volumes and shares of the SVM. This feature can be -enabled using the **Configure FPolicy. Create or modify FPolicy objects if needed** checkbox on the -FPolicy page in the monitored host's properties in the Activity Monitor. - -Starting ONTAP 9.15.1 and later versions, it is recommended to enable the Persistent Store feature -that stores events on disk before they are sent to the Activity Monitor Agent. This reduces -client-side latency and increases resilience during network delays or bursts of activity. To enable -the Persistent Store, specify a volume name and size on the Persistent Store tab of the FPolicy page -in the monitored host properties. The volume will be automatically created if it does not already -exist. See the [Persistent Store](#persistent-store) topic for additional information on the -recommended volume size. - -If using the TLS, mutual authentication option, you will need to create the PEM file for the Client -Certification, which is needed during the monitored host configuration in the Activity Monitor. It -will also be necessary to set mutual authentication on the SVM. - -### Set TLS Mutual-Authentication - -If using the TLS, mutual authentication options, it is necessary to set authentication. - -Use the following command to set mutual-authentication: - -``` -vserver fpolicy policy external-engine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name [COMMON_NAME] -certificate-serial [CERTIFICATE_SERIAL] -certificate-ca [CERTIFICATE_AUTHORITY] -``` - -Example: - -``` -vserver fpolicy policy external-engine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name testserver -certificate-serial 461AC46521B31321330EBBE4321AC51D -certificate-ca "VeriSign Universal Root Certification Authority" -``` - -#### Validate: Mutual-Authentication - -Run the following command to confirm mutual-authentication is set: - -``` -vserver fpolicy policy external-engine show -fields ssl-option -``` - -## Customization of FPolicy Object Names - -Activity Monitor uses the following FPolicy object names by default: - -- Policy name – `StealthAUDIT` -- External Engine name – `StealthAUDITEngine` -- CIFS Event name – `StealthAUDITScreeningCifs` -- NFS v3 Event name – `StealthAUDITScreeningNfsV3` -- NFS v4 Event name – `StealthAUDITScreeningNfsV4` -- Failed CIFS Event name – `StealthAUDITScreeningFailedCifs` -- Failed NFS v3 Event name – `StealthAUDITScreeningFailedNfsV3` -- Failed NFS v4 Event name – `StealthAUDITScreeningFailedNfsV4` -- Persistent Store name – `StealthAUDITPersistentStore` - -These names can be customized in the monitored host's settings in the Activity Monitor. It can be -useful in two scenarios: - -- You want the names to match the company policies; -- You want to configure FPolicy manually using your custom names, but also want to leverage the - "Enable and Connect FPolicy" feature of the Activity Monitor, so that the product ensures that - FPolicy stays enabled and connected at all times. diff --git a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/overview.md b/docs/accessanalyzer/12.0/configuration/netapp-c-mode/overview.md deleted file mode 100644 index d29084de4f..0000000000 --- a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/overview.md +++ /dev/null @@ -1,156 +0,0 @@ -# NetApp Data ONTAP Cluster-Mode Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or -Sensitive Data Discovery Auditing scans on NetApp Data ONTAP Cluster-Mode devices. The Netwrix -Activity Monitor can be configured to monitor activity on NetApp Data ONTAP Cluster-Mode devices and -make the event data available for Access Analyzer Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Access Analyzer scans must have the following permissions on the target -host: - -- For CIFS access: - - - Method 1 – Use FPolicy & ONTAP API - - - Enumerate shares by executing specific NetApp API calls - - Bypass NTFS security to read the entire folder structure to be scanned and collect - file/folder permissions - - - Method 2 – Use the c$ Share - - - Enumerate shares with standard Windows file sharing APIs. - - Bypass NTFS security to read the entire folder structure to be scanned and collect - file/folder permissions - -- For NFSv3 access: - - - IP Address of scanning server in the export policy for each volume - -These permissions grant the credential the ability to enumerate shares, access the remote registry, -and bypass NTFS security on folders. The credential used within the assigned Connection Profile for -these target hosts requires these permissions. See the -[NetApp Data ONTAP Cluster-Mode Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/netapp-c-mode/access.md) topic for -instructions. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of NetApp Data ONTAP Cluser-Mode Device - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -NetApp Data ONTAP Cluster-Mode Device Requirements - -An FPolicy must be configured on the target device for Activity Auditing (FSAC) scans. A tailored -FPolicy is recommended as it decreases the impact on the NetApp device. The credential associated -with the FPolicy used to monitor activity must be provisioned with access to (at minimum) the -following CLI commands, according to the level of collection desired: - -- Collect Activity Events (Least Privilege) - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - -- Employ the “Enable and connect FPolicy” Option (Less Privilege) - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - - `vserver fpolicy disable` – All access - - `vserver fpolicy enable` – All access - - `vserver fpolicy engine-connect` – All access - - `network interface` – Readonly access - -- Employ the “Configure FPolicy Option (Automatic Configuration of FPolicy) - - - `version` – Readonly access - - `volume` – Readonly access - - `vserver` – Readonly access - - `vserver fpolicy` – All access - - `network interface` – Readonly access - -- If FPolicy uses a TLS connection, the following CLI command is also needed: - - - `security certificate install` – All access - -- StealthAUDIT Integration requires the addition of the following CLI command: - - - `security login role show-ontapi` – Readonly access - -See the [NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/netapp-c-mode/activity.md) topic for -instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for NetApp Data ONTAP Cluster-Mode Device - -The following firewall settings are required for communication between the Activity Monitor Activity -Agent server and the target NetApp Data ONTAP Cluster-Mode device: - -| Communication Direction | Protocol | Ports | Description | -| --------------------------------- | ---------------- | ----- | -------------- | -| Activity Agent Server to NetApp\* | HTTP (optional) | 80 | ONTAPI | -| Activity Agent Server to NetApp\* | HTTPS (optional) | 443 | ONTAPI | -| NetApp to Activity Agent Server | TCP | 9999 | FPolicy events | - -\*Only required if using the FPolicy Configuration and FPolicy Enable and Connect options in -Activity Monitor. - -**NOTE:** If either HTTP or HTTPS are not enabled, the FPolicy on the NetApp Data ONTAP 7-Mode -device must be configured manually. Also, the External Engine will not reconnect automatically in -the case of a server reboot or service restart. - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/provision-activity.md b/docs/accessanalyzer/12.0/configuration/netapp-c-mode/provision-activity.md deleted file mode 100644 index 146ec2bf5c..0000000000 --- a/docs/accessanalyzer/12.0/configuration/netapp-c-mode/provision-activity.md +++ /dev/null @@ -1,368 +0,0 @@ -# Provision ONTAP Account - -This topic describes the steps needed to create a user account with the privileges required to -connect the Activity Monitor Agent to ONTAP API and to execute the API calls required for activity -monitoring and configuration. - -Provisioning this account is a two part process: - -- Part 1: Create Security Role -- Part 2: Create Security Login - -## Part 1: Create Security Role - -This section provides instructions for creating an access-control role. An access-control role -consists of a role name and a set of commands or API endpoints to which the role has access. It also -includes an access level (none, read-only, or all) and a query that applies to the specified command -or API endpoint. - -The permissions needed depends on the functionality level: - -- Least Privileged: ONLY Collect Events – This is the minimal functionality level. A user manually - configures FPolicy and ensures that it stays enabled and connected. The product only collects - events. This functionality level is not recommended as it requires an additional solution that - tracks the state of FPolicy and fixes the problem should ONTAP disconnect or should the policy - become disabled. -- **_RECOMMENDED:_** Less Privileged: Enable/Connect Policy & Collect Events – With this level, the - user still performs the initial FPolicy configuration manually. The product tracks the state of - FPolicy with periodic checks to ensure it stays enabled and connected all the time. -- **_RECOMMENDED:_** Automatically Configure the FPolicy – With this full-blown level, no manual - configuration is needed. The product performs the initial FPolicy configuration; updates FPolicy - to reflect configuration changes; ensures that FPolicy stays enabled and connected all the time. - -No matter which set of permissions you provision, validate the configuration before continuing to -Part 2. See the -[Validate Part 1: Security Role Configuration](#validate-part-1-security-role-configuration) topic -for additional information. - -If the FPolicy is to be used for both the Activity Monitor and Access Analyzer, the account also -needs to be provisioned with an additional permission. See the -[Access Analyzer Integration](#access-analyzer-integration) topic for additional information. - -The commands to create a role and names of permissions depend on the ONTAP API used. The product -supports both the classic ONTAPI/ZAPI and the new REST API. For ONTAPI/ZAPI you need to use -`security login role create` command to create a RBAC access control role. The required commands are -listed in the `cmddirname` parameter. For REST API, use `security login rest-role create` command to -create a REST access control role. The required API endpoint is specified in the `api` parameter. -The following sections provide instructions for both API modes. - -### Least Privileged: ONLY Collect Events - -If the desire is for a least privileged model, the Activity Monitor requires the following -permissions to collect events. - -#### ONTAPI/ZAPI - -- `version` – Readonly access -- `volume` – Readonly access -- `vserver` – Readonly access - -Use the following commands to provision read-only access to all required commands: - -``` -security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME]     -``` - -Example: - -``` -security login role create -role enterpriseauditor -cmddirname "version" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditor -cmddirname "volume" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditor -cmddirname "vserver" -access readonly -query "" -vserver testserver -``` - -#### REST API - -- `/api/cluster` – Readonly access -- `/api/protocols/cifs/services` – Readonly access -- `/api/storage/volumes` – Readonly access -- `/api/svm/svms` – Readonly access - -Use the following commands to provision read-only access to all required API endpoints: - -``` -security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] -``` - -Example: - -``` -security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver -``` - -**NOTE:** If the FPolicy account is configured with these permissions, it is necessary to manually -configure the FPolicy. See the [Configure FPolicy](/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-fpolicy.md) topic for additional -information. - -### Less Privileged: Enable/Connect FPolicy & Collect Events - -If the desire is for a less privileged model, the Activity Monitor requires the following -permissions to collect events: - -#### ONTAPI/ZAPI - -- `version` – Readonly access -- `volume` – Readonly access -- `vserver` – Readonly access - - `network interface` – Readonly access - -- `vserver fpolicy disable` – All access -- `vserver fpolicy enable` – All access - - _Remember,_ this permission permits the Activity Monitor to enable the FPolicy. If the “Enable - and connect FPolicy” option is employed but the permission is not provided, the agent will - encounter “Failed to enable policy” errors, but it will still be able to connect to the FPolicy. - Since this permission model requires a manual configuration of the FPolicy, then the need to - manually enable the FPolicy will be met. - -- `vserver fpolicy engine-connect` – All access - -Use the following command to provision access to all required commands: - -``` -security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "network interface" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy disable" -access all -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy enable" -access all -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy engine-connect" -access all -query "" -vserver [SVM_NAME] -``` - -Example: - -``` -security login role create -role enterpriseauditorrest -cmddirname "version" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "volume" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "network interface" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy disable" -access all -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy enable" -access all -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy engine-connect" -access all -query "" -vserver testserver -``` - -#### REST API - -- `/api/cluster` – Readonly access -- `/api/protocols/cifs/services` – Readonly access -- `/api/storage/volumes` – Readonly access -- `/api/svm/svms` – Readonly access -- `/api/network/ip/interfaces` – Readonly access -- `/api/protocols/fpolicy` – All access - -Use the following commands to provision read-only access to all required API endpoints: - -``` -security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/network/ip/interfaces" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/protocols/fpolicy" -access all -vserver [SVM_NAME] -``` - -Example: - -``` -security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/network/ip/interfaces" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/protocols/fpolicy" -access all -vserver testserver -``` - -**NOTE:** If the FPolicy account is configured with these permissions, it is necessary to manually -configure the FPolicy. See the [Configure FPolicy](/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-fpolicy.md) topic for additional -information. - -### Automatically Configure the FPolicy - -If the desire is for the Activity Monitor to automatically configure the FPolicy, the security role -requires the following permissions: - -#### ONTAPI/ZAPI - -- `version` – Readonly access -- `volume` – Readonly access -- `vserver` – Readonly access - - `network interface` – Readonly access - -- `vserver fpolicy` – All access -- `security certificate install` – All access - - _Remember,_ this permission is only needed for FPolicy TLS connections. - -Use the following command to provision access to all required commands: - -``` -security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "network interface" -access readonly -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy" -access all -query "" -vserver [SVM_NAME] -security login role create -role [ROLE_NAME] -cmddirname "security certificate install" -access all -query "" -vserver [SVM_NAME] -``` - -Example: - -``` -security login role create -role enterpriseauditorrest -cmddirname "version" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "volume" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "network interface" -access readonly -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy" -access all -query "" -vserver testserver -security login role create -role enterpriseauditorrest -cmddirname "security certificate install" -access all -query "" -vserver testserver -``` - -#### REST API - -- `/api/cluster` – Readonly access -- `/api/protocols/cifs/services` – Readonly access -- `/api/storage/volumes` – Readonly access -- `/api/svm/svms` – Readonly access -- `/api/network/ip/interfaces` – Readonly access -- `/api/protocols/fpolicy` – All access -- `/api/security/certificates` – All access - - Remember, this permission is only needed for FPolicy TLS connections. - -Use the following commands to provision access to all required API endpoints: - -``` -security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/network/ip/interfaces" -access readonly -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/protocols/fpolicy" -access all -vserver [SVM_NAME] -security login rest-role create -role [ROLE_NAME] -api "/api/security/certificates" -access all -vserver [SVM_NAME] -``` - -Example: - -``` -security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/network/ip/interfaces" -access readonly -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/protocols/fpolicy" -access all -vserver testserver -security login rest-role create -role enterpriseauditorrest -api "/api/security/certificates" -access all -vserver testserver -``` - -**NOTE:** If the FPolicy account is configured with these permissions, the Activity Monitor can -automatically configure the FPolicy. See the [Configure FPolicy](/docs/accessanalyzer/12.0/configuration/netapp-c-mode/configure-fpolicy.md) topic for -additional information. - -### Access Analyzer Integration - -If the desire is for FPolicy to be used with both the Activity Monitor and Access Analyzer, then the -following permission is also required: - -- `security login role show-ontapi` – Readonly access - -Use the following command to provision read-only access to security login role show-ontapi commands: - -``` -security login role create -role [ROLE_NAME] -cmddirname "security login role show-ontapi" -access readonly -query "" -vserver [SVM_NAME] -``` - -Example: - -``` -security login role create -role enterpriseauditor -cmddirname "security login role show-ontapi" -access readonly -query "" -vserver testserver -``` - -### Validate Part 1: Security Role Configuration - -For ONTAPI, run the following command to validate the RBAC security role configuration: - -``` -security login role show [ROLE_NAME] -``` - -Example: - -``` -security login role show enterpriseauditor -``` - -Relevant NetApp Documentation: For more information about creating RBAC access control roles, read -the -[security login role create](https://docs.netapp.com/us-en/ontap-cli-9141//security-login-role-create.html) -article. - -For REST API, run the following command to validate the REST security role configuration: - -``` -security login rest-role show [ROLE_NAME] -``` - -Example: - -``` -security login rest-role show enterpriseauditorrest -``` - -For more information about creating REST access control roles, read the -[security login rest-role create](https://docs.netapp.com/us-en/ontap-cli-9141/security-login-rest-role-create.html) -article. - -## Part 2: Create Security Login - -Once the access control role has been created, apply it to a domain account. Ensure the following -requirements are met: - -- The SVM used in the following command must be the same SVM used when creating the access control - role in Part 1. -- All parameters are case sensitive. -- It is recommended to use lowercase for both domain and username. The case of domain and username - created during the account provisioning process must match exactly to the credentials provided to - the Activity Monitor activity agent for authentication to work. - -Use the following command to create the security login for the security role created in Part 1: - -``` -security login create -user-or-group-name [DOMAIN\DOMAINUSER] -application ontapi -authentication-method [DOMAIN_OR_PASSWORD_AUTH] -role [ROLE_NAME] -vserver [SVM_NAME] -``` - -Example: - -``` -security login create -user-or-group-name example\user1 -application ontapi -authentication-method domain -role enterpriseauditor -vserver testserver -``` - -Validate this security login was created. - -### Validate Part 2: Security Login Creation - -Run the following command to validate security login: - -``` -security login show [DOMAIN\DOMAINUSER] -``` - -Example: - -``` -security login show example\user1 -``` - -Verify that the output is displayed as follows: - -![validatesecuritylogincreation](/img/product_docs/activitymonitor/config/netappcmode/validatesecuritylogincreation.webp) - -For more information about creating security logins, read the -[security login create](https://docs.netapp.com/us-en/ontap-cli-9141/security-login-create.html) -article. diff --git a/docs/accessanalyzer/12.0/configuration/nutanix/access.md b/docs/accessanalyzer/12.0/configuration/nutanix/access.md deleted file mode 100644 index 40b7f624f0..0000000000 --- a/docs/accessanalyzer/12.0/configuration/nutanix/access.md +++ /dev/null @@ -1,22 +0,0 @@ -# Nutanix Appliance Access & Sensitive Data Auditing Configuration - -The credentials used to run Access Analyzer scans on Nutanix appliances must have the **Backup -Admin: Backup Access only** role assigned. - -## Nutanix Prism Central Interface - -Follow the steps to configure the required account in the Nutanix Prism Central Interface. - -**Step 1 –** Select the **Home** dropdown and select **File Server**. - -**Step 2 –** On the file server page, under actions select **Launch Files Console**. - -**Step 3 –** On the new files URL page, locate the **Configuration** dropdown and select **Manage -Roles**. - -![Nutanix Backup Admin: Backup Access only role](/img/product_docs/accessanalyzer/config/nutanix/nutanixbackupadminrole.webp) - -**Step 4 –** On the Manage Roles window, add an account with the **Backup Admin: Backup Access -only** role. - -This account must be used for running the Access Analyzer scans on Nutanix appliances. diff --git a/docs/accessanalyzer/12.0/configuration/nutanix/overview.md b/docs/accessanalyzer/12.0/configuration/nutanix/overview.md deleted file mode 100644 index 85a9025666..0000000000 --- a/docs/accessanalyzer/12.0/configuration/nutanix/overview.md +++ /dev/null @@ -1,71 +0,0 @@ -# Nutanix Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or -Sensitive Data Discovery Auditing scans on Nutanix Appliances. The Netwrix Activity Monitor can be -configured to monitor activity on Nutanix Appliances and make the event data available for Access -Analyzer Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Access Analyzer scans must have the following permissions on the target -host: - -- Group membership in the role **Backup Admin: Backup Access Only** - -See the [Nutanix Appliance Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/nutanix/access.md) topic for -additional information. - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Activity Auditing Permissions - -The Netwrix Activity Monitor can be configured to monitor activity on Nutanix devices. See the -[Nutanix Files Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/nutanix/activity.md) topic for instructions. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Nutanix Appliances - -The following firewall settings are required for communication between the Activity Monitor Activity -Agent server and the target Nutanix device: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ----------------------- | -| Activity Agent Server to Nutanix | TCP | 9440 | Nutanix API | -| Nutanix to Activity Agent Server | TCP | 4501 | Nutanix Event Reporting | - -Protect the port with a username and password. The credentials will be configured in Nutanix. - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/qumulo/overview.md b/docs/accessanalyzer/12.0/configuration/qumulo/overview.md deleted file mode 100644 index 5d92ed5def..0000000000 --- a/docs/accessanalyzer/12.0/configuration/qumulo/overview.md +++ /dev/null @@ -1,68 +0,0 @@ -# Qumulo Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or -Sensitive Data Discovery Auditing scans on Qumulo devices. The Netwrix Activity Monitor can be -configured to monitor activity on Qumulo devices and make the event data available for Access -Analyzer Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -The credentials used by the Access Analyzer scans must have the following permissions on the target -host: - -- Group membership in the Data-Administrators role - -**NOTE:** These permissions are in addition to those needed to either deploy applet scans for -running scans in proxy mode with applet or installing the File System Proxy Service Permissions for -running scans in proxy mode as a service. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Activity Auditing Permissions - -Netwrix Activity Monitor requires an account with the Observers role to monitor a Qumulo cluster. -See the [Qumulo Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/qumulo/activity.md) topic for instructions. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Qumulo Devices - -The following firewall settings are required for communication between the Activity Monitor Activity -Agent server and the target Qumulo device: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ----- | ---------------------- | -| Activity Agent Server to Qumulo | TCP | 8000 | Qumulo API | -| Qumulo to Activity Agent Server | TCP | 4496 | Qumulo Event Reporting | - -Protect the port with a username and password. The credentials will be configured in Qumulo. - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/sharepoint-online/access.md b/docs/accessanalyzer/12.0/configuration/sharepoint-online/access.md deleted file mode 100644 index d3b7e4d76f..0000000000 --- a/docs/accessanalyzer/12.0/configuration/sharepoint-online/access.md +++ /dev/null @@ -1,298 +0,0 @@ -# SharePoint Online Access & Sensitive Data Auditing Configuration - -Netwrix Access Analyzer (formerly Enterprise Auditor) uses Modern Authentication to execute Access -Auditing (SPAA) and/or Sensitive Data Discovery Auditing scans for the target SharePoint Online & -OneDrive for Business environments. This involves creating and defining a Microsoft Entra -ID application for app–only access to SharePoint Online. - -**NOTE:** A user account with the Global Administrator role is required to register an app with -Microsoft Entra ID. - -Configuration Settings from the Registered Application - -The following settings are needed from your tenant once you have registered the application: - -- Client ID – This is the Application (client) ID for the registered application -- Key – The comma delimited string containing the path to the certificate PFX file, certificate - password, and the Microsoft Entra ID environment identifier ( - `CertPath,CertPassword,AzureEnvironment`) - -Configure Modern Authentication for SharePoint Online using SP_RegisterAzureAppAuth Instant Job - -Registering a Microsoft Entra ID application and provisioning it to grant permissions to SharePoint -Online can be automated using the SP_RegisterAzureAppAuth job from the Access Analyzer Instant Job -Library. The SP_RegisterAzureAppAuth job uses the PowerShell Data Collector to automatically -configure modern authentication for SharePoint Online. It requires: - -- A Connection Profile containing the following two user credentials, both with an Account Type of - **Task (Local)**: - - - Microsoft Entra ID Global Admin credential - - A credential with the username `newapp` that contains the password for the new application - -- Microsoft Graph API PowerShell module to be installed on targeted hosts - -See the -[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-register-azure-app-auth.md) -topic for additional information. - -## Permissions - -The following permissions are required: - -Permissions for Microsoft Graph API - -- Application Permissions: - - - Application.Read.All – Read all applications - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - Domain.Read.All – Read domains - - Files.Read.All – Read files in all site collections - - GroupMember.Read.All – Read all group memberships - - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an - organization - - Member.Read.Hidden – Read all hidden memberships - - Organization.Read.All – Read organization information - - OrgContact.Read.All – Read organization contact - - Policy.Read.All – Read your organization's policies - - Policy.Read.ConditionalAccess – Read you organization's conditional access policies - - Policy.Read.PermissionGrant – Read consent and permission grant policies - - ServiceHealth.Read.All – Read service health - - ServiceMessage.Read.All – Read service messages - - Sites.Read.All – Read items in all site collections - - Team.ReadBasic.All – Get a list of all teamss - - TeamMember.Read.All – Read the members of all teams - -- Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -Permissions for Office 365 Management APIs - -- Application Permissions: - - - ActivityFeed.Read – Read activity data for your organization - - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data - - ServiceHealth.Read – Read service health information for your organization - -Permissions for SharePoint - -- Application Permissions: - - - Sites.FullControl.All – Have full control of all site collections - - Sites.Read.All – Read items in all site collections - - TermStore.Read.All – Read managed metadata - - User.Read.All – Read user profiles - -## Create Self–Signed Certificate - -To configure the Entra ID Application for invoking SharePoint Online with an App Only access token, -create and configure a self–signed X.509 certificate. This certificate authenticates the application -against Entra ID while requesting the App Only access token. See the Microsoft -[Granting access via Azure AD App-Only](https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread) -article for additional information. - -Follow the steps create the self-signed X.509 certificate. - -**Step 1 –** To generate a certificate, use the sample PowerShell command below: - -- Change the following parameters in the sample PowerShell command. See the Microsoft - [New-SelfSignedCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate) - article for additional information. - - - DNS Name – Specifies a DNS name to put into the subject alternative name extension of the - certificate - - Subject – A unique name for the new App (always starts with CN=, to denote a canonical name) - - FriendlyName – Same as Subject name minus the canonical name prefix - - NotAfter – A datetime string denoting the certificate's expiration date - in the above sample, - Get-Date.AddYears(11) specifies that the certificate will expire 11 years from the current - datetime - -Example PowerShell: - -``` -$cert=New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My -DnsName stealthbits.com -Subject "CN=StealthAUDIT SharePoint Auditor" -FriendlyName "StealthAUDIT SharePoint Auditor" -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddYears(11) -``` - -**Step 2 –** Export the certificate public key as a .cer file to the PrivateAssemblies folder in -Access Analyzer with the Export–Certificate cmdlet using the certificate path stored in the -$certPath variable (see Step 1). - -**NOTE:** The environment variable `SAINSTALLDIR` always points to the base Access Analyzer install -directory; simply append the PrivateAssemblies to point to that folder with the following cmdlet: - -``` -Export-Certificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\spaa_cert.cer" -Type CERT -``` - -- See the Microsoft - [Export-Certificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-certificate) - article for additional information. - -**Step 3 –** Export the certificate private key as a .pfx file to the same folder by running the -following cmdlet: - -``` -Export-PfxCertificate -Cert $cert -FilePath "$($env:SAINSTALLDIR)PrivateAssemblies\spaa_cert.pfx" -Password (ConvertTo-SecureString -String "PasswordGoesHere" -Force -AsPlainText) -``` - -**_RECOMMENDED:_** Change the string in the Password parameter from "PasswordGoesHere" to something -more secure before running this cmdlet. - -- See the Microsoft - [Export-PfxCertificate](https://docs.microsoft.com/en-us/powershell/module/pki/export-pfxcertificate) - article for additional information. - -## Register a Microsoft Entra ID Application - -Follow the steps to register Access Analyzer with Microsoft Entra ID. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App -registrations. - -**Step 3 –** In the top toolbar, click **New registration**. - -**Step 4 –** Enter the following information in the Register an application page: - -- Name – Enter a user-facing display name for the application, for example Netwrix Access Analyzer - (formerly Enterprise Auditor) Entra ID for SharePoint -- Supported account types – Select **Accounts in this organizational directory only** - -**Step 5 –** Click **Register**. - -The Overview page for the newly registered app opens. Review the newly created registered -application. Now that the application has been registered, permissions need to be granted to it. - -## Upload Self-Signed Certificate - -Follow the steps to provision the upload your self-signed certificate. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. - -**Step 3 –** Select the Certificates tab. - -**Step 4 –** In the tool bar, click **Upload Certificate**. - -**Step 5 –** Navigate to the to PrivateAssemblies folder and select the `spaa_cert.cer` file. -Optionally add a Description. - -**Step 6 –** Click **Add**. - -The upload certificate public key .cer file is an application key credential. - -## Grant Permissions to the Registered Application - -Follow the steps to grant permissions to the registered application. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. - -**Step 3 –** In the top toolbar, click **Add a permission**. - -**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs -tab. Select the following permissions: - -- Application Permissions: - - - Application.Read.All – Read all applications - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - Domain.Read.All – Read domains - - Files.Read.All – Read files in all site collections - - GroupMember.Read.All – Read all group memberships - - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an - organization - - Member.Read.Hidden – Read all hidden memberships - - Organization.Read.All – Read organization information - - OrgContact.Read.All – Read organization contact - - Policy.Read.All – Read your organization's policies - - Policy.Read.ConditionalAccess – Read you organization's conditional access policies - - Policy.Read.PermissionGrant – Read consent and permission grant policies - - ServiceHealth.Read.All – Read service health - - ServiceMessage.Read.All – Read service messages - - Sites.Read.All – Read items in all site collections - - Team.ReadBasic.All – Get a list of all teamss - - TeamMember.Read.All – Read the members of all teams - -- Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -**Step 5 –** At the bottom of the page, click **Add Permissions**. - -**Step 6 –** In the top toolbar, click **Add a permission**. - -**Step 7 –** On the Request API permissions blade, select **Office 365 Management APIs** on the -Microsoft APIs tab. Select the following permissions: - -- Application Permissions: - - - ActivityFeed.Read – Read activity data for your organization - - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data - - ServiceHealth.Read – Read service health information for your organization - -**Step 8 –** At the bottom of the page, click **Add Permissions**. - -**Step 9 –** In the top toolbar, click **Add a permission**. - -**Step 10 –** On the Request API permissions blade, select **SharePoint** on the Microsoft APIs tab. -Select the following permissions: - -- Application Permissions: - - - Sites.FullControl.All – Have full control of all site collections - - Sites.Read.All – Read items in all site collections - - TermStore.Read.All – Read managed metadata - - User.Read.All – Read user profiles - -**Step 11 –** At the bottom of the page, click **Add Permissions**. - -**Step 12 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation -window. - -Now that the permissions have been granted to it, the Connection Profile and host settings for -Access Analyzer need to be collected. - -## Identify the Client ID - -Follow the steps to find the registered application's Client ID. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** Copy the **Application (client) ID** value. - -**Step 3 –** Save this value in a text file. - -This is needed for the Access Analyzer Connection Profile. See the -[Azure Active Directory for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/entra-id.md) -topic for additional information. diff --git a/docs/accessanalyzer/12.0/configuration/sharepoint-online/activity.md b/docs/accessanalyzer/12.0/configuration/sharepoint-online/activity.md deleted file mode 100644 index 87aa845767..0000000000 --- a/docs/accessanalyzer/12.0/configuration/sharepoint-online/activity.md +++ /dev/null @@ -1,229 +0,0 @@ -# SharePoint Online Activity Auditing Configuration - -In order to collect logs and monitor SharePoint Online activity using the Netwrix Activity Monitor, -it needs to be registered with Microsoft® Entra ID® (formerly Azure AD). - -**NOTE:** A user account with the Global Administrator role is required to register an app with -Microsoft Entra ID. - -Additional Requirement - -In addition to registering the application with Microsoft Entra ID, the following is required: - -- Enable Auditing for SharePoint Online - -See the [Enable Auditing for SharePoint Online](#enable-auditing-for-sharepoint-online) topic for -additional information. - -Configuration Settings from the Registered Application - -The following settings are needed from your tenant once you have registered the application: - -- Tenant ID – This is the Tenant ID for Microsoft Entra ID -- Client ID – This is the Application (client) ID for the registered application -- Client Secret – This is the Client Secret Value generated when a new secret is created - - **CAUTION:** It is not possible to retrieve the value after saving the new key. It must be - copied first. - -Permissions for Microsoft Graph API - -- Application: - - - Directory.Read.All – Read directory data - - Sites.Read.All – Read items in all site collections - - User.Read.All – Read all users' full profiles - -Permissions for Office 365 Management APIs - -- Application Permissions: - - - ActivityFeed.Read – Read activity data for your organization - - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data - -## Register a Microsoft Entra ID Application - -Follow the steps to register Activity Monitor with Microsoft Entra ID. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App -registrations. - -**Step 3 –** In the top toolbar, click **New registration**. - -**Step 4 –** Enter the following information in the Register an application page: - -- Name – Enter a user-facing display name for the application, for example Netwrix Activity Monitor - for SharePoint -- Supported account types – Select **Accounts in this organizational directory only** -- Redirect URI – Set the Redirect URI to **Public client/native** (Mobile and desktop) from the drop - down menu. In the text box, enter the following: - - Urn:ietf:wg:oauth:2.0:oob - -**Step 5 –** Click **Register**. - -The Overview page for the newly registered app opens. Review the newly created registered -application. Now that the application has been registered, permissions need to be granted to it. - -## Grant Permissions to the Registered Application - -Follow the steps to grant permissions to the registered application. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. - -**Step 3 –** In the top toolbar, click **Add a permission**. - -**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs -tab. Select the following permissions: - -- Application: - - - Directory.Read.All – Read directory data - - Sites.Read.All – Read items in all site collections - - User.Read.All – Read all users' full profiles - -**Step 5 –** At the bottom of the page, click **Add Permissions**. - -**Step 6 –** In the top toolbar, click **Add a permission**. - -**Step 7 –** On the Request API permissions blade, select **Office 365 Management APIs** on the -Microsoft APIs tab. Select the following permissions: - -- Application Permissions: - - - ActivityFeed.Read – Read activity data for your organization - - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data - -**Step 8 –** At the bottom of the page, click **Add Permissions**. - -**Step 9 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation -window. - -Now that the permissions have been granted to it, the settings required for Activity Monitor need to -be collected. - -## Identify the Client ID - -Follow the steps to find the registered application's Client ID. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** Copy the **Application (client) ID** value. - -**Step 3 –** Save this value in a text file. - -This is needed for adding a SharePoint Online host in the Activity Monitor. Next identify the Tenant -ID. - -## Identify the Tenant ID - -The Tenant ID is available in two locations within Microsoft Entra ID. - -Registered Application Overview Blade - -You can copy the Tenant ID from the same page where you just copied the Client ID. Follow the steps -to copy the Tenant ID from the registered application Overview blade. - -**Step 1 –** Copy the Directory (tenant) ID value. - -**Step 2 –** Save this value in a text file. - -This is needed for adding a SharePoint Online host in the Activity Monitor. Next generate the -application’s Client Secret Key. - -Overview Page - -Follow the steps to find the tenant name where the registered application resides. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** Copy the Tenant ID value. - -**Step 3 –** Save this value in a text file. - -This is needed for adding a SharePoint Online host in the Activity Monitor. Next generate the -application’s Client Secret Key. - -## Generate the Client Secret Key - -Follow the steps to find the registered application's Client Secret, create a new key, and save its -value when saving the new key. - -**NOTE:** The steps below are for registering an app through the Microsoft Entra admin center. These -steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft -documentation for additional information. - -**CAUTION:** It is not possible to retrieve the value after saving the new key. It must be copied -first. - -**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it -will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** -list. - -**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. - -**Step 3 –** In the top toolbar, click **New client secret**. - -**Step 4 –** On the Add a client secret blade, complete the following: - -- Description – Enter a unique description for this secret -- Expires – Select the duration. - - **NOTE:** Setting the duration on the key to expire requires reconfiguration at the time of - expiration. It is best to configure it to expire in 1 or 2 years. - -**Step 5 –** Click **Add** to generate the key. - -**CAUTION:** If this page is left before the key is copied, then the key is not retrievable, and -this process will have to be repeated. - -**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the -Copy to clipboard button to copy the Client Secret. - -**Step 7 –** Save this value in a text file. - -This is needed for adding a SharePoint Online host in the Activity Monitor. - -## Enable Auditing for SharePoint Online - -Follow the steps to enable auditing for SharePoint Online so the Activity Monitor can receive -events. - -**Step 1 –** In the Microsoft Purview compliance portal at -[https://purview.microsoft.com](https://purview.microsoft.com/), go to **Solutions** > **Audit**. -Or, to go directly to the Audit page at -[https://purview.microsoft.com/audit/auditsearch](https://purview.microsoft.com/audit/auditsearch). - -**Step 2 –** If auditing is not turned on for your organization, a banner is displayed prompting you -start recording user and admin activity. - -**Step 3 –** Select the **Start recording** user and **admin activity** banner. - -It may take up to 60 minutes for the change to take effect. The Activity Monitor now has SharePoint -Online auditing enabled as needed to receive events. See the Microsoft -[Turn auditing on or off](https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-log-enable-disable?view=o365-worldwide) -article for additional information on enabling or disabling auditing. diff --git a/docs/accessanalyzer/12.0/configuration/sharepoint-online/overview.md b/docs/accessanalyzer/12.0/configuration/sharepoint-online/overview.md deleted file mode 100644 index bfd3d5462b..0000000000 --- a/docs/accessanalyzer/12.0/configuration/sharepoint-online/overview.md +++ /dev/null @@ -1,79 +0,0 @@ -# SharePoint Online Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (SPAA) and -Sensitive Data Discovery Auditing scans on SharePoint Online. The Netwrix Activity Monitor can be -configured to monitor activity on SharePoint Online and make the event data available for Access -Analyzer Activity Auditing (SPAC) scans. - -## Access & Sensitive Data Auditing Permissions - -- Permissions vary based on the Scan Mode selected and target environment. See the - [SharePoint Support](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/sharepoint.md) topic for - additional information. - -See the [SharePoint Online Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/sharepoint-online/access.md) topic for -instructions. - -**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for -SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and -provisions it with the required permissions. See the -[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-register-azure-app-auth.md) -topic for additional information. - -## Access & Sensitive Data Auditing Port Requirements - -- Ports vary based on the Scan Mode selected and target environment. See the - [SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) - topic for additional information. - -## Activity Auditing Permissions - -Windows Proxy Server for Activity Agent Monitoring of SharePoint Online - -The Netwrix Activity Monitor must have an Activity Agent deployed on a Windows proxy server. While -actively monitoring, the Activity Agent generates activity log files stored on the proxy server. The -credential used to deploy the Activity Agent must have the following permissions on the proxy -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -SharePoint Requirements - -See the [SharePoint Online Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/sharepoint-online/activity.md) topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/sharepoint/access.md b/docs/accessanalyzer/12.0/configuration/sharepoint/access.md deleted file mode 100644 index 233ef23c9a..0000000000 --- a/docs/accessanalyzer/12.0/configuration/sharepoint/access.md +++ /dev/null @@ -1,80 +0,0 @@ -# SharePoint Access & Sensitive Data Auditing Configuration - -Permissions are required on the SharePoint Farm, Web Application, and the SharePoint Database in -order for Access Analyzer to execute Access Auditing (SPAA) and/or Sensitive Data Discovery Auditing -scans. - -## Configure SharePoint Farm Permissions - -Follow the steps to configure the SharePoint Farm level permissions on SharePoint 2013 through -SharePoint 2019 farms. - -**Step 1 –** In the SharePoint Central Administration Center, navigate to the Security section. - -**Step 2 –** Select the Manage the farm administrators group option under Users. - -**Step 3 –** If the Farm Read group exists, add the service account to that group. If the Farm Read -group has been deleted, it is necessary to create a new group with Read privileges at the Farm -level: - -- Select More under the Groups section. -- Select New Group from the New drop-down menu. -- Ensure the group has the Read – Can view pages and list items and download documents permission. -- Add the service account to this new group. - -The service account has Read level access at the Farm level. - -## Configure SharePoint Web Application Permissions - -Follow the steps to configure the SharePoint web application level permissions on SharePoint 2013 -through SharePoint 2019 farms. - -**Step 1 –** In the SharePoint Central Administration Center, navigate to the Application Management -section. - -**Step 2 –** Select Manage web applications option under Web Applications. - -**Step 3 –** Create a new policy for the desired web application. Follow these steps: - -- Click Permission Policy. The Manage Permission Policy Levels window opens. -- Click Add Permission Policy Level. Select the following: - - - Check the Site Collection Auditor permission. - - Check the Open Items box in the Site Permissions Grant column. - - Click Save. - -**Step 4 –** Repeat Step 3 for each web application in scope. It is recommended to give these -policies the same name. - -**Step 5 –** Add the service account to the newly created roles. Follow these steps: - -- Select a web application with the newly created role. -- Click User Policy. The Policy for Web Application window opens. -- Click Add Users. Leave all zones select and click Next. -- Add the service account in the Users textbox. -- Check the newly created role with site collection auditor in the Permissions section. Click - Finish. - -**Step 6 –** Repeat Step 5 for each web application in scope. - -The service account is provisioned as a Site Collection Auditor on all web applications to be -audited. - -## Configure SharePoint Database Server Permissions - -Follow the steps to configure the SharePoint database server permissions on SharePoint 2013 through -SharePoint 2019 farms. - -**Step 1 –** Navigate to the SharePoint database server user configuration via SQL Management -Studio. - -**Step 2 –** Provision the service account to have: - -- SPDataAccess Database role membership -- This database role membership needs to be configured on: - - - SharePoint Configuration database (ShaerPoint_Config) - - All SharePoint Content databases housing web application data (by default the content - databases begin with WSS*Content*, but they can be customized) - -The service account is provisioned with SharePoint database permissions. diff --git a/docs/accessanalyzer/12.0/configuration/sharepoint/activity.md b/docs/accessanalyzer/12.0/configuration/sharepoint/activity.md deleted file mode 100644 index 3e8a11b133..0000000000 --- a/docs/accessanalyzer/12.0/configuration/sharepoint/activity.md +++ /dev/null @@ -1,44 +0,0 @@ -# SharePoint On-Premise Activity Auditing Configuration - -SharePoint Event Auditing must be enabled for each site collection to be monitored by the Netwrix -Activity Monitor and/or audited by Netwrix Access Analyzer (formerly Enterprise Auditor). - -## User Requirements - -Following are the SharePoint On-Premise user requirements: - -- Local Administrator on SharePoint server (that hosts Central Administration) -- SharePoint SQL server, which includes login on SharePoint Admin, Config, and all content - databases, with the following role permissions: - - - SharePoint 2013+ - - - SPDataAccess - - - SharePoint 2010 - - - db_owner - -## Enable Event Auditing - -Follow the steps for each site collection within a SharePoint 2013 through SharePoint 2019 farm. - -**Step 1 –** Select Settings > Site settings. - -**Step 2 –** Under Site Collection Administration, click Go to top level site settings. - -**Step 3 –** On the Site Settings page, under Site Collection Administration, select Site collection -audit settings. - -**Step 4 –** On the Configure Audit Settings page, in the Documents and Items section select the -events to be audited. - -**Step 5 –** Still on the Configure Audit Settings page, in the List, Libraries, and Site section -select the events to be audited. - -**Step 6 –** Click OK to save the changes. - -SharePoint will create the audit logs to be monitored by the Netwrix Activity Monitor and/or audited -by Access Analyzer. See the Microsoft -[Configure audit settings for a site collection (SharePoint 2013/2016/2019)](https://support.office.com/en-us/article/Configure-audit-settings-for-a-site-collection-a9920c97-38c0-44f2-8bcb-4cf1e2ae22d2) -article for additional information. diff --git a/docs/accessanalyzer/12.0/configuration/sharepoint/overview.md b/docs/accessanalyzer/12.0/configuration/sharepoint/overview.md deleted file mode 100644 index 301af5d225..0000000000 --- a/docs/accessanalyzer/12.0/configuration/sharepoint/overview.md +++ /dev/null @@ -1,73 +0,0 @@ -# SharePoint Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (SPAA) and/or -Sensitive Data Discovery Auditing scans on SharePoint farms. The Netwrix Activity Monitor can be -configured to monitor activity on SharePoint farms and make the event data available for Access -Analyzer Activity Auditing (SPAC) scans. - -## Access & Sensitive Data Auditing Permissions - -- Permissions vary based on the Scan Mode selected and target environment. See the - [SharePoint Support](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/sharepoint.md) topic for - additional information. - -See the [SharePoint Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/sharepoint/access.md) topic for -instructions. - -## Access & Sensitive Data Auditing Port Requirements - -- Ports vary based on the Scan Mode selected and target environment. See the - [SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) - topic for additional information. - -## Activity Auditing Permissions - -Requirements to Deploy the Activity Agent on the “Central Administration” SharePoint Server - -The Netwrix Activity Monitor must have an Activity Agent deployed on one instance of a SharePoint -Application server that hosts the “Central Administration” component. While actively monitoring, the -Activity Agent generates activity log files stored on the server. The credential used to deploy the -Activity Agent must have the following permissions on the proxy server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -SharePoint Requirements - -See the [SharePoint On-Premise Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/sharepoint/activity.md) topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/configuration/windows-file/access.md b/docs/accessanalyzer/12.0/configuration/windows-file/access.md deleted file mode 100644 index a852940a23..0000000000 --- a/docs/accessanalyzer/12.0/configuration/windows-file/access.md +++ /dev/null @@ -1,131 +0,0 @@ -# Windows File Server Access & Sensitive Data Auditing Configuration - -Permissions required for Access Analyzer to execute Access Auditing (SPAA) and/or Sensitive Data -Discovery Auditing scans on a Windows file server are dependent upon the Scan Mode Option selected. -See the -[File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) topic -for additional information. - -However, additional considerations are needed when targeting a Windows File System Clusters or DFS -Namespaces. - -## Windows File System Clusters - -The permissions necessary to collect file system data from a Windows File System Cluster must be set -for all nodes that comprise the cluster. - -**NOTE:** It is necessary to target the Windows File Server Cluster (name of the cluster) of -interest when running a File System scan against a Windows File System Cluster. - -Configure credentials on all cluster nodes according to the Windows Operating Systems required -permissions for the desired scan mode with these additional considerations: - -- For - [Applet Mode](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md#applet-mode) - and - [Proxy Mode with Applet](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md#proxy-mode-with-applet): - - - Applet will be deployed to each node - - Credential used in the Connection Profile must have rights to deploy the applet to each node - -- For - [Proxy Mode as a Service](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md#proxy-mode-as-a-service): - - - Proxy Service must be installed on each node - - For Sensitive Data Discovery Auditing scans, the Sensitive Data Discovery Add-on must be - installed on each node - -Additionally, the credential used within the Connection Profile must have rights to remotely access -the registry on each individual cluster node. - -_Remember,_ Remote Registry Service must be enabled on all nodes that comprise the cluster. -Configure the credential(s) with the following rights on all nodes: - -- Group membership in the local Administrators group -- Granted the “Log on as a batch” privilege - -Host List Consideration - -It is necessary to target the Windows File Server Cluster (name of the cluster) of interest when -running a File System scan against a Windows File System Cluster. Within the Master Host Table, -there should be a host entry for the cluster as well as for each node. Additionally, each of these -host entries must have the name of the cluster in the `WinCluster` column in the host inventory -data. This may need to be updated manually. - -See the View/Edit section of the -[Host Management Activities](/docs/accessanalyzer/12.0/host-management/actions/overview.md) topic -for additional information on host inventory. - -- For FSAA and SDD scans, configure a custom host list to target the cluster's Role Server. -- For FSAC scans, configure a custom host list to target the Windows File Server Cluster. - -The host targeted by the File System scans is only the host entry for the cluster. For example: - -The environment has a Windows File System Cluster named `ExampleCluster1` with three nodes named -`ExampleNodeA`, `ExampleNodeB`, and `ExampleNodeC`. There would be four host entries in the -StealthAUDIT Master Host Table: `ExampleCluster1`, `ExampleNodeA`, `ExampleNodeB`, and -`ExampleNodeC`. Each of these four entries would have the same value of the cluster name in the -`WinCluster` column: `ExampleCluster1`. Only the `ExampleCluster1` host would be in the host list -targeted by the File System scans. - -Sensitive Data Discovery Scans - -For Sensitive Data Discovery Auditing scans on a Windows File System Cluster it is necessary for the -credential to also have Group membership in both of the following local groups for all nodes which -comprise the cluster: - -- Power Users -- Backup Operators - -Activity Auditing Scans - -The Netwrix Activity Monitor must deploy an Activity Agent on all nodes that comprise the Windows -File System Cluster. The Activity Agent generates activity log files stored on each node. Access -Analyzer targets the Windows File Server Cluster (name of the cluster) of interest in order to read -the activity. See the [Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/windows-file/activity.md) topic for -additional information. - -The credential used Access Analyzer to read the activity log files must have: - -- Membership in the local Administrators group - -The FileSystemAccess Data Collector needs to be specially configured to run the -[1-FSAC System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac-system-scans.md) -against a Windows File System Cluster. On the -[FSAA: Activity Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/activity-settings.md), -configure the Host Mapping option. This provides a method for mapping between the target host and -the hosts where activity logs reside. However, this feature requires **advanced SQL scripting -knowledge** to build the query. - -Membership in the local Administrators group - -### Least Privilege Permission Model for Windows Cluster - -If a least privilege model is required by the organization, then the credential must have READ -access on the following registry keys: - -- `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SBTLogging\Parameters` -- `HKEY_LOCAL_MACHINE\Cluster\Nodes` - -Additionally, the credential must have READ access to the path where the activity log files are -located. - -## DFS Namespaces - -The FileSystem > 0.Collection > 0-FSDFS System Scans Job is configured by default to target the -default domain controller for the domain in which Access Analyzer resides. This is the appropriate -target host for this job when targeting a domain-based namespace. To target a standalone namespace -or multiple namespaces, create a custom host list of the server(s) hosting the namespace(s). Then -assign the custom host list to the 0-FSDFS System Scans Job. No additional host list is require for -the FileSystem > 0.Collection Job Group unless additional file servers are also being targeted. - -DFS as Part of a Windows Cluster Consideration - -If the DFS hosting server is part of a Windows Cluster, then the Windows File System Clusters -requirements must be included with the credential. - -DFS and Activity Auditing Consideration - -For activity monitoring, the Netwrix Activity Monitor must have a deployed Activity Agent on all DFS -servers identified by the 0-FSDFS System Scans Job and populated into the dynamic host list. See the -[Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/windows-file/activity.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/configuration/windows-file/overview.md b/docs/accessanalyzer/12.0/configuration/windows-file/overview.md deleted file mode 100644 index baf1eeb3bb..0000000000 --- a/docs/accessanalyzer/12.0/configuration/windows-file/overview.md +++ /dev/null @@ -1,85 +0,0 @@ -# Windows File Server Target Requirements - -Netwrix Access Analyzer (formerly Enterprise Auditor) can execute Access Auditing (FSAA) and/or -Sensitive Data Discovery Auditing scans on Windows file servers. The Netwrix Activity Monitor can be -configured to monitor activity on Windows file servers and make the event data available for Access -Analyzer Activity Auditing (FSAC) scans. - -## Access & Sensitive Data Auditing Permissions - -- Permissions vary based on the Scan Mode Option selected. See the - [File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) - topic for additional information. - -Windows File System Cluster Requirements - -See the [Windows File Server Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/windows-file/access.md) topic for -instructions. - -Windows File System DFS Namespaces Requirements - -See the [Windows File Server Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/windows-file/access.md) topic for -instructions. - -## Access & Sensitive Data Auditing Port Requirements - -The firewall ports required by Access Analyzer for Access Auditing (FSAA) and/or Sensitive Data -Discovery Auditing scans are based on the File System scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -topic for additional information. - -## Activity Auditing Permissions - -Requirements to Deploy the Activity Agent on the Windows File Server - -The Netwrix Activity Monitor must have an Activity Agent deployed on the Windows file server to be -monitored. While actively monitoring, the Activity Agent generates activity log files stored on the -server. The credential used to deploy the Activity Agent must have the following permissions on the -server: - -- Membership in the local Administrators group -- READ and WRITE access to the archive location for Archiving feature only - -It is also necessary to enable the Remote Registry Service on the Activity Agent server. - -For integration between the Activity Monitor and Access Analyzer, the credential used by Access -Analyzer to read the activity log files must have also have this permission. - -Windows File System Cluster Requirements - -See the [Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/windows-file/activity.md) topic for instructions. - -Windows File System DFS Namespaces Requirements - -See the [Windows File Server Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/windows-file/activity.md) topic for instructions. - -Activity Monitor Archive Location - -If the activity log files are being archived, configurable within the Netwrix Activity Monitor -Console, then the credential used by Access Analyzer to read the activity log files must also have -READ and WRITE permissions on the archive location. - -## Activity Auditing Port Requirements - -Firewall settings depend on the type of environment being targeted. The following firewall settings -are required for communication between the Agent server and the Netwrix Activity Monitor Console: - -| Communication Direction | Protocol | Ports | Description | -| -------------------------------- | -------- | ----- | ------------------- | -| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | - -The Windows firewall rules need to be configured on the Windows server, which require certain -inbound rules be created if the scans are running in applet mode. These scans operate over a default -port range, which cannot be specified via an inbound rule. For more information, see the Microsoft -[Connecting to WMI on a Remote Computer]() -article. - -Additional Firewall Rules for Integration between Access Analyzer and Activity Monitor - -Firewall settings are dependent upon the type of environment being targeted. The following firewall -settings are required for communication between the agent server and the Access Analyzer Console: - -| Communication Direction | Protocol | Ports | Description | -| ------------------------------- | -------- | ---------- | ------------------------------ | -| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | -| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/accessanalyzer/12.0/corrected_final_build.log b/docs/accessanalyzer/12.0/corrected_final_build.log deleted file mode 100644 index 60065a01d7..0000000000 --- a/docs/accessanalyzer/12.0/corrected_final_build.log +++ /dev/null @@ -1,1713 +0,0 @@ - -> netwrix-docs@0.1 build:single -> node scripts/build-single.js endpointpolicymanager - -Building single product: endpointpolicymanager -Using plugin ID: endpointpolicymanager -Starting build... -[INFO] [en] Creating an optimized production build... -[WARNING] Docusaurus site warnings: -- Your site is using the SWC js loader. You can safely remove the Babel config file at `babel.config.js`. -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/gettingstarted/basic-concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/clientmachines.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/gettingstarted/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/operational.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/gettingstarted/basic-concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/mac-support/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/devicemanager/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/feature-management/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/software-packages/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/networksecuritymanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/modes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/explorer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/helpertools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/foldershortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/addlink.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cachepreferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cacheengine.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/insertuserinfo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/cylance.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/onapplyscript.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/scriptlocation.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/powershellscripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows7tls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlannetwork.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlandropbox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/silentbrowserinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/shortcutpublicdesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/updateregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/resetsecurechannel.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/temperatureunit.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/bitlockerdeployment.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows10modifyscript.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/teamsminimized.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/vpnconnection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/eventlogtriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localaccountpassword.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/vpn.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/screensavers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/processesdetails.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/edgefirstlogon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localscheduledtask.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/virtualizedbrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/evaluateurls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/install/chromemanual.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/advancedblockingmessage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/forcebrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/securityzone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/suppresspopup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/install/removeagent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/useselectablebrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/browsermode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/shortcuticons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/commandlinearguments.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/edgelegacybrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacpromptsactivex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowsuniversalapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denymessages.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/preventedge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevateuwp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/msi.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/enforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applyondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesfromadmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/winget.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/printeruacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/microsoftrecommendations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denyselfelevate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/license.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/cloudinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/macjointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationpackage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/systemsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/eventscollector.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/collectdiagnostics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/usercontext.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/printerdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/drivemappings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/startservice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/passwords.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/delivercertificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installsequentially.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installuwp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/variables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/printers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/software-packages/winget.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/applypreferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/securitygroup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/emailoptout.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/windows11.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/mmcdisplay.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsserver2019.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidgroups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/onpremisecloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/folderredirection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/embedclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/thirdpartyadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/services.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/virtualdesktops.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/scenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/deliveryreports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/basis.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/types.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/userlimit.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/compliancereports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/shareacrossteam.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/difference.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/minimum.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/expire.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/trueup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/tool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/multiyear.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/domainmultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/collections/gpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/oemdefaultassociations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/smb.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/gettingstarted/basic-concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/itemleveltargeting/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/embedclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/slowinternet.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/onpremisecloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/browserrouter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/install/defaultbrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/securitysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/prompts/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/processorderprecedence.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/navigation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/exportcollections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/cortana.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/eventcollection/report.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/reference/index.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/reports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mddevice/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mddevice/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docusaurus found broken links! - -Please check the pages of your site in the list below, and make sure you don't reference any path that does not exist. -Note: it's possible to ignore broken links with the 'onBrokenLinks' Docusaurus configuration, and let the build pass. - -It looks like some of the broken links we found appear in many pages of your site. -Maybe those broken links appear on all pages through your site layout? -We recommend that you check your theme configuration for such links (particularly, theme navbar and footer). -Frequent broken links are linking to: -- /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md - -Exhaustive list of all broken links found: -- Broken link on source page path = /adminstrativetemplates/existinggpos: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/exportgpos.md -- Broken link on source page path = /adminstrativetemplates/export: - -> linking to /docs/endpointpolicymanager/video/index.mdadministrativetemplates/deployinternet.md -- Broken link on source page path = /adminstrativetemplates/gettoknow/computerside: - -> linking to /docs/endpointpolicymanager/video/index.mdadministrativetemplates/switchedpolicies.md -- Broken link on source page path = /adminstrativetemplates/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdadministrativetemplates/collections.md -- Broken link on source page path = /applicationsettings/appsetfiles/findfixgpos: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/appsetfiles/gpotouchutility: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/touchutility.md -- Broken link on source page path = /applicationsettings/appsetfiles/storage/central: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/appsetfiles/versioncontrol: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/centralstore: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/centralstorework.md -- Broken link on source page path = /applicationsettings/designstudio/navigation/tab/propertiesproject: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/itemleveltargeting.md -- Broken link on source page path = /applicationsettings/designstudio/quickstart/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/firstpak.md -- Broken link on source page path = /applicationsettings/designstudio/regimporteruitility: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/designstudio/importregistry.md -- Broken link on source page path = /applicationsettings/modes/acllockdown: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/acllockdown.md -- Broken link on source page path = /applicationsettings/modes/settingsdeliveryreinforcementoptions: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/superpowers.md -- Broken link on source page path = /applicationsettings/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/managers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/pak.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorecreate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstoreupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/quickrundown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/manualupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllorphans.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllreconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/touchutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargetingbypass.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acllockdown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/variables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/proxysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/trustedappsets.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/ieproxyserver.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/certificatesevil.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/invincea.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxplugins.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevert.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevertfix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/oraclejava.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxabout.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromebookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/paksbig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firstpak.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/importregistry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/addelements.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/foxitprinter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firefox_plugins.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/sealapproval.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo2.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xenapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xendesktop.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/rds.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/specops.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/vmware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/dedicated.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/localmode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinappworkspace.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/appv.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/xenapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/uev.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/thinapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/symantec.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/spoonnovell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/applicationsettings/chrome.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/connectionstab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/contenttab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/generaltab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/privacytab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/programstab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/securitytab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/favorites.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/clearbrowsing.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/bookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/defaultsearch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/popups.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extensions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extratabs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/removeelements.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/miscsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/adobe.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/addons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarksmodify.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/lockdown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/jre.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/securityslider.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/passwordsecure.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/teams.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acrobat.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/flashplayer.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/irfanview.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/office.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/skype.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/chrome/certificates: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/certificates.md -- Broken link on source page path = /applicationsettings/preconfigured/chrome/proxysettings: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/connectionstab.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/addons: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/addons.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/addons/forceinstallation: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/extensions.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/javathunderbird: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/preferences: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/firefox/removeelements.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/addons: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/programstab.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/certificates: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/certificates.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/tab/programs: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/programstab.md -- Broken link on source page path = /applicationsettings/preconfigured/itemleveltargeting/bypassinternal: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /applicationsettings/preconfigured/quickstart/specialnotes: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/windowsremoteassistance: - -> linking to /docs/endpointpolicymanager/video/index.mdscriptstriggers/gettingstarted/cloud.md -- Broken link on source page path = /browserrouter/defaultbrowser/defined: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/defaultwindows10.md -- Broken link on source page path = /browserrouter/defaultbrowser/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md -- Broken link on source page path = /browserrouter/editpolicytemplate/browsermode: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/ieedgemode.md -- Broken link on source page path = /browserrouter/internetexplorer/convertxmls: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/iesitelists.md -- Broken link on source page path = /browserrouter/internetexplorer/edgemod: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/internetexplorer/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/iesitelists.md -- Broken link on source page path = /browserrouter/internetexplorer/specialtypes: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/navigation: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/processorderprecedence.md -- Broken link on source page path = /browserrouter/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/citrix.md -- Broken link on source page path = /browserrouter/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/install/chromemanual.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/advancedblockingmessage.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/forcebrowser.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/securityzone.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/suppresspopup.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/install/removeagent.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/useselectablebrowser.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/browsermode.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/shortcuticons.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/commandlinearguments.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/edgelegacybrowser.md -- Broken link on source page path = /browserrouter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgesupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/blockwebsites.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgespecial.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/userselecteddefault.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/citrix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/custombrowsers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chromenondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieforce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/firefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chrome.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edge.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/browsericon.md -- Broken link on source page path = /browserrouter/policy/block: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/blockwebsites.md -- Broken link on source page path = /browserrouter/policy/custom: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/custombrowsers.md -- Broken link on source page path = /browserrouter/ports: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/ports.md -- Broken link on source page path = /browserrouter/shortcuticons: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/browsericon.md -- Broken link on source page path = /browserrouter/useselectablebrowser: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md -- Broken link on source page path = /cloud/adduser: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/add/administrator.md -- Broken link on source page path = /cloud/eventcollection/report: - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- Broken link on source page path = /cloud/groups: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md -- Broken link on source page path = /cloud/interface/companydetails/companyadministrators/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/security/immutablelog.md -- Broken link on source page path = /cloud/interface/companydetails/configureentraidaccess: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/integration/entraid.md -- Broken link on source page path = /cloud/interface/companydetails/customerlog: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/emaillogs.md -- Broken link on source page path = /cloud/interface/companydetails/downloads: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /cloud/interface/companydetails/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/features.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/registrationmode.md -- Broken link on source page path = /cloud/interface/computergroups/workingwith: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /cloud/interface/filebox: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /cloud/interface/reports: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/reports.md -- Broken link on source page path = /cloud/interface/tools: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/mdm.md -- Broken link on source page path = /cloud/interface/xmldatafiles/createpolicy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/preferences.md -- Broken link on source page path = /cloud/interface/xmldatafiles/importpolicies: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/import.md -- Broken link on source page path = /cloud/interface/xmldatafiles/upload: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /cloud/licensing/otherpolicydeliverymechanisms: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/integration/onpremise.md -- Broken link on source page path = /cloud/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.md -- Broken link on source page path = /cloud/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/preferences.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/features.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/emaillogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/add/administrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/install/leastprivilegemanagerrule.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/entraid.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/fileinfoviewer.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/registrationmode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md -- Broken link on source page path = /cloud/security/datasafety: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- Broken link on source page path = /cloud/security/publickeypoliciessettings: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/deploy/grouppolicysettings.md -- Broken link on source page path = /cloud/testlab: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md -- Broken link on source page path = /cloud/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md -- Broken link on source page path = /device/devicemanager/devicemanagerpolicies: - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/serialnumber.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md -- Broken link on source page path = /device/devicemanager/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdrive.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/cloud.md -- Broken link on source page path = /device/devicemanager/rules: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mddevice/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mddevice/enduser.md -- Broken link on source page path = /device/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/serialnumber.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/usbdrive.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md -- Broken link on source page path = /device/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdrive.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowvendor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/serialnumber.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/enduser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmhelpertool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/mdm.md -- Broken link on source page path = /editions/policies: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/componentlicense.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md -- Broken link on source page path = /editions/solutions: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md -- Broken link on source page path = /feature/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/itemleveltargeting/overview.md -- Broken link on source page path = /feature/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/windows.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/windowsservers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/mdm.md -- Broken link on source page path = /fileassociations/applymode: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/applyonce.md -- Broken link on source page path = /fileassociations/collections/preconfigured: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/preconfiguredadvice.md -- Broken link on source page path = /fileassociations/helperutility: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/helperapplication.md -- Broken link on source page path = /fileassociations/insouts/advantages: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/firstlogin.md -- Broken link on source page path = /fileassociations/itemleveltargeting/exportcollection: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /fileassociations/mapextensions: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/cloud.md -- Broken link on source page path = /fileassociations/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/collections/gpos.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/oemdefaultassociations.md -- Broken link on source page path = /fileassociations/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/universalwindowsapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/wizard.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/preconfiguredadvice.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloudusage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/adobereader.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mailto.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10modify.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helpertool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/firstlogin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helperapplication.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/acroreader.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10questions.md -- Broken link on source page path = /fileassociations/productwizard: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/wizard.md -- Broken link on source page path = /gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /gettingstarted/fastest: - -> linking to /docs/endpointpolicymanager/reference/index.md -- Broken link on source page path = /gettingstarted/history: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md -- Broken link on source page path = /gettingstarted/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/applypreferences.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/securitygroup.md - -> linking to /docs/endpointpolicymanager/troubleshooting/emailoptout.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windows11.md - -> linking to /docs/endpointpolicymanager/troubleshooting/mmcdisplay.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windowsserver2019.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidgroups.md - -> linking to /docs/endpointpolicymanager/troubleshooting/onpremisecloud.md - -> linking to /docs/endpointpolicymanager/troubleshooting/folderredirection.md - -> linking to /docs/endpointpolicymanager/troubleshooting/embedclient.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md - -> linking to /docs/endpointpolicymanager/troubleshooting/thirdpartyadvice.md - -> linking to /docs/endpointpolicymanager/troubleshooting/services.md - -> linking to /docs/endpointpolicymanager/troubleshooting/eventlogs.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/virtualdesktops.md - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windowsendpoint.md -- Broken link on source page path = /gettingstarted/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/freetraining.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/sidexporter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/arm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/processmonitor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/gpobackup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/admx.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditordemo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateinstall.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateapplication.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/startscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/applicationsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/admintemplatemanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/browserrouter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/tour.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/leastprivilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/appmasking.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/profiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/startmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserdefault.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/broswerright.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserconfiguration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/elevatingapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/browserright.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/startscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/applicationsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /gettingstarted/prepare: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md -- Broken link on source page path = /gettingstarted/quickstart/cloud: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /gettingstarted/quickstart/grouppolicy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdgrouppolicy/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /gettingstarted/quickstart/mdm: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/testsample.md -- Broken link on source page path = /gettingstarted/quickstart/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdgettingstarted/freetraining.md -- Broken link on source page path = /gettingstarted/quickstart/overviewinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/explained.md -- Broken link on source page path = /gettingstarted/quickstart/prepareendpoint: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/mdm.md -- Broken link on source page path = /gettingstarted/quickstart/preparemanagementstation: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/install.md -- Broken link on source page path = /gettingstarted/quickstart/specificcomponents: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/gettingstarted/overview.md -- Broken link on source page path = /gpoexport/delivercertificates: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/deploy/grouppolicysettings.md -- Broken link on source page path = /gpoexport/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/securitysettings.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/usercontext.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/componentlicense.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/settings.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/printerdeploy.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/drivemappings.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/startservice.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/passwords.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/delivercertificates.md -- Broken link on source page path = /gpoexport/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/realgposettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/cloudimport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/sccm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mergetool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/deployinternet.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/screensavers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateprinter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/drivemaps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateregistry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/shortcuts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/delivergpprefs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/cloudlocaluser.md -- Broken link on source page path = /grouppolicy/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cachepreferences.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cacheengine.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/insertuserinfo.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/pdqdeploy.md -- Broken link on source page path = /grouppolicy/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/itemleveltargeting/editmanual.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/flatlegacyview.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/mmcconsole.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/grouppolicy/remotedesktopconnection.md -- Broken link on source page path = /grouppolicycompliancereporter/deliveryreports: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/troubleshooting/onpremisecloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md -- Broken link on source page path = /grouppolicycompliancereporter/domainmultiple: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgpocompilancereporter/modepush.md -- Broken link on source page path = /grouppolicycompliancereporter/install: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/install.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/pull/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/modepull.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/push/install: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/securityenhanced.md -- Broken link on source page path = /grouppolicycompliancereporter/overview: - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/concepts.md -- Broken link on source page path = /grouppolicycompliancereporter/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/scenarios.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/deliveryreports.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/install.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/basis.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/types.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/userlimit.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/compliancereports.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/shareacrossteam.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/difference.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/trial.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/minimum.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/expire.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/trueup.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/tool.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/multiyear.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/domainmultiple.md -- Broken link on source page path = /grouppolicycompliancereporter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewtechnical.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modestandalone.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modeserver.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepull.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepush.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/securityenhanced.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/firewallports.md -- Broken link on source page path = /grouppolicycompliancereporter/prepare/licensing: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /install/adminconsole: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/shares.md -- Broken link on source page path = /install/cloud/client: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /install/cloud/clientremote: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/install/leastprivilegemanagerrule.md -- Broken link on source page path = /install/cloud/clientsilent: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md -- Broken link on source page path = /install/cloud/slowinternet: - -> linking to /docs/endpointpolicymanager/troubleshooting/embedclient.md -- Broken link on source page path = /install/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdinstall/autoupdate.md -- Broken link on source page path = /install/rings: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/rings/activedirectory: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/rings/cloud: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /install/upgrade/settings: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/touchutility.md -- Broken link on source page path = /install/upgrade/tips: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/backup.md -- Broken link on source page path = /integration/auditor/mmcsnapin: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdintegration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /integration/auditor/reports: - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- Broken link on source page path = /integration/azurevirutaldesktop: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/client: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/gui: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/together: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecureclient.md -- Broken link on source page path = /integration/privilegesecure/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/servicenow: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/longcodes.md -- Broken link on source page path = /integration/vdisolutions: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md -- Broken link on source page path = /javaenterpriserules/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/prompts/overview.md -- Broken link on source page path = /javaenterpriserules/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/exportcollections.md -- Broken link on source page path = /javaenterpriserules/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/wildcards.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/virtualizedbrowsers.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/evaluateurls.md -- Broken link on source page path = /javaenterpriserules/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/browserrouter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/block.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/oracledeploymentrulesets.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/versionsmultiple.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/sccm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/xmlsurgery.md -- Broken link on source page path = /javaenterpriserules/prompts/firefoxinternetexplorer: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/java/lockdown.md -- Broken link on source page path = /knowledgebase: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /leastprivilege/acltraverse: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md -- Broken link on source page path = /leastprivilege/adminapproval/avoidpopups: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/enforce.md -- Broken link on source page path = /leastprivilege/adminapproval/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/demo.md -- Broken link on source page path = /leastprivilege/adminapproval/useemail: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/adminapproval/email.md -- Broken link on source page path = /leastprivilege/bestpractices/childprocesses: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securitychildprocesses.md -- Broken link on source page path = /leastprivilege/bestpractices/dontelevate: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/opensavedialogs.md -- Broken link on source page path = /leastprivilege/bestpractices/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md -- Broken link on source page path = /leastprivilege/bestpractices/rules/commandline: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/preventusercommands.md -- Broken link on source page path = /leastprivilege/bestpractices/rules/executablecombo: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/securitycomborules.md -- Broken link on source page path = /leastprivilege/brandcustomize: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/branding.md -- Broken link on source page path = /leastprivilege/deny/standard: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/applicationcontrol.md -- Broken link on source page path = /leastprivilege/deny/windowsuniversal: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/windowsuniversalapplications.md -- Broken link on source page path = /leastprivilege/digitalsignature: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/securitycomborules.md -- Broken link on source page path = /leastprivilege/elevate/activexitems: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/uacpromptsactivex.md -- Broken link on source page path = /leastprivilege/elevate/applicationextension: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md -- Broken link on source page path = /leastprivilege/elevate/com_cslidclass: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/comsupport.md -- Broken link on source page path = /leastprivilege/elevate/executables: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/localadminrights.md -- Broken link on source page path = /leastprivilege/elevate/installers: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /leastprivilege/elevate/installfonts: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/installfonts.md -- Broken link on source page path = /leastprivilege/elevate/javajarfiles: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md -- Broken link on source page path = /leastprivilege/elevate/printerdriverinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/elevate/scripts: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md -- Broken link on source page path = /leastprivilege/events/createpolicy/audit: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/globalauditevent.md -- Broken link on source page path = /leastprivilege/events/createpolicy/cloud: - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- Broken link on source page path = /leastprivilege/events/operational: - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- Broken link on source page path = /leastprivilege/events/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/troubleshooting/eventlogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/cloudevents.md -- Broken link on source page path = /leastprivilege/export: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mdm.md -- Broken link on source page path = /leastprivilege/itemleveltargeting: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/userfilter.md -- Broken link on source page path = /leastprivilege/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md -- Broken link on source page path = /leastprivilege/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/userfilter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacpromptsactivex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/scripts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/installfonts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowsuniversalapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securitycomborules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denymessages.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/preventedge.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevateuwp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/msi.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/enforce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/email.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applyondemand.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securecopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesfromadmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/winget.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/printeruacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/microsoftrecommendations.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denyselfelevate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecure.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/license.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/cloudinstall.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/macjointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationpackage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/systemsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/eventscollector.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/adminapproval.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmounpart2.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/finder.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/collectdiagnostics.md -- Broken link on source page path = /leastprivilege/policyeditor/scope: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/pplpmimplementationguide: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/troubleshooting/eventlogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md -- Broken link on source page path = /leastprivilege/preconfiguredxmls: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/preferences: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/removelocaladmin.md -- Broken link on source page path = /leastprivilege/reauthentication: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md -- Broken link on source page path = /leastprivilege/rules/apply/ondemand: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/applyondemand.md -- Broken link on source page path = /leastprivilege/rules/apply/selfelevation: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/selfelevatemode.md -- Broken link on source page path = /leastprivilege/rules/customizedtoken: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/runasadmin: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md -- Broken link on source page path = /leastprivilege/scopefilters/blockadmins: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/appblock.md -- Broken link on source page path = /leastprivilege/scopefilters/blockapp: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/powershellblock.md -- Broken link on source page path = /leastprivilege/scopefilters/elevateserviceaccount: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/scopefilters/enhancedsecurerun: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md -- Broken link on source page path = /leastprivilege/securecopy: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/securecopy.md -- Broken link on source page path = /leastprivilege/securerun/bestpractices: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md -- Broken link on source page path = /leastprivilege/securerun/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md -- Broken link on source page path = /leastprivilege/securerun/setup: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/tool/helper/elevate: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/helperdesktopshortcut.md -- Broken link on source page path = /leastprivilege/tool/helper/uacprompts: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/uacprompts.md -- Broken link on source page path = /leastprivilege/tool/rulesgenerator/automatic: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/wildcards: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/wildcards.md -- Broken link on source page path = /license/activedirectory/domainmultiple: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /license/activedirectory/domainou: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md -- Broken link on source page path = /license/activedirectory/gpoedit: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md -- Broken link on source page path = /license/editpolicies: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /license/mdm/hybrid: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /license/mdm/intune: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/mdm.md -- Broken link on source page path = /license/mdm/setup: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/licenserequestkey.md -- Broken link on source page path = /license/mdm/tool: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/mdm.md -- Broken link on source page path = /license/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/upgrades.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/legacy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/cleanup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/mdm.md -- Broken link on source page path = /license/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /license/trial: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /license/unlicense/componentscloud: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /license/unlicense/fileold: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/cleanup.md -- Broken link on source page path = /license/unlicense/forceddisabled: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /license/whenwhy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md -- Broken link on source page path = /licensing: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md -- Broken link on source page path = /mac/applicationlaunch: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/launchcontrol: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/applicationlaunch.md -- Broken link on source page path = /mac/scenarios/macfinder: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/finder.md -- Broken link on source page path = /mac/scenarios/macprivhelper: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/mountunmount: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/mountunmounpart2.md -- Broken link on source page path = /mac/scenarios/packageinstallation: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/applicationpackage.md -- Broken link on source page path = /mac/scenarios/sudo: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/wildcards.md -- Broken link on source page path = /mac/scenarios/systemsettings: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/systemsettings.md -- Broken link on source page path = /manuals: - -> linking to /docs/endpointpolicymanager/gettingstarted/basic-concepts.md - -> linking to /docs/endpointpolicymanager/platform-specific/mac-support/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/devicemanager/overview.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/overview.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/overview.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/feature-management/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/overview.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/overview.md - -> linking to /docs/endpointpolicymanager/deployment-methods/software-packages/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/networksecuritymanager.md -- Broken link on source page path = /mdm/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /mdm/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md -- Broken link on source page path = /mdm/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/mobileiron.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/workspaceone.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/citrixendpointmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/admintemplates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraid.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupmembership.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupdetermine.md -- Broken link on source page path = /mdm/service/microsoftintune: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/microsoftintune.md -- Broken link on source page path = /mdm/service/mobileiron: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/mobileiron.md -- Broken link on source page path = /mdm/service/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md -- Broken link on source page path = /mdm/service/vmwareworkspaceone: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/workspaceone.md -- Broken link on source page path = /mdm/stackmsi: - -> linking to /docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md -- Broken link on source page path = /mdm/xmldatafiles/browserrouter: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/overview.md -- Broken link on source page path = /mdm/xmldatafiles/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/exporterutility.md -- Broken link on source page path = /mdm/xmldatafiles/preferences: - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md -- Broken link on source page path = /mdm/xmldatafiles/securitysettings: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md -- Broken link on source page path = /preferences/componentlicense: - -> linking to /docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md -- Broken link on source page path = /preferences/overview: - -> linking to /docs/endpointpolicymanager/policy-management/preferences/settings.md -- Broken link on source page path = /remotedesktopprotocol/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdremotedesktopprotocol/vdiscenarios.md -- Broken link on source page path = /remoteworkdelivery/advanced/standard/recursion: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/masscopy.md -- Broken link on source page path = /remoteworkdelivery/cloudmdm: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/mdm.md -- Broken link on source page path = /remoteworkdelivery/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /remoteworkdelivery/gettingstarted/policiesweb: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/webbasedshares.md -- Broken link on source page path = /remoteworkdelivery/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/smb.md - -> linking to /docs/endpointpolicymanager/gettingstarted/basic-concepts.md -- Broken link on source page path = /remoteworkdelivery/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installsequentially.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installuwp.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/variables.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/printers.md -- Broken link on source page path = /remoteworkdelivery/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/smb.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/webbasedshares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/masscopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/patching.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/localfilecopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/azureblobstorage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /scriptstriggers/gettoknow/usage: - -> linking to /docs/endpointpolicymanager/video/index.mdscriptstriggers/mapdrivetriggers.md -- Broken link on source page path = /scriptstriggers/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdscriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdscriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /scriptstriggers/networksecuritymanager: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md -- Broken link on source page path = /scriptstriggers/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdscriptstriggers/gettingstarted/onpremise.md -- Broken link on source page path = /scriptstriggers/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/cylance.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/onapplyscript.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/scriptlocation.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/powershellscripts.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows7tls.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlannetwork.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlandropbox.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/silentbrowserinstall.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/shortcutpublicdesktop.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/powershell.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/updateregistry.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/resetsecurechannel.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/temperatureunit.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/bitlockerdeployment.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows10modifyscript.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/teamsminimized.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/vpnconnection.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/eventlogtriggers.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localaccountpassword.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/vpn.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/screensavers.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/processesdetails.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/edgefirstlogon.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localscheduledtask.md -- Broken link on source page path = /scriptstriggers/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/chocolaty.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/windows10prolockscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/customdefaultfileassociations.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/unwantedapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/bitlocker.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/x509certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printersetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/auditpol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/lockunlocksession.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/shutdownscripts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/vpnconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/anyconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/pdqdeploy.md -- Broken link on source page path = /softwarepackage/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdsoftwarepackage/appxmanager.md -- Broken link on source page path = /softwarepackage/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/deployment-methods/software-packages/winget.md -- Broken link on source page path = /softwarepackage/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/appxmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/removeapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/blockapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/deployapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/run.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/extrastool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/mdm.md -- Broken link on source page path = /startscreentaskbar/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdstartscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md -- Broken link on source page path = /startscreentaskbar/helpertools: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/toolssetup.md -- Broken link on source page path = /startscreentaskbar/helperutility: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/helperutility.md -- Broken link on source page path = /startscreentaskbar/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/modes.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/explorer.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/helpertools.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/foldershortcut.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/addlink.md -- Broken link on source page path = /startscreentaskbar/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/helperutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/windows10startmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/demotaskbar.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/linksie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/customicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/startscreentaskbar/revertstartmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdmitemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/citrix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/onetime.md -- Broken link on source page path = /startscreentaskbar/taskbar: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/demotaskbar.md -- Broken link on source page path = /tips/embedclient: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdinstall/autoupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md -- Broken link on source page path = /tips/eventlogs: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdscriptstriggers/cloud.md -- Broken link on source page path = /tips/folderredirection: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md -- Broken link on source page path = /tips/thirdpartyadvice: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/disable: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/someapplications: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/acllockdown.md -- Broken link on source page path = /troubleshooting/applicationsettings/appset/storage: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md -- Broken link on source page path = /troubleshooting/applicationsettings/backup/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md -- Broken link on source page path = /troubleshooting/applicationsettings/basicsteps: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/entrysettings: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/java/issue: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/reapplylaunchdisable: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/chrome/forceinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/default: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md -- Broken link on source page path = /troubleshooting/browserrouter/install/defaultbrowser: - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md -- Broken link on source page path = /troubleshooting/browserrouter/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/revertlegacy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /troubleshooting/changemanagementtools: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /troubleshooting/clientsideextension/uninstallpassword: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/cloud/grouppolicyeditors: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/reports.md -- Broken link on source page path = /troubleshooting/error/leastprivilege/serverbusy: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/opensavedialogs.md -- Broken link on source page path = /troubleshooting/fastsupport: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md -- Broken link on source page path = /troubleshooting/fileassociations/cortana: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md -- Broken link on source page path = /troubleshooting/fileassociations/legacy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /troubleshooting/grouppolicycompliancereporter/clientendpoint: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/firewallports.md -- Broken link on source page path = /troubleshooting/hangingprocess: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/processmonitor.md -- Broken link on source page path = /troubleshooting/javaenterpriserules/javaprompts: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/java/lockdown.md -- Broken link on source page path = /troubleshooting/leastprivilege/sage50: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/installapplications.md -- Broken link on source page path = /troubleshooting/license/enterprisefull: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /troubleshooting/license/expires: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/cleanup.md -- Broken link on source page path = /troubleshooting/license/graceperiod: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /troubleshooting/license/legacy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/legacy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /troubleshooting/nondomain/limitations: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/chromenondomainjoined.md -- Broken link on source page path = /troubleshooting/preferences/clientmachines: - -> linking to /docs/endpointpolicymanager/gettingstarted/basic-concepts.md -- Broken link on source page path = /troubleshooting/procmon: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/logs.md -- Broken link on source page path = /troubleshooting/restoredetails: - -> linking to /docs/endpointpolicymanager/video/index.mdgrouppolicy/integration.md -- Broken link on source page path = /troubleshooting/scriptstriggers/systemprocesses: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md -- Broken link on source page path = /troubleshooting/slowlogins: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/import.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/customicons: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/customicons.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/office365: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/helperutility.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/rollback: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/onetime.md -- Broken link on source page path = /video/applicationsettings/trustedappsets: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backupoptions.md -- Broken link on source page path = /video/fileassociations/acroreader: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/windows10.md -- Broken link on source page path = /video/networksecurity/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/domainnames.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md -- Broken link on source page path = /video/remotedesktopprotocol/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/vdiscenarios.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/itemleveltargeting.md -- Broken link on source page path = /video/startscreentaskbar/windows10startmenu: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/windows10.md - -[SUCCESS] Generated static files in "build". -[INFO] Use `npm run serve` command to test your build locally. -Build completed successfully! diff --git a/docs/accessanalyzer/12.0/data-collection/active-directory/category.md b/docs/accessanalyzer/12.0/data-collection/active-directory/category.md deleted file mode 100644 index 80d44f683b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/active-directory/category.md +++ /dev/null @@ -1,57 +0,0 @@ -# ActiveDirectory: Category - -The ActiveDirectory Data Collector Category page contains the following query categories, -sub-divided by auditing focus: - -![Active Directory Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The categories are: - -- Domains - - - Domains – Domains in an organization’s forest - - Trusted Domains – List of domains and their trust relationships - - FSMO Role Holders – FSMO Role Holders (Significant Domain Controllers) - - Domain Object Counts – Number of users and servers with each Domain - -- Directory Objects By Domain - - - Containers – Containers under given scope - - Organizational Units – Organizational units under given scope - - Computers – List of computer objects under scope - - Shared Folders – Shared folders under the scope - - Printers – Printer objects - - Users – All user objects under the scope - - Contacts – Contact objects - - Groups – Domain/global/universal distribution groups - -- Sites and Topology - - - Sites – List of AD sites - - Servers – Servers list - - Site Object Counts – Number of users and servers within each AD Site - -- Inter-site transports - - - Transports – Inter-site transports in AD - - SiteLinks – Connections between two sites - - SiteLinkBridges – Object for tracking transitively connected site links - -- DNS Services - - - Subnets – Known subnets list - - DNS Zones – DNS zone objects list - -- Directory Security - - - Extended Control Access Rights – Extended rights dump - - Security Principals – Well-known security principals from external sources - -- Directory Schema - - - Schema Attributes – Dumps all defined attributes in Active Directory - - Schema Classes – Dumps all defined classes in Active Directory - -- AD Replication - - - AD Replication Links – Active Directory replication links diff --git a/docs/accessanalyzer/12.0/data-collection/active-directory/directory-scope.md b/docs/accessanalyzer/12.0/data-collection/active-directory/directory-scope.md deleted file mode 100644 index 09bf280e4a..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/active-directory/directory-scope.md +++ /dev/null @@ -1,19 +0,0 @@ -# ActiveDirectory: Directory Scope - -The Directory Scope page provides configuration settings for the directory connection and the scope -for the query. It is a wizard page for the category of **Directory Objects by Domain**. - -![Active Directory Data Collector Wizard Directory Scope page](/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/directoryscope.webp) - -The Directory Scope page has the following options: - -- Connect to – Identifies the target domain - - - Default domain – Domain in which the Access Analyzer Console server resides - - This domain – Domain specified in the textbox - -- Connect – Connects to the target domain to provide a list of directories -- Add – Add an OU to the query scope -- Remove – Removes an OU from the query scope -- Scope – List of OUs to be scanned -- Sub tree – Sub-OUs included in the scan if checked diff --git a/docs/accessanalyzer/12.0/data-collection/active-directory/options.md b/docs/accessanalyzer/12.0/data-collection/active-directory/options.md deleted file mode 100644 index 944750afbd..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/active-directory/options.md +++ /dev/null @@ -1,24 +0,0 @@ -# ActiveDirectory: Options - -The Options page provides format options for returned data. It is a wizard page for all categories. - -![Active Directory Data Collector Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -- How to format collected results – Select from the following options: - - - Return data as collected - - Return data in a separate row for each property set in the following group - - - Select the group from the drop-down menu - - - Return each value of the following property in a separate row - - - Select the property from the drop-down menu - -- How to return multi-valued properties in one cell – Select from the following options: - - - Concatenated – All values are listed in one cell using the delimiter specified - - - Delimiter – Symbol used to separate values in the cell - - - First value only – Only the first value is listed in the cell diff --git a/docs/accessanalyzer/12.0/data-collection/active-directory/overview.md b/docs/accessanalyzer/12.0/data-collection/active-directory/overview.md deleted file mode 100644 index ac2216f0d4..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/active-directory/overview.md +++ /dev/null @@ -1,40 +0,0 @@ -# ActiveDirectory Data Collector - -The ActiveDirectory Data Collector audits objects published in Active Directory. It has been -preconfigured within the Active Directory Solution. Both this data collector and the solution are -available with a special Access Analyzer license. See the -[Active Directory Solution](/docs/accessanalyzer/12.0/solutions/active-directory/overview.md) topic for additional -information. - -Protocols - -- ADSI -- LDAP -- RPC - -Ports - -- TCP 389/636 -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Domain Administrators group - -## ActiveDirectory Query Configuration - -The ActiveDirectory Data Collector is configured through the Active Directory Data Collector Wizard, -which contains the following wizard pages: - -- Welcome -- [ActiveDirectory: Category](/docs/accessanalyzer/12.0/data-collection/active-directory/category.md) -- [ActiveDirectory: Directory Scope](/docs/accessanalyzer/12.0/data-collection/active-directory/directory-scope.md) -- [ActiveDirectory: Results](/docs/accessanalyzer/12.0/data-collection/active-directory/results.md) -- [ActiveDirectory: Options](/docs/accessanalyzer/12.0/data-collection/active-directory/options.md) -- [ActiveDirectory: Summary](/docs/accessanalyzer/12.0/data-collection/active-directory/summary.md) - -![Active Directory Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/active-directory/results.md b/docs/accessanalyzer/12.0/data-collection/active-directory/results.md deleted file mode 100644 index 91ff878f7e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/active-directory/results.md +++ /dev/null @@ -1,10 +0,0 @@ -# ActiveDirectory: Results - -The Results page is where Active Directory object properties to be gathered are selected. It is a -wizard page for all categories. - -![Active Directory Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Check all**, **Uncheck all**, and **Reset to -defaults** buttons can be used. All selected properties are gathered. Available properties vary -based on the category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/active-directory/summary.md b/docs/accessanalyzer/12.0/data-collection/active-directory/summary.md deleted file mode 100644 index 735dce29d9..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/active-directory/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# ActiveDirectory: Summary - -The Summary page displays a summary of the configured query. It wizard page for all categories. - -![Active Directory Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Data Collector Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-activity/category.md b/docs/accessanalyzer/12.0/data-collection/ad-activity/category.md deleted file mode 100644 index d093f94d35..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-activity/category.md +++ /dev/null @@ -1,13 +0,0 @@ -# ADActivity: Category - -Use the Category page to identify how activity data is retrieved or removed. - -![Active Directory Activity DC wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The ADActivity Data Collector Category page contains three query categories: - -- Import From SAM – Import activity from a Netwrix Activity Monitor archive -- Import From Share – Import activity from a network share -- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for - troubleshooting. When this option is selected, the next wizard page is the Summary page. See the - [Clear ADActivity Tables](/docs/accessanalyzer/12.0/data-collection/ad-activity/clear-tables.md) topic for more information. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-activity/clear-tables.md b/docs/accessanalyzer/12.0/data-collection/ad-activity/clear-tables.md deleted file mode 100644 index 85ebac6f7b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-activity/clear-tables.md +++ /dev/null @@ -1,22 +0,0 @@ -# Clear ADActivity Tables - -Sometimes when troubleshooting an ADActivity issue, it becomes necessary to clear the standard -reference tables. Follow the steps. - -**Step 1 –** Create a new job and assign a query using the ADActivity Data Collector. - -![Active Directory Activity DC wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/categoryremovetables.webp) - -**Step 2 –** In the Active Directory Activity DC Wizard on the Category page, select the **Remove -Tables** category task. - -![Active Directory Activity DC wizard Results page for Remove Tables category](/img/product_docs/accessanalyzer/admin/datacollector/adactivity/resultsremovetables.webp) - -**Step 3 –** Click **Next** to go to the Results page. Optionally, select the **Success** checkbox -to display a confirmation of successful removal in the results after the job is run. - -**Step 4 –** Click **Next** and then Click **Finish** to close the Active Directory Activity DC -Wizard. Click **OK** to close the Query Properties window. - -**CAUTION:** When the job is run, all of the ADActivity standard reference tables are removed from -the database. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-activity/connection.md b/docs/accessanalyzer/12.0/data-collection/ad-activity/connection.md deleted file mode 100644 index c362681c3e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-activity/connection.md +++ /dev/null @@ -1,30 +0,0 @@ -# ADActivity: SAM Connection - -The SAM connection page is where the port number is configured to send Active Directory data from -Netwrix Activity Monitor. It is a wizard page for the category of: - -- Import from SAM - -![Active Directory Activity DC wizard SAM connection settings page](/img/product_docs/activitymonitor/config/activedirectory/namconnection.webp) - -The following connection setting can be configured to connect to the Netwrix Activity Monitor -archive via an API Server: - -- Port – Enter the API server port. The default is 4494. -- Encrypt communication with target server (SSL) – Allows the Active Directory Activity Data - Collector to communicate with the SAM API Server over a secure channel - - - Ignore certificate errors? – Ignores untrusted certificate authority errors and allows the - scan to continue - -- Test SAM host – Enter the Activity Monitor API server name in a qualified domain name format. - Click Connect to test the connection. A successful result populates the section underneath with a - Refresh token. -- Exclude – Select archives to be ignored by the Active Directory Activity DC scan - - **CAUTION:** Save the Refresh token to a Text Editor for later use. The Refresh token resets - each time the Test SAM host option is connected to. It must be replaced in the Connection - profile if it is regenerated. - -- Refresh token – After generation, it must replace the old Access Token from the SAM API Server - configuration in the Connection Profiles required to connect to the API Server diff --git a/docs/accessanalyzer/12.0/data-collection/ad-activity/overview.md b/docs/accessanalyzer/12.0/data-collection/ad-activity/overview.md deleted file mode 100644 index 6213e9c0a1..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-activity/overview.md +++ /dev/null @@ -1,34 +0,0 @@ -# ADActivity Data Collector - -The ADActivity Data Collector integrates with the Netwrix Activity Monitor by reading the Active -Directory activity log files. It has been preconfigured within the Active Directory Solution. Both -this data collector and the solution are available with a special Access Analyzer license. See the -[Active Directory Solution](/docs/accessanalyzer/12.0/solutions/active-directory/overview.md) topic for additional -information. - -Protocols - -- HTTP -- RPC - -Ports - -- TCP 4494 (configurable within the Netwrix Activity Monitor) - -Permissions - -- Netwrix Activity Monitor API Access activity data -- Netwrix Activity Monitor API Read -- Read access to the Netwrix Activity Monitor Log Archive location - -## ADActivity Query Configuration - -The ADActivity Data Collector is configured through the Active Directory Activity DC wizard, which -contains the following wizard pages, which change based up on the query category selected: - -- [ADActivity: Category](/docs/accessanalyzer/12.0/data-collection/ad-activity/category.md) -- [ADActivity: SAM Connection](/docs/accessanalyzer/12.0/data-collection/ad-activity/connection.md) -- [ADActivity: Share](/docs/accessanalyzer/12.0/data-collection/ad-activity/share.md) -- [ADActivity: Scope](/docs/accessanalyzer/12.0/data-collection/ad-activity/scope.md) -- [ADActivity: Results](/docs/accessanalyzer/12.0/data-collection/ad-activity/results.md) -- [ADActivity: Summary](/docs/accessanalyzer/12.0/data-collection/ad-activity/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/ad-activity/results.md b/docs/accessanalyzer/12.0/data-collection/ad-activity/results.md deleted file mode 100644 index aa0d485419..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-activity/results.md +++ /dev/null @@ -1,9 +0,0 @@ -# ADActivity: Results - -The Results page is where the properties to be gathered are selected. It is a wizard page for all of -the categories. - -![Active Directory Activity DC wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Select All** and **Clear All** buttons can be used. -All selected properties are gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-activity/scope.md b/docs/accessanalyzer/12.0/data-collection/ad-activity/scope.md deleted file mode 100644 index 6b942b8895..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-activity/scope.md +++ /dev/null @@ -1,31 +0,0 @@ -# ADActivity: Scope - -Use the Scoping and Retention page to configure additional settings. This page is a wizard page for -the categories of: - -- Import From SAM -- Import From Share - -![Active Directory Activity DC wizard Scoping and Retention page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -The Timespan is defined according to the following two elements: - -- Relative Timespan – Number of days AD Activity is collected when the scan is run -- Absolute Timespan – Set the date range for the scan to collect AD Activity - - **_RECOMMENDED:_** The threshold should be set for after the Netwrix Activity Monitor collects - and archives its data but before they are deleted after a set retention period. - -The Retention section sets what event type is collected and how many days Access Analyzer keeps the -collected data in its SQL database. The table has the following columns: - -- Event Type – The event type that may be enabled for the scan. The event types are: - - - AD Change - - AD Replication - - Authentication - - LDAP - - Process Injection - -- Days to Store – Specify the number of days to store the collected data for the event type -- Enable Collection – When selected, the corresponding event type is collected diff --git a/docs/accessanalyzer/12.0/data-collection/ad-activity/share.md b/docs/accessanalyzer/12.0/data-collection/ad-activity/share.md deleted file mode 100644 index 0af9344acf..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-activity/share.md +++ /dev/null @@ -1,20 +0,0 @@ -# ADActivity: Share - -The Share page provides options for configuring share settings. It is a wizard page for the category -of: - -- Import from Share - -![Active Directory Activity DC wizard Share settings page](/img/product_docs/activitymonitor/config/activedirectory/share.webp) - -The following connection setting can be configured to connect to the AD activity archives that must -be located on a Domain Controller share: - -- UNC Path – Enter the path of the share that stores AD Activity from the AD Agent(s). The ellipsis - (**…**) opens a file explorer where the path can be navigated to and selected. - - - _Remember,_ all AD Agent logs must be archived to this location or the AD Activity data is not - queried by Access Analyzer - -- Include Sub-Directories – Select to include sub-directories on the targeted share. Use this option - if there are multiple archives in the same location. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-activity/summary.md b/docs/accessanalyzer/12.0/data-collection/ad-activity/summary.md deleted file mode 100644 index 670c71ed17..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-activity/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# ADActivity: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![Active Directory Activity DC wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Activity DC wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-inventory/category.md b/docs/accessanalyzer/12.0/data-collection/ad-inventory/category.md deleted file mode 100644 index db5976e3fe..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-inventory/category.md +++ /dev/null @@ -1,21 +0,0 @@ -# ADInventory: Category - -Use the category page to identify which Active Directory task to perform. - -![Active Directory Inventory DC Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The categories include the following tasks: - -- Scan Active Directory – Scans Active Directory objects and imports the information into SQL Server - database, creating the standard reference tables. This task is also responsible for maintaining - the schema for tables and views. This is the standard option for this data collector. -- Update SQL Indexes – Reorganizes or rebuilds indexes in the Access Analyzer SQL storage database. - When this option is selected, the next wizard page is the Results page. -- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for - troubleshooting. When this option is selected, the next wizard page is the Summary page. See the - [Clear ADInventory Tables](/docs/accessanalyzer/12.0/data-collection/ad-inventory/clear-tables.md) topic for more information. -- Drop Domain – Remove host domain related data from SQL server - -**NOTE:** The Scan Active Directory category is the pre-configured setting for the .Active Directory -Inventory Job Group. Therefore, accessing the Active Directory Inventory DC Wizard from the query -within that job group does not display the Category wizard page. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-inventory/clear-tables.md b/docs/accessanalyzer/12.0/data-collection/ad-inventory/clear-tables.md deleted file mode 100644 index 5174bd677d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-inventory/clear-tables.md +++ /dev/null @@ -1,25 +0,0 @@ -# Clear ADInventory Tables - -Sometimes when troubleshooting an ADInventory issue, it becomes necessary to clear the standard -reference tables. Follow the steps. - -**CAUTION:** Be careful when using this query task. It will result in the deletion of collected -data. - -**Step 1 –** Create a new job and assign a query using the **ADInventory** Data Collector. - -![Remove Tables task selected on Active Directory Inventory DC Wizard Category page ](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/categoryremovetables.webp) - -**Step 2 –** In the Active Directory Inventory DC Wizard on the Category page, select the **Remove -Tables** category task. - -**Step 3 –** Click **Next** and then **Finish** to close the Active Directory Inventory DC Wizard. -Click **OK** to close the Query Properties window. - -When the job is run, all of the ADInventory standard reference tables are removed from the database. - -**CAUTION:** Never leave the query task selected after job execution. Accidental data loss can -occur. - -_Remember,_ this job deletes data from the Access Analyzer database. Check the job has been -configured correctly prior to job execution. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-inventory/custom-attributes.md b/docs/accessanalyzer/12.0/data-collection/ad-inventory/custom-attributes.md deleted file mode 100644 index 3543b4531f..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-inventory/custom-attributes.md +++ /dev/null @@ -1,86 +0,0 @@ -# ADInventory: Custom Attributes - -The Custom Attributes page provides ability to add Active Directory attributes that are unique to -the environment or not collected by default to be gathered. It is a wizard page for the category of -Scan Active Directory. - -The [Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/standard-tables.md) topic -provides information on what is collected by default. Custom attributes added on this page are -stored in the **SA_ADInventory_ExtendedAttributes** table. - -![Active Directory Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributes.webp) - -The Custom Attribute is defined according to the following three elements: - -- Domain Filter – Short or fully qualified name -- Object Class – User, Group, or Computer -- Attribute Name – As listed within Active Directory - -Use the **Add**, **Edit**, and **Remove** buttons at the bottom of the window to configure the -custom attributes to be gathered by the scan. See the -[Manually Add Custom Attributes](#manually-add-custom-attributes) topic for additional information. - -The **Import** button opens the Custom Attributes Import Wizard. See the -[Custom Attributes Import Wizard](#custom-attributes-import-wizard) topic for additional -information. - -Microsoft Active Directory Schema is detailed in the Microsoft -[Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) -article. - -#### Manually Add Custom Attributes - -The **Add** and **Edit** buttons on the Custom Attributes page open the Custom Attribute window. -Follow the steps to manually add custom attributes. - -**Step 1 –** On the Custom Attributes page of the Active Directory Inventory DC Wizard, click -**Add**. The Custom Attribute window opens. - -![Custom Attribute window](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesadd.webp) - -**Step 2 –** Enter the **Domain Filter**. This can be entered either as the short domain name or the -fully qualified domain name. - -**Step 3 –** Select the checkbox for the desired **Object Class**. - -**Step 4 –** Enter the **Attribute Name** as it appears in Active Directory. - -**Step 5 –** Click **OK**. The Custom Attribute window closes and the specified attribute is added -in the Custom Attributes page. - -Repeat this process until all desired Custom Attributes have been included. - -#### Custom Attributes Import Wizard - -The Custom Attributes Import Wizard is used to import a list of custom attributes into the -ADInventory Data Collector configurations. Follow the steps to use the Custom Attributes Import -Wizard. - -**Step 1 –** On the Custom Attributes page of the Active Directory Inventory DC Wizard, click -**Import**. The Custom Attribute Import Wizard opens. - -![Custom Attributes Import Wizard Credentials page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesimportcredentials.webp) - -**Step 2 –** On the Credentials page, identify a domain either by entering one manually or selecting -one from the **Domain Name** drop-down menu which displays a list of domains trusted by the one in -which the Access Analyzer Console server resides. Then set the credentials for reading the -attributes list from the domain: - -- Authenticate as the logged in user – Applies the user account running Access Analyzer -- Use the following credentials to authenticate – Applies the account supplied in the **User Name** - and **Password** fields - -Click **Next** to continue. - -![Custom Attributes Import Wizard Attributes page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesimportattributes.webp) - -**Step 3 –** The wizard populates available attributes from the domain specified on the Attributes -page. Expand the desired object class and select the checkboxes for the custom attributes to be -imported. Then click **Next**. - -![Custom Attributes Import Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesimportsummary.webp) - -**Step 4 –** On the Summary page, click **Finish**. - -The selected attributes are added on the Custom Attributes page of the Active Directory Inventory DC -Wizard. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-inventory/domains.md b/docs/accessanalyzer/12.0/data-collection/ad-inventory/domains.md deleted file mode 100644 index 1fefae3033..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-inventory/domains.md +++ /dev/null @@ -1,8 +0,0 @@ -# ADInventory: Domains - -The Domains page removes host domain-related data from the SQL server for the selected domains. - -![Active Directory Inventory DC Wizard Domains page](/img/product_docs/activitymonitor/activitymonitor/install/agent/domains.webp) - -Select the checkbox next to a domain to remove host-related data from the SQL server for that -domain. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-inventory/index-update-options.md b/docs/accessanalyzer/12.0/data-collection/ad-inventory/index-update-options.md deleted file mode 100644 index 0951cfcf07..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-inventory/index-update-options.md +++ /dev/null @@ -1,22 +0,0 @@ -# ADInventory: Index Update Options - -Configure options for maintaining SQL Server indexes while running queries using the Index Update -Options page. - -![Active Directory Inventory DC Wizard Index Update Options page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/indexupdateoptions.webp) - -The options on the Index Update Options page are: - -- SQL Index Update Options: - - - Maximum Degree of Parallelism – Set the maximum limit of the Degree of Parallelism used for - the query. Default is **1**. - - Minimum Index Reorganization Threshold – Set the minimum index reorganization threshold that - is performed while running the query. Default is **5** percent. - - Minimum Index Rebuilding Threshold – Set the minimum index rebuilding threshold that is - performed while running the query. Default is **31** percent. - -- Select Data Collector Schemas– Select which schemas to maintain when running the query by - selecting them from the table. Enable a schema for indexing by selecting the checkbox next to it. - Right-click in the table to show options for **Check All**, **Clear All**, **Check All Selected - Items**, and **Clear All Selected Items**. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-inventory/options.md b/docs/accessanalyzer/12.0/data-collection/ad-inventory/options.md deleted file mode 100644 index 768d11cd84..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-inventory/options.md +++ /dev/null @@ -1,46 +0,0 @@ -# ADInventory: Options - -The Options page provides options for Active Directory data collection. It is a wizard page for the -category of Scan Active Directory. - -![Active Directory Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -The Options page has the following configuration options: - -- Encrypt communication with Active Directory (SSL) – Allows the ADInventory Data Collector to - communicate with Active Directory over a secure channel - - - Ignore certificate errors? (For testing only) – Ignores untrusted certificate authority errors - and allows the scan to continue. This option is for testing purposes only. - -- Collect SID History from domain migrations – During a domain migration, the new infrastructure is - created alongside the old infrastructure. The old account SID is typically added to the SID - history attribute for the new account. The option to collect SID history is made available within - the ADInventory Data Collector to assist resolving SIDs for domain migrations. -- Collect only updates since the last scan (recommended) – Default setting for differential - scanning. The updates collected are any changes to: group membership, attributes on user objects, - attributes on group objects, and so on. - - - Track changes into Change tracking tables – Records all changes since the last scan in - separate tables - - Limit Last Logon TimeStamp Changes – When selected, changes to the Last Logon TimeStamp - Attribute are not recorded - - **_RECOMMENDED:_** If tracking changes, use the Limit Last Logon TimeStamp Changes option. - - - Number of days you want to keep changes in the database – Use the arrow buttons or manually - enter a number to set the number of days to keep changes - - Target previously scanned domain controller – Collects updated information from the last - domain controller targeted to reduce the scan time. Below are some considerations: - - - If the last domain controller is unavailable, the targeted domain controller is the - specified domain controller from the host list. If using the domain name, it attempts to - find the last scanned domain controller. - - If that domain controller is determined to be unavailable, then it runs a full scan on the - next domain controller that responds. Then, it will scan the new domain controller for - changes going forward. - - Selecting the **Track changes into Change tracking tables** option enables the **Number of days - you want to keep changes in the database** box. This allows for changes in Active Directory to - be tracked. When change tracking is enabled, notification analysis tasks can be used to send - alerts. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md b/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md deleted file mode 100644 index 85d5fbfdfb..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md +++ /dev/null @@ -1,59 +0,0 @@ -# ADInventory Data Collector - -The extraction and correlation of user, group, and computer attributes drastically transforms the -meaning of data collected across the many systems and applications that are linked to Active -Directory. The ADInventory Data Collector is designed as a highly scalable and useful data -collection mechanism to catalogue user, group, and computer object information that can be used by -other solutions within Access Analyzer. - -The ADInventory Data Collector is a core component of Access Analyzer and has been preconfigured to -be used within the .Active Directory Inventory Solution. Both this data collector and the solution -are available with all Access Analyzer license options. See the -[.Active Directory Inventory Solution](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/overview.md) -topic for additional information. - -Protocols - -- LDAP - -Ports - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -## Functional Design of the ADInventory Data Collector - -The ADInventory Data Collector has been designed to update incrementally. Once it has run against a -domain controller, additional collections gather changes made since the last scan. This enables the -ADInventory Data Collector to function efficiently within large environments. Each time it is run -against different domain controllers, it restarts the cycle. - -## ADInventory Query Configuration - -The ADInventory Data Collector is configured through the Active Directory Inventory DC Wizard, which -contains the following wizard pages: - -- Welcome -- [ADInventory: Category](/docs/accessanalyzer/12.0/data-collection/ad-inventory/category.md) -- [ADInventory: Results](/docs/accessanalyzer/12.0/data-collection/ad-inventory/results.md) -- [ADInventory: Options](/docs/accessanalyzer/12.0/data-collection/ad-inventory/options.md) -- [ADInventory: Index Update Options](/docs/accessanalyzer/12.0/data-collection/ad-inventory/index-update-options.md) -- [ADInventory: Custom Attributes](/docs/accessanalyzer/12.0/data-collection/ad-inventory/custom-attributes.md) -- [ADInventory: Summary](/docs/accessanalyzer/12.0/data-collection/ad-inventory/summary.md) - -![Active Directory Inventory DC Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-inventory/results.md b/docs/accessanalyzer/12.0/data-collection/ad-inventory/results.md deleted file mode 100644 index 0895089818..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-inventory/results.md +++ /dev/null @@ -1,13 +0,0 @@ -# ADInventory: Results - -The Results page is where properties from Active Directory to be gathered are selected. It is a -wizard page for the category of Scan Active Directory. - -![Active Directory Inventory DC Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Select All** or **Clear All** buttons can be used. -All selected properties are gathered. - -This information is not available within the standard reference tables and views. Instead, this -information can be viewed in the SA_ADInventory_DEFAULT table, which is created when any of these -properties are selected. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-inventory/standard-tables.md b/docs/accessanalyzer/12.0/data-collection/ad-inventory/standard-tables.md deleted file mode 100644 index 38f3715a58..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-inventory/standard-tables.md +++ /dev/null @@ -1,59 +0,0 @@ -# Standard Reference Tables & Views for the ADInventory Data Collector - -The ADInventory Data Collector gathers essential user and group inventory information into standard -reference tables. Unlike other Access Analyzer data collectors, the ADInventory Data Collector -writes data to these tables regardless of the job executing the query. - -These tables and their associated views are outlined below: - -| Table | Details | AD Object Reference Article | -| ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | -| SA_ADInventory_AttributeChanges | Contains a list of principal identifiers and their corresponding attribute changes for each differential scan that is performed against a domain. | [Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) | -| SA_ADInventory_Computers | Contains extended information about computers, operating systems, service packs, etc. | [Computer class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-computer) | -| SA_ADInventory_DistinguishedNames | Contains every distinguished name collected from principals and group membership. | [Attribute distinguishedName](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-ada1/56da5a9b-485d-4d7c-a226-1a54a43d9013) | -| SA_ADInventory_Domains | Contains information about the domain such as its naming context and when it was last scanned. | [Domain class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-domain) | -| SA_ADInventory_EffectiveGroupMembers | Contains expanded group membership which includes a flattened representation of members. | | -| SA_ADInventory_Exceptions | Contains information about security issues and concerns. **NOTE:** See the [AD Exception Types Translated](#ad-exception-types-translated) topic for an explanation of Exception Types. | | -| SA_ADInventory_ExceptionTypes | Identifies how many instances of exceptions exist on the audited domain. **NOTE:** See the [AD Exception Types Translated](#ad-exception-types-translated) topic for an explanation of Exception Types. | | -| SA_ADInventory_Exchange | Contains information about the Exchange Server, each database and storage group, and the HomeMDB property. | [ms-Exch-Home-MDB Attribute]() | -| SA_ADInventory_ExtendedAttributes | Contains information gathered by the custom attributes component of the query configuration. | [Active Directory Schema](https://learn.microsoft.com/en-gb/windows/win32/adschema/active-directory-schema) | -| SA_ADInventory_GroupMemberChanges | Contains a list of group principal identifiers and their corresponding membership changes for each differential scan that is performed against a domain. | [Member attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-member) | -| SA_ADInventory_GroupMembers | Contains a map of groups to member distinguished names. | [Member attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-member) | -| SA_ADInventory_Groups | Contains extended information about groups, group type, managed by, etc. | [Group class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-group) | -| SA_ADInventory_ImportHistory | Contains a list of all imports performed against a particular domain along with when the import happened and the GUID of the domain controller that was scanned. | | -| SA_ADInventory_Principals | Contains common attributes for users, groups, and computers as well as references to their primary distinguished name and security identifiers. | [Security-Principal class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-securityprincipal) | -| SA_ADInventory_SecurityIdentifiers | Contains every SID collected from the principals, including historical identifiers. | [Security-Identifier attribute](https://learn.microsoft.com/en-gb/windows/win32/adschema/a-securityidentifier) | -| SA_ADInventory_Users | Contains extended information about users, department, title, etc. | [User class](https://learn.microsoft.com/en-gb/windows/win32/adschema/c-user) | - -Views are the recommended way for you to obtain the information gathered by the ADInventory Data -Collector. They contain additional information for building queries easily. - -The following is an explanation of the corresponding views created for some of the tables generated -by the ADInventory Data Collector: - -| Views | Details | -| ---------------------------------------- | ---------------------------------------------------------------------------------------- | -| SA_ADInventory_AttributeChangesView | Contains attribute change information | -| SA_ADInventory_ComputersView | Contains computer information | -| SA_ADInventory_EffectiveGroupMembersView | Contains effective group membership information | -| SA_ADInventory_ExceptionsView | Contains principals that are identified to have security concerns | -| SA_ADInventory_GroupMemberChangesView | Contains group membership change information | -| SA_ADInventory_GroupMembersView | Contains group membership information | -| SA_ADInventory_GroupsView | Contains group level information | -| SA_ADInventory_PrincipalsView | Contains common attributes from the principals table including additional domain details | -| SA_ADInventory_UsersView | Contains user information | - -### AD Exception Types Translated - -The following table translates the Type of Exceptions that can found. - -| Type | Exception | Description | -| ---- | -------------------- | ------------------------------------------------------------------------- | -| 1 | Large Groups | Groups with a large amount of effective members | -| 2 | Deeply Nested | Groups with deep levels of membership nesting | -| 3 | Circular Nesting | Groups with circular references in their effective membership | -| 4 | Empty Groups | Groups with no membership | -| 5 | Single Member Groups | Groups with a single direct member | -| 6 | Stale Users | Users that have not logged onto the domain for an extended period of time | -| 7 | Stale Membership | Groups with a high percentage of effective members that are stale users | -| 8 | Large Token | Users with a large amount of authorization groups in their token | diff --git a/docs/accessanalyzer/12.0/data-collection/ad-inventory/summary.md b/docs/accessanalyzer/12.0/data-collection/ad-inventory/summary.md deleted file mode 100644 index a1665d567e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-inventory/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# ADInventory: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![Active Directory Inventory DC Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Inventory DC Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-permissions/category.md b/docs/accessanalyzer/12.0/data-collection/ad-permissions/category.md deleted file mode 100644 index fe832b6171..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-permissions/category.md +++ /dev/null @@ -1,13 +0,0 @@ -# ADPermissions: Category - -The ADPermissions Data Collector Category page identifies what kind of information to retrieve using -the Category wizard page. - -![ADPermissions Data Collector wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The categories on the ADPermissions Category page are: - -- Scan Active Directory Permissions – Scan permissions applied to objects -- Scan Active Directory Audits – Scan audits applied to objects -- Remove Tables – Remove all tables and views from SQL server. See the - [Remove ADPermissions Tables](/docs/accessanalyzer/12.0/data-collection/ad-permissions/remove-tables.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-permissions/custom-filter.md b/docs/accessanalyzer/12.0/data-collection/ad-permissions/custom-filter.md deleted file mode 100644 index aab688879f..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-permissions/custom-filter.md +++ /dev/null @@ -1,28 +0,0 @@ -# ADPermissions: Custom Filter - -The Custom Filter page provides options to configure settings for object permission collection. It -is only available if the Custom Filter option is checked on the Scope page. It is a wizard page for -the categories of: - -- Scan Active Directory Permissions -- Scan Active Directory Audits - -![ADPermissions Data Collector wizard Custom Filter page](/img/product_docs/accessanalyzer/admin/datacollector/customfilter.webp) - -The configurable options are: - -- Root Path – Enter the AD root path - - - Select the distinguished name from the drop-down menu to the right of the Root Path - - Click **Preview** to show an example of the complete path - -- LDAP Filter – Enter a custom filter string -- Scope – Select an option from the drop-down menu: - - - Base – Limits the scope to the base object. The maximum number of objects returned is always - one. - - One Level – Restricted to the immediate children of a base object, but excludes the base - object itself - - Sub tree – (or a deep scope) includes all child objects as well as the base object - -- Click **Add** to add the filter criteria to the list. Multiple filters can be used. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-permissions/options.md b/docs/accessanalyzer/12.0/data-collection/ad-permissions/options.md deleted file mode 100644 index e6883bac53..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-permissions/options.md +++ /dev/null @@ -1,23 +0,0 @@ -# ADPermissions: Options - -The Options page is provides additional options for collecting the Active Directory information. It -is a wizard page for the categories of: - -- Scan Active Directory Permissions -- Scan Active Directory Audits - -![ADPermissions Data Collector wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -The configurable options are: - -- Encrypt communication with Active Directory (SSL) – Enables SSL encryption - - - Ignore Certificate errors – Select to ignore errors for testing only - -- Collect only updates since the last scan – Enables differential scanning - - - Target previously scanned domain controller – Select to use the same domain controller as the - previous scan - - Track changes into change tracking tables – Enable to track changes - - Number of days you want to keep changes in the database – Set the number of days to keep - changes in the database diff --git a/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md b/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md deleted file mode 100644 index c4e3c6c7f5..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md +++ /dev/null @@ -1,38 +0,0 @@ -# ADPermissions Data Collector - -The ADPermissions Data Collector collects the advanced security permissions of objects in AD. It is -preconfigured within the Active Directory Permissions Analyzer Solution. Both this data collector -and the solution are available with a special Access Analyzer license. See the -[Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/12.0/solutions/active-directory-permissions-analyzer/overview.md) -topic for additional information. - -Protocols - -- ADSI -- LDAP -- RPC - -Ports - -- TCP 389 -- TCP 135 – 139 -- Randomly allocated high TCP ports - -Permissions - -- LDAP Read permissions -- Read on all AD objects -- Read permissions on all AD Objects - -## ADPermissions Query Configuration - -The ADPermissions Data Collector is configured through the Active Directory Permissions Data -Collector Wizard. The wizard contains the following pages, which change based upon the query -category selected: - -- [ADPermissions: Category](/docs/accessanalyzer/12.0/data-collection/ad-permissions/category.md) -- [ADPermissions: Scope](/docs/accessanalyzer/12.0/data-collection/ad-permissions/scope.md) -- [ADPermissions: Custom Filter](/docs/accessanalyzer/12.0/data-collection/ad-permissions/custom-filter.md) -- [ADPermissions: Options](/docs/accessanalyzer/12.0/data-collection/ad-permissions/options.md) -- [ADPermissions: Results](/docs/accessanalyzer/12.0/data-collection/ad-permissions/results.md) -- [ADPermissions: Summary](/docs/accessanalyzer/12.0/data-collection/ad-permissions/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/ad-permissions/results.md b/docs/accessanalyzer/12.0/data-collection/ad-permissions/results.md deleted file mode 100644 index e07beefeb3..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-permissions/results.md +++ /dev/null @@ -1,9 +0,0 @@ -# ADPermissions: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -of the categories. - -![ADPermissions Data Collector wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Available properties vary based on the category selected. Properties can be selected individually or -the **Select All** and **Clear All** buttons can be used. All selected properties are gathered. diff --git a/docs/accessanalyzer/12.0/data-collection/ad-permissions/scope.md b/docs/accessanalyzer/12.0/data-collection/ad-permissions/scope.md deleted file mode 100644 index a10a437bec..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-permissions/scope.md +++ /dev/null @@ -1,40 +0,0 @@ -# ADPermissions: Scope - -The Scope page is where the scope for the Active Directory permissions scan is configured. It is a -wizard page for the categories of: - -- Scan Active Directory Permissions -- Scan Active Directory Audits - -![ADPermissions Data Collector wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -The configurable options are: - -- Built-in: - - - Certificate Templates – All certificate templates in Active Directory - - Computers – Computer objects under scope - - Contacts – Contact objects - - Containers – Containers under given scope - - DNS Zones – DNS zone object list - - Domains – Domains in an organizations forest - - Extended Control Access Rights – Access control rights list - - Foreign Security Principals – Well known security principles from external sources - - Group – Domain, global, universal distribution groups - - NTAuth Certificates Container – NTAuth Certificates Container - - Organizational Units – Organizational units under given scope - - Printer – Printer objects - - Schema Attributes – All defined attributes in Active Directory - - Schema Classes – All defined classes in Active Directory - - Servers – Server objects - - Shared Folders – Shared folders under the scope - - Site Link Bridges – Object for tracking transitively connected site links - - Site links – Connections between sites - - Site Transports – Inter-site transports in Active Directory - - Sites – List of Active Directory sites - - Subnets – Known subnet objects - - Users – All user objects under the scope - -- Custom: - - - Custom Filter – Custom filter for collecting objects diff --git a/docs/accessanalyzer/12.0/data-collection/ad-permissions/summary.md b/docs/accessanalyzer/12.0/data-collection/ad-permissions/summary.md deleted file mode 100644 index 63b331c694..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ad-permissions/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# ADPermissions: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![ADPermissions Data Collector wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Permissions Data Collector Wizard ensuring that no -accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/aws/category.md b/docs/accessanalyzer/12.0/data-collection/aws/category.md deleted file mode 100644 index 556cda8c79..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/aws/category.md +++ /dev/null @@ -1,20 +0,0 @@ -# AWS: Category - -Use the Category page to select the type of scan for the targeted AWS instance or maintenance task -to perform. - -![AWS Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The options on the Category page are: - -- AWS scan jobs - - - Collect Org data – Collects all organization info from an AWS instance - - Collect IAM data – Collects all users, groups, and roles from an AWS instance - - Collect S3 – Collects S3 data - - Collect SDD data – Scans S3 objects for potentially sensitive data - -- Maintenance - - - Drop AWS DC Tables – Removes AWS data collector data and tables from the Access Analyzer - database. See the [Drop AWS Tables](/docs/accessanalyzer/12.0/data-collection/aws/drop-tables.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/aws/criteria.md b/docs/accessanalyzer/12.0/data-collection/aws/criteria.md deleted file mode 100644 index b98199e36d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/aws/criteria.md +++ /dev/null @@ -1,23 +0,0 @@ -# AWS: Criteria - -The Criteria (Select DLP criteria for this scan) page is where criteria to be used for discovering -sensitive data during a scan is configured. It is a wizard page for the category of Collect SDD -Data. - -![AWS Query SDD Criteria](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -Default criteria is set at the **Global Settings** > **Sensitive Data** node. Choose between the -**Use Global Criteria** Selection and the **Use the Following Selected Criteria** radio buttons. - -For custom criteria, select the checkbox for the criteria to be used to search for sensitive data. -There are **Select All** and **Clear All** buttons that can be used. - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - -User-defined criteria is created in the Criteria Editor, accessed through the **Global Settings** > -**Sensitive Data** node. See the -[Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitive-data-discovery/overview.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/data-collection/aws/drop-tables.md b/docs/accessanalyzer/12.0/data-collection/aws/drop-tables.md deleted file mode 100644 index 216fd36fd8..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/aws/drop-tables.md +++ /dev/null @@ -1,24 +0,0 @@ -# Drop AWS Tables - -Sometimes when troubleshooting an AWS issue, it becomes necessary to clear the AWS DC data and -tables from the Access Analyzer database. Follow the steps to configure a job to remove tables. - -**Step 1 –** Create a new job. - -**Step 2 –** Configure the target host as **Local host**. - -**Step 3 –** Assign a query using the **AWS** Data Collector. - -![Drop AWS DC Tables option on Amazon Web Services Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/droptables.webp) - -**Step 4 –** In the Amazon Web Services Data Collector Wizard on the Category page, select the -**Drop AWS DC Tables** category task. Click **Next**. - -**Step 5 –** Click **Next** and then click **Finish** to close the Amazon Web Services Data -Collector Wizard. Click **OK** to close the Query Properties window. - -**CAUTION:** When the job is run, all of the AWS DC data and tables are removed from the database. - -The job is now configured and ready to run. - -**NOTE:** An AWS connection profile is not required for the Drop AWS DC Tables task. diff --git a/docs/accessanalyzer/12.0/data-collection/aws/filter-s3-objects.md b/docs/accessanalyzer/12.0/data-collection/aws/filter-s3-objects.md deleted file mode 100644 index 5893bce3f3..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/aws/filter-s3-objects.md +++ /dev/null @@ -1,40 +0,0 @@ -# AWS: Filter S3 Objects - -The Filter S3 Objects page provides the options to filter which objects stored in S3 should be -queried for permissions and sensitive data. It is a wizard page for the categories of: - -- Collect S3 -- Collect SDD Data - -![Filter S3 Objects page](/img/product_docs/accessanalyzer/admin/datacollector/aws/filters3objects.webp) - -Use the buttons to customize the filter list: - -- Add – Opens the Select a bucket window. See the [Add Filter](#add-filter) topic for additional - information. -- Add Custom Filter – Create a custom filter. See the [Add Custom Filter](#add-custom-filter) topic - for additional information. -- Remove – Remove a filter from the list - -## Add Filter - -The Select a Bucket window shows the available buckets in the AWS instance. - -![Select a bucket window](/img/product_docs/accessanalyzer/admin/datacollector/aws/selectabucket.webp) - -Select from the available buckets and click **OK** to add them to the Filter S3 Objects page. - -## Add Custom Filter - -The Add Custom Filter window allows a custom filter to be configured. - -![Add Custom Filter window](/img/product_docs/accessanalyzer/admin/datacollector/customfilter.webp) - -Configure a custom filter using the following format: - -- The characters `*` and `?` are wildcards - - `*` – matches any number of characters - - `?` – matches a single character -- ARN should follow the format: `arn:aws:s3:::/` - -Click **Save** to add the custom filter to the Filter S3 Objects page. diff --git a/docs/accessanalyzer/12.0/data-collection/aws/login-roles.md b/docs/accessanalyzer/12.0/data-collection/aws/login-roles.md deleted file mode 100644 index 7667373dc9..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/aws/login-roles.md +++ /dev/null @@ -1,23 +0,0 @@ -# AWS: Login Roles - -The Login Roles page is where the previously created AWS Roles are added. It is a wizard page for -the categories of: - -- Collect Org data -- Collect IAM data -- Collect S3 - -![AWS Query Login Roles](/img/product_docs/accessanalyzer/admin/datacollector/aws/loginroles.webp) - -Add the login roles that will allow Access Analyzer to scan the AWS accounts. See the -[Configure AWS for Scans](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md) topic for additional -information. The page has the following options: - -- Import From File – Browse to the location of a CSV file from which to import the roles -- Role Name – Enter the name of the role -- Add – Add the role from the Role Name textbox to the list -- Remove – Remove the selected role from the list -- Clear – Remove all roles from the list -- Max Session Duration (hours) – Specify the maximum time the account can be logged in for. This - value should not exceed the SessionDuration configured for the role in AWS. The default value is 1 - and the maximum value is 12. diff --git a/docs/accessanalyzer/12.0/data-collection/aws/overview.md b/docs/accessanalyzer/12.0/data-collection/aws/overview.md deleted file mode 100644 index 67dce57c0b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/aws/overview.md +++ /dev/null @@ -1,56 +0,0 @@ -# AWS Data Collector - -The AWS Data Collector collects IAM users, groups, roles, and policies, as well as S3 permissions, -content, and sensitive data from the target Amazon Web Services (AWS) accounts. The AWS Data -Collector has been preconfigured for the AWS Solution. Both this data collector and the solution are -available with a special Access Analyzer license. See the -[AWS Solution](/docs/accessanalyzer/12.0/solutions/aws/overview.md) topic for additional information. - -Protocols - -- 443 - -Ports - -- 443 - -Permissions - -- To collect details about the AWS Organization, the following permission is required: - - - organizations:DescribeOrganization - -- To collect details regarding IAM, the following permissions are required: - - - iam:GenerateCredentialReport - - iam:GenerateServiceLastAccessedDetails - - iam:Get\* - - iam:List\* - - iam:Simulate\* - - sts:GetAccessKeyInfo - -- To collect details related to S3 buckets and objects, the following permissions are required: - - - s3:Describe\* - - s3:Get\* - - s3:HeadBucket - - s3:List\* - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## AWS Query Configuration - -The AWS Data Collector is configured through the Amazon Web Services Data Collector Wizard. The -wizard contains the following pages, which change based up on the query category selected: - -- [AWS: Category](/docs/accessanalyzer/12.0/data-collection/aws/category.md) -- [AWS: Login Roles](/docs/accessanalyzer/12.0/data-collection/aws/login-roles.md) -- [AWS: Filter S3 Objects](/docs/accessanalyzer/12.0/data-collection/aws/filter-s3-objects.md) -- [AWS: Sensitive Data Settings](/docs/accessanalyzer/12.0/data-collection/aws/sensitive-data.md) -- [AWS: Criteria ](/docs/accessanalyzer/12.0/data-collection/aws/criteria.md) -- [AWS: Results](/docs/accessanalyzer/12.0/data-collection/aws/results.md) -- [AWS: Summary](/docs/accessanalyzer/12.0/data-collection/aws/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/aws/results.md b/docs/accessanalyzer/12.0/data-collection/aws/results.md deleted file mode 100644 index 8e529eaf0e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/aws/results.md +++ /dev/null @@ -1,9 +0,0 @@ -# AWS: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -of the categories. - -![Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be checked individually or the **Select All** or **Clear All** buttons can be used. -All checked properties are gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/aws/sensitive-data.md b/docs/accessanalyzer/12.0/data-collection/aws/sensitive-data.md deleted file mode 100644 index b070b9d3ea..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/aws/sensitive-data.md +++ /dev/null @@ -1,49 +0,0 @@ -# AWS: Sensitive Data Settings - -The Sensitive Data Settings page is where sensitive data discovery settings are configured. It is a -wizard page for the category of Collect SDD Data. - -![Sensitive Data Settings page](/img/product_docs/accessanalyzer/install/application/upgrade/sensitivedata.webp) - -Configure the following options: - -- Don’t process files larger than: [number] MB – Limits the files to be scanned for sensitive - content to only files smaller than the specified size -- Include offline files (this may significantly increase scan times) – Includes offline files in the - scan -- Perform Optical Character Recognition for image files – Enables the data collector to scan for - sensitive data within digital images of physical documents - - **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents - directly converted to images, with standard fonts. It will not work for scanning photos of - documents and may not be able to recognize text on images of credit cards, driver's licenses, or - other identity cards. - -- Store discovered sensitive data – Stores discovered sensitive data in the database -- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria - for discovered sensitive data -- Use the radio buttons to select the File types to scan: - - - Scan all file types – Scans everything in a given environment - - Scan custom file types – Select the checkboxes from the list of file and document types that - are included in a sensitive data scan. The table contains the following categories and their - sub-options: - - - Compressed Archive files - - Documents - - Email - - Image files - - Presentations - - Spreadsheets - - Text/Markup files - -- Perform differential scan of – Enables you to choose whether to employ incremental scanning: - - - Files modified since last scan – Scans only files modified since the last scan - - Files modified since [date] – Only scans files modified after the specified date - - Files modified since the last [number] days – Scans files modified within the specified number - of days - -- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn - as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU - threads available. diff --git a/docs/accessanalyzer/12.0/data-collection/aws/summary.md b/docs/accessanalyzer/12.0/data-collection/aws/summary.md deleted file mode 100644 index c91e771766..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/aws/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# AWS: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all categories. - -![summary](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Amazon Web Services Data Collector Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/category.md b/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/category.md deleted file mode 100644 index 012ebdc4f7..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/category.md +++ /dev/null @@ -1,18 +0,0 @@ -# AzureADInventory: Category - -The Category page identifies which Inventory task to perform. - -![Entra ID Inventory DC Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The two categories are: - -- Scan Entra ID – Scans Microsoft Entra ID objects and imports the information into the SQL Server - database, creating the standard reference tables. This task also maintains the schema for tables - and views. This is the standard option for this data collector. -- Remove Tables – Removes all tables and views from SQL Server database. This option is designed for - troubleshooting. When this option is selected, the next wizard page is the Summary page. See the - [Troubleshooting AzureADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/troubleshooting.md) topic for more information. - -The Scan Entra ID category is the pre-configured setting for the .Entra ID Inventory Job Group. -Therefore, accessing the Entra ID Inventory DC Wizard from the query within that job group does not -display the Category wizard page. diff --git a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/configure-job.md b/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/configure-job.md deleted file mode 100644 index c91a4e2704..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/configure-job.md +++ /dev/null @@ -1,43 +0,0 @@ -# Microsoft Entra ID Connection Profile & Host List - -The AzureADInventory Data Collector requires a custom Connection Profile and host list to be created -and assigned to the job or job group conducting the data collection. The host inventory option -during host list creation makes it necessary to configure the Connection Profile first. - -## Connection Profile - -Creating the Connection Profile requires having the Client ID and Key that was generated when Access -Analyzer was registered as a web application with Microsoft Entra ID. See the -[Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/12.0/configuration/entra-id/access.md) for additional -information. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Azure Active Directory -- Client ID – Application (client) ID of the Access Analyzer application registered with Microsoft - Entra ID. See the - [Identify the Client ID](/docs/accessanalyzer/12.0/configuration/entra-id/access.md#identify-the-client-id) topic for - additional information. -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) - topic for additional information.) -- Key – Client secret value for the Access Analyzer application registered with Microsoft Entra ID. - See the - [Generate the Client Secret Key](/docs/accessanalyzer/12.0/configuration/entra-id/access.md#generate-the-client-secret-key) - topic for additional information. - -Once the Connection Profile is created, it is time to create the custom host list. See the -[Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. - -## Custom Host List - -The custom host list should include: - -- All Microsoft Entra ID tenants to be targeted. If there are multiple tenants, the Connection - Profile should contain a credential for each. -- The host name must be the domain name of the tenant, for example `company.onmicrosoft.com`. See - the [Identify the Client ID](/docs/accessanalyzer/12.0/configuration/entra-id/access.md#identify-the-client-id) topic - for additional information. - -See the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) topic for instructions on creating a custom -static host list. diff --git a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/custom-attributes.md b/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/custom-attributes.md deleted file mode 100644 index 04de54b9c9..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/custom-attributes.md +++ /dev/null @@ -1,102 +0,0 @@ -# AzureADInventory: Custom Attributes - -Use the Custom Attributes wizard page to define custom attributes that will be used in the Microsoft -Entra ID scan. - -![Entra ID Inventory Data Collector Wizard Custom Attributes page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributes.webp) - -Configuration options for Custom Attributes include: - -- Collect Open Extensions – If enabled, data collector will perform a full scan and collect all - extension attributes for Microsoft Entra ID objects - - - Enabling this option will increase the time it takes for the data collector to complete the - scan. Disabling this option will configure the data collector run a differential scan, which - will only scan changes since the last scan was performed. - - **CAUTION:** A full scan is required when new attributes are added or removed. - -- Add – Adds a manually entered attribute that is included in the scan. This option opens the Custom - Attribute window. -- Edit – Make changes to a previously added attribute. This option opens the Custom Attribute - window. -- Remove – Deletes the attribute from the table and therefore the scan -- Import – Use the Azure Connection Profile credentials or manually inputted credentials to import - custom attributes for the scan using a valid tenant name. This option opens up the Custom - Attributes Import Wizard. - -Use the **Add**, **Edit**, and **Remove** buttons at the bottom of the window to configure the -custom attributes to be gathered by the scan. Use the **Add** button to open the -[Custom Attribute Window](#custom-attribute-window). The **Import** button opens the -[Custom Attributes Import Wizard](#custom-attributes-import-wizard). - -#### Custom Attribute Window - -Input custom attributes from Microsoft Entra ID environments using the Custom Attribute pop-up -window. - -![Custom Attribute Window](/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributewindow.webp) - -The options on the Custom Attributes window are: - -- Tenant Filter – Use a Tenant Name or wildcard to target the desired environment. Wildcards (\*) - can be used. -- Object Class – One or more object class for the attribute can be selected: - - User - - Group - - Contact -- Attribute Name – Microsoft Entra ID attribute name -- Collect all sub-attributes – Allows the collection of sub-attributes - - Sub-Attribute Name – Define the sub-attribute name. Wildcards (\*) can be used. - -Repeat this process until all desired Custom Attributes have been included. Click **OK** to save the -attribute. - -#### Custom Attributes Import Wizard - -The Custom Attributes Import wizard adds a list of custom schema and application attributes from the -targeted tenant environment into the AzureADInventory Data Collector configurations. Follow the -steps to use this window: - -**Step 1 –** On the Custom Attributes page of the Entra Inventory DC wizard, click **Import**. The -Custom Attributes Import Wizard opens. - -![Custom Attributes Import Wizard](/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizard.webp) - -**Step 2 –** On the Connection page, enter the Tenant Name of the instance of Microsoft Entra ID to -be targeted, and then select the method of supplying credentials for the specified tenant instance: - -- Use the following connection profile entry – Select an Azure Connection Profile from the dropdown - list -- Use the following credentials to authenticate – Enter the credentials to use - - App Id –Client ID - - App key – Client Secret Key - -**_RECOMMENDED:_** Add a valid Azure Connection Profile to the **Jobs** > **.Entra ID Inventory** > -**Settings** > **Connection** settings as a user defined profile. This ensures the connection -profile displays in the dropdown menu. - -See the [Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/12.0/configuration/entra-id/access.md) or the -[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/configure-job.md) topics for additional -information. - -**Step 3 –** Click **Test Connection** in order to connect to the tenant with the supplied -credentials. If they are correct, the Schema Attributes and Application Attributes pages become -available. Click **Next** to navigate to them. - -| | | -| --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------ | -| ![customattributesimportwizardschema](/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp) | -| Schema Extended Attributes page | Application Extended Attributes page | - -**Step 4 –** On the Schema and Application Attributes pages, the wizard populates with the available -attributes from the Azure tenant. Expand the object classes and select the checkboxes next to the -required attributes to import the custom attributes. Click Next to continue. - -- Load More – Adds additional object classes from the Microsoft Entra ID tenant environment that are - not located in the current list -- Refresh Nodes – Wipes selections from all object class folders - -**Step 5 –** On the Summary page, review your selections and click **Finish**. - -The selected attributes display on the Custom Attributes page of the Entra ID Inventory DC wizard. diff --git a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/options.md b/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/options.md deleted file mode 100644 index 4a45d9cb7c..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/options.md +++ /dev/null @@ -1,13 +0,0 @@ -# AzureADInventory: Options - -The Options page provides scan options to use when gathering Microsoft Entra ID information. It is a -wizard page for the Scan Entra ID category. - -![Entra ID Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -Scan options for collecting Microsoft Entra ID information include: - -- Collect only updates since the last scan -- Collect sign-in activity with scan - - This option is required to collect the LastLogonTimestamp attribute of user objects -- Collect directory audit events diff --git a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/overview.md b/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/overview.md deleted file mode 100644 index f26849141a..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/overview.md +++ /dev/null @@ -1,59 +0,0 @@ -# AzureADInventory Data Collector - -The AzureADInventory Data Collector catalogs user and group object information from Microsoft Entra -ID, formerly Azure Active Directory. This data collector is a core component of Access Analyzer and -is preconfigured in the .Entra ID Inventory Solution. - -Both this data collector and the solution are available with all Access Analyzer license options. -See the [.Entra ID Inventory Solution](/docs/accessanalyzer/12.0/solutions/entraidinventory/overview.md) topic for -additional information. - -Protocols - -- HTTP -- HTTPS -- REST - -Ports - -- TCP 80 and 443 - -Permissions - -- Microsoft Graph API - - - Application Permissions: - - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - - Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -- Access URLs - - - https://login.windows.net - - https://graph.windows.net - - https://login.microsoftonline.com - - https://graph.microsoft.com - - - All sub-directories of the access URLs listed - -## AzureADInventory Query Configuration - -The AzureADInventory Data Collector is configured through the Entra ID Inventory DC Wizard, which -contains the following wizard pages: - -- Welcome -- [AzureADInventory: Category](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/category.md) -- [AzureADInventory: Options](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/options.md) -- [AzureADInventory: Custom Attributes](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/custom-attributes.md) -- [AzureADInventory: Results](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/results.md) -- [AzureADInventory: Summary](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/summary.md) - -![Entra ID Inventory Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -Hide the Welcome page the next time this data collected is accessed by selecting the **Do not -display this page the next time** checkbox. diff --git a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/results.md b/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/results.md deleted file mode 100644 index 84feaf245b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/results.md +++ /dev/null @@ -1,11 +0,0 @@ -# AzureADInventory: Results - -The Results page is where the properties from Microsoft Entra ID to be gathered are selected. It is -a wizard page for the category of Scan Entra ID. - -![Entra ID Inventory DC Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be checked individually or the **Select All** and **Clear All** buttons can be used. -All checked properties are collected. This information is not available within the standard -reference tables and views. Instead, this information can be viewed in the -**SA_AzureADInventory_DEFAULT** table, which is created when any of these properties are selected. diff --git a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/summary.md b/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/summary.md deleted file mode 100644 index 4b60f28bc4..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# AzureADInventory: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for both of the -categories. - -![Entra ID Inventory DC Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Entra ID Inventory DC Wizard to ensure that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/troubleshooting.md b/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/troubleshooting.md deleted file mode 100644 index e765d1d024..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/troubleshooting.md +++ /dev/null @@ -1,32 +0,0 @@ -# Troubleshooting AzureADInventory Data Collector - -## Clear AzureADInventory Tables - -Sometimes when troubleshooting an AzureADInventory issue, it becomes necessary to clear the standard -reference tables. Follow the steps. - -**Step 1 –** Create a new job and assign a query using the **AZUREADINVENTORY** Data Collector. - -**Step 2 –** In the Entra ID Inventory DC Wizard on the Category page, select the **Remove Tables** -category task. - -**Step 3 –** Click **Next** and then **Finish** to close the Entra ID Inventory DC Wizard. Click -**OK** to close the Query Properties window. - -When the job is run, all of the AzureADInventory standard reference tables are removed from the -database. - -## Troubleshooting Error Messages - -Change the XML parameters to address the following errors: - -Error: Microsoft.Graph.ServiceException: Code: timeout Message: The request timed out - -Update the `` parameter to update the number of retries to run the query. -The default is 3. - -Error: An existing connection was forcible closed by the remote host - -Update the `` parameter to update the max delta token age. The default is 6. - -See the [View Job XML File](/docs/accessanalyzer/12.0/administration/job-management/job/properties/view-xml.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/box/activity-operation-scope.md b/docs/accessanalyzer/12.0/data-collection/box/activity-operation-scope.md deleted file mode 100644 index 98ce70f058..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/box/activity-operation-scope.md +++ /dev/null @@ -1,23 +0,0 @@ -# Box: Activity Operation Scope - -The Activity Operation Scope page (ActivityOperationScope) is where Box Enterprise events can be -selected or unselected for scans. It is a wizard page for the Scan Box Activity category. - -![Box DC Wizard Activity Operation Scope page](/img/product_docs/accessanalyzer/admin/datacollector/box/activityoperation.webp) - -Event filters can be selected by group or the group may be expanded and the filters selected -individually. All selected filters are gathered from the Box environment. - -Event filters include: - -- Collaboration -- File Activity -- Group -- Login -- Metadata -- Misc -- Security -- Sharing -- Task -- Users -- Workflow diff --git a/docs/accessanalyzer/12.0/data-collection/box/activity-timeframe-scope.md b/docs/accessanalyzer/12.0/data-collection/box/activity-timeframe-scope.md deleted file mode 100644 index ff6b4b9e67..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/box/activity-timeframe-scope.md +++ /dev/null @@ -1,23 +0,0 @@ -# Box: Activity Timeframe Scope - -The Activity Timespan Scope page (ActivityTimeframeScope) is where Box activity data collection is -configured. It is a wizard page for the Scan Box Activity category. - -![Box DC Wizard Activity Timespan Scope page](/img/product_docs/accessanalyzer/admin/datacollector/box/activitytimeframe.webp) - -Select one of the following options to configure the timeframe for Box data collection: - -- Relative Timespan – Collects activity from a set number of days relative to the present - - - Collect activity from the last [number] Days – Enter the number of days for which activity - data collection is required. The default is 180. The maximum timespan is 365 days. - - Data retention settings – Select a preferred retention setting - - - Within timespan – Deletes all data outside of the selected timespan - - Retain all data – Retains all data collected inside or outside of the selected timespan - -- Absolute Timespan – Enter the interval of days for which activity data collection is required. The - default End Date is the current day. - - **NOTE:** Choosing an absolute timespan will not affect activity data during relative timespan - scans. diff --git a/docs/accessanalyzer/12.0/data-collection/box/additional-scoping.md b/docs/accessanalyzer/12.0/data-collection/box/additional-scoping.md deleted file mode 100644 index ad9cd79858..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/box/additional-scoping.md +++ /dev/null @@ -1,14 +0,0 @@ -# Box: Additional Scoping - -The Additional Scoping page is where the scan can be limited by depth of the scan. It is a wizard -page for the Scan Box Permissions category. - -![Box DC Wizard Additional Scoping page](/img/product_docs/accessanalyzer/admin/datacollector/box/additionalscoping.webp) - -Configure the scan depth level: - -- Limit scanned depth to: [number] level – Select the checkbox and set the scan depth level to the - desired depth. If this checkbox is not selected, then the entire Box environment will be scanned, - according to the [Box: Exclusions Page](/docs/accessanalyzer/12.0/data-collection/box/exclusions.md) settings. If the scoping depth is set to - **0** then only root will be scanned. Each increment will add another level of depth from root - level. diff --git a/docs/accessanalyzer/12.0/data-collection/box/authenticate.md b/docs/accessanalyzer/12.0/data-collection/box/authenticate.md deleted file mode 100644 index ff9c5be440..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/box/authenticate.md +++ /dev/null @@ -1,15 +0,0 @@ -# Box: Authenticate - -The Authenticate page is where connection to the Box environment is configured. It is a wizard page -for all categories. - -![Box DC Wizard Authentication page](/img/product_docs/accessanalyzer/admin/datacollector/box/authentication.webp) - -Click **Authorize** to launch the BoxLogin window and generate an authorization code. This code will -allow Access Analyzer to report on the Box Enterprise. - -![BoxLogin window](/img/product_docs/accessanalyzer/admin/datacollector/box/boxlogin.webp) - -Enter an email address and password for an account with Enterprise Admin credentials in the targeted -Box environment. Then click **Authorize** to grant access to Box and generate the code. The **Use -Single Sign On (SSO)** option is an alternative log in method. diff --git a/docs/accessanalyzer/12.0/data-collection/box/category.md b/docs/accessanalyzer/12.0/data-collection/box/category.md deleted file mode 100644 index 48da98e15d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/box/category.md +++ /dev/null @@ -1,17 +0,0 @@ -# Box: Category - -Use the Category page to select the type of scan or import for the Box Enterprise targeted. - -![Box DC Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The Box Data Collector contains the following query categories: - -- Box Activity Audit – Scan Box activity - - - Scan Box Activity – Performs an audit of Box activity - - Bulk Import Box Activity – Performs a bulk import of Box activity - -- Box Permission Audit – Scan Box permissions - - - Scan Box Permissions – Performs an audit for Box permissions - - Import Box Permissions – Performs an import of Box permissions diff --git a/docs/accessanalyzer/12.0/data-collection/box/exclusions.md b/docs/accessanalyzer/12.0/data-collection/box/exclusions.md deleted file mode 100644 index dc9490af95..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/box/exclusions.md +++ /dev/null @@ -1,20 +0,0 @@ -# Box: Exclusions Page - -The Exclude or Include folders page (ExclusionsPage) is where the scan can be limited to include or -to exclude folders within the Box Enterprise. It is a wizard page for of Scan Box Permissions -category. - -![Box DC Wizard Exclude or Include folders page](/img/product_docs/accessanalyzer/admin/datacollector/box/exclusions.webp) - -The options on the Exclusions Page are: - -- Add as inclusion – Type the path of a folder in the text box to include in the scan. The folder - path must not include a slash at the end. - - - Example format: `/All Files/Folder/SubFolder` - - Incorrect format: `/All Files/Folder/SubFolder/` - -- Add as exclusion – Type the path of a folder in the text box to exclude from the scan - -The **Remove** option will delete a selected folder from the list. The **Clear List** option will -remove all folders from the list. diff --git a/docs/accessanalyzer/12.0/data-collection/box/overview.md b/docs/accessanalyzer/12.0/data-collection/box/overview.md deleted file mode 100644 index 20c4f8551e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/box/overview.md +++ /dev/null @@ -1,50 +0,0 @@ -# Box Data Collector - -The Box Data Collector audits access, group membership, and content within a Box enterprise. - -**NOTE:** If the Box Data Collector is used in a new job, outside of the Box Solution, it is -necessary to deselect the **Skip Hosts that do not respond to PING** option on the job’s -**Properties** > **Performance** tab. - -The Box Data Collector has been preconfigured within the Box Solution. Both this data collector and -the solution are available with a special Access Analyzer license. See the -[Box Solution](/docs/accessanalyzer/12.0/solutions/box/overview.md) topic for additional information. - -Protocols - -- HTTP -- HTTPS - -Ports - -- TCP 80 -- TCP 443 - -Permissions - -- Box Enterprise Administrator - -## Box Query Configuration - -The Box Data Collector is configured through the Box Data Collector Wizard. The wizard contains the -following pages, which change based up on the query category selected: - -- Welcome -- [Box: Category](/docs/accessanalyzer/12.0/data-collection/box/category.md) -- [Box: Exclusions Page](/docs/accessanalyzer/12.0/data-collection/box/exclusions.md) -- [Box: Scope by User Page](/docs/accessanalyzer/12.0/data-collection/box/scope-by-user.md) -- [Box: Additional Scoping](/docs/accessanalyzer/12.0/data-collection/box/additional-scoping.md) -- [Box: Activity Timeframe Scope](/docs/accessanalyzer/12.0/data-collection/box/activity-timeframe-scope.md) -- [Box: Activity Operation Scope](/docs/accessanalyzer/12.0/data-collection/box/activity-operation-scope.md) -- [Box: Authenticate](/docs/accessanalyzer/12.0/data-collection/box/authenticate.md) -- [Box: Results](/docs/accessanalyzer/12.0/data-collection/box/results.md) -- [Box: Summary](/docs/accessanalyzer/12.0/data-collection/box/summary.md) - -The Welcome page gives an overview of the data collector. To proceed through the pages, click -**Next** or use the Steps navigation pane to open another page in the wizard. Review the -introductory and caution information about the Box Data Collector before proceeding. - -![Box DC Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by checking the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/box/results.md b/docs/accessanalyzer/12.0/data-collection/box/results.md deleted file mode 100644 index 8ad9c25a09..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/box/results.md +++ /dev/null @@ -1,9 +0,0 @@ -# Box: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -categories. - -![Box DC Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Select All** or **Clear All** buttons can be used. -All selected properties will be gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/box/scope-by-user.md b/docs/accessanalyzer/12.0/data-collection/box/scope-by-user.md deleted file mode 100644 index 9c8affd19b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/box/scope-by-user.md +++ /dev/null @@ -1,16 +0,0 @@ -# Box: Scope by User Page - -The User Scope Settings page (ScopeByUserPage) is where the scope of the scan can be limited to -specified users and the resulting scan will only scan for the specified users. It is a wizard page -for the Scan Box Permissions category. - -![Box DC Wizard User Scope Settings page](/img/product_docs/accessanalyzer/admin/datacollector/box/scopebyuser.webp) - -Select whether to scan **All Users** or **Limited Users**. If scanning for **Limited Users**, click -**Browse** and navigate to the path of the CSV file that contains the email addresses of users to be -included in the scan. The CSV file should have one email address per row. - -**NOTE:** The query will collect information related to User names and Group membership for all -users in a target environment. However, if the query is scoped to specific users, no additional -information is collected for users outside out of the scope. User names and group membership for the -target environment is necessary to generate the Box Solution reports. diff --git a/docs/accessanalyzer/12.0/data-collection/box/summary.md b/docs/accessanalyzer/12.0/data-collection/box/summary.md deleted file mode 100644 index 79e0b4369f..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/box/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# Box: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![Box DC Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Box Data Collector Wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/12.0/data-collection/command-line-utility/define-fields.md b/docs/accessanalyzer/12.0/data-collection/command-line-utility/define-fields.md deleted file mode 100644 index 5e3b1036c8..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/command-line-utility/define-fields.md +++ /dev/null @@ -1,9 +0,0 @@ -# CLU: Define Fields - -The Define Fields page provides options to define and configure fields for the Command Line Utility -output. It is a wizard page for the **Edit Profile** and **Create a New Profile** profile types. - -![Command Line Utility Data Collector Wizard Define Fields page](/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/definefields.webp) - -**CAUTION:** Do not modify this page without guidance from Netwrix or the data may not be processed -by Access Analyzer. diff --git a/docs/accessanalyzer/12.0/data-collection/command-line-utility/execution-options.md b/docs/accessanalyzer/12.0/data-collection/command-line-utility/execution-options.md deleted file mode 100644 index 1da5f4d317..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/command-line-utility/execution-options.md +++ /dev/null @@ -1,50 +0,0 @@ -# CLU: Execution Options - -The Execution Options page provides options to define the mode of execution. It is a wizard page for -the **Edit Profile** and **Create a New Profile** selections on the Profile Type page. - -![Command Line Utility Data Collector Wizard Execution Options page](/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/executionoptions.webp) - -The available options on the page vary depending on the selected profile type. The possible options -are as follows: - -Execution Type - -The Execution Type section identifies the mode of execution: - -- Local – Execute the utility within the Access Analyzer Console -- Remote – Execute the utility on the target host - -Output options - -The output options include: - -- Write Output to a text file – Writes task output to a text file which is thenprocessed to collect - properties -- Preserve Output file – Stores the output file on the local machine -- .Exe Present in Installed CLU Directory – Select the checkbox if the .exe utility is present in - the installed CLU directory. The path on the Profile Parameters page should be the utility name - instead of the full path. See the [CLU: Profile Parameters](/docs/accessanalyzer/12.0/data-collection/command-line-utility/profile-parameters.md) topic for - additional information. - -Remote Execution Options - -The Remote Execution Options apply to the Remote mode of execution: - -- Copy .exe to remote host – Copies the executable from the local machine to the remote machine - before executing it -- Leave .exe on remote host – Keeps the executable on the remote machine after execution - -Other Settings - -The Other Settings section provides additional options: - -- Ignore Error Code – Error code to skip while executing the command line utility using the task - scheduler - - - The `0` code is always skipped during execution - - If no error code is required, enter `0` - -- Timeout – Timeout limit in seconds for the task to finish - - - The default value is 1200 seconds, or 20 minutes diff --git a/docs/accessanalyzer/12.0/data-collection/command-line-utility/overview.md b/docs/accessanalyzer/12.0/data-collection/command-line-utility/overview.md deleted file mode 100644 index 16711682f6..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/command-line-utility/overview.md +++ /dev/null @@ -1,40 +0,0 @@ -# CommandLineUtility Data Collector - -The CommandLineUtility Data Collector provides the ability to remotely spawn, execute, and extract -data provided by a Microsoft native or third-party command line utility. It allows users to easily -execute a command line utility and capture its output as Access Analyzer data. This data collector -is a core component of Access Analyzer and is available with all Access Analyzer licenses. - -Protocols - -- Remote Registry -- RPC - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the local Administrators group - -## CommandLineUtility Query Configuration - -The CommandLineUtility Data Collector executes a command line utility and captures the output. It is -configured through the Command Line Utility Data Collector Wizard, which contains the following -pages: - -- Welcome -- [CLU: Profile Type](/docs/accessanalyzer/12.0/data-collection/command-line-utility/profile-type.md) -- [CLU: Profile Parameters](/docs/accessanalyzer/12.0/data-collection/command-line-utility/profile-parameters.md) -- [CLU: Execution Options](/docs/accessanalyzer/12.0/data-collection/command-line-utility/execution-options.md) -- [CLU: Define Fields](/docs/accessanalyzer/12.0/data-collection/command-line-utility/define-fields.md) -- [CLU: Script Editor](/docs/accessanalyzer/12.0/data-collection/command-line-utility/script-editor.md) -- [CLU: Results](/docs/accessanalyzer/12.0/data-collection/command-line-utility/results.md) -- [CLU: Summary](/docs/accessanalyzer/12.0/data-collection/command-line-utility/summary.md) - -![Command Line Utility Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/command-line-utility/profile-parameters.md b/docs/accessanalyzer/12.0/data-collection/command-line-utility/profile-parameters.md deleted file mode 100644 index f104022acb..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/command-line-utility/profile-parameters.md +++ /dev/null @@ -1,24 +0,0 @@ -# CLU: Profile Parameters - -The Profile Parameters page provides settings to configure the parameters for the profile. It is a -wizard page for the **Edit Profile** or **Create a New Profile** selections on the Profile Type -page. - -![Command Line Utility Data Collector Wizard Profile Parameters page](/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/profileparameters.webp) - -Profile parameters include: - -- Profile Name – Name of the profile. If **Edit Profile** was selected on the Profile Type page, - then this is the name of an existing profile to be edited. If **Create a New Profile** was - selected, then this is the name of a new profile. -- Path – Path of the utility (.exe) from the local or remote machine. If stored on the local - machine, give the local path. If the utility is located on multiple paths in the same machine, - each can be entered on a new line in this field. If the .exe file is present in the installed CLU - directory, then enter the utility name rather than the full path. -- Start in path for task (Optional) – Working directory for the command line that executes the - program or script. This should be either the path to the program or script file, or the path to - the files that are used by the executable file. -- Command Line – Command that the utility executes. If the utility is self-executable and does not - need a command, leave this field blank. -- Output File Name – Enter the desired name for the output file. By default, the output file name - matches the profile name. diff --git a/docs/accessanalyzer/12.0/data-collection/command-line-utility/profile-type.md b/docs/accessanalyzer/12.0/data-collection/command-line-utility/profile-type.md deleted file mode 100644 index 9f78f6ea3f..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/command-line-utility/profile-type.md +++ /dev/null @@ -1,15 +0,0 @@ -# CLU: Profile Type - -The Profile Type page contains options to select a new or existing profile. - -![Command Line Utility Data Collector Wizard Profile Type page](/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/profiletype.webp) - -The options on the Profile Type page are: - -- Select Profile – Allows you to change the properties of a profile from the results page -- Edit Profile – Allows you to edit a profile's execution options and properties. Enables the Define - Fields and Script Editor pages. -- Create a New Profile – Allows you to create a new profile. Enables the Define Fields and Script - Editor pages. - -The profile type selected may alter the availability of the subsequent wizard steps. diff --git a/docs/accessanalyzer/12.0/data-collection/command-line-utility/results.md b/docs/accessanalyzer/12.0/data-collection/command-line-utility/results.md deleted file mode 100644 index 7a10276cea..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/command-line-utility/results.md +++ /dev/null @@ -1,10 +0,0 @@ -# CLU: Results - -The Results page is where the properties to be returned as columns in the results table are -selected. It is a wizard page for all profile types. - -![Command Line Utility Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Select one or more properties to be returned as columns in the results table. Click **Select All** -to select all of the properties, or click **Clear All** to clear all the currently selected -properties. The available properties vary based on the selections on previous wizard pages. diff --git a/docs/accessanalyzer/12.0/data-collection/command-line-utility/script-editor.md b/docs/accessanalyzer/12.0/data-collection/command-line-utility/script-editor.md deleted file mode 100644 index b5bbc15540..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/command-line-utility/script-editor.md +++ /dev/null @@ -1,11 +0,0 @@ -# CLU: Script Editor - -The Script Editor page provides options to create or edit a Visual Basic script that is used to -parse the output file created by the data collector after execution. The Script Editor page is -enabled when **Edit Profile** or **Create a New Profile** is selected on the Profile Type page. The -page is disabled when the **Select Profile** option is selected on the Profile Type page. - -![Command Line Utility Data Collector Wizard Script Editor page](/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/scripteditor.webp) - -**CAUTION:** Do not modify this page without guidance from Netwrix or the data may not be processed -by Access Analyzer. diff --git a/docs/accessanalyzer/12.0/data-collection/command-line-utility/summary.md b/docs/accessanalyzer/12.0/data-collection/command-line-utility/summary.md deleted file mode 100644 index 72f86f3ff7..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/command-line-utility/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# CLU: Summary - -The Summary page provides a summary of the query that has been created or edited. It is a wizard -page for all profile types. - -![Command Line Utility Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Command Line Utility Data Collector Wizard to ensure that no -accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/disk-info/overview.md b/docs/accessanalyzer/12.0/data-collection/disk-info/overview.md deleted file mode 100644 index 574b87d450..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/disk-info/overview.md +++ /dev/null @@ -1,35 +0,0 @@ -# DiskInfo Data Collector - -The DiskInfo Data Collector provides enumeration of disks and their associated properties. When -targeting the local host for a DiskInfo query, it is necessary to select the **Systems Default** -option as the connection profile. This data collector is a core component of Access Analyzer and is -available with all Access Analyzer licenses. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the local Administrators group - -## DiskInfo Query Configuration - -The DiskInfo Data Collector is configured through the Disk Info wizard, which contains the following -wizard pages: - -- Welcome -- [DiskInfo: Target Disks](/docs/accessanalyzer/12.0/data-collection/disk-info/target-disks.md) -- [DiskInfo: Results](/docs/accessanalyzer/12.0/data-collection/disk-info/results.md) -- [DiskInfo: Summary](/docs/accessanalyzer/12.0/data-collection/disk-info/summary.md) - -![Disk Info wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/disk-info/results.md b/docs/accessanalyzer/12.0/data-collection/disk-info/results.md deleted file mode 100644 index 41b915b7d0..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/disk-info/results.md +++ /dev/null @@ -1,26 +0,0 @@ -# DiskInfo: Results - -The Results page provides a checklist of the data that is available for return by the query. Any -number of options can be selected at once, but at least one must be selected in order to complete -the wizard. - -![Disk Info wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually, or you can use the **Select all** and **Clear all** -buttons. The table below describes the available options. - -| Checklist Result | Description | -| ----------------------------- | ------------------------------------------------------------------------------------------------------------------- | -| DriveLetter | Drive Letter of the drive being scanned | -| GBDiskFreeSpace | Total amount of free space on the scanned drive in GB | -| GBDiskSize | Total size of scanned disk in GB | -| MBDiskFreeSpace | Total amount of free space on the scanned drive in MB | -| MBDiskSize | Total size of scanned disk in MB | -| PercentFree | Percentage of the scanned drive that is free | -| VolumeLabel | Name of drive (if it exists) | -| FileSystemType | Type of FileSystem configuration. This can include NTFS, FAT(12, 16, 32) and others | -| DiskType | Kind of disk that is being used. These can include fixed, removable, shared, and so on. | -| ClusterSizer | If scanning a disk that is part of a cluster, this indicates the total size of the cluster that the disk is part of | -| FilePercentFragmentation | Percent of used disk space that shows fragmentation | -| FreeSpacePercentFragmentation | Percentage of free space on the disk that shows fragmentation | -| TotalPercentFragmentation | Percentage of total disk space that shows fragmentation | diff --git a/docs/accessanalyzer/12.0/data-collection/disk-info/summary.md b/docs/accessanalyzer/12.0/data-collection/disk-info/summary.md deleted file mode 100644 index e856a37396..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/disk-info/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# DiskInfo: Summary - -The Summary page displays a summary of the configured query. - -![Disk Info wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Disk Info Data Collector Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/disk-info/target-disks.md b/docs/accessanalyzer/12.0/data-collection/disk-info/target-disks.md deleted file mode 100644 index d1efb992f9..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/disk-info/target-disks.md +++ /dev/null @@ -1,48 +0,0 @@ -# DiskInfo: Target Disks - -The Target Disks page provides a selection of storage devices from which to return data from the -target host after a query. - -![Disk Info wizard Target Disks page](/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/targetdisks.webp) - -Use the options to select the desired target disk. - -- The Enumerate all storage devices – Allows all internal drives to be scanned. In order to expand - the scan, two sub-options can be included together, separately, or not at all. - - - Include removable storage devices – Scans removable devices that are plugged into the target - host - - Include network storage devices – Scans mapped drives that exist through a connected network - -- Single drive letter – Allows information to be collected from a single drive (`A:` through `Z:`) - during a single query. This option includes both operating system drives and removable disks. -- Enumerate all mount points (available for Windows 2003+ systems) – Targets any drive letter on the - target host that points to a mapped share drive -- Registry lookup – Provides the path of connection to gather information from the Access Analyzer - Registry Browser. By default, the local host will be targeted unless modified. The Registry value - are instructions for the data found within the subfolders of the registry. - - - The browse button **(…)** under the Registry lookup option opens the Access Analyzer Registry - Browser window. Use the registry browser to find registry keys and values that are on a target - host in the environment. See the [DiskInfo: Registry Browser](#diskinfo-registry-browser) - topic for additional information. - -## DiskInfo: Registry Browser - -Clicking the browse button on the Target Disks wizard page opens the Access Analyzer Registry -Browser. Use this page to find registry keys and values that exist on a target host in the -environment. - -![Registry Browser](/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/registrybrowser.webp) - -The configurable options on the Registry Browser are: - -- Sample from Host – Host for which the Registry will be browsed. If this box is left blank, the - Registry on the local host is used. -- 64-bit view – Default view is 32-bit. Select the 64-bit checkbox to switch to a 64-bit view. -- Connect – Click **Connect** to browse the Registry -- Table Columns – Select the Registry from the navigation pane to view keys in the table - - - Name – Registry key value - - Type – Key value type - - Data – Key value path diff --git a/docs/accessanalyzer/12.0/data-collection/dns/category.md b/docs/accessanalyzer/12.0/data-collection/dns/category.md deleted file mode 100644 index 3d72660b80..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dns/category.md +++ /dev/null @@ -1,45 +0,0 @@ -# DNS: Category - -The DNS Data Collector Category page contains the following query categories, sub-divided by -auditing focus: - -![Domain Name System Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -- DNS Configuration – Collect data from the DNS configuration - - - Cache – DNS Cache information - - Server – DNS Server Configuration information - - RootHints – Root Hints stored in the cache file - - Statistics – Statistics collected - - Zone – DNS Zone information - -- DNS Record Types – Collect data on the individual DNS records - - - AFSDB – Andrew File System database server (AFSDB) resource records - - ATMA – ATM address to name (ATMA) records - - CNAME – Canonical Name (CNAME) records - - A – Host address (A) resource records - - HINFO – Host Information (HINFO) records - - AAAA – IPv6 address (AAAA) resource records - - ISDN – ISDN resource records - - KEY – KEY resource records - - MD – Mail Agent for domain (MD) records - - MB – Mailbox (MB) records - - MX – Mail Exchanger (MX) records - - MF – Mail Forwarding Agent (MF) records - - MG – Mail Group (MG) resource records - - MINFO – Mail Information (MINFO) records - - MR – Mailbox Rename (MR) records - - NXT – Next (NXT) resource records - - NS – Name Server (NS) records - - PTR – Pointer (PTR) records - - RP – Responsible person (RP) records - - RT – Route through (RT) records - - SOA – Start of authority (SOA) records - - SRV – Service (SRV) records - - SIG – Signature (SIG) resource records - - TXT – Text (TXT) records - - WKS – Well-known service (WKS) records - - WINS – Windows Internet Name Service (WINS) records - - WINSR – Windows Internet Name Service (WINS) reverse lookup records - - X25 – X.25 records diff --git a/docs/accessanalyzer/12.0/data-collection/dns/overview.md b/docs/accessanalyzer/12.0/data-collection/dns/overview.md deleted file mode 100644 index a6461f6b49..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dns/overview.md +++ /dev/null @@ -1,33 +0,0 @@ -# DNS Data Collector - -The DNS Data Collector provides information regarding DNS configuration and records. It is available -with the Active Directory Solution. Both this data collector and the solution are available with a -special Access Analyzer license. - -Protocols - -- RPC - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Domain Administrators group - -## DNS Query Configuration - -The DNS Data Collector is configured through the Domain Name System Data Collector Wizard, which -contains the following wizard pages: - -- Welcome -- [DNS: Category](/docs/accessanalyzer/12.0/data-collection/dns/category.md) -- [DNS: Results](/docs/accessanalyzer/12.0/data-collection/dns/results.md) -- [DNS: Summary](/docs/accessanalyzer/12.0/data-collection/dns/summary.md) - -![Domain Name System Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the Do not display this page the next time checkbox when -the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/dns/results.md b/docs/accessanalyzer/12.0/data-collection/dns/results.md deleted file mode 100644 index 4285f9c649..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dns/results.md +++ /dev/null @@ -1,10 +0,0 @@ -# DNS: Results - -The Results page is where DNS properties to be gathered are selected. It is a wizard page for all -categories. - -![Domain Name System Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Available properties can be selected individually, or the **Select All**, **Clear All**, and **Reset -to defaults** buttons can be used. All selected properties are gathered. Available properties vary -based on the category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/dns/summary.md b/docs/accessanalyzer/12.0/data-collection/dns/summary.md deleted file mode 100644 index 515811e1ae..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dns/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# DNS: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all categories. - -![Domain Name System Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Domain Name System Data Collector Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/dropbox-access/category.md b/docs/accessanalyzer/12.0/data-collection/dropbox-access/category.md deleted file mode 100644 index ac4a650681..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dropbox-access/category.md +++ /dev/null @@ -1,20 +0,0 @@ -# DropboxAccess: Category - -Use the Category Selection Page to identify the type of information to retrieve. The DropboxAccess -Data Collector contains the following query categories, sub-divided by auditing focus: - -![Dropbox Access Auditor Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -- The Dropbox Access Audits scans for Dropbox access information: - - - Scan Dropbox Access – Performs a Dropbox access audit to collection permissions information - - Bulk Import Access Scan Results – Imports Dropbox access scan results into the Access Analyzer - database and creates SQL views - -- The Sensitive Content scans for sensitive data information: - - - Scan for Sensitive Content – Scans for sensitive data content on Dropbox - - Bulk Import Sensitive Content Scan Results – Imports sensitive content scan results into the - Access Analyzer database and creates SQL views - -The selection made on the Category Selection Page determines the wizard pages available. diff --git a/docs/accessanalyzer/12.0/data-collection/dropbox-access/completion.md b/docs/accessanalyzer/12.0/data-collection/dropbox-access/completion.md deleted file mode 100644 index 90795d1526..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dropbox-access/completion.md +++ /dev/null @@ -1,15 +0,0 @@ -# DropboxAccess: Summary (Completion) - -The Completion page, is where configuration settings are summarized. This page is a wizard page for -all categories. - -![Dropbox Access Auditor Data Collector Wizard Completion page](/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/completion.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Dropbox Access Auditor Data Collector Wizard ensuring that no -accidental clicks are saved. - -_Remember,_ if an Access Token was generated, use it as the credential within the Connection -Profile. Then assign it to the job group or job which will be scanning the targeted Dropbox -environment. See the [Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/dropbox-access/configure-job.md) topic for -additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/dropbox-access/configure-job.md b/docs/accessanalyzer/12.0/data-collection/dropbox-access/configure-job.md deleted file mode 100644 index 651578e2cf..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dropbox-access/configure-job.md +++ /dev/null @@ -1,27 +0,0 @@ -# Custom Dropbox Connection Profile & Host List - -The DropboxAccess Data Collector requires a custom Connection Profile to be created and assigned to -the job or job group conducting the data collection. - -## Connection Profile - -Creating the Connection Profile requires an access token. The access token is generated on the Scan -Options page of the Dropbox Access Auditor Data Collector Wizard. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Dropbox -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) - topic for additional information.) -- Access Token – Copy and paste the Access Token after it has been generated from the Scan Options - page of the Dropbox Access Auditor Data Collector Wizard. See the - [DropboxAccess: Scan Options](/docs/accessanalyzer/12.0/data-collection/dropbox-access/scan-options.md) topic for additional information. - -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. - -## Host List - -The host list should be set to: - -- Local host diff --git a/docs/accessanalyzer/12.0/data-collection/dropbox-access/dlp-audit-settings.md b/docs/accessanalyzer/12.0/data-collection/dropbox-access/dlp-audit-settings.md deleted file mode 100644 index 732efd6959..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dropbox-access/dlp-audit-settings.md +++ /dev/null @@ -1,35 +0,0 @@ -# DropboxAccess: DLP Audit Settings - -Use the DLP Audit Settings page to configure sensitive data discovery settings. This page is a -wizard page for the Scan for Sensitive Content category. - -![Dropbox Access Auditor Data Collector Wizard DLP Audit Settings page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/dlpauditsettings.webp) - -Configure the DLP audit settings: - -- Scan Performance: - - - Don’t process files larger than – Limits the files to be scanned for sensitive content to - files smaller than the specified size - -- File types to scan: - - - Scan typical documents (recommended, fastest) – Scans most common file types - - Scan all document types (slower) – Scans all file types except those excluded - -- Store Match Hits –  Choose whether to store copies of potentially sensitive data discovered during - the scan: - - - Store discovered sensitive data – Stores a copy of any potentially sensitive data that matches - the selected criteria in the Access Analyzer database. This copy can be used to check for - false positives, data that matches the selected criteria but is not actually sensitive. - - Limit stored matches per criteria to [number] – Identifies the number of potentially sensitive - data matches that are copied to the database. The default is 5 matches. This option is - available only if the **Store discovered sensitive data** option is selected. - -- Perform differential scan of – Enables users to choose whether to employ incremental scanning: - - - Files modified since last scan – Scans only files modified since the last scan - - Files modified since [date] – Only scans files modified after the specified date - - Files modified since the last [number] days – Scans files modified within the specified number - of days diff --git a/docs/accessanalyzer/12.0/data-collection/dropbox-access/overview.md b/docs/accessanalyzer/12.0/data-collection/dropbox-access/overview.md deleted file mode 100644 index 083dbb0449..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dropbox-access/overview.md +++ /dev/null @@ -1,47 +0,0 @@ -# DropboxAccess Data Collector - -The DropboxAccess Data Collector audits access, group membership, and content within a Dropbox -environment. Dropbox can scan the contents of over 400 file types to discover which files contain -sensitive data using Sensitive Data Discovery. The DropboxAccess Data Collector has been -preconfigured within the Dropbox Solution. Both this data collector and the solution are available -with a special Access Analyzer license. See the -[Dropbox Solution](/docs/accessanalyzer/12.0/solutions/dropbox/overview.md) topic for additional information. - -Protocols - -- HTTP -- HTTPS - -Ports - -- TCP 80 -- TCP443 - -Permissions - -- Dropbox Team Administrator - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## Query Configuration - -The DropboxAccess Data Collector is configured through the Dropbox Access Auditor Data Collector -Wizard. The wizard contains the following pages, which change based upon the query category -selected: - -- Welcome -- [DropboxAccess: Category](/docs/accessanalyzer/12.0/data-collection/dropbox-access/category.md) -- [DropboxAccess: Scan Options](/docs/accessanalyzer/12.0/data-collection/dropbox-access/scan-options.md) -- [DropboxAccess: Scoping](/docs/accessanalyzer/12.0/data-collection/dropbox-access/scoping.md) -- [DropboxAccess: DLP Audit Settings](/docs/accessanalyzer/12.0/data-collection/dropbox-access/dlp-audit-settings.md) -- [DropboxAccess: Select DLP Criteria](/docs/accessanalyzer/12.0/data-collection/dropbox-access/select-dlp-criteria.md) -- [DropboxAccess: Summary (Completion)](/docs/accessanalyzer/12.0/data-collection/dropbox-access/completion.md) - -![Dropbox Access Auditor Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/dropbox-access/scan-options.md b/docs/accessanalyzer/12.0/data-collection/dropbox-access/scan-options.md deleted file mode 100644 index 90ff8abfba..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dropbox-access/scan-options.md +++ /dev/null @@ -1,36 +0,0 @@ -# DropboxAccess: Scan Options - -Use the Scan Options page to authorize Access Analyzer to generate an Access Token allowing the -DropboxAccess Data Collector to access and scan an organization’s Dropbox environment. The Access -Token is used as the credential in the Connection Profile. - -**NOTE:** The Access Token needs to be generated only once, prior to the first execution of any job -in which the DropboxAccess Data Collector is used in a query. - -The Scan Options page is a wizard page for the following categories: - -- Scan Dropbox Access -- Scan for Sensitive Content - -Follow the steps to create the Access Token: - -![Dropbox Access Auditor Data Collector Wizard Scan Options page](/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scanoptions.webp) - -**Step 1 –** Click the **Authorize** button to access the Dropbox Authentication page. - -![Dropbox Log in page](/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp) - -**Step 2 –** On the Dropbox Authentication page, log in as the Team Administrator. - -![Copy Access Token](/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp) - -**Step 3 –** Once the Access Token has been generated, click **Copy to Clipboard**. Click **Next** -to finish choosing the configuration options or click **Cancel** to close the Dropbox Access Auditor -Data Collector Wizard. - -Create a Connection Profile using this access token as the credential. See the -[Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/dropbox-access/configure-job.md) topic for additional information on -configuring the Dropbox credential. - -_Remember,_ assign this Connection Profile to the job group or job where the host assignment for the -Dropbox environment to be targeted has been assigned. diff --git a/docs/accessanalyzer/12.0/data-collection/dropbox-access/scoping.md b/docs/accessanalyzer/12.0/data-collection/dropbox-access/scoping.md deleted file mode 100644 index 17a89bb242..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dropbox-access/scoping.md +++ /dev/null @@ -1,22 +0,0 @@ -# DropboxAccess: Scoping - -The Scoping page configures the data collector to scan either the entire Dropbox environment or -limit the scan to specific users. The page is a wizard page for the following categories: - -- Scan Dropbox Access -- Scan for Sensitive Content - -![Dropbox Access Auditor Data Collector Wizard Scoping Settings page](/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scoping.webp) - -Use the scoping options to select the depth of the scan: - -- User Scoping: - - - All Users – Scans all users in the Dropbox environment - - Limited Users – Click **Browse** and navigate to the path of the CSV file that contains the - email addresses of users to include in the scan. The CSV file should have one email address - per row. - -- File Permissions: - - - Collect File Level Permissions – Select the checkbox to collect permissions at the file level diff --git a/docs/accessanalyzer/12.0/data-collection/dropbox-access/select-dlp-criteria.md b/docs/accessanalyzer/12.0/data-collection/dropbox-access/select-dlp-criteria.md deleted file mode 100644 index f2f3688328..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/dropbox-access/select-dlp-criteria.md +++ /dev/null @@ -1,19 +0,0 @@ -# DropboxAccess: Select DLP Criteria - -Use the Select DLP criteria for this scan page to configure criteria to use for discovering -sensitive data. It is a wizard page for the Scan for Sensitive Content category. - -![Dropbox Access Auditor Data Collector Wizard Select DLP criteria page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/selectdlpcriteria.webp) - -Select the checkbox next to each criteria to be included in the search for sensitive data. You can -also use the **Select All** and **Clear All** buttons. - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - -Use the **Edit** button to access the Criteria Editor where user-defined criteria can be created or -customized. See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) topic -for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/entra/options.md b/docs/accessanalyzer/12.0/data-collection/entra/options.md deleted file mode 100644 index c0eaab48f7..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/entra/options.md +++ /dev/null @@ -1,16 +0,0 @@ -# Entra: Scan options - -The Scan options page provides options to use when gathering Microsoft Entra Roles information. - -![Scan options page of the Entra Data Collector Wizard](/img/product_docs/accessanalyzer/install/application/options.webp) - -The scan options are: - -- Region – Select the API region for your Microsoft Entra tenant. The default is Public. The - following options are available: - - - Public - - USGovL4 - - USGovL5 - - DEGov - - CNGov diff --git a/docs/accessanalyzer/12.0/data-collection/entra/overview.md b/docs/accessanalyzer/12.0/data-collection/entra/overview.md deleted file mode 100644 index 39c62d59f7..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/entra/overview.md +++ /dev/null @@ -1,45 +0,0 @@ -# Entra Data Collector - -The Entra data collector collects Microsoft Entra roles information from the target Microsoft Entra -tenant. This data collector is preconfigured in the .Entra ID Inventory solution. - -Both this data collector and the .Entra Inventory solution are available with all Access Analyzer -license options. See the -[.Entra ID Inventory Solution](/docs/accessanalyzer/12.0/solutions/entraidinventory/overview.md) topic for additional -information. - -Protocols - -- HTTP -- HTTPS -- REST - -Ports - -- TCP 80 and 443 - -Permissions - -- Microsoft Graph API Application permissions: - - - RoleManagement.Read.Directory - -- Resource Manager permissions: - - - Microsoft.Authorization/roleAssignments/read - - Microsoft.Authorization/roleDefinitions/read - - Microsoft.Resources/resources/read - - Microsoft.Resources/subscriptions/read - - Microsoft.Resources/subscriptions/resources/read - - Microsoft.Resources/subscriptions/resourceGroups/read - - Microsoft.Authorization/providerOperations/read - - Microsoft.Management/managementGroups/read - -## Query Configuration - -The Entra data collector is configured through the Entra Data Collector Wizard, which contains the -following wizard pages: - -- [Entra: Scan options](/docs/accessanalyzer/12.0/data-collection/entra/options.md) -- [Entra: Results](/docs/accessanalyzer/12.0/data-collection/entra/results.md) -- [Entra: Summary](/docs/accessanalyzer/12.0/data-collection/entra/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/entra/results.md b/docs/accessanalyzer/12.0/data-collection/entra/results.md deleted file mode 100644 index 517574ed74..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/entra/results.md +++ /dev/null @@ -1,8 +0,0 @@ -# Entra: Results - -The Results page is where the properties from Microsoft Entra ID to be gathered are selected. - -![Results page of the Entra Data Collector Wizard](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Select All** and **Clear All** buttons can be used. -All selected properties are collected. diff --git a/docs/accessanalyzer/12.0/data-collection/entra/summary.md b/docs/accessanalyzer/12.0/data-collection/entra/summary.md deleted file mode 100644 index b5a4643fea..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/entra/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# Entra: Summary - -The Summary page is where configuration settings are summarized. - -![Summary page of the Entra Data Collector Wizard](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Entra Data Collector Wizard to ensure that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/12.0/data-collection/event-log/index.md b/docs/accessanalyzer/12.0/data-collection/event-log/index.md deleted file mode 100644 index bb80d9baa6..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/event-log/index.md +++ /dev/null @@ -1,97 +0,0 @@ -# EventLog Data Collector - -The EventLog Data Collector provides search and extraction of details from event logs on target -systems. This data collector is a core component of Access Analyzer and is available with all Access -Analyzer licenses. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group -- Member of the Domain Administrators group (if targeting domain controllers) - -## EventLog Query Configuration - -The EventLog Data Collector is configured through the Event Log Browser window. - -![Event Log Browser window](/img/product_docs/accessanalyzer/admin/datacollector/eventlogbrowser.webp) - -Sample - -In the Sample section, select from the following options: - -- From log - - - Host – Enter a sample host that contains a log with the type of events desired for the query. - Click **Connect** to generate a list of logs available for extraction. - - Log name – Select a log from the drop-down list. Events from the selected log are populated in - the table. - -- From file - - - Click the folder icon next to the File name box to open the Log sample browser window and - select a log, or manually enter the log path in the box - -- Show – Click to preview the elements in the event log file for log paths manually entered in the - File path box - - **NOTE:** A preview displays automatically if the folder icons is used to navigate to the log. - -- Lookup user name – Select this checkbox to resolve SID or GUID values to friendly display values - -Search Criteria - -In the Search Criteria section, add a search filter to the table by configuring the following -criteria: - -- Event Source – Select the event source from the drop-down list. Typically, select **Any Source**. -- Even Type – Select the event type from the drop-down list. Typically, select **Any Type**. -- Event ID – Enter the event ID for the type of event to search - -Once the information above has been entered, click **Add** to add the configured event to the query. -Add as many events as desired. - -- Latest event only – Select this checkbox to only search the latest event - -Click the **Add** button to add the search filters to the table. Click the **Remove** button to -remove search criteria from the filters. - -- Event Date/Time – Enter the last number of hours the event time must be in. A value of `0` can be - used to specify any time. -- Retrieve oldest event – Select this checkbox to retrieve the oldest event -- Retrieve latest event – Select this checkbox to retrieve the latest event - -Click **Apply Filter** to filter the list of sample events to the search criteria. - -Options - -In the Options section, select the desired processing options: - -- Process offline logs only – Select this checkbox to process only offline logs -- Process offline logs if required – Select this checkbox to process offline logs if needed -- Specify explicit path\mask for archives – Enabled if the **Process offline logs only** or - **Process offline logs if required** checkboxes are selected. Specify the path and name of the - archive. - -Available Properties - -In the Available Properties section, select which properties will be collected by the browser. - -- Add Icon – Add properties from those available in the list to add the properties to the search - - - The Description properties provide the ability to extract the bracketed pieces of information - found within the description and display each bracketed piece of information in its own column - -- Remove Icon – Use to remove properties from the search - -Once all options have been configured, click **OK** to save changes and exit the browser. Click -**Cancel** to exit without saving. diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/category.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/category.md deleted file mode 100644 index c7692c53fc..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/category.md +++ /dev/null @@ -1,25 +0,0 @@ -# EWSMailbox: Category - -The Category page identifies which type of EWSMailbox information is retrieved during the scan. - -![EWS Mailbox Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -Identify the EWS mailbox information type using the following options: - -- Mailbox contents - - - MailboxContent – Scan contents of mailboxes - -- Mailbox permissions - - - MailboxPermissions – Scan permissions of mailboxes - -- Sensitive Data - - - SDDScan – Scan mailboxes for sensitive data - -- Mailbox search - - - MailboxSearchMailboxes – Search for mailboxes containing messages - - MailboxSearchFolders – Search for folders containing messages - - MailboxSearchMessages – Search for messages diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/criteria.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/criteria.md deleted file mode 100644 index d9fe757c7d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/criteria.md +++ /dev/null @@ -1,28 +0,0 @@ -# EWSMailbox: Criteria - -The Select DLP criteria for this scan page is where to select the criteria to use for the sensitive -data scan are selected. It is a wizard page for the Sensitive Data category. - -![EWS Mailbox Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The options on the Criteria page are: - -- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings - from the **Settings** > **Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for -- Select All - Click **Select All** to enable all sensitive data criteria for scanning -- Clear All - Click **Clear All** to remove all selections from the table -- Select the checkboxes next to the sensitive data criteria options to enable it to be scanned for - during job execution - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit - user-defined criteria. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) - topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/body-options.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/body-options.md deleted file mode 100644 index fd6ec04522..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/body-options.md +++ /dev/null @@ -1,11 +0,0 @@ -# EWSMailbox FW: BodyOptions - -Use the BodyOptions page to select the size unit of messages. - -![Filter Wizard BodyOptions page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp) - -Select the desired message size unit: - -- KB -- MB -- GB diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/folder-conditions.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/folder-conditions.md deleted file mode 100644 index 32a0fbb093..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/folder-conditions.md +++ /dev/null @@ -1,54 +0,0 @@ -# EWSMailbox FW: Folder Conditions - -Use the Folder Conditions page to apply folder-related filter criteria to the search. - -![Filter Wizard Folder Conditions page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) - -Customize folder search conditions using the following options: - -- Select conditions – To add it to the search, select any of the following conditions: - - - with specific folder type - - with search terms in the folder name - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click **specific** in the Edit conditions box to open the Folder Type Window. See the - [Folder Type Window](#folder-type-window) topic for additional information. - - Click **search terms** to open the Search Terms Window. See the - [Search Terms Window](#search-terms-window) topic for additional information. - -## Folder Type Window - -Use the Folder Type window to determine folder types to search for. The Folder Type window opens if -**specific** is selected in the Edit Conditions box on the Folder Conditions page. - -![Folder Type window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) - -Select the checkbox next to any folder type to include it in the search filter. - -## Search Terms Window - -Use the Search Terms window to determine terms for the search. The Search Terms window opens if -**search terms** is selected in the Edit Conditions box. - -![Search Terms window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Determine terms for the search using the following options: - -- Type the desired term into the upper text box and click **Add** to add the term to the lower text - box, which adds the term to the search -- Select a term in the lower text box, and click **Remove** to remove the term from the search -- Click **Clear** to clear all terms from the lower box -- Select the desired qualifier option: - - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing any one or - more of the search terms - -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/message-conditions.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/message-conditions.md deleted file mode 100644 index db4f002a69..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/message-conditions.md +++ /dev/null @@ -1,116 +0,0 @@ -# EWSMailbox FW: Message Conditions - -Use the Message Conditions page to apply filters to the message category part of the search. - -![Filter Wizard Message Conditions page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) - -Customize message search filter conditions using the following options: - -- Message category – Select a message category using the dropdown menu from the following: - - - Common - - Email - - Appointment - - Schedule - - Contact - - Task - - Journal - - Note - - Post - - RSS Feed - - Unified Messaging - -- Select conditions – To add it to the search, select any of the following conditions: - - **NOTE:** The conditions that are available in the Select Conditions box depends on the selected - **Message category**. - - - with specific message classes - - that is created in specific date - - with search terms in the subject - - with search terms in the body - - with search terms in the subject or body - - with search terms in the message header - - with search terms in the recipient’s address - - with search terms in the sender’s address - - that has an attachment - - that is received in specific date - - with specific Message ID - - that occurs in specific date - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click **specific** to open the MessageClasses Window. See the - [MessageClasses Window (Message Conditions)](#messageclasses-window-message-conditions) topic - for additional information. - - Click **in specific date** to open the Date Range Selection Window. See the - [Date Range Selection Window](#date-range-selection-window) topic for additional information. - - Click **search terms** to open the Search Terms Window. See the - [Search Terms Window (Message Conditions)](#search-terms-window-message-conditions) topic for - additional information. - - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice - versa - -## MessageClasses Window (Message Conditions) - -Use the MessageClasses window to alter criteria related to message class. The Message Classes window -opens if **specific** is clicked in the Edit Conditions box on the Message Conditions page. - -![MessagesClasses window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp) - -Determine MessageClass-related criteria using the following options: - -- To add a class, click **Add** -- Enter the desired Message Class in the corresponding textbox -- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy - and select the preferred option: - - - Exact Match - - Starts With - - Contains - -- To remove a message class, select it and click **Remove** -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -## Date Range Selection Window - -Use the Date Range Selection window to select a time period or range for the search. The Date Range -Selection window opens if **in specific date** is clicked in the Edit Conditions box on the Message -Conditions page. - -![Date Range Selection window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp) - -Determine the time period or range of the search using the following options: - -- Over [Number] [Time Period] ago -- Last [Number] [Time Period] -- Before [Date] -- After [Date] -- Between [Date] and [Date] - -## Search Terms Window (Message Conditions) - -Use the Search Terms window to determine terms for the search. The Search Terms window opens if -**search terms** is selected in the Edit Conditions box. - -![Search Terms window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Determine terms for the search using the following options: - -- Type the desired term into the upper text box and click **Add** to add the term to the lower text - box, which adds the term to the search -- Select a term in the lower text box, and click **Remove** to remove the term from the search -- Click **Clear** to clear all terms from the lower box -- Select the desired qualifier option: - - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing any one or - more of the search terms - -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/save-filter.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/save-filter.md deleted file mode 100644 index cd20d02aad..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/save-filter.md +++ /dev/null @@ -1,10 +0,0 @@ -# EWSMailbox FW: Save Filter - -Use the Save Filter Page to name and describe the custom filter created in the wizard. - -![Filter Wizard Save Filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp) - -Label the custom filter using the following options: - -- Enter a name for the filter in the Filter Name textbox -- Enter any desired description for the filter in the Description textbox diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/search-filter.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/search-filter.md deleted file mode 100644 index 9d2bc8c519..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/search-filter.md +++ /dev/null @@ -1,65 +0,0 @@ -# EWSMailbox FW: Search Filter - -Use the Search Filter page to choose a filter template for the search. - -![Filter Wizard Search Filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp) - -Customize folder search conditions using the following options: - -- Select template – Select any of the following template options: - - - Blank - - All non-archived items over 90 days ago - - All calendar items that contains attachment that occurred over 90 days ago - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click either **IPM.Note** or **IPM.Appointment**, to open the MessageClasses Window with - IPM.Note or IPM.Appointment class populated, respectively. See the - [MessageClasses Window ](#messageclasses-window) topic for additional information. - - Click **over 90 Day ago** to open the Date Range Selection Window. See the - [Date Range Selection Window](#date-range-selection-window) topic for additional information. - - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice - versa - -## MessageClasses Window - -Use the MessageClasses window to alter criteria related to message class. The Message Classes window -opens if **Ipm.Note** or **Ipm.Appointment** is clicked in the Edit Conditions box on the Search -Filter page. - -![MessagesClasses window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp) - -Determine MessageClass-related criteria using the following options: - -- To add a class, click **Add** -- Enter the desired Message Class in the corresponding textbox -- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy - and select the preferred option: - - - Exact Match - - Starts With - - Contains - -- To remove a message class, select it and click **Remove** -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -## Date Range Selection Window - -Use the Date Range Selection window to select a time period or range for the search. The Date Range -Selection window opens if **over 90 Day ago** is clicked in the Edit Conditions box on the Search -Filter page. - -![Date Range Selection window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp) - -Determine the time period or range of the search using the following options: - -- Over [Number] [Time Period] ago -- Last [Number] [Time Period] -- Before [Date] -- After [Date] -- Between [Date] and [Date] diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter.md deleted file mode 100644 index 8b75ea50bd..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter.md +++ /dev/null @@ -1,25 +0,0 @@ -# EWSMailbox: Filter - -The Filter settings page provides options to filter folders and attachments. It is a wizard page for -the categories of: - -- Mailbox Contents -- Mailbox permissions -- Sensitive data - -![EWS Mailbox Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -All folders and attachments are scanned by default. Scope the scan for specific folders and -attachments: - -- Include Folders – Type the folder paths to filter the scan to specific mailbox folders -- Include Attachments – Type the attachment file names to filter to specific attachments -- Exclude Folders – Type the folder paths to exclude mailbox folders from the scan -- Exclude Attachments – Type the file names for the attachments to exclude attachments from the scan - -Use `*` and `?` for matching wildcard and single characters. - -- Limit message size to [numerical value] – Select to limit message size and define the threshold - for maximum size of a message. The default value is 20000 KB. -- Limit attachments size to [numerical value] – Select to limit attachment size and define a - threshold for maximum size of an attachment returned in the scan. The default value is 20000 KB. diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/options.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/options.md deleted file mode 100644 index 5b2f724d43..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/options.md +++ /dev/null @@ -1,27 +0,0 @@ -# EWSMailbox: Options - -The Scan options page provides general scan options. It is a wizard page for all categories. - -![EWS Mailbox Data Collector Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -Select the checkboxes to apply any desired scan options: - -- Ignore certificate errors – Ignores certificate errors when connecting to Exchange Web Services -- Match job host against autodiscovered host – Matches the name of the job host against the host - name returned from autodiscover - - **_RECOMMENDED:_** Use this option when scanning multiple Exchange environments with a single - job and the Connection Profile has multiple credentials in it. - -- Scan options - - - Scan archives – Scans for archived mailbox data - - Scan recoverable items – Scans for recoverable items - -- Authentication – Select an Authentication type from the drop down: - - - Negotiate - - Basic - - NTLM - - Kerberos - - Digest diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/overview.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/overview.md deleted file mode 100644 index b917e24d46..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/overview.md +++ /dev/null @@ -1,48 +0,0 @@ -# EWSMailbox Data Collector - -The EWSMailbox Data Collector provides configuration options to scan mailbox contents, permissions, -and sensitive data, and is preconfigured within the Exchange Solution. Both this data collector and -the solution are available with a special Access Analyzer license. See the -[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. - -Protocols - -- HTTPS -- ADSI -- LDAP - -Ports - -- TCP 389 -- TCP 443 - -Permissions - -- Exchange Admin Role -- Discovery Management Role -- Application Impersonation Role -- Exchange Online License - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## EWSMailbox Query Configuration - -The EWSMailbox Data Collector is configured through the Exchange Mailbox Data Collector Wizard, -which contains the following wizard pages: - -**NOTE:** The Category selected may alter the subsequent steps displayed by the wizard. - -- [EWSMailbox: Category](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/category.md) -- [EWSMailbox: Options](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/options.md) -- [EWSMailbox: Scope](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope.md) -- [EWSMailbox: Scope Select](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope-select.md) -- [EWSMailbox: SDD Options](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/sdd-options.md) -- [EWSMailbox: Criteria](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/criteria.md) -- [EWSMailbox: Filter](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter.md) -- [EWSMailbox: Search Filter](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/search-filter.md) -- [EWSMailbox: Results](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/results.md) -- [EWSMailbox: Summary](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/results.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/results.md deleted file mode 100644 index f31adaecc2..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/results.md +++ /dev/null @@ -1,16 +0,0 @@ -# EWSMailbox: Results - -Use the Results page to select which properties are gathered out of those available for the -category. It is a wizard page for all of the categories. - -![EWS Mailbox Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Select criteria using the following options: - -- Select the checkbox of any property to include it in the summary. All selected properties will be - gathered. - - **NOTE:** Available properties vary based on the category selected. - -- Click **Select All** to select all properties -- Click **Clear All** to clear all selected properties diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope-select.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope-select.md deleted file mode 100644 index c805549e9e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope-select.md +++ /dev/null @@ -1,16 +0,0 @@ -# EWSMailbox: Scope Select - -The Scope select page is used to select specific mailboxes to scan. It is a wizard page for all -categories when the **Select mailboxes from list** option is selected on the -[EWSMailbox: Scope](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope.md) page. - -![EWS Mailbox Data Collector Wizard Scope select page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/scopeselect.webp) - -Use the following options to scope the scan to specific mailboxes: - -- Retrieve – Loads the list of mailboxes available for scanning in the Available box -- Add – Select mailboxes from the Available list and click to add them to the Selected box to be - scanned -- Select All – Selects all mailboxes in the list -- Deselect All – Deselects all selected mailboxes from the list -- Remove – Select mailboxes from the Selected box and click to remove them from the list diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope.md deleted file mode 100644 index 9865c40403..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope.md +++ /dev/null @@ -1,12 +0,0 @@ -# EWSMailbox: Scope - -The Mailbox scope settings page is used to select which mailboxes are searched by the scan. It is a -wizard page for all categories. - -![EWS Mailbox Data Collector Wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -Select an option to specify which mailboxes are searched: - -- All mailboxes – Search all mailboxes -- Select mailboxes from list – Search only specific selected mailboxes. This option enables the - [EWSMailbox: Scope Select](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope-select.md) page. diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/sdd-options.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/sdd-options.md deleted file mode 100644 index eb50577e65..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/sdd-options.md +++ /dev/null @@ -1,14 +0,0 @@ -# EWSMailbox: SDD Options - -The Sensitive data scan options page is where options to be used for discovering sensitive data are -configured. It is a wizard page for the Sensitive Data category. - -![EWS Mailbox Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp) - -Select the applicable Sensitive data scan options: - -- Store discovered sensitive data – Stores discovered sensitive data in the database -- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria - for discovered sensitive data - - **NOTE:** This option is only available if **Store discovered sensitive data** is selected. diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/search-filter.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/search-filter.md deleted file mode 100644 index bedc31b01e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/search-filter.md +++ /dev/null @@ -1,18 +0,0 @@ -# EWSMailbox: Search Filter - -The Search filter settings page applies a filter used to search mailboxes in the environment. It is -a wizard page for the Mailbox Search categories. - -![EWS Mailbox Data Collector Wizard Search filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp) - -Click **Add Filter** to open the Filter Wizard. - -## EWSMailbox Filter Wizard (FW) - -The Filter Wizard manages properties of the search filter. The Filter Wizard pages are: - -- [EWSMailbox FW: Search Filter](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/search-filter.md) -- [EWSMailbox FW: Folder Conditions](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/folder-conditions.md) -- [EWSMailbox FW: Message Conditions](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/message-conditions.md) -- [EWSMailbox FW: BodyOptions](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/body-options.md) -- [EWSMailbox FW: Save Filter](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/filter-wizard/save-filter.md) diff --git a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/summary.md b/docs/accessanalyzer/12.0/data-collection/ews-mailbox/summary.md deleted file mode 100644 index 6772572dcf..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-mailbox/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# EWSMailbox: Summary - -The Summary page displays a summary of the configured query. It wizard page for all categories. - -![EWS Mailbox Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the EWS Mailbox Data Collector Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/category.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/category.md deleted file mode 100644 index da92be8490..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/category.md +++ /dev/null @@ -1,24 +0,0 @@ -# EWSPublicFolder: Category - -The Category page contains the following Exchange Web Service categories to search: - -![EWS Public Folder Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -Select which type of EWS public folder information to retrieve from the following: - -- Public Folder contents - - - PublicFolderContent – Scan contents of public folders - -- Public Folder permissions - - - PublicFolderPermissions – Scan permissions of public folders - -- Sensitive Data - - - SDDScan – Scan public folders for sensitive data - -- Public folder search - - - PublicFolderSearchFolders – Search for folders containing messages - - PublicFolderSearchMessages – Search for messages diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/criteria.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/criteria.md deleted file mode 100644 index ddb2357471..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/criteria.md +++ /dev/null @@ -1,28 +0,0 @@ -# EWSPublicFolder: Critieria - -Use the Select DLP criteria for this scan page to select criteria for the sensitive data scan. It is -a wizard page for the Sensitive Data category. - -![EWS Public Folder Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The options on the Criteria page are: - -- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings - from the **Settings** > **Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for -- Select All - Click **Select All** to enable all sensitive data criteria for scanning -- Clear All - Click **Clear All** to remove all selections from the table -- Select the checkboxes next to the sensitive data criteria options to enable it to be scanned for - during job execution - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit - user-defined criteria. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) - topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/body-options.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/body-options.md deleted file mode 100644 index 2a40e4c919..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/body-options.md +++ /dev/null @@ -1,11 +0,0 @@ -# EWSPublicFolder FW: BodyOptions - -The BodyOptions page is where the size of messages is selected. - -![Filter Wizard BodyOptions page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp) - -Select the desired message size unit: - -- KB -- MB -- GB diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/folder-conditions.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/folder-conditions.md deleted file mode 100644 index 8d9cb6120e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/folder-conditions.md +++ /dev/null @@ -1,54 +0,0 @@ -# EWSPublicFolder FW: Folder Conditions - -The Folder Conditions page is where folder-related filter criteria can be applied to the search. - -![Filter Wizard Folder Conditions page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp) - -Customize folder search conditions using the following options: - -- Select conditions – To add it to the search, select any of the following conditions: - - - with specific folder type - - with search terms in the folder name - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click **specific** in the Edit conditions box to open the Folder Type Window. See the - [Folder Type Window](#folder-type-window)topic for additional information - - Click **search terms** to open the Search Terms Window. See the - [Search Terms Window](#search-terms-window) topic for additional information - -## Folder Type Window - -Use the Folder Type window to determine folder types to search for. The Folder Type window opens if -**specific** is selected in the Edit Conditions box on the Folder Conditions page. - -![Folder Type window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp) - -Select the checkbox next to any folder type to include it in the search filter. - -## Search Terms Window - -Use the Search Terms window to determine terms for the search. The Search Terms window opens if -**search terms** is selected in the Edit Conditions box. - -![Search Terms window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Determine terms for the search using the following options: - -- Type the desired term into the upper text box and click **Add** to add the term to the lower text - box, which adds the term to the search -- Select a term in the lower text box, and click **Remove** to remove the term from the search -- Click **Clear** to clear all terms from the lower box -- Select the desired qualifier option: - - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing any one or - more of the search terms - -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/message-conditions.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/message-conditions.md deleted file mode 100644 index 09662a7064..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/message-conditions.md +++ /dev/null @@ -1,114 +0,0 @@ -# EWSPublicFolder FW: Message Conditions - -Use the Message Conditions page to apply filters to the message category part of the search. - -![Filter Wizard Message Conditions page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp) - -Customize message search filter conditions using the following options: - -- Message category – Select a message category using the dropdown menu from the following: - - - Common - - Email - - Appointment - - Schedule - - Contact - - Task - - Journal - - Note - - Post - - RSS Feed - - Unified Messaging - -- Select conditions – To add it to the search, select any of the following conditions: - - **NOTE:** The conditions that are available in the Select Conditions box depends on the selected - **Message category**. - - - with specific message classes - - that is created in specific date - - with search terms in the subject - - with search terms in the body - - with search terms in the subject or body - - with search terms in the message header - - with search terms in the recipient’s address - - with search terms in the sender’s address - - that has an attachment - - that is received in specific date - - with specific Message ID - - that occurs in specific date - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click **specific** to open the MessageClasses Window. See the - [MessageClasses Window](#messageclasses-window) topic for additional information. - - Click **in specific date** to open the Date Range Selection Window. See the - [Date Range Selection Window](#date-range-selection-window) topic for additional information. - - Click **search terms** to open the Search Terms Window. See the - [Search Terms Window](#search-terms-window) topic for additional information. - - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice - versa - -## MessageClasses Window - -Use the MessageClasses window to alter criteria related to message class. The Message Classes window -opens if **specific** is clicked in the Edit Conditions box on the Message Conditions page. - -![MessagesClasses window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp) - -Determine MessageClass-related criteria using the following options: - -- To add a class, click **Add** -- Enter the desired Message Class in the corresponding textbox -- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy - and select the preferred option: - - - Exact Match - - Starts With - - Contains - -- To remove a message class, select it and click **Remove** -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -## Date Range Selection Window - -Use the Date Range Selection window to select a time period or range for the search. The Date Range -Selection window opens if **in specific date** is clicked in the Edit Conditions box on the Message -Conditions page. - -![Date Range Selection window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp) - -Determine the time period or range of the search using the following options: - -- Over [Number] [Time Period] ago -- Last [Number] [Time Period] -- Before [Date] -- After [Date] -- Between [Date] and [Date] - -## Search Terms Window - -Use the Search Terms window to determine terms for the search. The Search Terms window opens if -**search terms** is selected in the Edit Conditions box. - -![Search Terms window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp) - -Determine terms for the search using the following options: - -- Type the desired term into the upper text box and click **Add** to add the term to the lower text - box, which adds the term to the search -- Select a term in the lower text box, and click **Remove** to remove the term from the search -- Click **Clear** to clear all terms from the lower box -- Select the desired qualifier option: - - - Contains ALL of the following search terms (And) – Search only returns results containing all - of the search terms - - Contains ANY of the following search terms (Or) – Search returns results containing any one or - more of the search terms - -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/save-filter.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/save-filter.md deleted file mode 100644 index 26ccea9f53..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/save-filter.md +++ /dev/null @@ -1,10 +0,0 @@ -# EWSPublicFolder FW: Save Filter - -Use the Save Filter Page to name and describe the custom filter created in the wizard. - -![Filter Wizard Save Filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp) - -Label the custom filter using the following options: - -- Enter a name for the filter in the Filter Name textbox -- Enter any desired description for the filter in the Description textbox diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/search-filter.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/search-filter.md deleted file mode 100644 index b345d78829..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/search-filter.md +++ /dev/null @@ -1,65 +0,0 @@ -# EWSPublicFolder FW: Search Filter - -Use the Search Filter page to choose a filter template for the search. - -![Filter Wizard Search Filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp) - -Customize folder search conditions using the following options: - -- Select template – Select any of the following template options: - - - Blank - - All non-archived items over 90 days ago - - All calendar items that contains attachment that occurred over 90 days ago - -- Edit Conditions – Click an underlined value, if present, in the Edit Conditions box to modify any - of the template conditions - - **NOTE:** The values present depends on the selections made in the Select conditions box. - - - Click either **IPM.Note** or **IPM.Appointment**, to open the MessageClasses Window with - IPM.Note or IPM.Appointment class populated, respectively. See the - [MessageClasses Window](#messageclasses-window) topic for additional information. - - Click **over 90 Day ago** to open the Date Range Selection Window. See the - [Date Range Selection Window](#date-range-selection-window) - - Click **has attachment(s)** to convert the condition to **has no attachment(s)** and vice - versa - -## MessageClasses Window - -Use the MessageClasses window to alter criteria related to message class. The Message Classes window -opens if **Ipm.Note** or **Ipm.Appointment** is clicked in the Edit Conditions box on the Search -Filter page. - -![MessagesClasses window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp) - -Determine MessageClass-related criteria using the following options: - -- To add a class, click **Add** -- Enter the desired Message Class in the corresponding textbox -- Click **Exact Match** to reveal a dropdown menu of other search criteria under Matching Strategy - and select the preferred option: - - - Exact Match - - Starts With - - Contains - -- To remove a message class, select it and click **Remove** -- Click **Import CSV** to open a file explorer window to select an appropriate CSV file containing - search terms - -## Date Range Selection Window - -Use the Date Range Selection window to select a time period or range for the search. The Date Range -Selection window opens if **over 90 Day ago** is clicked in the Edit Conditions box on the Search -Filter page. - -![Date Range Selection window](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp) - -Determine the time period or range of the search using the following options: - -- Over [Number] [Time Period] ago -- Last [Number] [Time Period] -- Before [Date] -- After [Date] -- Between [Date] and [Date] diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter.md deleted file mode 100644 index be0e818960..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter.md +++ /dev/null @@ -1,42 +0,0 @@ -# EWSPublicFolder: Filter - -The Filter settings page provides options to filter folders and attachments. It is a wizard page for -the categories of: - -- Public Folder contents -- Public Folder permissions -- Sensitive Data - -![EWS Public Folder Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -All folders and attachments are scanned by default. Scope the scan for specific folders and -attachments: - -- Include Folders – Type the folder paths to filter the scan to specific mailbox folders -- Include Attachments – Type the attachment file names to filter to specific attachments -- Exclude Folders – Type the folder paths to exclude mailbox folders from the scan -- Exclude Attachments – Type the file names for the attachments to exclude attachments from the scan - -Use `*` and `?` for matching wildcard and single characters. - -- Limit message size to [numerical value] – Select to limit message size and define the threshold - for maximum size of a message. The default value is 20000 KB. -- Limit attachments size to [numerical value] – Select to limit attachment size and define a - threshold for maximum size of an attachment returned in the scan. The default value is 20000 KB. - -Public folders can also be included or excluded from the scan by retrieving a list of public folders -and selecting the desired folders. - -Follow the steps to filter the scan by selecting public folders from a list. - -![Choose folder to include window on Filter settings page](/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/filterpublicfolders.webp) - -**Step 1 –** Click the **+** button to the right of the Include Folders or Exclude Folders box to -open the Choose folders to include or Choose folders to exclude window. - -**Step 2 –** Click **Retrieve** to load the list of public folders that can be selected. - -**Step 3 –** Select the desired public folders and click **Add** to add the folders to the Include -Folders or Exclude Folders list. - -After the configuration changes are saved, scans are filtered by the selected public folders. diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/options.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/options.md deleted file mode 100644 index 35feb5767d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/options.md +++ /dev/null @@ -1,22 +0,0 @@ -# EWSPublicFolder: Options - -The Scan options page provides general scan options. It is a wizard page for all of the categories. - -![options](/img/product_docs/accessanalyzer/install/application/options.webp) - -Select any desired scan options: - -- Ignore certificate errors – Ignores certificate errors when connecting to Exchange Web Services -- Match job host against autodiscovered host – Matches the name of the job host against the host - name returned from autodiscover - - **_RECOMMENDED:_** Use this option when scanning multiple Exchange environments with a single - job and the Connection Profile has multiple credentials in it. - -- Authentication – Select an Authentication type from the drop down: - - - Negotiate - - Basic - - NTLM - - Kerberos - - Digest diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/overview.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/overview.md deleted file mode 100644 index 062f89c3f1..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/overview.md +++ /dev/null @@ -1,46 +0,0 @@ -# EWSPublicFolder Data Collector - -The EWSPublicFolder Data Collector provides configuration options to extract public folder contents, -permissions, and sensitive data, and is preconfigured within the Exchange Solution. Both this data -collector and the solution are available with a special Access Analyzer license. See the -[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. - -Protocols - -- HTTPS -- ADSI -- LDAP - -Ports - -- TCP 389 -- TCP 443 - -Permissions - -- Exchange Admin Role -- Discovery Management Role -- Application Impersonation Role -- Exchange Online License with a mailbox - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## EWSPublicFolder Query Configuration - -The EWSPublicFolder Data Collector is configured through the Exchange Public Folder Data Collector -Wizard. The wizard contains the following pages: - -**NOTE:** The Category selected may alter the subsequent steps displayed by the wizard. - -- [EWSPublicFolder: Category](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/category.md) -- [EWSPublicFolder: Options](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/options.md) -- [EWSPublicFolder: SDD Options](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/sdd-options.md) -- [EWSPublicFolder: Critieria](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/criteria.md) -- [EWSPublicFolder: Filter](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter.md) -- [EWSPublicFolder: Search Filter](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/search-filter.md) -- [EWSPublicFolder: Results](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/results.md) -- [EWSPublicFolder: Summary](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/results.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/results.md deleted file mode 100644 index 599ce1bf5b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/results.md +++ /dev/null @@ -1,16 +0,0 @@ -# EWSPublicFolder: Results - -The Results page is used to select which properties will be gathered out of those available for the -category. It is a wizard page for all of the categories. - -![EWS Public Folder Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Select criteria using the following options: - -- Select the checkbox of any property to include it in the summary. All selected properties will be - gathered. - - **NOTE:** Available properties vary based on the category selected. - -- Click **Select All** to select all properties -- Click **Clear All** to clear all selected properties diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/sdd-options.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/sdd-options.md deleted file mode 100644 index 981a8ee39a..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/sdd-options.md +++ /dev/null @@ -1,14 +0,0 @@ -# EWSPublicFolder: SDD Options - -Use the Sensitive data scan options page to configure options to for discovering sensitive data. It -is a wizard page for the Sensitive Data category. - -![EWS Public Folder Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp) - -Select the applicable Sensitive data scan options: - -- Store discovered sensitive data – Stores discovered sensitive data in the database -- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria - for discovered sensitive data - - **NOTE:** This option is only available if **Store discovered sensitive data** is selected. diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/search-filter.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/search-filter.md deleted file mode 100644 index 12cd388455..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/search-filter.md +++ /dev/null @@ -1,20 +0,0 @@ -# EWSPublicFolder: Search Filter - -The Search filter settings page applies a filter used to search mailboxes in the environment. It is -a wizard page for the category of: - -- PublicFolder search - -![EWS Public Folder Data Collector Wizard Search Filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp) - -Click **Add Filter** to open the Filter Wizard - -## EWSPublicFolder Filter Wizard (FW) - -The Filter Wizard manages properties of the search filter. The Filter Wizard pages are: - -- [EWSPublicFolder FW: Search Filter](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/search-filter.md) -- [EWSPublicFolder FW: Folder Conditions](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/folder-conditions.md) -- [EWSPublicFolder FW: Message Conditions](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/message-conditions.md) -- [EWSPublicFolder FW: BodyOptions](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/body-options.md) -- [EWSPublicFolder FW: Save Filter](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter-wizard/save-filter.md) diff --git a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/summary.md b/docs/accessanalyzer/12.0/data-collection/ews-public-folder/summary.md deleted file mode 100644 index ef6dc57cc4..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ews-public-folder/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# EWSPublicFolder: Summary - -The Summary page displays a summary of the configured query. It wizard page for all categories. - -![EWS Public Folder Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the EWS Public Folder Data Collector Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-2k/category.md b/docs/accessanalyzer/12.0/data-collection/exchange-2k/category.md deleted file mode 100644 index 644c88e617..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-2k/category.md +++ /dev/null @@ -1,104 +0,0 @@ -# Exchange2K: Category - -The Exchange2K Data Collector contains the following query categories, sub-divided by auditing -focus: - -![Exchange 2K+ Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -- Exchange Organization - - - Organization – Exchange organization properties - - Administrative Groups - - Exchange Servers - - Storage Groups - - Exchange 2007/2010 Users – User properties from PowerShell commands - - Users – Mail-enabled and mailbox-enabled user - - Groups – Mail-enabled groups - - Contacts - - QBDGs – Query-Based Distribution Groups - -- Exchange Server Configuration - - - Recipient Update Services - - Message Delivery – System-wide message settings - - Instant Messaging – Instant messaging settings - - Exchange Mailbox Store Logons – The users currently logged on to Microsoft Exchange 2007 and - 2010 - -- Exchange 2007/2010 Hub Transport Configuration - - - Accepted Domains - - Remote Domains - - Transport Rules - - Journaling - -- Exchange 2007 CCR/SCR - - - Server Status - - CCR Storage Group Status - - SCR Storage Group Status - - Replication Health - -- Exchange 2007/2010 Unified Messaging - - - Dial plans - - IP gateways - - Mailbox policies - - Auto attendants - -- Exchange 2010 DAG - - - Exchange 2010 Mailbox Database Copy Status - - Exchange 2010 Data Availability Group - - Replication Health - -- Connectors - - - SMTP Connectors - - Exchange 2007/2010 Receive Connectors - - Exchange 2007/2010 Send Connectors - - Routing Group Connectors - - TCPX 400 Connectors - - X25X 400 Connectors - -- Protocols - - - HTTP Virtual Servers - - IMAP4 Virtual Servers - - NNTP Virtual Servers - - POP3 Virtual Servers - - SMTP Virtual Servers - - X400 Protocol - - Exchange 2007/2010 IMAP4 protocol - - Exchange 2007/2010 POP3 protocol - - Exchange 2007/2010 ActiveSync Protocols - -- Queues - - - Exchange Queues - - Exchange 2007/2010 Queries - -- Policies - - - Recipient Policies - - Exchange Server Policies - - Exchange 2007/2010 Email Policies - - Mailbox Store Policies - - Public Store Policies - - Exchange 2007/2010 ActiveSync Mailbox Policies - - Exchange 2010 Throttling Policies - -- Address Lists - - - Address Lists - - Global Address Lists - - Offline Address Lists - -- Internet Message Formats -- Mailbox Stores -- Public Stores -- Public Folders -- Anti-Virus Software -- OrphanedMailboxes -- OrphanedPublicFolders -- Exchange 2007/2010 ActiveSync Mobile Devices diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-2k/mapi-settings.md b/docs/accessanalyzer/12.0/data-collection/exchange-2k/mapi-settings.md deleted file mode 100644 index 6d7b10e0e9..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-2k/mapi-settings.md +++ /dev/null @@ -1,31 +0,0 @@ -# Exchange2K: MAPI Settings - -The MAPI Settings page is used to enter configurations to connect to target Exchange servers. By -default, Access Analyzer connects to Exchange using System Attendant. For Exchange 2010 and 2013, a -mailbox and a client access server need to be entered in order to make a MAPI connection. These -settings only need to be configured if not configured at the Global Settings level. It is a wizard -page for the categories of: - -- Exchange Organization > Users -- Mailbox Stores -- Public Folders -- OrphanedMailboxes -- OrphanedPublicFolders - -![Exchange 2K+ Data Collector Wizard MAPI Settings page](/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/mapisettings.webp) - -Configure the Connection Setting by selecting from the following: - -- Use Global settings: -- System Attendant (2003 & 2007) -- Use the mailbox associated with the Windows account that Access Analyzer is run with -- Exchange Mailbox (2010 and newer) -- Client Access Server - -Enter a server to Test Connection Setting: - -- Exchange Server – Enter the Exchange Mailbox Server to use to test the connection setting to make - sure that there is access to the server entered -- Test connection setting – Click to test the connection to the Exchange server - -The box at the bottom of the page displays information regarding the test connection in progress. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-2k/options.md b/docs/accessanalyzer/12.0/data-collection/exchange-2k/options.md deleted file mode 100644 index 2bc6663eb2..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-2k/options.md +++ /dev/null @@ -1,32 +0,0 @@ -# Exchange2K: Options - -The Options page provides additional configuration options for the query. Available options vary -depending on the category selected. It is a wizard page for all of the categories. - -![Exchange 2K+ Data Collector Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -Configure the Options step using the following options: - -- How to format collected – Select how the table will be formatted according to the return data - - - Return data as collected - - Return each value of the following property in a separate row – Enabled for specific - properties selected on the Results page - - Return data in a separate row for each property set in the following group – Enabled for - specific properties selected on the Results page - -- How to return multi-valued properties – Select how the table will be formatted when the return - data contains multi-valued properties - - - Concatenated – Return the data in a continuous string without gaps - - - Delimiter – Enter the desired delimiter to be used between values - - - First-value only – Only display the first value - -- Message size units – Available for the Exchange Organization > Users, Mailbox Stores, and Public - Stores categories. Choose between: - - - KB - - MB - - GB diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-2k/overview.md b/docs/accessanalyzer/12.0/data-collection/exchange-2k/overview.md deleted file mode 100644 index 606cedb996..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-2k/overview.md +++ /dev/null @@ -1,49 +0,0 @@ -# Exchange2K Data Collector - -The Exchange2K Data Collector extracts configuration details from Exchange organizations for -versions 2003 and later. This is a MAPI-based data collector which requires the **Settings** > -**Exchange** node to be enabled and configured. See the [Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) topic -for additional information. - -The Exchange2K Data Collector has been preconfigured within the Exchange Solution. Both this data -collector and the solution are available with a special Access Analyzer license. See the -[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. - -Protocols - -- LDAP -- MAPI -- PowerShell -- RPC -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports -- TCP 389 -- Optional TCP 445 - -Permissions - -- Member of the Exchange Administrator group -- Domain Admin for AD property collection -- Public Folder Management - -## Exchange2K Query Configuration - -The Exchange2K Data Collector is configured through the Exchange 2K+ Data Collector Wizard, which -contains the following wizard pages: - -- Welcome -- [Exchange2K: Category](/docs/accessanalyzer/12.0/data-collection/exchange-2k/category.md) -- [Exchange2K: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-2k/scope.md) -- [Exchange2K: Results](/docs/accessanalyzer/12.0/data-collection/exchange-2k/results.md) -- [Exchange2K: MAPI Settings](/docs/accessanalyzer/12.0/data-collection/exchange-2k/mapi-settings.md) -- [Exchange2K: Options](/docs/accessanalyzer/12.0/data-collection/exchange-2k/options.md) -- [Exchange2K: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-2k/summary.md) - -![Exchange 2K+ Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not show this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-2k/results.md b/docs/accessanalyzer/12.0/data-collection/exchange-2k/results.md deleted file mode 100644 index f9eb421b92..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-2k/results.md +++ /dev/null @@ -1,11 +0,0 @@ -# Exchange2K: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for -all. - -![Exchange 2K+ Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Check All**, **Uncheck All**, or **Reset Defaults** -buttons can be used. All Selected properties will be gathered. Click **Expand All** to expand all -properties, or **Collapse All** to collapse all properties. Available properties vary based on the -category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-2k/scope.md b/docs/accessanalyzer/12.0/data-collection/exchange-2k/scope.md deleted file mode 100644 index 51742a0808..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-2k/scope.md +++ /dev/null @@ -1,19 +0,0 @@ -# Exchange2K: Scope - -The Scope page is used to define where to search. It is a wizard page for the categories of: - -- Exchange Organization > Users -- Exchange Organization > Groups -- Exchange Organization > Contacts -- Exchange Organization > QBDGs - -![Exchange 2K+ Data Collector Wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -Select where to connect for the search and click **Connect** to add the domain or server: - -- Default domain – Select this option to search the default domain -- This domain or server – Click the ellipsis to open the Browse for Domain window and select a - domain or server. - -Click **Add** to add the OUs highlighted in the top box to the scope. Click **Remove** to remove the -selected OU. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-2k/summary.md b/docs/accessanalyzer/12.0/data-collection/exchange-2k/summary.md deleted file mode 100644 index dd74acb0ce..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-2k/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# Exchange2K: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all of the -categories. - -![Exchange 2K+ Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Exchange 2K+ Data Collector Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/category.md b/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/category.md deleted file mode 100644 index b5393adddb..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/category.md +++ /dev/null @@ -1,17 +0,0 @@ -# ExchangeMailbox: Category - -The Exchange Mailbox Data Collector contains the following Exchange Mailbox categories for -searching: - -![Exchange Mailbox Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The Category page contains a list of objects the query searches for: - -- Mailboxes -- Mailbox contents -- Mailbox permissions -- Mailbox sensitive data discovery -- Mailbox search – Enables the Return data options: - - - Per mailbox - - Per folder diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/options.md b/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/options.md deleted file mode 100644 index 6c9912448b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/options.md +++ /dev/null @@ -1,44 +0,0 @@ -# ExchangeMailbox: Options - -The Options page provides different configuration options for the search. It is a wizard page for -the following categories: - -- Mailboxes -- Mailbox contents -- Mailbox permissions -- Mailbox sensitive data discovery - -![Exchange Mailbox Data Collector Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -The following options can be configured: - -**NOTE:** Options available vary based upon the category selected. - -- Message size units: - - - KB - - MB - -- Folders - - - All Folders – Select to include all folders in the query. When deselected, the other options - of the category become available. - - Include root folder – Include root folders of the selected folders in the query - - - - – Enter the name of a folder to include and click **+** to add it to the list of - included folders - - - – Select a folder from the list of included folders ad click **–** to remove it - - - Include subfolders in message counters – Include messages contained in subfolders of the - selected folders in the message count - -- Attachment Types - - - Count attachment types – Counts attachment types as part of the query. When selected, this - enables the following options: - - - Add New – Adds another line to the list of attachment types which is manually edited - - Load Defaults – Reverts the list to default attachment types - - Remove – Remove selected attachment type from the list - -- Large Attachment Threshold (KB) – Default is 500 diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/overview.md b/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/overview.md deleted file mode 100644 index e6085a11ab..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/overview.md +++ /dev/null @@ -1,77 +0,0 @@ -# ExchangeMailbox Data Collector - -The ExchangeMailbox Data Collector extracts configuration details from the Exchange Store to provide -statistical, content, permission, and sensitive data reporting on mailboxes. This is a MAPI-based -data collector which requires the **Settings** > **Exchange** node to be enabled and configured. See -the [Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) topic for additional information. - -The ExchangeMailbox Data Collector is available with a special Access Analyzer license. See the -[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. - -Protocols - -- MAPI -- RPC - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Exchange Administrator group -- Organization Management -- Discovery Management - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## ExchangeMailbox Query Configuration - -The ExchangeMailbox Data Collector is configured through the Exchange Mailbox Data Collector Wizard, -which contains the following wizard pages: - -- Welcome -- [ExchangeMailbox: Category](/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/category.md) -- [ExchangeMailbox: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/scope.md) -- [ExchangeMailbox: Properties](/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/properties.md) -- [ExchangeMailbox: SDD Criteria](/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/sdd-criteria.md) -- [ExchangeMailbox: Options](/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/options.md) -- [ExchangeMailbox: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/summary.md) - -The query requires special permissions to connect to target Exchange servers. Assign these -permissions on the Welcome page. - -![Exchange Mailbox Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -Connection Setting - -Select one of the following options for the connection setting: - -- Use Global setting – The configured Global Setting is displayed next to this checkbox. Select the - checkbox to use the global setting. -- System Attendant (2003 & 2007) – Enabled when the **Use Global Setting** checkbox is not selected. - Select this option to use System Attendant (2003 & 2007) for the connection. -- Use the mailbox associated with the Windows account that Access Analyzer is run with – Enabled - when the **Use Global Setting** checkbox is not selected. Select this option to use the mailbox - associated with the Windows account that Access Analyzer is run with for the connection. -- Exchange Mailbox (2010 and newer) – Enabled when the **Use Global Setting** checkbox is not - selected. Select this option to use an Exchange Mailbox (2010 and newer) for the connection. The - Client Access Server must be entered unless specified in the Global Settings. - - - Client Access Server – A private store server is needed if the Exchange server only has public - stores - -Test Connection Setting - -Enter a server to test the connection string: - -- Exchange Server – Enter the Exchange Mailbox Server to use to test the connection setting to make - sure that there is access to the server entered -- Test – Click **Test** to test the connection to the Exchange server - -The box at the bottom of the page displays information regarding the test connection in progress. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/properties.md b/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/properties.md deleted file mode 100644 index d646ba73d5..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/properties.md +++ /dev/null @@ -1,16 +0,0 @@ -# ExchangeMailbox: Properties - -The Properties page is where properties that will be gathered are selected. The available properties -depend on the category selected. It is a wizard page for all of the categories. - -![Exchange Mailbox Data Collector Wizard Properties page](/img/product_docs/activitymonitor/activitymonitor/install/agent/properties.webp) - -Properties can be selected individually or you can use the Select All, Clear All, and Reset All -buttons. All selected properties will be gathered. Click **Message Classes** to open the Message -classes filters window. - -![Message classes filters window](/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp) - -The wildcard (`*`) returns all message class filters. Enter the name of the class filter and click -**Add** to add it to the list. **Delete** will remove the selected class filter from the list. The -**Load defaults** option will restore the class filter default settings. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/scope.md b/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/scope.md deleted file mode 100644 index 8c3dfb7135..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/scope.md +++ /dev/null @@ -1,34 +0,0 @@ -# ExchangeMailbox: Scope - -The Scope page is used to define which mailboxes are to be queried. It is a wizard page for all of -the categories. - -![Exchange Mailbox Data Collector Wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -At the top, configure the mailboxes to be queried. The selected option changes how the mailboxes are -identified for scoping. - -- All mailboxes – Searches all mailboxes -- Selected mailboxes from server – Retrieves all mailboxes in the Exchange organization, making them - visible within the **Available mailboxes on connected server** list. The following options - display: - - ![Scope page with Selected mailboxes from server selected](/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp) - - - Retrieve – Enter the server and select Retrieve to display the list of mailboxes on that - server - - Add – Select the desired mailboxes to add to the query. The added mailboxes display in the - **Selected mailboxes** list. - - Remove – Deletes selected mailboxes from the list - - Select All – Click the Select All icon to select all mailboxes in the list - - Clear All – Click the Clear All icon to clear all current selections in the list - -- Selected table – Populates the **Available tables** list with tables from the Access Analyzer - database - - ![Scope page with Selected table selected](/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp) - - - Table – Filters this list by tables. Select the table which hosts the list of mailboxes for - which this query will be scoped. - - Field containing EmailAddressDNs – This list will be populated with columns from the selected - table. Select the appropriate column from the list. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/sdd-criteria.md b/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/sdd-criteria.md deleted file mode 100644 index 9d10e289c0..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/sdd-criteria.md +++ /dev/null @@ -1,25 +0,0 @@ -# ExchangeMailbox: SDD Criteria - -The SDD Criteria page is where criteria to be used for discovering sensitive data are configured. It -is a wizard page for the Mailbox sensitive data discovery category. - -![Exchange Mailbox Data Collector Wizard SDD Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sddcriteria.webp) - -Select the checkbox for the criteria to be used to search for sensitive data. Criteria can also be -selected using the **Select All** and **Select None** buttons. - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria -- Edit – Click this button to access the Criteria Editor where user-defined criteria can be created - or customized. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) topic - for additional information. -- Store discovered sensitive data – Stores the potentially sensitive data that matches the selected - criteria in the Access Analyzer database. Select this checkbox to store a copy of the criteria - match data. This copy can be used to check for false positives, data that matches the selected - criteria but is not actually sensitive. -- Limit stored matches per criteria to [number] – Identifies the number of potentially sensitive - data matches that are copied to the database. The default is 5 matches. This option is only - available if the **Store discovered sensitive data** option is selected. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/summary.md b/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/summary.md deleted file mode 100644 index 816855c674..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# ExchangeMailbox: Summary - -The Summary page displays a summary of the configured query. It wizard page for all categories. - -![Exchange Mailbox Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Exchange Mailbox Data Collector Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/category.md b/docs/accessanalyzer/12.0/data-collection/exchange-metrics/category.md deleted file mode 100644 index 142013a7ea..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/category.md +++ /dev/null @@ -1,35 +0,0 @@ -# ExchangeMetrics: Category - -The Category page is used to identify the type of Exchange Metrics information to retrieve. - -![Exchange Metrics Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The ExchangeMetrics Data Collector contains the following query categories: - -- Exchange Metrics Queries - - - Server Volume – Summary metrics by server for all messages sent and received inside and - outside of the Exchange organization - - Internal Traffic Summary – Summary metrics by server for all messages sent and received inside - of the Exchange organization - - Internet Traffic Summary – Summary metrics by external domain for messages sent and received - outside of the Exchange organization - - Delivery Time – Summary metrics by server for all messages delivered within specified delivery - time window - - Delivery Time Custom – Summary metrics by server for all messages delivered within delivery - time windows - - User Statistics – Summary metrics by user for all messages sent and received by each user - - DL Statistics – Summary metrics by distribution list (DL) for all messages received by each DL - - Hour Statistics – Summary metrics by server for all messages delivered within specified hour - slot - - Message Size Statistics – Summary metrics by server for all messages of specified sizes - - Message Size Statistics Custom – Summary metrics by serer for message size windows - - User’s Message Activity – Message activity per user - - User’s Message Activity Per Hour – Message activity per user per hour - -- Exchange Metrics Applet Maintenance - - - Deploy or Change Applet Settings – Deploys a data collector applet to an Exchange Server, or - update its settings - - Check Applet State – Information about a deployed data collector applet - - Remove Applet Settings – Removes a deployed data collector applet from an Exchange Server diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/collect-mode.md b/docs/accessanalyzer/12.0/data-collection/exchange-metrics/collect-mode.md deleted file mode 100644 index f11722e93b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/collect-mode.md +++ /dev/null @@ -1,31 +0,0 @@ -# ExchangeMetrics: Collect Mode - -The Collect Mode page is where to set the collection mode. It is a wizard page for the categories -of: - -- Server Volume -- Internal Traffic Summary -- Internet Traffic Summary -- Delivery Time -- Delivery Time Custom -- User Statistics -- DL Statistics -- Hour Statistics -- Message Size Statistics -- Message Size Statistics Custom -- User’s Message Activity -- User’s Message Activity Per Hour - -![Exchange Metrics Data Collector Wizard Collect Mode page](/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/collectmode.webp) - -There are two types of collection modes: - -- Query Summary Data Only – In this mode, the applet gathers only existing summary data and returns - it to the Access Analyzer Console. In order to process Exchange tracking log files, another - instance of the applet must be configured. -- Process Exchange Tracking Logs and Query Summary Data – In this mode, the applet processes missing - summary data and returns it to the Access Analyzer Console. This mode includes an additional - setting for **Summary data path**. Choose between: - - - Default location - - Specific location – Specify the folder location diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/message-activity-filter.md b/docs/accessanalyzer/12.0/data-collection/exchange-metrics/message-activity-filter.md deleted file mode 100644 index 82e6ce566e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/message-activity-filter.md +++ /dev/null @@ -1,30 +0,0 @@ -# ExchangeMetrics: Message Activity Filter - -The Message Activity Filter page configures which domains the data collector should return mail flow -from specific senders and to specific recipients. For example, if `@netwrix.com` is entered in the -Senders list and `@netwrix.com` in the Recipients list, message activity will be returned only for -mail sent to and received from an `@netwrix.com` address. It is a wizard page for the categories of: - -- User’s Message Activity -- User’s Message Activity Per Hour - -![Exchange Metrics Data Collector Wizard Message Activity Filter page](/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/messageactivityfilter.webp) - -Configure the Message Activity Filter using the following options: - -- Add – To add a filter to the desired category, click **Add** in the desired category to add an - entry to that category -- Select **Exact Match** in the added filter to reveal a drop-down list with the following condition - options: - - - Exact matches - - Contains - - Begins with - - Ends with - -- Kind – Select **(Custom…)** to open the Custom Filter menu. The Custom Filter menu provides - options to create and configure other filters. -- Value – Type the filter to be applied - -The columns in the entry tables can be sorted and or filtered, using the same sorting and filtering -methods of Access Analyzer data grids. The **Remove** option will delete a selected filter. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/message-sizes.md b/docs/accessanalyzer/12.0/data-collection/exchange-metrics/message-sizes.md deleted file mode 100644 index d9a9c33625..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/message-sizes.md +++ /dev/null @@ -1,26 +0,0 @@ -# ExchangeMetrics: Message Sizes - -The Message Sizes page is used to configure message size frames for which to return summary metrics -by server. It is a wizard page for the category of: - -- Message Size Statistics Custom. - -![Exchange Metrics Data Collector Wizard Message Sizes page](/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/messagesizes.webp) - -Configure the desired message size frames using the following options: - -- Frame name – Name the configured message size parameters. Can either be entered manually or a - default will populate when query limits are set. -- Start – Specify the lower limit of the message sizes (in MB) -- End – Specify the upper limit of the message sizes (in MB) - -For example, a **Start** value of **1** and an **End** value of **2** returns messages between 1 and -2 megabytes. - -- Infinite – Select the checkbox to remove the **End** value from the scan. For example, a **Start** - value of **5** with the **Infinite** checkbox selected retrieves all messages which are 5 - megabytes or larger. - -Once the frame is configured, click **Add**. The configured message size frame will appear in the -list. Multiple frames can be configured. Select a frame and click **Replace** to modify an existing -frame. Use **Remove** to delete an existing frame. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/options.md b/docs/accessanalyzer/12.0/data-collection/exchange-metrics/options.md deleted file mode 100644 index 9a2ce9a771..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/options.md +++ /dev/null @@ -1,57 +0,0 @@ -# ExchangeMetrics: Options - -The Options page provides additional configuration options for the query. Options vary depending on -the category selected. It is a wizard page for the categories of: - -- Server Volume -- Internal Traffic Summary -- Internet Traffic Summary -- Delivery Time -- Delivery Time Custom -- User Statistics -- DL Statistics -- Hour Statistics -- Message Size Statistics -- Message Size Statistics Custom -- User’s Message Activity -- User’s Message Activity Per Hour -- Deploy or Change Applet Settings -- Remove Applet Settings - -![Exchange Metrics Data Collector Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -Select the checkbox of any of the following options to configure the query: - -**NOTE:** Available options vary depending on Category selected. - -- Host-side Cleanup - - - Remove applet after task is completed - - Remove all summary data after task is completed (Not recommended) - - Remove summary data older than [number] days - - Remove AD database after task is completed - -- Applet Logging - - - Enable Logging – Enables the applet to log - - Applet log level – Select the desired log level using the dropdown list: - - - None - - Debug - - Information - - Warning - - Error - - - Set Default – Returns the Applet log level to the default of **Error** - -- Applet History - - - Enable Persistent Log State – Search the log from where the previous search left off. A state - file is created for each host configured in the query. State files can be viewed within Access - Analyzer and are named by the query GUID. State files display the record the previous search - left off on, the event log, and the date of the last entry. - -- AD Database Creation - - - Recreate AD DB if existing DB is older than [number] days - - Create AD DB locally diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/overview.md b/docs/accessanalyzer/12.0/data-collection/exchange-metrics/overview.md deleted file mode 100644 index 23f29a22de..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/overview.md +++ /dev/null @@ -1,52 +0,0 @@ -# ExchangeMetrics Data Collector - -The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking -Logs on the Exchange servers. Some examples of this include server volume and message size -statistics. This data collector runs as an applet over RPC connection to process and collect -summarized metrics from the Message Tracking Log. See the -[Exchange Support and Permissions Explained](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/support.md) -topic for a complete list of supported platforms. - -The ExchangeMetrics Data Collector has been preconfigured within the Exchange Solution. Both this -data collector and the solution are available with a special Access Analyzer license. See the -[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the local Administrator group on the targeted Exchange server(s) - -See the [Exchange Mail-Flow Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mail-flow.md) topic -for additional information. - -## ExchangeMetrics Query Configuration - -The ExchangeMetrics Data Collector is configured through the Exchange Metrics Data Collector Wizard, -which contains the following wizard pages: - -- Welcome -- [ExchangeMetrics: Category](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/category.md) -- [ExchangeMetrics: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/scope.md) -- [ExchangeMetrics: Results](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/results.md) -- [ExchangeMetrics: Collect Mode](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/collect-mode.md) -- [ExchangeMetrics: Time Frames](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/timeframes.md) -- [ExchangeMetrics: Message Sizes](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/message-sizes.md) -- [ExchangeMetrics: Options](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/options.md) -- [ExchangeMetrics: Message Activity Filter](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/message-activity-filter.md) -- [ExchangeMetrics: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/summary.md) - - **NOTE:** Pages available vary depending on the Category selected. - -![Exchange Metrics Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by checking the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/results.md b/docs/accessanalyzer/12.0/data-collection/exchange-metrics/results.md deleted file mode 100644 index f07d96d0ca..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/results.md +++ /dev/null @@ -1,10 +0,0 @@ -# ExchangeMetrics: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -of the categories. - -![Exchange Metrics Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Check All**, **Uncheck All**, or **Reset Defaults** -buttons can be used. Click **Expand All** to expand all property categories. All selected properties -will be gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/scope.md b/docs/accessanalyzer/12.0/data-collection/exchange-metrics/scope.md deleted file mode 100644 index dc904a5930..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/scope.md +++ /dev/null @@ -1,46 +0,0 @@ -# ExchangeMetrics: Scope - -The Scope page is used to define where to search. It is a wizard page for the categories of: - -- Server Volume -- Internal Traffic Summary -- Internet Traffic Summary -- Delivery Time -- Delivery Time Custom -- User Statistics -- DL Statistics -- Hour Statistics -- Message Size Statistics -- Message Size Statistics Custom -- User’s Message Activity -- User’s Message Activity Per Hour -- Deploy or Change Applet Settings - -![Exchange Metrics Data Collector Wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -Define the scope of the query using the following options: - -- Return data for section – Select the time period for which data will be collected. GMT time is - used by Exchange Metrics to calculate the result. - - - Today - - Yesterday - - This Week (from last Sunday till today) - - Last Week (from Sunday till Saturday) - - This Month - - Last Month - - Last [number] days - - Within time frame: - - From [calendar date] to [calendar date] – Use the drop-down arrows to select calendar dates. - -- Return results section – Select the table design for the collected data - - - One row for – Use the drop-down list to select one of the following options: - - - All period - - Day - - Week - - Month - - - Add summary values as last row – Select this checkbox to add summary values as the last row. - This option is enabled when **Day**, **Week**, or **Month** are selected. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/summary.md b/docs/accessanalyzer/12.0/data-collection/exchange-metrics/summary.md deleted file mode 100644 index 8df55cc5d2..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# ExchangeMetrics: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all of the -categories. - -![Exchange Metrics Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Exchange Metrics Data Collector Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/timeframes.md b/docs/accessanalyzer/12.0/data-collection/exchange-metrics/timeframes.md deleted file mode 100644 index d542ba8529..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-metrics/timeframes.md +++ /dev/null @@ -1,31 +0,0 @@ -# ExchangeMetrics: Time Frames - -The Time Frames page is used to configure message delivery time frames for which to return summary -metrics by server. It is a wizard page for the category of: - -- Delivery Time Custom. - -![Exchange Metrics Data Collector Wizard Time Frames page](/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/timeframes.webp) - -Configure the desired time frames using the following options: - -- Frame name – Name the configured time frame. Can either be entered manually or a default will - populate when frame limits are set. -- Start – Specify the lower limit of the delivery time frame -- End – Specify the upper limit of the delivery time frame -- Select the time unit of the time frame: - - - Seconds - - Minutes - - Hours - -For example, a **Start** value of **1** and an **End** value of **2** with the **Minutes** unit -selected returns messages delivered in 1 to 2 minutes. - -- Infinite – Select the checkbox to eliminate the **End** value from the scan. For example, a - **Start** value of **2** with the **Infinite** checkbox selected retrieves all messages that took - 2 seconds/minutes/hours or longer to deliver. - -Once the frame is configured, click **Add**. The configured message time frame will appear in the -list. Multiple time frames can be configured. Select a frame and click **Replace** to modify an -existing frame. Use **Remove** to delete an existing frame. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/category.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/category.md deleted file mode 100644 index 0be1fd9c64..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/category.md +++ /dev/null @@ -1,333 +0,0 @@ -# ExchangePS: Category - -The Category page contains a connection section where connection options are defined. It is also -where the query category is selected. The available query categories are sub-divided by auditing -focus. - -![ExchangePS Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -## Connection - -In the Connection section, select the method for connecting to the target Exchange environment: - -- Use Global setting – Reads from the global configuration from the **Settings** > **Exchange** - node, specifically the **Client Access Server** (CAS) field - - - See the [Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) topic for additional information on these - settings - -- Use specific server – Use a different server from what is set in core - - - Exchange 2010 Servers – Can use the CAS server set in the global configuration (**Settings** > - **Exchange** node) - - Exchange 2013 & 2016 – Require an actual CAS server name: - - - If the **Settings** > **Exchange** node was configured for MAPI over HTTP, then an actual - CAS server name was supplied and will be used by the ExchangePS Data Collector - - If the **Settings** > **Exchange** node was configured for MAPI over HTTPS, then the - global configuration will have a web address instead of an actual server. Therefore, each - query requires the CAS server to be set as the specific server on the Category page. - -- Use Office 365 – Connect to Office 365 -- Use pipelined PowerShell – Processes each mailbox object in turn. When selected, the data - collector streams data to the database instead of transferring batches of data. - - - This option uses less memory but is more sensitive to network conditions - - Only available for Exchange 2013+ target environments - -## Query Categories - -The ExchangePS Data Collector contains the following query categories, sub-divided by auditing -focus: - -- Mailbox Information - - - Mailboxes – Collects mailbox information - - Mailbox Permissions – Collects permissions on mailbox folders (Exchange 2010 or later) - - Mailbox Databases – Collects information on mailbox databases - - **NOTE:** This option is not available for Office 365 target environments - - - Mailbox Rights – Collects information on mailbox rights - - Mailbox AD Rights – Collects information on mailbox Active Directory rights - - Mailbox Search – Search mailboxes (Exchange 2010 or later) - - Mailbox Access Logons – Collects information on mailbox access logons - -- Exchange Organization - - - Exchange Users – Collects Exchange user properties - -- Exchange ActiveSync - - - Exchange ActiveSync Mobile Devices – Collects Exchange ActiveSync for mobile devices - -- Public Folder Information - - - Public Folder Content – Collects general statistics and sizing for the public folder - environment - - Public Folder Permissions – Collects permission information for the public folder environment - -- Office 365 – Only available for Office 365 target environments - - - Mail Flow Metrics – Collects information about mail flow in the Exchange Online environment - -- Domain Information - - - Domains – Collects information about Domains in the Exchange environment - -Each category has specific requirements and capabilities per auditing focus: - -- [Mailbox Information](#mailbox-information) -- [Exchange Organization](#exchange-organization) -- [Exchange ActiveSync](#exchange-activesync) -- [Public Folder Information](#public-folder-information) -- [Office 365](#office-365) -- [Domain Information](#domain-information) - -### Mailbox Information - -Mailbox Information audit focus contains the following categories: - -Mailboxes - -This category gathers high-level statistics about the Mailboxes in the environment. It can be run -with quick properties or all properties. The quick properties are the first 14 properties and -significantly reduce the time it takes to return the information. The PowerShell queries this -category runs are as follows: - -``` -Get-Mailbox -Get-MailboxStatistics -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -Mailbox Permissions - -This category returns Mailbox Folder permissions and folder level statistics about the mailboxes. -The PowerShell queries this category runs are as follows: - -``` -Get-Mailbox -Get-MailboxFolderPermission -Get-MailboxStatistics -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -Mailbox Databases - -This category returns information about the Mailbox Databases which reside in the organization. The -PowerShell query this category runs is as follows: - -``` -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -Mailbox Rights - -This category returns Mailbox Rights assigned to each Mailbox, such as Full Mailbox Access. The -PowerShell query this category runs is as follows: - -``` -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -Mailbox AD Rights - -This category returns information about the Mailbox Databases which reside in the organization. The -PowerShell query this category runs is as follows: - -``` -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -Mailbox Search - -This category provides the capability to search the Mailbox for any criteria configured inside the -data collector. The PowerShell queries this category runs are as follows: - -``` -Search-Mailbox -Get-Mailbox -Get-MailboxDatabase -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Filter by Message](/docs/accessanalyzer/12.0/data-collection/exchange-ps/filter-message.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -Mailbox Access Logons - -This category returns the Mailbox Access Auditing log details. Mailbox Access Auditing does need to -be enabled on the Mailboxes in order for this job to return any information. The PowerShell queries -this category runs are as follows: - -``` -Search-MailboxAuditLog -Get-Mailbox -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Mailbox Logons](/docs/accessanalyzer/12.0/data-collection/exchange-ps/mailbox-logons.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -### Exchange Organization - -Exchange Organization audit focus contains the following category: - -Exchange Users - -This category returns information about the Mail-Enabled Users in the Exchange environment. The -PowerShell queries this category runs are as follows: - -``` -Get-User -Get-CASMailbox -Get-Mailbox -Get-ThrottlingPolicyAssociation -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -### Exchange ActiveSync - -Exchange ActiveSync audit focus contains the following category: - -Exchange ActiveSync Mobile Devices - -This category returns ActiveSync device properties and the Exchange Mailboxes they are associated -to. The PowerShell queries this category runs are as follows: - -``` -Get-ActiveSyncDeviceStatistics -Get-Mailbox -``` - -When this category is selected, the following ExchangePS Data Collector Wizard pages are available -for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -### Public Folder Information - -Public Folder Information audit focus contains the following categories: - -Public Folder Content - -This category returns general statistics and sizing for the public folder environment. When it is -selected, the following ExchangePS Data Collector Wizard pages are available for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -Public Folder Permissions - -This category returns permissions information for the public folder environment. When it is -selected, the following ExchangePS Data Collector Wizard pages are available for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -### Office 365 - -Office 365 audit focus contains the following category: - -Mail Flow Metrics - -This category returns information about mail flow in the target Exchange Online environment. When it -is selected, the following ExchangePS Data Collector Wizard pages are available for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Mail Flow](/docs/accessanalyzer/12.0/data-collection/exchange-ps/mail-flow.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -### Domain Information - -Domain Information audit focus contains the following category: - -Domains - -This category returns information about domains in the Exchange environment. When it is selected, -the following ExchangePS Data Collector Wizard pages are available for configuration: - -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/configure-job.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/configure-job.md deleted file mode 100644 index 4b51e7236e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/configure-job.md +++ /dev/null @@ -1,80 +0,0 @@ -# Exchange Custom Connection Profile & Host List - -The ExchangePS Data Collector requires a custom Connection Profile and host list to be created and -assigned to the job conducting the data collection. The host inventory option during host list -creation makes it necessary to configure the Connection Profile first. - -**NOTE:** It is not possible to target both Exchange Online and on-premises Exchange environments -from the same job. Therefore, the Connection Profile should only contain the credentials for one -type of environment. - -## Exchange On-Premises - -This section describes the process to configure the Connection Profile and host list for Exchange -on-premises environments. - -### Exchange On-Premise Credential for a Connection Profile - -The provisioned credential used should be an Active Directory account. Create a Connection Profile -and set the following information on the User Credentials window: - -- Select Account Type – Active Directory Account -- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain - name in the textbox or select a domain from the menu. -- User name – Type the user name -- Password Storage – Choose the for credential password storage: - - - Application – Uses the configured Profile Security setting as selected at the **Settings** > - **Application** node - - CyberArk – Uses the CyberArk Enterprise Password Vault - -- Password – Type the password -- Confirm – Re-type the password - -### Exchange On-Premise Host List - -The ExchangePS Data Collector should be set to run against: - -- Local host - -## Exchange Online - -This section describes the process to configure the Connection Profile and custom host list for -Exchange Online. - -### Exchange Online Credential for a Connection Profile - -The provisioned credential must be created with the Exchange Modern Authentication account type. -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Exchange Modern Authentication -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) - topic for additional information.) -- Organization – The primary domain name of the Microsoft Entra tenant being leveraged to make the - connection. See the - [Identify the Tenant's Name](/docs/accessanalyzer/12.0/configuration/exchange-online/access.md#identify-the-tenants-name) - topic for additional information. -- Email Address – The email address for the mailbox to be leveraged in Exchange Online environment - scans. The mailbox must belong to the primary domain used in the Organization field. -- AppID – Application (client) ID of the Access Analyzer application registered with Microsoft Entra - ID. See the - [Identify the Client ID](/docs/accessanalyzer/12.0/configuration/exchange-online/access.md#identify-the-client-id) - topic for additional information. -- Certificate Thumbprint – The thumbprint value of the certificate uploaded to the Microsoft Entra - ID application. See the - [Upload Self-Signed Certificate](/docs/accessanalyzer/12.0/configuration/exchange-online/access.md#upload-self-signed-certificate) - topic for additional information. - -### Exchange Online Host List - -Exchange Online requires a custom host list. The host list should include the tenant name of the -Microsoft Entra tenant used to connect to Exchange Online. - -- The host name must be the domain name of the tenant, for example `company.onmicrosoft.com`. See - the - [Identify the Tenant's Name](/docs/accessanalyzer/12.0/configuration/exchange-online/access.md#identify-the-tenants-name) - topic for additional information. - -See the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) topic for instructions on creating a custom -host list. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md deleted file mode 100644 index cfc67cfb63..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md +++ /dev/null @@ -1,16 +0,0 @@ -# ExchangePS: Error Logging - -The Error Logging page is used to configure how long to keep the PowerShell logs. It is a wizard -page for all of the categories. - -![ExchangePS Data Collector Wizard Error Logging page](/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/errorlogging.webp) - -Select from the following options: - -- Remove all log files – Removes the PowerShell logs when data collection completes -- Keep log files newer than [number] days – Removes PowerShell logs older than the specified age - when data collection completes - -These log files are stored in the following location on the target host: - -…\STEALTHbits\StealthAUDIT\ExchangePS diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/filter-message.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/filter-message.md deleted file mode 100644 index 94325b6bca..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/filter-message.md +++ /dev/null @@ -1,79 +0,0 @@ -# ExchangePS: Filter by Message - -The Filter by Message page is used to define the filter conditions of the search. It is a wizard -page for the category of: - -- Mailbox Search - -![ExchangePS Data Collector Wizard Filter by Message Conditions page](/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/filtermessage.webp) - -In the Select Conditions section, choose the filter logic: - -- All Conditions – All selected conditions must be met -- Any condition – Any of the selected conditions must be met - -Available conditions to select from include: - -- date when message expires according to policy – If selected, specify date range through the Date - Range Selection window -- with specific words in the retention policy – If selected, specify words through the Words window -- with specific words in the subject – If selected, specify words through the Words window -- with specific words in the body – If selected, specify words through the Words window -- with specific words in the subject or body – If selected, specify words through the Words window -- with specific words in the recipient’s address – If selected, specify words through the Words - window -- with specific words in the sender’s address – If selected, specify words through the Words window -- that was received in a specific date range – If selected, specify date range through the Date - Range Selection window -- with specific words in the attachment – If selected, specify words through the Words window - -See the [Date Range Selection Window](#date-range-selection-window) and -[Words Window](#words-window) topics for additional information. - -In the Select Search Mailbox Parameters section, select the desired filter parameters: - -- Do not Include Archive -- Include Unsearchable Items -- Search Dumpster -- Search Dumpster Only - -#### Date Range Selection Window - -The Date Range Selection window is opened by the **Specify Date Range...** option for a date related -filter on the Filter by Message page. - -![Date Range Selection window](/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/daterangeselectionwindow.webp) - -Select the range category on the left and configure the range setting in the enabled fields: - -- Over – Select the number and time units. The available time units are: **Days**, **Months**, or - **Years**. -- Last – Select the number and time units. The available time units are: **Days**, **Months**, or - **Years**. -- Before – Drop-down menu opens a calendar selection view, choose the end date -- After – Drop-down menu opens a calendar selection view, choose the start date -- Between (Date) – Drop-down menus open calendar selection view, choose the start and end dates -- Between – Select the numbers for the lower and upper range boundary, and the desired time units. - The available time units are: **Days**, **Months**, or **Years**. - -When the date range is specified, click **OK**. The selected date range shows as a filter on the -Filter by Message page. Click the filter to open the Date Range Selection window to modify the date -range. - -#### Words Window - -The Words window is opened by the **Specify words...** option for a word related filter on the -Filter by Message page. - -![Words window](/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/wordswindow.webp) - -In the Search property section, choose the filter logic: - -- All Words – All selected word filters must be met -- Any Words – Any of the selected word filters must be met - -Then, configure the required words in the filter list. Enter the word in the textbox and click -**Add**. To delete a word from the filter list, select the word and click **Remove**. - -When the word list is complete, click **OK**. The specified words show as a filter on the Filter by -Message page. Click the filter to open the Words window to modify the list. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/mail-flow.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/mail-flow.md deleted file mode 100644 index e2b75f478b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/mail-flow.md +++ /dev/null @@ -1,16 +0,0 @@ -# ExchangePS: Mail Flow - -The Mail Flow page returns permissions information for the public folder environment. It is a wizard -page for the category of: - -- Office 365 > Mail Flow Metrics - -![ExchangePS Data Collector Wizard Mail Flow page](/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/mailflow.webp) - -Select and configure a date range from the following options: - -**NOTE:** Date range must be 7 days or less. - -- Last – Select the number of days -- Between (Date) – Use the drop-down menus to open the calendar selection view to choose the start - and end dates diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/mailbox-logons.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/mailbox-logons.md deleted file mode 100644 index d83602e970..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/mailbox-logons.md +++ /dev/null @@ -1,21 +0,0 @@ -# ExchangePS: Mailbox Logons - -The Mailbox Logons page is used to define the type of mailbox logon events to return, as well as the -date range to be returned. It is a wizard page for the category of Mailbox Information > Mailbox -Access Logons. - -![ExchangePS Data Collector Wizard Mailbox Logons page](/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/mailboxlogons.webp) - -Select the desired checkboxes to indicate which logons to audit: - -- Delegate -- Admin -- Owner - -Specify the date range for the logons: - -- Last – Select the number and time units - - **NOTE:** Available units are **Days**, **Months**, or **Years**. - -- Between (Date) – Use the drop-down menus to open calendars to select the start and end dates diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md deleted file mode 100644 index fc892a3d41..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md +++ /dev/null @@ -1,31 +0,0 @@ -# ExchangePS: Options - -The Options page is used to configure additional options. It is a wizard page for all of the -categories. - -![ExchangePS Data Collector Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -The following options can be configured: - -- Message size units - Select the message size for the query: - - - KB - - MB - - GB - -- How to format collected results – Select how table will be formatted according to the return data: - - - Return data as collected - - Return each value of the following property in a separate row – Enabled for specific - properties selected on the Results page - - Return data in a separate row for each property set in the following group – Enabled for - specific properties selected on the Results page - -- How to return multi-valued properties – Select how the table will be formatted when the return - data contains multi-valued properties: - - - Concatenated - - - Delimiter – Enter the desired delimiter to be used between values - - - First-value only diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/overview.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/overview.md deleted file mode 100644 index e9e844595b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/overview.md +++ /dev/null @@ -1,83 +0,0 @@ -# ExchangePS Data Collector - -The ExchangePS Data Collector utilizes the Exchange CMDlets to return information about the Exchange -environment utilizing PowerShell. This data collector has been designed to work with Exchange 2010 -and newer. The ExchangePS Data Collector has been preconfigured within the Exchange Solution. Both -this data collector and the solution are available with a special Access Analyzer license. See the -[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. - -Protocols - -- PowerShell - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Remote PowerShell enabled on a single Exchange server -- Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server - where Remote PowerShell has been enabled -- View-Only Organization Management Role Group -- Discovery Search Management Role Group -- Public Folder Management Role Group -- Mailbox Search Role - -- Discovery Management Role -- Organization Management Role - -See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) -topic for additional information. - -## Remote PowerShell - -The ExchangePS Data Collector will utilize Remote PowerShell when connecting to Exchange 2010 or -newer. This behavior simulates what the Exchange Management Shell does when loading. The below -PowerShell syntax is an example of how the connection is loaded through PowerShell. - -``` -$JobUserName = '{insert domain\username}' -$JobPassword = '{insert password}' -$secpasswd = ConvertTo-SecureString $JobPassword -AsPlainText -Force -$JobCredential = New-Object System.Management.Automation.PSCredential ($JobUserName, $secpasswd) -$relaxed=New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck -$sess=New-PSSession -ConnectionUri 'https://{exchangeserver}/powershell?serializationLevel=Full' -ConfigurationName 'Microsoft.Exchange' -AllowRedirection -Authentication Negotiate -Credential $JobCredential -SessionOption $relaxed  -Import-PSSession $sess -``` - -See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) -topic for instructions on enabling Remote PowerShell. - -## The Exchange Applet - -The Exchange Applet will run on the Exchange server by the ExchangePS Data Collector in the -following circumstances: - -- An actual Client Access Server (CAS) server is not specified either in the global configuration - (**Settings** > **Exchange** node) or on the Category page of the ExchangePS Data Collector Wizard -- Remote PowerShell has not been enabled for targeting Exchange 2010 - -The following Exchange Snap-in is used when the applet is utilized: - -- Add-pssnapin Microsoft.Exchange.Management.Powershell.E2010 - -## ExchangePS Query Configuration - -The ExchangePS Data Collector is configured through the ExchangePS Data Collector Wizard, which -contains the following wizard pages: - -- [ExchangePS: Category](/docs/accessanalyzer/12.0/data-collection/exchange-ps/category.md) -- [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) -- [ExchangePS: Scope by DB](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-databases.md) -- [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-mailboxes.md) -- [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-public-folders.md) -- [ExchangePS: Filter by Message](/docs/accessanalyzer/12.0/data-collection/exchange-ps/filter-message.md) -- [ExchangePS: Mailbox Logons](/docs/accessanalyzer/12.0/data-collection/exchange-ps/mailbox-logons.md) -- [ExchangePS: Results](/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md) -- [ExchangePS: Options](/docs/accessanalyzer/12.0/data-collection/exchange-ps/options.md) -- [ExchangePS: Error Logging](/docs/accessanalyzer/12.0/data-collection/exchange-ps/error-logging.md) -- [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) - -Available pages vary according to selections made throughout the wizard. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md deleted file mode 100644 index 37fc5b0566..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/results.md +++ /dev/null @@ -1,9 +0,0 @@ -# ExchangePS: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -of the categories. - -![ExchangePS Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Select All** and **Clear All** buttons can be used. -All selected properties will be gathered. Available properties vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-databases.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-databases.md deleted file mode 100644 index 40bcd5e8bf..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-databases.md +++ /dev/null @@ -1,18 +0,0 @@ -# ExchangePS: Scope by DB - -The Scope by Databases page is used to define specific databases to search. This page is enabled -when **Scope by Database Target Host: Local Host** option is selected on the Scope page. See the -[ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) topic for additional information. - -When using the applet, the data collector returns databases for the Exchange Organization in which -the Access Analyzer Console currently resides, and only returns information about those databases. -For Remote PowerShell, the data collector returns databases for the Exchange Forest and only returns -information about those databases. - -![ExchangePS Data Collector Wizard Scope by Databases page](/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopedatabases.webp) - -Click **Retrieve** to return all databases in the Exchange Organization and populate them in the -Available Databases list. Select the desired databases from Available Databases and click **Add**. -The selected databases are added in the Selected Databases list. To remove undesired databases from -Selected Databases, select them and click **Remove**. The Select All and Clear All buttons can be -used for quick selection. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-mailboxes.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-mailboxes.md deleted file mode 100644 index 7be856d96d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-mailboxes.md +++ /dev/null @@ -1,18 +0,0 @@ -# ExchangePS: Scope by Mailboxes - -The Scope by Mailboxes page is used to define specific mailboxes to search. This page is enabled -when the **Scope by Mailbox Target Host: Local Host** option is selected on the Scope page. See the -[ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) topic for additional information. - -When using the applet, the data collector will return mailboxes for the Exchange Forest in which the -Access Analyzer Console currently resides, and only return information about those mailboxes. For -Remote PowerShell, the data collector will return mailboxes for the Exchange Forest as well as -return information about those mailboxes. - -![ExchangePS Data Collector Wizard Scope by Mailboxes page](/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopemailboxes.webp) - -Click **Retrieve** to return all mailboxes in the Exchange Organization and populate them in the -Available Mailboxes list. Select desired mailboxes from the Available Mailboxes list and click -**Add**. The selected mailboxes are added in the Selected Mailboxes list. To remove undesired -mailboxes from Selected Mailboxes, select them and click **Remove**. The Select All and Clear All -buttons can be used for quick selection. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-public-folders.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-public-folders.md deleted file mode 100644 index 25276f388d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-public-folders.md +++ /dev/null @@ -1,39 +0,0 @@ -# ExchangePS: Scope by Public Folders - -The Scope by Public Folders page is used to define specific public folders to search. This page is -enabled when the **Scope by Public Folder** option is selected on the Scope page. See the -[ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) topic for additional information. - -Configure the **Scope** option using the drop-down. The available options are: - -- Selected Public Folder -- Selected Table - -The option selected changes how the public folders are identified for scoping. - -## Selected Public Folder - -The **Selected Public Folders** scope option retrieves all public folders in the Exchange -organization, populating them in the Available list. - -![ExchangePS Data Collector Wizard Scope by Public Folders page with Selected Public Folders option](/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopepublicfolders.webp) - -The **Search** feature filters this list. Select the desired public folders and click **Add**. The -selected public folders are added to the Selected list. Use the **Remove** option to delete selected -public folders from the list. The Select All or Deselect All buttons can be used for quick -selection. Additional scoping options include: - -- Return only these folders – Audits only the selected public folders -- Return all children – Audits the selected public folders and all sub-folders -- Return only direct children – Audits the selected public folders and one folder deeper - -## Selected Table - -The **Selected Table** scope option populates the Available tables list with tables from the Access -Analyzer database. - -![ExchangePS Data Collector Wizard Scope by Public Folders page with Selected Table option](/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp) - -The **Search** feature filters this list. Select the table that houses the list of public folders -for which this query will be scoped. The Field containing EntryIDs list is populated with columns -from the selected table. Select the appropriate column from the list. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md deleted file mode 100644 index 764329c45c..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md +++ /dev/null @@ -1,42 +0,0 @@ -# ExchangePS: Scope - -The Scope page establishes how mailboxes are scoped. It is a wizard page for all of the categories. - -![ExchangePS Data Collector Wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -Available scoping options vary based on the category selected. Scoping options include: - -- No Scoping Target Host: Local Host – Returns all results for the entire targeted Exchange - Organization - - - If this option is selected, then the data collector should be run against the host specified - on the Summary page. See the [ExchangePS: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md) topic for additional - information. - - When using the applet, the data collector gathers information about the Exchange Forest in - which the Access Analyzer Console currently resides - - For Remote PowerShell, the data collector gathers information about the Exchange Organization - to which the Remote PowerShell connection was made. This refers to the server entered in the - Client Access Server (CAS) field of the global configuration from the **Settings** > - **Exchange** node or on the this page. - -- Scope by Database Target Host: Local Host – Scope query to return results for specific databases. - If this option is selected, the Scope by Database page is enabled in the wizard. See the - [ExchangePS: Scope by DB](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-databases.md) topic for additional information. -- Scope by Mailbox Target Host: Local Host – Scope query to return results for specific mailboxes. - If this option is selected, the Scope by Mailboxes page is enabled in the wizard. See the - [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-mailboxes.md) topic for additional information. -- Scope by Server Target Host: Exchange MB Server – Scope query to return results for specific - servers selected in the job’s **Configure** > **Hosts** node - - - When using the applet, the data collector deploys a process to the targeted host to run the - PowerShell on that server - - For Remote PowerShell, the data collector does not deploy anapplet and utilizes the WinRM - protocol to gather information about the objects on that server. See the - [Remote PowerShell](/docs/accessanalyzer/12.0/data-collection/exchange-ps/overview.md#remote-powershell) and - [The Exchange Applet](/docs/accessanalyzer/12.0/data-collection/exchange-ps/overview.md#the-exchange-applet) topics for additional information. - -- Scope by Public Folder – Scope query to return results for specific Public Folders. If this option - is selected, the Scope by Public Folders page is enabled in the wizard. See the - [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-public-folders.md) topic for additional information. -- View entire forest when querying for objects – Select this checkbox to scan the entire forest when - querying for objects diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md b/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md deleted file mode 100644 index bcb6a48ff3..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-ps/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# ExchangePS: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![ExchangePS Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the ExchangePS Data Collector Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/category.md b/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/category.md deleted file mode 100644 index 88ec48b487..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/category.md +++ /dev/null @@ -1,12 +0,0 @@ -# ExchangePublicFolder: Category - -The Category page is used to select the objects to search. - -![Exchange Public Folder Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The ExchangePublicFolder Data Collector contains the following query categories: - -- Contents – Returns information on the contents of each folder within the scope -- Permissions – Returns permissions on the each folder within the scope -- Ownership – Returns trustees which have the owner permission role -- Replicas – Returns a listing for each folder within the scope, including the replicas diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/options.md b/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/options.md deleted file mode 100644 index c4c098cdba..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/options.md +++ /dev/null @@ -1,32 +0,0 @@ -# ExchangePublicFolder: Options - -The Options page provides additional configuration options for the query. It is a wizard page for -all of the categories. Available options vary based on the category selected. - -![Exchange Public Folder Data Collector Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -The Options page contains the following options: - -- Process folders that physically reside on the target server only – This option will limit - extraction to only the subset of public folders which reside on this server when selected. Clear - this option if targeting the Exchange 2010 Public Folder Server. The ability to scope to the - targeted server is not available for Exchange 2010. The entire public folder hierarchy is - returned. -- Message size units: - - - KB - - MB - -- Include subfolders in message counters – This option is only available for the Contents category. - When this option is selected, it will include subfolders in message counters, according to the - Scope page settings. See the [ExchangeMetrics: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/scope.md) topic for - additional information. -- Large attachment threshold (Kb) – Configure the desired size limit for attachments. The default - value is 500. - -In the Attachment types section, configure attachment count types. - -- Count attachment types – Selecting this option enables the Content Types settings -- Add New – Add classifications and provide the file extensions for those classifications -- Load Defaults – Resets the **Attachment types** configuration to its original settings -- Remove – Deletes a selected classification from the filter list diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/overview.md b/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/overview.md deleted file mode 100644 index 37f1bb6d96..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/overview.md +++ /dev/null @@ -1,66 +0,0 @@ -# ExchangePublicFolder Data Collector - -The ExchangePublicFolder Data Collector audits an Exchange Public Folder, including contents, -permissions, ownership, and replicas. This is a MAPI-based data collector which requires the -**Settings > Exchange** node to be enabled and configured. See the -[Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) topic for additional information. - -The ExchangePublicFolder Data Collector has been preconfigured within the Exchange Solution. Both -this data collector and the solution are available with a special Access Analyzer license. See the -[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional information. - -Protocols - -- MAPI -- RPC - -Ports - -- TCP 135 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Exchange Administrator group -- Organization Management - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## ExchangePublicFolder Query Configuration - -The ExchangePublicFolder Data Collector is configured through the Exchange Public Folder Data -Collector Wizard, which contains the following wizard pages: - -- Welcome -- [ExchangePublicFolder: Category](/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/category.md) -- [ExchangePublicFolder: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/scope.md) -- [ExchangePublicFolder: Properties](/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/properties.md) -- [ExchangePublicFolder: Options](/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/options.md) -- [ExchangePublicFolder: Probable Owner](/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/probable-owner.md) -- [ExchangePublicFolder: Summary](/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/summary.md) - -The query requires special permissions to connect to target Exchange servers. Configure these -permissions on the Welcome page. - -![Exchange Public Folder Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -In the Connection Setting section, choose to either maintain the global inheritance, or configure -query specific settings. - -The **Use Global setting** option specifies what setting is being inherited. Clear this option to -break inheritance, and then select one of the following options: - -- System Attendant (2003 & 2007) -- Use the maibox associated with the Windows account that Access Analyzer is run with -- Exchange Mailbox (2010 and newer) – Enter the Exchange mailbox -- Client Access Server – Enter the CAS - -See the [Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) topic for additional information. - -In the Sampling server section, enter the Exchange server in the textbox to be used to test the -connection settings. Click **Test sampling server** to ensure there is access to the server. The box -at the bottom of the page displays information regarding the test connection in progress. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/probable-owner.md b/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/probable-owner.md deleted file mode 100644 index edc16d7b30..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/probable-owner.md +++ /dev/null @@ -1,55 +0,0 @@ -# ExchangePublicFolder: Probable Owner - -The Probable Owner Settings page provides configuration options to determine an owner. It is enabled -when the Probable Owner property is selected on the Properties page. See the -[ExchangePublicFolder: Properties](/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/properties.md) topic for additional information. - -![Exchange Public Folder Data Collector Wizard Probable Owner page](/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/probableowner.webp) - -In the Determine owner section, select the desired option to specify what setting to use to -determine an owner: - -- Determine owner from folder hierarchy – Select to determine the probable owner with a weight of - one hundred percent on file hierarchy -- Determine owner from content count – Select to determine the probable owner with a weight of one - hundred percent of content count -- Determine owner from content size – Select to determine the probable owner with weight of 100 - percent on content size -- Use custom weights – Select to enable the **Result weights** option to assign custom weights to - the ownership categories - - ![Probable Owner Settings window](/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp) - -- Result weights – This option is enabled when the **Use custom weights** option is selected. Click - the ellipses to open the Probable Owner Settings window and assign ownership weights to distribute - between the parameters. - -In the Exclusions section, select one or more of the following checkboxes to specify exclusions: - -- Exclude locked out users -- Exclude disabled users -- Exclude Zombie Owners -- Exclude users from analysis – Select this checkbox to enable the Exclude users list and add users - for exclusion. - - - Add user – Enter a user in the box and click **Add user** to add the user to the exclusion - list - - Import from file – Click **Import from file** to open the Import File Dialog page and browse - for a file to import - - Select from GAL – Click **Select from GAL** to select a user from the Global Address Book - - Clear list – Click **Clear list** to remove all users from the Exclude users list - - Remove selected – Select a user or users to remove from the Exclude users list and click - **Remove selected** to remove the users - -In the Output Options section, select the desired output option: - -- Get one most probable owner – Return one probable owner -- Get probable owners with relative deviation to the most probable owner – Return probable owners - based on the deviation from percentage from the most probable owner - - - Maximum deviation [number] percents – Use the arrow buttonss to enter the desired percent of - deviation from the most probable owner from which to return probable owners - -- Get multiple probable owners – Return multiple probable owners - - - Count – Use the arrow buttons to enter the desired number of probable owners to return diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/properties.md b/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/properties.md deleted file mode 100644 index a91d9b75b0..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/properties.md +++ /dev/null @@ -1,16 +0,0 @@ -# ExchangePublicFolder: Properties - -The Properties page is where properties that will be gathered are selected. It is a wizard page for -all of the categories. - -![Exchange Public Folder Data Collector Wizard Properties page](/img/product_docs/activitymonitor/activitymonitor/install/agent/properties.webp) - -Properties can be selected individually or you can use the **Select All**, **Clear All**, or **Reset -All** buttons. All selected properties will be gathered. The **Message Classes** button opens the -Message classes filters window. - -![Message classes filters window](/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp) - -The wildcard (`*`) returns all message class filters. Enter the name of a class filter and click -**Add** to add it to the list. **Delete** will remove the selected class filter from the list. The -**Load defaults** option will restore the class filter default settings. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/scope.md b/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/scope.md deleted file mode 100644 index 777d56dfd8..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/scope.md +++ /dev/null @@ -1,70 +0,0 @@ -# ExchangePublicFolder: Scope - -The Scope page is used to define which folders will be included will be searched by this query. It -is a wizard page for all of the categories. - -![Exchange Public Folder Data Collector Wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -In the Choose Type of Public Folders to be queried section, select either: - -- Default Public Folders – User can access these folders directly with client applications such as - Microsoft Outlook. In its default configuration, Exchange System Manager displays these folders - when a public folder tree is expanded. -- System Public Folders – Users cannot access these folders directly. Client applications, such as - Microsoft Outlook, use these folders to store information such as free and busy data, offline - address lists, and organizational forms. Other folders hold configuration information that is used - by custom applications or by Exchange itself. The Public Folders tree contains extra system - folders, such as the EFORMS REGISTRY folder, that do not exist in general-purpose public folder - trees. - -In the Choose Scope of Public Folders to be queried section, select one of the following options: - -- All Public Folders – Returns all public folders within the targeted environment -- Selected Public Folders – Returns only those public folders specified on the Scope page of the - query - - - See the [Scope to the Selected Public Folders](#scope-to-the-selected-public-folders) topic - for additional information - -- Selected Table – Returns only those public folders within the table and field name specified on - the Scope page of the query - - - See the [Scope to Selected Table](#scope-to-selected-table) topic for additional information. - -## Scope to the Selected Public Folders - -When Scope to **Selected Public Folders** is selected on the Scope page, the options to specify the -desired folders are enabled. - -![Scope page with Selected Public Folders option selected](/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp) - -Configure the scope of the selected public folders to be queried: - -- Select public folders from – Enter the name of the server hosting the desired public folders and - click **Retrieve**. The box will populate with available public folders. -- Add – Adds the selected folders -- Add Recursive – Adds the selected folders and all child folders. Not adding recursive folders will - add only the selected folder without its child folders. -- Highlight selected host folders – Highlights all the folders that are physically housed on the - selected host. If enabled, physically housed folders show in bold text in the list that is - returned after clicking **Retrieve**. - -The selected public folders are added in the table at the bottom. Click **Remove** to delete a -selected word from the filter list. - -## Scope to Selected Table - -When Scope to **Selected Table** is selected on the Scope page, the options to specify the desired -tables are enabled. - -![Scope page with Selected Table option selected](/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp) - -Configure the selected tables to be queried: - -- Table Name – retrieves the list of selected public folders from a Access Analyzer database table. - Click **Retrieve** to populate the Table name box with all available tables within the database. - - - The Table name box can be filtered by entering a name in the textbox and clicking **Retrieve** - -- Field name – Select the desired table and the available fields will populate the Field names box. - Select the field containing the public folder names. diff --git a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/summary.md b/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/summary.md deleted file mode 100644 index 54d60f7b9d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# ExchangePublicFolder: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all of the -categories. - -![Exchange Public Folder Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Exchange Public Folder Data Collector Wizard to ensure that no -accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/file/category.md b/docs/accessanalyzer/12.0/data-collection/file/category.md deleted file mode 100644 index ff196d7264..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/file/category.md +++ /dev/null @@ -1,15 +0,0 @@ -# File: Category - -Use the Category page to identify the type of information to retrieve in this query. - -![File Search Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The categories are: - -- Calculate Group Size (Files Only) – Scans of disk space for the amount used by files in each - folder location. This option scopes the query to files so that any information involving the - folders that hold the files is not retrieved. -- File or Folder Properties – Scans the target host for specific attributes and properties - associated with certain files and folders in the environment. This option is selected by default. -- File or Folder Permissions – Scans files or folders for permission settings and effective - permission results for both users and groups diff --git a/docs/accessanalyzer/12.0/data-collection/file/overview.md b/docs/accessanalyzer/12.0/data-collection/file/overview.md deleted file mode 100644 index bf76095e22..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/file/overview.md +++ /dev/null @@ -1,46 +0,0 @@ -# File Data Collector - -The File Data Collector provides file and folder enumeration, properties, and permissions. It is -used to find files and folders on a target host. The File Data Collector finds one or more files on -the target hosts. It can target any file extension. This data collector is a core component of -Access Analyzer and is available with all Access Analyzer licenses. - -**NOTE:** For enhanced file system data collections, use the -[FileSystemAccess Data Collector](/docs/accessanalyzer/12.0/data-collection/fsaa/overview.md). - -Supported Platforms - -This data collector can target the same servers supported for the FileSystemAccess Data Collector. -See the [File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) topic for a -full list of supported platforms. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports -- Optional TCP 445 - -Permissions - -- Member of the Local Administrators group - -## File Query Configuration - -The **File** Data Collector is configured through the File Search Wizard, which contains the -following wizard pages: - -- Welcome -- [File: Category](/docs/accessanalyzer/12.0/data-collection/file/category.md) -- [File: Target Files](/docs/accessanalyzer/12.0/data-collection/file/target-files.md) -- [File: Results](/docs/accessanalyzer/12.0/data-collection/file/results.md) -- [File: Summary](/docs/accessanalyzer/12.0/data-collection/file/summary.md) - -![File Search Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/file/results.md b/docs/accessanalyzer/12.0/data-collection/file/results.md deleted file mode 100644 index e9516ca7c4..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/file/results.md +++ /dev/null @@ -1,31 +0,0 @@ -# File: Results - -The Results page provides a list of available properties to be searched for and returned by the job -execution. The properties selected display as table columns in the results of the query. It is a -wizard page for all of the categories. - -![File Search Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or in groups with the **Select All** or **Clear All** -buttons. The properties available vary based on the category selected. - -**NOTE:** When the **Calculate Group Size (Files Only)** category is selected, the properties and -options on the Results page are grayed out. - -- Disable properties that require opening file – Disables properties that require opening files that - trigger the last accessed date timestamp - - - This option is available for the **File or Folder Properties** category - -- Only return permissions for the following user(s) – Defines users for the query. Enter the desired - users in the textbox. - - - This option is available for the **File or Folder Permissions** category - -- Only return permissions for the following group(s) – Defines groups for the query. Enter the - desired users in the textbox. - - - This option is available for the **File or Folder Permissions** category - -- Size Units – Identifies the unit in which the values will be displayed. The options are: - **Bytes**, **Kb**, **Mb**, or **Gb**. diff --git a/docs/accessanalyzer/12.0/data-collection/file/summary.md b/docs/accessanalyzer/12.0/data-collection/file/summary.md deleted file mode 100644 index 74c90bf569..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/file/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# File: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - -![File Search Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the File Data Collector Wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/12.0/data-collection/file/target-files.md b/docs/accessanalyzer/12.0/data-collection/file/target-files.md deleted file mode 100644 index 28934ba380..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/file/target-files.md +++ /dev/null @@ -1,115 +0,0 @@ -# File: Target Files - -The Target Files page provides filters to scope the data collection. This can provide better search -results for the specific folder or file. It is a wizard page for all of the categories. - -![File Search Wizard Target Files page](/img/product_docs/accessanalyzer/admin/datacollector/inifile/targetfiles.webp) - -Within the Target files configuration page, select the desired method to refine the query. - -**NOTE:** Some options are grayed out depending on the option selected. - -Where is the file or folder? - -This section supplies options for using a fixed path (wildcards and system variables) or registry -lookup values that are supported by the data collector. This header is available for all Category -selections. - -For either option, enter the path in the text box or click the browse button (**…**) to select from -the popup windows. - -**CAUTION:** When selecting a **Fixed path**, avoid using file paths from network drives or from the -network neighborhoods which begin with `\\`. - -- Fixed path – Specify a specific path to the target files. Use the following format: - `drive\filepath` (for example, `C:\WINNT\System32`). The browse button (**…**) opens the Remote - Folder Explorer window. - - **NOTE:** Further information for the Fixed path option is provided by clicking the tooltip - button (**?**). - -- System environment variables – Supply a traditional system root or previously defined variable - that maps to a physical path within the file system. This is typically used when the system root - is installed on a secondary volume. The following are variables that can be entered at the - beginning of the file path: - - - `%SYSTEMROOT%\Temp` – Expands to `C:\WINNT\Temp` on some target hosts - - `%WibnDir%\System32` – Expands to `C:\WINDOWS\System32` on some target hosts - - `%ProgramFiles%` – Expands to `C:\Program Files` on some target hosts - -- Registry Lookup – Find registry keys and values that exist on a target host in the environment. - Click the browse button (**…**) to open the Access Analyzer Registry Browser window. - - - Access Analyzer Registry – Connect to a host, then select a registry key and path to be used - for the lookup by the query - - - Registry Value – This value is automatically populated from the registry key - - Levels – After a registry path has been selected, the Levels slider can be used to - truncate the path for the key value in the Adjust Path dialog box - - Current Value – Displays the type of data each registry value contains - - Query 32-bit View – Select this checkbox to query a 32-bit view - - Query 64-bit View – Select this checkbox to query a 64-bit view - - When a **Fixed path** or **Registry Lookup** is mapped, select options to better refine - the search. Select one, none, or both. - -- Include network drives – Includes all mapped shared drives in the network in the query - - **CAUTION:** Including subfolders may result in hundreds of thousands of files being returned - depending on the environment being targeted. - -- Include subfolders – Searches all subfolders within the environment - -What is the file or folder name? - -The options in this section limit the search to folders or files with a specified name against the -targeted host. When the **I am looking for folders** option is selected, more options become -available for further refinement. - -**NOTE:** The **I am looking for folders** option and it's associated options are unavailable -(grayed out) when the **Calculate Group Size (Files Only)** category is selected. - -- I am looking for files – Identifies files that exist on the target location and returning property - information on these files -- I am looking for folders – Identifies folders that exist on the target location and returning - property information on these folders - - - Include root folder in results – Returns all information within the root folder - - Only include root folder – Returns information only for the root folder. This checkbox is - enabled when the **Include root folder in results** checkbox is selected. - -- With this name – Specific name of a file or folder. A wildcard is used to match any file or folder - to a specific naming convention. When searching for multiple objects, use a semicolon (`;`) to - separate the objects in the list. - -Last Modification Time Filter - -Last Modification Time Filter is an additional filtration clause. It filters the information -provided in the **Where is the file or folder** and **What is the file or folder name** criteria by -a specific time frames. The following options are available: - -- None – No time filter is applied. This option is selected by default. -- Between – Manually enter start and end dates in the following format (`MM/DD/YYYY`) or use the - dropdown calendar to set the date. By default, the date range is set for the current day. Select - **Today** to set the filter to the current date or **Clear** to reset the dates to a blank box. -- Most recent file – Filter the selected criteria by the most recent files since last modification -- Oldest file – Filter the **With this name** and selected fixed path or registry value by the - oldest files available -- In the last – Filter the selected criteria for the specified number of desired **days** or - **hours** - -File Size Filter - -The File Size Filter option is only available when the **Calculate Group Size (Files Only)** -category is selected. Select an option to activate the filter and narrow the query. - -- None – No file size filter is applied. This option is selected by default. -- Below – Filter to files smaller than the specified values - - - Enter the number in the first text box and then select the size (**Bytes**, **Kb**, **Mb**, or - **Gb**) from the dropdown menu - -- Above – Filter to files larger than the specified values - - - Enter the number in the first text box and then select the size (**Bytes**, **Kb**, **Mb**, or - **Gb**) from the dropdown menu diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/activity-settings.md b/docs/accessanalyzer/12.0/data-collection/fsaa/activity-settings.md deleted file mode 100644 index 8c37e171b3..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/activity-settings.md +++ /dev/null @@ -1,90 +0,0 @@ -# FSAA: Activity Settings - -The File System Activity Auditor Scan Filter Settings page is where activity scan filter settings -are configured. It is a wizard page for the category of File System Activity Scan. - -![FSAA Data Collector Wizard Activity Settings page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/activitysettings.webp) - -In the Scan Filters section, choose from the following options: - -- Set Scan Filter for Detailed Activity – Enables the **Days** number box. Select the number of past - days for activity details to be collected. -- Set Filter for Statistics of Activity – Enables the **Days** number box. Select the number of past - days for activity statistics to be collected. - -In the Log Parsing Limits section, choose from the following option: - -- Number of Threads – Number of parsing threads FSAC can use at any given time. The default is four - threads. - -In the Scan Limit section, configure the following: - -- Set Log Processing Limit – Stops the scan after the set number of MB or GB of log files are - processed and the threshold number is reached - -These filters affect what data is collected from the activity logs. However, enabling these filters -also causes the corresponding bulk import query to purge the database of selected activity -information older than the time filter specified here. - -If either is left deselected, all available log files are collected and stored. This has a direct -impact on both scan time and database size. - -_Remember,_ the file activity options require the Activity Monitor to be deployed, configured, and -services running. - -In the Host Mapping section, configure the following: - -- Host Mapping – Provides a mapping between the target host and the hosts where activity logs - reside. Select **Configure Query** to open the File System Activity Scan Host Mapping page. This - feature requires advanced SQL scripting knowledge to build the query. See the - [Host Mapping](#host-mapping) topic for additional information. - -## Host Mapping - -If desired, enable the host mapping feature and select **Configure Query** to open the Host Mapping -Query window. - -![Host Mapping Query window](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/hostmappingquery.webp) - -When the Enable host mapping checkbox is selected, the query textbox is enabled. The SQL query -provided by a user should return a set of log locations, target hosts, and host names of the -Monitored Hosts in the Activity Monitor. The target tables must reside within the Access Analyzer -database and contain at least the following columns: - -- LogLocation – Name of the hosts where activity logs reside. The required column name is case - sensitive and must be exactly `LogLocation`. -- HostName – Name of the configured HOST value in the Activity Monitor. The required column name is - case sensitive and must be exactly `HostName`. - - - Format must match exactly how the host is known to the Activity Monitor, on the Monitored Host - tab - -- Host – Name of the host being targeted in the FSAC scan and Bulk Import which the activity events - will be mapped to - -Enter the SQL query by clicking Sample Query then replacing the sample text in the textbox, as shown -above. The SQL query must target tables that have the required columns populated with the host -mapping. - -(Optional) Enter a host in the **Host parameter value (@host)** textbox to test the query to -retrieve the data for that host. - -Select **Test Query** to open a preview of the results in the Query Results window. Ensure that the -data being retrieved by the query is expected. When this option is selected, the data collector runs -against the target table. - -### Host-Agent Mapping - -Access Analyzer can be configured via the Host Mapping feature to support the use of Multiple -Activity Monitor Agents for a single targeted Host. See the examples below: - -Single-Host Single-Agent Example: - -![Query Results window for single agent example](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp) - -Single-Host Multiple-Agent Example: - -![Query Results window for multiple agent example](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp) - -**NOTE:** For multiple-agent setup, the configured Host Mapping table must have the same value for -HostName and Host, as shown in the Single-Host Multiple-Agent example. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md b/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md deleted file mode 100644 index 8b1e65e72c..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md +++ /dev/null @@ -1,122 +0,0 @@ -# FSAA: Applet Settings - -The Applet Settings page is where the Applet Launch Mechanism and Applet Settings are configured. It -is a wizard page for the categories of: - -- File System Access/Permission Auditing Scan -- File System Activity Scan -- Sensitive Data Scan - -**NOTE:** This wizard page identifies options associated with the scan mode to be used. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic for -additional information. - -![FSAA Data Collector Wizard Applet Settings page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettings.webp) - -In the Applet Launch Mechanism section, choose one of three radio buttons: - -- MSTask Task Scheduler – Creates a scheduled task on the target host that runs the applet -- Windows Service – Automatically installs the FSAA Applet as a proxy service - - The Applet service runs as a Connection Profile credential unless the Local System checkbox is - selected in the Applet Settings options below. Then it runs the service in Local mode. -- Require applet to be running as a service on target (does not deploy or launch applet) - - See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md) - topic for additional information. - - It requires the `FSAAAppletServer.exe` to run as a service on the proxy host in order to run a - successful scan. When this radio button is selected, Access Analyzer does not deploy an applet - on the target or proxy machine. Therefore, if the File System Proxy service is not running, - the FSAA scan will fail. - - To avoid a failed scan when an applet cannot be deployed or the File System Proxy service is - not running, the Applet Gathering Settings page contains the **Fallback to local mode if - applet can’t start** option. This option allows the scan to run in local mode when an applet - cannot be deployed or the service is not running. - -![Applet Settings section of the Applet Settings page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettingsappletsettings.webp) - -In the Applet Settings section, configure the following options: - -- Port number – Default port number is 8766 - - See - [Custom Parameters for File System Proxy Service](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md#custom-parameters-for-file-system-proxy-service) - topic for additional information. -- Applet Log level – The type of log created on the target host. Checking the box to Enable Logging - enables the Applet log level drop-down menu. The **Set To Default** button resets the log level to - **Information**. - - Debug – Most verbose logging method, records everything that happens while the applet is - processing - - Information – Records the steps the applet takes while processing as well as errors and - warnings - - Warning – Record when the applet encounters both errors and warnings while processing - - Error – Least verbose logging method, only records when the applet encounters an error while - processing -- Keep log files for last [number] scan(s) – Data retention period. The default is set to **15**. -- Run service as Local System (only applies to Windows Service) - - When this checkbox is selected, the applet is deployed to run as a service on the target host. - The credentials in the Connection Profile are used to deploy and run the service unless - **System Default** is selected as the Connection Profile. - - This option is active when the Windows Service radio button in the Applet Launch Mechanism - section is selected -- Strong proxy affinity (only run scans on last proxy to scan host, unless no longer in proxy host - list) - - This is an optional setting when using proxy architecture - - If this checkbox is selected and a host was previously scanned with a given proxy, it will - only be rescanned with that same proxy. If that proxy is unreachable for any reason and no - connection can be made, Access Analyzer will not try another proxy on the host list and will - fail to scan that host. However, if that proxy is no longer on the host list, it will choose - another proxy on the list and rescan. - - If unchecked, proxy affinity is still considered, though rather than the scan failing if the - proxy is unreachable, a new proxy will be chosen and will scan the host - - If a host has not yet been scanned by a proxy server, the data collector should choose the - least loaded proxy at that time. After that host has been scanned, it will follow the proxy - affinity mapped out above. -- Maximum concurrent scans [number] – This option dictates a set limit to the number of simultaneous - scans allowed to run on a proxy host regardless of max threads set on the job - - For example, if there are two proxy servers with max concurrent scans set to ten per proxy and - one proxy is offline, the remaining proxy should never exceed the value set in the query - configuration for this option, even if the job is configured with 20 threads -- Strong proxy affinity timeout [number] minute(s) – This option determines the time a host waits, - while the proxy server is busy, before it gets pushed into the job engine queue -- Applet communication timeout: [number] minute(s) – This option determines the length of time (in - minutes) the Access Analyzer Console attempts to reach the proxy before giving up. Depending on - the job configuration, the data collector behaves in one of three ways after the timeout value has - been exceeded: - - If a communication timeout is reached and the **Stop scan on applet communication timeout** - option is unchecked, the scan continues running. When the proxy is available again, the data - collector gets the database files on the next scan of that host. It will either bring the - database files back, if the scan has finished, or display the current state of the scan in a - **Running Job** node if it is still running. - - If the communication timeout is reached and the **Stop scan on applet communication timeout** - option is checked, the remote scan is either automatically suspended or canceled. If the - **Restart incomplete scans after (0 always restarts) [number] days** option or the **Rescan - unimported hosts after (0 always rescans) [number] days** option on the Applet Gathering - Settings page are both set to zero or unchecked, the scan cancels. - - If either of these options on the Applet Gathering Settings page are checked with values - higher than zero, the scan is suspended after the communication timeout value has been - exceeded -- Scan cancellation timeout: [number] minute(s) – When checked, this option will timeout the applet - if there is an attempt to pause the scan and the applet does not respond - -![Certificate Exchange Options section of the Applet Settings page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp) - -In the Certificate Exchange Options section, configure the following options: - -- Mechanism – Select one of the following options: - - - Automatic – Certificate exchange is handled automatically by the FSAA Data Collector. This is - the default option. - - Manual – The FSSA Data Collector and applet server expect all certificates to be valid and in - their respective stores beforehand. See the - [FSAA Manual Certificate Configuration](/docs/accessanalyzer/12.0/data-collection/fsaa/manual-certificate.md) topic for additional - information. - - **NOTE:** If the FSAA Data Collector and the applet server are on separate domains without a - trust, this option must be used. - - - Provide Certificate Authority – Enables the **Select** button, which allows you to upload an - existing certificate - -- Port – Select the checkbox to specify the port number for certificate exchange. The Default port - number is 8767. - -See the [FSAA Applet Certificate Management Overview](/docs/accessanalyzer/12.0/data-collection/fsaa/certificate-management.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/azure-tenant-mapping.md b/docs/accessanalyzer/12.0/data-collection/fsaa/azure-tenant-mapping.md deleted file mode 100644 index e35972a405..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/azure-tenant-mapping.md +++ /dev/null @@ -1,23 +0,0 @@ -# FSAA: Azure Tenant Mapping - -The Azure Tenant Mapping page is where the target domain or Tenant ID are configured for Azure -Information Protection (AIP) scanning. It is a wizard page for the categories of: - -- File System Access/Permission Auditing Scan -- File System SDD Scan - -Remember, select the **Enable scanning of files protected by Azure Information Protection** checkbox -on the [FSAA: Scan Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/scan-settings.md) page to enable this page in the data collector wizard. -In order for FSAA to scan files protected by AIP, ensure that the prerequisites are met and an Azure -Connection Profile is successfully created. See the -[Azure Information Protection Target Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-information-protection.md) -topic for additional information on configuring the File System solution to scan for AIP labels. - -![FSAA Data Collector Wizard Azure Tenant Mapping page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/azuretenantmapping.webp) - -Populate this page with the App ID (created during prerequisites) and a domain name or Tenant ID for -an Azure environment. These values must be associated with each application ID in the Azure -Connection Profile. - -Use the **Add** and **Remove** buttons and manually enter or **Paste** into the textbox the required -information. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/bulk-import.md b/docs/accessanalyzer/12.0/data-collection/fsaa/bulk-import.md deleted file mode 100644 index 502bb215ca..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/bulk-import.md +++ /dev/null @@ -1,14 +0,0 @@ -# FSAA: Bulk Import Settings - -The Bulk Import Settings page is where the bulk import process settings are configured. It is a -wizard page for the categories of: - -- Bulk Import File System Access/Permission Auditing -- Bulk Import File System Activity -- Bulk Import Sensitive Data - -![FSAA Data Collector Wizard Bulk Import Settings page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/bulkimport.webp) - -Select the **Import incomplete scan data** checkbox to enable imports of partial scan data. If the -scan is stopped before successful completion, this option must be checked in order to bulk import -the data from a partially scanned host. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/certificate-management.md b/docs/accessanalyzer/12.0/data-collection/fsaa/certificate-management.md deleted file mode 100644 index 5c5cef7761..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/certificate-management.md +++ /dev/null @@ -1,61 +0,0 @@ -# FSAA Applet Certificate Management Overview - -Communication between the FSAA Data Collector and the FSAA Applet is secure by default using HTTPS. -For authentication, at least three certificates are required and need to be stored in the correct -certificate store managed by the FSAA Data Collector. These three certificates are: - -- The certificate authority (stored in the FSAA Certificate Authority Store) -- The server certificate (stored in the FSAA Server Certificate Store) -- The client certificate (stored in the FSAA Client Certificate Store) - -**NOTE:** The FSAA Data Collector and Applet server support certificates in both the user’s -certificate store and the computer’s certificate store. It is recommended to store certificates in -the user's certificate store that is running the FSAA Data Collector or Applet server because -administrative access is required for the computer's certificate store. When certificates are -generated using the Automatic option below, they are stored in the user’s certificate store. - -![Certificate Exchange Options section of the Applet Settings page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp) - -There are three Certificate Exchange Options provided by the FSAA Data collector: - -- Automatic (Default Option) – The creation of a self-signed certificate and certificate exchange - between the FSAA Data Collector and Applet are handled entirely by the FSAA Data Collector and - Applet server - - - The self-signed CA generated will be valid for two years and the FSAA Data Collector and - Applet server will also manage expired certificates and remove certificates that are no longer - valid from the FSAA stores - -- Manual – The FSAA Data Collector will expect all certificates to be valid and in their respective - certificate stores prior to running a scan - - - To create and store certificates, the `FSAACertificateManager.exe` tool can be used. This - application was created to simplify the process of creating certificates and will store the - certificates in the location that the FSAA Data Collector and Applet server expect them to be - stored. See the [FSAA Manual Certificate Configuration](/docs/accessanalyzer/12.0/data-collection/fsaa/manual-certificate.md) topic for - additional information. - - The `FSAACertificateManager.exe` tool is located in the - `StealthAUDIT\PrivateAssemblies\FILESYSTEMACCESS\Applet` directory. For complete - instructions and examples on how to use the tool, run `FSAACertificateExchangeManager.exe` - with the `-help` command. - - **NOTE:** If the FSAA Data Collector and Applet are on separate domains without a trust, this - option must be used. - -- Provide Certificate Authority – The certificate exchange process is the same as with the Automatic - option. However, instead of creating a self-signed certificate, the FSAA Data Collector uses a - certificate you provide through the FSAA Data Collector Wizard. The provided certificate is stored - in the FSAA Certificate Authority Store. - - **NOTE:** If the provided certificate is not self-signed as the Certificate Authority, the root - certificate and the Certificate Authority’s certificate chain must also be stored in the FSAA - Certificate Authority Store on both the client and server hosts. - - **CAUTION:** The FSAA Applet does not support password-protected certificates. Certificates - generated when the Automatic option is selected have no password. When manually creating a - certificate for use with the FSAA Applet the password parameter should be omitted. - -Additionally, the port used for secure certificate exchange can be configured by selecting the -Specify certificate exchange port checkbox on the Applet Settings page of the FSAA Data Collector -Wizard. The default port is 8767. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options.md b/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options.md deleted file mode 100644 index c88726bb1b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options.md +++ /dev/null @@ -1,17 +0,0 @@ -# FSAA: Default Scoping Options - -The Default Scoping Options page is where scan settings, file details, and file properties settings -can be configured for every resource in the targeted environment by the data collector. The settings -assigned on this page are used by all resources involved in the scan. It is a wizard page for the -categories of: - -- File System Access/Permission Auditing Scan -- Sensitive Data Scan - -![FSAA Data Collector Wizard Default Scoping Options page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scansettings.webp) - -See the Scoping Options tab setting topics to target individual resources for the scan: - -- [Scan Settings Tab](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/scan-settings.md) -- [File Details Tab](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-details.md) -- [File Properties (Folder Summary) Tab](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-properties.md) diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-details.md b/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-details.md deleted file mode 100644 index a345798e96..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-details.md +++ /dev/null @@ -1,46 +0,0 @@ -# File Details Tab - -The File Details tab allows configuration of settings for file detail collection. - -![FSAA Data Collector Wizard Default Scoping Options page File Details tab](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp) - -Select the desired settings for additional scoping: - -- Scan file-level details – Turns on file-level scanning and collects a full list of files, file - size, last modified, and last accessed -- Scan file permissions – Turns on file permission scanning and collects a full list of who has - access to which files - -File tag metadata collection - -- Collect tags/keywords from file metadata properties – Enables the collection of file Microsoft - Office metadata tags and stores the tags into the tables when the **Scan file-level details** - checkbox and the **Collect File Metadata Tags** checkbox are selected on the page. It only scans - the files that satisfy the scan filter settings. -- Include offline files – Include offline files in the scan -- Only collect tags/keywords with the following comma-separated values (case-insensitive) – Collects - tags from the files and stores the tags into the tables. Filters results to only collect from - files with extensions matching to the list of file types entered. - - This option is enabled when the **Scan file-level details** and the **Collect tags/keywords - from file metadata properties** checkboxes are selected. - -The FSAA scan collects the tags from the files and stores the information at the folder level, which -provides a count for the number of occurrences of each tag. - -Scan filter settings - -The Scan filter settings options are enabled if the **Scan file-level details** checkbox is -selected. - -- Only files larger than [number] [size unit] – Filters the results to only collect file data on - files larger than the set value. If this option is not set, all file sizes are collected. -- Only files last modified more than [number] [time period] ago – Filters results to only collect - file data on files modified older than the set value -- Only files last modified less than [number] [time period] ago – Filters results to only collect - file data on files modified younger than the set value -- Only files matching one of these comma-separated types (without leading dots) – Filters results to - only collect files with extensions matching to the list of file types entered. If this option is - not set, all file types are collected. - -**CAUTION:** Be careful when configuring these settings. If no filters are applied when file detail -scanning has been enabled, it can result in returning large amounts of data to the database. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-properties.md b/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-properties.md deleted file mode 100644 index d8b428593b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-properties.md +++ /dev/null @@ -1,28 +0,0 @@ -# File Properties (Folder Summary) Tab - -The File Properties (Folder Summary) tab is where file property collection settings for the scan is -configured. - -![FSAA Data Collector Wizard Default Scoping Options page File Properties (Folder Summary) tab](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp) - -- Scan for probable owners – Gathers file ownership information to determine the most probable owner - of every resource - - Limit maximum number of probable owners to return per folder [number] – Stops the collection - of probable owners when the number provided is reached -- Scan for File Types – Gathers file type information within the audited folders - - Limit maximum number of file types to return per folder [number] – Stops the collection of - file types when the number provided is reached per folder - - Only return file types with these comma-separated values (without leading dots) – Enter the - file types that will be returned from the scan. Any types not provided are ignored. -- Collect tags/keywords from file metadata properties (this may significantly increase scan times) – - Scans the files and collects metadata tags from Microsoft Office files - - Include offline files – Scans network files that have the offline files feature enabled - - Include AIP Protected Files – Scans for files protected by Azure Information Protection (AIP) - that have protection labels - - This option is only available when the Enable scanning of files protected by Azure - Information Protection checkbox is enabled on the Scan Settings page - - Only collect tags/keywords with these comma-separated values (case-insensitive) – scopes the - scan to only collect tags from the files with the tags specified by comma-separated values - -The FSAA scan collects the tags from the files and stores the information at the folder level, which -provides a count for the number of occurrences of each tag. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/scan-settings.md b/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/scan-settings.md deleted file mode 100644 index efa79aecd7..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/scan-settings.md +++ /dev/null @@ -1,65 +0,0 @@ -# Scan Settings Tab - -The Scan Settings tab allows configuration of data collection settings. - -![FSAA Data Collector Wizard Default Scoping Options page Scan Settings tab](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scansettings.webp) - -The Scan Settings tab has the following configurable options: - -- Limit returned subfolder depth to: [number] level – Value indicates the depth of the scan - - - Higher numbers increases scan time but return more thorough data - -- Exclude snapshot directories on NetApp server – Excludes folders on NetApp Filers that begin with - ~snapshot -- Exclude system shares – Part of the OS that most users don’t have access to so its hidden by - Microsoft -- Exclude hidden shares – Excludes shares with names ending with $ -- Last Access Time (LAT) preservation – Preserves Data Access timestamp attribute on files that are - scanned for Metadata tags and sensitive data - - - Warn if unable to preserve Last Access Time – Scan throws a warning if the LAT cannot be - preserved. The file is still scanned unless the Skip file if unable to preserve Last Access - Time checkbox is also selected. - - Skip file if unable to preserve Last Access Time – Scan skips the file if the LAT cannot be - preserved - -Selecting the **Last Access Time (LAT) preservation** checkbox enables the **Action on failure to -enable LAT preservation** and **Action on changed LAT after scan** dropdown menus. - -![Action on failure to enable LAT preservation dropdown options](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp) - -- Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to enable - an operating system feature to preserve the LAT when accessing the file. This operation may fail - for a variety of reasons, which include but are not limited to: the operating system or file - system where the file is located does not support LAT preservation, or insufficient permissions - from the service account trying to access the file. The following configuration addresses a - failure to enable the LAT preservation mode: - - - Continue to scan file silently – FSAA scans the file with the possibility that LAT - preservation is not possible. No warning will be shown. - - Continue to scan file with warning – FSAA scans the file with the possibility that LAT will - not be preserved. A warning will be shown for this file. - - Skip file silently – FSAA will not scan the file. No warning will be shown. - - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating the - file was skipped. - - Abort the scan – FSAA will abort the scan. No further files will be processed. - -![Action on changed LAT after scan dropdown options](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp) - -- Action on changed LAT After scan – Before scanning each file, the LAT of the current file is - recorded. After scanning, it is verified whether the LAT has changed since then (likely scenarios - are either that the LAT preservation mechanism failed to function as intended, or that the file - was accessed by someone while the scan was occurring). The following configuration addresses a - changed LAT: - - - Continue scan silently – The scan will move on to the next file while updating the LAT for the - processed file. No warning will be shown. - - Continue scan with warning – The scan will continue on to the next file. LAT will be updated - for the processed file. A warning will be shown. - - Force-reset file LAT silently – The scan will reset the file's LAT to its original state - before processing. No warning will be shown. The scan will proceed to the next file. - - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original state - before processing. A warning will be shown. The scan will proceed to the next file. - - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No - other files will be processed diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/manual-certificate.md b/docs/accessanalyzer/12.0/data-collection/fsaa/manual-certificate.md deleted file mode 100644 index 9b6518de34..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/manual-certificate.md +++ /dev/null @@ -1,178 +0,0 @@ -# FSAA Manual Certificate Configuration - -To create and store the certificates needed to set up FSAA scans using manual certificate exchange, -use the `FSAACertificateManager.exe` tool. The `FSAACertificateManager.exe` tool is located in the -`StealthAUDIT\PrivateAssemblies\FILESYSTEMACCESS\Applet` directory. All commands in the tool are -case-sensitive. - -Follow the steps to use the tool to create and store the required certificates. - -**NOTE:** In these steps, some commands need to be run on the Access Analyzer console and some on -the Proxy host. In the provided example commands: - -- All files that are generated by the Certificate Manager or copied to the Access Analyzer console - are placed in the `%SAInstallDir%\PrivateAssemblies\FILESYSTEMACCESS\Applet\My Certificates` - directory. This folder is created by the tool if it does not already exist. -- When operating on the proxy host, files are placed into the root of the **FSAA** folder - -_Remember,_ all commands in the `FSAACertificateManager.exe` tool are case-sensitive. - -**Step 1 –** Create a Certificate Authority (CA). The CA is a self signed certificate that will be -used to sign the client and server certificates. On the Access Analyzer console, run the following -command: - -``` -.\FSAACertificateManager.exe -createCertificate -subjectDN CN=FSAA CA NEAConsole.my.domain.com -purpose CertificateAuthority -friendlyName FSAA_CA -outputPath ".\My Certificates" -name MyFSAACA -``` - -- Replace the Common Name (CN) in this example command (`FSAA CA NEAConsole.my.domain.com`) with a - unique and descriptive name -- The output file is stored at the specified output path `.\My Certificates` - -The following message is returned when the command completes successfully: - -``` -Successfully wrote certificate to .\My Certificates\MyFSAACA.pfx -``` - -**Step 2 –** Create a client certificate using the CA from the previous step. On the Access Analyzer -console, run the following command: - -``` -.\FSAACertificateManager.exe -createCertificate -issuer ".\My Certificates\MyFSAACA.pfx" -subjectDN CN=NEAConsole.my.domain.com -purpose ClientAuth -subjectAlternativeNames NEAConsole -friendlyName FSAA_Client_Auth -outputPath ".\My Certificates" -name MyFSAAClientCert -``` - -- Replace the CN (`NEAConsole.my.domain.com`) with the fully qualified domain name (FQDN) of your - Access Analyzer console -- Replace the alternate subject name (`NEAConsole`) with the short name for the Access Analyzer - console -- The output file is stored at the specified output path `.\My Certificates` - -The following message is returned when the command completes successfully: - -``` -Successfully wrote certificate to .\My Certificates\MyFSAAClientCert.pfx -``` - -**Step 3 –** Store the CA in an FSAA managed certificate store. As the user that runs the Access -Analyzer console, run the following command on the Access Analyzer console: - -``` -.\FSAACertificateManager.exe -storeCertificate -certificate ".\My Certificates\MyFSAACA.pfx" -store CertificateAuthority -location CurrentUser -``` - -The following message is returned when the command completes successfully: - -``` -Successfully added FSAA_CA to CertificateAuthority -``` - -**Step 4 –** Store the client certificate in an FSAA managed certificates store. As the user that -runs the Access Analyzer console, run the following command on the Access Analyzer console: - -``` -.\FSAACertificateManager.exe -storeCertificate -certificate ".\My Certificates\MyFSAAClientCert.pfx" -store Client -location CurrentUser -``` - -The following message is returned when the command completes successfully: - -``` -Successfully added FSAA_Client_Auth to Client -``` - -**Step 5 –** Convert the CA from a PFX file to a CER file. On the Access Analyzer console, run the -following command: - -**NOTE:** This conversion to a CER file is necessary so that the private key of the CA is not -shared. - -``` -.\FSAACertificateManager.exe -createCER -certificate ".\My Certificates\MyFSAACA.pfx" -outputPath ".\My Certificates" -name MyFSAACA -``` - -The following message is returned when the command completes successfully: - -``` -Successfully wrote CER certificate to .\My Certificates\MyFSAACA.cer -``` - -**Step 6 –** Copy `FSAACertficateManager.exe` and the CA CER file (`.\My Certificates\MyFSAACA.cer`) -to the proxy host that will be running `FSAAAppletServer.exe`. These files must be copied to the -same directory. - -**NOTE:** These copied files will be deleted from the destination directory later in Step 12. - -**Step 7 –** Generate the server certificate signing request and key on the Proxy host. On the proxy -host, run the following command out of the FSAA folder where the `FSAACertificateManager.exe` was -copied to: - -``` -.\FSAACertificateManager.exe -createCertificateSigningRequest -subjectDN CN=proxy01.my.domain.com -subjectAlternativeNames Proxy01 -outputPath . -name Proxy01 -``` - -- Replace the CN (`proxy01.my.domain.com`) with the FQDN of the proxy host -- Replace the alternate subject name (`proxy01`) with the short name for the proxy host -- The generated certificate signing request and key are stored in the same directory as - `FSAACertificateManager.exe` on the proxy host - -The following message is returned when the command completes successfully: - -``` -Successfully wrote certificate signing request to .\Proxy01.csr -Successfully wrote certificate key to .\Proxy01.key -``` - -**Step 8 –** Store the CA on the proxy host in an FSAA managed certificate store. As the user that -runs the proxy scanner (`FSAAAppletServer.exe`), run the following command on the proxy host: - -``` -.\FSAACertificateManager.exe -storeCertificate -certificate .\MyFSAACA.cer -store CertificateAuthority -location CurrentUser -``` - -The following message is returned when the command completes successfully: - -``` -Successfully added FSAA_CA to CertificateAuthority -``` - -**Step 9 –** Complete the server certificate signing request on the Access Analyzer console. Copy -the CSR file from the proxy host to the **My Certificates** directory on the Access Analyzer console -(where the original CA PFX file is located), then run the following command on the Access Analyzer -console: - -``` -.\FSAACertificateManager.exe -completeCertificateSigningRequest -certificateSigningRequest ".\My Certificates\Proxy01.csr" -purpose ServerAuth -issuer ".\My Certificates\MyFSAACA.pfx" -days 365 -outputPath ".\My Certificates" -name Proxy01 -``` - -The following message is returned when the command completes successfully: - -``` -Successfully completed certificate signing request to .\My Certificates\Proxy01.cer -``` - -**Step 10 –** Store the server certificate on the proxy host in an FSAA managed certificate store. -Copy the Proxy CER file back to the proxy host from the Access Analyzer console. Then, as the user -that runs the proxy scanner (`FSAAAppletServer.exe`), run the following command on the proxy host: - -``` -.\FSAACertificateManager.exe -storeCertificate -certificate .\Proxy01.cer -key .\Proxy01.key -friendlyName FSAA_Server_Auth -store Server -location CurrentUser -``` - -The following message is returned when the command completes successfully: - -``` -Successfully added FSAA_Server_Auth to Server -``` - -**Step 11 –** Repeat Steps 6-10 for each proxy host. - -**Step 12 –** Delete all the PFX, CER, and Key files that were generated or copied in the above -steps from the output locations. - -All of the required FSAA certificates have been stored in the FSAA managed certificate stores. The -FSAA queries need to be configured to use the **Manual** certificate exchange option. This option -can be found under Applet Settings in the FSAA Data Collector Wizard. See the -[FSAA: Applet Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md) topic for additional information. - -For additional information on how to use the `FSAACertificateManager.exe` tool, run the -`.\FSAACertificateManager.exe -help` command. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/overview.md b/docs/accessanalyzer/12.0/data-collection/fsaa/overview.md deleted file mode 100644 index dbe58bc1d8..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/overview.md +++ /dev/null @@ -1,50 +0,0 @@ -# FileSystemAccess Data Collector - -The FileSystemAccess (FSAA) Data Collector collects permissions, content, and activity, and -sensitive data information for Windows and NAS file systems. The FSAA Data Collector has been -preconfigured within the File System Solution. Both this data collector and the solution are -available with a special Access Analyzer license. See the -[File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) topic for additional information. - -Protocols - -- Remote Registry -- WMI - -Ports - -- Ports vary based on the Scan Mode Option selected. See the - [File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic for - additional information. - -Permissions - -- Permissions vary based on the Scan Mode Option selected. See the - [File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) topic for - additional information. - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By default, SDD scans are -configured to run two concurrent threads. For example, if the job is configured to scan 8 hosts at a -time with two concurrent SDD threads, then an extra 32 GB of RAM are required (8x2x2=32). - -## FSAA Query Configuration - -The FSAA Data Collector is configured through the File System Access Auditor Data Collector Wizard. -The wizard contains the following pages, which change based up on the query category selected: - -- [FSAA: Query Selection](/docs/accessanalyzer/12.0/data-collection/fsaa/query-selection.md) -- [FSAA: Applet Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md) -- [FSAA: Scan Server Selection](/docs/accessanalyzer/12.0/data-collection/fsaa/scan-server-selection.md) -- [FSAA: Scan Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/scan-settings.md) -- [FSAA: Azure Tenant Mapping](/docs/accessanalyzer/12.0/data-collection/fsaa/azure-tenant-mapping.md) -- [FSAA: Activity Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/activity-settings.md) -- [FSAA: Default Scoping Options](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options.md) -- [FSAA: Scoping Options](/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-options.md) -- [FSAA: Scoping Queries](/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-queries.md) -- [FSAA: Sensitive Data Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/sensitive-data-settings.md) -- [FSAA: SDD Criteria Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/sdd-criteria.md) -- [FSAA: Bulk Import Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/bulk-import.md) -- [FSAA: FSAA Update Service Setting](/docs/accessanalyzer/12.0/data-collection/fsaa/update-service-settings.md) diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/query-selection.md b/docs/accessanalyzer/12.0/data-collection/fsaa/query-selection.md deleted file mode 100644 index 12512a5dcd..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/query-selection.md +++ /dev/null @@ -1,96 +0,0 @@ -# FSAA: Query Selection - -The FSAA Data Collector Query Selection page contains the following query categories, sub-divided by -auditing focus: - -![FSAA Data Collector Wizard Query Selection page](/img/product_docs/accessanalyzer/admin/datacollector/queryselection.webp) - -- The File System Access/Permission Auditing options scan hosts for file system information, and - there are two categories to choose from: - - - Scan – Scans file systems for permission information, ownership, and content profiling - - Bulk import– Imports access scan data into the SQL database - -- The File System Activity options runs user and group activity and inactivity related queries based - on FSAC data, and there are two categories to choose from: - - - Scan – Performs file system activity scan for the target host - - Bulk import – Imports File System Activity scan data into the SQL database - -- The Sensitive Data options scan hosts for sensitive data, and there are two categories to choose - from: - - - Scan – Scans file system content for sensitive information - - Bulk import – Imports SDD scan data into the SQL database - -- The DFS options collect Distributed File System information, and there is one category: - - - Scan and import – Collects Distributed File System information - - **NOTE:** Starting with v8.1, DFS Audits are completed with a streaming method and do not - require a bulk import query following the scan query. - -- The Azure options collects Azure Files storage account information, and there is one category: - - - Scan and import – Collects Azure Files storage account information. The instant job - preconfigured to use this query category must be used. See the - [FS_AzureTenantScan Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/fs-azuretenantscan.md) topic - for additional information. - -- The Maintenance options perform maintenance for the FSAA Data Collector, and there are three - categories to choose from: - - - Remove scan executables and data – Removes file system access audit scan applet and data from - the remote server - - Upgrade proxy service – Update FSAA binaries for hosts running the File System Proxy Service - - **NOTE:** The Upgrade proxy service category only applies to updating a v8.0+ File System - Proxy installation to a newer version. Manual updating is necessary for v7.x File System - Proxy installations. - - - Remove Host Data – Removes host from all SQL tables created by the FSAA Data Collector and - deletes StrucMap (removes host assigned to job where query exists) - -_Remember,_ the Sensitive Data category options require the Sensitive Data Discovery Add-On to be -installed on the Access Analyzer Console before the FSAA Data Collector can collect sensitive data. - -Once a query scan using the FSAA DC has been executed, the **Maintenance** button is enabled to -allow troubleshooting of scan errors that may have occurred. - -**CAUTION:** Do not use the Maintenance button unless instructed by -[Netwrix Support](https://www.netwrix.com/support.html). It is possible to cause corruption of the -database and loss of data to occur. - -## Maintenance Wizard - -The Maintenance Wizard is opened by clicking the **Maintenance** button on the Query Selection page -of the FSAA Data Collector Wizard. You can use the wizard to reset hosts or repair file system data -errors. - -![Maintenance Wizard Maintenance Selection page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maintenancewizardselection.webp) - -The Maintenance Selection page allows you to select the type of maintenance to be performed: - -- Reset Hosts – Resets the Access GUID column value in the SA_FSAA_Hosts table for the Hosts - selected. Allows data to be bulk imported when there is a GUID mismatch. -- Repair – Resets the MinResourceID and MinTrusteeID column values to 0. Removes duplicate and data - consistency issues, including resources with nonexistent parents. Deletes StrucMap database. - -Select the required option and click **Next**. The subsequent wizard page is determined by the -selection made. - -- If Reset Hosts was selected, the Reset Hosts page displays: - - ![Maintenance Wizard Reset Hosts page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maintenancewizardresethosts.webp) - - Select the desired hosts to reset the SQL data for, and click **Reset Hosts** to perform the - maintenance. - -- If Repair was selected, the Repair Tool page displays: - - ![Maintenance Wizard Repair Tool page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maintenancewizardrepair.webp) - - Select the desired hosts to repair the SQL data for, and click **Run** to perform the - maintenance. - -Click **Finish** to close the wizard when you have completed the required maintenance. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/scan-server-selection.md b/docs/accessanalyzer/12.0/data-collection/fsaa/scan-server-selection.md deleted file mode 100644 index 3b0de0bd51..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/scan-server-selection.md +++ /dev/null @@ -1,57 +0,0 @@ -# FSAA: Scan Server Selection - -The Scan Server Selection page is where the server that executes the scan is configured. It is a -wizard page for the categories of: - -- File System Access/Permission Auditing Scan -- File System Activity Scan -- Sensitive Data Scan - -![FSAA Data Collector Wizard Scan Server Selection page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scanserverselection.webp) - -Using the radio buttons, select where the execution of the applet will take place: - -- Automatic (Local for NAS device hosts, Remote for Windows hosts) – Applet is deployed to all - targeted Windows servers. Other targeted devices, for example NAS, are scanned locally by the - Access Analyzer Console server. - - - The scan identifies Windows servers through the host inventory field OSType - -- Local Server – Assigns all scanning to the Access Analyzer Console server -- Specific Remote Server – Assign a specified server for scanning by entering a server name in the - textbox. This option uses proxy architecture and requires the targeted server to have the File - System Proxy deployed. - - - See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md) - topic for additional information - -- Specific Remote Servers by Host List – Assign hosts from a custom created host list for scanning. - This option uses proxy architecture and requires the targeted servers to have the File System - Proxy deployed - - - See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md) - topic for additional information - - ![Select Host Lists window](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/selecthostlists.webp) - -- Select Host Lists – Opens the Select Host Lists window displaying all the available hosts to - choose from. If more than one list is selected, scanning is distributed across each host. - -**_RECOMMENDED:_** - -It is best practice in global implementations to utilize a specific remote server or proxy scanner -that is located in the same data center as the target hosts. This is particularly beneficial if the -Access Analyzer Console server is in a different data center. See the -[Proxy Scanning Architecture](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/overview.md#proxy-scanning-architecture) -topic for additional information. - -In the bottom section, the checkbox options affect the execution of the applet: - -- Fallback to local mode if applet can't start – If the applet cannot be deployed on the target - host, it is deployed locally on the same server as the Access Analyzer Console and the scan - collects data across the network -- Run remote applet with normal priority (non-proxy applet server uses background priority by - default) – Select this option to run the applet with normal priority. Running at low-priority - allows other normal priority applications to take precedent over the scan when consuming - processing power and system resources. Running at low priority allows the scan to run with little - or no impact on the applet host. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/scan-settings.md b/docs/accessanalyzer/12.0/data-collection/fsaa/scan-settings.md deleted file mode 100644 index 51a4cb7d94..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/scan-settings.md +++ /dev/null @@ -1,141 +0,0 @@ -# FSAA: Scan Settings - -The Scan Settings page is where additional scan protocols and settings are configured. It is a -wizard page for the categories of: - -- System Access/Permission Auditing Scan -- Sensitive Data - -![FSAA Data Collector Wizard Scan Settings page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scansettings.webp) - -In the Scan Protocols section, select the desired checkboxes for including certain types of shared -folders: - -- Scan Windows (SMB/CIFS) shares – Includes types of Windows and NAS shares -- Scan NFS exports (shares) – Includes this type of UNIX and NAS shares - -In the middle section, select the desired checkboxes for additional settings: - -- Enable file system scan streaming – Sends the streamed data directly to the Access Analyzer - database. A bulk import query is not required when this option is selected -- Enable scanning of files protected by Azure Information Protection – Adds additional options to - this wizard to scan for protection labels and encrypted files for sensitive data - - - See the - [Azure Information Protection Target Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-information-protection.md) - for additional information. - -- Use SQL query to manually specify shares – For advanced SQL users. This option provides a least - privileged model for enumerating shares. It bypasses share permission requirements and eliminates - the need for the Connection Profile credentials to have local Administrator or Power User - permissions. Click **Configure Query** to open the Manual Shares Query window. See the - [Enable the Use SQL Query to Manually Specify Shares](#enable-the-use-sql-query-to-manually-specify-shares) - topic for additional information. -- NetApp communication security – This option provides the ability to choose levels of encryption - and authentication applied during Access Auditing scans of NetApp devices - - ![NetApp communication security options](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scansettingsnetapp.webp) - - - HTTPS – Encrypts communication and verifies the targeted server’s SSL certificate - - HTTPS, Ignore Certificate Errors – Encrypts communication but ignores certificate errors - - - This option is primarily used for troubleshooting - - Alternative use for this option would be for access scans within a trusted and secured - network - - - HTTP – Applies no encryption or authentication of communication - - The HTTPS options require Access Analyzer to have access to the targeted server’s SSL - certificate. Access Analyzer ships with a file containing trusted certificates from a trusted - Certification Authority (`cacert.pem`). If the organization uses a self-signed certificate, see - the - [HTTPS Encryption Certificate for FSAA & NetApp Communication](#https-encryption-certificate-for-fsaa--netapp-communication) - topic for information on adding the organization’s certificate. - -The bottom section is only available for the File System Access/Permission Auditing Scan and -Sensitive Data Scan categories and contains the following options: - -- Restart incomplete scans after (0 always restarts) [number] days – Determines when the saved - progress should be discarded and the scan restarted -- Rescan unimported hosts after (0 always rescans) [number] days – Controls when the host is - rescanned even if its data has not been imported yet - - - When this option is enabled, set to a value higher than zero, and results in a host not being - scanned, a warning message is logged - - The Messages table records the - `No need to scan, Tier 2 DB USN > Tier 1 DB USN, needs to bulk import` warning - -## Enable the Use SQL Query to Manually Specify Shares - -If desired, enable this feature and click **Configure Query** to open the Manual Share Query window. - -![Maual Shares Query window](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maualsharesquery.webp) - -The SQL query provided by a user should return a list of all shares in the target environment. The -target tables must reside within the Access Analyzer database and contain at least the following -columns for all shares in the target environment: - -- Host – Name of host where the share resides matching the Host Master table Name field value - - **_RECOMMENDED:_** Use this column but it is not required. - -- Share – Name of the share -- Folder – Landing folder path of the share on the host -- ShareType – Integer representing the protocol for the type of share: - - - 0 = CIFS share - - 1 = NFS share - -For example, if the share has a path of `\\cec-fs01\Documentation`, then the columns are populated -in this way: - -- Host – `cec-fs01` -- Share – `Documentation` -- Folder – `C:\Documentation` -- ShareType – `0` - -**CAUTION:** If the FSAA Data Collector has identified a share in a previous scan, but that share is -not in a table targeted by this query, then it is marked as a deleted share. - -Enter the SQL query by replacing the sample text in the textbox. The SQL query must target tables -that have the required columns populated with the list of all shares in the target environment. - -_(Optional)_ Enter a host in the Host parameter value (@host) textbox to test the query to retrieve -the data for that host. - -Select **Test Query** to open a preview of the results in the Query Results window. Ensure that the -data being retrieved by the query is expected. - -When this option is selected, the data collector runs against the target table to enumerate shares -in the environment. - -_Remember,_ if a share is not in the target table, the data collector assumes that the share does -not exist and marks it as deleted. - -## HTTPS Encryption Certificate for FSAA & NetApp Communication - -The HTTPS encryption options for the NetApp communication security setting of the global Remote Data -Collection Configuration page in the File System Access Auditor Data Collector Wizard requires a -certificate. If the organization uses a self-signed certificate, it is necessary to add this -certificate to enable HTTPS encryption of Access Analyzer communications. - -The certificate (`cacert.pem`) which is shipped with Access Analyzer is in the DC folder of the -installation directory. The default location is: - -…\STEALTHbits\StealthAUDIT\DC - -If employing remote applet mode or proxy servers, then the certificate (`cacert.pem`) must exist in -the FSAA folder where the `FSAAAppletServer.exe` process is running (applet/proxy host). Therefore, -it is necessary to also copy it to the FSAA folder on the target hosts andr proxy servers. This is -done at runtime when using remote applet mode, but any updates or custom certificates must be copied -manually. The default location is: - -…\STEALTHbits\StealthAUDIT\FSAA - -**_RECOMMENDED:_** Do not overwrite this certificate. It is fully trusted by Netwrix. Instead, add -an underscore (\_) character to the start of the file name. Then copy the organization’s self-signed -certificate to this location with the name `cacert.pem`. - -There is another `cacert.perm` file within the Access Analyzer installation directory used by the -Notification SSL encryption options. While these files have the same name, they serve different -purposes and are stored in different locations. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-options.md b/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-options.md deleted file mode 100644 index 89c14d570b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-options.md +++ /dev/null @@ -1,177 +0,0 @@ -# FSAA: Scoping Options - -The Scoping Options page is where scan settings, file details, and file properties settings can be -configured for a specified resource in the targeted environment. It is a wizard page for the -following categories: - -- File System Access/Permission Auditing Scan -- Sensitive Data - -![FSAA Data Collector Wizard Scoping Options page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingoptions.webp) - -The Scoping Options buttons have the following: - -- Add – Add a resource to be included or excluded in the scan. Opens the Scoping Configuration - window. -- View/Edit – Make changes to a previously added resource. Opens the Scoping Configuration window. -- Remove – Deletes the resource from the table and therefore the scan -- Increase Priority – Sets a lower numerical value to the resource, which sets a higher priority - when conflicting settings occur with one resource -- Decrease Priority – Sets a higher value to the resource, which sets a lower priority when - conflicting settings occur with one resource -- Import – Import scoping options from a `.fsaascope` file. - - - If a conflict arises between an existing configured scoping option and an option that is being - imported, the user will be prompted to resolve the conflict by either keeping the existing - configuration or importing the new one, which will overwrite the scoping option. - -- Export – Take the currently configured scoping options in the job and export it to a `.fsaascope` - file - -By default, priority is assigned in the order it is added to the table. Priority can also be -manually assigned with the Increase Priority and Decrease Priority buttons or in the -[Scoping Configuration Window](#scoping-configuration-window). If there is a conflict between an -inclusion scoping option and an exclusion scoping option with the same priority, the inclusion takes -precedence. - -See the [Common Scoping Scenarios](#common-scoping-scenarios) section for example configurations of -scoping options and the expected results. - -## Scoping Configuration Window - -The Scoping Configuration Window allows a specific share or folder to be included or excluded from -the scan. Only included resources require additional scoping. Remember, these settings override the -default scoping settings for the selected resource. - -![Scoping Configuration Window](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingconfigurationwindow.webp) - -Set the Resource Name and Host Name: - -- Resource Name – Specify a local path or individual share to the target folder or the share name -- Host Name – Apply scoping options to a specific target host. If a host name is not supplied, all - hosts targeted by the job have the scoping options applied. - -Both the Resource Name and Host Name textboxes support regular expressions and pattern matching. - -- For wildcards – Use the `?` or `*` as the share or folder name. Example of Wildcard Support: You - have three shares named `Share1`, `Share2`, and `MyShare`. You want to include `Share1` and - `Share2`. You can enter into this field: - - - `share*` - - `share?` - - `Share*` - - `SHARE?` - -- For regular expressions – Use the prefix `RE:` and escape the backslash characters. Example of - Regular Expression: To provide an expression that would include all shares or files that start - with the letter `A`: - - **NOTE:** This option is case sensitive. - - - `RE:\\\\[^\\[+\\A` - -Then set Scoping Type and Priority: - -- Scoping Type – Choose from the dropdown menu the type of resource to scan: - - - Share Include – Provided share name is included in the scan. All scoping options must match or - it is excluded. - - Share Exclude – Provided share is excluded from the scan - - Folder Include – Provided folder name is included in the scan. All scoping options must match - or the scan ignores the resource. - - Folder Exclude – Provided folder is excluded from the scan. All scoping options must match or - it is excluded. - - **NOTE:** Any included files or folders inherit all options previously checked in the - [FSAA: Default Scoping Options](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options.md) page. Manually apply new options if - the default ones are not desired in this scan. - -- Priority – Numerical value that determines which options are used in the case of more than one - scoping option overlaps for a particular resource. Lower numerical values have a higher priority - for this scan. When multiple scoping options are added to a single resource, and there is no - conflict, the scoping options are merged. However, in some instances, the settings conflict. Below - are some known conflicts and their results: - - Conflict between two options for a single resource – Higher priority takes precedence - - Folder scoping option conflicts with a share scoping option – Folder takes precedence - - Conflict between two scoping options with the same priority – Path determines which option is - used. The scoping option with the child takes precedence over the parent. -- Enable Button – Adds the scoping option to the scan criteria - -See the [Scan Settings Tab](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/scan-settings.md), -[File Details Tab](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-details.md), and -[File Properties (Folder Summary) Tab](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-properties.md) tabs for more detail -on these scoping options. - -## Common Scoping Scenarios - -The following examples show some common configurations of scoping options and the expected results. - -Scenario 1 - -Scan for all shares except one. - -![Common Scoping Options example Scenario 1](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp) - -All shares included except for the ProbableOwner share. - -Scenario 2 - -Scan for one share and exclude all others. - -![Common Scoping Options example Scenario 2](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp) - -The ProbableOwner Share is included. All other shares are excluded. Share Inclusion must have a -priority that is greater than or equal to the Share Exclusion. - -Scenario 3 - -Scan all folders except one. - -![Common Scoping Options example Scenario 3](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp) - -All Shares are scanned and all folders are included except for C:\ProbableOwner\DifferentOwner. - -Scenario 4 - -Scan one folder and exclude all others. - -![Common Scoping Options example Scenario 4](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp) - -The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner -Share, Folder path C:\ProbableOwner\DifferentOwner is included. All other folder paths are excluded. - -Scenario 5 - -Scan one folder and all of its children and exclude all others. - -![Common Scoping Options example Scenario 5](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp) - -The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner -Share, Folder path C:\ProbableOwner\DifferentOwner is included along with all of its children -(Notice the \\\* at the end of folder include path). All other folder paths are excluded. - -Scenario 6 - -Scan for all content within a folder except one sub-folder. - -![Common Scoping Options example Scenario 6](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp) - -The ProbableOwner Share is included and all other shares are excluded. Within the ProbableOwner -Share, Folder path C:\ProbableOwner\DifferentOwner is included along with all of its children -(Notice the \\\* at the end of folder include path). Within the DifferentOwner folder the path -C:\ProbableOwner\DifferentOwner\Test2 is excluded (Notice the higher priority for the exclusion). -All other folder paths are excluded. - -Additional Considerations - -The scoping options listed above can be used to scope for SMB shares and NFS exports but NFS exports -are enumerated differently. The include/exclude logic outlined above should be the same for both, -but when scoping for NFS exports the Resource Name should be the full path to the export. - -For example, in the scenario below, the NFS export named NFS_Export is included. All other exports -are excluded. Within the NFS_Export export, folder path \ifs\NFS_Export\Test_Folder is included. All -other folder paths are excluded. - -![FSAA Scoping Options NFS export example](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp) - -Note the different slash types for exports compared to folders. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-queries.md b/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-queries.md deleted file mode 100644 index a6b61d87a7..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-queries.md +++ /dev/null @@ -1,104 +0,0 @@ -# FSAA: Scoping Queries - -Use the Scoping Queries page to query the SQL database and return exclude and include resources from -a specified host. This feature bypasses share permission requirements and eliminates the need for -the Connection Profile credentials to have local Administrator or Power User permissions. It is a -wizard page for the following categories: - -- File System Access/Permission Auditing Scan -- Sensitive Data - -![FSAA Data Collector Wizard Scoping Queries page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingqueries.webp) - -The Scoping Queries buttons have the following functionality: - -- Add – Add a resource to be included or excluded in the scoping query. Opens the Scoping Query - Configuration window. See the - [Scoping Query Configuration Window](#scoping-query-configuration-window) topic for additional - information. -- View / Edit – Make changes to a previously added scoping query. Opens the Scoping Query - Configuration window. See the - [Scoping Query Configuration Window](#scoping-query-configuration-window) topic for additional - information. -- Remove – Deletes the resource from the table and therefore the scan -- Migrate Scan Resource Filters – Migrates configured scan resource filters from the - `FSAAConfig.xml` file and imports them into the FSAA data collector - - - There are two Scan Resource Filters migrated by default: - - - DFS Shares - - - Scoping Query that will query the SQL database and return a list of Distributed File - System (DFS) Shares from the targeted host to include in the Scan - - Requires the 0-FSDFS System Scans, 1-FSAA System Scans, and 2-FSAA Bulk Import jobs to - have been run as a prerequisite - - - DG Open Shares - - - Scoping Query that will query the SQL database and return a list of Open Shares as - identified by the 3-FSAA Exceptions job - - Requires the 1-FSAA System Scans, 2-FSAA Bulk Import, and 3-FSAA Exceptions jobs to - have been run as a prerequisite - -**NOTE:** These two Scan Resource Filters are both Share Include queries by default. To restrict the -scan to only Open Shares or only DFS Shares it is necessary to also configure the Scoping Options on -the previous page of the wizard to exclude all other shares. - -For example, to restrict the scan to only Open Shares and exclude all other shares, the Scoping -Options page should be configured as shown: - -![FSAA Data Collector Wizard Scoping Options page Open shares configuration](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingoptionsopenshares.webp) - -The Scoping Queries page should be configured as shown: - -![FSAA Data Collector Wizard Scoping Queries page Open shares configuration](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingqueriesopenshares.webp) - -See the [FSAA: Scoping Options](/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-options.md) topic for additional information and common -scoping scenarios. - -## Scoping Query Configuration Window - -The Scoping Query Configuration window allows you to create a custom Scoping Query to specify shares -and folders to be included in or excluded from the scan. - -![Scoping Query Configuration window](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingqueryconfiguration.webp) - -Configure the following fields: - -- Name – Enter a unique name for the scoping query -- Scoping Type – Choose from the dropdown menu the type of resource to scan -- Configure Query – Select **Configure Query** to open the Advanced Scoping Options Query - Configuration window. See the - [Advanced Scoping Options Query Configuration Window](#advanced-scoping-options-query-configuration-window) topic - for additional information. - -**_RECOMMENDED:_** Provide a descriptive Comment on the Scoping Queries page. - -### Advanced Scoping Options Query Configuration Window - -Clicking **Configure Query** on the Scoping Query Configuration Window brings up the Advanced -Scoping Options Query Configuration window. - -![Advanced Scoping Options Query Configuration window](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp) - -Follow the steps to configure a query. - -**Step 1 –** Enter a SQL Query that will return a list of resources to be included in or excluded -from the scan. - -**NOTE:** The target tables must reside within the Access Analyzer database and the result must -return at least the following columns: - -- Name -- Priority - -**Step 2 –** (Optional) Enter a host in the Host parameter value (@host) textbox to test the query -to retrieve the data for that host. - -**Step 3 –** Select **Test Query** to open a preview of the results in the Query Results window. -Ensure that the data being retrieved by the query is expected. - -**Step 4 –** Click **OK**. - -When a query configuration is enabled, the data collector runs against the target table to configure -scoping for shares or folders in the environment. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/sdd-criteria.md b/docs/accessanalyzer/12.0/data-collection/fsaa/sdd-criteria.md deleted file mode 100644 index 04ce6da693..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/sdd-criteria.md +++ /dev/null @@ -1,28 +0,0 @@ -# FSAA: SDD Criteria Settings - -The SDD Criteria Settings page is where criteria to be used for discovering sensitive data during a -scan is configured. It is a wizard page for the category of Sensitive Data Scan. - -![FSAA Data Collector Wizard SDD Criteria Settings page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sddcriteria.webp) - -The options on the SDD Criteria Settings page are: - -- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings - from the **Settings** > **Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for -- Select All - Click **Select All** to enable all sensitive data criteria for scanning -- Clear All - Click **Clear All** to remove all selections from the table -- Select the checkboxes next to the sensitive data criteria options to enable them to be scanned for - during job execution - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in the **Settings** > **Sensitive Data** to create and - edit user-defined criteria. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) - topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/sensitive-data-settings.md b/docs/accessanalyzer/12.0/data-collection/fsaa/sensitive-data-settings.md deleted file mode 100644 index 8b4dfab0b4..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/sensitive-data-settings.md +++ /dev/null @@ -1,54 +0,0 @@ -# FSAA: Sensitive Data Settings - -The Sensitive Data Settings page is where sensitive data discovery settings are configured. It is a -wizard page for the category of Sensitive Data Scan. - -![FSAA Data Collector Wizard Sensitive Data Settings page](/img/product_docs/accessanalyzer/install/application/upgrade/sensitivedata.webp) - -- Don’t process files larger than: [number] MB – Limits the files to be scanned for sensitive - content to only files smaller than the specified size -- Include offline files (this may significantly increase scan times) – Includes offline files in the - scan -- Perform Optical Character Recognition for image files – Enables the data collector to scan for - sensitive data within digital images of physical documents - - **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents - directly converted to images, with standard fonts. It will not work for scanning photos of - documents and may not be able to recognize text on images of credit cards, driver's licenses, or - other identity cards. - -- Store discovered sensitive data – Stores discovered sensitive data in the database -- Limit stored matches per criteria to [number] – Limits database storage of matches per criteria - for discovered sensitive data - -Use the radio buttons to select the File types to scan: - -- Scan all file types – Scans everything in a given environment -- Scan custom file types – Select the checkboxes from the list of file and document types that are - included in a sensitive data scan. The table contains the following categories and their - sub-options available: - - - Compressed Archive files - - Documents - - Email - - Image files - - Presentations - - Spreadsheets - - Text/Markup files - -- Perform differential scan of – Enables users to choose whether to employ incremental scanning: - - - Files modified or newly discovered since last scan – Scans newly discovered files and files - with a modified date after the previous scan date - - Files modified since [date] – Only scans files with a modified date after the specified date - - Files modified within the last [number] days – Only scans files with a modified date within - the specified date range - -The Performance Options section allows the user to modulate the efficiency of SDD scans. - -- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn - as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU - threads available. - - **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host - should be 1 to 2 times the number of CPU threads available. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/update-service-settings.md b/docs/accessanalyzer/12.0/data-collection/fsaa/update-service-settings.md deleted file mode 100644 index 44fd594542..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/update-service-settings.md +++ /dev/null @@ -1,20 +0,0 @@ -# FSAA: FSAA Update Service Setting - -The FSAA Update Service Setting page is where the File System Proxy Service can be automatically -updated on hosts where the service has already been installed. It requires the File System Proxy -Service to be v8.0 or later prior to using this feature. It is a wizard page for the category of -Update Proxy Service. - -![FSAA Data Collector Wizard FSAA Update Service Setting page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/updateservice.webp) - -Configure the settings for the targeted File System Proxy Service: - -- Port number – The default port number is 8766 -- Applet communication timeout: [number] minute(s) – This option determines the length of time (in - minutes) the Access Analyzer Console attempts to reach the proxy before giving up. Depending on - the job configuration, the data collector behaves in one of three ways after the timeout value has - been exceeded. -- Scan cancellation timeout: [number] minute(s) – When selected, this option will timeout the applet - if there is an attempt to pause the scan and the applet does not respond - -See the [FSAA: Applet Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/fsaa/workflows.md b/docs/accessanalyzer/12.0/data-collection/fsaa/workflows.md deleted file mode 100644 index ae909541f6..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/fsaa/workflows.md +++ /dev/null @@ -1,242 +0,0 @@ -# Additional FSAA Workflows - -The following FSAA Data Collector query categories that provide additional functionality: - -- Remove scan executables and data – Removes file system access audit scan applet and data from - remote server -- Update proxy service – Update FSAA binaries for hosts running the File System Proxy Service - - **NOTE:** Requires the existing File System Proxy Service to be v8.0 or later. - -- Remove host data – Removes host from all SQL tables created by the FSAA Data Collector and deletes - StrucMap (removes host assigned to job where query exists) - -Additional workflows include: - -- Remove Host and Criteria SDD Data – Removes SDD data for a host or a criteria from the SQL tables -- Drop Tables & Views – Drops the standard reference tables and views - -_Remember,_ the FSAA Data Collector always records data in Standard Reference Tables, no matter what -job it is applied to. - -## Remove File System Access Scan Category - -The FSAA Data Collector can be used to clean-up or troubleshoot the applet and proxy scanning -servers. This would need to be done through a new job’s query. Set the host list and Connection -Profile to target the desired applet and proxy servers. - -Follow these steps to build a new query using the FSAA Data Collector with the Remove scan -executables and data category. - -**Step 1 –** Navigate to the **Configure** node of a new or chosen job and select the **Queries** -node. - -**Step 2 –** In the Query Selection view, click the **Create Query** link. The Query Properties -window displays. - -**Step 3 –** Select the **Data Source** tab. From the **Data Collector** drop-down menu, select -**FILESYSTEMACCESS** and then click the **Configure** button. The File System Access Auditor Data -Collector Wizard opens. - -![FSAA Data Collector Wizard Query Selection page with Remove scan executables and data option selected](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp) - -**Step 4 –** On the Query Selection page, select the **Remove scan executables and data** category. - -**Step 5 –** Click **Finish** to save the selection and close the wizard. Then click **OK** to close -the Query Properties window. - -This job has now been configured to run the FSAA Data Collector to remove the file system access -audit scan applet and data from the target server. Run the job to clean-up the targeted hosts. - -## Update Proxy Service Category - -The FSAA Data Collector can be used to upgrade the File System Proxy Service already installed on -proxy servers. The FS_UpdateProxy Job is preconfigured to run with the default settings with the -category of Update proxy service. It is available through the Instant Job Library under the File -System library. - -The Update Proxy Service category option enables users with the ability to update v8.0+ File System -Proxy Service installations to newer versions. When this query is employed, the job compresses the -updated binaries and deploy them to the proxy server. Once the proxy server has no active sessions, -the Netwrix Access Analyzer (formerly Enterprise Auditor) FSAA Proxy Scanner service shuts down and -the components are updated. Finally, the service restarts itself. - -**NOTE:** This option is not for updating v7.x File System Proxy installations. Those must be -manually updated to at least v8.0 on the proxy server before this query can be used to automate the -process. - -Follow the [Upgrade Proxy Service Procedure](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/upgrade.md) and use -the FS_UpdateProxy Job. - -## Remove Host Category - -The FSAA Data Collector can be used to clean-up the Standard Reference Tables by removing data for -particular hosts. This would need to be done through a new job’s query. The host to be removed is -set as the host list for the new job. The Connection Profile applied should be the same as the one -used for the associated **FileSystem** > **0.Collection** > … **Bulk Import** Job. - -**CAUTION:** Be careful when applying this query task, as it results in the deletion of collected -data. Ensure proper configuration prior to job execution. - -**_RECOMMENDED:_** Manually enter individual hosts into the host list executing this query. - -Follow the steps to build a new query using the FSAA Data Collector with the Remove host data -category. - -**Step 1 –** Navigate to the **Configure** node of a new or chosen job and select the **Queries** -node. - -**Step 2 –** In the Query Selection view, click the **Create Query** link. The Query Properties -window displays. - -**Step 3 –** Select the **Data Source** tab. From the **Data Collector** drop-down menu, select -**FILESYSTEMACCESS** and then click **Configure**. The File System Access Auditor Data Collector -Wizard opens. - -![FSAA Data Collector Wizard Query Selection page with Remove host data option selected](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/queryselectionremovehostdata.webp) - -**Step 4 –** On the Query Selection page, select the **Remove host data** category. - -**Step 5 –** Click **Finish** to save the selection and close the wizard. Then click **OK** to close -the Query Properties window. - -This job has now been configured to run the FSAA Data Collector to remove the host identified in the -job’s **Configure** > **Hosts** node. Run the job to clean-up the targeted hosts. - -_Remember,_ this job deletes data from the Access Analyzer database. Use caution and ensure proper -configuration prior to job execution. - -## Remove Host and Criteria SDD Data - -The FS_SDD_DELETE job removes host and criteria sensitive data matches from the Tier 1 database. It -is preconfigured to run analysis tasks with temporary tables that requires modification prior to job -execution. It is available through the Instant Job Library under the File System library. See the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for additional information. - -![FS_SDD_DELETE Job in Job's Tree](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddelete.webp) - -The 0.Collection Job Group must be run before executing the FS_SDD_DELETE Job. - -### Analysis Tasks for the FS_SDD_DELETE Job - -The analysis tasks are deselected by default. View the analysis tasks by navigating to the -**Jobs** > **FS_SDD_DELETE** > **Configure** node and select **Analysis**. - -**CAUTION:** Applying these analysis tasks result in the deletion of collected data. - -![FS_SDD_DELETE Job Analysis Selection page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddeleteanalysistasks.webp) - -- Delete Criteria – Remove all SDD Data for a Specified Criteria -- Delete Host – Remove all SDD Data Related to a Host -- Remove Host & Criteria – Remove all SDD Data for a Specific Host and Criteria Combination - -### Configure the FS_SDD_DELETE Analysis Tasks - -Follow the steps to configure and run the analysis tasks. - -**Step 1 –** Prior to job execution, modify the desired analysis tasks using the -[Customizable Analysis Parameters for FS_SDD_DELETE Job](#customizable-analysis-parameters-for-fs_sdd_delete-job) -instructions. - -**Step 2 –** In the Analysis Selection Pane, check the type of analysis task that will be run. - -**Step 3 –** Right-click the **FS_SDD_DELETE** Job and select **Run Job**. The analysis execution -status is visible from the **Running Instances** node. - -**Step 4 –** When the job has completed, return to the Analysis Selection Pane and deselect all -analysis tasks. - -**CAUTION:** Do not leave these analysis tasks checked in order to avoid accidental data loss. - -All of these tables have been dropped from the SQL Server database and the data is no longer -available. - -### Customizable Analysis Parameters for FS_SDD_DELETE Job - -A customizable parameter enables Access Analyzer users to set the sensitive data values that will be -deleted during this job’s analysis. - -| Analysis Task | Customizable Parameter Name | Value Indicates | -| ---------------------- | --------------------------- | --------------------------------------------- | -| Delete Host | #hosts | List of Host Names to be removed | -| Delete Criteria | #Criteria | List of Criteria to be removed | -| Remove Host & Criteria | #Criteria #hosts | List of Criteria and Host Names to be removed | - -The parameters that can be customized are listed in a section at the bottom of the SQL Script -Editor. Follow the steps to customize analysis task parameters. - -**Step 1 –** Navigate to the **FS_SDD_DELETE** > **Configure** node and select **Analysis**. - -**Step 2 –** In the Analysis Selection view, select the desired analysis task and click on -**Analysis Configuration**. The SQL Script Editor opens. - -![ FS_SDD_DELETE Job Analysis Task in SQL Script Editor](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp) - -**Step 3 –** In the Parameters section at the bottom of the editor, select either the **#Criteria** -or **#hosts** row, depending on the analysis task chosen, and then **Edit Table**. The Edit Table -window opens. - -**CAUTION:** Do not change any parameters where the Value states `Created during execution`. - -![SQL Script Editor Edit Table window](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp) - -**Step 4 –** Use the **Add New Item** button to enter host names or criteria to the temporary table -list manually, or select the **Browse** button to upload a list of hosts in CSV format. Click **OK** -to save any changes. Other Edit Table buttons include: - -- Edit a Value -- Delete this row/column -- Move up -- Move down - -**Step 5 –** Click Save and Close to finalize the customization and close the SQL Script Editor. - -The job is now ready to be executed. - -## Drop Tables & Views - -If it becomes necessary to clear the FSAA Data Collector tables and views to resolve an issue, the -FS_DropTables Job is preconfigured to run analysis tasks that drop functions and views for the File -System Solution as well as the standard tables and views generated by the FSAA Data Collector. - -It is available through the Instant Job Library under the File System library. Since this job does -not require a host to target, select Local host on the Hosts page of the Instant Job Wizard. See the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for additional information. - -![FS_DropTables Job in Job's Tree](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/droptables.webp) - -The 0.Collection Job Group must be run before executing the FS_DropTables Job. - -### Analysis Tasks for the FS_DropTables Job - -The analysis tasks are deselected by default. View the analysis tasks by navigating to the -**Jobs** > **FS_DropTables** > **Configure** node and select **Analysis**. - -**CAUTION:** Applying these analysis tasks result in the deletion of collected data. - -![FS_DropTables Job Analysis Selection page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/droptablesanalysistasks.webp) - -- 1. Drop FSAA functions – Removes all functions and views from previous runs of the File System - Solution -- 2. Drop FSAC tables – Drops the File System Activity Auditing tables imported from the previous - runs -- 3. Drop FSDLP Tables – Drops the File System Sensitive Data Discovery Auditing tables imported - from the previous runs -- 4. Drop FSDFS Tables – Drops the File System DFS Auditing tables imported from the previous runs -- 5. Drop FSAA Tables – Drops File System Access Auditing tables imported from the previous runs - -Do not try to run these tasks separately, as they are designed to work together. Follow these steps -to run the analysis tasks: - -**Step 1 –** In the Analysis Selection Pane, click **Select All**. All tasks will be checked. - -**Step 2 –** Right-click the **FS_DropTables** Job and select **Run Job**. The analysis execution -status is visible from the **Running Job** node. - -**Step 3 –** When the job has completed, return to the Analysis Selection Pane and click **Select -All** to deselect these analysis tasks. - -**CAUTION:** Do not leave these analysis tasks checked in order to avoid accidental data loss. - -All of these tables have been dropped from the SQL Server database and the data is no longer -available. diff --git a/docs/accessanalyzer/12.0/data-collection/group-policy/category.md b/docs/accessanalyzer/12.0/data-collection/group-policy/category.md deleted file mode 100644 index cff9eecf5e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/group-policy/category.md +++ /dev/null @@ -1,22 +0,0 @@ -# GroupPolicy: Category - -On the GroupPolicy Data Collector Category page, select the required query category to be executed. - -![Group Policy Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The available categories are: - -- Group Policy Objects – Retrieves the GPO’s list in the domain and where each is linked -- Policies State – Provides the ability to return information on configured policies and policy - parts from the individual policies which have been selected - - - For example, selecting **Account Policies** > **Policy Password** will result in **Account - Policies** > **Policy Password** being returned for the targeted domains - -- Policies State for all GPOs – Provides the ability to return information on selected policy parts - from all policies within the domain - - - For example, selecting **Account Policies** > **Password Policy** will result in **Password - Policy** being returned for all policies in the targeted domains - -- Local policies – Returns effective security policies in effect at the individual workstation diff --git a/docs/accessanalyzer/12.0/data-collection/group-policy/options.md b/docs/accessanalyzer/12.0/data-collection/group-policy/options.md deleted file mode 100644 index b9f7616959..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/group-policy/options.md +++ /dev/null @@ -1,26 +0,0 @@ -# GroupPolicy: Options - -The Options page is used to configure how to return multi-valued properties and how policy results -are presented. It is a wizard page for all categories. - -![Group Policy Data Collector Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -The configurable options are: - -- Result Presentation – Select one of the following options. This section is not available for the - Group Policy Objects category. - - - Each part of each policy on a new row - - All parts of each policy on the same row - - **_RECOMMENDED:_** Use the Each part of each policy on a new row for best results - -- Multi-Valued Properties – Select one of the following options: - - - Concatenated – Specify the delimiter to use in the Delimiter box - - First value only - - Each value on a new row - - **_RECOMMENDED:_** Use the Each value on a new row option for best results. - -The available options vary based on the category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/group-policy/overview.md b/docs/accessanalyzer/12.0/data-collection/group-policy/overview.md deleted file mode 100644 index 4ff20acd34..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/group-policy/overview.md +++ /dev/null @@ -1,49 +0,0 @@ -# GroupPolicy Data Collector - -The GroupPolicy Data Collector provides the ability to retrieve the GPO’s list in the domain and -where they are linked, return information on configured policies and policy parts from the -individual policies that have been selected, return information on selected policy parts from all -policies within the domain, and return effective security policies in effect at the individual -workstation. - -The GroupPolicy Data Collector is a core component of Access Analyzer, but it has been preconfigured -within the Active Directory Solution and the Windows Solution. While the data collector is available -with all Access Analyzer license options, the Windows Solution is only available with a special -Access Analyzer licenses. See the following topics for additional information: - -- [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/active-directory/overview.md) -- [Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) - -Protocols - -- LDAP -- RPC - -Ports - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Domain Administrators group (if targeting domain controllers) -- Member of the Local Administrators group - -## GroupPolicy Query Configuration - -The GroupPolicy Data Collector is configured through the Group Policy Data Collector Wizard. The -available pages change based upon the query category selected. It contains the following wizard -pages: - -- Welcome -- [GroupPolicy: Category](/docs/accessanalyzer/12.0/data-collection/group-policy/category.md) -- [GroupPolicy: Target](/docs/accessanalyzer/12.0/data-collection/group-policy/target.md) -- [GroupPolicy: Policies List](/docs/accessanalyzer/12.0/data-collection/group-policy/policies-list.md) -- [GroupPolicy: Options](/docs/accessanalyzer/12.0/data-collection/group-policy/options.md) -- [GroupPolicy: Summary](/docs/accessanalyzer/12.0/data-collection/group-policy/summary.md) - -![Group Policy Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/group-policy/policies-list.md b/docs/accessanalyzer/12.0/data-collection/group-policy/policies-list.md deleted file mode 100644 index 895a496c98..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/group-policy/policies-list.md +++ /dev/null @@ -1,21 +0,0 @@ -# GroupPolicy: Policies List - -The Policies List page is where the policies from the desired GPOs to be queried are selected. It is -a wizard page for the categories of: - -- Policies State -- Policies State for all GPOs -- Local Policies - -![Group Policy Data Collector Wizard Policies List page](/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/policieslist.webp) - -Select the policies or policy parts to be audited. The category dictates how this selection is -applied across the domain or local host. - -To search parts of a policy, drill into the policy and select the desired policy parts. Click -**Check all** to select all properties, and click **Uncheck all** to deselect all properties. Search -for a policy by entering a policy name in the Search box and clicking **Search**. - -**NOTE:** The policy parts returned may have multiple values. - -At least one policy or policy part must be selected in order to proceed to the next wizard page. diff --git a/docs/accessanalyzer/12.0/data-collection/group-policy/summary.md b/docs/accessanalyzer/12.0/data-collection/group-policy/summary.md deleted file mode 100644 index 16ef54664d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/group-policy/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# GroupPolicy: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all categories. - -![Group Policy Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Group Policy Data Collector Wizard to ensure that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/group-policy/target.md b/docs/accessanalyzer/12.0/data-collection/group-policy/target.md deleted file mode 100644 index d540c4f847..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/group-policy/target.md +++ /dev/null @@ -1,29 +0,0 @@ -# GroupPolicy: Target - -The Target page is where a host from which to get data (in wizard only) and .admx source are -identified. It is a wizard page for the categories of: - -- Policies State -- Policies State for all GPOs -- Local Policies - -![Group Policy Data Collector Wizard Target page](/img/product_docs/activitymonitor/activitymonitor/admin/search/query/target.webp) - -In the Connect to section of the page, select from the following options: - -- Default domain – Select this option to connect to the default domain -- This domain – Select this option and click the ellipsis to open the Browse for Domain window. Then - select the desired domain. Click **OK**. - -In the Use these job credentials to browse section of the page, if multiple credentials are set up, -select the credentials to use for the query from the dropdown menu. - -**NOTE:** If the Default Connection profile has only one set of credentials, the dropdown will be -grayed out and will only display the default credentials for that profile. - -In the Get .admx policy definitions from section of the page, select from the following options: - -- Central Store/target host – Select thisoption to get .admx policy definitions from the central - store/target host -- This archive – Select this option to get .admx policy definitions from an archive and click the - ellipsis to open the Select Archive File window. Then select an archive. diff --git a/docs/accessanalyzer/12.0/data-collection/ini-file/overview.md b/docs/accessanalyzer/12.0/data-collection/ini-file/overview.md deleted file mode 100644 index 02c1109a4e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ini-file/overview.md +++ /dev/null @@ -1,34 +0,0 @@ -# INIFile Data Collector - -The INIFile Data Collector provides options to configure a task to collect information about log -entries on target hosts. This data collector is a core component of Access Analyzer and is available -with all Access Analyzer licenses. - -Protocols - -- RPC - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports -- Optional TCP 445 - -Permissions - -- Member of the Local Administrators group - -## INIFile Query Configuration - -The INIFile Data Collector is configured through the INI File Data Collector Wizard. It contains the -following wizard pages: - -- Welcome -- [INIFile: Target Files](/docs/accessanalyzer/12.0/data-collection/ini-file/target-files.md) -- [INIFile: Properties](/docs/accessanalyzer/12.0/data-collection/ini-file/properties.md) -- [INIFile: Summary](/docs/accessanalyzer/12.0/data-collection/ini-file/summary.md) - -![INI File Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/ini-file/properties.md b/docs/accessanalyzer/12.0/data-collection/ini-file/properties.md deleted file mode 100644 index 67e93f4560..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ini-file/properties.md +++ /dev/null @@ -1,24 +0,0 @@ -# INIFile: Properties - -The Properties page identifies data about the INI file for auditing. - -![INI File Data Collector Wizard Properties page](/img/product_docs/activitymonitor/activitymonitor/install/agent/properties.webp) - -Use the following options to determine which data to adult: - -- All contents – Collect all contents from the INI file - - **NOTE:** `*` can be used for matching wildcard or single characters. - - - Section name – Collect data matching section name from the INI file - - Key name – Collect data matching key name from the INI file - -- Differences from standard – Select a master control file to compare the current target against - - - Click the ellipses (**…**) to open a file explorer window - - Select an appropriate .INI file - -- Properties – Select a checkbox next to any desired properties. **Select All** or **Clear All** can - also be used. - - If **Differences from standard** is selected, all properties are selected and cannot be altered. diff --git a/docs/accessanalyzer/12.0/data-collection/ini-file/summary.md b/docs/accessanalyzer/12.0/data-collection/ini-file/summary.md deleted file mode 100644 index 8489e36d18..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ini-file/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# INIFile: Summary - -The Summary page is where the selected configuration settings are listed. - -![INI File Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the INIFile Data Collector Wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/12.0/data-collection/ini-file/target-files.md b/docs/accessanalyzer/12.0/data-collection/ini-file/target-files.md deleted file mode 100644 index c84eeadf09..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ini-file/target-files.md +++ /dev/null @@ -1,21 +0,0 @@ -# INIFile: Target Files - -The Target Files page identifies the location and name of the INI file from which to collect -information. - -![INI File Data Collector Wizard Target Files page](/img/product_docs/accessanalyzer/admin/datacollector/inifile/targetfiles.webp) - -Configure the Target Files options: - -- Fixed path – Path to the INI file. Fixed paths are typically entered using the following format: - `drive:\filepath` -- Registry Lookup – Select this option to obtain a path from a registry key that exists on the - target host in the environment. Click the ellipsis (**…**) to open the Access Analyzer Registry - Browser and connect to a host to select a registry key and path to be used for the lookup. - - - Registry Value – This value is automatically populated from the registry key - - Levels – The Levels slider can be used to truncate the path for the key value in the Adjust - Path dialog box - - Current value – Displays the current value for the registry key - -- INI File Name – Name of the INI file diff --git a/docs/accessanalyzer/12.0/data-collection/ldap/index.md b/docs/accessanalyzer/12.0/data-collection/ldap/index.md deleted file mode 100644 index 67067fe061..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/ldap/index.md +++ /dev/null @@ -1,146 +0,0 @@ -# LDAP Data Collector - -The LDAP Data Collector uses LDAP to query Active Directory returning the specified objects and -attributes. For example, a query can be configured to return all user objects at the selected level. -Another query can be configured to return a master list of all user objects found within the target -domain. Wildcards and LDAP filters can be applied to the query configurations. - -The LDAP Data Collector is a core component of Access Analyzer, but it has been preconfigured within -the Active Directory Solution. While the data collector is available with all Access Analyzer -license options, the Active Directory Solution is only available with a special Access Analyzer -license. See the [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/active-directory/overview.md) topic for -additional information. - -Protocols - -- LDAP - -Ports - -- TCP 389 - -Permissions - -- Member of the Domain Administrators group - -## LDAP Query Configuration - -The LDAP Data Collector is configured through the LDAP template form. The LDAP template form has the -following configuration options: - -![LDAP template form](/img/product_docs/accessanalyzer/admin/datacollector/templateform.webp) - -- Connect to the server – Use the default domain controller entered in the box, or enter an - alternate server -- Naming context – Select a directory partition from the drop-down list: **Default Context**, - **Configuration Context**, or **Schema Context** -- Connect – Connects to the domain specified. The root folder of the domain is displayed in the left - pane of the window. - - **NOTE:** Before clicking **Connect**, the server port must be configured. To configure the - server port, click **Options** to open the Options window and configure the server port as - described in the Options Window section. - -- Options – Opens the Options window to configure connection options and multi-value results - options. See the [Options Window](#options-window) topic for additional information. -- List of attributes – Table in the upper right corner lists attributes for the object selected in - the left pane -- Root path – The Root path textbox is populated with the path to the highlighted attributes to be - collected -- LDAP filter – The LDAP filter textbox shows the filters applied to the objects. Click the ellipses - (**…**) to open the Filter Options window. See the [Filter Options Window](#filter-options-window) - topic for additional information. - -The button bar provides additional options for selecting objects and attributes. See the -[Button Bar](#button-bar) topic for additional information. - -### Options Window - -The Options window contains configure connection options and multi-value results options. Click the -**Options** button located in the upper right corner of the LDAP template form to open it. - -![Options Window](/img/product_docs/accessanalyzer/install/application/options.webp) - -- Connect Securely with TL/SSL – Connect using TLS/SSL. If the checkbox is selected, the server port - defaults to `636`. -- Ignore Certificate Errors – Ignores certificate errors during connection when encrypted - communication is enabled -- Server Port - - - If the Connect Securely with TLS/SSL option is selected, use Server Port `686` - - If the Connect Securely with TLS/SSL option is not selected, use Server Port `389` - -- Authentication Type - - - Negotiate – Default authentication type - - Simple - -- TreeView Node Limit – Typically set to 500 -- Multi-valued attributes – Indicates how multi-valued properties are returned - - - Concatenated – All values are listed in one cell using the delimiter specified - - - Delimiter – Symbol used to separate values in the cell - - - First Value Only – Only the first value is listed in the cell - -### Filter Options Window - -The Filter Options window is where to add filters to the query. Click the ellipses (**…**) button -located to the right of the **LDAP filter** box in the LDAP template form to open this window. - -![filteroptions](/img/product_docs/accessanalyzer/admin/datacollector/filteroptions.webp) - -- Extract all objects (no filter) – No filters applied -- Extract only objects of the following classes – Applies class filter for selected classes - - - Users - - Groups - - Contacts - - Computers - - Printers - - Shared Folders - -- Custom Filter – Applies a custom filter configured in the Custom Filter window. See the - [Custom Filter Window](#custom-filter-window) topic for additional information. - -#### Custom Filter Window - -The Custom Filter window provides options for creating a complex filter. - -![Custom Filter window](/img/product_docs/accessanalyzer/admin/datacollector/customfilter.webp) - -Select a **Field** and **Condition** from the drop-down lists. Enter a **Value** for the condition. -Click **Add** to add the filter to the Filter Lines table. - -- Filter Lines will be combined with a logical – Select the **AND** or **OR** option. **AND** is - selected by default. -- Edit Raw Filter – Opens the Raw Filter Edit window - - ![Raw Filter Edit window](/img/product_docs/accessanalyzer/admin/datacollector/rawfilteredit.webp) - - Enter the entire LDAP filter in the textbox. Click **Verify** to confirm the filter, and then - **OK** to add it to the custom filter list. - -- Clear Filter – Deletes the selected filter - -Click **OK** to save the changes and close the Custom Filter window. - -### Button Bar - -The button bar provides several options for configuring the query. - -![buttonbar](/img/product_docs/accessanalyzer/admin/datacollector/buttonbar.webp) - -| Button | Name | Description | -| ----------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------- | ------------------------------------------------------------------------- | -| ![Include sublevels button](/img/product_docs/accessanalyzer/admin/datacollector/sublevels.webp) | Include sublevels | Include sublevel folders of the selected folder. | -| ![Org wildcard button](/img/product_docs/accessanalyzer/admin/datacollector/orgwildcard.webp) | Org wildcard | Search for the attribute across multiple domains. | -| ![Wildcard the level button](/img/product_docs/accessanalyzer/admin/datacollector/wildcard.webp) | Wildcard the level | Search everything on the selected level. | -| ![Unwildcard all levels button](/img/product_docs/accessanalyzer/admin/datacollector/unwildcard.webp) | Unwildcard all levels | Removes the wildcard and returns the search scope to the selected domain. | -| ![Include a HostName Tag button](/img/product_docs/accessanalyzer/admin/datacollector/includehostname.webp) | Include a HostName Tag | Replaces the OU with a HostName Tag. | -| ![Remove all HostName Tags button](/img/product_docs/accessanalyzer/admin/datacollector/removehostname.webp) | Remove all HostName Tags | Removes the HostName Tag. | -| ![Add Security Properties for Selected Key button](/img/product_docs/accessanalyzer/admin/datacollector/addsecurityproperties.webp) | Add Security Properties for Selected Key | Adds the list of security properties. | -| ![Select Highlighted Attributes button](/img/product_docs/accessanalyzer/admin/datacollector/addattributes.webp) | Select Highlighted Attributes | Adds the highlighted attributes to the list. | -| ![Delete the Highlighted Selected Attributes button](/img/product_docs/accessanalyzer/admin/datacollector/deleteattributes.webp) | Delete the Highlighted Selected Attributes | Deletes the highlighted attributes from the list. | -| ![Find the Root Path in the Directory Objects button](/img/product_docs/accessanalyzer/admin/datacollector/rootpath.webp) | Find the Root Path in the Directory Objects | Returns the root path to the selected root. | diff --git a/docs/accessanalyzer/12.0/data-collection/nis/category.md b/docs/accessanalyzer/12.0/data-collection/nis/category.md deleted file mode 100644 index 252217728d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nis/category.md +++ /dev/null @@ -1,18 +0,0 @@ -# NIS: Category - -The Category page is used to identify which type of NIS information to retrieve. - -![NIS Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The NIS Data Collector contains two query categories: - -- Scan NIS Users and Groups – Scans a NIS domain for user and group information, map them to - Windows-style SIDS, and import the information into SQL server creating the standard reference - tables. This task is also responsible for maintaining the schema for tables and views. This is the - standard option for this data collector. -- Custom NIS Scan –Scan and parse a specified NIS map and import the information into the SQL Server - database creating tables specific to the job configuration - -The Scan NIS Users and Groups category is the pre-configured setting for the .NIS Inventory job -group. To use the Custom NIS Scan category, create a query in a new job using the NIS Data Collector -and configure the query as desired. diff --git a/docs/accessanalyzer/12.0/data-collection/nis/configure-job.md b/docs/accessanalyzer/12.0/data-collection/nis/configure-job.md deleted file mode 100644 index 44c288b4a8..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nis/configure-job.md +++ /dev/null @@ -1,50 +0,0 @@ -# Unix Connection Profile & Host List - -The NIS Data Collector requires a custom Connection Profile and host list be created and assigned to -the job or job group conducting the data collection. The host inventory option during host list -creation makes it necessary to configure the Connection Profile first. - -## Connection Profile - -Creating the Connection Profile requires having an account with access to the targeted NIS server. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Unix Account -- User name – Enter user name -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) - topic for additional information.) -- Password/Confirm - - - If not using a private key, enter the **Password** and re-type in the **Confirm** field - - If using a private key, then the password is not needed. Provide the private key information - in the **Use the following private key when connecting** field. - -- Use the following port/ports(CSV) for SSH - - - The SSH port needs to be opened in software and hardware firewalls - - If desired, select this option and provide the port value - -- Use the following private key when connecting - - - This option uses the authentication method of an SSH Private Key - - Supported Key types: - - - Open SSH - - PuTTY Private Key - - - If desired, select this option and provide the key value - -Once the Connection Profile is created, it is time to create the custom host list. See the -[Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. - -## Custom Host List - -The custom host list only needs to include a single NIS server in the targeted NIS domain. Follow -the steps in the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) topic for instructions on how to -create a custom static host list. - -See the -[Recommended Configuration for the .NIS Inventory Solution](/docs/accessanalyzer/12.0/solutions/nisinventory/recommended.md) -topic for information on where to assign the Connection Profile and host list. diff --git a/docs/accessanalyzer/12.0/data-collection/nis/overview.md b/docs/accessanalyzer/12.0/data-collection/nis/overview.md deleted file mode 100644 index bac21fb2c3..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nis/overview.md +++ /dev/null @@ -1,39 +0,0 @@ -# NIS Data Collector - -The NIS Data Collector inventories a NIS domain for user and group information, mapping to -Windows-style SIDs. This data collector is a core component of Access Analyzer and has been -preconfigured within the .NIS Inventory Solution. Both this data collector and the solution are -available with all Access Analyzer license options. See the -[.NIS Inventory Solution](/docs/accessanalyzer/12.0/solutions/nisinventory/overview.md) topic for additional -information. - -Protocols - -- NIS - -Ports - -- TCP 111 or UDP 111 -- Randomly allocated high TCP ports - -Permissions - -- No special permissions are needed aside from access to a NIS server - -## NIS Query Configuration - -The NIS Data Collector is configured through the NIS Data Collector Wizard, which contains the -following wizard pages: - -- Welcome -- [NIS: Category](/docs/accessanalyzer/12.0/data-collection/nis/category.md) -- [NIS: NIS Settings](/docs/accessanalyzer/12.0/data-collection/nis/settings.md) -- [NIS: SID Mappings](/docs/accessanalyzer/12.0/data-collection/nis/sid-mappings.md) -- [NIS: NIS Query](/docs/accessanalyzer/12.0/data-collection/nis/query.md) -- [NIS: Results](/docs/accessanalyzer/12.0/data-collection/nis/results.md) -- [NIS: Summary](/docs/accessanalyzer/12.0/data-collection/nis/summary.md) - -![NIS Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/nis/query.md b/docs/accessanalyzer/12.0/data-collection/nis/query.md deleted file mode 100644 index 3ca1139631..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nis/query.md +++ /dev/null @@ -1,26 +0,0 @@ -# NIS: NIS Query - -The NIS Query page is where the NIS query regular expressions are configured and tested. It is a -wizard page for the category of: - -- Custom NIS Scan - -![NIS Data Collector Wizard NIS Query page](/img/product_docs/accessanalyzer/admin/datacollector/nis/query.webp) - -The Data Source configuration options are: - -- NIS Map – Specify the name of the NIS map to query -- Load Data – Fetches the first 50 rows of data of the specified NIS map from the test host -- Paste Data – Uses text from the clipboard as the test data source -- Open File – Allows using a text file as test data. The test data is shown in the preview box. - -The Query Expressions configuration options are: - -- Per-Row Query – A regular expression that is evaluated once per source row, and the - sub-expressions returned make up the first columns of the result rows -- Per-Value Query – This value is evaluated multiple times per source row, generating one result row - for each evaluation -- Use map key as first column of results – When selected, this option sets the map key as the first - column in the data table -- Insert row when there is no per-value match – When selected, this option generates a blank row for - evaluations that return no per-value match diff --git a/docs/accessanalyzer/12.0/data-collection/nis/results.md b/docs/accessanalyzer/12.0/data-collection/nis/results.md deleted file mode 100644 index 775132a230..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nis/results.md +++ /dev/null @@ -1,14 +0,0 @@ -# NIS: Results - -The Results page is where properties from Unix to be gathered are selected. It is a wizard page for -both categories. - -![NIS Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Available properties have checkboxes that can be selected individually, or you can use the **Select -All**, **Clear All**, and **Reset to defaults** buttons. All selected properties are gathered. -Available properties vary based on the category selected. - -This information is not available within the standard reference tables and views. Instead, this -information can be viewed in the `SA_[Job Name]_DEFAULT` table, which is created when any of these -properties are selected. diff --git a/docs/accessanalyzer/12.0/data-collection/nis/settings.md b/docs/accessanalyzer/12.0/data-collection/nis/settings.md deleted file mode 100644 index 55c48e7769..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nis/settings.md +++ /dev/null @@ -1,16 +0,0 @@ -# NIS: NIS Settings - -The NIS Settings page is where the NIS domain and a NIS server are configured for testing. It is a -wizard page for both categories. - -![NIS Data Collector Wizard NIS Settings page](/img/product_docs/activitymonitor/config/dellpowerscale/settings.webp) - -Configure the NIS domain and sample NIS server: - -- NIS Domain Name – Enter the case-sensitive name of the NIS domain to scan. This is the value - returned by `/bin/domainname` on UNIX systems. -- (Optional) Sample NIS Server – Enter the host name or IP address of a NIS server for the above - domain to use for testing. This system should be running the `ypserv` process and be accessible - from the Access Analyzer Console. Then, click **Test**. -- Test – The data collector attempts to connect to the specified server and access information from - the specified domain. It returns a message indicating success or failure. diff --git a/docs/accessanalyzer/12.0/data-collection/nis/sid-mappings.md b/docs/accessanalyzer/12.0/data-collection/nis/sid-mappings.md deleted file mode 100644 index 24e92b9998..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nis/sid-mappings.md +++ /dev/null @@ -1,12 +0,0 @@ -# NIS: SID Mappings - -The SID Mappings page is where the Windows-style SID mappings for the Unix User ID and Group ID are -specified. It is a wizard page for the category of: - -- Scan NIS User and Groups - -![NIS Data Collector Wizard SID Mappings page](/img/product_docs/accessanalyzer/admin/datacollector/nis/sidmappings.webp) - -The default settings work for most environments. Use this page to **Add**, **Edit**, or **Remove** -ID Mappings. Multiple entries are allowed. For each range of User ID or Group ID entered, the offset -is added to the ID and the resulting SID is the format with `%d` replaced by the ID. diff --git a/docs/accessanalyzer/12.0/data-collection/nis/summary.md b/docs/accessanalyzer/12.0/data-collection/nis/summary.md deleted file mode 100644 index 8fe25c804f..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nis/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# NIS: Summary - -The Summary page is where configuration settings are summarized. It is a wizard page for both -categories. - -![NIS Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the NIS Data Collector Wizard to ensure that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/12.0/data-collection/nosql/category.md b/docs/accessanalyzer/12.0/data-collection/nosql/category.md deleted file mode 100644 index 47f1d2b540..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nosql/category.md +++ /dev/null @@ -1,29 +0,0 @@ -# NoSQL: Category - -The Category page in the NoSQL Data Collector Wizard lists the following query categories, -sub-divided by auditing focus: - -![NoSQL Data Collector Wizard Category Page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The query categories are: - -- Sensitive Data - - - Sensitive Data Collection – Scan databases for sensitive data - -- MongoDB - - - Utilities - - - Remove Storage Tables — Removes the tables created for the MongoDB Data Collector - - - Database Sizing - - - Database Sizing — Determines MongoDB database size - -- NoSQL - - - NoSQL Utilities - - - Remove NoSQL Storage Tables — All connection related and filter data will be removed for - NoSQL databases diff --git a/docs/accessanalyzer/12.0/data-collection/nosql/configure-job.md b/docs/accessanalyzer/12.0/data-collection/nosql/configure-job.md deleted file mode 100644 index 8b873734c2..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nosql/configure-job.md +++ /dev/null @@ -1,55 +0,0 @@ -# NoSQL Custom Connection Profile & Host List - -The NoSQL Data Collector requires a custom connection profile and host list. - -## Connection Profile - -The credential used for MongoDB Server auditing can be either an Active Directory account or a SQL -account. Create a Connection Profile and set the following information on the User Credentials -window. - -Active Directory - -For an Active Directory account, set the following on the User Credentials window: - -- Select Account Type – Active Directory Account -- Domain – Drop-down menu with available trusted domains will appear. Either type the short domain - name in the textbox or select a domain from the menu. -- User name – Type the user name -- Password Storage – Choose the option for credential password storage: - - - Application – Uses the configured Profile Security setting as selected at the **Settings** > - **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for - additional information. - - CyberArk – Uses the CyberArk Enterprise Password Vault. See the - [CyberArk Integration](/docs/accessanalyzer/12.0/administration/settings/connection/cyberark-integration.md) topic for additional - information. The password fields do not apply for CyberArk password storage. - -- Password – Type the password -- Confirm – Re-type the password - -SQL - -For a SQL account, set the following on the User Credentials window: - -- Select Account Type – SQL Authentication -- User name – Enter user name -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) - topic for additional information.) -- Password – Type the password -- Confirm – Re-type the password - -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) and -[Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topics for additional information. - -## Host List - -Jobs using the NoSQL Data Collector must create a host list with the servers containing the target -databases. Setup the list of MongoDB hosts that needs to be monitored. Be sure to use a specific -host name (if forcing the connection to a secondary host) or just the cluster name if connecting to -the cluster. See the [Host Management](/docs/accessanalyzer/12.0/host-management/overview.md) topic for additional -information. - -Additionally, the database clusters / instances must be added to the Filter page in the query -configuration. See the [NoSQL: Filter](/docs/accessanalyzer/12.0/data-collection/nosql/filter.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/nosql/criteria.md b/docs/accessanalyzer/12.0/data-collection/nosql/criteria.md deleted file mode 100644 index 2ba79be91d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nosql/criteria.md +++ /dev/null @@ -1,33 +0,0 @@ -# NoSQL: Criteria - -The Criteria page is where the criteria to be used for discovering sensitive data is configured. It -is a wizard page for the category of Sensitive Data Collection. - -![NoSQL Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The options on the Criteria page are: - -- Use Global Criteria Selection – Select this option to inherit sensitive data criteria settings - from the **Settings** > **Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for - - - Select All – Click **Select All** to enable all sensitive data criteria for scanning - - Clear All – Click **Clear All** to remove all selections from the table - - Select the checkboxes next to the sensitive data criteria options to enable it to be scanned - for during job execution - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit - user-defined criteria. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) - topic for additional information. - -**NOTE:** Adding unnecessary criteria can adversely impact the scanner performance and can cause the -scanning job to take a long time. If performance is adversely affected, revisit the sensitive data -scanning criteria and remove criteria that is not required. diff --git a/docs/accessanalyzer/12.0/data-collection/nosql/filter.md b/docs/accessanalyzer/12.0/data-collection/nosql/filter.md deleted file mode 100644 index cbd5246702..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nosql/filter.md +++ /dev/null @@ -1,101 +0,0 @@ -# NoSQL: Filter - -The Filter page is where the query can be scoped to target specific databases or instances. It is a -wizard page for the Sensitive Data Collection category. - -It is necessary to populate the available Mongo databases/instances before the query can be scoped. -See the [Manage Connections Window](#manage-connections-window) topic for additional information. - -![NoSQL Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -The Filter page has the following buttons: - -- Connections — Opens the Manage Connections window to add or modify database instances. See the - [Manage Connections Window](#manage-connections-window) topic for additional information. -- Retrieve — Click to populate the Server pane with the database instances added in the Manage - Connections window -- Validate Selections — Validate the include /exclude filters shown in the Selections pane -- Find — Select an item in the Servers list and click find to search for any objects that match the - search string -- Save — Click to save the selected filters -- Orientation — Alternate between a vertical and horizontal split - -The configurable filter options are: - -- Servers — Displays known databases and instances for query scoping. Click **Retrieve** to - populate. Right click to open context menu: - - - Exclude — Excludes selected databases/instances and displays them in red - - Include — Reverts an exclusion. By default, all sub tables are included. - - Build Pattern — Opens the Build Pattern dialogue to build a custom filter to be applied to the - selected database objects. See the [Build or Edit Pattern](#build-or-edit-pattern) topic for - additional information. - -- Selections — Displays selected database objects for which the query has been scoped. Right click - to open context menu: - - - Remove Pattern — Selected database/instance will be removed from the query - - Edit Pattern — Opens the Edit Pattern dialogue with the following options (See the - [Build or Edit Pattern](#build-or-edit-pattern) topic for additional information): - - - Exclude — Excludes selected databases/instances and displays them in red - - Include — Reverts an exclusion. By default, all sub tables are included. - - Pattern — Build a custom filter to be applied to the selected database objects - -## Manage Connections Window - -The Manage Connections window enables users to add MongoDB database instances to search for -sensitive data. Click **Connections** to open the window. - -![Manage Connections window](/img/product_docs/accessanalyzer/admin/datacollector/nosql/manageconnections.webp) - -The Manage Connections table lists the previously added database instances and their attributes. - -Select a row in the table to edit that instance, or create a new instance to add to the table. For -additional information on how to connect to a MongoDB database, see the MongoDB -[Get Connection String](https://docs.mongodb.com/guides/server/drivers/) article. - -- Is Active — Select the checkbox to include the database on the Servers Pane on the Filter page -- Server Label — The name of the server -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the database. The default port is 27017. If a non-default port is - being used, it should be specified in the Port Number section. -- Auth Database — The database used for authorization. Typically it is the **admin** database. -- Read Preference — Read preference describes how MongoDB clients route read operations to the - members of a replica set by default, an application directs its read operations to the primary - member in a replica set (that is, read preference mode **primary**). Howevert, clients can specify - a read preference to send read operations to secondaries. Click the link for additional - information. -- Mongo SRV — Specifies that the information entered is for clusters or shards - -In the Manage Connections table, the following information is also listed: - -- Was Inspected — Indicates whether information for a connection was validated. **Y** indicates the - information has been validated. **N** indicates the information has not been validated. -- Last Inspected — Indicates the date and time of when the connection information was last - inspected. If blank, the connection information has not yet been validated. -- Enable Impersonation – Impersonation does not apply to MongoDB and this column will be blank. - -The Manage Connections window has the following buttons: - -- Test Connection — Click to verify the connection to the database with the connection profile - applied to the job group -- Edit Connection — Click to edit information for the selected connection -- Delete Connection — Click to delete the selected connection -- Create New — Click to create a new connection - -#### Build or Edit Pattern - -The Build / Edit Pattern window enables users to apply a custom scoping filter to the query. - -![Edit Existing Pattern window](/img/product_docs/accessanalyzer/admin/datacollector/nosql/editpattern.webp) - -The Build / Edit Pattern window has the following features: - -- Selected Location — The location within the database / collection -- Exclude — Excludes selected database / instances and displays them in red -- Include — Reverts an exclusion. By default, all sub tables are included. -- Pattern — Build a custom filter to be applied to the selected database objects - - **NOTE:** Color-coding indicating Excluded and Included objects does not display until after a - selection is validated using the **Validate Selections** button on the Filter page. diff --git a/docs/accessanalyzer/12.0/data-collection/nosql/options.md b/docs/accessanalyzer/12.0/data-collection/nosql/options.md deleted file mode 100644 index d07258fdbc..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nosql/options.md +++ /dev/null @@ -1,49 +0,0 @@ -# NoSQL: Options - -Use the Sensitive Data Scan Settings (Options) page to configure additional settings for the -sensitive data scan. It is a wizard page for the Sensitive Data Collection category. - -![NoSQL Data Collector Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -The sensitive data scan settings are: - -Scan Options - -- Data Settings: - - - Scan all documents for sensitive data — Scan all the documents in a collection in the targeted - database or cluster - - Limit of documents to scan — Scan limited number of documents in each database or cluster. - This option is ideal when discovering sensitive data and has minimal impact on the MongoDB - cluster performance. However, if the Subject Profile Request feature is being leveraged, then - all the documents in all the database or cluster need to be scanned. - - Scan documents randomly — Access Analyzer requests a set of documents from each database when - scanning for sensitive data. The database engine does not return random data from a - collection. Instead, Access Analyzer returns sequential documents in a collection. In order to - ensure a statistical discrete uniform distribution of data being scanned, this option can be - selected. When selected, the Access Analyzer sensitive data scanner requests randomized - documents from each collection in all the targeted databases. - -- Scan database names for sensitive data – Scans database names for sensitive data if the database - names are included as part of the keyword list in the scanning criteria -- Scan collection names for sensitive data – Scans collection names within the database for - sensitive data if the collection names are included as part of the keyword list in the scanning - criteria - -DLP Options - -- Store discovered sensitive data – Stores potentially sensitive data in the Access Analyzer - database. Any sampled sensitive data discovered based on the matched criteria is stored in the - Access Analyzer database. This functionality can be disabled by clearing this checkbox. - - **NOTE:** The **Store discovered sensitive data** option is required to view Content Audit - reports in the Access Information Center for MongoDB data. - - **CAUTION:** Changing scan options, criteria, or filters when resuming a scan may prevent the - scan from resuming properly. - -- Resume scan from last point on error — Resumes scan from where the previous scan left off when the - scan was stopped as a result of an error - -_Remember,_ the Sensitive Data Discovery Add-on is required to use the sensitive data collection -option. diff --git a/docs/accessanalyzer/12.0/data-collection/nosql/overview.md b/docs/accessanalyzer/12.0/data-collection/nosql/overview.md deleted file mode 100644 index 16bebaf573..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nosql/overview.md +++ /dev/null @@ -1,52 +0,0 @@ -# NoSQL Data Collector - -The NoSQL Data Collector for MongoDB provides information on MongoDB Cluster configuration, limited -user permissions, scans collections for sensitive data, and identifies who has access to sensitive -data. It also supports the execution of custom queries against all targeted MongoDB cluster nodes. - -The NoSQL Data Collector has been preconfigured within the MongoDB Solution. Both this data -collector and the solution are available with a special Access Analyzer license. See the -[MongoDB Solution](/docs/accessanalyzer/12.0/solutions/databases/mongodb/overview.md) topic for additional -information. - -Protocols - -- TCP/IP - -Ports - -- MongoDB Cluster -- Default port is 27017 (A custom port can be configured) - -Permissions - -- Read Only access to ALL databases in the MongoDB Cluster including: - - - Admin databases - - Config databases - - Local databases - -- Read Only access to any user databases is required for sensitive data discovery -- Read access to NOSQL instance -- Read access to MongoDB instance -- Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target - NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard - page - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## NoSQL Query Configuration - -The NoSQL Data Collector is configured through the NoSQL Data Collector Wizard. The wizard contains -the following pages, which change based upon the query category selected: - -- [NoSQL: Category](/docs/accessanalyzer/12.0/data-collection/nosql/category.md) -- [NoSQL: Options](/docs/accessanalyzer/12.0/data-collection/nosql/options.md) -- [NoSQL: Criteria](/docs/accessanalyzer/12.0/data-collection/nosql/criteria.md) -- [NoSQL: Filter](/docs/accessanalyzer/12.0/data-collection/nosql/filter.md) -- [NoSQL: Results](/docs/accessanalyzer/12.0/data-collection/nosql/results.md) -- [NoSQL: Summary](/docs/accessanalyzer/12.0/data-collection/nosql/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/nosql/results.md b/docs/accessanalyzer/12.0/data-collection/nosql/results.md deleted file mode 100644 index 39a3be5f1f..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nosql/results.md +++ /dev/null @@ -1,10 +0,0 @@ -# NoSQL: Results - -The Results page is where the properties that will be gathered are selected. It is a wizard page for -all of the categories. - -![NoSQL Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually, or the **Select All**, **Clear All**, and **Reset to -Defaults** buttons can be used. All selected properties are gathered. Available properties vary -based on the category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/nosql/summary.md b/docs/accessanalyzer/12.0/data-collection/nosql/summary.md deleted file mode 100644 index d1f11bbb44..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/nosql/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# NoSQL: Summary - -The Summary page is where the configuration settings are summarized. It is a wizard page for all of -the categories. - -![NoSQL Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the NoSQL Data Collector Wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/12.0/data-collection/overview.md b/docs/accessanalyzer/12.0/data-collection/overview.md deleted file mode 100644 index beb435cab3..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/overview.md +++ /dev/null @@ -1,146 +0,0 @@ -# Data Collectors - -This topic covers the configuration wizards that are unique to each data collector. See the -[Jobs Tree](/docs/accessanalyzer/12.0/administration/job-management/overview.md) topic for additional information on job configuration. - -## Query Selection - -The Access Analyzer data collectors can collect information from a wide range of environments. Data -collection tasks are assigned to jobs at the **Configure** > **Queries** node level. See the -[Queries Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/queries.md) topic for additional information. - -![Query Selection page](/img/product_docs/accessanalyzer/admin/datacollector/queryselection.webp) - -The Query Selection page is split into the Tables and Queries sections. The Tables section has the -following options: - -- Table – Select a pre-configured table or select DEFAULT to create a new one -- Add Table – Add a new table to the Table dropdown list -- Rename Table – Rename the current table selected -- Delete Table – Delete the current table selected - -The Queries section is where the Data Collectors are configured. The Queries section has the -following options: - -- Add from Library – Opens the Libraries window. Add a pre-built query from the Access Analyzer - library. See the [Add Query from Library](#add-query-from-library) topic for additional - information. -- Create Query – Click **Create Query** to add a new query task to a job. See the - [Create or Modify a Query](#create-or-modify-a-query) topic for additional information. -- Delete Query – Delete the currently selected query -- Query Properties – Select an existing query and click **Query Properties** to modify its - configuration - -### Add Query from Library - -Pre-built queries can be added to the Data Collector job through the Libraries window. - -![Libraries window](/img/product_docs/accessanalyzer/admin/datacollector/addqueryfromlibrary.webp) - -The Libraries window toolbar has the following options: - -- Create New Library – Create a new library entry. The new Library will be added to the Library - dropdown menu. -- Delete Library – Deletes the currently selected library -- Cut – Cut the selected task in the library to the clipboard -- Copy – Copy the selected task in the library to the clipboard -- Paste – Paste cut or copied item from the clipboard into the currently selected library -- Delete Selected Task – Deletes the currently selected task - -Click **Add** to confirm the query selection and add it to the Queries list on the Query Selection -page. If no selection is needed or intended, click **Cancel** to close the Libraries window without -adding a pre-built query into the Queries list. - -### Create or Modify a Query - -To open the Query Properties window, click **Create Query** for a new query or **Query Properties** -for an existing query. There are three tabs in the Query Properties window where queries can be -configured. These tabs are:. - -- [General Tab](#general-tab) -- [Data Source Tab](#data-source-tab) -- [Filters Tab](#filters-tab) - -To access the XML Text version of the Query Properties window, click **View XML**. This applies to -all three tabs listed. - -#### General Tab - -Use the General tab to modify the name or description of the query. - -![General tab of the Query Properties window](/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesgeneral.webp) - -The General tab displays: - -- Name – Name of the query supplied by the creator of the query -- Description – Description of the query supplied by the creator of the query -- Table – Name of the native data table for this query - - The table name is supplied by the creator in the Query Selection view - - Tables are named DEFAULT, unless modified - - Within the SQL database, the table name will be prefaced with `SA_[Job Name]_` -- ID – Query GUID generated by Access Analyzer for this query task. - - - The query GUID is referenced by the **SMARTLog** Data Collector, **ExchangeMetrics** Data - Collector, and the **PowerShell** Data Collector. - - When using the **SMARTLog** Data Collector or the **ExchangeMetrics** Data Collector, the - `state` file for the query’s Persist log state feature can be found in the SA_CommonData - folder in the Access Analyzer installation directory: - - …/STEALTHbits/StealthAUDIT/Jobs/SA_CommonData/[Data Collector]/[Query GUID]/[Target - Host]/state - -When creating a new query, provide a unique, descriptive **Name** and **Description**. This -information displays in the table on the Query Selection view. See the -[Queries Node](/docs/accessanalyzer/12.0/administration/job-management/job/configure/queries.md) topic for additional information. - -#### Data Source Tab - -Use the Data Source tab to configure the data collector and query. - -| ![Data Source tab of Query Properties for new Query](/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesdatasourceexisting.webp) | -| ------------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | -| New Query | Existing Query | - -The Data Source tab displays: - -- Data Collector – Data collector selected from the drop-down menu. -- Query – Query configuration string. -- Configure – Opens the wizard for the selected data collector. Each Data Collector task has its own - Configuration Wizard. -- Properties – Configured query properties. - -When creating a new query, expand the **Data Collector** drop-down menu, which provides a list of -all licensed data collectors in alphabetical order. The **Query** and **Property** sections are -auto-filled according to the configuration. The buttons at the bottom of the Property section are -for advanced features to manipulate the query. The **+** and **–** buttons manually add or remove -individual properties from the query. The script button opens the VBScript Editor window for query -manipulation scripts. - -**_RECOMMENDED:_** Use the Data Collector Configuration wizards for basic query modifications. For -more complex modifications, contact [Netwrix Support](https://www.netwrix.com/support.html). - -See the individual data collector section for configuration wizard page information. - -#### Filters Tab - -Use the Filters tab to include filters into the data collection process. - -| ![Filters tab of Query Properties window](/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesdatafilterswithfilter.webp) | -| ----------------------------------------------------------------------------------------------------------------------------------------- | ----------- | -| No FIlter | With FIlter | - -The Filter tab has the following items: - -- Filter – Sort through a list of filters that are applied to the current query - - Use the **+** and **–** buttons to add and remove filters from the query -- Key – Labels identifying the configurable value in the filter -- Value – When applicable, add a new value to the filter using the dropdown menu. Otherwise, create - a new one by typing in the desired value. - -**_RECOMMENDED:_** Use the default settings for filters. Filters can be used to substitute or delete -data values during data collection. For more information on the impacts of adding filters to -queries, contact [Netwrix Support](https://www.netwrix.com/support.html). - -Click **OK** to save changes and exist the Query Properties window. If no changes were made or -intended, it is best practice to click **Cancel** to exit the Query Properties window to ensure -unintended changes are not saved. diff --git a/docs/accessanalyzer/12.0/data-collection/password-security/category.md b/docs/accessanalyzer/12.0/data-collection/password-security/category.md deleted file mode 100644 index 6ccc5ffff3..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/password-security/category.md +++ /dev/null @@ -1,12 +0,0 @@ -# PasswordSecurity: Category - -This Category page in the Password Security Data Collection Wizard identifies the kind of password -information retrieved during a scan of the Active Directory. - -![Password Security Data Collection Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The Password Security Data Collection contains the following type of scan: - -- WeakPasswordScan – Scans an Active Directory for weak passwords. Returns password information per - the configurable scan options including clear-text passwords. For additional information on scan - options, see the[PasswordSecurity: Options](/docs/accessanalyzer/12.0/data-collection/password-security/options.md) topic. diff --git a/docs/accessanalyzer/12.0/data-collection/password-security/dictionaries.md b/docs/accessanalyzer/12.0/data-collection/password-security/dictionaries.md deleted file mode 100644 index da807a0271..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/password-security/dictionaries.md +++ /dev/null @@ -1,147 +0,0 @@ -# PasswordSecurity: Dictionaries - -The Dictionaries page provides configuration settings for storing passwords to be used as a -reference for the scan. - -![Password Security Data Collection Wizard Dictionary options page](/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.webp) - -The configurable dictionary options are: - -- Use Stealthbits dictionary (> 100,000 passwords) – If enabled, compares passwords against - out-of-the-box dictionary comprised of commonly used password hashes -- Automatically update the Stealthbits dictionary – Checks for the latest version of the Netwrix - weak password dictionary file when the job is executed, and downloads the latest version from the - [Netwrix website](https://www.netwrix.com/) - - - If the Access Analyzer server does not have an internet connection, the weak password - dictionary can be downloaded directly from the - [My Products](https://www.netwrix.com/my_products.html) page of the Netwrix website. See the - [Download the Netwrix Weak Password Dictionary](#download-the-netwrix-weak-password-dictionary) - topic for additional information. - -- Update Dictionary – Checks for the latest version of the dictionary file, and updates if necessary -- Add – Add a custom dictionary file in one of the following formats: - - - Plaintext – Line separated in a text file - - NLTM Hashes – Can be added with hashes or sorted hashes. The haveibeenpwned dictionary can be - used. See the - [Download and Configure the Have I Been Pwnd (HIBP) Hash List](#download-and-configure-the-have-i-been-pwnd-hibp-hash-list) - topic for additional information. - - **_RECOMMENDED:_** Use the sorted hash dictionary if adding an NLTM format - -- Remove – Removes a custom dictionary file from the query scope - -## Download the Netwrix Weak Password Dictionary - -**Step 1 –** If the Access Analyzer server does not have an internet connection, the weak passwords -dictionary can be downloaded directly from the -[My Products](https://www.netwrix.com/my_products.html) page of the Netwrix website. - -**Step 2 –** After downloading the dictionary file manually do one the following: - -- If an internet connection exists on the Access Analyzer server: - - - Place the `dictionary.dat` file in the following location: - `%sainstalldir%\Jobs\SA_CommonData\PasswordSecurity\Dictionaries` - - Rename the file to `sadictionary_hashed_sorted.dat` - -- If no internet connection exists on the Access Analyzer server: - - - Copy the file to the Access Analyzer server and put it in a location of your choosing. The - default location is `%sainstalldir%\Jobs\SA_CommonData\PasswordSecurity\Dictionaries` - - Open the PasswordSecurity data collector configuration for the **AD_WeakPasswords** job - - On the Dictionaries page, deselect the **Use STEALTHbits dictionary** checkbox - - On the Dictionaries page, click **Add...** and select the previously downloaded - `dictionary.dat` file - -## Download and Configure the Have I Been Pwnd (HIBP) Hash List - -If you don't have internet access on the Netwrix Access Analyzer (formerly Enterprise Auditor) -server or want to download the files from another location that has internet access, you can do so -by using the Pwnd Passwords Downloader. - -The Pwnd Passwords Downloader is a Dotnet tool used to download all Pwned Passwords hash ranges and -save them offline so they can be used without a dependency on the k-anonymity API. Use this tool to -get the latest breached hashes from the Have I Been Pwnd (HIBP) database. - -**NOTE:** The -[](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader)[Pwnd Passwords Downloader](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader) -is a third party, open source tool, created by the HaveIBeenPwned team and distributed under a BSD -3-Clause License. You might experience issues during the hash download process, depending on your -threading settings or the load on the CloudFlare backend. The Pwnd Passwords Downloader tool will -automatically retry to continue downloading the hashes until it fully completes the download -process. - -### Prerequisites - -The Pwnd Passwords Downloader has the following prerequisite: - -- Install .NET 6 before installing the - [Pwnd Passwords Downloader ](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader)tool. You - can download .NET 6 from Microsoft: - [https://dotnet.microsoft.com/en-us/download/dotnet/6.0](https://dotnet.microsoft.com/en-us/download/dotnet/6.0) - -The HIBP database takes up additional space on the machine where it is copied (approximately 13 GB, -but subject to change). The Have I Been Pwnd database (HIBP) hashes can take up to 30 GB. Make sure -that you have enough free space on your disk in your Netwrix Access Analyzer (formerly Enterprise -Auditor) install directory (`%sainstalldir%`). - -### Install the Pwnd Passwords Downloader - -Follow the steps to install the Pwnd Passwords Downloader. - -**Step 3 –** Open command prompt, and navigate to your .NET install folder (for example, -`C:\Program Files (x86)\dotnet`). - -**Step 4 –** Run the following command: - -``` -dotnet tool install --global haveibeenpwned-downloader -``` - -![hibp_installation_0](/img/product_docs/threatprevention/threatprevention/admin/configuration/hibp_installation_0.webp) - -**Step 5 –** Close the command prompt. - -### Update an Installed Pwnd Passwords Downloader - -Follow the steps to update an installed Pwnd Passwords Downloader. - -**Step 1 –** Open the command prompt. - -**Step 2 –** Run the following command: - -``` -dotnet tool update --global haveibeenpwned-downloader -``` - -![hibp_installation_1](/img/product_docs/threatprevention/threatprevention/admin/configuration/hibp_installation_1.webp) - -### Download NTML Hashes with the Pwnd Passwords Downloader - -Follow the steps to download NTLM hashes. - -**Step 1 –** Navigate to the folder where you want to download the hashes. - -**Step 2 –** Download all NTLM hashes to a single txt file, called for example -`pwnedpasswords_ntlm.txt`. - -Run: - -``` -haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm -``` - -![hibp_installation_3](/img/product_docs/threatprevention/threatprevention/admin/configuration/hibp_installation_3.webp) - -This screenshot shows the completed download. - -**Step 3 –** To overwrite an existing hash list, run: - -``` -haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm -o -``` - -For a complete list of available parameters, please check the -[Pwnd Passwords Downloader GitHub page](https://github.com/HaveIBeenPwned/PwnedPasswordsDownloader). diff --git a/docs/accessanalyzer/12.0/data-collection/password-security/options.md b/docs/accessanalyzer/12.0/data-collection/password-security/options.md deleted file mode 100644 index 5f73e4411e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/password-security/options.md +++ /dev/null @@ -1,19 +0,0 @@ -# PasswordSecurity: Options - -The Options page provides format options for returned data. - -![Password Security Data Collection Wizard Scan options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -The configurable scan options are: - -- Encrypt communications with Active Directory (SSL) – Enables communication to the domain - controller over SSL -- Analyze historical passwords – Scans historical passwords that have been stored in Active - Directory - - **CAUTION:** Enabling the following option will return clear text passwords to be stored in the - Access Analyzer database for the following exceptions: **Clear Text Password**, **Potential - Keytab Password**, and **Weak Password** (when leveraging a plaintext password dictionary). - -- Return cleartext passwords when possible – Returns stored clear-text passwords to the Access - Analyzer database diff --git a/docs/accessanalyzer/12.0/data-collection/password-security/overview.md b/docs/accessanalyzer/12.0/data-collection/password-security/overview.md deleted file mode 100644 index 5aaf8028fc..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/password-security/overview.md +++ /dev/null @@ -1,41 +0,0 @@ -# PasswordSecurity Data Collector - -The PasswordSecurity Data Collector compares passwords stored in Active Directory to known, breached -passwords in the Netwrix weak password dictionary or custom dictionaries. The PasswordSecurity Data -Collector also checks for common misconfigurations with passwords in Active Directory. - -The PasswordSecurity Data Collector is a core component of Access Analyzer, but it has been -preconfigured within the Active Directory Solution. While the data collector is available with all -Access Analyzer license options, the Active Directory Solution is only available with a special -Access Analyzer license. See the -[Active Directory Solution](/docs/accessanalyzer/12.0/solutions/active-directory/overview.md) topic for additional -information. - -Protocols - -- LDAP - -Ports - -- TCP 389/636 - -Permissions - -- At the domain level: - - - Read - - Replicating Directory Changes - - Replicating Directory Changes All - - Replicating Directory Changes in a Filtered Set - - Replication Synchronization - -## PasswordSecurity Query Configuration - -The PasswordSecurity Data Collector is configured through the Password Security Data Collector -Wizard, which contains the following wizard pages: - -- [PasswordSecurity: Category](/docs/accessanalyzer/12.0/data-collection/password-security/category.md) -- [PasswordSecurity: Options](/docs/accessanalyzer/12.0/data-collection/password-security/options.md) -- [PasswordSecurity: Dictionaries](/docs/accessanalyzer/12.0/data-collection/password-security/dictionaries.md) -- [PasswordSecurity: Results](/docs/accessanalyzer/12.0/data-collection/password-security/results.md) -- [PasswordSecurity: Summary](/docs/accessanalyzer/12.0/data-collection/password-security/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/password-security/results.md b/docs/accessanalyzer/12.0/data-collection/password-security/results.md deleted file mode 100644 index c4911f7480..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/password-security/results.md +++ /dev/null @@ -1,8 +0,0 @@ -# PasswordSecurity: Results - -The Results page is where Active Directory properties to be gathered are selected. - -![Password Security Data Collection Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or by using the **Select All** or **Clear All** buttons. All -selected properties are gathered. diff --git a/docs/accessanalyzer/12.0/data-collection/password-security/summary.md b/docs/accessanalyzer/12.0/data-collection/password-security/summary.md deleted file mode 100644 index 4287a6f9d3..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/password-security/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# PasswordSecurity: Summary - -The Summary page displays a summary of the configured query. - -![Password Security Data Collection Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Active Directory Data Collector Wizard to ensure that no accidental -clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/permission-matrix/index.md b/docs/accessanalyzer/12.0/data-collection/permission-matrix/index.md deleted file mode 100644 index 980301de02..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/permission-matrix/index.md +++ /dev/null @@ -1,54 +0,0 @@ -# Permissions by Data Collector (Matrix) - -The Access Analyzer data collectors are capable of collecting information from a variety of sources. -Each data collector requires specific protocols, ports, and permissions for the collection of data -to occur. - -Many data collectors are included as core components. However, some data collectors require specific -license features. The following table provides a quick reference for each data collector. - -| Data Collector | Description | Protocols | Ports Used | Recommended Permissions | -| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| ActiveDirectory _\*requires license_ | The ActiveDirectory Data Collector audits objects published in Active Directory. | - ADSI - LDAP - RPC | - TCP 389/636 - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Domain Administrators group | -| ADActivity _\*requires license_ | The ADActivity Data Collector integrates with the Netwrix Activity Monitor by reading the Active Directory activity log files. | - HTTP - RPC | - TCP 4494 (configurable within the Netwrix Activity Monitor) | - Netwrix Activity Monitor API Access activity data - Netwrix Activity Monitor API Read - Read access to the Netwrix Activity Monitor Log Archive location | -| ADInventory | The ADInventory Data Collector is designed as a highly scalable and useful data collection mechanism to catalogue user, group, and computer object information that can be used by other solutions within Access Analyzer. | - LDAP | - TCP 389 - TCP 135-139 - Randomly allocated high TCP ports | - Read access to directory tree - List Contents & Read Property on the Deleted Objects Container **NOTE:** See the Microsoft [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) article and the Microsoft [Dsacls]() article for additional information. | -| ADPermissions _\*requires license_ | The ADPermissions Data Collector collects the advanced security permissions of objects in AD. | - ADSI - LDAP - RPC | - TCP 389 - TCP 135 – 139 - Randomly allocated high TCP ports | - LDAP Read permissions - Read on all AD objects - Read permissions on all AD Objects | -| AWS | The AWS Data Collector collects IAM users, groups, roles, and policies, as well as S3 permissions, content, and sensitive data from the target Amazon Web Services (AWS) accounts. | - HTTPS | - 443 | - To collect details about the AWS Organization, the following permission is required: - organizations:DescribeOrganization - To collect details regarding IAM, the following permissions are required: - iam:GenerateCredentialReport - iam:GenerateServiceLastAccessedDetails - iam:Get\* - iam:List\* - iam:Simulate\* - sts:GetAccessKeyInfo - To collect details related to S3 buckets and objects, the following permissions are required: - s3:Describe\* - s3:Get\* - s3:HeadBucket - s3:List\* | -| AzureADInventory | The AzureADInventory Data Collector catalogs user and group object information from Microsoft Entra ID, formerly Azure Active Directory. This data collector is a core component of Access Analyzer and is preconfigured in the .Entra ID Inventory Solution. | - HTTP - HTTPS - REST | - TCP 80 and 443 | - Microsoft Graph API - Application Permissions: - AuditLog.Read.All – Read all audit log data - Directory.Read.All – Read directory data - Delegated Permissions: - Group.Read.All – Read all groups - User.Read.All – Read all users' full profiles - Access URLs - https://login.windows.net - https://graph.windows.net - https://login.microsoftonline.com - https://graph.microsoft.com - All sub-directories of the access URLs listed | -| Box _\*requires license_ | The Box Data Collector audits access, group membership, and content within a Box enterprise. | - HTTP - HTTPS | - TCP 80 - TCP 443 | - Box Enterprise Administrator | -| CommandLineUtility | The CommandLineUtility Data Collector provides the ability to remotely spawn, execute, and extract data provided by a Microsoft native or third-party command line utility. | - Remote Registry - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the local Administrators group | -| DiskInfo | The DiskInfo Data Collector provides enumeration of disks and their associated properties. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the local Administrators group | -| DNS _\*requires license_ | The DNS Data Collector provides information regarding DNS configuration and records. | - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Domain Administrators group | -| DropboxAccess _\*requires license_ | The DropboxAccess Data Collector audits access, group membership, and content within a Dropbox environment. | - HTTP - HTTPS | - TCP 80 - TCP443 | - Dropbox Team Administrator | -| Entra | The Entra data collector collects Microsoft Entra roles information from the target Microsoft Entra tenant. This data collector is preconfigured in the .Entra ID Inventory solution. | - HTTP - HTTPS - REST | - TCP 80 and 443 | - Microsoft Graph API Application permissions: - RoleManagement.Read.Directory - Resource Manager permissions: - Microsoft.Authorization/roleAssignments/read - Microsoft.Authorization/roleDefinitions/read - Microsoft.Resources/resources/read - Microsoft.Resources/subscriptions/read - Microsoft.Resources/subscriptions/resources/read - Microsoft.Resources/subscriptions/resourceGroups/read - Microsoft.Authorization/providerOperations/read - Microsoft.Management/managementGroups/read | -| EventLog | The EventLog Data Collector provides search and extraction of details from event logs on target systems. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the Local Administrators group - Member of the Domain Administrators group (if targeting domain controllers) | -| EWSMailbox _\*requires license_ | The EWSMailbox Data Collector provides configuration options to scan mailbox contents, permissions, and sensitive data, and is preconfigured within the Exchange Solution. | - HTTPS - ADSI - LDAP | - TCP 389 - TCP 443 | For Exchange servers: - Exchange Admin Role - Discovery Management Role - Application Impersonation Role - Exchange Online License For Exchange Online: - Exchange Admin Role - Discovery Management Role - Exchange Online License | -| EWSPublicFolder _\*requires license_ | The EWSPublicFolder Data Collector provides configuration options to extract public folder contents, permissions, and sensitive data, and is preconfigured within the Exchange Solution. | - HTTPS - ADSI - LDAP | - TCP 389 - TCP 443 | For Exchange servers: - Exchange Admin Role - Discovery Management Role - Application Impersonation Role - Exchange Online License with a mailbox For Exchange Online: - Exchange Admin Role - Discovery Management Role - Exchange Online License with a mailbox | -| Exchange2K _\*requires license_ | The Exchange2K Data Collector extracts configuration details from Exchange organizations for versions 2003 and later. | - LDAP - MAPI - PowerShell - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports - TCP 389 - Optional TCP 445 | - Member of the Exchange Administrator group - Domain Admin for AD property collection - Public Folder Management | -| ExchangeMailbox _\*requires license_ | The ExchangeMailbox Data Collector extracts configuration details from the Exchange Store to provide statistical, content, permission, and sensitive data reporting on mailboxes. | - MAPI - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Exchange Administrator group - Organization Management - Discovery Management | -| ExchangeMetrics _\*requires license_ | The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking Logs on the Exchange servers. Some examples of this include server volume and message size statistics. | - RPC - WMI | - TCP 135 - Randomly allocated high TCP ports | - Member of the local Administrator group on the targeted Exchange server(s) | -| ExchangePS _\*requires license_ | The ExchangePS Data Collector utilizes the Exchange CMDlets to return information about the Exchange environment utilizing PowerShell. This data collector has been designed to work with Exchange 2010 and newer. | - PowerShell | - TCP 135 - Randomly allocated high TCP ports | For Exchange servers: - Remote PowerShell enabled on a single Exchange server - Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server where Remote PowerShell has been enabled - View-Only Organization Management Role Group - Discovery Search Management Role Group - Public Folder Management Role Group - Mailbox Search Role For Exchange Online: - Discovery Management Role - Organization Management Role | -| ExchangePublicFolder _\*requires license_ | The ExchangePublicFolder Data Collector audits an Exchange Public Folder, including contents, permissions, ownership, and replicas. | - MAPI - RPC | - TCP 135 - Randomly allocated high TCP ports | - Member of the Exchange Administrator group - Organization Management | -| File | The File Data Collector provides file and folder enumeration, properties, and permissions. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports - Optional TCP 445 | - Member of the Local Administrators group | -| FileSystemAccess (FSAA) _\*requires license_ | The FileSystemAccess (FSAA) Data Collector collects permissions, content, and activity, and sensitive data information for Windows and NAS file systems. | - Remote Registry - WMI | - Ports vary based on the Scan Mode Option selected. See the [File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic for additional information. | - Permissions vary based on the Scan Mode Option selected. See the [File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) topic for additional information. | -| GroupPolicy | The GroupPolicy Data Collector provides the ability to retrieve the GPO’s list in the domain and where they are linked, return information on configured policies and policy parts from the individual policies that have been selected, return information on selected policy parts from all policies within the domain, and return effective security policies in effect at the individual workstation. | - LDAP - RPC | - TCP 389 - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the Local Administrators group | -| INIFile | The INIFile Data Collector provides options to configure a task to collect information about log entries on target hosts. | - RPC | - TCP 135-139 - Randomly allocated high TCP ports - Optional TCP 445 | - Member of the Local Administrators group | -| LDAP | The LDAP Data Collector uses LDAP to query Active Directory returning the specified objects and attributes. | - LDAP | - TCP 389 | - Member of the Domain Administrators group | -| NIS | The NIS Data Collector inventories a NIS domain for user and group information, mapping to Windows-style SIDs. | - NIS | - TCP 111 or UDP 111 - Randomly allocated high TCP ports | - No special permissions are needed aside from access to a NIS server | -| NoSQL | The NoSQL Data Collector for MongoDB provides information on MongoDB Cluster configuration, limited user permissions, scans collections for sensitive data, and identifies who has access to sensitive data. | - TCP/IP | - MongoDB Cluster - Default port is 27017 (A custom port can be configured) | - Read Only access to ALL databases in the MongoDB Cluster including: - Admin databases - Config databases - Local databases - Read Only access to any user databases is required for sensitive data discovery - Read access to NOSQL instance - Read access to MongoDB instance - Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard page | -| ODBC | Queries ODBC compliant databases for tables and table properties | - OCBC | - TCP 1433 | - Database Read access | -| PasswordSecurity | The PasswordSecurity Data Collector compares passwords stored in Active Directory to known, breached passwords in the Netwrix weak password dictionary or custom dictionaries. The PasswordSecurity Data Collector also checks for common misconfigurations with passwords in Active Directory. | - LDAP | - TCP 389/636 | - At the domain level: - Read - Replicating Directory Changes - Replicating Directory Changes All - Replicating Directory Changes in a Filtered Set - Replication Synchronization | -| PatchCheck | Provides patch verification and optional automatic bulletin downloads from Microsoft | - HTTP - ICMP - RPC | - TCP 135-139 - Randomly allocated high TCP ports - TCP 80 - TCP 7 | - Member of the Local Administrators group | -| Perfmon | Provides performance monitor counter data samples | - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | -| PowerShell | The PowerShell Data Collector provides PowerShell script exit from Access Analyzer. | - PowerShell | - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the Local Administrators group | -| Registry | The Registry Data Collector queries the registry and returns keys, key values, and permissions on the keys. | - Remote Registry - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | -| Script | The Script Data Collector provides VB Script exit from Access Analyzer. | - VB Script | - Randomly allocated high TCP ports | - Member of the Local Administrators group - Member of the Domain Administrators group (if targeting domain controllers) | -| Services | The Services Data Collector enumerates status and settings from remote services. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | -| SharePointAccess (SPAA) _\*requires license_ | The SharePointAccess (SPAA) Data Collector audits access, group membership, and content within a SharePoint on-premises and SharePoint Online environment. The SPAA Data Collector has been preconfigured within the SharePoint Solution. | - MS SQL - Remote Registry - SP CSOM (Web Services via HTTP & HTTPS) - SP Server API - WCF AUTH via TCP (configurable) | - Ports vary based on the Scan Mode selected and target environment. See the [SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) topic for additional information. | - Permissions vary based on the Scan Mode selected and target environment. See the [SharePoint Support](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/sharepoint.md) topic for additional information. | -| SMARTLog | The SMARTLog Data Collector provides search and extraction of details from Windows Event Logs (online or offline) and Microsoft Exchange Internet Information Server (IIS) logs. | - Log - Remote Event - RPC | - TCP 135 - TCP 445 - Randomly allocated high TCP ports | - Member of the Domain Administrators group (if targeting domain controllers) - Member of the local Administrators group | -| SQL _\*requires license_ | The SQL Data Collector provides information on database configuration, permissions, data extraction, application name of the application responsible for activity events, an IP Address or Host name of the client server, and sensitive data reports. This data collector also provides information on Oracle databases including infrastructure and operations. | TCP | For Db2 Target: - Specified by Instances table (default is 5000) For MySQL Target: - Specified by Instances table (default is 3306) For Oracle Target: - Specified by Instances table (default is 1521) For PostgreSQL Target: - Specified by Instances table (default is 5432) For SQL Target: - Specified by Instances table (default is 1433) | For MySQL Target: - Read access to MySQL instance to include all databases contained within each instance - Windows Only — Domain Admin or Local Admin privilege For Oracle Target: - User with SYSDBA role - Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or Unix operating systems For PostgreSQL Target: - Read access to all the databases in PostgreSQL cluster or instance - Windows Only — Domain Admin or Local Admin privilege For Redshift Target: - Read-access to the following tables: - pg_tables - pg_user For SQL Target: - For Instance Discovery, local rights on the target SQL Servers: - Local group membership to Remote Management Users - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` - For permissions for data collection: - Read access to SQL instance - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the target SQL instance(s) when using the **Scan full rows for sensitive data** option on the Options wizard page - Grant Authenticate Server to [DOMAIN\USER] - Grant Connect SQL to [DOMAIN\USER] - Grant View any database to [DOMAIN\USER] - Grant View any definition to [DOMAIN\USER] - Grant View server state to [DOMAIN\USER] - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) | -| SystemInfo | The SystemInfo Data Collector extracts information from the target system based on the selected category. | - Remote Registry - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | -| TextSearch | The TextSearch Data Collector enables searches through text based log files. | - RPC | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | -| Unix _\*requires license_ | The Unix Data collector provides host inventory, software inventory, and logical volume inventory on UNIX & Linux platforms. | - SSH | - TCP 22 - User configurable | - Root permissions in Unix/Linux | -| UserGroups _\*requires license_ | The UsersGroups Data Collector audits user and group accounts for both local and domain, extracting system policies. | - RPC - SMBV2 - WMI | - TCP 135-139 - Randomly allocated high TCP ports - 445 | - Member of the Local Administrators group - If a less-privileged option is required, you can use a regular domain user that has been added to the **Network access: Restrict clients allowed to make remote calls to SAM** Local Security Policy - Member of the Domain Administrators group (if targeting domain controllers) | -| WMICollector | The WMICollector Data Collector identifies data for certain types of WMI classes and namespaces. | - RPC - WMI | - TCP 135-139 - Randomly allocated high TCP ports | - Member of the Local Administrators group | diff --git a/docs/accessanalyzer/12.0/data-collection/powershell/edit-query.md b/docs/accessanalyzer/12.0/data-collection/powershell/edit-query.md deleted file mode 100644 index bc78e0619c..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/powershell/edit-query.md +++ /dev/null @@ -1,76 +0,0 @@ -# PowerShell: Edit Query - -The Edit Query page provides a screen to edit the query to execute. Users can import PowerShell -script as well as use an input table to create and edit the PowerShell script. - -![PowerShell Data Collector Wizard Edit Query page](/img/product_docs/accessanalyzer/admin/datacollector/powershell/editquery.webp) - -The options on the Edit Query page are: - -- Open – Click to import and open a PowerShell script -- Script Editor – Input PowerShell script to use for the configured job -- Parameters – The Parameters tab located on the right-hand side of the Edit Query page is used to - bring up the Parameters window. See the [Parameters](#parameters) topic for additional - information. -- Use table input for PowerShell script – select the checkbox to bring up the Input options for the - PowerShell script. See the [Input Options](#input-options) topic for additional information. - -## Parameters - -Add, edit, and delete parameters for the PowerShell data collector using the Parameters window. - -![Parameters Window](/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryparameters.webp) - -The options in the Parameters Window are: - -- Add – Add a parameter by opening the Add/Edit Variable Window. See the - [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. -- Edit – Edit the selected parameter by opening the Add/Edit Variable Window. See the - [Add/Edit Variable Window](#addedit-variable-window) topic for additional information. -- Delete – Delete a parameter - -**NOTE:** Only user created parameters can be edited or deleted. Pre-configured parameters cannot be -edited or deleted. - -### Add/Edit Variable Window - -Use the Add/Edit Variable Window to add and edit parameters for the PowerShell Data Collector. - -![Add/Edit Variable Window](/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryvariable.webp) - -The options in the Add/Edit Variable window are: - -- Name – Enter or edit the name for the custom parameter -- Description – (Optional) Enter or edit the description for the custom parameter -- Type – Select the Type from the dropdown list. The options are: - - - String - - List - - Filepath - - Boolean - - Long - - Double - -- Value – Enter or edit the value for the custom parameter - -## Input Options - -When the Use table input for PowerShell script option is selected on the Edit Query page, additional -options display to define the source for input data. - -![Edit Query page input options](/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryinput.webp) - -The input options are: - -- Please select name – Select the input table to be used from the drop-down menu -- Filter nulls – Excludes values that are null from input -- Filter duplicates – Excludes any values that are duplicate from input -- Text Box – Displays an example of how the input can be used in a PowerShell script -- Columns – Displays the columns in the selected input table. If applicable, select the checkbox to - include the column in the input. -- Input Data – Preview how the input data will look in the Input Data tab - -![Text Box and the Columns tab populated with information](/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryinputtable.webp) - -Selecting an input table in the **Please select name** dropdown populates the Text Box and the -Columns tab with information. diff --git a/docs/accessanalyzer/12.0/data-collection/powershell/options.md b/docs/accessanalyzer/12.0/data-collection/powershell/options.md deleted file mode 100644 index 3522d4c3af..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/powershell/options.md +++ /dev/null @@ -1,16 +0,0 @@ -# PowerShell: Options - -The Options page provides the option to execute the script remotely on the target host. - -![PowerShell Data Collector Wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -The configurable options are: - -- Execute remotely – Remotely executes the script on the target host. If this checkbox is not - selected, the script will be executed from the Access Analyzer Console server. -- Use impersonation within server executable – Executes the script with the job credentials - -For cmdlets requiring explicit credentials, a single credential set from the job's Connection -Profile can be referenced using `Get-Credential` or the `$JobCredential` variable, a `PSCredential` -type object. All credentials from the job’s Connection Profile may be accessed via the -`$JobCredentials` array. diff --git a/docs/accessanalyzer/12.0/data-collection/powershell/overview.md b/docs/accessanalyzer/12.0/data-collection/powershell/overview.md deleted file mode 100644 index d33d3bd58c..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/powershell/overview.md +++ /dev/null @@ -1,35 +0,0 @@ -# PowerShell Data Collector - -The PowerShell Data Collector provides PowerShell script exit from Access Analyzer. It has -configuration options for creating and configuring a PowerShell query. This data collector is a core -component of Access Analyzer and is available with all Access Analyzer licenses. - -Protocols - -- PowerShell - -Ports - -- Randomly allocated high TCP ports - -Permissions - -- Member of the Domain Administrators group (if targeting domain controllers) -- Member of the Local Administrators group - -## PowerShell Query Configuration - -The PowerShell Data Collector is configured through the PowerShell Data Collector Wizard, which -contains the following pages: - -- Welcome -- [PowerShell: Edit Query](/docs/accessanalyzer/12.0/data-collection/powershell/edit-query.md) -- [PowerShell: Options](/docs/accessanalyzer/12.0/data-collection/powershell/options.md) -- [PowerShell: Sample Server](/docs/accessanalyzer/12.0/data-collection/powershell/sample-server.md) -- [PowerShell: Results](/docs/accessanalyzer/12.0/data-collection/powershell/results.md) -- [PowerShell: Summary](/docs/accessanalyzer/12.0/data-collection/powershell/summary.md) - -![PowerShell Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by checking the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/powershell/results.md b/docs/accessanalyzer/12.0/data-collection/powershell/results.md deleted file mode 100644 index 2a1a04bf29..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/powershell/results.md +++ /dev/null @@ -1,11 +0,0 @@ -# PowerShell: Results - -The Results page provides configuration settings for the Properties to return and ROWKEY's -components. - -![PowerShell Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -The Results page options are: - -- Properties to return – List of available properties which can be gathered for the PowerShell query -- ROWKEY's components – List of available properties based on which ROWKEY will be built diff --git a/docs/accessanalyzer/12.0/data-collection/powershell/sample-server.md b/docs/accessanalyzer/12.0/data-collection/powershell/sample-server.md deleted file mode 100644 index bde0907476..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/powershell/sample-server.md +++ /dev/null @@ -1,16 +0,0 @@ -# PowerShell: Sample Server - -The Sample Server page provides a box to select a server to generate the result columns. - -![PowerShell Data Collector Wizard Select Server page](/img/product_docs/accessanalyzer/admin/datacollector/powershell/selectserver.webp) - -The Select Server page options are: - -- Server name – Server to be used during configuration -- Validate – Validates the script results and retrieves result columns. Validation must be run in - order to populate and enable the Results page. - -The server selected here replaces any `[SAHOSTNAME]` tokens in the PowerShell script. During -execution, the `[SAHOSTNAME]` tokens are replaced in turn by each host in the host list. If no -`[SAHOSTHAME]` tokens exist in the PowerShell script, then the server name and the hosts in the host -list have no effect. diff --git a/docs/accessanalyzer/12.0/data-collection/powershell/summary.md b/docs/accessanalyzer/12.0/data-collection/powershell/summary.md deleted file mode 100644 index e0a25a7377..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/powershell/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# PowerShell: Summary - -The Summary page summarizes the selected configurations from the previous pages in the PowerShell -Data Collector Wizard. - -![PowerShell Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the PowerShell Data Collector Wizard ensuring that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/registry/index.md b/docs/accessanalyzer/12.0/data-collection/registry/index.md deleted file mode 100644 index b7737118c1..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/registry/index.md +++ /dev/null @@ -1,75 +0,0 @@ -# Registry Data Collector - -The Registry Data Collector queries the registry and returns keys, key values, and permissions on -the keys. The data in the native tables returned by the Registry Data Collector is dependent upon -the query configuration. For example, a query could be configured to only show permissions on -registry keys in a 32-bit view. Another query could be configured to show a listing of all keys and -key values in a 64-bit view. Wildcards can also be used in query configurations. - -The Registry Data Collector is a core component of Access Analyzer, but it has been preconfigured -within both the Active Directory Solution and the Windows Solution. While the data collector is -available with all Access Analyzer license options, these solutions are only available with a -special Access Analyzer licenses. See the following topics for additional information: - -- [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/active-directory/overview.md) -- [Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) - -Protocols - -- Remote Registry -- RPC - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group - -## Registry Query Configuration - -The Registry Data Collector is configured through the Registry Browser window. - -![Registry Browser window](/img/product_docs/accessanalyzer/admin/datacollector/browser.webp) - -The configurable options are: - -- Sample Host – The host to connect to. If this box is left blank, the connection is to the local - host. -- 64-bit view – The default view is 32-bit. Select the **64-bit view** checkbox to switch to a - 64-bit view. -- Connect – Connect to host’s registry. If no host is specified in the Sample Host box, the - connection is to the local host’s registry. -- Query 32-bit view – Select this checkbox to query the 32-bit view of the registry -- Query 64-bit view – Select this checkbox to query the 64-bit view of the registry -- Name – The key value. Key values can be added to the Selected Properties list by pressing the - **ctrl** key, selecting the keys to add, and then clicking the **Add currently selected value** - button. -- Type – The key value type -- Data – The key value path -- Root Path – The path to the selected key -- Enumerate child nodes – Select this checkbox to do a recursive search of all child nodes - -The button bar provides additional options for selecting keys. See the [Button Bar](#button-bar) -topic for additional information. - -### Button Bar - -The button bar is located right above the Selected Properties window. The button bar enables users -to do the following: - -![Button Bar](/img/product_docs/accessanalyzer/admin/datacollector/buttonbar.webp) - -| Icon | Name | -| ---------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------- | -| ![Select all peer keys for this node](/img/product_docs/accessanalyzer/admin/datacollector/selectall.webp) | Select all peer keys for this node | -| ![Add name of currently selected key](/img/product_docs/accessanalyzer/admin/datacollector/addname.webp) | Add name of currently selected key | -| ![Add full path of the currently selected key](/img/product_docs/accessanalyzer/admin/datacollector/addpath.webp) | Add full path of the currently selected key | -| ![Add last write date/time of currently selected key](/img/product_docs/accessanalyzer/admin/datacollector/adddatetime.webp) | Add last write date/time of currently selected key | -| ![Add security properties for selected key](/img/product_docs/accessanalyzer/admin/datacollector/addproperties.webp) | Add security properties for selected key | -| ![Enumerate all values for this key](/img/product_docs/accessanalyzer/admin/datacollector/enumeratevalues.webp) | Enumerate all values for this key | -| ![Add currently selected value](/img/product_docs/accessanalyzer/admin/datacollector/addvalue.webp) | Add currently selected value | -| ![Delete properties from selection](/img/product_docs/platgovnetsuite/integrations/delete.webp) | Delete properties from selection | -| ![Go to selected key](/img/product_docs/accessanalyzer/admin/datacollector/goto.webp) | Go to selected key | diff --git a/docs/accessanalyzer/12.0/data-collection/script/add.md b/docs/accessanalyzer/12.0/data-collection/script/add.md deleted file mode 100644 index c8cf9d3f4f..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/script/add.md +++ /dev/null @@ -1,20 +0,0 @@ -# Add a Script to an Existing Query - -The Query Properties window provides the ability to add a script to an existing query. Typically, a -script is used to augment a query providing services such as conversion of returned data. - -Follow the steps to add a script. - -**Step 1 –** Navigate to the job's **Configure** node and select **Queries**. - -**Step 2 –** Click **Create Query** to open the Query Properties window. - -**Step 3 –** Select the **Data Source** tab and select the desired data collector in the Data -Collector drop-down menu. - -![Query Properties window](/img/product_docs/accessanalyzer/admin/datacollector/script/querypropertiesexisting.webp) - -**Step 4 –** Click the **Browse Data Source** button to open the VBScript Editor page and add the -script to run after data collection. - -See the [VBScript Editor](/docs/accessanalyzer/12.0/data-collection/script/editor.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/script/editor.md b/docs/accessanalyzer/12.0/data-collection/script/editor.md deleted file mode 100644 index 1d8e677327..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/script/editor.md +++ /dev/null @@ -1,28 +0,0 @@ -# VBScript Editor - -The VBScript Editor window provides the means to add a script. The window is ideal for editing small -scripts and for pasting larger scripts from external scripting tools. - -![VBScript Editor window](/img/product_docs/accessanalyzer/admin/datacollector/script/vbscripteditor.webp) - -The options in the VBScript Editor are: - -- Save and Close – Use this option to save the script and close the window -- Syntax Check – Use this option to check the syntax of your script. This does not identify logic - errors, only cases where the script syntax is incorrect. It helps reduce the overhead of debugging - a script. When selected, a Script Errors window opens and a syntax check is performed. Any - syntactical errors are displayed within the window. -- Load from file – Use this option to load a VB script from a .vbs file -- Save to file – Use this option to save the current script in the Editor -- Undo – Undo previous changes made to the script (Shortcut is Ctrl+Z) -- Redo – Redo previous changes made to the script (Shortcut is Shift+Ctrl+Z) -- Cut – Cut the highlighted text -- Copy – Copy the highlighted text -- Paste – Paste cut or copied text into the VB Script Editor -- Online VBScript Language Reference – Opens internet browser to the Microsoft Technical - Documentation website from where documentation for Visual Basic Script can be navigated to - -After adding or modifying a script, click **Save and close**. - -See the [Script Example 1: Conversion of Data](/docs/accessanalyzer/12.0/data-collection/script/example-1.md) and -[Script Example 2: Command Query](/docs/accessanalyzer/12.0/data-collection/script/example-2.md) topics for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/script/example-1.md b/docs/accessanalyzer/12.0/data-collection/script/example-1.md deleted file mode 100644 index 12a4585031..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/script/example-1.md +++ /dev/null @@ -1,60 +0,0 @@ -# Script Example 1: Conversion of Data - -This script example demonstrates how to perform a query and modify returned data. The script -provides the data collector with the information that would have been provided if the user interface -had been used to design the query. However, in this case it is all done through script. The data -collector returns a value that is then converted and stored by Access Analyzer. - -This script starts by defining a query using the Perfmon Data Collector. Notice that the -**WorkingQuery** object is used, not the Query object. This is done to preserve the Query object, -since the Query object will be used to store the results that are different from what the data -collector is providing. - -The script then issues the query by calling `WorkingQuery.Execute`. When the query completes, -**WorkingQuery** is set to view the first row of results by setting the **ResultRow** property. The -value within the **System Up Time** property is then transferred into the `REMAINDER` variable so -that it can be more easily manipulated. - -The script then takes the value of `REMAINDER`, which is in seconds, and converts it to days, hours, -minutes, and seconds. These values are then recorded in the Query object so that Access Analyzer can -store this data. - -**NOTE:** In this task, the hours, minutes, and seconds properties were specified manually using the -task dialog. See the [Script Properties](/docs/accessanalyzer/12.0/data-collection/script/properties.md) topic for additional information. - -## Example of Conversion of Data Script - -The conversation of data script example is: - -``` -Sub Task() -Dim DAYS -Dim HRS -Dim MINS -Dim SECS -Dim REMAINDER  -WorkingQuery.Host=Query.Host -WorkingQuery.Source="Perfmon" -WorkingQuery.Paths=1 -WorkingQuery.Path(0)="System\System Up Time" -WorkingQuery.AddProperty  "NAME=System Up Time,DATATYPE=NUMERIC,VALUE=,COLUMN=UPTIME" -WorkingQuery.Execute -WorkingQuery.ResultRow=0 -REMAINDER=WorkingQuery.ResultData("System Up Time")  -Query.ResultRows=1 -Query.ResultRow=0  -'Calculate days/hrs/mins/secs -DAYS=INT(REMAINDER/86400) -REMAINDER=REMAINDER-(DAYS*86400) -HRS=INT(REMAINDER/3600) -REMAINDER=REMAINDER-(HRS*3600) -MINS=INT(REMAINDER/60) -SECS=INT(REMAINDER-(MINS*60))  -Query.ResultData("SecondsElapsed")=INT(WorkingQuery.ResultData("System Up Time")) -Query.ResultData("Days")=DAYS -Query.ResultData("Hrs")=HRS -Query.ResultData("Mins")=MINS -Query.ResultData("Secs")=SECS -End Sub - -``` diff --git a/docs/accessanalyzer/12.0/data-collection/script/overview.md b/docs/accessanalyzer/12.0/data-collection/script/overview.md deleted file mode 100644 index 041e62406c..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/script/overview.md +++ /dev/null @@ -1,34 +0,0 @@ -# Script Data Collector - -The Script Data Collector provides VB Script exit from Access Analyzer. Static queries are sometimes -inadequate for demanding auditing tasks. The Script Data Collector provides a means to add a custom -script to a query. Access Analyzer implements Microsoft Visual Basic Script (VB Script) with -extensions that provide script writers the ability to interface directly with Access Analyzer. - -The following examples describe situations where using a script may be useful: - -- Conversions – One of the most frequent uses of a scriptis for converting a value from one thing to - another, for example `build1230` to `at risk`. See the - [Script Example 1: Conversion of Data](/docs/accessanalyzer/12.0/data-collection/script/example-1.md) topic for additional information. -- Compound Queries – This is a query that cannot be performed using a single query. See the - [Script Example 2: Command Query](/docs/accessanalyzer/12.0/data-collection/script/example-2.md) topic for additional information. -- Interfacing with External Systems – This is a query that requires access to external data. For - example, the query needs to access a corporate database to obtain a location code. - -The Script Data Collector is a core component of Access Analyzer, but it has been preconfigured -within the Windows Solution. While the data collector is available with all Access Analyzer license -options, the Windows Solution is only available with a special Access Analyzer license. See the -[Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information. - -Protocols - -- VB Script - -Ports - -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group -- Member of the Domain Administrators group (if targeting domain controllers) diff --git a/docs/accessanalyzer/12.0/data-collection/script/properties.md b/docs/accessanalyzer/12.0/data-collection/script/properties.md deleted file mode 100644 index 4ff55ba175..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/script/properties.md +++ /dev/null @@ -1,58 +0,0 @@ -# Script Properties - -The Data Source tab is used to select the data collector to be used. The configurable options are: - -- Source – Used to select data collector -- Path – Displays the returned path from the data collector - - **CAUTION:** Editing the path is considered an advanced operation. Entering an incorrect value - may render the query inoperable. - - - The path is used to identify the selection from within the data collector. The path - essentially tells the data collector where the data is and depending on the data collector, - may define selected options. It is sometimes convenient to edit the path manually. - - For example: If defining a file system query using the File System Data Collector, the path - would automatically be filled in with the selected details. A minor change like changing the - file location can be done manually by editing the path. - -- Properties – As the Path is used to define where the target data is, the properties are used to - define what data is desired. Each property has a series of attributes including: - - - Name – Identifies the target data. Modifying this affects what data the data collector - returns. - - Column – Specifies the column name within the result data. Use this to specify the column name - that will be used within the report output. This is set by default to match the **Name** - attribute. - - DataType – Used to determine the format of the data for reporting purposes. It affects sorting - order and the ability to graph content. In some cases, the data collector is unable to - determine the correct data type for the returned data. - - **CAUTION:** Setting this value manually to an incorrect data type may render your results - invalid and inaccessible by Access Analyzer. - - - For example: Querying the registry for a value stored as **REG_SZ** returns a string, as - **REG_SZ** is a string type in the registry. However, sometimes numbers are recorded in - **REG_SZ** entries. If you determine that the content returned could always be interpreted as - numeric, you could override the default `STRING` value and set it to `NUMERIC`. This provides - proper sorting and charting ability. - -- Size – Used to determine the width of the field used to hold String data. Setting the size smaller - than the actual returned data will cause Access Analyzer to truncate the data in the view. - However, the actual stored data in the result table will contain the full result. -- Value – Reserved for internal use -- Key – Used to identify a key property. A key property is used to identify the property that - contains a unique value for enumerated tasks. A Key value is required for Change Detection and - Conformance Management on enumerated tasks. To identify a property that uniquely identifies each - row, set the Key attribute to `YES`. - -## Adding and Removing Properties Manually - -Although the property list is automatically populated by the data collectors, additional properties -may be added manually. Doing so allocates storage within Access Analyzer during data collection and -creates corresponding columns in the output table. Use a script to reference and populate these -properties. - -![Properties on the Query Properties window](/img/product_docs/activitymonitor/activitymonitor/install/agent/properties.webp) - -To add properties manually, click the plus (**+**) button at the bottom of the property window. To -remove properties, click the minus (-) button. diff --git a/docs/accessanalyzer/12.0/data-collection/script/reference.md b/docs/accessanalyzer/12.0/data-collection/script/reference.md deleted file mode 100644 index 853bac0737..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/script/reference.md +++ /dev/null @@ -1,20 +0,0 @@ -# Script Reference - -Access Analyzer provides extensions to standard Visual Basic Script. These extensions allow access -to and manipulation of task data, in addition to invoking queries. They are implemented through two -objects. - -Query Object - -The Query object provides access to the current query configuration and data. Use this to examine -the results of a query or to manipulate the query before it is executed. Changing properties of this -object will change the way the task is executed by Access Analyzer. - -Working Query Object - -The Working Query object is identical to the Query object. This object supports the same methods and -properties as the Query object but its properties and methods do not access the current query. Think -of this object as allowing the ability to create a task on the fly. Use this object to perform -queries, while leaving the original task undisturbed. This is valuable when performing compound -queries isneeded. See the [Script Example 2: Command Query](/docs/accessanalyzer/12.0/data-collection/script/example-2.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/data-collection/script/run.md b/docs/accessanalyzer/12.0/data-collection/script/run.md deleted file mode 100644 index 180325a90f..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/script/run.md +++ /dev/null @@ -1,20 +0,0 @@ -# Run a Stand-Alone Script - -Some situations require a script to be used exclusively without defining a data source. The Query -Properties window provides the ability to add and run a script. - -Follow the steps to add a script. - -**Step 1 –** Go to the job's **Configure** node and select **Queries**. - -**Step 2 –** Click **Create Query** to open the Query Properties window. - -**Step 3 –** Select the **Data Source** tab, and select **SCRIPT** in the Data Collector drop-down -menu. - -![Query Properties window](/img/product_docs/accessanalyzer/admin/datacollector/script/querypropertiesstandalone.webp) - -**Step 4 –** Click **Configure** or the **Browse Data Source** button to open the VBScript Editor -page and add the script to run. - -See the [VBScript Editor](/docs/accessanalyzer/12.0/data-collection/script/editor.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/services/index.md b/docs/accessanalyzer/12.0/data-collection/services/index.md deleted file mode 100644 index e3b3e407ef..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/services/index.md +++ /dev/null @@ -1,40 +0,0 @@ -# Services Data Collector - -The Services Data Collector enumerates status and settings from remote services. The Services Data -Collector is a core component of Access Analyzer, but it has been preconfigured within the Windows -Solution. While the data collector is available with all Access Analyzer license options, the -Windows Solution is only available with a special Access Analyzer license. See the -[Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group - -## Services Query Configuration - -The Services Data Collector is configured through the Service Browser window. - -![Service Browser window](/img/product_docs/accessanalyzer/admin/datacollector/servicebrowser.webp) - -- Host – Enter a sample host which contains all of the services desired for the query -- All Services – Select this option to build the query to extract information from all services on - the target host -- Specific Services – Select this option to build the query to extract information from specific - services on the target host. Select the checkboxes next to the desired services for the query - after clicking **Connect**. -- Connect – Click **Connect** to connect to the host and display a list of all services found -- Available Properties – Select the properties to be returned - -**NOTE:** In cases where the query does not find the selected services on the target host, the -`InternalName` column that is returned reflects the `DisplayName` column and no other values are -retrieved. If the services are found on the host, the `DisplayName` value in the table is resolved. diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/collection-method.md b/docs/accessanalyzer/12.0/data-collection/smart-log/collection-method.md deleted file mode 100644 index 523590b949..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/collection-method.md +++ /dev/null @@ -1,28 +0,0 @@ -# SMARTLog: Collection Method - -The Collection Method page is used to select the collection method employed by the data collector. -It is a wizard page for all log types. - -![SMART Log DC Wizard Collection Method page](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/collectionmethod.webp) - -Select the collection method from the following options to set how the collection routine is -executed to collect the data from the target. - -- Using network query – Connects to the target log over the network via RPC and reads events -- Using server side applet – Deploys a remote executable to the target host and then runs as a - process on the target host. It connects to the log, retrieves information, and returns it to the - Access Analyzer Console. - - **NOTE:** The applet cannot be used to target the local host. - -- Copy the log locally and process (Not available for all query scenarios) – Extract events from an - offline log by moving the log to the Access Analyzer Console and having it processed on the local - host instead of the target host. In order to use this option, the log type selected for the query - must be **Windows Event Log (Archived)**. - -The Applet Options section is only visible when the **Using server side applet** collection method -is selected. - -- Connection retries count – The number of times to retry a failed connection. The default is 15. -- Retry delay (ms) – The time between retries of a failed connection. The default is 5000 - milliseconds (5 seconds). diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/criteria.md b/docs/accessanalyzer/12.0/data-collection/smart-log/criteria.md deleted file mode 100644 index f2eb9d0bc8..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/criteria.md +++ /dev/null @@ -1,41 +0,0 @@ -# SMARTLog: Criteria - -The Criteria page is used to specify the search criteria. A test query can be run with the sample -host entered on the Sample Host page to confirm the results that will be returned by the query. It -is a wizard page for all log types. - -![SMART Log DC Wizard Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The **Limit number of records to** setting has a default of `1000`. - -Follow the steps to configure the search criteria. - -![Filter button on Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/criteriafilter.webp) - -**Step 1 –** Click **Filter** to add a condition or a group to the root of the query. - -- Click the ellipsis (**…**) to add a new condition or group under an existing group - -![Configure search](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/criteriarecordnumber.webp) - -**Step 2 –** Click **RecordNumber** to configure the search to look for specific events or a range -of events. - -**Step 3 –** Click **equals** and **``** to further configure the condition as required. - -**Step 4 –** (Optional) At the root or group level, click **AND** to change the logical operator for -that level. The available options are **AND**, **OR**, **NOT AND**, and **NOT OR**. - -**Step 5 –** Repeat steps 1 to 4 to configure all necessary criteria. - -- To remove a row (condition or group), click the ellipsis (**…**) on the row and select **Remove - Row** -- To remove all currently configured criteria, click **Filter** and select **Clear All** - -**Step 6 –** Click **Show data** to run a test query and sample the data that will be returned that -is connected to a target log based upon the configured criteria. The data is displayed in the -Records found table. - -The search criteria has now been configured and the results it returns tested. Configure the -criteria further if the returned results are not as expected, or click **Next** to continue to the -next wizard page. diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/event-log-options.md b/docs/accessanalyzer/12.0/data-collection/smart-log/event-log-options.md deleted file mode 100644 index 85fc3a06ce..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/event-log-options.md +++ /dev/null @@ -1,11 +0,0 @@ -# SMARTLog: Event Log Options - -The Event Log Options page is used to configure additional options. It is a wizard page for all log -types. - -![SMART Log DC Wizard Event Log Options page](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/eventlogoptions.webp) - -The following additional options can be selected: - -- Lookup user name – Resolves SIDs found in the event descriptions to friendly display name values -- Resolve GUIDs – Resolves GUIDs found in the event descriptions to friendly display name values diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/log-state.md b/docs/accessanalyzer/12.0/data-collection/smart-log/log-state.md deleted file mode 100644 index cd72f56d9c..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/log-state.md +++ /dev/null @@ -1,11 +0,0 @@ -# SMARTLog: Log State - -The Log State page is used to configure how to search the log. It is a wizard page for all log -types. - -![SMART Log DC Wizard Log State page](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/logstate.webp) - -Select the **Persist log state** checkbox to search the log from where the search last left off. A -state file is created for each host configured in the query. State files can be viewed within Access -Analyzer and are named by the query GUID. State files display the record the search last left off -on, the event log, and the date of the last entry. diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/log-type.md b/docs/accessanalyzer/12.0/data-collection/smart-log/log-type.md deleted file mode 100644 index 40473c7cdb..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/log-type.md +++ /dev/null @@ -1,37 +0,0 @@ -# SMARTLog: Log Type - -The Log Type page is used to select the log type to be processed. - -![SMART Log DC Wizard Log Type page](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/logtype.webp) - -The log types are: - -- Windows Event Log – Connects to and extract information from any Windows event log made available - on the target host -- Windows Event Log (Archived) – Extract events from an offline log by moving the log to the Access - Analyzer Console and having it processed on the local host instead of the target host -- Internet Information Server Log – An Exchange query that returns information from Outlook Web - Access IIS logs found on CAS servers - - - The IIS log must be configured to generate specific columns in order for the SMARTLog Data - Collector to audit them. See the - [IIS Log Auditing Requirements](#iis-log-auditing-requirements) topic for additional - information. - -- File Change Detection Log – This is a legacy option. It should not be selected. - -## IIS Log Auditing Requirements - -The SMARTLog Data Collector needs the IIS logs to generate the following columns: - -- Date (date) -- Time (time) -- ClientIP (c-ip) -- UserName (cs-username) -- UriSteam (cs-uri-stem) -- UriQuery (cs-uri-query) -- Protocol Status (HttpStatus) -- Protocol substatus (HttpSubStatus) -- BytesSent (sc-bytes) -- BytesRecv (cs-bytes) -- UserAgent (cs(User-Agent)) diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/overview.md b/docs/accessanalyzer/12.0/data-collection/smart-log/overview.md deleted file mode 100644 index 07bb24a9d2..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/overview.md +++ /dev/null @@ -1,57 +0,0 @@ -# SMARTLog Data Collector - -The SMARTLog Data Collector provides search and extraction of details from Windows Event Logs -(online or offline) and Microsoft Exchange Internet Information Server (IIS) logs. - -The SMARTLog Data Collector is a core component of Access Analyzer, but it has been preconfigured -within the Active Directory Solution, Exchange Solution, SQL Solution, and the Windows Solution. -While the data collector is available with all Access Analyzer license options, these solutions are -only available with a special Access Analyzer licenses. See following sections for additional -information: - -- [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/active-directory/overview.md) -- [Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) -- [SQL Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/overview.md) -- [Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) - -Protocols - -- Log -- Remote Event -- RPC - -Ports - -- TCP 135 -- TCP 445 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Domain Administrators group (if targeting domain controllers) -- Member of the local Administrators group - -See the -[Exchange Remote Connections Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/remote-connections.md) -topic for additional information related to permissions required for targeting Exchange servers. - -## SMARTLog Query Configuration - -The SMARTLog Data Collector is configured through the SMART Log DC Wizard, which contains the -following wizard pages: - -- Welcome -- [SMARTLog: Log Type](/docs/accessanalyzer/12.0/data-collection/smart-log/log-type.md) -- [SMARTLog: Sample Host](/docs/accessanalyzer/12.0/data-collection/smart-log/sample-host.md) -- [SMARTLog: Target Log](/docs/accessanalyzer/12.0/data-collection/smart-log/target-log.md) -- [SMARTLog: Results](/docs/accessanalyzer/12.0/data-collection/smart-log/results.md) -- [SMARTLog: Criteria](/docs/accessanalyzer/12.0/data-collection/smart-log/criteria.md) -- [SMARTLog: Collection Method](/docs/accessanalyzer/12.0/data-collection/smart-log/collection-method.md) -- [SMARTLog: Log State](/docs/accessanalyzer/12.0/data-collection/smart-log/log-state.md) -- [SMARTLog: Event Log Options](/docs/accessanalyzer/12.0/data-collection/smart-log/event-log-options.md) -- [SMARTLog: Summary](/docs/accessanalyzer/12.0/data-collection/smart-log/summary.md) - -![SMART Log DC Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -There are no configurable settings on the Welcome page. Click **Next** to proceed to the Log Type -page. diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/results.md b/docs/accessanalyzer/12.0/data-collection/smart-log/results.md deleted file mode 100644 index 4eb6112990..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/results.md +++ /dev/null @@ -1,11 +0,0 @@ -# SMARTLog: Results - -The Results page is where the events to be returned by the query are selected. It is a wizard page -for all log types. The description strings within the log records can also be selected for the -query. - -![SMART Log DC Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Click **Check all** to select all properties, **Uncheck all** to deselect all properties, or **Reset -Defaults** to return to the default settings. Available properties vary based on the category -selected. diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/sample-host.md b/docs/accessanalyzer/12.0/data-collection/smart-log/sample-host.md deleted file mode 100644 index a54ae416b4..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/sample-host.md +++ /dev/null @@ -1,54 +0,0 @@ -# SMARTLog: Sample Host - -The Sample Host page is used to configure the host. It is a wizard page for all log types. - -![SMART Log DC Wizard Sample Host page](/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/samplehost.webp) - -Select a host for running a test query on the Criteria page from the following radio buttons: - -- Local Computer – localhost -- Another computer – If selecting another computer for the host, click the ellipsis to open the - Select Computer window. See the [Select Computer Window](#select-computer-window) topic for - additional information. - -## Select Computer Window - -![Select Computer window](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindow.webp) - -If selecting another computer for the host, click the ellipsis to open the Select Computer window -and select a computer. The options in the Select Computer window are: - -- Object Types – Either enter the object type name in the textbox or click **Object Types** to - select the types of objects to find. The default is **Computer**. -- Locations – Click to select the location to search. The default is **Entire Directory**. -- Enter the object name to select – Manually enter objects into the text field - - - Click the **examples** link to access the Microsoft - [Object Picker UI]() - article for additional information - -- Check Names – Click to verify the object names in the text field -- Advanced – Opens a window to perform advanced configurations of the Select Computer function - -![Advanced Select Computer window](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp) - -The Common Queries section is included on the advanced Select Computer window in addition to object -type and location in the original Select Computer window. - -- Name – Select a qualifier from the drop-down menu and enter a name of an object in the associated - text box -- Description – Select a qualifier from the drop-down menu and enter a description in the associated - text box -- Select the **Disabled accounts** checkbox to include disabled accounts in the search -- Select the **Non-expiring password** checkbox to include non-expiring passwords in the search -- Select the number of **Days since last logon** from the drop-down menu -- Click the **Columns** button to open the Choose Columns window - - ![Choose Columns window](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/choosecolumnswindow.webp) - - Select a column from the Columns available or Columns shown lists and click **Add** or - **Remove** to add or remove them from each column - -- Click **Find Now** to run a search for items matching the selected criteria in the location of the - object selected -- Click **Stop** to stop a search in progress diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/summary.md b/docs/accessanalyzer/12.0/data-collection/smart-log/summary.md deleted file mode 100644 index c6c4577eec..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/summary.md +++ /dev/null @@ -1,8 +0,0 @@ -# SMARTLog: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all log types. - -![SMART Log DC Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the SMART Log DC Wizard to ensure that no accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/target-log-type/file-detection-log.md b/docs/accessanalyzer/12.0/data-collection/smart-log/target-log-type/file-detection-log.md deleted file mode 100644 index 8de4744e30..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/target-log-type/file-detection-log.md +++ /dev/null @@ -1,15 +0,0 @@ -# SMARTLog: Target Log for File Detection Log Type - -The Target Log page is where logs are selected to be collected. This version is a wizard page for -the File Change Detection log type. - -![SMART Log DC Wizard Target Log page for File Change Detection Log](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp) - -In the Exec server section, identify the server that will run the data collection by selecting one -of the following options: - -- Automatic (Local for NAS device hosts, Remote for Windows hosts) -- Local Access Analyzer Server -- Specific Remote Server – If selected, enter the server name in the Server textbox - -In the Log files to be processed section, set the filter criteria. diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/target-log-type/windows-event-log.md b/docs/accessanalyzer/12.0/data-collection/smart-log/target-log-type/windows-event-log.md deleted file mode 100644 index 3bc220f815..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/target-log-type/windows-event-log.md +++ /dev/null @@ -1,9 +0,0 @@ -# SMARTLog: Target Log for Windows Event Log Type - -The Target Log page is where logs are selected to be collected. This version is a wizard page for -the log type of Windows Event Log. - -![SMART Log DC Wizard Target Log page for Windows Event Log](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp) - -Only one log can be targeted per query task. The selected log is displayed at the bottom of the -wizard page. diff --git a/docs/accessanalyzer/12.0/data-collection/smart-log/target-log.md b/docs/accessanalyzer/12.0/data-collection/smart-log/target-log.md deleted file mode 100644 index 91a5c03331..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/smart-log/target-log.md +++ /dev/null @@ -1,25 +0,0 @@ -# SMARTLog: Target Log - -The Target Log page is where logs are selected to be collected. There are three versions of this -wizard page that change based on log type. This version is a wizard page for the log types of: - -- Windows Event Log (Archived) -- Internet Information Server Log - -See the [SMARTLog: Target Log for Windows Event Log Type](/docs/accessanalyzer/12.0/data-collection/smart-log/target-log-type/windows-event-log.md) and -[SMARTLog: Target Log for File Detection Log Type](/docs/accessanalyzer/12.0/data-collection/smart-log/target-log-type/file-detection-log.md) topics for -information on the other versions of this wizard page. - -![SMART Log DC Wizard Target Log page](/img/product_docs/accessanalyzer/admin/datacollector/smartlog/targetlog.webp) - -The configurable options are: - -- Path – Enter or browse to the path to the log -- File mask – Enter file names to limit the file names to return from the path entered. Asterisks - can be used for wildcards. For example, `u_ex*.log` would match **u_ex170530.log**. When no mask - is set, all files from the listed path are returned. -- Log files to be processed – Select from the following options: - - - All - - Today - - For the last – Select the number of days or hours diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/activity-date-scope.md b/docs/accessanalyzer/12.0/data-collection/spaa/activity-date-scope.md deleted file mode 100644 index 2591e0ba2f..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/activity-date-scope.md +++ /dev/null @@ -1,24 +0,0 @@ -# SPAA: Activity Date Scope - -The Activity Date Scope page is where the range of dates for which the SharePoint activity scan will -collect data is configured. It is a wizard page for the category of Scan SharePoint Activity. - -![Activity Date Scope page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/activitydatescope.webp) - -Use the radio buttons to select the **Scan Filters**. - -- Relative Timespan - - Collect Activity from the last 180 days – The number of days to collect activity can be - configured with the up and down arrows - - Retain data – The timespan for data retention. Select from the drop-down list: - - within timespan - - forever -- Absolute Timespan - - - Start date – Click the down arrow to access the calendar and select the start date for data - collection - - End date – Click the down arrow to access the calendar and select the end date for data - collection - - **NOTE:** Selecting Absolute Timespan will not affect activity data collected during Relative - Timespan scans. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/activity-log-locations.md b/docs/accessanalyzer/12.0/data-collection/spaa/activity-log-locations.md deleted file mode 100644 index 92e8bf7e7a..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/activity-log-locations.md +++ /dev/null @@ -1,38 +0,0 @@ -# SPAA: Activity Log Locations - -The Activity Log Locations page is where to manually configure log locations to avoid requiring -remote registry access to locate the activity event log files. It is a wizard page for the category -of Scan SharePoint Activity. - -![Activity Log Locations page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/activityloglocations.webp) - -The options in the Activity Log Locations page are: - -- Add – Opens the Customize Activity Log UNC Paths location window to add a new host -- Add Default – Opens the Customize Activity Log UNC Paths location window for the default host -- Edit – Opens the Customize Activity Log UNC Paths window for the selected host. If edits are made, - click **OK** to save the changes. -- Remove – Removes the selected host - -![Customize Activity Log UNC Paths Window](/img/product_docs/accessanalyzer/admin/datacollector/spaa/customizeactivityloguncpaths.webp) - -The options in the Customize Activity Log UNC Paths Window are: - -- Host name – Host name of the targeted SharePoint On-Premises server or SharePoint Online tenant -- SBTFileMon.ini UNC path – UNC path to the location of the **SBTFileMon.ini** file (as configured - in **Activity Monitor** > **Monitored Hosts**) -- Activity log UNC path – UNC path to the location of the **SBTFileMon_Logs** folder containing the - Activity Logs (as configured in **Activity Monitor** > **Monitored Hosts**) - - **NOTE:** For On-Premises environments you do not need to specify an Activity Log UNC path as - the Data Collector will default to finding the log locations via the registry. - -- Activity archive UNC path – UNC path to the archive location of Activity Logs (as configured in - **Activity Monitor** > **Agents**). If archiving is not enabled in Activity Monitor this can be - left blank. - -**NOTE:** In any UNC paths, `%HOST%` will be replaced with the host name. - -See the Getting Started with SharePoint & SharePoint Online Activity Monitor topic in the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/additional-scoping.md b/docs/accessanalyzer/12.0/data-collection/spaa/additional-scoping.md deleted file mode 100644 index 14d2f93777..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/additional-scoping.md +++ /dev/null @@ -1,26 +0,0 @@ -# SPAA: Additional Scoping - -The Additional Scoping page is where the scan can be limited by depth of the scan. It is a wizard -page for the categories of: - -- Scan SharePoint Access -- Scan For Sensitive Content - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -![Additional Scoping page](/img/product_docs/accessanalyzer/admin/datacollector/box/additionalscoping.webp) - -If checked, set the **Limit scanned depth to: [number] level(s)** option to the desired depth. If -this option is not checked then the entire farm is scanned. If the scoping depth is set to **0** -then only root site collections are scanned. Each increment to the depth adds an additional level of -depth from that point. - -Check the **Perform differential scan** box to enable the job to run a differential scan. -Differential scanning is enabled by default. When this option is enabled, SPAA scan will only parse -files for content/SDD if it has been modified since the last scan. - -**NOTE:** This option only applies to Tag collection and Sensitive data collection. Files will be -still be scanned for permissions regardless of whether this option is checked or not. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/agent-settings.md b/docs/accessanalyzer/12.0/data-collection/spaa/agent-settings.md deleted file mode 100644 index 53a2ea8d6a..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/agent-settings.md +++ /dev/null @@ -1,19 +0,0 @@ -# SPAA: Agent Settings - -The Agent Settings page is where the SharePoint Agent Service is configured. It is a wizard page for -the category of Scan SharePoint Access. - -![Agent Settings page](/img/product_docs/activitymonitor/activitymonitor/install/agent/windowsagent.webp) - -The **Enable Agent Service Scans** checkbox enables collecting SharePoint data through the agent -services instead of directly from SharePoint. This option requires a **Network Port** to be entered. -Agent Service Identity radio buttons are: - -- Use Job Credentials when job has same credentials as agent services -- Use Custom Identity for other agent service credential scenarios - - Specify identity in the format `spn:name` or `upn:name` - - The token `%HOST%` may be substituted for the host name - -This option requires the SharePoint Agent to be installed on the application server. See the -[SharePoint Agent Installation](/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/overview.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/bulk-import-settings.md b/docs/accessanalyzer/12.0/data-collection/spaa/bulk-import-settings.md deleted file mode 100644 index 002c9ec8be..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/bulk-import-settings.md +++ /dev/null @@ -1,14 +0,0 @@ -# SPAA: Bulk Import Settings - -The Bulk Import Settings page is where the bulk import process settings are configured. It is a -wizard page for the categories of: - -- Bulk Import Access Scan Results -- Bulk Import Sensitive Content Scan Results - -![Bulk Import Settings page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp) - -Subsequent hosts in job lists will get host IDs incremented by 1. The Host Identifier may require an -offset to avoid overlapping IDs in collected data. If the **Set Host ID** checkbox is left -unchecked, then Access Analyzer assigns values starting from 1 to every host. This feature is -intended only for SQL Server Replication. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/category.md b/docs/accessanalyzer/12.0/data-collection/spaa/category.md deleted file mode 100644 index 61d79cc8c9..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/category.md +++ /dev/null @@ -1,28 +0,0 @@ -# SPAA: Category - -The SPAA Data Collector Category page contains the following query categories, sub-divided by -auditing focus: - -![Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The options on the Category page are: - -- The **SharePoint Access Audits** category scans hosts for SharePoint access information and has - two selections to choose from: - - Scan SharePoint Access – Performs SharePoint access audits - - Bulk Import Access Scan Results – Imports SharePoint access scan results into the Access - Analyzer database -- The **Sensitive Content** category scans hosts for sensitive data information and has two - selections to choose from: - - Scan for Sensitive Content – Scans for sensitive content on SharePoint - - Bulk Import Sensitive Content Scan Results – Imports sensitive content scan results into the - Access Analyzer database -- The **SharePoint Activity Audits** category scans hosts for SharePoint activity information and - has two selections to choose from: - - Scan SharePoint Activity – Scans SharePoint activity log files - - Bulk Import SharePoint Activity Scan Results – Imports SharePoint activity into the Access - Analyzer database - -_Remember,_ the sensitive data discovery options require the Sensitive Data Discovery Add-On to be -installed on the Access Analyzer Console. If the SharePoint Agent is used, then it must also be -installed on the application server that hosts the Central Administration component. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/configure-job.md b/docs/accessanalyzer/12.0/data-collection/spaa/configure-job.md deleted file mode 100644 index 5a2ffd9495..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/configure-job.md +++ /dev/null @@ -1,104 +0,0 @@ -# SharePoint Custom Connection Profile & Host List - -The SPAA Data Collector requires a custom Connection Profile and a custom host list to be created -and assigned to the job conducting the data collection. The host inventory option during host list -creation makes it necessary to configure the Connection Profile first. While SharePoint on-premises -uses the Active Directory account type for the credential within a Connection Profile, it is -necessary for online credentials to be listed first in the credentials list within a Connection -Profile housing credentials to both environments. - -## SharePoint Farm - -This section describes the process to configure the Connection Profile and custom host list for -scanning SharePoint On-Premises. - -### SharePoint Farm Credential for a Connection Profile - -The provisioned credential used should be an Active Directory account. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Active Directory Account -- Domain – Drop-down menu with available trusted domains displays. Either type the short domain name - in the textbox or select a domain from the menu. -- User name – Type the user name -- Password Storage – Choose the for credential password storage: - - Application – Uses Access Analyzer’s configured Profile Security setting as selected at the - **Settings** > **Application** node - - CyberArk – Uses the CyberArk Enterprise Password Vault -- Password – Type the password -- Confirm – Re-type the password - -Once the Connection Profile is created, it is time to create the custom host list. See the -[Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. - -### SharePoint Farm Host in a Custom Host List - -The custom host list should include: - -- One application server per farm -- Host name without a domain suffix, this means the host name should not contain a period character - -See the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) section for instruction on creating a -custom static host list. - -## SharePoint Online - -This section describes the process to configure the Connection Profile and custom host list for -scanning SharePoint Online using Modern Authentication. - -### SharePoint Online Credential for a Connection Profile using Modern Authentication - -The provisioned credential should be an Microsoft Entra ID Application. See the -[SharePoint Online Access & Sensitive Data Auditing Configuration](/docs/accessanalyzer/12.0/configuration/sharepoint-online/access.md) -topic for instructions on registering and provisioning the Microsoft Entra ID Application manually -or via the SP_RegisterAzureAppAuth Instant Job. - -Create a Connection Profile and set the following information on the User Credentials window: - -- Select Account Type – Azure Active Directory -- Client ID – Application (client) ID of the Access Analyzer application registered with Microsoft - Entra ID -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) - topic for additional information.) -- Key – The comma delimited string containing the path to the certificate PFX file, certificate - password, and the Microsoft Entra ID environment identifier ( - `CertPath,CertPassword,AzureEnvironment`) - - The `AzureEnvironment` is typically 0 for the default Azure Production Environment. Other - possible values are: - - - 1 – PPE - - 2 – China - - 3 – Germany - - 4 – US Government - - 5 – US Government-High - - 6 – US Government-DoD - - An example string matching the configuration from above is: - - C:\Program Files - (x86)\STEALTHbits\StealthAUDIT\PrivateAssemblies\spaa_cert_myorg.pfx,PasswordGoesHere,0 - - **NOTE:** `PasswordGoesHere` should be replaced with the password used when generating the - self-signed X.509 certificate if the Microsoft Entra ID Application was Registered and - Provisioned manually or the $appPassword parameter used in the SP_RegisterAzureAppAuth Instant - Job if that method was used. - -Once the Connection Profile is created, it is time to create the custom host list. See the -[Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. - -### SharePoint Online Host in a Custom Host List - -The custom host list should include: - -- Web or cloud hosts should be specified using the full web DNS part of the site URL, for example an - Office 365 site with the URL http://TestSite.sharepoint.com should be added as a host with name - TestSite.sharepoint.com -- Do not use the admin site, for example TestSite-admin.sharepoint.com -- Do not use IP Addresses -- Host name must be in DNS format - -See the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) topic for instructions on creating a custom -static host list. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/dlp-audit-settings.md b/docs/accessanalyzer/12.0/data-collection/spaa/dlp-audit-settings.md deleted file mode 100644 index dcbda1f464..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/dlp-audit-settings.md +++ /dev/null @@ -1,40 +0,0 @@ -# SPAA: DLP Audit Settings - -The DLP Audit Settings page is where sensitive data discovery settings are configured. It is a -wizard page for the category of Scan For Sensitive Content. - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -![DLP Audit Settings page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/dlpauditsettings.webp) - -Configure the **Scan Performance** options: - -- Don’t process files larger than: Size Limit [number] MB – Limits the files to be scanned for - sensitive content to only files smaller than the specified size. The checkbox is selected by - default. The default size is 2 MB. -- Number of SDD scan processes [number] – Increases the number of SDD scanner processes that spawn - as part of a scan, increasing parallel scanning. The value should not exceed 2x the number of CPU - threads available. - -Use the radio buttons to select the **File types to scan**: - -- Scan typical documents (recommended, fastest) – Scans most common file types -- Scan all document types (slower) – Scans all file types except those excluded -- Scan image files for OCR content – Use optical character recognition to scan image files for - sensitive data content - - **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents - directly converted to images, with standard fonts. It will not work for scanning photos of - documents and may not be able to recognize text on images of credit cards, driver's licenses, or - other identity cards. - -Use the checkboxes to select to **Store Match Hits**: - -- Store discovered sensitive data – Stores match hits for sensitive data in the SPAA Tier 2 - database. If this option is not selected, then the match hits for sensitive data are still - reported but the data columns are masked in the database. -- Limit stored matches per criteria to [number] – Enabled when the Store discovered sensitive data - checkbox is selected. Limits the number of stored matches per criteria to the specified number. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/drop-tables.md b/docs/accessanalyzer/12.0/data-collection/spaa/drop-tables.md deleted file mode 100644 index af9b033f75..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/drop-tables.md +++ /dev/null @@ -1,45 +0,0 @@ -# SPAA Drop Tables & Views Workflow - -If it becomes necessary to clear the SPAA Data Collector tables and views to resolve an issue, the -SP_DropTables Job is preconfigured to run analysis tasks that drop functions and views for the -SharePoint Solution as well as the standard tables and views generated by the **SPAA** Data -Collector. It is available through the Instant Job Library under the SharePoint library. Since this -job does not require a host to target, select **Local host** on the Hosts page of the Access -Analyzer Instant Job Wizard. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic -for additional information. - -## Analysis Tasks for the SP_DropTables Job - -Navigate to the **Jobs** > **SP_DropTables** > **Configure** node and select **Analysis** to view -the analysis tasks. - -**CAUTION:** Applying these analysis tasks will result in the deletion of collected data. - -![SP_DropTables Job Analysis tasks](/img/product_docs/accessanalyzer/admin/datacollector/spaa/droptablesanalysis.webp) - -The default analysis tasks are: - -- 1. Drop SPAA functions – Removes all functions and views from previous runs of the SharePoint - Solution -- 2. Drop SPAC imports – Drops the SharePoint Activity Auditing tables imported from the previous - runs -- 3. Drop SPDLP Tables – Drops the SharePoint Sensitive Data Discovery Auditing (SEEK) tables - imported from the previous runs -- 4. Drop SPAA Tables – Drops the SharePoint Access Auditing tables imported from the previous - runs - -Do not try to run these tasks separately, as they are designed to work together. Follow these steps -to run the analysis tasks: - -**Step 1 –** In the Analysis Selection Pane, click **Select All**. All tasks will be checked. - -**Step 2 –** Right-click the **SP_DropTables** Job and select **Run Job**. The analysis execution -status will be visible from the **Running Jobs** node. - -**Step 3 –** When the job has completed, return to the Analysis Selection Pane and click **Select -All** to deselect these analysis tasks. - -**_RECOMMENDED:_** Do not leave these analysis tasks checked in order to avoid accidental data loss. - -All of these tables have been dropped from the SQL Server database and the data is no longer -available. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/overview.md b/docs/accessanalyzer/12.0/data-collection/spaa/overview.md deleted file mode 100644 index 9e13eb86cb..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/overview.md +++ /dev/null @@ -1,59 +0,0 @@ -# SharePointAccess Data Collector - -The SharePointAccess (SPAA) Data Collector audits access, group membership, and content within a -SharePoint on-premises and SharePoint Online environment. The SPAA Data Collector has been -preconfigured within the SharePoint Solution. Both this data collector and the solution are -available with a special Access Analyzer license. See the -[SharePoint Solution](/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md) topic for additional information. -The SPAA Data Collector has the following requirements: - -Protocols - -- MS SQL -- Remote Registry -- SP CSOM (Web Services via HTTP & HTTPS) -- SP Server API -- WCF AUTH via TCP (configurable) - -Ports - -- Ports vary based on the Scan Mode selected and target environment. See the - [SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) topic for - additional information. - -Permissions - -- Permissions vary based on the Scan Mode selected and target environment. See the - [SharePoint Support](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/sharepoint.md) topic for additional information. - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## SPAA Query Configuration - -The SharePointAccess Data Collector is configured through the SharePoint Access Auditor Data -Collector Wizard. The wizard contains the following pages, which change based up on the query -Category selected: - -- Welcome -- [SPAA: Category](/docs/accessanalyzer/12.0/data-collection/spaa/category.md) -- [SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/12.0/data-collection/spaa/settings.md) -- [SPAA: Scan Scoping Options](/docs/accessanalyzer/12.0/data-collection/spaa/scan-scoping-options.md) -- [SPAA: Additional Scoping](/docs/accessanalyzer/12.0/data-collection/spaa/additional-scoping.md) -- [SPAA: Agent Settings](/docs/accessanalyzer/12.0/data-collection/spaa/agent-settings.md) -- [SPAA: Bulk Import Settings](/docs/accessanalyzer/12.0/data-collection/spaa/bulk-import-settings.md) -- [SPAA: DLP Audit Settings](/docs/accessanalyzer/12.0/data-collection/spaa/dlp-audit-settings.md) -- [SPAA: Select DLP Criteria](/docs/accessanalyzer/12.0/data-collection/spaa/select-dlp-criteria.md) -- [SPAA: Activity Date Scope](/docs/accessanalyzer/12.0/data-collection/spaa/activity-date-scope.md) -- [SPAA: Activity Log Locations](/docs/accessanalyzer/12.0/data-collection/spaa/activity-log-locations.md) -- [SPAA: Test Access](/docs/accessanalyzer/12.0/data-collection/spaa/test-access.md) -- [SPAA: Results](/docs/accessanalyzer/12.0/data-collection/spaa/results.md) -- [SPAA: Summary Page](/docs/accessanalyzer/12.0/data-collection/spaa/summary.md) - -![SPAA Data Collector Wizard Welcome Page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/welcomepage.webp) - -The Welcome page can be hidden by checking the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/results.md b/docs/accessanalyzer/12.0/data-collection/spaa/results.md deleted file mode 100644 index 128868c421..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/results.md +++ /dev/null @@ -1,11 +0,0 @@ -# SPAA: Results - -The Results page is where properties that will be gathered are selected. It is a wizard page for all -of the categories. - -![Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be checked individually, or the **Select All**and **Clear All** buttons can be used. -All checked properties are gathered. Available properties vary based on the category selected. This -information is not available within the standard reference tables. Instead, this information can be -viewed in the table created by the query task, for example SA_1-SPAA_SystemScans_Access table. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/scan-scoping-options.md b/docs/accessanalyzer/12.0/data-collection/spaa/scan-scoping-options.md deleted file mode 100644 index 316df9c4f1..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/scan-scoping-options.md +++ /dev/null @@ -1,90 +0,0 @@ -# SPAA: Scan Scoping Options - -The Scan Scoping Options page provides scoping options to specify the list of URLs to be scanned. It -is a wizard page for the categories of: - -- Scan SharePoint Access -- Scan For Sensitive Content - -![Scan Scoping Options page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptions.webp) - -The options on the Scan Scoping Options page are: - -- Add – When a URL is entered in the text box, adds the URL to the Scope box - - - To scope for a SharePoint Host Named Site Collections, use the text box to enter the URL for - both the Web App and the HNSC with custom non-existent URL extensions added. See the - [Scoping to SharePoint Host Named Site Collections](#scoping-to-sharepoint-host-named-site-collections) - topic for additional information. - - **NOTE:** If sites are included in the Scope box, all other sites are excluded from the scan. - -- Import CSV – Opens a file explorer to browse for a CSV file -- Scope box – Lists all added URLs -- Scope drop-down list – Select include to include a URL in the scan. Select exclude to exclude a - URL from the scan. -- Remove – Removes the selected URL from the Scope box - -## Scoping to SharePoint Host Named Site Collections - -In order to scope to objects within host named site collections, add a scope line which includes the -URL of the web application containing the host named site collection. To scope the host named site -collection URL `http://sample.com/documents/` for a host named site collection that exists under the -web application URL `http://example.com`, follow the steps: - -**Step 1 –** Navigate to the **Scan Scoping Options** page. - -![Enter URL on Scan Scoping Options page example](/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptionswebappurl.webp) - -**Step 2 –** In the text box, enter an invalid URL prefixed with the **Web App URL** which contains -the HNSCs. Click **Add**. - -- In the example the invalid Web App URL is: `http://example.com/hnsc_indicator/` - -**Step 3 –** In the text box, enter the HNSC URL to scope for. Click **Add**. - -- In the example, the HNSC URL entered to filter for is: `http://sample.com/documents/` - -![Scan Scoping Options example](/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsexample.webp) - -**Step 4 –** The Web App URL must appear above the HNSC URL, as depicted in the example above. - -**Step 5 –** The SharePoint Access Auditor Data Collector Wizard is now configured to filter for the -URL inside the SharePoint Host Named Site Collections. - -## Virtual Hosts - -In order to decrease the scan time in large SharePoint Online environments, it is possible to break -Site Collections for a single host down into subsets, or **Virtual Hosts**, that are treated as -separate hosts by Access Analyzer. This allows multiple scans of a single host to be run -concurrently. Follow the steps to configure this. - -![CSV file with host and site collection information](/img/product_docs/accessanalyzer/admin/datacollector/spaa/virtualhostscsv.webp) - -**Step 1 –** Create a new CSV file. Add into rows the information for the host and site collection -URLs you want to scan in the format `HOSTNAME#DESIGNATOR;URL`. - -- Each unique `DESIGNATOR` is treated as a separate host comprised of the specified URLs. - -![Host List for targeting the Virtual Hosts](/img/product_docs/accessanalyzer/admin/datacollector/spaa/virtualhostshostlist.webp) - -**Step 2 –** Configure the Host List for SPAA or SPSEEK scans to target these Virtual Hosts using -the format `HOSTNAME#DESIGNATOR`. - -![SPAA Data Collector Wizard Scan Scoping Options page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp) - -**Step 3 –** On the Scan Scoping Options page of the SharePoint Access Auditor Data Collector -Wizard, use the **Import CSV** button to import the information from the CSV file created in Step 1. - -**Step 4 –** Click **Next** to continue through the other pages of the SharePoint Access Auditor -Data Collector Wizard. Then click **Finish** on the Summary Page. - -Access Analyzer is now configured to scan multiple site collections for the same host concurrently. - -A new host folder is created for each Virtual Host in `Jobs/SA_CommonData/SHAREPOINTACCESS`. You -will also see a separate line on the Running Instances tab for each Virtual Host included in the -scan. - -**NOTE:** The Host List for Bulk Import should be configured to contain each Virtual Host included -in the above scan using the `HOSTNAME#DESIGNATOR` format. After Bulk Import, the data contained in -Tier 1 Database tables and views will resemble a scan run against multiple hosts. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/select-dlp-criteria.md b/docs/accessanalyzer/12.0/data-collection/spaa/select-dlp-criteria.md deleted file mode 100644 index acd4177f3f..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/select-dlp-criteria.md +++ /dev/null @@ -1,33 +0,0 @@ -# SPAA: Select DLP Criteria - -The Select Criteria page is where criteria to be used for discovering sensitive data are configured. -It is a wizard page for the category of Scan For Sensitive Content. - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -![Select DLP criteria for this scan page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/selectdlpcriteria.webp) - -The options on the Select DLP Criteria page are: - -- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings - from the **Settings** > **Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for -- Select All – Click **Select All** to enable all sensitive data criteria for scanning -- Clear All – Click **Clear All** to remove all selections from the table -- Select the checkboxes next to the sensitive data criteria options to enable it to be scanned for - during job execution - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in **Settings** > **Sensitive Data** to create and edit - user-defined criteria. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) - topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/settings.md b/docs/accessanalyzer/12.0/data-collection/spaa/settings.md deleted file mode 100644 index e437989dea..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/settings.md +++ /dev/null @@ -1,76 +0,0 @@ -# SPAA: SharePoint Data Collection Settings - -The SharePoint data collection settings page is where additional scan settings are configured. It is -a wizard page for the categories of: - -- Scan SharePoint Access -- Scan For Sensitive Content - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -![SharePoint data collection settings page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/datacollectionsettings.webp) - -The Probable Owners section provides options for how probable ownership will be calculated: - -- Limit maximum number of Probable Owners per resource: [number] – Return the maximum user supplied - number of probable owners per resource - -The Collect Personal Sites checkbox enables or disables collection during the scan of personal site -collections of individual users. Personal site collections are a SharePoint feature which gives -every user their own site collection, and which are used by Office 365 to store a user’s OneDrive -files. Personal sites are configured by default to only be accessible by the user to whom they -belong, and so it is likely that the Connection Profile that the data collector is assigned may not -have access to some users’ personal sites. There are three radio buttons for identifying how the -query treats personal sites to which it does not have access: - -- Skip inaccessible personal sites – Inaccessible personal sites are not scanned -- Force scan account as admin of inaccessible personal sites – Make the Connection Profile - credentials a Site Collection Administrator of any personal sites to which it does not have - access: - - - The personal sites will be scanned - - When the scan is complete, the permissions are restored to what they were prior to the scan, - referring to those credentials made a Site Collection Administrator of personal sites in order - to conduct the scan. - - Requires the account used in the Connection Profile credentials to have the Global - Administrator role for SharePoint Online or be a Farm Administrator for SharePoint on premise. - This permission is required to facilitate altering the administrators of site collections. - - **NOTE:** The Microsoft SharePoint API employed to remove personal Site Collection - Administrator is unreliable, and occasionally the scanning account is left as a Site - Collection Administrator of personal sites. This may leave the scanning account visible to - SharePoint users on the permissions of the files in their personal sites. - - **_RECOMMENDED:_** Only use this option if that account is clearly identifiable as an - administrative account, and users are advised of the possibility that the account could - appear on the permissions of their personal site collection documents. - -- Force Company Administrator as admin of inaccessible personal sites – Make the special Company - Administrator account an administrator of any personal sites to which it does not have access - - - The personal sites will be scanned - - When the scan is complete, the Company Administrator account is left as an administrator of - the users’ personal site collections - - Requires the account used in the Connection Profile credentials to have the Global - Administrator role for SharePoint Online or be a Farm Administrator for SharePoint on premise. - This permission is required to facilitate altering the administrators of site collections. - - **NOTE:** The Company Administrator account is a special SharePoint Online and SharePoint - 2013 group which contains all accounts which have the Global Administrators role. - -The **Extract Document Tags** option enables the collection of metadata tags from Microsoft Office -files in SharePoint. Since this option requires the retrieval and scanning of each document, it -results in a noticeable increase in scan time. - -- Select a preferred zone – Use the drop-down list to select a preferred zone within the web - application to target the scan. If a targeted web application does not have the selected preferred - zone, the scan targets the default zone for that web application. Options include: - - - Default - - Intranet - - Internet - - Custom - - Extranet diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/summary.md b/docs/accessanalyzer/12.0/data-collection/spaa/summary.md deleted file mode 100644 index 7618bf46df..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# SPAA: Summary Page - -The Summary page is where configuration settings are summarized. It is a wizard page for all of the -categories. - --![Summary Page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/summarypage.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the SharePoint Access Auditor Data Collector Wizard ensuring that no -accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/spaa/test-access.md b/docs/accessanalyzer/12.0/data-collection/spaa/test-access.md deleted file mode 100644 index f4a8e3bb61..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/spaa/test-access.md +++ /dev/null @@ -1,30 +0,0 @@ -# SPAA: Test Access - -Use the Test Access page to check access to SharePoint On-Premises environments. The Test Access -function uses each credential in a job's Connection profile to test access to a SharePoint -environment. The Test Access page tests access to the following: - -- Access to the remote registry -- SQL Access (for databases associated with the SharePoint farms) -- All Web Applications in the SharePoint environment - -![Test Access page](/img/product_docs/accessanalyzer/admin/datacollector/spaa/testaccess.webp) - -The options and sections on the Test Access page are: - -- SharePoint App Server – Enter the server name for the SharePoint environment in the SharePoint App - Server text box. Click **Check Access** to test access to the SharePoint environment. - - - For example – `sbnjqasp30` or `sbnjqasp3.qa.com` - - Do not include `http[s]://` or use a URL for the server name. The Test Access function cannot - be scoped to individual Web applications. - -- Access Test Results – Displays information on test results. Test criteria are listed in the - **Description** column. Test results will be returned as either **Pass** or **Fail** in the - Results column. -- Save Report – Click **Save Report** to export and save a text version of the test results - -| | | -| ------------------------------------------------------------------------------------------------------------ | --------------------------------------------- | -| ![Successful test example](/img/product_docs/accessanalyzer/admin/datacollector/spaa/testaccessbadtest.webp) | -| **Successful Test (Correct Credentials)** | **Unsuccessful Test (Incorrect Credentials)** | diff --git a/docs/accessanalyzer/12.0/data-collection/sql/category.md b/docs/accessanalyzer/12.0/data-collection/sql/category.md deleted file mode 100644 index 100ce1ffc8..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/category.md +++ /dev/null @@ -1,141 +0,0 @@ -# SQL: Category - -The Category page in the SQL Data Collector Wizard lists the available query categories, sub-divided -by auditing focus. - -![SQL Data Collector Wizard Category Page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The query categories are: - -- Permissions - - - Permissions Collection – Gather permissions on server and database objects - -- Server Audits - - - Server Audits Events Collection – Gather events from SQL server audits - -- Sensitive Data - - - Sensitive Data Collection – Scan databases for sensitive data - -- Microsoft SQL Server - - - Discovery - - - Enumerate Network – Enumerate local network for browsable SQL server instances visible to - the storage host - - - Custom SQL Query - - - Custom Query – Run a custom SQL query against a SQL database - - - Infrastructure - - - Server Properties – Information about the server - - Configuration Properties – Information about server configuration - - Version Information – Version information about Microsoft SQL server - - File Groups – File group information - - Files – File information - - Database Information – Information about databases - - - Operations - - - Database Without Backups – List of all databases without backups - - Latest Week Backups – List of latest week database backups - - - Utilities - - - Remove Storage Tables – Removes the tables created and used by the SQL server data - collector - - - Legacy Queries - - - Server Principles – Data for every server level principal - - Database Principles – Data for every database level principal - - Server Permissions – Data about server permissions - - Database Permissions – Data about database permissions - - Server Roles – Data about server roles - - Database Roles – Data about database roles - - System Objects – Data about system objects - - Object Collection – Collects SQL server objects - -- Oracle - - - Custom Oracle Query - - - Custom Oracle Query – Run a custom SQL query against an Oracle container - - - Infrastructure - - - Version Information – Version information about the Oracle database - - File Group Information – Information about file groups and tablespaces - - Data File Information – Information about data files - - Database Information – Information about database configurations - - Initialization Parameter Information – Information about initialization parameters - - System Parameter Information – Information about system parameters - - Container Information – Information about the containers of the databases, both root and - pluggable - - Pluggable Databases History – View of the pluggable databases (PBD) history - - Database Instance Information – Shows information about the current instance of the - database - - Free Space in Tablespaces – Describes the free extents in all tablespaces in the database - - - Operations - - - Latest Week Backup – Information about the latest week backup - - Oldest and Newest Backup – Information about the oldest and the most recent backups - - Database File Without Backup – Indicates file names of the files that are not present in - the RMAN backup - - - Utilities - - - Remove Storage Tables – Removes the tables created and used by the Oracle Data Collector - -- Azure SQL - - - Discovery - - - Enumerate Azure SQL Instances – Enumerate Azure SQL instances and Azure resources - - - Utilities - - - Remove Storage tables – Removes the tables created and used by Azure SQL Discovery - -- MySQL - - - Custom MySQL Query - - - Custom Query – Run a custom SQL query against a SQL database - - - Utilities - - - Remove Storage Tables – Removes tables created for MySQL Data Collector - -- PostgreSQL - - - Custom PostgreSQL Query - - - Custom Query – Run a custom SQL query against a SQL database - - - Utilities - - - Remove Storage Tables – Removes tables created for PostgreSQL Data Collector - -- Db2LUW - - - Custom Db2LUW Query - - - Custom Query – Run a custom SQL query against a SQL database - - - Utilities - - - Remove Storage Tables – Removes tables created for Db2LUW Data Collector - - - Db2LUW Permissions Scan - - - Db2LUW Permissions Scan – Collect permissions from the targeted instances - -- Utilities - - - Remove Storage Data – Removes stored data for specific instances on a specific host diff --git a/docs/accessanalyzer/12.0/data-collection/sql/configure-job.md b/docs/accessanalyzer/12.0/data-collection/sql/configure-job.md deleted file mode 100644 index 2ab9ae497e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/configure-job.md +++ /dev/null @@ -1,62 +0,0 @@ -# SQL Custom Connection Profile & Default Dynamic Host List - -The SQL Data Collector requires a custom Connection Profile and Host List. The **SQL SERVERS** -default host list can be used with this data collector for the SQL Solution. The host inventory -option during host list creation makes it necessary to configure the Connection Profile first. - -## Connection Profile - -Create a Connection Profile and set the following information on the User Credentials window. - -- For an Active Directory account: - - - Select Account Type – Active Directory Account - - Domain – Drop-down menu with available trusted domains will appear. Either type the short - domain name in the textbox or select a domain from the menu. - - User name – Type the user name - - Password Storage – Choose the desired option for credential password storage: - - - Application – Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for additional information. - - CyberArk – Uses the CyberArk Enterprise Password Vault. See the - [CyberArk Integration](/docs/accessanalyzer/12.0/administration/settings/connection/cyberark-integration.md) topic for - additional information. The password fields do not apply for CyberArk password storage. - - - Password – Type the password - - Confirm – Re-type the password - -- For a SQL account: - - - Select Account Type – SQL Authentication - - User name – Enter user name - - Password Storage – Application (Uses the configured Profile Security setting as selected at - the **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for additional information.) - - Password – Type the password - - Confirm – Re-type the password - -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. - -## Host List - -The required host list depends on the database that the SQL data collector is being used for. - -### Default Dynamic Host List (SQL) - -Jobs using the SQL Data Collector can use the SQL Servers default host list. This is a dynamic host -list that is populated from hosts in the Host Master Table which meet the host inventory criteria -for the list, `IsSQLServer = True`. Since the SQL Servers host list is default, it is available to -jobs and job groups for host assignment. See the [Host Management](/docs/accessanalyzer/12.0/host-management/overview.md) -topic for additional information. - -### Oracle / MySQL / PostgreSQL / Db2 - -Jobs in the Oracle, MySQL, Postgre SQL, or Db2 solution using the SQL Data Collector must be -configured to query a host list with the servers containing the target databases. Setup the list of -hosts that needs to be monitored. Be sure to use a specific host name (if forcing the connection to -a secondary host) or just the server name if connecting to the server. See the -[Host Management](/docs/accessanalyzer/12.0/host-management/overview.md) topic for additional information. - -Additionally, the database instances must be added to the Filter page in the query configuration. -See the [SQL: Filter](/docs/accessanalyzer/12.0/data-collection/sql/filter.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/data-collection/sql/criteria.md b/docs/accessanalyzer/12.0/data-collection/sql/criteria.md deleted file mode 100644 index 0f03bcd25b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/criteria.md +++ /dev/null @@ -1,33 +0,0 @@ -# SQL: Criteria - -The Criteria page is where criteria to be used for discovering sensitive data are configured. It is -a wizard page for the Sensitive Data Collection category. - -![SQL Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -The options on the Criteria page are: - -- Use Global Criterion Selection – Select this option to inherit sensitive data criteria settings - from the **Settings > Sensitive Data** node. See the - [Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) topic for additional information. -- Use the following selected criteria – Select this option to use the table to select which - sensitive data criteria to scan for - - - Select All– Click **Select All** to enable all sensitive data criteria for scanning - - Clear All – Click **Clear All** to remove all selections from the table - - Select the checkboxes next to the sensitive data criteria options to enable it to be scanned - for during job execution - -The table contains the following types of criteria: - -- System Criteria – Lists pre-defined criteria -- User Criteria – Lists user-defined criteria - - Use the Sensitive Data Criteria Editor in the **Settings > Sensitive Data** to create and edit - user-defined criteria. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) - topic for additional information. - -**NOTE:** Adding unnecessary criteria can adversely impact the scanner performance and can cause the -scanning job to take a long time. If performance is adversely affected, revisit the sensitive data -scanning criteria and remove criteria that is not required. diff --git a/docs/accessanalyzer/12.0/data-collection/sql/custom-query-oracle.md b/docs/accessanalyzer/12.0/data-collection/sql/custom-query-oracle.md deleted file mode 100644 index cff7d79565..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/custom-query-oracle.md +++ /dev/null @@ -1,20 +0,0 @@ -# SQL: Custom Oracle Query - -The Custom Query page for a Custom Oracle Query contains the same options as the Custom Query page -for a custom SQL query, with the addition of the **Convert CDB to DBA on non-container databases** -checkbox. It is a wizard page for the Custom Oracle Query category. - -![SQL Data Collector Wizard Custom Query page for a Custom Oracle Query](/img/product_docs/accessanalyzer/admin/datacollector/sql/customqueryoracle.webp) - -The configurable options are: - -- Test Database: - - - Data Source – Select the host\instance from the drop-down menu - - Database – Select the database from the drop-down menu - - - Convert CDB to DBA on non-container databases - -- SQL Query textbox – Enter the custom SQL script -- Validate Query – Click to test the query, results display in the box -- Row limit – Enter a number to limit the rows the query is tested on diff --git a/docs/accessanalyzer/12.0/data-collection/sql/custom-query-sql.md b/docs/accessanalyzer/12.0/data-collection/sql/custom-query-sql.md deleted file mode 100644 index 39058580bc..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/custom-query-sql.md +++ /dev/null @@ -1,22 +0,0 @@ -# SQL: Custom SQL Query - -The Custom Query page for a Custom SQL Query contains the following configuration options. It is a -wizard page for the following categories: - -- Custom MySQL Query -- Custom PostgreSQL Query -- Custom SQL Query -- Custom Db2LUW Query - -![SQL Data Collector Wizard Custom SQL Query Page](/img/product_docs/accessanalyzer/admin/datacollector/sql/customsqlquery.webp) - -The configurable options are: - -- Test Database: - - - Data Source – Select the host\instance from the drop-down menu - - Database – Select the database from the drop-down menu - -- SQL Query textbox – Enter the custom SQL script -- Validate Query – Click to test the query, results display in the box -- Row limit – Enter a number to limit the rows the query is tested on diff --git a/docs/accessanalyzer/12.0/data-collection/sql/filter.md b/docs/accessanalyzer/12.0/data-collection/sql/filter.md deleted file mode 100644 index ae6843c4aa..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/filter.md +++ /dev/null @@ -1,154 +0,0 @@ -# SQL: Filter - -The Filter page is where the query can be scoped to target specific databases or instances. It is a -wizard page for the categories of: - -- Permissions > Permissions Collection -- Server Audits > Server Audit Events Collection -- Sensitive Data > Sensitive Data Collection -- Microsoft SQL Server: - - - Discovery - - Custom SQL Query - - Infrastructure - - Operations - - Utilities > Remove Storage Tables - - Legacy Queries - -- Oracle: - - - Custom Oracle Query - - Infrastructure - - Operations - - Utilities > Remove Storage Tables - -- MySQL: - - - Custom MySQL Query - - Utilities > Remove Storage Tables - -- PostgreSQL: - - - Custom PostgreSQL Query - - Utilities > Remove Storage Tables - -- Db2LUW: - - - Custom Db2LUW Query - - Utilities > Remove Storage Tables - - Db2LUW Permissions Scan - -- Utilities – Remove Storage Data - -It is necessary for the SA_SQL_Instances table to be populated before available databases/instances -can populate the Available Server audits list. For Oracle and SQL, the SA_SQL_Instances table is -populated through an instance discovery query. See the -[0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql-instancediscovery.md) -topic for additional information. For PostgreSQL and MySQL Scans, the SA_SQL_Instances table is -populated manually in the Manage Connections window. See the -[Manage Connections Window](#manage-connections-window) topic for additional information. Once the -table has been populated, a query can be scoped. - -![SQL Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -The configurable filter options are: - -- Connections — Opens the Manage Connections window to add or modify database instances. See the - [Manage Connections Window](#manage-connections-window) topic for additional information. -- Filter options - - - All database objects — No scoping - - Only select database objects — Scope to specific databases - - - Click **Retrieve** to display available server audits - -- Available database objects — Displays known databases and instances for query scoping - - - Select from the available list and click **Add** - -- Selected databases or instances — Displays selected database objects for which the query has been - scoped. Additional options include: - - - Remove — Removes the selected database/instance from the query - - Include — Reverts an exclusion. By default, all sub tables are included. - - Exclude — Excludes selected databases/instances and displays them in red - - Add Custom Filter — Opens the Add custom filter window to build a custom filter to be applied - to the selected databases/instances. See the - [Add Custom Filter Window](#add-custom-filter-window) topic for additional information. - - Import CSV — Import a list of databases/instances from a CSV file - - Export CSV — Exports the list of databases/instance to a CSV file through the Save As window - -## Manage Connections Window - -The Manage Connections window enables you to add database instances to search. Click the -**Connections** button to open it. - -![Manage Connections window](/img/product_docs/accessanalyzer/admin/datacollector/nosql/manageconnections.webp) - -The Manage Connections table lists the previously added database instances and their attributes. -Select a row in the table to edit that instance, or create a new instance to add to the table: - -- Is Active — Select the checkbox to include the database on the Servers Pane on the Filter page -- Instance Label — The name of the server -- Database System — Select from a list of available databases -- Service Name — Name of the service -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the database. If a non-default port is being used, it should be - specified in the Port Number section. -- Default Database — Account used to access the database. Admin is recommended. -- Enable impersonation — Select to enable impersonation -- Service Type— If applicable, select whether the service type is **Service** or **SID** - -In the Manage Connections Table, the following information is also listed: - -- Was Inspected — Indicates whether information for a connection was validated. **Y** indicates the - information has been validated. **N** indicates the information has not been validated. -- Last Inspected — Indicates the date and time of when the connection information was last - inspected. If blank, the connection information has not yet been validated. - -The Manage Connections window has the following buttons: - -- Test Connection — Click to verify the connection to the database with the connection profile - applied to the job group -- Edit Connection — Click to edit information for the selected connection -- Delete Connection — Click to delete the selected connection -- Create New — Click to create a new connection - -#### Add Custom Filter Window - -The Add custom filter window opens from the Filter page of the SQL Data Collector Wizard. It enables -you to apply a custom scoping filter to the query. - -![Add custom filter window](/img/product_docs/accessanalyzer/admin/datacollector/sql/addcustomfilter.webp) - -Type the filter in the window and click Save. The following characters can be used in the filter: - -- Forward slash (/) – Path separator -- Asterisk (\*) – Wild card for any combination of characters -- Question mark (?) – Wild card for a single character - -Use the following format to add a custom filter for a server: - -- SQL: - - [SQL Server Name]/[Host or IP Address]/[Database Name]/[TableName] - -- Oracle: - - [Oracle Server Name]/[Host or IP Address]/[Container Name]/[Schema]/[Table Name] - -- Azure SQL: - - [Azure SQL Server Name]/[Host or IP Address]/[Database Name]/[Table Name] - -- MySQL: - - [MySQL Server Name]/[Host or IP Address]/[DastabaseName]/[TableName] - -- PostgreSQL: - - [PostgreSQL Server Name]/[Host or IP Address]/[DastabaseName]/[Schema]/[TableName] - -- Db2: - - [Db2LUW Server Name]/[Host or IP Address]/[DastabaseName]/[TableName] diff --git a/docs/accessanalyzer/12.0/data-collection/sql/options.md b/docs/accessanalyzer/12.0/data-collection/sql/options.md deleted file mode 100644 index 064622a084..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/options.md +++ /dev/null @@ -1,85 +0,0 @@ -# SQL: Options - -Use the Options page to configure additional settings. The contents of the page vary according to -the category selected. The Options page is a wizard page for the categories of: - -- Server Audits -- Sensitive Data - -## Server Audits - -Use the Options page to specify collection options to use when gathering server audits. This is a -page for the Server Audits Events Collection category. - -![SQL Data Collector Wizard Options page for Server Audit](/img/product_docs/accessanalyzer/admin/datacollector/sql/optionsserveraudits.webp) - -The scan options are: - -- Collect only events since last scan – Differential scanning -- Process each audit file individually -- Number of days you want to keep events in the database – Data retention period, set to 15 days by - default -- Collection Method – Choose a collection method: - - - Collect audits by name - - Collect audits by path - -## Sensitive Data - -Use the Sensitive Data Scan Settings (Options) page to specify collection options to use when -gathering server audits. This is a page for the Sensitive Data Collection category. - -![SQL Data Collector Wizard Options page for Sensitive Data](/img/product_docs/accessanalyzer/admin/datacollector/sql/optionssensitivedata.webp) - -The sensitive data scan settings are: - -Scan Options - -- Scan tables for sensitive data – Scans the tables within the database for sensitive data - - - The Oracle default is set for optimal performance for a high-level scan of only tables - -- Scan views for sensitive data – Scans views for sensitive data - -Data Settings - -- Scan individual columns for sensitive data – Scans individual columns within the database for - sensitive data -- Scan full rows for sensitive data – Scans full rows within the database for sensitive data -- Scan all rows for sensitive data – Scans all rows within the database for sensitive data -- Limit rows to scan – Select the number of rows to scan for sensitive data. Select the **Use random - sampling** checkbox to enable random sampling for checking for sensitive data. - -Meta Data Options - -- Scan database names for sensitive data – Scans database names for sensitive data if the database - names are included as part of the keyword list in the scanning criteria -- Scan table names for sensitive data – Scans table names within the database for sensitive data if - the table names are included as part of the keyword list in the scanning criteria -- Scan column names for sensitive data – Scans column names within the database for sensitive data. - This scans all column names of every table for sensitive data if the column names are included as - part of the keyword list in the scanning criteria. - -Large Data Type Options - -- Included binary data types (BLOB, NLOB, LONGRAW, VARBINARY) – Select to include the listed binary - data types -- Include character data types (NCLOB, CLOB, LONG) – Select to include the listed character data - types - -SDD Options - -- Store discovered sensitive data – Stores potentially sensitive data in the Access Analyzer - database. Any sampled sensitive data discovered based on the matched criteria is stored in the - Access Analyzer database. This functionality can be disabled by clearing this option. - - **NOTE:** The **Store discovered sensitive data** option is required to view Content Audit - reports in the Access Information Center for SQL data. - - **CAUTION:** Changing scan options, criteria, or filters when resuming a scan may prevent the - can from resuming properly. - -- Resume scan from last point on error – Resumes scan from where the previous scan left off when the - previous scan was stopped as a result of an error - -_Remember,_ Sensitive Data Discovery is required to use the sensitive data collection option. diff --git a/docs/accessanalyzer/12.0/data-collection/sql/overview.md b/docs/accessanalyzer/12.0/data-collection/sql/overview.md deleted file mode 100644 index 4f65c8dd9d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/overview.md +++ /dev/null @@ -1,119 +0,0 @@ -# SQL Data Collector - -The SQL Data Collector provides information on database configuration, permissions, data extraction, -application name of the application responsible for activity events, an IP Address or Host name of -the client server, and sensitive data reports. This data collector also provides information on -Oracle databases including infrastructure and operations. - -The SQL Data Collector has been preconfigured within the Database data collection jobs for Db2, -MySQL, Oracle, PostgreSQL, Redshift, and SQL Server databases. Both this data collector and the -Database Solution are available with a special Access Analyzer license. See the following topics for -additional information: - -- [Db2 Solution](/docs/accessanalyzer/12.0/solutions/databases/db2/overview.md) -- [MySQL Solution](/docs/accessanalyzer/12.0/solutions/databases/mysql/overview.md) -- [PostgreSQL Solution](/docs/accessanalyzer/12.0/solutions/databases/postgresql/overview.md) -- [Oracle Solution](/docs/accessanalyzer/12.0/solutions/databases/oracle/overview.md) -- [Redshift Solution](/docs/accessanalyzer/12.0/solutions/databases/redshift/overview.md) -- [SQL Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/overview.md) - -Protocols - -TCP - -Ports - -For Db2: - -- Specified by Instances table (default is 5000) - -For MySQL: - -- Specified by Instances table (default is 3306) - -For Oracle: - -- Specified by Instances table (default is 1521) - -For PostgreSQL: - -- Specified by Instances table (default is 5432) - -For SQL: - -- Specified by Instances table (default is 1433) - -Permissions - -For MySQL: - -- Read access to MySQL instance to include all databases contained within each instance -- Windows Only — Domain Admin or Local Admin privilege - -For Oracle: - -- User with SYSDBA role -- Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or - Unix operating systems - -For PostgreSQL: - -- Read access to all the databases in PostgreSQL cluster or instance -- Windows Only — Domain Admin or Local Admin privilege - -For Redshift: - -- Read-access to the following tables: - - - pg_tables - - pg_user - -For SQL: - -- For Instance Discovery, local rights on the target SQL Servers: - - - Local group membership to Remote Management Users - - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` - -- For permissions for data collection: - - - Read access to SQL instance - - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the - target SQL instance(s) when using the **Scan full rows for sensitive data** option on the - Options wizard page - - Grant Authenticate Server to [DOMAIN\USER] - - Grant Connect SQL to [DOMAIN\USER] - - Grant View any database to [DOMAIN\USER] - - Grant View any definition to [DOMAIN\USER] - - Grant View server state to [DOMAIN\USER] - - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) - -See the [Azure SQL Auditing Configuration](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-sql-access.md) -topic and the -[AzureSQL Target Least Privilege Model](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/database-azure-sql.md) -topic for additional information. - -Sensitive Data Discovery Considerations - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## SQL Query Configuration - -The SQL Data Collector is configured through the SQL Data Collector Wizard. The wizard contains the -following pages, which change based upon the query category selected: - -**NOTE:** The SQL Data Collector is used in multiple Access Analyzer Solutions, and the query -categories used are dependent on the solution. - -- [SQL: Category](/docs/accessanalyzer/12.0/data-collection/sql/category.md) -- [SQL: Options](/docs/accessanalyzer/12.0/data-collection/sql/options.md) -- [SQL: Criteria](/docs/accessanalyzer/12.0/data-collection/sql/criteria.md) -- [SQL: Filter](/docs/accessanalyzer/12.0/data-collection/sql/filter.md) -- [SQL: Settings](/docs/accessanalyzer/12.0/data-collection/sql/settings.md) -- [SQL: Custom SQL Query](/docs/accessanalyzer/12.0/data-collection/sql/custom-query-sql.md) -- [SQL: Custom Oracle Query](/docs/accessanalyzer/12.0/data-collection/sql/custom-query-oracle.md) -- [SQL: Results](/docs/accessanalyzer/12.0/data-collection/sql/results.md) -- [SQL: Rowkey](/docs/accessanalyzer/12.0/data-collection/sql/row-key.md) -- [SQL: Summary](/docs/accessanalyzer/12.0/data-collection/sql/summary.md) diff --git a/docs/accessanalyzer/12.0/data-collection/sql/results.md b/docs/accessanalyzer/12.0/data-collection/sql/results.md deleted file mode 100644 index e1632d8157..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/results.md +++ /dev/null @@ -1,10 +0,0 @@ -# SQL: Results - -The Results page is where the properties that will be gathered are selected. It is a wizard page for -all of the categories. - -![SQL Data Collector Wizard Results Page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually, or the **Select All** and **Clear All** buttons can be -used. All selected properties are gathered. Available properties vary based on the category -selected. diff --git a/docs/accessanalyzer/12.0/data-collection/sql/row-key.md b/docs/accessanalyzer/12.0/data-collection/sql/row-key.md deleted file mode 100644 index 4a083e7649..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/row-key.md +++ /dev/null @@ -1,10 +0,0 @@ -# SQL: Rowkey - -The Rowkey page configures the Rowkey for the SQL query. It is a wizard page for the Custom Query -categories. - -![SQL Data Collector Wizard Rowkey Page](/img/product_docs/accessanalyzer/admin/datacollector/sql/rowkey.webp) - -Properties selected on the Results page are listed. Select the property or properties to act as the -Rowkey. Properties can be selected individually, or the **Select All** and **Clear All** buttons can -be used. diff --git a/docs/accessanalyzer/12.0/data-collection/sql/settings.md b/docs/accessanalyzer/12.0/data-collection/sql/settings.md deleted file mode 100644 index ff6e686f28..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/settings.md +++ /dev/null @@ -1,13 +0,0 @@ -# SQL: Settings - -The Settings page configures the removal of data from the Access Analyzer database for specific -instances. It is a wizard page for the category of Utilities. - -![SQL Data Collector Wizard Data removal settings Page](/img/product_docs/activitymonitor/config/dellpowerscale/settings.webp) - -Data from the selected categories will be removed from the Access Analyzer database: - -- Permissions -- Audits -- Sensitive Data -- Orphaned Rows diff --git a/docs/accessanalyzer/12.0/data-collection/sql/summary.md b/docs/accessanalyzer/12.0/data-collection/sql/summary.md deleted file mode 100644 index b74599410e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/sql/summary.md +++ /dev/null @@ -1,10 +0,0 @@ -# SQL: Summary - -The Summary page is where the configuration settings are summarized. It is a wizard page for all of -the categories. - -![SQL Data Collector Wizard Summary Page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the SQL Data Collector Wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/12.0/data-collection/system-info/category.md b/docs/accessanalyzer/12.0/data-collection/system-info/category.md deleted file mode 100644 index 9147469dd2..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/system-info/category.md +++ /dev/null @@ -1,16 +0,0 @@ -# SystemInfo: Category - -The Category page contains the following categories: - -![System Info Data Collector Wizard Category page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp) - -The report categories are: - -- Computer System – Returns hardware and software related information -- Files Shares – Returns file share, permissions, and content information -- Logged On Users – Returns information about users logged on to local and remote machines -- Network Interface(NIC) – Returns network adapter configuration information -- Open File Shares – Returns information on accessible file shares -- Open Files – Returns information on locked and in use files -- Scheduled Tasks – Returns information on scheduled tasks -- Sessions – Returns information on local and remote sessions diff --git a/docs/accessanalyzer/12.0/data-collection/system-info/file-types.md b/docs/accessanalyzer/12.0/data-collection/system-info/file-types.md deleted file mode 100644 index 6cb71f4899..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/system-info/file-types.md +++ /dev/null @@ -1,11 +0,0 @@ -# SystemInfo: File Types - -The File Types page is where to enable count file types and specify filename masks if it is desired -to count files of given types. Two properties are generated for every mask provided, one for size -and one for count. It is a wizard page for the category of File Shares. - -![System Info Data Collector Wizard File Types page](/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/filetypes.webp) - -To enable counting file types, select the **Count file types** checkbox. To add new file types, -click **Add New**. To load a list of default file types for counting, click **Load Defaults**. To -remove a file type, select the file type and click **Remove**. diff --git a/docs/accessanalyzer/12.0/data-collection/system-info/job-scope.md b/docs/accessanalyzer/12.0/data-collection/system-info/job-scope.md deleted file mode 100644 index 34a63b8d52..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/system-info/job-scope.md +++ /dev/null @@ -1,11 +0,0 @@ -# SystemInfo: Job Scope - -The Job Scope page is where to select whether or not scoping should be used during execution. It is -a wizard page for the category of File Shares. - -![System Info Data Collector Wizard Job Scope page](/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/jobscope.webp) - -Select from the following options: - -- Don’t Use Scoping -- Use Scoping diff --git a/docs/accessanalyzer/12.0/data-collection/system-info/options.md b/docs/accessanalyzer/12.0/data-collection/system-info/options.md deleted file mode 100644 index af8501335e..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/system-info/options.md +++ /dev/null @@ -1,48 +0,0 @@ -# SystemInfo: Options - -The Options page contains options for the Files Shares category. It is a wizard page for the -categories of: - -- File Shares -- Network Interface (NIC) -- Open File Shares - -**NOTE:** This is a legacy feature, as it is more efficient to use the **FileSystemAccess** (FSAA) -Data Collector to gather this information. - -## File Shares and Open File Shares - -For the File Shares and Open File Shares categories: - -![System Info Data Collector Wizard Options page for File Shares category](/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/optionsfileshares.webp) - -Select from the following options to control the depth of processing and the amount of information -to be returned by the query: - -- Include file level permissions - - - Do not collect inherited file permissions - - - Return All Folders - -- Enumerate subfolders within shared folders - - - Limit returned subfolders depth to – Specify the number of levels - -- Size units for corresponding properties – Select the desired size unit: - - - Bytes - - KBytes - - Mbytes - - GBytes - -## Network Interface (NIC) - -For the Network Interface (NIC) category: - -![System Info Data Collector Wizard Options page for NIC category](/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/optionsnic.webp) - -The configurable option is: - -- Show primary IP address only – Select this checkbox to return data for the primary network - interface only diff --git a/docs/accessanalyzer/12.0/data-collection/system-info/overview.md b/docs/accessanalyzer/12.0/data-collection/system-info/overview.md deleted file mode 100644 index b47d2f5d82..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/system-info/overview.md +++ /dev/null @@ -1,43 +0,0 @@ -# SystemInfo Data Collector - -The SystemInfo Data Collector extracts information from the target system based on the selected -category. The SystemInfo Data Collector is a core component of Access Analyzer, but it has been -preconfigured within the Windows Solution. While the data collector is available with all Access -Analyzer license options, the Windows Solution is only available with a special Access Analyzer -license. See the [Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional -information. - -Protocols - -- Remote Registry -- RPC -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group - -## SystemInfo Query Configuration - -The SystemInfo Data Collector is configured through the System Info Data Collector Wizard, which -contains the following wizard pages: - -- Welcome -- [SystemInfo: Category](/docs/accessanalyzer/12.0/data-collection/system-info/category.md) -- [SystemInfo: Results](/docs/accessanalyzer/12.0/data-collection/system-info/results.md) -- [SystemInfo: Shares List](/docs/accessanalyzer/12.0/data-collection/system-info/shares-list.md) -- [SystemInfo: Probable Owner](/docs/accessanalyzer/12.0/data-collection/system-info/probable-owner.md) -- [SystemInfo: VIP Membership](/docs/accessanalyzer/12.0/data-collection/system-info/vip-membership.md) -- [SystemInfo: File Types](/docs/accessanalyzer/12.0/data-collection/system-info/file-types.md) -- [SystemInfo: Options](/docs/accessanalyzer/12.0/data-collection/system-info/options.md) -- [SystemInfo: Summary](/docs/accessanalyzer/12.0/data-collection/system-info/summary.md) - -![System Info Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/system-info/probable-owner.md b/docs/accessanalyzer/12.0/data-collection/system-info/probable-owner.md deleted file mode 100644 index 28a642c245..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/system-info/probable-owner.md +++ /dev/null @@ -1,62 +0,0 @@ -# SystemInfo: Probable Owner - -On the Probable Owner page, select options for determining the owner using weighted calculations. -This page is enabled when the **Probable Owner** property is selected on the Results page. - -![System Info Data Collector Wizard Probable Owner page](/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/probableowner.webp) - -Determine owner - -In the Determine owner section, select from the following options: - -- Determine owner from User Profile Last Modified Date -- Determine owner from User Profile Size -- Determine owner from Current User -- Determine owner from Last User -- Custom weights – Select this radio button to use custom weights to determine the probable owner. - These weights can be set by clicking the ellipsis next to the Result weights box to open the - Probable Owner Settings window. - -![Custom weights Probable Owner Settings window](/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/customweights.webp) - -The Result weights box displays the custom weights set in the Probable Owner Settings window. - -Exclude users list - -In the Exclude users list section, select from the following checkboxes: - -- Exclude users by list – Enables the **Set List of Users to Exclude** button -- Exclude locked out users -- Exclude disabled users - -![Exclude users Probable Owner Settings window](/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/excludeusers.webp) - -Click **Set Users to Exclude** to open the Probable Owner Settings window: - -- User – Enter users in the following format: `Domain\Username` -- Add user – Click **Add user** to add the users entered in the User box to the excluded users list -- Removed selected – Select a user and click **Removed selected** to remove the user -- Clear list – Click **Clear list** to remove the list of excluded users -- Select users or groups – Click **Select users or groups** to open the Select User or Group window - and select users or groups to add the excluded users list -- Import from file – Select **Import from file** to open the Import File Dialog and import files to - add to the excluded users list - -Output options - -In the Output options section, select from the following options: - -- Get the most probable owner(s) -- Get probable owners with relative deviation to the most probable owner – Enables the following - option: - - - Maximum deviation: **[number]** percents - -- Get probable owners limited by probability – Enables the following options: - - - Probability threshold **[number]** percents - - Return at least one probable owner regardless of probability - -Select the following checkbox if desired: - -- Return the top **[number]** ranked probable owners diff --git a/docs/accessanalyzer/12.0/data-collection/system-info/results.md b/docs/accessanalyzer/12.0/data-collection/system-info/results.md deleted file mode 100644 index 9215f9c967..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/system-info/results.md +++ /dev/null @@ -1,10 +0,0 @@ -# SystemInfo: Results - -The Results page is used to select which properties are gathered out of those available for the -category. It is a wizard page for all categories. - -![System Info Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Check all**, **Uncheck all**, and **Reset to -defaults** buttons can be used. All selected properties are gathered. Available properties vary -based on the category selected. diff --git a/docs/accessanalyzer/12.0/data-collection/system-info/shares-list.md b/docs/accessanalyzer/12.0/data-collection/system-info/shares-list.md deleted file mode 100644 index 83214e58cd..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/system-info/shares-list.md +++ /dev/null @@ -1,19 +0,0 @@ -# SystemInfo: Shares List - -On the Shares List page, configure the shares to include and exclude. It is a wizard page for the -category of File Shares. - -![System Info Data Collector Wizard Shares List page](/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/shareslist.webp) - -Select from the following options to exclude system or hidden shared folders from enumeration: - -- Exclude system and special shared folders -- Exclude hidden shared folders - -Select the following checkbox to identify nested shares and exclude them from the output: - -- Skip Nested Shares - -To configure individual shares to include or exclude, enter a share name and click **Add as -inclusion** or **Add as exclusion**. To remove the share from the list, select the share and click -**Remove selected**. To clear the list of inclusions and exclusions, click **Clear list**. diff --git a/docs/accessanalyzer/12.0/data-collection/system-info/summary.md b/docs/accessanalyzer/12.0/data-collection/system-info/summary.md deleted file mode 100644 index 183ba1edef..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/system-info/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# SystemInfo: Summary - -The Summary page displays a summary of the configured query. It is a wizard page for all categories. - -![System Info Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the System Info Data Collector Wizard ensuring that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/system-info/vip-membership.md b/docs/accessanalyzer/12.0/data-collection/system-info/vip-membership.md deleted file mode 100644 index 004829310a..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/system-info/vip-membership.md +++ /dev/null @@ -1,15 +0,0 @@ -# SystemInfo: VIP Membership - -The VIP Membership provides the option to add members to a VIP List and exclude them from contact -about probable ownership. Any users can be added to VIP membership. This page is enabled when the -VIPList property is selected on the Results page. - -![System Info Data Collector Wizard VIP Membership page](/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/vipmembership.webp) - -To add a user to the VIPList members table, enter the username in the User box in the -`Domain\Username` format and click **Add user**. To remove a user from the list, select the user and -click **Remove selected**. To clear the list, click **Clear list**. - -To select users or groups to add to the VIPList members table, click **Select users or groups** to -open the Select User or Group browser window and add a user or group. To import a file, click -**Import from file** to open the Import File Dialog browser window. diff --git a/docs/accessanalyzer/12.0/data-collection/text-search/advanced-criteria.md b/docs/accessanalyzer/12.0/data-collection/text-search/advanced-criteria.md deleted file mode 100644 index a57ba54fc4..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/text-search/advanced-criteria.md +++ /dev/null @@ -1,23 +0,0 @@ -# TextSearch: Advanced Criteria - -The Advanced Criteria page is displayed if the **Use advanced criteria (instead of simple -criteria)** checkbox is selected on the Search Criteria page. This page provides configuration -options to specify the text to search for across the entire row of each file or within the specified -column in each row. - -![Text Search Data Collector Wizard Advanced Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.webp) - -The configurable options are: - -- Return Multiple Columns – Return data values in multiple columns -- Load Sample Data – Click this button to browse for sample data to test the filters entered. If the - sample data file is large, it is recommended to sample an excerpt of the file to reduce the amount - of time it takes to load the data. -- Customize – Click this button to open the Filter builder - - ![Filter builder window](/img/product_docs/accessanalyzer/admin/datacollector/textsearch/filterbuilder.webp) - - See the [Filtration Dialog](/docs/accessanalyzer/12.0/administration/navigation/data-grid.md#filtration-dialog) topic for information - on using the Filter builder. - -The filter section cannot be blank. diff --git a/docs/accessanalyzer/12.0/data-collection/text-search/overview.md b/docs/accessanalyzer/12.0/data-collection/text-search/overview.md deleted file mode 100644 index 9d04bb2575..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/text-search/overview.md +++ /dev/null @@ -1,37 +0,0 @@ -# TextSearch Data Collector - -The TextSearch Data Collector enables searches through text based log files. The TextSearch Data -Collector is a core component of Access Analyzer, but it has been preconfigured within the Windows -Solution. While the data collector is available with all Access Analyzer license options, the -Windows Solution is only available with a special Access Analyzer license. See the -[Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information. - -Protocols - -- RPC - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group - -## TextSearch Query Configuration - -The TextSearch Data Collector is configured through the Text Search Data Collector Wizard, which -contains the following wizard pages: - -- Welcome -- [TextSearch: Source Files](/docs/accessanalyzer/12.0/data-collection/text-search/source-files.md) -- [TextSearch: Search Criteria](/docs/accessanalyzer/12.0/data-collection/text-search/search-criteria.md) -- [TextSearch: Advanced Criteria](/docs/accessanalyzer/12.0/data-collection/text-search/advanced-criteria.md) -- [TextSearch: Results](/docs/accessanalyzer/12.0/data-collection/text-search/results.md) -- [TextSearch: Summary](/docs/accessanalyzer/12.0/data-collection/text-search/summary.md) - -![Text Search Data Collector Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/text-search/results.md b/docs/accessanalyzer/12.0/data-collection/text-search/results.md deleted file mode 100644 index 424920d473..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/text-search/results.md +++ /dev/null @@ -1,18 +0,0 @@ -# TextSearch: Results - -The Results page is where properties that will be gathered are selected. - -![Text Search Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Properties can be selected individually or the **Check all**, **Uncheck All**, and **Reset to -Defaults** buttons can be used. All selected properties are gathered. Available properties vary -based on the category selected. - -- Size units – Select from the following: - - - Bytes - - KBytes - - MBytes - - GBytes - -- Only return results for files with at least one match diff --git a/docs/accessanalyzer/12.0/data-collection/text-search/search-criteria.md b/docs/accessanalyzer/12.0/data-collection/text-search/search-criteria.md deleted file mode 100644 index 0c6f3b344d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/text-search/search-criteria.md +++ /dev/null @@ -1,17 +0,0 @@ -# TextSearch: Search Criteria - -The Search Criteria page provides configuration options to specify the text to search for across the -entire row of each file. - -![Text Search Data Collector Wizard Search Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/textsearch/searchcriteria.webp) - -The configurable functions are: - -- Use advanced criteria (instead of simple criteria) – Select this checkbox to display the Advanced - Criteria page and configure the search with additional filtering options. Advanced search criteria - is configured on the Advanced Criteria page. See the - [TextSearch: Advanced Criteria](/docs/accessanalyzer/12.0/data-collection/text-search/advanced-criteria.md) topic for additional information. -- Simple Criteria - - - Text to match – Find files that contain the text string entered - - Exact match – Select this option to find files that contain only the exact text string entered diff --git a/docs/accessanalyzer/12.0/data-collection/text-search/source-files.md b/docs/accessanalyzer/12.0/data-collection/text-search/source-files.md deleted file mode 100644 index 7e4d6c9e99..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/text-search/source-files.md +++ /dev/null @@ -1,81 +0,0 @@ -# TextSearch: Source Files - -The Source Files page provides options to specify which files to search. - -![Text Search Data Collector Wizard Source Files page](/img/product_docs/accessanalyzer/admin/datacollector/textsearch/sourcefiles.webp) - -Location - -The Location section provides options to scope the search. - -- Fixed path – Supply a fixed path or use wildcards and system variables. Fixed paths are typically - entered in the following format: `drive\filepath` (for example, `C:\WINNT\System32`). Click the - ellipsis to open the Remote Folder Explorer and browse to add file paths to the search scope. See - the [Remote Folder Explorer](#remote-folder-explorer) topic for additional information. -- Current Job Directory – Search the job’s root folder for the specified file -- Registry Lookup – Select this option to programmatically obtain a file path from a registry key - that exists on the target host in the environment. Click the ellipsis to open the Access Analyzer - Registry Browser and connect to a host to select a registry key and path to be used for the - lookup. - - - Value Name – This value is automatically populated from the registry key - - Levels – The Levels slider can be used to truncate the path for the key value in the Adjust - Path dialog box - - Current value data – Displays the current value for the registry key - - Query 32-bit – Select this checkbox to query a 32-bit view - - Query 64-bit – Select this checkbox to query a 64-bit view - -Files - -The Files section provides options to define the object or set of objects to find. - -- File name – Enter file names to search in the following format: `filename.extension`. Separate - multiple file names with a semicolon and no spaces between the names. Wild cards can be used. -- File type – Select the extension type of the file name entered above to tell the collection - routine how the data within the underlying file is structured and should be handled: - - - Autodetect – Select this when the data type is unknown. The data collection routine will - attempt to figure out what type of data it is and handle it appropriately. - - Plain Text - - CSV - - TSV - - Binary - - Space Separated Text - -- First line is header captions line – Enabled when CSV, TSV, or Space Separated Text is selected - -Options - -The Options section provides options to scope the search. - -- Ignore files larger than [number]MB -- Include subfolders - -Last Modification Time Filter - -The Last Modification Time Filter section provides options to apply time filters to the search. - -- None -- Oldest file -- Most recent file -- Between [date] and [date] -- In the last [number] [days] or [hours] - -## Remote Folder Explorer - -Clicking the ellipsis in the Location section of the Source Files page opens the Remote Folder -Explorer search window. In the Remote Folder Explorer window, navigate to the file folder location -and add the path to the scope. Multiple paths can be added to the scope. - -![Remote Folder Explorer window](/img/product_docs/accessanalyzer/admin/datacollector/textsearch/remotefolderexplorer.webp) - -The Remote Folder Explorer functions are: - -- Sample from host (path) – If the desired file does not exist on the local Access Analyzer Console, - enter the name of the host that contains the file and click **Connect** to browse that host -- Selected Path – Displays the path selected in the box above -- Add path – Click **Add path** to add the selected path to the Path box. This adds the path to the - search scope. -- Delete path – Select a path in the Path box and click **Delete path** to delete the path from the - search scope -- Path – Displays the paths that have been added to the search scope diff --git a/docs/accessanalyzer/12.0/data-collection/text-search/summary.md b/docs/accessanalyzer/12.0/data-collection/text-search/summary.md deleted file mode 100644 index 432c595bb8..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/text-search/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# TextSearch: Summary - -The Summary page displays a summary of the configured query. - -![Text Search Data Collector Wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Text Search Data Collector Wizard ensuring that no accidental clicks -are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/unix/edit-script.md b/docs/accessanalyzer/12.0/data-collection/unix/edit-script.md deleted file mode 100644 index 148036c945..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/unix/edit-script.md +++ /dev/null @@ -1,9 +0,0 @@ -# Unix: Edit Script - -The Edit Script page allows the script to be customized. - -![Unix Data Collector Wizard Edit Script page](/img/product_docs/accessanalyzer/admin/datacollector/unix/editscript.webp) - -Edit the shell script in the textbox if desired. - -Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/12.0/data-collection/unix/input.md b/docs/accessanalyzer/12.0/data-collection/unix/input.md deleted file mode 100644 index f4c05ba575..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/unix/input.md +++ /dev/null @@ -1,25 +0,0 @@ -# Unix: Input - -The Input page configures the source for input data. - -![Unix Data Collector Wizard Input page](/img/product_docs/accessanalyzer/admin/datacollector/unix/input.webp) - -The configurable options are: - -- Use SQL table for scoping input – Select the checkbox to enable scoping options -- Input Table - - - Name – Select the SQL table from the drop-down menu - - Filter Nulls – Select the checkbox to ignore blank rows in the table - - Filter Duplicates – Select the checkbox to ignore duplicate rows in the table - - Filter by host column – Select the checkbox to sort rows by host - -- Columns – Select the desired rows from the SQL table -- Data Input Method - - - Run command once per table row - - Send table data via standard input - -- Column Separator – Specify the column delimiter - -Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/12.0/data-collection/unix/overview.md b/docs/accessanalyzer/12.0/data-collection/unix/overview.md deleted file mode 100644 index 5d335464ee..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/unix/overview.md +++ /dev/null @@ -1,34 +0,0 @@ -# Unix Data Collector - -The Unix Data collector provides host inventory, software inventory, and logical volume inventory on -UNIX & Linux platforms. The Unix Data Collector has been preconfigured within the Unix Solution. -Both this data collector and the solution are available with a special Access Analyzer license. See -the [Unix Solution](/docs/accessanalyzer/12.0/solutions/unix/overview.md) topic for additional information. - -Protocols - -- SSH - -Ports - -- TCP 22 -- User configurable - -Permissions - -- Root permissions in Unix/Linux - -If the Root permission is unavailable, a least privileged model can be used. See the -[Least Privilege Model](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/unix.md#least-privilege-model) topic additional -information. - -## Unix Query Configuration - -The Unix Data Collector is configured through the Unix Data Collector Wizard. It is designed to scan -and import information from UNIX / Linux systems. The Unix Data Collector has these pages: - -- [Unix: Settings](/docs/accessanalyzer/12.0/data-collection/unix/settings.md) -- [Unix: Input](/docs/accessanalyzer/12.0/data-collection/unix/input.md) -- [Unix: Edit Script](/docs/accessanalyzer/12.0/data-collection/unix/edit-script.md) -- [Unix: Parsing](/docs/accessanalyzer/12.0/data-collection/unix/parsing.md) -- [Unix: Results](/docs/accessanalyzer/12.0/data-collection/unix/results.md) diff --git a/docs/accessanalyzer/12.0/data-collection/unix/parsing.md b/docs/accessanalyzer/12.0/data-collection/unix/parsing.md deleted file mode 100644 index ae93a49b90..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/unix/parsing.md +++ /dev/null @@ -1,31 +0,0 @@ -# Unix: Parsing - -The Parsing Configuration page configures the columns to return from the remote command and the -parameters used to parse that output into those columns. - -![Unix Data Collector Wizard Parsing Configuration page](/img/product_docs/accessanalyzer/admin/datacollector/unix/parsing.webp) - -The configurable options are: - -- Parse Columns – Select the checkbox to enable the parsing parameters options - - - Delimiter – Specify the delimiter - - Ignore duplicate delimiters – Check the checkbox to enable - - Delimiter Type – Select one of the following options: - - - Split on any delimiter character - - Split on entire delimiter string - - Split on delimiter regular expression - - - Handle additional delimited fields by – Select one of the following options: - - - Ignoring them - - Inserting them as the last column in additional rows - - Including them in the last column - -- Columns – Use the buttons to add or remove columns - - - **Add** – Opens the New Column window. Enter a new column name and click **OK**. - - **Remove** – Removes the selected column - -Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/12.0/data-collection/unix/results.md b/docs/accessanalyzer/12.0/data-collection/unix/results.md deleted file mode 100644 index c640a6763b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/unix/results.md +++ /dev/null @@ -1,15 +0,0 @@ -# Unix: Results - -On the Results page, select which properties will be gathered out of those available for the query. -Additionally select properties based on which ROWKEY will be built. - -![Unix Data Collector Wizard Results page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -The configurable options are: - -- Properties to return – Select the desired columns -- ROWKEY's components – Select the desired columns - -Click **Finish** to save the configuration changes, or **Back** to return to the previous page. If -no changes were made, it is a best practice to click **Cancel** to close the Unix Data Collector -Wizard to make sure that no accidental settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/unix/settings.md b/docs/accessanalyzer/12.0/data-collection/unix/settings.md deleted file mode 100644 index 9fe3f96d09..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/unix/settings.md +++ /dev/null @@ -1,36 +0,0 @@ -# Unix: Settings - -The Settings page configures the Unix Data Collector settings. - -![Unix Data Collector Wizard Settings page](/img/product_docs/activitymonitor/config/dellpowerscale/settings.webp) - -The configurable options are: - -- Time Out Settings - - - Connection Timeout – Set the connection timeout - - Processing Timeout – Set the processing timeout - -- Pre-Execution File Copy - - The Unix Data Collector can use SCP to copy a file from the Access Analyzer console to the - target system before running the script command. - - - Enable pre-execution file copy – Select the checkbox to enable - - - Source File – Enter a file path or click the ellipsis (…) to browse to the file location - - Target Location – Enter the file path to copy the file to - -- Credential Selection Settings - - - Only use Unix Account type credentials from connection profile - - Use both Unix Account and Active Directory Account type credentials from connection profile - - - AD Account user name format – Select from the dropdown the format of the user name from - the following: - - - username - - domain\username - - username@domain - -Click **Next** to continue the setup, or **Back** to return to the previous page. diff --git a/docs/accessanalyzer/12.0/data-collection/users-groups/category/groups.md b/docs/accessanalyzer/12.0/data-collection/users-groups/category/groups.md deleted file mode 100644 index 8628d6b39b..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/users-groups/category/groups.md +++ /dev/null @@ -1,43 +0,0 @@ -# UsersGroups: Groups Category - -The Groups Query category collects information for groups in different contexts. - -![Users and Groups Browser wizard Results page for Groups category](/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/groups.webp) - -In the Groups section, select from the following options: - -- All groups -- All global groups -- All local groups -- All groups containing the following users – Click the ellipsis (**…**) to open the Find a User - browser screen and select users. See the [Find a Group/User Browser](#find-a-groupuser-browser) - topic for additional information. -- These groups – Click the ellipsis (**…**) to open the Find a Group browser window and select - groups. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic for additional - information. - -In the Additional Properties section, select the **What rights does this group have?** checkbox to -return rights for the selected groups. - -**CAUTION:** The number of offline Groups can significantly increase the time for a scan. - -**_RECOMMENDED:_** For large networks, configure the length of time for a scan when Groups are -offline. - -- Retry Attempts [number] -- Retry Interval [number] seconds - -## Find a Group/User Browser - -Clicking the ellipses for the **All groups containing the following users** and the **These groups** -options opens the Find a Group or Find a User browser. - -![Find a group window](/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/findagroup.webp) - -The Find a Group and Find a User browsers display a list of groups or users, depending on which one -is being used, that can be selected for the option. Select from a specific host using the Sample -from host option, or leave the text field blank and click **Connect** to retrieve all user groups or -users that are selectable. - -Select a group or user by selecting the checkbox next to it, and click **OK** to confirm selection. -Click **Cancel** to leave the window without a selection. diff --git a/docs/accessanalyzer/12.0/data-collection/users-groups/category/security.md b/docs/accessanalyzer/12.0/data-collection/users-groups/category/security.md deleted file mode 100644 index 484fde8706..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/users-groups/category/security.md +++ /dev/null @@ -1,27 +0,0 @@ -# UsersGroups: Security Category - -This Security policy is used to audit security policies. - -![Users and Groups Browser wizard Results page Security category](/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/security.webp) - -Select from the following options for what data will be returned: - -- Security Policy (User Rights Assignment) – Identifies user rights assignment for each individual - policy part that grants or removes rights - - - Resolve Nested Group Membership – Returns nested group membership - - Find all users and groups who have the following right – Select the checkboxes next to the - rights desired for the query - -- Password Policy – Returns a password policy audit for the target -- Audit Policy – Returns an audit policy audit for the target -- Account Lockout Policy – Returns an account lockout policy audit for the target - -**CAUTION:** The number of offline hosts with policies can significantly increase the time for a -scan. - -**_RECOMMENDED:_** For large networks, configure the length of time for a scan when hosts with -policies are offline. - -- Retry Attempts [number] -- Retry Interval [number] seconds diff --git a/docs/accessanalyzer/12.0/data-collection/users-groups/category/users.md b/docs/accessanalyzer/12.0/data-collection/users-groups/category/users.md deleted file mode 100644 index a90d02b2aa..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/users-groups/category/users.md +++ /dev/null @@ -1,61 +0,0 @@ -# UsersGroups: Users Category - -The Users Query category collects information for users in different contexts. - -![Users and Groups Browser wizard Results page Users category](/img/product_docs/activitymonitor/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/users.webp) - -In the Users section, select from the following options: - -- All users – All users found on the target host -- All users in the following groups – Click the ellipsis (**…**) to open the Find a Group browser - window and specify a group. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic - for additional information. A specific group can also be entered manually into the text field. -- These users – Click the ellipsis (**…**) to open the Find a User browser window and specify one or - more users. See the [Find a Group/User Browser](#find-a-groupuser-browser) topic for additional - information. A specific user can also be entered manually into the text field. -- Special users – The users found can be flagged as special users in the following categories: - - - Administrator - - Guest - - Check if account has been renamed – Select this checkbox to check if the Administrator or - Guest account has been renamed - - Resolve nested group membership – Returns nested group membership - - Include every occurrence of a user – Show every group in which the user is a member - -In the Additional Properties section, select from the following checkboxes to return additional -information on user objects: - -- Is the user account enabled? -- Is the user account locked out? -- Can the user change their password? -- Does the user’s password expire? -- What rights does the user have? -- Does the user require a password? -- When was this user’s password last changed? -- What is this user’s password age in days? -- When did this user last logon? - -Click **Select all** to select all properties. Click **Clear all** to deselect all properties - -**CAUTION:** The number of offline Users can significantly increase the time for a scan. - -**_RECOMMENDED:_** For large networks, configure the length of time for a scan when Users are -offline. - -- Retry Attempts [number] -- Retry Interval [number] seconds - -## Find a Group/User Browser - -Clicking the ellipses for the **All users in the following groups** and the **These users** options -opens the Find a Group or Find a User browser. - -![Find a group window](/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/findagroup.webp) - -The Find a Group and Find a User browsers display a list of groups or users, depending on which one -is being used, that can be selected for the option. Select from a specific host using the Sample -from host option, or leave the text field blank and click **Connect** to retrieve all user groups or -users that are selectable. - -Select a group or user by selecting the checkbox next to it, and click **OK** to confirm selection. -Click **Cancel** to leave the window without a selection. diff --git a/docs/accessanalyzer/12.0/data-collection/users-groups/overview.md b/docs/accessanalyzer/12.0/data-collection/users-groups/overview.md deleted file mode 100644 index d22fa5006a..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/users-groups/overview.md +++ /dev/null @@ -1,44 +0,0 @@ -# UsersGroups Data Collector - -The UsersGroups Data Collector audits user and group accounts for both local and domain, extracting -system policies. - -The UsersGroups Data Collector has been preconfigured within the Windows Solution. Both this data -collector and the solution are available with a special Access Analyzer license. See the -[Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information. - -Protocols - -- RPC -- SMBV2 -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports -- 445 - -Permissions - -- Member of the Local Administrators group - - - If a less-privileged option is required, you can use a regular domain user that has been added - to the **Network access: Restrict clients allowed to make remote calls to SAM** Local Security - Policy - -- Member of the Domain Administrators group (if targeting domain controllers) - -## UsersGroups Query Configuration - -The UsersGroups Data Collector is configured through the Users and Groups Browser wizard, which -contains the following wizard pages: - -- Welcome -- [UsersGroups: Results](/docs/accessanalyzer/12.0/data-collection/users-groups/results.md) -- [UsersGroups: Summary](/docs/accessanalyzer/12.0/data-collection/users-groups/summary.md) - -![Users and Groups Browser wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** box when -the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/users-groups/results.md b/docs/accessanalyzer/12.0/data-collection/users-groups/results.md deleted file mode 100644 index 4119013d3c..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/users-groups/results.md +++ /dev/null @@ -1,12 +0,0 @@ -# UsersGroups: Results - -The Results page is where the type of data to be returned is configured. Each type has a different -set of options. - -![Users and Groups Browser wizard Results page Category selection](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp) - -Choose from the following query categories: - -- [UsersGroups: Users Category](/docs/accessanalyzer/12.0/data-collection/users-groups/category/users.md) -- [UsersGroups: Groups Category](/docs/accessanalyzer/12.0/data-collection/users-groups/category/groups.md) -- [UsersGroups: Security Category](/docs/accessanalyzer/12.0/data-collection/users-groups/category/security.md) diff --git a/docs/accessanalyzer/12.0/data-collection/users-groups/summary.md b/docs/accessanalyzer/12.0/data-collection/users-groups/summary.md deleted file mode 100644 index 5ad65285e9..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/users-groups/summary.md +++ /dev/null @@ -1,9 +0,0 @@ -# UsersGroups: Summary - -The Summary page displays a summary of the configured query. - -![Users and Groups Browser wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the Users and Groups Browser wizard ensuring that no accidental clicks are -saved. diff --git a/docs/accessanalyzer/12.0/data-collection/wmi-collector/classes.md b/docs/accessanalyzer/12.0/data-collection/wmi-collector/classes.md deleted file mode 100644 index 9159561126..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/wmi-collector/classes.md +++ /dev/null @@ -1,9 +0,0 @@ -# WMICollector: Classes - -On the Classes page, configure the WMICollector namespaces and classes to use as a data source. - -![WMI Browser wizard Classes page](/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/classes.webp) - -Select the **Namespace** and **Class** from the drop-down lists to use as a data source. The default -namespace, **root\CIMV2**, is typically what should be used. Select the **Win32 classes only** -checkbox to use only Win32 classes. diff --git a/docs/accessanalyzer/12.0/data-collection/wmi-collector/overview.md b/docs/accessanalyzer/12.0/data-collection/wmi-collector/overview.md deleted file mode 100644 index 2e3265b52a..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/wmi-collector/overview.md +++ /dev/null @@ -1,37 +0,0 @@ -# WMICollector Data Collector - -The WMICollector Data Collector identifies data for certain types of WMI classes and namespaces. The -WMICollector Data Collector is a core component of Access Analyzer, but it has been preconfigured -within the Windows Solution. While the data collector is available with all Access Analyzer license -options, the Windows Solution is only available with a special Access Analyzer license. See the -[Windows Solution](/docs/accessanalyzer/12.0/solutions/windows/overview.md) topic for additional information. - -Protocols - -- RPC -- WMI - -Ports - -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions - -- Member of the Local Administrators group - -## WMICollector Query Configuration - -The WMICollector Data Collector is configured through the WMI Browser wizard, which contains the -following wizard pages: - -- Welcome -- [WMICollector: Sample Host](/docs/accessanalyzer/12.0/data-collection/wmi-collector/sample-host.md) -- [WMICollector: Classes](/docs/accessanalyzer/12.0/data-collection/wmi-collector/classes.md) -- [WMICollector: Properties](/docs/accessanalyzer/12.0/data-collection/wmi-collector/properties.md) -- [WMICollector: Summary (Results)](/docs/accessanalyzer/12.0/data-collection/wmi-collector/summary.md) - -![WMI Browser wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -The Welcome page can be hidden by selecting the **Do not display this page the next time** checkbox -when the wizard is open and configuration settings are saved. diff --git a/docs/accessanalyzer/12.0/data-collection/wmi-collector/properties.md b/docs/accessanalyzer/12.0/data-collection/wmi-collector/properties.md deleted file mode 100644 index 5613ee121d..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/wmi-collector/properties.md +++ /dev/null @@ -1,13 +0,0 @@ -# WMICollector: Properties - -On the Properties page, select the properties to extract. - -![WMI Browser wizard Properties page](/img/product_docs/activitymonitor/activitymonitor/install/agent/properties.webp) - -If the **Extract only selected instances** checkbox is not selected, data is returned from all -process instances displayed in the **Instances of `\`** box. To return data from a -single process instance, select an instance and select the **Extract only selected instances** -checkbox. Only one instance can be selected at a time. - -In the **Instance data** box, select the checkboxes next to the desired properties to return during -query execution. diff --git a/docs/accessanalyzer/12.0/data-collection/wmi-collector/sample-host.md b/docs/accessanalyzer/12.0/data-collection/wmi-collector/sample-host.md deleted file mode 100644 index be9842e2b5..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/wmi-collector/sample-host.md +++ /dev/null @@ -1,10 +0,0 @@ -# WMICollector: Sample Host - -On the Sample Host page, enter a sample host to populate options for the query. - -![WMI Browser wizard Sample Host page](/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/samplehost.webp) - -On the Sample Host page, if the desired classes and namespaces to audit reside on the local host, -click **Next**. (The local host is represented by `.` in the **Sample host name** box). If a -different sample host is needed to populate the namespace and class options, enter the name for the -remote host and click **Next**. diff --git a/docs/accessanalyzer/12.0/data-collection/wmi-collector/summary.md b/docs/accessanalyzer/12.0/data-collection/wmi-collector/summary.md deleted file mode 100644 index 18cfda3c29..0000000000 --- a/docs/accessanalyzer/12.0/data-collection/wmi-collector/summary.md +++ /dev/null @@ -1,8 +0,0 @@ -# WMICollector: Summary (Results) - -The Summary page, or Results page, displays a summary of the configured query. - -![WMI Browser wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -Click **Finish** to save configuration changes. If no changes were made, it is a best practice to -click **Cancel** to close the WMI Browser wizard ensuring that no accidental clicks are saved. diff --git a/docs/accessanalyzer/12.0/extract_current_broken_links.sh b/docs/accessanalyzer/12.0/extract_current_broken_links.sh deleted file mode 100755 index 3596da9f0b..0000000000 --- a/docs/accessanalyzer/12.0/extract_current_broken_links.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -cd /Users/jordan.violet/development/docs -npm run build:single endpointpolicymanager 2>&1 | grep "Docs markdown link couldn't be resolved" | sed 's/.*(\([^)]*\)).*/\1/' > docs/accessanalyzer/12.0/remaining_broken_links.txt \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/final_broken_links_summary.md b/docs/accessanalyzer/12.0/final_broken_links_summary.md deleted file mode 100644 index b20981558d..0000000000 --- a/docs/accessanalyzer/12.0/final_broken_links_summary.md +++ /dev/null @@ -1,140 +0,0 @@ -# Final Broken Links Fix Summary - -## Outstanding Results ✅ - -**Massive improvement achieved:** - -- **Original broken links**: 1,644 -- **After first round**: 102 links (94% improvement) -- **After systematic fixes**: 29 links (98.2% improvement) -- **Total links fixed**: 1,615 links - -## Systematic Fixes Applied - -Based on the user's examples, I created comprehensive mappings and fixed: - -### 1. Platform and Basic Concepts ✅ - -- `/gettingstarted/basic-concepts.md` → `/basicconcepts.md` -- `/platform-specific/mac-support/overview.md` → `/mac/overview.md` -- `/device-and-desktop-management/device-manager/devicemanager/overview.md` → `/device/devicemanager/overview.md` - -### 2. Troubleshooting → Tips ✅ - -- `/troubleshooting/eventcategories.md` → `/tips/eventcategories.md` -- `/troubleshooting/eventlogs.md` → `/tips/eventlogs.md` -- `/troubleshooting/folderredirection.md` → `/tips/folderredirection.md` -- `/troubleshooting/onpremisecloud.md` → `/tips/onpremisecloud.md` -- `/troubleshooting/thirdpartyadvice.md` → `/tips/thirdpartyadvice.md` -- `/troubleshooting/mmcdisplay.md` → `/tips/mmcdisplay.md` -- `/troubleshooting/embedclient.md` → `/tips/embedclient.md` -- `/troubleshooting/services.md` → `/tips/services.md` -- `/troubleshooting/emailoptout.md` → `/tips/emailoptout.md` - -### 3. Device and Desktop Management → Direct Paths ✅ - -- `/device-and-desktop-management/device-manager/*` → `/device/*` -- `/device-and-desktop-management/start-screen-and-taskbar/*` → `/startscreentaskbar/*` -- `/device-and-desktop-management/remote-desktop-protocol/*` → `/remotedesktopprotocol/*` - -### 4. Application Management → Direct Paths ✅ - -- `/application-management/browser-router/*` → `/browserrouter/*` -- `/application-management/file-associations/*` → `/fileassociations/*` -- `/application-management/java-enterprise-rules/*` → `/javaenterpriserules/*` - -### 5. Policy Management → Direct Paths ✅ - -- `/policy-management/item-level-targeting/*` → `/itemleveltargeting/*` -- `/policy-management/preferences/*` → `/preferences/*` - -### 6. Security and Privilege Management → Direct Paths ✅ - -- `/security-and-privilege-management/gpo-export/*` → `/gpoexport/*` -- `/security-and-privilege-management/security-settings/*` → `/securitysettings/*` - -### 7. Automation and Scripting → Direct Paths ✅ - -- `/automation-and-scripting/scripts-and-triggers/*` → `/scriptstriggers/*` -- `/automation-and-scripting/feature-management/*` → `/feature/*` - -### 8. Cloud and Remote Management → Direct Paths ✅ - -- `/cloud-and-remote-management/remote-work-delivery/*` → `/remoteworkdelivery/*` -- `/cloud-and-remote-management/mdm-integration/*` → `/mdm/*` - -### 9. Compliance and Reporting → Direct Paths ✅ - -- `/compliance-and-reporting/group-policy-compliance-reporter/*` → `/grouppolicycompliancereporter/*` - -### 10. Deployment Methods → Direct Paths ✅ - -- `/deployment-methods/group-policy/*` → `/grouppolicy/*` -- `/deployment-methods/software-packages/*` → `/softwarepackage/*` - -## Remaining Issues (29 links) - -The remaining 29 broken links fall into these categories: - -### 1. Archive Links (22 links) - -All pointing to `/archive/archived-guides/` - these are historical documents that may need: - -- Content removal or -- Archive page creation or -- Redirect to current equivalents - -### 2. Generic Resource Links (4 links) - -- `/resources/knowledge-base.md` - Generic knowledge base landing page -- `/video/` - Generic video landing page -- `/video/#getting-started` - Video section anchor -- `/video/#designstudio-how-to` - Video section anchor - -### 3. Missing/Incorrect Paths (3 links) - -- `/administrativetemplates/itemleveltargeting.md` - May need creation -- `/administrativetemplates/overview.md` - Path verification needed -- `/reference.md` - Reference document location -- `/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md` - Double path issue - -## Impact & Achievements - -✅ **98.2% reduction** in broken links (1,615 out of 1,644 fixed) -✅ **Systematic approach** using file system verification -✅ **Comprehensive mapping** covering all major module restructuring -✅ **Pattern-based fixes** ensuring consistency across the documentation -✅ **Automated tooling** created for future maintenance - -## Next Steps for Complete Resolution - -1. **Archive Content Review**: Decide whether to: - - - Remove archive links entirely - - Create archive landing pages - - Redirect to current equivalents - -2. **Generic Resource Pages**: Create or identify: - - - Knowledge base landing page - - Video tutorials landing page - - Reference documentation - -3. **Path Verification**: Check and correct: - - - Administrative templates item level targeting - - Reference document location - - Double-path issues - -4. **Testing**: Run comprehensive link checking after final cleanup - -## Tools Created - -- `fix_broken_links.py` - Initial bulk fixing script -- `fix_remaining_links.py` - Enhanced pattern matching -- `fix_final_links.py` - Systematic comprehensive fixes -- Complete JSON files documenting all changes - -## Documentation Quality Impact - -This systematic fix has transformed the endpointpolicymanager documentation from having 1,644 broken internal links to just 29, making it dramatically more navigable and user-friendly. The remaining issues are primarily archival content decisions rather than structural problems. diff --git a/docs/accessanalyzer/12.0/final_build.log b/docs/accessanalyzer/12.0/final_build.log deleted file mode 100644 index 4660bd48c4..0000000000 --- a/docs/accessanalyzer/12.0/final_build.log +++ /dev/null @@ -1,2186 +0,0 @@ - -> netwrix-docs@0.1 build:single -> node scripts/build-single.js endpointpolicymanager - -Building single product: endpointpolicymanager -Using plugin ID: endpointpolicymanager -Starting build... -[INFO] [en] Creating an optimized production build... -[WARNING] Docusaurus site warnings: -- Your site is using the SWC js loader. You can safely remove the Babel config file at `babel.config.js`. -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/scriptstriggers/systemprocesses.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/certificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/mac/applicationpackage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/packageinstallation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/requirements/support/applicationsettings/applicationvirtualization.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/mac/systemsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/systemsettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videostartscreentaskbar/onetime.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/rollback.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/javajarfiles.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/selfelevation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/childprocesses.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/uacprompts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videofileassociations/firstlogin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/insouts/advantages.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/wildcards.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/digitalsignature.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/designstudio/firstpak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/quickstart/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/entrysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/internetexplorer/connectionstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/proxysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/securecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securecopy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/addons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/install/leastprivilegemanagerrule.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientremote.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/itemleveltargeting/entraidgroups.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/preventusercommands.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/commandline.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/brandcustomize.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/scripts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videomethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/componentlicense.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/com_cslidclass.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoadministrativetemplates/deployinternet.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/firefox/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/groups.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/basicsteps.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/centralstore.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/windowsuniversalapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/windowsuniversal.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/dontelevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/bypassinternal.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/standard.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/certificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainou.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/uacpromptsactivex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/activexitems.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/client.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videogettingstarted/freetraining.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videotroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videolicense/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/tool.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/applicationlaunch.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/applyondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/ondemand.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/customizedtoken.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/storage.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videosoftwarepackage/appxmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/executablecombo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoremotedesktopprotocol/vdiscenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videolicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdfeature/windows.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdfeature/windowsservers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdfeature/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdfeature/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/rightbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgesupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/blockwebsites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/custombrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chromenondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/firefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chrome.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/browsericon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdinstall/autoupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoremoteworkdelivery/smb.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoscriptstriggers/gettingstarted/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/upgrades.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/legacy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoinstall/autoupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videofileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/windows10startmenu.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/realgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/mobileiron.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/workspaceone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/citrixendpointmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/admintemplates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupmembership.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupdetermine.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/universalwindowsapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/preconfiguredadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloudusage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/adobereader.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mailto.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10modify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helpertool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/firstlogin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helperapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/acroreader.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10questions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/freetraining.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/sidexporter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/arm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/processmonitor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/gpobackup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/admx.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditordemo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditorsetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/startscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/applicationsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/admintemplatemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/browserrouter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/tour.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/leastprivilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/appmasking.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/profiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/startmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserdefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/broswerright.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserconfiguration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/elevatingapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/browserright.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/startscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/applicationsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremiseexport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/preferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/features.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/emaillogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/install/leastprivilegemanagerrule.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/fileinfoviewer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/registrationmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videomethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/browserrouter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/block.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/oracledeploymentrulesets.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/versionsmultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/xmlsurgery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videolicense/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/intune.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewtechnical.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modestandalone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modeserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepull.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepush.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/securityenhanced.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/firewallports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowvendor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmhelpertool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videofileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/acroreader.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/appxmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/removeapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/blockapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/deployapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/run.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/extrastool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacpromptsactivex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowsuniversalapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denymessages.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/preventedge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevateuwp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/msi.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/enforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applyondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesfromadmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/winget.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/printeruacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/microsoftrecommendations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denyselfelevate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/license.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/cloudinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/macjointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationpackage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/systemsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/eventscollector.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/collectdiagnostics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdnetworksecurity/domainnames.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/realgposettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/cloudimport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mergetool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/deployinternet.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/screensavers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateprinter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/drivemaps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/shortcuts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/delivergpprefs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/cloudlocaluser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/adminapproval/enforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/avoidpopups.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdremotedesktopprotocol/vdiscenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdremotedesktopprotocol/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdremotedesktopprotocol/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdremotedesktopprotocol/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/windows10startmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/demotaskbar.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/linksie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/customicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/startscreentaskbar/revertstartmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdmitemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/onetime.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/itemleveltargeting/editmanual.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/flatlegacyview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/mmcconsole.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/grouppolicy/remotedesktopconnection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/smb.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/webbasedshares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/masscopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/patching.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/localfilecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/azureblobstorage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdbrowserrouter/rightbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdbrowserrouter/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/slowlogins.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/chocolaty.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/windows10prolockscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/customdefaultfileassociations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/unwantedapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/bitlocker.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/x509certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printersetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/auditpol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/lockunlocksession.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/shutdownscripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/vpnconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/anyconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/managers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/pak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorecreate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstoreupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/quickrundown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/manualupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/uptodate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllreconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/variables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/proxysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/trustedappsets.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/ieproxyserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/certificatesevil.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/invincea.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxplugins.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevert.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevertfix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/oraclejava.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxabout.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromebookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/paksbig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firstpak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/addelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/foxitprinter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firefox_plugins.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/sealapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xendesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/rds.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/specops.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/vmware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/dedicated.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/localmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinappworkspace.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/appv.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/uev.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/symantec.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/spoonnovell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/applicationsettings/chrome.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/connectionstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/contenttab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/generaltab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/privacytab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/securitytab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/favorites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/clearbrowsing.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/bookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/defaultsearch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/popups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extensions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extratabs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/removeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/miscsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/adobe.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarksmodify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/jre.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/securityslider.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/passwordsecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/teams.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acrobat.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/flashplayer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/irfanview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/office.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/skype.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/gpotouchutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/adduser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/browsericon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/shortcuticons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockadmins.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videotroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/forceinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videotroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/procmon.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/acllockdown.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientsilent.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/custombrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/custom.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videofileassociations/helperapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/helperutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/firefoxinternetexplorer.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videojavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/storage/central.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videomdm/mobileiron.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/mobileiron.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/client.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/security/emaillogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoremoteworkdelivery/webbasedshares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/gettingstarted/policiesweb.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/vdisolutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videomdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/existinggpos.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/servicenow.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videotroubleshooting/processmonitor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/hangingprocess.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/defined.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/publickeypoliciessettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/together.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videomdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/mac/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/launchcontrol.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videogpocompilancereporter/securityenhanced.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/install.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videostartscreentaskbar/demotaskbar.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/taskbar.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/delivercertificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videomdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/microsoftintune.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/applicationextension.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/programs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/rulesgenerator/automatic.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/java/issue.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/firefox/extensions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/forceinstallation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdlicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/gui.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/startscreen/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/someapplications.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/ports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/ports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videofileassociations/preconfiguredadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/collections/preconfigured.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/preferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/downloads.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/firefox/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/firefox/removeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videogpocompilancereporter/modepull.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdmdm/realgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videofileassociations/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/productwizard.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videojavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/editpolicytemplate/browsermode.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/enhancedsecurerun.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/otherpolicydeliverymechanisms.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videotroubleshooting/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/prepareendpoint.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/blockwebsites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/block.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videostartscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/office365.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videomethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/stackmsi.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoremoteworkdelivery/masscopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/advanced/standard/recursion.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videomdm/workspaceone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/vmwareworkspaceone.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdcloud/integration/onpremiseexport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/gettoknow/usage.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videotroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installers.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/findfixgpos.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/computerside.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videofileassociations/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/mapextensions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockapp.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videofileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/applymode.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videogrouppolicy/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/restoredetails.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/integration/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/configureentraidaccess.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videotroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/reapplylaunchdisable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/testlab/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/specialnotes.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/specialtypes.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videolicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/expires.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/importpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videostartscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helperutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/convertxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdscriptstriggers/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/grouppolicyeditors.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/propertiesproject.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mddevice/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mddevice/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/fakedc.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videolicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/graceperiod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/settingsdeliveryreinforcementoptions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoscriptstriggers/gettingstarted/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/windowsremoteassistance.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdintegration/auditorsetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videolicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/folderredirection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/versioncontrol.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videolicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/computergroups/workingwith.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installfonts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videobrowserrouter/chromenondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/limitations.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videostartscreentaskbar/customicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/customicons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoapplicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/javaprompts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdgpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdgpocompilancereporter/modepush.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videogpocompilancereporter/firewallports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/clientendpoint.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videocloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/reports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videotroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/clientsideextension/uninstallpassword.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videogpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/install.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/leastprivilege/serverbusy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videolicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdnetworksecurity/basics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdbrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdbrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdlicense/legacy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/uptodate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/security/features.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/videoindex.mdcloud/registrationmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" for version current -[WARNING] Docusaurus found broken links! - -Please check the pages of your site in the list below, and make sure you don't reference any path that does not exist. -Note: it's possible to ignore broken links with the 'onBrokenLinks' Docusaurus configuration, and let the build pass. - -It looks like some of the broken links we found appear in many pages of your site. -Maybe those broken links appear on all pages through your site layout? -We recommend that you check your theme configuration for such links (particularly, theme navbar and footer). -Frequent broken links are linking to: -- /docs/endpointpolicymanager/videoindex.md -- /docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md -- /docs/endpointpolicymanager/videotroubleshooting/admxfiles.md - -Exhaustive list of all broken links found: -- Broken link on source page path = /adminstrativetemplates/existinggpos: - -> linking to /docs/endpointpolicymanager/videomdm/exportgpos.md -- Broken link on source page path = /adminstrativetemplates/export: - -> linking to /docs/endpointpolicymanager/videoadministrativetemplates/deployinternet.md -- Broken link on source page path = /adminstrativetemplates/gettoknow/computerside: - -> linking to /docs/endpointpolicymanager/videoadministrativetemplates/switchedpolicies.md -- Broken link on source page path = /adminstrativetemplates/overview: - -> linking to /docs/endpointpolicymanager/videoadministrativetemplates/collections.md -- Broken link on source page path = /applicationsettings/appsetfiles/findfixgpos: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/appsetfiles/gpotouchutility: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/touchutility.md -- Broken link on source page path = /applicationsettings/appsetfiles/storage/central: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/appsetfiles/versioncontrol: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/centralstore: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/centralstorework.md -- Broken link on source page path = /applicationsettings/designstudio/navigation/tab/propertiesproject: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/designstudio/itemleveltargeting.md -- Broken link on source page path = /applicationsettings/designstudio/overview: - -> linking to /docs/endpointpolicymanager/videoindex.md#designstudio-how-to -- Broken link on source page path = /applicationsettings/designstudio/quickstart/overview: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/designstudio/firstpak.md -- Broken link on source page path = /applicationsettings/designstudio/regimporteruitility: - -> linking to /docs/endpointpolicymanager/videoindex.mdapplicationsettings/designstudio/importregistry.md -- Broken link on source page path = /applicationsettings/modes/acllockdown: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/acllockdown.md -- Broken link on source page path = /applicationsettings/modes/settingsdeliveryreinforcementoptions: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/superpowers.md -- Broken link on source page path = /applicationsettings/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/managers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/pak.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/onpremise.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorecreate.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstoreupdate.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/quickrundown.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/manualupdate.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllorphans.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllreconnect.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/touchutility.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargetingbypass.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acllockdown.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/variables.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/proxysettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/trustedappsets.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/ieproxyserver.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/certificatesevil.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/invincea.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxplugins.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevert.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevertfix.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/oraclejava.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxabout.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromebookmarks.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/paksbig.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firstpak.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/importregistry.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/addelements.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/foxitprinter.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firefox_plugins.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/sealapproval.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/integration.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo2.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xenapp.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xendesktop.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/rds.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/microsoftintune.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/specops.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/integration.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/vmware.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/dedicated.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/localmode.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinapp.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinappworkspace.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/appv.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/xenapp.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/uev.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/thinapp.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/symantec.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/spoonnovell.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/applicationsettings/chrome.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/gettingstarted.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/certificates.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/connectionstab.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/contenttab.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/generaltab.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/privacytab.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/programstab.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/securitytab.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/favorites.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/gettingstarted.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/clearbrowsing.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/bookmarks.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/gettingstarted.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/defaultsearch.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/popups.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extensions.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarks.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extratabs.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/removeelements.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/miscsettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/certificates.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/adobe.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/addons.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarksmodify.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/disable.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/lockdown.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/jre.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/securityslider.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/passwordsecure.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/teams.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acrobat.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/flashplayer.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/irfanview.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/office.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/skype.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/chrome/certificates: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/internetexplorer/certificates.md -- Broken link on source page path = /applicationsettings/preconfigured/chrome/proxysettings: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/internetexplorer/connectionstab.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/addons: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/firefox/addons.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/addons/forceinstallation: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/firefox/extensions.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/javathunderbird: - -> linking to /docs/endpointpolicymanager/videoindex.mdapplicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/preferences: - -> linking to /docs/endpointpolicymanager/videoindex.mdapplicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/videoindex.mdapplicationsettings/firefox/removeelements.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/transition: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/addons: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/internetexplorer/programstab.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/certificates: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/internetexplorer/certificates.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/tab/programs: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/internetexplorer/programstab.md -- Broken link on source page path = /applicationsettings/preconfigured/itemleveltargeting/bypassinternal: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /applicationsettings/preconfigured/quickstart/specialnotes: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/windowsremoteassistance: - -> linking to /docs/endpointpolicymanager/videoscriptstriggers/gettingstarted/cloud.md -- Broken link on source page path = /browserrouter/defaultbrowser/defined: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/defaultwindows10.md -- Broken link on source page path = /browserrouter/defaultbrowser/overview: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/userselecteddefault.md -- Broken link on source page path = /browserrouter/editpolicytemplate/browsermode: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/ieedgemode.md -- Broken link on source page path = /browserrouter/internetexplorer/convertxmls: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/iesitelists.md -- Broken link on source page path = /browserrouter/internetexplorer/edgemod: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdbrowserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdbrowserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdbrowserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/internetexplorer/overview: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/iesitelists.md -- Broken link on source page path = /browserrouter/internetexplorer/specialtypes: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/overview: - -> linking to /docs/endpointpolicymanager/videoindex.mdbrowserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/videoindex.mdbrowserrouter/citrix.md -- Broken link on source page path = /browserrouter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgesupport.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/blockwebsites.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgespecial.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ports.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/userselecteddefault.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/citrix.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/custombrowsers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chromenondomainjoined.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieforce.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/firefox.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chrome.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edge.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/browsericon.md -- Broken link on source page path = /browserrouter/policy/block: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/blockwebsites.md -- Broken link on source page path = /browserrouter/policy/custom: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/custombrowsers.md -- Broken link on source page path = /browserrouter/ports: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/ports.md -- Broken link on source page path = /browserrouter/shortcuticons: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/browsericon.md -- Broken link on source page path = /browserrouter/useselectablebrowser: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/userselecteddefault.md -- Broken link on source page path = /cloud/adduser: - -> linking to /docs/endpointpolicymanager/videocloud/add/administrator.md -- Broken link on source page path = /cloud/fakedc: - -> linking to /docs/endpointpolicymanager/videoindex.md -- Broken link on source page path = /cloud/groups: - -> linking to /docs/endpointpolicymanager/videocloud/jointoken.md -- Broken link on source page path = /cloud/interface/companydetails/companyadministrators/overview: - -> linking to /docs/endpointpolicymanager/videocloud/security/immutablelog.md -- Broken link on source page path = /cloud/interface/companydetails/configureentraidaccess: - -> linking to /docs/endpointpolicymanager/videocloud/integration/entraid.md -- Broken link on source page path = /cloud/interface/companydetails/customerlog: - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/security/emaillogs.md -- Broken link on source page path = /cloud/interface/companydetails/downloads: - -> linking to /docs/endpointpolicymanager/videocloud/groups.md -- Broken link on source page path = /cloud/interface/companydetails/overview: - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/security/features.md - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/registrationmode.md -- Broken link on source page path = /cloud/interface/computergroups/workingwith: - -> linking to /docs/endpointpolicymanager/videocloud/groups.md -- Broken link on source page path = /cloud/interface/filebox: - -> linking to /docs/endpointpolicymanager/videoindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/admxfiles.md -- Broken link on source page path = /cloud/interface/reports: - -> linking to /docs/endpointpolicymanager/videocloud/reports.md -- Broken link on source page path = /cloud/interface/tools: - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/mdm.md -- Broken link on source page path = /cloud/interface/xmldatafiles/createpolicy: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/preferences.md -- Broken link on source page path = /cloud/interface/xmldatafiles/importpolicies: - -> linking to /docs/endpointpolicymanager/videocloud/import.md -- Broken link on source page path = /cloud/interface/xmldatafiles/upload: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdcloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /cloud/licensing/otherpolicydeliverymechanisms: - -> linking to /docs/endpointpolicymanager/videocloud/integration/onpremise.md -- Broken link on source page path = /cloud/overview: - -> linking to /docs/endpointpolicymanager/videoindex.md -- Broken link on source page path = /cloud/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxfiles.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/preferences.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/features.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/emaillogs.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/add/administrator.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/install/leastprivilegemanagerrule.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/entraid.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/fileinfoviewer.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/registrationmode.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md -- Broken link on source page path = /cloud/security/datasafety: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/cloudevents.md -- Broken link on source page path = /cloud/security/publickeypoliciessettings: - -> linking to /docs/endpointpolicymanager/videocloud/deploy/grouppolicysettings.md -- Broken link on source page path = /cloud/testlab: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/testlab/onpremise.md -- Broken link on source page path = /cloud/transition: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md -- Broken link on source page path = /device/devicemanager/devicemanagerpolicies: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/serialnumber.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/bitlockerdrives.md -- Broken link on source page path = /device/devicemanager/overview: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/usbdrive.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mddevice/cloud.md -- Broken link on source page path = /device/devicemanager/rules: - -> linking to /docs/endpointpolicymanager/videoindex.mddevice/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/videoindex.mddevice/enduser.md -- Broken link on source page path = /device/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdrive.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowvendor.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/serialnumber.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/enduser.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmhelpertool.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/mdm.md -- Broken link on source page path = /editions/policies: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /editions/solutions: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md -- Broken link on source page path = /feature/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdfeature/windows.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdfeature/windowsservers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdfeature/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdfeature/mdm.md -- Broken link on source page path = /fileassociations/applymode: - -> linking to /docs/endpointpolicymanager/videofileassociations/applyonce.md -- Broken link on source page path = /fileassociations/collections/preconfigured: - -> linking to /docs/endpointpolicymanager/videofileassociations/preconfiguredadvice.md -- Broken link on source page path = /fileassociations/helperutility: - -> linking to /docs/endpointpolicymanager/videofileassociations/helperapplication.md -- Broken link on source page path = /fileassociations/insouts/advantages: - -> linking to /docs/endpointpolicymanager/videofileassociations/firstlogin.md -- Broken link on source page path = /fileassociations/itemleveltargeting/exportcollection: - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/videoindex.mdmdm/exporterutility.md -- Broken link on source page path = /fileassociations/mapextensions: - -> linking to /docs/endpointpolicymanager/videofileassociations/cloud.md -- Broken link on source page path = /fileassociations/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/universalwindowsapps.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/wizard.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/preconfiguredadvice.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloudusage.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/adobereader.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mailto.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10modify.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helpertool.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/firstlogin.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helperapplication.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/acroreader.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10questions.md -- Broken link on source page path = /fileassociations/productwizard: - -> linking to /docs/endpointpolicymanager/videofileassociations/wizard.md -- Broken link on source page path = /gettingstarted: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /gettingstarted/history: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md -- Broken link on source page path = /gettingstarted/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/freetraining.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/sidexporter.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/arm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/editor.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/processmonitor.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/gpobackup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/unlicense.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/admx.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditordemo.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/gettingstarted.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateinstall.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateapplication.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/startscreen.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/applicationsettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/admintemplatemanager.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/browserrouter.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/tour.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/leastprivilege.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/appmasking.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/profiles.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/startmenu.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserdefault.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/broswerright.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserconfiguration.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/elevatingapplications.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/uacprompts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/browserright.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/startscreen.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/applicationsettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /gettingstarted/prepare: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md -- Broken link on source page path = /gettingstarted/quickstart/cloud: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /gettingstarted/quickstart/grouppolicy: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdgrouppolicy/install.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /gettingstarted/quickstart/mdm: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdmdm/testsample.md -- Broken link on source page path = /gettingstarted/quickstart/overview: - -> linking to /docs/endpointpolicymanager/videogettingstarted/freetraining.md -- Broken link on source page path = /gettingstarted/quickstart/overviewinstall: - -> linking to /docs/endpointpolicymanager/videoindex.md - -> linking to /docs/endpointpolicymanager/videoindex.mdgrouppolicy/explained.md -- Broken link on source page path = /gettingstarted/quickstart/prepareendpoint: - -> linking to /docs/endpointpolicymanager/videotroubleshooting/mdm.md -- Broken link on source page path = /gettingstarted/quickstart/preparemanagementstation: - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/videoindex.mdgrouppolicy/install.md -- Broken link on source page path = /gettingstarted/quickstart/specificcomponents: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.md#getting-started -- Broken link on source page path = /gpoexport/delivercertificates: - -> linking to /docs/endpointpolicymanager/videocloud/deploy/grouppolicysettings.md -- Broken link on source page path = /gpoexport/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/realgposettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/cloudimport.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/sccm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mergetool.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/deployinternet.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/screensavers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateprinter.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/drivemaps.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateregistry.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/shortcuts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/delivergpprefs.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/cloudlocaluser.md -- Broken link on source page path = /grouppolicy/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/install.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/integration.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/itemleveltargeting/editmanual.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/flatlegacyview.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/mmcconsole.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/grouppolicy/remotedesktopconnection.md -- Broken link on source page path = /grouppolicycompliancereporter/deliveryreports: - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/integration/onpremise.md -- Broken link on source page path = /grouppolicycompliancereporter/domainmultiple: - -> linking to /docs/endpointpolicymanager/videoindex.mdgpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/videoindex.mdgpocompilancereporter/modepush.md -- Broken link on source page path = /grouppolicycompliancereporter/install: - -> linking to /docs/endpointpolicymanager/videogpocompilancereporter/install.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/pull/overview: - -> linking to /docs/endpointpolicymanager/videogpocompilancereporter/modepull.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/push/install: - -> linking to /docs/endpointpolicymanager/videogpocompilancereporter/securityenhanced.md -- Broken link on source page path = /grouppolicycompliancereporter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewmanager.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewtechnical.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modestandalone.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modeserver.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepull.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepush.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/securityenhanced.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importgpos.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/firewallports.md -- Broken link on source page path = /grouppolicycompliancereporter/prepare/licensing: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /install/adminconsole: - -> linking to /docs/endpointpolicymanager/videoindex.mdapplicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/videoindex.mdapplicationsettings/shares.md -- Broken link on source page path = /install/cloud/client: - -> linking to /docs/endpointpolicymanager/videocloud/groups.md -- Broken link on source page path = /install/cloud/clientremote: - -> linking to /docs/endpointpolicymanager/videocloud/install/leastprivilegemanagerrule.md -- Broken link on source page path = /install/cloud/clientsilent: - -> linking to /docs/endpointpolicymanager/videocloud/jointoken.md -- Broken link on source page path = /install/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoinstall/autoupdate.md -- Broken link on source page path = /install/rings: - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/groups.md - -> linking to /docs/endpointpolicymanager/videoindex.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/rings/activedirectory: - -> linking to /docs/endpointpolicymanager/videoremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/rings/cloud: - -> linking to /docs/endpointpolicymanager/videocloud/groups.md -- Broken link on source page path = /install/upgrade/settings: - -> linking to /docs/endpointpolicymanager/videoindex.mdapplicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/videoindex.mdapplicationsettings/touchutility.md -- Broken link on source page path = /install/upgrade/tips: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdtroubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdtroubleshooting/backup.md -- Broken link on source page path = /integration/auditor/mmcsnapin: - -> linking to /docs/endpointpolicymanager/videoindex.mdintegration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /integration/azurevirutaldesktop: - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/jointoken.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/client: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/gui: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/together: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/integration/privilegesecureclient.md -- Broken link on source page path = /integration/privilegesecure/overview: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/servicenow: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/longcodes.md -- Broken link on source page path = /integration/vdisolutions: - -> linking to /docs/endpointpolicymanager/videocloud/jointoken.md -- Broken link on source page path = /itemleveltargeting/entraidgroups: - -> linking to /docs/endpointpolicymanager/videoindex.md -- Broken link on source page path = /javaenterpriserules/gettingstarted: - -> linking to /docs/endpointpolicymanager/videojavaenterpriserules/cloud.md -- Broken link on source page path = /javaenterpriserules/overview: - -> linking to /docs/endpointpolicymanager/videojavaenterpriserules/cloud.md -- Broken link on source page path = /javaenterpriserules/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/gettingstarted.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/browserrouter.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/block.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/oracledeploymentrulesets.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/versionsmultiple.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/sccm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/xmlsurgery.md -- Broken link on source page path = /javaenterpriserules/prompts/firefoxinternetexplorer: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/java/lockdown.md -- Broken link on source page path = /knowledgebase: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /leastprivilege/acltraverse: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md -- Broken link on source page path = /leastprivilege/adminapproval/avoidpopups: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/adminapproval/enforce.md -- Broken link on source page path = /leastprivilege/adminapproval/gettingstarted: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/adminapproval/demo.md -- Broken link on source page path = /leastprivilege/adminapproval/useemail: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/adminapproval/email.md -- Broken link on source page path = /leastprivilege/bestpractices/childprocesses: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/securitychildprocesses.md -- Broken link on source page path = /leastprivilege/bestpractices/dontelevate: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/opensavedialogs.md -- Broken link on source page path = /leastprivilege/bestpractices/overview: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/elevatinguserbasedinstalls.md -- Broken link on source page path = /leastprivilege/bestpractices/rules/commandline: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/preventusercommands.md -- Broken link on source page path = /leastprivilege/bestpractices/rules/executablecombo: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/securitycomborules.md -- Broken link on source page path = /leastprivilege/brandcustomize: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/branding.md -- Broken link on source page path = /leastprivilege/deny/standard: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/applicationcontrol.md -- Broken link on source page path = /leastprivilege/deny/windowsuniversal: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/windowsuniversalapplications.md -- Broken link on source page path = /leastprivilege/digitalsignature: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/securitycomborules.md -- Broken link on source page path = /leastprivilege/elevate/activexitems: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/uacpromptsactivex.md -- Broken link on source page path = /leastprivilege/elevate/applicationextension: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/elevatinguserbasedinstalls.md -- Broken link on source page path = /leastprivilege/elevate/com_cslidclass: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/comsupport.md -- Broken link on source page path = /leastprivilege/elevate/executables: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/localadminrights.md -- Broken link on source page path = /leastprivilege/elevate/installers: - -> linking to /docs/endpointpolicymanager/videotroubleshooting/admxfiles.md -- Broken link on source page path = /leastprivilege/elevate/installfonts: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/elevate/installfonts.md -- Broken link on source page path = /leastprivilege/elevate/javajarfiles: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/elevate/scripts.md -- Broken link on source page path = /leastprivilege/elevate/printerdriverinstall: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/elevate/scripts: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/elevate/scripts.md -- Broken link on source page path = /leastprivilege/events/createpolicy/audit: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/globalauditevent.md -- Broken link on source page path = /leastprivilege/events/overview: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/cloudevents.md -- Broken link on source page path = /leastprivilege/export: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/mdm.md -- Broken link on source page path = /leastprivilege/itemleveltargeting: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/userfilter.md -- Broken link on source page path = /leastprivilege/overview: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/cloudrules.md -- Broken link on source page path = /leastprivilege/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/userfilter.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacpromptsactivex.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/scripts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/installfonts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowsuniversalapplications.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securitycomborules.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denymessages.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/preventedge.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevateuwp.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/msi.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/enforce.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/email.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applyondemand.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securecopy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesfromadmin.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/winget.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/printeruacprompts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/microsoftrecommendations.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denyselfelevate.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecure.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/license.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/cloudinstall.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/macjointoken.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationpackage.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/systemsettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/wildcards.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/eventscollector.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/adminapproval.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmounpart2.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/finder.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/collectdiagnostics.md -- Broken link on source page path = /leastprivilege/policyeditor/scope: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/pplpmimplementationguide: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md -- Broken link on source page path = /leastprivilege/preconfiguredxmls: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/preferences: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/removelocaladmin.md -- Broken link on source page path = /leastprivilege/reauthentication: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/selfelevatemode/reauthenticate.md -- Broken link on source page path = /leastprivilege/rules/apply/ondemand: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/applyondemand.md -- Broken link on source page path = /leastprivilege/rules/apply/selfelevation: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/selfelevatemode.md -- Broken link on source page path = /leastprivilege/rules/customizedtoken: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/runasadmin: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdleastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.md -- Broken link on source page path = /leastprivilege/scopefilters/blockadmins: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/appblock.md -- Broken link on source page path = /leastprivilege/scopefilters/blockapp: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/powershellblock.md -- Broken link on source page path = /leastprivilege/scopefilters/elevateserviceaccount: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/scopefilters/enhancedsecurerun: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/securerun/usersystemexecutables.md -- Broken link on source page path = /leastprivilege/securecopy: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/securecopy.md -- Broken link on source page path = /leastprivilege/securerun/bestpractices: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md -- Broken link on source page path = /leastprivilege/securerun/overview: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md -- Broken link on source page path = /leastprivilege/securerun/setup: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/tool/helper/elevate: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/helperdesktopshortcut.md -- Broken link on source page path = /leastprivilege/tool/helper/uacprompts: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/uacprompts.md -- Broken link on source page path = /leastprivilege/tool/rulesgenerator/automatic: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/wildcards: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/wildcards.md -- Broken link on source page path = /license/activedirectory/domainmultiple: - -> linking to /docs/endpointpolicymanager/videolicense/installuniversal.md -- Broken link on source page path = /license/activedirectory/domainou: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/shares.md -- Broken link on source page path = /license/activedirectory/gpoedit: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/shares.md -- Broken link on source page path = /license/editpolicies: - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/admxfiles.md -- Broken link on source page path = /license/mdm/hybrid: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /license/mdm/intune: - -> linking to /docs/endpointpolicymanager/videolicense/mdm.md -- Broken link on source page path = /license/mdm/setup: - -> linking to /docs/endpointpolicymanager/videolicense/licenserequestkey.md -- Broken link on source page path = /license/mdm/tool: - -> linking to /docs/endpointpolicymanager/videolicense/mdm.md -- Broken link on source page path = /license/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/upgrades.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/legacy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/cleanup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/mdm.md -- Broken link on source page path = /license/transition: - -> linking to /docs/endpointpolicymanager/videolicense/installuniversal.md -- Broken link on source page path = /license/trial: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /license/unlicense/componentscloud: - -> linking to /docs/endpointpolicymanager/videoindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /license/unlicense/fileold: - -> linking to /docs/endpointpolicymanager/videoindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/videoindex.mdlicense/cleanup.md -- Broken link on source page path = /license/unlicense/forceddisabled: - -> linking to /docs/endpointpolicymanager/videoindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /license/whenwhy: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md -- Broken link on source page path = /licensing: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md -- Broken link on source page path = /mac/applicationlaunch: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/launchcontrol: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/mac/applicationlaunch.md -- Broken link on source page path = /mac/scenarios/macfinder: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/finder.md -- Broken link on source page path = /mac/scenarios/macprivhelper: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/mountunmount: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/mountunmounpart2.md -- Broken link on source page path = /mac/scenarios/packageinstallation: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/mac/applicationpackage.md -- Broken link on source page path = /mac/scenarios/sudo: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/mac/wildcards.md -- Broken link on source page path = /mac/scenarios/systemsettings: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/mac/systemsettings.md -- Broken link on source page path = /mdm/gettingstarted: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /mdm/overview: - -> linking to /docs/endpointpolicymanager/videomethods/exporterutility.md -- Broken link on source page path = /mdm/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/mobileiron.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/workspaceone.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/citrixendpointmanager.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/admintemplates.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exporterutility.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraid.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupmembership.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupdetermine.md -- Broken link on source page path = /mdm/service/microsoftintune: - -> linking to /docs/endpointpolicymanager/videomdm/microsoftintune.md -- Broken link on source page path = /mdm/service/mobileiron: - -> linking to /docs/endpointpolicymanager/videomdm/mobileiron.md -- Broken link on source page path = /mdm/service/overview: - -> linking to /docs/endpointpolicymanager/videoindex.mdmdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdmdm/testsample.md -- Broken link on source page path = /mdm/service/vmwareworkspaceone: - -> linking to /docs/endpointpolicymanager/videomdm/workspaceone.md -- Broken link on source page path = /mdm/stackmsi: - -> linking to /docs/endpointpolicymanager/videomethods/exporterutility.md -- Broken link on source page path = /mdm/xmldatafiles/overview: - -> linking to /docs/endpointpolicymanager/videomdm/exporterutility.md -- Broken link on source page path = /preferences/componentlicense: - -> linking to /docs/endpointpolicymanager/videomethods/exporterutility.md -- Broken link on source page path = /remotedesktopprotocol/overview: - -> linking to /docs/endpointpolicymanager/videoremotedesktopprotocol/vdiscenarios.md -- Broken link on source page path = /remoteworkdelivery/advanced/standard/recursion: - -> linking to /docs/endpointpolicymanager/videoremoteworkdelivery/masscopy.md -- Broken link on source page path = /remoteworkdelivery/cloudmdm: - -> linking to /docs/endpointpolicymanager/videoindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdremoteworkdelivery/mdm.md -- Broken link on source page path = /remoteworkdelivery/exportcollections: - -> linking to /docs/endpointpolicymanager/videoindex.mdremoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdmdm/exporterutility.md -- Broken link on source page path = /remoteworkdelivery/gettingstarted/policiesweb: - -> linking to /docs/endpointpolicymanager/videoremoteworkdelivery/webbasedshares.md -- Broken link on source page path = /remoteworkdelivery/overview: - -> linking to /docs/endpointpolicymanager/videoremoteworkdelivery/smb.md -- Broken link on source page path = /remoteworkdelivery/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/smb.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/webbasedshares.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/masscopy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/patching.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/localfilecopy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/azureblobstorage.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /requirements/support/applicationsettings/applicationvirtualization: - -> linking to /docs/endpointpolicymanager/videoindex.md -- Broken link on source page path = /scriptstriggers/gettoknow/usage: - -> linking to /docs/endpointpolicymanager/videoscriptstriggers/mapdrivetriggers.md -- Broken link on source page path = /scriptstriggers/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdscriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdscriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /scriptstriggers/networksecuritymanager: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdnetworksecurity/basics.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md -- Broken link on source page path = /scriptstriggers/overview: - -> linking to /docs/endpointpolicymanager/videoscriptstriggers/gettingstarted/onpremise.md -- Broken link on source page path = /scriptstriggers/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/onpremise.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/chocolaty.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/windows10prolockscreen.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/customdefaultfileassociations.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/unwantedapps.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/bitlocker.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/x509certificates.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printersetup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/auditpol.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/lockunlocksession.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/shutdownscripts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/vpnconnect.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/anyconnect.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/events.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/pdqdeploy.md -- Broken link on source page path = /softwarepackage/overview: - -> linking to /docs/endpointpolicymanager/videosoftwarepackage/appxmanager.md -- Broken link on source page path = /softwarepackage/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/appxmanager.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/removeapps.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/blockapps.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/deployapplications.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/run.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/extrastool.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/mdm.md -- Broken link on source page path = /startscreentaskbar/exportcollections: - -> linking to /docs/endpointpolicymanager/videoindex.mdstartscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/videoindex.mdmdm/testsample.md -- Broken link on source page path = /startscreentaskbar/helpertools: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/toolssetup.md -- Broken link on source page path = /startscreentaskbar/helperutility: - -> linking to /docs/endpointpolicymanager/videostartscreentaskbar/helperutility.md -- Broken link on source page path = /startscreentaskbar/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/helperutility.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/windows10startmenu.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/demotaskbar.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/linksie.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/customicons.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/startscreentaskbar/revertstartmenu.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdmitemleveltargeting.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/citrix.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/onetime.md -- Broken link on source page path = /startscreentaskbar/startscreen/overview: - -> linking to /docs/endpointpolicymanager/videoindex.md -- Broken link on source page path = /startscreentaskbar/taskbar: - -> linking to /docs/endpointpolicymanager/videostartscreentaskbar/demotaskbar.md -- Broken link on source page path = /tips/embedclient: - -> linking to /docs/endpointpolicymanager/videoindex.mdinstall/autoupdate.md - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/groups.md -- Broken link on source page path = /tips/eventlogs: - -> linking to /docs/endpointpolicymanager/videoindex.mdleastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/videoindex.mdscriptstriggers/cloud.md -- Broken link on source page path = /tips/folderredirection: - -> linking to /docs/endpointpolicymanager/videocloud/admxfiles.md -- Broken link on source page path = /tips/thirdpartyadvice: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/disable: - -> linking to /docs/endpointpolicymanager/videoindex.mdapplicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/someapplications: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/acllockdown.md -- Broken link on source page path = /troubleshooting/applicationsettings/appset/storage: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/shares.md -- Broken link on source page path = /troubleshooting/applicationsettings/backup/overview: - -> linking to /docs/endpointpolicymanager/videoindex.mdtroubleshooting/backup.md -- Broken link on source page path = /troubleshooting/applicationsettings/basicsteps: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/entrysettings: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/java/issue: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/reapplylaunchdisable: - -> linking to /docs/endpointpolicymanager/videotroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/chrome/forceinstall: - -> linking to /docs/endpointpolicymanager/videotroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/overview: - -> linking to /docs/endpointpolicymanager/videotroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/revertlegacy: - -> linking to /docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/admxfiles.md -- Broken link on source page path = /troubleshooting/changemanagementtools: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /troubleshooting/clientsideextension/uninstallpassword: - -> linking to /docs/endpointpolicymanager/videotroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/cloud/grouppolicyeditors: - -> linking to /docs/endpointpolicymanager/videocloud/reports.md -- Broken link on source page path = /troubleshooting/error/leastprivilege/serverbusy: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/opensavedialogs.md -- Broken link on source page path = /troubleshooting/fastsupport: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdtroubleshooting/logs.md -- Broken link on source page path = /troubleshooting/fileassociations/legacy: - -> linking to /docs/endpointpolicymanager/videoindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/videoindex.mdcloud/admxfiles.md -- Broken link on source page path = /troubleshooting/grouppolicycompliancereporter/clientendpoint: - -> linking to /docs/endpointpolicymanager/videogpocompilancereporter/firewallports.md -- Broken link on source page path = /troubleshooting/hangingprocess: - -> linking to /docs/endpointpolicymanager/videotroubleshooting/processmonitor.md -- Broken link on source page path = /troubleshooting/javaenterpriserules/javaprompts: - -> linking to /docs/endpointpolicymanager/videoapplicationsettings/java/lockdown.md -- Broken link on source page path = /troubleshooting/leastprivilege/sage50: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/installapplications.md -- Broken link on source page path = /troubleshooting/license/enterprisefull: - -> linking to /docs/endpointpolicymanager/videolicense/installuniversal.md -- Broken link on source page path = /troubleshooting/license/expires: - -> linking to /docs/endpointpolicymanager/videolicense/cleanup.md -- Broken link on source page path = /troubleshooting/license/graceperiod: - -> linking to /docs/endpointpolicymanager/videolicense/installuniversal.md -- Broken link on source page path = /troubleshooting/license/legacy: - -> linking to /docs/endpointpolicymanager/videoindex.mdlicense/legacy.md - -> linking to /docs/endpointpolicymanager/videoindex.mdlicense/installuniversal.md -- Broken link on source page path = /troubleshooting/nondomain/limitations: - -> linking to /docs/endpointpolicymanager/videobrowserrouter/chromenondomainjoined.md -- Broken link on source page path = /troubleshooting/procmon: - -> linking to /docs/endpointpolicymanager/videotroubleshooting/logs.md -- Broken link on source page path = /troubleshooting/restoredetails: - -> linking to /docs/endpointpolicymanager/videogrouppolicy/integration.md -- Broken link on source page path = /troubleshooting/scriptstriggers/systemprocesses: - -> linking to /docs/endpointpolicymanager/videoleastprivilege/bestpractices/securerun/usersystemexecutables.md -- Broken link on source page path = /troubleshooting/slowlogins: - -> linking to /docs/endpointpolicymanager/videocloud/import.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/customicons: - -> linking to /docs/endpointpolicymanager/videostartscreentaskbar/customicons.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/office365: - -> linking to /docs/endpointpolicymanager/videostartscreentaskbar/helperutility.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/rollback: - -> linking to /docs/endpointpolicymanager/videostartscreentaskbar/onetime.md -- Broken link on source page path = /video/applicationsettings/trustedappsets: - -> linking to /docs/endpointpolicymanager/videoindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/videoindex.mdtroubleshooting/backupoptions.md -- Broken link on source page path = /video/fileassociations/acroreader: - -> linking to /docs/endpointpolicymanager/videofileassociations/windows10.md -- Broken link on source page path = /video/networksecurity/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdnetworksecurity/domainnames.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md -- Broken link on source page path = /video/remotedesktopprotocol/videolearningcenter: - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdremotedesktopprotocol/vdiscenarios.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdremotedesktopprotocol/cloud.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdremotedesktopprotocol/mdm.md - -> linking to /docs/endpointpolicymanager/videoindex.mdindex.mdindex.mdremotedesktopprotocol/itemleveltargeting.md -- Broken link on source page path = /video/startscreentaskbar/windows10startmenu: - -> linking to /docs/endpointpolicymanager/videofileassociations/windows10.md - -[SUCCESS] Generated static files in "build". -[INFO] Use `npm run serve` command to test your build locally. -Build completed successfully! diff --git a/docs/accessanalyzer/12.0/final_build_report.log b/docs/accessanalyzer/12.0/final_build_report.log deleted file mode 100644 index 3b2972a5b4..0000000000 --- a/docs/accessanalyzer/12.0/final_build_report.log +++ /dev/null @@ -1,11 +0,0 @@ - -> netwrix-docs@0.1 build:single -> node scripts/build-single.js endpointpolicymanager - -Building single product: endpointpolicymanager -Using plugin ID: endpointpolicymanager -Starting build... -[INFO] [en] Creating an optimized production build... -[SUCCESS] Generated static files in "build". -[INFO] Use `npm run serve` command to test your build locally. -Build completed successfully! diff --git a/docs/accessanalyzer/12.0/final_build_v2.log b/docs/accessanalyzer/12.0/final_build_v2.log deleted file mode 100644 index 3ee1d80075..0000000000 --- a/docs/accessanalyzer/12.0/final_build_v2.log +++ /dev/null @@ -1,1696 +0,0 @@ - -> netwrix-docs@0.1 build:single -> node scripts/build-single.js endpointpolicymanager - -Building single product: endpointpolicymanager -Using plugin ID: endpointpolicymanager -Starting build... -[INFO] [en] Creating an optimized production build... -[WARNING] Docusaurus site warnings: -- Your site is using the SWC js loader. You can safely remove the Babel config file at `babel.config.js`. -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdfeature/windows.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdfeature/windowsservers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdfeature/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdfeature/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremiseexport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/preferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/features.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/emaillogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/install/leastprivilegemanagerrule.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/fileinfoviewer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/registrationmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/freetraining.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/sidexporter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/arm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/processmonitor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/gpobackup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/admx.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditordemo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditorsetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/startscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/applicationsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/admintemplatemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/browserrouter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/tour.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/leastprivilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/appmasking.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/profiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/startmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserdefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/broswerright.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserconfiguration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/elevatingapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/browserright.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/startscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/applicationsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/upgrades.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/legacy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/rightbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgesupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/blockwebsites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/custombrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chromenondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/firefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chrome.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/browsericon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/universalwindowsapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/preconfiguredadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloudusage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/adobereader.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mailto.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10modify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helpertool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/firstlogin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helperapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/acroreader.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10questions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdinstall/autoupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/rightbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/realgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/mobileiron.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/workspaceone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/citrixendpointmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/admintemplates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupmembership.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupdetermine.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewtechnical.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modestandalone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modeserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepull.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepush.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/securityenhanced.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/firewallports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/browserrouter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/block.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/oracledeploymentrulesets.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/versionsmultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/xmlsurgery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/itemleveltargeting/editmanual.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/flatlegacyview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/mmcconsole.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/grouppolicy/remotedesktopconnection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdremotedesktopprotocol/vdiscenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdremotedesktopprotocol/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdremotedesktopprotocol/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdremotedesktopprotocol/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowvendor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmhelpertool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacpromptsactivex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowsuniversalapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denymessages.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/preventedge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevateuwp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/msi.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/enforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applyondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesfromadmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/winget.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/printeruacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/microsoftrecommendations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denyselfelevate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/license.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/cloudinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/macjointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationpackage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/systemsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/eventscollector.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/collectdiagnostics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/domainnames.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/windows10startmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/demotaskbar.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/linksie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/customicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/startscreentaskbar/revertstartmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdmitemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/onetime.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/realgposettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/cloudimport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mergetool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/deployinternet.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/screensavers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateprinter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/drivemaps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/shortcuts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/delivergpprefs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/cloudlocaluser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/chocolaty.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/windows10prolockscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/customdefaultfileassociations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/unwantedapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/bitlocker.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/x509certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printersetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/auditpol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/lockunlocksession.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/shutdownscripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/vpnconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/anyconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/smb.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/webbasedshares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/masscopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/patching.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/localfilecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/azureblobstorage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/managers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/pak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorecreate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstoreupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/quickrundown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/manualupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/uptodate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllreconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/variables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/proxysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/trustedappsets.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/ieproxyserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/certificatesevil.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/invincea.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxplugins.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevert.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevertfix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/oraclejava.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxabout.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromebookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/paksbig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firstpak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/addelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/foxitprinter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firefox_plugins.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/sealapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xendesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/rds.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/specops.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/vmware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/dedicated.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/localmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinappworkspace.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/appv.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/uev.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/symantec.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/spoonnovell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/applicationsettings/chrome.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/connectionstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/contenttab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/generaltab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/privacytab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/securitytab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/favorites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/clearbrowsing.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/bookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/defaultsearch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/popups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extensions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extratabs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/removeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/miscsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/adobe.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarksmodify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/jre.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/securityslider.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/passwordsecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/teams.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acrobat.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/flashplayer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/irfanview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/office.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/skype.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/appxmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/removeapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/blockapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/deployapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/run.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/extrastool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremiseexport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/restricted_groups_editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/preferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/realgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/removeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/security/emaillogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdscriptstriggers/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/legacy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgpocompilancereporter/modepush.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdintegration/auditorsetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdnetworksecurity/basics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdnetworksecurity/auditingevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdnetworksecurity/applicationsports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdnetworksecurity/globalsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mddevice/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mddevice/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/uptodate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/security/features.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/registrationmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docusaurus found broken links! - -Please check the pages of your site in the list below, and make sure you don't reference any path that does not exist. -Note: it's possible to ignore broken links with the 'onBrokenLinks' Docusaurus configuration, and let the build pass. - -It looks like some of the broken links we found appear in many pages of your site. -Maybe those broken links appear on all pages through your site layout? -We recommend that you check your theme configuration for such links (particularly, theme navbar and footer). -Frequent broken links are linking to: -- /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md - -Exhaustive list of all broken links found: -- Broken link on source page path = /applicationsettings/designstudio/regimporteruitility: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/importregistry.md -- Broken link on source page path = /applicationsettings/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/managers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/pak.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorecreate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstoreupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/quickrundown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/manualupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllorphans.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllreconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/touchutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargetingbypass.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acllockdown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/variables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/proxysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/trustedappsets.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/ieproxyserver.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/certificatesevil.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/invincea.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxplugins.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevert.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevertfix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/oraclejava.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxabout.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromebookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/paksbig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firstpak.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/importregistry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/addelements.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/foxitprinter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firefox_plugins.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/sealapproval.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo2.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xenapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xendesktop.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/rds.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/specops.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/vmware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/dedicated.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/localmode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinappworkspace.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/appv.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/xenapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/uev.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/thinapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/symantec.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/spoonnovell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/applicationsettings/chrome.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/connectionstab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/contenttab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/generaltab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/privacytab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/programstab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/securitytab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/favorites.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/clearbrowsing.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/bookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/defaultsearch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/popups.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extensions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extratabs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/removeelements.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/miscsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/adobe.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/addons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarksmodify.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/lockdown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/jre.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/securityslider.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/passwordsecure.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/teams.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acrobat.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/flashplayer.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/irfanview.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/office.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/skype.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/javathunderbird: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/preferences: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/removeelements.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md -- Broken link on source page path = /browserrouter/internetexplorer/edgemod: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/citrix.md -- Broken link on source page path = /browserrouter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgesupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/blockwebsites.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgespecial.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/userselecteddefault.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/citrix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/custombrowsers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chromenondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieforce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/firefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chrome.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edge.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/browsericon.md -- Broken link on source page path = /cloud/interface/companydetails/customerlog: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/security/emaillogs.md -- Broken link on source page path = /cloud/interface/companydetails/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/security/features.md - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/registrationmode.md -- Broken link on source page path = /cloud/interface/filebox: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md -- Broken link on source page path = /cloud/interface/tools: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/mdm.md -- Broken link on source page path = /cloud/interface/xmldatafiles/createpolicy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/preferences.md -- Broken link on source page path = /cloud/interface/xmldatafiles/upload: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /cloud/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/preferences.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/features.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/emaillogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/add/administrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/install/leastprivilegemanagerrule.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/entraid.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/fileinfoviewer.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/registrationmode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md -- Broken link on source page path = /cloud/testlab: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/onpremise.md -- Broken link on source page path = /cloud/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md -- Broken link on source page path = /device/devicemanager/devicemanagerpolicies: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/serialnumber.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/bitlockerdrives.md -- Broken link on source page path = /device/devicemanager/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/usbdrive.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mddevice/cloud.md -- Broken link on source page path = /device/devicemanager/rules: - -> linking to /docs/endpointpolicymanager/video/index.mddevice/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/video/index.mddevice/enduser.md -- Broken link on source page path = /device/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdrive.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowvendor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/serialnumber.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/enduser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmhelpertool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/mdm.md -- Broken link on source page path = /editions/policies: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /editions/solutions: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md -- Broken link on source page path = /feature/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdfeature/windows.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdfeature/windowsservers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdfeature/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdfeature/mdm.md -- Broken link on source page path = /fileassociations/itemleveltargeting/exportcollection: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/exporterutility.md -- Broken link on source page path = /fileassociations/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/universalwindowsapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/wizard.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/preconfiguredadvice.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloudusage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/adobereader.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mailto.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10modify.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helpertool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/firstlogin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helperapplication.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/acroreader.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10questions.md -- Broken link on source page path = /gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md -- Broken link on source page path = /gettingstarted/history: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md -- Broken link on source page path = /gettingstarted/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/freetraining.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/sidexporter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/arm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/processmonitor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/gpobackup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/admx.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditordemo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateinstall.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateapplication.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/startscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/applicationsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/admintemplatemanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/browserrouter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/tour.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/leastprivilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/appmasking.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/profiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/startmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserdefault.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/broswerright.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserconfiguration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/elevatingapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/browserright.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/startscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/applicationsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /gettingstarted/prepare: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md -- Broken link on source page path = /gettingstarted/quickstart/cloud: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /gettingstarted/quickstart/grouppolicy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /gettingstarted/quickstart/mdm: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md -- Broken link on source page path = /gettingstarted/quickstart/overviewinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdgrouppolicy/explained.md -- Broken link on source page path = /gettingstarted/quickstart/preparemanagementstation: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdgrouppolicy/install.md -- Broken link on source page path = /gettingstarted/quickstart/specificcomponents: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.md#getting-started -- Broken link on source page path = /gpoexport/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/realgposettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/cloudimport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/sccm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mergetool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/deployinternet.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/screensavers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateprinter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/drivemaps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateregistry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/shortcuts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/delivergpprefs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/cloudlocaluser.md -- Broken link on source page path = /grouppolicy/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/itemleveltargeting/editmanual.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/flatlegacyview.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/mmcconsole.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/grouppolicy/remotedesktopconnection.md -- Broken link on source page path = /grouppolicycompliancereporter/deliveryreports: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/integration/onpremise.md -- Broken link on source page path = /grouppolicycompliancereporter/domainmultiple: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/modepush.md -- Broken link on source page path = /grouppolicycompliancereporter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewtechnical.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modestandalone.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modeserver.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepull.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepush.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/securityenhanced.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/firewallports.md -- Broken link on source page path = /grouppolicycompliancereporter/prepare/licensing: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /install/adminconsole: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md -- Broken link on source page path = /install/rings: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/settings: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/touchutility.md -- Broken link on source page path = /install/upgrade/tips: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md -- Broken link on source page path = /integration/auditor/mmcsnapin: - -> linking to /docs/endpointpolicymanager/video/index.mdintegration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /integration/azurevirutaldesktop: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md -- Broken link on source page path = /javaenterpriserules/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/browserrouter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/block.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/oracledeploymentrulesets.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/versionsmultiple.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/sccm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/xmlsurgery.md -- Broken link on source page path = /knowledgebase: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /leastprivilege/acltraverse: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md -- Broken link on source page path = /leastprivilege/adminapproval/useemail: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/email.md -- Broken link on source page path = /leastprivilege/elevate/printerdriverinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/events/createpolicy/audit: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/globalauditevent.md -- Broken link on source page path = /leastprivilege/events/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudevents.md -- Broken link on source page path = /leastprivilege/export: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mdm.md -- Broken link on source page path = /leastprivilege/itemleveltargeting: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/userfilter.md -- Broken link on source page path = /leastprivilege/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/cloudrules.md -- Broken link on source page path = /leastprivilege/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/userfilter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacpromptsactivex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/scripts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/installfonts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowsuniversalapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securitycomborules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denymessages.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/preventedge.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevateuwp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/msi.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/enforce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/email.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applyondemand.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securecopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesfromadmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/winget.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/printeruacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/microsoftrecommendations.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denyselfelevate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecure.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/license.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/cloudinstall.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/macjointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationpackage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/systemsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/eventscollector.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/adminapproval.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmounpart2.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/finder.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/collectdiagnostics.md -- Broken link on source page path = /leastprivilege/policyeditor/scope: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/pplpmimplementationguide: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md -- Broken link on source page path = /leastprivilege/preconfiguredxmls: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/reauthentication: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/selfelevatemode/reauthenticate.md -- Broken link on source page path = /leastprivilege/runasadmin: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.md -- Broken link on source page path = /leastprivilege/scopefilters/elevateserviceaccount: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/securerun/bestpractices: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md -- Broken link on source page path = /leastprivilege/securerun/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md -- Broken link on source page path = /leastprivilege/securerun/setup: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/tool/helper/elevate: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/helperdesktopshortcut.md -- Broken link on source page path = /license/editpolicies: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md -- Broken link on source page path = /license/mdm/hybrid: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /license/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/upgrades.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/legacy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/cleanup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/mdm.md -- Broken link on source page path = /license/trial: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /license/unlicense/componentscloud: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /license/unlicense/fileold: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/cleanup.md -- Broken link on source page path = /license/unlicense/forceddisabled: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /license/whenwhy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md -- Broken link on source page path = /licensing: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md -- Broken link on source page path = /mac/scenarios/macfinder: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/finder.md -- Broken link on source page path = /mac/scenarios/macprivhelper: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/mountunmount: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/mountunmounpart2.md -- Broken link on source page path = /mac/scenarios/sudo: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/wildcards.md -- Broken link on source page path = /mdm/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /mdm/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/mobileiron.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/workspaceone.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/citrixendpointmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/admintemplates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraid.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupmembership.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupdetermine.md -- Broken link on source page path = /mdm/service/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/testsample.md -- Broken link on source page path = /remoteworkdelivery/cloudmdm: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/mdm.md -- Broken link on source page path = /remoteworkdelivery/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/exporterutility.md -- Broken link on source page path = /remoteworkdelivery/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/smb.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/webbasedshares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/masscopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/patching.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/localfilecopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/azureblobstorage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /scriptstriggers/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdscriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdscriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /scriptstriggers/networksecuritymanager: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdnetworksecurity/basics.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdnetworksecurity/auditingevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdnetworksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdnetworksecurity/globalsettings.md -- Broken link on source page path = /scriptstriggers/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/chocolaty.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/windows10prolockscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/customdefaultfileassociations.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/unwantedapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/bitlocker.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/x509certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printersetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/auditpol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/lockunlocksession.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/shutdownscripts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/vpnconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/anyconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/pdqdeploy.md -- Broken link on source page path = /softwarepackage/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/appxmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/removeapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/blockapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/deployapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/run.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/extrastool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/mdm.md -- Broken link on source page path = /startscreentaskbar/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/testsample.md -- Broken link on source page path = /startscreentaskbar/helpertools: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/toolssetup.md -- Broken link on source page path = /startscreentaskbar/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/helperutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/windows10startmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/demotaskbar.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/linksie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/customicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/startscreentaskbar/revertstartmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdmitemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/citrix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/onetime.md -- Broken link on source page path = /tips/embedclient: - -> linking to /docs/endpointpolicymanager/video/index.mdinstall/autoupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /tips/eventlogs: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/video/index.mdscriptstriggers/cloud.md -- Broken link on source page path = /tips/thirdpartyadvice: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/disable: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/applicationsettings/backup/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/backup.md -- Broken link on source page path = /troubleshooting/browserrouter/revertlegacy: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md -- Broken link on source page path = /troubleshooting/changemanagementtools: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /troubleshooting/fastsupport: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/logs.md -- Broken link on source page path = /troubleshooting/fileassociations/legacy: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md -- Broken link on source page path = /troubleshooting/license/legacy: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/legacy.md - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /video/applicationsettings/trustedappsets: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/backupoptions.md -- Broken link on source page path = /video/networksecurity/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/domainnames.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md -- Broken link on source page path = /video/remotedesktopprotocol/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdremotedesktopprotocol/vdiscenarios.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdremotedesktopprotocol/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdremotedesktopprotocol/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdremotedesktopprotocol/itemleveltargeting.md - -[WARNING] Docusaurus found broken anchors! - -Please check the pages of your site in the list below, and make sure you don't reference any anchor that does not exist. -Note: it's possible to ignore broken anchors with the 'onBrokenAnchors' Docusaurus configuration, and let the build pass. - -Exhaustive list of all broken anchors found: -- Broken anchor on source page path = /applicationsettings/designstudio/overview: - -> linking to /video/#designstudio-how-to - -[SUCCESS] Generated static files in "build". -[INFO] Use `npm run serve` command to test your build locally. -Build completed successfully! diff --git a/docs/accessanalyzer/12.0/final_build_v3.log b/docs/accessanalyzer/12.0/final_build_v3.log deleted file mode 100644 index b5257c2d15..0000000000 --- a/docs/accessanalyzer/12.0/final_build_v3.log +++ /dev/null @@ -1,64 +0,0 @@ - -> netwrix-docs@0.1 build:single -> node scripts/build-single.js endpointpolicymanager - -Building single product: endpointpolicymanager -Using plugin ID: endpointpolicymanager -Starting build... -[INFO] [en] Creating an optimized production build... -[WARNING] Docusaurus site warnings: -- Your site is using the SWC js loader. You can safely remove the Babel config file at `babel.config.js`. -[WARNING] Docusaurus found broken links! - -Please check the pages of your site in the list below, and make sure you don't reference any path that does not exist. -Note: it's possible to ignore broken links with the 'onBrokenLinks' Docusaurus configuration, and let the build pass. - -It looks like some of the broken links we found appear in many pages of your site. -Maybe those broken links appear on all pages through your site layout? -We recommend that you check your theme configuration for such links (particularly, theme navbar and footer). -Frequent broken links are linking to: -- /docs/endpointpolicymanager/video/ - -Exhaustive list of all broken links found: -- Broken link on source page path = /applicationsettings/designstudio/overview: - -> linking to /docs/endpointpolicymanager/video/#designstudio-how-to -- Broken link on source page path = /cloud/fakedc: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /cloud/overview: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /device/devicemanager/overview: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /editions/policies: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /editions/solutions: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /gettingstarted: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /gettingstarted/quickstart/overviewinstall: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /gettingstarted/quickstart/specificcomponents: - -> linking to /docs/endpointpolicymanager/video/#getting-started -- Broken link on source page path = /itemleveltargeting/entraidgroups: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /knowledgebase: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /leastprivilege/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /leastprivilege/pplpmimplementationguide: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /leastprivilege/runasadmin: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /license/mdm/hybrid: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /license/trial: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /mdm/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /requirements/support/applicationsettings/applicationvirtualization: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /startscreentaskbar/startscreen/overview: - -> linking to /docs/endpointpolicymanager/video/ - -[SUCCESS] Generated static files in "build". -[INFO] Use `npm run serve` command to test your build locally. -Build completed successfully! diff --git a/docs/accessanalyzer/12.0/final_final_build.log b/docs/accessanalyzer/12.0/final_final_build.log deleted file mode 100644 index 489d33f1e0..0000000000 --- a/docs/accessanalyzer/12.0/final_final_build.log +++ /dev/null @@ -1,135 +0,0 @@ - -> netwrix-docs@0.1 build:single -> node scripts/build-single.js endpointpolicymanager - -Building single product: endpointpolicymanager -Using plugin ID: endpointpolicymanager -Starting build... -[INFO] [en] Creating an optimized production build... -[WARNING] Docusaurus site warnings: -- Your site is using the SWC js loader. You can safely remove the Babel config file at `babel.config.js`. -[WARNING] Docusaurus found broken links! - -Please check the pages of your site in the list below, and make sure you don't reference any path that does not exist. -Note: it's possible to ignore broken links with the 'onBrokenLinks' Docusaurus configuration, and let the build pass. - -It looks like some of the broken links we found appear in many pages of your site. -Maybe those broken links appear on all pages through your site layout? -We recommend that you check your theme configuration for such links (particularly, theme navbar and footer). -Frequent broken links are linking to: -- /docs/endpointpolicymanager/video/ -- /docs/endpointpolicymanager/resources/knowledge-base.md - -Exhaustive list of all broken links found: -- Broken link on source page path = /adminstrativetemplates/gettoknow/collection: - -> linking to /docs/endpointpolicymanager/administrativetemplates/itemleveltargeting.md -- Broken link on source page path = /applicationsettings/designstudio/overview: - -> linking to /docs/endpointpolicymanager/video/#designstudio-how-to -- Broken link on source page path = /applicationsettings/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md -- Broken link on source page path = /archive/overview: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/admxfiles.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/differentusers.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/massdeploy.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/upgrading.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/designstudiofirefox.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/cloud.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/tattooing.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/infranview.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/operanext.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/gotomeeting.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/parcctesting.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmware.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmwarefilesettings.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/java.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmwarehorizonmirage.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/office2013.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/designstudiojava.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/ie10.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/modenuke.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/acrobatxpro.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/ie9.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/vmwaresupplements.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/xenapp.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/applock.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/symantecworkspace.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/autoupdater.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md -- Broken link on source page path = /cloud/fakedc: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /cloud/overview: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /cloud/transition: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /device/devicemanager/overview: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /editions/policies: - -> linking to /docs/endpointpolicymanager/video/ - -> linking to /docs/endpointpolicymanager/administrativetemplates/overview.md -- Broken link on source page path = /editions/solutions: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /gettingstarted: - -> linking to /docs/endpointpolicymanager/video/ - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /gettingstarted/fastest: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/reference.md -- Broken link on source page path = /gettingstarted/quickstart/overviewinstall: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /gettingstarted/quickstart/specificcomponents: - -> linking to /docs/endpointpolicymanager/video/#getting-started - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /gpoexport/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/administrativetemplates/settings.md - -> linking to /docs/endpointpolicymanager/administrativetemplates/disableofficeelements.md - -> linking to /docs/endpointpolicymanager/administrativetemplates/versions.md -- Broken link on source page path = /install/clientsideextension: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/massdeploy.md - -> linking to /docs/endpointpolicymanager/archive/archived-guides/upgrading.md -- Broken link on source page path = /itemleveltargeting/entraidgroups: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /knowledgebase: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/video/ - -> linking to /docs/endpointpolicymanager/archive/archived-guides/overview.md -- Broken link on source page path = /leastprivilege/pplpmimplementationguide: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /leastprivilege/runasadmin: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /leastprivilege/securerun/webex: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /license/mdm/hybrid: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /license/trial: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /manuals: - -> linking to /docs/endpointpolicymanager/administrativetemplates/overview.md -- Broken link on source page path = /mdm/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /mdm/uemtools: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /preferences/itemleveltargeting: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md -- Broken link on source page path = /preferences/makemsis: - -> linking to /docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md -- Broken link on source page path = /requirements/support/applicationsettings/applicationvirtualization: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /startscreentaskbar/startscreen/overview: - -> linking to /docs/endpointpolicymanager/video/ -- Broken link on source page path = /troubleshooting/browserrouter/betweenbrowsers: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/cloud/underhood/installation: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/grouppolicycompliancereporter/admxregistry: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md -- Broken link on source page path = /troubleshooting/nondomain/edge: - -> linking to /docs/endpointpolicymanager/resources/knowledge-base.md - -[SUCCESS] Generated static files in "build". -[INFO] Use `npm run serve` command to test your build locally. -Build completed successfully! diff --git a/docs/accessanalyzer/12.0/fix_all_broken_links.py b/docs/accessanalyzer/12.0/fix_all_broken_links.py deleted file mode 100644 index ed59e6ac24..0000000000 --- a/docs/accessanalyzer/12.0/fix_all_broken_links.py +++ /dev/null @@ -1,118 +0,0 @@ -#!/usr/bin/env python3 - -import os -import glob - -def fix_all_broken_links(): - """Systematically fix all broken link patterns""" - - # Directory structure mappings (old long names → new short names) - directory_mappings = { - '/docs/endpointpolicymanager/application-management/browser-router/': '/docs/endpointpolicymanager/browserrouter/', - '/docs/endpointpolicymanager/application-management/java-enterprise-rules/': '/docs/endpointpolicymanager/javaenterpriserules/', - '/docs/endpointpolicymanager/application-management/file-associations/': '/docs/endpointpolicymanager/fileassociations/', - '/docs/endpointpolicymanager/device-and-desktop-management/device-manager/': '/docs/endpointpolicymanager/device/devicemanager/', - '/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/': '/docs/endpointpolicymanager/startscreentaskbar/', - '/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/': '/docs/endpointpolicymanager/rdp/', - '/docs/endpointpolicymanager/security-and-privilege-management/security-settings/': '/docs/endpointpolicymanager/securitysettings/', - '/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/': '/docs/endpointpolicymanager/gpoexport/', - '/docs/endpointpolicymanager/policy-management/preferences/': '/docs/endpointpolicymanager/preferences/', - '/docs/endpointpolicymanager/policy-management/item-level-targeting/': '/docs/endpointpolicymanager/itemleveltargeting/', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/': '/docs/endpointpolicymanager/grouppolicycompliancereporter/', - '/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/': '/docs/endpointpolicymanager/remoteworkdelivery/', - '/docs/endpointpolicymanager/deployment-methods/group-policy/': '/docs/endpointpolicymanager/grouppolicy/', - '/docs/endpointpolicymanager/deployment-methods/software-packages/': '/docs/endpointpolicymanager/softwarepackage/', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/': '/docs/endpointpolicymanager/scriptstriggers/', - '/docs/endpointpolicymanager/automation-and-scripting/feature-management/': '/docs/endpointpolicymanager/feature/', - '/docs/endpointpolicymanager/platform-specific/mac-support/': '/docs/endpointpolicymanager/mac/', - } - - # Archive directory mappings - archive_mappings = { - '/docs/endpointpolicymanager/archive/archived-guides/': '/docs/endpointpolicymanager/archive/', - } - - # Specific file mappings - file_mappings = { - '/docs/endpointpolicymanager/troubleshooting/eventcategories.md': '/docs/endpointpolicymanager/tips/eventcategories.md', - '/docs/endpointpolicymanager/resources/knowledge-base.md': '/docs/endpointpolicymanager/knowledgebase.md', - '/docs/endpointpolicymanager/gettingstarted/basic-concepts.md': '/docs/endpointpolicymanager/gettingstarted/concepts.md', - '/docs/endpointpolicymanager/troubleshooting/eventlogs.md': '/docs/endpointpolicymanager/tips/eventlogs.md', - } - - # Video link mappings - video_mappings = { - '/docs/endpointpolicymanager/video/': '/docs/endpointpolicymanager/video/index.md', - '/docs/endpointpolicymanager/video/#getting-started': '/docs/endpointpolicymanager/video/index.md#getting-started', - '/docs/endpointpolicymanager/video/#designstudio-how-to': '/docs/endpointpolicymanager/video/index.md#designstudio-how-to', - } - - # Overview file mappings (these appear to exist but with different names) - overview_mappings = { - '/docs/endpointpolicymanager/administrativetemplates/overview.md': '/docs/endpointpolicymanager/adminstrativetemplates/overview.md', - } - - files_processed = 0 - replacements_made = 0 - - # Find all .md files in the endpointpolicymanager directory - pattern = '/Users/jordan.violet/development/docs/docs/endpointpolicymanager/**/*.md' - md_files = glob.glob(pattern, recursive=True) - - for file_path in md_files: - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - original_content = content - - # Apply directory structure mappings - for old_path, new_path in directory_mappings.items(): - if old_path in content: - content = content.replace(old_path, new_path) - replacements_made += 1 - print(f"Directory fix: {old_path} -> {new_path} in {file_path}") - - # Apply archive mappings - for old_path, new_path in archive_mappings.items(): - if old_path in content: - content = content.replace(old_path, new_path) - replacements_made += 1 - print(f"Archive fix: {old_path} -> {new_path} in {file_path}") - - # Apply specific file mappings - for old_path, new_path in file_mappings.items(): - if old_path in content: - content = content.replace(old_path, new_path) - replacements_made += 1 - print(f"File fix: {old_path} -> {new_path} in {file_path}") - - # Apply video mappings - for old_path, new_path in video_mappings.items(): - if old_path in content: - content = content.replace(old_path, new_path) - replacements_made += 1 - print(f"Video fix: {old_path} -> {new_path} in {file_path}") - - # Apply overview mappings - for old_path, new_path in overview_mappings.items(): - if old_path in content: - content = content.replace(old_path, new_path) - replacements_made += 1 - print(f"Overview fix: {old_path} -> {new_path} in {file_path}") - - # Only write if content changed - if content != original_content: - with open(file_path, 'w', encoding='utf-8') as f: - f.write(content) - files_processed += 1 - - except Exception as e: - print(f"Error processing {file_path}: {e}") - - print(f"\nCompleted systematic broken link fixes:") - print(f"Files processed: {files_processed}") - print(f"Replacements made: {replacements_made}") - -if __name__ == "__main__": - fix_all_broken_links() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/fix_broken_links.py b/docs/accessanalyzer/12.0/fix_broken_links.py deleted file mode 100644 index 60e699e062..0000000000 --- a/docs/accessanalyzer/12.0/fix_broken_links.py +++ /dev/null @@ -1,87 +0,0 @@ -#!/usr/bin/env python3 - -import json -import re -import os - -def fix_broken_links(): - # Load the complete broken links file - with open('broken_links_complete.json', 'r') as f: - broken_links = json.load(f) - - fixed_count = 0 - skipped_count = 0 - - for i, link_info in enumerate(broken_links): - broken_link = link_info['broken_link'] - source_file = link_info['source_file'] - - print(f"Processing {i+1}/{len(broken_links)}: {broken_link}") - - # Handle different types of broken links - if '/resources/video-tutorials/' in broken_link: - # Convert resources/video-tutorials paths to video paths - fixed_link = broken_link.replace('/resources/video-tutorials/', '/video/') - elif '/security-and-privilege-management/least-privilege-manager/' in broken_link: - # Convert old-style paths to new structure - fixed_link = broken_link.replace('/security-and-privilege-management/least-privilege-manager/', '/leastprivilege/') - elif '/application-management/application-settings/' in broken_link: - # Convert application management paths - fixed_link = broken_link.replace('/application-management/application-settings/', '/applicationsettings/') - elif '/licensing/' in broken_link: - # Convert licensing paths - fixed_link = broken_link.replace('/licensing/', '/license/') - elif '/cloud-and-remote-management/cloud-management/' in broken_link: - # Convert cloud management paths - fixed_link = broken_link.replace('/cloud-and-remote-management/cloud-management/', '/cloud/') - elif '/getting-started/' in broken_link: - # Convert getting started paths - fixed_link = broken_link.replace('/getting-started/', '/gettingstarted/') - elif '/platform-specific/windows-requirements/' in broken_link: - # Convert platform specific paths - fixed_link = broken_link.replace('/platform-specific/windows-requirements/', '/requirements/') - elif '/integrations/third-party-integrations/' in broken_link: - # Convert integration paths - fixed_link = broken_link.replace('/integrations/third-party-integrations/', '/integration/') - else: - print(f" Skipping: Unknown path pattern") - skipped_count += 1 - continue - - # Read the source file - try: - with open(source_file, 'r', encoding='utf-8') as f: - content = f.read() - except FileNotFoundError: - print(f" Error: Source file not found: {source_file}") - skipped_count += 1 - continue - except Exception as e: - print(f" Error reading {source_file}: {e}") - skipped_count += 1 - continue - - # Replace the broken link with the fixed one - if broken_link in content: - new_content = content.replace(broken_link, fixed_link) - - # Write back the fixed content - try: - with open(source_file, 'w', encoding='utf-8') as f: - f.write(new_content) - print(f" Fixed: {broken_link} -> {fixed_link}") - fixed_count += 1 - except Exception as e: - print(f" Error writing {source_file}: {e}") - skipped_count += 1 - else: - print(f" Warning: Link not found in source file") - skipped_count += 1 - - print(f"\nSummary:") - print(f" Fixed: {fixed_count}") - print(f" Skipped: {skipped_count}") - print(f" Total: {len(broken_links)}") - -if __name__ == "__main__": - fix_broken_links() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/fix_final_anchor_links.py b/docs/accessanalyzer/12.0/fix_final_anchor_links.py deleted file mode 100644 index 04b8b00d5a..0000000000 --- a/docs/accessanalyzer/12.0/fix_final_anchor_links.py +++ /dev/null @@ -1,73 +0,0 @@ -#!/usr/bin/env python3 - -import os -import re - -def fix_final_anchor_links(): - """Apply the final anchor link fixes""" - - print("Applying final anchor link fixes...") - - # Final mappings for anchor links - mappings = { - # Video base path to index - '/docs/endpointpolicymanager/video/': '/docs/endpointpolicymanager/video/index.md', - - # 32B: Design studio how-to - '/docs/endpointpolicymanager/video/#designstudio-how-to': '/docs/endpointpolicymanager/applicationsettings/designstudio/overview.md', - - # 33B: Getting started - '/docs/endpointpolicymanager/video/#getting-started': '/docs/endpointpolicymanager/gettingstarted/overview.md', - } - - fixed_count = 0 - error_count = 0 - - print(f"Applying {len(mappings)} final anchor fixes...") - - for broken_link, correct_link in mappings.items(): - print(f"Processing: {broken_link} -> {correct_link}") - - # Search for files containing this broken link - try: - result = os.popen(f'grep -r "{broken_link}" /Users/jordan.violet/development/docs/docs/endpointpolicymanager/ --include="*.md" 2>/dev/null').read() - - if result.strip(): - for line in result.strip().split('\n'): - if ':' in line: - file_path = line.split(':')[0] - print(f" Found in: {file_path}") - - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - if broken_link in content: - new_content = content.replace(broken_link, correct_link) - - with open(file_path, 'w', encoding='utf-8') as f: - f.write(new_content) - - print(f" ✅ Fixed: {broken_link} -> {correct_link}") - fixed_count += 1 - else: - print(f" ⚠️ Link not found in file content") - - except Exception as e: - print(f" ❌ Error processing {file_path}: {e}") - error_count += 1 - else: - print(f" ℹ️ Link not found in any files") - - except Exception as e: - print(f" ❌ Error searching for link: {e}") - error_count += 1 - - print(f"\n📊 Summary:") - print(f" Final fixes applied: {fixed_count}") - print(f" Errors: {error_count}") - - return fixed_count, error_count - -if __name__ == "__main__": - fix_final_anchor_links() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/fix_final_broken_links.py b/docs/accessanalyzer/12.0/fix_final_broken_links.py deleted file mode 100644 index 861e6cdf83..0000000000 --- a/docs/accessanalyzer/12.0/fix_final_broken_links.py +++ /dev/null @@ -1,96 +0,0 @@ -#!/usr/bin/env python3 - -import os -import glob - -def fix_final_broken_links(): - """Fix the remaining specific broken links""" - - # Remaining specific file mappings - final_mappings = { - # Basic concepts file mapping - '/docs/endpointpolicymanager/gettingstarted/concepts.md': '/docs/endpointpolicymanager/gettingstarted/basicconcepts.md', - - # Device manager nested directory - '/docs/endpointpolicymanager/device/devicemanager/devicemanager/overview.md': '/docs/endpointpolicymanager/device/devicemanager/overview.md', - - # Remote desktop protocol - '/docs/endpointpolicymanager/rdp/overview.md': '/docs/endpointpolicymanager/remotedesktopprotocol/overview.md', - '/docs/endpointpolicymanager/rdp/itemleveltargeting/overview.md': '/docs/endpointpolicymanager/remotedesktopprotocol/itemleveltargeting/overview.md', - - # Device manager files - '/docs/endpointpolicymanager/device/devicemanager/serialnumber.md': '/docs/endpointpolicymanager/device/serialnumber.md', - '/docs/endpointpolicymanager/device/devicemanager/usbdrive.md': '/docs/endpointpolicymanager/device/usbdrive.md', - '/docs/endpointpolicymanager/device/devicemanager/registry.md': '/docs/endpointpolicymanager/device/registry.md', - - # Troubleshooting to tips mappings - '/docs/endpointpolicymanager/troubleshooting/emailoptout.md': '/docs/endpointpolicymanager/tips/emailoptout.md', - '/docs/endpointpolicymanager/troubleshooting/mmcdisplay.md': '/docs/endpointpolicymanager/tips/mmcdisplay.md', - '/docs/endpointpolicymanager/troubleshooting/onpremisecloud.md': '/docs/endpointpolicymanager/tips/onpremisecloud.md', - '/docs/endpointpolicymanager/troubleshooting/folderredirection.md': '/docs/endpointpolicymanager/tips/folderredirection.md', - '/docs/endpointpolicymanager/troubleshooting/embedclient.md': '/docs/endpointpolicymanager/tips/embedclient.md', - '/docs/endpointpolicymanager/troubleshooting/thirdpartyadvice.md': '/docs/endpointpolicymanager/tips/thirdpartyadvice.md', - '/docs/endpointpolicymanager/troubleshooting/services.md': '/docs/endpointpolicymanager/tips/services.md', - - # Administrative templates mappings - '/docs/endpointpolicymanager/administrativetemplates/itemleveltargeting.md': '/docs/endpointpolicymanager/adminstrativetemplates/itemleveltargeting.md', - '/docs/endpointpolicymanager/administrativetemplates/settings.md': '/docs/endpointpolicymanager/adminstrativetemplates/settings.md', - '/docs/endpointpolicymanager/administrativetemplates/disableofficeelements.md': '/docs/endpointpolicymanager/adminstrativetemplates/disableofficeelements.md', - '/docs/endpointpolicymanager/administrativetemplates/versions.md': '/docs/endpointpolicymanager/adminstrativetemplates/versions.md', - - # Application settings troubleshooting - '/docs/endpointpolicymanager/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md': '/docs/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md', - - # Reference file - '/docs/endpointpolicymanager/reference/index.md': '/docs/endpointpolicymanager/reference.md', - } - - # Video anchor mappings - anchor_mappings = { - '/video/#designstudio-how-to': '/video/index.md#designstudio-how-to', - '/video/#getting-started': '/video/index.md#getting-started', - } - - files_processed = 0 - replacements_made = 0 - - # Find all .md files in the endpointpolicymanager directory - pattern = '/Users/jordan.violet/development/docs/docs/endpointpolicymanager/**/*.md' - md_files = glob.glob(pattern, recursive=True) - - for file_path in md_files: - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - original_content = content - - # Apply final file mappings - for old_path, new_path in final_mappings.items(): - if old_path in content: - content = content.replace(old_path, new_path) - replacements_made += 1 - print(f"Fixed: {old_path} -> {new_path} in {file_path}") - - # Apply anchor mappings - for old_anchor, new_anchor in anchor_mappings.items(): - if old_anchor in content: - content = content.replace(old_anchor, new_anchor) - replacements_made += 1 - print(f"Fixed anchor: {old_anchor} -> {new_anchor} in {file_path}") - - # Only write if content changed - if content != original_content: - with open(file_path, 'w', encoding='utf-8') as f: - f.write(content) - files_processed += 1 - - except Exception as e: - print(f"Error processing {file_path}: {e}") - - print(f"\nCompleted final broken link fixes:") - print(f"Files processed: {files_processed}") - print(f"Replacements made: {replacements_made}") - -if __name__ == "__main__": - fix_final_broken_links() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/fix_final_links.py b/docs/accessanalyzer/12.0/fix_final_links.py deleted file mode 100644 index 7e3b659b60..0000000000 --- a/docs/accessanalyzer/12.0/fix_final_links.py +++ /dev/null @@ -1,227 +0,0 @@ -#!/usr/bin/env python3 - -import re -import os -import json - -def fix_final_broken_links(): - """Fix the remaining broken links with specific mappings based on user examples""" - - # Read the final build report to get current broken links - with open('final_build_report.log', 'r') as f: - content = f.read() - - # Create specific mappings based on user examples and file system exploration - specific_mappings = { - # Basic concepts and platform specific - '/docs/endpointpolicymanager/gettingstarted/basic-concepts.md': '/docs/endpointpolicymanager/basicconcepts.md', - '/docs/endpointpolicymanager/platform-specific/mac-support/overview.md': '/docs/endpointpolicymanager/mac/overview.md', - '/docs/endpointpolicymanager/device-and-desktop-management/device-manager/devicemanager/overview.md': '/docs/endpointpolicymanager/device/devicemanager/overview.md', - - # Troubleshooting -> tips - '/docs/endpointpolicymanager/troubleshooting/eventcategories.md': '/docs/endpointpolicymanager/tips/eventcategories.md', - '/docs/endpointpolicymanager/troubleshooting/eventlogs.md': '/docs/endpointpolicymanager/tips/eventlogs.md', - '/docs/endpointpolicymanager/troubleshooting/folderredirection.md': '/docs/endpointpolicymanager/tips/folderredirection.md', - '/docs/endpointpolicymanager/troubleshooting/onpremisecloud.md': '/docs/endpointpolicymanager/tips/onpremisecloud.md', - '/docs/endpointpolicymanager/troubleshooting/thirdpartyadvice.md': '/docs/endpointpolicymanager/tips/thirdpartyadvice.md', - '/docs/endpointpolicymanager/troubleshooting/mmcdisplay.md': '/docs/endpointpolicymanager/tips/mmcdisplay.md', - '/docs/endpointpolicymanager/troubleshooting/embedclient.md': '/docs/endpointpolicymanager/tips/embedclient.md', - '/docs/endpointpolicymanager/troubleshooting/services.md': '/docs/endpointpolicymanager/tips/services.md', - '/docs/endpointpolicymanager/troubleshooting/emailoptout.md': '/docs/endpointpolicymanager/tips/emailoptout.md', - - # Device and desktop management -> device - '/docs/endpointpolicymanager/device-and-desktop-management/device-manager/serialnumber.md': '/docs/endpointpolicymanager/device/serialnumber.md', - '/docs/endpointpolicymanager/device-and-desktop-management/device-manager/usbdrive.md': '/docs/endpointpolicymanager/device/usbdrive.md', - '/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md': '/docs/endpointpolicymanager/device/registry.md', - '/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/overview.md': '/docs/endpointpolicymanager/startscreentaskbar/overview.md', - '/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/explorer.md': '/docs/endpointpolicymanager/startscreentaskbar/explorer.md', - '/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/modes.md': '/docs/endpointpolicymanager/startscreentaskbar/modes.md', - '/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/sccmsoftwarecenter.md': '/docs/endpointpolicymanager/startscreentaskbar/sccmsoftwarecenter.md', - '/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/helpertools.md': '/docs/endpointpolicymanager/startscreentaskbar/helpertools.md', - '/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/foldershortcut.md': '/docs/endpointpolicymanager/startscreentaskbar/foldershortcut.md', - '/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/addlink.md': '/docs/endpointpolicymanager/startscreentaskbar/addlink.md', - '/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/itemleveltargeting/overview.md': '/docs/endpointpolicymanager/remotedesktopprotocol/itemleveltargeting/overview.md', - '/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/overview.md': '/docs/endpointpolicymanager/remotedesktopprotocol/overview.md', - - # Application management -> app management - '/docs/endpointpolicymanager/application-management/browser-router/processorderprecedence.md': '/docs/endpointpolicymanager/browserrouter/processorderprecedence.md', - '/docs/endpointpolicymanager/application-management/browser-router/install/chromemanual.md': '/docs/endpointpolicymanager/browserrouter/install/chromemanual.md', - '/docs/endpointpolicymanager/application-management/browser-router/advancedblockingmessage.md': '/docs/endpointpolicymanager/browserrouter/advancedblockingmessage.md', - '/docs/endpointpolicymanager/application-management/browser-router/forcebrowser.md': '/docs/endpointpolicymanager/browserrouter/forcebrowser.md', - '/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/securityzone.md': '/docs/endpointpolicymanager/browserrouter/editpolicytemplate/securityzone.md', - '/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md': '/docs/endpointpolicymanager/browserrouter/defaultbrowser/defined.md', - '/docs/endpointpolicymanager/application-management/browser-router/suppresspopup.md': '/docs/endpointpolicymanager/browserrouter/suppresspopup.md', - '/docs/endpointpolicymanager/application-management/browser-router/install/removeagent.md': '/docs/endpointpolicymanager/browserrouter/install/removeagent.md', - '/docs/endpointpolicymanager/application-management/browser-router/useselectablebrowser.md': '/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md', - '/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/browsermode.md': '/docs/endpointpolicymanager/browserrouter/editpolicytemplate/browsermode.md', - '/docs/endpointpolicymanager/application-management/browser-router/shortcuticons.md': '/docs/endpointpolicymanager/browserrouter/shortcuticons.md', - '/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/commandlinearguments.md': '/docs/endpointpolicymanager/browserrouter/editpolicytemplate/commandlinearguments.md', - '/docs/endpointpolicymanager/application-management/browser-router/edgelegacybrowser.md': '/docs/endpointpolicymanager/browserrouter/edgelegacybrowser.md', - '/docs/endpointpolicymanager/application-management/browser-router/overview.md': '/docs/endpointpolicymanager/browserrouter/overview.md', - '/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md': '/docs/endpointpolicymanager/fileassociations/defaultbrowser.md', - '/docs/endpointpolicymanager/application-management/file-associations/collections/gpos.md': '/docs/endpointpolicymanager/fileassociations/collections/gpos.md', - '/docs/endpointpolicymanager/application-management/file-associations/oemdefaultassociations.md': '/docs/endpointpolicymanager/fileassociations/oemdefaultassociations.md', - '/docs/endpointpolicymanager/application-management/file-associations/overview.md': '/docs/endpointpolicymanager/fileassociations/overview.md', - '/docs/endpointpolicymanager/application-management/java-enterprise-rules/itemleveltargeting.md': '/docs/endpointpolicymanager/javaenterpriserules/itemleveltargeting.md', - '/docs/endpointpolicymanager/application-management/java-enterprise-rules/prompts/overview.md': '/docs/endpointpolicymanager/javaenterpriserules/prompts/overview.md', - '/docs/endpointpolicymanager/application-management/java-enterprise-rules/exportcollections.md': '/docs/endpointpolicymanager/javaenterpriserules/exportcollections.md', - '/docs/endpointpolicymanager/application-management/java-enterprise-rules/wildcards.md': '/docs/endpointpolicymanager/javaenterpriserules/wildcards.md', - '/docs/endpointpolicymanager/application-management/java-enterprise-rules/virtualizedbrowsers.md': '/docs/endpointpolicymanager/javaenterpriserules/virtualizedbrowsers.md', - '/docs/endpointpolicymanager/application-management/java-enterprise-rules/evaluateurls.md': '/docs/endpointpolicymanager/javaenterpriserules/evaluateurls.md', - '/docs/endpointpolicymanager/application-management/java-enterprise-rules/overview.md': '/docs/endpointpolicymanager/javaenterpriserules/overview.md', - - # Policy management -> direct paths - '/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md': '/docs/endpointpolicymanager/itemleveltargeting/entraidsids.md', - '/docs/endpointpolicymanager/policy-management/item-level-targeting/applypreferences.md': '/docs/endpointpolicymanager/itemleveltargeting/applypreferences.md', - '/docs/endpointpolicymanager/policy-management/item-level-targeting/securitygroup.md': '/docs/endpointpolicymanager/itemleveltargeting/securitygroup.md', - '/docs/endpointpolicymanager/policy-management/item-level-targeting/windows11.md': '/docs/endpointpolicymanager/itemleveltargeting/windows11.md', - '/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsserver2019.md': '/docs/endpointpolicymanager/itemleveltargeting/windowsserver2019.md', - '/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidgroups.md': '/docs/endpointpolicymanager/itemleveltargeting/entraidgroups.md', - '/docs/endpointpolicymanager/policy-management/item-level-targeting/virtualdesktops.md': '/docs/endpointpolicymanager/itemleveltargeting/virtualdesktops.md', - '/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsendpoint.md': '/docs/endpointpolicymanager/itemleveltargeting/windowsendpoint.md', - '/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md': '/docs/endpointpolicymanager/preferences/componentlicense.md', - '/docs/endpointpolicymanager/policy-management/preferences/overview.md': '/docs/endpointpolicymanager/preferences/overview.md', - '/docs/endpointpolicymanager/policy-management/preferences/settings.md': '/docs/endpointpolicymanager/preferences/settings.md', - '/docs/endpointpolicymanager/policy-management/preferences/printerdeploy.md': '/docs/endpointpolicymanager/preferences/printerdeploy.md', - '/docs/endpointpolicymanager/policy-management/preferences/drivemappings.md': '/docs/endpointpolicymanager/preferences/drivemappings.md', - '/docs/endpointpolicymanager/policy-management/preferences/startservice.md': '/docs/endpointpolicymanager/preferences/startservice.md', - '/docs/endpointpolicymanager/policy-management/preferences/passwords.md': '/docs/endpointpolicymanager/preferences/passwords.md', - - # Automation and scripting -> direct paths - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localscheduledtask.md': '/docs/endpointpolicymanager/scriptstriggers/localscheduledtask.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/overview.md': '/docs/endpointpolicymanager/scriptstriggers/overview.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlannetwork.md': '/docs/endpointpolicymanager/scriptstriggers/wlannetwork.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/screensavers.md': '/docs/endpointpolicymanager/scriptstriggers/screensavers.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows7tls.md': '/docs/endpointpolicymanager/scriptstriggers/windows7tls.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/edgefirstlogon.md': '/docs/endpointpolicymanager/scriptstriggers/edgefirstlogon.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/powershell.md': '/docs/endpointpolicymanager/scriptstriggers/mappeddrives/powershell.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/eventlogtriggers.md': '/docs/endpointpolicymanager/scriptstriggers/mappeddrives/eventlogtriggers.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows10modifyscript.md': '/docs/endpointpolicymanager/scriptstriggers/windows10modifyscript.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/onapplyscript.md': '/docs/endpointpolicymanager/scriptstriggers/onapplyscript.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/cylance.md': '/docs/endpointpolicymanager/scriptstriggers/cylance.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/scriptlocation.md': '/docs/endpointpolicymanager/scriptstriggers/scriptlocation.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/powershellscripts.md': '/docs/endpointpolicymanager/scriptstriggers/powershellscripts.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlandropbox.md': '/docs/endpointpolicymanager/scriptstriggers/wlandropbox.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/silentbrowserinstall.md': '/docs/endpointpolicymanager/scriptstriggers/silentbrowserinstall.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/shortcutpublicdesktop.md': '/docs/endpointpolicymanager/scriptstriggers/shortcutpublicdesktop.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/updateregistry.md': '/docs/endpointpolicymanager/scriptstriggers/updateregistry.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/resetsecurechannel.md': '/docs/endpointpolicymanager/scriptstriggers/resetsecurechannel.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/temperatureunit.md': '/docs/endpointpolicymanager/scriptstriggers/temperatureunit.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/bitlockerdeployment.md': '/docs/endpointpolicymanager/scriptstriggers/bitlockerdeployment.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/teamsminimized.md': '/docs/endpointpolicymanager/scriptstriggers/teamsminimized.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/vpnconnection.md': '/docs/endpointpolicymanager/scriptstriggers/vpnconnection.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localaccountpassword.md': '/docs/endpointpolicymanager/scriptstriggers/localaccountpassword.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/vpn.md': '/docs/endpointpolicymanager/scriptstriggers/mappeddrives/vpn.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/processesdetails.md': '/docs/endpointpolicymanager/scriptstriggers/processesdetails.md', - '/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/networksecuritymanager.md': '/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md', - '/docs/endpointpolicymanager/automation-and-scripting/feature-management/overview.md': '/docs/endpointpolicymanager/feature/overview.md', - - # Cloud and remote management -> direct paths - '/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md': '/docs/endpointpolicymanager/remoteworkdelivery/updateclientsideextension.md', - '/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installsequentially.md': '/docs/endpointpolicymanager/remoteworkdelivery/installsequentially.md', - '/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installuwp.md': '/docs/endpointpolicymanager/remoteworkdelivery/installuwp.md', - '/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/variables.md': '/docs/endpointpolicymanager/remoteworkdelivery/variables.md', - '/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/printers.md': '/docs/endpointpolicymanager/remoteworkdelivery/printers.md', - '/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/overview.md': '/docs/endpointpolicymanager/remoteworkdelivery/overview.md', - '/docs/endpointpolicymanager/cloud-and-remote-management/mdm-integration/overview.md': '/docs/endpointpolicymanager/mdm/overview.md', - - # Security and privilege management -> direct paths - '/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/securitysettings.md': '/docs/endpointpolicymanager/gpoexport/securitysettings.md', - '/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/usercontext.md': '/docs/endpointpolicymanager/gpoexport/usercontext.md', - '/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/delivercertificates.md': '/docs/endpointpolicymanager/gpoexport/delivercertificates.md', - '/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md': '/docs/endpointpolicymanager/securitysettings/overview.md', - - # Compliance and reporting -> direct paths - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/concepts.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/concepts.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/scenarios.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/scenarios.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/deliveryreports.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/install.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/install.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/basis.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/license/basis.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/types.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/license/types.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/userlimit.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/license/userlimit.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/compliancereports.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/license/compliancereports.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/shareacrossteam.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/shareacrossteam.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/difference.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/difference.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/trial.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/trial.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/minimum.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/license/minimum.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/expire.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/license/expire.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/trueup.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/license/trueup.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/tool.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/license/tool.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/multiyear.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/license/multiyear.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/domainmultiple.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md', - '/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/overview.md': '/docs/endpointpolicymanager/grouppolicycompliancereporter/overview.md', - - # Deployment methods -> direct paths - '/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cachepreferences.md': '/docs/endpointpolicymanager/grouppolicy/itemleveltargeting/cachepreferences.md', - '/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cacheengine.md': '/docs/endpointpolicymanager/grouppolicy/itemleveltargeting/cacheengine.md', - '/docs/endpointpolicymanager/deployment-methods/group-policy/insertuserinfo.md': '/docs/endpointpolicymanager/grouppolicy/insertuserinfo.md', - '/docs/endpointpolicymanager/deployment-methods/group-policy/pdqdeploy.md': '/docs/endpointpolicymanager/grouppolicy/pdqdeploy.md', - '/docs/endpointpolicymanager/deployment-methods/software-packages/winget.md': '/docs/endpointpolicymanager/softwarepackage/winget.md', - '/docs/endpointpolicymanager/deployment-methods/software-packages/overview.md': '/docs/endpointpolicymanager/softwarepackage/overview.md', - - # Reference document - '/docs/endpointpolicymanager/reference/index.md': '/docs/endpointpolicymanager/reference.md', - - # Remove generic resource links (these should be handled separately) - '/docs/endpointpolicymanager/resources/video-tutorials.md': '', # Remove - '/docs/endpointpolicymanager/resources/knowledge-base.md': '', # Remove - '/docs/endpointpolicymanager/video/': '', # Remove generic video link - '/docs/endpointpolicymanager/video/#getting-started': '', # Remove - '/docs/endpointpolicymanager/video/#designstudio-how-to': '', # Remove - } - - fixed_count = 0 - error_count = 0 - - print(f"Processing {len(specific_mappings)} specific link mappings...") - - for broken_link, correct_link in specific_mappings.items(): - if correct_link == '': # Skip removal links for now - print(f"Skipping removal of: {broken_link}") - continue - - print(f"Processing: {broken_link} -> {correct_link}") - - # Search for files containing this broken link - try: - result = os.popen(f'grep -r "{broken_link}" /Users/jordan.violet/development/docs/docs/endpointpolicymanager/ --include="*.md" 2>/dev/null').read() - - if result.strip(): - for line in result.strip().split('\n'): - if ':' in line: - file_path = line.split(':')[0] - print(f" Found in: {file_path}") - - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - if broken_link in content: - new_content = content.replace(broken_link, correct_link) - - with open(file_path, 'w', encoding='utf-8') as f: - f.write(new_content) - - print(f" ✅ Fixed: {broken_link} -> {correct_link}") - fixed_count += 1 - else: - print(f" ⚠️ Link not found in file content") - - except Exception as e: - print(f" ❌ Error processing {file_path}: {e}") - error_count += 1 - else: - print(f" ℹ️ Link not found in any files") - - except Exception as e: - print(f" ❌ Error searching for link: {e}") - error_count += 1 - - print(f"\n📊 Summary:") - print(f" Fixed: {fixed_count}") - print(f" Errors: {error_count}") - - return fixed_count, error_count - -if __name__ == "__main__": - fix_final_broken_links() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/fix_malformed_and_apply_final.py b/docs/accessanalyzer/12.0/fix_malformed_and_apply_final.py deleted file mode 100644 index af2d0770f3..0000000000 --- a/docs/accessanalyzer/12.0/fix_malformed_and_apply_final.py +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/env python3 - -import os -import re - -def fix_malformed_and_apply_final(): - """First fix malformed links, then apply final user-selected fixes""" - - print("Step 1: Fixing malformed concatenated links...") - - # Fix malformed links that were created by previous script runs - malformed_patterns = [ - # Pattern: /docs/endpointpolicymanager/video/index.md + other path - (r'/docs/endpointpolicymanager/video/index\.md([^)\s]+)', r'/docs/endpointpolicymanager/video\1'), - # Pattern: multiple index.md repetitions - (r'/docs/endpointpolicymanager/video/(index\.md)+', r'/docs/endpointpolicymanager/video/'), - ] - - malformed_fixed = 0 - - # Find and fix malformed links - try: - result = os.popen('find /Users/jordan.violet/development/docs/docs/endpointpolicymanager/ -name "*.md" -exec grep -l "index.md[a-z]" {} \\; 2>/dev/null').read() - - for file_path in result.strip().split('\n'): - if file_path: - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - original_content = content - - # Apply malformed link fixes - for pattern, replacement in malformed_patterns: - content = re.sub(pattern, replacement, content) - - if content != original_content: - with open(file_path, 'w', encoding='utf-8') as f: - f.write(content) - print(f" ✅ Fixed malformed links in: {file_path}") - malformed_fixed += 1 - - except Exception as e: - print(f" ❌ Error fixing malformed links in {file_path}: {e}") - - except Exception as e: - print(f"❌ Error searching for malformed links: {e}") - - print(f"Fixed {malformed_fixed} files with malformed links\n") - - print("Step 2: Applying final user-selected fixes...") - - # Define the mappings based on user selections - mappings = { - # 1A-5A: Administrative templates fixes (administrativetemplates -> adminstrativetemplates) - '/docs/endpointpolicymanager/administrativetemplates/itemleveltargeting.md': '/docs/endpointpolicymanager/adminstrativetemplates/itemleveltargeting.md', - '/docs/endpointpolicymanager/administrativetemplates/overview.md': '/docs/endpointpolicymanager/adminstrativetemplates/overview.md', - '/docs/endpointpolicymanager/administrativetemplates/settings.md': '/docs/endpointpolicymanager/adminstrativetemplates/settings.md', - '/docs/endpointpolicymanager/administrativetemplates/disableofficeelements.md': '/docs/endpointpolicymanager/adminstrativetemplates/disableofficeelements.md', - '/docs/endpointpolicymanager/administrativetemplates/versions.md': '/docs/endpointpolicymanager/adminstrativetemplates/versions.md', - - # 6A: Reference -> index.md - '/docs/endpointpolicymanager/reference.md': '/docs/endpointpolicymanager/index.md', - - # 7A: Double path fix - '/docs/endpointpolicymanager/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md': '/docs/endpointpolicymanager/troubleshooting/applicationsettings/export/appset.md', - - # 8-29A: Archive links (remove archived-guides subfolder) - '/docs/endpointpolicymanager/archive/archived-guides/acrobatxpro.md': '/docs/endpointpolicymanager/archive/acrobatxpro.md', - '/docs/endpointpolicymanager/archive/archived-guides/admxfiles.md': '/docs/endpointpolicymanager/archive/admxfiles.md', - '/docs/endpointpolicymanager/archive/archived-guides/applock.md': '/docs/endpointpolicymanager/archive/applock.md', - '/docs/endpointpolicymanager/archive/archived-guides/autoupdater.md': '/docs/endpointpolicymanager/archive/autoupdater.md', - '/docs/endpointpolicymanager/archive/archived-guides/cloud.md': '/docs/endpointpolicymanager/archive/cloud.md', - '/docs/endpointpolicymanager/archive/archived-guides/designstudiofirefox.md': '/docs/endpointpolicymanager/archive/designstudiofirefox.md', - '/docs/endpointpolicymanager/archive/archived-guides/designstudiojava.md': '/docs/endpointpolicymanager/archive/designstudiojava.md', - '/docs/endpointpolicymanager/archive/archived-guides/differentusers.md': '/docs/endpointpolicymanager/archive/differentusers.md', - '/docs/endpointpolicymanager/archive/archived-guides/gotomeeting.md': '/docs/endpointpolicymanager/archive/gotomeeting.md', - '/docs/endpointpolicymanager/archive/archived-guides/ie10.md': '/docs/endpointpolicymanager/archive/ie10.md', - '/docs/endpointpolicymanager/archive/archived-guides/ie9.md': '/docs/endpointpolicymanager/archive/ie9.md', - '/docs/endpointpolicymanager/archive/archived-guides/infranview.md': '/docs/endpointpolicymanager/archive/infranview.md', - '/docs/endpointpolicymanager/archive/archived-guides/itemleveltartgeting.md': '/docs/endpointpolicymanager/archive/itemleveltartgeting.md', - '/docs/endpointpolicymanager/archive/archived-guides/java.md': '/docs/endpointpolicymanager/archive/java.md', - '/docs/endpointpolicymanager/archive/archived-guides/massdeploy.md': '/docs/endpointpolicymanager/archive/massdeploy.md', - '/docs/endpointpolicymanager/archive/archived-guides/modenuke.md': '/docs/endpointpolicymanager/archive/modenuke.md', - '/docs/endpointpolicymanager/archive/archived-guides/office2013.md': '/docs/endpointpolicymanager/archive/office2013.md', - '/docs/endpointpolicymanager/archive/archived-guides/operanext.md': '/docs/endpointpolicymanager/archive/operanext.md', - '/docs/endpointpolicymanager/archive/archived-guides/overview.md': '/docs/endpointpolicymanager/archive/overview.md', - '/docs/endpointpolicymanager/archive/archived-guides/parcctesting.md': '/docs/endpointpolicymanager/archive/parcctesting.md', - '/docs/endpointpolicymanager/archive/archived-guides/preferencesexporter.md': '/docs/endpointpolicymanager/archive/preferencesexporter.md', - '/docs/endpointpolicymanager/archive/archived-guides/symantecworkspace.md': '/docs/endpointpolicymanager/archive/symantecworkspace.md', - '/docs/endpointpolicymanager/archive/archived-guides/tattooing.md': '/docs/endpointpolicymanager/archive/tattooing.md', - '/docs/endpointpolicymanager/archive/archived-guides/upgrading.md': '/docs/endpointpolicymanager/archive/upgrading.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmware.md': '/docs/endpointpolicymanager/archive/vmware.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmwarefilesettings.md': '/docs/endpointpolicymanager/archive/vmwarefilesettings.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmwarehorizonmirage.md': '/docs/endpointpolicymanager/archive/vmwarehorizonmirage.md', - '/docs/endpointpolicymanager/archive/archived-guides/vmwaresupplements.md': '/docs/endpointpolicymanager/archive/vmwaresupplements.md', - '/docs/endpointpolicymanager/archive/archived-guides/xenapp.md': '/docs/endpointpolicymanager/archive/xenapp.md', - - # 30A: Knowledge base - '/docs/endpointpolicymanager/resources/knowledge-base.md': '/docs/endpointpolicymanager/knowledgebase.md', - - # 31: Video index (will create index.md) - '/docs/endpointpolicymanager/video/': '/docs/endpointpolicymanager/video/index.md', - - # 32B: Design studio how-to - '/docs/endpointpolicymanager/video/#designstudio-how-to': '/docs/endpointpolicymanager/applicationsettings/designstudio/overview.md', - - # 33B: Getting started - '/docs/endpointpolicymanager/video/#getting-started': '/docs/endpointpolicymanager/gettingstarted/overview.md', - } - - fixed_count = 0 - error_count = 0 - - print(f"Applying {len(mappings)} final fixes...") - - for broken_link, correct_link in mappings.items(): - print(f"Processing: {broken_link} -> {correct_link}") - - # Search for files containing this broken link - try: - result = os.popen(f'grep -r "{broken_link}" /Users/jordan.violet/development/docs/docs/endpointpolicymanager/ --include="*.md" 2>/dev/null').read() - - if result.strip(): - for line in result.strip().split('\n'): - if ':' in line: - file_path = line.split(':')[0] - print(f" Found in: {file_path}") - - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - if broken_link in content: - new_content = content.replace(broken_link, correct_link) - - with open(file_path, 'w', encoding='utf-8') as f: - f.write(new_content) - - print(f" ✅ Fixed: {broken_link} -> {correct_link}") - fixed_count += 1 - else: - print(f" ⚠️ Link not found in file content") - - except Exception as e: - print(f" ❌ Error processing {file_path}: {e}") - error_count += 1 - else: - print(f" ℹ️ Link not found in any files") - - except Exception as e: - print(f" ❌ Error searching for link: {e}") - error_count += 1 - - print(f"\n📊 Summary:") - print(f" Malformed links fixed: {malformed_fixed}") - print(f" Final fixes applied: {fixed_count}") - print(f" Errors: {error_count}") - - return malformed_fixed, fixed_count, error_count - -if __name__ == "__main__": - fix_malformed_and_apply_final() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/fix_multiple_index_md.py b/docs/accessanalyzer/12.0/fix_multiple_index_md.py deleted file mode 100644 index 2ba5086e64..0000000000 --- a/docs/accessanalyzer/12.0/fix_multiple_index_md.py +++ /dev/null @@ -1,54 +0,0 @@ -#!/usr/bin/env python3 - -import os -import re - -def fix_multiple_index_md(): - """Fix multiple index.md repetitions in links""" - - print("Fixing multiple index.md repetitions in links...") - - # Pattern: /docs/endpointpolicymanager/video/index.md + (index.md)+ + rest - # Should be: /docs/endpointpolicymanager/video/ + rest - pattern = r'/docs/endpointpolicymanager/video/(index\.md)+' - replacement = r'/docs/endpointpolicymanager/video/' - - fixed_count = 0 - error_count = 0 - - try: - # Find all .md files in endpointpolicymanager - result = os.popen('find /Users/jordan.violet/development/docs/docs/endpointpolicymanager/ -name "*.md" 2>/dev/null').read() - - for file_path in result.strip().split('\n'): - if file_path: - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - original_content = content - - # Apply the fix - content = re.sub(pattern, replacement, content) - - if content != original_content: - with open(file_path, 'w', encoding='utf-8') as f: - f.write(content) - print(f" ✅ Fixed: {file_path}") - fixed_count += 1 - - except Exception as e: - print(f" ❌ Error processing {file_path}: {e}") - error_count += 1 - - except Exception as e: - print(f"❌ Error searching for files: {e}") - - print(f"\n📊 Summary:") - print(f" Fixed files: {fixed_count}") - print(f" Errors: {error_count}") - - return fixed_count, error_count - -if __name__ == "__main__": - fix_multiple_index_md() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/fix_remaining_links.py b/docs/accessanalyzer/12.0/fix_remaining_links.py deleted file mode 100644 index 9d41906e3f..0000000000 --- a/docs/accessanalyzer/12.0/fix_remaining_links.py +++ /dev/null @@ -1,100 +0,0 @@ -#!/usr/bin/env python3 - -import re -import os - -def fix_remaining_links(): - # Parse the build log to get remaining broken links - remaining_links = [] - - with open('build_final.log', 'r') as f: - content = f.read() - - # Find all broken link entries - pattern = r'-> linking to ([^\s]+)' - matches = re.findall(pattern, content) - - # Also find source page paths for context - source_pattern = r'- Broken link on source page path = ([^:]+):' - source_matches = re.findall(source_pattern, content) - - print(f"Found {len(matches)} remaining broken links") - - # Create mappings for common patterns that weren't handled - path_mappings = { - # Cloud and remote management -> cloud - '/cloud-and-remote-management/cloud-management/': '/cloud/', - '/cloud-and-remote-management/mdm-integration/': '/mdm/', - - # Policy management - '/policy-management/administrative-templates/': '/administrativetemplates/', - - # Installation and deployment - '/installation-and-deployment/': '/install/', - - # Troubleshooting patterns - '/troubleshooting/tips/': '/troubleshooting/', - - # Preconfigured applications path corrections - '/applicationsettings/preconfigured-applications/': '/applicationsettings/preconfigured/', - - # Special case: resources links that should be removed or replaced - '/resources/video-tutorials.md': '/video/', # Generic video tutorials page - '/resources/knowledge-base.md': '', # Remove knowledge base links - } - - fixed_count = 0 - - # Process each unique broken link - unique_links = list(set(matches)) - - for broken_link in unique_links: - print(f"Processing: {broken_link}") - - fixed_link = broken_link - - # Apply path mappings - for old_pattern, new_pattern in path_mappings.items(): - if old_pattern in broken_link: - if new_pattern == '': # Remove link entirely - print(f" Link should be removed: {broken_link}") - continue - else: - fixed_link = broken_link.replace(old_pattern, new_pattern) - break - - if fixed_link == broken_link: - print(f" No mapping found for: {broken_link}") - continue - - # Search for files containing this broken link and fix them - result = os.popen(f'grep -r "{broken_link}" /Users/jordan.violet/development/docs/docs/endpointpolicymanager/ --include="*.md"').read() - - if result.strip(): - for line in result.strip().split('\n'): - if ':' in line: - file_path = line.split(':')[0] - print(f" Found in: {file_path}") - - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - if broken_link in content: - new_content = content.replace(broken_link, fixed_link) - - with open(file_path, 'w', encoding='utf-8') as f: - f.write(new_content) - - print(f" Fixed: {broken_link} -> {fixed_link}") - fixed_count += 1 - - except Exception as e: - print(f" Error processing {file_path}: {e}") - else: - print(f" Link not found in files: {broken_link}") - - print(f"\nFixed {fixed_count} additional links") - -if __name__ == "__main__": - fix_remaining_links() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/fix_very_final_links.py b/docs/accessanalyzer/12.0/fix_very_final_links.py deleted file mode 100644 index 668fe9bd33..0000000000 --- a/docs/accessanalyzer/12.0/fix_very_final_links.py +++ /dev/null @@ -1,53 +0,0 @@ -#!/usr/bin/env python3 - -import os -import glob - -def fix_very_final_links(): - """Fix the very last remaining broken links""" - - # Final file mappings based on actual files found - very_final_mappings = { - # Basic concepts file (found at root level) - '/docs/endpointpolicymanager/gettingstarted/basicconcepts.md': '/docs/endpointpolicymanager/basicconcepts.md', - - # Reference file - need to check what exists - '/docs/endpointpolicymanager/reference.md': '/docs/endpointpolicymanager/knowledgebase.md', - } - - files_processed = 0 - replacements_made = 0 - - # Find all .md files in the endpointpolicymanager directory - pattern = '/Users/jordan.violet/development/docs/docs/endpointpolicymanager/**/*.md' - md_files = glob.glob(pattern, recursive=True) - - for file_path in md_files: - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - original_content = content - - # Apply very final mappings - for old_path, new_path in very_final_mappings.items(): - if old_path in content: - content = content.replace(old_path, new_path) - replacements_made += 1 - print(f"Fixed: {old_path} -> {new_path} in {file_path}") - - # Only write if content changed - if content != original_content: - with open(file_path, 'w', encoding='utf-8') as f: - f.write(content) - files_processed += 1 - - except Exception as e: - print(f"Error processing {file_path}: {e}") - - print(f"\nCompleted very final broken link fixes:") - print(f"Files processed: {files_processed}") - print(f"Replacements made: {replacements_made}") - -if __name__ == "__main__": - fix_very_final_links() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/fix_video_concatenation.py b/docs/accessanalyzer/12.0/fix_video_concatenation.py deleted file mode 100644 index 83d7c3e734..0000000000 --- a/docs/accessanalyzer/12.0/fix_video_concatenation.py +++ /dev/null @@ -1,62 +0,0 @@ -#!/usr/bin/env python3 - -import os -import glob -import re - -def fix_video_concatenation(): - """Fix the concatenation issue with video links""" - - files_processed = 0 - replacements_made = 0 - - # Find all .md files in the endpointpolicymanager directory - pattern = '/Users/jordan.violet/development/docs/docs/endpointpolicymanager/**/*.md' - md_files = glob.glob(pattern, recursive=True) - - for file_path in md_files: - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - original_content = content - - # Fix concatenated video links like: - # /docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md - # back to: - # /docs/endpointpolicymanager/video/leastprivilege/elevate/scripts.md - - # Pattern to match concatenated video links - pattern = r'/docs/endpointpolicymanager/video/index\.md([a-z][^)\s]*\.md)' - replacement = r'/docs/endpointpolicymanager/video/\1' - - if re.search(pattern, content): - content = re.sub(pattern, replacement, content) - replacements_made += 1 - print(f"Fixed concatenated video link in {file_path}") - - # Fix specific standalone video links that should go to index.md - # Only replace standalone /docs/endpointpolicymanager/video/ (followed by ) or whitespace) - pattern2 = r'/docs/endpointpolicymanager/video/(?=[\)\s])' - replacement2 = r'/docs/endpointpolicymanager/video/index.md' - - if re.search(pattern2, content): - content = re.sub(pattern2, replacement2, content) - replacements_made += 1 - print(f"Fixed standalone video link in {file_path}") - - # Only write if content changed - if content != original_content: - with open(file_path, 'w', encoding='utf-8') as f: - f.write(content) - files_processed += 1 - - except Exception as e: - print(f"Error processing {file_path}: {e}") - - print(f"\nCompleted video concatenation fixes:") - print(f"Files processed: {files_processed}") - print(f"Replacements made: {replacements_made}") - -if __name__ == "__main__": - fix_video_concatenation() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/fix_video_path_issue.py b/docs/accessanalyzer/12.0/fix_video_path_issue.py deleted file mode 100644 index f8e077dc53..0000000000 --- a/docs/accessanalyzer/12.0/fix_video_path_issue.py +++ /dev/null @@ -1,54 +0,0 @@ -#!/usr/bin/env python3 - -import os -import re - -def fix_video_path_issue(): - """Fix the video path issue caused by overly aggressive regex""" - - print("Fixing video path issues caused by incorrect regex...") - - # Pattern: /docs/endpointpolicymanager/video + [no slash] + rest of path - # Should be: /docs/endpointpolicymanager/video/ + rest of path - pattern = r'/docs/endpointpolicymanager/video([a-z])' - replacement = r'/docs/endpointpolicymanager/video/\1' - - fixed_count = 0 - error_count = 0 - - try: - # Find all .md files in endpointpolicymanager - result = os.popen('find /Users/jordan.violet/development/docs/docs/endpointpolicymanager/ -name "*.md" 2>/dev/null').read() - - for file_path in result.strip().split('\n'): - if file_path: - try: - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - original_content = content - - # Apply the fix - content = re.sub(pattern, replacement, content) - - if content != original_content: - with open(file_path, 'w', encoding='utf-8') as f: - f.write(content) - print(f" ✅ Fixed: {file_path}") - fixed_count += 1 - - except Exception as e: - print(f" ❌ Error processing {file_path}: {e}") - error_count += 1 - - except Exception as e: - print(f"❌ Error searching for files: {e}") - - print(f"\n📊 Summary:") - print(f" Fixed files: {fixed_count}") - print(f" Errors: {error_count}") - - return fixed_count, error_count - -if __name__ == "__main__": - fix_video_path_issue() \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/getting-started/index.md b/docs/accessanalyzer/12.0/getting-started/index.md deleted file mode 100644 index 00f2ccd012..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/index.md +++ /dev/null @@ -1,100 +0,0 @@ -# Getting Started - -Once Access Analyzer is installed, the following workflow will quickly enable users to begin -auditing the organization’s IT infrastructure. See the -[Navigating the Console](/docs/accessanalyzer/12.0/administration/navigation/overview.md) topic for additional information and data grid -functionality. - -## Initial Configuration During First Launch - -During the initial Access Analyzer Configuration Wizard, users are walked through configuring -several key global settings: - -- Storage - - - Mandatory configuration during the first launch - - Requires credential on the SQL® Server database which is used to create and modify the Access - Analyzer database - - Option to either create a new database or point to an existing database - - If using Windows Authentication, the Schedule node must be configured also - - See the [Storage](/docs/accessanalyzer/12.0/administration/settings/storage/overview.md) topic for additional information - -- Schedule - - - Only appears if the Storage Profile is configured to use Windows Authentication - - If the Storage Profile is configured to use SQL Authentication, the setting is configured - later - - See the [Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) topic for additional information - -- Instant Job - - - Install the pre-configured solutions for which the organization is licensed - - See the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for additional - information - -## Global Settings Configured - -The global Settings have an overall impact on the running of Access Analyzer jobs. They are managed -through the Settings node at the top of the Navigation pane. The following global Settings require -configuration from the start: - -- [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) – Configure the Default Connection Profile and - additional Connection Profiles as needed for intended data collection -- [Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) – Configure the Default Scheduled Service Account for - scheduling Access Analyzer job execution, if not configured via the initial configuration wizard -- [Notification](/docs/accessanalyzer/12.0/administration/settings/notification.md) – Configure an SMTP server for Access Analyzer to - use for sending email notifications - -The other global Settings provide additional options for impacting how Access Analyzer functions: - -- [Access](/docs/accessanalyzer/12.0/administration/settings/access/overview.md) – Enable and configure Role Based Access for a least - privileged application of Access Analyzer and report viewing or the enable the REST API - - **NOTE:** If Role Based Access is enabled by accident, contact - [Netwrix Support](https://www.netwrix.com/support.html) for assistance in disabling it. - -- [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) – Configure additional settings not included - in the other nodes -- [Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) – Configure Microsoft® Exchange Server connections - -**CAUTION:** Do not configure data retention at the global level without ensuring History is -supported by ALL solutions to be run. - -- [History](/docs/accessanalyzer/12.0/administration/settings/history.md) – Configure data retention and log retention settings -- [Host Discovery](/docs/accessanalyzer/12.0/administration/settings/host-discovery.md) – Configure Host Discovery task settings -- [Host Inventory](/docs/accessanalyzer/12.0/administration/settings/host-inventory.md) – Configure Host Inventory settings -- [Reporting](/docs/accessanalyzer/12.0/administration/settings/reporting.md) – Configure reporting options, if necessary -- [Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) – Flag false positive within discovered - potential sensitive data files -- [ServiceNow](/docs/accessanalyzer/12.0/administration/settings/service-now.md) – Configure the ServiceNow Action Module authentication - credentials -- [Storage](/docs/accessanalyzer/12.0/administration/settings/storage/overview.md) – Configure additional SQL Server database Storage - Profiles - -See the [Global Settings](/docs/accessanalyzer/12.0/administration/settings/overview.md) topic for additional information. - -## Discover Hosts - -Within the terminology of Access Analyzer, hosts are the machines being targeted during data -collection. Hosts can be discovered or manually introduced to Access Analyzer. Known hosts are then -inventoried to populate dynamic host lists. Host discovery is done at the Host Discovery  node. -Hosts are manually introduced at the Host Management node. - -Host management consists of maintaining up-to-date host inventories and host lists which can be -assigned to job groups or jobs as targeted hosts. See the -[Host Management](/docs/accessanalyzer/12.0/host-management/overview.md) topic for additional information. - -## Job Workflow - -Once the global Settings are configured and hosts have been introduced to Access Analyzer, it is -time to begin auditing. This requires an understanding of the relationship between solutions, job -groups, jobs, queries, analysis, actions, and reports. - -The Access Analyzer job is the fundamental unit. Jobs are responsible for all data collection -queries, analysis tasks, notification tasks, action tasks, and report generation. When Jobs are -designed to work together, they are housed within job groups to control the order of job execution. -Solutions are pre-configured job groups which have been designed to target specific types of -environments to audit for specific data sets, typically the most common types of information -desired. - -See the [Jobs Tree](/docs/accessanalyzer/12.0/administration/job-management/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/database.md b/docs/accessanalyzer/12.0/getting-started/installation/application/database.md deleted file mode 100644 index bd13bfe623..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/database.md +++ /dev/null @@ -1,219 +0,0 @@ -# Access Analyzer Database - -The Access Analyzer database is dynamic in nature. There are a handful of required system tables -which are created at installation time or when individual features are used the first time. All -other data tables in the Access Analyzer database are created and bound to individual jobs which are -added to the Access Analyzer Console. As jobs are created and modified, corresponding tables are -created and modified in the database. A job can generate one or more tables. - -The structure and schema of each data table is controlled by the Access Analyzer data collector used -to collect data and write results to the table. There is a one-to-one relationship between a task -created within a Access Analyzer job and the table to which the task writes results. Creating tasks -or adding and removing properties within a task modifies the schema of the table on subsequent -execution of the job. - -Access Analyzer offers users the ability to modify its preconfigured jobs or create custom jobs and -tasks as needed. Therefore, precise schema information for data tables cannot be predicted, -restricted, or locked down. - -## Database Permissions - -The account configured in the storage profile to be used by Access Analyzer to access the database -should have the necessary rights to Add, Alter, Create, Drop, Select, and Update. These rights are -critical to normal Access Analyzer operations and functionality. - -**_RECOMMENDED:_** The account used by Access Analyzer should have database owner (DBO) level access -to the database. - -If database owner rights cannot be obtained, the following SQL script can be executed by a database -administrator (DBA) against the Access Analyzer database to grant the necessary permissions to the -appropriate users (replacing `` and `` with the appropriate values): - -```sql -USE [master] -GRANT VIEW ANY DEFINITION TO [] -GO -USE [] -GO -EXEC sp_addrolemember 'db_datareader', '' -GO -EXEC sp_addrolemember 'db_datawriter', '' -GO -GRANT CREATE TABLE TO [] -GO -GRANT CREATE VIEW TO [] -GO -GRANT CREATE PROCEDURE TO [] -GO -GRANT CREATE FUNCTION TO [] -GO -GRANT CREATE TYPE TO [] -GO -GRANT REFERENCES ON SCHEMA::dbo TO [] -GO -GRANT ALTER ON SCHEMA::dbo TO [] -GO -GRANT EXECUTE ON SCHEMA::dbo TO [] -GO -GRANT INSERT ON SCHEMA::dbo TO [] -GO -GRANT UPDATE ON SCHEMA::dbo TO [] -GO -Alter User [] with DEFAULT_SCHEMA = dbo -``` - -## Database Sizing - -SQL Server storage considerations vary. As Access Analyzer is a highly customizable auditing -platform, variables such as query scope, the number of hosts, frequency, historical retention, and -reporting needs are a few of the factors which affect the database resource consumption by Access -Analyzer. - -- Query Scope – Amount of data configured to be returned from each query (queries are dynamic and - can be configured to return one row per host or tens of thousands) -- Number of Hosts – Number of hosts targeted for auditing objectives -- Frequency – How often jobs are run -- Historical Retention – Amount of collected data to be retained in source data tables based on a - user-configured time frame -- Reporting Needs – Anticipated data needed to generate reports - -Recommended SQL Server database sizes are provided for specific solutions in the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topics. These recommendations are based on -environmental factors, the number of target objects within an environment (users, hosts, mailboxes, -etc.), and the applicable factors listed above for the specific solution. - -### Customer Examples of Database Sizing - -The overall database size is ultimately governed by an organization’s auditing objectives. The -examples below provide a glimpse into how these objectives combine with the applicable factors above -to impact the Access Analyzer database resource consumption. - -- Example from an Active Directory Solution Customer - - An Active Directory (AD) customer intends to collect AD User/Group/Membership information and - run the standard Active Directory Solution within their environment. In an environment of - 50,000 Users and 200,000 Groups, the database can be 50 GB in size. The expansion of group - information can also require 20 GB of TEMPDB space. -- Example from a Data Access Governance Solution Customer - - A Data Access Governance customer using the File System Solution intends to collect and report - on file system permissions, and optionally to profile size, age, extensions, and ownership of - files in the organization. The database for a typical mid-sized organization could be anywhere - from 60 GB to upward of 240 GB, depending on the number of folders scanned, which can vary - greatly in depth and width. Electing to collect content-related information will also impact - database size. -- Another Example from a Data Access Governance Solution Customer - - A Data Access Governance customer using the File System Solution intends to inventory 1.3 PB - of files spread across 600+ standalone (non-clustered) Windows file servers, collecting - information on file permissions and ages (and possibly, ad hoc, information on file system - activity) with an overall plan to identify stale data, consolidate active data on a subset of - the organization’s file system infrastructure, and to move that active data to a cloud-based - platform like SharePoint Online. Activity monitoring (FSAC) is to be used ad hoc against open - shares to profile resource ownership and also to validate the “staleness” of certain - resources. The database sizing for a project of this scope could be up to 750 GB for the - database, 240 GB for the transaction log, and 380 GB of TEMPDB space. -- Example from an Exchange Solution Customer - - An Exchange customer only intends to collect Mail-Flow Metrics for 100,000 Mailboxes from 10 - HUB Servers in the organization. However, the customer would like to keep six months of - history on User to User Activity sent internally and externally, as well as one year of Server - and User Volume Traffic. This database can grow to around 320 GB. -- Example from a Windows Solution Customer - - A Windows customer intends to audit and retain Success and Failed login events for five member - servers retaining the data for twelve months within their environment. The database can be 100 - GB in size. - -## Securing the Access Analyzer Database - -The typical database configuration is to have **sysadmin Server Role** assigned to the ID used to -connect to the SQL instance. It will allow full control over the instance where the Access Analyzer -database resides. This configuration is chosen because Access Analyzer requires some interaction -with the master database in order to install and configure the initial Access Analyzer database. -When it is necessary to secure the Access Analyzer database, the following steps should be followed -to achieve the minimum SQL security levels without breaking core Access Analyzer functionality. - -### Database Creation & First Level of Security - -Use SQL Server Management Studio to create the Access Analyzer database and configure the settings -for the server roles and user mappings. - -![SQL Server Management Studio create New Database](/img/product_docs/accessanalyzer/install/application/createnewdatabase.webp) - -**Step 1 –** Create a new database for use with Access Analyzer. Right-click on the **Databases** -node and choose **New Database**. - -![SQL Server Management Studio New Database window](/img/product_docs/accessanalyzer/install/application/newdatabase.webp) - -**Step 2 –** Set the **Database name**. Set any other desired data files configuration per company -standards. Click **OK** on the New Database window. - -**_RECOMMENDED:_** Enter Access Analyzer as the Database name. - -![SQL Server Management Studio create New Login](/img/product_docs/accessanalyzer/install/application/newlogin.webp) - -**Step 3 –** Create a new SQL Login account by right-clicking on the **Security** > **Logins** -folder and selecting **New Login**. - -**Step 4 –** Choose the authentication mode as the login type for use with the newly created Access -Analyzer database. The available options are Windows authentication and SQL Server authentication. - -![SQL Server Management Studio new login with Windows authentication](/img/product_docs/accessanalyzer/install/application/loginwindows.webp) - -- If **Windows authentication** is desired, then click **Search** and select the desired Windows - account, which has been set up for use with Access Analyzer. - -![SQL Server Management Studio new login with SQL Server authentication](/img/product_docs/accessanalyzer/install/application/loginsql.webp) - -- **_RECOMMENDED:_** If **SQL Server authentication** is desired, use a login name called Access - Analyzer. - -**NOTE:** Set the **Default Database** as Access Analyzer (or the desired Access Analyzer database) -and choose English as the **Default Language**. - -![SQL Server Management Studio New Login User Mapping](/img/product_docs/accessanalyzer/install/application/loginusermapping.webp) - -**Step 5 –** Navigate to the **User Mapping** menu, select the Access Analyzer (or the desired -Access Analyzer database) database, and set the **Default Schema** to **DBO**. - -**Step 6 –** In the **Database role membership** section, set the role to **db_owner**. Click **OK** -to save new user configuration information and continue on to configure the Access Analyzer Console. - -**Step 7 –** Configure the Access Analyzer Console to access the assigned database using the newly -secured login account. - -**NOTE:** This step requires the completion of the Access Analyzer installation. See the -[Access Analyzer Core Installation](/docs/accessanalyzer/12.0/getting-started/installation/application/wizard.md) topic for instructions. - -![Storage Profile configuration page](/img/product_docs/accessanalyzer/install/application/storageprofile.webp) - -**Step 8 –** Launch Access Analyzer and navigate to **Settings** > **Storage**. - -- Select the Storage Profile and enter the name of the SQL Server in the **Server name** field and - **Instance Name**, if applicable. -- Enter the name of the Access Analyzer database in the **Use existing database** field. -- Choose the authentication method which matches the secure login that was created in Step 4, either - **Windows authentication** or **SQL Server authentication**. If using SQL Server authentication, - enter the **User name** and **Password**. - -![Connection report window](/img/product_docs/accessanalyzer/install/application/connectionreport.webp) - -- Click **Apply** and a Connection report window will open. Verify that the connection and test - table drop were performed successfully. -- Click **Close** on the Connection report window and then **Save** the new Storage Profile. - -![Change storage profile dialog](/img/product_docs/accessanalyzer/install/application/changestorageprofile.webp) - -**NOTE:** If previously connected to another database which already had the Access Analyzer DB -schema applied, then a prompt should appear to merge the host management data. Choose the -appropriate options and then click **OK** to migrate data. - -**Step 9 –** Make sure to close and re-open the Access Analyzer Console before continuing to -configure or use Access Analyzer if a new database Storage Profile was chosen as the default. - -The **blue arrow** signifies the default profile was changed but does not take effect until the -required restart of the Access Analyzer Console. - -See the [Access Analyzer Initial Configuration](/docs/accessanalyzer/12.0/getting-started/installation/application/first-launch.md) topic to perform these steps during -the initial configuration process after installation. - -### Second Level of Security - -For second level security of the SQL Server database, use the script provided in the -[Database Permissions](#database-permissions) section. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/first-launch.md b/docs/accessanalyzer/12.0/getting-started/installation/application/first-launch.md deleted file mode 100644 index d01f5c7ad5..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/first-launch.md +++ /dev/null @@ -1,119 +0,0 @@ -# Access Analyzer Initial Configuration - -Once the Access Analyzer installation process is complete, and before performing actions within -Access Analyzer, the initial settings for the Access Analyzer Console must be configured. - -![Newrix Access Governance shortcut](/img/product_docs/accessanalyzer/install/application/shortcut.webp) - -**Step 1 –** Launch the Access Analyzer application. The installation wizard places the Access -Analyzer icon on the desktop. - -![Configuration Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page of the Access Analyzer Configuration Wizard, click **Next** to -continue. - -![Configuration Wizard Version Selection page](/img/product_docs/accessanalyzer/install/application/versionselection.webp) - -**Step 3 –** On the Version Selection page, select the **I have no previous versions to migrate data -from** and click **Next** to continue. - -**NOTE:** If you are upgrading from a previous version of Access Analyzer, select **Choose a -StealthAUDIT root folder path to copy from**. See the -[Access Analyzer Console Upgrade](/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/overview.md) topic for additional information. - -![SQL Server Settings page](/img/product_docs/accessanalyzer/install/application/sqlserver.webp) - -**Step 4 –** Configure the options on the SQL Server Settings page. - -- Server name – Enter the database server host name (NetBIOS name, FQDN, or IP Address) -- Instance name – If the SQL Server is configured to use an instance name, provide the instance name - in the text box. If not, leave this text box blank. - - - To change the instance port number, provide the instance name in the format - `,`. For example, if using the default **MSSQLSERVER** instance and port - **12345**, the instance name should be entered as `MSSQLSERVER,12345`. - -- Command timeout [number] minutes – Number of minutes before Access Analyzer halts any SQL queries - running for that amount of time. This prevents SQL queries from running excessively long. The - default is 1440 minutes. -- Windows authentication – Leverages the account used to open the Access Analyzer Console. This - option will use Windows NT Authentication to authenticate to the SQL Server. It also requires the - Schedule Service Account to have proper permissions on the SQL database. -- SQL Server authentication – Leverages an account created within the SQL Server. - - - User name and password – If SQL Server authentication is selected, provide the **User name** - and **Password** for the SQL account. - - Specify a new password below – Specify a new password for the SQL server. - -- Use existing database – Confirm the SQL Server connection has been established by selecting the - radio button for **Use existing database** and clicking the drop-down arrow. If a listing of - databases appears, then the connection has been established. Select this option to use a - pre-existing database. Then select a database from the drop-down menu of available databases. -- Create new database – Select this option to create a new database during the configuration of the - storage profile. Enter a unique, descriptive name for the new database. If multiple databases - might exist for Access Analyzer, then the default name of Access Analyzer is not recommended. - -See the [Securing the Access Analyzer Database](/docs/accessanalyzer/12.0/getting-started/installation/application/database.md#securing-the-access-analyzer-database) -topic for additional information on creating a SQL Server database for Access Analyzer. - -**Step 5 –** Click **Next**. - -- If SQL Server authentication is used, the Options page is displayed next. Skip to Step 7. -- If Windows Server authentication is used, the **Schedule Account** page is enabled for - configuration. Continue to Step 6. - -![Schedule Account Configuration page](/img/product_docs/accessanalyzer/install/application/scheduleaccount.webp) - -**Step 6 –** (Windows Authentication Only) Configure the schedule service account on the Scheduling -page. The account configured here must be an Active Directory account and must have rights to the -Access Analyzer Console server’s local Task folders as well as sufficient rights to the Access -Analyzer database. - -There are two options that can be selected: - -- Skip this step, I will configure a schedule service account later – Select this radio button to - skip this step and configure the schedule service account later -- Use the following service for account – Select this radio button to configure the schedule service - account and enter the following information: - - - Domain – The domain for the service account - - User name – The user name for the service account - - Password – The password for the service account - - Confirm – Re-enter the password for the service account - -![Configuration wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -**Step 7 –** On the Options page, select whether to send usage statistics to Netwrix to help us -improve our product. After the Usage Statistics option is set as desired, click **Next** to -continue. - -- If selected, usage statistics are collected and sent to Netwrix - - - Upon startup of the Access Analyzer console, the system checks if usage statistics have been - sent in the last 7 days. If they have not been, stored procedures run against the Access - Analyzer database and gather data about job runs, access times, and environmental details like - resource counts, users counts, number of exceptions, and so on. This data is then sent back to - Netwrix to help us identify usage trends and common pain points, so that we can use this - information to improve the product. - - Only anonymous statistic-level data is included. No private company or personal data is - collected or sent to Netwrix. - -- If cleared, no usage statistics are collected or sent to Netwrix - -![Progress page when upgrade process has completed](/img/product_docs/threatprevention/threatprevention/install/reportingmodule/completed.webp) - -**Step 8 –** After the Access Analyzer Configuration Wizard finishes configuring your installation, -click **Finish** to open the Access Analyzer Console. - -**NOTE:** To view the log for the setup process, click **View Log** to open it. If you need to view -the log after exiting the wizard, it is located in the installation directory at -`..\STEALTHbits\StealthAUDIT\SADatabase\Logs`. See the -[Troubleshooting](/docs/accessanalyzer/12.0/administration/maintenance/troubleshooting.md) topic for more information about logs. - -![Netwrix Acces Governance Settings Node](/img/product_docs/accessanalyzer/install/application/settingsnode.webp) - -The Access Analyzer Console is now ready for custom configuration and use. There are a few -additional steps to complete in order to begin collecting data, such as configuring a Connection -Profile and a Schedule Service account as well as discovering hosts and setting up host lists. See -the [Getting Started](/docs/accessanalyzer/12.0/getting-started/index.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/other-languages.md b/docs/accessanalyzer/12.0/getting-started/installation/application/other-languages.md deleted file mode 100644 index 3081215405..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/other-languages.md +++ /dev/null @@ -1,142 +0,0 @@ -# Non-English Language Environments - -There are specific SQL Server requirements when installing Access Analyzer in a non-English Language -environment, specifically when the environment uses a non-Latin alphabet. - -## Requirements - -The following collation requirements need to be met prior to the Access Analyzer installation. - -### Database & Server Collation Settings - -The collation settings at the database level must match what is set at the server level. - -Symptoms - -Common errors that occur are: - -- Implicit conversion of VARCHAR value to VARCHAR cannot be performed because the collation of the - value is unresolved due to a collation conflict. - - Could not find stored procedure `#SA_ImportObject` - - Cannot drop the procedure `#SA_ImportObject`, because it does not exist or lack of permission -- Cannot resolve the collation conflict between **SQL_Latin1_General_CP1_CI_AS** and - **French_CI_AS** in the equal to operation. - -Cause - -These errors occur because the Access Analyzer solutions use many temporary functions and procedures -which in turn use the collation at the server level. Temporary tables created within a stored -procedure use the TEMPDB database’s collation instead of the current user database’s collation. -Therefore, there will be issues in analysis due to the mismatch. - -Resolution - -The following is a work-around which we use to avoid collation errors. However, when making changes -at the SQL Server level, use caution as it actually rebuilds all user/system database objects. If -there are schema bound objects (i.e. Constraints), the whole operation will fail. Make sure to have -all of the information or scripts needed to recreate the Access Analyzer user’s databases and all of -the objects in them. Customers should use a localized version of the SQL Server, and this should not -be done in production environments. - -#### Change Collation at the Database Level - -Follow the steps to change the collation at the database level. - -**Step 1 –** Access the Database Properties in SQL Server Management Studio. - -![SQL Server Management Studio Database Properties window](/img/product_docs/accessanalyzer/install/application/databasepropertiescollation.webp) - -**Step 2 –** Select **Options** and set the collation. - -Now that the collations match, proceed with Access Analyzer installation. - -#### Change Collation at the SQL Server Level - -Follow the steps to change the collation at the SQL Server level. - -![SQL Server Configuration Manager](/img/product_docs/accessanalyzer/install/application/sqlserverconfigurationmanager.webp) - -**Step 1 –** Stop the SQL Server service from the Configuration Manager. - -**Step 2 –** Open CMD console as Administrator, and go to the following path (or the path where the -binary files are): - -``` -…\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn   -``` - -**Step 3 –** Execute the following command (or whichever collation is needed): - -``` -sqlservr.exe  -m -T4022 -T3659 -q "French _CS_AS" -``` - -See the Microsoft -[Collation and Unicode support](https://learn.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support) -article for collation matches. - -**Step 4 –** Wait until it finishes and start the SQL Server service again. - -Now that the collations match, proceed with Access Analyzer installation. - -### Case Sensitive Collation - -Access Analyzer does not support case sensitive collation settings. Case insensitive collations are -notated by having **CI** in the collation, for example **Latin1_General_CI_AS**. - -Cause - -For example, `SYS.INDEXES` will be unable to be found if there was an English install of SQL Server -but a Turkish collation which is case sensitive. So `'SYS.INDEXES != 'sys.indexes' `in the -environment. - -Resolution - -All collation settings must be case insensitive. - -## Troubleshooting - -The following are possible problems for future consideration. - -During comparison or joining of columns, collation conflict error occurs in two cases if collation -of one column does not match with collation of another column: - -This can be generated by the following script: - -``` -CREATE TABLE TestTab -(PrimaryKey int PRIMARY KEY, -CharCol char(10) COLLATE French_CI_AS, -CharCol2 char(10) COLLATE greek_ci_as -) -INSERT INTO TestTab VALUES (1, 'abc', 'abc')  -SELECT * FROM TestTab WHERE CharCol = CharCol2 -``` - -- Error Returned – Cannot resolve the collation conflict between **Greek_CI_AS** and - **French_CI_AS** in the equal to operation. -- Resolution – If the select statement is changed as below, then it would run successfully. - - ``` - SELECT * FROM TestTab WHERE CharCol = CharCol2 COLLATE Albanian_CI_AI - ``` - -**NOTE:** Explicit collation (Albanian_CI_AI) is not one of any column, but after that it will -complete successfully. The collation of two columns have not been matched, instead the third rule of -collation precedence was implemented. See the Microsoft -[Collation Precedence](https://learn.microsoft.com/en-us/sql/t-sql/statements/collation-precedence-transact-sql) -article for additional information. - -### Resources - -The following articles may be of assistance: - -- Microsoft - [Collation and Unicode support](https://learn.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support) - article -- Microsoft - [Collation Precedence](https://learn.microsoft.com/en-us/sql/t-sql/statements/collation-precedence-transact-sql) - article -- Microsoft - [Set or change the server collation](https://learn.microsoft.com/en-us/sql/relational-databases/collations/set-or-change-the-server-collation) - article diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/overview.md b/docs/accessanalyzer/12.0/getting-started/installation/application/overview.md deleted file mode 100644 index ca2837a5ec..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/overview.md +++ /dev/null @@ -1,82 +0,0 @@ -# Installation & Configuration Overview - -This section provides instructions for installing Access Analyzer and the initial configuration -required when first launching the Access Analyzer Console. It also includes additional information, -such as how to secure the Access Analyzer Database, and configuring the Web Console for viewing -reports outside of the Access Analyzer Console. - -Prior to installing Access Analyzer, please ensure that all of the prerequisites have been met. See -the [Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for more information. - -## Binaries - -There are a variety of Access Analyzer binaries based on the organizational auditing objectives. -Your Netwrix Representative will provide the appropriate binaries. - -- Access Analyzer binary – Core installation package - - - Includes data collectors, analysis modules, and action modules - - An organization’s license key, needed during installation, controls which components are laid - down during installation - - If your license includes Sensitive Data Discovery (SDD), the necessary SDD components are - installed - - Installs the Web Console - -- File System Proxy binary – Installation package for the File System Proxy Scanning option - - - If your license includes Sensitive Data Discovery (SDD), the necessary SDD components are - installed - - See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md) topic for - additional information. - -- Activity Monitor binary – Installation package for monitoring Windows and NAS device file system - activity - - - See the Installation topic of the - [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) - for additional information. - -- SharePoint Agent binary – Installation package for the SharePoint Agent (optional for Access - Auditing of SharePoint farms) - - - If your license includes Sensitive Data Discovery (SDD), the necessary SDD components are - installed - - See the [SharePoint Agent Installation](/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/overview.md) topic for additional - information. - -- Access Analyzer MAPI CDO binary – One of two installation package needed to enable the Exchange - Solution - - - See the - [StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/stealthaudit-mapi-cdo-installation.md) - topic for additional information. - -- Access Analyzer Reporting Services binary – Installation package for Survey Action Module - Reporting Service -- Netwrix Access Information Center binary – Installation package for the Netwrix Access Information - Center - - - Customers who are logged in to the Netwrix Customer Portal can download the latest version of - their software products from the My Products page: - [https://www.netwrix.com/my_products.html](https://www.netwrix.com/my_products.html). See the - [Customer Portal Access](https://helpcenter.netwrix.com/bundle/NetwrixCustomerPortalAccess/page/Customer_Portal_Access.html) - topic for information on how to register for a Customer Portal account.Partners and MSPs who - are logged into the Netwrix Partner Portal can download the latest version of their software - products from the My Product page: - [https://www.netwrix.com/par/site/products](https://www.netwrix.com/my_products.html). To - receive an invitation to the Partner Portal, please contact - [netwrix.msp@netwrix.com](http://netwrix.msp@netwrix.com/). - - See the - [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) - for additional information. - -## License Key - -Your Netwrix Representative will provide the necessary license key. The Access Analyzer license key -(`StealthAUDIT.lic`) is needed for the Access Analyzer Core Installation. See the -[Access Analyzer Core Installation](/docs/accessanalyzer/12.0/getting-started/installation/application/wizard.md) topic for additional information. - -To grant access to additional Solution sets or enable Sensitive Data Discovery in an existing Access -Analyzer installation, a new license key is required. To update the Access Analyzer license key -without installing a new version of the Access Analyzer Console, see the -[Update License Key](/docs/accessanalyzer/12.0/getting-started/installation/application/update-license.md) topic for instructions. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/adfs.md b/docs/accessanalyzer/12.0/getting-started/installation/application/reports/adfs.md deleted file mode 100644 index ddef2a10c2..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/adfs.md +++ /dev/null @@ -1,131 +0,0 @@ -# Configuring the Web Console to use ADFS - -The Access Analyzer Webserver and Access Information Center are able to support Single-Sign-On (SSO) -leveraging WSFederation with SAML tokens. This guide contains steps for implementing SSO using -Active Directory Federation Services (ADFS). - -Follow the steps to configure the Web Console to use ADFS authentication: - -**NOTE:** A certificate from the ADFS server is required. Confer with a PKI administrator to -determine which certificate method will conform to the organization's security policies. - -**Step 1 –** Import the certificate for the ADFS server onto the hosting server using the -Certificate Management MMC snap-in. - -- If used, self-signed certificates will also need to be imported - -**Step 2 –** On the ADFS server, open **AD FS Management**. - -**Step 3 –** Navigate to **Relying Party Trusts** and click **Add Relying Part Trust...**. Use the -Add Relying Party Trust Wizard to configure the relying party trust: - -- On the Welcome page, select **Claims aware** and click **Start**. -- On the Select Data Source page, select **Enter data about the relying party manually** and click - **Next**. -- On the Specify Display Name page, enter a display name for the relying party trust. Click - **Next**. -- On the Configure URL page, do not select any options and click **Next**. - - ![Identifier added on the Configure Identifiers page](/img/product_docs/accessanalyzer/install/application/reports/relyingpartytrustwizardidentifier.webp) - -- On the Configure Identifiers page, add an identifier of `https://` followed by the fully qualified - domain name (FQDN) of your ADFS server. - - - For example, `https://app0290.train90.local` - -- Click **Next** to proceed through the remaining wizard pages and complete the wizard. - -![Add an Endpoint window](/img/product_docs/accessanalyzer/install/application/reports/addanendpointwindow.webp) - -**Step 4 –** Double-click on the newly added relying party trust to open it's Properties window. -Navigate to the Endpoints tab and click **Add WS-Federation**. On the Add an Endpoint window, add -``https://``:``/federation`` as the Trusted URL, then click -**OK**. - -- For example, `https://app0190.train90.local:8082/federation` - -Click **OK** to save the changes and close the properties window. - -**Step 5 –** Select the relying party trust, and click **Edit Claim Issuance Policy** on the -right-hand panel. - -- On the Edit Claim Issuance Policy window, click **Add Rule**. -- On the Choose Rule Type page of the Add Transform Claim Rule Wizard, select **Send LDAP Attributes - as Claims** as the Claim rule template. Click **Next**. - - ![Configure Claim Rule page](/img/product_docs/accessanalyzer/install/application/reports/claimrulenameadfsconfig.webp) - -- On the Configure Claim Rule page, enter a name in the **Claim rule name** field. - -If the SID claim is not configured by default, add it to the Claim Description as follows: - -![Configure Claim Rule SID Properties](/img/product_docs/accessanalyzer/install/application/reports/claimrulenamesidproperties.webp) - -**Step 6 –** Navigate to the Access Analyzer installation directory and open the -`WebServer.exe.config` file in a text editor. - -![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigadfs.webp) - -**Step 7 –** In the `WebServer.exe.config` file, change the following parameters: - -- `WsFederationMetadata` – Change the value to the following: - - ``` - - ``` - -- `WsFederationRealm` – Replace the value text with the URL entered for the Relying Party Trust in - Step 3: - - ``` - - ``` - - ![URL required for WsFederationRealm attribute](/img/product_docs/accessanalyzer/install/application/reports/wsfederationrealmurl.webp) - - You can retrieve the URL value from the Identifiers tab of the relying party trust properties - window. - -- `WsFederationReply` – Replace the value text with the Trusted URL entered for the Endpoint in Step - 4: - - ``` - - ``` - - ![URL required for WsFederationReply attribute](/img/product_docs/accessanalyzer/install/application/reports/wsfederationreplyurl.webp) - - You can obtain the URL required for this parameter from the Endpoints tab of the relying party - trust properties window. Select the endpoint and click **Edit** to open the Edit Endpoint - window. - -The following is an example of how the parameters should look when configured in the config file: - -``` - -  -  -``` - -**Step 8 –** Save the changes in the `WebServer.exe.config` file. - -**Step 9 –** Navigate to Services (`services.msc`). Restart the **Access Analyzer Web Server** -service. - -ADFS authentication is now enabled for Access Analyzer. - -## Update the Published Reports URL for ADFS - -If ADFS does not accept `http://localhost:8082/` as an acceptable path, the path will need to be -updated in the Published Reports properties window. Follow the steps to configure the Published -Reports URL for ADFS: - -**Step 1 –** Right-click the Published Reports shortcut on the desktop and select **Properties**. - -![Published Reports desktop shortcut properties](/img/product_docs/accessanalyzer/install/application/reports/publishedreportsproperties.webp) - -**Step 2 –** Replace the URL with `https://SAWebConsole.domain.com:8082`. - -**Step 3 –** Click **Apply**. Exit the window. - -The Published Reports URL is now configured for ADFS. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/disclaimer.md b/docs/accessanalyzer/12.0/getting-started/installation/application/reports/disclaimer.md deleted file mode 100644 index cd13a03d15..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/disclaimer.md +++ /dev/null @@ -1,46 +0,0 @@ -# Configuring Login Page Disclaimer - -Users can add a disclaimer message to the logon screen by adding a custom `Disclaimer.txt` file in -the Web folder in the Access Analyzer directory and configuring the `WebServer.exe.config` file. -Follow the steps to configure the optional disclaimer message: - -**Step 1 –** Navigate to the Web folder of the installation directory: -` …\STEALTHbits\StealthAUDIT\Web`. - -![Disclaimer.txt file added to the Web folder](/img/product_docs/accessanalyzer/install/application/reports/disclaimertxt.webp) - -**Step 2 –** Create a `Disclaimer.txt` file in the Web folder. Write a custom disclaimer that -displays on the login page for the Web Console. - -- The text file must be named `Disclaimer.txt`. The disclaimer message option is not configured - properly if using a text file with a different name. - -![File Explorer WebServer.exe.config](/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigfile.webp) - -**Step 3 –** Locate the `WebServer.exe.config` file and open it. - -![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigdisclaimer.webp) - -**Step 4 –** Find the following line in the text: - -``` - -``` - -**Step 5 –** Replace the value with `true` so that the line now reads as: - -``` - -``` - -**Step 6 –** Save the changes to enable the disclaimer message on the Web Console login page. - -![Web Console login page with disclaimer message](/img/product_docs/accessanalyzer/install/application/reports/webconsolelogindisclaimer.webp) - -**Step 7 –** To check if the disclaimer message was configured correctly, open the Web Console to -access the login page. - -- If the disclaimer is configured correctly, the custom disclaimer message displays at the bottom of - the login page. - -The disclaimer message displays on the Web Console login page. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/domains.md b/docs/accessanalyzer/12.0/getting-started/installation/application/reports/domains.md deleted file mode 100644 index 04044db0ea..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/domains.md +++ /dev/null @@ -1,39 +0,0 @@ -# Enable Multiple Domain Access - -When the `AuthenticationDomains` parameter in the **WebServer.exe.config** file is blank, only -domain users from the domain where the Access Analyzer Console resides can access the Web Console. -Access can be granted from other domains when specified within this parameter. - -**NOTE:** Once another domain is added, then it is necessary to also add the domain where the Access -Analyzer Console resides. - -All domains provided or enumerated must have a trust relationship with the domain where Access -Analyzer resides. Follow the steps to allow access to the Web Console from other domains. - -**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is -located within the Web folder of the Access Analyzer installation directory. - -![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigmultipledomains.webp) - -**Step 2 –** Add the desired domains to the value for the `AuthenticationDomains` parameter: - -``` - -``` - -Use domain name in a comma-separated list. For example: - -``` - -``` - -**Step 3 –** Save and close the file. - -**Step 4 –** Navigate to Services (`services.msc`). Restart the Access Analyzer Web Server service. - -The Web Console can now be accessed from multiple domains. - -**NOTE:** In order for the AIC to be accessed from these domains, this must also be configured for -the AIC. See the Multiple Domains topic in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/entra-id-sso.md b/docs/accessanalyzer/12.0/getting-started/installation/application/reports/entra-id-sso.md deleted file mode 100644 index 05944c6171..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/entra-id-sso.md +++ /dev/null @@ -1,115 +0,0 @@ -# Microsoft Entra ID Single Sign-On - -Microsoft Entra ID Single Sign-On (SSO) can be configured for logging in to the Web Console to view -reports. When configured, users accessing the Web Console are directed to the Microsoft Entra -ID login page, and can log in using their existing Entra credentials. - -The following is required to use Microsoft Entra ID SSO: - -- SSL must be enabled -- The on-premise Active Directory must be synced with Microsoft Entra ID - -To enable Microsoft Entra ID SSO, you must first create a registered application in Microsoft Entra -ID, and then configure the Web Console to use it. - -## Configure an Application in Microsoft Entra ID - -An application must be registered for the Web Console with your Microsoft Entra ID tenant and be -configured with the necessary single sign-on settings. Follow the steps to create and configure the -application. - -**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). - -**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** > **Enterprise -Applications**. On the top toolbar, click App registrations and then **Create your own -application**. - -**Step 3 –** On the Create your own application page, enter a name for your application and select -the **Integrate any other application you don't find in the gallery** option. Click **Create** to -finish creating the application. - -**Step 4 –** In your application, go to **Manage** > **Single sign-on**. Select **SAML** as the -single sign-on method. - -**Step 5 –** On the Set up Single Sign-On with SAML page, click **Edit** on the Basic SAML -Configuration section. Add your Identifier and Reply URL, and then click **Save**. - -- As the Identifier, enter ``https://``:`` ``, for example: - - ``` - https://app0190.train90.local:8082 - ``` - -- As the Reply URL, enter ``https://``:``/federation``, for - example: - - ``` - https://app0190.train90.local:8082/federation - ``` - -**Step 6 –** Next, click **Edit** on the Attributes & Claims section. The four claims in the table -below are required. For each of these, click **Add new claim**, enter the information from the -table, and then click **Save**. - -| Name | Namespace | Source attribute | -| ------------------ | ------------------------------------------------------- | --------------------------------- | -| windowsaccountname | http://schemas.microsoft.com/ws/2008/06/identity/claims | user.onpremisessamaccountname | -| name | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.displayname | -| sid | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.onpremisessecurityidentifier | -| upn | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.onpremisesuserprincipalname | - -Once configured they should show under Additional claims as below: - -![Claims configured](/img/product_docs/accessanalyzer/install/application/reports/entraidssoclaims.webp) - -**Step 7 –** In the **Manage** > **Users and groups** section for your application, add any required -users or groups to give permission to access the application. - -The application is now configured with the necessary settings. The next step is to enable the use of -Microsoft Entra ID SSO in the web server config file. - -## Enable in the Web Server Config File - -To enable Microsoft Entra ID SSO for the Web Console, the web server config file needs to be updated -with values from Microsoft Entra ID. Follow the steps to enable the SSO. - -_Remember,_ Enabling Entra ID SSO requires SSL to already have been enabled for the web server. See -the [Securing the Web Console](/docs/accessanalyzer/12.0/getting-started/installation/application/reports/secure.md) topic for additional information. - -**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is -located within the Web folder of the Access Analyzer installation directory. - -![Parameters in the web server config file](/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigfileentrasso.webp) - -**Step 2 –** Locate the **WsFederationMetaData**, **WsFederationRealm**, and **WsFederationReply** -Parameters in the config file, and add the required values from your Microsoft Entra ID application: - -- WsFederationMetaData – Metadata markup for describing the services provided - - - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single - sign-on** > **SAML Certificates** > **App Federation Metadata Url** - -- WsFederationRealm – Maps to the application identifier to Microsoft Entra ID - - - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single - sign-on** > **Basic SAML Configuration** > **Identifier** - -- WsFederationReply – This is the endpoint for the configured relying party trust - - - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single - sign-on** > **Basic SAML Configuration** > **Reply URL** - -For example: - -``` -     -     -     -``` - -**Step 3 –** Save and close the file. - -**Step 4 –** Navigate to Services (`services.msc`). Restart the Netwrix Access Analyzer (formerly -Enterprise Auditor) Web Server service. - -The Web Console has been enabled for Microsoft Entra ID single sign-on. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/kerberos-encryption.md b/docs/accessanalyzer/12.0/getting-started/installation/application/reports/kerberos-encryption.md deleted file mode 100644 index 405f5bc8b4..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/kerberos-encryption.md +++ /dev/null @@ -1,102 +0,0 @@ -# Manage Kerberos Encryption Warning for the Web Console - -If a computer's Local Security Policy, or applicable Group Policy, enforces certain encryption -methods for Kerberos authentication, then the service account running the Access Analyzer Web Server -must support the same encryption methods. - -If encryption methods have been configured for Kerberos on the Access Analyzer server but not on the -service account running the Access Analyzer Web Server service, then users will not be able to -log-in to the Web Console and will receive the below error message. - -![Kerberos Error Message](/img/product_docs/accessanalyzer/install/application/reports/kerberoserrormessage.webp) - -When this occurs, the following error will be logged: - -_ERROR - Unhandled server error: Nancy.RequestExecutionException: Oh noes! ---> -System.Security.SecurityException: The encryption type requested is not supported by the KDC_. - -This error will be logged in the following location: - -%SAINSTALLDIR%\SADatabase\Logs\Web\service.log - -While it is not required to configure these settings, this section provides the locations and steps -necessary to configure encryption methods in Local and Group policies to allow Kerberos for the -Report Index if an error does occur. - -## Local Security Policies - -Follow the steps to configure a Local Security Policy to allow Kerberos. - -**Step 1 –** Open the Local Security Policy window. - -![Local Security Policy Window](/img/product_docs/accessanalyzer/install/application/reports/localsecuritypolicywindow.webp) - -**Step 2 –** From the Security Settings list, navigate to **Local Policies** > **Security Options**. - -**Step 3 –** Right-click the **Network Security: Configure encryption types allows for Kerberos** -policy > click **Properties**. - -![Configure Local Security Setting Window](/img/product_docs/accessanalyzer/install/application/reports/configurelocalsecuritysettingwindow.webp) - -**Step 4 –** Configure necessary settings by checking each applicable box. - -**Step 5 –** Click **Apply**, then click **OK**. - -A Local Security Policy has been configured to allow encryption methods for Kerberos. Proceed to the -[Configure Active Directory Users and Computers Settings to allow Kerberos](#configure-active-directory-users-and-computers-settings-to-allow-kerberos) -section of this topic to ensure Active Directory Users and Computer settings are configured to allow -the encryption methods for Kerberos. - -## Group Security Policy - -Follow the steps to configure a Local Group Security Policy to allow Kerberos. - -**Step 1 –** Open the Local Group Policy Editor window. - -![Local Group Policy Editor window](/img/product_docs/accessanalyzer/install/application/reports/localgrouppolicywindow.webp) - -**Step 2 –** From the Local Computer Policy list, navigate to **Computer Configuration** > **Windows -Settings** > **Security Settings** > **Local Policies** > **Security Options** folder . - -**Step 3 –** Right-click the **Network Security: Configure encryption types allows for Kerberos** -policy, then click **Properties**. - -![Configure Local Security Setting Window](/img/product_docs/accessanalyzer/install/application/reports/configurelocalsecuritysettingwindow.webp) - -**Step 4 –** Configure necessary settings by checking each applicable box. - -**Step 5 –** Click **Apply**, then click **OK**. - -A Local Group Security Policy has been configured to allow encryption methods for Kerberos. Proceed -to the -[Configure Active Directory Users and Computers Settings to allow Kerberos](#configure-active-directory-users-and-computers-settings-to-allow-kerberos) -section of this topic to ensure Active Directory Users and Computer settings are configured to allow -the encryption methods for Kerberos. - -## Configure Active Directory Users and Computers Settings to allow Kerberos - -Follow the steps to ensure the settings for Active Directory Users and Computers are configured to -allow the encryption methods to allow Kerberos. Configurations selected in this section should -reflect the configuration options selected in the two sections above. See the -[Local Security Policies](#local-security-policies) and -[Group Security Policy](#group-security-policy) topics for additional information. - -**Step 1 –** Open the Active Directory Users and Computers window. - -![Active Directory Users and Computers Window](/img/product_docs/accessanalyzer/install/application/reports/activedirectoryusersandcomputerswindows.webp) - -**Step 2 –** Click and expand the Domain from the left-hand menu and click **Users**. - -**Step 3 –** Right-click a **User** from the list of available users, then click **Properties**. - -![User Properties Window](/img/product_docs/accessanalyzer/install/application/reports/userproperteswindow.webp) - -**Step 4 –** Click the **Account** tab. - -**Step 5 –** Locate the appropriate Account options and check the corresponding boxes. - -**Step 6 –** Click **Apply**, then click **OK**. - -Active Directory Users and Computer settings have been configured to allow the encryption methods -for Kerberos. These settings should match the configuration options for Local Security Policies and -Local Group Policies. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/okta.md b/docs/accessanalyzer/12.0/getting-started/installation/application/reports/okta.md deleted file mode 100644 index 8f7f182176..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/okta.md +++ /dev/null @@ -1,171 +0,0 @@ -# Creating an Application and Attributes in Okta - -Create an Access Analyzer Application in Okta Using the WS-Fed Template - -Follow the steps to create an Access Analyzer Application in Okta Using the WS-Fed Template: - -**Step 1 –** Log in to Okta. - -**Step 2 –** In the left-pane menu, expand **Applications** and then click **Applications**. - -**Step 3 –** Click **Create App Integration**. - -![Okta Browse App Integration Catalog](/img/product_docs/accessanalyzer/install/application/reports/oktawsfedtemplate.webp) - -**Step 4 –** Browse the App Integration Catalog and select **Template WS-Fed**. - -**Step 5 –** Click **Create**. Name the application Access Analyzer. - -Retrieve the Values to Paste into the Access Analyzer WebServer.exe.config File - -![Okta Application copy link address](/img/product_docs/accessanalyzer/install/application/reports/oktacopylinkaddress.webp) - -**Step 1 –** In the Access Analyzer application, click the **Sign On** tab. - -**Step 2 –** Right click on the **Identity Provider metadata** link and select **Copy Link Address** -to get the value for the WSFederationMetadata URL. - - - -**Step 3 –** Click on the General tab to copy the value for the **Realm**. This value will be unique -per tenant. - -`https://www.okta.com/` - -**Step 4 –** Construct the ReplytoURL using the FQDN of your Access Analyzer server: - -https://FQDNofaccessanalyzerserver.com:8082/federation - -Edit the WebServer.exe.config File - -Follow the steps to edit the **WebServer.exe.config** file: - -**Step 1 –** Open the **WebServer.exe.config** file with a text editor, such as Notepad++. It is -located in the Web folder within the Access Analyzer installation. - -**Step 2 –** Change the value for the `BindingUrl` parameter from `http` to `https`: - -``` - -``` - -![Okta application values in WebServer.exe.config file](/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigokta.webp) - -**Step 3 –** Update the following values in the **WebServer.exe.config** file with the values -retrieved from the Access Analyzer Okta application. - -**CAUTION:** These values are case sensitive. The values used here must match the values in the -Access Analyzer Okta application. - -- `WSFederationMetadata` – Paste the copied link address into the **WebServer.exe.config** file as: - - ``` - - ``` - -- `WSFederationRealm` – Paste the value for the Realm into the **WebServer.exe.config** file as: - - ``` - - ``` - -- `WSFederationReply` – Enter the value for the WSFederationReply based on the FQDN of the Access - Analyzer server and port into the **Webserver.exe.config** file as: - - ``` - - ``` - -**Step 4 –** Restart the Access Analyzer Web Server. - -Configure the App Settings for the StealthAUDIT Application - -**Step 1 –** In the Access Analyzer application, navigate to the General Tab and click **Edit** to -populate the following fields. - -- Web Application URL – This value should follow this - format:`https://:8082/` -- Realm – This value is unique per tenant and should follow this format: - `https://www.okta.com/` -- Audience Restriction – This value should match the value for the Realm -- ReplyToURL – Enter the value from the WSFederationReply setting from the **Webserver.exe.config** - file - - - `https://FQDNofaccessanalyzerserver.com:8082/federation` - -- Custom Attribute Statement – This value must match the following format, including case and bold - areas: - - http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname|${user.__samaccountname__}|, - http://schemas.xmlsoap.org/ws/2005/05/identity/claims/sid|${user.__SID__}|,http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn|${user.__upn__}| - -![oktaprofileeditor](/img/product_docs/accessanalyzer/install/application/reports/oktaprofileeditor.webp) - -**Step 2 –** Navigate to the Directory menu and select **Profile Editor** from the drop-down menu. -Click the **Edit Profile** button for the Access Analyzer application. - -![Okta Add Attribute button](/img/product_docs/accessanalyzer/install/application/reports/oktaaddattribute.webp) - -**Step 3 –** Click **Add Attribute** to open the Add Attribute window. - -![Okta Add Atrribute window](/img/product_docs/accessanalyzer/install/application/reports/oktaaddattributewindow.webp) - -**Step 4 –** In the Add Attribute window, add the following attributes: - -- Username -- SID -- samaccountname -- upn -- department - -**NOTE:** The case of the attributes in bold must match the case used in the custom attribute. - -Click **Save** to save the attribute details and close the Add Attribute window. To add another -attribute, click **Save and Add Another**. - -![To Okta option under the Directory Provisioning Tab](/img/product_docs/accessanalyzer/install/application/reports/oktadirectoryprovisioningtookta.webp) - -**Step 5 –** Navigate to the **Directory** menu and click on the **Provisioning** tab. Click **To -Okta**. - -![Okta Show Unmapped Attributes](/img/product_docs/accessanalyzer/install/application/reports/oktashowunmappedattributes.webp) - -**Step 6 –** Locate and map the attributes that were added for the profile by clicking the -**Pencil** icon to edit attributes. To locate the attributes, scroll down and select **Show Unmapped -Attributes**. - -![Okta Unmapped Attribute configuration window](/img/product_docs/accessanalyzer/install/application/reports/oktaunmappedattributeconfigscreen.webp) - -**Step 7 –** Click the pencil icon for **SID**, **upn**, and **samAccountName** to map the -attributes. They will display in the mapped section. - -**Step 8 –** Click **Save** and return to the **Okta Attribute Mappings** page. - -![Okta Attribute Mappings Force Sync](/img/product_docs/accessanalyzer/install/application/reports/oktaattributemappingsforcesync.webp) - -**Step 9 –** On the Okta Attribute Mappings page, click **Force Sync**. The new attributes will -display for any user under the profile. - -To configure Okta Multi-Factor Authentication, see the -[Setting Up Multi-Factor Authentication](#setting-up-multi-factor-authentication) topic for -additional information. - -## Setting Up Multi-Factor Authentication - -Follow the steps to configure multi-factor-authentication for Access Analyzer: - -![Okta MFA App Sign on Rule window](/img/product_docs/accessanalyzer/install/application/reports/oktamfaappsignonrule.webp) - -**Step 1 –** Navigate to the **Sign On Policy** page and click **Add Rule**. The App Sign On Rule -opens. Configure the following options: - -- Rule Name – Name of the rule -- Conditions – Select whether the rule applies to either the **Users assigned to this app** or **The - following groups and users**. - -![Okta MFA App Sign on Rule window Access section](/img/product_docs/accessanalyzer/install/application/reports/oktamfaappsignonruleaccess.webp) - -**Step 2 –** Scroll down to the Access section. Check the **Prompt for factor** box and select -**Every Sign On**. Click **Save**. - -Multi-Factor Authentication is now configured for Access Analyzer. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/overview.md b/docs/accessanalyzer/12.0/getting-started/installation/application/reports/overview.md deleted file mode 100644 index ac3a7e0460..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/overview.md +++ /dev/null @@ -1,78 +0,0 @@ -# Reports via the Web Console - -The Web Console is where any reports which have been published can be viewed outside of the Access -Analyzer Console. - -- Web Console – This console uses an embedded website for published reports. It provides a - consolidated logon feature for viewing published reports, and accessing the Netwrix Access - Information Center (when installed) and other Netwrix products. - -The Access Analyzer installer places a Web folder at the root of the Access Analyzer directory. This -folder contains the Access Analyzer Web Server (WebServer.exe) that runs on the Access Analyzer -Console upon installation. - -**NOTE:** The Access Analyzer Web Server service must run as an account that has access to the -Access Analyzer database. This may be a different account than the one used to connect Access -Analyzer to the database. If the Access Analyzer Vault service is running, the account running the -Web Server service must be an Access Analyzer Administrator. See the -[Vault](/docs/accessanalyzer/12.0/administration/settings/application/vault.md) topic for additional information. - -The Web folder that the Access Analyzer installer places at the root of the Access Analyzer -directory also contains a `WebServer.exe.config` file. This file contains configurable parameters. - -**CAUTION:** If encryption methods have been configured for Kerberos on the Access Analyzer server -but not on the service account running the Access Analyzer Web Server service, then users will not -be able to log-in to the Web Console and will receive an error message. See the -[Manage Kerberos Encryption Warning for the Web Console](/docs/accessanalyzer/12.0/getting-started/installation/application/reports/kerberos-encryption.md) topic for additional -information on configuring security polices to allow Kerberos encryption. - -## Log into the Web Console - -In order for a user to log into the Web Console, the user’s account must have the User Principal -Name (UPN) attribute populated within Active Directory. Then the user can login using domain -credentials. If multiple domains are being managed by the Netwrix Access Information Center, then -the username needs to be in the `domain\username` format. - -Access to reports in the Web Console can be managed through the Role Based Access feature of Access -Analyzer (**Settings** > **Access**). The Web Administrator role and the Report Viewer role grant -access to the published reports. See the -[Role Based Access](/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md) topic for addition -information. - -**NOTE:** Access to the AIC and other Netwrix products is controlled from within those products. - -The address to the Web Console can be configured within the Access Analyzer Console (**Settings** > -**Reporting**). The default address is `http://[hostname.domain.com]:8082`. From the Access Analyzer -Console server, it can be accessed at `http://localhost/` with any standard browser. To access the -Web Console from another machine in or connected to the environment, replace localhost with the name -of the Access Analyzer Console. See the [Update Website URLs](/docs/accessanalyzer/12.0/getting-started/installation/application/reports/secure.md#update-website-urls) topic -for additional information. - -**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See -the -[Configure JavaScript Settings for the Web Console](/docs/accessanalyzer/12.0/administration/settings/reporting.md#configure-javascript-settings-for-the-web-console) -topic for additional information. - -Follow the steps to login to the Web Console. - -**Step 1 –** To open the Web Console page, use one of the following methods: - -- From the Access Analyzer Console server – Click the Published Reports desktop icon - (`http://localhost:8082`) -- For remote access – Enter one of the following URLs into a web browser: - - http://[machinename]:8082 - - https://[machinename]:8082 - -**NOTE:** The URL that is used may need to be added to the browser’s list of trusted sites. - -![Web Console Login page](/img/product_docs/accessanalyzer/install/application/reports/webconsolelogin.webp) - -**Step 2 –** Enter your **User Name** and **Password**. Click **Login**. - -![Web Console Home page](/img/product_docs/accessanalyzer/install/application/reports/webconsolehome.webp) - -The home page shows the solutions with published reports available. See the -[Web Console](/docs/accessanalyzer/12.0/reporting/view.md#web-console) topic for information on using the Web -Console. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/secure.md b/docs/accessanalyzer/12.0/getting-started/installation/application/reports/secure.md deleted file mode 100644 index 03b84af18c..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/secure.md +++ /dev/null @@ -1,248 +0,0 @@ -# Securing the Web Console - -Published reports can be accessed in the Web Console. There are several options for enhancing -security. - -Additional configuration options for enhanced security include: - -- Enable SSL – The `BindingUrl` parameter shows the port used by the Access Analyzer web server for - SSL reports. If SSL is enabled, the value will be HTTPS instead of HTTP. -- Enable Multiple Domain Access – The `AuthenticationDomains` parameter allows the Web Console to be - accessed from multiple domains. By default this parameter is blank, allowing only domain users - from the domain where the Access Analyzer Console resides to access the Web Console. -- Enable Single Sign-On – The `WindowsAuthentication` parameter allows domain users to be - automatically logged into the Web Console. By default this parameter is set to `false`, which - requires domain users to login each time the Web Console is accessed. See the - [Enable Single Sign-On](/docs/accessanalyzer/12.0/getting-started/installation/application/reports/sso.md) topic for additional information. - - **NOTE:** The Web Console also supports using Microsoft Entra ID single sign-on. See the - [Microsoft Entra ID Single Sign-On](/docs/accessanalyzer/12.0/getting-started/installation/application/reports/entra-id-sso.md) topic for additional information. - -These parameters can be configured within the **WebServer.exe.config** file in the Web folder of the -Access Analyzer installation directory `…\STEALTHbits\StealthAUDIT\Web`. - -## Enable SSL for the Web Console - -To enable Secure Sockets Layer (SSL) for secure, remote connections to the Web Console it is -necessary to bind a certificate to the port. See the -[Use a Self-Signed Certificate for SSL](#use-a-self-signed-certificate-for-ssl) topic for more -information. Follow the steps on the server where Access Analyzer is installed to enable SSL for the -Web Console. - -**NOTE:** The following steps require a certificate to be available. Organizations typically have -one or more system administrators responsible for Public Key Infrastructure (PKI) and certificates. -To continue with this configuration it will first be necessary to confer with the PKI administrator -to determine which certificate method will conform to the organization’s security policies. -Optionally, see [Use a Self-Signed Certificate for SSL](#use-a-self-signed-certificate-for-ssl) for -an Administrator PowerShell command which will both create and import a self-signed certificate. - -**Step 1 –** Import the certificate to the hosting server using the Certificate Management MMC -snap-in. - -**NOTE:** If using a self-signed certificate, it will also need to be imported. - -**Step 2 –** Create an SSL binding. It is necessary to use the certificate’s **Hash** value for the -`$certHash` value: - -**NOTE:** The following Administrator PowerShell dir command can be run on the certificate's “drive” -to find the **Hash** value of a certificate which was already created and the output will include -the Thumbprint (**Hash**) value and the certificate name: - -``` -dir cert:\localmachine\my -``` - -- Run the following command using Administrator PowerShell to create the SSL binding, with the - appropriate `certHash` value: - - ``` - $guid = "bdd5710f-7cbe-4f85-b8c1-da4bddf485a8" - $certHash = "80F78FD2566793D2F39E748CDF6DED09B6F57A82" # the 'Thumbprint' value - $ip = "0.0.0.0" # this means all IP addresses - $port = "8082" # the default HTTPS port - "http add sslcert ipport=$($ip):$port certhash=$certHash appid={$guid}" | netsh - ``` - -**Step 3 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is -located within the Web folder of the Access Analyzer installation directory. - -![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfig.webp) - -**Step 4 –** Change the value for the `BindingUrl` parameter from `http` to `https`: - -``` - -``` - -- After changing the `BindingUrl` value in the **WebServer.exe.config** file, the Website URL must - be updated to match the new value in the following places: - - Access Analyzer's **Settings** > **Reporting** node - - Access Analyzer's Published Reports Desktop icon properties - - See the [Update Website URLs](#update-website-urls) topic for additional information. - -**Step 5 –** Save and close the file. - -**Step 6 –** Navigate to Services (`services.msc`). Restart the Netwrix Access Analyzer (formerly -Enterprise Auditor) Web Server service. - -**NOTE:** If also using the AIC, then SSL needs to be enabled for the AIC using this certificate. -See the Securing the AIC section of the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -The Web Console has been enabled for SSL communication. Access it using the server’s fully qualified -domain name and the HTTPS port (`https://[hostname.domain.com]:8082`). If a self-signed certificate -was used, then the client-side access to the Web Console will generate a Certificate error. See the -[Add the Certificate for Client-Side Access](#add-the-certificate-for-client-side-access) topic for -additional information. - -### Update Website URLs - -If the Binding URL value is updated in Access Analyzer's **WebServer.exe.config** file, the Website -URL must be updated to match the new value in the following places: - -- Access Analyzer's Reporting node (**Settings** > **Reporting**) -- Access Analyzer's Published Reports Desktop icon properties - -Update the Website URL in the Reporting Node - -Follow the steps to update the Website URL in the **Settings** > **Reporting** node. - -**Step 1 –** Expand **Settings** and select the **Reporting** node. - -![Access Governance Reporting Settings page](/img/product_docs/accessanalyzer/install/application/reports/websiteurlreporting.webp) - -**Step 2 –** In the **Website URL** box, update the URL to: `https://[hostname.domain.com]:8082` - -**Step 3 –** Click **Save**. - -The Website URL is now updated. - -Update the URL in the Published Reports Desktop Icon Properties - -Follow the steps to update the URL in the Published Reports desktop icon's Published Report's -Properties window. - -**Step 1 –** Right click on the **Published Reports** desktop shortcut and click **Properties**. - -![Published Reports desktop icon properties](/img/product_docs/accessanalyzer/install/application/reports/publishedreportsproperties.webp) - -**Step 2 –** On the **Web Document** tab, update the **URL** in the text box to: -`https://localhost:8082/` - -**Step 3 –** Click **Apply** and then **OK** to exit. - -The URL is now updated. - -### Remove Certificate from the Port - -Remove or unbind the certificate from the port by running the following Administrator PowerShell -command: - -``` -netsh http delete sslcert ipport=0.0.0.0:8082 # ip and port used when binding -``` - -### List SSL Certificate Bindings - -You can run the following PowerShell command to list all SSL certificate bindings and use this to -validate which certificates are bound to specific ports: - -``` -netsh http show sslcert -``` - -## Use a Self-Signed Certificate for SSL - -If you want to use a self-signed certificate, use the `New-SelfSignedCertificate` cmdlet, which is -available in Administrator PowerShell 3.0+ to generate and import the certificate: - -``` -New-SelfSignedCertificate -DnsName machinename.domain.com -CertStoreLocation Cert:\LocalMachine\My -``` - -The output will show this info: - -`Thumbprint                                Subject` - -`----------                                -------` - -`80F78FD2566793D2F39E748CDF6DED09B6F57A82  CN=machinename.domain.com` - -The Thumbprint value is the certificate **Hash** value to be used when binding to the port. The port -can be the same as in HTTP (8082). Use this **Hash** value for Step 2 of the -[Enable SSL for the Web Console](#enable-ssl-for-the-web-console) instructions. - -Creation and import of the self-signed certificate can be validated in Microsoft Management Console. -Follow these steps to confirm the certificate is in Microsoft Management Console. - -**Step 1 –** Open Microsoft Management Console (`mmc.exe`). - -![Microsoft Management Console Certificates snap-in](/img/product_docs/accessanalyzer/install/application/reports/certificateaddsnapin.webp) - -**Step 2 –** Select **File** > **Add/Remove Snap-in**. The Add or Remove Snap-ins window opens. -Select **Certificates**, and click **Add**. Then select **Computer account** in the Certificates -snap-in window. - -![Microsoft Management Console Certificates snap-in Select Computer dialog](/img/product_docs/accessanalyzer/install/application/reports/certificateselectcomputer.webp) - -**Step 3 –** Click **Next** and select **Local computer**. Click **Finish**. - -![Microsoft Management Console Certificates Add or Remove Snap-ins window](/img/product_docs/accessanalyzer/install/application/reports/certificatesnapins.webp) - -**Step 4 –** The certificate will appear in the Selected snap-ins list in the Add or Remove Snap-ins -window. Click **OK** to close the window. - -**Step 5 –** Navigate to **Certificates** > **Personal** > **Certificates**. The certificate should -show in the pane on the right. - -The self-signed certificate was created and imported. Repeat these steps for each client-side host. - -### Add the Certificate for Client-Side Access - -When you open the Web Console with SSL enabled, the web browser shows a Your connection isn't -private warning message. This can be removed by importing the certificate onto the client server. - -Follow the steps to remove the certificate error. - -**Step 1 –** Open the Web Console in your browser. - -![Your connection isn't private warning in Microsoft Edge](/img/product_docs/accessanalyzer/install/application/reports/certificateconnectionnotprivate.webp) - -**Step 2 –** Click **Advanced**, and then use the link to continue to the site. This loads the main -page of the Web Console. - -![Access Certificat Viewer from Not Secure error in Microsoft Edge address bar](/img/product_docs/accessanalyzer/install/application/reports/certificatenotsecureerror.webp) - -**Step 3 –** Click the **Not Secure** warning in the browser's address bar. Open the Certificate -Viewer from the warning details. - -- In Microsoft Edge, click the **Your Connection to this site isn't secure** section, and then click - the certificate icon. -- In Google Chrome, click **Certificate is not valid**. - -![Web browser Certificate Viewer window](/img/product_docs/accessanalyzer/install/application/reports/certificateviewer.webp) - -**Step 4 –** On the Details tab of the Certificate Viewer, click **Export**. Save the security -certificate and close the Certificate Viewer. - -![Certificate window](/img/product_docs/accessanalyzer/install/application/reports/certificatewindow.webp) - -**Step 5 –** Navigate to the save location from the previous step and open the exported security -certificate. On the Certificate window, click **Install Certificate**. The Certificate Import Wizard -opens. - -![Certificate Import Wizard](/img/product_docs/accessanalyzer/install/application/reports/certificateimportwizard.webp) - -**Step 6 –** On the Certificate Import Wizard, select the Store Location as **Local Machine**, and -click **Next**. Keep the default selection of **Automatically select the certificate store based on -the type of certificate**. Navigate through the wizard to save this configuration. A pop-up message -should state that the import was successful. Click **OK** to close out all dialogs. - -![Microsoft Management Console Trusted Root Certification Authorities Certificates](/img/product_docs/accessanalyzer/install/application/reports/addcertificateconsole.webp) - -**Step 7 –** In the Microsoft Management Console, check the **Trusted Root Certification -Authorities** > **Certificates**. The self-signed certificate should now be listed there. - -The client-side access to the Web Console will no longer generate a certificate error. Repeat these -steps for each client-side host. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/sso.md b/docs/accessanalyzer/12.0/getting-started/installation/application/reports/sso.md deleted file mode 100644 index 1bcf76ce0b..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/sso.md +++ /dev/null @@ -1,64 +0,0 @@ -# Enable Single Sign-On - -Single sign-on using Windows authentication allows users to be automatically log into the Web -Console according to the user’s current login session. When opening a session from a different -domain, the user will be prompted for credentials from a pop-up windows. After authenticating, the -user will be automatically logged in the Web Console. - -**NOTE:** The Web Console also supports using Microsoft Entra ID single sign-on. See the -[Microsoft Entra ID Single Sign-On](/docs/accessanalyzer/12.0/getting-started/installation/application/reports/entra-id-sso.md) topic for additional information. - -Follow the steps to enable single sign-on for the Web Console. - -**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is -located within the Web folder of the Access Analyzer installation directory. - -![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigsso.webp) - -**Step 2 –** Change the value for the `WindowsAuthentication` parameter to: - -``` - -``` - -**Step 3 –** Save and close the file. - -**Step 4 –** Navigate to Services (`services.msc`). Restart the Netwrix Access Analyzer (formerly -Enterprise Auditor) Web Server service. - -The Web Console has been enabled for single sign-on. - -## Local Intranet Settings - -Next, configure local intranet settings to enable SSO. This enables users to have authentication -pass through Windows Authentication and bypass SSO configuration Prompts for credentials via Browser -pop-up. - -Follow the steps to configure local intranet settings. - -**Step 1 –** Open Windows Internet Properties (**Control Panel** > **Network and -Internet** > **Internet Options**). - -![ConfigureLocalIntranetSettingsforSSO - 1](/img/product_docs/accessanalyzer/install/application/reports/internetproperties.webp) - -**Step 2 –** Go to the Security tab, and select the **Local Intranet** option. Then, click the -**Sites** button. - -![localintranet](/img/product_docs/accessanalyzer/install/application/reports/localintranet.webp) - -**Step 3 –** Click the **Advanced** button. - -![localintranetadvanced](/img/product_docs/accessanalyzer/install/application/reports/localintranetadvanced.webp) - -**Step 4 –** Enter a domain in the **Add this website in the zone** field. Ensure the fully -qualified domain name is in the following format: `https://..com` - -**Step 5 –** Click the **Add** button. Close the Local intranet window. - -**Step 6 –** On the Internet Properties window, click the **Apply** button. - -Authentication will now pass through Windows Authentication and bypass SSO configuration Prompts for -credentials via Browser pop-up - -**NOTE:** A list of allowed authentication servers can also be configured using the -AuthServerAllowList policy. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/timeout.md b/docs/accessanalyzer/12.0/getting-started/installation/application/reports/timeout.md deleted file mode 100644 index e1ea1ae1cb..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/reports/timeout.md +++ /dev/null @@ -1,25 +0,0 @@ -# Timeout Parameter for the Web Console - -The Web Console is configured with a default timeout parameter of 15 minutes. This can be configured -within the **WebServer.exe.config** file in the Web folder of the Access Analyzer installation -directory: - -…\STEALTHbits\StealthAUDIT\Web - -Follow the steps to modify the timeout parameter for the Web Console. - -**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. - -![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigtimeout.webp) - -**Step 2 –** Change the value for the `SessionTimeout` parameter to the desired number of minutes: - -``` - -``` - -**Step 3 –** Save and close the file. - -The Web Console session will timeout after this many minutes of inactivity. This value will take -precedence over session timeout values set within the product consoles, for example the AIC, when -accessed through the Web Console. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/update-license.md b/docs/accessanalyzer/12.0/getting-started/installation/application/update-license.md deleted file mode 100644 index f15f61fd6b..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/update-license.md +++ /dev/null @@ -1,59 +0,0 @@ -# Update License Key - -It is necessary to install a new license key for an existing Access Analyzer installation due to the -following: - -- To renew a Access Analyzer license that is due to expire -- To grant access to additional Solutions -- To enable Sensitive Data Discovery - -In these situations it is possible to update the license file without going through the full -installation process. - -## Install a New License File - -Follow the steps to update the Access Analyzer license key without installing a new version of the -Access Analyzer Console. - -**Step 1 –** Ensure the new `StealthAUDIT.lic` license file is stored locally on the Access Analyzer -Console server in order to be referenced during the installation process. - -![Windows Control Panel Uninstall or change a program window](/img/product_docs/accessanalyzer/install/application/controlpaneluninstall.webp) - -**Step 2 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and -Features**), select the Access Analyzer application and click **Change**. - -![Setup Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -**Step 3 –** On the Welcome page, click **Next**. - -![Setup Wizard Change, Repair, or Remove Installation page](/img/product_docs/accessanalyzer/install/application/change.webp) - -**Step 4 –** On the Change, Repair, or Remove Installation page, click **Change**. - -| | | | -| --------------------------------------------------------------------------------------------- | --- | ------------------- | -| ![License File page](/img/product_docs/accessanalyzer/install/application/licensemapped.webp) | -| Default License File Page | | Mapped License File | - -**Step 5 –** On the License File page, click **Browse** and navigate to the **StealthAUDIT.lic** -file. It must be stored on the Access Analyzer Console server before the installation begins. When -the path to the file is visible in the text box, click **Next**. The license will be imported. - -![License Features page](/img/product_docs/accessanalyzer/install/application/licensefeatures.webp) - -**Step 6 –** The License Features page displays a list of all features covered by the imported -license. It also displays the name of the organization which owns the license, the expiration date, -and the host limit. These are the features that will be installed. Click **Next**. - -![Setup Wizard Ready to change page](/img/product_docs/activitymonitor/activitymonitor/install/ready.webp) - -**Step 7 –** On the Ready to Change Access Analyzer page, click **Change** to begin the update. - -![Setup Wizard Completed page](/img/product_docs/threatprevention/threatprevention/install/reportingmodule/completed.webp) - -**Step 8 –** When the installation has completed, click **Finish** to exit the wizard. - -The new license file has been imported. If the license granted access to any additional solutions, -they will now be accessible from within the Access Analyzer Console. If the new license added -Sensitive Data Discovery, the necessary components for Sensitive Data Discovery have been installed. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/overview.md b/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/overview.md deleted file mode 100644 index 670af472be..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/overview.md +++ /dev/null @@ -1,77 +0,0 @@ -# Access Analyzer Console Upgrade - -Access Analyzer 12.0 uses the Upgrade Wizard. For upgrades from versions of Access Analyzer that are -no longer supported, contact [Netwrix Support](https://www.netwrix.com/support.html) for assistance. - -**NOTE:** If any customizations have been done by a Netwrix Engineer, please ensure custom work is -not lost during the upgrade process. While using the Upgrade Wizard, customizations are archived -prior to solution upgrades. These archives are available after the solution upgrades have been -completed. Contact [Netwrix Support](https://www.netwrix.com/support.html) for additional -information. - -The purpose of this document is to provide the basic steps needed for upgrading Access Analyzer and -the stock solutions. Contact [Netwrix Support](https://www.netwrix.com/support.html) for additional -information. - -See the [What's New](/docs/accessanalyzer/12.0/whatsnew.md) topic for release information. - -## Considerations - -NEAUsers Group for Role Based Access - -Access Analyzer 12.0 introduces a new NEAUsers local group for Role Based Access (RBA). This -replaces using the local users group to assign users the necessary permissions on the Access -Analyzer application directory. If you already have Role Based Access enabled in the previous -version of Access Analyzer, then during the first initialization of Access Analyzer 12.0 the -following happens: - -- The NEAUsers local group is created on the Access Analyzer Console server, and is given the - required permissions on the Access Analyzer application (StealthAUDIT) folder -- Existing configured RBA users are added to this new NEAUsers group - - **NOTE:** The Web Administrator and Report Viewer roles do not require access to the Access - Analyzer console, so users assigned these roles are not added to the NEAUsers group. - - **NOTE:** Adding a user to the NEAUsers group does not apply to the Web Service access type, it - only gives Console access. - -- The local users group is removed from the Access Analyzer application folder permissions - -For this process to complete successfully, on first launch the user running Access Analyzer must -have local administrator rights. Otherwise, an exception will be thrown during the initialization. - -Multiple Access Analyzer Consoles Connecting to the Same Database - -In environments where multiple Access Analyzer Consoles are using the same SQL Server database, -every console using the database must also be updated. The act of connecting a Access Analyzer -Console with a newer version to a database updates the database’s schema pursuant to the new -definition. If a Access Analyzer Console with an older version connects to the same database after -the schema has been updated, corruption to Access Analyzer’s system tables can result. - -SQL Server Supported Version Change for the Access Analyzer Database - -With the release of Access Analyzer v12.0, SQL Server 2016 through SQL Server 2022 are the supported -versions for the Access Analyzer database. - -To grant access to additional Solutions in an existing Access Analyzer installation, a new license -key is required. To update the Access Analyzer license key without installing a new version of the -Access Analyzer Console, see the [Update License Key](/docs/accessanalyzer/12.0/getting-started/installation/application/update-license.md) topic for instructions. - -License Key Changes - -The following changes in licensing requires the organization needing a new key: - -- Access Analyzer v12.0 - - - No additional licenses are required for this version - -- Enterprise Auditor v11.6 - - - No additional licenses are required for this version - -- StealthAUDIT v11.5 - - - No additional licenses are required for this version - -See the [Update License Key](/docs/accessanalyzer/12.0/getting-started/installation/application/update-license.md) section for instructions on updating the license -key. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/solution-considerations.md b/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/solution-considerations.md deleted file mode 100644 index 268050dc3d..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/solution-considerations.md +++ /dev/null @@ -1,115 +0,0 @@ -# Solution Upgrade Considerations - -The following items must be taken into consideration for upgrades: - -Access Information Center - -- Should be upgraded at the same time as Access Analyzer. - - **NOTE:** The Access Analyzer upgrade should be completed first. - -See the Upgrade Procedure for Access Analyzer topic in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter)[ ](https://www.stealthbits.com/jdownloads/Documentation%20User%20Guides%20PDF/Stealthbits_AIC_InstallConfigGuide.pdf)for -instructions. - -Sensitive Data Discovery - -- In Access Analyzer 12.0 the Sensitive Data Discovery features are included in the standard - installations when your license includes it. If you have the old Sensitive Data Discovery Add-On - installed from a previous Access Analyzer version, then you must manually uninstall it from the - Access Analyzer Console server, and any File System proxy and SharePoint Agent servers where it is - installed, before proceeding with the upgrade. - - **CAUTION:** The new global settings will overwrite any previously configured criteria. Make a - note of any configured Sensitive Data Criteria before upgrading Access Analyzer. Sensitive Data - Criteria must be reconfigured after an upgrade. - -- Sensitive Data Criteria selection is configured globally and used by default in all solution sets. - See the [Configure Global Sensitive Data Settings](#configure-global-sensitive-data-settings) for - additional information. - -Active Directory Solution Considerations - -- The Active Directory solution by default upgrades as **Upgrade in Place**. Do not change this - upgrade option. After completing the upgrade, you need to manually add the new **Active - Directory** > **7. Certificate Authority** job group from the `InstantSolutions` directory. -- For Activity – Ensure the Netwrix Activity Monitor is a compatible version. See the Upgrade - Instructions in the - [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) - for additional information. - -File System Solution Considerations - -- For Proxy Mode as a Service – File System Proxy Service needs to be updated on the proxy servers. - See the [Upgrade Proxy Service Procedure](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/upgrade.md) topic for - instructions. -- For Activity – Ensure the Netwrix Activity Monitor is a compatible version. See the Upgrade - Instructions in the - [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) - for additional information. - -SharePoint Solution Considerations - -- For SharePoint Agent – Access Analyzer SharePoint Agent needs to be updated on the SharePoint - server where it was installed. See the - [Upgrade SharePoint Agent](/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/upgrade.md) section for instructions. -- For Activity – Ensure the Stealthbits Activity Monitor is a compatible version. See the Upgrade - Instructions in the - [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) - for additional information. - -The following binary component versions are required for Access Analyzer v12.0: - -| Component | Version | -| -------------------------------- | ------- | -| Access Information Center | 12.0 | -| Netwrix Activity Monitor | 8.0 | -| File System Proxy Service | 12.0 | -| Access Analyzer SharePoint Agent | 12.0 | - -## File System Solution Upgrade - -After upgrading to Access Analyzer 12.0, run the latest version of the **File System** > -**0.Collection** > **0-Create Schema** job to migrate the File System Solution to the latest -database schema. - -This database schema migration should be performed before running other jobs in the File System -Solution after upgrading to Access Analyzer 12.0. - -See the [File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) topic for additional -information. - -## Configure Global Sensitive Data Settings - -**CAUTION:** The new global Settings will overwrite any previously configured criteria. Make a note -of any configured Sensitive Data Criteria before commencing the upgrade Access Analyzer. Sensitive -Data Criteria must be reconfigured after an upgrade. - -If Sensitive Data Criteria are configured differently for each solution, re-configure the criteria -selection at the solution level. See the topic for the applicable solution for additional -information. - -If the same Sensitive Data Criteria are used for all solutions, configure the criteria selection at -the global **Settings** > **Sensitive Data** node, which will then be used by default in all -solutions. The Sensitive Data node provides configuration options to manage Sensitive Data Criteria -and false positive exclusion filters. See the -[Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) topic for additional -information. - -Follow the steps to configure Sensitive Data Criteria at the global level. - -![Global Settings Sensitive Data node](/img/product_docs/accessanalyzer/install/application/upgrade/sensitivedata.webp) - -**Step 1 –** If the same Sensitive Data Criteria are used for all solutions, configure the criteria -selection at the global Settings level, which will then be used by default in all solution sets. -Navigate to the **Settings** > **Sensitive Data** node and click **Add** to open the Select Criteria -window. - -![Sensitive Data Select Criteria window](/img/product_docs/accessanalyzer/install/application/upgrade/selectcriteria.webp) - -**Step 2 –** Select the desired criteria. Use the **Search Criteria** text field to filter the list -using keywords or expand each category to view and select individual Sensitive Data search criteria, -then click **OK**. - -By default, Sensitive Data Criteria configured at the global Settings level is inherited down to the -applicable solutions. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/wizard.md b/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/wizard.md deleted file mode 100644 index a5a5b3b1c5..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/wizard.md +++ /dev/null @@ -1,154 +0,0 @@ -# Access Analyzer Core Upgrade Instructions - -**CAUTION:** If Role Based Access has been enabled, a user with the Administrator role must perform -the upgrade. Other user roles do not have the necessary permissions to perform upgrades. - -Follow the steps to upgrade to Access Analyzer 12.0 on the same server where an older version of -Access Analyzer is installed. - -**NOTE:** If any customizations have been done by a Netwrix Engineer, please ensure the custom work -is not lost during the upgrade process. While using the Upgrade Wizard, customizations are archived -prior to solution upgrades. These archives are available after the solution upgrades have been -completed. Contact [Netwrix Support](https://www.netwrix.com/support.html) for additional -information. - -**CAUTION:** The new global Settings will overwrite any previously configured Sensitive Data -criteria. Make a note of any configured Sensitive Data Criteria before upgrading Access Analyzer. -Sensitive Data Criteria must be reconfigured after an upgrade. See the -[Configure Global Sensitive Data Settings](/docs/accessanalyzer/12.0/getting-started/installation/application/upgrade/solution-considerations.md#configure-global-sensitive-data-settings) -topic for additional information. - -![Windows Control Panel Uninstall or change a program window](/img/product_docs/accessanalyzer/install/application/controlpaneluninstall.webp) - -**Step 1 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and -Features**), uninstall the previous version of Access Analyzer. Jobs, application configuration -files, and reports remain in the installation directory after the uninstall process. - -**NOTE:** If you have the old Netwrix Sensitive Data Discovery Add-On installed, you must uninstall -it before continuing with this upgrade. For Access Analyzer 12.0, Sensitive Data Discovery is -installed as part of the main installation if your license includes it. - -- The `WebServer.exe.config` file is automatically retained in a Backup folder created under the Web - folder of the installation directory. Any custom application settings contained in this file are - kept as part of this upgrade process. - -![Setup Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -**Step 2 –** Install Access Analyzer 12.0. See the [Access Analyzer Core Installation](/docs/accessanalyzer/12.0/getting-started/installation/application/wizard.md) -topic for detailed instructions. - -- Before installation, ensure the new `StealthAUDIT.lic` license file is stored locally on the - Access Analyzer Console in order to be referenced during the installation process -- Access Analyzer is installed to the following directory by default: `…\STEALTHbits\StealthAUDIT` - - If another installation path is designated, please be sure to leave `STEALTHbits\StealthAUDIT` - as the path suffix in the installation wizard. - -- During the installation, any customizations to the settings in the `WebServer.exe.config` file are - automatically restored from the backup file retained when installing the previous version. The - `../Web/Backup` folder is deleted after the settings have been restored. - -After the installation is completed, the upgrade wizard launches from the Access Analyzer desktop -icon. - -## Upgrade Wizard - -Once the Access Analyzer installation process is complete, it is necessary to go through the Upgrade -Wizard. There are three Upgrade options for a solution: - -- Full Upgrade – Performs a full synchronization of the directory and file structure of the solution - to mirror the Instant Solution -- Upgrade in place – Performs file content updates of jobs matching the Instant Solutions but does - not change the Jobs tree structure -- Do not upgrade – No upgrade is performed, leaving the previous version of the solution - -The default settings configured within the Advanced Upgrade Options window align with the best -practices of the Netwrix Professional Services and Support teams. - -The Upgrade Wizard conducts the following actions according to the State identified and whether the -Upgrade action is set to **Full Upgrade** or **Upgrade in place**: - -| State | Condition | Action: Full Upgrade | Action: Upgrade in place | -| -------- | ----------------------------------------------------------------------------------- | -------------------- | ------------------------ | -| Normal | Job exists in Locked state and has matching ID in Instant Solutions | Upgrade | Upgrade | -| New | Job exists in Instant Solutions but not in the Jobs tree for an existing solution | Install | Install | -| Removed | Job exists in Locked state in the Jobs tree but does not exist in Instant Solutions | Delete | Nothing | -| Copied | Original job exists in original location, but multiple instances of the job exists | Delete | Upgrade | -| Moved | Original job exists but in a different location than in the Instant Solutions | Move & Upgrade | Upgrade | -| Renamed | Job found via ID match but was renamed | Rename & Upgrade | Upgrade | -| Conflict | Changes have been made to the job | Overwrite | Overwrite | - -Conflicts are identified when customizations have been made by either a user or a Netwrix engineer. -Conflicts need to be either resolved prior to the upgrade action or manually applied after the -upgrade is complete. Conflict resolution can be done on the Changes window by undoing a -customization. However, if the conflict is undone prior to a solution upgrade, then the -customization will not be archived. - -**CAUTION:** If Role Based Access has been enabled, a user with the Administrator role must perform -the upgrade. Other user roles do not have the necessary permissions to perform upgrades. - -Follow the steps to use the Upgrade Wizard. - -**Step 1 –** Launch the Access Analyzer application. The installation wizard placed the Access -Analyzer icon on the desktop. - -![Configuration Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -**Step 2 –** The Access Analyzer Configuration Wizard opens. Click **Next** to continue. - -**NOTE:** When Access Analyzer12.0 is installed on a server where a previous version of Access -Analyzer had been installed, the Version Selection page of the Configuration Wizard will not appear. - -![Configuration Wizard Solution Set Files page with conflicts](/img/product_docs/accessanalyzer/install/application/upgrade/solutionsetfiles.webp) - -**Step 3 –** On the Solution Set Files page, only upgrade conflicts are displayed by default. - -**_RECOMMENDED:_** Investigate the changes where conflicts have been identified before proceeding. - -**Step 4 –** (Optional) Select an item with the Conflict State and click **View conflicts** to open -the Changes window. - -Additional options include: - -- Show upgrade conflicts only – Displays upgrade actions for all solutions -- Advanced – Opens the Advanced Upgrade Options window to view or modify the Upgrade option per - solution - -![View conflicts in the Changes window](/img/product_docs/accessanalyzer/install/application/upgrade/changes.webp) - -**Step 5 –** (Optional) Conflicts can be resolved on the Changes window, which is opened by the -**View conflicts** button. Remember, if the conflict is resolved prior to a solution upgrade, then -the customization will not be archived. To resolve a conflict, select it from the list and click -**Undo**. - -**Step 6 –** When the Upgrade options have been set as desired. Click **Next**. - -![Configuration wizard Options page](/img/product_docs/accessanalyzer/install/application/options.webp) - -**Step 7 –** On the Options page, select whether to send usage statistics to Netwrix to help us -improve our product. After the Usage Statistics option is set as desired, click **Next** to -continue. - -- If selected, usage statistics are collected and sent to Netwrix - - - Upon startup of the Access Analyzer console, the system checks if usage statistics have been - sent in the last 7 days. If they have not been, stored procedures run against the Access - Analyzer database and gather data about job runs, access times, and environmental details like - resource counts, users counts, number of exceptions, and so on. This data is then sent back to - Netwrix to help us identify usage trends and common pain points, so that we can use this - information to improve the product. - - Only anonymous statistic-level data is included. No private company or personal data is - collected or sent to Netwrix. - -- If cleared, no usage statistics are collected or sent to Netwrix - -![Configuration Wizard Progress page](/img/product_docs/accessanalyzer/install/application/upgrade/progress.webp) - -**Step 8 –** The Upgrade Progress page opens and displays the progress of the upgrade actions. When -the action completes, click **Finish**. - -The Upgrade Wizard closes, and Access Analyzer launches. The archived Jobs directory is in a ZIP -file located within the Jobs directory: `…\STEALTHbits\StealthAUDIT\Jobs`. - -The ZIP file name reflects the date and time of the upgrade. For example, the file name for an -upgrade performed on June 4, 2023 at approximately 6 PM would be: `20230604180542.zip`. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/application/wizard.md b/docs/accessanalyzer/12.0/getting-started/installation/application/wizard.md deleted file mode 100644 index 5e490681f5..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/application/wizard.md +++ /dev/null @@ -1,59 +0,0 @@ -# Access Analyzer Core Installation - -Save the organization’s Access Analyzer license key, received from your Netwrix Sales -Representative, to the server where Access Analyzer is to be installed. Then follow the steps to -install Access Analyzer. - -**NOTE:** The process explained in this topic assumes that both the downloaded binary and the -license (.lic) file are located on the server which will become the Access Analyzer Console. - -**CAUTION:** If User Account Control (UAC) is enabled on the server, ensure the installation package -is run in Administrative/privilege mode. - -**Step 1 –** Run the **Netwrixaccessanalyzer.exe** executable to open the Access Analyzer Setup -Wizard. - -![Setup Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page, click **Next** to begin the installation. - -![ End User License Agreement](/img/product_docs/activitymonitor/activitymonitor/install/eula.webp) - -**Step 3 –** On the End-User License Agreement page, read the End User License Agreement, then check -the **I accept the terms in the License Agreement** box and click **Next**. - -![Destinations Folder page](/img/product_docs/accessanalyzer/install/filesystemproxy/destination.webp) - -**Step 4 –** On the Destination Folder page, click **Change** to select the folder location to -install Access Analyzer. The default destination folder is -`C:\Program Files (x86)\STEALTHbits\StealthAUDIT\`. Click **Next** to continue. - -| | | | -| --------------------------------------------------------------------------------------------- | --- | ------------------- | -| ![License File page](/img/product_docs/accessanalyzer/install/application/licensemapped.webp) | -| Default License File Page | | Mapped License File | - -**Step 5 –** On the License File page, click **Browse** and navigate to your **StealthAUDIT.lic** -file. When the path to the file is visible in the textbox, click **Next**. - -**NOTE:** The license file must be stored on the Access Analyzer Console server before the -installation begins. - -![License Features page](/img/product_docs/accessanalyzer/install/application/licensefeatures.webp) - -**Step 6 –** The License Features page displays a list of all features covered by the imported -license. It also displays the name of the organization which owns the license, the expiration date, -and the host limit. These are the features that will be installed. Click **Next**. - -![Ready to install Netwrix Access Governance page](/img/product_docs/activitymonitor/activitymonitor/install/ready.webp) - -**Step 7 –** On the Ready to install Access Analyzer page, click **Install** to begin the -installation. - -![Setup Wizard Completed page](/img/product_docs/threatprevention/threatprevention/install/reportingmodule/completed.webp) - -**Step 8 –** When the installation has completed, click **Finish** to exit the wizard. - -The Access Analyzer Console has been installed, and two desktop icons have been created: Access -Analyzer and Published Reports. Launch the Access Analyzer application to complete the initial -configuration. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/configure-data-collector.md b/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/configure-data-collector.md deleted file mode 100644 index 0e620be72c..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/configure-data-collector.md +++ /dev/null @@ -1,26 +0,0 @@ -# File System Data Collection Configuration for Proxy as a Service - -To employ the proxy mode as a service scan for collecting file system data from the target host, -navigate to the **FileSystem** > **0.Collection** > **…System Scans** jobs and open the File System -Access Auditor Data Collector Wizard from the job’s query. - -On the Applet Settings wizard page, select the following option: - -- Require applet to be running as service on target – Must be selected in the Applet Launch - Mechanism section to prevent the deployment of the applet or the ad hoc installation of the - service during the scan - -On the Scan Server Selection wizard page, select either of the following options: - -- Specific Remote Server – Assigns the data collection processing to the server specified in the - textbox -- Specific Remote Servers by Host List – Assigns the data collection processing to the proxy servers - in the host list selected within the wizard via the **Select Hosts Lists** button - -See the -[FSAA Query Configuration](/docs/accessanalyzer/12.0/data-collection/fsaa/overview.md#fsaa-query-configuration) -topic for additional information. - -**_RECOMMENDED:_** When choosing to use proxy mode as a service for any of the File System Solution -**…System Scans** jobs, set proxy mode as a service for all of the **…System Scans** jobs that are -scheduled to run together. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/overview.md b/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/overview.md deleted file mode 100644 index 9402187058..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/overview.md +++ /dev/null @@ -1,124 +0,0 @@ -# File System Proxy as a Service Overview - -The File System Solution can be enabled to use proxy servers for scanning targeted file systems in -very large or widely dispersed environments. - -When File System scans are run in proxy mode as a service, there are two methods available for -deploying the service: - -- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be - installed on the Windows proxy servers prior to executing the scans. This is the recommended - method. -- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the - Windows proxy server when the job is executed - -The data collection processing is conducted by the proxy server where the service is running and -leverages a local mode-type scan to each of the target hosts. The final step in data collection is -to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to -the Access Analyzer Console server. - -Communication between the Access Analyzer Console Server and the proxy server is secure by default -using HTTPS requests. - -The version of the proxy service must match the major version of Access Analyzer. - -See the [File System Solution](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem.md) topic for information on -the required prerequisites. - -## Supported Platforms - -The File System Proxy Service for the Access Analyzer File System Solution can be installed on the -following Windows operating systems: - -- Windows Server 2022 -- Windows Server 2019 -- Windows Server 2016 - -## Proxy Scanning Architecture - -Access Analyzer is configured by default to process data collection against ten target hosts -simultaneously. When File System scans are run in local mode ten hosts process simultaneously, and -processing against the eleventh host begins after the processing against the first host is -completed. Proxy scanning architecture supports large deployments or widely dispersed environments. - -A proxy server is any server that can be leveraged to process data collection against target hosts. - -**CAUTION:** The File System Proxy Service cannot be installed on the same server as Access -Analyzer. - -Two options are available for implementing the proxy scanning architecture: - -- Proxy mode with applet -- Proxy mode as a service - -### Proxy Mode with Applet - -When File System scans are run in proxy mode with applet, it means the File System applet is -deployed to the Windows proxy server when the job is executed to conduct data collection. The data -collection processing is initiated by the proxy server where the applet is deployed and leverages a -local mode-type scan to each of the target hosts. The final step in data collection is to compress -and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Access -Analyzer Console server. - -![Diagram of Enterprise Auditor server sending an FSAA applet to a proxy server](/img/product_docs/accessanalyzer/install/filesystemproxy/proxymodewithapplet.webp) - -The diagram illustrates the Access Analyzer server sending an FSAA applet to a proxy server, which -runs the scan against a file server, and then returns data to the Access Analyzer server. - -### Proxy Mode as a Service - -When File System scans are run in proxy mode as a service, there are two methods available for -deploying the service: - -- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be - installed on the Windows proxy servers prior to executing the scans. This is the recommended - method. -- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the - Windows proxy server when the job is executed - -The data collection processing is conducted by the proxy server where the service is running and -leverages a local mode-type scan to each of the target hosts. The final step in data collection is -to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to -the Access Analyzer Console server. - -The proxy communication is configured during the installation of the service on the proxy server and -certificate exchange options are configured via the Applet Settings page of the File System Access -Auditing Data Collector Wizard. The credential provided for the secure communications in the -installation wizard is also added to the Access Analyzer Connection Profile assigned to the File -System Solution. - -See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md) topic for additional information. - -![Diagram of Enterprise Auditor server communicating securely with the proxy service on a proxy server](/img/product_docs/accessanalyzer/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp) - -The diagram illustrates the Access Analyzer server communicating securely with the proxy service on -a proxy server, which runs the scan against a file server, collecting the data locally and securely. -Then the proxy service returns data securely to the Access Analyzer server. - -When a proxy mode scan is initiated from the Access Analyzer Console, it will distribute hosts to be -scanned across all proxy hosts. Access Analyzer monitors the scans from the central console. Once -all proxy hosts have completed scanning, all results and SQLite databases are returned to the Access -Analyzer Console server. - -![Diagram of difference between an implementation with and without proxy servers](/img/product_docs/accessanalyzer/install/filesystemproxy/fsaaproxyarchitecture.webp) - -The diagram shows the difference between an implementation of Access Analyzer without proxy servers -(on the left) and with proxy servers (on the right). On the right side of the diagram, the scans -have been configured to use the local host and two additional proxy servers to perform the FSAA Data -Collector scans. This allows it to execute three times as many concurrent hosts than would be -possible without proxy servers. This provides a clear benefit in scalability and scan times. - -The proxy functionality for the FSAA Data Collector provides security and reliability. - -_Remember,_ It is recommended that the File System Proxy Service is installed on the proxy server -before running File System scans in proxy mode as a service. Once installed, the FileSystemAccess -(FSAA) Data Collector must be configured to use the service. See the -[File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/configure-data-collector.md) topic -for additional information. - -## Sensitive Data Discovery Auditing Consideration - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By default, SDD scans are -configured to run two concurrent threads. For example, if the job is configured to scan 8 hosts at a -time with two concurrent SDD threads, then an extra 32 GB of RAM are required (8x2x2=32). diff --git a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/silent-install.md b/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/silent-install.md deleted file mode 100644 index 9a342169f2..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/silent-install.md +++ /dev/null @@ -1,76 +0,0 @@ -# Silent Installer Option for Proxy - -It is possible to use one of the following methods to complete a silent installation of the File -System Proxy Service. - -**CAUTION:** For all Active Directory versions, aside from Windows 2012 R2, the silent installer -does not prompt an error message if a duplicate SPN value exists in the targeted domain for -[Option 1: Run as LocalSystem](#option-1-run-as-localsystem). Having duplicate SPN’s in the targeted -Active Directory environment prohibits connection to the proxy service, resulting in a failed scan. - -If a desired SPN already exists in a Windows 2012 R2 domain, the silent installer displays the -following message: - -> _There is a problem with this Windows Installer package. A script required for this install to -> complete could not be run. Contact your support personnel or package vendor_. - -To resolve the problem, remove the duplicate SPN value and rerun the installer to complete -installation. For any additional issues, verbose logging is included in the silent installer and -creates an `install.txt` file on the desktop. - -## Option 1: Run as LocalSystem - -Follow the steps to install the File System Proxy Service on the targeted proxy servers with a -silent installer. - -**Step 1 –** Copy the `FileSystemProxy.msi` executable to the desktop of the server designated as -the proxy server. - -**Step 2 –** Run the following command: - -``` -msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=SYSTEM -``` - -- To add a non-default install directory, append `PRODUCTDIR="[path]"` to the command. - - - `path` – The path to the desired installation directory and must include - `...\STEALTHbits\StealthAUDIT\FSAA\...` - - For example: - - ``` - msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=SYSTEM PRODUCTDIR="E:\STEALTHbits\StealthAUDIT\FSAA" - ``` - -The SPN value is automatically added to the computer object in Active Directory with this option. - -## Option 2: Run as a Service Account - -Follow the steps to install the File System Proxy Service on the targeted proxy servers with a -silent installer. - -**Step 1 –** Copy the `FileSystemProxy.exe` executable to the desktop of the server designated as -the proxy server. - -**Step 2 –** Run the following command: - -``` -msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=DOMAIN SVC_USERNAME=DOMAIN\USERNAME SVC_PASSWORD="secret" -``` - -- `DOMAIN\USERNAME` – The service account credentials, which need to be a member the Local - Administrators group and have the**Log on as a service** local policy  (**Local Policies** > - **User Rights Assignment**) -- `secret` – The password for the credentials provided above (within quotes) - -- To add a non-default install directory, append `PRODUCTDIR="[path]"` to the command. - - - `path` – The path to the desired installation directory and must include - `...\STEALTHbits\StealthAUDIT\FSAA\...` - - For example: - - ``` - msiexec /i FileSystemProxy.msi/qb /l*v install.log SVC_ACCOUNT_TYPE=DOMAIN SVC_USERNAME=DOMAIN\USERNAME SVC_PASSWORD="secret" PRODUCTDIR="E:\STEALTHbits\StealthAUDIT\FSAA" - ``` diff --git a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/uninstall.md b/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/uninstall.md deleted file mode 100644 index bffea557dc..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/uninstall.md +++ /dev/null @@ -1,19 +0,0 @@ -# Uninstall Proxy Service Process - -The process to properly uninstall the File System Proxy Service is completed through the -uninstalling of the Access Analyzer File System Scanning Proxy program. - -**Step 1 –** Open Control Panel and select **Programs** > **Uninstall a program**. - -![Programs and Features](/img/product_docs/accessanalyzer/install/filesystemproxy/uninstall.webp) - -**Step 2 –** Select Netwrix Access Analyzer (formerly Enterprise Auditor) File System Scanning Proxy -and click **Uninstall**. - -**NOTE:** If the installation was configured to use the LocalSystem account to run the RPC service -the two SPN values are removed for that machine in Active Directory. If the service is running with -a supplied account, the SPN values would need to be manually removed for that machine in Active -Directory (unless the uninstall was completed as part of the -[Upgrade Proxy Service Procedure](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/upgrade.md)). - -When the uninstall process is complete, this program is removed from the list. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/upgrade.md b/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/upgrade.md deleted file mode 100644 index 8729a3a6b3..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/upgrade.md +++ /dev/null @@ -1,59 +0,0 @@ -# Upgrade Proxy Service Procedure - -When the Access Analyzer Console and File System Solution are upgraded, it is necessary to also -upgrade the File System Proxy Service when running Access Analyzer in Proxy Mode as a Service. This -upgrade can be done in two ways: - -- Automatically – An instant job within the Access Analyzer Console -- Manually – On each server hosting the proxy service - -**CAUTION:** When upgrading the Proxy Service to 11.6 from a previous version for the first time, -you must manually uninstall the previous version and follow the [Manual Upgrade](#manual-upgrade) -steps below. Subsequent 11.6 upgrades can be done using the automatic upgrade option. - -**NOTE:** If you have the old Netwrix Sensitive Data Discovery Add-On installed, you must uninstall -it before continuing with this upgrade. For Access Analyzer 12.0, Sensitive Data Discovery is -installed as part of the main installation if your license includes it. - -## Automatic Upgrade - -The **FS_UpdateProxy** Job is available through the Instant Job Wizard. This job updates the File -System Proxy Service on all servers in the assigned host list. Follow the steps to instantiate this -job. - -**Step 1 –** Within the **Jobs** tree, right-click and select **Add Instant Job**. The Instant Job -Wizard window opens. - -**Step 2 –** On the Welcome page, click **Next**. - -![FS_UpdateProxy Job in the Instant Job Wizard](/img/product_docs/accessanalyzer/install/filesystemproxy/updateproxyinstantjob.webp) - -**Step 3 –** On the Instant Job page, locate the **Library Name: File System** category group. -Expand the category and select the **FS_UpgradeProxy** Job. Click **Next**. - -**Step 4 –** On the Host Assignment page, select the **Specify individual hosts or host lists** -option and click **Next**. - -**Step 5 –** On the Host Lists page, assign the host lists containing the proxy servers to be -updated . Multiple host lists can be added. Click Next. - -**Step 6 –** On the Individual Hosts page, click **Next**. - -**Step 7 –** Review the Summary and click either **Save & Exit** or **Save & Run Jobs Now**. - -The proxy does not update until the job is run. Once successfully ran, the servers in the assigned -host lists have been updated. - -## Manual Upgrade - -Follow the steps on the servers hosting the File System Proxy Service. - -![Programs and Features](/img/product_docs/accessanalyzer/install/filesystemproxy/uninstall.webp) - -**Step 1 –** Navigate to Programs and Features (**Control Panel** > **Programs** > **Programs and -Features**). Uninstall the previous version of Access Analyzer File System Scanning Proxy. - -**Step 2 –** Install the new version of the File System Proxy Service. See the -[File System Proxy Service Installation](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md) topic for instructions. - -The File System Solution can now use the proxy architecture for the latest version of the solution. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md b/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md deleted file mode 100644 index b3f1375745..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md +++ /dev/null @@ -1,134 +0,0 @@ -# File System Proxy Service Installation - -The File System Proxy installer is designed to simplify the process of setting up File System -Scanning Proxy as a service on the designated proxy server. It is a best practice to use a -specifically provisioned domain account as the File System Proxy service account. Follow the steps -to install the FSAA service on the targeted proxy servers. - -**Step 1 –** Run the `FileSystemProxy.exe` executable. The Netwrix Access Analyzer (formerly -Enterprise Auditor) File System Scanning Proxy Setup wizard opens. - -![File System Proxy Setup Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page, click **Next** to begin the installation. - -![File System Proxy Setup Wizard End-User License Agreement page](/img/product_docs/activitymonitor/activitymonitor/install/eula.webp) - -**Step 3 –** On the End-User License Agreement page, select the **I accept the terms in the License -Agreement** checkbox and click **Next**. - -![File System Proxy Setup Wizard Destination Folder page](/img/product_docs/accessanalyzer/install/filesystemproxy/destination.webp) - -**Step 4 –** On the Destination Folder page, click **Next** to install to the default folder or -click **Change** to select a different location. Clicking **Change** opens the Change destination -folder page. - -![File System Proxy Setup Wizard Change destination folder page](/img/product_docs/activitymonitor/activitymonitor/install/agent/changedestination.webp) - -On the Change destination folder page, choose a different destination folder for the installation. - -- Look in – Select which folder or sub-folder to complete installation in using the Look in - drop-down -- Up one level – Click the Up one level button to select the folder one level above the currently - selected one -- Create a new folder – Click to create a new folder for the destination of the installation - -Click **OK** to save changes or click **Cancel** to return to the Destination Folder page without -saving. - -![File System Proxy Setup Wizard Configure Service page](/img/product_docs/accessanalyzer/install/filesystemproxy/configureservice.webp) - -**Step 5 –** On the Configure Service page, configure the credential to run the service using the -radio buttons. Then, click **Next**. - -- Run as LocalSystem – Uses the local system to run the File System Proxy service -- Run as a service account – Uses the provisioned credentials provided in the **User Name** and - **Password** fields to run the File System Proxy service. Remember, this account must be a local - Administrator on the proxy server and have the Log on as a service privilege in the proxy server's - Local Security Policy. - -![File System Proxy Setup Wizard Ready to install page](/img/product_docs/activitymonitor/activitymonitor/install/ready.webp) - -**Step 6 –** On the Ready to install page, click **Install** to start installation. - -![File System Proxy Setup Wizard Completed page](/img/product_docs/activitymonitor/activitymonitor/install/complete.webp) - -**Step 7 –** When the installation completes, click **Finish** to exit the wizard. - -**NOTE:** If the File System Proxy Service is installed on multiple servers, then a custom host list -of proxy servers should also be created in Netwrix Access Analyzer (formerly Enterprise Auditor). - -Once the File System Proxy Service has been installed on any proxy server, it is necessary to -configure the File System Solution certificate exchange method for Proxy Mode as a Service. See the -[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/12.0/data-collection/fsaa/certificate-management.md) -topic for additional information. - -## Custom Parameters for File System Proxy Service - -The port and priority parameters can be modified for the File System Proxy Service on the registry -key: - -HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\StealthAUDITFSAA\ImagePath - -- Port parameter – Only needs to be added to the registry key value if a custom port is used. The - default port of 8766 does not need to be set as a parameter - - Append `-e [PORT NUMBER]` to the ImagePath key value -- Priority parameter – Can be modified so that the service runs as a background priority, which may - be desired if the service has been installed directly on a file server - - - Append `-r 0` to the ImagePath key value - - **NOTE:** If both parameters are added, there is no required order. - - **_RECOMMENDED:_** Stop the Netwrix Access Analyzer (formerly Enterprise Auditor) FSAA Proxy - Scanner service before modifying the registry key. - -Follow the steps to configure these service parameters. - -![Netwrix Enterprise Auditor FSAA Proxy Scanner service in the Services Management Console](/img/product_docs/accessanalyzer/install/filesystemproxy/service.webp) - -**Step 1 –** After installing the File System Proxy Service, open Services Management Console -(`services.msc`). To stop the service, right-click on the Netwrix Access Analyzer (formerly -Enterprise Auditor) FSAA Proxy Scanner service and select **Stop**. - -![File System Proxy ImagePath registry key in the Registry Editor](/img/product_docs/accessanalyzer/install/filesystemproxy/regedit.webp) - -**Step 2 –** Open Registry Editor (`regedit`) and navigate to the following registry key: - -HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\StealthAUDITFSAA\ImagePath - -**Step 3 –** Right-click on the **ImagePath** key and select **Modify**. The Value data was set -during installation according to the installation directory location selected. - -- Priority set to background priority: - - Add `-r 0` to the end of the path value -- Custom Port: - - - Add `-e [PORT NUMBER]` number to the end of the path value - - Example with Port number 1234: - - C:\Program Files (x86)\STEALTHbits\StealthAUDIT\FSAA\StealthAUDITRPC.EXEFSAASrv.DLL -e 1234 - - **NOTE:** The port number needs to be added to the path only if a custom port is used. - -**Step 4 –** Click **OK** and close Registry Editor. - -**Step 5 –** Return to the Services Management Console and start the Netwrix Access Analyzer -(formerly Enterprise Auditor) FSAA Proxy Scanner service. Close the Services Management Console. - -![Port number on File System Access Auditor Data Collector Wizard Applet Settings page](/img/product_docs/accessanalyzer/install/filesystemproxy/dcwizardportnumber.webp) - -**Step 6 –** In the Access Analyzer Console, navigate to the **FileSystem** > **0.Collection** > -**[Job]** > **Configure** > **Queries** node and open the File System Access Auditor Data Collector -Wizard. On the Applet Settings wizard page, change the **Port number** to the custom port. - -**NOTE:** See the -[File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/configure-data-collector.md) -section for additional configurations required to run scans in proxy mode as a service. - -**Step 7 –** Repeat the previous step for each of the **FileSystem** > **0.Collection** jobs to -employ this proxy service. - -The custom port identified is now used for communication between the File System Proxy Service and -Access Analyzer. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/overview.md b/docs/accessanalyzer/12.0/getting-started/installation/overview.md deleted file mode 100644 index 98662b2873..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/overview.md +++ /dev/null @@ -1,31 +0,0 @@ -# Installation - -The following sections provide instructions for installing and upgrading Netwrix Access Analyzer -(formerly Enterprise Auditor) and other related components. - -## Access Analyzer - -This section provides instructions for installing Access Analyzer and the initial configuration -required when first launching the Access Analyzer Console. It also includes additional information, -such as how to secure the Access Analyzer Database, and configuring the Web Console for viewing -reports outside of the Access Analyzer Console. - -See the [Installation & Configuration Overview](/docs/accessanalyzer/12.0/getting-started/installation/application/overview.md) topic for additional -information. - -## File System Proxy Service - -The File System Solution can be enabled to use proxy servers for scanning targeted file systems in -very large or widely dispersed environments. The File System Proxy installer is designed to simplify -the process of setting up File System Scanning Proxy as a service on the designated proxy server. - -See the [File System Proxy as a Service Overview](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/overview.md) topic for additional -information. - -## SharePoint Agent - -The SharePoint Agent is capable of auditing permissions and content, or Access Auditing (SPAA) and -Sensitive Data Discovery Auditing, on SharePoint servers. - -See the [SharePoint Agent Installation](/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/overview.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/overview.md b/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/overview.md deleted file mode 100644 index 62621fc19d..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/overview.md +++ /dev/null @@ -1,30 +0,0 @@ -# SharePoint Agent Installation - -The SharePoint Agent is capable of auditing permissions and content, or Access Auditing (SPAA) and -Sensitive Data Discovery Auditing, on SharePoint servers. - -This topic provides information on the installation and upgrade processes of the SharePoint Agent. -It also provides information on the permissions needed by the service account used to run the Access -Auditing (SPAA) and Sensitive Data Discovery Auditing scans against the targeted SharePoint -environment. - -For information on the required prerequisites and permissions, see the -[SharePoint Agent Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agent-permissions.md) topic. - -The version of the SharePoint Agent must also match the major version of Access Analyzer. See the -[What's New](/docs/accessanalyzer/12.0/whatsnew.md) topic for additional information. - -## Supported Platforms - -The SharePoint Agent for the Access Analyzer SharePoint & SharePoint Online Solution can be -installed on the following SharePoint versions as targeted environments: - -- SharePoint® 2019 -- SharePoint® 2016 -- SharePoint® 2013 - -## Sensitive Data Discovery Auditing Consideration - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). diff --git a/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/upgrade.md b/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/upgrade.md deleted file mode 100644 index cc24f50ed5..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/upgrade.md +++ /dev/null @@ -1,18 +0,0 @@ -# Upgrade SharePoint Agent - -Follow the steps to upgrade the SharePoint Agent. - -![Windows Control Panel Uninstall or change a program window](/img/product_docs/accessanalyzer/install/filesystemproxy/uninstall.webp) - -**Step 1 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and -Features**), uninstall the previous version of SharePoint Agent. - -**NOTE:** If you have the old Netwrix Sensitive Data Discovery Add-On installed, you must uninstall -it before continuing with this upgrade. For Access Analyzer 12.0, Sensitive Data Discovery is -installed as part of the main installation if your license includes it. - -**Step 2 –** Install the new version of the SharePoint Agent. See the -[Installing the SharePoint Agent](/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/wizard.md) topic for instructions. - -Now that the SharePoint Agent has been upgraded, it can be used by the SharePoint Solution. See the -[SharePoint Solution](/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/wizard.md b/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/wizard.md deleted file mode 100644 index 7d3b948703..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/wizard.md +++ /dev/null @@ -1,49 +0,0 @@ -# Installing the SharePoint Agent - -The installer will prompt for credentials which are used to set the identity that the SharePoint -Access Auditor Agent service runs as. The agent service does no additional impersonation, so this is -the account used to connect to and enumerate SharePoint. The service account credentials provided -need to be a member of the Log on as a service local policy. Additionally, the credentials provided -for Step 5 should also be a part of the Connection Profile used by the SharePoint Solution within -the Access Analyzer Console. See the -[SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) topic for detailed -permission information. - -Follow the steps to install the SharePoint Agent on the application server which hosts the Central -Administration component of the targeted SharePoint farms. - -**Step 1 –** Run the `SharePointAgent.exe` executable to open the Netwrix Access Analyzer (formerly -Enterprise Auditor) SharePoint Agent Setup Wizard. - -![SharePoint Agent Setup Wizard Welcome page](/img/product_docs/activitymonitor/activitymonitor/install/welcome.webp) - -**Step 2 –** On the Welcome page, click **Next** to begin the installation. - -![SharePoint Agent Setup Wizard End-User License Agreement page](/img/product_docs/activitymonitor/activitymonitor/install/eula.webp) - -**Step 3 –** On the End-User License Agreement page, select the **I accept the terms in the License -Agreement** checkbox and click **Next**. - -![SharePoint Agent Setup Wizard Destination Folder page](/img/product_docs/accessanalyzer/install/filesystemproxy/destination.webp) - -**Step 4 –** On the Destination Folder page, click **Next** to install to the default folder or -click **Change** to select a different location. - -![SharePoint Agent Setup Wizard Configure Service Security page](/img/product_docs/accessanalyzer/install/filesystemproxy/configureservice.webp) - -**Step 5 –** On the Configure Service Security page, enter the **User Name** and **Password** for -the SharePoint Service Account. Click **Next**. - -![SharePoint Agent Setup Wizard Ready to install page](/img/product_docs/activitymonitor/activitymonitor/install/ready.webp) - -**Step 6 –** On the Ready to install Netwrix Access Analyzer (formerly Enterprise Auditor) -SharePoint Agent page, click **Install** to start the installation. - -![SharePoint Agent Setup Wizard Completed page](/img/product_docs/threatprevention/threatprevention/install/reportingmodule/completed.webp) - -**Step 7 –** When the installation has completed, click **Finish** to exit the wizard. - -Now that the SharePoint Agent has been installed on the appropriate application server, it can be -used by the SharePoint Solution. See the -[SharePoint Solution](/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md) topic for instructions on enabling -agent service scans on the Agent Settings page. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md deleted file mode 100644 index 3e4258fb7f..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md +++ /dev/null @@ -1,194 +0,0 @@ -# Requirements - -This topic describes the recommended configuration of the servers needed to install the application -in a production environment. Depending on the size of the organization, it is recommended to review -your environment and requirements with a Netwrix engineer prior to deployment to ensure all -exceptions are covered. - -## Architecture Overview - -The following servers and applications are required for installation of the application: - -Core Components - -- Access Analyzer Console Server – This is where the v12.0 application is installed. -- SQL Server for Access Analyzer Database – As a data-intensive application, a well-provisioned, - dedicated SQL Server is recommended. -- Access Information Center Application Server – This application is typically installed on the - Access Analyzer Console server and is a browser-based, interactive dashboard for exploring - permissions, activity, and sensitive data. - - **NOTE:** The Access Information Center is often installed on the same server as the Access - Analyzer application, but it can be installed separately. - -Exchange Solution-Specific Components - -- Access Analyzer MAPI CDO – This application is installed on the Access Analyzer Console server to - enable the Settings > Exchange global configuration interface within Access Analyzer. - -File System Solution-Specific Components - -- Access Analyzer File System Proxy Server – In certain environments, a proxy server may be utilized - to scan hosts in remote or firewalled sites to increase scan capacity in large environments. This - feature can be implemented through either an applet or a service. The applet would be deployed as - part of the data collection process. The service should be installed prior to data collection. See - the [Proxy Mode as a Service](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md#proxy-mode-as-a-service) topic - for server requirements. - -SharePoint Solution-Specific Components - -- Access Analyzer SharePoint Agent Server – For agent-based scans, this application can be installed - on the SharePoint application server that hosts the “Central Administration” component of the - targeted farm(s) to auditing permissions, content, and sensitive data for SharePoint On-Premise. - See the [SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) topic for server - requirements. - -Activity Event Data Considerations - -- Netwrix Activity Monitor – Access Analyzer depends upon integration with the Activity Monitor for - monitored event data for several solutions. See the - [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) - for installation requirements and information on collecting activity data. -- Netwrix Threat Prevention – Access Analyzer can integrate with Threat Prevention for Active - Directory and Windows File System event data. This integration works in conjunction with Netwrix - Activity Monitor. See the - [Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) - for installation requirements and information on collecting activity data. - -Target Environment Considerations - -The target environment encompasses all servers, devices, or infrastructure to be audited by Access -Analyzer. Most solutions have additional target requirements. - -## Access Analyzer Console & Access Information Center Server Requirements - -The server can be physical or virtual. The requirements are: - -- Windows Server 2016 through Windows Server 2022 - -Additionally the server must meet these requirements: - -- US English language installation -- Domain member - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. See the following topics for -additional: - -- [Active Directory Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory.md#active-directory-solution-requirements-on-the-access-analyzer-console) -- [Active Directory Permissions Analyzer Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory-permissions-analyzer.md#active-directory-permissions-analyzer-solution-requirements-on-the-access-analyzer-console) -- [AWS Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/aws.md#aws-solution-requirements-on-the-access-analyzer-console) -- [Box Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/box.md#box-solution-requirements-on-the-access-analyzer-console) -- [Databases Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/databases.md#databases-solution-requirements-on-the-access-analyzer-console) -- [Dropbox Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/dropbox.md#dropbox-solution-requirements-on-the-access-analyzer-console) -- [Entra ID Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/entra-id.md#entra-idsolution-requirements-on-the-access-analyzer-console) -- [Exchange Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange.md#exchange-solution-requirements-on-the-access-analyzer-console) -- [File System Solution Requirements on the Access Analyzer Console ](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem.md#file-system-solution-requirements-on-the-access-analyzer-console) -- [SharePoint Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint.md#sharepoint-solution-requirements-on-the-access-analyzer-console) -- [Unix Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/unix.md#unix-solution-requirements-on-the-access-analyzer-console) -- [Windows Solution Requirements on the Access Analyzer Console](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/windows.md#windows-solution-requirements-on-the-access-analyzer-console) - -Additional Server Requirements - -The following are additional requirements for the Console server: - -- .NET Framework 4.7.2 installed, which can be downloaded from the link in the Microsoft - [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) - article. -- Microsoft SQL Server supports TLS 1.2, which requires the Access Analyzer Console server to have - either SQL Server Native Client 11 or Microsoft OleDB 18 installed - -Additional Server Considerations - -The following are recommended for the Console server: - -- 100/1000 Mb Network Connection -- SQL Server Management Studio installed (Optional) -- Font "arial-unicode-ms" installed (Needed for report Unicode character support) - -Permissions for Installation - -The following permissions are required to install and use the application: - -- Membership in the local Administrators group for the Access Analyzer Console server - - **NOTE:** Role based access can be enabled for a least privilege user model. - -Supported Browsers - -The following is a list of supported browsers for the Web Console and the Access Information Center: - -- Google® Chrome® -- Microsoft® Edge® -- Mozilla® Firefox® - -## SQL Server Requirements - -The server requirements include one of the following SQL Server versions: - -- SQL Server 2016 through SQL Server 2022 -- Azure SQL Managed Instances - -Additionally the server must meet this requirement: - -- US English language installation - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. See the following topics for -additional: - -- [Active Directory Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory.md#active-directory-solution-requirements-on-the-sql-server) -- [Active Directory Permissions Analyzer Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory-permissions-analyzer.md#active-directory-permissions-analyzer-solution-requirements-on-the-sql-server) -- [AWS Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/aws.md#aws-solution-requirements-on-the-sql-server) -- [Box Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/box.md#box-solution-requirements-on-the-sql-server) -- [Databases Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/databases.md#databases-solution-requirements-on-the-sql-server) -- [Entra ID Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/entra-id.md#entra-id-solution-requirements-on-the-sql-server) -- [Exchange Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange.md#exchange-solution-requirements-on-the-sql-server) -- [File System Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem.md#file-system-solution-requirements-on-the-sql-server) -- [SharePoint Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint.md#sharepoint-solution-requirements-on-the-sql-server) -- [Unix Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/unix.md#unix-solution-requirements-on-the-sql-server) -- [Windows Solution Requirements on the SQL Server](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/windows.md#windows-solution-requirements-on-the-sql-server) - -Additional Server Requirements - -The following are additional requirements for the SQL Server: - -- SQL Server must be equal or newer version than the version to be targeted -- All SQL Server databases configured to use ‘Simple Recovery Model’ - -Additional Server Considerations - -The following additional considerations are recommended for the SQL Server: - -- The standard Autogrowth setting can cause Access Analyzer job delays. Database growth is - computationally intensive. While SQL Server is growing the database, no other activity can occur. - If this option is employed, please speak with a Netwrix engineer to determine an appropriate - setting for best performance. -- Microsoft SQL Server supports TLS 1.2, which requires the Access Analyzer Console server to have - either SQL Server Native Client 11 or Microsoft OleDB 18 installed. -- _Optional_: SQL Server Management Studio installed on the Access Analyzer Console server - -Database Permissions - -The following permissions are required on the databases: - -- Database Owner -- Provisioned to use Default Schema of ‘dbo’ - -## Virtual Environment Recommendations - -While physical machines are always preferred, we fully support the use of virtual machines. This -section contains special considerations when leveraging virtualization. - -- VMWare® ESX® – If using ESX, the following specifications are recommended: - - - ESX 4.0 / ESXi™ 4.1 or higher - - Virtual Hardware 7 or higher - - All Virtual Machines installed on the same datacenter / rack - -- Virtual Storage Consideration - - - In the server requirements, when separate disks are required for the servers, that should - translate to separate data stores on the VM host machine. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory-permissions-analyzer.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory-permissions-analyzer.md deleted file mode 100644 index c19741c797..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory-permissions-analyzer.md +++ /dev/null @@ -1,39 +0,0 @@ -# Active Directory Permissions Analyzer Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -See the -[Domain Target Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/active-directory-permissions-analyzer.md) -topic for target environment requirements. - -## Active Directory Permissions Analyzer Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Active Directory Permissions Analyzer Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 1 TB | 450 GB | -| SQL Transaction Log Disk | 240 GB | 120 GB | -| SQL TEMP DB Disk | 350 GB | 240 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory.md deleted file mode 100644 index c140418442..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory.md +++ /dev/null @@ -1,45 +0,0 @@ -# Active Directory Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat -Prevention is required for event activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or -the -[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) -for installation requirements and information on collecting activity data. - -See the [Active Directory Domain Target Requirements](/docs/accessanalyzer/12.0/configuration/active-directory/overview.md) -topic for target environment requirements. - -## Active Directory Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Active Directory Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/aws.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/aws.md deleted file mode 100644 index eb5ab734bf..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/aws.md +++ /dev/null @@ -1,50 +0,0 @@ -# Amazon Web Services (AWS) Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -See the [Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/aws.md) topic for -target environment requirements. - -## AWS Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | -------------- | -------------- | -| Definition | > 100 Accounts | < 100 Accounts | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -Sensitive Data Discovery Auditing Requirement - -**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the -server. The JDK deployed is prepackaged and does not require any configuration; it has been -preconfigured to work with Access Analyzer and should never be customized through Java. It will not -conflict with other JDKs or Java Runtimes in the same environment. - -## AWS Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | -------------- | -------------- | -| Definition | > 100 Accounts | < 100 Accounts | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/box.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/box.md deleted file mode 100644 index 51ff4f7433..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/box.md +++ /dev/null @@ -1,38 +0,0 @@ -# Box Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -See the [Target Box Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/box.md) topic for target -environment requirements. - -## Box Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Box Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/databases.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/databases.md deleted file mode 100644 index 48b4768f4f..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/databases.md +++ /dev/null @@ -1,78 +0,0 @@ -# Databases Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -In addition to these, integration with either the Netwrix Activity Monitor is required for event -activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for installation requirements and information on collecting activity data. - -See the following topics for target environment requirements: - -- [Target Db2 Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-db2.md) -- [Target MongoDB Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-mongodb.md) -- [Target MySQL Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-mysql.md) -- [Target Oracle Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-oracle.md) -- [Target PostgreSQL Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-postgresql.md) -- [Target Redshift Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-redshift.md) -- [Target SQL Server Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-sql.md) - -## Databases Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Extra-Large | Large | Medium | Small | -| ----------- | -------------------- | ------------------------ | --------------------- | -------------------- | -| Definition | > 1 TB database size | Up to 1 TB database size | ~250 GB database size | ~50 GB database size | -| RAM | 24 GB | 16 GB | 12 GB | 4 GB | -| Cores | 8 CPU | 8 CPU | 4 CPU | 2 CPU | -| Disk Space | 460 GB | 280 GB | 160 GB | 80 GB | - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -Additional Server Considerations for Oracle Scans - -For scanning Oracle databases, the following are additional requirements for the Console server: - -- Windows Management Framework 3+ installed -- PowerShell 3.0+ installed -- NMAP installed -- For Instance Discovery, NMAP installed - -Additional Server Considerations for SQL Server Scans - -For scanning SQL databases, the following are additional requirements for the Console server: - -- Windows Management Framework 3+ installed -- PowerShell 3.0+ installed - -Sensitive Data Discovery Auditing Requirement - -**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the -server. The JDK deployed is prepackaged and does not require any configuration; it has been -preconfigured to work with Access Analyzer and should never be customized through Java. It will not -conflict with other JDKs or Java Runtimes in the same environment. - -## Databases Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Extra-Large | Large | Medium | Small | -| ------------------------ | -------------------- | ------------------------ | --------------------- | -------------------- | -| Definition | > 1 TB database size | Up to 1 TB database size | ~250 GB database size | ~50 GB database size | -| RAM | 64 GB | 32 GB | 16 GB | 8 GB | -| Cores | 16 CPU | 12 CPU | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | -| SQL Database Disk | 500 GB | 320 GB | 240 GB | 100 GB | -| SQL Transaction Log Disk | 120 GB | 100 GB | 80 GB | 40 GB | -| SQL TEMP DB Disk | 320 GB | 240 GB | 160 GB | 80 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/dropbox.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/dropbox.md deleted file mode 100644 index 38f8c069c7..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/dropbox.md +++ /dev/null @@ -1,57 +0,0 @@ -# Dropbox Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat -Prevention is required for event activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or -the -[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) -for installation requirements and information on collecting activity data. - -See the [Target Dropbox Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/dropbox.md) topic for target -environment requirements. - -## Dropbox Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -Sensitive Data Discovery Auditing Requirement - -**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the -server. The JDK deployed is prepackaged and does not require any configuration; it has been -preconfigured to work with Access Analyzer and should never be customized through Java. It will not -conflict with other JDKs or Java Runtimes in the same environment. - -## Dropbox Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/entra-id.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/entra-id.md deleted file mode 100644 index e48ddc7f4a..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/entra-id.md +++ /dev/null @@ -1,40 +0,0 @@ -# Entra ID Solution - -**NOTE:** The Entra ID solution is for scanning Microsoft Entra ID, formerly Azure Active Directory. - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -See the [Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/12.0/configuration/entra-id/overview.md) topic -for target environment requirements. - -## Entra ID Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 8+ GB | 4+ GB | -| Cores | 4 CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Entra ID Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ----------------------- | ---------------------- | -| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/entra-id/entra-roles.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/entra-id/entra-roles.md deleted file mode 100644 index 814910ccc0..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/entra-id/entra-roles.md +++ /dev/null @@ -1,180 +0,0 @@ -# Microsoft Entra Roles Auditing Configuration - -Access Analyzer can scan for Microsoft Entra roles information. It scans: - -- Microsoft Entra ID (formerly Azure AD) - -**NOTE:** A user account with the Global Administrator role is required to register an app with -Microsoft Entra ID. - -Data Collector - -- [Entra Data Collector](/docs/accessanalyzer/12.0/data-collection/entra/overview.md) - -Configuration Settings from the Registered Application - -The following settings are needed from your tenant once you have registered the application: - -- Client ID – This is the Application (client) ID for the registered application -- Key – This is the Client Secret Value generated when a new secret is created - - **CAUTION:** It is not possible to retrieve the value after saving the new key. It must be - copied first. - -**NOTE:** It is recommended to use the same registered application for the Access and Entra roles -auditing configurations. In this case, these values are only needed once for the tenant. See the -[Microsoft Entra ID Registered Application](#microsoft-entra-id-registered-application) topic for -additional information. - -## Permissions - -The following permissions are required for Microsoft Entra Roles auditing: - -- Microsoft Graph API Application permissions: - - - RoleManagement.Read.Directory - -- Resource Manager permissions: - - - Microsoft.Authorization/roleAssignments/read - - Microsoft.Authorization/roleDefinitions/read - - Microsoft.Resources/resources/read - - Microsoft.Resources/subscriptions/read - - Microsoft.Resources/subscriptions/resources/read - - Microsoft.Resources/subscriptions/resourceGroups/read - - Microsoft.Authorization/providerOperations/read - - Microsoft.Management/managementGroups/read - -## Microsoft Entra ID Registered Application - -You must have a registered application to assign the required permissions to. It is recommended to -use the same registered application that is used for access auditing using the AzureADInventory data -collector. See the -[Register a Microsoft Entra ID Application](/docs/accessanalyzer/12.0/configuration/entra-id/access.md#register-a-microsoft-entra-id-application) -topic for additional information on registering an application. - -The Client ID and Key for the registered application are required for the Access Analyzer connection -profile. If, as recommended, you are using a single registered application for the tenant, then you -do not need to add an additional user credential in the connection profile. If you create a separate -registered application for Entra roles auditing, then the Client ID and Key for this must be added -to the connection profile as an additional Azure Active Directory user credential. See the -[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/configure-job.md) -topic for additional information. - -Once you have the registered application, the next step is to grant it the required permissions for -the Entra data collector. - -## Grant Permissions to the Registered Application - -Follow the steps to grant the required permissions to the registered application. - -**Step 1 –** Log in to [Azure Portal](https://portal.azure.com/). - -**Step 2 –** Navigate to the **App registrations** > **All applications** list for your tenant, and -select your registered application. - -**Step 3 –** On the registered app blade, click **API permissions** in the Manage section. - -**Step 4 –** In the top toolbar, click **Add a permission**. - -**Step 5 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs -tab. Select the following permissions: - -- Under Application Permissions, select: - - - RoleManagement.Read.Directory - -**Step 6 –** At the bottom of the page, click **Add Permissions**. - -**Step 7 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation -window. - -The permissions have been granted to the registered application. Next, you need to create a custom -role and assign the necessary resource manager permissions. - -## Create Custom Role with Resource Manager Permissions - -Follow the steps to create the required custom role and assign the necessary permissions. - -**Step 1 –** In Azure portal, navigate to **Management groups** within the Microsoft Entra tenant. - -- You can either use the search bar or select **All services** on the navigation menu to find the - Management groups dashboard. - -**Step 2 –** Select the **Tenant Root Group** to navigate to the Overview page of the management -group. - -**_RECOMMENDED:_** It is recommended to create this custom role at the root management group level. -This ensures that all of necessary information on the Microsoft Entra environment is collected. -Creating the custom role on a lower level management group can result in missing data. - -**Step 3 –** Navigate to **Access Control (IAM)** on the left side menu. - -**Step 4 –** On the Access Control (IAM) panel, click **Add** and then select **Add custom role**. - -**Step 5 –** On the Create a custom role page, enter a role name. Optionally, add a description for -the custom role. - -**Step 6 –** Select the Permissions tab, then click **Add permissions** and assign the following -permissions: - -- Microsoft.Authorization/roleAssignments/read -- Microsoft.Authorization/roleDefinitions/read -- Microsoft.Resources/resources/read -- Microsoft.Resources/subscriptions/read -- Microsoft.Resources/subscriptions/resources/read -- Microsoft.Resources/subscriptions/resourceGroups/read -- Microsoft.Authorization/providerOperations/read -- Microsoft.Management/managementGroups/read - -Alternatively, you can edit the JSON to assign the permissions. To do so, go to the JSON tab and -edit the permissions section of the JSON to be the following: - -``` -"permissions": [ -    { -        "actions": [ -            "Microsoft.Authorization/roleAssignments/read", -            "Microsoft.Authorization/roleDefinitions/read", -            "Microsoft.Resources/resources/read", -            "Microsoft.Resources/subscriptions/read", -            "Microsoft.Resources/subscriptions/resources/read", -            "Microsoft.Resources/subscriptions/resourceGroups/read", -            "Microsoft.Authorization/providerOperations/read", -            "Microsoft.Management/managementGroups/read" -        ], -        "notActions": [], -        "dataActions": [], -        "notDataActions": [] -    } -``` - -**_RECOMMENDED:_** After editing the JSON, go back to the Permissions tab and verify the list of -permissions. - -**Step 7 –** Once the permissions are configured, click **Create** on the Review + create tab to -finish creating the custom role. - -Now that you have created the custom role with the necessary permissions, you must assign this -custom role to the registered application. - -## Assign the Custom Role to the App Registration - -Follow the steps to assign the custom role to your registered application. - -**Step 1 –** Navigate back to Access Control (IAM) in the Tenant Root Group. - -**Step 2 –** On the Access control (IAM) panel, click **Add** and select **Add role assignment**. - -**Step 3 –** On the Add role assignment page, select the newly created role and click **Next**. - -- You can use the search bar to easily find the custom role. - -**Step 4 –** On the Members tab, select the Assign access to option as **User, group, or service -principal**. Then, click **Select members** and search for your registered application. Select the -application from the list and click **Select**. - -**Step 5 –** On the Review + assign tab, click **Review + assign** to complete the role assignment. - -The registered application has now been configured with all the necessary permissions for Entra -roles scans. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange.md deleted file mode 100644 index 5989a80b0f..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange.md +++ /dev/null @@ -1,89 +0,0 @@ -# Exchange Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat -Prevention is required for event activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or -the -[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) -for installation requirements and information on collecting activity data. - -See the following topics for target environment requirements: - -- [Target Exchange Servers Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange.md) -- [Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange-online.md) - -## Exchange Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Extra Large – Large | Medium – Small | -| ----------- | ------------------------- | ----------------------- | -| Definition | ~50,000-120,000 Mailboxes | ~1,000-10,000 Mailboxes | -| RAM | 16+ GB | 8+ GB | -| Cores | 8 CPU | 4 CPU | -| Disk Space | 120 GB | 120 GB | - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -Sensitive Data Discovery Auditing Requirement - -**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the -server. The JDK deployed is prepackaged and does not require any configuration; it has been -preconfigured to work with Access Analyzer and should never be customized through Java. It will not -conflict with other JDKs or Java Runtimes in the same environment. - -Permissions to Run Exchange Scans - -The following are additional requirements for the Access Analyzer Console server specific to running -the Exchange Solution: - -- Outlook should not be installed -- StealthAUDIT MAPI CDO installed (for MAPI- based data collectors). See the - [StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/stealthaudit-mapi-cdo-installation.md) - topic for additional information. -- Exchange MAPI CDO installed (for MAPI- based data collectors) -- For targeting Exchange 2010 – Exchange Management Tools 2010 installed on the Access Analyzer - Console server -- For Targeting Exchange Online – PowerShell Execution Policy set to unrestricted for both 64-bit - and 32-bit versions - -Exchange Online Modern Authentication - -The following prerequisites are required to use Modern Authentication for Exchange Online in Access -Analyzer. - -- Exchange Online Management v3.4.0 - - - You can install this module with the following command: - - ``` - Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 - ``` - -- Create a self-signed certificate that will be used by Access Analyzer for Modern Authentication - -## Exchange Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Extra-Large | Large | Medium | Small | -| ------------------------ | ------------------ | ----------------- | ----------------- | ---------------- | -| Definition | ~120,000 Mailboxes | ~50,000 Mailboxes | ~10,000 Mailboxes | ~1,000 Mailboxes | -| RAM | 64 GB | 16 GB | 16 GB | 8 GB | -| Cores | 16 CPU | 16 CPU | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | -| SQL Database Disk | 1.25 TB | 650 GB | 415 GB | 325 GB | -| SQL Transaction Log Disk | 650 GB | 650 GB | 325 GB | 325 GB | -| SQL TEMP DB Disk | 325 GB | 325 GB | 325 GB | 325 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mail-flow.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mail-flow.md deleted file mode 100644 index 5106dc820f..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mail-flow.md +++ /dev/null @@ -1,64 +0,0 @@ -# Exchange Mail-Flow Permissions - -The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking -Logs on the Exchange servers. Some examples of this include server volume and message size -statistics. This data collector utilizes an applet to process and collect summarized metrics from -the Message Tracking Log. - -1. HUB Metrics Job Group Requirement - -In addition to the permissions required by the ExchangeMetrics Data Collector, the Connection -Profile assigned to the 1. HUB Metrics Job Group requires the following permission and User Rights -(based on default settings): - -- Member of the local Administrator group on the targeted Exchange server(s) where the Hub Transport - service is running -- Log on as a Service Group Policy: - - - Go to `GPedit.msc` - - Go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User - Rights - -Applet Permissions - -This is required because the ExchangeMetrics Data Collector is an applet-based data collector. It -requires - -- Member of the local Administrator group on the targeted Exchange server(s) - -This grants access to the Message Tracking Logs and the ability to create the -`SA_ExchangeMetricsData` folder, which will contain the applet files and the processed message -tracking log files stored inside a SQLite database for each day. For example: - -\\ExchangeServerName\c$\Program Files\Microsoft\Exchange -Server\V14\TransportRoles\Logs\MessageTracking - -If there have been additional security or permission modifications on the server(s), the following -rights and policies may need to be enabled on the targeted host: - -- Ensure the Administrator group has been granted Full Control over Message Tracking Log Directories -- WMI Control (`wmimgmt.msc`) > Right Click Properties > Security - - - Security Tab > Root > CIMV2 > Click Security - - - Ensure the Administrators group has been assigned: - - - Execute Methods - - Remote Enable - - Enable Account - -- Local Security Policy (`secpol.msc`): - - - Local Policies > User Rights Assignment: - - - Ensure the ‘Replace a Process Level Token’ right grants access to Local Service, Network - Service, and Administrators - - Ensure the ‘Adjust Memory Quotas for a Process’ right grants access to Local Service, - Network Service, and Administrators - - Ensure the ‘Impersonate a client after authentication’ right grants access to Local - Service and Administrators - - Ensure the Administrators group has been granted the following rights: - - - Access this computer from a network - - Allow Log on Locally - - Log on as a batch job diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md deleted file mode 100644 index 045ef0faf8..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md +++ /dev/null @@ -1,235 +0,0 @@ -# Exchange PowerShell Permissions - -The ExchangePS Data Collector utilizes PowerShell to collect various information from the Exchange -environment. This data collector utilizes Remote PowerShell to collect information about Exchange -Users Configuration, Mailboxes, Public Folders, and Exchange Online Mail-Flow. - -Job Group Requirements in Addition to ExchangePS - -In addition to the permissions required by the ExchangePS Data Collector, the Connection Profile -assigned to these job groups requires the following permissions: - -- 2. CAS Metrics - - - This job group also requires remote connection permissions for the SMARTLog Data Collector. - See the [Exchange Remote Connections Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/remote-connections.md) topic for additional - information. - -- 3. Databases - - - This job group also requires permissions for the Exchange2K Data Collector, which is - MAPI-based and has additional requirements - -- 4. Mailboxes - - - This job group also requires Exchange Mailbox Access Auditing to be enabled. See the - [Enable Exchange Mailbox Access Auditing](#enable-exchange-mailbox-access-auditing) topic for - additional information. - -- 5. Public Folders - - - This job group also requires permissions for the ExchangePublicFolder Data Collector, which is - MAPI-based and has additional requirements - -- 8. Exchange Online - - - This job group uses Modern Authentication to target Exchange Online. See the - [Exchange Online Auditing Configuration](/docs/accessanalyzer/12.0/configuration/exchange-online/access.md) topic - for additional information. - -## Permissions Explained - -Remote PowerShell and Windows Authentication Enabled - -The Remote PowerShell and Windows Authentication configurations for Exchanges servers are required -to be enabled on at least one Exchange server running the Client Access Service so that the -ExchangePS Data Collector can make a remote PowerShell connection and authenticate through Access -Analyzer. - -Access Analyzer passes credentials saved in the Connection Profile to the data collector so that it -is able to connect to the targeted host. This requires the Exchange server to allow for Windows -Authentication. See the -[Enable Remote PowerShell for ExchangePS Data Collector](#enable-remote-powershell-for-exchangeps-data-collector) -topic and the -[Enable Windows Authentication for PowerShell Virtual Directory](#enable-windows-authentication-for-powershell-virtual-directory) -topic for additional information. - -View-Only Organization Management Role Group - -This is required so the ExchangePS Data Collector is able to run the various Exchange PowerShell -cmdlets. - -Public Folder Management - -This permission is only required if utilizing the ExchangePublicFolder Data Collector or -ExchangeMailbox Data Collector, as well as the PublicFolder or Mailbox Action Modules. This is -required in order to make a connection through the MAPI protocol. The following job group requires -the Public Folder Management Role Group: - -- 5. Public Folders > Ownership - -If not running this collection, then this permission is not required. - -Mailbox Search Role - -This is required to collect Mailbox Access Audit logs and run Mailbox Search queries through the -ExchangePS Data Collector. The following job group requires the Mailbox Search Role: - -- 4. Mailboxes > Logons - -Application Impersonation Role - -The Application Impersonation Role is a customer role you need to create. See the -[Create Custom Application Impersonation Role in Exchange](#create-custom-application-impersonation-role-in-exchange) -topic for additional information. - -## Scoping Options - -There are five different scoping options within this data collector. Since not all query categories -support all scoping options, No Scoping is an option. If there are no scoping options available, -then the data collector should be run against the host specified in the Summary page of the data -collector wizard. - -No Scoping - -This option will gather information about the entire Exchange Organization. When using the applet, -the data collector will gather information about the Exchange Forest in which the Access Analyzer -Console currently resides. For Remote PowerShell, the data collector will gather information about -the Exchange Organization to which the Remote PowerShell connection was made. This refers to the -server entered in the Client Access Server (CAS) field of the global configuration from the -**Settings** > **Exchange** node or on the Scope Page of the data collector wizard. See the -[ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) topic for additional -information. - -Scope by Database - -This option will gather information about any databases which are chosen. When using the applet, the -data collector will return databases in the Scope by DB page of the data collector wizard for the -Exchange Organization in which the Access Analyzer Console currently resides, as well as, only -return information about those databases. For Remote PowerShell, the data collector will return -databases in the Scope by DB page of the data collector wizard for the Exchange Forest, as well as, -only return information about those databases. See the -[ExchangePS: Scope by DB](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-databases.md) topic for -additional information. - -Scope by Mailbox - -This option will gather information about any mailboxes which are chosen. When using the applet, the -data collector will return mailboxes in the Scope by Mailboxes page of the data collector wizard for -the Exchange Forest in which the Access Analyzer Console currently resides, as well as, only return -information about those mailboxes. For Remote PowerShell, the data collector will return mailboxes -in the Scope by Mailboxes page of the data collector wizard for the Exchange Forest, as well as, -only return information about those mailboxes. See the -[ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-mailboxes.md) topic -for additional information. - -Scope by Server - -This option will gather information about objects which reside on the chosen server. When choosing -this option, the data collector will then use the Host List applied to the job’s **Configure** > -**Hosts** node as the servers scoping list. When using the applet, the data collector will deploy a -process to the targeted host to run the PowerShell on that server. For Remote PowerShell, the data -collector will deploy no applet and utilize the WinRM protocol to gather information about the -objects on that server. - -Scope by Public Folder - -This option will gather information about any public folders which are chosen. When using the -applet, the data collector will return public folders in the Scope by Public Folders page of the -data collector wizard for the Exchange Forest in which the Access Analyzer Console currently -resides, as well as, only return information about those public folders. For Remote PowerShell, the -data collector will return public folders in the Scope by Public Folders page of the data collector -wizard for the Exchange Forest, as well as, only return information about those public folders. See -the -[ExchangePS: Scope by Public Folders](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-public-folders.md) -topic for additional information. - -## Enable Remote PowerShell for ExchangePS Data Collector - -Follow these steps to enable Remote PowerShell. - -**Step 1 –** On the server that Access Analyzer will connect with Remote PowerShell, open -PowerShell. - -**Step 2 –** Run the following command: - -``` -Enable-PSRemoting -``` - -**Step 3 –** When prompted, type `A` and `A` again to enable the appropriate services and protocols. - -Remote PowerShell has been enabled. See the Microsoft -[Tip: Enable and Use Remote Commands in Windows PowerShell](https://technet.microsoft.com/en-us/library/ff700227.aspx) -article for additional information. - -Next, enable Windows Authentication for PowerShell Virtual Directory on the same server. - -## Enable Windows Authentication for PowerShell Virtual Directory - -Once Remote PowerShell has been enabled on an Exchange Server in the environment, it is necessary to -also enable Windows Authentication for the PowerShell Virtual Directory on the same Exchange server. -Follow these steps to enable Windows Authentication. - -**Step 1 –** On the server where Remote PowerShell was enabled, open the Internet Information -Services (IIS) Manager. - -![IIS Authentication Open Feature](/img/product_docs/accessanalyzer/requirements/solutions/exchange/iismanager.webp) - -**Step 2 –** Traverse to the **PowerShell** Virtual Directory under the **Default Web Site**. Select -**Authentication** and click **Open Feature**. - -![IIS Enable Windows Authentication](/img/product_docs/accessanalyzer/requirements/solutions/exchange/iismanagerauth.webp) - -**Step 3 –** Right-click on **Windows Authentication** and select **Enable**. - -Windows Authentication has been enabled for the PowerShell Virtual Directory. - -## Create Custom Application Impersonation Role in Exchange - -Follow the steps to create the custom Application Impersonation role. The process is the same for -Exchange 2010 Service Pack 1 through Exchange 2019 and Exchange Online. - -**Step 1 –** Within the Exchange Admin Center, navigate to the permissions section and select admin -roles. - -**Step 2 –** Add a new role group by clicking on the + button, and the New Role Group window opens. - -![New role group window](/img/product_docs/accessanalyzer/requirements/solutions/exchange/rolegroup.webp) - -**Step 3 –** Configure the new role group with the following settings: - -- Name – Provide a distinct name for the role group, for example Application Impersonation -- Description – Optionally indicate in the description that the new role group is required for - Access Analyzer -- Write scope – Remain set to **Default** -- Roles – Click the + button to open the Select a Role window. Select the - **ApplicationImpersonation** role from the available list and click **Add**. Then click **OK** to - close the Select a Role window. -- Members – Click the + button to open the Select Members window. Select the account from the - available list and click **Add**. Remember, the account needs to be assigned the other permissions - required for the **EWSMailbox** and/or **EWSPublicFolder** data collectors. Then click **OK** to - close the Select Members window. - -**Step 4 –** **Save** the new role group. - -The new role group appears in the list. - -## Enable Exchange Mailbox Access Auditing - -The 4. Mailboxes Job Group requires the Exchange Mailbox Access Auditing to be enabled. In order to -collect Mailbox Access Auditing events, it is necessary to enable Exchange Mailbox Access Auditing -for Exchange. See the following Microsoft articles: - -- Exchange Online – - [Enable mailbox auditing in Office 365](https://technet.microsoft.com/en-us/library/dn879651.aspx) - article -- Exchange 2016 – Exchange 2019 – - [Enable or disable mailbox audit logging for a mailbox]() - article -- Exchange 2013 – - [Enable or disable mailbox audit logging for a mailbox]() - article -- Exchange 2010 – - [Enable or Disable Mailbox Audit Logging for a Mailbox]() - article diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/remote-connections.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/remote-connections.md deleted file mode 100644 index 83c9b9d87d..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/remote-connections.md +++ /dev/null @@ -1,64 +0,0 @@ -# Exchange Remote Connections Permissions - -The SMARTLog Data Collector processes the IIS Logs on the server running the Client Access Service -(CAS) to return information about the remote connections being made to Exchange. This data collector -uses an applet to process and collect the IIS Logs. - -2. CAS Metrics Job Group Requirement - -In addition to the permissions required by the SMARTLog Data Collector, the Connection Profile -assigned to the 2. CAS Metrics Job Group requires the following permissions and User Rights (based -on default settings): - -- Member of the local Administrator group on the targeted Exchange server(s) where the Client Access - Service is running -- Log on as a Service Group Policy: - - - Go to `GPedit.msc` - - Go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User - Rights - -- Permissions required by the ExchangePS Data Collector. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) topic for additional information. - -Applet Permissions - -This is required because the SMARTLog Data Collector is an applet-based data collector. It requires -the following permission on the target host which contain the IIS Logs: - -- Member of the local Administrators group - -This grants the ability to process logs folder which will contain the applet files and logs. For -example: - -\\ExchangeServerName\c$\Program Files (x86)\STEALTHbits\StealthAUDIT\LogProcessor - -If there have been additional security or permission modifications on the server(s), the following -rights and policies may need to be enabled on the targeted host: - -- Ensure the Administrator group has been granted Full Control over IIS Log Directories -- WMI Control (`wmimgmt.msc`) > Right Click Properties > Security - - - Security Tab > Root > CIMV2 > Click Security - - - Ensure the Administrators group has been assigned: - - - Execute Methods - - Remote Enable - - Enable Account - -- Local Security Policy (`secpol.msc`): - - - Local Policies > User Rights Assignment: - - - Ensure the ‘Replace a Process Level Token’ right grants access to Local Service, Network - Service, and Administrators - - Ensure the ‘Adjust Memory Quotas for a Process’ right grants access to Local Service, - Network Service, and Administrators - - Ensure the ‘Impersonate a client after authentication’ right grants access to Local - Service and Administrators - - Ensure the Administrators group has been granted the following rights: - - - Access this computer from a network - - Allow Log on Locally - - Log on as a batch job diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/support.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/support.md deleted file mode 100644 index 73ae715b49..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/support.md +++ /dev/null @@ -1,86 +0,0 @@ -# Exchange Support and Permissions Explained - -This topic outlines what is supported for each type of Exchange version. - -**NOTE:** Sensitive Data Discovery is available with the EWSMailbox, EWSPublicFolder, and -ExchangeMailbox data collectors. - -## Support by Data Collector - -The following tables provide a breakdown of support by data collector: - -| Data Collector | Exchange Online | Exchange 2019 | Exchange 2016 | Exchange 2013 | Exchange 2010 | MAPI-Based | -| -------------------- | --------------- | ------------- | ------------- | ------------- | ------------- | ---------- | -| EWSMailbox | Yes | Yes | Yes | Yes | Limited\* | No | -| EWSPublicFolder | Yes | Yes | Yes | Yes | Limited\* | No | -| Exchange2k | No | No | No | Yes | Yes | Yes | -| ExchangeMailbox | No | No | No | Yes | Yes | Yes | -| ExchangeMetrics | No | Yes | Yes | Yes | Yes | No | -| ExchangePS | Yes | Yes | Yes | Yes | Yes | No | -| ExchangePublicFolder | No | No | No | Yes | Yes | Yes | -| SMARTLog | No | Yes | Yes | Yes | Yes | No | - -\* The data collector can target Exchange 2010 Service Pack 1 and later. - -## Support by Job Group - -The following tables provide a breakdown of support by job group: - -| Job Group | Exchange Online | Exchange 2019 | Exchange 2016 | Exchange 2013 | Exchange 2010 | MAPI-Based | -| --------------------- | --------------- | ------------- | ------------- | ------------- | ------------- | ---------- | -| 1. HUB Metrics | No | Yes | Yes | Yes | Yes | No | -| 2. CAS Metrics | No | Yes | Yes | Yes | Yes | No | -| 3. Database | No | Limited\* | Limited\* | Yes | Yes | Yes | -| 4. Mailboxes | Yes | Yes | Yes | Yes | Yes | No | -| 5. Public Folders | No | No | No | Yes | Yes | Yes | -| 6. Distribution Lists | Yes | Yes | Yes | Yes | Yes | No | -| 7. Sensitive Data | Yes | Yes | Yes | Yes | Limited\* | Mix\*\* | -| 8. Exchange Online | Yes | No | No | No | No | No | - -\* Limited indicates that some of the data collectors can target the environment, but not all. - -\*\* Mix indicates some data collectors are MAPI-based, but not all. - -## Exchange Solution to Permissions Alignment - -See the following sections for permission requirements according to the job group, data collector, -or action module to be used: - -- [Exchange Mail-Flow Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mail-flow.md) - - - ExchangeMetrics Data Collector - - 1. HUB Metrics Job Group - -- [Exchange Remote Connections Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/remote-connections.md) - - - SMARTLog Data Collector - - 2. CAS Metrics Job Group - -- [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) - - - ExchangePS Data Collector - - PublicFolder Action Module - - Mailbox Action Module - - 2. CAS Metrics Job Group - - 3. Databases Job Group - - 4. Mailboxes Job Group - - 5. Public Folders Job Group - - 8. Exchange Online Job Group - -- [Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/web-services-api.md) - - - EWSMailbox Data Collector - - EWSPublicFolder Data Collector - - 7. Sensitive Data Job Group - -- [MAPI-Based Data Collector Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mapi.md) - - - Exchange2K Data Collector - - ExchangeMailbox Data Collector - - ExchangePublicFolder Data Collector - - 3. Databases Job Group - - 5. Public Folders Job Group - - 7. Sensitive Data Job Group - -**NOTE:** All MAPI-based data collectors require the **Settings** > **Exchange** node configured in -the Access Analyzer Console. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem.md deleted file mode 100644 index 4bdfca8f2d..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem.md +++ /dev/null @@ -1,121 +0,0 @@ -# File System Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -The File System solution can be configure to use Proxy servers either an applet or as a service. See -the [File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic for additional information. - -In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat -Prevention is required for event activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or -the -[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) -for installation requirements and information on collecting activity data. - -See the following topics for target environment requirements: - -- [File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) -- [File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) - -## File System Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Enterprise | Extra-Large | Large | Medium | Small | -| ----------- | ------------------------------ | ----------------------------------- | ----------------------------------- | ----------------------------------- | ----------------------------------- | -| Definition | 800+ million files and folders | Up to 800 million files and folders | Up to 500 million files and folders | Up to 200 million files and folders | Up to 100 million files and folders | -| RAM | 24 GB | 24 GB | 16 GB | 12 GB | 4 GB | -| Cores | 8 CPU | 8 CPU | 8 CPU | 4 CPU | 2 CPU | -| Disk Space | 1.5 TB | 770 GB | 470 GB | 270 GB | 130 GB | - -The above recommended disk space sizing information is based on the needs of Access Analyzer as well -as the File System solution for running Permission scans with default configuration (500 MB per -million files and folders), that means no tag collection, file-level scanning, activity, or -sensitive data. - -- For tag collection, add 125 MB per million documents to the totals above -- For activity collection, add 250 MB per million files and folders and another 125 MB per million - activity events to the totals above -- For sensitive data collection, add 500 MB per million files and folders and another 1%-10% of the - total size of the documents scanned for sensitive data (depending on targeted document types and - selected criteria) to the totals above - -For example, in order to scan 200 million files and folders, of which 10 million files will be -scanned for tag collection and sensitive data with a total size of 6 TB, you would need: 160 GB for -permission collection + 1.25 GB for tag collection (10x125 MB) + 100 GB for sensitive data -collection (200x500 MB) + 600 GB additional for sensitive data collection (10% of 6 TB) = 861.25 GB -total disk space. - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By -default, SDD scans are configured to run two concurrent threads. For example, if the job is -configured to scan 8 hosts at a time with two concurrent SDD threads, then an extra 32 GB of RAM are -required (8x2x2=32). - -Additional Server Considerations for File System Scans - -If Data Activity Tracking for NAS is required or if NetApp Filers running Clustered Data ONTAP are -in scope, reducing latency between the scanning server and the target device is highly recommended. -Additional hardware may be required, especially if the target NAS devices are not collocated with -the Access Analyzer Console server. - -Sensitive Data Discovery Auditing Requirement - -**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the -server. The JDK deployed is prepackaged and does not require any configuration; it has been -preconfigured to work with Access Analyzer and should never be customized through Java. It will not -conflict with other JDKs or Java Runtimes in the same environment. - -Permissions on the Console Server to Run File System Scans - -In most cases the Access Analyzer user is a member of the local Administrators group on the -application server. However, if the Role Based Access usage is employed, then the user assigned the -role of Job Initiator (for manual execution) or the credential used for the Schedule Service Account -(for scheduled execution) must have the following permissions to execute File System scans in local -mode, applet mode, or proxy mode with applet: - -- Group membership in either of the following local groups: - - - Backup Operators - - Administrators - -These permissions grant the credential the ability to create a high integrity token capable of -leveraging the “Back up files and directories” from where the Access Analyzer executable is run. - -Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the -installation directory. This is required by either the user account running the Access Analyzer -application, when manually executing jobs from the console, or the Schedule Service Account assigned -within Access Analyzer, when running jobs as a scheduled tasks. - -See the [File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic and the -[File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) topic for permissions required to scan -the environment. - -## File System Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Enterprise | Extra-Large | Large | Medium | Small | -| ------------------------ | ------------------------------ | ----------------------------------- | ----------------------------------- | ----------------------------------- | ----------------------------------- | -| Definition | 800+ million files and folders | Up to 800 million files and folders | Up to 500 million files and folders | Up to 200 million files and folders | Up to 100 million files and folders | -| RAM | 64 GB | 64 GB | 32 GB | 16 GB | 8 GB | -| Cores | 16 CPU | 16 CPU | 12 CPU | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | 4 | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | 160 GB | -| SQL Database Disk | 1.6 TB | 830 GB | 530 GB | 400 GB | 170 GB | -| SQL Transaction Log Disk | 390 GB | 200 GB | 170 GB | 130 GB | 70 GB | -| SQL TEMP DB Disk | 1 TB | 530 GB | 400 GB | 270 GB | 130 GB | - -Additional SQL Server Requirements for File System Scans - -The following are additional requirements for the SQL Server specifically for the File System -solution: - -- For File-level Auditing – SQL Server standard edition or higher required -- For File Activity Auditing – SQL Server Enterprise Edition is required diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/applet-mode-permissions.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/applet-mode-permissions.md deleted file mode 100644 index 8bec78f66f..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/applet-mode-permissions.md +++ /dev/null @@ -1,41 +0,0 @@ -# Applet Mode Permissions - -When File System scans are run in applet mode, it means the File System applet is deployed to the -target host when the job is executed to conduct data collection. However, the applet can only be -deployed to a server with a Windows operating system. The data is collected on the Windows target -host where the applet is deployed. The final step in data collection is to compress and transfer the -data collected in the SQLite database(s), or Tier 2 database(s), back to the Access Analyzer Console -server. If the target host is a NAS device, the File System scans will default to local mode for -that host. - -Configure the credential(s) with the following rights on the Windows target host(s): - -- Group membership in the local Administrators group -- Granted the “Backup files and directories” local policy privilege -- Granted the “Log on as a batch” privilege -- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local - Policies > Security Options privilege - -Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the -installation directory on the target host/proxy server as well as on the Access Analyzer Console -server. This is required by either the user account running the Access Analyzer application, when -manually executing jobs within the console, or the Schedule Service Account assigned within Access -Analyzer, when running jobs as a scheduled tasks. - -_Remember,_ Remote Registry Service must be enabled on the host where the applet is deployed (for -Applet Mode or Proxy Mode with Applet scans) to determine the system platform and where to deploy -the applet. - -**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials -for network authentication” must be disabled in order for the applet to start. - -Sensitive Data Discovery Auditing scans require .NET Framework 4.7.2 or later to be installed on the -server where the applet is to be deployed in order for Sensitive Data Discovery collections to -successfully occur. - -When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials -within the Connection Profile assigned to the File System scans must be properly configured as -explained above. Also the firewall rules must be configured to allow for communication between the -applicable servers. - -See the [Applet Mode Port Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/applet-mode-ports.md) topic for firewall rule information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/local-mode-permissions.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/local-mode-permissions.md deleted file mode 100644 index ad3c48f28d..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/local-mode-permissions.md +++ /dev/null @@ -1,46 +0,0 @@ -# Local Mode Permissions - -When File System scans are run in local mode, it means all of the data collection processing is -conducted by the Access Analyzer Console server across the network. The data is collected in the -SQLite database(s), or Tier 2 database(s), on the Access Analyzer Console server, and then imported -into the Access Analyzer database, or Tier 1 database, on the SQL Server. - -The account used to run either a manual execution or a scheduled execution of the File System scans, -must have the following permissions on the Access Analyzer Console server: - -- Group membership in either of the following local groups: - - Backup Operators - - Administrators - -Configure the credential(s) with the following rights on the Windows host(s): - -- Group membership in both of the following local groups: - - Power Users - - Backup Operators -- Granted the “Backup files and directories” local policy privilege - -For Windows Server target hosts, the credential also requires: - -- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local - Policies > Security Options privilege - -In order to collect data on administrative shares and local policies (logon policies) for a Windows -target, the credential must have group membership in the local Administrators group. - -Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the -installation directory on the Access Analyzer Console server. This is required by either the user -account running the Access Analyzer application, when manually executing jobs within the console, or -the Schedule Service Account assigned within Access Analyzer, when running jobs as a scheduled -tasks. - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.  By default, SDD scans -are configured to run two concurrent threads. For example, if the job is configured to scan 8 hosts -at a time with two concurrent SDD threads, then an extra 32 GB of RAM are required (8x2x2=32). - -When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials -within the Connection Profile assigned to the File System scans must be properly configured as -explained above. Also the firewall rules must be configured to allow for communication between the -applicable servers. - -See the [Local Mode Port Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/local-mode-ports.md) topic for firewall rule information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-applet-permissions.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-applet-permissions.md deleted file mode 100644 index c2c614ce9a..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-applet-permissions.md +++ /dev/null @@ -1,67 +0,0 @@ -# Proxy Mode with Applet Permissions - -When File System scans are run in proxy mode with applet, it means the File System applet is -deployed to the Windows proxy server when the job is executed to conduct data collection. The data -collection processing is initiated by the proxy server where the applet is deployed and leverages a -local mode-type scan to each of the target hosts. The final step in data collection is to compress -and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Access -Analyzer Console server. - -Configure the credential(s) with the following rights on the proxy server(s): - -- Group membership in the local Administrators group -- Granted the Backup files and directories local policy privilege -- Granted the Log on as a batch privilege -- If the applet is deployed as a service, the service account requires the Log on as a service - privilege - - - See the [FSAA: Applet Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md) topic for - additional information on the applet launch mechanism - -- If running FSAC, the service account in the credential profile requires access to the admin share - (e.g. `C$`) where the `sbtfilemon.ini` file exists - -Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the -installation directory on the proxy server as well as on the Access Analyzer Console server. This is -required by either the user account running the Access Analyzer application, when manually executing -jobs within the console, or the Schedule Service Account assigned within Access Analyzer, when -running jobs as a scheduled tasks. - -_Remember,_ Remote Registry Service must be enabled on the host where the applet is deployed (for -Applet Mode or Proxy Mode with Applet scans) to determine the system platform and where to deploy -the applet. - -**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials -for network authentication” must be disabled in order for the applet to start. - -Configure the credential(s) with the following rights on the Windows host(s): - -- Group membership in both of the following local groups: - - Power Users - - Backup Operators -- Granted the “Backup files and directories” local policy privilege - -For Windows Server target hosts, the credential also requires: - -- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local - Policies > Security Options privilege - -Sensitive Data Discovery Auditing scans require .NET Framework 4.7.2 or later to be installed on the -server where the applet is to be deployed in order for Sensitive Data Discovery collections to -successfully occur. - -When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials -within the Connection Profile assigned to the File System scans must be properly configured as -explained above. Also the firewall rules must be configured to allow for communication between the -applicable servers. - -See the [Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-applet-ports.md) topic for firewall rule -information. - -Secure Proxy Communication Considerations - -For Proxy Mode with Applet scans, the certificate exchange mechanism and certificate exchange port -must be configured via the File System Access Auditing Data Collector Wizard prior to executing a -scan. See the -[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/12.0/data-collection/fsaa/certificate-management.md) -topic for additional information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-server.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-server.md deleted file mode 100644 index 76ee1317d9..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-server.md +++ /dev/null @@ -1,106 +0,0 @@ -# Proxy Mode Server Requirements - -The Access Analyzer File System Proxy requirements apply for servers where either the service is -installed or the applet will be deployed unless otherwise stated. - -**NOTE:** Align the proxy server requirements to match the environment size the proxy server will be -handling. - -The server can be physical or virtual. The requirements for Access Analyzer are: - -- Windows Server 2016 through Windows Server 2022 - - - US English language installation - - Domain member - -RAM, CPU, and Disk Space - -RAM, CPU, and Disk Space are dependent upon the size of the target environment: - -**CAUTION:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By -default, SDD scans are configured to run two concurrent threads. For example, if the job is -configured to scan 8 hosts at a time with two concurrent SDD threads, then an extra 32 GB of RAM are -required (8x2x2=32). - -- Enterprise Environment (800 million+ files and folders) - - - 24 GB RAM - - 8 CPU Cores - - 1.5 TB Disk Space - -- Extra-Large Environment (Up to 800 million files and folders) - - - 24 GB RAM - - 8 CPU Cores - - 770 GB Disk Space - -- Large Environment (Up to 500 million files and folders) - - - 16 GB RAM - - 8 CPU Cores - - 470 GB Disk Space - -- Medium Environment (Up to 200 million files and folders) - - - 12 GB RAM - - 4 CPU Cores - - 270 GB Disk Space - -- Small Environment (Up to 100 million files and folders) - - - 4 GB RAM - - 2 CPU Cores - - 130 GB Disk Space - -The above recommended disk space sizing information is based on the needs of Access Analyzer as well -as the File System solution for running Permission scans with out of the box configuration (500 MB -per million files and folders), that means no tag collection, file-level scanning, activity, or -sensitive data. - -- For tag collection, add 125 MB per million documents to the totals above -- For activity collection, add 250 MB per million files and folders and another 125 MB per million - activity events to the totals above -- For sensitive data collection, add 500 MB per million files and folders and another 1%-10% of the - total size of the documents scanned for sensitive data (depending on targeted document types and - selected criteria) to the totals above - -For example, in order to scan 200 million files and folders, of which 10 million files will be -scanned for tag collection and sensitive data with a total size of 6 TB, you would need: 160 GB for -permission collection + 1.25 GB for tag collection (10x125 MB) + 100 GB for sensitive data -collection (200x500 MB) + 600 GB additional for sensitive data collection (10% of 6 TB) = 861.25 GB -Disk Space. - -Additional Server Requirements - -The following are additional requirements for the server: - -- .NET Framework 4.7.2 Installed - - **NOTE:** .NET Framework 4.7.2 can be downloaded from the link in the Microsoft - [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) - article. - -- Remote Registry Service enabled - - **NOTE:** The Remote Registry Service only needs to be enabled when running Applet Mode or Proxy - Mode with Applet scans. - -Sensitive Data Discovery Auditing - -The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the server. The JDK -deployed is prepackaged and does not require any configuration. It will not conflict with other JDKs -or Java Runtimes in the same environment. - -See the following topics for additional information, based on the type of proxy mode you plan to -use: - -- Proxy Mode with Applet - - - [Proxy Mode with Applet Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-applet-permissions.md) - - [Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-applet-ports.md) - -- Proxy Mode as a Service - - - [Proxy Mode as a Service Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-service-permissions.md) - - [Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-service-ports.md) diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-service-permissions.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-service-permissions.md deleted file mode 100644 index 44634c9d0b..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-service-permissions.md +++ /dev/null @@ -1,84 +0,0 @@ -# Proxy Mode as a Service Permissions - -When File System scans are run in proxy mode as a service, there are two methods available for -deploying the service: - -- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be - installed on the Windows proxy servers prior to executing the scans. This is the recommended - method. -- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the - Windows proxy server when the job is executed - -The data collection processing is conducted by the proxy server where the service is running and -leverages a local mode-type scan to each of the target hosts. The final step in data collection is -to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to -the Access Analyzer Console server. - -The secure communication is configured during the installation of the service on the proxy server. -The credential provided for the secure communications in the installation wizard is also added to -the Access Analyzer Connection Profile assigned to the File System Solution. - -File System Proxy Service Credentials - -The service can be run either as LocalSystem or with a domain account supplied during the -installation of the File System Proxy Service with the following permission on the proxy server: - -- Membership in the local Administrators group -- Granted the Log on as a service privilege (**Local Security Policies** > **Local Policies** > - **User Rights Assignment** > **Log on as a service**) -- If running FSAC, the service account in the credential profile requires access to the admin share - (for example, `C$`) where the `sbtfilemon.ini` file exists - -Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the -installation directory. - -Windows File Server Target Host Credentials - -Configure the credential(s) with the following rights on the Windows host(s): - -- Group membership in both of the following local groups: - - Power Users - - Backup Operators -- Granted the “Backup files and directories” local policy privilege - -For Windows Server target hosts, the credential also requires: - -- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local - Policies > Security Options privilege - -In order to collect data on administrative shares and local policies (logon policies) for a Windows -target, the credential must have group membership in the local Administrators group. - -Sensitive Data Discovery Auditing Consideration - -Sensitive Data Discovery Auditing scans require .NET Framework 4.7.2 or later. If running Sensitive -Data Discovery (SDD) scans, it will be necessary to increase the minimum amount of RAM. Each thread -requires a minimum of 2 additional GB of RAM per host.. By default, SDD scans are configured to run -two concurrent threads. For example, if the job is configured to scan 8 hosts at a time with two -concurrent SDD threads, then an extra 32 GB of RAM are required (8x2x2=32). - -Secure Proxy Communication Considerations - -For secure proxy communication via https, a credential is supplied during installation to provide -secure communications between the Access Analyzer server and the proxy server. This credential must -be a domain account, but no additional permissions are required. It is recommended to use the same -domain account configured to run the proxy service as a credential in the Connection Profile to be -used by the File System Solution - -Secure Proxy Communication and Certificate Exchange - -For Proxy Mode as a Service Scans, the certificate exchange mechanism and certificate exchange port -must be configured via the File System Access Auditing Data Collector Wizard prior to executing a -scan. See the -[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/12.0/data-collection/fsaa/certificate-management.md) -topic for additional information. - -Access Analyzer Connection Profile - -When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials -within the Connection Profile assigned to the File System scans must be properly configured as -explained above. Also the firewall rules must be configured to allow for communication between the -applicable servers. - -See the [Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-service-ports.md) topic for firewall -rule information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md deleted file mode 100644 index fa3fa98d25..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md +++ /dev/null @@ -1,110 +0,0 @@ -# File System Scan Options - -Required permissions on the targeted file system are dependent upon not only the type of environment -targeted but also the mode in which the data collection scan is executed. There are three primary -types of scan modes: local, applet, or proxy. The proxy mode can be conducted via applet deployment, -or via running as a service (installed in advance). - -For the purpose of this document, “applet” refers to the runtime deployment of the -`FSAAAppletServer.exe` to either the target host (applet mode scans) or the proxy host (proxy mode -with applet scans) via Microsoft Task Scheduler. A “proxy” host is any host which can be leveraged -for running File System scans against target hosts. - -## Local Mode - -When File System scans are run in local mode, it means all of the data collection processing is -conducted by the Access Analyzer Console server across the network. The data is collected in the -SQLite database(s), or Tier 2 database(s), on the Access Analyzer Console server, and then imported -into the Access Analyzer database, or Tier 1 database, on the SQL Server. - -![Illustrates the Enterprise Auditor server running the scan against a file server](/img/product_docs/accessanalyzer/requirements/solutions/filesystem/localmode.webp) - -The diagram illustrates the Access Analyzer server running the scan against a file server. - -See the following topics for additional information: - -- [Local Mode Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/local-mode-permissions.md) -- [Local Mode Port Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/local-mode-ports.md) - -## Applet Mode - -**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials -for network authentication” must be disabled in order for the applet to start. - -When File System scans are run in applet mode, it means the File System applet is deployed to the -target host when the job is executed to conduct data collection. However, the applet can only be -deployed to a server with a Windows operating system. The data is collected on the Windows target -host where the applet is deployed. The final step in data collection is to compress and transfer the -data collected in the SQLite database(s), or Tier 2 database(s), back to the Access Analyzer Console -server. If the target host is a NAS device, the File System scans will default to local mode for -that host. - -![Illustrates the Enterprise Auditor server sending an FSAA applet to a targeted Windows file server, which runs the scan against locally, and then returns data to the Enterprise Auditor server](/img/product_docs/accessanalyzer/requirements/solutions/filesystem/appletmode.webp) - -The diagram illustrates the Access Analyzer server sending an FSAA applet to a targeted Windows file -server, which runs the scan against locally, and then returns data to the Access Analyzer server. - -See the following topics for additional information: - -- [Applet Mode Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/applet-mode-permissions.md) -- [Applet Mode Port Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/applet-mode-ports.md) - -## Proxy Mode with Applet - -**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials -for network authentication” must be disabled in order for the applet to start. - -When File System scans are run in proxy mode with applet, it means the File System applet is -deployed to the Windows proxy server when the job is executed to conduct data collection. The data -collection processing is initiated by the proxy server where the applet is deployed and leverages a -local mode-type scan to each of the target hosts. The final step in data collection is to compress -and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Access -Analyzer Console server. - -![Diagram of Enterprise Auditor server sending an FSAA applet to a proxy server](/img/product_docs/accessanalyzer/install/filesystemproxy/proxymodewithapplet.webp) - -The diagram illustrates the Access Analyzer server sending an FSAA applet to a proxy server, which -runs the scan against a file server, and then returns data to the Access Analyzer server. - -See the following topics for additional information: - -- [Proxy Mode Server Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-server.md) -- [Proxy Mode with Applet Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-applet-permissions.md) -- [Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-applet-ports.md) - -## Proxy Mode as a Service - -When File System scans are run in proxy mode as a service, there are two methods available for -deploying the service: - -- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be - installed on the Windows proxy servers prior to executing the scans. This is the recommended - method. -- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the - Windows proxy server when the job is executed - -The data collection processing is conducted by the proxy server where the service is running and -leverages a local mode-type scan to each of the target hosts. The final step in data collection is -to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to -the Access Analyzer Console server. - -The proxy communication is configured during the installation of the service on the proxy server and -certificate exchange options are configured via the Applet Settings page of the File System Access -Auditing Data Collector Wizard. The credential provided for the secure communications in the -installation wizard is also added to the Access Analyzer Connection Profile assigned to the File -System Solution. - -See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/wizard.md) topic -for additional information. - -![Diagram of Enterprise Auditor server communicating securely with the proxy service on a proxy server](/img/product_docs/accessanalyzer/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp) - -The diagram illustrates the Access Analyzer server communicating securely with the proxy service on -a proxy server, which runs the scan against a file server, collecting the data locally and securely. -Then the proxy service returns data securely to the Access Analyzer server. - -See the following topics for additional information: - -- [Proxy Mode Server Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-server.md) -- [Proxy Mode as a Service Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-service-permissions.md) -- [Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-service-ports.md) diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint.md deleted file mode 100644 index 7fe13797c0..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint.md +++ /dev/null @@ -1,73 +0,0 @@ -# SharePoint Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -The SharePoint solution can be configured to run without an agent or to use the Access Analyzer -SharePoint Agent. See the [SharePoint Agent Installation](/docs/accessanalyzer/12.0/getting-started/installation/sharepoint-agent/overview.md) -topic for additional information. - -In addition to these, integration with either the Netwrix Activity Monitor is required for event -activity data to be scanned. See the -[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) -for installation requirements and information on collecting activity data. - -**NOTE:** For Activity Auditing (SPAC) scans, the audit logs generated by SharePoint must be -retained for more days than the number of days between the Access Analyzer scans. - -**_RECOMMENDED:_** When configuring the Netwrix Activity Monitor, select all events to be monitored -in both the Documents and Items section and the List, Libraries, and Site section. - -See the following topics for the SharePoint Agent and the target environment requirements: - -- [SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) -- [SharePoint Support](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/sharepoint.md) - -**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for -SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and -provisions it with the required permissions. See the -[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-register-azure-app-auth.md) topic for -additional information. - -## SharePoint Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Extra-Large | Large | Medium | Small | -| ----------- | ------------------------------------------------ | ------------------------------------------------- | ------------------------------------------------- | ----------------------------------------------- | -| Definition | ~5,000 Site Collections or 5+ TB of managed data | ~2,500 Site Collections or 1-5 TB of managed data | ~1,000 Site Collections or 500 GB of managed data | ~100 Site Collections or 100 GB of managed data | -| RAM | 24 GB | 16 GB | 12 GB | 4 GB | -| Cores | 8 CPU | 8 CPU | 4 CPU | 2 CPU | -| Disk Space | 460 GB | 280 GB | 160 GB | 80 GB | - -**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the -minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For -example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are -required (8x2=16). - -Sensitive Data Discovery Auditing Requirement - -**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the -server. The JDK deployed is prepackaged and does not require any configuration; it has been -preconfigured to work with Access Analyzer and should never be customized through Java. It will not -conflict with other JDKs or Java Runtimes in the same environment. - -## SharePoint Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Extra-Large | Large | Medium | Small | -| ------------------------ | ------------------------------------------------ | ------------------------------------------------- | ------------------------------------------------- | ----------------------------------------------- | -| Definition | ~5,000 Site Collections or 5+ TB of managed data | ~2,500 Site Collections or 1-5 TB of managed data | ~1,000 Site Collections or 500 GB of managed data | ~100 Site Collections or 100 GB of managed data | -| RAM | 64 GB | 32 GB | 16 GB | 8 GB | -| Cores | 16 CPU | 12 CPU | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | -| SQL Database Disk | 500 GB | 320 GB | 240 GB | 100 GB | -| SQL Transaction Log Disk | 120 GB | 100 GB | 80 GB | 40 GB | -| SQL TEMP DB Disk | 320 GB | 240 GB | 160 GB | 80 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agent-permissions.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agent-permissions.md deleted file mode 100644 index c88ea671db..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agent-permissions.md +++ /dev/null @@ -1,249 +0,0 @@ -# SharePoint Agent Permissions - -When Access Analyzer SharePoint scans are run in agent-based mode, the Access Analyzer SharePoint -Agent must be installed on the SharePoint Application server which hosts the Central Administration -component prior to executing the scans. This is typically the first server stood up during the -SharePoint farm installation process in this mode. The data collection processing is conducted by -the SharePoint Agent for the target environment. The final step in data collection is to transfer -the data collected in the SQLite databases, or Tier 2 databases, on the Access Analyzer SharePoint -Agent server back to the Access Analyzer Console server. - -The Access Analyzer SharePoint Agent needs to be installed on the: - -- SharePoint Application server hosting the Central Administration component - - - SharePoint® 2013 through SharePoint® 2019 - - Windows® Server 2016 through Windows® Server 2022 - -Additional Server Requirements - -The following are additional requirements for the Access Analyzer SharePoint Agent server: - -- .NET Framework 4.8 installed -- Port Sharing network feature - -Sensitive Data Discovery Auditing Requirement - -**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the -server. The JDK deployed is prepackaged and does not require any configuration; it has been -preconfigured to work with Access Analyzer and should never be customized through Java. It will not -conflict with other JDKs or Java Runtimes in the same environment. - -If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount -of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job -is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). - -## Permissions Explained - -If limited provisioning of the service account is not required by the organization, then the -following permissions are sufficient for successful agent-based scans: - -- Membership in the local Administrator group on the on server where the Access Analyzer SharePoint - Agent is installed - - - Only needed for agent installation - -- SharePoint Application Server permissions: - - - Membership in the local Backup Operators group - - - This is required so Access Analyzer can read remote registry to identify if the server is - part of the farm, what the server’s role is, and to identify the location of the - SharePoint configuration database - - - Membership in the local WSS_WPG group - - - This is required to gain read access to system resources used by Microsoft SharePoint - Foundation - - - Log on as a Service in the Local Security Policy - - Full Control on the agent install directory, default path is: - - `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` - -- SharePoint Farm permissions: - - - Membership in the Farm Read group at the farm level - - - This is required so the Access Analyzer auditing account can make calls against the - SharePoint web services to remotely gather information around permissions, site hierarchy, - content and more - - If the group does not exist already, then you need to create a new group at that level and - grant it Read access. Specifically, it is a group that exists within Central - Administration at the farm administrator level. This group only requires Read access and - is not giving farm admin access. Once the group is created, add the service account that - Access Analyzer will be leveraging to scan SharePoint. - -- Web Application permissions: - - - Custom Role with Site Collection Auditor at the web application level with the Open Items - permission - - - This is needed for Access Analyzer to execute web service calls against Central - Administration - -- SharePoint Database Server permissions: - - - SPDataAccess on the SharePoint Content database and all Configuration databases - - - This permission should be applied on the desired Configuration database and all Content - databases for the SharePoint version - - This version-specific permission is required for Access Analyzer to execute read - operations directly against the SharePoint databases, gather information from the - configuration database regarding the names and locations of the web applications and - content databases, and give read access around sites, roles, and users - -- DB_Owner on Access Analyzer database if using Windows Authentication for the Storage Profile -- MySites permissions are based on the SharePointAccess Data Collector configuration option: - - - Forcing the service account to become a temporary admin of the personal sites either as the - service account or as a member of the Company Administrators group requires SharePoint Farm - Administrator role or Site Collection Auditor at the web application housing MySites - - The skipping inaccessible personal sites option only scans sites where the service account has - administrative access - - This grants Access Analyzer rights to scan MySites - -Additional permission models are explained for a less and least permission model. - -## SharePoint Agent-Based Less Privilege Permission Model - -If restricted permissions are desired by the organization, then the following permissions are needed -for the service account to successfully run SharePoint Agent-based scans. - -Prior to installation of the SharePoint Agent, the service account to be supplied during -installation and later used to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing -scans against the targeted SharePoint environment needs the following permissions: - -- Log on as a Service in the Local Security Policy -- Membership in the local IIS_IUSRS group -- Performance Log Users (for Sensitive Data Discovery only) - -After the SharePoint Agent installation, this service account needs the following additional -permissions to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing scans: - -- Site Collection Administrator on all Site Collections to be scanned -- Membership in the local Users group on the server where the SharePoint Agent is installed -- DB_Owner on Access Analyzer database if using Windows Authentication for the Storage Profile - -If the scans include Web Application scoping, then the following permissions are needed (can be -skipped if running full farm scans): - -- Membership in the local Backup Operators group -- Membership in the local WSS_WPG group -- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Configuration database - -After the Access Analyzer SharePoint Agent is installed, ensure that the service account has the -following permissions: - -- Full Control on the agent install directory, default path is: - - `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` - -The Access Analyzer SharePoint Agent utilizes Microsoft APIs. The Microsoft APIs require an account -with the following permissions in order to collect all of the data: - -- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Content databases -- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Configuration database - -**NOTE:** If scans include Web Application scoping, this last permission requirement is already met. - -## SharePoint Agent-Based Least Privilege Permission Model - -If a least privilege model is required by the organization, then the following permissions are -needed for the service account to successfully run SharePoint Agent-based scans. - -Prior to installation of the SharePoint Agent, the service account to be supplied during -installation and later used to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing -scans the targeted SharePoint environment needs the following permissions: - -- Log on as a Service in the Local Security Policy -- Service Account SID added to the `SMSvcHost.exe.config` file -- Performance Log Users (for Sensitive Data Discovery only) - -After the SharePoint Agent installation, this service account needs the following additional -permissions to run the Access Auditing (SPAA) scans: - -- Site Collection Administrator on all Site Collections to be scanned -- Membership in the local Users group on the server where the SharePoint Agent is installed -- DB_Owner on Access Analyzer database if using Windows Authentication for the Storage Profile - -If the scans include Web Application scoping, then the following permissions are needed (can be -skipped if running full farm scans): - -- READ Access on the following registry keys: - - - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg` - - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowPaths` - - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowExactPaths` - - For SharePoint 2013: - - - `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\Secure` - - `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\Secure\ConfigDB` - -- DB_DataReader on the SharePoint Configuration database -- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Configuration - database: - - - `proc_getObject` - - `proc_getObjectsByClass` - - `proc_getObjectsByBaseClass` - - `proc_getDependentObjectsByBaseClass` - - `proc_ReturnWebFeatures` - -After the Access Analyzer SharePoint Agent is installed, ensure that the service account has the -following permissions: - -- Full Control on the agent install directory, default path is: - - `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` - -The Access Analyzer SharePoint Agent utilizes Microsoft APIs. The Microsoft APIs require an account -with the following permissions in order to collect all of the data: - -- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Configuration - database: - - - `proc_getObject` - - `proc_getObjectsByClass` - - `proc_getObjectsByBaseClass` - - `proc_getDependentObjectsByBaseClass` - - `proc_ReturnWebFeatures` - - **NOTE:** The above four stored procedures would already have the correct permissions if Web - Application scoping is desired. - - - `[dbo].proc_getSiteName` - - `[dbo].proc_getSiteMap` - - `[dbo].proc_getSiteMapById` - -- DB_DataReader on the SharePoint Content databases and SharePoint AdminContent database, if - applicable -- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Content - databases and SharePoint AdminContent database (if applicable): - - - `[dbo].proc_EnumLists` - - `[dbo].proc_GetTpWebMetaDataAndListMetaData` - - `[dbo].proc_GetListMetaDataAndEventReceivers` - - `[dbo].proc_GetSiteProps` - - `[dbo].proc_GetListWebParts` - - `[dbo].proc_GetWebFeatureList` - - `[dbo].proc_GetListFields` - - `[dbo].proc_GetDocsMetaInfo` - - `[dbo].proc_GetDocIdUrl` - - `[dbo].proc_ListChildWebs` - - `[dbo].proc_ListChildWebs` - - `[dbo].proc_ListUrls` - - `[dbo].proc_ListChildWebs` - - `[dbo].proc_SecListAllSiteMembers` - - `[dbo].proc_SecRefreshToken` - - `[dbo].proc_SecListSiteGroups` - - `[dbo].proc_SecListSiteGroupMembership` - - `[dbo].proc_SecGetRoleDefs` - - `[dbo].proc_SecListSiteGroups` - - `[dbo].proc_SecListScopeUsers` - - `[dbo].proc_SecListScopeGroups` - - `[dbo].proc_SecAddWebMembership` - - `[dbo].proc_SecGetSecurityInfo` - - `[dbo].proc_SecGetPrincipalByLogin` - - `[dbo].proc_SecGetPrincipalDisplayInformation20` - - `[dbo].proc_SecGetRoleBindingsForAllPrincipals` diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agentless-permissions.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agentless-permissions.md deleted file mode 100644 index 43878eabbe..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agentless-permissions.md +++ /dev/null @@ -1,61 +0,0 @@ -# SharePoint Agent-Less Permissions - -When SharePoint agent-less scans are run, it means all of the data collection processing is -conducted by the Access Analyzer Console server across the network. - -The SharePoint agent-less scan architecture requires permissions to be configured on the specified -server: - -- SharePoint Application Server permissions: - - - Membership in the local Backup Operators group - - - This is required so Access Analyzer can read remote registry to identify if the server is - part of the farm, what the server’s role is, and to identify the location of the - SharePoint configuration database. - - - Membership in the local WSS_WPG group - - - This is required to gain read access to system resources used by Microsoft SharePoint - Foundation. - -- SharePoint Farm permissions: - - - Membership in the Farm Read group at the farm level - - - This is required so the Access Analyzer auditing account can make calls against the - SharePoint web services to remotely gather information around permissions, site hierarchy, - content and more. - - If the group does not exist already, then you will need to create a new group at that - level and grant it ‘Read’ access. Specifically, it is a group that exists within Central - Administration at the farm administrator level. This group only requires ‘Read’ access and - is not giving farm admin access. Once the group is created, add the service account that - Access Analyzer will be leveraging to scan SharePoint. - -- Web Application permissions: - - - Custom Role with Site Collection Auditor at the web application level with the Open Items - permission - - - This is needed for Access Analyzer to execute web service calls against Central - Administration. - -- SharePoint Database Server permissions: - - - SPDataAccess on the on the SharePoint Content database and all Configuration databases - - - This permission should be applied on the desired Configuration database and all Content - databases for the SharePoint version. - - This version-specific permission is required for Access Analyzer to execute read - operations directly against the SharePoint databases, gather information from the - configuration database regarding the names and locations of the web applications and - content databases, and give read access around sites, roles, and users. - -- MySites permissions are based on the SharePointAccess Data Collector configuration option: - - - Forcing the service account to become a temporary admin of the personal sites either as the - service account or as a member of the Company Administrators group requires SharePoint Farm - Administrator role or Site Collection Auditor at the web application housing MySites. - - The skipping inaccessible personal sites option will only scan sites where the service account - has administrative access. It requires the service account to be provisioned prior to the scan - to scan OneDrives / personal sites. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/online-permissions.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/online-permissions.md deleted file mode 100644 index 852d643c87..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/online-permissions.md +++ /dev/null @@ -1,62 +0,0 @@ -# SharePoint Online Permissions - -SharePoint Online environments can only be scanned in Agent-less mode. When SharePoint agent-less -scans are run, it means all of the data collection processing is conducted by the Access Analyzer -Console server across the network. - -## Modern Authentication - -The SharePoint agent-less scan architecture uses modern authentication in the target environment: - -Tenant Global Administrator Role - -- Tenant Global Administrator role is required to provision the application - - - Modern authentication enables Access Analyzer to scan SharePoint Online and all OneDrives in - the target environment - -Permissions for Microsoft Graph APIs - -- Application Permissions: - - - Application.Read.All – Read all applications - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - Domain.Read.All – Read domains - - Files.Read.All – Read files in all site collections - - GroupMember.Read.All – Read all group memberships - - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an - organization - - Member.Read.Hidden – Read all hidden memberships - - Organization.Read.All – Read organization information - - OrgContact.Read.All – Read organization contact - - Policy.Read.All – Read your organization's policies - - Policy.Read.ConditionalAccess – Read you organization's conditional access policies - - Policy.Read.PermissionGrant – Read consent and permission grant policies - - ServiceHealth.Read.All – Read service health - - ServiceMessage.Read.All – Read service messages - - Sites.Read.All – Read items in all site collections - - Team.ReadBasic.All – Get a list of all teamss - - TeamMember.Read.All – Read the members of all teams - -- Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -Permissions for Office 365 Management APIs - -- Application Permissions: - - - ActivityFeed.Read – Read activity data for your organization - - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data - - ServiceHealth.Read – Read service health information for your organization - -Permissions for SharePoint APIs - -- Application Permissions: - - - Sites.FullControl.All – Have full control of all site collections - - Sites.Read.All – Read items in all site collections - - TermStore.Read.All – Read managed metadata - - User.Read.All – Read user profiles diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md deleted file mode 100644 index 9babbb6a0b..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md +++ /dev/null @@ -1,48 +0,0 @@ -# SharePoint Scan Options - -Required permissions on the targeted SharePoint environment are dependent upon not only the type of -environment targeted but also the type of data collection scan being executed. There are two types -of Access Auditing (SPAA) and/or Sensitive Data Discovery Auditing scans: agent-based and -agent-less. The Activity Auditing (SPAC) scans run as agent-less scans from Access Analyzer, but -they require the Netwrix Activity Monitor to have an activity agent deployed in the target -environment. - -## Agent-Based Type - -When Access Analyzer SharePoint scans are run in agent-based mode, the Access Analyzer SharePoint -Agent must be installed on the SharePoint Application server which hosts the Central Administration -component prior to executing the scans. This is typically the first server stood up during the -SharePoint farm installation process in this mode. The data collection processing is conducted by -the SharePoint Agent for the target environment. The final step in data collection is to transfer -the data collected in the SQLite databases, or Tier 2 databases, on the Access Analyzer SharePoint -Agent server back to the Access Analyzer Console server. - -**NOTE:** Agent-based scans can only target on-premise environments. - -See the following topics for additional information: - -- [SharePoint Agent Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agent-permissions.md) -- [SharePoint Agent Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agent-ports.md) - -## Agent-Less Type - -When SharePoint agent-less scans are run, it means all of the data collection processing is -conducted by the Access Analyzer Console server across the network. - -**NOTE:** Agent-less scans can target both on-premise and online environments. This is the only scan -mode that can run Activity Auditing (SPAC) scans. - -For Activity Auditing (SPAC) scans, target the server where the Netwrix Activity Monitor has a -deployed activity agent. - -See the following topics for additional information: - -- SharePoint Online - - - [SharePoint Online Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/online-permissions.md) - - [SharePoint Online Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/online-ports.md) - -- SharePoint On-Premise - - - [SharePoint Agent-Less Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agentless-permissions.md) - - [SharePoint Agent-Less Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agentless-ports.md) diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/unix.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/unix.md deleted file mode 100644 index 0f7d3ca055..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/unix.md +++ /dev/null @@ -1,36 +0,0 @@ -# Unix Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -See the [Target Unix Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/unix.md) topic for target -environment requirements. - -## Unix Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ------ | -------------- | -| RAM | 8+ GB | 4+ GB | -| Cores | 4+ CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Unix Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ------ | -------------- | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/windows.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/windows.md deleted file mode 100644 index cb0206bdbe..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/windows.md +++ /dev/null @@ -1,37 +0,0 @@ -# Windows Solution - -The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access -Analyzer Console server, SQL Server, and Access Information Center. See the -[Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/overview.md) topic for the core requirements. - -See the -[Target Windows Server and Desktop Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/windows.md) topic -for target environment requirements. - -## Windows Solution Requirements on the Access Analyzer Console - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment: - -| Environment | Large | Medium – Small | -| ----------- | ------ | -------------- | -| RAM | 8+ GB | 4+ GB | -| Cores | 4+ CPU | 2 CPU | -| Disk Space | 30 GB | 30 GB | - -## Windows Solution Requirements on the SQL Server - -RAM, CPU, and Disk Space - -These are dependent upon the size of the target environment. - -| Environment | Large | Medium – Small | -| ------------------------ | ------ | -------------- | -| RAM | 16+ GB | 16+ GB | -| Cores | 8 CPU | 4 CPU | -| Number of Disks | 4 | 4 | -| Operating System Disk | 160 GB | 160 GB | -| SQL Database Disk | 300 GB | 70-120 GB | -| SQL Transaction Log Disk | 80 GB | 50 GB | -| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/active-directory-permissions-analyzer.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/active-directory-permissions-analyzer.md deleted file mode 100644 index 6a1a009634..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/active-directory-permissions-analyzer.md +++ /dev/null @@ -1,49 +0,0 @@ -# Domain Target Requirements, Permissions, and Ports - -The Access Analyzer for Active Directory Permissions Analyzer Solution is compatible with the -following Active Directory versions as targets: - -- Windows Server 2016 and later -- Windows 2003 Forest level or higher - -**NOTE:** See the Microsoft -[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) -article for additional information. - -Domain Controller Requirements - -The following are requirements for the domain controllers to be scanned: - -- .NET Framework 4.5+ installed -- WINRM Service installed - -Data Collectors - -Successful use of the Access Analyzer Active Directory Permissions Analyzer solution requires the -necessary settings and permissions in a Microsoft® Active Directory® environment described in this -topic and its subtopics. This solution employs the following data collectors to scan the domain: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [ADPermissions Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md) - -## Permissions - -- LDAP Read permissions -- Read on all AD objects -- Read permissions on all AD Objects - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For ADPermissions Data Collector - -- TCP 389 -- TCP 135 – 139 -- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/aws.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/aws.md deleted file mode 100644 index 2d6d983364..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/aws.md +++ /dev/null @@ -1,50 +0,0 @@ -# Target Amazon Web Service Requirements, Permissions, and Ports - -The Access Analyzer for AWS Solution provides the ability to audit Amazon Web Services (AWS) to -collect IAM users, groups, roles, and policies, as well as S3 permissions, content, and sensitive -data from target AWS accounts. It scans: - -- Amazon AWS IAM -- Amazon AWS S3 - -Data Collector - -This solution employs the following data collector to scan the target environment: - -- [AWS Data Collector](/docs/accessanalyzer/12.0/data-collection/aws/overview.md) - -## Permissions - -The permissions required to scan an AWS account are based on the type of information being -collected: - -- To collect details about the AWS Organization, the following permission is required: - - - organizations:DescribeOrganization - -- To collect details regarding IAM, the following permissions are required: - - - iam:GenerateCredentialReport - - iam:GenerateServiceLastAccessedDetails - - iam:Get\* - - iam:List\* - - iam:Simulate\* - - sts:GetAccessKeyInfo - -- To collect details related to S3 buckets and objects, the following permissions are required: - - - s3:Describe\* - - s3:Get\* - - s3:HeadBucket - - s3:List\* - -This provides a least privilege model for your auditing needs. See the -[Configure AWS for Scans](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md) topic for additional information. - -## Ports - -The following firewall ports are needed: - -For AWS Data Collector - -- 443 diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/box.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/box.md deleted file mode 100644 index d7aa6a445c..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/box.md +++ /dev/null @@ -1,64 +0,0 @@ -# Target Box Requirements, Permissions, and Ports - -The Access Analyzer for Box scans: - -- Box for Business - -Box Requirements - -The following are requirements from the target environment: - -- Enterprise_ID of the target Box environment - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [Box Data Collector](/docs/accessanalyzer/12.0/data-collection/box/overview.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For Box Data Collection - -Box scans require the Enterprise Admin or Co-Admin account credentials to generate an authorization -code. The following can be used as a least privilege model: - -- Enterprise Admin account -- Co-Admin account with the permission to **Run new reports and access existing reports** enabled - - - See the Box - [Co-Admin Permissions Required to Run Reports](https://support.box.com/hc/en-us/articles/15518640907283-Co-Admin-Permissions-Required-to-Run-Reports) - article for details on enabling this permission - -**NOTE:** Scans run with Co-Admin account credentials will complete. However, the data returned from -the scan might not include content owned by the Enterprise Admin account. - -See the [Recommended Configurations for the Box Solution](/docs/accessanalyzer/12.0/solutions/box/recommended.md) topic -for additional information. - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For Box Data Collector - -- TCP 80 -- TCP 443 diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md deleted file mode 100644 index 84361f2aa5..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md +++ /dev/null @@ -1,211 +0,0 @@ -# Configure AWS for Scans - -In order to scan multiple AWS accounts using one account you need to create a role in each target -account, so that It can provide the designated scanning account permissions to scan resources it -controls. This is achieved through the following steps which will need to be completed leveraging a -user with administrative access to each target account: - -**Step 1 –** Create a Managed Policy in each target account that will be used to allow access to -account (S3, Org and IAM). - -**Step 2 –** Create a Role in each target account that will be used to allow access to listing IAM -users. - -**Step 3 –** Create a Managed Policy in the designated scanning account that will be used to allow -the service account to assume the configured role in each target account. - -**Step 4 –** Add Role to Access Analyzer. The Role created in the scanning account will need to be -added to the **1-AWS_OrgScan**, **2-AWS_S3Scan**, and **3-AWS_IAMScan** job query configurations. -See the [AWS: Login Roles](/docs/accessanalyzer/12.0/data-collection/aws/login-roles.md) topic for additional -information. - -Once these steps are completed, the role must be added to the AWS queries within Access Analyzer. - -## Create a Managed Policy in Each Target Account - -The following steps will need to be completed in each target account. - -**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the -Trusting account. - -![Create policy in Identity and Access Management (IAM) Console](/img/product_docs/accessanalyzer/requirements/target/config/policies.webp) - -**Step 2 –** Browse to the Identity and Access Management (IAM) Console. Navigate to **Policies** -and click **Create policy**. - -![JSON tab in the Policy editor](/img/product_docs/accessanalyzer/requirements/target/config/jsontabpolicies.webp) - -**Step 3 –** Select the **JSON** tab. - -**Step 4 –** Paste the following: - -``` -{ -    "Version": "2012-10-17", -    "Statement": [ -        { -            "Sid": "CapabilityIamScan", -            "Effect": "Allow", -            "Action": [ -                "iam:GenerateCredentialReport", -                "iam:GenerateServiceLastAccessedDetails", -                "iam:Get*", -                "iam:List*", -                "iam:Simulate*", -        "sts:GetAccessKeyInfo" -            ], -            "Resource": "*" -        }, -        { -            "Sid": "CapabilityS3Scan", -            "Effect": "Allow", -            "Action": [ -                "s3:Describe*", -                "s3:Get*", -                "s3:HeadBucket", -                "s3:List*" -            ], -            "Resource": "*" -        } -    ] -} -``` - -**Step 5 –** Click **Review Policy**. - -**Step 6 –** Enter a name for the policy in the **Name** box. - -![Review policy page](/img/product_docs/accessanalyzer/requirements/target/config/reviewpolicy.webp) - -**Step 7 –** Click **Create Policy**. - -**NOTE:** If the designated scanning account is not in Root (Master Account), create a second policy -in the Master Account with the following JSON definition: - -[Copy]() - -``` -{ -    "Version": "2012-10-17", -    "Statement": [ -        { -            "Sid": "RequiredCapabilityOrgScan", -            "Effect": "Allow", -            "Action": [ -                "iam:GenerateOrganizationsAccessReport", -                "organizations:Describe*", -                "organizations:List*" -            ], -            "Resource": "*" -        } -    ] -} -``` - -The next step is to create a role in each target account that will be used to allow access to -listing IAM users. - -## Create a Role in Each Target Account - -The following steps will need to be completed in each target account. For this, you will need the -Account ID of the designating scanning account. - -**NOTE:** If the scanning account is also a target account, be sure to complete these steps for the -scanning account as well. - -**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the -target account. - -![Create role in Identity and Access Management (IAM) Console](/img/product_docs/accessanalyzer/requirements/target/config/roles.webp) - -**Step 2 –** Navigate to **Access management** > **Roles** and click **Create role**. - -![Create role page Another AWS account option](/img/product_docs/accessanalyzer/requirements/target/config/createrole.webp) - -**Step 3 –** Select the **Another AWS Account** option and add the Account ID of the scanning -account that will be leveraged within Access Analyzer. - -**Step 4 –** Click **Next: Permissions**. - -![Add policies to role](/img/product_docs/accessanalyzer/requirements/target/config/policiesadd.webp) - -**Step 5 –** Add the policy or policies created earlier in this topic to this role. - -**Step 6 –** Click **Next: Tags**. - -**Step 7 –** Click **Next: Review**. - -![Create role Review page](/img/product_docs/accessanalyzer/requirements/target/config/reviewrole.webp) - -**Step 8 –** Enter a **Role name**. - -**Step 9 –** Click **Create Role**. - -The next step is to create a Managed Policy in the designated scanning account that will be used to -allow the service account to assume the configured role in each target account. - -## Configure the Scanning Account - -Create a Managed Policy in the scanning account that will be used to allow the user to assume the -roles configured in each target account. - -**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the -scanning account. - -![Create policy in Identity and Access Management (IAM) Console](/img/product_docs/accessanalyzer/requirements/target/config/policies.webp) - -**Step 2 –** Navigate to **Access Management** > **Policies** and click **Create policy**. - -![JSON tab in the Policy editor](/img/product_docs/accessanalyzer/requirements/target/config/jsontabaccount.webp) - -**Step 3 –** Select the **JSON** tab. - -**Step 4 –** Paste the following: - -``` -{ -    "Version": "2012-10-17", -    "Statement": [ -        { -            "Sid": "RequiredCapabilityOrgScan", -            "Effect": "Allow", -            "Action": [ -                "iam:GenerateOrganizationsAccessReport", -                "organizations:Describe*", -                "organizations:List*" -            ], -            "Resource": "*" -        }, -        { -            "Sid": "RequiredCapabilityMemberAccountAccess", -            "Effect": "Allow", -            "Action": "sts:AssumeRole", -            "Resource": "arn:aws:iam::*:role/ROLENAME" -        } -    ] -} -``` - -**NOTE:** Replace `ROLENAME` with the name of the role that was created. If the `ROLENAME` is -different in each account, then a policy will need to be created for each distinct role name. - -**Step 5 –** Click **Review Policy**. - -![Review policy page Name field](/img/product_docs/accessanalyzer/requirements/target/config/reviewpolicyaccount.webp) - -**Step 6 –** Enter a **Policy Name**. - -**Step 7 –** Click **Create Policy**. - -**Step 8 –** Create a group with the service account user and assign both policies to this group. - -**Step 9 –** Under **Access Management** > **Users**, select the service account user. - -![Security credentials tab](/img/product_docs/accessanalyzer/requirements/target/config/securitycredentials.webp) - -**Step 10 –** In the Security credentials tab, click **Create access key**. Make sure to note the -Access key ID and Secret access key which need to be input into Access Analyzer. - -You can now create the Connection Profile for the AWS Solution. See the -[Amazon Web Services for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/aws.md) topic -for additional information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-files.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-files.md deleted file mode 100644 index 7b2fa5b043..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-files.md +++ /dev/null @@ -1,92 +0,0 @@ -# Azure Files Target Requirements - -Azure Files is a fully managed, cloud-based file sharing service from Microsoft that allows users to -access file shares from anywhere as a virtual network drive. Access Analyzer uses the File System -solution to execute Access Auditing (FSAA) and Sensitive Data Discovery Auditing scans on Azure -Files. - -Before the File System solution can perform scans for Azure Files, the following prerequisites are -required both in Access Analyzer and the Azure environments: - -- [Create Host List](#create-host-list) -- [Configure Connection Profile](#configure-connection-profile) -- [Job and Query Configuration](#job-and-query-configuration) - -## Create Host List - -A host list containing the desired target Azure hosts must be created and assigned to the collection -jobs. You can create the host list with either of the following two methods: - -- Use the FS_AzureTenantScan instant job to create the host list automatically. See the - [FS_AzureTenantScan Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/fs-azuretenantscan.md) topic for - additional information. -- Manually add hosts to a host list in the following format: - - `.file.core.windows.net` - - See the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) topic for additional - information. - -## Configure Connection Profile - -The Access Analyzer connection profile requires two or more credentials depending on the amount of -storage accounts being targeted. It requires an active directory account with rights to run the -applet, and credentials for each storage account. These should be configured as follows: - -- Account for running applet - - - Select Account type – Active Directory - - Provide the credentials for an account with the privileges to run the FSAA applet. See the - [File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic for additional - information on the required permissions. - -- Accounts for storage accounts - - - Select Account Type – Azure Active Directory - - ![Storage account name and Connection string in Azure](/img/product_docs/accessanalyzer/requirements/target/config/accesskeys.webp) - - - Client ID – The name of the storage account - - - For example, if the target is `files.file.core.windows.net` then the Client ID should be - `files`. It is not case sensitive. - - - Key – Connection string value for access keys on the storage account - - If you are targeting multiple storage accounts, a user credential of this type is required for - each storage account. - -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional -information. - -## Job and Query Configuration - -Azure Files scans require the following configuration of the job and query performing the scan. - -### Jobs Targeting Azure Files - -For FSAA and SEEK scans targeting Azure Files storage accounts, you must clear the **Skip Hosts that -do not respond to PING** option in the job properties. - -![Skip Hosts option on Performance tab of the Job Properties window](/img/product_docs/accessanalyzer/requirements/target/config/skiphostsoption.webp) - -Right-click on the required scan job in the Jobs tree, and select **Properties** to open the Job -Properties window. Navigate to the Performance tab, and ensure the **Skip Hosts that do not respond -to PING** option is not selected. See the -[Job Properties](/docs/accessanalyzer/12.0/administration/job-management/job/properties/overview.md) and -[Performance Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/performance.md) topics for additional -information. - -### Query Configuration Considerations - -Last Access Time (LAT) preservation is not supported for Azure Files scans. This option must not be -selected in the query for the FSAA or SEEK scan job. - -![Last Access Time (LAT) preservation option in FSAA DC wizard](/img/product_docs/accessanalyzer/requirements/target/config/latpreservationoption.webp) - -The **Last Access Time (LAT) preservation** option is located on the Default Scoping Options page of -the File System Access Auditor Data Collector Wizard. See the -[Configure the (FSAA) File System Scan Query](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa-system-scans.md#configure-the-fsaa-file-system-scan-query) -or -[Configure the (SEEK) File System Scan Query](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek-system-scans.md#configure-the-seek-file-system-scan-query) -topic for additional information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-information-protection.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-information-protection.md deleted file mode 100644 index 8c5ff2367b..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-information-protection.md +++ /dev/null @@ -1,224 +0,0 @@ -# Azure Information Protection Target Requirements - -Microsoft® Azure is a cloud-based computing platform that provides a range of services, such as -file storage. Azure uses Azure Information Protection (AIP) labels, a Microsoft tool used to -classify and protect stored files. Access Analyzer employs the File System Solution to execute -Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans in order to find AIP -Protection labels and scan protected (i.e. encrypted) files for sensitive data. - -This document provides information needed to properly configure access required by Access Analyzer -to successfully scan for Azure Information Protection labels in a targeted environment. - -**NOTE:** Access Analyzer does not scan for AIP Marking labels, only Protection labels. - -## Workflow for Scanning AIP Labels - -Before the Access Analyzer File System solution can scan for Azure Information Protection (AIP) -labels, certain prerequisites are required both in Access Analyzer and Azure environments. - -1. [Rights Management Service Client Installation](#rights-management-service-client-installation) -2. [Create a Service Principal Account using PowerShell](#create-a-service-principal-account-using-powershell) -3. [Enable the Account as an AIP Super User using PowerShell](#enable-the-account-as-an-aip-super-user-using-powershell) -4. [Add User to the AIP Role in Microsoft® Azure](#add-user-to-the-aip-role-in-microsoft-azure) -5. Azure Information Protection Target Requirements -6. Enable settings in FSAA Data Collector in Access Analyzer. - - - See the FileSystemAccess Data Collector section in the - [File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) topic for additional - information - -## Prerequisites - -Ensure the following prerequisites are met before configuring AIP scanning: - -- Microsoft Entra ID Admin credentials -- The PowerShell `Install-Module` command requires: - - - PowerShell 5.0 (Run as Administrator) - - Windows Server 2016and later - -- Active Directory Rights Management Services Client 2.1 installed on the server where the FSAA - applet or proxy is being run - -## Rights Management Service Client Installation - -The Rights Management Service Client must be installed on the applet servers where FSAA is running. -This may be the local Access Analyzer server, a Proxy server, or a File Server running in applet -mode. - -- To install the Rights Management Service Client 2.1 on the server where the scan is taking place, - go to the Microsoft download center: - - [https://www.microsoft.com/en-us/download/details.aspx?id=38396](https://www.microsoft.com/en-us/download/details.aspx?id=38396) - -**_RECOMMENDED:_** Read the System Requirements and Install Instructions provided by Microsoft to -complete the installation. - -## Create a Service Principal Account using PowerShell - -Follow the steps to create a service principal account with a symmetric key to connect to AIP: - -**NOTE:** All PowerShell commands should be run in order through PowerShell as an Admin. - -**Step 1 –** Open up PowerShell (Administrator). - -**Step 2 –** Install and import MsOnline module: - -``` -Install-Module MsOnline -Import-Module MsOnline -``` - -**Step 3 –** Connect to Azure with the `Connect-MsolService` command. Enter the Azure credentials in -the **Sign in to your account** window that displays from Microsoft. - -**Step 4 –** Once successfully connected to Azure, create a service principal with the following -command: - -``` -New-MsolServicePrincipal -``` - -> Enter the **DisplayName** of the new service principal name. (For example, AIP_EnterpriseAuditor) - -**Step 5 –** Take note and save the **Symmetric Key** and **AppPrincipalID** to be used in later -steps. - -**CAUTION:** Do not lose the symmetric key. It is not retrievable again once the PowerShell window -is closed. - -The service principal account with the proper key has been created. - -## Enable the Account as an AIP Super User using PowerShell - -Follow the steps to enable the Service Principal Account in AIP as a Super User: - -**NOTE:** All PowerShell commands should be run in order through PowerShell as an Admin. - -**Step 1 –** In PowerShell, install Microsoft Azure Active Directory Rights Manager (AIPService) -module: - -``` -Install-Module AIPService -Import-Module AIPService -``` - -**Step 2 –** Connect to Azure using the `Connect-AIPService` command and supply Azure credentials in -the **Sign in to your account** window that displays from Microsoft. - -**Step 3 –** Add the service principal to the Azure AD Rights Management service super users, using -the AppPrincipalID saved from the steps in the -[Create a Service Principal Account using PowerShell](#create-a-service-principal-account-using-powershell) -section: - -``` -Add-AipServiceSuperUser-ServicePrincipalID -``` - -**Step 4 –** Enable the DisplayName account using the following command: - -``` -Enable-AIPServiceSuperUserFeature -``` - -The Service Principal Account is now added to the Rights Management service as a Super User, and the -Super User feature is enabled. - -## Add User to the AIP Role in Microsoft® Azure - -In Microsoft Azure, add the Account to the Azure Information Protection Administrator Role. - -**Step 1 –** Log into **http://portal.azure.com** with Azure credentials and select **Microsoft -Entra ID** from the list of resources on the left-hand pane. - -**Step 2 –** Navigate to **Roles and Administrators**. On the Administrative Roles page, select the -**Azure Information Protection Administrator** role. - -**Step 3 –** Use the **Add Assignment** button to display the Add assignments pane. Search for the -name of the new service principal account (the **DisplayName** entered in PowerShell) and add it to -the list of assignments. - -The Service Principal Account is now successfully added to the Azure Information Protection -Administrator role. - -## Access Analyzer Configurations - -Before Access Analyzer can scan for AIP labels, two configurations must be done prior to the initial -scan. - -- [Azure Connection Profile ](#azure-connection-profile) -- [Configure FSAA Data Collector](#configure-fsaa-data-collector) - -### Azure Connection Profile - -To collect tags for files protected with Azure Information Protection, an Azure connection profile -must be configured in Access Analyzer before an FSAA scan runs. See the -[Global Settings](/docs/accessanalyzer/12.0/administration/settings/overview.md) topic for additional information on how to -set up a connection profile at the global level. - -**Step 1 –** In Access Analyzer, add a credential for an Azure Active Directory account type to the -existing Connection Profile used for File System scanning. Supply the Client ID field with the -**AppPrincipalID** and the Key field with the **Symmetric key** created upon creation of the new -service principal. - -**Step 2 –** At the job level, apply the connection profile that contains both the Microsoft Entra -ID credential and credentials required for File System scanning under the **Jobs** > [__Job__] > -**Settings** > **Connection** node. - -**Step 3 –** Ensure that the job is configured correctly before running a scan. See the -[Configure FSAA Data Collector](#configure-fsaa-data-collector) topic for additional information. - -An Azure Connection Profile has now been successfully created for an FSAA scan. - -### Configure FSAA Data Collector - -In Access Analyzer, configure the FSAA Data Collector wizard pages to scan files protected by Azure -Information Protection. This can be done for both FSAA System Scans and SEEK System Scans. In the -FSAA Data Collector Wizard, configure the following menus to scan for AIP protection labels: - -For FSAA System Scans: - -- Scan Server Selection – Choose the server that scanning is executed on. Target the server that has - the Rights Management Service Client 2.1 installed where the applet is running. - - - This may be a proxy server, file server (applet mode), or the local Access Analyzer console - depending on scan configuration - -- Scan Settings – Select the **Enable scanning of files protected by Azure Information Protection** - checkbox to add AIP files to the scan criteria -- Azure Tenant Mapping page – Add the **AppPrincipalID** (App ID) and the **Domain Name** or - **Tenant ID** - - _Remember,_ the Azure Tenant Mapping page is only visible when the **Enable scanning of files - protected by Azure Information Protection** checkbox is selected on the Scan Settings page. - -- Default Scoping Options - - - File Details tab – **Include files protected by Azure Information Protection (AIP)** - - File Properties (Folder Summary) – **Include AIP Protected Files** - -- Scoping Options – if needed, scope to a specific subset of resources on a selected host - -For SEEK System Scans: - -- Scan Server Selection – Choose the server that scanning is executed on. Target the server that has - the Rights Management Service Client 2.1 installed where the applet is running. - - - This may be a proxy server, file server (applet mode), or the local Access Analyzer console - depending on scan configuration - -- Scan Settings – Select the **Enable scanning of files protected by Azure Information Protection** - checkbox to add AIP files to the scan criteria -- Azure Tenant Mapping page – Add the **AppPrincipalID** (App ID) and the **Domain Name** or - **Tenant ID** - - _Remember,_ the Azure Tenant Mapping page is only visible when the **Enable scanning of files - protected by Azure Information Protection** checkbox is selected on the Scan Settings page. - -- Scoping Options – if needed, scope to a specific subset of resources on a selected host -- Sensitive Data Settings – Select **Decrypt Files Protected by Azure Information Protection**. This - page only applies for SEEK scans. - -See the FileSystemAccess Data Collector section in the -[File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) topic for additional information -on these scoping options. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-sql-access.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-sql-access.md deleted file mode 100644 index 038c10f932..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-sql-access.md +++ /dev/null @@ -1,204 +0,0 @@ -# Azure SQL Auditing Configuration - -Access Analyzer for Azure SQL relies on the native Azure SQL auditing capabilities to collect and -report on user activity, as well as successful or unsuccessful server or database logon activity. -Azure SQL Auditing supports three different audit log destinations. At present Access Analyzer only -supports storage as the audit log destination. This document describes the necessary permissions -required to configure the Access Analyzer Azure SQL Job Group. - -Access Analyzerfor Azure SQL enables users to create custom roles which allow for differential -access to Access Analyzer. - -Within Access Analyzer for Azure SQL, roles are created specifically to target Azure SQL Databases: - -- Stand-Alone Databases -- Managed Instances -- Elastic Pools - -Role can be largely defined by the scope that particular role possesses. A scope-defined role has -access to, or is limited to all resources in a Management Group, Subscription, Resource Group or -Resource. For example, if all SQL databases reside within a resource group, then the scope can be -restricted to that resource group. If databases reside in different resource groups, then the scope -for the custom role should be at the subscription level. - -This will enable Access Analyzer to discover all the SQL databases present in the subscription. - -## Create a StealthAUDIT Custom Role - -Follow the steps below to create an Azure SQL custom role at the subscription level. - -![Azure Portal - Azure Services](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_1.webp) - -**Step 1 –** Sign in to Azure. Navigate to the Azure Services section and click **Subscriptions**. -This will navigate you to the Pay-As-You-Go page of the Azure Portal. - -**Step 2 –** Locate and click the **Access Control (IAM)** view option blade from the available -subscriptions in the left-hand menu. - -![Azure Portal - Pay as you Go - Access Control (IAM)](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_2.webp) - -**Step 3 –** Click **Add** > Add **Custom Role**. - -**Step 4 –** Create a JSON file using the subscription ID provided by Microsoft Azure (see the -example below) and save it to a local directory. - -```json -{ - "properties": { - "roleName": "StealthAUDIT Azure SQL Role", - "description": "This is a custom role created for use by StealthAUDIT Azure SQL Job Group for Azure SQL Database discovery and auditing", - "assignableScopes": ["/subscriptions/"], - "permissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action", - "Microsoft.Sql/locations/administratorAzureAsyncOperation/read", - "Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*", - "Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*", - "Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*", - "Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*", - "Microsoft.Sql/managedInstances/databases/sensitivityLabels/*", - "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*", - "Microsoft.Sql/managedInstances/securityAlertPolicies/*", - "Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*", - "Microsoft.Sql/managedInstances/vulnerabilityAssessments/*", - "Microsoft.Sql/servers/extendedAuditingSettings/read", - "Microsoft.Sql/servers/databases/auditRecords/read", - "Microsoft.Sql/servers/databases/currentSensitivityLabels/*", - "Microsoft.Sql/servers/databases/dataMaskingPolicies/*", - "Microsoft.Sql/servers/databases/extendedAuditingSettings/read", - "Microsoft.Sql/servers/databases/read", - "Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*", - "Microsoft.Sql/servers/databases/schemas/read", - "Microsoft.Sql/servers/databases/schemas/tables/columns/read", - "Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*", - "Microsoft.Sql/servers/databases/schemas/tables/read", - "Microsoft.Sql/servers/databases/securityAlertPolicies/*", - "Microsoft.Sql/servers/databases/securityMetrics/*", - "Microsoft.Sql/servers/databases/sensitivityLabels/*", - "Microsoft.Sql/servers/databases/transparentDataEncryption/*", - "Microsoft.Sql/servers/databases/vulnerabilityAssessments/*", - "Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*", - "Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*", - "Microsoft.Sql/servers/devOpsAuditingSettings/*", - "Microsoft.Sql/servers/firewallRules/*", - "Microsoft.Sql/servers/read", - "Microsoft.Sql/servers/securityAlertPolicies/*", - "Microsoft.Sql/servers/vulnerabilityAssessments/*", - "Microsoft.Sql/servers/azureADOnlyAuthentications/*", - "Microsoft.Sql/managedInstances/read", - "Microsoft.Sql/managedInstances/azureADOnlyAuthentications/*", - "Microsoft.Security/sqlVulnerabilityAssessments/*", - "Microsoft.Sql/managedInstances/administrators/read", - "Microsoft.Sql/servers/administrators/read", - "Microsoft.Storage/storageAccounts/blobServices/containers/read", - "Microsoft.Sql/servers/auditingSettings/read", - "Microsoft.Sql/servers/databases/auditingSettings/read" - ], - "notActions": [], - "dataActions": [], - "notDataActions": [] - } - ] - } -} -``` - -![Azure SQL Configuration - Create a Custom Role section](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_3.webp) - -**Step 5 –** Once created, click **Start from JSON** in the Azure portal and select the JSON file. -Once that file is chosen, the Review + Create button should be enabled. - -Click **Review + Create** to create the role or click **Next** to review and edit the permissions. -Once the JSON file is opened, the Custom Role Name and Description boxes will be populated -automatically. The name and description of the custom role can be customized if required in this -step. - -![Azure SQL Configuration - Create a Cusotm Role window](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_4.webp) - -**Step 6 –** Click Create. This action will save and finalize a custom role entitled Access Analyzer -Azure SQL Role. - -**Step 7 –** Click OK on the final screen to complete the custom role creation process. The custom -role can now be used to register the Access Analyzer application within the Azure portal. - -**NOTE:** Depending upon the number of resources in the Azure tenancy, it might take some time for -the role to be made available to the resources. - -## Register an Azure SQL Application - -Follow the steps below to create an Azure SQL Application Registration in the Azure portal. - -**Step 1 –** In the Azure portal under Azure Services, click the **App Registration** icon. - -![AzureSQL - App Registrations - New Registration](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_5.webp) - -**Step 2 –** Click **New Registration** in the Register an application blade. - -![Azure SQL - Register an Application](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_6.webp) - -**Step 3 –** Enter a **Name** for the application and select an appropriate option from the -Supported account types options. - -**Step 4 –** Click **Register** at the bottom of the page when finished. Once the application has -been registered, the App registration overview blade will appear. Take note of the _Application -(client) ID_ on this page. - -**NOTE:** The _Application (client) ID_ is required to create a Connection Profile within the Access -Analyzer. - -![Azure SQL - Register and App - Application ID](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_8.webp) - -**Step 5 –** Click the **Certificates & secrets** blade in the left-hand menu. Click **New Client -secret**. - -**Step 6 –** Enter a unique identifier in the Description field of the Add a client secret window. -Select a Expiration time frame from the drop down. Click **Add** when finished. - -_Remember,_ you will have to update the Access Analyzer Connection Profile once the expiration time -frame is reached (within 24 months, for example). - -**Step 7 –** Make note of the key under the Value column. - -**NOTE:** The Value key on this paged will be used to create the Access Analyzer connection profile. - -![Azure SQL - Access Control (IAM) page](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_11z.webp) - -## Add a Role Assignment - -Follow the steps below to add a role assignment to the custom role and newly registered Access -Analyzer Azure SQL application. - -**Step 1 –** Navigate to the Subscriptions blade and click the **Access Control (IAM)** option. -Click the **Add** drop down > Click **Add role assignment**. - -![Azure SQL - Add a Role Assignment](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_13z.webp) - -**Step 2 –** Search for and click the recently created custom role from the Role drop down. See -[Create a StealthAUDIT Custom Role](#create-a-stealthaudit-custom-role) for steps required to create -a custom role in the Azure portal. - -**Step 3 –** Search for and select the recently registered Azure SQL application from the Select -drop down. See [Register an Azure SQL Application](#register-an-azure-sql-application) for steps -required to register an Azure SQL application in the Azure portal. The registered application will -be visible in the Selected members window. Click **Save** when finished. - -![Azure SQL - Add a role assignment window](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_14z.webp) - -**Step 4 –** Search for and select the SQL Server Contributor role in the Role drop down. - -**Step 5 –** Search for and select the recently registered Azure SQL application from the Select -drop down. See [Register an Azure SQL Application](#register-an-azure-sql-application) for steps -required to register an Azure SQL application in the Azure portal. The registered application will -be visible in the Selected members window. Click **Save** when finished. - -![Azure SQL - Access Control (IAM) window](/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_16z.webp) - -**Step 6 –** Navigate to the **Subscriptions** blade. Click **Access Control (IAM)**. - -**Step 7 –** Click the **Check access** menu tab Search for and select the recently registered Azure -SQL application from the drop down. See -[Register an Azure SQL Application](#register-an-azure-sql-application) for steps required to -register an Azure SQL application in the Azure portal. A preview window will appear on the -right-hand side of the window. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/database-azure-sql.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/database-azure-sql.md deleted file mode 100644 index 57dd708223..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/database-azure-sql.md +++ /dev/null @@ -1,50 +0,0 @@ -# AzureSQL Target Least Privilege Model - -To access the AzureSQL database, users require the Control permission for the target database. Users -with the Control Database permission have access to perform activity scans due to the function -leveraged by AzureSQL to return the required audit logs. See the -[Auditing for Azure SQL Database and Azure Synapse Analytics](https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview?view=azuresql) -Microsoft Knowledge Base article for additional information. - -**_RECOMMENDED:_** It is recommended to create a new user when leveraging a least privilege access -model to access the AzureSQL database because the user must exist in the master database and all -target database(s). A least privilege access model is one that uses the bare minimum privileges -required to carry out collections for the AzureSQL data collector. - -The following role and permission are required for the Least Privilege Model: - -- db_datareader role -- View Database Performance State permission -- Control permission on target database(s) - - **NOTE:** Control permission must be granted on any database you wish to collect data for. - -Follow the steps to configure the least privilege access model for AzureSQL collections. - -**Step 1 –** To login with the user, run the following script against the master database: - -CREATE LOGIN LPAUser WITH PASSWORD = [insert password] - -CREATE USER LPAUser FROM LOGIN LPAUser - -**Step 2 –** Create the user in the target database with the following script: - -CREATE USER LPAUser FROM LOGIN LPAUser - -Once complete, confirm that the newly created user exists in the instance of the master database and -the target database before proceeding to the next step. - -**Step 3 –** Run the following script against the target database to apply the db_datareader role: - -EXEC sp_addrolemember N’db_datareader’, N’LPAUser’ - -**Step 4 –** Apply the View Database State Permission against the target database with the following -script: - -GRANT VIEW DATABASE PERFORMANCE STATE TO LPAUSER - -**Step 5 –** Grant the control permission with the following script: - -GRANT CONTROL ON DATABASE - -The user is granted Control permission based on the least privilege access model. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/database-oracle.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/database-oracle.md deleted file mode 100644 index 137fe37803..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/database-oracle.md +++ /dev/null @@ -1,397 +0,0 @@ -# Oracle Target Least Privilege Model - -We recommend using an account DBA privilege to run Access Analyzer against an Oracle database. -However, if that is not acceptable all the privileges that are required to configure and run the -solution are below and can be used to implement the least privileges necessary. - -## Create Session Privilege - -Before getting started with the least privilege model, ensure that the Access Analyzer Connection -Profile user has the **Create Session** privilege granted. To do it, run the following command in -Oracle environment (SQL Plus or SQL Developer): - -``` -GRANT CREATE SESSION TO %USERNAME%;          -``` - -**NOTE:** The above command will grant the privilege only in the current container. To follow the -least privilege model, only grant the privilege on the containers (or pluggable databases) that you -will be scanning with Access Analyzer. - -However, if you target all of your pluggable databases, then to grant the **Create Session** -privilege on all of those containers at once, run the following command: - -``` -GRANT CREATE SESSION TO %USERNAME% CONTAINER=ALL;          -``` - -## User Credentials Role - -When using a least privileged model for Oracle, **SYSDBA** must be selected for the Role in the User -Credentials window for the Oracle Connection Profile. See the -[Oracle for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/oracle.md) topic for -additional information. - -## Oracle Server Discovery - -This Job uses Nmap to locate listening Oracle ports on servers by scanning for ports using the -service Oracle TNS Listener or optionally using specified ports, such as 1521. The Nmap utility can -be downloaded from [nmap.org](http://www.nmap.org/). To run this job, the user needs to have a -permission to execute any PowerShell script on the local host if the host is running the Microsoft -Windows operating system. In addition, on the Windows host, PowerShell execution policy needs to be -sent as well. For example, to set the execution policy to `Unrestricted`, run the following command -on the PowerShell command line: - -``` -Set-ExecutionPolicy -ExecutionPolicy Unrestricted           -``` - -In case of Linux and UNIX hosts, the `plink` command needs to be executed on the Access Analyzer -Console server to update the local file with the SSH keys. - -**NOTE:** The plink utility in the Access Analyzer installation directory has to be used. A version -of plink gets installed with the Nmap utility. - -The syntax is as follows: - -![administratorcommandprompt](/img/product_docs/accessanalyzer/requirements/target/config/administratorcommandprompt.webp) - -Run the following on the command prompt: - -``` -C:\Program Files (x86)\Stealthbits\StealthAUDIT\plink   -store_new_keys       -``` - -## Oracle SID Discovery - -This Job collects the Oracle SID from discovered Oracle servers and uses WMI or SSH to collect -running Oracle processes from the Oracle servers. The process is used to determine the name of the -Oracle SID. When multiple Oracle instances are running on a server, each SID will have its own entry -in this table. - -This Job requires local administrator rights on the target hosts in order to read the running -processes using either WMI or SSH. - -## Oracle Instance Discovery - -This Job verifies Oracle SID, IP Address, and Port combinations and inserts them into the -SA_SQL_Instances table. - -This Job requires read rights on the Oracle table DUAL, all users with any read right on an Oracle -server should be able to validate this query. - -For example, to grant a user `SELECT` permission on DUAL, run the following command in SQL Developer -or SQL\*Plus: - -``` -GRANT SELECT ON DUAL TO %USERNAME%; -``` - -**NOTE:** Replace `%USERNAME%` with the actual username of the user. - -``` -CONTAINER_DATA=ALL FOR %NAME_OF_PLUGGABLE_DATABASE% CONTAINER = CURRENT; -``` - -If you want to scan all pluggable databases in the given environment, run the following command in -the root container: - -``` -ALTER USER %USERNAME% SET CONTAINER_DATA=ALL CONTAINER = CURRENT; -``` - -## Oracle Permission Auditing - -The Oracle Permissions Scan job is responsible for collecting all permissions from all licensed -database types for all target instances. - -### Oracle Database 19c Series Permissions - -In order to collect permissions from Oracle Database 19c series, the user credential requires at -least the following `SELECT` privilege on the targeted database for the following views and tables: - -- CDB_COL_PRIVS view -- CDB_TAB_COLS view -- CDB_OBJECTS view -- CDB_PROFILES view -- CDB_ROLE_PRIVS view -- CDB_ROLES view -- CDB_SYS_PRIVS view -- CDB_TABLESPACES view -- CDB_TAB_PRIVS view. -- CDB_USERS view. -- V\_$DATABASE view. -- V\_$RSRC_CONSUMER_GROUP view. -- V\_$CONTAINERS view. -- V\_$PARAMETER view. -- V\_$PDBS view. -- V\_$INSTANCE view. -- SYS.USER$ table. -- DBA_TABLESPACES view -- DBA_ROLES view -- DBA_USERS view -- DBA_OBJECTS view -- DBA_COL_PRIVS view -- DBA_TAB_COLS view -- DBA_ROLE_PRIVS view -- DBA_SYS_PRIVS view -- DBA_TAB_PRIVS view - -For example, to grant all of the above privileges, run the following set of commands in SQL -Developer or SQL\*Plus: - -``` -GRANT CONNECT TO %USERNAME%; -GRANT CREATE SESSION TO %USERNAME%; -GRANT SELECT ON DUAL TO %USERNAME%; -GRANT SELECT ON CDB_COL_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; -GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; -GRANT SELECT ON CDB_PROFILES TO %USERNAME%; -GRANT SELECT ON CDB_ROLE_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_ROLES TO %USERNAME%; -GRANT SELECT ON CDB_SYS_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_TABLESPACES TO %USERNAME%; -GRANT SELECT ON CDB_TAB_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_USERS TO %USERNAME%; -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; -GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; -GRANT SELECT ON V_$PARAMETER TO %USERNAME%; -GRANT SELECT ON V_$PDBS TO %USERNAME%; -GRANT SELECT ON V_$INSTANCE TO %USERNAME%; -GRANT SELECT ON SYS.USER$ TO %USERNAME%; -GRANT SELECT ON DBA_TABLESPACES TO %USERNAME%; -GRANT SELECT ON DBA_ROLES TO %USERNAME%; -GRANT SELECT ON DBA_USERS TO %USERNAME%; -GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; -GRANT SELECT ON DBA_COL_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; -GRANT SELECT ON DBA_ROLE_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_SYS_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_TAB_PRIVS TO %USERNAME%; -``` - -### Oracle Database 12c Series Permissions - -In order to collect permissions from Oracle Database 12c series, the user credential requires at -least the following `SELECT` privilege on the targeted database for the following views and tables: - -- CDB_COL_PRIVS view -- CDB_TAB_COLS view -- CDB_OBJECTS view -- CDB_PROFILES view -- CDB_ROLE_PRIVS view -- CDB_ROLES view -- CDB_SYS_PRIVS view -- CDB_TABLESPACES view -- CDB_TAB_PRIVS view. -- CDB_USERS view. -- V\_$RSRC_CONSUMER_GROUP view. -- V\_$DATABASE view. -- V\_$PARAMETER view. -- V\_$PDBS view. -- V\_$CONTAINERS view. -- SYS.USER$ table. - -For example, to grant all of the above privileges, run the following set of commands in SQL -Developer or SQL\*Plus: - -``` -GRANT SELECT ON CDB_COL_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; -GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; -GRANT SELECT ON CDB_PROFILES TO %USERNAME%; -GRANT SELECT ON CDB_ROLE_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_ROLES TO %USERNAME%; -GRANT SELECT ON CDB_SYS_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_TABLESPACES TO %USERNAME%; -GRANT SELECT ON CDB_TAB_PRIVS TO %USERNAME%; -GRANT SELECT ON CDB_USERS TO %USERNAME%; -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; -GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; -GRANT SELECT ON V_$PARAMETER TO %USERNAME%; -GRANT SELECT ON V_$PDBS TO %USERNAME%; -GRANT SELECT ON SYS.USER$ TO %USERNAME%; -``` - -### Oracle Database 11g Series Permissions - -In order to collect permissions from Oracle Database 11g series, the user credential requires at -least the following `SELECT` privileges on the targeted database for the following views and tables: - -- DBA_COL_PRIVS view -- DBA_TAB_COLS view -- DBA_OBJECTS view -- DBA_PROFILES view -- DBA_ROLES view -- DBA_ROLE_PRIVS view -- DBA_SYS_PRIVS view -- DBA_TABLESPACES view -- DBA_TAB_PRIVS view -- DBA_USERS view -- V\_$RSRC_CONSUMER_GROUP view -- V\_$DATABASE view -- V\_$PARAMETER view -- SYS.USER$ table - -For example, to grant all of the above privileges, run the following set of commands in Oracle SQL -Developer or SQL\*Plus: - -``` -GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; -GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; -GRANT SELECT ON DBA_TABLESPACES TO %USERNAME%; -GRANT SELECT ON DBA_PROFILES TO %USERNAME%; -GRANT SELECT ON DBA_TAB_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_ROLES TO %USERNAME%; -GRANT SELECT ON DBA_ROLE_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_SYS_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_COL_PRIVS TO %USERNAME%; -GRANT SELECT ON DBA_USERS TO %USERNAME%; -GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON V_$PARAMETER TO %USERNAME%; -GRANT SELECT ON SYS.USER$ TO %USERNAME%; -``` - -## Oracle Sensitive Data Auditing - -This job is responsible for identifying sensitive data that has been stored within target database -instances. - -Before running this scan, ensure that Oracle database statistics are up to date at least for the -targeted schema or tables. Use one of the following commands: - -``` -EXEC DBMS_STATS.GATHER_SCHEMA_STATS('%SCHEMA_NAME%'); -EXEC DBMS_STATS.GATHER_TABLE_STATS('%SCHEMA_NAME%', ‘%TABLE_NAME%’); -``` - -### Oracle Database 12c Series Sensitive Data - -In order to perform a sensitive data scan on Oracle database 12c series, the user credential -requires at least the following `SELECT` privileges on the targeted database for the following -views: - -- V\_$CONTAINERS view -- V\_$DATABASE view -- CDB_TAB_COLS view -- CDB_OBJECTS view - -For example, to grant the above privileges, run the following set of commands in SQL Developer or -SQL\*Plus: - -``` -GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; -GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; -``` - -### Oracle Database 11g Series Sensitive Data - -In order to perform a sensitive data scan on Oracle database 11g series, the user credential -requires at least the following `SELECT` privileges on the targeted database for the following -views: - -- V\_$DATABASE view -- DBA_TAB_COLS view -- DBA_OBJECTS view - -For example, to grant the above privileges, run the following set of commands in SQL Developer or -SQL\*Plus: - -``` -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; -GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; -``` - -Please note that the `SELECT` privilege needs to be granted individually on all sensitive data -tables to be targeted (more secure). To accomplish it, run the following command for each targeted -sensitive data table: - -``` -GRANT SELECT ON %YOUR_SENSITIVE_DATA_TABLE% TO %USERNAME%; -``` - -*(Optional)* Grant the `SELECT` privilege on any table (less secure) by running the following -command: - -``` -GRANT SELECT ANY TABLE TO %USERNAME%; -``` - -## Oracle Activity Auditing - -This job is responsible for collecting audit data from configured database server audits on target -endpoints. - -### Oracle Database 12c Series Activity Data - -In order to perform an activity data scan on Oracle database 12c series, the user credential -requires at least the following `SELECT` privileges on the targeted database for the following -views: - -- V\_$DATABASE view -- CDB_COMMON_AUDIT_TRAIL view -- UNIFIED_AUDIT_TRAIL view - -For example, to grant the above privileges, run the following set of commands in SQL Developer or -SQL\*Plus: - -``` -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON CDB_COMMON_AUDIT_TRAIL TO %USERNAME%; -GRANT SELECT ON UNIFIED_AUDIT_TRAIL TO %USERNAME%; -``` - -If the audit trail mode is `QUEUED`, then audit records are not written to disk until the in-memory -queues are full. The following procedure explicitly flushes the queues to disk, so that the audit -trail records are viewable in the `UNIFIED_AUDIT_TRAIL` view: - -``` -EXEC SYS.DBMS_AUDIT_MGMT.FLUSH_UNIFIED_AUDIT_TRAIL; -``` - -### Oracle Database 11g Series Activity Data - -In order to perform an activity data scan on Oracle database 11g series, the user credential -required at least the following `SELECT` privileges on the targeted database for the following -views: - -- V\_$DATABASE view -- DBA_COMMON_AUDIT_TRAIL view - -For example, to grant the above privileges, run the following set of commands in SQL Developer or -SQL\*Plus: - -``` -GRANT SELECT ON V_$DATABASE TO %USERNAME%; -GRANT SELECT ON DBA_COMMON_AUDIT_TRAIL TO %USERNAME%; -``` - -## Oracle Users with Default Passwords Job - -The 4-Oracle_DefaultPasswordUsers job is responsible for collecting usernames of users whose -passwords have not been updated since the database creation. - -The user needs to have a `SELECT` privilege on `CDB_USERS_WITH_DEFPWD` table for Oracle container -databases (version 12c and higher) or `DBA_USERS_WITH_DEFPWD` for the non-container database (any -version below 12c). - -To grant the required privileges, execute the following statements in SQL Developer or SQL\*Plus: - -For version 12c and later: - -``` -GRANT SELECT ON CDB_USERS_WITH_DEFPWD TO %USERNAME%; -``` - -For version 11g: - -``` -GRANT SELECT ON DBA_USERS_WITH_DEFPWD TO %USERNAME%; -``` diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-db2.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-db2.md deleted file mode 100644 index 5215e589f3..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-db2.md +++ /dev/null @@ -1,59 +0,0 @@ -# Target Db2 Requirements, Permissions, and Ports - -The Access Analyzer for Databases Solution provides the ability to audit and monitor Db2 database -environments to collect permissions and sensitive data. It scans: - -- DB2LUW 11+ - -Target Db2 Requirements - -Successful installation of the IBM Data Server Client is required to run the Db2 Job Group. In -addition, the following clients and drivers must be installed: - -- IBM Data Server Driver Package (DS Driver) -- IBM Data Server Driver for JDBC and SQLJ (JCC Driver) -- IBM Data Server Driver for ODBC and CLI (CLI Driver) -- IBM Data Server Runtime Client -- IBM Data Server Client -- IBM Database Add-Ins for Visual Studio -- IBM .NET Driver NuGet - -**NOTE:** All necessary clients and drivers can be found on IBM Support's -[Download initial version 11.5 clients and drivers](https://www.ibm.com/support/pages/download-initial-version-115-clients-and-drivers) -page. From the list of available packages, select the IBM Data Server Client, which is the -all-in-one client package. This package includes all of the client tools and available libraries, as -well as the add-ins for Visual Studio. - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For SQL Data Collector - -- Specified by Instances table (default is 5000) diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-mongodb.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-mongodb.md deleted file mode 100644 index 3e27556c95..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-mongodb.md +++ /dev/null @@ -1,46 +0,0 @@ -# Target MongoDB Requirements, Permissions, and Ports - -The Access Analyzer for Databases Solution provides the ability to audit and monitor MongoDB -database environments to collect permissions and sensitive data. It scans: - -- MongoDB 5.0 -- MongoDB 6.0 -- MongoDB 7.0 -- Windows and Linux distributions supported by MongoDB - -Target MongoDB Requirements for Sensitive Data Discovery Scans - -- .NET Framework 4.8 is required to run the MongoDB_SensitiveDataScan Job -- MongoDB Cluster on Windows Only – Domain Administrator or Local Administrator privilege - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [NoSQL Data Collector](/docs/accessanalyzer/12.0/data-collection/nosql/overview.md) - -## Permissions - -For MongoDB Prerequisite - -- Read Only access to ALL databases in the MongoDB Cluster including: - - - Admin databases - - Config databases - - Local databases - -- Read Only access to any user databases is required for sensitive data discovery -- Read access to NOSQL instance -- Read access to MongoDB instance -- Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target - NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard - page - -## Ports - -The following firewall ports are needed: - -For NoSQL Data Collector - -- MongoDB Cluster -- Default port is 27017 (A custom port can be configured) diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-mysql.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-mysql.md deleted file mode 100644 index 9b930304f8..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-mysql.md +++ /dev/null @@ -1,66 +0,0 @@ -# Target MySQL Requirements, Permissions, and Ports - -The Access Analyzer for Databases Solution provides the ability to audit and monitor MySQL database -environments to collect permissions and sensitive data. It scans: - -- MySQL 5.x -- MySQL 8.x -- Amazon MySQL RDS -- Amazon Aurora MySQL Engine -- MariaDB 10.x - -Target MySQL Requirements - -The following are requirements for the MySQL to be scanned: - -- WINRM Service installed and enabled — Required only if MySQL is running on Windows - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) - -## Requirements - -- Windows (Access Analyzer host) - Windows Management Framework 3+ installed on the Access Analyzer - Console server (Windows 2012 and later) -- Windows (MySQL host) - - WinRM enabled -- MySQL - - - Read access to all databases contained within each MySQL instance - - Domain Admin or Local Admin privilege (Windows only) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For MySQL Data Collection - -- Read access to MySQL instance to include all databases contained within each instance -- Windows Only — Domain Admin or Local Admin privilege - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For SQL Data Collector - -- Specified by Instances table (default is 3306) diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-oracle.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-oracle.md deleted file mode 100644 index 6744d33c84..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-oracle.md +++ /dev/null @@ -1,60 +0,0 @@ -# Target Oracle Requirements, Permissions, and Ports - -The Access Analyzer for Databases Solution provides the ability to audit and monitor Oracle database -environments to collect permissions, sensitive data, and activity events. It scans: - -- Oracle Database 12c -- Oracle Database 18c -- Oracle Database 19c - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [PowerShell Data Collector](/docs/accessanalyzer/12.0/data-collection/powershell/overview.md) -- [SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For PowerShell Data Collection - -- Member of the Local Administrators group - -For Oracle Data Collection - -- User with SYSDBA role -- Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or - Unix operating systems - -There is a least privilege model for scanning your domain. See the -[Oracle Target Least Privilege Model](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/database-oracle.md) topic for additional information. - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For PowerShell Data Collector - -- Randomly allocated high TCP ports - -For SQL Data Collector - -- Specified by Instances table (default is 1521) diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-postgresql.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-postgresql.md deleted file mode 100644 index 680e6ed5c4..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-postgresql.md +++ /dev/null @@ -1,54 +0,0 @@ -# Target PostgreSQL Requirements, Permissions, and Ports - -The Access Analyzer for Databases Solution provides the ability to audit and monitor PostgreSQL -database environments to collect permissions and sensitive data. It scans: - -- Open Source PostgreSQL 9x through 12x -- Enterprise DB PostgreSQL (10x trhough 12x) -- Amazon AWS Aurora PostgreSQL Engine (all versions supported by Amazon AWS) -- Azure PostgreSQL (9.6) - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) - -## Requirements - -- Read access to all databases contained within each PostgreSQL instance -- Domain Admin or Local Admin privilege (Windows only) -- Login account for each instance of PostgreSQL to be audited - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For PostgreSQL Data Collection - -- Read access to all the databases in PostgreSQL cluster or instance -- Windows Only — Domain Admin or Local Admin privilege - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For SQL Data Collector - -- Specified by Instances table (default is 5432) diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-redshift.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-redshift.md deleted file mode 100644 index 821c3e8245..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-redshift.md +++ /dev/null @@ -1,60 +0,0 @@ -# Target Redshift Requirements, Permissions, and Ports - -The Access Analyzer for Databases Solution provides the ability to audit and monitor Redshift -database environments to collect permissions and sensitive data. It scans: - -- Amazon AWS Redshift -- AWS Redshift Cluster - -Target Redshift Requirements - -- Creation of a user name and password through the AWS portal. -- Successful retrieval of the following items from the AWS website: - - - Database Name – Unique identifier for a specific database - - Port Number – String of unique numbers used by networks to identify specific incoming - processes - - Endpoint name – Publicly accessible elastic IP address specific to the database - -- Retrieval of the information from the Access Analyzer console. - -Additional requirements for Sensitive Data Discovery: - -- Windows Only – Domain Administrator or Local Administrator privilege - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For Redshift Data Collection - -- Read-access to the following tables: - - - pg_tables - - pg_user - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-sql.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-sql.md deleted file mode 100644 index 81ef7f4b17..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-sql.md +++ /dev/null @@ -1,101 +0,0 @@ -# Target SQL Server Requirements, Permissions, and Ports - -The Access Analyzer for Databases Solution provides the ability to audit and monitor SQL Server -database environments to collect permissions, sensitive data, and activity events. It scans: - -- Azure SQL - -- SQL Server 2022 -- SQL Server 2019 -- SQL Server 2017 -- SQL Server 2016 - -Target SQL Server Requirements - -The following are requirements for the SQL Server to be scanned: - -- WINRM Service installed -- Ensure the following rights are in the `ROOT\Microsoft\SQLServer` and `ROOT\Interop` WMI - NameSpaces: - - - Execute Methods - - Enable Account - - Remote Enable - - **NOTE:** Restart WMI after applying changes. - -- For Activity Auditing – SQL Server Audit: - - - SQL Server Audit Specifications to be configured on the target databases - - Audit destination must be a binary file - - See the Microsoft - [Create a server audit and database audit specification](https://learn.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) - article. - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [SMARTLog Data Collector](/docs/accessanalyzer/12.0/data-collection/smart-log/overview.md) -- [SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For SMARTLog Data Collection - -- Member of the local Administrators group - -For SQL Server Data Collection - -- For Instance Discovery, local rights on the target SQL Servers: - - - Local group membership to Remote Management Users - - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` - -- For permissions for data collection: - - - Read access to SQL instance - - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the - target SQL instance(s) when using the **Scan full rows for sensitive data** option on the - Options wizard page - - Grant Authenticate Server to [DOMAIN\USER] - - Grant Connect SQL to [DOMAIN\USER] - - Grant View any database to [DOMAIN\USER] - - Grant View any definition to [DOMAIN\USER] - - Grant View server state to [DOMAIN\USER] - - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) - -See the [Azure SQL Auditing Configuration](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-sql-access.md) topic for additional -information. - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For SMARTLog Data Collector - -- TCP 135 -- TCP 445 -- Randomly allocated high TCP ports - -For SQL Data Collector - -- Specified by Instances table (default is 1433) diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/dropbox.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/dropbox.md deleted file mode 100644 index a5e2a770e7..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/dropbox.md +++ /dev/null @@ -1,31 +0,0 @@ -# Target Dropbox Requirements, Permissions, and Ports - -The Access Analyzer for AWS Solution provides the ability to audit Dropbox. It scans: - -- Dropbox - -Data Collector - -This solution employs the following data collector to scan the target environment: - -- [DropboxAccess Data Collector](/docs/accessanalyzer/12.0/data-collection/dropbox-access/overview.md) - -## Permissions - -- Dropbox Team Administrator - -The DropboxAccess Data Collector requires the generation of an access token that is used to -configure the Connection Profile for Dropbox. The access token is generated from within the Dropbox -Access Auditor Data Collector Wizard on the Scan Options page. Once the access token is copied into -a Connection Profile for Dropbox, it will be saved and does not need to be generated again. See the -[DropboxAccess: Scan Options](/docs/accessanalyzer/12.0/data-collection/dropbox-access/scan-options.md) topic for -additional information. - -## Ports - -The following firewall ports are needed: - -For DropboxAccess Data Collector - -- TCP 80 -- TCP443 diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange-online.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange-online.md deleted file mode 100644 index c6a522aa11..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange-online.md +++ /dev/null @@ -1,106 +0,0 @@ -# Target Exchange Online Requirements, Permissions, and Ports - -The Access Analyzer for Exchange Solution provides the ability to audit Exchange Online. It scans: - -- Exchange Online (Limited) - -See the [Exchange Support and Permissions Explained](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/support.md) topic for -details on the type of auditing supported by data collector and by job group. - -Data Collectors - -This solution employs the following data collectors to scan the target environment: - -- [AzureADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/overview.md) -- [EWSMailbox Data Collector](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/overview.md) -- [EWSPublicFolder Data Collector](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/overview.md) -- [ExchangePS Data Collector](/docs/accessanalyzer/12.0/data-collection/exchange-ps/overview.md) - -## Permissions - -For .Entra ID Inventory Prerequisite with the AzureADInventory Data Collector - -- Microsoft Graph API - - - Application Permissions: - - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - - Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -- Access URLs - - - https://login.windows.net - - https://graph.windows.net - - https://login.microsoftonline.com - - https://graph.microsoft.com - - - All sub-directories of the access URLs listed - -See the [Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/12.0/configuration/entra-id/access.md) topic for -additional information. - -Permissions for the Registered Microsoft Entra ID Application: Office 365 Exchange Online - -- Application Permissions: - - - Exchange.ManageAsApp – Manage Exchange As Application - - full_access_as_app – Use Exchange Web Services with full access to all mailboxes - -- Exchange Administrator role assigned to the registered application's service principal - -See the [Exchange Online Auditing Configuration](/docs/accessanalyzer/12.0/configuration/exchange-online/access.md) topic for -additional information. - -For Exchange Web Services API Permissions with the EWSMailbox Data Collector - -- Exchange Admin Role -- Discovery Management Role -- Exchange Online License - -See the [Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/web-services-api.md) topic for -additional information. - -For Exchange Web Services API Permissions with the EWSPublicFolder Data Collector - -- Exchange Admin Role -- Discovery Management Role -- Exchange Online License with a mailbox - -See the [Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/web-services-api.md) topic for -additional information. - -For Exchange PowerShell with ExchangePS Data Collector - -- Discovery Management Role -- Organization Management Role - -See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) topic for additional -information. - -## Ports - -The following firewall ports are needed: - -For AzureADInventory Data Collector - -- TCP 80 and 443 - -For EWSMailbox Data Collector - -- TCP 389 -- TCP 443 - -For EWSPublicFolder Data Collector - -- TCP 389 -- TCP 443 - -For ExchangePS Data Collector - -- TCP 135 -- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange.md deleted file mode 100644 index dd8d3b6ff1..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange.md +++ /dev/null @@ -1,175 +0,0 @@ -# Target Exchange Servers Requirements, Permissions, and Ports - -The Access Analyzer for Exchange Solution is compatible with the following Exchange Server versions -as targets: - -- Exchange 2019 (Limited) -- Exchange 2016 (Limited) -- Exchange 2013 -- Exchange 2010 (Limited) - -See the [Exchange Support and Permissions Explained](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/support.md) topic for -details on the type of auditing supported by data collector and by job group. - -Domain Controller Requirements - -The following are requirements for the Exchange servers to be scanned: - -- Enable Remote PowerShell on one Client Access Server (CAS) -- Enable Windows Authentication for the PowerShell Virtual Directory on the same CAS -- .NET Framework 4.5+ installed on all Exchange servers to be targeted -- WINRM Service installed on all Exchange servers to be targeted as a back up in the event of a - remote PowerShell failure -- Within the Access Analyzer Console, the global **Settings > Exchange** node must be configured - - **NOTE:** For Exchange 2013, 2016, and 2019 – If the global Settings have been configured for - "MAPI over HTTP," then an actual CAS server name was supplied and will be used by the ExchangePS - Data Collector. If the global Settings have been configured for "MAPI over HTTPS," then the - global Settings will have a web address instead of an actual server. Therefore, each ExchangePS - query requires the CAS server to be set as the specific server on the Category page. See the - [ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/12.0/solutions/exchange/recommended.md) - topic for a list of queries for which this would apply. - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [EWSMailbox Data Collector](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/overview.md) -- [EWSPublicFolder Data Collector](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/overview.md) -- [Exchange2K Data Collector](/docs/accessanalyzer/12.0/data-collection/exchange-2k/overview.md) -- [ExchangeMailbox Data Collector](/docs/accessanalyzer/12.0/data-collection/exchange-mailbox/overview.md) -- [ExchangeMetrics Data Collector](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/overview.md) -- [ExchangePS Data Collector](/docs/accessanalyzer/12.0/data-collection/exchange-ps/overview.md) -- [ExchangePublicFolder Data Collector](/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/overview.md) -- [SMARTLog Data Collector](/docs/accessanalyzer/12.0/data-collection/smart-log/overview.md) - -## Permissions - -For .Active Directory Inventory Prerequisite - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -For Exchange Web Services API Permissions with the EWSMailbox Data Collector - -- Exchange Admin Role -- Discovery Management Role -- Application Impersonation Role -- Exchange Online License - -See the [Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/web-services-api.md) topic for -additional information. - -For Exchange Web Services API Permissions with the EWSPublicFolder Data Collector - -- Exchange Admin Role -- Discovery Management Role -- Application Impersonation Role -- Exchange Online License with a mailbox - -See the [Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/web-services-api.md) topic for -additional information. - -For Exchange2K Data Collector - -- Member of the Exchange Administrator group -- Domain Admin for AD property collection -- Public Folder Management - -For ExchangeMailbox Data Collector - -- Member of the Exchange Administrator group -- Organization Management -- Discovery Management - -For Exchange Mail Flow with ExchangeMetrics Data Collector - -- Member of the local Administrator group on the targeted Exchange server(s) - -See the [Exchange Mail-Flow Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mail-flow.md) topic for additional -information. - -For Exchange Remote Connection with SMARTLog Data Collector - -- Member of the local Administrators group - -See the [Exchange Remote Connections Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/remote-connections.md) topic -for additional information. - -For Exchange PowerShell with ExchangePS Data Collector - -- Remote PowerShell enabled on a single Exchange server -- Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server - where Remote PowerShell has been enabled -- View-Only Organization Management Role Group -- Discovery Search Management Role Group -- Public Folder Management Role Group -- Mailbox Search Role - -See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) topic for additional -information. - -For ExchangePublicFolders Data Collector - -- Member of the Exchange Administrator group -- Organization Management - -## Ports - -The following firewall ports are needed: - -For ADInventory Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For EWSMailbox Data Collector - -- TCP 389 -- TCP 443 - -For EWSPublicFolder Data Collector - -- TCP 389 -- TCP 443 - -For Exchange2K Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports -- TCP 389 -- Optional TCP 445 - -For ExchangeMailbox Data Collector - -- TCP 135 -- Randomly allocated high TCP ports - -For ExchangeMetrics Data Collector - -- TCP 135 -- Randomly allocated high TCP ports - -For ExchangePS Data Collector - -- TCP 135 -- Randomly allocated high TCP ports - -For ExchangePublicFolder Data Collector - -- TCP 135 -- Randomly allocated high TCP ports - -For SMARTLog Data Collector - -- TCP 135 -- TCP 445 -- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md deleted file mode 100644 index b34518b34b..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md +++ /dev/null @@ -1,144 +0,0 @@ -# File System Supported Platforms - -Netwrix Access Analyzer (formerly Enterprise Auditor) audits Microsoft® Windows® file servers, -Azure Files storage accounts, Network Attached Storage (NAS) devices, and Unix platforms. - -Access Analyzer employs the File System Solution to execute Access Auditing (FSAA), Activity -Monitoring (FSAC), and Sensitive Data Discovery Auditing scans. The Activity Monitoring (FSAC) scans -also require an additional application, either Netwrix Activity Monitor or Netwrix Threat -Prevention, to monitor the target environment. - -**NOTE:** Access Auditing and Sensitive Data Discovery Auditing support CIFS and NFSv3. - -Ports and permissions vary based on the scan mode option selected as well as the target environment. - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [FileSystemAccess Data Collector](/docs/accessanalyzer/12.0/data-collection/fsaa/overview.md) - -Permissions and Ports for ADInventory Data Collector Prerequisite - -The following permissions are needed: - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -The following firewall ports are needed: - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions and Ports for FileSystemAccess Data Collector - -- Permissions vary based on the Scan Mode Option selected. See the File System Supported Platforms - topic for additional information. - -## Supported Windows Platforms - -The following are supported Microsoft® Windows® operating systems: - -- Windows Server 2022 -- Windows Server 2019 -- Windows Server 2016 - -See the [Windows File Server Target Requirements](/docs/accessanalyzer/12.0/configuration/windows-file/overview.md) topic for -target environment requirements. - -Windows File System Clusters - -See the topic for target environment requirements. - -Windows File System DFS Namespaces - -See the topic for target environment requirements. - -## Azure Files Support - -Azure Files is a fully managed, cloud-based file sharing service from Microsoft that allows users to -access file shares from anywhere as a virtual network drive. Access Analyzer supports Access -Auditing (FSAA) and Sensitive Data Discovery Auditing scans of Azure Files. - -See the [Azure Files Target Requirements](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/azure-files.md) topic for additional information. - -## Supported Network Attached Storage Devices - -The following are supported Network Attached Storage (NAS) devices. - -Dell Celerra® & VNX - -- Celerra 6.0+ -- VNX 7.1 -- VNX 8.1 - -See the [Dell Celerra & Dell VNX Target Requirements](/docs/accessanalyzer/12.0/configuration/dell-celerra-vnx/overview.md) -topic for target environment requirements. - -Dell Isilon/PowerScale - -- 7.0+ - -See the [Dell Isilon/PowerScale Target Requirements](/docs/accessanalyzer/12.0/configuration/dell-powerscale/overview.md) -topic for target environment requirements. - -Dell Unity - -See the [Dell Unity Target Requirements](/docs/accessanalyzer/12.0/configuration/dell-unity/overview.md) topic for target -environment requirements. - -Hitachi - -- 11.2+ - -See the [Hitachi Target Requirements](/docs/accessanalyzer/12.0/configuration/hitachi/overview.md) topic for target -environment requirements. - -Nasuni Nasuni Edge Appliances - -- 8.0+ - -See the [Nasuni Target Requirements](/docs/accessanalyzer/12.0/configuration/nasuni/overview.md) topic for target -environment requirements. - -NetApp Data ONTAP - -- 7-Mode 7.3+ -- Cluster-Mode 8.2+ - -See the following topics for target environment requirements: - -- [NetApp Data ONTAP Cluster-Mode Target Requirements](/docs/accessanalyzer/12.0/configuration/netapp-c-mode/overview.md) -- [NetApp Data ONTAP 7-Mode Target Requirements](/docs/accessanalyzer/12.0/configuration/netapp-7-mode/overview.md) - -Nutanix - -See the [Nutanix Target Requirements](/docs/accessanalyzer/12.0/configuration/nutanix/overview.md) topic for target -environment requirements. - -Qumulo - -- Qumulo Core 5.0.0.1B+ - -See the [Qumulo Target Requirements](/docs/accessanalyzer/12.0/configuration/qumulo/overview.md) topic for target -environment requirements. - -## Supported Unix Platforms - -The following are supported Unix operating systems for Access Auditing (FSAA) and Sensitive Data -Discovery Auditing only: - -- AIX® 4+ -- Solaris™ 8+ -- Red Hat® Enterprise Linux® 4+ -- Red Hat® Linux® 5.2+ -- HP-UX® 11+ -- SUSE® 10+ diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/sharepoint.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/sharepoint.md deleted file mode 100644 index c45f991c34..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/sharepoint.md +++ /dev/null @@ -1,95 +0,0 @@ -# SharePoint Support - -Netwrix products audit and monitor Microsoft® SharePoint® environments. Access Analyzer employs -the SharePoint solution to execute Access Auditing (SPAA) and Sensitive Data Discovery Auditing -scans against SharePoint on-premise and SharePoint Online. Through integration with Activity -Monitor, Access Analyzer can also execute Activity Auditing (SPAC) scans against SharePoint -on-premise and SharePoint online environments. Additionally, Activity Monitor can be configured to -provide activity data to various SIEM products. - -Ports and permissions vary based on the scan mode option selected as well as the target environment. - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/overview.md) -- [AzureADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/overview.md) -- [SharePointAccess Data Collector](/docs/accessanalyzer/12.0/data-collection/spaa/overview.md) - -Permissions and Ports for ADInventory Data Collector Prerequisite - -The following permissions are needed: - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -The following firewall ports are needed: - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -Permissions and Ports for AzureADInventory Data Collector Prerequisite - -The following permissions are needed: - -- Microsoft Graph API - - - Application Permissions: - - - AuditLog.Read.All – Read all audit log data - - Directory.Read.All – Read directory data - - - Delegated Permissions: - - - Group.Read.All – Read all groups - - User.Read.All – Read all users' full profiles - -- Access URLs - - - https://login.windows.net - - https://graph.windows.net - - https://login.microsoftonline.com - - https://graph.microsoft.com - - - All sub-directories of the access URLs listed - -The following firewall ports are needed: - -- TCP 80 and 443 - -## Supported SharePoint Online - -The following are supported Microsoft® SharePoint® Online: - -- SharePoint Online® (Agent-less mode scans only) - -- OneDrive® for Business (Access Auditing and/or Sensitive Data Discovery Auditing for Agent-less - mode scans only) - -See the [SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) topic for additional -information. - -**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for -SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and -provisions it with the required permissions. See the -[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-register-azure-app-auth.md) topic for -additional information. - -## Supported SharePoint On-Premise - -The following are supported Microsoft® SharePoint® operating systems: - -- SharePoint® 2019 -- SharePoint® 2016 -- SharePoint® 2013 - -See the [SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/unix.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/unix.md deleted file mode 100644 index c8709fa18b..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/unix.md +++ /dev/null @@ -1,205 +0,0 @@ -# Target Unix Requirements, Permissions, and Ports - -The Access Analyzer for Unix Solution provides the ability to audit Unix servers. It scans: - -- AIX® 4+ -- Solaris™ 8+ -- Red Hat® Enterprise Linux® 4+ -- Red Hat® Linux® 5.2+ -- HP-UX® 11+ -- CentOS® 7+ -- SUSE® 10+ - -Data Collectors - -This solution employs the following data collectors to scan the target environment: - -- [NIS Data Collector](/docs/accessanalyzer/12.0/data-collection/nis/overview.md) -- [Unix Data Collector](/docs/accessanalyzer/12.0/data-collection/unix/overview.md) - -## Permissions - -For NIS Data Collector Prerequisite - -- No special permissions are needed aside from access to a NIS server - -For Unix Data Collector - -- Root permissions in Unix/Linux - -If the Root permission is unavailable, a least privileged model can be used. See the -[Least Privilege Model](#least-privilege-model) topic additional information. - -## Ports - -The following firewall ports are needed: - -For NIS Data Collector Prerequisite - -- TCP 111 or UDP 111 -- Randomly allocated high TCP ports - -For Unix Data Collector - -- TCP 22 -- User configurable - -## Least Privilege Model - -Access Analyzer for Unix collects information from Unix devices by running commands or executing -scripts on your Unix hosts (if configured properly our tool can SCP scripts to your hosts before -execution). Therefore, the domain or local user credentials entered in the Connection Profile within -the Access Analyzer must be capable of running the necessary commands, executing the necessary -scripts or, in some cases, have rights to SCP scripts to the host. - -### Connecting to Unix Hosts - -Access Analyzer for Unix connects to your host in two ways: - -- Plink – This mechanism is leveraged during our tools Host Inventory to test connectivity to a host - and to collect basic details about a host (Host Name, OS Type, etc.) -- Implementation of the SSH2 protocol built into Access Analyzer – This is how the Unix Data - Collector interacts with and pulls information from your environment - -Authentication Methods - -- SSH Login Required -- SSH Private Key - - - Supported Key Types - - - Open SSH - - PuTTY Private Key - -Device Connectivity - -- SSH port opened in software and hardware firewalls. Default is 22. - - - If you do not use Port 22, you can specify your SSH port in the Connection Profile - -### Commands for Non-Root Accounts - -We recommend using the root account to run Access Analyzer against a Unix system. However, if that -is not acceptable all the commands we leverage in the solution set are below and can be used to -implement least privilege: - -All Perl scripts require the account to be able to execute the following commands: - -``` -scp [script] to a target location: /tmp/[script] -``` - -``` -perl [script] -``` - -``` -rm -f [script] -``` - -#### UX_UsersAndGroups Job Requirements - -The 1.Users and Groups > 0.Collection > UX_UsersAndGroups Job requires permissions in the Unix -environment to run the following commands: - -Commands Used - -- `grep` -- `egrep` -- `uname` -- `cat /etc/passwd` (read access) -- `cat /etc/group` (read access) -- `cat /etc/security/user` (read access) -- `cat /etc/shadow` - - - Requires root or customization to job to utilize sudo without password prompt (:NOPASSWD) - -- `egrep /etc/security/user` (read access) -- `egrep /etc/login.defs` (read access) -- `egrep /etc/default/passwd` (read access) -- `cat /etc/security/passwd` (read access) - -Perl Scripts Used - -``` -SA_UX_AIX_User.pl -``` - -``` -SA_UX_AIX_UserLastUpdate.pl -``` - -#### UX_MakeDirectory Job Requirements - -The 2.PrivilegedAccess > Sudoers > 0.Collection > UX_MakeDirectory Job requires permissions in the -Unix environment to run the following commands: - -Commands Used - -- `mkdir /tmp/Stealthbits/` - -#### UX_ParseSudoers Job Requires - -The 2.PrivilegedAccess > Sudoers > 0.Collection > UX_ParseSudoers Job requires permissions in the -Unix environment to run the following commands: - -**NOTE:** To parse sudoers we either need root or an account that has access to use sudo without -password prompt (:NOPASSWD) - -Commands Used - -- `sudo chmod 500 SA_UX_ParseSudoers.pl` -- `sudo ./SA_UX_ParseSudoers.pl` -- `sudo rm SA_UX_ParseSudoers.pl` -- `sudo rmdir /tmp/Stealthbits/` - -Perl Scripts Used - -``` -SA_UX_ParseSudoers.pl -``` - -This grants read access to  `/etc/sudoers` - -#### UX_CriticalFiles Job Requires - -The 2.PrivilegedAccess > UX_Critical Files Job requires permissions in the Unix environment to run -the following commands: - -Commands Used - -- `ls -al /etc/` -- `ls -al /etc/samba/` -- `ls -al /etc/sysconfig` - -#### UX_NFSConfiguration Job Requires - -The 3.Sharing > 0.Collection > UX_NFSConfiguration Job requires permissions in the Unix environment -to run the following commands: - -Perl Scripts Used - -``` -SA_UX_NFSConfiguration.pl -``` - -This grants: - -- read access to `/etc/exports` -- read access to `/etc/dfs/dfstab` - -#### UX_SambaConfiguration Job Requires - -The 3.Sharing > 0.Collection > UX_SambaConfiguration Job requires permissions in the Unix -environment to run the following commands: - -Perl Scripts Used - -``` -SA_UX_SambaConfiguration.pl -``` - -This grants: - -- read access to `/etc/sfw/smb.conf` -- read access to `/etc/samba/smb.conf` diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/windows.md b/docs/accessanalyzer/12.0/getting-started/system-requirements/target/windows.md deleted file mode 100644 index 955ac13245..0000000000 --- a/docs/accessanalyzer/12.0/getting-started/system-requirements/target/windows.md +++ /dev/null @@ -1,89 +0,0 @@ -# Target Windows Server and Desktop Requirements, Permissions, and Ports - -The Access Analyzer for Windows Solution is compatible with the following Microsoft Windows versions -as targets: - -- Windows 7 and higher -- Windows Server 2016 and later - -Server and Desktop Requirements - -The following are requirements for the servers and desktops to be scanned: - -- WINRM Service installed - -Data Collectors - -This solution employs the following data collector to scan the target environment: - -- [GroupPolicy Data Collector](/docs/accessanalyzer/12.0/data-collection/group-policy/overview.md) -- [PowerShell Data Collector](/docs/accessanalyzer/12.0/data-collection/powershell/overview.md) -- [Registry Data Collector](/docs/accessanalyzer/12.0/data-collection/registry/index.md) -- [Script Data Collector](/docs/accessanalyzer/12.0/data-collection/script/overview.md) -- [Services Data Collector](/docs/accessanalyzer/12.0/data-collection/services/index.md) -- [SMARTLog Data Collector](/docs/accessanalyzer/12.0/data-collection/smart-log/overview.md) -- [SystemInfo Data Collector](/docs/accessanalyzer/12.0/data-collection/system-info/overview.md) -- [TextSearch Data Collector](/docs/accessanalyzer/12.0/data-collection/text-search/overview.md) -- [UsersGroups Data Collector](/docs/accessanalyzer/12.0/data-collection/users-groups/overview.md) -- [WMICollector Data Collector](/docs/accessanalyzer/12.0/data-collection/wmi-collector/overview.md) - -## Permissions - -- Member of the local Administrators group -- If target host is a domain controller, member of the Domain Administrator group in the target - domain - -## Ports - -The following firewall ports are needed: - -For GroupPolicy Data Collector - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -For PowerShell Data Collector - -- Randomly allocated high TCP ports - -For Registry Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports - -For Script Data Collector - -- Randomly allocated high TCP ports - -For Services Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports - -For SMARTLog Data Collector - -- TCP 135 -- TCP 445 -- Randomly allocated high TCP ports - -For SystemInfo Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports - -For TextSearch Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports - -For UsersGroups Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports -- 445 - -For WMICollector Data Collector - -- TCP 135-139 -- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/12.0/gettingstarted.md b/docs/accessanalyzer/12.0/gettingstarted.md new file mode 100644 index 0000000000..67bf521948 --- /dev/null +++ b/docs/accessanalyzer/12.0/gettingstarted.md @@ -0,0 +1,100 @@ +# Getting Started + +Once Access Analyzer is installed, the following workflow will quickly enable users to begin +auditing the organization’s IT infrastructure. See the +[Navigating the Console](/docs/accessanalyzer/12.0/admin/navigate/overview.md) topic for additional information and data grid +functionality. + +## Initial Configuration During First Launch + +During the initial Access Analyzer Configuration Wizard, users are walked through configuring +several key global settings: + +- Storage + + - Mandatory configuration during the first launch + - Requires credential on the SQL® Server database which is used to create and modify the Access + Analyzer database + - Option to either create a new database or point to an existing database + - If using Windows Authentication, the Schedule node must be configured also + - See the [Storage](/docs/accessanalyzer/12.0/admin/settings/storage/overview.md) topic for additional information + +- Schedule + + - Only appears if the Storage Profile is configured to use Windows Authentication + - If the Storage Profile is configured to use SQL Authentication, the setting is configured + later + - See the [Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) topic for additional information + +- Instant Job + + - Install the pre-configured solutions for which the organization is licensed + - See the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional + information + +## Global Settings Configured + +The global Settings have an overall impact on the running of Access Analyzer jobs. They are managed +through the Settings node at the top of the Navigation pane. The following global Settings require +configuration from the start: + +- [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) – Configure the Default Connection Profile and + additional Connection Profiles as needed for intended data collection +- [Schedule](/docs/accessanalyzer/12.0/admin/settings/schedule.md) – Configure the Default Scheduled Service Account for + scheduling Access Analyzer job execution, if not configured via the initial configuration wizard +- [Notification](/docs/accessanalyzer/12.0/admin/settings/notification.md) – Configure an SMTP server for Access Analyzer to + use for sending email notifications + +The other global Settings provide additional options for impacting how Access Analyzer functions: + +- [Access](/docs/accessanalyzer/12.0/admin/settings/access/overview.md) – Enable and configure Role Based Access for a least + privileged application of Access Analyzer and report viewing or the enable the REST API + + **NOTE:** If Role Based Access is enabled by accident, contact + [Netwrix Support](https://www.netwrix.com/support.html) for assistance in disabling it. + +- [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) – Configure additional settings not included + in the other nodes +- [Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) – Configure Microsoft® Exchange Server connections + +**CAUTION:** Do not configure data retention at the global level without ensuring History is +supported by ALL solutions to be run. + +- [History](/docs/accessanalyzer/12.0/admin/settings/history.md) – Configure data retention and log retention settings +- [Host Discovery](/docs/accessanalyzer/12.0/admin/settings/hostdiscovery.md) – Configure Host Discovery task settings +- [Host Inventory](/docs/accessanalyzer/12.0/admin/settings/hostinventory.md) – Configure Host Inventory settings +- [Reporting](/docs/accessanalyzer/12.0/admin/settings/reporting.md) – Configure reporting options, if necessary +- [Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) – Flag false positive within discovered + potential sensitive data files +- [ServiceNow](/docs/accessanalyzer/12.0/admin/settings/servicenow.md) – Configure the ServiceNow Action Module authentication + credentials +- [Storage](/docs/accessanalyzer/12.0/admin/settings/storage/overview.md) – Configure additional SQL Server database Storage + Profiles + +See the [Global Settings](/docs/accessanalyzer/12.0/admin/settings/overview.md) topic for additional information. + +## Discover Hosts + +Within the terminology of Access Analyzer, hosts are the machines being targeted during data +collection. Hosts can be discovered or manually introduced to Access Analyzer. Known hosts are then +inventoried to populate dynamic host lists. Host discovery is done at the Host Discovery  node. +Hosts are manually introduced at the Host Management node. + +Host management consists of maintaining up-to-date host inventories and host lists which can be +assigned to job groups or jobs as targeted hosts. See the +[Host Management](/docs/accessanalyzer/12.0/admin/hostmanagement/overview.md) topic for additional information. + +## Job Workflow + +Once the global Settings are configured and hosts have been introduced to Access Analyzer, it is +time to begin auditing. This requires an understanding of the relationship between solutions, job +groups, jobs, queries, analysis, actions, and reports. + +The Access Analyzer job is the fundamental unit. Jobs are responsible for all data collection +queries, analysis tasks, notification tasks, action tasks, and report generation. When Jobs are +designed to work together, they are housed within job groups to control the order of job execution. +Solutions are pre-configured job groups which have been designed to target specific types of +environments to audit for specific data sets, typically the most common types of information +desired. + +See the [Jobs Tree](/docs/accessanalyzer/12.0/admin/jobs/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/host-management/actions/add.md b/docs/accessanalyzer/12.0/host-management/actions/add.md deleted file mode 100644 index 64599d0cd7..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/add.md +++ /dev/null @@ -1,53 +0,0 @@ -# Add Hosts - -The **Add Hosts** option creates a new host list. It can be accessed through the **Host Management** -node. Follow the steps to add a new host list. - -![Add Hosts option on Activities pane of the Host Management node](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/addhosts.webp) - -**Step 1 –** Click **Add Hosts** to open the Host List Wizard in the Results pane. - -![Host List Wizard Specify Manual Host Entry page](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistwizardhostentry.webp) - -**Step 2 –** On the Manual Host Entry page, choose to either enter the hosts manually one at a time, -or use the **Import** option. When the list is completed, click **Next**. - -- To enter hosts manually, type the host name in the **Host name** textbox. Then click **Add**. The - entry will appear in the **Host list** box. Repeat the process until all hosts for this list have - been entered. -- The **Import** option opens the Import Hosts window. See the [Import Hosts Option](/docs/accessanalyzer/12.0/host-management/actions/import-host.md) - topic for additional information. -- Use **Remove** to delete a selected host from the **Host list** box - -![Host List Wizard Specify Host List Properties page](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistwizardproperties.webp) - -**Step 3 –** On the Specify Host List Properties page, provide a unique descriptive **Host List -Name**. - -- There cannot be two host lists with the same name. Access Analyzer automatically appends a numeral - to the end of a host list name to avoid duplicates. - -**Step 4 –** On the Specify Host List Properties page, configure when inventory fields should be -refreshed for hosts in the list and set the credentials to use to conduct the host inventory. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Set the credentials to use to conduct the host inventory. - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -**Step 5 –** Click **Finish** to save the host list and close the Host Lost Wizard. - -The new list displays at the bottom of the host lists under the **Host Management** node in the -Navigation pane. Every host added is included in the host master table at the Host Management node -as well as in the newly created host list. diff --git a/docs/accessanalyzer/12.0/host-management/actions/delete-host.md b/docs/accessanalyzer/12.0/host-management/actions/delete-host.md deleted file mode 100644 index 52fdbb4a31..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/delete-host.md +++ /dev/null @@ -1,51 +0,0 @@ -# Delete Host(s) - -Use the **Delete Host(s)** option at the **Host Management** node to permanently delete a host from -the master host table, or at an individual host list node to remove the host from the selected list. - -## Delete From Host Management Node - -Follow the steps to delete a host from the Host Management node. - -**Step 1 –** In the Host Management node, select the host in the data grid and click **Delete -Host(s)** on the Activities pane. - -![Confirm dialog box](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletehost.webp) - -**CAUTION:** A deletion from the host master table at the Host Management node cannot be undone, as -it deletes it from the host management database tables. It also removes the host from any host list -to which it has been assigned. Click **Cancel** to stop the deletion. - -**Step 2 –** A dialog box asks for confirmation of the action. Click **OK** to proceed with the -deletion. - -The host is no longer in the master host table. - -## Delete From Individual Host List - -Follow the steps to delete a host from an individual host list. - -**Step 1 –** In the host list, select the host in the data grid and click **Delete Host(s)** on the -Activities pane. - -![Confirm dialog box](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletehost.webp) - -**Step 2 –** A dialog box asks for confirmation of the action. Click **OK** to proceed with the -deletion. - -Access Analyzer checks to see if the host exists in any other static host lists. If so, the deletion -is limited to removing the selected host from the current host list. - -![Confirm deletion from master host table dialog box](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletehostmaster.webp) - -**CAUTION:** A deletion from the host master table cannot be undone, as it deletes it from the host -management database tables. - -**Step 3 –** If the host is not found in another static host list, Access Analyzer asks if you also -want to remove the host from the Host Master Table. On the Confirm dialog, select the desired -action. - -- Click **Yes** to remove the host from all dynamic host lists and from the host master table -- Click **No** to remove only the host for the current host list - -The host is no longer in the host list. diff --git a/docs/accessanalyzer/12.0/host-management/actions/delete-list.md b/docs/accessanalyzer/12.0/host-management/actions/delete-list.md deleted file mode 100644 index d7106e201e..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/delete-list.md +++ /dev/null @@ -1,32 +0,0 @@ -# Delete List - -Use the **Delete List** option to remove the selected list. This option is available only at an -individual host list node. - -**_RECOMMENDED:_** Before deleting a host list, first ensure it is not assigned to a job. - -**Step 1 –** In the Navigation pane, select the host list to delete and click **Delete List**. - -![Confirm dialog box](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletelist.webp) - -**CAUTION:** This action cannot be undone. Click **Cancel** to stop the deletion. - -**Step 2 –** On the Confirm dialog box, click **OK** to continue with the deletion. - -Access Analyzer checks to see if any hosts within the host list are found in any other static host -lists. - -![Confirm deletion of orphaned hosts from master host table dialog box](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletelistmaster.webp) - -**Step 3 –** If no hosts are found in any other host list, then Access Analyzer asks if you want to -remove the host from the master host table. On the Confirm dialog box, select the desired option. - -- Yes – Deletes the specified host from the master host table -- No – Does not delete the specified host from the master host table -- No to All – Does not delete other hosts that are not found in another static host list from the - master host table -- Yes to All – Deletes other hosts not found in any other static host list from the master host - table - -When the operation is complete, the list is no longer visible under the Host Management node in the -Navigation pane and it cannot be used to execute jobs against. diff --git a/docs/accessanalyzer/12.0/host-management/actions/edit-list.md b/docs/accessanalyzer/12.0/host-management/actions/edit-list.md deleted file mode 100644 index 07fae92543..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/edit-list.md +++ /dev/null @@ -1,21 +0,0 @@ -# Edit List - -Use the **Edit List** option to edit properties for the selected host list. This option is available -only from an individual host list node. - -![Edit List option on Activities pane](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/editlist.webp) - -Select the host list to edit and click **Edit List**. The Host List Wizard opens for the selected -host list. If the selected host list is a custom static host list, the wizard opens on the Manual -Host Entry page where you can add and remove hosts from the list. Other host lists open directly to -the Specify Host List Properties page where you can modify the following: - -- Host List Name - - **CAUTION:** Changing the name of a host list that has been assigned to a job can cause the job - to fail. - -- Refresh inventory setting -- Credentials used for host inventory - -See the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) topic for information on modifying these settings. diff --git a/docs/accessanalyzer/12.0/host-management/actions/edit-query.md b/docs/accessanalyzer/12.0/host-management/actions/edit-query.md deleted file mode 100644 index 3e27c2478c..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/edit-query.md +++ /dev/null @@ -1,11 +0,0 @@ -# Edit Query - -Use the **Edit Query** option to modify host lists created by a Host Discovery query. - -![Edit Query option on Activities pane](/img/product_docs/accessanalyzer/admin/datacollector/powershell/editquery.webp) - -In the Navigation pane, select the query-created host list to edit and click **Edit Query**. The -Host Discovery Wizard opens to the Query page where the query settings for the selected -query-created host list are modified. See the -[Host Discovery Wizard](/docs/accessanalyzer/12.0/host-management/discovery/wizard/overview.md) topic for information on modifying -these settings. diff --git a/docs/accessanalyzer/12.0/host-management/actions/export.md b/docs/accessanalyzer/12.0/host-management/actions/export.md deleted file mode 100644 index 98560057af..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/export.md +++ /dev/null @@ -1,37 +0,0 @@ -# Export Data - -Use the **Export Data** option to export all information available in the current grid view for the -selected host list to a HTML, XML , or CSV file. Follow the steps to export data. - -**Step 1 –** Select the Host Management or individual host list node to export data from, and -configure the data grid to contain all the columns you want to export. See the -[Host Inventory Data Grid](/docs/accessanalyzer/12.0/host-management/data-grid.md) topic for additional information. - -![Export Data option on the Activities pane](/img/product_docs/threatprevention/threatprevention/admin/navigation/export.webp) - -**Step 2 –** When the data grid contains all columns desired for export, click **Export Data**. A -Save As window opens. - -![Save As window](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportsaveas.webp) - -**Step 3 –** On the Save As window, select the required format (HTML Files, XML Files, or CSV Files) -and provide a name and location for the export file. - -This export is now shareable. Unlike the [View/Edit Host](/docs/accessanalyzer/12.0/host-management/actions/view-host.md) export option, this file will -be in the same format as the data grid. - -## Export Examples - -The following examples show the different export format options. - -Example HTML File Export - -![Example HTML File Export](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportexamplehtml.webp) - -Example XML File Export - -![Example XML File Export](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportexamplexml.webp) - -Example CSV File Export - -![Example CSV File Export](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportexamplecsv.webp) diff --git a/docs/accessanalyzer/12.0/host-management/actions/import-host.md b/docs/accessanalyzer/12.0/host-management/actions/import-host.md deleted file mode 100644 index c5a18d3111..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/import-host.md +++ /dev/null @@ -1,56 +0,0 @@ -# Import Hosts Option - -On the Manual Host Entry page of the Host List Wizard, the **Import** option allows hosts to be -imported from either a CSV file or a database into the host list being created. - -Follow the steps to import hosts. - -![Import option on the Manual Host Entry page of the Host List Wizard](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistwizardimport.webp) - -**Step 1 –** On the Manual Host Entry page of the Host List Wizard, click **Import**. The Import -Hosts window opens. - -![Import Hosts window](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhosts.webp) - -**Step 2 –** On the Import Hosts window, use the **Import from** dropdown to select the source as -either **CSV File** or **Database**. - -**Step 3 –** Configure the source file. The necessary fields depend on the selection in the previous -step. - -![Import Hosts window for importing from CSV File](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhostscsv.webp) - -- CSV File - - - File Name – Click the ellipsis (**…**) to open a browser window and select the CSV file. This - file needs to be stored on the Access Analyzer Console server. Once selected, a preview of the - file is shown in the preview box. - - Includes header row – Select this checkbox if the file contains a header row. Otherwise, the - header row will be included in the import (visible within the preview box). - -![Import Hosts window for importing from Database](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhostsdatabase.webp) - -- Database - - - Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link - Properties window. Provide the required information on the Connection tab of the Data Link - Properties window, and then click **OK**. See the - [Import From a Database](/docs/accessanalyzer/12.0/host-management/discovery/wizard/database.md) topic for additional - information. - - **NOTE:** The Provider, Advanced, and All tabs of the Data Link Properties window should not - be modified. - - - Table – Use the dropdown to select the table that contains the hosts to be imported. A preview - of the selected table is displayed in the preview box. - -**Step 4 –** Use either the drop-down menu or click on the column in the preview box to select the -column containing the host names. The selected column is highlighted in the preview box. - -**Step 5 –** Click **OK** to complete the import. - -![Imported hosts added in the Host list box on the Manual Host Entry page of the Host List Wizard](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhostscomplete.webp) - -The Import Hosts window closes, and the imported list of host names is added in the Host list box on -the Manual Host Entry page of the Host List Wizard. Click **Next** to proceed with configuring the -host list. See the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) topic for additional information on the Host List Wizard. diff --git a/docs/accessanalyzer/12.0/host-management/actions/import-location.md b/docs/accessanalyzer/12.0/host-management/actions/import-location.md deleted file mode 100644 index 9aa0fecc10..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/import-location.md +++ /dev/null @@ -1,68 +0,0 @@ -# Import Location - -Use the **Import Location** option to import the physical location data for hosts and opens a -customized version of the Import Hosts window. Add host locations from a CSV file or SQL Server -database without creating a new host list. See the [Host Inventory Data Grid](/docs/accessanalyzer/12.0/host-management/data-grid.md) topic -for information on the Location column of host inventory. - -Follow the steps to import physical location data for hosts. - -**Step 1 –** Ensure the import source file has columns for both the host name as it is identified -within Access Analyzer and the location. - -**NOTE:** When a host name does not match any existing hosts within the Host Master Table, it can be -added as a new host. - -![Import Location option on Activities pane](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocation.webp) - -**Step 2 –** Select the host list and click **Import Location**. - -![Import Hosts window for importing location](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocationwindow.webp) - -**Step 3 –** On the Import Hosts window, use the **Import from** dropdown to select the source as -either **CSV File** or **Database**. - -**Step 4 –** Configure the source file. The necessary fields depend on the selection in the previous -step. - -- CSV File - - - File Name – Click the ellipsis (**…**) to open a browser window and select the CSV file. This - file needs to be stored on the Access Analyzer Console server. Once selected, a preview of the - file is shown in the preview box. - - Includes header row – Select this checkbox if the file contains a header row. Otherwise, the - header row will be included in the import (visible within the preview box). - -- Database - - - Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link - Properties window. Provide the required information on the Connection tab of the Data Link - Properties window, and then click **OK**. See the - [Import From a Database](/docs/accessanalyzer/12.0/host-management/discovery/wizard/database.md) topic for additional - information. - - **NOTE:** The Provider, Advanced, and All tabs of the Data Link Properties window should not - be modified. - - - Table – Use the dropdown to select the table that contains the hosts to be imported. A preview - of the selected table is displayed in the preview box. - -**Step 5 –** Use either the drop-down menu or click on the column in the preview box to select the -column containing the host names. The selected column is highlighted in the preview box. - -![Import Hosts window Location column selection](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocationcsv.webp) - -**Step 6 –** Use the **Import column** drop-down menu to select the column containing the location -information. The selected column is highlighted a lighter color in the preview box. - -**Step 7 –** Click **OK** to complete the import. - -![Imported Location column data in the data grid](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocationcomplete.webp) - -The Location column now contains the imported information. If any of the hosts included in the -import file are not already in the Host Master Table, Access Analyzer prompts for confirmation on -whether or not to import the host. Selecting **Yes** or **Yes to All** adds the new hosts to the -Host Master Table but not to any individual host lists. - -**NOTE:** Any new hosts that match dynamic host list criteria will be added to the appropriate -dynamic host lists. diff --git a/docs/accessanalyzer/12.0/host-management/actions/overview.md b/docs/accessanalyzer/12.0/host-management/actions/overview.md deleted file mode 100644 index acb92e81aa..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/overview.md +++ /dev/null @@ -1,50 +0,0 @@ -# Host Management Activities - -The Activities pane available at the Host Management node and at the individual host list nodes -provides the tools needed to manage hosts and host lists. - -| ![Activities pane in Host Management node](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/activitiesindividualhost.webp) | -| --------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| Host Management Node | Individual Host List Nodes | - -The available actions are: - -- [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) – Create a new host list by manually entering hosts or importing a host list - (only available in the Host Management node) -- [View/Edit Host](/docs/accessanalyzer/12.0/host-management/actions/view-host.md) – Open the Host Details View, which displays the collected host - inventory information for the selected host in an easier-to-read format and allows you to manually - edit the host inventory information -- [Delete Host(s)](/docs/accessanalyzer/12.0/host-management/actions/delete-host.md) – Delete host from the selected list (permanently deletes host - from the host master table if used in the Host Management node) -- [Import Location](/docs/accessanalyzer/12.0/host-management/actions/import-location.md) – Import the physical location data for hosts from a CSV file - or database without creating a new host list. Location column is in the - [Host Inventory Data Grid](/docs/accessanalyzer/12.0/host-management/data-grid.md). -- [Refresh Hosts](/docs/accessanalyzer/12.0/host-management/actions/refresh.md) – Manually executes the host inventory query for the selection -- [Save Current View](/docs/accessanalyzer/12.0/host-management/actions/save-view.md) – Create a dynamic host list from the current (filtered) data - grid view -- [Save Selected To List](/docs/accessanalyzer/12.0/host-management/actions/save-to-list.md) – Create a static host list from the selected hosts within - the current data grid -- [Schedule (Activities Pane Option)](/docs/accessanalyzer/12.0/host-management/actions/schedule.md) – Opens a customized Schedule Properties window - to schedule a host inventory query -- [Export Data](/docs/accessanalyzer/12.0/host-management/actions/export.md) – Export the current data grid to a HTML, XML, or CSV file -- [Suspend/Resume Host Inventory](/docs/accessanalyzer/12.0/host-management/actions/suspend.md) – Pause an **In progress** host inventory or resume a - paused **In queue** host inventory -- External commands – Sub-header (not activity) that separates the Activities above which occur - within the Access Analyzer Console from the Activities below which open external processes: - - - Manage Host – Opens the Microsoft Management Console interface for the selected host if it has - that feature enabled - - Explore Host – Opens Windows Explorer, displaying the shares on the selected host - - Ping Host – Opens a Command Prompt to run a ping command targeting the selected host - - Trace Route to Host – Opens a Command Prompt to run the `TraceRoute` command, locating a path - to the selected machine in less than 30 hops - -Activities available only at the individual host list nodes are: - -- [Edit List](/docs/accessanalyzer/12.0/host-management/actions/edit-list.md) – Edit the selected host list in the Host List Wizard -- [Edit Query](/docs/accessanalyzer/12.0/host-management/actions/edit-query.md) – Edit the Host Discovery query settings for the selected query-created - host list -- [Rename List](/docs/accessanalyzer/12.0/host-management/actions/rename.md) – Rename the selected host list (should not be used if the host list has - already been assigned to a job for execution) -- [Delete List](/docs/accessanalyzer/12.0/host-management/actions/delete-list.md) – Delete the selected host list -- [View Query](/docs/accessanalyzer/12.0/host-management/actions/view-query.md) – Opens the Host Discovery Queries window diff --git a/docs/accessanalyzer/12.0/host-management/actions/refresh.md b/docs/accessanalyzer/12.0/host-management/actions/refresh.md deleted file mode 100644 index f0584ca5b9..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/refresh.md +++ /dev/null @@ -1,18 +0,0 @@ -# Refresh Hosts - -Use the **Refresh Hosts** option to manually execute the Host Inventory query. It can be selected -for the following: - -- All hosts – Use from the Host Management node -- Individual host list – Use from a host list node to refresh all hosts in the selected host list -- Selected hosts in a list – Select hosts using the Windows Ctrl and left-click function or by - filtering the data grid view -- Individual host – Select a host from the current view - -![Refresh Hosts option on Activities pane](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/refreshhosts.webp) - -Select the hosts or host list to inventory and then click **Refresh Hosts** in the Activities pane. - -![Refresh Hosts Confirm dialog](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/refreshhostsconfirm.webp) - -When only particular hosts are selected in a list, a dialog box asks for confirmation of the action. diff --git a/docs/accessanalyzer/12.0/host-management/actions/rename.md b/docs/accessanalyzer/12.0/host-management/actions/rename.md deleted file mode 100644 index 61448f031f..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/rename.md +++ /dev/null @@ -1,15 +0,0 @@ -# Rename List - -Use the Rename List option to change the name of a selected host list. This option is available only -from an individual host list node. - -**CAUTION:** Changing the name on a host list that has been assigned to a job can cause the job to -fail. - -![Host list name window](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistname.webp) - -Select the host list to rename and click **Rename List** to open the Host list name window. Enter -the new name for the host list and click **OK**. - -**NOTE:** Host list names can also be changed using the **Edit List** option, see the -[Edit List](/docs/accessanalyzer/12.0/host-management/actions/edit-list.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/host-management/actions/save-to-list.md b/docs/accessanalyzer/12.0/host-management/actions/save-to-list.md deleted file mode 100644 index be73298491..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/save-to-list.md +++ /dev/null @@ -1,13 +0,0 @@ -# Save Selected To List - -Use the **Save Selected To List** option to create a static host list. This option is available from -either the Host Management node or an individual host list node. See the -[Static Host Lists](/docs/accessanalyzer/12.0/host-management/lists.md#static-host-lists) topic for additional information on static host -lists. This option is inactive until at least one host within the data grid is selected. - -![Save Selected To List option in Host Management node](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/savetolist.webp) - -Use the Windows Ctrl + left-click function to select multiple hosts from the data grid. In the -Activities pane, click **Save Selected To List**. The Host List Wizard opens with the selected hosts -in the Host list box on the Manual Host Entry page. See the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) topic for -information on creating a host list. diff --git a/docs/accessanalyzer/12.0/host-management/actions/save-view.md b/docs/accessanalyzer/12.0/host-management/actions/save-view.md deleted file mode 100644 index 5c27b301ea..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/save-view.md +++ /dev/null @@ -1,30 +0,0 @@ -# Save Current View - -Use the **Save Current View** option to create a dynamic host list. This option is available from -either the Host Management node or an individual host list node. The option is inactive until you -apply a filter to the data grid. Follow the steps to create a dynamic host list. - -**Step 1 –** Select the Host Management or individual host list node to create the host list from. - -**Step 2 –** Filter the data grid for the desired criteria. See the -[Host Inventory Data Grid](/docs/accessanalyzer/12.0/host-management/data-grid.md) topic for additional information. - -![savecurrentview](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/savecurrentview.webp) - -**Step 3 –** Click **Save Current View** in the Activities pane. - -![Host List name window](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistname.webp) - -**Step 4 –** On the Host list name window, provide a unique, descriptive name for the new host list -and click **OK**. - -The new host list displays under the Host Management node. When the Access Analyzer Console closes -the host lists under the Host Management node, the hosts reorganize in alphanumeric order. Like the -default host lists, custom dynamic host lists are auto-populated and updated according to host -inventory. - -**_RECOMMENDED:_** Do not modify the criteria once a dynamic based list has been created. It is -better to delete and recreate the list in order to modify a dynamic-based list. - -See the [Dynamic Host Lists](/docs/accessanalyzer/12.0/host-management/lists.md#dynamic-host-lists) topic for more information on dynamic -host lists. diff --git a/docs/accessanalyzer/12.0/host-management/actions/schedule.md b/docs/accessanalyzer/12.0/host-management/actions/schedule.md deleted file mode 100644 index e32e3ba017..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/schedule.md +++ /dev/null @@ -1,22 +0,0 @@ -# Schedule (Activities Pane Option) - -Use the **Schedule** option in the Activities pane to schedule a host inventory query to run for any -of the following: - -- All hosts in the Host Master Table -- An individual host list -- Selected hosts in a list - -![Schedule option on the Activities pane](/img/product_docs/threatprevention/threatprevention/admin/configuration/databasemaintenance/schedule.webp) - -Select the hosts or host list to inventory and click **Schedule** in the Activities pane. The -Schedule Wizard opens for the selected host or host list. - -![Schedule Wizard for Host Inventory Query](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/schedulewizardhostmanagement.webp) - -Use the Schedule Wizard to configure the scheduled task. See the -[Schedule Wizard](/docs/accessanalyzer/12.0/administration/job-management/schedule/wizard.md) topic for additional information. - -The details of the scheduled Inventory query are available in the **Schedules** view, including the -next run date and time. See the [Schedules](/docs/accessanalyzer/12.0/administration/job-management/schedule/overview.md) topic for additional -information. diff --git a/docs/accessanalyzer/12.0/host-management/actions/suspend.md b/docs/accessanalyzer/12.0/host-management/actions/suspend.md deleted file mode 100644 index 81c032b066..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/suspend.md +++ /dev/null @@ -1,15 +0,0 @@ -# Suspend/Resume Host Inventory - -Use the **Suspend Host Inventory** option to pause an in progress inventory. - -![Suspend Host Inventory](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/suspendhostinventory.webp) - -Once clicked, the option changes to **Resume Host Inventory** and the **In progress** host -inventories change to an **In queue** state. - -**NOTE:** Clicking **Refresh Hosts** while inventory is suspended adds to the queue but does not -resume the inventory. - -![Resume Host Inventory](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/resumehostinventory.webp) - -Click **Resume Host Inventory** to resume the inventory queries. diff --git a/docs/accessanalyzer/12.0/host-management/actions/view-host.md b/docs/accessanalyzer/12.0/host-management/actions/view-host.md deleted file mode 100644 index b42af1a01c..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/view-host.md +++ /dev/null @@ -1,22 +0,0 @@ -# View/Edit Host - -Use the **View/Edit Host** option to open the Host Details View. This view displays the collected -host inventory information for the selected host in an easy-to-read format. - -![View/Edit Host option](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/viewedithost.webp) - -Select a host from either the Host Master Table or an individual host list and click **View/Edit -Host**. - -![Host Details View](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostdetailsview.webp) - -The Host Details View displays in the Results pane, and the rest of the Access Analyzer Console is -unavailable while it is open. You can use the view to manually edit the host inventory information. - -- Edit – Enables the textboxes and checkboxes for editing -- Apply – Saves any changes. This button appears when **Edit** is clicked. -- Save as HTML – Exports the current view of the selected host’s inventory to an HTML file. Click, - then provide a name and location for the export. The export is now sharable as desired. This - button is inactive while in edit mode. -- Cancel – Abandons any changes. This button displays when **Edit** is clicked. -- Close – Exits the Host Details View diff --git a/docs/accessanalyzer/12.0/host-management/actions/view-query.md b/docs/accessanalyzer/12.0/host-management/actions/view-query.md deleted file mode 100644 index 3dd006009b..0000000000 --- a/docs/accessanalyzer/12.0/host-management/actions/view-query.md +++ /dev/null @@ -1,8 +0,0 @@ -# View Query - -Use the **View Query** option to open the Host Discovery Queries pane. - -![View Query option on Activities pane](/img/product_docs/accessanalyzer/admin/hostmanagement/actions/viewquery.webp) - -Click **View Query** to go to the Host Discovery Queries pane. See the -[Host Discovery Queries](/docs/accessanalyzer/12.0/host-management/discovery/queries.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/host-management/data-grid.md b/docs/accessanalyzer/12.0/host-management/data-grid.md deleted file mode 100644 index 0aa4e0e31d..0000000000 --- a/docs/accessanalyzer/12.0/host-management/data-grid.md +++ /dev/null @@ -1,91 +0,0 @@ -# Host Inventory Data Grid - -The data grid provides all host inventory information collected on the hosts. View this information -at the **Host Management** node (the Host Master Table) or at individual host list nodes. See the -[Hosts Lists](/docs/accessanalyzer/12.0/host-management/lists.md) topic for information on host lists. - -![Host Inventory Data Grid](/img/product_docs/threatprevention/threatprevention/admin/investigate/datagrid.webp) - -The icon for each host entry is an indicator of its inventory state: - -| Icon | Inventory State | -| ------------------------------------------------------------------------------------------------------------------- | --------------- | -| ![Idle inventory state icon](/img/product_docs/accessanalyzer/admin/hostmanagement/inventoryidle.webp) | Idle | -| ![In Queue inventory state icon](/img/product_docs/accessanalyzer/admin/hostmanagement/inventoryinqueue.webp) | In Queue | -| ![In Progress inventory state icon](/img/product_docs/accessanalyzer/admin/hostmanagement/inventoryinprogress.webp) | In Progress | - -The **Name**, **HostStatus**, and **InventoryState** grid columns are fixed by default. If desired, -you can move these columns to the scrollable section of the table. - -Use the horizontal scrollbar at the bottom to view the host inventory data, which includes: - -- Name – Unique host name -- HostStatus – Status of the host during the last time it was queried for host inventory collection -- InventoryState – Last known status of the host inventory query (**Idle**, **In progress**, or **In - queue**) - - **NOTE:** If the Access Analyzer application is stopped during host inventory collection, hosts - queued for inventory retain the **InventoryState** of **In queue** within the Host Management - node data grid, as this is the last known state of inventory. It retains that state until the - next host inventory collection is executed against the host. - -- IPAddress – Last known IP Address for the host from host inventory collection -- Subnet – Subnet mask for the host’s IP Address -- DNSDomain – Domain in which the host participates -- FQDN – Fully Qualified Domain Name of host -- OSName – Name of host’s operating system -- OSType – Type of host’s operating system -- TimeZone – Configured time zone for the host -- LastOnline – Timestamp for the last time the host was found to be online during a host inventory - query -- LastAudit – Timestamp for the last time the host was executed against at the job level -- LastUpdate – Timestamp for the last time the host inventory record was updated -- WindowsDomain – Domain in which the host resides -- OSVersion – Version of the host’s operating system -- ServicePack – Operating system Service Pack for the host -- Role – Estimated role of the workstation or server (only applicable to Windows devices) -- Manufacturer – Name of the manufacturer of the device, if applicable -- SerialNumber – Serial number of the device, if applicable -- ADSite – Active Directory site in which the host resides -- isDNSServer – True or False if the host serves the role of DNS server -- isDomainController – True or False if host serves the role of domain controller -- isGlobalCatalog – True or False if host serves the role of Global Catalog -- isExchangeServer – True or False if host serves the role of Exchange server -- Model – Model of the device, if applicable -- FirstDiscovered – Timestamp of the Host Discovery query which introduced the host -- LastUpdatedBy – Name of the Access Analyzer Console server which last updated the host’s inventory - record -- MACAddress – Media Access Control address, if applicable -- ServerRole – Indicates what role is served by the server (only applicable to Exchange servers) -- isIIS – True or False if IIS is present on the server -- Location – Distinct physical location, entered manually through the - [Import Location](/docs/accessanalyzer/12.0/host-management/actions/import-location.md) activity -- ExchLocation – Distinct physical location of Exchange server, entered manually through the - [Import Location](/docs/accessanalyzer/12.0/host-management/actions/import-location.md) activity -- AltLocation – Alternate physical location, entered manually through the - [Import Location](/docs/accessanalyzer/12.0/host-management/actions/import-location.md) activity -- WinCluster – Name of the Windows cluster in which the host is a part, if applicable -- ExchCluster – Name of the Exchange cluster in which the host is a part, if applicable -- ExchangeServerRole – Name of the Exchange server roles served by the host -- ExchangeVersion – Exchange Server application version obtained from the registry -- IsSQLServer – True or False if host serves the role of SQL Server -- hostID – Unique identifier of the host within the Access Analyzer inventory tables - -See the [Data Grid Functionality](/docs/accessanalyzer/12.0/administration/navigation/data-grid.md) topic for information on how to sort, -filter, and search within the data grid. - -The Activities pane provides several options for managing hosts within the Host Management node. See -the [Host Management Activities](/docs/accessanalyzer/12.0/host-management/actions/overview.md) topic for information on these options. - -## Host List Data Grid Right-Click Menus - -The right-click menu available in the Host Management data grid varies according to the selection in -the Navigation pane. - -| ![Host Management node right-click menu](/img/product_docs/accessanalyzer/admin/hostmanagement/rightclickquerycreated.webp) | -| --------------------------------------------------------------------------------------------------------------------------- | -------------------- | ----------------------- | -| Host Management Node | Individual Host List | Query-Created Host List | - -These right-click menu options contain the Host Management Activities available for the selection. -See the [Host Management Activities](/docs/accessanalyzer/12.0/host-management/actions/overview.md) topic for additional information on these -options. diff --git a/docs/accessanalyzer/12.0/host-management/discovery/activities.md b/docs/accessanalyzer/12.0/host-management/discovery/activities.md deleted file mode 100644 index 97a65d0f75..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/activities.md +++ /dev/null @@ -1,35 +0,0 @@ -# Host Discovery Queries Activities Pane - -The Activities pane provides several options for managing Host Discovery queries. - -![Activities pane](/img/product_docs/accessanalyzer/admin/hostdiscovery/activities.webp) - -The options are: - -- Create Query – Opens the Host Discovery Wizard to create a new query -- Edit Query – Opens the Host Discovery Wizard with the selected query’s configuration -- Delete Query – Deletes the selected query and its generated host list - - - A confirmation window displays. Click **Yes** to complete the deletion - -- Run Query – Begins an immediate execution of the selected query -- Stop Query – Stops the selected query which is currently running - - - No action occurs if the query is **Idle** - -- Suspend Query Queue – Removes the selected query from a scheduled queue - - - The Activities pane listing changes to **Resume Query Queue**. Click again to resume scheduled - queue. - -- Schedule – Opens the Schedule wizard to schedule query execution - - - See the [Schedule](/docs/accessanalyzer/12.0/administration/settings/schedule.md) topic for additional information on the Schedule - wizard - -- View Host List – Opens the [Host Management](/docs/accessanalyzer/12.0/host-management/overview.md) node directly to the - selected query’s generated host list - -These options are also available through a pop-up menu accessed by right-clicking on a query. -**Create Query** and **Suspend Query Queue** are additionally available through a pop-up menu -accessed by right-clicking on the **Host Discovery** node. diff --git a/docs/accessanalyzer/12.0/host-management/discovery/log.md b/docs/accessanalyzer/12.0/host-management/discovery/log.md deleted file mode 100644 index 75b2eeb955..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/log.md +++ /dev/null @@ -1,26 +0,0 @@ -# Discovery Log - -The **Host Discovery** > **Discovery Log** node lists host discovery logs. These logs house -transactions that transpire during the running of host discovery and host inventory tasks. - -![Discovery Log](/img/product_docs/accessanalyzer/admin/hostdiscovery/discoverylog.webp) - -The Discovery Log logging level is configured within the **Settings** > **Host Discovery** node. See -the [Host Discovery](/docs/accessanalyzer/12.0/administration/settings/host-discovery.md) topic for additional information. - -The following options are above the data grid: - -- Reload Log – Refresh the log data for the selected Log date and Query Name -- Log date – Select the desired **Log date** from the drop-down menu to view transactions -- Query Name – The default selection is **All Queries**. To narrow the data to a desired query, - select a query name from the drop-down menu. - -The data grid contains the following columns: - -- Date – Date timestamp of transaction -- Kind – Type of transaction recorded (Error, Warning, Info, Debug), controlled by the configured - logging level -- Source – Selectively used, the source value reflects the core component responsible for producing - the message -- HostName – Name of the targeted host where the transaction occurred -- Message – Log transaction message diff --git a/docs/accessanalyzer/12.0/host-management/discovery/overview.md b/docs/accessanalyzer/12.0/host-management/discovery/overview.md deleted file mode 100644 index 94e4627cfb..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/overview.md +++ /dev/null @@ -1,18 +0,0 @@ -# Host Discovery Node - -Use the **Host Discovery** node to discover hosts to audit. Host Discovery queries are created in -the Host Discovery node to discover hosts within the targeted environment that match the desired -criteria (for example, all domain controllers for Active Directory auditing). - -The Host Discovery queries view displays a list of previously configured queries, opens the Host -Discovery Wizard to create new queries, and is where host inventory process can be automated. The -**Host Discovery** node houses the Discovery Log. The **Settings** > **Host Discovery** node -contains the global settings that affect discovery queries. See the -[Host Discovery](/docs/accessanalyzer/12.0/administration/settings/host-discovery.md) topic for additional information. - -The Discovery node has four main panes: - -- [Host Discovery Queries](/docs/accessanalyzer/12.0/host-management/discovery/queries.md) -- [Host Discovery Queries Activities Pane](/docs/accessanalyzer/12.0/host-management/discovery/activities.md) -- [Host Discovery Wizard](/docs/accessanalyzer/12.0/host-management/discovery/wizard/overview.md) -- [Discovery Log](/docs/accessanalyzer/12.0/host-management/discovery/log.md) diff --git a/docs/accessanalyzer/12.0/host-management/discovery/queries.md b/docs/accessanalyzer/12.0/host-management/discovery/queries.md deleted file mode 100644 index 990fec9833..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/queries.md +++ /dev/null @@ -1,45 +0,0 @@ -# Host Discovery Queries - -The Host Discovery Queries Pane contains a list of previously-configured queries. - -![Host Discovery Queries Pane](/img/product_docs/accessanalyzer/admin/hostdiscovery/queries.webp) - -The list of previously configured queries is provided in a table format with the following columns: - -- Name – Displays the name assigned to the query during creation -- Query Source – Identifies where the query searches for hosts -- Query State – Displays the query’s current status (active or idle) -- Last count – Identifies the number of hosts found from the last scan -- Last Queried – Displays the date and time stamp for the last running of the query -- Connection Profile – Identifies the Connection Profile assigned to the query for access to the - Query Source -- ID – GUID of the query task -- SANode – Name of the Access Analyzer Console server -- Snapshot mode – Identifies the type of discovery query: - - - Cumulative – Grows the host list by appending newly discovered hosts with each query execution - - Snapshot – Only shows host found during the most recent query execution - - **NOTE:** The Snapshot mode is configured on the Options page of the Host Discovery Wizard. - -## View Hidden Columns - -Follow the steps to view the hidden columns in the table: - -**Step 1 –** Right-click a header in the table, which opens a context menu. - -![Field Chooser option on context menu](/img/product_docs/accessanalyzer/admin/hostdiscovery/queriesfieldchooser.webp) - -**Step 2 –** Select **Field Chooser**, which opens the Customization window. - -![Customization window](/img/product_docs/accessanalyzer/admin/hostdiscovery/queriescustomizationwindow.webp) - -**Step 3 –** Select the **Columns** tab. - -![Drag hidden colum into table](/img/product_docs/accessanalyzer/admin/hostdiscovery/queriesaddhiddencolumn.webp) - -**Step 4 –** Drag and drop the desired column between any header of the table. - -![Host Discovery Queries table with column added](/img/product_docs/accessanalyzer/admin/hostdiscovery/querieshiddencolumnadded.webp) - -The header is now present in the table. diff --git a/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-domain-controllers.md b/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-domain-controllers.md deleted file mode 100644 index 4f82e27d88..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-domain-controllers.md +++ /dev/null @@ -1,121 +0,0 @@ -# Query an Active Directory server (Discover Domain Controllers) - -Follow the steps to create a Host Discovery query using the **Query an Active Directory server -(Discover Domain Controllers)** source option. This option scans the default domain controller or a -specified server but is scoped to return only machines that are domain controllers. - -![Host Discovey Wizard Source page for AD Domain Controllers query](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Query an Active -Directory server (Discover Domain Controllers)** option. Click **Next**. - -![Host Discovey Wizard Query page for AD Domain Controllers query](/img/product_docs/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovey Wizard Domains & Sites page](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/domainssites.webp) - -**Step 3 –** The Domains & Sites page is scoped to return all domain controllers in the targeted -domains and sites. By default, all domains and sites are selected. If desired, scope to target -specific domains and sites. - -- Connection – Select the radio button to specify the server to be connected to and searched: - - - Connect to default directory – Selects a default domain controller from the domain in which - the Access Analyzer Console server resides - - Specify server – Specify a particular server or domain controller. Type the server name in the - textbox. Click **Connect** to confirm the connection to the specified server and populate the - domains and sites choices. - -- Filter by domains – Lists discovered domains - - - Search all domains – The default option. To narrow the scope to specific domains, deselect - this option to enable the selection box. - - Exclude domain – Deselect the checkbox for a domain in the list to exclude it from the scope. - The **Check All** and **Uncheck All** buttons are enabled when scoping by domain. - -- Filter by sites – Lists discovered sites - - - Search all sites – The default option. To narrow the scope to specific sites, deselect this - option to enable the Selection box. - - Exclude site – Deselect the checkbox for a site in the list to exclude it from the scope. The - **Check All** and **Uncheck All** buttons are enabled when scoping by site. - -Click **Next** to continue. - -![Host Discovey Wizard Options page for AD Domain Controllers query](/img/product_docs/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovey Wizard Inventory page for AD Domain Controllers query](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovey Wizard Summary page for AD Domain Controllers query](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-exchange.md b/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-exchange.md deleted file mode 100644 index 58f7b88d2e..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-exchange.md +++ /dev/null @@ -1,100 +0,0 @@ -# Query an Active Directory Server (Discover Exchange servers) - -Follow the steps to create a Host Discovery query using the Query an Active Directory server -(Discover Exchange servers) source option. This option scans the default domain controller or a -specified server but is scoped to return only computer objects residing in the configuration -container for Exchange servers. - -![Host Discovery Wizard Source page for AD Exchange](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source Page, select the **Query an Active -Directory server (Discover Exchange servers)** option. Click **Next**. - -![Host Discovery Wizard Query page for AD Exchange](/img/product_docs/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Exchange Server Query page](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/exchangeserver.webp) - -**Step 3 –** The Exchange Server Query page is scoped to the default Microsoft container where all -Exchange servers are housed. - -Leave this page unchanged. If you must modify this page, see the -[Query an Active Directory Server (General)](/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-general.md) topic for instructions. Click **Next**. - -![Host Discovery Wizard Options page for AD Exchange](/img/product_docs/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovery Wizard Inventory page for AD Exchange](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Summary page for AD Exchange](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-general.md b/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-general.md deleted file mode 100644 index 3ef8059609..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-general.md +++ /dev/null @@ -1,122 +0,0 @@ -# Query an Active Directory Server (General) - -Follow the steps to create a Host Discovery query using the Query an Active Directory server -(General) source option. This option scans the default domain controller or a specified server for -all computer objects. The query can be scoped to only return computer objects in specified -containers or individual computer objects. See Step 3 for additional information. - -![Host Discovery Wizard Source page for AD General](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Query an Active -Directory server (General)** option. Click **Next**. - -![Host Discovery Wizard Query page for AD General](/img/product_docs/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Active Directory page](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) - -**Step 3 –** On the Active Directory page, identify the organizational units (OUs) to scan. - -**_RECOMMENDED:_** Scope the query when using this source option. - -- Connection – Select the server to connect to and search for computer objects using the radio - buttons: - - - Connect to default directory – Selects a default domain controller from the domain in which - the Access Analyzer Console server resides - - Specify server – Allows you to specify a particular server or domain controller. Type the - server name in the textbox. Click **Connect** to confirm the connection to the specified - server and populate the OU choices. - -- Use Configuration directory partition (contains all Exchange servers) – If selected, the - Configuration directory opens in the Selection box -- Selection box – Expand the domain to select containers and individual hosts. Click **Add** to - include the selected container or host in the OUs to be searched box. -- OUs to be searched box – Displays the selected OUs. Use the buttons at the top of the box to edit - the list: - - - Add – Adds the selection from the Selection Box into the list - - Remove – Removes the selected OU from the list - -- Search sub-OUs – This checkbox in the OUs to be searched box indicates scan depth for the selected - OU - -Click **Next** to continue. - -![Host Discovery Wizard Options page for AD General](/img/product_docs/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovery Wizard Inventory page for AD General](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Summary page for AD General](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/host-management/discovery/wizard/csv.md b/docs/accessanalyzer/12.0/host-management/discovery/wizard/csv.md deleted file mode 100644 index 946a9d15cc..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/wizard/csv.md +++ /dev/null @@ -1,111 +0,0 @@ -# Import From a Local CSV File - -Follow the steps to create a Host Discovery query using the **Import from a CSV file** source -option. - -**CAUTION:** Each time a query refresh occurs for a query with an import option set as the source, -it re-imports the host list. Therefore, deleting, renaming, or moving the import source file causes -the query to fail. - -![Host Discovery Wizard Source page for CSV import](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Import from a CSV -file** option on the Source page. Click **Next**. - -![Host Discovery Wizard Query page for CSV import](/img/product_docs/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -**NOTE:** The source in this case is the Access Analyzer Console server. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard CSV File Import page](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/fileimport.webp) - -**Step 3 –** On the CSV File Import page, identify the CSV file to import and the column from within -the file where the host names are located: - -- File name – Identify the CSV file with the full file path. Use the ellipsis (**…**) to open a - browser window. -- Includes header row – If the first row of the CSV file is a header row, select this option to - remove it from the list of hosts to be imported -- Column – The drop-down menu is populated from the selected CSV file. Select the column containing - the host names. The selection is highlighted in the Sample data box. -- Sample data box – Displays a preview of the selected CSV file - -Click **Next** to continue. - -![Host Discovery Wizard Options page for CSV import](/img/product_docs/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovery Wizard Inventory page for CSV import](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Summary page for CSV import](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/host-management/discovery/wizard/database.md b/docs/accessanalyzer/12.0/host-management/discovery/wizard/database.md deleted file mode 100644 index f83dc9bca2..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/wizard/database.md +++ /dev/null @@ -1,138 +0,0 @@ -# Import From a Database - -Follow the steps to create a Host Discovery query using the **Import from a database** source -option. - -**CAUTION:** Each time a query refresh occurs for a query with an import option set as the source, -it re-imports the host list. Therefore, deleting, renaming, or moving the import source file causes -the query to fail. - -![Host Discovery Wizard Source page for database import](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Import from a -database** option. Click **Next**. - -![Host Discovery Wizard Query page for database import](/img/product_docs/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Database Import page](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/databaseimport.webp) - -**Step 3 –** On the Database Import page, identify the database, table, and column where the host -names are located: - -- Data source – Identify the database. Click the ellipsis (**…**) to open the Data Link Properties - window. Then provide the required information on the Connection tab. - - ![Data Link Properties window Connection tab](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/datalinkproperties.webp) - - - Server name – Use the drop-down menu to select the server. The **Refresh** button refreshes - the list of available servers. - - Credentials – Select the credentials to use to log on to the server: - - - Use Windows NT Integrated security – This option applies the credentials used to run the - Access Analyzer application - - Use a specific user name and password – Provide the user name and password and select the - **Allow saving password** option - - If selected, the **Blank password** option indicates that no password is required - - ![Test connection succeeded confirmation window](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp) - - - Click **Test Connection** to confirm a connection has been established. Click **OK** on the - confirmation window. - - Database – Select the **Select the database on the server** option and use the drop-down menu - to select the database - - The other tabs in the Data Link Properties window should not be modified - - - Provider tab – The database connector, dictated by the source of the data and the data - sources that are available on the Access Analyzer Console server. This is set by default - to the **Microsoft OLE DB Provider for SQL Server**. - - Advanced tab – Allows modifications of the connection timeout to the database server in - case the server is slow or far away - - All tab – Do not modify this tab - - - Click **OK** to close the Data Link Properties window - -- Table – Use the drop-down menu to select a table from the database -- Column – Use the drop-down menu to select the column where the host names are located. The - selection is highlighted in the Sample data box. -- Sample data Box – Displays a preview of the selected database table - -Click **Next** to continue. - -![Host Discovery Wizard Options page for database import](/img/product_docs/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovery Wizard Inventory page for database import](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovery Wizard Summary page for database import](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/host-management/discovery/wizard/ip-network.md b/docs/accessanalyzer/12.0/host-management/discovery/wizard/ip-network.md deleted file mode 100644 index 0164c5648f..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/wizard/ip-network.md +++ /dev/null @@ -1,132 +0,0 @@ -# Scan IP Network - -Follow the steps to create a Host Discovery query using the Scan your IP network source option. This -option scans a specified range of IP Addresses for active hosts and resolves the names of machines -using DNS. - -![Host Discovey Wizard Source page for IP network scan](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source.webp) - -**Step 1 –** Open the Host Discovery Wizard. On the Source page, select the **Scan your IP network** -option. Click **Next**. - -![Host Discovey Wizard Query page for IP network scan](/img/product_docs/accessanalyzer/admin/datacollector/nis/query.webp) - -**Step 2 –** On the Query page, name the query and select the credentials used to access the source. - -- Query Name – Provide a unique descriptive name for this query by typing over the `NEWQUERY` - default name. Two queries cannot have the same name. If you use an existing name, a number is - automatically appended to the query name, for example `NEWQUERY` becomes `NEWQUERY1`. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for querying the source: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovey Wizard IPSweep page](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/ipsweep.webp) - -**Step 3 –** On the IPSweep page, specify the range of IP Addresses to scan. - -- Specification Type – Specify the type of IP range to scan. The selected Specification Type - determines the IP Address options available for specifying the IP range. The default is **Specify - IP Address Range**, but the following options are available: - - - Specify Windows IP Configuration Information – Provide **Hostname or IP address** and **Subnet - mask** values - - Specify IP Address Range – Provide **Starting IP Address** and **Ending IP Address** - - Specify Advance IP Address Range – Provide **IP Address Range** - -- IP Address options – The help [?] button at the end of each textbox provides example formats - - - Hostname or IP address – Example: `192.168.2.35` or `target.example.com` - - Subnet mask – Example: `255.255.255.0` - - Starting IP Address – Example: `192.168.2.1` - - Ending IP Address – Example: `192.168.2.255` - - IP Address Range – Example: `192.168.2.*` - - See the help button for full list of examples - -- IP Ranges box – Displays the selected range of IP Addresses. Use the links at the top of the box - to edit the list: - - - Add as inclusion – Adds information provided in the IP Address Textboxes into the to be - collected list - - Add as exclusion – Adds information provided in the IP Address Textboxes into the to be - ignored list - - Remove – Removes the selection from the IP Ranges box - -- (Optional) Only include host with the following ports open – If selected, this option limits the - Host Discovery query to return only the hosts found in the IP Sweep with the specified open ports. - When specifying multiple ports, separate them with commas or semicolons but not spaces. For - example, to specify ports 10 and 80 enter: `10,80`. The help **[?]** button at the end of the - textbox provides example entry formats. -- (Optional) Only include Windows hosts – If selected, this option limits the Host Discovery query - to return only the hosts found in the IP Sweep that have Windows operating systems - -Click **Next** to continue. - -![Host Discovey Wizard Options page for IP network scan](/img/product_docs/accessanalyzer/install/application/options.webp) - -**Step 4 –** On the Options page, configure the query options as required. - -- Run the query when jobs that reference it are run – Select this option to automatically execute - the Host Discovery query prior to executing a job that has the host list generated by this query - assigned. This ensures any new hosts have been discovered and are available for auditing. - - **_RECOMMENDED:_** Use this setting only for host lists tied to specific jobs that require - up-to-date host lists. - -- Query Result Retention – Select how to maintain the host list generated by this discovery query: - - - Yes, grow the host list by appending newly discovered hosts – The host list includes every - host the query has ever discovered - - No, only show hosts that were found during the most recent run – The host list generated by - this query includes only hosts found in the most recent query execution. This option removes - hosts from the generated host list, but does not remove hosts from the Host Master Table. - -Click **Next** to continue. - -![Host Discovey Wizard Inventory page for IP network scan](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp) - -**Step 5 –** On the Inventory page, the host inventory process can be automatically included with -the discovery query. - -- Refresh inventory every time when the host discovery query completes – Automates the host - inventory process and is dependent on the **Settings** > **Host Inventory** node configuration for - the age of previously inventoried records. Leaving this option deselected applies the global - settings for host inventory. -- Credentials – Select a Connection Profile. These credentials require the appropriate permissions - for gathering inventory information from the discovered hosts: - - - Default credentials (credentials the application is run with) – Applies the credentials used - to launch the Access Analyzer application - - Credentials in my default connection profile – Applies the default Connection Profile - configured at the global level (**Settings** > **Connection**) - - Credentials in this connection profile – Use the dropdown list to select a Connection Profile - from those preconfigured at the global level (**Settings** > **Connection**) - - See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on - Connection Profiles. - -Click **Next** to continue. - -![Host Discovey Wizard Summary page for IP network scan](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) - -**Step 6 –** The Summary page displays all the selected query configuration settings. To make -changes, click **Back** to navigate to the relevant wizard page. Click Finish to complete the -configuration process. - -![Confirm dialog box](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp) - -**Step 7 –** A Confirm dialog box opens. Click **Yes** to run the query now or **No** to run the -query at another time. - -Both options close the Host Discovery Wizard and return to the Host Discovery Queries view on the -Host Discovery node. If **Yes** is selected, the **Query State** indicates the running query. diff --git a/docs/accessanalyzer/12.0/host-management/discovery/wizard/overview.md b/docs/accessanalyzer/12.0/host-management/discovery/wizard/overview.md deleted file mode 100644 index 3ddcdbba29..0000000000 --- a/docs/accessanalyzer/12.0/host-management/discovery/wizard/overview.md +++ /dev/null @@ -1,35 +0,0 @@ -# Host Discovery Wizard - -The Host Discovery Wizard gives complete control over how hosts are discovered on the targeted -network and which hosts are discovered. - -![Console with Create Query Option Highlighted](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/createqueryhighlighted.webp) - -Use the Host Discovery Wizard to create new queries. The wizard opens in the Results pane. Use any -of the following methods in order to access the Host Discovery Wizard from the Host Discovery node: - -- Select **Create Query** in the Activities pane -- Right-click the **Host Discovery** node and select **Create Query** from the pop-up menu -- Right-click anywhere in the Host Discovery Queries table and select **Create Query** from the - pop-up menu - -![Host Discovery Wizard](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/hostdiscoverywizard.webp) - -The first step in creating a Host Discovery query is to select the source where the query searches -for hosts. Hosts are discoverable using one of the following options: - -- [Scan IP Network](/docs/accessanalyzer/12.0/host-management/discovery/wizard/ip-network.md) – Scans a specified range of IP Addresses for active hosts and - resolves the names of machines using DNS -- [Query an Active Directory Server (General)](/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-general.md) – Scans the default domain controller - or a specified server for all computer objects, can be scoped -- [Query an Active Directory Server (Discover Exchange servers)](/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-exchange.md) – Scans the default - domain controller or a specified server but is scoped to return only computer objects sitting in - the configuration container for Exchange servers -- [Query an Active Directory server (Discover Domain Controllers)](/docs/accessanalyzer/12.0/host-management/discovery/wizard/ad-domain-controllers.md) – Scans - the default domain controller or a specified server but is scoped to return only machines which - are domain controllers -- [Import From a Local CSV File](/docs/accessanalyzer/12.0/host-management/discovery/wizard/csv.md) – Imports a host list from a specified CSV file -- [Import From a Database](/docs/accessanalyzer/12.0/host-management/discovery/wizard/database.md) – Imports a host list from a specified SQL Server database - -**NOTE:** The Advanced Options checkbox in the lower-left corner is a legacy item and should not be -selected. diff --git a/docs/accessanalyzer/12.0/host-management/lists.md b/docs/accessanalyzer/12.0/host-management/lists.md deleted file mode 100644 index 9b42bbf36c..0000000000 --- a/docs/accessanalyzer/12.0/host-management/lists.md +++ /dev/null @@ -1,68 +0,0 @@ -# Hosts Lists - -A host list is a grouping of hosts for the purpose of executing jobs against. Every host list -created can be accessed by expanding the **Host Management** node in the Navigation pane. - -![Host Management Node in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -There are two types of host lists: - -- Dynamic host lists – Auto-populated and updated according to the most recent inventory information - available for the hosts. They include both the default host lists and custom created dynamic host - lists. See the [Dynamic Host Lists](#dynamic-host-lists) topic for additional information. -- Static host lists – Only changed manually or through a scheduled host discovery query. They - include both host lists created during host discovery queries and custom created static host - lists. See the [Static Host Lists](#static-host-lists) topic for additional information. - -A newly created host list will appear in alphanumerical order under the Host Management node. The -icon in front of the host list will indicate which type of host list it is: - -| Icon | Type of Host List | -| ---------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------- | -| ![Static Host List icon](/img/product_docs/accessanalyzer/admin/hostmanagement/statichostlist.webp) | Default Host List or Custom Host List (Static or Dynamic) | -| ![Host Discovery Query List icon](/img/product_docs/accessanalyzer/admin/hostmanagement/discoveryquerylist.webp) | Host Discovery Query List | -| ![Dynamic Host List icon](/img/product_docs/accessanalyzer/admin/hostmanagement/dynamichostlist.webp) | Host List created by Job | - -You can view host inventory information at the Host Discovery node (the Host Master Table) or at -individual host list nodes. See the [Host Inventory Data Grid](/docs/accessanalyzer/12.0/host-management/data-grid.md) topic for information on -the data collected by host inventory. - -## Dynamic Host Lists - -Dynamic host lists are lists of hosts that are grouped according to selected criteria within the -host inventory. Each time a host inventory record is refreshed, the hosts are automatically added to -or removed from dynamic host lists in accordance with the criteria set for the list. They include -both the default host lists and custom created dynamic host lists. See the -[Host Inventory](/docs/accessanalyzer/12.0/administration/settings/host-inventory.md) topic for a list of the default host lists and -instructions on controlling which of these lists are visible under the Host Management node. - -Custom dynamic host lists are created by filtering the data grid and using the -[Save Current View](/docs/accessanalyzer/12.0/host-management/actions/save-view.md) option in the Activities pane or right-click menu. This can -be done at the Host Management node with the Host Master Table or at any host list node. See the -[Filter](/docs/accessanalyzer/12.0/administration/navigation/data-grid.md#filter) topic for additional information on filtering data grids. - -**_RECOMMENDED:_** Do not modify the criteria once a dynamic based list has been created. It is -better to delete and recreate the list in order to modify a dynamic-based list. - -## Static Host Lists - -Static host lists are created either through host discovery queries or manually entered within the -**Host Management** node. Lists created by [Host Discovery Node](/docs/accessanalyzer/12.0/host-management/discovery/overview.md) -queries are updated each time the query is run, manually or scheduled. Other static host lists can -only be changed manually. Custom host lists are frequently created in order to scope a job to -execute against a select set of hosts. - -For example, a user running the Exchange Solution might create a list to just run Mailbox queries -against. Whereas a user running the File System Solution might create a list of servers being used -for file shares. - -There are two common ways to create static host lists: - -- Use the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) option in the Activities pane or right-click menu to access - the Host List Wizard -- Select multiple hosts from the data grid using the Windows Ctrl and left-click function. This can - be done from the Host Mast Table or any host list under the Host Management node. Then use the - [Save Selected To List](/docs/accessanalyzer/12.0/host-management/actions/save-to-list.md) option in the Activities pane or right-click menu - to open the Host List Wizard with a pre-filled in Manual Host Entry page. - -See the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) section for information using the Host List Wizard. diff --git a/docs/accessanalyzer/12.0/host-management/overview.md b/docs/accessanalyzer/12.0/host-management/overview.md deleted file mode 100644 index 78debeb14e..0000000000 --- a/docs/accessanalyzer/12.0/host-management/overview.md +++ /dev/null @@ -1,39 +0,0 @@ -# Host Management - -The **Host Management** node is used to manage hosts in a targeted environment. Hosts configured -under the **Host Management** node can be audited using other features in Access Analyzer. This node -maintains information for audited computers. To view information on all computers in the -environment, use the -[.Active Directory Inventory Solution](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/overview.md), -specifically the Active Directory Summary report. - -The Host Management node provides a master list of every host ever introduced to Access Analyzer. -Introduce hosts through [Host Discovery Node](/docs/accessanalyzer/12.0/host-management/discovery/overview.md) queries or by entering -them manually. Hosts are removed from this list only by manually deleting them. This master listing -of hosts, or the Host Master Table, is designed around unique host names, not necessarily unique -hosts themselves. The data grid provides all host inventory information collected on the hosts. See -the [Host Inventory Data Grid](/docs/accessanalyzer/12.0/host-management/data-grid.md) topic for additional information. - -The Host Management process consists of the following phases: - -- Host Discovery – The process of discovering hosts to audit through Host Discovery queries, which - can be scoped to identify computers with commonalities. These queries are managed under the Host - Discovery node. See the [Host Discovery Node](/docs/accessanalyzer/12.0/host-management/discovery/overview.md) topic for additional - information. -- Host Inventory – The process of collecting key pieces of information about each host to aid in - segregating the hosts into logical sub-groupings for targeted auditing. Use either the Host - Discovery or Host Management nodes. -- Host List Creation – Access Analyzer creates Default host lists based on Host Inventory results. - Create and manage Custom host lists under the Host Management node. See the - [Hosts Lists](/docs/accessanalyzer/12.0/host-management/lists.md) topic for additional information. - -![Host Management Node in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The nodes under the Host Management node are: - -- Default hosts lists -- Host lists generated by Host Discovery queries -- Custom host lists - -See the [Host Inventory](/docs/accessanalyzer/12.0/administration/settings/host-inventory.md) topic for global settings that affect Host -Management. diff --git a/docs/accessanalyzer/12.0/index.md b/docs/accessanalyzer/12.0/index.md index a449a54b45..aced0a8527 100644 --- a/docs/accessanalyzer/12.0/index.md +++ b/docs/accessanalyzer/12.0/index.md @@ -1,32 +1 @@ -# Netwrix Access Analyzer 12.0 - -> **Complete visibility and control over who has access to what** - -Netwrix Access Analyzer provides comprehensive visibility into access rights and permissions across your entire IT infrastructure. Quickly identify excessive permissions, validate access changes, and ensure compliance with security policies. - -## Key Features - -- **Access Intelligence** — Discover who has access to critical data and systems -- **Permission Analysis** — Identify and remediate excessive or inappropriate permissions -- **Access Certification** — Streamline periodic access reviews and recertification -- **Compliance Reporting** — Demonstrate compliance with automated access reports - -## What's New in Version 12.0 - -- Enhanced cloud platform support for Azure and AWS -- Improved performance for large-scale environments -- New machine learning-powered risk scoring -- Simplified access review workflows - -## Benefits - -- Reduce security risks by identifying and removing excessive permissions -- Accelerate access reviews and certification processes -- Ensure compliance with regulatory requirements -- Prevent unauthorized access to sensitive data - -```mdx-code-block -import DocCardList from '@theme/DocCardList'; - - -``` +# Access Analyzer diff --git a/docs/accessanalyzer/12.0/install/application/database.md b/docs/accessanalyzer/12.0/install/application/database.md new file mode 100644 index 0000000000..96405bf12e --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/database.md @@ -0,0 +1,219 @@ +# Access Analyzer Database + +The Access Analyzer database is dynamic in nature. There are a handful of required system tables +which are created at installation time or when individual features are used the first time. All +other data tables in the Access Analyzer database are created and bound to individual jobs which are +added to the Access Analyzer Console. As jobs are created and modified, corresponding tables are +created and modified in the database. A job can generate one or more tables. + +The structure and schema of each data table is controlled by the Access Analyzer data collector used +to collect data and write results to the table. There is a one-to-one relationship between a task +created within a Access Analyzer job and the table to which the task writes results. Creating tasks +or adding and removing properties within a task modifies the schema of the table on subsequent +execution of the job. + +Access Analyzer offers users the ability to modify its preconfigured jobs or create custom jobs and +tasks as needed. Therefore, precise schema information for data tables cannot be predicted, +restricted, or locked down. + +## Database Permissions + +The account configured in the storage profile to be used by Access Analyzer to access the database +should have the necessary rights to Add, Alter, Create, Drop, Select, and Update. These rights are +critical to normal Access Analyzer operations and functionality. + +**_RECOMMENDED:_** The account used by Access Analyzer should have database owner (DBO) level access +to the database. + +If database owner rights cannot be obtained, the following SQL script can be executed by a database +administrator (DBA) against the Access Analyzer database to grant the necessary permissions to the +appropriate users (replacing `` and `` with the appropriate values): + +```sql +USE [master] +GRANT VIEW ANY DEFINITION TO [] +GO +USE [] +GO +EXEC sp_addrolemember 'db_datareader', '' +GO +EXEC sp_addrolemember 'db_datawriter', '' +GO +GRANT CREATE TABLE TO [] +GO +GRANT CREATE VIEW TO [] +GO +GRANT CREATE PROCEDURE TO [] +GO +GRANT CREATE FUNCTION TO [] +GO +GRANT CREATE TYPE TO [] +GO +GRANT REFERENCES ON SCHEMA::dbo TO [] +GO +GRANT ALTER ON SCHEMA::dbo TO [] +GO +GRANT EXECUTE ON SCHEMA::dbo TO [] +GO +GRANT INSERT ON SCHEMA::dbo TO [] +GO +GRANT UPDATE ON SCHEMA::dbo TO [] +GO +Alter User [] with DEFAULT_SCHEMA = dbo +``` + +## Database Sizing + +SQL Server storage considerations vary. As Access Analyzer is a highly customizable auditing +platform, variables such as query scope, the number of hosts, frequency, historical retention, and +reporting needs are a few of the factors which affect the database resource consumption by Access +Analyzer. + +- Query Scope – Amount of data configured to be returned from each query (queries are dynamic and + can be configured to return one row per host or tens of thousands) +- Number of Hosts – Number of hosts targeted for auditing objectives +- Frequency – How often jobs are run +- Historical Retention – Amount of collected data to be retained in source data tables based on a + user-configured time frame +- Reporting Needs – Anticipated data needed to generate reports + +Recommended SQL Server database sizes are provided for specific solutions in the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topics. These recommendations are based on +environmental factors, the number of target objects within an environment (users, hosts, mailboxes, +etc.), and the applicable factors listed above for the specific solution. + +### Customer Examples of Database Sizing + +The overall database size is ultimately governed by an organization’s auditing objectives. The +examples below provide a glimpse into how these objectives combine with the applicable factors above +to impact the Access Analyzer database resource consumption. + +- Example from an Active Directory Solution Customer + - An Active Directory (AD) customer intends to collect AD User/Group/Membership information and + run the standard Active Directory Solution within their environment. In an environment of + 50,000 Users and 200,000 Groups, the database can be 50 GB in size. The expansion of group + information can also require 20 GB of TEMPDB space. +- Example from a Data Access Governance Solution Customer + - A Data Access Governance customer using the File System Solution intends to collect and report + on file system permissions, and optionally to profile size, age, extensions, and ownership of + files in the organization. The database for a typical mid-sized organization could be anywhere + from 60 GB to upward of 240 GB, depending on the number of folders scanned, which can vary + greatly in depth and width. Electing to collect content-related information will also impact + database size. +- Another Example from a Data Access Governance Solution Customer + - A Data Access Governance customer using the File System Solution intends to inventory 1.3 PB + of files spread across 600+ standalone (non-clustered) Windows file servers, collecting + information on file permissions and ages (and possibly, ad hoc, information on file system + activity) with an overall plan to identify stale data, consolidate active data on a subset of + the organization’s file system infrastructure, and to move that active data to a cloud-based + platform like SharePoint Online. Activity monitoring (FSAC) is to be used ad hoc against open + shares to profile resource ownership and also to validate the “staleness” of certain + resources. The database sizing for a project of this scope could be up to 750 GB for the + database, 240 GB for the transaction log, and 380 GB of TEMPDB space. +- Example from an Exchange Solution Customer + - An Exchange customer only intends to collect Mail-Flow Metrics for 100,000 Mailboxes from 10 + HUB Servers in the organization. However, the customer would like to keep six months of + history on User to User Activity sent internally and externally, as well as one year of Server + and User Volume Traffic. This database can grow to around 320 GB. +- Example from a Windows Solution Customer + - A Windows customer intends to audit and retain Success and Failed login events for five member + servers retaining the data for twelve months within their environment. The database can be 100 + GB in size. + +## Securing the Access Analyzer Database + +The typical database configuration is to have **sysadmin Server Role** assigned to the ID used to +connect to the SQL instance. It will allow full control over the instance where the Access Analyzer +database resides. This configuration is chosen because Access Analyzer requires some interaction +with the master database in order to install and configure the initial Access Analyzer database. +When it is necessary to secure the Access Analyzer database, the following steps should be followed +to achieve the minimum SQL security levels without breaking core Access Analyzer functionality. + +### Database Creation & First Level of Security + +Use SQL Server Management Studio to create the Access Analyzer database and configure the settings +for the server roles and user mappings. + +![SQL Server Management Studio create New Database](/img/product_docs/accessanalyzer/12.0/install/application/createnewdatabase.webp) + +**Step 1 –** Create a new database for use with Access Analyzer. Right-click on the **Databases** +node and choose **New Database**. + +![SQL Server Management Studio New Database window](/img/product_docs/accessanalyzer/12.0/install/application/newdatabase.webp) + +**Step 2 –** Set the **Database name**. Set any other desired data files configuration per company +standards. Click **OK** on the New Database window. + +**_RECOMMENDED:_** Enter Access Analyzer as the Database name. + +![SQL Server Management Studio create New Login](/img/product_docs/accessanalyzer/12.0/install/application/newlogin.webp) + +**Step 3 –** Create a new SQL Login account by right-clicking on the **Security** > **Logins** +folder and selecting **New Login**. + +**Step 4 –** Choose the authentication mode as the login type for use with the newly created Access +Analyzer database. The available options are Windows authentication and SQL Server authentication. + +![SQL Server Management Studio new login with Windows authentication](/img/product_docs/accessanalyzer/12.0/install/application/loginwindows.webp) + +- If **Windows authentication** is desired, then click **Search** and select the desired Windows + account, which has been set up for use with Access Analyzer. + +![SQL Server Management Studio new login with SQL Server authentication](/img/product_docs/accessanalyzer/12.0/install/application/loginsql.webp) + +- **_RECOMMENDED:_** If **SQL Server authentication** is desired, use a login name called Access + Analyzer. + +**NOTE:** Set the **Default Database** as Access Analyzer (or the desired Access Analyzer database) +and choose English as the **Default Language**. + +![SQL Server Management Studio New Login User Mapping](/img/product_docs/accessanalyzer/12.0/install/application/loginusermapping.webp) + +**Step 5 –** Navigate to the **User Mapping** menu, select the Access Analyzer (or the desired +Access Analyzer database) database, and set the **Default Schema** to **DBO**. + +**Step 6 –** In the **Database role membership** section, set the role to **db_owner**. Click **OK** +to save new user configuration information and continue on to configure the Access Analyzer Console. + +**Step 7 –** Configure the Access Analyzer Console to access the assigned database using the newly +secured login account. + +**NOTE:** This step requires the completion of the Access Analyzer installation. See the +[Access Analyzer Core Installation](/docs/accessanalyzer/12.0/install/application/wizard.md) topic for instructions. + +![Storage Profile configuration page](/img/product_docs/accessanalyzer/12.0/install/application/storageprofile.webp) + +**Step 8 –** Launch Access Analyzer and navigate to **Settings** > **Storage**. + +- Select the Storage Profile and enter the name of the SQL Server in the **Server name** field and + **Instance Name**, if applicable. +- Enter the name of the Access Analyzer database in the **Use existing database** field. +- Choose the authentication method which matches the secure login that was created in Step 4, either + **Windows authentication** or **SQL Server authentication**. If using SQL Server authentication, + enter the **User name** and **Password**. + +![Connection report window](/img/product_docs/accessanalyzer/12.0/install/application/connectionreport.webp) + +- Click **Apply** and a Connection report window will open. Verify that the connection and test + table drop were performed successfully. +- Click **Close** on the Connection report window and then **Save** the new Storage Profile. + +![Change storage profile dialog](/img/product_docs/accessanalyzer/12.0/install/application/changestorageprofile.webp) + +**NOTE:** If previously connected to another database which already had the Access Analyzer DB +schema applied, then a prompt should appear to merge the host management data. Choose the +appropriate options and then click **OK** to migrate data. + +**Step 9 –** Make sure to close and re-open the Access Analyzer Console before continuing to +configure or use Access Analyzer if a new database Storage Profile was chosen as the default. + +The **blue arrow** signifies the default profile was changed but does not take effect until the +required restart of the Access Analyzer Console. + +See the [Access Analyzer Initial Configuration](/docs/accessanalyzer/12.0/install/application/firstlaunch.md) topic to perform these steps during +the initial configuration process after installation. + +### Second Level of Security + +For second level security of the SQL Server database, use the script provided in the +[Database Permissions](#database-permissions) section. diff --git a/docs/accessanalyzer/12.0/install/application/firstlaunch.md b/docs/accessanalyzer/12.0/install/application/firstlaunch.md new file mode 100644 index 0000000000..6e4980628d --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/firstlaunch.md @@ -0,0 +1,119 @@ +# Access Analyzer Initial Configuration + +Once the Access Analyzer installation process is complete, and before performing actions within +Access Analyzer, the initial settings for the Access Analyzer Console must be configured. + +![Newrix Access Governance shortcut](/img/product_docs/accessanalyzer/12.0/install/application/shortcut.webp) + +**Step 1 –** Launch the Access Analyzer application. The installation wizard places the Access +Analyzer icon on the desktop. + +![Configuration Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/install/application/welcome_2.webp) + +**Step 2 –** On the Welcome page of the Access Analyzer Configuration Wizard, click **Next** to +continue. + +![Configuration Wizard Version Selection page](/img/product_docs/accessanalyzer/12.0/install/application/versionselection.webp) + +**Step 3 –** On the Version Selection page, select the **I have no previous versions to migrate data +from** and click **Next** to continue. + +**NOTE:** If you are upgrading from a previous version of Access Analyzer, select **Choose a +StealthAUDIT root folder path to copy from**. See the +[Access Analyzer Console Upgrade](/docs/accessanalyzer/12.0/install/application/upgrade/overview.md) topic for additional information. + +![SQL Server Settings page](/img/product_docs/accessanalyzer/12.0/install/application/sqlserver.webp) + +**Step 4 –** Configure the options on the SQL Server Settings page. + +- Server name – Enter the database server host name (NetBIOS name, FQDN, or IP Address) +- Instance name – If the SQL Server is configured to use an instance name, provide the instance name + in the text box. If not, leave this text box blank. + + - To change the instance port number, provide the instance name in the format + `,`. For example, if using the default **MSSQLSERVER** instance and port + **12345**, the instance name should be entered as `MSSQLSERVER,12345`. + +- Command timeout [number] minutes – Number of minutes before Access Analyzer halts any SQL queries + running for that amount of time. This prevents SQL queries from running excessively long. The + default is 1440 minutes. +- Windows authentication – Leverages the account used to open the Access Analyzer Console. This + option will use Windows NT Authentication to authenticate to the SQL Server. It also requires the + Schedule Service Account to have proper permissions on the SQL database. +- SQL Server authentication – Leverages an account created within the SQL Server. + + - User name and password – If SQL Server authentication is selected, provide the **User name** + and **Password** for the SQL account. + - Specify a new password below – Specify a new password for the SQL server. + +- Use existing database – Confirm the SQL Server connection has been established by selecting the + radio button for **Use existing database** and clicking the drop-down arrow. If a listing of + databases appears, then the connection has been established. Select this option to use a + pre-existing database. Then select a database from the drop-down menu of available databases. +- Create new database – Select this option to create a new database during the configuration of the + storage profile. Enter a unique, descriptive name for the new database. If multiple databases + might exist for Access Analyzer, then the default name of Access Analyzer is not recommended. + +See the [Securing the Access Analyzer Database](database.md#securing-the-access-analyzer-database) +topic for additional information on creating a SQL Server database for Access Analyzer. + +**Step 5 –** Click **Next**. + +- If SQL Server authentication is used, the Options page is displayed next. Skip to Step 7. +- If Windows Server authentication is used, the **Schedule Account** page is enabled for + configuration. Continue to Step 6. + +![Schedule Account Configuration page](/img/product_docs/accessanalyzer/12.0/install/application/scheduleaccount.webp) + +**Step 6 –** (Windows Authentication Only) Configure the schedule service account on the Scheduling +page. The account configured here must be an Active Directory account and must have rights to the +Access Analyzer Console server’s local Task folders as well as sufficient rights to the Access +Analyzer database. + +There are two options that can be selected: + +- Skip this step, I will configure a schedule service account later – Select this radio button to + skip this step and configure the schedule service account later +- Use the following service for account – Select this radio button to configure the schedule service + account and enter the following information: + + - Domain – The domain for the service account + - User name – The user name for the service account + - Password – The password for the service account + - Confirm – Re-enter the password for the service account + +![Configuration wizard Options page](/img/product_docs/accessanalyzer/12.0/install/application/options.webp) + +**Step 7 –** On the Options page, select whether to send usage statistics to Netwrix to help us +improve our product. After the Usage Statistics option is set as desired, click **Next** to +continue. + +- If selected, usage statistics are collected and sent to Netwrix + + - Upon startup of the Access Analyzer console, the system checks if usage statistics have been + sent in the last 7 days. If they have not been, stored procedures run against the Access + Analyzer database and gather data about job runs, access times, and environmental details like + resource counts, users counts, number of exceptions, and so on. This data is then sent back to + Netwrix to help us identify usage trends and common pain points, so that we can use this + information to improve the product. + - Only anonymous statistic-level data is included. No private company or personal data is + collected or sent to Netwrix. + +- If cleared, no usage statistics are collected or sent to Netwrix + +![Progress page when upgrade process has completed](/img/product_docs/accessanalyzer/12.0/install/application/completed_1.webp) + +**Step 8 –** After the Access Analyzer Configuration Wizard finishes configuring your installation, +click **Finish** to open the Access Analyzer Console. + +**NOTE:** To view the log for the setup process, click **View Log** to open it. If you need to view +the log after exiting the wizard, it is located in the installation directory at +`..\STEALTHbits\StealthAUDIT\SADatabase\Logs`. See the +[Troubleshooting](/docs/accessanalyzer/12.0/admin/maintenance/troubleshooting.md) topic for more information about logs. + +![Netwrix Acces Governance Settings Node](/img/product_docs/accessanalyzer/12.0/install/application/settingsnode.webp) + +The Access Analyzer Console is now ready for custom configuration and use. There are a few +additional steps to complete in order to begin collecting data, such as configuring a Connection +Profile and a Schedule Service account as well as discovering hosts and setting up host lists. See +the [Getting Started](/docs/accessanalyzer/12.0/gettingstarted.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/install/application/otherlanguages.md b/docs/accessanalyzer/12.0/install/application/otherlanguages.md new file mode 100644 index 0000000000..d33a663e43 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/otherlanguages.md @@ -0,0 +1,142 @@ +# Non-English Language Environments + +There are specific SQL Server requirements when installing Access Analyzer in a non-English Language +environment, specifically when the environment uses a non-Latin alphabet. + +## Requirements + +The following collation requirements need to be met prior to the Access Analyzer installation. + +### Database & Server Collation Settings + +The collation settings at the database level must match what is set at the server level. + +Symptoms + +Common errors that occur are: + +- Implicit conversion of VARCHAR value to VARCHAR cannot be performed because the collation of the + value is unresolved due to a collation conflict. + - Could not find stored procedure `#SA_ImportObject` + - Cannot drop the procedure `#SA_ImportObject`, because it does not exist or lack of permission +- Cannot resolve the collation conflict between **SQL_Latin1_General_CP1_CI_AS** and + **French_CI_AS** in the equal to operation. + +Cause + +These errors occur because the Access Analyzer solutions use many temporary functions and procedures +which in turn use the collation at the server level. Temporary tables created within a stored +procedure use the TEMPDB database’s collation instead of the current user database’s collation. +Therefore, there will be issues in analysis due to the mismatch. + +Resolution + +The following is a work-around which we use to avoid collation errors. However, when making changes +at the SQL Server level, use caution as it actually rebuilds all user/system database objects. If +there are schema bound objects (i.e. Constraints), the whole operation will fail. Make sure to have +all of the information or scripts needed to recreate the Access Analyzer user’s databases and all of +the objects in them. Customers should use a localized version of the SQL Server, and this should not +be done in production environments. + +#### Change Collation at the Database Level + +Follow the steps to change the collation at the database level. + +**Step 1 –** Access the Database Properties in SQL Server Management Studio. + +![SQL Server Management Studio Database Properties window](/img/product_docs/accessanalyzer/12.0/install/application/databasepropertiescollation.webp) + +**Step 2 –** Select **Options** and set the collation. + +Now that the collations match, proceed with Access Analyzer installation. + +#### Change Collation at the SQL Server Level + +Follow the steps to change the collation at the SQL Server level. + +![SQL Server Configuration Manager](/img/product_docs/accessanalyzer/12.0/install/application/sqlserverconfigurationmanager.webp) + +**Step 1 –** Stop the SQL Server service from the Configuration Manager. + +**Step 2 –** Open CMD console as Administrator, and go to the following path (or the path where the +binary files are): + +``` +…\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn   +``` + +**Step 3 –** Execute the following command (or whichever collation is needed): + +``` +sqlservr.exe  -m -T4022 -T3659 -q "French _CS_AS" +``` + +See the Microsoft +[Collation and Unicode support](https://learn.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support) +article for collation matches. + +**Step 4 –** Wait until it finishes and start the SQL Server service again. + +Now that the collations match, proceed with Access Analyzer installation. + +### Case Sensitive Collation + +Access Analyzer does not support case sensitive collation settings. Case insensitive collations are +notated by having **CI** in the collation, for example **Latin1_General_CI_AS**. + +Cause + +For example, `SYS.INDEXES` will be unable to be found if there was an English install of SQL Server +but a Turkish collation which is case sensitive. So `'SYS.INDEXES != 'sys.indexes' `in the +environment. + +Resolution + +All collation settings must be case insensitive. + +## Troubleshooting + +The following are possible problems for future consideration. + +During comparison or joining of columns, collation conflict error occurs in two cases if collation +of one column does not match with collation of another column: + +This can be generated by the following script: + +``` +CREATE TABLE TestTab +(PrimaryKey int PRIMARY KEY, +CharCol char(10) COLLATE French_CI_AS, +CharCol2 char(10) COLLATE greek_ci_as +) +INSERT INTO TestTab VALUES (1, 'abc', 'abc')  +SELECT * FROM TestTab WHERE CharCol = CharCol2 +``` + +- Error Returned – Cannot resolve the collation conflict between **Greek_CI_AS** and + **French_CI_AS** in the equal to operation. +- Resolution – If the select statement is changed as below, then it would run successfully. + + ``` + SELECT * FROM TestTab WHERE CharCol = CharCol2 COLLATE Albanian_CI_AI + ``` + +**NOTE:** Explicit collation (Albanian_CI_AI) is not one of any column, but after that it will +complete successfully. The collation of two columns have not been matched, instead the third rule of +collation precedence was implemented. See the Microsoft +[Collation Precedence](https://learn.microsoft.com/en-us/sql/t-sql/statements/collation-precedence-transact-sql) +article for additional information. + +### Resources + +The following articles may be of assistance: + +- Microsoft + [Collation and Unicode support](https://learn.microsoft.com/en-us/sql/relational-databases/collations/collation-and-unicode-support) + article +- Microsoft + [Collation Precedence](https://learn.microsoft.com/en-us/sql/t-sql/statements/collation-precedence-transact-sql) + article +- Microsoft + [Set or change the server collation](https://learn.microsoft.com/en-us/sql/relational-databases/collations/set-or-change-the-server-collation) + article diff --git a/docs/accessanalyzer/12.0/install/application/overview.md b/docs/accessanalyzer/12.0/install/application/overview.md new file mode 100644 index 0000000000..5dbf873932 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/overview.md @@ -0,0 +1,82 @@ +# Installation & Configuration Overview + +This section provides instructions for installing Access Analyzer and the initial configuration +required when first launching the Access Analyzer Console. It also includes additional information, +such as how to secure the Access Analyzer Database, and configuring the Web Console for viewing +reports outside of the Access Analyzer Console. + +Prior to installing Access Analyzer, please ensure that all of the prerequisites have been met. See +the [Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for more information. + +## Binaries + +There are a variety of Access Analyzer binaries based on the organizational auditing objectives. +Your Netwrix Representative will provide the appropriate binaries. + +- Access Analyzer binary – Core installation package + + - Includes data collectors, analysis modules, and action modules + - An organization’s license key, needed during installation, controls which components are laid + down during installation + - If your license includes Sensitive Data Discovery (SDD), the necessary SDD components are + installed + - Installs the Web Console + +- File System Proxy binary – Installation package for the File System Proxy Scanning option + + - If your license includes Sensitive Data Discovery (SDD), the necessary SDD components are + installed + - See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md) topic for + additional information. + +- Activity Monitor binary – Installation package for monitoring Windows and NAS device file system + activity + + - See the Installation topic of the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for additional information. + +- SharePoint Agent binary – Installation package for the SharePoint Agent (optional for Access + Auditing of SharePoint farms) + + - If your license includes Sensitive Data Discovery (SDD), the necessary SDD components are + installed + - See the [SharePoint Agent Installation](/docs/accessanalyzer/12.0/install/sharepointagent/overview.md) topic for additional + information. + +- Access Analyzer MAPI CDO binary – One of two installation package needed to enable the Exchange + Solution + + - See the + [StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md) + topic for additional information. + +- Access Analyzer Reporting Services binary – Installation package for Survey Action Module + Reporting Service +- Netwrix Access Information Center binary – Installation package for the Netwrix Access Information + Center + + - Customers who are logged in to the Netwrix Customer Portal can download the latest version of + their software products from the My Products page: + [https://www.netwrix.com/my_products.html](https://www.netwrix.com/my_products.html). See the + [Customer Portal Access](https://helpcenter.netwrix.com/bundle/NetwrixCustomerPortalAccess/page/Customer_Portal_Access.html) + topic for information on how to register for a Customer Portal account.Partners and MSPs who + are logged into the Netwrix Partner Portal can download the latest version of their software + products from the My Product page: + [https://www.netwrix.com/par/site/products](https://www.netwrix.com/my_products.html). To + receive an invitation to the Partner Portal, please contact + [netwrix.msp@netwrix.com](http://netwrix.msp@netwrix.com/). + - See the + [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) + for additional information. + +## License Key + +Your Netwrix Representative will provide the necessary license key. The Access Analyzer license key +(`StealthAUDIT.lic`) is needed for the Access Analyzer Core Installation. See the +[Access Analyzer Core Installation](/docs/accessanalyzer/12.0/install/application/wizard.md) topic for additional information. + +To grant access to additional Solution sets or enable Sensitive Data Discovery in an existing Access +Analyzer installation, a new license key is required. To update the Access Analyzer license key +without installing a new version of the Access Analyzer Console, see the +[Update License Key](/docs/accessanalyzer/12.0/install/application/updatelicense.md) topic for instructions. diff --git a/docs/accessanalyzer/12.0/install/application/reports/adfs.md b/docs/accessanalyzer/12.0/install/application/reports/adfs.md new file mode 100644 index 0000000000..10fa931778 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/reports/adfs.md @@ -0,0 +1,131 @@ +# Configuring the Web Console to use ADFS + +The Access Analyzer Webserver and Access Information Center are able to support Single-Sign-On (SSO) +leveraging WSFederation with SAML tokens. This guide contains steps for implementing SSO using +Active Directory Federation Services (ADFS). + +Follow the steps to configure the Web Console to use ADFS authentication: + +**NOTE:** A certificate from the ADFS server is required. Confer with a PKI administrator to +determine which certificate method will conform to the organization's security policies. + +**Step 1 –** Import the certificate for the ADFS server onto the hosting server using the +Certificate Management MMC snap-in. + +- If used, self-signed certificates will also need to be imported + +**Step 2 –** On the ADFS server, open **AD FS Management**. + +**Step 3 –** Navigate to **Relying Party Trusts** and click **Add Relying Part Trust...**. Use the +Add Relying Party Trust Wizard to configure the relying party trust: + +- On the Welcome page, select **Claims aware** and click **Start**. +- On the Select Data Source page, select **Enter data about the relying party manually** and click + **Next**. +- On the Specify Display Name page, enter a display name for the relying party trust. Click + **Next**. +- On the Configure URL page, do not select any options and click **Next**. + + ![Identifier added on the Configure Identifiers page](/img/product_docs/accessanalyzer/12.0/install/application/reports/relyingpartytrustwizardidentifier.webp) + +- On the Configure Identifiers page, add an identifier of `https://` followed by the fully qualified + domain name (FQDN) of your ADFS server. + + - For example, `https://app0290.train90.local` + +- Click **Next** to proceed through the remaining wizard pages and complete the wizard. + +![Add an Endpoint window](/img/product_docs/accessanalyzer/12.0/install/application/reports/addanendpointwindow.webp) + +**Step 4 –** Double-click on the newly added relying party trust to open it's Properties window. +Navigate to the Endpoints tab and click **Add WS-Federation**. On the Add an Endpoint window, add +``https://``:``/federation`` as the Trusted URL, then click +**OK**. + +- For example, `https://app0190.train90.local:8082/federation` + +Click **OK** to save the changes and close the properties window. + +**Step 5 –** Select the relying party trust, and click **Edit Claim Issuance Policy** on the +right-hand panel. + +- On the Edit Claim Issuance Policy window, click **Add Rule**. +- On the Choose Rule Type page of the Add Transform Claim Rule Wizard, select **Send LDAP Attributes + as Claims** as the Claim rule template. Click **Next**. + + ![Configure Claim Rule page](/img/product_docs/accessanalyzer/12.0/install/application/reports/claimrulenameadfsconfig.webp) + +- On the Configure Claim Rule page, enter a name in the **Claim rule name** field. + +If the SID claim is not configured by default, add it to the Claim Description as follows: + +![Configure Claim Rule SID Properties](/img/product_docs/accessanalyzer/12.0/install/application/reports/claimrulenamesidproperties.webp) + +**Step 6 –** Navigate to the Access Analyzer installation directory and open the +`WebServer.exe.config` file in a text editor. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigadfs.webp) + +**Step 7 –** In the `WebServer.exe.config` file, change the following parameters: + +- `WsFederationMetadata` – Change the value to the following: + + ``` + + ``` + +- `WsFederationRealm` – Replace the value text with the URL entered for the Relying Party Trust in + Step 3: + + ``` + + ``` + + ![URL required for WsFederationRealm attribute](/img/product_docs/accessanalyzer/12.0/install/application/reports/wsfederationrealmurl.webp) + + You can retrieve the URL value from the Identifiers tab of the relying party trust properties + window. + +- `WsFederationReply` – Replace the value text with the Trusted URL entered for the Endpoint in Step + 4: + + ``` + + ``` + + ![URL required for WsFederationReply attribute](/img/product_docs/accessanalyzer/12.0/install/application/reports/wsfederationreplyurl.webp) + + You can obtain the URL required for this parameter from the Endpoints tab of the relying party + trust properties window. Select the endpoint and click **Edit** to open the Edit Endpoint + window. + +The following is an example of how the parameters should look when configured in the config file: + +``` + +  +  +``` + +**Step 8 –** Save the changes in the `WebServer.exe.config` file. + +**Step 9 –** Navigate to Services (`services.msc`). Restart the **Access Analyzer Web Server** +service. + +ADFS authentication is now enabled for Access Analyzer. + +## Update the Published Reports URL for ADFS + +If ADFS does not accept `http://localhost:8082/` as an acceptable path, the path will need to be +updated in the Published Reports properties window. Follow the steps to configure the Published +Reports URL for ADFS: + +**Step 1 –** Right-click the Published Reports shortcut on the desktop and select **Properties**. + +![Published Reports desktop shortcut properties](/img/product_docs/accessanalyzer/12.0/install/application/reports/publishedreportsproperties.webp) + +**Step 2 –** Replace the URL with `https://SAWebConsole.domain.com:8082`. + +**Step 3 –** Click **Apply**. Exit the window. + +The Published Reports URL is now configured for ADFS. diff --git a/docs/accessanalyzer/12.0/install/application/reports/disclaimer.md b/docs/accessanalyzer/12.0/install/application/reports/disclaimer.md new file mode 100644 index 0000000000..04da529c52 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/reports/disclaimer.md @@ -0,0 +1,46 @@ +# Configuring Login Page Disclaimer + +Users can add a disclaimer message to the logon screen by adding a custom `Disclaimer.txt` file in +the Web folder in the Access Analyzer directory and configuring the `WebServer.exe.config` file. +Follow the steps to configure the optional disclaimer message: + +**Step 1 –** Navigate to the Web folder of the installation directory: +` …\STEALTHbits\StealthAUDIT\Web`. + +![Disclaimer.txt file added to the Web folder](/img/product_docs/accessanalyzer/12.0/install/application/reports/disclaimertxt.webp) + +**Step 2 –** Create a `Disclaimer.txt` file in the Web folder. Write a custom disclaimer that +displays on the login page for the Web Console. + +- The text file must be named `Disclaimer.txt`. The disclaimer message option is not configured + properly if using a text file with a different name. + +![File Explorer WebServer.exe.config](/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigfile.webp) + +**Step 3 –** Locate the `WebServer.exe.config` file and open it. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigdisclaimer.webp) + +**Step 4 –** Find the following line in the text: + +``` + +``` + +**Step 5 –** Replace the value with `true` so that the line now reads as: + +``` + +``` + +**Step 6 –** Save the changes to enable the disclaimer message on the Web Console login page. + +![Web Console login page with disclaimer message](/img/product_docs/accessanalyzer/12.0/install/application/reports/webconsolelogindisclaimer.webp) + +**Step 7 –** To check if the disclaimer message was configured correctly, open the Web Console to +access the login page. + +- If the disclaimer is configured correctly, the custom disclaimer message displays at the bottom of + the login page. + +The disclaimer message displays on the Web Console login page. diff --git a/docs/accessanalyzer/12.0/install/application/reports/domains.md b/docs/accessanalyzer/12.0/install/application/reports/domains.md new file mode 100644 index 0000000000..ad1529be4f --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/reports/domains.md @@ -0,0 +1,39 @@ +# Enable Multiple Domain Access + +When the `AuthenticationDomains` parameter in the **WebServer.exe.config** file is blank, only +domain users from the domain where the Access Analyzer Console resides can access the Web Console. +Access can be granted from other domains when specified within this parameter. + +**NOTE:** Once another domain is added, then it is necessary to also add the domain where the Access +Analyzer Console resides. + +All domains provided or enumerated must have a trust relationship with the domain where Access +Analyzer resides. Follow the steps to allow access to the Web Console from other domains. + +**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is +located within the Web folder of the Access Analyzer installation directory. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigmultipledomains.webp) + +**Step 2 –** Add the desired domains to the value for the `AuthenticationDomains` parameter: + +``` + +``` + +Use domain name in a comma-separated list. For example: + +``` + +``` + +**Step 3 –** Save and close the file. + +**Step 4 –** Navigate to Services (`services.msc`). Restart the Access Analyzer Web Server service. + +The Web Console can now be accessed from multiple domains. + +**NOTE:** In order for the AIC to be accessed from these domains, this must also be configured for +the AIC. See the Multiple Domains topic in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. diff --git a/docs/accessanalyzer/12.0/install/application/reports/entraidsso.md b/docs/accessanalyzer/12.0/install/application/reports/entraidsso.md new file mode 100644 index 0000000000..8c75201ff2 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/reports/entraidsso.md @@ -0,0 +1,115 @@ +# Microsoft Entra ID Single Sign-On + +Microsoft Entra ID Single Sign-On (SSO) can be configured for logging in to the Web Console to view +reports. When configured, users accessing the Web Console are directed to the Microsoft Entra +ID login page, and can log in using their existing Entra credentials. + +The following is required to use Microsoft Entra ID SSO: + +- SSL must be enabled +- The on-premise Active Directory must be synced with Microsoft Entra ID + +To enable Microsoft Entra ID SSO, you must first create a registered application in Microsoft Entra +ID, and then configure the Web Console to use it. + +## Configure an Application in Microsoft Entra ID + +An application must be registered for the Web Console with your Microsoft Entra ID tenant and be +configured with the necessary single sign-on settings. Follow the steps to create and configure the +application. + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** > **Enterprise +Applications**. On the top toolbar, click App registrations and then **Create your own +application**. + +**Step 3 –** On the Create your own application page, enter a name for your application and select +the **Integrate any other application you don't find in the gallery** option. Click **Create** to +finish creating the application. + +**Step 4 –** In your application, go to **Manage** > **Single sign-on**. Select **SAML** as the +single sign-on method. + +**Step 5 –** On the Set up Single Sign-On with SAML page, click **Edit** on the Basic SAML +Configuration section. Add your Identifier and Reply URL, and then click **Save**. + +- As the Identifier, enter ``https://``:`` ``, for example: + + ``` + https://app0190.train90.local:8082 + ``` + +- As the Reply URL, enter ``https://``:``/federation``, for + example: + + ``` + https://app0190.train90.local:8082/federation + ``` + +**Step 6 –** Next, click **Edit** on the Attributes & Claims section. The four claims in the table +below are required. For each of these, click **Add new claim**, enter the information from the +table, and then click **Save**. + +| Name | Namespace | Source attribute | +| ------------------ | ------------------------------------------------------- | --------------------------------- | +| windowsaccountname | http://schemas.microsoft.com/ws/2008/06/identity/claims | user.onpremisessamaccountname | +| name | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.displayname | +| sid | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.onpremisessecurityidentifier | +| upn | http://schemas.xmlsoap.org/ws/2005/05/identity/claims | user.onpremisesuserprincipalname | + +Once configured they should show under Additional claims as below: + +![Claims configured](/img/product_docs/accessanalyzer/12.0/install/application/reports/entraidssoclaims.webp) + +**Step 7 –** In the **Manage** > **Users and groups** section for your application, add any required +users or groups to give permission to access the application. + +The application is now configured with the necessary settings. The next step is to enable the use of +Microsoft Entra ID SSO in the web server config file. + +## Enable in the Web Server Config File + +To enable Microsoft Entra ID SSO for the Web Console, the web server config file needs to be updated +with values from Microsoft Entra ID. Follow the steps to enable the SSO. + +_Remember,_ Enabling Entra ID SSO requires SSL to already have been enabled for the web server. See +the [Securing the Web Console](/docs/accessanalyzer/12.0/install/application/reports/secure.md) topic for additional information. + +**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is +located within the Web folder of the Access Analyzer installation directory. + +![Parameters in the web server config file](/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigfileentrasso.webp) + +**Step 2 –** Locate the **WsFederationMetaData**, **WsFederationRealm**, and **WsFederationReply** +Parameters in the config file, and add the required values from your Microsoft Entra ID application: + +- WsFederationMetaData – Metadata markup for describing the services provided + + - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single + sign-on** > **SAML Certificates** > **App Federation Metadata Url** + +- WsFederationRealm – Maps to the application identifier to Microsoft Entra ID + + - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single + sign-on** > **Basic SAML Configuration** > **Identifier** + +- WsFederationReply – This is the endpoint for the configured relying party trust + + - This value can be retrieved from your application in Microsoft Entra ID: **Manage** > **Single + sign-on** > **Basic SAML Configuration** > **Reply URL** + +For example: + +``` +     +     +     +``` + +**Step 3 –** Save and close the file. + +**Step 4 –** Navigate to Services (`services.msc`). Restart the Netwrix Access Analyzer (formerly +Enterprise Auditor) Web Server service. + +The Web Console has been enabled for Microsoft Entra ID single sign-on. diff --git a/docs/accessanalyzer/12.0/install/application/reports/kerberosencryption.md b/docs/accessanalyzer/12.0/install/application/reports/kerberosencryption.md new file mode 100644 index 0000000000..d881df9263 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/reports/kerberosencryption.md @@ -0,0 +1,102 @@ +# Manage Kerberos Encryption Warning for the Web Console + +If a computer's Local Security Policy, or applicable Group Policy, enforces certain encryption +methods for Kerberos authentication, then the service account running the Access Analyzer Web Server +must support the same encryption methods. + +If encryption methods have been configured for Kerberos on the Access Analyzer server but not on the +service account running the Access Analyzer Web Server service, then users will not be able to +log-in to the Web Console and will receive the below error message. + +![Kerberos Error Message](/img/product_docs/accessanalyzer/12.0/install/application/reports/kerberoserrormessage.webp) + +When this occurs, the following error will be logged: + +_ERROR - Unhandled server error: Nancy.RequestExecutionException: Oh noes! ---> +System.Security.SecurityException: The encryption type requested is not supported by the KDC_. + +This error will be logged in the following location: + +%SAINSTALLDIR%\SADatabase\Logs\Web\service.log + +While it is not required to configure these settings, this section provides the locations and steps +necessary to configure encryption methods in Local and Group policies to allow Kerberos for the +Report Index if an error does occur. + +## Local Security Policies + +Follow the steps to configure a Local Security Policy to allow Kerberos. + +**Step 1 –** Open the Local Security Policy window. + +![Local Security Policy Window](/img/product_docs/accessanalyzer/12.0/install/application/reports/localsecuritypolicywindow.webp) + +**Step 2 –** From the Security Settings list, navigate to **Local Policies** > **Security Options**. + +**Step 3 –** Right-click the **Network Security: Configure encryption types allows for Kerberos** +policy > click **Properties**. + +![Configure Local Security Setting Window](/img/product_docs/accessanalyzer/12.0/install/application/reports/configurelocalsecuritysettingwindow.webp) + +**Step 4 –** Configure necessary settings by checking each applicable box. + +**Step 5 –** Click **Apply**, then click **OK**. + +A Local Security Policy has been configured to allow encryption methods for Kerberos. Proceed to the +[Configure Active Directory Users and Computers Settings to allow Kerberos](#configure-active-directory-users-and-computers-settings-to-allow-kerberos) +section of this topic to ensure Active Directory Users and Computer settings are configured to allow +the encryption methods for Kerberos. + +## Group Security Policy + +Follow the steps to configure a Local Group Security Policy to allow Kerberos. + +**Step 1 –** Open the Local Group Policy Editor window. + +![Local Group Policy Editor window](/img/product_docs/accessanalyzer/12.0/install/application/reports/localgrouppolicywindow.webp) + +**Step 2 –** From the Local Computer Policy list, navigate to **Computer Configuration** > **Windows +Settings** > **Security Settings** > **Local Policies** > **Security Options** folder . + +**Step 3 –** Right-click the **Network Security: Configure encryption types allows for Kerberos** +policy, then click **Properties**. + +![Configure Local Security Setting Window](/img/product_docs/accessanalyzer/12.0/install/application/reports/configurelocalsecuritysettingwindow.webp) + +**Step 4 –** Configure necessary settings by checking each applicable box. + +**Step 5 –** Click **Apply**, then click **OK**. + +A Local Group Security Policy has been configured to allow encryption methods for Kerberos. Proceed +to the +[Configure Active Directory Users and Computers Settings to allow Kerberos](#configure-active-directory-users-and-computers-settings-to-allow-kerberos) +section of this topic to ensure Active Directory Users and Computer settings are configured to allow +the encryption methods for Kerberos. + +## Configure Active Directory Users and Computers Settings to allow Kerberos + +Follow the steps to ensure the settings for Active Directory Users and Computers are configured to +allow the encryption methods to allow Kerberos. Configurations selected in this section should +reflect the configuration options selected in the two sections above. See the +[Local Security Policies](#local-security-policies) and +[Group Security Policy](#group-security-policy) topics for additional information. + +**Step 1 –** Open the Active Directory Users and Computers window. + +![Active Directory Users and Computers Window](/img/product_docs/accessanalyzer/12.0/install/application/reports/activedirectoryusersandcomputerswindows.webp) + +**Step 2 –** Click and expand the Domain from the left-hand menu and click **Users**. + +**Step 3 –** Right-click a **User** from the list of available users, then click **Properties**. + +![User Properties Window](/img/product_docs/accessanalyzer/12.0/install/application/reports/userproperteswindow.webp) + +**Step 4 –** Click the **Account** tab. + +**Step 5 –** Locate the appropriate Account options and check the corresponding boxes. + +**Step 6 –** Click **Apply**, then click **OK**. + +Active Directory Users and Computer settings have been configured to allow the encryption methods +for Kerberos. These settings should match the configuration options for Local Security Policies and +Local Group Policies. diff --git a/docs/accessanalyzer/12.0/install/application/reports/okta.md b/docs/accessanalyzer/12.0/install/application/reports/okta.md new file mode 100644 index 0000000000..e624d8dd8c --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/reports/okta.md @@ -0,0 +1,171 @@ +# Creating an Application and Attributes in Okta + +Create an Access Analyzer Application in Okta Using the WS-Fed Template + +Follow the steps to create an Access Analyzer Application in Okta Using the WS-Fed Template: + +**Step 1 –** Log in to Okta. + +**Step 2 –** In the left-pane menu, expand **Applications** and then click **Applications**. + +**Step 3 –** Click **Create App Integration**. + +![Okta Browse App Integration Catalog](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktawsfedtemplate.webp) + +**Step 4 –** Browse the App Integration Catalog and select **Template WS-Fed**. + +**Step 5 –** Click **Create**. Name the application Access Analyzer. + +Retrieve the Values to Paste into the Access Analyzer WebServer.exe.config File + +![Okta Application copy link address](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktacopylinkaddress.webp) + +**Step 1 –** In the Access Analyzer application, click the **Sign On** tab. + +**Step 2 –** Right click on the **Identity Provider metadata** link and select **Copy Link Address** +to get the value for the WSFederationMetadata URL. + + + +**Step 3 –** Click on the General tab to copy the value for the **Realm**. This value will be unique +per tenant. + +`https://www.okta.com/` + +**Step 4 –** Construct the ReplytoURL using the FQDN of your Access Analyzer server: + +https://FQDNofaccessanalyzerserver.com:8082/federation + +Edit the WebServer.exe.config File + +Follow the steps to edit the **WebServer.exe.config** file: + +**Step 1 –** Open the **WebServer.exe.config** file with a text editor, such as Notepad++. It is +located in the Web folder within the Access Analyzer installation. + +**Step 2 –** Change the value for the `BindingUrl` parameter from `http` to `https`: + +``` + +``` + +![Okta application values in WebServer.exe.config file](/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigokta.webp) + +**Step 3 –** Update the following values in the **WebServer.exe.config** file with the values +retrieved from the Access Analyzer Okta application. + +**CAUTION:** These values are case sensitive. The values used here must match the values in the +Access Analyzer Okta application. + +- `WSFederationMetadata` – Paste the copied link address into the **WebServer.exe.config** file as: + + ``` + + ``` + +- `WSFederationRealm` – Paste the value for the Realm into the **WebServer.exe.config** file as: + + ``` + + ``` + +- `WSFederationReply` – Enter the value for the WSFederationReply based on the FQDN of the Access + Analyzer server and port into the **Webserver.exe.config** file as: + + ``` + + ``` + +**Step 4 –** Restart the Access Analyzer Web Server. + +Configure the App Settings for the StealthAUDIT Application + +**Step 1 –** In the Access Analyzer application, navigate to the General Tab and click **Edit** to +populate the following fields. + +- Web Application URL – This value should follow this + format:`https://:8082/` +- Realm – This value is unique per tenant and should follow this format: + `https://www.okta.com/` +- Audience Restriction – This value should match the value for the Realm +- ReplyToURL – Enter the value from the WSFederationReply setting from the **Webserver.exe.config** + file + + - `https://FQDNofaccessanalyzerserver.com:8082/federation` + +- Custom Attribute Statement – This value must match the following format, including case and bold + areas: + + http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname|${user.__samaccountname__}|, + http://schemas.xmlsoap.org/ws/2005/05/identity/claims/sid|${user.__SID__}|,http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn|${user.__upn__}| + +![oktaprofileeditor](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaprofileeditor.webp) + +**Step 2 –** Navigate to the Directory menu and select **Profile Editor** from the drop-down menu. +Click the **Edit Profile** button for the Access Analyzer application. + +![Okta Add Attribute button](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaaddattribute.webp) + +**Step 3 –** Click **Add Attribute** to open the Add Attribute window. + +![Okta Add Atrribute window](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaaddattributewindow.webp) + +**Step 4 –** In the Add Attribute window, add the following attributes: + +- Username +- SID +- samaccountname +- upn +- department + +**NOTE:** The case of the attributes in bold must match the case used in the custom attribute. + +Click **Save** to save the attribute details and close the Add Attribute window. To add another +attribute, click **Save and Add Another**. + +![To Okta option under the Directory Provisioning Tab](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktadirectoryprovisioningtookta.webp) + +**Step 5 –** Navigate to the **Directory** menu and click on the **Provisioning** tab. Click **To +Okta**. + +![Okta Show Unmapped Attributes](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktashowunmappedattributes.webp) + +**Step 6 –** Locate and map the attributes that were added for the profile by clicking the +**Pencil** icon to edit attributes. To locate the attributes, scroll down and select **Show Unmapped +Attributes**. + +![Okta Unmapped Attribute configuration window](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaunmappedattributeconfigscreen.webp) + +**Step 7 –** Click the pencil icon for **SID**, **upn**, and **samAccountName** to map the +attributes. They will display in the mapped section. + +**Step 8 –** Click **Save** and return to the **Okta Attribute Mappings** page. + +![Okta Attribute Mappings Force Sync](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaattributemappingsforcesync.webp) + +**Step 9 –** On the Okta Attribute Mappings page, click **Force Sync**. The new attributes will +display for any user under the profile. + +To configure Okta Multi-Factor Authentication, see the +[Setting Up Multi-Factor Authentication](#setting-up-multi-factor-authentication) topic for +additional information. + +## Setting Up Multi-Factor Authentication + +Follow the steps to configure multi-factor-authentication for Access Analyzer: + +![Okta MFA App Sign on Rule window](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktamfaappsignonrule.webp) + +**Step 1 –** Navigate to the **Sign On Policy** page and click **Add Rule**. The App Sign On Rule +opens. Configure the following options: + +- Rule Name – Name of the rule +- Conditions – Select whether the rule applies to either the **Users assigned to this app** or **The + following groups and users**. + +![Okta MFA App Sign on Rule window Access section](/img/product_docs/accessanalyzer/12.0/install/application/reports/oktamfaappsignonruleaccess.webp) + +**Step 2 –** Scroll down to the Access section. Check the **Prompt for factor** box and select +**Every Sign On**. Click **Save**. + +Multi-Factor Authentication is now configured for Access Analyzer. diff --git a/docs/accessanalyzer/12.0/install/application/reports/overview.md b/docs/accessanalyzer/12.0/install/application/reports/overview.md new file mode 100644 index 0000000000..1bdbc988b0 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/reports/overview.md @@ -0,0 +1,78 @@ +# Reports via the Web Console + +The Web Console is where any reports which have been published can be viewed outside of the Access +Analyzer Console. + +- Web Console – This console uses an embedded website for published reports. It provides a + consolidated logon feature for viewing published reports, and accessing the Netwrix Access + Information Center (when installed) and other Netwrix products. + +The Access Analyzer installer places a Web folder at the root of the Access Analyzer directory. This +folder contains the Access Analyzer Web Server (WebServer.exe) that runs on the Access Analyzer +Console upon installation. + +**NOTE:** The Access Analyzer Web Server service must run as an account that has access to the +Access Analyzer database. This may be a different account than the one used to connect Access +Analyzer to the database. If the Access Analyzer Vault service is running, the account running the +Web Server service must be an Access Analyzer Administrator. See the +[Vault](/docs/accessanalyzer/12.0/admin/settings/application/vault.md) topic for additional information. + +The Web folder that the Access Analyzer installer places at the root of the Access Analyzer +directory also contains a `WebServer.exe.config` file. This file contains configurable parameters. + +**CAUTION:** If encryption methods have been configured for Kerberos on the Access Analyzer server +but not on the service account running the Access Analyzer Web Server service, then users will not +be able to log-in to the Web Console and will receive an error message. See the +[Manage Kerberos Encryption Warning for the Web Console](/docs/accessanalyzer/12.0/install/application/reports/kerberosencryption.md) topic for additional +information on configuring security polices to allow Kerberos encryption. + +## Log into the Web Console + +In order for a user to log into the Web Console, the user’s account must have the User Principal +Name (UPN) attribute populated within Active Directory. Then the user can login using domain +credentials. If multiple domains are being managed by the Netwrix Access Information Center, then +the username needs to be in the `domain\username` format. + +Access to reports in the Web Console can be managed through the Role Based Access feature of Access +Analyzer (**Settings** > **Access**). The Web Administrator role and the Report Viewer role grant +access to the published reports. See the +[Role Based Access](/docs/accessanalyzer/12.0/admin/settings/access/rolebased/overview.md) topic for addition +information. + +**NOTE:** Access to the AIC and other Netwrix products is controlled from within those products. + +The address to the Web Console can be configured within the Access Analyzer Console (**Settings** > +**Reporting**). The default address is `http://[hostname.domain.com]:8082`. From the Access Analyzer +Console server, it can be accessed at `http://localhost/` with any standard browser. To access the +Web Console from another machine in or connected to the environment, replace localhost with the name +of the Access Analyzer Console. See the [Update Website URLs](secure.md#update-website-urls) topic +for additional information. + +**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See +the +[Configure JavaScript Settings for the Web Console](/docs/accessanalyzer/12.0/admin/settings/reporting.md#configure-javascript-settings-for-the-web-console) +topic for additional information. + +Follow the steps to login to the Web Console. + +**Step 1 –** To open the Web Console page, use one of the following methods: + +- From the Access Analyzer Console server – Click the Published Reports desktop icon + (`http://localhost:8082`) +- For remote access – Enter one of the following URLs into a web browser: + + http://[machinename]:8082 + + https://[machinename]:8082 + +**NOTE:** The URL that is used may need to be added to the browser’s list of trusted sites. + +![Web Console Login page](/img/product_docs/accessanalyzer/12.0/install/application/reports/webconsolelogin.webp) + +**Step 2 –** Enter your **User Name** and **Password**. Click **Login**. + +![Web Console Home page](/img/product_docs/accessanalyzer/12.0/install/application/reports/webconsolehome.webp) + +The home page shows the solutions with published reports available. See the +[Web Console](/docs/accessanalyzer/12.0/admin/report/view.md#web-console) topic for information on using the Web +Console. diff --git a/docs/accessanalyzer/12.0/install/application/reports/secure.md b/docs/accessanalyzer/12.0/install/application/reports/secure.md new file mode 100644 index 0000000000..cccf513d81 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/reports/secure.md @@ -0,0 +1,248 @@ +# Securing the Web Console + +Published reports can be accessed in the Web Console. There are several options for enhancing +security. + +Additional configuration options for enhanced security include: + +- Enable SSL – The `BindingUrl` parameter shows the port used by the Access Analyzer web server for + SSL reports. If SSL is enabled, the value will be HTTPS instead of HTTP. +- Enable Multiple Domain Access – The `AuthenticationDomains` parameter allows the Web Console to be + accessed from multiple domains. By default this parameter is blank, allowing only domain users + from the domain where the Access Analyzer Console resides to access the Web Console. +- Enable Single Sign-On – The `WindowsAuthentication` parameter allows domain users to be + automatically logged into the Web Console. By default this parameter is set to `false`, which + requires domain users to login each time the Web Console is accessed. See the + [Enable Single Sign-On](/docs/accessanalyzer/12.0/install/application/reports/sso.md) topic for additional information. + + **NOTE:** The Web Console also supports using Microsoft Entra ID single sign-on. See the + [Microsoft Entra ID Single Sign-On](/docs/accessanalyzer/12.0/install/application/reports/entraidsso.md) topic for additional information. + +These parameters can be configured within the **WebServer.exe.config** file in the Web folder of the +Access Analyzer installation directory `…\STEALTHbits\StealthAUDIT\Web`. + +## Enable SSL for the Web Console + +To enable Secure Sockets Layer (SSL) for secure, remote connections to the Web Console it is +necessary to bind a certificate to the port. See the +[Use a Self-Signed Certificate for SSL](#use-a-self-signed-certificate-for-ssl) topic for more +information. Follow the steps on the server where Access Analyzer is installed to enable SSL for the +Web Console. + +**NOTE:** The following steps require a certificate to be available. Organizations typically have +one or more system administrators responsible for Public Key Infrastructure (PKI) and certificates. +To continue with this configuration it will first be necessary to confer with the PKI administrator +to determine which certificate method will conform to the organization’s security policies. +Optionally, see [Use a Self-Signed Certificate for SSL](#use-a-self-signed-certificate-for-ssl) for +an Administrator PowerShell command which will both create and import a self-signed certificate. + +**Step 1 –** Import the certificate to the hosting server using the Certificate Management MMC +snap-in. + +**NOTE:** If using a self-signed certificate, it will also need to be imported. + +**Step 2 –** Create an SSL binding. It is necessary to use the certificate’s **Hash** value for the +`$certHash` value: + +**NOTE:** The following Administrator PowerShell dir command can be run on the certificate's “drive” +to find the **Hash** value of a certificate which was already created and the output will include +the Thumbprint (**Hash**) value and the certificate name: + +``` +dir cert:\localmachine\my +``` + +- Run the following command using Administrator PowerShell to create the SSL binding, with the + appropriate `certHash` value: + + ``` + $guid = "bdd5710f-7cbe-4f85-b8c1-da4bddf485a8" + $certHash = "80F78FD2566793D2F39E748CDF6DED09B6F57A82" # the 'Thumbprint' value + $ip = "0.0.0.0" # this means all IP addresses + $port = "8082" # the default HTTPS port + "http add sslcert ipport=$($ip):$port certhash=$certHash appid={$guid}" | netsh + ``` + +**Step 3 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is +located within the Web folder of the Access Analyzer installation directory. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfig.webp) + +**Step 4 –** Change the value for the `BindingUrl` parameter from `http` to `https`: + +``` + +``` + +- After changing the `BindingUrl` value in the **WebServer.exe.config** file, the Website URL must + be updated to match the new value in the following places: + - Access Analyzer's **Settings** > **Reporting** node + - Access Analyzer's Published Reports Desktop icon properties + - See the [Update Website URLs](#update-website-urls) topic for additional information. + +**Step 5 –** Save and close the file. + +**Step 6 –** Navigate to Services (`services.msc`). Restart the Netwrix Access Analyzer (formerly +Enterprise Auditor) Web Server service. + +**NOTE:** If also using the AIC, then SSL needs to be enabled for the AIC using this certificate. +See the Securing the AIC section of the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +The Web Console has been enabled for SSL communication. Access it using the server’s fully qualified +domain name and the HTTPS port (`https://[hostname.domain.com]:8082`). If a self-signed certificate +was used, then the client-side access to the Web Console will generate a Certificate error. See the +[Add the Certificate for Client-Side Access](#add-the-certificate-for-client-side-access) topic for +additional information. + +### Update Website URLs + +If the Binding URL value is updated in Access Analyzer's **WebServer.exe.config** file, the Website +URL must be updated to match the new value in the following places: + +- Access Analyzer's Reporting node (**Settings** > **Reporting**) +- Access Analyzer's Published Reports Desktop icon properties + +Update the Website URL in the Reporting Node + +Follow the steps to update the Website URL in the **Settings** > **Reporting** node. + +**Step 1 –** Expand **Settings** and select the **Reporting** node. + +![Access Governance Reporting Settings page](/img/product_docs/accessanalyzer/12.0/install/application/reports/websiteurlreporting.webp) + +**Step 2 –** In the **Website URL** box, update the URL to: `https://[hostname.domain.com]:8082` + +**Step 3 –** Click **Save**. + +The Website URL is now updated. + +Update the URL in the Published Reports Desktop Icon Properties + +Follow the steps to update the URL in the Published Reports desktop icon's Published Report's +Properties window. + +**Step 1 –** Right click on the **Published Reports** desktop shortcut and click **Properties**. + +![Published Reports desktop icon properties](/img/product_docs/accessanalyzer/12.0/install/application/reports/publishedreportsproperties.webp) + +**Step 2 –** On the **Web Document** tab, update the **URL** in the text box to: +`https://localhost:8082/` + +**Step 3 –** Click **Apply** and then **OK** to exit. + +The URL is now updated. + +### Remove Certificate from the Port + +Remove or unbind the certificate from the port by running the following Administrator PowerShell +command: + +``` +netsh http delete sslcert ipport=0.0.0.0:8082 # ip and port used when binding +``` + +### List SSL Certificate Bindings + +You can run the following PowerShell command to list all SSL certificate bindings and use this to +validate which certificates are bound to specific ports: + +``` +netsh http show sslcert +``` + +## Use a Self-Signed Certificate for SSL + +If you want to use a self-signed certificate, use the `New-SelfSignedCertificate` cmdlet, which is +available in Administrator PowerShell 3.0+ to generate and import the certificate: + +``` +New-SelfSignedCertificate -DnsName machinename.domain.com -CertStoreLocation Cert:\LocalMachine\My +``` + +The output will show this info: + +`Thumbprint                                Subject` + +`----------                                -------` + +`80F78FD2566793D2F39E748CDF6DED09B6F57A82  CN=machinename.domain.com` + +The Thumbprint value is the certificate **Hash** value to be used when binding to the port. The port +can be the same as in HTTP (8082). Use this **Hash** value for Step 2 of the +[Enable SSL for the Web Console](#enable-ssl-for-the-web-console) instructions. + +Creation and import of the self-signed certificate can be validated in Microsoft Management Console. +Follow these steps to confirm the certificate is in Microsoft Management Console. + +**Step 1 –** Open Microsoft Management Console (`mmc.exe`). + +![Microsoft Management Console Certificates snap-in](/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateaddsnapin.webp) + +**Step 2 –** Select **File** > **Add/Remove Snap-in**. The Add or Remove Snap-ins window opens. +Select **Certificates**, and click **Add**. Then select **Computer account** in the Certificates +snap-in window. + +![Microsoft Management Console Certificates snap-in Select Computer dialog](/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateselectcomputer.webp) + +**Step 3 –** Click **Next** and select **Local computer**. Click **Finish**. + +![Microsoft Management Console Certificates Add or Remove Snap-ins window](/img/product_docs/accessanalyzer/12.0/install/application/reports/certificatesnapins.webp) + +**Step 4 –** The certificate will appear in the Selected snap-ins list in the Add or Remove Snap-ins +window. Click **OK** to close the window. + +**Step 5 –** Navigate to **Certificates** > **Personal** > **Certificates**. The certificate should +show in the pane on the right. + +The self-signed certificate was created and imported. Repeat these steps for each client-side host. + +### Add the Certificate for Client-Side Access + +When you open the Web Console with SSL enabled, the web browser shows a Your connection isn't +private warning message. This can be removed by importing the certificate onto the client server. + +Follow the steps to remove the certificate error. + +**Step 1 –** Open the Web Console in your browser. + +![Your connection isn't private warning in Microsoft Edge](/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateconnectionnotprivate.webp) + +**Step 2 –** Click **Advanced**, and then use the link to continue to the site. This loads the main +page of the Web Console. + +![Access Certificat Viewer from Not Secure error in Microsoft Edge address bar](/img/product_docs/accessanalyzer/12.0/install/application/reports/certificatenotsecureerror.webp) + +**Step 3 –** Click the **Not Secure** warning in the browser's address bar. Open the Certificate +Viewer from the warning details. + +- In Microsoft Edge, click the **Your Connection to this site isn't secure** section, and then click + the certificate icon. +- In Google Chrome, click **Certificate is not valid**. + +![Web browser Certificate Viewer window](/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateviewer.webp) + +**Step 4 –** On the Details tab of the Certificate Viewer, click **Export**. Save the security +certificate and close the Certificate Viewer. + +![Certificate window](/img/product_docs/accessanalyzer/12.0/install/application/reports/certificatewindow.webp) + +**Step 5 –** Navigate to the save location from the previous step and open the exported security +certificate. On the Certificate window, click **Install Certificate**. The Certificate Import Wizard +opens. + +![Certificate Import Wizard](/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateimportwizard.webp) + +**Step 6 –** On the Certificate Import Wizard, select the Store Location as **Local Machine**, and +click **Next**. Keep the default selection of **Automatically select the certificate store based on +the type of certificate**. Navigate through the wizard to save this configuration. A pop-up message +should state that the import was successful. Click **OK** to close out all dialogs. + +![Microsoft Management Console Trusted Root Certification Authorities Certificates](/img/product_docs/accessanalyzer/12.0/install/application/reports/addcertificateconsole.webp) + +**Step 7 –** In the Microsoft Management Console, check the **Trusted Root Certification +Authorities** > **Certificates**. The self-signed certificate should now be listed there. + +The client-side access to the Web Console will no longer generate a certificate error. Repeat these +steps for each client-side host. diff --git a/docs/accessanalyzer/12.0/install/application/reports/sso.md b/docs/accessanalyzer/12.0/install/application/reports/sso.md new file mode 100644 index 0000000000..ffef49a2b5 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/reports/sso.md @@ -0,0 +1,64 @@ +# Enable Single Sign-On + +Single sign-on using Windows authentication allows users to be automatically log into the Web +Console according to the user’s current login session. When opening a session from a different +domain, the user will be prompted for credentials from a pop-up windows. After authenticating, the +user will be automatically logged in the Web Console. + +**NOTE:** The Web Console also supports using Microsoft Entra ID single sign-on. See the +[Microsoft Entra ID Single Sign-On](/docs/accessanalyzer/12.0/install/application/reports/entraidsso.md) topic for additional information. + +Follow the steps to enable single sign-on for the Web Console. + +**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. It is +located within the Web folder of the Access Analyzer installation directory. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigsso.webp) + +**Step 2 –** Change the value for the `WindowsAuthentication` parameter to: + +``` + +``` + +**Step 3 –** Save and close the file. + +**Step 4 –** Navigate to Services (`services.msc`). Restart the Netwrix Access Analyzer (formerly +Enterprise Auditor) Web Server service. + +The Web Console has been enabled for single sign-on. + +## Local Intranet Settings + +Next, configure local intranet settings to enable SSO. This enables users to have authentication +pass through Windows Authentication and bypass SSO configuration Prompts for credentials via Browser +pop-up. + +Follow the steps to configure local intranet settings. + +**Step 1 –** Open Windows Internet Properties (**Control Panel** > **Network and +Internet** > **Internet Options**). + +![ConfigureLocalIntranetSettingsforSSO - 1](/img/product_docs/accessanalyzer/12.0/install/application/reports/internetproperties.webp) + +**Step 2 –** Go to the Security tab, and select the **Local Intranet** option. Then, click the +**Sites** button. + +![localintranet](/img/product_docs/accessanalyzer/12.0/install/application/reports/localintranet.webp) + +**Step 3 –** Click the **Advanced** button. + +![localintranetadvanced](/img/product_docs/accessanalyzer/12.0/install/application/reports/localintranetadvanced.webp) + +**Step 4 –** Enter a domain in the **Add this website in the zone** field. Ensure the fully +qualified domain name is in the following format: `https://..com` + +**Step 5 –** Click the **Add** button. Close the Local intranet window. + +**Step 6 –** On the Internet Properties window, click the **Apply** button. + +Authentication will now pass through Windows Authentication and bypass SSO configuration Prompts for +credentials via Browser pop-up + +**NOTE:** A list of allowed authentication servers can also be configured using the +AuthServerAllowList policy. diff --git a/docs/accessanalyzer/12.0/install/application/reports/timeout.md b/docs/accessanalyzer/12.0/install/application/reports/timeout.md new file mode 100644 index 0000000000..c114a25488 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/reports/timeout.md @@ -0,0 +1,25 @@ +# Timeout Parameter for the Web Console + +The Web Console is configured with a default timeout parameter of 15 minutes. This can be configured +within the **WebServer.exe.config** file in the Web folder of the Access Analyzer installation +directory: + +…\STEALTHbits\StealthAUDIT\Web + +Follow the steps to modify the timeout parameter for the Web Console. + +**Step 1 –** Open the **WebServer.exe.config** file with a text editor, for example Notepad. + +![WebServer.exe.config file in Notepad](/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigtimeout.webp) + +**Step 2 –** Change the value for the `SessionTimeout` parameter to the desired number of minutes: + +``` + +``` + +**Step 3 –** Save and close the file. + +The Web Console session will timeout after this many minutes of inactivity. This value will take +precedence over session timeout values set within the product consoles, for example the AIC, when +accessed through the Web Console. diff --git a/docs/accessanalyzer/12.0/install/application/updatelicense.md b/docs/accessanalyzer/12.0/install/application/updatelicense.md new file mode 100644 index 0000000000..a49ff5ed1f --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/updatelicense.md @@ -0,0 +1,59 @@ +# Update License Key + +It is necessary to install a new license key for an existing Access Analyzer installation due to the +following: + +- To renew a Access Analyzer license that is due to expire +- To grant access to additional Solutions +- To enable Sensitive Data Discovery + +In these situations it is possible to update the license file without going through the full +installation process. + +## Install a New License File + +Follow the steps to update the Access Analyzer license key without installing a new version of the +Access Analyzer Console. + +**Step 1 –** Ensure the new `StealthAUDIT.lic` license file is stored locally on the Access Analyzer +Console server in order to be referenced during the installation process. + +![Windows Control Panel Uninstall or change a program window](/img/product_docs/accessanalyzer/12.0/install/application/controlpaneluninstall.webp) + +**Step 2 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and +Features**), select the Access Analyzer application and click **Change**. + +![Setup Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/install/application/welcome_1.webp) + +**Step 3 –** On the Welcome page, click **Next**. + +![Setup Wizard Change, Repair, or Remove Installation page](/img/product_docs/accessanalyzer/12.0/install/application/change.webp) + +**Step 4 –** On the Change, Repair, or Remove Installation page, click **Change**. + +| | | | +| ----------------------------------------------------------------------------------------------------------------------- | --- | ----------------------------------------------------------------------------------------------------------------------------------------------------- | +| ![License File page](/img/product_docs/accessanalyzer/12.0/install/application/licensemapped.webp) | +| Default License File Page | | Mapped License File | + +**Step 5 –** On the License File page, click **Browse** and navigate to the **StealthAUDIT.lic** +file. It must be stored on the Access Analyzer Console server before the installation begins. When +the path to the file is visible in the text box, click **Next**. The license will be imported. + +![License Features page](/img/product_docs/accessanalyzer/12.0/install/application/licensefeatures.webp) + +**Step 6 –** The License Features page displays a list of all features covered by the imported +license. It also displays the name of the organization which owns the license, the expiration date, +and the host limit. These are the features that will be installed. Click **Next**. + +![Setup Wizard Ready to change page](/img/product_docs/accessanalyzer/12.0/install/application/ready_1.webp) + +**Step 7 –** On the Ready to Change Access Analyzer page, click **Change** to begin the update. + +![Setup Wizard Completed page](/img/product_docs/accessanalyzer/12.0/install/application/completed.webp) + +**Step 8 –** When the installation has completed, click **Finish** to exit the wizard. + +The new license file has been imported. If the license granted access to any additional solutions, +they will now be accessible from within the Access Analyzer Console. If the new license added +Sensitive Data Discovery, the necessary components for Sensitive Data Discovery have been installed. diff --git a/docs/accessanalyzer/12.0/install/application/upgrade/overview.md b/docs/accessanalyzer/12.0/install/application/upgrade/overview.md new file mode 100644 index 0000000000..5a24b38d0d --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/upgrade/overview.md @@ -0,0 +1,77 @@ +# Access Analyzer Console Upgrade + +Access Analyzer 12.0 uses the Upgrade Wizard. For upgrades from versions of Access Analyzer that are +no longer supported, contact [Netwrix Support](https://www.netwrix.com/support.html) for assistance. + +**NOTE:** If any customizations have been done by a Netwrix Engineer, please ensure custom work is +not lost during the upgrade process. While using the Upgrade Wizard, customizations are archived +prior to solution upgrades. These archives are available after the solution upgrades have been +completed. Contact [Netwrix Support](https://www.netwrix.com/support.html) for additional +information. + +The purpose of this document is to provide the basic steps needed for upgrading Access Analyzer and +the stock solutions. Contact [Netwrix Support](https://www.netwrix.com/support.html) for additional +information. + +See the [What's New](/docs/accessanalyzer/12.0/whatsnew.md) topic for release information. + +## Considerations + +NEAUsers Group for Role Based Access + +Access Analyzer 12.0 introduces a new NEAUsers local group for Role Based Access (RBA). This +replaces using the local users group to assign users the necessary permissions on the Access +Analyzer application directory. If you already have Role Based Access enabled in the previous +version of Access Analyzer, then during the first initialization of Access Analyzer 12.0 the +following happens: + +- The NEAUsers local group is created on the Access Analyzer Console server, and is given the + required permissions on the Access Analyzer application (StealthAUDIT) folder +- Existing configured RBA users are added to this new NEAUsers group + + **NOTE:** The Web Administrator and Report Viewer roles do not require access to the Access + Analyzer console, so users assigned these roles are not added to the NEAUsers group. + + **NOTE:** Adding a user to the NEAUsers group does not apply to the Web Service access type, it + only gives Console access. + +- The local users group is removed from the Access Analyzer application folder permissions + +For this process to complete successfully, on first launch the user running Access Analyzer must +have local administrator rights. Otherwise, an exception will be thrown during the initialization. + +Multiple Access Analyzer Consoles Connecting to the Same Database + +In environments where multiple Access Analyzer Consoles are using the same SQL Server database, +every console using the database must also be updated. The act of connecting a Access Analyzer +Console with a newer version to a database updates the database’s schema pursuant to the new +definition. If a Access Analyzer Console with an older version connects to the same database after +the schema has been updated, corruption to Access Analyzer’s system tables can result. + +SQL Server Supported Version Change for the Access Analyzer Database + +With the release of Access Analyzer v12.0, SQL Server 2016 through SQL Server 2022 are the supported +versions for the Access Analyzer database. + +To grant access to additional Solutions in an existing Access Analyzer installation, a new license +key is required. To update the Access Analyzer license key without installing a new version of the +Access Analyzer Console, see the [Update License Key](/docs/accessanalyzer/12.0/install/application/updatelicense.md) topic for instructions. + +License Key Changes + +The following changes in licensing requires the organization needing a new key: + +- Access Analyzer v12.0 + + - No additional licenses are required for this version + +- Enterprise Auditor v11.6 + + - No additional licenses are required for this version + +- StealthAUDIT v11.5 + + - No additional licenses are required for this version + +See the [Update License Key](/docs/accessanalyzer/12.0/install/application/updatelicense.md) section for instructions on updating the license +key. diff --git a/docs/accessanalyzer/12.0/install/application/upgrade/solutionconsiderations.md b/docs/accessanalyzer/12.0/install/application/upgrade/solutionconsiderations.md new file mode 100644 index 0000000000..6fd3307dcc --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/upgrade/solutionconsiderations.md @@ -0,0 +1,115 @@ +# Solution Upgrade Considerations + +The following items must be taken into consideration for upgrades: + +Access Information Center + +- Should be upgraded at the same time as Access Analyzer. + + **NOTE:** The Access Analyzer upgrade should be completed first. + +See the Upgrade Procedure for Access Analyzer topic in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter)[ ](https://www.stealthbits.com/jdownloads/Documentation%20User%20Guides%20PDF/Stealthbits_AIC_InstallConfigGuide.pdf)for +instructions. + +Sensitive Data Discovery + +- In Access Analyzer 12.0 the Sensitive Data Discovery features are included in the standard + installations when your license includes it. If you have the old Sensitive Data Discovery Add-On + installed from a previous Access Analyzer version, then you must manually uninstall it from the + Access Analyzer Console server, and any File System proxy and SharePoint Agent servers where it is + installed, before proceeding with the upgrade. + + **CAUTION:** The new global settings will overwrite any previously configured criteria. Make a + note of any configured Sensitive Data Criteria before upgrading Access Analyzer. Sensitive Data + Criteria must be reconfigured after an upgrade. + +- Sensitive Data Criteria selection is configured globally and used by default in all solution sets. + See the [Configure Global Sensitive Data Settings](#configure-global-sensitive-data-settings) for + additional information. + +Active Directory Solution Considerations + +- The Active Directory solution by default upgrades as **Upgrade in Place**. Do not change this + upgrade option. After completing the upgrade, you need to manually add the new **Active + Directory** > **7. Certificate Authority** job group from the `InstantSolutions` directory. +- For Activity – Ensure the Netwrix Activity Monitor is a compatible version. See the Upgrade + Instructions in the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for additional information. + +File System Solution Considerations + +- For Proxy Mode as a Service – File System Proxy Service needs to be updated on the proxy servers. + See the [Upgrade Proxy Service Procedure](/docs/accessanalyzer/12.0/install/filesystemproxy/upgrade.md) topic for + instructions. +- For Activity – Ensure the Netwrix Activity Monitor is a compatible version. See the Upgrade + Instructions in the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for additional information. + +SharePoint Solution Considerations + +- For SharePoint Agent – Access Analyzer SharePoint Agent needs to be updated on the SharePoint + server where it was installed. See the + [Upgrade SharePoint Agent](/docs/accessanalyzer/12.0/install/sharepointagent/upgrade.md) section for instructions. +- For Activity – Ensure the Stealthbits Activity Monitor is a compatible version. See the Upgrade + Instructions in the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for additional information. + +The following binary component versions are required for Access Analyzer v12.0: + +| Component | Version | +| -------------------------------- | ------- | +| Access Information Center | 12.0 | +| Netwrix Activity Monitor | 8.0 | +| File System Proxy Service | 12.0 | +| Access Analyzer SharePoint Agent | 12.0 | + +## File System Solution Upgrade + +After upgrading to Access Analyzer 12.0, run the latest version of the **File System** > +**0.Collection** > **0-Create Schema** job to migrate the File System Solution to the latest +database schema. + +This database schema migration should be performed before running other jobs in the File System +Solution after upgrading to Access Analyzer 12.0. + +See the [File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) topic for additional +information. + +## Configure Global Sensitive Data Settings + +**CAUTION:** The new global Settings will overwrite any previously configured criteria. Make a note +of any configured Sensitive Data Criteria before commencing the upgrade Access Analyzer. Sensitive +Data Criteria must be reconfigured after an upgrade. + +If Sensitive Data Criteria are configured differently for each solution, re-configure the criteria +selection at the solution level. See the topic for the applicable solution for additional +information. + +If the same Sensitive Data Criteria are used for all solutions, configure the criteria selection at +the global **Settings** > **Sensitive Data** node, which will then be used by default in all +solutions. The Sensitive Data node provides configuration options to manage Sensitive Data Criteria +and false positive exclusion filters. See the +[Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) topic for additional +information. + +Follow the steps to configure Sensitive Data Criteria at the global level. + +![Global Settings Sensitive Data node](/img/product_docs/accessanalyzer/12.0/install/application/upgrade/sensitivedata.webp) + +**Step 1 –** If the same Sensitive Data Criteria are used for all solutions, configure the criteria +selection at the global Settings level, which will then be used by default in all solution sets. +Navigate to the **Settings** > **Sensitive Data** node and click **Add** to open the Select Criteria +window. + +![Sensitive Data Select Criteria window](/img/product_docs/accessanalyzer/12.0/install/application/upgrade/selectcriteria.webp) + +**Step 2 –** Select the desired criteria. Use the **Search Criteria** text field to filter the list +using keywords or expand each category to view and select individual Sensitive Data search criteria, +then click **OK**. + +By default, Sensitive Data Criteria configured at the global Settings level is inherited down to the +applicable solutions. diff --git a/docs/accessanalyzer/12.0/install/application/upgrade/wizard.md b/docs/accessanalyzer/12.0/install/application/upgrade/wizard.md new file mode 100644 index 0000000000..fcad5534f9 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/upgrade/wizard.md @@ -0,0 +1,154 @@ +# Access Analyzer Core Upgrade Instructions + +**CAUTION:** If Role Based Access has been enabled, a user with the Administrator role must perform +the upgrade. Other user roles do not have the necessary permissions to perform upgrades. + +Follow the steps to upgrade to Access Analyzer 12.0 on the same server where an older version of +Access Analyzer is installed. + +**NOTE:** If any customizations have been done by a Netwrix Engineer, please ensure the custom work +is not lost during the upgrade process. While using the Upgrade Wizard, customizations are archived +prior to solution upgrades. These archives are available after the solution upgrades have been +completed. Contact [Netwrix Support](https://www.netwrix.com/support.html) for additional +information. + +**CAUTION:** The new global Settings will overwrite any previously configured Sensitive Data +criteria. Make a note of any configured Sensitive Data Criteria before upgrading Access Analyzer. +Sensitive Data Criteria must be reconfigured after an upgrade. See the +[Configure Global Sensitive Data Settings](solutionconsiderations.md#configure-global-sensitive-data-settings) +topic for additional information. + +![Windows Control Panel Uninstall or change a program window](/img/product_docs/accessanalyzer/12.0/install/application/controlpaneluninstall.webp) + +**Step 1 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and +Features**), uninstall the previous version of Access Analyzer. Jobs, application configuration +files, and reports remain in the installation directory after the uninstall process. + +**NOTE:** If you have the old Netwrix Sensitive Data Discovery Add-On installed, you must uninstall +it before continuing with this upgrade. For Access Analyzer 12.0, Sensitive Data Discovery is +installed as part of the main installation if your license includes it. + +- The `WebServer.exe.config` file is automatically retained in a Backup folder created under the Web + folder of the installation directory. Any custom application settings contained in this file are + kept as part of this upgrade process. + +![Setup Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/install/application/upgrade/welcome.webp) + +**Step 2 –** Install Access Analyzer 12.0. See the [Access Analyzer Core Installation](/docs/accessanalyzer/12.0/install/application/wizard.md) +topic for detailed instructions. + +- Before installation, ensure the new `StealthAUDIT.lic` license file is stored locally on the + Access Analyzer Console in order to be referenced during the installation process +- Access Analyzer is installed to the following directory by default: `…\STEALTHbits\StealthAUDIT` + + If another installation path is designated, please be sure to leave `STEALTHbits\StealthAUDIT` + as the path suffix in the installation wizard. + +- During the installation, any customizations to the settings in the `WebServer.exe.config` file are + automatically restored from the backup file retained when installing the previous version. The + `../Web/Backup` folder is deleted after the settings have been restored. + +After the installation is completed, the upgrade wizard launches from the Access Analyzer desktop +icon. + +## Upgrade Wizard + +Once the Access Analyzer installation process is complete, it is necessary to go through the Upgrade +Wizard. There are three Upgrade options for a solution: + +- Full Upgrade – Performs a full synchronization of the directory and file structure of the solution + to mirror the Instant Solution +- Upgrade in place – Performs file content updates of jobs matching the Instant Solutions but does + not change the Jobs tree structure +- Do not upgrade – No upgrade is performed, leaving the previous version of the solution + +The default settings configured within the Advanced Upgrade Options window align with the best +practices of the Netwrix Professional Services and Support teams. + +The Upgrade Wizard conducts the following actions according to the State identified and whether the +Upgrade action is set to **Full Upgrade** or **Upgrade in place**: + +| State | Condition | Action: Full Upgrade | Action: Upgrade in place | +| -------- | ----------------------------------------------------------------------------------- | -------------------- | ------------------------ | +| Normal | Job exists in Locked state and has matching ID in Instant Solutions | Upgrade | Upgrade | +| New | Job exists in Instant Solutions but not in the Jobs tree for an existing solution | Install | Install | +| Removed | Job exists in Locked state in the Jobs tree but does not exist in Instant Solutions | Delete | Nothing | +| Copied | Original job exists in original location, but multiple instances of the job exists | Delete | Upgrade | +| Moved | Original job exists but in a different location than in the Instant Solutions | Move & Upgrade | Upgrade | +| Renamed | Job found via ID match but was renamed | Rename & Upgrade | Upgrade | +| Conflict | Changes have been made to the job | Overwrite | Overwrite | + +Conflicts are identified when customizations have been made by either a user or a Netwrix engineer. +Conflicts need to be either resolved prior to the upgrade action or manually applied after the +upgrade is complete. Conflict resolution can be done on the Changes window by undoing a +customization. However, if the conflict is undone prior to a solution upgrade, then the +customization will not be archived. + +**CAUTION:** If Role Based Access has been enabled, a user with the Administrator role must perform +the upgrade. Other user roles do not have the necessary permissions to perform upgrades. + +Follow the steps to use the Upgrade Wizard. + +**Step 1 –** Launch the Access Analyzer application. The installation wizard placed the Access +Analyzer icon on the desktop. + +![Configuration Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/install/application/upgrade/welcome.webp) + +**Step 2 –** The Access Analyzer Configuration Wizard opens. Click **Next** to continue. + +**NOTE:** When Access Analyzer12.0 is installed on a server where a previous version of Access +Analyzer had been installed, the Version Selection page of the Configuration Wizard will not appear. + +![Configuration Wizard Solution Set Files page with conflicts](/img/product_docs/accessanalyzer/12.0/install/application/upgrade/solutionsetfiles.webp) + +**Step 3 –** On the Solution Set Files page, only upgrade conflicts are displayed by default. + +**_RECOMMENDED:_** Investigate the changes where conflicts have been identified before proceeding. + +**Step 4 –** (Optional) Select an item with the Conflict State and click **View conflicts** to open +the Changes window. + +Additional options include: + +- Show upgrade conflicts only – Displays upgrade actions for all solutions +- Advanced – Opens the Advanced Upgrade Options window to view or modify the Upgrade option per + solution + +![View conflicts in the Changes window](/img/product_docs/accessanalyzer/12.0/install/application/upgrade/changes.webp) + +**Step 5 –** (Optional) Conflicts can be resolved on the Changes window, which is opened by the +**View conflicts** button. Remember, if the conflict is resolved prior to a solution upgrade, then +the customization will not be archived. To resolve a conflict, select it from the list and click +**Undo**. + +**Step 6 –** When the Upgrade options have been set as desired. Click **Next**. + +![Configuration wizard Options page](/img/product_docs/accessanalyzer/12.0/install/application/upgrade/options.webp) + +**Step 7 –** On the Options page, select whether to send usage statistics to Netwrix to help us +improve our product. After the Usage Statistics option is set as desired, click **Next** to +continue. + +- If selected, usage statistics are collected and sent to Netwrix + + - Upon startup of the Access Analyzer console, the system checks if usage statistics have been + sent in the last 7 days. If they have not been, stored procedures run against the Access + Analyzer database and gather data about job runs, access times, and environmental details like + resource counts, users counts, number of exceptions, and so on. This data is then sent back to + Netwrix to help us identify usage trends and common pain points, so that we can use this + information to improve the product. + - Only anonymous statistic-level data is included. No private company or personal data is + collected or sent to Netwrix. + +- If cleared, no usage statistics are collected or sent to Netwrix + +![Configuration Wizard Progress page](/img/product_docs/accessanalyzer/12.0/install/application/upgrade/progress.webp) + +**Step 8 –** The Upgrade Progress page opens and displays the progress of the upgrade actions. When +the action completes, click **Finish**. + +The Upgrade Wizard closes, and Access Analyzer launches. The archived Jobs directory is in a ZIP +file located within the Jobs directory: `…\STEALTHbits\StealthAUDIT\Jobs`. + +The ZIP file name reflects the date and time of the upgrade. For example, the file name for an +upgrade performed on June 4, 2023 at approximately 6 PM would be: `20230604180542.zip`. diff --git a/docs/accessanalyzer/12.0/install/application/wizard.md b/docs/accessanalyzer/12.0/install/application/wizard.md new file mode 100644 index 0000000000..5d0859c58d --- /dev/null +++ b/docs/accessanalyzer/12.0/install/application/wizard.md @@ -0,0 +1,59 @@ +# Access Analyzer Core Installation + +Save the organization’s Access Analyzer license key, received from your Netwrix Sales +Representative, to the server where Access Analyzer is to be installed. Then follow the steps to +install Access Analyzer. + +**NOTE:** The process explained in this topic assumes that both the downloaded binary and the +license (.lic) file are located on the server which will become the Access Analyzer Console. + +**CAUTION:** If User Account Control (UAC) is enabled on the server, ensure the installation package +is run in Administrative/privilege mode. + +**Step 1 –** Run the **Netwrixaccessanalyzer.exe** executable to open the Access Analyzer Setup +Wizard. + +![Setup Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/install/application/welcome.webp) + +**Step 2 –** On the Welcome page, click **Next** to begin the installation. + +![ End User License Agreement](/img/product_docs/accessanalyzer/12.0/install/application/eula.webp) + +**Step 3 –** On the End-User License Agreement page, read the End User License Agreement, then check +the **I accept the terms in the License Agreement** box and click **Next**. + +![Destinations Folder page](/img/product_docs/accessanalyzer/12.0/install/application/destination.webp) + +**Step 4 –** On the Destination Folder page, click **Change** to select the folder location to +install Access Analyzer. The default destination folder is +`C:\Program Files (x86)\STEALTHbits\StealthAUDIT\`. Click **Next** to continue. + +| | | | +| ----------------------------------------------------------------------------------------------------------------------- | --- | ----------------------------------------------------------------------------------------------------------------------------------------------------- | +| ![License File page](/img/product_docs/accessanalyzer/12.0/install/application/licensemapped.webp) | +| Default License File Page | | Mapped License File | + +**Step 5 –** On the License File page, click **Browse** and navigate to your **StealthAUDIT.lic** +file. When the path to the file is visible in the textbox, click **Next**. + +**NOTE:** The license file must be stored on the Access Analyzer Console server before the +installation begins. + +![License Features page](/img/product_docs/accessanalyzer/12.0/install/application/licensefeatures.webp) + +**Step 6 –** The License Features page displays a list of all features covered by the imported +license. It also displays the name of the organization which owns the license, the expiration date, +and the host limit. These are the features that will be installed. Click **Next**. + +![Ready to install Netwrix Access Governance page](/img/product_docs/accessanalyzer/12.0/install/application/ready.webp) + +**Step 7 –** On the Ready to install Access Analyzer page, click **Install** to begin the +installation. + +![Setup Wizard Completed page](/img/product_docs/accessanalyzer/12.0/install/application/completed.webp) + +**Step 8 –** When the installation has completed, click **Finish** to exit the wizard. + +The Access Analyzer Console has been installed, and two desktop icons have been created: Access +Analyzer and Published Reports. Launch the Access Analyzer application to complete the initial +configuration. diff --git a/docs/accessanalyzer/12.0/install/filesystemproxy/configuredatacollector.md b/docs/accessanalyzer/12.0/install/filesystemproxy/configuredatacollector.md new file mode 100644 index 0000000000..c1212c83e8 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/filesystemproxy/configuredatacollector.md @@ -0,0 +1,26 @@ +# File System Data Collection Configuration for Proxy as a Service + +To employ the proxy mode as a service scan for collecting file system data from the target host, +navigate to the **FileSystem** > **0.Collection** > **…System Scans** jobs and open the File System +Access Auditor Data Collector Wizard from the job’s query. + +On the Applet Settings wizard page, select the following option: + +- Require applet to be running as service on target – Must be selected in the Applet Launch + Mechanism section to prevent the deployment of the applet or the ad hoc installation of the + service during the scan + +On the Scan Server Selection wizard page, select either of the following options: + +- Specific Remote Server – Assigns the data collection processing to the server specified in the + textbox +- Specific Remote Servers by Host List – Assigns the data collection processing to the proxy servers + in the host list selected within the wizard via the **Select Hosts Lists** button + +See the +[FSAA Query Configuration](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/overview.md#fsaa-query-configuration) +topic for additional information. + +**_RECOMMENDED:_** When choosing to use proxy mode as a service for any of the File System Solution +**…System Scans** jobs, set proxy mode as a service for all of the **…System Scans** jobs that are +scheduled to run together. diff --git a/docs/accessanalyzer/12.0/install/filesystemproxy/overview.md b/docs/accessanalyzer/12.0/install/filesystemproxy/overview.md new file mode 100644 index 0000000000..9f50e36951 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/filesystemproxy/overview.md @@ -0,0 +1,124 @@ +# File System Proxy as a Service Overview + +The File System Solution can be enabled to use proxy servers for scanning targeted file systems in +very large or widely dispersed environments. + +When File System scans are run in proxy mode as a service, there are two methods available for +deploying the service: + +- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be + installed on the Windows proxy servers prior to executing the scans. This is the recommended + method. +- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the + Windows proxy server when the job is executed + +The data collection processing is conducted by the proxy server where the service is running and +leverages a local mode-type scan to each of the target hosts. The final step in data collection is +to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to +the Access Analyzer Console server. + +Communication between the Access Analyzer Console Server and the proxy server is secure by default +using HTTPS requests. + +The version of the proxy service must match the major version of Access Analyzer. + +See the [File System Solution](/docs/accessanalyzer/12.0/requirements/solutions/filesystem.md) topic for information on +the required prerequisites. + +## Supported Platforms + +The File System Proxy Service for the Access Analyzer File System Solution can be installed on the +following Windows operating systems: + +- Windows Server 2022 +- Windows Server 2019 +- Windows Server 2016 + +## Proxy Scanning Architecture + +Access Analyzer is configured by default to process data collection against ten target hosts +simultaneously. When File System scans are run in local mode ten hosts process simultaneously, and +processing against the eleventh host begins after the processing against the first host is +completed. Proxy scanning architecture supports large deployments or widely dispersed environments. + +A proxy server is any server that can be leveraged to process data collection against target hosts. + +**CAUTION:** The File System Proxy Service cannot be installed on the same server as Access +Analyzer. + +Two options are available for implementing the proxy scanning architecture: + +- Proxy mode with applet +- Proxy mode as a service + +### Proxy Mode with Applet + +When File System scans are run in proxy mode with applet, it means the File System applet is +deployed to the Windows proxy server when the job is executed to conduct data collection. The data +collection processing is initiated by the proxy server where the applet is deployed and leverages a +local mode-type scan to each of the target hosts. The final step in data collection is to compress +and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Access +Analyzer Console server. + +![Diagram of Enterprise Auditor server sending an FSAA applet to a proxy server](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/proxymodewithapplet.webp) + +The diagram illustrates the Access Analyzer server sending an FSAA applet to a proxy server, which +runs the scan against a file server, and then returns data to the Access Analyzer server. + +### Proxy Mode as a Service + +When File System scans are run in proxy mode as a service, there are two methods available for +deploying the service: + +- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be + installed on the Windows proxy servers prior to executing the scans. This is the recommended + method. +- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the + Windows proxy server when the job is executed + +The data collection processing is conducted by the proxy server where the service is running and +leverages a local mode-type scan to each of the target hosts. The final step in data collection is +to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to +the Access Analyzer Console server. + +The proxy communication is configured during the installation of the service on the proxy server and +certificate exchange options are configured via the Applet Settings page of the File System Access +Auditing Data Collector Wizard. The credential provided for the secure communications in the +installation wizard is also added to the Access Analyzer Connection Profile assigned to the File +System Solution. + +See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md) topic for additional information. + +![Diagram of Enterprise Auditor server communicating securely with the proxy service on a proxy server](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp) + +The diagram illustrates the Access Analyzer server communicating securely with the proxy service on +a proxy server, which runs the scan against a file server, collecting the data locally and securely. +Then the proxy service returns data securely to the Access Analyzer server. + +When a proxy mode scan is initiated from the Access Analyzer Console, it will distribute hosts to be +scanned across all proxy hosts. Access Analyzer monitors the scans from the central console. Once +all proxy hosts have completed scanning, all results and SQLite databases are returned to the Access +Analyzer Console server. + +![Diagram of difference between an implementation with and without proxy servers](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/fsaaproxyarchitecture.webp) + +The diagram shows the difference between an implementation of Access Analyzer without proxy servers +(on the left) and with proxy servers (on the right). On the right side of the diagram, the scans +have been configured to use the local host and two additional proxy servers to perform the FSAA Data +Collector scans. This allows it to execute three times as many concurrent hosts than would be +possible without proxy servers. This provides a clear benefit in scalability and scan times. + +The proxy functionality for the FSAA Data Collector provides security and reliability. + +_Remember,_ It is recommended that the File System Proxy Service is installed on the proxy server +before running File System scans in proxy mode as a service. Once installed, the FileSystemAccess +(FSAA) Data Collector must be configured to use the service. See the +[File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/12.0/install/filesystemproxy/configuredatacollector.md) topic +for additional information. + +## Sensitive Data Discovery Auditing Consideration + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By default, SDD scans are +configured to run two concurrent threads. For example, if the job is configured to scan 8 hosts at a +time with two concurrent SDD threads, then an extra 32 GB of RAM are required (8x2x2=32). diff --git a/docs/accessanalyzer/12.0/install/filesystemproxy/silentinstall.md b/docs/accessanalyzer/12.0/install/filesystemproxy/silentinstall.md new file mode 100644 index 0000000000..fa5cd82508 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/filesystemproxy/silentinstall.md @@ -0,0 +1,76 @@ +# Silent Installer Option for Proxy + +It is possible to use one of the following methods to complete a silent installation of the File +System Proxy Service. + +**CAUTION:** For all Active Directory versions, aside from Windows 2012 R2, the silent installer +does not prompt an error message if a duplicate SPN value exists in the targeted domain for +[Option 1: Run as LocalSystem](#option-1-run-as-localsystem). Having duplicate SPN’s in the targeted +Active Directory environment prohibits connection to the proxy service, resulting in a failed scan. + +If a desired SPN already exists in a Windows 2012 R2 domain, the silent installer displays the +following message: + +> _There is a problem with this Windows Installer package. A script required for this install to +> complete could not be run. Contact your support personnel or package vendor_. + +To resolve the problem, remove the duplicate SPN value and rerun the installer to complete +installation. For any additional issues, verbose logging is included in the silent installer and +creates an `install.txt` file on the desktop. + +## Option 1: Run as LocalSystem + +Follow the steps to install the File System Proxy Service on the targeted proxy servers with a +silent installer. + +**Step 1 –** Copy the `FileSystemProxy.msi` executable to the desktop of the server designated as +the proxy server. + +**Step 2 –** Run the following command: + +``` +msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=SYSTEM +``` + +- To add a non-default install directory, append `PRODUCTDIR="[path]"` to the command. + + - `path` – The path to the desired installation directory and must include + `...\STEALTHbits\StealthAUDIT\FSAA\...` + + For example: + + ``` + msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=SYSTEM PRODUCTDIR="E:\STEALTHbits\StealthAUDIT\FSAA" + ``` + +The SPN value is automatically added to the computer object in Active Directory with this option. + +## Option 2: Run as a Service Account + +Follow the steps to install the File System Proxy Service on the targeted proxy servers with a +silent installer. + +**Step 1 –** Copy the `FileSystemProxy.exe` executable to the desktop of the server designated as +the proxy server. + +**Step 2 –** Run the following command: + +``` +msiexec /i FileSystemProxy.msi /qb /l*v install.log SVC_ACCOUNT_TYPE=DOMAIN SVC_USERNAME=DOMAIN\USERNAME SVC_PASSWORD="secret" +``` + +- `DOMAIN\USERNAME` – The service account credentials, which need to be a member the Local + Administrators group and have the**Log on as a service** local policy  (**Local Policies** > + **User Rights Assignment**) +- `secret` – The password for the credentials provided above (within quotes) + +- To add a non-default install directory, append `PRODUCTDIR="[path]"` to the command. + + - `path` – The path to the desired installation directory and must include + `...\STEALTHbits\StealthAUDIT\FSAA\...` + + For example: + + ``` + msiexec /i FileSystemProxy.msi/qb /l*v install.log SVC_ACCOUNT_TYPE=DOMAIN SVC_USERNAME=DOMAIN\USERNAME SVC_PASSWORD="secret" PRODUCTDIR="E:\STEALTHbits\StealthAUDIT\FSAA" + ``` diff --git a/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/troubleshooting.md b/docs/accessanalyzer/12.0/install/filesystemproxy/troubleshooting.md similarity index 100% rename from docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/troubleshooting.md rename to docs/accessanalyzer/12.0/install/filesystemproxy/troubleshooting.md diff --git a/docs/accessanalyzer/12.0/install/filesystemproxy/uninstall.md b/docs/accessanalyzer/12.0/install/filesystemproxy/uninstall.md new file mode 100644 index 0000000000..928a0b188d --- /dev/null +++ b/docs/accessanalyzer/12.0/install/filesystemproxy/uninstall.md @@ -0,0 +1,19 @@ +# Uninstall Proxy Service Process + +The process to properly uninstall the File System Proxy Service is completed through the +uninstalling of the Access Analyzer File System Scanning Proxy program. + +**Step 1 –** Open Control Panel and select **Programs** > **Uninstall a program**. + +![Programs and Features](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/uninstall.webp) + +**Step 2 –** Select Netwrix Access Analyzer (formerly Enterprise Auditor) File System Scanning Proxy +and click **Uninstall**. + +**NOTE:** If the installation was configured to use the LocalSystem account to run the RPC service +the two SPN values are removed for that machine in Active Directory. If the service is running with +a supplied account, the SPN values would need to be manually removed for that machine in Active +Directory (unless the uninstall was completed as part of the +[Upgrade Proxy Service Procedure](/docs/accessanalyzer/12.0/install/filesystemproxy/upgrade.md)). + +When the uninstall process is complete, this program is removed from the list. diff --git a/docs/accessanalyzer/12.0/install/filesystemproxy/upgrade.md b/docs/accessanalyzer/12.0/install/filesystemproxy/upgrade.md new file mode 100644 index 0000000000..8b1e7a1a46 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/filesystemproxy/upgrade.md @@ -0,0 +1,59 @@ +# Upgrade Proxy Service Procedure + +When the Access Analyzer Console and File System Solution are upgraded, it is necessary to also +upgrade the File System Proxy Service when running Access Analyzer in Proxy Mode as a Service. This +upgrade can be done in two ways: + +- Automatically – An instant job within the Access Analyzer Console +- Manually – On each server hosting the proxy service + +**CAUTION:** When upgrading the Proxy Service to 11.6 from a previous version for the first time, +you must manually uninstall the previous version and follow the [Manual Upgrade](#manual-upgrade) +steps below. Subsequent 11.6 upgrades can be done using the automatic upgrade option. + +**NOTE:** If you have the old Netwrix Sensitive Data Discovery Add-On installed, you must uninstall +it before continuing with this upgrade. For Access Analyzer 12.0, Sensitive Data Discovery is +installed as part of the main installation if your license includes it. + +## Automatic Upgrade + +The **FS_UpdateProxy** Job is available through the Instant Job Wizard. This job updates the File +System Proxy Service on all servers in the assigned host list. Follow the steps to instantiate this +job. + +**Step 1 –** Within the **Jobs** tree, right-click and select **Add Instant Job**. The Instant Job +Wizard window opens. + +**Step 2 –** On the Welcome page, click **Next**. + +![FS_UpdateProxy Job in the Instant Job Wizard](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/updateproxyinstantjob.webp) + +**Step 3 –** On the Instant Job page, locate the **Library Name: File System** category group. +Expand the category and select the **FS_UpgradeProxy** Job. Click **Next**. + +**Step 4 –** On the Host Assignment page, select the **Specify individual hosts or host lists** +option and click **Next**. + +**Step 5 –** On the Host Lists page, assign the host lists containing the proxy servers to be +updated . Multiple host lists can be added. Click Next. + +**Step 6 –** On the Individual Hosts page, click **Next**. + +**Step 7 –** Review the Summary and click either **Save & Exit** or **Save & Run Jobs Now**. + +The proxy does not update until the job is run. Once successfully ran, the servers in the assigned +host lists have been updated. + +## Manual Upgrade + +Follow the steps on the servers hosting the File System Proxy Service. + +![Programs and Features](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/uninstall.webp) + +**Step 1 –** Navigate to Programs and Features (**Control Panel** > **Programs** > **Programs and +Features**). Uninstall the previous version of Access Analyzer File System Scanning Proxy. + +**Step 2 –** Install the new version of the File System Proxy Service. See the +[File System Proxy Service Installation](/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md) topic for instructions. + +The File System Solution can now use the proxy architecture for the latest version of the solution. diff --git a/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md b/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md new file mode 100644 index 0000000000..e4b5fb2d63 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md @@ -0,0 +1,134 @@ +# File System Proxy Service Installation + +The File System Proxy installer is designed to simplify the process of setting up File System +Scanning Proxy as a service on the designated proxy server. It is a best practice to use a +specifically provisioned domain account as the File System Proxy service account. Follow the steps +to install the FSAA service on the targeted proxy servers. + +**Step 1 –** Run the `FileSystemProxy.exe` executable. The Netwrix Access Analyzer (formerly +Enterprise Auditor) File System Scanning Proxy Setup wizard opens. + +![File System Proxy Setup Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/welcome.webp) + +**Step 2 –** On the Welcome page, click **Next** to begin the installation. + +![File System Proxy Setup Wizard End-User License Agreement page](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/eula.webp) + +**Step 3 –** On the End-User License Agreement page, select the **I accept the terms in the License +Agreement** checkbox and click **Next**. + +![File System Proxy Setup Wizard Destination Folder page](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/destination.webp) + +**Step 4 –** On the Destination Folder page, click **Next** to install to the default folder or +click **Change** to select a different location. Clicking **Change** opens the Change destination +folder page. + +![File System Proxy Setup Wizard Change destination folder page](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/changedestination.webp) + +On the Change destination folder page, choose a different destination folder for the installation. + +- Look in – Select which folder or sub-folder to complete installation in using the Look in + drop-down +- Up one level – Click the Up one level button to select the folder one level above the currently + selected one +- Create a new folder – Click to create a new folder for the destination of the installation + +Click **OK** to save changes or click **Cancel** to return to the Destination Folder page without +saving. + +![File System Proxy Setup Wizard Configure Service page](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/configureservice.webp) + +**Step 5 –** On the Configure Service page, configure the credential to run the service using the +radio buttons. Then, click **Next**. + +- Run as LocalSystem – Uses the local system to run the File System Proxy service +- Run as a service account – Uses the provisioned credentials provided in the **User Name** and + **Password** fields to run the File System Proxy service. Remember, this account must be a local + Administrator on the proxy server and have the Log on as a service privilege in the proxy server's + Local Security Policy. + +![File System Proxy Setup Wizard Ready to install page](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/ready.webp) + +**Step 6 –** On the Ready to install page, click **Install** to start installation. + +![File System Proxy Setup Wizard Completed page](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/complete.webp) + +**Step 7 –** When the installation completes, click **Finish** to exit the wizard. + +**NOTE:** If the File System Proxy Service is installed on multiple servers, then a custom host list +of proxy servers should also be created in Netwrix Access Analyzer (formerly Enterprise Auditor). + +Once the File System Proxy Service has been installed on any proxy server, it is necessary to +configure the File System Solution certificate exchange method for Proxy Mode as a Service. See the +[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/certificatemanagement.md) +topic for additional information. + +## Custom Parameters for File System Proxy Service + +The port and priority parameters can be modified for the File System Proxy Service on the registry +key: + +HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\StealthAUDITFSAA\ImagePath + +- Port parameter – Only needs to be added to the registry key value if a custom port is used. The + default port of 8766 does not need to be set as a parameter + - Append `-e [PORT NUMBER]` to the ImagePath key value +- Priority parameter – Can be modified so that the service runs as a background priority, which may + be desired if the service has been installed directly on a file server + + - Append `-r 0` to the ImagePath key value + + **NOTE:** If both parameters are added, there is no required order. + + **_RECOMMENDED:_** Stop the Netwrix Access Analyzer (formerly Enterprise Auditor) FSAA Proxy + Scanner service before modifying the registry key. + +Follow the steps to configure these service parameters. + +![Netwrix Enterprise Auditor FSAA Proxy Scanner service in the Services Management Console](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/service.webp) + +**Step 1 –** After installing the File System Proxy Service, open Services Management Console +(`services.msc`). To stop the service, right-click on the Netwrix Access Analyzer (formerly +Enterprise Auditor) FSAA Proxy Scanner service and select **Stop**. + +![File System Proxy ImagePath registry key in the Registry Editor](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/regedit.webp) + +**Step 2 –** Open Registry Editor (`regedit`) and navigate to the following registry key: + +HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\StealthAUDITFSAA\ImagePath + +**Step 3 –** Right-click on the **ImagePath** key and select **Modify**. The Value data was set +during installation according to the installation directory location selected. + +- Priority set to background priority: + - Add `-r 0` to the end of the path value +- Custom Port: + + - Add `-e [PORT NUMBER]` number to the end of the path value + + Example with Port number 1234: + + C:\Program Files (x86)\STEALTHbits\StealthAUDIT\FSAA\StealthAUDITRPC.EXEFSAASrv.DLL -e 1234 + + **NOTE:** The port number needs to be added to the path only if a custom port is used. + +**Step 4 –** Click **OK** and close Registry Editor. + +**Step 5 –** Return to the Services Management Console and start the Netwrix Access Analyzer +(formerly Enterprise Auditor) FSAA Proxy Scanner service. Close the Services Management Console. + +![Port number on File System Access Auditor Data Collector Wizard Applet Settings page](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/dcwizardportnumber.webp) + +**Step 6 –** In the Access Analyzer Console, navigate to the **FileSystem** > **0.Collection** > +**[Job]** > **Configure** > **Queries** node and open the File System Access Auditor Data Collector +Wizard. On the Applet Settings wizard page, change the **Port number** to the custom port. + +**NOTE:** See the +[File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/12.0/install/filesystemproxy/configuredatacollector.md) +section for additional configurations required to run scans in proxy mode as a service. + +**Step 7 –** Repeat the previous step for each of the **FileSystem** > **0.Collection** jobs to +employ this proxy service. + +The custom port identified is now used for communication between the File System Proxy Service and +Access Analyzer. diff --git a/docs/accessanalyzer/12.0/install/overview.md b/docs/accessanalyzer/12.0/install/overview.md new file mode 100644 index 0000000000..8d4dfff7ec --- /dev/null +++ b/docs/accessanalyzer/12.0/install/overview.md @@ -0,0 +1,31 @@ +# Installation + +The following sections provide instructions for installing and upgrading Netwrix Access Analyzer +(formerly Enterprise Auditor) and other related components. + +## Access Analyzer + +This section provides instructions for installing Access Analyzer and the initial configuration +required when first launching the Access Analyzer Console. It also includes additional information, +such as how to secure the Access Analyzer Database, and configuring the Web Console for viewing +reports outside of the Access Analyzer Console. + +See the [Installation & Configuration Overview](/docs/accessanalyzer/12.0/install/application/overview.md) topic for additional +information. + +## File System Proxy Service + +The File System Solution can be enabled to use proxy servers for scanning targeted file systems in +very large or widely dispersed environments. The File System Proxy installer is designed to simplify +the process of setting up File System Scanning Proxy as a service on the designated proxy server. + +See the [File System Proxy as a Service Overview](/docs/accessanalyzer/12.0/install/filesystemproxy/overview.md) topic for additional +information. + +## SharePoint Agent + +The SharePoint Agent is capable of auditing permissions and content, or Access Auditing (SPAA) and +Sensitive Data Discovery Auditing, on SharePoint servers. + +See the [SharePoint Agent Installation](/docs/accessanalyzer/12.0/install/sharepointagent/overview.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/install/sharepointagent/overview.md b/docs/accessanalyzer/12.0/install/sharepointagent/overview.md new file mode 100644 index 0000000000..e0d7cfd455 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/sharepointagent/overview.md @@ -0,0 +1,30 @@ +# SharePoint Agent Installation + +The SharePoint Agent is capable of auditing permissions and content, or Access Auditing (SPAA) and +Sensitive Data Discovery Auditing, on SharePoint servers. + +This topic provides information on the installation and upgrade processes of the SharePoint Agent. +It also provides information on the permissions needed by the service account used to run the Access +Auditing (SPAA) and Sensitive Data Discovery Auditing scans against the targeted SharePoint +environment. + +For information on the required prerequisites and permissions, see the +[SharePoint Agent Permissions](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentpermissions.md) topic. + +The version of the SharePoint Agent must also match the major version of Access Analyzer. See the +[What's New](/docs/accessanalyzer/12.0/whatsnew.md) topic for additional information. + +## Supported Platforms + +The SharePoint Agent for the Access Analyzer SharePoint & SharePoint Online Solution can be +installed on the following SharePoint versions as targeted environments: + +- SharePoint® 2019 +- SharePoint® 2016 +- SharePoint® 2013 + +## Sensitive Data Discovery Auditing Consideration + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). diff --git a/docs/accessanalyzer/12.0/install/sharepointagent/upgrade.md b/docs/accessanalyzer/12.0/install/sharepointagent/upgrade.md new file mode 100644 index 0000000000..c6013b0f45 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/sharepointagent/upgrade.md @@ -0,0 +1,18 @@ +# Upgrade SharePoint Agent + +Follow the steps to upgrade the SharePoint Agent. + +![Windows Control Panel Uninstall or change a program window](/img/product_docs/accessanalyzer/12.0/install/sharepointagent/uninstall.webp) + +**Step 1 –** From Programs and Features (**Control Panel** > **Programs** > **Programs and +Features**), uninstall the previous version of SharePoint Agent. + +**NOTE:** If you have the old Netwrix Sensitive Data Discovery Add-On installed, you must uninstall +it before continuing with this upgrade. For Access Analyzer 12.0, Sensitive Data Discovery is +installed as part of the main installation if your license includes it. + +**Step 2 –** Install the new version of the SharePoint Agent. See the +[Installing the SharePoint Agent](/docs/accessanalyzer/12.0/install/sharepointagent/wizard.md) topic for instructions. + +Now that the SharePoint Agent has been upgraded, it can be used by the SharePoint Solution. See the +[SharePoint Solution](/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/install/sharepointagent/wizard.md b/docs/accessanalyzer/12.0/install/sharepointagent/wizard.md new file mode 100644 index 0000000000..349e4c7f99 --- /dev/null +++ b/docs/accessanalyzer/12.0/install/sharepointagent/wizard.md @@ -0,0 +1,49 @@ +# Installing the SharePoint Agent + +The installer will prompt for credentials which are used to set the identity that the SharePoint +Access Auditor Agent service runs as. The agent service does no additional impersonation, so this is +the account used to connect to and enumerate SharePoint. The service account credentials provided +need to be a member of the Log on as a service local policy. Additionally, the credentials provided +for Step 5 should also be a part of the Connection Profile used by the SharePoint Solution within +the Access Analyzer Console. See the +[SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) topic for detailed +permission information. + +Follow the steps to install the SharePoint Agent on the application server which hosts the Central +Administration component of the targeted SharePoint farms. + +**Step 1 –** Run the `SharePointAgent.exe` executable to open the Netwrix Access Analyzer (formerly +Enterprise Auditor) SharePoint Agent Setup Wizard. + +![SharePoint Agent Setup Wizard Welcome page](/img/product_docs/accessanalyzer/12.0/install/sharepointagent/welcome.webp) + +**Step 2 –** On the Welcome page, click **Next** to begin the installation. + +![SharePoint Agent Setup Wizard End-User License Agreement page](/img/product_docs/accessanalyzer/12.0/install/sharepointagent/eula.webp) + +**Step 3 –** On the End-User License Agreement page, select the **I accept the terms in the License +Agreement** checkbox and click **Next**. + +![SharePoint Agent Setup Wizard Destination Folder page](/img/product_docs/accessanalyzer/12.0/install/sharepointagent/destination.webp) + +**Step 4 –** On the Destination Folder page, click **Next** to install to the default folder or +click **Change** to select a different location. + +![SharePoint Agent Setup Wizard Configure Service Security page](/img/product_docs/accessanalyzer/12.0/install/sharepointagent/configureservice.webp) + +**Step 5 –** On the Configure Service Security page, enter the **User Name** and **Password** for +the SharePoint Service Account. Click **Next**. + +![SharePoint Agent Setup Wizard Ready to install page](/img/product_docs/accessanalyzer/12.0/install/sharepointagent/ready.webp) + +**Step 6 –** On the Ready to install Netwrix Access Analyzer (formerly Enterprise Auditor) +SharePoint Agent page, click **Install** to start the installation. + +![SharePoint Agent Setup Wizard Completed page](/img/product_docs/accessanalyzer/12.0/install/sharepointagent/completed.webp) + +**Step 7 –** When the installation has completed, click **Finish** to exit the wizard. + +Now that the SharePoint Agent has been installed on the appropriate application server, it can be +used by the SharePoint Solution. See the +[SharePoint Solution](/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md) topic for instructions on enabling +agent service scans on the Agent Settings page. diff --git a/docs/accessanalyzer/12.0/overview.md b/docs/accessanalyzer/12.0/overview.md index 1683932530..10ff48c7f8 100644 --- a/docs/accessanalyzer/12.0/overview.md +++ b/docs/accessanalyzer/12.0/overview.md @@ -33,7 +33,7 @@ accessed by other Access Analyzer solutions and the Netwrix Access Information C This is a core solution available to all Access Analyzer users. -See the [.Active Directory Inventory Solution](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/overview.md) topic +See the [.Active Directory Inventory Solution](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.md) topic for additional information. ### .Entra ID Inventory Solution @@ -72,7 +72,7 @@ The Active Directory Solution is designed to provide the information every admin regarding Active Directory configuration, operational management, troubleshooting, analyzing effective permissions, and tracking who is making what changes within your organization. -See the [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/active-directory/overview.md) topic for additional +See the [Active Directory Solution](/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md) topic for additional information. ### Active Directory Permissions Analyzer Solution @@ -82,7 +82,7 @@ effective permissions applied to any and all Active Directory objects, at any sc the most authoritative view available of who has access to what in Active Directory. See the -[Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/12.0/solutions/active-directory-permissions-analyzer/overview.md) +[Active Directory Permissions Analyzer Solution](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/overview.md) topic for additional information. ### Amazon Web Services Solution @@ -101,7 +101,7 @@ regarding Microsoft Entra ID configuration, operational management, and trouble within this group help pinpoint potential areas of administrative and security concerns related to Microsoft Entra ID users and groups, including syncing with on-premises Active Directory. -See the [Entra ID Solution](/docs/accessanalyzer/12.0/solutions/entra-id/overview.md) topic for additional information. +See the [Entra ID Solution](/docs/accessanalyzer/12.0/solutions/entraid/overview.md) topic for additional information. ### Box Solution diff --git a/docs/accessanalyzer/12.0/remaining_broken_links.txt b/docs/accessanalyzer/12.0/remaining_broken_links.txt deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/docs/accessanalyzer/12.0/reporting/chart-wizard/chart-format.md b/docs/accessanalyzer/12.0/reporting/chart-wizard/chart-format.md deleted file mode 100644 index a965e70093..0000000000 --- a/docs/accessanalyzer/12.0/reporting/chart-wizard/chart-format.md +++ /dev/null @@ -1,31 +0,0 @@ -# Chart Format - -The Chart Format page of the Chart Configuration wizard is where you can select the chart type and -configure additional format options. - -![Chart Configuration wizard Chart Format page](/img/product_docs/accessanalyzer/admin/report/chartwizard/chartformat.webp) - -The Chart Format page has the following options: - -- Element Title – Enter a title for the element in the text box. This will be displayed in the - element's header on the generated report. It can contain characters, numbers, or both. -- Select the type of chart you want to build – Select the chart type using the dropdown from the - following options: - - - Area – Shaded region beneath line to indicate a group’s proportion within a column - - Bar – Horizontal rectangles that represent discrete units of measurement - - Column – Vertical bar chart - - Line – Vertical line chart - - Pie – Circular statistical graphic that demonstrates numerical proportion. First grouped - column can be numeric or string, but the second column should always be numeric. - - Stacked – Consolidated bar chart for comparing values - -- Show Data Labels – Select this option to show data labels on the generated chart -- Limit the number of data points – Select this option to limit the number of data points displayed - on the chart to the specified number. The default limit value is 20 for pie charts and 150 for all - other chart types. You can customize this value, but the value must not exceed the default value - for the chart type. If a value greater than the default is entered, then the value automatically - resets back to the default. - -Once you have configured the options as required, click **Next** to proceed to the Data Source page. -See the [Data Source](/docs/accessanalyzer/12.0/reporting/chart-wizard/data-source.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/reporting/chart-wizard/configure.md b/docs/accessanalyzer/12.0/reporting/chart-wizard/configure.md deleted file mode 100644 index d970f7acf1..0000000000 --- a/docs/accessanalyzer/12.0/reporting/chart-wizard/configure.md +++ /dev/null @@ -1,118 +0,0 @@ -# Configure - -The Configure page of the Chart Configuration wizard allows you to configure the chart as required. -The page consist of two tabs, Chart Configuration and Data Preview. - -## Chart Configuration - -The Chart Configuration tab is split into three sections, label column selection, series -configuration, and a chart preview. Use this tab to configure the columns from the data source to be -shown in the chart. - -![Chart Configuration wizard Configure page](/img/product_docs/accessanalyzer/admin/analysis/configure.webp) - -The left side shows all the columns from the data source table that can be used for the label axis. -For example, the label column is the x-axis on a line chart and the y-axis on a bar chart. Select -the checkbox of the desired label column from the list. You can use the search bar to filter this -list of columns. - -If a datetime label column has been selected, you can optionally select a transformation function -using the dropdown menu. Transformation functions group the column data by the selected function and -the function is then used as the label. The possible transformation functions are Day, Month, or -Year. - -The table on the right is where the data series are configured. For configured data series, the -table displays the series type (XAxis, YAxis, or DataValue), column name, aggregation function, -friendly alias name, and legend color. Use the buttons above the table to add new or configure -existing data series. The following options are available: - -- Add – Opens the Add new series window to configure a new data series. See the - [Add New Series / Edit Series Window](#add-new-series--edit-series-window) topic for additional - information. -- Remove – Removes the selected data series from the chart -- Edit – Opens the Edit series window for the selected series. See the - [Add New Series / Edit Series Window](#add-new-series--edit-series-window) topic for additional - information. -- Color Picker – Available only for pie charts. Opens the Pie slices color window, which allows you - to customize the color for each slice of the pie chart. On the Pie slices color window: - - - Select the row of the desired value to customize and click **Change Color** - - Use the color picker to choose the desired color, then click **OK** - - Repeat for each color you want to customize - - Click **OK** to save your selections and close the Pie slices color window, or click - **Cancel** to close the window without changing the colors - -At the bottom of the page is a preview of the chart as it is currently configured using the -available data. See the [Chart Preview](#chart-preview) topic for additional information. -Additionally, you can see a preview of the source data table in the Data Preview tab. See the -[Data Preview](#data-preview) topic for additional information. - -Once you have finished configuring the chart, click **Finish** to close the wizard. You are returned -to the Widgets page of the Report Configuration wizard, where the newly configured chart is shown. -You must complete the Report Configuration wizard to save the chart on the report. See the -[Widgets Page](/docs/accessanalyzer/12.0/reporting/wizard/widgets.md) topic for additional information. - -### Add New Series / Edit Series Window - -The Add new series and Edit series windows allow you to configure the data series of the chart. The -appropriate window is opened by clicking **Add** to create a new series, or by selecting an existing -series and clicking **Edit**. - -![Add new series window](/img/product_docs/accessanalyzer/admin/report/chartwizard/addnewseries.webp) - -These windows contain the following options for the data series: - -- Column table – This table displays the available columns in the source table that are not - currently selected in a series for the chart. Select the checkbox for column that contains the - data for the series. You can use the search bar to filter the list of columns. - - **NOTE:** The other options on the window are disabled until a column is selected. - -- Select a function to aggregate the column by – Use the drop-down to select an aggregation - function. The available options vary depending on the column selected. The possible options are: - - - None - - Average - - Count - - Count Distinct - - Maximum - - Minimum - - Sum - -- Provide a friendly name for the column in the legend – If an alias name is provided here, it is - displayed on the chart instead of the column name -- Select a color for this series – Click **Change** to open the color picker to customize the color - for the series - -Click **OK** on the window to save the new or modified series, or click **Cancel** to close the -window without saving. - -### Chart Preview - -At the bottom of the page a preview of the currently configured chart is displayed. - -![Chart preview](/img/product_docs/accessanalyzer/admin/report/chartwizard/configurechartpreview.webp) - -If the configuration is incomplete or invalid, a message with instructions to fix the configuration -is displayed in the preview window instead. The following are possible messages and scenarios that -would cause them: - -| Message | Scenario | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Following is the minimum requirement to generate preview: - From columns(left side) above, select at least one label column. - From series(right side) above, configure at least one series column. | - Series column not configured - Series with function and no label selected - None selected | -| Following is the minimum requirement to generate preview with the transformation function: - From columns(left side) above, select only one column of type Datetime. - From series(right side) above, configure all the series column with an aggregate function. | - Transformation function enabled with multiple label columns selected - Transformation function enabled but no aggregate function configured - Transformation function enabled, but no Datetime column selected | -| Following series should be configured with a function | - The transformation function is enabled but no aggregate function is configured for the series | - -## Data Preview - -The Data Preview tab allows you to see and customize the data that is to be shown in the chart. - -![Data Preview tab](/img/product_docs/accessanalyzer/admin/report/chartwizard/configuredatapreview.webp) - -The buttons above the column names provide you the following options for configuring the table -arrangement: - -- Filter Editor – Opens the Filter Editor which allows you to add custom filters with conditional - statements and logical connectives -- Best Fit (all columns) –  Adjusts the width of the columns to display all the data within the - cells diff --git a/docs/accessanalyzer/12.0/reporting/chart-wizard/data-source.md b/docs/accessanalyzer/12.0/reporting/chart-wizard/data-source.md deleted file mode 100644 index be8a271229..0000000000 --- a/docs/accessanalyzer/12.0/reporting/chart-wizard/data-source.md +++ /dev/null @@ -1,24 +0,0 @@ -# Data Source - -On the Data Source page of the Chart Configuration wizard configure the data source for the chart. - -![Chart Configuration wizard Data Source page](/img/product_docs/accessanalyzer/admin/report/chartwizard/datasource.webp) - -In order to generate results, a location must first be selected as the source of the data. The table -on this wizard page contains a list of tables and views within Access Analyzer from jobs that have -been executed. Select the required data source from the table. - -You can use the search bar located above the table to easily find a desired table. The **Limit -selection to tables from the current job**option limits the displayed data to tables from the -current job. This option is selected by default. You can clear the option to widen the available -data to all jobs. - -There are the following additional data source options: - -- Show data from all instances – Select this option to display data from all Access Analyzer data - jobs -- Show historical data – If there is historical data, selecting this option displays all - collections. It is keyed off of the Jobruntimekey column. - -Once you have selected the data source, click **Next** to proceed to the Configure page. See the -[Configure](/docs/accessanalyzer/12.0/reporting/chart-wizard/configure.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/reporting/chart-wizard/overview.md b/docs/accessanalyzer/12.0/reporting/chart-wizard/overview.md deleted file mode 100644 index bf5a55a8ac..0000000000 --- a/docs/accessanalyzer/12.0/reporting/chart-wizard/overview.md +++ /dev/null @@ -1,15 +0,0 @@ -# Chart Configuration Wizard - -The Chart Configuration wizard allows you to configure the charts that display on reports. The -wizard opens when you select to configure a Chart widget from the Widgets page of the Report -Configuration Wizard. See the [Widgets Page](/docs/accessanalyzer/12.0/reporting/wizard/widgets.md) topic for additional information. - -The Chart Configuration wizard consists of three pages: - -- [Chart Format](/docs/accessanalyzer/12.0/reporting/chart-wizard/chart-format.md) -- [Data Source](/docs/accessanalyzer/12.0/reporting/chart-wizard/data-source.md) -- [Configure](/docs/accessanalyzer/12.0/reporting/chart-wizard/configure.md) - -Once you have finished configuring the chart, click **Finish** to close the wizard. You are returned -to the Widgets page of the Report Configuration wizard, where the newly configured chart is shown. -You must complete the Report Configuration wizard to save the chart on the report. diff --git a/docs/accessanalyzer/12.0/reporting/cleanup.md b/docs/accessanalyzer/12.0/reporting/cleanup.md deleted file mode 100644 index 81d4debda4..0000000000 --- a/docs/accessanalyzer/12.0/reporting/cleanup.md +++ /dev/null @@ -1,40 +0,0 @@ -# Report Cleanup when Deleting a Job or Job Group - -When deleting a job or job group, the Delete Job and Delete Group wizards allow you to delete any -published reports contained in the jobs that are being deleted. Follow the steps to delete a job or -job group that contains published reports. - -**CAUTION:** Deleted objects cannot be restored. - -![Delete Group on right-click menu](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -**Step 1 –** In the Jobs tree, right-click on the job or group that you want to delete and select -**Delete Job/Group**. - -![Delete Group wizard page](/img/product_docs/accessanalyzer/admin/report/deletegroup.webp) - -**Step 2 –** On the Delete Job/Group page of the wizard, confirm it shows the correct job or group -that you want to delete, then click **Next**. - -**NOTE:** If there are no published reports, clicking **Next** starts the deletion (skip to step 4). - -![Delete Published Reports wizard page](/img/product_docs/accessanalyzer/admin/report/reporttree.webp) - -**Step 3 –** The Delete Published Reports page of the wizard shows the tree of published reports. -Select the checkboxes next to all the reports you want to delete. You can also select reports by job -group or job. Click **Next** to proceed with the deletion. - -![Progress wizard page](/img/product_docs/accessanalyzer/install/application/upgrade/progress.webp) - -**Step 4 –** The Progress page shows you the status of the deletion process. When it has completed, -click **Finish** to exit the wizard. - -The job or job group and all of the selected published reports have been deleted. If you chose not -to delete any of the published reports contained in any of the deleted jobs, then those remaining -reports can still be viewed in the Web Console, even though the parent has been removed from the -Access Analyzer Console. - -![Delete Published Reports page with a report from previous deletion](/img/product_docs/accessanalyzer/admin/report/reportfrompreviousdeletion.webp) - -The remaining published reports that weren't deleted are shown in the wizard if you are deleting the -parent group of the previously deleted job or group. diff --git a/docs/accessanalyzer/12.0/reporting/create.md b/docs/accessanalyzer/12.0/reporting/create.md deleted file mode 100644 index d60ce5cb55..0000000000 --- a/docs/accessanalyzer/12.0/reporting/create.md +++ /dev/null @@ -1,70 +0,0 @@ -# Creating a Report - -Creating and customizing reports allows you to design outputs uniquely crafted to your requirements. -Reports can vary by section order, sourced data, file format, and other elements within the reports -configuration. - -You can add additional reports by the following methods: - -- [Create a Custom Report](#create-a-custom-report) -- [Copy an Existing Report](#copy-an-existing-report) - -**NOTE:** It is important to consider whether a report should be added to an existing job, or a new -job created to generate the report. Contact [Netwrix Support](https://www.netwrix.com/support.html) -for additional information on report outputs. - -## Create a Custom Report - -You can create a new custom report for an existing job from the job’s Reports node. Follow the steps -to create a new report. - -**Step 1 –** Navigate to **Jobs** > **[Job]** > **Configure** and select the **Reports** node. - -![Create report option](/img/product_docs/threatprevention/threatprevention/eperestsite/create.webp) - -**Step 2 –** On the Reports page, click Create. - -**Step 3 –** The Report Configuration wizard is automatically launched. Use the wizard to configure -the new report as required, see the [Report Configuration Wizard](/docs/accessanalyzer/12.0/reporting/wizard/overview.md) topic for -instructions. Click **Finish** on the final page of the wizard to create the report. - -The new report is added to the Reports table. - -![Generate report](/img/product_docs/accessanalyzer/admin/report/generate.webp) - -**Step 4 –** Click the vertical ellipsis menu next to the report and select Generate. - -The report is now created. To access the new report, see the [Viewing Generated Reports](/docs/accessanalyzer/12.0/reporting/view.md) -topic. - -## Copy an Existing Report - -You can create a new report by copying an existing report and pasting it in a job’s Reports node. -You can then optionally customize the report as required. Follow the steps to create a copy of an -existing report. - -![Copy Report](/img/product_docs/accessanalyzer/admin/navigate/copy.webp) - -**Step 1 –** Navigate to the Reports node where the desired report to copy is located. Click the -vertical ellipsis menu next to the report and select Copy. - -![Paste Report](/img/product_docs/accessanalyzer/admin/navigate/paste.webp) - -**Step 2 –** Navigate to the Reports node in the desired destination for the new report. Click the -vertical ellipsis menu in the header row of the Reports table and select Paste. - -The copy of the report is added to the Reports table. Reports that are copied maintain the same -configuration settings as the original report. - -**NOTE:** If the report copied to the job’s Reports node has the same name as an existing report, -the copied report adds a numerical value to the name sequentially. For example if the existing -report is named Exceptions Summary, then the new report is named `Exceptions Summary1`. - -**Step 3 –** (Optional) Click the **Configure** button next to the report. Use the Report -Configuration wizard to modify the reports settings. See the -[Report Configuration Wizard](/docs/accessanalyzer/12.0/reporting/wizard/overview.md) topic for instructions. - -**Step 4 –** Click the vertical ellipsis menu next to the report and select Generate. - -The report is now created. To access the new report, see the [Viewing Generated Reports](/docs/accessanalyzer/12.0/reporting/view.md) -topic. diff --git a/docs/accessanalyzer/12.0/reporting/edit.md b/docs/accessanalyzer/12.0/reporting/edit.md deleted file mode 100644 index a2cef3a95d..0000000000 --- a/docs/accessanalyzer/12.0/reporting/edit.md +++ /dev/null @@ -1,27 +0,0 @@ -# Editing Existing Reports - -It is not recommended to edit existing reports unless there are changes to a job’s settings at the -global level, job group level, or job level. Changes to when data is collected, the types of data -collected, and the properties of collected data are not reflected in a report’s configuration. As a -result, generated reports could appear with blank fields or misleading information about the purpose -of the collected data, unless the report is modified to reflect the changes to the job's settings. -To modify a report, use the Report Configuration Wizard. - -Follow the steps to modify an existing report. - -**Step 1 –** Navigate to the Reports node that contains the report. - -![Configure Report](/img/product_docs/accessanalyzer/admin/analysis/configure.webp) - -**Step 2 –** Click the **Configure** button next to the report you want to modify. - -**Step 3 –** Use the Report Configuration wizard to make any required changes. See the -[Report Configuration Wizard](/docs/accessanalyzer/12.0/reporting/wizard/overview.md) topic for instructions. - -- You must go through all pages of the wizard, and click **Finish** on the final page to save your - changes. Skip any sections or pages that do not require changes to the existing configuration. You - can click **Cancel** on any page to exit the wizard without saving your changes. - -Your configuration updates have been saved. To view the updated report you need to first generate -the report or run it's associated job. See the [Viewing Generated Reports](/docs/accessanalyzer/12.0/reporting/view.md) topic for -additional information. diff --git a/docs/accessanalyzer/12.0/reporting/interactive-grids/copying-cells.md b/docs/accessanalyzer/12.0/reporting/interactive-grids/copying-cells.md deleted file mode 100644 index 0078957e2a..0000000000 --- a/docs/accessanalyzer/12.0/reporting/interactive-grids/copying-cells.md +++ /dev/null @@ -1,12 +0,0 @@ -# Copying Cells - -Copying an individual cell within a generated report enables easier searching for information using -the AIC or other tools. The copy feature can only be used on interactive grids. Each cell listed -under a column can be selected and copied to the clipboard. - -![Copy Cell Data](/img/product_docs/accessanalyzer/admin/report/interactivegrids/copycell.webp) - -To copy a cell, select the cell, then right-click on it and select **Copy Cell Data**. - -**NOTE:** You may need to allow programmatic clipboard access for your browser the first time you -attempt to copy a cell. diff --git a/docs/accessanalyzer/12.0/reporting/interactive-grids/grouping.md b/docs/accessanalyzer/12.0/reporting/interactive-grids/grouping.md deleted file mode 100644 index 1692c5c81c..0000000000 --- a/docs/accessanalyzer/12.0/reporting/interactive-grids/grouping.md +++ /dev/null @@ -1,15 +0,0 @@ -# Grouping Data - -If grouping is enabled, the **Group by** field provides a drop-down list of categories by which the -data can be grouped. - -**NOTE:** Grouping and filtering cannot be enabled at the same time. If grouping is enabled, the -Filter icon is disabled in the report. - -The following example shows an interactive grid in which grouping has been enabled. See the -[Grid](/docs/accessanalyzer/12.0/reporting/wizard/widgets.md#grid) topic for additional information. - -![Group by option](/img/product_docs/accessanalyzer/admin/report/interactivegrids/groupby.webp) - -The drop-down list to the right of the Group by field can be accessed by clicking the down arrow. -Click an item from the drop-down list to group the report by that category. diff --git a/docs/accessanalyzer/12.0/reporting/interactive-grids/overview.md b/docs/accessanalyzer/12.0/reporting/interactive-grids/overview.md deleted file mode 100644 index cf684e5c86..0000000000 --- a/docs/accessanalyzer/12.0/reporting/interactive-grids/overview.md +++ /dev/null @@ -1,28 +0,0 @@ -# Interactive Grids - -Interactive grids in the table section of a report provide the ability to interact with the data and -filter it as required. Interactive grids allow you to perform the following actions: - -- Group data -- Search and filter data -- Paging -- Download data to a CSV file - -![Interactive Grid actions bar](/img/product_docs/accessanalyzer/admin/report/interactivegrids/interactivegridoptions.webp) - -The toolbar in an interactive grid can display the following options: - -- Filter icon – Click this icon to activate searching and filter the data -- Group by – Provides a drop-down list of available categories to select for grouping. When grouping - is enabled, searching is disabled. -- Up arrow and down arrow – Click to expand or collapse the groups -- Download Data – Click to download all data to a CSV file. This option is displayed when the - **Export table data as CSV** checkbox has been selected for the report, see the - [Grid](/docs/accessanalyzer/12.0/reporting/wizard/widgets.md#grid) topic for additional information. - -When enumeration is set on an interactive grid, a second download button is displayed. A CSV file -can be downloaded that contains only data for the selected enumeration. - -![Group by loading data](/img/product_docs/accessanalyzer/admin/report/interactivegrids/groupbyloadingdata.webp) - -When grouping data, interactive grids display the percentage of data that has loaded on the page. diff --git a/docs/accessanalyzer/12.0/reporting/interactive-grids/paging.md b/docs/accessanalyzer/12.0/reporting/interactive-grids/paging.md deleted file mode 100644 index 92ffa6d0e0..0000000000 --- a/docs/accessanalyzer/12.0/reporting/interactive-grids/paging.md +++ /dev/null @@ -1,16 +0,0 @@ -# Paging - -Paging allows users to interact with large sets of data more efficiently when viewing, filtering, -and sorting generated report tables by limiting the amount of data being displayed at a given time. -Reports provide the ability to navigate to specific pages using arrows at the bottom of the report. -Paging is enabled by default. See the [Grid](/docs/accessanalyzer/12.0/reporting/wizard/widgets.md#grid) topic for additional -information. - -**NOTE:** Paging and grouping cannot be enabled at the same time. When Paging is enabled, the -Grouping options are disabled for the report. - -![Paging](/img/product_docs/accessanalyzer/admin/report/interactivegrids/paging.webp) - -When paging is enabled, arrows are displayed that allow you to navigate to the next page, last page, -previous page, or first page. If the data is filtered, it is indicated at the end of the line. Each -page contains 10 records. diff --git a/docs/accessanalyzer/12.0/reporting/interactive-grids/search-filter.md b/docs/accessanalyzer/12.0/reporting/interactive-grids/search-filter.md deleted file mode 100644 index 6d97c61ba6..0000000000 --- a/docs/accessanalyzer/12.0/reporting/interactive-grids/search-filter.md +++ /dev/null @@ -1,62 +0,0 @@ -# Searching and Filtering Data - -When dealing with large sets of data, it may be useful to search for a desired attribute. This can -be done using the Filter icon. - -**NOTE:** Searching and grouping cannot be enabled at the same time. If grouping is enabled, the -Search icon is disabled in the report. - -The following example shows an interactive grid in which searching has been enabled. See the -[Grid](/docs/accessanalyzer/12.0/reporting/wizard/widgets.md#grid) topic for additional information. - -![Search](/img/product_docs/threatprevention/threatprevention/reportingmodule/configuration/integrations/search.webp) - -Enter search criteria in the boxes under the columns to filter the data. Click the search icon again -to clear the filters. - -Click on a column to sort by that column. Clicking on a cell in a column automatically expands the -column size to fit the largest length of text contained in the column. - -## Searching Enumerated Tables - -Enabling the enumerated column option, and choosing a column from the data set adds a list of column -types to display as enumerated tables. - -![Enumerated Table](/img/product_docs/accessanalyzer/admin/report/interactivegrids/enumerated.webp) - -To change the enumeration in the report, select an option from the enumerated column list. When -enumeration is set on an interactive grid, a second download button is displayed with the name of -the currently selected enumerated column. You can use this to download a CSV file that only contains -the data for the selected enumeration. - -## Filtering on Dates & Times - -Data can also be filtered on dates and times. Expanding the column's width activates hyperlinks to -filter on specific time periods. - -![Date column filter](/img/product_docs/accessanalyzer/admin/report/interactivegrids/datefilter.webp) - -Enter a Start and End date and select the desired time period. - -## Filtering on Numeric Columns - -Comparison operators can also be used for filtering. Comparison operators which can be used for -filtering include the following: - -| Description | Operator | -| ------------------------ | -------- | -| Equal to | = | -| Greater than | > | -| Less than | < | -| Less than or equal to | <= | -| Greater than or equal to | >= | -| A range of values | n1..n2 | - -## Adding & Removing Columns - -Columns can be added or removed from the table. - -![Add and remove columns](/img/product_docs/accessanalyzer/admin/report/interactivegrids/addremovecolumns.webp) - -Right-click on a column to display a list of the available columns. Select the checkboxes of the -columns you want to be displayed. Click the up or down arrows to scroll through the list of columns. diff --git a/docs/accessanalyzer/12.0/reporting/overview.md b/docs/accessanalyzer/12.0/reporting/overview.md deleted file mode 100644 index 365eb478f2..0000000000 --- a/docs/accessanalyzer/12.0/reporting/overview.md +++ /dev/null @@ -1,23 +0,0 @@ -# Reporting - -Access Analyzer provides the ability to report on collected data in multiple ways such as tables, -views, graphs, and emails. Depending on the type of data collected, different reporting methods can -simplify how to present and understand the information. - -![Reports node](/img/product_docs/accessanalyzer/admin/report/reports.webp) - -The Reports node, contained within a job’s Configure node, lists any reports that are configured for -the job. The page contains options to create a report, configure existing reports, and a link to -view generated reports. The configuration of reports vary by use case, but they contain the same -elements. The layout and elements of a report are configured using the -[Report Configuration Wizard](/docs/accessanalyzer/12.0/reporting/wizard/overview.md). - -In addition, there are various ways to view and interact with generated reports. Generated reports -can be viewed in the Access Analyzer Console or in the Web Console. Reports can also be configured -to be downloaded as a CSV file, or sent as an email in various forms. See the -[Viewing Generated Reports](/docs/accessanalyzer/12.0/reporting/view.md) topic for additional information. - -The global settings configured under the Settings node are inherited down through the Jobs tree to -the job unless inheritance is broken in a job group’s Settings node, a job’s Properties window, or -in the Report Configuration Wizard. See the [Reporting](/docs/accessanalyzer/12.0/administration/settings/reporting.md) topic for -additional information. diff --git a/docs/accessanalyzer/12.0/reporting/tags.md b/docs/accessanalyzer/12.0/reporting/tags.md deleted file mode 100644 index 7db8d6f49f..0000000000 --- a/docs/accessanalyzer/12.0/reporting/tags.md +++ /dev/null @@ -1,98 +0,0 @@ -# Tags - -Tags can be added to reports to describe the content of the report and use cases for the report. For -example, tags can be included in a report to show the compliance frameworks to which the report -maps. To view tags or click on tag links, reports must be viewed in the Web Console. Tags are not -supported in reports in the Jobs tree. - -![Web Console Home Page](/img/product_docs/accessanalyzer/install/application/reports/webconsolehome.webp) - -If Reports from solutions that have been run have tags added to them, those tags can be found under -the Tags tab in the Navigation section on the right-hand side of the Published Reports homepage. - -| ![Tags tab on Web Console homepage](/img/product_docs/accessanalyzer/admin/report/privilegedaccountstag.webp) | -| ------------------------------------------------------------------------------------------------------------- | ---------------------------- | -| Privileged Accounts Tag on Published Reports homepage | Privileged Accounts Tag page | - -Click on a tag to view all reports that contain the selected tag. - -![Job Group view in the Web Console](/img/product_docs/accessanalyzer/admin/report/jobgroupview.webp) - -Clicking on a job group in the Published Reports menu displays the reports contained in that job -group. Jobs within that job group that have tags are identified with a tag icon along with the tag -name. - -![Report header](/img/product_docs/accessanalyzer/admin/report/reportheader.webp) - -When viewing a report in either the Web Console or the Access Analyzer console, tags are displayed -below the report title. Click on a tag to view all reports that contain that tag. If the tag is -selected from the Reports view in the Access Analyzer Console, the Published Reports Web Console -opens and direct users to the tag page. - -## Default Tags in Reports - -The following sections list out of the box reports that contain each tag. The tags are: - -### Open Access - -The Open Access tag is included in the following reports: - -- Active Directory Permissions Analyzer > 5.Open Access > AD_OpenAccess > Open Access by Domain -- Exchange > 4. Mailboxes > Permissions > EX_MailboxAccess > Incorrect Default and Anon Permissions -- SharePoint > 2.High Risk Sites >ALL REPORTS -- FileSystem > 1.Open Access > FS_OpenAccess > ALL REPORTS -- SQL > 5.Permissions > SQL_PublicPermissions > Public Permissions -- Oracle > 5.Permissions > Oracle_PublicPermissions > Public Permissions - -### Sensitive Data - -The Sensitive Data tag is included in the following reports: - -- Dropbox > 5.Sensitive Data > Dropbox SensitiveData > ALL REPORTS -- Exchange > 7. Sensitive Data > EX_SDDResults > ALL REPORTS -- FileSystem > 7.Sensitive Data > FS_DLPResults > ALL REPORTS -- Oracle > 7.Sensitive Data > Oracle_SensitiveData > ALL REPORTS -- SharePoint > 7.Sensitive Data Discovery > SP_SensitiveData > ALL REPORTS -- SQL > 7.Sensitive Data > SQL_SensitiveData > ALL REPORTS - -### Stale Data - -The Stale Data tag is included in the following reports: - -- Dropbox > 4.Content >Dropbox_Content > Stale Data -- Exchange > 4. Mailboxes > Sizing >EX_StaleMailboxes > Stale Users -- FileSystem > 4.Content > Stale > FS_StaleContent > Shares with Stale Content -- SharePoint > 4.Content > SP_StaleFiles > Stale Files -- Box > 2.Content > Box_FileMetrics > Files by User -- Box > 2.Content > Box_FileMetrics > Files by Extension - -### Stale Principals - -The Stale Principals tag is included in the following reports: - -- Active Directory > 2.Users > AD_StaleUsers > Stale Users -- Active Directory > 1.Groups > AD_StaleGroups > Stale Effective Membership -- Entra ID > 1.Groups > AAD_StaleGroups -- Entra ID > 2.Users > AAD_StaleUsers -- Oracle > 3.Users and Roles >Oracle_Users -- SQL > 3.Users and Roles > SQL_DatabasePrincipals - -### Security Assessment - -The Security Assessment tag is included in the following reports: - -- Active Directory > AD_SecurityAssessment > AD Security Assessment -- FileSystem > FS_SecurityAssessment > Security Assessment -- Windows > SG_SecurityAssessment > Systems Security Assessment -- SQL > SQL_SecurityAssessment > SQL Security Assessment -- Oracle > Oracle_SecurityAssessment > Oracle Security Assessment - -### Privileged Access - -The Privileged Access tag is included in the following reports: - -- Active Directory > 2.Users > AD_ServiceAccounts > Service Accounts -- Windows > Privileged Accounts > Local Administrators > SG_LocalAdmins > Local Administrators -- Unix > 2.Privileged Access > Sudoers > UX_Sudoers > Sudo Rights by Host -- Active Directory > 1.Groups > AD_SensitiveSecurityGroups > Sensitive Security Group Membership -- Shadow Access (when added) diff --git a/docs/accessanalyzer/12.0/reporting/view.md b/docs/accessanalyzer/12.0/reporting/view.md deleted file mode 100644 index 8bc2575fe0..0000000000 --- a/docs/accessanalyzer/12.0/reporting/view.md +++ /dev/null @@ -1,52 +0,0 @@ -# Viewing Generated Reports - -Reports can be viewed either in the Access Analyzer Console in the Results Node of the related job, -or published reports can be viewed in the Web Console. - -- [Results Node](#results-node) – All reports generated by a job are always accessible under the - job’s Results node -- [Web Console](#web-console) – All published reports generated by all jobs appear in the Published - Reports Web Console - -## Results Node - -Each job contains a results node where reports generated by that job can be viewed. Even if the -report is unpublished, the report is still displayed here. - -![Report in the Results node](/img/product_docs/accessanalyzer/admin/report/viewresultsnode.webp) - -Select the desired report to be viewed. The report displays in the Results pane of the console. - -![Access report from configure page](/img/product_docs/accessanalyzer/admin/report/viewconfigure.webp) - -You can also access the report from the **Configure** > **Reports** page for the job. Click the -report title to view the report. - -## Web Console - -The most common place to view reports is the Web Console. For information on how to access the Web -Console, see the -[Log into the Web Console](/docs/accessanalyzer/12.0/getting-started/installation/application/reports/overview.md#log-into-the-web-console) -topic. - -![Web Console Home page](/img/product_docs/accessanalyzer/install/application/reports/webconsolehome.webp) - -On the home page of the Web Console, select a solution to view a list of all published reports for -that solution’s job group. This list includes reports with changed Publish Path locations. - -![Web Console .Active Directory Inventory](/img/product_docs/accessanalyzer/admin/report/webconsolesolutioninventory.webp) - -Clicking a report name link opens the selected report, or navigate through the folders to select a -report. - -From within the Web Console, reports cannot be edited or deleted. However, the interactive grid -functions are enabled. See the [Interactive Grids](/docs/accessanalyzer/12.0/reporting/interactive-grids/overview.md) topic for -additional information. An additional feature available within the Web Console is the option to -download data as a CSV file, which can be enabled for grid elements. This exports the data within -tables, both interactive grid and plain HTML tables. See the [Grid](/docs/accessanalyzer/12.0/reporting/wizard/widgets.md#grid) topic -for additional information. - -**NOTE:** Any browser used to access the Web Console must have JavaScript allowed for the site. See -the -[Configure JavaScript Settings for the Web Console](/docs/accessanalyzer/12.0/administration/settings/reporting.md#configure-javascript-settings-for-the-web-console) -topic for additional information. diff --git a/docs/accessanalyzer/12.0/reporting/wizard/authoring.md b/docs/accessanalyzer/12.0/reporting/wizard/authoring.md deleted file mode 100644 index b58cca2305..0000000000 --- a/docs/accessanalyzer/12.0/reporting/wizard/authoring.md +++ /dev/null @@ -1,63 +0,0 @@ -# Authoring Page - -On the Authoring page of the Report Configuration wizard, you can configure the name, header -information, and publish settings for the report. - -![Report Configuration wizard Authoring page](/img/product_docs/accessanalyzer/admin/report/wizard/authoring.webp) - -Configure the following settings as required: - -![name](/img/product_docs/accessanalyzer/admin/report/wizard/name.webp) - -- Name – The name used for the report in the Access Analyzer console and Web Console. - -Header Options - -![header](/img/product_docs/accessanalyzer/admin/action/webrequest/header.webp) - -- Title – The title of the report as displayed at the top of the generated report -- Author – Name of the person or group who created the report. This is displayed at the top of the - generated report. -- Tags – Use the tag editor to add and remove tags, see the - [Add Tags to a Report](#add-tags-to-a-report) topic below for more information. Tags are displayed - in the header of the generated reported. -- Description – A description of the report content. It is displayed beneath the report Title in the - generated report. - -Publish Options - -- Publish Report – Select an option to configure if the report should be published to the Web - Console when it is generated. - - Use default setting – Applies the Global report settings, or the settings configured at the - job group or job levels if inheritance has been broken. (See the - [Publish Option](/docs/accessanalyzer/12.0/administration/settings/reporting.md#publish-option), - [Reporting Node](/docs/accessanalyzer/12.0/administration/job-management/group/reporting.md), and - [Report Settings Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-settings.md) topics for additional - information.) - - Publish report – Select this option to publish the report - - Do not publish report – Select this option to not publish the report -- Publish State – Shows the current publish state of the report. If the report is already published, - you can click the link to open the report in the Web Console. - -## Add Tags to a Report - -You can add tags to reports to describe the content and use cases of the report (see the -[Tags](/docs/accessanalyzer/12.0/reporting/tags.md) topic for additional information). The Tag Editor allows you to select the tags -for a report, including creating new ones to select. - -Follow the steps to select tags using the Tag Editor. - -**Step 1 –** On the Authoring page of the Report Configuration wizard, click the **Edit** button -located next to the Tags text box. - -![Tag Editor](/img/product_docs/accessanalyzer/admin/report/wizard/tageditor.webp) - -**Step 2 –** In the Tag editor, select the checkbox next to the tags that should be applied to the -report. - -- In addition to selecting existing tags, you can also add new tags to be selected. To create a tag, - enter the desired tag name in the text box and click **Add**. - -**Step 3 –** Click **OK**. - -The selected tags are now shown in the Tags field as a comma separated list. diff --git a/docs/accessanalyzer/12.0/reporting/wizard/email.md b/docs/accessanalyzer/12.0/reporting/wizard/email.md deleted file mode 100644 index e09ac2e315..0000000000 --- a/docs/accessanalyzer/12.0/reporting/wizard/email.md +++ /dev/null @@ -1,53 +0,0 @@ -# E-mail Page - -The E-mail page of the Report Configuration wizard gives you the option to break inheritance and -select report specific settings for emailing the report. - -![Report Configuration wizard E-mail page](/img/product_docs/accessanalyzer/admin/settings/email.webp) - -The default setting for new and included reports is **Use default setting**, which keeps the -inheritance from the global, job group, or job settings (see the -[Email Report Options](/docs/accessanalyzer/12.0/administration/settings/reporting.md#email-report-options), -[Reporting Node](/docs/accessanalyzer/12.0/administration/job-management/group/reporting.md), and -[Report Settings Tab](/docs/accessanalyzer/12.0/administration/job-management/job/properties/report-settings.md) topics for additional -information). If you want to keep the default, then you can skip this page of the wizard by clicking -**Next**. - -**NOTE:** In order for reports to be emailed, the SMTP server information must be configured in the -**Settings** > **Notification** node. See the [Notification](/docs/accessanalyzer/12.0/administration/settings/notification.md) topic -for additional information. - -To configure the setting for the report, use the Settings drop-down menu to select one of the -following options: - -- Use default setting – The default option. Applies the Global notification settings, or whatever - settings have been configured at the job group or job levels if inheritance has been broken. If - **Email this report** is enabled by default, then using this option sends the report to the - recipients configured at the parent level where the inheritance begins. -- Email this report – Select this option if you want to email the report and the inherited setting - is **Do not email this report**, or if you want to configure specific email settings for the - report. If it is selected, you must then configure the additional fields below. -- Do not email this report – Select this option to not email the report - -![Settings configured to email the report](/img/product_docs/accessanalyzer/admin/report/wizard/emailconfigured.webp) - -If the **Email this report** setting is selected, then the following fields are enabled for you to -configure: - -- Format – Select the format of the report to be contained in the email. - - Web Link – Sends an email notice that the report has been published and provides the recipient - with a link to it in the Web console - - Embedded HTML – Sends the report embedded inside the email using HTML format - - Data Tables as CSV (No Charts) – Attaches the complete data set (as configured within the - report, without row limit) to an email as a CSV file, excluding any charts - - PDF – Attaches the report to an email as a PDF file -- Subject – The subject line of the e-mail. By default it is - `Netwrix Access Analyzer (formerly Enterprise Auditor) Report: [ReportName]`, with the - `[ReportName]`variable being automatically populated. -- Send-To / Send-Cc / Send-Bcc – Enter the email addresses of the required recipients for the email - notification. Use a semicolon (;) to separate multiple recipients. -- Do not e-mail this report if blank – Select this checkbox to not email the report if all elements - of it are blank when it is generated - - A blank report can occur if there is an error in data collection or if the report is - configured for data which might not always be present (for example, new computer objects - created since last scan) diff --git a/docs/accessanalyzer/12.0/reporting/wizard/layout.md b/docs/accessanalyzer/12.0/reporting/wizard/layout.md deleted file mode 100644 index 51d3528f97..0000000000 --- a/docs/accessanalyzer/12.0/reporting/wizard/layout.md +++ /dev/null @@ -1,30 +0,0 @@ -# Layout Page - -The Layout page allows you to configure the layout of the report's content. - -![layout](/img/product_docs/accessanalyzer/admin/report/wizard/layout.webp) - -Follow the steps to select the layout: - -**Step 1 –** Click the **Select the number of rows** drop-down menu and select an option from: 1 -row, 2 rows, or 3 rows. - -**Step 2 –** Click on the layout tile you want for the report. - -The layout for the report has been selected. Each box on the selected tile corresponds to a separate -widget that you next need to configure on the [Widgets Page](/docs/accessanalyzer/12.0/reporting/wizard/widgets.md) page of the Report -Configuration wizard. - -## Element Downgrade Editor - -If you are editing an existing report and you select a layout that has fewer elements than the -number of already configured widgets, then the Element Downgrade Editor automatically displays. - -![Element Downgrade Editor](/img/product_docs/accessanalyzer/admin/report/wizard/elementdowngradeeditor.webp) - -The maximum number of elements allowed by the correctly selected layout is specified at the top of -the editor. Select the checkboxes next to the title of all the configured widgets you want to keep -up to this limit, then click **OK**. Any widgets not selected will be removed from the report. - -**NOTE:** You can click **Cancel** to return to the layout page to select a different layout with -more elements. diff --git a/docs/accessanalyzer/12.0/reporting/wizard/overview.md b/docs/accessanalyzer/12.0/reporting/wizard/overview.md deleted file mode 100644 index 8e651e8222..0000000000 --- a/docs/accessanalyzer/12.0/reporting/wizard/overview.md +++ /dev/null @@ -1,36 +0,0 @@ -# Report Configuration Wizard - -You can use the Report Configuration Wizard to configure reports. The wizard can be launched for an -existing report or when creating a new report. See the [Creating a Report](/docs/accessanalyzer/12.0/reporting/create.md) and -[Editing Existing Reports](/docs/accessanalyzer/12.0/reporting/edit.md) topics for additional information. - -Follow the steps to configure a report using the wizard. - -**NOTE:** Skip any sections or pages that do not require changes to the existing configuration. - -**Step 1 –** Create a new report or open the Report Configuration wizard for an existing report. - -**Step 2 –** Configure the settings on the [Authoring Page](/docs/accessanalyzer/12.0/reporting/wizard/authoring.md) page. These include Name, -Header information, and publish settings. Click **Next**. - -**Step 3 –** On the [E-mail Page](/docs/accessanalyzer/12.0/reporting/wizard/email.md) page, use the inherited settings or configure report -specific settings. Click **Next**. - -**Step 4 –** The [Publish Security Page](/docs/accessanalyzer/12.0/reporting/wizard/publish-security.md) page is only enabled if role-based -access is configured for the Access Analyzer console. On this page you can view and configure -accounts with permissions to view the report. If you are not using role-based access, you can skip -this page. Click **Next**. - -**Step 5 –** On the [Layout Page](/docs/accessanalyzer/12.0/reporting/wizard/layout.md) page, select the number of rows using the dropdown -menu. Then select the desired pre-defined layout from the options displayed. Click **Next**. - -**Step 6 –** On the [Widgets Page](/docs/accessanalyzer/12.0/reporting/wizard/widgets.md) page, configure widgets for each element of the -layout. - -**Step 7 –** Click **Finish** to save your changes. - -- If you do not want to save your changes or have not made any changes, click **Cancel** on any page - to exit the wizard without saving your changes. - -Your configuration has been saved. For information on how to view your report, see the -[Viewing Generated Reports](/docs/accessanalyzer/12.0/reporting/view.md) topic. diff --git a/docs/accessanalyzer/12.0/reporting/wizard/publish-security.md b/docs/accessanalyzer/12.0/reporting/wizard/publish-security.md deleted file mode 100644 index 8067c51a71..0000000000 --- a/docs/accessanalyzer/12.0/reporting/wizard/publish-security.md +++ /dev/null @@ -1,34 +0,0 @@ -# Publish Security Page - -The Publish Security page of the Report Configuration wizard contains the account names of users -with inherited permissions to view the generated report. - -**NOTE:** This page is only enabled if Role Based Access is configured for the Access Analyzer -Console. See the [Role Based Access](/docs/accessanalyzer/12.0/administration/settings/access/role-based/overview.md) topic for -additional information. - -![Publish Security page](/img/product_docs/accessanalyzer/admin/report/wizard/publishsecurity.webp) - -Roles assigned at the global level are inherited down to the report configuration. Additional report -viewer privileges can also be added at the job group or job levels. - -De-select the Include Report Reviewers from this object's parent checkbox to remove all inherited -accounts with the Report Viewer role. - -You can add additional users, groups, and service accounts with the Report Viewer role at the Report -level. This gives them the permission to view the specific report in the Web Console. Follow the -steps to add an account. - -**Step 1 –** Click **Add**. - -![Select User, Service Account, or Group window](/img/product_docs/accessanalyzer/admin/report/wizard/addreportviewer.webp) - -**Step 2 –** On the Select User, Service Account or Group window, select the desired account and -then click **OK**. - -![Report Viewer user added in wizard](/img/product_docs/accessanalyzer/admin/report/wizard/reportviewer.webp) - -The selected account is added to the list with a Role of Report Viewer. - -**NOTE:** The permission for accounts that are not Inherited can also be removed using the wizard. -To remove an account, select it and then click **Remove**. diff --git a/docs/accessanalyzer/12.0/reporting/wizard/widgets.md b/docs/accessanalyzer/12.0/reporting/wizard/widgets.md deleted file mode 100644 index d27f2a6be6..0000000000 --- a/docs/accessanalyzer/12.0/reporting/wizard/widgets.md +++ /dev/null @@ -1,217 +0,0 @@ -# Widgets Page - -The Widgets page of the Report Configuration wizard allows you to configure the tables, charts, and -text that form the report. - -![Widgets page](/img/product_docs/accessanalyzer/admin/report/wizard/widgets.webp) - -At the top of the page the selected layout is described. The table contains the available element -locations where widgets need to be configured. - -![Configure widgets](/img/product_docs/accessanalyzer/admin/report/wizard/widgetsconfigure.webp) - -To add a new widget to an empty element, click **Configure** and select the desired widget type from -the drop-down menu. The following widgets are available: - -- [Grid](#grid) -- [Chart](#chart) -- [Text](#text) - -The editor or wizard for the selected widget opens. See the relevant section below for information -about configuring it. - -![Table with configured widgets](/img/product_docs/accessanalyzer/admin/report/wizard/widgetsconfigured.webp) - -For configured widgets the table shows the title, type, and data source. You can perform the -following actions by selecting a row and clicking the relevant button: - -- Configure – Opens the editor for the configured widget -- Clear – Deletes the configured widget from the selected element -- Up / Down – Moves the widget up or down to the next element of the selected layout. If another - widget is already configured in the element you are moving it to, the two widgets exchange places. - -## Grid - -The Grid widget type allows you to configure a table to be displayed on generated reports. - -![Grid configuration window](/img/product_docs/accessanalyzer/admin/report/wizard/widgetgrid.webp) - -### Options - -The Options section allows you to configure the title and data source for the Grid element. - -![Options section](/img/product_docs/accessanalyzer/admin/report/wizard/widgetgridoptions.webp) - -The section contains the following options: - -- Element Title – Enter a title for the element in the text box. This will be displayed in the - element's header on the generated report. - -DataSource Options - -In order to generate results, a location must first be selected as the source of the data. - -- Table – Use the drop-down to select the required data source. The drop-down contains the list of - jobs within Access Analyzer that have been executed. -- Current job only – Select this checkbox to only display data from the current job. This option is - selected by default. -- Include all SA nodes data – Select this checkbox to display data from all Access Analyzer data - tables -- Show Historical Data – If there is historical data, selecting this option displays all - collections. It is keyed off of the Job Runtime column. -- Limit maximum number of displayed rows to [number] – Limits the number of rows of data displayed - to less than or equal to the number chosen. By default it is set to **1000**. - - **NOTE:** Limits that are larger than the default may slow down the run time. - -Export CSV Options - -You can configure the table to allow the data to be exported as a CSV file. - -- Export table data as CSV – Select this option to enable a report’s table section to be exportable - as a CSV file from the generated report - - When it is configured, you can click the **All Data** button on the table section of the - report to save the report as a CSV file. See the - [Interactive Grids](/docs/accessanalyzer/12.0/reporting/interactive-grids/overview.md) topic for more information. -- Rows – Limits the amount of rows exported to the CSV file. The default is **Visible**. - - Visible – Only includes the amount of rows set by the **Limit Maximum number of displayed rows - to** option in the DataSource Options section - - All – Includes all rows of the data set -- Columns – Limits the amount of columns exported to the CSV file. The default is **Visible**. - - Visible – Only exports the visible columns (excludes any columns removed using the Column - Chooser) - - All – Includes all columns, including those in the Column Chooser - -### Table Properties - -The Table Properties section allows you to configure the display features of the grid. - -![Table Properties section](/img/product_docs/accessanalyzer/admin/report/wizard/widgetgridtableproperties.webp) - -There are two types of grid displays: - -- Interactive grid – Allows the viewer to interact with the table in the generated report. See the - [Interactive Grids](/docs/accessanalyzer/12.0/reporting/interactive-grids/overview.md) topic for additional information. -- Non Interactive grid – Creates a report with fixed settings and stationary elements. This option - disables all the fields within the Table Properties section. - - **NOTE:** In order to view user configured Grouping in emailed reports, the report must be - emailed as a **Non Interactive Grid**. - -The following settings are available when Interactive grid is selected: - -Grid Properties - -- Treat interactive grid contents as plain text (not HTML) – Enables interactive grid functionality. - This option is selected by default. -- Enable Paging – Enables Paging in reports. Paging allows users to interact with large sets of data - more efficiently when viewing, filtering, and sorting generated report tables by limiting the - amount of data being displayed at a given time. Paging is enabled by default. See the - [Paging](/docs/accessanalyzer/12.0/reporting/interactive-grids/paging.md) topic for additional information. - -Column Properties - -- Group Column – Arranges the table to be grouped by the attributes of the selected column - - **NOTE:** Paging and grouping are not compatible. When Paging is enabled, the Grouping options - are disabled in the Table Properties section and in the generated report. - -- Enum Column – Groups the data in tables based on the selected column -- Color Column – Colors a column data displayed on the report’s table section -- Icon Column – Creates an icon that appears next to column name on the report’s table section -- Path Column – Creates a column that displays the attack path within the report - -### Data - -The selected data for the table is shown in the section at the bottom of the window. This section -allows you to configure the data to be displayed in the table. - -![Data display](/img/product_docs/accessanalyzer/admin/report/wizard/widgetgriddata.webp) - -The buttons above the column names provide you options for configuring the table arrangement. - -- Clear Sorting – Restores columns to the default placement -- Column Chooser – Opens a pane where you can remove unwanted columns or add hidden columns -- Filter Editor – Opens the Filter Editor which allows you to add custom filters with conditional - statements and logical connectives -- Best Fit (all columns) –  Adjusts the width of the columns to display all the data within the - cells - -## Chart - -Chart widgets allow you to create various chart types to represent data. A Chart Section can only -display one chart type at a time. Charts are configured using the Chart Configuration wizard. See -the [Chart Configuration Wizard](/docs/accessanalyzer/12.0/reporting/chart-wizard/overview.md) topic for additional information. - -## Text - -There are two types of text editor that allow you to configure a text element on a report. - -- Basic Text Editor – Provides basic functionality like font size and style. Works with HTML script. -- Advanced Text Editor – Provides advanced functionality like document formatting, inserting tables, - and adding hyperlinks - -![Text Editor selection window](/img/product_docs/accessanalyzer/admin/report/wizard/texteditorselection.webp) - -When you first configure a new text element, a dialog displays allowing you to select the type of -Text Editor. On this dialog, select either the Basic or Advanced Text Editor and click **Open -Editor**. The selected editor then opens. - -**NOTE:** Once a Text Editor is selected for a Text element, it cannot be changed. - -### Basic Text Editor - -![Basic Text Editor](/img/product_docs/accessanalyzer/admin/report/wizard/basictexteditor.webp) - -The Basic Text Editor has the following options: - -- Element Title – Enter a title for the element in the text box. This will be displayed in the - element's header on the generated report. -- Editor / Preview tabs – You can switch between the Editor and Preview tabs. The Editor tab allows - you to edit the text and apply formatting. The Preview tab shows you how the formatted text will - look in the generated report.. -- Convert Carriage Returns to HTML – This checkbox is selected by default. When selected, text - displays on a new line in the generated output where a carriage return has been used. If it is not - selected, the text continues on the same line. - -The icons listed in the table below are available in the Basic Editor (and Advanced Editor) to -provide basic editing options for text entries. - -| Icon | Description | -| ---------------------------------------------------------------------------------------- | ------------------------------------------------------------- | -| ![Undo](/img/product_docs/accessanalyzer/admin/report/wizard/undo.webp) | Undo a change to the text | -| ![Redo](/img/product_docs/accessanalyzer/admin/report/wizard/redo.webp) | Redo a change to the text | -| ![Paste](/img/product_docs/accessanalyzer/admin/navigate/paste.webp) | Paste the contents of the clipboard | -| ![Paste Special](/img/product_docs/accessanalyzer/admin/report/wizard/pastespecial.webp) | Paste as either formatted text, unformatted text, or metafile | -| ![Cut](/img/product_docs/accessanalyzer/admin/navigate/cut.webp) | Cut the selected text and put it on the clipboard | -| ![Find](/img/product_docs/accessanalyzer/admin/report/wizard/find.webp) | Find and replace specified text | -| ![Font](/img/product_docs/accessanalyzer/admin/report/wizard/font.webp) | Change the font face | -| ![Font Size](/img/product_docs/accessanalyzer/admin/report/wizard/fontsize.webp) | Change the font size | - -### Advanced Text Editor - -![Advanced Text Editor](/img/product_docs/accessanalyzer/admin/report/wizard/advancedtexteditor.webp) - -The Advanced Text Editor has the following options: - -- Element Title – Enter a title for the element in the text box. This will be displayed in the - element's header on the generated report. -- Editor / Preview tabs – You can switch between the Editor and Preview tabs. The Editor tab allows - you to edit the text and apply formatting. The Preview tab shows you how the formatted text will - look in the generated report.. - -The Advanced Editor contains all the icons from the Basic Editor, see above. In addition to these, -it has the icons with higher level editing options for text entries that are listed in the table -below. - -| Icon | Description | -| -------------------------------------------------------------------------------------------- | --------------------------------------------------------------- | -| ![Bold](/img/product_docs/accessanalyzer/admin/report/wizard/bold.webp) | Makes the selected text bold | -| ![Italic](/img/product_docs/accessanalyzer/admin/report/wizard/italic.webp) | Italicize the selected text | -| ![Decrease Indent](/img/product_docs/accessanalyzer/admin/report/wizard/decreaseindent.webp) | Decrease the indent level of the paragraph | -| ![Increase Indent](/img/product_docs/accessanalyzer/admin/report/wizard/increaseindent.webp) | Increase the indent level of the paragraph | -| ![Hyperlink](/img/product_docs/accessanalyzer/admin/report/wizard/hyperlink.webp) | Create a link to a Web page, picture, email address, or program | -| ![Multilevel List](/img/product_docs/accessanalyzer/admin/report/wizard/multilevel.webp) | Start a multilevel list | -| ![Numbering](/img/product_docs/accessanalyzer/admin/report/wizard/numbering.webp) | Start a numbered list | -| ![Bullets](/img/product_docs/accessanalyzer/admin/report/wizard/bullets.webp) | Start a bulleted list | -| ![Table](/img/product_docs/accessanalyzer/admin/report/wizard/table.webp) | Insert a table | diff --git a/docs/accessanalyzer/12.0/requirements/overview.md b/docs/accessanalyzer/12.0/requirements/overview.md new file mode 100644 index 0000000000..d13e169dca --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/overview.md @@ -0,0 +1,194 @@ +# Requirements + +This topic describes the recommended configuration of the servers needed to install the application +in a production environment. Depending on the size of the organization, it is recommended to review +your environment and requirements with a Netwrix engineer prior to deployment to ensure all +exceptions are covered. + +## Architecture Overview + +The following servers and applications are required for installation of the application: + +Core Components + +- Access Analyzer Console Server – This is where the v12.0 application is installed. +- SQL Server for Access Analyzer Database – As a data-intensive application, a well-provisioned, + dedicated SQL Server is recommended. +- Access Information Center Application Server – This application is typically installed on the + Access Analyzer Console server and is a browser-based, interactive dashboard for exploring + permissions, activity, and sensitive data. + + **NOTE:** The Access Information Center is often installed on the same server as the Access + Analyzer application, but it can be installed separately. + +Exchange Solution-Specific Components + +- Access Analyzer MAPI CDO – This application is installed on the Access Analyzer Console server to + enable the Settings > Exchange global configuration interface within Access Analyzer. + +File System Solution-Specific Components + +- Access Analyzer File System Proxy Server – In certain environments, a proxy server may be utilized + to scan hosts in remote or firewalled sites to increase scan capacity in large environments. This + feature can be implemented through either an applet or a service. The applet would be deployed as + part of the data collection process. The service should be installed prior to data collection. See + the [Proxy Mode as a Service](solutions/filesystem/scanoptions.md#proxy-mode-as-a-service) topic + for server requirements. + +SharePoint Solution-Specific Components + +- Access Analyzer SharePoint Agent Server – For agent-based scans, this application can be installed + on the SharePoint application server that hosts the “Central Administration” component of the + targeted farm(s) to auditing permissions, content, and sensitive data for SharePoint On-Premise. + See the [SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) topic for server + requirements. + +Activity Event Data Considerations + +- Netwrix Activity Monitor – Access Analyzer depends upon integration with the Activity Monitor for + monitored event data for several solutions. See the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for installation requirements and information on collecting activity data. +- Netwrix Threat Prevention – Access Analyzer can integrate with Threat Prevention for Active + Directory and Windows File System event data. This integration works in conjunction with Netwrix + Activity Monitor. See the + [Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) + for installation requirements and information on collecting activity data. + +Target Environment Considerations + +The target environment encompasses all servers, devices, or infrastructure to be audited by Access +Analyzer. Most solutions have additional target requirements. + +## Access Analyzer Console & Access Information Center Server Requirements + +The server can be physical or virtual. The requirements are: + +- Windows Server 2016 through Windows Server 2022 + +Additionally the server must meet these requirements: + +- US English language installation +- Domain member + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. See the following topics for +additional: + +- [Active Directory Solution Requirements on the Access Analyzer Console](solutions/activedirectory.md#active-directory-solution-requirements-on-the-access-analyzer-console) +- [Active Directory Permissions Analyzer Solution Requirements on the Access Analyzer Console](solutions/activedirectorypermissionsanalyzer.md#active-directory-permissions-analyzer-solution-requirements-on-the-access-analyzer-console) +- [AWS Solution Requirements on the Access Analyzer Console](solutions/aws.md#aws-solution-requirements-on-the-access-analyzer-console) +- [Box Solution Requirements on the Access Analyzer Console](solutions/box.md#box-solution-requirements-on-the-access-analyzer-console) +- [Databases Solution Requirements on the Access Analyzer Console](solutions/databases.md#databases-solution-requirements-on-the-access-analyzer-console) +- [Dropbox Solution Requirements on the Access Analyzer Console](solutions/dropbox.md#dropbox-solution-requirements-on-the-access-analyzer-console) +- [Entra ID Solution Requirements on the Access Analyzer Console](solutions/entraid.md#entra-idsolution-requirements-on-the-access-analyzer-console) +- [Exchange Solution Requirements on the Access Analyzer Console](solutions/exchange.md#exchange-solution-requirements-on-the-access-analyzer-console) +- [File System Solution Requirements on the Access Analyzer Console ](solutions/filesystem.md#file-system-solution-requirements-on-the-access-analyzer-console) +- [SharePoint Solution Requirements on the Access Analyzer Console](solutions/sharepoint.md#sharepoint-solution-requirements-on-the-access-analyzer-console) +- [Unix Solution Requirements on the Access Analyzer Console](solutions/unix.md#unix-solution-requirements-on-the-access-analyzer-console) +- [Windows Solution Requirements on the Access Analyzer Console](solutions/windows.md#windows-solution-requirements-on-the-access-analyzer-console) + +Additional Server Requirements + +The following are additional requirements for the Console server: + +- .NET Framework 4.7.2 installed, which can be downloaded from the link in the Microsoft + [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) + article. +- Microsoft SQL Server supports TLS 1.2, which requires the Access Analyzer Console server to have + either SQL Server Native Client 11 or Microsoft OleDB 18 installed + +Additional Server Considerations + +The following are recommended for the Console server: + +- 100/1000 Mb Network Connection +- SQL Server Management Studio installed (Optional) +- Font "arial-unicode-ms" installed (Needed for report Unicode character support) + +Permissions for Installation + +The following permissions are required to install and use the application: + +- Membership in the local Administrators group for the Access Analyzer Console server + + **NOTE:** Role based access can be enabled for a least privilege user model. + +Supported Browsers + +The following is a list of supported browsers for the Web Console and the Access Information Center: + +- Google® Chrome® +- Microsoft® Edge® +- Mozilla® Firefox® + +## SQL Server Requirements + +The server requirements include one of the following SQL Server versions: + +- SQL Server 2016 through SQL Server 2022 +- Azure SQL Managed Instances + +Additionally the server must meet this requirement: + +- US English language installation + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. See the following topics for +additional: + +- [Active Directory Solution Requirements on the SQL Server](solutions/activedirectory.md#active-directory-solution-requirements-on-the-sql-server) +- [Active Directory Permissions Analyzer Solution Requirements on the SQL Server](solutions/activedirectorypermissionsanalyzer.md#active-directory-permissions-analyzer-solution-requirements-on-the-sql-server) +- [AWS Solution Requirements on the SQL Server](solutions/aws.md#aws-solution-requirements-on-the-sql-server) +- [Box Solution Requirements on the SQL Server](solutions/box.md#box-solution-requirements-on-the-sql-server) +- [Databases Solution Requirements on the SQL Server](solutions/databases.md#databases-solution-requirements-on-the-sql-server) +- [Entra ID Solution Requirements on the SQL Server](solutions/entraid.md#entra-id-solution-requirements-on-the-sql-server) +- [Exchange Solution Requirements on the SQL Server](solutions/exchange.md#exchange-solution-requirements-on-the-sql-server) +- [File System Solution Requirements on the SQL Server](solutions/filesystem.md#file-system-solution-requirements-on-the-sql-server) +- [SharePoint Solution Requirements on the SQL Server](solutions/sharepoint.md#sharepoint-solution-requirements-on-the-sql-server) +- [Unix Solution Requirements on the SQL Server](solutions/unix.md#unix-solution-requirements-on-the-sql-server) +- [Windows Solution Requirements on the SQL Server](solutions/windows.md#windows-solution-requirements-on-the-sql-server) + +Additional Server Requirements + +The following are additional requirements for the SQL Server: + +- SQL Server must be equal or newer version than the version to be targeted +- All SQL Server databases configured to use ‘Simple Recovery Model’ + +Additional Server Considerations + +The following additional considerations are recommended for the SQL Server: + +- The standard Autogrowth setting can cause Access Analyzer job delays. Database growth is + computationally intensive. While SQL Server is growing the database, no other activity can occur. + If this option is employed, please speak with a Netwrix engineer to determine an appropriate + setting for best performance. +- Microsoft SQL Server supports TLS 1.2, which requires the Access Analyzer Console server to have + either SQL Server Native Client 11 or Microsoft OleDB 18 installed. +- _Optional_: SQL Server Management Studio installed on the Access Analyzer Console server + +Database Permissions + +The following permissions are required on the databases: + +- Database Owner +- Provisioned to use Default Schema of ‘dbo’ + +## Virtual Environment Recommendations + +While physical machines are always preferred, we fully support the use of virtual machines. This +section contains special considerations when leveraging virtualization. + +- VMWare® ESX® – If using ESX, the following specifications are recommended: + + - ESX 4.0 / ESXi™ 4.1 or higher + - Virtual Hardware 7 or higher + - All Virtual Machines installed on the same datacenter / rack + +- Virtual Storage Consideration + + - In the server requirements, when separate disks are required for the servers, that should + translate to separate data stores on the VM host machine. diff --git a/docs/accessanalyzer/12.0/requirements/solutions/activedirectory.md b/docs/accessanalyzer/12.0/requirements/solutions/activedirectory.md new file mode 100644 index 0000000000..9a18d7cdcd --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/activedirectory.md @@ -0,0 +1,45 @@ +# Active Directory Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat +Prevention is required for event activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or +the +[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) +for installation requirements and information on collecting activity data. + +See the [Active Directory Domain Target Requirements](/docs/accessanalyzer/12.0/config/activedirectory/overview.md) +topic for target environment requirements. + +## Active Directory Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Active Directory Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/requirements/solutions/activedirectorypermissionsanalyzer.md b/docs/accessanalyzer/12.0/requirements/solutions/activedirectorypermissionsanalyzer.md new file mode 100644 index 0000000000..503dde2e54 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/activedirectorypermissionsanalyzer.md @@ -0,0 +1,39 @@ +# Active Directory Permissions Analyzer Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +See the +[Domain Target Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/activedirectorypermissionsanalyzer.md) +topic for target environment requirements. + +## Active Directory Permissions Analyzer Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Active Directory Permissions Analyzer Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 1 TB | 450 GB | +| SQL Transaction Log Disk | 240 GB | 120 GB | +| SQL TEMP DB Disk | 350 GB | 240 GB | diff --git a/docs/accessanalyzer/12.0/requirements/solutions/aws.md b/docs/accessanalyzer/12.0/requirements/solutions/aws.md new file mode 100644 index 0000000000..18991062ca --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/aws.md @@ -0,0 +1,50 @@ +# Amazon Web Services (AWS) Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +See the [Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/aws.md) topic for +target environment requirements. + +## AWS Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | -------------- | -------------- | +| Definition | > 100 Accounts | < 100 Accounts | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +Sensitive Data Discovery Auditing Requirement + +**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the +server. The JDK deployed is prepackaged and does not require any configuration; it has been +preconfigured to work with Access Analyzer and should never be customized through Java. It will not +conflict with other JDKs or Java Runtimes in the same environment. + +## AWS Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | -------------- | -------------- | +| Definition | > 100 Accounts | < 100 Accounts | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/requirements/solutions/box.md b/docs/accessanalyzer/12.0/requirements/solutions/box.md new file mode 100644 index 0000000000..6b65215033 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/box.md @@ -0,0 +1,38 @@ +# Box Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +See the [Target Box Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/box.md) topic for target +environment requirements. + +## Box Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Box Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/requirements/solutions/databases.md b/docs/accessanalyzer/12.0/requirements/solutions/databases.md new file mode 100644 index 0000000000..0563a923aa --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/databases.md @@ -0,0 +1,78 @@ +# Databases Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +In addition to these, integration with either the Netwrix Activity Monitor is required for event +activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for installation requirements and information on collecting activity data. + +See the following topics for target environment requirements: + +- [Target Db2 Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databasedb2.md) +- [Target MongoDB Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databasemongodb.md) +- [Target MySQL Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databasemysql.md) +- [Target Oracle Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databaseoracle.md) +- [Target PostgreSQL Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databasepostgresql.md) +- [Target Redshift Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databaseredshift.md) +- [Target SQL Server Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databasesql.md) + +## Databases Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Extra-Large | Large | Medium | Small | +| ----------- | -------------------- | ------------------------ | --------------------- | -------------------- | +| Definition | > 1 TB database size | Up to 1 TB database size | ~250 GB database size | ~50 GB database size | +| RAM | 24 GB | 16 GB | 12 GB | 4 GB | +| Cores | 8 CPU | 8 CPU | 4 CPU | 2 CPU | +| Disk Space | 460 GB | 280 GB | 160 GB | 80 GB | + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +Additional Server Considerations for Oracle Scans + +For scanning Oracle databases, the following are additional requirements for the Console server: + +- Windows Management Framework 3+ installed +- PowerShell 3.0+ installed +- NMAP installed +- For Instance Discovery, NMAP installed + +Additional Server Considerations for SQL Server Scans + +For scanning SQL databases, the following are additional requirements for the Console server: + +- Windows Management Framework 3+ installed +- PowerShell 3.0+ installed + +Sensitive Data Discovery Auditing Requirement + +**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the +server. The JDK deployed is prepackaged and does not require any configuration; it has been +preconfigured to work with Access Analyzer and should never be customized through Java. It will not +conflict with other JDKs or Java Runtimes in the same environment. + +## Databases Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Extra-Large | Large | Medium | Small | +| ------------------------ | -------------------- | ------------------------ | --------------------- | -------------------- | +| Definition | > 1 TB database size | Up to 1 TB database size | ~250 GB database size | ~50 GB database size | +| RAM | 64 GB | 32 GB | 16 GB | 8 GB | +| Cores | 16 CPU | 12 CPU | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | +| SQL Database Disk | 500 GB | 320 GB | 240 GB | 100 GB | +| SQL Transaction Log Disk | 120 GB | 100 GB | 80 GB | 40 GB | +| SQL TEMP DB Disk | 320 GB | 240 GB | 160 GB | 80 GB | diff --git a/docs/accessanalyzer/12.0/requirements/solutions/dropbox.md b/docs/accessanalyzer/12.0/requirements/solutions/dropbox.md new file mode 100644 index 0000000000..a1f3acdfe6 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/dropbox.md @@ -0,0 +1,57 @@ +# Dropbox Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat +Prevention is required for event activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or +the +[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) +for installation requirements and information on collecting activity data. + +See the [Target Dropbox Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/dropbox.md) topic for target +environment requirements. + +## Dropbox Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +Sensitive Data Discovery Auditing Requirement + +**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the +server. The JDK deployed is prepackaged and does not require any configuration; it has been +preconfigured to work with Access Analyzer and should never be customized through Java. It will not +conflict with other JDKs or Java Runtimes in the same environment. + +## Dropbox Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/requirements/solutions/entraid.md b/docs/accessanalyzer/12.0/requirements/solutions/entraid.md new file mode 100644 index 0000000000..e2a9b440e3 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/entraid.md @@ -0,0 +1,40 @@ +# Entra ID Solution + +**NOTE:** The Entra ID solution is for scanning Microsoft Entra ID, formerly Azure Active Directory. + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +See the [Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/12.0/config/entraid/overview.md) topic +for target environment requirements. + +## Entra ID Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 8+ GB | 4+ GB | +| Cores | 4 CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Entra ID Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ----------------------- | ---------------------- | +| Definition | ~100,000 Users & Groups | ~50,000 Users & Groups | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/requirements/solutions/entraid/entraroles.md b/docs/accessanalyzer/12.0/requirements/solutions/entraid/entraroles.md new file mode 100644 index 0000000000..fd2ec94473 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/entraid/entraroles.md @@ -0,0 +1,180 @@ +# Microsoft Entra Roles Auditing Configuration + +Access Analyzer can scan for Microsoft Entra roles information. It scans: + +- Microsoft Entra ID (formerly Azure AD) + +**NOTE:** A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. + +Data Collector + +- [Entra Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/entra/overview.md) + +Configuration Settings from the Registered Application + +The following settings are needed from your tenant once you have registered the application: + +- Client ID – This is the Application (client) ID for the registered application +- Key – This is the Client Secret Value generated when a new secret is created + + **CAUTION:** It is not possible to retrieve the value after saving the new key. It must be + copied first. + +**NOTE:** It is recommended to use the same registered application for the Access and Entra roles +auditing configurations. In this case, these values are only needed once for the tenant. See the +[Microsoft Entra ID Registered Application](#microsoft-entra-id-registered-application) topic for +additional information. + +## Permissions + +The following permissions are required for Microsoft Entra Roles auditing: + +- Microsoft Graph API Application permissions: + + - RoleManagement.Read.Directory + +- Resource Manager permissions: + + - Microsoft.Authorization/roleAssignments/read + - Microsoft.Authorization/roleDefinitions/read + - Microsoft.Resources/resources/read + - Microsoft.Resources/subscriptions/read + - Microsoft.Resources/subscriptions/resources/read + - Microsoft.Resources/subscriptions/resourceGroups/read + - Microsoft.Authorization/providerOperations/read + - Microsoft.Management/managementGroups/read + +## Microsoft Entra ID Registered Application + +You must have a registered application to assign the required permissions to. It is recommended to +use the same registered application that is used for access auditing using the AzureADInventory data +collector. See the +[Register a Microsoft Entra ID Application](/docs/accessanalyzer/12.0/config/entraid/access.md#register-a-microsoft-entra-id-application) +topic for additional information on registering an application. + +The Client ID and Key for the registered application are required for the Access Analyzer connection +profile. If, as recommended, you are using a single registered application for the tenant, then you +do not need to add an additional user credential in the connection profile. If you create a separate +registered application for Entra roles auditing, then the Client ID and Key for this must be added +to the connection profile as an additional Azure Active Directory user credential. See the +[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/configurejob.md) +topic for additional information. + +Once you have the registered application, the next step is to grant it the required permissions for +the Entra data collector. + +## Grant Permissions to the Registered Application + +Follow the steps to grant the required permissions to the registered application. + +**Step 1 –** Log in to [Azure Portal](https://portal.azure.com/). + +**Step 2 –** Navigate to the **App registrations** > **All applications** list for your tenant, and +select your registered application. + +**Step 3 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 4 –** In the top toolbar, click **Add a permission**. + +**Step 5 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs +tab. Select the following permissions: + +- Under Application Permissions, select: + + - RoleManagement.Read.Directory + +**Step 6 –** At the bottom of the page, click **Add Permissions**. + +**Step 7 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +The permissions have been granted to the registered application. Next, you need to create a custom +role and assign the necessary resource manager permissions. + +## Create Custom Role with Resource Manager Permissions + +Follow the steps to create the required custom role and assign the necessary permissions. + +**Step 1 –** In Azure portal, navigate to **Management groups** within the Microsoft Entra tenant. + +- You can either use the search bar or select **All services** on the navigation menu to find the + Management groups dashboard. + +**Step 2 –** Select the **Tenant Root Group** to navigate to the Overview page of the management +group. + +**_RECOMMENDED:_** It is recommended to create this custom role at the root management group level. +This ensures that all of necessary information on the Microsoft Entra environment is collected. +Creating the custom role on a lower level management group can result in missing data. + +**Step 3 –** Navigate to **Access Control (IAM)** on the left side menu. + +**Step 4 –** On the Access Control (IAM) panel, click **Add** and then select **Add custom role**. + +**Step 5 –** On the Create a custom role page, enter a role name. Optionally, add a description for +the custom role. + +**Step 6 –** Select the Permissions tab, then click **Add permissions** and assign the following +permissions: + +- Microsoft.Authorization/roleAssignments/read +- Microsoft.Authorization/roleDefinitions/read +- Microsoft.Resources/resources/read +- Microsoft.Resources/subscriptions/read +- Microsoft.Resources/subscriptions/resources/read +- Microsoft.Resources/subscriptions/resourceGroups/read +- Microsoft.Authorization/providerOperations/read +- Microsoft.Management/managementGroups/read + +Alternatively, you can edit the JSON to assign the permissions. To do so, go to the JSON tab and +edit the permissions section of the JSON to be the following: + +``` +"permissions": [ +    { +        "actions": [ +            "Microsoft.Authorization/roleAssignments/read", +            "Microsoft.Authorization/roleDefinitions/read", +            "Microsoft.Resources/resources/read", +            "Microsoft.Resources/subscriptions/read", +            "Microsoft.Resources/subscriptions/resources/read", +            "Microsoft.Resources/subscriptions/resourceGroups/read", +            "Microsoft.Authorization/providerOperations/read", +            "Microsoft.Management/managementGroups/read" +        ], +        "notActions": [], +        "dataActions": [], +        "notDataActions": [] +    } +``` + +**_RECOMMENDED:_** After editing the JSON, go back to the Permissions tab and verify the list of +permissions. + +**Step 7 –** Once the permissions are configured, click **Create** on the Review + create tab to +finish creating the custom role. + +Now that you have created the custom role with the necessary permissions, you must assign this +custom role to the registered application. + +## Assign the Custom Role to the App Registration + +Follow the steps to assign the custom role to your registered application. + +**Step 1 –** Navigate back to Access Control (IAM) in the Tenant Root Group. + +**Step 2 –** On the Access control (IAM) panel, click **Add** and select **Add role assignment**. + +**Step 3 –** On the Add role assignment page, select the newly created role and click **Next**. + +- You can use the search bar to easily find the custom role. + +**Step 4 –** On the Members tab, select the Assign access to option as **User, group, or service +principal**. Then, click **Select members** and search for your registered application. Select the +application from the list and click **Select**. + +**Step 5 –** On the Review + assign tab, click **Review + assign** to complete the role assignment. + +The registered application has now been configured with all the necessary permissions for Entra +roles scans. diff --git a/docs/accessanalyzer/12.0/requirements/solutions/exchange.md b/docs/accessanalyzer/12.0/requirements/solutions/exchange.md new file mode 100644 index 0000000000..d20640ad17 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/exchange.md @@ -0,0 +1,89 @@ +# Exchange Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat +Prevention is required for event activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or +the +[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) +for installation requirements and information on collecting activity data. + +See the following topics for target environment requirements: + +- [Target Exchange Servers Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/exchange.md) +- [Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/exchangeonline.md) + +## Exchange Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Extra Large – Large | Medium – Small | +| ----------- | ------------------------- | ----------------------- | +| Definition | ~50,000-120,000 Mailboxes | ~1,000-10,000 Mailboxes | +| RAM | 16+ GB | 8+ GB | +| Cores | 8 CPU | 4 CPU | +| Disk Space | 120 GB | 120 GB | + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +Sensitive Data Discovery Auditing Requirement + +**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the +server. The JDK deployed is prepackaged and does not require any configuration; it has been +preconfigured to work with Access Analyzer and should never be customized through Java. It will not +conflict with other JDKs or Java Runtimes in the same environment. + +Permissions to Run Exchange Scans + +The following are additional requirements for the Access Analyzer Console server specific to running +the Exchange Solution: + +- Outlook should not be installed +- StealthAUDIT MAPI CDO installed (for MAPI- based data collectors). See the + [StealthAUDIT MAPI CDO Installation](/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md) + topic for additional information. +- Exchange MAPI CDO installed (for MAPI- based data collectors) +- For targeting Exchange 2010 – Exchange Management Tools 2010 installed on the Access Analyzer + Console server +- For Targeting Exchange Online – PowerShell Execution Policy set to unrestricted for both 64-bit + and 32-bit versions + +Exchange Online Modern Authentication + +The following prerequisites are required to use Modern Authentication for Exchange Online in Access +Analyzer. + +- Exchange Online Management v3.4.0 + + - You can install this module with the following command: + + ``` + Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.4.0 + ``` + +- Create a self-signed certificate that will be used by Access Analyzer for Modern Authentication + +## Exchange Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Extra-Large | Large | Medium | Small | +| ------------------------ | ------------------ | ----------------- | ----------------- | ---------------- | +| Definition | ~120,000 Mailboxes | ~50,000 Mailboxes | ~10,000 Mailboxes | ~1,000 Mailboxes | +| RAM | 64 GB | 16 GB | 16 GB | 8 GB | +| Cores | 16 CPU | 16 CPU | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | +| SQL Database Disk | 1.25 TB | 650 GB | 415 GB | 325 GB | +| SQL Transaction Log Disk | 650 GB | 650 GB | 325 GB | 325 GB | +| SQL TEMP DB Disk | 325 GB | 325 GB | 325 GB | 325 GB | diff --git a/docs/accessanalyzer/12.0/requirements/solutions/exchange/mailflow.md b/docs/accessanalyzer/12.0/requirements/solutions/exchange/mailflow.md new file mode 100644 index 0000000000..5ffcdc1d1a --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/exchange/mailflow.md @@ -0,0 +1,64 @@ +# Exchange Mail-Flow Permissions + +The ExchangeMetrics Data Collector collects Mail-Flow metrics from the Exchange Message Tracking +Logs on the Exchange servers. Some examples of this include server volume and message size +statistics. This data collector utilizes an applet to process and collect summarized metrics from +the Message Tracking Log. + +1. HUB Metrics Job Group Requirement + +In addition to the permissions required by the ExchangeMetrics Data Collector, the Connection +Profile assigned to the 1. HUB Metrics Job Group requires the following permission and User Rights +(based on default settings): + +- Member of the local Administrator group on the targeted Exchange server(s) where the Hub Transport + service is running +- Log on as a Service Group Policy: + + - Go to `GPedit.msc` + - Go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User + Rights + +Applet Permissions + +This is required because the ExchangeMetrics Data Collector is an applet-based data collector. It +requires + +- Member of the local Administrator group on the targeted Exchange server(s) + +This grants access to the Message Tracking Logs and the ability to create the +`SA_ExchangeMetricsData` folder, which will contain the applet files and the processed message +tracking log files stored inside a SQLite database for each day. For example: + +\\ExchangeServerName\c$\Program Files\Microsoft\Exchange +Server\V14\TransportRoles\Logs\MessageTracking + +If there have been additional security or permission modifications on the server(s), the following +rights and policies may need to be enabled on the targeted host: + +- Ensure the Administrator group has been granted Full Control over Message Tracking Log Directories +- WMI Control (`wmimgmt.msc`) > Right Click Properties > Security + + - Security Tab > Root > CIMV2 > Click Security + + - Ensure the Administrators group has been assigned: + + - Execute Methods + - Remote Enable + - Enable Account + +- Local Security Policy (`secpol.msc`): + + - Local Policies > User Rights Assignment: + + - Ensure the ‘Replace a Process Level Token’ right grants access to Local Service, Network + Service, and Administrators + - Ensure the ‘Adjust Memory Quotas for a Process’ right grants access to Local Service, + Network Service, and Administrators + - Ensure the ‘Impersonate a client after authentication’ right grants access to Local + Service and Administrators + - Ensure the Administrators group has been granted the following rights: + + - Access this computer from a network + - Allow Log on Locally + - Log on as a batch job diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mapi.md b/docs/accessanalyzer/12.0/requirements/solutions/exchange/mapi.md similarity index 100% rename from docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mapi.md rename to docs/accessanalyzer/12.0/requirements/solutions/exchange/mapi.md diff --git a/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md b/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md new file mode 100644 index 0000000000..253713d54e --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md @@ -0,0 +1,235 @@ +# Exchange PowerShell Permissions + +The ExchangePS Data Collector utilizes PowerShell to collect various information from the Exchange +environment. This data collector utilizes Remote PowerShell to collect information about Exchange +Users Configuration, Mailboxes, Public Folders, and Exchange Online Mail-Flow. + +Job Group Requirements in Addition to ExchangePS + +In addition to the permissions required by the ExchangePS Data Collector, the Connection Profile +assigned to these job groups requires the following permissions: + +- 2. CAS Metrics + + - This job group also requires remote connection permissions for the SMARTLog Data Collector. + See the [Exchange Remote Connections Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/remoteconnections.md) topic for additional + information. + +- 3. Databases + + - This job group also requires permissions for the Exchange2K Data Collector, which is + MAPI-based and has additional requirements + +- 4. Mailboxes + + - This job group also requires Exchange Mailbox Access Auditing to be enabled. See the + [Enable Exchange Mailbox Access Auditing](#enable-exchange-mailbox-access-auditing) topic for + additional information. + +- 5. Public Folders + + - This job group also requires permissions for the ExchangePublicFolder Data Collector, which is + MAPI-based and has additional requirements + +- 8. Exchange Online + + - This job group uses Modern Authentication to target Exchange Online. See the + [Exchange Online Auditing Configuration](/docs/accessanalyzer/12.0/config/exchangeonline/access.md) topic + for additional information. + +## Permissions Explained + +Remote PowerShell and Windows Authentication Enabled + +The Remote PowerShell and Windows Authentication configurations for Exchanges servers are required +to be enabled on at least one Exchange server running the Client Access Service so that the +ExchangePS Data Collector can make a remote PowerShell connection and authenticate through Access +Analyzer. + +Access Analyzer passes credentials saved in the Connection Profile to the data collector so that it +is able to connect to the targeted host. This requires the Exchange server to allow for Windows +Authentication. See the +[Enable Remote PowerShell for ExchangePS Data Collector](#enable-remote-powershell-for-exchangeps-data-collector) +topic and the +[Enable Windows Authentication for PowerShell Virtual Directory](#enable-windows-authentication-for-powershell-virtual-directory) +topic for additional information. + +View-Only Organization Management Role Group + +This is required so the ExchangePS Data Collector is able to run the various Exchange PowerShell +cmdlets. + +Public Folder Management + +This permission is only required if utilizing the ExchangePublicFolder Data Collector or +ExchangeMailbox Data Collector, as well as the PublicFolder or Mailbox Action Modules. This is +required in order to make a connection through the MAPI protocol. The following job group requires +the Public Folder Management Role Group: + +- 5. Public Folders > Ownership + +If not running this collection, then this permission is not required. + +Mailbox Search Role + +This is required to collect Mailbox Access Audit logs and run Mailbox Search queries through the +ExchangePS Data Collector. The following job group requires the Mailbox Search Role: + +- 4. Mailboxes > Logons + +Application Impersonation Role + +The Application Impersonation Role is a customer role you need to create. See the +[Create Custom Application Impersonation Role in Exchange](#create-custom-application-impersonation-role-in-exchange) +topic for additional information. + +## Scoping Options + +There are five different scoping options within this data collector. Since not all query categories +support all scoping options, No Scoping is an option. If there are no scoping options available, +then the data collector should be run against the host specified in the Summary page of the data +collector wizard. + +No Scoping + +This option will gather information about the entire Exchange Organization. When using the applet, +the data collector will gather information about the Exchange Forest in which the Access Analyzer +Console currently resides. For Remote PowerShell, the data collector will gather information about +the Exchange Organization to which the Remote PowerShell connection was made. This refers to the +server entered in the Client Access Server (CAS) field of the global configuration from the +**Settings** > **Exchange** node or on the Scope Page of the data collector wizard. See the +[ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) topic for additional +information. + +Scope by Database + +This option will gather information about any databases which are chosen. When using the applet, the +data collector will return databases in the Scope by DB page of the data collector wizard for the +Exchange Organization in which the Access Analyzer Console currently resides, as well as, only +return information about those databases. For Remote PowerShell, the data collector will return +databases in the Scope by DB page of the data collector wizard for the Exchange Forest, as well as, +only return information about those databases. See the +[ExchangePS: Scope by DB](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopedatabases.md) topic for +additional information. + +Scope by Mailbox + +This option will gather information about any mailboxes which are chosen. When using the applet, the +data collector will return mailboxes in the Scope by Mailboxes page of the data collector wizard for +the Exchange Forest in which the Access Analyzer Console currently resides, as well as, only return +information about those mailboxes. For Remote PowerShell, the data collector will return mailboxes +in the Scope by Mailboxes page of the data collector wizard for the Exchange Forest, as well as, +only return information about those mailboxes. See the +[ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopemailboxes.md) topic +for additional information. + +Scope by Server + +This option will gather information about objects which reside on the chosen server. When choosing +this option, the data collector will then use the Host List applied to the job’s **Configure** > +**Hosts** node as the servers scoping list. When using the applet, the data collector will deploy a +process to the targeted host to run the PowerShell on that server. For Remote PowerShell, the data +collector will deploy no applet and utilize the WinRM protocol to gather information about the +objects on that server. + +Scope by Public Folder + +This option will gather information about any public folders which are chosen. When using the +applet, the data collector will return public folders in the Scope by Public Folders page of the +data collector wizard for the Exchange Forest in which the Access Analyzer Console currently +resides, as well as, only return information about those public folders. For Remote PowerShell, the +data collector will return public folders in the Scope by Public Folders page of the data collector +wizard for the Exchange Forest, as well as, only return information about those public folders. See +the +[ExchangePS: Scope by Public Folders](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfolders.md) +topic for additional information. + +## Enable Remote PowerShell for ExchangePS Data Collector + +Follow these steps to enable Remote PowerShell. + +**Step 1 –** On the server that Access Analyzer will connect with Remote PowerShell, open +PowerShell. + +**Step 2 –** Run the following command: + +``` +Enable-PSRemoting +``` + +**Step 3 –** When prompted, type `A` and `A` again to enable the appropriate services and protocols. + +Remote PowerShell has been enabled. See the Microsoft +[Tip: Enable and Use Remote Commands in Windows PowerShell](https://technet.microsoft.com/en-us/library/ff700227.aspx) +article for additional information. + +Next, enable Windows Authentication for PowerShell Virtual Directory on the same server. + +## Enable Windows Authentication for PowerShell Virtual Directory + +Once Remote PowerShell has been enabled on an Exchange Server in the environment, it is necessary to +also enable Windows Authentication for the PowerShell Virtual Directory on the same Exchange server. +Follow these steps to enable Windows Authentication. + +**Step 1 –** On the server where Remote PowerShell was enabled, open the Internet Information +Services (IIS) Manager. + +![IIS Authentication Open Feature](/img/product_docs/accessanalyzer/12.0/requirements/solutions/exchange/iismanager.webp) + +**Step 2 –** Traverse to the **PowerShell** Virtual Directory under the **Default Web Site**. Select +**Authentication** and click **Open Feature**. + +![IIS Enable Windows Authentication](/img/product_docs/accessanalyzer/12.0/requirements/solutions/exchange/iismanagerauth.webp) + +**Step 3 –** Right-click on **Windows Authentication** and select **Enable**. + +Windows Authentication has been enabled for the PowerShell Virtual Directory. + +## Create Custom Application Impersonation Role in Exchange + +Follow the steps to create the custom Application Impersonation role. The process is the same for +Exchange 2010 Service Pack 1 through Exchange 2019 and Exchange Online. + +**Step 1 –** Within the Exchange Admin Center, navigate to the permissions section and select admin +roles. + +**Step 2 –** Add a new role group by clicking on the + button, and the New Role Group window opens. + +![New role group window](/img/product_docs/accessanalyzer/12.0/requirements/solutions/exchange/rolegroup.webp) + +**Step 3 –** Configure the new role group with the following settings: + +- Name – Provide a distinct name for the role group, for example Application Impersonation +- Description – Optionally indicate in the description that the new role group is required for + Access Analyzer +- Write scope – Remain set to **Default** +- Roles – Click the + button to open the Select a Role window. Select the + **ApplicationImpersonation** role from the available list and click **Add**. Then click **OK** to + close the Select a Role window. +- Members – Click the + button to open the Select Members window. Select the account from the + available list and click **Add**. Remember, the account needs to be assigned the other permissions + required for the **EWSMailbox** and/or **EWSPublicFolder** data collectors. Then click **OK** to + close the Select Members window. + +**Step 4 –** **Save** the new role group. + +The new role group appears in the list. + +## Enable Exchange Mailbox Access Auditing + +The 4. Mailboxes Job Group requires the Exchange Mailbox Access Auditing to be enabled. In order to +collect Mailbox Access Auditing events, it is necessary to enable Exchange Mailbox Access Auditing +for Exchange. See the following Microsoft articles: + +- Exchange Online – + [Enable mailbox auditing in Office 365](https://technet.microsoft.com/en-us/library/dn879651.aspx) + article +- Exchange 2016 – Exchange 2019 – + [Enable or disable mailbox audit logging for a mailbox](https://technet.microsoft.com/en-us/library/ff461937(v=exchg.160).aspx) + article +- Exchange 2013 – + [Enable or disable mailbox audit logging for a mailbox](https://technet.microsoft.com/en-us/library/ff461937(v=exchg.150).aspx) + article +- Exchange 2010 – + [Enable or Disable Mailbox Audit Logging for a Mailbox](https://technet.microsoft.com/en-us/library/ff461937(v=exchg.141).aspx) + article diff --git a/docs/accessanalyzer/12.0/requirements/solutions/exchange/remoteconnections.md b/docs/accessanalyzer/12.0/requirements/solutions/exchange/remoteconnections.md new file mode 100644 index 0000000000..96b9b63ec7 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/exchange/remoteconnections.md @@ -0,0 +1,64 @@ +# Exchange Remote Connections Permissions + +The SMARTLog Data Collector processes the IIS Logs on the server running the Client Access Service +(CAS) to return information about the remote connections being made to Exchange. This data collector +uses an applet to process and collect the IIS Logs. + +2. CAS Metrics Job Group Requirement + +In addition to the permissions required by the SMARTLog Data Collector, the Connection Profile +assigned to the 2. CAS Metrics Job Group requires the following permissions and User Rights (based +on default settings): + +- Member of the local Administrator group on the targeted Exchange server(s) where the Client Access + Service is running +- Log on as a Service Group Policy: + + - Go to `GPedit.msc` + - Go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User + Rights + +- Permissions required by the ExchangePS Data Collector. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) topic for additional information. + +Applet Permissions + +This is required because the SMARTLog Data Collector is an applet-based data collector. It requires +the following permission on the target host which contain the IIS Logs: + +- Member of the local Administrators group + +This grants the ability to process logs folder which will contain the applet files and logs. For +example: + +\\ExchangeServerName\c$\Program Files (x86)\STEALTHbits\StealthAUDIT\LogProcessor + +If there have been additional security or permission modifications on the server(s), the following +rights and policies may need to be enabled on the targeted host: + +- Ensure the Administrator group has been granted Full Control over IIS Log Directories +- WMI Control (`wmimgmt.msc`) > Right Click Properties > Security + + - Security Tab > Root > CIMV2 > Click Security + + - Ensure the Administrators group has been assigned: + + - Execute Methods + - Remote Enable + - Enable Account + +- Local Security Policy (`secpol.msc`): + + - Local Policies > User Rights Assignment: + + - Ensure the ‘Replace a Process Level Token’ right grants access to Local Service, Network + Service, and Administrators + - Ensure the ‘Adjust Memory Quotas for a Process’ right grants access to Local Service, + Network Service, and Administrators + - Ensure the ‘Impersonate a client after authentication’ right grants access to Local + Service and Administrators + - Ensure the Administrators group has been granted the following rights: + + - Access this computer from a network + - Allow Log on Locally + - Log on as a batch job diff --git a/docs/accessanalyzer/12.0/requirements/solutions/exchange/support.md b/docs/accessanalyzer/12.0/requirements/solutions/exchange/support.md new file mode 100644 index 0000000000..bb042c4cf0 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/exchange/support.md @@ -0,0 +1,86 @@ +# Exchange Support and Permissions Explained + +This topic outlines what is supported for each type of Exchange version. + +**NOTE:** Sensitive Data Discovery is available with the EWSMailbox, EWSPublicFolder, and +ExchangeMailbox data collectors. + +## Support by Data Collector + +The following tables provide a breakdown of support by data collector: + +| Data Collector | Exchange Online | Exchange 2019 | Exchange 2016 | Exchange 2013 | Exchange 2010 | MAPI-Based | +| -------------------- | --------------- | ------------- | ------------- | ------------- | ------------- | ---------- | +| EWSMailbox | Yes | Yes | Yes | Yes | Limited\* | No | +| EWSPublicFolder | Yes | Yes | Yes | Yes | Limited\* | No | +| Exchange2k | No | No | No | Yes | Yes | Yes | +| ExchangeMailbox | No | No | No | Yes | Yes | Yes | +| ExchangeMetrics | No | Yes | Yes | Yes | Yes | No | +| ExchangePS | Yes | Yes | Yes | Yes | Yes | No | +| ExchangePublicFolder | No | No | No | Yes | Yes | Yes | +| SMARTLog | No | Yes | Yes | Yes | Yes | No | + +\* The data collector can target Exchange 2010 Service Pack 1 and later. + +## Support by Job Group + +The following tables provide a breakdown of support by job group: + +| Job Group | Exchange Online | Exchange 2019 | Exchange 2016 | Exchange 2013 | Exchange 2010 | MAPI-Based | +| --------------------- | --------------- | ------------- | ------------- | ------------- | ------------- | ---------- | +| 1. HUB Metrics | No | Yes | Yes | Yes | Yes | No | +| 2. CAS Metrics | No | Yes | Yes | Yes | Yes | No | +| 3. Database | No | Limited\* | Limited\* | Yes | Yes | Yes | +| 4. Mailboxes | Yes | Yes | Yes | Yes | Yes | No | +| 5. Public Folders | No | No | No | Yes | Yes | Yes | +| 6. Distribution Lists | Yes | Yes | Yes | Yes | Yes | No | +| 7. Sensitive Data | Yes | Yes | Yes | Yes | Limited\* | Mix\*\* | +| 8. Exchange Online | Yes | No | No | No | No | No | + +\* Limited indicates that some of the data collectors can target the environment, but not all. + +\*\* Mix indicates some data collectors are MAPI-based, but not all. + +## Exchange Solution to Permissions Alignment + +See the following sections for permission requirements according to the job group, data collector, +or action module to be used: + +- [Exchange Mail-Flow Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/mailflow.md) + + - ExchangeMetrics Data Collector + - 1. HUB Metrics Job Group + +- [Exchange Remote Connections Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/remoteconnections.md) + + - SMARTLog Data Collector + - 2. CAS Metrics Job Group + +- [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) + + - ExchangePS Data Collector + - PublicFolder Action Module + - Mailbox Action Module + - 2. CAS Metrics Job Group + - 3. Databases Job Group + - 4. Mailboxes Job Group + - 5. Public Folders Job Group + - 8. Exchange Online Job Group + +- [Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/webservicesapi.md) + + - EWSMailbox Data Collector + - EWSPublicFolder Data Collector + - 7. Sensitive Data Job Group + +- [MAPI-Based Data Collector Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/mapi.md) + + - Exchange2K Data Collector + - ExchangeMailbox Data Collector + - ExchangePublicFolder Data Collector + - 3. Databases Job Group + - 5. Public Folders Job Group + - 7. Sensitive Data Job Group + +**NOTE:** All MAPI-based data collectors require the **Settings** > **Exchange** node configured in +the Access Analyzer Console. diff --git a/docs/accessanalyzer/12.0/requirements/solutions/exchange/webservicesapi.md b/docs/accessanalyzer/12.0/requirements/solutions/exchange/webservicesapi.md new file mode 100644 index 0000000000..ee25c20974 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/exchange/webservicesapi.md @@ -0,0 +1,13 @@ +# Exchange Web Services API Permissions + +The EWSMailbox and EWSPublicFolder data collectors utilizes Exchange Web Services API to access and +communicate with Exchange. These data collectors collect statistical, content, permission, and +sensitive data information from mailboxes and public folders. + +Exchange Online Hybrid Environment Requirement + +In addition to the permissions required by the EWSMailbox and EWSPublicFolder data collectors, the +Connection Profile assigned to the 7. Sensitive Data Job Group requires the following permissions +(based on default settings): + +- Customized Administrator > Exchange Administrator Role diff --git a/docs/accessanalyzer/12.0/requirements/solutions/filesystem.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem.md new file mode 100644 index 0000000000..15d9db754b --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/filesystem.md @@ -0,0 +1,121 @@ +# File System Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +The File System solution can be configure to use Proxy servers either an applet or as a service. See +the [File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic for additional information. + +In addition to these, integration with either the Netwrix Activity Monitor or the Netwrix Threat +Prevention is required for event activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) or +the +[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) +for installation requirements and information on collecting activity data. + +See the following topics for target environment requirements: + +- [File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) +- [File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) + +## File System Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Enterprise | Extra-Large | Large | Medium | Small | +| ----------- | ------------------------------ | ----------------------------------- | ----------------------------------- | ----------------------------------- | ----------------------------------- | +| Definition | 800+ million files and folders | Up to 800 million files and folders | Up to 500 million files and folders | Up to 200 million files and folders | Up to 100 million files and folders | +| RAM | 24 GB | 24 GB | 16 GB | 12 GB | 4 GB | +| Cores | 8 CPU | 8 CPU | 8 CPU | 4 CPU | 2 CPU | +| Disk Space | 1.5 TB | 770 GB | 470 GB | 270 GB | 130 GB | + +The above recommended disk space sizing information is based on the needs of Access Analyzer as well +as the File System solution for running Permission scans with default configuration (500 MB per +million files and folders), that means no tag collection, file-level scanning, activity, or +sensitive data. + +- For tag collection, add 125 MB per million documents to the totals above +- For activity collection, add 250 MB per million files and folders and another 125 MB per million + activity events to the totals above +- For sensitive data collection, add 500 MB per million files and folders and another 1%-10% of the + total size of the documents scanned for sensitive data (depending on targeted document types and + selected criteria) to the totals above + +For example, in order to scan 200 million files and folders, of which 10 million files will be +scanned for tag collection and sensitive data with a total size of 6 TB, you would need: 160 GB for +permission collection + 1.25 GB for tag collection (10x125 MB) + 100 GB for sensitive data +collection (200x500 MB) + 600 GB additional for sensitive data collection (10% of 6 TB) = 861.25 GB +total disk space. + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By +default, SDD scans are configured to run two concurrent threads. For example, if the job is +configured to scan 8 hosts at a time with two concurrent SDD threads, then an extra 32 GB of RAM are +required (8x2x2=32). + +Additional Server Considerations for File System Scans + +If Data Activity Tracking for NAS is required or if NetApp Filers running Clustered Data ONTAP are +in scope, reducing latency between the scanning server and the target device is highly recommended. +Additional hardware may be required, especially if the target NAS devices are not collocated with +the Access Analyzer Console server. + +Sensitive Data Discovery Auditing Requirement + +**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the +server. The JDK deployed is prepackaged and does not require any configuration; it has been +preconfigured to work with Access Analyzer and should never be customized through Java. It will not +conflict with other JDKs or Java Runtimes in the same environment. + +Permissions on the Console Server to Run File System Scans + +In most cases the Access Analyzer user is a member of the local Administrators group on the +application server. However, if the Role Based Access usage is employed, then the user assigned the +role of Job Initiator (for manual execution) or the credential used for the Schedule Service Account +(for scheduled execution) must have the following permissions to execute File System scans in local +mode, applet mode, or proxy mode with applet: + +- Group membership in either of the following local groups: + + - Backup Operators + - Administrators + +These permissions grant the credential the ability to create a high integrity token capable of +leveraging the “Back up files and directories” from where the Access Analyzer executable is run. + +Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the +installation directory. This is required by either the user account running the Access Analyzer +application, when manually executing jobs from the console, or the Schedule Service Account assigned +within Access Analyzer, when running jobs as a scheduled tasks. + +See the [File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic and the +[File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) topic for permissions required to scan +the environment. + +## File System Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Enterprise | Extra-Large | Large | Medium | Small | +| ------------------------ | ------------------------------ | ----------------------------------- | ----------------------------------- | ----------------------------------- | ----------------------------------- | +| Definition | 800+ million files and folders | Up to 800 million files and folders | Up to 500 million files and folders | Up to 200 million files and folders | Up to 100 million files and folders | +| RAM | 64 GB | 64 GB | 32 GB | 16 GB | 8 GB | +| Cores | 16 CPU | 16 CPU | 12 CPU | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | 4 | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | 160 GB | +| SQL Database Disk | 1.6 TB | 830 GB | 530 GB | 400 GB | 170 GB | +| SQL Transaction Log Disk | 390 GB | 200 GB | 170 GB | 130 GB | 70 GB | +| SQL TEMP DB Disk | 1 TB | 530 GB | 400 GB | 270 GB | 130 GB | + +Additional SQL Server Requirements for File System Scans + +The following are additional requirements for the SQL Server specifically for the File System +solution: + +- For File-level Auditing – SQL Server standard edition or higher required +- For File Activity Auditing – SQL Server Enterprise Edition is required diff --git a/docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmodepermissions.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmodepermissions.md new file mode 100644 index 0000000000..79add9b116 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmodepermissions.md @@ -0,0 +1,41 @@ +# Applet Mode Permissions + +When File System scans are run in applet mode, it means the File System applet is deployed to the +target host when the job is executed to conduct data collection. However, the applet can only be +deployed to a server with a Windows operating system. The data is collected on the Windows target +host where the applet is deployed. The final step in data collection is to compress and transfer the +data collected in the SQLite database(s), or Tier 2 database(s), back to the Access Analyzer Console +server. If the target host is a NAS device, the File System scans will default to local mode for +that host. + +Configure the credential(s) with the following rights on the Windows target host(s): + +- Group membership in the local Administrators group +- Granted the “Backup files and directories” local policy privilege +- Granted the “Log on as a batch” privilege +- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local + Policies > Security Options privilege + +Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the +installation directory on the target host/proxy server as well as on the Access Analyzer Console +server. This is required by either the user account running the Access Analyzer application, when +manually executing jobs within the console, or the Schedule Service Account assigned within Access +Analyzer, when running jobs as a scheduled tasks. + +_Remember,_ Remote Registry Service must be enabled on the host where the applet is deployed (for +Applet Mode or Proxy Mode with Applet scans) to determine the system platform and where to deploy +the applet. + +**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials +for network authentication” must be disabled in order for the applet to start. + +Sensitive Data Discovery Auditing scans require .NET Framework 4.7.2 or later to be installed on the +server where the applet is to be deployed in order for Sensitive Data Discovery collections to +successfully occur. + +When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials +within the Connection Profile assigned to the File System scans must be properly configured as +explained above. Also the firewall rules must be configured to allow for communication between the +applicable servers. + +See the [Applet Mode Port Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmodeports.md) topic for firewall rule information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/applet-mode-ports.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmodeports.md similarity index 100% rename from docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/applet-mode-ports.md rename to docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmodeports.md diff --git a/docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmodepermissions.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmodepermissions.md new file mode 100644 index 0000000000..718b8d8fac --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmodepermissions.md @@ -0,0 +1,46 @@ +# Local Mode Permissions + +When File System scans are run in local mode, it means all of the data collection processing is +conducted by the Access Analyzer Console server across the network. The data is collected in the +SQLite database(s), or Tier 2 database(s), on the Access Analyzer Console server, and then imported +into the Access Analyzer database, or Tier 1 database, on the SQL Server. + +The account used to run either a manual execution or a scheduled execution of the File System scans, +must have the following permissions on the Access Analyzer Console server: + +- Group membership in either of the following local groups: + - Backup Operators + - Administrators + +Configure the credential(s) with the following rights on the Windows host(s): + +- Group membership in both of the following local groups: + - Power Users + - Backup Operators +- Granted the “Backup files and directories” local policy privilege + +For Windows Server target hosts, the credential also requires: + +- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local + Policies > Security Options privilege + +In order to collect data on administrative shares and local policies (logon policies) for a Windows +target, the credential must have group membership in the local Administrators group. + +Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the +installation directory on the Access Analyzer Console server. This is required by either the user +account running the Access Analyzer application, when manually executing jobs within the console, or +the Schedule Service Account assigned within Access Analyzer, when running jobs as a scheduled +tasks. + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.  By default, SDD scans +are configured to run two concurrent threads. For example, if the job is configured to scan 8 hosts +at a time with two concurrent SDD threads, then an extra 32 GB of RAM are required (8x2x2=32). + +When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials +within the Connection Profile assigned to the File System scans must be properly configured as +explained above. Also the firewall rules must be configured to allow for communication between the +applicable servers. + +See the [Local Mode Port Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmodeports.md) topic for firewall rule information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/local-mode-ports.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmodeports.md similarity index 100% rename from docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/local-mode-ports.md rename to docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmodeports.md diff --git a/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeappletpermissions.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeappletpermissions.md new file mode 100644 index 0000000000..369f26408e --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeappletpermissions.md @@ -0,0 +1,67 @@ +# Proxy Mode with Applet Permissions + +When File System scans are run in proxy mode with applet, it means the File System applet is +deployed to the Windows proxy server when the job is executed to conduct data collection. The data +collection processing is initiated by the proxy server where the applet is deployed and leverages a +local mode-type scan to each of the target hosts. The final step in data collection is to compress +and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Access +Analyzer Console server. + +Configure the credential(s) with the following rights on the proxy server(s): + +- Group membership in the local Administrators group +- Granted the Backup files and directories local policy privilege +- Granted the Log on as a batch privilege +- If the applet is deployed as a service, the service account requires the Log on as a service + privilege + + - See the [FSAA: Applet Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md) topic for + additional information on the applet launch mechanism + +- If running FSAC, the service account in the credential profile requires access to the admin share + (e.g. `C$`) where the `sbtfilemon.ini` file exists + +Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the +installation directory on the proxy server as well as on the Access Analyzer Console server. This is +required by either the user account running the Access Analyzer application, when manually executing +jobs within the console, or the Schedule Service Account assigned within Access Analyzer, when +running jobs as a scheduled tasks. + +_Remember,_ Remote Registry Service must be enabled on the host where the applet is deployed (for +Applet Mode or Proxy Mode with Applet scans) to determine the system platform and where to deploy +the applet. + +**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials +for network authentication” must be disabled in order for the applet to start. + +Configure the credential(s) with the following rights on the Windows host(s): + +- Group membership in both of the following local groups: + - Power Users + - Backup Operators +- Granted the “Backup files and directories” local policy privilege + +For Windows Server target hosts, the credential also requires: + +- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local + Policies > Security Options privilege + +Sensitive Data Discovery Auditing scans require .NET Framework 4.7.2 or later to be installed on the +server where the applet is to be deployed in order for Sensitive Data Discovery collections to +successfully occur. + +When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials +within the Connection Profile assigned to the File System scans must be properly configured as +explained above. Also the firewall rules must be configured to allow for communication between the +applicable servers. + +See the [Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeappletports.md) topic for firewall rule +information. + +Secure Proxy Communication Considerations + +For Proxy Mode with Applet scans, the certificate exchange mechanism and certificate exchange port +must be configured via the File System Access Auditing Data Collector Wizard prior to executing a +scan. See the +[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/certificatemanagement.md) +topic for additional information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-applet-ports.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeappletports.md similarity index 100% rename from docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-applet-ports.md rename to docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeappletports.md diff --git a/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeserver.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeserver.md new file mode 100644 index 0000000000..a2739b1550 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeserver.md @@ -0,0 +1,106 @@ +# Proxy Mode Server Requirements + +The Access Analyzer File System Proxy requirements apply for servers where either the service is +installed or the applet will be deployed unless otherwise stated. + +**NOTE:** Align the proxy server requirements to match the environment size the proxy server will be +handling. + +The server can be physical or virtual. The requirements for Access Analyzer are: + +- Windows Server 2016 through Windows Server 2022 + + - US English language installation + - Domain member + +RAM, CPU, and Disk Space + +RAM, CPU, and Disk Space are dependent upon the size of the target environment: + +**CAUTION:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. By +default, SDD scans are configured to run two concurrent threads. For example, if the job is +configured to scan 8 hosts at a time with two concurrent SDD threads, then an extra 32 GB of RAM are +required (8x2x2=32). + +- Enterprise Environment (800 million+ files and folders) + + - 24 GB RAM + - 8 CPU Cores + - 1.5 TB Disk Space + +- Extra-Large Environment (Up to 800 million files and folders) + + - 24 GB RAM + - 8 CPU Cores + - 770 GB Disk Space + +- Large Environment (Up to 500 million files and folders) + + - 16 GB RAM + - 8 CPU Cores + - 470 GB Disk Space + +- Medium Environment (Up to 200 million files and folders) + + - 12 GB RAM + - 4 CPU Cores + - 270 GB Disk Space + +- Small Environment (Up to 100 million files and folders) + + - 4 GB RAM + - 2 CPU Cores + - 130 GB Disk Space + +The above recommended disk space sizing information is based on the needs of Access Analyzer as well +as the File System solution for running Permission scans with out of the box configuration (500 MB +per million files and folders), that means no tag collection, file-level scanning, activity, or +sensitive data. + +- For tag collection, add 125 MB per million documents to the totals above +- For activity collection, add 250 MB per million files and folders and another 125 MB per million + activity events to the totals above +- For sensitive data collection, add 500 MB per million files and folders and another 1%-10% of the + total size of the documents scanned for sensitive data (depending on targeted document types and + selected criteria) to the totals above + +For example, in order to scan 200 million files and folders, of which 10 million files will be +scanned for tag collection and sensitive data with a total size of 6 TB, you would need: 160 GB for +permission collection + 1.25 GB for tag collection (10x125 MB) + 100 GB for sensitive data +collection (200x500 MB) + 600 GB additional for sensitive data collection (10% of 6 TB) = 861.25 GB +Disk Space. + +Additional Server Requirements + +The following are additional requirements for the server: + +- .NET Framework 4.7.2 Installed + + **NOTE:** .NET Framework 4.7.2 can be downloaded from the link in the Microsoft + [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) + article. + +- Remote Registry Service enabled + + **NOTE:** The Remote Registry Service only needs to be enabled when running Applet Mode or Proxy + Mode with Applet scans. + +Sensitive Data Discovery Auditing + +The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the server. The JDK +deployed is prepackaged and does not require any configuration. It will not conflict with other JDKs +or Java Runtimes in the same environment. + +See the following topics for additional information, based on the type of proxy mode you plan to +use: + +- Proxy Mode with Applet + + - [Proxy Mode with Applet Permissions](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeappletpermissions.md) + - [Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeappletports.md) + +- Proxy Mode as a Service + + - [Proxy Mode as a Service Permissions](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeservicepermissions.md) + - [Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeserviceports.md) diff --git a/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeservicepermissions.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeservicepermissions.md new file mode 100644 index 0000000000..d9e49075e3 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeservicepermissions.md @@ -0,0 +1,84 @@ +# Proxy Mode as a Service Permissions + +When File System scans are run in proxy mode as a service, there are two methods available for +deploying the service: + +- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be + installed on the Windows proxy servers prior to executing the scans. This is the recommended + method. +- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the + Windows proxy server when the job is executed + +The data collection processing is conducted by the proxy server where the service is running and +leverages a local mode-type scan to each of the target hosts. The final step in data collection is +to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to +the Access Analyzer Console server. + +The secure communication is configured during the installation of the service on the proxy server. +The credential provided for the secure communications in the installation wizard is also added to +the Access Analyzer Connection Profile assigned to the File System Solution. + +File System Proxy Service Credentials + +The service can be run either as LocalSystem or with a domain account supplied during the +installation of the File System Proxy Service with the following permission on the proxy server: + +- Membership in the local Administrators group +- Granted the Log on as a service privilege (**Local Security Policies** > **Local Policies** > + **User Rights Assignment** > **Log on as a service**) +- If running FSAC, the service account in the credential profile requires access to the admin share + (for example, `C$`) where the `sbtfilemon.ini` file exists + +Additionally, the credential must have `WRITE` access to the `…\StealthAUDIT\FSAA` folder in the +installation directory. + +Windows File Server Target Host Credentials + +Configure the credential(s) with the following rights on the Windows host(s): + +- Group membership in both of the following local groups: + - Power Users + - Backup Operators +- Granted the “Backup files and directories” local policy privilege + +For Windows Server target hosts, the credential also requires: + +- Granted the "Network access: Restrict clients allowed to make remote calls to SAM" Local + Policies > Security Options privilege + +In order to collect data on administrative shares and local policies (logon policies) for a Windows +target, the credential must have group membership in the local Administrators group. + +Sensitive Data Discovery Auditing Consideration + +Sensitive Data Discovery Auditing scans require .NET Framework 4.7.2 or later. If running Sensitive +Data Discovery (SDD) scans, it will be necessary to increase the minimum amount of RAM. Each thread +requires a minimum of 2 additional GB of RAM per host.. By default, SDD scans are configured to run +two concurrent threads. For example, if the job is configured to scan 8 hosts at a time with two +concurrent SDD threads, then an extra 32 GB of RAM are required (8x2x2=32). + +Secure Proxy Communication Considerations + +For secure proxy communication via https, a credential is supplied during installation to provide +secure communications between the Access Analyzer server and the proxy server. This credential must +be a domain account, but no additional permissions are required. It is recommended to use the same +domain account configured to run the proxy service as a credential in the Connection Profile to be +used by the File System Solution + +Secure Proxy Communication and Certificate Exchange + +For Proxy Mode as a Service Scans, the certificate exchange mechanism and certificate exchange port +must be configured via the File System Access Auditing Data Collector Wizard prior to executing a +scan. See the +[FSAA Applet Certificate Management Overview](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/certificatemanagement.md) +topic for additional information. + +Access Analyzer Connection Profile + +When running Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans, the credentials +within the Connection Profile assigned to the File System scans must be properly configured as +explained above. Also the firewall rules must be configured to allow for communication between the +applicable servers. + +See the [Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeserviceports.md) topic for firewall +rule information. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-service-ports.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeserviceports.md similarity index 100% rename from docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/proxy-mode-service-ports.md rename to docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeserviceports.md diff --git a/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md new file mode 100644 index 0000000000..f793af57df --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md @@ -0,0 +1,110 @@ +# File System Scan Options + +Required permissions on the targeted file system are dependent upon not only the type of environment +targeted but also the mode in which the data collection scan is executed. There are three primary +types of scan modes: local, applet, or proxy. The proxy mode can be conducted via applet deployment, +or via running as a service (installed in advance). + +For the purpose of this document, “applet” refers to the runtime deployment of the +`FSAAAppletServer.exe` to either the target host (applet mode scans) or the proxy host (proxy mode +with applet scans) via Microsoft Task Scheduler. A “proxy” host is any host which can be leveraged +for running File System scans against target hosts. + +## Local Mode + +When File System scans are run in local mode, it means all of the data collection processing is +conducted by the Access Analyzer Console server across the network. The data is collected in the +SQLite database(s), or Tier 2 database(s), on the Access Analyzer Console server, and then imported +into the Access Analyzer database, or Tier 1 database, on the SQL Server. + +![Illustrates the Enterprise Auditor server running the scan against a file server](/img/product_docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmode.webp) + +The diagram illustrates the Access Analyzer server running the scan against a file server. + +See the following topics for additional information: + +- [Local Mode Permissions](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmodepermissions.md) +- [Local Mode Port Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmodeports.md) + +## Applet Mode + +**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials +for network authentication” must be disabled in order for the applet to start. + +When File System scans are run in applet mode, it means the File System applet is deployed to the +target host when the job is executed to conduct data collection. However, the applet can only be +deployed to a server with a Windows operating system. The data is collected on the Windows target +host where the applet is deployed. The final step in data collection is to compress and transfer the +data collected in the SQLite database(s), or Tier 2 database(s), back to the Access Analyzer Console +server. If the target host is a NAS device, the File System scans will default to local mode for +that host. + +![Illustrates the Enterprise Auditor server sending an FSAA applet to a targeted Windows file server, which runs the scan against locally, and then returns data to the Enterprise Auditor server](/img/product_docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmode.webp) + +The diagram illustrates the Access Analyzer server sending an FSAA applet to a targeted Windows file +server, which runs the scan against locally, and then returns data to the Access Analyzer server. + +See the following topics for additional information: + +- [Applet Mode Permissions](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmodepermissions.md) +- [Applet Mode Port Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmodeports.md) + +## Proxy Mode with Applet + +**CAUTION:** The local policy, “Network access: Do not allow storage of passwords and credentials +for network authentication” must be disabled in order for the applet to start. + +When File System scans are run in proxy mode with applet, it means the File System applet is +deployed to the Windows proxy server when the job is executed to conduct data collection. The data +collection processing is initiated by the proxy server where the applet is deployed and leverages a +local mode-type scan to each of the target hosts. The final step in data collection is to compress +and transfer the data collected in the SQLite databases, or Tier 2 databases, back to the Access +Analyzer Console server. + +![Diagram of Enterprise Auditor server sending an FSAA applet to a proxy server](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/proxymodewithapplet.webp) + +The diagram illustrates the Access Analyzer server sending an FSAA applet to a proxy server, which +runs the scan against a file server, and then returns data to the Access Analyzer server. + +See the following topics for additional information: + +- [Proxy Mode Server Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeserver.md) +- [Proxy Mode with Applet Permissions](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeappletpermissions.md) +- [Proxy Mode with Applet Port Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeappletports.md) + +## Proxy Mode as a Service + +When File System scans are run in proxy mode as a service, there are two methods available for +deploying the service: + +- Pre-Installed File System Proxy Service – File System Proxy Service installation package must be + installed on the Windows proxy servers prior to executing the scans. This is the recommended + method. +- Ad Hoc File System Proxy Service Deployment – File System Proxy Service is installed on the + Windows proxy server when the job is executed + +The data collection processing is conducted by the proxy server where the service is running and +leverages a local mode-type scan to each of the target hosts. The final step in data collection is +to compress and transfer the data collected in the SQLite databases, or Tier 2 databases, back to +the Access Analyzer Console server. + +The proxy communication is configured during the installation of the service on the proxy server and +certificate exchange options are configured via the Applet Settings page of the File System Access +Auditing Data Collector Wizard. The credential provided for the secure communications in the +installation wizard is also added to the Access Analyzer Connection Profile assigned to the File +System Solution. + +See the [File System Proxy Service Installation](/docs/accessanalyzer/12.0/install/filesystemproxy/wizard.md) topic +for additional information. + +![Diagram of Enterprise Auditor server communicating securely with the proxy service on a proxy server](/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp) + +The diagram illustrates the Access Analyzer server communicating securely with the proxy service on +a proxy server, which runs the scan against a file server, collecting the data locally and securely. +Then the proxy service returns data securely to the Access Analyzer server. + +See the following topics for additional information: + +- [Proxy Mode Server Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeserver.md) +- [Proxy Mode as a Service Permissions](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeservicepermissions.md) +- [Proxy Mode as a Service Port Requirements](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/proxymodeserviceports.md) diff --git a/docs/accessanalyzer/12.0/requirements/solutions/sharepoint.md b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint.md new file mode 100644 index 0000000000..09f2f90225 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint.md @@ -0,0 +1,73 @@ +# SharePoint Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +The SharePoint solution can be configured to run without an agent or to use the Access Analyzer +SharePoint Agent. See the [SharePoint Agent Installation](/docs/accessanalyzer/12.0/install/sharepointagent/overview.md) +topic for additional information. + +In addition to these, integration with either the Netwrix Activity Monitor is required for event +activity data to be scanned. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for installation requirements and information on collecting activity data. + +**NOTE:** For Activity Auditing (SPAC) scans, the audit logs generated by SharePoint must be +retained for more days than the number of days between the Access Analyzer scans. + +**_RECOMMENDED:_** When configuring the Netwrix Activity Monitor, select all events to be monitored +in both the Documents and Items section and the List, Libraries, and Site section. + +See the following topics for the SharePoint Agent and the target environment requirements: + +- [SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) +- [SharePoint Support](/docs/accessanalyzer/12.0/requirements/target/sharepoint.md) + +**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for +SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and +provisions it with the required permissions. See the +[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_registerazureappauth.md) topic for +additional information. + +## SharePoint Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Extra-Large | Large | Medium | Small | +| ----------- | ------------------------------------------------ | ------------------------------------------------- | ------------------------------------------------- | ----------------------------------------------- | +| Definition | ~5,000 Site Collections or 5+ TB of managed data | ~2,500 Site Collections or 1-5 TB of managed data | ~1,000 Site Collections or 500 GB of managed data | ~100 Site Collections or 100 GB of managed data | +| RAM | 24 GB | 16 GB | 12 GB | 4 GB | +| Cores | 8 CPU | 8 CPU | 4 CPU | 2 CPU | +| Disk Space | 460 GB | 280 GB | 160 GB | 80 GB | + +**NOTE:** If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the +minimum amount of RAM. Each thread requires a minimum of 2 additional GB of RAM per host.For +example, if the job is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are +required (8x2=16). + +Sensitive Data Discovery Auditing Requirement + +**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the +server. The JDK deployed is prepackaged and does not require any configuration; it has been +preconfigured to work with Access Analyzer and should never be customized through Java. It will not +conflict with other JDKs or Java Runtimes in the same environment. + +## SharePoint Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Extra-Large | Large | Medium | Small | +| ------------------------ | ------------------------------------------------ | ------------------------------------------------- | ------------------------------------------------- | ----------------------------------------------- | +| Definition | ~5,000 Site Collections or 5+ TB of managed data | ~2,500 Site Collections or 1-5 TB of managed data | ~1,000 Site Collections or 500 GB of managed data | ~100 Site Collections or 100 GB of managed data | +| RAM | 64 GB | 32 GB | 16 GB | 8 GB | +| Cores | 16 CPU | 12 CPU | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | 160 GB | 160 GB | +| SQL Database Disk | 500 GB | 320 GB | 240 GB | 100 GB | +| SQL Transaction Log Disk | 120 GB | 100 GB | 80 GB | 40 GB | +| SQL TEMP DB Disk | 320 GB | 240 GB | 160 GB | 80 GB | diff --git a/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentlesspermissions.md b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentlesspermissions.md new file mode 100644 index 0000000000..c3c76cd785 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentlesspermissions.md @@ -0,0 +1,61 @@ +# SharePoint Agent-Less Permissions + +When SharePoint agent-less scans are run, it means all of the data collection processing is +conducted by the Access Analyzer Console server across the network. + +The SharePoint agent-less scan architecture requires permissions to be configured on the specified +server: + +- SharePoint Application Server permissions: + + - Membership in the local Backup Operators group + + - This is required so Access Analyzer can read remote registry to identify if the server is + part of the farm, what the server’s role is, and to identify the location of the + SharePoint configuration database. + + - Membership in the local WSS_WPG group + + - This is required to gain read access to system resources used by Microsoft SharePoint + Foundation. + +- SharePoint Farm permissions: + + - Membership in the Farm Read group at the farm level + + - This is required so the Access Analyzer auditing account can make calls against the + SharePoint web services to remotely gather information around permissions, site hierarchy, + content and more. + - If the group does not exist already, then you will need to create a new group at that + level and grant it ‘Read’ access. Specifically, it is a group that exists within Central + Administration at the farm administrator level. This group only requires ‘Read’ access and + is not giving farm admin access. Once the group is created, add the service account that + Access Analyzer will be leveraging to scan SharePoint. + +- Web Application permissions: + + - Custom Role with Site Collection Auditor at the web application level with the Open Items + permission + + - This is needed for Access Analyzer to execute web service calls against Central + Administration. + +- SharePoint Database Server permissions: + + - SPDataAccess on the on the SharePoint Content database and all Configuration databases + + - This permission should be applied on the desired Configuration database and all Content + databases for the SharePoint version. + - This version-specific permission is required for Access Analyzer to execute read + operations directly against the SharePoint databases, gather information from the + configuration database regarding the names and locations of the web applications and + content databases, and give read access around sites, roles, and users. + +- MySites permissions are based on the SharePointAccess Data Collector configuration option: + + - Forcing the service account to become a temporary admin of the personal sites either as the + service account or as a member of the Company Administrators group requires SharePoint Farm + Administrator role or Site Collection Auditor at the web application housing MySites. + - The skipping inaccessible personal sites option will only scan sites where the service account + has administrative access. It requires the service account to be provisioned prior to the scan + to scan OneDrives / personal sites. diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agentless-ports.md b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentlessports.md similarity index 100% rename from docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agentless-ports.md rename to docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentlessports.md diff --git a/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentpermissions.md b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentpermissions.md new file mode 100644 index 0000000000..cc0c5d5a91 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentpermissions.md @@ -0,0 +1,249 @@ +# SharePoint Agent Permissions + +When Access Analyzer SharePoint scans are run in agent-based mode, the Access Analyzer SharePoint +Agent must be installed on the SharePoint Application server which hosts the Central Administration +component prior to executing the scans. This is typically the first server stood up during the +SharePoint farm installation process in this mode. The data collection processing is conducted by +the SharePoint Agent for the target environment. The final step in data collection is to transfer +the data collected in the SQLite databases, or Tier 2 databases, on the Access Analyzer SharePoint +Agent server back to the Access Analyzer Console server. + +The Access Analyzer SharePoint Agent needs to be installed on the: + +- SharePoint Application server hosting the Central Administration component + + - SharePoint® 2013 through SharePoint® 2019 + - Windows® Server 2016 through Windows® Server 2022 + +Additional Server Requirements + +The following are additional requirements for the Access Analyzer SharePoint Agent server: + +- .NET Framework 4.8 installed +- Port Sharing network feature + +Sensitive Data Discovery Auditing Requirement + +**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the +server. The JDK deployed is prepackaged and does not require any configuration; it has been +preconfigured to work with Access Analyzer and should never be customized through Java. It will not +conflict with other JDKs or Java Runtimes in the same environment. + +If running Sensitive Data Discovery (SDD) scans, it will be necessary to increase the minimum amount +of RAM. Each thread requires a minimum of 2 additional GB of RAM per host. For example, if the job +is configured to scan 8 hosts at a time , then an extra 16 GB of RAM are required (8x2=16). + +## Permissions Explained + +If limited provisioning of the service account is not required by the organization, then the +following permissions are sufficient for successful agent-based scans: + +- Membership in the local Administrator group on the on server where the Access Analyzer SharePoint + Agent is installed + + - Only needed for agent installation + +- SharePoint Application Server permissions: + + - Membership in the local Backup Operators group + + - This is required so Access Analyzer can read remote registry to identify if the server is + part of the farm, what the server’s role is, and to identify the location of the + SharePoint configuration database + + - Membership in the local WSS_WPG group + + - This is required to gain read access to system resources used by Microsoft SharePoint + Foundation + + - Log on as a Service in the Local Security Policy + - Full Control on the agent install directory, default path is: + + `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` + +- SharePoint Farm permissions: + + - Membership in the Farm Read group at the farm level + + - This is required so the Access Analyzer auditing account can make calls against the + SharePoint web services to remotely gather information around permissions, site hierarchy, + content and more + - If the group does not exist already, then you need to create a new group at that level and + grant it Read access. Specifically, it is a group that exists within Central + Administration at the farm administrator level. This group only requires Read access and + is not giving farm admin access. Once the group is created, add the service account that + Access Analyzer will be leveraging to scan SharePoint. + +- Web Application permissions: + + - Custom Role with Site Collection Auditor at the web application level with the Open Items + permission + + - This is needed for Access Analyzer to execute web service calls against Central + Administration + +- SharePoint Database Server permissions: + + - SPDataAccess on the SharePoint Content database and all Configuration databases + + - This permission should be applied on the desired Configuration database and all Content + databases for the SharePoint version + - This version-specific permission is required for Access Analyzer to execute read + operations directly against the SharePoint databases, gather information from the + configuration database regarding the names and locations of the web applications and + content databases, and give read access around sites, roles, and users + +- DB_Owner on Access Analyzer database if using Windows Authentication for the Storage Profile +- MySites permissions are based on the SharePointAccess Data Collector configuration option: + + - Forcing the service account to become a temporary admin of the personal sites either as the + service account or as a member of the Company Administrators group requires SharePoint Farm + Administrator role or Site Collection Auditor at the web application housing MySites + - The skipping inaccessible personal sites option only scans sites where the service account has + administrative access + - This grants Access Analyzer rights to scan MySites + +Additional permission models are explained for a less and least permission model. + +## SharePoint Agent-Based Less Privilege Permission Model + +If restricted permissions are desired by the organization, then the following permissions are needed +for the service account to successfully run SharePoint Agent-based scans. + +Prior to installation of the SharePoint Agent, the service account to be supplied during +installation and later used to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing +scans against the targeted SharePoint environment needs the following permissions: + +- Log on as a Service in the Local Security Policy +- Membership in the local IIS_IUSRS group +- Performance Log Users (for Sensitive Data Discovery only) + +After the SharePoint Agent installation, this service account needs the following additional +permissions to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing scans: + +- Site Collection Administrator on all Site Collections to be scanned +- Membership in the local Users group on the server where the SharePoint Agent is installed +- DB_Owner on Access Analyzer database if using Windows Authentication for the Storage Profile + +If the scans include Web Application scoping, then the following permissions are needed (can be +skipped if running full farm scans): + +- Membership in the local Backup Operators group +- Membership in the local WSS_WPG group +- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Configuration database + +After the Access Analyzer SharePoint Agent is installed, ensure that the service account has the +following permissions: + +- Full Control on the agent install directory, default path is: + + `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` + +The Access Analyzer SharePoint Agent utilizes Microsoft APIs. The Microsoft APIs require an account +with the following permissions in order to collect all of the data: + +- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Content databases +- WSS_CONTENT_APPLICATION_POOLS on the SharePoint Configuration database + +**NOTE:** If scans include Web Application scoping, this last permission requirement is already met. + +## SharePoint Agent-Based Least Privilege Permission Model + +If a least privilege model is required by the organization, then the following permissions are +needed for the service account to successfully run SharePoint Agent-based scans. + +Prior to installation of the SharePoint Agent, the service account to be supplied during +installation and later used to run the Access Auditing (SPAA) and Sensitive Data Discovery Auditing +scans the targeted SharePoint environment needs the following permissions: + +- Log on as a Service in the Local Security Policy +- Service Account SID added to the `SMSvcHost.exe.config` file +- Performance Log Users (for Sensitive Data Discovery only) + +After the SharePoint Agent installation, this service account needs the following additional +permissions to run the Access Auditing (SPAA) scans: + +- Site Collection Administrator on all Site Collections to be scanned +- Membership in the local Users group on the server where the SharePoint Agent is installed +- DB_Owner on Access Analyzer database if using Windows Authentication for the Storage Profile + +If the scans include Web Application scoping, then the following permissions are needed (can be +skipped if running full farm scans): + +- READ Access on the following registry keys: + + - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg` + - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowPaths` + - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowExactPaths` + - For SharePoint 2013: + + - `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\Secure` + - `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\Secure\ConfigDB` + +- DB_DataReader on the SharePoint Configuration database +- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Configuration + database: + + - `proc_getObject` + - `proc_getObjectsByClass` + - `proc_getObjectsByBaseClass` + - `proc_getDependentObjectsByBaseClass` + - `proc_ReturnWebFeatures` + +After the Access Analyzer SharePoint Agent is installed, ensure that the service account has the +following permissions: + +- Full Control on the agent install directory, default path is: + + `C:\Program Files\STEALTHbits\StealthAUDIT\SPAA` + +The Access Analyzer SharePoint Agent utilizes Microsoft APIs. The Microsoft APIs require an account +with the following permissions in order to collect all of the data: + +- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Configuration + database: + + - `proc_getObject` + - `proc_getObjectsByClass` + - `proc_getObjectsByBaseClass` + - `proc_getDependentObjectsByBaseClass` + - `proc_ReturnWebFeatures` + + **NOTE:** The above four stored procedures would already have the correct permissions if Web + Application scoping is desired. + + - `[dbo].proc_getSiteName` + - `[dbo].proc_getSiteMap` + - `[dbo].proc_getSiteMapById` + +- DB_DataReader on the SharePoint Content databases and SharePoint AdminContent database, if + applicable +- `'GRANT EXECUTE'` permissions on the following stored procedures in the SharePoint Content + databases and SharePoint AdminContent database (if applicable): + + - `[dbo].proc_EnumLists` + - `[dbo].proc_GetTpWebMetaDataAndListMetaData` + - `[dbo].proc_GetListMetaDataAndEventReceivers` + - `[dbo].proc_GetSiteProps` + - `[dbo].proc_GetListWebParts` + - `[dbo].proc_GetWebFeatureList` + - `[dbo].proc_GetListFields` + - `[dbo].proc_GetDocsMetaInfo` + - `[dbo].proc_GetDocIdUrl` + - `[dbo].proc_ListChildWebs` + - `[dbo].proc_ListChildWebs` + - `[dbo].proc_ListUrls` + - `[dbo].proc_ListChildWebs` + - `[dbo].proc_SecListAllSiteMembers` + - `[dbo].proc_SecRefreshToken` + - `[dbo].proc_SecListSiteGroups` + - `[dbo].proc_SecListSiteGroupMembership` + - `[dbo].proc_SecGetRoleDefs` + - `[dbo].proc_SecListSiteGroups` + - `[dbo].proc_SecListScopeUsers` + - `[dbo].proc_SecListScopeGroups` + - `[dbo].proc_SecAddWebMembership` + - `[dbo].proc_SecGetSecurityInfo` + - `[dbo].proc_SecGetPrincipalByLogin` + - `[dbo].proc_SecGetPrincipalDisplayInformation20` + - `[dbo].proc_SecGetRoleBindingsForAllPrincipals` diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agent-ports.md b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentports.md similarity index 100% rename from docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/agent-ports.md rename to docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentports.md diff --git a/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/onlinepermissions.md b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/onlinepermissions.md new file mode 100644 index 0000000000..6457390c65 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/onlinepermissions.md @@ -0,0 +1,62 @@ +# SharePoint Online Permissions + +SharePoint Online environments can only be scanned in Agent-less mode. When SharePoint agent-less +scans are run, it means all of the data collection processing is conducted by the Access Analyzer +Console server across the network. + +## Modern Authentication + +The SharePoint agent-less scan architecture uses modern authentication in the target environment: + +Tenant Global Administrator Role + +- Tenant Global Administrator role is required to provision the application + + - Modern authentication enables Access Analyzer to scan SharePoint Online and all OneDrives in + the target environment + +Permissions for Microsoft Graph APIs + +- Application Permissions: + + - Application.Read.All – Read all applications + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + - Domain.Read.All – Read domains + - Files.Read.All – Read files in all site collections + - GroupMember.Read.All – Read all group memberships + - InformationProtectionPolicy.Read.All – Read all published labels and label policies for an + organization + - Member.Read.Hidden – Read all hidden memberships + - Organization.Read.All – Read organization information + - OrgContact.Read.All – Read organization contact + - Policy.Read.All – Read your organization's policies + - Policy.Read.ConditionalAccess – Read you organization's conditional access policies + - Policy.Read.PermissionGrant – Read consent and permission grant policies + - ServiceHealth.Read.All – Read service health + - ServiceMessage.Read.All – Read service messages + - Sites.Read.All – Read items in all site collections + - Team.ReadBasic.All – Get a list of all teamss + - TeamMember.Read.All – Read the members of all teams + +- Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +Permissions for Office 365 Management APIs + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + - ServiceHealth.Read – Read service health information for your organization + +Permissions for SharePoint APIs + +- Application Permissions: + + - Sites.FullControl.All – Have full control of all site collections + - Sites.Read.All – Read items in all site collections + - TermStore.Read.All – Read managed metadata + - User.Read.All – Read user profiles diff --git a/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/online-ports.md b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/onlineports.md similarity index 100% rename from docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/online-ports.md rename to docs/accessanalyzer/12.0/requirements/solutions/sharepoint/onlineports.md diff --git a/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md new file mode 100644 index 0000000000..ddc2da64d0 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md @@ -0,0 +1,48 @@ +# SharePoint Scan Options + +Required permissions on the targeted SharePoint environment are dependent upon not only the type of +environment targeted but also the type of data collection scan being executed. There are two types +of Access Auditing (SPAA) and/or Sensitive Data Discovery Auditing scans: agent-based and +agent-less. The Activity Auditing (SPAC) scans run as agent-less scans from Access Analyzer, but +they require the Netwrix Activity Monitor to have an activity agent deployed in the target +environment. + +## Agent-Based Type + +When Access Analyzer SharePoint scans are run in agent-based mode, the Access Analyzer SharePoint +Agent must be installed on the SharePoint Application server which hosts the Central Administration +component prior to executing the scans. This is typically the first server stood up during the +SharePoint farm installation process in this mode. The data collection processing is conducted by +the SharePoint Agent for the target environment. The final step in data collection is to transfer +the data collected in the SQLite databases, or Tier 2 databases, on the Access Analyzer SharePoint +Agent server back to the Access Analyzer Console server. + +**NOTE:** Agent-based scans can only target on-premise environments. + +See the following topics for additional information: + +- [SharePoint Agent Permissions](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentpermissions.md) +- [SharePoint Agent Ports](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentports.md) + +## Agent-Less Type + +When SharePoint agent-less scans are run, it means all of the data collection processing is +conducted by the Access Analyzer Console server across the network. + +**NOTE:** Agent-less scans can target both on-premise and online environments. This is the only scan +mode that can run Activity Auditing (SPAC) scans. + +For Activity Auditing (SPAC) scans, target the server where the Netwrix Activity Monitor has a +deployed activity agent. + +See the following topics for additional information: + +- SharePoint Online + + - [SharePoint Online Permissions](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/onlinepermissions.md) + - [SharePoint Online Ports](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/onlineports.md) + +- SharePoint On-Premise + + - [SharePoint Agent-Less Permissions](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentlesspermissions.md) + - [SharePoint Agent-Less Ports](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/agentlessports.md) diff --git a/docs/accessanalyzer/12.0/requirements/solutions/unix.md b/docs/accessanalyzer/12.0/requirements/solutions/unix.md new file mode 100644 index 0000000000..e1e3a17021 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/unix.md @@ -0,0 +1,36 @@ +# Unix Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +See the [Target Unix Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/unix.md) topic for target +environment requirements. + +## Unix Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ------ | -------------- | +| RAM | 8+ GB | 4+ GB | +| Cores | 4+ CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Unix Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ------ | -------------- | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/requirements/solutions/windows.md b/docs/accessanalyzer/12.0/requirements/solutions/windows.md new file mode 100644 index 0000000000..b2bcf28db6 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/solutions/windows.md @@ -0,0 +1,37 @@ +# Windows Solution + +The core components for Netwrix Access Analyzer (formerly Enterprise Auditor) are the Access +Analyzer Console server, SQL Server, and Access Information Center. See the +[Requirements](/docs/accessanalyzer/12.0/requirements/overview.md) topic for the core requirements. + +See the +[Target Windows Server and Desktop Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/windows.md) topic +for target environment requirements. + +## Windows Solution Requirements on the Access Analyzer Console + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment: + +| Environment | Large | Medium – Small | +| ----------- | ------ | -------------- | +| RAM | 8+ GB | 4+ GB | +| Cores | 4+ CPU | 2 CPU | +| Disk Space | 30 GB | 30 GB | + +## Windows Solution Requirements on the SQL Server + +RAM, CPU, and Disk Space + +These are dependent upon the size of the target environment. + +| Environment | Large | Medium – Small | +| ------------------------ | ------ | -------------- | +| RAM | 16+ GB | 16+ GB | +| Cores | 8 CPU | 4 CPU | +| Number of Disks | 4 | 4 | +| Operating System Disk | 160 GB | 160 GB | +| SQL Database Disk | 300 GB | 70-120 GB | +| SQL Transaction Log Disk | 80 GB | 50 GB | +| SQL TEMP DB Disk | 160 GB | 100 GB | diff --git a/docs/accessanalyzer/12.0/requirements/target/activedirectorypermissionsanalyzer.md b/docs/accessanalyzer/12.0/requirements/target/activedirectorypermissionsanalyzer.md new file mode 100644 index 0000000000..424278bbf5 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/activedirectorypermissionsanalyzer.md @@ -0,0 +1,49 @@ +# Domain Target Requirements, Permissions, and Ports + +The Access Analyzer for Active Directory Permissions Analyzer Solution is compatible with the +following Active Directory versions as targets: + +- Windows Server 2016 and later +- Windows 2003 Forest level or higher + +**NOTE:** See the Microsoft +[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) +article for additional information. + +Domain Controller Requirements + +The following are requirements for the domain controllers to be scanned: + +- .NET Framework 4.5+ installed +- WINRM Service installed + +Data Collectors + +Successful use of the Access Analyzer Active Directory Permissions Analyzer solution requires the +necessary settings and permissions in a Microsoft® Active Directory® environment described in this +topic and its subtopics. This solution employs the following data collectors to scan the domain: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [ADPermissions Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md) + +## Permissions + +- LDAP Read permissions +- Read on all AD objects +- Read permissions on all AD Objects + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For ADPermissions Data Collector + +- TCP 389 +- TCP 135 – 139 +- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/12.0/requirements/target/aws.md b/docs/accessanalyzer/12.0/requirements/target/aws.md new file mode 100644 index 0000000000..59833babcb --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/aws.md @@ -0,0 +1,50 @@ +# Target Amazon Web Service Requirements, Permissions, and Ports + +The Access Analyzer for AWS Solution provides the ability to audit Amazon Web Services (AWS) to +collect IAM users, groups, roles, and policies, as well as S3 permissions, content, and sensitive +data from target AWS accounts. It scans: + +- Amazon AWS IAM +- Amazon AWS S3 + +Data Collector + +This solution employs the following data collector to scan the target environment: + +- [AWS Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/aws/overview.md) + +## Permissions + +The permissions required to scan an AWS account are based on the type of information being +collected: + +- To collect details about the AWS Organization, the following permission is required: + + - organizations:DescribeOrganization + +- To collect details regarding IAM, the following permissions are required: + + - iam:GenerateCredentialReport + - iam:GenerateServiceLastAccessedDetails + - iam:Get\* + - iam:List\* + - iam:Simulate\* + - sts:GetAccessKeyInfo + +- To collect details related to S3 buckets and objects, the following permissions are required: + + - s3:Describe\* + - s3:Get\* + - s3:HeadBucket + - s3:List\* + +This provides a least privilege model for your auditing needs. See the +[Configure AWS for Scans](/docs/accessanalyzer/12.0/requirements/target/config/aws.md) topic for additional information. + +## Ports + +The following firewall ports are needed: + +For AWS Data Collector + +- 443 diff --git a/docs/accessanalyzer/12.0/requirements/target/box.md b/docs/accessanalyzer/12.0/requirements/target/box.md new file mode 100644 index 0000000000..26f8251af9 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/box.md @@ -0,0 +1,64 @@ +# Target Box Requirements, Permissions, and Ports + +The Access Analyzer for Box scans: + +- Box for Business + +Box Requirements + +The following are requirements from the target environment: + +- Enterprise_ID of the target Box environment + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [Box Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/box/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For Box Data Collection + +Box scans require the Enterprise Admin or Co-Admin account credentials to generate an authorization +code. The following can be used as a least privilege model: + +- Enterprise Admin account +- Co-Admin account with the permission to **Run new reports and access existing reports** enabled + + - See the Box + [Co-Admin Permissions Required to Run Reports](https://support.box.com/hc/en-us/articles/15518640907283-Co-Admin-Permissions-Required-to-Run-Reports) + article for details on enabling this permission + +**NOTE:** Scans run with Co-Admin account credentials will complete. However, the data returned from +the scan might not include content owned by the Enterprise Admin account. + +See the [Recommended Configurations for the Box Solution](/docs/accessanalyzer/12.0/solutions/box/recommended.md) topic +for additional information. + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For Box Data Collector + +- TCP 80 +- TCP 443 diff --git a/docs/accessanalyzer/12.0/requirements/target/config/aws.md b/docs/accessanalyzer/12.0/requirements/target/config/aws.md new file mode 100644 index 0000000000..29773d678a --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/config/aws.md @@ -0,0 +1,211 @@ +# Configure AWS for Scans + +In order to scan multiple AWS accounts using one account you need to create a role in each target +account, so that It can provide the designated scanning account permissions to scan resources it +controls. This is achieved through the following steps which will need to be completed leveraging a +user with administrative access to each target account: + +**Step 1 –** Create a Managed Policy in each target account that will be used to allow access to +account (S3, Org and IAM). + +**Step 2 –** Create a Role in each target account that will be used to allow access to listing IAM +users. + +**Step 3 –** Create a Managed Policy in the designated scanning account that will be used to allow +the service account to assume the configured role in each target account. + +**Step 4 –** Add Role to Access Analyzer. The Role created in the scanning account will need to be +added to the **1-AWS_OrgScan**, **2-AWS_S3Scan**, and **3-AWS_IAMScan** job query configurations. +See the [AWS: Login Roles](/docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.md) topic for additional +information. + +Once these steps are completed, the role must be added to the AWS queries within Access Analyzer. + +## Create a Managed Policy in Each Target Account + +The following steps will need to be completed in each target account. + +**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the +Trusting account. + +![Create policy in Identity and Access Management (IAM) Console](/img/product_docs/accessanalyzer/12.0/requirements/target/config/policies.webp) + +**Step 2 –** Browse to the Identity and Access Management (IAM) Console. Navigate to **Policies** +and click **Create policy**. + +![JSON tab in the Policy editor](/img/product_docs/accessanalyzer/12.0/requirements/target/config/jsontabpolicies.webp) + +**Step 3 –** Select the **JSON** tab. + +**Step 4 –** Paste the following: + +``` +{ +    "Version": "2012-10-17", +    "Statement": [ +        { +            "Sid": "CapabilityIamScan", +            "Effect": "Allow", +            "Action": [ +                "iam:GenerateCredentialReport", +                "iam:GenerateServiceLastAccessedDetails", +                "iam:Get*", +                "iam:List*", +                "iam:Simulate*", +        "sts:GetAccessKeyInfo" +            ], +            "Resource": "*" +        }, +        { +            "Sid": "CapabilityS3Scan", +            "Effect": "Allow", +            "Action": [ +                "s3:Describe*", +                "s3:Get*", +                "s3:HeadBucket", +                "s3:List*" +            ], +            "Resource": "*" +        } +    ] +} +``` + +**Step 5 –** Click **Review Policy**. + +**Step 6 –** Enter a name for the policy in the **Name** box. + +![Review policy page](/img/product_docs/accessanalyzer/12.0/requirements/target/config/reviewpolicy.webp) + +**Step 7 –** Click **Create Policy**. + +**NOTE:** If the designated scanning account is not in Root (Master Account), create a second policy +in the Master Account with the following JSON definition: + +[Copy](javascript:void(0);) + +``` +{ +    "Version": "2012-10-17", +    "Statement": [ +        { +            "Sid": "RequiredCapabilityOrgScan", +            "Effect": "Allow", +            "Action": [ +                "iam:GenerateOrganizationsAccessReport", +                "organizations:Describe*", +                "organizations:List*" +            ], +            "Resource": "*" +        } +    ] +} +``` + +The next step is to create a role in each target account that will be used to allow access to +listing IAM users. + +## Create a Role in Each Target Account + +The following steps will need to be completed in each target account. For this, you will need the +Account ID of the designating scanning account. + +**NOTE:** If the scanning account is also a target account, be sure to complete these steps for the +scanning account as well. + +**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the +target account. + +![Create role in Identity and Access Management (IAM) Console](/img/product_docs/accessanalyzer/12.0/requirements/target/config/roles.webp) + +**Step 2 –** Navigate to **Access management** > **Roles** and click **Create role**. + +![Create role page Another AWS account option](/img/product_docs/accessanalyzer/12.0/requirements/target/config/createrole.webp) + +**Step 3 –** Select the **Another AWS Account** option and add the Account ID of the scanning +account that will be leveraged within Access Analyzer. + +**Step 4 –** Click **Next: Permissions**. + +![Add policies to role](/img/product_docs/accessanalyzer/12.0/requirements/target/config/policiesadd.webp) + +**Step 5 –** Add the policy or policies created earlier in this topic to this role. + +**Step 6 –** Click **Next: Tags**. + +**Step 7 –** Click **Next: Review**. + +![Create role Review page](/img/product_docs/accessanalyzer/12.0/requirements/target/config/reviewrole.webp) + +**Step 8 –** Enter a **Role name**. + +**Step 9 –** Click **Create Role**. + +The next step is to create a Managed Policy in the designated scanning account that will be used to +allow the service account to assume the configured role in each target account. + +## Configure the Scanning Account + +Create a Managed Policy in the scanning account that will be used to allow the user to assume the +roles configured in each target account. + +**Step 1 –** Sign into the Identity and Access Management Console (IAM) as an administrator of the +scanning account. + +![Create policy in Identity and Access Management (IAM) Console](/img/product_docs/accessanalyzer/12.0/requirements/target/config/policies.webp) + +**Step 2 –** Navigate to **Access Management** > **Policies** and click **Create policy**. + +![JSON tab in the Policy editor](/img/product_docs/accessanalyzer/12.0/requirements/target/config/jsontabaccount.webp) + +**Step 3 –** Select the **JSON** tab. + +**Step 4 –** Paste the following: + +``` +{ +    "Version": "2012-10-17", +    "Statement": [ +        { +            "Sid": "RequiredCapabilityOrgScan", +            "Effect": "Allow", +            "Action": [ +                "iam:GenerateOrganizationsAccessReport", +                "organizations:Describe*", +                "organizations:List*" +            ], +            "Resource": "*" +        }, +        { +            "Sid": "RequiredCapabilityMemberAccountAccess", +            "Effect": "Allow", +            "Action": "sts:AssumeRole", +            "Resource": "arn:aws:iam::*:role/ROLENAME" +        } +    ] +} +``` + +**NOTE:** Replace `ROLENAME` with the name of the role that was created. If the `ROLENAME` is +different in each account, then a policy will need to be created for each distinct role name. + +**Step 5 –** Click **Review Policy**. + +![Review policy page Name field](/img/product_docs/accessanalyzer/12.0/requirements/target/config/reviewpolicyaccount.webp) + +**Step 6 –** Enter a **Policy Name**. + +**Step 7 –** Click **Create Policy**. + +**Step 8 –** Create a group with the service account user and assign both policies to this group. + +**Step 9 –** Under **Access Management** > **Users**, select the service account user. + +![Security credentials tab](/img/product_docs/accessanalyzer/12.0/requirements/target/config/securitycredentials.webp) + +**Step 10 –** In the Security credentials tab, click **Create access key**. Make sure to note the +Access key ID and Secret access key which need to be input into Access Analyzer. + +You can now create the Connection Profile for the AWS Solution. See the +[Amazon Web Services for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/aws.md) topic +for additional information. diff --git a/docs/accessanalyzer/12.0/requirements/target/config/azurefiles.md b/docs/accessanalyzer/12.0/requirements/target/config/azurefiles.md new file mode 100644 index 0000000000..1fc1671ffb --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/config/azurefiles.md @@ -0,0 +1,92 @@ +# Azure Files Target Requirements + +Azure Files is a fully managed, cloud-based file sharing service from Microsoft that allows users to +access file shares from anywhere as a virtual network drive. Access Analyzer uses the File System +solution to execute Access Auditing (FSAA) and Sensitive Data Discovery Auditing scans on Azure +Files. + +Before the File System solution can perform scans for Azure Files, the following prerequisites are +required both in Access Analyzer and the Azure environments: + +- [Create Host List](#create-host-list) +- [Configure Connection Profile](#configure-connection-profile) +- [Job and Query Configuration](#job-and-query-configuration) + +## Create Host List + +A host list containing the desired target Azure hosts must be created and assigned to the collection +jobs. You can create the host list with either of the following two methods: + +- Use the FS_AzureTenantScan instant job to create the host list automatically. See the + [FS_AzureTenantScan Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/fs_azuretenantscan.md) topic for + additional information. +- Manually add hosts to a host list in the following format: + + `.file.core.windows.net` + + See the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) topic for additional + information. + +## Configure Connection Profile + +The Access Analyzer connection profile requires two or more credentials depending on the amount of +storage accounts being targeted. It requires an active directory account with rights to run the +applet, and credentials for each storage account. These should be configured as follows: + +- Account for running applet + + - Select Account type – Active Directory + - Provide the credentials for an account with the privileges to run the FSAA applet. See the + [File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic for additional + information on the required permissions. + +- Accounts for storage accounts + + - Select Account Type – Azure Active Directory + + ![Storage account name and Connection string in Azure](/img/product_docs/accessanalyzer/12.0/requirements/target/config/accesskeys.webp) + + - Client ID – The name of the storage account + + - For example, if the target is `files.file.core.windows.net` then the Client ID should be + `files`. It is not case sensitive. + + - Key – Connection string value for access keys on the storage account + + If you are targeting multiple storage accounts, a user credential of this type is required for + each storage account. + +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional +information. + +## Job and Query Configuration + +Azure Files scans require the following configuration of the job and query performing the scan. + +### Jobs Targeting Azure Files + +For FSAA and SEEK scans targeting Azure Files storage accounts, you must clear the **Skip Hosts that +do not respond to PING** option in the job properties. + +![Skip Hosts option on Performance tab of the Job Properties window](/img/product_docs/accessanalyzer/12.0/requirements/target/config/skiphostsoption.webp) + +Right-click on the required scan job in the Jobs tree, and select **Properties** to open the Job +Properties window. Navigate to the Performance tab, and ensure the **Skip Hosts that do not respond +to PING** option is not selected. See the +[Job Properties](/docs/accessanalyzer/12.0/admin/jobs/job/properties/overview.md) and +[Performance Tab](/docs/accessanalyzer/12.0/admin/jobs/job/properties/performance.md) topics for additional +information. + +### Query Configuration Considerations + +Last Access Time (LAT) preservation is not supported for Azure Files scans. This option must not be +selected in the query for the FSAA or SEEK scan job. + +![Last Access Time (LAT) preservation option in FSAA DC wizard](/img/product_docs/accessanalyzer/12.0/requirements/target/config/latpreservationoption.webp) + +The **Last Access Time (LAT) preservation** option is located on the Default Scoping Options page of +the File System Access Auditor Data Collector Wizard. See the +[Configure the (FSAA) File System Scan Query](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa_system_scans.md#configure-the-fsaa-file-system-scan-query) +or +[Configure the (SEEK) File System Scan Query](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek_system_scans.md#configure-the-seek-file-system-scan-query) +topic for additional information. diff --git a/docs/accessanalyzer/12.0/requirements/target/config/azureinformationprotection.md b/docs/accessanalyzer/12.0/requirements/target/config/azureinformationprotection.md new file mode 100644 index 0000000000..443c67f483 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/config/azureinformationprotection.md @@ -0,0 +1,224 @@ +# Azure Information Protection Target Requirements + +Microsoft® Azure is a cloud-based computing platform that provides a range of services, such as +file storage. Azure uses Azure Information Protection (AIP) labels, a Microsoft tool used to +classify and protect stored files. Access Analyzer employs the File System Solution to execute +Access Auditing (FSAA) and/or Sensitive Data Discovery Auditing scans in order to find AIP +Protection labels and scan protected (i.e. encrypted) files for sensitive data. + +This document provides information needed to properly configure access required by Access Analyzer +to successfully scan for Azure Information Protection labels in a targeted environment. + +**NOTE:** Access Analyzer does not scan for AIP Marking labels, only Protection labels. + +## Workflow for Scanning AIP Labels + +Before the Access Analyzer File System solution can scan for Azure Information Protection (AIP) +labels, certain prerequisites are required both in Access Analyzer and Azure environments. + +1. [Rights Management Service Client Installation](#rights-management-service-client-installation) +2. [Create a Service Principal Account using PowerShell](#create-a-service-principal-account-using-powershell) +3. [Enable the Account as an AIP Super User using PowerShell](#enable-the-account-as-an-aip-super-user-using-powershell) +4. [Add User to the AIP Role in Microsoft® Azure](#add-user-to-the-aip-role-in-microsoft-azure) +5. Azure Information Protection Target Requirements +6. Enable settings in FSAA Data Collector in Access Analyzer. + + - See the FileSystemAccess Data Collector section in the + [File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) topic for additional + information + +## Prerequisites + +Ensure the following prerequisites are met before configuring AIP scanning: + +- Microsoft Entra ID Admin credentials +- The PowerShell `Install-Module` command requires: + + - PowerShell 5.0 (Run as Administrator) + - Windows Server 2016and later + +- Active Directory Rights Management Services Client 2.1 installed on the server where the FSAA + applet or proxy is being run + +## Rights Management Service Client Installation + +The Rights Management Service Client must be installed on the applet servers where FSAA is running. +This may be the local Access Analyzer server, a Proxy server, or a File Server running in applet +mode. + +- To install the Rights Management Service Client 2.1 on the server where the scan is taking place, + go to the Microsoft download center: + + [https://www.microsoft.com/en-us/download/details.aspx?id=38396](https://www.microsoft.com/en-us/download/details.aspx?id=38396) + +**_RECOMMENDED:_** Read the System Requirements and Install Instructions provided by Microsoft to +complete the installation. + +## Create a Service Principal Account using PowerShell + +Follow the steps to create a service principal account with a symmetric key to connect to AIP: + +**NOTE:** All PowerShell commands should be run in order through PowerShell as an Admin. + +**Step 1 –** Open up PowerShell (Administrator). + +**Step 2 –** Install and import MsOnline module: + +``` +Install-Module MsOnline +Import-Module MsOnline +``` + +**Step 3 –** Connect to Azure with the `Connect-MsolService` command. Enter the Azure credentials in +the **Sign in to your account** window that displays from Microsoft. + +**Step 4 –** Once successfully connected to Azure, create a service principal with the following +command: + +``` +New-MsolServicePrincipal +``` + +> Enter the **DisplayName** of the new service principal name. (For example, AIP_EnterpriseAuditor) + +**Step 5 –** Take note and save the **Symmetric Key** and **AppPrincipalID** to be used in later +steps. + +**CAUTION:** Do not lose the symmetric key. It is not retrievable again once the PowerShell window +is closed. + +The service principal account with the proper key has been created. + +## Enable the Account as an AIP Super User using PowerShell + +Follow the steps to enable the Service Principal Account in AIP as a Super User: + +**NOTE:** All PowerShell commands should be run in order through PowerShell as an Admin. + +**Step 1 –** In PowerShell, install Microsoft Azure Active Directory Rights Manager (AIPService) +module: + +``` +Install-Module AIPService +Import-Module AIPService +``` + +**Step 2 –** Connect to Azure using the `Connect-AIPService` command and supply Azure credentials in +the **Sign in to your account** window that displays from Microsoft. + +**Step 3 –** Add the service principal to the Azure AD Rights Management service super users, using +the AppPrincipalID saved from the steps in the +[Create a Service Principal Account using PowerShell](#create-a-service-principal-account-using-powershell) +section: + +``` +Add-AipServiceSuperUser-ServicePrincipalID +``` + +**Step 4 –** Enable the DisplayName account using the following command: + +``` +Enable-AIPServiceSuperUserFeature +``` + +The Service Principal Account is now added to the Rights Management service as a Super User, and the +Super User feature is enabled. + +## Add User to the AIP Role in Microsoft® Azure + +In Microsoft Azure, add the Account to the Azure Information Protection Administrator Role. + +**Step 1 –** Log into **http://portal.azure.com** with Azure credentials and select **Microsoft +Entra ID** from the list of resources on the left-hand pane. + +**Step 2 –** Navigate to **Roles and Administrators**. On the Administrative Roles page, select the +**Azure Information Protection Administrator** role. + +**Step 3 –** Use the **Add Assignment** button to display the Add assignments pane. Search for the +name of the new service principal account (the **DisplayName** entered in PowerShell) and add it to +the list of assignments. + +The Service Principal Account is now successfully added to the Azure Information Protection +Administrator role. + +## Access Analyzer Configurations + +Before Access Analyzer can scan for AIP labels, two configurations must be done prior to the initial +scan. + +- [Azure Connection Profile ](#azure-connection-profile) +- [Configure FSAA Data Collector](#configure-fsaa-data-collector) + +### Azure Connection Profile + +To collect tags for files protected with Azure Information Protection, an Azure connection profile +must be configured in Access Analyzer before an FSAA scan runs. See the +[Global Settings](/docs/accessanalyzer/12.0/admin/settings/overview.md) topic for additional information on how to +set up a connection profile at the global level. + +**Step 1 –** In Access Analyzer, add a credential for an Azure Active Directory account type to the +existing Connection Profile used for File System scanning. Supply the Client ID field with the +**AppPrincipalID** and the Key field with the **Symmetric key** created upon creation of the new +service principal. + +**Step 2 –** At the job level, apply the connection profile that contains both the Microsoft Entra +ID credential and credentials required for File System scanning under the **Jobs** > [__Job__] > +**Settings** > **Connection** node. + +**Step 3 –** Ensure that the job is configured correctly before running a scan. See the +[Configure FSAA Data Collector](#configure-fsaa-data-collector) topic for additional information. + +An Azure Connection Profile has now been successfully created for an FSAA scan. + +### Configure FSAA Data Collector + +In Access Analyzer, configure the FSAA Data Collector wizard pages to scan files protected by Azure +Information Protection. This can be done for both FSAA System Scans and SEEK System Scans. In the +FSAA Data Collector Wizard, configure the following menus to scan for AIP protection labels: + +For FSAA System Scans: + +- Scan Server Selection – Choose the server that scanning is executed on. Target the server that has + the Rights Management Service Client 2.1 installed where the applet is running. + + - This may be a proxy server, file server (applet mode), or the local Access Analyzer console + depending on scan configuration + +- Scan Settings – Select the **Enable scanning of files protected by Azure Information Protection** + checkbox to add AIP files to the scan criteria +- Azure Tenant Mapping page – Add the **AppPrincipalID** (App ID) and the **Domain Name** or + **Tenant ID** + + _Remember,_ the Azure Tenant Mapping page is only visible when the **Enable scanning of files + protected by Azure Information Protection** checkbox is selected on the Scan Settings page. + +- Default Scoping Options + + - File Details tab – **Include files protected by Azure Information Protection (AIP)** + - File Properties (Folder Summary) – **Include AIP Protected Files** + +- Scoping Options – if needed, scope to a specific subset of resources on a selected host + +For SEEK System Scans: + +- Scan Server Selection – Choose the server that scanning is executed on. Target the server that has + the Rights Management Service Client 2.1 installed where the applet is running. + + - This may be a proxy server, file server (applet mode), or the local Access Analyzer console + depending on scan configuration + +- Scan Settings – Select the **Enable scanning of files protected by Azure Information Protection** + checkbox to add AIP files to the scan criteria +- Azure Tenant Mapping page – Add the **AppPrincipalID** (App ID) and the **Domain Name** or + **Tenant ID** + + _Remember,_ the Azure Tenant Mapping page is only visible when the **Enable scanning of files + protected by Azure Information Protection** checkbox is selected on the Scan Settings page. + +- Scoping Options – if needed, scope to a specific subset of resources on a selected host +- Sensitive Data Settings – Select **Decrypt Files Protected by Azure Information Protection**. This + page only applies for SEEK scans. + +See the FileSystemAccess Data Collector section in the +[File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/overview.md) topic for additional information +on these scoping options. diff --git a/docs/accessanalyzer/12.0/requirements/target/config/azuresqlaccess.md b/docs/accessanalyzer/12.0/requirements/target/config/azuresqlaccess.md new file mode 100644 index 0000000000..9440654c2a --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/config/azuresqlaccess.md @@ -0,0 +1,204 @@ +# Azure SQL Auditing Configuration + +Access Analyzer for Azure SQL relies on the native Azure SQL auditing capabilities to collect and +report on user activity, as well as successful or unsuccessful server or database logon activity. +Azure SQL Auditing supports three different audit log destinations. At present Access Analyzer only +supports storage as the audit log destination. This document describes the necessary permissions +required to configure the Access Analyzer Azure SQL Job Group. + +Access Analyzerfor Azure SQL enables users to create custom roles which allow for differential +access to Access Analyzer. + +Within Access Analyzer for Azure SQL, roles are created specifically to target Azure SQL Databases: + +- Stand-Alone Databases +- Managed Instances +- Elastic Pools + +Role can be largely defined by the scope that particular role possesses. A scope-defined role has +access to, or is limited to all resources in a Management Group, Subscription, Resource Group or +Resource. For example, if all SQL databases reside within a resource group, then the scope can be +restricted to that resource group. If databases reside in different resource groups, then the scope +for the custom role should be at the subscription level. + +This will enable Access Analyzer to discover all the SQL databases present in the subscription. + +## Create a StealthAUDIT Custom Role + +Follow the steps below to create an Azure SQL custom role at the subscription level. + +![Azure Portal - Azure Services](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_1.webp) + +**Step 1 –** Sign in to Azure. Navigate to the Azure Services section and click **Subscriptions**. +This will navigate you to the Pay-As-You-Go page of the Azure Portal. + +**Step 2 –** Locate and click the **Access Control (IAM)** view option blade from the available +subscriptions in the left-hand menu. + +![Azure Portal - Pay as you Go - Access Control (IAM)](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_2.webp) + +**Step 3 –** Click **Add** > Add **Custom Role**. + +**Step 4 –** Create a JSON file using the subscription ID provided by Microsoft Azure (see the +example below) and save it to a local directory. + +```json +{ + "properties": { + "roleName": "StealthAUDIT Azure SQL Role", + "description": "This is a custom role created for use by StealthAUDIT Azure SQL Job Group for Azure SQL Database discovery and auditing", + "assignableScopes": ["/subscriptions/"], + "permissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action", + "Microsoft.Sql/locations/administratorAzureAsyncOperation/read", + "Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*", + "Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*", + "Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*", + "Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*", + "Microsoft.Sql/managedInstances/databases/sensitivityLabels/*", + "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*", + "Microsoft.Sql/managedInstances/securityAlertPolicies/*", + "Microsoft.Sql/managedInstances/databases/transparentDataEncryption/*", + "Microsoft.Sql/managedInstances/vulnerabilityAssessments/*", + "Microsoft.Sql/servers/extendedAuditingSettings/read", + "Microsoft.Sql/servers/databases/auditRecords/read", + "Microsoft.Sql/servers/databases/currentSensitivityLabels/*", + "Microsoft.Sql/servers/databases/dataMaskingPolicies/*", + "Microsoft.Sql/servers/databases/extendedAuditingSettings/read", + "Microsoft.Sql/servers/databases/read", + "Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*", + "Microsoft.Sql/servers/databases/schemas/read", + "Microsoft.Sql/servers/databases/schemas/tables/columns/read", + "Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*", + "Microsoft.Sql/servers/databases/schemas/tables/read", + "Microsoft.Sql/servers/databases/securityAlertPolicies/*", + "Microsoft.Sql/servers/databases/securityMetrics/*", + "Microsoft.Sql/servers/databases/sensitivityLabels/*", + "Microsoft.Sql/servers/databases/transparentDataEncryption/*", + "Microsoft.Sql/servers/databases/vulnerabilityAssessments/*", + "Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*", + "Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*", + "Microsoft.Sql/servers/devOpsAuditingSettings/*", + "Microsoft.Sql/servers/firewallRules/*", + "Microsoft.Sql/servers/read", + "Microsoft.Sql/servers/securityAlertPolicies/*", + "Microsoft.Sql/servers/vulnerabilityAssessments/*", + "Microsoft.Sql/servers/azureADOnlyAuthentications/*", + "Microsoft.Sql/managedInstances/read", + "Microsoft.Sql/managedInstances/azureADOnlyAuthentications/*", + "Microsoft.Security/sqlVulnerabilityAssessments/*", + "Microsoft.Sql/managedInstances/administrators/read", + "Microsoft.Sql/servers/administrators/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/read", + "Microsoft.Sql/servers/auditingSettings/read", + "Microsoft.Sql/servers/databases/auditingSettings/read" + ], + "notActions": [], + "dataActions": [], + "notDataActions": [] + } + ] + } +} +``` + +![Azure SQL Configuration - Create a Custom Role section](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_3.webp) + +**Step 5 –** Once created, click **Start from JSON** in the Azure portal and select the JSON file. +Once that file is chosen, the Review + Create button should be enabled. + +Click **Review + Create** to create the role or click **Next** to review and edit the permissions. +Once the JSON file is opened, the Custom Role Name and Description boxes will be populated +automatically. The name and description of the custom role can be customized if required in this +step. + +![Azure SQL Configuration - Create a Cusotm Role window](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_4.webp) + +**Step 6 –** Click Create. This action will save and finalize a custom role entitled Access Analyzer +Azure SQL Role. + +**Step 7 –** Click OK on the final screen to complete the custom role creation process. The custom +role can now be used to register the Access Analyzer application within the Azure portal. + +**NOTE:** Depending upon the number of resources in the Azure tenancy, it might take some time for +the role to be made available to the resources. + +## Register an Azure SQL Application + +Follow the steps below to create an Azure SQL Application Registration in the Azure portal. + +**Step 1 –** In the Azure portal under Azure Services, click the **App Registration** icon. + +![AzureSQL - App Registrations - New Registration](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_5.webp) + +**Step 2 –** Click **New Registration** in the Register an application blade. + +![Azure SQL - Register an Application](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_6.webp) + +**Step 3 –** Enter a **Name** for the application and select an appropriate option from the +Supported account types options. + +**Step 4 –** Click **Register** at the bottom of the page when finished. Once the application has +been registered, the App registration overview blade will appear. Take note of the _Application +(client) ID_ on this page. + +**NOTE:** The _Application (client) ID_ is required to create a Connection Profile within the Access +Analyzer. + +![Azure SQL - Register and App - Application ID](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_8.webp) + +**Step 5 –** Click the **Certificates & secrets** blade in the left-hand menu. Click **New Client +secret**. + +**Step 6 –** Enter a unique identifier in the Description field of the Add a client secret window. +Select a Expiration time frame from the drop down. Click **Add** when finished. + +_Remember,_ you will have to update the Access Analyzer Connection Profile once the expiration time +frame is reached (within 24 months, for example). + +**Step 7 –** Make note of the key under the Value column. + +**NOTE:** The Value key on this paged will be used to create the Access Analyzer connection profile. + +![Azure SQL - Access Control (IAM) page](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_11z.webp) + +## Add a Role Assignment + +Follow the steps below to add a role assignment to the custom role and newly registered Access +Analyzer Azure SQL application. + +**Step 1 –** Navigate to the Subscriptions blade and click the **Access Control (IAM)** option. +Click the **Add** drop down > Click **Add role assignment**. + +![Azure SQL - Add a Role Assignment](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_13z.webp) + +**Step 2 –** Search for and click the recently created custom role from the Role drop down. See +[Create a StealthAUDIT Custom Role](#create-a-stealthaudit-custom-role) for steps required to create +a custom role in the Azure portal. + +**Step 3 –** Search for and select the recently registered Azure SQL application from the Select +drop down. See [Register an Azure SQL Application](#register-an-azure-sql-application) for steps +required to register an Azure SQL application in the Azure portal. The registered application will +be visible in the Selected members window. Click **Save** when finished. + +![Azure SQL - Add a role assignment window](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_14z.webp) + +**Step 4 –** Search for and select the SQL Server Contributor role in the Role drop down. + +**Step 5 –** Search for and select the recently registered Azure SQL application from the Select +drop down. See [Register an Azure SQL Application](#register-an-azure-sql-application) for steps +required to register an Azure SQL application in the Azure portal. The registered application will +be visible in the Selected members window. Click **Save** when finished. + +![Azure SQL - Access Control (IAM) window](/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_16z.webp) + +**Step 6 –** Navigate to the **Subscriptions** blade. Click **Access Control (IAM)**. + +**Step 7 –** Click the **Check access** menu tab Search for and select the recently registered Azure +SQL application from the drop down. See +[Register an Azure SQL Application](#register-an-azure-sql-application) for steps required to +register an Azure SQL application in the Azure portal. A preview window will appear on the +right-hand side of the window. diff --git a/docs/accessanalyzer/12.0/requirements/target/config/databaseazuresql.md b/docs/accessanalyzer/12.0/requirements/target/config/databaseazuresql.md new file mode 100644 index 0000000000..8ac967d97e --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/config/databaseazuresql.md @@ -0,0 +1,50 @@ +# AzureSQL Target Least Privilege Model + +To access the AzureSQL database, users require the Control permission for the target database. Users +with the Control Database permission have access to perform activity scans due to the function +leveraged by AzureSQL to return the required audit logs. See the +[Auditing for Azure SQL Database and Azure Synapse Analytics](https://docs.microsoft.com/en-us/azure/azure-sql/database/auditing-overview?view=azuresql) +Microsoft Knowledge Base article for additional information. + +**_RECOMMENDED:_** It is recommended to create a new user when leveraging a least privilege access +model to access the AzureSQL database because the user must exist in the master database and all +target database(s). A least privilege access model is one that uses the bare minimum privileges +required to carry out collections for the AzureSQL data collector. + +The following role and permission are required for the Least Privilege Model: + +- db_datareader role +- View Database Performance State permission +- Control permission on target database(s) + + **NOTE:** Control permission must be granted on any database you wish to collect data for. + +Follow the steps to configure the least privilege access model for AzureSQL collections. + +**Step 1 –** To login with the user, run the following script against the master database: + +CREATE LOGIN LPAUser WITH PASSWORD = [insert password] + +CREATE USER LPAUser FROM LOGIN LPAUser + +**Step 2 –** Create the user in the target database with the following script: + +CREATE USER LPAUser FROM LOGIN LPAUser + +Once complete, confirm that the newly created user exists in the instance of the master database and +the target database before proceeding to the next step. + +**Step 3 –** Run the following script against the target database to apply the db_datareader role: + +EXEC sp_addrolemember N’db_datareader’, N’LPAUser’ + +**Step 4 –** Apply the View Database State Permission against the target database with the following +script: + +GRANT VIEW DATABASE PERFORMANCE STATE TO LPAUSER + +**Step 5 –** Grant the control permission with the following script: + +GRANT CONTROL ON DATABASE + +The user is granted Control permission based on the least privilege access model. diff --git a/docs/accessanalyzer/12.0/requirements/target/config/databaseoracle.md b/docs/accessanalyzer/12.0/requirements/target/config/databaseoracle.md new file mode 100644 index 0000000000..142a79b523 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/config/databaseoracle.md @@ -0,0 +1,397 @@ +# Oracle Target Least Privilege Model + +We recommend using an account DBA privilege to run Access Analyzer against an Oracle database. +However, if that is not acceptable all the privileges that are required to configure and run the +solution are below and can be used to implement the least privileges necessary. + +## Create Session Privilege + +Before getting started with the least privilege model, ensure that the Access Analyzer Connection +Profile user has the **Create Session** privilege granted. To do it, run the following command in +Oracle environment (SQL Plus or SQL Developer): + +``` +GRANT CREATE SESSION TO %USERNAME%;          +``` + +**NOTE:** The above command will grant the privilege only in the current container. To follow the +least privilege model, only grant the privilege on the containers (or pluggable databases) that you +will be scanning with Access Analyzer. + +However, if you target all of your pluggable databases, then to grant the **Create Session** +privilege on all of those containers at once, run the following command: + +``` +GRANT CREATE SESSION TO %USERNAME% CONTAINER=ALL;          +``` + +## User Credentials Role + +When using a least privileged model for Oracle, **SYSDBA** must be selected for the Role in the User +Credentials window for the Oracle Connection Profile. See the +[Oracle for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/oracle.md) topic for +additional information. + +## Oracle Server Discovery + +This Job uses Nmap to locate listening Oracle ports on servers by scanning for ports using the +service Oracle TNS Listener or optionally using specified ports, such as 1521. The Nmap utility can +be downloaded from [nmap.org](http://www.nmap.org/). To run this job, the user needs to have a +permission to execute any PowerShell script on the local host if the host is running the Microsoft +Windows operating system. In addition, on the Windows host, PowerShell execution policy needs to be +sent as well. For example, to set the execution policy to `Unrestricted`, run the following command +on the PowerShell command line: + +``` +Set-ExecutionPolicy -ExecutionPolicy Unrestricted           +``` + +In case of Linux and UNIX hosts, the `plink` command needs to be executed on the Access Analyzer +Console server to update the local file with the SSH keys. + +**NOTE:** The plink utility in the Access Analyzer installation directory has to be used. A version +of plink gets installed with the Nmap utility. + +The syntax is as follows: + +![administratorcommandprompt](/img/product_docs/accessanalyzer/12.0/requirements/target/config/administratorcommandprompt.webp) + +Run the following on the command prompt: + +``` +C:\Program Files (x86)\Stealthbits\StealthAUDIT\plink   -store_new_keys       +``` + +## Oracle SID Discovery + +This Job collects the Oracle SID from discovered Oracle servers and uses WMI or SSH to collect +running Oracle processes from the Oracle servers. The process is used to determine the name of the +Oracle SID. When multiple Oracle instances are running on a server, each SID will have its own entry +in this table. + +This Job requires local administrator rights on the target hosts in order to read the running +processes using either WMI or SSH. + +## Oracle Instance Discovery + +This Job verifies Oracle SID, IP Address, and Port combinations and inserts them into the +SA_SQL_Instances table. + +This Job requires read rights on the Oracle table DUAL, all users with any read right on an Oracle +server should be able to validate this query. + +For example, to grant a user `SELECT` permission on DUAL, run the following command in SQL Developer +or SQL\*Plus: + +``` +GRANT SELECT ON DUAL TO %USERNAME%; +``` + +**NOTE:** Replace `%USERNAME%` with the actual username of the user. + +``` +CONTAINER_DATA=ALL FOR %NAME_OF_PLUGGABLE_DATABASE% CONTAINER = CURRENT; +``` + +If you want to scan all pluggable databases in the given environment, run the following command in +the root container: + +``` +ALTER USER %USERNAME% SET CONTAINER_DATA=ALL CONTAINER = CURRENT; +``` + +## Oracle Permission Auditing + +The Oracle Permissions Scan job is responsible for collecting all permissions from all licensed +database types for all target instances. + +### Oracle Database 19c Series Permissions + +In order to collect permissions from Oracle Database 19c series, the user credential requires at +least the following `SELECT` privilege on the targeted database for the following views and tables: + +- CDB_COL_PRIVS view +- CDB_TAB_COLS view +- CDB_OBJECTS view +- CDB_PROFILES view +- CDB_ROLE_PRIVS view +- CDB_ROLES view +- CDB_SYS_PRIVS view +- CDB_TABLESPACES view +- CDB_TAB_PRIVS view. +- CDB_USERS view. +- V\_$DATABASE view. +- V\_$RSRC_CONSUMER_GROUP view. +- V\_$CONTAINERS view. +- V\_$PARAMETER view. +- V\_$PDBS view. +- V\_$INSTANCE view. +- SYS.USER$ table. +- DBA_TABLESPACES view +- DBA_ROLES view +- DBA_USERS view +- DBA_OBJECTS view +- DBA_COL_PRIVS view +- DBA_TAB_COLS view +- DBA_ROLE_PRIVS view +- DBA_SYS_PRIVS view +- DBA_TAB_PRIVS view + +For example, to grant all of the above privileges, run the following set of commands in SQL +Developer or SQL\*Plus: + +``` +GRANT CONNECT TO %USERNAME%; +GRANT CREATE SESSION TO %USERNAME%; +GRANT SELECT ON DUAL TO %USERNAME%; +GRANT SELECT ON CDB_COL_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; +GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; +GRANT SELECT ON CDB_PROFILES TO %USERNAME%; +GRANT SELECT ON CDB_ROLE_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_ROLES TO %USERNAME%; +GRANT SELECT ON CDB_SYS_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_TABLESPACES TO %USERNAME%; +GRANT SELECT ON CDB_TAB_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_USERS TO %USERNAME%; +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; +GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; +GRANT SELECT ON V_$PARAMETER TO %USERNAME%; +GRANT SELECT ON V_$PDBS TO %USERNAME%; +GRANT SELECT ON V_$INSTANCE TO %USERNAME%; +GRANT SELECT ON SYS.USER$ TO %USERNAME%; +GRANT SELECT ON DBA_TABLESPACES TO %USERNAME%; +GRANT SELECT ON DBA_ROLES TO %USERNAME%; +GRANT SELECT ON DBA_USERS TO %USERNAME%; +GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; +GRANT SELECT ON DBA_COL_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; +GRANT SELECT ON DBA_ROLE_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_SYS_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_TAB_PRIVS TO %USERNAME%; +``` + +### Oracle Database 12c Series Permissions + +In order to collect permissions from Oracle Database 12c series, the user credential requires at +least the following `SELECT` privilege on the targeted database for the following views and tables: + +- CDB_COL_PRIVS view +- CDB_TAB_COLS view +- CDB_OBJECTS view +- CDB_PROFILES view +- CDB_ROLE_PRIVS view +- CDB_ROLES view +- CDB_SYS_PRIVS view +- CDB_TABLESPACES view +- CDB_TAB_PRIVS view. +- CDB_USERS view. +- V\_$RSRC_CONSUMER_GROUP view. +- V\_$DATABASE view. +- V\_$PARAMETER view. +- V\_$PDBS view. +- V\_$CONTAINERS view. +- SYS.USER$ table. + +For example, to grant all of the above privileges, run the following set of commands in SQL +Developer or SQL\*Plus: + +``` +GRANT SELECT ON CDB_COL_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; +GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; +GRANT SELECT ON CDB_PROFILES TO %USERNAME%; +GRANT SELECT ON CDB_ROLE_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_ROLES TO %USERNAME%; +GRANT SELECT ON CDB_SYS_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_TABLESPACES TO %USERNAME%; +GRANT SELECT ON CDB_TAB_PRIVS TO %USERNAME%; +GRANT SELECT ON CDB_USERS TO %USERNAME%; +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; +GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; +GRANT SELECT ON V_$PARAMETER TO %USERNAME%; +GRANT SELECT ON V_$PDBS TO %USERNAME%; +GRANT SELECT ON SYS.USER$ TO %USERNAME%; +``` + +### Oracle Database 11g Series Permissions + +In order to collect permissions from Oracle Database 11g series, the user credential requires at +least the following `SELECT` privileges on the targeted database for the following views and tables: + +- DBA_COL_PRIVS view +- DBA_TAB_COLS view +- DBA_OBJECTS view +- DBA_PROFILES view +- DBA_ROLES view +- DBA_ROLE_PRIVS view +- DBA_SYS_PRIVS view +- DBA_TABLESPACES view +- DBA_TAB_PRIVS view +- DBA_USERS view +- V\_$RSRC_CONSUMER_GROUP view +- V\_$DATABASE view +- V\_$PARAMETER view +- SYS.USER$ table + +For example, to grant all of the above privileges, run the following set of commands in Oracle SQL +Developer or SQL\*Plus: + +``` +GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; +GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; +GRANT SELECT ON DBA_TABLESPACES TO %USERNAME%; +GRANT SELECT ON DBA_PROFILES TO %USERNAME%; +GRANT SELECT ON DBA_TAB_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_ROLES TO %USERNAME%; +GRANT SELECT ON DBA_ROLE_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_SYS_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_COL_PRIVS TO %USERNAME%; +GRANT SELECT ON DBA_USERS TO %USERNAME%; +GRANT SELECT ON V_$RSRC_CONSUMER_GROUP TO %USERNAME%; +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON V_$PARAMETER TO %USERNAME%; +GRANT SELECT ON SYS.USER$ TO %USERNAME%; +``` + +## Oracle Sensitive Data Auditing + +This job is responsible for identifying sensitive data that has been stored within target database +instances. + +Before running this scan, ensure that Oracle database statistics are up to date at least for the +targeted schema or tables. Use one of the following commands: + +``` +EXEC DBMS_STATS.GATHER_SCHEMA_STATS('%SCHEMA_NAME%'); +EXEC DBMS_STATS.GATHER_TABLE_STATS('%SCHEMA_NAME%', ‘%TABLE_NAME%’); +``` + +### Oracle Database 12c Series Sensitive Data + +In order to perform a sensitive data scan on Oracle database 12c series, the user credential +requires at least the following `SELECT` privileges on the targeted database for the following +views: + +- V\_$CONTAINERS view +- V\_$DATABASE view +- CDB_TAB_COLS view +- CDB_OBJECTS view + +For example, to grant the above privileges, run the following set of commands in SQL Developer or +SQL\*Plus: + +``` +GRANT SELECT ON V_$CONTAINERS TO %USERNAME%; +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON CDB_TAB_COLS TO %USERNAME%; +GRANT SELECT ON CDB_OBJECTS TO %USERNAME%; +``` + +### Oracle Database 11g Series Sensitive Data + +In order to perform a sensitive data scan on Oracle database 11g series, the user credential +requires at least the following `SELECT` privileges on the targeted database for the following +views: + +- V\_$DATABASE view +- DBA_TAB_COLS view +- DBA_OBJECTS view + +For example, to grant the above privileges, run the following set of commands in SQL Developer or +SQL\*Plus: + +``` +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON DBA_TAB_COLS TO %USERNAME%; +GRANT SELECT ON DBA_OBJECTS TO %USERNAME%; +``` + +Please note that the `SELECT` privilege needs to be granted individually on all sensitive data +tables to be targeted (more secure). To accomplish it, run the following command for each targeted +sensitive data table: + +``` +GRANT SELECT ON %YOUR_SENSITIVE_DATA_TABLE% TO %USERNAME%; +``` + +*(Optional)* Grant the `SELECT` privilege on any table (less secure) by running the following +command: + +``` +GRANT SELECT ANY TABLE TO %USERNAME%; +``` + +## Oracle Activity Auditing + +This job is responsible for collecting audit data from configured database server audits on target +endpoints. + +### Oracle Database 12c Series Activity Data + +In order to perform an activity data scan on Oracle database 12c series, the user credential +requires at least the following `SELECT` privileges on the targeted database for the following +views: + +- V\_$DATABASE view +- CDB_COMMON_AUDIT_TRAIL view +- UNIFIED_AUDIT_TRAIL view + +For example, to grant the above privileges, run the following set of commands in SQL Developer or +SQL\*Plus: + +``` +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON CDB_COMMON_AUDIT_TRAIL TO %USERNAME%; +GRANT SELECT ON UNIFIED_AUDIT_TRAIL TO %USERNAME%; +``` + +If the audit trail mode is `QUEUED`, then audit records are not written to disk until the in-memory +queues are full. The following procedure explicitly flushes the queues to disk, so that the audit +trail records are viewable in the `UNIFIED_AUDIT_TRAIL` view: + +``` +EXEC SYS.DBMS_AUDIT_MGMT.FLUSH_UNIFIED_AUDIT_TRAIL; +``` + +### Oracle Database 11g Series Activity Data + +In order to perform an activity data scan on Oracle database 11g series, the user credential +required at least the following `SELECT` privileges on the targeted database for the following +views: + +- V\_$DATABASE view +- DBA_COMMON_AUDIT_TRAIL view + +For example, to grant the above privileges, run the following set of commands in SQL Developer or +SQL\*Plus: + +``` +GRANT SELECT ON V_$DATABASE TO %USERNAME%; +GRANT SELECT ON DBA_COMMON_AUDIT_TRAIL TO %USERNAME%; +``` + +## Oracle Users with Default Passwords Job + +The 4-Oracle_DefaultPasswordUsers job is responsible for collecting usernames of users whose +passwords have not been updated since the database creation. + +The user needs to have a `SELECT` privilege on `CDB_USERS_WITH_DEFPWD` table for Oracle container +databases (version 12c and higher) or `DBA_USERS_WITH_DEFPWD` for the non-container database (any +version below 12c). + +To grant the required privileges, execute the following statements in SQL Developer or SQL\*Plus: + +For version 12c and later: + +``` +GRANT SELECT ON CDB_USERS_WITH_DEFPWD TO %USERNAME%; +``` + +For version 11g: + +``` +GRANT SELECT ON DBA_USERS_WITH_DEFPWD TO %USERNAME%; +``` diff --git a/docs/accessanalyzer/12.0/requirements/target/databasedb2.md b/docs/accessanalyzer/12.0/requirements/target/databasedb2.md new file mode 100644 index 0000000000..34db873327 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/databasedb2.md @@ -0,0 +1,59 @@ +# Target Db2 Requirements, Permissions, and Ports + +The Access Analyzer for Databases Solution provides the ability to audit and monitor Db2 database +environments to collect permissions and sensitive data. It scans: + +- DB2LUW 11+ + +Target Db2 Requirements + +Successful installation of the IBM Data Server Client is required to run the Db2 Job Group. In +addition, the following clients and drivers must be installed: + +- IBM Data Server Driver Package (DS Driver) +- IBM Data Server Driver for JDBC and SQLJ (JCC Driver) +- IBM Data Server Driver for ODBC and CLI (CLI Driver) +- IBM Data Server Runtime Client +- IBM Data Server Client +- IBM Database Add-Ins for Visual Studio +- IBM .NET Driver NuGet + +**NOTE:** All necessary clients and drivers can be found on IBM Support's +[Download initial version 11.5 clients and drivers](https://www.ibm.com/support/pages/download-initial-version-115-clients-and-drivers) +page. From the list of available packages, select the IBM Data Server Client, which is the +all-in-one client package. This package includes all of the client tools and available libraries, as +well as the add-ins for Visual Studio. + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For SQL Data Collector + +- Specified by Instances table (default is 5000) diff --git a/docs/accessanalyzer/12.0/requirements/target/databasemongodb.md b/docs/accessanalyzer/12.0/requirements/target/databasemongodb.md new file mode 100644 index 0000000000..8786d1c619 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/databasemongodb.md @@ -0,0 +1,46 @@ +# Target MongoDB Requirements, Permissions, and Ports + +The Access Analyzer for Databases Solution provides the ability to audit and monitor MongoDB +database environments to collect permissions and sensitive data. It scans: + +- MongoDB 5.0 +- MongoDB 6.0 +- MongoDB 7.0 +- Windows and Linux distributions supported by MongoDB + +Target MongoDB Requirements for Sensitive Data Discovery Scans + +- .NET Framework 4.8 is required to run the MongoDB_SensitiveDataScan Job +- MongoDB Cluster on Windows Only – Domain Administrator or Local Administrator privilege + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [NoSQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/nosql/overview.md) + +## Permissions + +For MongoDB Prerequisite + +- Read Only access to ALL databases in the MongoDB Cluster including: + + - Admin databases + - Config databases + - Local databases + +- Read Only access to any user databases is required for sensitive data discovery +- Read access to NOSQL instance +- Read access to MongoDB instance +- Requires NOSQL Full-Text and Semantic Extractions for Search feature to be installed on the target + NOSQL instances when using the Scans full rows for sensitive data option on the Options wizard + page + +## Ports + +The following firewall ports are needed: + +For NoSQL Data Collector + +- MongoDB Cluster +- Default port is 27017 (A custom port can be configured) diff --git a/docs/accessanalyzer/12.0/requirements/target/databasemysql.md b/docs/accessanalyzer/12.0/requirements/target/databasemysql.md new file mode 100644 index 0000000000..c9a4e13b38 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/databasemysql.md @@ -0,0 +1,66 @@ +# Target MySQL Requirements, Permissions, and Ports + +The Access Analyzer for Databases Solution provides the ability to audit and monitor MySQL database +environments to collect permissions and sensitive data. It scans: + +- MySQL 5.x +- MySQL 8.x +- Amazon MySQL RDS +- Amazon Aurora MySQL Engine +- MariaDB 10.x + +Target MySQL Requirements + +The following are requirements for the MySQL to be scanned: + +- WINRM Service installed and enabled — Required only if MySQL is running on Windows + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) + +## Requirements + +- Windows (Access Analyzer host) - Windows Management Framework 3+ installed on the Access Analyzer + Console server (Windows 2012 and later) +- Windows (MySQL host) + - WinRM enabled +- MySQL + + - Read access to all databases contained within each MySQL instance + - Domain Admin or Local Admin privilege (Windows only) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For MySQL Data Collection + +- Read access to MySQL instance to include all databases contained within each instance +- Windows Only — Domain Admin or Local Admin privilege + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For SQL Data Collector + +- Specified by Instances table (default is 3306) diff --git a/docs/accessanalyzer/12.0/requirements/target/databaseoracle.md b/docs/accessanalyzer/12.0/requirements/target/databaseoracle.md new file mode 100644 index 0000000000..c31bb8e3e4 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/databaseoracle.md @@ -0,0 +1,60 @@ +# Target Oracle Requirements, Permissions, and Ports + +The Access Analyzer for Databases Solution provides the ability to audit and monitor Oracle database +environments to collect permissions, sensitive data, and activity events. It scans: + +- Oracle Database 12c +- Oracle Database 18c +- Oracle Database 19c + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [PowerShell Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For PowerShell Data Collection + +- Member of the Local Administrators group + +For Oracle Data Collection + +- User with SYSDBA role +- Local Administrator on the target servers – Only applies to Windows Servers and not on Linux or + Unix operating systems + +There is a least privilege model for scanning your domain. See the +[Oracle Target Least Privilege Model](/docs/accessanalyzer/12.0/requirements/target/config/databaseoracle.md) topic for additional information. + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For PowerShell Data Collector + +- Randomly allocated high TCP ports + +For SQL Data Collector + +- Specified by Instances table (default is 1521) diff --git a/docs/accessanalyzer/12.0/requirements/target/databasepostgresql.md b/docs/accessanalyzer/12.0/requirements/target/databasepostgresql.md new file mode 100644 index 0000000000..433fb03127 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/databasepostgresql.md @@ -0,0 +1,54 @@ +# Target PostgreSQL Requirements, Permissions, and Ports + +The Access Analyzer for Databases Solution provides the ability to audit and monitor PostgreSQL +database environments to collect permissions and sensitive data. It scans: + +- Open Source PostgreSQL 9x through 12x +- Enterprise DB PostgreSQL (10x trhough 12x) +- Amazon AWS Aurora PostgreSQL Engine (all versions supported by Amazon AWS) +- Azure PostgreSQL (9.6) + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) + +## Requirements + +- Read access to all databases contained within each PostgreSQL instance +- Domain Admin or Local Admin privilege (Windows only) +- Login account for each instance of PostgreSQL to be audited + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For PostgreSQL Data Collection + +- Read access to all the databases in PostgreSQL cluster or instance +- Windows Only — Domain Admin or Local Admin privilege + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For SQL Data Collector + +- Specified by Instances table (default is 5432) diff --git a/docs/accessanalyzer/12.0/requirements/target/databaseredshift.md b/docs/accessanalyzer/12.0/requirements/target/databaseredshift.md new file mode 100644 index 0000000000..1cf7a13ff9 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/databaseredshift.md @@ -0,0 +1,60 @@ +# Target Redshift Requirements, Permissions, and Ports + +The Access Analyzer for Databases Solution provides the ability to audit and monitor Redshift +database environments to collect permissions and sensitive data. It scans: + +- Amazon AWS Redshift +- AWS Redshift Cluster + +Target Redshift Requirements + +- Creation of a user name and password through the AWS portal. +- Successful retrieval of the following items from the AWS website: + + - Database Name – Unique identifier for a specific database + - Port Number – String of unique numbers used by networks to identify specific incoming + processes + - Endpoint name – Publicly accessible elastic IP address specific to the database + +- Retrieval of the information from the Access Analyzer console. + +Additional requirements for Sensitive Data Discovery: + +- Windows Only – Domain Administrator or Local Administrator privilege + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For Redshift Data Collection + +- Read-access to the following tables: + + - pg_tables + - pg_user + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/12.0/requirements/target/databasesql.md b/docs/accessanalyzer/12.0/requirements/target/databasesql.md new file mode 100644 index 0000000000..e0c998912f --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/databasesql.md @@ -0,0 +1,101 @@ +# Target SQL Server Requirements, Permissions, and Ports + +The Access Analyzer for Databases Solution provides the ability to audit and monitor SQL Server +database environments to collect permissions, sensitive data, and activity events. It scans: + +- Azure SQL + +- SQL Server 2022 +- SQL Server 2019 +- SQL Server 2017 +- SQL Server 2016 + +Target SQL Server Requirements + +The following are requirements for the SQL Server to be scanned: + +- WINRM Service installed +- Ensure the following rights are in the `ROOT\Microsoft\SQLServer` and `ROOT\Interop` WMI + NameSpaces: + + - Execute Methods + - Enable Account + - Remote Enable + + **NOTE:** Restart WMI after applying changes. + +- For Activity Auditing – SQL Server Audit: + + - SQL Server Audit Specifications to be configured on the target databases + - Audit destination must be a binary file + - See the Microsoft + [Create a server audit and database audit specification](https://learn.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) + article. + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [SMARTLog Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/overview.md) +- [SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For SMARTLog Data Collection + +- Member of the local Administrators group + +For SQL Server Data Collection + +- For Instance Discovery, local rights on the target SQL Servers: + + - Local group membership to Remote Management Users + - Permissions on the following WMI NameSpaces: `root\Microsoft\SQLServer, root\interop` + +- For permissions for data collection: + + - Read access to SQL instance + - Requires SQL Full-Text and Semantic Extractions for Search feature to be installed on the + target SQL instance(s) when using the **Scan full rows for sensitive data** option on the + Options wizard page + - Grant Authenticate Server to [DOMAIN\USER] + - Grant Connect SQL to [DOMAIN\USER] + - Grant View any database to [DOMAIN\USER] + - Grant View any definition to [DOMAIN\USER] + - Grant View server state to [DOMAIN\USER] + - Grant Control Server to [DOMAIN\USER] (specifically required for the Weak Passwords Job) + +See the [Azure SQL Auditing Configuration](/docs/accessanalyzer/12.0/requirements/target/config/azuresqlaccess.md) topic for additional +information. + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For SMARTLog Data Collector + +- TCP 135 +- TCP 445 +- Randomly allocated high TCP ports + +For SQL Data Collector + +- Specified by Instances table (default is 1433) diff --git a/docs/accessanalyzer/12.0/requirements/target/dropbox.md b/docs/accessanalyzer/12.0/requirements/target/dropbox.md new file mode 100644 index 0000000000..a0be3c21bf --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/dropbox.md @@ -0,0 +1,31 @@ +# Target Dropbox Requirements, Permissions, and Ports + +The Access Analyzer for AWS Solution provides the ability to audit Dropbox. It scans: + +- Dropbox + +Data Collector + +This solution employs the following data collector to scan the target environment: + +- [DropboxAccess Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/overview.md) + +## Permissions + +- Dropbox Team Administrator + +The DropboxAccess Data Collector requires the generation of an access token that is used to +configure the Connection Profile for Dropbox. The access token is generated from within the Dropbox +Access Auditor Data Collector Wizard on the Scan Options page. Once the access token is copied into +a Connection Profile for Dropbox, it will be saved and does not need to be generated again. See the +[DropboxAccess: Scan Options](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.md) topic for +additional information. + +## Ports + +The following firewall ports are needed: + +For DropboxAccess Data Collector + +- TCP 80 +- TCP443 diff --git a/docs/accessanalyzer/12.0/requirements/target/exchange.md b/docs/accessanalyzer/12.0/requirements/target/exchange.md new file mode 100644 index 0000000000..99347e2119 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/exchange.md @@ -0,0 +1,175 @@ +# Target Exchange Servers Requirements, Permissions, and Ports + +The Access Analyzer for Exchange Solution is compatible with the following Exchange Server versions +as targets: + +- Exchange 2019 (Limited) +- Exchange 2016 (Limited) +- Exchange 2013 +- Exchange 2010 (Limited) + +See the [Exchange Support and Permissions Explained](/docs/accessanalyzer/12.0/requirements/solutions/exchange/support.md) topic for +details on the type of auditing supported by data collector and by job group. + +Domain Controller Requirements + +The following are requirements for the Exchange servers to be scanned: + +- Enable Remote PowerShell on one Client Access Server (CAS) +- Enable Windows Authentication for the PowerShell Virtual Directory on the same CAS +- .NET Framework 4.5+ installed on all Exchange servers to be targeted +- WINRM Service installed on all Exchange servers to be targeted as a back up in the event of a + remote PowerShell failure +- Within the Access Analyzer Console, the global **Settings > Exchange** node must be configured + + **NOTE:** For Exchange 2013, 2016, and 2019 – If the global Settings have been configured for + "MAPI over HTTP," then an actual CAS server name was supplied and will be used by the ExchangePS + Data Collector. If the global Settings have been configured for "MAPI over HTTPS," then the + global Settings will have a web address instead of an actual server. Therefore, each ExchangePS + query requires the CAS server to be set as the specific server on the Category page. See the + [ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/12.0/solutions/exchange/recommended.md) + topic for a list of queries for which this would apply. + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [EWSMailbox Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/overview.md) +- [EWSPublicFolder Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/overview.md) +- [Exchange2K Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/exchange2k/overview.md) +- [ExchangeMailbox Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/overview.md) +- [ExchangeMetrics Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/overview.md) +- [ExchangePS Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/overview.md) +- [ExchangePublicFolder Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/overview.md) +- [SMARTLog Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/overview.md) + +## Permissions + +For .Active Directory Inventory Prerequisite + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +For Exchange Web Services API Permissions with the EWSMailbox Data Collector + +- Exchange Admin Role +- Discovery Management Role +- Application Impersonation Role +- Exchange Online License + +See the [Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/webservicesapi.md) topic for +additional information. + +For Exchange Web Services API Permissions with the EWSPublicFolder Data Collector + +- Exchange Admin Role +- Discovery Management Role +- Application Impersonation Role +- Exchange Online License with a mailbox + +See the [Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/webservicesapi.md) topic for +additional information. + +For Exchange2K Data Collector + +- Member of the Exchange Administrator group +- Domain Admin for AD property collection +- Public Folder Management + +For ExchangeMailbox Data Collector + +- Member of the Exchange Administrator group +- Organization Management +- Discovery Management + +For Exchange Mail Flow with ExchangeMetrics Data Collector + +- Member of the local Administrator group on the targeted Exchange server(s) + +See the [Exchange Mail-Flow Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/mailflow.md) topic for additional +information. + +For Exchange Remote Connection with SMARTLog Data Collector + +- Member of the local Administrators group + +See the [Exchange Remote Connections Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/remoteconnections.md) topic +for additional information. + +For Exchange PowerShell with ExchangePS Data Collector + +- Remote PowerShell enabled on a single Exchange server +- Windows Authentication enabled for the PowerShell Virtual Directory on the same Exchange server + where Remote PowerShell has been enabled +- View-Only Organization Management Role Group +- Discovery Search Management Role Group +- Public Folder Management Role Group +- Mailbox Search Role + +See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) topic for additional +information. + +For ExchangePublicFolders Data Collector + +- Member of the Exchange Administrator group +- Organization Management + +## Ports + +The following firewall ports are needed: + +For ADInventory Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For EWSMailbox Data Collector + +- TCP 389 +- TCP 443 + +For EWSPublicFolder Data Collector + +- TCP 389 +- TCP 443 + +For Exchange2K Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports +- TCP 389 +- Optional TCP 445 + +For ExchangeMailbox Data Collector + +- TCP 135 +- Randomly allocated high TCP ports + +For ExchangeMetrics Data Collector + +- TCP 135 +- Randomly allocated high TCP ports + +For ExchangePS Data Collector + +- TCP 135 +- Randomly allocated high TCP ports + +For ExchangePublicFolder Data Collector + +- TCP 135 +- Randomly allocated high TCP ports + +For SMARTLog Data Collector + +- TCP 135 +- TCP 445 +- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/12.0/requirements/target/exchangeonline.md b/docs/accessanalyzer/12.0/requirements/target/exchangeonline.md new file mode 100644 index 0000000000..df62983682 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/exchangeonline.md @@ -0,0 +1,106 @@ +# Target Exchange Online Requirements, Permissions, and Ports + +The Access Analyzer for Exchange Solution provides the ability to audit Exchange Online. It scans: + +- Exchange Online (Limited) + +See the [Exchange Support and Permissions Explained](/docs/accessanalyzer/12.0/requirements/solutions/exchange/support.md) topic for +details on the type of auditing supported by data collector and by job group. + +Data Collectors + +This solution employs the following data collectors to scan the target environment: + +- [AzureADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/overview.md) +- [EWSMailbox Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/overview.md) +- [EWSPublicFolder Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/overview.md) +- [ExchangePS Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/overview.md) + +## Permissions + +For .Entra ID Inventory Prerequisite with the AzureADInventory Data Collector + +- Microsoft Graph API + + - Application Permissions: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + + - Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +- Access URLs + + - https://login.windows.net + - https://graph.windows.net + - https://login.microsoftonline.com + - https://graph.microsoft.com + + - All sub-directories of the access URLs listed + +See the [Microsoft Entra ID Auditing Configuration](/docs/accessanalyzer/12.0/config/entraid/access.md) topic for +additional information. + +Permissions for the Registered Microsoft Entra ID Application: Office 365 Exchange Online + +- Application Permissions: + + - Exchange.ManageAsApp – Manage Exchange As Application + - full_access_as_app – Use Exchange Web Services with full access to all mailboxes + +- Exchange Administrator role assigned to the registered application's service principal + +See the [Exchange Online Auditing Configuration](/docs/accessanalyzer/12.0/config/exchangeonline/access.md) topic for +additional information. + +For Exchange Web Services API Permissions with the EWSMailbox Data Collector + +- Exchange Admin Role +- Discovery Management Role +- Exchange Online License + +See the [Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/webservicesapi.md) topic for +additional information. + +For Exchange Web Services API Permissions with the EWSPublicFolder Data Collector + +- Exchange Admin Role +- Discovery Management Role +- Exchange Online License with a mailbox + +See the [Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/webservicesapi.md) topic for +additional information. + +For Exchange PowerShell with ExchangePS Data Collector + +- Discovery Management Role +- Organization Management Role + +See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) topic for additional +information. + +## Ports + +The following firewall ports are needed: + +For AzureADInventory Data Collector + +- TCP 80 and 443 + +For EWSMailbox Data Collector + +- TCP 389 +- TCP 443 + +For EWSPublicFolder Data Collector + +- TCP 389 +- TCP 443 + +For ExchangePS Data Collector + +- TCP 135 +- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/12.0/requirements/target/filesystems.md b/docs/accessanalyzer/12.0/requirements/target/filesystems.md new file mode 100644 index 0000000000..b107f88513 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/filesystems.md @@ -0,0 +1,144 @@ +# File System Supported Platforms + +Netwrix Access Analyzer (formerly Enterprise Auditor) audits Microsoft® Windows® file servers, +Azure Files storage accounts, Network Attached Storage (NAS) devices, and Unix platforms. + +Access Analyzer employs the File System Solution to execute Access Auditing (FSAA), Activity +Monitoring (FSAC), and Sensitive Data Discovery Auditing scans. The Activity Monitoring (FSAC) scans +also require an additional application, either Netwrix Activity Monitor or Netwrix Threat +Prevention, to monitor the target environment. + +**NOTE:** Access Auditing and Sensitive Data Discovery Auditing support CIFS and NFSv3. + +Ports and permissions vary based on the scan mode option selected as well as the target environment. + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [FileSystemAccess Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/overview.md) + +Permissions and Ports for ADInventory Data Collector Prerequisite + +The following permissions are needed: + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +The following firewall ports are needed: + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions and Ports for FileSystemAccess Data Collector + +- Permissions vary based on the Scan Mode Option selected. See the File System Supported Platforms + topic for additional information. + +## Supported Windows Platforms + +The following are supported Microsoft® Windows® operating systems: + +- Windows Server 2022 +- Windows Server 2019 +- Windows Server 2016 + +See the [Windows File Server Target Requirements](/docs/accessanalyzer/12.0/config/windowsfile/overview.md) topic for +target environment requirements. + +Windows File System Clusters + +See the topic for target environment requirements. + +Windows File System DFS Namespaces + +See the topic for target environment requirements. + +## Azure Files Support + +Azure Files is a fully managed, cloud-based file sharing service from Microsoft that allows users to +access file shares from anywhere as a virtual network drive. Access Analyzer supports Access +Auditing (FSAA) and Sensitive Data Discovery Auditing scans of Azure Files. + +See the [Azure Files Target Requirements](/docs/accessanalyzer/12.0/requirements/target/config/azurefiles.md) topic for additional information. + +## Supported Network Attached Storage Devices + +The following are supported Network Attached Storage (NAS) devices. + +Dell Celerra® & VNX + +- Celerra 6.0+ +- VNX 7.1 +- VNX 8.1 + +See the [Dell Celerra & Dell VNX Target Requirements](/docs/accessanalyzer/12.0/config/dellcelerravnx/overview.md) +topic for target environment requirements. + +Dell Isilon/PowerScale + +- 7.0+ + +See the [Dell Isilon/PowerScale Target Requirements](/docs/accessanalyzer/12.0/config/dellpowerscale/overview.md) +topic for target environment requirements. + +Dell Unity + +See the [Dell Unity Target Requirements](/docs/accessanalyzer/12.0/config/dellunity/overview.md) topic for target +environment requirements. + +Hitachi + +- 11.2+ + +See the [Hitachi Target Requirements](/docs/accessanalyzer/12.0/config/hitachi/overview.md) topic for target +environment requirements. + +Nasuni Nasuni Edge Appliances + +- 8.0+ + +See the [Nasuni Target Requirements](/docs/accessanalyzer/12.0/config/nasuni/overview.md) topic for target +environment requirements. + +NetApp Data ONTAP + +- 7-Mode 7.3+ +- Cluster-Mode 8.2+ + +See the following topics for target environment requirements: + +- [NetApp Data ONTAP Cluster-Mode Target Requirements](/docs/accessanalyzer/12.0/config/netappcmode/overview.md) +- [NetApp Data ONTAP 7-Mode Target Requirements](/docs/accessanalyzer/12.0/config/netapp7mode/overview.md) + +Nutanix + +See the [Nutanix Target Requirements](/docs/accessanalyzer/12.0/config/nutanix/overview.md) topic for target +environment requirements. + +Qumulo + +- Qumulo Core 5.0.0.1B+ + +See the [Qumulo Target Requirements](/docs/accessanalyzer/12.0/config/qumulo/overview.md) topic for target +environment requirements. + +## Supported Unix Platforms + +The following are supported Unix operating systems for Access Auditing (FSAA) and Sensitive Data +Discovery Auditing only: + +- AIX® 4+ +- Solaris™ 8+ +- Red Hat® Enterprise Linux® 4+ +- Red Hat® Linux® 5.2+ +- HP-UX® 11+ +- SUSE® 10+ diff --git a/docs/accessanalyzer/12.0/requirements/target/sharepoint.md b/docs/accessanalyzer/12.0/requirements/target/sharepoint.md new file mode 100644 index 0000000000..388b8f8aee --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/sharepoint.md @@ -0,0 +1,95 @@ +# SharePoint Support + +Netwrix products audit and monitor Microsoft® SharePoint® environments. Access Analyzer employs +the SharePoint solution to execute Access Auditing (SPAA) and Sensitive Data Discovery Auditing +scans against SharePoint on-premise and SharePoint Online. Through integration with Activity +Monitor, Access Analyzer can also execute Activity Auditing (SPAC) scans against SharePoint +on-premise and SharePoint online environments. Additionally, Activity Monitor can be configured to +provide activity data to various SIEM products. + +Ports and permissions vary based on the scan mode option selected as well as the target environment. + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/overview.md) +- [AzureADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/overview.md) +- [SharePointAccess Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/spaa/overview.md) + +Permissions and Ports for ADInventory Data Collector Prerequisite + +The following permissions are needed: + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +The following firewall ports are needed: + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +Permissions and Ports for AzureADInventory Data Collector Prerequisite + +The following permissions are needed: + +- Microsoft Graph API + + - Application Permissions: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + + - Delegated Permissions: + + - Group.Read.All – Read all groups + - User.Read.All – Read all users' full profiles + +- Access URLs + + - https://login.windows.net + - https://graph.windows.net + - https://login.microsoftonline.com + - https://graph.microsoft.com + + - All sub-directories of the access URLs listed + +The following firewall ports are needed: + +- TCP 80 and 443 + +## Supported SharePoint Online + +The following are supported Microsoft® SharePoint® Online: + +- SharePoint Online® (Agent-less mode scans only) + +- OneDrive® for Business (Access Auditing and/or Sensitive Data Discovery Auditing for Agent-less + mode scans only) + +See the [SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) topic for additional +information. + +**NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for +SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and +provisions it with the required permissions. See the +[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_registerazureappauth.md) topic for +additional information. + +## Supported SharePoint On-Premise + +The following are supported Microsoft® SharePoint® operating systems: + +- SharePoint® 2019 +- SharePoint® 2016 +- SharePoint® 2013 + +See the [SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) topic for additional +information. diff --git a/docs/accessanalyzer/12.0/requirements/target/unix.md b/docs/accessanalyzer/12.0/requirements/target/unix.md new file mode 100644 index 0000000000..3bdbbd7725 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/unix.md @@ -0,0 +1,205 @@ +# Target Unix Requirements, Permissions, and Ports + +The Access Analyzer for Unix Solution provides the ability to audit Unix servers. It scans: + +- AIX® 4+ +- Solaris™ 8+ +- Red Hat® Enterprise Linux® 4+ +- Red Hat® Linux® 5.2+ +- HP-UX® 11+ +- CentOS® 7+ +- SUSE® 10+ + +Data Collectors + +This solution employs the following data collectors to scan the target environment: + +- [NIS Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/nis/overview.md) +- [Unix Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/unix/overview.md) + +## Permissions + +For NIS Data Collector Prerequisite + +- No special permissions are needed aside from access to a NIS server + +For Unix Data Collector + +- Root permissions in Unix/Linux + +If the Root permission is unavailable, a least privileged model can be used. See the +[Least Privilege Model](#least-privilege-model) topic additional information. + +## Ports + +The following firewall ports are needed: + +For NIS Data Collector Prerequisite + +- TCP 111 or UDP 111 +- Randomly allocated high TCP ports + +For Unix Data Collector + +- TCP 22 +- User configurable + +## Least Privilege Model + +Access Analyzer for Unix collects information from Unix devices by running commands or executing +scripts on your Unix hosts (if configured properly our tool can SCP scripts to your hosts before +execution). Therefore, the domain or local user credentials entered in the Connection Profile within +the Access Analyzer must be capable of running the necessary commands, executing the necessary +scripts or, in some cases, have rights to SCP scripts to the host. + +### Connecting to Unix Hosts + +Access Analyzer for Unix connects to your host in two ways: + +- Plink – This mechanism is leveraged during our tools Host Inventory to test connectivity to a host + and to collect basic details about a host (Host Name, OS Type, etc.) +- Implementation of the SSH2 protocol built into Access Analyzer – This is how the Unix Data + Collector interacts with and pulls information from your environment + +Authentication Methods + +- SSH Login Required +- SSH Private Key + + - Supported Key Types + + - Open SSH + - PuTTY Private Key + +Device Connectivity + +- SSH port opened in software and hardware firewalls. Default is 22. + + - If you do not use Port 22, you can specify your SSH port in the Connection Profile + +### Commands for Non-Root Accounts + +We recommend using the root account to run Access Analyzer against a Unix system. However, if that +is not acceptable all the commands we leverage in the solution set are below and can be used to +implement least privilege: + +All Perl scripts require the account to be able to execute the following commands: + +``` +scp [script] to a target location: /tmp/[script] +``` + +``` +perl [script] +``` + +``` +rm -f [script] +``` + +#### UX_UsersAndGroups Job Requirements + +The 1.Users and Groups > 0.Collection > UX_UsersAndGroups Job requires permissions in the Unix +environment to run the following commands: + +Commands Used + +- `grep` +- `egrep` +- `uname` +- `cat /etc/passwd` (read access) +- `cat /etc/group` (read access) +- `cat /etc/security/user` (read access) +- `cat /etc/shadow` + + - Requires root or customization to job to utilize sudo without password prompt (:NOPASSWD) + +- `egrep /etc/security/user` (read access) +- `egrep /etc/login.defs` (read access) +- `egrep /etc/default/passwd` (read access) +- `cat /etc/security/passwd` (read access) + +Perl Scripts Used + +``` +SA_UX_AIX_User.pl +``` + +``` +SA_UX_AIX_UserLastUpdate.pl +``` + +#### UX_MakeDirectory Job Requirements + +The 2.PrivilegedAccess > Sudoers > 0.Collection > UX_MakeDirectory Job requires permissions in the +Unix environment to run the following commands: + +Commands Used + +- `mkdir /tmp/Stealthbits/` + +#### UX_ParseSudoers Job Requires + +The 2.PrivilegedAccess > Sudoers > 0.Collection > UX_ParseSudoers Job requires permissions in the +Unix environment to run the following commands: + +**NOTE:** To parse sudoers we either need root or an account that has access to use sudo without +password prompt (:NOPASSWD) + +Commands Used + +- `sudo chmod 500 SA_UX_ParseSudoers.pl` +- `sudo ./SA_UX_ParseSudoers.pl` +- `sudo rm SA_UX_ParseSudoers.pl` +- `sudo rmdir /tmp/Stealthbits/` + +Perl Scripts Used + +``` +SA_UX_ParseSudoers.pl +``` + +This grants read access to  `/etc/sudoers` + +#### UX_CriticalFiles Job Requires + +The 2.PrivilegedAccess > UX_Critical Files Job requires permissions in the Unix environment to run +the following commands: + +Commands Used + +- `ls -al /etc/` +- `ls -al /etc/samba/` +- `ls -al /etc/sysconfig` + +#### UX_NFSConfiguration Job Requires + +The 3.Sharing > 0.Collection > UX_NFSConfiguration Job requires permissions in the Unix environment +to run the following commands: + +Perl Scripts Used + +``` +SA_UX_NFSConfiguration.pl +``` + +This grants: + +- read access to `/etc/exports` +- read access to `/etc/dfs/dfstab` + +#### UX_SambaConfiguration Job Requires + +The 3.Sharing > 0.Collection > UX_SambaConfiguration Job requires permissions in the Unix +environment to run the following commands: + +Perl Scripts Used + +``` +SA_UX_SambaConfiguration.pl +``` + +This grants: + +- read access to `/etc/sfw/smb.conf` +- read access to `/etc/samba/smb.conf` diff --git a/docs/accessanalyzer/12.0/requirements/target/windows.md b/docs/accessanalyzer/12.0/requirements/target/windows.md new file mode 100644 index 0000000000..76251e10c8 --- /dev/null +++ b/docs/accessanalyzer/12.0/requirements/target/windows.md @@ -0,0 +1,89 @@ +# Target Windows Server and Desktop Requirements, Permissions, and Ports + +The Access Analyzer for Windows Solution is compatible with the following Microsoft Windows versions +as targets: + +- Windows 7 and higher +- Windows Server 2016 and later + +Server and Desktop Requirements + +The following are requirements for the servers and desktops to be scanned: + +- WINRM Service installed + +Data Collectors + +This solution employs the following data collector to scan the target environment: + +- [GroupPolicy Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/overview.md) +- [PowerShell Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md) +- [Registry Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/registry.md) +- [Script Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/script/overview.md) +- [Services Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/services.md) +- [SMARTLog Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/overview.md) +- [SystemInfo Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/overview.md) +- [TextSearch Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/textsearch/overview.md) +- [UsersGroups Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/usersgroups/overview.md) +- [WMICollector Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/wmicollector/overview.md) + +## Permissions + +- Member of the local Administrators group +- If target host is a domain controller, member of the Domain Administrator group in the target + domain + +## Ports + +The following firewall ports are needed: + +For GroupPolicy Data Collector + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +For PowerShell Data Collector + +- Randomly allocated high TCP ports + +For Registry Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports + +For Script Data Collector + +- Randomly allocated high TCP ports + +For Services Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports + +For SMARTLog Data Collector + +- TCP 135 +- TCP 445 +- Randomly allocated high TCP ports + +For SystemInfo Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports + +For TextSearch Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports + +For UsersGroups Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports +- 445 + +For WMICollector Data Collector + +- TCP 135-139 +- Randomly allocated high TCP ports diff --git a/docs/accessanalyzer/12.0/run_build_test.sh b/docs/accessanalyzer/12.0/run_build_test.sh deleted file mode 100755 index 6b79e4fa4d..0000000000 --- a/docs/accessanalyzer/12.0/run_build_test.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -cd /Users/jordan.violet/development/docs -npm run clear -npm run build:single endpointpolicymanager \ No newline at end of file diff --git a/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/configuration.md b/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/configuration.md deleted file mode 100644 index df24989de7..0000000000 --- a/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/configuration.md +++ /dev/null @@ -1,110 +0,0 @@ -# Configuration Pane - -Use the configuration pane to view sub-criteria information for System Criteria and to view, add, -edit, and remove sub-criteria information for User Criteria. - -![Configuration Pane](/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp) - -The information in the configuration pane changes based on the criteria currently selected in the -navigation pane. - -![Options at the top of the configuration pane](/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp) - -The options at the top of the Configuration Pane are: - -**NOTE:** Configuration settings for System Criteria cannot be modified. - -- Navigation Path – Displays information on the current location within the Sensitive Data Criteria - Editor -- Name – Name of the criteria as it is shown in the navigation pane -- Test Criteria Button – Opens the Criteria Tester window to test current criteria configurations. - See the [Criteria Tester Window](#criteria-tester-window) topic for additional information. -- Confidence Level – Displays the current confidence level which indicates how accurate a match is - for a criteria - - - The confidence level is reported on a scale from 0 - 100. The closer the number is to 100, the - more accurate a match is for a criteria. - -- Risk Score – Displays the general level of risk a criteria represents when found in a file that is - not properly secured - - - The risk score can be set to **Low**, **Medium**, or **High** - - Click the **Risk Score** button to change the risk score for user-configured criteria - -- Required matched criteria list – Lists the sub-criteria configured for the currently selected - top-level criteria in the navigation pane. The columns in the table are: - - - Name – Name of the sub-criteria - - Type – Type of sub-criteria: **Keywords**, **Regex**, or **Summary** - - Content – Values associated with the sub-criteria - - Minimum Matches – Minimum number of match hits required for a sub-criteria match hit - - Match Type – Displays whether the sub-criteria **Must match** or **Must not match** - -![Options at the bottom of the configuration pane](/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp) - -The options at the bottom of the configuration pane are: - -**NOTE:** Configuration settings for System Criteria cannot be modified. - -- Add – Add a sub-criteria to the required matched criteria list. The three types of sub-criteria - that can be added are **Keyword**, **Pattern**, and **Summary**. See the following topics for - additional information: - - - [Keyword Criteria](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/keyword.md) - - [Regular Expression (Pattern) Criteria](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/regular-expression.md) - - [Summary Criteria](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/summary.md) - -- Remove – Remove sub-criteria from the Required matched sub-criteria list -- Edit – Edit the currently selected sub-criteria -- Must match at least this many criteria – Adjust the slider to configure how many sub-criteria must - be matched for the sensitive data criteria to be reported - - - The minimum value is 1 - - The maximum value is the number of sensitive data sub-criteria that has been added to the - required matched criteria list - - **CAUTION:** The character distance feature does not account for summaries that are nested - within other summaries. - -- Matches should be within this proximity of characters – Match hits for this criteria should be - within this many characters of one another in order for there to be a match. Adjust the slider to - set the default character distance required for match hits. - - - The minimum value is 0 - - The maximum value is 200 - - Using this feature requires any combination of two or more Regular Expression (Pattern) and - Keyword sub-criteria - -- Include keywords as part of match hits – Select this option to enable the inclusion of keywords as - part of match hits. This option determines whether a match found based on a Keyword Criteria is - reported as a match hit. When this option is selected, any matches found for a word in the Keyword - list is reported as match hit. If this option is not selected, then only matches found based on - Pattern or child Summary Criteria are reported as a match hit. -- Metadata for this criteria – Click the green plus (**+**) button to add a new metadata type for - the criteria. Delete a metadata type by clicking the **X** button in the gray metadata tag. - - - For a list of available out-of-the-box metadata tags, see the - [Default Metadata Tag Values](/docs/accessanalyzer/12.0/sensitive-data-discovery/metadata-tags.md) topic for additional information - -- Cancel – Exit the Sensitive Data Criteria Editor without saving changes -- Save – Save changes made to the current criteria - -## Criteria Tester Window - -Use the Criteria Tester window to test current criteria configurations. - -![Criteria Tester window](/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatester.webp) - -The options in the Criteria Tester are: - -- Use the following sample text – Enter sample text to test against current configured criteria in - the **Use the following sample text** textbox -- Use the following file – Click **Browse** to import a file as sample text to test against - currently configured criteria -- Test Data – Click **Test Data** to test the sample text against currently configured criteria. - Match hits show in the **Test Results** section. -- Test Results – Displays match hits for the sample text typed into the text box. The two tabs under - Test Results are: - - - Criteria – Displays the specific criteria for which the sample text is considered a match - - Matched Data – Displays the sample text that was matched for the configured criteria diff --git a/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/keyword.md b/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/keyword.md deleted file mode 100644 index 45a4a76f91..0000000000 --- a/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/keyword.md +++ /dev/null @@ -1,31 +0,0 @@ -# Keyword Criteria - -Keyword criteria consists of a list of comma-separated words. If any word in the list is found in -the file, it is considered a hit. - -![Keywords window](/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp) - -The options on the Keywords window are: - -- Name – Name of the keyword sub-criteria as it appears in the Configuration window -- Add Keyword – Add a keyword to the Value list -- Remove Keyword – Remove a selected keyword from the Value list -- Import Keyword File – Import keywords from a file -- Export Keyword File – Export keywords as a file -- Match Type – Choose whether keyword matches for the Keyword criteria **Must match** or **Must not - match** -- Case Sensitive Keywords – If enabled, checks letter case when matching keywords -- Count only distinct occurrences – Select the checkbox to enable only distinct occurrences to be - counted during scan jobs -- Apply these keywords to these file components – Select which file components the keywords apply - to: - - - Name - - Contents - - Metadata - -- Look for at least this many occurrences – Adjust the slider to configure how many occurrences are - required for keyword criteria to match - - - The minimum value is 1 - - The maximum value is 10 diff --git a/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/regular-expression.md b/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/regular-expression.md deleted file mode 100644 index de5cce7524..0000000000 --- a/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/regular-expression.md +++ /dev/null @@ -1,43 +0,0 @@ -# Regular Expression (Pattern) Criteria - -Regular Expression criteria are a set of pattern matching rules that provide a concise and flexible -means for matching strings of text. This criteria type can be used to verify a series of numbers as -potentially valid, for example credit card numbers. - -![Regular Expression window](/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp) - -The options on the Regular Expression window are: - -- Name – Name of the Regular Expression sub-criteria as it appears in the Configuration window -- Expression – Enter the Regular Expression in the Expression text box -- Case Sensitive Expression – Select the checkbox for case sensitive Regular Expression pattern - matching -- Validation – Select a validation method from the Validation drop-down. The default value is **No - validation required**. - - **NOTE:** See the [Sensitive Data System Criteria](/docs/accessanalyzer/12.0/sensitive-data-discovery/system-criteria.md) topic for additional - information on validation methods. - -- Sample Value – Text entered into the Sample Value text box is used to test pattern matches for the - expression in the Expression text box -- Test Match – Click **Test Match** to test the expression entered in the Expression text box - against the text in the Sample Value text box -- Match Type – Choose whether pattern matches for the Regular Expression criteria **Must match** or - **Must not match** - - - Must match – The Regular Expression must be matched for there to be a match - - Must not match – If the Regular Expression is matched and is designated **Must not match**, - then the potential match is invalidated - -- Apply this expression to these file components – Select which file components the expression - applies to: - - - Name - - Contents - - Metadata - -- Look for at least this many occurrences – Adjust the slider to configure how many occurrences are - required for a match hit - - - The minimum value is 1 - - The maximum value is 10 diff --git a/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/summary.md b/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/summary.md deleted file mode 100644 index 90d36ea033..0000000000 --- a/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/criteria-type/summary.md +++ /dev/null @@ -1,55 +0,0 @@ -# Summary Criteria - -Summary criteria are designed as a way of combining Regular Expression (Pattern) criteria and -Keyword criteria. - -![Edit new Summary criteria](/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp) - -Click **Add** and select **Summary** to add a new Summary criteria to the Required matched criteria -list. Select the new criteria and click **Edit** to configure the new Summary criteria. - -![Summary criteria configuration page](/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp) - -The options on the Summary criteria configuration page are: - -- Name – Name of the Summary sub-criteria -- Test Criteria – Opens the Criteria Tester window to test current Summary criteria configurations. - See the [Criteria Tester Window](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/configuration.md#criteria-tester-window) topic for additional - information. -- Required matched criteria – Lists sub-criteria configured for currently selected criteria in the - navigation pane. The columns in the table are: - - - Name – Name of the sub-criteria - - Type – Type of sub-criteria (**Keyword**, **Regex**, or **Summary**) - - Content – Values associated with sub-criteria - - Minimum Matches – Minimum matches required for a match hit - - Match Type – Displays whether the sub-criteria **Must match** or **Must not match** - -- Add – Add a sub-criteria to the required matched criteria list. The three types of sub-criteria - that can be added are **Keyword**, **Pattern**, and **Summary**. -- Remove – Remove the selected sub-criteria from the Required matched criteria list -- Edit – Edit the currently selected sub-criteria -- Match Type – Choose whether match hits for the Summary criteria **Must match** or **Must not - match** -- Must match at least this many criteria – Adjust the slider to configure how many sub-criteria must - be matched for the top-level criteria to be considered a match - - - The minimum value is 1 - - The maximum value is the number of sensitive data sub-criteria that has been added to the - Required matched criteria list - -**CAUTION:** The character distance feature does not account for summaries that are nested within -other summaries. - -- Matches should be within this proximity of characters – Adjust the slider to set the default - character distance required for match hits - - - The minimum value is 0 - - The maximum value is 200 - - Using this feature requires any combination of two or more Regular Expression (Pattern) and - Keyword sub-criteria - -- Include keywords as part of match hits – Select this checkbox to enable the inclusion of keywords - as part of match hits -- Cancel – Exit the Sensitive Data Criteria Editor without saving changes -- Save – Save changes made to the currently selected criteria diff --git a/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md b/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md deleted file mode 100644 index 8cfcb5043c..0000000000 --- a/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md +++ /dev/null @@ -1,36 +0,0 @@ -# Sensitive Data Criteria Editor - -The Sensitive Data Criteria Editor is accessed from the Criteria Tab in the -**Settings** > **Sensitive Data** node. Use the Sensitive Data Criteria Editor to view pre-defined -criteria and to customize or create user-defined criteria. Sensitive Data Criteria can be configured -in individual data collectors that use Sensitive Data Discovery or can be configured to inherit -Sensitive Data Criteria settings from the **Settings** > **Sensitive Data** node. See the -[Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) topic for additional information. - -![Sensitive Data Criteria Editor](/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp) - -The Sensitive Data Criteria Editor contains two sections: - -- Navigation pane – User-configured criteria can be added and removed in the navigation pane using - the Add or Remove options. See the [Navigation Pane](#navigation-pane) topic for additional - information. -- Configuration pane – Displays configured settings for the currently selected criteria in the - navigation pane. See the [Configuration Pane](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/configuration.md) topic for additional information. - -## Navigation Pane - -The navigation pane lists all user-created and pre-configured Sensitive Data criteria. - -![Navigation Pane](/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/navigationpane.webp) - -The options in the Navigation Pane are: - -- Add Criteria – Adds a new criteria under the User Criteria list -- Remove Criteria – Removes a user-created criteria from the User Criteria list -- User Criteria – Lists all user-created criteria -- System Criteria – Lists all pre-configured criteria. For a list of pre-configured System Criteria, - see the [Sensitive Data System Criteria](/docs/accessanalyzer/12.0/sensitive-data-discovery/system-criteria.md) topic for additional information. - - - System Criteria cannot be modified or removed. To use existing System Criteria configurations - in a User Criteria, right-click on a System Criteria and select **Duplicate** from the - right-click menu. A configurable copy of the System Criteria appears under User Criteria. diff --git a/docs/accessanalyzer/12.0/sensitive-data-discovery/overview.md b/docs/accessanalyzer/12.0/sensitive-data-discovery/overview.md deleted file mode 100644 index 4ab6c2b582..0000000000 --- a/docs/accessanalyzer/12.0/sensitive-data-discovery/overview.md +++ /dev/null @@ -1,42 +0,0 @@ -# Sensitive Data Discovery - -Sensitive Data Discovery (SDD) allows Access Analyzer to scan file content for matches to the -sensitive data criteria. There are several pre-defined criteria, but you can also customize existing -criteria or create new criteria. - -**NOTE:** Sensitive Data Discovery requires a special license. If your license includes Sensitive -Data Discovery, then the necessary components for Sensitive Data Discovery are installed during the -Access Analyzer, FSAA Proxy, and SPAA Agent installations. - -Sensitive Data Discovery can be used with any of the following Access Analyzer solutions: - -- AWS Solution -- Dropbox Solution -- Database Solutions - - - Azure SQL Solution - - Db2 Solution - - MongoDB Solution - - MySQL Solution - - Oracle Solution - - PostgreSQL Solution - - Redshift Solution - - SQL Solution - -- Exchange Solution – Only with specific data collectors: - - - EWSMailbox Data Collector - - EWSPublicFolder Data Collector - - ExchangeMailbox Data Collector - -- File System Solution -- SharePoint Solution - -**NOTE:** Changes made in the Sensitive Data Criteria Editor are global for Sensitive Data Discovery -in Access Analyzer. In other words, any changes to criteria affects all solutions using Sensitive -Data Discovery. - -**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the -server. The JDK deployed is prepackaged and does not require any configuration; it has been -preconfigured to work with Access Analyzer and should never be customized through Java. It will not -conflict with other JDKs or Java Runtimes in the same environment. diff --git a/docs/accessanalyzer/12.0/sensitive-data-discovery/supported-formats.md b/docs/accessanalyzer/12.0/sensitive-data-discovery/supported-formats.md deleted file mode 100644 index ff5de2b2a3..0000000000 --- a/docs/accessanalyzer/12.0/sensitive-data-discovery/supported-formats.md +++ /dev/null @@ -1,187 +0,0 @@ -# Supported Formats for Scanning & Metadata - -This topic provides a comprehensive listing of all formats supported by Sensitive Data Discovery. -The list is divided into three major categories: - -- [Scan-able Formats](#scan-able-formats) -- [Metadata Only Formats](#metadata-only-formats) -- [Scans Against Files with no Extensions](#scans-against-files-with-no-extensions) - -## Scan-able Formats - -Sensitive Data Discovery can identify any file type, extract text, and extract metadata from the -following formats. It will also identify file types and extract metadata of any attachments. If the -attachment’s file type is a scan-able format, then it can extract text from the attachment as well. - -### Archive - -| Document Format | Extension | -| --------------------------- | ----------------- | -| 7-zip Archive | .7Z | -| Bzip 2 UNIX Compressed File | .BOZ, .BZ2, .TBZ2 | -| Bzip UNIX Compressed File | .BZ, .TBZ | -| Gzip Compressed Archive | .GZ, .TGZ | -| Java Archive | .JAR | -| UNIX AR Archive | .A, .AR | -| UNIX CPIO Archive | .CPIO | -| UNIX Tar | .TAR | -| XZ Compression Archive | .XZ | -| Zip Archive | .ZIP | - -### Database - -| Database | Data Type | -| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| MYSQL | BIGINT, BINARY, BIT, BLOB, CHAR, DATE, DATETIME, DECIMAL, DOUBLE, ENUM, FLOAT, INT, INTEGER, JSON, LONGBLOB, LONGTEXT, MEDIUMBLOB, MEDIUMINT, MEDIUMTEXT, NCHAR, NUMERIC, NVARCHAR, SET, SMALLINT, TEXT, TIME, TIMESTAMP, TINYBLOB, TINYINT, TINYTEXT, VARBINARY, VARCHAR, YEAR | -| Oracle | ANSISTRING, ANSISTRINGFIXEDLENGTH, BFILE, BLOB, CHAR, CLOB, DATE, DATETIME, DECIMAL, DOUBLE, FLOAT, INT, INT16, INT32, INT64, INTERVALDS, INTERVALYM, LONG, LONGRAW, NCHAR, NCLOB, NUMBER, NVARCHAR2, RAW, SBYTE, SINGLE, STRING, System.String, TIMESTAMP, TIMESTAMPLTZ, VARCHAR2, VARNUMERIC, XMLTYPE | -| PostgreSQL | BIGINT, BIT, BOOLEAN, BYTEA, CHAR, CHARACTER, CHARACTER VARYING, DATE, DOUBLE PRECISION, ENUM, INTEGER, JSON, JSONB, MONEY, NUMERIC, REAL, SERIAL, SMALLINT, SMALLSERIAL, TEST, TEXT, TIMESTAMP, TIME, VARBIT, XML | -| SQL | TEXT, DATE, TIME, DATETIME2, TINYINT, SMALLINT, INT, SMALLDATETIME, REAL, MONEY, DATETIME, FLOAT, NTEXT, DECIMAL, NUMERIC, SMALLMONEY, BIGINT, VARBINARY, VARCHAR, BINARY, CHAR, NVARCHAR, NCHAR, XML, SYSNAME | - -### Document - -| Document Format | Extension | -| -------------------------------------------------- | -------------------------------------- | -| Apple iWork Pages | .PAGES | -| Microsoft Publisher | .PUB | -| Microsoft Word Document / Office Open XML Document | .DOC, .DOCM, .DOCX, .DOT, .DOTM, .DOTX | -| OpenDocument: Text Document | .ODT, .OTH, .OTM, .OTT | -| OpenOffice: Writer Document | .SXW | -| Portable Document Format | .PDF | - -### Email & Messaging - -| Document Format | Extension | -| ---------------------------------------------- | ------------------------ | -| Email Message / Microsoft Outlook Message | .EML, .MBOX, .MIME, .MSG | -| Microsoft Outlook Personal Folders File Format | .OST, .PST | - -### Other - -| Document Format | Extension | -| --------------------------------------------------------------- | ------------------------------------------------- | -| Adobe Font Metric | .ACFM, .AFM, .AMFM | -| Apple iBooks Author Publication Format | .IBOOKS | -| C/C++ Object File | .O | -| C/C++ Shared Library/Object | .SO | -| Core Dump | .DMP | -| Electronic Publication | .EPUB | -| Executable and Linkable Format | .AXF, .BIN, .ELF, .KO, .MOD, .O, .PRX, .PUFF, .SO | -| Hierarchical Data Format File | .H5, .HDF, .HE5 | -| Java Class File | .CLASS | -| MATLAB Binary Data Container | .MAT | -| Microsoft Project | .MPP, .MPT | -| NetCDF (Network Common Data Form) | .NC | -| S/MIME (Secure/Multipurpose Internet Mail Extensions) | .P7C, .P7M | -| S/MIME (Secure/Multipurpose Internet Mail Extensions) Signature | .P7S | -| Transport Neutral Encapsulation Format | .TNEF | -| TrueType Font | .TTC, .TTF | - -### Presentation - -| Document Format | Extension | -| --------------------------------------------------- | ----------------------------------------------------------------------------- | -| Apple iWork Keynote | .KEY | -| Microsoft PowerPoint / Office Open XML Presentation | .PPA, .PPS, .PPT, .PPZ, .PPAM, .PPSM, .PPSX, .PPTM, .PPTX, .POT, .POTX, .THMX | -| OpenDocument: Presentation Document | .ODP, .OTP | - -### Raster Image - -| Document Format | Extension | -| --------------------------------------- | ------------------------------------ | -| Graphics Interchange Format (GIF) | .GIF, .GIFF | -| Joint Photographic Experts Group (JPEG) | .JFI, .JFIF, .JIF, .JPE, .JPEG, .JPG | -| Microsoft Windows Bitmap | .BMP, .DIB | -| Portable Network Graphic | .webp | -| Tagged Image File Format | .TIF, .TIFF | - -**NOTE:** The **FileSystem** > **0.Collection** > **1-SEEK System Scans** job can perform Optical -Character Recognition (OCR) scans for Raster image files by enabling the option on the SDD Audit -Settings page in the File System Access Auditor Data Collector Wizard. This is an option for the -Sensitive Data Scan category. See the -[1-SEEK System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek-system-scans.md) topic for -additional information. - -### Spreadsheet - -| Document Format | Extension | -| -------------------------------------- | --------------------------------------------------------------------------------------- | -| Apple iWork Numbers | .NUMBERS | -| Microsoft Excel Spreadsheet | .XLA, .XLC, .XLD, .XLL, .XLM, .XLR, .XLS, .XLT, .XLW, .XLAM, .XLSM, .XLSX, .XLTM, .XLTX | -| OpenDocument: Chart / Formula Document | .ODC, .ODF, .ODFT, .ODS, .OTC, .OTS | - -### Text & Markup - -| Document Format | Extension | -| -------------------------------------------------------------- | ----------------------- | -| Active Server Pages (ASP) / ASP.NET | .ASP, .ASPX | -| American Newspaper Publishers Association Wire Feeds | .ANPA | -| Atom + XML | .ATOM | -| C++ Source Code | .C, .CC, .CPP, .CXX | -| Compiled HTML | .CHM | -| Extensible HyperText Markup Language | .XHT, .XHTML, .XHTML2 | -| Extensible Markup Language | .XML, .XSD, .XSL | -| FictionBook Document | .FB2 | -| Groovy Source Code | .GROOVY | -| HyperText Markup Language | .HTM, .HTML | -| Java Source Code | .JAVA | -| Microsoft HTML Help | .CHM | -| RDF Site Summary | .RSS | -| Rich Text Format | .RTF | -| Text File (Other) | .CSV, .TEXT, .TSV, .TXT | -| XHTML MP (eXtensible HyperText Markup Language Mobile Profile) | .HTM, .HTML, .XHTML | - -## Metadata Only Formats - -Sensitive Data Discovery can identify file type and extract only metadata from images and -multimedia. The following file formats are supported as metadata only formats. - -### Image Files - -| Document Format | Extension | -| ------------------------------------------ | ----------------------- | -| Favicon | .GIF, .ICO, .JPG, .webp | -| GIMP eXperimental Computing Facility (XCF) | .XCF | -| OpenDocument: Graphics / Image Document | .ODG, .ODI, .OTG, .OTI | -| Wireless Bitmap File Format | .WBMP | - -### Vector Image - -| Document Format | Extension | -| ------------------------ | ------------------------- | -| AutoCad Drawing | .DWG | -| Microsoft Visio Diagram | .VSD, .VSS, .VST, .VSW | -| Photoshop Image | .PSD | -| Scalable Vector Graphics | .SVG, .SVGZ | -| SolidWorks CAD program | .SLDASM, .SLDDRW, .SLDPRT | - -## Scans Against Files with no Extensions - -Files with no extensions can be scanned by modifying the XML file for each job where this type of -scan is desired. Add the following line to the `PerScanExtraScanOptions` section of a job's XML -script: - -``` -true -``` - -This line must be added to a specific location within the XML script. See below: - -``` - - -    false -    2097152 -    false -    true -    0 -     -    100 -    0 -    0 -    true -    false - -``` - -Once this line has been added to the job's XML script and the XML file is saved, files with no -extensions are included in scans for the job. diff --git a/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configuration.md b/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configuration.md new file mode 100644 index 0000000000..56deb6c06c --- /dev/null +++ b/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configuration.md @@ -0,0 +1,110 @@ +# Configuration Pane + +Use the configuration pane to view sub-criteria information for System Criteria and to view, add, +edit, and remove sub-criteria information for User Criteria. + +![Configuration Pane](/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp) + +The information in the configuration pane changes based on the criteria currently selected in the +navigation pane. + +![Options at the top of the configuration pane](/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp) + +The options at the top of the Configuration Pane are: + +**NOTE:** Configuration settings for System Criteria cannot be modified. + +- Navigation Path – Displays information on the current location within the Sensitive Data Criteria + Editor +- Name – Name of the criteria as it is shown in the navigation pane +- Test Criteria Button – Opens the Criteria Tester window to test current criteria configurations. + See the [Criteria Tester Window](#criteria-tester-window) topic for additional information. +- Confidence Level – Displays the current confidence level which indicates how accurate a match is + for a criteria + + - The confidence level is reported on a scale from 0 - 100. The closer the number is to 100, the + more accurate a match is for a criteria. + +- Risk Score – Displays the general level of risk a criteria represents when found in a file that is + not properly secured + + - The risk score can be set to **Low**, **Medium**, or **High** + - Click the **Risk Score** button to change the risk score for user-configured criteria + +- Required matched criteria list – Lists the sub-criteria configured for the currently selected + top-level criteria in the navigation pane. The columns in the table are: + + - Name – Name of the sub-criteria + - Type – Type of sub-criteria: **Keywords**, **Regex**, or **Summary** + - Content – Values associated with the sub-criteria + - Minimum Matches – Minimum number of match hits required for a sub-criteria match hit + - Match Type – Displays whether the sub-criteria **Must match** or **Must not match** + +![Options at the bottom of the configuration pane](/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp) + +The options at the bottom of the configuration pane are: + +**NOTE:** Configuration settings for System Criteria cannot be modified. + +- Add – Add a sub-criteria to the required matched criteria list. The three types of sub-criteria + that can be added are **Keyword**, **Pattern**, and **Summary**. See the following topics for + additional information: + + - [Keyword Criteria](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/keyword.md) + - [Regular Expression (Pattern) Criteria](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.md) + - [Summary Criteria](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/summary.md) + +- Remove – Remove sub-criteria from the Required matched sub-criteria list +- Edit – Edit the currently selected sub-criteria +- Must match at least this many criteria – Adjust the slider to configure how many sub-criteria must + be matched for the sensitive data criteria to be reported + + - The minimum value is 1 + - The maximum value is the number of sensitive data sub-criteria that has been added to the + required matched criteria list + + **CAUTION:** The character distance feature does not account for summaries that are nested + within other summaries. + +- Matches should be within this proximity of characters – Match hits for this criteria should be + within this many characters of one another in order for there to be a match. Adjust the slider to + set the default character distance required for match hits. + + - The minimum value is 0 + - The maximum value is 200 + - Using this feature requires any combination of two or more Regular Expression (Pattern) and + Keyword sub-criteria + +- Include keywords as part of match hits – Select this option to enable the inclusion of keywords as + part of match hits. This option determines whether a match found based on a Keyword Criteria is + reported as a match hit. When this option is selected, any matches found for a word in the Keyword + list is reported as match hit. If this option is not selected, then only matches found based on + Pattern or child Summary Criteria are reported as a match hit. +- Metadata for this criteria – Click the green plus (**+**) button to add a new metadata type for + the criteria. Delete a metadata type by clicking the **X** button in the gray metadata tag. + + - For a list of available out-of-the-box metadata tags, see the + [Default Metadata Tag Values](/docs/accessanalyzer/12.0/sensitivedatadiscovery/metadatatags.md) topic for additional information + +- Cancel – Exit the Sensitive Data Criteria Editor without saving changes +- Save – Save changes made to the current criteria + +## Criteria Tester Window + +Use the Criteria Tester window to test current criteria configurations. + +![Criteria Tester window](/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatester.webp) + +The options in the Criteria Tester are: + +- Use the following sample text – Enter sample text to test against current configured criteria in + the **Use the following sample text** textbox +- Use the following file – Click **Browse** to import a file as sample text to test against + currently configured criteria +- Test Data – Click **Test Data** to test the sample text against currently configured criteria. + Match hits show in the **Test Results** section. +- Test Results – Displays match hits for the sample text typed into the text box. The two tabs under + Test Results are: + + - Criteria – Displays the specific criteria for which the sample text is considered a match + - Matched Data – Displays the sample text that was matched for the configured criteria diff --git a/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/keyword.md b/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/keyword.md new file mode 100644 index 0000000000..3513674cf6 --- /dev/null +++ b/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/keyword.md @@ -0,0 +1,31 @@ +# Keyword Criteria + +Keyword criteria consists of a list of comma-separated words. If any word in the list is found in +the file, it is considered a hit. + +![Keywords window](/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp) + +The options on the Keywords window are: + +- Name – Name of the keyword sub-criteria as it appears in the Configuration window +- Add Keyword – Add a keyword to the Value list +- Remove Keyword – Remove a selected keyword from the Value list +- Import Keyword File – Import keywords from a file +- Export Keyword File – Export keywords as a file +- Match Type – Choose whether keyword matches for the Keyword criteria **Must match** or **Must not + match** +- Case Sensitive Keywords – If enabled, checks letter case when matching keywords +- Count only distinct occurrences – Select the checkbox to enable only distinct occurrences to be + counted during scan jobs +- Apply these keywords to these file components – Select which file components the keywords apply + to: + + - Name + - Contents + - Metadata + +- Look for at least this many occurrences – Adjust the slider to configure how many occurrences are + required for keyword criteria to match + + - The minimum value is 1 + - The maximum value is 10 diff --git a/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.md b/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.md new file mode 100644 index 0000000000..a39f280acd --- /dev/null +++ b/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.md @@ -0,0 +1,43 @@ +# Regular Expression (Pattern) Criteria + +Regular Expression criteria are a set of pattern matching rules that provide a concise and flexible +means for matching strings of text. This criteria type can be used to verify a series of numbers as +potentially valid, for example credit card numbers. + +![Regular Expression window](/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp) + +The options on the Regular Expression window are: + +- Name – Name of the Regular Expression sub-criteria as it appears in the Configuration window +- Expression – Enter the Regular Expression in the Expression text box +- Case Sensitive Expression – Select the checkbox for case sensitive Regular Expression pattern + matching +- Validation – Select a validation method from the Validation drop-down. The default value is **No + validation required**. + + **NOTE:** See the [Sensitive Data System Criteria](/docs/accessanalyzer/12.0/sensitivedatadiscovery/systemcriteria.md) topic for additional + information on validation methods. + +- Sample Value – Text entered into the Sample Value text box is used to test pattern matches for the + expression in the Expression text box +- Test Match – Click **Test Match** to test the expression entered in the Expression text box + against the text in the Sample Value text box +- Match Type – Choose whether pattern matches for the Regular Expression criteria **Must match** or + **Must not match** + + - Must match – The Regular Expression must be matched for there to be a match + - Must not match – If the Regular Expression is matched and is designated **Must not match**, + then the potential match is invalidated + +- Apply this expression to these file components – Select which file components the expression + applies to: + + - Name + - Contents + - Metadata + +- Look for at least this many occurrences – Adjust the slider to configure how many occurrences are + required for a match hit + + - The minimum value is 1 + - The maximum value is 10 diff --git a/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/summary.md b/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/summary.md new file mode 100644 index 0000000000..f96b29754f --- /dev/null +++ b/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/summary.md @@ -0,0 +1,55 @@ +# Summary Criteria + +Summary criteria are designed as a way of combining Regular Expression (Pattern) criteria and +Keyword criteria. + +![Edit new Summary criteria](/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp) + +Click **Add** and select **Summary** to add a new Summary criteria to the Required matched criteria +list. Select the new criteria and click **Edit** to configure the new Summary criteria. + +![Summary criteria configuration page](/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp) + +The options on the Summary criteria configuration page are: + +- Name – Name of the Summary sub-criteria +- Test Criteria – Opens the Criteria Tester window to test current Summary criteria configurations. + See the [Criteria Tester Window](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configuration.md#criteria-tester-window) topic for additional + information. +- Required matched criteria – Lists sub-criteria configured for currently selected criteria in the + navigation pane. The columns in the table are: + + - Name – Name of the sub-criteria + - Type – Type of sub-criteria (**Keyword**, **Regex**, or **Summary**) + - Content – Values associated with sub-criteria + - Minimum Matches – Minimum matches required for a match hit + - Match Type – Displays whether the sub-criteria **Must match** or **Must not match** + +- Add – Add a sub-criteria to the required matched criteria list. The three types of sub-criteria + that can be added are **Keyword**, **Pattern**, and **Summary**. +- Remove – Remove the selected sub-criteria from the Required matched criteria list +- Edit – Edit the currently selected sub-criteria +- Match Type – Choose whether match hits for the Summary criteria **Must match** or **Must not + match** +- Must match at least this many criteria – Adjust the slider to configure how many sub-criteria must + be matched for the top-level criteria to be considered a match + + - The minimum value is 1 + - The maximum value is the number of sensitive data sub-criteria that has been added to the + Required matched criteria list + +**CAUTION:** The character distance feature does not account for summaries that are nested within +other summaries. + +- Matches should be within this proximity of characters – Adjust the slider to set the default + character distance required for match hits + + - The minimum value is 0 + - The maximum value is 200 + - Using this feature requires any combination of two or more Regular Expression (Pattern) and + Keyword sub-criteria + +- Include keywords as part of match hits – Select this checkbox to enable the inclusion of keywords + as part of match hits +- Cancel – Exit the Sensitive Data Criteria Editor without saving changes +- Save – Save changes made to the currently selected criteria diff --git a/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md b/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md new file mode 100644 index 0000000000..5b02bb5779 --- /dev/null +++ b/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md @@ -0,0 +1,36 @@ +# Sensitive Data Criteria Editor + +The Sensitive Data Criteria Editor is accessed from the Criteria Tab in the +**Settings** > **Sensitive Data** node. Use the Sensitive Data Criteria Editor to view pre-defined +criteria and to customize or create user-defined criteria. Sensitive Data Criteria can be configured +in individual data collectors that use Sensitive Data Discovery or can be configured to inherit +Sensitive Data Criteria settings from the **Settings** > **Sensitive Data** node. See the +[Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) topic for additional information. + +![Sensitive Data Criteria Editor](/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp) + +The Sensitive Data Criteria Editor contains two sections: + +- Navigation pane – User-configured criteria can be added and removed in the navigation pane using + the Add or Remove options. See the [Navigation Pane](#navigation-pane) topic for additional + information. +- Configuration pane – Displays configured settings for the currently selected criteria in the + navigation pane. See the [Configuration Pane](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configuration.md) topic for additional information. + +## Navigation Pane + +The navigation pane lists all user-created and pre-configured Sensitive Data criteria. + +![Navigation Pane](/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/navigationpane.webp) + +The options in the Navigation Pane are: + +- Add Criteria – Adds a new criteria under the User Criteria list +- Remove Criteria – Removes a user-created criteria from the User Criteria list +- User Criteria – Lists all user-created criteria +- System Criteria – Lists all pre-configured criteria. For a list of pre-configured System Criteria, + see the [Sensitive Data System Criteria](/docs/accessanalyzer/12.0/sensitivedatadiscovery/systemcriteria.md) topic for additional information. + + - System Criteria cannot be modified or removed. To use existing System Criteria configurations + in a User Criteria, right-click on a System Criteria and select **Duplicate** from the + right-click menu. A configurable copy of the System Criteria appears under User Criteria. diff --git a/docs/accessanalyzer/12.0/sensitive-data-discovery/exempted-file-extensions.md b/docs/accessanalyzer/12.0/sensitivedatadiscovery/exemptedfileextensions.md similarity index 100% rename from docs/accessanalyzer/12.0/sensitive-data-discovery/exempted-file-extensions.md rename to docs/accessanalyzer/12.0/sensitivedatadiscovery/exemptedfileextensions.md diff --git a/docs/accessanalyzer/12.0/sensitive-data-discovery/metadata-tags.md b/docs/accessanalyzer/12.0/sensitivedatadiscovery/metadatatags.md similarity index 100% rename from docs/accessanalyzer/12.0/sensitive-data-discovery/metadata-tags.md rename to docs/accessanalyzer/12.0/sensitivedatadiscovery/metadatatags.md diff --git a/docs/accessanalyzer/12.0/sensitivedatadiscovery/overview.md b/docs/accessanalyzer/12.0/sensitivedatadiscovery/overview.md new file mode 100644 index 0000000000..bde6e904aa --- /dev/null +++ b/docs/accessanalyzer/12.0/sensitivedatadiscovery/overview.md @@ -0,0 +1,42 @@ +# Sensitive Data Discovery + +Sensitive Data Discovery (SDD) allows Access Analyzer to scan file content for matches to the +sensitive data criteria. There are several pre-defined criteria, but you can also customize existing +criteria or create new criteria. + +**NOTE:** Sensitive Data Discovery requires a special license. If your license includes Sensitive +Data Discovery, then the necessary components for Sensitive Data Discovery are installed during the +Access Analyzer, FSAA Proxy, and SPAA Agent installations. + +Sensitive Data Discovery can be used with any of the following Access Analyzer solutions: + +- AWS Solution +- Dropbox Solution +- Database Solutions + + - Azure SQL Solution + - Db2 Solution + - MongoDB Solution + - MySQL Solution + - Oracle Solution + - PostgreSQL Solution + - Redshift Solution + - SQL Solution + +- Exchange Solution – Only with specific data collectors: + + - EWSMailbox Data Collector + - EWSPublicFolder Data Collector + - ExchangeMailbox Data Collector + +- File System Solution +- SharePoint Solution + +**NOTE:** Changes made in the Sensitive Data Criteria Editor are global for Sensitive Data Discovery +in Access Analyzer. In other words, any changes to criteria affects all solutions using Sensitive +Data Discovery. + +**NOTE:** The appropriate JDK (Java) version for Sensitive Data Discovery is installed on the +server. The JDK deployed is prepackaged and does not require any configuration; it has been +preconfigured to work with Access Analyzer and should never be customized through Java. It will not +conflict with other JDKs or Java Runtimes in the same environment. diff --git a/docs/accessanalyzer/12.0/sensitivedatadiscovery/supportedformats.md b/docs/accessanalyzer/12.0/sensitivedatadiscovery/supportedformats.md new file mode 100644 index 0000000000..e244c25b47 --- /dev/null +++ b/docs/accessanalyzer/12.0/sensitivedatadiscovery/supportedformats.md @@ -0,0 +1,187 @@ +# Supported Formats for Scanning & Metadata + +This topic provides a comprehensive listing of all formats supported by Sensitive Data Discovery. +The list is divided into three major categories: + +- [Scan-able Formats](#scan-able-formats) +- [Metadata Only Formats](#metadata-only-formats) +- [Scans Against Files with no Extensions](#scans-against-files-with-no-extensions) + +## Scan-able Formats + +Sensitive Data Discovery can identify any file type, extract text, and extract metadata from the +following formats. It will also identify file types and extract metadata of any attachments. If the +attachment’s file type is a scan-able format, then it can extract text from the attachment as well. + +### Archive + +| Document Format | Extension | +| --------------------------- | ----------------- | +| 7-zip Archive | .7Z | +| Bzip 2 UNIX Compressed File | .BOZ, .BZ2, .TBZ2 | +| Bzip UNIX Compressed File | .BZ, .TBZ | +| Gzip Compressed Archive | .GZ, .TGZ | +| Java Archive | .JAR | +| UNIX AR Archive | .A, .AR | +| UNIX CPIO Archive | .CPIO | +| UNIX Tar | .TAR | +| XZ Compression Archive | .XZ | +| Zip Archive | .ZIP | + +### Database + +| Database | Data Type | +| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| MYSQL | BIGINT, BINARY, BIT, BLOB, CHAR, DATE, DATETIME, DECIMAL, DOUBLE, ENUM, FLOAT, INT, INTEGER, JSON, LONGBLOB, LONGTEXT, MEDIUMBLOB, MEDIUMINT, MEDIUMTEXT, NCHAR, NUMERIC, NVARCHAR, SET, SMALLINT, TEXT, TIME, TIMESTAMP, TINYBLOB, TINYINT, TINYTEXT, VARBINARY, VARCHAR, YEAR | +| Oracle | ANSISTRING, ANSISTRINGFIXEDLENGTH, BFILE, BLOB, CHAR, CLOB, DATE, DATETIME, DECIMAL, DOUBLE, FLOAT, INT, INT16, INT32, INT64, INTERVALDS, INTERVALYM, LONG, LONGRAW, NCHAR, NCLOB, NUMBER, NVARCHAR2, RAW, SBYTE, SINGLE, STRING, System.String, TIMESTAMP, TIMESTAMPLTZ, VARCHAR2, VARNUMERIC, XMLTYPE | +| PostgreSQL | BIGINT, BIT, BOOLEAN, BYTEA, CHAR, CHARACTER, CHARACTER VARYING, DATE, DOUBLE PRECISION, ENUM, INTEGER, JSON, JSONB, MONEY, NUMERIC, REAL, SERIAL, SMALLINT, SMALLSERIAL, TEST, TEXT, TIMESTAMP, TIME, VARBIT, XML | +| SQL | TEXT, DATE, TIME, DATETIME2, TINYINT, SMALLINT, INT, SMALLDATETIME, REAL, MONEY, DATETIME, FLOAT, NTEXT, DECIMAL, NUMERIC, SMALLMONEY, BIGINT, VARBINARY, VARCHAR, BINARY, CHAR, NVARCHAR, NCHAR, XML, SYSNAME | + +### Document + +| Document Format | Extension | +| -------------------------------------------------- | -------------------------------------- | +| Apple iWork Pages | .PAGES | +| Microsoft Publisher | .PUB | +| Microsoft Word Document / Office Open XML Document | .DOC, .DOCM, .DOCX, .DOT, .DOTM, .DOTX | +| OpenDocument: Text Document | .ODT, .OTH, .OTM, .OTT | +| OpenOffice: Writer Document | .SXW | +| Portable Document Format | .PDF | + +### Email & Messaging + +| Document Format | Extension | +| ---------------------------------------------- | ------------------------ | +| Email Message / Microsoft Outlook Message | .EML, .MBOX, .MIME, .MSG | +| Microsoft Outlook Personal Folders File Format | .OST, .PST | + +### Other + +| Document Format | Extension | +| --------------------------------------------------------------- | ------------------------------------------------- | +| Adobe Font Metric | .ACFM, .AFM, .AMFM | +| Apple iBooks Author Publication Format | .IBOOKS | +| C/C++ Object File | .O | +| C/C++ Shared Library/Object | .SO | +| Core Dump | .DMP | +| Electronic Publication | .EPUB | +| Executable and Linkable Format | .AXF, .BIN, .ELF, .KO, .MOD, .O, .PRX, .PUFF, .SO | +| Hierarchical Data Format File | .H5, .HDF, .HE5 | +| Java Class File | .CLASS | +| MATLAB Binary Data Container | .MAT | +| Microsoft Project | .MPP, .MPT | +| NetCDF (Network Common Data Form) | .NC | +| S/MIME (Secure/Multipurpose Internet Mail Extensions) | .P7C, .P7M | +| S/MIME (Secure/Multipurpose Internet Mail Extensions) Signature | .P7S | +| Transport Neutral Encapsulation Format | .TNEF | +| TrueType Font | .TTC, .TTF | + +### Presentation + +| Document Format | Extension | +| --------------------------------------------------- | ----------------------------------------------------------------------------- | +| Apple iWork Keynote | .KEY | +| Microsoft PowerPoint / Office Open XML Presentation | .PPA, .PPS, .PPT, .PPZ, .PPAM, .PPSM, .PPSX, .PPTM, .PPTX, .POT, .POTX, .THMX | +| OpenDocument: Presentation Document | .ODP, .OTP | + +### Raster Image + +| Document Format | Extension | +| --------------------------------------- | ------------------------------------ | +| Graphics Interchange Format (GIF) | .GIF, .GIFF | +| Joint Photographic Experts Group (JPEG) | .JFI, .JFIF, .JIF, .JPE, .JPEG, .JPG | +| Microsoft Windows Bitmap | .BMP, .DIB | +| Portable Network Graphic | .webp | +| Tagged Image File Format | .TIF, .TIFF | + +**NOTE:** The **FileSystem** > **0.Collection** > **1-SEEK System Scans** job can perform Optical +Character Recognition (OCR) scans for Raster image files by enabling the option on the SDD Audit +Settings page in the File System Access Auditor Data Collector Wizard. This is an option for the +Sensitive Data Scan category. See the +[1-SEEK System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek_system_scans.md) topic for +additional information. + +### Spreadsheet + +| Document Format | Extension | +| -------------------------------------- | --------------------------------------------------------------------------------------- | +| Apple iWork Numbers | .NUMBERS | +| Microsoft Excel Spreadsheet | .XLA, .XLC, .XLD, .XLL, .XLM, .XLR, .XLS, .XLT, .XLW, .XLAM, .XLSM, .XLSX, .XLTM, .XLTX | +| OpenDocument: Chart / Formula Document | .ODC, .ODF, .ODFT, .ODS, .OTC, .OTS | + +### Text & Markup + +| Document Format | Extension | +| -------------------------------------------------------------- | ----------------------- | +| Active Server Pages (ASP) / ASP.NET | .ASP, .ASPX | +| American Newspaper Publishers Association Wire Feeds | .ANPA | +| Atom + XML | .ATOM | +| C++ Source Code | .C, .CC, .CPP, .CXX | +| Compiled HTML | .CHM | +| Extensible HyperText Markup Language | .XHT, .XHTML, .XHTML2 | +| Extensible Markup Language | .XML, .XSD, .XSL | +| FictionBook Document | .FB2 | +| Groovy Source Code | .GROOVY | +| HyperText Markup Language | .HTM, .HTML | +| Java Source Code | .JAVA | +| Microsoft HTML Help | .CHM | +| RDF Site Summary | .RSS | +| Rich Text Format | .RTF | +| Text File (Other) | .CSV, .TEXT, .TSV, .TXT | +| XHTML MP (eXtensible HyperText Markup Language Mobile Profile) | .HTM, .HTML, .XHTML | + +## Metadata Only Formats + +Sensitive Data Discovery can identify file type and extract only metadata from images and +multimedia. The following file formats are supported as metadata only formats. + +### Image Files + +| Document Format | Extension | +| ------------------------------------------ | ----------------------- | +| Favicon | .GIF, .ICO, .JPG, .webp | +| GIMP eXperimental Computing Facility (XCF) | .XCF | +| OpenDocument: Graphics / Image Document | .ODG, .ODI, .OTG, .OTI | +| Wireless Bitmap File Format | .WBMP | + +### Vector Image + +| Document Format | Extension | +| ------------------------ | ------------------------- | +| AutoCad Drawing | .DWG | +| Microsoft Visio Diagram | .VSD, .VSS, .VST, .VSW | +| Photoshop Image | .PSD | +| Scalable Vector Graphics | .SVG, .SVGZ | +| SolidWorks CAD program | .SLDASM, .SLDDRW, .SLDPRT | + +## Scans Against Files with no Extensions + +Files with no extensions can be scanned by modifying the XML file for each job where this type of +scan is desired. Add the following line to the `PerScanExtraScanOptions` section of a job's XML +script: + +``` +true +``` + +This line must be added to a specific location within the XML script. See below: + +``` + + +    false +    2097152 +    false +    true +    0 +     +    100 +    0 +    0 +    true +    false + +``` + +Once this line has been added to the job's XML script and the XML file is saved, files with no +extensions are included in scans for the job. diff --git a/docs/accessanalyzer/12.0/sensitive-data-discovery/system-criteria.md b/docs/accessanalyzer/12.0/sensitivedatadiscovery/systemcriteria.md similarity index 100% rename from docs/accessanalyzer/12.0/sensitive-data-discovery/system-criteria.md rename to docs/accessanalyzer/12.0/sensitivedatadiscovery/systemcriteria.md diff --git a/docs/accessanalyzer/12.0/solutions/active-directory-inventory/1-ad-scan.md b/docs/accessanalyzer/12.0/solutions/active-directory-inventory/1-ad-scan.md deleted file mode 100644 index fffd406f51..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory-inventory/1-ad-scan.md +++ /dev/null @@ -1,179 +0,0 @@ -# 1-AD_Scan Job - -The 1-AD_Scan Job collects data from Active Directory. In most environments, this job requires no -additional customizations before running it. Optionally, the job can be configured to scope scan -options and to collect custom attributes. For enable SSL encryption for communication with Active -Directory, see the [Enable SSL Option](#enable-ssloption) topic for additional information. - -## Queries for the 1-AD Scan Job - -The 1-AD_Scan Job uses the ADInventory Data Collector for the following query: - -![Queries for the 1-AD Scan Job](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scanqueries.webp) - -- AD Inventory – Targets a domain controller to collect inventory data for user, group, and computer - objects - - - This query can be modified. See the - [Customize the 1-AD_Scan Query](#customize-the-1-ad_scan-query) topic for additional - information. - -### Customize the 1-AD_Scan Query - -The 1-AD_Scan Job has been preconfigured to run with the default settings with the category of Scan -Active Directory. Follow the steps to set any desired customizations to scan options or to collect -custom attributes. - -**Step 1 –** Navigate to the **.Active Directory Inventory** > **1-AD_Scan** > **Configure** node -and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Active Directory Inventory -DC Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Active Directory Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptions.webp) - -**Step 4 –** (Optional) On the Options page, you can: - -- Enable encrypted communication with Active Directory (SSL) -- Configure the differential scan settings using the **Collect only updates since last - scan** settings - -See the [ADInventory: Options](/docs/accessanalyzer/12.0/data-collection/ad-inventory/options.md) topic for more -information. - -![Active Directory Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp) - -**Step 5 –** (Optional) On the Custom Attributes page, add any desired custom attributes to be used -in the Active Directory scan. See the -[ADInventory: Custom Attributes](/docs/accessanalyzer/12.0/data-collection/ad-inventory/custom-attributes.md) -topic for additional information. - -**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -**NOTE:** In order for the Access Information Center to populate NFS permissions within File System -reports, the .Active Directory Inventory Job Group must be configured to collect the **uid** and -**uidNumber** attributes for Users. See the -[NFS Permissions for the AIC ](#nfs-permissions-for-the-aic) topic for additional information. - -The 1-AD_Scan Job is now ready to run with the customized settings. If any custom attributes are -added to the data collection, the **Create Extended Attributes View** analysis task can be enabled -in order to have visibility into the collected data. - -## Analysis Tasks for the 1-AD_Scan Job - -View the analysis tasks by navigating to the **.Active Directory Inventory** > **1-AD_Scan** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 1-AD_Scan Job](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scananalysis.webp) - -The following analysis tasks are selected by default: - -- Import functions – Imports effective group membership function into the database -- Create Extended Attributes View – Creates the SA_ADInventory_ExtendedAttributesView for Custom - Attributes that have been added to the query -- Summarize Domains – Creates the SA_ADInventory_Report_DomainSummary table -- Summarize Stats – Creates the SA_ADInventory_Summary table - -The following analysis tasks never need to be selected as they are only needed to restore views that -have been accidentally hidden: - -- Bring User View To Console – Restores the SA_ADInventory_UsersView to be visible within the Access - Analyzer Console if it is hidden -- Bring Group Members View To Console – Restores the SA_ADInventory_GroupMembersView to be visible - within the Access Analyzer Console if it is hidden -- Bring Group View To Console – Restores the SA_ADInventory_GroupsView to be visible within the - Access Analyzer Console if it is hidden -- Bring Computers View to Console – Restores the SA_ADInventory_ComputersView to be visible within - the Access Analyzer Console if it is hidden -- Remove ADI Stored Procedures – Removes the built-in ADI stored procedures - -In addition to the tables and views explained in the -[Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/standard-tables.md) -topic, the 1-AD_Scan Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Active Directory Summary | This report provides a summary of all audited domains and objects. | None | This report is comprised of four elements: - Table – Displays general statistics in the Users, Groups, and Computers in All Audited Domains - Pie Chart – Displays Principals by Object Class - Pie Chart – Displays Principals by Audited Domain - Table – Displays detailed statistical information for each of the AD objects | - -## NFS Permissions for the AIC - -In order for the Access Information Center to populate NFS resources within all File System -permissions and resource audit reports, the .Active Directory Inventory Job Group must be configured -to collect the following custom attributes for Users: - -- uid -- uidNumber - -Follow the steps to add the custom attributes. - -**Step 1 –** Navigate to the Active Directory Inventory DC Wizard for the AD Inventory Query within -the 1-AD_Scan Job. - -![Active Directory Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp) - -**Step 2 –** Navigate to the Options page. Ensure the **Collect only updates since last scan** -option is deselected. - -**NOTE:** Whenever query configurations are modified, it is necessary to do a full scan. After the -first full scan, differential scanning can be re-enabled. - -![Active Directory Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp) - -**Step 3 –** Use the **Next** button to navigate to the Custom Attributes page. Add both **uid** and -**uidNumber** attributes to the existing list of custom attributes. See the -[ADInventory: Custom Attributes](/docs/accessanalyzer/12.0/data-collection/ad-inventory/custom-attributes.md) -topic for additional information. - -- **uid** attribute: - - - Domain Filter – \* - - Object Class – User - - Attribute Name – uid - -- **uidNumber** attribute: - - - Domain Filter – \* - - Object Class – User - - Attribute Name – uidNumber - -**Step 4 –** Use the **Next** button to navigate to the Summary page and click **Finish**. The -Active Directory Inventory DC Wizard closes. Click **OK** to close the Query Properties window. - -**Step 5 –** Run the .Active Directory Inventory Job Group either manually or through a scheduled -task. - -The .Active Directory Inventory Job Group is now collecting attributes required for NFS data to be -visible within the Access Information Center. - -_Remember,_ it is necessary to re-enable differential scanning after Step 5 if desired. - -See the Resource Audit topics in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -## Enable SSL Option - -Follow the steps to enable SSL encryption for communications with Active Directory: - -**Step 1 –** Navigate to the **1-AD_Scan > Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query -Properties window opens. - -**Step 3 –** Go to the Options page and select the **Encrypt communication with Active Directory -(SSL)** checkbox. Click **Next**. - -**Step 4 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The job will now use SSL encryption to query Active Directory. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory-inventory/2-ad-changes.md b/docs/accessanalyzer/12.0/solutions/active-directory-inventory/2-ad-changes.md deleted file mode 100644 index a94d966456..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory-inventory/2-ad-changes.md +++ /dev/null @@ -1,173 +0,0 @@ -# 2-AD_Changes Job - -The 2-AD_Changes Job tracks changes within all scanned domains. Reports in the job highlight Active -Directory changes which have occurred since the last time the .Active Directory Inventory Job Group -was run. It is dependent on the running of the 1-AD_Scan Job, also located in the .Active Directory -Inventory Job Group. - -The 1-AD_Scan Job must have the Query Option to **Track changes into Change tracking tables** -selected in order for the Analysis Tasks in the 2-AD_Changes Job to work. See Step 4 of the -[Customize the 1-AD_Scan Query](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/1-ad-scan.md#customize-the-1-ad_scan-query) topic for additional -information. - -## Analysis Tasks for the 2-AD_Changes Job - -View the analysis tasks by navigating to the **.Active Directory Inventory** > **2-AD_Changes** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 2-AD_Changes Job](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/changesanalysis.webp) - -The following analysis tasks are selected by default: - -- Org Changes - - - Creates the SA_AD_Changes_OrganizationalChanges table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -- Analyze Group Changes – Creates the SA_AD_Changes_GroupAnalysis table accessible under the job’s - Results node -- Attribute Changes - - - Creates the SA_AD_Changes_AttributeChangeDetails table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -- User Account Status - - - Creates the SA_AD_Changes_UserAccountStatus table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -- Group Membership Changes - - - Creates the SA_AD_Changes_GroupMembershipChanges table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -- Object Moves - - - Creates the SA_AD_Changes_ObjectMoves table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -- New Principals – Creates interim processing tables in the database for use by downstream analysis - and report generation -- Deleted Principals - - - Creates the SA_AD_Changes_DeletedPrincipals table accessible under the job’s Results node - - Creates interim processing tables in the database for use by downstream analysis and report - generation - -The Notification analysis tasks are optional and require configuration before enabling them. The -following analysis tasks are deselected by default: - -- Domain Admin Changes – Alerts when Domain Admins Group membership changes occur - - - Importance – Security, as this is a Sensitive Security Group - -- Empty Groups – Alerts when group membership changes result in an empty group - - - Importance – AD Clean-up - -- Circular Nesting – Alerts when group membership changes result in a group effectively containing - itself - - - Importance – Security and AD Clean-up - -- Stale Membership – Alerts when group members become stale - - - Importance – Security and AD Clean-up - -- Large Change – Alerts when group membership changes result in a group becoming large - - - Importance – Security - -- Disabled Users – Alerts when user accounts become disabled - - - Importance – Security - -- Locked out Users – Alerts when user accounts become locked-out - - - Importance – Security  and Employee Productivity - -- Alert on New Principals – Alerts when new user, group, or computer objects are created - - - Importance – Security and AD Clean-up - -- Alert on Deleted Users – Alerts when user accounts are deleted - - - Importance – Security  and Employee Productivity - -Notification must have recipients configured for the analysis task. Optionally, the email subject -and body can be modified. See the -[Notification Analysis Tasks for the 2-AD_Changes Job](#notification-analysis-tasks-for-the-2-ad_changes-job) -topic for additional information. - -In addition to the tables and views created by the analysis tasks, the 2-AD_Changes Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------------------------- | ------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Attribute Changes | This report tracks attribute changes within Active Directory. | None | This report is comprised of three elements: - Bar graph – Displays Attribute Changes (Past 24 Hours) - Table – Provides details on attribute changes (Past 24 Hours) - Table – Provides details on changes | -| Group Membership Changes (A.K.A. Most Active Groups) | This report tracks group membership changes in Active Directory. | None | This report is comprised of three elements: - Bar graph – Displays Most Active Groups (Past 24 Hours) - Table – Provides details on the most active groups (Past 24 Hours) - Table – Provides details on the most active groups | -| New Principals | This report identifies when principals have been created on the targeted domains. | None | This report is comprised of two elements: - Bar graph – Displays New Principals by Domain (Past 24 Hours) - Table – Provides details on the new principals by domain | -| Object Moves | This report tracks object moves in Active Directory. | None | This report is comprised of two elements: - Table – Displays Most Active OUs (Past 24 Hours) - Table – Provides details on the most active OUs | -| Org Changes (A.K.A. Organizational Changes) | This report tracks organizational moves such as manager, title or department changes. | None | This report is comprised of three elements: - Bar graph – Displays Organizational Changes (Past 24 Hours) - Table – Provides details on organizational changes (Past 24 Hours) - Table – Provides details on the organizational changes | -| Principal Deletions (A.K.A. Past 24 Hours) | This report identifies when principals have been deleted from the targeted domains. | None | This report is comprised of three elements: - Bar graph – Displays Deleted Principals by Domain (Past 24 Hours) - Table – Provides details on deleted principals by domain (Past 24 Hours) - Table – Provides details on the principals by domain | -| User Account Status Changes | This report tracks user account status changes. | None | This report is comprised of three elements: - Bar graph – Displays User Account Control Changes (Past 24 Hours) - Table – Provides details on user account control changes (Past 24 Hours) - Table – Provides details on the user account control changes | - -### Notification Analysis Tasks for the 2-AD_Changes Job - -In order for Access Analyzer to send email notifications, it is necessary for the **Settings** > -**Notification** node to be properly configured. See the -[Notification](/docs/accessanalyzer/12.0/administration/settings/notification.md) topic for instructions on enabling the Access -Analyzer Console to send email notifications. Once email notifications have been enabled, the -individual notification analysis tasks can be configured and enabled. Follow the steps to configure -a notification analysis task. - -**Step 1 –** Navigate to the **.Active Directory Inventory** > **2-AD_Changes** > **Configure** node -and select **Analysis**. - -![Notification Analysis Tasks for the 2-AD_Changes Job](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/changesanalysisnotification.webp) - -**Step 2 –** In the Analysis Selection view, select the desired notification analysis task and click -**Analysis Configuration**. The Notification Data Analysis Module opens. - -![Notification Data Analysis Module SMTP properties page](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtp.webp) - -**CAUTION:** Do not make changes to the pages preceding the SMTP page. - -**Step 3 –** Use the **Next** button to navigate to the email configuration SMTP page. - -![Recipients section of SMTP properties page](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp) - -**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully -qualified address) for those who are to receive this notification. Multiple addresses can be -provided. You can use the following options: - -- Add – Add an email address to the E-mail field -- Remove – Remove an email address from the Recipients list -- Combine multiple messages into single message – Sends one email for all objects in the record set - instead of one email per object to all recipients - -![Message section of SMTP properties page](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp) - -**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any -parameters. Then, customize the email content in the textbox to provide an explanation of the -notification to the recipients. - -**Step 6 –** Click **Next** to save these configuration changes and navigate to the Summary page. Do -not make changes to any other pages. Click **Finish**. The Notification Data Analysis Module window -closes. - -**Step 7 –** This notification analysis task is now configured to send emails. In the Analysis -Selection view, select the task checkbox. - -**Step 8 –** Repeat this process for each desired notification analysis task. - -Configured and enabled notifications now send alerts automatically during the execution of the -2-AD_Changes Job. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory-inventory/3-ad-exceptions.md b/docs/accessanalyzer/12.0/solutions/active-directory-inventory/3-ad-exceptions.md deleted file mode 100644 index f083999cb6..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory-inventory/3-ad-exceptions.md +++ /dev/null @@ -1,140 +0,0 @@ -# 3-AD_Exceptions Job - -The 3-AD_Exceptions Job identifies toxic conditions that exist within Active Directory which may -leave your environment at risk or add unnecessary administrative overhead. It is dependent on -running the 1-AD_Scan Job, also located in the .Active Directory Inventory Job Group. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The 3-AD_Exceptions Job has the following configurable parameters: - -- Threshold of group members -- Threshold of nesting -- Threshold necessary to identify a stale group (0-100%) -- Whether to include disabled users that are stale -- Whether to include expired users that are stale -- Threshold for token size -- List of administrative groups - -See the -[Customize Analysis Parameters for the 3-AD_Exceptions Job](#customize-analysis-parameters-for-the-3-ad_exceptions-job) -topic for additional information. - -## Analysis Tasks for the 3-AD_Exceptions Job - -View the analysis tasks by navigating to the **.Active Directory Inventory** > **3-AD_Exceptions** > -**Configure** node and select **Analysis**. Analysis tasks with configuration parameters that define -the security concerns within them can be modified. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 3-AD_Exceptions Job](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/exceptionsanalysis.webp) - -The following analysis tasks are selected by default: - -- Large Groups - - - Identifies groups that exceeded the defined threshold for effective group membership - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of a large group can be customized - -- Deeply Nested Groups - - - Identifies groups that exceeded the defined threshold of deep levels of membership nesting - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of a deeply nested group can be customized - -- Circular Nesting - - - Identifies groups with circular references in their effective membership - - Populates processing tables in the database for use by downstream analysis and report - generation - -- Empty Groups - - - Identifies groups with no membership - - Populates processing tables in the database for use by downstream analysis and report - generation - -- Single Member Groups - - - Identifies groups with a single direct member - - Populates processing tables in the database for use by downstream analysis and report - generation - -- Stale Users - - - Identifies user accounts that are expired, are disabled, or have exceeded the defined - threshold of inactivity - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of a stale user can be customized - -- Stale Membership - - - Identifies groups with a high percentage of effective members that are stale users - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of stale membership can be customized - -- Large Token - - - Identifies users that exceeded the defined threshold for effective membership in authorization - groups - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of a large token can be customized - -- Historical SID Tampering - - - Identifies users that have a historical SID from their current domain - - Populates processing tables in the database for use by downstream analysis and report - generation - -- Admin Historical SID - - - Identifies users that have a historical SID from an administrator account - - Populates processing tables in the database for use by downstream analysis and report - generation - - Definition of an administrator group can be customized - -- Display Exceptions View – Creates the SA_ADInventory_ExceptionsView accessible under the job’s - Results node -- Summarize Exceptions Count – Generates data used in the Exceptions report - -In addition to the tables and views created by the analysis tasks, the 3-AD_Exceptions Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------- | ---------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Exceptions Summary (A.K.A. AD Exceptions) | This report summarizes common issues with user accounts and group membership | None | This report is comprised of three elements: - Pie Chart – Displays exceptions by class - Table – Provides exceptions by count - Table – Provides details on exceptions | - -### Customize Analysis Parameters for the 3-AD_Exceptions Job - -Exception definitions that can be customized have the following default values for the customizable -parameters: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| -------------------- | --------------------------- | --------------------------------------------------- | --------------------------------------------------------------------- | -| Large Groups | @LARGE_THRESHOLD | 10 | A group object with 10 members or more | -| Deeply Nested Groups | @NESTING_THRESHOLD | 1 | A group object nested 1 level or deeper within another group object | -| Stale Users | @STALE_THRESHOLD | 60 | A user object that has been inactive for 60 days or more | -| | @INCLUDE_DISABLED | True | A user object that has been disabled | -| | @INCLUDE_EXPIRED | True | A user object that has expired | -| Stale Membership | @STALE_THRESHOLD | 10 | A group with 10% of its effective members are stale users | -| Large Token | @TOKEN_THRESHOLD | 10 | A user object with effective membership in more than 10 group objects | -| Admin Historical SID | #ADMIN_GROUPS | - Domain Admins - Enterprise Admins - Schema Admins | List of administrative groups | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for instructions to modify the parameters. See the -[AD Exception Types Translated](/docs/accessanalyzer/12.0/data-collection/ad-inventory/standard-tables.md#ad-exception-types-translated) -topic for an explanation of Exception Types. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory-inventory/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory-inventory/overview.md deleted file mode 100644 index 8ca9b1a003..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory-inventory/overview.md +++ /dev/null @@ -1,61 +0,0 @@ -# .Active Directory Inventory Solution - -Active Directory (AD) acts as the central nervous system of any Microsoft environment and plays a -vital role in granting access to resources such as Exchange, File Systems, SharePoint, and SQL -Server. The .Active Directory Inventory Solution is designed to provide essential user, group -membership, and computer details from the targeted domains to many Access Analyzer built-in -solutions. Key information includes user status, user attributes, and group membership. The -collected data is accessed by other Access Analyzer solutions and the Netwrix Access Information -Center for analysis. - -**NOTE:** This solution is required for using the Access Information Center. - -This topic covers information on using the ADInventory Data Collector and the .Active Directory -Inventory Job Group. - -Supported Platforms - -- Windows 2003 Forest level or higher - -Permissions - -- Read access to directory tree -- List Contents & Read Property on the Deleted Objects Container - - **NOTE:** See the Microsoft - [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) - article and the Microsoft - [Dsacls]() article for - additional information. - -Ports - -- TCP 389 -- TCP 135-139 -- Randomly allocated high TCP ports - -Location - -The .Active Directory Inventory Solution is a core component of all Access Analyzer installations. -Typically this solution is instantiated during installation, but it can be installed from the -Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to the solution: -**Jobs** > **.Active Directory Inventory**. This group has been named in such a way to keep it at -the top of the Jobs tree. - -## Jobs - -This Job Group is comprised of three jobs that collect, analyze, and report on data. The data -collection is conducted by the ADInventory Data Collector. See the -[Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-inventory/standard-tables.md) -topic for database table information. - -![.Active Directory Inventory Solution Overview page](/img/product_docs/threatprevention/threatprevention/siemdashboard/qradar/dashboard/overview.webp) - -The .Active Directory Inventory Solution has the following jobs: - -- [1-AD_Scan Job](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/1-ad-scan.md) – Collects data and generates the standard reference tables and - views -- [2-AD_Changes Job](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/2-ad-changes.md) – Analyzes the collected data to track and alert on changes - within all scanned domains that occurred since the last scan -- [3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/3-ad-exceptions.md) – Analyzes the collected data to identify security and - provisioning concerns, such as circular nesting and stale membership diff --git a/docs/accessanalyzer/12.0/solutions/active-directory-permissions-analyzer/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory-permissions-analyzer/overview.md deleted file mode 100644 index 9c709c8253..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory-permissions-analyzer/overview.md +++ /dev/null @@ -1,80 +0,0 @@ -# Active Directory Permissions Analyzer Solution - -The Access Analyzer Active Directory Permissions Analyzer Solution enables organizations to easily -and automatically determine effective permissions applied to any and all Active Directory (AD) -objects. AD, Security, and Network Administrators can easily browse and compare information from -individual or multiple domains using comprehensive, preconfigured analyses and reports focused on -permissions associated with AD domains, organizational units, groups, users, and computers. These -capabilities enable them to obtain the most authoritative view of who has access to what in AD. - -The Active Directory Permissions Analyzer Solution is located within the **Jobs** > **Active -Directory Permissions Analyzer** Job Group, which identifies permissions applied to computers, -groups, organizational units, and users. - -Supported Platforms - -- Windows Server 2016 and later -- Windows 2003 Forest level or higher - -**NOTE:** See the Microsoft -[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) -article for additional information. - -Requirements, Permissions, and Ports - -See the -[Domain Target Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/active-directory-permissions-analyzer.md) -topic for additional information. - -Location - -The Active Directory Permissions Analyzer requires a special Access Analyzer license. It can be -installed from the Instant Job Wizard, see the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for additional information. -When purchased separately, the Permissions Analyzer Solution is installed into the Jobs tree with -the Active Directory instant solution. The license limits the solution to just the **Jobs** > -**Active Directory Permissions Analyzer** Job Group. Once installed into the Jobs tree, navigate to -the solution: **Jobs** > **Active Directory Permissions Analyzer**. The 0.Collection Job Group -collects the data. The other job groups run analysis on the collected data and generate reports. - -## Job Groups - -The Active Directory Permissions Analyzer Solution is designed to provide visibility into Active -Directory permissions applied on all objects. Key information includes who can reset user passwords, -who can modify group membership, and who can replicate domain information. - -The jobs which comprise the Active Directory Permissions Analyzer Job Group use the ADPermissions -Data Collector and the PowerShell Data Collector to return advanced security permissions and process -analysis tasks and generate reports. The collected data is then available to the Netwrix Access -Information Center for analysis. - -![Active Directory Permissions Analyzer Solution Overview page](/img/product_docs/threatprevention/threatprevention/siemdashboard/qradar/dashboard/overview.webp) - -The job groups and jobs in the Active Directory Permissions Analyzer Solution are: - -- [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/overview.md) – Collects all Active Directory permissions - information from the targeted domain -- [1.Users Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/overview.md) – Reports on all Active Directory permissions applied to - user objects within the targeted domains -- [2.Groups Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/overview.md) – Reports on all Active Directory permissions applied to - group objects within the targeted domains -- [3.OUs > AD_OUPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-oupermissions.md) – Reports on all Active Directory permissions - applied to organizational unit objects within the targeted domains -- [4.Computers Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/overview.md) – Reports on all Active Directory permissions - applied to computer objects within the targeted domains -- [5.Open Access > AD_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-openaccess.md) – Reports on all Active Directory - permissions granting open access within the targeted domains. Open Access can be defined as access - granted to security principals such as: Domain Users, Authenticated Users, and Everyone. -- [6.Broken Inheritance > AD_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-brokeninheritance.md) – Reports on all - locations within Active Directory where inheritance is broken within the targeted domains -- [7.Containers Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/overview.md) – Reports on all Active Directory permissions - applied to container objects within the targeted domains -- [8.Domains Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/overview.md) – Reports on all Active Directory permissions applied - to domain objects within the targeted domains -- [9.Sites Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/overview.md) – Reports on all Active Directory permissions applied to - domain objects within the targeted domains -- [AD_ShadowAccess Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-shadowaccess.md) – Finds shadow access that leads to compromise of a - domain or sensitive data. Attackers can chain vulnerabilities to escalate privileges from a - non-privileged user to administrator with only a few steps. This job generates the shortest path - between every non-privileged user to a domain administrative group, total domain compromise, or - access to sensitive data. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-activity-collection.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-activity-collection.md deleted file mode 100644 index 723646ed25..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-activity-collection.md +++ /dev/null @@ -1,217 +0,0 @@ -# 0.Collection > AD_ActivityCollection Job - -The AD_ActivityCollection Job located in the 0.Collection Job Group, imports data from the Netwrix -Activity Monitor logs into the Access Analyzer Database. Retention can be modified in the query (120 -days default). - -![AD_ActivityCollection Job in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -There are two ways AD Activity data can be retrieved by Access Analyzer: - -- Network share containing the archive logs -- API Server connected to the archive logs - -This is configured in the query. See the -[Queries for the AD_ActivityCollection Job](#queries-for-the-ad_activitycollection-job) topic for -additional information. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -![Configuration section on the AD_ActivityCollection job Overview page](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/overviewconfiguration.webp) - -The AD_ActivityCollection page has the following configurable parameters: - -- Enable to import AD events into the AIC -- Enable to import authentication events into the AIC - - **NOTE:** The import of AD events and authentication events is disabled by default. You must - enable these parameters for the activity data to be imported into the Netwrix Access Information - Center. See the - [(Optional) Configure Import of AD Activity into Netwrix Access Information Center](/docs/accessanalyzer/12.0/configuration/active-directory/activity.md#optional-configure-import-of-ad-activity-into-netwrix-access-information-center) - topic for instructions. - -- List of attributes to track for Object Modified changes -- Number of days to retain activity data in the AIC - -See the -[Customize Analysis Parameters for the AD_ActivityCollection Job](#customize-analysis-parameters-for-the-ad_activitycollection-job) -topic for additional information. - -## Queries for the AD_ActivityCollection Job - -The AD Activity Collection query uses the ADActivity Data Collector to target the Activity Monitor -archive logs for AD Activity. - -**NOTE:** The query can be configured to connect directly to the network share where the archive -logs are stored or the API Server. - -![Queries for the AD_ActivityCollection Job](/img/product_docs/accessanalyzer/admin/hostdiscovery/queries.webp) - -The AD_ActivityCollection Job uses the ADActivity Data Collector for the following query: - -- AD Activity Collection – Targets Netwrix Activity Monitor archives to collect AD Activity - -### Configure the Query to Import from the Activity Monitor - -The AD_ActivityCollection Job requires configuration to collect data. Follow the steps to modify the -query configuration when Netwrix Activity Monitor is configured to host domain activity logs on an -API server. - -**NOTE:** Ensure the Activity Monitor API Server and the required Connection Profile are -successfully set up. See the -[Active Directory Activity Auditing Configuration](/docs/accessanalyzer/12.0/configuration/active-directory/activity.md) -topic for additional information. - -**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. - -**Step 2 –** Click **Query Properties**. The Query Properties window displays. - -**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard -opens. - -![Active Directory Activity DC wizard Category page](/img/product_docs/activitymonitor/config/activedirectory/categoryimportfromnam.webp) - -**Step 4 –** On the Category page, choose **Import from SAM** option and click **Next**. - -![Active Directory Activity DC wizard SAM connection settings page](/img/product_docs/activitymonitor/config/activedirectory/namconnection.webp) - -**Step 5 –** On the SAM connection page, the **Port** is set to the default 4494. This needs to -match the port configured for the Activity Monitor API Server agent. - -**Step 6 –** In the **Test SAM host** textbox, enter the Activity Monitor API Server name using -fully qualified domain format. For example, `NEWYORKSRV30.NWXTech.com`. Click **Connect**. - -**Step 7 –** If connection is successful, the archive location displays along with a Refresh token. -Copy the **Refresh token**. This will replace the Client Secret in the Connection Profile in the -last step. - -**Step 8 –** Click **Next**. - -![Active Directory Activity DC wizard Scoping and Retention page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -**Step 9 –** On the Scope page, set the Timespan as desired. There are two options: - -- Relative Timespan – Set the number of days of activity logs to collect when the scan is run -- Absolute Timespan – Set the date range for activity logs to collect when the scan is run - -**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity -Monitor domain output log retention expires. For example, if Access Analyzer runs the -**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be -configured to retain at least 10 days of log files. - -**Step 10 –** Set the Retention period as desired. This is the number of days Access Analyzer keeps -the collected data in the SQL Server database. - -**Step 11 –** Click **Next** and then **Finish** to save the changes and close the wizard. - -**Step 12 –** Click **OK** to save the changes and close the Query Properties page. - -**Step 13 –** Navigate to the global **Settings** > **Connection** node to update the User -Credential with the Refresh token: - -- Select the Connection Profile assigned to the **6.Activity** > **0.Collection** Job Group. -- Select the Web Services (JWT) User Credential and click **Edit**. -- Replace the Access Token with the Refresh token generated by the data collector in Step 7. -- Click **OK** to save and close the User Credentials window. -- Click **Save** and then **OK** to confirm the changes to the Connection Profile. - -The query is now configured to target the Activity Monitor API Server to collect domain activity -logs. - -### Configure the Query to Import from a Share - -The AD_ActivityCollection Job requires configuration to collect data. Follow the steps to modify the -query configuration when Netwrix Activity Monitor is configured to store activity logs on a network -share. - -**NOTE:** Ensure the Activity Monitor domain output and the required Connection Profile are -successfully set up. See the -[File Archive Repository Option](/docs/accessanalyzer/12.0/configuration/active-directory/file-archive.md) topic for -additional information. - -**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. - -**Step 2 –** Click **Query Properties**. The Query Properties window displays. - -**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard -opens. - -![Active Directory Activity DC wizard Category page](/img/product_docs/activitymonitor/config/activedirectory/categoryimportfromshare.webp) - -**Step 4 –** On the Category page, choose **Import from Share** option and click **Next**. - -![Active Directory Activity DC wizard Share settings page](/img/product_docs/activitymonitor/config/activedirectory/share.webp) - -**Step 5 –** On the Share page, provide the UNC path to the AD Activity share archive location. If -there are multiple archives in the same network share, check the **Include Sub-Directories** box. -Click **Next**. - -![Active Directory Activity DC wizard Scoping and Retention page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -**Step 6 –** On the Scope page, set the Timespan as desired. There are two options: - -- Relative Timespan – Set the number of days of activity logs to collect when the scan is run -- Absolute Timespan – Set the date range for activity logs to collect when the scan is run - -**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity -Monitor domain output log retention expires. For example, if Access Analyzer runs the -**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be -configured to retain at least 10 days of log files. - -**Step 7 –** Set the Retention period as desired. This is the number of days Access Analyzer keeps -the collected data in the SQL Server database. - -**Step 8 –** Click **Next** and then **Finish** to save the changes and close the wizard. - -**Step 9 –** Click **OK** to save the changes and close the Query Properties page. - -The query is now configured to target the network share where the Activity Monitor domain activity -logs are archived. - -## Analysis Tasks for the AD_ActivityCollection Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > -**AD_ActivityCollection** Job. Select the **Configure** > **Analysis** node. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ActivityCollection Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/analysis.webp) - -The following analysis tasks are selected by default: - -- UAC Formatting Function – Splits column on commas and assigns opposing values to attributes -- AIC Import - AD Activity Events – Imports AD events to the Access Information Center for domain - objects - - - The `@ADEvents` and `@AuthEvents` parameters must be enabled for AD events and authentication - events to be imported into the Access Information Center - - The list of attributes to track for Object Modified changes can be customized by the - `#modifiedAttributeList` parameter - -- AIC Import - Activity Retention – Deletes older activity data from the Access Information Center - - - By default, data is retained for 120 days. This is customizable by the `@Days` parameter. - -### Customize Analysis Parameters for the AD_ActivityCollection Job - -The customizable parameters for this job allow you to configure importing of AD activity data into -the Netwrix Access Information Center. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------------------- | --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- | -| AIC Import - AD Activity Events | #modifiedAttributeList | Default attributes: - givenName - sn - displayName - description - userPrincipalName - sAMAccountName - initials - title - department - company - manager - location - streetAddress - currentLocation - st - postalCode - c - otherTelephone - homePhone - ipPhone - mobile - facsimileTelephoneNumber - otherFacsimileTelephoneNumber - mail - wWWHomePage - employeeID - employeeType - employeeNumber - extensionAttribute1 - extensionAttribute2 - extensionAttribute3 - extensionAttribute4 - extensionAttribute5 - extensionAttribute6 - extensionAttribute7 - extensionAttribute8 - extensionAttribute9 - extensionAttribute10 - extensionAttribute11 - extensionAttribute12 - extensionAttribute13 - extensionAttribute14 - extensionAttribute15 | List of attributes to track for Object Modified changes | -| AIC Import - AD Activity Events | @ADEvents | False | Enable to import AD events into the AIC | -| AIC Import - AD Activity Events | @AuthEvents | False | Enable to import authentication events into the AIC | -| AIC Import - Activity Retention | @Days | 120 | Number of days to retain activity data in the AIC | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-ldap-queries.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-ldap-queries.md deleted file mode 100644 index 7cc487ea3d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-ldap-queries.md +++ /dev/null @@ -1,73 +0,0 @@ -# LDAP > AD_LDAPQueries Job - -The **LDAP** > **AD_LDAPQueries** Job analyzes LDAP traffic to determine trends such as most -expensive queries, most active servers and users, successful/failed and signing status. This data -can be used to troubleshoot performance issues, load balancing, and poorly configured services. - -![AD_LDAPQueries Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapjobstree.webp) - -**_RECOMMENDED:_** Schedule this job to run with the 0.Collection job group. - -## Analysis Tasks for the AD_LDAPQueries Job - -Navigate to the **Active Directory** > **6.Activity** > **LDAP** > **AD_LDAPQueries** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Except for the **Largest Queries** task, do not modify or deselect the remaining -selected analysis tasks. The remaining analysis tasks are preconfigured for this job. - -![Analysis Tasks for the AD_LDAPQueries Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysis.webp) - -The following non-configurable analysis tasks are selected by default: - -- SSL – Creates the SA_AD_LDAPQueries_SSLStatus table accessible under the job’s Results node -- Host Summary – Creates the SA_AD_LDAPQueries_HostSummary table accessible under the job’s Results - node -- User Summary – Creates the SA_AD_LDAPQueries_UserSummary table accessible under the job’s Results - node - -The following configurable analysis task can be optionally enabled: - -- Largest Queries – Creates the SA_AD_LDAPQueries_ExpensiveQueries table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the AD_LDAPQueries Job produces the follow -pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Largest LDAP Queries | Shows LDAP queries returning the most objects, and their source. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar – Displays top users by LDAP traffic - Table – Displays top users by LDAP traffic - Table – Displays Expensive LDAP Queries | -| LDAP Overview | Overview of hosts and users performing queries, and query security. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of four elements: - Pie – Displays SSL query events view results - Pie – Displays query security flags - Table – Displays users performing LDAP queries - Table – Displays originating hosts | - -### Configure the Largest Queries Analysis Task - -Customizable parameters enable you to set the values used to control the minimum objects returned -and the days of traffic to analyze during this job’s analysis. The parameters can be customized and -are listed in a section at the bottom of the SQL Script Editor. Follow the steps to customize an -analysis task’s parameters. - -**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **LDAP** > **AD_LDAPQueries** > -**Configure** node and select **Analysis**. - -![Largest Queries analysis task configuration](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp) - -**Step 2 –** In the Analysis Selection view, select the **Largest Queries** analysis task and click -**Analysis Configuration**. The SQL Script Editor opens. - -**CAUTION:** Do not change any parameters where the Value states `Created during execution`. - -![Largest Queries analysis task in the SQL Script Editor](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapsqlscripteditor.webp) - -**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. There are -two integer variables that can be modified. Double-click on the current **value** and change as -desired: - -- @objects_returned – Controls the minimum number of objects returned for the queries to be - considered large. This value is set to 100 by default. -- @timeframe – Controls the number of days to analyze traffic for. This value is set to 30 days by - default. - -**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor -window. - -The analysis task now includes custom parameters for the updated values. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-lockouts.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-lockouts.md deleted file mode 100644 index f33c83e705..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-lockouts.md +++ /dev/null @@ -1,33 +0,0 @@ -# Lockouts > AD_Lockouts Job - -The **Lockouts** > **AD_Lockouts** Job provides a listing of all account lockouts. For any lockout -occurring in the past 30 days, failed authentications and host information is provided to aid -troubleshooting. - -![AD_Lockouts Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/lockoutsjobstree.webp) - -**_RECOMMENDED:_** Schedule this job to run with the 0.Collection job group. - -## Analysis Tasks for the AD_Lockouts Job - -Navigate to the **Active Directory** > **6.Activity** > **Lockouts** > **AD_Lockouts** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_Lockouts Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/lockoutsanalysis.webp) - -The default analysis tasks are: - -- Account Lockouts – Creates the SA_AD_AccountLockouts_Details view accessible under the job’s - Results node -- Failed Authentications – Creates the SA_AD_AccountLockouts_FailedAutnentications table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_Lockouts Job produces the follow -pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| Lockouts | This report tracks all lockouts for user accounts. For any lockout occurring in the past 30 days, failed authentications and host information are provided to aid troubleshooting. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Table – Displays account lockouts details - Table –  Displays failed authentications in the past 30 days | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-computer-modifications.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-computer-modifications.md deleted file mode 100644 index 60b24ee75f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-computer-modifications.md +++ /dev/null @@ -1,27 +0,0 @@ -# AD_ComputerModifications Job - -The AD_ComputerModifications Job provides a report of all changes to computer objects. - -## Analysis Tasks for the AD_ComputerModifications Job - -Navigate to the **Active Directory** > **6.Activity** > **Changes** > **AD_ComputerModifications** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ComputerModifications Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp) - -The following non-configurable analysis tasks are selected by default: - -- All Computer Object Changes – Creates the SA_AD_ComputerChanges_ComputerSummary table accessible - under the job’s Results node -- Summarize by Computer – Creates the SA_AD_ComputerChanges_ComputerSummary table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_ComputerModifications Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ---------------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Computer Account Changes | Track changes to computer objects. | CPAA GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays Changes by Type - Table – Displays Changes by Computer - Table – Displays Computer Change Details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-group-modifications.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-group-modifications.md deleted file mode 100644 index efda8d4f3a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-group-modifications.md +++ /dev/null @@ -1,38 +0,0 @@ -# AD_GroupModifications Job - -The AD_GroupModifications Job provides a report of all changes to group objects. A separate report -is provided to highlight group membership changes. The list of top perpetrators can be used to -identify out of band changes. - -## Analysis Tasks for the AD_GroupModifications Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Changes** > -**AD_GroupModifications** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupModifications Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp) - -The following non-configurable analysis tasks are selected by default: - -- Group Changes – Creates the SA_AD_GroupModifications_Details view accessible under the job’s - Results node -- Summarize by Group – Creates the SA_AD_GroupModifications_GroupSummary table accessible under the - job’s Results node -- Summarize by Perpetrator – Creates the SA_AD_GroupModifications_UserSummary table accessible under - the job’s Results node -- Membership Changes – Creates the SA_AD_GroupMembershipChanges_Details view accessible under the - job’s Results node -- Summarize by Group – Creates the SA_AD_GroupMembershipChanges_Summary table accessible under the - job’s Results node -- Top Groups by Changes – Creates the SA_AD_GroupMembershipChanges_Last30Days table accessible under - the job’s Results node. - -In addition to the tables created by the analysis tasks, the AD_GroupModifications Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ----------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Changes | Tracks changes to group attributes. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays changes by type - Table – Displays changes by group - Table – Displays changes by group change details | -| Group Membership Changes | Tracks changes to group membership. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Stacked Chart – Displays the most active groups in the past 30 days - Table – Displays group membership summary - Table – Displays group membership change details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-user-modifications.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-user-modifications.md deleted file mode 100644 index b3f231a7e0..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-user-modifications.md +++ /dev/null @@ -1,27 +0,0 @@ -# AD_UserModifications Job - -The AD_UserModifications Job provides a report of all changes to user objects. - -## Analysis Tasks for the AD_UserModifications Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Changes** > -**AD_UserModifications** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_UserModifications Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp) - -The following non-configurable analysis tasks are selected by default: - -- All User Account Changes – Creates the SA_AD_UserModifications_Details view accessible under the - job’s Results node -- Summary of Changes – Creates the SA_AD_userModifications_userSummary table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the AD_UserModifications Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------ | ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Account Changes | Track changes to user objects. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays changes by type - Table – Displays changes by user account - Table – Displays changes by user change details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/overview.md deleted file mode 100644 index b78f4764f5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/overview.md +++ /dev/null @@ -1,17 +0,0 @@ -# Changes Job Group - -The Changes Job Group provides an audit trail for changes made to Computer, Group and User objects -within the environment. - -![Changes Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following Jobs make up the Changes Job Group: - -**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. - -- [AD_ComputerModifications Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-computer-modifications.md) – Reports on activity relating to - changes made on computer objects -- [AD_GroupModifications Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-group-modifications.md) – Reports on activity relating to changes - made on a group objects and changes made to group membership -- [AD_UserModifications Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/ad-user-modifications.md) – Reports on activity relating to changes made - on user objects diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-access-changes.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-access-changes.md deleted file mode 100644 index 9d086134e3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-access-changes.md +++ /dev/null @@ -1,31 +0,0 @@ -# AD_AccessChanges Job - -The AD_AccessChanges Job highlights the type and number of resources across the environment where -access has been affected. Groups which have historically been the cause of most access changes are -highlighted, to show potential issues in access sprawl and provisioning. - -## Analysis Tasks for the AD_AccessChanges Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Group Usage** > -**AD_AccessChanges** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_AccessChanges Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp) - -The following non-configurable analysis tasks are selected by default: - -- Find Access Changes – Creates the SA_AD_AccessChanges_Details table accessible under the job’s - Results node -- Group Summary – Creates the SA_AD_AccessChanges_GroupSummary table accessible under the job’s - Results node -- Access Type Summary – Creates the SA_AD_AccessChanges_TypeSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the AD_AccessChanges Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Access Changes | Highlights group membership additions that have created large changes in access within the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays largest changes last week - Table – Displays groups by modified access - Table – Displays all group membership changes | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-group-hosts.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-group-hosts.md deleted file mode 100644 index 8b84f00edf..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-group-hosts.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_GroupHosts Job - -The AD_GroupHosts Job attempts to identify where groups may be used to provide access. - -## Analysis Tasks for the AD_GroupHosts Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **GroupUsage** > -**AD_GroupHosts** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupHosts Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp) - -The default analysis tasks are: - -- Group Authentication Details – Creates the SA_AD_GroupHosts_Details table accessible under the - job’s Results node -- Summarize Authentication Events by Group – Creates the SA_AD_GroupHosts_GroupSummary table - accessible under the job’s Results node -- Summarize Authentication Events by Host – Creates the SA_AD_GroupHosts_HostSummary table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_GroupHosts Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Host Usage | Understand what groups are utilizing what hosts in the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Table – Displays security groups by target hosts - Table – Displays hosts by associated groups - Table – Displays authentication details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-group-member-activity.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-group-member-activity.md deleted file mode 100644 index a37689159a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-group-member-activity.md +++ /dev/null @@ -1,53 +0,0 @@ -# AD_GroupMemberActivity Job - -The AD_GroupMemberActivity Job analyzes the AD actions taken by the effective members of a group. -Monitoring authentication can provide a more accurate method of determining staleness than last -logons. - -## Analysis Tasks for the AD_GroupMemberActivity Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Group Usage** > -**AD_GroupMemberActivity** > **Configure** node and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the AD_GroupMemberActivity Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp) - -The default analysis task is: - -- Group Member Activity – Creates the SA_AD_GroupMemberActivity_GroupSummary table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_GroupMemberActivity Job produces the -follow pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ------------------------------------------------------------------------------------------ | ---------------------------------------------------------- | --------------------------------------------------------------------------------- | -| Group Member Activity | This report identifies actions taken by the members of each group within your environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table – Displays group member activity | - -### Configure the Group Member Activity Analysis Task - -Customizable parameters enable you to set the values used to include the SIDs for admin groups -during this job’s analysis. The parameters can be customized and are listed in a section at the -bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s parameters. - -**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **Group Usage** > -**AD_GroupMemberActivity** > **Configure** node and select **Analysis**. - -![Group Member Activity analysis task configuration](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp) - -**Step 2 –** In the Analysis Selection view, select the Group Member Activity analysis task and -click on **Analysis Configuration**. The SQL Script Editor opens. - -**CAUTION:** Do not change any parameters where the Value states `Created during execution`. - -![Group Member Activity Analysis Task in the SQL Script Editor](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp) - -**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. Select -the cell for the temporary table called #admingroups, and click **Edit Table** to modify the value. - -- The new value should include SIDs for admin groups to be considered administrative groups beyond - the default admin groups. - -**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor -window. - -The analysis task now includes custom parameters for the updated values. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/overview.md deleted file mode 100644 index 59fd622356..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/overview.md +++ /dev/null @@ -1,19 +0,0 @@ -# Group Usage Job Group - -The Group Usage Job Group reports shows how group membership changes have affected access across the -entire environment, the actions taken by the members of a group, and identifies where groups may be -used for authorization in applications. - -![Group Usage Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following Jobs make up the Group Usage Job Group: - -**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. - -- [AD_AccessChanges Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-access-changes.md) – Reports on activity relating to access changes for - Active Directory groups, highlighting membership changes that have created large access change - within the environment -- [AD_GroupHosts Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-group-hosts.md) – Reports on what hosts groups are being used on within the - environment -- [AD_GroupMemberActivity Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/ad-group-member-activity.md) – Reports on the activity that group - members are taking within the Active Directory environment diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-authentication-protocol.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-authentication-protocol.md deleted file mode 100644 index 90ee8a3fc1..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-authentication-protocol.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_AuthenticationProtocol Job - -The AD_Authentication Job shows what protocols are being used to authenticate across the environment -and will help to identify what services and computers may be affected when disabling NTLM. - -## Analysis Tasks for the AD_AuthenticationProtocol Job - -Navigate to the **Active Directory** > **6.Activity** > **Operations** > -**AD_AuthenticationProtocol** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_AuthenticationProtocol Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp) - -The default analysis tasks are: - -- Summarize Protocol Usage – Creates the SA_AD_AuthenticationProtocol_Summary table accessible under - the job’s Results node -- Summarize Host Protocol Usage – Creates the SA_AD_AuthenticationProtocol_Hosts table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_AuthenticationProtocol Job produces -the follow pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | -------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | -| Authentication Protocols | Track the prevalence of NTLM versus Kerberos within the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie – Displays authentication protocols - Table –  Displays authentication protocols summary | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-domain-controller-traffic.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-domain-controller-traffic.md deleted file mode 100644 index 0b4c5185c5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-domain-controller-traffic.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_DomainControllerTraffic Job - -The AD_DomainControllerTraffic Job provides a summary of the amount of traffic for Changes, -Authentication, Replication, and LDAP Queries for each domain controller which can be used to -identify issues with load balancing. If the AD_DCSummary job has been run, the roles for each domain -controller will be provided. - -## Analysis Tasks for the AD_DomainControllerTraffic Job - -Navigate to the **Active Directory** > **6.Activity** > **Operations** > -**AD_DomainControllerTraffic** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DomainControllerTraffic Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/dctrafficanalysis.webp) - -The default analysis task is: - -- Summarize Protocol Usage – Creates the SA_AD_DomainControllerTraffic_Details table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_DomainControllerTraffic Job produces -the follow pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | -------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------- | -| Domain Controller Traffic | Identifies the amount of active directory events that occur on each domain controller. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table –  Displays a Domain Controller summary | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-hardcoded-dcs.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-hardcoded-dcs.md deleted file mode 100644 index 797e19711d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-hardcoded-dcs.md +++ /dev/null @@ -1,26 +0,0 @@ -# AD_HardcodedDCs Job - -The AD_HardcodedDCs Job highlights machines that have communicated with only one domain controller. - -## Analysis Tasks for the AD_HardcodedDCs Job - -Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_HardcodedDCs** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_HardcodedDCs Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp) - -The default analysis tasks are: - -- Hardcoded DCs – Creates the SA_AD_Hardcoded_DCs table accessible under the job’s Results node -- Summarizes Hardcoded DC Information – Creates the SA_AD_Hardcoded_Summary table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_Hardcoded DCs Job produces the -follow pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Hardcoded DCs | This report identifies hosts which may have hardcoded domain controller information in server or application settings. Each host identified in this report has only contacted one domain controller. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie –  Displays top domain controllers - Table – Displays hardcoded domain controller summary - Table – Displays host details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-load-balancing.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-load-balancing.md deleted file mode 100644 index 16830ec46b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-load-balancing.md +++ /dev/null @@ -1,28 +0,0 @@ -# AD_LoadBalancing Job - -The AD_LoadBalancing Job analyzes each domain controller's traffic to show what percent of all LDAP, -Replication, Authentication and Changes are being handled by that particular machine. This helps to -highlight domain controllers which are over utilized relative to others within the domain, or unused -domain controllers which may be decommissioned. - -## Analysis Task for the AD_LoadBalancing Job - -Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_LoadBalancing** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the AD_LoadBalancing Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp) - -The default analysis task is: - -- Domain Controller Traffic – Creates the SA_AD_LoadBalancing_DomainControllers table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_LoadBalancing Job produces the -follow pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain Controllers | This report identifies the distribution of change events and authentication events between domain controllers in the monitored environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays top DCs by authentication traffic - Bar Chart – Displays top DCs by change traffic - Table – Displays domain controller traffic details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-machine-owners.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-machine-owners.md deleted file mode 100644 index a189703e7c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-machine-owners.md +++ /dev/null @@ -1,27 +0,0 @@ -# AD_MachineOwners Job - -The AD_MachineOwners Job helps to identify the owner of a particular host. - -## Analysis Tasks for the AD_MachineOwners Job - -Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_MachineOwners** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_MachineOwners Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/machineownersanalysis.webp) - -The default analysis tasks are: - -- Identify Machine Owners – Creates the SA_AD_MachineOwners_Details table accessible under the job’s - Results node -- User Summary – Creates the SA_AD_MachineOwners_UserSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the AD_MachineOwners Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------- | ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -| Machine Owners | Identify owners of machines based on authentication patterns. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays top users by machines owned - Table – Displays machine owners | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/overview.md deleted file mode 100644 index b313ac6f01..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/overview.md +++ /dev/null @@ -1,26 +0,0 @@ -# Operations Job Group - -The Operations Job Group reports on Active Directory activity events related to operational -activity. This group can help report on probable machine owners based on authentications, domain -controller traffic and activity, and authentication protocols being used in the environment. - -![Operations Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following Jobs make up the Operations Job Group: - -**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. - -- [AD_AuthenticationProtocol Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-authentication-protocol.md) – Shows what protocols are being - used to authenticate across the environment and will help to identify what services and computers - may be affected when disabling NTLM -- [AD_DomainControllerTraffic Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-domain-controller-traffic.md) – Provides a summary of the amount - of traffic for Changes, Authentication, Replication, and LDAP Queries for each domain controller - which can be used to identify issues with load balancing. If the AD_DCSummary job has been run, - the roles for each DC will be provided. -- [AD_HardcodedDCs Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-hardcoded-dcs.md) – Highlight machines that have communicated with only - one DC -- [AD_LoadBalancing Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-load-balancing.md) – Analyzes each domain controller's traffic to show - what percent of all LDAP, Replication, Authentication and Changes are being handled by that - particular machine. This helps to highlight domain controllers which are over utilized relative to - others within the domain, or unused domain controllers which may be decommissioned. -- [AD_MachineOwners Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/ad-machine-owners.md) – Helps to identify the owner of a particular host diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/overview.md deleted file mode 100644 index 715139e15d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/overview.md +++ /dev/null @@ -1,36 +0,0 @@ -# 6.Activity Job Group - -The 6.Activity Job Group provides insights into access sprawl, privileged account usage, and -operational health of the Active Directory environment. Information collected includes Active -Directory Changes, Authentication, LDAP Traffic, Replication Traffic, and LSASS.EXE process -injection on domain controllers. - -The jobs that comprise the 6.Activity Job Group collect data, process analysis tasks, and generate -reports. - -_Remember,_ this job group requires the Active Directory Activity license. - -![6.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The 6.Activity Job Group is comprised of the following jobs: - -- [0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-activity-collection.md) – Imports data from the - Netwrix Activity Monitor logs into the Access Analyzer Database. Retention can be modified in the - query (120 days default). -- [Changes Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/activity/changes/overview.md) – Provides an audit trail for changes made to Computer, - Group and User objects within the environment -- [Group Usage Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/activity/group-usage/overview.md) – Shows how group membership changes have affected - access across the entire environment, the actions taken by the members of a group, and identifies - where groups may be used for authorization in applications -- [LDAP > AD_LDAPQueries Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-ldap-queries.md) – Analyzes LDAP traffic to determine trends such as - most expensive queries, most active servers and users, successful/failed and signing status. This - data can be used to troubleshoot performance issues, load balancing, and poorly configured - services. -- [Lockouts > AD_Lockouts Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-lockouts.md)– Provides a listing of all account lockouts with - relevant details which can be used to aid troubleshooting -- [Operations Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/activity/operations/overview.md) – Reports on Active Directory activity events - related to operational activity. This group can help report on probable machine owners based on - authentications, domain controller traffic and activity, and authentication protocols being used - in the environment. -- [Privileged Accounts Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/overview.md)– Highlights the activity performed - by this accounts, to identify potential abuses or unused accounts that can be deprovisioned diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/ad-admin-accounts.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/ad-admin-accounts.md deleted file mode 100644 index a589433399..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/ad-admin-accounts.md +++ /dev/null @@ -1,59 +0,0 @@ -# AD_AdminAccounts Job - -The AD_AdminAccounts Job shows all actions taken by domain administrators within the environment. - -## Analysis Tasks for the AD_AdminAccounts Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Privileged Accounts** > -**AD_AdminAccounts** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_AdminAccounts Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp) - -The default analysis tasks are: - -- Summarizes Administrative Account Activity – Creates the SA_AD_AdminAccounts_ActivitySummary table - accessible under the job’s Results node -- Identifies Administrative Accounts Last Activity Event – Creates the - SA_AD_AdminAccounts_LastActivity table accessible under the job’s Results node -- Identifies Administrative Group List Activity Event – Creates the - SA_AD_AdminAccounts_LastActivityByGroup table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AD_AdminAccounts Job produces the -follow pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Admin Activity | Highlights administrative account activity events. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays least active administrators - Table – Displays administrative user activity details | -| Admin Authentications | Authenticating from many different clients increases the risk of Administrator credentials being compromised. | GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays the top admin accounts by client usage - Table – Displays all client usage - Table – Displays administrator authentication | - -### Configure the Summarize Administrative Account Activity Analysis Task - -Customizable parameters enable you to set the values used to include the NT Account name for admin -groups during this job’s analysis. The parameters can be customized and are listed in a section at -the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s parameters. - -**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **Privileged Accounts** > -**AD_AdminAccounts** > **Configure** node and select **Analysis**. - -![Summarizes Administrative Account Activity analysis task configuration](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp) - -**Step 2 –** In the Analysis Selection view, select the **Summarizes Administrative Account -Activity** analysis task and click **Analysis Configuration**. The SQL Script Editor opens. - -**CAUTION:** Do not change any parameters where the Value states `Created during execution`. - -![Summarizes Administrative Account Activity analysis task in the SQL Script Editor](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp) - -**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. Select -the cell for the temporary table called #AdminGroups, and click **Edit Table** to modify the value. - -- The new value should include the NT Account names for the admin groups that are considered - administrative groups beyond the default admin groups. - -**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor -window. - -The analysis task now includes custom parameters for the updated values. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/ad-service-account-auth.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/ad-service-account-auth.md deleted file mode 100644 index c536757dcb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/ad-service-account-auth.md +++ /dev/null @@ -1,25 +0,0 @@ -# AD_ServiceAccountAuth Job - -The AD_ServiceAccountAuth Job shows the last time a service account, identified by the presence of a -servicePrincipalName, was active within the environment. - -## Analysis Task for the AD_ServiceAccountAuth Job - -Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Operations** > -**AD_ServiceAccountAuth** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the AD_ServiceAccountAuth Job](/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp) - -The following non-configurable analysis task is selected by default: - -- Creates the SA_AD_ServiceAccountAuth_Details table accessible under the job’s Results node. - -In addition to the tables created by the analysis tasks, the AD_ServiceAccountAuth Job produces the -follow pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | -| Service Accounts | Because many service accounts may not ever perform a logon, tracking authentication can be a better way to identify stale service accounts. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays stale service accounts - Table – Displays account details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/overview.md deleted file mode 100644 index 2ec4c5948b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/overview.md +++ /dev/null @@ -1,15 +0,0 @@ -# Privileged Accounts Job Group - -The Privileged Accounts Job Group highlights the activity performed by this accounts, to identify -potential abuses or unused accounts which can be deprovisioned. - -![Privileged Accounts Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following Jobs make up the Privileged Accounts Job Group: - -**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. - -- [AD_AdminAccounts Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/ad-admin-accounts.md) – Shows all actions taken by domain administrators - within the environment being compromised -- [AD_ServiceAccountAuth Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/privileged-accounts/ad-service-account-auth.md) – Shows the last time a service account, - identified by the presence of a servicePrincipalName, was active within the environment diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/activity/recommended.md b/docs/accessanalyzer/12.0/solutions/active-directory/activity/recommended.md deleted file mode 100644 index befe08f888..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/activity/recommended.md +++ /dev/null @@ -1,69 +0,0 @@ -# Recommended Configurations for the 6.Activity Job Group - -The **Active Directory** > **6.Activity** Job Group has been configured by default to run with the -out-of-the-box settings. It can be run directly or scheduled. - -Dependencies - -- Successfully execute the **.Active Directory Inventory** Job Group -- Netwrix Activity Monitor 4.1+ is archiving AD Activity Logs -- Successfully execute the **Active Directory** > **5.Domains Job Group** prior to running the - Operations Job Group -- (Optional) Successfully execute the **Active Directory Permissions Analyzer** > **0.Collection** - Job Group -- (Optional) Successfully execute the **FileSystem** > **0.Collection** Job Group - -Targeted Host(s) - -Netwrix Activity Monitor API Server or the host with the network share housing archived log files. - -Connection Profile - -Connection Profiles must be set directly on the -[0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-activity-collection.md) in order to connect to either -the SAM API Server or the host with the network share housing the archived log files. - -Access Token - -Required for SAM API Server integration for the -[0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/12.0/solutions/active-directory/activity/ad-activity-collection.md). - -Scheduling Frequency - -This group can be scheduled to run as desired. - -**_RECOMMENDED:_** Run from the 6.Activity Job Group level in order to correlate 0.Collection job -group data with other jobs. - -History Retention - -History is not supported. Turning on history will cause issues with data analysis and reporting. - -Multi-Console Support - -Multiple Access Analyzer Consoles are not supported. This group should be run from a single Access -Analyzer Console. - -Workflow - -**Step 1 –** Successfully run the **.Active Directory Inventory** Job Group. - -**Step 2 –** Setup integration between the Netwrix Activity Monitor and Access Analyzer by using -either an API Server or the network share where the archived log files are located. - -**Step 3 –** Ensure Activity Monitor logs are archived. - -**Step 4 –** Configure the Connection Profiles to connect successfully to the Netwrix Activity -Monitor API Server or the host with the network share housing the archived log files. - -**Step 5 –** Configure the **AD_ActivityCollection** Job Query. - -**Step 6 –** Run the jobs as desired. - -**Step 7 –** Run from the **6.Activity** Job Group level in order to correlate 0.Collection job -group data with other jobs. - -**Step 8 –** Review the reports generated by the jobs. - -See the [Active Directory Solution](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/active-directory.md) topic for -additional information. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/ad-security-assessment.md b/docs/accessanalyzer/12.0/solutions/active-directory/ad-security-assessment.md deleted file mode 100644 index c7f56c2eeb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/ad-security-assessment.md +++ /dev/null @@ -1,91 +0,0 @@ -# AD Security Assessment Job - -The AD_SecurityAssessment Job performs checks against Active Directory security best practices in -order to proactively identify critical security configurations that leave Active Directory -vulnerable to attack. The result are reports that provide a listing of findings by severity and -category with corresponding details that can be used to prioritize and remediate security issues. - -![AD Security Assessment Job](/img/product_docs/accessanalyzer/solutions/activedirectory/securityassessmentjobstree.webp) - -## Recommended Configurations for the AD_SecurityAssessment Job - -Dependencies - -One or more of the following job groups or jobs must be run to produce results: - -- .Active Directory Inventory Job Group -- Active Directory Job Group - - - Active Directory > 1.Groups > AD_SensitiveSecurityGroups - - Active Directory > 2.Users > AD_PasswordStatus - - Active Directory > 2.Users > AD_ServiceAccounts - - Active Directory > 2.Users > AD_WeakPasswords - - Active Directory > 2.Users > AD_SIDHistory - - Active Directory > 2.Users > AD_UserDelegation - - Active Directory > 3.Computers > AD_ComputerDelegation - - Active Directory > 4.Group Policy > AD_CPassword - - Active Directory > 5.Domains > AD_DomainInfo - -- Active Directory Permissions Analyzer Job Group - - - Active Directory Permissions Analyzer > 1.Users > AD_ResetPasswordPermissions - - Active Directory Permissions Analyzer > 1.Users > AD_UserPermissions - - Active Directory Permissions Analyzer > 2.Groups > AD_GroupMembershipPermissions - - Active Directory Permissions Analyzer > 2.Groups > AD_GroupPermissions - - Active Directory Permissions Analyzer > 3.OUs > AD_OUPermissions - - Active Directory Permissions Analyzer > 4.Computers > AD_ComputerPermissions - - Active Directory Permissions Analyzer > 4.Computers > AD_LAPSPermissions - - Active Directory Permissions Analyzer > 7.Containers > AD_AdminSDHolder - - Active Directory Permissions Analyzer > 7.Containers > AD_ContainerPermissions - - Active Directory Permissions Analyzer > 8.Domains > AD_DomainReplication - - Active Directory Permissions Analyzer > 9.Sites > AD_DCShadowPermissions - -- Windows Job Group - - - Windows > Privileged Accounts > Service Accounts > SG_ServiceAccounts - -**NOTE:** If any of the above jobs are not completed, the AD_SecurityAssessment job will run but all -checks will not be assessed. - -Target Host - -This job group does not collect data. No target host is required. - -Connection Profile - -No specific Connection Profile is required. - -Schedule Frequency - -Scheduled to run as desired - -History Retention - -History is not supported. Turning on history will cause issues with data analysis and reporting. - -Multi-console Support - -Multiple StealthAUDIT consoles are not supported. This job should be run from a single StealthAUDIT -console. - -## Analysis Task for the AD_SecurityAssessment Job - -Navigate to the **Jobs** > Active Directory > AD_SecurityAssessment > Configure node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/activedirectory/securityassessmentanalysis.webp) - -The following non-configurable analysis task is selected by default: - -- Summarize Audit Findings – Creates the AD_SecurityAssessment_Results table accessible under the - job’s Results node. - -In addition to the tables created by the analysis task, the AD_SecurityAssessment job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| AD Security Assessment | This report identifies security risks within a targeted Active Directory environment based on results of previously run jobs. | GDPR SOX PCI HIPAA | This report is comprised of four elements: - Table – Provides Scope of Audit on domains - Pie Chart – Displays Findings by Severity - Table – Provides Findings by Category - Table – Provides Details on Risk | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-ca-collection.md b/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-ca-collection.md deleted file mode 100644 index 4d4217f969..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-ca-collection.md +++ /dev/null @@ -1,48 +0,0 @@ -# Collection > AD_CACollection Job - -The AD_CACollection job collects Certificate Authority details and settings for analysis against -potential vulnerabilities that exist in Active Directory Certificate Services configurations. This -job is located in the Collection job group. - -Target Host - -It is recommended to target the **ONE DOMAIN CONTROLLER PER DOMAIN** or **Default domain -controller** host list. - -## Queries for the AD_CACollection Job - -The AD_CACollection job uses the PowerShell data collector to collect details about Certificate -Authorities, templates, and requests. - -![Queries for the AD_CACollection Job](/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/cacollectionqueries.webp) - -The queries for the job are: - -- CA Connection String – Gets the Certificate Authority (CA) string to use for connections -- Permissions – Returns Certificate Authority Access Control Lists (ACLs) -- Registry Settings – Returns setup of Certificate Authorities -- Enrollment Agents – Returns Enrollment Agent rights, availability, and details -- NTLM Endpoints – Discovers NTLM enabled endpoints for Certificate Authorities -- AllCertificates – Collects all certificate requests from the ADCS Database -- CertificateTemplates – Gets certificate templates -- CertificateTemplatesPublished – Collects information from the PkiEnrollmentServices - -## Analysis Tasks for the AD_CACollection Job - -Navigate to the **Active Directory** > **7.Certificate Authority** > **Collection** > -**AD_CACollection** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_CACollection Job](/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/cacollectionanalysis.webp) - -The default analysis tasks are: - -- Split String – Splits strings on a given delimiter. This is used to break apart Certificate - Values. -- Subject Alternative Names – Breakdown of all Subject Alternative Names in key value pairs. Creates - the SA_AD_CertificateConfiguration_ALLSANs view accessible under the job’s Results node. -- Certificate OIDs – Certificate templates split out with OIDs -- Template Flags – Enumerates flags on certificate templates. Creates the - SA_AD_CertificateConfiguration_Flags view accessible under the job’s Results node. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-certificate-audit.md b/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-certificate-audit.md deleted file mode 100644 index 3f0f47b616..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-certificate-audit.md +++ /dev/null @@ -1,27 +0,0 @@ -# AD_CertificateAudit Job - -The AD_CertificateAudit job provides details on access rights to the Certificate Authority. - -## Analysis Tasks for the AD_CertificateAudit Job - -Navigate to the **Active Directory** > **7.Certificate Authority** > **AD_CertificateAudit** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_CertificateAudit Job](/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/certificateauditanalysis.webp) - -The default analysis tasks are: - -- Certificate Authorities – Summarizes the Certificate Authority configuration. Creates the - SA_AD_CertificateAudit_Authorites view accessible under the job’s Results node. -- Certificate Authority Rights – Provides permissions on the Certificate Authority. Creates the - SA_AD_CertificateAudit_CARights table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the AD_CertificateAudit job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Certificate Authority Configuration | This report helps in identifying Certificate Authority configuration risks associated with permissions applied on the Active Directory object level as well as other unintended configurations set on the Certificate Authority level. Additionally, the rights on a Certificate Authority should be limited to those intended to administer or manage the Certificate Authority, so the ManageCA rights and ManageCertificate rights should be reviewed for potential misconfiguration. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays a summary of Certificate Authority permissions - Table – Provides details on Certificate Authorities - Table – Provides details on access rights | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-certificate-requests.md b/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-certificate-requests.md deleted file mode 100644 index a0915b34dd..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-certificate-requests.md +++ /dev/null @@ -1,49 +0,0 @@ -# AD_CertificateRequests Job - -The AD_CertificateRequests job provides details about certificate requests, and highlights any that -are expiring soon. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The AD_CertificateRequests job has the following configurable parameter: - -- Number of days to consider a cert close to expiration (default 60) - -This parameter sets the definition of an expiring certificate, which is used by the Certificate -Expiration analysis task to identify any certificates expiring with this specified next number of -days. The default is 60 days. - -## Analysis Tasks for the AD_CertificateRequests Job - -Navigate to the **Active Directory** > **7.Certificate Authority** > **AD_CertificateRequests** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_CertificateRequests Job](/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/certificaterequestsanalysis.webp) - -The default analysis tasks are: - -- Suspicious Principal Certs – Identifies certificates that show the requester requesting a - certificate for a different principal -- OID in Template – Analysis on certificate Extended Key Usage (EKU) Object Identifier (OID) being - in template OID -- Certificate Expiration – Identifies certificates that expire in the next number of days set by the - customizable parameter. The default number of days is 60. Creates the - SA_AD_CertificateRequests_ExpiringSoon table accessible under the job’s Results node. -- Authentication Based Certificates – Identifies certificates that contain Authentication based - OIDs. Creates the SA_AD_CertificateRequests_AuthenticationBasedCertiifcates view accessible under - the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the AD_CertificateRequests job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Expiring Certificate Requests | Certificate hygiene is another aspect of a Certificate Authority that should be monitored. This report shows you all certificate information on certificate requests, expired, and expiring certificates. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays expiring certificates by Certificate Authority - Table –Provides a summary of expired and expiring certificates - Table –Provides details on expiring certificates | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/overview.md deleted file mode 100644 index a6e216b942..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/overview.md +++ /dev/null @@ -1,17 +0,0 @@ -# 7.Certificate Authority Job Group - -The 7.Certificate Authority job group collects settings, permissions, and configurations for -Certificate Authorities. It details access rights for the Certificate Authority and reports on -certificate requests, highlighting any that might expire soon. - -![7.Certificate Authority job group in the Jobs tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following jobs comprise the job group: - -- [Collection > AD_CACollection Job](/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-ca-collection.md) – Collects Certificate Authority details - and settings for analysis against potential vulnerabilities that exist in Active Directory - Certificate Services configurations -- [AD_CertificateAudit Job](/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-certificate-audit.md) – Provides details on access rights to the - Certificate Authority -- [AD_CertificateRequests Job](/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/ad-certificate-requests.md) – Provides details about certificate - requests, and highlights any that are expiring soon diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/ad-cleanup-progress.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/ad-cleanup-progress.md deleted file mode 100644 index c2dcac0098..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/ad-cleanup-progress.md +++ /dev/null @@ -1,48 +0,0 @@ -# AD_CleanupProgress Job - -The AD_CleanupProgress Job performs checks against Active Directory security best practices in order -to proactively identify critical security configurations that leave Active Directory vulnerable to -attack. The result is a report which provides a listing of findings by severity and category with -corresponding details that can be used to prioritize and remediate security issues. - -![AD_CleanupProgress Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp) - -Workflow - -**Step 1 –** Ensure the following prerequisites are met: - -- The .Active Directory Inventory Job Group needs to be successfully run prior to running this job -- The following jobs from the Active Directory Solution must be run prior to running this job: - - - **Active Directory** > **1.Groups** > **AD_DuplicateGroups** - - **Active Directory** > **2.Users** > **AD_DirectMembership** - - **Active Directory** > **3.Computers** > **AD_StaleComputers** - -**Step 2 –** Schedule the AD_Cleanup Progress Job to run every day after the prerequisites have been -satisfied. - -**Step 3 –** Review the reports generated by the AD_CleanupProgress Job. - -## Analysis Tasks for the AD_CleanupProgress Job - -Navigate to the **Active Directory** > **Cleanup** > **AD_CleanupProgress** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the AD_CleanupProgress Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp) - -The default analysis task is: - -- Generates daily summary of AD exceptions – Creates the AD_CleanupProgress_DailySummary table - accessible under the job’s Results node - -In addition to the table created by the analysis task, the AD_CleanupProgress Job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Computer Cleanup Summary | This report tracks Active Directory computer exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily computer exceptions trend - Table – Provides details on daily computer exceptions | -| Group Cleanup Summary | This report tracks Active Directory group exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily group exceptions trend - Table – Provides details on daily group exceptions | -| User Cleanup Summary | This report tracks Active Directory user exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily user exceptions trend - Table – Provides details on daily user exceptions | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/ad-deprovision-computers-status.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/ad-deprovision-computers-status.md deleted file mode 100644 index 592c4cd71b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/ad-deprovision-computers-status.md +++ /dev/null @@ -1,27 +0,0 @@ -# AD_DeprovisionComputers_Status Job - -The AD_DeprovisionComputers_Status Job tracks and reports on the progress of the computer -deprovisioning workflow. - -## Analysis Tasks for the AD_DeprovisionComputers_Status Job - -Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > -**AD_DeprovisionComputers_Status** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for AD_DeprovisionComputers_Status Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp) - -The default analysis tasks are: - -- Track Deletion – Creates the AD_DeprovisionComputers_Log table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis task, the AD_DeprovisionComputers_Status -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Computer Deprovisioning | This report tracks actions taken each day of the Stale Computer Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on computer deprovisioning - Table – Provides action details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/ad-deprovision-computers.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/ad-deprovision-computers.md deleted file mode 100644 index 1162ad0591..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/ad-deprovision-computers.md +++ /dev/null @@ -1,86 +0,0 @@ -# AD_DeprovisionComputers Job - -The AD_DeprovisionComputers Job provides a simple automated workflow deprovision stale computers. - -**Step 1 –** Move stale computers to a staging OU for deletion. - -**Step 2 –** The assigned manager is alerted by email of the impending deletion. - -**Step 3 –** Disables computer accounts. - -**Step 4 –** After a configurable amount of days in the staging OU, deletes computers from the -staging OU. The default is 365 days. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The AD_DeprovisionComputers page has the following configurable parameters: - -- Days in the Staging OU before Deleting Account - -See the -[Customizable Analysis Parameters for the AD_DeprovisionComputers Job](#customizable-analysis-parameters-for-the-ad_deprovisioncomputers-job) -topic for additional information. - -## Analysis Tasks for the AD_DeprovisionComputers Job - -Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > **AD_Deprovision -Computers** > **Configure** node and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the AD_DeprovisionComputers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp) - -The default analysis tasks are: - -- Identify Stale Computers – Creates the AD_DeprovisionComputers_Details table accessible under the - job’s Results node -- Computer Accounts to Delete – Creates the AD_DeprovisionComputers_ToBeDeleted table accessible - under the job’s Results node - - - This analysis task contains a configurable parameter: `@days_before_deleting`. See the - [Customizable Analysis Parameters for the AD_DeprovisionComputers Job](#customizable-analysis-parameters-for-the-ad_deprovisioncomputers-job) - topic for additional information. - -### Customizable Analysis Parameters for the AD_DeprovisionComputers Job - -Customizable parameters enable you to set the values used to classify user and group objects during -this job’s analysis. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| --------------------------- | --------------------------- | ------------- | ---------------------------------------------- | -| Computer Accounts to Delete | @days_before_deleting | 365 | Days in the staging OU before deleting account | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for additional information. - -## Action Tasks for the AD_DeprovisionComputers Job - -Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > **AD_DeprovisionComputers** > -**Configure** node and select **Actions** to view the actions. - -**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -![Action Tasks for the AD_DeprovisionComputers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp) - -The action tasks are: - -**CAUTION:** The action tasks must be executed together and in order. - -- Move Computers – Move computers to staging OU for deletion - - - The target staging OU must be set in the Move Computers Action Task prior to executing the - action tasks. See the [Configure the Target OU](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/configure-target-ou.md) topic for additional - information. - -- Notify Manager – Notify assigned manager by email of the impending deletion -- Disable Computers – Disable computer accounts -- Delete Computers – Delete computers from staging OU - -After the `@days_before_deleting` analysis parameter has been configured and the target OU has been -set in the Move Computers Action Task, select the checkboxes next to all of the action tasks and -click **Execute Action** to execute the action tasks. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/overview.md deleted file mode 100644 index 6f0fffb469..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/overview.md +++ /dev/null @@ -1,30 +0,0 @@ -# 3.Computers Job Group - -The 3.Computers Job Group identifies stale computer accounts, providing a workflow to safely -deprovision identified accounts. - -![3.Computers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/computersjobtree.webp) - -The jobs in the 3.Computers Job Group are: - -- [AD_DeprovisionComputers Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/ad-deprovision-computers.md) – Provides a simple, automated workflow - to deprovision stale and unused user accounts -- [AD_DeprovisionComputers_Status Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/ad-deprovision-computers-status.md) – Tracks all actions taken - by the included deprovisioning workflow - -Workflow - -**Step 1 –** Ensure the following prerequisites are met: - -- The .Active Directory Inventory Job Group needs to be successfully run -- For the AD_DeprovisionComputers Job, the target OU needs to be manually set in the Move Computers - Action Task prior to executing the actions. See the - [Action Tasks for the AD_DeprovisionComputers Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/ad-deprovision-computers.md#action-tasks-for-the-ad_deprovisioncomputers-job) - topic for additional information. -- The AD_DeprovisionComputers Job needs to be run prior to running the - AD_DeprovisionComputers_Status Job - -**Step 2 –** Schedule the 3.Computers Job Group to run as desired after the prerequisites have been -satisfied. - -**Step 3 –** Review the reports generated by the 3.Computers Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/configure-target-ou.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/configure-target-ou.md deleted file mode 100644 index 1c0e582248..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/configure-target-ou.md +++ /dev/null @@ -1,23 +0,0 @@ -# Configure the Target OU - -Follow the steps to configure the target staging OU. - -**Step 1 –** Navigate to the **[Job]** > **Configure** > **Actions** node. - -![Action Properties button on Action Selection page](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp) - -**Step 2 –** On the Action Selection page, select the desired action task and click **Action -Properties**. - -**Step 3 –** In the Action Properties window, select **Configure Action**. The Active Directory -Action Module Wizard opens. - -![Move Objects page of the Active Directory Action Module Wizard](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp) - -**Step 4 –** Navigate to the Move Objects page of the Active Directory Action Module Wizard. In the -OU field, enter or browse to the desired target OU. To create the target OU location, select the -**Create target OU location if it does not already exist** checkbox. - -**Step 5 –** Navigate to the Summary page and click **Finish**. - -The target OU is now set for the action task. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups-status.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups-status.md deleted file mode 100644 index f9c93a395c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups-status.md +++ /dev/null @@ -1,26 +0,0 @@ -# AD_DeprovisionGroups_Status Job - -The AD_DeprovisionGroups_Status Job tracks all actions taken by the Deprovisioning workflow. - -## Analysis Task for the AD_DeprovisionGroups_Status Job - -Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > -**AD_Deprovision Groups_Status** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis tasks is -preconfigured for this job. - -![Analysis Task for the AD_DeprovisionGroups_Status Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp) - -The default analysis task is: - -- Track Actions – Creates the AD_DeprovisionGroups_Log and AD_DeprovisionGroups_Notes tables - accessible under the job’s Results node - -In addition to the table created by the analysis task, the AD_DeprovisionGroups_Status Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Deprovisioning | This report tracks actions taken each day of the Stale Group Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on cleanup progress - Table – Provides action details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups.md deleted file mode 100644 index 579b22e4d7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups.md +++ /dev/null @@ -1,91 +0,0 @@ -# AD_DeprovisionGroups Job - -The AD_DeprovisionGroups Job provides an automated workflow to deprovision stale groups. This -workflow is completed by the action tasks. - -**Step 1 –** Move stale groups to a staging OU for deletion. - -**Step 2 –** The group is changed to a distribution list. - -**Step 3 –** The assigned manager is alerted by email of the impending deletion. - -**Step 4 –** The group is flagged as **To Be Deleted**. - -**Step 5 –** After a configurable amount of days in the staging OU, the group is deleted from the -staging OU. The default is 365 days. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic -for instructions on how to edit parameters on a job overview page. - -The AD_DeprovisionGroups page has the following configurable parameters: - -- Days in the Staging OU before deletion - -See the -[Customizable Analysis Parameters for the AD_DeprovisionGroups Job](#customizable-analysis-parameters-for-the-ad_deprovisiongroups-job) -topic for additional information. - -## Analysis Tasks for the AD_DeprovisionGroups Job - -Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > -**AD_Deprovision Groups** > **Configure** node and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the AD_DeprovisionGroups Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp) - -The default analysis tasks are: - -- Identify Stale Groups – Creates the AD_DeprovisionGroups_Details table accessible under the job’s - Results node -- Groups to Delete – Identifies groups in the Stale Groups OU that are ready to be deleted - - - This analysis task contains a configurable parameter: `@days_before_deleting`. See the - [Customizable Analysis Parameters for the AD_DeprovisionGroups Job](#customizable-analysis-parameters-for-the-ad_deprovisiongroups-job) - topic for additional information. - -### Customizable Analysis Parameters for the AD_DeprovisionGroups Job - -Customizable parameters enable you to set the values used to classify user and group objects during -this job’s analysis. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ---------------- | --------------------------- | ------------- | -------------------------------------- | -| Groups to Delete | @days_before_deleting | 365 | Days in the staging OU before deletion | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for additional information. - -## Action Tasks for the AD_DepvisionGroups Job - -Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > -**AD_DeprovisonGroups** > **Configure** node and select **Actions** to view the action tasks. - -**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -![Action Tasks for the AD_DepvisionGroups Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp) - -The action tasks are: - -**CAUTION:** The action tasks must be executed together and in order. - -- Move Groups – Move groups to staging OU - - - The target staging OU must be set in the Move Groups Action Task prior to executing the action - tasks. See the [Configure the Target OU](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/configure-target-ou.md) topic for additional - information. - -- Disable Groups – The group is changed to a distribution list -- Notify Manager – Notify assigned manager by email of the impending deletion -- Update Description – The group is changed to a distribution list to prevent its use for - authentication and flagged as **To Be Deleted** -- Delete Groups – After a configurable amount of days in the staging OU, the group is deleted. The - default is 365 days. - -After the `@days_before_deleting` analysis parameter has been configured and the target OU has been -set in the Move Groups Action Task, select the checkboxes next to all of the action tasks and click -**Execute Action** to execute the action tasks. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/overview.md deleted file mode 100644 index 7620dee35e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/overview.md +++ /dev/null @@ -1,13 +0,0 @@ -# 1.Deprovision Job Group - -The 1. Deprovision Groups Job Group provides a simple, automated workflow to deprovision stale -groups. The action tasks in this job group provide an automated workflow. - -![1.Deprovision Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp) - -The jobs in the 1. Deprovision Groups Job Group are: - -- [AD_DeprovisionGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups.md) – This job provides an automated workflow to - deprovision stale groups -- [AD_DeprovisionGroups_Status Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups-status.md) – This job tracks and reports on - the progress of all actions taken by the included Deprovisioning workflow diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/overview.md deleted file mode 100644 index 42b50c85ac..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/overview.md +++ /dev/null @@ -1,42 +0,0 @@ -# 1.Groups Job Group - -The 1.Groups Job Group provides a workflow to safely deprovision groups, as well as the ability to -stamp security groups with what resources they are given access to. - -![1.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/groupsjobtree.webp) - -The jobs in the 1.Groups Job Group are: - -- [1.Deprovision Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/overview.md) – This job group provides a simple, automated - workflow to deprovision stale groups - - - [AD_DeprovisionGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups.md) – This job provides a simple - automated workflow to deprovision stale groups - - [AD_DeprovisionGroups_Status Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups-status.md) – This job - tracks and reports on the progress of the deprovisioning workflow - -- [2.Group Stamping Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/overview.md) – This job group updates the Notes attribute - for all security groups to show where the group is provisioned inside the environment. - - - [AD_GroupCleanup_Permissions Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/ad-group-cleanup-permissions.md) – This job reports - on where security groups are being used to assign permissions. This can be used to prioritize - remediation for groups that are rarely used. - - [AD_GroupStamping Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/ad-group-stamping.md) – This job replaces the Notes attribute - for all security groups to show where the group is provisioned inside the environment. This - overwrites the Notes field with data from Access Analyzer. - -Workflow - -**Step 1 –** Ensure the following prerequisites are met: - -- The .Active Directory Inventory Job Group needs to be successfully run -- For the AD_DeprovisionGroups Job, the target OU needs to be manually set in the Move Groups Action - Task prior to executing the actions. See the - [Action Tasks for the AD_DepvisionGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/deprovision/ad-deprovision-groups.md#action-tasks-for-the-ad_depvisiongroups-job) - topic for additional information. -- The AD_DeprovisionGroups Job needs to be run prior to running the AD_DeprovisionGroups_Status Job - -**Step 2 –** Schedule the 1.Groups Job Group to run as desired after the prerequisites have been -satisfied. - -**Step 3 –** Review the reports generated by the 1.Groups Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/ad-group-cleanup-permissions.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/ad-group-cleanup-permissions.md deleted file mode 100644 index a5ecf5c842..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/ad-group-cleanup-permissions.md +++ /dev/null @@ -1,44 +0,0 @@ -# AD_GroupCleanup_Permissions Job - -The AD_GroupCleanup_Permissions Job reports on where security groups are being used to assign -permissions. This can be used to prioritize remediation for groups that are rarely used. - -## Analysis Tasks for the AD_GroupCleanup_Permissions Job - -Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **2. Group Stamping** > -**AD_GroupCleanup_Permissions** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupCleanup_Permissions Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp) - -The default analysis tasks are: - -- Summarize Group Type/Scope – Creates the SA_AD_GroupCleanup_GroupTypes table accessible under the - job’s Results node -- Direct Permission Details – Creates the SA_AD_GroupCleanup_PermissionsImport table accessible - under the job’s Results node -- Expanded Perms Details – Creates the SA_GroupCleanup_ExpandedPermissions table accessible under - the job’s Results node -- Expanded Perms Summary – Creates the SA_GroupCleanup_ExpandedPermissionsSummary table accessible - under the job’s Results node -- Access Counts by Group – Creates the SA_GroupCleanup_GroupAccessSprawl table accessible under the - job’s Results node -- Permission and Access Counts by Group Scope – Creates the SA_AD_GroupCleanup_PermissionsByScope - table accessible under the job’s Results node -- Permission and Access Counts by Toxic Condition – Creates the - SA_AD_GroupCleanup_PermissionsByCondition table accessible under the job’s Results node -- Permission and Access Counts by Scan Type – Creates the SA_AD_GroupCleanup_ScanOverview table - accessible under the job’s Results node -- Group Summary – Creates the SA_GroupCleanup_GroupSummary table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis tasks, the AD_GroupCleanup_Permissions -Job produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Direct Permission Details | This report shows all direct permissions found by DAG for FileSystem, DAG for SharePoint, or imported into the Access Information Center from other sources. | None | This report is comprised of one element: - Table – Provides group direct permission details | -| Group Permission Summary | This report identifies what types of resources each security group is being used to apply permissions. | None | This report is comprised of four elements: - Table – Provides details on permission scans - Table – Provides details on group access - Table – Provides details on toxic conditions - Table – Provides a group overview | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/ad-group-stamping.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/ad-group-stamping.md deleted file mode 100644 index 2536baf783..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/ad-group-stamping.md +++ /dev/null @@ -1,40 +0,0 @@ -# AD_GroupStamping Job - -The AD_GroupStamping Job updates the Notes attribute for all security groups to show where the group -is provisioned inside the environment. This overwrites the notes field with data from Access -Analyzer. - -## Analysis Tasks for the AD_GroupStamping Job - -Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **2. Group Stamping -AD_GroupStamping** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupStamping Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp) - -The default analysis tasks are: - -- Identify Stale Groups – Creates the AD_DeprovisionGroups_Details table accessible under the job’s - Results node -- Groups to Delete – Identifies groups in the Stale Groups OU ready to be deleted - -In addition to the tables and views created by the analysis tasks, the AD_GroupStamping Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Stamping | This report tracks all actions taken with the included group stamping workflow. | None | This report is comprised of three elements: - Line Chart – Displays daily actions - Table – Provides details on daily actions - Table – Provides action details | - -## Action Tasks for the AD_GroupStamping Job - -View the action tasks by navigating to the **Active Directory** > **Cleanup** > **1.Groups** > **2. -Group Stamping AD_GroupStamping** > **Configure** node and select **Actions**. - -![Action Tasks for the AD_GroupStamping Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp) - -- Stamp Groups – Update Notes field with Permissions - -Select the checkbox next to The Stamp Groups Action Task and click **Execute Action** to execute the -action task. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/overview.md deleted file mode 100644 index 2eb299363a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/overview.md +++ /dev/null @@ -1,13 +0,0 @@ -# 2.Group Stamping Job Group - -The 2. Group Stamping Job Group updates the Notes attribute for all security groups to show where -the group is provisioned inside the environment. - -![2.Group Stamping Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp) - -The jobs in the 2. Group Stamping Job Group are: - -- [AD_GroupCleanup_Permissions Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/ad-group-cleanup-permissions.md) – Reports on where security - groups are being used to assign permissions -- [AD_GroupStamping Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/stamping/ad-group-stamping.md) – Updates the Note attribute for all security groups - to show where the group is provisioned inside of the environment diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/overview.md deleted file mode 100644 index efa6e56f78..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/overview.md +++ /dev/null @@ -1,27 +0,0 @@ -# Cleanup Job Group - -The **Active Directory** > **Cleanup** Job Group identifies potential stale and unused users, -computers, and groups as well as issues with group membership. Remediation workflows are included to -deprovision unnecessary objects. - -**CAUTION:** Apply changes only to intended target Active Directory objects, and ensure only the -changes required are enabled. Enabling and executing action modules without consideration can -negatively impact Active Directory. - -**_RECOMMENDED:_** Run the actions in a test environment before making changes to a production -environment. - -![Cleanup Job Group Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The job groups in the Cleanup Job Group are: - -- [1.Groups Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/groups/overview.md) – Provides an automated workflow to safely deprovision - groups, as well as the ability to stamp security groups with what resources they are given access - to -- [2.Users Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/overview.md) – Provides an automated workflow to deprovision stale and - unused user accounts -- [3.Computers Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/computers/overview.md) – Provides an automated workflow to deprovision - stale computer accounts -- [AD_CleanupProgress Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/ad-cleanup-progress.md) – Tracks Active Directory computer, group, and - user exceptions over time. This information can be used to provide a high-level picture of an - organization's Active Directory cleanup effort. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/recommended.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/recommended.md deleted file mode 100644 index 00a9471bcf..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/recommended.md +++ /dev/null @@ -1,38 +0,0 @@ -# Recommended Configurations for AD Cleanup Job Group - -The recommended configurations for the Cleanup Job Group are: - -Dependencies - -The Cleanup job group has the following prerequisites: - -- The Active Directory Actions license feature is required -- The Active Directory Actions Module must be installed -- The .Active Directory Inventory Job Group needs to be successfully run prior to running this job - group -- The following job groups from the Activity Directory job group need to be successfully run prior - to running this job group: - - - 1.Groups - - 2.Users - - 3.Computers - -Individual jobs and job groups within the Cleanup Job Group may have their own prerequisites and -dependencies. See the relevant job or job group topic for additional information. - -Target Hosts - -None - -Schedule Frequency - -Most of the jobs in this job group can be scheduled to run as desired. The AD_Cleanup Progress Job -should be scheduled to run every day. - -History Retention - -Not supported - -Multi-console Support - -Not supported diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/ad-deprovision-users-status.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/ad-deprovision-users-status.md deleted file mode 100644 index c5de984e43..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/ad-deprovision-users-status.md +++ /dev/null @@ -1,25 +0,0 @@ -# AD_DeprovisionUsers_Status Job - -The AD_DeprovisionUsers_Status Job tracks all actions taken by the included deprovisioning workflow. - -## Analysis Tasks for the AD_DeprovisionUsers_Status Job - -Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers_Status** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the AD_DeprovisionUsers_Status Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp) - -The default analysis task is: - -- Track History – Tracks all actions taken. Creates the SA_AD_DeprovisionUsers_Log accessible under - the job’s Results node. - -In addition to the tables and views created by the analysis task, the AD_DeprovisionUsers_Status Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| User Deprovisioning | This report tracks actions taken each day of the Stale User Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on user deprovisioning - Table – Provides action details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/ad-deprovision-users.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/ad-deprovision-users.md deleted file mode 100644 index 250e870cf1..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/ad-deprovision-users.md +++ /dev/null @@ -1,92 +0,0 @@ -# AD_DeprovisionUsers Job - -The AD_DeprovisionUsers Job provides an automated workflow deprovision stale and unused user -accounts. - -**Step 1 –** Move stale users to a staging OU for deletion. - -**Step 2 –** The assigned manager is alerted by email of the impending deletion. - -**Step 3 –** User accounts are disabled. - -**Step 4 –** Users are flagged as **To Be Deleted**. - -**Step 5 –** Delete users from the staging OU. - -**Step 6 –** Remove stale users from all groups. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The AD_DeprovisionUsers page has the following configurable parameters: - -- Days in the Stale Users OU before being deleted - -See the -[Customizable Analysis Parameters for the AD_DeprovisionUsers Job](#customizable-analysis-parameters-for-the-ad_deprovisionusers-job) -topic for additional information. - -## Analysis Tasks for the AD_DeprovisionUsers Job - -Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers** > -**Configure** node and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the AD_DeprovisionUsers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp) - -The default analysis tasks are: - -- Identify Users to be Deleted – Imports data from stale users -- User Accounts to Delete – Identifies accounts in the Stale Accounts OU that are ready to be - deleted - - - This analysis task contains a configurable parameter: `@days_before_deleting`. See the - [Customizable Analysis Parameters for the AD_DeprovisionUsers Job](#customizable-analysis-parameters-for-the-ad_deprovisionusers-job) - topic for additional information. - -- Identify Group Membership – Identifies stale user membership to remove - -### Customizable Analysis Parameters for the AD_DeprovisionUsers Job - -Customizable parameters enable you to set the values used to classify user and group objects during -this job’s analysis. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ----------------------- | --------------------------- | ------------- | ----------------------------------------------- | -| User Accounts to Delete | @days_before_deleting | 365 | Days in the Stale Users OU before being deleted | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for additional information. - -## Action Tasks for the AD_DeprovisionUsers Job - -Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers** > -**Configure** node and select **Actions** to view the actions. - -**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -![Action Tasks for the AD_DeprovisionUsers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp) - -The action tasks are: - -**CAUTION:** The action tasks must be executed together and in order. - -- Move Users – Move users to staging OU for deletion - - - The target OU must be set in the Move Users Action Task prior to executing the action tasks. - See the [Configure the Target OU](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/configure-target-ou.md) topic for additional information. - -- Notify Manager – Notify assigned manager by email of the impending deletion -- Disable Users – Disable user accounts -- Update Description – Flag users as **To Be Deleted** -- Delete Users – Delete users from staging OU -- Remove Membership – Remove stale users from all groups - -After the `@days_before_deleting` analysis parameter has been configured and the target OU has been -set in the Move Users Action Task, select the checkboxes next to all of the action tasks and click -**Execute Action** to execute the action tasks. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/overview.md deleted file mode 100644 index a4d63819a8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/overview.md +++ /dev/null @@ -1,28 +0,0 @@ -# 2.Users Job Group - -The 2.Users Job Group provides a workflow to deprovision stale and unused user accounts. - -![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/usersjobtree.webp) - -The jobs in the 2.Users Job Group are: - -- [AD_DeprovisionUsers Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/ad-deprovision-users.md) – Provides a simple and automated workflow to - deprovisions stale and unused user accounts -- [AD_DeprovisionUsers_Status Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/ad-deprovision-users-status.md) – Tracks and reports all actions - taken by the included Deprovisioning workflow - -Workflow - -**Step 1 –** Ensure the following prerequisites are met: - -- The .Active Directory Inventory Job Group needs to be successfully run -- For the AD_DeprovisionUsers Job, the target OU needs to be manually set in the Move Users Action - Task prior to executing the actions. See the - [Action Tasks for the AD_DeprovisionUsers Job](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/users/ad-deprovision-users.md#action-tasks-for-the-ad_deprovisionusers-job) - topic for additional information. -- The AD_DeprovisionUsers Job needs to be run prior to running the AD_DeprovisionUsers_Status Job - -**Step 2 –** Schedule the 2.Users Job Group to run as desired after the prerequisites have been -satisfied. - -**Step 3 –** Review the reports generated by the 2.Users Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/computers/ad-computer-delegation.md b/docs/accessanalyzer/12.0/solutions/active-directory/computers/ad-computer-delegation.md deleted file mode 100644 index df2e973e15..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/computers/ad-computer-delegation.md +++ /dev/null @@ -1,31 +0,0 @@ -# AD_ComputerDelegation Job - -The AD_ComputerDelegation Job provides details on computer accounts that have been enabled for -unconstrained delegation. Once this configuration is enabled for a computer, any time an account -connects to the computer for any reason, their ticket-granting ticket (TGT) is stored in memory so -it can be used later by the computer for impersonation, which exposes a significant security risk in -cases where privileged accounts access the computer.  See the -[What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix -blog article for more information about this configuration and the related security risks. - -## Analysis Task for the AD_ComputerDelegation Job - -Navigate to the **Active Directory** > **3.Computers** > **AD_ComputerDelegation** > Configure node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the analysis task. The analysis task is preconfigured for -this job. - -![Analysis Task for the AD_ComputerDelegation Job](/img/product_docs/accessanalyzer/solutions/activedirectory/computers/computerdelegationanalysis.webp) - -The default analysis tasks are: - -- Determine computers trusted for delegation – Creates the SA_AD_ComputerDelegation_Details table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the AD_ComputerDelegation Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Computers Trusted for Delegation | This report highlights which computers are trusted for delegation, which accounts are sensitive, and whether the delegation is constrained or unconstrained. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays computers trusted for delegation by domain - Table – Provides details on computers trusted for delegation - Table – Provides details on computers trusted for delegation by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/computers/ad-stale-computers.md b/docs/accessanalyzer/12.0/solutions/active-directory/computers/ad-stale-computers.md deleted file mode 100644 index 14c601e3d2..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/computers/ad-stale-computers.md +++ /dev/null @@ -1,61 +0,0 @@ -# AD_StaleComputers Job - -The AD_StaleComputers Job provides details on stale computers that may be candidates for cleanup. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The AD_StaleComputers Job has the following configurable parameters: - -- Days since Last Logon -- Consider disabled accounts as stale - -See the -[Customizable Analysis Parameters for the AD_StaleComputers Job](#customizable-analysis-parameters-for-the-ad_stalecomputers-job) -topic for additional information. - -## Analysis Tasks for the AD_StaleComputers Job - -Navigate to the **Active Directory** > **3.Computers** > **AD_StaleComputers** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the **2. Summarize by Domain** analysis task. This analysis -task is preconfigured for this job. - -![Analysis Tasks for the AD_StaleComputers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/computers/stalecomputersanalysis.webp) - -The default analysis tasks are: - -- 1. Identify Stale Computers - - - Identifies computer objects that are disabled or have exceeded the defined threshold of - inactivity - - Creates the SA_AD_StaleComputers_Details table accessible under the job’s Results node - - Definition of a stale computer can be customized - -- 2. Summarize by Domain – Creates the SA_AD_StaleComputers_DomainSummay table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_StaleComputers Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Stale Computers | This report presents potentially stale computers. Computers are considered stale if they have never logged onto the domain, have not logged onto the domain in the past 90 days, or are disabled. **NOTE:** The definition of a stale computer is customizable. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays stale computers by domain - Table – Provides details on computers - Table – Provides summary of stale computers | - -### Customizable Analysis Parameters for the AD_StaleComputers Job - -Analysis parameters that can be customized have the following default values: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| --------------------------- | --------------------------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| 1. Identify Stale Computers | @days_since_last_logon | 90 | A computer object that has been inactive for 90 days or more | -| 1. Identify Stale Computers | @consider_disable | 1 | A computer object that has been disabled: - Value 1 = Disabled computers are included as stale - Value 0 = Disabled computers are not included as stale | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/computers/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/computers/overview.md deleted file mode 100644 index 8349e83712..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/computers/overview.md +++ /dev/null @@ -1,18 +0,0 @@ -# 3.Computers Job Group - -The 3.Computers Job Group help to pinpoint potential areas of administrative concern related to -computer accounts, including stale computers and computers that have been trusted for delegation. - -![3.Computers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following jobs comprise the 3.Computers Job Group: - -- [AD_ComputerDelegation Job](/docs/accessanalyzer/12.0/solutions/active-directory/computers/ad-computer-delegation.md) – Provides details on computer accounts that - have been trusted for delegation. Once this configuration is enabled for a computer, any time an - account connects to the computer for any reason, their ticket-granting ticket (TGT) is stored in - memory so it can be used later by the computer for impersonation, which exposes a significant - security risk in cases where privileged accounts access the computer.  See the - [What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix - blog article for more information about this configuration and the related security risks. -- [AD_StaleComputers Job](/docs/accessanalyzer/12.0/solutions/active-directory/computers/ad-stale-computers.md) – Provides details on stale computers that may be - candidates for cleanup diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-dc-summary.md b/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-dc-summary.md deleted file mode 100644 index 7a217436e3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-dc-summary.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_DCSummary Job - -The AD_DCSummary Job provides operational reporting related to the details collected for each domain -controller. For each domain controller, the report identifies the FSMO role, whether it is a -bridgehead server, whether it is a global catalog, and the time server it syncs to. - -## Analysis Task for the AD_DCSummary Job - -Navigate to the **Active Directory > 5.Domains > AD_DCSummary > Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/activedirectory/domains/dcsummaryanalysis.webp) - -The default analysis tasks are: - -- 1. List DCs - - Creates the AD_DCSummary_List table accessible under the job’s Results node - - Creates an interim processing table in the database for use by downstream analysis and report - generation - -In addition to the tables and views created by the analysis task, the AD_DCSummary Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain Controllers Overview | This report identifies domain controllers' roles and attributes within each domain. | None | This report is comprised of two elements: - Bar Chart – Displays domain controllers by domain - Table – Provides details on domain controllers by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-domain-info.md b/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-domain-info.md deleted file mode 100644 index ceb38584fc..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-domain-info.md +++ /dev/null @@ -1,55 +0,0 @@ -# AD_DomainInfo Job - -The AD_DomainInfo Job provides operational reporting related to the collected domains, sites, and -trusts, providing details such as high level object counts by domain or site, domain and forest -functional levels, and types and directions of trusts. - -## Queries for the AD_DomainInfo Job - -The AD_DomainInfo Job uses the ActiveDirectory Data Collector and the LDAP Data Collector for the -following queries: - -**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/activedirectory/domains/domaininfoquery.webp) - -The queries for this job are: - -- Trusts – Targets one domain controller per forest to retrieve domain trust information -- Sites – Targets one domain controller per forest to retrieve domain site information -- Domains – Targets one domain controller per forest to retrieve domain information -- Trust Filtering – Queries the host specified to retrieve domain trust information -- dSHeuristics – Returns dSHeuristics Unicode string using LDAP - -**NOTE:** See the Active Directory Data Collector and LDAP Data Collector sections for additional -information - -## Analysis Tasks for the AD_DomainInfo Job - -Navigate to the **Active Directory > 5.Domains > AD_DomainInfo > Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/activedirectory/domains/domaininfoanalysis.webp) - -The default analysis tasks are: - -- Domain Summary – Creates interim processing tables in the database for use by downstream analysis - and report generation -- Site Summary – Creates an interim processing table in the database for use by downstream analysis - and report generation -- Trust Details – Creates an interim processing table in the database for use by downstream analysis - and report generation -- dSHeuristics Details – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_DomainInfo Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------- | ----------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | -| Domains | This report lists the forest sites and presents the total number of domain controllers, GC Servers, and users per site. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays domains - Table – Provides details on domains | -| Sites | This report lists the sites and counts the domain controllers, global catalogue servers, and users of each. | None | This report is comprised of two elements: - Bar Chart – Displays sites by user count - Table – Provides details on sites by user count | -| Trusts | This report lists the domains and presents the trust information, including type, direction, and transitivity. | None | This report is comprised of one elements: - Table – Provides details on domains and trusts | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-dsrm-settings.md b/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-dsrm-settings.md deleted file mode 100644 index 4965d05a02..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-dsrm-settings.md +++ /dev/null @@ -1,31 +0,0 @@ -# AD_DSRMSettings Job - -The AD_DRSMSettings Job provides details on domain controller registry settings for the -DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account can be used to log -in to the domain controller even if it has not been started in DSRM which can present a potential -security vulnerability. Additional information on this registry key is available in this -[Microsoft Document](). - -## Analysis Tasks for the AD_DSRMSettings Job - -Navigate to the **Active Directory > 5.Domains > AD_DSRMSettings > Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![dsrmsettingsanalysis](/img/product_docs/accessanalyzer/solutions/activedirectory/domains/dsrmsettingsanalysis.webp) - -The default analysis tasks are: - -- Change tracking – Creates the SA_AD_DSRMSettings_ChangeTracking table accessible under the job’s - Results node -- Details – Creates the SA_AD_DSRMSettings_Details table accessible under the job’s Results node -- Summary – Creates the SA_AD_DSRMSettings_Summary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_DSRMSettings Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| DSRM Admin Security | This report highlights domain controller registry settings for the DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin account can be used to log in to the domain controller even if it has not been started in DSRM. This is a potential vulnerability. See the Microsoft [Restartable AD DS Step-by-Step Guide]() for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays DSRM admin logon  by domain controller - Table – Provides details on domain controllers | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-kerberoasting-risk.md b/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-kerberoasting-risk.md deleted file mode 100644 index d1c0545c66..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-kerberoasting-risk.md +++ /dev/null @@ -1,60 +0,0 @@ -# AD_KerberoastingRisk Job - -The AD_KerberoastingRisk job identifies accounts vulnerable to kerberoasting. Kerberoasting is a -threat where attackers target service accounts in Active Directory to steal their passwords. - -In a kerberoasting attack, attackers request service tickets (TGS) for service accounts from the Key -Distribution Center (KDC). These tickets are encrypted with the service account's password hash. -Attackers attempt to crack these hashes offline to reveal the passwords for the service accounts. - -Encryption types vulnerable to kerberoasting include RC4 and DES. AES-128 can also be considered -weak, depending on the implementation and threat model. - -See the Netwrix -[Kerberoasting Attack](https://www.netwrix.com/cracking_kerberos_tgs_tickets_using_kerberoasting.html) -article for additional information on kerberoasting. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The AD_KerberoastingRisk job has the following configurable parameters: - -- Consider AES 128 as weak encryption (DES and RC4 always considered weak) – Enable to include - AES-128 as a weak encryption type -- Consider "Password Never Expires" as an easily crackable password – Enable to include accounts - having the Password Never Expires policy as a password exception -- Report on disabled user accounts – Enable to include disabled user accounts in the analysis - -All of these parameters are disabled by default. - -## Analysis Tasks for the AD_KerberoastingRisk Job - -Navigate to the **Active Directory** > **5.Domains** > **AD_KerberoastingRisk** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_KerberoastingRisk Job](/img/product_docs/accessanalyzer/solutions/activedirectory/domains/kerberoastingriskanalysis.webp) - -The default analysis tasks are: - -- Kerberoasting Details – Provides details on accounts vulnerabilities to Kerberoasting - - - This task uses three customizable parameters. These allow you to optionally consider AES-128 - as a weak encryption type, consider Password Never Expires as being easily crackable, and - include disabled user accounts. See the - [Parameter Configuration](#parameter-configuration) topic for additional information. - -- Kerberoasting Summary – Summarizes accounts by domain with counts for multiple vulnerabilities - -In addition to the tables and views created by the analysis tasks, the AD_KerberoastingRisk job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Kerberoasting Risk | An account is vulnerable to kerberoasting if it has an SPN assigned and one of the following is true: - RC4 or DES (or AES-128 if enabled) - Weak password exception - Trusted for delegation - Is an administrator | None | This report is comprised of three elements: - Stacked Bar Chart – Displays vulnerable accounts - Table – Provides a summary of accounts vulnerable to kerberoasting - Table – Provides details on the accounts vulnerabilities to kerberoasting | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-domain-controllers.md b/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-domain-controllers.md deleted file mode 100644 index e23b43638a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-domain-controllers.md +++ /dev/null @@ -1,62 +0,0 @@ -# AD_DomainControllers Job - -The 0.Collection > AD_DomainControllers Job collects domain controller details which will be further -analyzed in order to provide information on domains, sites, and trusts. - -## Queries for the AD_DomainControllers Job - -The AD_DomainControllers Job uses the LDAP Data Collector and the ActiveDirectory Data Collector for -the following queries: - -**CAUTION:** Except the first query, do not modify the remaining queries. The remaining queries are -preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/domaincontrollersquery.webp) - -The queries for this job are: - -- Domain Controller Listing – Targets one domain controller per domain known to Access Analyzer to - collect a listing of all domain controllers - - Can be modified to connect securely with TLS/SSL. - - See the [Connect Securely with TLS/SSL](#connect-securely-with-tlsssl) topic for additional - information. -- Actual Bridgehead Servers – Targets one domain controller per domain known to Access Analyzer to - collect all of the bridgehead servers for each site -- Global Catalog Servers – Targets one domain controller per domain known to Access Analyzer to - extract a list of GCs for each site -- Significant DCs – Targets one domain controller per domain known to Access Analyzer to gather - information about the significant DCs -- Preferred Bridgehead Servers – Targets one domain controller per domain known to Access Analyzer - to list the preferred bridgehead servers for each site - - **NOTE:** See the Active Directory Data Collector and LDAP Data Collector sections for - additional information. - -### Connect Securely with TLS/SSL - -The Domain Controller Listing Query in the AD_DomainControllers Job is configured to use the LDAP -Data Collector. This query can be optionally configured to connect securely with TLS/SSL. - -**CAUTION:** Do not modify any other settings in this query. - -**Step 1 –** Navigate to the job’s > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the _Domain Controller Listing_ Query and click -**Query Properties**. The Query Properties window displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The LDAP template form wizard -opens. - -![LDAP template form](/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplate.webp) - -**Step 4 –** Click **Options**. - -![Connection Options](/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp) - -**Step 5 –** On the Options page, select **Connect Securely with TLS/SSL**. Optionally, select -**Ignore Certificate Errors** to connect even if certificate errors occur. Use **Server Port** 686 -for a secure connection. Click **OK** to close the Options page. - -**Step 6 –** Step 13 – Then click **OK** to close the LDAP template form wizard. - -The job now connects securely with TLS/SSL. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-dsrm.md b/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-dsrm.md deleted file mode 100644 index 862e6f312e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-dsrm.md +++ /dev/null @@ -1,21 +0,0 @@ -# AD_DSRM Job - -The **0.Collection > AD_DSRM** Job collects data related to domain controller registry settings for -the DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account can be used to -log in to the domain controller even if it has not been started in DSRM which can present a -potential security vulnerability. Additional information on this registry key is available in this -[Microsoft Document](). - -## Query for the AD_DSRM Job - -The AD_TimeSync Job uses the Registry Data Collector for the following query: - -**CAUTION:** Do not modify this query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/dsrmquery.webp) - -The queries for this job are: - -- Check LSA registry keys – Targets all domain controllers check LSA registry keys - - See the [Registry Data Collector](/docs/accessanalyzer/12.0/data-collection/registry/index.md) topic for - additional information. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-time-sync.md b/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-time-sync.md deleted file mode 100644 index aac128a1cd..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-time-sync.md +++ /dev/null @@ -1,19 +0,0 @@ -# AD_TimeSync Job - -The 0.**Collection > AD_TimeSync** Job collects TimeSync information from the registry for each -domain controller within the domain. - -## Query for the AD_TimeSync Job - -The AD_TimeSync Job uses the Registry Data Collector for the following query: - -**CAUTION:** Do not modify this query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/timesyncquery.webp) - -The queries for this job are: - -- Timesync Info – Targets one domain controller per domain known to Access Analyzer to determine - TimeSync information from the registry - - See the [Registry Data Collector](/docs/accessanalyzer/12.0/data-collection/registry/index.md) topic for - additional information. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/overview.md deleted file mode 100644 index 4724a6c589..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/overview.md +++ /dev/null @@ -1,18 +0,0 @@ -# 0.Collection Job Group - -The **5.Domains > 0.Collection** Job Group collects the data which will be further analyzed in order -to provide details on domains, sites, and trusts. - -![0.Collection Job Group](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The 0.Collection Job Group is comprised of: - -- [AD_DomainControllers Job](/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-domain-controllers.md) – Collects domain controller details which - will be further analyzed in order to provide information on domains, sites, and trusts. -- [AD_DSRM Job](/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-dsrm.md) – Collects data related to domain controller registry settings for the - DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account can be used to - log in to the domain controller even if it has not been started in DSRM which can present a - potential security vulnerability. Additional information on this registry key is available in this - [Microsoft Document](). -- [AD_TimeSync Job](/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/ad-time-sync.md) – Collects TimeSync information from the registry for each - domain controller within the domain diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/domains/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/domains/overview.md deleted file mode 100644 index eeae711ecb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/domains/overview.md +++ /dev/null @@ -1,25 +0,0 @@ -# 5.Domains Job Group - -The 5.Domains job group provides details on domains, sites, and trusts, and highlights domain level -configurations that may leave your environment at risk. - -![Domains Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following components comprises the 5.Domains job group: - -- [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/domains/collection/overview.md) – Collects the data which will be further - analyzed in order to provide details on domains, sites, and trusts -- [AD_DCSummary Job](/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-dc-summary.md) – Provides operational reporting related to the details - collected for each domain controller. For each domain controller, the report identifies the FSMO - role, whether it is a bridgehead server, whether it is a global catalog, and the time server it - syncs to. -- [AD_DomainInfo Job](/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-domain-info.md) – Provides operational reporting related to the collected - domains, sites, and trusts, providing details such as high level object counts by domain or site, - domain and forest functional levels, and types and directions of trusts -- [AD_DSRMSettings Job](/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-dsrm-settings.md) – Provides details on domain controller registry - settings for the DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account - can be used to log in to the domain controller even if it has not been started in DSRM which can - present a potential security vulnerability. -- [AD_KerberoastingRisk Job](/docs/accessanalyzer/12.0/solutions/active-directory/domains/ad-kerberoasting-risk.md) – Identifies accounts vulnerable to - kerberoasting. Kerberoasting is a threat where attackers target service accounts in Active - Directory to steal their passwords. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/domains/recommended.md b/docs/accessanalyzer/12.0/solutions/active-directory/domains/recommended.md deleted file mode 100644 index d47749609a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/domains/recommended.md +++ /dev/null @@ -1,62 +0,0 @@ -# Recommended Configurations for the 5.Domains Job Group - -The **Active Directory > 5.Domains** job group has been configured by default to run with the -default settings. It can be run directly or scheduled. - -Dependencies - -This job group does not have dependencies. - -Targeted Hosts - -The **AD_DomainControllers** job has been configured to inherit its host from the **5.Domains > -0.Collection > Settings > Host List Assignment** node. It is set to target the ONE DOMAIN CONTROLLER -PER DOMAIN host list. - -The host list assignment for the **0.Collection > AD_TimeSync** and the **0.Collection** > -**AD_DSRM** jobs have been configured at the job’s **Configure** > **Hosts** node. They are set to -run against the ALL DOMAIN CONTROLLERS host list. - -The ONE DOMAIN CONTROLLER PER DOMAIN and ALL DOMAIN CONTROLLERS host lists are dynamic host lists -based on the host inventory value in the isDomainController field in the Host Master Table. - -The **5.Domains > AD_DomainInfo** job needs to be set to run against the following: - -- Custom host list with one domain controller per forest - -Connection Profile - -A Connection Profile should be assigned at the **5.Domains > Settings > Connection** node with -Domain Administrator privileges. - -Schedule Frequency - -This job group can be scheduled to run as desired. - -Run at the Job Group Level - -**_RECOMMENDED:_** Run the jobs in the **5.Domains** job group together and in order by running the -entire job group, instead of the individual jobs. - -Query Configuration - -The 5.Domains > 0.Collection > AD_DomainControllers job should be run with the default query -configurations. Most of these queries are preconfigured for this Job Group and should not be -modified. - -The following query can be modified to use a secure connection with TLS/SSL: - -- Domain Controller Listing Query which uses the - [LDAP Data Collector](/docs/accessanalyzer/12.0/data-collection/ldap/index.md) - -Workflow - -**Step 1 –** Set the host on the AD_DomainInfo job. - -**Step 2 –** Run a host discovery query to discover domain controllers. - -**Step 3 –** Set a Connection Profile on the job group. - -**Step 4 –** Schedule the 5.Domains job group to run as desired. - -**Step 5 –** Review the reports generated by the 5.Domains job group. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-cpassword.md b/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-cpassword.md deleted file mode 100644 index 24b048bcc7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-cpassword.md +++ /dev/null @@ -1,34 +0,0 @@ -# AD_CPassword Job - -The AD_CPassword Job identifies passwords that are stored in Group Policy Preferences which present -a security risk allowing attackers access to these passwords. Microsoft published the AES private -key, which can be used to decrypt passwords stored in Group Policy Preferences. See the Microsoft -[2.2.1.1.4 Password Encryption](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-gppref/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be) -article for additional information. Since Authenticated Users have read access to SYSVOL, any -malicious insider or attacker can search for the cPassword file inside XML files shared through -SYSVOL to decrypt them. GPOs can be stored in the `%ProgramData%\Microsoft\Group Policy\History` -folder on each machine, meaning any results found by this job should be deleted off every computer -once this policy has been removed. - -## Query for the AD_CPassword Job - -The AD_CPassword Job uses the PowerShell Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job - -![Query for the AD_CPassword Job](/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/cpasswordquery.webp) - -The queries for this job are: - -- Sysvol – Targets one domain controller per domain known to Access Analyzer to determine CPassword - security - - - See the [PowerShell Data Collector](/docs/accessanalyzer/12.0/data-collection/powershell/overview.md) topic - for additional information. - -In addition to the tables created by the data collector, the AD_CPassword Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------- | -| Potential Plaintext Passwords | This report highlights domain contollers where this vulnerability exists, and provides the path of the XML file in question. | None | This report is comprised of one elements: - Table – Provides details on potential plaintext passwords | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-group-policy.md b/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-group-policy.md deleted file mode 100644 index 13469a8e4f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-group-policy.md +++ /dev/null @@ -1,46 +0,0 @@ -# AD_GroupPolicy Job - -The AD_GroupPolicy Job audits all Group Policies that are present on the Domain Controller, and -provides details on the containers they are linked to, and the settings that are configured. - -## Queries for the AD_GroupPolicy Job - -The AD_GroupPolicy Job uses the GroupPolicy Data Collector for the following query: - -**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. - -![Queries for the AD_GroupPolicy Job](/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyquery.webp) - -The queries for this job are: - -- Link Status – Targets the default domain controller known to Access Analyzer to retrieve a GPO's - list for the domain -- Settings – Targets the default domain controller known to Access Analyzer to return the state for - domain policies for all GPOs. See the - [GroupPolicy Data Collector](/docs/accessanalyzer/12.0/data-collection/group-policy/overview.md) topic for - additional information. - -## Analysis Tasks for the AD_GroupPolicy Job - -Navigate to the **Active Directory** > **4.GroupPolicy** > **AD_GroupPolicy** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupPolicy Job](/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp) - -The default analysis tasks are: - -- 1. Group Policy Analysis – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 2. Combined User and Computer Settings – Creates the SA_AD_GroupPolicy_SettingList table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_GroupPolicy Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------ | -------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| GPO Details | This report lists all Group Policies and their settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPO count by domain - Table – Provides details on policies by domain - Table – Provides details on GPO count by domain - Table – Provides details on settings | -| GPO Overview | This report lists all Group Policies and their settings. | None | This report is comprised of three elements: - Bar Chart – Displays GPO configuration by domain - Table – Provides details on GPOs - Table – Provides details on GPO configuration by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-overlapping-gpos.md b/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-overlapping-gpos.md deleted file mode 100644 index edda88d3ab..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-overlapping-gpos.md +++ /dev/null @@ -1,42 +0,0 @@ -# AD_OverlappingGPOs Job - -The AD_OverlappingGPOs Job identifies conflicting and redundant GPO settings based on link location. -These GPO settings should be cleaned up or consolidated. - -## Analysis Tasks for the AD_OverlappingGPOs Job - -Navigate to the **Active Directory** > **4. Group Policy** > **AD_OverlappingGPOs** > **Configure** -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected first analysis task. The first analysis task is -preconfigured for this job. - -![Analysis Tasks for the AD_OverlappingGPOs Job](/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp) - -The default analysis tasks are: - -- Conflicting – Creates the SA_AD_OverlappingGPOs_Conflicts table accessible under the job’s Results - node - -The following analysis tasks are deselected by default: - -**NOTE:** Deselect the **Conflicting** analysis task before selecting the analysis tasks below. - -- Redundant – Restores the SA_AD_OverlappingGPOs_Redundant table to be visible under the job’s - Results node -- Redundant GPOs by OU – Restores the SA_AD_OverlappingGPOs_RedundantGPOsbyOU table to be visible - under the job’s Results node -- Redundant GPOs – Restores the SA_AD_OverlappingGPOs_RedundantGPOs table to be visible under the - job’s Results node -- Conflicts by OU – Restores the SA_AD_OverlappingGPOs_ConflictsByOU table to be visible under the - job’s Results node -- Conflicts by GPO – Restores the SA_AD_OverlappingGPOs_ConflictsByGPO table to be visible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_OverlappingGPOs Job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Conflicting GPOs | This report lists group policy objects that apply conflicting settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPOs by conflicts - Table – Provides details on GPOs by conflicts - Table – Provides details on GPOs Details - Table – Provides details on OUs with conflicting GPOs | -| Redundant GPOs | This report lists group policy objects that apply redundant settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPOs by redundant children - Table – Provides details on GPOs by redundant children - Table – Provides details on overlapping GPOs - Table – Provides details on OUs with most redundancies | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-password-policies.md b/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-password-policies.md deleted file mode 100644 index 55f2d98c85..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-password-policies.md +++ /dev/null @@ -1,43 +0,0 @@ -# AD_PasswordPolicies Job - -The AD_PasswordPolicies Job identifies fine-grained domain password policies that are stored within -the Password Settings Container. Fine-Grained password policies allow AD administrators to apply -different password policies within a single domain. - -## Query for the AD_PasswordPolicies Job - -The AD_PasswordPolicies Job uses the LDAP Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_PasswordPolicies Job](/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp) - -The query for this job is: - -- Fine-grained Policies – Targets one domain controller per domain known to Access Analyzer to - return fine-grained password policies - - - See the [LDAP Data Collector](/docs/accessanalyzer/12.0/data-collection/ldap/index.md) topic for additional - information - -## Analysis Task for the AD_PasswordPolicies Job - -Navigate to the **Active Directory** > **4.GroupPolicy** > **AD_PasswordPolicies** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the AD_PasswordPolicies Job](/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp) - -The default analysis tasks are: - -- Determine fine-grained password policy details – Creates the SA_AD_PasswordPolicies_Details table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the AD_UserDelegation Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------- | -| Fine-Grained Password Policies | This report highlights fine-grained password policies on all targeted domain controllers. | None | This report is comprised of one element: - Table – Provides details on fine-grained password policy details | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/overview.md deleted file mode 100644 index e937475dbf..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/overview.md +++ /dev/null @@ -1,28 +0,0 @@ -# 4.Group Policy Job Group - -The 4.Group Policy Job Group audits GPOs and their settings, and provides in depth analysis of -conditions such as where GPOs have been linked, misconfigurations that can cause security or -operational issues, and redundant GPOs that can be consolidated. - -![4.Group Policy Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following components comprise the 4.Group Policy Job Group: - -- [AD_CPassword Job](/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-cpassword.md) – Identifies passwords that are stored in Group Policy - Preferences which present a security risk allowing attackers access to these passwords. Microsoft - published the AES private key, which can be used to decrypt passwords stored in Group Policy - Preferences. See the Microsoft - [2.2.1.1.4 Password Encryption](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-gppref/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be) - article for additional information. Since Authenticated Users have read access to SYSVOL, any - malicious insider or attacker can search for the cPassword file inside XML files shared through - SYSVOL to decrypt them. GPOs can be stored in the `%ProgramData%\Microsoft\Group Policy\History` - folder on each machine, meaning any results found by this job should be deleted off every computer - once this policy has been removed. -- [AD_GroupPolicy Job](/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-group-policy.md) – Audits all Group Policies that are present on the Domain - Controller, and provides details on the containers they are linked to and the settings that are - configured -- [AD_OverlappingGPOs Job](/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-overlapping-gpos.md) – Identifies conflicting and redundant GPO - settings based on link location. These GPO settings should be cleaned up or consolidated. -- [AD_PasswordPolicies Job](/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/ad-password-policies.md) – Identifies fine-grained domain password - policies that are stored within the Password Settings Container. Fine-Grained password policies - allow AD administrators to apply different password policies within a single domain. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-circular-nesting.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-circular-nesting.md deleted file mode 100644 index c34313f0e7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-circular-nesting.md +++ /dev/null @@ -1,28 +0,0 @@ -# AD_CircularNesting Job - -The AD_CircularNesting Job identifies circularly nested groups within Active Directory which can -pose administrative and operational challenges with identifying effective access to resources. - -## Analysis Tasks for the AD_CircularNesting Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_CircularNesting** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_CircularNesting Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp) - -The default analysis tasks are : - -- Circular Nesting Details – Creates the SA_AD_CircularNesting_Details table accessible under the - job’s Results node -- Domain Summary – Creates the SA_AD_CircularNesting_DomainSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_CircularNesting Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ---------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Circular Nesting | This report identifies instances of circular nesting within the environment. | None | This report is comprised of three elements: - Bar Chart – Displays circular nesting by domain - Table – Provides details on circular nesting - Table – Provides details on circular nesting by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-dc-logon-groups.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-dc-logon-groups.md deleted file mode 100644 index d301af9757..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-dc-logon-groups.md +++ /dev/null @@ -1,32 +0,0 @@ -# AD_DCLogonGroups Job - -The AD_DCLogonGroups Job identifies users who are able to log on to Domain Controllers through -effective membership to the Enterprise Admins, Domain Admins, Administrators, Backup Operators, -Account Operators, Print Operators, or Remote Desktop Users groups. This type of access should be -limited to only those individuals who require this level of administrative privileges. - -## Analysis Tasks for the AD_DCLogonGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_DCLogonGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DCLogonGroups Job](/img/product_docs/accessanalyzer/solutions/activedirectory/groups/dclogongroupsanalysis.webp) - -The default analysis tasks are: - -- Circular Effective Membership – Creates the SA_AD_DCLogonGroups_Membership table accessible under - the job’s Results node -- User Listing – Creates the SA_AD_DCLogonGroups_UserList table accessible under the job’s Results - node -- Membership Summary – Creates the SA_AD_DCLogonGroups_Summary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_CircularNesting Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | --------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain Controller Logon Rights | This report displays effective membership for groups with logon rights to domain controllers. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays largest groups - Table – Provides details on membership - Table – Provides summary of membership | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-duplicate-groups.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-duplicate-groups.md deleted file mode 100644 index 7023bb8c7a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-duplicate-groups.md +++ /dev/null @@ -1,26 +0,0 @@ -# AD_DuplicateGroups Job - -The AD_Duplicate Job identifies duplicate groups within Active Directory. Duplicate groups contain -the same group membership as one another and are suitable candidates for cleanup. - -## Analysis Task for the AD_DuplicateGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_DuplicateGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AD_DuplicateGroups Job](/img/product_docs/accessanalyzer/solutions/activedirectory/groups/duplicategroupsanalysis.webp) - -The default analysis tasks are: - -- Identify Duplicate Groups – Creates the SA_AD_DuplicateGroups_Details table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis task, the AD_DuplicateGroups Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Duplicate Groups | This report identifies duplicate groups within the audited domains. | None | This report is comprised of three elements: - Bar Chart – Displays domains by number of groups with duplicates - Table – Provides details on duplicate groups - Table – Provides details on domains by number of groups with duplicates | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-empty-groups.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-empty-groups.md deleted file mode 100644 index a778449737..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-empty-groups.md +++ /dev/null @@ -1,32 +0,0 @@ -# AD_EmptyGroups Job - -The AD_EmptyGroups Job identifies empty and single member groups which are suitable candidates for -consolidation or cleanup. - -## Analysis Tasks for the AD_EmptyGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_EmptyGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_EmptyGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) - -The default analysis tasks are: - -- Empty Groups – Creates the SA_AD_EmptyGroups_Empty table accessible under the job’s Results node -- Single User Groups – Creates the SA_AD_EmptyGroups_SingleUser table accessible under the job’s - Results node -- Summarize Empty Groups – Creates the SA_AD_EmptyGroups_EmptySummary table accessible under the - job’s Results node -- Summarize Single User Groups – Creates the SA_AD_EmptyGroups_SingleUserSummary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_EmptyGroups Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | --------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Empty Groups | This report identifies all groups without any members. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by empty group counts - Table – Provides details on empty groups - Table – Provides details on empty groups by domain | -| Single User Groups | This report identifies groups which only contain a single user. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by single user groups - Table – Provides details on groups - Table – Provides details on single user groups by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-group-probable-owners.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-group-probable-owners.md deleted file mode 100644 index f062c28785..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-group-probable-owners.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_GroupProbableOwners Job - -The AD_GroupProbableOwners Job determines potential owners for Active Directory Groups which can be -used to perform automated membership reviews and enable self-service group management and membership -requests. - -## Analysis Tasks for the AD_GroupProbableOwners Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_GroupProbableOwners** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupProbableOwners Job](/img/product_docs/accessanalyzer/solutions/activedirectory/groups/groupprobableownersanalysis.webp) - -The default analysis tasks are: - -- Determine Ownership – Creates the SA_AD_GroupProbableOwner_Owners table accessible under the job’s - Results node -- Domain Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_GroupProbableOwner Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ----------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Probable Owners | This report identifies the most probable manager or department, based on effective member attributes. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top domains by blank manager field - Table – Provides details on probable ownership - Table – Provides summary of managers | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-largest-groups.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-largest-groups.md deleted file mode 100644 index 4d046db454..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-largest-groups.md +++ /dev/null @@ -1,27 +0,0 @@ -# AD_LargestGroups Job - -The AD_LargestGroups Job identifies groups with large effective member counts. These types of groups -may cause administrative overhead and burden in being able to easily understand who is getting -access to resources, or how much access is being granted to resources through these groups. - -## Analysis Task for the AD_LargestGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_LargestGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AD_LargestGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp) - -The default analysis tasks are: - -- Group Details – Creates the SA_AD_LargestGroups_Details table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis task, the AD_LargestGroups Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------- | -| Largest Groups | This report identifies the largest groups within the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays largest groups - Table – Provides details on groups | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-mail-security-groups.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-mail-security-groups.md deleted file mode 100644 index 0f342376ae..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-mail-security-groups.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_MailSecurityGroups Job - -The AD_MailSecurityGroups Job identifies mail-enabled security groups within Active Directory. - -## Analysis Tasks for the AD_MailSecurityGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_MailSecurityGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_MailSecurityGroups Job](/img/product_docs/accessanalyzer/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp) - -The default analysis tasks are: - -- Calculate Effective Membership – Creates the SA_AD_MailSecurityGroups_Membership table accessible - under the job’s Results node -- Mail Enabled Domain Summary – Creates the SA_AD_MailSecurityGroups_DomainSummary table accessible - under the job’s Results node -- Membership Summary – Creates the SA_AD_MailSecurityGroups_Summary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_MailSecurityGroups Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Mail Enabled Security Groups | This report displays summary data for mail enabled security groups. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays mail enabled security groups per domain - Table – Provides summary of mail enabled security groups - Table – Provides summary of mail enabled security groups by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-nested-groups.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-nested-groups.md deleted file mode 100644 index 7b05c6f845..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-nested-groups.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_NestedGroups Job - -The AD_NestedGroups Job identifies nested groups within Active Directory and provides details such -as the levels of nesting. While Active Directory provides the ability to nest certain types of -groups within other groups, Microsoft recommends nesting does not go beyond two levels in order to -avoid difficulties in understanding effective membership and access. - -## Analysis Tasks for the AD_NestedGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_NestedGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_NestedGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp) - -The default analysis tasks are: - -- Details – Creates the SA_AD_NestedGroups_Details table accessible under the job’s Results node -- Summarize by Domain – Creates the SA_AD_NestedGroups_DomainSummary table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_NestedGroups Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Nested Groups | This report identifies the groups with the largest amount of nested groups, and how many levels of nesting there are. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by nesting - Table – Provides details on nested groups - Table – Provides details on top groups by nesting | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-sensitive-security-groups.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-sensitive-security-groups.md deleted file mode 100644 index 71bef16cdf..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-sensitive-security-groups.md +++ /dev/null @@ -1,32 +0,0 @@ -# AD_SensitiveSecurityGroups Job - -The AD_SensitiveSecurityGroups Job identifies users who are granted administrative access within -Active Directory through membership to the Enterprise Admins, Domain Admins, Schema Admins, DNS -Admins, or Administrators groups. This level of access should be limited to only those individuals -who require this level of administrative privileges. - -## Analysis Tasks for the AD_SensitiveSecurityGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_SensitiveSecurityGroups** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_SensitiveSecurityGroups Job](/img/product_docs/accessanalyzer/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp) - -The default analysis tasks are: - -- Calculate Effective Membership – Creates the SA_AD_SensitiveSecurityGroups_Membership table - accessible under the job’s Results node -- User Listing – Creates the SA_AD_SensitiveSecurityGroups_UserList table accessible under the job’s - Results node -- Membership Summary – Creates the SA_AD_SensitiveSecurityGroups_Summary table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_SensitiveSecurityGroups -Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------- | ------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Security Group Membership | This report displays effective membership for sensitive security groups. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays largest groups - Table – Provides details on membership - Table – Provides summary of group membership | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-stale-groups.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-stale-groups.md deleted file mode 100644 index 6f4b9c031d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-stale-groups.md +++ /dev/null @@ -1,31 +0,0 @@ -# AD_StaleGroups Job - -The AD_StaleGroups Job identifies groups that contain potentially stale users. Users are considered -stale if they have never logged onto the domain, have not logged onto the domain in the past 60 -days, or are disabled. These group memberships should be reviewed and possibly removed. - -## Analysis Tasks for the AD_StaleGroups Job - -Navigate to the **Active Directory** > **1.Groups** > **AD_StaleGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_StaleGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) - -The default analysis tasks are: - -- Stale Group Details – Creates the SA_AD_StaleGroups_Details table accessible under the job’s - Results node -- Stale Groups Summary – Creates the SA_AD_StaleGroups_GroupSummary table accessible under the job’s - Results node -- Stale Groups Org Summary – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_StaleGroups Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Effective Membership (A.K.A. Stale Groups) | This report identifies groups with stale effective membership. A stale user is defined as someone who has not logged into the domain in over 60 days, is expired, or currently disabled. | None | This report is comprised of three elements: - Bar Chart – Displays group membership - Table – Provides details on membership - Table – Provides details on group membership | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/overview.md deleted file mode 100644 index 836f8622b8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/overview.md +++ /dev/null @@ -1,60 +0,0 @@ -# 1.Groups Job Group - -The 1.Groups Job Group identifies effective group membership and pinpoints potential areas of -administrative concern such as nested or stale groups. - -![1.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following jobs comprise the 1.Groups Job Group: - -- [AD_CircularNesting Job](/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-circular-nesting.md) – Identifies circularly nested groups within - Active Directory which can pose administrative and operational challenges with identifying - effective access to resources -- [AD_DCLogonGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-dc-logon-groups.md) – Identifies users who are able to log on to Domain - Controllers through effective membership to the Enterprise Admins, Domain Admins, Administrators, - Backup Operators, Account Operators, Print Operators, or Remote Desktop Users groups. This type of - access should be limited to only those individuals who require this level of administrative - privileges. -- [AD_DuplicateGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-duplicate-groups.md) – Identifies duplicate groups within Active - Directory. Duplicate groups contain the same group membership as one another and are suitable - candidates for cleanup. -- [AD_EmptyGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-empty-groups.md) – Identifies empty and single member groups which are - suitable candidates for consolidation or cleanup -- [AD_GroupProbableOwners Job](/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-group-probable-owners.md) – Determines potential owners for Active - Directory Groups which can be used to perform automated membership reviews and enable self-service - group management and membership requests -- [AD_LargestGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-largest-groups.md) – Identifies groups with large effective member - counts. These types of groups may cause administrative overhead and burden in being able to easily - understand who is getting access to resources, or how much access is being granted to resources - through these groups. - - - The definition of a large group is set by the **.Active Directory Inventory** > - **3-AD_Exceptions** Job. It can be customized. See the - [3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/3-ad-exceptions.md) topic for additional - information. - -- [AD_MailSecurityGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-mail-security-groups.md) – Identifies mail-enabled security groups - within Active Directory -- [AD_NestedGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-nested-groups.md) – Identifies nested groups within Active Directory and - provides details such as the levels of nesting. While Active Directory provides the ability to - nest certain types of groups within other groups, Microsoft recommends nesting does not go beyond - two levels in order to avoid difficulties in understanding effective membership and access. - - - The definition of a deeply nested group is set by the **.Active Directory Inventory** > - **3-AD_Exceptions** Job. It can be customized. See the - [3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/3-ad-exceptions.md) topic for additional - information. - -- [AD_SensitiveSecurityGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-sensitive-security-groups.md) – Identifies users who are granted - administrative access within Active Directory through membership to the Enterprise Admins, Domain - Admins, Schema Admins, DNS Admins, or Administrators groups. This level of access should be - limited to only those individuals who require this level of administrative privileges. -- [AD_StaleGroups Job](/docs/accessanalyzer/12.0/solutions/active-directory/groups/ad-stale-groups.md) – Identifies groups that contain potentially stale users. - Users are considered stale if they have never logged onto the domain, have not logged onto the - domain in the past 60 days, or are disabled. These group memberships should be reviewed and - possibly removed. - - - The definition of a stale user” is set by the **.Active Directory Inventory** > - **3-AD_Exceptions** Job. It can be customized. See the - [3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/3-ad-exceptions.md) topic for additional - information. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/groups/recommended.md b/docs/accessanalyzer/12.0/solutions/active-directory/groups/recommended.md deleted file mode 100644 index 921ad9df4b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/groups/recommended.md +++ /dev/null @@ -1,53 +0,0 @@ -# Recommended Configurations for the 1.Groups Job Group - -The Active Directory > **1.Groups** Job Group has been configured by default to run with the default -settings. It can be run directly or scheduled. - -Dependencies - -The **.Active Directory Inventory** Job Group needs to be successfully executed prior to running -this job group. - -Target Host - -This job group does not collect data. No target host is required. - -Connection Profile - -This job group does not collect data. No specific Connection Profile is required. - -Schedule Frequency - -The data analyzed by the **1.Groups** Job Group jobs is collected by the **.Active Directory -Inventory** Job Group. Therefore, it is recommended to schedule these jobs to run after the .Active -Directory Inventory job group collection has completed. These jobs can be scheduled to run as -desired. - -Run at the Job Group Level - -**_RECOMMENDED:_** Run the jobs in the **1.Groups** Job Group together and in order by running the -entire job group, instead of the individual jobs. - -Analysis Configuration - -The **1.Groups** Job Group should be run with the default analysis configurations. Most of the -analysis tasks are preconfigured for this job group. - -Some analysis tasks have customizable parameters: - -- The .Active Directory Inventory Solution defines large groups, deeply nested groups, and stale - users. These parameters can be customized. - - - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks - - **NOTE:** Changes to an exception’s definition will affect all jobs dependent upon that - exception as well as all Access Information Center Exceptions reports. - -Workflow - -**Step 1 –** Prerequisite: Run the **.Active Directory Inventory** Job Group. - -**Step 2 –** Schedule the **1.Groups** Job Group to run as desired after the prerequisite job has -completed. - -**Step 3 –** Review the reports generated by the 1.Groups Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/overview.md deleted file mode 100644 index 92c7de97ab..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/overview.md +++ /dev/null @@ -1,86 +0,0 @@ -# Active Directory Solution - -The Active Directory solution is a comprehensive set of audit jobs and reports that provide the -information administrators need for Active Directory configuration, operational management, -troubleshooting, analyzing effective permissions, and tracking who is making what changes within an -organization. - -Supported Platforms - -- Windows Server 2016 and later -- Windows 2003 Forest level or higher - -**NOTE:** See the Microsoft -[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) -article for additional information. - -Requirements, Permissions, and Ports - -See the [Active Directory Domain Target Requirements](/docs/accessanalyzer/12.0/configuration/active-directory/overview.md) -topic for additional information. - -Location - -The Active Directory Solution requires a special Access Analyzer license. It can be installed from -the Access Analyzer Instant Job Wizard. See the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for additional information. -Once installed into the Jobs tree, navigate to the solution: **Jobs** > **Active Directory**. - -![Active Directory Solution](/img/product_docs/accessanalyzer/solutions/activedirectory/solutionoverview.webp) - -Each job group works independently from the other job groups. Some job groups run analysis tasks -against the analyzed data collected by the .Active Directory Inventory Solution to generate reports, -for example the 1.Groups job group. Other job groups run both data collection and analysis to -generate reports. The AD_SecurityAssessment job summarizes security related results from both the -Active Directory solution and the Active Directory Permissions Analyzer solution. - -**NOTE:** The Cleanup job group requires additional licenses to function. See the -[Active Directory Job Groups](#active-directory-job-groups) topic for additional information. - -## Active Directory Job Groups - -The Active Directory solution is a comprehensive set of audit jobs and reports that provide the -information every administrator needs for Active Directory configuration, operational management, -troubleshooting, analyzing effective permissions, and tracking who is making what changes within an -organization. - -![Active Directory Job Group](/img/product_docs/accessanalyzer/solutions/activedirectory/adsolutionjobgroup.webp) - -The following job groups comprise the Active Directory solution: - -- [1.Groups Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/groups/overview.md) – Identifies effective group membership and pinpoints - potential areas of administrative concern such as nested or stale groups -- [2.Users Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/users/overview.md) – Identifies user conditions and pinpoint potential areas - of administrative concern such as weak passwords, user token size, or stale users -- [3.Computers Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/computers/overview.md) – Pinpoints potential areas of administrative - concern related to computer accounts, including stale computers and computers that have been - trusted for delegation -- [4.Group Policy Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/overview.md) – Audits GPOs and their settings, and provides - in depth analysis of conditions such as where GPOs have been linked, misconfigurations that can - cause security or operational issues, and redundant GPOs that can be consolidated -- [5.Domains Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/domains/overview.md) – Provides details on domains, sites, and trusts, and - highlight domain level configurations that may leave your environment at risk -- [6.Activity Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/activity/overview.md) – Provides insights into access sprawl, privileged - account usage, and operational health of the Active Directory environment. Information collected - includes Active Directory Changes, Authentication, LDAP Traffic, Replication Traffic, and - LSASS.EXE process injection on domain controllers - - - Requires the Active Directory Activity license feature to function - -- [7.Certificate Authority Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/certificate-authority/overview.md) – Collects settings, - permissions, and configurations for Certificate Authorities. It details access rights for the - Certificate Authority and reports on certificate requests, highlighting any that might expire - soon. -- [Cleanup Job Group](/docs/accessanalyzer/12.0/solutions/active-directory/cleanup/overview.md) – Identifies potential stale and unused users, computers, - and groups as well as issues with group membership. Remediation workflows are included to - de-provision unnecessary objects to help increase security and reduce complexity. - - - Requires the Active Directory Actions license feature to function - - Requires the Active Directory Actions Module to be installed - -- [AD Security Assessment Job](/docs/accessanalyzer/12.0/solutions/active-directory/ad-security-assessment.md) – Summarizes security related results from - the Active Directory solution and the Active Directory Permissions Analyzer solution - -Since each job group within the Active Directory solution is designed to run independently, refer to -the Recommended Configurations topic for each job group, for information on frequency and job group -settings. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-direct-membership.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-direct-membership.md deleted file mode 100644 index a8059bc74a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-direct-membership.md +++ /dev/null @@ -1,28 +0,0 @@ -# AD_DirectMembership Job - -The AD_DirectMembership Job identifies users who do not have any group membership. This condition -may indicate unnecessary user accounts that are suitable candidates for review and cleanup. - -## Analysis Tasks for the AD_DirectMembership Job - -Navigate to the **Active Directory** > **2.Users** > **AD_DirectMembership** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DirectMembership Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/directmembershipanalysis.webp) - -The default analysis tasks are: - -- User Details – Creates the SA_AD_DirectMembership_Details table accessible under the job’s Results - node -- Domain Summary – Creates the SA_AD_DirectMembership_DomainSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_DirectMembership Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| No Group Membership | This report identifies users with no group membership. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by users with no membership - Table – Provides details on all users with no group membership - Table – Provides details on top domains by users with no membership | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-duplicate-users.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-duplicate-users.md deleted file mode 100644 index 663bdb6231..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-duplicate-users.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_DuplicateUsers Job - -The AD_DuplicateUsers Job helps to identify multiple user accounts which may be owned by a single -employee. A user may have accounts in multiple domains or administrative accounts with greater -access than their normal account. - -## Analysis Tasks for the AD_DuplicateUsers Job - -Navigate to the **Active Directory** > **2.Users** > **AD_DuplicateUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DuplicateUsers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/duplicateusersanalysis.webp) - -The default analysis tasks are: - -- Potential Duplicates Details – Creates the SA_AD_DuplicateUsers_Details table accessible under the - job’s Results node -- User Details – Creates the SA_AD_DuplicateUsers_DomainSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_DuplicateUsers Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Duplicate User Accounts | This report identifies user accounts which may belong to a single employee, based on a variety of common attributes. | None | This report is comprised of three elements: - Bar Chart – Displays a domain summary - Table – Provides details on matches - Table – Provides details on duplicate user accounts by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-orphaned-users.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-orphaned-users.md deleted file mode 100644 index 923d940c5a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-orphaned-users.md +++ /dev/null @@ -1,27 +0,0 @@ -# AD_OrphanedUsers Job - -The AD_OrphanedUsers Job identifies users whose managers are stale or disabled. These user accounts -should be reviewed and appropriate management should be assigned. - -## Analysis Tasks for the AD_OrphanedUsers Job - -Navigate to the **Active Directory** > **2.Users** > **AD_OrphanedUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_OrphanedUsers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/orphanedusersanalysis.webp) - -The default analysis tasks are: - -- Details – Creates the SA_AD_OrphanedUsers_Details table accessible under the job’s Results node -- Domain Summary – Creates the SA_AD_OrphanedUsers_DomainSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_OrphanedUsers Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | --------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Orphaned Users | A user is considered orphans when their manager is disabled or stale. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by orphaned users - Table – Provides details on orphaned users - Provides details on top domains by orphaned users | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-password-status.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-password-status.md deleted file mode 100644 index 88c5089c62..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-password-status.md +++ /dev/null @@ -1,28 +0,0 @@ -# AD_PasswordStatus Job - -The AD_PasswordStatus Job highlights potential issues with user password settings that may exploited -or compromised if not addressed. - -## Analysis Tasks for the AD_PasswordStatus Job - -Navigate to the **Active Directory** > **2.Users** > **AD_PasswordStatus** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigure for this job. - -![Analysis Tasks for the AD_PasswordStatus Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/passwordstatusanalysis.webp) - -The default analysis tasks are: - -- Password Status Details – Creates the SA_AD_PasswordStatus_Details table accessible under the - job’s Results node -- Domain Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_PasswordStatus Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Password Status | This report identifies the password status of all users and highlights potential issues. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays password issues by domain - Table – Provides details on users - Provides details on password issues by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-service-accounts.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-service-accounts.md deleted file mode 100644 index 912f03eb12..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-service-accounts.md +++ /dev/null @@ -1,34 +0,0 @@ -# AD_ServiceAccounts Job - -The AD_ServiceAccounts Job offers information about service accounts and if they are vulnerable to -Kerberoasting. An account is deemed vulnerable to a Kerberoasting attack if the -msDS-SupportedEncryptionTypes value supports RC4 as the highest encryption type. - -_Remember,_ the 1-AD_Scan Job needs to be configured to collect these Custom Attributes: - -- servicePrincipalName – Provides service account information. See the Microsoft - [Service Principal Names]() - article for additional information. -- msDS-SupportedEncryptionTypes – Identifies service accounts vulnerable to Kerberoasting attacks - -## Analysis Task for the AD_ServiceAccounts Job - -Navigate to the **Active Directory** > **2.Users** > **AD_ServiceAccounts** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the AD_ServiceAccounts Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/serviceaccountsanalysis.webp) - -The default analysis tasks are: - -- Password Status Details – Creates the SA_AD_ServiceAccounts_Details table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis task, the AD_ServiceAccounts Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ---------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Service Accounts | This report provides details on service accounts in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays service accounts by domain - Table – Provides details on service accounts - Table – Provides details on service accounts by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-sid-history.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-sid-history.md deleted file mode 100644 index 4715dc7bb4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-sid-history.md +++ /dev/null @@ -1,30 +0,0 @@ -# AD_SIDHistory Job - -The AD_SIDHistory Job enumerates historical SIDs in the audited environment and highlights -exceptions involving the SIDHistory attribute on AD user objects. Specific conditions include when a -user has a historical SID from their current domain, or when a non-admin user has a historical SID -with administrative rights, both of which may be indicators of compromise. - -## Analysis Tasks for the AD_SIDHistory Job - -Navigate to the **Active Directory** > **2.Users** > **AD_SIDHistory** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_SIDHistory Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/sidhistoryanalysis.webp) - -The default analysis tasks are: - -- Determine SIDHistory details – Creates the SA_AD_SIDHistory_Details table accessible under the - job’s Results node -- Summarize SIDHistory details – Creates the SA_AD_SIDHistory_Summary table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_PasswordStatus Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SID History | This report lists historical SIDs in the audited environment. Additionally, it highlights exceptions involving the SIDHistory attribute on AD user objects. Considered in particular are when a user has a historical SID from their current domain, or when a non-admin user has a historical SID with administrative rights. | None | This report is comprised of three elements: - Bar Chart – Displays historical SIDs by domain - Table – Provides details on SID history - Table – Provides details on historical SIDs by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-stale-users.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-stale-users.md deleted file mode 100644 index 4d4fa67eb5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-stale-users.md +++ /dev/null @@ -1,35 +0,0 @@ -# AD_StaleUsers Job - -The AD_StaleUsers job identifies potentially stale users based on the amount of time since their -last login to the domain, or if the account has been disabled. These accounts should be reviewed and -cleaned up in order to increase security and reduce complexity. - -**NOTE:** The definition of a stale user is set by the .Active Directory Inventory solution. These -parameters, including the number of days since last login to be considered stale (by default 60 -days), can be customized within the **.Active Directory Inventory** > **3-AD_Exceptions** job's -**Stale Users** analysis task. See the -[3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/3-ad-exceptions.md) topic for additional -information. - -## Analysis Tasks for the AD_StaleUsers Job - -Navigate to the **Active Directory** > **2.Users** > **AD_StaleUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_StaleUsers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp) - -The default analysis tasks are: - -- User Details – Creates the SA_AD_StaleUsers_Details table accessible under the job’s Results node -- Summarize by Domain – Creates the SA_AD_StaleUsers_DomainSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_StaleUsers job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Users | This report identifies user accounts which have not logged into the domain for an extended amount of time or are currently disabled. A user account is considered stale if the last logon is over 60 days ago, is currently disabled, or expired. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays users by domain - Table – Provides details on users - Table – Provides details on users by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-attribute-completion.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-attribute-completion.md deleted file mode 100644 index 0960e3e717..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-attribute-completion.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_UserAttributeCompletion Job - -The AD_UserAttributeCompletion Job identifies which attributes are present within User fields in -Active Directory, and which ones are blank for a majority of objects. This may indicate accounts -within Active Directory which are lacking appropriate information. - -## Analysis Tasks for the AD_UserAttributeCompletion Job - -Navigate to the **Active Directory** > **2.Users** > **AD_UserAttributeCompletion** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_UserAttributeCompletion Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/userattributecompletionanalysis.webp) - -The default analysis tasks are: - -- Details – Creates an interim processing table in the database for use by downstream analysis and - report generation -- User Details – Creates an interim processing table in the database for use by downstream analysis - and report generation - -In addition to the tables and views created by the analysis tasks, the AD_UserAttributeCompletion -Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Attribute Completion | This report identifies which attributes are present within User fields in Active Directory, and which ones are blank for a majority of objects. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays completeness by attribute - Table – Provides details on users with blank attributes - Table –Provides details on completeness by attribute | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-delegation.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-delegation.md deleted file mode 100644 index 5c81f948c0..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-delegation.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_UserDelegation Job - -The AD_Delegation Job highlights user accounts which are trusted for delegation. Kerberos delegation -enables an application to access resources hosted on a different server, and opens up several -avenues to compromise based on the type of delegation enabled.  See the -[What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix -blog article for more information about this configuration and the related security risks. - -## Analysis Task for the AD_UserDelegation Job - -Navigate to the **Active Directory** > **2.Users** > **AD_UserDelegation** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AD_UserDelegation Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/userdelegationanalysis.webp) - -The default analysis tasks are: - -- Determine users for trusted delegation – Creates the SA_AD_UserDelegation_Details table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis task, the AD_UserDelegation Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Users Trusted for Delegation | This report highlights which users are trusted for delegation, which accounts are sensitive, and whether the delegation is constrained or unconstrained. | None | This report is comprised of three elements: - Bar Chart – Displays users trusted for delegation by domain - Table – Provides details on users trusted for delegation - Table – Provides details on users trusted for delegation by domain | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-token.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-token.md deleted file mode 100644 index 38c448fe7c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-token.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_UserToken Job - -The AD_UserToken Job identifies and reports the number of SIDS and estimated token size associated -with each user. Token bloat can lead to issues during login and can also cause applications that use -Kerberos authentication to fail. See the Microsoft -[Problems with Kerberos authentication when a user belongs to many groups](https://learn.microsoft.com/en-US/troubleshoot/windows-server/windows-security/kerberos-authentication-problems-if-user-belongs-to-groups) -article for more information about estimated token size. - -## Analysis Task for the AD_UserToken Job - -Navigate to the **Active Directory** > **2.Users** > **AD_UserToken** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AD_UserToken Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/usertokenanalysis.webp) - -The default analysis tasks are: - -- Calculate Token Size – Creates the SA_AD_UserTokens_Details table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis task, the AD_UserToken Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Token | A user's token size is directly related to the number of SIDs associated with their user account, taking into account historical SIDs and effective membership. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top users by estimated token size - Table – Provides details on user tokens | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-weak-passwords.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-weak-passwords.md deleted file mode 100644 index 643a138ead..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-weak-passwords.md +++ /dev/null @@ -1,109 +0,0 @@ -# AD_WeakPasswords Job - -The AD_WeakPasswords Job analyzes user account password hashes to determine how easily each could be -compromised or the likelihood their passwords are known through comparison with compromised password -dictionaries and other exceptions. Exceptions include: - -- AES Key Missing – Account is set up using older functional AD levels, so has no AES key. These - accounts use weaker encryption methods susceptible to brute force attacks. -- Clear Text Password – Account has passwords stored with reversible encryption. See the Microsoft - [Store passwords using reversible encryption]() - article for additional information. -- Default Computer Password – Computer has default computer passwords set -- Delegable Admins – Administrator account is allowed to be delegated to a service -- DES Encryption Only – Account is using Kerberos DES encryption. DES encryption is considered weak - as the 56-bit key is prone to brute force attacks. See the Microsoft - [AD DS: User accounts and trusts in this domain should not be configured for DES only]() - article for additional information. -- Empty Password – Account has an empty password -- Kerberos Pre-authentication is not required – Account does not require Kerberos - pre-authentication. Kerberos pre-authentication can mitigate against brute force attacks. See the - Microsoft - [Kerberos Pre-Authentication: Why It Should Not Be Disabled](https://learn.microsoft.com/en-us/archive/technet-wiki/23559.kerberos-pre-authentication-why-it-should-not-be-disabled) - article for additional information. -- LM Hash – Account has stored LM hashes. The LM hash is a relatively weak hash that is prone to - brute force attacks. See the Microsoft - [How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases](https://learn.microsoft.com/en-US/troubleshoot/windows-server/windows-security/prevent-windows-store-lm-hash-password) - article for additional information. -- Password Never Expires – Account has a password that never expires -- Password Not Required – Account does not require a password -- Weak Historical Password – Account has a historical password that was found in the dictionary -- Weak Password – Account has a password that was found in the dictionary -- Shares Common Password – Account shares a password with another account - -## Queries for the AD_WeakPasswords Job - -The AD_WeakPasswords Job uses the PasswordSecurity Data Collector. - -![Query for the AD_WeakPasswords Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/weakpasswordsquery.webp) - -The query for this job are: - -- Weak Passwords – Collects password hashes to identify weak passwords - - - See the - [PasswordSecurity Data Collector](/docs/accessanalyzer/12.0/data-collection/password-security/overview.md) - topic for additional information - -### Configure the Weak Passwords Query - -The PasswordSecurity Data Collector can be scoped if desired. Follow the steps to modify the query -configuration. - -**Step 1 –** Navigate to the job’s Configure node and select Queries. - -**Step 2 –** In the Query Selection view, select the **Weak Passwords** query and click**Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the Data Source tab, and click **Configure**. The Password Security Data -Collector Wizard opens. - -![Password Security Data Collection Wizard Scan options page](/img/product_docs/accessanalyzer/solutions/activedirectory/users/optionsweakpassword.webp) - -**CAUTION:** Read the warning prior to enabling the cleartext password feature. - -**Step 4 –** On the Options page, configure the scan options by enabling communication with the -Active Directory via SSL or returning cleartext password entries. - -![Password Security Data Collection Wizard Dictionary options page](/img/product_docs/accessanalyzer/solutions/activedirectory/users/dictionariesweakpassword.webp) - -**Step 5 –** On the Dictionaries page, configure the dictionary options by enabling the Netwrix weak -password dictionary or click **Add…** to upload a custom dictionary with NTLM hashes or plaintext -passwords to use during the scan. - -- See the - [PasswordSecurity: Dictionaries](/docs/accessanalyzer/12.0/data-collection/password-security/dictionaries.md) - topic for additional information - -**Step 6 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The Weak Passwords query is now configured. - -## Analysis Tasks for the AD_WeakPasswords Job - -Navigate to the **Active Directory** > **2.Users** > **AD_WeakPasswords** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_WeakPasswords Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/weakpasswordsanalysis.webp) - -The default analysis tasks are: - -- Count of Shared Passwords – Creates the SA_AD_WeakPasswords_Count table accessible under the job's - Results node -- Join Active Directory Stats – Creates the SA_AD_WeakPasswords_Details table accessible under the - job’s Results node -- Summarize Password Issues – Creates the SA_SA_AD_WeakPasswords_Summary table accessible under the - job's Results node -- Add to AD Exceptions – Creates the SA_AD_UserDelegation_Details table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_UserDelegation Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Weak Passwords Checks | This job identifies accounts in the organization with weak passwords that can be easily decrypted or brute forced. | None | This report is comprised of three elements: - Bar Chart – Displays password weaknesses - Table – Provides details on password weaknesses - Table – Provides details on exceptions and user counts | diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/overview.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/overview.md deleted file mode 100644 index 2dab0f78a0..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/overview.md +++ /dev/null @@ -1,42 +0,0 @@ -# 2.Users Job Group - -The 2.Users Job Group identifies user conditions and pinpoint potential areas of administrative -concern such as weak passwords, user token size, or stale users. - -![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The following components comprise the 2.Users Job Group: - -- [AD_DirectMembership Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-direct-membership.md) – Identifies users who do not have any group - membership. This condition may indicate unnecessary user accounts that are suitable candidates for - review and cleanup. -- [AD_DuplicateUsers Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-duplicate-users.md) – Identifies multiple user accounts which may be - owned by a single employee. A user may have accounts in multiple domains or administrative - accounts with greater access than their normal account. -- [AD_OrphanedUsers Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-orphaned-users.md) – Identifies users whose managers are stale or - disabled. These user accounts should be reviewed and appropriate management should be assigned. -- [AD_PasswordStatus Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-password-status.md) – Highlights potential issues with user password - settings that may exploited or compromised if not addressed -- [AD_ServiceAccounts Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-service-accounts.md) – Offers information about service accounts and if - they are vulnerable to Kerberoasting. An account is deemed vulnerable to a Kerberoasting attack if - the msDS-SupportedEncryptionTypes value supports RC4 as the highest encryption type. -- [AD_SIDHistory Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-sid-history.md) – Enumerates historical SIDs in the audited environment and - highlights exceptions involving the SIDHistory attribute on AD user objects. Specific conditions - include when a user has a historical SID from their current domain, or when a non-admin user has a - historical SID with administrative rights, both of which may be indicators of compromise. -- [AD_StaleUsers Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-stale-users.md) – Identifies potentially stale users based on the amount of - time since their last login to the domain, or if the account has been disabled. These accounts - should be reviewed and cleaned up in order to increase security and reduce complexity. -- [AD_UserAttributeCompletion Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-attribute-completion.md) – Identifies which attributes are - present within User fields in Active Directory, and which ones are blank for a majority of - objects. This may indicate accounts within Active Directory which are lacking appropriate - information. -- [AD_UserDelegation Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-delegation.md) – Highlights user accounts which are trusted for - delegation. Kerberos delegation enables an application to access resources hosted on a different - server, and opens up several avenues to compromise based on the type of delegation enabled. -- [AD_UserToken Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-user-token.md) – Identifies and reports the number of SIDS and estimated - token size associated with each user. Token bloat can lead to issues during login and can also - cause applications that use Kerberos authentication to fail. -- [AD_WeakPasswords Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-weak-passwords.md) – Analyzes user account password hashes to determine - how easily each could be compromised or the likelihood their passwords are known through - comparison with compromised password dictionaries and other exceptions diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/users/recommended.md b/docs/accessanalyzer/12.0/solutions/active-directory/users/recommended.md deleted file mode 100644 index 339ee3a9f7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/active-directory/users/recommended.md +++ /dev/null @@ -1,90 +0,0 @@ -# Recommended Configurations for the 2.Users Job Group - -The **Active Directory** > **2.Users** Job Group has been configured by default to run with the -out-of-the-box settings. It can be run directly or scheduled. - -Dependencies - -- The **.Active Directory Inventory** Job Group needs to be successfully executed prior to running - this job group - - - For the **AD_ServiceAccounts** Job, the **.Active Directory Inventory** > **1-AD_Scan** Job - needs to be configured to collect **servicePrincipalName** as a Custom Attribute - -- For the **AD_WeakPassword** Job: - - - Requires the DSInternals PowerShell Module, which is a third-party package. See the - [AD_WeakPasswords Job](/docs/accessanalyzer/12.0/solutions/active-directory/users/ad-weak-passwords.md) topic for additional information. - - The AD_WeakPasswords Job depends on a dictionary file. See the - [PasswordSecurity: Dictionaries](/docs/accessanalyzer/12.0/data-collection/password-security/dictionaries.md) - topic for additional information. - - **_RECOMMENDED:_** If this job is not to be used, disable the job to prevent execution when the - job group is executed. - -Targeted Host(s) - -Only the **AD_WeakPasswords** Job requires a host list. The host list assignment has been configured -under the **2. Users** > **AD_WeakPasswords** > **Configure** > **Hosts** node. It is set to target -the **ONE DOMAIN CONTROLLER PER DOMAIN** host list. This host list is a dynamic host list based on -the host inventory value in the **isDomainController** field in the Host Master Table. - -Connection Profile - -Only the **AD_WeakPasswords** Job requires a Connection Profile. It must be set directly on the -**AD_WeakPasswords** Job (through the Job Properties window) with Domain Administrator privileges. - -**NOTE:** The **AD_WeakPassword** Job can be executed with a least privilege credential. See the -[Active Directory Auditing Configuration](/docs/accessanalyzer/12.0/configuration/active-directory/access.md) topic for -additional information. - -Schedule Frequency - -The data analyzed by the **2.Users** Job Group jobs is collected by the **.Active Directory -Inventory** Job Group. Therefore, it is recommended to schedule these jobs to run after the -**.Active Directory Inventory** job group collection has completed. These jobs can be scheduled to -run as desired. - -Run at the Job Group Level - -Run the jobs in the **2.Users** Job Group together and in order by running the entire job group, -instead of the individual jobs. - -_Remember,_ if the **AD_WeakPassword** Job is not to be executed, it can be disabled. - -Analysis Configuration - -The **2.Users** Job Group should be run with the default analysis configurations. Most of the -analysis tasks are preconfigured for this Job Group. - -Some analysis tasks have customizable parameters: - -- The **.Active Directory Inventory** Solution defines stale users. These parameters can be - customized. - - - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks - - **NOTE:** Changes to an exception’s definition will affect all jobs dependent upon that - exception as well as all Access Information Center Exceptions reports. - -Workflow - -**Step 1 –** Prerequisite: Ensure the **.Active Directory Inventory** Job Group has been -successfully run. - -**Step 2 –** For AD_WeakPassword Job: Run a host discovery query to discover domain controllers. - -- The **AD_WeakPasswords** Job has been set to run against the following default dynamic host list: - - - ONE DOMAIN CONTROLLER PER DOMAIN - - **NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table that meet - the host inventory criteria for the list. Ensure the appropriate host lists have been populated - through host inventory results. - -**Step 3 –** Set a Connection Profile on the job that runs the data collection. - -**Step 4 –** Schedule the **2.Users** Job Group to run as desired after the prerequisite job has -completed. - -**Step 5 –** Review the reports generated by the **2.Users** Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_activitycollection.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_activitycollection.md new file mode 100644 index 0000000000..25ab531384 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_activitycollection.md @@ -0,0 +1,217 @@ +# 0.Collection > AD_ActivityCollection Job + +The AD_ActivityCollection Job located in the 0.Collection Job Group, imports data from the Netwrix +Activity Monitor logs into the Access Analyzer Database. Retention can be modified in the query (120 +days default). + +![AD_ActivityCollection Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/jobstree_1.webp) + +There are two ways AD Activity data can be retrieved by Access Analyzer: + +- Network share containing the archive logs +- API Server connected to the archive logs + +This is configured in the query. See the +[Queries for the AD_ActivityCollection Job](#queries-for-the-ad_activitycollection-job) topic for +additional information. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +![Configuration section on the AD_ActivityCollection job Overview page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/overviewconfiguration.webp) + +The AD_ActivityCollection page has the following configurable parameters: + +- Enable to import AD events into the AIC +- Enable to import authentication events into the AIC + + **NOTE:** The import of AD events and authentication events is disabled by default. You must + enable these parameters for the activity data to be imported into the Netwrix Access Information + Center. See the + [(Optional) Configure Import of AD Activity into Netwrix Access Information Center](/docs/accessanalyzer/12.0/config/activedirectory/activity.md#optional-configure-import-of-ad-activity-into-netwrix-access-information-center) + topic for instructions. + +- List of attributes to track for Object Modified changes +- Number of days to retain activity data in the AIC + +See the +[Customize Analysis Parameters for the AD_ActivityCollection Job](#customize-analysis-parameters-for-the-ad_activitycollection-job) +topic for additional information. + +## Queries for the AD_ActivityCollection Job + +The AD Activity Collection query uses the ADActivity Data Collector to target the Activity Monitor +archive logs for AD Activity. + +**NOTE:** The query can be configured to connect directly to the network share where the archive +logs are stored or the API Server. + +![Queries for the AD_ActivityCollection Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/queries.webp) + +The AD_ActivityCollection Job uses the ADActivity Data Collector for the following query: + +- AD Activity Collection – Targets Netwrix Activity Monitor archives to collect AD Activity + +### Configure the Query to Import from the Activity Monitor + +The AD_ActivityCollection Job requires configuration to collect data. Follow the steps to modify the +query configuration when Netwrix Activity Monitor is configured to host domain activity logs on an +API server. + +**NOTE:** Ensure the Activity Monitor API Server and the required Connection Profile are +successfully set up. See the +[Active Directory Activity Auditing Configuration](/docs/accessanalyzer/12.0/config/activedirectory/activity.md) +topic for additional information. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. + +**Step 2 –** Click **Query Properties**. The Query Properties window displays. + +**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard +opens. + +![Active Directory Activity DC wizard Category page](/img/product_docs/activitymonitor/config/activedirectory/categoryimportfromnam.webp) + +**Step 4 –** On the Category page, choose **Import from SAM** option and click **Next**. + +![Active Directory Activity DC wizard SAM connection settings page](/img/product_docs/activitymonitor/config/activedirectory/namconnection.webp) + +**Step 5 –** On the SAM connection page, the **Port** is set to the default 4494. This needs to +match the port configured for the Activity Monitor API Server agent. + +**Step 6 –** In the **Test SAM host** textbox, enter the Activity Monitor API Server name using +fully qualified domain format. For example, `NEWYORKSRV30.NWXTech.com`. Click **Connect**. + +**Step 7 –** If connection is successful, the archive location displays along with a Refresh token. +Copy the **Refresh token**. This will replace the Client Secret in the Connection Profile in the +last step. + +**Step 8 –** Click **Next**. + +![Active Directory Activity DC wizard Scoping and Retention page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) + +**Step 9 –** On the Scope page, set the Timespan as desired. There are two options: + +- Relative Timespan – Set the number of days of activity logs to collect when the scan is run +- Absolute Timespan – Set the date range for activity logs to collect when the scan is run + +**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity +Monitor domain output log retention expires. For example, if Access Analyzer runs the +**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be +configured to retain at least 10 days of log files. + +**Step 10 –** Set the Retention period as desired. This is the number of days Access Analyzer keeps +the collected data in the SQL Server database. + +**Step 11 –** Click **Next** and then **Finish** to save the changes and close the wizard. + +**Step 12 –** Click **OK** to save the changes and close the Query Properties page. + +**Step 13 –** Navigate to the global **Settings** > **Connection** node to update the User +Credential with the Refresh token: + +- Select the Connection Profile assigned to the **6.Activity** > **0.Collection** Job Group. +- Select the Web Services (JWT) User Credential and click **Edit**. +- Replace the Access Token with the Refresh token generated by the data collector in Step 7. +- Click **OK** to save and close the User Credentials window. +- Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +The query is now configured to target the Activity Monitor API Server to collect domain activity +logs. + +### Configure the Query to Import from a Share + +The AD_ActivityCollection Job requires configuration to collect data. Follow the steps to modify the +query configuration when Netwrix Activity Monitor is configured to store activity logs on a network +share. + +**NOTE:** Ensure the Activity Monitor domain output and the required Connection Profile are +successfully set up. See the +[File Archive Repository Option](/docs/accessanalyzer/12.0/config/activedirectory/filearchive.md) topic for +additional information. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. + +**Step 2 –** Click **Query Properties**. The Query Properties window displays. + +**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard +opens. + +![Active Directory Activity DC wizard Category page](/img/product_docs/activitymonitor/config/activedirectory/categoryimportfromshare.webp) + +**Step 4 –** On the Category page, choose **Import from Share** option and click **Next**. + +![Active Directory Activity DC wizard Share settings page](/img/product_docs/activitymonitor/config/activedirectory/share.webp) + +**Step 5 –** On the Share page, provide the UNC path to the AD Activity share archive location. If +there are multiple archives in the same network share, check the **Include Sub-Directories** box. +Click **Next**. + +![Active Directory Activity DC wizard Scoping and Retention page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) + +**Step 6 –** On the Scope page, set the Timespan as desired. There are two options: + +- Relative Timespan – Set the number of days of activity logs to collect when the scan is run +- Absolute Timespan – Set the date range for activity logs to collect when the scan is run + +**_RECOMMENDED:_** The threshold should be set to ensure the logs are collected before the Activity +Monitor domain output log retention expires. For example, if Access Analyzer runs the +**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be +configured to retain at least 10 days of log files. + +**Step 7 –** Set the Retention period as desired. This is the number of days Access Analyzer keeps +the collected data in the SQL Server database. + +**Step 8 –** Click **Next** and then **Finish** to save the changes and close the wizard. + +**Step 9 –** Click **OK** to save the changes and close the Query Properties page. + +The query is now configured to target the network share where the Activity Monitor domain activity +logs are archived. + +## Analysis Tasks for the AD_ActivityCollection Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Analysis** node. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ActivityCollection Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/analysis.webp) + +The following analysis tasks are selected by default: + +- UAC Formatting Function – Splits column on commas and assigns opposing values to attributes +- AIC Import - AD Activity Events – Imports AD events to the Access Information Center for domain + objects + + - The `@ADEvents` and `@AuthEvents` parameters must be enabled for AD events and authentication + events to be imported into the Access Information Center + - The list of attributes to track for Object Modified changes can be customized by the + `#modifiedAttributeList` parameter + +- AIC Import - Activity Retention – Deletes older activity data from the Access Information Center + + - By default, data is retained for 120 days. This is customizable by the `@Days` parameter. + +### Customize Analysis Parameters for the AD_ActivityCollection Job + +The customizable parameters for this job allow you to configure importing of AD activity data into +the Netwrix Access Information Center. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------------------- | --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- | +| AIC Import - AD Activity Events | #modifiedAttributeList | Default attributes: - givenName - sn - displayName - description - userPrincipalName - sAMAccountName - initials - title - department - company - manager - location - streetAddress - currentLocation - st - postalCode - c - otherTelephone - homePhone - ipPhone - mobile - facsimileTelephoneNumber - otherFacsimileTelephoneNumber - mail - wWWHomePage - employeeID - employeeType - employeeNumber - extensionAttribute1 - extensionAttribute2 - extensionAttribute3 - extensionAttribute4 - extensionAttribute5 - extensionAttribute6 - extensionAttribute7 - extensionAttribute8 - extensionAttribute9 - extensionAttribute10 - extensionAttribute11 - extensionAttribute12 - extensionAttribute13 - extensionAttribute14 - extensionAttribute15 | List of attributes to track for Object Modified changes | +| AIC Import - AD Activity Events | @ADEvents | False | Enable to import AD events into the AIC | +| AIC Import - AD Activity Events | @AuthEvents | False | Enable to import authentication events into the AIC | +| AIC Import - Activity Retention | @Days | 120 | Number of days to retain activity data in the AIC | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_ldapqueries.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_ldapqueries.md new file mode 100644 index 0000000000..f6769d8d51 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_ldapqueries.md @@ -0,0 +1,73 @@ +# LDAP > AD_LDAPQueries Job + +The **LDAP** > **AD_LDAPQueries** Job analyzes LDAP traffic to determine trends such as most +expensive queries, most active servers and users, successful/failed and signing status. This data +can be used to troubleshoot performance issues, load balancing, and poorly configured services. + +![AD_LDAPQueries Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapjobstree.webp) + +**_RECOMMENDED:_** Schedule this job to run with the 0.Collection job group. + +## Analysis Tasks for the AD_LDAPQueries Job + +Navigate to the **Active Directory** > **6.Activity** > **LDAP** > **AD_LDAPQueries** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Except for the **Largest Queries** task, do not modify or deselect the remaining +selected analysis tasks. The remaining analysis tasks are preconfigured for this job. + +![Analysis Tasks for the AD_LDAPQueries Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapqueriesanalysis.webp) + +The following non-configurable analysis tasks are selected by default: + +- SSL – Creates the SA_AD_LDAPQueries_SSLStatus table accessible under the job’s Results node +- Host Summary – Creates the SA_AD_LDAPQueries_HostSummary table accessible under the job’s Results + node +- User Summary – Creates the SA_AD_LDAPQueries_UserSummary table accessible under the job’s Results + node + +The following configurable analysis task can be optionally enabled: + +- Largest Queries – Creates the SA_AD_LDAPQueries_ExpensiveQueries table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the AD_LDAPQueries Job produces the follow +pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Largest LDAP Queries | Shows LDAP queries returning the most objects, and their source. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar – Displays top users by LDAP traffic - Table – Displays top users by LDAP traffic - Table – Displays Expensive LDAP Queries | +| LDAP Overview | Overview of hosts and users performing queries, and query security. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of four elements: - Pie – Displays SSL query events view results - Pie – Displays query security flags - Table – Displays users performing LDAP queries - Table – Displays originating hosts | + +### Configure the Largest Queries Analysis Task + +Customizable parameters enable you to set the values used to control the minimum objects returned +and the days of traffic to analyze during this job’s analysis. The parameters can be customized and +are listed in a section at the bottom of the SQL Script Editor. Follow the steps to customize an +analysis task’s parameters. + +**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **LDAP** > **AD_LDAPQueries** > +**Configure** node and select **Analysis**. + +![Largest Queries analysis task configuration](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp) + +**Step 2 –** In the Analysis Selection view, select the **Largest Queries** analysis task and click +**Analysis Configuration**. The SQL Script Editor opens. + +**CAUTION:** Do not change any parameters where the Value states `Created during execution`. + +![Largest Queries analysis task in the SQL Script Editor](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapsqlscripteditor.webp) + +**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. There are +two integer variables that can be modified. Double-click on the current **value** and change as +desired: + +- @objects_returned – Controls the minimum number of objects returned for the queries to be + considered large. This value is set to 100 by default. +- @timeframe – Controls the number of days to analyze traffic for. This value is set to 30 days by + default. + +**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor +window. + +The analysis task now includes custom parameters for the updated values. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_lockouts.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_lockouts.md new file mode 100644 index 0000000000..b94363d579 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_lockouts.md @@ -0,0 +1,33 @@ +# Lockouts > AD_Lockouts Job + +The **Lockouts** > **AD_Lockouts** Job provides a listing of all account lockouts. For any lockout +occurring in the past 30 days, failed authentications and host information is provided to aid +troubleshooting. + +![AD_Lockouts Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/lockoutsjobstree.webp) + +**_RECOMMENDED:_** Schedule this job to run with the 0.Collection job group. + +## Analysis Tasks for the AD_Lockouts Job + +Navigate to the **Active Directory** > **6.Activity** > **Lockouts** > **AD_Lockouts** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_Lockouts Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/lockoutsanalysis.webp) + +The default analysis tasks are: + +- Account Lockouts – Creates the SA_AD_AccountLockouts_Details view accessible under the job’s + Results node +- Failed Authentications – Creates the SA_AD_AccountLockouts_FailedAutnentications table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_Lockouts Job produces the follow +pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | +| Lockouts | This report tracks all lockouts for user accounts. For any lockout occurring in the past 30 days, failed authentications and host information are provided to aid troubleshooting. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Table – Displays account lockouts details - Table –  Displays failed authentications in the past 30 days | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_computermodifications.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_computermodifications.md new file mode 100644 index 0000000000..9452be30d1 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_computermodifications.md @@ -0,0 +1,27 @@ +# AD_ComputerModifications Job + +The AD_ComputerModifications Job provides a report of all changes to computer objects. + +## Analysis Tasks for the AD_ComputerModifications Job + +Navigate to the **Active Directory** > **6.Activity** > **Changes** > **AD_ComputerModifications** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ComputerModifications Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp) + +The following non-configurable analysis tasks are selected by default: + +- All Computer Object Changes – Creates the SA_AD_ComputerChanges_ComputerSummary table accessible + under the job’s Results node +- Summarize by Computer – Creates the SA_AD_ComputerChanges_ComputerSummary table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_ComputerModifications Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ---------------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Computer Account Changes | Track changes to computer objects. | CPAA GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays Changes by Type - Table – Displays Changes by Computer - Table – Displays Computer Change Details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_groupmodifications.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_groupmodifications.md new file mode 100644 index 0000000000..29b5e18915 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_groupmodifications.md @@ -0,0 +1,38 @@ +# AD_GroupModifications Job + +The AD_GroupModifications Job provides a report of all changes to group objects. A separate report +is provided to highlight group membership changes. The list of top perpetrators can be used to +identify out of band changes. + +## Analysis Tasks for the AD_GroupModifications Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Changes** > +**AD_GroupModifications** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupModifications Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp) + +The following non-configurable analysis tasks are selected by default: + +- Group Changes – Creates the SA_AD_GroupModifications_Details view accessible under the job’s + Results node +- Summarize by Group – Creates the SA_AD_GroupModifications_GroupSummary table accessible under the + job’s Results node +- Summarize by Perpetrator – Creates the SA_AD_GroupModifications_UserSummary table accessible under + the job’s Results node +- Membership Changes – Creates the SA_AD_GroupMembershipChanges_Details view accessible under the + job’s Results node +- Summarize by Group – Creates the SA_AD_GroupMembershipChanges_Summary table accessible under the + job’s Results node +- Top Groups by Changes – Creates the SA_AD_GroupMembershipChanges_Last30Days table accessible under + the job’s Results node. + +In addition to the tables created by the analysis tasks, the AD_GroupModifications Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ----------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Changes | Tracks changes to group attributes. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays changes by type - Table – Displays changes by group - Table – Displays changes by group change details | +| Group Membership Changes | Tracks changes to group membership. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Stacked Chart – Displays the most active groups in the past 30 days - Table – Displays group membership summary - Table – Displays group membership change details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_usermodifications.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_usermodifications.md new file mode 100644 index 0000000000..43d061bd45 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_usermodifications.md @@ -0,0 +1,27 @@ +# AD_UserModifications Job + +The AD_UserModifications Job provides a report of all changes to user objects. + +## Analysis Tasks for the AD_UserModifications Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Changes** > +**AD_UserModifications** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_UserModifications Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp) + +The following non-configurable analysis tasks are selected by default: + +- All User Account Changes – Creates the SA_AD_UserModifications_Details view accessible under the + job’s Results node +- Summary of Changes – Creates the SA_AD_userModifications_userSummary table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the AD_UserModifications Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------ | ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Account Changes | Track changes to user objects. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays changes by type - Table – Displays changes by user account - Table – Displays changes by user change details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/overview.md new file mode 100644 index 0000000000..34436c6e89 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/overview.md @@ -0,0 +1,17 @@ +# Changes Job Group + +The Changes Job Group provides an audit trail for changes made to Computer, Group and User objects +within the environment. + +![Changes Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/jobstree.webp) + +The following Jobs make up the Changes Job Group: + +**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. + +- [AD_ComputerModifications Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_computermodifications.md) – Reports on activity relating to + changes made on computer objects +- [AD_GroupModifications Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_groupmodifications.md) – Reports on activity relating to changes + made on a group objects and changes made to group membership +- [AD_UserModifications Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/ad_usermodifications.md) – Reports on activity relating to changes made + on user objects diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_accesschanges.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_accesschanges.md new file mode 100644 index 0000000000..4785764661 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_accesschanges.md @@ -0,0 +1,31 @@ +# AD_AccessChanges Job + +The AD_AccessChanges Job highlights the type and number of resources across the environment where +access has been affected. Groups which have historically been the cause of most access changes are +highlighted, to show potential issues in access sprawl and provisioning. + +## Analysis Tasks for the AD_AccessChanges Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Group Usage** > +**AD_AccessChanges** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_AccessChanges Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp) + +The following non-configurable analysis tasks are selected by default: + +- Find Access Changes – Creates the SA_AD_AccessChanges_Details table accessible under the job’s + Results node +- Group Summary – Creates the SA_AD_AccessChanges_GroupSummary table accessible under the job’s + Results node +- Access Type Summary – Creates the SA_AD_AccessChanges_TypeSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the AD_AccessChanges Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Access Changes | Highlights group membership additions that have created large changes in access within the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays largest changes last week - Table – Displays groups by modified access - Table – Displays all group membership changes | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_grouphosts.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_grouphosts.md new file mode 100644 index 0000000000..b3a19254e1 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_grouphosts.md @@ -0,0 +1,29 @@ +# AD_GroupHosts Job + +The AD_GroupHosts Job attempts to identify where groups may be used to provide access. + +## Analysis Tasks for the AD_GroupHosts Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **GroupUsage** > +**AD_GroupHosts** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupHosts Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp) + +The default analysis tasks are: + +- Group Authentication Details – Creates the SA_AD_GroupHosts_Details table accessible under the + job’s Results node +- Summarize Authentication Events by Group – Creates the SA_AD_GroupHosts_GroupSummary table + accessible under the job’s Results node +- Summarize Authentication Events by Host – Creates the SA_AD_GroupHosts_HostSummary table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_GroupHosts Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Host Usage | Understand what groups are utilizing what hosts in the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Table – Displays security groups by target hosts - Table – Displays hosts by associated groups - Table – Displays authentication details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_groupmemberactivity.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_groupmemberactivity.md new file mode 100644 index 0000000000..0cb14b7a64 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_groupmemberactivity.md @@ -0,0 +1,53 @@ +# AD_GroupMemberActivity Job + +The AD_GroupMemberActivity Job analyzes the AD actions taken by the effective members of a group. +Monitoring authentication can provide a more accurate method of determining staleness than last +logons. + +## Analysis Tasks for the AD_GroupMemberActivity Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Group Usage** > +**AD_GroupMemberActivity** > **Configure** node and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the AD_GroupMemberActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp) + +The default analysis task is: + +- Group Member Activity – Creates the SA_AD_GroupMemberActivity_GroupSummary table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_GroupMemberActivity Job produces the +follow pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ------------------------------------------------------------------------------------------ | ---------------------------------------------------------- | --------------------------------------------------------------------------------- | +| Group Member Activity | This report identifies actions taken by the members of each group within your environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table – Displays group member activity | + +### Configure the Group Member Activity Analysis Task + +Customizable parameters enable you to set the values used to include the SIDs for admin groups +during this job’s analysis. The parameters can be customized and are listed in a section at the +bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s parameters. + +**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **Group Usage** > +**AD_GroupMemberActivity** > **Configure** node and select **Analysis**. + +![Group Member Activity analysis task configuration](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp) + +**Step 2 –** In the Analysis Selection view, select the Group Member Activity analysis task and +click on **Analysis Configuration**. The SQL Script Editor opens. + +**CAUTION:** Do not change any parameters where the Value states `Created during execution`. + +![Group Member Activity Analysis Task in the SQL Script Editor](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp) + +**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. Select +the cell for the temporary table called #admingroups, and click **Edit Table** to modify the value. + +- The new value should include SIDs for admin groups to be considered administrative groups beyond + the default admin groups. + +**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor +window. + +The analysis task now includes custom parameters for the updated values. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/overview.md new file mode 100644 index 0000000000..dbd92b1220 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/overview.md @@ -0,0 +1,19 @@ +# Group Usage Job Group + +The Group Usage Job Group reports shows how group membership changes have affected access across the +entire environment, the actions taken by the members of a group, and identifies where groups may be +used for authorization in applications. + +![Group Usage Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/jobstree.webp) + +The following Jobs make up the Group Usage Job Group: + +**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. + +- [AD_AccessChanges Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_accesschanges.md) – Reports on activity relating to access changes for + Active Directory groups, highlighting membership changes that have created large access change + within the environment +- [AD_GroupHosts Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_grouphosts.md) – Reports on what hosts groups are being used on within the + environment +- [AD_GroupMemberActivity Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/ad_groupmemberactivity.md) – Reports on the activity that group + members are taking within the Active Directory environment diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_authenticationprotocol.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_authenticationprotocol.md new file mode 100644 index 0000000000..de9a51f347 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_authenticationprotocol.md @@ -0,0 +1,29 @@ +# AD_AuthenticationProtocol Job + +The AD_Authentication Job shows what protocols are being used to authenticate across the environment +and will help to identify what services and computers may be affected when disabling NTLM. + +## Analysis Tasks for the AD_AuthenticationProtocol Job + +Navigate to the **Active Directory** > **6.Activity** > **Operations** > +**AD_AuthenticationProtocol** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_AuthenticationProtocol Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp) + +The default analysis tasks are: + +- Summarize Protocol Usage – Creates the SA_AD_AuthenticationProtocol_Summary table accessible under + the job’s Results node +- Summarize Host Protocol Usage – Creates the SA_AD_AuthenticationProtocol_Hosts table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_AuthenticationProtocol Job produces +the follow pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | -------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | +| Authentication Protocols | Track the prevalence of NTLM versus Kerberos within the environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie – Displays authentication protocols - Table –  Displays authentication protocols summary | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_domaincontrollertraffic.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_domaincontrollertraffic.md new file mode 100644 index 0000000000..2765d47616 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_domaincontrollertraffic.md @@ -0,0 +1,29 @@ +# AD_DomainControllerTraffic Job + +The AD_DomainControllerTraffic Job provides a summary of the amount of traffic for Changes, +Authentication, Replication, and LDAP Queries for each domain controller which can be used to +identify issues with load balancing. If the AD_DCSummary job has been run, the roles for each domain +controller will be provided. + +## Analysis Tasks for the AD_DomainControllerTraffic Job + +Navigate to the **Active Directory** > **6.Activity** > **Operations** > +**AD_DomainControllerTraffic** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DomainControllerTraffic Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/dctrafficanalysis.webp) + +The default analysis task is: + +- Summarize Protocol Usage – Creates the SA_AD_DomainControllerTraffic_Details table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_DomainControllerTraffic Job produces +the follow pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | -------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------- | +| Domain Controller Traffic | Identifies the amount of active directory events that occur on each domain controller. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table –  Displays a Domain Controller summary | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_hardcodeddcs.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_hardcodeddcs.md new file mode 100644 index 0000000000..8fd65d87d9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_hardcodeddcs.md @@ -0,0 +1,26 @@ +# AD_HardcodedDCs Job + +The AD_HardcodedDCs Job highlights machines that have communicated with only one domain controller. + +## Analysis Tasks for the AD_HardcodedDCs Job + +Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_HardcodedDCs** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_HardcodedDCs Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp) + +The default analysis tasks are: + +- Hardcoded DCs – Creates the SA_AD_Hardcoded_DCs table accessible under the job’s Results node +- Summarizes Hardcoded DC Information – Creates the SA_AD_Hardcoded_Summary table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_Hardcoded DCs Job produces the +follow pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Hardcoded DCs | This report identifies hosts which may have hardcoded domain controller information in server or application settings. Each host identified in this report has only contacted one domain controller. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie –  Displays top domain controllers - Table – Displays hardcoded domain controller summary - Table – Displays host details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_loadbalancing.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_loadbalancing.md new file mode 100644 index 0000000000..6f75986ff3 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_loadbalancing.md @@ -0,0 +1,28 @@ +# AD_LoadBalancing Job + +The AD_LoadBalancing Job analyzes each domain controller's traffic to show what percent of all LDAP, +Replication, Authentication and Changes are being handled by that particular machine. This helps to +highlight domain controllers which are over utilized relative to others within the domain, or unused +domain controllers which may be decommissioned. + +## Analysis Task for the AD_LoadBalancing Job + +Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_LoadBalancing** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the AD_LoadBalancing Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp) + +The default analysis task is: + +- Domain Controller Traffic – Creates the SA_AD_LoadBalancing_DomainControllers table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_LoadBalancing Job produces the +follow pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain Controllers | This report identifies the distribution of change events and authentication events between domain controllers in the monitored environment. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays top DCs by authentication traffic - Bar Chart – Displays top DCs by change traffic - Table – Displays domain controller traffic details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_machineowners.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_machineowners.md new file mode 100644 index 0000000000..5d5ab2188e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_machineowners.md @@ -0,0 +1,27 @@ +# AD_MachineOwners Job + +The AD_MachineOwners Job helps to identify the owner of a particular host. + +## Analysis Tasks for the AD_MachineOwners Job + +Navigate to the **Active Directory** > **6.Activity** > **Operations** > **AD_MachineOwners** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_MachineOwners Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/machineownersanalysis.webp) + +The default analysis tasks are: + +- Identify Machine Owners – Creates the SA_AD_MachineOwners_Details table accessible under the job’s + Results node +- User Summary – Creates the SA_AD_MachineOwners_UserSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the AD_MachineOwners Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------- | ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | +| Machine Owners | Identify owners of machines based on authentication patterns. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays top users by machines owned - Table – Displays machine owners | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/overview.md new file mode 100644 index 0000000000..2860676251 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/overview.md @@ -0,0 +1,26 @@ +# Operations Job Group + +The Operations Job Group reports on Active Directory activity events related to operational +activity. This group can help report on probable machine owners based on authentications, domain +controller traffic and activity, and authentication protocols being used in the environment. + +![Operations Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/jobstree.webp) + +The following Jobs make up the Operations Job Group: + +**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. + +- [AD_AuthenticationProtocol Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_authenticationprotocol.md) – Shows what protocols are being + used to authenticate across the environment and will help to identify what services and computers + may be affected when disabling NTLM +- [AD_DomainControllerTraffic Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_domaincontrollertraffic.md) – Provides a summary of the amount + of traffic for Changes, Authentication, Replication, and LDAP Queries for each domain controller + which can be used to identify issues with load balancing. If the AD_DCSummary job has been run, + the roles for each DC will be provided. +- [AD_HardcodedDCs Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_hardcodeddcs.md) – Highlight machines that have communicated with only + one DC +- [AD_LoadBalancing Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_loadbalancing.md) – Analyzes each domain controller's traffic to show + what percent of all LDAP, Replication, Authentication and Changes are being handled by that + particular machine. This helps to highlight domain controllers which are over utilized relative to + others within the domain, or unused domain controllers which may be decommissioned. +- [AD_MachineOwners Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/ad_machineowners.md) – Helps to identify the owner of a particular host diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/overview.md new file mode 100644 index 0000000000..952fe8525c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/overview.md @@ -0,0 +1,36 @@ +# 6.Activity Job Group + +The 6.Activity Job Group provides insights into access sprawl, privileged account usage, and +operational health of the Active Directory environment. Information collected includes Active +Directory Changes, Authentication, LDAP Traffic, Replication Traffic, and LSASS.EXE process +injection on domain controllers. + +The jobs that comprise the 6.Activity Job Group collect data, process analysis tasks, and generate +reports. + +_Remember,_ this job group requires the Active Directory Activity license. + +![6.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/jobstree.webp) + +The 6.Activity Job Group is comprised of the following jobs: + +- [0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_activitycollection.md) – Imports data from the + Netwrix Activity Monitor logs into the Access Analyzer Database. Retention can be modified in the + query (120 days default). +- [Changes Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/overview.md) – Provides an audit trail for changes made to Computer, + Group and User objects within the environment +- [Group Usage Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/overview.md) – Shows how group membership changes have affected + access across the entire environment, the actions taken by the members of a group, and identifies + where groups may be used for authorization in applications +- [LDAP > AD_LDAPQueries Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_ldapqueries.md) – Analyzes LDAP traffic to determine trends such as + most expensive queries, most active servers and users, successful/failed and signing status. This + data can be used to troubleshoot performance issues, load balancing, and poorly configured + services. +- [Lockouts > AD_Lockouts Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_lockouts.md)– Provides a listing of all account lockouts with + relevant details which can be used to aid troubleshooting +- [Operations Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/overview.md) – Reports on Active Directory activity events + related to operational activity. This group can help report on probable machine owners based on + authentications, domain controller traffic and activity, and authentication protocols being used + in the environment. +- [Privileged Accounts Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/overview.md)– Highlights the activity performed + by this accounts, to identify potential abuses or unused accounts that can be deprovisioned diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/ad_adminaccounts.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/ad_adminaccounts.md new file mode 100644 index 0000000000..a8939caac7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/ad_adminaccounts.md @@ -0,0 +1,59 @@ +# AD_AdminAccounts Job + +The AD_AdminAccounts Job shows all actions taken by domain administrators within the environment. + +## Analysis Tasks for the AD_AdminAccounts Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Privileged Accounts** > +**AD_AdminAccounts** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_AdminAccounts Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp) + +The default analysis tasks are: + +- Summarizes Administrative Account Activity – Creates the SA_AD_AdminAccounts_ActivitySummary table + accessible under the job’s Results node +- Identifies Administrative Accounts Last Activity Event – Creates the + SA_AD_AdminAccounts_LastActivity table accessible under the job’s Results node +- Identifies Administrative Group List Activity Event – Creates the + SA_AD_AdminAccounts_LastActivityByGroup table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AD_AdminAccounts Job produces the +follow pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Admin Activity | Highlights administrative account activity events. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays least active administrators - Table – Displays administrative user activity details | +| Admin Authentications | Authenticating from many different clients increases the risk of Administrator credentials being compromised. | GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar Chart – Displays the top admin accounts by client usage - Table – Displays all client usage - Table – Displays administrator authentication | + +### Configure the Summarize Administrative Account Activity Analysis Task + +Customizable parameters enable you to set the values used to include the NT Account name for admin +groups during this job’s analysis. The parameters can be customized and are listed in a section at +the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s parameters. + +**Step 1 –** Navigate to the **Active Directory** > **6.Activity** > **Privileged Accounts** > +**AD_AdminAccounts** > **Configure** node and select **Analysis**. + +![Summarizes Administrative Account Activity analysis task configuration](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp) + +**Step 2 –** In the Analysis Selection view, select the **Summarizes Administrative Account +Activity** analysis task and click **Analysis Configuration**. The SQL Script Editor opens. + +**CAUTION:** Do not change any parameters where the Value states `Created during execution`. + +![Summarizes Administrative Account Activity analysis task in the SQL Script Editor](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp) + +**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. Select +the cell for the temporary table called #AdminGroups, and click **Edit Table** to modify the value. + +- The new value should include the NT Account names for the admin groups that are considered + administrative groups beyond the default admin groups. + +**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor +window. + +The analysis task now includes custom parameters for the updated values. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/ad_serviceaccountauth.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/ad_serviceaccountauth.md new file mode 100644 index 0000000000..60139055f1 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/ad_serviceaccountauth.md @@ -0,0 +1,25 @@ +# AD_ServiceAccountAuth Job + +The AD_ServiceAccountAuth Job shows the last time a service account, identified by the presence of a +servicePrincipalName, was active within the environment. + +## Analysis Task for the AD_ServiceAccountAuth Job + +Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **Operations** > +**AD_ServiceAccountAuth** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the AD_ServiceAccountAuth Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp) + +The following non-configurable analysis task is selected by default: + +- Creates the SA_AD_ServiceAccountAuth_Details table accessible under the job’s Results node. + +In addition to the tables created by the analysis tasks, the AD_ServiceAccountAuth Job produces the +follow pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | +| Service Accounts | Because many service accounts may not ever perform a logon, tracking authentication can be a better way to identify stale service accounts. | CCPA GDPR SOX HIPPA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart– Displays stale service accounts - Table – Displays account details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/overview.md new file mode 100644 index 0000000000..13fe52e614 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/overview.md @@ -0,0 +1,15 @@ +# Privileged Accounts Job Group + +The Privileged Accounts Job Group highlights the activity performed by this accounts, to identify +potential abuses or unused accounts which can be deprovisioned. + +![Privileged Accounts Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/jobstree.webp) + +The following Jobs make up the Privileged Accounts Job Group: + +**_RECOMMENDED:_** Schedule these jobs to run with the 0.Collection job group. + +- [AD_AdminAccounts Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/ad_adminaccounts.md) – Shows all actions taken by domain administrators + within the environment being compromised +- [AD_ServiceAccountAuth Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/ad_serviceaccountauth.md) – Shows the last time a service account, + identified by the presence of a servicePrincipalName, was active within the environment diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/activity/recommended.md b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/recommended.md new file mode 100644 index 0000000000..389fa7544b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/activity/recommended.md @@ -0,0 +1,69 @@ +# Recommended Configurations for the 6.Activity Job Group + +The **Active Directory** > **6.Activity** Job Group has been configured by default to run with the +out-of-the-box settings. It can be run directly or scheduled. + +Dependencies + +- Successfully execute the **.Active Directory Inventory** Job Group +- Netwrix Activity Monitor 4.1+ is archiving AD Activity Logs +- Successfully execute the **Active Directory** > **5.Domains Job Group** prior to running the + Operations Job Group +- (Optional) Successfully execute the **Active Directory Permissions Analyzer** > **0.Collection** + Job Group +- (Optional) Successfully execute the **FileSystem** > **0.Collection** Job Group + +Targeted Host(s) + +Netwrix Activity Monitor API Server or the host with the network share housing archived log files. + +Connection Profile + +Connection Profiles must be set directly on the +[0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_activitycollection.md) in order to connect to either +the SAM API Server or the host with the network share housing the archived log files. + +Access Token + +Required for SAM API Server integration for the +[0.Collection > AD_ActivityCollection Job](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/ad_activitycollection.md). + +Scheduling Frequency + +This group can be scheduled to run as desired. + +**_RECOMMENDED:_** Run from the 6.Activity Job Group level in order to correlate 0.Collection job +group data with other jobs. + +History Retention + +History is not supported. Turning on history will cause issues with data analysis and reporting. + +Multi-Console Support + +Multiple Access Analyzer Consoles are not supported. This group should be run from a single Access +Analyzer Console. + +Workflow + +**Step 1 –** Successfully run the **.Active Directory Inventory** Job Group. + +**Step 2 –** Setup integration between the Netwrix Activity Monitor and Access Analyzer by using +either an API Server or the network share where the archived log files are located. + +**Step 3 –** Ensure Activity Monitor logs are archived. + +**Step 4 –** Configure the Connection Profiles to connect successfully to the Netwrix Activity +Monitor API Server or the host with the network share housing the archived log files. + +**Step 5 –** Configure the **AD_ActivityCollection** Job Query. + +**Step 6 –** Run the jobs as desired. + +**Step 7 –** Run from the **6.Activity** Job Group level in order to correlate 0.Collection job +group data with other jobs. + +**Step 8 –** Review the reports generated by the jobs. + +See the [Active Directory Solution](/docs/accessanalyzer/12.0/requirements/solutions/activedirectory.md) topic for +additional information. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/ad_securityassessment.md b/docs/accessanalyzer/12.0/solutions/activedirectory/ad_securityassessment.md new file mode 100644 index 0000000000..a284f160b0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/ad_securityassessment.md @@ -0,0 +1,91 @@ +# AD Security Assessment Job + +The AD_SecurityAssessment Job performs checks against Active Directory security best practices in +order to proactively identify critical security configurations that leave Active Directory +vulnerable to attack. The result are reports that provide a listing of findings by severity and +category with corresponding details that can be used to prioritize and remediate security issues. + +![AD Security Assessment Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/securityassessmentjobstree.webp) + +## Recommended Configurations for the AD_SecurityAssessment Job + +Dependencies + +One or more of the following job groups or jobs must be run to produce results: + +- .Active Directory Inventory Job Group +- Active Directory Job Group + + - Active Directory > 1.Groups > AD_SensitiveSecurityGroups + - Active Directory > 2.Users > AD_PasswordStatus + - Active Directory > 2.Users > AD_ServiceAccounts + - Active Directory > 2.Users > AD_WeakPasswords + - Active Directory > 2.Users > AD_SIDHistory + - Active Directory > 2.Users > AD_UserDelegation + - Active Directory > 3.Computers > AD_ComputerDelegation + - Active Directory > 4.Group Policy > AD_CPassword + - Active Directory > 5.Domains > AD_DomainInfo + +- Active Directory Permissions Analyzer Job Group + + - Active Directory Permissions Analyzer > 1.Users > AD_ResetPasswordPermissions + - Active Directory Permissions Analyzer > 1.Users > AD_UserPermissions + - Active Directory Permissions Analyzer > 2.Groups > AD_GroupMembershipPermissions + - Active Directory Permissions Analyzer > 2.Groups > AD_GroupPermissions + - Active Directory Permissions Analyzer > 3.OUs > AD_OUPermissions + - Active Directory Permissions Analyzer > 4.Computers > AD_ComputerPermissions + - Active Directory Permissions Analyzer > 4.Computers > AD_LAPSPermissions + - Active Directory Permissions Analyzer > 7.Containers > AD_AdminSDHolder + - Active Directory Permissions Analyzer > 7.Containers > AD_ContainerPermissions + - Active Directory Permissions Analyzer > 8.Domains > AD_DomainReplication + - Active Directory Permissions Analyzer > 9.Sites > AD_DCShadowPermissions + +- Windows Job Group + + - Windows > Privileged Accounts > Service Accounts > SG_ServiceAccounts + +**NOTE:** If any of the above jobs are not completed, the AD_SecurityAssessment job will run but all +checks will not be assessed. + +Target Host + +This job group does not collect data. No target host is required. + +Connection Profile + +No specific Connection Profile is required. + +Schedule Frequency + +Scheduled to run as desired + +History Retention + +History is not supported. Turning on history will cause issues with data analysis and reporting. + +Multi-console Support + +Multiple StealthAUDIT consoles are not supported. This job should be run from a single StealthAUDIT +console. + +## Analysis Task for the AD_SecurityAssessment Job + +Navigate to the **Jobs** > Active Directory > AD_SecurityAssessment > Configure node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/securityassessmentanalysis.webp) + +The following non-configurable analysis task is selected by default: + +- Summarize Audit Findings – Creates the AD_SecurityAssessment_Results table accessible under the + job’s Results node. + +In addition to the tables created by the analysis task, the AD_SecurityAssessment job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| AD Security Assessment | This report identifies security risks within a targeted Active Directory environment based on results of previously run jobs. | GDPR SOX PCI HIPAA | This report is comprised of four elements: - Table – Provides Scope of Audit on domains - Pie Chart – Displays Findings by Severity - Table – Provides Findings by Category - Table – Provides Details on Risk | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_cacollection.md b/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_cacollection.md new file mode 100644 index 0000000000..71f779738c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_cacollection.md @@ -0,0 +1,48 @@ +# Collection > AD_CACollection Job + +The AD_CACollection job collects Certificate Authority details and settings for analysis against +potential vulnerabilities that exist in Active Directory Certificate Services configurations. This +job is located in the Collection job group. + +Target Host + +It is recommended to target the **ONE DOMAIN CONTROLLER PER DOMAIN** or **Default domain +controller** host list. + +## Queries for the AD_CACollection Job + +The AD_CACollection job uses the PowerShell data collector to collect details about Certificate +Authorities, templates, and requests. + +![Queries for the AD_CACollection Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/cacollectionqueries.webp) + +The queries for the job are: + +- CA Connection String – Gets the Certificate Authority (CA) string to use for connections +- Permissions – Returns Certificate Authority Access Control Lists (ACLs) +- Registry Settings – Returns setup of Certificate Authorities +- Enrollment Agents – Returns Enrollment Agent rights, availability, and details +- NTLM Endpoints – Discovers NTLM enabled endpoints for Certificate Authorities +- AllCertificates – Collects all certificate requests from the ADCS Database +- CertificateTemplates – Gets certificate templates +- CertificateTemplatesPublished – Collects information from the PkiEnrollmentServices + +## Analysis Tasks for the AD_CACollection Job + +Navigate to the **Active Directory** > **7.Certificate Authority** > **Collection** > +**AD_CACollection** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_CACollection Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/cacollectionanalysis.webp) + +The default analysis tasks are: + +- Split String – Splits strings on a given delimiter. This is used to break apart Certificate + Values. +- Subject Alternative Names – Breakdown of all Subject Alternative Names in key value pairs. Creates + the SA_AD_CertificateConfiguration_ALLSANs view accessible under the job’s Results node. +- Certificate OIDs – Certificate templates split out with OIDs +- Template Flags – Enumerates flags on certificate templates. Creates the + SA_AD_CertificateConfiguration_Flags view accessible under the job’s Results node. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_certificateaudit.md b/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_certificateaudit.md new file mode 100644 index 0000000000..34342a505b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_certificateaudit.md @@ -0,0 +1,27 @@ +# AD_CertificateAudit Job + +The AD_CertificateAudit job provides details on access rights to the Certificate Authority. + +## Analysis Tasks for the AD_CertificateAudit Job + +Navigate to the **Active Directory** > **7.Certificate Authority** > **AD_CertificateAudit** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_CertificateAudit Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/certificateauditanalysis.webp) + +The default analysis tasks are: + +- Certificate Authorities – Summarizes the Certificate Authority configuration. Creates the + SA_AD_CertificateAudit_Authorites view accessible under the job’s Results node. +- Certificate Authority Rights – Provides permissions on the Certificate Authority. Creates the + SA_AD_CertificateAudit_CARights table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the AD_CertificateAudit job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Certificate Authority Configuration | This report helps in identifying Certificate Authority configuration risks associated with permissions applied on the Active Directory object level as well as other unintended configurations set on the Certificate Authority level. Additionally, the rights on a Certificate Authority should be limited to those intended to administer or manage the Certificate Authority, so the ManageCA rights and ManageCertificate rights should be reviewed for potential misconfiguration. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays a summary of Certificate Authority permissions - Table – Provides details on Certificate Authorities - Table – Provides details on access rights | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_certificaterequests.md b/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_certificaterequests.md new file mode 100644 index 0000000000..13a230e8a0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_certificaterequests.md @@ -0,0 +1,49 @@ +# AD_CertificateRequests Job + +The AD_CertificateRequests job provides details about certificate requests, and highlights any that +are expiring soon. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The AD_CertificateRequests job has the following configurable parameter: + +- Number of days to consider a cert close to expiration (default 60) + +This parameter sets the definition of an expiring certificate, which is used by the Certificate +Expiration analysis task to identify any certificates expiring with this specified next number of +days. The default is 60 days. + +## Analysis Tasks for the AD_CertificateRequests Job + +Navigate to the **Active Directory** > **7.Certificate Authority** > **AD_CertificateRequests** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_CertificateRequests Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/certificaterequestsanalysis.webp) + +The default analysis tasks are: + +- Suspicious Principal Certs – Identifies certificates that show the requester requesting a + certificate for a different principal +- OID in Template – Analysis on certificate Extended Key Usage (EKU) Object Identifier (OID) being + in template OID +- Certificate Expiration – Identifies certificates that expire in the next number of days set by the + customizable parameter. The default number of days is 60. Creates the + SA_AD_CertificateRequests_ExpiringSoon table accessible under the job’s Results node. +- Authentication Based Certificates – Identifies certificates that contain Authentication based + OIDs. Creates the SA_AD_CertificateRequests_AuthenticationBasedCertiifcates view accessible under + the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the AD_CertificateRequests job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Expiring Certificate Requests | Certificate hygiene is another aspect of a Certificate Authority that should be monitored. This report shows you all certificate information on certificate requests, expired, and expiring certificates. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays expiring certificates by Certificate Authority - Table –Provides a summary of expired and expiring certificates - Table –Provides details on expiring certificates | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/overview.md new file mode 100644 index 0000000000..d294db666e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/overview.md @@ -0,0 +1,17 @@ +# 7.Certificate Authority Job Group + +The 7.Certificate Authority job group collects settings, permissions, and configurations for +Certificate Authorities. It details access rights for the Certificate Authority and reports on +certificate requests, highlighting any that might expire soon. + +![7.Certificate Authority job group in the Jobs tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/jobstree.webp) + +The following jobs comprise the job group: + +- [Collection > AD_CACollection Job](/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_cacollection.md) – Collects Certificate Authority details + and settings for analysis against potential vulnerabilities that exist in Active Directory + Certificate Services configurations +- [AD_CertificateAudit Job](/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_certificateaudit.md) – Provides details on access rights to the + Certificate Authority +- [AD_CertificateRequests Job](/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/ad_certificaterequests.md) – Provides details about certificate + requests, and highlights any that are expiring soon diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/ad_cleanupprogress.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/ad_cleanupprogress.md new file mode 100644 index 0000000000..6d9894493a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/ad_cleanupprogress.md @@ -0,0 +1,48 @@ +# AD_CleanupProgress Job + +The AD_CleanupProgress Job performs checks against Active Directory security best practices in order +to proactively identify critical security configurations that leave Active Directory vulnerable to +attack. The result is a report which provides a listing of findings by severity and category with +corresponding details that can be used to prioritize and remediate security issues. + +![AD_CleanupProgress Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp) + +Workflow + +**Step 1 –** Ensure the following prerequisites are met: + +- The .Active Directory Inventory Job Group needs to be successfully run prior to running this job +- The following jobs from the Active Directory Solution must be run prior to running this job: + + - **Active Directory** > **1.Groups** > **AD_DuplicateGroups** + - **Active Directory** > **2.Users** > **AD_DirectMembership** + - **Active Directory** > **3.Computers** > **AD_StaleComputers** + +**Step 2 –** Schedule the AD_Cleanup Progress Job to run every day after the prerequisites have been +satisfied. + +**Step 3 –** Review the reports generated by the AD_CleanupProgress Job. + +## Analysis Tasks for the AD_CleanupProgress Job + +Navigate to the **Active Directory** > **Cleanup** > **AD_CleanupProgress** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the AD_CleanupProgress Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp) + +The default analysis task is: + +- Generates daily summary of AD exceptions – Creates the AD_CleanupProgress_DailySummary table + accessible under the job’s Results node + +In addition to the table created by the analysis task, the AD_CleanupProgress Job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Computer Cleanup Summary | This report tracks Active Directory computer exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily computer exceptions trend - Table – Provides details on daily computer exceptions | +| Group Cleanup Summary | This report tracks Active Directory group exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily group exceptions trend - Table – Provides details on daily group exceptions | +| User Cleanup Summary | This report tracks Active Directory user exceptions over time. | None | This report is comprised of two elements: - Line Chart – Displays a daily user exceptions trend - Table – Provides details on daily user exceptions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers.md new file mode 100644 index 0000000000..8ec6d3a38c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers.md @@ -0,0 +1,86 @@ +# AD_DeprovisionComputers Job + +The AD_DeprovisionComputers Job provides a simple automated workflow deprovision stale computers. + +**Step 1 –** Move stale computers to a staging OU for deletion. + +**Step 2 –** The assigned manager is alerted by email of the impending deletion. + +**Step 3 –** Disables computer accounts. + +**Step 4 –** After a configurable amount of days in the staging OU, deletes computers from the +staging OU. The default is 365 days. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The AD_DeprovisionComputers page has the following configurable parameters: + +- Days in the Staging OU before Deleting Account + +See the +[Customizable Analysis Parameters for the AD_DeprovisionComputers Job](#customizable-analysis-parameters-for-the-ad_deprovisioncomputers-job) +topic for additional information. + +## Analysis Tasks for the AD_DeprovisionComputers Job + +Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > **AD_Deprovision +Computers** > **Configure** node and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the AD_DeprovisionComputers Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp) + +The default analysis tasks are: + +- Identify Stale Computers – Creates the AD_DeprovisionComputers_Details table accessible under the + job’s Results node +- Computer Accounts to Delete – Creates the AD_DeprovisionComputers_ToBeDeleted table accessible + under the job’s Results node + + - This analysis task contains a configurable parameter: `@days_before_deleting`. See the + [Customizable Analysis Parameters for the AD_DeprovisionComputers Job](#customizable-analysis-parameters-for-the-ad_deprovisioncomputers-job) + topic for additional information. + +### Customizable Analysis Parameters for the AD_DeprovisionComputers Job + +Customizable parameters enable you to set the values used to classify user and group objects during +this job’s analysis. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| --------------------------- | --------------------------- | ------------- | ---------------------------------------------- | +| Computer Accounts to Delete | @days_before_deleting | 365 | Days in the staging OU before deleting account | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. + +## Action Tasks for the AD_DeprovisionComputers Job + +Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > **AD_DeprovisionComputers** > +**Configure** node and select **Actions** to view the actions. + +**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +![Action Tasks for the AD_DeprovisionComputers Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp) + +The action tasks are: + +**CAUTION:** The action tasks must be executed together and in order. + +- Move Computers – Move computers to staging OU for deletion + + - The target staging OU must be set in the Move Computers Action Task prior to executing the + action tasks. See the [Configure the Target OU](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetou.md) topic for additional + information. + +- Notify Manager – Notify assigned manager by email of the impending deletion +- Disable Computers – Disable computer accounts +- Delete Computers – Delete computers from staging OU + +After the `@days_before_deleting` analysis parameter has been configured and the target OU has been +set in the Move Computers Action Task, select the checkboxes next to all of the action tasks and +click **Execute Action** to execute the action tasks. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers_status.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers_status.md new file mode 100644 index 0000000000..7e1d8eb0e9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers_status.md @@ -0,0 +1,27 @@ +# AD_DeprovisionComputers_Status Job + +The AD_DeprovisionComputers_Status Job tracks and reports on the progress of the computer +deprovisioning workflow. + +## Analysis Tasks for the AD_DeprovisionComputers_Status Job + +Navigate to the **Active Directory** > **Cleanup** > **3.Computers** > +**AD_DeprovisionComputers_Status** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for AD_DeprovisionComputers_Status Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp) + +The default analysis tasks are: + +- Track Deletion – Creates the AD_DeprovisionComputers_Log table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis task, the AD_DeprovisionComputers_Status +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Computer Deprovisioning | This report tracks actions taken each day of the Stale Computer Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on computer deprovisioning - Table – Provides action details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/overview.md new file mode 100644 index 0000000000..8303aeb258 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/overview.md @@ -0,0 +1,30 @@ +# 3.Computers Job Group + +The 3.Computers Job Group identifies stale computer accounts, providing a workflow to safely +deprovision identified accounts. + +![3.Computers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/computersjobtree.webp) + +The jobs in the 3.Computers Job Group are: + +- [AD_DeprovisionComputers Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers.md) – Provides a simple, automated workflow + to deprovision stale and unused user accounts +- [AD_DeprovisionComputers_Status Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/ad_deprovisioncomputers_status.md) – Tracks all actions taken + by the included deprovisioning workflow + +Workflow + +**Step 1 –** Ensure the following prerequisites are met: + +- The .Active Directory Inventory Job Group needs to be successfully run +- For the AD_DeprovisionComputers Job, the target OU needs to be manually set in the Move Computers + Action Task prior to executing the actions. See the + [Action Tasks for the AD_DeprovisionComputers Job](ad_deprovisioncomputers.md#action-tasks-for-the-ad_deprovisioncomputers-job) + topic for additional information. +- The AD_DeprovisionComputers Job needs to be run prior to running the + AD_DeprovisionComputers_Status Job + +**Step 2 –** Schedule the 3.Computers Job Group to run as desired after the prerequisites have been +satisfied. + +**Step 3 –** Review the reports generated by the 3.Computers Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetou.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetou.md new file mode 100644 index 0000000000..5b9d72d1ea --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetou.md @@ -0,0 +1,23 @@ +# Configure the Target OU + +Follow the steps to configure the target staging OU. + +**Step 1 –** Navigate to the **[Job]** > **Configure** > **Actions** node. + +![Action Properties button on Action Selection page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp) + +**Step 2 –** On the Action Selection page, select the desired action task and click **Action +Properties**. + +**Step 3 –** In the Action Properties window, select **Configure Action**. The Active Directory +Action Module Wizard opens. + +![Move Objects page of the Active Directory Action Module Wizard](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp) + +**Step 4 –** Navigate to the Move Objects page of the Active Directory Action Module Wizard. In the +OU field, enter or browse to the desired target OU. To create the target OU location, select the +**Create target OU location if it does not already exist** checkbox. + +**Step 5 –** Navigate to the Summary page and click **Finish**. + +The target OU is now set for the action task. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md new file mode 100644 index 0000000000..627c8314df --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md @@ -0,0 +1,91 @@ +# AD_DeprovisionGroups Job + +The AD_DeprovisionGroups Job provides an automated workflow to deprovision stale groups. This +workflow is completed by the action tasks. + +**Step 1 –** Move stale groups to a staging OU for deletion. + +**Step 2 –** The group is changed to a distribution list. + +**Step 3 –** The assigned manager is alerted by email of the impending deletion. + +**Step 4 –** The group is flagged as **To Be Deleted**. + +**Step 5 –** After a configurable amount of days in the staging OU, the group is deleted from the +staging OU. The default is 365 days. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic +for instructions on how to edit parameters on a job overview page. + +The AD_DeprovisionGroups page has the following configurable parameters: + +- Days in the Staging OU before deletion + +See the +[Customizable Analysis Parameters for the AD_DeprovisionGroups Job](#customizable-analysis-parameters-for-the-ad_deprovisiongroups-job) +topic for additional information. + +## Analysis Tasks for the AD_DeprovisionGroups Job + +Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > +**AD_Deprovision Groups** > **Configure** node and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the AD_DeprovisionGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp) + +The default analysis tasks are: + +- Identify Stale Groups – Creates the AD_DeprovisionGroups_Details table accessible under the job’s + Results node +- Groups to Delete – Identifies groups in the Stale Groups OU that are ready to be deleted + + - This analysis task contains a configurable parameter: `@days_before_deleting`. See the + [Customizable Analysis Parameters for the AD_DeprovisionGroups Job](#customizable-analysis-parameters-for-the-ad_deprovisiongroups-job) + topic for additional information. + +### Customizable Analysis Parameters for the AD_DeprovisionGroups Job + +Customizable parameters enable you to set the values used to classify user and group objects during +this job’s analysis. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ---------------- | --------------------------- | ------------- | -------------------------------------- | +| Groups to Delete | @days_before_deleting | 365 | Days in the staging OU before deletion | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. + +## Action Tasks for the AD_DepvisionGroups Job + +Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > +**AD_DeprovisonGroups** > **Configure** node and select **Actions** to view the action tasks. + +**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +![Action Tasks for the AD_DepvisionGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp) + +The action tasks are: + +**CAUTION:** The action tasks must be executed together and in order. + +- Move Groups – Move groups to staging OU + + - The target staging OU must be set in the Move Groups Action Task prior to executing the action + tasks. See the [Configure the Target OU](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetou.md) topic for additional + information. + +- Disable Groups – The group is changed to a distribution list +- Notify Manager – Notify assigned manager by email of the impending deletion +- Update Description – The group is changed to a distribution list to prevent its use for + authentication and flagged as **To Be Deleted** +- Delete Groups – After a configurable amount of days in the staging OU, the group is deleted. The + default is 365 days. + +After the `@days_before_deleting` analysis parameter has been configured and the target OU has been +set in the Move Groups Action Task, select the checkboxes next to all of the action tasks and click +**Execute Action** to execute the action tasks. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups_status.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups_status.md new file mode 100644 index 0000000000..a3c19979e2 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups_status.md @@ -0,0 +1,26 @@ +# AD_DeprovisionGroups_Status Job + +The AD_DeprovisionGroups_Status Job tracks all actions taken by the Deprovisioning workflow. + +## Analysis Task for the AD_DeprovisionGroups_Status Job + +Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **1. Deprovision Groups** > +**AD_Deprovision Groups_Status** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis tasks is +preconfigured for this job. + +![Analysis Task for the AD_DeprovisionGroups_Status Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp) + +The default analysis task is: + +- Track Actions – Creates the AD_DeprovisionGroups_Log and AD_DeprovisionGroups_Notes tables + accessible under the job’s Results node + +In addition to the table created by the analysis task, the AD_DeprovisionGroups_Status Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Deprovisioning | This report tracks actions taken each day of the Stale Group Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on cleanup progress - Table – Provides action details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/overview.md new file mode 100644 index 0000000000..d3f12a4c08 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/overview.md @@ -0,0 +1,13 @@ +# 1.Deprovision Job Group + +The 1. Deprovision Groups Job Group provides a simple, automated workflow to deprovision stale +groups. The action tasks in this job group provide an automated workflow. + +![1.Deprovision Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp) + +The jobs in the 1. Deprovision Groups Job Group are: + +- [AD_DeprovisionGroups Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md) – This job provides an automated workflow to + deprovision stale groups +- [AD_DeprovisionGroups_Status Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups_status.md) – This job tracks and reports on + the progress of all actions taken by the included Deprovisioning workflow diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/overview.md new file mode 100644 index 0000000000..4b848bea32 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/overview.md @@ -0,0 +1,42 @@ +# 1.Groups Job Group + +The 1.Groups Job Group provides a workflow to safely deprovision groups, as well as the ability to +stamp security groups with what resources they are given access to. + +![1.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/groupsjobtree.webp) + +The jobs in the 1.Groups Job Group are: + +- [1.Deprovision Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/overview.md) – This job group provides a simple, automated + workflow to deprovision stale groups + + - [AD_DeprovisionGroups Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups.md) – This job provides a simple + automated workflow to deprovision stale groups + - [AD_DeprovisionGroups_Status Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/ad_deprovisiongroups_status.md) – This job + tracks and reports on the progress of the deprovisioning workflow + +- [2.Group Stamping Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/overview.md) – This job group updates the Notes attribute + for all security groups to show where the group is provisioned inside the environment. + + - [AD_GroupCleanup_Permissions Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/ad_groupcleanup_permissions.md) – This job reports + on where security groups are being used to assign permissions. This can be used to prioritize + remediation for groups that are rarely used. + - [AD_GroupStamping Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/ad_groupstamping.md) – This job replaces the Notes attribute + for all security groups to show where the group is provisioned inside the environment. This + overwrites the Notes field with data from Access Analyzer. + +Workflow + +**Step 1 –** Ensure the following prerequisites are met: + +- The .Active Directory Inventory Job Group needs to be successfully run +- For the AD_DeprovisionGroups Job, the target OU needs to be manually set in the Move Groups Action + Task prior to executing the actions. See the + [Action Tasks for the AD_DepvisionGroups Job](deprovision/ad_deprovisiongroups.md#action-tasks-for-the-ad_depvisiongroups-job) + topic for additional information. +- The AD_DeprovisionGroups Job needs to be run prior to running the AD_DeprovisionGroups_Status Job + +**Step 2 –** Schedule the 1.Groups Job Group to run as desired after the prerequisites have been +satisfied. + +**Step 3 –** Review the reports generated by the 1.Groups Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/ad_groupcleanup_permissions.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/ad_groupcleanup_permissions.md new file mode 100644 index 0000000000..f81816c603 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/ad_groupcleanup_permissions.md @@ -0,0 +1,44 @@ +# AD_GroupCleanup_Permissions Job + +The AD_GroupCleanup_Permissions Job reports on where security groups are being used to assign +permissions. This can be used to prioritize remediation for groups that are rarely used. + +## Analysis Tasks for the AD_GroupCleanup_Permissions Job + +Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **2. Group Stamping** > +**AD_GroupCleanup_Permissions** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupCleanup_Permissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp) + +The default analysis tasks are: + +- Summarize Group Type/Scope – Creates the SA_AD_GroupCleanup_GroupTypes table accessible under the + job’s Results node +- Direct Permission Details – Creates the SA_AD_GroupCleanup_PermissionsImport table accessible + under the job’s Results node +- Expanded Perms Details – Creates the SA_GroupCleanup_ExpandedPermissions table accessible under + the job’s Results node +- Expanded Perms Summary – Creates the SA_GroupCleanup_ExpandedPermissionsSummary table accessible + under the job’s Results node +- Access Counts by Group – Creates the SA_GroupCleanup_GroupAccessSprawl table accessible under the + job’s Results node +- Permission and Access Counts by Group Scope – Creates the SA_AD_GroupCleanup_PermissionsByScope + table accessible under the job’s Results node +- Permission and Access Counts by Toxic Condition – Creates the + SA_AD_GroupCleanup_PermissionsByCondition table accessible under the job’s Results node +- Permission and Access Counts by Scan Type – Creates the SA_AD_GroupCleanup_ScanOverview table + accessible under the job’s Results node +- Group Summary – Creates the SA_GroupCleanup_GroupSummary table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis tasks, the AD_GroupCleanup_Permissions +Job produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Direct Permission Details | This report shows all direct permissions found by DAG for FileSystem, DAG for SharePoint, or imported into the Access Information Center from other sources. | None | This report is comprised of one element: - Table – Provides group direct permission details | +| Group Permission Summary | This report identifies what types of resources each security group is being used to apply permissions. | None | This report is comprised of four elements: - Table – Provides details on permission scans - Table – Provides details on group access - Table – Provides details on toxic conditions - Table – Provides a group overview | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/ad_groupstamping.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/ad_groupstamping.md new file mode 100644 index 0000000000..62a05c1c0c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/ad_groupstamping.md @@ -0,0 +1,40 @@ +# AD_GroupStamping Job + +The AD_GroupStamping Job updates the Notes attribute for all security groups to show where the group +is provisioned inside the environment. This overwrites the notes field with data from Access +Analyzer. + +## Analysis Tasks for the AD_GroupStamping Job + +Navigate to the **Active Directory** > **Cleanup** > **1.Groups** > **2. Group Stamping +AD_GroupStamping** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupStamping Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp) + +The default analysis tasks are: + +- Identify Stale Groups – Creates the AD_DeprovisionGroups_Details table accessible under the job’s + Results node +- Groups to Delete – Identifies groups in the Stale Groups OU ready to be deleted + +In addition to the tables and views created by the analysis tasks, the AD_GroupStamping Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Stamping | This report tracks all actions taken with the included group stamping workflow. | None | This report is comprised of three elements: - Line Chart – Displays daily actions - Table – Provides details on daily actions - Table – Provides action details | + +## Action Tasks for the AD_GroupStamping Job + +View the action tasks by navigating to the **Active Directory** > **Cleanup** > **1.Groups** > **2. +Group Stamping AD_GroupStamping** > **Configure** node and select **Actions**. + +![Action Tasks for the AD_GroupStamping Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp) + +- Stamp Groups – Update Notes field with Permissions + +Select the checkbox next to The Stamp Groups Action Task and click **Execute Action** to execute the +action task. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/overview.md new file mode 100644 index 0000000000..39bca6c614 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/overview.md @@ -0,0 +1,13 @@ +# 2.Group Stamping Job Group + +The 2. Group Stamping Job Group updates the Notes attribute for all security groups to show where +the group is provisioned inside the environment. + +![2.Group Stamping Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp) + +The jobs in the 2. Group Stamping Job Group are: + +- [AD_GroupCleanup_Permissions Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/ad_groupcleanup_permissions.md) – Reports on where security + groups are being used to assign permissions +- [AD_GroupStamping Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/ad_groupstamping.md) – Updates the Note attribute for all security groups + to show where the group is provisioned inside of the environment diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/overview.md new file mode 100644 index 0000000000..d136d85b97 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/overview.md @@ -0,0 +1,27 @@ +# Cleanup Job Group + +The **Active Directory** > **Cleanup** Job Group identifies potential stale and unused users, +computers, and groups as well as issues with group membership. Remediation workflows are included to +deprovision unnecessary objects. + +**CAUTION:** Apply changes only to intended target Active Directory objects, and ensure only the +changes required are enabled. Enabling and executing action modules without consideration can +negatively impact Active Directory. + +**_RECOMMENDED:_** Run the actions in a test environment before making changes to a production +environment. + +![Cleanup Job Group Overview page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/overviewpage.webp) + +The job groups in the Cleanup Job Group are: + +- [1.Groups Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/overview.md) – Provides an automated workflow to safely deprovision + groups, as well as the ability to stamp security groups with what resources they are given access + to +- [2.Users Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/overview.md) – Provides an automated workflow to deprovision stale and + unused user accounts +- [3.Computers Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/overview.md) – Provides an automated workflow to deprovision + stale computer accounts +- [AD_CleanupProgress Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/ad_cleanupprogress.md) – Tracks Active Directory computer, group, and + user exceptions over time. This information can be used to provide a high-level picture of an + organization's Active Directory cleanup effort. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/recommended.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/recommended.md new file mode 100644 index 0000000000..5e64e77aa6 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/recommended.md @@ -0,0 +1,38 @@ +# Recommended Configurations for AD Cleanup Job Group + +The recommended configurations for the Cleanup Job Group are: + +Dependencies + +The Cleanup job group has the following prerequisites: + +- The Active Directory Actions license feature is required +- The Active Directory Actions Module must be installed +- The .Active Directory Inventory Job Group needs to be successfully run prior to running this job + group +- The following job groups from the Activity Directory job group need to be successfully run prior + to running this job group: + + - 1.Groups + - 2.Users + - 3.Computers + +Individual jobs and job groups within the Cleanup Job Group may have their own prerequisites and +dependencies. See the relevant job or job group topic for additional information. + +Target Hosts + +None + +Schedule Frequency + +Most of the jobs in this job group can be scheduled to run as desired. The AD_Cleanup Progress Job +should be scheduled to run every day. + +History Retention + +Not supported + +Multi-console Support + +Not supported diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/ad_deprovisionusers.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/ad_deprovisionusers.md new file mode 100644 index 0000000000..edb97fd9ca --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/ad_deprovisionusers.md @@ -0,0 +1,92 @@ +# AD_DeprovisionUsers Job + +The AD_DeprovisionUsers Job provides an automated workflow deprovision stale and unused user +accounts. + +**Step 1 –** Move stale users to a staging OU for deletion. + +**Step 2 –** The assigned manager is alerted by email of the impending deletion. + +**Step 3 –** User accounts are disabled. + +**Step 4 –** Users are flagged as **To Be Deleted**. + +**Step 5 –** Delete users from the staging OU. + +**Step 6 –** Remove stale users from all groups. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The AD_DeprovisionUsers page has the following configurable parameters: + +- Days in the Stale Users OU before being deleted + +See the +[Customizable Analysis Parameters for the AD_DeprovisionUsers Job](#customizable-analysis-parameters-for-the-ad_deprovisionusers-job) +topic for additional information. + +## Analysis Tasks for the AD_DeprovisionUsers Job + +Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers** > +**Configure** node and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the AD_DeprovisionUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp) + +The default analysis tasks are: + +- Identify Users to be Deleted – Imports data from stale users +- User Accounts to Delete – Identifies accounts in the Stale Accounts OU that are ready to be + deleted + + - This analysis task contains a configurable parameter: `@days_before_deleting`. See the + [Customizable Analysis Parameters for the AD_DeprovisionUsers Job](#customizable-analysis-parameters-for-the-ad_deprovisionusers-job) + topic for additional information. + +- Identify Group Membership – Identifies stale user membership to remove + +### Customizable Analysis Parameters for the AD_DeprovisionUsers Job + +Customizable parameters enable you to set the values used to classify user and group objects during +this job’s analysis. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ----------------------- | --------------------------- | ------------- | ----------------------------------------------- | +| User Accounts to Delete | @days_before_deleting | 365 | Days in the Stale Users OU before being deleted | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. + +## Action Tasks for the AD_DeprovisionUsers Job + +Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers** > +**Configure** node and select **Actions** to view the actions. + +**CAUTION:** Do not enable the actions unless it is required. Disable the actions after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +![Action Tasks for the AD_DeprovisionUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp) + +The action tasks are: + +**CAUTION:** The action tasks must be executed together and in order. + +- Move Users – Move users to staging OU for deletion + + - The target OU must be set in the Move Users Action Task prior to executing the action tasks. + See the [Configure the Target OU](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetou.md) topic for additional information. + +- Notify Manager – Notify assigned manager by email of the impending deletion +- Disable Users – Disable user accounts +- Update Description – Flag users as **To Be Deleted** +- Delete Users – Delete users from staging OU +- Remove Membership – Remove stale users from all groups + +After the `@days_before_deleting` analysis parameter has been configured and the target OU has been +set in the Move Users Action Task, select the checkboxes next to all of the action tasks and click +**Execute Action** to execute the action tasks. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/ad_deprovisionusers_status.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/ad_deprovisionusers_status.md new file mode 100644 index 0000000000..9e4bdb878c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/ad_deprovisionusers_status.md @@ -0,0 +1,25 @@ +# AD_DeprovisionUsers_Status Job + +The AD_DeprovisionUsers_Status Job tracks all actions taken by the included deprovisioning workflow. + +## Analysis Tasks for the AD_DeprovisionUsers_Status Job + +Navigate to the **Active Directory** > **Cleanup** > **2.Users** > **AD_DeprovisionUsers_Status** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the AD_DeprovisionUsers_Status Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp) + +The default analysis task is: + +- Track History – Tracks all actions taken. Creates the SA_AD_DeprovisionUsers_Log accessible under + the job’s Results node. + +In addition to the tables and views created by the analysis task, the AD_DeprovisionUsers_Status Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| User Deprovisioning | This report tracks actions taken each day of the Stale User Deprovisioning campaign. | None | This report is comprised of three elements: - Line Chart – Displays cleanup progress - Table – Provides details on user deprovisioning - Table – Provides action details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/overview.md new file mode 100644 index 0000000000..fafb674e31 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/overview.md @@ -0,0 +1,28 @@ +# 2.Users Job Group + +The 2.Users Job Group provides a workflow to deprovision stale and unused user accounts. + +![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/usersjobtree.webp) + +The jobs in the 2.Users Job Group are: + +- [AD_DeprovisionUsers Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/ad_deprovisionusers.md) – Provides a simple and automated workflow to + deprovisions stale and unused user accounts +- [AD_DeprovisionUsers_Status Job](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/ad_deprovisionusers_status.md) – Tracks and reports all actions + taken by the included Deprovisioning workflow + +Workflow + +**Step 1 –** Ensure the following prerequisites are met: + +- The .Active Directory Inventory Job Group needs to be successfully run +- For the AD_DeprovisionUsers Job, the target OU needs to be manually set in the Move Users Action + Task prior to executing the actions. See the + [Action Tasks for the AD_DeprovisionUsers Job](ad_deprovisionusers.md#action-tasks-for-the-ad_deprovisionusers-job) + topic for additional information. +- The AD_DeprovisionUsers Job needs to be run prior to running the AD_DeprovisionUsers_Status Job + +**Step 2 –** Schedule the 2.Users Job Group to run as desired after the prerequisites have been +satisfied. + +**Step 3 –** Review the reports generated by the 2.Users Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/computers/ad_computerdelegation.md b/docs/accessanalyzer/12.0/solutions/activedirectory/computers/ad_computerdelegation.md new file mode 100644 index 0000000000..376ba2d300 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/computers/ad_computerdelegation.md @@ -0,0 +1,31 @@ +# AD_ComputerDelegation Job + +The AD_ComputerDelegation Job provides details on computer accounts that have been enabled for +unconstrained delegation. Once this configuration is enabled for a computer, any time an account +connects to the computer for any reason, their ticket-granting ticket (TGT) is stored in memory so +it can be used later by the computer for impersonation, which exposes a significant security risk in +cases where privileged accounts access the computer.  See the +[What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix +blog article for more information about this configuration and the related security risks. + +## Analysis Task for the AD_ComputerDelegation Job + +Navigate to the **Active Directory** > **3.Computers** > **AD_ComputerDelegation** > Configure node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the analysis task. The analysis task is preconfigured for +this job. + +![Analysis Task for the AD_ComputerDelegation Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/computers/computerdelegationanalysis.webp) + +The default analysis tasks are: + +- Determine computers trusted for delegation – Creates the SA_AD_ComputerDelegation_Details table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the AD_ComputerDelegation Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Computers Trusted for Delegation | This report highlights which computers are trusted for delegation, which accounts are sensitive, and whether the delegation is constrained or unconstrained. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays computers trusted for delegation by domain - Table – Provides details on computers trusted for delegation - Table – Provides details on computers trusted for delegation by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/computers/ad_stalecomputers.md b/docs/accessanalyzer/12.0/solutions/activedirectory/computers/ad_stalecomputers.md new file mode 100644 index 0000000000..c3630fd346 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/computers/ad_stalecomputers.md @@ -0,0 +1,61 @@ +# AD_StaleComputers Job + +The AD_StaleComputers Job provides details on stale computers that may be candidates for cleanup. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The AD_StaleComputers Job has the following configurable parameters: + +- Days since Last Logon +- Consider disabled accounts as stale + +See the +[Customizable Analysis Parameters for the AD_StaleComputers Job](#customizable-analysis-parameters-for-the-ad_stalecomputers-job) +topic for additional information. + +## Analysis Tasks for the AD_StaleComputers Job + +Navigate to the **Active Directory** > **3.Computers** > **AD_StaleComputers** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the **2. Summarize by Domain** analysis task. This analysis +task is preconfigured for this job. + +![Analysis Tasks for the AD_StaleComputers Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/computers/stalecomputersanalysis.webp) + +The default analysis tasks are: + +- 1. Identify Stale Computers + + - Identifies computer objects that are disabled or have exceeded the defined threshold of + inactivity + - Creates the SA_AD_StaleComputers_Details table accessible under the job’s Results node + - Definition of a stale computer can be customized + +- 2. Summarize by Domain – Creates the SA_AD_StaleComputers_DomainSummay table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_StaleComputers Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Stale Computers | This report presents potentially stale computers. Computers are considered stale if they have never logged onto the domain, have not logged onto the domain in the past 90 days, or are disabled. **NOTE:** The definition of a stale computer is customizable. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays stale computers by domain - Table – Provides details on computers - Table – Provides summary of stale computers | + +### Customizable Analysis Parameters for the AD_StaleComputers Job + +Analysis parameters that can be customized have the following default values: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| --------------------------- | --------------------------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| 1. Identify Stale Computers | @days_since_last_logon | 90 | A computer object that has been inactive for 90 days or more | +| 1. Identify Stale Computers | @consider_disable | 1 | A computer object that has been disabled: - Value 1 = Disabled computers are included as stale - Value 0 = Disabled computers are not included as stale | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/computers/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/computers/overview.md new file mode 100644 index 0000000000..eedb77f6bf --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/computers/overview.md @@ -0,0 +1,18 @@ +# 3.Computers Job Group + +The 3.Computers Job Group help to pinpoint potential areas of administrative concern related to +computer accounts, including stale computers and computers that have been trusted for delegation. + +![3.Computers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/computers/jobstree.webp) + +The following jobs comprise the 3.Computers Job Group: + +- [AD_ComputerDelegation Job](/docs/accessanalyzer/12.0/solutions/activedirectory/computers/ad_computerdelegation.md) – Provides details on computer accounts that + have been trusted for delegation. Once this configuration is enabled for a computer, any time an + account connects to the computer for any reason, their ticket-granting ticket (TGT) is stored in + memory so it can be used later by the computer for impersonation, which exposes a significant + security risk in cases where privileged accounts access the computer.  See the + [What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix + blog article for more information about this configuration and the related security risks. +- [AD_StaleComputers Job](/docs/accessanalyzer/12.0/solutions/activedirectory/computers/ad_stalecomputers.md) – Provides details on stale computers that may be + candidates for cleanup diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/computers/recommended.md b/docs/accessanalyzer/12.0/solutions/activedirectory/computers/recommended.md new file mode 100644 index 0000000000..f59a662a21 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/computers/recommended.md @@ -0,0 +1,47 @@ +# Recommended Configurations for the 3.Computers Job Group + +The **Active Directory** > **3.Computers** Job Group has been configured by default to run with the +default settings. It can be run directly or scheduled. + +Dependencies + +The **.Active Directory Inventory** Job Group needs to be successfully executed prior to running +this job group. + +Target Host + +This job group does not collect data. No target host is required. + +Connection Profile + +This job group does not collect data. No specific Connection Profile is required. + +Schedule Frequency + +The data analyzed by the 3.Computers Job Group jobs is collected by the .Active Directory Inventory +Job Group. Therefore, it is recommended to schedule these jobs to run after the .Active Directory +Inventory job group collection has completed. These jobs can be scheduled to run as desired. + +Run at the Job Group Level + +**_RECOMMENDED:_** Run the jobs in the 3.Computers Job Group together and in order by running the +entire job group, instead of the individual jobs. + +Analysis Configuration + +The 3.Computers Job Group should be run with the default analysis configurations. Most of the +analysis tasks are preconfigured for this Job Group. + +Some analysis tasks have customizable parameters: + +- The **Active Directory** > **3.Computers** > **AD_StaleComputers** Job defines stale users. The + parameters can be customized. + +Workflow + +**Step 1 –** Prerequisite: Successful execution of the .Active Directory Inventory Job Group. + +**Step 2 –** Schedule the 3.Computers Job Group to run as desired after the prerequisite job has +completed. + +**Step 3 –** Review the reports generated by the 3.Computers Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_dcsummary.md b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_dcsummary.md new file mode 100644 index 0000000000..198e3cc412 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_dcsummary.md @@ -0,0 +1,29 @@ +# AD_DCSummary Job + +The AD_DCSummary Job provides operational reporting related to the details collected for each domain +controller. For each domain controller, the report identifies the FSMO role, whether it is a +bridgehead server, whether it is a global catalog, and the time server it syncs to. + +## Analysis Task for the AD_DCSummary Job + +Navigate to the **Active Directory > 5.Domains > AD_DCSummary > Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/dcsummaryanalysis.webp) + +The default analysis tasks are: + +- 1. List DCs + - Creates the AD_DCSummary_List table accessible under the job’s Results node + - Creates an interim processing table in the database for use by downstream analysis and report + generation + +In addition to the tables and views created by the analysis task, the AD_DCSummary Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain Controllers Overview | This report identifies domain controllers' roles and attributes within each domain. | None | This report is comprised of two elements: - Bar Chart – Displays domain controllers by domain - Table – Provides details on domain controllers by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_domaininfo.md b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_domaininfo.md new file mode 100644 index 0000000000..c5e60a6fc7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_domaininfo.md @@ -0,0 +1,55 @@ +# AD_DomainInfo Job + +The AD_DomainInfo Job provides operational reporting related to the collected domains, sites, and +trusts, providing details such as high level object counts by domain or site, domain and forest +functional levels, and types and directions of trusts. + +## Queries for the AD_DomainInfo Job + +The AD_DomainInfo Job uses the ActiveDirectory Data Collector and the LDAP Data Collector for the +following queries: + +**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/domaininfoquery.webp) + +The queries for this job are: + +- Trusts – Targets one domain controller per forest to retrieve domain trust information +- Sites – Targets one domain controller per forest to retrieve domain site information +- Domains – Targets one domain controller per forest to retrieve domain information +- Trust Filtering – Queries the host specified to retrieve domain trust information +- dSHeuristics – Returns dSHeuristics Unicode string using LDAP + +**NOTE:** See the Active Directory Data Collector and LDAP Data Collector sections for additional +information + +## Analysis Tasks for the AD_DomainInfo Job + +Navigate to the **Active Directory > 5.Domains > AD_DomainInfo > Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/domaininfoanalysis.webp) + +The default analysis tasks are: + +- Domain Summary – Creates interim processing tables in the database for use by downstream analysis + and report generation +- Site Summary – Creates an interim processing table in the database for use by downstream analysis + and report generation +- Trust Details – Creates an interim processing table in the database for use by downstream analysis + and report generation +- dSHeuristics Details – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_DomainInfo Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------- | ----------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | +| Domains | This report lists the forest sites and presents the total number of domain controllers, GC Servers, and users per site. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays domains - Table – Provides details on domains | +| Sites | This report lists the sites and counts the domain controllers, global catalogue servers, and users of each. | None | This report is comprised of two elements: - Bar Chart – Displays sites by user count - Table – Provides details on sites by user count | +| Trusts | This report lists the domains and presents the trust information, including type, direction, and transitivity. | None | This report is comprised of one elements: - Table – Provides details on domains and trusts | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_dsrmsettings.md b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_dsrmsettings.md new file mode 100644 index 0000000000..1ea228c33f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_dsrmsettings.md @@ -0,0 +1,31 @@ +# AD_DSRMSettings Job + +The AD_DRSMSettings Job provides details on domain controller registry settings for the +DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account can be used to log +in to the domain controller even if it has not been started in DSRM which can present a potential +security vulnerability. Additional information on this registry key is available in this +[Microsoft Document](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732714(v=ws.10)?redirectedfrom=MSDN). + +## Analysis Tasks for the AD_DSRMSettings Job + +Navigate to the **Active Directory > 5.Domains > AD_DSRMSettings > Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![dsrmsettingsanalysis](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/dsrmsettingsanalysis.webp) + +The default analysis tasks are: + +- Change tracking – Creates the SA_AD_DSRMSettings_ChangeTracking table accessible under the job’s + Results node +- Details – Creates the SA_AD_DSRMSettings_Details table accessible under the job’s Results node +- Summary – Creates the SA_AD_DSRMSettings_Summary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_DSRMSettings Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | +| DSRM Admin Security | This report highlights domain controller registry settings for the DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin account can be used to log in to the domain controller even if it has not been started in DSRM. This is a potential vulnerability. See the Microsoft [Restartable AD DS Step-by-Step Guide](https://technet.microsoft.com/en-us/library/cc732714(v=ws.10).aspx) for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays DSRM admin logon  by domain controller - Table – Provides details on domain controllers | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_kerberoastingrisk.md b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_kerberoastingrisk.md new file mode 100644 index 0000000000..4cd46e029f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_kerberoastingrisk.md @@ -0,0 +1,60 @@ +# AD_KerberoastingRisk Job + +The AD_KerberoastingRisk job identifies accounts vulnerable to kerberoasting. Kerberoasting is a +threat where attackers target service accounts in Active Directory to steal their passwords. + +In a kerberoasting attack, attackers request service tickets (TGS) for service accounts from the Key +Distribution Center (KDC). These tickets are encrypted with the service account's password hash. +Attackers attempt to crack these hashes offline to reveal the passwords for the service accounts. + +Encryption types vulnerable to kerberoasting include RC4 and DES. AES-128 can also be considered +weak, depending on the implementation and threat model. + +See the Netwrix +[Kerberoasting Attack](https://www.netwrix.com/cracking_kerberos_tgs_tickets_using_kerberoasting.html) +article for additional information on kerberoasting. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The AD_KerberoastingRisk job has the following configurable parameters: + +- Consider AES 128 as weak encryption (DES and RC4 always considered weak) – Enable to include + AES-128 as a weak encryption type +- Consider "Password Never Expires" as an easily crackable password – Enable to include accounts + having the Password Never Expires policy as a password exception +- Report on disabled user accounts – Enable to include disabled user accounts in the analysis + +All of these parameters are disabled by default. + +## Analysis Tasks for the AD_KerberoastingRisk Job + +Navigate to the **Active Directory** > **5.Domains** > **AD_KerberoastingRisk** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_KerberoastingRisk Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/kerberoastingriskanalysis.webp) + +The default analysis tasks are: + +- Kerberoasting Details – Provides details on accounts vulnerabilities to Kerberoasting + + - This task uses three customizable parameters. These allow you to optionally consider AES-128 + as a weak encryption type, consider Password Never Expires as being easily crackable, and + include disabled user accounts. See the + [Parameter Configuration](#parameter-configuration) topic for additional information. + +- Kerberoasting Summary – Summarizes accounts by domain with counts for multiple vulnerabilities + +In addition to the tables and views created by the analysis tasks, the AD_KerberoastingRisk job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Kerberoasting Risk | An account is vulnerable to kerberoasting if it has an SPN assigned and one of the following is true: - RC4 or DES (or AES-128 if enabled) - Weak password exception - Trusted for delegation - Is an administrator | None | This report is comprised of three elements: - Stacked Bar Chart – Displays vulnerable accounts - Table – Provides a summary of accounts vulnerable to kerberoasting - Table – Provides details on the accounts vulnerabilities to kerberoasting | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_domaincontrollers.md b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_domaincontrollers.md new file mode 100644 index 0000000000..3e20cf5fe3 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_domaincontrollers.md @@ -0,0 +1,62 @@ +# AD_DomainControllers Job + +The 0.Collection > AD_DomainControllers Job collects domain controller details which will be further +analyzed in order to provide information on domains, sites, and trusts. + +## Queries for the AD_DomainControllers Job + +The AD_DomainControllers Job uses the LDAP Data Collector and the ActiveDirectory Data Collector for +the following queries: + +**CAUTION:** Except the first query, do not modify the remaining queries. The remaining queries are +preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/domaincontrollersquery.webp) + +The queries for this job are: + +- Domain Controller Listing – Targets one domain controller per domain known to Access Analyzer to + collect a listing of all domain controllers + - Can be modified to connect securely with TLS/SSL. + - See the [Connect Securely with TLS/SSL](#connect-securely-with-tlsssl) topic for additional + information. +- Actual Bridgehead Servers – Targets one domain controller per domain known to Access Analyzer to + collect all of the bridgehead servers for each site +- Global Catalog Servers – Targets one domain controller per domain known to Access Analyzer to + extract a list of GCs for each site +- Significant DCs – Targets one domain controller per domain known to Access Analyzer to gather + information about the significant DCs +- Preferred Bridgehead Servers – Targets one domain controller per domain known to Access Analyzer + to list the preferred bridgehead servers for each site + + **NOTE:** See the Active Directory Data Collector and LDAP Data Collector sections for + additional information. + +### Connect Securely with TLS/SSL + +The Domain Controller Listing Query in the AD_DomainControllers Job is configured to use the LDAP +Data Collector. This query can be optionally configured to connect securely with TLS/SSL. + +**CAUTION:** Do not modify any other settings in this query. + +**Step 1 –** Navigate to the job’s > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the _Domain Controller Listing_ Query and click +**Query Properties**. The Query Properties window displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The LDAP template form wizard +opens. + +![LDAP template form](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ldaptemplate.webp) + +**Step 4 –** Click **Options**. + +![Connection Options](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp) + +**Step 5 –** On the Options page, select **Connect Securely with TLS/SSL**. Optionally, select +**Ignore Certificate Errors** to connect even if certificate errors occur. Use **Server Port** 686 +for a secure connection. Click **OK** to close the Options page. + +**Step 6 –** Step 13 – Then click **OK** to close the LDAP template form wizard. + +The job now connects securely with TLS/SSL. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_dsrm.md b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_dsrm.md new file mode 100644 index 0000000000..6e00c96eb7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_dsrm.md @@ -0,0 +1,21 @@ +# AD_DSRM Job + +The **0.Collection > AD_DSRM** Job collects data related to domain controller registry settings for +the DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account can be used to +log in to the domain controller even if it has not been started in DSRM which can present a +potential security vulnerability. Additional information on this registry key is available in this +[Microsoft Document](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732714(v=ws.10)?redirectedfrom=MSDN). + +## Query for the AD_DSRM Job + +The AD_TimeSync Job uses the Registry Data Collector for the following query: + +**CAUTION:** Do not modify this query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/dsrmquery.webp) + +The queries for this job are: + +- Check LSA registry keys – Targets all domain controllers check LSA registry keys + - See the [Registry Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/registry.md) topic for + additional information. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_timesync.md b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_timesync.md new file mode 100644 index 0000000000..49e76c1d6d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_timesync.md @@ -0,0 +1,19 @@ +# AD_TimeSync Job + +The 0.**Collection > AD_TimeSync** Job collects TimeSync information from the registry for each +domain controller within the domain. + +## Query for the AD_TimeSync Job + +The AD_TimeSync Job uses the Registry Data Collector for the following query: + +**CAUTION:** Do not modify this query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/timesyncquery.webp) + +The queries for this job are: + +- Timesync Info – Targets one domain controller per domain known to Access Analyzer to determine + TimeSync information from the registry + - See the [Registry Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/registry.md) topic for + additional information. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/overview.md new file mode 100644 index 0000000000..f59fdd6d33 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/overview.md @@ -0,0 +1,18 @@ +# 0.Collection Job Group + +The **5.Domains > 0.Collection** Job Group collects the data which will be further analyzed in order +to provide details on domains, sites, and trusts. + +![0.Collection Job Group](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/collectionjobstree.webp) + +The 0.Collection Job Group is comprised of: + +- [AD_DomainControllers Job](/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_domaincontrollers.md) – Collects domain controller details which + will be further analyzed in order to provide information on domains, sites, and trusts. +- [AD_DSRM Job](/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_dsrm.md) – Collects data related to domain controller registry settings for the + DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account can be used to + log in to the domain controller even if it has not been started in DSRM which can present a + potential security vulnerability. Additional information on this registry key is available in this + [Microsoft Document](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732714(v=ws.10)?redirectedfrom=MSDN). +- [AD_TimeSync Job](/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ad_timesync.md) – Collects TimeSync information from the registry for each + domain controller within the domain diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/domains/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/overview.md new file mode 100644 index 0000000000..4980f109e0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/overview.md @@ -0,0 +1,25 @@ +# 5.Domains Job Group + +The 5.Domains job group provides details on domains, sites, and trusts, and highlights domain level +configurations that may leave your environment at risk. + +![Domains Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/jobstree.webp) + +The following components comprises the 5.Domains job group: + +- [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/overview.md) – Collects the data which will be further + analyzed in order to provide details on domains, sites, and trusts +- [AD_DCSummary Job](/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_dcsummary.md) – Provides operational reporting related to the details + collected for each domain controller. For each domain controller, the report identifies the FSMO + role, whether it is a bridgehead server, whether it is a global catalog, and the time server it + syncs to. +- [AD_DomainInfo Job](/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_domaininfo.md) – Provides operational reporting related to the collected + domains, sites, and trusts, providing details such as high level object counts by domain or site, + domain and forest functional levels, and types and directions of trusts +- [AD_DSRMSettings Job](/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_dsrmsettings.md) – Provides details on domain controller registry + settings for the DSRMAdminLogonBehavior key. If this key is set to 1 or 2, the DSRM Admin Account + can be used to log in to the domain controller even if it has not been started in DSRM which can + present a potential security vulnerability. +- [AD_KerberoastingRisk Job](/docs/accessanalyzer/12.0/solutions/activedirectory/domains/ad_kerberoastingrisk.md) – Identifies accounts vulnerable to + kerberoasting. Kerberoasting is a threat where attackers target service accounts in Active + Directory to steal their passwords. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/domains/recommended.md b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/recommended.md new file mode 100644 index 0000000000..0de8af7da7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/domains/recommended.md @@ -0,0 +1,62 @@ +# Recommended Configurations for the 5.Domains Job Group + +The **Active Directory > 5.Domains** job group has been configured by default to run with the +default settings. It can be run directly or scheduled. + +Dependencies + +This job group does not have dependencies. + +Targeted Hosts + +The **AD_DomainControllers** job has been configured to inherit its host from the **5.Domains > +0.Collection > Settings > Host List Assignment** node. It is set to target the ONE DOMAIN CONTROLLER +PER DOMAIN host list. + +The host list assignment for the **0.Collection > AD_TimeSync** and the **0.Collection** > +**AD_DSRM** jobs have been configured at the job’s **Configure** > **Hosts** node. They are set to +run against the ALL DOMAIN CONTROLLERS host list. + +The ONE DOMAIN CONTROLLER PER DOMAIN and ALL DOMAIN CONTROLLERS host lists are dynamic host lists +based on the host inventory value in the isDomainController field in the Host Master Table. + +The **5.Domains > AD_DomainInfo** job needs to be set to run against the following: + +- Custom host list with one domain controller per forest + +Connection Profile + +A Connection Profile should be assigned at the **5.Domains > Settings > Connection** node with +Domain Administrator privileges. + +Schedule Frequency + +This job group can be scheduled to run as desired. + +Run at the Job Group Level + +**_RECOMMENDED:_** Run the jobs in the **5.Domains** job group together and in order by running the +entire job group, instead of the individual jobs. + +Query Configuration + +The 5.Domains > 0.Collection > AD_DomainControllers job should be run with the default query +configurations. Most of these queries are preconfigured for this Job Group and should not be +modified. + +The following query can be modified to use a secure connection with TLS/SSL: + +- Domain Controller Listing Query which uses the + [LDAP Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/ldap.md) + +Workflow + +**Step 1 –** Set the host on the AD_DomainInfo job. + +**Step 2 –** Run a host discovery query to discover domain controllers. + +**Step 3 –** Set a Connection Profile on the job group. + +**Step 4 –** Schedule the 5.Domains job group to run as desired. + +**Step 5 –** Review the reports generated by the 5.Domains job group. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_cpassword.md b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_cpassword.md new file mode 100644 index 0000000000..d6250c2872 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_cpassword.md @@ -0,0 +1,34 @@ +# AD_CPassword Job + +The AD_CPassword Job identifies passwords that are stored in Group Policy Preferences which present +a security risk allowing attackers access to these passwords. Microsoft published the AES private +key, which can be used to decrypt passwords stored in Group Policy Preferences. See the Microsoft +[2.2.1.1.4 Password Encryption](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-gppref/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be) +article for additional information. Since Authenticated Users have read access to SYSVOL, any +malicious insider or attacker can search for the cPassword file inside XML files shared through +SYSVOL to decrypt them. GPOs can be stored in the `%ProgramData%\Microsoft\Group Policy\History` +folder on each machine, meaning any results found by this job should be deleted off every computer +once this policy has been removed. + +## Query for the AD_CPassword Job + +The AD_CPassword Job uses the PowerShell Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job + +![Query for the AD_CPassword Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/cpasswordquery.webp) + +The queries for this job are: + +- Sysvol – Targets one domain controller per domain known to Access Analyzer to determine CPassword + security + + - See the [PowerShell Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md) topic + for additional information. + +In addition to the tables created by the data collector, the AD_CPassword Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------- | +| Potential Plaintext Passwords | This report highlights domain contollers where this vulnerability exists, and provides the path of the XML file in question. | None | This report is comprised of one elements: - Table – Provides details on potential plaintext passwords | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_grouppolicy.md b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_grouppolicy.md new file mode 100644 index 0000000000..f4f33f506d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_grouppolicy.md @@ -0,0 +1,46 @@ +# AD_GroupPolicy Job + +The AD_GroupPolicy Job audits all Group Policies that are present on the Domain Controller, and +provides details on the containers they are linked to, and the settings that are configured. + +## Queries for the AD_GroupPolicy Job + +The AD_GroupPolicy Job uses the GroupPolicy Data Collector for the following query: + +**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. + +![Queries for the AD_GroupPolicy Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/grouppolicyquery.webp) + +The queries for this job are: + +- Link Status – Targets the default domain controller known to Access Analyzer to retrieve a GPO's + list for the domain +- Settings – Targets the default domain controller known to Access Analyzer to return the state for + domain policies for all GPOs. See the + [GroupPolicy Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/overview.md) topic for + additional information. + +## Analysis Tasks for the AD_GroupPolicy Job + +Navigate to the **Active Directory** > **4.GroupPolicy** > **AD_GroupPolicy** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupPolicy Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp) + +The default analysis tasks are: + +- 1. Group Policy Analysis – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 2. Combined User and Computer Settings – Creates the SA_AD_GroupPolicy_SettingList table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_GroupPolicy Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------ | -------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| GPO Details | This report lists all Group Policies and their settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPO count by domain - Table – Provides details on policies by domain - Table – Provides details on GPO count by domain - Table – Provides details on settings | +| GPO Overview | This report lists all Group Policies and their settings. | None | This report is comprised of three elements: - Bar Chart – Displays GPO configuration by domain - Table – Provides details on GPOs - Table – Provides details on GPO configuration by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_overlappinggpos.md b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_overlappinggpos.md new file mode 100644 index 0000000000..f718fa7560 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_overlappinggpos.md @@ -0,0 +1,42 @@ +# AD_OverlappingGPOs Job + +The AD_OverlappingGPOs Job identifies conflicting and redundant GPO settings based on link location. +These GPO settings should be cleaned up or consolidated. + +## Analysis Tasks for the AD_OverlappingGPOs Job + +Navigate to the **Active Directory** > **4. Group Policy** > **AD_OverlappingGPOs** > **Configure** +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected first analysis task. The first analysis task is +preconfigured for this job. + +![Analysis Tasks for the AD_OverlappingGPOs Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp) + +The default analysis tasks are: + +- Conflicting – Creates the SA_AD_OverlappingGPOs_Conflicts table accessible under the job’s Results + node + +The following analysis tasks are deselected by default: + +**NOTE:** Deselect the **Conflicting** analysis task before selecting the analysis tasks below. + +- Redundant – Restores the SA_AD_OverlappingGPOs_Redundant table to be visible under the job’s + Results node +- Redundant GPOs by OU – Restores the SA_AD_OverlappingGPOs_RedundantGPOsbyOU table to be visible + under the job’s Results node +- Redundant GPOs – Restores the SA_AD_OverlappingGPOs_RedundantGPOs table to be visible under the + job’s Results node +- Conflicts by OU – Restores the SA_AD_OverlappingGPOs_ConflictsByOU table to be visible under the + job’s Results node +- Conflicts by GPO – Restores the SA_AD_OverlappingGPOs_ConflictsByGPO table to be visible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_OverlappingGPOs Job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Conflicting GPOs | This report lists group policy objects that apply conflicting settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPOs by conflicts - Table – Provides details on GPOs by conflicts - Table – Provides details on GPOs Details - Table – Provides details on OUs with conflicting GPOs | +| Redundant GPOs | This report lists group policy objects that apply redundant settings. | None | This report is comprised of four elements: - Bar Chart – Displays GPOs by redundant children - Table – Provides details on GPOs by redundant children - Table – Provides details on overlapping GPOs - Table – Provides details on OUs with most redundancies | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_passwordpolicies.md b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_passwordpolicies.md new file mode 100644 index 0000000000..4557da56b0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_passwordpolicies.md @@ -0,0 +1,43 @@ +# AD_PasswordPolicies Job + +The AD_PasswordPolicies Job identifies fine-grained domain password policies that are stored within +the Password Settings Container. Fine-Grained password policies allow AD administrators to apply +different password policies within a single domain. + +## Query for the AD_PasswordPolicies Job + +The AD_PasswordPolicies Job uses the LDAP Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_PasswordPolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp) + +The query for this job is: + +- Fine-grained Policies – Targets one domain controller per domain known to Access Analyzer to + return fine-grained password policies + + - See the [LDAP Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/ldap.md) topic for additional + information + +## Analysis Task for the AD_PasswordPolicies Job + +Navigate to the **Active Directory** > **4.GroupPolicy** > **AD_PasswordPolicies** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the AD_PasswordPolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp) + +The default analysis tasks are: + +- Determine fine-grained password policy details – Creates the SA_AD_PasswordPolicies_Details table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the AD_UserDelegation Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------- | +| Fine-Grained Password Policies | This report highlights fine-grained password policies on all targeted domain controllers. | None | This report is comprised of one element: - Table – Provides details on fine-grained password policy details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/overview.md new file mode 100644 index 0000000000..f5ad3eac0a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/overview.md @@ -0,0 +1,28 @@ +# 4.Group Policy Job Group + +The 4.Group Policy Job Group audits GPOs and their settings, and provides in depth analysis of +conditions such as where GPOs have been linked, misconfigurations that can cause security or +operational issues, and redundant GPOs that can be consolidated. + +![4.Group Policy Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/jobstree.webp) + +The following components comprise the 4.Group Policy Job Group: + +- [AD_CPassword Job](/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_cpassword.md) – Identifies passwords that are stored in Group Policy + Preferences which present a security risk allowing attackers access to these passwords. Microsoft + published the AES private key, which can be used to decrypt passwords stored in Group Policy + Preferences. See the Microsoft + [2.2.1.1.4 Password Encryption](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-gppref/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be) + article for additional information. Since Authenticated Users have read access to SYSVOL, any + malicious insider or attacker can search for the cPassword file inside XML files shared through + SYSVOL to decrypt them. GPOs can be stored in the `%ProgramData%\Microsoft\Group Policy\History` + folder on each machine, meaning any results found by this job should be deleted off every computer + once this policy has been removed. +- [AD_GroupPolicy Job](/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_grouppolicy.md) – Audits all Group Policies that are present on the Domain + Controller, and provides details on the containers they are linked to and the settings that are + configured +- [AD_OverlappingGPOs Job](/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_overlappinggpos.md) – Identifies conflicting and redundant GPO + settings based on link location. These GPO settings should be cleaned up or consolidated. +- [AD_PasswordPolicies Job](/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/ad_passwordpolicies.md) – Identifies fine-grained domain password + policies that are stored within the Password Settings Container. Fine-Grained password policies + allow AD administrators to apply different password policies within a single domain. diff --git a/docs/accessanalyzer/12.0/solutions/active-directory/group-policy/recommended.md b/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/recommended.md similarity index 100% rename from docs/accessanalyzer/12.0/solutions/active-directory/group-policy/recommended.md rename to docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/recommended.md diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_circularnesting.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_circularnesting.md new file mode 100644 index 0000000000..35147adb02 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_circularnesting.md @@ -0,0 +1,28 @@ +# AD_CircularNesting Job + +The AD_CircularNesting Job identifies circularly nested groups within Active Directory which can +pose administrative and operational challenges with identifying effective access to resources. + +## Analysis Tasks for the AD_CircularNesting Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_CircularNesting** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_CircularNesting Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/circularnestinganalysis.webp) + +The default analysis tasks are : + +- Circular Nesting Details – Creates the SA_AD_CircularNesting_Details table accessible under the + job’s Results node +- Domain Summary – Creates the SA_AD_CircularNesting_DomainSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_CircularNesting Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ---------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Circular Nesting | This report identifies instances of circular nesting within the environment. | None | This report is comprised of three elements: - Bar Chart – Displays circular nesting by domain - Table – Provides details on circular nesting - Table – Provides details on circular nesting by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_dclogongroups.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_dclogongroups.md new file mode 100644 index 0000000000..db627e99e1 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_dclogongroups.md @@ -0,0 +1,32 @@ +# AD_DCLogonGroups Job + +The AD_DCLogonGroups Job identifies users who are able to log on to Domain Controllers through +effective membership to the Enterprise Admins, Domain Admins, Administrators, Backup Operators, +Account Operators, Print Operators, or Remote Desktop Users groups. This type of access should be +limited to only those individuals who require this level of administrative privileges. + +## Analysis Tasks for the AD_DCLogonGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_DCLogonGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DCLogonGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/dclogongroupsanalysis.webp) + +The default analysis tasks are: + +- Circular Effective Membership – Creates the SA_AD_DCLogonGroups_Membership table accessible under + the job’s Results node +- User Listing – Creates the SA_AD_DCLogonGroups_UserList table accessible under the job’s Results + node +- Membership Summary – Creates the SA_AD_DCLogonGroups_Summary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_CircularNesting Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | --------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain Controller Logon Rights | This report displays effective membership for groups with logon rights to domain controllers. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays largest groups - Table – Provides details on membership - Table – Provides summary of membership | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_duplicategroups.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_duplicategroups.md new file mode 100644 index 0000000000..0a79ffdfe7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_duplicategroups.md @@ -0,0 +1,26 @@ +# AD_DuplicateGroups Job + +The AD_Duplicate Job identifies duplicate groups within Active Directory. Duplicate groups contain +the same group membership as one another and are suitable candidates for cleanup. + +## Analysis Task for the AD_DuplicateGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_DuplicateGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AD_DuplicateGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/duplicategroupsanalysis.webp) + +The default analysis tasks are: + +- Identify Duplicate Groups – Creates the SA_AD_DuplicateGroups_Details table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis task, the AD_DuplicateGroups Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Duplicate Groups | This report identifies duplicate groups within the audited domains. | None | This report is comprised of three elements: - Bar Chart – Displays domains by number of groups with duplicates - Table – Provides details on duplicate groups - Table – Provides details on domains by number of groups with duplicates | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_emptygroups.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_emptygroups.md new file mode 100644 index 0000000000..e1f2102585 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_emptygroups.md @@ -0,0 +1,32 @@ +# AD_EmptyGroups Job + +The AD_EmptyGroups Job identifies empty and single member groups which are suitable candidates for +consolidation or cleanup. + +## Analysis Tasks for the AD_EmptyGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_EmptyGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_EmptyGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/emptygroupsanalysis.webp) + +The default analysis tasks are: + +- Empty Groups – Creates the SA_AD_EmptyGroups_Empty table accessible under the job’s Results node +- Single User Groups – Creates the SA_AD_EmptyGroups_SingleUser table accessible under the job’s + Results node +- Summarize Empty Groups – Creates the SA_AD_EmptyGroups_EmptySummary table accessible under the + job’s Results node +- Summarize Single User Groups – Creates the SA_AD_EmptyGroups_SingleUserSummary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_EmptyGroups Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | --------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Empty Groups | This report identifies all groups without any members. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by empty group counts - Table – Provides details on empty groups - Table – Provides details on empty groups by domain | +| Single User Groups | This report identifies groups which only contain a single user. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by single user groups - Table – Provides details on groups - Table – Provides details on single user groups by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_groupprobableowners.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_groupprobableowners.md new file mode 100644 index 0000000000..dfdbd71d98 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_groupprobableowners.md @@ -0,0 +1,29 @@ +# AD_GroupProbableOwners Job + +The AD_GroupProbableOwners Job determines potential owners for Active Directory Groups which can be +used to perform automated membership reviews and enable self-service group management and membership +requests. + +## Analysis Tasks for the AD_GroupProbableOwners Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_GroupProbableOwners** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupProbableOwners Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/groupprobableownersanalysis.webp) + +The default analysis tasks are: + +- Determine Ownership – Creates the SA_AD_GroupProbableOwner_Owners table accessible under the job’s + Results node +- Domain Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_GroupProbableOwner Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ----------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Probable Owners | This report identifies the most probable manager or department, based on effective member attributes. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top domains by blank manager field - Table – Provides details on probable ownership - Table – Provides summary of managers | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_largestgroups.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_largestgroups.md new file mode 100644 index 0000000000..daf5fd65c5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_largestgroups.md @@ -0,0 +1,27 @@ +# AD_LargestGroups Job + +The AD_LargestGroups Job identifies groups with large effective member counts. These types of groups +may cause administrative overhead and burden in being able to easily understand who is getting +access to resources, or how much access is being granted to resources through these groups. + +## Analysis Task for the AD_LargestGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_LargestGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AD_LargestGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/largestgroupsanalysis.webp) + +The default analysis tasks are: + +- Group Details – Creates the SA_AD_LargestGroups_Details table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis task, the AD_LargestGroups Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------- | +| Largest Groups | This report identifies the largest groups within the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays largest groups - Table – Provides details on groups | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_mailsecuritygroups.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_mailsecuritygroups.md new file mode 100644 index 0000000000..72f9c444f5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_mailsecuritygroups.md @@ -0,0 +1,29 @@ +# AD_MailSecurityGroups Job + +The AD_MailSecurityGroups Job identifies mail-enabled security groups within Active Directory. + +## Analysis Tasks for the AD_MailSecurityGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_MailSecurityGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_MailSecurityGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp) + +The default analysis tasks are: + +- Calculate Effective Membership – Creates the SA_AD_MailSecurityGroups_Membership table accessible + under the job’s Results node +- Mail Enabled Domain Summary – Creates the SA_AD_MailSecurityGroups_DomainSummary table accessible + under the job’s Results node +- Membership Summary – Creates the SA_AD_MailSecurityGroups_Summary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_MailSecurityGroups Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Mail Enabled Security Groups | This report displays summary data for mail enabled security groups. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays mail enabled security groups per domain - Table – Provides summary of mail enabled security groups - Table – Provides summary of mail enabled security groups by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_nestedgroups.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_nestedgroups.md new file mode 100644 index 0000000000..cf990b3fcb --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_nestedgroups.md @@ -0,0 +1,29 @@ +# AD_NestedGroups Job + +The AD_NestedGroups Job identifies nested groups within Active Directory and provides details such +as the levels of nesting. While Active Directory provides the ability to nest certain types of +groups within other groups, Microsoft recommends nesting does not go beyond two levels in order to +avoid difficulties in understanding effective membership and access. + +## Analysis Tasks for the AD_NestedGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_NestedGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_NestedGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/nestedgroupsanalysis.webp) + +The default analysis tasks are: + +- Details – Creates the SA_AD_NestedGroups_Details table accessible under the job’s Results node +- Summarize by Domain – Creates the SA_AD_NestedGroups_DomainSummary table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_NestedGroups Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Nested Groups | This report identifies the groups with the largest amount of nested groups, and how many levels of nesting there are. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by nesting - Table – Provides details on nested groups - Table – Provides details on top groups by nesting | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_sensitivesecuritygroups.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_sensitivesecuritygroups.md new file mode 100644 index 0000000000..743f9e0d47 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_sensitivesecuritygroups.md @@ -0,0 +1,32 @@ +# AD_SensitiveSecurityGroups Job + +The AD_SensitiveSecurityGroups Job identifies users who are granted administrative access within +Active Directory through membership to the Enterprise Admins, Domain Admins, Schema Admins, DNS +Admins, or Administrators groups. This level of access should be limited to only those individuals +who require this level of administrative privileges. + +## Analysis Tasks for the AD_SensitiveSecurityGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_SensitiveSecurityGroups** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_SensitiveSecurityGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp) + +The default analysis tasks are: + +- Calculate Effective Membership – Creates the SA_AD_SensitiveSecurityGroups_Membership table + accessible under the job’s Results node +- User Listing – Creates the SA_AD_SensitiveSecurityGroups_UserList table accessible under the job’s + Results node +- Membership Summary – Creates the SA_AD_SensitiveSecurityGroups_Summary table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_SensitiveSecurityGroups +Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------- | ------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Security Group Membership | This report displays effective membership for sensitive security groups. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays largest groups - Table – Provides details on membership - Table – Provides summary of group membership | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_stalegroups.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_stalegroups.md new file mode 100644 index 0000000000..63e758b664 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_stalegroups.md @@ -0,0 +1,31 @@ +# AD_StaleGroups Job + +The AD_StaleGroups Job identifies groups that contain potentially stale users. Users are considered +stale if they have never logged onto the domain, have not logged onto the domain in the past 60 +days, or are disabled. These group memberships should be reviewed and possibly removed. + +## Analysis Tasks for the AD_StaleGroups Job + +Navigate to the **Active Directory** > **1.Groups** > **AD_StaleGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_StaleGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/stalegroupsanalysis.webp) + +The default analysis tasks are: + +- Stale Group Details – Creates the SA_AD_StaleGroups_Details table accessible under the job’s + Results node +- Stale Groups Summary – Creates the SA_AD_StaleGroups_GroupSummary table accessible under the job’s + Results node +- Stale Groups Org Summary – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_StaleGroups Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Effective Membership (A.K.A. Stale Groups) | This report identifies groups with stale effective membership. A stale user is defined as someone who has not logged into the domain in over 60 days, is expired, or currently disabled. | None | This report is comprised of three elements: - Bar Chart – Displays group membership - Table – Provides details on membership - Table – Provides details on group membership | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/overview.md new file mode 100644 index 0000000000..660fe5bf01 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/overview.md @@ -0,0 +1,60 @@ +# 1.Groups Job Group + +The 1.Groups Job Group identifies effective group membership and pinpoints potential areas of +administrative concern such as nested or stale groups. + +![1.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/jobstree.webp) + +The following jobs comprise the 1.Groups Job Group: + +- [AD_CircularNesting Job](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_circularnesting.md) – Identifies circularly nested groups within + Active Directory which can pose administrative and operational challenges with identifying + effective access to resources +- [AD_DCLogonGroups Job](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_dclogongroups.md) – Identifies users who are able to log on to Domain + Controllers through effective membership to the Enterprise Admins, Domain Admins, Administrators, + Backup Operators, Account Operators, Print Operators, or Remote Desktop Users groups. This type of + access should be limited to only those individuals who require this level of administrative + privileges. +- [AD_DuplicateGroups Job](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_duplicategroups.md) – Identifies duplicate groups within Active + Directory. Duplicate groups contain the same group membership as one another and are suitable + candidates for cleanup. +- [AD_EmptyGroups Job](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_emptygroups.md) – Identifies empty and single member groups which are + suitable candidates for consolidation or cleanup +- [AD_GroupProbableOwners Job](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_groupprobableowners.md) – Determines potential owners for Active + Directory Groups which can be used to perform automated membership reviews and enable self-service + group management and membership requests +- [AD_LargestGroups Job](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_largestgroups.md) – Identifies groups with large effective member + counts. These types of groups may cause administrative overhead and burden in being able to easily + understand who is getting access to resources, or how much access is being granted to resources + through these groups. + + - The definition of a large group is set by the **.Active Directory Inventory** > + **3-AD_Exceptions** Job. It can be customized. See the + [3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/3-ad_exceptions.md) topic for additional + information. + +- [AD_MailSecurityGroups Job](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_mailsecuritygroups.md) – Identifies mail-enabled security groups + within Active Directory +- [AD_NestedGroups Job](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_nestedgroups.md) – Identifies nested groups within Active Directory and + provides details such as the levels of nesting. While Active Directory provides the ability to + nest certain types of groups within other groups, Microsoft recommends nesting does not go beyond + two levels in order to avoid difficulties in understanding effective membership and access. + + - The definition of a deeply nested group is set by the **.Active Directory Inventory** > + **3-AD_Exceptions** Job. It can be customized. See the + [3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/3-ad_exceptions.md) topic for additional + information. + +- [AD_SensitiveSecurityGroups Job](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_sensitivesecuritygroups.md) – Identifies users who are granted + administrative access within Active Directory through membership to the Enterprise Admins, Domain + Admins, Schema Admins, DNS Admins, or Administrators groups. This level of access should be + limited to only those individuals who require this level of administrative privileges. +- [AD_StaleGroups Job](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/ad_stalegroups.md) – Identifies groups that contain potentially stale users. + Users are considered stale if they have never logged onto the domain, have not logged onto the + domain in the past 60 days, or are disabled. These group memberships should be reviewed and + possibly removed. + + - The definition of a stale user” is set by the **.Active Directory Inventory** > + **3-AD_Exceptions** Job. It can be customized. See the + [3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/3-ad_exceptions.md) topic for additional + information. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/groups/recommended.md b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/recommended.md new file mode 100644 index 0000000000..066bde1367 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/groups/recommended.md @@ -0,0 +1,53 @@ +# Recommended Configurations for the 1.Groups Job Group + +The Active Directory > **1.Groups** Job Group has been configured by default to run with the default +settings. It can be run directly or scheduled. + +Dependencies + +The **.Active Directory Inventory** Job Group needs to be successfully executed prior to running +this job group. + +Target Host + +This job group does not collect data. No target host is required. + +Connection Profile + +This job group does not collect data. No specific Connection Profile is required. + +Schedule Frequency + +The data analyzed by the **1.Groups** Job Group jobs is collected by the **.Active Directory +Inventory** Job Group. Therefore, it is recommended to schedule these jobs to run after the .Active +Directory Inventory job group collection has completed. These jobs can be scheduled to run as +desired. + +Run at the Job Group Level + +**_RECOMMENDED:_** Run the jobs in the **1.Groups** Job Group together and in order by running the +entire job group, instead of the individual jobs. + +Analysis Configuration + +The **1.Groups** Job Group should be run with the default analysis configurations. Most of the +analysis tasks are preconfigured for this job group. + +Some analysis tasks have customizable parameters: + +- The .Active Directory Inventory Solution defines large groups, deeply nested groups, and stale + users. These parameters can be customized. + + - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks + + **NOTE:** Changes to an exception’s definition will affect all jobs dependent upon that + exception as well as all Access Information Center Exceptions reports. + +Workflow + +**Step 1 –** Prerequisite: Run the **.Active Directory Inventory** Job Group. + +**Step 2 –** Schedule the **1.Groups** Job Group to run as desired after the prerequisite job has +completed. + +**Step 3 –** Review the reports generated by the 1.Groups Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md new file mode 100644 index 0000000000..36e25c4107 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/overview.md @@ -0,0 +1,86 @@ +# Active Directory Solution + +The Active Directory solution is a comprehensive set of audit jobs and reports that provide the +information administrators need for Active Directory configuration, operational management, +troubleshooting, analyzing effective permissions, and tracking who is making what changes within an +organization. + +Supported Platforms + +- Windows Server 2016 and later +- Windows 2003 Forest level or higher + +**NOTE:** See the Microsoft +[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) +article for additional information. + +Requirements, Permissions, and Ports + +See the [Active Directory Domain Target Requirements](/docs/accessanalyzer/12.0/config/activedirectory/overview.md) +topic for additional information. + +Location + +The Active Directory Solution requires a special Access Analyzer license. It can be installed from +the Access Analyzer Instant Job Wizard. See the +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional information. +Once installed into the Jobs tree, navigate to the solution: **Jobs** > **Active Directory**. + +![Active Directory Solution](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/solutionoverview.webp) + +Each job group works independently from the other job groups. Some job groups run analysis tasks +against the analyzed data collected by the .Active Directory Inventory Solution to generate reports, +for example the 1.Groups job group. Other job groups run both data collection and analysis to +generate reports. The AD_SecurityAssessment job summarizes security related results from both the +Active Directory solution and the Active Directory Permissions Analyzer solution. + +**NOTE:** The Cleanup job group requires additional licenses to function. See the +[Active Directory Job Groups](#active-directory-job-groups) topic for additional information. + +## Active Directory Job Groups + +The Active Directory solution is a comprehensive set of audit jobs and reports that provide the +information every administrator needs for Active Directory configuration, operational management, +troubleshooting, analyzing effective permissions, and tracking who is making what changes within an +organization. + +![Active Directory Job Group](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/adsolutionjobgroup.webp) + +The following job groups comprise the Active Directory solution: + +- [1.Groups Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/groups/overview.md) – Identifies effective group membership and pinpoints + potential areas of administrative concern such as nested or stale groups +- [2.Users Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/users/overview.md) – Identifies user conditions and pinpoint potential areas + of administrative concern such as weak passwords, user token size, or stale users +- [3.Computers Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/computers/overview.md) – Pinpoints potential areas of administrative + concern related to computer accounts, including stale computers and computers that have been + trusted for delegation +- [4.Group Policy Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/overview.md) – Audits GPOs and their settings, and provides + in depth analysis of conditions such as where GPOs have been linked, misconfigurations that can + cause security or operational issues, and redundant GPOs that can be consolidated +- [5.Domains Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/domains/overview.md) – Provides details on domains, sites, and trusts, and + highlight domain level configurations that may leave your environment at risk +- [6.Activity Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/activity/overview.md) – Provides insights into access sprawl, privileged + account usage, and operational health of the Active Directory environment. Information collected + includes Active Directory Changes, Authentication, LDAP Traffic, Replication Traffic, and + LSASS.EXE process injection on domain controllers + + - Requires the Active Directory Activity license feature to function + +- [7.Certificate Authority Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/overview.md) – Collects settings, + permissions, and configurations for Certificate Authorities. It details access rights for the + Certificate Authority and reports on certificate requests, highlighting any that might expire + soon. +- [Cleanup Job Group](/docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/overview.md) – Identifies potential stale and unused users, computers, + and groups as well as issues with group membership. Remediation workflows are included to + de-provision unnecessary objects to help increase security and reduce complexity. + + - Requires the Active Directory Actions license feature to function + - Requires the Active Directory Actions Module to be installed + +- [AD Security Assessment Job](/docs/accessanalyzer/12.0/solutions/activedirectory/ad_securityassessment.md) – Summarizes security related results from + the Active Directory solution and the Active Directory Permissions Analyzer solution + +Since each job group within the Active Directory solution is designed to run independently, refer to +the Recommended Configurations topic for each job group, for information on frequency and job group +settings. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_directmembership.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_directmembership.md new file mode 100644 index 0000000000..86de9ea2ec --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_directmembership.md @@ -0,0 +1,28 @@ +# AD_DirectMembership Job + +The AD_DirectMembership Job identifies users who do not have any group membership. This condition +may indicate unnecessary user accounts that are suitable candidates for review and cleanup. + +## Analysis Tasks for the AD_DirectMembership Job + +Navigate to the **Active Directory** > **2.Users** > **AD_DirectMembership** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DirectMembership Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/directmembershipanalysis.webp) + +The default analysis tasks are: + +- User Details – Creates the SA_AD_DirectMembership_Details table accessible under the job’s Results + node +- Domain Summary – Creates the SA_AD_DirectMembership_DomainSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_DirectMembership Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| No Group Membership | This report identifies users with no group membership. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by users with no membership - Table – Provides details on all users with no group membership - Table – Provides details on top domains by users with no membership | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_duplicateusers.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_duplicateusers.md new file mode 100644 index 0000000000..0080c8156c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_duplicateusers.md @@ -0,0 +1,29 @@ +# AD_DuplicateUsers Job + +The AD_DuplicateUsers Job helps to identify multiple user accounts which may be owned by a single +employee. A user may have accounts in multiple domains or administrative accounts with greater +access than their normal account. + +## Analysis Tasks for the AD_DuplicateUsers Job + +Navigate to the **Active Directory** > **2.Users** > **AD_DuplicateUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DuplicateUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/duplicateusersanalysis.webp) + +The default analysis tasks are: + +- Potential Duplicates Details – Creates the SA_AD_DuplicateUsers_Details table accessible under the + job’s Results node +- User Details – Creates the SA_AD_DuplicateUsers_DomainSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_DuplicateUsers Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Duplicate User Accounts | This report identifies user accounts which may belong to a single employee, based on a variety of common attributes. | None | This report is comprised of three elements: - Bar Chart – Displays a domain summary - Table – Provides details on matches - Table – Provides details on duplicate user accounts by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_orphanedusers.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_orphanedusers.md new file mode 100644 index 0000000000..6d1ce43f11 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_orphanedusers.md @@ -0,0 +1,27 @@ +# AD_OrphanedUsers Job + +The AD_OrphanedUsers Job identifies users whose managers are stale or disabled. These user accounts +should be reviewed and appropriate management should be assigned. + +## Analysis Tasks for the AD_OrphanedUsers Job + +Navigate to the **Active Directory** > **2.Users** > **AD_OrphanedUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_OrphanedUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/orphanedusersanalysis.webp) + +The default analysis tasks are: + +- Details – Creates the SA_AD_OrphanedUsers_Details table accessible under the job’s Results node +- Domain Summary – Creates the SA_AD_OrphanedUsers_DomainSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_OrphanedUsers Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | --------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Orphaned Users | A user is considered orphans when their manager is disabled or stale. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by orphaned users - Table – Provides details on orphaned users - Provides details on top domains by orphaned users | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_passwordstatus.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_passwordstatus.md new file mode 100644 index 0000000000..ad165ebd26 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_passwordstatus.md @@ -0,0 +1,28 @@ +# AD_PasswordStatus Job + +The AD_PasswordStatus Job highlights potential issues with user password settings that may exploited +or compromised if not addressed. + +## Analysis Tasks for the AD_PasswordStatus Job + +Navigate to the **Active Directory** > **2.Users** > **AD_PasswordStatus** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigure for this job. + +![Analysis Tasks for the AD_PasswordStatus Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/passwordstatusanalysis.webp) + +The default analysis tasks are: + +- Password Status Details – Creates the SA_AD_PasswordStatus_Details table accessible under the + job’s Results node +- Domain Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_PasswordStatus Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Password Status | This report identifies the password status of all users and highlights potential issues. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays password issues by domain - Table – Provides details on users - Provides details on password issues by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_serviceaccounts.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_serviceaccounts.md new file mode 100644 index 0000000000..00310f58e8 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_serviceaccounts.md @@ -0,0 +1,34 @@ +# AD_ServiceAccounts Job + +The AD_ServiceAccounts Job offers information about service accounts and if they are vulnerable to +Kerberoasting. An account is deemed vulnerable to a Kerberoasting attack if the +msDS-SupportedEncryptionTypes value supports RC4 as the highest encryption type. + +_Remember,_ the 1-AD_Scan Job needs to be configured to collect these Custom Attributes: + +- servicePrincipalName – Provides service account information. See the Microsoft + [Service Principal Names](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc961723(v=technet.10)) + article for additional information. +- msDS-SupportedEncryptionTypes – Identifies service accounts vulnerable to Kerberoasting attacks + +## Analysis Task for the AD_ServiceAccounts Job + +Navigate to the **Active Directory** > **2.Users** > **AD_ServiceAccounts** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the AD_ServiceAccounts Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/serviceaccountsanalysis.webp) + +The default analysis tasks are: + +- Password Status Details – Creates the SA_AD_ServiceAccounts_Details table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis task, the AD_ServiceAccounts Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ---------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Service Accounts | This report provides details on service accounts in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays service accounts by domain - Table – Provides details on service accounts - Table – Provides details on service accounts by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_sidhistory.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_sidhistory.md new file mode 100644 index 0000000000..9dba24b37f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_sidhistory.md @@ -0,0 +1,30 @@ +# AD_SIDHistory Job + +The AD_SIDHistory Job enumerates historical SIDs in the audited environment and highlights +exceptions involving the SIDHistory attribute on AD user objects. Specific conditions include when a +user has a historical SID from their current domain, or when a non-admin user has a historical SID +with administrative rights, both of which may be indicators of compromise. + +## Analysis Tasks for the AD_SIDHistory Job + +Navigate to the **Active Directory** > **2.Users** > **AD_SIDHistory** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_SIDHistory Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/sidhistoryanalysis.webp) + +The default analysis tasks are: + +- Determine SIDHistory details – Creates the SA_AD_SIDHistory_Details table accessible under the + job’s Results node +- Summarize SIDHistory details – Creates the SA_AD_SIDHistory_Summary table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_PasswordStatus Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SID History | This report lists historical SIDs in the audited environment. Additionally, it highlights exceptions involving the SIDHistory attribute on AD user objects. Considered in particular are when a user has a historical SID from their current domain, or when a non-admin user has a historical SID with administrative rights. | None | This report is comprised of three elements: - Bar Chart – Displays historical SIDs by domain - Table – Provides details on SID history - Table – Provides details on historical SIDs by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_staleusers.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_staleusers.md new file mode 100644 index 0000000000..873327a754 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_staleusers.md @@ -0,0 +1,35 @@ +# AD_StaleUsers Job + +The AD_StaleUsers job identifies potentially stale users based on the amount of time since their +last login to the domain, or if the account has been disabled. These accounts should be reviewed and +cleaned up in order to increase security and reduce complexity. + +**NOTE:** The definition of a stale user is set by the .Active Directory Inventory solution. These +parameters, including the number of days since last login to be considered stale (by default 60 +days), can be customized within the **.Active Directory Inventory** > **3-AD_Exceptions** job's +**Stale Users** analysis task. See the +[3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/3-ad_exceptions.md) topic for additional +information. + +## Analysis Tasks for the AD_StaleUsers Job + +Navigate to the **Active Directory** > **2.Users** > **AD_StaleUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_StaleUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/staleusersanalysis.webp) + +The default analysis tasks are: + +- User Details – Creates the SA_AD_StaleUsers_Details table accessible under the job’s Results node +- Summarize by Domain – Creates the SA_AD_StaleUsers_DomainSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_StaleUsers job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Users | This report identifies user accounts which have not logged into the domain for an extended amount of time or are currently disabled. A user account is considered stale if the last logon is over 60 days ago, is currently disabled, or expired. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays users by domain - Table – Provides details on users - Table – Provides details on users by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_userattributecompletion.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_userattributecompletion.md new file mode 100644 index 0000000000..26a5546200 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_userattributecompletion.md @@ -0,0 +1,29 @@ +# AD_UserAttributeCompletion Job + +The AD_UserAttributeCompletion Job identifies which attributes are present within User fields in +Active Directory, and which ones are blank for a majority of objects. This may indicate accounts +within Active Directory which are lacking appropriate information. + +## Analysis Tasks for the AD_UserAttributeCompletion Job + +Navigate to the **Active Directory** > **2.Users** > **AD_UserAttributeCompletion** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_UserAttributeCompletion Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/userattributecompletionanalysis.webp) + +The default analysis tasks are: + +- Details – Creates an interim processing table in the database for use by downstream analysis and + report generation +- User Details – Creates an interim processing table in the database for use by downstream analysis + and report generation + +In addition to the tables and views created by the analysis tasks, the AD_UserAttributeCompletion +Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Attribute Completion | This report identifies which attributes are present within User fields in Active Directory, and which ones are blank for a majority of objects. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays completeness by attribute - Table – Provides details on users with blank attributes - Table –Provides details on completeness by attribute | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_userdelegation.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_userdelegation.md new file mode 100644 index 0000000000..fb466871d2 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_userdelegation.md @@ -0,0 +1,29 @@ +# AD_UserDelegation Job + +The AD_Delegation Job highlights user accounts which are trusted for delegation. Kerberos delegation +enables an application to access resources hosted on a different server, and opens up several +avenues to compromise based on the type of delegation enabled.  See the +[What Is Kerberos Delegation?](https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/) Netwrix +blog article for more information about this configuration and the related security risks. + +## Analysis Task for the AD_UserDelegation Job + +Navigate to the **Active Directory** > **2.Users** > **AD_UserDelegation** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AD_UserDelegation Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/userdelegationanalysis.webp) + +The default analysis tasks are: + +- Determine users for trusted delegation – Creates the SA_AD_UserDelegation_Details table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis task, the AD_UserDelegation Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Users Trusted for Delegation | This report highlights which users are trusted for delegation, which accounts are sensitive, and whether the delegation is constrained or unconstrained. | None | This report is comprised of three elements: - Bar Chart – Displays users trusted for delegation by domain - Table – Provides details on users trusted for delegation - Table – Provides details on users trusted for delegation by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_usertoken.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_usertoken.md new file mode 100644 index 0000000000..8a8b0c2763 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_usertoken.md @@ -0,0 +1,29 @@ +# AD_UserToken Job + +The AD_UserToken Job identifies and reports the number of SIDS and estimated token size associated +with each user. Token bloat can lead to issues during login and can also cause applications that use +Kerberos authentication to fail. See the Microsoft +[Problems with Kerberos authentication when a user belongs to many groups](https://learn.microsoft.com/en-US/troubleshoot/windows-server/windows-security/kerberos-authentication-problems-if-user-belongs-to-groups) +article for more information about estimated token size. + +## Analysis Task for the AD_UserToken Job + +Navigate to the **Active Directory** > **2.Users** > **AD_UserToken** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AD_UserToken Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/usertokenanalysis.webp) + +The default analysis tasks are: + +- Calculate Token Size – Creates the SA_AD_UserTokens_Details table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis task, the AD_UserToken Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Token | A user's token size is directly related to the number of SIDs associated with their user account, taking into account historical SIDs and effective membership. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top users by estimated token size - Table – Provides details on user tokens | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_weakpasswords.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_weakpasswords.md new file mode 100644 index 0000000000..6c6d1020ee --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_weakpasswords.md @@ -0,0 +1,109 @@ +# AD_WeakPasswords Job + +The AD_WeakPasswords Job analyzes user account password hashes to determine how easily each could be +compromised or the likelihood their passwords are known through comparison with compromised password +dictionaries and other exceptions. Exceptions include: + +- AES Key Missing – Account is set up using older functional AD levels, so has no AES key. These + accounts use weaker encryption methods susceptible to brute force attacks. +- Clear Text Password – Account has passwords stored with reversible encryption. See the Microsoft + [Store passwords using reversible encryption](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh994559(v=ws.11)) + article for additional information. +- Default Computer Password – Computer has default computer passwords set +- Delegable Admins – Administrator account is allowed to be delegated to a service +- DES Encryption Only – Account is using Kerberos DES encryption. DES encryption is considered weak + as the 56-bit key is prone to brute force attacks. See the Microsoft + [AD DS: User accounts and trusts in this domain should not be configured for DES only](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff646918(v=ws.10)) + article for additional information. +- Empty Password – Account has an empty password +- Kerberos Pre-authentication is not required – Account does not require Kerberos + pre-authentication. Kerberos pre-authentication can mitigate against brute force attacks. See the + Microsoft + [Kerberos Pre-Authentication: Why It Should Not Be Disabled](https://learn.microsoft.com/en-us/archive/technet-wiki/23559.kerberos-pre-authentication-why-it-should-not-be-disabled) + article for additional information. +- LM Hash – Account has stored LM hashes. The LM hash is a relatively weak hash that is prone to + brute force attacks. See the Microsoft + [How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases](https://learn.microsoft.com/en-US/troubleshoot/windows-server/windows-security/prevent-windows-store-lm-hash-password) + article for additional information. +- Password Never Expires – Account has a password that never expires +- Password Not Required – Account does not require a password +- Weak Historical Password – Account has a historical password that was found in the dictionary +- Weak Password – Account has a password that was found in the dictionary +- Shares Common Password – Account shares a password with another account + +## Queries for the AD_WeakPasswords Job + +The AD_WeakPasswords Job uses the PasswordSecurity Data Collector. + +![Query for the AD_WeakPasswords Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/weakpasswordsquery.webp) + +The query for this job are: + +- Weak Passwords – Collects password hashes to identify weak passwords + + - See the + [PasswordSecurity Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/overview.md) + topic for additional information + +### Configure the Weak Passwords Query + +The PasswordSecurity Data Collector can be scoped if desired. Follow the steps to modify the query +configuration. + +**Step 1 –** Navigate to the job’s Configure node and select Queries. + +**Step 2 –** In the Query Selection view, select the **Weak Passwords** query and click**Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the Data Source tab, and click **Configure**. The Password Security Data +Collector Wizard opens. + +![Password Security Data Collection Wizard Scan options page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/optionsweakpassword.webp) + +**CAUTION:** Read the warning prior to enabling the cleartext password feature. + +**Step 4 –** On the Options page, configure the scan options by enabling communication with the +Active Directory via SSL or returning cleartext password entries. + +![Password Security Data Collection Wizard Dictionary options page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/dictionariesweakpassword.webp) + +**Step 5 –** On the Dictionaries page, configure the dictionary options by enabling the Netwrix weak +password dictionary or click **Add…** to upload a custom dictionary with NTLM hashes or plaintext +passwords to use during the scan. + +- See the + [PasswordSecurity: Dictionaries](/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/dictionaries.md) + topic for additional information + +**Step 6 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The Weak Passwords query is now configured. + +## Analysis Tasks for the AD_WeakPasswords Job + +Navigate to the **Active Directory** > **2.Users** > **AD_WeakPasswords** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_WeakPasswords Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/weakpasswordsanalysis.webp) + +The default analysis tasks are: + +- Count of Shared Passwords – Creates the SA_AD_WeakPasswords_Count table accessible under the job's + Results node +- Join Active Directory Stats – Creates the SA_AD_WeakPasswords_Details table accessible under the + job’s Results node +- Summarize Password Issues – Creates the SA_SA_AD_WeakPasswords_Summary table accessible under the + job's Results node +- Add to AD Exceptions – Creates the SA_AD_UserDelegation_Details table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_UserDelegation Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Weak Passwords Checks | This job identifies accounts in the organization with weak passwords that can be easily decrypted or brute forced. | None | This report is comprised of three elements: - Bar Chart – Displays password weaknesses - Table – Provides details on password weaknesses - Table – Provides details on exceptions and user counts | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/overview.md new file mode 100644 index 0000000000..d0335c0458 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/overview.md @@ -0,0 +1,42 @@ +# 2.Users Job Group + +The 2.Users Job Group identifies user conditions and pinpoint potential areas of administrative +concern such as weak passwords, user token size, or stale users. + +![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/jobstree.webp) + +The following components comprise the 2.Users Job Group: + +- [AD_DirectMembership Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_directmembership.md) – Identifies users who do not have any group + membership. This condition may indicate unnecessary user accounts that are suitable candidates for + review and cleanup. +- [AD_DuplicateUsers Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_duplicateusers.md) – Identifies multiple user accounts which may be + owned by a single employee. A user may have accounts in multiple domains or administrative + accounts with greater access than their normal account. +- [AD_OrphanedUsers Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_orphanedusers.md) – Identifies users whose managers are stale or + disabled. These user accounts should be reviewed and appropriate management should be assigned. +- [AD_PasswordStatus Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_passwordstatus.md) – Highlights potential issues with user password + settings that may exploited or compromised if not addressed +- [AD_ServiceAccounts Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_serviceaccounts.md) – Offers information about service accounts and if + they are vulnerable to Kerberoasting. An account is deemed vulnerable to a Kerberoasting attack if + the msDS-SupportedEncryptionTypes value supports RC4 as the highest encryption type. +- [AD_SIDHistory Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_sidhistory.md) – Enumerates historical SIDs in the audited environment and + highlights exceptions involving the SIDHistory attribute on AD user objects. Specific conditions + include when a user has a historical SID from their current domain, or when a non-admin user has a + historical SID with administrative rights, both of which may be indicators of compromise. +- [AD_StaleUsers Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_staleusers.md) – Identifies potentially stale users based on the amount of + time since their last login to the domain, or if the account has been disabled. These accounts + should be reviewed and cleaned up in order to increase security and reduce complexity. +- [AD_UserAttributeCompletion Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_userattributecompletion.md) – Identifies which attributes are + present within User fields in Active Directory, and which ones are blank for a majority of + objects. This may indicate accounts within Active Directory which are lacking appropriate + information. +- [AD_UserDelegation Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_userdelegation.md) – Highlights user accounts which are trusted for + delegation. Kerberos delegation enables an application to access resources hosted on a different + server, and opens up several avenues to compromise based on the type of delegation enabled. +- [AD_UserToken Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_usertoken.md) – Identifies and reports the number of SIDS and estimated + token size associated with each user. Token bloat can lead to issues during login and can also + cause applications that use Kerberos authentication to fail. +- [AD_WeakPasswords Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_weakpasswords.md) – Analyzes user account password hashes to determine + how easily each could be compromised or the likelihood their passwords are known through + comparison with compromised password dictionaries and other exceptions diff --git a/docs/accessanalyzer/12.0/solutions/activedirectory/users/recommended.md b/docs/accessanalyzer/12.0/solutions/activedirectory/users/recommended.md new file mode 100644 index 0000000000..d0860e612a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectory/users/recommended.md @@ -0,0 +1,90 @@ +# Recommended Configurations for the 2.Users Job Group + +The **Active Directory** > **2.Users** Job Group has been configured by default to run with the +out-of-the-box settings. It can be run directly or scheduled. + +Dependencies + +- The **.Active Directory Inventory** Job Group needs to be successfully executed prior to running + this job group + + - For the **AD_ServiceAccounts** Job, the **.Active Directory Inventory** > **1-AD_Scan** Job + needs to be configured to collect **servicePrincipalName** as a Custom Attribute + +- For the **AD_WeakPassword** Job: + + - Requires the DSInternals PowerShell Module, which is a third-party package. See the + [AD_WeakPasswords Job](/docs/accessanalyzer/12.0/solutions/activedirectory/users/ad_weakpasswords.md) topic for additional information. + - The AD_WeakPasswords Job depends on a dictionary file. See the + [PasswordSecurity: Dictionaries](/docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/dictionaries.md) + topic for additional information. + + **_RECOMMENDED:_** If this job is not to be used, disable the job to prevent execution when the + job group is executed. + +Targeted Host(s) + +Only the **AD_WeakPasswords** Job requires a host list. The host list assignment has been configured +under the **2. Users** > **AD_WeakPasswords** > **Configure** > **Hosts** node. It is set to target +the **ONE DOMAIN CONTROLLER PER DOMAIN** host list. This host list is a dynamic host list based on +the host inventory value in the **isDomainController** field in the Host Master Table. + +Connection Profile + +Only the **AD_WeakPasswords** Job requires a Connection Profile. It must be set directly on the +**AD_WeakPasswords** Job (through the Job Properties window) with Domain Administrator privileges. + +**NOTE:** The **AD_WeakPassword** Job can be executed with a least privilege credential. See the +[Active Directory Auditing Configuration](/docs/accessanalyzer/12.0/config/activedirectory/access.md) topic for +additional information. + +Schedule Frequency + +The data analyzed by the **2.Users** Job Group jobs is collected by the **.Active Directory +Inventory** Job Group. Therefore, it is recommended to schedule these jobs to run after the +**.Active Directory Inventory** job group collection has completed. These jobs can be scheduled to +run as desired. + +Run at the Job Group Level + +Run the jobs in the **2.Users** Job Group together and in order by running the entire job group, +instead of the individual jobs. + +_Remember,_ if the **AD_WeakPassword** Job is not to be executed, it can be disabled. + +Analysis Configuration + +The **2.Users** Job Group should be run with the default analysis configurations. Most of the +analysis tasks are preconfigured for this Job Group. + +Some analysis tasks have customizable parameters: + +- The **.Active Directory Inventory** Solution defines stale users. These parameters can be + customized. + + - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks + + **NOTE:** Changes to an exception’s definition will affect all jobs dependent upon that + exception as well as all Access Information Center Exceptions reports. + +Workflow + +**Step 1 –** Prerequisite: Ensure the **.Active Directory Inventory** Job Group has been +successfully run. + +**Step 2 –** For AD_WeakPassword Job: Run a host discovery query to discover domain controllers. + +- The **AD_WeakPasswords** Job has been set to run against the following default dynamic host list: + + - ONE DOMAIN CONTROLLER PER DOMAIN + + **NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table that meet + the host inventory criteria for the list. Ensure the appropriate host lists have been populated + through host inventory results. + +**Step 3 –** Set a Connection Profile on the job that runs the data collection. + +**Step 4 –** Schedule the **2.Users** Job Group to run as desired after the prerequisite job has +completed. + +**Step 5 –** Review the reports generated by the **2.Users** Job Group. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/1-ad_scan.md b/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/1-ad_scan.md new file mode 100644 index 0000000000..0f7a4aa111 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/1-ad_scan.md @@ -0,0 +1,179 @@ +# 1-AD_Scan Job + +The 1-AD_Scan Job collects data from Active Directory. In most environments, this job requires no +additional customizations before running it. Optionally, the job can be configured to scope scan +options and to collect custom attributes. For enable SSL encryption for communication with Active +Directory, see the [Enable SSL Option](#enable-ssloption) topic for additional information. + +## Queries for the 1-AD Scan Job + +The 1-AD_Scan Job uses the ADInventory Data Collector for the following query: + +![Queries for the 1-AD Scan Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scanqueries.webp) + +- AD Inventory – Targets a domain controller to collect inventory data for user, group, and computer + objects + + - This query can be modified. See the + [Customize the 1-AD_Scan Query](#customize-the-1-ad_scan-query) topic for additional + information. + +### Customize the 1-AD_Scan Query + +The 1-AD_Scan Job has been preconfigured to run with the default settings with the category of Scan +Active Directory. Follow the steps to set any desired customizations to scan options or to collect +custom attributes. + +**Step 1 –** Navigate to the **.Active Directory Inventory** > **1-AD_Scan** > **Configure** node +and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Active Directory Inventory +DC Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Active Directory Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardoptions.webp) + +**Step 4 –** (Optional) On the Options page, you can: + +- Enable encrypted communication with Active Directory (SSL) +- Configure the differential scan settings using the **Collect only updates since last + scan** settings + +See the [ADInventory: Options](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/options.md) topic for more +information. + +![Active Directory Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp) + +**Step 5 –** (Optional) On the Custom Attributes page, add any desired custom attributes to be used +in the Active Directory scan. See the +[ADInventory: Custom Attributes](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributes.md) +topic for additional information. + +**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +**NOTE:** In order for the Access Information Center to populate NFS permissions within File System +reports, the .Active Directory Inventory Job Group must be configured to collect the **uid** and +**uidNumber** attributes for Users. See the +[NFS Permissions for the AIC ](#nfs-permissions-for-the-aic) topic for additional information. + +The 1-AD_Scan Job is now ready to run with the customized settings. If any custom attributes are +added to the data collection, the **Create Extended Attributes View** analysis task can be enabled +in order to have visibility into the collected data. + +## Analysis Tasks for the 1-AD_Scan Job + +View the analysis tasks by navigating to the **.Active Directory Inventory** > **1-AD_Scan** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 1-AD_Scan Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scananalysis.webp) + +The following analysis tasks are selected by default: + +- Import functions – Imports effective group membership function into the database +- Create Extended Attributes View – Creates the SA_ADInventory_ExtendedAttributesView for Custom + Attributes that have been added to the query +- Summarize Domains – Creates the SA_ADInventory_Report_DomainSummary table +- Summarize Stats – Creates the SA_ADInventory_Summary table + +The following analysis tasks never need to be selected as they are only needed to restore views that +have been accidentally hidden: + +- Bring User View To Console – Restores the SA_ADInventory_UsersView to be visible within the Access + Analyzer Console if it is hidden +- Bring Group Members View To Console – Restores the SA_ADInventory_GroupMembersView to be visible + within the Access Analyzer Console if it is hidden +- Bring Group View To Console – Restores the SA_ADInventory_GroupsView to be visible within the + Access Analyzer Console if it is hidden +- Bring Computers View to Console – Restores the SA_ADInventory_ComputersView to be visible within + the Access Analyzer Console if it is hidden +- Remove ADI Stored Procedures – Removes the built-in ADI stored procedures + +In addition to the tables and views explained in the +[Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/standardtables.md) +topic, the 1-AD_Scan Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Active Directory Summary | This report provides a summary of all audited domains and objects. | None | This report is comprised of four elements: - Table – Displays general statistics in the Users, Groups, and Computers in All Audited Domains - Pie Chart – Displays Principals by Object Class - Pie Chart – Displays Principals by Audited Domain - Table – Displays detailed statistical information for each of the AD objects | + +## NFS Permissions for the AIC + +In order for the Access Information Center to populate NFS resources within all File System +permissions and resource audit reports, the .Active Directory Inventory Job Group must be configured +to collect the following custom attributes for Users: + +- uid +- uidNumber + +Follow the steps to add the custom attributes. + +**Step 1 –** Navigate to the Active Directory Inventory DC Wizard for the AD Inventory Query within +the 1-AD_Scan Job. + +![Active Directory Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp) + +**Step 2 –** Navigate to the Options page. Ensure the **Collect only updates since last scan** +option is deselected. + +**NOTE:** Whenever query configurations are modified, it is necessary to do a full scan. After the +first full scan, differential scanning can be re-enabled. + +![Active Directory Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp) + +**Step 3 –** Use the **Next** button to navigate to the Custom Attributes page. Add both **uid** and +**uidNumber** attributes to the existing list of custom attributes. See the +[ADInventory: Custom Attributes](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributes.md) +topic for additional information. + +- **uid** attribute: + + - Domain Filter – \* + - Object Class – User + - Attribute Name – uid + +- **uidNumber** attribute: + + - Domain Filter – \* + - Object Class – User + - Attribute Name – uidNumber + +**Step 4 –** Use the **Next** button to navigate to the Summary page and click **Finish**. The +Active Directory Inventory DC Wizard closes. Click **OK** to close the Query Properties window. + +**Step 5 –** Run the .Active Directory Inventory Job Group either manually or through a scheduled +task. + +The .Active Directory Inventory Job Group is now collecting attributes required for NFS data to be +visible within the Access Information Center. + +_Remember,_ it is necessary to re-enable differential scanning after Step 5 if desired. + +See the Resource Audit topics in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +## Enable SSL Option + +Follow the steps to enable SSL encryption for communications with Active Directory: + +**Step 1 –** Navigate to the **1-AD_Scan > Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query +Properties window opens. + +**Step 3 –** Go to the Options page and select the **Encrypt communication with Active Directory +(SSL)** checkbox. Click **Next**. + +**Step 4 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The job will now use SSL encryption to query Active Directory. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/2-ad_changes.md b/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/2-ad_changes.md new file mode 100644 index 0000000000..7fede79ac1 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/2-ad_changes.md @@ -0,0 +1,173 @@ +# 2-AD_Changes Job + +The 2-AD_Changes Job tracks changes within all scanned domains. Reports in the job highlight Active +Directory changes which have occurred since the last time the .Active Directory Inventory Job Group +was run. It is dependent on the running of the 1-AD_Scan Job, also located in the .Active Directory +Inventory Job Group. + +The 1-AD_Scan Job must have the Query Option to **Track changes into Change tracking tables** +selected in order for the Analysis Tasks in the 2-AD_Changes Job to work. See Step 4 of the +[Customize the 1-AD_Scan Query](1-ad_scan.md#customize-the-1-ad_scan-query) topic for additional +information. + +## Analysis Tasks for the 2-AD_Changes Job + +View the analysis tasks by navigating to the **.Active Directory Inventory** > **2-AD_Changes** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 2-AD_Changes Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/changesanalysis.webp) + +The following analysis tasks are selected by default: + +- Org Changes + + - Creates the SA_AD_Changes_OrganizationalChanges table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +- Analyze Group Changes – Creates the SA_AD_Changes_GroupAnalysis table accessible under the job’s + Results node +- Attribute Changes + + - Creates the SA_AD_Changes_AttributeChangeDetails table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +- User Account Status + + - Creates the SA_AD_Changes_UserAccountStatus table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +- Group Membership Changes + + - Creates the SA_AD_Changes_GroupMembershipChanges table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +- Object Moves + + - Creates the SA_AD_Changes_ObjectMoves table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +- New Principals – Creates interim processing tables in the database for use by downstream analysis + and report generation +- Deleted Principals + + - Creates the SA_AD_Changes_DeletedPrincipals table accessible under the job’s Results node + - Creates interim processing tables in the database for use by downstream analysis and report + generation + +The Notification analysis tasks are optional and require configuration before enabling them. The +following analysis tasks are deselected by default: + +- Domain Admin Changes – Alerts when Domain Admins Group membership changes occur + + - Importance – Security, as this is a Sensitive Security Group + +- Empty Groups – Alerts when group membership changes result in an empty group + + - Importance – AD Clean-up + +- Circular Nesting – Alerts when group membership changes result in a group effectively containing + itself + + - Importance – Security and AD Clean-up + +- Stale Membership – Alerts when group members become stale + + - Importance – Security and AD Clean-up + +- Large Change – Alerts when group membership changes result in a group becoming large + + - Importance – Security + +- Disabled Users – Alerts when user accounts become disabled + + - Importance – Security + +- Locked out Users – Alerts when user accounts become locked-out + + - Importance – Security  and Employee Productivity + +- Alert on New Principals – Alerts when new user, group, or computer objects are created + + - Importance – Security and AD Clean-up + +- Alert on Deleted Users – Alerts when user accounts are deleted + + - Importance – Security  and Employee Productivity + +Notification must have recipients configured for the analysis task. Optionally, the email subject +and body can be modified. See the +[Notification Analysis Tasks for the 2-AD_Changes Job](#notification-analysis-tasks-for-the-2-ad_changes-job) +topic for additional information. + +In addition to the tables and views created by the analysis tasks, the 2-AD_Changes Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------------------------- | ------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Attribute Changes | This report tracks attribute changes within Active Directory. | None | This report is comprised of three elements: - Bar graph – Displays Attribute Changes (Past 24 Hours) - Table – Provides details on attribute changes (Past 24 Hours) - Table – Provides details on changes | +| Group Membership Changes (A.K.A. Most Active Groups) | This report tracks group membership changes in Active Directory. | None | This report is comprised of three elements: - Bar graph – Displays Most Active Groups (Past 24 Hours) - Table – Provides details on the most active groups (Past 24 Hours) - Table – Provides details on the most active groups | +| New Principals | This report identifies when principals have been created on the targeted domains. | None | This report is comprised of two elements: - Bar graph – Displays New Principals by Domain (Past 24 Hours) - Table – Provides details on the new principals by domain | +| Object Moves | This report tracks object moves in Active Directory. | None | This report is comprised of two elements: - Table – Displays Most Active OUs (Past 24 Hours) - Table – Provides details on the most active OUs | +| Org Changes (A.K.A. Organizational Changes) | This report tracks organizational moves such as manager, title or department changes. | None | This report is comprised of three elements: - Bar graph – Displays Organizational Changes (Past 24 Hours) - Table – Provides details on organizational changes (Past 24 Hours) - Table – Provides details on the organizational changes | +| Principal Deletions (A.K.A. Past 24 Hours) | This report identifies when principals have been deleted from the targeted domains. | None | This report is comprised of three elements: - Bar graph – Displays Deleted Principals by Domain (Past 24 Hours) - Table – Provides details on deleted principals by domain (Past 24 Hours) - Table – Provides details on the principals by domain | +| User Account Status Changes | This report tracks user account status changes. | None | This report is comprised of three elements: - Bar graph – Displays User Account Control Changes (Past 24 Hours) - Table – Provides details on user account control changes (Past 24 Hours) - Table – Provides details on the user account control changes | + +### Notification Analysis Tasks for the 2-AD_Changes Job + +In order for Access Analyzer to send email notifications, it is necessary for the **Settings** > +**Notification** node to be properly configured. See the +[Notification](/docs/accessanalyzer/12.0/admin/settings/notification.md) topic for instructions on enabling the Access +Analyzer Console to send email notifications. Once email notifications have been enabled, the +individual notification analysis tasks can be configured and enabled. Follow the steps to configure +a notification analysis task. + +**Step 1 –** Navigate to the **.Active Directory Inventory** > **2-AD_Changes** > **Configure** node +and select **Analysis**. + +![Notification Analysis Tasks for the 2-AD_Changes Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/changesanalysisnotification.webp) + +**Step 2 –** In the Analysis Selection view, select the desired notification analysis task and click +**Analysis Configuration**. The Notification Data Analysis Module opens. + +![Notification Data Analysis Module SMTP properties page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/notificationanalysissmtp.webp) + +**CAUTION:** Do not make changes to the pages preceding the SMTP page. + +**Step 3 –** Use the **Next** button to navigate to the email configuration SMTP page. + +![Recipients section of SMTP properties page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp) + +**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully +qualified address) for those who are to receive this notification. Multiple addresses can be +provided. You can use the following options: + +- Add – Add an email address to the E-mail field +- Remove – Remove an email address from the Recipients list +- Combine multiple messages into single message – Sends one email for all objects in the record set + instead of one email per object to all recipients + +![Message section of SMTP properties page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp) + +**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any +parameters. Then, customize the email content in the textbox to provide an explanation of the +notification to the recipients. + +**Step 6 –** Click **Next** to save these configuration changes and navigate to the Summary page. Do +not make changes to any other pages. Click **Finish**. The Notification Data Analysis Module window +closes. + +**Step 7 –** This notification analysis task is now configured to send emails. In the Analysis +Selection view, select the task checkbox. + +**Step 8 –** Repeat this process for each desired notification analysis task. + +Configured and enabled notifications now send alerts automatically during the execution of the +2-AD_Changes Job. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/3-ad_exceptions.md b/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/3-ad_exceptions.md new file mode 100644 index 0000000000..8e4c1248fd --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/3-ad_exceptions.md @@ -0,0 +1,140 @@ +# 3-AD_Exceptions Job + +The 3-AD_Exceptions Job identifies toxic conditions that exist within Active Directory which may +leave your environment at risk or add unnecessary administrative overhead. It is dependent on +running the 1-AD_Scan Job, also located in the .Active Directory Inventory Job Group. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The 3-AD_Exceptions Job has the following configurable parameters: + +- Threshold of group members +- Threshold of nesting +- Threshold necessary to identify a stale group (0-100%) +- Whether to include disabled users that are stale +- Whether to include expired users that are stale +- Threshold for token size +- List of administrative groups + +See the +[Customize Analysis Parameters for the 3-AD_Exceptions Job](#customize-analysis-parameters-for-the-3-ad_exceptions-job) +topic for additional information. + +## Analysis Tasks for the 3-AD_Exceptions Job + +View the analysis tasks by navigating to the **.Active Directory Inventory** > **3-AD_Exceptions** > +**Configure** node and select **Analysis**. Analysis tasks with configuration parameters that define +the security concerns within them can be modified. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 3-AD_Exceptions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/exceptionsanalysis.webp) + +The following analysis tasks are selected by default: + +- Large Groups + + - Identifies groups that exceeded the defined threshold for effective group membership + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of a large group can be customized + +- Deeply Nested Groups + + - Identifies groups that exceeded the defined threshold of deep levels of membership nesting + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of a deeply nested group can be customized + +- Circular Nesting + + - Identifies groups with circular references in their effective membership + - Populates processing tables in the database for use by downstream analysis and report + generation + +- Empty Groups + + - Identifies groups with no membership + - Populates processing tables in the database for use by downstream analysis and report + generation + +- Single Member Groups + + - Identifies groups with a single direct member + - Populates processing tables in the database for use by downstream analysis and report + generation + +- Stale Users + + - Identifies user accounts that are expired, are disabled, or have exceeded the defined + threshold of inactivity + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of a stale user can be customized + +- Stale Membership + + - Identifies groups with a high percentage of effective members that are stale users + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of stale membership can be customized + +- Large Token + + - Identifies users that exceeded the defined threshold for effective membership in authorization + groups + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of a large token can be customized + +- Historical SID Tampering + + - Identifies users that have a historical SID from their current domain + - Populates processing tables in the database for use by downstream analysis and report + generation + +- Admin Historical SID + + - Identifies users that have a historical SID from an administrator account + - Populates processing tables in the database for use by downstream analysis and report + generation + - Definition of an administrator group can be customized + +- Display Exceptions View – Creates the SA_ADInventory_ExceptionsView accessible under the job’s + Results node +- Summarize Exceptions Count – Generates data used in the Exceptions report + +In addition to the tables and views created by the analysis tasks, the 3-AD_Exceptions Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------- | ---------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Exceptions Summary (A.K.A. AD Exceptions) | This report summarizes common issues with user accounts and group membership | None | This report is comprised of three elements: - Pie Chart – Displays exceptions by class - Table – Provides exceptions by count - Table – Provides details on exceptions | + +### Customize Analysis Parameters for the 3-AD_Exceptions Job + +Exception definitions that can be customized have the following default values for the customizable +parameters: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| -------------------- | --------------------------- | --------------------------------------------------- | --------------------------------------------------------------------- | +| Large Groups | @LARGE_THRESHOLD | 10 | A group object with 10 members or more | +| Deeply Nested Groups | @NESTING_THRESHOLD | 1 | A group object nested 1 level or deeper within another group object | +| Stale Users | @STALE_THRESHOLD | 60 | A user object that has been inactive for 60 days or more | +| | @INCLUDE_DISABLED | True | A user object that has been disabled | +| | @INCLUDE_EXPIRED | True | A user object that has expired | +| Stale Membership | @STALE_THRESHOLD | 10 | A group with 10% of its effective members are stale users | +| Large Token | @TOKEN_THRESHOLD | 10 | A user object with effective membership in more than 10 group objects | +| Admin Historical SID | #ADMIN_GROUPS | - Domain Admins - Enterprise Admins - Schema Admins | List of administrative groups | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions to modify the parameters. See the +[AD Exception Types Translated](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/standardtables.md#ad-exception-types-translated) +topic for an explanation of Exception Types. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.md new file mode 100644 index 0000000000..c118a5ff39 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.md @@ -0,0 +1,61 @@ +# .Active Directory Inventory Solution + +Active Directory (AD) acts as the central nervous system of any Microsoft environment and plays a +vital role in granting access to resources such as Exchange, File Systems, SharePoint, and SQL +Server. The .Active Directory Inventory Solution is designed to provide essential user, group +membership, and computer details from the targeted domains to many Access Analyzer built-in +solutions. Key information includes user status, user attributes, and group membership. The +collected data is accessed by other Access Analyzer solutions and the Netwrix Access Information +Center for analysis. + +**NOTE:** This solution is required for using the Access Information Center. + +This topic covers information on using the ADInventory Data Collector and the .Active Directory +Inventory Job Group. + +Supported Platforms + +- Windows 2003 Forest level or higher + +Permissions + +- Read access to directory tree +- List Contents & Read Property on the Deleted Objects Container + + **NOTE:** See the Microsoft + [Searching for Deleted Objects](https://technet.microsoft.com/en-us/library/cc978013.aspx) + article and the Microsoft + [Dsacls](https://technet.microsoft.com/en-us/library/cc771151(v=ws.11).aspx) article for + additional information. + +Ports + +- TCP 389 +- TCP 135-139 +- Randomly allocated high TCP ports + +Location + +The .Active Directory Inventory Solution is a core component of all Access Analyzer installations. +Typically this solution is instantiated during installation, but it can be installed from the +Instant Job Wizard. Once it has been installed into the Jobs tree, navigate to the solution: +**Jobs** > **.Active Directory Inventory**. This group has been named in such a way to keep it at +the top of the Jobs tree. + +## Jobs + +This Job Group is comprised of three jobs that collect, analyze, and report on data. The data +collection is conducted by the ADInventory Data Collector. See the +[Standard Reference Tables & Views for the ADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adinventory/standardtables.md) +topic for database table information. + +![.Active Directory Inventory Solution Overview page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.webp) + +The .Active Directory Inventory Solution has the following jobs: + +- [1-AD_Scan Job](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/1-ad_scan.md) – Collects data and generates the standard reference tables and + views +- [2-AD_Changes Job](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/2-ad_changes.md) – Analyzes the collected data to track and alert on changes + within all scanned domains that occurred since the last scan +- [3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/3-ad_exceptions.md) – Analyzes the collected data to identify security and + provisioning concerns, such as circular nesting and stale membership diff --git a/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/recommended.md b/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/recommended.md index 23ffc89697..798d36a4d5 100644 --- a/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/recommended.md @@ -55,15 +55,15 @@ Query Configuration The solution is best run with the default query configuration. However, a possible modification might be to include configurations of the scan options or additional custom attributes within the -[1-AD_Scan Job](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/1-ad-scan.md). +[1-AD_Scan Job](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/1-ad_scan.md). Analysis Configuration The solution is best run with the default analysis configuration. However, possible modifications might be to: -- Enable notification analysis tasks within the [2-AD_Changes Job](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/2-ad-changes.md) -- Customize exception analysis parameters within the [3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/3-ad-exceptions.md) +- Enable notification analysis tasks within the [2-AD_Changes Job](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/2-ad_changes.md) +- Customize exception analysis parameters within the [3-AD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/3-ad_exceptions.md) Workflow diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-brokeninheritance.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-brokeninheritance.md deleted file mode 100644 index 5bcd7c6a65..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-brokeninheritance.md +++ /dev/null @@ -1,32 +0,0 @@ -# 6.Broken Inheritance > AD_BrokenInheritance Job - -The AD_BrokenInheritance Job reports on all locations within Active Directory where inheritance is -broken within the targeted domains. - -![6.Broken Inheritance Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritancejobstree.webp) - -The AD_BrokenInheritance Job is located in the 6.Broken Inheritance Job Group. - -## Analysis Tasks for the AD_BrokenInheritance Job - -Navigate to the **Active Directory Permissions Analyzer** > **6.BrokenInheritance** > -**AD_BrokenInheritance** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_BrokenInheritance Job](/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp) - -The default analysis tasks are: - -- Broken Inheritance Details – Creates the SA_AD_BrokenInheritance_Details table accessible under - the job’s Results node -- Broken Inheritance Summary – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_BrokenInheritance Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Broken Inheritance by Domain | This report highlights instances of broken inheritance on Active Directory objects. This information is summarized by domain. | None | This report is comprised of three elements: - Bar Chart – Displays broken inheritance by domain - Table – Provides summary of broken inheritance by OU - Table – Provides details on broken inheritance | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-openaccess.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-openaccess.md deleted file mode 100644 index b5f5b3b144..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-openaccess.md +++ /dev/null @@ -1,33 +0,0 @@ -# 5.Open Access > AD_OpenAccess Job - -The AD_OpenAccess Job reports on all Active Directory permissions granting open access within the -targeted domains. Open Access can be defined as access granted to security principals such as: -Domain Users, Authenticated Users, and Everyone. - -![5.Open Access Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/openaccessjobstree.webp) - -The AD_OpenAccess Job is located in the 5.Open Access Job Group. - -## Analysis Tasks for the AD_OpenAccess Job - -Navigate to the **Active Directory Permissions Analyzer** > **5.Open Access** > **AD_OpenAccess** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_OpenAccess Job](/img/product_docs/accessanalyzer/solutions/filesystem/openaccessanalysis.webp) - -The default analysis tasks are: - -- Determine open access – Creates the SA_AD_OpenAccess_Details table accessible under the job’s - Results node -- Summarize open access by domain – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_OpenAccess Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ---------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Open Access by Domain | This report highlights instances of open access on AD objects, and summarizes open access by domain. | None | This report is comprised of three elements: - Bar Chart – Displays open access by domain - Table – Provides details on open access - Table – Provides details on open access by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-oupermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-oupermissions.md deleted file mode 100644 index 3a420b732a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-oupermissions.md +++ /dev/null @@ -1,38 +0,0 @@ -# 3.OUs > AD_OUPermissions Job - -The AD_OUPermissions job reports on all Active Directory permissions and ownership applied to -organizational unit (OU) objects within the targeted domains. - -![3.OUs Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp) - -The AD_OUPermissions job is located in the 3.OUs job group. - -## Analysis Tasks for the AD_OUPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **3.OUs** > **AD_OUPermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_OUPermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp) - -The default analysis tasks are: - -- List OU permissions – Creates the SA_AD_OUPermissions_Details table accessible under the job’s - Results node -- Summarize OU permissions – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Shadow Access OU Paths – Calculates the object location and permissions for shadow access -- OU Ownership – Lists the owners of each OU and determines if they are a non-standard owner. - Principals that are not administrators are considered non-standard owners of OU objects. Creates - the SA_AD_OUOwnership_Details table accessible under the job’s Results node. -- OU Ownership Summary – Summarizes owner type by domain - -In addition to the tables and views created by the analysis tasks, the AD_OUPermissions job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| OU Ownership | This report highlights instances where Active Directory OU objects are owned by non admin principals. This information is summarized at the domain level. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a summary of user ownership by domain - Table – Provides details of non-standard ownership | -| OU Permissions | This report highlights instances where permissions are applied to Active Directory organizational units. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays OU permissions by domain - Pie Chart – Displays OU permissions by type - Table – Provides details on OU permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-shadowaccess.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-shadowaccess.md deleted file mode 100644 index f4f08f12d9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-shadowaccess.md +++ /dev/null @@ -1,166 +0,0 @@ -# AD_ShadowAccess Job - -This job finds shadow access that leads to compromise of a domain or sensitive data. Attackers can -chain vulnerabilities to escalate privileges from a non-privileged user to administrator with only a -few steps. This job will generate the shortest path between every non-privileged user to a domain -administrative group, total domain compromise, or access to sensitive data. - -This job will analyze the following links between resources and privileges in your environment: - -- Effective Group Membership -- Modify Group Membership -- Reset User Password -- Access through adminSDHolder -- DCSync/Domain Replication privileges -- Shared passwords between domain accounts -- Groups that provide access to sensitive data -- Local administrators that can dump hashes from user sessions -- Administrative rights on SQL Servers that hold sensitive data - -The AD_ShadowAccess Job has special dependencies. See the -[Recommended Configurations for AD Permissions Analyzer Solution](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/recommended.md) topic for -additional information. - -## Analysis Tasks for the AD_ShadowAccess Job - -Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks, with the exception of the -**Calculate Shadow Access** analysis tasks. The analysis tasks are preconfigured for this job. The -**Calculate Shadow Access** analysis task is the only analysis task that has customizable -parameters. - -![Analysis Tasks for the AD_ShadowAccess Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp) - -The default analysis tasks are: - -- Shadow Access Schema – Sets up the Shadow Access Tables and Views -- Dijkstra – Creates an interim processing table in the database for use by downstream analysis and - report generation -- Path Formatting – Creates an interim processing table in the database for use by downstream - analysis and report generation -- String Split – Creates an interim processing table in the database for use by downstream analysis - and report generation -- Calculate Shadow Access – Creates the SA_ShadowAccess_Details table accessible under the job’s - Results node - - - This Analysis Task has configurable parameters. See the - [Configure the Analysis Tasks for the AD_ShadowAccess Job](#configure-the-analysis-tasks-for-the-ad_shadowaccess-job) - topic for additional information. - -- Shadow Access Paths Cleanup – Removes calculated rows that are no longer used - -In addition to the tables and views created by the analysis tasks, the AD_ShadowAccess Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Domain Shadow Access | This report will calculate the shortest path between highly sensitive privileges and non-privileged users. | None | This report is comprised of five elements: - Bar Chart – Displays summary information on targeted domain - Table – Provides details on targeted domain in table form - Table – Provides details on exploited permissions - Table – Provides details on vulnerabilities - Table – Provides details on domain users and attack paths that can be used against those domain users | -| Sensitive Data Shadow Access | This report will calculate the shortest path between highly sensitive data and non-privileged users. | None | This report is comprised of five elements: - Bar Chart – Displays summary information on sensitive data - Table – Provides details on sensitive data in table form - Table – Provides details on exploited permissions - Table – Provides details on vulnerabilities - Table – Provides details on domain users and attack paths that can be used against those domain users | - -See the -[Report Functions for the AD_ShadowAccess Job](#report-functions-for-the-ad_shadowaccess-job) topic -for additional information. - -### Customizable Analysis Tasks for the AD_ShadowAccess Job - -The default values for customizable parameters are: - -| Analysis Task | Customizable Parameter Name | Default Value | Instruction | -| ------------------------ | --------------------------- | ----------------------------------------------------- | ------------------------------------- | -| Calculate Shadow Access | @session | 1 | Set to 0 to turn off Session Analysis | -| @shared_password | 0 | Set to 0 to turn of Shared Password Analysis | | -| @modify_group_membership | 1 | Set to 0 to turn off Modify Group Membership analysis | | -| @sensitive_data | 1 | Set to 0 to ignore sensitive data attacks | | -| @dcsync | 1 | Set to 0 to ignore dcsync rights | | -| @sdholder | 1 | Set to 0 to ignore sdadminholder | | -| @disabled | 0 | Set to 0 to ignore disabled users | | - -See the -[Configure the Analysis Tasks for the AD_ShadowAccess Job](#configure-the-analysis-tasks-for-the-ad_shadowaccess-job) -topic for additional information. - -### Configure the Analysis Tasks for the AD_ShadowAccess Job - -Customizable parameters enable Access Analyzer users to set the values used to classify user and -group objects during this job’s analysis. The parameters can be customized and are listed in a -section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s -parameters. - -**Step 1 –** Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > -**Configure** node and select **Analysis** to view analysis tasks. - -![Configure Calculate Shadow Access task from Analysis Selection view](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp) - -**Step 2 –** In the Analysis Selection view, select the **Calculate Shadow Access** analysis task, -then click **Analysis Configuration**. The SQL Script Editor opens. - -![SQL Script Editor](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp) - -**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. -Double-click on the current value and change as desired. - -- If the variable type is a table, select the cell and click **Edit Table** to modify the value. - -**CAUTION:** Do not change any parameters where the Value states `Created during execution`. - -**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor -window. - -The customizable analysis task parameters are now configured and ready to run. - -### Report Functions for the AD_ShadowAccess Job - -The reports generated by the AD_ShadowAccess Job presents users with an overview of vulnerabilities -and attack paths within the targeted environments. - -![Shadow Access reports in the job's Results node](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp) - -Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > **Results** node -to view the AD_ShadowAccess job reports. - -**NOTE:** These reports can also be accessed through the Web Console. See the -[Viewing Generated Reports](/docs/accessanalyzer/12.0/reporting/view.md) topic for additional information. - -![Exploited Permissions and Vulnerabilities on Shadow Access reports](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp) - -The Domain Shadow Access and Sensitive Data Shadow Access reports provide information on the -exploited permissions and vulnerabilities that can be used as attack paths for shadow access to -domain and sensitive data. - -- Exploited Permissions – Displays summary information of the types of permissions that can be - exploited by shadow attacks and the number of occurrences of those permissions -- Vulnerabilities – Displays summary information of the vulnerabilities that were detected and the - number of occurrences of those vulnerabilities - -![Report element displaying information on potential attack paths for users found in the targeted domain](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp) - -The last report element displays information on potential attack paths for users found in the -targeted domain. Clicking on the green plus sign next to an attack path will open an Attack Path -window that displays a step-by-step process of how a user object, if compromised, can be used to -conduct a shadow attack. - -![Attack Path window example](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp) - -The Attack Path window displays how a user object can be used in a shadow attack. - -- Example: - - - The `Everyone` principle has the rights to reset the password of `LSA` - - `LSA` can modify group membership of `Domain Admins` - - The Attack Path window reveals that every user in the domain is effectively a Domain Admin - -![Attack Path window example](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp) - -The number of objects and the direction of the arrows can change depending on the attack path and -related elements. - -- Example: - - - The `testgroupuser10` user object is a Local Admin on the `TESTS` server - - A user object that has a session on the `TESTS` server is a member of the `Domain Admins` - group - - If the `testgroupuser10` user object becomes compromised, an attacker can scrape the password - hash on a user object’s local session on `TESTS` that also is a member of `Domain Admins` and - become a Domain Admin itself diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_brokeninheritance.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_brokeninheritance.md new file mode 100644 index 0000000000..572d88570a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_brokeninheritance.md @@ -0,0 +1,32 @@ +# 6.Broken Inheritance > AD_BrokenInheritance Job + +The AD_BrokenInheritance Job reports on all locations within Active Directory where inheritance is +broken within the targeted domains. + +![6.Broken Inheritance Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/brokeninheritancejobstree.webp) + +The AD_BrokenInheritance Job is located in the 6.Broken Inheritance Job Group. + +## Analysis Tasks for the AD_BrokenInheritance Job + +Navigate to the **Active Directory Permissions Analyzer** > **6.BrokenInheritance** > +**AD_BrokenInheritance** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_BrokenInheritance Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/brokeninheritanceanalysis.webp) + +The default analysis tasks are: + +- Broken Inheritance Details – Creates the SA_AD_BrokenInheritance_Details table accessible under + the job’s Results node +- Broken Inheritance Summary – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_BrokenInheritance Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Broken Inheritance by Domain | This report highlights instances of broken inheritance on Active Directory objects. This information is summarized by domain. | None | This report is comprised of three elements: - Bar Chart – Displays broken inheritance by domain - Table – Provides summary of broken inheritance by OU - Table – Provides details on broken inheritance | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_openaccess.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_openaccess.md new file mode 100644 index 0000000000..3675bdebfc --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_openaccess.md @@ -0,0 +1,33 @@ +# 5.Open Access > AD_OpenAccess Job + +The AD_OpenAccess Job reports on all Active Directory permissions granting open access within the +targeted domains. Open Access can be defined as access granted to security principals such as: +Domain Users, Authenticated Users, and Everyone. + +![5.Open Access Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/openaccessjobstree.webp) + +The AD_OpenAccess Job is located in the 5.Open Access Job Group. + +## Analysis Tasks for the AD_OpenAccess Job + +Navigate to the **Active Directory Permissions Analyzer** > **5.Open Access** > **AD_OpenAccess** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_OpenAccess Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/openaccessanalysis.webp) + +The default analysis tasks are: + +- Determine open access – Creates the SA_AD_OpenAccess_Details table accessible under the job’s + Results node +- Summarize open access by domain – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_OpenAccess Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ---------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Open Access by Domain | This report highlights instances of open access on AD objects, and summarizes open access by domain. | None | This report is comprised of three elements: - Bar Chart – Displays open access by domain - Table – Provides details on open access - Table – Provides details on open access by domain | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_oupermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_oupermissions.md new file mode 100644 index 0000000000..7b7ecafd89 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_oupermissions.md @@ -0,0 +1,38 @@ +# 3.OUs > AD_OUPermissions Job + +The AD_OUPermissions job reports on all Active Directory permissions and ownership applied to +organizational unit (OU) objects within the targeted domains. + +![3.OUs Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp) + +The AD_OUPermissions job is located in the 3.OUs job group. + +## Analysis Tasks for the AD_OUPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **3.OUs** > **AD_OUPermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_OUPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp) + +The default analysis tasks are: + +- List OU permissions – Creates the SA_AD_OUPermissions_Details table accessible under the job’s + Results node +- Summarize OU permissions – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Shadow Access OU Paths – Calculates the object location and permissions for shadow access +- OU Ownership – Lists the owners of each OU and determines if they are a non-standard owner. + Principals that are not administrators are considered non-standard owners of OU objects. Creates + the SA_AD_OUOwnership_Details table accessible under the job’s Results node. +- OU Ownership Summary – Summarizes owner type by domain + +In addition to the tables and views created by the analysis tasks, the AD_OUPermissions job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| OU Ownership | This report highlights instances where Active Directory OU objects are owned by non admin principals. This information is summarized at the domain level. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a summary of user ownership by domain - Table – Provides details of non-standard ownership | +| OU Permissions | This report highlights instances where permissions are applied to Active Directory organizational units. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays OU permissions by domain - Pie Chart – Displays OU permissions by type - Table – Provides details on OU permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md new file mode 100644 index 0000000000..933f45ab5e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md @@ -0,0 +1,166 @@ +# AD_ShadowAccess Job + +This job finds shadow access that leads to compromise of a domain or sensitive data. Attackers can +chain vulnerabilities to escalate privileges from a non-privileged user to administrator with only a +few steps. This job will generate the shortest path between every non-privileged user to a domain +administrative group, total domain compromise, or access to sensitive data. + +This job will analyze the following links between resources and privileges in your environment: + +- Effective Group Membership +- Modify Group Membership +- Reset User Password +- Access through adminSDHolder +- DCSync/Domain Replication privileges +- Shared passwords between domain accounts +- Groups that provide access to sensitive data +- Local administrators that can dump hashes from user sessions +- Administrative rights on SQL Servers that hold sensitive data + +The AD_ShadowAccess Job has special dependencies. See the +[Recommended Configurations for AD Permissions Analyzer Solution](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/recommended.md) topic for +additional information. + +## Analysis Tasks for the AD_ShadowAccess Job + +Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks, with the exception of the +**Calculate Shadow Access** analysis tasks. The analysis tasks are preconfigured for this job. The +**Calculate Shadow Access** analysis task is the only analysis task that has customizable +parameters. + +![Analysis Tasks for the AD_ShadowAccess Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp) + +The default analysis tasks are: + +- Shadow Access Schema – Sets up the Shadow Access Tables and Views +- Dijkstra – Creates an interim processing table in the database for use by downstream analysis and + report generation +- Path Formatting – Creates an interim processing table in the database for use by downstream + analysis and report generation +- String Split – Creates an interim processing table in the database for use by downstream analysis + and report generation +- Calculate Shadow Access – Creates the SA_ShadowAccess_Details table accessible under the job’s + Results node + + - This Analysis Task has configurable parameters. See the + [Configure the Analysis Tasks for the AD_ShadowAccess Job](#configure-the-analysis-tasks-for-the-ad_shadowaccess-job) + topic for additional information. + +- Shadow Access Paths Cleanup – Removes calculated rows that are no longer used + +In addition to the tables and views created by the analysis tasks, the AD_ShadowAccess Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Domain Shadow Access | This report will calculate the shortest path between highly sensitive privileges and non-privileged users. | None | This report is comprised of five elements: - Bar Chart – Displays summary information on targeted domain - Table – Provides details on targeted domain in table form - Table – Provides details on exploited permissions - Table – Provides details on vulnerabilities - Table – Provides details on domain users and attack paths that can be used against those domain users | +| Sensitive Data Shadow Access | This report will calculate the shortest path between highly sensitive data and non-privileged users. | None | This report is comprised of five elements: - Bar Chart – Displays summary information on sensitive data - Table – Provides details on sensitive data in table form - Table – Provides details on exploited permissions - Table – Provides details on vulnerabilities - Table – Provides details on domain users and attack paths that can be used against those domain users | + +See the +[Report Functions for the AD_ShadowAccess Job](#report-functions-for-the-ad_shadowaccess-job) topic +for additional information. + +### Customizable Analysis Tasks for the AD_ShadowAccess Job + +The default values for customizable parameters are: + +| Analysis Task | Customizable Parameter Name | Default Value | Instruction | +| ------------------------ | --------------------------- | ----------------------------------------------------- | ------------------------------------- | +| Calculate Shadow Access | @session | 1 | Set to 0 to turn off Session Analysis | +| @shared_password | 0 | Set to 0 to turn of Shared Password Analysis | | +| @modify_group_membership | 1 | Set to 0 to turn off Modify Group Membership analysis | | +| @sensitive_data | 1 | Set to 0 to ignore sensitive data attacks | | +| @dcsync | 1 | Set to 0 to ignore dcsync rights | | +| @sdholder | 1 | Set to 0 to ignore sdadminholder | | +| @disabled | 0 | Set to 0 to ignore disabled users | | + +See the +[Configure the Analysis Tasks for the AD_ShadowAccess Job](#configure-the-analysis-tasks-for-the-ad_shadowaccess-job) +topic for additional information. + +### Configure the Analysis Tasks for the AD_ShadowAccess Job + +Customizable parameters enable Access Analyzer users to set the values used to classify user and +group objects during this job’s analysis. The parameters can be customized and are listed in a +section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s +parameters. + +**Step 1 –** Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > +**Configure** node and select **Analysis** to view analysis tasks. + +![Configure Calculate Shadow Access task from Analysis Selection view](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp) + +**Step 2 –** In the Analysis Selection view, select the **Calculate Shadow Access** analysis task, +then click **Analysis Configuration**. The SQL Script Editor opens. + +![SQL Script Editor](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp) + +**Step 3 –** In the parameters section at the bottom of the editor, find the Value column. +Double-click on the current value and change as desired. + +- If the variable type is a table, select the cell and click **Edit Table** to modify the value. + +**CAUTION:** Do not change any parameters where the Value states `Created during execution`. + +**Step 4 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor +window. + +The customizable analysis task parameters are now configured and ready to run. + +### Report Functions for the AD_ShadowAccess Job + +The reports generated by the AD_ShadowAccess Job presents users with an overview of vulnerabilities +and attack paths within the targeted environments. + +![Shadow Access reports in the job's Results node](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp) + +Navigate to the **Active Directory Permissions Analyzer** > **AD_ShadowAccess** > **Results** node +to view the AD_ShadowAccess job reports. + +**NOTE:** These reports can also be accessed through the Web Console. See the +[Viewing Generated Reports](/docs/accessanalyzer/12.0/admin/report/view.md) topic for additional information. + +![Exploited Permissions and Vulnerabilities on Shadow Access reports](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp) + +The Domain Shadow Access and Sensitive Data Shadow Access reports provide information on the +exploited permissions and vulnerabilities that can be used as attack paths for shadow access to +domain and sensitive data. + +- Exploited Permissions – Displays summary information of the types of permissions that can be + exploited by shadow attacks and the number of occurrences of those permissions +- Vulnerabilities – Displays summary information of the vulnerabilities that were detected and the + number of occurrences of those vulnerabilities + +![Report element displaying information on potential attack paths for users found in the targeted domain](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp) + +The last report element displays information on potential attack paths for users found in the +targeted domain. Clicking on the green plus sign next to an attack path will open an Attack Path +window that displays a step-by-step process of how a user object, if compromised, can be used to +conduct a shadow attack. + +![Attack Path window example](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp) + +The Attack Path window displays how a user object can be used in a shadow attack. + +- Example: + + - The `Everyone` principle has the rights to reset the password of `LSA` + - `LSA` can modify group membership of `Domain Admins` + - The Attack Path window reveals that every user in the domain is effectively a Domain Admin + +![Attack Path window example](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp) + +The number of objects and the direction of the arrows can change depending on the attack path and +related elements. + +- Example: + + - The `testgroupuser10` user object is a Local Admin on the `TESTS` server + - A user object that has a session on the `TESTS` server is a member of the `Domain Admins` + group + - If the `testgroupuser10` user object becomes compromised, an attacker can scrape the password + hash on a user object’s local session on `TESTS` that also is a member of `Domain Admins` and + become a Domain Admin itself diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-certificaterights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-certificaterights.md deleted file mode 100644 index b337b3e8e5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-certificaterights.md +++ /dev/null @@ -1,32 +0,0 @@ -# AD_CertificateRights Job - -The AD_CertificateRights job collects all Active Directory permissions applied to certificate -objects within the targeted domains. - -## Query for the AD_CertificateRights Job - -The AD_CertificateRights job uses the ADPermissions data collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_CertificateRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsquery.webp) - -- Certificate Template Permissions – Collects certificate templates from Active Directory - - - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md) - topic for additional information - -## Analysis Tasks for the AD_CertificateRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > -**AD_CertificateRights** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_CertificateRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsanalysis.webp) - -- Certificate Rights View – Creates the SA_AD_CertificateRights_Details_PermissionsView visible - under the job’s Results node -- AIC Certificate Permissions Import – Creates an interim processing table in the database for use - by downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-computerrights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-computerrights.md deleted file mode 100644 index f3e3914dc3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-computerrights.md +++ /dev/null @@ -1,32 +0,0 @@ -# AD_ComputerRights Job - -The AD_ComputerRights Job provides data collection to identify permissions applied to computers in -Active Directory. - -## Query for the AD_ComputerRights Job - -The AD_ComputerRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_ComputerRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp) - -- Computer Access Permissions – Returns computer access permission - - - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md) - topic for additional information - -## Analysis Tasks for the AD_ComputerRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > -**AD_ComputerRights** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the AD_ComputerRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp) - -- Computer Rights View – Creates the SA_AD_ComputerRights_Details_PermissionsView visible under the - job’s Results node -- AIC computer permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-containerrights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-containerrights.md deleted file mode 100644 index 8a009871af..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-containerrights.md +++ /dev/null @@ -1,34 +0,0 @@ -# AD_ContainerRights Job - -The AD_ContainerRights Job provides data collection to identify permissions applied to Containers in -Active Directory. - -## Query for the AD_ContainerRights Job - -The AD_ContainerRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_ContainerRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp) - -- Container Access Permissions – Returns containers under the given scope - - - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md) - topic for additional information - -## Analysis Tasks for the AD_ContainerRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > -**AD_ContainerRights** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ContainerRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp) - -The default analysis tasks are: - -- Container Rights View – Creates the SA_AD_ContainerRights_Details_PermissionsView visible under - the job’s Results node -- AIC container permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-domainrights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-domainrights.md deleted file mode 100644 index 598a4bfe2c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-domainrights.md +++ /dev/null @@ -1,34 +0,0 @@ -# AD_DomainRights Job - -The AD_DomainRights Job provides data collection to identify permissions applied to Domains in -Active Directory. - -## Query for the AD_DomainRights Job - -The AD_DomainRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_DomainRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp) - -- Domain Access Permissions – Returns domain access permissions - - - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md) - topic for additional information - -## Analysis Tasks for the AD_DomainRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_DomainRights** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DomainRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp) - -The default analysis tasks are: - -- Domain Rights View – Creates the SA_AD_DomainRights_Details_PermissionsView visible under the - job’s Results node -- AIC domain permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-grouprights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-grouprights.md deleted file mode 100644 index 27cbd4e73c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-grouprights.md +++ /dev/null @@ -1,34 +0,0 @@ -# AD_GroupRights Job - -The AD_GroupRights Job provides data collection to identify permissions applied to groups in Active -Directory. - -## Query for the AD_GroupRights Job - -The AD_GroupRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_GroupRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp) - -- Group Access Permissions – Returns group access permissions - - - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md) - topic for additional information - -## Analysis Tasks for the AD_GroupRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_GroupRights** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp) - -The default analysis tasks are: - -- Group Rights View – Creates the SA_AD_GroupRights_Details_PermissionsView visible under the job’s - Results node -- AIC group permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-ourights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-ourights.md deleted file mode 100644 index 4f14958319..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-ourights.md +++ /dev/null @@ -1,34 +0,0 @@ -# AD_OURights Job - -The AD_OURights Job provides data collection to identify permissions applied to organizational units -in Active Directory. - -## Query for the AD_OURights Job - -The AD_OURights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_OURights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp) - -- OU Access Permissions – Returns organizational unit permissions - - - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md) - topic for additional information - -## Analysis Tasks for the AD_OURights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_OURights** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_OURights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp) - -The default analysis tasks are: - -- OU Rights View – Creates the SA_AD_OURights_Details_PermissionsView visible under the job’s - Results node -- AIC OU permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-siterights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-siterights.md deleted file mode 100644 index 5843c6134d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-siterights.md +++ /dev/null @@ -1,34 +0,0 @@ -# AD_SiteRights Job - -The AD_SiteRights Job provides data collection to identify permissions applied to sites in Active -Directory. - -## Query for the AD_SiteRights Job - -The AD_SiteRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_SiteRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp) - -- Site Access Permissions – Returns site permissions - - - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md) - topic for additional information - -## Analysis Tasks for the AD_SiteRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_SiteRights** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_SiteRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp) - -The default analysis tasks are: - -- Site Rights View – Creates the SA_AD_SiteRights_Details_PermissionsView visible under the job’s - Results node -- AIC Site Permissions Import – Creates an interim processing table in the database for use by - downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-userrights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-userrights.md deleted file mode 100644 index 3cbaecbb1f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-userrights.md +++ /dev/null @@ -1,34 +0,0 @@ -# AD_UserRights Job - -The AD_UserRights Job provides data collection to identify permissions applied to users in Active -Directory. - -## Query for the AD_UserRights Job - -The AD_UserRights Job uses the ADPermissions Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the AD_UserRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp) - -- User Access Permissions – Returns user permissions - - - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/data-collection/ad-permissions/overview.md) - topic for additional information - -## Analysis Tasks for the AD_UserRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_UserRights** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_UserRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp) - -The default analysis tasks are: - -- User Rights View – Creates the SA_AD_UserRights_Details_PermissionsView visible under the job’s - Results node -- AIC user permissions import – Creates an interim processing table in the database for use by - downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_certificaterights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_certificaterights.md new file mode 100644 index 0000000000..e88d217e4b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_certificaterights.md @@ -0,0 +1,32 @@ +# AD_CertificateRights Job + +The AD_CertificateRights job collects all Active Directory permissions applied to certificate +objects within the targeted domains. + +## Query for the AD_CertificateRights Job + +The AD_CertificateRights job uses the ADPermissions data collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_CertificateRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsquery.webp) + +- Certificate Template Permissions – Collects certificate templates from Active Directory + + - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_CertificateRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > +**AD_CertificateRights** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_CertificateRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsanalysis.webp) + +- Certificate Rights View – Creates the SA_AD_CertificateRights_Details_PermissionsView visible + under the job’s Results node +- AIC Certificate Permissions Import – Creates an interim processing table in the database for use + by downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_computerrights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_computerrights.md new file mode 100644 index 0000000000..560e9252c3 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_computerrights.md @@ -0,0 +1,32 @@ +# AD_ComputerRights Job + +The AD_ComputerRights Job provides data collection to identify permissions applied to computers in +Active Directory. + +## Query for the AD_ComputerRights Job + +The AD_ComputerRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_ComputerRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp) + +- Computer Access Permissions – Returns computer access permission + + - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_ComputerRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > +**AD_ComputerRights** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the AD_ComputerRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp) + +- Computer Rights View – Creates the SA_AD_ComputerRights_Details_PermissionsView visible under the + job’s Results node +- AIC computer permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_containerrights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_containerrights.md new file mode 100644 index 0000000000..23877b83d0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_containerrights.md @@ -0,0 +1,34 @@ +# AD_ContainerRights Job + +The AD_ContainerRights Job provides data collection to identify permissions applied to Containers in +Active Directory. + +## Query for the AD_ContainerRights Job + +The AD_ContainerRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_ContainerRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp) + +- Container Access Permissions – Returns containers under the given scope + + - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_ContainerRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > +**AD_ContainerRights** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ContainerRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp) + +The default analysis tasks are: + +- Container Rights View – Creates the SA_AD_ContainerRights_Details_PermissionsView visible under + the job’s Results node +- AIC container permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_domainrights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_domainrights.md new file mode 100644 index 0000000000..486e4bb190 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_domainrights.md @@ -0,0 +1,34 @@ +# AD_DomainRights Job + +The AD_DomainRights Job provides data collection to identify permissions applied to Domains in +Active Directory. + +## Query for the AD_DomainRights Job + +The AD_DomainRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_DomainRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp) + +- Domain Access Permissions – Returns domain access permissions + + - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_DomainRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_DomainRights** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DomainRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp) + +The default analysis tasks are: + +- Domain Rights View – Creates the SA_AD_DomainRights_Details_PermissionsView visible under the + job’s Results node +- AIC domain permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_grouprights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_grouprights.md new file mode 100644 index 0000000000..d9951747ab --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_grouprights.md @@ -0,0 +1,34 @@ +# AD_GroupRights Job + +The AD_GroupRights Job provides data collection to identify permissions applied to groups in Active +Directory. + +## Query for the AD_GroupRights Job + +The AD_GroupRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_GroupRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp) + +- Group Access Permissions – Returns group access permissions + + - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_GroupRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_GroupRights** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp) + +The default analysis tasks are: + +- Group Rights View – Creates the SA_AD_GroupRights_Details_PermissionsView visible under the job’s + Results node +- AIC group permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_ourights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_ourights.md new file mode 100644 index 0000000000..243eb857b4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_ourights.md @@ -0,0 +1,34 @@ +# AD_OURights Job + +The AD_OURights Job provides data collection to identify permissions applied to organizational units +in Active Directory. + +## Query for the AD_OURights Job + +The AD_OURights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_OURights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp) + +- OU Access Permissions – Returns organizational unit permissions + + - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_OURights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_OURights** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_OURights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp) + +The default analysis tasks are: + +- OU Rights View – Creates the SA_AD_OURights_Details_PermissionsView visible under the job’s + Results node +- AIC OU permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_siterights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_siterights.md new file mode 100644 index 0000000000..35209b6019 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_siterights.md @@ -0,0 +1,34 @@ +# AD_SiteRights Job + +The AD_SiteRights Job provides data collection to identify permissions applied to sites in Active +Directory. + +## Query for the AD_SiteRights Job + +The AD_SiteRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_SiteRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp) + +- Site Access Permissions – Returns site permissions + + - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_SiteRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_SiteRights** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_SiteRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp) + +The default analysis tasks are: + +- Site Rights View – Creates the SA_AD_SiteRights_Details_PermissionsView visible under the job’s + Results node +- AIC Site Permissions Import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_userrights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_userrights.md new file mode 100644 index 0000000000..7ab8d2e722 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_userrights.md @@ -0,0 +1,34 @@ +# AD_UserRights Job + +The AD_UserRights Job provides data collection to identify permissions applied to users in Active +Directory. + +## Query for the AD_UserRights Job + +The AD_UserRights Job uses the ADPermissions Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the AD_UserRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp) + +- User Access Permissions – Returns user permissions + + - See the [ADPermissions Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/adpermissions/overview.md) + topic for additional information + +## Analysis Tasks for the AD_UserRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **0.Collection** > **AD_UserRights** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_UserRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp) + +The default analysis tasks are: + +- User Rights View – Creates the SA_AD_UserRights_Details_PermissionsView visible under the job’s + Results node +- AIC user permissions import – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/overview.md index caafb302b0..7ffa0f3473 100644 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/overview.md @@ -4,23 +4,23 @@ The 0.Collection job group collects data on permissions applied to certificates, organizational units, and users. It is dependent on data collected by the .Active Directory Inventory job group. The jobs which comprise the 0.Collection job group process analysis tasks. -![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/jobstree.webp) The jobs in the 0.Collection job group are: -- [AD_CertificateRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-certificaterights.md) – Collects all Active Directory permissions +- [AD_CertificateRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_certificaterights.md) – Collects all Active Directory permissions applied to certificate objects within the targeted domains -- [AD_ComputerRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-computerrights.md) – Collects all Active Directory permissions applied +- [AD_ComputerRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_computerrights.md) – Collects all Active Directory permissions applied to computer objects within the targeted domains -- [AD_ContainerRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-containerrights.md) – Collects all Active Directory permissions +- [AD_ContainerRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_containerrights.md) – Collects all Active Directory permissions applied to container objects within the targeted domains -- [AD_DomainRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-domainrights.md) – Collects all Active Directory permissions applied to +- [AD_DomainRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_domainrights.md) – Collects all Active Directory permissions applied to domain objects within the targeted domains -- [AD_GroupRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-grouprights.md) – Collects all Active Directory permissions applied to +- [AD_GroupRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_grouprights.md) – Collects all Active Directory permissions applied to group objects within the targeted domains -- [AD_OURights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-ourights.md) – Collects all Active Directory permissions applied to group +- [AD_OURights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_ourights.md) – Collects all Active Directory permissions applied to group objects within the targeted domains -- [AD_SiteRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-siterights.md) – Collects all Active Directory permissions applied to site +- [AD_SiteRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_siterights.md) – Collects all Active Directory permissions applied to site objects within the targeted domains -- [AD_UserRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad-userrights.md) – Collects all Active Directory permissions applied to user +- [AD_UserRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ad_userrights.md) – Collects all Active Directory permissions applied to user objects within the targeted domains diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad-computerpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad-computerpermissions.md deleted file mode 100644 index 59dcda4136..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad-computerpermissions.md +++ /dev/null @@ -1,34 +0,0 @@ -# AD_ComputerPermissions Job - -The AD_ComputerPermissions job reports on all Active Directory permissions and ownership applied to -computer objects within the targeted domains. - -## Analysis Tasks for the AD_ComputerPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **4.Computers** > -**AD_ComputerPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ComputerPermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp) - -The default analysis tasks are: - -- List computer object permissions – Creates the SA_AD_ComputerPermissions_Details table accessible - under the job’s Results node -- Summarize computer object permissions – Creates an interim processing table in the database for - use by downstream analysis and report generation -- Computer Ownership – Lists the owners of each computer object and determines if they are a - non-standard owner. Users that are not administrators are considered non-standard owners of - computer objects. Creates the SA_AD_ComputerOwnership_Details table accessible under the job’s - Results node. -- Computer Ownership Summary – Summarizes owner type by domain - -In addition to the tables and views created by the analysis tasks, the AD_ComputerPermissions job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Computer Ownership | This report highlights instances where Active Directory computer objects are owned by non admin principals. This information is summarized at the domain level. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a summary of computer ownership by domain - Table – Provides details on non-standard computer owners | -| Computer Permissions | This report highlights instances where permissions are applied to Active Directory computer objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays computer permissions by domain - Pie Chart – Displays computer permissions by type - Table – Provides details on computer permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad-lapspermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad-lapspermissions.md deleted file mode 100644 index 5fa7bcf48e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad-lapspermissions.md +++ /dev/null @@ -1,30 +0,0 @@ -# AD_LAPSPermissions Job - -The AD_LAPSPermissions Job identifies Active Directory objects that have access to LAPS attributes -and access to computer objects that may lead to unintended access to LAPS attributes. - -## Analysis Tasks for the AD_LAPSPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **4.Computers** > -**AD_LAPSPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_LAPSPermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp) - -The default analysis tasks are: - -- LAPS Permissions – Identifies potential indirect LAPS permissions. Creates the - SA_AD_LAPSPermissions_Results table accessible under the job’s Results node. -- LAPS Attribute Permissions – Identifies permissions on the LAPS attributes in Active Directory for - each computer. Creates the SA_AD_LAPSPermissions_Attributes table accessible under the job’s - Results node. - -In addition to the tables and views created by the analysis tasks, the AD_LAPSPermissions Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| LAPS Attributes | Identify Active Directory objects that have access to LAPS attributes on Computers within your organization. | None | This report is comprised of three elements: - Pie Chart – Displays top attribute permissions by trustee - Table – Provides details on attribute permissions by trustee - Table – Provides details on attributes | -| LAPS Permissions | Identify Active Directory objects that have access to computers objects within your organization that may lead to indirect access to LAPS attributes. | None | This report is comprised of three elements: - Bar Chart – Displays LAPS permissions by domain - Pie Chart – Displays LAPS permissions by type - Table – Provides details on LAPS permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad_computerpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad_computerpermissions.md new file mode 100644 index 0000000000..0f06a2dbc7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad_computerpermissions.md @@ -0,0 +1,34 @@ +# AD_ComputerPermissions Job + +The AD_ComputerPermissions job reports on all Active Directory permissions and ownership applied to +computer objects within the targeted domains. + +## Analysis Tasks for the AD_ComputerPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **4.Computers** > +**AD_ComputerPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ComputerPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp) + +The default analysis tasks are: + +- List computer object permissions – Creates the SA_AD_ComputerPermissions_Details table accessible + under the job’s Results node +- Summarize computer object permissions – Creates an interim processing table in the database for + use by downstream analysis and report generation +- Computer Ownership – Lists the owners of each computer object and determines if they are a + non-standard owner. Users that are not administrators are considered non-standard owners of + computer objects. Creates the SA_AD_ComputerOwnership_Details table accessible under the job’s + Results node. +- Computer Ownership Summary – Summarizes owner type by domain + +In addition to the tables and views created by the analysis tasks, the AD_ComputerPermissions job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Computer Ownership | This report highlights instances where Active Directory computer objects are owned by non admin principals. This information is summarized at the domain level. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a summary of computer ownership by domain - Table – Provides details on non-standard computer owners | +| Computer Permissions | This report highlights instances where permissions are applied to Active Directory computer objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays computer permissions by domain - Pie Chart – Displays computer permissions by type - Table – Provides details on computer permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad_lapspermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad_lapspermissions.md new file mode 100644 index 0000000000..1b382342dc --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad_lapspermissions.md @@ -0,0 +1,30 @@ +# AD_LAPSPermissions Job + +The AD_LAPSPermissions Job identifies Active Directory objects that have access to LAPS attributes +and access to computer objects that may lead to unintended access to LAPS attributes. + +## Analysis Tasks for the AD_LAPSPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **4.Computers** > +**AD_LAPSPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_LAPSPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp) + +The default analysis tasks are: + +- LAPS Permissions – Identifies potential indirect LAPS permissions. Creates the + SA_AD_LAPSPermissions_Results table accessible under the job’s Results node. +- LAPS Attribute Permissions – Identifies permissions on the LAPS attributes in Active Directory for + each computer. Creates the SA_AD_LAPSPermissions_Attributes table accessible under the job’s + Results node. + +In addition to the tables and views created by the analysis tasks, the AD_LAPSPermissions Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| LAPS Attributes | Identify Active Directory objects that have access to LAPS attributes on Computers within your organization. | None | This report is comprised of three elements: - Pie Chart – Displays top attribute permissions by trustee - Table – Provides details on attribute permissions by trustee - Table – Provides details on attributes | +| LAPS Permissions | Identify Active Directory objects that have access to computers objects within your organization that may lead to indirect access to LAPS attributes. | None | This report is comprised of three elements: - Bar Chart – Displays LAPS permissions by domain - Pie Chart – Displays LAPS permissions by type - Table – Provides details on LAPS permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/overview.md index b80e3d0859..7b7db49c6a 100644 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/overview.md +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/overview.md @@ -3,12 +3,12 @@ The 4.Computers Job Group reports on all Active Directory permissions applied to computer objects within the targeted domains. -![4.Computers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![4.Computers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/jobstree.webp) The jobs in the 4.Computers Job Group are: -- [AD_ComputerPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad-computerpermissions.md) – Reports on all Active Directory +- [AD_ComputerPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad_computerpermissions.md) – Reports on all Active Directory permissions applied to computer objects within the targeted domains -- [AD_LAPSPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad-lapspermissions.md) – Identifies Active Directory objects that have +- [AD_LAPSPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/ad_lapspermissions.md) – Identifies Active Directory objects that have access to LAPS attributes and access to computer objects that may lead to unintended access to LAPS attributes diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad-adminsdholder.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad-adminsdholder.md deleted file mode 100644 index 3727024367..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad-adminsdholder.md +++ /dev/null @@ -1,42 +0,0 @@ -# AD_AdminSDHolder Job - -The AD_AdminSDHolder Job is comprised of analysis tasks and reports which use the data collected by -the 0.Collection Job Group to provide information on permissions applied to the AdminSDHolder -Container in Active Directory. - -## Queries for the AD_AdminSDHolder Job - -The AD_AdminSDHolder Job uses the PowerShell Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Queries for the AD_AdminSDHolder Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp) - -- Default AdminSDHolder Perms – Creates a table of default AdminSDHolder permissions - - - See the [PowerShell Data Collector](/docs/accessanalyzer/12.0/data-collection/powershell/overview.md) topic - for additional information - -## Analysis Tasks for the AD_AdminSDHolder Job - -Navigate to the **Active Directory Permissions Analyzer** > **7.Containers** > -**AD_AdminSDHolder** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_AdminSDHolder Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp) - -The default analysis tasks are: - -- Determine AdminSDHolder permissions – Creates the SA_AD_AdminSDHolder_Details table accessible - under the job’s Results node -- Summarize AdminSDHolder permissions – Creates the SA_AD_AdminSDHolder_DomainSummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_AdminSDHolder Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| AdminSDHolder Permissions | This report highlights suspicious (non-default) permissions applied to the AdminSDHolder container across all audited domains, and enumerates all AdminSDHolder permissions. For more information on vulnerabilities involving AdminSDHolder access, see the Microsoft [AdminSDHolder, Protected Groups and SDPROP](https://technet.microsoft.com/en-us/library/2009.09.sdadminholder.aspx) article. | None | This report is comprised of three elements: - Bar Chart – Displays suspicious AdminSDHolder permissions by domain - Table – Provides details on AdminSDHolder permissions - Table – Provides details on top users by suspicious AdminSDHolder permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad-containerpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad-containerpermissions.md deleted file mode 100644 index 2dad8a2733..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad-containerpermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# AD_ContainerPermissions Job - -The AD_ContainerPermissions Job is responsible for reporting on all Active Directory permissions -applied to container objects within the targeted domains. - -## Analysis Tasks for the AD_ContainerPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **7.Containers** > -**AD_ContainerPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ContainerPermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp) - -The default analysis tasks are: - -- List container object permissions – Creates the SA_AD_ContainerPermissions_Details table - accessible under the job’s Results node -- Summarize container object permissions – Creates the SA_AD_ContainerPermissions_DomainSummary - table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_ContainerPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Container Permissions | This report highlights instances where permissions are applied to Active Directory container objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays container permissions by domain - Pie Chart – Provides details on enterprise container permissions by type - Table – Provides details on container permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad_adminsdholder.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad_adminsdholder.md new file mode 100644 index 0000000000..bbd70ee5ac --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad_adminsdholder.md @@ -0,0 +1,42 @@ +# AD_AdminSDHolder Job + +The AD_AdminSDHolder Job is comprised of analysis tasks and reports which use the data collected by +the 0.Collection Job Group to provide information on permissions applied to the AdminSDHolder +Container in Active Directory. + +## Queries for the AD_AdminSDHolder Job + +The AD_AdminSDHolder Job uses the PowerShell Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Queries for the AD_AdminSDHolder Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp) + +- Default AdminSDHolder Perms – Creates a table of default AdminSDHolder permissions + + - See the [PowerShell Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md) topic + for additional information + +## Analysis Tasks for the AD_AdminSDHolder Job + +Navigate to the **Active Directory Permissions Analyzer** > **7.Containers** > +**AD_AdminSDHolder** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_AdminSDHolder Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp) + +The default analysis tasks are: + +- Determine AdminSDHolder permissions – Creates the SA_AD_AdminSDHolder_Details table accessible + under the job’s Results node +- Summarize AdminSDHolder permissions – Creates the SA_AD_AdminSDHolder_DomainSummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_AdminSDHolder Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| AdminSDHolder Permissions | This report highlights suspicious (non-default) permissions applied to the AdminSDHolder container across all audited domains, and enumerates all AdminSDHolder permissions. For more information on vulnerabilities involving AdminSDHolder access, see the Microsoft [AdminSDHolder, Protected Groups and SDPROP](https://technet.microsoft.com/en-us/library/2009.09.sdadminholder.aspx) article. | None | This report is comprised of three elements: - Bar Chart – Displays suspicious AdminSDHolder permissions by domain - Table – Provides details on AdminSDHolder permissions - Table – Provides details on top users by suspicious AdminSDHolder permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad_containerpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad_containerpermissions.md new file mode 100644 index 0000000000..8a36fe80e0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad_containerpermissions.md @@ -0,0 +1,28 @@ +# AD_ContainerPermissions Job + +The AD_ContainerPermissions Job is responsible for reporting on all Active Directory permissions +applied to container objects within the targeted domains. + +## Analysis Tasks for the AD_ContainerPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **7.Containers** > +**AD_ContainerPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ContainerPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp) + +The default analysis tasks are: + +- List container object permissions – Creates the SA_AD_ContainerPermissions_Details table + accessible under the job’s Results node +- Summarize container object permissions – Creates the SA_AD_ContainerPermissions_DomainSummary + table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_ContainerPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Container Permissions | This report highlights instances where permissions are applied to Active Directory container objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays container permissions by domain - Pie Chart – Provides details on enterprise container permissions by type - Table – Provides details on container permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/overview.md index 34c20fa6b1..66b965810f 100644 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/overview.md +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/overview.md @@ -3,15 +3,15 @@ The 7.Containers Job Group reports on all Active Directory permissions applied to container objects within the targeted domains. -![7.Containers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![7.Containers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/jobstree.webp) The jobs in the 7.Containers Job Group are: -- [AD_AdminSDHolder Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad-adminsdholder.md) – Reports on all non-default Active Directory +- [AD_AdminSDHolder Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad_adminsdholder.md) – Reports on all non-default Active Directory permissions applied to the AdminSDHolder container within the targeted domains. The AdminSDHolder container can be leveraged by an attacker to create persistence within the environment. See the Microsoft [AdminSDHolder, Protected Groups and SDPROP](https://technet.microsoft.com/en-us/library/2009.09.sdadminholder.aspx) article for additional information. -- [AD_ContainerPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad-containerpermissions.md) – Reports on all Active Directory +- [AD_ContainerPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/ad_containerpermissions.md) – Reports on all Active Directory permissions applied to container objects within the targeted domains diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificateauthorityrights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificateauthorityrights.md deleted file mode 100644 index afdb0c77d0..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificateauthorityrights.md +++ /dev/null @@ -1,32 +0,0 @@ -# AD_CertificateAuthorityRights Job - -The AD_CertificateAuthorityRights job provides details on certificate enrollment permissions, -specifically risky permissions where users have write or higher access. - -#### Analysis Tasks for the AD_CertificateAuthorityRights Job - -Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > -**AD_CertificateAuthorityRights** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_CertificateAuthorityRights Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/certificateauthorityrightsanalysis.webp) - -The default analysis tasks are: - -- Certificate Enrollment Rights – Creates a view to show all certificate enrollment permissions -- General Audit – Audits certificate template settings -- Risky Template Permissions – Identifies write and higher permissions on templates, which are - considered risky. Creates the SA_AD_CertificateConfiguration_TemplateRiskyPermissions table - accessible under the job’s Results node. -- Risky Permissions Summary – Summarizes the count of risky permissions by principal and permission - type - -In addition to the tables and views created by the analysis tasks, the AD_CertificateAuthorityRights -job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enrollment Permissions | This report highlights vulnerable Access control Lists (ACLs) with permissions or owners assigned to open groups and non-standard ACLs with owners that are not domain or enterprise admins. | None | This report is comprised of three elements: - Bar Chart – Displays risky permissions by principal - Pie Chart – Displays risky permissions by count - Table – Provides details on risky permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificatetemplates.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificatetemplates.md deleted file mode 100644 index 3ad7b80a11..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificatetemplates.md +++ /dev/null @@ -1,27 +0,0 @@ -# AD_CertificateTemplates Job - -The AD_CertificateTemplates job provides details on certificate template settings. - -#### Analysis Tasks for the AD_CertificateTemplates Job - -Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > -**AD_CertificateTemplates** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_CertificateTemplates Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/certificatetemplatesanalysis.webp) - -The default analysis tasks are: - -- Certificate Templates – Provides details on certificate templates. Creates the - SA_AD_CertificateAudit_Templates table accessible under the job’s Results node. -- Templates Summary – Summarizes the counts of templates for each Certificate Authority and - permission - -In addition to the tables and views created by the analysis tasks, the AD_CertificateTemplates job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------- | ----------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Certificate Template Configuration | This report highlights certificate templates and their configurations in the audited Certificate Authority. | None | This report is comprised of three elements: - Bar Chart – Displays templates by Certificate Authority - Pie Chart – Displays templates by permission count - Table – Provides details on certificate templates | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificatevulnerabilities.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificatevulnerabilities.md deleted file mode 100644 index 95774639aa..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificatevulnerabilities.md +++ /dev/null @@ -1,36 +0,0 @@ -# AD_CertificateVulnerabilities Job - -The AD_CertificateVulnerabilities job highlights vulnerabilities in the configuration and -permissions of the Certificate Authority, certificate templates, and Active Directory. - -#### Analysis Tasks for the AD_CertificateVulnerabilities Job - -Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > -**AD_CertificateVulnerabilities** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the AD_CertificateVulnerabilities Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/certificatevulnerabilitiesanalysis.webp) - -The default analysis task is: - -- Certificate Issues – Creates the SA_AD_CertificateAudit_Vulnerabilities table accessible under the - job’s Results node. The following vulnerabilities are identified by this task: - - - SubjectAltName Allows Privilege Escalation (ESC1) - - Defined EKUs Allow Arbitrary Certificate Signing (ESC2) - - Certificates in Combination can be used for Arbitrary Privilege Escalation (ESC3) - - Exploitable Access Control Entries on Templates (ESC4) - - Public Key Infrastructure Misconfigurations (ESC5) - - EDITF_ATTRIBUTESUBJECTALTNAME2 Allows Privilege Escalation (ESC6) - - Certificate Authority Open Access (ESC7) - - NTLM Web Enrollment Enabled (ESC8) - -In addition to the tables and views created by the analysis task, the AD_CertificateVulnerabilities -job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------- | -| Certificate Vulnerabilities | This report highlights Certificate Authority and template configurations and permissions that create vulnerabilities in the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays vulnerabilities by count - Table – Provides details on vulnerabilities | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-domainpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-domainpermissions.md deleted file mode 100644 index 236b0bbab4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-domainpermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# AD_DomainPermissions Job - -The AD_DomainPermissions Job reports on all Active Directory permissions applied to domain objects -within the targeted domains. - -#### Analysis Tasks for the AD_DomainPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > -**AD_DomainPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DomainPermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp) - -The default analysis tasks are: - -- List domain object permissions – Creates the SA_AD_DomainPermissions_Details table accessible - under the job’s Results node -- Summarize domain permissions – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_DomainPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain Permissions | This report highlights instances where permissions are applied to Active Directory domain objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays permissions by domain - Pie Chart – Provides details on enterprise domain permissions by type - Table – Provides details on domain permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-domainreplication.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-domainreplication.md deleted file mode 100644 index acdce103cd..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-domainreplication.md +++ /dev/null @@ -1,28 +0,0 @@ -# AD_DomainReplication Job - -The AD_DomainReplication Job highlights all Active Directory permissions applied to domain objects -within the targeted domains. - -## Analysis Tasks for the AD_DomainReplication Job - -Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > -**AD_DomainReplication** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DomainReplication Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp) - -The default analysis tasks are: - -- List domain replication permissions – Creates the SA_AD_DomainReplication_Details table accessible - under the job’s Results node -- Summarize replication permission details – Creates an interim processing table in the database for - use by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_DomainReplication Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | ---------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Domain Replication Permissions | This report highlights domain replication permissions applied to domain objects in active directory. | None | This report is comprised of three elements: - Bar Chart – Displays replication permission summary by domain - Table – Provides details on replication permissions - Table – Provides details on top users by replication permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificateauthorityrights.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificateauthorityrights.md new file mode 100644 index 0000000000..52ce661ff9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificateauthorityrights.md @@ -0,0 +1,32 @@ +# AD_CertificateAuthorityRights Job + +The AD_CertificateAuthorityRights job provides details on certificate enrollment permissions, +specifically risky permissions where users have write or higher access. + +#### Analysis Tasks for the AD_CertificateAuthorityRights Job + +Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > +**AD_CertificateAuthorityRights** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_CertificateAuthorityRights Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/certificateauthorityrightsanalysis.webp) + +The default analysis tasks are: + +- Certificate Enrollment Rights – Creates a view to show all certificate enrollment permissions +- General Audit – Audits certificate template settings +- Risky Template Permissions – Identifies write and higher permissions on templates, which are + considered risky. Creates the SA_AD_CertificateConfiguration_TemplateRiskyPermissions table + accessible under the job’s Results node. +- Risky Permissions Summary – Summarizes the count of risky permissions by principal and permission + type + +In addition to the tables and views created by the analysis tasks, the AD_CertificateAuthorityRights +job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enrollment Permissions | This report highlights vulnerable Access control Lists (ACLs) with permissions or owners assigned to open groups and non-standard ACLs with owners that are not domain or enterprise admins. | None | This report is comprised of three elements: - Bar Chart – Displays risky permissions by principal - Pie Chart – Displays risky permissions by count - Table – Provides details on risky permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificatetemplates.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificatetemplates.md new file mode 100644 index 0000000000..a5ac68d7f3 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificatetemplates.md @@ -0,0 +1,27 @@ +# AD_CertificateTemplates Job + +The AD_CertificateTemplates job provides details on certificate template settings. + +#### Analysis Tasks for the AD_CertificateTemplates Job + +Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > +**AD_CertificateTemplates** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_CertificateTemplates Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/certificatetemplatesanalysis.webp) + +The default analysis tasks are: + +- Certificate Templates – Provides details on certificate templates. Creates the + SA_AD_CertificateAudit_Templates table accessible under the job’s Results node. +- Templates Summary – Summarizes the counts of templates for each Certificate Authority and + permission + +In addition to the tables and views created by the analysis tasks, the AD_CertificateTemplates job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------- | ----------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Certificate Template Configuration | This report highlights certificate templates and their configurations in the audited Certificate Authority. | None | This report is comprised of three elements: - Bar Chart – Displays templates by Certificate Authority - Pie Chart – Displays templates by permission count - Table – Provides details on certificate templates | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificatevulnerabilities.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificatevulnerabilities.md new file mode 100644 index 0000000000..8bed5fd7b5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificatevulnerabilities.md @@ -0,0 +1,36 @@ +# AD_CertificateVulnerabilities Job + +The AD_CertificateVulnerabilities job highlights vulnerabilities in the configuration and +permissions of the Certificate Authority, certificate templates, and Active Directory. + +#### Analysis Tasks for the AD_CertificateVulnerabilities Job + +Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > +**AD_CertificateVulnerabilities** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the AD_CertificateVulnerabilities Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/certificatevulnerabilitiesanalysis.webp) + +The default analysis task is: + +- Certificate Issues – Creates the SA_AD_CertificateAudit_Vulnerabilities table accessible under the + job’s Results node. The following vulnerabilities are identified by this task: + + - SubjectAltName Allows Privilege Escalation (ESC1) + - Defined EKUs Allow Arbitrary Certificate Signing (ESC2) + - Certificates in Combination can be used for Arbitrary Privilege Escalation (ESC3) + - Exploitable Access Control Entries on Templates (ESC4) + - Public Key Infrastructure Misconfigurations (ESC5) + - EDITF_ATTRIBUTESUBJECTALTNAME2 Allows Privilege Escalation (ESC6) + - Certificate Authority Open Access (ESC7) + - NTLM Web Enrollment Enabled (ESC8) + +In addition to the tables and views created by the analysis task, the AD_CertificateVulnerabilities +job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------- | +| Certificate Vulnerabilities | This report highlights Certificate Authority and template configurations and permissions that create vulnerabilities in the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays vulnerabilities by count - Table – Provides details on vulnerabilities | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_domainpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_domainpermissions.md new file mode 100644 index 0000000000..dafaa793e5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_domainpermissions.md @@ -0,0 +1,28 @@ +# AD_DomainPermissions Job + +The AD_DomainPermissions Job reports on all Active Directory permissions applied to domain objects +within the targeted domains. + +#### Analysis Tasks for the AD_DomainPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > +**AD_DomainPermissions** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DomainPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp) + +The default analysis tasks are: + +- List domain object permissions – Creates the SA_AD_DomainPermissions_Details table accessible + under the job’s Results node +- Summarize domain permissions – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_DomainPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain Permissions | This report highlights instances where permissions are applied to Active Directory domain objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays permissions by domain - Pie Chart – Provides details on enterprise domain permissions by type - Table – Provides details on domain permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_domainreplication.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_domainreplication.md new file mode 100644 index 0000000000..3a28dae809 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_domainreplication.md @@ -0,0 +1,28 @@ +# AD_DomainReplication Job + +The AD_DomainReplication Job highlights all Active Directory permissions applied to domain objects +within the targeted domains. + +## Analysis Tasks for the AD_DomainReplication Job + +Navigate to the **Active Directory Permissions Analyzer** > **8.Domains** > +**AD_DomainReplication** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DomainReplication Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp) + +The default analysis tasks are: + +- List domain replication permissions – Creates the SA_AD_DomainReplication_Details table accessible + under the job’s Results node +- Summarize replication permission details – Creates an interim processing table in the database for + use by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_DomainReplication Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | ---------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Domain Replication Permissions | This report highlights domain replication permissions applied to domain objects in active directory. | None | This report is comprised of three elements: - Bar Chart – Displays replication permission summary by domain - Table – Provides details on replication permissions - Table – Provides details on top users by replication permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/overview.md index 81711b59a3..99fdfaa432 100644 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/overview.md +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/overview.md @@ -3,19 +3,19 @@ The 8.Domains job group reports on all Active Directory permissions applied to domain objects within the targeted domains. -![8.Domains Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![8.Domains Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/jobstree.webp) The jobs in the 8.Domains job group are: -- [AD_CertificateAuthorityRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificateauthorityrights.md) – Provides details on +- [AD_CertificateAuthorityRights Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificateauthorityrights.md) – Provides details on certificate enrollment permissions, specifically risky permissions where users have write or higher access -- [AD_CertificateTemplates Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificatetemplates.md) – Provides details on certificate +- [AD_CertificateTemplates Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificatetemplates.md) – Provides details on certificate template settings -- [AD_CertificateVulnerabilities Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-certificatevulnerabilities.md) – Highlights vulnerabilities +- [AD_CertificateVulnerabilities Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_certificatevulnerabilities.md) – Highlights vulnerabilities in the configuration and permission of the Certificate Authority, certificate templates, and Active Directory -- [AD_DomainPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-domainpermissions.md) – Reports on all Active Directory permissions +- [AD_DomainPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_domainpermissions.md) – Reports on all Active Directory permissions applied to domain objects within the targeted domains -- [AD_DomainReplication Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad-domainreplication.md) – Highlights all Active Directory permissions +- [AD_DomainReplication Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/ad_domainreplication.md) – Highlights all Active Directory permissions applied to domain objects within the targeted domains diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad-groupmembershippermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad-groupmembershippermissions.md deleted file mode 100644 index 00fbe10594..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad-groupmembershippermissions.md +++ /dev/null @@ -1,29 +0,0 @@ -# AD_GroupMembershipPermissions Job - -The AD_GroupMembershipPermissions Job highlights all Active Directory users that are capable of -modifying group membership within the targeted domains. - -## Analysis Tasks for the AD_GroupMembershipPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **2.Groups** > -**AD_GroupMembershipPermissions** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupMembershipPermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp) - -The default analysis tasks are: - -- List group object permissions – Creates the SA_AD_GroupMembershipPermissions_Details table - accessible under the job’s Results node -- Summarize group object permissions – Creates an interim processing table in the database for use - by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_GroupMembershipPermissions -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Membership | This report highlights instances where trustees can change the membership of Active Directory group objects, either by writing the member attribute or via the "Add/Remove self as member" permission. By default, this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays affected groups by domain - Table – Provides details on membership change permissions - Table – Provides details on top users with group membership change permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad-grouppermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad-grouppermissions.md deleted file mode 100644 index d2bfea8597..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad-grouppermissions.md +++ /dev/null @@ -1,32 +0,0 @@ -# AD_GroupPermissions Job - -The AD_Permissions job reports on all Active Directory permissions and ownership applied to group -objects within the targeted domains. - -## Analysis Tasks for the AD_GroupPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **2.Groups** > **AD_GroupPermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_GroupPermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp) - -The default analysis tasks are: - -- List group object permissions – Creates the SA_AD_GroupPermissions_Details table accessible under - the job’s Results node -- Summarize group object permissions – Creates an interim processing table in the database for use - by downstream analysis and report generation -- Group Ownership – Lists the owners of each group object and determines if they are a non-standard - owner. Principals that are not administrators are considered non-standard owners of group objects. -- Group Ownership Summary – Summarizes owner type by domain - -In addition to the tables and views created by the analysis tasks, the AD_GroupPermissions job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Ownership | This report highlights instances where Active Directory group objects are owned by non admin principals. This information is summarized at the domain level. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a summary of group ownership by domain - Table – Provides details on non-standard ownership | -| Group Permissions | This report highlights instances where permissions are applied to Active Directory group objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays group permissions by domain - Pie Chart – Displays group permissions by type - Table – Provides details on group permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad_groupmembershippermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad_groupmembershippermissions.md new file mode 100644 index 0000000000..a47bda9ced --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad_groupmembershippermissions.md @@ -0,0 +1,29 @@ +# AD_GroupMembershipPermissions Job + +The AD_GroupMembershipPermissions Job highlights all Active Directory users that are capable of +modifying group membership within the targeted domains. + +## Analysis Tasks for the AD_GroupMembershipPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **2.Groups** > +**AD_GroupMembershipPermissions** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupMembershipPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp) + +The default analysis tasks are: + +- List group object permissions – Creates the SA_AD_GroupMembershipPermissions_Details table + accessible under the job’s Results node +- Summarize group object permissions – Creates an interim processing table in the database for use + by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_GroupMembershipPermissions +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Membership | This report highlights instances where trustees can change the membership of Active Directory group objects, either by writing the member attribute or via the "Add/Remove self as member" permission. By default, this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays affected groups by domain - Table – Provides details on membership change permissions - Table – Provides details on top users with group membership change permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad_grouppermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad_grouppermissions.md new file mode 100644 index 0000000000..ad55248d80 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad_grouppermissions.md @@ -0,0 +1,32 @@ +# AD_GroupPermissions Job + +The AD_Permissions job reports on all Active Directory permissions and ownership applied to group +objects within the targeted domains. + +## Analysis Tasks for the AD_GroupPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **2.Groups** > **AD_GroupPermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_GroupPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp) + +The default analysis tasks are: + +- List group object permissions – Creates the SA_AD_GroupPermissions_Details table accessible under + the job’s Results node +- Summarize group object permissions – Creates an interim processing table in the database for use + by downstream analysis and report generation +- Group Ownership – Lists the owners of each group object and determines if they are a non-standard + owner. Principals that are not administrators are considered non-standard owners of group objects. +- Group Ownership Summary – Summarizes owner type by domain + +In addition to the tables and views created by the analysis tasks, the AD_GroupPermissions job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Ownership | This report highlights instances where Active Directory group objects are owned by non admin principals. This information is summarized at the domain level. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a summary of group ownership by domain - Table – Provides details on non-standard ownership | +| Group Permissions | This report highlights instances where permissions are applied to Active Directory group objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays group permissions by domain - Pie Chart – Displays group permissions by type - Table – Provides details on group permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/overview.md index aa4ff6f58f..f386bab992 100644 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/overview.md +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/overview.md @@ -3,11 +3,11 @@ The 2.Groups Job Group reports on all Active Directory permissions applied to group objects within the targeted domains. -![2.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![2.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/jobstree.webp) The jobs in the 2.Groups Job Group are: -- [AD_GroupMembershipPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad-groupmembershippermissions.md) – Highlights all Active +- [AD_GroupMembershipPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad_groupmembershippermissions.md) – Highlights all Active Directory users that are capable of modifying group membership within the targeted domains -- [AD_GroupPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad-grouppermissions.md) – Reports on all Active Directory permissions +- [AD_GroupPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/ad_grouppermissions.md) – Reports on all Active Directory permissions applied to group objects within the targeted domains diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/overview.md new file mode 100644 index 0000000000..cc35b74516 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/overview.md @@ -0,0 +1,80 @@ +# Active Directory Permissions Analyzer Solution + +The Access Analyzer Active Directory Permissions Analyzer Solution enables organizations to easily +and automatically determine effective permissions applied to any and all Active Directory (AD) +objects. AD, Security, and Network Administrators can easily browse and compare information from +individual or multiple domains using comprehensive, preconfigured analyses and reports focused on +permissions associated with AD domains, organizational units, groups, users, and computers. These +capabilities enable them to obtain the most authoritative view of who has access to what in AD. + +The Active Directory Permissions Analyzer Solution is located within the **Jobs** > **Active +Directory Permissions Analyzer** Job Group, which identifies permissions applied to computers, +groups, organizational units, and users. + +Supported Platforms + +- Windows Server 2016 and later +- Windows 2003 Forest level or higher + +**NOTE:** See the Microsoft +[Windows Server end of support and Microsoft 365 Apps](https://learn.microsoft.com/en-us/deployoffice/endofsupport/windows-server-support) +article for additional information. + +Requirements, Permissions, and Ports + +See the +[Domain Target Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/activedirectorypermissionsanalyzer.md) +topic for additional information. + +Location + +The Active Directory Permissions Analyzer requires a special Access Analyzer license. It can be +installed from the Instant Job Wizard, see the +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional information. +When purchased separately, the Permissions Analyzer Solution is installed into the Jobs tree with +the Active Directory instant solution. The license limits the solution to just the **Jobs** > +**Active Directory Permissions Analyzer** Job Group. Once installed into the Jobs tree, navigate to +the solution: **Jobs** > **Active Directory Permissions Analyzer**. The 0.Collection Job Group +collects the data. The other job groups run analysis on the collected data and generate reports. + +## Job Groups + +The Active Directory Permissions Analyzer Solution is designed to provide visibility into Active +Directory permissions applied on all objects. Key information includes who can reset user passwords, +who can modify group membership, and who can replicate domain information. + +The jobs which comprise the Active Directory Permissions Analyzer Job Group use the ADPermissions +Data Collector and the PowerShell Data Collector to return advanced security permissions and process +analysis tasks and generate reports. The collected data is then available to the Netwrix Access +Information Center for analysis. + +![Active Directory Permissions Analyzer Solution Overview page](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/overview.webp) + +The job groups and jobs in the Active Directory Permissions Analyzer Solution are: + +- [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/overview.md) – Collects all Active Directory permissions + information from the targeted domain +- [1.Users Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/overview.md) – Reports on all Active Directory permissions applied to + user objects within the targeted domains +- [2.Groups Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/overview.md) – Reports on all Active Directory permissions applied to + group objects within the targeted domains +- [3.OUs > AD_OUPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_oupermissions.md) – Reports on all Active Directory permissions + applied to organizational unit objects within the targeted domains +- [4.Computers Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/overview.md) – Reports on all Active Directory permissions + applied to computer objects within the targeted domains +- [5.Open Access > AD_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_openaccess.md) – Reports on all Active Directory + permissions granting open access within the targeted domains. Open Access can be defined as access + granted to security principals such as: Domain Users, Authenticated Users, and Everyone. +- [6.Broken Inheritance > AD_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_brokeninheritance.md) – Reports on all + locations within Active Directory where inheritance is broken within the targeted domains +- [7.Containers Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/overview.md) – Reports on all Active Directory permissions + applied to container objects within the targeted domains +- [8.Domains Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/overview.md) – Reports on all Active Directory permissions applied + to domain objects within the targeted domains +- [9.Sites Job Group](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/overview.md) – Reports on all Active Directory permissions applied to + domain objects within the targeted domains +- [AD_ShadowAccess Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md) – Finds shadow access that leads to compromise of a + domain or sensitive data. Attackers can chain vulnerabilities to escalate privileges from a + non-privileged user to administrator with only a few steps. This job generates the shortest path + between every non-privileged user to a domain administrative group, total domain compromise, or + access to sensitive data. diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/recommended.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/recommended.md index 7bc1bf6c47..0768aa995b 100644 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/recommended.md @@ -6,7 +6,7 @@ The following Access Analyzer job groups need to be successfully run: - .Active Directory Inventory Job Group -The following jobs need to be run prior to running the [AD_ShadowAccess Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-shadowaccess.md): +The following jobs need to be run prior to running the [AD_ShadowAccess Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md): - .Active Directory Inventory >1-AD_Scan > ADInventory - Active Directory > 1.Groups > AD_SensitiveSecurityGroups @@ -16,7 +16,7 @@ The following jobs need to be run prior to running the [AD_ShadowAccess Job](/do - Active Directory Permissions Analyzer > 2.Groups > AD_GroupMembershipPermissions The following jobs can be optionally run to enhance reporting in the -[AD_ShadowAccess Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad-shadowaccess.md): +[AD_ShadowAccess Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ad_shadowaccess.md): - Active Directory > 2.Users > AD_WeakPasswords - FileSystem > 7.Sensitive Data > FS_DLPResults > FS_DLPResults @@ -37,7 +37,7 @@ Assign a Connection Profile at the **Active Directory Permissions Analyzer** > * **Settings** > **Connection** node with local Administrator privileges on the target host, or Domain Administrator privileges if the target host is a domain controller. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad-dcshadowpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad-dcshadowpermissions.md deleted file mode 100644 index 3419f8b6d7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad-dcshadowpermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# AD_DCShadowPermissions Job - -The AD_DCShadowPermissions Job highlights all Active Directory users that are capable of potentially -performing a DCShadow attack within the targeted domains. - -## Analysis Tasks for the AD_DCShadowPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **9.Sites** > -**AD_DCShadowPermissions** > **Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_DCShadowPermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp) - -The default analysis tasks are: - -- DCShadow Permissions – Creates the SA_AD_DCShadowPermissions_Details table accessible under the - job’s Results node -- DCShadow Summary – Creates the SA_AD_DCShadowPermission_Summary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the AD_DCShadowPermisssions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| DCShadow Permissions | This report highlights permissions applied to Site objects and Computer objects in Active Directory required to execute the DCShadow attack. By default this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays top users by computer count - Table – Provides details on top users by computer count - Table – Provides details on DCShadow permission details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad-sitepermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad-sitepermissions.md deleted file mode 100644 index 17fcb49de3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad-sitepermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# AD_SitePermissions Job - -The AD_SitePermissions Job reports on all Active Directory permissions applied to site objects -within the targeted domains. - -## Analysis Tasks for the AD_SitePermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **9.Sites** > **AD_SitePermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_SitePermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp) - -The default analysis tasks are: - -- Site Permissions – Creates the SA_AD_SitePermissions_Details table accessible under the job’s - Results node -- Summarize Site Permissions – Creates the SA_AD_SitePermissions_DomainSummary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the AD_SitePermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Site Permissions | This report highlights instances where permissions are applied to Active Directory Site objects. | None | This report is comprised of three elements: - Bar Chart – Displays permissions by site - Pie chart – Provides details on enterprise site permissions by type - Table – Provides details on site permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad_dcshadowpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad_dcshadowpermissions.md new file mode 100644 index 0000000000..42e9f9259e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad_dcshadowpermissions.md @@ -0,0 +1,28 @@ +# AD_DCShadowPermissions Job + +The AD_DCShadowPermissions Job highlights all Active Directory users that are capable of potentially +performing a DCShadow attack within the targeted domains. + +## Analysis Tasks for the AD_DCShadowPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **9.Sites** > +**AD_DCShadowPermissions** > **Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_DCShadowPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp) + +The default analysis tasks are: + +- DCShadow Permissions – Creates the SA_AD_DCShadowPermissions_Details table accessible under the + job’s Results node +- DCShadow Summary – Creates the SA_AD_DCShadowPermission_Summary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the AD_DCShadowPermisssions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| DCShadow Permissions | This report highlights permissions applied to Site objects and Computer objects in Active Directory required to execute the DCShadow attack. By default this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays top users by computer count - Table – Provides details on top users by computer count - Table – Provides details on DCShadow permission details | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad_sitepermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad_sitepermissions.md new file mode 100644 index 0000000000..11ef30e91e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad_sitepermissions.md @@ -0,0 +1,28 @@ +# AD_SitePermissions Job + +The AD_SitePermissions Job reports on all Active Directory permissions applied to site objects +within the targeted domains. + +## Analysis Tasks for the AD_SitePermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **9.Sites** > **AD_SitePermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_SitePermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp) + +The default analysis tasks are: + +- Site Permissions – Creates the SA_AD_SitePermissions_Details table accessible under the job’s + Results node +- Summarize Site Permissions – Creates the SA_AD_SitePermissions_DomainSummary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the AD_SitePermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Site Permissions | This report highlights instances where permissions are applied to Active Directory Site objects. | None | This report is comprised of three elements: - Bar Chart – Displays permissions by site - Pie chart – Provides details on enterprise site permissions by type - Table – Provides details on site permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/overview.md index 1a8c09d740..920b41e3ed 100644 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/overview.md +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/overview.md @@ -3,11 +3,11 @@ The 9.Sites Job Group reports on all Active Directory permissions applied to site objects within the targeted domains. -![9.Sites Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![9.Sites Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/jobstree.webp) The jobs in the 9.Sites Job Group are: -- [AD_DCShadowPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad-dcshadowpermissions.md) – Highlights all Active Directory users +- [AD_DCShadowPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad_dcshadowpermissions.md) – Highlights all Active Directory users that are capable of potentially performing a DCShadow attack within the targeted domains -- [AD_SitePermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad-sitepermissions.md) – Reports on all Active Directory permissions +- [AD_SitePermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/ad_sitepermissions.md) – Reports on all Active Directory permissions applied to site objects within the targeted domains diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad-resetpasswordpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad-resetpasswordpermissions.md deleted file mode 100644 index e1e265da42..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad-resetpasswordpermissions.md +++ /dev/null @@ -1,31 +0,0 @@ -# AD_ResetPasswordPermissions Job - -The AD_ResetPasswordPermissions Job highlights all Active Directory users that are capable of -resetting another user's password within the targeted domains. It uses the data collected by the -0.Collection Job Group to provide information on permissions applied to user objects in Active -Directory. - -## Analysis Tasks for the AD_ResetPasswordPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **1.Users** > -**AD_ResetPasswordPermissions** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_ResetPasswordPermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp) - -The default analysis tasks are: - -- List user password reset permissions – Creates the SA_AD_ResetPasswordPermissions_Details table - accessible under the job’s Results node -- Summarize password reset permissions – Creates an interim processing table in the database for use - by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the AD_ResetPasswordPermissions -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Reset Password | This report highlights instances where "Reset Password" permissions are applied to Active Directory user objects. This information is summarized at the domain and enterprise levels. By default, this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays affected accounts by domain - Table – Provides details on reset password permissions - Table – Provides details on top users with reset password permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad-userpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad-userpermissions.md deleted file mode 100644 index 22c27af788..0000000000 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad-userpermissions.md +++ /dev/null @@ -1,34 +0,0 @@ -# AD_UserPermissions Job - -The AD_UserPermissions job is comprised of analysis tasks and reports which use the data collected -by the 0.Collection job group to provide information on permissions and ownership applied to user -objects in Active Directory. - -## Analysis Tasks for the AD_UserPermissions Job - -Navigate to the **Active Directory Permissions Analyzer** > **1.Users** > **AD_UserPermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AD_UserPermissions Job](/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp) - -The default analysis tasks are: - -- List user object permissions – Creates the SA_AD_UserPermissions_Details table accessible under - the job’s Results node -- Summarize user object permissions – Creates an interim processing table in the database for use by - downstream analysis and report generation -- User Ownership – Lists the owners of each user object and determines if they are a non-standard - owner. Principals that are not administrators are considered non-standard owners of user objects. - Creates the SA_AD_UserOwnership_Details table accessible under the job’s Results node. -- User Ownership Summary – Summarizes the owner type by domain - -In addition to the tables and views created by the analysis tasks, the AD_UserPermissions job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Ownership | This report highlights instances where Active Directory user objects are owned by non admin principals. This information is summarized at the domain level. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a summary of user ownership by domain - Table – Provides details on non-standard user ownership | -| User Permissions | This report highlights instances where permissions are applied to Active Directory user objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays user permissions by domain - Pie Chart – Provides details on user permission types - Table – Provides details on user permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad_resetpasswordpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad_resetpasswordpermissions.md new file mode 100644 index 0000000000..5d6e4cd218 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad_resetpasswordpermissions.md @@ -0,0 +1,31 @@ +# AD_ResetPasswordPermissions Job + +The AD_ResetPasswordPermissions Job highlights all Active Directory users that are capable of +resetting another user's password within the targeted domains. It uses the data collected by the +0.Collection Job Group to provide information on permissions applied to user objects in Active +Directory. + +## Analysis Tasks for the AD_ResetPasswordPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **1.Users** > +**AD_ResetPasswordPermissions** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_ResetPasswordPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp) + +The default analysis tasks are: + +- List user password reset permissions – Creates the SA_AD_ResetPasswordPermissions_Details table + accessible under the job’s Results node +- Summarize password reset permissions – Creates an interim processing table in the database for use + by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the AD_ResetPasswordPermissions +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Reset Password | This report highlights instances where "Reset Password" permissions are applied to Active Directory user objects. This information is summarized at the domain and enterprise levels. By default, this report excludes members of administrator groups such as Domain Admins, Schema Admins, and Enterprise Admins. | None | This report is comprised of three elements: - Bar Chart – Displays affected accounts by domain - Table – Provides details on reset password permissions - Table – Provides details on top users with reset password permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad_userpermissions.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad_userpermissions.md new file mode 100644 index 0000000000..ecb6242d7a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad_userpermissions.md @@ -0,0 +1,34 @@ +# AD_UserPermissions Job + +The AD_UserPermissions job is comprised of analysis tasks and reports which use the data collected +by the 0.Collection job group to provide information on permissions and ownership applied to user +objects in Active Directory. + +## Analysis Tasks for the AD_UserPermissions Job + +Navigate to the **Active Directory Permissions Analyzer** > **1.Users** > **AD_UserPermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AD_UserPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp) + +The default analysis tasks are: + +- List user object permissions – Creates the SA_AD_UserPermissions_Details table accessible under + the job’s Results node +- Summarize user object permissions – Creates an interim processing table in the database for use by + downstream analysis and report generation +- User Ownership – Lists the owners of each user object and determines if they are a non-standard + owner. Principals that are not administrators are considered non-standard owners of user objects. + Creates the SA_AD_UserOwnership_Details table accessible under the job’s Results node. +- User Ownership Summary – Summarizes the owner type by domain + +In addition to the tables and views created by the analysis tasks, the AD_UserPermissions job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Ownership | This report highlights instances where Active Directory user objects are owned by non admin principals. This information is summarized at the domain level. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a summary of user ownership by domain - Table – Provides details on non-standard user ownership | +| User Permissions | This report highlights instances where permissions are applied to Active Directory user objects. This information is summarized at the domain and enterprise levels. | None | This report is comprised of three elements: - Bar Chart – Displays user permissions by domain - Pie Chart – Provides details on user permission types - Table – Provides details on user permissions | diff --git a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/overview.md b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/overview.md index a68764fbe7..72e46c1c43 100644 --- a/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/overview.md +++ b/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/overview.md @@ -3,11 +3,11 @@ The 1.Users Job Group reports on all Active Directory permissions applied to user objects within the targeted domains -![1.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![1.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/jobstree.webp) The following jobs comprise the 1.Users Job Group: -- [AD_ResetPasswordPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad-resetpasswordpermissions.md) – Highlights all Active +- [AD_ResetPasswordPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad_resetpasswordpermissions.md) – Highlights all Active Directory users that are capable of resetting another user’s password within the targeted domains -- [AD_UserPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad-userpermissions.md) – Reports on all Active Directory permissions +- [AD_UserPermissions Job](/docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/ad_userpermissions.md) – Reports on all Active Directory permissions applied to user objects within the targeted domains diff --git a/docs/accessanalyzer/12.0/solutions/anyid/anyid-csv.md b/docs/accessanalyzer/12.0/solutions/anyid/anyid-csv.md deleted file mode 100644 index 931eff5c71..0000000000 --- a/docs/accessanalyzer/12.0/solutions/anyid/anyid-csv.md +++ /dev/null @@ -1,146 +0,0 @@ -# AnyID_CSV Job - -The AnyID_CSV job imports a list of identities and attributes from a CSV file. Use this when a -native integration may not be available, or an export is the best option. - -**_RECOMMENDED:_** Copy the CSV file to the Access Analyzer Console for the best import performance. - -![AnyID_CSV Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/anyid/csvjoblocation.webp) - -The AnyID_CSV job is located in the **Jobs** > **AnyID Connectors** job group. - -## Recommended Configurations for the AnyID_CSV Job - -The following are recommended configurations for the AnyID_CSV job: - -Dependencies - -None - -Targeted Host - -Local Host - -Connection Profile - -The AnyID_CSV job does not require a connection profile. - -History Retention - -Default Retention Period. See the [History](/docs/accessanalyzer/12.0/administration/settings/history.md) topic for additional -information. - -Multi-Console Support - -Not supported - -Schedule Frequency - -Schedule the job as required. - -Query Configuration - -This job contains configurable queries. See the -[Configure the AnyID_CSV Query](#configure-the-anyid_csvquery) topic for additional information. - -Analysis Configuration - -See the [Analysis Tasks for the AnyID_CSV Job](#analysis-tasks-for-the-anyid_csvjob) topic for -additional information. - -Workflow - -**Step 1 –** Prepare a CSV file for import. - -**Step 2 –** Configure the configurable query parameters. - -**Step 3 –** Run the job. - -**Step 4 –** Review the report generated by the job. - -## Queries for the AnyID_CSV Job - -The AnyID_CSV query uses the PowerShell Data Collector. - -![Queries for the AnyID_CSV Job](/img/product_docs/accessanalyzer/solutions/anyid/csvqueries.webp) - -The query is: - -- CSV Import – Imports identities and attributes from a CSV file. See the - [Configure the AnyID_CSV Query](#configure-the-anyid_csvquery) topic for additional information. - -### Configure the AnyID_CSV Query - -Follow the steps to configure the AnyID_CSV query. - -![ The name of the source repository parameter on the job Overview page](/img/product_docs/accessanalyzer/solutions/anyid/csvoverviewpage.webp) - -**Step 1 –** Navigate to and select the **AnyID Connectors** > **AnyID_CSV** node. In the -Configuration section of the job's Overview page, click the configure button for the **The name of -the source repository** parameter. In the Configure Window, enter the name of the source repository -where the list of identities and related attributes were retrieved from. - -**Step 2 –** Navigate to the **AnyID Connectors** > **AnyID_CSV** > **Configure** node and select -**Queries**. - -**Step 3 –** In the Query Selection view, select the CSV Import query and click **Query -Properties**. The Query Properties window opens. - -**Step 4 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector -Wizard opens. - -![Edit Query Page](/img/product_docs/accessanalyzer/solutions/anyid/csvqueryeditquery.webp) - -**Step 5 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of -the page to expand the Parameters window. Configure the following attributes: - -**CAUTION:** The following attributes must be configured in order for the job to execute properly. - -- $inputfile – File path to the CSV file which contains the identity and attribute information -- $RequiredAttributes – The list of attributes that need to be found in the document in order to - trigger a match - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $Attributes – The list of attributes that will be scanned for during sensitive data scanning - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $ID – Column which uniquely identifies each subject -- $SubjectType – Either a reference to a column in the CSV file or a string which indicates the type - of subjects being imported -- $batchSize – (Optional) The number of rows to process in a batch. Leave at default unless - otherwise required. -- $debugMode – (Optional) When set to true, stores unhashed attribute values for troubleshooting - purposes - -**Step 6 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save -changes. Click **Cancel** to exit the wizard without saving changes. - -The query is now ready to run. - -## Analysis Tasks for the AnyID_CSV Job - -Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_CSV** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AnyID_CSV Job](/img/product_docs/accessanalyzer/solutions/anyid/csvanalyses.webp) - -The default analysis tasks are: - -- Create Subject Profile Type – Creates subject profile type -- Create Subject Profile Stored Procedure – Creates subject profile stored procedure -- Merge into Subject Profile schema – Merges into subject profile schema -- Calculate completion details – Calculates attribute completion for imported subjects - -In addition to the tables created by the analysis tasks, the AnyID_CSV job produces the following -preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | --------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| CSV Imports | This report highlights subjects imported from the provided CSV file, and summarizes attribute completion. | None | This report is comprised of four elements: - Table – Contains information on imported subjects - Bar Chart – Provides information on subject types - Table – Contains information on the attributes summary - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/12.0/solutions/anyid/anyid-epicclarity.md b/docs/accessanalyzer/12.0/solutions/anyid/anyid-epicclarity.md deleted file mode 100644 index 84fa0108ae..0000000000 --- a/docs/accessanalyzer/12.0/solutions/anyid/anyid-epicclarity.md +++ /dev/null @@ -1,143 +0,0 @@ -# AnyID_EpicClarity Job - -The AnyID_EpicClarity job collects patient information from Epic including MRNs, SSNs, Subscriber -IDs, and Account IDs. An account with read access to the underlying Clarity Oracle database is -required in order to run queries. - -![AnyID_EpicClarity Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/anyid/epicclarityjoblocation.webp) - -The AnyID_EpicClarity job is located in the **Jobs** > **AnyID Connectors** job group. - -## Recommended Configurations for the AnyID_EpicClarity Job - -The following are recommended configurations for the AnyID_EpicClarity job: - -Dependencies - -The AnyID_EpicClarity job requires a CSV file with a filepath configured in the job's query to -collect data. See the -[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for -additional information. - -Targeted Host - -Epic Clarity Database Server - -Connection Profile - -Read Access to the underlying Clarity Oracle database. - -History Retention - -Default Retention Period. See the [History](/docs/accessanalyzer/12.0/administration/settings/history.md) topic for additional -information. - -Multi-Console Support - -Not supported - -Schedule Frequency - -This job should be run based on the desired frequency of Sensitive Data Scans. - -Query Configuration - -This job contains configurable queries. See the Configure the -[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for -additional information. - -Analysis Configuration - -Run the solution with the default analysis configuration for best results. - -Workflow - -**Step 1 –** Configure the configurable query parameters for the job. - -**Step 2 –** Run the job. - -**Step 3 –** Review the report generated by the job. - -## Queries for the AnyID_EpicClarity Job - -The AnyID_EpicClarity job uses the PowerShell Data Collector for queries. - -![Queries for the AnyID_EpicClarity Job](/img/product_docs/accessanalyzer/solutions/anyid/epicclarityqueries.webp) - -The queries are: - -- Epic Clarity Patients – Imports Epic Clarity subject profile information for patients -- Epic Clarity Accounts – Imports Epic Clarity subject profile information on accounts -- Epic Clarity Coverage – Imports Epic Clarity subject profile information on coverage -- Epic Clarity Identity IDs – Imports Epic Clarity subject profile information on identity IDs - -The above queries have configurable parameters. See the -[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for -additional information. - -### Configure the AnyID_EpicClarity Queries - -Follow the steps to configure the AnyID_EpicClarity queries. - -**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_EpicClarity** > **Configure** node and -select **Queries**. - -**Step 2 –** In the Query Selection view, select a query and click **Query Properties**. The Query -Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector -Wizard opens. - -![Edit Query Page](/img/product_docs/accessanalyzer/solutions/anyid/epicclarityqueryeditquery.webp) - -**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of -the page to expand the Parameters window. See the -[PowerShell: Edit Query](/docs/accessanalyzer/12.0/data-collection/powershell/edit-query.md) topic for additional -information. Configure the following attributes as needed: - -- $portNumber – The port number used to access the Oracle Database Server -- $fetchCount – The number of rows to process in a batch. Leave at default unless otherwise - required. -- $Attributes – The list of attributes that will be scanned for during sensitive data scanning. - Default values are MRN, SSN, Name, Date of Birth, Subscriber ID, Identity ID, and Account ID. - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $RequiredAttributes – The list of attributes that need to be found in the document in order to - trigger a match. The default values are SSN, MRN, and IdentityID. - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes - -**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save -changes. Click **Cancel** to exit the wizard without saving changes. - -Repeat these steps for each query in the case that a non default port value is required. Once -completed, the queries are ready to run. - -## Analysis Tasks for the AnyID_EpicClarity Job - -Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_EpicClarity** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AnyID_EpicClarity Job](/img/product_docs/accessanalyzer/solutions/anyid/epicclarityanalyses.webp) - -The default analysis tasks are: - -- Create Subject Profile Types – Create subject profile types -- Create Subject Profile Imports Procedure – Create subject profile imports procedure -- Merge into Subject Profile schema – Merge into Subject Profile schema -- Calculate completion details – Calculates attribute completion for Epic Clarity patients - -In addition to the tables created by the analysis tasks, the AnyID_EpicClarity job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Epic Clarity Patients | This report highlights Epic Clarity Patients and summarizes attribute completion by patient identity and by attribute. | None | This report is comprised of four elements: - Table – Contains information on Epic Clarity patients - Bar Chart – Provides information on subject types - Table – Contains information on the attributes summary - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/12.0/solutions/anyid/anyid-paycom.md b/docs/accessanalyzer/12.0/solutions/anyid/anyid-paycom.md deleted file mode 100644 index cf04c262a1..0000000000 --- a/docs/accessanalyzer/12.0/solutions/anyid/anyid-paycom.md +++ /dev/null @@ -1,142 +0,0 @@ -# AnyID_Paycom Job - -The AnyID_Paycom job pulls employee information from Paycom including name, address, date of Birth, -and SSN. Contact the organization's Paycom administrator in order to generate the CSV export -required for this job. The recommended approach is to copy the CSV file to the Access Analyzer -Console for best import performance. - -![AnyID_Paycom Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/anyid/paycomjoblocation.webp) - -The AnyID_Paycom job is located in the **Jobs** > **AnyID Connectors** job group. - -## Recommended Configurations for the AnyID_Paycom Job - -The following are recommended configurations for the AnyID_Paycom job: - -Dependencies - -None - -Targeted Host - -Local Host - -Connection Profile - -The AnyID_Paycom job does not require a connection profile. - -History Retention - -Default Retention Period. See the [History](/docs/accessanalyzer/12.0/administration/settings/history.md) topic for additional -information. - -Multi-Console Support - -Not supported - -Schedule Frequency - -This job should be run based on the desired frequency of Sensitive Data Scans. - -Query Configuration - -This job contains configurable queries. See the -[Configure the AnyID_Paycom Job](#configure-the-anyid_paycom-job) topic for additional information. - -Analysis Configuration - -Run the job with the default analysis configuration settings for best results. - -Workflow - -**Step 1 –** Prepare a CSV file from Paycom for import. - -**Step 2 –** Configure the configurable query parameters. - -**Step 3 –** Run the job. - -**Step 4 –** Review the report generated by the job. - -## Queries for the AnyID_Paycom Job - -The AnyID_Paycom job uses the PowerShell Data Collector for the query. - -![Queries for the AnyID_Paycom Job](/img/product_docs/accessanalyzer/solutions/anyid/paycomqueries.webp) - -The queries are: - -- Paycom CSV Import – Imports a CSV file with information from Paycom. This query has configurable - parameters. See the [Configure the AnyID_Paycom Job](#configure-the-anyid_paycom-job) topic for - additional information. - -### Configure the AnyID_Paycom Job - -Follow the steps to configure the AnyID_Paycom query. - -**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_Paycom** > **Configure** node and select -**Queries**. - -**Step 2 –** In the Query Selection view, select the Paycom CSV Import query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector -Wizard opens. - -![Edit Query Page](/img/product_docs/accessanalyzer/solutions/anyid/paycomqueryeditquery.webp) - -**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of -the page to expand the Parameters window. See the -[PowerShell: Edit Query](/docs/accessanalyzer/12.0/data-collection/powershell/edit-query.md) topic for additional -information. Configure the following attributes as needed: - -- $SAHOSTNAME – Created during execution. This parameter cannot be modified. -- $JobCredential – Created during execution. This parameter cannot be modified. -- $JobCredentials – Created during execution. This parameter cannot be modified. -- $inputfile – File path to the CSV file which contains the identity and attribute information -- $Attributes – The list of attributes that will be scanned for during sensitive data scanning - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $RequiredAttributes – The list of attributes that need to be found in the document in order to - trigger a match - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $ID – Column which uniquely identifies each subject -- $SubjectType – Either a reference to a column in the csv file or a string which indicates the type - of subjects being imported -- $SubjectName – Either a reference to a column in the csv file or a string which indicates the name - of the subjects being imported -- $batchSize – The number of rows to process in a batch. Leave at default unless otherwise required. -- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes - -**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save -changes. Click **Cancel** to exit the wizard without saving changes. - -The query is now ready to run. - -## Analysis Tasks for the AnyID_Paycom Job - -Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_Paycom** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AnyID_Paycom Job](/img/product_docs/accessanalyzer/solutions/anyid/paycomanalyses.webp) - -The default analysis tasks are: - -- Create Subject Profile Types – Creates subject profile types -- Create Subject Profile Stored Procedure – Creates subject profile stored procedure -- Merge into Subject Profile schema – Merges into subject profile schema -- Calculate completion details – Calculates attribute completion for imported subjects - -In addition to the tables created by the analysis tasks, the AnyID_Paycom job produces the following -preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ---------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Paycom Imports | This report highlights subjects imported from the provided Paycom CSV file, and summarizes attribute completion. | None | This report is comprised of four elements: - Table – Contains information on imported subjects - Bar Chart – Provides information on subject types - Table – Contains information on the attribute summary - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/12.0/solutions/anyid/anyid-salesforce.md b/docs/accessanalyzer/12.0/solutions/anyid/anyid-salesforce.md deleted file mode 100644 index 4f90ec1ef9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/anyid/anyid-salesforce.md +++ /dev/null @@ -1,148 +0,0 @@ -# AnyID_Salesforce Job - -The AnyID_Salesforce job collects Salesforce contact details including phone, address, email, and -date of birth. This job requires API access to Salesforce in order to collect this information. The -list of collected attributes can be adjusted as necessary. - -![AnyID_Salesforce Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/anyid/salesforcejoblocation.webp) - -The AnyID_Salesforce job is located in the **Jobs** > **AnyID Connectors** job group. - -## Prerequisites - -The following credentials are required to run the AnyID_Salesforce job: - -- (TASK - Local) – Stores the Consumer Key and Consumer Secret -- (TASK - Local) – Stores the Salesforce Account Username and password -- (TASK - Local) – Stores the URL for Salesforce site and Security Token for Salesforce site (for - example, `https://company.my.salesforce.com`) - -## Permissions - -- API access to Salesforce - -## Recommended Configurations for the AnyID_Salesforce Job - -The following are recommended configurations for the AnyID_Salesforce job: - -Targeted Host - -Local Host - -Connection Profile - -Ensure that a connection profile is configured with the required credentials. See the -[Prerequisites](#prerequisites) topic for additional information. - -History Retention - -Default Retention Period. See the [History](/docs/accessanalyzer/12.0/administration/settings/history.md) topic for additional -information. - -Multi-Console Support - -Not supported - -Schedule Frequency - -Schedule the job as required. - -Query Configuration - -This job contains configurable queries. See the -[Configure the AnyID_Salesforce Query](#configure-the-anyid_salesforce-query) topic for additional -information. - -Analysis Configuration - -Run the solution with the default analysis configuration for best results. - -Workflow - -**Step 1 –** Set up a connection profile with the required credentials. - -**Step 2 –** Configure the configurable query parameters for the job. - -**Step 3 –** Run the job. - -**Step 4 –** Review the report generated by the job. - -## Queries for the AnyID_Salesforce Job - -The AnyID_Salesforce job uses the PowerShell Data Collector for the query. - -![Query for the AnyID_Salesforce Job](/img/product_docs/accessanalyzer/solutions/anyid/salesforcequeries.webp) - -The query is: - -- PS Salesforce Import – Imports Salesforce information for analysis. This query has configurable - parameters. See the [Configure the AnyID_Salesforce Query](#configure-the-anyid_salesforce-query) - topic for additional information. - -### Configure the AnyID_Salesforce Query - -Follow the steps to configure the AnyID_Salesforce query. - -**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_Salesforce** > **Configure** node and -select **Queries**. - -**Step 2 –** In the Query Selection view, select the PS Salesforce Import query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector -Wizard opens. - -![Edit Query Page](/img/product_docs/accessanalyzer/solutions/anyid/salesforcequeryeditquery.webp) - -**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of -the page to expand the Parameters window. See the -[PowerShell: Edit Query](/docs/accessanalyzer/12.0/data-collection/powershell/edit-query.md) topic for additional -information. Configure the following attributes as needed: - -- $SAHOSTNAME – Created during execution. This parameter cannot be modified. -- $JobCredential – Created during execution. This parameter cannot be modified. -- $JobCredentials – Created during execution. This parameter cannot be modified. -- $Attributes – The list of attributes that will be scanned for during sensitive data scanning - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $RequiredAttributes – The list of attributes that need to be found in the document in order to - trigger a match - - - An attribute in the Attributes list will not be considered a match (in reporting and AIC) - unless an attribute in the RequiredAttributes list is also found in the same file - -- $ID – Column which uniquely identifies each subject -- $SubjectType – A string which indicates the type of subjects being imported -- $SubjectName – A string which indicates the name of the subjects being imported -- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes - -**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save -changes. Click **Cancel** to exit the wizard without saving changes. - -The query is now ready to run. - -## Analysis Tasks for the AnyID_Salesforce Job - -Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_Salesforce** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AnyID_Salesforce Job](/img/product_docs/accessanalyzer/solutions/anyid/salesforceanalyses.webp) - -The default analysis tasks are: - -- Create Subject Profile Types – Creates subject profile types -- Create Subject Profile Imports Procedure – Creates subject profile imports procedure -- Merge into Subject Profile schema – Merges into subject profile schema -- Calculate completion details – Calculates attribute completion for Salesforce contacts - -In addition to the tables created by the analysis tasks, the AnyID_Salesforce job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ----------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Salesforce Contacts | This report highlights Salesforce Contacts and summarizes attribute completion by contact and by attribute. | None | This report is comprised of four elements: - Table – Contains information on Salesforce contacts - Bar Chart – Provides information on contact types - Table – Contains information on the attributes completion - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/12.0/solutions/anyid/anyid_csv.md b/docs/accessanalyzer/12.0/solutions/anyid/anyid_csv.md new file mode 100644 index 0000000000..f84c1deb41 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/anyid/anyid_csv.md @@ -0,0 +1,146 @@ +# AnyID_CSV Job + +The AnyID_CSV job imports a list of identities and attributes from a CSV file. Use this when a +native integration may not be available, or an export is the best option. + +**_RECOMMENDED:_** Copy the CSV file to the Access Analyzer Console for the best import performance. + +![AnyID_CSV Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvjoblocation.webp) + +The AnyID_CSV job is located in the **Jobs** > **AnyID Connectors** job group. + +## Recommended Configurations for the AnyID_CSV Job + +The following are recommended configurations for the AnyID_CSV job: + +Dependencies + +None + +Targeted Host + +Local Host + +Connection Profile + +The AnyID_CSV job does not require a connection profile. + +History Retention + +Default Retention Period. See the [History](/docs/accessanalyzer/12.0/admin/settings/history.md) topic for additional +information. + +Multi-Console Support + +Not supported + +Schedule Frequency + +Schedule the job as required. + +Query Configuration + +This job contains configurable queries. See the +[Configure the AnyID_CSV Query](#configure-the-anyid_csvquery) topic for additional information. + +Analysis Configuration + +See the [Analysis Tasks for the AnyID_CSV Job](#analysis-tasks-for-the-anyid_csvjob) topic for +additional information. + +Workflow + +**Step 1 –** Prepare a CSV file for import. + +**Step 2 –** Configure the configurable query parameters. + +**Step 3 –** Run the job. + +**Step 4 –** Review the report generated by the job. + +## Queries for the AnyID_CSV Job + +The AnyID_CSV query uses the PowerShell Data Collector. + +![Queries for the AnyID_CSV Job](/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvqueries.webp) + +The query is: + +- CSV Import – Imports identities and attributes from a CSV file. See the + [Configure the AnyID_CSV Query](#configure-the-anyid_csvquery) topic for additional information. + +### Configure the AnyID_CSV Query + +Follow the steps to configure the AnyID_CSV query. + +![ The name of the source repository parameter on the job Overview page](/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvoverviewpage.webp) + +**Step 1 –** Navigate to and select the **AnyID Connectors** > **AnyID_CSV** node. In the +Configuration section of the job's Overview page, click the configure button for the **The name of +the source repository** parameter. In the Configure Window, enter the name of the source repository +where the list of identities and related attributes were retrieved from. + +**Step 2 –** Navigate to the **AnyID Connectors** > **AnyID_CSV** > **Configure** node and select +**Queries**. + +**Step 3 –** In the Query Selection view, select the CSV Import query and click **Query +Properties**. The Query Properties window opens. + +**Step 4 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector +Wizard opens. + +![Edit Query Page](/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvqueryeditquery.webp) + +**Step 5 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of +the page to expand the Parameters window. Configure the following attributes: + +**CAUTION:** The following attributes must be configured in order for the job to execute properly. + +- $inputfile – File path to the CSV file which contains the identity and attribute information +- $RequiredAttributes – The list of attributes that need to be found in the document in order to + trigger a match + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $Attributes – The list of attributes that will be scanned for during sensitive data scanning + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $ID – Column which uniquely identifies each subject +- $SubjectType – Either a reference to a column in the CSV file or a string which indicates the type + of subjects being imported +- $batchSize – (Optional) The number of rows to process in a batch. Leave at default unless + otherwise required. +- $debugMode – (Optional) When set to true, stores unhashed attribute values for troubleshooting + purposes + +**Step 6 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save +changes. Click **Cancel** to exit the wizard without saving changes. + +The query is now ready to run. + +## Analysis Tasks for the AnyID_CSV Job + +Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_CSV** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AnyID_CSV Job](/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvanalyses.webp) + +The default analysis tasks are: + +- Create Subject Profile Type – Creates subject profile type +- Create Subject Profile Stored Procedure – Creates subject profile stored procedure +- Merge into Subject Profile schema – Merges into subject profile schema +- Calculate completion details – Calculates attribute completion for imported subjects + +In addition to the tables created by the analysis tasks, the AnyID_CSV job produces the following +preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | --------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| CSV Imports | This report highlights subjects imported from the provided CSV file, and summarizes attribute completion. | None | This report is comprised of four elements: - Table – Contains information on imported subjects - Bar Chart – Provides information on subject types - Table – Contains information on the attributes summary - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/12.0/solutions/anyid/anyid_epicclarity.md b/docs/accessanalyzer/12.0/solutions/anyid/anyid_epicclarity.md new file mode 100644 index 0000000000..f2f7848877 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/anyid/anyid_epicclarity.md @@ -0,0 +1,143 @@ +# AnyID_EpicClarity Job + +The AnyID_EpicClarity job collects patient information from Epic including MRNs, SSNs, Subscriber +IDs, and Account IDs. An account with read access to the underlying Clarity Oracle database is +required in order to run queries. + +![AnyID_EpicClarity Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityjoblocation.webp) + +The AnyID_EpicClarity job is located in the **Jobs** > **AnyID Connectors** job group. + +## Recommended Configurations for the AnyID_EpicClarity Job + +The following are recommended configurations for the AnyID_EpicClarity job: + +Dependencies + +The AnyID_EpicClarity job requires a CSV file with a filepath configured in the job's query to +collect data. See the +[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for +additional information. + +Targeted Host + +Epic Clarity Database Server + +Connection Profile + +Read Access to the underlying Clarity Oracle database. + +History Retention + +Default Retention Period. See the [History](/docs/accessanalyzer/12.0/admin/settings/history.md) topic for additional +information. + +Multi-Console Support + +Not supported + +Schedule Frequency + +This job should be run based on the desired frequency of Sensitive Data Scans. + +Query Configuration + +This job contains configurable queries. See the Configure the +[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for +additional information. + +Analysis Configuration + +Run the solution with the default analysis configuration for best results. + +Workflow + +**Step 1 –** Configure the configurable query parameters for the job. + +**Step 2 –** Run the job. + +**Step 3 –** Review the report generated by the job. + +## Queries for the AnyID_EpicClarity Job + +The AnyID_EpicClarity job uses the PowerShell Data Collector for queries. + +![Queries for the AnyID_EpicClarity Job](/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityqueries.webp) + +The queries are: + +- Epic Clarity Patients – Imports Epic Clarity subject profile information for patients +- Epic Clarity Accounts – Imports Epic Clarity subject profile information on accounts +- Epic Clarity Coverage – Imports Epic Clarity subject profile information on coverage +- Epic Clarity Identity IDs – Imports Epic Clarity subject profile information on identity IDs + +The above queries have configurable parameters. See the +[Configure the AnyID_EpicClarity Queries](#configure-the-anyid_epicclarity-queries) topic for +additional information. + +### Configure the AnyID_EpicClarity Queries + +Follow the steps to configure the AnyID_EpicClarity queries. + +**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_EpicClarity** > **Configure** node and +select **Queries**. + +**Step 2 –** In the Query Selection view, select a query and click **Query Properties**. The Query +Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector +Wizard opens. + +![Edit Query Page](/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityqueryeditquery.webp) + +**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of +the page to expand the Parameters window. See the +[PowerShell: Edit Query](/docs/accessanalyzer/12.0/admin/datacollector/powershell/editquery.md) topic for additional +information. Configure the following attributes as needed: + +- $portNumber – The port number used to access the Oracle Database Server +- $fetchCount – The number of rows to process in a batch. Leave at default unless otherwise + required. +- $Attributes – The list of attributes that will be scanned for during sensitive data scanning. + Default values are MRN, SSN, Name, Date of Birth, Subscriber ID, Identity ID, and Account ID. + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $RequiredAttributes – The list of attributes that need to be found in the document in order to + trigger a match. The default values are SSN, MRN, and IdentityID. + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes + +**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save +changes. Click **Cancel** to exit the wizard without saving changes. + +Repeat these steps for each query in the case that a non default port value is required. Once +completed, the queries are ready to run. + +## Analysis Tasks for the AnyID_EpicClarity Job + +Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_EpicClarity** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AnyID_EpicClarity Job](/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityanalyses.webp) + +The default analysis tasks are: + +- Create Subject Profile Types – Create subject profile types +- Create Subject Profile Imports Procedure – Create subject profile imports procedure +- Merge into Subject Profile schema – Merge into Subject Profile schema +- Calculate completion details – Calculates attribute completion for Epic Clarity patients + +In addition to the tables created by the analysis tasks, the AnyID_EpicClarity job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Epic Clarity Patients | This report highlights Epic Clarity Patients and summarizes attribute completion by patient identity and by attribute. | None | This report is comprised of four elements: - Table – Contains information on Epic Clarity patients - Bar Chart – Provides information on subject types - Table – Contains information on the attributes summary - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/12.0/solutions/anyid/anyid_paycom.md b/docs/accessanalyzer/12.0/solutions/anyid/anyid_paycom.md new file mode 100644 index 0000000000..05a505dfb9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/anyid/anyid_paycom.md @@ -0,0 +1,142 @@ +# AnyID_Paycom Job + +The AnyID_Paycom job pulls employee information from Paycom including name, address, date of Birth, +and SSN. Contact the organization's Paycom administrator in order to generate the CSV export +required for this job. The recommended approach is to copy the CSV file to the Access Analyzer +Console for best import performance. + +![AnyID_Paycom Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomjoblocation.webp) + +The AnyID_Paycom job is located in the **Jobs** > **AnyID Connectors** job group. + +## Recommended Configurations for the AnyID_Paycom Job + +The following are recommended configurations for the AnyID_Paycom job: + +Dependencies + +None + +Targeted Host + +Local Host + +Connection Profile + +The AnyID_Paycom job does not require a connection profile. + +History Retention + +Default Retention Period. See the [History](/docs/accessanalyzer/12.0/admin/settings/history.md) topic for additional +information. + +Multi-Console Support + +Not supported + +Schedule Frequency + +This job should be run based on the desired frequency of Sensitive Data Scans. + +Query Configuration + +This job contains configurable queries. See the +[Configure the AnyID_Paycom Job](#configure-the-anyid_paycom-job) topic for additional information. + +Analysis Configuration + +Run the job with the default analysis configuration settings for best results. + +Workflow + +**Step 1 –** Prepare a CSV file from Paycom for import. + +**Step 2 –** Configure the configurable query parameters. + +**Step 3 –** Run the job. + +**Step 4 –** Review the report generated by the job. + +## Queries for the AnyID_Paycom Job + +The AnyID_Paycom job uses the PowerShell Data Collector for the query. + +![Queries for the AnyID_Paycom Job](/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomqueries.webp) + +The queries are: + +- Paycom CSV Import – Imports a CSV file with information from Paycom. This query has configurable + parameters. See the [Configure the AnyID_Paycom Job](#configure-the-anyid_paycom-job) topic for + additional information. + +### Configure the AnyID_Paycom Job + +Follow the steps to configure the AnyID_Paycom query. + +**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_Paycom** > **Configure** node and select +**Queries**. + +**Step 2 –** In the Query Selection view, select the Paycom CSV Import query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector +Wizard opens. + +![Edit Query Page](/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomqueryeditquery.webp) + +**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of +the page to expand the Parameters window. See the +[PowerShell: Edit Query](/docs/accessanalyzer/12.0/admin/datacollector/powershell/editquery.md) topic for additional +information. Configure the following attributes as needed: + +- $SAHOSTNAME – Created during execution. This parameter cannot be modified. +- $JobCredential – Created during execution. This parameter cannot be modified. +- $JobCredentials – Created during execution. This parameter cannot be modified. +- $inputfile – File path to the CSV file which contains the identity and attribute information +- $Attributes – The list of attributes that will be scanned for during sensitive data scanning + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $RequiredAttributes – The list of attributes that need to be found in the document in order to + trigger a match + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $ID – Column which uniquely identifies each subject +- $SubjectType – Either a reference to a column in the csv file or a string which indicates the type + of subjects being imported +- $SubjectName – Either a reference to a column in the csv file or a string which indicates the name + of the subjects being imported +- $batchSize – The number of rows to process in a batch. Leave at default unless otherwise required. +- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes + +**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save +changes. Click **Cancel** to exit the wizard without saving changes. + +The query is now ready to run. + +## Analysis Tasks for the AnyID_Paycom Job + +Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_Paycom** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AnyID_Paycom Job](/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomanalyses.webp) + +The default analysis tasks are: + +- Create Subject Profile Types – Creates subject profile types +- Create Subject Profile Stored Procedure – Creates subject profile stored procedure +- Merge into Subject Profile schema – Merges into subject profile schema +- Calculate completion details – Calculates attribute completion for imported subjects + +In addition to the tables created by the analysis tasks, the AnyID_Paycom job produces the following +preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ---------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Paycom Imports | This report highlights subjects imported from the provided Paycom CSV file, and summarizes attribute completion. | None | This report is comprised of four elements: - Table – Contains information on imported subjects - Bar Chart – Provides information on subject types - Table – Contains information on the attribute summary - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/12.0/solutions/anyid/anyid_salesforce.md b/docs/accessanalyzer/12.0/solutions/anyid/anyid_salesforce.md new file mode 100644 index 0000000000..831174f3dc --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/anyid/anyid_salesforce.md @@ -0,0 +1,148 @@ +# AnyID_Salesforce Job + +The AnyID_Salesforce job collects Salesforce contact details including phone, address, email, and +date of birth. This job requires API access to Salesforce in order to collect this information. The +list of collected attributes can be adjusted as necessary. + +![AnyID_Salesforce Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforcejoblocation.webp) + +The AnyID_Salesforce job is located in the **Jobs** > **AnyID Connectors** job group. + +## Prerequisites + +The following credentials are required to run the AnyID_Salesforce job: + +- (TASK - Local) – Stores the Consumer Key and Consumer Secret +- (TASK - Local) – Stores the Salesforce Account Username and password +- (TASK - Local) – Stores the URL for Salesforce site and Security Token for Salesforce site (for + example, `https://company.my.salesforce.com`) + +## Permissions + +- API access to Salesforce + +## Recommended Configurations for the AnyID_Salesforce Job + +The following are recommended configurations for the AnyID_Salesforce job: + +Targeted Host + +Local Host + +Connection Profile + +Ensure that a connection profile is configured with the required credentials. See the +[Prerequisites](#prerequisites) topic for additional information. + +History Retention + +Default Retention Period. See the [History](/docs/accessanalyzer/12.0/admin/settings/history.md) topic for additional +information. + +Multi-Console Support + +Not supported + +Schedule Frequency + +Schedule the job as required. + +Query Configuration + +This job contains configurable queries. See the +[Configure the AnyID_Salesforce Query](#configure-the-anyid_salesforce-query) topic for additional +information. + +Analysis Configuration + +Run the solution with the default analysis configuration for best results. + +Workflow + +**Step 1 –** Set up a connection profile with the required credentials. + +**Step 2 –** Configure the configurable query parameters for the job. + +**Step 3 –** Run the job. + +**Step 4 –** Review the report generated by the job. + +## Queries for the AnyID_Salesforce Job + +The AnyID_Salesforce job uses the PowerShell Data Collector for the query. + +![Query for the AnyID_Salesforce Job](/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforcequeries.webp) + +The query is: + +- PS Salesforce Import – Imports Salesforce information for analysis. This query has configurable + parameters. See the [Configure the AnyID_Salesforce Query](#configure-the-anyid_salesforce-query) + topic for additional information. + +### Configure the AnyID_Salesforce Query + +Follow the steps to configure the AnyID_Salesforce query. + +**Step 1 –** Navigate to the **AnyID Connectors** > **AnyID_Salesforce** > **Configure** node and +select **Queries**. + +**Step 2 –** In the Query Selection view, select the PS Salesforce Import query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The PowerShell Data Collector +Wizard opens. + +![Edit Query Page](/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforcequeryeditquery.webp) + +**Step 4 –** Navigate to the Edit Query page. Click the **Parameters** tab on the right-hand side of +the page to expand the Parameters window. See the +[PowerShell: Edit Query](/docs/accessanalyzer/12.0/admin/datacollector/powershell/editquery.md) topic for additional +information. Configure the following attributes as needed: + +- $SAHOSTNAME – Created during execution. This parameter cannot be modified. +- $JobCredential – Created during execution. This parameter cannot be modified. +- $JobCredentials – Created during execution. This parameter cannot be modified. +- $Attributes – The list of attributes that will be scanned for during sensitive data scanning + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $RequiredAttributes – The list of attributes that need to be found in the document in order to + trigger a match + + - An attribute in the Attributes list will not be considered a match (in reporting and AIC) + unless an attribute in the RequiredAttributes list is also found in the same file + +- $ID – Column which uniquely identifies each subject +- $SubjectType – A string which indicates the type of subjects being imported +- $SubjectName – A string which indicates the name of the subjects being imported +- $debugMode – When set to true, stores unhashed attribute values for troubleshooting purposes + +**Step 5 –** Click **Next**. Continue to the **Sample server** page and click **Finish** to save +changes. Click **Cancel** to exit the wizard without saving changes. + +The query is now ready to run. + +## Analysis Tasks for the AnyID_Salesforce Job + +Navigate to the **Jobs** > **AnyID Connectors** > **AnyID_Salesforce** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AnyID_Salesforce Job](/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforceanalyses.webp) + +The default analysis tasks are: + +- Create Subject Profile Types – Creates subject profile types +- Create Subject Profile Imports Procedure – Creates subject profile imports procedure +- Merge into Subject Profile schema – Merges into subject profile schema +- Calculate completion details – Calculates attribute completion for Salesforce contacts + +In addition to the tables created by the analysis tasks, the AnyID_Salesforce job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ----------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Salesforce Contacts | This report highlights Salesforce Contacts and summarizes attribute completion by contact and by attribute. | None | This report is comprised of four elements: - Table – Contains information on Salesforce contacts - Bar Chart – Provides information on contact types - Table – Contains information on the attributes completion - Table – Contains information on subject details | diff --git a/docs/accessanalyzer/12.0/solutions/anyid/overview.md b/docs/accessanalyzer/12.0/solutions/anyid/overview.md index 0b4aefbc5f..832cdf49f1 100644 --- a/docs/accessanalyzer/12.0/solutions/anyid/overview.md +++ b/docs/accessanalyzer/12.0/solutions/anyid/overview.md @@ -29,10 +29,10 @@ activities involve consumer, patient, resident, and other subject data. ## Location The AnyID Connectors Solution requires a special Access Analyzer license. It can be installed from -the Instant Job Wizard. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic +the Instant Job Wizard. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional information. -![AnyID Connectors Solution in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![AnyID Connectors Solution in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/anyid/jobstree.webp) Once installed into the Jobs tree, navigate to the solution: **Jobs** > **AnyID Connectors**. @@ -48,19 +48,19 @@ attributes about potential subjects which are then used by Access Analyzer’s S Discovery engine to perform exact data matching against virtually any cloud or on-premises data repository. -![AnyID Connectors Solution Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![AnyID Connectors Solution Overview page](/img/product_docs/accessanalyzer/12.0/solutions/anyid/overviewpage.webp) The jobs in the AnyID Connectors Solution are: -- [AnyID_CSV Job](/docs/accessanalyzer/12.0/solutions/anyid/anyid-csv.md) – Imports a list of identities and attributes from a CSV file. Use +- [AnyID_CSV Job](/docs/accessanalyzer/12.0/solutions/anyid/anyid_csv.md) – Imports a list of identities and attributes from a CSV file. Use this when a native integration may not be available, or an export is the best option. -- [AnyID_EpicClarity Job](/docs/accessanalyzer/12.0/solutions/anyid/anyid-epicclarity.md) – Collects patient information from Epic including +- [AnyID_EpicClarity Job](/docs/accessanalyzer/12.0/solutions/anyid/anyid_epicclarity.md) – Collects patient information from Epic including MRNs, SSNs, Subscriber IDs, and Account IDs. An account with read access to the underlying Clarity Oracle database is required in order to run queries. -- [AnyID_Paycom Job](/docs/accessanalyzer/12.0/solutions/anyid/anyid-paycom.md) – Pulls employee information from Paycom including Name, +- [AnyID_Paycom Job](/docs/accessanalyzer/12.0/solutions/anyid/anyid_paycom.md) – Pulls employee information from Paycom including Name, Address, Date of Birth, and SSN. Contact your Paycom administrator in order to generate the CSV export required for this job. -- [AnyID_Salesforce Job](/docs/accessanalyzer/12.0/solutions/anyid/anyid-salesforce.md) – Collects Salesforce Contact details including Phone, +- [AnyID_Salesforce Job](/docs/accessanalyzer/12.0/solutions/anyid/anyid_salesforce.md) – Collects Salesforce Contact details including Phone, Address, Email, and Date of birth. This job requires API access to Salesforce in order to collect this information. diff --git a/docs/accessanalyzer/12.0/solutions/aws/collection/1.aws-orgscan.md b/docs/accessanalyzer/12.0/solutions/aws/collection/1.aws-orgscan.md deleted file mode 100644 index 7302381e63..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/collection/1.aws-orgscan.md +++ /dev/null @@ -1,43 +0,0 @@ -# 1.AWS_OrgScan Job - -The 1.AWS_OrgScan job collects details about the AWS Organization including password policies and -accounts within the organization. - -## Queries for the 1.AWS_OrgScan Job - -The Org Scan query uses the AWS Data Collector to target all AWS instances and has been -preconfigured to use the Collect Org Data category. - -![Queries for the 1.AWS_OrgScan Job](/img/product_docs/accessanalyzer/solutions/aws/collection/orgscanqueries.webp) - -The 1.AWS_OrgScan job has the following configurable query: - -- Org Scan – Collects AWS Organization level information - -### Configure the Org Scan Query - -The Org Scan query in the 1.AWS_OrgScan job has been preconfigured to run with the default settings -with the category of Collect Org Data. Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **AWS** > **0.Collection** > **1.AWS_OrgScan** > **Configure** node and -select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data -Collector Wizard opens. - -![AWS Data Collector Login Roles wizard page](/img/product_docs/accessanalyzer/admin/datacollector/aws/loginroles.webp) - -**Step 4 –** On the Login Roles page, add the created AWS Roles: - -- Enter the Role in the Role Name field and click **Add** -- Alternatively, import multiple Roles from a CSV file -- See the [Configure AWS for Scans](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md) topic for additional - information - -**Step 5 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if -no changes were made. Then click **OK** to close the Query Properties window. - -If changes were saved, the 1.AWS_OrgScans Job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/aws/collection/1.aws_orgscan.md b/docs/accessanalyzer/12.0/solutions/aws/collection/1.aws_orgscan.md new file mode 100644 index 0000000000..801b1b4838 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/collection/1.aws_orgscan.md @@ -0,0 +1,43 @@ +# 1.AWS_OrgScan Job + +The 1.AWS_OrgScan job collects details about the AWS Organization including password policies and +accounts within the organization. + +## Queries for the 1.AWS_OrgScan Job + +The Org Scan query uses the AWS Data Collector to target all AWS instances and has been +preconfigured to use the Collect Org Data category. + +![Queries for the 1.AWS_OrgScan Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/orgscanqueries.webp) + +The 1.AWS_OrgScan job has the following configurable query: + +- Org Scan – Collects AWS Organization level information + +### Configure the Org Scan Query + +The Org Scan query in the 1.AWS_OrgScan job has been preconfigured to run with the default settings +with the category of Collect Org Data. Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **AWS** > **0.Collection** > **1.AWS_OrgScan** > **Configure** node and +select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data +Collector Wizard opens. + +![AWS Data Collector Login Roles wizard page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.webp) + +**Step 4 –** On the Login Roles page, add the created AWS Roles: + +- Enter the Role in the Role Name field and click **Add** +- Alternatively, import multiple Roles from a CSV file +- See the [Configure AWS for Scans](/docs/accessanalyzer/12.0/requirements/target/config/aws.md) topic for additional + information + +**Step 5 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if +no changes were made. Then click **OK** to close the Query Properties window. + +If changes were saved, the 1.AWS_OrgScans Job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws-s3scan.md b/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws-s3scan.md deleted file mode 100644 index f7e6d1a385..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws-s3scan.md +++ /dev/null @@ -1,67 +0,0 @@ -# 2.AWS_S3Scan Job - -The 2.AWS_S3Scan job collects details about the AWS S3 buckets including details about the objects -in those buckets. - -## Queries for the 2.AWS_S3Scan Job - -The S3 Scan query uses the AWS Data Collector to target all AWS instances and has been preconfigured -to use the Collect S3 category. - -![Query Selection page](/img/product_docs/accessanalyzer/solutions/aws/collection/s3scanqueries.webp) - -The 2.AWS_S3Scan job has the following configurable query: - -- S3 Scan – Collects information about the AWS S3 buckets and objects - -### Configure the S3 Scan Query - -The S3 Scan query in the 2.AWS_S3 Scan job has been preconfigured to run with the default settings -with the category of Collect S3. Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **AWS** > **0.Collection** > **2.AWS_S3Scan** > **Configure** node and -select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data -Collector Wizard opens. - -![AWS Data Collector Login Roles wizard page](/img/product_docs/accessanalyzer/admin/datacollector/aws/loginroles.webp) - -**Step 4 –** On the Login Roles page, add the created AWS Roles: - -- Enter the Role in the Role Name field and click **Add** -- Alternatively, import multiple Roles from a CSV file -- See the [Configure AWS for Scans](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md) topic for additional - information - -![AWS Data Collector Filter S3 Objects wizard page](/img/product_docs/accessanalyzer/admin/datacollector/aws/filters3objects.webp) - -**Step 5 –** On the Filter S3 Objects page, scope the scan to target specific S3 objects: - -- Click **Add** to select from AWS Buckets in the target environment -- Alternatively, click **Add Custom Filter** to configure a custom filter as a text string -- See the [AWS: Filter S3 Objects](/docs/accessanalyzer/12.0/data-collection/aws/filter-s3-objects.md) topic for - additional information - -**Step 6 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if -no changes were made. Then click **OK** to close the Query Properties window. - -If changes were saved, the 2.AWS_S3Scan Job has now been customized. - -## Analysis Tasks for the 2.AWS_S3Scan Job - -Navigate to the **AWS** > **0.Collection** > **2.AWS_S3Scan** > **Configure** node and select -**Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the 2.AWS_S3Scan Job](/img/product_docs/accessanalyzer/solutions/aws/collection/s3scananaylsistasks.webp) - -The following analysis task is selected by default: - -- AIC AWS S3 Bucket Permissions Import – Imports AWS S3 Bucket permissions into the Access - Information Center diff --git a/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws_s3scan.md b/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws_s3scan.md new file mode 100644 index 0000000000..ecfb673824 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws_s3scan.md @@ -0,0 +1,67 @@ +# 2.AWS_S3Scan Job + +The 2.AWS_S3Scan job collects details about the AWS S3 buckets including details about the objects +in those buckets. + +## Queries for the 2.AWS_S3Scan Job + +The S3 Scan query uses the AWS Data Collector to target all AWS instances and has been preconfigured +to use the Collect S3 category. + +![Query Selection page](/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3scanqueries.webp) + +The 2.AWS_S3Scan job has the following configurable query: + +- S3 Scan – Collects information about the AWS S3 buckets and objects + +### Configure the S3 Scan Query + +The S3 Scan query in the 2.AWS_S3 Scan job has been preconfigured to run with the default settings +with the category of Collect S3. Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **AWS** > **0.Collection** > **2.AWS_S3Scan** > **Configure** node and +select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data +Collector Wizard opens. + +![AWS Data Collector Login Roles wizard page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.webp) + +**Step 4 –** On the Login Roles page, add the created AWS Roles: + +- Enter the Role in the Role Name field and click **Add** +- Alternatively, import multiple Roles from a CSV file +- See the [Configure AWS for Scans](/docs/accessanalyzer/12.0/requirements/target/config/aws.md) topic for additional + information + +![AWS Data Collector Filter S3 Objects wizard page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.webp) + +**Step 5 –** On the Filter S3 Objects page, scope the scan to target specific S3 objects: + +- Click **Add** to select from AWS Buckets in the target environment +- Alternatively, click **Add Custom Filter** to configure a custom filter as a text string +- See the [AWS: Filter S3 Objects](/docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.md) topic for + additional information + +**Step 6 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if +no changes were made. Then click **OK** to close the Query Properties window. + +If changes were saved, the 2.AWS_S3Scan Job has now been customized. + +## Analysis Tasks for the 2.AWS_S3Scan Job + +Navigate to the **AWS** > **0.Collection** > **2.AWS_S3Scan** > **Configure** node and select +**Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the 2.AWS_S3Scan Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3scananaylsistasks.webp) + +The following analysis task is selected by default: + +- AIC AWS S3 Bucket Permissions Import – Imports AWS S3 Bucket permissions into the Access + Information Center diff --git a/docs/accessanalyzer/12.0/solutions/aws/collection/3.aws-iamscan.md b/docs/accessanalyzer/12.0/solutions/aws/collection/3.aws-iamscan.md deleted file mode 100644 index 0594c91b76..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/collection/3.aws-iamscan.md +++ /dev/null @@ -1,57 +0,0 @@ -# 3.AWS_IAMScan Job - -The 3.AWS_IAMScan job collects details about users, groups, policies, roles, and other IAM related -identities. - -## Queries for the 3.AWS_IAMScan Job - -The IAM Scan query uses the AWS Data Collector to target all AWS instances and has been -preconfigured to use the Collect IAM Data category. - -![Queries for the 3.AWS_IAMScan Job](/img/product_docs/accessanalyzer/solutions/aws/collection/iamscanqueries.webp) - -The 3.AWS_IAMScan job has the following configurable query: - -- IAM Scan – Scans AWS S3 for information on IAM related identities - -### Configure the IAM Scan Query - -The IAM Scan query in the 3.AWS_IAMScan job has been preconfigured to run with the default settings -with the category of Collect IAM Data. Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **AWS** > **0.Collection** > **3.AWS_IAMScan** > **Configure** node and -select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data -Collector Wizard opens. - -![AWS Data Collector Login Roles wizard page](/img/product_docs/accessanalyzer/admin/datacollector/aws/loginroles.webp) - -**Step 4 –** On the Login Roles page, add the created AWS Roles: - -- Enter the Role in the Role Name field and click **Add** -- Alternatively, import multiple Roles from a CSV file -- See the [Configure AWS for Scans](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md) topic for additional - information - -**Step 5 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if -no changes were made. Then click **OK** to close the Query Properties window. - -If changes were saved, the 3.AWS_IAMScan job has now been customized. - -## Analysis Tasks for the 3.AWS_IAM Scan Job - -View the analysis tasks by navigating to the **AWS** > **0.Collection** > **3.AWS_IAMScan** > -**Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the 3.AWS_IAM Scan Job](/img/product_docs/accessanalyzer/solutions/aws/collection/iamscananalysistasks.webp) - -The following analysis task is selected by default: - -- AWS Views – Creates the AWS Views table diff --git a/docs/accessanalyzer/12.0/solutions/aws/collection/3.aws_iamscan.md b/docs/accessanalyzer/12.0/solutions/aws/collection/3.aws_iamscan.md new file mode 100644 index 0000000000..580e3ada09 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/collection/3.aws_iamscan.md @@ -0,0 +1,57 @@ +# 3.AWS_IAMScan Job + +The 3.AWS_IAMScan job collects details about users, groups, policies, roles, and other IAM related +identities. + +## Queries for the 3.AWS_IAMScan Job + +The IAM Scan query uses the AWS Data Collector to target all AWS instances and has been +preconfigured to use the Collect IAM Data category. + +![Queries for the 3.AWS_IAMScan Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/iamscanqueries.webp) + +The 3.AWS_IAMScan job has the following configurable query: + +- IAM Scan – Scans AWS S3 for information on IAM related identities + +### Configure the IAM Scan Query + +The IAM Scan query in the 3.AWS_IAMScan job has been preconfigured to run with the default settings +with the category of Collect IAM Data. Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **AWS** > **0.Collection** > **3.AWS_IAMScan** > **Configure** node and +select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data +Collector Wizard opens. + +![AWS Data Collector Login Roles wizard page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.webp) + +**Step 4 –** On the Login Roles page, add the created AWS Roles: + +- Enter the Role in the Role Name field and click **Add** +- Alternatively, import multiple Roles from a CSV file +- See the [Configure AWS for Scans](/docs/accessanalyzer/12.0/requirements/target/config/aws.md) topic for additional + information + +**Step 5 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if +no changes were made. Then click **OK** to close the Query Properties window. + +If changes were saved, the 3.AWS_IAMScan job has now been customized. + +## Analysis Tasks for the 3.AWS_IAM Scan Job + +View the analysis tasks by navigating to the **AWS** > **0.Collection** > **3.AWS_IAMScan** > +**Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the 3.AWS_IAM Scan Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/iamscananalysistasks.webp) + +The following analysis task is selected by default: + +- AWS Views – Creates the AWS Views table diff --git a/docs/accessanalyzer/12.0/solutions/aws/collection/4.aws-s3sddscan.md b/docs/accessanalyzer/12.0/solutions/aws/collection/4.aws-s3sddscan.md deleted file mode 100644 index 5cb1347d1e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/collection/4.aws-s3sddscan.md +++ /dev/null @@ -1,92 +0,0 @@ -# 4.AWS_S3SDDScan Job - -The 4.AWS_S3SDDScan job collects details about S3 objects containing sensitive data. - -## Queries for the 4.AWS_S3SDDScan Job - -The AWS S3 Sensitive Data Scan query uses the AWS Data Collector to target all AWS instances and has -been preconfigured to use the Collect SDD Data category. - -![Queries for the 4.AWS_S3SDDScan Job](/img/product_docs/accessanalyzer/solutions/aws/collection/s3sddscanqueries.webp) - -The 4.AWS_S3SDDScan job has the following configurable query: - -- AWS S3 Sensitive Data Scan – Scans AWS objects for sensitive data - -### Configure the AWS S3 Sensitive Data Scan Query - -The AWS S3 Sensitive Data Scan query in the 4.AWS_S3SDDScan job has been preconfigured to run with -the default settings with the category of Collect SDD Data. Follow the steps to set any desired -customizations. - -**Step 1 –** Navigate to the **AWS** > **0.Collection** > **4.AWS_S3SDD Scan** > **Configure** node -and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data -Collector Wizard opens. - -![AWS Data Collector Filter S3 Objects wizard page](/img/product_docs/accessanalyzer/admin/datacollector/aws/filters3objects.webp) - -**Step 4 –** On the Filter S3 Objects page, scope the scan to target specific S3 objects: - -- Click **Add** to select from AWS Buckets in the target environment -- Alternatively, click **Add Custom Filter** to configure a custom filter as a text string -- See the [AWS: Filter S3 Objects](/docs/accessanalyzer/12.0/data-collection/aws/filter-s3-objects.md) topic for - additional information - -![AWS Data Collector Sensitive Data Settings wizard page](/img/product_docs/accessanalyzer/solutions/aws/collection/s3sddsensitivedata.webp) - -**Step 5 –** On the Sensitive Data Settings page, configure the following options: - -- Modify maximum file size to be scanned -- Add scanning offline files -- Modify file types to be scanned -- Enable differential scanning -- Modify the number of SDD scan processes - - **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host - should be 1 to 2 times the number of CPU threads available. - -- Enable Optical Character Recognition (OCR) scans - - **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents - directly converted to images, with standard fonts. It will not work for scanning photos of - documents and may not be able to recognize text on images of credit cards, driver's licenses, or - other identity cards. - -![AWS Data Collector Select DLP criteria for this scan wizard page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -**Step 6 –** On the Criteria page, add or remove criteria as desired: - -- (Optional) Create custom criteria on the global **Settings** > **Sensitive Data** Node -- See - the[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) - topic for additional information and instructions - -**NOTE:** By default, discovered sensitive data strings are stored in the Access Analyzer database. - -**Step 7 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if -no changes were made. Then click **OK** to close the Query Properties window. - -If changes were saved, the 4.AWS_S3SDDScan Job has now been customized. - -## Analysis Tasks for the 4.AWS_S3SDD Scan Job - -View the analysis tasks by navigating to the **AWS** > **0.Collection** > **4.AWS_S3SDDScan** > -**Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 4.AWS_S3SDD Scan Job](/img/product_docs/accessanalyzer/solutions/aws/collection/s3sddscananaylsistasks.webp) - -The following analysis tasks are selected by default: - -- AWS Sensitive Data Latest Match Counts View – Creates a view with the most recent scans of each - AWS file -- Match Hits View – Shows the AWS SDD match hits -- AIC AWS S3 Bucket SDD Import – Imports AWS S3 Bucket objects with sensitive data into the Access - Information Center diff --git a/docs/accessanalyzer/12.0/solutions/aws/collection/4.aws_s3sddscan.md b/docs/accessanalyzer/12.0/solutions/aws/collection/4.aws_s3sddscan.md new file mode 100644 index 0000000000..2c318cd001 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/collection/4.aws_s3sddscan.md @@ -0,0 +1,92 @@ +# 4.AWS_S3SDDScan Job + +The 4.AWS_S3SDDScan job collects details about S3 objects containing sensitive data. + +## Queries for the 4.AWS_S3SDDScan Job + +The AWS S3 Sensitive Data Scan query uses the AWS Data Collector to target all AWS instances and has +been preconfigured to use the Collect SDD Data category. + +![Queries for the 4.AWS_S3SDDScan Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3sddscanqueries.webp) + +The 4.AWS_S3SDDScan job has the following configurable query: + +- AWS S3 Sensitive Data Scan – Scans AWS objects for sensitive data + +### Configure the AWS S3 Sensitive Data Scan Query + +The AWS S3 Sensitive Data Scan query in the 4.AWS_S3SDDScan job has been preconfigured to run with +the default settings with the category of Collect SDD Data. Follow the steps to set any desired +customizations. + +**Step 1 –** Navigate to the **AWS** > **0.Collection** > **4.AWS_S3SDD Scan** > **Configure** node +and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Amazon Web Services Data +Collector Wizard opens. + +![AWS Data Collector Filter S3 Objects wizard page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.webp) + +**Step 4 –** On the Filter S3 Objects page, scope the scan to target specific S3 objects: + +- Click **Add** to select from AWS Buckets in the target environment +- Alternatively, click **Add Custom Filter** to configure a custom filter as a text string +- See the [AWS: Filter S3 Objects](/docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.md) topic for + additional information + +![AWS Data Collector Sensitive Data Settings wizard page](/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3sddsensitivedata.webp) + +**Step 5 –** On the Sensitive Data Settings page, configure the following options: + +- Modify maximum file size to be scanned +- Add scanning offline files +- Modify file types to be scanned +- Enable differential scanning +- Modify the number of SDD scan processes + + **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host + should be 1 to 2 times the number of CPU threads available. + +- Enable Optical Character Recognition (OCR) scans + + **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents + directly converted to images, with standard fonts. It will not work for scanning photos of + documents and may not be able to recognize text on images of credit cards, driver's licenses, or + other identity cards. + +![AWS Data Collector Select DLP criteria for this scan wizard page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.webp) + +**Step 6 –** On the Criteria page, add or remove criteria as desired: + +- (Optional) Create custom criteria on the global **Settings** > **Sensitive Data** Node +- See + the[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information and instructions + +**NOTE:** By default, discovered sensitive data strings are stored in the Access Analyzer database. + +**Step 7 –** On the Summary page, click **Finish** to save any modifications or click **Cancel** if +no changes were made. Then click **OK** to close the Query Properties window. + +If changes were saved, the 4.AWS_S3SDDScan Job has now been customized. + +## Analysis Tasks for the 4.AWS_S3SDD Scan Job + +View the analysis tasks by navigating to the **AWS** > **0.Collection** > **4.AWS_S3SDDScan** > +**Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 4.AWS_S3SDD Scan Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3sddscananaylsistasks.webp) + +The following analysis tasks are selected by default: + +- AWS Sensitive Data Latest Match Counts View – Creates a view with the most recent scans of each + AWS file +- Match Hits View – Shows the AWS SDD match hits +- AIC AWS S3 Bucket SDD Import – Imports AWS S3 Bucket objects with sensitive data into the Access + Information Center diff --git a/docs/accessanalyzer/12.0/solutions/aws/collection/overview.md b/docs/accessanalyzer/12.0/solutions/aws/collection/overview.md index 15e4c5a8d4..59d2193609 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/aws/collection/overview.md @@ -3,15 +3,15 @@ The 0.Collection job group scans and collects details on IAM and S3 buckets within an AWS organization. -![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/jobstree.webp) The 0.Collection Job Group is comprised of: -- [1.AWS_OrgScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/1.aws-orgscan.md) – Collects details about the AWS Organization including +- [1.AWS_OrgScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/1.aws_orgscan.md) – Collects details about the AWS Organization including password policies and accounts within the organization -- [2.AWS_S3Scan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws-s3scan.md) – Collects details about the AWS S3 buckets including details +- [2.AWS_S3Scan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws_s3scan.md) – Collects details about the AWS S3 buckets including details about the objects in those buckets -- [3.AWS_IAMScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/3.aws-iamscan.md) – Collects details about users, groups, policies, roles and +- [3.AWS_IAMScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/3.aws_iamscan.md) – Collects details about users, groups, policies, roles and other IAM related identities -- [4.AWS_S3SDDScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/4.aws-s3sddscan.md) – Collects details about S3 objects containing sensitive +- [4.AWS_S3SDDScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/4.aws_s3sddscan.md) – Collects details about S3 objects containing sensitive data diff --git a/docs/accessanalyzer/12.0/solutions/aws/groups/aws-groupmembers.md b/docs/accessanalyzer/12.0/solutions/aws/groups/aws-groupmembers.md deleted file mode 100644 index a300449207..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/groups/aws-groupmembers.md +++ /dev/null @@ -1,30 +0,0 @@ -# AWS_GroupMembers Job - -The AWS_GroupMembers job group provides details on AWS IAM group membership, orphaned groups (those -with no policy assigned to them), sensitive security group membership, and stale groups. - -## Analysis Tasks for the AWS_GroupMembers Job - -Navigate to the **AWS** > **3.Groups** > **AWS_GroupMembers** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_GroupMembers Job](/img/product_docs/accessanalyzer/solutions/aws/groups/groupmembersanalysis.webp) - -The following analysis tasks are selected by default: - -- Group Membership – Identifies groups and their members. Creates the AWS_GroupMember_Details table - accessible under the job’s Results node. -- Group Member Summary – Summarizes group member counts and number of policies applied to the - groups. Creates the AWS_GroupMember_Summary table accessible under the job’s Results node. - -## Report for the AWS_GroupMembers Job - -In addition to the tables and views created by the analysis task, the AWS_GroupMembers job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ------------- | ------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Members | This report identifies group members and summarizes policies applied to those groups. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays a summary of group members - Stacked Bar Chart – Displays a summary of group policies - Table – Provides details on groups | diff --git a/docs/accessanalyzer/12.0/solutions/aws/groups/aws-nopolicygroups.md b/docs/accessanalyzer/12.0/solutions/aws/groups/aws-nopolicygroups.md deleted file mode 100644 index f3fd9f6853..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/groups/aws-nopolicygroups.md +++ /dev/null @@ -1,29 +0,0 @@ -# AWS_NoPolicyGroups Job - -The AWS_NoPolicyGroups job provides details on groups that have no policies assigned to them. - -## Analysis Tasks for the AWS_NoPolicyGroups Job - -Navigate to the **AWS** > **3.Groups** > **AWS_NoPolicyGroups** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_NoPolicyGroups Job](/img/product_docs/accessanalyzer/solutions/aws/groups/nopolicygroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- No Policy Groups – Identifies groups that have no policies applied. Creates the - AWS_NoPolicyGroup_Details table accessible under the job’s Results node. -- No Policy Groups Summary – Summarizes no policy groups across AWS Organizations. Creates the - AWS_NoPolicyGroup_Summary table accessible under the job’s Results node. - -## Report for the AWS_NoPolicyGroups Job - -In addition to the tables and views created by the analysis task, the AWS_NoPolicyGroups job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------------------- | ----------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Groups With No Policies | This report identifies groups that do not have a policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by no policy group counts - Table – Shows no policy groups by accounts - Table – Provides details on no policy groups | diff --git a/docs/accessanalyzer/12.0/solutions/aws/groups/aws-stalegroups.md b/docs/accessanalyzer/12.0/solutions/aws/groups/aws-stalegroups.md deleted file mode 100644 index 217221cd20..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/groups/aws-stalegroups.md +++ /dev/null @@ -1,64 +0,0 @@ -# AWS_StaleGroups Job - -The AWS_StaleGroups job highlights groups that have members that are considered stale. The -definition for staleness is set by default to 60 days. This can be configured. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The AWS_StaleGroups job has the following configurable parameter: - -- Days without login to consider an account stale - -See the -[Customizable Analysis Tasks for the AWS_StaleGroups Job](#customizable-analysis-tasks-for-the-aws_stalegroups-job) -topic for additional information. - -## Analysis Tasks for the AWS_StaleGroups Job - -Navigate to the **AWS** > **3.Groups** > **AWS_StaleGroups** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for -this job. Only modify the analysis tasks listed in the customizable analysis tasks section. - -![Analysis Tasks for the AWS_StaleGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- Stale Group Details – Highlights the staleness of users in AWS groups. Creates the - AWS_StaleGroup_Details table accessible under the job’s Results node. - - - The number of days without login to consider an account stale can be customized. By default it - is set to 60. See the - [Customizable Analysis Tasks for the AWS_StaleGroups Job](#customizable-analysis-tasks-for-the-aws_stalegroups-job) - topic for additional information. - -- Stale Group Summary – Summarizes statistics for stale groups. Creates the AWS_StaleGroup_Summary - table accessible under the job’s Results node. -- Stale Groups AWS Summary – Summarizes stale groups by percentile for all of AWS - -### Customizable Analysis Tasks for the AWS_StaleGroups Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------- | --------------------------- | ------------- | ----------------------------------------------- | -| Stale Group Details | @StaleThreshold | 60 | Days without login to consider an account stale | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for instructions on how to modify parameters. - -## Report for the AWS_StaleGroups Job - -In addition to the tables and views created by the analysis task, the AWS_StaleGroups job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ------------ | --------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Groups | This report determines the staleness of group membership. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays group membership - Table – Shows group membership - Table – Provides details on group membership | diff --git a/docs/accessanalyzer/12.0/solutions/aws/groups/aws_groupmembers.md b/docs/accessanalyzer/12.0/solutions/aws/groups/aws_groupmembers.md new file mode 100644 index 0000000000..18e0957f98 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/groups/aws_groupmembers.md @@ -0,0 +1,30 @@ +# AWS_GroupMembers Job + +The AWS_GroupMembers job group provides details on AWS IAM group membership, orphaned groups (those +with no policy assigned to them), sensitive security group membership, and stale groups. + +## Analysis Tasks for the AWS_GroupMembers Job + +Navigate to the **AWS** > **3.Groups** > **AWS_GroupMembers** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_GroupMembers Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/groupmembersanalysis.webp) + +The following analysis tasks are selected by default: + +- Group Membership – Identifies groups and their members. Creates the AWS_GroupMember_Details table + accessible under the job’s Results node. +- Group Member Summary – Summarizes group member counts and number of policies applied to the + groups. Creates the AWS_GroupMember_Summary table accessible under the job’s Results node. + +## Report for the AWS_GroupMembers Job + +In addition to the tables and views created by the analysis task, the AWS_GroupMembers job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ------------- | ------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Members | This report identifies group members and summarizes policies applied to those groups. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays a summary of group members - Stacked Bar Chart – Displays a summary of group policies - Table – Provides details on groups | diff --git a/docs/accessanalyzer/12.0/solutions/aws/groups/aws_nopolicygroups.md b/docs/accessanalyzer/12.0/solutions/aws/groups/aws_nopolicygroups.md new file mode 100644 index 0000000000..92e688f751 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/groups/aws_nopolicygroups.md @@ -0,0 +1,29 @@ +# AWS_NoPolicyGroups Job + +The AWS_NoPolicyGroups job provides details on groups that have no policies assigned to them. + +## Analysis Tasks for the AWS_NoPolicyGroups Job + +Navigate to the **AWS** > **3.Groups** > **AWS_NoPolicyGroups** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_NoPolicyGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/nopolicygroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- No Policy Groups – Identifies groups that have no policies applied. Creates the + AWS_NoPolicyGroup_Details table accessible under the job’s Results node. +- No Policy Groups Summary – Summarizes no policy groups across AWS Organizations. Creates the + AWS_NoPolicyGroup_Summary table accessible under the job’s Results node. + +## Report for the AWS_NoPolicyGroups Job + +In addition to the tables and views created by the analysis task, the AWS_NoPolicyGroups job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------------------- | ----------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Groups With No Policies | This report identifies groups that do not have a policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by no policy group counts - Table – Shows no policy groups by accounts - Table – Provides details on no policy groups | diff --git a/docs/accessanalyzer/12.0/solutions/aws/groups/aws_stalegroups.md b/docs/accessanalyzer/12.0/solutions/aws/groups/aws_stalegroups.md new file mode 100644 index 0000000000..507b59e822 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/groups/aws_stalegroups.md @@ -0,0 +1,64 @@ +# AWS_StaleGroups Job + +The AWS_StaleGroups job highlights groups that have members that are considered stale. The +definition for staleness is set by default to 60 days. This can be configured. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The AWS_StaleGroups job has the following configurable parameter: + +- Days without login to consider an account stale + +See the +[Customizable Analysis Tasks for the AWS_StaleGroups Job](#customizable-analysis-tasks-for-the-aws_stalegroups-job) +topic for additional information. + +## Analysis Tasks for the AWS_StaleGroups Job + +Navigate to the **AWS** > **3.Groups** > **AWS_StaleGroups** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for +this job. Only modify the analysis tasks listed in the customizable analysis tasks section. + +![Analysis Tasks for the AWS_StaleGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/stalegroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- Stale Group Details – Highlights the staleness of users in AWS groups. Creates the + AWS_StaleGroup_Details table accessible under the job’s Results node. + + - The number of days without login to consider an account stale can be customized. By default it + is set to 60. See the + [Customizable Analysis Tasks for the AWS_StaleGroups Job](#customizable-analysis-tasks-for-the-aws_stalegroups-job) + topic for additional information. + +- Stale Group Summary – Summarizes statistics for stale groups. Creates the AWS_StaleGroup_Summary + table accessible under the job’s Results node. +- Stale Groups AWS Summary – Summarizes stale groups by percentile for all of AWS + +### Customizable Analysis Tasks for the AWS_StaleGroups Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------- | --------------------------- | ------------- | ----------------------------------------------- | +| Stale Group Details | @StaleThreshold | 60 | Days without login to consider an account stale | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on how to modify parameters. + +## Report for the AWS_StaleGroups Job + +In addition to the tables and views created by the analysis task, the AWS_StaleGroups job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ------------ | --------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Groups | This report determines the staleness of group membership. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays group membership - Table – Shows group membership - Table – Provides details on group membership | diff --git a/docs/accessanalyzer/12.0/solutions/aws/groups/overview.md b/docs/accessanalyzer/12.0/solutions/aws/groups/overview.md index 563fed381b..cdceeb7f5e 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/groups/overview.md +++ b/docs/accessanalyzer/12.0/solutions/aws/groups/overview.md @@ -3,13 +3,13 @@ The 3.Groups job group provides details on AWS IAM group membership, orphaned groups (those with no policy assigned to them), sensitive security group membership, and stale groups. -![3.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![3.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/jobstree.webp) The 3.Groups job group is comprised of: -- [AWS_GroupMembers Job](/docs/accessanalyzer/12.0/solutions/aws/groups/aws-groupmembers.md) – Provides details about group members and the +- [AWS_GroupMembers Job](/docs/accessanalyzer/12.0/solutions/aws/groups/aws_groupmembers.md) – Provides details about group members and the policies assigned to those groups -- [AWS_NoPolicyGroups Job](/docs/accessanalyzer/12.0/solutions/aws/groups/aws-nopolicygroups.md) – Provides details on groups that have no policies +- [AWS_NoPolicyGroups Job](/docs/accessanalyzer/12.0/solutions/aws/groups/aws_nopolicygroups.md) – Provides details on groups that have no policies assigned to them -- [AWS_StaleGroups Job](/docs/accessanalyzer/12.0/solutions/aws/groups/aws-stalegroups.md) – Highlights groups that have members that are +- [AWS_StaleGroups Job](/docs/accessanalyzer/12.0/solutions/aws/groups/aws_stalegroups.md) – Highlights groups that have members that are considered stale diff --git a/docs/accessanalyzer/12.0/solutions/aws/organizations/aws-accounts.md b/docs/accessanalyzer/12.0/solutions/aws/organizations/aws-accounts.md deleted file mode 100644 index fb3f6d3401..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/organizations/aws-accounts.md +++ /dev/null @@ -1,32 +0,0 @@ -# AWS_Accounts Job - -The AWS_Accounts job provides detailed information about the accounts that exist in each AWS -Organization. This job also determines the AWS Master Account for each Organization. The AWS Master -Account can be set manually by adding a line for each Organization in the temporary table -#IdentitySourceAccount in the analysis task parameters for this job. - -## Analysis Tasks for the AWS_Accounts Job - -Navigate to the **AWS** > **1.Organizations** > **AWS_Accounts** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_Accounts Job](/img/product_docs/accessanalyzer/solutions/aws/organizations/accountsanalysis.webp) - -The following analysis tasks are selected by default: - -- AWS Account Details – Provides details for the AWS IAM accounts in the organization. Creates the - AWS_Account_Details table accessible under the job’s Results node. -- AWS Account Summary – Summarizes AWS Accounts by organization. Creates the AWS_Account_Summary - table accessible under the job’s Results node. - -## Report for the AWS_Accounts Job - -In addition to the tables and views created by the analysis task, the AWS_Accounts job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| -------- | ------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Accounts | This report provides details on the IAM Accounts in the AWS Organization. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by org - Table – Shows accounts by Org - Table – Provides details on accounts | diff --git a/docs/accessanalyzer/12.0/solutions/aws/organizations/aws-memberaccountusers.md b/docs/accessanalyzer/12.0/solutions/aws/organizations/aws-memberaccountusers.md deleted file mode 100644 index 0038a143e3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/organizations/aws-memberaccountusers.md +++ /dev/null @@ -1,30 +0,0 @@ -# AWS_MemberAccountUsers Job - -The AWS_MemberAccountUsers job highlights users that are not located in the primary AWS Identity -Source, which is generally the Master AWS Account for the Organization. - -## Analysis Tasks for the AWS_MemberAccountUsers Job - -Navigate to the **AWS** > **1.Organizations** > **AWS_MemberAccountUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_MemberAccountUsers Job](/img/product_docs/accessanalyzer/solutions/aws/organizations/memberaccountusersanalysis.webp) - -The following analysis tasks are selected by default: - -- Member Account User Details – Provides details on users that exist outside the master AWS account. - Creates the AWS_MemberAccountUsers_Details table accessible under the job’s Results node. -- Member Account Users Summary – Summarizes AWS member account users by organization. Creates the - AWS_MemberAccountUsers_Summary table accessible under the job’s Results node. - -## Report for the AWS_MemberAccoutUsers Job - -In addition to the tables and views created by the analysis task, the AWS_MemberAccountUsers job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| -------------------- | -------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Member Account Users | This report highlights user accounts that are not contained in the AWS Master Account. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top member account users by org - Table – Shows member account users by Org - Table – Provides details on member account users | diff --git a/docs/accessanalyzer/12.0/solutions/aws/organizations/aws_accounts.md b/docs/accessanalyzer/12.0/solutions/aws/organizations/aws_accounts.md new file mode 100644 index 0000000000..91ace8ebde --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/organizations/aws_accounts.md @@ -0,0 +1,32 @@ +# AWS_Accounts Job + +The AWS_Accounts job provides detailed information about the accounts that exist in each AWS +Organization. This job also determines the AWS Master Account for each Organization. The AWS Master +Account can be set manually by adding a line for each Organization in the temporary table +#IdentitySourceAccount in the analysis task parameters for this job. + +## Analysis Tasks for the AWS_Accounts Job + +Navigate to the **AWS** > **1.Organizations** > **AWS_Accounts** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_Accounts Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/organizations/accountsanalysis.webp) + +The following analysis tasks are selected by default: + +- AWS Account Details – Provides details for the AWS IAM accounts in the organization. Creates the + AWS_Account_Details table accessible under the job’s Results node. +- AWS Account Summary – Summarizes AWS Accounts by organization. Creates the AWS_Account_Summary + table accessible under the job’s Results node. + +## Report for the AWS_Accounts Job + +In addition to the tables and views created by the analysis task, the AWS_Accounts job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| -------- | ------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Accounts | This report provides details on the IAM Accounts in the AWS Organization. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by org - Table – Shows accounts by Org - Table – Provides details on accounts | diff --git a/docs/accessanalyzer/12.0/solutions/aws/organizations/aws_memberaccountusers.md b/docs/accessanalyzer/12.0/solutions/aws/organizations/aws_memberaccountusers.md new file mode 100644 index 0000000000..90dbbc91c3 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/organizations/aws_memberaccountusers.md @@ -0,0 +1,30 @@ +# AWS_MemberAccountUsers Job + +The AWS_MemberAccountUsers job highlights users that are not located in the primary AWS Identity +Source, which is generally the Master AWS Account for the Organization. + +## Analysis Tasks for the AWS_MemberAccountUsers Job + +Navigate to the **AWS** > **1.Organizations** > **AWS_MemberAccountUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_MemberAccountUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/organizations/memberaccountusersanalysis.webp) + +The following analysis tasks are selected by default: + +- Member Account User Details – Provides details on users that exist outside the master AWS account. + Creates the AWS_MemberAccountUsers_Details table accessible under the job’s Results node. +- Member Account Users Summary – Summarizes AWS member account users by organization. Creates the + AWS_MemberAccountUsers_Summary table accessible under the job’s Results node. + +## Report for the AWS_MemberAccoutUsers Job + +In addition to the tables and views created by the analysis task, the AWS_MemberAccountUsers job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| -------------------- | -------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Member Account Users | This report highlights user accounts that are not contained in the AWS Master Account. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top member account users by org - Table – Shows member account users by Org - Table – Provides details on member account users | diff --git a/docs/accessanalyzer/12.0/solutions/aws/organizations/overview.md b/docs/accessanalyzer/12.0/solutions/aws/organizations/overview.md index 2e69a3e53a..e6beff96e5 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/organizations/overview.md +++ b/docs/accessanalyzer/12.0/solutions/aws/organizations/overview.md @@ -3,13 +3,13 @@ The 1.Organizations job group analyzes and reports on the AWS Organization including password policies and accounts within the organization. -![1.Organizations Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![1.Organizations Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/aws/organizations/jobstree.webp) The 1.Organizations job jroup is comprised of: -- [AWS_Accounts Job](/docs/accessanalyzer/12.0/solutions/aws/organizations/aws-accounts.md) – Provides detailed information about the accounts that exist +- [AWS_Accounts Job](/docs/accessanalyzer/12.0/solutions/aws/organizations/aws_accounts.md) – Provides detailed information about the accounts that exist in each AWS Organization. This job also determines the AWS Master Account for each Organization. The AWS Master Account can be set manually by adding a line for each Organization in the temporary table #IdentitySourceAccount in the analysis task parameters for this job. -- [AWS_MemberAccountUsers Job](/docs/accessanalyzer/12.0/solutions/aws/organizations/aws-memberaccountusers.md) – Highlights users that are not located in +- [AWS_MemberAccountUsers Job](/docs/accessanalyzer/12.0/solutions/aws/organizations/aws_memberaccountusers.md) – Highlights users that are not located in the primary AWS Identity Source, which is generally the Master AWS Account for the Organization diff --git a/docs/accessanalyzer/12.0/solutions/aws/overview.md b/docs/accessanalyzer/12.0/solutions/aws/overview.md index ea14e83024..477dae250c 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/overview.md +++ b/docs/accessanalyzer/12.0/solutions/aws/overview.md @@ -25,7 +25,7 @@ Supported Platforms Requirements, Permissions, and Ports See the -[Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/aws.md) +[Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/aws.md) topic for additional information. Sensitive Data Discovery Considerations @@ -42,7 +42,7 @@ conflict with other JDKs or Java Runtimes in the same environment. Location The AWS Solution requires a special Access Analyzer license. It can be installed from the Access -Analyzer Instant Job Wizard. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) +Analyzer Instant Job Wizard. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for information on installing instant solutions from the Access Analyzer Library. Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > **AWS**. @@ -53,7 +53,7 @@ The AWS solution is a comprehensive set of pre-configured audit jobs and report visibility into IAM users, groups, roles, and policies, as well as S3 permissions, content, and sensitive data from target AWS accounts. -![AWS Solution Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![AWS Solution Overview page](/img/product_docs/accessanalyzer/12.0/solutions/aws/overviewpage.webp) The AWS Solution is comprised of the following job groups: diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-custommanagedpolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws-custommanagedpolicies.md deleted file mode 100644 index e30da709c2..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-custommanagedpolicies.md +++ /dev/null @@ -1,31 +0,0 @@ -# AWS_CustomManagedPolicies Job - -The AWS_CustomManagedPolicies job provides details on customer managed policies created in the AWS -Organization. - -## Analysis Tasks for the AWS_CustomManagedPolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_CustomManagedPolicies** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_CustomManagedPolicies Job](/img/product_docs/accessanalyzer/solutions/aws/policies/custommanagedpoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- Custom Managed Policy Details – Provides detailed information on AWS custom managed policies. - Creates the AWS_CustomManagedPolicy_Details table accessible under the job’s Results node. -- Custom Managed Policy Usage Summary – Summarizes the custom managed policy usage by AWS - Organization. Creates the AWS_CustomManagedPolicy_Summary table accessible under the job’s Results - node. - -## Report for the AWS_CustomManagedPolicies Job - -In addition to the tables and views created by the analysis task, the AWS_CustomManagedPolicies job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------------------- | ----------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Custom Managed Policies | This report analyzes AWS Custom Managed Policies and their usage. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays custom managed policies by account - Table – Shows custom managed policies by account - Table – Provides details on custom managed policies by account | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-inlinepolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws-inlinepolicies.md deleted file mode 100644 index 06f11a671b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-inlinepolicies.md +++ /dev/null @@ -1,30 +0,0 @@ -# AWS_InlinePolicies Job - -The AWS_InlinePolicies job provides details on customer managed policies that are directly assigned -to a user or group. - -## Analysis Tasks for the AWS_InlinePolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_InlinePolicies** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_InlinePolicies Job](/img/product_docs/accessanalyzer/solutions/aws/policies/inlinepoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- Inline Policy Details – Provides details for AWS Inline Policies. Creates the - AWS_InlinePolicy_Details table accessible under the job’s Results node. -- Inline Policy Summary – Summarizes AWS Inline Policies by organization. Creates the - AWS_InlinePolicy_Summary table accessible under the job’s Results node. - -## Report for the AWS_InlinePolicies Job - -In addition to the tables and views created by the analysis task, the AWS_InlinePolicies job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Element | -| --------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Inline Policies | This report identifies AWS Inline Policies that are assigned directly on an AWS Identity. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays inline policies by account - Table – Shows inline policies by account - Table – Provides details on inline policies | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-managedpolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws-managedpolicies.md deleted file mode 100644 index 9514cacefd..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-managedpolicies.md +++ /dev/null @@ -1,29 +0,0 @@ -# AWS_ManagedPolicies Job - -The AWS_ManagedPolicies job provides details on policies managed by Amazon in the AWS Organization. - -## Analysis Tasks for the AWS_ManagedPolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_ManagedPolicies** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_ManagedPolicies Job](/img/product_docs/accessanalyzer/solutions/aws/policies/managedpoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- Managed Policy Details – Identifies managed policies from AWS and if they are assigned to a user - or group. Creates the AWS_ManagedPolicy_Details table accessible under the job’s Results node. -- Managed Policy Usage Summary – Summarizes the managed policy usage by AWS Org. Creates the - AWS_ManagedPolicy_Summary table accessible under the job’s Results node. - -## Report for the AWS_ManagedPolicies Job - -In addition to the tables and views created by the analysis task, the AWS_Accounts job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| -------------------- | ---------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| AWS Managed Policies | This report analyzes AWS Managed Policies and their usage. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays AWS managed policies by account - Table – Shows AWS managed policies by account - Table – Provides details on AWS managed policies | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-sensitivepolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws-sensitivepolicies.md deleted file mode 100644 index 3ea59a52c6..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-sensitivepolicies.md +++ /dev/null @@ -1,35 +0,0 @@ -# AWS_SensitivePolicies Job - -The AWS_SensitivePolicies job provides details on users, groups, and roles as well as the policies -granting them sensitive permissions. - -## Analysis Tasks for the AWS_SensitivePolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_SensitivePolicies** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_SensitivePolicies Job](/img/product_docs/accessanalyzer/solutions/aws/policies/sensitivepoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- Sensitive Managed Policy Details – Provides details on AWS Sensitive Managed Policies. Creates the - AWS_SensitiveManagedPolicies_Details table accessible under the job’s Results node. -- Sensitive Inline Policy Details – Provides details on AWS Sensitive Inline Policies. Creates the - AWS_SensitiveInlinePolicies_Details table accessible under the job’s Results node. -- Sensitive Managed Policy Summary – Summarizes AWS Sensitive Managed Policies by organization. - Creates the AWS_SensitiveManagedPolicies_Summary table accessible under the job’s Results node. -- Sensitive Inline Policy Summary – Summarizes AWS Sensitive Inlin Policies by organization. Creates - the AWS_SensitiveInlinePolicies_Summary table accessible under the job’s Results node. - -## Reports for the AWS_SensitivePolicies Job - -In addition to the tables and views created by the analysis task, the AWS_SensitivePolicies job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| -------------------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Inline Policies | This report highlights users, groups, and roles with a sensitive inline policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays sensitive policy assignments by org - Table – Shows sensitive policy assignments by org - Table – Provides details on sensitive policy assignments | -| Sensitive Managed Policies | This report highlights users, groups, and roles with a sensitive managed policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays sensitive managed policy assignments by org - Table – Shows sensitive managed policy assignments by org - Table – Provides details on sensitive managed policy assignments | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-unusedmanagedpolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws-unusedmanagedpolicies.md deleted file mode 100644 index 14de590ab5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-unusedmanagedpolicies.md +++ /dev/null @@ -1,63 +0,0 @@ -# AWS_UnusedManagedPolicies Job - -The AWS_UnusedManagedPolicies job provides details on customer managed policies that exist in the -AWS Organization. Optionally, AWS managed policies can be included by changing the parameter for the -analysis task. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The AWS_UnusedManagedPolicies job has the following configurable parameter: - -- True or False value to include policies managed by AWS - -See the -[Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job](#customizable-analysis-tasks-for-the-aws_unusedmanagedpolicies-job) -topic for additional information. - -## Analysis Tasks for the AWS_UnusedManagedPolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_UnusedManagedPolicies** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for -this job. Only modify the analysis tasks listed in the customizable analysis tasks section. - -![Analysis Tasks for the AWS_UnusedManagedPolicies Job](/img/product_docs/accessanalyzer/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- Unused Managed Policies – Policies not assigned to any group or user. Creates the - AWS_UnusedPolicies_Details table accessible under the job’s Results node. - - - Optionally, AWS managed policies can be included by setting the parameter to True. See the - [Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job](#customizable-analysis-tasks-for-the-aws_unusedmanagedpolicies-job) - topic for additional information. - -- Unused Managed Policy Summary – Summary by AWS Organization of unused managed policies. Creates - the AWS_UnusedPolicies_Summary table accessible under the job’s Results node. - -### Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ----------------------- | --------------------------- | ------------- | ------------------------------------------------------- | -| Unused Managed Policies | @IncludeAWSManaged | False | True or False value to include policies managed by AWS. | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for instructions on how to modify parameters. - -## Report for the AWS_UnusedManagedPolicies Job - -In addition to the tables and views created by the analysis task, the AWS_UnusedManagedPolicies job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------------------- | --------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Unused Managed Policies | This report identifies policies that are not assigned to any group or user. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays unused managed policies by account - Table – Shows unused managed policies by account - Table – Provides details on unused managed policies | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-userpolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws-userpolicies.md deleted file mode 100644 index 8d8705fe2d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/policies/aws-userpolicies.md +++ /dev/null @@ -1,33 +0,0 @@ -# AWS_UserPolicies Job - -The AWS_UserPolicies job provides details outlining user policy assignment. This includes where the -policy is assigned, directly or at a group level, and if the policy assignment has been duplicated. - -## Analysis Tasks for the AWS_UserPolicies Job - -Navigate to the **AWS** > **5.Policies** > **AWS_UserPolicies** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_UserPolicies Job](/img/product_docs/accessanalyzer/solutions/aws/policies/userpoliciesanalysis.webp) - -The following analysis tasks are selected by default: - -- User Policies View – Details policies assigned to users directly and through group membership. - Creates the AWS_IamUserPolicyView table accessible under the job’s Results node. -- Duplicated Policies – User policies that have been inherited and directly assigned. Creates the - AWS_DuplicatedPolicy_Details table accessible under the job’s Results node. -- User Policy Summary – Summarizes policies assigned to users by Account. Creates the - AWS_UserPolicy_Summary table accessible under the job’s Results node. - -## Reports for the AWS_UserPolicies Job - -In addition to the tables and views created by the analysis task, the AWS_UserPolicies job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ---------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Duplicate Policy Assignments | This report highlights policies that have been both assigned directly and inherited from a group to a user identity. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by assigned managed policies - Table – Provides details on managed policy assignments | -| Managed Policy Assignments | This report details managed policy assignments in the AWS Organization. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays duplicate policy assignment summary by account - Table – Shows duplicate policy assignment summary by account - Table – Provides details on duplicate policy assignment summary | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws_custommanagedpolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_custommanagedpolicies.md new file mode 100644 index 0000000000..a39f3bb5a5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_custommanagedpolicies.md @@ -0,0 +1,31 @@ +# AWS_CustomManagedPolicies Job + +The AWS_CustomManagedPolicies job provides details on customer managed policies created in the AWS +Organization. + +## Analysis Tasks for the AWS_CustomManagedPolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_CustomManagedPolicies** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_CustomManagedPolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/custommanagedpoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- Custom Managed Policy Details – Provides detailed information on AWS custom managed policies. + Creates the AWS_CustomManagedPolicy_Details table accessible under the job’s Results node. +- Custom Managed Policy Usage Summary – Summarizes the custom managed policy usage by AWS + Organization. Creates the AWS_CustomManagedPolicy_Summary table accessible under the job’s Results + node. + +## Report for the AWS_CustomManagedPolicies Job + +In addition to the tables and views created by the analysis task, the AWS_CustomManagedPolicies job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------------------- | ----------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Custom Managed Policies | This report analyzes AWS Custom Managed Policies and their usage. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays custom managed policies by account - Table – Shows custom managed policies by account - Table – Provides details on custom managed policies by account | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws_inlinepolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_inlinepolicies.md new file mode 100644 index 0000000000..f3969272f8 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_inlinepolicies.md @@ -0,0 +1,30 @@ +# AWS_InlinePolicies Job + +The AWS_InlinePolicies job provides details on customer managed policies that are directly assigned +to a user or group. + +## Analysis Tasks for the AWS_InlinePolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_InlinePolicies** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_InlinePolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/inlinepoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- Inline Policy Details – Provides details for AWS Inline Policies. Creates the + AWS_InlinePolicy_Details table accessible under the job’s Results node. +- Inline Policy Summary – Summarizes AWS Inline Policies by organization. Creates the + AWS_InlinePolicy_Summary table accessible under the job’s Results node. + +## Report for the AWS_InlinePolicies Job + +In addition to the tables and views created by the analysis task, the AWS_InlinePolicies job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Element | +| --------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Inline Policies | This report identifies AWS Inline Policies that are assigned directly on an AWS Identity. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays inline policies by account - Table – Shows inline policies by account - Table – Provides details on inline policies | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws_managedpolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_managedpolicies.md new file mode 100644 index 0000000000..0ff9d6a027 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_managedpolicies.md @@ -0,0 +1,29 @@ +# AWS_ManagedPolicies Job + +The AWS_ManagedPolicies job provides details on policies managed by Amazon in the AWS Organization. + +## Analysis Tasks for the AWS_ManagedPolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_ManagedPolicies** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_ManagedPolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/managedpoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- Managed Policy Details – Identifies managed policies from AWS and if they are assigned to a user + or group. Creates the AWS_ManagedPolicy_Details table accessible under the job’s Results node. +- Managed Policy Usage Summary – Summarizes the managed policy usage by AWS Org. Creates the + AWS_ManagedPolicy_Summary table accessible under the job’s Results node. + +## Report for the AWS_ManagedPolicies Job + +In addition to the tables and views created by the analysis task, the AWS_Accounts job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| -------------------- | ---------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| AWS Managed Policies | This report analyzes AWS Managed Policies and their usage. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays AWS managed policies by account - Table – Shows AWS managed policies by account - Table – Provides details on AWS managed policies | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws_sensitivepolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_sensitivepolicies.md new file mode 100644 index 0000000000..aba280005b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_sensitivepolicies.md @@ -0,0 +1,35 @@ +# AWS_SensitivePolicies Job + +The AWS_SensitivePolicies job provides details on users, groups, and roles as well as the policies +granting them sensitive permissions. + +## Analysis Tasks for the AWS_SensitivePolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_SensitivePolicies** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_SensitivePolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/sensitivepoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- Sensitive Managed Policy Details – Provides details on AWS Sensitive Managed Policies. Creates the + AWS_SensitiveManagedPolicies_Details table accessible under the job’s Results node. +- Sensitive Inline Policy Details – Provides details on AWS Sensitive Inline Policies. Creates the + AWS_SensitiveInlinePolicies_Details table accessible under the job’s Results node. +- Sensitive Managed Policy Summary – Summarizes AWS Sensitive Managed Policies by organization. + Creates the AWS_SensitiveManagedPolicies_Summary table accessible under the job’s Results node. +- Sensitive Inline Policy Summary – Summarizes AWS Sensitive Inlin Policies by organization. Creates + the AWS_SensitiveInlinePolicies_Summary table accessible under the job’s Results node. + +## Reports for the AWS_SensitivePolicies Job + +In addition to the tables and views created by the analysis task, the AWS_SensitivePolicies job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| -------------------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Inline Policies | This report highlights users, groups, and roles with a sensitive inline policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays sensitive policy assignments by org - Table – Shows sensitive policy assignments by org - Table – Provides details on sensitive policy assignments | +| Sensitive Managed Policies | This report highlights users, groups, and roles with a sensitive managed policy assigned. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays sensitive managed policy assignments by org - Table – Shows sensitive managed policy assignments by org - Table – Provides details on sensitive managed policy assignments | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws_unusedmanagedpolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_unusedmanagedpolicies.md new file mode 100644 index 0000000000..4664372b01 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_unusedmanagedpolicies.md @@ -0,0 +1,63 @@ +# AWS_UnusedManagedPolicies Job + +The AWS_UnusedManagedPolicies job provides details on customer managed policies that exist in the +AWS Organization. Optionally, AWS managed policies can be included by changing the parameter for the +analysis task. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The AWS_UnusedManagedPolicies job has the following configurable parameter: + +- True or False value to include policies managed by AWS + +See the +[Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job](#customizable-analysis-tasks-for-the-aws_unusedmanagedpolicies-job) +topic for additional information. + +## Analysis Tasks for the AWS_UnusedManagedPolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_UnusedManagedPolicies** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for +this job. Only modify the analysis tasks listed in the customizable analysis tasks section. + +![Analysis Tasks for the AWS_UnusedManagedPolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- Unused Managed Policies – Policies not assigned to any group or user. Creates the + AWS_UnusedPolicies_Details table accessible under the job’s Results node. + + - Optionally, AWS managed policies can be included by setting the parameter to True. See the + [Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job](#customizable-analysis-tasks-for-the-aws_unusedmanagedpolicies-job) + topic for additional information. + +- Unused Managed Policy Summary – Summary by AWS Organization of unused managed policies. Creates + the AWS_UnusedPolicies_Summary table accessible under the job’s Results node. + +### Customizable Analysis Tasks for the AWS_UnusedManagedPolicies Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ----------------------- | --------------------------- | ------------- | ------------------------------------------------------- | +| Unused Managed Policies | @IncludeAWSManaged | False | True or False value to include policies managed by AWS. | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on how to modify parameters. + +## Report for the AWS_UnusedManagedPolicies Job + +In addition to the tables and views created by the analysis task, the AWS_UnusedManagedPolicies job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------------------- | --------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Unused Managed Policies | This report identifies policies that are not assigned to any group or user. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays unused managed policies by account - Table – Shows unused managed policies by account - Table – Provides details on unused managed policies | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/aws_userpolicies.md b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_userpolicies.md new file mode 100644 index 0000000000..9a7a9ad109 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/policies/aws_userpolicies.md @@ -0,0 +1,33 @@ +# AWS_UserPolicies Job + +The AWS_UserPolicies job provides details outlining user policy assignment. This includes where the +policy is assigned, directly or at a group level, and if the policy assignment has been duplicated. + +## Analysis Tasks for the AWS_UserPolicies Job + +Navigate to the **AWS** > **5.Policies** > **AWS_UserPolicies** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_UserPolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/userpoliciesanalysis.webp) + +The following analysis tasks are selected by default: + +- User Policies View – Details policies assigned to users directly and through group membership. + Creates the AWS_IamUserPolicyView table accessible under the job’s Results node. +- Duplicated Policies – User policies that have been inherited and directly assigned. Creates the + AWS_DuplicatedPolicy_Details table accessible under the job’s Results node. +- User Policy Summary – Summarizes policies assigned to users by Account. Creates the + AWS_UserPolicy_Summary table accessible under the job’s Results node. + +## Reports for the AWS_UserPolicies Job + +In addition to the tables and views created by the analysis task, the AWS_UserPolicies job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ---------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Duplicate Policy Assignments | This report highlights policies that have been both assigned directly and inherited from a group to a user identity. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top accounts by assigned managed policies - Table – Provides details on managed policy assignments | +| Managed Policy Assignments | This report details managed policy assignments in the AWS Organization. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays duplicate policy assignment summary by account - Table – Shows duplicate policy assignment summary by account - Table – Provides details on duplicate policy assignment summary | diff --git a/docs/accessanalyzer/12.0/solutions/aws/policies/overview.md b/docs/accessanalyzer/12.0/solutions/aws/policies/overview.md index 83f0ea96fa..030671b221 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/policies/overview.md +++ b/docs/accessanalyzer/12.0/solutions/aws/policies/overview.md @@ -3,21 +3,21 @@ The 5.Policies job group provides details on AWS IAM policies including the various types of policies, the permissions they grant, and where they are applied in the AWS organization. -![5.Policies Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![5.Policies Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/jobstree.webp) The 5.Policies job group is comprised of: -- [AWS_CustomManagedPolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws-custommanagedpolicies.md) – Provides details on customer +- [AWS_CustomManagedPolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws_custommanagedpolicies.md) – Provides details on customer managed policies created in the AWS Organization -- [AWS_InlinePolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws-inlinepolicies.md) – Provides details on customer managed policies +- [AWS_InlinePolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws_inlinepolicies.md) – Provides details on customer managed policies that are directly assigned to a user or group -- [AWS_ManagedPolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws-managedpolicies.md) – Provides details on policies managed by Amazon +- [AWS_ManagedPolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws_managedpolicies.md) – Provides details on policies managed by Amazon in the AWS Organization -- [AWS_SensitivePolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws-sensitivepolicies.md) – Provides details on users, groups, and +- [AWS_SensitivePolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws_sensitivepolicies.md) – Provides details on users, groups, and roles as well as the policies granting them sensitive permissions -- [AWS_UnusedManagedPolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws-unusedmanagedpolicies.md) – Provides details on customer +- [AWS_UnusedManagedPolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws_unusedmanagedpolicies.md) – Provides details on customer managed policies that exist in the AWS Organization. Optionally, AWS managed policies can be included by changing the @IncludeAWSManaged parameter on the analysis task. -- [AWS_UserPolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws-userpolicies.md) – Provides details outlining user policy assignment. +- [AWS_UserPolicies Job](/docs/accessanalyzer/12.0/solutions/aws/policies/aws_userpolicies.md) – Provides details outlining user policy assignment. This includes where the policy is assigned, directly or at a group level, and if the policy assignment has been duplicated. diff --git a/docs/accessanalyzer/12.0/solutions/aws/recommended.md b/docs/accessanalyzer/12.0/solutions/aws/recommended.md index e058a521e4..8ed25a930f 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/aws/recommended.md @@ -10,11 +10,11 @@ For AWS IAM Auditing: - AWS Permissions must be configured on the target databases. - - See the [Configure AWS for Scans](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md) topic for - information on configuring Roles within AWS and obtaining an Access Key - - See the - [Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/aws.md) - topic for additional information on permissions + - See the [Configure AWS for Scans](/docs/accessanalyzer/12.0/requirements/target/config/aws.md) topic for + information on configuring Roles within AWS and obtaining an Access Key + - See the + [Target Amazon Web Service Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/aws.md) + topic for additional information on permissions Some of the 0.Collection job group queries can be scoped to target specific S3 Objects. However, it is necessary for the SA_AWS_Instances table to be populated before attempting to scope the queries. @@ -30,7 +30,7 @@ Connection Profile The AWS Data Collector requires a specific set of permissions. The account used can be either a Web Services (JWT) account or an Amazon Web Services account. Once the account has been provisioned, create a custom Connection Profile containing the credentials for the targeted environment. See the -[Amazon Web Services for User Credentials](/docs/accessanalyzer/12.0/administration/settings/connection/profile/aws.md) topic for +[Amazon Web Services for User Credentials](/docs/accessanalyzer/12.0/admin/settings/connection/profile/aws.md) topic for additional information. The Connection Profile is assigned under the **AWS** > **Settings** > **Connection** node. It is set @@ -39,14 +39,14 @@ Connection Profile with the necessary permissions for targeting the AWS instance **Select one of the following user defined profiles** option and select the appropriate Connection Profile. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on creating a Connection Profile. Access Token Creating the Connection Profile requires having the **Access Key ID** and the **Secret Access Key** that was generated by the Amazon Web Services application. See the -[Configure AWS for Scans](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/config/aws.md) topic for additional information. +[Configure AWS for Scans](/docs/accessanalyzer/12.0/requirements/target/config/aws.md) topic for additional information. Schedule Frequency @@ -84,14 +84,14 @@ Query Configuration The following queries in the 0.Collection job group require the created AWS Roles to be added to the Login Roles page: -- [1.AWS_OrgScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/1.aws-orgscan.md) -- [2.AWS_S3Scan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws-s3scan.md) -- [3.AWS_IAMScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/3.aws-iamscan.md) +- [1.AWS_OrgScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/1.aws_orgscan.md) +- [2.AWS_S3Scan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws_s3scan.md) +- [3.AWS_IAMScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/3.aws_iamscan.md) The following queries in the 0.Collection job group can be modified to limit the depth of the scan: -- [2.AWS_S3Scan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws-s3scan.md) -- [4.AWS_S3SDDScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/4.aws-s3sddscan.md) +- [2.AWS_S3Scan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/2.aws_s3scan.md) +- [4.AWS_S3SDDScan Job](/docs/accessanalyzer/12.0/solutions/aws/collection/4.aws_s3sddscan.md) Analysis Configuration @@ -102,9 +102,9 @@ can be modified: stale. It is set to default of 60 days. The `@STALETHRESHOLD` parameter can be customized in the following analysis tasks: - - **2. Users** > **AWS_StaleUsers** > **Stale Users** Analysis Task - - **3.Groups** > **AWS_StaleGroups** > **Stale Groups Details** Analysis Task - - **4.Roles** > **AWS_StaleRoles** > **Stale Roles Details** Analysis Task + - **2. Users** > **AWS_StaleUsers** > **Stale Users** Analysis Task + - **3.Groups** > **AWS_StaleGroups** > **Stale Groups Details** Analysis Task + - **4.Roles** > **AWS_StaleRoles** > **Stale Roles Details** Analysis Task Workflow diff --git a/docs/accessanalyzer/12.0/solutions/aws/roles/aws-roles.md b/docs/accessanalyzer/12.0/solutions/aws/roles/aws-roles.md deleted file mode 100644 index bb896a1747..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/roles/aws-roles.md +++ /dev/null @@ -1,29 +0,0 @@ -# AWS_Roles Job - -The AWS_Roles job provides details on roles in the AWS IAM environment. - -## Analysis Tasks for the AWS_Roles Job - -Navigate to the **AWS** > **4.Roles** > **AWS_Roles** > **Configure** node and select **Analysis** -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_Roles Job](/img/product_docs/accessanalyzer/solutions/aws/roles/rolesanalysis.webp) - -The following analysis tasks are selected by default: - -- Role Details – Provides detailed information on AWS Roles. Creates the AWS_Role_Details table - accessible under the job’s Results node. -- Role Summary – Summarizes roles by AWS account. Creates the AWS_Role_Summary table accessible - under the job’s Results node. - -## Report for the AWS_Roles Job - -In addition to the tables and views created by the analysis task, the AWS_Roles job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ------ | ----------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Roles | This report provides details on roles in the AWS IAM environment. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top roles by account - Table – Shows roles by account - Table – Provides details on roles | diff --git a/docs/accessanalyzer/12.0/solutions/aws/roles/aws-staleroles.md b/docs/accessanalyzer/12.0/solutions/aws/roles/aws-staleroles.md deleted file mode 100644 index f267e7dbba..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/roles/aws-staleroles.md +++ /dev/null @@ -1,64 +0,0 @@ -# AWS_StaleRoles Job - -The AWS_StaleRoles job provides details on roles that are considered stale. Highlighting roles that -have not been used in more than 60 days and those that have never been used. The 60 day parameter is -configurable. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The AWS_StaleRoles job has the following configurable parameter: - -- Days without login to consider an account stale - -See the -[Customizable Analysis Tasks for the AWS_StaleRoles Job](#customizable-analysis-tasks-for-the-aws_staleroles-job) -topic for additional information. - -## Analysis Tasks for the AWS_StaleRoles Job - -Navigate to the **AWS** > **4.Roles** > **AWS_StaleRoles** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for -this job. Only modify the analysis tasks listed in the customizable analysis tasks section. - -![Analysis Tasks for the AWS_StaleRoles Job](/img/product_docs/accessanalyzer/solutions/aws/roles/stalerolesanalysis.webp) - -The following analysis tasks are selected by default: - -- Stale Role Details – Highlights the roles in AWS that are considered stale. Creates the - AWS_StaleRole_Details table accessible under the job’s Results node. - - - The number of days without login to consider an account stale can be customized. By default it - is set to 60. See the - [Customizable Analysis Tasks for the AWS_StaleRoles Job](#customizable-analysis-tasks-for-the-aws_staleroles-job) - topic for additional information. - -- Stale Role Summary – Summarizes stale roles by AWS Account. Creates the AWS_StaleRole_Summary - table accessible under the job’s Results node. - -### Customizable Analysis Tasks for the AWS_StaleRoles Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------ | --------------------------- | ------------- | ------------------------------------------------ | -| Stale Role Details | @StaleThreshold | 60 | Days without login to consider an account stale. | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for instructions on how to modify parameters. - -## Report for the AWS_StaleRoles Job - -In addition to the tables and views created by the analysis task, the AWS_StaleRoles job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------- | ---------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Roles | This report identifies stale roles in the AWS environment. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top stale roles by account - Table – Shows stales roles by account - Table – Provides details on stale roles | diff --git a/docs/accessanalyzer/12.0/solutions/aws/roles/aws_roles.md b/docs/accessanalyzer/12.0/solutions/aws/roles/aws_roles.md new file mode 100644 index 0000000000..73c0c114d5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/roles/aws_roles.md @@ -0,0 +1,29 @@ +# AWS_Roles Job + +The AWS_Roles job provides details on roles in the AWS IAM environment. + +## Analysis Tasks for the AWS_Roles Job + +Navigate to the **AWS** > **4.Roles** > **AWS_Roles** > **Configure** node and select **Analysis** +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_Roles Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/roles/rolesanalysis.webp) + +The following analysis tasks are selected by default: + +- Role Details – Provides detailed information on AWS Roles. Creates the AWS_Role_Details table + accessible under the job’s Results node. +- Role Summary – Summarizes roles by AWS account. Creates the AWS_Role_Summary table accessible + under the job’s Results node. + +## Report for the AWS_Roles Job + +In addition to the tables and views created by the analysis task, the AWS_Roles job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ------ | ----------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Roles | This report provides details on roles in the AWS IAM environment. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top roles by account - Table – Shows roles by account - Table – Provides details on roles | diff --git a/docs/accessanalyzer/12.0/solutions/aws/roles/aws_staleroles.md b/docs/accessanalyzer/12.0/solutions/aws/roles/aws_staleroles.md new file mode 100644 index 0000000000..07d0f8613e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/roles/aws_staleroles.md @@ -0,0 +1,64 @@ +# AWS_StaleRoles Job + +The AWS_StaleRoles job provides details on roles that are considered stale. Highlighting roles that +have not been used in more than 60 days and those that have never been used. The 60 day parameter is +configurable. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The AWS_StaleRoles job has the following configurable parameter: + +- Days without login to consider an account stale + +See the +[Customizable Analysis Tasks for the AWS_StaleRoles Job](#customizable-analysis-tasks-for-the-aws_staleroles-job) +topic for additional information. + +## Analysis Tasks for the AWS_StaleRoles Job + +Navigate to the **AWS** > **4.Roles** > **AWS_StaleRoles** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for +this job. Only modify the analysis tasks listed in the customizable analysis tasks section. + +![Analysis Tasks for the AWS_StaleRoles Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/roles/stalerolesanalysis.webp) + +The following analysis tasks are selected by default: + +- Stale Role Details – Highlights the roles in AWS that are considered stale. Creates the + AWS_StaleRole_Details table accessible under the job’s Results node. + + - The number of days without login to consider an account stale can be customized. By default it + is set to 60. See the + [Customizable Analysis Tasks for the AWS_StaleRoles Job](#customizable-analysis-tasks-for-the-aws_staleroles-job) + topic for additional information. + +- Stale Role Summary – Summarizes stale roles by AWS Account. Creates the AWS_StaleRole_Summary + table accessible under the job’s Results node. + +### Customizable Analysis Tasks for the AWS_StaleRoles Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------ | --------------------------- | ------------- | ------------------------------------------------ | +| Stale Role Details | @StaleThreshold | 60 | Days without login to consider an account stale. | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on how to modify parameters. + +## Report for the AWS_StaleRoles Job + +In addition to the tables and views created by the analysis task, the AWS_StaleRoles job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------- | ---------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Roles | This report identifies stale roles in the AWS environment. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top stale roles by account - Table – Shows stales roles by account - Table – Provides details on stale roles | diff --git a/docs/accessanalyzer/12.0/solutions/aws/roles/overview.md b/docs/accessanalyzer/12.0/solutions/aws/roles/overview.md index c7c697007f..1fa74d87cc 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/roles/overview.md +++ b/docs/accessanalyzer/12.0/solutions/aws/roles/overview.md @@ -2,11 +2,11 @@ The 4.Roles job group provides details on roles in the AWS IAM environment. -![4.Roles Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![4.Roles Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/aws/roles/jobstree.webp) The 4.Roles job group is comprised of: -- [AWS_Roles Job](/docs/accessanalyzer/12.0/solutions/aws/roles/aws-roles.md) – Provides details on roles in the AWS IAM environment -- [AWS_StaleRoles Job](/docs/accessanalyzer/12.0/solutions/aws/roles/aws-staleroles.md) – Provides details on roles that are considered stale. +- [AWS_Roles Job](/docs/accessanalyzer/12.0/solutions/aws/roles/aws_roles.md) – Provides details on roles in the AWS IAM environment +- [AWS_StaleRoles Job](/docs/accessanalyzer/12.0/solutions/aws/roles/aws_staleroles.md) – Provides details on roles that are considered stale. Highlighting roles that have not been used in more than 60 days and those that have never been used. diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3content/aws-s3buckets.md b/docs/accessanalyzer/12.0/solutions/aws/s3content/aws-s3buckets.md deleted file mode 100644 index b67ef94765..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/s3content/aws-s3buckets.md +++ /dev/null @@ -1,27 +0,0 @@ -# AWS_S3Buckets Job - -The AWS_S3Buckets job provides a summary of AWS S3 buckets including total object size and counts. - -## Analysis Task for the AWS_S3Buckets Job - -Navigate to the **AWS** > **7.S3 Content** > **AWS_S3Buckets** > **Configure** node and select -**Analysis** to view the analysis task. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AWS_S3Buckets Job](/img/product_docs/accessanalyzer/solutions/aws/s3content/s3bucketsanalysis.webp) - -The following analysis task is selected by default: - -- S3 Buckets – S3 Bucket details. Creates the AWS_Bucket_Details table accessible under the job’s - Results node. - -## Report for the AWS_S3Buckets Job - -In addition to the tables and views created by the analysis task, the AWS_S3Buckets job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ---------- | --------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| S3 Buckets | This report summarizes AWS S3 Bucket content. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top five buckets by size - Table – Shows buckets by size - Table – Provides details on buckets | diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3content/aws-s3buckettags.md b/docs/accessanalyzer/12.0/solutions/aws/s3content/aws-s3buckettags.md deleted file mode 100644 index 92500c8ab5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/s3content/aws-s3buckettags.md +++ /dev/null @@ -1,30 +0,0 @@ -# AWS_S3BucketTags Job - -The AWS_S3BucketTags job identifies tags associated with AWS S3 Buckets. Tagging can be helpful to -identify the storage class or purpose of a bucket and can be used in AWS IAM Policy assignments. - -## Analysis Tasks for the AWS_S3BucketTagsJob - -Navigate to the **AWS** > **7.S3 Content** > **AWS_S3BucketTags** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_S3BucketTagsJob](/img/product_docs/accessanalyzer/solutions/aws/s3content/s3buckettagsanalysis.webp) - -The following analysis tasks are selected by default: - -- AWS S3 Bucket Tags – Identifies tags associated with AWS S3 Buckets. Creates the - AWS_BucketTag_Details table accessible under the job’s Results node. -- AWS S3 Bucket Tag Summary – Summarizes AWS bucket tag status. Creates the AWS_BucketTag_Summary - table accessible under the job’s Results node. - -## Report for the AWS_S3BucketTags Job - -In addition to the tables and views created by the analysis tasks, the AWS_S3BucketTags job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------- | ------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Bucket Tags | This report highlights AWS S3 Bucket Tags. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays buckets tagged by account - Table – Shows bucket tagging summary - Table – Provides details on bucket tagging | diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3content/aws_s3buckets.md b/docs/accessanalyzer/12.0/solutions/aws/s3content/aws_s3buckets.md new file mode 100644 index 0000000000..b6e3614388 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/s3content/aws_s3buckets.md @@ -0,0 +1,27 @@ +# AWS_S3Buckets Job + +The AWS_S3Buckets job provides a summary of AWS S3 buckets including total object size and counts. + +## Analysis Task for the AWS_S3Buckets Job + +Navigate to the **AWS** > **7.S3 Content** > **AWS_S3Buckets** > **Configure** node and select +**Analysis** to view the analysis task. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AWS_S3Buckets Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/s3content/s3bucketsanalysis.webp) + +The following analysis task is selected by default: + +- S3 Buckets – S3 Bucket details. Creates the AWS_Bucket_Details table accessible under the job’s + Results node. + +## Report for the AWS_S3Buckets Job + +In addition to the tables and views created by the analysis task, the AWS_S3Buckets job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ---------- | --------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| S3 Buckets | This report summarizes AWS S3 Bucket content. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top five buckets by size - Table – Shows buckets by size - Table – Provides details on buckets | diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3content/aws_s3buckettags.md b/docs/accessanalyzer/12.0/solutions/aws/s3content/aws_s3buckettags.md new file mode 100644 index 0000000000..97586b2b81 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/s3content/aws_s3buckettags.md @@ -0,0 +1,30 @@ +# AWS_S3BucketTags Job + +The AWS_S3BucketTags job identifies tags associated with AWS S3 Buckets. Tagging can be helpful to +identify the storage class or purpose of a bucket and can be used in AWS IAM Policy assignments. + +## Analysis Tasks for the AWS_S3BucketTagsJob + +Navigate to the **AWS** > **7.S3 Content** > **AWS_S3BucketTags** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_S3BucketTagsJob](/img/product_docs/accessanalyzer/12.0/solutions/aws/s3content/s3buckettagsanalysis.webp) + +The following analysis tasks are selected by default: + +- AWS S3 Bucket Tags – Identifies tags associated with AWS S3 Buckets. Creates the + AWS_BucketTag_Details table accessible under the job’s Results node. +- AWS S3 Bucket Tag Summary – Summarizes AWS bucket tag status. Creates the AWS_BucketTag_Summary + table accessible under the job’s Results node. + +## Report for the AWS_S3BucketTags Job + +In addition to the tables and views created by the analysis tasks, the AWS_S3BucketTags job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------- | ------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Bucket Tags | This report highlights AWS S3 Bucket Tags. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays buckets tagged by account - Table – Shows bucket tagging summary - Table – Provides details on bucket tagging | diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3content/overview.md b/docs/accessanalyzer/12.0/solutions/aws/s3content/overview.md index bd67552d0b..e1677c9dae 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/s3content/overview.md +++ b/docs/accessanalyzer/12.0/solutions/aws/s3content/overview.md @@ -2,12 +2,12 @@ The 7.S3 Content job group provide details on AWS S3 buckets and objects contained in those buckets. -![7.S3 Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![7.S3 Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/aws/s3content/jobstree.webp) The 7.S3 Content job group is comprised of: -- [AWS_S3Buckets Job](/docs/accessanalyzer/12.0/solutions/aws/s3content/aws-s3buckets.md) – Provides a summary of AWS S3 buckets including total +- [AWS_S3Buckets Job](/docs/accessanalyzer/12.0/solutions/aws/s3content/aws_s3buckets.md) – Provides a summary of AWS S3 buckets including total object size and counts -- [AWS_S3BucketTags Job](/docs/accessanalyzer/12.0/solutions/aws/s3content/aws-s3buckettags.md) – Identifies tags associated with AWS S3 Buckets. +- [AWS_S3BucketTags Job](/docs/accessanalyzer/12.0/solutions/aws/s3content/aws_s3buckettags.md) – Identifies tags associated with AWS S3 Buckets. Tagging can be helpful to identify the storage class or purpose of a bucket and can be used in AWS IAM Policy assignments. diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-brokeninheritance.md b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-brokeninheritance.md deleted file mode 100644 index 5fd572eddf..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-brokeninheritance.md +++ /dev/null @@ -1,30 +0,0 @@ -# AWS_BrokenInheritance Job - -The AWS_BrokenInheritance job highlights permissions in an AWS S3 bucket that differ from those -assigned at the bucket level, those assigned directly on objects within the bucket. - -## Analysis Tasks for the AWS_BrokenInheritance Job - -Navigate to the **AWS** > **6.S3 Permissions** > **AWS_BrokenInheritance** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_BrokenInheritance Job](/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp) - -The following analysis tasks are selected by default: - -- Broken Inheritance – Permissions applied directly to AWS S3 Bucket Objects. Creates the - AWS_BrokenInheritance_Details table accessible under the job’s Results node. -- Broken Inheritance Summary – Summarizes permissions applied directly to AWS S3 Bucket Objects. - Creates the AWS_BrokenInheritance_Summary table accessible under the job’s Results node. - -## Report for the AWS_BrokenInheritance Job - -In addition to the tables and views created by the analysis task, the AWS_BrokenInheritance job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ------------------ | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Broken Inheritance | This report identifies permissions applied directly on files in AWS S3 Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by broken inheritance - Table – Shows buckets by broken inheritance - Table – Provides details on broken inheritance | diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-effectivepermissions.md b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-effectivepermissions.md deleted file mode 100644 index d1ed880a54..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-effectivepermissions.md +++ /dev/null @@ -1,30 +0,0 @@ -# AWS_EffectivePermissions Job - -The AWS_EffectivePermissions job identifies and summarizes effective permissions on AWS S3 buckets -and bucket objects. - -## Analysis Tasks for the AWS_Accounts Job - -Navigate to the **AWS** > **6.S3 Permissions** > **AWS_EffectivePermissions** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_Accounts Job](/img/product_docs/accessanalyzer/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp) - -The following analysis tasks are selected by default: - -- S3 Bucket Effective Permissions – AWS S3 Bucket effective permissions for each identity. Creates - the AWS_EffectiveBucketPermissions_Details table accessible under the job’s Results node. -- S3 Bucket Effective Permission Summary – Summarizes permission counts across AWS S3 Buckets. - Creates the AWS_EffectiveBucketPermissions_Summary table accessible under the job’s Results node. - -## Report for the AWS_EffectivePermissions Job - -In addition to the tables and views created by the analysis task, the AWS_EffectivePermissions job -produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| --------------------- | ------------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Effective Permissions | This report identifies and summarizes effective permissions on AWS S3 Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by effective permissions - Table – Shows buckets by effective permissions - Table – Provides details on effective permissions | diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-openbuckets.md b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-openbuckets.md deleted file mode 100644 index c112a5d1d4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-openbuckets.md +++ /dev/null @@ -1,28 +0,0 @@ -# AWS_OpenBuckets Job - -The AWS_OpenBuckets job identifies buckets that have permissions assigned to everyone at the top -level of the AWS S3 bucket. - -## Analysis Task for the AWS_OpenBuckets Job - -Navigate to the **AWS** > **6.S3 Permissions** > **AWS_OpenBuckets** > **Configure** node and select -**Analysis** to view the analysis task. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the AWS_OpenBuckets Job](/img/product_docs/accessanalyzer/solutions/aws/s3permissions/openbucketsanalysis.webp) - -The following analysis task is selected by default: - -- Open Bucket Permissions – Permissions applied to AWS S3 buckets across all users. Creates the - AWS_OpenBucket_Details table accessible under the job’s Results node. - -## Report for the AWS_OpenBuckets Job - -In addition to the tables and views created by the analysis task, the AWS_OpenBuckets job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ------------ | ------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Open Buckets | This report identifies AWS S3 Open Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays largest open buckets - Table – Shows largest open buckets - Table – Provides details on open buckets | diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_brokeninheritance.md b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_brokeninheritance.md new file mode 100644 index 0000000000..a05596c294 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_brokeninheritance.md @@ -0,0 +1,30 @@ +# AWS_BrokenInheritance Job + +The AWS_BrokenInheritance job highlights permissions in an AWS S3 bucket that differ from those +assigned at the bucket level, those assigned directly on objects within the bucket. + +## Analysis Tasks for the AWS_BrokenInheritance Job + +Navigate to the **AWS** > **6.S3 Permissions** > **AWS_BrokenInheritance** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_BrokenInheritance Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/brokeninheritanceanalysis.webp) + +The following analysis tasks are selected by default: + +- Broken Inheritance – Permissions applied directly to AWS S3 Bucket Objects. Creates the + AWS_BrokenInheritance_Details table accessible under the job’s Results node. +- Broken Inheritance Summary – Summarizes permissions applied directly to AWS S3 Bucket Objects. + Creates the AWS_BrokenInheritance_Summary table accessible under the job’s Results node. + +## Report for the AWS_BrokenInheritance Job + +In addition to the tables and views created by the analysis task, the AWS_BrokenInheritance job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ------------------ | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Broken Inheritance | This report identifies permissions applied directly on files in AWS S3 Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by broken inheritance - Table – Shows buckets by broken inheritance - Table – Provides details on broken inheritance | diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_effectivepermissions.md b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_effectivepermissions.md new file mode 100644 index 0000000000..018b3b875b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_effectivepermissions.md @@ -0,0 +1,30 @@ +# AWS_EffectivePermissions Job + +The AWS_EffectivePermissions job identifies and summarizes effective permissions on AWS S3 buckets +and bucket objects. + +## Analysis Tasks for the AWS_Accounts Job + +Navigate to the **AWS** > **6.S3 Permissions** > **AWS_EffectivePermissions** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_Accounts Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/effectivepermissionsanalysis.webp) + +The following analysis tasks are selected by default: + +- S3 Bucket Effective Permissions – AWS S3 Bucket effective permissions for each identity. Creates + the AWS_EffectiveBucketPermissions_Details table accessible under the job’s Results node. +- S3 Bucket Effective Permission Summary – Summarizes permission counts across AWS S3 Buckets. + Creates the AWS_EffectiveBucketPermissions_Summary table accessible under the job’s Results node. + +## Report for the AWS_EffectivePermissions Job + +In addition to the tables and views created by the analysis task, the AWS_EffectivePermissions job +produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| --------------------- | ------------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Effective Permissions | This report identifies and summarizes effective permissions on AWS S3 Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by effective permissions - Table – Shows buckets by effective permissions - Table – Provides details on effective permissions | diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_openbuckets.md b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_openbuckets.md new file mode 100644 index 0000000000..d12b79a70f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_openbuckets.md @@ -0,0 +1,28 @@ +# AWS_OpenBuckets Job + +The AWS_OpenBuckets job identifies buckets that have permissions assigned to everyone at the top +level of the AWS S3 bucket. + +## Analysis Task for the AWS_OpenBuckets Job + +Navigate to the **AWS** > **6.S3 Permissions** > **AWS_OpenBuckets** > **Configure** node and select +**Analysis** to view the analysis task. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the AWS_OpenBuckets Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/openbucketsanalysis.webp) + +The following analysis task is selected by default: + +- Open Bucket Permissions – Permissions applied to AWS S3 buckets across all users. Creates the + AWS_OpenBucket_Details table accessible under the job’s Results node. + +## Report for the AWS_OpenBuckets Job + +In addition to the tables and views created by the analysis task, the AWS_OpenBuckets job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ------------ | ------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Open Buckets | This report identifies AWS S3 Open Buckets. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays largest open buckets - Table – Shows largest open buckets - Table – Provides details on open buckets | diff --git a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/overview.md b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/overview.md index d79ac7e81e..7ff9159c47 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/s3permissions/overview.md +++ b/docs/accessanalyzer/12.0/solutions/aws/s3permissions/overview.md @@ -3,14 +3,14 @@ The 6.S3 Permissions job group provides details on permissions assigned to AWS S3 buckets, highlighting specific threats like broken inheritance and open buckets. -![6.S3 Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![6.S3 Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/jobstree.webp) The 6.S3 Permissions job group is comprised of: -- [AWS_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-brokeninheritance.md) – Highlights permissions in an AWS S3 bucket +- [AWS_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_brokeninheritance.md) – Highlights permissions in an AWS S3 bucket that differ from those assigned at the bucket level, those assigned directly on objects within the bucket -- [AWS_EffectivePermissions Job](/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-effectivepermissions.md) – Identifies and summarizes effective +- [AWS_EffectivePermissions Job](/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_effectivepermissions.md) – Identifies and summarizes effective permissions on AWS S3 buckets and bucket objects -- [AWS_OpenBuckets Job](/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws-openbuckets.md) – Identifies buckets that have permissions assigned to +- [AWS_OpenBuckets Job](/docs/accessanalyzer/12.0/solutions/aws/s3permissions/aws_openbuckets.md) – Identifies buckets that have permissions assigned to everyone at the top level of the AWS S3 bucket diff --git a/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws-sensitivedata-permissions.md b/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws-sensitivedata-permissions.md deleted file mode 100644 index d716b435c4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws-sensitivedata-permissions.md +++ /dev/null @@ -1,31 +0,0 @@ -# AWS_SensitiveData_Permissions Job - -The AWS_SensitiveData_Permissions job provides details on the permissions assigned to AWS S3 buckets -and the objects in them which contain sensitive data. - -## Analysis Tasks for the AWS_SensitiveData_Permissions Job - -Navigate to the **AWS** > **8.S3 Sensitive Data** > **AWS_SensitiveData_Permissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_SensitiveData_Permissions Job](/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp) - -The following analysis tasks are selected by default: - -- AWS Sensitive Data Permissions – Highlights permissions applied to AWS objects containing - sensitive data. Creates the AWS_SDDPermission_Details table accessible under the job’s Results - node. -- Sensitive Data Permissions Summary – Summarizes permissions on AWS objects containing sensitive - data. Creates the AWS_SDDPermission_BucketSummary table accessible under the job’s Results node. - -## Report for the AWS_SensitiveData_Permissions Job - -In addition to the tables and views created by the analysis task, the AWS_SensitiveData_Permissions -job produces the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| -------------------------- | ---------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Permissions | This report identifies permissions on AWS objects containing sensitive data. | Sensitive Data | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by permissions on sensitive data - Table – Shows buckets by permissions on sensitive data - Table – Provides details on sensitive data permissions | diff --git a/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws-sensitivedata.md b/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws-sensitivedata.md deleted file mode 100644 index 96c53d72d1..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws-sensitivedata.md +++ /dev/null @@ -1,33 +0,0 @@ -# AWS_SensitiveData Job - -The AWS_SensitiveData job provides details on AWS S3 buckets and the objects in them which contain -sensitive data. - -## Analysis Tasks for the AWS_SensitiveData Job - -Navigate to the **AWS** > **8.S3 Sensitive Data** > **AWS_SensitiveData** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_SensitiveData Job](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) - -The following analysis tasks are selected by default: - -- Sensitive Data Details – Provides detailed information for S3 objects with Sensitive Data. Creates - the AWS_SDD_Details table accessible under the job’s Results node. -- Sensitive Data Summary – Summarizes Sensitive Data by AWS Account. Creates the AWS_SDD_Summary - table accessible under the job’s Results node. -- Enterprise Summary – Summarizes AWS sensitive data by criteria. Creates the - AWS_SDD_EnterpriseSummary table accessible under the job’s Results node. - -## Report for the AWS_Sensitive Data Job - -In addition to the tables and views created by the analysis task, the AWS_SensitiveData job produces -the following preconfigured reports: - -| Report | Description | Default Tags | Report Element | -| ----------------------- | ----------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of the following elements: - Chart – Displays exceptions by match count - Table – Provides details on exceptions | -| Sensitive Data Overview | This report identifies objects in AWS S3 buckets that contain sensitive data. | Sensitive Data | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by sensitive data hit - Table – Shows sensitive data by account - Table – Provides details on sensitive data | diff --git a/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws_sensitivedata.md b/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws_sensitivedata.md new file mode 100644 index 0000000000..0d35e11d5b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws_sensitivedata.md @@ -0,0 +1,33 @@ +# AWS_SensitiveData Job + +The AWS_SensitiveData job provides details on AWS S3 buckets and the objects in them which contain +sensitive data. + +## Analysis Tasks for the AWS_SensitiveData Job + +Navigate to the **AWS** > **8.S3 Sensitive Data** > **AWS_SensitiveData** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_SensitiveData Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/sensitivedata/sensitivedataanalysis.webp) + +The following analysis tasks are selected by default: + +- Sensitive Data Details – Provides detailed information for S3 objects with Sensitive Data. Creates + the AWS_SDD_Details table accessible under the job’s Results node. +- Sensitive Data Summary – Summarizes Sensitive Data by AWS Account. Creates the AWS_SDD_Summary + table accessible under the job’s Results node. +- Enterprise Summary – Summarizes AWS sensitive data by criteria. Creates the + AWS_SDD_EnterpriseSummary table accessible under the job’s Results node. + +## Report for the AWS_Sensitive Data Job + +In addition to the tables and views created by the analysis task, the AWS_SensitiveData job produces +the following preconfigured reports: + +| Report | Description | Default Tags | Report Element | +| ----------------------- | ----------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of the following elements: - Chart – Displays exceptions by match count - Table – Provides details on exceptions | +| Sensitive Data Overview | This report identifies objects in AWS S3 buckets that contain sensitive data. | Sensitive Data | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by sensitive data hit - Table – Shows sensitive data by account - Table – Provides details on sensitive data | diff --git a/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws_sensitivedata_permissions.md b/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws_sensitivedata_permissions.md new file mode 100644 index 0000000000..d02485b471 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws_sensitivedata_permissions.md @@ -0,0 +1,31 @@ +# AWS_SensitiveData_Permissions Job + +The AWS_SensitiveData_Permissions job provides details on the permissions assigned to AWS S3 buckets +and the objects in them which contain sensitive data. + +## Analysis Tasks for the AWS_SensitiveData_Permissions Job + +Navigate to the **AWS** > **8.S3 Sensitive Data** > **AWS_SensitiveData_Permissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_SensitiveData_Permissions Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/sensitivedata/sensitivedatapermissionsanalysis.webp) + +The following analysis tasks are selected by default: + +- AWS Sensitive Data Permissions – Highlights permissions applied to AWS objects containing + sensitive data. Creates the AWS_SDDPermission_Details table accessible under the job’s Results + node. +- Sensitive Data Permissions Summary – Summarizes permissions on AWS objects containing sensitive + data. Creates the AWS_SDDPermission_BucketSummary table accessible under the job’s Results node. + +## Report for the AWS_SensitiveData_Permissions Job + +In addition to the tables and views created by the analysis task, the AWS_SensitiveData_Permissions +job produces the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| -------------------------- | ---------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Permissions | This report identifies permissions on AWS objects containing sensitive data. | Sensitive Data | This report is comprised of the following elements: - Stacked Bar Chart – Displays top buckets by permissions on sensitive data - Table – Shows buckets by permissions on sensitive data - Table – Provides details on sensitive data permissions | diff --git a/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/overview.md b/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/overview.md index 1a3b1ec8c8..092a3948ad 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/overview.md +++ b/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/overview.md @@ -3,11 +3,11 @@ The 8.S3 Sensitive Data job group provides details on AWS S3 buckets and objects containing sensitive data. -![8.S3 Sensitive Data Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![8.S3 Sensitive Data Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/aws/sensitivedata/jobstree.webp) The 8.S3 Sensitive Data job group is comprised of: -- [AWS_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws-sensitivedata.md) – Provides details on AWS S3 buckets and the objects +- [AWS_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws_sensitivedata.md) – Provides details on AWS S3 buckets and the objects in them which contain sensitive data -- [AWS_SensitiveData_Permissions Job](/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws-sensitivedata-permissions.md) – Provides details on the +- [AWS_SensitiveData_Permissions Job](/docs/accessanalyzer/12.0/solutions/aws/sensitivedata/aws_sensitivedata_permissions.md) – Provides details on the permissions assigned to AWS S3 buckets and the objects in them which contain sensitive data diff --git a/docs/accessanalyzer/12.0/solutions/aws/users/aws-accesskeys.md b/docs/accessanalyzer/12.0/solutions/aws/users/aws-accesskeys.md deleted file mode 100644 index 58eabc4606..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/users/aws-accesskeys.md +++ /dev/null @@ -1,32 +0,0 @@ -# AWS_AccessKeys Job - -The AWS_AccessKeys job provides details on the last time an access key was rotated or used, -highlighting keys that were last rotated over a year ago. - -## Analysis Tasks for the AWS_AccessKeys Job - -Navigate to the **AWS** > **2.Users** > **AWS_AccessKeys** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_AccessKeys Job](/img/product_docs/accessanalyzer/solutions/aws/users/accesskeysanalysis.webp) - -The following analysis tasks are selected by default: - -- Access Keys – Analyzes access key rotation age and last use. Creates the AWS_AccessKey_Details - table accessible under the job’s Results node. -- High Risk Access Keys – Highlights high risk access keys. Creates the AWS_AccessKey_HighRisk table - accessible under the job’s Results node. -- Access Keys summary – Summarizes access key rotation by age. Creates the AWS_AccessKey_Summary - table accessible under the job’s Results node. - -## Report for the AWS_AccessKeys Job - -In addition to the tables and views created by the analysis task, the AWS_AccessKeys job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Access Keys | This report identifies user accounts which have not rotated their AWS IAM Access Keys for an extended amount of time or have never used it. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays access key age by account - Table – Shows high risk access keys - Table – Provides details on access keys | diff --git a/docs/accessanalyzer/12.0/solutions/aws/users/aws-mfastatus.md b/docs/accessanalyzer/12.0/solutions/aws/users/aws-mfastatus.md deleted file mode 100644 index 5419ba7f51..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/users/aws-mfastatus.md +++ /dev/null @@ -1,30 +0,0 @@ -# AWS_MFAStatus Job - -The AWS_MFAStatus job provides details on each user's MFA status, highlighting users that have it -disabled. - -## Analysis Tasks for the AWS_MFAStatus Job - -Navigate to the **AWS** > **2.Users** > **AWS_MFAStatus** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_MFAStatus Job](/img/product_docs/accessanalyzer/solutions/aws/users/mfastatusanalysis.webp) - -The following analysis tasks are selected by default: - -- MFAStatus – Checks user accounts in AWS for Multi-Factor Authentication. Creates the - AWS_MFAStatus_Details table accessible under the job’s Results node. -- MFAStatus Summary – Summarizes AWS IAM Multi-Factor Authentication status by organisation. Creates - the AWS_MFAStatus_Summary table accessible under the job’s Results node. - -## Report for the AWS_MFAStatus Job - -In addition to the tables and views created by the analysis task, the AWS_MFAStatus job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ---------- | ------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -| MFA Status | This report identifies the MFA status of each AWS user | None | This report is comprised of the following elements: - Pie Chart – Displays MFA status - Table – Shows status by account - Table – Provides details on MFA | diff --git a/docs/accessanalyzer/12.0/solutions/aws/users/aws-rootaccounts.md b/docs/accessanalyzer/12.0/solutions/aws/users/aws-rootaccounts.md deleted file mode 100644 index 8fbca5cd76..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/users/aws-rootaccounts.md +++ /dev/null @@ -1,33 +0,0 @@ -# AWS_RootAccounts Job - -The AWS_RootAccounts job provides details on AWS root accounts and how they conform to recommended -security practices. - -## Analysis Tasks for the AWS_RootAccounts Job - -Navigate to the **AWS** > **2.Users** > **AWS_RootAccounts** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AWS_RootAccounts Job](/img/product_docs/accessanalyzer/solutions/aws/users/rootaccountsanalysis.webp) - -The following analysis tasks are selected by default: - -- Root Account Security Details – Provides details on the credentials and their usage for the AWS - root account in each account. Creates the AWS_RootAccountSecurity_Details table accessible under - the job’s Results node. -- Root Account Risk Assessment – Highlights security risks on AWS root accounts. Creates the - AWS_RootAccountSecurity_RiskAssessment table accessible under the job’s Results node. -- Root Account Security Summary – Summarizes risks on the root account. Creates the - AWS_RootAccountSecurity_Summary table accessible under the job’s Results node. - -## Report for the AWS_RootAccounts Job - -In addition to the tables and views created by the analysis task, the AWS_RootAccounts job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| --------------------- | ----------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Root Account Security | This report highlights security risks on AWS Root Accounts. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top account security by org - Table – Shows account security by Org - Table – Provides details on risk assessment - Table – Provides details on account security | diff --git a/docs/accessanalyzer/12.0/solutions/aws/users/aws-staleusers.md b/docs/accessanalyzer/12.0/solutions/aws/users/aws-staleusers.md deleted file mode 100644 index 265d36c5e2..0000000000 --- a/docs/accessanalyzer/12.0/solutions/aws/users/aws-staleusers.md +++ /dev/null @@ -1,62 +0,0 @@ -# AWS_StaleUsers Job - -The AWS_StaleUsers job provides details on the last time each user logged in or their access key was -used, highlighting those over specified number of days (default 60) or that have never logged in. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The AWS_StaleUsers job has the following configurable parameter: - -- Number of days before considering a user stale - -See the -[Customizable Analysis Tasks for the AWS_StaleUsers Job](#customizable-analysis-tasks-for-the-aws_staleusers-job) -topic for additional information. - -## Analysis Tasks for the AWS_StaleUsers Job - -Navigate to the **AWS** > **2.Users** > **AWS_StaleUsers** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for -this job. Only modify the analysis tasks listed in the customizable analysis tasks section. - -![Analysis Tasks for the AWS_StaleUsers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp) - -The following analysis tasks are selected by default: - -- Stale Users – Identifies user accounts that have not been logged in to in the last 60 days. - Creates the AWS_StaleUser_Details table accessible under the job’s Results node. - - - The number of days can be customized from the default value of 60. See the - [Customizable Analysis Tasks for the AWS_StaleUsers Job](#customizable-analysis-tasks-for-the-aws_staleusers-job) - topic for additional information. - -- Stale User Summary – Summarizes stale users in AWS. Creates the AWS_StaleUser_Summary table - accessible under the job’s Results node. - -### Customizable Analysis Tasks for the AWS_StaleUsers Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------- | --------------------------- | ------------- | ---------------------------------------------- | -| Stale Users | @StaleThreshold | 60 | Number of days before considering a user stale | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for instructions on how to modify parameters. - -## Report for the AWS_StaleUsers Job - -In addition to the tables and views created by the analysis task, the AWS_StaleUsers job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Element | -| ----------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Users | This report identifies user accounts which have not logged into AWS for an extended amount of time or have never logged in. A user account is considered stale if the last logon is over 60 days ago or the password has never been used. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays stale users by account - Table – Provides details on stale users | diff --git a/docs/accessanalyzer/12.0/solutions/aws/users/aws_accesskeys.md b/docs/accessanalyzer/12.0/solutions/aws/users/aws_accesskeys.md new file mode 100644 index 0000000000..218633f871 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/users/aws_accesskeys.md @@ -0,0 +1,32 @@ +# AWS_AccessKeys Job + +The AWS_AccessKeys job provides details on the last time an access key was rotated or used, +highlighting keys that were last rotated over a year ago. + +## Analysis Tasks for the AWS_AccessKeys Job + +Navigate to the **AWS** > **2.Users** > **AWS_AccessKeys** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_AccessKeys Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/users/accesskeysanalysis.webp) + +The following analysis tasks are selected by default: + +- Access Keys – Analyzes access key rotation age and last use. Creates the AWS_AccessKey_Details + table accessible under the job’s Results node. +- High Risk Access Keys – Highlights high risk access keys. Creates the AWS_AccessKey_HighRisk table + accessible under the job’s Results node. +- Access Keys summary – Summarizes access key rotation by age. Creates the AWS_AccessKey_Summary + table accessible under the job’s Results node. + +## Report for the AWS_AccessKeys Job + +In addition to the tables and views created by the analysis task, the AWS_AccessKeys job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Access Keys | This report identifies user accounts which have not rotated their AWS IAM Access Keys for an extended amount of time or have never used it. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays access key age by account - Table – Shows high risk access keys - Table – Provides details on access keys | diff --git a/docs/accessanalyzer/12.0/solutions/aws/users/aws_mfastatus.md b/docs/accessanalyzer/12.0/solutions/aws/users/aws_mfastatus.md new file mode 100644 index 0000000000..5c92c88450 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/users/aws_mfastatus.md @@ -0,0 +1,30 @@ +# AWS_MFAStatus Job + +The AWS_MFAStatus job provides details on each user's MFA status, highlighting users that have it +disabled. + +## Analysis Tasks for the AWS_MFAStatus Job + +Navigate to the **AWS** > **2.Users** > **AWS_MFAStatus** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_MFAStatus Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/users/mfastatusanalysis.webp) + +The following analysis tasks are selected by default: + +- MFAStatus – Checks user accounts in AWS for Multi-Factor Authentication. Creates the + AWS_MFAStatus_Details table accessible under the job’s Results node. +- MFAStatus Summary – Summarizes AWS IAM Multi-Factor Authentication status by organisation. Creates + the AWS_MFAStatus_Summary table accessible under the job’s Results node. + +## Report for the AWS_MFAStatus Job + +In addition to the tables and views created by the analysis task, the AWS_MFAStatus job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ---------- | ------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------- | +| MFA Status | This report identifies the MFA status of each AWS user | None | This report is comprised of the following elements: - Pie Chart – Displays MFA status - Table – Shows status by account - Table – Provides details on MFA | diff --git a/docs/accessanalyzer/12.0/solutions/aws/users/aws_rootaccounts.md b/docs/accessanalyzer/12.0/solutions/aws/users/aws_rootaccounts.md new file mode 100644 index 0000000000..13f84e3821 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/users/aws_rootaccounts.md @@ -0,0 +1,33 @@ +# AWS_RootAccounts Job + +The AWS_RootAccounts job provides details on AWS root accounts and how they conform to recommended +security practices. + +## Analysis Tasks for the AWS_RootAccounts Job + +Navigate to the **AWS** > **2.Users** > **AWS_RootAccounts** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AWS_RootAccounts Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/users/rootaccountsanalysis.webp) + +The following analysis tasks are selected by default: + +- Root Account Security Details – Provides details on the credentials and their usage for the AWS + root account in each account. Creates the AWS_RootAccountSecurity_Details table accessible under + the job’s Results node. +- Root Account Risk Assessment – Highlights security risks on AWS root accounts. Creates the + AWS_RootAccountSecurity_RiskAssessment table accessible under the job’s Results node. +- Root Account Security Summary – Summarizes risks on the root account. Creates the + AWS_RootAccountSecurity_Summary table accessible under the job’s Results node. + +## Report for the AWS_RootAccounts Job + +In addition to the tables and views created by the analysis task, the AWS_RootAccounts job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| --------------------- | ----------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Root Account Security | This report highlights security risks on AWS Root Accounts. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays top account security by org - Table – Shows account security by Org - Table – Provides details on risk assessment - Table – Provides details on account security | diff --git a/docs/accessanalyzer/12.0/solutions/aws/users/aws_staleusers.md b/docs/accessanalyzer/12.0/solutions/aws/users/aws_staleusers.md new file mode 100644 index 0000000000..5c164e9611 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/aws/users/aws_staleusers.md @@ -0,0 +1,62 @@ +# AWS_StaleUsers Job + +The AWS_StaleUsers job provides details on the last time each user logged in or their access key was +used, highlighting those over specified number of days (default 60) or that have never logged in. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The AWS_StaleUsers job has the following configurable parameter: + +- Number of days before considering a user stale + +See the +[Customizable Analysis Tasks for the AWS_StaleUsers Job](#customizable-analysis-tasks-for-the-aws_staleusers-job) +topic for additional information. + +## Analysis Tasks for the AWS_StaleUsers Job + +Navigate to the **AWS** > **2.Users** > **AWS_StaleUsers** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not deselect the selected analysis tasks. The analysis tasks are preconfigured for +this job. Only modify the analysis tasks listed in the customizable analysis tasks section. + +![Analysis Tasks for the AWS_StaleUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/aws/users/staleusersanalysis.webp) + +The following analysis tasks are selected by default: + +- Stale Users – Identifies user accounts that have not been logged in to in the last 60 days. + Creates the AWS_StaleUser_Details table accessible under the job’s Results node. + + - The number of days can be customized from the default value of 60. See the + [Customizable Analysis Tasks for the AWS_StaleUsers Job](#customizable-analysis-tasks-for-the-aws_staleusers-job) + topic for additional information. + +- Stale User Summary – Summarizes stale users in AWS. Creates the AWS_StaleUser_Summary table + accessible under the job’s Results node. + +### Customizable Analysis Tasks for the AWS_StaleUsers Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------- | --------------------------- | ------------- | ---------------------------------------------- | +| Stale Users | @StaleThreshold | 60 | Number of days before considering a user stale | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on how to modify parameters. + +## Report for the AWS_StaleUsers Job + +In addition to the tables and views created by the analysis task, the AWS_StaleUsers job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Element | +| ----------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Users | This report identifies user accounts which have not logged into AWS for an extended amount of time or have never logged in. A user account is considered stale if the last logon is over 60 days ago or the password has never been used. | None | This report is comprised of the following elements: - Stacked Bar Chart – Displays stale users by account - Table – Provides details on stale users | diff --git a/docs/accessanalyzer/12.0/solutions/aws/users/overview.md b/docs/accessanalyzer/12.0/solutions/aws/users/overview.md index a706fb61f9..794ce0f412 100644 --- a/docs/accessanalyzer/12.0/solutions/aws/users/overview.md +++ b/docs/accessanalyzer/12.0/solutions/aws/users/overview.md @@ -2,15 +2,15 @@ The 2.Users job group provides details on AWS IAM user MFA status, access key usage, and staleness. -![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/aws/users/jobstree.webp) The 2.Users job group is comprised of: -- [AWS_AccessKeys Job](/docs/accessanalyzer/12.0/solutions/aws/users/aws-accesskeys.md) – Provides details on the last time an access key was +- [AWS_AccessKeys Job](/docs/accessanalyzer/12.0/solutions/aws/users/aws_accesskeys.md) – Provides details on the last time an access key was rotated or used, highlighting keys that were last rotated over a year ago -- [AWS_MFAStatus Job](/docs/accessanalyzer/12.0/solutions/aws/users/aws-mfastatus.md) – Provides details on each user's MFA status, highlighting +- [AWS_MFAStatus Job](/docs/accessanalyzer/12.0/solutions/aws/users/aws_mfastatus.md) – Provides details on each user's MFA status, highlighting users that have it disabled -- [AWS_RootAccounts Job](/docs/accessanalyzer/12.0/solutions/aws/users/aws-rootaccounts.md) – Provides details on AWS root accounts and how they +- [AWS_RootAccounts Job](/docs/accessanalyzer/12.0/solutions/aws/users/aws_rootaccounts.md) – Provides details on AWS root accounts and how they conform to recommended security practices -- [AWS_StaleUsers Job](/docs/accessanalyzer/12.0/solutions/aws/users/aws-staleusers.md) – Provides details on the last time each user logged in or +- [AWS_StaleUsers Job](/docs/accessanalyzer/12.0/solutions/aws/users/aws_staleusers.md) – Provides details on the last time each user logged in or their access key was used, highlighting those over 60 days or that have never logged in diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-deletions.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-deletions.md deleted file mode 100644 index 28be739637..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-deletions.md +++ /dev/null @@ -1,28 +0,0 @@ -# Box_Deletions Job - -The Box_Deletions Job is comprised of analysis and reports, which use the data collected by the -0.Collection Job Group to identify file and folder deletions that have occurred over the past 30 -days. - -## Analysis Tasks for the Box_Deletions Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Deletions** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Deletions Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/deletionsanalysis.webp) - -The following analysis tasks are selected by default: - -- Deletion Details – Creates the Box_Deletion_Details table accessible under the job’s Results node -- Deletions (Last 30 Days) – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_Deletions Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------- | -| File and Folder Deletions (Deletion Events) | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of deletions - Table – Provides details on deletions | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-downloads.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-downloads.md deleted file mode 100644 index 6003f71f81..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-downloads.md +++ /dev/null @@ -1,27 +0,0 @@ -# Box_Downloads Job - -The Box_Downloads Job provides details on file and folder deletions that have occurred over the past -30 days. - -## Analysis Tasks for the Box_Downloads Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Downloads** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Downloads Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/downloadsanalysis.webp) - -The following analysis tasks are selected by default: - -- Download Details – Creates the Box_Download_Details table accessible under the job’s Results node -- Downloads Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_Downloads Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------- | -| Download Activity (Download Events) | This report identifies download events for the past 30 days. The detailed report shows all resources that were successfully downloaded as well as which users performed those events. | None | This report is comprised of three elements: - Line Chart – Displays last 30 days of downloads - Table – Provides details on downloads | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-externaluseractivity.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-externaluseractivity.md deleted file mode 100644 index 370b8585bd..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-externaluseractivity.md +++ /dev/null @@ -1,30 +0,0 @@ -# Box_ExternalUserActivity Job - -The Box_ExternalUserActivity Job identifies and analyzes activity events performed by external users -over the last 30 days. External Users are collaborators from outside your organization. They can be -granted the same collaborator access and sharing rights as Managed Users, but there is limited -control over the content they own and their security settings. - -## Analysis for the Box_ExternalUserActivity Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_ExternalUserActivity** > **Configure** -node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis for the Box_ExternalUserActivity Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/externaluseractivityanalysis.webp) - -The following analysis tasks are selected by default: - -- External User Activity Details – Creates the Box_ExternalUserActivity_Details table accessible - under the job’s Results node -- External User Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_ExternalUserActivity Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active External User | This report identifies highest resource activity by external users. The bar chart and summary table outline the top 5 most active external users. | None | This report is comprised of three elements: - Bar Chart – Displays top events by top external users - Table – Provides summary of events by top external user - Table – Provides details on external users | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-externalusercollaborations.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-externalusercollaborations.md deleted file mode 100644 index 359a0712b7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-externalusercollaborations.md +++ /dev/null @@ -1,29 +0,0 @@ -# Box_ExternalUserCollaborations Job - -The Box_ExternalUserCollaborations Job External Users are collaborators from outside your -organization. They can be granted the same collaborator access and sharing rights as Managed Users, -but there is limited control over the content they own and their security settings. - -## Analysis Tasks for the Box_ExternalUserCollaborations Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_ExternalUserCollaborations** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_ExternalUserCollaborations Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp) - -The following analysis tasks are selected by default: - -- External User Collaboration Details – Creates the Box_ExternalUserCollaboration_Details table - accessible under the job’s Results node -- External User Collaboration (Last 30 Days) – Creates an interim processing table in the database - for use by downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_ExternalUserCollaborations Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| External User Collaborations | This report identifies high-risk collaborations, highlighting most active collaborations by invites of external users. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of external user collaborations - Table – Provides details on external user collaborations | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-permissionchanges.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-permissionchanges.md deleted file mode 100644 index 1e8c67181e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-permissionchanges.md +++ /dev/null @@ -1,28 +0,0 @@ -# Box_PermissionChanges Job - -The Box_PermissionChannges Job provides details on permission changes that have occurred over the -past 30 days. - -## Analysis Tasks for the Box_PermissionChanges Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_PermissionChanges** > **Configure** -node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_PermissionChanges Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/permissionchangesanalysis.webp) - -The following analysis tasks are selected by default: - -- Permission Change Details – Creates the Box_PermissionChange_Details table accessible under the - job’s Results node -- Permission Changes (Last 30 Days) – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_PermissionChanges Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | -| Permission Changes | This report identifies all resources where successful permission changes have occurred. The line chart shows data for the past 30 days only. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of permission changes - Table – Provides details on permission changes | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-sharing.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-sharing.md deleted file mode 100644 index 6e61d98414..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-sharing.md +++ /dev/null @@ -1,26 +0,0 @@ -# Box_Sharing Job - -The Box_Sharing Job provides details on sharing activity that has occurred over the past 30 days. - -## Analysis Tasks for the Box_Sharing Job - -Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Sharing** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Sharing Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/sharinganalysis.webp) - -The following analysis tasks are selected by default: - -- Box Sharing – Creates the Box_Sharing_Details table accessible under the job’s Results node -- Sharing Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_Sharing Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sharing Activity Summary | This report identifies resource sharing within the target Box environments. The line graph will highlight time periods of the highest rate of sharing within the past 30 days. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of sharing activity - Table – Provides details on sharing activity | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_deletions.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_deletions.md new file mode 100644 index 0000000000..ba2e9cb5ed --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_deletions.md @@ -0,0 +1,28 @@ +# Box_Deletions Job + +The Box_Deletions Job is comprised of analysis and reports, which use the data collected by the +0.Collection Job Group to identify file and folder deletions that have occurred over the past 30 +days. + +## Analysis Tasks for the Box_Deletions Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Deletions** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Deletions Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/deletionsanalysis.webp) + +The following analysis tasks are selected by default: + +- Deletion Details – Creates the Box_Deletion_Details table accessible under the job’s Results node +- Deletions (Last 30 Days) – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_Deletions Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------- | +| File and Folder Deletions (Deletion Events) | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of deletions - Table – Provides details on deletions | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_downloads.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_downloads.md new file mode 100644 index 0000000000..3f5384cb7f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_downloads.md @@ -0,0 +1,27 @@ +# Box_Downloads Job + +The Box_Downloads Job provides details on file and folder deletions that have occurred over the past +30 days. + +## Analysis Tasks for the Box_Downloads Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Downloads** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Downloads Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/downloadsanalysis.webp) + +The following analysis tasks are selected by default: + +- Download Details – Creates the Box_Download_Details table accessible under the job’s Results node +- Downloads Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_Downloads Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------- | +| Download Activity (Download Events) | This report identifies download events for the past 30 days. The detailed report shows all resources that were successfully downloaded as well as which users performed those events. | None | This report is comprised of three elements: - Line Chart – Displays last 30 days of downloads - Table – Provides details on downloads | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_externaluseractivity.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_externaluseractivity.md new file mode 100644 index 0000000000..893e7c4569 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_externaluseractivity.md @@ -0,0 +1,30 @@ +# Box_ExternalUserActivity Job + +The Box_ExternalUserActivity Job identifies and analyzes activity events performed by external users +over the last 30 days. External Users are collaborators from outside your organization. They can be +granted the same collaborator access and sharing rights as Managed Users, but there is limited +control over the content they own and their security settings. + +## Analysis for the Box_ExternalUserActivity Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_ExternalUserActivity** > **Configure** +node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis for the Box_ExternalUserActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/externaluseractivityanalysis.webp) + +The following analysis tasks are selected by default: + +- External User Activity Details – Creates the Box_ExternalUserActivity_Details table accessible + under the job’s Results node +- External User Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_ExternalUserActivity Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active External User | This report identifies highest resource activity by external users. The bar chart and summary table outline the top 5 most active external users. | None | This report is comprised of three elements: - Bar Chart – Displays top events by top external users - Table – Provides summary of events by top external user - Table – Provides details on external users | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_externalusercollaborations.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_externalusercollaborations.md new file mode 100644 index 0000000000..f96c368c3b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_externalusercollaborations.md @@ -0,0 +1,29 @@ +# Box_ExternalUserCollaborations Job + +The Box_ExternalUserCollaborations Job External Users are collaborators from outside your +organization. They can be granted the same collaborator access and sharing rights as Managed Users, +but there is limited control over the content they own and their security settings. + +## Analysis Tasks for the Box_ExternalUserCollaborations Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_ExternalUserCollaborations** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_ExternalUserCollaborations Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp) + +The following analysis tasks are selected by default: + +- External User Collaboration Details – Creates the Box_ExternalUserCollaboration_Details table + accessible under the job’s Results node +- External User Collaboration (Last 30 Days) – Creates an interim processing table in the database + for use by downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_ExternalUserCollaborations Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| External User Collaborations | This report identifies high-risk collaborations, highlighting most active collaborations by invites of external users. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of external user collaborations - Table – Provides details on external user collaborations | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_permissionchanges.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_permissionchanges.md new file mode 100644 index 0000000000..b79198ce1b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_permissionchanges.md @@ -0,0 +1,28 @@ +# Box_PermissionChanges Job + +The Box_PermissionChannges Job provides details on permission changes that have occurred over the +past 30 days. + +## Analysis Tasks for the Box_PermissionChanges Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_PermissionChanges** > **Configure** +node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_PermissionChanges Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/permissionchangesanalysis.webp) + +The following analysis tasks are selected by default: + +- Permission Change Details – Creates the Box_PermissionChange_Details table accessible under the + job’s Results node +- Permission Changes (Last 30 Days) – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_PermissionChanges Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | +| Permission Changes | This report identifies all resources where successful permission changes have occurred. The line chart shows data for the past 30 days only. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of permission changes - Table – Provides details on permission changes | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_sharing.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_sharing.md new file mode 100644 index 0000000000..2aecdacb2f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_sharing.md @@ -0,0 +1,26 @@ +# Box_Sharing Job + +The Box_Sharing Job provides details on sharing activity that has occurred over the past 30 days. + +## Analysis Tasks for the Box_Sharing Job + +Navigate to **Box** > **1.Activity** > **Forensics** > **Box_Sharing** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Sharing Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/sharinganalysis.webp) + +The following analysis tasks are selected by default: + +- Box Sharing – Creates the Box_Sharing_Details table accessible under the job’s Results node +- Sharing Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_Sharing Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sharing Activity Summary | This report identifies resource sharing within the target Box environments. The line graph will highlight time periods of the highest rate of sharing within the past 30 days. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days of sharing activity - Table – Provides details on sharing activity | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/overview.md b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/overview.md index 3fdefc18dd..d39a420bd0 100644 --- a/docs/accessanalyzer/12.0/solutions/box/activity/forensics/overview.md +++ b/docs/accessanalyzer/12.0/solutions/box/activity/forensics/overview.md @@ -5,20 +5,20 @@ activity, collaboration activity and high-risk collaborations within the targete It is dependent on data collected by the 0.Collection Job Group, also housed in the Box Job Group. The jobs that comprise the 1.Activity Job Group process analysis tasks and generate a report. -![Forensics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Forensics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/jobstree.webp) The Forensics Job Group is comprised of: -- [Box_Deletions Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-deletions.md) – Provides details on file and folder deletions that have +- [Box_Deletions Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_deletions.md) – Provides details on file and folder deletions that have occurred over the past 30 days -- [Box_Downloads Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-downloads.md) – Provides details on file and folder deletions that have +- [Box_Downloads Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_downloads.md) – Provides details on file and folder deletions that have occurred over the past 30 days -- [Box_ExternalUserActivity Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-externaluseractivity.md) – Identifies and analyzes external +- [Box_ExternalUserActivity Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_externaluseractivity.md) – Identifies and analyzes external user activity which has occurred over the past 30 days -- [Box_ExternalUserCollaborations Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-externalusercollaborations.md) – Identifies collaboration +- [Box_ExternalUserCollaborations Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_externalusercollaborations.md) – Identifies collaboration invites sent to external users. These collaborations should be reviewed to ensure sensitive data is not being shared outside of your organization. -- [Box_PermissionChanges Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-permissionchanges.md) – Provides details on permission changes +- [Box_PermissionChanges Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_permissionchanges.md) – Provides details on permission changes that have occurred over the past 30 days -- [Box_Sharing Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box-sharing.md) – Provides details on sharing activity that has occurred over +- [Box_Sharing Job](/docs/accessanalyzer/12.0/solutions/box/activity/forensics/box_sharing.md) – Provides details on sharing activity that has occurred over the past 30 days diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/overview.md b/docs/accessanalyzer/12.0/solutions/box/activity/overview.md index 3217384a34..11e4ec78a8 100644 --- a/docs/accessanalyzer/12.0/solutions/box/activity/overview.md +++ b/docs/accessanalyzer/12.0/solutions/box/activity/overview.md @@ -4,7 +4,7 @@ The **Box** > **1.Activity** Job Group identifies long term trends of activity p into user activity, usage statistics, and suspicious behavior identifies long-term trends of activity providing insight into user activity, usage statistics, and suspicious behavior. -![1.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![1.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/jobstree.webp) The 1.Activity Job Group is comprised of: diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-failedlogins.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-failedlogins.md deleted file mode 100644 index 3b5bc047f8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-failedlogins.md +++ /dev/null @@ -1,30 +0,0 @@ -# Box_FailedLogins Job - -The Box_FailedLogins Job identifies failed logon events that have occurred over the last 30 days. A -failed logon can be an indication of security issues such as an attempt to access unauthorized -content, or operational issues such as a misconfigured service account. - -## Analysis Tasks for the Box_FailedLogins Job - -Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_FailedLogins** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_FailedLogins Job](/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp) - -The following analysis tasks are selected by default: - -- Failed Logins – Creates the Box_FailedLogin_Details table accessible under the job’s Results node -- Failed Login User Summary – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Failed Login Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_FailedLogins Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------- | --------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Failed Logins | This report highlights the failed login activity occurring in the target Box environment over the last 30 days. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days summary of failed logins - Table – Provides details on last 30 days of failed login details | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-firsttimefolderaccess.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-firsttimefolderaccess.md deleted file mode 100644 index a41774d763..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-firsttimefolderaccess.md +++ /dev/null @@ -1,28 +0,0 @@ -# Box_FirstTimeFolderAccess Job - -The Box_FirstTimeFolderAccess Job identifies the first time a user performs any activity on a folder -or a file over the past 30 days. - -## Analysis Tasks for the Box_FirstTimeFolderAccess Job - -View the analysis tasks by navigating to the **Box** > **1.Activity** > **Suspicious Activity** > -**Box_FirstTimeFolderAccess** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_FirstTimeFolderAccess Job](/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp) - -The following analysis tasks are selected by default: - -- First Time Folder Access – Creates the Box_FirstTimeFolderAccess_Details table accessible under - the job’s Results node -- First Time Folder Access Last 30 Days – Creates an interim processing table in the database for - use by downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_FirstTimeFolderAccess Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | --------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| First Time Folder Access | This report highlights details for first time folder access per user. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of first time folder access - Table – Provides summary of last 30 days of first time folder access - Table – Provides details on first time folder access | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-unusualdownloadactivity.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-unusualdownloadactivity.md deleted file mode 100644 index 265d47959c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-unusualdownloadactivity.md +++ /dev/null @@ -1,27 +0,0 @@ -# Box_UnusualDownloadActivity Job - -The Box_UnusualDownloadActivity Job highlights unusual download activity for a user on a specific -day by analyzing the download activity for a given user and looking for outliers. Unusual download -activity could indicate a compromised account or a malicious insider. - -## Analysis Task for the Box_UnusualDownloadActivity Job - -Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_UnusualDownloadActivity** > -**Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the Box_UnusualDownloadActivity Job](/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp) - -The following analysis task is selected by default: - -- Unusual Download Activity – Creates the Box_UnusualDownload_Details table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the Box_UnusualDownloadActivity Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Unusual Download Activity | This report provides insight into download activity that deviates from the normal range of expected downloads.  This is determined by using historical data for each file. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 most recent unusual download activity - Table – Provides details on unusual download activity | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-unusualuseractivity.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-unusualuseractivity.md deleted file mode 100644 index ec41ba1533..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-unusualuseractivity.md +++ /dev/null @@ -1,27 +0,0 @@ -# Box_UnusualUserActivity Job - -The Box_UnusualUserActivity Job highlights unusual download activity for a user on a specific day by -analyzing the download activity for a given user and looking for outliers. Unusual download activity -could indicate a compromised account or a malicious insider. - -## Analysis Tasks for the Box_UnusualUserActivity Job - -Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_UnusualUserActivity** > -**Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_UnusualUserActivity Job](/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp) - -The following analysis task is selected by default: - -- Unusual User Activity – Creates the Box_UnusualUserActivity table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the Box_Content Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Unusual User Activity | This report provides insight into user activity that deviates from the normal range of expected activity.  This is determined by using historical data for each user. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 most recent unusual user activity - Table – Provides details on unusual user activity | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-weekendactivity.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-weekendactivity.md deleted file mode 100644 index b21b178c1c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-weekendactivity.md +++ /dev/null @@ -1,29 +0,0 @@ -# Box_WeekendActivity Job - -The Box_WeekendActivity Job highlights unusual download activity for a user on a specific day by -analyzing the download activity for a given user and looking for outliers. Unusual download activity -could indicate a compromised account or a malicious insider. - -## Analysis Tasks for the Box_WeekendActivity Job - -Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_WeekendActivity** > -**Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_WeekendActivity Job](/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp) - -The following analysis tasks are selected by default: - -- Weekend Activity – Creates the Box_WeekendActivity_Details table accessible under the job’s - Results node -- Weekend Activity Summary – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the Box_WeekendActivity Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | -------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Weekend Activity | This report highlights the activity occurring on weekends in the target Box environment over the last 30 days. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of weekend activity for top 5 users - Table – Provides summary top 30 days of weekend activity - Table – Provides details on weekend Activity Details | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_failedlogins.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_failedlogins.md new file mode 100644 index 0000000000..92fc691831 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_failedlogins.md @@ -0,0 +1,30 @@ +# Box_FailedLogins Job + +The Box_FailedLogins Job identifies failed logon events that have occurred over the last 30 days. A +failed logon can be an indication of security issues such as an attempt to access unauthorized +content, or operational issues such as a misconfigured service account. + +## Analysis Tasks for the Box_FailedLogins Job + +Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_FailedLogins** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_FailedLogins Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp) + +The following analysis tasks are selected by default: + +- Failed Logins – Creates the Box_FailedLogin_Details table accessible under the job’s Results node +- Failed Login User Summary – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Failed Login Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_FailedLogins Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------- | --------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Failed Logins | This report highlights the failed login activity occurring in the target Box environment over the last 30 days. | None | This report is comprised of two elements: - Line Chart – Displays last 30 days summary of failed logins - Table – Provides details on last 30 days of failed login details | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_firsttimefolderaccess.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_firsttimefolderaccess.md new file mode 100644 index 0000000000..25e2547ec9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_firsttimefolderaccess.md @@ -0,0 +1,28 @@ +# Box_FirstTimeFolderAccess Job + +The Box_FirstTimeFolderAccess Job identifies the first time a user performs any activity on a folder +or a file over the past 30 days. + +## Analysis Tasks for the Box_FirstTimeFolderAccess Job + +View the analysis tasks by navigating to the **Box** > **1.Activity** > **Suspicious Activity** > +**Box_FirstTimeFolderAccess** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_FirstTimeFolderAccess Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp) + +The following analysis tasks are selected by default: + +- First Time Folder Access – Creates the Box_FirstTimeFolderAccess_Details table accessible under + the job’s Results node +- First Time Folder Access Last 30 Days – Creates an interim processing table in the database for + use by downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_FirstTimeFolderAccess Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | --------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| First Time Folder Access | This report highlights details for first time folder access per user. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of first time folder access - Table – Provides summary of last 30 days of first time folder access - Table – Provides details on first time folder access | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_unusualdownloadactivity.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_unusualdownloadactivity.md new file mode 100644 index 0000000000..aee9f2e9e4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_unusualdownloadactivity.md @@ -0,0 +1,27 @@ +# Box_UnusualDownloadActivity Job + +The Box_UnusualDownloadActivity Job highlights unusual download activity for a user on a specific +day by analyzing the download activity for a given user and looking for outliers. Unusual download +activity could indicate a compromised account or a malicious insider. + +## Analysis Task for the Box_UnusualDownloadActivity Job + +Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_UnusualDownloadActivity** > +**Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the Box_UnusualDownloadActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp) + +The following analysis task is selected by default: + +- Unusual Download Activity – Creates the Box_UnusualDownload_Details table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the Box_UnusualDownloadActivity Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Unusual Download Activity | This report provides insight into download activity that deviates from the normal range of expected downloads.  This is determined by using historical data for each file. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 most recent unusual download activity - Table – Provides details on unusual download activity | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_unusualuseractivity.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_unusualuseractivity.md new file mode 100644 index 0000000000..173702e844 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_unusualuseractivity.md @@ -0,0 +1,27 @@ +# Box_UnusualUserActivity Job + +The Box_UnusualUserActivity Job highlights unusual download activity for a user on a specific day by +analyzing the download activity for a given user and looking for outliers. Unusual download activity +could indicate a compromised account or a malicious insider. + +## Analysis Tasks for the Box_UnusualUserActivity Job + +Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_UnusualUserActivity** > +**Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_UnusualUserActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp) + +The following analysis task is selected by default: + +- Unusual User Activity – Creates the Box_UnusualUserActivity table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the Box_Content Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Unusual User Activity | This report provides insight into user activity that deviates from the normal range of expected activity.  This is determined by using historical data for each user. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 most recent unusual user activity - Table – Provides details on unusual user activity | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_weekendactivity.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_weekendactivity.md new file mode 100644 index 0000000000..80afa449f9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_weekendactivity.md @@ -0,0 +1,29 @@ +# Box_WeekendActivity Job + +The Box_WeekendActivity Job highlights unusual download activity for a user on a specific day by +analyzing the download activity for a given user and looking for outliers. Unusual download activity +could indicate a compromised account or a malicious insider. + +## Analysis Tasks for the Box_WeekendActivity Job + +Navigate to **Box** > **1.Activity** > **Suspicious Activity** > **Box_WeekendActivity** > +**Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_WeekendActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp) + +The following analysis tasks are selected by default: + +- Weekend Activity – Creates the Box_WeekendActivity_Details table accessible under the job’s + Results node +- Weekend Activity Summary – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the Box_WeekendActivity Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | -------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Weekend Activity | This report highlights the activity occurring on weekends in the target Box environment over the last 30 days. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of weekend activity for top 5 users - Table – Provides summary top 30 days of weekend activity - Table – Provides details on weekend Activity Details | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/overview.md b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/overview.md index 4ee72bcde4..e943ec0d73 100644 --- a/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/overview.md +++ b/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/overview.md @@ -4,18 +4,18 @@ The Suspicious Activity Job Group identifies areas and times of abnormal activit typical activity patterns and identifying outliers based on factors such as amount of activity or time of day. -![Suspicious Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Suspicious Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/jobstree.webp) The Suspicious Activity Job Group is comprised of: -- [Box_FailedLogins Job](/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-failedlogins.md) – Identifies failed logon events that have occurred +- [Box_FailedLogins Job](/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_failedlogins.md) – Identifies failed logon events that have occurred over the last 30 days -- [Box_FirstTimeFolderAccess Job](/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-firsttimefolderaccess.md) – Identifies the first time a user +- [Box_FirstTimeFolderAccess Job](/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_firsttimefolderaccess.md) – Identifies the first time a user performs any activity on a folder or a file over the past 30 days -- [Box_UnusualDownloadActivity Job](/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-unusualdownloadactivity.md) – Highlights unusual download +- [Box_UnusualDownloadActivity Job](/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_unusualdownloadactivity.md) – Highlights unusual download activity for a user on a specific day by analyzing the download activity for a given user and looking for outliers -- [Box_UnusualUserActivity Job](/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-unusualuseractivity.md) – Highlights unusual activity for a user +- [Box_UnusualUserActivity Job](/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_unusualuseractivity.md) – Highlights unusual activity for a user on a specific day by analyzing the activity for a given user and looking for outliers -- [Box_WeekendActivity Job](/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box-weekendactivity.md) – Identifies Box activity events which have +- [Box_WeekendActivity Job](/docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/box_weekendactivity.md) – Identifies Box activity events which have occurred on weekends over the last 30 days diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-folders-mostactive.md b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-folders-mostactive.md deleted file mode 100644 index 122b4d42bb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-folders-mostactive.md +++ /dev/null @@ -1,26 +0,0 @@ -# Box_Folders_MostActive Job - -The Box_Folders_MostActive Job identifies long-term trends of activity and usage statistics across -your Box environment, highlighting conditions such as most active or stale folders. - -## Analysis Tasks for the Box_Folders_MostActive Job - -Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Folders_MostActive** > -**Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Folders_MostActive Job](/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp) - -The following analysis task is selected by default: - -- Most Active Folders – Creates the Box_Folders_MostActive table accessible under the job’s Results - node - -In addition to the tables created by the analysis tasks, the Box_Folders_MostActive Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Most Active Folders | This report highlights the most active folder in the target Box environment over the last 30 days | None | This report is comprised of two elements: - Bar Chart – Displays last 30 days of most active folders - Table – Provides summary of most active folders | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-folders-stale.md b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-folders-stale.md deleted file mode 100644 index 91140f310f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-folders-stale.md +++ /dev/null @@ -1,27 +0,0 @@ -# Box_Folders_Stale Job - -The Box_Folders_Stale Job identifies the last time activity occurred for each folder in the Box -environment, highlighting stale folders which have not had activity in the last 30 days. These -folders can be subject to cleanup or consolidation. - -## Analysis Tasks for the Box_Folders_Stale Job - -Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Folders_Stale** > **Configure** -node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Folders_Stale Job](/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp) - -The following analysis tasks are selected by default: - -- Stale Folder Details – Creates the Box_Folders_Stale table accessible under the job’s Results node -- No Activity – Creates the Box_Folders_NoActivity table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the Box_Folders_Stale Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------- | ------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Folders | This report highlights stale resources in the target Box environment over the last 30 days | None | This report is comprised of three elements: - Bar Chart – Displays top 5 stale folders - Table – Provides summary of folders with no activity - Table – Provides details on stale folders | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-users-mostactive.md b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-users-mostactive.md deleted file mode 100644 index 3612d3fe64..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-users-mostactive.md +++ /dev/null @@ -1,25 +0,0 @@ -# Box_Users_MostActive Job - -The Box_Users_MostActive Job analyzes user activity to highlight the most active and potentially -stale users within the environment based on the last 30 days of activity events. - -## Analysis Tasks for the Box_Users_MostActive Job - -Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Users_MostActive** > -**Configure** node and select **Analysis** to view analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Users_MostActive Job](/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp) - -The default analysis task is: - -- Most Active Users – Creates the Box_Users_MostActive table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the Box_Users_MostActive Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active Users | This report highlights the most active users in the target Box environment over the last 30 days. It also lists stale users that have had no activity in the last 30 days. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of the most active users - Table – Provides summary of last 30 days of the most active users | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_folders_mostactive.md b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_folders_mostactive.md new file mode 100644 index 0000000000..c9a0c6d60e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_folders_mostactive.md @@ -0,0 +1,26 @@ +# Box_Folders_MostActive Job + +The Box_Folders_MostActive Job identifies long-term trends of activity and usage statistics across +your Box environment, highlighting conditions such as most active or stale folders. + +## Analysis Tasks for the Box_Folders_MostActive Job + +Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Folders_MostActive** > +**Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Folders_MostActive Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp) + +The following analysis task is selected by default: + +- Most Active Folders – Creates the Box_Folders_MostActive table accessible under the job’s Results + node + +In addition to the tables created by the analysis tasks, the Box_Folders_MostActive Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Most Active Folders | This report highlights the most active folder in the target Box environment over the last 30 days | None | This report is comprised of two elements: - Bar Chart – Displays last 30 days of most active folders - Table – Provides summary of most active folders | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_folders_stale.md b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_folders_stale.md new file mode 100644 index 0000000000..0d986f7d67 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_folders_stale.md @@ -0,0 +1,27 @@ +# Box_Folders_Stale Job + +The Box_Folders_Stale Job identifies the last time activity occurred for each folder in the Box +environment, highlighting stale folders which have not had activity in the last 30 days. These +folders can be subject to cleanup or consolidation. + +## Analysis Tasks for the Box_Folders_Stale Job + +Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Folders_Stale** > **Configure** +node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Folders_Stale Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp) + +The following analysis tasks are selected by default: + +- Stale Folder Details – Creates the Box_Folders_Stale table accessible under the job’s Results node +- No Activity – Creates the Box_Folders_NoActivity table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the Box_Folders_Stale Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------- | ------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Folders | This report highlights stale resources in the target Box environment over the last 30 days | None | This report is comprised of three elements: - Bar Chart – Displays top 5 stale folders - Table – Provides summary of folders with no activity - Table – Provides details on stale folders | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_users_mostactive.md b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_users_mostactive.md new file mode 100644 index 0000000000..3e530c1aac --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_users_mostactive.md @@ -0,0 +1,25 @@ +# Box_Users_MostActive Job + +The Box_Users_MostActive Job analyzes user activity to highlight the most active and potentially +stale users within the environment based on the last 30 days of activity events. + +## Analysis Tasks for the Box_Users_MostActive Job + +Navigate to **Box** > **1.Activity** > **Usage Statistics** > **Box_Users_MostActive** > +**Configure** node and select **Analysis** to view analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Users_MostActive Job](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp) + +The default analysis task is: + +- Most Active Users – Creates the Box_Users_MostActive table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the Box_Users_MostActive Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active Users | This report highlights the most active users in the target Box environment over the last 30 days. It also lists stale users that have had no activity in the last 30 days. | None | This report is comprised of three elements: - Bar Chart – Displays last 30 days of the most active users - Table – Provides summary of last 30 days of the most active users | diff --git a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/overview.md b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/overview.md index cc2e785407..b7bb495d37 100644 --- a/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/overview.md +++ b/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/overview.md @@ -3,16 +3,16 @@ The Usage Statistics Job Group identifies long term trends of activity and usage statistics across your Box environment, highlighting conditions such as most active or stale folders. -![Usage Statistics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Usage Statistics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/jobstree.webp) The Usage Statistics Job Group is comprised of: -- [Box_Folders_MostActive Job](/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-folders-mostactive.md) – Identifies long-term trends of activity +- [Box_Folders_MostActive Job](/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_folders_mostactive.md) – Identifies long-term trends of activity and usage statistics across your Box environment, highlighting conditions such as most active or stale folders -- [Box_Folders_Stale Job](/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-folders-stale.md) – Identifies long-term trends of activity and usage +- [Box_Folders_Stale Job](/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_folders_stale.md) – Identifies long-term trends of activity and usage statistics across your Box environment, highlighting conditions such as most active or stale folders -- [Box_Users_MostActive Job](/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box-users-mostactive.md) – Identifies long-term trends of activity and +- [Box_Users_MostActive Job](/docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/box_users_mostactive.md) – Identifies long-term trends of activity and usage statistics across your Box environment, highlighting conditions such as most active or stale folders diff --git a/docs/accessanalyzer/12.0/solutions/box/box-access.md b/docs/accessanalyzer/12.0/solutions/box/box-access.md deleted file mode 100644 index 4bdad0a90f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/box-access.md +++ /dev/null @@ -1,32 +0,0 @@ -# Box_Access Job - -The Box_Access Job analyzes access granted to users and groups in an organization's Box environment -in order to report on effective access rights, file-level permissions, and inactive access rights -that can be revoked. - -## Analysis Tasks for the Box_Access Job - -Navigate to **Box** > **Box_Access** > **Configure** node and select **Analysis** to view analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_Access Job](/img/product_docs/accessanalyzer/solutions/box/accessanalysis.webp) - -The following analysis tasks are selected by default: - -- Calculate Access Details – Creates the Box_Access_Details table accessible under the job’s Results - node -- Summarize Access by User – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Summarize Access by Group – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the Box_Access Job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------- | ----------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Access (Box Access Overview) | This report highlights groups with access to Box resources, and summarizes them by group. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by access granted - Table – Provides details on top groups by access - Table – Provides details on group access | -| User Access | This report highlights users with access to Box resources, and summarizes them by group. | None | This report is comprised of three elements: - T-Chart – Displays top users by direct access - Table – Provides summary of user access - Table – Provides details on user access | diff --git a/docs/accessanalyzer/12.0/solutions/box/box-groupmembership.md b/docs/accessanalyzer/12.0/solutions/box/box-groupmembership.md deleted file mode 100644 index 16d9c1934b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/box-groupmembership.md +++ /dev/null @@ -1,26 +0,0 @@ -# Box_GroupMembership Job - -The Box_GroupMembership Job provides visibility into group membership within an organization's Box -environment. - -## Analysis Tasks for the Box_GroupMembership Job - -Navigate to **Box** > **Box_GroupMembership** > **Configure** node and select **Analysis** to view -analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Box_GroupMembership Job](/img/product_docs/accessanalyzer/solutions/box/groupmembershipanalysis.webp) - -The following analysis task is selected by default: - -- Summarize Group Membership – Creates the Box_GroupMembership_Details table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the Box_Content Job produces the following -pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Membership (Box Group Membership) | This report summarizes Box group membership and lists all group membership across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by member count - Table – Provides summary of group membership - Table – Provides details on group membership | diff --git a/docs/accessanalyzer/12.0/solutions/box/box_access.md b/docs/accessanalyzer/12.0/solutions/box/box_access.md new file mode 100644 index 0000000000..123d43c861 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/box_access.md @@ -0,0 +1,32 @@ +# Box_Access Job + +The Box_Access Job analyzes access granted to users and groups in an organization's Box environment +in order to report on effective access rights, file-level permissions, and inactive access rights +that can be revoked. + +## Analysis Tasks for the Box_Access Job + +Navigate to **Box** > **Box_Access** > **Configure** node and select **Analysis** to view analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_Access Job](/img/product_docs/accessanalyzer/12.0/solutions/box/accessanalysis.webp) + +The following analysis tasks are selected by default: + +- Calculate Access Details – Creates the Box_Access_Details table accessible under the job’s Results + node +- Summarize Access by User – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Summarize Access by Group – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the Box_Access Job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------- | ----------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Access (Box Access Overview) | This report highlights groups with access to Box resources, and summarizes them by group. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by access granted - Table – Provides details on top groups by access - Table – Provides details on group access | +| User Access | This report highlights users with access to Box resources, and summarizes them by group. | None | This report is comprised of three elements: - T-Chart – Displays top users by direct access - Table – Provides summary of user access - Table – Provides details on user access | diff --git a/docs/accessanalyzer/12.0/solutions/box/box_groupmembership.md b/docs/accessanalyzer/12.0/solutions/box/box_groupmembership.md new file mode 100644 index 0000000000..88ea502378 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/box_groupmembership.md @@ -0,0 +1,26 @@ +# Box_GroupMembership Job + +The Box_GroupMembership Job provides visibility into group membership within an organization's Box +environment. + +## Analysis Tasks for the Box_GroupMembership Job + +Navigate to **Box** > **Box_GroupMembership** > **Configure** node and select **Analysis** to view +analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Box_GroupMembership Job](/img/product_docs/accessanalyzer/12.0/solutions/box/groupmembershipanalysis.webp) + +The following analysis task is selected by default: + +- Summarize Group Membership – Creates the Box_GroupMembership_Details table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the Box_Content Job produces the following +pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Membership (Box Group Membership) | This report summarizes Box group membership and lists all group membership across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top groups by member count - Table – Provides summary of group membership - Table – Provides details on group membership | diff --git a/docs/accessanalyzer/12.0/solutions/box/collection/1-box-access-scans.md b/docs/accessanalyzer/12.0/solutions/box/collection/1-box-access-scans.md deleted file mode 100644 index 584dd0eb69..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/collection/1-box-access-scans.md +++ /dev/null @@ -1,79 +0,0 @@ -# 1-Box_Access Scans Job - -The 1-Box_Access Scans Job collects the data which will be further analyzed in order to provide -details on Box access rights, policies, configurations, and content. - -## Queries for the 1-Box_Access Scans Job - -The Scan Query uses the Box Data Collector to target all Box hosts and has been preconfigured to use -the Scan Box Permissions Category. If this query is not configured but has the access token, a full -scan of all folders at full depth is performed. Optionally, configure the query to limit the depth -of the scan. - -![Queries for the 1-Box_Access Scans Job](/img/product_docs/accessanalyzer/solutions/box/collection/accessqueries.webp) - -The 1-Box_Access Scans Job has the following queries: - -- Scan Query – Collects access data which will be further analyzed in order to provide details on - Box access rights, policies, configurations, and content - -Prior to the first execution, it is necessary to authenticate to the targeted Box environment. This -is done on the Authenticate page of the Scan query. Additionally, the following default -configurations are commonly customized: - -- Exclusions page: - - - Not scoped - -- Additional Scoping page: - - - Not scoped - -See the [Configure the 1-Box_Access Scans Job](#configure-the-1-box_access-scans-job) section for -instructions. - -### Configure the 1-Box_Access Scans Job - -The 1-Box_Access Scans Job contains the Scan Query. Follow the steps to configure the query. - -**Step 1 –** Navigate to the **Box** > **0.Collection** > **1-Box_Access Scans** > **Configure** -node and select **Queries**. - -**Step 1 –** In the Query Selection view, select the Scan Query and click **Query Properties**. The -Query Properties window opens. - -**Step 2 –** Select the **Data Source** tab, and click **Configure**. The Box Data Collector Wizard -opens. - -![Box Data Collector Wizard Exclusions page](/img/product_docs/accessanalyzer/solutions/box/collection/accessexclusions.webp) - -**Step 3 –** On the Exclusions Page: - -- Add folders to be excluded -- Add folders to be included (scope scan to only these folders) - -![Box Data Collector Wizard Additional Scoping page](/img/product_docs/accessanalyzer/solutions/box/collection/accessadditionalscoping.webp) - -**Step 4 –** On the Additional Scoping page: - -- Optionally, select this option to limit the depth of the scan across the targeted Box account - -![Box Data Collector Wizard Scope by User page](/img/product_docs/accessanalyzer/solutions/box/collection/accessuserscope.webp) - -**Step 5 –** On the Scope By User Page: - -- Optionally, limit the scope of the scan to specified users by providing a CSV file - -![Box Data Collector Wizard Authenticate page](/img/product_docs/accessanalyzer/solutions/box/collection/accessauthenticate.webp) - -**Step 6 –** The Authenticate page is where the connection to the target Box environment is -configured. Click **Authorize** to launch the BoxLogin window and generate an authorization code. -This code allows Access Analyzer to report on the Box Enterprise. - -**NOTE:** Authentication to the target Box environment only needs to be completed once, prior to the -first scan and only in one of the scan jobs. - -**Step 7 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The 1-Box_Access Scans Job will execute according to the connection settings configuration. diff --git a/docs/accessanalyzer/12.0/solutions/box/collection/1-box-activity-scans.md b/docs/accessanalyzer/12.0/solutions/box/collection/1-box-activity-scans.md deleted file mode 100644 index 5e0b921c26..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/collection/1-box-activity-scans.md +++ /dev/null @@ -1,92 +0,0 @@ -# 1-Box_Activity Scans Job - -The 1-Box_Activity Scans Job collects the data which will be further analyzed in order to provide -visibility into user activity events within Box. - -## Queries for the 1-Box_Activity Scans Job - -The Scan Query uses the Box Data Collector to target all Box hosts and has been preconfigured to use -the Scan Box Permissions Category. - -![Queries for the 1-Box_Activity Scans Job](/img/product_docs/accessanalyzer/solutions/box/collection/activityqueries.webp) - -The 1-Box_Activity Scans Job has the following queries: - -- Activity Scan – Collects activity data which will be further analyzed in order to provide - visibility into user activity events within Box. - -Prior to the first execution, it is necessary to authenticate to the targeted Box environment if -this has not already been done when configuring the 1-Box_Access Scans Job. This is done on the -Authenticate page of the Activity Scan query. Additionally, the following default configurations are -commonly customized: - -- Exclusions page: - - - Not scoped - -- Additional Scoping page: - - - Not scoped - -See the [Configure the 1-Box_Activity Scans Job](#configure-the-1-box_activity-scans-job) section -for instructions. - -### Configure the 1-Box_Activity Scans Job - -The 1-Box_Activity Scans Job contains the Activity Scan Query. Follow the steps to configure the -query. - -**Step 1 –** Navigate to the **Box** > **0.Collection** > **1-Box_Activity Scans** > **Configure** -node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the Scan Query and click **Query Properties**. The -Query Properties window displays. - -**Step 3 –** Select the Data Source tab, and click **Configure**. The Box Data Collector Wizard -opens. - -![Box Data Collector Wizard Exclusions page](/img/product_docs/accessanalyzer/solutions/box/collection/activityexclusions.webp) - -**Step 4 –** On the Exclusions page: - -- Add folders to be excluded -- Add folders to be included (scope scan to only these folders) - -![Box Data Collector Wizard Additional Scoping page](/img/product_docs/accessanalyzer/solutions/box/collection/activityadditionalscoping.webp) - -**Step 5 –** On the Additional Scoping page: - -- Optionally, select this option to limit the depth of the scan across the targeted Box account - -![Box Data Collector Wizard Scope by User page](/img/product_docs/accessanalyzer/solutions/box/collection/activityuserscope.webp) - -**Step 6 –** On the Scope By User Page: - -- Optionally, limit the scope of the scan to specified users by providing a CSV file - -![Box Data Collector Wizard Activity Timespan Scope page](/img/product_docs/accessanalyzer/solutions/box/collection/activitytimespanscope.webp) - -**Step 7 –** On the Activity Timespan Scope page: - -- Collect activity data within a Relative Timespan -- Collect activity data within an Absolute Timespan - -![Box Data Collector Wizard Activity Operation Scope page](/img/product_docs/accessanalyzer/solutions/box/collection/activityoperationscope.webp) - -**Step 8 –** On the Activity Operation Scope page: - -- Select Box enterprise event operations to collect - -![Box Data Collector Wizard Authenticate page](/img/product_docs/accessanalyzer/solutions/box/collection/activityauthenticate.webp) - -**Step 9 –** The Authenticate page is where the connection to the target Box environment is -configured. Click **Authorize** to launch the BoxLogin window and generate an authorization code. -This code allows Access Analyzer to report on the Box Enterprise. - -**NOTE:** Authentication to the target Box environment only needs to be completed once, prior to the -first scan and only in one of the scan jobs. - -**Step 10 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The 1-Box_Activity Scans Job will execute according to the connection settings configuration. diff --git a/docs/accessanalyzer/12.0/solutions/box/collection/1-box_access_scans.md b/docs/accessanalyzer/12.0/solutions/box/collection/1-box_access_scans.md new file mode 100644 index 0000000000..d1d59ee909 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/collection/1-box_access_scans.md @@ -0,0 +1,79 @@ +# 1-Box_Access Scans Job + +The 1-Box_Access Scans Job collects the data which will be further analyzed in order to provide +details on Box access rights, policies, configurations, and content. + +## Queries for the 1-Box_Access Scans Job + +The Scan Query uses the Box Data Collector to target all Box hosts and has been preconfigured to use +the Scan Box Permissions Category. If this query is not configured but has the access token, a full +scan of all folders at full depth is performed. Optionally, configure the query to limit the depth +of the scan. + +![Queries for the 1-Box_Access Scans Job](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessqueries.webp) + +The 1-Box_Access Scans Job has the following queries: + +- Scan Query – Collects access data which will be further analyzed in order to provide details on + Box access rights, policies, configurations, and content + +Prior to the first execution, it is necessary to authenticate to the targeted Box environment. This +is done on the Authenticate page of the Scan query. Additionally, the following default +configurations are commonly customized: + +- Exclusions page: + + - Not scoped + +- Additional Scoping page: + + - Not scoped + +See the [Configure the 1-Box_Access Scans Job](#configure-the-1-box_access-scans-job) section for +instructions. + +### Configure the 1-Box_Access Scans Job + +The 1-Box_Access Scans Job contains the Scan Query. Follow the steps to configure the query. + +**Step 1 –** Navigate to the **Box** > **0.Collection** > **1-Box_Access Scans** > **Configure** +node and select **Queries**. + +**Step 1 –** In the Query Selection view, select the Scan Query and click **Query Properties**. The +Query Properties window opens. + +**Step 2 –** Select the **Data Source** tab, and click **Configure**. The Box Data Collector Wizard +opens. + +![Box Data Collector Wizard Exclusions page](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessexclusions.webp) + +**Step 3 –** On the Exclusions Page: + +- Add folders to be excluded +- Add folders to be included (scope scan to only these folders) + +![Box Data Collector Wizard Additional Scoping page](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessadditionalscoping.webp) + +**Step 4 –** On the Additional Scoping page: + +- Optionally, select this option to limit the depth of the scan across the targeted Box account + +![Box Data Collector Wizard Scope by User page](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessuserscope.webp) + +**Step 5 –** On the Scope By User Page: + +- Optionally, limit the scope of the scan to specified users by providing a CSV file + +![Box Data Collector Wizard Authenticate page](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessauthenticate.webp) + +**Step 6 –** The Authenticate page is where the connection to the target Box environment is +configured. Click **Authorize** to launch the BoxLogin window and generate an authorization code. +This code allows Access Analyzer to report on the Box Enterprise. + +**NOTE:** Authentication to the target Box environment only needs to be completed once, prior to the +first scan and only in one of the scan jobs. + +**Step 7 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The 1-Box_Access Scans Job will execute according to the connection settings configuration. diff --git a/docs/accessanalyzer/12.0/solutions/box/collection/1-box_activity_scans.md b/docs/accessanalyzer/12.0/solutions/box/collection/1-box_activity_scans.md new file mode 100644 index 0000000000..78a21098ef --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/collection/1-box_activity_scans.md @@ -0,0 +1,92 @@ +# 1-Box_Activity Scans Job + +The 1-Box_Activity Scans Job collects the data which will be further analyzed in order to provide +visibility into user activity events within Box. + +## Queries for the 1-Box_Activity Scans Job + +The Scan Query uses the Box Data Collector to target all Box hosts and has been preconfigured to use +the Scan Box Permissions Category. + +![Queries for the 1-Box_Activity Scans Job](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityqueries.webp) + +The 1-Box_Activity Scans Job has the following queries: + +- Activity Scan – Collects activity data which will be further analyzed in order to provide + visibility into user activity events within Box. + +Prior to the first execution, it is necessary to authenticate to the targeted Box environment if +this has not already been done when configuring the 1-Box_Access Scans Job. This is done on the +Authenticate page of the Activity Scan query. Additionally, the following default configurations are +commonly customized: + +- Exclusions page: + + - Not scoped + +- Additional Scoping page: + + - Not scoped + +See the [Configure the 1-Box_Activity Scans Job](#configure-the-1-box_activity-scans-job) section +for instructions. + +### Configure the 1-Box_Activity Scans Job + +The 1-Box_Activity Scans Job contains the Activity Scan Query. Follow the steps to configure the +query. + +**Step 1 –** Navigate to the **Box** > **0.Collection** > **1-Box_Activity Scans** > **Configure** +node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the Scan Query and click **Query Properties**. The +Query Properties window displays. + +**Step 3 –** Select the Data Source tab, and click **Configure**. The Box Data Collector Wizard +opens. + +![Box Data Collector Wizard Exclusions page](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityexclusions.webp) + +**Step 4 –** On the Exclusions page: + +- Add folders to be excluded +- Add folders to be included (scope scan to only these folders) + +![Box Data Collector Wizard Additional Scoping page](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityadditionalscoping.webp) + +**Step 5 –** On the Additional Scoping page: + +- Optionally, select this option to limit the depth of the scan across the targeted Box account + +![Box Data Collector Wizard Scope by User page](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityuserscope.webp) + +**Step 6 –** On the Scope By User Page: + +- Optionally, limit the scope of the scan to specified users by providing a CSV file + +![Box Data Collector Wizard Activity Timespan Scope page](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activitytimespanscope.webp) + +**Step 7 –** On the Activity Timespan Scope page: + +- Collect activity data within a Relative Timespan +- Collect activity data within an Absolute Timespan + +![Box Data Collector Wizard Activity Operation Scope page](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityoperationscope.webp) + +**Step 8 –** On the Activity Operation Scope page: + +- Select Box enterprise event operations to collect + +![Box Data Collector Wizard Authenticate page](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityauthenticate.webp) + +**Step 9 –** The Authenticate page is where the connection to the target Box environment is +configured. Click **Authorize** to launch the BoxLogin window and generate an authorization code. +This code allows Access Analyzer to report on the Box Enterprise. + +**NOTE:** Authentication to the target Box environment only needs to be completed once, prior to the +first scan and only in one of the scan jobs. + +**Step 10 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The 1-Box_Activity Scans Job will execute according to the connection settings configuration. diff --git a/docs/accessanalyzer/12.0/solutions/box/collection/2-box-import.md b/docs/accessanalyzer/12.0/solutions/box/collection/2-box-import.md deleted file mode 100644 index 245c319cda..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/collection/2-box-import.md +++ /dev/null @@ -1,18 +0,0 @@ -# 2-Box_Import Job - -The 2-Box_Import Job takes the data that has been collected from the 1-Box_Access Scans Job and the -1-Box_Activity Scans Job and imports it to the Access Analyzer database to be analyzed in order to -provide detailed reports on Box access rights, policies, configurations, activities, and content. - -## Queries for the 2-Box_Import Job - -The Import Query uses the Box Data Collector and has been preconfigured to use the Import Box -Permissions Category. - -![Queries for the 2-Box_Import Job](/img/product_docs/accessanalyzer/solutions/box/collection/importqueries.webp) - -The 2-Box_Import Job has the following query: - -- Import - Takes the data that has been collected from Box and imports it to the Access Analyzer - database to be analyzed in order to provide detailed reports on Box access rights, policies, - configurations, activities, and content. diff --git a/docs/accessanalyzer/12.0/solutions/box/collection/2-box_import.md b/docs/accessanalyzer/12.0/solutions/box/collection/2-box_import.md new file mode 100644 index 0000000000..6f2e14397d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/collection/2-box_import.md @@ -0,0 +1,18 @@ +# 2-Box_Import Job + +The 2-Box_Import Job takes the data that has been collected from the 1-Box_Access Scans Job and the +1-Box_Activity Scans Job and imports it to the Access Analyzer database to be analyzed in order to +provide detailed reports on Box access rights, policies, configurations, activities, and content. + +## Queries for the 2-Box_Import Job + +The Import Query uses the Box Data Collector and has been preconfigured to use the Import Box +Permissions Category. + +![Queries for the 2-Box_Import Job](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/importqueries.webp) + +The 2-Box_Import Job has the following query: + +- Import - Takes the data that has been collected from Box and imports it to the Access Analyzer + database to be analyzed in order to provide detailed reports on Box access rights, policies, + configurations, activities, and content. diff --git a/docs/accessanalyzer/12.0/solutions/box/collection/overview.md b/docs/accessanalyzer/12.0/solutions/box/collection/overview.md index 407a53dd15..eddf0e532a 100644 --- a/docs/accessanalyzer/12.0/solutions/box/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/box/collection/overview.md @@ -3,14 +3,14 @@ The 0.Collection Job Group collects data which will be further analyzed in order to provide details on Box access rights, policies, configurations, activities, and content. -![Box > Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Box > Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/box/collection/jobstree.webp) The 0.Collection Job Group is comprised of: -- [1-Box_Access Scans Job](/docs/accessanalyzer/12.0/solutions/box/collection/1-box-access-scans.md) – Collects the data which will be further analyzed +- [1-Box_Access Scans Job](/docs/accessanalyzer/12.0/solutions/box/collection/1-box_access_scans.md) – Collects the data which will be further analyzed in order to provide details on Box access rights, policies, configurations, and content -- [1-Box_Activity Scans Job](/docs/accessanalyzer/12.0/solutions/box/collection/1-box-activity-scans.md) – Collects the data which will be further +- [1-Box_Activity Scans Job](/docs/accessanalyzer/12.0/solutions/box/collection/1-box_activity_scans.md) – Collects the data which will be further analyzed in order to provide visibility into user activity events within Box -- [2-Box_Import Job](/docs/accessanalyzer/12.0/solutions/box/collection/2-box-import.md) – Takes the data that has been collected from Box and imports +- [2-Box_Import Job](/docs/accessanalyzer/12.0/solutions/box/collection/2-box_import.md) – Takes the data that has been collected from Box and imports it to the Access Analyzer database to be analyzed in order to provide detailed reports on Box access rights, policies, configurations, activities, and content diff --git a/docs/accessanalyzer/12.0/solutions/box/content/box-filemetrics.md b/docs/accessanalyzer/12.0/solutions/box/content/box-filemetrics.md deleted file mode 100644 index 61813dcd2f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/content/box-filemetrics.md +++ /dev/null @@ -1,52 +0,0 @@ -# Box_FileMetrics Job - -The Box_FileMetrics Job offers insight into content sizing, staleness, and ownership of files in the -Box environment. - -**NOTE:** The staleness threshold can be customized within the **File Metrics Details** analysis. - -## Analysis Tasks for the Box_FileMetrics Job - -Navigate to **Box** > **2.Content** > **Box_FileMetrics** > **Configure** node and select -**Analysis** to view analysis tasks. - -**CAUTION:** Most of these analysis tasks should never be modified and never be deselected. - -![Analysis Tasks for the Box_FileMetrics Job](/img/product_docs/accessanalyzer/solutions/box/content/filemetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- File Metrics Details – Creates the Box_FileMetrics_Details table accessible under the job’s - Results node - - Set to consider content stale after 30 days which is the @STALETHRESHOLD parameter value - - See the - [Customize Analysis Tasks for the Box_FileMetrics Job](#customize-analysis-tasks-for-the-box_filemetrics-job) - topic for additional information. -- File Count by User – Creates the Box_FileMetrics_UserFileCount table accessible under the job’s - Results node -- Total File Size by User – Creates the Box_FileMetrics_UserFileSize table accessible under the - job’s Results node -- File Counts by File Extension – Creates the Box_FileMetrics_ExtFileCount table accessible under - the job’s Results node -- File Size by File Extension – Creates the Box_FileMetrics_ExtFileSize table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the Box_FileMetrics Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | --------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Files by Extension | This report summarizes the Box content by file extension. | None | This report is comprised of four elements: - Pie Chart – Displays top 20 file counts by file extension - Bar Chart – Displays top 5 file size by file extension - Table – Provides details on file counts by file extension - Table – Provides details on file size by file extension | -| Files by User | This report summarizes the Box content by user. | None | This report is comprised of four elements: - Bar Chart – Displays top 5 file count by user - Bar Chart – Displays top 5 file size by user - Table – Provides details on file count by user - Table – Provides details on file size by user | - -### Customize Analysis Tasks for the Box_FileMetrics Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| -------------------- | --------------------------- | ------------- | ------------------------------------ | -| File Metrics Details | @STALE_THRESHOLD | 30 | Consider content stale after 30 days | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for instructions on how to modify parameters. diff --git a/docs/accessanalyzer/12.0/solutions/box/content/box-foldermetrics.md b/docs/accessanalyzer/12.0/solutions/box/content/box-foldermetrics.md deleted file mode 100644 index 3d2c2fdbf1..0000000000 --- a/docs/accessanalyzer/12.0/solutions/box/content/box-foldermetrics.md +++ /dev/null @@ -1,50 +0,0 @@ -# Box_FolderMetrics Job - -The Box_FolderMetrics Job offers insight into content sizing, staleness, and ownership of folders in -the Box environment. - -**NOTE:** The staleness threshold can be customized within the **Folder Metrics Details** analysis. -Largest and smallest folder size thresholds can be configured in a similar way on their respective -analysis tasks. - -## Analysis Tasks for the Box_FolderMetrics Job - -Navigate to **Box** > **2.Content** > **Box_FolderMetrics** > **Configure** node and select -**Analysis** to view analysis tasks. - -**CAUTION:** Most of these analysis tasks should never be modified and never be deselected. - -![Analysis Tasks for the Box_FolderMetrics Job](/img/product_docs/accessanalyzer/solutions/box/content/foldermetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- Folder Metrics Details – Creates the Box_FolderMetrics_Details table accessible under the job’s - Results node - - Set to consider content stale after 30 days which is the @STALETHRESHOLD parameter value - - See the - [Customizable Analysis Tasks for the Box_FolderMetrics Job](#customizable-analysis-tasks-for-the-box_foldermetrics-job) - topic for additional information. -- Largest Folders – Creates the Box_FolderMetrics_Largest table accessible under the job’s Results - node -- Smallest Non-Empty Folders – Creates the Box_FolderMetrics_Smallest table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the Box_FolderMetrics Job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Largest Folders | This report summarizes the Box content by folder size. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 largest folders - Table – Provides details on largest folders | -| Smallest Folders | This report summarizes the Box content by folder size. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 smallest folders with files - Table – Provides details on smallest folders with files - Table – Provides details on empty folders | - -### Customizable Analysis Tasks for the Box_FolderMetrics Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ---------------------- | --------------------------- | ------------- | ------------------------------------ | -| Folder Metrics Details | @STALE_THRESHOLD | 30 | Consider content stale after 30 days | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) topic -for instructions on how to modify parameters. diff --git a/docs/accessanalyzer/12.0/solutions/box/content/box_filemetrics.md b/docs/accessanalyzer/12.0/solutions/box/content/box_filemetrics.md new file mode 100644 index 0000000000..3bcd11e334 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/content/box_filemetrics.md @@ -0,0 +1,52 @@ +# Box_FileMetrics Job + +The Box_FileMetrics Job offers insight into content sizing, staleness, and ownership of files in the +Box environment. + +**NOTE:** The staleness threshold can be customized within the **File Metrics Details** analysis. + +## Analysis Tasks for the Box_FileMetrics Job + +Navigate to **Box** > **2.Content** > **Box_FileMetrics** > **Configure** node and select +**Analysis** to view analysis tasks. + +**CAUTION:** Most of these analysis tasks should never be modified and never be deselected. + +![Analysis Tasks for the Box_FileMetrics Job](/img/product_docs/accessanalyzer/12.0/solutions/box/content/filemetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- File Metrics Details – Creates the Box_FileMetrics_Details table accessible under the job’s + Results node + - Set to consider content stale after 30 days which is the @STALETHRESHOLD parameter value + - See the + [Customize Analysis Tasks for the Box_FileMetrics Job](#customize-analysis-tasks-for-the-box_filemetrics-job) + topic for additional information. +- File Count by User – Creates the Box_FileMetrics_UserFileCount table accessible under the job’s + Results node +- Total File Size by User – Creates the Box_FileMetrics_UserFileSize table accessible under the + job’s Results node +- File Counts by File Extension – Creates the Box_FileMetrics_ExtFileCount table accessible under + the job’s Results node +- File Size by File Extension – Creates the Box_FileMetrics_ExtFileSize table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the Box_FileMetrics Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | --------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Files by Extension | This report summarizes the Box content by file extension. | None | This report is comprised of four elements: - Pie Chart – Displays top 20 file counts by file extension - Bar Chart – Displays top 5 file size by file extension - Table – Provides details on file counts by file extension - Table – Provides details on file size by file extension | +| Files by User | This report summarizes the Box content by user. | None | This report is comprised of four elements: - Bar Chart – Displays top 5 file count by user - Bar Chart – Displays top 5 file size by user - Table – Provides details on file count by user - Table – Provides details on file size by user | + +### Customize Analysis Tasks for the Box_FileMetrics Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| -------------------- | --------------------------- | ------------- | ------------------------------------ | +| File Metrics Details | @STALE_THRESHOLD | 30 | Consider content stale after 30 days | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on how to modify parameters. diff --git a/docs/accessanalyzer/12.0/solutions/box/content/box_foldermetrics.md b/docs/accessanalyzer/12.0/solutions/box/content/box_foldermetrics.md new file mode 100644 index 0000000000..5b09098d5c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/box/content/box_foldermetrics.md @@ -0,0 +1,50 @@ +# Box_FolderMetrics Job + +The Box_FolderMetrics Job offers insight into content sizing, staleness, and ownership of folders in +the Box environment. + +**NOTE:** The staleness threshold can be customized within the **Folder Metrics Details** analysis. +Largest and smallest folder size thresholds can be configured in a similar way on their respective +analysis tasks. + +## Analysis Tasks for the Box_FolderMetrics Job + +Navigate to **Box** > **2.Content** > **Box_FolderMetrics** > **Configure** node and select +**Analysis** to view analysis tasks. + +**CAUTION:** Most of these analysis tasks should never be modified and never be deselected. + +![Analysis Tasks for the Box_FolderMetrics Job](/img/product_docs/accessanalyzer/12.0/solutions/box/content/foldermetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- Folder Metrics Details – Creates the Box_FolderMetrics_Details table accessible under the job’s + Results node + - Set to consider content stale after 30 days which is the @STALETHRESHOLD parameter value + - See the + [Customizable Analysis Tasks for the Box_FolderMetrics Job](#customizable-analysis-tasks-for-the-box_foldermetrics-job) + topic for additional information. +- Largest Folders – Creates the Box_FolderMetrics_Largest table accessible under the job’s Results + node +- Smallest Non-Empty Folders – Creates the Box_FolderMetrics_Smallest table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the Box_FolderMetrics Job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Largest Folders | This report summarizes the Box content by folder size. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 largest folders - Table – Provides details on largest folders | +| Smallest Folders | This report summarizes the Box content by folder size. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 smallest folders with files - Table – Provides details on smallest folders with files - Table – Provides details on empty folders | + +### Customizable Analysis Tasks for the Box_FolderMetrics Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ---------------------- | --------------------------- | ------------- | ------------------------------------ | +| Folder Metrics Details | @STALE_THRESHOLD | 30 | Consider content stale after 30 days | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) topic +for instructions on how to modify parameters. diff --git a/docs/accessanalyzer/12.0/solutions/box/content/overview.md b/docs/accessanalyzer/12.0/solutions/box/content/overview.md index cd4159bf4f..78e84ff5c3 100644 --- a/docs/accessanalyzer/12.0/solutions/box/content/overview.md +++ b/docs/accessanalyzer/12.0/solutions/box/content/overview.md @@ -4,14 +4,14 @@ The 2.Content Job Group analyzes and summarizes the content of the targeted Box highlighting users with the most content as well as what type of content exists. This information can also be used to identify stale content that can be removed or archived to reduce risk. -![2.Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![2.Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/box/content/jobstree.webp) The 2.Content Job Group is comprised of: -- [Box_FileMetrics Job](/docs/accessanalyzer/12.0/solutions/box/content/box-filemetrics.md) – Offers insight into content sizing, staleness, and +- [Box_FileMetrics Job](/docs/accessanalyzer/12.0/solutions/box/content/box_filemetrics.md) – Offers insight into content sizing, staleness, and ownership of files in the Box environment. The staleness threshold can be customized within the **File Metrics Details** analysis. -- [Box_FolderMetrics Job](/docs/accessanalyzer/12.0/solutions/box/content/box-foldermetrics.md) – Offers insight into content sizing, staleness, and +- [Box_FolderMetrics Job](/docs/accessanalyzer/12.0/solutions/box/content/box_foldermetrics.md) – Offers insight into content sizing, staleness, and ownership of folders in the Box environment. The staleness threshold can be customized within the **Folder Metrics Details** analysis. Largest and smallest folder size thresholds can be configured in a similar way in their respective analysis tasks. diff --git a/docs/accessanalyzer/12.0/solutions/box/overview.md b/docs/accessanalyzer/12.0/solutions/box/overview.md index 71ea7a1b03..28b7bd1aee 100644 --- a/docs/accessanalyzer/12.0/solutions/box/overview.md +++ b/docs/accessanalyzer/12.0/solutions/box/overview.md @@ -10,7 +10,7 @@ Supported Platforms Requirements, Permissions, and Ports -See the [Target Box Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/box.md) topic +See the [Target Box Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/box.md) topic for additional information. Location @@ -19,7 +19,7 @@ The Box Solution requires a special Access Analyzer license. It can be installed Job Wizard. Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > **Box**. -![Box Solution in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Box Solution in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/box/jobstree.webp) The 0.Collection Job Group collects the data. The other job groups run analysis on the collected data and generate reports. @@ -29,7 +29,7 @@ data and generate reports. The Box solution contains jobs to highlight access, analyze content, and expand group membership in an organization's Box environment. -![Box Solution Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![Box Solution Overview page](/img/product_docs/accessanalyzer/12.0/solutions/box/overviewpage.webp) The Box Solution has the following job groups and jobs: @@ -41,8 +41,8 @@ The Box Solution has the following job groups and jobs: events within the Box environment - [2.Content Job Group](/docs/accessanalyzer/12.0/solutions/box/content/overview.md) – Analyzes and summarizes the content of the Box environment, highlighting users with the most content as well as what type of content exists -- [Box_Access Job](/docs/accessanalyzer/12.0/solutions/box/box-access.md) – Analyzes access granted to users and groups in an organization's +- [Box_Access Job](/docs/accessanalyzer/12.0/solutions/box/box_access.md) – Analyzes access granted to users and groups in an organization's Box environment in order to report on effective access rights, file-level permissions, and inactive access rights that can be revoked -- [Box_GroupMembership Job](/docs/accessanalyzer/12.0/solutions/box/box-groupmembership.md) – Expands group membership in an organization's +- [Box_GroupMembership Job](/docs/accessanalyzer/12.0/solutions/box/box_groupmembership.md) – Expands group membership in an organization's Box environment diff --git a/docs/accessanalyzer/12.0/solutions/box/recommended.md b/docs/accessanalyzer/12.0/solutions/box/recommended.md index f0d46648f3..1489a66a9d 100644 --- a/docs/accessanalyzer/12.0/solutions/box/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/box/recommended.md @@ -30,7 +30,7 @@ account with permission to **Run new reports and access existing reports** enabl needed to generate an authorization code in the form of an Access Token. This can be done through the query configuration either in the 1-Box_Access Scans Job’ Authentication wizard page or the 1-Box_Activity Scans Job’s Authentication wizard page of the Box Data Collector Wizard. See the -[Box Data Collector](/docs/accessanalyzer/12.0/data-collection/box/overview.md) topic for additional information. +[Box Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/box/overview.md) topic for additional information. Access Token @@ -60,8 +60,8 @@ can be modified: - The @STALETHRESHOLD parameter determines the number of days after which content is considered stale. It is set to default of 30 days. The @STALETHRESHOLD parameter can be customized in the following analysis tasks: - - 2.Content > Box_FileMetrics in the File Metrics Details analysis task - - 2.Content > Box_FolderMetrics Folder in the Metrics Details analysis task + - 2.Content > Box_FileMetrics in the File Metrics Details analysis task + - 2.Content > Box_FolderMetrics Folder in the Metrics Details analysis task Workflow diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/0-azuresql-instancediscovery.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/0-azuresql-instancediscovery.md deleted file mode 100644 index 908c33a039..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/0-azuresql-instancediscovery.md +++ /dev/null @@ -1,28 +0,0 @@ -# 0-AzureSQL_InstanceDiscovery Job - -The Azure SQL Instance Discovery job is responsible for enumerating a list of Azure SQL Server -Instances from target endpoints and populating the necessary instance connection information which -will be used throughout the solution set. - -## Queries for the 0-AzureSQL_InstanceDiscovery Job - -The 0-AzureSQL_InstanceDiscovery job uses the SQL Data Collector for the following query: - -![Query Selection - Instance Discovery](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/instancediscquery.webp) - -- Azure SQL Instance Discovery — Collects the list of Azure SQL Server Instances from target - endpoints and populates the necessary instance connection information - -## Analysis Tasks for the 0-AzureSQL_InstanceDiscovery Job - -Navigate to the **Databases** > **0.Collection** > **AzureSQL** > **0-AzureSQL_InstanceDiscovery** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/instancediscanalysis.webp) - -The default analysis tasks is: - -- SQL Instances — Brings SA_SQL_Instances table to view diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md new file mode 100644 index 0000000000..e266036cd0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md @@ -0,0 +1,28 @@ +# 0-AzureSQL_InstanceDiscovery Job + +The Azure SQL Instance Discovery job is responsible for enumerating a list of Azure SQL Server +Instances from target endpoints and populating the necessary instance connection information which +will be used throughout the solution set. + +## Queries for the 0-AzureSQL_InstanceDiscovery Job + +The 0-AzureSQL_InstanceDiscovery job uses the SQL Data Collector for the following query: + +![Query Selection - Instance Discovery](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/instancediscquery.webp) + +- Azure SQL Instance Discovery — Collects the list of Azure SQL Server Instances from target + endpoints and populates the necessary instance connection information + +## Analysis Tasks for the 0-AzureSQL_InstanceDiscovery Job + +Navigate to the **Databases** > **0.Collection** > **AzureSQL** > **0-AzureSQL_InstanceDiscovery** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/instancediscanalysis.webp) + +The default analysis tasks is: + +- SQL Instances — Brings SA_SQL_Instances table to view diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1-azuresql-permissionscan.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1-azuresql-permissionscan.md deleted file mode 100644 index bc1fedca43..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1-azuresql-permissionscan.md +++ /dev/null @@ -1,78 +0,0 @@ -# 1-AzureSQL_PermissionScan Job - -The 1–AzureSQL_PermissionScan Job is designed to collect Azure SQL instance and database level -permissions from all the targeted instances. - -## Queries for the 1–AzureSQL_PermissionsScan Job - -The 1–AzureSQL_PermissionsScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/permissionjob.webp) - -- PermissionScan — Collects permissions from the targeted instances - -### Configure the PermissionsScan Query - -The 1-AzureSQL_PermissionScan Job is preconfigured to run using the default settings within the -Permissions Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > AzureSQL > 1-AzureSQL_PermissionsScan > -Configure node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the PermissionsScan query and click on Query -Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this -job. - -![Filters](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp) - -**Step 4 –** To query for specific databases/instances, navigate to the -[SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) page. The default query target -is All databases. The default query scope is Only select database objects and click Retrieve. The -Available database objects will be populated. Databases and instances can be added in the following -ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Optionally, use the Add Custom Filter button to create and apply a custom filter. - -![Managed Connection Window](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/managedconnections.webp) - -**Step 5 –** To view all managed connections discovered during the 1-AzureSQL_PermissionScan Job -run, click Connections within the Filter page. This screen will list the following items retrieved -during the job run: - -- All databases discovered -- Any configurations made before the job run - -Select any of the discovered databases and click Test Connection to ensure the database has -connected properly. - -**Step 6 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 1-AzureSQL_PermissionsScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 1–AzureSQL_PermissionsScan Job - -Navigate to the Databases > 0.Collection > **AzureSQL** > 1-AzureSQL_PermissionsScan > Configure -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/jobanalysis.webp) - -The default analysis tasks are: - -- AIC Import – Hosts — Imports SQL Hosts to the AIC -- AIC Import – Instance Permissions Node — Imports a node for instance permission for each instance -- AIC Import – Databases — Imports each database in the SQL instances -- AIC Import – Permissions — Imports SQL Permission to the AIC -- AIC Import – Roles — Imports a Roles node into the AIC for Azure SQL Roles -- AIC Import – Database Role Permissions — Imports role Permission at the database level -- AIC Import – Local SQL Server — Imports Azure SQL local groups to the AIC -- AIC Import – Instance Role — Imports permissions assigned to roles at the instance level diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1-azuresql_permissionscan.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1-azuresql_permissionscan.md new file mode 100644 index 0000000000..755bebc2c5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1-azuresql_permissionscan.md @@ -0,0 +1,78 @@ +# 1-AzureSQL_PermissionScan Job + +The 1–AzureSQL_PermissionScan Job is designed to collect Azure SQL instance and database level +permissions from all the targeted instances. + +## Queries for the 1–AzureSQL_PermissionsScan Job + +The 1–AzureSQL_PermissionsScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/permissionjob.webp) + +- PermissionScan — Collects permissions from the targeted instances + +### Configure the PermissionsScan Query + +The 1-AzureSQL_PermissionScan Job is preconfigured to run using the default settings within the +Permissions Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > AzureSQL > 1-AzureSQL_PermissionsScan > +Configure node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the PermissionsScan query and click on Query +Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this +job. + +![Filters](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp) + +**Step 4 –** To query for specific databases/instances, navigate to the +[SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) page. The default query target +is All databases. The default query scope is Only select database objects and click Retrieve. The +Available database objects will be populated. Databases and instances can be added in the following +ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Optionally, use the Add Custom Filter button to create and apply a custom filter. + +![Managed Connection Window](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/managedconnections.webp) + +**Step 5 –** To view all managed connections discovered during the 1-AzureSQL_PermissionScan Job +run, click Connections within the Filter page. This screen will list the following items retrieved +during the job run: + +- All databases discovered +- Any configurations made before the job run + +Select any of the discovered databases and click Test Connection to ensure the database has +connected properly. + +**Step 6 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 1-AzureSQL_PermissionsScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 1–AzureSQL_PermissionsScan Job + +Navigate to the Databases > 0.Collection > **AzureSQL** > 1-AzureSQL_PermissionsScan > Configure +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/jobanalysis.webp) + +The default analysis tasks are: + +- AIC Import – Hosts — Imports SQL Hosts to the AIC +- AIC Import – Instance Permissions Node — Imports a node for instance permission for each instance +- AIC Import – Databases — Imports each database in the SQL instances +- AIC Import – Permissions — Imports SQL Permission to the AIC +- AIC Import – Roles — Imports a Roles node into the AIC for Azure SQL Roles +- AIC Import – Database Role Permissions — Imports role Permission at the database level +- AIC Import – Local SQL Server — Imports Azure SQL local groups to the AIC +- AIC Import – Instance Role — Imports permissions assigned to roles at the instance level diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/2-azuresql-sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/2-azuresql-sensitivedatascan.md deleted file mode 100644 index dbd1b2de39..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/2-azuresql-sensitivedatascan.md +++ /dev/null @@ -1,28 +0,0 @@ -# 2-AzureSQL_SensitiveDataScan Job - -The 2-AzureSQL_SensitiveDataScan Job is designed to discover sensitive data in the Azure SQL -instances and databases based on pre-defined or user-defined search criteria. - -## Queries for the 2–AzureSQL_SensitiveDataScan Job - -The 2–AzureSQL_SensitiveDataScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascanjob.webp) - -- Sensitive Data Scan — Collects sensitive data from targeted instances - -### Analysis Task for 2-AzureSQL_SensitiveDataScan Job - -Navigate to the **Databases** > **0.Collection** > **AzureSQL** > **2–AzureSQL_SensitiveDataScan** > -**Configure** node and select Analysis to view the analysis task. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp) - -The default analysis tasks are: - -- Azure SQL SSD Matches View — Brings the Azure SQL SSD Matches View to the SA console -- Azure SQL SSD Match Hits View — Brings the Azure SQL SSD Match Hits View to the SA Console -- AIC Impot SSD — Imports Azure SQL SSD to the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md new file mode 100644 index 0000000000..812b6165b7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md @@ -0,0 +1,28 @@ +# 2-AzureSQL_SensitiveDataScan Job + +The 2-AzureSQL_SensitiveDataScan Job is designed to discover sensitive data in the Azure SQL +instances and databases based on pre-defined or user-defined search criteria. + +## Queries for the 2–AzureSQL_SensitiveDataScan Job + +The 2–AzureSQL_SensitiveDataScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/sensitivedatascanjob.webp) + +- Sensitive Data Scan — Collects sensitive data from targeted instances + +### Analysis Task for 2-AzureSQL_SensitiveDataScan Job + +Navigate to the **Databases** > **0.Collection** > **AzureSQL** > **2–AzureSQL_SensitiveDataScan** > +**Configure** node and select Analysis to view the analysis task. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp) + +The default analysis tasks are: + +- Azure SQL SSD Matches View — Brings the Azure SQL SSD Matches View to the SA console +- Azure SQL SSD Match Hits View — Brings the Azure SQL SSD Match Hits View to the SA Console +- AIC Impot SSD — Imports Azure SQL SSD to the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/3-azuresql-activityscan.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/3-azuresql-activityscan.md deleted file mode 100644 index c45961ebb7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/3-azuresql-activityscan.md +++ /dev/null @@ -1,26 +0,0 @@ -# 3-AzureSQL_ActivityScan Job - -The 3–AzureSQL_ActivityScan job captures user activity from all targeted Azure SQL instances and -databases. - -## Queries for the 3–AzureSQL_ActivityScan Job - -The 3–AzureSQL_ActivityScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/activityscanjob.webp) - -- Activity — Collects activity events for Azure SQL - -## Analysis Task for the 3–AzureSQL_ActivityScan Job - -Navigate to the **Databases** > **0.Collection** > **Azure SQL** > -**3–AzureSQL_ActivityScan** > **Configure** node and select **Analysis** to view the analysis task. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![3-AzureSQL_ActivityScan Job - Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/activityscanjobanalysis.webp) - -The default analysis task is: - -- AIC Import – Activity — Imports Azure SQL Activity to the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/3-azuresql_activityscan.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/3-azuresql_activityscan.md new file mode 100644 index 0000000000..170ec5d8bf --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/3-azuresql_activityscan.md @@ -0,0 +1,26 @@ +# 3-AzureSQL_ActivityScan Job + +The 3–AzureSQL_ActivityScan job captures user activity from all targeted Azure SQL instances and +databases. + +## Queries for the 3–AzureSQL_ActivityScan Job + +The 3–AzureSQL_ActivityScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/activityscanjob.webp) + +- Activity — Collects activity events for Azure SQL + +## Analysis Task for the 3–AzureSQL_ActivityScan Job + +Navigate to the **Databases** > **0.Collection** > **Azure SQL** > +**3–AzureSQL_ActivityScan** > **Configure** node and select **Analysis** to view the analysis task. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![3-AzureSQL_ActivityScan Job - Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/activityscanjobanalysis.webp) + +The default analysis task is: + +- AIC Import – Activity — Imports Azure SQL Activity to the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/4-azuresql-serversettings.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/4-azuresql-serversettings.md deleted file mode 100644 index c2b280c064..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/4-azuresql-serversettings.md +++ /dev/null @@ -1,33 +0,0 @@ -# 4-AzureSQL_ServerSettings Job - -The 4–AzureSQL_ServerSettings Job is designed to collect Azure SQL instance and database -configuration settings so they can be evaluated against recommended best practices. - -## Queries for the 4–AzureSQL_ServerSettings Job - -The 4–AzureSQL_ServerSettings Job uses the SQL Data Collector for the following query: - -![0.Collection_4–AzureSQL_ServerSettings Job - Query Selection](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/serversettings.webp) - -- Database Sizing— Returns details on database sizing -- Server Details — Collects Azure SQL Server properties -- Configuration Details— Collects database configuration properties -- Table Row Counts— Returns Azure SQL table row counts for additional data points in the sensitive - data reports -- Standalone Database Sizing— Returns the size of Azure standalone databases - -## Analysis Tasks for the 4–AzureSQL_ServerSettings Job - -Navigate to the **Databases** > **0.Collection** > **Azure SQL** > -**4–AzureSQL_ServerSettings** > **Configure** node and select **Analysis** to view the analysis -task. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/serversettingsanalysis.webp) - -The default analysis tasks are: - -- Update Database Sizing — Updates the database sizing table with the data from the standalone - database sizing table diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/4-azuresql_serversettings.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/4-azuresql_serversettings.md new file mode 100644 index 0000000000..3505759aee --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/4-azuresql_serversettings.md @@ -0,0 +1,33 @@ +# 4-AzureSQL_ServerSettings Job + +The 4–AzureSQL_ServerSettings Job is designed to collect Azure SQL instance and database +configuration settings so they can be evaluated against recommended best practices. + +## Queries for the 4–AzureSQL_ServerSettings Job + +The 4–AzureSQL_ServerSettings Job uses the SQL Data Collector for the following query: + +![0.Collection_4–AzureSQL_ServerSettings Job - Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/serversettings.webp) + +- Database Sizing— Returns details on database sizing +- Server Details — Collects Azure SQL Server properties +- Configuration Details— Collects database configuration properties +- Table Row Counts— Returns Azure SQL table row counts for additional data points in the sensitive + data reports +- Standalone Database Sizing— Returns the size of Azure standalone databases + +## Analysis Tasks for the 4–AzureSQL_ServerSettings Job + +Navigate to the **Databases** > **0.Collection** > **Azure SQL** > +**4–AzureSQL_ServerSettings** > **Configure** node and select **Analysis** to view the analysis +task. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/serversettingsanalysis.webp) + +The default analysis tasks are: + +- Update Database Sizing — Updates the database sizing table with the data from the standalone + database sizing table diff --git a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/overview.md b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/overview.md index ea25583839..6904f3c5b7 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/overview.md @@ -4,31 +4,31 @@ The 0.Collection Job Group, located at **Databases** > **0.Collection** > **Azur high–level summary information from targeted Azure SQL Instances. This information is used by other jobs in the Azure SQL solution further analysis and for producing respective reports. -![0.Collection Job Group - Azure SQL](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/collectionjobmenu.webp) +![0.Collection Job Group - Azure SQL](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/collectionjobmenu.webp) The jobs in 0.Collection Jobs Group are: - 0-AzureSQL_InstanceDiscovery Job — Enumerates a list of Azure SQL Server Instances from target endpoints and populates the necessary instance connection information which is used throughout the solution set -- [1-AzureSQL_PermissionScan Job](/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1-azuresql-permissionscan.md) — Collects Azure SQL database level +- [1-AzureSQL_PermissionScan Job](/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1-azuresql_permissionscan.md) — Collects Azure SQL database level permissions from all targeted Azure SQL database servers -- [2-AzureSQL_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/2-azuresql-sensitivedatascan.md) — Discovers sensitive data in +- [2-AzureSQL_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/2-azuresql_sensitivedatascan.md) — Discovers sensitive data in Azure SQL databases across all targeted Azure SQL database servers based on pre-defined or user-defined search criteria -- [3-AzureSQL_ActivityScan Job](/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/3-azuresql-activityscan.md) — Captures user activity from all +- [3-AzureSQL_ActivityScan Job](/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/3-azuresql_activityscan.md) — Captures user activity from all targeted Azure SQL instances and databases -- [4-AzureSQL_ServerSettings Job](/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/4-azuresql-serversettings.md) — Collects Azure SQL instances and +- [4-AzureSQL_ServerSettings Job](/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/4-azuresql_serversettings.md) — Collects Azure SQL instances and database configuration settings to evaluate them against recommended best practices Workflow 1. Prerequisite: - 1. Successful execution of the .Active Directory Inventory Job Group - 2. For the 1-AzureSQL_PermissionScan Job, configure SQL Server Audit and SQL Server Audit - Specifications on target SQL Server Databases. + 1. Successful execution of the .Active Directory Inventory Job Group + 2. For the 1-AzureSQL_PermissionScan Job, configure SQL Server Audit and SQL Server Audit + Specifications on target SQL Server Databases. 2. (Optional) Configure the queries for the jobs in the 0.Collection Job Group 3. Schedule the 0.Collection Job Group to run daily or as desired - **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the - Azure SQL solution + **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the + Azure SQL solution diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-configuration.md b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-configuration.md deleted file mode 100644 index 6ae1d3bf04..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-configuration.md +++ /dev/null @@ -1,25 +0,0 @@ -# 3-Db2_Configuration Job - -This job collects Db2 database configuration settings for use in the following analysis jobs and -respective reports. - -## Queries for the 3-Db2_Configuration Job - -The 3-Db2_Configuration Job uses the SQL Data Collector for queries. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/configurationquery.webp) - -The query is: - -- Database Sizing — Returns the database size for the Db2 databases - -## Recommended Configuration for the Configuration Query - -Prior to running an Db2 0.Collection query, you must establish a connection to the appropriate IBM -Db2 server. As long as that connection is set up first, it is recommended that no configuration -changes be made to the 0.Collection jobs before they run. - -It is also recommended that the connection only be established for the 1-Db2 SensitiveDataScan Job. -Once the connection is established, it applies to all jobs in the 0.Collection job group. It does -not apply to any other job groups. For additional information on establishing a database connection, -see [1-Db2_SensitiveDataScan](/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-sensitivedatascan.md). diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-permissionscan.md b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-permissionscan.md deleted file mode 100644 index 76ee0d6d51..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-permissionscan.md +++ /dev/null @@ -1,43 +0,0 @@ -# 2-Db2_PermissionScan Job - -This job collects Db2 database level permissions from all the targeted Db2 database servers. - -## Queries for the 2-Db2_PermissionScan Job - -The 2-Db2_PermissionScan Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/db2/collection/permissionsscanquery.webp) - -The query is: - -- Db2 Permission — Scan Db2 databases for permissions - -## Recommended Configuration for the Db2 Permission Query - -Prior to running an Db2 0.Collection query, you must establish a connection to the appropriate IBM -Db2 server. As long as that connection is set up first, it is recommended that no configuration -changes be made to the 0.Collection jobs before they run. - -It is also recommended that the connection only be established for the 1-Db2 SensitiveDataScan Job. -Once the connection is established, it applies to all jobs in the 0.Collection job group. It does -not apply to any other job groups. For additional information on establishing a database connection, -see [1-Db2_SensitiveDataScan](/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-sensitivedatascan.md). - -## Analysis Tasks for the 2-Db2_PermissionScan Job - -Navigate to the **Databases** > **0.Collection** > **Db2** > **2-Db2_PermissionScan** > -**Configure** node and select Analysis to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/db2/collection/permissionsscananalysis.webp) - -The default analysis tasks are: - -- Update Instance Name — Updates the instance name with a port if there are multiple instances in a - single host -- AIC Permissions Import — Imports Db2 permissions to the AIC -- AIC Roles Import — Imports roles to the AIC for Db2 diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-sensitivedatascan.md deleted file mode 100644 index 3808323176..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-sensitivedatascan.md +++ /dev/null @@ -1,119 +0,0 @@ -# 1-Db2_SensitiveDataScan - -This job discovers sensitive data in the Db2 databases across all the targeted Db2 database servers -based on pre-defined or user-defined criteria. - -## Queries for the 1-Db2_Sensitive Data Scan Job - -The 1-Db2 Sensitive Data Job uses the SQL Data Collector for the following queries. - -![sensitivedatascanquery](/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatascanquery.webp) - -The query is: - -- Db2 SensitiveData – Scans Db2 databases for sensitive data - -## Recommended Configuration for the SensitiveDataScan Query - -It is only necessary to set up the connection for the 1-Db2 SensitiveDataScan Job. Once the -connection is established, custom configurations apply to all other job queries within the -0.Collection job group. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the Databases > 0.Collection > Db2 > 1-Db2_SensitiveDataScan > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, select the SensitiveDataScan query click on Query -Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens -with Sensitive Data Collection category selected. - -![Category page](/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatacategory.webp) - -**Step 4 –** Click **Next**. The Sensitive Data Scan Settings view appears. - -![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatajoboptions.webp) - -**Step 5 –** To modify sensitive data scan options, select the desired scan options. See the -[SQL: Options](/docs/accessanalyzer/12.0/data-collection/sql/options.md) page for additional information. - -**CAUTION:** The Sensitive Data Scan Settings are preconfigured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -**Step 6 –** Click **Next**. The Select Criteria view appears. - -![Select Criteria](/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatacriteria.webp) - -**Step 7 –** To modify criteria, click on **Use the following selected criteria:** and select your -choices. By default, the Sensitive Data Scan job is set to **Use Global Criteria**. - -**NOTE:** For more information on adding or deleting criteria, navigate to the -[SQL: Criteria](/docs/accessanalyzer/12.0/data-collection/sql/criteria.md) page or See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) -topic for additional information. - -**Step 8 –** Click **Next**. The Filters view appears. - -![Filters](/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatafilter.webp) - -**Step 9 –** Click **Connections** to open the Manage Connections window. - -**NOTE:** SQL databases must be added to the query before they can be scanned. Before you can add a -query, you must establish a connection to the database. - -![Manage Connections](/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedataconnection.webp) - -**Step 10 –** In the Manage Connections window, enter the following information: - -- Instance Label — Custom name of the instance -- Database System — A drop down containing all available database servers. Select the Db2LUW server - to configure Db2 queries. -- Service Name — Custom name of the service -- Host — Name or IP address of the host where the database is located. Host list is IBM DB2 -- Port Number — Port number for the selected database -- Default Database — Default Database - -**Step 11 –** After completing the above information fields, click **Test Connection** to validate -the new connection. Once validated, click **Create New Connection** to finalize the connection. - -**Step 12 –** Navigate to the Filter page. Select Only select database objects or **All database -objects**. Collection queries are configured by default to target Only select database objects. - -**NOTE:** For more information on filtering, see the -[SQL: Filter](/docs/accessanalyzer/12.0/data-collection/sql/filter.md) page. - -**Step 13 –** Click Retrieve. The Available database objects box will populate. - -**Step 14 –** Add the Databases and instances to be audited. Databases and instances can be added in -the following ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Optionally use the Add Custom Filter button to create and apply a custom filter. - -Selected database objects to be audited will display. - -**Step 15 –** Click **Next** and navigate to the Summary page, click Finish to save any setting -modifications or click Cancel if no changes were made. Then click OK to close the Query Properties -window. - -The 1-Db2_SensitsveDataScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 1-Db2_SensitiveDataScan Job - -Navigate to the **Databases** > **0.Collection** > **Db2** > **1-Db2_SensitiveDataScan** > -**Configure** node and select **Analysis** to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp) - -The default analysis tasks are: - -- Update Instance Name — Updates the instance name with a port if there are multiple instances in a - single host -- Db2 Matches — Brings the Db2 SDD Matches View to the Access Analyzer console -- Db2 Match Hits — Brings the Db2 Match Hits View to the Access Analyzer console -- AIC Sensitive Data Import — Db2 Match Imports discovered Db2 sensitive data to the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_configuration.md b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_configuration.md new file mode 100644 index 0000000000..8791bac045 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_configuration.md @@ -0,0 +1,25 @@ +# 3-Db2_Configuration Job + +This job collects Db2 database configuration settings for use in the following analysis jobs and +respective reports. + +## Queries for the 3-Db2_Configuration Job + +The 3-Db2_Configuration Job uses the SQL Data Collector for queries. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/configurationquery.webp) + +The query is: + +- Database Sizing — Returns the database size for the Db2 databases + +## Recommended Configuration for the Configuration Query + +Prior to running an Db2 0.Collection query, you must establish a connection to the appropriate IBM +Db2 server. As long as that connection is set up first, it is recommended that no configuration +changes be made to the 0.Collection jobs before they run. + +It is also recommended that the connection only be established for the 1-Db2 SensitiveDataScan Job. +Once the connection is established, it applies to all jobs in the 0.Collection job group. It does +not apply to any other job groups. For additional information on establishing a database connection, +see [1-Db2_SensitiveDataScan](/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_sensitivedatascan.md). diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_permissionscan.md b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_permissionscan.md new file mode 100644 index 0000000000..358935eec6 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_permissionscan.md @@ -0,0 +1,43 @@ +# 2-Db2_PermissionScan Job + +This job collects Db2 database level permissions from all the targeted Db2 database servers. + +## Queries for the 2-Db2_PermissionScan Job + +The 2-Db2_PermissionScan Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/permissionsscanquery.webp) + +The query is: + +- Db2 Permission — Scan Db2 databases for permissions + +## Recommended Configuration for the Db2 Permission Query + +Prior to running an Db2 0.Collection query, you must establish a connection to the appropriate IBM +Db2 server. As long as that connection is set up first, it is recommended that no configuration +changes be made to the 0.Collection jobs before they run. + +It is also recommended that the connection only be established for the 1-Db2 SensitiveDataScan Job. +Once the connection is established, it applies to all jobs in the 0.Collection job group. It does +not apply to any other job groups. For additional information on establishing a database connection, +see [1-Db2_SensitiveDataScan](/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_sensitivedatascan.md). + +## Analysis Tasks for the 2-Db2_PermissionScan Job + +Navigate to the **Databases** > **0.Collection** > **Db2** > **2-Db2_PermissionScan** > +**Configure** node and select Analysis to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/permissionsscananalysis.webp) + +The default analysis tasks are: + +- Update Instance Name — Updates the instance name with a port if there are multiple instances in a + single host +- AIC Permissions Import — Imports Db2 permissions to the AIC +- AIC Roles Import — Imports roles to the AIC for Db2 diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_sensitivedatascan.md new file mode 100644 index 0000000000..3aebfc65c5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_sensitivedatascan.md @@ -0,0 +1,119 @@ +# 1-Db2_SensitiveDataScan + +This job discovers sensitive data in the Db2 databases across all the targeted Db2 database servers +based on pre-defined or user-defined criteria. + +## Queries for the 1-Db2_Sensitive Data Scan Job + +The 1-Db2 Sensitive Data Job uses the SQL Data Collector for the following queries. + +![sensitivedatascanquery](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatascanquery.webp) + +The query is: + +- Db2 SensitiveData – Scans Db2 databases for sensitive data + +## Recommended Configuration for the SensitiveDataScan Query + +It is only necessary to set up the connection for the 1-Db2 SensitiveDataScan Job. Once the +connection is established, custom configurations apply to all other job queries within the +0.Collection job group. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the Databases > 0.Collection > Db2 > 1-Db2_SensitiveDataScan > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, select the SensitiveDataScan query click on Query +Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens +with Sensitive Data Collection category selected. + +![Category page](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatacategory.webp) + +**Step 4 –** Click **Next**. The Sensitive Data Scan Settings view appears. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatajoboptions.webp) + +**Step 5 –** To modify sensitive data scan options, select the desired scan options. See the +[SQL: Options](/docs/accessanalyzer/12.0/admin/datacollector/sql/options.md) page for additional information. + +**CAUTION:** The Sensitive Data Scan Settings are preconfigured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +**Step 6 –** Click **Next**. The Select Criteria view appears. + +![Select Criteria](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatacriteria.webp) + +**Step 7 –** To modify criteria, click on **Use the following selected criteria:** and select your +choices. By default, the Sensitive Data Scan job is set to **Use Global Criteria**. + +**NOTE:** For more information on adding or deleting criteria, navigate to the +[SQL: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.md) page or See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +**Step 8 –** Click **Next**. The Filters view appears. + +![Filters](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatafilter.webp) + +**Step 9 –** Click **Connections** to open the Manage Connections window. + +**NOTE:** SQL databases must be added to the query before they can be scanned. Before you can add a +query, you must establish a connection to the database. + +![Manage Connections](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedataconnection.webp) + +**Step 10 –** In the Manage Connections window, enter the following information: + +- Instance Label — Custom name of the instance +- Database System — A drop down containing all available database servers. Select the Db2LUW server + to configure Db2 queries. +- Service Name — Custom name of the service +- Host — Name or IP address of the host where the database is located. Host list is IBM DB2 +- Port Number — Port number for the selected database +- Default Database — Default Database + +**Step 11 –** After completing the above information fields, click **Test Connection** to validate +the new connection. Once validated, click **Create New Connection** to finalize the connection. + +**Step 12 –** Navigate to the Filter page. Select Only select database objects or **All database +objects**. Collection queries are configured by default to target Only select database objects. + +**NOTE:** For more information on filtering, see the +[SQL: Filter](/docs/accessanalyzer/12.0/admin/datacollector/sql/filter.md) page. + +**Step 13 –** Click Retrieve. The Available database objects box will populate. + +**Step 14 –** Add the Databases and instances to be audited. Databases and instances can be added in +the following ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Optionally use the Add Custom Filter button to create and apply a custom filter. + +Selected database objects to be audited will display. + +**Step 15 –** Click **Next** and navigate to the Summary page, click Finish to save any setting +modifications or click Cancel if no changes were made. Then click OK to close the Query Properties +window. + +The 1-Db2_SensitsveDataScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 1-Db2_SensitiveDataScan Job + +Navigate to the **Databases** > **0.Collection** > **Db2** > **1-Db2_SensitiveDataScan** > +**Configure** node and select **Analysis** to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatascananalysis.webp) + +The default analysis tasks are: + +- Update Instance Name — Updates the instance name with a port if there are multiple instances in a + single host +- Db2 Matches — Brings the Db2 SDD Matches View to the Access Analyzer console +- Db2 Match Hits — Brings the Db2 Match Hits View to the Access Analyzer console +- AIC Sensitive Data Import — Db2 Match Imports discovered Db2 sensitive data to the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/overview.md b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/overview.md index beeb9a555d..638965bffb 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/collection/overview.md @@ -4,14 +4,14 @@ The Db2 Solution Set Collection Group collects high level summary information fr Database Servers. Other jobs in the Db2 Solution Set use this information for further analysis and for producing respective reports. -![jobstree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![jobstree](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/jobstree.webp) The jobs in the 0.Collection Job Group are: -- [1-Db2_SensitiveDataScan](/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-sensitivedatascan.md) — Discovers sensitive data in the Db2 +- [1-Db2_SensitiveDataScan](/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_sensitivedatascan.md) — Discovers sensitive data in the Db2 databases across all the targeted Db2 database servers based on pre-defined or user-defined search criteria -- [2-Db2_PermissionScan Job](/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-permissionscan.md) — Collects Db2 database level permissions from +- [2-Db2_PermissionScan Job](/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_permissionscan.md) — Collects Db2 database level permissions from all the targeted Db2 database servers -- [3-Db2_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2-configuration.md)— Collects Db2 database configuration settings for +- [3-Db2_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/db2/collection/db2_configuration.md)— Collects Db2 database configuration settings for use in the following analysis jobs and respective reports diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/db2-databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/db2/db2-databasesizing.md deleted file mode 100644 index 8c27bf20cc..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/db2-databasesizing.md +++ /dev/null @@ -1,31 +0,0 @@ -# Configuration > Db2_DatabaseSizing Job - -The Db2_DatabaseSizing job provides details on overall database sizes. - -![Configuration > Db2_DatabaseSizing Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/databases/db2/configurationjobstree.webp) - -This job is located in the Configuration job group. - -## Analysis Tasks for the Db2_DatabaseSizing Job - -Navigate to the **Jobs** > **Databases** > **Db2** > **Configuration** > **Db2_DatabaseSizing** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Db2_DatabaseSizing Job](/img/product_docs/accessanalyzer/solutions/databases/db2/databasesizinganalysis.webp) - -The default analysis tasks are: - -- Database Sizing – Returns size details for Db2 databases -- Database Summary – Summarizes Db2 database size by host - -## Report for the Db2_DatabaseSizing Job - -In addition to the tables and views created the analysis task, the Db2_DatabaseSizing job produces -the following preconfigured report. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | Provides details on database tables and sizing | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays top hosts by size (GB) - Table – Displays details on database sizing | diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/db2_databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/db2/db2_databasesizing.md new file mode 100644 index 0000000000..bf51632d2c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/db2_databasesizing.md @@ -0,0 +1,31 @@ +# Configuration > Db2_DatabaseSizing Job + +The Db2_DatabaseSizing job provides details on overall database sizes. + +![Configuration > Db2_DatabaseSizing Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/configurationjobstree.webp) + +This job is located in the Configuration job group. + +## Analysis Tasks for the Db2_DatabaseSizing Job + +Navigate to the **Jobs** > **Databases** > **Db2** > **Configuration** > **Db2_DatabaseSizing** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Db2_DatabaseSizing Job](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/databasesizinganalysis.webp) + +The default analysis tasks are: + +- Database Sizing – Returns size details for Db2 databases +- Database Summary – Summarizes Db2 database size by host + +## Report for the Db2_DatabaseSizing Job + +In addition to the tables and views created the analysis task, the Db2_DatabaseSizing job produces +the following preconfigured report. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | Provides details on database tables and sizing | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays top hosts by size (GB) - Table – Displays details on database sizing | diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/overview.md b/docs/accessanalyzer/12.0/solutions/databases/db2/overview.md index 684160a2db..965a05d567 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/overview.md @@ -11,7 +11,7 @@ Supported Platforms Requirements, Permissions, and Ports See the -[Target Db2 Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-db2.md) topic +[Target Db2 Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databasedb2.md) topic for additional information. Sensitive Data Discovery Considerations @@ -45,7 +45,7 @@ The Access Analyzer Db2 Solution is a comprehensive set of preconfigured audit j provide visibility into various aspects of a Db2 Databases: Sensitive Data Discovery and Objects Permissions. -![Db2 Overview](/img/product_docs/threatprevention/threatprevention/siemdashboard/qradar/dashboard/overview.webp) +![Db2 Overview](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/overview.webp) The following comprises the Db2 solution: @@ -53,7 +53,7 @@ The following comprises the Db2 solution: targeted Db2 Servers. This information is used by other jobs in the Db2 Solution Set for further analysis and producing respective report. -- [Configuration > Db2_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/db2/db2-databasesizing.md) — Provides insight into Db2 server +- [Configuration > Db2_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/db2/db2_databasesizing.md) — Provides insight into Db2 server configuration settings - [Permissions Job Group](/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/overview.md)— Provides insight into all types of permissions diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2-directpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2-directpermissions.md deleted file mode 100644 index 0ab3227187..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2-directpermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# Db2_DirectPermissions Job - -This job provides insight into direct user and role permissions to all the database objects in the -targeted Db2 database servers. - -## Analysis Tasks for the Db2_DirectPermissions Job - -Navigate to the **Jobs** > **Databases** > **Db2** > **Permissions** > **Db2_DirectPermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Db2_DirectPermissions Job](/img/product_docs/accessanalyzer/solutions/databases/db2/permissions/directpermissionsanalysis.webp) - -The default analysis tasks are: - -- Direct Permissions – Highlights permissions directly assigned to Db2 objects -- Database Summary – Summarizes Db2 direct permissions by database - -## Report for the Db2_DirectPermissions Job - -In addition to the tables and views created the analysis task, the Db2_DirectPermissions job -produces the following preconfigured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Direct Permissions | This report shows details on the direct permissions in the audited Db2 environment. | None | This report is comprised of three elements: - Bar Chart – Displays Database Summary - Table – Displays Database Summary - Table – Displays permissions details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2-effectivepermissions.md b/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2-effectivepermissions.md deleted file mode 100644 index 9b743ecf76..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2-effectivepermissions.md +++ /dev/null @@ -1,29 +0,0 @@ -# Db2_EffectivePermissions Job - -This job provides insight into effective user and role permissions to all the database objects in -the targeted Db2 database servers. - -## Analysis Tasks for the Db2 \_EffectivePermissions Job - -Navigate to the **Jobs** > **Databases** > **Db2** > **Permissions** > -**Db2_EffectivePermissions** > **Configure** node and select **Analysis** to view the Analysis -Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Db2 _EffectivePermissions Job](/img/product_docs/accessanalyzer/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp) - -The default analysis tasks are: - -- Effective Permissions – Uses role membership to display effective permissions on Db2 objects -- Database Summary – Summarizes effective permissions by Db2 database - -## Report for the Db2_Effective Job - -In addition to the tables and views created the analysis task, the Db2_EffectivePermissions job -produces the following preconfigured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Effective Permissions | This report shows details on effective permissions in the audited Db2 environment. | None | This report is comprised of three elements: - Bar Chart – Displays Database Summary - Table – Displays Database Summary - Table – Displays permissions details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2_directpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2_directpermissions.md new file mode 100644 index 0000000000..56c13a8737 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2_directpermissions.md @@ -0,0 +1,28 @@ +# Db2_DirectPermissions Job + +This job provides insight into direct user and role permissions to all the database objects in the +targeted Db2 database servers. + +## Analysis Tasks for the Db2_DirectPermissions Job + +Navigate to the **Jobs** > **Databases** > **Db2** > **Permissions** > **Db2_DirectPermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Db2_DirectPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/permissions/directpermissionsanalysis.webp) + +The default analysis tasks are: + +- Direct Permissions – Highlights permissions directly assigned to Db2 objects +- Database Summary – Summarizes Db2 direct permissions by database + +## Report for the Db2_DirectPermissions Job + +In addition to the tables and views created the analysis task, the Db2_DirectPermissions job +produces the following preconfigured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Direct Permissions | This report shows details on the direct permissions in the audited Db2 environment. | None | This report is comprised of three elements: - Bar Chart – Displays Database Summary - Table – Displays Database Summary - Table – Displays permissions details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2_effectivepermissions.md b/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2_effectivepermissions.md new file mode 100644 index 0000000000..c7e3640356 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2_effectivepermissions.md @@ -0,0 +1,29 @@ +# Db2_EffectivePermissions Job + +This job provides insight into effective user and role permissions to all the database objects in +the targeted Db2 database servers. + +## Analysis Tasks for the Db2 \_EffectivePermissions Job + +Navigate to the **Jobs** > **Databases** > **Db2** > **Permissions** > +**Db2_EffectivePermissions** > **Configure** node and select **Analysis** to view the Analysis +Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Db2 _EffectivePermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp) + +The default analysis tasks are: + +- Effective Permissions – Uses role membership to display effective permissions on Db2 objects +- Database Summary – Summarizes effective permissions by Db2 database + +## Report for the Db2_Effective Job + +In addition to the tables and views created the analysis task, the Db2_EffectivePermissions job +produces the following preconfigured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Effective Permissions | This report shows details on effective permissions in the audited Db2 environment. | None | This report is comprised of three elements: - Bar Chart – Displays Database Summary - Table – Displays Database Summary - Table – Displays permissions details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/overview.md b/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/overview.md index 613bc2fc32..67ad17312b 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/overview.md @@ -3,11 +3,11 @@ This job group provides insight into all types of permissions at the database and object level across all the targeted Db2 database servers. -![Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/databases/db2/permissions/permissionsjobstree.webp) +![Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/permissions/permissionsjobstree.webp) The jobs in the Permission job group are: -- [Db2_DirectPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2-directpermissions.md) – Provides insight into direct user and role +- [Db2_DirectPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2_directpermissions.md) – Provides insight into direct user and role permissions to all the database objects in the targeted Db2 database servers -- [Db2_EffectivePermissions Job](/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2-effectivepermissions.md) – Provides insight into effective user +- [Db2_EffectivePermissions Job](/docs/accessanalyzer/12.0/solutions/databases/db2/permissions/db2_effectivepermissions.md) – Provides insight into effective user and role permissions to all the database objects in the targeted Db2 database servers diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/recommended.md b/docs/accessanalyzer/12.0/solutions/databases/db2/recommended.md index 83213686ea..42254b63a2 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/recommended.md @@ -10,17 +10,17 @@ Dependencies - Successful installation of the IBM Data Server Client. In addition, the following clients and drivers must be installed: - - IBM Data Server Driver Package (DS Driver) - - IBM Data Server Driver for JDBC and SQLJ (JCC Driver) - - IBM Data Server Driver for ODBC and CLI (CLI Driver) - - IBM Data Server Runtime Client - - IBM Data Server Client - - IBM Database Add-Ins for Visual Studio - - IBM .NET Driver NuGet - - **NOTE:** All necessary clients and drivers can be found on IBM Support's - [Download initial version 11.5 clients and drivers](https://www.ibm.com/support/pages/download-initial-version-115-clients-and-drivers) - page. + - IBM Data Server Driver Package (DS Driver) + - IBM Data Server Driver for JDBC and SQLJ (JCC Driver) + - IBM Data Server Driver for ODBC and CLI (CLI Driver) + - IBM Data Server Runtime Client + - IBM Data Server Client + - IBM Database Add-Ins for Visual Studio + - IBM .NET Driver NuGet + + **NOTE:** All necessary clients and drivers can be found on IBM Support's + [Download initial version 11.5 clients and drivers](https://www.ibm.com/support/pages/download-initial-version-115-clients-and-drivers) + page. - .Instance Discovery Job Group run successfully @@ -38,7 +38,7 @@ The SQL Data Collector requires a specific set of permissions. See the Permissio necessary permissions. The account used can be either an Active Directory account or a SQL account. Once the account has been provisioned, create a custom Connection Profile containing the credentials for the targeted environment. See the -[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/12.0/data-collection/sql/configure-job.md) +[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/12.0/admin/datacollector/sql/configurejob.md) topic for additional information. The Connection Profile should be assigned under the Databases > 0.Collection > Db2 > Settings > @@ -47,7 +47,7 @@ However, since this may not be the Connection Profile with the necessary permiss assigned hosts, click the radio button for the Select one of the following user defined profiles option and select the appropriate Connection Profile drop-down menu. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2-sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2-sensitivedata.md deleted file mode 100644 index 602b38be15..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2-sensitivedata.md +++ /dev/null @@ -1,30 +0,0 @@ -# Db2_SensitiveData Job - -This job provides information on all the sensitive data that was discovered in the targeted Db2 -database servers based on the selection scan criteria. - -## Analysis Tasks for the Db2 \_SensitiveData Job - -Navigate to the **Jobs** > **Databases** > **Db2** > **Sensitive Data** > **Db2_Sensitive Data** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Db2 _SensitiveData Job](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) - -The default analysis tasks are: - -- Sensitive Data Details – Provides details on sensitive data in Db2 databases -- Database Summary – Summarizes Db2 sensitive data by database -- Enterprise Summary – Summarizes all discovered sensitive data by category - -## Reports for the Db2_SensitiveData Job - -In addition to the tables and views created the analysis task, the Db2_SensitiveData job produces -the following preconfigured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | Sensitive Data | This report is comprised of two elements: - Bar Chart – Displays Exceptions by March Count - Table – Displays data details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart – Displays Top Databases by Sensitive Data Hits - Table – Displays Top Databases by Sensitive Data Hits - Table – Displays data details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2-sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2-sensitivedatapermissions.md deleted file mode 100644 index 19d1c1d686..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2-sensitivedatapermissions.md +++ /dev/null @@ -1,30 +0,0 @@ -# Db2_SensitiveDataPermissions Job - -This job provides all types of permissions on database objects containing sensitive data across all -the targeted Db2 database servers. - -## Analysis Tasks for the Db2_SensitiveDataPermissions Job - -Navigate to the **Jobs** > **Databases** > **Db2** > **Sensitive Data** > -**Db2_SensitiveDataPermissions** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Db2_SensitiveDataPermissions Job](/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp) - -The default analysis tasks are: - -- Sensitive Data Permissions – Provides details on which users have permissions on discovered Db2 - Sensitive Data -- Sensitive Data Permissions Database Summary – Summarizes sensitive data permissions by database - -## Report for the Db2_SensitiveDataPermissions Job - -In addition to the tables and views created the analysis task, the Db2_SensitiveDataPermissions job -has the following preconfigured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Top Databases by Permission Count - Table – Displays Database Sensitive Data Permissions Summary - Table – Displays data details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2_sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2_sensitivedata.md new file mode 100644 index 0000000000..a8d295f66e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2_sensitivedata.md @@ -0,0 +1,30 @@ +# Db2_SensitiveData Job + +This job provides information on all the sensitive data that was discovered in the targeted Db2 +database servers based on the selection scan criteria. + +## Analysis Tasks for the Db2 \_SensitiveData Job + +Navigate to the **Jobs** > **Databases** > **Db2** > **Sensitive Data** > **Db2_Sensitive Data** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Db2 _SensitiveData Job](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/sensitivedataanalysis.webp) + +The default analysis tasks are: + +- Sensitive Data Details – Provides details on sensitive data in Db2 databases +- Database Summary – Summarizes Db2 sensitive data by database +- Enterprise Summary – Summarizes all discovered sensitive data by category + +## Reports for the Db2_SensitiveData Job + +In addition to the tables and views created the analysis task, the Db2_SensitiveData job produces +the following preconfigured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | Sensitive Data | This report is comprised of two elements: - Bar Chart – Displays Exceptions by March Count - Table – Displays data details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart – Displays Top Databases by Sensitive Data Hits - Table – Displays Top Databases by Sensitive Data Hits - Table – Displays data details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2_sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2_sensitivedatapermissions.md new file mode 100644 index 0000000000..21fe669ec4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2_sensitivedatapermissions.md @@ -0,0 +1,30 @@ +# Db2_SensitiveDataPermissions Job + +This job provides all types of permissions on database objects containing sensitive data across all +the targeted Db2 database servers. + +## Analysis Tasks for the Db2_SensitiveDataPermissions Job + +Navigate to the **Jobs** > **Databases** > **Db2** > **Sensitive Data** > +**Db2_SensitiveDataPermissions** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Db2_SensitiveDataPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp) + +The default analysis tasks are: + +- Sensitive Data Permissions – Provides details on which users have permissions on discovered Db2 + Sensitive Data +- Sensitive Data Permissions Database Summary – Summarizes sensitive data permissions by database + +## Report for the Db2_SensitiveDataPermissions Job + +In addition to the tables and views created the analysis task, the Db2_SensitiveDataPermissions job +has the following preconfigured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Top Databases by Permission Count - Table – Displays Database Sensitive Data Permissions Summary - Table – Displays data details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/overview.md b/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/overview.md index aeb5064c3d..b2bb54dd5c 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/overview.md @@ -3,12 +3,12 @@ This job group provides insight into where sensitive data exists and who has access to it across all the targeted Db2 database servers. -![Sensitive Data Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) +![Sensitive Data Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) The jobs in the Sensitive Data job group are: -- [Db2_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2-sensitivedata.md) – Provides information on all the sensitive data +- [Db2_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2_sensitivedata.md) – Provides information on all the sensitive data that was discovered in the targeted Db2 database servers based on the selection scan criteria -- [Db2_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2-sensitivedatapermissions.md) – Provides all types of +- [Db2_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/db2_sensitivedatapermissions.md) – Provides all types of permissions on database objects containing sensitive data across all the targeted Db2 database servers diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb-configuration.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb-configuration.md deleted file mode 100644 index 49567a6d60..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb-configuration.md +++ /dev/null @@ -1,16 +0,0 @@ -# MongoDB_Configuration Job - -The MongoDB_Configuration job is designed to collect MongoDB server instance and database -configuration settings for use in the following analysis jobs and respective reports. - -## Queries for the MongoDB_Configuration Job - -The MongoDB_Configuration Job uses the NoSQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection - Mongo DB](/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/configurationjob.webp) - -The query is: - -- Database Sizing — Returns size details for the selected MongoDB databases diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb-sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb-sensitivedatascan.md deleted file mode 100644 index 3f4b4a2daf..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb-sensitivedatascan.md +++ /dev/null @@ -1,117 +0,0 @@ -# MongoDB_SensitiveDataScan Job - -The MongoDB_SensitiveDataScan Job is designed to discover sensitive data in MongoDB databases based -on pre-defined or user-defined search criteria. - -## Queries for the MongoDB_SensitiveDataScan Job - -The MongoDB_SensitiveDataScan Job uses the NOSQL Data Collector for queries. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/sensitivedatascan_job.webp) - -The query is: - -- MongoDB SDD - Collects sensitive data from MongoDB - - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the MongoDB SDD Query](#configure-the-mongodb-sdd-query) topic for additional - information. - -## Configure the MongoDB SDD Query - -The MongoDB SDD Query is preconfigured to run using the default settings for the Sensitive Data -Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **MongoDB** > -**MongoDB_SensitiveDataScan** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the MongoDB SDD query and click Query Properties. -The Query Properties window opens. - -**Step 3 –** Select the Data Source tab, and click Configure. The NoSQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -**Step 4 –** Navigate to the [NoSQL: Options](/docs/accessanalyzer/12.0/data-collection/nosql/options.md) -page. - -![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/install/application/options.webp) - -**Step 5 –** Select the desired scan options. - -**Step 6 –** Navigate to the [NoSQL: Criteria](/docs/accessanalyzer/12.0/data-collection/nosql/criteria.md) -page. - -![Criteria Page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -**Step 7 –** To modify criteria, navigate to the -[NoSQL: Criteria](/docs/accessanalyzer/12.0/data-collection/nosql/criteria.md) page. By default, the Sensitive -Data Scan job is configured to scan for criteria configured in the Global Criteria settings. See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) -topic for additional information. - -**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -**Step 8 –** Navigate to the [NoSQL: Filter](/docs/accessanalyzer/12.0/data-collection/nosql/filter.md) page. - -![Database Selection Settings](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp) - -**Step 9 –** MongoDB databases must be added to the query before they can be scanned. Click -**Connections** to open the Manage Connections window. - -![Manage Connections window](/img/product_docs/accessanalyzer/admin/datacollector/nosql/manageconnections.webp) - -**Step 10 –** In the Manage Connections window, click **Create New** and add the following -information: - -- Is Active Checkbox — Check to include the database on the Servers Pane on the Filter page. -- Server Label — The name of the server -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the database. The default port is 27017. -- Auth Database — Account used to access the database. Admin is recommended. -- Read Preference — Read preference describes how MongoDB clients route read operations to the - members of a replica set. By default, an application directs its read operations to the primary - member in a replica set (i.e. read preference mode “primary”). But, clients can specify a read - preference to send read operations to secondaries. Click the link for additional informatoin. -- Mongo SRV Checkbox — Specifies that the information entered is for clusters or shards - -**Step 11 –** Click to **Test Connection** to verify the connection to the database with the -connection profile applied to the job - -**Step 12 –** Click **Save New Connection** to add the connection to the list, then close the Manage -Connections window. - -**Step 13 –** On the Filter page, click Retrieveto populate the Servers pane with the databases and -collections. - -**Step 14 –** (Optional) Right click on an object in the list to include or exclude it from the -sensitive data scan, or build /edit a pattern to create a custom filter. See the -[NoSQL: Filter](/docs/accessanalyzer/12.0/data-collection/nosql/filter.md) topic for additional information. - -**Step 15 –** Click **Validate** and then **Save** to apply the scoping. Navigating away from this -page without saving will undo any changes made. - -**Step 16 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The MongoDB SDD Query is now ready to run with the customized settings. - -## Analysis Tasks for the MongoDB_SensitiveDataScan Job - -Navigate to the Databases > > 0.Collection > MongoDB > MongoDB_SensitiveDataScan > Configure node -and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/analysissensitivedatascan.webp) - -The default analysis tasks are: - -- NoSQL Instances — Brings the SA_NoSQL_Instances to view in SA -- Matches View — Brings the MongoDB matches view to the Access Analyzer console -- Match Hits View — Brings the MongoDB match hits view to the Access Analyzer console -- MongoDB SDD AIC Import — Imports MongoDB SDD into the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb_configuration.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb_configuration.md new file mode 100644 index 0000000000..450c8e452f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb_configuration.md @@ -0,0 +1,16 @@ +# MongoDB_Configuration Job + +The MongoDB_Configuration job is designed to collect MongoDB server instance and database +configuration settings for use in the following analysis jobs and respective reports. + +## Queries for the MongoDB_Configuration Job + +The MongoDB_Configuration Job uses the NoSQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection - Mongo DB](/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/configurationjob.webp) + +The query is: + +- Database Sizing — Returns size details for the selected MongoDB databases diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb_sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb_sensitivedatascan.md new file mode 100644 index 0000000000..b660797688 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb_sensitivedatascan.md @@ -0,0 +1,117 @@ +# MongoDB_SensitiveDataScan Job + +The MongoDB_SensitiveDataScan Job is designed to discover sensitive data in MongoDB databases based +on pre-defined or user-defined search criteria. + +## Queries for the MongoDB_SensitiveDataScan Job + +The MongoDB_SensitiveDataScan Job uses the NOSQL Data Collector for queries. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/sensitivedatascan_job.webp) + +The query is: + +- MongoDB SDD - Collects sensitive data from MongoDB + + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the MongoDB SDD Query](#configure-the-mongodb-sdd-query) topic for additional + information. + +## Configure the MongoDB SDD Query + +The MongoDB SDD Query is preconfigured to run using the default settings for the Sensitive Data +Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **MongoDB** > +**MongoDB_SensitiveDataScan** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the MongoDB SDD query and click Query Properties. +The Query Properties window opens. + +**Step 3 –** Select the Data Source tab, and click Configure. The NoSQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +**Step 4 –** Navigate to the [NoSQL: Options](/docs/accessanalyzer/12.0/admin/datacollector/nosql/options.md) +page. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/12.0/install/application/options.webp) + +**Step 5 –** Select the desired scan options. + +**Step 6 –** Navigate to the [NoSQL: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/nosql/criteria.md) +page. + +![Criteria Page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.webp) + +**Step 7 –** To modify criteria, navigate to the +[NoSQL: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/nosql/criteria.md) page. By default, the Sensitive +Data Scan job is configured to scan for criteria configured in the Global Criteria settings. See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +**Step 8 –** Navigate to the [NoSQL: Filter](/docs/accessanalyzer/12.0/admin/datacollector/nosql/filter.md) page. + +![Database Selection Settings](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filter.webp) + +**Step 9 –** MongoDB databases must be added to the query before they can be scanned. Click +**Connections** to open the Manage Connections window. + +![Manage Connections window](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/manageconnections.webp) + +**Step 10 –** In the Manage Connections window, click **Create New** and add the following +information: + +- Is Active Checkbox — Check to include the database on the Servers Pane on the Filter page. +- Server Label — The name of the server +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the database. The default port is 27017. +- Auth Database — Account used to access the database. Admin is recommended. +- Read Preference — Read preference describes how MongoDB clients route read operations to the + members of a replica set. By default, an application directs its read operations to the primary + member in a replica set (i.e. read preference mode “primary”). But, clients can specify a read + preference to send read operations to secondaries. Click the link for additional informatoin. +- Mongo SRV Checkbox — Specifies that the information entered is for clusters or shards + +**Step 11 –** Click to **Test Connection** to verify the connection to the database with the +connection profile applied to the job + +**Step 12 –** Click **Save New Connection** to add the connection to the list, then close the Manage +Connections window. + +**Step 13 –** On the Filter page, click Retrieveto populate the Servers pane with the databases and +collections. + +**Step 14 –** (Optional) Right click on an object in the list to include or exclude it from the +sensitive data scan, or build /edit a pattern to create a custom filter. See the +[NoSQL: Filter](/docs/accessanalyzer/12.0/admin/datacollector/nosql/filter.md) topic for additional information. + +**Step 15 –** Click **Validate** and then **Save** to apply the scoping. Navigating away from this +page without saving will undo any changes made. + +**Step 16 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The MongoDB SDD Query is now ready to run with the customized settings. + +## Analysis Tasks for the MongoDB_SensitiveDataScan Job + +Navigate to the Databases > > 0.Collection > MongoDB > MongoDB_SensitiveDataScan > Configure node +and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/analysissensitivedatascan.webp) + +The default analysis tasks are: + +- NoSQL Instances — Brings the SA_NoSQL_Instances to view in SA +- Matches View — Brings the MongoDB matches view to the Access Analyzer console +- Match Hits View — Brings the MongoDB match hits view to the Access Analyzer console +- MongoDB SDD AIC Import — Imports MongoDB SDD into the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/overview.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/overview.md index 3b42b48301..71319509e9 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/overview.md @@ -4,11 +4,11 @@ The MongoDB Solution Collection group is designed to collect high level summary targeted MongoDB Servers.  This information is used by other jobs in the MongoDB Solution Set for further analysis and producing respective reports. -![0](/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp) +![0](/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp) The jobs in the 0.Collection Job Group are: -- [MongoDB_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb-configuration.md) — Collects MongoDB server instance and +- [MongoDB_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb_configuration.md) — Collects MongoDB server instance and database configuration settings for use in the following analysis jobs and respective reports. -- [MongoDB_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb-sensitivedatascan.md) — Discovers sensitive data in +- [MongoDB_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/mongodb_sensitivedatascan.md) — Discovers sensitive data in MongoDB databases based on pre-defined or user-defined search criteria diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb-databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb-databasesizing.md deleted file mode 100644 index f6ab4c0fc5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb-databasesizing.md +++ /dev/null @@ -1,23 +0,0 @@ -### Analysis Tasks for the MongoDB_Database_Sizing Job - -Navigate to the **Jobs > Databases > MongoDB > Configuration > MongoDB_DatabaseSizing > Configure** -node and select Analysis to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/mongodb/databasesizingjobanalysis.webp) - -The default analysis tasks are: - -- MongoDB Database Sizing Details — Provides details about MongoDB databases and sizing -- MongoDB Database Sizing Summary — Summarizes MongoDB database sizing by node or cluster - -### Report for the MongoDB_Database_Sizing Job - -In addition to the tables and views created the analysis task, the MongoDB_DatabaseSizing Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------- | -------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report highlights the size of databases in MongoDB. | None. | This report is comprised of three elements: - Bar Chart - Displays top databases by size (MB) - Bar Chart - Displays database size by host (GB) - Table - Displays details on database sizing | diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb-sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb-sensitivedata.md deleted file mode 100644 index f8545c6824..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb-sensitivedata.md +++ /dev/null @@ -1,37 +0,0 @@ -# Sensitive Data > MongoDB_SensitiveData Job - -The Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who -has access to it across all the targeted MongoDB databases. - -![Sensitive Data Job Group](/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) - -The job in the Sensitive Data Job Group is: - -- MongoDB_SensitiveData Job - Provides details on all the sensitive data that was discovered in the - targeted MongoDB databases based on the selected scan criteria - -### Analysis Tasks for the MongoDB_SensitiveData Job - -Navigate to the MongoDB > **Databases** > **Sensitive Data**> MongoDB_SensitiveData > Configure node -and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp) - -The default analysis tasks are: - -- Sensitive Data Details — Returns details around sensitive data in MongoDB -- Database Summary — Summarizes MongoDB sensitive data by database -- Enterprise Summary — Summarizes MongoDB sensitive data across the enterprise - -### Reports for the for the MongoDB_SensitiveData Job - -In addition to the tables and views created the analysis task, the MongoDB_SensitiveData Job -produces the following preconfigured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Bar Chart - Displays exceptions by Match Count - Table - Displays exception details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases by Sensitive Data Hits - Table - Provides details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb_databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb_databasesizing.md new file mode 100644 index 0000000000..f285c358ba --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb_databasesizing.md @@ -0,0 +1,23 @@ +### Analysis Tasks for the MongoDB_Database_Sizing Job + +Navigate to the **Jobs > Databases > MongoDB > Configuration > MongoDB_DatabaseSizing > Configure** +node and select Analysis to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/databasesizingjobanalysis.webp) + +The default analysis tasks are: + +- MongoDB Database Sizing Details — Provides details about MongoDB databases and sizing +- MongoDB Database Sizing Summary — Summarizes MongoDB database sizing by node or cluster + +### Report for the MongoDB_Database_Sizing Job + +In addition to the tables and views created the analysis task, the MongoDB_DatabaseSizing Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------- | -------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report highlights the size of databases in MongoDB. | None. | This report is comprised of three elements: - Bar Chart - Displays top databases by size (MB) - Bar Chart - Displays database size by host (GB) - Table - Displays details on database sizing | diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb_sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb_sensitivedata.md new file mode 100644 index 0000000000..2e08987a16 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb_sensitivedata.md @@ -0,0 +1,37 @@ +# Sensitive Data > MongoDB_SensitiveData Job + +The Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who +has access to it across all the targeted MongoDB databases. + +![Sensitive Data Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/sensitivedatajobgroup.webp) + +The job in the Sensitive Data Job Group is: + +- MongoDB_SensitiveData Job - Provides details on all the sensitive data that was discovered in the + targeted MongoDB databases based on the selected scan criteria + +### Analysis Tasks for the MongoDB_SensitiveData Job + +Navigate to the MongoDB > **Databases** > **Sensitive Data**> MongoDB_SensitiveData > Configure node +and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp) + +The default analysis tasks are: + +- Sensitive Data Details — Returns details around sensitive data in MongoDB +- Database Summary — Summarizes MongoDB sensitive data by database +- Enterprise Summary — Summarizes MongoDB sensitive data across the enterprise + +### Reports for the for the MongoDB_SensitiveData Job + +In addition to the tables and views created the analysis task, the MongoDB_SensitiveData Job +produces the following preconfigured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Bar Chart - Displays exceptions by Match Count - Table - Displays exception details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases by Sensitive Data Hits - Table - Provides details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/overview.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/overview.md index c6c831966d..51534e130b 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/mongodb/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/mongodb/overview.md @@ -30,7 +30,7 @@ Supported Platforms Requirements, Permissions, and Ports See the -[Target MongoDB Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-mongodb.md) +[Target MongoDB Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databasemongodb.md) topic for additional information. Sensitive Data Discovery Considerations @@ -66,14 +66,14 @@ sensitive data. The Access Analyzer MongoDB Solution Set is a set of pre-configured jobs and reports that provides visibility into MongoDB Sensitive Data. -![MongoDB Overview](/img/product_docs/accessanalyzer/solutions/databases/mongodb/mongdbjobgroupoverview.webp) +![MongoDB Overview](/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/mongdbjobgroupoverview.webp) The following job groups comprise the MongoDB Solution: - [ 0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/overview.md) — Collects high level summary information from targeted MongoDB Servers. This information is used by other jobs in the MongoDB Solution Set for further analysis and producing respective reports. -- [Analysis Tasks for the MongoDB_Database_Sizing Job](/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb-databasesizing.md) — Provides insight +- [Analysis Tasks for the MongoDB_Database_Sizing Job](/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb_databasesizing.md) — Provides insight into MongoDB server configuration settings -- [Sensitive Data > MongoDB_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb-sensitivedata.md) — Provides insight into +- [Sensitive Data > MongoDB_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/mongodb/mongodb_sensitivedata.md) — Provides insight into where sensitive data exists and who has access to it across all the targeted MongoDB databases diff --git a/docs/accessanalyzer/12.0/solutions/databases/mongodb/recommended.md b/docs/accessanalyzer/12.0/solutions/databases/mongodb/recommended.md index 16d069ee82..3308f0426c 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/mongodb/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/databases/mongodb/recommended.md @@ -23,7 +23,7 @@ The NoSQL Data Collector requires a specific set of permission. See the Permissi necessary permissions. The account used can be either an Active Directory account or a SQL account. Once the account has been provisioned, create a custom Connection Profile containing the credentials for the targeted environment. See the -[NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/nosql/configure-job.md) +[NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/nosql/configurejob.md) topic for additional information. The Connection Profile should be assigned under the MongoDB > 0.Collection > Settings > Connection @@ -32,7 +32,7 @@ since this may not be the Connection Profile with the necessary permissions for click the radio button for the Select one of the following user defined profiles option and select the appropriate Connection Profile drop-down menu. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency @@ -53,17 +53,17 @@ Workflow 1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the Recommended Configurations section. See the - [NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/nosql/configure-job.md) + [NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/nosql/configurejob.md) topic for additional information. 2. Set the Host list for the 0.Collection Job Group with the servers containing the target databases. Additionally, the database clusters / instances must be added to the Filter page in the query configuration. See the - [NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/nosql/configure-job.md) + [NoSQL Custom Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/nosql/configurejob.md) topic for additional information. 3. (Optional) Configure the queries for the jobs in the 0.Collection Job Group 4. Schedule the 0.Collection Job Group to run daily or as desired - **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the - SQL solution + **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the + SQL solution 5. Review the reports generated by the 0.Collection Job Group’s jobs diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-configuration.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-configuration.md deleted file mode 100644 index e0f9042285..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-configuration.md +++ /dev/null @@ -1,16 +0,0 @@ -# MySQL_Configuration Job - -The MySQL_Configuration Job is designed to collect MySQL server instance and database configuration -settings for use in the following analysis jobs and respective reports. - -## Queries for the MySQL_Configuration Job - -The MySQL_Configuration Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/configurationjob.webp) - -The query is: - -- Database Sizing - Returns size details for the selected MySQL databases diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-sensitivedatascan.md deleted file mode 100644 index 776748d368..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-sensitivedatascan.md +++ /dev/null @@ -1,97 +0,0 @@ -# MySQL_SensitiveDataScan Job - -The MySQL_SensitiveDataScan Job is designed to discover sensitive data in MySQL databases based on -pre-defined or user-defined search criteria. - -## Queries for the MySQL_SensitiveDataScan Job - -The MySQL_SensitiveDataScan Job uses the SQL Data Collector for queries. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatascan.webp) - -The query is: - -- Sensitive Data Scan - Discovers MySQL Sensitive Data. See the - [Configure the SensitiveDataScan Query](#configure-the-sensitivedatascan-query) for additional - information. - -### Configure the SensitiveDataScan Query - -The MySQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive -Data Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the Databases > 0.Collection > MySQL > MySQL_SensitiveDataScan > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, select the Sensitive Data Scan query click on Query -Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this -job. - -![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp) - -**Step 4 –** To modify sensitive data scan options, select the desired scan options. See the -[SQL: Options](/docs/accessanalyzer/12.0/data-collection/sql/options.md) page for additional information. - -**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -![DLP Criteria for Scan](/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp) - -**Step 5 –** To modify criteria, navigate to the -[SQL: Criteria](/docs/accessanalyzer/12.0/data-collection/sql/criteria.md) page. By default, the Sensitive -Data Scan job is configured to scan for criteria configured in the Global Criteria settings. See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) -topic for additional information. - -![Filters Page](/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp) - -**Step 6 –** MySQL databases must be added to the query before they can be scanned. Navigate to the -**Filter** page and click **Connections** to open the Manage Connections window. - -![Manage Connections](/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/manageconnectionsmysql.webp) - -**Step 7 –** In the Manage Connections window, click **New Connection** and add the following -information: - -- Instance Label — The name of the instance -- Database System — Select MySQL from the dropdown list -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the database. The default port for MySQL is 3306 - -Exit the Manage Connections window to return to the Filter page. - -**Step 8 –** On the Filter page, the query is configured by default to target Only select database -objects. Click Retrieve. The Available database objects box will populate. The default filter will -scan all MySQL Databases returned, excluding the listed system schemas and tables in red. Databases -and instances can be added in the following ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Use the Add Custom Filter button to create and apply a custom filter. - -**Step 9 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The MySQL_SensitiveDataScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the MySQL_SensitiveDataScan Job - -Navigate to the **Databases** > **0.Collection** > **MySQL** > **MySQL_SensitiveDataScan** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp) - -The default analysis tasks are: - -- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table -- MySQL SDD Matches View — Bring the MySQL SDD Matches View to the SA console -- MySQL SDD Match Hits View — Bring the MySQL SDD Match Hits View to the SA console -- MySQL SDD AIC Import — Imports to MySQL SDD to the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-tableprivileges.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-tableprivileges.md deleted file mode 100644 index 9ec7851047..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-tableprivileges.md +++ /dev/null @@ -1,30 +0,0 @@ -# MySQL_TablePrivileges Job - -The MySQL_TablePrivileges job is designed to collect MySQL table privileges from all the targeted -servers. - -## Queries for the MySQL_TablePrivileges Job - -The MySQL_TablePrivileges Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/querytableprivileges.webp) - -The query is: - -- Table Privileges - Returns table privileges from all the targeted servers. - -## Analysis Task for the MySQL_TablePrivileges Job - -Navigate to the **Databases** > **0.Collection** > **MySQL** > **MySQL_TablePrivileges** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/analysistableprivileges.webp) - -The default analysis task is: - -- AIC Import - MySQL Permissions – Imports MySQL permissions to the AIC. diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_configuration.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_configuration.md new file mode 100644 index 0000000000..5880741ace --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_configuration.md @@ -0,0 +1,16 @@ +# MySQL_Configuration Job + +The MySQL_Configuration Job is designed to collect MySQL server instance and database configuration +settings for use in the following analysis jobs and respective reports. + +## Queries for the MySQL_Configuration Job + +The MySQL_Configuration Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/configurationjob.webp) + +The query is: + +- Database Sizing - Returns size details for the selected MySQL databases diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_sensitivedatascan.md new file mode 100644 index 0000000000..154a8a5bc4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_sensitivedatascan.md @@ -0,0 +1,97 @@ +# MySQL_SensitiveDataScan Job + +The MySQL_SensitiveDataScan Job is designed to discover sensitive data in MySQL databases based on +pre-defined or user-defined search criteria. + +## Queries for the MySQL_SensitiveDataScan Job + +The MySQL_SensitiveDataScan Job uses the SQL Data Collector for queries. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatascan.webp) + +The query is: + +- Sensitive Data Scan - Discovers MySQL Sensitive Data. See the + [Configure the SensitiveDataScan Query](#configure-the-sensitivedatascan-query) for additional + information. + +### Configure the SensitiveDataScan Query + +The MySQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive +Data Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the Databases > 0.Collection > MySQL > MySQL_SensitiveDataScan > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, select the Sensitive Data Scan query click on Query +Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this +job. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp) + +**Step 4 –** To modify sensitive data scan options, select the desired scan options. See the +[SQL: Options](/docs/accessanalyzer/12.0/admin/datacollector/sql/options.md) page for additional information. + +**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +![DLP Criteria for Scan](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp) + +**Step 5 –** To modify criteria, navigate to the +[SQL: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.md) page. By default, the Sensitive +Data Scan job is configured to scan for criteria configured in the Global Criteria settings. See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +![Filters Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp) + +**Step 6 –** MySQL databases must be added to the query before they can be scanned. Navigate to the +**Filter** page and click **Connections** to open the Manage Connections window. + +![Manage Connections](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/manageconnectionsmysql.webp) + +**Step 7 –** In the Manage Connections window, click **New Connection** and add the following +information: + +- Instance Label — The name of the instance +- Database System — Select MySQL from the dropdown list +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the database. The default port for MySQL is 3306 + +Exit the Manage Connections window to return to the Filter page. + +**Step 8 –** On the Filter page, the query is configured by default to target Only select database +objects. Click Retrieve. The Available database objects box will populate. The default filter will +scan all MySQL Databases returned, excluding the listed system schemas and tables in red. Databases +and instances can be added in the following ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Use the Add Custom Filter button to create and apply a custom filter. + +**Step 9 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The MySQL_SensitiveDataScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the MySQL_SensitiveDataScan Job + +Navigate to the **Databases** > **0.Collection** > **MySQL** > **MySQL_SensitiveDataScan** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp) + +The default analysis tasks are: + +- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table +- MySQL SDD Matches View — Bring the MySQL SDD Matches View to the SA console +- MySQL SDD Match Hits View — Bring the MySQL SDD Match Hits View to the SA console +- MySQL SDD AIC Import — Imports to MySQL SDD to the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_tableprivileges.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_tableprivileges.md new file mode 100644 index 0000000000..f45111a472 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_tableprivileges.md @@ -0,0 +1,30 @@ +# MySQL_TablePrivileges Job + +The MySQL_TablePrivileges job is designed to collect MySQL table privileges from all the targeted +servers. + +## Queries for the MySQL_TablePrivileges Job + +The MySQL_TablePrivileges Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/querytableprivileges.webp) + +The query is: + +- Table Privileges - Returns table privileges from all the targeted servers. + +## Analysis Task for the MySQL_TablePrivileges Job + +Navigate to the **Databases** > **0.Collection** > **MySQL** > **MySQL_TablePrivileges** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/analysistableprivileges.webp) + +The default analysis task is: + +- AIC Import - MySQL Permissions – Imports MySQL permissions to the AIC. diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/overview.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/overview.md index 4a1b54cfea..2b74608b2a 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/overview.md @@ -4,22 +4,22 @@ The MySQL Solution Collection group is designed to collect high level summary in targeted MySQL Servers. This information is used by other jobs in the MySQL Solution Set for further analysis and producing respective reports. -![0.Collection Job Group for MySQL](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/0.collectionjobgroup.webp) +![0.Collection Job Group for MySQL](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/0.collectionjobgroup.webp) The jobs in the 0.Collection Job Group are: -- [MySQL_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-configuration.md) – Designed to collect MySQL server instance and +- [MySQL_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_configuration.md) – Designed to collect MySQL server instance and database configuration settings for use in the following analysis jobs and respective reports -- [MySQL_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-sensitivedatascan.md) – Designed to discover sensitive data in +- [MySQL_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_sensitivedatascan.md) – Designed to discover sensitive data in MySQL databases based on pre-defined or user-defined search criteria -- [MySQL_TablePrivileges Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-tableprivileges.md) – Designed to collect MySQL table privileges +- [MySQL_TablePrivileges Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql_tableprivileges.md) – Designed to collect MySQL table privileges from all the targeted servers. Workflow 1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the Recommended Configurations section. See the - [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. + [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. 2. For Sensitive Data Discovery Auditing – Ensure the Sensitive Data Discovery Add-On is installed on the StealthAUDIT Console server. 3. Schedule the solution to run daily or as desired. diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/mysql-databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/mysql-databasesizing.md deleted file mode 100644 index eff7e8da00..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/mysql/mysql-databasesizing.md +++ /dev/null @@ -1,31 +0,0 @@ -# Configuration > MySQL_DatabaseSizing Job - -The Configuration Job Group is designed to provide insight into MySQL server configuration settings. - -![Configuration Job Group](/img/product_docs/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp) - -The job in the Configuration Job Group is: - -- MySQL_DatabaseSizing Job - Provides details on database table sizes and overall database size - -### Analysis Tasks for the MySQL_DatabaseSizing Job - -Navigate to the **Jobs > Databases > MySQL > Configuration > MySQL_DatabaseSizing > Configure** node -and select Analysis to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/mysql/analysismysqldatabasesizing.webp) - -The default analysis tasks are: - -- Database Details - Returns size details for MySQL databases -- Database Summary - Summarizes database sizes by host - -In addition to the tables and views created the analysis task, the MySQL_DatabaseSizing Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ----------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report provides details on database tables and sizing. | | This report is comprised of three elements: - Bar Chart - Displays top databases by size (MB) - Bar Chart - Displays database size by host (GB) - Table - Displays details on database sizing | diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/mysql_databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/mysql_databasesizing.md new file mode 100644 index 0000000000..177ec94dfc --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/mysql/mysql_databasesizing.md @@ -0,0 +1,31 @@ +# Configuration > MySQL_DatabaseSizing Job + +The Configuration Job Group is designed to provide insight into MySQL server configuration settings. + +![Configuration Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/configurationjobgroup.webp) + +The job in the Configuration Job Group is: + +- MySQL_DatabaseSizing Job - Provides details on database table sizes and overall database size + +### Analysis Tasks for the MySQL_DatabaseSizing Job + +Navigate to the **Jobs > Databases > MySQL > Configuration > MySQL_DatabaseSizing > Configure** node +and select Analysis to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/analysismysqldatabasesizing.webp) + +The default analysis tasks are: + +- Database Details - Returns size details for MySQL databases +- Database Summary - Summarizes database sizes by host + +In addition to the tables and views created the analysis task, the MySQL_DatabaseSizing Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ----------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report provides details on database tables and sizing. | | This report is comprised of three elements: - Bar Chart - Displays top databases by size (MB) - Bar Chart - Displays database size by host (GB) - Table - Displays details on database sizing | diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/overview.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/overview.md index e07c01d254..9e37e66d34 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/mysql/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/mysql/overview.md @@ -37,7 +37,7 @@ Supported Platforms Requirements, Permissions, and Ports See the -[Target MySQL Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-mysql.md) +[Target MySQL Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databasemysql.md) topic for additional information. Sensitive Data Discovery Considerations @@ -70,14 +70,14 @@ sensitive data. The Access Analyzer MySQL Solution Set is a set of pre-configured audit jobs and reports that provides visibility into MySQL Sensitive Data. -![MySQL Job Group Overview](/img/product_docs/accessanalyzer/solutions/databases/mysql/mysqljobgroupoverview.webp) +![MySQL Job Group Overview](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/mysqljobgroupoverview.webp) The job groups in the MySQL Solution are: - [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/overview.md) – Designed to collect high level summary information from targeted MySQL Servers. This information is used by other jobs in the MySQL Solution Set for further analysis and producing respective reports. -- [Configuration > MySQL_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/mysql-databasesizing.md) – Designed to provide insight +- [Configuration > MySQL_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/mysql_databasesizing.md) – Designed to provide insight into MySQL server configuration settings -- [MySQL_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql-sensitivedata.md) – Designed to provide insight into +- [MySQL_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql_sensitivedata.md) – Designed to provide insight into where sensitive data exists and who has access to it across all the targeted MySQL databases. diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/recommended.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/recommended.md index 895b44a928..1b018703ed 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/mysql/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/databases/mysql/recommended.md @@ -22,7 +22,7 @@ Connection Profile The SQL Data Collector requires a specific set of permissions. For the MySQL Solution, the credentials configured in the Connection Profile must be able to access the MySQL Database. See the -[Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on +[Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on permissions and creating a SQL custom connection profile. The Connection Profile is set to Use the Default Profile, as configured at the global settings @@ -44,7 +44,7 @@ Query Configuration This solution is designed to be run with the default query configurations. However, the MySQL_SensitiveDataScan Job query can be customized as needed. See the -[Configure the SensitiveDataScan Query](/docs/accessanalyzer/12.0/solutions/databases/mysql/collection/mysql-sensitivedatascan.md#configure-the-sensitivedatascan-query) +[Configure the SensitiveDataScan Query](collection/mysql_sensitivedatascan.md#configure-the-sensitivedatascan-query) topic for additional information. Analysis Configuration diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql-sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql-sensitivedata.md deleted file mode 100644 index acac7c4f50..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql-sensitivedata.md +++ /dev/null @@ -1,28 +0,0 @@ -# MySQL_SensitiveData Job - -The MySQL_SensitiveData Job is designed to provide information on all the sensitive data that was -discovered in the targeted MySQL servers based on the selected scan criteria. - -## Analysis Tasks for the MySQL_SensitiveData Job - -Navigate to the **Jobs > MySQL > Sensitive Data > MySQL_SensitiveData > Configure** node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp) - -The default analysis tasks are: - -- Sensitive Data Details - Returns details around sensitive data in MySQL -- Database Summary - Summarizes sensitive data in MySQL by database -- Enterprise Summary - Summarizes MySQL sensitive data for the organization - -In addition to the tables and views created the analysis task, the MySQL_SensitiveData Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | | This report is comprised of two elements: - Bar Chart - Displays exceptions by match count - Table - Displays exception details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases by sensitive data - Table - Provides details on sensitive data | diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql-sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql-sensitivedatapermissions.md deleted file mode 100644 index 4b7463cd44..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql-sensitivedatapermissions.md +++ /dev/null @@ -1,29 +0,0 @@ -# MySQL_SensitiveDataPermissions Job - -The MySQL_SensitiveDataPermissions Job is designed to provide information on all types of -permissions on database objects containing sensitive data across all the targeted MySQL servers -based on the selected scan criteria. - -## Analysis Tasks for the MySQL_SensitiveData Job - -Navigate to the **Jobs > MySQL > Sensitive Data > MySQL_SensitiveDataPermissions > Configure** node -and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp) - -The default analysis tasks are: - -- Sensitive Data Permission Details – Creates the MySQL_SensitiveDataPermissions_Details table - accessible under the job’s Results node -- Sensitive Data Permissions Database Summary – Creates the - MySQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the -MySQL_SensitiveDataPermissions Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql_sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql_sensitivedata.md new file mode 100644 index 0000000000..9bda6fa30c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql_sensitivedata.md @@ -0,0 +1,28 @@ +# MySQL_SensitiveData Job + +The MySQL_SensitiveData Job is designed to provide information on all the sensitive data that was +discovered in the targeted MySQL servers based on the selected scan criteria. + +## Analysis Tasks for the MySQL_SensitiveData Job + +Navigate to the **Jobs > MySQL > Sensitive Data > MySQL_SensitiveData > Configure** node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp) + +The default analysis tasks are: + +- Sensitive Data Details - Returns details around sensitive data in MySQL +- Database Summary - Summarizes sensitive data in MySQL by database +- Enterprise Summary - Summarizes MySQL sensitive data for the organization + +In addition to the tables and views created the analysis task, the MySQL_SensitiveData Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | | This report is comprised of two elements: - Bar Chart - Displays exceptions by match count - Table - Displays exception details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases by sensitive data - Table - Provides details on sensitive data | diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql_sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql_sensitivedatapermissions.md new file mode 100644 index 0000000000..1bf38b6de7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql_sensitivedatapermissions.md @@ -0,0 +1,29 @@ +# MySQL_SensitiveDataPermissions Job + +The MySQL_SensitiveDataPermissions Job is designed to provide information on all types of +permissions on database objects containing sensitive data across all the targeted MySQL servers +based on the selected scan criteria. + +## Analysis Tasks for the MySQL_SensitiveData Job + +Navigate to the **Jobs > MySQL > Sensitive Data > MySQL_SensitiveDataPermissions > Configure** node +and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp) + +The default analysis tasks are: + +- Sensitive Data Permission Details – Creates the MySQL_SensitiveDataPermissions_Details table + accessible under the job’s Results node +- Sensitive Data Permissions Database Summary – Creates the + MySQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the +MySQL_SensitiveDataPermissions Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/overview.md b/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/overview.md index 0dcdaf1706..ff9d16280c 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/overview.md @@ -3,13 +3,13 @@ The Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who has access to it across all the targeted MySQL databases. -![Sensitive Data Job Group](/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) +![Sensitive Data Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/sensitivedatajobgroup.webp) The job in the Sensitive Data Job Group is: -- [MySQL_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql-sensitivedata.md) - Designed to provide information on all the +- [MySQL_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql_sensitivedata.md) - Designed to provide information on all the sensitive data that was discovered in the targeted MySQL servers based on the selected scan criteria -- [MySQL_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql-sensitivedatapermissions.md) - Designed to provide +- [MySQL_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/mysql_sensitivedatapermissions.md) - Designed to provide information on all types of permissions on database objects containing sensitive data across all the targeted MySQL servers based on the selected scan criteria. diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-activity.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-activity.md deleted file mode 100644 index bc776445b4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-activity.md +++ /dev/null @@ -1,30 +0,0 @@ -# Oracle_Activity Job - -The Oracle_Activity Job is designed to provide insight into user activity in target Oracle database -servers and instances based on Oracle Unified Audit settings. - -## Analysis Tasks for the Oracle_Activity Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_Activity** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup26.webp) - -The default analysis tasks are: - -- Oracle Activity Details – Creates the SA_Oracle_Activity_Details table accessible under the job’s - Results node -- Activity Database Summary – Summarizes all activity by database. Creates the - SA_Oracle_Activity_UserDatabaseSummary table accessible under the job’s Results node. -- Activity Instance Summary – Summarizes Oracle activity by Instance. Creates the - SA_Oracle_Activity_UserInstanceSummary table accessible under the job’s Results node. - -In addition to the tables and views created the analysis task, the Oracle_Activity Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ---------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| User Activity Summary | This report lists all Oracle events, and summarizes them by database and instance. | None | This report is comprised of three elements: - Bar Chart – Displays users with most events by instance - Table – Provides details on users with most events by instance - Table – Provides details on event details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-logons.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-logons.md deleted file mode 100644 index d5583b846f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-logons.md +++ /dev/null @@ -1,28 +0,0 @@ -# Oracle_Logons Job - -The Oracle_Logons Job is designed to provide insight into failed and successful Oracle database -login activity across all targeted Oracle database servers. - -## Analysis Tasks for the Oracle_Logons Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_Logons** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup27.webp) - -The default analysis tasks are: - -- Oracle Logons – Reports on all Oracle logon events. Creates the SA_Oracle_Logons_Details table - accessible under the job’s Results node. -- Logons Summary – Provides a summary of logons by Instance. Creates the SA_Oracle_Logons_Summary - table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the Oracle_Logons Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------- | ----------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Logon Summary | This report outlines successful and failed logins over the last 30 days | None | This report is comprised of three elements: - Bar Chart – Displays top instances by failed logons - Table – Provides details on logon summary - Table – Provides details on logon details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-permissionchanges.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-permissionchanges.md deleted file mode 100644 index da97e9ce8d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-permissionchanges.md +++ /dev/null @@ -1,30 +0,0 @@ -# Oracle_PermissionChanges Job - -The Oracle_PermissionsChanges Job is designed to provide detailed information about changes in -permissions across all database objects. Audited activities include granting, altering, and revoking -permissions on database objects. - -## Analysis Tasks for the Oracle_PermissionsChanges Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_PermissionChanges** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup28.webp) - -The default analysis tasks are: - -- Oracle Permission Changes – Highlights activity involving permission changes on audited Oracle - Instances. Creates the SA_Oracle_PermissionChange_Details table accessible under the job’s Results - node. -- Oracle Permission Changes Instance Summary – Summarizes Permission Changes per Instance. Creates - the SA_Oracle_PermissionChange_Summary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_PermissionsChanges Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------- | ----------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Permission Change Activity Summary | This report lists all permission change related Oracle events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission change activity - Table –  Provides details on instances by permission change activity - Table – Provides details on permission change details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-schemachanges.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-schemachanges.md deleted file mode 100644 index 61c1edb7f7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-schemachanges.md +++ /dev/null @@ -1,29 +0,0 @@ -# Oracle_SchemaChanges Job - -The Oracle_SchemaChanges Job is designed to provide detailed information about changes in schema -across all database objects. - -## Analysis Tasks for the Oracle_SchemaChanges Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_SchemaChanges** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup29.webp) - -The default analysis tasks are: - -- Oracle Schema Change Details – Highlights activity involving schema changes in the audited Oracle - Instances. Creates the SA_Oracle_SchemaChange_Details table accessible under the job’s Results - node. -- Schema Change Summary – Summarizes schema changes per instance. Creates the - SA_Oracle_SchemaChange_Summary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_SchemaChanges Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Schema Change Activity | This report lists all schema change related Oracle events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by schema change activity - Table –  Provides details on instances by schema change activity - Table – Provides details on schema change details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-sensitivedataactivity.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-sensitivedataactivity.md deleted file mode 100644 index 54a3661cb4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-sensitivedataactivity.md +++ /dev/null @@ -1,28 +0,0 @@ -# Oracle_SensitiveDataActivity Job - -The Oracle_SensitiveDataActivity Job is designed to provide detailed information about DML (UPDATE, -INSERT, DELETE, TRUNCATE) against objects containing sensitive data. - -## Analysis Tasks for the Oracle_SensitiveDataActivity Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_SensitiveDataActivity** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup30.webp) - -The default analysis tasks are: - -- SDD Activity – Highlights activity on Oracle sensitive data. Creates the - SA_Oracle_SensitiveDataActivity_Details table accessible under the job’s Results node. -- SDD Activity Instance Summary – Summarizes SDD Activity by Instance. Creates the - SA_Oracle_SensitiveDataActivity_UserSummary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the Oracle_SensitiveDataActivity -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | --------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Activity | This report highlights events in databases containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance - Table – Provides details on user activity by instance - Table – Provides details on sensitive data activity details by database | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-suspiciousactivity.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-suspiciousactivity.md deleted file mode 100644 index efdc9727ce..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-suspiciousactivity.md +++ /dev/null @@ -1,30 +0,0 @@ -# Oracle_SuspiciousActivity Job - -The Oracle_SuspiciousActivity job is designed to provide insight into suspicious behavior based on -user activity that does not conform to normal database activity. - -## Analysis Tasks for the Oracle_SuspiciousActivity Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_SuspiciousActivity** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup31.webp) - -The default analysis tasks are: - -- Oracle Suspicious Activity Details – Analyzes the audited events and collects those that represent - suspicious activity by the database users. Creates the SA_Oracle_SuspiciousActivity_Details table - accessible under the job’s Results node. -- Suspicious Activity Instance Summary – Summarizes all suspicious activity found and groups it by - instance. Creates the SA_Oracle_SuspiciousActivity_Summary table accessible under the job’s - Results node. - -In addition to the tables and views created by the analysis task, the Oracle_SuspiciousActivity Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Suspicious Activity | This report highlights the number of suspicious events found per instance as well as provides the details about those events | None | This report is comprised of three elements: - Bar Chart – Displays suspicious activity by instance - Table –  Provides details on suspicious activity by instance - Table – Provides details on suspicious activity details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-unusualactivity.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-unusualactivity.md deleted file mode 100644 index 854341d96e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-unusualactivity.md +++ /dev/null @@ -1,30 +0,0 @@ -# Oracle_UnusualActivity Job - -The Oracle_UnusualActivity job has analysis tasks and reports that use data collected by the -0.Collection Job Group to analyze user activity based on audited actions and identify any outliers -based on a modified z-score. Modified z-scores of 3.5 or over are considered possible outliers. - -## Analysis Tasks for the Oracle_UnusualActivity Job - -Navigate to the **Oracle** > **2.Activity** > **Oracle_UnusualActivity** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup32.webp) - -The default analysis tasks are: - -- Unusual Hourly Activity Details – Finds user activity outliers based on median hourly activity of - all users in that instance. Creates the SA_Oracle_UnusualHourlyActivity_Details table accessible - under the job’s Results node. -- Hourly Unusual Activity Summary – Groups unusual activity outliers by instance. Creates the - SA_Oracle_UnusualHourlyActivity_Summary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_UnusualActivity Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | -------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Unusual Hourly Activity | This report highlights the number of unusual events found per instance, hourly as well as provides details on those events | None | This report is comprised of three elements: - Bar Chart – Displays unusual user activity - Table – Provides details on number of outliers per instance - Table – Provides details on unusual user activity details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_activity.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_activity.md new file mode 100644 index 0000000000..3a751385fc --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_activity.md @@ -0,0 +1,30 @@ +# Oracle_Activity Job + +The Oracle_Activity Job is designed to provide insight into user activity in target Oracle database +servers and instances based on Oracle Unified Audit settings. + +## Analysis Tasks for the Oracle_Activity Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_Activity** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup26.webp) + +The default analysis tasks are: + +- Oracle Activity Details – Creates the SA_Oracle_Activity_Details table accessible under the job’s + Results node +- Activity Database Summary – Summarizes all activity by database. Creates the + SA_Oracle_Activity_UserDatabaseSummary table accessible under the job’s Results node. +- Activity Instance Summary – Summarizes Oracle activity by Instance. Creates the + SA_Oracle_Activity_UserInstanceSummary table accessible under the job’s Results node. + +In addition to the tables and views created the analysis task, the Oracle_Activity Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ---------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| User Activity Summary | This report lists all Oracle events, and summarizes them by database and instance. | None | This report is comprised of three elements: - Bar Chart – Displays users with most events by instance - Table – Provides details on users with most events by instance - Table – Provides details on event details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_logons.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_logons.md new file mode 100644 index 0000000000..d785e93541 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_logons.md @@ -0,0 +1,28 @@ +# Oracle_Logons Job + +The Oracle_Logons Job is designed to provide insight into failed and successful Oracle database +login activity across all targeted Oracle database servers. + +## Analysis Tasks for the Oracle_Logons Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_Logons** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup27.webp) + +The default analysis tasks are: + +- Oracle Logons – Reports on all Oracle logon events. Creates the SA_Oracle_Logons_Details table + accessible under the job’s Results node. +- Logons Summary – Provides a summary of logons by Instance. Creates the SA_Oracle_Logons_Summary + table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the Oracle_Logons Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------- | ----------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Logon Summary | This report outlines successful and failed logins over the last 30 days | None | This report is comprised of three elements: - Bar Chart – Displays top instances by failed logons - Table – Provides details on logon summary - Table – Provides details on logon details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_permissionchanges.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_permissionchanges.md new file mode 100644 index 0000000000..4d1deb015f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_permissionchanges.md @@ -0,0 +1,30 @@ +# Oracle_PermissionChanges Job + +The Oracle_PermissionsChanges Job is designed to provide detailed information about changes in +permissions across all database objects. Audited activities include granting, altering, and revoking +permissions on database objects. + +## Analysis Tasks for the Oracle_PermissionsChanges Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_PermissionChanges** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup28.webp) + +The default analysis tasks are: + +- Oracle Permission Changes – Highlights activity involving permission changes on audited Oracle + Instances. Creates the SA_Oracle_PermissionChange_Details table accessible under the job’s Results + node. +- Oracle Permission Changes Instance Summary – Summarizes Permission Changes per Instance. Creates + the SA_Oracle_PermissionChange_Summary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_PermissionsChanges Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------- | ----------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Permission Change Activity Summary | This report lists all permission change related Oracle events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission change activity - Table –  Provides details on instances by permission change activity - Table – Provides details on permission change details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_schemachanges.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_schemachanges.md new file mode 100644 index 0000000000..825ddcf3b9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_schemachanges.md @@ -0,0 +1,29 @@ +# Oracle_SchemaChanges Job + +The Oracle_SchemaChanges Job is designed to provide detailed information about changes in schema +across all database objects. + +## Analysis Tasks for the Oracle_SchemaChanges Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_SchemaChanges** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup29.webp) + +The default analysis tasks are: + +- Oracle Schema Change Details – Highlights activity involving schema changes in the audited Oracle + Instances. Creates the SA_Oracle_SchemaChange_Details table accessible under the job’s Results + node. +- Schema Change Summary – Summarizes schema changes per instance. Creates the + SA_Oracle_SchemaChange_Summary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_SchemaChanges Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Schema Change Activity | This report lists all schema change related Oracle events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by schema change activity - Table –  Provides details on instances by schema change activity - Table – Provides details on schema change details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_sensitivedataactivity.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_sensitivedataactivity.md new file mode 100644 index 0000000000..ccdf23037d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_sensitivedataactivity.md @@ -0,0 +1,28 @@ +# Oracle_SensitiveDataActivity Job + +The Oracle_SensitiveDataActivity Job is designed to provide detailed information about DML (UPDATE, +INSERT, DELETE, TRUNCATE) against objects containing sensitive data. + +## Analysis Tasks for the Oracle_SensitiveDataActivity Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_SensitiveDataActivity** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup30.webp) + +The default analysis tasks are: + +- SDD Activity – Highlights activity on Oracle sensitive data. Creates the + SA_Oracle_SensitiveDataActivity_Details table accessible under the job’s Results node. +- SDD Activity Instance Summary – Summarizes SDD Activity by Instance. Creates the + SA_Oracle_SensitiveDataActivity_UserSummary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the Oracle_SensitiveDataActivity +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | --------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Activity | This report highlights events in databases containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance - Table – Provides details on user activity by instance - Table – Provides details on sensitive data activity details by database | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_suspiciousactivity.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_suspiciousactivity.md new file mode 100644 index 0000000000..a7872b8c65 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_suspiciousactivity.md @@ -0,0 +1,30 @@ +# Oracle_SuspiciousActivity Job + +The Oracle_SuspiciousActivity job is designed to provide insight into suspicious behavior based on +user activity that does not conform to normal database activity. + +## Analysis Tasks for the Oracle_SuspiciousActivity Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_SuspiciousActivity** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup31.webp) + +The default analysis tasks are: + +- Oracle Suspicious Activity Details – Analyzes the audited events and collects those that represent + suspicious activity by the database users. Creates the SA_Oracle_SuspiciousActivity_Details table + accessible under the job’s Results node. +- Suspicious Activity Instance Summary – Summarizes all suspicious activity found and groups it by + instance. Creates the SA_Oracle_SuspiciousActivity_Summary table accessible under the job’s + Results node. + +In addition to the tables and views created by the analysis task, the Oracle_SuspiciousActivity Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Suspicious Activity | This report highlights the number of suspicious events found per instance as well as provides the details about those events | None | This report is comprised of three elements: - Bar Chart – Displays suspicious activity by instance - Table –  Provides details on suspicious activity by instance - Table – Provides details on suspicious activity details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_unusualactivity.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_unusualactivity.md new file mode 100644 index 0000000000..0d9fd73262 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_unusualactivity.md @@ -0,0 +1,30 @@ +# Oracle_UnusualActivity Job + +The Oracle_UnusualActivity job has analysis tasks and reports that use data collected by the +0.Collection Job Group to analyze user activity based on audited actions and identify any outliers +based on a modified z-score. Modified z-scores of 3.5 or over are considered possible outliers. + +## Analysis Tasks for the Oracle_UnusualActivity Job + +Navigate to the **Oracle** > **2.Activity** > **Oracle_UnusualActivity** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup32.webp) + +The default analysis tasks are: + +- Unusual Hourly Activity Details – Finds user activity outliers based on median hourly activity of + all users in that instance. Creates the SA_Oracle_UnusualHourlyActivity_Details table accessible + under the job’s Results node. +- Hourly Unusual Activity Summary – Groups unusual activity outliers by instance. Creates the + SA_Oracle_UnusualHourlyActivity_Summary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_UnusualActivity Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | -------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Unusual Hourly Activity | This report highlights the number of unusual events found per instance, hourly as well as provides details on those events | None | This report is comprised of three elements: - Bar Chart – Displays unusual user activity - Table – Provides details on number of outliers per instance - Table – Provides details on unusual user activity details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/overview.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/overview.md index c6568d5f99..3fd727d12e 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/overview.md @@ -4,27 +4,27 @@ The 2.Activity Job Group is designed to provide insight into user login activity changes, unusual database activity, SQL activity against sensitive data, and SQL activity against selective or all database objects. -![Activity Job Group](/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup25.webp) +![Activity Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup25.webp) The jobs in the 2.Activity Job Group are: -- [Oracle_Activity Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-activity.md) – This job is designed to provide insight into user +- [Oracle_Activity Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_activity.md) – This job is designed to provide insight into user activity in target Oracle database server instances and databases in each instance based on the Oracle Unified Audit settings -- [Oracle_Logons Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-logons.md) – This job group is designed to provide insight into failed +- [Oracle_Logons Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_logons.md) – This job group is designed to provide insight into failed and successful Oracle database login activity across all the targeted Oracle database servers -- [Oracle_PermissionChanges Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-permissionchanges.md) – This job is designed to provide +- [Oracle_PermissionChanges Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_permissionchanges.md) – This job is designed to provide detailed information about the changes in permissions across all the database objects. Audited activities include granting, altering, and revoking permissions on database objects. -- [Oracle_SchemaChanges Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-schemachanges.md) – This job is designed to provide detailed +- [Oracle_SchemaChanges Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_schemachanges.md) – This job is designed to provide detailed information about the changes in permissions across all the database objects. Audited activities include granting, altering, and revoking permissions on database objects. -- [Oracle_SensitiveDataActivity Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-sensitivedataactivity.md) – This job is designed to +- [Oracle_SensitiveDataActivity Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_sensitivedataactivity.md) – This job is designed to provide detailed information about all the DML (UPDATE, INSERT, DELETE, TRUNCATE) against objects containing sensitive data -- [Oracle_SuspiciousActivity Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-suspiciousactivity.md) – This job is designed to provide +- [Oracle_SuspiciousActivity Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_suspiciousactivity.md) – This job is designed to provide insight into suspicious behavior based on user activity that does not conform to normal database activity -- [Oracle_UnusualActivity Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle-unusualactivity.md) – This job is designed to analyze user +- [Oracle_UnusualActivity Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/activity/oracle_unusualactivity.md) – This job is designed to analyze user activity based on the audited actions and identify any outliers based on a modified z-score. Modified z-scores of 3.5 or higher are considered to be possible outliers. diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0-oracle-servers.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0-oracle-servers.md deleted file mode 100644 index 992ee575fb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0-oracle-servers.md +++ /dev/null @@ -1,36 +0,0 @@ -# 0-Oracle_Servers Job - -The 0-Oracle_Servers job is designed to enumerate and store the list of Oracle Database Instances -running on the targeted servers. - -## Query for the Oracle_Servers Job - -The Server Discovery query uses the PowerShell Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup3.webp) - -- Oracle Servers – Returns a list of Oracle servers from the specified host list - -Regarding Oracle instance discovery, there may be errors running the query that are not reported. An -additional log to store the issues has been added for instance discoveries named -`Oracle_Server_log_[target_hostname]`. This file can be found in -`%sainstalldir%\Jobs\GROUP_ORACLE_0.Collection\GROUP_1.Discovery\JOB_Oracle_Servers\OUTPUT`. See the -[PowerShell Data Collector](/docs/accessanalyzer/12.0/data-collection/powershell/overview.md) topic for -additional information. - -## Analysis Task for the Oracle_Servers Job - -Navigate to the **Databases** > **0.Collection** > **Oracle** > **0-Oracle_Servers** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup4.webp) - -The default analysis task is: - -- Insert Instances in SA_SQL_Instances table – Creates the SA_SQL_Instances table accessible under - the job’s Results node diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0-oracle_servers.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0-oracle_servers.md new file mode 100644 index 0000000000..1caecae577 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0-oracle_servers.md @@ -0,0 +1,36 @@ +# 0-Oracle_Servers Job + +The 0-Oracle_Servers job is designed to enumerate and store the list of Oracle Database Instances +running on the targeted servers. + +## Query for the Oracle_Servers Job + +The Server Discovery query uses the PowerShell Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup3.webp) + +- Oracle Servers – Returns a list of Oracle servers from the specified host list + +Regarding Oracle instance discovery, there may be errors running the query that are not reported. An +additional log to store the issues has been added for instance discoveries named +`Oracle_Server_log_[target_hostname]`. This file can be found in +`%sainstalldir%\Jobs\GROUP_ORACLE_0.Collection\GROUP_1.Discovery\JOB_Oracle_Servers\OUTPUT`. See the +[PowerShell Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md) topic for +additional information. + +## Analysis Task for the Oracle_Servers Job + +Navigate to the **Databases** > **0.Collection** > **Oracle** > **0-Oracle_Servers** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup4.webp) + +The default analysis task is: + +- Insert Instances in SA_SQL_Instances table – Creates the SA_SQL_Instances table accessible under + the job’s Results node diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1-oracle-permissionsscan.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1-oracle-permissionsscan.md deleted file mode 100644 index 33fd81adbf..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1-oracle-permissionsscan.md +++ /dev/null @@ -1,62 +0,0 @@ -# 1-Oracle_PermissionsScan Job - -The 1-Oracle_PermissionsScan Job is designed to collect Oracle database level permissions from all -targeted Oracle database servers. - -## Query for the 1-Oracle_PermissionsScan Job - -The PermissionsScan query uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup6.webp) - -- PermissionsScan – Collects permissions from targeted instances - -### Configure the 1-Oracle_PermissionsScan Query - -The 1-Oracle_PermissionsScan Job is preconfigured to run using the default settings for the -Permissions Collection category in the SQL Data Collector. Follow the steps to customize -configurations: - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > -**1-Oracle_PermissionsScan** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the PermissionScan query and click on Query -Properties. The Query Properties window opens. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -![Filter Page](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp) - -**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default -query target is All Databases. The default query scope is Only select database objects. Click -Retrieve. The Available database objects section will be populated. Databases and instances can be -added in the following ways: - -- Select the desired database objects and click Add -- Use the Import CSV button to import a list from a CSV file, if desired -- Optionally, use the Add Custom Filter button to create and apply a custom filter - -**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 1-Oracle_PermissionsScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 1-Oracle_PermissionsScan Job - -Navigate to the **Databases** > **0.Collection** > **Oracle** > **1-Oracle_PermissionsScan** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup8.webp) - -The default analysis tasks are: - -- Oracle Setup – Sets up functions and tables for the Oracle Solution Set -- Oracle Permissions Import – Imports Oracle permissions into the AIC -- Oracle Local Groups Import – Creates the SA_AIC_LocalGroupsImport table accessible under the job’s - Results node diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1-oracle_permissionsscan.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1-oracle_permissionsscan.md new file mode 100644 index 0000000000..d3b3e29265 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1-oracle_permissionsscan.md @@ -0,0 +1,62 @@ +# 1-Oracle_PermissionsScan Job + +The 1-Oracle_PermissionsScan Job is designed to collect Oracle database level permissions from all +targeted Oracle database servers. + +## Query for the 1-Oracle_PermissionsScan Job + +The PermissionsScan query uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup6.webp) + +- PermissionsScan – Collects permissions from targeted instances + +### Configure the 1-Oracle_PermissionsScan Query + +The 1-Oracle_PermissionsScan Job is preconfigured to run using the default settings for the +Permissions Collection category in the SQL Data Collector. Follow the steps to customize +configurations: + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > +**1-Oracle_PermissionsScan** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the PermissionScan query and click on Query +Properties. The Query Properties window opens. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +![Filter Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp) + +**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default +query target is All Databases. The default query scope is Only select database objects. Click +Retrieve. The Available database objects section will be populated. Databases and instances can be +added in the following ways: + +- Select the desired database objects and click Add +- Use the Import CSV button to import a list from a CSV file, if desired +- Optionally, use the Add Custom Filter button to create and apply a custom filter + +**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 1-Oracle_PermissionsScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 1-Oracle_PermissionsScan Job + +Navigate to the **Databases** > **0.Collection** > **Oracle** > **1-Oracle_PermissionsScan** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup8.webp) + +The default analysis tasks are: + +- Oracle Setup – Sets up functions and tables for the Oracle Solution Set +- Oracle Permissions Import – Imports Oracle permissions into the AIC +- Oracle Local Groups Import – Creates the SA_AIC_LocalGroupsImport table accessible under the job’s + Results node diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2-oracle-sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2-oracle-sensitivedatascan.md deleted file mode 100644 index 7a4c50bb79..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2-oracle-sensitivedatascan.md +++ /dev/null @@ -1,75 +0,0 @@ -# 2-Oracle_SensitiveDataScan Job - -The 2-Oracle_SensitiveDataScan job discovers sensitive data in Oracle databases across all targeted -Oracle database servers based on pre-defined or user-defined search criteria. See the -[Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitive-data-discovery/overview.md) topic for additional -information. - -## Query for the 2-Oracle_SensitiveDataScan Job - -The SensitiveDataScan Query uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup9.webp) - -- SensitiveDataScan – Collects Sensitive Data from targeted instances - -### Configure the 2-Oracle_SensitiveDataScan Query - -The 2-Oracle_SensitiveDataScan job is preconfigured to run using the default settings for the -Sensitive Data Collection category in the SQL Data Collector. Follow the steps to customize -configurations: - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > -**2-Oracle_SensitiveDataScan** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the SensitiveDataScan query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab and click **Configure**. The SQL Data Collector wizard -opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/optionspage.webp) - -**Step 4 –** Navigate to the Options page. Enable or disable configuration options as needed. Click -**Next** to continue. - -![Criteria Page of the SQL Data Collector Wizard](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/criteriapage.webp) - -**Step 5 –** Navigate to the Criteria page. Select or deselect criteria used to define sensitive -data. Click **Next** to continue. - -![Filter Page](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp) - -**Step 6 –** To query for specific databases/instances, navigate to the Filter page. The default -query target is **All Databases**. The default query scope is **Only select database objects**. -Click **Retrieve**. The Available database objects section will be populated. Databases and -instances can be added in the following ways: - -- Select the desired database objects and click **Add** -- Use the **Import CSV** button to import a list from a CSV file, if desired -- Optionally, use the **Add Custom Filter** button to create and apply a custom filter - -**Step 7 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The 2-Oracle_SensitiveDataScan job is now ready to run with the customized settings. - -## Analysis Tasks for the 2-Oracle_SensitiveDataScan Job - -Navigate to the **Databases** > **0.Collection** > **Oracle** > **2-Oracle_SensitiveDataScan** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup13.webp) - -The default analysis tasks are: - -- Oracle SDD Permission View – Creates a view of all permissions on sensitive data -- Oracle Effective SDD Perms – Creates a view of effective permissions on Oracle SDD data -- Oracle SDD Import – Creates the SA_AIC_SddMatchesImport table accessible under the job’s Results - node diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2-oracle_sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2-oracle_sensitivedatascan.md new file mode 100644 index 0000000000..8ab5df1d73 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2-oracle_sensitivedatascan.md @@ -0,0 +1,75 @@ +# 2-Oracle_SensitiveDataScan Job + +The 2-Oracle_SensitiveDataScan job discovers sensitive data in Oracle databases across all targeted +Oracle database servers based on pre-defined or user-defined search criteria. See the +[Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitivedatadiscovery/overview.md) topic for additional +information. + +## Query for the 2-Oracle_SensitiveDataScan Job + +The SensitiveDataScan Query uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup9.webp) + +- SensitiveDataScan – Collects Sensitive Data from targeted instances + +### Configure the 2-Oracle_SensitiveDataScan Query + +The 2-Oracle_SensitiveDataScan job is preconfigured to run using the default settings for the +Sensitive Data Collection category in the SQL Data Collector. Follow the steps to customize +configurations: + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > +**2-Oracle_SensitiveDataScan** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the SensitiveDataScan query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab and click **Configure**. The SQL Data Collector wizard +opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/optionspage.webp) + +**Step 4 –** Navigate to the Options page. Enable or disable configuration options as needed. Click +**Next** to continue. + +![Criteria Page of the SQL Data Collector Wizard](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/criteriapage.webp) + +**Step 5 –** Navigate to the Criteria page. Select or deselect criteria used to define sensitive +data. Click **Next** to continue. + +![Filter Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp) + +**Step 6 –** To query for specific databases/instances, navigate to the Filter page. The default +query target is **All Databases**. The default query scope is **Only select database objects**. +Click **Retrieve**. The Available database objects section will be populated. Databases and +instances can be added in the following ways: + +- Select the desired database objects and click **Add** +- Use the **Import CSV** button to import a list from a CSV file, if desired +- Optionally, use the **Add Custom Filter** button to create and apply a custom filter + +**Step 7 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The 2-Oracle_SensitiveDataScan job is now ready to run with the customized settings. + +## Analysis Tasks for the 2-Oracle_SensitiveDataScan Job + +Navigate to the **Databases** > **0.Collection** > **Oracle** > **2-Oracle_SensitiveDataScan** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup13.webp) + +The default analysis tasks are: + +- Oracle SDD Permission View – Creates a view of all permissions on sensitive data +- Oracle Effective SDD Perms – Creates a view of effective permissions on Oracle SDD data +- Oracle SDD Import – Creates the SA_AIC_SddMatchesImport table accessible under the job’s Results + node diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3-oracle-activityscan.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3-oracle-activityscan.md deleted file mode 100644 index e055371bd7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3-oracle-activityscan.md +++ /dev/null @@ -1,73 +0,0 @@ -# 3-Oracle_ActivityScan Job - -The 3-Oracle_ActivityScan Job captures user activity from all the targeted Oracle database servers. - -Special Dependency - -- Oracle Server Audit Specifications to be configured on the target databases - - Audit destination must be a binary file - - See the Microsoft - [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) - article for additional information. - -## Query for the 3-Oracle_ActivityScan Job - -The ActivityScan Query uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup14.webp) - -- ActivityScan – Collects activity from targeted instances - -### Configure the 3-Oracle_ActivityScan Query - -The 3-Oracle_ActivityScan Job is preconfigured to run using the default settings for the Server -Audit Events Collection category in the SQL Data Collector. Follow the steps to customize -configurations: - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > -**3-Oracle_ActivityScan** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the ActivityScan query and click on Query -Properties. The Query Properties window opens. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/optionspage.webp) - -**Step 4 –** Navigate to the Options page. Enable or disable configuration options as needed. Click -Next to continue. - -![Filter Page](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp) - -**Step 5 –** To query for specific databases/instances, navigate to the Filter page. The default -query target is All Databases. The default query scope is Only select database objects. Click -Retrieve. The Available database objects section will be populated. Databases and instances can be -added in the following ways: - -- Select the desired database objects and click Add -- Use the Import CSV button to import a list from a CSV file, if desired -- Optionally, use the Add Custom Filter button to create and apply a custom filter - -**Step 6 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 3-Oracle_ActivityScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 3-Oracle_ActivityScan Job - -Navigate to the **Databases** > **0.Collection** > **Oracle** > **3-Oracle_ActivityScan** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup16.webp) - -The default analysis tasks are: - -- Oracle Activity Import – Creates the SA_AIC_ActivityEventsImport table accessible under the job’s - Results node -- Delete Activity Older than 30 Days – Drops Activity from the AIC tables older than 30 days diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3-oracle_activityscan.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3-oracle_activityscan.md new file mode 100644 index 0000000000..b007dbc99b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3-oracle_activityscan.md @@ -0,0 +1,73 @@ +# 3-Oracle_ActivityScan Job + +The 3-Oracle_ActivityScan Job captures user activity from all the targeted Oracle database servers. + +Special Dependency + +- Oracle Server Audit Specifications to be configured on the target databases + - Audit destination must be a binary file + - See the Microsoft + [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) + article for additional information. + +## Query for the 3-Oracle_ActivityScan Job + +The ActivityScan Query uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup14.webp) + +- ActivityScan – Collects activity from targeted instances + +### Configure the 3-Oracle_ActivityScan Query + +The 3-Oracle_ActivityScan Job is preconfigured to run using the default settings for the Server +Audit Events Collection category in the SQL Data Collector. Follow the steps to customize +configurations: + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > +**3-Oracle_ActivityScan** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the ActivityScan query and click on Query +Properties. The Query Properties window opens. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/optionspage.webp) + +**Step 4 –** Navigate to the Options page. Enable or disable configuration options as needed. Click +Next to continue. + +![Filter Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp) + +**Step 5 –** To query for specific databases/instances, navigate to the Filter page. The default +query target is All Databases. The default query scope is Only select database objects. Click +Retrieve. The Available database objects section will be populated. Databases and instances can be +added in the following ways: + +- Select the desired database objects and click Add +- Use the Import CSV button to import a list from a CSV file, if desired +- Optionally, use the Add Custom Filter button to create and apply a custom filter + +**Step 6 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 3-Oracle_ActivityScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 3-Oracle_ActivityScan Job + +Navigate to the **Databases** > **0.Collection** > **Oracle** > **3-Oracle_ActivityScan** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup16.webp) + +The default analysis tasks are: + +- Oracle Activity Import – Creates the SA_AIC_ActivityEventsImport table accessible under the job’s + Results node +- Delete Activity Older than 30 Days – Drops Activity from the AIC tables older than 30 days diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4-oracle-defaultpasswordusers.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4-oracle-defaultpasswordusers.md deleted file mode 100644 index 04cc4eb9f3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4-oracle-defaultpasswordusers.md +++ /dev/null @@ -1,46 +0,0 @@ -# 4-Oracle_DefaultPasswordUsers Job - -The 4-Oracle_DefaultPasswordUsers Job provides a list of users in the database that are configured -to use default passwords. - -## Query for the 4-Oracle_DefaultPasswordUsers Job - -The 4-Oracle_DefaultPasswordUsers Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup17.webp) - -- Users with Default Passwords – Collects usernames of users whose passwords have not been updated - since the database creation - -### Configure the 4-Oracle_DefaultPasswordUsers Query - -The 4-Oracle_DefaultPasswordUsers Job is preconfigured to run using the default settings for the -Permissions Collection category in the SQL Data Collector. Follow the steps to customize -configurations: - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > -**4-Oracle_DefaultPasswordUsers** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the Users with Default Passwords query and click on -Query Properties. The Query Properties window opens. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -![Filters Page](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp) - -**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default -query target is All Databases. The default query scope is Only select database objects. Click -Retrieve. The Available database objects section will be populated. Databases and instances can be -added in the following ways: - -- Select the desired database objects and click Add -- Use the Import CSV button to import a list from a CSV file, if desired -- Optionally, use the Add Custom Filter button to create and apply a custom filter - -**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 4-Oracle_DefaultPasswordUsers Job is now ready to run with the customized settings. diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4-oracle_defaultpasswordusers.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4-oracle_defaultpasswordusers.md new file mode 100644 index 0000000000..a77092fa6f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4-oracle_defaultpasswordusers.md @@ -0,0 +1,46 @@ +# 4-Oracle_DefaultPasswordUsers Job + +The 4-Oracle_DefaultPasswordUsers Job provides a list of users in the database that are configured +to use default passwords. + +## Query for the 4-Oracle_DefaultPasswordUsers Job + +The 4-Oracle_DefaultPasswordUsers Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup17.webp) + +- Users with Default Passwords – Collects usernames of users whose passwords have not been updated + since the database creation + +### Configure the 4-Oracle_DefaultPasswordUsers Query + +The 4-Oracle_DefaultPasswordUsers Job is preconfigured to run using the default settings for the +Permissions Collection category in the SQL Data Collector. Follow the steps to customize +configurations: + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > +**4-Oracle_DefaultPasswordUsers** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the Users with Default Passwords query and click on +Query Properties. The Query Properties window opens. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +![Filters Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp) + +**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default +query target is All Databases. The default query scope is Only select database objects. Click +Retrieve. The Available database objects section will be populated. Databases and instances can be +added in the following ways: + +- Select the desired database objects and click Add +- Use the Import CSV button to import a list from a CSV file, if desired +- Optionally, use the Add Custom Filter button to create and apply a custom filter + +**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 4-Oracle_DefaultPasswordUsers Job is now ready to run with the customized settings. diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5-oracle-configuration.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5-oracle-configuration.md deleted file mode 100644 index 718842afbb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5-oracle-configuration.md +++ /dev/null @@ -1,47 +0,0 @@ -# 5-Oracle_Configuration Job - -The 5-Oracle_Configuration Job is designed to return additional configuration settings from Oracle -servers. - -## Queries for the 5-Oracle_Configuration Job - -The queries for the 5-Oracle_Configuration Job query uses the SQL Data Collector. - -![5oracleconfigurationqueries](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp) - -The queries are: - -- Database Sizing – Returns database size data -- Database Links – Returns details about Oracle database links - -### Configure the 5-Oracle_Configuration Queries - -The 5-Oracle_Configuration Job is preconfigured to run using the default settings for the Custom -Oracle Query category in the SQL Data Collector. Follow the steps to customize configurations: - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > -**5-Oracle_Configuration Job** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select one of the queries and click on Query Properties. -The Query Properties window opens. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. - -**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been -pre-configured for this job. - -![Filters page](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp) - -**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default -query target is All Databases. The default query scope is Only select database objects. Click -Retrieve. The Available database objects section will be populated. Databases and instances can be -added in the following ways: - -- Select the desired database objects and click Add -- Use the Import CSV button to import a list from a CSV file, if desired -- Optionally, use the Add Custom Filter button to create and apply a custom filter - -**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 5-Oracle_Configuration Job is now ready to run with the customized settings. diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5-oracle_configuration.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5-oracle_configuration.md new file mode 100644 index 0000000000..b7785f2479 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5-oracle_configuration.md @@ -0,0 +1,47 @@ +# 5-Oracle_Configuration Job + +The 5-Oracle_Configuration Job is designed to return additional configuration settings from Oracle +servers. + +## Queries for the 5-Oracle_Configuration Job + +The queries for the 5-Oracle_Configuration Job query uses the SQL Data Collector. + +![5oracleconfigurationqueries](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp) + +The queries are: + +- Database Sizing – Returns database size data +- Database Links – Returns details about Oracle database links + +### Configure the 5-Oracle_Configuration Queries + +The 5-Oracle_Configuration Job is preconfigured to run using the default settings for the Custom +Oracle Query category in the SQL Data Collector. Follow the steps to customize configurations: + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Oracle** > +**5-Oracle_Configuration Job** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select one of the queries and click on Query Properties. +The Query Properties window opens. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector wizard opens. + +**CAUTION:** Do not make changes to wizard pages not listed in these steps. They have been +pre-configured for this job. + +![Filters page](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp) + +**Step 4 –** To query for specific databases/instances, navigate to the Filter page. The default +query target is All Databases. The default query scope is Only select database objects. Click +Retrieve. The Available database objects section will be populated. Databases and instances can be +added in the following ways: + +- Select the desired database objects and click Add +- Use the Import CSV button to import a list from a CSV file, if desired +- Optionally, use the Add Custom Filter button to create and apply a custom filter + +**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 5-Oracle_Configuration Job is now ready to run with the customized settings. diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/overview.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/overview.md index 8491e6cf66..1705455e0e 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/overview.md @@ -4,20 +4,20 @@ The Oracle Job Group is designed to collect a high level summary of information Oracle Database Servers. This information is used by other jobs in the Oracle Job Group for further analysis, and for producing reports. -![Oracle 0Collection Job Group](/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/0collection.webp) +![Oracle 0Collection Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0collection.webp) The job groups in the 0.Collection Job Group are: -- [0-Oracle_Servers Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0-oracle-servers.md) – This job is designed to enumerate and store the list +- [0-Oracle_Servers Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0-oracle_servers.md) – This job is designed to enumerate and store the list of Oracle Database Instances running on the targeted servers -- [1-Oracle_PermissionsScan Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1-oracle-permissionsscan.md) – This job is designed to collect +- [1-Oracle_PermissionsScan Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1-oracle_permissionsscan.md) – This job is designed to collect Oracle database level permissions from all the targeted Oracle database servers -- [2-Oracle_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2-oracle-sensitivedatascan.md) – This job is designed to discover +- [2-Oracle_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2-oracle_sensitivedatascan.md) – This job is designed to discover sensitive data in the Oracle database across all the targeted Oracle database servers based on pre-defined or user-defined search criteria -- [3-Oracle_ActivityScan Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3-oracle-activityscan.md) – This job is designed to capture user +- [3-Oracle_ActivityScan Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3-oracle_activityscan.md) – This job is designed to capture user activity from all the targeted Oracle database servers -- [4-Oracle_DefaultPasswordUsers Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4-oracle-defaultpasswordusers.md) – This job is designed to +- [4-Oracle_DefaultPasswordUsers Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4-oracle_defaultpasswordusers.md) – This job is designed to provide a list of users in the database that are configured to use default passwords -- [5-Oracle_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5-oracle-configuration.md) – This job is designed to return +- [5-Oracle_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5-oracle_configuration.md) – This job is designed to return additional configuration settings from Oracle servers. diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-databaselinks.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-databaselinks.md deleted file mode 100644 index 573aef8393..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-databaselinks.md +++ /dev/null @@ -1,26 +0,0 @@ -# Oracle_DatabaseLinks Job - -The Oracle_DatabaseLinks Job contains a report that provides information on Database Links where the -listed Oracle Server is able to execute remote commands. - -## Analysis Tasks for the Oracle_DatabaseLinks Job - -Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DatabaseLinks -Job >Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisdblinks.webp) - -The default analysis tasks are: - -- Database Link Details – Provides details about Oracle Database links -- Oracle Database Link Summary – Summarizes Oracle Database links by instance - -In addition to the tables created by the analysis tasks, the **Oracle_DatabaseLinks Job** produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | -------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Links | This report highlights Database Links where the listed Oracle Server is able to execute remote commands. | None | This report is comprised of three elements: - Bar Chart – Provides information on top five database links by instance - Bar Chart – Provides information on database links by instance (GB) - Table – Provides details on database links | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-databasesizing.md deleted file mode 100644 index e30433f473..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-databasesizing.md +++ /dev/null @@ -1,26 +0,0 @@ -# Oracle_DatabaseSizing Job - -The Oracle_DatabaseSizing Job provides details on tablespace file sizes and overall tablespace -sizes. - -## Analysis Tasks for the Oracle_DatabaseSizing Job - -Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DatabaseSizing -Job >Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisdbsizing.webp) - -The default analysis tasks are: - -- Database Sizing Details – Provides details on database files and sizes -- Database Sizing Summary – Summarizes file size by instance - -In addition to the tables created by the analysis tasks, the **Oracle_DatabaseSizing Job** produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | -------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report highlights the size of tablespace files in Oracle. | None | This report is comprised of three elements: - Bar Chart – Provides information on top tablespaces by size - Bar Chart – Provides information on size by host (GB) - Table – Provides details on database sizes | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-datadictionaryprotection.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-datadictionaryprotection.md deleted file mode 100644 index df2f8397a9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-datadictionaryprotection.md +++ /dev/null @@ -1,32 +0,0 @@ -# Oracle_DataDictionaryProtection Job - -The Oracle_DataDictionaryProtection Job is designed to identify if the Oracle data dictionary views -are accessible by all schemas. Oracle best practice recommendation is to restrict access to data -dictionary views by default and grant explicit system privileges to access the dictionary views when -needed. - -## Analysis Tasks for the Oracle_DataDictionaryProtection Job - -Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DataDictionaryProtection > -Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisddprotection.webp) - -The default analysis tasks are: - -- Find Instances with Modifiable Data Dictionary – Finds Oracle database instances where data - dictionary can be modified by users with system privilege access. Creates the - SA_Oracle_DictionaryAccessible_Details table accessible under the jobs Result’s node. -- Data Dictionary Accessibility Summary – Highlights the number of database instances with the data - dictionary access enabled and disabled. Creates the SA_Oracle_DictionaryAccessible_Summary table - accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the -**Oracle_DataDictionaryProtection Job** produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | ------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Data Dictionary Accessibility | The report highlights the number of instances with either accessible or inaccessible data dictionaries | None | This report is comprised of two elements: - Pie Chart – Displays data dictionary accessibility - Table – Provides information on dictionary accessibility details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-instancenameissues.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-instancenameissues.md deleted file mode 100644 index a94aee7d97..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-instancenameissues.md +++ /dev/null @@ -1,30 +0,0 @@ -# Oracle_InstanceNameIssues Job - -The Oracle_InstanceNameIssues Job discovers if names used for Oracle database instances conform to -Oracle recommended best practices. The job also checks to see if Oracle SIDs conform to DISA STIG -V-61413 – Oracle instance name or SID should not contain Oracle version numbers. - -## Analysis Tasks for the Oracle_InstanceNameIssues Job - -Navigate to the **Jobs > Databases > Oracle > 4.Configuration > Oracle_InstanceNameIssues > -Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisinstancenameissues.webp) - -The default analysis tasks are: - -- Find Weak Instance Names – Checks SID names for default names and version numbers. Creates the - SA_Oracle_WeakInstanceNames_Details table accessible under the job’s Results node. -- Summarize Number of Weak Instance Names – Counts the number of weak instance names in all - instances. Creates the SA_Oracle_WeakInstanceNames_Summary table accessible under the job’s - Results node. - -In addition to the tables and views created by the analysis task, the **Oracle_InstanceNameIssues -Job** produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ---------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Instance Name Issues | This report highlights default instance names or those containing version numbers. | None | This report is comprised of two elements: - Pie Chart – Displays percentage of instance names with issues - Table – Provides details of instance issues | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-remoteosauthentication.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-remoteosauthentication.md deleted file mode 100644 index 8343ef9f18..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-remoteosauthentication.md +++ /dev/null @@ -1,30 +0,0 @@ -# Oracle_RemoteOSAuthentication Job - -The Oracle_RemoteOSAuthentication Job is designed to discover if remote OS authentication is enabled -for the targeted Oracle database servers. - -## Analysis Tasks for the Oracle_RemoteOSAuthentication Job - -Navigate to the **Jobs > Databases > Oracle > 4.Configuration > Oracle_RemoteOSAuthentication > -Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisremoteosauth.webp) - -The default analysis tasks are: - -- Find Instances With Remote OS Authentication Enabled – Finds database instances with remote OS - authentication setting set to “TRUE”. Creates the SA_Oracle_RemoteAuthenticationEnabled_Details - table accessible under the job’s Results node. -- Remote OS Authentication Summary – Counts the number of database instances where the - ‘remote_os_authent’ parameter is set to “TRUE” and also those that are set to “FALSE”. Creates the - SA_Oracle_RemoteOSAuthentication_Summary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_RemoteOSAuthentication -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------- | ------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Oracle Remote OS Authentication | This report shows the number of instances that have remote_os_auth parameter set to “TRUE” | None | This report is comprised of two elements: - Pie Chart – Displays remote OS authentication - Table – Provides information on remote OS authentication details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_databaselinks.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_databaselinks.md new file mode 100644 index 0000000000..beba2a5369 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_databaselinks.md @@ -0,0 +1,26 @@ +# Oracle_DatabaseLinks Job + +The Oracle_DatabaseLinks Job contains a report that provides information on Database Links where the +listed Oracle Server is able to execute remote commands. + +## Analysis Tasks for the Oracle_DatabaseLinks Job + +Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DatabaseLinks +Job >Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisdblinks.webp) + +The default analysis tasks are: + +- Database Link Details – Provides details about Oracle Database links +- Oracle Database Link Summary – Summarizes Oracle Database links by instance + +In addition to the tables created by the analysis tasks, the **Oracle_DatabaseLinks Job** produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | -------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Links | This report highlights Database Links where the listed Oracle Server is able to execute remote commands. | None | This report is comprised of three elements: - Bar Chart – Provides information on top five database links by instance - Bar Chart – Provides information on database links by instance (GB) - Table – Provides details on database links | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_databasesizing.md new file mode 100644 index 0000000000..0d6dcd91c8 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_databasesizing.md @@ -0,0 +1,26 @@ +# Oracle_DatabaseSizing Job + +The Oracle_DatabaseSizing Job provides details on tablespace file sizes and overall tablespace +sizes. + +## Analysis Tasks for the Oracle_DatabaseSizing Job + +Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DatabaseSizing +Job >Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisdbsizing.webp) + +The default analysis tasks are: + +- Database Sizing Details – Provides details on database files and sizes +- Database Sizing Summary – Summarizes file size by instance + +In addition to the tables created by the analysis tasks, the **Oracle_DatabaseSizing Job** produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | -------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report highlights the size of tablespace files in Oracle. | None | This report is comprised of three elements: - Bar Chart – Provides information on top tablespaces by size - Bar Chart – Provides information on size by host (GB) - Table – Provides details on database sizes | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_datadictionaryprotection.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_datadictionaryprotection.md new file mode 100644 index 0000000000..d1f1b909a3 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_datadictionaryprotection.md @@ -0,0 +1,32 @@ +# Oracle_DataDictionaryProtection Job + +The Oracle_DataDictionaryProtection Job is designed to identify if the Oracle data dictionary views +are accessible by all schemas. Oracle best practice recommendation is to restrict access to data +dictionary views by default and grant explicit system privileges to access the dictionary views when +needed. + +## Analysis Tasks for the Oracle_DataDictionaryProtection Job + +Navigate to the **Jobs >  Databases > Oracle > 4.Configuration > Oracle_DataDictionaryProtection > +Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisddprotection.webp) + +The default analysis tasks are: + +- Find Instances with Modifiable Data Dictionary – Finds Oracle database instances where data + dictionary can be modified by users with system privilege access. Creates the + SA_Oracle_DictionaryAccessible_Details table accessible under the jobs Result’s node. +- Data Dictionary Accessibility Summary – Highlights the number of database instances with the data + dictionary access enabled and disabled. Creates the SA_Oracle_DictionaryAccessible_Summary table + accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the +**Oracle_DataDictionaryProtection Job** produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | ------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Data Dictionary Accessibility | The report highlights the number of instances with either accessible or inaccessible data dictionaries | None | This report is comprised of two elements: - Pie Chart – Displays data dictionary accessibility - Table – Provides information on dictionary accessibility details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_instancenameissues.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_instancenameissues.md new file mode 100644 index 0000000000..54cf47cc51 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_instancenameissues.md @@ -0,0 +1,30 @@ +# Oracle_InstanceNameIssues Job + +The Oracle_InstanceNameIssues Job discovers if names used for Oracle database instances conform to +Oracle recommended best practices. The job also checks to see if Oracle SIDs conform to DISA STIG +V-61413 – Oracle instance name or SID should not contain Oracle version numbers. + +## Analysis Tasks for the Oracle_InstanceNameIssues Job + +Navigate to the **Jobs > Databases > Oracle > 4.Configuration > Oracle_InstanceNameIssues > +Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisinstancenameissues.webp) + +The default analysis tasks are: + +- Find Weak Instance Names – Checks SID names for default names and version numbers. Creates the + SA_Oracle_WeakInstanceNames_Details table accessible under the job’s Results node. +- Summarize Number of Weak Instance Names – Counts the number of weak instance names in all + instances. Creates the SA_Oracle_WeakInstanceNames_Summary table accessible under the job’s + Results node. + +In addition to the tables and views created by the analysis task, the **Oracle_InstanceNameIssues +Job** produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ---------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Instance Name Issues | This report highlights default instance names or those containing version numbers. | None | This report is comprised of two elements: - Pie Chart – Displays percentage of instance names with issues - Table – Provides details of instance issues | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_remoteosauthentication.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_remoteosauthentication.md new file mode 100644 index 0000000000..81bd4f7a31 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_remoteosauthentication.md @@ -0,0 +1,30 @@ +# Oracle_RemoteOSAuthentication Job + +The Oracle_RemoteOSAuthentication Job is designed to discover if remote OS authentication is enabled +for the targeted Oracle database servers. + +## Analysis Tasks for the Oracle_RemoteOSAuthentication Job + +Navigate to the **Jobs > Databases > Oracle > 4.Configuration > Oracle_RemoteOSAuthentication > +Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisremoteosauth.webp) + +The default analysis tasks are: + +- Find Instances With Remote OS Authentication Enabled – Finds database instances with remote OS + authentication setting set to “TRUE”. Creates the SA_Oracle_RemoteAuthenticationEnabled_Details + table accessible under the job’s Results node. +- Remote OS Authentication Summary – Counts the number of database instances where the + ‘remote_os_authent’ parameter is set to “TRUE” and also those that are set to “FALSE”. Creates the + SA_Oracle_RemoteOSAuthentication_Summary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_RemoteOSAuthentication +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------- | ------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Oracle Remote OS Authentication | This report shows the number of instances that have remote_os_auth parameter set to “TRUE” | None | This report is comprised of two elements: - Pie Chart – Displays remote OS authentication - Table – Provides information on remote OS authentication details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/overview.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/overview.md index fa84076cfd..f01c1fdeea 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/overview.md @@ -3,21 +3,21 @@ The SQL > 4.Configuration Job Group Is designed to provide insight into potential vulnerabilities related to Oracle Database Instance configuration settings. -![Configuration Job Group - Oracle](/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/configoverview.webp) +![Configuration Job Group - Oracle](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/configoverview.webp) The jobs in the 4.Configuration Job Group are: -- [Oracle_DatabaseLinks Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-databaselinks.md) – Contains a report that provides information +- [Oracle_DatabaseLinks Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_databaselinks.md) – Contains a report that provides information on Database Links where the listed Oracle Server is able to execute remote commands -- [Oracle_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-databasesizing.md) – Provides details on tablespace file sizes +- [Oracle_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_databasesizing.md) – Provides details on tablespace file sizes and overall tablespace sizes -- [Oracle_DataDictionaryProtection Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-datadictionaryprotection.md) – This job is designed +- [Oracle_DataDictionaryProtection Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_datadictionaryprotection.md) – This job is designed to identify if the Oracle data dictionary views are accessible by all the schemas or not. Oracle best practice recommendations are to restrict access to data dictionary views by default and grant explicit system privilege to access the dictionary views when needed. -- [Oracle_InstanceNameIssues Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-instancenameissues.md) – This job is designed to find out +- [Oracle_InstanceNameIssues Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_instancenameissues.md) – This job is designed to find out if the names used for the Oracle database instances conform to Oracle recommended best practices. The job also checks to see if the Oracle SID conforms to DISA STIG V-61413 – Oracle instance name or SID should not contain Oracle version numbers. -- [Oracle_RemoteOSAuthentication Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle-remoteosauthentication.md) – This job is designed to +- [Oracle_RemoteOSAuthentication Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/oracle_remoteosauthentication.md) – This job is designed to find out if remote OS authentication is enabled for the targeted Oracle database servers diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/oracle-securityassessment.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/oracle-securityassessment.md deleted file mode 100644 index b6a8584ec6..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/oracle-securityassessment.md +++ /dev/null @@ -1,26 +0,0 @@ -# Oracle_SecurityAssessment Job - -The Oracle_SecurityAssessment Job is designed to summarize and categorize the security findings from -the Oracle Solution into HIGH, MEDIUM, LOW, and NO FINDING categories base on severity. - -![Oracle Security Assessment Job](/img/product_docs/accessanalyzer/solutions/databases/oracle/jobgroup46.webp) - -## Analysis Tasks for the Oracle_SecurityAssessment Job - -Navigate to the **Databases** > **Oracle** > **Oracle_SecurityAssessment** > **Configure** node and -select Analysis to view the analysis tasks. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/jobgroup47.webp) - -The default analysis task is: - -- Summarize Audit Findings – Aggregates all security issues in the Oracle environment. Creates the - #scopeOfAudit table used to create the Oracle Security Assessment report under the Configure > - Reports node - -In addition to the tables and views created by the analysis task, the Oracle_SecurityAssessment Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Oracle Security Assessment | This report summarizes security related results from the Oracle solution set. | Security Assessment | This report is comprised of four elements: - Table – Provides information on the scope of the audit - Pie Chart – Displays remote OS authentication - Table – Displays findings by category - Table – Provides details of the security assessment | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/oracle_securityassessment.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/oracle_securityassessment.md new file mode 100644 index 0000000000..0dfb5c854e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/oracle_securityassessment.md @@ -0,0 +1,26 @@ +# Oracle_SecurityAssessment Job + +The Oracle_SecurityAssessment Job is designed to summarize and categorize the security findings from +the Oracle Solution into HIGH, MEDIUM, LOW, and NO FINDING categories base on severity. + +![Oracle Security Assessment Job](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/jobgroup46.webp) + +## Analysis Tasks for the Oracle_SecurityAssessment Job + +Navigate to the **Databases** > **Oracle** > **Oracle_SecurityAssessment** > **Configure** node and +select Analysis to view the analysis tasks. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/jobgroup47.webp) + +The default analysis task is: + +- Summarize Audit Findings – Aggregates all security issues in the Oracle environment. Creates the + #scopeOfAudit table used to create the Oracle Security Assessment report under the Configure > + Reports node + +In addition to the tables and views created by the analysis task, the Oracle_SecurityAssessment Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Oracle Security Assessment | This report summarizes security related results from the Oracle solution set. | Security Assessment | This report is comprised of four elements: - Table – Provides information on the scope of the audit - Pie Chart – Displays remote OS authentication - Table – Displays findings by category - Table – Provides details of the security assessment | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/overview.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/overview.md index 0bf7ca4575..d4cb3b6d13 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/overview.md @@ -35,7 +35,7 @@ Supported Platforms Requirements, Permissions, and Ports See the -[Target Oracle Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-oracle.md) +[Target Oracle Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databaseoracle.md) topic for additional information. Sensitive Data Discovery Considerations @@ -71,7 +71,7 @@ visibility into various aspects of an Oracle Database Server, including informat Roles, Sensitive Data Discovery, Object Permissions, Configuration, User Activity, and overall Security Assessment. -![Oracle Job Group](/img/product_docs/accessanalyzer/solutions/databases/oracle/oraclejobgroup.webp) +![Oracle Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/oraclejobgroup.webp) The job groups/jobs in the Oracle Solution are: @@ -92,6 +92,6 @@ The job groups/jobs in the Oracle Solution are: - [5.Sensitive Data Job Group](/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/overview.md) – This job is designed to provide insight into where sensitive data exists, and who has access to it across all the targeted Oracle database servers -- [Oracle_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/oracle-securityassessment.md) – This job is designed to summarize +- [Oracle_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/oracle_securityassessment.md) – This job is designed to summarize and categorize the security findings into HIGH, MEDIUM, LOW, and NO FINDING categories based on their severity diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-domainuserpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-domainuserpermissions.md deleted file mode 100644 index 17d12da664..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-domainuserpermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# Oracle_DomainUserPermissions Job - -The Oracle_DomainUserPermissions Job provides insight into Microsoft Active Directory domain user -accesses to Oracle database objects both at the instance and object level. - -## Analysis Tasks for the Oracle_DomainUserPermissions Job - -Navigate to the **Oracle** > **3.Permissions** > **Oracle_DomainUserPermissions** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup34.webp) - -The default analysis tasks are: - -- Calculate domain user permissions details – Creates the SA_ORACLE_DomainUserPermissions_Details - table accessible under the job’s Results node -- Summarize domain user permissions – Creates the SA_ORACLE_DomainUserPermissions_Summary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the Oracle_DomainUserPermissions -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | --------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain User Access | This report looks at permissions granted to domain users across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance count - Table – Provides details on access sprawl - Table – Provides information on permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-objectpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-objectpermissions.md deleted file mode 100644 index 4907adf9d1..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-objectpermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# Oracle_ObjectPermissions Job - -The Oracle_ObjectPermissions Job provides insight into user and role permissions to database objects -in targeted Oracle database servers. - -## Analysis Tasks for the Oracle_ObjectPermissions Job - -Navigate to the **Oracle** > **3.Permissions** > **Oracle_ObjectPermissions** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup35.webp) - -The default analysis tasks are: - -- Oracle Object Permissions – Highlights permissions on Oracle Objects. Creates the - SA_Oracle_ObjectPermission_Details table accessible under the job’s Results node. -- Object Permissions Instance Summary – Summarizes Object Permissions by Instance. Creates the - SA_Oracle_ObjectPermission_InstanceSummary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_ObjectPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ----------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Oracle Object Permissions | This report highlights Object permissions and summarizes them by instance and domain user | None | This report is comprised of three elements: - Bar Chart – Displays top instances by object permissions - Table –  Provides details on instances by object permission count - Table – Provides details on object permissions | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-publicpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-publicpermissions.md deleted file mode 100644 index ae67664787..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-publicpermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# Oracle_PublicPermissions Job - -The Oracle_PublicPermissions Job provides a list of permissions assigned to Public profile in -targeted Oracle database servers. - -## Analysis Tasks for the Oracle_PublicPermissions Job - -Navigate to the **Oracle** > **3.Permissions** > **Oracle_PublicPermissions** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup36.webp) - -The default analysis tasks are: - -- Oracle Public Permissions – Analyzes permissions for the Public Oracle account. Creates the - SA_Oracle_PublicPermission_Details table accessible under the job’s Results node. -- Public Permissions Instance Summary – Summarizes public permissions by Instance. Creates the - SA_Oracle_PublicPermission_InstanceSummary accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_PublicPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Public Permissions | This report highlights public permissions and summarizes them by instance | None | This report is comprised of three elements: - Bar Chart – Displays top instances by public permission - Table – Provides details on instances by public permission count - Table – Provides details on public permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-serverpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-serverpermissions.md deleted file mode 100644 index 8bd4b05935..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-serverpermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# Oracle_ServerPermissions Job - -The Oracle_ServerPermissions Job analyzes permissions granted at the database level and reports on -effective database level permissions across all audited Oracle database servers. - -## Analysis Tasks for the Oracle_ServerPermissions Job - -Navigate to the **Oracle** > **3.Permissions** > **Oracle_ServerPermissions** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup37.webp) - -The default analysis tasks are: - -- Determine Server Permissions – Highlights Oracle permissions on the Server. Creates the - SA_Oracle_ServerPermission_Details table accessible under the job’s Results node. -- Server Permissions Instance Summary – Summarizes server permissions by Instance. Creates the - SA_Oracle_ServerPermission_InstanceSummary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_ServerPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Server Permissions | This report highlights server permissions and summarizes them by instance | None | This report is comprised of three elements: - Bar Chart – Displays top instances by server permissions - Table – Provides details on instances by server permission count - Table – Provides details on server permissions | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-sysschemapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-sysschemapermissions.md deleted file mode 100644 index 1f91ec7af4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-sysschemapermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# Oracle_SysSchemaPermissions Job - -The Oracle_SysSchemaPermissions Job provides insight into users that have access to objects in the -SYS schema, and the type permissions to those objects across all audited Oracle database servers. - -## Analysis Tasks for the Oracle_SysSchemaPermissions Job - -Navigate to the **Oracle** > **3.Permissions** > **Oracle_SysSchemaPermissions** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup38.webp) - -The default analysis tasks are: - -- Oracle Sys Schema Permissions – Highlights all permissions on tables in the Oracle schema. Creates - the SA_Oracle_SysSchema table accessible under the job’s Results table. -- Oracle Sys Schema Summary – Summarizes sys schema permissions per instance. Creates the - SA_Oracle_SysSchema_InstanceSummary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the Oracle_SysSchemaPermissions -Job produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ---------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SYS Schema Permissions | This report highlights SYS schema permissions across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays sys schema permission by instance - Table – Provides details on sys schema permissions by instance - Table – Provides details on sys schema permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_domainuserpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_domainuserpermissions.md new file mode 100644 index 0000000000..6a23b201ef --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_domainuserpermissions.md @@ -0,0 +1,28 @@ +# Oracle_DomainUserPermissions Job + +The Oracle_DomainUserPermissions Job provides insight into Microsoft Active Directory domain user +accesses to Oracle database objects both at the instance and object level. + +## Analysis Tasks for the Oracle_DomainUserPermissions Job + +Navigate to the **Oracle** > **3.Permissions** > **Oracle_DomainUserPermissions** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup34.webp) + +The default analysis tasks are: + +- Calculate domain user permissions details – Creates the SA_ORACLE_DomainUserPermissions_Details + table accessible under the job’s Results node +- Summarize domain user permissions – Creates the SA_ORACLE_DomainUserPermissions_Summary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the Oracle_DomainUserPermissions +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | --------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain User Access | This report looks at permissions granted to domain users across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance count - Table – Provides details on access sprawl - Table – Provides information on permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_objectpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_objectpermissions.md new file mode 100644 index 0000000000..349e28b724 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_objectpermissions.md @@ -0,0 +1,28 @@ +# Oracle_ObjectPermissions Job + +The Oracle_ObjectPermissions Job provides insight into user and role permissions to database objects +in targeted Oracle database servers. + +## Analysis Tasks for the Oracle_ObjectPermissions Job + +Navigate to the **Oracle** > **3.Permissions** > **Oracle_ObjectPermissions** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup35.webp) + +The default analysis tasks are: + +- Oracle Object Permissions – Highlights permissions on Oracle Objects. Creates the + SA_Oracle_ObjectPermission_Details table accessible under the job’s Results node. +- Object Permissions Instance Summary – Summarizes Object Permissions by Instance. Creates the + SA_Oracle_ObjectPermission_InstanceSummary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_ObjectPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ----------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Oracle Object Permissions | This report highlights Object permissions and summarizes them by instance and domain user | None | This report is comprised of three elements: - Bar Chart – Displays top instances by object permissions - Table –  Provides details on instances by object permission count - Table – Provides details on object permissions | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_publicpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_publicpermissions.md new file mode 100644 index 0000000000..6c7178093e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_publicpermissions.md @@ -0,0 +1,28 @@ +# Oracle_PublicPermissions Job + +The Oracle_PublicPermissions Job provides a list of permissions assigned to Public profile in +targeted Oracle database servers. + +## Analysis Tasks for the Oracle_PublicPermissions Job + +Navigate to the **Oracle** > **3.Permissions** > **Oracle_PublicPermissions** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup36.webp) + +The default analysis tasks are: + +- Oracle Public Permissions – Analyzes permissions for the Public Oracle account. Creates the + SA_Oracle_PublicPermission_Details table accessible under the job’s Results node. +- Public Permissions Instance Summary – Summarizes public permissions by Instance. Creates the + SA_Oracle_PublicPermission_InstanceSummary accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_PublicPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Public Permissions | This report highlights public permissions and summarizes them by instance | None | This report is comprised of three elements: - Bar Chart – Displays top instances by public permission - Table – Provides details on instances by public permission count - Table – Provides details on public permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_serverpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_serverpermissions.md new file mode 100644 index 0000000000..5a22ff5170 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_serverpermissions.md @@ -0,0 +1,28 @@ +# Oracle_ServerPermissions Job + +The Oracle_ServerPermissions Job analyzes permissions granted at the database level and reports on +effective database level permissions across all audited Oracle database servers. + +## Analysis Tasks for the Oracle_ServerPermissions Job + +Navigate to the **Oracle** > **3.Permissions** > **Oracle_ServerPermissions** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup37.webp) + +The default analysis tasks are: + +- Determine Server Permissions – Highlights Oracle permissions on the Server. Creates the + SA_Oracle_ServerPermission_Details table accessible under the job’s Results node. +- Server Permissions Instance Summary – Summarizes server permissions by Instance. Creates the + SA_Oracle_ServerPermission_InstanceSummary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_ServerPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Server Permissions | This report highlights server permissions and summarizes them by instance | None | This report is comprised of three elements: - Bar Chart – Displays top instances by server permissions - Table – Provides details on instances by server permission count - Table – Provides details on server permissions | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_sysschemapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_sysschemapermissions.md new file mode 100644 index 0000000000..cee575a225 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_sysschemapermissions.md @@ -0,0 +1,28 @@ +# Oracle_SysSchemaPermissions Job + +The Oracle_SysSchemaPermissions Job provides insight into users that have access to objects in the +SYS schema, and the type permissions to those objects across all audited Oracle database servers. + +## Analysis Tasks for the Oracle_SysSchemaPermissions Job + +Navigate to the **Oracle** > **3.Permissions** > **Oracle_SysSchemaPermissions** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup38.webp) + +The default analysis tasks are: + +- Oracle Sys Schema Permissions – Highlights all permissions on tables in the Oracle schema. Creates + the SA_Oracle_SysSchema table accessible under the job’s Results table. +- Oracle Sys Schema Summary – Summarizes sys schema permissions per instance. Creates the + SA_Oracle_SysSchema_InstanceSummary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the Oracle_SysSchemaPermissions +Job produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ---------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SYS Schema Permissions | This report highlights SYS schema permissions across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays sys schema permission by instance - Table – Provides details on sys schema permissions by instance - Table – Provides details on sys schema permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/overview.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/overview.md index 101bf92b45..ff2f7782d4 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/overview.md @@ -3,20 +3,20 @@ The 3.Permissions Job Group is designed to provide insight into all types of permissions at the instance, database, and object levels across all targeted Oracle database servers. -![Permissions Job Group](/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup33.webp) +![Permissions Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup33.webp) The jobs in the 3.Permissions Job Group are: -- [Oracle_DomainUserPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-domainuserpermissions.md) – This job will provide +- [Oracle_DomainUserPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_domainuserpermissions.md) – This job will provide insight into Microsoft Active Directory domain users access to Oracle database objects both at the instance and object level -- [Oracle_ObjectPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-objectpermissions.md) – This job will provide insight into +- [Oracle_ObjectPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_objectpermissions.md) – This job will provide insight into user and role permissions to all the database objects in the targeted Oracle database server -- [Oracle_PublicPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-publicpermissions.md) – This job provides the list of all +- [Oracle_PublicPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_publicpermissions.md) – This job provides the list of all the permission assigned to the PUBLIC profile in all the targeted Oracle database servers -- [Oracle_ServerPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-serverpermissions.md) – This job analyzes all the permission +- [Oracle_ServerPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_serverpermissions.md) – This job analyzes all the permission granted at the database level and repots on the effective database level permissions across all the audited Oracle database servers -- [Oracle_SysSchemaPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle-sysschemapermissions.md) – This job provides insight into +- [Oracle_SysSchemaPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/oracle_sysschemapermissions.md) – This job provides insight into all the users who have access to the objects in the SYS schema and the type permissions to those objects across all the audited Oracle database servers diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/recommended.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/recommended.md index 8232a5df46..0605a9eb60 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/recommended.md @@ -38,7 +38,7 @@ most customer environments, but it is possible. If the required permissions are assigned to one Active Directory credential, once the account has been provisioned, create a custom Connection Profile containing the credentials for the targeted -environment. See the [SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) topic for +environment. See the [SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) topic for additional information on permissions and creating a SQL custom connection profile. Alternatively, create a connection profile with both the Oracle database credentials and the server @@ -49,20 +49,20 @@ node as follows: - Both the Oracle database credentials and the Server credentials for the targeted host (or the previously provisioned AD credentials) for: - - 0-Oracle_Servers Job + - 0-Oracle_Servers Job - Oracle Database credentials only for: - - 1-Oracle_PermissionsScan Job - - 2-Oracle_SensitiveDataScan Job - - 3-Oracle_ActivityScan Job - - 4-Oracle_DefaultPasswordUsers Job - - 5-Oracle_Configuration Job + - 1-Oracle_PermissionsScan Job + - 2-Oracle_SensitiveDataScan Job + - 3-Oracle_ActivityScan Job + - 4-Oracle_DefaultPasswordUsers Job + - 5-Oracle_Configuration Job The Connection Profile is set to Use the Default Profile, as configured at the global settings level. However, since this may not be the Connection Profile with the necessary permissions for the assigned hosts, click the radio button for the Select one of the following user defined profiles option and select the appropriate Connection Profile drop-down menu. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency @@ -88,23 +88,23 @@ This solution is designed to be run with the default query configurations. Howev SQL Data Collector configurations can be modified if desired: - Options page – Customize scan options and/or sensitive data (DLP) options in the following jobs: - - 2-Oracle_SensitiveDataScan Job - - 1-Oracle_ActivityScan Job + - 2-Oracle_SensitiveDataScan Job + - 1-Oracle_ActivityScan Job - Criteria page – Customize the criteria used to define sensitive data in the following job: - - 2-Oracle_SensitiveDataScan Job + - 2-Oracle_SensitiveDataScan Job - Filter page – Scope the query to target specific databases/instances in the following jobs: - Remember, it is necessary for the [0-Oracle_Servers Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0-oracle-servers.md) to run - at least once before attempting to scope any of the following queries: + Remember, it is necessary for the [0-Oracle_Servers Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0-oracle_servers.md) to run + at least once before attempting to scope any of the following queries: - - 1-Oracle_PermissionsScan Job - - 2-Oracle_SensitiveDataScan Job - - 3-Oracle_ActivityScan Job - - 4-Oracle_DefaultPasswordUsers Job - - 5-Oracle_Configuration Job + - 1-Oracle_PermissionsScan Job + - 2-Oracle_SensitiveDataScan Job + - 3-Oracle_ActivityScan Job + - 4-Oracle_DefaultPasswordUsers Job + - 5-Oracle_Configuration Job - **_RECOMMENDED:_** For reporting purposes, scope all queries to target the same - databases/instances if applying a scope. + **_RECOMMENDED:_** For reporting purposes, scope all queries to target the same + databases/instances if applying a scope. Analysis Configuration diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle-sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle-sensitivedata.md deleted file mode 100644 index 4413c8765b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle-sensitivedata.md +++ /dev/null @@ -1,31 +0,0 @@ -# Oracle_SensitiveData Job - -The Oracle_SensitveData Job is designed to provide information on all sensitive data that was -discovered in targeted Oracle database servers based on selected scan criteria. - -## Analysis Tasks for the Oracle_SensitiveData Job - -Navigate to the **Oracle > 5.Sensitve Data > Oracle_SensitveData > Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup44.webp) - -The default analysis tasks are: - -- Determine sensitive data details – Creates the SA_Oracle_SensitiveData_Details table accessible - under the job’s Results node -- Instance Summary – Creates the SA_Oracle_SensitiveData_InstanceSummary table accessible under the - job’s Results node -- Enterprise Summary – Creates the SA_Oracle_SensitiveData_EnterpriseSummary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the **Oracle_SensitveData Job** -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | --------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise | None | This report is comprised of two elements: - Pie Chart – Displays exceptions by match count - Table – Provides information on exception details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria | None | This report is comprised of three elements: - Bar Chart – Displays top instances by sensitive data hits - Table – Provides details on instances with sensitive data - Table – Provides information on sensitive data details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle-sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle-sensitivedatapermissions.md deleted file mode 100644 index ad1ed4aa72..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle-sensitivedatapermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# Oracle_SensitiveDataPermissions Job - -The Oracle_SensitiveDataPermissions Job is designed to provide information on permissions on -database objects containing sensitive data across all targeted Oracle database servers. - -## Analysis Tasks for the Oracle_SensitiveDataPermissions Job - -Navigate to the **Oracle > 5.Sensitive Data > Oracle_SensitiveDataPermissions > Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup45.webp) - -The default analysis tasks are: - -- Detail Oracle SDD Permissions – Creates the SA_Oracle_SensitiveDataPermissions_Details table - accessible under the job’s Results node -- SDD Perms Instance Summary – Creates the SA_Oracle_SensitiveDataPermissions_InstanceSummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the -**Oracle_SensitiveDataPermissions Job** produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ---------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission count - Table – Provides details on instance permission summary - Table – Provides information on sensitive data permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle_sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle_sensitivedata.md new file mode 100644 index 0000000000..25a7fa43a7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle_sensitivedata.md @@ -0,0 +1,31 @@ +# Oracle_SensitiveData Job + +The Oracle_SensitveData Job is designed to provide information on all sensitive data that was +discovered in targeted Oracle database servers based on selected scan criteria. + +## Analysis Tasks for the Oracle_SensitiveData Job + +Navigate to the **Oracle > 5.Sensitve Data > Oracle_SensitveData > Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/jobgroup44.webp) + +The default analysis tasks are: + +- Determine sensitive data details – Creates the SA_Oracle_SensitiveData_Details table accessible + under the job’s Results node +- Instance Summary – Creates the SA_Oracle_SensitiveData_InstanceSummary table accessible under the + job’s Results node +- Enterprise Summary – Creates the SA_Oracle_SensitiveData_EnterpriseSummary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the **Oracle_SensitveData Job** +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | --------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise | None | This report is comprised of two elements: - Pie Chart – Displays exceptions by match count - Table – Provides information on exception details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria | None | This report is comprised of three elements: - Bar Chart – Displays top instances by sensitive data hits - Table – Provides details on instances with sensitive data - Table – Provides information on sensitive data details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle_sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle_sensitivedatapermissions.md new file mode 100644 index 0000000000..7865f38494 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle_sensitivedatapermissions.md @@ -0,0 +1,28 @@ +# Oracle_SensitiveDataPermissions Job + +The Oracle_SensitiveDataPermissions Job is designed to provide information on permissions on +database objects containing sensitive data across all targeted Oracle database servers. + +## Analysis Tasks for the Oracle_SensitiveDataPermissions Job + +Navigate to the **Oracle > 5.Sensitive Data > Oracle_SensitiveDataPermissions > Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/jobgroup45.webp) + +The default analysis tasks are: + +- Detail Oracle SDD Permissions – Creates the SA_Oracle_SensitiveDataPermissions_Details table + accessible under the job’s Results node +- SDD Perms Instance Summary – Creates the SA_Oracle_SensitiveDataPermissions_InstanceSummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the +**Oracle_SensitiveDataPermissions Job** produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ---------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission count - Table – Provides details on instance permission summary - Table – Provides information on sensitive data permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/overview.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/overview.md index a08ca02ab3..eea78c64c8 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/overview.md @@ -3,13 +3,13 @@ The 5.Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who has access to said data across all targeted Oracle database servers. -![Sensitive Data Job Group](/img/product_docs/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup43.webp) +![Sensitive Data Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/jobgroup43.webp) The jobs in the 5.Sensitive Data Job Group are: -- [Oracle_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle-sensitivedata.md) – This job is designed to provide information +- [Oracle_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle_sensitivedata.md) – This job is designed to provide information on all the sensitive data that was discovered in the targeted Oracle database servers based on the selected scan criteria -- [Oracle_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle-sensitivedatapermissions.md) – This job is designed +- [Oracle_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/oracle_sensitivedatapermissions.md) – This job is designed to provide all types of permissions on database objects containing sensitive data across all the targeted Oracle database servers diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-passwordissues.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-passwordissues.md deleted file mode 100644 index c8d0e5864a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-passwordissues.md +++ /dev/null @@ -1,47 +0,0 @@ -# Oracle_PasswordIssues Job - -The Oracle_PasswordIssues Job is designed to analyze the Oracle user passwords and evaluate if they -comply with prescribed password policies. In addition, the job group will also scan for weak -passwords. - -## Query for the Oracle_PasswordIssues Job - -The Oracle_PasswordIssues Job uses the PowerShell Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup20.webp) - -- Weak Password Hash – Locates the dictionary file used to compare Oracle passwords to determine if - they are weak. - -See the [PowerShell Data Collector](/docs/accessanalyzer/12.0/data-collection/powershell/overview.md) topic -for additional information. - -## Analysis Tasks for the Oracle_PasswordIssues Job - -Navigate to the **Jobs** > **Oracle** > **1.Users and Roles** > **Oracle_PasswordIssues** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup21.webp) - -The default analysis tasks are: - -- Oracle Weak Password Details – Lists details of weak passwords in Oracle. Adds data to the - SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. -- Weak Hashes – Highlights user accounts with weak hashes. Adds data to the - SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. -- Default Passwords – Finds users with default passwords. Adds data to the - SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. -- Weak Password Instance Summary – Summarizes weak passwords per instance. Creates the - SA_Oracle_PasswordIssues_Summary table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the Oracle_PasswordIssues Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ---------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Weak Passwords | This report highlights users with weak passwords in the audited Oracle environment | None | This report is comprised of three elements: - Bar Chart – Displays password issues by instance - Table – Provides details on password issues by instance - Table – Provides information on password issue details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-rolemembers.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-rolemembers.md deleted file mode 100644 index b3b6f18a6a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-rolemembers.md +++ /dev/null @@ -1,28 +0,0 @@ -# Oracle_RoleMembers Job - -The Oracle_RoleMembers Job is designed to analyze and provide information about role members across -all targeted Oracle database servers. - -## Analysis Tasks for the Oracle_RoleMembers Job - -Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_RoleMembers** > Configure node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup22.webp) - -The default analysis tasks are: - -- Role Member Details – Creates the SA_Oracle_RoleMember_Details table accessible under the job’s - Results node -- Role Membership Instances Summary – Creates the SA\_ Oracle_RoleMember_Summary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the Oracle_RoleMembers Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------- | --------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Role Membership | This report shows details on the roles and role membership in the audited Oracle environment. | None | This report is comprised of three elements: - Bar Chart – Displays top roles by role membership - Table – Provides details on roles by role membership - Table – Provides information on role membership details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-systemadministrators.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-systemadministrators.md deleted file mode 100644 index 60a5c50716..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-systemadministrators.md +++ /dev/null @@ -1,30 +0,0 @@ -# Oracle_SystemAdministrators Job - -The Oracle_SystemAdministrators Job is designed to provide insight into users who have DBA, SYSDBA, -and SYSOPER roles across all targeted Oracle database servers. - -## Analysis Tasks for the Oracle_SystemAdministrators Job - -Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_SystemAdministrators** > Configure -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup23.webp) - -The default analysis tasks are: - -- Oracle Administrators – Returns members of specified administrator roles. Creates the - SA_Oracle_SystemAdministrators table accessible under the job’s Results node. -- System Admin Instance Summary – Summarizes System Administrators by Instance. Creates the - SA_Oracle_SystemAdministrators_InstanceSummary table accessible under the job’s Results node. -- System Admin Domain Users – Highlights System Administrators which are domain accounts. Creates - the SA_Oracle_SystemAdmins_DomainUsers table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis task, the Oracle_SystemAdministrators -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Admin Summary | This report highlights all principals which are members of specified administrator roles | None | This report is comprised of three elements: - Bar Chart – Displays top instances by admin count - Table – Provides information on admin details - Table – Provides details on top instances by admin count | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-users.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-users.md deleted file mode 100644 index 0299060381..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-users.md +++ /dev/null @@ -1,28 +0,0 @@ -# Oracle_Users Job - -The Oracle_Users Job is designed to provide insight into all attributes associated with users in all -databases in targeted Oracle database servers. - -## Analysis Tasks for the Oracle_Users Job - -Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_Users** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup24.webp) - -The default analysis tasks are: - -- Determine user details – Creates the SA_Oracle_Users_Details table accessible under the job’s - Results node -- Summarize by Instance – Creates the SA_Oracle_Users_Summary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the Oracle_Users Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------ | -------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Oracle Users | This report shows details on users in the audited Oracle environment | None | This report is comprised of three elements: - Bar Chart – Displays users by instance - Table – Provides details on oracle user instance summary - Table – Provides information on oracle user details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_passwordissues.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_passwordissues.md new file mode 100644 index 0000000000..f31f5413f5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_passwordissues.md @@ -0,0 +1,47 @@ +# Oracle_PasswordIssues Job + +The Oracle_PasswordIssues Job is designed to analyze the Oracle user passwords and evaluate if they +comply with prescribed password policies. In addition, the job group will also scan for weak +passwords. + +## Query for the Oracle_PasswordIssues Job + +The Oracle_PasswordIssues Job uses the PowerShell Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup20.webp) + +- Weak Password Hash – Locates the dictionary file used to compare Oracle passwords to determine if + they are weak. + +See the [PowerShell Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md) topic +for additional information. + +## Analysis Tasks for the Oracle_PasswordIssues Job + +Navigate to the **Jobs** > **Oracle** > **1.Users and Roles** > **Oracle_PasswordIssues** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup21.webp) + +The default analysis tasks are: + +- Oracle Weak Password Details – Lists details of weak passwords in Oracle. Adds data to the + SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. +- Weak Hashes – Highlights user accounts with weak hashes. Adds data to the + SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. +- Default Passwords – Finds users with default passwords. Adds data to the + SA_Oracle_PasswordIssues_Details table accessible under the job’s Results node. +- Weak Password Instance Summary – Summarizes weak passwords per instance. Creates the + SA_Oracle_PasswordIssues_Summary table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the Oracle_PasswordIssues Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ---------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Weak Passwords | This report highlights users with weak passwords in the audited Oracle environment | None | This report is comprised of three elements: - Bar Chart – Displays password issues by instance - Table – Provides details on password issues by instance - Table – Provides information on password issue details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_rolemembers.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_rolemembers.md new file mode 100644 index 0000000000..c70519fa42 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_rolemembers.md @@ -0,0 +1,28 @@ +# Oracle_RoleMembers Job + +The Oracle_RoleMembers Job is designed to analyze and provide information about role members across +all targeted Oracle database servers. + +## Analysis Tasks for the Oracle_RoleMembers Job + +Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_RoleMembers** > Configure node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup22.webp) + +The default analysis tasks are: + +- Role Member Details – Creates the SA_Oracle_RoleMember_Details table accessible under the job’s + Results node +- Role Membership Instances Summary – Creates the SA\_ Oracle_RoleMember_Summary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the Oracle_RoleMembers Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------- | --------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Role Membership | This report shows details on the roles and role membership in the audited Oracle environment. | None | This report is comprised of three elements: - Bar Chart – Displays top roles by role membership - Table – Provides details on roles by role membership - Table – Provides information on role membership details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_systemadministrators.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_systemadministrators.md new file mode 100644 index 0000000000..a0e87dd314 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_systemadministrators.md @@ -0,0 +1,30 @@ +# Oracle_SystemAdministrators Job + +The Oracle_SystemAdministrators Job is designed to provide insight into users who have DBA, SYSDBA, +and SYSOPER roles across all targeted Oracle database servers. + +## Analysis Tasks for the Oracle_SystemAdministrators Job + +Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_SystemAdministrators** > Configure +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup23.webp) + +The default analysis tasks are: + +- Oracle Administrators – Returns members of specified administrator roles. Creates the + SA_Oracle_SystemAdministrators table accessible under the job’s Results node. +- System Admin Instance Summary – Summarizes System Administrators by Instance. Creates the + SA_Oracle_SystemAdministrators_InstanceSummary table accessible under the job’s Results node. +- System Admin Domain Users – Highlights System Administrators which are domain accounts. Creates + the SA_Oracle_SystemAdmins_DomainUsers table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis task, the Oracle_SystemAdministrators +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------- | ---------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Admin Summary | This report highlights all principals which are members of specified administrator roles | None | This report is comprised of three elements: - Bar Chart – Displays top instances by admin count - Table – Provides information on admin details - Table – Provides details on top instances by admin count | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_users.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_users.md new file mode 100644 index 0000000000..ed61487104 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_users.md @@ -0,0 +1,28 @@ +# Oracle_Users Job + +The Oracle_Users Job is designed to provide insight into all attributes associated with users in all +databases in targeted Oracle database servers. + +## Analysis Tasks for the Oracle_Users Job + +Navigate to the **Oracle** > **1.Users and Roles** > **Oracle_Users** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup24.webp) + +The default analysis tasks are: + +- Determine user details – Creates the SA_Oracle_Users_Details table accessible under the job’s + Results node +- Summarize by Instance – Creates the SA_Oracle_Users_Summary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the Oracle_Users Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------ | -------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Oracle Users | This report shows details on users in the audited Oracle environment | None | This report is comprised of three elements: - Bar Chart – Displays users by instance - Table – Provides details on oracle user instance summary - Table – Provides information on oracle user details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/overview.md b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/overview.md index 067b35a665..dfc8fd608a 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/overview.md @@ -3,19 +3,19 @@ The 1.Users and Roles Job Group is designed to provide insight into user security, roles, and object permissions on all Oracle database objects. -![Users and Roles Job Group](/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup19.webp) +![Users and Roles Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup19.webp) The jobs in the 1.Users and Roles Job Group are: -- [Oracle_PasswordIssues Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-passwordissues.md) – This job group is designed to analyze the +- [Oracle_PasswordIssues Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_passwordissues.md) – This job group is designed to analyze the Oracle user passwords and evaluate if they comply with the prescribed password policies. In addition, the job will also scan the passwords for weak passwords. -- [Oracle_RoleMembers Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-rolemembers.md) – This job is designed to analyze and provide +- [Oracle_RoleMembers Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_rolemembers.md) – This job is designed to analyze and provide information about all the role members in each of the Oracle database roles across all the targeted Oracle database servers -- [Oracle_SystemAdministrators Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-systemadministrators.md) – This job group is designed to +- [Oracle_SystemAdministrators Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_systemadministrators.md) – This job group is designed to provide insight into all the users who have DBA, SYSDBA, and SYSOPER roles across all the targeted Oracle database servers -- [Oracle_Users Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle-users.md) – This job group is designed to provide insight into all the +- [Oracle_Users Job](/docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/oracle_users.md) – This job group is designed to provide insight into all the attributes associated with all the users in the Oracle database across all targeted Oracle database servers diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/overview.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/overview.md index 7ddc0a1be6..9ec22f37aa 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/overview.md @@ -4,22 +4,22 @@ The PostgreSQL Solution Collection Job Group is designed to collect high level from targeted PostgreSQL Servers. This information is used by other jobs in the PostgreSQL Solution Set for further analysis and producing respective reports. -![0.Collection Job Group](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/0.collectionjobgroup.webp) +![0.Collection Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/0.collectionjobgroup.webp) The jobs in the 0.Collection Job Group are: -- [PgSQL_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-configuration.md) - Designed to return additional configuration +- [PgSQL_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_configuration.md) - Designed to return additional configuration settings from PostgreSQL servers -- [PgSQL_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-sensitivedatascan.md) - Designed to discover sensitive data in +- [PgSQL_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_sensitivedatascan.md) - Designed to discover sensitive data in PostgreSQL databases based on pre-defined or user-defined search criteria -- [PgSQL_TablePrivileges Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-tableprivileges.md) - Designed to collect PostgreSQL table +- [PgSQL_TablePrivileges Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_tableprivileges.md) - Designed to collect PostgreSQL table privileges from all the targeted servers. Workflow 1. Set a Connection Profile for the 0.Collection Job Group with the permissions listed in the Recommended Configurations section. See the - [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. + [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. 2. For Sensitive Data Discovery Auditing – Ensure the Sensitive Data Discovery Add-On is installed on the Access Analyzer Console server. 3. Schedule the solution to run daily or as desired. diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-configuration.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-configuration.md deleted file mode 100644 index d6eaf11feb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-configuration.md +++ /dev/null @@ -1,18 +0,0 @@ -# PgSQL_Configuration Job - -The PgSQL_Configuration Job is designed to return additional configuration settings from -PostgreSQL servers. - -## Queries for the PgSQL_Configuration Job - -The PgSQL_Configuration Job uses the SQL Data Collector. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/configurationquery.webp) - -The query is: - -- PostgreSQL Database Sizing - Collects details about PostgreSQL databases. See the - [SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) topic for additional - information. diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-sensitivedatascan.md deleted file mode 100644 index 3d99348447..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-sensitivedatascan.md +++ /dev/null @@ -1,100 +0,0 @@ -# PgSQL_SensitiveDataScan Job - -The PgSQL_SensitiveDataScan Job is designed to discover sensitive data in PostgreSQL databases based -on pre-defined or user-defined search criteria. - -## Queries for the PgSQL_SensitiveDataScan Job - -The PgSQL_SensitiveDataScan Job uses the SQL Data Collector. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataquery.webp) - -The query is: - -- PostgreSQL — Scans the PostgreSQL database for sensitive data. For configuring the - [SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md), see the SQL Data Collector - topic for additional information. - -### Configure the SensitiveDataScan Query - -The PgSQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive -Data Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > -**PgSQL_SensitiveDataScan** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the **PostgreSQL** query click on Query Properties. -The Query Properties window appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this -job. - -![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/datascanjobsettings.webp) - -**Step 4 –** To modify sensitive data scan options, navigate to the -[SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) page. Select the desired scan -options. - -**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -![Select DLP Criteria](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp) - -**Step 5 –** To modify criteria, navigate to the -[SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) page. By default, the -Sensitive Data Scan job is configured to scan for criteria configured in the Global Criteria -settings. See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) -topic for additional information. - -![Filters page](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp) - -**Step 6 –** PostgreSQL databases must be added to the query before they can be scanned. Navigate to -the **Filter** page and click **Connections** to open the Manage Connections window. - -![Manage Connections](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/manageconnectionspgsql.webp) - -**Step 7 –** In the Manage Connections window, click **New Connection** and add the following -information: - -- Is Active Checkbox — Check to include the database on the Servers Pane on the Filter page. -- Instance Label — The name of the instance -- Database System — Select PostgreSQL from the dropdown list -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the database. The default port for PostgreSQL is 5432 - -Exit the Manage Connections window to return to the Filter page. - -**Step 8 –** On the Filter page, the query is configured by default to target Only select database -objects. Click Retrieve. The Available database objects box will populate. The default filter will -scan all PostgreSQL databases returned, excluding the listed system or default schemas and tables in -red. Databases and instances can be added in the following ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Use the Add Custom Filter button to create and apply a custom filter. - -**Step 9 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The PgSQL_SensitiveDataScan Job is now ready to run with the customized settings. - -## Anaylsis Tasks for the PsgSQL_SensitiveDataScan Job - -Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > **PgSQL_SensitiveDataScan** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) - -The default analysis tasks are: - -- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table -- PostgreSQL SDD Matches View — Bring the PostgreSQL SDD Matches View to the SA console -- PostgreSQL SDD Match Hits View — Bring the PostgreSQL SDD Match Hits View to the SA console -- PostgreSQL SDD AIC Import — Imports PostgreSQL SDD into the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-tableprivileges.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-tableprivileges.md deleted file mode 100644 index 5910b45f3b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-tableprivileges.md +++ /dev/null @@ -1,31 +0,0 @@ -# PgSQL_TablePrivileges Job - -The PgSQL_TablePrivileges job is designed to collect PostgreSQL table privileges from all the -targeted servers. - -## Queries for the PgSQL_TablePrivileges Job - -The PgSQL_TablePrivileges Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_query.webp) - -The query is: - -- Table Privileges - Returns table privileges from all the targeted servers. - -## Analysis Task for the PgSQL_TablePrivileges Job - -Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > **PgSQL_TablePrivileges** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_analysis.webp) - -The default analysis task is: - -- AIC Import - PostgreSQL Permissions – Imports PostgreSQL permissions to the AIC. -- AIC Import - Databases – Imports PostgreSQL database and schema nodes to the AIC. diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_configuration.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_configuration.md new file mode 100644 index 0000000000..03d3d8558c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_configuration.md @@ -0,0 +1,18 @@ +# PgSQL_Configuration Job + +The PgSQL_Configuration Job is designed to return additional configuration settings from +PostgreSQL servers. + +## Queries for the PgSQL_Configuration Job + +The PgSQL_Configuration Job uses the SQL Data Collector. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/configurationquery.webp) + +The query is: + +- PostgreSQL Database Sizing - Collects details about PostgreSQL databases. See the + [SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) topic for additional + information. diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_sensitivedatascan.md new file mode 100644 index 0000000000..acd2c94fab --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_sensitivedatascan.md @@ -0,0 +1,100 @@ +# PgSQL_SensitiveDataScan Job + +The PgSQL_SensitiveDataScan Job is designed to discover sensitive data in PostgreSQL databases based +on pre-defined or user-defined search criteria. + +## Queries for the PgSQL_SensitiveDataScan Job + +The PgSQL_SensitiveDataScan Job uses the SQL Data Collector. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedataquery.webp) + +The query is: + +- PostgreSQL — Scans the PostgreSQL database for sensitive data. For configuring the + [SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md), see the SQL Data Collector + topic for additional information. + +### Configure the SensitiveDataScan Query + +The PgSQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive +Data Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > +**PgSQL_SensitiveDataScan** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the **PostgreSQL** query click on Query Properties. +The Query Properties window appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this +job. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/datascanjobsettings.webp) + +**Step 4 –** To modify sensitive data scan options, navigate to the +[SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) page. Select the desired scan +options. + +**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +![Select DLP Criteria](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp) + +**Step 5 –** To modify criteria, navigate to the +[SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) page. By default, the +Sensitive Data Scan job is configured to scan for criteria configured in the Global Criteria +settings. See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +![Filters page](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp) + +**Step 6 –** PostgreSQL databases must be added to the query before they can be scanned. Navigate to +the **Filter** page and click **Connections** to open the Manage Connections window. + +![Manage Connections](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/manageconnectionspgsql.webp) + +**Step 7 –** In the Manage Connections window, click **New Connection** and add the following +information: + +- Is Active Checkbox — Check to include the database on the Servers Pane on the Filter page. +- Instance Label — The name of the instance +- Database System — Select PostgreSQL from the dropdown list +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the database. The default port for PostgreSQL is 5432 + +Exit the Manage Connections window to return to the Filter page. + +**Step 8 –** On the Filter page, the query is configured by default to target Only select database +objects. Click Retrieve. The Available database objects box will populate. The default filter will +scan all PostgreSQL databases returned, excluding the listed system or default schemas and tables in +red. Databases and instances can be added in the following ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Use the Add Custom Filter button to create and apply a custom filter. + +**Step 9 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The PgSQL_SensitiveDataScan Job is now ready to run with the customized settings. + +## Anaylsis Tasks for the PsgSQL_SensitiveDataScan Job + +Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > **PgSQL_SensitiveDataScan** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) + +The default analysis tasks are: + +- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table +- PostgreSQL SDD Matches View — Bring the PostgreSQL SDD Matches View to the SA console +- PostgreSQL SDD Match Hits View — Bring the PostgreSQL SDD Match Hits View to the SA console +- PostgreSQL SDD AIC Import — Imports PostgreSQL SDD into the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_tableprivileges.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_tableprivileges.md new file mode 100644 index 0000000000..031f57289b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql_tableprivileges.md @@ -0,0 +1,31 @@ +# PgSQL_TablePrivileges Job + +The PgSQL_TablePrivileges job is designed to collect PostgreSQL table privileges from all the +targeted servers. + +## Queries for the PgSQL_TablePrivileges Job + +The PgSQL_TablePrivileges Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/tableprivileges_query.webp) + +The query is: + +- Table Privileges - Returns table privileges from all the targeted servers. + +## Analysis Task for the PgSQL_TablePrivileges Job + +Navigate to the **Databases** > **0.Collection** > **PostgreSQL** > **PgSQL_TablePrivileges** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/tableprivileges_analysis.webp) + +The default analysis task is: + +- AIC Import - PostgreSQL Permissions – Imports PostgreSQL permissions to the AIC. +- AIC Import - Databases – Imports PostgreSQL database and schema nodes to the AIC. diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/overview.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/overview.md index 7e3f0e3627..f1d28d5c69 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/postgresql/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/postgresql/overview.md @@ -30,7 +30,7 @@ Supported Platforms Requirements, Permissions, and Ports See the -[Target PostgreSQL Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-postgresql.md) +[Target PostgreSQL Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databasepostgresql.md) topic for additional information. Sensitive Data Discovery Considerations @@ -66,14 +66,14 @@ sensitive data. The Access Analyzer PosgreSQL Solution Set is a set of pre-configured audit jobs and reports that provides visibility into PostgreSQL Sensitive Data. -![PostgreSQL Job Group](/img/product_docs/accessanalyzer/solutions/databases/postgresql/postgresqljobgroup.webp) +![PostgreSQL Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/postgresqljobgroup.webp) The job groups in the PostgreSQL Solution are: - [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/overview.md) - Designed to collect high level summary information from targeted PostgreSQL Servers. This information is used by other jobs in the PostgreSQL Solution Set for further analysis and producing respective reports -- [Configuration > PgSQL_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/pgsql-databasesizing.md) - Designed to provide insight +- [Configuration > PgSQL_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/pgsql_databasesizing.md) - Designed to provide insight into details about the PostgreSQL environment and potential vulnerabilities related to instance configuration settings - [Sensitive Data Job Group](/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/overview.md) - Designed to provide insight into where diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/pgsql-databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/pgsql-databasesizing.md deleted file mode 100644 index f0a1df97f3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/postgresql/pgsql-databasesizing.md +++ /dev/null @@ -1,32 +0,0 @@ -# Configuration > PgSQL_DatabaseSizing Job - -The Configuration Job Group is designed to provide insight into details about the -PostgreSQL environment and potential vulnerabilities related to instance configuration settings. - -![Configuration Job Group - PostgreSQL](/img/product_docs/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp) - -The job in the Configuration Job Groups is: - -- PgSQL_DatabaseSizing Job - Provides details about PostgreSQL databases and overall database size - -## Analysis Tasks for the PgSQL_DatabaseSizing Job - -Navigate to the **Jobs > Databases > PostgreSQL > Configuration > PgSQL_DatabaseSizing > Configure** -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp) - -The default analysis tasks are: - -- Database Sizing Details - Provides details about PostgreSQL databases and sizing -- Database Sizing Summary - Summarizes PostgreSQL database sizing by host - -In addition to the tables and views created the analysis task, the PgSQL_DatabaseSizing Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report highlights the size of databases in PostgreSQL | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays sizes by host (GB) - Table – Provides database details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/pgsql_databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/pgsql_databasesizing.md new file mode 100644 index 0000000000..82c90d49bb --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/postgresql/pgsql_databasesizing.md @@ -0,0 +1,32 @@ +# Configuration > PgSQL_DatabaseSizing Job + +The Configuration Job Group is designed to provide insight into details about the +PostgreSQL environment and potential vulnerabilities related to instance configuration settings. + +![Configuration Job Group - PostgreSQL](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/configurationjobgroup.webp) + +The job in the Configuration Job Groups is: + +- PgSQL_DatabaseSizing Job - Provides details about PostgreSQL databases and overall database size + +## Analysis Tasks for the PgSQL_DatabaseSizing Job + +Navigate to the **Jobs > Databases > PostgreSQL > Configuration > PgSQL_DatabaseSizing > Configure** +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp) + +The default analysis tasks are: + +- Database Sizing Details - Provides details about PostgreSQL databases and sizing +- Database Sizing Summary - Summarizes PostgreSQL database sizing by host + +In addition to the tables and views created the analysis task, the PgSQL_DatabaseSizing Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report highlights the size of databases in PostgreSQL | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays sizes by host (GB) - Table – Provides database details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/recommended.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/recommended.md index 503652fcd7..b2a5a00e5c 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/postgresql/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/databases/postgresql/recommended.md @@ -23,7 +23,7 @@ Connection Profile The SQL Data Collector requires a specific set of permissions. For the PostgreSQL Solution, the credentials configured in the Connection Profile must be able to access the PostgreSQL Database. See -the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information on +the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on permissions and creating a SQL custom connection profile. The Connection Profile is set to **Use the Default Profile**, as configured at the global settings @@ -45,7 +45,7 @@ Query Configuration This solution is designed to be run with the default query configurations. However, the PostgreSQL_SensitiveDataScan Job query can be customized as needed. See the -[Configure the SensitiveDataScan Query](/docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/pgsql-sensitivedatascan.md#configure-the-sensitivedatascan-query) +[Configure the SensitiveDataScan Query](collection/pgsql_sensitivedatascan.md#configure-the-sensitivedatascan-query) topic for additional information. Analysis Configuration diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/overview.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/overview.md index bd7867aded..fc67599e4a 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/overview.md @@ -3,13 +3,13 @@ The Sensitive Data Job Group is designed to provide insight into where sensitive data exists and who has access to it across all the targeted PostgreSQL databases. -![Sensitive Data Job Group](/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) +![Sensitive Data Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) The job in the Sensitive Data Job Group is: -- [PgSQL_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql-sensitivedata.md) - Designed to provide information on all the +- [PgSQL_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedata.md) - Designed to provide information on all the sensitive data that was discovered in the targeted PostgreSQL servers based on the selected scan criteria -- [PgSQL_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql-sensitivedatapermissions.md) - Designed to provide +- [PgSQL_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedatapermissions.md) - Designed to provide information on all types of permissions on database objects containing sensitive data across all the targeted PostgreSQL servers based on the selected scan criteria. diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql-sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql-sensitivedata.md deleted file mode 100644 index 77a7fe59cb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql-sensitivedata.md +++ /dev/null @@ -1,28 +0,0 @@ -# PgSQL_SensitiveData Job - -The PsSQL_SensitiveData Job is designed to provide information on all the sensitive data that was -discovered in the targeted PostgreSQL servers based on the selected scan criteria. - -## Analysis Tasks for the PgSQL_SensitiveData Job - -Navigate to the **Jobs > Databases > PostgreSQL > Sensitive Data > PgSQL_SensitiveData > Configure** -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![pgsqlsensitivedataanalysis](/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp) - -The default analysis tasks are: - -- Sensitive Data Details - Returns details around sensitive data in PostgreSQL -- Database Summary - Summarizes sensitive data in PostgreSQL by database -- Enterprise Summary - Summarizes PostgreSQL sensitive data for the organization - -In addition to the tables and views created the analysis task, the PgSQL_SensitiveData Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | --------------------------------------------------------------------------- | -------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise | None | This report is comprised of two elements: - Bar Chart – Displays exceptions by match count - Table – Provides exception details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data crtieria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides information on databases with sensitive data - Table - Provides details on sensitive data | diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql-sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql-sensitivedatapermissions.md deleted file mode 100644 index c6fe6ee018..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql-sensitivedatapermissions.md +++ /dev/null @@ -1,30 +0,0 @@ -# PgSQL_SensitiveDataPermissions Job - -The PgSQL_SensitiveDataPermissions Job is designed to provide information on all types of -permissions on database objects containing sensitive data across all the targeted PostgreSQL servers -based on the selected scan criteria. - -## Analysis Tasks for the PgSQL_SensitiveData Job - -Navigate to the **Jobs > Databases > PostgreSQL > Sensitive -Data > PgSQL_SensitiveDataPermissions > Configure** node and select Analysis to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp) - -The default analysis tasks are: - -- Sensitive Data Permission Details – Creates the PgSQL_SensitiveDataPermissions_Details table - accessible under the job’s Results node -- Sensitive Data Permissions Database Summary – Creates the - PgSQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the -PgSQL_SensitiveDataPermissions Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedata.md new file mode 100644 index 0000000000..df12eccce8 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedata.md @@ -0,0 +1,28 @@ +# PgSQL_SensitiveData Job + +The PsSQL_SensitiveData Job is designed to provide information on all the sensitive data that was +discovered in the targeted PostgreSQL servers based on the selected scan criteria. + +## Analysis Tasks for the PgSQL_SensitiveData Job + +Navigate to the **Jobs > Databases > PostgreSQL > Sensitive Data > PgSQL_SensitiveData > Configure** +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![pgsqlsensitivedataanalysis](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp) + +The default analysis tasks are: + +- Sensitive Data Details - Returns details around sensitive data in PostgreSQL +- Database Summary - Summarizes sensitive data in PostgreSQL by database +- Enterprise Summary - Summarizes PostgreSQL sensitive data for the organization + +In addition to the tables and views created the analysis task, the PgSQL_SensitiveData Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | --------------------------------------------------------------------------- | -------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise | None | This report is comprised of two elements: - Bar Chart – Displays exceptions by match count - Table – Provides exception details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data crtieria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides information on databases with sensitive data - Table - Provides details on sensitive data | diff --git a/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedatapermissions.md new file mode 100644 index 0000000000..a991db8011 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsql_sensitivedatapermissions.md @@ -0,0 +1,30 @@ +# PgSQL_SensitiveDataPermissions Job + +The PgSQL_SensitiveDataPermissions Job is designed to provide information on all types of +permissions on database objects containing sensitive data across all the targeted PostgreSQL servers +based on the selected scan criteria. + +## Analysis Tasks for the PgSQL_SensitiveData Job + +Navigate to the **Jobs > Databases > PostgreSQL > Sensitive +Data > PgSQL_SensitiveDataPermissions > Configure** node and select Analysis to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp) + +The default analysis tasks are: + +- Sensitive Data Permission Details – Creates the PgSQL_SensitiveDataPermissions_Details table + accessible under the job’s Results node +- Sensitive Data Permissions Database Summary – Creates the + PgSQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the +PgSQL_SensitiveDataPermissions Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/overview.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/overview.md index 64421219df..88e7bcc8c0 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/overview.md @@ -4,13 +4,13 @@ The Redshift Solution Collection group collects high level summary information f Redshift Servers.  Other jobs in the Redshift Solution Set use this information for further analysis and for producing respective reports. -![0](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/0.collection.webp) +![0](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/0.collection.webp) The jobs in the 0.Collection Job Group are: -- [Redshift_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-configuration.md) — Returns additional configuration +- [Redshift_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_configuration.md) — Returns additional configuration settings from Redshift servers -- [Redshift_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-sensitivedatascan.md) — Discovers sensitive data in +- [Redshift_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_sensitivedatascan.md) — Discovers sensitive data in PostgreSQL databases based on pre-defined or user-defined search criteria -- [Redshift_TablePrivileges Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-tableprivileges.md) - Designed to collect Redshift table +- [Redshift_TablePrivileges Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_tableprivileges.md) - Designed to collect Redshift table privileges from all the targeted servers. diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-configuration.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-configuration.md deleted file mode 100644 index 65e9a2160a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-configuration.md +++ /dev/null @@ -1,15 +0,0 @@ -# Redshift_Configuration Job - -The Redshift_Configuration job returns additional configuration settings from Redshift servers. - -## Queries for the Redshift_Configuration Job - -The Redshift_Configuration Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![0](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/0.collectionconfiguration.webp) - -The query is: - -- Redshift Database Sizing — Provides details about Redshift databases and overall database size diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-sensitivedatascan.md deleted file mode 100644 index 1b913aee55..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-sensitivedatascan.md +++ /dev/null @@ -1,128 +0,0 @@ -# Redshift_SensitiveDataScan Job - -This job discovers sensitive data in PostgreSQL databases on pre-defined or user-defined criteria. - -## Queries for the Redshift_SensitiveData Scan Job - -The Redshift_SensitiveDataScan Job uses the SQL Data Collector for queries. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataquery.webp) - -The query is: - -- Redshift Sensitive Data Scan — Provides information on all the sensitive data that was discovered - in the targeted Redshift servers based on the selected scan criteria. - -## Recommended Configuration for the SensitiveDataScan Query - -The Redshift_SensitiveDataScan Job is preconfigured to run using the default settings for the -Sensitive Data Collection category. It is necessary only to set up the connection for the Redshift- -SensitiveDataScan Job. Once the connection is established, it applies to any other 0.Collection job -query. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Redshift** > -**Redshift_SensitiveDataScan** > **Configure** node and select Queries. - -**Step 2 –** In the Query Selection view, select the Redshift Sensitive Data Scan query click on -Query Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens -with Sensitive Data Collection category selected. - -![Category Page](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp) - -**Step 4 –** Click **Next**. The Sensitive Data Scan Settings view appears. - -![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp) - -**Step 5 –** To modify sensitive data scan options, select the desired scan options. See the -[SQL: Options](/docs/accessanalyzer/12.0/data-collection/sql/options.md) page for additional information. - -**NOTE:** The Sensitive Data Scan Settings are preconfigured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -**Step 6 –** Click **Next**. The Select Criteria view appears. - -![Select DLP Criteria for Scan](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp) - -**Step 7 –** To modify criteria, click on **Use the following selected criteria:** and select your -choices. By default, the Sensitive Data Scan job is set to **Use Global Criteria**. Also by default, -the following System Criteria have been selected: - -- Credit Cards -- Tax Forms -- US SSN -- User ID -- Password - -**NOTE:** For more information on adding or deleting criteria, navigate to the -[SQL: Criteria](/docs/accessanalyzer/12.0/data-collection/sql/criteria.md) page or See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) -topic for additional information. - -**Step 8 –** Click **Next**. The Filters view appears. - -![Filters Page](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp) - -**Step 9 –** Click **Connections** to open the Manage Connections window. - -**NOTE:** SQL databases must be added to the query before they can be scanned. Before you can add a -query, you must establish a connection to the database. - -![Manage Connections](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp) - -**Step 10 –** In the Manage Connections window, click **Create New Connection** and add the -following information: - -- Instance Label — The name of the instance -- Database System — Unique identifier for the database. Select the server to connect to from the - dropdown list. -- Service Name — Unique identifier for the service. Enter a Service Name. -- Host — Name or IP address of the host where the database is located -- Port Number — Port number for the selected database -- Default Database — Default Database - -**Step 11 –** Exit the Manage Connections window to return to the Filter page. - -**Step 12 –** Select Only select database objects. or **All database objects**. The query is -configured by default to target Only select database objects. - -**NOTE:** For more information on filtering, see the -[SQL: Filter](/docs/accessanalyzer/12.0/data-collection/sql/filter.md) page. - -**Step 13 –** Click Retrieve. The Available database objects box will populate. - -**Step 14 –** Add the Databases and instances to be audited. Databases and instances can be added in -the following ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Optionally use the Add Custom Filter button to create and apply a custom filter. - -The selected database objects to be audited display. - -**Step 15 –** Click **Next** and navigate to the Summary page, click Finish to save any setting -modifications or click Cancel if no changes were made. Then click OK to close the Query Properties -window. - -The 1-Db2_SensitsveDataScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the Redshift_SensitiveDataScan - -Navigate to the \_**\_Databases > 0.Collection >**Redshift >\_\_ **Redshift_SensitiveDataScan** > -**Configure** node and select **Analysis** to view the Analysis Tasks. The Analysis tasks do not -require any configuration as they just populate the reports with the collected information and do -not collect data themselves. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp) - -The default analysis tasks are: - -- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table -- Redshift SDD Matches View — Brings the Redshift SDD Matches View to the Access Analyzer console -- Redshift SDD Matches Hits View — Brings the SA_SQL Match Hits View to the Access Analyzer console -- Redshift ADD AIC Import —Imports Redshift SDD into the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-tableprivileges.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-tableprivileges.md deleted file mode 100644 index 429ea6319f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-tableprivileges.md +++ /dev/null @@ -1,31 +0,0 @@ -# Redshift_TablePrivileges Job - -The Redshift_TablePrivileges job is designed to collect Redshift table privileges from all the -targeted servers. - -## Queries for the Redshift_TablePrivileges Job - -The Redshift_TablePrivileges Job uses the SQL Data Collector for queries. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesquery.webp) - -The query is: - -- Table Privileges - Returns table privileges from all the targeted servers. - -## Analysis Task for the Redshift_TablePrivileges Job - -Navigate to the **Databases** > **0.Collection** > **Redshift** > **Redshift_TablePrivileges** > -**Configure** node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesanalysis.webp) - -The default analysis task is: - -- AIC Import - Redshift Permissions – Imports Redshift table privileges to the AIC. -- AIC Import - Databases – Imports Redshift database and schema nodes to the AIC. diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_configuration.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_configuration.md new file mode 100644 index 0000000000..c84dd65285 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_configuration.md @@ -0,0 +1,15 @@ +# Redshift_Configuration Job + +The Redshift_Configuration job returns additional configuration settings from Redshift servers. + +## Queries for the Redshift_Configuration Job + +The Redshift_Configuration Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![0](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/0.collectionconfiguration.webp) + +The query is: + +- Redshift Database Sizing — Provides details about Redshift databases and overall database size diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_sensitivedatascan.md new file mode 100644 index 0000000000..e7aab88741 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_sensitivedatascan.md @@ -0,0 +1,128 @@ +# Redshift_SensitiveDataScan Job + +This job discovers sensitive data in PostgreSQL databases on pre-defined or user-defined criteria. + +## Queries for the Redshift_SensitiveData Scan Job + +The Redshift_SensitiveDataScan Job uses the SQL Data Collector for queries. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedataquery.webp) + +The query is: + +- Redshift Sensitive Data Scan — Provides information on all the sensitive data that was discovered + in the targeted Redshift servers based on the selected scan criteria. + +## Recommended Configuration for the SensitiveDataScan Query + +The Redshift_SensitiveDataScan Job is preconfigured to run using the default settings for the +Sensitive Data Collection category. It is necessary only to set up the connection for the Redshift- +SensitiveDataScan Job. Once the connection is established, it applies to any other 0.Collection job +query. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > **0.Collection** > **Redshift** > +**Redshift_SensitiveDataScan** > **Configure** node and select Queries. + +**Step 2 –** In the Query Selection view, select the Redshift Sensitive Data Scan query click on +Query Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens +with Sensitive Data Collection category selected. + +![Category Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp) + +**Step 4 –** Click **Next**. The Sensitive Data Scan Settings view appears. + +![Sensitive Data Scan Settings](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp) + +**Step 5 –** To modify sensitive data scan options, select the desired scan options. See the +[SQL: Options](/docs/accessanalyzer/12.0/admin/datacollector/sql/options.md) page for additional information. + +**NOTE:** The Sensitive Data Scan Settings are preconfigured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +**Step 6 –** Click **Next**. The Select Criteria view appears. + +![Select DLP Criteria for Scan](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp) + +**Step 7 –** To modify criteria, click on **Use the following selected criteria:** and select your +choices. By default, the Sensitive Data Scan job is set to **Use Global Criteria**. Also by default, +the following System Criteria have been selected: + +- Credit Cards +- Tax Forms +- US SSN +- User ID +- Password + +**NOTE:** For more information on adding or deleting criteria, navigate to the +[SQL: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.md) page or See the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) +topic for additional information. + +**Step 8 –** Click **Next**. The Filters view appears. + +![Filters Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp) + +**Step 9 –** Click **Connections** to open the Manage Connections window. + +**NOTE:** SQL databases must be added to the query before they can be scanned. Before you can add a +query, you must establish a connection to the database. + +![Manage Connections](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp) + +**Step 10 –** In the Manage Connections window, click **Create New Connection** and add the +following information: + +- Instance Label — The name of the instance +- Database System — Unique identifier for the database. Select the server to connect to from the + dropdown list. +- Service Name — Unique identifier for the service. Enter a Service Name. +- Host — Name or IP address of the host where the database is located +- Port Number — Port number for the selected database +- Default Database — Default Database + +**Step 11 –** Exit the Manage Connections window to return to the Filter page. + +**Step 12 –** Select Only select database objects. or **All database objects**. The query is +configured by default to target Only select database objects. + +**NOTE:** For more information on filtering, see the +[SQL: Filter](/docs/accessanalyzer/12.0/admin/datacollector/sql/filter.md) page. + +**Step 13 –** Click Retrieve. The Available database objects box will populate. + +**Step 14 –** Add the Databases and instances to be audited. Databases and instances can be added in +the following ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Optionally use the Add Custom Filter button to create and apply a custom filter. + +The selected database objects to be audited display. + +**Step 15 –** Click **Next** and navigate to the Summary page, click Finish to save any setting +modifications or click Cancel if no changes were made. Then click OK to close the Query Properties +window. + +The 1-Db2_SensitsveDataScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the Redshift_SensitiveDataScan + +Navigate to the \_**\_Databases > 0.Collection >**Redshift >\_\_ **Redshift_SensitiveDataScan** > +**Configure** node and select **Analysis** to view the Analysis Tasks. The Analysis tasks do not +require any configuration as they just populate the reports with the collected information and do +not collect data themselves. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp) + +The default analysis tasks are: + +- Bring SA_SQL_Instances to View — Displays the SA_SQL_Instances table +- Redshift SDD Matches View — Brings the Redshift SDD Matches View to the Access Analyzer console +- Redshift SDD Matches Hits View — Brings the SA_SQL Match Hits View to the Access Analyzer console +- Redshift ADD AIC Import —Imports Redshift SDD into the AIC diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_tableprivileges.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_tableprivileges.md new file mode 100644 index 0000000000..a72f4106d6 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_tableprivileges.md @@ -0,0 +1,31 @@ +# Redshift_TablePrivileges Job + +The Redshift_TablePrivileges job is designed to collect Redshift table privileges from all the +targeted servers. + +## Queries for the Redshift_TablePrivileges Job + +The Redshift_TablePrivileges Job uses the SQL Data Collector for queries. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/tableprivilegesquery.webp) + +The query is: + +- Table Privileges - Returns table privileges from all the targeted servers. + +## Analysis Task for the Redshift_TablePrivileges Job + +Navigate to the **Databases** > **0.Collection** > **Redshift** > **Redshift_TablePrivileges** > +**Configure** node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/tableprivilegesanalysis.webp) + +The default analysis task is: + +- AIC Import - Redshift Permissions – Imports Redshift table privileges to the AIC. +- AIC Import - Databases – Imports Redshift database and schema nodes to the AIC. diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/overview.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/overview.md index 84bfc2368b..79fb76b4ad 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/redshift/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/redshift/overview.md @@ -15,7 +15,7 @@ Supported Platforms Requirements, Permissions, and Ports See the -[Target Redshift Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-redshift.md) +[Target Redshift Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databaseredshift.md) topic for additional information. Sensitive Data Discovery Considerations @@ -50,7 +50,7 @@ sensitive data. The Access Analyzer Redshift  Solution Set is a set of preconfigured audit jobs and reports that provides visibility into Redshift Sensitive Data. -![redshiftjobgrpoverview](/img/product_docs/accessanalyzer/solutions/databases/redshift/redshiftjobgrpoverview.webp) +![redshiftjobgrpoverview](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/redshiftjobgrpoverview.webp) The following job groups comprise the Redshift Job Group: @@ -59,17 +59,17 @@ The following job groups comprise the Redshift Job Group: further analysis and producing respective report. This Job Group is comprised of the following jobs(s) - - [Redshift_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-configuration.md) - - [Redshift_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-sensitivedatascan.md) - - [Redshift_TablePrivileges Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift-tableprivileges.md) + - [Redshift_Configuration Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_configuration.md) + - [Redshift_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_sensitivedatascan.md) + - [Redshift_TablePrivileges Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/collection/redshift_tableprivileges.md) -- [Configuration > Redshift_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/redshift-databasesizing.md) — Provides insight into +- [Configuration > Redshift_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/redshift_databasesizing.md) — Provides insight into details about the Redshift environment and potential vulnerabilities relating to instance configuration settings. -- [Sensitive Data Job Group](/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/overview.md) — Provides insight into where sensitive +- [Sensitive Data Job Group](/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/overview.md) — Provides insight into where sensitive data exists and who has access to it across all the targeted Redshift databases.This Job Group is comprised of the following job(s): - - [Redshift_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/redshift-sensitivedata.md) - - [Redshift_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/redshift-sensitivedatapermissions.md) + - [Redshift_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/redshift_sensitivedata.md) + - [Redshift_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/redshift_sensitivedatapermissions.md) diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/recommended.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/recommended.md index 1d16ad4873..89b52fbd06 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/redshift/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/databases/redshift/recommended.md @@ -23,7 +23,7 @@ The SQL Data Collector requires a specific set of permissions. See the Permissio necessary permissions. The account used can be either an Active Directory account or a SQL account. Once the account has been provisioned, create a custom Connection Profile containing the credentials for the targeted environment. See the -[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/12.0/data-collection/sql/configure-job.md) +[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/12.0/admin/datacollector/sql/configurejob.md) topic for additional information. The Connection Profile should be assigned under the **Redshift** > **0.Collection** > **Settings** > @@ -32,7 +32,7 @@ level. However, since this may not be the Connection Profile with the necessary assigned hosts, click the radio button for the **Select one of the following user defined profiles** option and select the appropriate Connection Profile drop-down menu. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/redshift-databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/redshift-databasesizing.md deleted file mode 100644 index 1bbda643c2..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/redshift/redshift-databasesizing.md +++ /dev/null @@ -1,34 +0,0 @@ -# Configuration > Redshift_DatabaseSizing Job - -This group provides insight into details about the Redshift environment and potential -vulnerabilities related to instance configuration settings. - -![configurationjobgroup](/img/product_docs/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp) - -The job(s) in the Configuration Job Group are: - -- Redshift_DatabaseSizing Job — Provides details about Redshift databases and overall database size. - -### Analysis Tasks for the Redshift_DatabaseSizing Job - -Navigate to the **Jobs** > **Databases**> **Redshift** > **Configuration** > -**Redshift_DatabaseSizing** > **Configure** node and select **Analysis** to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![analysisredshiftconfigurationjob](/img/product_docs/accessanalyzer/solutions/databases/redshift/analysisredshiftconfigurationjob.webp) - -The default analysis tasks are: - -- Database Sizing Details — Provides details about Redshift databases and sizing -- Database Sizing Summary — Summarizes Redshift database sizing by host - -## Report for the Redshift_Database Sizing Job - -In addition to the tables and views created the analysis task, the Redshift_DatabaseSizing Job -produces the following preconfigured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------- | --------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report highlights the size of databases in Redshift. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays sizes by host (GB) - Table – Provides database details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/redshift_databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/redshift_databasesizing.md new file mode 100644 index 0000000000..2aa111fd3a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/redshift/redshift_databasesizing.md @@ -0,0 +1,34 @@ +# Configuration > Redshift_DatabaseSizing Job + +This group provides insight into details about the Redshift environment and potential +vulnerabilities related to instance configuration settings. + +![configurationjobgroup](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/configurationjobgroup.webp) + +The job(s) in the Configuration Job Group are: + +- Redshift_DatabaseSizing Job — Provides details about Redshift databases and overall database size. + +### Analysis Tasks for the Redshift_DatabaseSizing Job + +Navigate to the **Jobs** > **Databases**> **Redshift** > **Configuration** > +**Redshift_DatabaseSizing** > **Configure** node and select **Analysis** to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![analysisredshiftconfigurationjob](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/analysisredshiftconfigurationjob.webp) + +The default analysis tasks are: + +- Database Sizing Details — Provides details about Redshift databases and sizing +- Database Sizing Summary — Summarizes Redshift database sizing by host + +## Report for the Redshift_Database Sizing Job + +In addition to the tables and views created the analysis task, the Redshift_DatabaseSizing Job +produces the following preconfigured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------- | --------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report highlights the size of databases in Redshift. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by size (MB) - Bar Chart – Displays sizes by host (GB) - Table – Provides database details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/overview.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/overview.md deleted file mode 100644 index c834a9acef..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/overview.md +++ /dev/null @@ -1,14 +0,0 @@ -# Sensitive Data Job Group - -This job provides insight into where sensitive data exists and who has access to it across all the -targeted Redshift databases. - -![sensitivedatajobgroup](/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp) - -The job(s) in the Sensitive Data Job Group are: - -- [Redshift_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/redshift-sensitivedata.md) - Provides information on all the data - that was discovered in the targeted Redshift database servers based on the selected scan criteria -- [Redshift_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/redshift-sensitivedatapermissions.md) - Designed to - provide information on all types of permissions on database objects containing sensitive data - across all the targeted PostgreSQL servers based on the selected scan criteria. diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/redshift-sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/redshift-sensitivedata.md deleted file mode 100644 index ab7dec8fa2..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/redshift-sensitivedata.md +++ /dev/null @@ -1,30 +0,0 @@ -# Redshift_SensitiveData Job - -This job provides information on all the sensitive data discovered in the targeted Redshift servers -based on the selected scan criteria. - -## Analysis Tasks for the Redshift_SensitiveData Job - -Navigate to the **Jobs** > **Databases** > **Redshift** >  **Sensitive Data** > -**Redshift_SensitiveData** > **Configure** node and select **Analysis** to view the Analysis Tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp) - -The default analysis tasks are: - -- Sensitive Data Details — Returns details around sensitive data in Redshift -- Database Summary — Summarizes Redshift sensitive data by database -- Enterprise Summary — Summarizes Redshift  sensitive data for the organization - -## Reports for the for the Redshift_SensitiveData Job - -In addition to the tables and views created the analysis task, the Redshift_SensitiveData Job -produces the following preconfigured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Bar Chart - Displays exceptions by Match Count - Table - Displays Exception Details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases with Sensitive Data - Table - Provides Sensitive Data Details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/redshift-sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/redshift-sensitivedatapermissions.md deleted file mode 100644 index 2d0314dcb8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive-data/redshift-sensitivedatapermissions.md +++ /dev/null @@ -1,30 +0,0 @@ -# Redshift_SensitiveDataPermissions Job - -The Redshift_SensitiveDataPermissions Job is designed to provide information on all types of -permissions on database objects containing sensitive data across all the targeted Redshift servers -based on the selected scan criteria. - -## Analysis Tasks for the Redshift_SensitiveData Job - -Navigate to the **Jobs > Databases > Redshift > Sensitive -Data > Redshift_SensitiveDataPermissions > Configure** node and select Analysis to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp) - -The default analysis tasks are: - -- Sensitive Data Permission Details – Creates the Redshift_SensitiveDataPermissions_Details table - accessible under the job’s Results node -- Sensitive Data Permissions Database Summary – Creates the - Redshift_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the -Redshift_SensitiveDataPermissions Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/overview.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/overview.md new file mode 100644 index 0000000000..7d5783c2f7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/overview.md @@ -0,0 +1,14 @@ +# Sensitive Data Job Group + +This job provides insight into where sensitive data exists and who has access to it across all the +targeted Redshift databases. + +![sensitivedatajobgroup](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/sensitivedatajobgroup.webp) + +The job(s) in the Sensitive Data Job Group are: + +- [Redshift_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/redshift_sensitivedata.md) - Provides information on all the data + that was discovered in the targeted Redshift database servers based on the selected scan criteria +- [Redshift_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/redshift_sensitivedatapermissions.md) - Designed to + provide information on all types of permissions on database objects containing sensitive data + across all the targeted PostgreSQL servers based on the selected scan criteria. diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/redshift_sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/redshift_sensitivedata.md new file mode 100644 index 0000000000..1065a177f5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/redshift_sensitivedata.md @@ -0,0 +1,30 @@ +# Redshift_SensitiveData Job + +This job provides information on all the sensitive data discovered in the targeted Redshift servers +based on the selected scan criteria. + +## Analysis Tasks for the Redshift_SensitiveData Job + +Navigate to the **Jobs** > **Databases** > **Redshift** >  **Sensitive Data** > +**Redshift_SensitiveData** > **Configure** node and select **Analysis** to view the Analysis Tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp) + +The default analysis tasks are: + +- Sensitive Data Details — Returns details around sensitive data in Redshift +- Database Summary — Summarizes Redshift sensitive data by database +- Enterprise Summary — Summarizes Redshift  sensitive data for the organization + +## Reports for the for the Redshift_SensitiveData Job + +In addition to the tables and views created the analysis task, the Redshift_SensitiveData Job +produces the following preconfigured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Bar Chart - Displays exceptions by Match Count - Table - Displays Exception Details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | Sensitive Data | This report is comprised of three elements: - Bar Chart - Displays top databases by Sensitive Data Hits - Table - Provides details on top databases with Sensitive Data - Table - Provides Sensitive Data Details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/redshift_sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/redshift_sensitivedatapermissions.md new file mode 100644 index 0000000000..6c43270030 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/redshift_sensitivedatapermissions.md @@ -0,0 +1,30 @@ +# Redshift_SensitiveDataPermissions Job + +The Redshift_SensitiveDataPermissions Job is designed to provide information on all types of +permissions on database objects containing sensitive data across all the targeted Redshift servers +based on the selected scan criteria. + +## Analysis Tasks for the Redshift_SensitiveData Job + +Navigate to the **Jobs > Databases > Redshift > Sensitive +Data > Redshift_SensitiveDataPermissions > Configure** node and select Analysis to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp) + +The default analysis tasks are: + +- Sensitive Data Permission Details – Creates the Redshift_SensitiveDataPermissions_Details table + accessible under the job’s Results node +- Sensitive Data Permissions Database Summary – Creates the + Redshift_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the +Redshift_SensitiveDataPermissions Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/overview.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/overview.md index 2839d02a91..01bccd0982 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/overview.md @@ -4,22 +4,22 @@ The jobs in the 2. Activity Job Group provides insight into user login activity, changes, unusual database activity, SQL and Azure SQL activities against sensitive data, and SQL and Azure SQL activities against selected or all database objects. -![2.Activity Job Group](/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup30.webp) +![2.Activity Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup30.webp) The jobs in the 2.Activity Job Group are: -- [SQL_Activity Job](/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-activity.md) – This job is designed to provide insight into user activity +- [SQL_Activity Job](/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_activity.md) – This job is designed to provide insight into user activity in target SQL and Azure SQL server instances and databases in each instance based on the SQL Server Audit Specification settings -- [SQL_Logons Job](/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-logons.md) – This job is designed to provide insight into failed or +- [SQL_Logons Job](/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_logons.md) – This job is designed to provide insight into failed or successful SQL and Azure SQL server logon activity across all the targeted SQL and Azure SQL Servers -- [SQL_PermissionChanges Job](/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-permissionchanges.md) – This job is designed to provide detailed +- [SQL_PermissionChanges Job](/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_permissionchanges.md) – This job is designed to provide detailed information about the changes in permissions across all the database objects, specifically objects containing sensitive data -- [SQL_SensitiveDataActivity Job](/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-sensitivedataactivity.md) – This job is designed to provide +- [SQL_SensitiveDataActivity Job](/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_sensitivedataactivity.md) – This job is designed to provide detailed information about all the DML (UPDATE, INSERT, DELETE, TRUNCATE) against objects containing selective data -- [SQL_UnusualActivity Job](/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-unusualactivity.md) – This job group is designed to highlight any +- [SQL_UnusualActivity Job](/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_unusualactivity.md) – This job group is designed to highlight any anomalies related to outlying user activity by database across all the targeted SQL and Azure SQL server instances. diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-activity.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-activity.md deleted file mode 100644 index ca10edbfce..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-activity.md +++ /dev/null @@ -1,30 +0,0 @@ -# SQL_Activity Job - -The SQL_Activity Job provides insight into user activity in target SQL server instances and -databases based on SQL Server Audit Specification settings. - -## Analysis Tasks for the SQL_Activity Job - -Navigate to the **Databases** > SQL > 2.Activity > SQL_Activity > Configure node and select Analysis -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup31.webp) - -The default analysis tasks are: - -- List SQL User Activity Details – Creates the SA_SQLServer_Activity_Details table accessible under - the job’s Results node -- User Activity Database Summary – Creates the SA_SQLServer_Activity_UserDatabaseSummary table - accessible under the job’s Results node -- User Activity Instance Summary – Creates the SA_SQLServer_Activity_UserInstanceSummary table - accessible under the job’s Results node - -In addition to the tables and views created the analysis task, the SQL_Activity Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| User Activity Summary | This report lists all SQL events, and summarizes them by database and instance. | None | This report is comprised of three elements: - Bar Chart – Displays users with most events by instance - Table – Provides details on users with most events by database - Table – Provides details on event details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-logons.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-logons.md deleted file mode 100644 index daf31b49f9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-logons.md +++ /dev/null @@ -1,27 +0,0 @@ -# SQL_Logons Job - -The SQL_Logons Job provides insight into failed and successful SQL and Azure SQL server logon -activity across all targeted SQL and Azure SQL servers. - -## Analysis Tasks for the SQL_Logons Job - -Navigate to the **Databases** > SQL > 2.Activity > SQL_Logons > Configure node and select Analysis -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup32.webp) - -The default analysis tasks are: - -- Logon Details – Creates the SA_SQLServer_Logons_Details table accessible under the job’s Results - node -- Logons Summary – Creates the SA_SQL_Logons_Summary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_Logons Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Server Logon Details | This report outlines successful and failed logins over the last 30 days | None | This report is comprised of three elements: - Stacked Bar Chart – Displays logon summary - Table – Provides details on logon summary - Table – Provides details on logon details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-permissionchanges.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-permissionchanges.md deleted file mode 100644 index 0afa72bb01..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-permissionchanges.md +++ /dev/null @@ -1,29 +0,0 @@ -# SQL_PermissionChanges Job - -The SQL_PermissionChanges Job provides detailed information on permission changes for all database -objects, specifically objects containing sensitive data. - -## Analysis Tasks for the SQL_PermissionChanges Job - -Navigate to the **Databases** > SQL > 2.Activity > SQL_PermissionChanges > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup33.webp) - -The default analysis tasks are: - -- SQLServer Permission Changes – Creates the SA_SQLServer_PermissionChanges_Details table accessible - under the job’s Results node -- Permission Changes Instance Summary – Creates the SA_SQLServer_PermissionChanges_InstanceSummary - table accessible under the job’s Results node. This analysis task summarizes permission change - activity per instance. - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | -------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Permission Change Activity | This report lists all permission change related SQL events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission change activity - Table – Provides details on instances by permission change activity - Table – Provides details on event details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-sensitivedataactivity.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-sensitivedataactivity.md deleted file mode 100644 index 77fde1f602..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-sensitivedataactivity.md +++ /dev/null @@ -1,28 +0,0 @@ -# SQL_SensitiveDataActivity Job - -The SQL_SensitiveDataActivity Job provides detailed information on DML (UPDATE, INSERT, DELETE, -TRUNCATE) used against objects containing sensitive data. - -## Analysis Tasks for the SQL_SensitiveDataActivity Job - -Navigate to the **Databases** > SQL > 2.Activity > SQL_SensitiveDataActivity > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup34.webp) - -The default analysis tasks are: - -- SDD Activity Details – Creates the SA_SQLServer_SensitiveDataActivity_Details table accessible - under the job’s Results node -- SDD Activity Instance Summary – Creates the SA_SQLServer_SensitiveDataActivity_UserSummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | --------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Activity | This report highlights events in databases containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance - Table – Provides details on user activity by instance - Table – Provides details on sensitive data activity details by database | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-unusualactivity.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-unusualactivity.md deleted file mode 100644 index 11d1112cbe..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql-unusualactivity.md +++ /dev/null @@ -1,28 +0,0 @@ -# SQL_UnusualActivity Job - -The SQL_UnusualActivity Job identifies anomalies related to outlier user activity by database for -all targeted SQL and Azure SQL server instances. - -## Analysis Tasks for the SQL_UnusualActivity Job - -Navigate to the **Databases** > SQL > 2.Activity > SQL_UnusualActivity > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup35.webp) - -The default analysis tasks are: - -- Hourly User Activity Outlier Analysis – Creates the SA_SQLServer_UnusualHourlyUserActivity table - accessible under the job’s Results node -- Hourly Unusual Activity Summary – Creates the SA_SQLServer_UnusualActivitySummary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | ---------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Unusual Hourly Activity Report | This report lists abnormal user activity | None | This report is comprised of three elements: - Bar Chart – Displays abnormal user activity - Table – Provides details on number of outliers per instance - Table – Provides details on unusual hourly user activity | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_activity.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_activity.md new file mode 100644 index 0000000000..bbd043c07e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_activity.md @@ -0,0 +1,30 @@ +# SQL_Activity Job + +The SQL_Activity Job provides insight into user activity in target SQL server instances and +databases based on SQL Server Audit Specification settings. + +## Analysis Tasks for the SQL_Activity Job + +Navigate to the **Databases** > SQL > 2.Activity > SQL_Activity > Configure node and select Analysis +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup31.webp) + +The default analysis tasks are: + +- List SQL User Activity Details – Creates the SA_SQLServer_Activity_Details table accessible under + the job’s Results node +- User Activity Database Summary – Creates the SA_SQLServer_Activity_UserDatabaseSummary table + accessible under the job’s Results node +- User Activity Instance Summary – Creates the SA_SQLServer_Activity_UserInstanceSummary table + accessible under the job’s Results node + +In addition to the tables and views created the analysis task, the SQL_Activity Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| User Activity Summary | This report lists all SQL events, and summarizes them by database and instance. | None | This report is comprised of three elements: - Bar Chart – Displays users with most events by instance - Table – Provides details on users with most events by database - Table – Provides details on event details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_logons.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_logons.md new file mode 100644 index 0000000000..b51fd9d00f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_logons.md @@ -0,0 +1,27 @@ +# SQL_Logons Job + +The SQL_Logons Job provides insight into failed and successful SQL and Azure SQL server logon +activity across all targeted SQL and Azure SQL servers. + +## Analysis Tasks for the SQL_Logons Job + +Navigate to the **Databases** > SQL > 2.Activity > SQL_Logons > Configure node and select Analysis +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup32.webp) + +The default analysis tasks are: + +- Logon Details – Creates the SA_SQLServer_Logons_Details table accessible under the job’s Results + node +- Logons Summary – Creates the SA_SQL_Logons_Summary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_Logons Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Server Logon Details | This report outlines successful and failed logins over the last 30 days | None | This report is comprised of three elements: - Stacked Bar Chart – Displays logon summary - Table – Provides details on logon summary - Table – Provides details on logon details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_permissionchanges.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_permissionchanges.md new file mode 100644 index 0000000000..851dd45b1c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_permissionchanges.md @@ -0,0 +1,29 @@ +# SQL_PermissionChanges Job + +The SQL_PermissionChanges Job provides detailed information on permission changes for all database +objects, specifically objects containing sensitive data. + +## Analysis Tasks for the SQL_PermissionChanges Job + +Navigate to the **Databases** > SQL > 2.Activity > SQL_PermissionChanges > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup33.webp) + +The default analysis tasks are: + +- SQLServer Permission Changes – Creates the SA_SQLServer_PermissionChanges_Details table accessible + under the job’s Results node +- Permission Changes Instance Summary – Creates the SA_SQLServer_PermissionChanges_InstanceSummary + table accessible under the job’s Results node. This analysis task summarizes permission change + activity per instance. + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | -------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Permission Change Activity | This report lists all permission change related SQL events, and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by permission change activity - Table – Provides details on instances by permission change activity - Table – Provides details on event details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_sensitivedataactivity.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_sensitivedataactivity.md new file mode 100644 index 0000000000..32d1b1e145 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_sensitivedataactivity.md @@ -0,0 +1,28 @@ +# SQL_SensitiveDataActivity Job + +The SQL_SensitiveDataActivity Job provides detailed information on DML (UPDATE, INSERT, DELETE, +TRUNCATE) used against objects containing sensitive data. + +## Analysis Tasks for the SQL_SensitiveDataActivity Job + +Navigate to the **Databases** > SQL > 2.Activity > SQL_SensitiveDataActivity > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup34.webp) + +The default analysis tasks are: + +- SDD Activity Details – Creates the SA_SQLServer_SensitiveDataActivity_Details table accessible + under the job’s Results node +- SDD Activity Instance Summary – Creates the SA_SQLServer_SensitiveDataActivity_UserSummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | --------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Activity | This report highlights events in databases containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance - Table – Provides details on user activity by instance - Table – Provides details on sensitive data activity details by database | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_unusualactivity.md b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_unusualactivity.md new file mode 100644 index 0000000000..5c091fad3f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/activity/sql_unusualactivity.md @@ -0,0 +1,28 @@ +# SQL_UnusualActivity Job + +The SQL_UnusualActivity Job identifies anomalies related to outlier user activity by database for +all targeted SQL and Azure SQL server instances. + +## Analysis Tasks for the SQL_UnusualActivity Job + +Navigate to the **Databases** > SQL > 2.Activity > SQL_UnusualActivity > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup35.webp) + +The default analysis tasks are: + +- Hourly User Activity Outlier Analysis – Creates the SA_SQLServer_UnusualHourlyUserActivity table + accessible under the job’s Results node +- Hourly Unusual Activity Summary – Creates the SA_SQLServer_UnusualActivitySummary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | ---------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Unusual Hourly Activity Report | This report lists abnormal user activity | None | This report is comprised of three elements: - Bar Chart – Displays abnormal user activity - Table – Provides details on number of outliers per instance - Table – Provides details on unusual hourly user activity | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql-instancediscovery.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql-instancediscovery.md deleted file mode 100644 index 38d7d8f2b8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql-instancediscovery.md +++ /dev/null @@ -1,27 +0,0 @@ -# 0-SQL_InstanceDiscovery Job - -The 0-SQL_InstanceDiscovery job enumerates and stores the list of SQL Server Instances running on -the targeted servers. - -## Queries for the 0-SQL_InstanceDiscovery Job - -The 0-SQL_InstanceDiscovery job uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/instancedisc_query.webp) - -- SQL Server Instance Discovery — Collects the list of SQL Server Instances from target endpoints - and populates the necessary instance connection information - -## Analysis Tasks for the 0-SQL_InstanceDiscovery Job - -Navigate to the **Databases** > **0.Collection** > **SQL** > **0-SQL_InstanceDiscovery** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/instancedisc_analysis.webp) - -The default analysis tasks is: - -- SQL Instances — Brings SA_SQL_Instances table to view diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql_instancediscovery.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql_instancediscovery.md new file mode 100644 index 0000000000..46e1135829 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql_instancediscovery.md @@ -0,0 +1,27 @@ +# 0-SQL_InstanceDiscovery Job + +The 0-SQL_InstanceDiscovery job enumerates and stores the list of SQL Server Instances running on +the targeted servers. + +## Queries for the 0-SQL_InstanceDiscovery Job + +The 0-SQL_InstanceDiscovery job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/instancedisc_query.webp) + +- SQL Server Instance Discovery — Collects the list of SQL Server Instances from target endpoints + and populates the necessary instance connection information + +## Analysis Tasks for the 0-SQL_InstanceDiscovery Job + +Navigate to the **Databases** > **0.Collection** > **SQL** > **0-SQL_InstanceDiscovery** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/instancedisc_analysis.webp) + +The default analysis tasks is: + +- SQL Instances — Brings SA_SQL_Instances table to view diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/1-sql-permissionsscan.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/1-sql-permissionsscan.md deleted file mode 100644 index 3ad6bc7d6b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/1-sql-permissionsscan.md +++ /dev/null @@ -1,72 +0,0 @@ -# 1-SQL_PermissionsScan - -The 1-SQL_PermissionsScan Job collects SQL server instance and database level permissions from -targeted servers. - -## Queries for the 1-SQL_PermissionsScan Job - -The 1-SQL_PermissionsScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup6.webp) - -- PermissionsScan – Collects permissions from targeted instances - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the PermissionsScan Query](#configure-the-permissionsscan-query) topic for - additional information. - -### Configure the PermissionsScan Query - -The 1-SQL_PermissionScan Job is preconfigured to run using the default settings within the -Permissions Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 1-SQL_PermissionsScan > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, select the PermissionsScan query and click on Query -Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this -job. - -![Filters](/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp) - -**Step 4 –** To query for specific databases/instances, navigate to the -[SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) page. The default query target -is All databases. The default query scope is Only select database objects and click Retrieve. The -Available database objects will be populated. Databases and instances can be added in the following -ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Optionally, use the Add Custom Filter button to create and apply a custom filter. - -**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 1-SQL_PermissionsScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 1-SQL_PermissionScan Job - -Navigate to the **Databases** > 0.Collection > SQL > 1-SQL_PermissionsScan > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup8.webp) - -The default analysis tasks are: - -- Remove Old AIC Resources — Removes AIC resources using the old path that did not include the - schema -- AIC Import – Hosts — Imports SQL hosts to the AIC -- AIC Import – Instance Permissions Node — Imports a node for instance permissions for each instance -- AIC Import – Databases — Imports each database in the SQL instances -- AIC Import – Permissions — Imports SQL Permissions to the AIC -- AIC Import – Roles — Imports a Roles node into the AIC for SQL Server Roles -- AIC Import – Database Role Permissions — Imports role permissions at the database level -- AIC Import – Local SQL Groups — Imports SQL local groups to the AIC -- AIC Import – Instance Role Permissions — Imports permissions assigned to roles at the instance - level diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/1-sql_permissionsscan.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/1-sql_permissionsscan.md new file mode 100644 index 0000000000..092dd37562 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/1-sql_permissionsscan.md @@ -0,0 +1,72 @@ +# 1-SQL_PermissionsScan + +The 1-SQL_PermissionsScan Job collects SQL server instance and database level permissions from +targeted servers. + +## Queries for the 1-SQL_PermissionsScan Job + +The 1-SQL_PermissionsScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup6.webp) + +- PermissionsScan – Collects permissions from targeted instances + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the PermissionsScan Query](#configure-the-permissionsscan-query) topic for + additional information. + +### Configure the PermissionsScan Query + +The 1-SQL_PermissionScan Job is preconfigured to run using the default settings within the +Permissions Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 1-SQL_PermissionsScan > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, select the PermissionsScan query and click on Query +Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this +job. + +![Filters](/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp) + +**Step 4 –** To query for specific databases/instances, navigate to the +[SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) page. The default query target +is All databases. The default query scope is Only select database objects and click Retrieve. The +Available database objects will be populated. Databases and instances can be added in the following +ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Optionally, use the Add Custom Filter button to create and apply a custom filter. + +**Step 5 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 1-SQL_PermissionsScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 1-SQL_PermissionScan Job + +Navigate to the **Databases** > 0.Collection > SQL > 1-SQL_PermissionsScan > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup8.webp) + +The default analysis tasks are: + +- Remove Old AIC Resources — Removes AIC resources using the old path that did not include the + schema +- AIC Import – Hosts — Imports SQL hosts to the AIC +- AIC Import – Instance Permissions Node — Imports a node for instance permissions for each instance +- AIC Import – Databases — Imports each database in the SQL instances +- AIC Import – Permissions — Imports SQL Permissions to the AIC +- AIC Import – Roles — Imports a Roles node into the AIC for SQL Server Roles +- AIC Import – Database Role Permissions — Imports role permissions at the database level +- AIC Import – Local SQL Groups — Imports SQL local groups to the AIC +- AIC Import – Instance Role Permissions — Imports permissions assigned to roles at the instance + level diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/2-sql-sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/2-sql-sensitivedatascan.md deleted file mode 100644 index 36d6ce7604..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/2-sql-sensitivedatascan.md +++ /dev/null @@ -1,99 +0,0 @@ -# 2-SQL_SensitiveDataScan Job - -The 2-SQL_SensitiveDataScan Job discovers sensitive data in the database SQL server instances and -databases based on a pre-defined or user defined search criteria. - -Special Dependency - -- Sensitive Data Discovery Add-On installed on the Access Analyzer Console server - - See the [Installation & Configuration Overview](/docs/accessanalyzer/12.0/getting-started/installation/application/overview.md) - topic for installation information. - - See the [Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitive-data-discovery/overview.md) topic for - additional information. - -Though the job is visible within the console, it requires an additional installer package before -data collection occurs. - -## Queries for the 2-SQL_SensitiveDataScan Job - -The SensitiveDataScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup9.webp) - -- SensitiveDataScan – Collects Sensitive Data from targeting instances - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the SensitiveDataScan Query](#configure-the-sensitivedatascan-query) topic for - additional information. - -### Configure the SensitiveDataScan Query - -The 2-SQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive -Data Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 2-SQL_SensitiveDataScan > -Configure node and select Queries. - -**Step 2 –** In the Query Selection view, select the SensitiveDataScan query click on Query -Properties. The Query Properties window appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this -job. - -![2sqlsensitivedatascanoptionspage](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp) - -**Step 4 –** Select the desired scan options. Navigate to the -[SQL: Options](/docs/accessanalyzer/12.0/data-collection/sql/options.md) page for additional information. - -**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a -high-level table scan. Configuring these settings to increase the scope of the sensitive data scan -may significantly increase scan time. - -![Criteria Page](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp) - -**Step 5 –** To modify criteria, navigate to the -[SQL: Criteria](/docs/accessanalyzer/12.0/data-collection/sql/criteria.md) page. By default, the following -System Criteria have been selected: - -- Credit Cards -- Tax Forms -- US SSN -- User ID -- Password - - Add or remove criteria if needed. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) - topic for additional information. - -![Filter Page](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp) - -**Step 6 –** To query for specific database/instance, navigate to the -[SQL: Filter](/docs/accessanalyzer/12.0/data-collection/sql/filter.md) page. The query is configured by -default to target Only select database objects. Click Retrieve. The Available database objects box -will populate. Databases and instances can be added in the following ways: - -- Select the desired database objects and click Add. -- Use the Import CSV button to import a list from a CSV file, if desired. -- Optionally use the Add Custom Filter button to create and apply a custom filter. - -**Step 7 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 2-SQL_SensitsveDataScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 2-SQL_SensitiveDataScan Job - -Navigate to the **Databases** > 0.Collection > SQL > 2-SQL_SensitiveDataScan > Configure node and -select Analysis to view the analysis task. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup13.webp) - -The default analysis task is: - -- SQL Server SDD Matches View — Brings the SQL Server SDD Matches View to the SA console -- SQL Server SDD Match Hits View — Brings the SQL Server SDD Match Hits View to the SA console -- AIC Import — Creates the SA_AIC_SddMatchesImport diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/2-sql_sensitivedatascan.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/2-sql_sensitivedatascan.md new file mode 100644 index 0000000000..dd68dd1f01 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/2-sql_sensitivedatascan.md @@ -0,0 +1,99 @@ +# 2-SQL_SensitiveDataScan Job + +The 2-SQL_SensitiveDataScan Job discovers sensitive data in the database SQL server instances and +databases based on a pre-defined or user defined search criteria. + +Special Dependency + +- Sensitive Data Discovery Add-On installed on the Access Analyzer Console server + - See the [Installation & Configuration Overview](/docs/accessanalyzer/12.0/install/application/overview.md) + topic for installation information. + - See the [Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitivedatadiscovery/overview.md) topic for + additional information. + +Though the job is visible within the console, it requires an additional installer package before +data collection occurs. + +## Queries for the 2-SQL_SensitiveDataScan Job + +The SensitiveDataScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup9.webp) + +- SensitiveDataScan – Collects Sensitive Data from targeting instances + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the SensitiveDataScan Query](#configure-the-sensitivedatascan-query) topic for + additional information. + +### Configure the SensitiveDataScan Query + +The 2-SQL_SensitiveDataScan Job is preconfigured to run using the default settings for the Sensitive +Data Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 2-SQL_SensitiveDataScan > +Configure node and select Queries. + +**Step 2 –** In the Query Selection view, select the SensitiveDataScan query click on Query +Properties. The Query Properties window appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for this +job. + +![2sqlsensitivedatascanoptionspage](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp) + +**Step 4 –** Select the desired scan options. Navigate to the +[SQL: Options](/docs/accessanalyzer/12.0/admin/datacollector/sql/options.md) page for additional information. + +**NOTE:** The Sensitive Data Scan Settings are pre-configured for optimal performance for a +high-level table scan. Configuring these settings to increase the scope of the sensitive data scan +may significantly increase scan time. + +![Criteria Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp) + +**Step 5 –** To modify criteria, navigate to the +[SQL: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.md) page. By default, the following +System Criteria have been selected: + +- Credit Cards +- Tax Forms +- US SSN +- User ID +- Password + + Add or remove criteria if needed. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information. + +![Filter Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp) + +**Step 6 –** To query for specific database/instance, navigate to the +[SQL: Filter](/docs/accessanalyzer/12.0/admin/datacollector/sql/filter.md) page. The query is configured by +default to target Only select database objects. Click Retrieve. The Available database objects box +will populate. Databases and instances can be added in the following ways: + +- Select the desired database objects and click Add. +- Use the Import CSV button to import a list from a CSV file, if desired. +- Optionally use the Add Custom Filter button to create and apply a custom filter. + +**Step 7 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 2-SQL_SensitsveDataScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 2-SQL_SensitiveDataScan Job + +Navigate to the **Databases** > 0.Collection > SQL > 2-SQL_SensitiveDataScan > Configure node and +select Analysis to view the analysis task. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup13.webp) + +The default analysis task is: + +- SQL Server SDD Matches View — Brings the SQL Server SDD Matches View to the SA console +- SQL Server SDD Match Hits View — Brings the SQL Server SDD Match Hits View to the SA console +- AIC Import — Creates the SA_AIC_SddMatchesImport diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/3-sql-activityscan.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/3-sql-activityscan.md deleted file mode 100644 index 36c7b92e45..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/3-sql-activityscan.md +++ /dev/null @@ -1,82 +0,0 @@ -# 3-SQL_ActivityScan Job - -The 3-SQL_ActivityScan Job captures user activity from targeted SQL server instances and databases. - -Special Dependency - -- SQL Server Audit Specifications to be configured on the target databases - - Audit destination must be a binary file - - See the Microsoft - [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) - article for additional information. - -## Queries for the 3-SQL_ActivityScan Job - -The ActivityScan Job uses the SQL Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup14.webp) - -- ActivityScan – Collects activity from targeted instances - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the ActivityScan Query](#configure-the-activityscan-query) topic for additional - information. - -### Configure the ActivityScan Query - -The 3-SQL_ActivityScan Job is preconfigured to run using the default settings within the Server -Audits Events Collection category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 3-SQL_ActivityScan > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, click on Query Properties. The Query Properties window -appears. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Options Page](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp) - -**Step 4 –** To modify scan options, navigate to the -[SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) page. Select the desired scan -options. The query is preconfigured with the following default settings: - -- Collect only events since last scan – Collects activity recorded since the previous scan -- Number of days you want to keep events in the database – The default setting is 15 days -- Collect audits by name – Finds available audits in the database -- Collect audits by path – Collects audits by a specified path - -![Filter Page](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp) - -**Step 5 –** To scope the query for specific database/instance, navigate to the -[SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) page. The query is configured -by default to target Only select database objects. Click Retrieve. The Available database objects -will be populated. Databases and instances can be added in the following ways: - -Select the desired database objects and click Add. - -Use the Import CSV button to import a list from a CSV file. - -Optionally use the Add Custom Filter button to create and apply a custom filter. - -**Step 6 –** Navigate to the Summary page, click Finish to save any setting modifications or click -Cancel if no changes were made. Then click OK to close the Query Properties window. - -The 3-SQL_ActivityScan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 3-SQL_ActivityScan Job - -Navigate to the **Databases** > 0.Collection > SQL > 3-SQL_ActivityScan > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup17.webp) - -The default analysis tasks are: - -- AIC Import – Activity– Creates the SA_AIC_ActivityEventsImport table accessible under the job’s - Results node. diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/3-sql_activityscan.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/3-sql_activityscan.md new file mode 100644 index 0000000000..ace3aea3d9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/3-sql_activityscan.md @@ -0,0 +1,82 @@ +# 3-SQL_ActivityScan Job + +The 3-SQL_ActivityScan Job captures user activity from targeted SQL server instances and databases. + +Special Dependency + +- SQL Server Audit Specifications to be configured on the target databases + - Audit destination must be a binary file + - See the Microsoft + [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) + article for additional information. + +## Queries for the 3-SQL_ActivityScan Job + +The ActivityScan Job uses the SQL Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup14.webp) + +- ActivityScan – Collects activity from targeted instances + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the ActivityScan Query](#configure-the-activityscan-query) topic for additional + information. + +### Configure the ActivityScan Query + +The 3-SQL_ActivityScan Job is preconfigured to run using the default settings within the Server +Audits Events Collection category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 3-SQL_ActivityScan > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, click on Query Properties. The Query Properties window +appears. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Options Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp) + +**Step 4 –** To modify scan options, navigate to the +[SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) page. Select the desired scan +options. The query is preconfigured with the following default settings: + +- Collect only events since last scan – Collects activity recorded since the previous scan +- Number of days you want to keep events in the database – The default setting is 15 days +- Collect audits by name – Finds available audits in the database +- Collect audits by path – Collects audits by a specified path + +![Filter Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp) + +**Step 5 –** To scope the query for specific database/instance, navigate to the +[SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) page. The query is configured +by default to target Only select database objects. Click Retrieve. The Available database objects +will be populated. Databases and instances can be added in the following ways: + +Select the desired database objects and click Add. + +Use the Import CSV button to import a list from a CSV file. + +Optionally use the Add Custom Filter button to create and apply a custom filter. + +**Step 6 –** Navigate to the Summary page, click Finish to save any setting modifications or click +Cancel if no changes were made. Then click OK to close the Query Properties window. + +The 3-SQL_ActivityScan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 3-SQL_ActivityScan Job + +Navigate to the **Databases** > 0.Collection > SQL > 3-SQL_ActivityScan > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup17.webp) + +The default analysis tasks are: + +- AIC Import – Activity– Creates the SA_AIC_ActivityEventsImport table accessible under the job’s + Results node. diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/4-sql-serverlogons.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/4-sql-serverlogons.md deleted file mode 100644 index 2e9b3b456d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/4-sql-serverlogons.md +++ /dev/null @@ -1,17 +0,0 @@ -# 4-SQL_ServerLogons Job - -The 4-SQL_ServerLogons Job captures SQL server logon activity, which includes successful or failed -logons. - -## Queries for the 4-SQL_ServerLogons Job - -The AppnLogSQL Query uses the SMARTLog Data Collector and has been preconfigured to process the -Windows Event Log Type. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![sqljobgroup18](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup18.webp) - -- AppnLogSQL – Uses SmartLog Data Collector to gather logon events - - See the [SMARTLog Data Collector](/docs/accessanalyzer/12.0/data-collection/smart-log/overview.md) topic - for additional information diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/4-sql_serverlogons.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/4-sql_serverlogons.md new file mode 100644 index 0000000000..f29cb081e3 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/4-sql_serverlogons.md @@ -0,0 +1,17 @@ +# 4-SQL_ServerLogons Job + +The 4-SQL_ServerLogons Job captures SQL server logon activity, which includes successful or failed +logons. + +## Queries for the 4-SQL_ServerLogons Job + +The AppnLogSQL Query uses the SMARTLog Data Collector and has been preconfigured to process the +Windows Event Log Type. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![sqljobgroup18](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup18.webp) + +- AppnLogSQL – Uses SmartLog Data Collector to gather logon events + - See the [SMARTLog Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/overview.md) topic + for additional information diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/5-sql-serversettings.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/5-sql-serversettings.md deleted file mode 100644 index b313b8ca84..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/5-sql-serversettings.md +++ /dev/null @@ -1,100 +0,0 @@ -# 5-SQL_ServerSettings Job - -The 5-SQL_ServerSettings Job collects SQL server instance and database configuration settings for -evaluation against recommended best practices. - -## Queries for the 5-SQL_ServerSettings Job - -The 5-SQL_ServerSettings Job uses the SQL Data Collector for the following queries: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup19.webp) - -- Configuration – Collects configuration properties - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the Configuration Query](#configure-the-configuration-query) topic for additional - information. -- Server – Collects server properties - - (Optional) This query can be modified to target specific databases/instances. See the - [Configure the Server Query](#configure-the-server-query) topic for additional information. -- Connections – Returns connections to the instance -- Asymmetric Key Size – Returns the asymmetric key size -- Symmetric Key Encryption – Returns the symmetric key encryptions being used by the Instance -- CLR Assemblies – Returns CLR Assemblies being used by the Instance -- Instance Details – Provides details on Instance configuration -- Database Details – Returns details for each database in the scanned Instance -- Database Sizing – Returns details on database size -- Linked Servers – Collects information on SQL Linked Servers -- Table Row Count – Returns the number of rows for each table in SQL - -### Configure the Configuration Query - -The 5-SQL_ServerSettings Job’s Configuration Query is configured to run with the default settings -with the Configuration Properties category. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 5-SQL_ServerSettings > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, select the Configuration Query and click on Query -Properties. The Query Properties window will appear. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard will -open. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Instance Filters](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp) - -**Step 4 –** To scope the query for specific database/instance, navigate to the -[SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) page. The query is configured -by default to target All instances. Change the query scope to Only select instances, and click -Retrieve. The Available server audits will be populated. Databases and instances can be added in the -following ways: - -- Select the desired instances and click Add. -- Use the Import CSV button to import a list from a CSV file. -- (Optional) Use the Add Custom Filter button to create and apply a custom filter. - -**Step 5 –** On the Summary page, click Finish to save any setting modifications or click Cancel if -no changes were made. Then click OK to close the Query Properties window. - -The 5-SQL_ServerSettings Job is now ready to run with the customized settings. - -### Configure the Server Query - -The 5-SQL_ServerSettingsJob > Server Query has been preconfigured to run with the default settings -with the category of Server Properties. However, the query can be scoped to target specific -databases/instances on the Filters page of the SQL Data Collector Wizard. Follow these steps to -modify the query configuration. - -**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 5-SQL_ServerSettings > Configure -node and select Queries. - -**Step 2 –** In the Query Selection view, select the Server query click on Query Properties. The -Query Properties window will appear. - -**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard will -open. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Filter Page](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp) - -**Step 4 –** To scope the query for specific database/instance, navigate to the -[SQL Data Collector](/docs/accessanalyzer/12.0/data-collection/sql/overview.md) page. The query is configured -by default to target All instances. Change the query scope to Only select instances, and click -Retrieve. The Available server audits will be populated. Databases and instances can be added in the -following ways: - -- Select the desired instances and click Add. -- Use the Import CSV button to import a list from a CSV file. -- Optionally use the Add Custom Filter button to create and apply a custom filter. - - Remember, it is necessary for the [0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql-instancediscovery.md) to - run before attempting to scope this query. - -**Step 5 –** On the Summary page, click Finish to save any setting modifications or click Cancel if -no changes were made. Then click OK to close the Query Properties window. - -The 5-SQL_ServerSettings Job is now ready to run with the customized settings. diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/5-sql_serversettings.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/5-sql_serversettings.md new file mode 100644 index 0000000000..b7cc5d93b3 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/5-sql_serversettings.md @@ -0,0 +1,100 @@ +# 5-SQL_ServerSettings Job + +The 5-SQL_ServerSettings Job collects SQL server instance and database configuration settings for +evaluation against recommended best practices. + +## Queries for the 5-SQL_ServerSettings Job + +The 5-SQL_ServerSettings Job uses the SQL Data Collector for the following queries: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup19.webp) + +- Configuration – Collects configuration properties + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the Configuration Query](#configure-the-configuration-query) topic for additional + information. +- Server – Collects server properties + - (Optional) This query can be modified to target specific databases/instances. See the + [Configure the Server Query](#configure-the-server-query) topic for additional information. +- Connections – Returns connections to the instance +- Asymmetric Key Size – Returns the asymmetric key size +- Symmetric Key Encryption – Returns the symmetric key encryptions being used by the Instance +- CLR Assemblies – Returns CLR Assemblies being used by the Instance +- Instance Details – Provides details on Instance configuration +- Database Details – Returns details for each database in the scanned Instance +- Database Sizing – Returns details on database size +- Linked Servers – Collects information on SQL Linked Servers +- Table Row Count – Returns the number of rows for each table in SQL + +### Configure the Configuration Query + +The 5-SQL_ServerSettings Job’s Configuration Query is configured to run with the default settings +with the Configuration Properties category. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 5-SQL_ServerSettings > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, select the Configuration Query and click on Query +Properties. The Query Properties window will appear. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard will +open. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Instance Filters](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp) + +**Step 4 –** To scope the query for specific database/instance, navigate to the +[SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) page. The query is configured +by default to target All instances. Change the query scope to Only select instances, and click +Retrieve. The Available server audits will be populated. Databases and instances can be added in the +following ways: + +- Select the desired instances and click Add. +- Use the Import CSV button to import a list from a CSV file. +- (Optional) Use the Add Custom Filter button to create and apply a custom filter. + +**Step 5 –** On the Summary page, click Finish to save any setting modifications or click Cancel if +no changes were made. Then click OK to close the Query Properties window. + +The 5-SQL_ServerSettings Job is now ready to run with the customized settings. + +### Configure the Server Query + +The 5-SQL_ServerSettingsJob > Server Query has been preconfigured to run with the default settings +with the category of Server Properties. However, the query can be scoped to target specific +databases/instances on the Filters page of the SQL Data Collector Wizard. Follow these steps to +modify the query configuration. + +**Step 1 –** Navigate to the **Databases** > 0.Collection > SQL > 5-SQL_ServerSettings > Configure +node and select Queries. + +**Step 2 –** In the Query Selection view, select the Server query click on Query Properties. The +Query Properties window will appear. + +**Step 3 –** Select the Data Source tab, and click Configure. The SQL Data Collector Wizard will +open. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Filter Page](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp) + +**Step 4 –** To scope the query for specific database/instance, navigate to the +[SQL Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/sql/overview.md) page. The query is configured +by default to target All instances. Change the query scope to Only select instances, and click +Retrieve. The Available server audits will be populated. Databases and instances can be added in the +following ways: + +- Select the desired instances and click Add. +- Use the Import CSV button to import a list from a CSV file. +- Optionally use the Add Custom Filter button to create and apply a custom filter. + + Remember, it is necessary for the [0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql_instancediscovery.md) to + run before attempting to scope this query. + +**Step 5 –** On the Summary page, click Finish to save any setting modifications or click Cancel if +no changes were made. Then click OK to close the Query Properties window. + +The 5-SQL_ServerSettings Job is now ready to run with the customized settings. diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/overview.md b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/overview.md index 565043dd72..97c48ff57b 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/collection/overview.md @@ -4,21 +4,21 @@ The 0.Collection Job Group is designed to collect high level summary information Microsoft SQL Servers. This information is used by other jobs in the SQL solution set for further analysis and for producing reports. -![0.Collection Job Group - SQL](/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup1.webp) +![0.Collection Job Group - SQL](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup1.webp) The jobs in the 0.Collection Job Group are: -- [0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql-instancediscovery.md) – This job is designed to enumerate and +- [0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql_instancediscovery.md) – This job is designed to enumerate and store the list of SQL Server Instances running on the targeted servers -- [1-SQL_PermissionsScan](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/1-sql-permissionsscan.md) – This job is designed to collect SQL Server +- [1-SQL_PermissionsScan](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/1-sql_permissionsscan.md) – This job is designed to collect SQL Server instance and database level permissions from all targeted servers -- [2-SQL_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/2-sql-sensitivedatascan.md) – This job is designed to discover +- [2-SQL_SensitiveDataScan Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/2-sql_sensitivedatascan.md) – This job is designed to discover sensitive data in the database SQL Server instances and databases based on a pre-defined or user-defined search criteria -- [3-SQL_ActivityScan Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/3-sql-activityscan.md) – This job is designed to capture user activity +- [3-SQL_ActivityScan Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/3-sql_activityscan.md) – This job is designed to capture user activity from all targeted SQL server instances and databases -- [4-SQL_ServerLogons Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/4-sql-serverlogons.md) – This job is designed to capture all types of SQL +- [4-SQL_ServerLogons Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/4-sql_serverlogons.md) – This job is designed to capture all types of SQL server logon activity including successful or failed logons -- [5-SQL_ServerSettings Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/5-sql-serversettings.md) – This job is designed to collect SQL server +- [5-SQL_ServerSettings Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/5-sql_serversettings.md) – This job is designed to collect SQL server instance and database configuration settings so that they can be evaluated against recommended best practices diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/overview.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/overview.md index c0b5c623cf..2ad74a37ed 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/overview.md @@ -3,24 +3,24 @@ The 4.Configuration Job Group provides information on potential vulnerabilities related to SQL and Azure SQL server configuration settings. -![configurationjobgroup](/img/product_docs/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp) +![configurationjobgroup](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/configurationjobgroup.webp) The jobs in the 4.Configuration Job Group are: -- [SQL_Authentication Job](/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-authentication.md) – This job identifies authentication settings on +- [SQL_Authentication Job](/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_authentication.md) – This job identifies authentication settings on targeted SQL and Azure SQL servers that allow SQL server authentication in addition to Windows authentication. Microsoft recommends that the SQL and Azure SQL servers should be generally configured to utilize Windows authentication versus SQL authentication. -- [SQL_BestPractices Job](/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-bestpractices.md) – This job is designed to analyze SQL and Azure SQL +- [SQL_BestPractices Job](/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_bestpractices.md) – This job is designed to analyze SQL and Azure SQL server configuration settings and report on any findings that deviate from recommended Microsoft Best Practices when it comes to creating, maintaining, and securing SQL servers -- [SQL_CMDShell Job](/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-cmdshell.md) – This job is designed to report if the `xp_cmdshell `stored +- [SQL_CMDShell Job](/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_cmdshell.md) – This job is designed to report if the `xp_cmdshell `stored procedure is enabled or disabled. Since `xp_cmdshell` allows a user to execute operating system commands when connected to the SQL or Azure SQL server, it can be used to launch malicious attacks. Microsoft recommends that the `xp_cmdshell` stored procedure be disabled. -- [SQL_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-databasesizing.md) – Provides details on database file sizes and +- [SQL_DatabaseSizing Job](/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_databasesizing.md) – Provides details on database file sizes and overall database sizes -- [SQL_LinkedServers Job](/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-linkedservers.md) – Identifies Linked Servers or remote database +- [SQL_LinkedServers Job](/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_linkedservers.md) – Identifies Linked Servers or remote database servers on which the identified SQL and Azure SQL server can execute commands. Some of the common remote OLE DB providers include IBM DB2, Oracle, Access and Excel. Typically, linked servers are used to handle distributed queries in SQL and Azure SQL server. diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-authentication.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-authentication.md deleted file mode 100644 index b1c980932c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-authentication.md +++ /dev/null @@ -1,30 +0,0 @@ -# SQL_Authentication Job - -The SQL_Authentication Job identifies authentication settings on targeted SQL and Azure SQL servers -that allow SQL server authentication in addition to Windows authentication. Microsoft recommends -that SQL and Azure SQL servers should be generally configured to utilize Windows authentication -versus SQL server authentication. - -## Analysis Tasks for the SQL_Authentication Job - -Navigate to the **Databases** > SQL > 4.Configuration > SQL_Authentication > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup43.webp) - -The default analysis tasks are: - -- Determine authentication configurations – Creates the SA_SQLServer_Authentication_Details table - accessible under the job’s Results node -- Authentication Summary – Creates the SA_SQLServer_Authentication_Summary table accessible under - the job’s Results node. Provides a summary of targeted servers with SQL authentication enabled. - -In addition to the tables and views created by the analysis task, the SQL_Authentication Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SQL  Authentication | This report identifies authentication settings on the targeted servers, and highlights those with SQL Authentication enabled. Additionally, the number of SQL logins on a given instance, and whether or not the 'sa' login exists, are indicated. Best practices recommend that SQL instances be integrated login only, and that the 'sa' principal be renamed or removed. | None | This report is comprised of two elements: - Pie Chart – Displays instances with integrated security only - Table – Displays integrated security details by instance | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-bestpractices.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-bestpractices.md deleted file mode 100644 index 3e29bc621d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-bestpractices.md +++ /dev/null @@ -1,29 +0,0 @@ -# SQL_BestPractices Job - -The SQL_BestPractices Job analyzes SQL and Azure SQL server configuration settings and reports any -findings that deviate from recommended Microsoft Best Practices when it comes to creating, -maintaining, and securing SQL and Azure SQL servers. - -### Analysis Tasks for the SQL_BestPractices Job - -Navigate to the **Databases** > SQL > 4.Configuration > SQL_BestPractices > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup44.webp) - -The default analysis tasks are: - -- SQL Best Practices – Creates the SA_SQL_BestPractices table accessible under the job’s Results - node -- SQL Best Practices Instance Summary – Creates the SA_SQL_BestPractices_Summary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_BestPractices Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | --------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SQL Server Best Practices | Evaluates settings on SQL and Azure SQL Instances and Databases for SQL Best Practices. | None | This report is comprised of three elements: - Pie Chart – Displays best practice adherence - Table– Displays configuration settings - Table – Displays instance summary | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-cmdshell.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-cmdshell.md deleted file mode 100644 index 821b278b45..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-cmdshell.md +++ /dev/null @@ -1,27 +0,0 @@ -# SQL_CMDShell Job - -The SQL_CMDShell Job reports on whether the `xp_cmdshell` stored procedure is enabled or disabled. -Since `xp_cmdshell` allows users to execute operating system commands when connected to the SQL or -the Azure SQL server, it can be used to launch malicious attacks. Microsoft recommends that the -`xp_cmdshell` stored procedure be disabled. - -## Analysis Tasks for the SQL_CMDShell Job - -Navigate to the **Databases** > SQL > 4.Configuration > SQL_CMDShell > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup45.webp) - -The default analysis task is: - -- XP CMD Shell – Creates the SA_SQL_CMDShell_Status table accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the SQL_CMDShell Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------- | -| xp_cmdshell Settings | Because malicious users sometimes attempt to elevate their privileges by using xp_cmdshell, xp_cmdshell is disabled by default. Use sp_configure or Policy Based Management to disable it on any instances which have it enabled. | None | This report is comprised of two elements: - Pie Chart – Displays instance summary - Table– Displays configuration details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-databasesizing.md deleted file mode 100644 index 450de19967..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-databasesizing.md +++ /dev/null @@ -1,25 +0,0 @@ -# SQL_DatabaseSizing Job - -The SQL_DatabaseSizing Job provides details on database file sizes and overall database sizes. - -## Analysis Tasks for the SQL_DatabaseSizing Job - -Navigate to the **Databases** > Jobs > SQL > 4.Configuration > SQL_DatabaseSizing Job >Configure -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/analysistask.webp) - -The default analysis tasks are: - -- Database Size Details – Provides details on database files and sizes -- Database Size Summary – Summarizes database file sizes by database - -In addition to the tables created by the analysis tasks, the **SQL_DatabaseSizing Job** produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Sizing | This report provides details on database files and sizing. | None | This report is comprised of three elements: - Bar Chart – Provides information on the top five databases by size (MB) - Bar Chart – Provides information on database sizes by host (GB) - Table – Provides details on database sizing | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-linkedservers.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-linkedservers.md deleted file mode 100644 index 9698fd9020..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql-linkedservers.md +++ /dev/null @@ -1,28 +0,0 @@ -# SQL_LinkedServers Job - -The SQL_LinkedServers Job identifies Linked Servers or remote database servers on which the -identified SQL and Azure SQL servers can execute commands. Some of the common remote -OLE DB providers include IBM DB2, Oracle, Access and Excel. Typically, linked servers are used to -handle distributed queries in SQL and Azure SQL server . - -## Analysis Tasks for the SQL_LinkedServers Job - -Navigate to the **Databases** > Jobs > SQL > 4.Configuration > SQL_LinkedServers Job >Configure node -and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -pre-configured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp) - -The default analysis tasks are: - -- Linked Server Details – Provides details on SQL Linked Servers -- Linked Server Summary – Summarizes Linked Servers by instance - -In addition to the tables created by the analysis tasks, the **SQL_DatabaseSizing Job** produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ----------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Linked Servers | This report highlights Linked Servers where the listed SQL Server is able to execute remote commands. | None | This report is comprised of three elements: - Bar Chart – Provides information on top five linked servers by instance - Table – Provides details on linked servers by instance - Table – Provides details on linked servers | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_authentication.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_authentication.md new file mode 100644 index 0000000000..0703f6e1dc --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_authentication.md @@ -0,0 +1,30 @@ +# SQL_Authentication Job + +The SQL_Authentication Job identifies authentication settings on targeted SQL and Azure SQL servers +that allow SQL server authentication in addition to Windows authentication. Microsoft recommends +that SQL and Azure SQL servers should be generally configured to utilize Windows authentication +versus SQL server authentication. + +## Analysis Tasks for the SQL_Authentication Job + +Navigate to the **Databases** > SQL > 4.Configuration > SQL_Authentication > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sqljobgroup43.webp) + +The default analysis tasks are: + +- Determine authentication configurations – Creates the SA_SQLServer_Authentication_Details table + accessible under the job’s Results node +- Authentication Summary – Creates the SA_SQLServer_Authentication_Summary table accessible under + the job’s Results node. Provides a summary of targeted servers with SQL authentication enabled. + +In addition to the tables and views created by the analysis task, the SQL_Authentication Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SQL  Authentication | This report identifies authentication settings on the targeted servers, and highlights those with SQL Authentication enabled. Additionally, the number of SQL logins on a given instance, and whether or not the 'sa' login exists, are indicated. Best practices recommend that SQL instances be integrated login only, and that the 'sa' principal be renamed or removed. | None | This report is comprised of two elements: - Pie Chart – Displays instances with integrated security only - Table – Displays integrated security details by instance | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_bestpractices.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_bestpractices.md new file mode 100644 index 0000000000..5e9cce5760 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_bestpractices.md @@ -0,0 +1,29 @@ +# SQL_BestPractices Job + +The SQL_BestPractices Job analyzes SQL and Azure SQL server configuration settings and reports any +findings that deviate from recommended Microsoft Best Practices when it comes to creating, +maintaining, and securing SQL and Azure SQL servers. + +### Analysis Tasks for the SQL_BestPractices Job + +Navigate to the **Databases** > SQL > 4.Configuration > SQL_BestPractices > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sqljobgroup44.webp) + +The default analysis tasks are: + +- SQL Best Practices – Creates the SA_SQL_BestPractices table accessible under the job’s Results + node +- SQL Best Practices Instance Summary – Creates the SA_SQL_BestPractices_Summary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_BestPractices Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | --------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SQL Server Best Practices | Evaluates settings on SQL and Azure SQL Instances and Databases for SQL Best Practices. | None | This report is comprised of three elements: - Pie Chart – Displays best practice adherence - Table– Displays configuration settings - Table – Displays instance summary | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_cmdshell.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_cmdshell.md new file mode 100644 index 0000000000..21899403e1 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_cmdshell.md @@ -0,0 +1,27 @@ +# SQL_CMDShell Job + +The SQL_CMDShell Job reports on whether the `xp_cmdshell` stored procedure is enabled or disabled. +Since `xp_cmdshell` allows users to execute operating system commands when connected to the SQL or +the Azure SQL server, it can be used to launch malicious attacks. Microsoft recommends that the +`xp_cmdshell` stored procedure be disabled. + +## Analysis Tasks for the SQL_CMDShell Job + +Navigate to the **Databases** > SQL > 4.Configuration > SQL_CMDShell > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sqljobgroup45.webp) + +The default analysis task is: + +- XP CMD Shell – Creates the SA_SQL_CMDShell_Status table accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the SQL_CMDShell Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------- | +| xp_cmdshell Settings | Because malicious users sometimes attempt to elevate their privileges by using xp_cmdshell, xp_cmdshell is disabled by default. Use sp_configure or Policy Based Management to disable it on any instances which have it enabled. | None | This report is comprised of two elements: - Pie Chart – Displays instance summary - Table– Displays configuration details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_databasesizing.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_databasesizing.md new file mode 100644 index 0000000000..a115f63a54 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_databasesizing.md @@ -0,0 +1,25 @@ +# SQL_DatabaseSizing Job + +The SQL_DatabaseSizing Job provides details on database file sizes and overall database sizes. + +## Analysis Tasks for the SQL_DatabaseSizing Job + +Navigate to the **Databases** > Jobs > SQL > 4.Configuration > SQL_DatabaseSizing Job >Configure +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/analysistask.webp) + +The default analysis tasks are: + +- Database Size Details – Provides details on database files and sizes +- Database Size Summary – Summarizes database file sizes by database + +In addition to the tables created by the analysis tasks, the **SQL_DatabaseSizing Job** produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Sizing | This report provides details on database files and sizing. | None | This report is comprised of three elements: - Bar Chart – Provides information on the top five databases by size (MB) - Bar Chart – Provides information on database sizes by host (GB) - Table – Provides details on database sizing | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_linkedservers.md b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_linkedservers.md new file mode 100644 index 0000000000..db9c82979c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sql_linkedservers.md @@ -0,0 +1,28 @@ +# SQL_LinkedServers Job + +The SQL_LinkedServers Job identifies Linked Servers or remote database servers on which the +identified SQL and Azure SQL servers can execute commands. Some of the common remote +OLE DB providers include IBM DB2, Oracle, Access and Excel. Typically, linked servers are used to +handle distributed queries in SQL and Azure SQL server . + +## Analysis Tasks for the SQL_LinkedServers Job + +Navigate to the **Databases** > Jobs > SQL > 4.Configuration > SQL_LinkedServers Job >Configure node +and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +pre-configured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/analysistasks.webp) + +The default analysis tasks are: + +- Linked Server Details – Provides details on SQL Linked Servers +- Linked Server Summary – Summarizes Linked Servers by instance + +In addition to the tables created by the analysis tasks, the **SQL_DatabaseSizing Job** produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ----------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Linked Servers | This report highlights Linked Servers where the listed SQL Server is able to execute remote commands. | None | This report is comprised of three elements: - Bar Chart – Provides information on top five linked servers by instance - Table – Provides details on linked servers by instance - Table – Provides details on linked servers | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/overview.md b/docs/accessanalyzer/12.0/solutions/databases/sql/overview.md index feeed4e792..186e67b5a5 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/overview.md @@ -17,7 +17,7 @@ Supported Platforms Requirements, Permissions, and Ports See the -[Target SQL Server Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/database-sql.md) +[Target SQL Server Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/databasesql.md) topic for additional information. Sensitive Data Discovery Considerations @@ -39,7 +39,7 @@ The Database Solution license includes all supported database platforms supporte Analyzer. Additionally, Sensitive Data Discovery enables the solution to search database content for sensitive data. -![SQL Job Group](/img/product_docs/accessanalyzer/solutions/databases/sql/sqljobgroup.webp) +![SQL Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sqljobgroup.webp) The SQL Job Group includes: @@ -65,6 +65,6 @@ The SQL Job Group includes: - [5.Sensitive Data Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/overview.md)– This job group is designed to provide insight into where sensitive data exists and who has access to it across all the targeted SQL server databases -- [SQL_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/databases/sql/sql-securityassessment.md) – This job is designed to summarize and +- [SQL_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/databases/sql/sql_securityassessment.md) – This job is designed to summarize and categorize the security findings into HIGH, MEDIUM, LOW, and NO FINDING categories based on their severity. diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/overview.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/overview.md index 6d294451e2..92d8816a37 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/overview.md @@ -3,21 +3,21 @@ The 3.Permissions Job Group provides insight into permissions at the instance, database, and object level across all targeted SQL and Azure SQL servers. -![sqljobgroup36](/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup36.webp) +![sqljobgroup36](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup36.webp) The jobs in the 3.Permissions Job Group are: -- [SQL_ControlServer Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-controlserver.md) – This job will provide information on control +- [SQL_ControlServer Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_controlserver.md) – This job will provide information on control server permissions. Users with control server permissions allow users to command full control of a SQL and Azure SQL server instances -- [SQL_DirectPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-directpermissions.md) – This job will provide information about +- [SQL_DirectPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_directpermissions.md) – This job will provide information about the permissions granted to users at the schema, database, and server levels -- [SQL_DomainUserPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-domainuserpermissions.md) – This job will provide insight into +- [SQL_DomainUserPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_domainuserpermissions.md) – This job will provide insight into Microsoft Active Directory domain users’ access to SQL and Azure SQL server objects both at the instance and database level -- [SQL_PublicPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-publicpermissions.md) – This job analyzes all the permissions +- [SQL_PublicPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_publicpermissions.md) – This job analyzes all the permissions granted at the server level and reports on the effective server level permissions across all the audited SQL and Azure SQL server instances -- [SQL_ServerPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-serverpermissions.md) – This job provides the list of SQL and +- [SQL_ServerPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_serverpermissions.md) – This job provides the list of SQL and Azure SQL server logins that have the PUBLIC roles assigned. In addition, it also provides the list of permissions assigned to the PUBLIC role as well diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-controlserver.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-controlserver.md deleted file mode 100644 index f6bd31cfd9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-controlserver.md +++ /dev/null @@ -1,30 +0,0 @@ -# SQL_ControlServer Job - -The SQL_ControlServer Job provides information on control server permissions. Users with control -server permissions can command full control of a SQL and Azure SQL server instance. - -## Analysis Tasks for the SQL_ControlServer Job - -Navigate to the **Databases** > SQL > 3.Permissions > SQL_ControlServer > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup37.webp) - -The default analysis tasks are: - -- Determine Control Server Rights – Creates the SA_SQL_ControlServer_Details table accessible under - the job’s Results node -- Control Server Domain Users – Creates the SA_SQLServer_ControlServer_DomainUsers table accessible - under the job’s Results node -- Control Server Instance Summary – Creates the SA_SQLServer_ControlServer_InstanceSummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the SQL_ControlServer Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Control Server Permissions | This report highlights control server permissions, and summarizes them by instance and by domain user. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by control server permissions - Table – Provides details on instances by control server permission count - Table – Provides details on control server permissions | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-directpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-directpermissions.md deleted file mode 100644 index d7175f9128..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-directpermissions.md +++ /dev/null @@ -1,32 +0,0 @@ -# SQL_DirectPermissions Job - -The SQL_DirectPermissions Job provides information on permissions granted to users at the schema, -database, and server level. - -## Analysis Tasks for the SQL_DirectPermissions Job - -Navigate to the **Databases** > SQL > 3.Permissions > SQL_DirectPermissions > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup38.webp) - -The default analysis tasks are: - -- Determine database permissions – Creates the SA_SQLServer_DirectPermissions_DatabaseDetails table - accessible under the job’s Results node -- Determine schema permissions – Creates the SA_SQLServer_DirectPermissions_SchemaDetails table - accessible under the job’s Results node -- Determine server permissions – Creates the SA_SQLServer_DirectPermissions_ServerDetails table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_DirectPermissions Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Database Permissions | This report highlights SQL permissions granted at the database level. | None | This report is comprised of three elements: - Bar Chart – Displays database permission summary - Table – Provides details on database permission summary - Table – Provides details on database permission details | -| Schema Permissions | This report lists all SQL permissions granted at the schema level. | None | This report is comprised of three elements: - Bar Chart – Displays top schema by permission count - Table – Provides details on permission summary - Table – Provides details on schema permission details | -| Server Permissions | This report highlights SQL permissions being granted at the server level. | None | This report is comprised of three elements: - Bar Chart – Displays server permission summary - Table – Provides details on server permission summary - Table – Provides details on server permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-domainuserpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-domainuserpermissions.md deleted file mode 100644 index 4ccacba372..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-domainuserpermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# SQL_DomainUserPermissions Job - -The SQL_DomainUserPermissions Job provides insight into Microsoft Active Directory domain users’ -access to SQL and Azure SQL server objects at both the instance and database level. - -## Analysis Tasks for the SQL_DomainUserPermissions Job - -Navigate to the **Databases** > SQL > 3.Permissions > SQL_DomainUserPermissions > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup39.webp) - -The default analysis tasks are: - -- Domain User Permissions Details – Creates the SA_SQLServer_DomainUserPermissions_Details table - accessible under the job’s Results node -- Domain User Permissions Summary – Creates the SA_SQLServer_DomainUserPermissions_Summary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_DomainUserPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | --------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain User SQL Access | This report looks at SQL server permissions granted to domain users across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance count - Table – Provides details on access sprawl - Table – Provides details on permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-publicpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-publicpermissions.md deleted file mode 100644 index 135efe85e4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-publicpermissions.md +++ /dev/null @@ -1,32 +0,0 @@ -# SQL_PublicPermissions Job - -The SQL_PublicPermissions Job provides the list of SQL server logins that have the PUBLIC roles -assigned. In addition, it also provides the list of permissions assigned to the PUBLIC role as well. - -## Analysis Tasks for the SQL_PublicPermissions Job - -Navigate to the **Databases** > SQL > 5.Permissions > SQL_PublicPermissions > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup40.webp) - -The default analysis tasks are: - -- Calculate public permissions – Creates the SA_SQLServer_PublicPermissions_Details table accessible - under the job’s Results node -- Public Permissions Summary – Creates the SA_SQLServer_PublicPermissions_DatabaseSummary table - accessible under the job’s Results node -- Public Permissions Summary – Highlights permissions that have been granted to the public role on - objects that are not-default SQL or Azure SQL server objects -- Public Permissions Instance Summary (Non-Default) – Summarizes non-default SQL and Azure SQL - server public permissions by instance - -In addition to the tables and views created by the analysis task, the SQL_PublicPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | -------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Public Permissions | This report determines highlights objects with public permissions applied. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by public permission count - Table – Provides details on databases by public permission count - Table – Provides details on public permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-serverpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-serverpermissions.md deleted file mode 100644 index 98abfd076e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-serverpermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# SQL_ServerPermissions Job - -The SQL_ServerPermissions Job analyzes permissions granted at the server level and reports on -effective server level permissions across all audited SQL and Azure SQL server instances. - -## Analysis Tasks for the SQL_ServerPermissions Job - -Navigate to the **Databases** > SQL > 3.Permissions > SQL_ServerPermissions > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup41.webp) - -The default analysis tasks are: - -- Server Permissions – Creates the SA_SQLServer_ServerPermission_Details table accessible under the - job’s Results node -- System Permissions Instance Summary –Creates the SA_SQLServer_ServerPermission_InstanceSummary - table accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the SQL_ServerPermissions Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | -------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Server Permissions | This report highlights server permissions and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by server permissions - Table – Provides details on instances by server permission count - Table – Provides details on server permissions | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_controlserver.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_controlserver.md new file mode 100644 index 0000000000..30de788bcd --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_controlserver.md @@ -0,0 +1,30 @@ +# SQL_ControlServer Job + +The SQL_ControlServer Job provides information on control server permissions. Users with control +server permissions can command full control of a SQL and Azure SQL server instance. + +## Analysis Tasks for the SQL_ControlServer Job + +Navigate to the **Databases** > SQL > 3.Permissions > SQL_ControlServer > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup37.webp) + +The default analysis tasks are: + +- Determine Control Server Rights – Creates the SA_SQL_ControlServer_Details table accessible under + the job’s Results node +- Control Server Domain Users – Creates the SA_SQLServer_ControlServer_DomainUsers table accessible + under the job’s Results node +- Control Server Instance Summary – Creates the SA_SQLServer_ControlServer_InstanceSummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the SQL_ControlServer Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Control Server Permissions | This report highlights control server permissions, and summarizes them by instance and by domain user. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by control server permissions - Table – Provides details on instances by control server permission count - Table – Provides details on control server permissions | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_directpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_directpermissions.md new file mode 100644 index 0000000000..14567ea4c4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_directpermissions.md @@ -0,0 +1,32 @@ +# SQL_DirectPermissions Job + +The SQL_DirectPermissions Job provides information on permissions granted to users at the schema, +database, and server level. + +## Analysis Tasks for the SQL_DirectPermissions Job + +Navigate to the **Databases** > SQL > 3.Permissions > SQL_DirectPermissions > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup38.webp) + +The default analysis tasks are: + +- Determine database permissions – Creates the SA_SQLServer_DirectPermissions_DatabaseDetails table + accessible under the job’s Results node +- Determine schema permissions – Creates the SA_SQLServer_DirectPermissions_SchemaDetails table + accessible under the job’s Results node +- Determine server permissions – Creates the SA_SQLServer_DirectPermissions_ServerDetails table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_DirectPermissions Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Database Permissions | This report highlights SQL permissions granted at the database level. | None | This report is comprised of three elements: - Bar Chart – Displays database permission summary - Table – Provides details on database permission summary - Table – Provides details on database permission details | +| Schema Permissions | This report lists all SQL permissions granted at the schema level. | None | This report is comprised of three elements: - Bar Chart – Displays top schema by permission count - Table – Provides details on permission summary - Table – Provides details on schema permission details | +| Server Permissions | This report highlights SQL permissions being granted at the server level. | None | This report is comprised of three elements: - Bar Chart – Displays server permission summary - Table – Provides details on server permission summary - Table – Provides details on server permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_domainuserpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_domainuserpermissions.md new file mode 100644 index 0000000000..872020317c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_domainuserpermissions.md @@ -0,0 +1,28 @@ +# SQL_DomainUserPermissions Job + +The SQL_DomainUserPermissions Job provides insight into Microsoft Active Directory domain users’ +access to SQL and Azure SQL server objects at both the instance and database level. + +## Analysis Tasks for the SQL_DomainUserPermissions Job + +Navigate to the **Databases** > SQL > 3.Permissions > SQL_DomainUserPermissions > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup39.webp) + +The default analysis tasks are: + +- Domain User Permissions Details – Creates the SA_SQLServer_DomainUserPermissions_Details table + accessible under the job’s Results node +- Domain User Permissions Summary – Creates the SA_SQLServer_DomainUserPermissions_Summary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_DomainUserPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | --------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain User SQL Access | This report looks at SQL server permissions granted to domain users across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top users by instance count - Table – Provides details on access sprawl - Table – Provides details on permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_publicpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_publicpermissions.md new file mode 100644 index 0000000000..bc7e7469d4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_publicpermissions.md @@ -0,0 +1,32 @@ +# SQL_PublicPermissions Job + +The SQL_PublicPermissions Job provides the list of SQL server logins that have the PUBLIC roles +assigned. In addition, it also provides the list of permissions assigned to the PUBLIC role as well. + +## Analysis Tasks for the SQL_PublicPermissions Job + +Navigate to the **Databases** > SQL > 5.Permissions > SQL_PublicPermissions > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup40.webp) + +The default analysis tasks are: + +- Calculate public permissions – Creates the SA_SQLServer_PublicPermissions_Details table accessible + under the job’s Results node +- Public Permissions Summary – Creates the SA_SQLServer_PublicPermissions_DatabaseSummary table + accessible under the job’s Results node +- Public Permissions Summary – Highlights permissions that have been granted to the public role on + objects that are not-default SQL or Azure SQL server objects +- Public Permissions Instance Summary (Non-Default) – Summarizes non-default SQL and Azure SQL + server public permissions by instance + +In addition to the tables and views created by the analysis task, the SQL_PublicPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | -------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Public Permissions | This report determines highlights objects with public permissions applied. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by public permission count - Table – Provides details on databases by public permission count - Table – Provides details on public permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_serverpermissions.md b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_serverpermissions.md new file mode 100644 index 0000000000..440d41c935 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_serverpermissions.md @@ -0,0 +1,28 @@ +# SQL_ServerPermissions Job + +The SQL_ServerPermissions Job analyzes permissions granted at the server level and reports on +effective server level permissions across all audited SQL and Azure SQL server instances. + +## Analysis Tasks for the SQL_ServerPermissions Job + +Navigate to the **Databases** > SQL > 3.Permissions > SQL_ServerPermissions > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup41.webp) + +The default analysis tasks are: + +- Server Permissions – Creates the SA_SQLServer_ServerPermission_Details table accessible under the + job’s Results node +- System Permissions Instance Summary –Creates the SA_SQLServer_ServerPermission_InstanceSummary + table accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the SQL_ServerPermissions Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | -------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Server Permissions | This report highlights server permissions and summarizes them by instance. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by server permissions - Table – Provides details on instances by server permission count - Table – Provides details on server permissions | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/recommended.md b/docs/accessanalyzer/12.0/solutions/databases/sql/recommended.md index 4c476a07fb..358bf4330a 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/recommended.md @@ -16,22 +16,22 @@ Dependencies - .Active Directory Inventory Job Group run successfully - For Activity Auditing – SQL Server Audit Specifications to be configured on the target databases - - Audit destination must be a binary file - - See the Microsoft - [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) - article for additional information. + - Audit destination must be a binary file + - See the Microsoft + [Create a Server Audit and Database Audit Specification](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/create-a-server-audit-and-database-audit-specification) + article for additional information. - For the SQL_SecurityAssessment Job – One or more of the following jobs or job groups must be run to produce results: - - [0.Collection > SQL Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/overview.md) - - [1.Users and Roles Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/overview.md) - - [3.Permissions Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/overview.md) - - [5.Sensitive Data Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/overview.md) - - [Privileged Accounts Job Group](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md) - - [Privileged Accounts Job Group](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md) + - [0.Collection > SQL Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/overview.md) + - [1.Users and Roles Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/overview.md) + - [3.Permissions Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/overview.md) + - [5.Sensitive Data Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/overview.md) + - [Privileged Accounts Job Group](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md) + - [Privileged Accounts Job Group](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md) Some of the 0.Collection Job Group queries can be scoped to target specific databases/instances. However, it is necessary for the SA_SQL_Instances table to be populated before attempting to scope -the queries. Therefore, the [0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql-instancediscovery.md) +the queries. Therefore, the [0-SQL_InstanceDiscovery Job](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/0-sql_instancediscovery.md) must be manually executed before attempting to scope the 0.Collection Job Group queries. Targeted Host(s) @@ -40,9 +40,9 @@ The 0.Collection Job Group has been set to run against the following default dyn - All Microsoft SQL Server Hosts - **NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which - meet the host inventory criteria for the list. Ensure the appropriate host list(s) have been - populated through host inventory results. + **NOTE:** Default dynamic host lists are populated from hosts in the Host Master Table which + meet the host inventory criteria for the list. Ensure the appropriate host list(s) have been + populated through host inventory results. Connection Profile @@ -50,7 +50,7 @@ The SQL Data Collector requires a specific set of permissions. See the Permissio necessary permissions. The account used can be either an Active Directory account or a SQL account. Once the account has been provisioned, create a custom Connection Profile containing the credentials for the targeted environment. See the -[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/12.0/data-collection/sql/configure-job.md) +[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/12.0/admin/datacollector/sql/configurejob.md) topic for additional information. The Connection Profile should be assigned under the SQL > 0.Collection > Settings > Connection node. @@ -59,7 +59,7 @@ this may not be the Connection Profile with the necessary permissions for the as the radio button for the Select one of the following user defined profiles option and select the appropriate Connection Profile drop-down menu. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency @@ -93,8 +93,8 @@ Prerequisites: 1. (Optional) Configure the queries for the jobs in the 0.Collection Job Group 2. Schedule the 0.Collection Job Group to run daily or as desired - **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the - SQL solution + **NOTE:** Running the 0.Collection Job Group is a prerequisite for the other job groups in the + SQL solution 3. Review the reports generated by the 0.Collection Job Group’s jobs @@ -109,19 +109,19 @@ Dependencies - Full registration within Microsoft's Azure portal: - - Creation of a Access Analyzer Azure SQL Role in the Access control (IAM) section - - Successful registration of the Access Analyzer app - - Successful creation of an Application (client) ID + - Creation of a Access Analyzer Azure SQL Role in the Access control (IAM) section + - Successful registration of the Access Analyzer app + - Successful creation of an Application (client) ID - Successful configuration of an AzureSQL-specific connection profile - Creation of an Azure Tenancy host list (ex. COMPANY.onmicrosoft.com) and Azure Active Directory user credential(s) - **_RECOMMENDED:_** To avoid functional issues with Access Analyzer, create multiple connection - profiles to accommodate multiple credentials. + **_RECOMMENDED:_** To avoid functional issues with Access Analyzer, create multiple connection + profiles to accommodate multiple credentials. - Define and validate connection information in the Connection screen -- [0-AzureSQL_InstanceDiscovery Job](/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/0-azuresql-instancediscovery.md) run +- [0-AzureSQL_InstanceDiscovery Job](/docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/0-azuresql_instancediscovery.md) run successfully Targeted Host(s) @@ -136,7 +136,7 @@ The SQL Data Collector requires a specific set of permissions. See the Permissio necessary permissions. The account used can be either an Active Directory account with database login enabled or a SQL account. Once the account has been provisioned, create a custom Connection Profile containing the credentials for the targeted environment. See the -[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/12.0/data-collection/sql/configure-job.md) +[SQL Custom Connection Profile & Default Dynamic Host List](/docs/accessanalyzer/12.0/admin/datacollector/sql/configurejob.md) topic for additional information. The Connection Profile should be assigned under the **Databases** > 0.Collection > Azure SQL > @@ -145,7 +145,7 @@ settings level. However, since this may not be the Connection Profile with the n for the assigned hosts, click the radio button for the Select one of the following user defined profiles option and select the appropriate Connection Profile drop-down menu. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/overview.md b/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/overview.md index b4d54ad88e..5882ee4d6e 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/overview.md @@ -3,13 +3,13 @@ The 5.Sensitive Data Job Group provides information on where sensitive data exists, and who has access to that sensitive data, across all targeted SQL and Azure SQL server databases. -![5.Sensitive Data Job Group](/img/product_docs/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup46.webp) +![5.Sensitive Data Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sqljobgroup46.webp) The jobs in the 5.Sensitive Data Job Group are: -- [SQL_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql-sensitivedata.md) – This job is designed to provide information on all +- [SQL_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql_sensitivedata.md) – This job is designed to provide information on all the sensitive data that was discovered in the targeted SQL or Azure SQL servers based on the selected scan criteria -- [SQL_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql-sensitivedatapermissions.md) – This job is designed to +- [SQL_SensitiveDataPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql_sensitivedatapermissions.md) – This job is designed to provide all types of permissions on database objects containing sensitive data across all the targeted SQL or Azure SQL servers diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql-sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql-sensitivedata.md deleted file mode 100644 index 73b669b98f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql-sensitivedata.md +++ /dev/null @@ -1,31 +0,0 @@ -# SQL_SensitiveData Job - -The SQL_SensitiveData Job designed to provide information on all the sensitive data that was -discovered in the targeted SQL or Azure SQL servers based on the selected scan criteria. - -## Analysis Tasks for the SQL_SensitiveData Job - -Navigate to the **Databases** > SQL > 5.Sensitve Data > SQL_SensitiveData > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup47.webp) - -The default analysis tasks are: - -- Determine sensitive data details – Creates the SA_SQLServer_SensitiveData_Details table accessible - under the job’s Results node -- Database summary – Creates the SA_SQLServer_SensitiveData_DatabaseSummary table accessible under - the job’s Results node -- Enterprise summary – Creates the SA_SQLServer_SensitiveData_EnterpriseSummary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveData Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ---------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Pie Chart – Displays exceptions by match count - Table – Provides details on exception details | -| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by sensitive data hits - Table – Provides details on databases with sensitive data - Table – Provides details on sensitive data details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql-sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql-sensitivedatapermissions.md deleted file mode 100644 index 7fc98e6005..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql-sensitivedatapermissions.md +++ /dev/null @@ -1,28 +0,0 @@ -# SQL_SensitiveDataPermissions Job - -The SQL_SensitiveDataPermissions Job is designed to provide all types of permissions on database -objects containing sensitive data across all the targeted SQL or Azure SQL servers. - -## Analysis Tasks for the SQL_SensitiveDataPermissions Job - -Navigate to the **Databases** > SQL > 5.Sensitve Data > SQL_SensitiveDataPermissions > Configure -node and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup48.webp) - -The default analysis tasks are: - -- List sensitive data permission details – Creates the SA_SQL_SensitiveDataPermissions_Details table - accessible under the job’s Results node -- Sensitive Data Permissions Database Summary – Creates the - SA_SQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataPermissions -Job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql_sensitivedata.md b/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql_sensitivedata.md new file mode 100644 index 0000000000..6477ae4643 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql_sensitivedata.md @@ -0,0 +1,31 @@ +# SQL_SensitiveData Job + +The SQL_SensitiveData Job designed to provide information on all the sensitive data that was +discovered in the targeted SQL or Azure SQL servers based on the selected scan criteria. + +## Analysis Tasks for the SQL_SensitiveData Job + +Navigate to the **Databases** > SQL > 5.Sensitve Data > SQL_SensitiveData > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sqljobgroup47.webp) + +The default analysis tasks are: + +- Determine sensitive data details – Creates the SA_SQLServer_SensitiveData_Details table accessible + under the job’s Results node +- Database summary – Creates the SA_SQLServer_SensitiveData_DatabaseSummary table accessible under + the job’s Results node +- Enterprise summary – Creates the SA_SQLServer_SensitiveData_EnterpriseSummary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveData Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ---------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Enterprise Summary | This report shows a summary of the criteria matches found in the Enterprise. | None | This report is comprised of two elements: - Pie Chart – Displays exceptions by match count - Table – Provides details on exception details | +| Sensitive Data Overview | This report highlights objects which contain sensitive data criteria. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by sensitive data hits - Table – Provides details on databases with sensitive data - Table – Provides details on sensitive data details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql_sensitivedatapermissions.md b/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql_sensitivedatapermissions.md new file mode 100644 index 0000000000..765364cd48 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sql_sensitivedatapermissions.md @@ -0,0 +1,28 @@ +# SQL_SensitiveDataPermissions Job + +The SQL_SensitiveDataPermissions Job is designed to provide all types of permissions on database +objects containing sensitive data across all the targeted SQL or Azure SQL servers. + +## Analysis Tasks for the SQL_SensitiveDataPermissions Job + +Navigate to the **Databases** > SQL > 5.Sensitve Data > SQL_SensitiveDataPermissions > Configure +node and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sqljobgroup48.webp) + +The default analysis tasks are: + +- List sensitive data permission details – Creates the SA_SQL_SensitiveDataPermissions_Details table + accessible under the job’s Results node +- Sensitive Data Permissions Database Summary – Creates the + SA_SQL_SensitiveDataPermissions_DatabaseSummary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataPermissions +Job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Sensitive Data Permissions | This report highlights sensitive data permissions in the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays top databases by permission count - Table – Provides details on database permission summary - Table – Provides details on sensitive data permission details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/sql-securityassessment.md b/docs/accessanalyzer/12.0/solutions/databases/sql/sql-securityassessment.md deleted file mode 100644 index 1195d446eb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/sql-securityassessment.md +++ /dev/null @@ -1,39 +0,0 @@ -# SQL_SecurityAssessment Job - -The SQL_SecurityAssessment Job summarizes and categorizes security findings into HIGH, MEDIUM, LOW, -and NO FINDINGS categories based on severity. - -![SQL_SecurityAssessment](/img/product_docs/accessanalyzer/solutions/databases/sql/sqljobgroup49.webp) - -Special Dependencies - -One or more of the following jobs or job groups must be run to produce results: - -- [0.Collection > SQL Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/overview.md) -- [SQL_PasswordIssues Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-passwordissues.md) -- [SQL_RoleMembers Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-rolemembers.md) -- [SQL_PublicPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql-publicpermissions.md) -- [5.Sensitive Data Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/overview.md) -- [Privileged Accounts Job Group](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md) -- [Privileged Accounts Job Group](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md) - -Only information collected from jobs/groups being run will produce findings. - -### Analysis Task for the SQL_SecurityAssessment Job - -Navigate to the SQL > SQL_SecurityAssesment > Configure node and select Analysis to view the -analysis task. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/sqljobgroup50.webp) - -The default analysis task is: - -- Summarize Audit Findings – Pulls data from tables created by the jobs and job groups throughout - the SQL Solution to provide a summary of results in the SQL Security Assessment report - -In addition to the tables and views created by the analysis task, the SQL_SecurityAssessment Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | -------------------------------------------------------------------------- | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| SQL Security Assessment | This report summarizes security related results from the SQL solution set. | Security Assessment | This report is comprised of four elements: - Table – Provides details on the scope of the audit of the SQL Solution set - Pie Chart – Displays job findings by severity - Table – Displays findings by category and provides details on the SQL_SecurityAssessment job results | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/sql_securityassessment.md b/docs/accessanalyzer/12.0/solutions/databases/sql/sql_securityassessment.md new file mode 100644 index 0000000000..5d6df1618e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/sql_securityassessment.md @@ -0,0 +1,39 @@ +# SQL_SecurityAssessment Job + +The SQL_SecurityAssessment Job summarizes and categorizes security findings into HIGH, MEDIUM, LOW, +and NO FINDINGS categories based on severity. + +![SQL_SecurityAssessment](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sqljobgroup49.webp) + +Special Dependencies + +One or more of the following jobs or job groups must be run to produce results: + +- [0.Collection > SQL Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/collection/overview.md) +- [SQL_PasswordIssues Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_passwordissues.md) +- [SQL_RoleMembers Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_rolemembers.md) +- [SQL_PublicPermissions Job](/docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sql_publicpermissions.md) +- [5.Sensitive Data Job Group](/docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/overview.md) +- [Privileged Accounts Job Group](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md) +- [Privileged Accounts Job Group](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md) + +Only information collected from jobs/groups being run will produce findings. + +### Analysis Task for the SQL_SecurityAssessment Job + +Navigate to the SQL > SQL_SecurityAssesment > Configure node and select Analysis to view the +analysis task. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sqljobgroup50.webp) + +The default analysis task is: + +- Summarize Audit Findings – Pulls data from tables created by the jobs and job groups throughout + the SQL Solution to provide a summary of results in the SQL Security Assessment report + +In addition to the tables and views created by the analysis task, the SQL_SecurityAssessment Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | -------------------------------------------------------------------------- | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| SQL Security Assessment | This report summarizes security related results from the SQL solution set. | Security Assessment | This report is comprised of four elements: - Table – Provides details on the scope of the audit of the SQL Solution set - Pie Chart – Displays job findings by severity - Table – Displays findings by category and provides details on the SQL_SecurityAssessment job results | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/overview.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/overview.md index cd41587883..4234ea3b8c 100644 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/overview.md +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/overview.md @@ -3,24 +3,24 @@ The 1.Users and Roles Job Group is designed to provide insight into user security, roles, and object permissions to all SQL or Azure SQL server objects. -![Users and Roles Job Group](/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup22.webp) +![Users and Roles Job Group](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup22.webp) The jobs in the 1.Users and Roles Job Group are: -- [SQL_DatabasePrinciples Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-databaseprinciples.md) – This job group is designed to provide +- [SQL_DatabasePrinciples Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_databaseprinciples.md) – This job group is designed to provide detailed information on database principals across all the targeted SQL or Azure SQL server instances -- [SQL_PasswordIssues Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-passwordissues.md) – This job group is designed to analyze the SQL or +- [SQL_PasswordIssues Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_passwordissues.md) – This job group is designed to analyze the SQL or Azure SQL login passwords and evaluate if they comply with the prescribed password policies. In addition, it checks for weak passwords. -- [SQL_RoleMembers Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-rolemembers.md) – This job is designed to analyze and provide +- [SQL_RoleMembers Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_rolemembers.md) – This job is designed to analyze and provide information about all the role members in each o the SQL or Azure SQL server role groups, both at the instance and database level, across all the targeted SQL or Azure SQL servers -- [SQL_ServerPrincipals Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-serverprincipals.md) – This job is designed to provide information +- [SQL_ServerPrincipals Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_serverprincipals.md) – This job is designed to provide information about all the server principals on the instances across all the targeted SQL or Azure SQL servers -- [SQL_SQLLogins Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-sqllogins.md) – This job is designed to provide information on both +- [SQL_SQLLogins Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_sqllogins.md) – This job is designed to provide information on both successful and failed SQL or Azure SQL server logins across all the targeted SQL or Azure SQL servers -- [SQL_SysAdmins Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-sysadmins.md) – This job group is designed to provide insight into all the +- [SQL_SysAdmins Job](/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_sysadmins.md) – This job group is designed to provide insight into all the users who have SQL or Azure SQL server administration roles across all the targeted SQL or Azure SQL servers diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-databaseprinciples.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-databaseprinciples.md deleted file mode 100644 index 39c1bf1728..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-databaseprinciples.md +++ /dev/null @@ -1,28 +0,0 @@ -# SQL_DatabasePrinciples Job - -The SQL_DatabasePrinciplesJob provides detailed information on database principals across all -targeted SQL or Azure SQL server instances. - -## Analysis Tasks for the SQL_DatabasePrinciples Job - -Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_DatabasePrinciples > Configure node -and select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup23.webp) - -The default analysis tasks are: - -- Determine user details – Creates the SA_SQLServer_DatabasePrincipals_Details table accessible - under the job’s Results node -- Summarize by instance – Creates the SA_SQLServer_DatabasePrincipals_InstanceSummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_DataPrinciples Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Principles | This report determines all database principals on a per-instance basis. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by domain principal count - Table – Provides details on principal count by instance - Table – Provides details on principal details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-passwordissues.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-passwordissues.md deleted file mode 100644 index 46faed8f9e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-passwordissues.md +++ /dev/null @@ -1,56 +0,0 @@ -# SQL_PasswordIssues Job - -The SQL_PasswordIssues Job analyzes SQL or Azure SQL login passwords and evaluates SQL login -password compliance against prescribed password policies. The SQL_PasswordIssues Job also checks for -weak passwords. - -## Queries for the SQL_Passwords Job - -The Collect Weak Passwords Job uses the PowerShell Data Collector for the following query: - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup24.webp) - -- Collect Weak Passwords – Locate the dictionary file containing the weak passwords and import the - passwords - - See [PowerShell Data Collector](/docs/accessanalyzer/12.0/data-collection/powershell/overview.md) for - additional information. - -## Analysis Tasks for the SQL_PasswordIssues Job - -Navigate to the Jobs > **Databases** > SQL > 3.Users and Roles > SQL_PasswordIssues > Configure node -and select Analysis to view the analysis tasks. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or -deselected unless otherwise specified. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp) - -The default analysis tasks are: - -- Analyze the Weak Passwords – Compare the weak passwords list against the collected password hashes - - This analysis task has a configurable parameter: - - @ShowPassword – Set to **0** by default. Set to **1** to enable the analysis task to bring - back the plain-text password that was found - - See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) - topic for additional information on modifying analysis parameters. -- Shared Passwords – Highlights SQL Server Logins with shared password hashes -- No Password – Inserts users that do not have a password set into the details table -- Summarize the Weak Password Results – Summarizes the data that has been collected by the weak - passwords job - -The following analysis task is deselected by default: - -- Drop SQL Login Password Hashes – Nulls the SQL password hashes for the SQLServer_SqlLogins table. - - Enable this analysis task only if needed. This analysis task nulls the password_hash column in - the SA_SqlServer_SqlLogins table. - -In addition to the tables and views created by the analysis tasks, the SQL_PasswordIssues Job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Reused Passwords | This report highlights instances where a password hash is being reused. | None | This report is comprised of one element: - Table – Provides details on reused password details | -| Weak Passwords | This report highlights SQL logins that have a weak password. | None | This report is comprised of three elements: - Bar Chart – Displays weak passwords by instance - Table – Provides details on weak passwords by instance data - Table – Provides details on logins with weak passwords | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-rolemembers.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-rolemembers.md deleted file mode 100644 index f2425cb8d9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-rolemembers.md +++ /dev/null @@ -1,34 +0,0 @@ -# SQL_RoleMembers Job - -The SQL_RoleMembers Job analyzes and provides information on role members in each SQL server role -group, both at the instance and database level, across all targeted SQL servers. - -## Analysis Tasks for the SQL_RoleMembers Job - -Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_RoleMembers > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup26.webp) - -The default analysis tasks are: - -- Role Member Details – Creates the SA_SQLServer_RoleMember_Details table accessible under the job’s - Results node -- Effective SQL Role Membership – Creates the SA_SQLServer_EffectiveMembership table accessible - under the job’s Results node. This analysis task determines the Effective Role Membership for SQL - or Azure SQL Roles. -- Effective AD Role Membership – Creates the SA_SQLServer_EffectiveRoleMembership table accessible - under the job’s Results node. This analysis task determines the AD Effective Role Membership for - SQL or Azure SQL Roles and adds them to the SQL Effective Membership table. -- Role Membership Instances Summary – Creates the SA_SQL_RoleMember_Summary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_RoleMembers Job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Role Membership | This report shows details on the roles and role membership in the audited SQL environment. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top instances by server and database role membership - Table – Provides details on instances by server and database role membership - Table – Provides details on role membership details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-serverprincipals.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-serverprincipals.md deleted file mode 100644 index c6b448e417..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-serverprincipals.md +++ /dev/null @@ -1,28 +0,0 @@ -# SQL_ServerPrincipals Job - -The SQL_ServerPrincipals Job provides information on server principals at the instance level across -targeted SQL or Azure SQL servers. - -## Analysis Tasks for the SQL_ServerPrincipals Job - -Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_ServerPrincipals > Configure node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup27.webp) - -The default analysis tasks are: - -- Determine user details – Creates the SA_SQL_ServerPrincipals_Details table accessible under the - job’s Results node -- Summarize by Instance – Creates the SA_SQL_ServerPrincipals_InstanceSummary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_ServerPrincipals Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Server Principals | This report determines all server principals on a per-instance basis. Users are considered stale if they have not authenticated to the domain in 60 days. This threshold can be configured in the 3-AD_Exceptions job in the .Active Directory Inventory job group. | None | This report is comprised of three elements: - Bar Chart – Displays top instances - Table – Provides details on principal count by instance - Table – Provides details on principal details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-sqllogins.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-sqllogins.md deleted file mode 100644 index c055959047..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-sqllogins.md +++ /dev/null @@ -1,28 +0,0 @@ -# SQL_SQLLogins Job - -The SQL_SQLLogins Job provides information on successful and failed SQL server logins across all -targeted SQL or Azure SQL servers. - -## Analysis Tasks for the SQL_SQLLogins Job - -Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_SQLLogins > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup28.webp) - -The default analysis tasks are: - -- Calculate user login details – Creates the SA_SQL_UserLogin_Details table accessible under the - job’s Results node -- User Logins Instance Summary – Creates the SA_SQLServer_UserLogins_Summary table accessible under - the job's Results node - -In addition to the tables and views created by the analysis task, the SQL_SQLLogins Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------- | ----------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SQL Logins | This report lists user login information. | None | This report is comprised of three elements: - Bar Chart– Displays number of logins by instance - Table – Provides details on login exceptions by instance - Table – Provides details on SQL logins | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-sysadmins.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-sysadmins.md deleted file mode 100644 index 669a60a2b3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql-sysadmins.md +++ /dev/null @@ -1,30 +0,0 @@ -# SQL_SysAdmins Job - -The SQL_SysAdmins Job provides insight into users who have SQL server administration roles across -all targeted SQL or Azure SQL servers. - -## Analysis Tasks for the SQL_SysAdmins Job - -Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_SysAdmins > Configure node and select -Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup29.webp) - -The default analysis tasks are: - -- Calculate admin details – Creates the SA_SQL_SysAdmins_Details table accessible under the job’s - Results node -- Summarize SysAdmins – Creates the SA_SQL_SysAdmins_InstanceSummary table accessible under the - job’s Results node -- Sys Admin Domain Users - Creates the SA_SQL_SysAdmins_DomainUsers table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis task, the **SQL_SysAdmins Job** produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------- | --------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Admin Summary | This report highlights all principals with the 'sysadmin' role. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by admin count - Table – Provides top instances by admin count - Table – Provides details on admin details - Table – Provides details on domain user admin details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_databaseprinciples.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_databaseprinciples.md new file mode 100644 index 0000000000..9941ef47dd --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_databaseprinciples.md @@ -0,0 +1,28 @@ +# SQL_DatabasePrinciples Job + +The SQL_DatabasePrinciplesJob provides detailed information on database principals across all +targeted SQL or Azure SQL server instances. + +## Analysis Tasks for the SQL_DatabasePrinciples Job + +Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_DatabasePrinciples > Configure node +and select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup23.webp) + +The default analysis tasks are: + +- Determine user details – Creates the SA_SQLServer_DatabasePrincipals_Details table accessible + under the job’s Results node +- Summarize by instance – Creates the SA_SQLServer_DatabasePrincipals_InstanceSummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_DataPrinciples Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Principles | This report determines all database principals on a per-instance basis. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by domain principal count - Table – Provides details on principal count by instance - Table – Provides details on principal details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_passwordissues.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_passwordissues.md new file mode 100644 index 0000000000..0e303e3136 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_passwordissues.md @@ -0,0 +1,56 @@ +# SQL_PasswordIssues Job + +The SQL_PasswordIssues Job analyzes SQL or Azure SQL login passwords and evaluates SQL login +password compliance against prescribed password policies. The SQL_PasswordIssues Job also checks for +weak passwords. + +## Queries for the SQL_Passwords Job + +The Collect Weak Passwords Job uses the PowerShell Data Collector for the following query: + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup24.webp) + +- Collect Weak Passwords – Locate the dictionary file containing the weak passwords and import the + passwords + - See [PowerShell Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/powershell/overview.md) for + additional information. + +## Analysis Tasks for the SQL_PasswordIssues Job + +Navigate to the Jobs > **Databases** > SQL > 3.Users and Roles > SQL_PasswordIssues > Configure node +and select Analysis to view the analysis tasks. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or +deselected unless otherwise specified. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp) + +The default analysis tasks are: + +- Analyze the Weak Passwords – Compare the weak passwords list against the collected password hashes + - This analysis task has a configurable parameter: + - @ShowPassword – Set to **0** by default. Set to **1** to enable the analysis task to bring + back the plain-text password that was found + - See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information on modifying analysis parameters. +- Shared Passwords – Highlights SQL Server Logins with shared password hashes +- No Password – Inserts users that do not have a password set into the details table +- Summarize the Weak Password Results – Summarizes the data that has been collected by the weak + passwords job + +The following analysis task is deselected by default: + +- Drop SQL Login Password Hashes – Nulls the SQL password hashes for the SQLServer_SqlLogins table. + - Enable this analysis task only if needed. This analysis task nulls the password_hash column in + the SA_SqlServer_SqlLogins table. + +In addition to the tables and views created by the analysis tasks, the SQL_PasswordIssues Job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Reused Passwords | This report highlights instances where a password hash is being reused. | None | This report is comprised of one element: - Table – Provides details on reused password details | +| Weak Passwords | This report highlights SQL logins that have a weak password. | None | This report is comprised of three elements: - Bar Chart – Displays weak passwords by instance - Table – Provides details on weak passwords by instance data - Table – Provides details on logins with weak passwords | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_rolemembers.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_rolemembers.md new file mode 100644 index 0000000000..822a100707 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_rolemembers.md @@ -0,0 +1,34 @@ +# SQL_RoleMembers Job + +The SQL_RoleMembers Job analyzes and provides information on role members in each SQL server role +group, both at the instance and database level, across all targeted SQL servers. + +## Analysis Tasks for the SQL_RoleMembers Job + +Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_RoleMembers > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup26.webp) + +The default analysis tasks are: + +- Role Member Details – Creates the SA_SQLServer_RoleMember_Details table accessible under the job’s + Results node +- Effective SQL Role Membership – Creates the SA_SQLServer_EffectiveMembership table accessible + under the job’s Results node. This analysis task determines the Effective Role Membership for SQL + or Azure SQL Roles. +- Effective AD Role Membership – Creates the SA_SQLServer_EffectiveRoleMembership table accessible + under the job’s Results node. This analysis task determines the AD Effective Role Membership for + SQL or Azure SQL Roles and adds them to the SQL Effective Membership table. +- Role Membership Instances Summary – Creates the SA_SQL_RoleMember_Summary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_RoleMembers Job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Role Membership | This report shows details on the roles and role membership in the audited SQL environment. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top instances by server and database role membership - Table – Provides details on instances by server and database role membership - Table – Provides details on role membership details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_serverprincipals.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_serverprincipals.md new file mode 100644 index 0000000000..372a61057d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_serverprincipals.md @@ -0,0 +1,28 @@ +# SQL_ServerPrincipals Job + +The SQL_ServerPrincipals Job provides information on server principals at the instance level across +targeted SQL or Azure SQL servers. + +## Analysis Tasks for the SQL_ServerPrincipals Job + +Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_ServerPrincipals > Configure node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup27.webp) + +The default analysis tasks are: + +- Determine user details – Creates the SA_SQL_ServerPrincipals_Details table accessible under the + job’s Results node +- Summarize by Instance – Creates the SA_SQL_ServerPrincipals_InstanceSummary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_ServerPrincipals Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Server Principals | This report determines all server principals on a per-instance basis. Users are considered stale if they have not authenticated to the domain in 60 days. This threshold can be configured in the 3-AD_Exceptions job in the .Active Directory Inventory job group. | None | This report is comprised of three elements: - Bar Chart – Displays top instances - Table – Provides details on principal count by instance - Table – Provides details on principal details | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_sqllogins.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_sqllogins.md new file mode 100644 index 0000000000..2c33c65208 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_sqllogins.md @@ -0,0 +1,28 @@ +# SQL_SQLLogins Job + +The SQL_SQLLogins Job provides information on successful and failed SQL server logins across all +targeted SQL or Azure SQL servers. + +## Analysis Tasks for the SQL_SQLLogins Job + +Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_SQLLogins > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup28.webp) + +The default analysis tasks are: + +- Calculate user login details – Creates the SA_SQL_UserLogin_Details table accessible under the + job’s Results node +- User Logins Instance Summary – Creates the SA_SQLServer_UserLogins_Summary table accessible under + the job's Results node + +In addition to the tables and views created by the analysis task, the SQL_SQLLogins Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------- | ----------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SQL Logins | This report lists user login information. | None | This report is comprised of three elements: - Bar Chart– Displays number of logins by instance - Table – Provides details on login exceptions by instance - Table – Provides details on SQL logins | diff --git a/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_sysadmins.md b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_sysadmins.md new file mode 100644 index 0000000000..0903696eb1 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sql_sysadmins.md @@ -0,0 +1,30 @@ +# SQL_SysAdmins Job + +The SQL_SysAdmins Job provides insight into users who have SQL server administration roles across +all targeted SQL or Azure SQL servers. + +## Analysis Tasks for the SQL_SysAdmins Job + +Navigate to the **Databases** > SQL > 3.Users and Roles > SQL_SysAdmins > Configure node and select +Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task(s). The analysis task(s) are +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup29.webp) + +The default analysis tasks are: + +- Calculate admin details – Creates the SA_SQL_SysAdmins_Details table accessible under the job’s + Results node +- Summarize SysAdmins – Creates the SA_SQL_SysAdmins_InstanceSummary table accessible under the + job’s Results node +- Sys Admin Domain Users - Creates the SA_SQL_SysAdmins_DomainUsers table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis task, the **SQL_SysAdmins Job** produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------- | --------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Admin Summary | This report highlights all principals with the 'sysadmin' role. | None | This report is comprised of three elements: - Bar Chart – Displays top instances by admin count - Table – Provides top instances by admin count - Table – Provides details on admin details - Table – Provides details on domain user admin details | diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox-permissions-scan.md b/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox-permissions-scan.md deleted file mode 100644 index 3c7a6bb3c4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox-permissions-scan.md +++ /dev/null @@ -1,58 +0,0 @@ -# 1-Dropbox_Permissions Scan Job - -The 1-Dropbox_Permissions Scan job collects data from the Dropbox environment on access rights, -sharing policies, configurations, and content. - -**CAUTION:** This job should not be run if running sensitive data scans against the Dropbox Business -environment. - -## Queries for the 1-Dropbox_Permissions Scan Job - -The 1-Dropbox_Permissions Scan job has been preconfigured to run with the default settings with the -category of Dropbox Access. - -![Queries for the 1-Dropbox_Permissions Scan Job](/img/product_docs/accessanalyzer/solutions/databases/db2/collection/permissionsscanquery.webp) - -The query for the 1-Dropbox_Permissions Scan job is: - -- Dropbox Access – Collects the data on access rights, sharing policies, configurations, and content - -### Configure the Dropbox Access Query - -Follow the steps to either generate the access token needed for the Connection Profile (only done -prior to first execution) or to set any desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **Dropbox** > **0.Collection** > **1-Dropbox_Permissions -Scan** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties** to open the Query Properties -window. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Dropbox Access Auditor -Data Collector Wizard opens. - -![Dropbox Access Auditor Data Collector Wizard Scan Options page](/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsscanoptionspage.webp) - -**Step 4 –** T Use the Scan Options page ito generate the access token prior to the first execution -of the job group. - -- Remember to copy the access token, either from the textbox or using the **Copy to Clipboard** - button, and use it in the Connection Profile assigned to the Dropbox Solution. Once the access - token has been generated and copied, if no customizations are to be made, click **Cancel** to - close the Dropbox Access Auditor Data Collector wizard. -- See the [DropboxAccess: Scan Options](/docs/accessanalyzer/12.0/data-collection/dropbox-access/scan-options.md) - topic for full instructions on generating the access token - -**Step 5 –** If query customizations are desired, click **Next** to continue. - -![Dropbox Access Auditor Data Collector Wizard Scoping page](/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsscopingpage.webp) - -**Step 6 –** On the Scoping page, select whether to scan **All Users** or **Limited Users**. If -**Limited Users** is selected, browse to a CSV file with one email address per row for the desired -users. In the File Permissions section, select the **Collect File Level Permissions** checkbox to -collect permissions at the file level. When finished with this page, click **Next**. - -**Step 7 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 1-Dropbox_Permissions Scan job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox-sdd-scan.md b/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox-sdd-scan.md deleted file mode 100644 index 050358110a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox-sdd-scan.md +++ /dev/null @@ -1,68 +0,0 @@ -# 1-Dropbox_SDD Scan Job - -The 1-Dropbox_SDD Scan job collects data from the Dropbox environment on access rights, sharing -policies, configurations, content and sensitive data. - -## Queries for the 1-Dropbox_SDD Scan Job - -The 1-Dropbox_SDD Scan job has been preconfigured to run under the default settings within the -category of Scan for Sensitive Content. - -![Queries for the 1-Dropbox_SDD Scan Job](/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddscanquery.webp) - -The query for the 1-Dropbox_SDD Scan job is: - -- Sensitive Data Scan – Scans Dropbox for sensitive data - -### Configure the Sensitive Data Scan Query - -Follow the steps to either generate the access token needed for the Connection Profile (only done -prior to first execution) or to set any desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **Dropbox** > **0.Collection** > **1-Dropbox_SDD Scan** > -**Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties** to open the Query Properties -window. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Dropbox Access Auditor -Data Collector Wizard opens. - -![Dropbox Access Auditor Data Collector Wizard Scoping page](/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddscopingpage.webp) - -**Step 4 –** On the Scoping page, select whether to scan **All Users** or **Limited Users**. If -**Limited Users** is selected, browse to a CSV file with one email address per row for the desired -users. In the File Permissions section, select the **Collect File Level Permissions** checkbox to -collect permissions at the file level. See the -[DropboxAccess: Scoping](/docs/accessanalyzer/12.0/data-collection/dropbox-access/scoping.md) topic for additional -information. - -![Dropbox Access Auditor Data Collector Wizard DLP Audit Settings page](/img/product_docs/accessanalyzer/solutions/dropbox/collection/sdddlpsettings.webp) - -**Step 5 –** On theDLP Audit Settings page: - -- Modify the maximum file size to be scanned -- Modify file types to be scanned -- Enable storing of discovered match hits -- Enable differential scanning - -See the -[DropboxAccess: DLP Audit Settings](/docs/accessanalyzer/12.0/data-collection/dropbox-access/dlp-audit-settings.md) -topic for additional information. - -![Dropbox Access Auditor Data Collector Wizard Select DLP criteria page](/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddselectdlpcriteria.webp) - -**Step 6 –** On the Select DLP Criteria for This Scan page , add or remove criteria as desired. - -- (Optional) Create custom criteria with the **Edit** option. See the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) topic - for additional information. - -See the -[DropboxAccess: Select DLP Criteria](/docs/accessanalyzer/12.0/data-collection/dropbox-access/select-dlp-criteria.md) -topic for additional information. - -**Step 7 –** On the Completion Page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 1-Dropbox_SDD Scan job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox_permissions_scan.md b/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox_permissions_scan.md new file mode 100644 index 0000000000..224838fc66 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox_permissions_scan.md @@ -0,0 +1,58 @@ +# 1-Dropbox_Permissions Scan Job + +The 1-Dropbox_Permissions Scan job collects data from the Dropbox environment on access rights, +sharing policies, configurations, and content. + +**CAUTION:** This job should not be run if running sensitive data scans against the Dropbox Business +environment. + +## Queries for the 1-Dropbox_Permissions Scan Job + +The 1-Dropbox_Permissions Scan job has been preconfigured to run with the default settings with the +category of Dropbox Access. + +![Queries for the 1-Dropbox_Permissions Scan Job](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsscanquery.webp) + +The query for the 1-Dropbox_Permissions Scan job is: + +- Dropbox Access – Collects the data on access rights, sharing policies, configurations, and content + +### Configure the Dropbox Access Query + +Follow the steps to either generate the access token needed for the Connection Profile (only done +prior to first execution) or to set any desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **Dropbox** > **0.Collection** > **1-Dropbox_Permissions +Scan** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties** to open the Query Properties +window. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Dropbox Access Auditor +Data Collector Wizard opens. + +![Dropbox Access Auditor Data Collector Wizard Scan Options page](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsscanoptionspage.webp) + +**Step 4 –** T Use the Scan Options page ito generate the access token prior to the first execution +of the job group. + +- Remember to copy the access token, either from the textbox or using the **Copy to Clipboard** + button, and use it in the Connection Profile assigned to the Dropbox Solution. Once the access + token has been generated and copied, if no customizations are to be made, click **Cancel** to + close the Dropbox Access Auditor Data Collector wizard. +- See the [DropboxAccess: Scan Options](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.md) + topic for full instructions on generating the access token + +**Step 5 –** If query customizations are desired, click **Next** to continue. + +![Dropbox Access Auditor Data Collector Wizard Scoping page](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsscopingpage.webp) + +**Step 6 –** On the Scoping page, select whether to scan **All Users** or **Limited Users**. If +**Limited Users** is selected, browse to a CSV file with one email address per row for the desired +users. In the File Permissions section, select the **Collect File Level Permissions** checkbox to +collect permissions at the file level. When finished with this page, click **Next**. + +**Step 7 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 1-Dropbox_Permissions Scan job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox_sdd_scan.md b/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox_sdd_scan.md new file mode 100644 index 0000000000..47ca723f57 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox_sdd_scan.md @@ -0,0 +1,68 @@ +# 1-Dropbox_SDD Scan Job + +The 1-Dropbox_SDD Scan job collects data from the Dropbox environment on access rights, sharing +policies, configurations, content and sensitive data. + +## Queries for the 1-Dropbox_SDD Scan Job + +The 1-Dropbox_SDD Scan job has been preconfigured to run under the default settings within the +category of Scan for Sensitive Content. + +![Queries for the 1-Dropbox_SDD Scan Job](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddscanquery.webp) + +The query for the 1-Dropbox_SDD Scan job is: + +- Sensitive Data Scan – Scans Dropbox for sensitive data + +### Configure the Sensitive Data Scan Query + +Follow the steps to either generate the access token needed for the Connection Profile (only done +prior to first execution) or to set any desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **Dropbox** > **0.Collection** > **1-Dropbox_SDD Scan** > +**Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties** to open the Query Properties +window. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Dropbox Access Auditor +Data Collector Wizard opens. + +![Dropbox Access Auditor Data Collector Wizard Scoping page](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddscopingpage.webp) + +**Step 4 –** On the Scoping page, select whether to scan **All Users** or **Limited Users**. If +**Limited Users** is selected, browse to a CSV file with one email address per row for the desired +users. In the File Permissions section, select the **Collect File Level Permissions** checkbox to +collect permissions at the file level. See the +[DropboxAccess: Scoping](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scoping.md) topic for additional +information. + +![Dropbox Access Auditor Data Collector Wizard DLP Audit Settings page](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sdddlpsettings.webp) + +**Step 5 –** On theDLP Audit Settings page: + +- Modify the maximum file size to be scanned +- Modify file types to be scanned +- Enable storing of discovered match hits +- Enable differential scanning + +See the +[DropboxAccess: DLP Audit Settings](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/dlpauditsettings.md) +topic for additional information. + +![Dropbox Access Auditor Data Collector Wizard Select DLP criteria page](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddselectdlpcriteria.webp) + +**Step 6 –** On the Select DLP Criteria for This Scan page , add or remove criteria as desired. + +- (Optional) Create custom criteria with the **Edit** option. See the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) topic + for additional information. + +See the +[DropboxAccess: Select DLP Criteria](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/selectdlpcriteria.md) +topic for additional information. + +**Step 7 –** On the Completion Page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 1-Dropbox_SDD Scan job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox-permissions-bulk-import.md b/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox-permissions-bulk-import.md deleted file mode 100644 index 632474d939..0000000000 --- a/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox-permissions-bulk-import.md +++ /dev/null @@ -1,23 +0,0 @@ -# 2-Dropbox_Permissions Bulk Import Job - -The 2-Dropbox_Permissions Bulk Import job imports the data collected by the 1-Dropbox \_Permissions -Scan job to the Access Analyzer database for use by the analysis tasks. - -**CAUTION:** This job should not be run if running sensitive data scans against the Dropbox Business -environment. - -## Queries for the 2-Dropbox_Permissions Bulk Import Job - -The 2-Dropbox_Permissions Bulk Import job has been preconfigured to run with the default settings -with the category of Bulk Import Access Scan Results. - -![Queries for the 2-Dropbox_Permissions Bulk Import Job](/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsbulkimportquery.webp) - -The query for the 2-Dropbox_Permissions Bulk Import job is: - -- Dropbox Bulk Import – Imports data collected by the 1-Dropbox_Permissions Scan job to the Access - Analyzer database - -There are no customization options available for this job. The Summary page of the Dropbox Access -Auditor Data Collector wizard can be viewed at the **Jobs** > **Dropbox** > **0.Collection** > -**2-Dropbox_Permissions Bulk Import** > **Configure** > **Queries** node. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox-sdd-bulk-import.md b/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox-sdd-bulk-import.md deleted file mode 100644 index 2cf17b2b77..0000000000 --- a/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox-sdd-bulk-import.md +++ /dev/null @@ -1,20 +0,0 @@ -# 2-Dropbox_SDD Bulk Import Job - -The 2-Dropbox_SDD Bulk Import job imports the data collected by the 1-Dropbox_SDD Scan job to the -Access Analyzer database for use by the analysis tasks. - -## Queries for the 2-Dropbox_SDD Bulk Import Job - -The 2-Dropbox_SDD Bulk Import Job has been preconfigured to run with the default settings with the -category of Bulk Import Sensitive Content Scan. - -![Queries for the 2-Dropbox_SDD Bulk Import Job](/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddbulkimportquery.webp) - -The query for the 2-Dropbox_SDD Bulk Import job is: - -- DropboxSDD Bulk Import – Imports data collected by the Dropbox 1-SDD Scan Job into the Access - Analyzer database - -There are no customization options available for this job. The Summary page of the Dropbox Access -Auditor Data Collector wizard can be viewed at the **Jobs** > **Dropbox** > **0.Collection** > -**2-Dropbox_SDD Bulk Import** > **Configure** > **Queries** node. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox_permissions_bulk_import.md b/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox_permissions_bulk_import.md new file mode 100644 index 0000000000..22157ed5dd --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox_permissions_bulk_import.md @@ -0,0 +1,23 @@ +# 2-Dropbox_Permissions Bulk Import Job + +The 2-Dropbox_Permissions Bulk Import job imports the data collected by the 1-Dropbox \_Permissions +Scan job to the Access Analyzer database for use by the analysis tasks. + +**CAUTION:** This job should not be run if running sensitive data scans against the Dropbox Business +environment. + +## Queries for the 2-Dropbox_Permissions Bulk Import Job + +The 2-Dropbox_Permissions Bulk Import job has been preconfigured to run with the default settings +with the category of Bulk Import Access Scan Results. + +![Queries for the 2-Dropbox_Permissions Bulk Import Job](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsbulkimportquery.webp) + +The query for the 2-Dropbox_Permissions Bulk Import job is: + +- Dropbox Bulk Import – Imports data collected by the 1-Dropbox_Permissions Scan job to the Access + Analyzer database + +There are no customization options available for this job. The Summary page of the Dropbox Access +Auditor Data Collector wizard can be viewed at the **Jobs** > **Dropbox** > **0.Collection** > +**2-Dropbox_Permissions Bulk Import** > **Configure** > **Queries** node. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox_sdd_bulk_import.md b/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox_sdd_bulk_import.md new file mode 100644 index 0000000000..91f086ad30 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox_sdd_bulk_import.md @@ -0,0 +1,20 @@ +# 2-Dropbox_SDD Bulk Import Job + +The 2-Dropbox_SDD Bulk Import job imports the data collected by the 1-Dropbox_SDD Scan job to the +Access Analyzer database for use by the analysis tasks. + +## Queries for the 2-Dropbox_SDD Bulk Import Job + +The 2-Dropbox_SDD Bulk Import Job has been preconfigured to run with the default settings with the +category of Bulk Import Sensitive Content Scan. + +![Queries for the 2-Dropbox_SDD Bulk Import Job](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddbulkimportquery.webp) + +The query for the 2-Dropbox_SDD Bulk Import job is: + +- DropboxSDD Bulk Import – Imports data collected by the Dropbox 1-SDD Scan Job into the Access + Analyzer database + +There are no customization options available for this job. The Summary page of the Dropbox Access +Auditor Data Collector wizard can be viewed at the **Jobs** > **Dropbox** > **0.Collection** > +**2-Dropbox_SDD Bulk Import** > **Configure** > **Queries** node. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/collection/overview.md b/docs/accessanalyzer/12.0/solutions/dropbox/collection/overview.md index a29bd0fa62..7e9b24322b 100644 --- a/docs/accessanalyzer/12.0/solutions/dropbox/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/dropbox/collection/overview.md @@ -4,21 +4,21 @@ The **Dropbox** > **0.Collection** job group scans the targeted Dropbox site usi Data Collector. The collected data is then available to other job groups in the Dropbox solution and the Access Information Center for analysis. -![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/jobstree.webp) The 0.Collection job group is comprised of: -- [1-Dropbox_Permissions Scan Job](/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox-permissions-scan.md) – This job is responsible for +- [1-Dropbox_Permissions Scan Job](/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox_permissions_scan.md) – This job is responsible for scanning the target Dropbox site -- [1-Dropbox_SDD Scan Job](/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox-sdd-scan.md) – This job is responsible for scanning sensitive +- [1-Dropbox_SDD Scan Job](/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox_sdd_scan.md) – This job is responsible for scanning sensitive data in the target Dropbox site. The Sensitive Data Discovery Add-On is required to run this job. The Dropbox sensitive data Discovery Reports in the Access Information Center are also populated by this data. See the Resource Audits Overview topic in the [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) for additional information. -- [2-Dropbox_Permissions Bulk Import Job](/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox-permissions-bulk-import.md) – This job is +- [2-Dropbox_Permissions Bulk Import Job](/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox_permissions_bulk_import.md) – This job is responsible for importing the collected data into the Access Analyzer database -- [2-Dropbox_SDD Bulk Import Job](/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox-sdd-bulk-import.md) – This job is responsible for +- [2-Dropbox_SDD Bulk Import Job](/docs/accessanalyzer/12.0/solutions/dropbox/collection/2-dropbox_sdd_bulk_import.md) – This job is responsible for importing the collected sensitive data into the Access Analyzer database. The Sensitive Data Discovery Add-On is required to run this job. The Dropbox sensitive data Discovery Reports in the Access Information Center are also populated by this data. See the Resource Audits Overview topic @@ -41,5 +41,5 @@ versa. _Remember,_ prior to running the Dropbox Solution for the first time, it is necessary to generate an access token to be used in the Connection Profile. This only needs to be done once. See the -[Configure the Dropbox Access Query](/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox-permissions-scan.md#configure-the-dropbox-access-query) +[Configure the Dropbox Access Query](1-dropbox_permissions_scan.md#configure-the-dropbox-access-query) topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-access.md b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-access.md deleted file mode 100644 index affbaa5732..0000000000 --- a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-access.md +++ /dev/null @@ -1,33 +0,0 @@ -# 1.Access > Dropbox_Access Job - -The Dropbox_Access job provides insight into effective access to resources within the targeted -Dropbox environment, specifically highlighting inactive access rights that can be revoked. It is -dependent on data collected by the 0.Collection job group. This job processes analysis tasks and -generates reports. - -![1.Access > Dropbox_Access Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/dropbox/accessjobstree.webp) - -The Dropbox_Access job is located in the 1.Access job group. - -## Analysis Tasks for the Dropbox_Access Job - -View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **1.Access** > **Dro -pbox_Access** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Dropbox_Access Job](/img/product_docs/accessanalyzer/solutions/box/accessanalysis.webp) - -- Get access details – Creates the SA_Dropbox_Access_Details table accessible under the job’s - Results node -- Summarize access details – Creates the SA_Dropbox_Access_Summary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks which display effective access to resources, -the Dropbox_Access job produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Effective Access | This report shows effective access for all files in Dropbox. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays access by team - Table – Provides summary of database access - Table – Provides details on database access | -| Inactive Access | This report identifies instances of inactive access in Dropbox. Inactive access to a shared folder occurs when a user has left the shared folder, but can still rejoin it. | None | This report is comprised of two elements: - Bar Chart – Displays inactive access by team - Table – Provides details on inactive access | diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-content.md b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-content.md deleted file mode 100644 index 77b62aaaf1..0000000000 --- a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-content.md +++ /dev/null @@ -1,69 +0,0 @@ -# 4.Content > Dropbox_Content Job - -The Dropbox_Content job provides insight into the type, size, and age of the content within the -targeted Dropbox environment. It is dependent on data collected by the 0.Collection job group. This -job processes analysis tasks and generates reports. - -![4.Content > Dropbox_Content Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/sharepoint/content/contentjobstree.webp) - -The Dropbox_Content job is located in the 4.Content job group. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The Dropbox_Content job has the following customizable parameter: - -- Days since File Modification before a file is considered stale - -See the -[Customizable Analysis Tasks for the Dropbox_Content Job](#customizable-analysis-tasks-for-the-dropbox_content-job) -topic for additional information. - -## Analysis Tasks for the Dropbox_Content Job - -View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **4.Content** > -**Dropbox_Content** > **Configure** node and select **Analysis**. - -**CAUTION:** Most of the analysis tasks should not be modified or deselected. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Dropbox_Content Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/contentanalysis.webp) - -- Summarizes content by mimetype, classification – Creates an interim processing table in the - database for use by downstream analysis and report generation -- Determines stale data by owner: - - - By default, a stale file has not been modified in the past 365 days. You can modify this - analysis task to edit this number of days. See the - [Customizable Analysis Tasks for the Dropbox_Content Job](#customizable-analysis-tasks-for-the-dropbox_content-job) - topic for additional information. - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_Dropbox_StaleData_OwnerSummary table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display content details, the -Dropbox_Content job produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Content By Type | This report breaks down Dropbox content by mimetype and classification. | None | This report is comprised of two elements: - Pie Chart – Displays content types by size - Table – Provides details on all content | -| Stale Content | This report identifies stale content within Dropbox by owner. | Stale Data | This report is comprised of three elements: - Stacked Bar Chart – Displays data ownership - Table – Provides summary of content - Table – Provides details on owners | - -### Customizable Analysis Tasks for the Dropbox_Content Job - -The time frame used to define stale content is set by default to 365 days. This can be modified -within the **Determines stale data by owner** analysis task. The customizable parameter feature -enables you to easily set this value. - -| Customizable Parameter Name | Default Value | Value Indicates | -| --------------------------- | ------------- | --------------------------------------------------------------------------------------------- | -| @days_since_modified | 365 | How many days since the last modified day in order for a file to be considered stale content. | - -The parameter can be customized and is listed in a section at the bottom of the SQL Script Editor. -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-groupmembership.md b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-groupmembership.md deleted file mode 100644 index 84ed553a41..0000000000 --- a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-groupmembership.md +++ /dev/null @@ -1,31 +0,0 @@ -# 3.Group Membership > Dropbox_GroupMembership Job - -The Dropbox_GroupMembership job provides insight into group membership within the targeted Dropbox -environment, highlighting the largest groups. It is dependent on data collected by the 0.Collection -job group. This job processes analysis tasks and generates a report. - -![3.Group Membership > Dropbox_GroupMembership Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/dropbox/groupmembershipjobstree.webp) - -The Dropbox_GroupMembership job is located in the 3.Group Membership job group. - -## Analysis Tasks for the Dropbox_GroupMembership Job - -View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **3.Group Membership** > -**Dropbox_GroupMembership** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Dropbox_GroupMembership Job](/img/product_docs/accessanalyzer/solutions/box/groupmembershipanalysis.webp) - -- Get group membership details – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Summarize group membership by team – Creates the SA_Dropbox_GroupMembership_Summary table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display group membership details, the -Dropbox_GroupMembership job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ---------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Membership | This report lists membership and owners for all groups within Dropbox. | None | This report is comprised of three elements: - Bar Chart – Displays largest groups - Table – Provides summary of group membership - Table – Provides details on membership | diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-sensitivedata.md b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-sensitivedata.md deleted file mode 100644 index 014cf6d7f9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-sensitivedata.md +++ /dev/null @@ -1,41 +0,0 @@ -# 5.Sensitive Data > Dropbox_SensitiveData Job - -The Dropbox_SensitiveData job identifies locations within Dropbox where sensitive data is present. -It analyzes sensitive data collected and imported by the 0.Collection job group, specifically data -discovered by the Dropbox SDD jobs. The generated reports give visibility into the types of -sensitive data found, where it exists, who has access to it, and the sharing policies configured on -it. - -![5.Sensitive Data > Dropbox_SensitiveData Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) - -The Dropbox_SensitiveData job is located in the 5.Sensitive Data job group. - -## Analysis Tasks for the Dropbox_SensitiveData Job - -View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **5.Sensitive Data** > -**Dropbox_SensitiveData** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Dropbox_SensitiveData Job](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) - -- 1. Enterprise Summary – Creates the SA_Dropbox_SensitiveData_EnterpriseSummary table accessible - under the job’s Results node -- 2. Folder Details – Creates the SA*Dropbox* SensitiveData_FolderDetails table accessible under - the job’s Results node -- 3. Folder Summary – Creates the SA*Dropbox* SensitiveData_FolderSummary table accessible under - the job’s Results node -- 4. Permission Details – Creates the SA*Dropbox* SensitiveData_PermissionDetails table accessible - under the job’s Results node -- 5. Permission Summary – Creates the SA*Dropbox* SensitiveData_PermissionSummary table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks which display effective access to resources, -the Dropbox_SensitiveData job produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary | This report identifies the type and amount of sensitive content found on Dropbox. | None | This report is comprised of two elements: - Pie Chart – Displays criteria summary by match count - Table – Provides criteria summary by match count | -| Folder Details | This report identifies the location of sensitive data, and flags whether or not this data is accessible through open access. | None | This report is comprised of three elements: - Bar Chart – Displays top sensitive folders by file count - Table – Provides top sensitive folders by file count - Table – Provides top sensitive folder details by match count | -| Sensitive Data Permissions | This report identifies the sensitive data locations and associated permissions. | None | This report is comprised of three elements: - Bar Chart – Displays sensitive data permission summary by file count - Table – Provides sensitive data permission summary by file count - Table – Provides sensitive data permissions by match count | diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-sharing.md b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-sharing.md deleted file mode 100644 index 69ad02168b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-sharing.md +++ /dev/null @@ -1,34 +0,0 @@ -# 2.Sharing > Dropbox_Sharing Job - -The Dropbox_Sharing job provides insight into the sharing of resources within the targeted Dropbox -environment. It is dependent on data collected by the 0.Collection job group. This job processes -analysis tasks and generates a report on which resources are being shared and under which policy the -sharing occurs. Best practices often dictate that these resources should be carefully monitored due -to the amount of access to the data. If these resources contain privileged data, the access should -be reevaluated or the sensitive resources relocated. - -![2.Sharing > Dropbox_Sharing Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/dropbox/sharingjobstree.webp) - -The Dropbox_Sharing job is located in the 2.Sharing job group. - -## Analysis Tasks for the Dropbox_Sharing Job - -View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **2.Sharing** > -**Dropbox_Sharing** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the Dropbox_Sharing Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/sharinganalysis.webp) - -- Get shared folder details – Creates the SA_Dropbox_Sharing_Details table accessible under the - job’s Results node -- Summarize sharing by team – Creates the SA_Dropbox_Sharing_TeamSummary table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks which display details on shared resources, -the Dropbox_Sharing job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | ---------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Shared Files and Folders | This report lists all shares by team, and provides sharing policy and owner information. | None | This report is comprised of three elements: - Bar Chart – Displays shared folders by team - Table – Provides details on shared folders by team - Table – Provides details on shares | diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_access.md b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_access.md new file mode 100644 index 0000000000..3ba6e02b7c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_access.md @@ -0,0 +1,33 @@ +# 1.Access > Dropbox_Access Job + +The Dropbox_Access job provides insight into effective access to resources within the targeted +Dropbox environment, specifically highlighting inactive access rights that can be revoked. It is +dependent on data collected by the 0.Collection job group. This job processes analysis tasks and +generates reports. + +![1.Access > Dropbox_Access Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/accessjobstree.webp) + +The Dropbox_Access job is located in the 1.Access job group. + +## Analysis Tasks for the Dropbox_Access Job + +View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **1.Access** > **Dro +pbox_Access** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Dropbox_Access Job](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/accessanalysis.webp) + +- Get access details – Creates the SA_Dropbox_Access_Details table accessible under the job’s + Results node +- Summarize access details – Creates the SA_Dropbox_Access_Summary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks which display effective access to resources, +the Dropbox_Access job produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Effective Access | This report shows effective access for all files in Dropbox. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays access by team - Table – Provides summary of database access - Table – Provides details on database access | +| Inactive Access | This report identifies instances of inactive access in Dropbox. Inactive access to a shared folder occurs when a user has left the shared folder, but can still rejoin it. | None | This report is comprised of two elements: - Bar Chart – Displays inactive access by team - Table – Provides details on inactive access | diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_content.md b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_content.md new file mode 100644 index 0000000000..fb91a09cab --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_content.md @@ -0,0 +1,69 @@ +# 4.Content > Dropbox_Content Job + +The Dropbox_Content job provides insight into the type, size, and age of the content within the +targeted Dropbox environment. It is dependent on data collected by the 0.Collection job group. This +job processes analysis tasks and generates reports. + +![4.Content > Dropbox_Content Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/contentjobstree.webp) + +The Dropbox_Content job is located in the 4.Content job group. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The Dropbox_Content job has the following customizable parameter: + +- Days since File Modification before a file is considered stale + +See the +[Customizable Analysis Tasks for the Dropbox_Content Job](#customizable-analysis-tasks-for-the-dropbox_content-job) +topic for additional information. + +## Analysis Tasks for the Dropbox_Content Job + +View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **4.Content** > +**Dropbox_Content** > **Configure** node and select **Analysis**. + +**CAUTION:** Most of the analysis tasks should not be modified or deselected. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Dropbox_Content Job](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/contentanalysis.webp) + +- Summarizes content by mimetype, classification – Creates an interim processing table in the + database for use by downstream analysis and report generation +- Determines stale data by owner: + + - By default, a stale file has not been modified in the past 365 days. You can modify this + analysis task to edit this number of days. See the + [Customizable Analysis Tasks for the Dropbox_Content Job](#customizable-analysis-tasks-for-the-dropbox_content-job) + topic for additional information. + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_Dropbox_StaleData_OwnerSummary table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display content details, the +Dropbox_Content job produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ----------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Content By Type | This report breaks down Dropbox content by mimetype and classification. | None | This report is comprised of two elements: - Pie Chart – Displays content types by size - Table – Provides details on all content | +| Stale Content | This report identifies stale content within Dropbox by owner. | Stale Data | This report is comprised of three elements: - Stacked Bar Chart – Displays data ownership - Table – Provides summary of content - Table – Provides details on owners | + +### Customizable Analysis Tasks for the Dropbox_Content Job + +The time frame used to define stale content is set by default to 365 days. This can be modified +within the **Determines stale data by owner** analysis task. The customizable parameter feature +enables you to easily set this value. + +| Customizable Parameter Name | Default Value | Value Indicates | +| --------------------------- | ------------- | --------------------------------------------------------------------------------------------- | +| @days_since_modified | 365 | How many days since the last modified day in order for a file to be considered stale content. | + +The parameter can be customized and is listed in a section at the bottom of the SQL Script Editor. +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_groupmembership.md b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_groupmembership.md new file mode 100644 index 0000000000..a476b5fedc --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_groupmembership.md @@ -0,0 +1,31 @@ +# 3.Group Membership > Dropbox_GroupMembership Job + +The Dropbox_GroupMembership job provides insight into group membership within the targeted Dropbox +environment, highlighting the largest groups. It is dependent on data collected by the 0.Collection +job group. This job processes analysis tasks and generates a report. + +![3.Group Membership > Dropbox_GroupMembership Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/groupmembershipjobstree.webp) + +The Dropbox_GroupMembership job is located in the 3.Group Membership job group. + +## Analysis Tasks for the Dropbox_GroupMembership Job + +View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **3.Group Membership** > +**Dropbox_GroupMembership** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Dropbox_GroupMembership Job](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/groupmembershipanalysis.webp) + +- Get group membership details – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Summarize group membership by team – Creates the SA_Dropbox_GroupMembership_Summary table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display group membership details, the +Dropbox_GroupMembership job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ---------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Membership | This report lists membership and owners for all groups within Dropbox. | None | This report is comprised of three elements: - Bar Chart – Displays largest groups - Table – Provides summary of group membership - Table – Provides details on membership | diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_sensitivedata.md b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_sensitivedata.md new file mode 100644 index 0000000000..a9dce6fa15 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_sensitivedata.md @@ -0,0 +1,41 @@ +# 5.Sensitive Data > Dropbox_SensitiveData Job + +The Dropbox_SensitiveData job identifies locations within Dropbox where sensitive data is present. +It analyzes sensitive data collected and imported by the 0.Collection job group, specifically data +discovered by the Dropbox SDD jobs. The generated reports give visibility into the types of +sensitive data found, where it exists, who has access to it, and the sharing policies configured on +it. + +![5.Sensitive Data > Dropbox_SensitiveData Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sensitivedatajobstree.webp) + +The Dropbox_SensitiveData job is located in the 5.Sensitive Data job group. + +## Analysis Tasks for the Dropbox_SensitiveData Job + +View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **5.Sensitive Data** > +**Dropbox_SensitiveData** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Dropbox_SensitiveData Job](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sensitivedataanalysis.webp) + +- 1. Enterprise Summary – Creates the SA_Dropbox_SensitiveData_EnterpriseSummary table accessible + under the job’s Results node +- 2. Folder Details – Creates the SA*Dropbox* SensitiveData_FolderDetails table accessible under + the job’s Results node +- 3. Folder Summary – Creates the SA*Dropbox* SensitiveData_FolderSummary table accessible under + the job’s Results node +- 4. Permission Details – Creates the SA*Dropbox* SensitiveData_PermissionDetails table accessible + under the job’s Results node +- 5. Permission Summary – Creates the SA*Dropbox* SensitiveData_PermissionSummary table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks which display effective access to resources, +the Dropbox_SensitiveData job produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary | This report identifies the type and amount of sensitive content found on Dropbox. | None | This report is comprised of two elements: - Pie Chart – Displays criteria summary by match count - Table – Provides criteria summary by match count | +| Folder Details | This report identifies the location of sensitive data, and flags whether or not this data is accessible through open access. | None | This report is comprised of three elements: - Bar Chart – Displays top sensitive folders by file count - Table – Provides top sensitive folders by file count - Table – Provides top sensitive folder details by match count | +| Sensitive Data Permissions | This report identifies the sensitive data locations and associated permissions. | None | This report is comprised of three elements: - Bar Chart – Displays sensitive data permission summary by file count - Table – Provides sensitive data permission summary by file count - Table – Provides sensitive data permissions by match count | diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_sharing.md b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_sharing.md new file mode 100644 index 0000000000..18639c9b10 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_sharing.md @@ -0,0 +1,34 @@ +# 2.Sharing > Dropbox_Sharing Job + +The Dropbox_Sharing job provides insight into the sharing of resources within the targeted Dropbox +environment. It is dependent on data collected by the 0.Collection job group. This job processes +analysis tasks and generates a report on which resources are being shared and under which policy the +sharing occurs. Best practices often dictate that these resources should be carefully monitored due +to the amount of access to the data. If these resources contain privileged data, the access should +be reevaluated or the sensitive resources relocated. + +![2.Sharing > Dropbox_Sharing Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sharingjobstree.webp) + +The Dropbox_Sharing job is located in the 2.Sharing job group. + +## Analysis Tasks for the Dropbox_Sharing Job + +View the analysis tasks by navigating to the **Jobs** > **Dropbox** > **2.Sharing** > +**Dropbox_Sharing** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the Dropbox_Sharing Job](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sharinganalysis.webp) + +- Get shared folder details – Creates the SA_Dropbox_Sharing_Details table accessible under the + job’s Results node +- Summarize sharing by team – Creates the SA_Dropbox_Sharing_TeamSummary table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks which display details on shared resources, +the Dropbox_Sharing job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | ---------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Shared Files and Folders | This report lists all shares by team, and provides sharing policy and owner information. | None | This report is comprised of three elements: - Bar Chart – Displays shared folders by team - Table – Provides details on shared folders by team - Table – Provides details on shares | diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/overview.md b/docs/accessanalyzer/12.0/solutions/dropbox/overview.md index c0d5bbcebe..1f5390177c 100644 --- a/docs/accessanalyzer/12.0/solutions/dropbox/overview.md +++ b/docs/accessanalyzer/12.0/solutions/dropbox/overview.md @@ -15,7 +15,7 @@ scanning the targeted Dropbox site. Key information includes: Dropbox can scan the contents of over 400 file types to discover which files contain sensitive data using Sensitive Data Discovery. See the -[Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitive-data-discovery/overview.md) topic for additional +[Sensitive Data Discovery](/docs/accessanalyzer/12.0/sensitivedatadiscovery/overview.md) topic for additional information. Supported Platforms @@ -24,7 +24,7 @@ Supported Platforms Requirements, Permissions, and Ports -See the [Target Dropbox Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/dropbox.md) +See the [Target Dropbox Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/dropbox.md) topic for additional information. Sensitive Data Discovery Considerations @@ -52,22 +52,22 @@ data and generate reports. The Dropbox Solution offers an overview of an organization’s Dropbox environment by scanning the targeted Dropbox site. It is comprised of jobs which collect, analyze, and report on data. The data collection is conducted by the DropboxAccess Data Collector. See the -[Standard Reference Tables & Views for the DropboxAccess Data Collector](/docs/accessanalyzer/12.0/data-collection/dropbox-access/standard-tables.md) +[Standard Reference Tables & Views for the DropboxAccess Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/standardtables.md) topic for database table information. -![Dropbox Solution Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![Dropbox Solution Overview page](/img/product_docs/accessanalyzer/12.0/solutions/dropbox/overviewpage.webp) The following jobs comprise the Dropbox Solution: - [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/dropbox/collection/overview.md) – Scans the targeted Dropbox site and generates the standard reference tables and views -- [1.Access > Dropbox_Access Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-access.md) – Reports on effective access to Dropbox +- [1.Access > Dropbox_Access Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_access.md) – Reports on effective access to Dropbox resources in the targeted environment -- [2.Sharing > Dropbox_Sharing Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-sharing.md) – Reports on the sharing of Dropbox +- [2.Sharing > Dropbox_Sharing Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_sharing.md) – Reports on the sharing of Dropbox resources in the targeted environment -- [3.Group Membership > Dropbox_GroupMembership Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-groupmembership.md) – Reports on +- [3.Group Membership > Dropbox_GroupMembership Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_groupmembership.md) – Reports on Dropbox group membership in the targeted environment -- [4.Content > Dropbox_Content Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-content.md) – Reports on Dropbox content by size, type, +- [4.Content > Dropbox_Content Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_content.md) – Reports on Dropbox content by size, type, and owner in the targeted environment -- [5.Sensitive Data > Dropbox_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-sensitivedata.md) – Reports on sensitive +- [5.Sensitive Data > Dropbox_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_sensitivedata.md) – Reports on sensitive data in the targeted Dropbox site diff --git a/docs/accessanalyzer/12.0/solutions/dropbox/recommended.md b/docs/accessanalyzer/12.0/solutions/dropbox/recommended.md index 45d248e878..2fee27ebe3 100644 --- a/docs/accessanalyzer/12.0/solutions/dropbox/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/dropbox/recommended.md @@ -19,7 +19,7 @@ Dropbox Access Auditor Data Collector Wizard on the Scan Options page (accessed **1-Dropbox_Permissions Scan** job’s **Queries** node). The access token only needs to be generated once, prior to running the job group for the first time. Then it is used as the credential in the Connection Profile. See the -[DropboxAccess: Scan Options](/docs/accessanalyzer/12.0/data-collection/dropbox-access/scan-options.md) topic for +[DropboxAccess: Scan Options](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.md) topic for additional information. The Dropbox solution has been configured to inherit the Connection Profile from the collection job @@ -28,11 +28,11 @@ group level. The Connection Profile should be assigned under the **Dropbox** > * global settings level. However, since this may not be the Connection Profile with the necessary permissions for Dropbox, select the **Select one of the following user defined profiles** option and select the appropriate Connection Profile from the drop-down menu. See the -[Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/dropbox-access/configure-job.md) +[Custom Dropbox Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/configurejob.md) topic for additional information on configuring the Dropbox credential. The Dropbox bulk import jobs requires the same connection profile as used in the corresponding Dropbox scan jobs -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information on creating Connection Profiles. Schedule Frequency @@ -63,7 +63,7 @@ Query Configuration This solution can be run with the default query configurations. The Scoping page of the Dropbox Access Auditor Data Collector Wizard can be customized to target specific user accounts. See the -[DropboxAccess: Scoping](/docs/accessanalyzer/12.0/data-collection/dropbox-access/scoping.md) topic for additional +[DropboxAccess: Scoping](/docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scoping.md) topic for additional information. Analysis Configuration @@ -78,9 +78,9 @@ modified: - Stale content set to default of 365 days - - Configured within the **4.Content** > **Dropbox_Content** job - - **Determines stale data by owner** analysis task - - See the [4.Content > Dropbox_Content Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox-content.md) topic for additional information + - Configured within the **4.Content** > **Dropbox_Content** job + - **Determines stale data by owner** analysis task + - See the [4.Content > Dropbox_Content Job](/docs/accessanalyzer/12.0/solutions/dropbox/dropbox_content.md) topic for additional information Additional Consideration @@ -102,5 +102,5 @@ Scan** job). _Remember,_ prior to running the Dropbox solution for the first time, it is necessary to generate an access token to be used in the Connection Profile. This only needs to be done once. See the -[Configure the Dropbox Access Query](/docs/accessanalyzer/12.0/solutions/dropbox/collection/1-dropbox-permissions-scan.md#configure-the-dropbox-access-query) +[Configure the Dropbox Access Query](collection/1-dropbox_permissions_scan.md#configure-the-dropbox-access-query) topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/entra-id/overview.md b/docs/accessanalyzer/12.0/solutions/entra-id/overview.md deleted file mode 100644 index 8b6efe0a21..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entra-id/overview.md +++ /dev/null @@ -1,36 +0,0 @@ -# Entra ID Solution - -The Entra ID Solution is a comprehensive set of audit jobs and reports that provide the information -regarding Microsoft Entra ID configuration, operational management, and troubleshooting. The jobs -within this group help pinpoint potential areas of administrative and security concerns related to -Microsoft Entra ID users and groups, including syncing with on-premises Active Directory. - -Supported Platforms - -- Microsoft Entra ID (formerly Azure AD) - -Requirements, Permissions, and Ports - -See the [Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/12.0/configuration/entra-id/overview.md) topic -for additional information. - -Location - -The Entra ID Solution requires a special Access Analyzer license. It can be installed from the -Instant Job Wizard, see the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for -additional information. Once it has been installed into the Jobs tree, navigate to the solution: -**Jobs** > **Entra ID**. - -The .Entra ID Inventory Job Group collects the data. The Entra ID Job Groups run analysis and -generate reports on the collected data. - -## Job Groups - -![Entra ID Job Group Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) - -The job groups in the Entra ID Solution are: - -- [1.Groups Job Group](/docs/accessanalyzer/12.0/solutions/entraid/groups/overview.md) – Identifies group conditions and pinpoints potential - areas of administrative concern -- [2.Users Job Group](/docs/accessanalyzer/12.0/solutions/entraid/users/overview.md) – Identifies areas of administrative concern related to - Microsoft Entra ID users diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-circularnesting.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-circularnesting.md deleted file mode 100644 index 705f264dea..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-circularnesting.md +++ /dev/null @@ -1,28 +0,0 @@ -# AAD_CircularNesting Job - -The AAD_CircularNesting Job identifies circularly nested groups within Microsoft Entra ID which can -pose administrative and operational challenges with identifying effective access to resources. - -## Analysis Tasks for the AAD_CircularNesting Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_CircularNesting** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_CircularNesting Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp) - -The default analysis tasks are: - -- Provide detail on instances of circular nesting – Creates the SA_AAD_CircularNesting_Details table - accessible under the job’s Results node -- Summarize circular nesting by domain – Creates the SA_AAD_Circularnesting_DomainSummary table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_CircularNesting Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ----------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Circular Nesting | This report identifies instances of circular nesting within your environment. | None | This report is comprised of three elements: - Bar Chart– Displays circular nesting by domain - Table – Provides details on circular nesting - Table – Provides details on circular nesting by domain | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-duplicategroups.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-duplicategroups.md deleted file mode 100644 index a77b7cef88..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-duplicategroups.md +++ /dev/null @@ -1,26 +0,0 @@ -# AAD_DuplicateGroups Job - -The AAD_DuplicateGroups Job identifies duplicate groups within Microsoft Entra ID. Duplicate groups -contain the same group membership as one another and are suitable candidates for cleanup. - -## Analysis Tasks for the AAD_DuplicateGroups Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_DuplicateGroups** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Anaylsis tasks for AAD_DuplicateGroups Job](/img/product_docs/accessanalyzer/solutions/activedirectory/groups/duplicategroupsanalysis.webp) - -The default analysis tasks are: - -- Identify duplicate groups – Creates the AAD_DuplicateGroups_Details table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_DuplicateGroups Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Duplicate Groups | This report identifies duplicate groups within the audited domains. | None | This report is comprised of one elements: - Bar Chart – Displays domains by number of groups with duplicates - Table – Provides duplicate groups details - Table – Provides details on domains by number of groups with duplicates | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-emptygroups.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-emptygroups.md deleted file mode 100644 index b9327881ef..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-emptygroups.md +++ /dev/null @@ -1,32 +0,0 @@ -# AAD_EmptyGroups Job - -The AAD_EmptyGroups Job identifies empty groups within Microsoft Entra ID which are suitable -candidates for consolidation or cleanup. - -## Analysis Tasks for the AAD_EmptyGroups Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_EmptyGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_EmptyGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) - -The default analysis tasks are: - -- Empty Groups – Creates the AAD_EmptyGroups_Empty table accessible under the job’s Results node -- Single User Groups – Creates the AAD_EmptyGroups_SingleUser table accessible under the job’s - Results node -- Empty Group Summary – Creates the AAD_EmptyGroups_EmptySummary table accessible under the job’s - Results node -- Single User Group Summary – Creates the AAD_EmptyGroups_SingleUserSummary table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_EmptyGroups Job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------ | --------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Empty Groups | This report identifies all groups without any members. | None | This report is comprised of three elements: - Bar Chart – Displays domains by number of empty groups - Table – Provides details on empty groups - Table – Provides details on number of empty groups by domain | -| Single User Groups | This report identifies groups which only contain a single user. | | This report is comprised of three elements: - Bar Chart – Displays top domains by single user group count - Table – Provides details on top domains by single user group count - Table – Provides details on single user group details | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-groupdirsync.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-groupdirsync.md deleted file mode 100644 index 20511a09b5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-groupdirsync.md +++ /dev/null @@ -1,28 +0,0 @@ -# AAD_GroupDirSync Job - -The AAD_GroupDirSync Job summarizes on-premises Active Directory syncing in the audited Microsoft -Entra ID environment. - -## Analysis Tasks for the AAD_GroupDirSync Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_GroupDirSync** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_GroupDirSync Job](/img/product_docs/accessanalyzer/solutions/entraid/groups/groupdirsyncanalysis.webp) - -The default analysis tasks are: - -- Calculate group DirSync details – Creates the AAD_GroupDirSync_Details table accessible under the - job’s Results node -- Summarize group DirSync details – Creates the AAD_GroupDirSync_EnterpriseSummary table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_GroupDirSync Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | -| Group Syncing | This report indicates the sync status of groups within the audited environment. | None | This report is comprised of two elements: - Pie Chart – Displays an enterprise group synching summary - Table – Provides group sync details | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-largestgroups.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-largestgroups.md deleted file mode 100644 index 13ccde48c5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-largestgroups.md +++ /dev/null @@ -1,27 +0,0 @@ -# AAD_LargestGroups Job - -The AAD_LargestGroups Job identifies groups with large effective member counts. These groups may -cause administrative overhead and burden in being able to easily understand who is getting access to -resources, or how much access is being granted to resources through these groups. - -## Analysis Tasks for the AAD_LargestGroups Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_LargestGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_LargestGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp) - -The default analysis tasks are: - -- Calculate large group details – Creates the AAD_LargestGroups_Details table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_LargestGroups Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------- | -| Largest Groups | This report identifies the largest groups within the audited environment | None | This report is comprised of two elements: - Bar Chart – Displays largest groups - Table – Provides group details | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-nestedgroups.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-nestedgroups.md deleted file mode 100644 index 5d9a0929f3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-nestedgroups.md +++ /dev/null @@ -1,30 +0,0 @@ -# AAD_NestedGroups Job - -The AAD_NestedGroups Job identifies nested groups within Microsoft Entra ID and provides details -such as the levels of nesting. While Microsoft Entra ID provides the ability to nest certain types -of groups within other groups, Microsoft recommends nesting does not go beyond two levels in order -to avoid difficulties in understanding effective membership and access. - -## Analysis Tasks for the AAD_NestedGroups Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_NestedGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_NestedGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp) - -The default analysis tasks are: - -- Get nested group details – Creates the AAD_NestedGroups_Details table accessible under the job’s - Results node -- Summarize nested groups – Creates the AAD_NestedGroups_DomainSummary table accessible under the - job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_NestedGroups Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Nested Groups | This report identifies the groups with the largest nested group count, as well as their deepest level of nesting. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by group nesting - Table – Provides nested group details - Tables – Provides details on top domains by group nesting | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-probableowners.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-probableowners.md deleted file mode 100644 index 798103e688..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-probableowners.md +++ /dev/null @@ -1,29 +0,0 @@ -# AAD_ProbableOwners Job - -The AAD_ProbableOwners Job determines potential owners for Microsoft Entra ID Groups which can be -used to perform automated membership reviews and enable self-service group management and membership -requests. - -## Analysis Tasks for the AAD_ProbableOwners Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_ProbableOwners** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_ProbableOwners Job](/img/product_docs/accessanalyzer/solutions/entraid/groups/probableownersanalysis.webp) - -The default analysis tasks are: - -- Calculates group probable owners – Creates the AAD_ProbableOwners_Details table accessible under - the job’s Results node -- Summarizes group probable owners by domain – Creates the AAD_ProbableOwners_DomainSummary table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_ProbableOwners Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------- | -------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Probable Owners | This report identifies the most probable manager based on effective member attributes. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top domains by blank manager field - Table – Provides probable owner details - Tables – Provides details on top domains by blank manager field | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-stalegroups.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-stalegroups.md deleted file mode 100644 index 56c9a90c99..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-stalegroups.md +++ /dev/null @@ -1,32 +0,0 @@ -# AAD_StaleGroups Job - -The AAD_StaleGroups Job identifies Microsoft Entra ID groups that contain potentially stale users. -Users are considered stale if they have never logged onto the domain, have not logged onto the -domain in the past 30 days, or are disabled. These group memberships should be reviewed and possibly -removed. - -## Analysis Tasks for the AAD_StaleGroups Job - -Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_StaleGroups** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis tasks for AAD_StaleGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) - -The default analysis tasks are: - -- Stale Group Details – Creates the AAD_StaleGroups_Details table accessible under the job’s Results - node -- Group Summary – Creates the AAD_StaleGroups_GroupSummary table accessible under the job’s Results - node -- Stale Groups Org Summary – Creates the AAD_StaleGroups_OrgSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the AAD_StaleGroups Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Effective Membership (Stale Groups) | This report identifies groups with stale effective membership. A stale user is defined as someone who has not logged into the domain in over 30 days or is currently disabled. | None | This report is comprised of three elements: - Chart – Displays group membership - Table – Provides group membership details - Tables – Provides stale groups organization summary | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_circularnesting.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_circularnesting.md new file mode 100644 index 0000000000..a8ab11c86f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_circularnesting.md @@ -0,0 +1,28 @@ +# AAD_CircularNesting Job + +The AAD_CircularNesting Job identifies circularly nested groups within Microsoft Entra ID which can +pose administrative and operational challenges with identifying effective access to resources. + +## Analysis Tasks for the AAD_CircularNesting Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_CircularNesting** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_CircularNesting Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/circularnestinganalysis.webp) + +The default analysis tasks are: + +- Provide detail on instances of circular nesting – Creates the SA_AAD_CircularNesting_Details table + accessible under the job’s Results node +- Summarize circular nesting by domain – Creates the SA_AAD_Circularnesting_DomainSummary table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_CircularNesting Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ----------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Circular Nesting | This report identifies instances of circular nesting within your environment. | None | This report is comprised of three elements: - Bar Chart– Displays circular nesting by domain - Table – Provides details on circular nesting - Table – Provides details on circular nesting by domain | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_duplicategroups.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_duplicategroups.md new file mode 100644 index 0000000000..efe8479927 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_duplicategroups.md @@ -0,0 +1,26 @@ +# AAD_DuplicateGroups Job + +The AAD_DuplicateGroups Job identifies duplicate groups within Microsoft Entra ID. Duplicate groups +contain the same group membership as one another and are suitable candidates for cleanup. + +## Analysis Tasks for the AAD_DuplicateGroups Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_DuplicateGroups** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Anaylsis tasks for AAD_DuplicateGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/duplicategroupsanalysis.webp) + +The default analysis tasks are: + +- Identify duplicate groups – Creates the AAD_DuplicateGroups_Details table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_DuplicateGroups Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Duplicate Groups | This report identifies duplicate groups within the audited domains. | None | This report is comprised of one elements: - Bar Chart – Displays domains by number of groups with duplicates - Table – Provides duplicate groups details - Table – Provides details on domains by number of groups with duplicates | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_emptygroups.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_emptygroups.md new file mode 100644 index 0000000000..52f2f3e5e8 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_emptygroups.md @@ -0,0 +1,32 @@ +# AAD_EmptyGroups Job + +The AAD_EmptyGroups Job identifies empty groups within Microsoft Entra ID which are suitable +candidates for consolidation or cleanup. + +## Analysis Tasks for the AAD_EmptyGroups Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_EmptyGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_EmptyGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/emptygroupsanalysis.webp) + +The default analysis tasks are: + +- Empty Groups – Creates the AAD_EmptyGroups_Empty table accessible under the job’s Results node +- Single User Groups – Creates the AAD_EmptyGroups_SingleUser table accessible under the job’s + Results node +- Empty Group Summary – Creates the AAD_EmptyGroups_EmptySummary table accessible under the job’s + Results node +- Single User Group Summary – Creates the AAD_EmptyGroups_SingleUserSummary table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_EmptyGroups Job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------ | --------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Empty Groups | This report identifies all groups without any members. | None | This report is comprised of three elements: - Bar Chart – Displays domains by number of empty groups - Table – Provides details on empty groups - Table – Provides details on number of empty groups by domain | +| Single User Groups | This report identifies groups which only contain a single user. | | This report is comprised of three elements: - Bar Chart – Displays top domains by single user group count - Table – Provides details on top domains by single user group count - Table – Provides details on single user group details | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_groupdirsync.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_groupdirsync.md new file mode 100644 index 0000000000..52327a0fc9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_groupdirsync.md @@ -0,0 +1,28 @@ +# AAD_GroupDirSync Job + +The AAD_GroupDirSync Job summarizes on-premises Active Directory syncing in the audited Microsoft +Entra ID environment. + +## Analysis Tasks for the AAD_GroupDirSync Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_GroupDirSync** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_GroupDirSync Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/groupdirsyncanalysis.webp) + +The default analysis tasks are: + +- Calculate group DirSync details – Creates the AAD_GroupDirSync_Details table accessible under the + job’s Results node +- Summarize group DirSync details – Creates the AAD_GroupDirSync_EnterpriseSummary table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_GroupDirSync Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | +| Group Syncing | This report indicates the sync status of groups within the audited environment. | None | This report is comprised of two elements: - Pie Chart – Displays an enterprise group synching summary - Table – Provides group sync details | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_largestgroups.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_largestgroups.md new file mode 100644 index 0000000000..b9c658cc44 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_largestgroups.md @@ -0,0 +1,27 @@ +# AAD_LargestGroups Job + +The AAD_LargestGroups Job identifies groups with large effective member counts. These groups may +cause administrative overhead and burden in being able to easily understand who is getting access to +resources, or how much access is being granted to resources through these groups. + +## Analysis Tasks for the AAD_LargestGroups Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_LargestGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_LargestGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/largestgroupsanalysis.webp) + +The default analysis tasks are: + +- Calculate large group details – Creates the AAD_LargestGroups_Details table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_LargestGroups Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------- | +| Largest Groups | This report identifies the largest groups within the audited environment | None | This report is comprised of two elements: - Bar Chart – Displays largest groups - Table – Provides group details | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_nestedgroups.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_nestedgroups.md new file mode 100644 index 0000000000..b1e9f496fc --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_nestedgroups.md @@ -0,0 +1,30 @@ +# AAD_NestedGroups Job + +The AAD_NestedGroups Job identifies nested groups within Microsoft Entra ID and provides details +such as the levels of nesting. While Microsoft Entra ID provides the ability to nest certain types +of groups within other groups, Microsoft recommends nesting does not go beyond two levels in order +to avoid difficulties in understanding effective membership and access. + +## Analysis Tasks for the AAD_NestedGroups Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_NestedGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_NestedGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/nestedgroupsanalysis.webp) + +The default analysis tasks are: + +- Get nested group details – Creates the AAD_NestedGroups_Details table accessible under the job’s + Results node +- Summarize nested groups – Creates the AAD_NestedGroups_DomainSummary table accessible under the + job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_NestedGroups Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Nested Groups | This report identifies the groups with the largest nested group count, as well as their deepest level of nesting. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by group nesting - Table – Provides nested group details - Tables – Provides details on top domains by group nesting | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_probableowners.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_probableowners.md new file mode 100644 index 0000000000..8773db2d23 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_probableowners.md @@ -0,0 +1,29 @@ +# AAD_ProbableOwners Job + +The AAD_ProbableOwners Job determines potential owners for Microsoft Entra ID Groups which can be +used to perform automated membership reviews and enable self-service group management and membership +requests. + +## Analysis Tasks for the AAD_ProbableOwners Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_ProbableOwners** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_ProbableOwners Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/probableownersanalysis.webp) + +The default analysis tasks are: + +- Calculates group probable owners – Creates the AAD_ProbableOwners_Details table accessible under + the job’s Results node +- Summarizes group probable owners by domain – Creates the AAD_ProbableOwners_DomainSummary table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_ProbableOwners Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------- | -------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Probable Owners | This report identifies the most probable manager based on effective member attributes. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top domains by blank manager field - Table – Provides probable owner details - Tables – Provides details on top domains by blank manager field | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_stalegroups.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_stalegroups.md new file mode 100644 index 0000000000..93ae143137 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_stalegroups.md @@ -0,0 +1,32 @@ +# AAD_StaleGroups Job + +The AAD_StaleGroups Job identifies Microsoft Entra ID groups that contain potentially stale users. +Users are considered stale if they have never logged onto the domain, have not logged onto the +domain in the past 30 days, or are disabled. These group memberships should be reviewed and possibly +removed. + +## Analysis Tasks for the AAD_StaleGroups Job + +Navigate to the **Jobs** > **Entra ID** > **1.Groups** > **AAD_StaleGroups** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis tasks for AAD_StaleGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/stalegroupsanalysis.webp) + +The default analysis tasks are: + +- Stale Group Details – Creates the AAD_StaleGroups_Details table accessible under the job’s Results + node +- Group Summary – Creates the AAD_StaleGroups_GroupSummary table accessible under the job’s Results + node +- Stale Groups Org Summary – Creates the AAD_StaleGroups_OrgSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the AAD_StaleGroups Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Effective Membership (Stale Groups) | This report identifies groups with stale effective membership. A stale user is defined as someone who has not logged into the domain in over 30 days or is currently disabled. | None | This report is comprised of three elements: - Chart – Displays group membership - Table – Provides group membership details - Tables – Provides stale groups organization summary | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/groups/overview.md b/docs/accessanalyzer/12.0/solutions/entraid/groups/overview.md index 52b6feac29..9746610951 100644 --- a/docs/accessanalyzer/12.0/solutions/entraid/groups/overview.md +++ b/docs/accessanalyzer/12.0/solutions/entraid/groups/overview.md @@ -3,32 +3,32 @@ The jobs in the 1.Groups group identify group conditions and areas of administrative concern within Microsoft Entra ID, such as toxic group conditions or synchronization issues. -![1.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![1.Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/jobstree.webp) The jobs in the 1.Groups Job Group are: -- [AAD_CircularNesting Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-circularnesting.md) – Identifies circularly-nested groups within +- [AAD_CircularNesting Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_circularnesting.md) – Identifies circularly-nested groups within Microsoft Entra ID which can pose administrative and operational challenges with identifying effective access to resources -- [AAD_DuplicateGroups Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-duplicategroups.md) – Identifies duplicate groups within Microsoft +- [AAD_DuplicateGroups Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_duplicategroups.md) – Identifies duplicate groups within Microsoft Entra ID. Duplicate groups contain the same group membership as one another and are suitable candidates for cleanup -- [AAD_EmptyGroups Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-emptygroups.md) – Identifies empty groups within Microsoft Entra ID +- [AAD_EmptyGroups Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_emptygroups.md) – Identifies empty groups within Microsoft Entra ID which are suitable candidates for consolidation or cleanup -- [AAD_GroupDirSync Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-groupdirsync.md) – Summarizes on-premises Active Directory syncing in +- [AAD_GroupDirSync Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_groupdirsync.md) – Summarizes on-premises Active Directory syncing in the audited Microsoft Entra ID environment -- [AAD_LargestGroups Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-largestgroups.md) – Identifies groups with large effective member +- [AAD_LargestGroups Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_largestgroups.md) – Identifies groups with large effective member counts. These types of groups may cause administrative overhead and burden in being able to easily understand who is getting access to resources, or how much access is being granted to resources through these groups. -- [AAD_NestedGroups Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-nestedgroups.md) – Identifies nested groups within Microsoft Entra ID +- [AAD_NestedGroups Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_nestedgroups.md) – Identifies nested groups within Microsoft Entra ID and provides details such as the levels of nesting. While Microsoft Entra ID provides the ability to nest certain types of groups within other groups, Microsoft recommends nesting does not go beyond two levels in order to avoid difficulties in understanding effective membership and access. -- [AAD_ProbableOwners Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-probableowners.md) – Determines potential owners for Microsoft Entra +- [AAD_ProbableOwners Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_probableowners.md) – Determines potential owners for Microsoft Entra ID Groups which can be used to perform automated membership reviews and enable self-service group management and membership requests -- [AAD_StaleGroups Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad-stalegroups.md)– Identifies Microsoft Entra ID groups that contain +- [AAD_StaleGroups Job](/docs/accessanalyzer/12.0/solutions/entraid/groups/aad_stalegroups.md)– Identifies Microsoft Entra ID groups that contain potentially stale users. Users are considered stale if they have never logged onto the domain, have not logged onto the domain in the past 30 days, or are disabled. These group memberships should be reviewed and possibly removed. diff --git a/docs/accessanalyzer/12.0/solutions/entraid/overview.md b/docs/accessanalyzer/12.0/solutions/entraid/overview.md new file mode 100644 index 0000000000..fc72a5ce16 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/overview.md @@ -0,0 +1,36 @@ +# Entra ID Solution + +The Entra ID Solution is a comprehensive set of audit jobs and reports that provide the information +regarding Microsoft Entra ID configuration, operational management, and troubleshooting. The jobs +within this group help pinpoint potential areas of administrative and security concerns related to +Microsoft Entra ID users and groups, including syncing with on-premises Active Directory. + +Supported Platforms + +- Microsoft Entra ID (formerly Azure AD) + +Requirements, Permissions, and Ports + +See the [Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/12.0/config/entraid/overview.md) topic +for additional information. + +Location + +The Entra ID Solution requires a special Access Analyzer license. It can be installed from the +Instant Job Wizard, see the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for +additional information. Once it has been installed into the Jobs tree, navigate to the solution: +**Jobs** > **Entra ID**. + +The .Entra ID Inventory Job Group collects the data. The Entra ID Job Groups run analysis and +generate reports on the collected data. + +## Job Groups + +![Entra ID Job Group Overview page](/img/product_docs/accessanalyzer/12.0/solutions/entraid/overviewpage.webp) + +The job groups in the Entra ID Solution are: + +- [1.Groups Job Group](/docs/accessanalyzer/12.0/solutions/entraid/groups/overview.md) – Identifies group conditions and pinpoints potential + areas of administrative concern +- [2.Users Job Group](/docs/accessanalyzer/12.0/solutions/entraid/users/overview.md) – Identifies areas of administrative concern related to + Microsoft Entra ID users diff --git a/docs/accessanalyzer/12.0/solutions/entraid/recommended.md b/docs/accessanalyzer/12.0/solutions/entraid/recommended.md index 7d27f38534..18186e8e2f 100644 --- a/docs/accessanalyzer/12.0/solutions/entraid/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/entraid/recommended.md @@ -10,7 +10,7 @@ Running the .Entra ID Inventory Job Group provides essential data to the Entra Running the .Active Directory Inventory Job Group is required to collect on-premises directory syncing information. See the -[.Active Directory Inventory Solution](/docs/accessanalyzer/12.0/solutions/active-directory-inventory/overview.md) topic for additional +[.Active Directory Inventory Solution](/docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.md) topic for additional information. Targeted Hosts diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/aad-directmembership.md b/docs/accessanalyzer/12.0/solutions/entraid/users/aad-directmembership.md deleted file mode 100644 index afdeec0c79..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/users/aad-directmembership.md +++ /dev/null @@ -1,29 +0,0 @@ -# AAD_DirectMembership Job - -The AAD_DirectMembership Job identifies Microsoft Entra ID users who do not have any group -membership. This condition may indicate unnecessary user accounts that are suitable candidates for -review and cleanup. - -## Analysis Tasks for the AAD_DirectMembership Job - -Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_DirectMembership** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AAD_DirectMembership Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/directmembershipanalysis.webp) - -The default analysis tasks are: - -- Get user direct membership details – Creates the AAD_DirectMembership_Details table accessible - under the job’s Results node -- Summarize user direct membership details by domain – Creates the - AAD_DirectoryMembership_DomainSummary table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_DirectMembership Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| No Group Membership | This report identifies users with no group membership. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by users with no group membership - Table – Provides details on all users with no group membership - Tables – Provides details on top domains by users with no group membership | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/aad-disabledusers.md b/docs/accessanalyzer/12.0/solutions/entraid/users/aad-disabledusers.md deleted file mode 100644 index 3bfd06a6e7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/users/aad-disabledusers.md +++ /dev/null @@ -1,28 +0,0 @@ -# AAD_DisabledUsers Job - -The AAD_DisabledUsers Job identifies disabled user accounts within Microsoft Entra ID. These -accounts should be reviewed and cleaned up in order to increase security and reduce complexity. - -## Analysis Tasks for the AAD_DisabledUsers Job - -Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_DisabledUsers** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AAD_DisabledUsers Job](/img/product_docs/accessanalyzer/solutions/entraid/users/disabledusersanalysis.webp) - -The default analysis tasks are: - -- Get disabled user account information – Creates the AAD_DisabledUsers_Details table accessible - under the job’s Results node -- Summarize disabled user information – Creates the AAD_DisabledUsers_Summary table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_DisabledUsers Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ---------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Disabled User Accounts | This report identifies disabled user accounts and summarizes them by domain. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays disabled users by domain - Table – Provides user details - Tables – Provides details on disabled users by domain | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/aad-staleusers.md b/docs/accessanalyzer/12.0/solutions/entraid/users/aad-staleusers.md deleted file mode 100644 index fbbef050b5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/users/aad-staleusers.md +++ /dev/null @@ -1,28 +0,0 @@ -# AAD_StaleUsers Job - -The AAD_StaleUsers Job identifies potentially stale users based on a variety of factors. These -accounts should be reviewed and cleaned up in order to increase security and reduce complexity. - -## Analysis Tasks for the AAD_StaleUsers Job - -Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_StaleUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AAD_StaleUsers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp) - -The default analysis tasks are: - -- Stale User Details – Creates the AAD_StaleUsers_Details table accessible under the job’s Results - node -- Summarize by Domain – Creates the AAD_StaleUsers_DomainSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the AAD_StaleUsers Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Users | This report identifies user accounts which have not logged into the domain for an extended amount of time or are currently disabled. A user account is considered stale if the last logon is over 30 days ago or is currently disabled. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays users by domain - Table – Provides details on users - Tables – Provides details on users by domain | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/aad-userattributecompletion.md b/docs/accessanalyzer/12.0/solutions/entraid/users/aad-userattributecompletion.md deleted file mode 100644 index f951a4b066..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/users/aad-userattributecompletion.md +++ /dev/null @@ -1,29 +0,0 @@ -# AAD_UserAttributeCompletion Job - -The AAD_UserAttributeCompletion Job identifies which attributes are present within User fields in -Microsoft Entra ID, and which ones are blank for a majority of objects. This may indicate accounts -within Microsoft Entra ID which are lacking appropriate information. - -## Analysis Tasks for the AAD_UserAttributeCompletion Job - -Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_UserAttributeCompletion** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AAD_UserAttributeCompletion Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/userattributecompletionanalysis.webp) - -The default analysis tasks are: - -- Gets details on user attribute completion, by attribute – Creates the - AAD_UserAttributeCompletion_AttributeDetails table accessible under the job’s Results node -- Gets details on user attribute completion, by user – Creates the - AAD_UserAttributeCompletion_UserDetails table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_UserAttributeCompletion Job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Attribute Completion | This report identifies which attributes are present within User fields in Microsoft Entra ID, and which ones are blank for a majority of User objects. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays completeness by attribute - Table – Provides details on users with blank attributes - Tables – Provides details om completeness by attribute | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/aad-userdirsync.md b/docs/accessanalyzer/12.0/solutions/entraid/users/aad-userdirsync.md deleted file mode 100644 index 63c5083eb9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraid/users/aad-userdirsync.md +++ /dev/null @@ -1,28 +0,0 @@ -# AAD_UserDirSync Job - -The AAD_UserDirSync Job summarizes on-premises Active Directory syncing in the audited Microsoft -Entra ID environment. - -## Analysis Tasks for the AAD_UserDirSync Job - -Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_UserDirSync** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the AAD_UserDirSync Job](/img/product_docs/accessanalyzer/solutions/entraid/users/userdirsyncanalysis.webp) - -The default analysis tasks are: - -- Get user DirSync details – Creates the AAD_UserDirSync_Details table accessible under the job’s - Results node -- Summarize user DirSync details – Creates the AAD_UserDirSync_EnterpriseSummary table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks, the AAD_UserDirSync Job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------ | -------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | -| User Syncing | This report indicates the sync status of user accounts within the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays enterprise user synchronization summary - Table – Provides user sync details | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/aad_directmembership.md b/docs/accessanalyzer/12.0/solutions/entraid/users/aad_directmembership.md new file mode 100644 index 0000000000..5292f1536b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/users/aad_directmembership.md @@ -0,0 +1,29 @@ +# AAD_DirectMembership Job + +The AAD_DirectMembership Job identifies Microsoft Entra ID users who do not have any group +membership. This condition may indicate unnecessary user accounts that are suitable candidates for +review and cleanup. + +## Analysis Tasks for the AAD_DirectMembership Job + +Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_DirectMembership** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AAD_DirectMembership Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/directmembershipanalysis.webp) + +The default analysis tasks are: + +- Get user direct membership details – Creates the AAD_DirectMembership_Details table accessible + under the job’s Results node +- Summarize user direct membership details by domain – Creates the + AAD_DirectoryMembership_DomainSummary table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_DirectMembership Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| No Group Membership | This report identifies users with no group membership. | None | This report is comprised of three elements: - Bar Chart – Displays top domains by users with no group membership - Table – Provides details on all users with no group membership - Tables – Provides details on top domains by users with no group membership | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/aad_disabledusers.md b/docs/accessanalyzer/12.0/solutions/entraid/users/aad_disabledusers.md new file mode 100644 index 0000000000..30470e0427 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/users/aad_disabledusers.md @@ -0,0 +1,28 @@ +# AAD_DisabledUsers Job + +The AAD_DisabledUsers Job identifies disabled user accounts within Microsoft Entra ID. These +accounts should be reviewed and cleaned up in order to increase security and reduce complexity. + +## Analysis Tasks for the AAD_DisabledUsers Job + +Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_DisabledUsers** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AAD_DisabledUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/disabledusersanalysis.webp) + +The default analysis tasks are: + +- Get disabled user account information – Creates the AAD_DisabledUsers_Details table accessible + under the job’s Results node +- Summarize disabled user information – Creates the AAD_DisabledUsers_Summary table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_DisabledUsers Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ---------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Disabled User Accounts | This report identifies disabled user accounts and summarizes them by domain. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays disabled users by domain - Table – Provides user details - Tables – Provides details on disabled users by domain | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/aad_staleusers.md b/docs/accessanalyzer/12.0/solutions/entraid/users/aad_staleusers.md new file mode 100644 index 0000000000..2a90bd98b7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/users/aad_staleusers.md @@ -0,0 +1,28 @@ +# AAD_StaleUsers Job + +The AAD_StaleUsers Job identifies potentially stale users based on a variety of factors. These +accounts should be reviewed and cleaned up in order to increase security and reduce complexity. + +## Analysis Tasks for the AAD_StaleUsers Job + +Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_StaleUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AAD_StaleUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/staleusersanalysis.webp) + +The default analysis tasks are: + +- Stale User Details – Creates the AAD_StaleUsers_Details table accessible under the job’s Results + node +- Summarize by Domain – Creates the AAD_StaleUsers_DomainSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the AAD_StaleUsers Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Users | This report identifies user accounts which have not logged into the domain for an extended amount of time or are currently disabled. A user account is considered stale if the last logon is over 30 days ago or is currently disabled. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays users by domain - Table – Provides details on users - Tables – Provides details on users by domain | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/aad_userattributecompletion.md b/docs/accessanalyzer/12.0/solutions/entraid/users/aad_userattributecompletion.md new file mode 100644 index 0000000000..b93250d79c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/users/aad_userattributecompletion.md @@ -0,0 +1,29 @@ +# AAD_UserAttributeCompletion Job + +The AAD_UserAttributeCompletion Job identifies which attributes are present within User fields in +Microsoft Entra ID, and which ones are blank for a majority of objects. This may indicate accounts +within Microsoft Entra ID which are lacking appropriate information. + +## Analysis Tasks for the AAD_UserAttributeCompletion Job + +Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_UserAttributeCompletion** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AAD_UserAttributeCompletion Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/userattributecompletionanalysis.webp) + +The default analysis tasks are: + +- Gets details on user attribute completion, by attribute – Creates the + AAD_UserAttributeCompletion_AttributeDetails table accessible under the job’s Results node +- Gets details on user attribute completion, by user – Creates the + AAD_UserAttributeCompletion_UserDetails table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_UserAttributeCompletion Job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Attribute Completion | This report identifies which attributes are present within User fields in Microsoft Entra ID, and which ones are blank for a majority of User objects. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays completeness by attribute - Table – Provides details on users with blank attributes - Tables – Provides details om completeness by attribute | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/aad_userdirsync.md b/docs/accessanalyzer/12.0/solutions/entraid/users/aad_userdirsync.md new file mode 100644 index 0000000000..46737b382d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraid/users/aad_userdirsync.md @@ -0,0 +1,28 @@ +# AAD_UserDirSync Job + +The AAD_UserDirSync Job summarizes on-premises Active Directory syncing in the audited Microsoft +Entra ID environment. + +## Analysis Tasks for the AAD_UserDirSync Job + +Navigate to the **Jobs** > **Entra ID** > **2.Users** > **AAD_UserDirSync** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the AAD_UserDirSync Job](/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/userdirsyncanalysis.webp) + +The default analysis tasks are: + +- Get user DirSync details – Creates the AAD_UserDirSync_Details table accessible under the job’s + Results node +- Summarize user DirSync details – Creates the AAD_UserDirSync_EnterpriseSummary table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks, the AAD_UserDirSync Job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------ | -------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | +| User Syncing | This report indicates the sync status of user accounts within the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays enterprise user synchronization summary - Table – Provides user sync details | diff --git a/docs/accessanalyzer/12.0/solutions/entraid/users/overview.md b/docs/accessanalyzer/12.0/solutions/entraid/users/overview.md index 3382510382..cf03242830 100644 --- a/docs/accessanalyzer/12.0/solutions/entraid/users/overview.md +++ b/docs/accessanalyzer/12.0/solutions/entraid/users/overview.md @@ -3,22 +3,22 @@ The jobs in the 2.Users group identify user conditions and pinpoint potential areas of administrative concerns within Microsoft Entra ID such as disabled or stale users. -![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![2.Users Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/jobstree.webp) The jobs in the 2.Users Job Group are: -- [AAD_DirectMembership Job](/docs/accessanalyzer/12.0/solutions/entraid/users/aad-directmembership.md) – Identifies Microsoft Entra ID users who do +- [AAD_DirectMembership Job](/docs/accessanalyzer/12.0/solutions/entraid/users/aad_directmembership.md) – Identifies Microsoft Entra ID users who do not have any group membership. This condition may indicate unnecessary user accounts that are suitable candidates for review and cleanup. -- [AAD_DisabledUsers Job](/docs/accessanalyzer/12.0/solutions/entraid/users/aad-disabledusers.md) – Identifies disabled user accounts within Microsoft +- [AAD_DisabledUsers Job](/docs/accessanalyzer/12.0/solutions/entraid/users/aad_disabledusers.md) – Identifies disabled user accounts within Microsoft Entra ID. These accounts should be reviewed and cleaned up in order to increase security and reduce complexity. -- [AAD_StaleUsers Job](/docs/accessanalyzer/12.0/solutions/entraid/users/aad-staleusers.md)– Identifies potentially stale users based on a variety of +- [AAD_StaleUsers Job](/docs/accessanalyzer/12.0/solutions/entraid/users/aad_staleusers.md)– Identifies potentially stale users based on a variety of factors. These accounts should be reviewed and cleaned up in order to increase security and reduce complexity. -- [AAD_UserAttributeCompletion Job](/docs/accessanalyzer/12.0/solutions/entraid/users/aad-userattributecompletion.md)– Identifies which attributes are +- [AAD_UserAttributeCompletion Job](/docs/accessanalyzer/12.0/solutions/entraid/users/aad_userattributecompletion.md)– Identifies which attributes are present within User fields in Microsoft Entra ID, and which ones are blank for a majority of objects. This may indicate accounts within Microsoft Entra ID which are lacking appropriate information. -- [AAD_UserDirSync Job](/docs/accessanalyzer/12.0/solutions/entraid/users/aad-userdirsync.md) – Summarizes on-premises Active Directory syncing in the +- [AAD_UserDirSync Job](/docs/accessanalyzer/12.0/solutions/entraid/users/aad_userdirsync.md) – Summarizes on-premises Active Directory syncing in the audited Microsoft Entra ID environment diff --git a/docs/accessanalyzer/12.0/solutions/entraidinventory/1-aad-scan.md b/docs/accessanalyzer/12.0/solutions/entraidinventory/1-aad-scan.md deleted file mode 100644 index 989cf811c8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraidinventory/1-aad-scan.md +++ /dev/null @@ -1,108 +0,0 @@ -# 1-AAD_Scan Job - -The **1-AAD_Scan** job is responsible for collecting data from Microsoft Entra ID. This job requires -no additional customizations before being used, but can be scoped to disable collecting sign-in -activity with the scan. - -**NOTE:** This job requires an Microsoft Entra ID application with the appropriate permissions to -perform the scan. See the -[Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/12.0/configuration/entra-id/overview.md) topic for -information on the prerequisites for this job. - -## Queries for the 1-AAD_Scan Job - -The 1-AAD_Scan job uses the AzureADInventory and Entra Data Collectors for the following queries: - -![Query Selection page](/img/product_docs/accessanalyzer/solutions/entraidinventory/scanqueryselection.webp) - -- AAD Inventory – Targets Microsoft Entra tenants to collect inventory data for user group objects - - - _(Optional)_ This query can be modified to specify scan options and to collect custom - attributes. See the [Configure the AAD_Inventory Query](#configure-the-aad_inventory-query) - topic for additional information. - -- Entra – Collects Entra roles details from the target Microsoft Entra tenants - -### Configure the AAD_Inventory Query - -The 1-AAD_Scan job is configured to run with the default settings with the category of Scan Entra -ID. Follow the steps to customize configurations. - -**Step 1 –** Navigate to the **.Entra ID Inventory** > **1-AAD_Scan** > **Configure** node and -select **Queries**. - -![Query Properties button on Query Selection page](/img/product_docs/accessanalyzer/solutions/entraidinventory/scanqueryselectionproperties.webp) - -**Step 2 –** In the Query Selection view, click on **Query Properties** to open the Query Properties -window. - -![Query Properties window](/img/product_docs/accessanalyzer/solutions/entraidinventory/scanqueryproperties.webp) - -**Step 3 –** Select the **Data Source** tab, and click **Configure** to open the Entra ID Inventory -DC Wizard. - -![Entra ID Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptions.webp) - -**Step 4 –** On the Options page, select the different Scan Options as needed: - -- Collect only updates since the last scan – Enables differential scanning. - - **NOTE:** Enabling the Collect Open Extensions option on the Custom Attributes page overrides - this function. - -- Collect sign-in activity with scan – Required to collect the LastLogonTimestamp attribute of user - objects. A message will alert users that deselecting this option will disable this function. -- Collect Directory Audit Events – Collect Microsoft Entra ID audit logs - -![Entra ID Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp) - -**Step 5 –** On the Custom Attributes page, click **Add** or **Import** to add or import custom -attributes. - -- Select **Collect Open Extensions** to enable the data collector to collect all extension - attributes in Microsoft Entra ID. Enabling this option will increase scan times. - - **NOTE:** Enabling this option overrides the differential scan setting and will direct the data - controller to run a full scan every time the job is run. - -- See the [AzureADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/overview.md) - topic for additional information on adding and importing custom attributes. - -**Step 6 –** Navigate to the Summary page. Click **Finish** to save changes or click **Cancel** to -exit without saving. Then click **OK** to close the Query Properties window. - -The 1-AAD_Scan Job is now ready to run with the customized settings. - -## Analysis Tasks for the 1-AAD_Scan Job - -Navigate to the **.Entra ID Inventory** > **1-AAD_Scan** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for 1-AAD_Scan Job](/img/product_docs/accessanalyzer/solutions/entraidinventory/scananalysistasks.webp) - -The default analysis tasks are: - -- Import functions – Imports effective group membership function into the database -- Create Extended Attributes View – Enables the SA_AzureADInventory_ExtendedAttributesPivotView to - be accessible under the job’s Results node -- Bring Users View to Console – Enables the SA_AzureADInventory_UsersView to be accessible under the - job’s Results node -- Bring Groups View to Console – Enables the SA_AzureADInventory_GroupsView to be accessible under - the job’s Results node -- Bring Group Members View to Console – Enables the SA_AzureADInventory_GroupMemberssView to be - accessible under the job’s Results node -- Summarize Domains – Creates interim processing tables in the database for use by downstream - analysis and report generation -- Summarize Stats – Creates interim processing tables in the database for use by downstream analysis - and report generation - -In addition to the tables and views listed in the -[Standard Reference Tables & Views for the AzureADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/standard-tables.md) -topic, the 1-AAD_Scan job produces the following preconfigured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Entra ID Summary | This report provides a summary of all audited domains and objects. | None | This report has two elements: - Table – Provides details on general statistics on the Users and groups found with each tenant scanned - Table – Provides details on statistical information for each of these Entra ID objects | diff --git a/docs/accessanalyzer/12.0/solutions/entraidinventory/1-aad_scan.md b/docs/accessanalyzer/12.0/solutions/entraidinventory/1-aad_scan.md new file mode 100644 index 0000000000..ee85623bc4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraidinventory/1-aad_scan.md @@ -0,0 +1,108 @@ +# 1-AAD_Scan Job + +The **1-AAD_Scan** job is responsible for collecting data from Microsoft Entra ID. This job requires +no additional customizations before being used, but can be scoped to disable collecting sign-in +activity with the scan. + +**NOTE:** This job requires an Microsoft Entra ID application with the appropriate permissions to +perform the scan. See the +[Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/12.0/config/entraid/overview.md) topic for +information on the prerequisites for this job. + +## Queries for the 1-AAD_Scan Job + +The 1-AAD_Scan job uses the AzureADInventory and Entra Data Collectors for the following queries: + +![Query Selection page](/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scanqueryselection.webp) + +- AAD Inventory – Targets Microsoft Entra tenants to collect inventory data for user group objects + + - _(Optional)_ This query can be modified to specify scan options and to collect custom + attributes. See the [Configure the AAD_Inventory Query](#configure-the-aad_inventory-query) + topic for additional information. + +- Entra – Collects Entra roles details from the target Microsoft Entra tenants + +### Configure the AAD_Inventory Query + +The 1-AAD_Scan job is configured to run with the default settings with the category of Scan Entra +ID. Follow the steps to customize configurations. + +**Step 1 –** Navigate to the **.Entra ID Inventory** > **1-AAD_Scan** > **Configure** node and +select **Queries**. + +![Query Properties button on Query Selection page](/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scanqueryselectionproperties.webp) + +**Step 2 –** In the Query Selection view, click on **Query Properties** to open the Query Properties +window. + +![Query Properties window](/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scanqueryproperties.webp) + +**Step 3 –** Select the **Data Source** tab, and click **Configure** to open the Entra ID Inventory +DC Wizard. + +![Entra ID Inventory DC Wizard Options page](/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scandcwizardoptions.webp) + +**Step 4 –** On the Options page, select the different Scan Options as needed: + +- Collect only updates since the last scan – Enables differential scanning. + + **NOTE:** Enabling the Collect Open Extensions option on the Custom Attributes page overrides + this function. + +- Collect sign-in activity with scan – Required to collect the LastLogonTimestamp attribute of user + objects. A message will alert users that deselecting this option will disable this function. +- Collect Directory Audit Events – Collect Microsoft Entra ID audit logs + +![Entra ID Inventory DC Wizard Custom Attributes page](/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scandcwizardcustomattributes.webp) + +**Step 5 –** On the Custom Attributes page, click **Add** or **Import** to add or import custom +attributes. + +- Select **Collect Open Extensions** to enable the data collector to collect all extension + attributes in Microsoft Entra ID. Enabling this option will increase scan times. + + **NOTE:** Enabling this option overrides the differential scan setting and will direct the data + controller to run a full scan every time the job is run. + +- See the [AzureADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/overview.md) + topic for additional information on adding and importing custom attributes. + +**Step 6 –** Navigate to the Summary page. Click **Finish** to save changes or click **Cancel** to +exit without saving. Then click **OK** to close the Query Properties window. + +The 1-AAD_Scan Job is now ready to run with the customized settings. + +## Analysis Tasks for the 1-AAD_Scan Job + +Navigate to the **.Entra ID Inventory** > **1-AAD_Scan** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for 1-AAD_Scan Job](/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scananalysistasks.webp) + +The default analysis tasks are: + +- Import functions – Imports effective group membership function into the database +- Create Extended Attributes View – Enables the SA_AzureADInventory_ExtendedAttributesPivotView to + be accessible under the job’s Results node +- Bring Users View to Console – Enables the SA_AzureADInventory_UsersView to be accessible under the + job’s Results node +- Bring Groups View to Console – Enables the SA_AzureADInventory_GroupsView to be accessible under + the job’s Results node +- Bring Group Members View to Console – Enables the SA_AzureADInventory_GroupMemberssView to be + accessible under the job’s Results node +- Summarize Domains – Creates interim processing tables in the database for use by downstream + analysis and report generation +- Summarize Stats – Creates interim processing tables in the database for use by downstream analysis + and report generation + +In addition to the tables and views listed in the +[Standard Reference Tables & Views for the AzureADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/standardtables.md) +topic, the 1-AAD_Scan job produces the following preconfigured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Entra ID Summary | This report provides a summary of all audited domains and objects. | None | This report has two elements: - Table – Provides details on general statistics on the Users and groups found with each tenant scanned - Table – Provides details on statistical information for each of these Entra ID objects | diff --git a/docs/accessanalyzer/12.0/solutions/entraidinventory/2-aad-exceptions.md b/docs/accessanalyzer/12.0/solutions/entraidinventory/2-aad-exceptions.md deleted file mode 100644 index 0ca43c24f0..0000000000 --- a/docs/accessanalyzer/12.0/solutions/entraidinventory/2-aad-exceptions.md +++ /dev/null @@ -1,107 +0,0 @@ -# 2-AAD_Exceptions Job - -The 2-AAD_Exceptions Job identifies toxic conditions that exist within Microsoft Entra ID which may -leave environments at risk or add unnecessary administrative overhead. - -## Analysis Tasks for the 2-AAD_Exceptions Job - -Navigate to the **.Entra ID Inventory** > **2-AAD_Exceptions** > **Configure** node and select -**Analysis**. Analysis tasks with configuration parameters that define security concerns can be -modified. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and not be -deselected. There are a few which are deselected by default, as they are for troubleshooting -purposes. - -![Analysis Tasks for 2-AAD_Exceptions Job](/img/product_docs/accessanalyzer/solutions/entraidinventory/exceptionsanalysistasks.webp) - -The default analysis tasks are: - -- Create Exception Type Table – Creates a processing table in the database for use by downstream - analysis and report generation -- Large Groups - - Identifies groups that exceed the defined threshold for effective group membership - - Populates processing tables in the database for use by downstream analysis and report - generation - - This analysis task has configurable parameters - - Definition of a larger group can be customized -- Deeply Nested Groups - - Identifies groups that exceed the defined threshold of deep levels of membership nesting - - Populates processing tables in the database for use by downstream analysis and report - generation - - This analysis task has configurable parameters - - Definition of a deeply nested group can be customized -- Circular Nesting - - Identifies groups with circular references in their effective membership - - Populates processing tables in the database for use by downstream analysis and report - generation -- Empty Groups - - Identifies groups with no membership - - Populates processing tables in the database for use by downstream analysis and report - generation -- Single Member Groups - - Identifies groups with a single direct member - - Populates processing tables in the database for use by downstream analysis and report - generation -- Stale Users - - Identifies user accounts that are disabled or exceed the defined threshold of inactivity - - Populates processing tables in the database for use by downstream analysis and report - generation - - This analysis task has configurable parameters - - Definition of a stale user can be customized -- Stale Membership - - Identifies groups with a high percentage of effective members that are stale users - - Populates processing tables in the database for use by downstream analysis and report - generation - - This analysis task has configurable parameters - - Definition of a stale membership can be customized -- Display Exceptions View – Creates the SA_AzureADInventory_ExceptionsView accessible under the - job’s Results node - -### Customize Analysis Parameters for the 2-AAD_Exceptions Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| -------------------- | --------------------------- | ------------- | --------------------------------------------------------------------- | -| Large Groups | @LARGE_THRESHOLD | 1000 | A group object with 1000 members or more | -| Deeply Nested Groups | @NESTING_THRESHOLD | 10 | A group object nested 10 levels or deeper within another group object | -| Stale Users | @STALE_THRESHOLD | 30 | A user object that has been inactive for 30 days or more | -| | @INCLUDE_DISABLED | True | A user object that has been disabled | -| Stale Membership | @STALE_THRESHOLD | 10 | A group where 10% of its effective members are stale users | - -See the -[Configure the Analysis Tasks for the 2-AAD_Exceptions Job](#configure-the-analysis-tasks-for-the-2-aad_exceptions-job) -section for instructions to modify parameters. See the -[AzureADInventory Exception Types Translated](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/standard-tables.md#azureadinventory-exception-types-translated) -topic for an explanation of Exception Types. - -### Configure the Analysis Tasks for the 2-AAD_Exceptions Job - -Customizable parameters enable Access Analyzer users to set the values used to classify user and -group objects during this job’s analysis. The parameters can be customized and are listed in a -section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s -parameters. - -**CAUTION:** Modifying these parameters affects solutions with .Entra ID Inventory Job Group -dependency. - -**Step 1 –** Navigate to the **.Entra ID Inventory** > **2-AAD_Exceptions** > **Configure** node and -select **Analysis**. - -![Analysis Configuration option on Analysis Selection page](/img/product_docs/accessanalyzer/solutions/entraidinventory/exceptionsanalysisconfiguration.webp) - -**Step 2 –** In the Analysis Selection view, select an analysis task and click **Analysis -Configuration**. The SQL Script Editor opens. - -**Step 3 –** Click Parameters to open the Parameters section. - -![Change Parameter Value in SQL Script Editor](/img/product_docs/accessanalyzer/solutions/entraidinventory/exceptionssqlscripteditor.webp) - -**Step 4 –** Double-click in a field in the Value column and enter a custom value. - -**CAUTION:** Do not change any parameters where the Value states **Created during execution**. - -**Step 5 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. - -Repeat these steps to customize other analysis tasks for this job. diff --git a/docs/accessanalyzer/12.0/solutions/entraidinventory/2-aad_exceptions.md b/docs/accessanalyzer/12.0/solutions/entraidinventory/2-aad_exceptions.md new file mode 100644 index 0000000000..7a58ea5cfa --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/entraidinventory/2-aad_exceptions.md @@ -0,0 +1,107 @@ +# 2-AAD_Exceptions Job + +The 2-AAD_Exceptions Job identifies toxic conditions that exist within Microsoft Entra ID which may +leave environments at risk or add unnecessary administrative overhead. + +## Analysis Tasks for the 2-AAD_Exceptions Job + +Navigate to the **.Entra ID Inventory** > **2-AAD_Exceptions** > **Configure** node and select +**Analysis**. Analysis tasks with configuration parameters that define security concerns can be +modified. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and not be +deselected. There are a few which are deselected by default, as they are for troubleshooting +purposes. + +![Analysis Tasks for 2-AAD_Exceptions Job](/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/exceptionsanalysistasks.webp) + +The default analysis tasks are: + +- Create Exception Type Table – Creates a processing table in the database for use by downstream + analysis and report generation +- Large Groups + - Identifies groups that exceed the defined threshold for effective group membership + - Populates processing tables in the database for use by downstream analysis and report + generation + - This analysis task has configurable parameters + - Definition of a larger group can be customized +- Deeply Nested Groups + - Identifies groups that exceed the defined threshold of deep levels of membership nesting + - Populates processing tables in the database for use by downstream analysis and report + generation + - This analysis task has configurable parameters + - Definition of a deeply nested group can be customized +- Circular Nesting + - Identifies groups with circular references in their effective membership + - Populates processing tables in the database for use by downstream analysis and report + generation +- Empty Groups + - Identifies groups with no membership + - Populates processing tables in the database for use by downstream analysis and report + generation +- Single Member Groups + - Identifies groups with a single direct member + - Populates processing tables in the database for use by downstream analysis and report + generation +- Stale Users + - Identifies user accounts that are disabled or exceed the defined threshold of inactivity + - Populates processing tables in the database for use by downstream analysis and report + generation + - This analysis task has configurable parameters + - Definition of a stale user can be customized +- Stale Membership + - Identifies groups with a high percentage of effective members that are stale users + - Populates processing tables in the database for use by downstream analysis and report + generation + - This analysis task has configurable parameters + - Definition of a stale membership can be customized +- Display Exceptions View – Creates the SA_AzureADInventory_ExceptionsView accessible under the + job’s Results node + +### Customize Analysis Parameters for the 2-AAD_Exceptions Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| -------------------- | --------------------------- | ------------- | --------------------------------------------------------------------- | +| Large Groups | @LARGE_THRESHOLD | 1000 | A group object with 1000 members or more | +| Deeply Nested Groups | @NESTING_THRESHOLD | 10 | A group object nested 10 levels or deeper within another group object | +| Stale Users | @STALE_THRESHOLD | 30 | A user object that has been inactive for 30 days or more | +| | @INCLUDE_DISABLED | True | A user object that has been disabled | +| Stale Membership | @STALE_THRESHOLD | 10 | A group where 10% of its effective members are stale users | + +See the +[Configure the Analysis Tasks for the 2-AAD_Exceptions Job](#configure-the-analysis-tasks-for-the-2-aad_exceptions-job) +section for instructions to modify parameters. See the +[AzureADInventory Exception Types Translated](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/standardtables.md#azureadinventory-exception-types-translated) +topic for an explanation of Exception Types. + +### Configure the Analysis Tasks for the 2-AAD_Exceptions Job + +Customizable parameters enable Access Analyzer users to set the values used to classify user and +group objects during this job’s analysis. The parameters can be customized and are listed in a +section at the bottom of the SQL Script Editor. Follow the steps to customize an analysis task’s +parameters. + +**CAUTION:** Modifying these parameters affects solutions with .Entra ID Inventory Job Group +dependency. + +**Step 1 –** Navigate to the **.Entra ID Inventory** > **2-AAD_Exceptions** > **Configure** node and +select **Analysis**. + +![Analysis Configuration option on Analysis Selection page](/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/exceptionsanalysisconfiguration.webp) + +**Step 2 –** In the Analysis Selection view, select an analysis task and click **Analysis +Configuration**. The SQL Script Editor opens. + +**Step 3 –** Click Parameters to open the Parameters section. + +![Change Parameter Value in SQL Script Editor](/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/exceptionssqlscripteditor.webp) + +**Step 4 –** Double-click in a field in the Value column and enter a custom value. + +**CAUTION:** Do not change any parameters where the Value states **Created during execution**. + +**Step 5 –** Click **Save and Close** to finalize the customization and close the SQL Script Editor. + +Repeat these steps to customize other analysis tasks for this job. diff --git a/docs/accessanalyzer/12.0/solutions/entraidinventory/overview.md b/docs/accessanalyzer/12.0/solutions/entraidinventory/overview.md index c2b9ed8543..5cb51491cd 100644 --- a/docs/accessanalyzer/12.0/solutions/entraidinventory/overview.md +++ b/docs/accessanalyzer/12.0/solutions/entraidinventory/overview.md @@ -18,32 +18,32 @@ Supported Platforms Requirements, Permissions, and Ports -See the [Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/12.0/configuration/entra-id/overview.md) topic +See the [Microsoft Entra ID Tenant Target Requirements](/docs/accessanalyzer/12.0/config/entraid/overview.md) topic for additional information. Location The .Entra ID Inventory Solution is a core component of all Access Analyzer installations. It can be installed from the Access Analyzer Instant Job Wizard. See the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for additional information. +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional information. Navigate to the solution by expanding the Jobs tree and selecting the **.Entra ID Inventory** Job Group. This group has been named in such a way to keep it at the top of the Jobs tree. ## Jobs -![.Entra ID Inventory overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![.Entra ID Inventory overview page](/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/overviewpage.webp) The jobs in the .Entra ID Inventory Solution are: -- [1-AAD_Scan Job](/docs/accessanalyzer/12.0/solutions/entraidinventory/1-aad-scan.md) – Provides essential Microsoft Entra ID User and Group membership +- [1-AAD_Scan Job](/docs/accessanalyzer/12.0/solutions/entraidinventory/1-aad_scan.md) – Provides essential Microsoft Entra ID User and Group membership details to several Access Analyzer built-in solution sets. Key information includes user status, user attributes, and group membership. This job also collects Microsoft Entra roles information. -- [2-AAD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/entraidinventory/2-aad-exceptions.md) – Runs analysis on the collected data and identifies +- [2-AAD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/entraidinventory/2-aad_exceptions.md) – Runs analysis on the collected data and identifies toxic conditions that exist within Microsoft Entra ID which may leave your environment at risk or add unnecessary administrative overhead The data collection is conducted by the AzureADInventory and Entra data collectors. See the -[Standard Reference Tables & Views for the AzureADInventory Data Collector](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/standard-tables.md) +[Standard Reference Tables & Views for the AzureADInventory Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/standardtables.md) topic for database table information. **NOTE:** This solution is required for SharePoint Online reports in the Netwrix Access Information diff --git a/docs/accessanalyzer/12.0/solutions/entraidinventory/recommended.md b/docs/accessanalyzer/12.0/solutions/entraidinventory/recommended.md index e76c4d0afc..40391190f2 100644 --- a/docs/accessanalyzer/12.0/solutions/entraidinventory/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/entraidinventory/recommended.md @@ -19,7 +19,7 @@ is set to **Use the Default Profile**, as configured at the global **Settings** this is not the Connection Profile with the necessary permissions for targeting the Microsoft Entra tenants, select the **Select one of the following user defined profiles** option and select the appropriate Connection Profile. See the -[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/azure-ad-inventory/configure-job.md) +[Microsoft Entra ID Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/configurejob.md) topic for information. History Retention @@ -44,14 +44,14 @@ entire solution, instead of the individual jobs. Query Configuration Run the solution with the default query configuration for best results. While it is recommended to -make no changes to the [1-AAD_Scan Job](/docs/accessanalyzer/12.0/solutions/entraidinventory/1-aad-scan.md), a possible modification might be to scope +make no changes to the [1-AAD_Scan Job](/docs/accessanalyzer/12.0/solutions/entraidinventory/1-aad_scan.md), a possible modification might be to scope the query to not collect login activity. Analysis Configuration Run the solution with the default analysis configuration for best results. However, a possible modification might be to customize exception analysis parameters within the -[2-AAD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/entraidinventory/2-aad-exceptions.md). +[2-AAD_Exceptions Job](/docs/accessanalyzer/12.0/solutions/entraidinventory/2-aad_exceptions.md). Workflow diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-activesync.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-activesync.md deleted file mode 100644 index 83d269c658..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-activesync.md +++ /dev/null @@ -1,66 +0,0 @@ -# ActiveSync > EX_ActiveSync Job - -The EX_ActiveSync job provides visibility into ActiveSync Traffic in the Organization. - -![ActiveSync > EX_ActiveSync Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/activesyncjobstree.webp) - -The EX_ActiveSync job is located in the ActiveSync job group. - -## Analysis Tasks for the EX_ActiveSync Job - -View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **ActiveSync** > -**EX_ActiveSync** > **Configure** node and select **Analysis**. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or -deselected. There are some that are deselected by default, as they are for troubleshooting purposes. - -![Analysis Tasks for the EX_ActiveSync Job](/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/activesyncanalysis.webp) - -The following analysis tasks are selected by default: - -- 01b. Active Sync Data – Creates the SA_EX_ActiveSync_Details table, accessible under the job’s - Results node -- 2. Last Week Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation -- 3. User Device History – Creates the SA_EX_ActiveSync_UserDeviceHistory table, accessible under - the job’s Results node -- 4. Device Population – Creates the SA_EX_ActiveSync_DevicePopulation table, accessible under the - job’s Results node -- 5. Users Ranked – Creates the SA_EX_ActiveSync_UsersRanked table accessible, under the job’s - Results node -- 6. Servers Ranked – Creates the SA_EX_ActiveSync_ServersRanked table accessible, under the job’s - Results node -- 7. SET HISTORY RETENTION – Sets retention period in months - - - The default is **6 months**. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#exchange-history-retention) - topic for additional information - -The following analysis task deletes table data from the analysis jobs. This analysis task should -remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Deletes all History** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. Delete all History - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#troubleshooting-data-collection) - topic for additional information - -The following analysis task updates the table to clean the data so that any UserAgent information -that is returned as NULL is updated based on existing data in the table: - -- 01a. Clean NULL UserAgent – Updates UserAgent information which was returned as NULL based on - existing data - -In addition to the tables and views created by the analysis tasks, the EX_ActiveSync Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Device Types (Device Population) | This report identifies what device models are currently being used with ActiveSync, and the average load they put on the environment each day. | None | This report is comprised of two elements: - Bar Chart – Displays most popular devices - Table – Provides details on most popular devices | -| Server Traffic (Top Servers by Average Daily Traffic) | This report ranks CAS servers by volume of ActiveSync traffic. | None | This report is comprised of two elements: - Bar Chart – Displays top users by average daily traffic - Table – Provides details on top users by average daily traffic | -| Top Users (Top Users by Average Daily Traffic) | This report shows the top users of ActiveSync. | None | This report is comprised of two elements: - Bar Chart – Displays top users by average daily traffic - Table – Provides details on top users by average daily traffic | -| User Devices (User Phones) | This report identifies all devices which have been associated with a User, and the time frames when they were used. | None | This report is comprised of one element: - Table – Provides details on user devices | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md deleted file mode 100644 index 0e171ecb9b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md +++ /dev/null @@ -1,80 +0,0 @@ -# EX_ASPolicies Job - -The EX_ASPolicies Job provides insight into what policies are enabled for which users. - -## Queries for the EX_ASPolicies Job - -The EX_ASPolicies Job uses the ExchangePS Data Collector. - -![Queries for the EX_ASPolicies Job](/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/aspoliciesquery.webp) - -The following query is included in the EX_ASPolicies Job. - -- Exchange Settings – Collects user policy information - - - By default set to search all mailboxes. However, it can be scoped. - - See the [Scope the ExchangePS Data Collector](#scope-the-exchangeps-data-collector) topic for - additional information - -### Scope the ExchangePS Data Collector - -The ExchangePS Data Collector can be scoped if desired. - -Follow the steps to scope the ExchangePS Data Collector: - -**Step 1 –** Navigate to job’s **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the Exchange Settings query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The ExchangePS Data Collector -Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. - -![ExchangePS Data Collector Wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -**Step 4 –** Navigate to the Scope page, and select the desired scoping method from those available. -See the [ExchangePS: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope.md) topic for additional -information. - -- Scope by Database – Select the **Scope by Database Target Host: Local Host** option. Then, click - **Next** and identify the desired databases on the Scope by Databases page. See the - [ExchangePS: Scope by DB](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-databases.md) topic for - additional information. -- Scope by Mailbox – Select the **Scope by Mailbox Target Host: Local Host** option. Then, click - **Next** and identify the desired mailboxes on the Scope by Mailboxes page. See the - [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-mailboxes.md) topic - for additional information. -- Scope by Server – Select the **Scope by Server Target Host: Exchange MB Server** option. The job - returns results for specific servers selected in job’s **Configure** > **Hosts** node. -- Scope by Public Folder – Select the **Scope by Public Folder** option. Then, click **Next** and - identify the desired mailboxes on the Scope by Public Folders page. See the - [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/12.0/data-collection/exchange-ps/scope-public-folders.md) topic - for additional information. -- _Remember,_ the scoping options available vary based on the pre-defined query configurations. - -**Step 5 –** Navigate to the Summary page. Click **Finish**. - -The job applies the modification to future job executions. - -## Analysis Tasks for the EX_ASPolicies Job - -View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **EX_ASPolicies** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_ASPolicies Job](/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/aspoliciesanalysis.webp) - -The following analysis task is selected by default: - -- 1. Update Nulls – Updates the NULLs in the table to show information - -In addition to the tables and views created by the analysis task, the EX_ASPolicies Job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------- | -| User ActiveSync Policies (ActiveSync Settings) | Exchange introduced many ActiveSync policies and settings which can be applied to users. This report identifies which users have these settings enabled. | None | This report is comprised of two elements: - Pie Chart – Displays ActiveSync Policies - Table – Provides details ActiveSync Policies | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-iislogs.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-iislogs.md deleted file mode 100644 index 10b2cbe30a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-iislogs.md +++ /dev/null @@ -1,57 +0,0 @@ -# 0.Collection > EX_IISLogs Job - -The 0.Collection > EX_IISLogs Job provides data collection to be utilized in the ActiveSync, Outlook -Web Access, and Outlook Anywhere Reports. This job goes out to each server that contains the -IIS Logs and parses the log to return the data to the Access Analyzer database. - -![0.Collection > EX_IISLogs Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The EX_IISLogs job is located in the 0.Collection Job Group. - -## Queries for the EX_IISLogs Job - -The EX_IISLogs Job uses the SMARTLog Data Collector. - -![Queries for the EX_IISLogs Job](/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/iislogsquery.webp) - -The following query is included in the EX_IISLogs Job: - -- IIS Logs – Collects IIS Logs - - - By default set to process log files for the last 3 days. This time frame can be modified - - See the [Configure the IIS Logs Query](#configure-the-iis-logs-query) topic for additional - information - -### Configure the IIS Logs Query - -The EX_IISLogs Job has been preconfigured to run with the default settings with the Log Type of -Internet Information Server Log. However, the time frame for the log files to be processed can be -modified on the Target Log page of the SMART Log DC Wizard. See the -[SMARTLog Data Collector](/docs/accessanalyzer/12.0/data-collection/smart-log/overview.md) topic for additional -information. - -Follow the steps to modify the query configuration. - -**Step 1 –** Navigate to the **Exchange** > **2. CAS Metrics** > **0. Collection** > -**EX_IISLogs** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The SMART Log DC Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The other wizard pages are pre-configured for this -job. - -![SMART Log DC Wizard Target Log page](/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/smartlogdctargetlog.webp) - -**Step 4 –** Navigate to the Target Log page, and configure the time frame as required. See the -[SMARTLog: Target Log](/docs/accessanalyzer/12.0/data-collection/smart-log/target-log.md) topic for additional -information. - -_Remember,_ if the date range configuration includes data older than the last scan, the **Persist -Log State** checkbox on the Log State page must be disabled. - -**Step 5 –** Navigate to the Summary page. Click **Finish**. - -The EX_IISLogs Job applies the modifications to future job executions. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-owatraffic.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-owatraffic.md deleted file mode 100644 index 5f86b9e7bf..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-owatraffic.md +++ /dev/null @@ -1,53 +0,0 @@ -# Outlook Web Access > EX_OWATraffic Job - -The EX_OWATraffic Job provides visibility into Outlook Web Access Traffic in the organization. - -![Outlook Web Access > EX_OWATraffic Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp) - -The EX_OWATraffic job is located in the Outlook Web Access Job Group. - -## Analysis Tasks for the EX_OWATraffic Job - -View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **Outlook Web -Access** > **EX_OWATraffic** > **Configure** node and select **Analysis**. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified ordeselected. -There is one that is deselected by default, as it is for troubleshooting purposes. - -![Analysis Tasks for the EX_OWATraffic Job](/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/owatrafficanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. OWA Traffic – Creates the SA_EX_OWATraffic_Details table, accessible under the job’s Results - node -- 2. User Summary – Creates the SA_EX_OWATraffic_UserSummary table, accessible under the job’s - Results node -- 3. Server View – Creates the SA_EX_OWATraffic_ServerSummary table, accessible under the job’s - Results node -- 4. Server View – Creates the SA_EX_OWATraffic_ServerRanked table, accessible under the job’s - Results node -- 5. SET HISTORY RETENTION – Sets retention period in months - - - By default it is set to retain 6 months. This can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#exchange-history-retention) - topic for additional information - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Delete all History** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. Deletes all History - LEAVE UNCHECKED – Clears all historical data - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_OWATraffic Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------------- | -------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Top Servers by Average Load | This report shows servers with the highest average load. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by average daily user count - Table – Provides details on top servers by average daily user count | -| Top Users (Outlook Web Access Traffic) | This report identifies top users of OWA. | None | This report is comprised of two elements: - Bar Chart – Displays top users - Table – Provides details on top users | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-rpctraffic.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-rpctraffic.md deleted file mode 100644 index a98643ce4e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-rpctraffic.md +++ /dev/null @@ -1,55 +0,0 @@ -# Outlook Anywhere > EX_RPCTraffic Job - -The EX_RPCTraffic job provides visibility into Outlook Anywhere or RPC\HTTPs Traffic in the -organization. - -![Outlook Anywhere > EX_RPCTraffic Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/outlookanywherejobstree.webp) - -The EX_RPCTraffic job is located in the Outlook Anywhere job group. - -## Analysis Tasks for the EX_RPCTraffic Job - -View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **Outlook -Anywhere** > **EX_RPCTraffic** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_RPCTraffic Job](/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/rpctrafficanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. RPC View – Creates the SA_EX_RPCTraffic_Details table, accessible under the job’s Results - node -- 2. User Summary – Creates the SA_EX_RPCTraffic_UserSummary table, accessible under the job’s - Results node -- 3. Server View – Creates the SA_EX_RPCTraffic_ServerSummary table, accessible under the job’s - Results node -- 4. Servers Ranked – Creates the SA_EX_RPCTraffic_ServerRanked table, accessible under the job’s - Results node -- 5. SET HISTORY RETENTION – Sets retention period in months - - - The default is 6 months. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#exchange-history-retention) - topic for additional information - -The following analysis tasks deletes table data from data collection and analysis jobs. These -analysis tasks should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Delete all History** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. Delete all History - LEAVE UNCHECKED – Clears all historical data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_RPCTraffic Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------------------------------------------- | -------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Top Servers by Average Load ( Top Servers by Average Daily User Count) | This report shows servers with the highest average load. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top servers by average daily user count - Table – Provides details on top servers by average daily user count | -| Top Users (Outlook Anywhere Traffic) | This report identifies top users of Outlook Anywhere. | None | This report is comprised of two elements: - Bar Chart – Displays top users - Table – Provides details on top users | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_activesync.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_activesync.md new file mode 100644 index 0000000000..e784819f28 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_activesync.md @@ -0,0 +1,66 @@ +# ActiveSync > EX_ActiveSync Job + +The EX_ActiveSync job provides visibility into ActiveSync Traffic in the Organization. + +![ActiveSync > EX_ActiveSync Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/activesyncjobstree.webp) + +The EX_ActiveSync job is located in the ActiveSync job group. + +## Analysis Tasks for the EX_ActiveSync Job + +View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **ActiveSync** > +**EX_ActiveSync** > **Configure** node and select **Analysis**. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or +deselected. There are some that are deselected by default, as they are for troubleshooting purposes. + +![Analysis Tasks for the EX_ActiveSync Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/activesyncanalysis.webp) + +The following analysis tasks are selected by default: + +- 01b. Active Sync Data – Creates the SA_EX_ActiveSync_Details table, accessible under the job’s + Results node +- 2. Last Week Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation +- 3. User Device History – Creates the SA_EX_ActiveSync_UserDeviceHistory table, accessible under + the job’s Results node +- 4. Device Population – Creates the SA_EX_ActiveSync_DevicePopulation table, accessible under the + job’s Results node +- 5. Users Ranked – Creates the SA_EX_ActiveSync_UsersRanked table accessible, under the job’s + Results node +- 6. Servers Ranked – Creates the SA_EX_ActiveSync_ServersRanked table accessible, under the job’s + Results node +- 7. SET HISTORY RETENTION – Sets retention period in months + + - The default is **6 months**. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +The following analysis task deletes table data from the analysis jobs. This analysis task should +remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Deletes all History** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. Delete all History + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +The following analysis task updates the table to clean the data so that any UserAgent information +that is returned as NULL is updated based on existing data in the table: + +- 01a. Clean NULL UserAgent – Updates UserAgent information which was returned as NULL based on + existing data + +In addition to the tables and views created by the analysis tasks, the EX_ActiveSync Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Device Types (Device Population) | This report identifies what device models are currently being used with ActiveSync, and the average load they put on the environment each day. | None | This report is comprised of two elements: - Bar Chart – Displays most popular devices - Table – Provides details on most popular devices | +| Server Traffic (Top Servers by Average Daily Traffic) | This report ranks CAS servers by volume of ActiveSync traffic. | None | This report is comprised of two elements: - Bar Chart – Displays top users by average daily traffic - Table – Provides details on top users by average daily traffic | +| Top Users (Top Users by Average Daily Traffic) | This report shows the top users of ActiveSync. | None | This report is comprised of two elements: - Bar Chart – Displays top users by average daily traffic - Table – Provides details on top users by average daily traffic | +| User Devices (User Phones) | This report identifies all devices which have been associated with a User, and the time frames when they were used. | None | This report is comprised of one element: - Table – Provides details on user devices | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md new file mode 100644 index 0000000000..93a3afe626 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md @@ -0,0 +1,80 @@ +# EX_ASPolicies Job + +The EX_ASPolicies Job provides insight into what policies are enabled for which users. + +## Queries for the EX_ASPolicies Job + +The EX_ASPolicies Job uses the ExchangePS Data Collector. + +![Queries for the EX_ASPolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/aspoliciesquery.webp) + +The following query is included in the EX_ASPolicies Job. + +- Exchange Settings – Collects user policy information + + - By default set to search all mailboxes. However, it can be scoped. + - See the [Scope the ExchangePS Data Collector](#scope-the-exchangeps-data-collector) topic for + additional information + +### Scope the ExchangePS Data Collector + +The ExchangePS Data Collector can be scoped if desired. + +Follow the steps to scope the ExchangePS Data Collector: + +**Step 1 –** Navigate to job’s **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the Exchange Settings query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The ExchangePS Data Collector +Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. + +![ExchangePS Data Collector Wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) + +**Step 4 –** Navigate to the Scope page, and select the desired scoping method from those available. +See the [ExchangePS: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.md) topic for additional +information. + +- Scope by Database – Select the **Scope by Database Target Host: Local Host** option. Then, click + **Next** and identify the desired databases on the Scope by Databases page. See the + [ExchangePS: Scope by DB](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopedatabases.md) topic for + additional information. +- Scope by Mailbox – Select the **Scope by Mailbox Target Host: Local Host** option. Then, click + **Next** and identify the desired mailboxes on the Scope by Mailboxes page. See the + [ExchangePS: Scope by Mailboxes](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopemailboxes.md) topic + for additional information. +- Scope by Server – Select the **Scope by Server Target Host: Exchange MB Server** option. The job + returns results for specific servers selected in job’s **Configure** > **Hosts** node. +- Scope by Public Folder – Select the **Scope by Public Folder** option. Then, click **Next** and + identify the desired mailboxes on the Scope by Public Folders page. See the + [ExchangePS: Scope by Public Folders](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfolders.md) topic + for additional information. +- _Remember,_ the scoping options available vary based on the pre-defined query configurations. + +**Step 5 –** Navigate to the Summary page. Click **Finish**. + +The job applies the modification to future job executions. + +## Analysis Tasks for the EX_ASPolicies Job + +View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **EX_ASPolicies** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_ASPolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/aspoliciesanalysis.webp) + +The following analysis task is selected by default: + +- 1. Update Nulls – Updates the NULLs in the table to show information + +In addition to the tables and views created by the analysis task, the EX_ASPolicies Job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------- | +| User ActiveSync Policies (ActiveSync Settings) | Exchange introduced many ActiveSync policies and settings which can be applied to users. This report identifies which users have these settings enabled. | None | This report is comprised of two elements: - Pie Chart – Displays ActiveSync Policies - Table – Provides details ActiveSync Policies | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_iislogs.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_iislogs.md new file mode 100644 index 0000000000..02fd4cdbda --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_iislogs.md @@ -0,0 +1,57 @@ +# 0.Collection > EX_IISLogs Job + +The 0.Collection > EX_IISLogs Job provides data collection to be utilized in the ActiveSync, Outlook +Web Access, and Outlook Anywhere Reports. This job goes out to each server that contains the +IIS Logs and parses the log to return the data to the Access Analyzer database. + +![0.Collection > EX_IISLogs Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/collectionjobstree.webp) + +The EX_IISLogs job is located in the 0.Collection Job Group. + +## Queries for the EX_IISLogs Job + +The EX_IISLogs Job uses the SMARTLog Data Collector. + +![Queries for the EX_IISLogs Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/iislogsquery.webp) + +The following query is included in the EX_IISLogs Job: + +- IIS Logs – Collects IIS Logs + + - By default set to process log files for the last 3 days. This time frame can be modified + - See the [Configure the IIS Logs Query](#configure-the-iis-logs-query) topic for additional + information + +### Configure the IIS Logs Query + +The EX_IISLogs Job has been preconfigured to run with the default settings with the Log Type of +Internet Information Server Log. However, the time frame for the log files to be processed can be +modified on the Target Log page of the SMART Log DC Wizard. See the +[SMARTLog Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/overview.md) topic for additional +information. + +Follow the steps to modify the query configuration. + +**Step 1 –** Navigate to the **Exchange** > **2. CAS Metrics** > **0. Collection** > +**EX_IISLogs** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The SMART Log DC Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The other wizard pages are pre-configured for this +job. + +![SMART Log DC Wizard Target Log page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/smartlogdctargetlog.webp) + +**Step 4 –** Navigate to the Target Log page, and configure the time frame as required. See the +[SMARTLog: Target Log](/docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlog.md) topic for additional +information. + +_Remember,_ if the date range configuration includes data older than the last scan, the **Persist +Log State** checkbox on the Log State page must be disabled. + +**Step 5 –** Navigate to the Summary page. Click **Finish**. + +The EX_IISLogs Job applies the modifications to future job executions. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_owatraffic.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_owatraffic.md new file mode 100644 index 0000000000..a18300e08f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_owatraffic.md @@ -0,0 +1,53 @@ +# Outlook Web Access > EX_OWATraffic Job + +The EX_OWATraffic Job provides visibility into Outlook Web Access Traffic in the organization. + +![Outlook Web Access > EX_OWATraffic Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp) + +The EX_OWATraffic job is located in the Outlook Web Access Job Group. + +## Analysis Tasks for the EX_OWATraffic Job + +View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **Outlook Web +Access** > **EX_OWATraffic** > **Configure** node and select **Analysis**. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified ordeselected. +There is one that is deselected by default, as it is for troubleshooting purposes. + +![Analysis Tasks for the EX_OWATraffic Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/owatrafficanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. OWA Traffic – Creates the SA_EX_OWATraffic_Details table, accessible under the job’s Results + node +- 2. User Summary – Creates the SA_EX_OWATraffic_UserSummary table, accessible under the job’s + Results node +- 3. Server View – Creates the SA_EX_OWATraffic_ServerSummary table, accessible under the job’s + Results node +- 4. Server View – Creates the SA_EX_OWATraffic_ServerRanked table, accessible under the job’s + Results node +- 5. SET HISTORY RETENTION – Sets retention period in months + + - By default it is set to retain 6 months. This can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Delete all History** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. Deletes all History - LEAVE UNCHECKED – Clears all historical data + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_OWATraffic Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------------- | -------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Top Servers by Average Load | This report shows servers with the highest average load. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by average daily user count - Table – Provides details on top servers by average daily user count | +| Top Users (Outlook Web Access Traffic) | This report identifies top users of OWA. | None | This report is comprised of two elements: - Bar Chart – Displays top users - Table – Provides details on top users | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_rpctraffic.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_rpctraffic.md new file mode 100644 index 0000000000..bd92fb4aad --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_rpctraffic.md @@ -0,0 +1,55 @@ +# Outlook Anywhere > EX_RPCTraffic Job + +The EX_RPCTraffic job provides visibility into Outlook Anywhere or RPC\HTTPs Traffic in the +organization. + +![Outlook Anywhere > EX_RPCTraffic Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/outlookanywherejobstree.webp) + +The EX_RPCTraffic job is located in the Outlook Anywhere job group. + +## Analysis Tasks for the EX_RPCTraffic Job + +View the analysis tasks by navigating to the **Exchange** > **2. CAS Metrics** > **Outlook +Anywhere** > **EX_RPCTraffic** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_RPCTraffic Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/rpctrafficanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. RPC View – Creates the SA_EX_RPCTraffic_Details table, accessible under the job’s Results + node +- 2. User Summary – Creates the SA_EX_RPCTraffic_UserSummary table, accessible under the job’s + Results node +- 3. Server View – Creates the SA_EX_RPCTraffic_ServerSummary table, accessible under the job’s + Results node +- 4. Servers Ranked – Creates the SA_EX_RPCTraffic_ServerRanked table, accessible under the job’s + Results node +- 5. SET HISTORY RETENTION – Sets retention period in months + + - The default is 6 months. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +The following analysis tasks deletes table data from data collection and analysis jobs. These +analysis tasks should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Delete all History** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. Delete all History - LEAVE UNCHECKED – Clears all historical data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_RPCTraffic Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------------------------------------------- | -------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Top Servers by Average Load ( Top Servers by Average Daily User Count) | This report shows servers with the highest average load. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top servers by average daily user count - Table – Provides details on top servers by average daily user count | +| Top Users (Outlook Anywhere Traffic) | This report identifies top users of Outlook Anywhere. | None | This report is comprised of two elements: - Bar Chart – Displays top users - Table – Provides details on top users | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/overview.md index 16e4b2f0d3..0b8256cda0 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/overview.md @@ -5,25 +5,25 @@ remote connections (Outlook Web Access, ActiveSync, and Outlook Anywhere Access) your organization. This job group goes out to each server that contains the IIS Logs and parses the logs to return the data to the Access Analyzer database. -![2.CAS Metrics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![2.CAS Metrics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/jobstree.webp) The jobs in the 2.CAS Metrics Job Group are: -- [0.Collection > EX_IISLogs Job](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-iislogs.md) – Provides data collection to be utilized in the +- [0.Collection > EX_IISLogs Job](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_iislogs.md) – Provides data collection to be utilized in the ActiveSync, Outlook Web Access, and Outlook Anywhere Reports. This job group goes out to each server that contains the IIS Logs and parses the logs to return the data to the Access Analyzer database. -- [ActiveSync > EX_ActiveSync Job](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-activesync.md) – Provides visibility into ActiveSync Traffic +- [ActiveSync > EX_ActiveSync Job](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_activesync.md) – Provides visibility into ActiveSync Traffic in the Organization -- [Outlook Anywhere > EX_RPCTraffic Job](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-rpctraffic.md) – Provides visibility into Outlook +- [Outlook Anywhere > EX_RPCTraffic Job](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_rpctraffic.md) – Provides visibility into Outlook Anywhere or RPC\HTTPs Traffic in the organization -- [Outlook Web Access > EX_OWATraffic Job](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-owatraffic.md) – Provides visibility into Outlook Web +- [Outlook Web Access > EX_OWATraffic Job](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_owatraffic.md) – Provides visibility into Outlook Web Access Traffic in the organization -- [EX_ASPolicies Job](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md) – Comprised of data collection and a report to show +- [EX_ASPolicies Job](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md) – Comprised of data collection and a report to show information about what policies are enabled for which users - **NOTE:** An actual CAS name is required for the data collection. When targeting Exchange 2013 - or 2016, it is possible for the **Settings** > **Exchange** node to have been configured with a - web address instead of an actual server. See the - [ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/12.0/solutions/exchange/recommended.md) topic for additional - information. + **NOTE:** An actual CAS name is required for the data collection. When targeting Exchange 2013 + or 2016, it is possible for the **Settings** > **Exchange** node to have been configured with a + web address instead of an actual server. See the + [ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/12.0/solutions/exchange/recommended.md) topic for additional + information. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/recommended.md b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/recommended.md index 5ff8346f16..b785c5bb6a 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/recommended.md @@ -28,12 +28,12 @@ Connection Profile A Connection Profile must be set directly on the EX_IISLogs Job and the EX_ASPolicies Job. See the -[Exchange Remote Connections Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/remote-connections.md) +[Exchange Remote Connections Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/remoteconnections.md) topic for the EX_IISLogs Job required permissions. See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) topic for +[Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) topic for the EX_ASPolicies Job requirements. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex-dbinfo.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex-dbinfo.md deleted file mode 100644 index 0d8fb21693..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex-dbinfo.md +++ /dev/null @@ -1,28 +0,0 @@ -# 1.Local > EX_DBInfo Job - -The EX_DBInfo job utilizes Exchange PowerShell to gather 2010/2013 Mailbox Size information. - -![1.Local > EX_DBInfo Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/localjobstree.webp) - -The EX_DBInfo job is located in the 1.Local job group. - -**NOTE:** An actual CAS name is required for the data collection. When targeting Exchange 2013 or -2016, it is possible for the **Settings** > **Exchange** node to have been configured with a web -address instead of an actual server. See the -[ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/12.0/solutions/exchange/recommended.md) topic for additional -information. - -## Queries for the EX_DBInfo Job - -The EX_DBInfo Job uses the ExchangePS Data Collector. - -![Queries for the EX_DBInfo Job](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/dbinfoquery.webp) - -The following query is included in the EX_DBInfo Job: - -- Exchange 2010 Store Size – Collects mailbox size information - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md#scope-the-exchangeps-data-collector) - topic for additional information diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex-pfinfo.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex-pfinfo.md deleted file mode 100644 index 94221897fb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex-pfinfo.md +++ /dev/null @@ -1,20 +0,0 @@ -# 2.PF > EX_PFInfo Job - -The EX_PFInfo job utilizes MAPI to gather Public Folder Database Information focusing on database -sizing, growth, and trends. - -![2.PF > EX_PFInfo Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/pfjobstree.webp) - -The EX_PFInfo job is located in the 2.PF job group. - -## Queries for the EX_PFInfo Job - -The EX_PFInfo Job uses the Exchange2K Data Collector for the query. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Queries for the EX_PFInfo Job](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/pfinfoquery.webp) - -The following query is included in the EX_PFInfo Job: - -- Exchange Public Store Information – Collects Exchange Public Store information diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex_dbinfo.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex_dbinfo.md new file mode 100644 index 0000000000..76a72d170b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex_dbinfo.md @@ -0,0 +1,28 @@ +# 1.Local > EX_DBInfo Job + +The EX_DBInfo job utilizes Exchange PowerShell to gather 2010/2013 Mailbox Size information. + +![1.Local > EX_DBInfo Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/localjobstree.webp) + +The EX_DBInfo job is located in the 1.Local job group. + +**NOTE:** An actual CAS name is required for the data collection. When targeting Exchange 2013 or +2016, it is possible for the **Settings** > **Exchange** node to have been configured with a web +address instead of an actual server. See the +[ExchangePS Data Collector & Client Access Server](/docs/accessanalyzer/12.0/solutions/exchange/recommended.md) topic for additional +information. + +## Queries for the EX_DBInfo Job + +The EX_DBInfo Job uses the ExchangePS Data Collector. + +![Queries for the EX_DBInfo Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/dbinfoquery.webp) + +The following query is included in the EX_DBInfo Job: + +- Exchange 2010 Store Size – Collects mailbox size information + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex_pfinfo.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex_pfinfo.md new file mode 100644 index 0000000000..32dde94065 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex_pfinfo.md @@ -0,0 +1,20 @@ +# 2.PF > EX_PFInfo Job + +The EX_PFInfo job utilizes MAPI to gather Public Folder Database Information focusing on database +sizing, growth, and trends. + +![2.PF > EX_PFInfo Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/pfjobstree.webp) + +The EX_PFInfo job is located in the 2.PF job group. + +## Queries for the EX_PFInfo Job + +The EX_PFInfo Job uses the Exchange2K Data Collector for the query. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Queries for the EX_PFInfo Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/pfinfoquery.webp) + +The following query is included in the EX_PFInfo Job: + +- Exchange Public Store Information – Collects Exchange Public Store information diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/overview.md index 07564105c4..f5ccce2f7c 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/overview.md @@ -3,11 +3,11 @@ The 0.Collection Job Group is comprised of data collection, analysis, and reports that focus on database sizing, growth, and trends. -![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/collectionjobstree.webp) The jobs in the 0.Collection Job Group are: -- [1.Local > EX_DBInfo Job](/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex-dbinfo.md) – Utilizes Exchange PowerShell to gather 2010/2013 Mailbox +- [1.Local > EX_DBInfo Job](/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex_dbinfo.md) – Utilizes Exchange PowerShell to gather 2010/2013 Mailbox Size Information -- [2.PF > EX_PFInfo Job](/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex-pfinfo.md) – Utilizes MAPI to gather Public Folder Database Information +- [2.PF > EX_PFInfo Job](/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/ex_pfinfo.md) – Utilizes MAPI to gather Public Folder Database Information focusing on database sizing, growth, and trends diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/ex-dbsizing.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/ex-dbsizing.md deleted file mode 100644 index 5fb99931d1..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/databases/ex-dbsizing.md +++ /dev/null @@ -1,54 +0,0 @@ -# EX_DBSizing Job - -The EX_DBSizing Job provides visibility into current database sizes, growth statistics, and -historical sizing information. - -## Analysis Tasks for the EX_DBSizing Job - -View the analysis tasks by navigating to the **Exchange** > **3. Databases** > **EX_DBSizing** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_DBSizing Job](/img/product_docs/accessanalyzer/solutions/exchange/databases/dbsizinganalysis.webp) - -The following analysis tasks are selected by default: - -- 2. Database Size History – Creates the SA_EX_DBSizing_SizeHist table, accessible under the job’s - Results node -- SET HISTORY RETENTION – Sets retention period in months - - - The default is 6 months. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#exchange-history-retention) - topic for additional information - -- 3. Database details table – Creates the SA_EX_DBSizing_StoreDetails table, accessible under the - job’s Results node -- 4. 30 day Database growth table – Creates the SA_EX_DBSizing_30DayGrowth table, accessible under - the job’s Results node -- 5. 7 day Database growth table – Creates the SA_EX_DBSizing_7DayGrowth table, accessible under - the job’s Results node - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 1. Deletes all Stored Data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_DBSizing Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Database Details (Storage Group Details) | This report provides the details of Mailbox Stores grouped by Server, then Storage Group. This report helps administrators locate Storage Groups that may be growing out of control. If a storage group with very few users is extremely large, further investigation may be required. | None | This report is comprised of two elements: - Bar Chart – Displays database sizes - Table – Provides details on database sizes | -| Database Growth Statistics | This report displays the top 10 Databases that grew over the last 30 days in pure MB. This report is filtered on the Rank Column for Top 10 and may be modified to fit any desired Top outcome. | None | This report is comprised of four elements: - Stacked Bar Chart – Displays store size growth - Stacked Bar Chart – Displays WhiteSpace growth - Table – Provides details on store size growth - Table – Provides details on WhiteSpace growth | -| Historical Database Information | This report shows the history of the store size, white space, mailbox count, and hard drive space on all targeted servers. | None | This report is comprised of one element: - Table – Displays details on historical store information | -| Mailbox Counts by Database | This report graphically displays the number of Mailboxes by Database.  It provides an overall picture of the Exchange Mailbox Environment. Having a clear break down of the number of mailboxes per database allows for better planning of architecture in the future. | None | This report is comprised of two elements: - Bar Chart – Displays mailbox counts by database - Table – Provides details on mailbox counts by database | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/ex-dbtrending.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/ex-dbtrending.md deleted file mode 100644 index d5b4916f16..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/databases/ex-dbtrending.md +++ /dev/null @@ -1,33 +0,0 @@ -# EX_DBTrending - -The EX_DBTrending Job creates trend projections for mailbox and public folder databases for the -entire organization. - -## Analysis Tasks for the EX_DBTrending Job - -View the analysis tasks by navigating to the **Exchange** > **3. Databases** > **EX_DBTrending** > -**Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_DBTrending Job](/img/product_docs/accessanalyzer/solutions/exchange/databases/dbtrendinganalysis.webp) - -The following analysis tasks are selected by default: - -- 0. Drop tables – Drops tables from previous runs -- 1. Store size history – Creates the SA_EX_DBTrending_History table, accessible under the job’s - Results node -- 2. Trend Mailbox Database – Creates the SA_EX_DBTrending_MBTREND table, accessible under the - job’s Results node -- 3. Trend Public Store – Creates the SA_EX_DBTrending_PFTREND table, accessible under the job’s - Results node -- 4. Modify Runtime to be Date – Modifies the runtime for the SA_EX_DBTrending_MBTREND table and - the SA_EX_DBTrending_PFTREND table, to be set to a month/day/year (mdy) date format - -In addition to the tables and views created by the analysis tasks, the EX_DBTrending Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------- | -| Capacity Planning - Databases | This report displays the growth rate trend of your private stores and the growth rate trend of your public stores.  The trend is projected for two months. These reports help identify bad trends in growth on Exchange servers for hard drive space usage is key in avoiding running out of space. | None | This report is comprised of two elements: - Line Chart – Displays private store trend - Line Chart – Displays public store trend | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/ex_dbsizing.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/ex_dbsizing.md new file mode 100644 index 0000000000..d89e8b2518 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/databases/ex_dbsizing.md @@ -0,0 +1,54 @@ +# EX_DBSizing Job + +The EX_DBSizing Job provides visibility into current database sizes, growth statistics, and +historical sizing information. + +## Analysis Tasks for the EX_DBSizing Job + +View the analysis tasks by navigating to the **Exchange** > **3. Databases** > **EX_DBSizing** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_DBSizing Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/dbsizinganalysis.webp) + +The following analysis tasks are selected by default: + +- 2. Database Size History – Creates the SA_EX_DBSizing_SizeHist table, accessible under the job’s + Results node +- SET HISTORY RETENTION – Sets retention period in months + + - The default is 6 months. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +- 3. Database details table – Creates the SA_EX_DBSizing_StoreDetails table, accessible under the + job’s Results node +- 4. 30 day Database growth table – Creates the SA_EX_DBSizing_30DayGrowth table, accessible under + the job’s Results node +- 5. 7 day Database growth table – Creates the SA_EX_DBSizing_7DayGrowth table, accessible under + the job’s Results node + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 1. Deletes all Stored Data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_DBSizing Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Database Details (Storage Group Details) | This report provides the details of Mailbox Stores grouped by Server, then Storage Group. This report helps administrators locate Storage Groups that may be growing out of control. If a storage group with very few users is extremely large, further investigation may be required. | None | This report is comprised of two elements: - Bar Chart – Displays database sizes - Table – Provides details on database sizes | +| Database Growth Statistics | This report displays the top 10 Databases that grew over the last 30 days in pure MB. This report is filtered on the Rank Column for Top 10 and may be modified to fit any desired Top outcome. | None | This report is comprised of four elements: - Stacked Bar Chart – Displays store size growth - Stacked Bar Chart – Displays WhiteSpace growth - Table – Provides details on store size growth - Table – Provides details on WhiteSpace growth | +| Historical Database Information | This report shows the history of the store size, white space, mailbox count, and hard drive space on all targeted servers. | None | This report is comprised of one element: - Table – Displays details on historical store information | +| Mailbox Counts by Database | This report graphically displays the number of Mailboxes by Database.  It provides an overall picture of the Exchange Mailbox Environment. Having a clear break down of the number of mailboxes per database allows for better planning of architecture in the future. | None | This report is comprised of two elements: - Bar Chart – Displays mailbox counts by database - Table – Provides details on mailbox counts by database | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/ex_dbtrending.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/ex_dbtrending.md new file mode 100644 index 0000000000..633f2dbb19 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/databases/ex_dbtrending.md @@ -0,0 +1,33 @@ +# EX_DBTrending + +The EX_DBTrending Job creates trend projections for mailbox and public folder databases for the +entire organization. + +## Analysis Tasks for the EX_DBTrending Job + +View the analysis tasks by navigating to the **Exchange** > **3. Databases** > **EX_DBTrending** > +**Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_DBTrending Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/dbtrendinganalysis.webp) + +The following analysis tasks are selected by default: + +- 0. Drop tables – Drops tables from previous runs +- 1. Store size history – Creates the SA_EX_DBTrending_History table, accessible under the job’s + Results node +- 2. Trend Mailbox Database – Creates the SA_EX_DBTrending_MBTREND table, accessible under the + job’s Results node +- 3. Trend Public Store – Creates the SA_EX_DBTrending_PFTREND table, accessible under the job’s + Results node +- 4. Modify Runtime to be Date – Modifies the runtime for the SA_EX_DBTrending_MBTREND table and + the SA_EX_DBTrending_PFTREND table, to be set to a month/day/year (mdy) date format + +In addition to the tables and views created by the analysis tasks, the EX_DBTrending Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------- | +| Capacity Planning - Databases | This report displays the growth rate trend of your private stores and the growth rate trend of your public stores.  The trend is projected for two months. These reports help identify bad trends in growth on Exchange servers for hard drive space usage is key in avoiding running out of space. | None | This report is comprised of two elements: - Line Chart – Displays private store trend - Line Chart – Displays public store trend | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/overview.md index 1791dacbf0..2ba43d18f1 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/databases/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/databases/overview.md @@ -3,15 +3,15 @@ The 3. Databases Job Group is comprised of data collection, analyses, and reports that focus on database sizing, growth, and trends. -![3.Databases Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![3.Databases Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/jobstree.webp) The following comprise the 3. Databases Job Group: - [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/exchange/databases/collection/overview.md) – Comprised of data collection, analysis, and reports that focus on database sizing, growth, and trends -- [EX_DBSizing Job](/docs/accessanalyzer/12.0/solutions/exchange/databases/ex-dbsizing.md) – Comprised of analyses and reports which provide information on +- [EX_DBSizing Job](/docs/accessanalyzer/12.0/solutions/exchange/databases/ex_dbsizing.md) – Comprised of analyses and reports which provide information on current database sizes, growth statistics, and historical sizing information -- [EX_DBTrending](/docs/accessanalyzer/12.0/solutions/exchange/databases/ex-dbtrending.md) – Creates trend projections for mailbox and public folder +- [EX_DBTrending](/docs/accessanalyzer/12.0/solutions/exchange/databases/ex_dbtrending.md) – Creates trend projections for mailbox and public folder databases for the entire organization The 3. Databases Job Group uses a MAPI-based data collector, Exchange2K. Therefore, it requires both @@ -19,4 +19,4 @@ Access Analyzer MAPI CDO and Microsoft Exchange MAPI CDO to be installed on the Console server. Once these have been installed, the **Settings** > **Exchange** node must be configured for proper connection to the Exchange server. -See the [Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) topic for additional information. +See the [Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/databases/recommended.md b/docs/accessanalyzer/12.0/solutions/exchange/databases/recommended.md index 17c94499e5..1ac25e4f9e 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/databases/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/databases/recommended.md @@ -27,12 +27,12 @@ through host inventory results. Connection Profile A Connection Profile must be set directly on the EX_DBInfo Job and the EX_PFInfo Job. See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) topic for +[Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) topic for the Ex_DBInfo Job required permissions. See the -[MAPI-Based Data Collector Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mapi.md) topic for +[MAPI-Based Data Collector Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/mapi.md) topic for the EX_PFInfo Job requirements. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex-dlcleanup.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex-dlcleanup.md deleted file mode 100644 index 7a9f72b67d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex-dlcleanup.md +++ /dev/null @@ -1,27 +0,0 @@ -# EX_DLCleanup Job - -The EX_DLCleanup job identifies potentially stale Distribution Groups based on the last domain logon -of the members, membership counts, and last time mail was sent to the distribution lists. These DLs -should be reviewed and cleaned up. - -## Analysis Tasks for the EX_DLCleanup Job - -View the analysis task by navigating to the **Exchange** > **6. Distribution Lists** > -**EX_DLCleanup** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_DLCleanup Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/dlcleanupanalysis.webp) - -The following analysis task is selected by default: - -- 1. DL Cleanup – Creates the SA_EX_GroupCleanup_GroupSummary table, accessible under the job’s - Results node - -In addition to the tables and views created by the analysis task, the EX_DLCleanup job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------- | -| Distribution List Cleanup (Distribution List Overview) | This report identifies common issues which may affect distribution list group membership. | None | This report is comprised of one element: - Table – Provides a distribution list overview | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex-groupexpansion.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex-groupexpansion.md deleted file mode 100644 index 9e8cf0db9b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex-groupexpansion.md +++ /dev/null @@ -1,24 +0,0 @@ -# Effective Membership > EX_GroupExpansion Job - -The EX_GroupExpansion job expands the direct membership of distribution groups in the environment. - -![Effective Membership > EX_GroupExpansion Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/effectivemembershipjobstree.webp) - -The EX_GroupExpansion job is located in the Effective Membership job group. - -## Analysis Tasks for the EX_GroupExpansion Job - -View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Effective -Membership** > **EX_GroupExpansion** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_GroupExpansion Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/groupexpansionanalysis.webp) - -The following analysis tasks are selected by default: - -- Drop Tables – Drops all previously-created tables and creates the group expansion function -- 1a. Expand Distribution Groups – Expands the distribution group’s direct members -- 2. Create Group Membership View – Creates an interim processing table in the database for use by - downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex_dlcleanup.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex_dlcleanup.md new file mode 100644 index 0000000000..f325f1debf --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex_dlcleanup.md @@ -0,0 +1,27 @@ +# EX_DLCleanup Job + +The EX_DLCleanup job identifies potentially stale Distribution Groups based on the last domain logon +of the members, membership counts, and last time mail was sent to the distribution lists. These DLs +should be reviewed and cleaned up. + +## Analysis Tasks for the EX_DLCleanup Job + +View the analysis task by navigating to the **Exchange** > **6. Distribution Lists** > +**EX_DLCleanup** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_DLCleanup Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/dlcleanupanalysis.webp) + +The following analysis task is selected by default: + +- 1. DL Cleanup – Creates the SA_EX_GroupCleanup_GroupSummary table, accessible under the job’s + Results node + +In addition to the tables and views created by the analysis task, the EX_DLCleanup job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------- | +| Distribution List Cleanup (Distribution List Overview) | This report identifies common issues which may affect distribution list group membership. | None | This report is comprised of one element: - Table – Provides a distribution list overview | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex_groupexpansion.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex_groupexpansion.md new file mode 100644 index 0000000000..bdf707cb4e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex_groupexpansion.md @@ -0,0 +1,24 @@ +# Effective Membership > EX_GroupExpansion Job + +The EX_GroupExpansion job expands the direct membership of distribution groups in the environment. + +![Effective Membership > EX_GroupExpansion Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/effectivemembershipjobstree.webp) + +The EX_GroupExpansion job is located in the Effective Membership job group. + +## Analysis Tasks for the EX_GroupExpansion Job + +View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Effective +Membership** > **EX_GroupExpansion** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_GroupExpansion Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/groupexpansionanalysis.webp) + +The following analysis tasks are selected by default: + +- Drop Tables – Drops all previously-created tables and creates the group expansion function +- 1a. Expand Distribution Groups – Expands the distribution group’s direct members +- 2. Create Group Membership View – Creates an interim processing table in the database for use by + downstream analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-circularnesting.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-circularnesting.md deleted file mode 100644 index 035fbfb829..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-circularnesting.md +++ /dev/null @@ -1,20 +0,0 @@ -# EX_CircularNesting Job - -The EX_CircularNesting job identifies where circular nesting exists within distribution groups. - -## Analysis Tasks for the EX_CircularNesting Job - -View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership -Analysis** > **EX_CircularNesting** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_CircularNesting Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Circular Nesting Details – Creates the SA_EX_CircularNesting_Details table, accessible under - the job’s Results node -- 2. Domain Summary – Creates the SA_EX_CircularNesting_DomainSummary table, accessible under the - job’s Results node diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-emptygroups.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-emptygroups.md deleted file mode 100644 index bb0141f95d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-emptygroups.md +++ /dev/null @@ -1,25 +0,0 @@ -# EX_EmptyGroups Job - -The EX_EmptyGroups job identifies empty distribution groups that are candidates for cleanup. - -## Analysis Tasks for the EX_EmptyGroups Job - -View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership -Analysis** > **EX_EmptyGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_EmptyGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- 0. Drop tables – Drops tables from previous runs -- 1. Empty Groups – Creates the SA_EX_EmptyGroups_Empty table, accessible under the job’s Results - node -- 2. Single User Groups – Creates the SA_EX_EmptyGroups_SingleUser table, accessible under the - job’s Results node -- 3. Summarize Empty Groups – Creates the SA_EX_EmptyGroups_EmptySummary table, accessible under - the job’s Results node -- 4. Summarize Single User Groups – Creates the SA_EX_EmptyGroups_SingleUserSummary table, - accessible under the job’s Results node diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-largestgroups.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-largestgroups.md deleted file mode 100644 index 4187ed3792..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-largestgroups.md +++ /dev/null @@ -1,18 +0,0 @@ -# EX_LargestGroups Job - -The EX_LargestGroups job identifies distribution groups with a high member count. - -## Analysis Tasks for the EX_LargestGroups Job - -View the analysis task by navigating to the **Exchange** > **6. Distribution Lists** > **Membership -Analysis** > **EX_LargestGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_LargestGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp) - -The following analysis task is selected by default: - -- 1. Group Details – Creates the SA_EX_LargestGroups_Details table, accessible under the job’s - Results node diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-nestedgroups.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-nestedgroups.md deleted file mode 100644 index dca5881893..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-nestedgroups.md +++ /dev/null @@ -1,20 +0,0 @@ -# EX_NestedGroups Job - -The EX_NestedGroups job identifies where nesting exists within distribution groups. - -## Analysis Tasks for the EX_NestedGroups Job - -View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership -Analysis** > **EX_NestedGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_NestedGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Details – Creates the SA_EX_NestedGroups_Details table, accessible under the job’s Results - node -- 2. Summarize by Domain – Creates the SA_EX_NestedGroups_DomainSummary table, accessible under - the job’s Results node diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-stalegroups.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-stalegroups.md deleted file mode 100644 index db044392f6..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-stalegroups.md +++ /dev/null @@ -1,23 +0,0 @@ -# EX_StaleGroups Job - -The EX_StaleGroups job identifies potentially stale distribution groups based on the last domain -logon of the members. These groups should be reviewed and cleaned up. - -## Analysis Tasks for the EX_StaleGroups Job - -View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership -Analysis** > **EX_StaleGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_StaleGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Stale User Details – Creates the SA_EX_StaleGroups_Details table, accessible under the job’s - Results node -- 2. Group Summary – Creates the SA_EX_StaleGroups_GroupSummary table, accessible under the job’s - Results node -- 3. Stale Groups – Creates an interim processing table in the database, for use by downstream - analysis and report generations diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_circularnesting.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_circularnesting.md new file mode 100644 index 0000000000..2170da1aa9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_circularnesting.md @@ -0,0 +1,20 @@ +# EX_CircularNesting Job + +The EX_CircularNesting job identifies where circular nesting exists within distribution groups. + +## Analysis Tasks for the EX_CircularNesting Job + +View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership +Analysis** > **EX_CircularNesting** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_CircularNesting Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Circular Nesting Details – Creates the SA_EX_CircularNesting_Details table, accessible under + the job’s Results node +- 2. Domain Summary – Creates the SA_EX_CircularNesting_DomainSummary table, accessible under the + job’s Results node diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_emptygroups.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_emptygroups.md new file mode 100644 index 0000000000..cd6c1b1afa --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_emptygroups.md @@ -0,0 +1,25 @@ +# EX_EmptyGroups Job + +The EX_EmptyGroups job identifies empty distribution groups that are candidates for cleanup. + +## Analysis Tasks for the EX_EmptyGroups Job + +View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership +Analysis** > **EX_EmptyGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_EmptyGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- 0. Drop tables – Drops tables from previous runs +- 1. Empty Groups – Creates the SA_EX_EmptyGroups_Empty table, accessible under the job’s Results + node +- 2. Single User Groups – Creates the SA_EX_EmptyGroups_SingleUser table, accessible under the + job’s Results node +- 3. Summarize Empty Groups – Creates the SA_EX_EmptyGroups_EmptySummary table, accessible under + the job’s Results node +- 4. Summarize Single User Groups – Creates the SA_EX_EmptyGroups_SingleUserSummary table, + accessible under the job’s Results node diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_largestgroups.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_largestgroups.md new file mode 100644 index 0000000000..2a4f0d2665 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_largestgroups.md @@ -0,0 +1,18 @@ +# EX_LargestGroups Job + +The EX_LargestGroups job identifies distribution groups with a high member count. + +## Analysis Tasks for the EX_LargestGroups Job + +View the analysis task by navigating to the **Exchange** > **6. Distribution Lists** > **Membership +Analysis** > **EX_LargestGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_LargestGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp) + +The following analysis task is selected by default: + +- 1. Group Details – Creates the SA_EX_LargestGroups_Details table, accessible under the job’s + Results node diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_nestedgroups.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_nestedgroups.md new file mode 100644 index 0000000000..7e978bebd5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_nestedgroups.md @@ -0,0 +1,20 @@ +# EX_NestedGroups Job + +The EX_NestedGroups job identifies where nesting exists within distribution groups. + +## Analysis Tasks for the EX_NestedGroups Job + +View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership +Analysis** > **EX_NestedGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_NestedGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Details – Creates the SA_EX_NestedGroups_Details table, accessible under the job’s Results + node +- 2. Summarize by Domain – Creates the SA_EX_NestedGroups_DomainSummary table, accessible under + the job’s Results node diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_stalegroups.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_stalegroups.md new file mode 100644 index 0000000000..a020b41ce5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_stalegroups.md @@ -0,0 +1,23 @@ +# EX_StaleGroups Job + +The EX_StaleGroups job identifies potentially stale distribution groups based on the last domain +logon of the members. These groups should be reviewed and cleaned up. + +## Analysis Tasks for the EX_StaleGroups Job + +View the analysis tasks by navigating to the **Exchange** > **6. Distribution Lists** > **Membership +Analysis** > **EX_StaleGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_StaleGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Stale User Details – Creates the SA_EX_StaleGroups_Details table, accessible under the job’s + Results node +- 2. Group Summary – Creates the SA_EX_StaleGroups_GroupSummary table, accessible under the job’s + Results node +- 3. Stale Groups – Creates an interim processing table in the database, for use by downstream + analysis and report generations diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/overview.md index d13069f647..53fcc3f81e 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/overview.md @@ -4,17 +4,17 @@ The Membership Analysis job group provides visibility into toxic conditions cont environment, such as circular nesting, large groups, empty groups, nesting, and potentially stale groups. -![Membership Analysis Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp) +![Membership Analysis Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp) The jobs in the Membership Analysis job group are: -- [EX_CircularNesting Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-circularnesting.md) – Identifies where circular nesting exists within +- [EX_CircularNesting Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_circularnesting.md) – Identifies where circular nesting exists within distribution groups -- [EX_EmptyGroups Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-emptygroups.md) – Identifies empty distribution groups that are candidates +- [EX_EmptyGroups Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_emptygroups.md) – Identifies empty distribution groups that are candidates for cleanup -- [EX_LargestGroups Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-largestgroups.md) – Identifies distribution groups with a high member +- [EX_LargestGroups Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_largestgroups.md) – Identifies distribution groups with a high member count -- [EX_NestedGroups Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-nestedgroups.md) – Identifies where nesting exists within distribution +- [EX_NestedGroups Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_nestedgroups.md) – Identifies where nesting exists within distribution groups -- [EX_StaleGroups Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex-stalegroups.md) – Identifies potentially stale distribution groups based +- [EX_StaleGroups Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/ex_stalegroups.md) – Identifies potentially stale distribution groups based on the last domain logon of the members. These groups should be reviewed and cleaned up. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/overview.md index 61e5cbb3db..3cf3003cff 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/overview.md @@ -3,17 +3,17 @@ The 6. Distribution Lists job group lists the direct and effective membership to distribution lists, in addition to providing context around potentially stale distribution lists. -![6. Distribution Lists Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![6. Distribution Lists Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/jobstree.webp) The following comprise the 6. Distribution Lists job group: **NOTE:** These jobs are compatible with the Office 365 environment. -- [Effective Membership > EX_GroupExpansion Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex-groupexpansion.md) – Expands the direct +- [Effective Membership > EX_GroupExpansion Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex_groupexpansion.md) – Expands the direct membership of distribution groups in the environment - [Membership Analysis Job Group](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/overview.md) – Provides visibility into toxic conditions contained with the environment, such as circular nesting, large groups, empty groups, nesting, and potentially stale groups -- [EX_DLCleanup Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex-dlcleanup.md) – Identifies potentially stale distribution groups based on +- [EX_DLCleanup Job](/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/ex_dlcleanup.md) – Identifies potentially stale distribution groups based on the last domain logon of the members, membership counts, and last time mail was sent to the distribution lists. These DLs should be reviewed and cleaned up. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/recommended.md b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/recommended.md index d12c339e9d..31a741377c 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/distributionlists/recommended.md @@ -8,13 +8,13 @@ The following job groups need to be successfully run: - .Entra ID Inventory Job Group - (Optional) Exchange > 1. HUB Metrics Job Group - - Provides data on distribution list metrics for on-premise Exchange environments and the last - time a distribution list received mail + - Provides data on distribution list metrics for on-premise Exchange environments and the last + time a distribution list received mail - (Optional) Exchange > 8. Exchange Online > Mailflow Job Group - - Provides data on distribution list metrics for Exchange Online environments and the last time - a distribution list received mail + - Provides data on distribution list metrics for Exchange Online environments and the last time + a distribution list received mail Schedule Frequency diff --git a/docs/accessanalyzer/12.0/solutions/exchange/ex-useroverview.md b/docs/accessanalyzer/12.0/solutions/exchange/ex-useroverview.md deleted file mode 100644 index 9b156dd114..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/ex-useroverview.md +++ /dev/null @@ -1,71 +0,0 @@ -# EX_UserOverview Job - -The EX_UserOverview job provides correlation from multiple data collection points to show -information for each user about their mailbox size, mailbox access rights, mail flow metrics and -remote connectivity to the Exchange environment. These reports provide user impact analysis on the -environment. - -![EX_UserOverview Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/mailflowuseroverviewjobstree.webp) - -Dependencies - -The following job groups need to be successfully run prior to this job: - -- **.Active Directory Inventory** Job Group -- **.Entra ID Inventory** Job Group -- **Exchange** > **1. HUB Metrics** Job Group -- **Exchange** > **2. CAS Metrics** Job Group -- **Exchange** > **4. Mailboxes** > **Permissions** Job Group -- **Exchange** > **4.Mailboxes** > **Sizing** Job Group -- **Exchange** > **5. Public Folders** Job Group - -Schedule Frequency - -It is recommended to run this job daily after running its dependencies, but it can be scheduled to -run as desired. - -## Analysis Tasks for the EX_Mailflow_UserOverview Job - -View the analysis task by navigating to the **Exchange** > **EX_UserOverview** > **Configure** node -and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailflow_UserOverview Job](/img/product_docs/accessanalyzer/solutions/exchange/mailflowuseroverviewanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. User Overview – Creates the SA_EX_UserOverview_Permissions table, accessible under the job’s - Results node -- 2. Add delegate Information to Overview – Adds Delegates to the SA_EX_UserOverview_Permissions - table -- 3. Mailbox Access – Adds Mailbox Rights to the SA_EX_UserOverview_Permissions table -- 4. Send As – Adds Send As Rights to the SA_EX_UserOverview_Permissions table -- 5. Public Folders – Adds Public Folder Permissions to the SA_EX_UserOverview_Permissions table -- 6. DL Membership – Adds DL Membership to the SA_EX_UserOverview_Permissions table -- 7. Mailbox Size – Adds Mailbox Size to the SA_EX_UserOverview_Permissions table -- 8. Permission Listing – Creates a listing of each user and their access rights in the - environment -- 9. Rank by Total Permissions – Adds Ranks to the SA_EX_UserOverview_Permissions table -- 10. Summarize User Message Traffic – Creates the SA_EX_UserOverview_MessageTraffic table, - accessible under the job’s Results node -- 11. Active Sync Devices – Updates table with User ActiveSync Devices -- 12. Message Traffic Date Ranges – Creates the SA_EX_MessageTraffic_DateRange table, accessible - under the job’s Results node -- 13. Summarize User Message Volume – Creates the SA_EX_UserOverview_DataVolume table, accessible - under the job’s Results node -- 14. RPC Volume – Updates SA_EX_UserOverview_Datavolume table with RPC volume -- 15. OWA Volume – Updates SA_EX_UserOverview_Datavolume table with OWA volume -- 16. ActiveSync Volume – Updates SA_EX_UserOverview_Datavolume table with ActiveSync volume -- 17. Data Volume Date Ranges – Creates the SA_EX_TrafficOverview_DateRange table, accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the EX_UserOverview job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Top Users by Message Traffic | This report shows the top users of Exchange based on the past 30 days of message count. | None | This report is comprised of two elements: - Bar Chart– Displays top users by 30 day message traffic - Table – Provides details on top users by 30 day message traffic | -| Top Users by Message Volume | This report shows the top users of Exchange based on the past 30 days of message volume. All statistics are in megabytes | None | This report is comprised of two elements: - Bar Chart – Displays top users by message volume - Table – Provides details on top users by message volume | -| Top Users by Permissions (Exchange User Access) | This report identifies users with a broad range of access across the exchange environment. | None | This report is comprised of three elements: - Bar Chart – Displays top users by permission count - Table – Provides details on top users by permission count - Table – Provides details on permission listing by user | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/ex_useroverview.md b/docs/accessanalyzer/12.0/solutions/exchange/ex_useroverview.md new file mode 100644 index 0000000000..1732520671 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/ex_useroverview.md @@ -0,0 +1,71 @@ +# EX_UserOverview Job + +The EX_UserOverview job provides correlation from multiple data collection points to show +information for each user about their mailbox size, mailbox access rights, mail flow metrics and +remote connectivity to the Exchange environment. These reports provide user impact analysis on the +environment. + +![EX_UserOverview Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailflowuseroverviewjobstree.webp) + +Dependencies + +The following job groups need to be successfully run prior to this job: + +- **.Active Directory Inventory** Job Group +- **.Entra ID Inventory** Job Group +- **Exchange** > **1. HUB Metrics** Job Group +- **Exchange** > **2. CAS Metrics** Job Group +- **Exchange** > **4. Mailboxes** > **Permissions** Job Group +- **Exchange** > **4.Mailboxes** > **Sizing** Job Group +- **Exchange** > **5. Public Folders** Job Group + +Schedule Frequency + +It is recommended to run this job daily after running its dependencies, but it can be scheduled to +run as desired. + +## Analysis Tasks for the EX_Mailflow_UserOverview Job + +View the analysis task by navigating to the **Exchange** > **EX_UserOverview** > **Configure** node +and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailflow_UserOverview Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailflowuseroverviewanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. User Overview – Creates the SA_EX_UserOverview_Permissions table, accessible under the job’s + Results node +- 2. Add delegate Information to Overview – Adds Delegates to the SA_EX_UserOverview_Permissions + table +- 3. Mailbox Access – Adds Mailbox Rights to the SA_EX_UserOverview_Permissions table +- 4. Send As – Adds Send As Rights to the SA_EX_UserOverview_Permissions table +- 5. Public Folders – Adds Public Folder Permissions to the SA_EX_UserOverview_Permissions table +- 6. DL Membership – Adds DL Membership to the SA_EX_UserOverview_Permissions table +- 7. Mailbox Size – Adds Mailbox Size to the SA_EX_UserOverview_Permissions table +- 8. Permission Listing – Creates a listing of each user and their access rights in the + environment +- 9. Rank by Total Permissions – Adds Ranks to the SA_EX_UserOverview_Permissions table +- 10. Summarize User Message Traffic – Creates the SA_EX_UserOverview_MessageTraffic table, + accessible under the job’s Results node +- 11. Active Sync Devices – Updates table with User ActiveSync Devices +- 12. Message Traffic Date Ranges – Creates the SA_EX_MessageTraffic_DateRange table, accessible + under the job’s Results node +- 13. Summarize User Message Volume – Creates the SA_EX_UserOverview_DataVolume table, accessible + under the job’s Results node +- 14. RPC Volume – Updates SA_EX_UserOverview_Datavolume table with RPC volume +- 15. OWA Volume – Updates SA_EX_UserOverview_Datavolume table with OWA volume +- 16. ActiveSync Volume – Updates SA_EX_UserOverview_Datavolume table with ActiveSync volume +- 17. Data Volume Date Ranges – Creates the SA_EX_TrafficOverview_DateRange table, accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the EX_UserOverview job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Top Users by Message Traffic | This report shows the top users of Exchange based on the past 30 days of message count. | None | This report is comprised of two elements: - Bar Chart– Displays top users by 30 day message traffic - Table – Provides details on top users by 30 day message traffic | +| Top Users by Message Volume | This report shows the top users of Exchange based on the past 30 days of message volume. All statistics are in megabytes | None | This report is comprised of two elements: - Bar Chart – Displays top users by message volume - Table – Provides details on top users by message volume | +| Top Users by Permissions (Exchange User Access) | This report identifies users with a broad range of access across the exchange environment. | None | This report is comprised of three elements: - Bar Chart – Displays top users by permission count - Table – Provides details on top users by permission count - Table – Provides details on permission listing by user | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/appletstatuscheck.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/appletstatuscheck.md index 7ea31000ff..c7dc945f0d 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/appletstatuscheck.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/appletstatuscheck.md @@ -9,7 +9,7 @@ The .AppletStatusCheck Job uses the Script Data Collector. **CAUTION:** Do not modify the query. The query is preconfigured for this job. -![Queries for the .AppletStatusCheck Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp) +![Queries for the .AppletStatusCheck Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp) The following query is included with the .AppletStatusCheck Job: diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md deleted file mode 100644 index 6281dc5617..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md +++ /dev/null @@ -1,146 +0,0 @@ -# EX_MetricsCollection Job - -The EX_MetricsCollection Job is comprised of multiple queries that utilize the ExchangeMetrics Data -Collector to process and collect the message tracking logs on the Exchange servers in the -environment. These queries collect server, domain, user, and distribution list traffic including but -not limited to: sent, received, journal, NDRs, and transports messages. These queries are configured -to process and collect that previous 7 days of Message Tracking Logs the first time this job is run, -after that it only collects the previous day unless the **Enable Persistent Log State** option has -been enabled in the query. - -**_RECOMMENDED:_** Run this job with the default configuration settings for all queries. - -See the -[ExchangeMetrics Data Collector](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/overview.md) topic -for additional information. - -## Queries for the EX_MetricsCollection Job - -The EX_MetricsCollection Job uses the ExchangeMetrics Data Collector. - -![Queries for the EX_MetricsCollection Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp) - -The following queries are included in the EX_MetricsCollection Job: - -- Server Metrics – Collects server metrics -- User Metrics – Collects user metrics -- Internet Traffic Metrics – Collects internet traffic metrics -- Distribution List Metrics – Collects distribution list metrics -- Message Size Metrics – Collects message size metrics -- Delivery Time – Collects delivery times metrics -- Hourly Statistics – Collects server metrics - -## Analysis Tasks for the EX_MetrixCollection Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **0. Collection** > -**EX_MetricsCollection** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_MetrixCollection Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Delivery Times History – Creates the SA_ExhangeMetrics_DeliveryTimes table, accessible under - the job’s Results node -- 2. DL History – Creates the SA*EX* ExhangeMetrics_DistributionLists table, accessible under the - job’s Results node -- 3. Internet Traffic History – Creates the SA_EX_ExhangeMetrics_InternetTraffic table, accessible - under the job’s Results node -- 4. Hourly Traffic History – Creates the SA_EX_ExhangeMetrics_HourlyTraffic table, accessible - under the job’s Results node -- 5. User Traffic History – Creates the SA_EX_ExhangeMetrics_UserTraffic table, accessible under - the job’s Results node -- 6. Message Size History – Creates the SA_EX_ExhangeMetrics_MessageSize table, accessible under - the job’s Results node -- 7. Server Traffic History – Creates the SA_EX_ExhangeMetrics_ServerTraffic table, accessible - under the job’s Results node -- 8. SET HISTORY RETENTION – Sets retention period in months - - - By default set to retain **6 months** - - This retention period can be modified. See the - [Exchange History Retention](#exchange-history-retention) topic for additional information. - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain deselected unless specifically needed: - -**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. Deletes all Stored Data - LEAVE UNCHECKED – Clears all historical data - - - See the [Troubleshooting Data Collection](#troubleshooting-data-collection) topic for - additional information - -## Exchange History Retention - -The **08. SET HISTORY RETENTION** analysis task controls the retention period for the job’s data. -This is why the Data Retention Period options at the global, job group, or job Properties settings -are not supported for the job group. The number of months can be modified. If desired, the parameter -can be set to a specified number of days. Follow these steps to modify the history retention period. - -**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. - -![08. SET HISTORY RETENTION task in the Analysis Selection view](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp) - -**Step 2 –** In the Analysis Selection view, select the **08. SET HISTORY RETENTION** analysis task -and click **Analysis Configuration**. The SQL Script Editor opens. - -![History Retention task in SQL Script Editor](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp) - -**Step 3 –** To modify the number of months: On line 6, modify the value for the months parameter: - -Skip to Step 5. - -**Step 4 –** To change the period parameter from months to days: - -- Comment out lines 4, 6, and 8 which contain the months parameter. To comment out a line add `--` - preceding it. The months parameter section should be as follows: - - ``` - --Sets Retention Period in Months - --Declare @Months Float - --To Change the numbers of months to keep, Modify this value - --set @Months = 6 - --Creates RetentionPeriod to be utilize in Where Clause - --Set @RetentionPeriod = CAST(DATEADD(MM, -@Months, GETDATE()) AS DATE) - ``` - -- Uncomment out (remove `--` from) lines 12, 13, and 14 (which contain the days parameter). The days - parameter section should be as follows: -- If desired, modify the number of days on line 13. The default days parameter is set to 30 days. - -**Step 5 –** Click **Save and Close**. The SQL Script Editor closes. - -The modified history retention period is now applied during future job executions. - -## Troubleshooting Data Collection - -There might be times when it is necessary to purge the data either through dropping the tables from -the database or truncating the data within the tables. This option is provided through ananalysis -task that is not selected by default. Only one analysis task within a job should be enabled when the -desire is to purge that database. - -**CAUTION:** This analysis task deletes information collected or produced by jobs in this solution. - -Follow these steps to troubleshoot data collection: - -**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. - -![Troubleshooting task selection](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp) - -**Step 2 –** In the Analysis Selection view, clear all default analysis tasks (if any) and select -the analysis task which purges data. - -_Remember,_ only one task should be selected. - -**Step 3 –** In the Navigation pane, right-click the **Analysis** node and select **Execute -Analyses**. - -**Step 4 –** After the analysis task has been executed, return to the Analysis Selection view. -Deselect the analysis task which was executed and reselect the default analysis tasks (if any had -been cleared in Step 2). - -The selected purge of data and tables has taken place, and the analysis tasks have been reset to the -default state. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricsdetails.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricsdetails.md deleted file mode 100644 index f4c78ce74e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricsdetails.md +++ /dev/null @@ -1,84 +0,0 @@ -# EX_MetricsDetails Job - -The EX_MetricsDetails Job collects daily user-to-user Traffic. Walk through this jobs query to -configure the internal domains to collect the sender to recipient traffic from. By default, the -query is configured to collect the previous 1 day of Message Tracking Logs and has @netwrix.com -configured as the domain. If the domains are not configured in the query, then most likely data -collection does not return. - -## Queries for the EX_MetricsDetails Job - -The EX_MetricsDetails Job uses the ExchangeMetrics Data Collector. - -![Queries for the EX_MetricsDetails Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp) - -The following query is included in the EX_MetricsDetails Job: - -- Activity metrics – Collects user to user traffic per day - - - Domains must be configured for data collection to return data - - See the [Configure the Activity Metrics Query](#configure-the-activity-metrics-query) topic - for additional information - -### Configure the Activity Metrics Query - -The Activity Metrics Query has been preconfigured to run with the ExchangeMetrics Data Collector to -collect user traffic per day. The domains must be configured for data collection to return data. - -Follow the steps to configure the Activity Metrics Query. - -**Step 1 –** Navigate to the **Exchange** > **1. HUB Metrics** > **0. Collection** > -**EX_MetricsDetails** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the Activity metrics Query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Exchange Metrics Data -Collector Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. - -![Exchange Metrics Data Collector Wizard Message Activity Filter page](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp) - -**Step 4 –** Navigate to the -[ExchangeMetrics: Message Activity Filter](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/message-activity-filter.md) -page to configure the internal domains from which to collect the sender to recipient traffic. The -filter should remain **Ends With**. Replace the `@netwrix.com` variable for both the **Senders** and -**Recipients** with the `@domain.com` variable to be audited. - -**Step 5 –** Navigate to the Summary page and click **Finish**. - -The EX_MetricsDetails Job returns data for the identified sender and recipient domains. - -## Analysis Tasks for the EX_MetricsDetails Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **0. Collection** > -**EX_MetricsDetails** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_MetricsDetails Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. User to User Traffic History – Creates the SA_EX_ExhangeMetrics_MessageTraffic table - accessible under the job’s Results node -- 2. SET HISTORY RETENTION – Sets retention period in months - - - By default set to retain **6 months** - - This retention period can be modified. See the - [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#exchange-history-retention) topic for - additional information. - -The following analysis task clears table data from data collection and analysis jobs. This analysis -task should remain deselected unless specifically needed: - -**CAUTION:** Do not select the **00. DROP HISTORY** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. DROP HISTORY - LEAVE UNCHECKED – Clears all historical data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#troubleshooting-data-collection) - topic for additional information diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md new file mode 100644 index 0000000000..9c33a7af91 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md @@ -0,0 +1,146 @@ +# EX_MetricsCollection Job + +The EX_MetricsCollection Job is comprised of multiple queries that utilize the ExchangeMetrics Data +Collector to process and collect the message tracking logs on the Exchange servers in the +environment. These queries collect server, domain, user, and distribution list traffic including but +not limited to: sent, received, journal, NDRs, and transports messages. These queries are configured +to process and collect that previous 7 days of Message Tracking Logs the first time this job is run, +after that it only collects the previous day unless the **Enable Persistent Log State** option has +been enabled in the query. + +**_RECOMMENDED:_** Run this job with the default configuration settings for all queries. + +See the +[ExchangeMetrics Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/overview.md) topic +for additional information. + +## Queries for the EX_MetricsCollection Job + +The EX_MetricsCollection Job uses the ExchangeMetrics Data Collector. + +![Queries for the EX_MetricsCollection Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp) + +The following queries are included in the EX_MetricsCollection Job: + +- Server Metrics – Collects server metrics +- User Metrics – Collects user metrics +- Internet Traffic Metrics – Collects internet traffic metrics +- Distribution List Metrics – Collects distribution list metrics +- Message Size Metrics – Collects message size metrics +- Delivery Time – Collects delivery times metrics +- Hourly Statistics – Collects server metrics + +## Analysis Tasks for the EX_MetrixCollection Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **0. Collection** > +**EX_MetricsCollection** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_MetrixCollection Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Delivery Times History – Creates the SA_ExhangeMetrics_DeliveryTimes table, accessible under + the job’s Results node +- 2. DL History – Creates the SA*EX* ExhangeMetrics_DistributionLists table, accessible under the + job’s Results node +- 3. Internet Traffic History – Creates the SA_EX_ExhangeMetrics_InternetTraffic table, accessible + under the job’s Results node +- 4. Hourly Traffic History – Creates the SA_EX_ExhangeMetrics_HourlyTraffic table, accessible + under the job’s Results node +- 5. User Traffic History – Creates the SA_EX_ExhangeMetrics_UserTraffic table, accessible under + the job’s Results node +- 6. Message Size History – Creates the SA_EX_ExhangeMetrics_MessageSize table, accessible under + the job’s Results node +- 7. Server Traffic History – Creates the SA_EX_ExhangeMetrics_ServerTraffic table, accessible + under the job’s Results node +- 8. SET HISTORY RETENTION – Sets retention period in months + + - By default set to retain **6 months** + - This retention period can be modified. See the + [Exchange History Retention](#exchange-history-retention) topic for additional information. + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain deselected unless specifically needed: + +**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. Deletes all Stored Data - LEAVE UNCHECKED – Clears all historical data + + - See the [Troubleshooting Data Collection](#troubleshooting-data-collection) topic for + additional information + +## Exchange History Retention + +The **08. SET HISTORY RETENTION** analysis task controls the retention period for the job’s data. +This is why the Data Retention Period options at the global, job group, or job Properties settings +are not supported for the job group. The number of months can be modified. If desired, the parameter +can be set to a specified number of days. Follow these steps to modify the history retention period. + +**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. + +![08. SET HISTORY RETENTION task in the Analysis Selection view](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp) + +**Step 2 –** In the Analysis Selection view, select the **08. SET HISTORY RETENTION** analysis task +and click **Analysis Configuration**. The SQL Script Editor opens. + +![History Retention task in SQL Script Editor](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp) + +**Step 3 –** To modify the number of months: On line 6, modify the value for the months parameter: + +Skip to Step 5. + +**Step 4 –** To change the period parameter from months to days: + +- Comment out lines 4, 6, and 8 which contain the months parameter. To comment out a line add `--` + preceding it. The months parameter section should be as follows: + + ``` + --Sets Retention Period in Months + --Declare @Months Float + --To Change the numbers of months to keep, Modify this value + --set @Months = 6 + --Creates RetentionPeriod to be utilize in Where Clause + --Set @RetentionPeriod = CAST(DATEADD(MM, -@Months, GETDATE()) AS DATE) + ``` + +- Uncomment out (remove `--` from) lines 12, 13, and 14 (which contain the days parameter). The days + parameter section should be as follows: +- If desired, modify the number of days on line 13. The default days parameter is set to 30 days. + +**Step 5 –** Click **Save and Close**. The SQL Script Editor closes. + +The modified history retention period is now applied during future job executions. + +## Troubleshooting Data Collection + +There might be times when it is necessary to purge the data either through dropping the tables from +the database or truncating the data within the tables. This option is provided through ananalysis +task that is not selected by default. Only one analysis task within a job should be enabled when the +desire is to purge that database. + +**CAUTION:** This analysis task deletes information collected or produced by jobs in this solution. + +Follow these steps to troubleshoot data collection: + +**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. + +![Troubleshooting task selection](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp) + +**Step 2 –** In the Analysis Selection view, clear all default analysis tasks (if any) and select +the analysis task which purges data. + +_Remember,_ only one task should be selected. + +**Step 3 –** In the Navigation pane, right-click the **Analysis** node and select **Execute +Analyses**. + +**Step 4 –** After the analysis task has been executed, return to the Analysis Selection view. +Deselect the analysis task which was executed and reselect the default analysis tasks (if any had +been cleared in Step 2). + +The selected purge of data and tables has taken place, and the analysis tasks have been reset to the +default state. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricsdetails.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricsdetails.md new file mode 100644 index 0000000000..c3f5fbea67 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricsdetails.md @@ -0,0 +1,84 @@ +# EX_MetricsDetails Job + +The EX_MetricsDetails Job collects daily user-to-user Traffic. Walk through this jobs query to +configure the internal domains to collect the sender to recipient traffic from. By default, the +query is configured to collect the previous 1 day of Message Tracking Logs and has @netwrix.com +configured as the domain. If the domains are not configured in the query, then most likely data +collection does not return. + +## Queries for the EX_MetricsDetails Job + +The EX_MetricsDetails Job uses the ExchangeMetrics Data Collector. + +![Queries for the EX_MetricsDetails Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp) + +The following query is included in the EX_MetricsDetails Job: + +- Activity metrics – Collects user to user traffic per day + + - Domains must be configured for data collection to return data + - See the [Configure the Activity Metrics Query](#configure-the-activity-metrics-query) topic + for additional information + +### Configure the Activity Metrics Query + +The Activity Metrics Query has been preconfigured to run with the ExchangeMetrics Data Collector to +collect user traffic per day. The domains must be configured for data collection to return data. + +Follow the steps to configure the Activity Metrics Query. + +**Step 1 –** Navigate to the **Exchange** > **1. HUB Metrics** > **0. Collection** > +**EX_MetricsDetails** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the Activity metrics Query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Exchange Metrics Data +Collector Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. + +![Exchange Metrics Data Collector Wizard Message Activity Filter page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp) + +**Step 4 –** Navigate to the +[ExchangeMetrics: Message Activity Filter](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messageactivityfilter.md) +page to configure the internal domains from which to collect the sender to recipient traffic. The +filter should remain **Ends With**. Replace the `@netwrix.com` variable for both the **Senders** and +**Recipients** with the `@domain.com` variable to be audited. + +**Step 5 –** Navigate to the Summary page and click **Finish**. + +The EX_MetricsDetails Job returns data for the identified sender and recipient domains. + +## Analysis Tasks for the EX_MetricsDetails Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **0. Collection** > +**EX_MetricsDetails** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_MetricsDetails Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. User to User Traffic History – Creates the SA_EX_ExhangeMetrics_MessageTraffic table + accessible under the job’s Results node +- 2. SET HISTORY RETENTION – Sets retention period in months + + - By default set to retain **6 months** + - This retention period can be modified. See the + [Exchange History Retention](ex_metricscollection.md#exchange-history-retention) topic for + additional information. + +The following analysis task clears table data from data collection and analysis jobs. This analysis +task should remain deselected unless specifically needed: + +**CAUTION:** Do not select the **00. DROP HISTORY** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. DROP HISTORY - LEAVE UNCHECKED – Clears all historical data + + - See the + [Troubleshooting Data Collection](ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/overview.md index 4d978bb05b..c9641ec701 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/overview.md @@ -3,22 +3,22 @@ The 0.Collection Job Group is comprised of jobs that process and analyze the message tracking logs on the Exchange Servers in the environment. -![jobstree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![jobstree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/jobstree.webp) The jobs in the 0.Collection Job Group are: - [.AppletStatusCheck Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/appletstatuscheck.md) – Checks the health and status of the applet deployed to the target Exchange servers -- [EX_MetricsCollection Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md) – Comprised of multiple queries that utilize +- [EX_MetricsCollection Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md) – Comprised of multiple queries that utilize the Exchange Metrics Data Collect to process and collect the message tracking logs on the Exchange servers in the environment. These queries collect server, domain, user, and distribution list traffic including but not limited to sent, received, journal, NDRs, and transports message. These queries are configured to process and collect that previous 7 days of Message Tracking Logs the first time this job is run, after that it only collects the previous day assuming persistence has not been disabled inside the query. -- [EX_MetricsDetails Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricsdetails.md) – Collects user to user traffic per day +- [EX_MetricsDetails Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricsdetails.md) – Collects user to user traffic per day - **NOTE:** This job's query needs to be configured to the internal domains from which to collect - the sender to recipient traffic. By default, the query is configured to collect the previous 1 - day of Message Tracking Logs and has @netwrix.com configured as the domain. If the domains are - not configured in the query, then most likely data collection does not return. + **NOTE:** This job's query needs to be configured to the internal domains from which to collect + the sender to recipient traffic. By default, the query is configured to collect the previous 1 + day of Message Tracking Logs and has @netwrix.com configured as the domain. If the domains are + not configured in the query, then most likely data collection does not return. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-deliverytimes.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-deliverytimes.md deleted file mode 100644 index bc840ec979..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-deliverytimes.md +++ /dev/null @@ -1,33 +0,0 @@ -# EX_DeliveryTimes Job - -The EX_DeliveryTimes Job provides information around organizational and server-level delivery times. - -## Analysis Tasks for the EX_DeliveryTimes Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > -**EX_DeliveryTimes** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_DeliveryTimes Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/deliverytimesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Server SLA – Creates the SA_EX_DeliveryTimes_ServerSLA table, accessible under the job’s - Results node -- 2. Org SLA – Creates the SA_EX_DeliveryTimes_OrgSLA table, accessible under the job’s Results - node -- 3. Org pivot – Creates the SA_EX_DeliveryTimes_OrgDeliveryByCount table, accessible under the - job’s Results node -- 4. Org By Volume – Creates the SA_EX_DeliveryTimes_OrgDeliveryByVolume table, accessible under - the job’s Results node -- 5. Org Delivery By Count Last 30 Days – Creates the SA_EX_DeliveryTimes_OrgDeliveryByCountLast30 - table, accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the EX_DeliveryTimes Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | --------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Delivery Times | This report highlights delivery times overall and by server to identify potential issues with SLAs. | None | This report is comprised of three elements: - Line Chart – Displays percent of mail delivered by time frame (last 30 days) - Table – Provides details on mail delivered by time frame - Table – Provides details on percentage of mail delivered in under 1 minute | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-dlmetrics.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-dlmetrics.md deleted file mode 100644 index 81a2b335ce..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-dlmetrics.md +++ /dev/null @@ -1,28 +0,0 @@ -# EX_DLMetrics Job - -The EX_DLMetrics Job provides information around distribution list usage. - -## Analysis Tasks for the EX_DLMetrics Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **EX_DLMetrics** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_DLMetrics Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/dlmetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. DL Metrics – Creates the SA_EX_DLMetrics_Details table, accessible under the job’s Results - node -- 2. Historical Metrics – Creates the SA_EX_DLMetrics_HistoricalStatistics table, accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the EX_DLMetrics Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------------------------ | ------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Distribution Lists by Message Count (Most Active DLs by Message Count) | This report identifies the most active distribution lists by count of messages sent. | None | This report is comprised of two elements: - Bar Chart – Displays top distribution lists by message count (last 30 days) - Table – Provides details on top distribution lists by message count (last 30 days) | -| Distribution Lists by Message Volume (Most Active DLs by Message Volume) | This report identifies the most active distribution lists by volume of messages sent. | None | This report is comprised of two elements: - Bar Chart – Displays top distribution lists by message volume (last 30 days) - Table – Provides details on distribution lists by message volume (last 30 days) | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-domainmetrics.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-domainmetrics.md deleted file mode 100644 index 6d4f31d6da..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-domainmetrics.md +++ /dev/null @@ -1,29 +0,0 @@ -# EX_DomainMetrics Job - -The EX_DomainMetrics Job provides information about where the domain’s mail flow is going to and -coming from. - -## Analysis Tasks for the EX_DomainMetrics Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > -**EX_DomainMetrics** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_DomainMetrics Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/domainmetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. External Domain Traffic - Count – Creates the SA_EX_DomainMetrics_Count table, accessible - under the job’s Results node -- 2. External Domain Traffic - Volume – Creates the SA_EX_DomainMetrics_Volume table, accessible - under the job’s Results node - -In addition to the tables and views by the analysis tasks, the EX_DomainMetrics Job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------------- | -------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Top External Domains by Message Count (Top External Domains) | This report identifies which external domains have the largest traffic flow between organizations. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays access by team - Table – Provides a database access summary - Table – Provides database access details | -| Top External Domains by Message Volume (Top External Domains) | This report identifies which external domains have the largest traffic flow between orgs. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top domain by message count (30 days) - Table – Provides details on top domain by message count (30 days) | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-hourlymetrics.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-hourlymetrics.md deleted file mode 100644 index b0d5855b8d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-hourlymetrics.md +++ /dev/null @@ -1,32 +0,0 @@ -# EX_HourlyMetrics Job - -The EX_HourlyMetrics Job provides visibility into how much mail-flow the organization sends and -receives each hour. - -## Analysis Tasks for the EX_HourlyMetrics Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > -**EX_HourlyMetrics** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_HourlyMetrics Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Server Averages – Creates the SA_EX_HourlyMetrics_ServerAverages table, accessible under the - job’s Results node -- 2. Org Averages – Creates the SA_EX_HourlyMetrics_OrgAverages table, accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the EX_HourlyMetrics Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Hourly Traffic (Average Hourly Traffic) | This report identifies which hours during the day have the most traffic by count of messages. | None | This report is comprised of two elements: - Column Chart – Displays average hourly traffic by enterprise - Table – Provides details on average hourly traffic by server | -| Hourly Volume (Average Hourly Volume) | This report identifies which hours during the day have the most traffic by volume of messages. | None | This report is comprised of two elements: - Column Chart – Displays average hourly volume (MB) - Table – Provides details on server averages | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-messagesize.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-messagesize.md deleted file mode 100644 index 65a0663050..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-messagesize.md +++ /dev/null @@ -1,25 +0,0 @@ -# EX_MessageSize Job - -The EX_MessageSize Job provides information around the size of sent and received messages. - -## Analysis Tasks for the EX_MessageSize Job - -View the analysis task by navigating to the **Exchange** > **1. HUB Metrics** > **EX_MessageSize** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_MessageSize Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/messagesizeanalysis.webp) - -The following analysis task is selected by default: - -- 1. Message Size by Server – Creates the SA_EX_MessageSize_HostSummary table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis task, the EX_MessageSize Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | ------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Message Size | This report identifies servers which handle the largest mail. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by average message size (KB) - Table – Provides details on average message size by server (KB) | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-servermetrics.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-servermetrics.md deleted file mode 100644 index a0a396831e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-servermetrics.md +++ /dev/null @@ -1,40 +0,0 @@ -# EX_ServerMetrics Job - -The EX_ServerMetrics Job provides visibility into server mail flow statistics, such as, sent, -received, journaling, transport, and NDR counts and sizes. - -## Analysis Tasks for the EX_ServerMetrics Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > -**EX_ServerMetrics** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_ServerMetrics Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/servermetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Transport – Creates the SA_EX_ServerMetrics_Transport table, accessible under the job’s - Results node -- 2. NDRs – Creates the SA_EX_ServerMetrics_NDRs table, accessible under the job’s Results node -- 3. Journaling – Creates the SA_EX_ServerMetrics_Journaling table, accessible under the job’s - Results node -- 4. Yesterday – Creates the SA_EX_ServerMetrics_Yesterday table, accessible under the job’s - Results node -- 5. Last 7 Days – Creates the SA_EX_ServerMetrics_Last7Days table, accessible under the job’s - Results node -- 6. Last 30 Days – Creates the SA_EX_ServerMetrics_Last30Days table, accessible under the job’s - Results node -- 7. Historical Statistics – Creates the SA_EX_ServerMetrics_HistoricalStatistics table, - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the EX_ServerMetrics Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------- | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Journaling (Journaling Traffic) | This report summarizes journaling message traffic across the organization. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by journaling messages (last 30 days) - Table – Provides details on top servers by journaling messages (last 30 days) | -| NDRs (Exchange NDRs) | This report shows NDR counts broken down by server. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by NDRs (last 30 days) - Table – Provides details on top servers by NDRs (last 30 days) | -| Server Traffic (Top Servers by Traffic) | This report summarizes server traffic across the organization for the Last 30 Days. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top servers by total traffic - Table – Provides details top servers by total traffic | -| Transport (Transport Messages) | This report summarizes transport messages across the exchange organization. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by transport messages (last 30 days) - Table – Provides details on top servers by transport messages (last 30 days) | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-usermetrics.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-usermetrics.md deleted file mode 100644 index 24330c3709..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-usermetrics.md +++ /dev/null @@ -1,30 +0,0 @@ -# EX_UserMetrics Job - -The EX_UserMetrics Job provides information around each users mail-flow in the organization. - -## Analysis Tasks for the EX_UserMetrics Job - -View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > -**EX_UserMetrics** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_UserMetrics Job](/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/usermetricsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. User Metrics - Volume – Creates the SA_EX_UserMetrics_Volume table, accessible under the - job’s Results node -- 2. User Metrics - Count – Creates the SA_EX_UserMetrics_Count table, accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the EX_UserMetrics Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------- | ----------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Top Receivers by Message Count | This report identifies users who have received the most messages. | None | This report is comprised of two elements: - Bar Chart – Displays top receivers by message count (last 30 days) - Table – Provides details on top receivers by message count (last 30 days) | -| Top Receivers by Message Volume | This report identifies users who have received the most mail by total volume. | None | This report is comprised of two elements: - Bar Chart – Displays top receivers by message volume (last 30 days) - Table – Provides details on top receivers by message volume (last 30 days) | -| Top Senders by Message Count | This report identifies users who have sent the most mail. | None | This report is comprised of two elements: - Bar Chart – Displays top senders by message count (last 30 days) - Table – Provides details on top senders by message count (last 30 days) | -| Top Senders by Message Volume | This report identifies users who have sent the most mail by total volume. | None | This report is comprised of two elements: - Bar Chart – Displays top senders by message volume (last 30 days) - Table – Provides details on top senders by message volume (last 30 days) | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_deliverytimes.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_deliverytimes.md new file mode 100644 index 0000000000..1099bdb297 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_deliverytimes.md @@ -0,0 +1,33 @@ +# EX_DeliveryTimes Job + +The EX_DeliveryTimes Job provides information around organizational and server-level delivery times. + +## Analysis Tasks for the EX_DeliveryTimes Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > +**EX_DeliveryTimes** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_DeliveryTimes Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/deliverytimesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Server SLA – Creates the SA_EX_DeliveryTimes_ServerSLA table, accessible under the job’s + Results node +- 2. Org SLA – Creates the SA_EX_DeliveryTimes_OrgSLA table, accessible under the job’s Results + node +- 3. Org pivot – Creates the SA_EX_DeliveryTimes_OrgDeliveryByCount table, accessible under the + job’s Results node +- 4. Org By Volume – Creates the SA_EX_DeliveryTimes_OrgDeliveryByVolume table, accessible under + the job’s Results node +- 5. Org Delivery By Count Last 30 Days – Creates the SA_EX_DeliveryTimes_OrgDeliveryByCountLast30 + table, accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the EX_DeliveryTimes Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | --------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Delivery Times | This report highlights delivery times overall and by server to identify potential issues with SLAs. | None | This report is comprised of three elements: - Line Chart – Displays percent of mail delivered by time frame (last 30 days) - Table – Provides details on mail delivered by time frame - Table – Provides details on percentage of mail delivered in under 1 minute | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_dlmetrics.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_dlmetrics.md new file mode 100644 index 0000000000..2918d2975b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_dlmetrics.md @@ -0,0 +1,28 @@ +# EX_DLMetrics Job + +The EX_DLMetrics Job provides information around distribution list usage. + +## Analysis Tasks for the EX_DLMetrics Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > **EX_DLMetrics** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_DLMetrics Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/dlmetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. DL Metrics – Creates the SA_EX_DLMetrics_Details table, accessible under the job’s Results + node +- 2. Historical Metrics – Creates the SA_EX_DLMetrics_HistoricalStatistics table, accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the EX_DLMetrics Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------------------------ | ------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Distribution Lists by Message Count (Most Active DLs by Message Count) | This report identifies the most active distribution lists by count of messages sent. | None | This report is comprised of two elements: - Bar Chart – Displays top distribution lists by message count (last 30 days) - Table – Provides details on top distribution lists by message count (last 30 days) | +| Distribution Lists by Message Volume (Most Active DLs by Message Volume) | This report identifies the most active distribution lists by volume of messages sent. | None | This report is comprised of two elements: - Bar Chart – Displays top distribution lists by message volume (last 30 days) - Table – Provides details on distribution lists by message volume (last 30 days) | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_domainmetrics.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_domainmetrics.md new file mode 100644 index 0000000000..4b433ba836 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_domainmetrics.md @@ -0,0 +1,29 @@ +# EX_DomainMetrics Job + +The EX_DomainMetrics Job provides information about where the domain’s mail flow is going to and +coming from. + +## Analysis Tasks for the EX_DomainMetrics Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > +**EX_DomainMetrics** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_DomainMetrics Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/domainmetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. External Domain Traffic - Count – Creates the SA_EX_DomainMetrics_Count table, accessible + under the job’s Results node +- 2. External Domain Traffic - Volume – Creates the SA_EX_DomainMetrics_Volume table, accessible + under the job’s Results node + +In addition to the tables and views by the analysis tasks, the EX_DomainMetrics Job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------------- | -------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Top External Domains by Message Count (Top External Domains) | This report identifies which external domains have the largest traffic flow between organizations. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays access by team - Table – Provides a database access summary - Table – Provides database access details | +| Top External Domains by Message Volume (Top External Domains) | This report identifies which external domains have the largest traffic flow between orgs. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top domain by message count (30 days) - Table – Provides details on top domain by message count (30 days) | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_hourlymetrics.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_hourlymetrics.md new file mode 100644 index 0000000000..0feba22184 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_hourlymetrics.md @@ -0,0 +1,32 @@ +# EX_HourlyMetrics Job + +The EX_HourlyMetrics Job provides visibility into how much mail-flow the organization sends and +receives each hour. + +## Analysis Tasks for the EX_HourlyMetrics Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > +**EX_HourlyMetrics** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_HourlyMetrics Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Server Averages – Creates the SA_EX_HourlyMetrics_ServerAverages table, accessible under the + job’s Results node +- 2. Org Averages – Creates the SA_EX_HourlyMetrics_OrgAverages table, accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the EX_HourlyMetrics Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Hourly Traffic (Average Hourly Traffic) | This report identifies which hours during the day have the most traffic by count of messages. | None | This report is comprised of two elements: - Column Chart – Displays average hourly traffic by enterprise - Table – Provides details on average hourly traffic by server | +| Hourly Volume (Average Hourly Volume) | This report identifies which hours during the day have the most traffic by volume of messages. | None | This report is comprised of two elements: - Column Chart – Displays average hourly volume (MB) - Table – Provides details on server averages | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_messagesize.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_messagesize.md new file mode 100644 index 0000000000..34b9001748 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_messagesize.md @@ -0,0 +1,25 @@ +# EX_MessageSize Job + +The EX_MessageSize Job provides information around the size of sent and received messages. + +## Analysis Tasks for the EX_MessageSize Job + +View the analysis task by navigating to the **Exchange** > **1. HUB Metrics** > **EX_MessageSize** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_MessageSize Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/messagesizeanalysis.webp) + +The following analysis task is selected by default: + +- 1. Message Size by Server – Creates the SA_EX_MessageSize_HostSummary table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis task, the EX_MessageSize Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | ------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Message Size | This report identifies servers which handle the largest mail. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by average message size (KB) - Table – Provides details on average message size by server (KB) | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_servermetrics.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_servermetrics.md new file mode 100644 index 0000000000..44efa1a735 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_servermetrics.md @@ -0,0 +1,40 @@ +# EX_ServerMetrics Job + +The EX_ServerMetrics Job provides visibility into server mail flow statistics, such as, sent, +received, journaling, transport, and NDR counts and sizes. + +## Analysis Tasks for the EX_ServerMetrics Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > +**EX_ServerMetrics** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_ServerMetrics Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/servermetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Transport – Creates the SA_EX_ServerMetrics_Transport table, accessible under the job’s + Results node +- 2. NDRs – Creates the SA_EX_ServerMetrics_NDRs table, accessible under the job’s Results node +- 3. Journaling – Creates the SA_EX_ServerMetrics_Journaling table, accessible under the job’s + Results node +- 4. Yesterday – Creates the SA_EX_ServerMetrics_Yesterday table, accessible under the job’s + Results node +- 5. Last 7 Days – Creates the SA_EX_ServerMetrics_Last7Days table, accessible under the job’s + Results node +- 6. Last 30 Days – Creates the SA_EX_ServerMetrics_Last30Days table, accessible under the job’s + Results node +- 7. Historical Statistics – Creates the SA_EX_ServerMetrics_HistoricalStatistics table, + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the EX_ServerMetrics Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------- | ----------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Journaling (Journaling Traffic) | This report summarizes journaling message traffic across the organization. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by journaling messages (last 30 days) - Table – Provides details on top servers by journaling messages (last 30 days) | +| NDRs (Exchange NDRs) | This report shows NDR counts broken down by server. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by NDRs (last 30 days) - Table – Provides details on top servers by NDRs (last 30 days) | +| Server Traffic (Top Servers by Traffic) | This report summarizes server traffic across the organization for the Last 30 Days. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top servers by total traffic - Table – Provides details top servers by total traffic | +| Transport (Transport Messages) | This report summarizes transport messages across the exchange organization. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by transport messages (last 30 days) - Table – Provides details on top servers by transport messages (last 30 days) | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_usermetrics.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_usermetrics.md new file mode 100644 index 0000000000..a2f6757641 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_usermetrics.md @@ -0,0 +1,30 @@ +# EX_UserMetrics Job + +The EX_UserMetrics Job provides information around each users mail-flow in the organization. + +## Analysis Tasks for the EX_UserMetrics Job + +View the analysis tasks by navigating to the **Exchange** > **1. HUB Metrics** > +**EX_UserMetrics** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_UserMetrics Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/usermetricsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. User Metrics - Volume – Creates the SA_EX_UserMetrics_Volume table, accessible under the + job’s Results node +- 2. User Metrics - Count – Creates the SA_EX_UserMetrics_Count table, accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the EX_UserMetrics Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------- | ----------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Top Receivers by Message Count | This report identifies users who have received the most messages. | None | This report is comprised of two elements: - Bar Chart – Displays top receivers by message count (last 30 days) - Table – Provides details on top receivers by message count (last 30 days) | +| Top Receivers by Message Volume | This report identifies users who have received the most mail by total volume. | None | This report is comprised of two elements: - Bar Chart – Displays top receivers by message volume (last 30 days) - Table – Provides details on top receivers by message volume (last 30 days) | +| Top Senders by Message Count | This report identifies users who have sent the most mail. | None | This report is comprised of two elements: - Bar Chart – Displays top senders by message count (last 30 days) - Table – Provides details on top senders by message count (last 30 days) | +| Top Senders by Message Volume | This report identifies users who have sent the most mail by total volume. | None | This report is comprised of two elements: - Bar Chart – Displays top senders by message volume (last 30 days) - Table – Provides details on top senders by message volume (last 30 days) | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/overview.md index 3bf68bd42e..681096a22b 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/overview.md @@ -5,22 +5,22 @@ mail-flow activity occurring within your organization. This job group goes out t contains the Message Tracking Logs and parse the log to return the data to the Access Analyzer database. -![1.HUB Metrics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![1.HUB Metrics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/jobstree.webp) The following job groups and jobs comprise the 1. HUB Metrics Job Group: - [0. Collection Job Group](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/overview.md) – Comprised of jobs that process and analyze the message tracking logs on the Exchange Servers in the environment -- [EX_DeliveryTimes Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-deliverytimes.md) – Provides information around organizational and +- [EX_DeliveryTimes Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_deliverytimes.md) – Provides information around organizational and server level delivery times -- [EX_DLMetrics Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-dlmetrics.md) – Provides information around distribution list usage -- [EX_DomainMetrics Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-domainmetrics.md) – Provides information about which domains mail-flow +- [EX_DLMetrics Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_dlmetrics.md) – Provides information around distribution list usage +- [EX_DomainMetrics Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_domainmetrics.md) – Provides information about which domains mail-flow is going to and coming from -- [EX_HourlyMetrics Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-hourlymetrics.md) – Provides visibility into how much mail-flow the +- [EX_HourlyMetrics Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_hourlymetrics.md) – Provides visibility into how much mail-flow the organization sends and receives each hour -- [EX_MessageSize Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-messagesize.md) – Provides information around size of messages sent and +- [EX_MessageSize Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_messagesize.md) – Provides information around size of messages sent and received -- [EX_ServerMetrics Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-servermetrics.md) – Provides visibility into server mail-flow +- [EX_ServerMetrics Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_servermetrics.md) – Provides visibility into server mail-flow statistics, such as, sent, received, journaling, transport and NDR counts and sizes -- [EX_UserMetrics Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex-usermetrics.md) – Provides information around each user’s mail-flow in the +- [EX_UserMetrics Job](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/ex_usermetrics.md) – Provides information around each user’s mail-flow in the organization diff --git a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/recommended.md b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/recommended.md index feb408faff..a3add8c486 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/recommended.md @@ -23,10 +23,10 @@ through host inventory results. Connection Profile A Connection Profile must be set directly on the EX_MetricsCollection Job and the EX_MetricsDetails -Job. See the [Exchange Mail-Flow Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mail-flow.md) +Job. See the [Exchange Mail-Flow Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/mailflow.md) topic for required permissions. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency @@ -47,7 +47,7 @@ Modify the following analysis tasks to customize the amount of history which is | EX_MetricsCollection | SET HISTORY RETENTION | 6 Months | | EX_MetricsDetails | SET HISTORY RETENTION | 6 Months | -See the [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#exchange-history-retention) +See the [Exchange History Retention](collection/ex_metricscollection.md#exchange-history-retention) topic for additional information. Query Configuration @@ -59,7 +59,7 @@ following exceptions: - All queries in the 1.HUB Metrics Job Group that use the ExchangeMetrics Data Collector – (Optional) The **Enable Persistent Log State** option can be enabled on the Options page of the Exchange Metrics Data Collector Wizard to search the log from where the previous search left off. - See the [ExchangeMetrics: Options](/docs/accessanalyzer/12.0/data-collection/exchange-metrics/options.md) topic + See the [ExchangeMetrics: Options](/docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/options.md) topic for additional information. Analysis Configuration diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/ex-features.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/ex-features.md deleted file mode 100644 index 8afc2aa545..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/ex-features.md +++ /dev/null @@ -1,37 +0,0 @@ -# Features > EX_Features Job - -The EX_Features job is comprised of data collection and a report that provides information around -which features have been enabled or disabled on Mailboxes, such as ActiveSync, IMAP, POP and more. - -**_RECOMMENDED:_** Schedule the Features Job Group to run weekly on any desired recurrence. - -![Features > EX_Features Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/featuresjobstree.webp) - -The EX_Features job is located in the Features job group. - -## Queries for the EX_Features Job - -The EX_Features Job uses the ExchangePS Data Collector. - -![Queries for the EX_Features Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/featuresquery.webp) - -The following query is included with the EX_Features Job: - -- User Mailbox Settings – Collects user mailbox settings - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) topic - for credential requirements. - -In addition to the table created by the query, the EX_Features Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------- | -| Mailbox Features | This report identifies features introduced in Exchange for each mailbox. | None | This report is comprised of one element: - Table – Provides details on mailbox features | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/ex_features.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/ex_features.md new file mode 100644 index 0000000000..74f3635e0a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/ex_features.md @@ -0,0 +1,37 @@ +# Features > EX_Features Job + +The EX_Features job is comprised of data collection and a report that provides information around +which features have been enabled or disabled on Mailboxes, such as ActiveSync, IMAP, POP and more. + +**_RECOMMENDED:_** Schedule the Features Job Group to run weekly on any desired recurrence. + +![Features > EX_Features Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/featuresjobstree.webp) + +The EX_Features job is located in the Features job group. + +## Queries for the EX_Features Job + +The EX_Features Job uses the ExchangePS Data Collector. + +![Queries for the EX_Features Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/featuresquery.webp) + +The following query is included with the EX_Features Job: + +- User Mailbox Settings – Collects user mailbox settings + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) topic + for credential requirements. + +In addition to the table created by the query, the EX_Features Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------- | +| Mailbox Features | This report identifies features introduced in Exchange for each mailbox. | None | This report is comprised of one element: - Table – Provides details on mailbox features | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex-mailboxactivity.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex-mailboxactivity.md deleted file mode 100644 index e712a5b3e8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex-mailboxactivity.md +++ /dev/null @@ -1,30 +0,0 @@ -# 0.Collection > EX_MailboxActivity Job - -The EX_MailboxActivity job collects logs of Native Mailbox Access Auditing from Exchange to provide -reporting around mailbox logon activity. - -![0.Collection > EX_MailboxActivity Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The EX_MailboxActivity job is located in the 0.Collection job group. - -**NOTE:** This job requires that Exchange Access Auditing is enabled in the Exchange environment. - -## Queries for the EX_MailboxActivity Job - -The EX_MailboxActivity Job uses the ExchangePS Data Collector. - -![Queries for the EX_MailboxActivity Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp) - -The following query is included with the EX_MailboxActivity job: - -- Exchange Mailbox Logons – Collects data on Exchange mailbox access logons - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) - topic for credential requirements. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex-mailboxlogons.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex-mailboxlogons.md deleted file mode 100644 index 46562cb0b7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex-mailboxlogons.md +++ /dev/null @@ -1,54 +0,0 @@ -# EX_MailboxLogons Job - -The EX_MailboxLogons Job provides details around Mailbox logon activity occurring within the -Exchange environment. - -## Analysis Tasks for the EX_MailboxLogons Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Logons** > -**EX_MailboxLogons** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_MailboxLogons Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create History Table – Creates the SA_EX_MailboxLogons_Details table, accessible under the - job’s Results node -- 02.Hourly Activity – Creates the SA_EX_MailboxLogons_HourlyActivity table, accessible under the - job’s Results node -- 03.SET HISTORY RETENTION – Sets retention period in months - - - By default set to retain 6 months. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#exchange-history-retention) - topic for additional information - -- 04.Last Week Top Offenders – Creates the SA_EX_MailboxLogons_LastWeekSummary table, accessible - under the job’s Results node -- 05.Hourly by Client IP – Creates the SA_EX_MailboxLogons_HourlyActivityByClient table, accessible - under the job’s Results node -- 06.Import Logon Activity to AIC – Imports Logon Activity to Access Information Center - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Delete All Historical Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 00.Delete All Historical Data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_MailboxLogons Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Non Owner Mailbox Logons – Last Week (Top Users Logging into Other Mailboxes) | Lists the number of distinct non-owner mailboxes accessed by each user and counts of non-owner logons in the last seven days. | None | This report is comprised of two elements: - Bar Chart – Displays top users for non-owner activity – last week - Table – Provides details on all mailbox logons | -| Top Hourly Activity (By IP) (Top Hourly Activity) | This report shows periods where there was large amounts of traffic coming from a single machine. | None | This report is comprised of two elements: - Bar Chart – Displays top machines by user account activity - Table – Provides details on top machines by user account activity | -| Top Hourly Activity (By User) (Top Hourly Activity) | This report shows periods when users are most active. | None | This report is comprised of two elements: - Bar Chart – Displays top machines by non-owner logons - Table – Provides details on top users by non-owner logons | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex_mailboxactivity.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex_mailboxactivity.md new file mode 100644 index 0000000000..a421de985d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex_mailboxactivity.md @@ -0,0 +1,30 @@ +# 0.Collection > EX_MailboxActivity Job + +The EX_MailboxActivity job collects logs of Native Mailbox Access Auditing from Exchange to provide +reporting around mailbox logon activity. + +![0.Collection > EX_MailboxActivity Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/collectionjobstree.webp) + +The EX_MailboxActivity job is located in the 0.Collection job group. + +**NOTE:** This job requires that Exchange Access Auditing is enabled in the Exchange environment. + +## Queries for the EX_MailboxActivity Job + +The EX_MailboxActivity Job uses the ExchangePS Data Collector. + +![Queries for the EX_MailboxActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp) + +The following query is included with the EX_MailboxActivity job: + +- Exchange Mailbox Logons – Collects data on Exchange mailbox access logons + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) + topic for credential requirements. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex_mailboxlogons.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex_mailboxlogons.md new file mode 100644 index 0000000000..a9ea70fbf4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex_mailboxlogons.md @@ -0,0 +1,54 @@ +# EX_MailboxLogons Job + +The EX_MailboxLogons Job provides details around Mailbox logon activity occurring within the +Exchange environment. + +## Analysis Tasks for the EX_MailboxLogons Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Logons** > +**EX_MailboxLogons** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_MailboxLogons Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create History Table – Creates the SA_EX_MailboxLogons_Details table, accessible under the + job’s Results node +- 02.Hourly Activity – Creates the SA_EX_MailboxLogons_HourlyActivity table, accessible under the + job’s Results node +- 03.SET HISTORY RETENTION – Sets retention period in months + + - By default set to retain 6 months. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +- 04.Last Week Top Offenders – Creates the SA_EX_MailboxLogons_LastWeekSummary table, accessible + under the job’s Results node +- 05.Hourly by Client IP – Creates the SA_EX_MailboxLogons_HourlyActivityByClient table, accessible + under the job’s Results node +- 06.Import Logon Activity to AIC – Imports Logon Activity to Access Information Center + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Delete All Historical Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 00.Delete All Historical Data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_MailboxLogons Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Non Owner Mailbox Logons – Last Week (Top Users Logging into Other Mailboxes) | Lists the number of distinct non-owner mailboxes accessed by each user and counts of non-owner logons in the last seven days. | None | This report is comprised of two elements: - Bar Chart – Displays top users for non-owner activity – last week - Table – Provides details on all mailbox logons | +| Top Hourly Activity (By IP) (Top Hourly Activity) | This report shows periods where there was large amounts of traffic coming from a single machine. | None | This report is comprised of two elements: - Bar Chart – Displays top machines by user account activity - Table – Provides details on top machines by user account activity | +| Top Hourly Activity (By User) (Top Hourly Activity) | This report shows periods when users are most active. | None | This report is comprised of two elements: - Bar Chart – Displays top machines by non-owner logons - Table – Provides details on top users by non-owner logons | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/overview.md index 0887ed55eb..1d85cba67d 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/overview.md @@ -8,11 +8,11 @@ provide reporting around mailbox logon activity. The data collection job requires that Exchange Access Auditing is enabled in the Exchange environment. -![Logons Job Group](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Logons Job Group](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/jobstree.webp) The jobs in the Logons Job Group are: -- [0.Collection > EX_MailboxActivity Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex-mailboxactivity.md) – Collects logs of Native Mailbox +- [0.Collection > EX_MailboxActivity Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex_mailboxactivity.md) – Collects logs of Native Mailbox Access Auditing from Exchange to provide reporting around mailbox logon activity -- [EX_MailboxLogons Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex-mailboxlogons.md) – Provides details around Mailbox logon activity +- [EX_MailboxLogons Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/ex_mailboxlogons.md) – Provides details around Mailbox logon activity occurring within the Exchange environment diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/overview.md index 15ff401412..a874b73b23 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/overview.md @@ -3,13 +3,13 @@ The 4. Mailboxes job group is comprised of data collection, analysis, and reports around mailbox features, logons, permissions, and sizing. -![4.Mailboxes Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![4.Mailboxes Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/jobstree.webp) The following comprise the 4. Mailboxes job group: **NOTE:** These jobs are compatible with the Office 365 environment. -- [Features > EX_Features Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/ex-features.md) – Comprised of data collection and a report that +- [Features > EX_Features Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/ex_features.md) – Comprised of data collection and a report that provides information around which features have been enabled or disabled on mailboxes, such as ActiveSync, IMAP, POP and more - [Logons Job Group](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/overview.md) – Provides collection of Native Mailbox Access Auditing diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-delegates.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-delegates.md deleted file mode 100644 index f0904c3b0f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-delegates.md +++ /dev/null @@ -1,24 +0,0 @@ -# EX_Delegates Job - -The EX_Delegates job collects data from Active Directory to identify the delegates applied to a -mailbox. - -## Queries for the EX_Delegates Job - -The EX_Delegates job uses the ExchangePS Data Collector. - -![Queries for the EX_Delegates Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp) - -The following query is included with the EX_Delegates job: - -- Delegates – Collects delegates applied to each mailbox - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) - topic for credential requirements. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-mbrights.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-mbrights.md deleted file mode 100644 index 09bd520c8e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-mbrights.md +++ /dev/null @@ -1,24 +0,0 @@ -# EX_MBRights Job - -The EX_MBRights job collects data from Active Directory to identify the mailbox rights applied to a -mailbox. - -## Queries for the EX_MBRights Job - -The EX_MBRights job uses the ExchangePS Data Collector. - -![Queries for the EX_MBRights Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp) - -The following query is included in the EX_MBRights Job: - -- Mailbox Rights – Collects mailbox rights - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) - topic for credential requirements. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-perms.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-perms.md deleted file mode 100644 index 142a6f84a4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-perms.md +++ /dev/null @@ -1,18 +0,0 @@ -# EX_Perms Job - -The EX_Perms job collects information about permissions applied to the folders within Exchange -mailboxes. - -## Queries for the EX_Perms Job - -The EX_Perms job uses the EWSMailbox Data Collector. - -![Queries for the EX_Perms Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/permsquery.webp) - -The following query is included in the EX_Perms job. - -- Exchange Mailbox Permissions – Returns Exchange mailbox folder permissions - - - By default set to search all mailboxes. It can be scoped. - - See the [EWSMailbox Data Collector](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/overview.md) - topic for additional information diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-sendas.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-sendas.md deleted file mode 100644 index 2668f0fc51..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-sendas.md +++ /dev/null @@ -1,39 +0,0 @@ -# EX_SendAs Job - -The EX_SendAs job collects data from Active Directory to identify the Active Directory rights -applied to a mailbox. - -## Queries for the EX_SendAs Job - -The EX_SendAs job uses the ExchangePS Data Collector. - -![Queries for the EX_SendAs Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp) - -The following query is included in the EX_SendAs Job: - -- Send AS - Rights – Collects Exchange mailbox folder permissions - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) - topic for credential requirements. - -## Analysis Tasks for the EX_SendAs Job - -View the analysis task by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > -**0.Collection** > **EX_SendAs** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_SendAs Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp) - -The following analysis task is selected by default: - -- Index Collection – Creates an index on the collection for use by downstream analysis and report - generation diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_delegates.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_delegates.md new file mode 100644 index 0000000000..22f4ed6430 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_delegates.md @@ -0,0 +1,24 @@ +# EX_Delegates Job + +The EX_Delegates job collects data from Active Directory to identify the delegates applied to a +mailbox. + +## Queries for the EX_Delegates Job + +The EX_Delegates job uses the ExchangePS Data Collector. + +![Queries for the EX_Delegates Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp) + +The following query is included with the EX_Delegates job: + +- Delegates – Collects delegates applied to each mailbox + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) + topic for credential requirements. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_mbrights.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_mbrights.md new file mode 100644 index 0000000000..1cf1cd9618 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_mbrights.md @@ -0,0 +1,24 @@ +# EX_MBRights Job + +The EX_MBRights job collects data from Active Directory to identify the mailbox rights applied to a +mailbox. + +## Queries for the EX_MBRights Job + +The EX_MBRights job uses the ExchangePS Data Collector. + +![Queries for the EX_MBRights Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp) + +The following query is included in the EX_MBRights Job: + +- Mailbox Rights – Collects mailbox rights + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) + topic for credential requirements. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_perms.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_perms.md new file mode 100644 index 0000000000..f483705ad9 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_perms.md @@ -0,0 +1,18 @@ +# EX_Perms Job + +The EX_Perms job collects information about permissions applied to the folders within Exchange +mailboxes. + +## Queries for the EX_Perms Job + +The EX_Perms job uses the EWSMailbox Data Collector. + +![Queries for the EX_Perms Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/permsquery.webp) + +The following query is included in the EX_Perms job. + +- Exchange Mailbox Permissions – Returns Exchange mailbox folder permissions + + - By default set to search all mailboxes. It can be scoped. + - See the [EWSMailbox Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/overview.md) + topic for additional information diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_sendas.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_sendas.md new file mode 100644 index 0000000000..f4e65a3fc6 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_sendas.md @@ -0,0 +1,39 @@ +# EX_SendAs Job + +The EX_SendAs job collects data from Active Directory to identify the Active Directory rights +applied to a mailbox. + +## Queries for the EX_SendAs Job + +The EX_SendAs job uses the ExchangePS Data Collector. + +![Queries for the EX_SendAs Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp) + +The following query is included in the EX_SendAs Job: + +- Send AS - Rights – Collects Exchange mailbox folder permissions + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) + topic for credential requirements. + +## Analysis Tasks for the EX_SendAs Job + +View the analysis task by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > +**0.Collection** > **EX_SendAs** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_SendAs Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp) + +The following analysis task is selected by default: + +- Index Collection – Creates an index on the collection for use by downstream analysis and report + generation diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/overview.md index 94da5b5cb7..c981375bff 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/overview.md @@ -4,15 +4,15 @@ The 0. Collection job group is comprised of data collection and analysis that fo granted to each mailbox in the environment including: Mailbox Rights, Active Directory Permissions, Delegation, and Folder Permissions. -![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/collectionjobstree.webp) The jobs in the 0. Collection job group are: -- [EX_Delegates Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-delegates.md) – Collects data from Active Directory to identify the +- [EX_Delegates Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_delegates.md) – Collects data from Active Directory to identify the delegates applied to a mailbox -- [EX_MBRights Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-mbrights.md) – Collects data from Active Directory to identify the mailbox +- [EX_MBRights Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_mbrights.md) – Collects data from Active Directory to identify the mailbox rights applied to a mailbox -- [EX_Perms Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-perms.md) – Collects information about permissions applied to the folders within +- [EX_Perms Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_perms.md) – Collects information about permissions applied to the folders within Exchange mailboxes -- [EX_SendAs Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex-sendas.md) – Collects data from Active Directory to identify the Active +- [EX_SendAs Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/ex_sendas.md) – Collects data from Active Directory to identify the Active Directory rights applied to a mailbox diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex-admingroups.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex-admingroups.md deleted file mode 100644 index 200239d39b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex-admingroups.md +++ /dev/null @@ -1,28 +0,0 @@ -# EX_AdminGroups Job - -The EX_AdminGroups job provides visibility into the direct and effective membership of Exchange -Administrative groups. - -## Analysis Tasks for the EX_AdminGroups Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > -**EX_AdminGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_AdminGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Calculate Effective Membership – Creates the SA_EX_AdminGroups_Membership table accessible - under the job’s Results node -- 01.Rank groups by Size – Creates the SA_EX_AdminGroups_Ranked table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the EX_AdminGroups Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | -------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | -| Exchange Administration Groups | This report shows effective membership for the default Exchange Administration groups. | None | This report is comprised of two elements: - Bar Chart – Displays largest admin groups - Table – Provides membership details | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex-mailboxaccess.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex-mailboxaccess.md deleted file mode 100644 index a6118e6645..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex-mailboxaccess.md +++ /dev/null @@ -1,65 +0,0 @@ -# EX_MailboxAccess Job - -The EX_MailboxAccess job provides visibility into access granted to each mailbox in the environment -taking into consideration Mailbox Rights, Active Directory Permissions, Delegation, and Folder -Permissions. - -## Analysis Tasks for the EX_Mailbox Access Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > -**EX_MailboxAccess** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailbox Access Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Regional Send As Rights – Creates the SA_EX_MailboxAccess_SendAs table, accessible under the - job’s Results node -- 01.Regional Full Control Rights – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 02.Regional Delegates – Creates the SA_EX_MailboxAccess_Delegates table, accessible under the - job’s Results node -- 03.Regional Mailbox Permissions – Creates the SA_EX_MailboxAccess_Permissions table, accessible - under the job’s Results node -- 04.Regional Delegated Access – Creates the SA_EX_MailboxAccess_DelegatedAccess table, accessible - under the job’s Results node -- 05.Regional Mailbox Rights – Creates the SA_EX_MailboxAccess_Rights table, accessible under the - job’s Results node -- 06.Missing Anonymous Permissions – Creates the SA_EX_MailboxAccess_MissingAnon table, accessible - under the job’s Results node -- 07.Incorrect Default/Anonymous Rights – Creates the SA_EX_MailboxAccess_DefaultAnonIssues table, - accessible under the job’s Results node -- 08.Expanded Rights – Creates the SA_EX_MailboxAccess_ExpandedRights table, accessible under the - job’s Results node -- 09.Incorrect Default/Anonymous Permissions Summary – Creates the - SA_EX_MailboxAccess_DefaultAnonSummary table, accessible under the job’s Results node -- 10.Permissions Summary – Creates the SA_EX_MailboxAccess_PermissionSummary table, accessible under - the job’s Results node -- 11.Full Control Summary – Creates the SA_EX_MailboxAccess_FullControlSummary table, accessible - under the job’s Results node -- 12.Send As Summary – Creates the SA_EX_MailboxAccess_SendAsSummary table accessible under the - job’s Results node - -The following analysis tasks is selected to export data to the AIC: - -- 13.AIC Import - Export Exchange Permissions – Exports delegates, Send AS rights, mailbox - permissions, and Active Directory rights to the Access Information Center - - **NOTE:** This task sends data to the Access Information Center during future job executions. - See the User Reports and the Group Reports topics in the - [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) - for additional information. - -In addition to the tables and views created by the analysis tasks, the EX_MailboxAccess Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Delegation (Delegates) | This report identifies users where Delegate/Send on Behalf Of rights have been assigned and which objects the users have been given rights to. | None | This report is comprised of two elements: - Bar Chart – Displays top users by number of delegates - Table – Provides details on top users by number of delegates | -| Full Control Access (Mailboxes with Full Control) | This report identifies users with the largest amount of Full Control rights assigned to other individuals. | None | This report is comprised of two elements: - Bar Chart – Displays top users with full control granted - Table – Provides details on top users with full control granted | -| Incorrect Default And Anon Permissions | This report identifies where Default or Anonymous have any role assignment other than **None** or **Free/Busy time**. | None | This report is comprised of three elements: - Bar Chart – Displays top users with incorrect default/anon permissions - Table – Provides details on top users with incorrect default/anon permissions - Table – Provides role details | -| Missing Anonymous Permissions | This report identifies folders where Anonymous permissions are not assigned. | None | This report is comprised of one element: - Table – Provides details on missing anonymous permissions | -| Send As (Send-As Rights) | This report identifies which users have the highest number of users with Send-As rights to their mailbox. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top users by send as rights granted - Table – Provides details on top users by send as right granted - Table – Provides additional details | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex_admingroups.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex_admingroups.md new file mode 100644 index 0000000000..547d184bbc --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex_admingroups.md @@ -0,0 +1,28 @@ +# EX_AdminGroups Job + +The EX_AdminGroups job provides visibility into the direct and effective membership of Exchange +Administrative groups. + +## Analysis Tasks for the EX_AdminGroups Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > +**EX_AdminGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_AdminGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Calculate Effective Membership – Creates the SA_EX_AdminGroups_Membership table accessible + under the job’s Results node +- 01.Rank groups by Size – Creates the SA_EX_AdminGroups_Ranked table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the EX_AdminGroups Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | -------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | +| Exchange Administration Groups | This report shows effective membership for the default Exchange Administration groups. | None | This report is comprised of two elements: - Bar Chart – Displays largest admin groups - Table – Provides membership details | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex_mailboxaccess.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex_mailboxaccess.md new file mode 100644 index 0000000000..89b95dccf7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex_mailboxaccess.md @@ -0,0 +1,65 @@ +# EX_MailboxAccess Job + +The EX_MailboxAccess job provides visibility into access granted to each mailbox in the environment +taking into consideration Mailbox Rights, Active Directory Permissions, Delegation, and Folder +Permissions. + +## Analysis Tasks for the EX_Mailbox Access Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Permissions** > +**EX_MailboxAccess** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailbox Access Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Regional Send As Rights – Creates the SA_EX_MailboxAccess_SendAs table, accessible under the + job’s Results node +- 01.Regional Full Control Rights – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 02.Regional Delegates – Creates the SA_EX_MailboxAccess_Delegates table, accessible under the + job’s Results node +- 03.Regional Mailbox Permissions – Creates the SA_EX_MailboxAccess_Permissions table, accessible + under the job’s Results node +- 04.Regional Delegated Access – Creates the SA_EX_MailboxAccess_DelegatedAccess table, accessible + under the job’s Results node +- 05.Regional Mailbox Rights – Creates the SA_EX_MailboxAccess_Rights table, accessible under the + job’s Results node +- 06.Missing Anonymous Permissions – Creates the SA_EX_MailboxAccess_MissingAnon table, accessible + under the job’s Results node +- 07.Incorrect Default/Anonymous Rights – Creates the SA_EX_MailboxAccess_DefaultAnonIssues table, + accessible under the job’s Results node +- 08.Expanded Rights – Creates the SA_EX_MailboxAccess_ExpandedRights table, accessible under the + job’s Results node +- 09.Incorrect Default/Anonymous Permissions Summary – Creates the + SA_EX_MailboxAccess_DefaultAnonSummary table, accessible under the job’s Results node +- 10.Permissions Summary – Creates the SA_EX_MailboxAccess_PermissionSummary table, accessible under + the job’s Results node +- 11.Full Control Summary – Creates the SA_EX_MailboxAccess_FullControlSummary table, accessible + under the job’s Results node +- 12.Send As Summary – Creates the SA_EX_MailboxAccess_SendAsSummary table accessible under the + job’s Results node + +The following analysis tasks is selected to export data to the AIC: + +- 13.AIC Import - Export Exchange Permissions – Exports delegates, Send AS rights, mailbox + permissions, and Active Directory rights to the Access Information Center + + **NOTE:** This task sends data to the Access Information Center during future job executions. + See the User Reports and the Group Reports topics in the + [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) + for additional information. + +In addition to the tables and views created by the analysis tasks, the EX_MailboxAccess Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Delegation (Delegates) | This report identifies users where Delegate/Send on Behalf Of rights have been assigned and which objects the users have been given rights to. | None | This report is comprised of two elements: - Bar Chart – Displays top users by number of delegates - Table – Provides details on top users by number of delegates | +| Full Control Access (Mailboxes with Full Control) | This report identifies users with the largest amount of Full Control rights assigned to other individuals. | None | This report is comprised of two elements: - Bar Chart – Displays top users with full control granted - Table – Provides details on top users with full control granted | +| Incorrect Default And Anon Permissions | This report identifies where Default or Anonymous have any role assignment other than **None** or **Free/Busy time**. | None | This report is comprised of three elements: - Bar Chart – Displays top users with incorrect default/anon permissions - Table – Provides details on top users with incorrect default/anon permissions - Table – Provides role details | +| Missing Anonymous Permissions | This report identifies folders where Anonymous permissions are not assigned. | None | This report is comprised of one element: - Table – Provides details on missing anonymous permissions | +| Send As (Send-As Rights) | This report identifies which users have the highest number of users with Send-As rights to their mailbox. | None | This report is comprised of three elements: - Stacked Bar Chart – Displays top users by send as rights granted - Table – Provides details on top users by send as right granted - Table – Provides additional details | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/overview.md index 88982b30ab..72aa2490f6 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/overview.md @@ -6,15 +6,15 @@ Delegation, and Folder Permissions. **_RECOMMENDED:_** Schedule the Permissions job group to run weekly on Fridays at 6 PM. -![Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/jobstree.webp) The job groups and jobs in the Permissions job group are: - [0. Collection Job Group](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/overview.md) – Comprised of data collection and analysis that focus on access granted to each mailbox in the environment including: Mailbox Rights, Active Directory Permissions, Delegation, and Folder Permissions -- [EX_AdminGroups Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex-admingroups.md) – Provides visibility into the direct and effective +- [EX_AdminGroups Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex_admingroups.md) – Provides visibility into the direct and effective membership of Exchange Administrative groups -- [EX_MailboxAccess Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex-mailboxaccess.md) – Provides visibility into access granted to each +- [EX_MailboxAccess Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/ex_mailboxaccess.md) – Provides visibility into access granted to each mailbox in the environment taking into consideration Mailbox Rights, Active Directory Permissions, Delegation, and Folder Permissions diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/recommended.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/recommended.md index 14fdc755c9..8de86f9562 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/recommended.md @@ -6,22 +6,22 @@ This job group requires the following items to be enabled: - Exchange Access Auditing is enabled in the Exchange environment - - This is required for the Logons Job Group. See the - [Enable Exchange Mailbox Access Auditing](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md#enable-exchange-mailbox-access-auditing) - topic for additional information. + - This is required for the Logons Job Group. See the + [Enable Exchange Mailbox Access Auditing](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md#enable-exchange-mailbox-access-auditing) + topic for additional information. The following job groups need to be successfully run: - **.Active Directory Inventory** Job Group - **.Entra ID Inventory** Job Group - **Exchange** > **1. HUB Metrics** Job Group (Optional) - - Provides data on mailbox metrics for on-premises Exchange environments and the last time a - distribution list received mail + - Provides data on mailbox metrics for on-premises Exchange environments and the last time a + distribution list received mail - **Exchange** > **2. CAS Metrics** Job Group (Optional) - - Provides data on mailbox staleness for on-premises Exchange environments + - Provides data on mailbox staleness for on-premises Exchange environments - **Exchange** > **8. Exchange Online** > **Mailflow** Job Group (Optional) - - Provides data on distribution list metrics for Exchange Online environments and the last time - a distribution list received mail + - Provides data on distribution list metrics for Exchange Online environments and the last time + a distribution list received mail Targeted Hosts @@ -42,16 +42,16 @@ A Connection Profile must be set directly on the collection jobs within each sub - **Logons** > **0.Collection** > **EX_MailboxActivity** Job - **Permissions** > **0. Collection**: - - EX_Delegates Job - - EX_MBRights Job - - EX_Perms Job - - EX_SendAs Job + - EX_Delegates Job + - EX_MBRights Job + - EX_Perms Job + - EX_SendAs Job - **Sizing** > **0. Collection** > **EX_MBSize** Job -See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) +See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) topic for the required permissions. See the -[Exchange Custom Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/exchange-ps/configure-job.md) +[Exchange Custom Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/configurejob.md) topic for additional information. Schedule Frequency @@ -119,12 +119,12 @@ Workflow - Daily Execution - - Schedule the **Logons** job group to run daily - - Schedule the **Sizing** job group to run daily + - Schedule the **Logons** job group to run daily + - Schedule the **Sizing** job group to run daily - Weekly Execution - - Schedule the **Features** job group to run weekly - - Schedule the **Permissions** job group to run weekly + - Schedule the **Features** job group to run weekly + - Schedule the **Permissions** job group to run weekly **Step 3 –** Review the reports generated by the jobs. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-mailboxsizes.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-mailboxsizes.md deleted file mode 100644 index 5bdf1cbe15..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-mailboxsizes.md +++ /dev/null @@ -1,55 +0,0 @@ -# EX_MailboxSizes Job - -The EX_MailboxSizes job provides analysis and reporting around mailbox sizing and growth. - -#### Analysis Tasks for the EX_Mailbox Sizes Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Sizing** > -**EX_MailboxSizes** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailbox Sizes Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp) - -The following analysis tasks are selected by default: - -- 01.Update or Create Details Table – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 02.Regional Track Mailbox Size History – Creates an interim processing table in the database for - use by downstream analysis and report generation -- 03.SET HISTORY RETENTION – Sets retention period in months - - - The default is 6 months. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#exchange-history-retention) - topic for additional information - -- 04.Store History – Creates the SA_EX_MailboxSizes_StoreHistory table, accessible under the job’s - Results node -- 05.Current Sizes – Creates the SA_EX_MailboxSizes_CurrentSnapshot table, accessible under the - job’s Results node -- 06.Dumpster Sizes – Creates the SA_EX_MailboxSizes_DumpstersByStore table, accessible under the - job’s Results node -- 07.Current Store Size – Creates the SA_EX_MailboxSizes_CurrentStoreSize table, accessible under - the job’s Results node - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00.Delete All Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database: - -- 00.Delete All Data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_MailboxAccess Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Largest Recoverable Items Folder (Dumpster) (Dumpster Sizes by User) | This report identifies users with the largest Recoverable Items folder (dumpster). | None | This report is comprised of two elements: - Bar Chart – Displays users with largest Recoverable Items folders - Table – Provides details on user Recoverable Items folders | -| Largest Mailboxes (Top Users by Mailbox Size) | This report identifies users with the largest mailboxes. | None | This report is comprised of two elements: - Bar Chart – Displays users with the largest mailboxes - Table – Provides details on users with largest mailboxes | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-mbsize.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-mbsize.md deleted file mode 100644 index cf706ae8fd..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-mbsize.md +++ /dev/null @@ -1,28 +0,0 @@ -# 0.Collection > EX_MBSize Job - -The EX_MBSize job collects information from the Exchange environment about the mailbox sizes in the -environment. - -![0.Collection > EX_MBSize Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The EX_MBSize job is located in the 0.Collection job group. - -## Queries for the EX_MBSize Job - -The EX_MBSize Job uses the ExchangePS Data Collector. - -![Queries for the EX_MBSize Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/mbsizequery.webp) - -The following query is included in the EX_MBSize Job: - -- Mailbox Counts and Sizes – Identifies the Active Directory rights applied to a mailbox - - - By default set to search all mailboxes. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md#scope-the-exchangeps-data-collector) - topic for additional information - - **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as - Exchange on-premises environments. See the - [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) - topic for credential requirements. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-stalemailboxes.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-stalemailboxes.md deleted file mode 100644 index e9512c69ae..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-stalemailboxes.md +++ /dev/null @@ -1,30 +0,0 @@ -# EX_StaleMailboxes Job - -The EX_StaleMailboxes job provides analysis and reporting around orphaned and stale mailboxes. - -## Analysis Tasks for the EX_StaleMailboxes Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Sizing** > -**EX_StaleMailboxes** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_StaleMailboxes Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Mailbox Orphans – Creates the SA_EX_StaleMailboxes_Orphans table, accessible under the job’s - Results node -- 2. Stale User Mailboxes – Creates the SA_EX_StaleMailboxes_Details table, accessible under the - job’s Results node -- 3. Organization Summary – Creates the SA_EX_StaleMailboxes_OrgSummary table, accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the EX_StaleMailboxes Job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Orphaned Mailboxes | Orphaned Mailboxes do not have an Active Directory account associated with them, and generally can be safely deleted. | None | This report is comprised of three elements: - Bar Chart – Displays orphan mailbox storage - Table – Provides details on all orphaned mailboxes - Table – Provides details on orphan mailbox storage | -| Stale Users (Mailboxes associated with Stale AD Accounts) | This report shows mailboxes which are tied to stale user accounts. | None | This report is comprised of three elements: - Bar Chart – Displays stale user mailboxes - Table – Provides details stale user mailboxes - Table – Provides additional details on stale user mailboxes | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-storesizes.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-storesizes.md deleted file mode 100644 index 356c607366..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-storesizes.md +++ /dev/null @@ -1,29 +0,0 @@ -# EX_StoreSizes Job - -The EX_StoreSizes job provides analysis and reporting around database sizing based on mailbox sizes. - -## Analysis Tasks for the EX_StoreSizes Job - -View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > -**Sizing** > **EX_StoreSizes** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_StoreSizes Job](/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Users Ranked by Store – Creates the SA_EX_StoreSize_UsersByStore table, accessible under the - job’s Results node -- 01.Rank Stores – Creates the SA_EX_StoreSize_Ranked table, accessible under the job’s Results node -- 02.30 Day Growth – Creates the SA_EX_StaleMailboxes_30DayChange table, accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the EX_StoreSizes Job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------ | --------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Store Sizes and Growth (Store Sizes) | This report identifies 30 day growth for every mail store within the environment. | None | This report is comprised of two elements: - Bar Chart – Displays fastest-growing mail stores - Table – Provides details on mail stores – percent change | -| Top Users by Store | This report identifies the top users for every mail store. | None | This report is comprised of one element: - Table – Provides details on top users by store | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_mailboxsizes.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_mailboxsizes.md new file mode 100644 index 0000000000..66cb2c52f6 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_mailboxsizes.md @@ -0,0 +1,55 @@ +# EX_MailboxSizes Job + +The EX_MailboxSizes job provides analysis and reporting around mailbox sizing and growth. + +#### Analysis Tasks for the EX_Mailbox Sizes Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Sizing** > +**EX_MailboxSizes** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailbox Sizes Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp) + +The following analysis tasks are selected by default: + +- 01.Update or Create Details Table – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 02.Regional Track Mailbox Size History – Creates an interim processing table in the database for + use by downstream analysis and report generation +- 03.SET HISTORY RETENTION – Sets retention period in months + + - The default is 6 months. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +- 04.Store History – Creates the SA_EX_MailboxSizes_StoreHistory table, accessible under the job’s + Results node +- 05.Current Sizes – Creates the SA_EX_MailboxSizes_CurrentSnapshot table, accessible under the + job’s Results node +- 06.Dumpster Sizes – Creates the SA_EX_MailboxSizes_DumpstersByStore table, accessible under the + job’s Results node +- 07.Current Store Size – Creates the SA_EX_MailboxSizes_CurrentStoreSize table, accessible under + the job’s Results node + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00.Delete All Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database: + +- 00.Delete All Data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_MailboxAccess Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Largest Recoverable Items Folder (Dumpster) (Dumpster Sizes by User) | This report identifies users with the largest Recoverable Items folder (dumpster). | None | This report is comprised of two elements: - Bar Chart – Displays users with largest Recoverable Items folders - Table – Provides details on user Recoverable Items folders | +| Largest Mailboxes (Top Users by Mailbox Size) | This report identifies users with the largest mailboxes. | None | This report is comprised of two elements: - Bar Chart – Displays users with the largest mailboxes - Table – Provides details on users with largest mailboxes | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_mbsize.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_mbsize.md new file mode 100644 index 0000000000..5e46c8d44d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_mbsize.md @@ -0,0 +1,28 @@ +# 0.Collection > EX_MBSize Job + +The EX_MBSize job collects information from the Exchange environment about the mailbox sizes in the +environment. + +![0.Collection > EX_MBSize Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/collectionjobstree.webp) + +The EX_MBSize job is located in the 0.Collection job group. + +## Queries for the EX_MBSize Job + +The EX_MBSize Job uses the ExchangePS Data Collector. + +![Queries for the EX_MBSize Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/mbsizequery.webp) + +The following query is included in the EX_MBSize Job: + +- Mailbox Counts and Sizes – Identifies the Active Directory rights applied to a mailbox + + - By default set to search all mailboxes. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + + **NOTE:** The ExchangePS Data Collector is capable of targeting Exchange Online as well as + Exchange on-premises environments. See the + [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) + topic for credential requirements. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_stalemailboxes.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_stalemailboxes.md new file mode 100644 index 0000000000..f8a20fa234 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_stalemailboxes.md @@ -0,0 +1,30 @@ +# EX_StaleMailboxes Job + +The EX_StaleMailboxes job provides analysis and reporting around orphaned and stale mailboxes. + +## Analysis Tasks for the EX_StaleMailboxes Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > **Sizing** > +**EX_StaleMailboxes** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_StaleMailboxes Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Mailbox Orphans – Creates the SA_EX_StaleMailboxes_Orphans table, accessible under the job’s + Results node +- 2. Stale User Mailboxes – Creates the SA_EX_StaleMailboxes_Details table, accessible under the + job’s Results node +- 3. Organization Summary – Creates the SA_EX_StaleMailboxes_OrgSummary table, accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the EX_StaleMailboxes Job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Orphaned Mailboxes | Orphaned Mailboxes do not have an Active Directory account associated with them, and generally can be safely deleted. | None | This report is comprised of three elements: - Bar Chart – Displays orphan mailbox storage - Table – Provides details on all orphaned mailboxes - Table – Provides details on orphan mailbox storage | +| Stale Users (Mailboxes associated with Stale AD Accounts) | This report shows mailboxes which are tied to stale user accounts. | None | This report is comprised of three elements: - Bar Chart – Displays stale user mailboxes - Table – Provides details stale user mailboxes - Table – Provides additional details on stale user mailboxes | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_storesizes.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_storesizes.md new file mode 100644 index 0000000000..0dda8ff0de --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_storesizes.md @@ -0,0 +1,29 @@ +# EX_StoreSizes Job + +The EX_StoreSizes job provides analysis and reporting around database sizing based on mailbox sizes. + +## Analysis Tasks for the EX_StoreSizes Job + +View the analysis tasks by navigating to the **Exchange** > **4. Mailboxes** > +**Sizing** > **EX_StoreSizes** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_StoreSizes Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Users Ranked by Store – Creates the SA_EX_StoreSize_UsersByStore table, accessible under the + job’s Results node +- 01.Rank Stores – Creates the SA_EX_StoreSize_Ranked table, accessible under the job’s Results node +- 02.30 Day Growth – Creates the SA_EX_StaleMailboxes_30DayChange table, accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the EX_StoreSizes Job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------ | --------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Store Sizes and Growth (Store Sizes) | This report identifies 30 day growth for every mail store within the environment. | None | This report is comprised of two elements: - Bar Chart – Displays fastest-growing mail stores - Table – Provides details on mail stores – percent change | +| Top Users by Store | This report identifies the top users for every mail store. | None | This report is comprised of one element: - Table – Provides details on top users by store | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/overview.md index 65d8fe3b10..0015a17fda 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/overview.md @@ -5,15 +5,15 @@ growth, and trends. **_RECOMMENDED:_** Schedule the Sizing job group to run daily at 4 AM. -![Sizing Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Sizing Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/jobstree.webp) The jobs in the Sizing job group are: -- [0.Collection > EX_MBSize Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-mbsize.md) – Collects information from the environment about the +- [0.Collection > EX_MBSize Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_mbsize.md) – Collects information from the environment about the mailbox sizes in the environment -- [EX_MailboxSizes Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-mailboxsizes.md) – Provides analysis and reporting around Mailbox sizing +- [EX_MailboxSizes Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_mailboxsizes.md) – Provides analysis and reporting around Mailbox sizing and growth -- [EX_StaleMailboxes Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-stalemailboxes.md) – Provides analysis and reporting around orphaned +- [EX_StaleMailboxes Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_stalemailboxes.md) – Provides analysis and reporting around orphaned and Stale Mailboxes -- [EX_StoreSizes Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex-storesizes.md) – Provides analysis and reporting around Database Sizing +- [EX_StoreSizes Job](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/ex_storesizes.md) – Provides analysis and reporting around Database Sizing based on Mailbox Sizes diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-dl.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-dl.md deleted file mode 100644 index b6ca1b022b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-dl.md +++ /dev/null @@ -1,28 +0,0 @@ -# EX_Mailflow_DL Job - -The EX_Mailflow_DL job provides information around distribution list usage. - -## Analysis Tasks for the EX_Mailflow_DL Job - -View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > -**EX_Mailflow_DL** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailflow_DL Job](/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowdlanalysis.webp) - -The following analysis tasks are selected by default: - -- Azure Groups Direct Member Count – Creates the EX\_ MailFlow_DL_AzureMemberCount table, accessible - under the job’s Results node. Provides a direct member count for distribution lists from Azure - groups. -- DLs by Count – Creates the EX\_ Mailflow_DLsByCount table, accessible under the job’s Results - node. Lists of all distribution lists and how much mail-flow they have received. - -In addition to the tables and views created by the analysis tasks, the EX_Mailflow_DL Jjb produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Top DLs by Received Count | The top distribution lists by total messages received. | None | This report is comprised of two elements: - Bar Chart – Displays top five distribution lists by received count - Table – Provides details on the top five distribution lists by received count | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-domain.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-domain.md deleted file mode 100644 index 6d2531865a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-domain.md +++ /dev/null @@ -1,48 +0,0 @@ -# EX_Mailflow_Domain Job - -The EX_Mailflow_Domain job provides information about which domain’s mail-flow is going to and -coming from. This job is set to analyze the last 30 days. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The EX_Mailflow_Domain job has the following configurable parameter: - -- Number of days to show in tables and reports - -See the -[Analysis Tasks for the EX_Mailflow_Domain Job](#analysis-tasks-for-the-ex_mailflow_domain-job) -topic for additional information. - -## Analysis Tasks for the EX_Mailflow_Domain Job - -View the analysis task by navigating to the **Exchange** > **8. Exchange Online** > -**EX_Mailflow_Domain** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_Mailflow_Domain Job](/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp) - -The following analysis task is selected by default: - -- Mailflow Domain – Creates the EX_MailFlow_Domain table, accessible under the job’s Results node. - It provides counts for messages sent and received from external domains. - - - By default, the number of days to show in tables and reports is set to 30. This can be - modified. See the [Parameter Configuration](#parameter-configuration) topic for additional - information. - - Alternatively, the `@Days` parameter can be modified in the SQL Script Editor. See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) - topic for additional information - -In addition to the tables and views created by the analysis task, the EX_Mailflow_Domain job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ---------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------- | -| Top Domains By Count | Displays top domains by recipient count. | None | This report is comprised of two elements: - Bar Chart – Displays top domains - Table – Provides details on top domains | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-mailbox.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-mailbox.md deleted file mode 100644 index 32cc006a32..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-mailbox.md +++ /dev/null @@ -1,62 +0,0 @@ -# EX_Mailflow_Mailbox Job - -The EX_Mailflow_Mailbox job provides information around each user’s mail flow in the organization. -This job is set to analyze the last 30 days. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The EX_Mailflow_Mailbox job has the following configurable parameter: - -- Number of days to collect counts for – Sets the number of days for the **User Mailboxes By Message - Count** and **User Mailboxes by Message Size** analysis tasks. The default is **30** days. - -See the -[Analysis Tasks for the EX_Mailflow_Mailbox Job](#analysis-tasks-for-the-ex_mailflow_mailbox-job) -topic for additional information. - -## Analysis Tasks for the EX_Mailflow_Mailbox Job - -View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > -**EX_Mailflow_Mailbox** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailflow_Mailbox Job](/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp) - -The following analysis tasks are selected by default: - -- User Message Metrics By Day – Creates the EX_MailFlow_UserByDay table, accessible under the job’s - Results node -- User Mailboxes By Message Count – Creates the EX_MailFlow_UserByCount table, accessible under the - job’s Results node - - - By default, counts are collected for the last 30 days. The number of days can be modified with - the `@Days` parameter. - - See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) - topic for additional information - -- User Mailboxes by Message Size – Creates the EX_MailFlow_UserBySize table, accessible under the - job’s Results node - - - By default, sizes are selected for the last 30 days. The number of days can be modified with - the `@Days` parameter. - - See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_Mailflow_Mailbox job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------------------------------------------- | ------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Top Users Message Count by Message ID (Top User Traffic By Message ID) | Displays message counts for users by Message ID. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic by message ID - Table – Provides details on the last 30 days user traffic by message ID | -| Top Users Message Count By Recipient (Top Users Traffic By Recipient) | Displays message counts for users by recipient. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic by recipient - Table – Provides details on the last 30 days user traffic by recipient | -| Top Users Message Size By Message ID (Top Users Traffic Size By Message ID) | Displays message sizes for users by Message ID. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic size by message ID - Table –Details on the last 30 days user traffic size by recipient | -| Top Users Message Size By Recipient (Top Users Traffic Size By Recipient) | Displays message sizes for users by recipient. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic size by recipient - Table – Provides details on the last 30 days user traffic size by recipient | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-orgoverview.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-orgoverview.md deleted file mode 100644 index 65024cd3fb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-orgoverview.md +++ /dev/null @@ -1,45 +0,0 @@ -# EX_Mailflow_OrgOverview Job - -The EX_Mailflow_OrgOverview job provides information around overall traffic in the organization. -This job is set to analyze the last 30 days. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The EX_Mailflow_OrgOverview job has the following configurable parameter: - -- Number of days of data to display - -See the -[Analysis Tasks for the EX_Mailflow_OrgOverview Job](#analysis-tasks-for-the-ex_mailflow_orgoverview-job) -topic for additional information. - -## Analysis Tasks for the EX_Mailflow_OrgOverview Job - -View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > -**EX_OrgOverview_Mailbox** > **Configure** node and select **Analysis**. - -![Analysis Tasks for the EX_Mailflow_OrgOverview Job](/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp) - -The following analysis task is selected by default: - -- Organization Overview – Creates the EX_MailFlow_OrgOverview table, accessible under the job’s - Results node - - - By default, data for 30 days is displayed. This number of days can be modified by a parameter. - See the [Parameter Configuration](#parameter-configuration) topic for additional information. - - Alternatively, the `@Days` parameter can be modified in the SQL Script Editor. See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) - topic for additional information. - -In addition to the tables and views created by the analysis task, the EX_Mailflow_OrgOverview job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Trend By MessageID (Organization Overview) | This report shows an overview of sent and received message statuses for the organization. | None | This report is comprised of two elements: - Line Chart – Displays the last 7 days trend by message ID - Table – Provides details on the last 30 days total traffic by message ID | -| Trend By Recipient | This report shows the trend of sent/received and total traffic by recipient. | None | This report is comprised of two elements: - Line Chart – Displays the last 7 days trend by recipient - Table – Provides details on the last 30 days traffic by recipient | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow.md deleted file mode 100644 index 4bf0ec1c49..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow.md +++ /dev/null @@ -1,111 +0,0 @@ -# 0. Collection > EX_Mailflow Job - -The EX_Mailflow job collects message trace data from Office 365. - -![0. Collection > EX_Mailflow Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The EX_Mailflow job is located in the **Mailflow** > **0. Collection** job group. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The EX_Mailflow job has the following configurable parameter: - -- Number of months to keep - -See the [Analysis Tasks for the EX_Mailflow Job](#analysis-tasks-for-the-ex_mailflow-job) topic for -additional information. - -## Queries for the EX_Mailflow Job - -The EX_Mailflow job uses the ExchangePS Data Collector. - -![Queries for the EX_Mailflow Job](/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowqueries.webp) - -The following queries are included in the EX_Mailflow job: - -- MailFlow – Collects Message Tracking data - - - The default is the **Last 7 Days**. It can be modified to a shorter date range - - See the - [Configure the ExchangePS Data Collector for Mail Flow Metrics](#configure-the-exchangeps-data-collector-for-mail-flow-metrics) - topic for additional information - -- LocalDomains – Collects domains local to the Office 365 environment - - **CAUTION:** Do not modify this query. The query is preconfigured for this job. - - - See the [ExchangePS Data Collector](/docs/accessanalyzer/12.0/data-collection/exchange-ps/overview.md) - topic for additional information - -### Configure the ExchangePS Data Collector for Mail Flow Metrics - -The ExchangePS Data Collector configured with the Mail Flow Metrics category can be scoped to -specific report dates. By default, the MailFlow Query is set to report on the Last 7 Days. - -Follow the steps to modify the query configuration: - -**Step 1 –** Navigate to the **Exchange** > **8. Exchange Online** > **0. Collection** > -**EX_Mailflow** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query -Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The ExchangePS Data Collector -Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. - -![ExchangePS Data Collector Wizard Mail Flow page](/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp) - -**Step 4 –** To modify the report dates, navigate to the Mail Flow page. Set the report data range -as desired. See the -[ExchangePS Data Collector](/docs/accessanalyzer/12.0/data-collection/exchange-ps/overview.md) topic for -additional information. - -_Remember,_ the date range must be 7 days or less. - -**Step 5 –** Navigate to the Summary page. Click **Finish**. - -The job applies the modification to future job executions. - -## Analysis Tasks for the EX_Mailflow Job - -View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > **0. -Collection** > **EX_Mailflow** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_Mailflow Job](/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowanalysis.webp) - -The following analysis tasks are selected by default: - -- 01.EX_Mailflow_History – Creates the SA_EX_Mailflow_History table, accessible under the job’s - Results node -- 02.Update History Table – Updates the SA_EX_Mailflow_History table, with data from the .Active - Directory Inventory and .Entra ID Inventory solutions to determine local users and distribution - lists -- 3. SET HISTORY RETENTION – Sets retention period in months - - - By default, retention is set to 6 months. This period can be modified. See the - [Parameter Configuration](#parameter-configuration) topic for additional information. - - Alternatively, the `@Months` parameter can be modified in the SQL Script Editor. See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) - topic for additional information - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 0. Deletes all Stored Data - LEAVE UNCHECKED – Deletes all historical data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#troubleshooting-data-collection) - topic for additional information diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow.md new file mode 100644 index 0000000000..81ff57d616 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow.md @@ -0,0 +1,111 @@ +# 0. Collection > EX_Mailflow Job + +The EX_Mailflow job collects message trace data from Office 365. + +![0. Collection > EX_Mailflow Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/collectionjobstree.webp) + +The EX_Mailflow job is located in the **Mailflow** > **0. Collection** job group. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The EX_Mailflow job has the following configurable parameter: + +- Number of months to keep + +See the [Analysis Tasks for the EX_Mailflow Job](#analysis-tasks-for-the-ex_mailflow-job) topic for +additional information. + +## Queries for the EX_Mailflow Job + +The EX_Mailflow job uses the ExchangePS Data Collector. + +![Queries for the EX_Mailflow Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowqueries.webp) + +The following queries are included in the EX_Mailflow job: + +- MailFlow – Collects Message Tracking data + + - The default is the **Last 7 Days**. It can be modified to a shorter date range + - See the + [Configure the ExchangePS Data Collector for Mail Flow Metrics](#configure-the-exchangeps-data-collector-for-mail-flow-metrics) + topic for additional information + +- LocalDomains – Collects domains local to the Office 365 environment + + **CAUTION:** Do not modify this query. The query is preconfigured for this job. + + - See the [ExchangePS Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/overview.md) + topic for additional information + +### Configure the ExchangePS Data Collector for Mail Flow Metrics + +The ExchangePS Data Collector configured with the Mail Flow Metrics category can be scoped to +specific report dates. By default, the MailFlow Query is set to report on the Last 7 Days. + +Follow the steps to modify the query configuration: + +**Step 1 –** Navigate to the **Exchange** > **8. Exchange Online** > **0. Collection** > +**EX_Mailflow** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query +Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The ExchangePS Data Collector +Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. + +![ExchangePS Data Collector Wizard Mail Flow page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp) + +**Step 4 –** To modify the report dates, navigate to the Mail Flow page. Set the report data range +as desired. See the +[ExchangePS Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/overview.md) topic for +additional information. + +_Remember,_ the date range must be 7 days or less. + +**Step 5 –** Navigate to the Summary page. Click **Finish**. + +The job applies the modification to future job executions. + +## Analysis Tasks for the EX_Mailflow Job + +View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > **0. +Collection** > **EX_Mailflow** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailflow Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowanalysis.webp) + +The following analysis tasks are selected by default: + +- 01.EX_Mailflow_History – Creates the SA_EX_Mailflow_History table, accessible under the job’s + Results node +- 02.Update History Table – Updates the SA_EX_Mailflow_History table, with data from the .Active + Directory Inventory and .Entra ID Inventory solutions to determine local users and distribution + lists +- 3. SET HISTORY RETENTION – Sets retention period in months + + - By default, retention is set to 6 months. This period can be modified. See the + [Parameter Configuration](#parameter-configuration) topic for additional information. + - Alternatively, the `@Months` parameter can be modified in the SQL Script Editor. See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Deletes all Stored Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 0. Deletes all Stored Data - LEAVE UNCHECKED – Deletes all historical data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_dl.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_dl.md new file mode 100644 index 0000000000..8ba1a43ddd --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_dl.md @@ -0,0 +1,28 @@ +# EX_Mailflow_DL Job + +The EX_Mailflow_DL job provides information around distribution list usage. + +## Analysis Tasks for the EX_Mailflow_DL Job + +View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > +**EX_Mailflow_DL** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailflow_DL Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowdlanalysis.webp) + +The following analysis tasks are selected by default: + +- Azure Groups Direct Member Count – Creates the EX\_ MailFlow_DL_AzureMemberCount table, accessible + under the job’s Results node. Provides a direct member count for distribution lists from Azure + groups. +- DLs by Count – Creates the EX\_ Mailflow_DLsByCount table, accessible under the job’s Results + node. Lists of all distribution lists and how much mail-flow they have received. + +In addition to the tables and views created by the analysis tasks, the EX_Mailflow_DL Jjb produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Top DLs by Received Count | The top distribution lists by total messages received. | None | This report is comprised of two elements: - Bar Chart – Displays top five distribution lists by received count - Table – Provides details on the top five distribution lists by received count | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_domain.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_domain.md new file mode 100644 index 0000000000..962782f76f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_domain.md @@ -0,0 +1,48 @@ +# EX_Mailflow_Domain Job + +The EX_Mailflow_Domain job provides information about which domain’s mail-flow is going to and +coming from. This job is set to analyze the last 30 days. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The EX_Mailflow_Domain job has the following configurable parameter: + +- Number of days to show in tables and reports + +See the +[Analysis Tasks for the EX_Mailflow_Domain Job](#analysis-tasks-for-the-ex_mailflow_domain-job) +topic for additional information. + +## Analysis Tasks for the EX_Mailflow_Domain Job + +View the analysis task by navigating to the **Exchange** > **8. Exchange Online** > +**EX_Mailflow_Domain** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_Mailflow_Domain Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp) + +The following analysis task is selected by default: + +- Mailflow Domain – Creates the EX_MailFlow_Domain table, accessible under the job’s Results node. + It provides counts for messages sent and received from external domains. + + - By default, the number of days to show in tables and reports is set to 30. This can be + modified. See the [Parameter Configuration](#parameter-configuration) topic for additional + information. + - Alternatively, the `@Days` parameter can be modified in the SQL Script Editor. See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information + +In addition to the tables and views created by the analysis task, the EX_Mailflow_Domain job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ---------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------- | +| Top Domains By Count | Displays top domains by recipient count. | None | This report is comprised of two elements: - Bar Chart – Displays top domains - Table – Provides details on top domains | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md new file mode 100644 index 0000000000..b0460db372 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md @@ -0,0 +1,62 @@ +# EX_Mailflow_Mailbox Job + +The EX_Mailflow_Mailbox job provides information around each user’s mail flow in the organization. +This job is set to analyze the last 30 days. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The EX_Mailflow_Mailbox job has the following configurable parameter: + +- Number of days to collect counts for – Sets the number of days for the **User Mailboxes By Message + Count** and **User Mailboxes by Message Size** analysis tasks. The default is **30** days. + +See the +[Analysis Tasks for the EX_Mailflow_Mailbox Job](#analysis-tasks-for-the-ex_mailflow_mailbox-job) +topic for additional information. + +## Analysis Tasks for the EX_Mailflow_Mailbox Job + +View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > +**EX_Mailflow_Mailbox** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_Mailflow_Mailbox Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp) + +The following analysis tasks are selected by default: + +- User Message Metrics By Day – Creates the EX_MailFlow_UserByDay table, accessible under the job’s + Results node +- User Mailboxes By Message Count – Creates the EX_MailFlow_UserByCount table, accessible under the + job’s Results node + + - By default, counts are collected for the last 30 days. The number of days can be modified with + the `@Days` parameter. + - See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information + +- User Mailboxes by Message Size – Creates the EX_MailFlow_UserBySize table, accessible under the + job’s Results node + + - By default, sizes are selected for the last 30 days. The number of days can be modified with + the `@Days` parameter. + - See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_Mailflow_Mailbox job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------------------------------------------- | ------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Top Users Message Count by Message ID (Top User Traffic By Message ID) | Displays message counts for users by Message ID. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic by message ID - Table – Provides details on the last 30 days user traffic by message ID | +| Top Users Message Count By Recipient (Top Users Traffic By Recipient) | Displays message counts for users by recipient. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic by recipient - Table – Provides details on the last 30 days user traffic by recipient | +| Top Users Message Size By Message ID (Top Users Traffic Size By Message ID) | Displays message sizes for users by Message ID. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic size by message ID - Table –Details on the last 30 days user traffic size by recipient | +| Top Users Message Size By Recipient (Top Users Traffic Size By Recipient) | Displays message sizes for users by recipient. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 users traffic size by recipient - Table – Provides details on the last 30 days user traffic size by recipient | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md new file mode 100644 index 0000000000..ee6d93b20a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md @@ -0,0 +1,45 @@ +# EX_Mailflow_OrgOverview Job + +The EX_Mailflow_OrgOverview job provides information around overall traffic in the organization. +This job is set to analyze the last 30 days. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The EX_Mailflow_OrgOverview job has the following configurable parameter: + +- Number of days of data to display + +See the +[Analysis Tasks for the EX_Mailflow_OrgOverview Job](#analysis-tasks-for-the-ex_mailflow_orgoverview-job) +topic for additional information. + +## Analysis Tasks for the EX_Mailflow_OrgOverview Job + +View the analysis tasks by navigating to the **Exchange** > **8. Exchange Online** > +**EX_OrgOverview_Mailbox** > **Configure** node and select **Analysis**. + +![Analysis Tasks for the EX_Mailflow_OrgOverview Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp) + +The following analysis task is selected by default: + +- Organization Overview – Creates the EX_MailFlow_OrgOverview table, accessible under the job’s + Results node + + - By default, data for 30 days is displayed. This number of days can be modified by a parameter. + See the [Parameter Configuration](#parameter-configuration) topic for additional information. + - Alternatively, the `@Days` parameter can be modified in the SQL Script Editor. See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information. + +In addition to the tables and views created by the analysis task, the EX_Mailflow_OrgOverview job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------ | ----------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Trend By MessageID (Organization Overview) | This report shows an overview of sent and received message statuses for the organization. | None | This report is comprised of two elements: - Line Chart – Displays the last 7 days trend by message ID - Table – Provides details on the last 30 days total traffic by message ID | +| Trend By Recipient | This report shows the trend of sent/received and total traffic by recipient. | None | This report is comprised of two elements: - Line Chart – Displays the last 7 days trend by recipient - Table – Provides details on the last 30 days traffic by recipient | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/overview.md index 4916977498..75fe188525 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/overview.md @@ -4,17 +4,17 @@ The Mailbox job group is comprised of jobs that process and analyze the Message Office 365 environment. This job group parses message tracking and stores the data for analysis and reporting in the Access Analyzer database. -![Mailflow Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowjobstree.webp) +![Mailflow Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowjobstree.webp) The jobs in the Mailflow job group are: -- [0. Collection > EX_Mailflow Job](/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow.md) – Collects message trace data from an Office 365 +- [0. Collection > EX_Mailflow Job](/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow.md) – Collects message trace data from an Office 365 server -- [EX_Mailflow_DL Job](/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-dl.md) – Comprised of analysis and reports which provide +- [EX_Mailflow_DL Job](/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_dl.md) – Comprised of analysis and reports which provide information around distribution list usage -- [EX_Mailflow_Domain Job](/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-domain.md) – Comprised of analysis and reports which provide +- [EX_Mailflow_Domain Job](/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_domain.md) – Comprised of analysis and reports which provide information about which domains mail flow is going to and coming from -- [EX_Mailflow_Mailbox Job](/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-mailbox.md) – Comprised of analysis and reports which +- [EX_Mailflow_Mailbox Job](/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_mailbox.md) – Comprised of analysis and reports which provide information around each user's mail-flow in the organization -- [EX_Mailflow_OrgOverview Job](/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex-mailflow-orgoverview.md) – Comprised of analysis and reports +- [EX_Mailflow_OrgOverview Job](/docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/ex_mailflow_orgoverview.md) – Comprised of analysis and reports which provide information around the overall traffic in the organization diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/online/overview.md index 3a4b969b11..f39e166a39 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/online/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/online/overview.md @@ -2,7 +2,7 @@ The 8. Exchange Online job group collects message trace data from Office 365. -![8.Exchange Online Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![8.Exchange Online Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/jobstree.webp) The job group in the 8. Exchange Online job group is: diff --git a/docs/accessanalyzer/12.0/solutions/exchange/online/recommended.md b/docs/accessanalyzer/12.0/solutions/exchange/online/recommended.md index ec6708501f..7b73ce8318 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/online/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/online/recommended.md @@ -15,14 +15,14 @@ PowerShell Data Collector. The host list needs to be set to one of the following - Local Host - Custom Host List for Exchange Online - - The host list should include the tenant name of the Microsoft Entra tenant used to connect to - Exchange Online. See the - [Exchange Online Host List](/docs/accessanalyzer/12.0/data-collection/exchange-ps/configure-job.md#exchange-online-host-list) - topic for additional information. + - The host list should include the tenant name of the Microsoft Entra tenant used to connect to + Exchange Online. See the + [Exchange Online Host List](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/configurejob.md#exchange-online-host-list) + topic for additional information. Connection Profile -See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) +See the [Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) topic for the EX_Mailflow job requirements. Additionally, the Exchange Online job group needs access to the following Exchange Online URLs to @@ -33,7 +33,7 @@ perform collection: - EWS – https://outlook.office365.com/EWS/Exchange.asmx See the -[Exchange Custom Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/exchange-ps/configure-job.md) +[Exchange Custom Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/configurejob.md) topic for additional information. Schedule Frequency @@ -74,8 +74,8 @@ Workflow - The **Mailflow** > **0. Collection** > **EX_Mailflow** job needs to be set to run against one of the following: - - Local Host - - Custom Host List + - Local Host + - Custom Host List **Step 2 –** Set a Connection Profile on the jobs which run data collection. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/overview.md index 0ef3690ef5..585c878c48 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/overview.md @@ -16,15 +16,15 @@ Supported Platforms - Exchange 2010 (Limited) See the -[Exchange Support and Permissions Explained](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/support.md) topic +[Exchange Support and Permissions Explained](/docs/accessanalyzer/12.0/requirements/solutions/exchange/support.md) topic for additional information. Requirements, Permissions, and Ports See the -[Target Exchange Servers Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange.md) +[Target Exchange Servers Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/exchange.md) and -[Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/exchange-online.md) +[Target Exchange Online Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/exchangeonline.md) topics for additional information. Sensitive Data Discovery Considerations @@ -53,7 +53,7 @@ generates reports. The Exchange Solution is divided into categories based upon what is being audited. -![Exchange Job Group Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![Exchange Job Group Overview page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/overviewpage.webp) The following job groups comprise the Exchange Solution: @@ -70,11 +70,11 @@ The following job groups comprise the Exchange Solution: - [4.Mailboxes Job Group](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/overview.md) – Comprised of data collection, analyses, and reports around mailbox features, logons, permissions, and sizing - **CAUTION:** It is not recommended to run this job group at this job group level. + **CAUTION:** It is not recommended to run this job group at this job group level. - - See the [Recommended Configurations for the 4. Mailboxes Job Group](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/recommended.md) - topic for this job group. All jobs within this group are compatible with the Office 365 - environment. + - See the [Recommended Configurations for the 4. Mailboxes Job Group](/docs/accessanalyzer/12.0/solutions/exchange/mailboxes/recommended.md) + topic for this job group. All jobs within this group are compatible with the Office 365 + environment. - [5. Public Folders Job Group](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/overview.md) – Comprised of data collection, analysis and reports that focus on public folder sizing, content aging, entitlement, ownership, and the @@ -88,7 +88,7 @@ The following job groups comprise the Exchange Solution: data found in mailboxes and public folders in the Exchange environment - [8.Exchange Online Job Group](/docs/accessanalyzer/12.0/solutions/exchange/online/overview.md) – Comprised of jobs that locate sensitive data found in mailboxes and public folders in the Exchange environment -- [EX_UserOverview Job](/docs/accessanalyzer/12.0/solutions/exchange/ex-useroverview.md) – provides correlation from multiple data collection +- [EX_UserOverview Job](/docs/accessanalyzer/12.0/solutions/exchange/ex_useroverview.md) – provides correlation from multiple data collection points to show information for each user about their mailbox size, mailbox access rights, mail-flow metrics and remote connectivity to the Exchange environment. These reports provide user impact analysis on the environment. This job depends upon multiple job groups. @@ -96,4 +96,4 @@ The following job groups comprise the Exchange Solution: The MAPI-based data collectors require both Access Analyzer MAPI CDO and Microsoft Exchange MAPI CDO to be installed on the Access Analyzer Console server. Once these have been installed, configure the **Settings** > **Exchange** node for proper connection to the Exchange server. See the -[Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) topic for additional information. +[Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/overview.md index 0b2dd79baa..506ac27d72 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/overview.md @@ -2,11 +2,11 @@ The Content job group provides visibility into public folder sizing and content aging. -![Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/jobstree.webp) The jobs in the Content job group are: -- [Collection > PF_ContentScans Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf-contentscans.md) – Comprised of data collection that focuses +- [Collection > PF_ContentScans Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf_contentscans.md) – Comprised of data collection that focuses on public folder content aging within each public folder -- [PF_Content Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf-content.md) – Comprised of analysis and reports which focus on public folder +- [PF_Content Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf_content.md) – Comprised of analysis and reports which focus on public folder sizing and content aging diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf-content.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf-content.md deleted file mode 100644 index a87f748cad..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf-content.md +++ /dev/null @@ -1,33 +0,0 @@ -# PF_Content Job - -The PF_Content job is comprised of analyses and reports that focus on public folder sizing and -content aging. - -## Analysis Tasks for the PF_Content Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Content** > -**PF_Content** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_Content Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/contentanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.PF Environment Aging by Size – Creates the SA_PF_Content_AgingBySize table, accessible under - the job’s Results node -- 01.PF Environment Aging by Count – Creates the SA_PF_Content_AgingByCount table, accessible under - the job’s Results node -- 02.Subtree Aging by Size – Creates the SA_PF_Content_SubtreeAgingBySize table, accessible under - the job’s Results node -- 03.Subtree Aging by Count – Creates the SA_PF_Content_SubtreeAgingByCount table, accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the PF_Content job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Aging by File Count (Public Folder Aging by File Count) | This report highlights content aging within the targeted Public Folder environment, with a focus on the number of files. | None | This report is comprised of three elements: - Bar Chart – Displays public folder environment aging - Table – Provides details on public folder environment aging by file count - Table – Provides details on aging by sub tree | -| Aging by File Size (Public Folder Aging by File Size) | This report highlights content aging within the targeted Public Folder environment, with a focus on the size of files. | None | This report is comprised of three elements: - Column Chart – Displays public folder environment aging by file size - Table – Provides details on public folder environment by file size - Table – Provides details on aging by sub tree | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf-contentscans.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf-contentscans.md deleted file mode 100644 index ae57ea3025..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf-contentscans.md +++ /dev/null @@ -1,37 +0,0 @@ -# Collection > PF_ContentScans Job - -The PF_ContentScans job is comprised of data collection that focuses on public folder content aging -within each public folder. - -![Collection > PF_ContentScans Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The PF_ContentScans job is located in the 0.Collection job group. - -## Queries for the PF_ContentScans Job - -The PF_ContentScans job uses the ExchangePS Data Collector. - -![Queries for the PF_ContentScans Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/contentscansquery.webp) - -The following query is included in the PF_ContentScans job: - -- PF Contents – Collects content aging information - - - By default set to search all public folders. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md#scope-the-exchangeps-data-collector) - topic for additional information - -## Analysis Tasks for the PF_ContentScans Job - -View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Content** > -**Collection** > **PF_ContentScans** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the PF_ContentScans Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/contentscansanalysis.webp) - -The following analysis task is selected by default: - -- Strip Replicas from Reports – Removes duplicates from reports diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf_content.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf_content.md new file mode 100644 index 0000000000..67e4e7a3d0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf_content.md @@ -0,0 +1,33 @@ +# PF_Content Job + +The PF_Content job is comprised of analyses and reports that focus on public folder sizing and +content aging. + +## Analysis Tasks for the PF_Content Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Content** > +**PF_Content** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_Content Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/contentanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.PF Environment Aging by Size – Creates the SA_PF_Content_AgingBySize table, accessible under + the job’s Results node +- 01.PF Environment Aging by Count – Creates the SA_PF_Content_AgingByCount table, accessible under + the job’s Results node +- 02.Subtree Aging by Size – Creates the SA_PF_Content_SubtreeAgingBySize table, accessible under + the job’s Results node +- 03.Subtree Aging by Count – Creates the SA_PF_Content_SubtreeAgingByCount table, accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the PF_Content job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Aging by File Count (Public Folder Aging by File Count) | This report highlights content aging within the targeted Public Folder environment, with a focus on the number of files. | None | This report is comprised of three elements: - Bar Chart – Displays public folder environment aging - Table – Provides details on public folder environment aging by file count - Table – Provides details on aging by sub tree | +| Aging by File Size (Public Folder Aging by File Size) | This report highlights content aging within the targeted Public Folder environment, with a focus on the size of files. | None | This report is comprised of three elements: - Column Chart – Displays public folder environment aging by file size - Table – Provides details on public folder environment by file size - Table – Provides details on aging by sub tree | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf_contentscans.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf_contentscans.md new file mode 100644 index 0000000000..f3d507bcc7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/pf_contentscans.md @@ -0,0 +1,37 @@ +# Collection > PF_ContentScans Job + +The PF_ContentScans job is comprised of data collection that focuses on public folder content aging +within each public folder. + +![Collection > PF_ContentScans Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/collectionjobstree.webp) + +The PF_ContentScans job is located in the 0.Collection job group. + +## Queries for the PF_ContentScans Job + +The PF_ContentScans job uses the ExchangePS Data Collector. + +![Queries for the PF_ContentScans Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/contentscansquery.webp) + +The following query is included in the PF_ContentScans job: + +- PF Contents – Collects content aging information + + - By default set to search all public folders. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + +## Analysis Tasks for the PF_ContentScans Job + +View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Content** > +**Collection** > **PF_ContentScans** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the PF_ContentScans Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/contentscansanalysis.webp) + +The following analysis task is selected by default: + +- Strip Replicas from Reports – Removes duplicates from reports diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/overview.md index a53493d82b..06508f76ca 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/overview.md @@ -3,11 +3,11 @@ The Growth and Size job group is comprised of data collection, analysis, and reports that focus on public folder sizing and growth. -![Growth and Size Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Growth and Size Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/jobstree.webp) The jobs in the Growth and Size job group are: -- [Collection > PF_FolderScans Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf-folderscans.md) – Comprised of data collection that focuses +- [Collection > PF_FolderScans Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf_folderscans.md) – Comprised of data collection that focuses on collecting sizing information for each public folder -- [PF_FolderSize Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf-foldersize.md) – Provides details related to public folder sizing and +- [PF_FolderSize Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf_foldersize.md) – Provides details related to public folder sizing and growth diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf-folderscans.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf-folderscans.md deleted file mode 100644 index 3f4dc1c327..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf-folderscans.md +++ /dev/null @@ -1,37 +0,0 @@ -# Collection > PF_FolderScans Job - -The PF_FolderScans job is comprised of data collection that focuses on collecting sizing information -for each public folder. - -![Collection > PF_FolderScans Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The PF_FolderScans job is located in the Collection job group. - -## Queries for the PF_FolderScans Job - -The PF_FolderScans job uses the ExchangePS Data Collector. - -![Queries for the PF_FolderScans Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansquery.webp) - -The following query is included in the PF_FolderScans Job: - -- PF Size & Msg Counts – Collects public folder size and message counts - - - By default set to search all public folders. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md#scope-the-exchangeps-data-collector) - topic for additional information - -## Analysis Tasks for the PF_FolderScans Job - -View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Growth and -Size** > **Collection** > **PF_FolderScans** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the PF_FolderScans Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp) - -The following analysis task is selected by default: - -- Strip Replicas from Reports – Removes duplicates from reports diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf-foldersize.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf-foldersize.md deleted file mode 100644 index d9c54722f0..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf-foldersize.md +++ /dev/null @@ -1,47 +0,0 @@ -# PF_FolderSize Job - -The PF_FolderSize job provides details related to public folder sizing and growth. - -## Analysis Tasks for the PF_FolderSize Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Growth and -Size** > **PF_FolderSize** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_FolderSize Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp) - -The following analysis tasks are selected by default: - -- 01.Create History Table – Creates the SA_PF_FolderSize_History table, accessible under the job’s - Results node -- 02.SET HISTORY RETENTION – Sets retention period in months - - - The default is 3 months. It can be modified. - - See the - [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#exchange-history-retention) - topic for additional information - -- 03.Latest Run Per Folder – Creates the SA_PF_FolderSize_Latest table, accessible under the job’s - Results node -- 04.30 Day Growth – Creates the SA_PF_FolderSize_Growth table, accessible under the job’s Results - node - -The following analysis task clears table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **00. Delete all Historical Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- 00.Delete all Historical Data - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the PF_FolderSize job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | ----------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | -| Public Folder Size and Growth | This report shows the largest public folders and percent change over 30 days. | None | This report is comprised of two elements: - Bar Chart – Displays largest public folders - Table – Provides details on largest public folders | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf_folderscans.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf_folderscans.md new file mode 100644 index 0000000000..fa540d8d81 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf_folderscans.md @@ -0,0 +1,37 @@ +# Collection > PF_FolderScans Job + +The PF_FolderScans job is comprised of data collection that focuses on collecting sizing information +for each public folder. + +![Collection > PF_FolderScans Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/collectionjobstree.webp) + +The PF_FolderScans job is located in the Collection job group. + +## Queries for the PF_FolderScans Job + +The PF_FolderScans job uses the ExchangePS Data Collector. + +![Queries for the PF_FolderScans Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/folderscansquery.webp) + +The following query is included in the PF_FolderScans Job: + +- PF Size & Msg Counts – Collects public folder size and message counts + + - By default set to search all public folders. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + +## Analysis Tasks for the PF_FolderScans Job + +View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Growth and +Size** > **Collection** > **PF_FolderScans** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the PF_FolderScans Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp) + +The following analysis task is selected by default: + +- Strip Replicas from Reports – Removes duplicates from reports diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf_foldersize.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf_foldersize.md new file mode 100644 index 0000000000..cb7403abcd --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/pf_foldersize.md @@ -0,0 +1,47 @@ +# PF_FolderSize Job + +The PF_FolderSize job provides details related to public folder sizing and growth. + +## Analysis Tasks for the PF_FolderSize Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Growth and +Size** > **PF_FolderSize** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_FolderSize Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp) + +The following analysis tasks are selected by default: + +- 01.Create History Table – Creates the SA_PF_FolderSize_History table, accessible under the job’s + Results node +- 02.SET HISTORY RETENTION – Sets retention period in months + + - The default is 3 months. It can be modified. + - See the + [Exchange History Retention](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#exchange-history-retention) + topic for additional information + +- 03.Latest Run Per Folder – Creates the SA_PF_FolderSize_Latest table, accessible under the job’s + Results node +- 04.30 Day Growth – Creates the SA_PF_FolderSize_Growth table, accessible under the job’s Results + node + +The following analysis task clears table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **00. Delete all Historical Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- 00.Delete all Historical Data + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the PF_FolderSize job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | ----------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | +| Public Folder Size and Growth | This report shows the largest public folders and percent change over 30 days. | None | This report is comprised of two elements: - Bar Chart – Displays largest public folders - Table – Provides details on largest public folders | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/overview.md index 8d81d996e8..c7fd326ac1 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/overview.md @@ -6,7 +6,7 @@ folder’s Most Probable Owner. The Most Probable Owner is a unique algorithm folder data collector that is determined based on folder ownership, content posted, and size of content posted. -![5.Public Folders Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![5.Public Folders Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/jobstree.webp) The following comprise the 5. Public Folders job group: @@ -19,7 +19,7 @@ The following comprise the 5. Public Folders job group: Probable Owner - [Permissions Job Group](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/overview.md) – Provides visibility into permissions applied to each public folder -- [PF_Overview Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/pf-overview.md) – Comprised of analysis and reports that provides a top level +- [PF_Overview Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/pf_overview.md) – Comprised of analysis and reports that provides a top level summary of each parent public folder and correlates information from the message tracking logs to identify the last time a public folder received mail @@ -27,4 +27,4 @@ The **5. Public Folders** > **Ownership** job group uses the ExchangePublicFolde collector. Therefore, it requires both Access Analyzer MAPI CDO and Microsoft Exchange MAPI CDO to be installed on the Access Analyzer Console server. Once these have been installed, the **Settings** > **Exchange** node must be configured for proper connection to the Exchange server. -See the [Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) topic for additional information. +See the [Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/overview.md index 92b388915d..c7154cb0e1 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/overview.md @@ -5,12 +5,12 @@ and most importantly the identification of each public folder's Most Probable O Probable Owner is a unique algorithm built into the public folder data collector that is determined based on folder ownership, content posted, and size of content posted. -![Ownership Job Group](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Ownership Job Group](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/jobstree.webp) The obs in the Ownership job group are: -- [Collection > PF_FolderOwnership Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf-folderownership.md) – Focuses on public folder sizing, +- [Collection > PF_FolderOwnership Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf_folderownership.md) – Focuses on public folder sizing, content aging, entitlement, ownership, and most importantly the identification of each public folder's Most Probable Owner -- [PF_Owners Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf-owners.md) – Comprised of analysis and reports that focus on public folder +- [PF_Owners Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf_owners.md) – Comprised of analysis and reports that focus on public folder ownership, and most importantly the identification of each public folder's Most Probable Owner diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf-folderownership.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf-folderownership.md deleted file mode 100644 index 816da5e59f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf-folderownership.md +++ /dev/null @@ -1,116 +0,0 @@ -# Collection > PF_FolderOwnership Job - -The PF_FolderOwnership job is comprised of data collection that focuses on collecting each public -folder’s owner and identifying the Most Probable Owner. The Most Probable Owner is a unique -algorithm built into the public folder data collector that is determined based on folder ownership, -content posted, and size of content posted. Modifications can be made to the data collector to -change the way the Most Probable Owner is determined. - -![Collection > PF_FolderOwnership Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The PF_FolderOwnership job is located in the Collection job group. - -## Queries for the PF_FolderOwnership Job - -The PF_FolderOwnership job uses the ExchangePublicFolder Data Collector. - -![Queries for the PF_FolderOwnership Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipquery.webp) - -The following queries are included in the PF_FolderOwnership job: - -- Probable Ownership – Collects and calculates probable owners - - - By default set to search all public folders. It can be scoped. - - See the - [Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job](#scope-the-exchangepublicfolder-data-collector-for-the-pf_folderownership-job) - topic for additional information - -- Assigned Ownership – Collects assigned owners - - - By default set to search all public folders. It can be scoped. - - Probable Owner Calculation can be modified - - See the - [Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job](#scope-the-exchangepublicfolder-data-collector-for-the-pf_folderownership-job) - topic for additional information - -### Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job - -The ExchangePublicFolder Data Collector can be scoped if desired. Follow the steps to modify the -query configuration. - -**NOTE:** These instructions include information on modifying the calculation used to determine -probable ownership. Step 5 is only applicable to the Probable Ownership Query in the -PF_FolderOwnership Job. - -**Step 1 –** Navigate to job’s **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query -Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Exchange Public Folder -Data Collector Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. - -![Exchange Public Folder Data Collector Wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) - -**Step 4 –** To modify the scope of the search, navigate to the Scope page. The scope is configured -using the following settings: - -- Choose Type of Public Folder to be queried – Select the type of public folder to be queried: - - - Default Public Folders – Select this option to access folders directly with client - applications such as Microsoft Outlook. In its default configuration, Exchange System Manager - displays these folders when a public folder tree is expanded. - - System Public Folders – Select this option to access folders that cannot be directly accessed. - Client applications, such as Microsoft Outlook, use these folders to store information such as - free and busy data, offline address lists, and organizational forms. Other folders hold - configuration information that is used by custom applications or by Exchange itself. The - Public Folders tree contains extra system folders, such as the EFORMS REGISTRY folder, that do - not exist in general-purpose public folder trees. - -- Choose Scope of Public Folders to be queried – Select a scoping option for public folders: - - - All Public Folders – Select this option to return all public folders within the targeted - environment - - Selected Public Folders – Select this option to return only those public folders specified on - the Scope page of the query - - Selected Table – Select this option to return only those public folders within the table and - field name specified on the Scope page of the query - - _Remember,_ the scoping options available vary based on the pre-defined query configurations. - -See the [ExchangePublicFolder: Scope](/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/scope.md) -topic for additional information. - -![Exchange Public Folder Data Collector Wizard Probable Owner Settings page](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp) - -**Step 5 –** To modify the probable owner calculation, navigate to the Probable Owner page. The -calculation is configured with the following defaults: - -- Determine Owner – Use custom weights – Allows customization of factors that determine returned - results -- Result weights – Customized when Use Custom Weights is selected under Determine Owner -- Output options – Configures the number of returned probable owners - -See the -[ExchangePublicFolder: Probable Owner](/docs/accessanalyzer/12.0/data-collection/exchange-public-folder/probable-owner.md) -topic for additional information. - -**Step 6 –** Navigate to the Summary page. Click **Finish**. - -The job applies the modification to future job executions. - -## Analysis Tasks for the PF_FolderOwnership Job - -View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Ownership** > -**Collection** > **PF_FolderOwnership** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the PF_FolderOwnership Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp) - -The following analysis task is selected by default: - -- Post Process Collection – Applies an index and removes replica duplicates diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf-owners.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf-owners.md deleted file mode 100644 index 6b5bb9c327..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf-owners.md +++ /dev/null @@ -1,31 +0,0 @@ -# PF_Owners Job - -The PF_Owners job is comprised of analysis and reports that focus on public folder ownership, and -most importantly the identification of each public folder's Most Probable Owner. The Most -Probable Owner is a unique algorithm built into the public folder data collector that is determined -based on folder ownership, content posted, and size of content posted. - -## Analysis Tasks for the PF_Owners Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Ownership** > -**PF_Owners** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_Owners Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/ownersanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Probable Owners – Creates the SA_PF_Ownership_ProbableOwners table, accessible under the job’s - Results node -- 01.ID rate by Root Folder – Creates the SA_PF_Ownership_SuccessRate table, accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the PF_Owners job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Identification Success (Probable Owner Identification Rate) | This report identifies folder trees with a high success rate of probable owners identified. This may help scope initial cleanup campaigns. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays probable owner identification success - Table – Provides details probable owner identification success | -| Probable Owners | This report identifies probable owners for all scanned folders. | None | This report is comprised of one element: - Table – Provides details on probable owners | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf_folderownership.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf_folderownership.md new file mode 100644 index 0000000000..9cd34cf548 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf_folderownership.md @@ -0,0 +1,116 @@ +# Collection > PF_FolderOwnership Job + +The PF_FolderOwnership job is comprised of data collection that focuses on collecting each public +folder’s owner and identifying the Most Probable Owner. The Most Probable Owner is a unique +algorithm built into the public folder data collector that is determined based on folder ownership, +content posted, and size of content posted. Modifications can be made to the data collector to +change the way the Most Probable Owner is determined. + +![Collection > PF_FolderOwnership Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/collectionjobstree.webp) + +The PF_FolderOwnership job is located in the Collection job group. + +## Queries for the PF_FolderOwnership Job + +The PF_FolderOwnership job uses the ExchangePublicFolder Data Collector. + +![Queries for the PF_FolderOwnership Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/folderownershipquery.webp) + +The following queries are included in the PF_FolderOwnership job: + +- Probable Ownership – Collects and calculates probable owners + + - By default set to search all public folders. It can be scoped. + - See the + [Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job](#scope-the-exchangepublicfolder-data-collector-for-the-pf_folderownership-job) + topic for additional information + +- Assigned Ownership – Collects assigned owners + + - By default set to search all public folders. It can be scoped. + - Probable Owner Calculation can be modified + - See the + [Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job](#scope-the-exchangepublicfolder-data-collector-for-the-pf_folderownership-job) + topic for additional information + +### Scope the ExchangePublicFolder Data Collector for the PF_FolderOwnership Job + +The ExchangePublicFolder Data Collector can be scoped if desired. Follow the steps to modify the +query configuration. + +**NOTE:** These instructions include information on modifying the calculation used to determine +probable ownership. Step 5 is only applicable to the Probable Ownership Query in the +PF_FolderOwnership Job. + +**Step 1 –** Navigate to job’s **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the query and click **Query Properties**. The Query +Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Exchange Public Folder +Data Collector Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. + +![Exchange Public Folder Data Collector Wizard Scope page](/img/product_docs/activitymonitor/config/activedirectory/scope.webp) + +**Step 4 –** To modify the scope of the search, navigate to the Scope page. The scope is configured +using the following settings: + +- Choose Type of Public Folder to be queried – Select the type of public folder to be queried: + + - Default Public Folders – Select this option to access folders directly with client + applications such as Microsoft Outlook. In its default configuration, Exchange System Manager + displays these folders when a public folder tree is expanded. + - System Public Folders – Select this option to access folders that cannot be directly accessed. + Client applications, such as Microsoft Outlook, use these folders to store information such as + free and busy data, offline address lists, and organizational forms. Other folders hold + configuration information that is used by custom applications or by Exchange itself. The + Public Folders tree contains extra system folders, such as the EFORMS REGISTRY folder, that do + not exist in general-purpose public folder trees. + +- Choose Scope of Public Folders to be queried – Select a scoping option for public folders: + + - All Public Folders – Select this option to return all public folders within the targeted + environment + - Selected Public Folders – Select this option to return only those public folders specified on + the Scope page of the query + - Selected Table – Select this option to return only those public folders within the table and + field name specified on the Scope page of the query + + _Remember,_ the scoping options available vary based on the pre-defined query configurations. + +See the [ExchangePublicFolder: Scope](/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scope.md) +topic for additional information. + +![Exchange Public Folder Data Collector Wizard Probable Owner Settings page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp) + +**Step 5 –** To modify the probable owner calculation, navigate to the Probable Owner page. The +calculation is configured with the following defaults: + +- Determine Owner – Use custom weights – Allows customization of factors that determine returned + results +- Result weights – Customized when Use Custom Weights is selected under Determine Owner +- Output options – Configures the number of returned probable owners + +See the +[ExchangePublicFolder: Probable Owner](/docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableowner.md) +topic for additional information. + +**Step 6 –** Navigate to the Summary page. Click **Finish**. + +The job applies the modification to future job executions. + +## Analysis Tasks for the PF_FolderOwnership Job + +View the analysis task by navigating to the **Exchange** > **5. Public Folders** > **Ownership** > +**Collection** > **PF_FolderOwnership** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the PF_FolderOwnership Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp) + +The following analysis task is selected by default: + +- Post Process Collection – Applies an index and removes replica duplicates diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf_owners.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf_owners.md new file mode 100644 index 0000000000..7f1d093552 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/pf_owners.md @@ -0,0 +1,31 @@ +# PF_Owners Job + +The PF_Owners job is comprised of analysis and reports that focus on public folder ownership, and +most importantly the identification of each public folder's Most Probable Owner. The Most +Probable Owner is a unique algorithm built into the public folder data collector that is determined +based on folder ownership, content posted, and size of content posted. + +## Analysis Tasks for the PF_Owners Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > **Ownership** > +**PF_Owners** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_Owners Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/ownersanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Probable Owners – Creates the SA_PF_Ownership_ProbableOwners table, accessible under the job’s + Results node +- 01.ID rate by Root Folder – Creates the SA_PF_Ownership_SuccessRate table, accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the PF_Owners job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Identification Success (Probable Owner Identification Rate) | This report identifies folder trees with a high success rate of probable owners identified. This may help scope initial cleanup campaigns. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays probable owner identification success - Table – Provides details probable owner identification success | +| Probable Owners | This report identifies probable owners for all scanned folders. | None | This report is comprised of one element: - Table – Provides details on probable owners | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/overview.md index 45e4698df4..614193e98d 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/overview.md @@ -2,11 +2,11 @@ The Permissions job group provides visibility into permissions applied to each public folder. -![Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/jobstree.webp) The jobs in the Permissions job group are: -- [Collection > PF_EntitlementScans Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf-entitlementscans.md) – Comprised of data collection that +- [Collection > PF_EntitlementScans Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf_entitlementscans.md) – Comprised of data collection that focuses on public folder permissions -- [PF_Entitlements Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf-entitlements.md) – Comprised of analyses and reports that provide +- [PF_Entitlements Job](/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf_entitlements.md) – Comprised of analyses and reports that provide visibility into permissions applied to each public folder within the Exchange environment diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf-entitlements.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf-entitlements.md deleted file mode 100644 index 41990972f8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf-entitlements.md +++ /dev/null @@ -1,37 +0,0 @@ -# PF_Entitlements Job - -The PF_Entitlements job is comprised of analyses and reports that provide visibility into -permissions applied to each public folder within the Exchange environment. - -## Analysis Tasks for the PF_Entitlements Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > -**Permissions** > **PF_Entitlements** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_EntitlementScans Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Default + Anonymous ACLs – Creates the SA_PF_Entitlements_DefaultAnonymous table accessible - under the job’s Results node -- 01.No Explicit Permissions – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 02.Stale User Entitlements – Creates the SA_PF_Entitlements_StaleUserEntitlements table, - accessible under the job’s Results node -- 03.Unresolved SID Summary – Creates the SA_PF_Entitlements_UnresolvedSIDSummary table, accessible - under the job’s Results node -- 04.Unresolved SIDs – Creates the SA_PF_Entitlements_UnresolvedSIDDetails table, accessible under - the job’s Results node -- AIC Import - PF Entitlements – Imports public folder entitlements to the Access Information Center - -In addition to the tables and views created by the analysis tasks, the PF_Entitlements job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Default and Anonymous Entitlement | Indicates entitlements that are explicitly assigned to the default or anonymous accounts across all public folders. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays folder trees by default and anonymous entitlements - Table – Provides details on folder trees by default and anonymous entitlements | -| No Explicit Permissions (Leaf Folders with No Explicit Perms) | Provides all leaf Public Folders that only have Default, Anonymous, or unresolved SIDs as the explicit permissions, and have no child folders. These can potentially be deleted since they may not be accessed by active users. | None | This report is comprised of three elements: - Bar Chart – Displays percent of enterprises with issues - Table – Provides details on percent of enterprises with issues - Table – Provides details on folders with no explicit permissions | -| Unresolved SIDs (Unresolved SID Entitlements) | This report identifies any places where unresolved SIDs have been given entitlements. | None | This report is comprised of two elements: - Bar Chart – Displays top level trees by unresolved entitlements - Table – Provides details on top level trees by unresolved entitlements | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf-entitlementscans.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf-entitlementscans.md deleted file mode 100644 index c23ac1ff96..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf-entitlementscans.md +++ /dev/null @@ -1,39 +0,0 @@ -# Collection > PF_EntitlementScans Job - -The PF_EntitlementScans job is comprised of data collection that focuses on public folder -permissions. - -![Collection > PF_EntitlementScans Job](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The PF_EntitlementScans job is located in the Collection job group. - -## Queries for the PF_EntitlementScans Job - -The PF_EntitlementScans job uses the ExchangePS Data Collector. - -![Queries for the PF_EntitlementScans Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp) - -The following query is included in the PF_EntitlementScans job: - -- Public Folder Permissions – Collects public folder permissions - - - By default set to search all public folders. It can be scoped. - - See the - [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex-aspolicies.md#scope-the-exchangeps-data-collector) - topic for additional information - -## Analysis Tasks for the PF_EntitlementScans Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > -**Permissions** > **Collection** > **PF_EntitlementScans** > **Configure** node and select -**Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_EntitlementScans Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp) - -The following analysis tasks are selected by default: - -- Compress and Index Collection – Compresses and indexes the collection -- Strip Replicas from Reports – Updates table to remove replicas diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf_entitlements.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf_entitlements.md new file mode 100644 index 0000000000..09bcc8c50a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf_entitlements.md @@ -0,0 +1,37 @@ +# PF_Entitlements Job + +The PF_Entitlements job is comprised of analyses and reports that provide visibility into +permissions applied to each public folder within the Exchange environment. + +## Analysis Tasks for the PF_Entitlements Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > +**Permissions** > **PF_Entitlements** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_EntitlementScans Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Default + Anonymous ACLs – Creates the SA_PF_Entitlements_DefaultAnonymous table accessible + under the job’s Results node +- 01.No Explicit Permissions – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 02.Stale User Entitlements – Creates the SA_PF_Entitlements_StaleUserEntitlements table, + accessible under the job’s Results node +- 03.Unresolved SID Summary – Creates the SA_PF_Entitlements_UnresolvedSIDSummary table, accessible + under the job’s Results node +- 04.Unresolved SIDs – Creates the SA_PF_Entitlements_UnresolvedSIDDetails table, accessible under + the job’s Results node +- AIC Import - PF Entitlements – Imports public folder entitlements to the Access Information Center + +In addition to the tables and views created by the analysis tasks, the PF_Entitlements job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Default and Anonymous Entitlement | Indicates entitlements that are explicitly assigned to the default or anonymous accounts across all public folders. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays folder trees by default and anonymous entitlements - Table – Provides details on folder trees by default and anonymous entitlements | +| No Explicit Permissions (Leaf Folders with No Explicit Perms) | Provides all leaf Public Folders that only have Default, Anonymous, or unresolved SIDs as the explicit permissions, and have no child folders. These can potentially be deleted since they may not be accessed by active users. | None | This report is comprised of three elements: - Bar Chart – Displays percent of enterprises with issues - Table – Provides details on percent of enterprises with issues - Table – Provides details on folders with no explicit permissions | +| Unresolved SIDs (Unresolved SID Entitlements) | This report identifies any places where unresolved SIDs have been given entitlements. | None | This report is comprised of two elements: - Bar Chart – Displays top level trees by unresolved entitlements - Table – Provides details on top level trees by unresolved entitlements | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf_entitlementscans.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf_entitlementscans.md new file mode 100644 index 0000000000..2b119666fa --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/pf_entitlementscans.md @@ -0,0 +1,39 @@ +# Collection > PF_EntitlementScans Job + +The PF_EntitlementScans job is comprised of data collection that focuses on public folder +permissions. + +![Collection > PF_EntitlementScans Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/collectionjobstree.webp) + +The PF_EntitlementScans job is located in the Collection job group. + +## Queries for the PF_EntitlementScans Job + +The PF_EntitlementScans job uses the ExchangePS Data Collector. + +![Queries for the PF_EntitlementScans Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp) + +The following query is included in the PF_EntitlementScans job: + +- Public Folder Permissions – Collects public folder permissions + + - By default set to search all public folders. It can be scoped. + - See the + [Scope the ExchangePS Data Collector](/docs/accessanalyzer/12.0/solutions/exchange/casmetrics/ex_aspolicies.md#scope-the-exchangeps-data-collector) + topic for additional information + +## Analysis Tasks for the PF_EntitlementScans Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > +**Permissions** > **Collection** > **PF_EntitlementScans** > **Configure** node and select +**Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_EntitlementScans Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp) + +The following analysis tasks are selected by default: + +- Compress and Index Collection – Compresses and indexes the collection +- Strip Replicas from Reports – Updates table to remove replicas diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/pf-overview.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/pf-overview.md deleted file mode 100644 index 23f95c9c62..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/pf-overview.md +++ /dev/null @@ -1,30 +0,0 @@ -# PF_Overview Job - -The PF_Overview job is comprised of analyses and reports that provide a top level summary of each -parent public folder and correlates information from the message tracking logs to identify the last -time a public folder received mail. - -## Analysis Tasks for the PF_Overview Job - -View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > -**PF_Overview** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the PF_Overview Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/overviewanalysis.webp) - -The following analysis tasks are selected by default: - -- 00.Top Level Folder Summary – Creates the SA_PF_Overview_TopLevelRollup table, accessible under - the job’s Results node -- 01.Public Folders Message Traffic – Creates the SA_PF_Overview_ExchangeTraffic table, accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the PF_Overview job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | --------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Public Folder Mail Traffic | This report shows which mail-enabled public folders have mail traffic. | None | This report is comprised of two elements: - Bar Chart – Displays oldest public folders - Table – Provides details on oldest public folders | -| Public Folder Summary | This report shows where data is concentrated within the public folder environment, sorted by the largest top-level folders. | None | This report is comprised of three elements: - Bar Chart – Displays public folder environment - Table – Provides details largest public folder trees - Table – Provides details on the public folder environment | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/pf_overview.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/pf_overview.md new file mode 100644 index 0000000000..374d642e18 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/pf_overview.md @@ -0,0 +1,30 @@ +# PF_Overview Job + +The PF_Overview job is comprised of analyses and reports that provide a top level summary of each +parent public folder and correlates information from the message tracking logs to identify the last +time a public folder received mail. + +## Analysis Tasks for the PF_Overview Job + +View the analysis tasks by navigating to the **Exchange** > **5. Public Folders** > +**PF_Overview** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the PF_Overview Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/overviewanalysis.webp) + +The following analysis tasks are selected by default: + +- 00.Top Level Folder Summary – Creates the SA_PF_Overview_TopLevelRollup table, accessible under + the job’s Results node +- 01.Public Folders Message Traffic – Creates the SA_PF_Overview_ExchangeTraffic table, accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the PF_Overview job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | --------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Public Folder Mail Traffic | This report shows which mail-enabled public folders have mail traffic. | None | This report is comprised of two elements: - Bar Chart – Displays oldest public folders - Table – Provides details on oldest public folders | +| Public Folder Summary | This report shows where data is concentrated within the public folder environment, sorted by the largest top-level folders. | None | This report is comprised of three elements: - Bar Chart – Displays public folder environment - Table – Provides details largest public folder trees - Table – Provides details on the public folder environment | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/recommended.md b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/recommended.md index ed3acce114..523a691a45 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/publicfolders/recommended.md @@ -15,8 +15,8 @@ The following job groups need to be successfully run: - .Entra ID Inventory Job Group - Exchange > 1. HUB Metrics Job Group (Optional) - - Provides data on public folder metrics for on-premises Exchange environments and the last time - a distribution list received mail + - Provides data on public folder metrics for on-premises Exchange environments and the last time + a distribution list received mail Targeted Hosts @@ -30,30 +30,30 @@ list: - For Exchange 2010 or 2013 – Assign a single host from the 2010/2013 environment - - This can be assigned at the Collection job group level if the host has been added to a custom - host list - - This can be assigned at the **Collection** > **PF_FolderOwnership** job level by adding the - individual host at the **Configure** > **Hosts** node + - This can be assigned at the Collection job group level if the host has been added to a custom + host list + - This can be assigned at the **Collection** > **PF_FolderOwnership** job level by adding the + individual host at the **Configure** > **Hosts** node - **NOTE:** The target host should be set to an on-premises Exchange server. Exchange Online is - not support. + **NOTE:** The target host should be set to an on-premises Exchange server. Exchange Online is + not support. Connection Profile A Connection Profile must be set directly on the collection jobs. See the -[Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/powershell.md) topic for +[Exchange PowerShell Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/powershell.md) topic for credential requirements and assign the Connection Profile to the following jobs: - **Content** > **Collection** > **PF_ContentScans** Job - **Growth and Size** > **Collection** > **PF_FolderScans** Job - **Permissions** > **Collection** > **PF_EntitlementScans** Job -See the [MAPI-Based Data Collector Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/mapi.md) +See the [MAPI-Based Data Collector Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/mapi.md) topic for credential requirements and assign the Connection Profile to the following job: - **Ownership** > **Collection** > **PF_FolderOwnership** Job -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency diff --git a/docs/accessanalyzer/12.0/solutions/exchange/recommended.md b/docs/accessanalyzer/12.0/solutions/exchange/recommended.md index 1332724e0a..131c2e1c3d 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/recommended.md @@ -22,11 +22,11 @@ configured with a web address instead of a CAS. **Exchange** node) - Exchange 2013 & 2016 – May require a CAS name set in the ExchangePS Data Collector configuration: - - If the **Settings** > **Exchange** node was configured for **MAPI over HTTP**, then a CAS - server name was supplied and that is used by the ExchangePS Data Collector - - If the **Settings** > **Exchange** node was configured for **MAPI over HTTPS**, then the - global configuration has a web address instead of an actual server. Therefore, each query - requires the CAS server to be set as the specific server on the Category page. + - If the **Settings** > **Exchange** node was configured for **MAPI over HTTP**, then a CAS + server name was supplied and that is used by the ExchangePS Data Collector + - If the **Settings** > **Exchange** node was configured for **MAPI over HTTPS**, then the + global configuration has a web address instead of an actual server. Therefore, each query + requires the CAS server to be set as the specific server on the Category page. Follow the steps to supply a CAS name for data collection. @@ -41,11 +41,11 @@ Wizard opens. **CAUTION:** Unless otherwise indicated within the job group section, do not make changes to other wizard pages as they have been pre-configured for the purpose of the job. -![CAS name on ExchangePS Data Collector Wizard Category page](/img/product_docs/accessanalyzer/solutions/exchange/exchangepscas.webp) +![CAS name on ExchangePS Data Collector Wizard Category page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/exchangepscas.webp) **Step 4 –** On the Category page, select the **Use specific server** option and enter the CAS name in the text box. See the -[ExchangePS: Category](/docs/accessanalyzer/12.0/data-collection/exchange-ps/category.md) topic for additional +[ExchangePS: Category](/docs/accessanalyzer/12.0/admin/datacollector/exchangeps/category.md) topic for additional information. **Step 5 –** Navigate to the Summary page. Click **Finish**. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex-mailbox-sdd.md b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex-mailbox-sdd.md deleted file mode 100644 index 3ac5e89017..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex-mailbox-sdd.md +++ /dev/null @@ -1,119 +0,0 @@ -# EX_Mailbox_SDD Job - -The EX_Mailbox_SDD job locates sensitive data found in mailboxes in the Exchange environment. - -## Queries for the EX_Mailbox_SDD Job - -The EX_Mailbox_SDD job uses the EWSMailbox Data Collector. - -![Queries for the EX_Mailbox_SDD Job](/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp) - -The following query is included in the EX_Mailbox_SDD job: - -- Exchange Sensitive Data Discovery – Collects potentially-sensitive data from mailboxes - - - Set to search all mailboxes. It can be scoped. - - Default sensitive data criteria includes: - - - Birth Records - - Credit Cards - - Passwords - - Tax Forms - - US SSN - -- See the - [Configure the EWSMailbox Data Collector for the EX_Mailbox_SDD Job](#configure-the-ewsmailbox-data-collector-for-the-ex_mailbox_sdd-job) - topic for additional information - -### Configure the EWSMailbox Data Collector for the EX_Mailbox_SDD Job - -The Exchange Sensitive Data Discovery query has been preconfigured to run with the EWSMailbox Data -Collector to scan for sensitive data. - -Follow the steps to configure the scope of the EWSMailbox Data Collector: - -**Step 1 –** Navigate to the **Exchange** > **7. Sensitive Data** > **0. Collection** > -**EX_Mailbox_SDD** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the **Exchange Sensitive Data Discovery** query and -click **Query Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The EWS Mailbox Data Collector -Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![EWS Mailbox Data Collector Wizard Mailbox scope settings page](/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp) - -**Step 4 –** To scope the query for specific mailboxes, navigate to the Scope page. The query is -configured by default to target **All mailboxes**. Change the Mailboxes to be queried to **Select -mailboxes from list**. See the -[EWSMailbox: Scope](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope.md) topic for additional -information. - -![EWS Mailbox Data Collector Wizard Scope select page](/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp) - -**Step 5 –** To retrieve available mailboxes, click **Retrieve** on the Scope Select page. Select -the desired mailboxes and click **Add**. See the -[EWSMailbox: Scope Select](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/scope-select.md) topic for -additional information. - -![EWS Mailbox Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp) - -**Step 6 –** To enable storage of discovered sensitive data, navigate to the SDD Options page. -Sensitive data matches can be limited to reduce storage space. See the -[EWSMailbox: SDD Options](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/sdd-options.md) topic for -additional information. - -**NOTE:** By default, discovered sensitive data strings are not stored in the Access Analyzer -database. - -![EWS Mailbox Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -**Step 7 –** To modify criteria, navigate to the Criteria page. Add or remove criteria as desired. -See the [EWSMailbox: Criteria](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/criteria.md) topic for -additional information. - -- (Optional) To create custom criteria, see the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) - topic for additional information - -![EWS Mailbox Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp) - -**Step 8 –** To filter the scan to specific mailbox folders, navigate to the Filter page. Include or -exclude folders and attachments as desired. See the -[EWSMailbox Data Collector](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/overview.md) topic for -additional information. - -- To modify the threshold for message size, set the **Limit message size to** value as desired. The - default is 2000 KB. -- To modify the threshold for large attachment size, set the **Limit attachment size to** value as - desired. The default is 2000 KB. - -![EWS Mailbox Data Collector Wizard Results page](/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxresults.webp) - -**Step 9 –** Navigate to the Results page to select which properties are gathered based on category. -See the [EWSMailbox: Results](/docs/accessanalyzer/12.0/data-collection/ews-mailbox/results.md) topic for -additional information. - -**NOTE:** By default, all categories are selected under sensitive data. - -**Step 10 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window - -The job now applies the modification to future job executions. - -## Analysis Tasks for the EX_Mailbox_SDD Job - -View the analysis task by navigating to the **Exchange** > **7.Sensitive Data** > -**EX_Mailbox_SDD** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the EX_Mailbox_SDD Job](/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp) - -The following analysis task is selected by default: - -- AIC Import - Exchange SSD – Imports Exchange sensitive data to the Access Information Center diff --git a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex-publicfolder-sdd.md b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex-publicfolder-sdd.md deleted file mode 100644 index 9af307df47..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex-publicfolder-sdd.md +++ /dev/null @@ -1,88 +0,0 @@ -# EX_PublicFolder_SDD Job - -The EX_PublicFolder_SDD job locates sensitive data found in public folders in the Exchange -environment. - -## Queries for the EX_PublicFolder_SDD Job - -The EX_PublicFolder_SDD job uses the EWSPublicFolder Data Collector. - -![Queries for the EX_PublicFolder_SDD Job](/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp) - -The following query is included in the EX_PublicFolder_SDD job: - -- Exchange Sensitive Data Discovery – Scans Exchange public folders for specified sensitive data - - - Set to search all public folders. It can be scoped. - - Default sensitive data criteria includes: - - - Birth Records - - Credit Cards - - Passwords - - Tax Forms - - US SSN - - - See the [Configure the EX_PublicFolder_SDD Query](#configure-the-ex_publicfolder_sdd-query) - topic for additional information - -### Configure the EX_PublicFolder_SDD Query - -The Exchange Sensitive Data Discovery query has been preconfigured to run with the EWSPublicFolder -Data Collector to scan for sensitive data. - -**Step 1 –** Navigate to the **Exchange** > **7. Sensitive Data** > **0. Collection** > -**EX_EWSPublicFolder_SDD** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select **Exchange Sensitive Data Discovery** and click -**Query Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The EWS Public Folder Data -Collector Wizard opens. - -**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. - -![EWS Public Folder Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp) - -**Step 4 –** To enable storage of discovered sensitive data, navigate to the SDD Options page. -Sensitive data matches can be limited to reduce storage space. See the -[EWSPublicFolder: SDD Options](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/sdd-options.md) topic -for additional information. - -**NOTE:** By default, discovered sensitive data strings are not stored in the Access Analyzer -database. - -![EWS Public Folder Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) - -**Step 5 –** To modify criteria, navigate to the Criteria page. Add or remove criteria as desired. -See the [EWSPublicFolder: Critieria](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/criteria.md) -topic for additional information. - -- (Optional) To create custom criteria, see the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) - topic for additional information - -![EWS Public Folder Data Collector Wizard Filter Settings page](/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp) - -**Step 6 –** To filter the scan to specific mailbox folders, navigate to the Filter page. Include or -exclude folders and attachments as desired. See the -[EWSPublicFolder: Filter](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/filter.md) topic for -additional information. - -- To modify the threshold for message size, set the **Limit message size to** value as desired. The - default is 2000 KB. -- To modify the threshold for large attachment size, set the **Limit attachment size to** value as - desired. The default is 2000 KB. - -![EWS Public Folder Data Collector Wizard Results page](/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderresults.webp) - -**Step 7 –** To select which properties are gathered based on category, navigate to the Results -page.  See the -[EWSPublicFolder: Results](/docs/accessanalyzer/12.0/data-collection/ews-public-folder/results.md) topic for -additional information. - -**NOTE:** By default, all categories are selected under sensitive data. - -**Step 8 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window - -The job applies the modification to future job executions. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex_mailbox_sdd.md b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex_mailbox_sdd.md new file mode 100644 index 0000000000..ffe5706f7b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex_mailbox_sdd.md @@ -0,0 +1,119 @@ +# EX_Mailbox_SDD Job + +The EX_Mailbox_SDD job locates sensitive data found in mailboxes in the Exchange environment. + +## Queries for the EX_Mailbox_SDD Job + +The EX_Mailbox_SDD job uses the EWSMailbox Data Collector. + +![Queries for the EX_Mailbox_SDD Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp) + +The following query is included in the EX_Mailbox_SDD job: + +- Exchange Sensitive Data Discovery – Collects potentially-sensitive data from mailboxes + + - Set to search all mailboxes. It can be scoped. + - Default sensitive data criteria includes: + + - Birth Records + - Credit Cards + - Passwords + - Tax Forms + - US SSN + +- See the + [Configure the EWSMailbox Data Collector for the EX_Mailbox_SDD Job](#configure-the-ewsmailbox-data-collector-for-the-ex_mailbox_sdd-job) + topic for additional information + +### Configure the EWSMailbox Data Collector for the EX_Mailbox_SDD Job + +The Exchange Sensitive Data Discovery query has been preconfigured to run with the EWSMailbox Data +Collector to scan for sensitive data. + +Follow the steps to configure the scope of the EWSMailbox Data Collector: + +**Step 1 –** Navigate to the **Exchange** > **7. Sensitive Data** > **0. Collection** > +**EX_Mailbox_SDD** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the **Exchange Sensitive Data Discovery** query and +click **Query Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The EWS Mailbox Data Collector +Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![EWS Mailbox Data Collector Wizard Mailbox scope settings page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp) + +**Step 4 –** To scope the query for specific mailboxes, navigate to the Scope page. The query is +configured by default to target **All mailboxes**. Change the Mailboxes to be queried to **Select +mailboxes from list**. See the +[EWSMailbox: Scope](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scope.md) topic for additional +information. + +![EWS Mailbox Data Collector Wizard Scope select page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp) + +**Step 5 –** To retrieve available mailboxes, click **Retrieve** on the Scope Select page. Select +the desired mailboxes and click **Add**. See the +[EWSMailbox: Scope Select](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scopeselect.md) topic for +additional information. + +![EWS Mailbox Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/sddoptions.webp) + +**Step 6 –** To enable storage of discovered sensitive data, navigate to the SDD Options page. +Sensitive data matches can be limited to reduce storage space. See the +[EWSMailbox: SDD Options](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/sddoptions.md) topic for +additional information. + +**NOTE:** By default, discovered sensitive data strings are not stored in the Access Analyzer +database. + +![EWS Mailbox Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.webp) + +**Step 7 –** To modify criteria, navigate to the Criteria page. Add or remove criteria as desired. +See the [EWSMailbox: Criteria](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.md) topic for +additional information. + +- (Optional) To create custom criteria, see the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information + +![EWS Mailbox Data Collector Wizard Filter page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp) + +**Step 8 –** To filter the scan to specific mailbox folders, navigate to the Filter page. Include or +exclude folders and attachments as desired. See the +[EWSMailbox Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/overview.md) topic for +additional information. + +- To modify the threshold for message size, set the **Limit message size to** value as desired. The + default is 2000 KB. +- To modify the threshold for large attachment size, set the **Limit attachment size to** value as + desired. The default is 2000 KB. + +![EWS Mailbox Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxresults.webp) + +**Step 9 –** Navigate to the Results page to select which properties are gathered based on category. +See the [EWSMailbox: Results](/docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/results.md) topic for +additional information. + +**NOTE:** By default, all categories are selected under sensitive data. + +**Step 10 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window + +The job now applies the modification to future job executions. + +## Analysis Tasks for the EX_Mailbox_SDD Job + +View the analysis task by navigating to the **Exchange** > **7.Sensitive Data** > +**EX_Mailbox_SDD** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the EX_Mailbox_SDD Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp) + +The following analysis task is selected by default: + +- AIC Import - Exchange SSD – Imports Exchange sensitive data to the Access Information Center diff --git a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex_publicfolder_sdd.md b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex_publicfolder_sdd.md new file mode 100644 index 0000000000..a426e326ad --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex_publicfolder_sdd.md @@ -0,0 +1,88 @@ +# EX_PublicFolder_SDD Job + +The EX_PublicFolder_SDD job locates sensitive data found in public folders in the Exchange +environment. + +## Queries for the EX_PublicFolder_SDD Job + +The EX_PublicFolder_SDD job uses the EWSPublicFolder Data Collector. + +![Queries for the EX_PublicFolder_SDD Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp) + +The following query is included in the EX_PublicFolder_SDD job: + +- Exchange Sensitive Data Discovery – Scans Exchange public folders for specified sensitive data + + - Set to search all public folders. It can be scoped. + - Default sensitive data criteria includes: + + - Birth Records + - Credit Cards + - Passwords + - Tax Forms + - US SSN + + - See the [Configure the EX_PublicFolder_SDD Query](#configure-the-ex_publicfolder_sdd-query) + topic for additional information + +### Configure the EX_PublicFolder_SDD Query + +The Exchange Sensitive Data Discovery query has been preconfigured to run with the EWSPublicFolder +Data Collector to scan for sensitive data. + +**Step 1 –** Navigate to the **Exchange** > **7. Sensitive Data** > **0. Collection** > +**EX_EWSPublicFolder_SDD** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select **Exchange Sensitive Data Discovery** and click +**Query Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The EWS Public Folder Data +Collector Wizard opens. + +**CAUTION:** Do not modify other wizard pages. The wizard pages are pre-configured for this job. + +![EWS Public Folder Data Collector Wizard SDD Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/sddoptions.webp) + +**Step 4 –** To enable storage of discovered sensitive data, navigate to the SDD Options page. +Sensitive data matches can be limited to reduce storage space. See the +[EWSPublicFolder: SDD Options](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/sddoptions.md) topic +for additional information. + +**NOTE:** By default, discovered sensitive data strings are not stored in the Access Analyzer +database. + +![EWS Public Folder Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.webp) + +**Step 5 –** To modify criteria, navigate to the Criteria page. Add or remove criteria as desired. +See the [EWSPublicFolder: Critieria](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/critieria.md) +topic for additional information. + +- (Optional) To create custom criteria, see the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) + topic for additional information + +![EWS Public Folder Data Collector Wizard Filter Settings page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp) + +**Step 6 –** To filter the scan to specific mailbox folders, navigate to the Filter page. Include or +exclude folders and attachments as desired. See the +[EWSPublicFolder: Filter](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filter.md) topic for +additional information. + +- To modify the threshold for message size, set the **Limit message size to** value as desired. The + default is 2000 KB. +- To modify the threshold for large attachment size, set the **Limit attachment size to** value as + desired. The default is 2000 KB. + +![EWS Public Folder Data Collector Wizard Results page](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/publicfolderresults.webp) + +**Step 7 –** To select which properties are gathered based on category, navigate to the Results +page.  See the +[EWSPublicFolder: Results](/docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/results.md) topic for +additional information. + +**NOTE:** By default, all categories are selected under sensitive data. + +**Step 8 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window + +The job applies the modification to future job executions. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/overview.md index 688bb85388..872189b2e6 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/overview.md @@ -3,10 +3,10 @@ The 0.Collection job group locates sensitive data found in mailboxes and public folders in the Exchange environment. -![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/collectionjobstree.webp) The jobs in the 0.Collection job group are: -- [EX_Mailbox_SDD Job](/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex-mailbox-sdd.md) – Collects potentially sensitive data in mailboxes -- [EX_PublicFolder_SDD Job](/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex-publicfolder-sdd.md) – Collects potentially sensitive data in public +- [EX_Mailbox_SDD Job](/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex_mailbox_sdd.md) – Collects potentially sensitive data in mailboxes +- [EX_PublicFolder_SDD Job](/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/ex_publicfolder_sdd.md) – Collects potentially sensitive data in public folders diff --git a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/ex-sddresults.md b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/ex-sddresults.md deleted file mode 100644 index 01eccf12a4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/ex-sddresults.md +++ /dev/null @@ -1,50 +0,0 @@ -# EX_SDDResults Job - -The EX_SDDResults job contains analyses and reports to provide insight into the types of sensitive -data that is located within Exchange mailboxes and public folders within the environment. - -## Analysis Tasks for the EX_SDDResults Job - -View the analysis tasks by navigating to the **Exchange** > **7. Sensitive Data** > -**EX_SDDResults** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the EX_SDDResults Job](/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/sddresultsanalysis.webp) - -The following analysis tasks are selected by default: - -- Mailbox Details – Creates the EX_SDDResults_MailboxDetails table, accessible under the job’s - Results node. Provides details regarding the number of matches that are found per item in each - mailbox. -- Mailbox Summary – Creates the EX_SDDResults_MailboxSummary table, accessible under the job’s - Results node. Summarizes the items found with matches. -- Public Folder Details – Creates the EX_SDDResults_PublicFolderDetails table, accessible under the - job’s Result node. Provides details regarding the number of matches that are found per item in - each public folder. -- Public Folder Mailstore Summary – Creates the EX_SDDResults_PublicFolderSummary table, accessible - under the job’s Results node. Summarizes the items found with matches. -- Enterprise Summary – Creates the EX_SDDResults_EnterpriseSummary table, accessible under the job’s - Results node. Summarizes the type and amount of sensitive content found in the environment. - -The following analysis task deletes table data from data collection and analysis jobs. This analysis -task should remain cleared unless specifically needed: - -**CAUTION:** Do not select the **Deletes all Stored Data** option. This analysis task is for -troubleshooting and cleanup only. Data will be deleted from the database. - -- Deletes all Stored Data - LEAVE UNCHECKED – Clears all historical SDD data - - - See the - [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex-metricscollection.md#troubleshooting-data-collection) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the EX_SDDResults Job produces -the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary (Sensitive Content) | This report identifies the type and amount of sensitive content found in scanned mailboxes. | None | This report is comprised of two elements: - Bar Chart – Displays exceptions by item count - Table – Provides a criteria summary | -| Mailbox Details (Mailboxes with Sensitive Content) | This report identifies the mailboxes containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top mailboxes by sensitive item count - Table – Provides mailbox details - Table – Provides details on top mailboxes by sensitive item count | -| Public Folder Details (Public Folders with Sensitive Content) | This report identifies the public folders containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top folders by sensitive data item count - Table – Provides public folder details - Table – Provides details on top folders by sensitive item count | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/ex_sddresults.md b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/ex_sddresults.md new file mode 100644 index 0000000000..d199b6b082 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/ex_sddresults.md @@ -0,0 +1,50 @@ +# EX_SDDResults Job + +The EX_SDDResults job contains analyses and reports to provide insight into the types of sensitive +data that is located within Exchange mailboxes and public folders within the environment. + +## Analysis Tasks for the EX_SDDResults Job + +View the analysis tasks by navigating to the **Exchange** > **7. Sensitive Data** > +**EX_SDDResults** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the EX_SDDResults Job](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/sddresultsanalysis.webp) + +The following analysis tasks are selected by default: + +- Mailbox Details – Creates the EX_SDDResults_MailboxDetails table, accessible under the job’s + Results node. Provides details regarding the number of matches that are found per item in each + mailbox. +- Mailbox Summary – Creates the EX_SDDResults_MailboxSummary table, accessible under the job’s + Results node. Summarizes the items found with matches. +- Public Folder Details – Creates the EX_SDDResults_PublicFolderDetails table, accessible under the + job’s Result node. Provides details regarding the number of matches that are found per item in + each public folder. +- Public Folder Mailstore Summary – Creates the EX_SDDResults_PublicFolderSummary table, accessible + under the job’s Results node. Summarizes the items found with matches. +- Enterprise Summary – Creates the EX_SDDResults_EnterpriseSummary table, accessible under the job’s + Results node. Summarizes the type and amount of sensitive content found in the environment. + +The following analysis task deletes table data from data collection and analysis jobs. This analysis +task should remain cleared unless specifically needed: + +**CAUTION:** Do not select the **Deletes all Stored Data** option. This analysis task is for +troubleshooting and cleanup only. Data will be deleted from the database. + +- Deletes all Stored Data - LEAVE UNCHECKED – Clears all historical SDD data + + - See the + [Troubleshooting Data Collection](/docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/ex_metricscollection.md#troubleshooting-data-collection) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the EX_SDDResults Job produces +the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary (Sensitive Content) | This report identifies the type and amount of sensitive content found in scanned mailboxes. | None | This report is comprised of two elements: - Bar Chart – Displays exceptions by item count - Table – Provides a criteria summary | +| Mailbox Details (Mailboxes with Sensitive Content) | This report identifies the mailboxes containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top mailboxes by sensitive item count - Table – Provides mailbox details - Table – Provides details on top mailboxes by sensitive item count | +| Public Folder Details (Public Folders with Sensitive Content) | This report identifies the public folders containing sensitive data. | None | This report is comprised of three elements: - Bar Chart – Displays top folders by sensitive data item count - Table – Provides public folder details - Table – Provides details on top folders by sensitive item count | diff --git a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/overview.md b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/overview.md index e9104e1e5a..398f89b1e7 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/overview.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/overview.md @@ -3,7 +3,7 @@ The 7. Sensitive Data job group is comprised of jobs which locate sensitive data found in mailboxes and public folders in the Exchange environment. -![7.Sensitive Data Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![7.Sensitive Data Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/jobstree.webp) The following comprise the 7. Sensitive Data job group: @@ -11,12 +11,12 @@ The following comprise the 7. Sensitive Data job group: - [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/overview.md) – Locates sensitive data found in mailboxes and public folders in the Exchange environment -- [EX_SDDResults Job](/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/ex-sddresults.md) – Contains analyses and reports to provide insight into the +- [EX_SDDResults Job](/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/ex_sddresults.md) – Contains analyses and reports to provide insight into the types of sensitive data that was located within Exchange mailboxes and public folders within the environment The 7. Sensitive Data job group is comprised of jobs that utilize the EWSMailbox and EWSPublicFolder Data Collectors to locate sensitive data found in mailboxes and public folders in the Exchange environment. It also contains analysis and reporting jobs to order and analyze the data returned by -the queries. See the [Exchange](/docs/accessanalyzer/12.0/administration/settings/exchange.md) topic for additional +the queries. See the [Exchange](/docs/accessanalyzer/12.0/admin/settings/exchange.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/recommended.md b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/recommended.md index b40c106ca1..a8d1b3126e 100644 --- a/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/recommended.md @@ -27,10 +27,10 @@ through host inventory results. Connection Profile A Connection Profile must be set directly on jobs within the 0.Collection job group. See the -[Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/exchange/web-services-api.md) +[Exchange Web Services API Permissions](/docs/accessanalyzer/12.0/requirements/solutions/exchange/webservicesapi.md) topic for the EX_PFInfo job requirements. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs-deletions.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs-deletions.md deleted file mode 100644 index d04687aea7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs-deletions.md +++ /dev/null @@ -1,94 +0,0 @@ -# FS_Deletions Job - -The FS_Deletions job is designed to report on deletion activity event information from targeted file -servers. - -## Analysis Tasks for the FS_Deletions Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Forensics** > -**FS_Deletions** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_Deletions Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/deletionsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create deletions view – Creates the SA_FSAC_DeletesView view accessible under the job’s - Results node -- 2. Last 30 Days – Creates the SA_FS_Deletions_Last30Days table accessible under the job’s - Results node -- 3. Trend – Creates the SA_FS_Deletions_TrendOverTime table accessible under the job’s Results - node -- 4. Create view to alert - Past 24 hours – Creates the SA_FS_Deletions_Notification_NOTIFICATION - table accessible under the job’s Results node -- 6. Raw Details – Creates the SA_FS_Deletions_Details view accessible under the job’s Results - node - -The Notification analysis task is an optional analysis task which requires configuration before -enabling it. The following analysis task is deselected by default: - -- 5. Notify on large number of deletes – Alerts when large number of deletions have occurred - - - Add recipients, notification subject, and email content - - See the [Configure the Notification Analysis Task](#configure-the-notification-analysis-task) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the FS_Deletions job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------- | -| File and Folder Deletions (Deletion Events) | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Line Chart– Displays the last 30 Days - Table – Provides details on deletions | - -### Configure the Notification Analysis Task - -A Notification analysis task sends email notification to recipients when the job is executed. It -requires the global **Notification** settings to be configured (**Settings** > **Notifications**) -for SMTP server information, but it uses the recipient list provided through the analysis task. -Follow the steps to configure a notification analysis task. - -**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. - -**Step 2 –** In the Analysis Selection view, select the Notification analysis task and click -**Analysis Configuration** . The Notification Data Analysis Module wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Notification Data Analysis Module wizard SMTP page](/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtp.webp) - -**Step 3 –** Navigate to the SMTP page of the wizard. - -![Recipients section](/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp) - -**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully -qualified address) for those who are to receive this notification. Multiple addresses can be -provided. You can use the following options: - -- Add – Add an email address to the E-mail field -- Remove – Remove an email address from the Recipients list -- Combine multiple messages into single message – Sends one email for all objects in the record set - instead of one email per object to all recipients - - **_RECOMMENDED:_** Leave the **Combine multiple messages into single message** option selected. - -![Message section](/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp) - -**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any -parameters. Then, customize the email content in the textbox to provide an explanation of the -notification to the recipients. - -**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. The Notification Data Analysis Module wizard closes. - -**Step 7 –** This Notification analysis task is now configured to send emails to the provided -recipient list. In the Analysis Selection view, select this task so that notifications can be sent -automatically during the execution of the job. - -_Remember,_ all of the analysis tasks should remain in the default order indicated by the numbering. -Do not deselect any of the SQLscripting analysis tasks. - -Once the Notification analysis task is configured and enabled alerts are sent when the trigger has -been identified by this job. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs-permissionchanges.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs-permissionchanges.md deleted file mode 100644 index 1b374d8fee..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs-permissionchanges.md +++ /dev/null @@ -1,52 +0,0 @@ -# FS_PermissionChanges Job - -The FS_PermissionChanges job is designed to report on permission change activity event information -from targeted file servers. - -## Analysis Tasks for the FS_PermissionChanges Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Forensics** > -**FS_PermissionChanges** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_PermissionChanges Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/permissionchangesanalysis.webp) - -The following analysis tasks are selected by default: - -- 0. Create Permission Change Events Table – Creates an interim processing table in the database - for use by downstream analysis and report generation -- 1. Create Permission Changes Table and View – Creates the SA_ENG_PermissionChangesView view - accessible under the job’s Results node -- 2. Last 30 Days – Creates the SA_FS_PermissionChanges_Last30Days table accessible under the - job’s Results node -- 3. Trend – Creates the SA_FS_PermissionChanges_TrendOverTime table accessible under the job’s - Results node -- 4. Create view to notify on - By user, per share, for the past 24 hours – Creates the - SA_FS_PermissionChanges_Notification_NOTIFICATION table accessible under the job’s Results - node -- 6. Raw Details – Creates the SA_FS_PermissionChanges_Details view accessible under the job’s - Results node -- 7. High risk permission changes – Creates the SA_FS_PermissionChanges_HighRisk table accessible - under the job’s Results node -- 8. High risk permission changes summary – Creates the SA_FS_PermissionChanges_HighRiskSummary - table accessible under the job’s Results node - -The Notification analysis task is an optional analysis task which requires configuration before -enabling it. The following analysis task is deselected by default: - -- 5. Alert on Permission Changes – Alerts when permission changes have occurred - - - Add recipients, notification subject, and email content - - See the - [Configure the Notification Analysis Task](/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs-deletions.md#configure-the-notification-analysis-task) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the FS_PermissionChanges job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| High Risk Changes | This report highlights successful permission changes performed on a high risk trustee. The line chart shows data for the past 30 days only. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Line Chart– Displays last 30 days of high risk changes - Table – Provides details on high risk changes | -| Permission Changes | This report identifies all resources where successful permission changes have occurred. The line chart shows data for the past 30 days only. | None | This report is comprised of two elements: - Line Chart– Displays last 30 days of permission changes - Table – Provides details on permission changes | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs_deletions.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs_deletions.md new file mode 100644 index 0000000000..9490ffe866 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs_deletions.md @@ -0,0 +1,94 @@ +# FS_Deletions Job + +The FS_Deletions job is designed to report on deletion activity event information from targeted file +servers. + +## Analysis Tasks for the FS_Deletions Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Forensics** > +**FS_Deletions** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_Deletions Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/deletionsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create deletions view – Creates the SA_FSAC_DeletesView view accessible under the job’s + Results node +- 2. Last 30 Days – Creates the SA_FS_Deletions_Last30Days table accessible under the job’s + Results node +- 3. Trend – Creates the SA_FS_Deletions_TrendOverTime table accessible under the job’s Results + node +- 4. Create view to alert - Past 24 hours – Creates the SA_FS_Deletions_Notification_NOTIFICATION + table accessible under the job’s Results node +- 6. Raw Details – Creates the SA_FS_Deletions_Details view accessible under the job’s Results + node + +The Notification analysis task is an optional analysis task which requires configuration before +enabling it. The following analysis task is deselected by default: + +- 5. Notify on large number of deletes – Alerts when large number of deletions have occurred + + - Add recipients, notification subject, and email content + - See the [Configure the Notification Analysis Task](#configure-the-notification-analysis-task) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the FS_Deletions job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------- | +| File and Folder Deletions (Deletion Events) | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Line Chart– Displays the last 30 Days - Table – Provides details on deletions | + +### Configure the Notification Analysis Task + +A Notification analysis task sends email notification to recipients when the job is executed. It +requires the global **Notification** settings to be configured (**Settings** > **Notifications**) +for SMTP server information, but it uses the recipient list provided through the analysis task. +Follow the steps to configure a notification analysis task. + +**Step 1 –** Navigate to the job’s **Configure** node and select **Analysis**. + +**Step 2 –** In the Analysis Selection view, select the Notification analysis task and click +**Analysis Configuration** . The Notification Data Analysis Module wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Notification Data Analysis Module wizard SMTP page](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/notificationsmtp.webp) + +**Step 3 –** Navigate to the SMTP page of the wizard. + +![Recipients section](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp) + +**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully +qualified address) for those who are to receive this notification. Multiple addresses can be +provided. You can use the following options: + +- Add – Add an email address to the E-mail field +- Remove – Remove an email address from the Recipients list +- Combine multiple messages into single message – Sends one email for all objects in the record set + instead of one email per object to all recipients + + **_RECOMMENDED:_** Leave the **Combine multiple messages into single message** option selected. + +![Message section](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp) + +**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any +parameters. Then, customize the email content in the textbox to provide an explanation of the +notification to the recipients. + +**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. The Notification Data Analysis Module wizard closes. + +**Step 7 –** This Notification analysis task is now configured to send emails to the provided +recipient list. In the Analysis Selection view, select this task so that notifications can be sent +automatically during the execution of the job. + +_Remember,_ all of the analysis tasks should remain in the default order indicated by the numbering. +Do not deselect any of the SQLscripting analysis tasks. + +Once the Notification analysis task is configured and enabled alerts are sent when the trigger has +been identified by this job. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs_permissionchanges.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs_permissionchanges.md new file mode 100644 index 0000000000..6b03361968 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs_permissionchanges.md @@ -0,0 +1,52 @@ +# FS_PermissionChanges Job + +The FS_PermissionChanges job is designed to report on permission change activity event information +from targeted file servers. + +## Analysis Tasks for the FS_PermissionChanges Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Forensics** > +**FS_PermissionChanges** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_PermissionChanges Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/permissionchangesanalysis.webp) + +The following analysis tasks are selected by default: + +- 0. Create Permission Change Events Table – Creates an interim processing table in the database + for use by downstream analysis and report generation +- 1. Create Permission Changes Table and View – Creates the SA_ENG_PermissionChangesView view + accessible under the job’s Results node +- 2. Last 30 Days – Creates the SA_FS_PermissionChanges_Last30Days table accessible under the + job’s Results node +- 3. Trend – Creates the SA_FS_PermissionChanges_TrendOverTime table accessible under the job’s + Results node +- 4. Create view to notify on - By user, per share, for the past 24 hours – Creates the + SA_FS_PermissionChanges_Notification_NOTIFICATION table accessible under the job’s Results + node +- 6. Raw Details – Creates the SA_FS_PermissionChanges_Details view accessible under the job’s + Results node +- 7. High risk permission changes – Creates the SA_FS_PermissionChanges_HighRisk table accessible + under the job’s Results node +- 8. High risk permission changes summary – Creates the SA_FS_PermissionChanges_HighRiskSummary + table accessible under the job’s Results node + +The Notification analysis task is an optional analysis task which requires configuration before +enabling it. The following analysis task is deselected by default: + +- 5. Alert on Permission Changes – Alerts when permission changes have occurred + + - Add recipients, notification subject, and email content + - See the + [Configure the Notification Analysis Task](fs_deletions.md#configure-the-notification-analysis-task) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the FS_PermissionChanges job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | +| High Risk Changes | This report highlights successful permission changes performed on a high risk trustee. The line chart shows data for the past 30 days only. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Line Chart– Displays last 30 days of high risk changes - Table – Provides details on high risk changes | +| Permission Changes | This report identifies all resources where successful permission changes have occurred. The line chart shows data for the past 30 days only. | None | This report is comprised of two elements: - Line Chart– Displays last 30 days of permission changes - Table – Provides details on permission changes | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/overview.md index 79a2ebf222..793e7a7a97 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/overview.md @@ -3,18 +3,18 @@ The Forensics job group is designed to report on forensic related activity event information from targeted file servers. -![Forensics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Forensics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/jobstree.webp) The Forensics job group is comprised of: -- [FS_Deletions Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs-deletions.md) – Designed to report on deletion activity event information +- [FS_Deletions Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs_deletions.md) – Designed to report on deletion activity event information from targeted file servers - - Includes a Notification analysis task option - - Requires **Access Auditing** component data collection + - Includes a Notification analysis task option + - Requires **Access Auditing** component data collection -- [FS_PermissionChanges Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs-permissionchanges.md) – Designed to report on permission change +- [FS_PermissionChanges Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs_permissionchanges.md) – Designed to report on permission change activity event information from targeted file servers - - Includes a Notification analysis task option - - Requires **Access Auditing** component data collection + - Includes a Notification analysis task option + - Requires **Access Auditing** component data collection diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/fs-leastprivilegedaccess.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/fs-leastprivilegedaccess.md deleted file mode 100644 index 85e7b277d3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/fs-leastprivilegedaccess.md +++ /dev/null @@ -1,49 +0,0 @@ -# Least Privileged Access > FS_LeastPrivilegedAccess Job - -The FS_LeastPrivilegedAccess job is designed to report on activity event information that can assist -in identifying least privilege from targeted file servers. It identifies where trustees are not -leveraging their permissions to resources from targeted file servers. Requires **Access Auditing** -component data collection. - -![Least Privileged Access > FS_LeastPrivilegedAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp) - -The FS_LeastPrivilegedAccess job is located in the Least Privileged Access job group. - -## Analysis Tasks for the FS_LeastPrivilegedAccess Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Least Privileged -Access** > **FS_LeastPrivilegedAccess** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_LeastPrivilegedAccess Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Join Activity Data to Share – Creates the SA_FS_LeastPrivilegedAccess_ActivityByShare table - accessible under the job’s Results node -- 2. Get Effective Share Access for all Shares with Activity – Creates the - SA_FS_LeastPrivilegedAccess_EffectiveShareAccess table accessible under the job’s Results - node -- 3. Compare Users activity to access – Creates the SA_FS_LeastPrivilegedAccess_Comparision table - accessible under the job’s Results node -- 4. Summarize Comparison by Share – Creates an interim processing table in the database for use - by downstream analysis and report generation -- 5. Rollup by Share - Pie Chart – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 6. Summarize Entitlement Usage - Enterprise Wide – Creates interim processing tables in the - database for use by downstream analysis and report generation -- 7. Recommend Changes to Group ACLs – Creates the SA_FS_LeastPrivilegedAccess_RecommendedChanges - table accessible under the job’s Results node -- 8. Resource Based Groups – Creates the SA_FS_LeastPrivilegedAccess_ResourceGroups table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_LeastPrivilegedAccess job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Overprovisioning Risk by Share | This report identifies shares with the largest amount of unutilized entitlements and assigns a risk rating to each one. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – Displays shares by overprovisioning risk - Table – Provides details on shares by overprovisioning risk | -| Overprovisioning Summary | This report shows the percentage of all entitlements which are being used. An entitlement refers to one user's access to one folder. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – entitlements by level of usage - Table – Provides details on entitlements | -| Remediation | If all members of a group are not using their full access, then modification to group permissions on the share will be suggested here. | None | This report is comprised of one element: - Table – Provides details on recommended changes to permissions | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/fs_leastprivilegedaccess.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/fs_leastprivilegedaccess.md new file mode 100644 index 0000000000..669adea9b4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/fs_leastprivilegedaccess.md @@ -0,0 +1,49 @@ +# Least Privileged Access > FS_LeastPrivilegedAccess Job + +The FS_LeastPrivilegedAccess job is designed to report on activity event information that can assist +in identifying least privilege from targeted file servers. It identifies where trustees are not +leveraging their permissions to resources from targeted file servers. Requires **Access Auditing** +component data collection. + +![Least Privileged Access > FS_LeastPrivilegedAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp) + +The FS_LeastPrivilegedAccess job is located in the Least Privileged Access job group. + +## Analysis Tasks for the FS_LeastPrivilegedAccess Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Least Privileged +Access** > **FS_LeastPrivilegedAccess** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_LeastPrivilegedAccess Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Join Activity Data to Share – Creates the SA_FS_LeastPrivilegedAccess_ActivityByShare table + accessible under the job’s Results node +- 2. Get Effective Share Access for all Shares with Activity – Creates the + SA_FS_LeastPrivilegedAccess_EffectiveShareAccess table accessible under the job’s Results + node +- 3. Compare Users activity to access – Creates the SA_FS_LeastPrivilegedAccess_Comparision table + accessible under the job’s Results node +- 4. Summarize Comparison by Share – Creates an interim processing table in the database for use + by downstream analysis and report generation +- 5. Rollup by Share - Pie Chart – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 6. Summarize Entitlement Usage - Enterprise Wide – Creates interim processing tables in the + database for use by downstream analysis and report generation +- 7. Recommend Changes to Group ACLs – Creates the SA_FS_LeastPrivilegedAccess_RecommendedChanges + table accessible under the job’s Results node +- 8. Resource Based Groups – Creates the SA_FS_LeastPrivilegedAccess_ResourceGroups table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_LeastPrivilegedAccess job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Overprovisioning Risk by Share | This report identifies shares with the largest amount of unutilized entitlements and assigns a risk rating to each one. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – Displays shares by overprovisioning risk - Table – Provides details on shares by overprovisioning risk | +| Overprovisioning Summary | This report shows the percentage of all entitlements which are being used. An entitlement refers to one user's access to one folder. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – entitlements by level of usage - Table – Provides details on entitlements | +| Remediation | If all members of a group are not using their full access, then modification to group permissions on the share will be suggested here. | None | This report is comprised of one element: - Table – Provides details on recommended changes to permissions | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/overview.md index 8106e336a6..8c62bf31ab 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/overview.md @@ -3,13 +3,13 @@ The 5.Activity job group is designed to report on activity event information from targeted file servers. -![5.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![5.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/jobstree.webp) The 5.Activity job group is comprised of: - [Forensics Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/overview.md) – Designed to report on forensic related activity event information from targeted file servers -- [Least Privileged Access > FS_LeastPrivilegedAccess Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/fs-leastprivilegedaccess.md) – Designed +- [Least Privileged Access > FS_LeastPrivilegedAccess Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/fs_leastprivilegedaccess.md) – Designed to report on activity event information that can assist in identifying least privilege from targeted file servers - [Security Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/overview.md) – Designed to report on security related activity event diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-adminactvity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-adminactvity.md deleted file mode 100644 index 37dcdc24be..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-adminactvity.md +++ /dev/null @@ -1,39 +0,0 @@ -# FS_AdminActvity Job - -The FS_AdminActivity job is designed to report on administrator related activity event information -from targeted file servers. - -## Analysis Tasks for the FS_AdminActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > -**FS_AdminActivity** > **Configure** node and select Analysis. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_AdminActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/adminactivityanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create Admin Activity View – Creates an interim processing view in the database for use by - downstream analysis and report generation -- 2. Effective Access to Locations with Admin Activity – Creates an interim processing table in - the database for use by downstream analysis and report generation -- 3. Suspicious Admin Activity – Creates the SA_FS_AdminActivity_SuspiciousActivity table - accessible under the job’s Results node -- 4. Operations Overview – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 5. Rank admins by activity – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 6. Pivot Admin Activity for Details Report – Creates an interim processing table in the database - for use by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the FS_AdminActivity job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------- | ---------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Administrator Activity Details | This report shows the details of administrator activity on file shares. | None | This report is comprised of one element: - Table – Provides details on last 30 days of administrator activity | -| Administrator Activity Overview | This report identifies the types of actions administrators are performing across your network. | None | This report is comprised of two elements: - Pie Chart – Displays last 30 days of administrator activity - Table – Provides details on types of actions | -| Most Active Administrators | This report ranks administrators by number of shares they have activity in. | None | This report is comprised of two elements: - Bar Chart – Displays last 30 days of administrator activity - Table – Provides details on administrator activity | -| Suspicious Admin Activity | This report highlights all administrator reads in shares where they do not have access. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table – Provides details on last 30 days of administrator activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-highriskactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-highriskactivity.md deleted file mode 100644 index cd94433f1c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-highriskactivity.md +++ /dev/null @@ -1,31 +0,0 @@ -# FS_HighRiskActivity Job - -The FS_HighRiskActivity job is designed to report on high risk activity event information from -targeted file servers. - -## Analysis Tasks for the FS_HighRiskActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > -**FS_HighRiskActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_HighRiskActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/highriskactivityanalysis.webp) - -- 0. Drop Tables – Drops tables from previous runs -- 1. Analyze for High Risk Activity – Creates the SA_FS_HighRiskActivity_HighRiskUserActivity - table accessible under the job’s Results node -- 2. Pivot High Risk Activity – Creates the SA_FS_HighRiskActivity_HighRiskDetails table - accessible under the job’s Results node -- 3. Summarize Share Activity – Creates the SA_FS_HighRiskActivity_ShareSummary table accessible - under the job’s Results node -- 4. Global User Activity – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the FS_HighRiskActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| High Risk Activity | High Risk Activity is any action performed by a user who has access to a particular resource only through a High Risk Trustee (for example, Everyone, Authenticated Users, or Domain Users). Unless action is taken, these users will lose access once the open access is remediated. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays last 30 days of activity - Table – Provides details on activity by user - Table – Provides details on activity by share | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-localuseractivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-localuseractivity.md deleted file mode 100644 index 7c0c61b37e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-localuseractivity.md +++ /dev/null @@ -1,26 +0,0 @@ -# FS_LocalUserActivity Job - -The FS_LocalUserActivity job is designed to report on local user activity event information from -targeted file servers. - -## Analysis Tasks for the LocalUserActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > -**FS_LocalUserActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the LocalUserActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/localuseractivityanalysis.webp) - -- 1. Local User Activity Details – Creates the SA_FS_LocalUserActivity_Details table accessible - under the job’s Results node -- 2. Top Local User Accounts – Creates the SA_FS_LocalUserActivity_TopUsers table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_LocalUserActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ---------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Local User Activity | This report identifies local accounts with file system activity. | None | This report is comprised of two elements: - Bar Chart – Displays top local user account activity (last 30 days) - Table – Provides details on local user activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_adminactvity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_adminactvity.md new file mode 100644 index 0000000000..8e2f1428b6 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_adminactvity.md @@ -0,0 +1,39 @@ +# FS_AdminActvity Job + +The FS_AdminActivity job is designed to report on administrator related activity event information +from targeted file servers. + +## Analysis Tasks for the FS_AdminActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > +**FS_AdminActivity** > **Configure** node and select Analysis. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_AdminActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/adminactivityanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create Admin Activity View – Creates an interim processing view in the database for use by + downstream analysis and report generation +- 2. Effective Access to Locations with Admin Activity – Creates an interim processing table in + the database for use by downstream analysis and report generation +- 3. Suspicious Admin Activity – Creates the SA_FS_AdminActivity_SuspiciousActivity table + accessible under the job’s Results node +- 4. Operations Overview – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 5. Rank admins by activity – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 6. Pivot Admin Activity for Details Report – Creates an interim processing table in the database + for use by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the FS_AdminActivity job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------- | ---------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Administrator Activity Details | This report shows the details of administrator activity on file shares. | None | This report is comprised of one element: - Table – Provides details on last 30 days of administrator activity | +| Administrator Activity Overview | This report identifies the types of actions administrators are performing across your network. | None | This report is comprised of two elements: - Pie Chart – Displays last 30 days of administrator activity - Table – Provides details on types of actions | +| Most Active Administrators | This report ranks administrators by number of shares they have activity in. | None | This report is comprised of two elements: - Bar Chart – Displays last 30 days of administrator activity - Table – Provides details on administrator activity | +| Suspicious Admin Activity | This report highlights all administrator reads in shares where they do not have access. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of one element: - Table – Provides details on last 30 days of administrator activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_highriskactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_highriskactivity.md new file mode 100644 index 0000000000..d130fc0433 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_highriskactivity.md @@ -0,0 +1,31 @@ +# FS_HighRiskActivity Job + +The FS_HighRiskActivity job is designed to report on high risk activity event information from +targeted file servers. + +## Analysis Tasks for the FS_HighRiskActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > +**FS_HighRiskActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_HighRiskActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/highriskactivityanalysis.webp) + +- 0. Drop Tables – Drops tables from previous runs +- 1. Analyze for High Risk Activity – Creates the SA_FS_HighRiskActivity_HighRiskUserActivity + table accessible under the job’s Results node +- 2. Pivot High Risk Activity – Creates the SA_FS_HighRiskActivity_HighRiskDetails table + accessible under the job’s Results node +- 3. Summarize Share Activity – Creates the SA_FS_HighRiskActivity_ShareSummary table accessible + under the job’s Results node +- 4. Global User Activity – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the FS_HighRiskActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| High Risk Activity | High Risk Activity is any action performed by a user who has access to a particular resource only through a High Risk Trustee (for example, Everyone, Authenticated Users, or Domain Users). Unless action is taken, these users will lose access once the open access is remediated. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Pie Chart – Displays last 30 days of activity - Table – Provides details on activity by user - Table – Provides details on activity by share | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_localuseractivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_localuseractivity.md new file mode 100644 index 0000000000..90ede11a5e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_localuseractivity.md @@ -0,0 +1,26 @@ +# FS_LocalUserActivity Job + +The FS_LocalUserActivity job is designed to report on local user activity event information from +targeted file servers. + +## Analysis Tasks for the LocalUserActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Security** > +**FS_LocalUserActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the LocalUserActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/localuseractivityanalysis.webp) + +- 1. Local User Activity Details – Creates the SA_FS_LocalUserActivity_Details table accessible + under the job’s Results node +- 2. Top Local User Accounts – Creates the SA_FS_LocalUserActivity_TopUsers table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_LocalUserActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ---------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Local User Activity | This report identifies local accounts with file system activity. | None | This report is comprised of two elements: - Bar Chart – Displays top local user account activity (last 30 days) - Table – Provides details on local user activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/overview.md index 3040af78d0..3e6d422755 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/overview.md @@ -3,19 +3,19 @@ The Security job group is designed to report on security related activity event information from targeted file servers. -![Security Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Security Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/jobstree.webp) The Security Job Group is comprised of: -- [FS_AdminActvity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-adminactvity.md) – Designed to report on administrator related activity +- [FS_AdminActvity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_adminactvity.md) – Designed to report on administrator related activity event information from targeted file servers - - Requires **Access Auditing** component data collection + - Requires **Access Auditing** component data collection -- [FS_HighRiskActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-highriskactivity.md) – Designed to report on high risk activity event +- [FS_HighRiskActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_highriskactivity.md) – Designed to report on high risk activity event information from targeted file servers - - Requires **Access Auditing** component data collection + - Requires **Access Auditing** component data collection -- [FS_LocalUserActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-localuseractivity.md) – Designed to report on local user activity +- [FS_LocalUserActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_localuseractivity.md) – Designed to report on local user activity event information from targeted file servers diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-deniedactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-deniedactivity.md deleted file mode 100644 index ce680a2bc9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-deniedactivity.md +++ /dev/null @@ -1,26 +0,0 @@ -# FS_DeniedActivity Job - -The FS_DeniedActivity job is designed to report on denied activity event information from targeted -file servers. - -## Analysis Tasks for the FS_DeniedActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_DeniedActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_DeniedActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp) - -The following analysis tasks are selected by default: - -- Denied Activity Hourly Summary – Creates the SA_FS_DeniedActivity_HourlySummary table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_DeniedActivity job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Denied Activity | This report highlights high periods of denied user activity during the past 30 days. | None | This report is comprised of two elements: - Bar Chart – Displays top denied periods for the last 30 days - Table – Provides details on denied activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-highesthourlyactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-highesthourlyactivity.md deleted file mode 100644 index 26886b0147..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-highesthourlyactivity.md +++ /dev/null @@ -1,42 +0,0 @@ -# FS_HighestHourlyActivity Job - -The FS_HighestHourlyActivity job is designed to report on the highest hourly activity event -information from targeted file servers broken down by user. - -## Analysis Tasks for the FS_HighestHourlyActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_HighestHourlyActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_HighestHourlyActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp) - -The following analysis task is selected by default: - -- Users Ranked – Creates the SA_FS_HighestHourlyActivity_UsersRanked table accessible under the - job’s Results node - -The following analysis task is deselected by default: - -- Create notifications view – Restores the SA_FS_HighestHourlyActivity_Last24Hours_NOTIFICATION view - to be visible under the job’s Results node - -The Notification analysis task is an optional analysis task which requires configuration before -enabling it. The following analysis task is deselected by default: - -- Hour Activity Notification – Alerts when large amounts of activity for a user have occurred within - an hour - - - Add recipients, notification subject, and email content - - See the - [Configure the Notification Analysis Task](/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs-deletions.md#configure-the-notification-analysis-task) - topic for additional information - -In addition to the tables and views created by the analysis tasks, the FS_HighestHourlyActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------ | -| Unusual User Activity | This report identifies user accounts and time ranges where there was the largest and widest amount of activity across the file system. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal user activity - Table – Provides details on hourly user activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-hourlyshareactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-hourlyshareactivity.md deleted file mode 100644 index 30144d4480..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-hourlyshareactivity.md +++ /dev/null @@ -1,26 +0,0 @@ -# FS_HourlyShareActivity Job - -The FS_HourlyShareActivity job is designed to report on the highest hourly activity event -information from targeted file servers broken down by share. - -## Analysis Tasks for the FS_HourlyShareActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_HourlyShareActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_HourlyShareActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp) - -The following analysis task is selected by default: - -- Summarize hourly norms and deviations – Creates the SA_FS_HourlyShareActivity_Deviations table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_HourlyShareActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------- | -| Unusual Share Activity | This report will show any outliers in hourly share activity, broken down by day of week and hour. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal share activity - Table – Provides details on share activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-modifiedbinaries.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-modifiedbinaries.md deleted file mode 100644 index acc1514b9b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-modifiedbinaries.md +++ /dev/null @@ -1,29 +0,0 @@ -# FS_ModifiedBinaries Job - -The FS_ModifiedBinaries job is designed to report on activity event information where binaries were -modified from targeted file servers. - -## Analysis Tasks for the FS_ModifiedBinaries Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_ModifiedBinaries** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_ModifiedBinaries Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp) - -The following analysis task is selected by default: - -- Summarize modifications to binaries - - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_FS_ModifiedBinaries_Summary table accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_ModifiedBinaries job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| First Time Binary Modifications | This report highlights recent instances where users have modified binaries for the first time. | None | This report is comprised of two elements: - Bar Chart – Displays first time binary modifications by host - Table – Provides details on modified binaries | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-peergroupactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-peergroupactivity.md deleted file mode 100644 index d4442f7965..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-peergroupactivity.md +++ /dev/null @@ -1,24 +0,0 @@ -# FS_PeerGroupActivity Job - -The FS_PeerGroupActivity job is designed to report on abnormal activity event information based on -peer group analysis from targeted file servers. - -## Analysis Tasks for the FS_PeerGroupActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_PeerGroupActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_PeerGroupActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp) - -- Summarize Hourly Norms and Deviations – Creates the SA_FS_PeerGroupActivity_Details table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_PeerGroupActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------- | -| Unusual Peer Group Activity | This report highlights unusual periods of activity based on peer group analysis. When a user accesses an abnormal amount of data from outside of their own department, the failure of separation of duties can indicate a security threat. | None | This report is comprised of one element: - Table – Provides details on abnormal peer group activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-ransomware.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-ransomware.md deleted file mode 100644 index 9827197d53..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-ransomware.md +++ /dev/null @@ -1,34 +0,0 @@ -# FS_Ransomware Job - -The FS_Ransomware job is comprised of analysis and reports which use the data collected by the -**0.Collection** job group to provide information on periods of time in which users are responsible -for an abnormally high number of updates. This can be indicative of ransomware. Additionally, -activity involving files which are known as ransomware artifacts is highlighted. - -## Analysis Tasks for the FS_Ransomeware Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_Ransomware** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_Ransomeware Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp) - -The following analysis tasks are selected by default: - -- Summarize Hourly Norms and Deviations – Creates the SA_FS_Ransomware_Details table accessible - under the job’s Results node -- Summarize activity on known ransomware artifacts - - - Creates the SA_FS_Ransomware_Artifacts table accessible under the job’s Results node - - Creates an interim processing table in the database for use by downstream analysis and report - generation - -In addition to the tables and views created by the analysis tasks, the FS_Ransomware job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Ransomware Activity | This report summarizes Add or Rename activity involving known ransomware artifacts. | None | This report is comprised of three elements: - Bar Chart – Displays top ransomware patterns - Table – Provides details on ransomware activity - Table – Provides summary of ransomware by pattern | -| Unusual Write Activity (Ransomware) | This report highlights periods of abnormally high update activity involving shared resources. This can be indicative of ransomware attacks. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal update activity - Table – Provides details on abnormal update activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-sensitivedataactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-sensitivedataactivity.md deleted file mode 100644 index f7d6223204..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-sensitivedataactivity.md +++ /dev/null @@ -1,26 +0,0 @@ -# FS_SensitiveDataActivity Job - -The FS_SensitiveDataActivity job is designed to report on activity event information on resources -identified to contain sensitive information from targeted file servers. - -## Analysis Tasks for the FS_SensitiveDataActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_SensitiveDataActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_SensitiveDataActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp) - -The following analysis tasks are selected by default: - -- Summarize Hourly Norms and Deviations – Creates the SA_FS_SensitiveDataActivity_Details table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_SensitiveDataActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ------------------------------------------------------------------------------------ | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Sensitive Data Activity | This report highlights periods of abnormally high activity involving sensitive data. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays abnormal sensitive data activity - Table – Provides details on sensitive data activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-stalefileactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-stalefileactivity.md deleted file mode 100644 index a64bf9573b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-stalefileactivity.md +++ /dev/null @@ -1,24 +0,0 @@ -# FS_StaleFileActivity Job - -The FS_StaleFileActivity job is designed to report on user activity event information involving -stale files from targeted file servers. - -## Analysis Tasks for the FS_StaleFileActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_StaleFileActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_StaleFileActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp) - -- Summarize Hourly Norms and Deviations – Creates the SA_FS_StaleFileActivity_Details table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_StaleFileActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | -------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| User Stale File Activity | This report highlights periods of abnormally high activity involving stale shared resources. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal stale file activity - Table – Provides details on abnormal stale file activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-usershareactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-usershareactivity.md deleted file mode 100644 index f60c9b95f5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-usershareactivity.md +++ /dev/null @@ -1,29 +0,0 @@ -# FS_UserShareActivity Job - -The FS_UserShareActivity job is designed to report on normal user activity within a share from -targeted file servers. - -## Analysis Tasks for the FS_UserShareActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_UserShareActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_UserShareActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp) - -- Track Latest Activity Per User Per Share – Creates the SA_FS_UserShareActivity_LatestActivity - table accessible under the job’s Results node -- Average days since last Access – Creates the SA_FS_UserShareActivity_ShareSummary table accessible - under the job’s Results node -- New Access Last Week – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis tasks, the FS_UserShareActivity job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| First Time Share Activity by User | This report shows the last date that a user accessed a share, ordered by the oldest activity. This lack of access may indicate unused permissions. | None | This report is comprised of two elements: - Bar Chart – Displays shares with new users accessing data - past 7 days - Table – Provides details on first time share access | -| Longest Inactivity | This report shows which users have returned to a share after the longest periods of inactivity. | None | This report is comprised of one element: - Table – Provides details on user share activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-weekendactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-weekendactivity.md deleted file mode 100644 index a47923b1b3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-weekendactivity.md +++ /dev/null @@ -1,30 +0,0 @@ -# FS_WeekendActivity Job - -The FS_WeekendActivity job is comprised of analysis and reports which use the data collected by the -**0.Collection** job group to provide information on weekend file server activity and the user -accounts which perform the most weekend activity. Best practices often dictate monitoring of weekend -activity for potential security concerns. - -## Analysis Tasks for the FS_WeekendActivity Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious -Activity** > **FS_WeekendActivity** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_WeekendActivity Job](/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp) - -The following analysis tasks are selected by default: - -- Weekend Activity – Creates the SA_FS_WeekendActivity_Details table accessible under the job’s - Results node -- User Summary – Creates the SA_FS_WeekendActivity_UserSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the FS_WeekendActivity job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------- | ------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Weekend Activity (Most Active Users on Weekend) | This report shows users who are active on the weekend inside file shares. | None | This report is comprised of two elements: - Bar Chart – Displays weekend share activity - top 5 users - Table – Provides details on weekend share activity by user | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_deniedactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_deniedactivity.md new file mode 100644 index 0000000000..ab6a56159a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_deniedactivity.md @@ -0,0 +1,26 @@ +# FS_DeniedActivity Job + +The FS_DeniedActivity job is designed to report on denied activity event information from targeted +file servers. + +## Analysis Tasks for the FS_DeniedActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_DeniedActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_DeniedActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp) + +The following analysis tasks are selected by default: + +- Denied Activity Hourly Summary – Creates the SA_FS_DeniedActivity_HourlySummary table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_DeniedActivity job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Denied Activity | This report highlights high periods of denied user activity during the past 30 days. | None | This report is comprised of two elements: - Bar Chart – Displays top denied periods for the last 30 days - Table – Provides details on denied activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_highesthourlyactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_highesthourlyactivity.md new file mode 100644 index 0000000000..db21b3b9c0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_highesthourlyactivity.md @@ -0,0 +1,42 @@ +# FS_HighestHourlyActivity Job + +The FS_HighestHourlyActivity job is designed to report on the highest hourly activity event +information from targeted file servers broken down by user. + +## Analysis Tasks for the FS_HighestHourlyActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_HighestHourlyActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_HighestHourlyActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp) + +The following analysis task is selected by default: + +- Users Ranked – Creates the SA_FS_HighestHourlyActivity_UsersRanked table accessible under the + job’s Results node + +The following analysis task is deselected by default: + +- Create notifications view – Restores the SA_FS_HighestHourlyActivity_Last24Hours_NOTIFICATION view + to be visible under the job’s Results node + +The Notification analysis task is an optional analysis task which requires configuration before +enabling it. The following analysis task is deselected by default: + +- Hour Activity Notification – Alerts when large amounts of activity for a user have occurred within + an hour + + - Add recipients, notification subject, and email content + - See the + [Configure the Notification Analysis Task](/docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/fs_deletions.md#configure-the-notification-analysis-task) + topic for additional information + +In addition to the tables and views created by the analysis tasks, the FS_HighestHourlyActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------ | +| Unusual User Activity | This report identifies user accounts and time ranges where there was the largest and widest amount of activity across the file system. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal user activity - Table – Provides details on hourly user activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_hourlyshareactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_hourlyshareactivity.md new file mode 100644 index 0000000000..16ddfe1faa --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_hourlyshareactivity.md @@ -0,0 +1,26 @@ +# FS_HourlyShareActivity Job + +The FS_HourlyShareActivity job is designed to report on the highest hourly activity event +information from targeted file servers broken down by share. + +## Analysis Tasks for the FS_HourlyShareActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_HourlyShareActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_HourlyShareActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp) + +The following analysis task is selected by default: + +- Summarize hourly norms and deviations – Creates the SA_FS_HourlyShareActivity_Deviations table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_HourlyShareActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------- | +| Unusual Share Activity | This report will show any outliers in hourly share activity, broken down by day of week and hour. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal share activity - Table – Provides details on share activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_modifiedbinaries.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_modifiedbinaries.md new file mode 100644 index 0000000000..f29aecc818 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_modifiedbinaries.md @@ -0,0 +1,29 @@ +# FS_ModifiedBinaries Job + +The FS_ModifiedBinaries job is designed to report on activity event information where binaries were +modified from targeted file servers. + +## Analysis Tasks for the FS_ModifiedBinaries Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_ModifiedBinaries** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_ModifiedBinaries Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp) + +The following analysis task is selected by default: + +- Summarize modifications to binaries + + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_FS_ModifiedBinaries_Summary table accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_ModifiedBinaries job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | +| First Time Binary Modifications | This report highlights recent instances where users have modified binaries for the first time. | None | This report is comprised of two elements: - Bar Chart – Displays first time binary modifications by host - Table – Provides details on modified binaries | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_peergroupactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_peergroupactivity.md new file mode 100644 index 0000000000..ed598717a5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_peergroupactivity.md @@ -0,0 +1,24 @@ +# FS_PeerGroupActivity Job + +The FS_PeerGroupActivity job is designed to report on abnormal activity event information based on +peer group analysis from targeted file servers. + +## Analysis Tasks for the FS_PeerGroupActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_PeerGroupActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_PeerGroupActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp) + +- Summarize Hourly Norms and Deviations – Creates the SA_FS_PeerGroupActivity_Details table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_PeerGroupActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------- | +| Unusual Peer Group Activity | This report highlights unusual periods of activity based on peer group analysis. When a user accesses an abnormal amount of data from outside of their own department, the failure of separation of duties can indicate a security threat. | None | This report is comprised of one element: - Table – Provides details on abnormal peer group activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_ransomware.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_ransomware.md new file mode 100644 index 0000000000..7dfacea3ca --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_ransomware.md @@ -0,0 +1,34 @@ +# FS_Ransomware Job + +The FS_Ransomware job is comprised of analysis and reports which use the data collected by the +**0.Collection** job group to provide information on periods of time in which users are responsible +for an abnormally high number of updates. This can be indicative of ransomware. Additionally, +activity involving files which are known as ransomware artifacts is highlighted. + +## Analysis Tasks for the FS_Ransomeware Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_Ransomware** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_Ransomeware Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp) + +The following analysis tasks are selected by default: + +- Summarize Hourly Norms and Deviations – Creates the SA_FS_Ransomware_Details table accessible + under the job’s Results node +- Summarize activity on known ransomware artifacts + + - Creates the SA_FS_Ransomware_Artifacts table accessible under the job’s Results node + - Creates an interim processing table in the database for use by downstream analysis and report + generation + +In addition to the tables and views created by the analysis tasks, the FS_Ransomware job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Ransomware Activity | This report summarizes Add or Rename activity involving known ransomware artifacts. | None | This report is comprised of three elements: - Bar Chart – Displays top ransomware patterns - Table – Provides details on ransomware activity - Table – Provides summary of ransomware by pattern | +| Unusual Write Activity (Ransomware) | This report highlights periods of abnormally high update activity involving shared resources. This can be indicative of ransomware attacks. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal update activity - Table – Provides details on abnormal update activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_sensitivedataactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_sensitivedataactivity.md new file mode 100644 index 0000000000..5908fa267d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_sensitivedataactivity.md @@ -0,0 +1,26 @@ +# FS_SensitiveDataActivity Job + +The FS_SensitiveDataActivity job is designed to report on activity event information on resources +identified to contain sensitive information from targeted file servers. + +## Analysis Tasks for the FS_SensitiveDataActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_SensitiveDataActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_SensitiveDataActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp) + +The following analysis tasks are selected by default: + +- Summarize Hourly Norms and Deviations – Creates the SA_FS_SensitiveDataActivity_Details table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_SensitiveDataActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ------------------------------------------------------------------------------------ | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Sensitive Data Activity | This report highlights periods of abnormally high activity involving sensitive data. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays abnormal sensitive data activity - Table – Provides details on sensitive data activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_stalefileactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_stalefileactivity.md new file mode 100644 index 0000000000..6b70aea1f7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_stalefileactivity.md @@ -0,0 +1,24 @@ +# FS_StaleFileActivity Job + +The FS_StaleFileActivity job is designed to report on user activity event information involving +stale files from targeted file servers. + +## Analysis Tasks for the FS_StaleFileActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_StaleFileActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_StaleFileActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp) + +- Summarize Hourly Norms and Deviations – Creates the SA_FS_StaleFileActivity_Details table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_StaleFileActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | -------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | +| User Stale File Activity | This report highlights periods of abnormally high activity involving stale shared resources. | None | This report is comprised of two elements: - Bar Chart – Displays abnormal stale file activity - Table – Provides details on abnormal stale file activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_usershareactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_usershareactivity.md new file mode 100644 index 0000000000..0095cbfb3d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_usershareactivity.md @@ -0,0 +1,29 @@ +# FS_UserShareActivity Job + +The FS_UserShareActivity job is designed to report on normal user activity within a share from +targeted file servers. + +## Analysis Tasks for the FS_UserShareActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_UserShareActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_UserShareActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp) + +- Track Latest Activity Per User Per Share – Creates the SA_FS_UserShareActivity_LatestActivity + table accessible under the job’s Results node +- Average days since last Access – Creates the SA_FS_UserShareActivity_ShareSummary table accessible + under the job’s Results node +- New Access Last Week – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis tasks, the FS_UserShareActivity job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| First Time Share Activity by User | This report shows the last date that a user accessed a share, ordered by the oldest activity. This lack of access may indicate unused permissions. | None | This report is comprised of two elements: - Bar Chart – Displays shares with new users accessing data - past 7 days - Table – Provides details on first time share access | +| Longest Inactivity | This report shows which users have returned to a share after the longest periods of inactivity. | None | This report is comprised of one element: - Table – Provides details on user share activity | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_weekendactivity.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_weekendactivity.md new file mode 100644 index 0000000000..0ed153a96c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_weekendactivity.md @@ -0,0 +1,30 @@ +# FS_WeekendActivity Job + +The FS_WeekendActivity job is comprised of analysis and reports which use the data collected by the +**0.Collection** job group to provide information on weekend file server activity and the user +accounts which perform the most weekend activity. Best practices often dictate monitoring of weekend +activity for potential security concerns. + +## Analysis Tasks for the FS_WeekendActivity Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Suspicious +Activity** > **FS_WeekendActivity** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_WeekendActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/weekendactivityanalysis.webp) + +The following analysis tasks are selected by default: + +- Weekend Activity – Creates the SA_FS_WeekendActivity_Details table accessible under the job’s + Results node +- User Summary – Creates the SA_FS_WeekendActivity_UserSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the FS_WeekendActivity job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------- | ------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Weekend Activity (Most Active Users on Weekend) | This report shows users who are active on the weekend inside file shares. | None | This report is comprised of two elements: - Bar Chart – Displays weekend share activity - top 5 users - Table – Provides details on weekend share activity by user | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/overview.md index b55e613f8a..80baa621b9 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/overview.md @@ -3,57 +3,57 @@ The Suspicious Activity job group is designed to report on potentially suspicious activity event information from targeted file servers. -![Suspicious Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Suspicious Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/jobstree.webp) The Suspicious Activity job group is comprised of: -- [FS_DeniedActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-deniedactivity.md) – Designed to report on denied activity event +- [FS_DeniedActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_deniedactivity.md) – Designed to report on denied activity event information from targeted file servers - - Requires **Access Auditing** component data collection + - Requires **Access Auditing** component data collection - [FS_HighestHourlyActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-highesthourlyactivity.md) – Designed to report on the highest - hourly activity event information from targeted file servers broken down by user + [FS_HighestHourlyActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_highesthourlyactivity.md) – Designed to report on the highest + hourly activity event information from targeted file servers broken down by user - - Includes a Notification analysis task option - - Requires **Access Auditing** component data collection + - Includes a Notification analysis task option + - Requires **Access Auditing** component data collection -- [FS_HourlyShareActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-hourlyshareactivity.md) – Designed to report on the highest hourly +- [FS_HourlyShareActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_hourlyshareactivity.md) – Designed to report on the highest hourly activity event information from targeted file servers broken down by share - - Requires **Access Auditing** component data collection + - Requires **Access Auditing** component data collection -- [FS_ModifiedBinaries Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-modifiedbinaries.md) – Designed to report on activity event +- [FS_ModifiedBinaries Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_modifiedbinaries.md) – Designed to report on activity event information where binaries were modified from targeted file servers - - Requires **Access Auditing** component data collection + - Requires **Access Auditing** component data collection -- [FS_PeerGroupActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-peergroupactivity.md) – Designed to report on abnormal activity +- [FS_PeerGroupActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_peergroupactivity.md) – Designed to report on abnormal activity event information based on peer group analysis from targeted file servers - - Requires **Access Auditing** component data collection - - Requires Ownership be assigned within the Access Information Center. See the Resource Owners - Overview topic in the - [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) - for additional information. + - Requires **Access Auditing** component data collection + - Requires Ownership be assigned within the Access Information Center. See the Resource Owners + Overview topic in the + [Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) + for additional information. -- [FS_Ransomware Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-ransomware.md) – Designed to report on potential ransomware activity event +- [FS_Ransomware Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_ransomware.md) – Designed to report on potential ransomware activity event information based on file extensions and large number of modified file events from targeted file servers -- [FS_SensitiveDataActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-sensitivedataactivity.md) – Designed to report on activity event +- [FS_SensitiveDataActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_sensitivedataactivity.md) – Designed to report on activity event information on resources identified to contain sensitive information from targeted file servers - - Requires **Access Auditing** component data collection - - Requires **Sensitive Data Discovery Auditing** component data collection + - Requires **Access Auditing** component data collection + - Requires **Sensitive Data Discovery Auditing** component data collection -- [FS_StaleFileActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-stalefileactivity.md) – Designed to report on user activity event +- [FS_StaleFileActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_stalefileactivity.md) – Designed to report on user activity event information involving stale files from targeted file servers -- [FS_UserShareActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-usershareactivity.md) – Designed to report on normal user activity +- [FS_UserShareActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_usershareactivity.md) – Designed to report on normal user activity within a share from targeted file servers - - Requires **Access Auditing** component data collection + - Requires **Access Auditing** component data collection -- [FS_WeekendActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs-weekendactivity.md) – Designed to report on activity events that occur +- [FS_WeekendActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/fs_weekendactivity.md) – Designed to report on activity events that occur over the weekend from targeted file servers - - Requires **Access Auditing** component data collection + - Requires **Access Auditing** component data collection diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-groupusage.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-groupusage.md deleted file mode 100644 index 711b8363aa..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-groupusage.md +++ /dev/null @@ -1,28 +0,0 @@ -# FS_GroupUsage Job - -The FS_GroupUsage job is designed to report on group usage from targeted file servers. - -## Analysis Tasks for the FS_GroupUsage Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage -Statistics** > **FS_GroupUsage** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_GroupUsage Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp) - -The following analysis task is selected by default: - -- 1. Identify Last Time a Group was used for Access - - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_FS_GroupUsage_DaysSinceUse view accessible under the job’s Results node - -In addition to the tables and views created by the analysis task, the FS_GroupUsage job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | ------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------ | -| Stale Groups | This report identifies the last possible time a group was used for providing file system access. | None | This report is comprised of two elements: - Bar Chart – Displays top unused groups - Table – Provides details on unused groups | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-mostactiveservers.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-mostactiveservers.md deleted file mode 100644 index 2ee9098242..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-mostactiveservers.md +++ /dev/null @@ -1,25 +0,0 @@ -# FS_MostActiveServers Job - -The FS_MostActiveServers job is designed to report on the most active servers within an environment. - -## Analysis Task for the FS_MostActiveServers Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage -Statistics** > **FS_MostActiveServers** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the FS_MostActiveServers Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp) - -The following analysis task is selected by default: - -- Last 30 Days – Creates the SA_FS_MostActiveServers_Last30Days table accessible under the job’s - Results node - -In addition to the table and views created by the analysis task, the FS_MostActiveServers job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active Servers – Last 30 Days | This report identifies the top servers for the past 30 days. [Read], [Add], [Update], [Delete], [Permission Change], [Rename] fields reflect the number of unique operations of each type that was performed in that server for this time frame. Unique Folders are the number of distinct folders that have had activity during the time frame. | None | This report is comprised of two elements: - Bar Chart – Displays most active servers - Table – Provides details on most active servers | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-mostactiveusers.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-mostactiveusers.md deleted file mode 100644 index 6a0682664a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-mostactiveusers.md +++ /dev/null @@ -1,25 +0,0 @@ -# FS_MostActiveUsers Job - -The FS_MostActiveUsers job is designed to report on the most active users within an environment. - -## Analysis Tasks for the FS_MostActiveUsers Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage -Statistics** > **FS_MostActiveUsers** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_MostActiveUsers Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp) - -The following analysis task is selected by default: - -- Last 30 Days – Creates the SA_FS_MostActiveUsers_Last30Days table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis task, the FS_MostActiveUsers job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active Users – Last 30 Days | This report identifies the top users for the past 30 days. [Read], [Add], [Update], [Delete], [Permission Change], [Rename] fields reflect the number of unique operations of each type that was performed by the user for this time frame. Unique Folders are the number of distinct folders that have had activity during the time frame. | None | This report is comprised of two elements: - Bar Chart – Displays top users by operation count - Table – Provides details on the most active users | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-staleshares.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-staleshares.md deleted file mode 100644 index e8028b35ca..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-staleshares.md +++ /dev/null @@ -1,31 +0,0 @@ -# FS_StaleShares Job - -The FS_StaleShares job is designed to report on stale shares from targeted file servers. - -## Analysis Tasks for the FS_StaleShares Job - -View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage -Statistics** > **FS_StaleShares** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_StaleShares Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Find Date of last Activity - - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_FS_StaleShares_LastActivityPivot view accessible under the job’s Results node - -- 2. Find Shares with no Recorded Activity – Creates the SA_FS_StaleShares_NoRecordedActivity - table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_StaleShares job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | ------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------ | -| Stale Shares | This report identifies the last date there was activity on a share. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 stale shares - Table – Provides details on stale shares | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_groupusage.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_groupusage.md new file mode 100644 index 0000000000..70f240bfc7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_groupusage.md @@ -0,0 +1,28 @@ +# FS_GroupUsage Job + +The FS_GroupUsage job is designed to report on group usage from targeted file servers. + +## Analysis Tasks for the FS_GroupUsage Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage +Statistics** > **FS_GroupUsage** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_GroupUsage Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp) + +The following analysis task is selected by default: + +- 1. Identify Last Time a Group was used for Access + + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_FS_GroupUsage_DaysSinceUse view accessible under the job’s Results node + +In addition to the tables and views created by the analysis task, the FS_GroupUsage job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | ------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------ | +| Stale Groups | This report identifies the last possible time a group was used for providing file system access. | None | This report is comprised of two elements: - Bar Chart – Displays top unused groups - Table – Provides details on unused groups | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_mostactiveservers.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_mostactiveservers.md new file mode 100644 index 0000000000..0bb41e8a09 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_mostactiveservers.md @@ -0,0 +1,25 @@ +# FS_MostActiveServers Job + +The FS_MostActiveServers job is designed to report on the most active servers within an environment. + +## Analysis Task for the FS_MostActiveServers Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage +Statistics** > **FS_MostActiveServers** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the FS_MostActiveServers Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp) + +The following analysis task is selected by default: + +- Last 30 Days – Creates the SA_FS_MostActiveServers_Last30Days table accessible under the job’s + Results node + +In addition to the table and views created by the analysis task, the FS_MostActiveServers job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active Servers – Last 30 Days | This report identifies the top servers for the past 30 days. [Read], [Add], [Update], [Delete], [Permission Change], [Rename] fields reflect the number of unique operations of each type that was performed in that server for this time frame. Unique Folders are the number of distinct folders that have had activity during the time frame. | None | This report is comprised of two elements: - Bar Chart – Displays most active servers - Table – Provides details on most active servers | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_mostactiveusers.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_mostactiveusers.md new file mode 100644 index 0000000000..aa02be9aff --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_mostactiveusers.md @@ -0,0 +1,25 @@ +# FS_MostActiveUsers Job + +The FS_MostActiveUsers job is designed to report on the most active users within an environment. + +## Analysis Tasks for the FS_MostActiveUsers Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage +Statistics** > **FS_MostActiveUsers** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_MostActiveUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp) + +The following analysis task is selected by default: + +- Last 30 Days – Creates the SA_FS_MostActiveUsers_Last30Days table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis task, the FS_MostActiveUsers job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active Users – Last 30 Days | This report identifies the top users for the past 30 days. [Read], [Add], [Update], [Delete], [Permission Change], [Rename] fields reflect the number of unique operations of each type that was performed by the user for this time frame. Unique Folders are the number of distinct folders that have had activity during the time frame. | None | This report is comprised of two elements: - Bar Chart – Displays top users by operation count - Table – Provides details on the most active users | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_staleshares.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_staleshares.md new file mode 100644 index 0000000000..a45d4bd309 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_staleshares.md @@ -0,0 +1,31 @@ +# FS_StaleShares Job + +The FS_StaleShares job is designed to report on stale shares from targeted file servers. + +## Analysis Tasks for the FS_StaleShares Job + +View the analysis tasks by navigating to the **FileSystem** > **5.Activity** > **Usage +Statistics** > **FS_StaleShares** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_StaleShares Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Find Date of last Activity + + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_FS_StaleShares_LastActivityPivot view accessible under the job’s Results node + +- 2. Find Shares with no Recorded Activity – Creates the SA_FS_StaleShares_NoRecordedActivity + table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_StaleShares job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | ------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------ | +| Stale Shares | This report identifies the last date there was activity on a share. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 stale shares - Table – Provides details on stale shares | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/overview.md index 3e1eada966..bb6423d47b 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/overview.md @@ -2,20 +2,20 @@ The Usage Statistics job group is designed to report on usage statistics from targeted file servers. -![Usage Statistics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Usage Statistics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/jobstree.webp) The Usage Statistics job group is comprised of: -- [FS_GroupUsage Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-groupusage.md) – Designed to report on group usage from targeted file +- [FS_GroupUsage Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_groupusage.md) – Designed to report on group usage from targeted file servers - - Requires **Access Auditing** component data collection + - Requires **Access Auditing** component data collection -- [FS_MostActiveServers Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-mostactiveservers.md) – Designed to report on the most active +- [FS_MostActiveServers Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_mostactiveservers.md) – Designed to report on the most active servers within an environment -- [FS_MostActiveUsers Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-mostactiveusers.md) – Designed to report on the most active users +- [FS_MostActiveUsers Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_mostactiveusers.md) – Designed to report on the most active users within an environment -- [FS_StaleShares Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs-staleshares.md) – Designed to report on stale shares from targeted file +- [FS_StaleShares Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/fs_staleshares.md) – Designed to report on stale shares from targeted file servers - - Requires **Access Auditing** component data collection + - Requires **Access Auditing** component data collection diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs-shareaudit.md b/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs-shareaudit.md deleted file mode 100644 index 61950544d6..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs-shareaudit.md +++ /dev/null @@ -1,42 +0,0 @@ -# FS_ShareAudit Job - -The FS_ShareAudit Job is designed to report on shares from targeted file servers based on user -input. - -## Analysis Tasks for the FS_ShareAudit Job - -View the analysis tasks by navigating to the FileSystem > Ad Hoc Audits > FS_ShareAudit > Configure -node and select Analysis. - -**CAUTION:** Do not modify or deselect the last three selected analysis tasks. The analysis tasks -are preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/filesystem/adhocaudits/shareauditanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Identify Selected Shares – Creates the SA_FS_ShareAudit_ShareSummary table accessible under - the job’s Results node - - Parameter is blank by default. - - #UNC parameter must be configured by clicking Analysis Configuration with this task selected - then selecting the #UNC table in the SQL Script Editor window and clicking **Edit Table**. - - This brings up the Edit Table window where the user can manually enter UNC paths of each - share to be audited or upload a CSV file containing one row for each share to be audited. - See the [SQLscripting Analysis Module](/docs/accessanalyzer/12.0/analysis/sql-scripting.md) section - for additional information. - - List one shared folder per row, using the format: \\HOST\SHARE. -- 2. Direct Permissions – Creates the SA_FS_ShareAudit_DirectPermissions table accessible under - the job’s Results node -- 3. Calculate Effective Access – Creates the SA_FS_ShareAudit_ShareAccess table accessible under - the job’s Results node -- 4. Identify Broken Inheritance - - Creates a temporary table in the database for use by downstream analysis and report - generation. - - Creates the SA_FS_ShareAudit_UniqueTrustees table accessible under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the FS_ShareAudit Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | -------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Share Audit | This report displays permission information for the selected shares. | None | This report is comprised of four elements: - Table – Provides details on selected shares - Table – Provides details on permissions - Table – Provides details on effective access - Table – Provides details on broken inheritance | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs-trusteepermissions.md b/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs-trusteepermissions.md deleted file mode 100644 index a1cecebb47..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs-trusteepermissions.md +++ /dev/null @@ -1,32 +0,0 @@ -# FS_TrusteePermissions Job - -The FS_TrusteePermissions Job is designed to report on trustees from targeted file servers based on -user input. - -## Analysis Tasks for the FS_TrusteePermissions Job - -View the analysis tasks by navigating to the FileSystem > Ad Hoc Audits > FS_TrusteePermissions > -Configure node and select Analysis. - -**CAUTION:** Do not modify or deselect the second selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Find Trustee Information – Creates the SA_FS_TrusteePermissions_TrusteeSummary table - accessible under the job’s Results node. - - Parameter is blank by default. - - `#Trustees` parameter must be configured using the Edit Table option. - - List one trustee per row, using the format: DOMAIN\Name. - - See the Customize Analysis Parameters topic for additional information. -- 2. Find Permission Source – Creates the SA_FS_ShareAudit_TrusteePermissions table accessible - under the job’s Results node. - -In addition to the tables and views created by the analysis tasks, the FS_TrusteePermissions Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | -| Trustee Permissions Audit | This report provides an overview of the access sprawl across the environment for the select trustee(s). | None | This report is comprised of two elements: - Bar Chart – Displays summary of trustees - Table – Provides details on trustee permissions | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs_shareaudit.md b/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs_shareaudit.md new file mode 100644 index 0000000000..79491a4a17 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs_shareaudit.md @@ -0,0 +1,42 @@ +# FS_ShareAudit Job + +The FS_ShareAudit Job is designed to report on shares from targeted file servers based on user +input. + +## Analysis Tasks for the FS_ShareAudit Job + +View the analysis tasks by navigating to the FileSystem > Ad Hoc Audits > FS_ShareAudit > Configure +node and select Analysis. + +**CAUTION:** Do not modify or deselect the last three selected analysis tasks. The analysis tasks +are preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/shareauditanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Identify Selected Shares – Creates the SA_FS_ShareAudit_ShareSummary table accessible under + the job’s Results node + - Parameter is blank by default. + - #UNC parameter must be configured by clicking Analysis Configuration with this task selected + then selecting the #UNC table in the SQL Script Editor window and clicking **Edit Table**. + - This brings up the Edit Table window where the user can manually enter UNC paths of each + share to be audited or upload a CSV file containing one row for each share to be audited. + See the [SQLscripting Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/sqlscripting.md) section + for additional information. + - List one shared folder per row, using the format: \\HOST\SHARE. +- 2. Direct Permissions – Creates the SA_FS_ShareAudit_DirectPermissions table accessible under + the job’s Results node +- 3. Calculate Effective Access – Creates the SA_FS_ShareAudit_ShareAccess table accessible under + the job’s Results node +- 4. Identify Broken Inheritance + - Creates a temporary table in the database for use by downstream analysis and report + generation. + - Creates the SA_FS_ShareAudit_UniqueTrustees table accessible under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the FS_ShareAudit Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | -------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Share Audit | This report displays permission information for the selected shares. | None | This report is comprised of four elements: - Table – Provides details on selected shares - Table – Provides details on permissions - Table – Provides details on effective access - Table – Provides details on broken inheritance | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs_trusteepermissions.md b/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs_trusteepermissions.md new file mode 100644 index 0000000000..61fe1cecd4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs_trusteepermissions.md @@ -0,0 +1,32 @@ +# FS_TrusteePermissions Job + +The FS_TrusteePermissions Job is designed to report on trustees from targeted file servers based on +user input. + +## Analysis Tasks for the FS_TrusteePermissions Job + +View the analysis tasks by navigating to the FileSystem > Ad Hoc Audits > FS_TrusteePermissions > +Configure node and select Analysis. + +**CAUTION:** Do not modify or deselect the second selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Find Trustee Information – Creates the SA_FS_TrusteePermissions_TrusteeSummary table + accessible under the job’s Results node. + - Parameter is blank by default. + - `#Trustees` parameter must be configured using the Edit Table option. + - List one trustee per row, using the format: DOMAIN\Name. + - See the Customize Analysis Parameters topic for additional information. +- 2. Find Permission Source – Creates the SA_FS_ShareAudit_TrusteePermissions table accessible + under the job’s Results node. + +In addition to the tables and views created by the analysis tasks, the FS_TrusteePermissions Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------- | +| Trustee Permissions Audit | This report provides an overview of the access sprawl across the environment for the select trustee(s). | None | This report is comprised of two elements: - Bar Chart – Displays summary of trustees - Table – Provides details on trustee permissions | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/overview.md index a4fa2e4b5e..79ee9fb858 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/overview.md @@ -8,13 +8,13 @@ the required information before job execution. **_RECOMMENDED:_** Run these jobs independently of the solution. -![Ad Hoc Audits Job Group](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Ad Hoc Audits Job Group](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/jobstree.webp) The Ad Hoc Audits Job Group is comprised of: -- [FS_ShareAudit Job](/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs-shareaudit.md) – Designed to report on shares from targeted file servers +- [FS_ShareAudit Job](/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs_shareaudit.md) – Designed to report on shares from targeted file servers based on user input -- [FS_TrusteePermissions Job](/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs-trusteepermissions.md) – Designed to report on trustees from +- [FS_TrusteePermissions Job](/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/fs_trusteepermissions.md) – Designed to report on trustees from targeted file servers based on user input For both of these jobs, the host list is set to Local host at the job level. The assigned Connection diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs-deletefiles-status.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs-deletefiles-status.md deleted file mode 100644 index 23560a1f3d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs-deletefiles-status.md +++ /dev/null @@ -1,27 +0,0 @@ -# FS_DeleteFiles_Status Job - -The FS_DeleteFiles_Status job is designed to report on deleted resources from targeted file servers -that were deleted from the FS_DeleteFiles job. See the [FS_DeleteFiles Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs-deletefiles.md) topic -for additional information. - -## Analysis Tasks for the FS_DeleteFiles_Status Job - -Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles_Status** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_DeleteFiles_Status Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp) - -The following analysis task is selected by default: - -- Summarize file deletion actions – Creates the SA_FS_Delete_Status_Summary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_DeleteFiles_Status job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| File Deletions | This report summarizes file deletions which have occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of file deletions - Table – provides details on file deletions | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs-deletefiles.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs-deletefiles.md deleted file mode 100644 index 644c541f58..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs-deletefiles.md +++ /dev/null @@ -1,69 +0,0 @@ -# FS_DeleteFiles Job - -The FS_DeleteFiles job is designed to delete resources from targeted file servers that were -previously quarantined and can be deleted. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The FS_DeleteFiles job has the following configurable parameter: - -- Number of days without access after which a file is a deletion candidate - -See the -[Customizable Analysis Tasks for the FS_DeleteFiles Job](#customizable-analysis-tasks-for-the-fs_deletefiles-job) -topic for additional information. - -## Analysis Tasks for the FS_DeleteFiles Job - -Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_DeleteFiles Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp) - -The following analysis tasks are selected by default: - -- Determine candidates for deletion – Creates the SA_FS_Delete_CandidatesView table accessible under - the job’s Results node - - - The threshold for the number of days without access after which a file becomes a candidate for - deletion can be configured. See the [Parameter Configuration](#parameter-configuration) topic - for additional information. - -### Customizable Analysis Tasks for the FS_DeleteFiles Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| --------------------------------- | --------------------------- | ------------- | ----------------------------------------------------------------------------------------- | -| Determine candidates for deletion | @DELETE_THRESHOLD | 180 | Set the number of days without access after which a file becomes a candidate for deletion | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for instructions to modify parameters. - -## Action Tasks for the FS_DeleteFiles Job - -Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles** > **Configure** -node and select **Actions** to view the action tasks. - -**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -![Action Tasks for the FS_DeleteFiles Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesaction.webp) - -The following actions are deselected by default: - -- Delete files – Deletes files that are listed as candidates for deletion in the - FS_Delete_CandidatesView table. The threshold for the number of days without access after which a - file becomes a candidate for deletion can be configured through the **Determines candidates for - deletion** analysis task. - - - See the [Parameter Configuration](#parameter-configuration) topic for additional information diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs_deletefiles.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs_deletefiles.md new file mode 100644 index 0000000000..ebaf4eeeef --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs_deletefiles.md @@ -0,0 +1,69 @@ +# FS_DeleteFiles Job + +The FS_DeleteFiles job is designed to delete resources from targeted file servers that were +previously quarantined and can be deleted. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The FS_DeleteFiles job has the following configurable parameter: + +- Number of days without access after which a file is a deletion candidate + +See the +[Customizable Analysis Tasks for the FS_DeleteFiles Job](#customizable-analysis-tasks-for-the-fs_deletefiles-job) +topic for additional information. + +## Analysis Tasks for the FS_DeleteFiles Job + +Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_DeleteFiles Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp) + +The following analysis tasks are selected by default: + +- Determine candidates for deletion – Creates the SA_FS_Delete_CandidatesView table accessible under + the job’s Results node + + - The threshold for the number of days without access after which a file becomes a candidate for + deletion can be configured. See the [Parameter Configuration](#parameter-configuration) topic + for additional information. + +### Customizable Analysis Tasks for the FS_DeleteFiles Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| --------------------------------- | --------------------------- | ------------- | ----------------------------------------------------------------------------------------- | +| Determine candidates for deletion | @DELETE_THRESHOLD | 180 | Set the number of days without access after which a file becomes a candidate for deletion | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions to modify parameters. + +## Action Tasks for the FS_DeleteFiles Job + +Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles** > **Configure** +node and select **Actions** to view the action tasks. + +**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +![Action Tasks for the FS_DeleteFiles Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/deletefilesaction.webp) + +The following actions are deselected by default: + +- Delete files – Deletes files that are listed as candidates for deletion in the + FS_Delete_CandidatesView table. The threshold for the number of days without access after which a + file becomes a candidate for deletion can be configured through the **Determines candidates for + deletion** analysis task. + + - See the [Parameter Configuration](#parameter-configuration) topic for additional information diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs_deletefiles_status.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs_deletefiles_status.md new file mode 100644 index 0000000000..fca680c8ad --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs_deletefiles_status.md @@ -0,0 +1,27 @@ +# FS_DeleteFiles_Status Job + +The FS_DeleteFiles_Status job is designed to report on deleted resources from targeted file servers +that were deleted from the FS_DeleteFiles job. See the [FS_DeleteFiles Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs_deletefiles.md) topic +for additional information. + +## Analysis Tasks for the FS_DeleteFiles_Status Job + +Navigate to the **FileSystem** > **Cleanup** > **4. Delete** > **FS_DeleteFiles_Status** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_DeleteFiles_Status Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp) + +The following analysis task is selected by default: + +- Summarize file deletion actions – Creates the SA_FS_Delete_Status_Summary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_DeleteFiles_Status job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| File Deletions | This report summarizes file deletions which have occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of file deletions - Table – provides details on file deletions | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/overview.md index bd76a08b87..7cbd4620c9 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/overview.md @@ -3,13 +3,13 @@ The 4. Delete job group is designed to report on and take action against resources from targeted file servers that can be deleted. -![4. Delete Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![4. Delete Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/jobstree.webp) This job group includes the following jobs: -- [FS_DeleteFiles Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs-deletefiles.md) – Designed to delete resources from targeted file servers +- [FS_DeleteFiles Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs_deletefiles.md) – Designed to delete resources from targeted file servers that were previously quarantined and can be deleted -- [FS_DeleteFiles_Status Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs-deletefiles-status.md) – Designed to report on deleted resources +- [FS_DeleteFiles_Status Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/fs_deletefiles_status.md) – Designed to report on deleted resources from targeted file servers that were deleted from the DeleteFiles job Workflow diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs-cleanupassessment.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs-cleanupassessment.md deleted file mode 100644 index 7fe0701e73..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs-cleanupassessment.md +++ /dev/null @@ -1,138 +0,0 @@ -# 1. Cleanup Assessment > FS_CleanupAssessment Job - -The FS_CleanupAssessment job is designed to report on and assess the status of target file servers -that can be cleaned up. - -To include share ownership information in the analyses, populate the SA_AIC_ResourceOwnersView prior -to running this job. This view populates when you assign owners to resources through the Access -Information Center Manage Owners page. See the Resource Owners topics in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. - -![1. Cleanup Assessment > FS_CleanupAssessment Job in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) - -The FS_CleanupAssessment job is located in the 1. Cleanup Assessment job group. - -Workflow - -The following is the recommended workflow for using the job group: - -**Step 1 –** **Prerequisite:** Successfully execute the following job groups: - -- .Active Directory Inventory -- File System > 0.Collection - -**Step 2 –** Schedule the 1. Cleanup Assessment job group to run as desired after the prerequisites -have completed. - -**Step 3 –** Review the reports generated by the 1. Cleanup Assessment group. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The FS_CleanupAssessment job has the following configurable parameters: - -- Number of days after which a resource’s LastModified timestamp classifies it as stale -- If 1, LastModified will be used to calculate staleness. If 0, LastAccessed will be used. -- UNC Paths of folders to exclude from staleness consideration (recursive) -- Lower bound for files to be included in the FileDetails table (by LastModfied, in days) -- Upper bound for files to be included in the FileDetails table (by LastModfied, in days) - -See the -[Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) -topic for additional information. - -## Analysis Tasks for the FS_CleanupAssessment Job - -Navigate to the **FileSystem** > **Cleanup** > **1. Cleanup Assessment** > -**FS_CleanupAssessment** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_CleanupAssessment Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp) - -The following analysis tasks are selected by default: - -- Create file-level view – Creates the SA_FS_CleanupView table accessible under the job’s Results - node. - - - See the [Include Metadata Tag Information](#include-metadata-tag-information) topic for - instructions on how to include metadata tag information in this table - - Has 3 configurable parameters. See the - [Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) - topic for additional information. - -- Create file-level details table – Creates the SA_FS_CleanupAssessment_FileDetails table accessible - under the job’s Results node - - - Has 2 configurable parameters. See the - [Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) - topic for additional information. - -- Summarize share-level information – Creates the SA_FS_CleanupAssessment_ShareDetails table - accessible under the job’s Results node -- Summarize host-level information – Creates the SA_FS_CleanupAssessment_HostDetails table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_CleanupAssessment job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | -| File System Cleanup - Files | This report highlights file-level cleanup information | None | This report is comprised of two elements: - Pie Chart – Displays enterprise stale file breakdown - Table – Provides details on files | -| File System Cleanup - Hosts | This report highlights host-level cleanup information | None | This report is comprised of two elements: - Stacked Chart – Displays top hosts by stale file percentage - Table – Provides details on hosts | -| File System Cleanup - Shares | This report highlights share-level cleanup information | None | This report is comprised of two elements: - Stacked Chart – Displays top shares by stale file percentage - Table – Provides details on shares | - -### Customizable Analysis Tasks for the FS_CleanupAssessment Job - -The default values for parameters that can be customized are: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------------------- | --------------------------- | ------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------- | -| Create File-Level View | @STALE_THRESHOLD | 365 | Set the number of days after which a resource’s Last Modified timestamp classifies it as stale | -| @USE_LAST_MODIFIED | 1 | If set to 1, Last Modified will be used to calculate staleness. If set to 0, Last Access will be used. | | -| #FOLDERS_TO_EXCLUDE | BLANK | Specify which UNC Paths of folders to exclude from staleness consideration | | -| Create File Level Details Table | @MIN_STALE_THRESHOLD | 730 | Set the lower bound of the files to be included in the FileDetails table (by Last Modfied, in days) | -| @MAX_STALE_THRESHOLD | 365 | Set the upper bound of the files to be included in the FileDetails table (by Last Modfied, in days) | | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for instructions to modify parameters. - -### Include Metadata Tag Information - -To include metadata tag information in the SA_FS_CleanupView table, the **FileSystem** > -**0.Collection** > **1-FSAA System Scans** job needs configuring to use the required option. Follow -the steps to enable the option on the File Detail Scan Settings page of the File System Scan query. - -**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAA System Scans** > -**Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, select the **File System Scan** query and click **Query -Properties**. The Query Properties window opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor -Data Collector Wizard opens. - -![File Details tab of the FSAA Data Collector Wizard Default Scoping Options page](/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp) - -**Step 4 –** Navigate to the **Default Scoping Options** page and click the **File Details** tab. - -![Options to select on File Details tab](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/includemetadatatagoptions.webp) - -**Step 5 –** On the File Details tab, select the **Scan file-level details** option, and then select -the **Collect tags/keywords from file metadata properties** option. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -**Step 6 –** Navigate to the **Scoping Queries** page of the File System Access Auditor Data -Collector Wizard and click Finish to save the changes and close the wizard. - -Metadata Tag Information will now be included in the SA_FS_CleanupView table the next time the -FS_CleanupAssessment job is run. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs-cleanupprogress.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs-cleanupprogress.md deleted file mode 100644 index ffca6901d4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs-cleanupprogress.md +++ /dev/null @@ -1,26 +0,0 @@ -# FS_CleanupProgress Job - -The FS_CleanupProgress job summarizes the progress of the cleanup effort and highlights the amount -of storage reclaimed on each host. - -## Analysis Tasks for the FS_CleanupProgress Job - -Navigate to the **FileSystem** > **Cleanup** > **FS_CleanupProgress** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_CleanupProgress Job](/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp) - -The following analysis tasks are selected by default: - -- Summarize share- and host-level cleanup progress – Creates the SA_FS_CleanupProgress_ShareDetails - table accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_CleanupProgress job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | --------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| Cleanup Progress | This report gives a high-level overview of an organization's cleanup effort | None | This report is comprised of two elements: - Bar Chart – Displays the host summary of cleanup progress - Table – provides details on cleanup progress | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs_cleanupassessment.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs_cleanupassessment.md new file mode 100644 index 0000000000..6cad827649 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs_cleanupassessment.md @@ -0,0 +1,138 @@ +# 1. Cleanup Assessment > FS_CleanupAssessment Job + +The FS_CleanupAssessment job is designed to report on and assess the status of target file servers +that can be cleaned up. + +To include share ownership information in the analyses, populate the SA_AIC_ResourceOwnersView prior +to running this job. This view populates when you assign owners to resources through the Access +Information Center Manage Owners page. See the Resource Owners topics in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. + +![1. Cleanup Assessment > FS_CleanupAssessment Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/jobstree_1.webp) + +The FS_CleanupAssessment job is located in the 1. Cleanup Assessment job group. + +Workflow + +The following is the recommended workflow for using the job group: + +**Step 1 –** **Prerequisite:** Successfully execute the following job groups: + +- .Active Directory Inventory +- File System > 0.Collection + +**Step 2 –** Schedule the 1. Cleanup Assessment job group to run as desired after the prerequisites +have completed. + +**Step 3 –** Review the reports generated by the 1. Cleanup Assessment group. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The FS_CleanupAssessment job has the following configurable parameters: + +- Number of days after which a resource’s LastModified timestamp classifies it as stale +- If 1, LastModified will be used to calculate staleness. If 0, LastAccessed will be used. +- UNC Paths of folders to exclude from staleness consideration (recursive) +- Lower bound for files to be included in the FileDetails table (by LastModfied, in days) +- Upper bound for files to be included in the FileDetails table (by LastModfied, in days) + +See the +[Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) +topic for additional information. + +## Analysis Tasks for the FS_CleanupAssessment Job + +Navigate to the **FileSystem** > **Cleanup** > **1. Cleanup Assessment** > +**FS_CleanupAssessment** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_CleanupAssessment Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp) + +The following analysis tasks are selected by default: + +- Create file-level view – Creates the SA_FS_CleanupView table accessible under the job’s Results + node. + + - See the [Include Metadata Tag Information](#include-metadata-tag-information) topic for + instructions on how to include metadata tag information in this table + - Has 3 configurable parameters. See the + [Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) + topic for additional information. + +- Create file-level details table – Creates the SA_FS_CleanupAssessment_FileDetails table accessible + under the job’s Results node + + - Has 2 configurable parameters. See the + [Customizable Analysis Tasks for the FS_CleanupAssessment Job](#customizable-analysis-tasks-for-the-fs_cleanupassessment-job) + topic for additional information. + +- Summarize share-level information – Creates the SA_FS_CleanupAssessment_ShareDetails table + accessible under the job’s Results node +- Summarize host-level information – Creates the SA_FS_CleanupAssessment_HostDetails table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_CleanupAssessment job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | +| File System Cleanup - Files | This report highlights file-level cleanup information | None | This report is comprised of two elements: - Pie Chart – Displays enterprise stale file breakdown - Table – Provides details on files | +| File System Cleanup - Hosts | This report highlights host-level cleanup information | None | This report is comprised of two elements: - Stacked Chart – Displays top hosts by stale file percentage - Table – Provides details on hosts | +| File System Cleanup - Shares | This report highlights share-level cleanup information | None | This report is comprised of two elements: - Stacked Chart – Displays top shares by stale file percentage - Table – Provides details on shares | + +### Customizable Analysis Tasks for the FS_CleanupAssessment Job + +The default values for parameters that can be customized are: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------------------- | --------------------------- | ------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------- | +| Create File-Level View | @STALE_THRESHOLD | 365 | Set the number of days after which a resource’s Last Modified timestamp classifies it as stale | +| @USE_LAST_MODIFIED | 1 | If set to 1, Last Modified will be used to calculate staleness. If set to 0, Last Access will be used. | | +| #FOLDERS_TO_EXCLUDE | BLANK | Specify which UNC Paths of folders to exclude from staleness consideration | | +| Create File Level Details Table | @MIN_STALE_THRESHOLD | 730 | Set the lower bound of the files to be included in the FileDetails table (by Last Modfied, in days) | +| @MAX_STALE_THRESHOLD | 365 | Set the upper bound of the files to be included in the FileDetails table (by Last Modfied, in days) | | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions to modify parameters. + +### Include Metadata Tag Information + +To include metadata tag information in the SA_FS_CleanupView table, the **FileSystem** > +**0.Collection** > **1-FSAA System Scans** job needs configuring to use the required option. Follow +the steps to enable the option on the File Detail Scan Settings page of the File System Scan query. + +**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAA System Scans** > +**Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, select the **File System Scan** query and click **Query +Properties**. The Query Properties window opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor +Data Collector Wizard opens. + +![File Details tab of the FSAA Data Collector Wizard Default Scoping Options page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp) + +**Step 4 –** Navigate to the **Default Scoping Options** page and click the **File Details** tab. + +![Options to select on File Details tab](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/includemetadatatagoptions.webp) + +**Step 5 –** On the File Details tab, select the **Scan file-level details** option, and then select +the **Collect tags/keywords from file metadata properties** option. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +**Step 6 –** Navigate to the **Scoping Queries** page of the File System Access Auditor Data +Collector Wizard and click Finish to save the changes and close the wizard. + +Metadata Tag Information will now be included in the SA_FS_CleanupView table the next time the +FS_CleanupAssessment job is run. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs_cleanupprogress.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs_cleanupprogress.md new file mode 100644 index 0000000000..c58897c278 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs_cleanupprogress.md @@ -0,0 +1,26 @@ +# FS_CleanupProgress Job + +The FS_CleanupProgress job summarizes the progress of the cleanup effort and highlights the amount +of storage reclaimed on each host. + +## Analysis Tasks for the FS_CleanupProgress Job + +Navigate to the **FileSystem** > **Cleanup** > **FS_CleanupProgress** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_CleanupProgress Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/cleanupprogressanalysis.webp) + +The following analysis tasks are selected by default: + +- Summarize share- and host-level cleanup progress – Creates the SA_FS_CleanupProgress_ShareDetails + table accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_CleanupProgress job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | --------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | +| Cleanup Progress | This report gives a high-level overview of an organization's cleanup effort | None | This report is comprised of two elements: - Bar Chart – Displays the host summary of cleanup progress - Table – provides details on cleanup progress | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs-notifyowners-status.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs-notifyowners-status.md deleted file mode 100644 index ad3c1946dc..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs-notifyowners-status.md +++ /dev/null @@ -1,27 +0,0 @@ -# FS_NotifyOwners_Status Job - -The FS_NotifyOwners_Status job is comprised of analysis and reports that summarize the actions -performed by the FS_NotifyOwners job. See the [FS_NotifyOwners Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs-notifyowners.md) topic for -additional information. - -## Analysis Tasks for the FS_NotifyOwners_Status Job - -Navigate to the **FileSystem** > **Cleanup** > **2. Notify** > **FS_NotifyOwners_Status** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_NotifyOwners_Status Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp) - -The following analysis tasks are selected by default: - -- Summarize notifications – Creates the SA_FS_CleanupAssessment_ShareDetails_NotifySummary table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_NotifyOwners_Status job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Owner Notifications (Share Owner Notifications) | This report summarizes share owner notifications which have occurred during the Cleanup effort | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of notify share owners - Table – provides details on notify share owners | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs-notifyowners.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs-notifyowners.md deleted file mode 100644 index 5d60b53c3c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs-notifyowners.md +++ /dev/null @@ -1,65 +0,0 @@ -# FS_NotifyOwners Job - -The FS_NotifyOwners job is comprised of the SendMail action module that uses the data collected by -the **FileSystem** > **Cleanup** > **1. Cleanup Assessment** > **FS_CleanupAssessment** job to -contact owners of shares containing data for which cleanup is pending. - -## Action Tasks for the FS_NotifyOwners Job - -Navigate to the **FileSystem** > **Cleanup** > **2. Notify** > **FS_NotifyOwners** > **Configure** -node and select **Actions** to view the action tasks. - -**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -![Action Tasks for the FS_NotifyOwners Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersaction.webp) - -The following action task is deselected by default. - -- Notify Owners – Notifies share owners using SendMail module - -Prior to running the FS_NotifyOwners job, it is necessary to select the **Notify Owners** task and -configure the properties for the SendMail action module. See the -[Configure the FS_NotifyOwners Action](#configure-the-fs_notifyowners-action) topic for additional -information. - -### Configure the FS_NotifyOwners Action - -The recipients and the text of the email can be customized on the Properties page within the Send -Mail Action Module Wizard. The -[1. Cleanup Assessment > FS_CleanupAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs-cleanupassessment.md) must be run before -the Send Mail Action Module Wizard can be opened. Follow these steps to customize the Notify Owners -action task. - -**Step 1 –** Navigate to the job’s **Configure** node and select **Actions**. - -**Step 2 –** In the Action Selection view, select the desired action task and click **Action -Properties** to view the Action Properties page. - -**Step 3 –** Click **Configure Action** to open the Send Mail Action Module Wizard. - -_Remember,_ the FS_CleanupAssessment job must be run before the Send Mail Action Module Wizard can -be opened. - -![Send Mail Action Module Wizard Properties page](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp) - -**Step 4 –** On the Properties page, customize the following fields: - -- Carbon copy (CC) – Add the recipient emails within this field - - **NOTE:** Email recipients may also be added within the Notification node under the Global - Settings pane. - -![Send Mail Action Module Wizard Message page](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp) - -**Step 5 –** On the Message page, customize the following fields: - -- Subject – Enter text for the display line on delivered emails -- Text Entry Box – Enter text to display on the body of each email - -**Step 6 –** Navigate to the Summary page, click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Send Mail Action Module -Wizard. - -The action task has been customized. It can now be selected and run as part of the FS_NotifyOwners -job. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs_notifyowners.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs_notifyowners.md new file mode 100644 index 0000000000..8151f489d7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs_notifyowners.md @@ -0,0 +1,65 @@ +# FS_NotifyOwners Job + +The FS_NotifyOwners job is comprised of the SendMail action module that uses the data collected by +the **FileSystem** > **Cleanup** > **1. Cleanup Assessment** > **FS_CleanupAssessment** job to +contact owners of shares containing data for which cleanup is pending. + +## Action Tasks for the FS_NotifyOwners Job + +Navigate to the **FileSystem** > **Cleanup** > **2. Notify** > **FS_NotifyOwners** > **Configure** +node and select **Actions** to view the action tasks. + +**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +![Action Tasks for the FS_NotifyOwners Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/notifyownersaction.webp) + +The following action task is deselected by default. + +- Notify Owners – Notifies share owners using SendMail module + +Prior to running the FS_NotifyOwners job, it is necessary to select the **Notify Owners** task and +configure the properties for the SendMail action module. See the +[Configure the FS_NotifyOwners Action](#configure-the-fs_notifyowners-action) topic for additional +information. + +### Configure the FS_NotifyOwners Action + +The recipients and the text of the email can be customized on the Properties page within the Send +Mail Action Module Wizard. The +[1. Cleanup Assessment > FS_CleanupAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs_cleanupassessment.md) must be run before +the Send Mail Action Module Wizard can be opened. Follow these steps to customize the Notify Owners +action task. + +**Step 1 –** Navigate to the job’s **Configure** node and select **Actions**. + +**Step 2 –** In the Action Selection view, select the desired action task and click **Action +Properties** to view the Action Properties page. + +**Step 3 –** Click **Configure Action** to open the Send Mail Action Module Wizard. + +_Remember,_ the FS_CleanupAssessment job must be run before the Send Mail Action Module Wizard can +be opened. + +![Send Mail Action Module Wizard Properties page](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp) + +**Step 4 –** On the Properties page, customize the following fields: + +- Carbon copy (CC) – Add the recipient emails within this field + + **NOTE:** Email recipients may also be added within the Notification node under the Global + Settings pane. + +![Send Mail Action Module Wizard Message page](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp) + +**Step 5 –** On the Message page, customize the following fields: + +- Subject – Enter text for the display line on delivered emails +- Text Entry Box – Enter text to display on the body of each email + +**Step 6 –** Navigate to the Summary page, click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Send Mail Action Module +Wizard. + +The action task has been customized. It can now be selected and run as part of the FS_NotifyOwners +job. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs_notifyowners_status.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs_notifyowners_status.md new file mode 100644 index 0000000000..e4d4a7b1a4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs_notifyowners_status.md @@ -0,0 +1,27 @@ +# FS_NotifyOwners_Status Job + +The FS_NotifyOwners_Status job is comprised of analysis and reports that summarize the actions +performed by the FS_NotifyOwners job. See the [FS_NotifyOwners Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs_notifyowners.md) topic for +additional information. + +## Analysis Tasks for the FS_NotifyOwners_Status Job + +Navigate to the **FileSystem** > **Cleanup** > **2. Notify** > **FS_NotifyOwners_Status** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_NotifyOwners_Status Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp) + +The following analysis tasks are selected by default: + +- Summarize notifications – Creates the SA_FS_CleanupAssessment_ShareDetails_NotifySummary table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_NotifyOwners_Status job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Owner Notifications (Share Owner Notifications) | This report summarizes share owner notifications which have occurred during the Cleanup effort | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of notify share owners - Table – provides details on notify share owners | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/overview.md index 4097a74e65..00f805c119 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/overview.md @@ -4,16 +4,16 @@ The 2. Notify job group is designed to report on and notify owners of resources servers that data is pending cleanup. **NOTE:** The SendMail action module requires configuration of the Notification Settings in the -Global Settings. See the [Notification](/docs/accessanalyzer/12.0/administration/settings/notification.md) topic for +Global Settings. See the [Notification](/docs/accessanalyzer/12.0/admin/settings/notification.md) topic for additional information. -![2. Notify Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![2. Notify Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/jobstree.webp) This job group includes the following jobs: -- [FS_NotifyOwners Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs-notifyowners.md) – Designed to notify share owners that there is data +- [FS_NotifyOwners Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs_notifyowners.md) – Designed to notify share owners that there is data within their share pending cleanup -- [FS_NotifyOwners_Status Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs-notifyowners-status.md) – Designed to summarize the actions taken +- [FS_NotifyOwners_Status Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/fs_notifyowners_status.md) – Designed to summarize the actions taken by the NotifyOwners job Workflow diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/overview.md index 3a5f6b5325..ee377b4e41 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/overview.md @@ -8,11 +8,11 @@ the rest of the File System solution. **NOTE:** The Cleanup job group requires additional licenses to function. For information, contact your Netwrix representative. -![Cleanup Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Cleanup Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/jobstree.webp) The Cleanup job group includes the following job groups and jobs: -- [1. Cleanup Assessment > FS_CleanupAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs-cleanupassessment.md) – Designed to report +- [1. Cleanup Assessment > FS_CleanupAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs_cleanupassessment.md) – Designed to report on and assess the status of target file servers that can be cleaned up - [2. Notify Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/overview.md) – Designed to report on and notify the owners of resources of target file servers that data is pending cleanup @@ -21,13 +21,13 @@ The Cleanup job group includes the following job groups and jobs: necessary - [4. Delete Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/overview.md) – Designed to report on and take action against resources from targeted file servers that can be deleted -- [FS_CleanupProgress Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs-cleanupprogress.md) – Summarizes the progress of the Cleanup effort +- [FS_CleanupProgress Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/fs_cleanupprogress.md) – Summarizes the progress of the Cleanup effort and highlights the amount of storage reclaimed on each host Many jobs in this group include one or more pre-built actions designed to apply operations to the data tables generated by the job’s analysis tasks. These actions perform the cleanup operations. By default, the actions do not execute as part of the job group. You must select the actions you want -to run prior to execution. See the [Action Modules](/docs/accessanalyzer/12.0/actions/overview.md) topic for +to run prior to execution. See the [Action Modules](/docs/accessanalyzer/12.0/admin/action/overview.md) topic for additional information. ## Recommended Configurations for the FS Cleanup Job Group @@ -43,12 +43,12 @@ The Cleanup job group has the following prerequisites: - Successfully execute the **FileSystem** > **0.Collection** job group with the following options enabled: - - Scan file-level details - - Collect ownership and permission information for files + - Scan file-level details + - Collect ownership and permission information for files - See the - [FSAA: Default Scoping Options](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options.md) - topic for additional information. + See the + [FSAA: Default Scoping Options](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions.md) + topic for additional information. Individual jobs and job groups within the Cleanup job group may have their own prerequisites and dependencies. See the relevant topic for the job or job group for information about these. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-quarantinedata-status.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-quarantinedata-status.md deleted file mode 100644 index 3b8634191c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-quarantinedata-status.md +++ /dev/null @@ -1,26 +0,0 @@ -# FS_QuarantineData_Status Job - -The FS_QuarantineData_Status job is designed to report on the FS_QuarantineData job. See the -[FS_QuarantineData Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-quarantinedata.md) topic for additional information. - -## Analysis Tasks for the FS_QuarantineData_Status Job - -Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_QuarantineData_Status** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_QuarantineData_Status Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp) - -The following analysis task is selected by default: - -- Summarize quarantine actions – Creates the SA_FS_Quarantine_Status_Summary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_QuarantineData_Status job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------- | -------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| File Quarantining | This report summarizes file quarantining which has occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of file quarantining - Table – provides details on file quarantining | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-quarantinedata.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-quarantinedata.md deleted file mode 100644 index 983d03e966..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-quarantinedata.md +++ /dev/null @@ -1,23 +0,0 @@ -# FS_QuarantineData Job - -The FS_QuarantineData job is designed to quarantine files subject to be cleaned up. - -## Action Tasks for the FS_QuarantineData Job - -Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_QuarantineData** > -**Configure** node and select **Actions** to view the action tasks. - -**CAUTION:** Do not enable the actions unless they are required. Disable the actions after execution -to prevent making unintended and potentially harmful changes to Active Directory. - -**CAUTION:** Do not modify the action tasks. The action tasks are preconfigured for this job. - -![Action Tasks for the FS_QuarantineData Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp) - -The following action tasks are deselected by default: - -- Give domain user full control – Gives a specified domain user full control over stale files -- Break inherited permissions – Breaks inherited permissions - -Prior to running the FS_QuarantineData job, it is necessary to select the **Give domain user full -control** or **Break inherited permissions** task to perform an action. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-restoreinheritance-status.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-restoreinheritance-status.md deleted file mode 100644 index ba741c51a6..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-restoreinheritance-status.md +++ /dev/null @@ -1,27 +0,0 @@ -# FS_RestoreInheritance_Status Job - -The FS_RestoreInheritance_Status job is designed to report on inheritance that was restored to -previously quarantined files. - -## Analysis Tasks for the FS_RestoreInheritance_Status Job - -Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > -**FS_RestoredInheritance_Status** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_RestoreInheritance_Status Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp) - -The following analysis tasks are selected by default: - -- Summarize restore inheritance actions – Creates an interim processing table in the database for - use by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the FS_RestoreInheritance_Status -job produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Restored Inheritance | This report summarizes restored inheritance which has occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of restored inheritance - Table – provides details on restored inheritance | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-restoreinheritance.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-restoreinheritance.md deleted file mode 100644 index e3dcf2f551..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-restoreinheritance.md +++ /dev/null @@ -1,35 +0,0 @@ -# FS_RestoreInheritance Job - -The FS_RestoreInheritance job is designed to restore inheritance to previously quarantined files. - -## Analysis Tasks for the FS_RestoreInheritance Job - -Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_RestoreInheritance** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_RestoreInheritance Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp) - -The following analysis task is selected by default: - -- Determines candidates for restored inheritance – Creates the - SA_FS_RestoreInheritance_CandidatesView table accessible under the job’s Results node - -## Action Tasks for the FS_RestoreInheritance Job - -Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_RestoreInheritance** > -**Configure** node and select **Actions** to view the action tasks. - -**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to -prevent making unintended and potentially harmful changes to Active Directory. - -**CAUTION:** Do not modify the action task. The action task is preconfigured for this job. - -![Action Tasks for the FS_RestoreInheritance Job](/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp) - -The following action tasks are deselected by default: - -- Restore Permissions – Restores permission inheritance to quarantined files where activity has - occurred diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_quarantinedata.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_quarantinedata.md new file mode 100644 index 0000000000..25c2440900 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_quarantinedata.md @@ -0,0 +1,23 @@ +# FS_QuarantineData Job + +The FS_QuarantineData job is designed to quarantine files subject to be cleaned up. + +## Action Tasks for the FS_QuarantineData Job + +Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_QuarantineData** > +**Configure** node and select **Actions** to view the action tasks. + +**CAUTION:** Do not enable the actions unless they are required. Disable the actions after execution +to prevent making unintended and potentially harmful changes to Active Directory. + +**CAUTION:** Do not modify the action tasks. The action tasks are preconfigured for this job. + +![Action Tasks for the FS_QuarantineData Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp) + +The following action tasks are deselected by default: + +- Give domain user full control – Gives a specified domain user full control over stale files +- Break inherited permissions – Breaks inherited permissions + +Prior to running the FS_QuarantineData job, it is necessary to select the **Give domain user full +control** or **Break inherited permissions** task to perform an action. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_quarantinedata_status.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_quarantinedata_status.md new file mode 100644 index 0000000000..efe026b20f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_quarantinedata_status.md @@ -0,0 +1,26 @@ +# FS_QuarantineData_Status Job + +The FS_QuarantineData_Status job is designed to report on the FS_QuarantineData job. See the +[FS_QuarantineData Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_quarantinedata.md) topic for additional information. + +## Analysis Tasks for the FS_QuarantineData_Status Job + +Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_QuarantineData_Status** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_QuarantineData_Status Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp) + +The following analysis task is selected by default: + +- Summarize quarantine actions – Creates the SA_FS_Quarantine_Status_Summary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_QuarantineData_Status job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------- | -------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| File Quarantining | This report summarizes file quarantining which has occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of file quarantining - Table – provides details on file quarantining | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance.md new file mode 100644 index 0000000000..e005ad9711 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance.md @@ -0,0 +1,35 @@ +# FS_RestoreInheritance Job + +The FS_RestoreInheritance job is designed to restore inheritance to previously quarantined files. + +## Analysis Tasks for the FS_RestoreInheritance Job + +Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_RestoreInheritance** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_RestoreInheritance Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp) + +The following analysis task is selected by default: + +- Determines candidates for restored inheritance – Creates the + SA_FS_RestoreInheritance_CandidatesView table accessible under the job’s Results node + +## Action Tasks for the FS_RestoreInheritance Job + +Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > **FS_RestoreInheritance** > +**Configure** node and select **Actions** to view the action tasks. + +**CAUTION:** Do not enable the action unless it is required. Disable the action after execution to +prevent making unintended and potentially harmful changes to Active Directory. + +**CAUTION:** Do not modify the action task. The action task is preconfigured for this job. + +![Action Tasks for the FS_RestoreInheritance Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp) + +The following action tasks are deselected by default: + +- Restore Permissions – Restores permission inheritance to quarantined files where activity has + occurred diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance_status.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance_status.md new file mode 100644 index 0000000000..dee01d5ba7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance_status.md @@ -0,0 +1,27 @@ +# FS_RestoreInheritance_Status Job + +The FS_RestoreInheritance_Status job is designed to report on inheritance that was restored to +previously quarantined files. + +## Analysis Tasks for the FS_RestoreInheritance_Status Job + +Navigate to the **FileSystem** > **Cleanup** > **3. Quarantine** > +**FS_RestoredInheritance_Status** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_RestoreInheritance_Status Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp) + +The following analysis tasks are selected by default: + +- Summarize restore inheritance actions – Creates an interim processing table in the database for + use by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the FS_RestoreInheritance_Status +job produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ----------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Restored Inheritance | This report summarizes restored inheritance which has occurred during the Cleanup process | None | This report is comprised of two elements: - Line Chart – Displays the historical summary of restored inheritance - Table – provides details on restored inheritance | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/overview.md index d482f9f75f..5d034aabdb 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/overview.md @@ -2,17 +2,17 @@ The 3. Quarantine job group is designed to report on and quarantine files that are pending cleanup. -![3. Quarantine Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![3. Quarantine Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/jobstree.webp) This job group includes the following jobs: -- [FS_QuarantineData Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-quarantinedata.md) – Designed to quarantine files subject to be cleaned +- [FS_QuarantineData Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_quarantinedata.md) – Designed to quarantine files subject to be cleaned up -- [FS_QuarantineData_Status Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-quarantinedata-status.md) – Designed to report on the +- [FS_QuarantineData_Status Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_quarantinedata_status.md) – Designed to report on the FS_QuarantineData job -- [FS_RestoreInheritance Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-restoreinheritance.md) – Designed to restore inheritance to +- [FS_RestoreInheritance Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance.md) – Designed to restore inheritance to previously quarantined files -- [FS_RestoreInheritance_Status Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs-restoreinheritance-status.md) – Designed to report on +- [FS_RestoreInheritance_Status Job](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/fs_restoreinheritance_status.md) – Designed to report on inheritance that was restored to previously quarantined files Workflow diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-create-schema.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-create-schema.md deleted file mode 100644 index 887a005709..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-create-schema.md +++ /dev/null @@ -1,46 +0,0 @@ -# 0-Create Schema Job - -The 0-Create Schema job within the 0.Collection job group creates and updates the schema for the -tables, views, and functions used by the rest of the File System Solution. This job needs to run -prior to the other jobs in the 0.Collection job group for both new installations and upgrades. The -job can be scheduled with any of the collections. Do not delete the job from the job tree. - -**_RECOMMENDED:_** This job does not need to be moved. Leave it to run as part of the 0.Collection -job group. - -## Analysis Tasks for the 0-Create Schema Job - -View the analysis task by navigating to the **FileSystem** > **0.Collection** > **0-Create -Schema** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Selection for the 0-Create Schema Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/createschemaanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create Tables – Creates all tables prefaced with SA*FSAA* -- 2. Create DFS Tables – Creates all tables prefaced with SA*FSDFS* -- 3. Create DLP Tables – Creates all tables prefaced with SA*FSDLP* -- 4. Create FSAC Tables – Creates all tables prefaced with SA*FSAC* -- 5. Create Rename Targets – Creates the SA_FSAC_Rename Targets tables -- 6. Create Paths View – Creates the SA_FSAA_Paths view -- 7. Update data types – Access Analyzer uses custom SQL data types to render data. This analysis - creates updates to those data types. -- 8. Import new functions – Creates functions used in the File System Solution that only reference - the .Active Directory Inventory job group data -- 9. Import new functions – Creates the FSAA functions used in the File System Solution that - reference the 0.Collection job group data -- 10. Create exception types – Creates the SA_FSAA_ExceptionTypes table -- 11. Create views – Creates the SA_FSAA_DirectPermissionsView -- 12. Create Exceptions Schema – Creates the SA_FSAC_Exception table and the - SA_FSAC_ExceptionTypes table -- 13. Create FSAC Views – Creates all views prefaced with SA*FSAC* -- 14. Create Functions – Creates the FSAC functions used in the File System Solution that - reference the 0.Collection job group data -- 15. Create FSDLP Views – Creates all views prefaced with SA*FSDLP* -- 16. Create DFS Functions – Creates the FSDFS functions used in the File System Solution that - reference the 0.Collection job group data -- 17. Create Azure Tables – Creates tables for Azure Files -- 18. Data Migration – Migrates data from an older schema version diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-create_schema.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-create_schema.md new file mode 100644 index 0000000000..fef26f9398 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-create_schema.md @@ -0,0 +1,46 @@ +# 0-Create Schema Job + +The 0-Create Schema job within the 0.Collection job group creates and updates the schema for the +tables, views, and functions used by the rest of the File System Solution. This job needs to run +prior to the other jobs in the 0.Collection job group for both new installations and upgrades. The +job can be scheduled with any of the collections. Do not delete the job from the job tree. + +**_RECOMMENDED:_** This job does not need to be moved. Leave it to run as part of the 0.Collection +job group. + +## Analysis Tasks for the 0-Create Schema Job + +View the analysis task by navigating to the **FileSystem** > **0.Collection** > **0-Create +Schema** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Selection for the 0-Create Schema Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/createschemaanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create Tables – Creates all tables prefaced with SA*FSAA* +- 2. Create DFS Tables – Creates all tables prefaced with SA*FSDFS* +- 3. Create DLP Tables – Creates all tables prefaced with SA*FSDLP* +- 4. Create FSAC Tables – Creates all tables prefaced with SA*FSAC* +- 5. Create Rename Targets – Creates the SA_FSAC_Rename Targets tables +- 6. Create Paths View – Creates the SA_FSAA_Paths view +- 7. Update data types – Access Analyzer uses custom SQL data types to render data. This analysis + creates updates to those data types. +- 8. Import new functions – Creates functions used in the File System Solution that only reference + the .Active Directory Inventory job group data +- 9. Import new functions – Creates the FSAA functions used in the File System Solution that + reference the 0.Collection job group data +- 10. Create exception types – Creates the SA_FSAA_ExceptionTypes table +- 11. Create views – Creates the SA_FSAA_DirectPermissionsView +- 12. Create Exceptions Schema – Creates the SA_FSAC_Exception table and the + SA_FSAC_ExceptionTypes table +- 13. Create FSAC Views – Creates all views prefaced with SA*FSAC* +- 14. Create Functions – Creates the FSAC functions used in the File System Solution that + reference the 0.Collection job group data +- 15. Create FSDLP Views – Creates all views prefaced with SA*FSDLP* +- 16. Create DFS Functions – Creates the FSDFS functions used in the File System Solution that + reference the 0.Collection job group data +- 17. Create Azure Tables – Creates tables for Azure Files +- 18. Data Migration – Migrates data from an older schema version diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fs-nasuni.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fs-nasuni.md deleted file mode 100644 index 467b5141a9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fs-nasuni.md +++ /dev/null @@ -1,30 +0,0 @@ -# 0-FS_Nasuni Job - -The 0-FS_Nasuni job is required in order to target Nasuni Edge Appliances. The job can be added from -the Access Analyzer Instant Job Library. See the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic to add this instant job to -the 0.Collection job group. - -**CAUTION:** It is necessary to rename the job after it has been added to the 0.Collection job group -from **FS_Nasuni** to **0-FS_Nasuni**, so that it runs immediately after the 0-Create Schema job. - -_Remember,_ the 0-FS_Nasuni job must be assigned a custom host list containing all on-premise Nasuni -Edge Appliances and cloud filers, and a custom Connection Profile containing the API Access Key and -Passcode for each on-premise Nasuni Edge Appliance and cloud filer in the target environment. Nasuni -API key names are case sensitive. When providing them, ensure they are entered in the exact same -case as generated. - -## Queries for the 0-FS_Nasuni Job - -The queries for the 0-FS_Nasuni job use the PowerShell Data collector to gather system information, -volume data, and share data from the Nasuni environment. - -**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. - -![Queries for the 0-FS_Nasuni Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsnasuniquery.webp) - -The queries for the 0-FS_Nasuni job are: - -- SysInfo – Collects Nasuni system information -- Volumes – Collects Nasuni volume information -- Shares – Collects Nasuni CIFS/SMB share information diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fs_nasuni.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fs_nasuni.md new file mode 100644 index 0000000000..47f4446a35 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fs_nasuni.md @@ -0,0 +1,30 @@ +# 0-FS_Nasuni Job + +The 0-FS_Nasuni job is required in order to target Nasuni Edge Appliances. The job can be added from +the Access Analyzer Instant Job Library. See the +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic to add this instant job to +the 0.Collection job group. + +**CAUTION:** It is necessary to rename the job after it has been added to the 0.Collection job group +from **FS_Nasuni** to **0-FS_Nasuni**, so that it runs immediately after the 0-Create Schema job. + +_Remember,_ the 0-FS_Nasuni job must be assigned a custom host list containing all on-premise Nasuni +Edge Appliances and cloud filers, and a custom Connection Profile containing the API Access Key and +Passcode for each on-premise Nasuni Edge Appliance and cloud filer in the target environment. Nasuni +API key names are case sensitive. When providing them, ensure they are entered in the exact same +case as generated. + +## Queries for the 0-FS_Nasuni Job + +The queries for the 0-FS_Nasuni job use the PowerShell Data collector to gather system information, +volume data, and share data from the Nasuni environment. + +**CAUTION:** Do not modify the queries. The queries are preconfigured for this job. + +![Queries for the 0-FS_Nasuni Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsnasuniquery.webp) + +The queries for the 0-FS_Nasuni job are: + +- SysInfo – Collects Nasuni system information +- Volumes – Collects Nasuni volume information +- Shares – Collects Nasuni CIFS/SMB share information diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fsdfs-system-scans.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fsdfs-system-scans.md deleted file mode 100644 index f81540c659..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fsdfs-system-scans.md +++ /dev/null @@ -1,32 +0,0 @@ -# 0-FSDFS System Scans Job - -The 0-FSDFS System Scans job enumerates a list of all root and link targets in the distributed file -system and creating a dynamic host list that will be used by the components. - -## Query for the 0-FSDFS System Scans Job - -The DFS System Scan Query uses the FSAA Data Collector and has been preconfigured to use the DFS -Scan Category. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the 0-FSDFS System Scans Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansquery.webp) - -- DFS System Scan – Scans the DFS System - -## Analysis Tasks for the 0-FSDFS System Scans Job - -View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **0-FSDFS System -Scans** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 0-FSDFS System Scans Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansanalysis.webp) - -The following analysis tasks are selected by default: - -- Create Hosts View – Creates the 0-FSDFS_System_HostView visible through the Results node that - contains the dynamic host list -- Create Views – Creates the FSDFS_NamespacesTraversalView visible through the Results node that - contains expansion of all the scanned namespaces diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fsdfs_system_scans.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fsdfs_system_scans.md new file mode 100644 index 0000000000..0e369499d0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fsdfs_system_scans.md @@ -0,0 +1,32 @@ +# 0-FSDFS System Scans Job + +The 0-FSDFS System Scans job enumerates a list of all root and link targets in the distributed file +system and creating a dynamic host list that will be used by the components. + +## Query for the 0-FSDFS System Scans Job + +The DFS System Scan Query uses the FSAA Data Collector and has been preconfigured to use the DFS +Scan Category. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the 0-FSDFS System Scans Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsdfssystemscansquery.webp) + +- DFS System Scan – Scans the DFS System + +## Analysis Tasks for the 0-FSDFS System Scans Job + +View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **0-FSDFS System +Scans** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 0-FSDFS System Scans Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsdfssystemscansanalysis.webp) + +The following analysis tasks are selected by default: + +- Create Hosts View – Creates the 0-FSDFS_System_HostView visible through the Results node that + contains the dynamic host list +- Create Views – Creates the FSDFS_NamespacesTraversalView visible through the Results node that + contains expansion of all the scanned namespaces diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa-system-scans.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa-system-scans.md deleted file mode 100644 index b945924373..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa-system-scans.md +++ /dev/null @@ -1,185 +0,0 @@ -# 1-FSAA System Scans Job - -The 1-FSAA System Scans job is designed to collect access information from the targeted file -servers. - -## Query for the 1-FSAA System Scans Job - -The File System Scan query uses the FSAA Data Collector. - -![Query for the 1-FSAA System Scans Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaasystemscansquery.webp) - -The following default configurations are commonly customized: - -- Default Scoping Options page > File Properties (Folder Summary) tab: - - - Set to limit the **Scan for Probable Owners**, with Limit maximum number of probable owners to - return per folder set to 5 - - Set to **Scan for file types**, with Limit maximum number of file types to return per folder - set to 5 - -- Scan Server Selection page: - - - Set to **Local Server**, or local mode scans - -- Default Scoping Options page > Scan Settings tab: - - - Set to **Limit subfolder scan depth to 2 level(s)** - -See the [Recommended Configuration for the File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/recommended.md) topic for a -complete list of customizable settings. See the -[Configure the (FSAA) File System Scan Query](#configure-the-fsaa-file-system-scan-query) topic for -additional information. - -### Configure the (FSAA) File System Scan Query - -The 1-FSAA System Scans job has been preconfigured to run with the default settings with the -category of File system access/permission auditing Scan. Follow the steps to set any desired -customizations. - -**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAA System Scans** > -**Configure** node and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor -Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Applet Settings](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekappletsettings.webp) - -**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans. If employing proxy -servers, see the [FSAA: Applet Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md) topic -for configuration instructions. - -![Scan Server Selection](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekserverselection.webp) - -**Step 5 –** On the Scan Server Selection page, select the server that will execute the scan. See -the [FSAA: Scan Server Selection](/docs/accessanalyzer/12.0/data-collection/fsaa/scan-server-selection.md) topic -for additional information. - -![Scan Settings](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscansettings.webp) - -**Step 6 –** On the Scan Settings page, you can enable streaming. See the -[FSAA: Scan Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/scan-settings.md) topic for additional -information. - -**NOTE:** If streaming is enabled, the **2-FSAA Bulk Import** job is no longer needed as part of the -**0.Collection** job group. - -![Azure Tennant Mapping](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp) - -**Step 7 –** On the Azure Tenant Mapping page, add the AppPrincipalID (App ID) and Tenant ID. See -the [FSAA: Azure Tenant Mapping](/docs/accessanalyzer/12.0/data-collection/fsaa/azure-tenant-mapping.md) topic for -additional information. - -![Default Scoping Options](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptions.webp) - -**Step 8 –** On the Default Scoping Options page, configure the following on the Scan Setting tab: - -- Limit subfolder scan depth to – Select this checkbox and use the arrow buttons to modify the - subfolder scan depth -- Exclude snapshot directories on NetApp server – Select this checkbox to exclude snapshot - directories on NetApp server -- Exclude system shares – Select this checkbox to exclude system shares -- Exclude hidden shares – Select this checkbox to exclude hidden shares -- Specify action on Last Access Time (LAT) preservation as follows: - - - Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to - enable an operating system feature to preserve the LAT when accessing the file. This operation - may fail for a variety of reasons, which include but are not limited to: the operating system - or file system where the file is located does not support LAT preservation, or insufficient - permissions from the service account trying to access the file. The following configuration - addresses a failure to enable the LAT preservation mode: - - - Continue to scan file silently – FSAA scans the file with the possibility that LAT - preservation is not possible. No warning will be shown. - - Continue to scan file with warning – FSAA scans the file with the possibility that LAT - will not be preserved. A warning will be shown for this file. - - Skip file silently – FSAA will not scan the file. No warning will be shown. - - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating - the file was skipped. - - Abort the scan – FSAA will abort the scan. No further files will be processed. - - - Action on changed LAT After scan – Before scanning each file, the LAT of the current file is - recorded. After scanning, it is verified whether the LAT has changed since then (likely - scenarios are either that the LAT preservation mechanism failed to function as intended, or - that the file was accessed by someone while the scan was occurring). The following - configuration addresses a changed LAT: - - - Continue scan silently – The scan will move on to the next file while updating the LAT for - the processed file. No warning will be shown. - - Continue scan with warning – The scan will continue on to the next file. LAT will be - updated for the processed file. A warning will be shown. - - Force-reset file LAT silently – The scan will reset the file's LAT to its original state - before processing. No warning will be shown. The scan will proceed to the next file. - - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original - state before processing. A warning will be shown. The scan will proceed to the next file. - - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No - other files will be processed - -See the [Scan Settings Tab](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/scan-settings.md) -topic for additional information. - -![File Details tab of the Default Scoping Options page](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp) - -**Step 9 –** On the File Details tab of the Default Scoping Options page, you can enable file-level -scans. See the -[File Details Tab](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-details.md) - -**_RECOMMENDED:_** Carefully consider configuring the following settings. Applying filters when file -detail scanning has been enabled reduces the impact on the database. - -![File Properties (Folder Summary) tab of the Default Scoping Options page](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp) - -**Step 10 –** On the File Properties (Folder Summary) tab of the Default Scoping Options page, you -can configure the following: - -- Enable scan for probable owners -- Add a limit to the number of probable owners returned -- Scope file types to scan -- Add collection of tags and keyword -- Enable return of files with only comma-separated values (CSV files). - -See the -[File Properties (Folder Summary) Tab](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/file-properties.md) -topic for additional information. - -![Scoping Options](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingoptions.webp) - -**Step 11 –** On the Scoping Options page, add share/folder inclusions and exclusions. See the -[FSAA: Scoping Options](/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-options.md) topic for additional -information. - -![Scoping Queries](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingqueries.webp) - -**Step 12 –** On the Scoping Queries page: - -- Add folder/share inclusions -- Add folder/share exclusions -- Restrict scans to DFS shares or Open shares - -See the [FSAA: Scoping Queries](/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-queries.md) topic for -additional information. - -**Step 13 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes -were made. Then click **OK** to close the Query Properties window. - -If changes were made, the **1-FSAA System Scans** job is now customized. - -## Analysis Task for the 1-FSAA System Scans Job - -View the analysis task by navigating to the **FileSystem** > **0.Collection** > **1-FSAA System -Scans** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Task for the 1-FSAA System Scans Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaasystemscansanalysis.webp) - -The following analysis task is selected by default: - -- 1. Resolve links – Resolves DFS links in standard tables diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa_system_scans.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa_system_scans.md new file mode 100644 index 0000000000..dc795647d0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa_system_scans.md @@ -0,0 +1,185 @@ +# 1-FSAA System Scans Job + +The 1-FSAA System Scans job is designed to collect access information from the targeted file +servers. + +## Query for the 1-FSAA System Scans Job + +The File System Scan query uses the FSAA Data Collector. + +![Query for the 1-FSAA System Scans Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaasystemscansquery.webp) + +The following default configurations are commonly customized: + +- Default Scoping Options page > File Properties (Folder Summary) tab: + + - Set to limit the **Scan for Probable Owners**, with Limit maximum number of probable owners to + return per folder set to 5 + - Set to **Scan for file types**, with Limit maximum number of file types to return per folder + set to 5 + +- Scan Server Selection page: + + - Set to **Local Server**, or local mode scans + +- Default Scoping Options page > Scan Settings tab: + + - Set to **Limit subfolder scan depth to 2 level(s)** + +See the [Recommended Configuration for the File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/recommended.md) topic for a +complete list of customizable settings. See the +[Configure the (FSAA) File System Scan Query](#configure-the-fsaa-file-system-scan-query) topic for +additional information. + +### Configure the (FSAA) File System Scan Query + +The 1-FSAA System Scans job has been preconfigured to run with the default settings with the +category of File system access/permission auditing Scan. Follow the steps to set any desired +customizations. + +**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAA System Scans** > +**Configure** node and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor +Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Applet Settings](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekappletsettings.webp) + +**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans. If employing proxy +servers, see the [FSAA: Applet Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md) topic +for configuration instructions. + +![Scan Server Selection](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekserverselection.webp) + +**Step 5 –** On the Scan Server Selection page, select the server that will execute the scan. See +the [FSAA: Scan Server Selection](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scanserverselection.md) topic +for additional information. + +![Scan Settings](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscansettings.webp) + +**Step 6 –** On the Scan Settings page, you can enable streaming. See the +[FSAA: Scan Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.md) topic for additional +information. + +**NOTE:** If streaming is enabled, the **2-FSAA Bulk Import** job is no longer needed as part of the +**0.Collection** job group. + +![Azure Tennant Mapping](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp) + +**Step 7 –** On the Azure Tenant Mapping page, add the AppPrincipalID (App ID) and Tenant ID. See +the [FSAA: Azure Tenant Mapping](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/azuretenantmapping.md) topic for +additional information. + +![Default Scoping Options](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaadefaultscopingoptions.webp) + +**Step 8 –** On the Default Scoping Options page, configure the following on the Scan Setting tab: + +- Limit subfolder scan depth to – Select this checkbox and use the arrow buttons to modify the + subfolder scan depth +- Exclude snapshot directories on NetApp server – Select this checkbox to exclude snapshot + directories on NetApp server +- Exclude system shares – Select this checkbox to exclude system shares +- Exclude hidden shares – Select this checkbox to exclude hidden shares +- Specify action on Last Access Time (LAT) preservation as follows: + + - Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to + enable an operating system feature to preserve the LAT when accessing the file. This operation + may fail for a variety of reasons, which include but are not limited to: the operating system + or file system where the file is located does not support LAT preservation, or insufficient + permissions from the service account trying to access the file. The following configuration + addresses a failure to enable the LAT preservation mode: + + - Continue to scan file silently – FSAA scans the file with the possibility that LAT + preservation is not possible. No warning will be shown. + - Continue to scan file with warning – FSAA scans the file with the possibility that LAT + will not be preserved. A warning will be shown for this file. + - Skip file silently – FSAA will not scan the file. No warning will be shown. + - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating + the file was skipped. + - Abort the scan – FSAA will abort the scan. No further files will be processed. + + - Action on changed LAT After scan – Before scanning each file, the LAT of the current file is + recorded. After scanning, it is verified whether the LAT has changed since then (likely + scenarios are either that the LAT preservation mechanism failed to function as intended, or + that the file was accessed by someone while the scan was occurring). The following + configuration addresses a changed LAT: + + - Continue scan silently – The scan will move on to the next file while updating the LAT for + the processed file. No warning will be shown. + - Continue scan with warning – The scan will continue on to the next file. LAT will be + updated for the processed file. A warning will be shown. + - Force-reset file LAT silently – The scan will reset the file's LAT to its original state + before processing. No warning will be shown. The scan will proceed to the next file. + - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original + state before processing. A warning will be shown. The scan will proceed to the next file. + - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No + other files will be processed + +See the [Scan Settings Tab](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md) +topic for additional information. + +![File Details tab of the Default Scoping Options page](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp) + +**Step 9 –** On the File Details tab of the Default Scoping Options page, you can enable file-level +scans. See the +[File Details Tab](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/filedetails.md) + +**_RECOMMENDED:_** Carefully consider configuring the following settings. Applying filters when file +detail scanning has been enabled reduces the impact on the database. + +![File Properties (Folder Summary) tab of the Default Scoping Options page](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp) + +**Step 10 –** On the File Properties (Folder Summary) tab of the Default Scoping Options page, you +can configure the following: + +- Enable scan for probable owners +- Add a limit to the number of probable owners returned +- Scope file types to scan +- Add collection of tags and keyword +- Enable return of files with only comma-separated values (CSV files). + +See the +[File Properties (Folder Summary) Tab](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.md) +topic for additional information. + +![Scoping Options](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscopingoptions.webp) + +**Step 11 –** On the Scoping Options page, add share/folder inclusions and exclusions. See the +[FSAA: Scoping Options](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptions.md) topic for additional +information. + +![Scoping Queries](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscopingqueries.webp) + +**Step 12 –** On the Scoping Queries page: + +- Add folder/share inclusions +- Add folder/share exclusions +- Restrict scans to DFS shares or Open shares + +See the [FSAA: Scoping Queries](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueries.md) topic for +additional information. + +**Step 13 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes +were made. Then click **OK** to close the Query Properties window. + +If changes were made, the **1-FSAA System Scans** job is now customized. + +## Analysis Task for the 1-FSAA System Scans Job + +View the analysis task by navigating to the **FileSystem** > **0.Collection** > **1-FSAA System +Scans** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Task for the 1-FSAA System Scans Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaasystemscansanalysis.webp) + +The following analysis task is selected by default: + +- 1. Resolve links – Resolves DFS links in standard tables diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac-system-scans.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac-system-scans.md deleted file mode 100644 index 03bd1c8e51..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac-system-scans.md +++ /dev/null @@ -1,74 +0,0 @@ -# 1-FSAC System Scans Job - -The 1-FSAC System Scans job is designed to collect activity events from the targeted file servers. - -## Query for the 1-FSAC System Scans Job - -The Activity Scan query uses the FSAA Data Collector and has been preconfigured to use the File -system activity Scan category. - -![Query for the 1-FSAC System Scans Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacsystemscansquery.webp) - -- Activity Scan – Scans for File System Activity - -The following default configurations are commonly customized: - -- Scan Server Selection page: - - - Set to **Local Server**, or local mode scans - -- Activity Settings page: - - - Set scan filter for detailed activity **60** days - - Set filter for statistics of activity **120** days - -See the [Recommended Configuration for the File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/recommended.md) topic for a -complete list of customizable settings. See the -[Configure the Activity Scan Query](#configure-the-activity-scan-query) topic for instructions. - -### Configure the Activity Scan Query - -The 1-FSAC System Scans job has been preconfigured to run with the default settings with the -category of File system activity Scan. Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAC System Scans** > -**Configure** node and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor -Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Applet Settings](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacappletsettings.webp) - -**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans which are selected -on the Scan Server Level Page. If employing proxy servers, see the -[FSAA: Applet Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md) topic for configuration -instructions. - -![Scan Server Selection](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacscanserverselection.webp) - -**Step 5 –** The Scan Server Selection page applies to the applet and proxy mode scans. Remember, -each mode has different provisioning requirements. See the -[FSAA: Scan Server Selection](/docs/accessanalyzer/12.0/data-collection/fsaa/scan-server-selection.md) topic for -additional information. - -![Activity Settings](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacactivitysettings.webp) - -**Step 6 –** On the Activity Settings page: - -- Modify the number of days detailed activity is kept -- Modify the number of days activity statistics are kept -- Modify log parsing limits - -See the [FSAA: Activity Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/activity-settings.md) topic for -additional information. - -**Step 7 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes -were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 1-FSAC System Scans job is now customized. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac_system_scans.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac_system_scans.md new file mode 100644 index 0000000000..ba522faf68 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac_system_scans.md @@ -0,0 +1,74 @@ +# 1-FSAC System Scans Job + +The 1-FSAC System Scans job is designed to collect activity events from the targeted file servers. + +## Query for the 1-FSAC System Scans Job + +The Activity Scan query uses the FSAA Data Collector and has been preconfigured to use the File +system activity Scan category. + +![Query for the 1-FSAC System Scans Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacsystemscansquery.webp) + +- Activity Scan – Scans for File System Activity + +The following default configurations are commonly customized: + +- Scan Server Selection page: + + - Set to **Local Server**, or local mode scans + +- Activity Settings page: + + - Set scan filter for detailed activity **60** days + - Set filter for statistics of activity **120** days + +See the [Recommended Configuration for the File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/recommended.md) topic for a +complete list of customizable settings. See the +[Configure the Activity Scan Query](#configure-the-activity-scan-query) topic for instructions. + +### Configure the Activity Scan Query + +The 1-FSAC System Scans job has been preconfigured to run with the default settings with the +category of File system activity Scan. Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-FSAC System Scans** > +**Configure** node and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor +Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Applet Settings](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacappletsettings.webp) + +**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans which are selected +on the Scan Server Level Page. If employing proxy servers, see the +[FSAA: Applet Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md) topic for configuration +instructions. + +![Scan Server Selection](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacscanserverselection.webp) + +**Step 5 –** The Scan Server Selection page applies to the applet and proxy mode scans. Remember, +each mode has different provisioning requirements. See the +[FSAA: Scan Server Selection](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scanserverselection.md) topic for +additional information. + +![Activity Settings](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacactivitysettings.webp) + +**Step 6 –** On the Activity Settings page: + +- Modify the number of days detailed activity is kept +- Modify the number of days activity statistics are kept +- Modify log parsing limits + +See the [FSAA: Activity Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/activitysettings.md) topic for +additional information. + +**Step 7 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes +were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 1-FSAC System Scans job is now customized. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek-system-scans.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek-system-scans.md deleted file mode 100644 index ae2eb37382..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek-system-scans.md +++ /dev/null @@ -1,204 +0,0 @@ -# 1-SEEK System Scans Job - -The 1-SEEK System Scans job is designed to collect sensitive data from the targeted file servers. - -## Query for the 1-SEEK System Scans Job - -The File System Scan query uses the FSAA Data Collector and has been preconfigured to use the -Sensitive data Scan category. - -![Query for the 1-SEEK System Scans Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/seeksystemscansquery.webp) - -- File System Scan – Scans the File System - -The following default configurations are commonly customized: - -- Scan Server Selection page: - - - Set to **Local Server**, or local mode scans - -- Default Scoping Options page > Scan Settings tab: - - - Set to **Limit subfolder scan depth to 2 level(s)** - - Set to **Exclude system shares** - -- Scoping Options - - - Add share and folder inclusions - - Add share and folder exclusions - -- Sensitive Data Settings page: - - - Set to **Don’t process files larger than 2 MB** - - Set to **Store discovered sensitive data** - - Set to scan typical documents - -- SDD Criteria Settings page: - - - Set to the following System Criteria: - - - Credit Cards - - Passwords - - Tax Forms - - US SSN - -See the [Recommended Configuration for the File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/recommended.md) topic for a -complete list of customizable settings. See the -[Configure the (SEEK) File System Scan Query](#configure-the-seek-file-system-scan-query) topic for -instructions. - -### Configure the (SEEK) File System Scan Query - -The 1-SEEK System Scans job has been preconfigured to run with the default settings with the -category of Sensitive data Scan. Follow these steps to set any desired customizations. - -**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-SEEK System Scans** > -**Configure** node and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor -Data Collector Wizard opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![Applet Settings](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekappletsettings.webp) - -**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans which are selected -on the Scan Server Level page. If employing proxy servers, see the -[FSAA: Applet Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md) topic for configuration -instructions. - -![Scan Server Selection](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekserverselection.webp) - -**Step 5 –** The Scan Server Selection page applies to the applet and proxy mode scans. Remember, -each mode has different provisioning requirements. In addition to changing the type of scan mode, -you can modify the scan restart settings. See the -[FSAA: Scan Server Selection](/docs/accessanalyzer/12.0/data-collection/fsaa/scan-server-selection.md) topic for -additional information. - -![Scan Settings](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscansettings.webp) - -**Step 6 –** On the Scan Settings page, you can enable streaming. See the -[FSAA: Scan Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/scan-settings.md) topic for additional -information. - -**NOTE:** If streaming is enabled, the **2-SEEK Bulk Import** job is no longer needed as part of the -**0.Collection** job group. - -![Azure Tenant Mapping](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp) - -**Step 7 –** On the Azure Tenant Mapping page, enable Azure Information Protection (AIP). See the -[FSAA: Azure Tenant Mapping](/docs/accessanalyzer/12.0/data-collection/fsaa/azure-tenant-mapping.md) topic for -additional information. - -![Default Scoping Options](/img/product_docs/accessanalyzer/solutions/filesystem/collection/seekdefaultscopingoptions.webp) - -**Step 8 –** On the Default Scoping Options page, configure the following on the Scan Setting tab: - -- Limit subfolder scan depth to – Select this checkbox and use the arrow buttons to modify the - subfolder scan depth -- Exclude snapshot directories on NetApp server – Select this checkbox to exclude snapshot - directories on NetApp server -- Exclude system shares – Select this checkbox to exclude system shares -- Exclude hidden shares - Select this checkbox to exclude hidden shares -- Last Access Time (LAT) preservation – Select this checkbox to specify action on Last Access Time - (LAT) preservation as follows: - - - Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to - enable an operating system feature to preserve the LAT when accessing the file. This operation - may fail for a variety of reasons, which include but are not limited to: the operating system - or file system where the file is located does not support LAT preservation, or insufficient - permissions from the service account trying to access the file. The following configuration - addresses a failure to enable the LAT preservation mode: - - - Continue to scan file silently – FSAA scans the file with the possibility that LAT - preservation is not possible. No warning will be shown. - - Continue to scan file with warning – FSAA scans the file with the possibility that LAT - will not be preserved. A warning will be shown for this file. - - Skip file silently – FSAA will not scan the file. No warning will be shown. - - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating - the file was skipped. - - Abort the scan – FSAA will abort the scan. No further files will be processed. - - - Action on changed LAT After scan – Before scanning each file, the LAT of the current file is - recorded. After scanning, it is verified whether the LAT has changed since then (likely - scenarios are either that the LAT preservation mechanism failed to function as intended, or - that the file was accessed by someone while the scan was occurring). The following - configuration addresses a changed LAT: - - - Continue scan silently – The scan will move on to the next file while updating the LAT for - the processed file. No warning will be shown. - - Continue scan with warning – The scan will continue on to the next file. LAT will be - updated for the processed file. A warning will be shown. - - Force-reset file LAT silently – The scan will reset the file's LAT to its original state - before processing. No warning will be shown. The scan will proceed to the next file. - - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original - state before processing. A warning will be shown. The scan will proceed to the next file. - - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No - other files will be processed - -See the [Scan Settings Tab](/docs/accessanalyzer/12.0/data-collection/fsaa/default-scoping-options/scan-settings.md) -topic for additional information. - -![Scoping Options](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingoptions.webp) - -**Step 9 –** On the Scoping Options page, add share/folder inclusions and exclusions. See the -[FSAA: Scoping Options](/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-options.md) topic for additional -information: - -![Scoping Queries](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingqueries.webp) - -**Step 10 –** On the Scoping Queries page: - -- Add share and folder inclusions -- Add share and folder exclusions -- Scope to scan only Open shares - -**NOTE:** This option only works in conjunction with File System Access Auditing. - -See the [FSAA: Scoping Queries](/docs/accessanalyzer/12.0/data-collection/fsaa/scoping-queries.md) topic for -additional information. - -![Sensitive Data Settings](/img/product_docs/accessanalyzer/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp) - -**Step 11 –** On the Sensitive Data Settings page: - -- Modify maximum file size to be scanned -- Add scanning offline files -- Modify file types to be scanned -- Enable differential scanning -- Modify the number of SDD scan processes - - **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host - should be 1 to 2 times the number of CPU threads available. - -- Enable Optical Character Recognition (OCR) scans - - **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents - directly converted to images, with standard fonts. It will not work for scanning photos of - documents and may not be able to recognize text on images of credit cards, driver's licenses, or - other identity cards. - -See the [FSAA: Sensitive Data Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/sensitive-data-settings.md) -topic for additional information. - -![SDD Criteria Settings](/img/product_docs/accessanalyzer/solutions/filesystem/collection/seeksddcriteriasettings.webp) - -**Step 12 –** On the SDD Criteria Settings page, add or remove criteria as desired. See the -[FSAA: SDD Criteria Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/sdd-criteria.md) topic for additional -information. - -- _(Optional)_ To create custom criteria, see the - [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) topic - for additional information - -**NOTE:** By default, discovered sensitive data strings are not stored in the Access Analyzer -database. - -**Step 13 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes -were made. Then click **OK** to close the Query Properties window. - -If changes were made, the **1-SEEK System Scans** Job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek_system_scans.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek_system_scans.md new file mode 100644 index 0000000000..7a991ef540 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek_system_scans.md @@ -0,0 +1,204 @@ +# 1-SEEK System Scans Job + +The 1-SEEK System Scans job is designed to collect sensitive data from the targeted file servers. + +## Query for the 1-SEEK System Scans Job + +The File System Scan query uses the FSAA Data Collector and has been preconfigured to use the +Sensitive data Scan category. + +![Query for the 1-SEEK System Scans Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seeksystemscansquery.webp) + +- File System Scan – Scans the File System + +The following default configurations are commonly customized: + +- Scan Server Selection page: + + - Set to **Local Server**, or local mode scans + +- Default Scoping Options page > Scan Settings tab: + + - Set to **Limit subfolder scan depth to 2 level(s)** + - Set to **Exclude system shares** + +- Scoping Options + + - Add share and folder inclusions + - Add share and folder exclusions + +- Sensitive Data Settings page: + + - Set to **Don’t process files larger than 2 MB** + - Set to **Store discovered sensitive data** + - Set to scan typical documents + +- SDD Criteria Settings page: + + - Set to the following System Criteria: + + - Credit Cards + - Passwords + - Tax Forms + - US SSN + +See the [Recommended Configuration for the File System Solution](/docs/accessanalyzer/12.0/solutions/filesystem/recommended.md) topic for a +complete list of customizable settings. See the +[Configure the (SEEK) File System Scan Query](#configure-the-seek-file-system-scan-query) topic for +instructions. + +### Configure the (SEEK) File System Scan Query + +The 1-SEEK System Scans job has been preconfigured to run with the default settings with the +category of Sensitive data Scan. Follow these steps to set any desired customizations. + +**Step 1 –** Navigate to the **FileSystem** > **0.Collection** > **1-SEEK System Scans** > +**Configure** node and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The File System Access Auditor +Data Collector Wizard opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![Applet Settings](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekappletsettings.webp) + +**Step 4 –** The Applet Settings page applies to the applet and proxy mode scans which are selected +on the Scan Server Level page. If employing proxy servers, see the +[FSAA: Applet Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md) topic for configuration +instructions. + +![Scan Server Selection](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekserverselection.webp) + +**Step 5 –** The Scan Server Selection page applies to the applet and proxy mode scans. Remember, +each mode has different provisioning requirements. In addition to changing the type of scan mode, +you can modify the scan restart settings. See the +[FSAA: Scan Server Selection](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scanserverselection.md) topic for +additional information. + +![Scan Settings](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscansettings.webp) + +**Step 6 –** On the Scan Settings page, you can enable streaming. See the +[FSAA: Scan Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.md) topic for additional +information. + +**NOTE:** If streaming is enabled, the **2-SEEK Bulk Import** job is no longer needed as part of the +**0.Collection** job group. + +![Azure Tenant Mapping](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp) + +**Step 7 –** On the Azure Tenant Mapping page, enable Azure Information Protection (AIP). See the +[FSAA: Azure Tenant Mapping](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/azuretenantmapping.md) topic for +additional information. + +![Default Scoping Options](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seekdefaultscopingoptions.webp) + +**Step 8 –** On the Default Scoping Options page, configure the following on the Scan Setting tab: + +- Limit subfolder scan depth to – Select this checkbox and use the arrow buttons to modify the + subfolder scan depth +- Exclude snapshot directories on NetApp server – Select this checkbox to exclude snapshot + directories on NetApp server +- Exclude system shares – Select this checkbox to exclude system shares +- Exclude hidden shares - Select this checkbox to exclude hidden shares +- Last Access Time (LAT) preservation – Select this checkbox to specify action on Last Access Time + (LAT) preservation as follows: + + - Action on failure to enable LAT Preservation – Before scanning each file, FSAA attempts to + enable an operating system feature to preserve the LAT when accessing the file. This operation + may fail for a variety of reasons, which include but are not limited to: the operating system + or file system where the file is located does not support LAT preservation, or insufficient + permissions from the service account trying to access the file. The following configuration + addresses a failure to enable the LAT preservation mode: + + - Continue to scan file silently – FSAA scans the file with the possibility that LAT + preservation is not possible. No warning will be shown. + - Continue to scan file with warning – FSAA scans the file with the possibility that LAT + will not be preserved. A warning will be shown for this file. + - Skip file silently – FSAA will not scan the file. No warning will be shown. + - Skip file with warning – FSAA will not scan the file. A warning will be shown indicating + the file was skipped. + - Abort the scan – FSAA will abort the scan. No further files will be processed. + + - Action on changed LAT After scan – Before scanning each file, the LAT of the current file is + recorded. After scanning, it is verified whether the LAT has changed since then (likely + scenarios are either that the LAT preservation mechanism failed to function as intended, or + that the file was accessed by someone while the scan was occurring). The following + configuration addresses a changed LAT: + + - Continue scan silently – The scan will move on to the next file while updating the LAT for + the processed file. No warning will be shown. + - Continue scan with warning – The scan will continue on to the next file. LAT will be + updated for the processed file. A warning will be shown. + - Force-reset file LAT silently – The scan will reset the file's LAT to its original state + before processing. No warning will be shown. The scan will proceed to the next file. + - Force-reset file LAT with warning – The scan will Reset the file's LAT to its original + state before processing. A warning will be shown. The scan will proceed to the next file. + - Abort the scan – FSAA will abort the scan. LAT will be updated for the processed file. No + other files will be processed + +See the [Scan Settings Tab](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/scansettings.md) +topic for additional information. + +![Scoping Options](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscopingoptions.webp) + +**Step 9 –** On the Scoping Options page, add share/folder inclusions and exclusions. See the +[FSAA: Scoping Options](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptions.md) topic for additional +information: + +![Scoping Queries](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscopingqueries.webp) + +**Step 10 –** On the Scoping Queries page: + +- Add share and folder inclusions +- Add share and folder exclusions +- Scope to scan only Open shares + +**NOTE:** This option only works in conjunction with File System Access Auditing. + +See the [FSAA: Scoping Queries](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueries.md) topic for +additional information. + +![Sensitive Data Settings](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp) + +**Step 11 –** On the Sensitive Data Settings page: + +- Modify maximum file size to be scanned +- Add scanning offline files +- Modify file types to be scanned +- Enable differential scanning +- Modify the number of SDD scan processes + + **_RECOMMENDED:_** For optimal performance, the total number of scan processes on a scan host + should be 1 to 2 times the number of CPU threads available. + +- Enable Optical Character Recognition (OCR) scans + + **NOTE:** The OCR option is intended to work for clear scanned physical documents or documents + directly converted to images, with standard fonts. It will not work for scanning photos of + documents and may not be able to recognize text on images of credit cards, driver's licenses, or + other identity cards. + +See the [FSAA: Sensitive Data Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/sensitivedatasettings.md) +topic for additional information. + +![SDD Criteria Settings](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seeksddcriteriasettings.webp) + +**Step 12 –** On the SDD Criteria Settings page, add or remove criteria as desired. See the +[FSAA: SDD Criteria Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/sddcriteria.md) topic for additional +information. + +- _(Optional)_ To create custom criteria, see the + [Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) topic + for additional information + +**NOTE:** By default, discovered sensitive data strings are not stored in the Access Analyzer +database. + +**Step 13 –** Click **Finish** to save any setting modifications or click **Cancel** if no changes +were made. Then click **OK** to close the Query Properties window. + +If changes were made, the **1-SEEK System Scans** Job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsaa-bulk-import.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsaa-bulk-import.md deleted file mode 100644 index 81369c36aa..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsaa-bulk-import.md +++ /dev/null @@ -1,36 +0,0 @@ -# 2-FSAA Bulk Import Job - -The 2-FSAA Bulk Import job is designed to import collected access information from the targeted file -servers. - -## Query for the 2-FSAA Bulk Import Job - -The Bulk import query uses the FSAA Data Collector and has been preconfigured to use the File system -access/permission auditing Bulk import category. - -![Query for the 2-FSAA Bulk Import Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaabulkimportquery.webp) - -- Bulk import – Imports scan data into SQL Server - - - Typically, this query is not modified. See the - [FileSystemAccess Data Collector](/docs/accessanalyzer/12.0/data-collection/fsaa/overview.md) topic for - information on when this query should be modified. - -## Analysis Tasks for the 2-FSAA Bulk Import Job - -View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **2-FSAA Bulk -Import** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 2-FSAA Bulk Import Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaabulkimportanalysis.webp) - -The following analysis tasks are selected by default: - -- Update Statistics – Improves performance on the FSAA tables -- Resolve links – Resolves DFS links in standard tables - -The following analysis task is deselected by default: - -- Nasuni – Resolves links for Nasuni Hosts diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsaa_bulk_import.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsaa_bulk_import.md new file mode 100644 index 0000000000..76e6f55762 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsaa_bulk_import.md @@ -0,0 +1,36 @@ +# 2-FSAA Bulk Import Job + +The 2-FSAA Bulk Import job is designed to import collected access information from the targeted file +servers. + +## Query for the 2-FSAA Bulk Import Job + +The Bulk import query uses the FSAA Data Collector and has been preconfigured to use the File system +access/permission auditing Bulk import category. + +![Query for the 2-FSAA Bulk Import Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaabulkimportquery.webp) + +- Bulk import – Imports scan data into SQL Server + + - Typically, this query is not modified. See the + [FileSystemAccess Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/overview.md) topic for + information on when this query should be modified. + +## Analysis Tasks for the 2-FSAA Bulk Import Job + +View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **2-FSAA Bulk +Import** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 2-FSAA Bulk Import Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaabulkimportanalysis.webp) + +The following analysis tasks are selected by default: + +- Update Statistics – Improves performance on the FSAA tables +- Resolve links – Resolves DFS links in standard tables + +The following analysis task is deselected by default: + +- Nasuni – Resolves links for Nasuni Hosts diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsac-bulk-import.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsac-bulk-import.md deleted file mode 100644 index a496353c05..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsac-bulk-import.md +++ /dev/null @@ -1,17 +0,0 @@ -# 2-FSAC Bulk Import Job - -The 2-FSAC Bulk Import job is designed to import collected access information from the targeted file -servers. - -## Query for the 2-FSAC Bulk Import Job - -The Bulk Import query uses the FSAA Data Collector and has been preconfigured to use the File system -activity Bulk import category. - -![Query for the 2-FSAC Bulk Import Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacbulkimportquery.webp) - -- Bulk Import – Imports data into SQL Server - - - Typically this query is not modified. See the - [FileSystemAccess Data Collector](/docs/accessanalyzer/12.0/data-collection/fsaa/overview.md) topic for - information on when this query should be modified. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsac_bulk_import.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsac_bulk_import.md new file mode 100644 index 0000000000..fb9863a3d0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsac_bulk_import.md @@ -0,0 +1,17 @@ +# 2-FSAC Bulk Import Job + +The 2-FSAC Bulk Import job is designed to import collected access information from the targeted file +servers. + +## Query for the 2-FSAC Bulk Import Job + +The Bulk Import query uses the FSAA Data Collector and has been preconfigured to use the File system +activity Bulk import category. + +![Query for the 2-FSAC Bulk Import Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacbulkimportquery.webp) + +- Bulk Import – Imports data into SQL Server + + - Typically this query is not modified. See the + [FileSystemAccess Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/overview.md) topic for + information on when this query should be modified. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-seek-bulk-import.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-seek-bulk-import.md deleted file mode 100644 index 1f03422edb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-seek-bulk-import.md +++ /dev/null @@ -1,17 +0,0 @@ -# 2-SEEK Bulk Import Job - -The 2-SEEK Bulk Import job is designed to import collected sensitive data information from the -targeted file servers. - -## Query for the 2-SEEK Bulk Import Job - -The Bulk Import query uses the FSAA Data Collector and has been preconfigured to use the Sensitive -data Bulk import category. - -![Query for the 2-SEEK Bulk Import Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/seekbulkimportquery.webp) - -- Bulk Import – Imports data into SQL server - - - Typically this query is not modified. See the - [FileSystemAccess Data Collector](/docs/accessanalyzer/12.0/data-collection/fsaa/overview.md) topic for - information on when this query should be modified. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-seek_bulk_import.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-seek_bulk_import.md new file mode 100644 index 0000000000..f350bd9b53 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-seek_bulk_import.md @@ -0,0 +1,17 @@ +# 2-SEEK Bulk Import Job + +The 2-SEEK Bulk Import job is designed to import collected sensitive data information from the +targeted file servers. + +## Query for the 2-SEEK Bulk Import Job + +The Bulk Import query uses the FSAA Data Collector and has been preconfigured to use the Sensitive +data Bulk import category. + +![Query for the 2-SEEK Bulk Import Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seekbulkimportquery.webp) + +- Bulk Import – Imports data into SQL server + + - Typically this query is not modified. See the + [FileSystemAccess Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/overview.md) topic for + information on when this query should be modified. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsaa-exceptions.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsaa-exceptions.md deleted file mode 100644 index 72e39f8b6c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsaa-exceptions.md +++ /dev/null @@ -1,50 +0,0 @@ -# 3-FSAA Exceptions Job - -The 3-FSAA Exceptions job does not use the FSAA Data Collector. Instead it runs analysis on the data -returned by the Access Auditing collection jobs to identify potential security concerns. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The 3-FSAA Exceptions job has the following customizable parameter: - -- Well Known high risk SIDS – Add any additional custom SIDS, but do not remove the default SIDS. - -See the -[Analysis Tasks for the 3-FSAA Exceptions Job](#analysis-tasks-for-the-3-fsaa-exceptions-job) topic -for additional information. - -## Analysis Tasks for the 3-FSAA Exceptions Job - -View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **3-FSAA -Exceptions** > **Configure** node and select **Analysis**. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or -deselected. While it is possible to deselect particular tasks as specified, it is not recommended. - -![Analysis Tasks for the 3-FSAA Exceptions Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaexceptionsanalysis.webp) - -The following analysis tasks are selected by default: - -- Open resources – Any folders that are openly accessible through file shares. Can be deselected if - open resource information is not desired. - - - Well known high risk SIDS have been set in the `#SIDS` parameter. Do not remove these, but - additional custom SIDS can be added. See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) - topic for additional information. - -- Disabled users – Any folders where disabled users have been granted access - - - Can be deselected if disabled user information is not desired - -- Stale users – Any folders where stale users have been granted access. Stale users are user who - have not logged in for more than 120 days. - - - Can be deselected if stale user information is not desired - -- Reindex Exception IDs – Displays views within the **Results** node of the Access Analyzer Console diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsaa_exceptions.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsaa_exceptions.md new file mode 100644 index 0000000000..d211790cad --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsaa_exceptions.md @@ -0,0 +1,50 @@ +# 3-FSAA Exceptions Job + +The 3-FSAA Exceptions job does not use the FSAA Data Collector. Instead it runs analysis on the data +returned by the Access Auditing collection jobs to identify potential security concerns. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The 3-FSAA Exceptions job has the following customizable parameter: + +- Well Known high risk SIDS – Add any additional custom SIDS, but do not remove the default SIDS. + +See the +[Analysis Tasks for the 3-FSAA Exceptions Job](#analysis-tasks-for-the-3-fsaa-exceptions-job) topic +for additional information. + +## Analysis Tasks for the 3-FSAA Exceptions Job + +View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **3-FSAA +Exceptions** > **Configure** node and select **Analysis**. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or +deselected. While it is possible to deselect particular tasks as specified, it is not recommended. + +![Analysis Tasks for the 3-FSAA Exceptions Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaexceptionsanalysis.webp) + +The following analysis tasks are selected by default: + +- Open resources – Any folders that are openly accessible through file shares. Can be deselected if + open resource information is not desired. + + - Well known high risk SIDS have been set in the `#SIDS` parameter. Do not remove these, but + additional custom SIDS can be added. See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information. + +- Disabled users – Any folders where disabled users have been granted access + + - Can be deselected if disabled user information is not desired + +- Stale users – Any folders where stale users have been granted access. Stale users are user who + have not logged in for more than 120 days. + + - Can be deselected if stale user information is not desired + +- Reindex Exception IDs – Displays views within the **Results** node of the Access Analyzer Console diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsac-exceptions.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsac-exceptions.md deleted file mode 100644 index 2c2dce398c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsac-exceptions.md +++ /dev/null @@ -1,113 +0,0 @@ -# 3-FSAC Exceptions Job - -The 3-FSAC Exceptions job is designed to analyze collected access information for exceptions. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The 3-FSAC Exceptions job has many customizable parameters. See the -[Customizable Analysis Tasks for the 3-FSAC Exceptions Job](#customizable-analysis-tasks-for-the-3-fsac-exceptions-job) -topic for information on these. - -## Analysis Tasks for the 3-FSAC Exceptions Job - -View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **3-FSAC -Exceptions** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the 3-FSAC Exceptions Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacexceptionsanalysis.webp) - -The following analysis tasks are selected by default: - -- Unusual share activity – Share exceptions for unusual volumes (spikes) of activity -- First time access to share – Recent share access by users for the first time -- Sensitive data activity – Recent access to sensitive content -- Unusual peer group share activity – Spikes in interdepartmental activity -- Unusual binaries activity – First time user activity performed on binaries -- Unusual user activity – Spikes in activity by user -- Unusual user sensitive data activity – Spikes in sensitive data activity by user -- Ransomware – Spikes in updates by user -- Unusual user stale data activity – Spikes in stale data activity by user - -While it is possible to deselect particular tasks as specified, it is not recommended. The following -analysis tasks are deselected by default: - -- Show view – Displays the SA_FSAC_ExceptionsView within the Results node of the Access Analyzer - Console -- Show users view – Displays the SA_FSAC_UserExceptionsView within the Results node of the Access - Analyzer Console - -### Customizable Analysis Tasks for the 3-FSAC Exceptions Job - -Customizable parameters enable users to set the values used for classification during the job’s -analysis. The 3-FSAC Exceptions job contains the following customizable parameters: - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------------------------ | --------------------------- | ------------- | ------------------------------------------------------------------------------- | -| Unusual share activity | @WEEKS | 3 | Minimum data points required for analysis | -| Unusual share activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Unusual share activity | @EVENTS | 10 | Minimum amount of events for operations exception | -| Unusual share activity | @PEOPLE | 10 | Minimum amount of people for user activity exception | -| Unusual share activity | @FILES | 10 | Minimum amount of files for resource count exception | -| Unusual share activity | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Unusual share activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operation count exception | -| Unusual share activity | @TRUSTEESTDDEVS | 3 | Multiples of standard deviation required to be a user volume exception | -| Unusual share activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a file activity volume exception | -| First time access to share | @DAYS | 7 | Amount of days to generate exceptions for from today | -| First time access to share | @MINDAYS | 30 | minimum amount of days a share needs to determine access | -| Sensitive data activity | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Unusual peer group share activity | @WEEKS | 3 | Minimum data points required for analysis | -| Unusual peer group share activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Unusual peer group share activity | @EVENTS | 10 | Minimum amount of events for operations exception | -| Unusual peer group share activity | @FILES | 10 | Minimum amount of files for resource count exception | -| Unusual peer group share activity | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Unusual peer group share activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operation count exception | -| Unusual peer group share activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a file activity volume exception | -| Unusual binaries activity | @DATE_CUTOFF | 7 | From the current time, how many days to look back when considering exceptions | -| Unusual user activity | @WEEKS | 3 | Minimum data points required for analysis | -| Unusual user activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Unusual user activity | @EVENTS | 10 | Minimum amount of events for operations exception | -| Unusual user activity | @SHARES | 10 | Minimum amount of shares for share activity exception | -| Unusual user activity | @FILES | 10 | Minimum amount of files for resource count exception | -| Unusual user activity | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Unusual user activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | -| Unusual user activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | -| Unusual user activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | -| Unusual user sensitive data activity | @WEEKS | 3 | Minimum data points required for analysis | -| Unusual user sensitive data activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Unusual user sensitive data activity | @EVENTS | 10 | Minimum amount of events for operations exception | -| Unusual user sensitive data activity | @SHARES | 10 | Minimum amount of shares for share activity exception | -| Unusual user sensitive data activity | @FILES | 10 | Minimum amount of files for resource count exception | -| Unusual user sensitive data activity | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Unusual user sensitive data activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | -| Unusual user sensitive data activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | -| Unusual user sensitive data activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | -| Ransomware | @WEEKS | 3 | Minimum data points required for analysis | -| Ransomware | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Ransomware | @EVENTS | 10 | Minimum amount of events for operations exception | -| Ransomware | @SHARES | 10 | Minimum amount of shares for share activity exception | -| Ransomware | @FILES | 10 | Minimum amount of files for resource count exception | -| Ransomware | @DAYS | 7 | Amount of days to generate exceptions for from today | -| Ransomware | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | -| Ransomware | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | -| Ransomware | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | -| Unusual user stale data activity | @WEEKS | 3 | Minimum data points required for analysis | -| Unusual user stale data activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | -| Unusual user stale data activity | @EVENTS | 10 | Minimum amount of events for operations exception | -| Unusual user stale data activity | @SHARES | 10 | Minimum amount of shares for share activity exception | -| Unusual user stale data activity | @FILES | 10 | Minimum amount of files for resource count exception | -| Unusual user stale data activity | @DAYS | 7 | The amount of days to generate exceptions for from today | -| Unusual user stale data activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | -| Unusual user stale data activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | -| Unusual user stale data activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | -| Unusual user stale data activity | @STALETHRESHOLD | 365 | Number of days after which resources are considered stale | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for additional information on modifying analysis parameters. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsac_exceptions.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsac_exceptions.md new file mode 100644 index 0000000000..3bdc1c487a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsac_exceptions.md @@ -0,0 +1,113 @@ +# 3-FSAC Exceptions Job + +The 3-FSAC Exceptions job is designed to analyze collected access information for exceptions. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The 3-FSAC Exceptions job has many customizable parameters. See the +[Customizable Analysis Tasks for the 3-FSAC Exceptions Job](#customizable-analysis-tasks-for-the-3-fsac-exceptions-job) +topic for information on these. + +## Analysis Tasks for the 3-FSAC Exceptions Job + +View the analysis tasks by navigating to the **FileSystem** > **0.Collection** > **3-FSAC +Exceptions** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the 3-FSAC Exceptions Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacexceptionsanalysis.webp) + +The following analysis tasks are selected by default: + +- Unusual share activity – Share exceptions for unusual volumes (spikes) of activity +- First time access to share – Recent share access by users for the first time +- Sensitive data activity – Recent access to sensitive content +- Unusual peer group share activity – Spikes in interdepartmental activity +- Unusual binaries activity – First time user activity performed on binaries +- Unusual user activity – Spikes in activity by user +- Unusual user sensitive data activity – Spikes in sensitive data activity by user +- Ransomware – Spikes in updates by user +- Unusual user stale data activity – Spikes in stale data activity by user + +While it is possible to deselect particular tasks as specified, it is not recommended. The following +analysis tasks are deselected by default: + +- Show view – Displays the SA_FSAC_ExceptionsView within the Results node of the Access Analyzer + Console +- Show users view – Displays the SA_FSAC_UserExceptionsView within the Results node of the Access + Analyzer Console + +### Customizable Analysis Tasks for the 3-FSAC Exceptions Job + +Customizable parameters enable users to set the values used for classification during the job’s +analysis. The 3-FSAC Exceptions job contains the following customizable parameters: + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------------------------ | --------------------------- | ------------- | ------------------------------------------------------------------------------- | +| Unusual share activity | @WEEKS | 3 | Minimum data points required for analysis | +| Unusual share activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Unusual share activity | @EVENTS | 10 | Minimum amount of events for operations exception | +| Unusual share activity | @PEOPLE | 10 | Minimum amount of people for user activity exception | +| Unusual share activity | @FILES | 10 | Minimum amount of files for resource count exception | +| Unusual share activity | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Unusual share activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operation count exception | +| Unusual share activity | @TRUSTEESTDDEVS | 3 | Multiples of standard deviation required to be a user volume exception | +| Unusual share activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a file activity volume exception | +| First time access to share | @DAYS | 7 | Amount of days to generate exceptions for from today | +| First time access to share | @MINDAYS | 30 | minimum amount of days a share needs to determine access | +| Sensitive data activity | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Unusual peer group share activity | @WEEKS | 3 | Minimum data points required for analysis | +| Unusual peer group share activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Unusual peer group share activity | @EVENTS | 10 | Minimum amount of events for operations exception | +| Unusual peer group share activity | @FILES | 10 | Minimum amount of files for resource count exception | +| Unusual peer group share activity | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Unusual peer group share activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operation count exception | +| Unusual peer group share activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a file activity volume exception | +| Unusual binaries activity | @DATE_CUTOFF | 7 | From the current time, how many days to look back when considering exceptions | +| Unusual user activity | @WEEKS | 3 | Minimum data points required for analysis | +| Unusual user activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Unusual user activity | @EVENTS | 10 | Minimum amount of events for operations exception | +| Unusual user activity | @SHARES | 10 | Minimum amount of shares for share activity exception | +| Unusual user activity | @FILES | 10 | Minimum amount of files for resource count exception | +| Unusual user activity | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Unusual user activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | +| Unusual user activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | +| Unusual user activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | +| Unusual user sensitive data activity | @WEEKS | 3 | Minimum data points required for analysis | +| Unusual user sensitive data activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Unusual user sensitive data activity | @EVENTS | 10 | Minimum amount of events for operations exception | +| Unusual user sensitive data activity | @SHARES | 10 | Minimum amount of shares for share activity exception | +| Unusual user sensitive data activity | @FILES | 10 | Minimum amount of files for resource count exception | +| Unusual user sensitive data activity | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Unusual user sensitive data activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | +| Unusual user sensitive data activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | +| Unusual user sensitive data activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | +| Ransomware | @WEEKS | 3 | Minimum data points required for analysis | +| Ransomware | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Ransomware | @EVENTS | 10 | Minimum amount of events for operations exception | +| Ransomware | @SHARES | 10 | Minimum amount of shares for share activity exception | +| Ransomware | @FILES | 10 | Minimum amount of files for resource count exception | +| Ransomware | @DAYS | 7 | Amount of days to generate exceptions for from today | +| Ransomware | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | +| Ransomware | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | +| Ransomware | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | +| Unusual user stale data activity | @WEEKS | 3 | Minimum data points required for analysis | +| Unusual user stale data activity | @THROWAWAY | 1 | When calculating averages throw away the top N% | +| Unusual user stale data activity | @EVENTS | 10 | Minimum amount of events for operations exception | +| Unusual user stale data activity | @SHARES | 10 | Minimum amount of shares for share activity exception | +| Unusual user stale data activity | @FILES | 10 | Minimum amount of files for resource count exception | +| Unusual user stale data activity | @DAYS | 7 | The amount of days to generate exceptions for from today | +| Unusual user stale data activity | @EVENTSTDDEVS | 3 | Multiples of standard deviation required to be an operations exception | +| Unusual user stale data activity | @GATESTDDEVS | 3 | Multiples of standard deviation required to be a share exception | +| Unusual user stale data activity | @FILESTDDEVS | 3 | Multiples of standard deviation required to be a resource count exception | +| Unusual user stale data activity | @STALETHRESHOLD | 365 | Number of days after which resources are considered stale | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for additional information on modifying analysis parameters. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/fs-azuretenantscan.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/fs-azuretenantscan.md deleted file mode 100644 index 2618abc0d8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/fs-azuretenantscan.md +++ /dev/null @@ -1,79 +0,0 @@ -# FS_AzureTenantScan Job - -The FS_AzureTenantScan job is designed to collect Storage Account information from the targeted -Azure tenant. This job produces a host list containing the storage accounts to target for Azure -Files scans. - -You can add this job from the Access Analyzer Instant Job Library. See the -[Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for additional information. - -Before running the FS_AzureTenantScan job, you must ensure all the below prerequisites have been -met, and that the required host list and connection profile have been assigned to the job. - -## Prerequisites - -The FS_AzureTenantScan job has the following prerequisites: - -- Azure app registration and a client secret created for the app registration -- Custom role created in a resource group with the **Microsoft.Storage/storageAccounts/read** - permission -- Role assignment created on the resource group with the custom role and the app registration. The - role can be assigned at various resource levels: - - - Management Group - - Subscription - - Resource Group - - Storage Account - - **NOTE:** The custom role cannot be created at the storage account level via the web UI, but - it can be assigned here. - -Follow the steps to create the role assignment. - -**Step 1 –** Go to [Azure Portal](https://portal.azure.com/), and select **Resource Groups** from -the navigation menu. - -**Step 2 –** Select the resource level you want to apply the custom role to, and then navigate to -the Access control (IAM) tab. - -**Step 3 –** Create a custom role with the **Microsoft.Storage/storageAccounts/read** permission. - -**Step 4 –** Add the role assignment for your app registration with the custom role. - -The job will pick up any storage accounts at the resource group level you assigned the custom role -at. - -## Target Host - -The host list must target the Azure tenant name. For example, `YourTenantName.onmicrosoft.com`. - -## Connection Profile - -The FS_AzureTenantScan job requires a connection profile with the following user credentials: - -![User Credentials for FS_AzureTenantScan job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/azuretenantscanusercredentials.webp) - -- Select Account Type – Azure Active Directory -- Client ID – Application ID for the app registration created in Azure that is assigned to your - desired resource group -- Password Storage – Application (Uses the configured Profile Security setting as selected at the - **Settings** > **Application** node. See the - [Application](/docs/accessanalyzer/12.0/administration/settings/application/overview.md) topic for additional information.) -- Key – Client secret value for the app registration - -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional -information. - -## Query for the FS_AzureTenantScan Job - -The Azure Tenant Scan query uses the FSAA Data Collector and has been preconfigured to use the Azure -Scan and import category. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query for the FS_AzureTenantScan Job](/img/product_docs/accessanalyzer/solutions/filesystem/collection/azuretenantscanquery.webp) - -The job has the following query: - -- Azure Tenant Scan – Scans the targeted Azure tenant and produces a host list containing the - storage accounts to target for Azure Files scans diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/fs_azuretenantscan.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/fs_azuretenantscan.md new file mode 100644 index 0000000000..86a84c4a08 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/fs_azuretenantscan.md @@ -0,0 +1,79 @@ +# FS_AzureTenantScan Job + +The FS_AzureTenantScan job is designed to collect Storage Account information from the targeted +Azure tenant. This job produces a host list containing the storage accounts to target for Azure +Files scans. + +You can add this job from the Access Analyzer Instant Job Library. See the +[Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional information. + +Before running the FS_AzureTenantScan job, you must ensure all the below prerequisites have been +met, and that the required host list and connection profile have been assigned to the job. + +## Prerequisites + +The FS_AzureTenantScan job has the following prerequisites: + +- Azure app registration and a client secret created for the app registration +- Custom role created in a resource group with the **Microsoft.Storage/storageAccounts/read** + permission +- Role assignment created on the resource group with the custom role and the app registration. The + role can be assigned at various resource levels: + + - Management Group + - Subscription + - Resource Group + - Storage Account + + **NOTE:** The custom role cannot be created at the storage account level via the web UI, but + it can be assigned here. + +Follow the steps to create the role assignment. + +**Step 1 –** Go to [Azure Portal](https://portal.azure.com/), and select **Resource Groups** from +the navigation menu. + +**Step 2 –** Select the resource level you want to apply the custom role to, and then navigate to +the Access control (IAM) tab. + +**Step 3 –** Create a custom role with the **Microsoft.Storage/storageAccounts/read** permission. + +**Step 4 –** Add the role assignment for your app registration with the custom role. + +The job will pick up any storage accounts at the resource group level you assigned the custom role +at. + +## Target Host + +The host list must target the Azure tenant name. For example, `YourTenantName.onmicrosoft.com`. + +## Connection Profile + +The FS_AzureTenantScan job requires a connection profile with the following user credentials: + +![User Credentials for FS_AzureTenantScan job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/azuretenantscanusercredentials.webp) + +- Select Account Type – Azure Active Directory +- Client ID – Application ID for the app registration created in Azure that is assigned to your + desired resource group +- Password Storage – Application (Uses the configured Profile Security setting as selected at the + **Settings** > **Application** node. See the + [Application](/docs/accessanalyzer/12.0/admin/settings/application/overview.md) topic for additional information.) +- Key – Client secret value for the app registration + +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional +information. + +## Query for the FS_AzureTenantScan Job + +The Azure Tenant Scan query uses the FSAA Data Collector and has been preconfigured to use the Azure +Scan and import category. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query for the FS_AzureTenantScan Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/azuretenantscanquery.webp) + +The job has the following query: + +- Azure Tenant Scan – Scans the targeted Azure tenant and produces a host list containing the + storage accounts to target for Azure Files scans diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/collection/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/collection/overview.md index d2a2143881..d9f38591ba 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/collection/overview.md @@ -3,7 +3,7 @@ The 0.Collection job group is designed to collect information from targeted file servers. Information collected includes access control information, activity events, and sensitive data. -![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/jobstree.webp) The 0.Collection job group has the following collection components: @@ -30,7 +30,7 @@ The 0.Collection job group has the following collection components: These jobs are numbered to keep them in the necessary run order. Not all jobs need be run. See the appropriate auditing topic for specific job relationships and recommended workflows. The 0-Create Schema job ensures the database schema is properly configured for the current version of the data -collector. See the [0-Create Schema Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-create-schema.md) topic for additional information. +collector. See the [0-Create Schema Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-create_schema.md) topic for additional information. _Remember,_ the relationship between system scans and bulk import jobs requires the following considerations: @@ -53,36 +53,36 @@ directly into the Tier-1 database. Access Auditing (FSAA) is the primary component of the 0.Collection job group. It collects file system permission, content metadata, and additional file system information. The jobs, tables, and views specifically incorporated into this component are prefixed with `FSAA`. See the -[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/12.0/data-collection/fsaa/standard-tables.md) +[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/standardtables.md) topic for additional information on the data collected. The 0.Collection jobs that comprise this auditing component are: -- [1-FSAA System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa-system-scans.md) – Collects access information from the targeted +- [1-FSAA System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa_system_scans.md) – Collects access information from the targeted file servers -- [2-FSAA Bulk Import Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsaa-bulk-import.md) – Imports collected access information from the +- [2-FSAA Bulk Import Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsaa_bulk_import.md) – Imports collected access information from the targeted file servers - - The 2-FSAA Bulk Import job does not need to be run when streaming is enabled + - The 2-FSAA Bulk Import job does not need to be run when streaming is enabled -- [3-FSAA Exceptions Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsaa-exceptions.md) – Analyzes collected access information for +- [3-FSAA Exceptions Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsaa_exceptions.md) – Analyzes collected access information for exceptions The following job groups and jobs in the File System solution depend on data collected by these jobs to generate reports: -- [1.Open Access > FS_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-openaccess.md) +- [1.Open Access > FS_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_openaccess.md) - [2.Direct Permissions Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/overview.md) -- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-brokeninheritance.md) +- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_brokeninheritance.md) - [4.Content Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/content/overview.md) - [5.Activity Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/activity/overview.md) (also requires Activity Auditing) -- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-probableowner.md) (also requires Activity +- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_probableowner.md) (also requires Activity Auditing) -- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-dlpresults.md) (also requires Activity Auditing and +- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_dlpresults.md) (also requires Activity Auditing and Sensitive Data Discovery Auditing) - [Ad Hoc Audits Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/overview.md) - [FileSystemOverview Job](/docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverview.md) -- [FS_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-securityassessment.md) +- [FS_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_securityassessment.md) The File System Access Reports in the Access Information Center are also populated by this data. See the File System Reports topics in the @@ -107,7 +107,7 @@ The recommended workflow for Access Auditing only is as follows: job. - If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 3 –** Run the **3-FSAA Exceptions** job. @@ -124,31 +124,31 @@ DFS Auditing (FSDFS) is the component of the 0.Collection job group which collec System (DFS) mappings from Active Directory or self-hosted DFS servers and compares them to the file system information. It works in conjunction with the Access Auditing component. The jobs, tables, and views specifically incorporated into this component are prefixed with `FSDFS`. See the -[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/12.0/data-collection/fsaa/standard-tables.md) +[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/standardtables.md) topic for additional information on the data collected. The 0.Collection jobs that comprise the DFS auditing component are: -- [0-FSDFS System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fsdfs-system-scans.md) – This job is responsible for enumerating a +- [0-FSDFS System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fsdfs_system_scans.md) – This job is responsible for enumerating a list of all root and link targets in the distributed file system and creating a dynamic host list that will be used by the other 0.Collection jobs - - The Connection Profile and required permissions for the 0-FSDFS System Scans job are the same - as those required for collecting system data from supported Windows operating systems. They - are dependent on the file system scan option being used. See the - [File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic - for additional information. - - The target host you should assign to the 0-FSDFS System Scans job depends on the type of - DFS namespace being audited: + - The Connection Profile and required permissions for the 0-FSDFS System Scans job are the same + as those required for collecting system data from supported Windows operating systems. They + are dependent on the file system scan option being used. See the + [File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic + for additional information. + - The target host you should assign to the 0-FSDFS System Scans job depends on the type of + DFS namespace being audited: - - For domain-based DFS namespaces, assign a host list containing the default domain - controllers for the domains hosting the DFS namespaces - - For standalone DFS namespaces, assign a host list containing the servers hosting the - namespaces + - For domain-based DFS namespaces, assign a host list containing the default domain + controllers for the domains hosting the DFS namespaces + - For standalone DFS namespaces, assign a host list containing the servers hosting the + namespaces - - When run successfully, the 0-FSDFS System Scans job automatically creates a dynamic host list - called **DFS HOST LIST**. This is added to the Host Management node. You should assign this - **DFS HOST LIST** to other 0.Collection jobs as outlined in the recommended workflows below. + - When run successfully, the 0-FSDFS System Scans job automatically creates a dynamic host list + called **DFS HOST LIST**. This is added to the Host Management node. You should assign this + **DFS HOST LIST** to other 0.Collection jobs as outlined in the recommended workflows below. The components depend on data collected by these jobs to collect within a file system using DFS mappings. @@ -175,7 +175,7 @@ Recommended Workflow 1 (for AccessAuditing with DFS Auditing) job. - If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 4 –** Run the **3-FSAA Exceptions** job (not specifically needed for DFS Auditing, but recommended for **0.Collection** job group). @@ -199,7 +199,7 @@ only). job. - If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 6 –** Run the **2-FSAC Bulk Import** job (with the **DFS HOST LIST** assigned). @@ -229,7 +229,7 @@ only). job. - If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 7 –** Run the **2-FSAC Bulk Import** job (with the **DFS HOST LIST** assigned). @@ -240,7 +240,7 @@ only). - If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 9 –** Run the **3-FSAA Exceptions** job. @@ -252,7 +252,7 @@ only). topic before continuing with these workflows. To scope the 0.Collection job group to only collect DFS information, see Step 9 of the -[Configure the (FSAA) File System Scan Query](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsaa-system-scans.md#configure-the-fsaa-file-system-scan-query) +[Configure the (FSAA) File System Scan Query](1-fsaa_system_scans.md#configure-the-fsaa-file-system-scan-query) topic. ## File System Activity Auditing @@ -261,7 +261,7 @@ Activity Auditing (FSAC) is the component of the 0.Collection job group that imp information collected by the Activity Monitor. It can be run independently or in conjunction with the FSAA component, though it is recommended to run them together. The jobs, tables, and views specifically incorporated into this component are prefixed with `FSAC`. See the -[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/12.0/data-collection/fsaa/standard-tables.md) +[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/standardtables.md) topic for additional information on the data collected. **NOTE:** The Activity Auditing component requires the Activity Monitor be deployed, configured, and @@ -281,7 +281,7 @@ The data retention period needs to be coordinated between the Activity Monitor a The number of days theActivity Monitor is configured to retain log files must be higher than the number of days between Activity Auditing scans. The FSAA Data Collector can be customized on the Activity Settings page of the File System Access Auditor Data Collector Wizard. See the -[Configure the Activity Scan Query](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac-system-scans.md#configure-the-activity-scan-query) topic +[Configure the Activity Scan Query](1-fsac_system_scans.md#configure-the-activity-scan-query) topic for additional information. **NOTE:** Integration between Access Analyzer and Threat Prevention for Windows File System @@ -291,22 +291,22 @@ for information on the Access Analyzer Integration. The **0.Collection** jobs that comprise this auditing component are: -- [1-FSAC System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac-system-scans.md) – Collects activity events from the targeted +- [1-FSAC System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-fsac_system_scans.md) – Collects activity events from the targeted file servers -- [2-FSAC Bulk Import Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsac-bulk-import.md) – Imports collected activity events from the +- [2-FSAC Bulk Import Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-fsac_bulk_import.md) – Imports collected activity events from the targeted file servers -- [3-FSAC Exceptions Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsac-exceptions.md) – Analyzes the collected activity events for +- [3-FSAC Exceptions Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/3-fsac_exceptions.md) – Analyzes the collected activity events for exceptions The following job groups and jobs in the File System solution depend on data collected by these jobs to generate reports: - [5.Activity Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/activity/overview.md) (also requires Access Auditing) -- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-probableowner.md) (also requires Access Auditing) -- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-dlpresults.md) (also requires Access Auditing and +- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_probableowner.md) (also requires Access Auditing) +- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_dlpresults.md) (also requires Access Auditing and Sensitive Data Discovery Auditing) - [FileSystemOverview Job](/docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverview.md) -- [FS_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-securityassessment.md) +- [FS_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_securityassessment.md) The File System Activity Reports in the Access Information Center are also populated by this data. See the @@ -334,7 +334,7 @@ only). job. - If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 5 –** Run the **2-FSAC Bulk Import** job. @@ -361,7 +361,7 @@ only). job. - If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 6 –** Run the **2-FSAC Bulk Import** job. @@ -372,7 +372,7 @@ only). - If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 8 –** Run the **3-FSAA Exceptions** job. @@ -399,7 +399,7 @@ only). job. - If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 7 –** Run the **2-FSAC Bulk Import** job. @@ -410,7 +410,7 @@ only). - If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 9 –** Run the **3-FSAA Exceptions** job. @@ -462,17 +462,17 @@ Sensitive Data Discovery Auditing (SEEK) is the component of the 0.Collection jo searches file content for sensitive data. It can be run independently or in conjunction with the Access Auditing component to limit searches to Open Shares. The jobs for this component are prefixed with `SEEK`. The tables and views are prefixed with `FSDLP`. See the -[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/12.0/data-collection/fsaa/standard-tables.md) +[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/standardtables.md) topic for additional information on the data collected. Customized search criteria can be created with the Criteria Editor accessible through the SDD Criteria Settings page of the File System Access Auditor Data Collector Wizard. See the -[Configure the (SEEK) File System Scan Query](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek-system-scans.md#configure-the-seek-file-system-scan-query) +[Configure the (SEEK) File System Scan Query](1-seek_system_scans.md#configure-the-seek-file-system-scan-query) topic for additional information. _Remember,_ changes made in the Criteria Editor are global for Sensitive Data Discovery in Access Analyzer. See the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) topic +[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) topic for additional information. Option to Enable Last Access Timestamp @@ -485,33 +485,33 @@ Since files are read during the Sensitive Data Discovery Auditing scan, when the in Windows the scan causes each file's LAT to update each time the file is scanned. Therefore, there is a feature within the job XML file which enables the scan to call a special API in order to keep each file's LAT from updating when it's scanned. This feature can be enabled by adding -`` tag to the XML. See the [1-SEEK System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek-system-scans.md) +`` tag to the XML. See the [1-SEEK System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek_system_scans.md) topic for additional information and instructions. This feature works for all scan modes when targeting Windows machines. For additional information on preserving Last Access Time during SDD scans and Metadata tag -collection, see the [File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) +collection, see the [File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) topic. File System Sensitive Data Discovery Auditing (SEEK) Jobs The 0.Collection jobs that comprise this auditing component are: -- [1-SEEK System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek-system-scans.md) – Collects sensitive data from the targeted file +- [1-SEEK System Scans Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/1-seek_system_scans.md) – Collects sensitive data from the targeted file servers -- [2-SEEK Bulk Import Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-seek-bulk-import.md) – Imports collected sensitive data information +- [2-SEEK Bulk Import Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/2-seek_bulk_import.md) – Imports collected sensitive data information from the targeted file servers - - The 2-SEEK Bulk Import job does not need to be run when streaming is enabled + - The 2-SEEK Bulk Import job does not need to be run when streaming is enabled The following job group and jobs in the File System solution depend on data collected by these jobs to generate reports: -- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-dlpresults.md) (also requires Access Auditing and +- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_dlpresults.md) (also requires Access Auditing and Activity Auditing) - [FileSystemOverview Job](/docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverview.md) -- [FS_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-securityassessment.md) +- [FS_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_securityassessment.md) The File System Sensitive Data Discovery Reports in the Access Information Center are also populated by this data. See the @@ -539,7 +539,7 @@ the Activity Auditing components. job. - If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 4 –** If necessary, run the **2-SEEK Bulk Import** job: @@ -548,7 +548,7 @@ the Activity Auditing components. - If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 5 –** Run the **3-FSAA Exceptions** job. @@ -571,7 +571,7 @@ only). job. - If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 6 –** Run the **2-FSAC Bulk Import** job. @@ -582,7 +582,7 @@ only). - If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 8 –** Run the **3-FSAA Exceptions** job. @@ -609,7 +609,7 @@ only). job. - If streaming is enabled in the **1-FSAA System Scans** job, do not run **2-FSAA Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 7 –** Run the **2-FSAC Bulk Import** job. @@ -620,7 +620,7 @@ only). - If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 9 –** Run the **3-FSAA Exceptions** job. @@ -642,7 +642,7 @@ Activity Auditing components. - If streaming is enabled in the **1-SEEK System Scans** job, do not run the **2-SEEK Bulk Import** job. - **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. + **_RECOMMENDED:_** It is best practice to disable undesired Bulk Import jobs. **Step 3 –** Run the desired corresponding analysis and reporting sub-job groups. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/fs-filetypes.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/fs-filetypes.md deleted file mode 100644 index a15e1aece9..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/content/fs-filetypes.md +++ /dev/null @@ -1,33 +0,0 @@ -# File Types > FS_FileTypes Job - -The FS_FileTypes job is designed to report on file type information from targeted file servers. - -![File Types > FS_FileTypes Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/content/filetypesjobstree.webp) - -The FS_FileTypes job is located in the File Types job group. - -## Analysis Tasks for the FS_FileTypes Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **File Types** > -**FS_FileTypes** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_FileTypes Job](/img/product_docs/accessanalyzer/solutions/filesystem/content/filetypesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create File Types View – Creates the SA_ENG_FSAA_FileTypeView view accessible under the job’s - Results node -- 2. Ranked File Extensions – Creates the SA_FS_FileTypes_ExtensionsRanked table accessible under - the job’s Results node -- 3. File Types by Share – Creates the SA_FS_FileTypes_TypesByShare table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_FileTypes job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------- | -| File Types | This report identifies what types of files are located within your distributed file system and how much space they are taking up in gigabytes. | None | This report is comprised of two elements: - Pie Chart – Displays file types extensions ranked - Table – Provides details on file types by share | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/fs-stalecontent.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/fs-stalecontent.md deleted file mode 100644 index 4d5fc86659..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/content/fs-stalecontent.md +++ /dev/null @@ -1,37 +0,0 @@ -# Stale > FS_StaleContent Job - -The FS_StaleContent job is designed to report on stale content information from targeted file -servers. - -![Stale > FS_StaleContent Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/content/stalejobstree.webp) - -The FS_StaleContent job is located in the Stale job group. - -## Analysis Tasks for the FS_StaleContent Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Stale** > -**FS_StaleContent** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_StaleContent Job](/img/product_docs/accessanalyzer/solutions/filesystem/content/stalecontentanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Create Aging View – Creates the SA_ENG_FSAA_FolderAging table accessible under the job’s - Results node -- 2. Enterprise Summary – Creates the SA_FS_StaleContent_EnterpriseSummary table accessible under - the job’s Results node -- 3. Share Summary – Creates the SA_FS_StaleContent_ShareSummary table accessible under the job’s - Results node -- 4. Host Summary – Creates the SA_FS_StaleContent_HostSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the FS_StaleContent job produces the -following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Hosts with Stale Content (Servers with Stale Content) | Identifies servers with stale content. Staleness is determined by files' last modified date. For these reports, by default, a file is considered stale after a year. Counts are based on Shares and Folders which contain any stale content. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise aging summary - Stacked Bar Chart– Displays aging summary by host - Table – Provides details on servers with stale content | -| Shares with Stale Content | Identifies shares with stale content. Staleness is determined by files' last modified date. For these reports, by default, a file is considered stale after a year. Counts are based on Shares and Folders which contain any stale content. | None | This report is comprised of two elements: - Bar Chart – Displays share summary - Table – Provides details on shares | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/fs_filetypes.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/fs_filetypes.md new file mode 100644 index 0000000000..dba11a0044 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/content/fs_filetypes.md @@ -0,0 +1,33 @@ +# File Types > FS_FileTypes Job + +The FS_FileTypes job is designed to report on file type information from targeted file servers. + +![File Types > FS_FileTypes Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/filetypesjobstree.webp) + +The FS_FileTypes job is located in the File Types job group. + +## Analysis Tasks for the FS_FileTypes Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **File Types** > +**FS_FileTypes** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_FileTypes Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/filetypesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create File Types View – Creates the SA_ENG_FSAA_FileTypeView view accessible under the job’s + Results node +- 2. Ranked File Extensions – Creates the SA_FS_FileTypes_ExtensionsRanked table accessible under + the job’s Results node +- 3. File Types by Share – Creates the SA_FS_FileTypes_TypesByShare table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_FileTypes job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------- | +| File Types | This report identifies what types of files are located within your distributed file system and how much space they are taking up in gigabytes. | None | This report is comprised of two elements: - Pie Chart – Displays file types extensions ranked - Table – Provides details on file types by share | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/fs_stalecontent.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/fs_stalecontent.md new file mode 100644 index 0000000000..582ed315e6 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/content/fs_stalecontent.md @@ -0,0 +1,37 @@ +# Stale > FS_StaleContent Job + +The FS_StaleContent job is designed to report on stale content information from targeted file +servers. + +![Stale > FS_StaleContent Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/stalejobstree.webp) + +The FS_StaleContent job is located in the Stale job group. + +## Analysis Tasks for the FS_StaleContent Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Stale** > +**FS_StaleContent** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_StaleContent Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/stalecontentanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Create Aging View – Creates the SA_ENG_FSAA_FolderAging table accessible under the job’s + Results node +- 2. Enterprise Summary – Creates the SA_FS_StaleContent_EnterpriseSummary table accessible under + the job’s Results node +- 3. Share Summary – Creates the SA_FS_StaleContent_ShareSummary table accessible under the job’s + Results node +- 4. Host Summary – Creates the SA_FS_StaleContent_HostSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the FS_StaleContent job produces the +following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Hosts with Stale Content (Servers with Stale Content) | Identifies servers with stale content. Staleness is determined by files' last modified date. For these reports, by default, a file is considered stale after a year. Counts are based on Shares and Folders which contain any stale content. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise aging summary - Stacked Bar Chart– Displays aging summary by host - Table – Provides details on servers with stale content | +| Shares with Stale Content | Identifies shares with stale content. Staleness is determined by files' last modified date. For these reports, by default, a file is considered stale after a year. Counts are based on Shares and Folders which contain any stale content. | None | This report is comprised of two elements: - Bar Chart – Displays share summary - Table – Provides details on shares | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/overview.md index 1c5097c26d..ab5332d293 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/content/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/content/overview.md @@ -3,15 +3,15 @@ The 4.Content job group is designed to report on content information from targeted file servers. Key information reported on in this group is: File Types, File Sizing, Stale Content, and File Tags. -![4.Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![4.Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/jobstree.webp) The 4.Content job group is comprised of: -- [File Types > FS_FileTypes Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/fs-filetypes.md) – Designed to report on file type information +- [File Types > FS_FileTypes Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/fs_filetypes.md) – Designed to report on file type information from targeted file servers - [Sizing Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/overview.md) – Designed to report on file sizing information from targeted file servers -- [Stale > FS_StaleContent Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/fs-stalecontent.md) – Designed to report on stale content +- [Stale > FS_StaleContent Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/fs_stalecontent.md) – Designed to report on stale content information from targeted file servers - [Tags Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/overview.md) – Designed to report on content classification information from targeted file servers diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-emptyresources.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-emptyresources.md deleted file mode 100644 index c7b07cdc8f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-emptyresources.md +++ /dev/null @@ -1,32 +0,0 @@ -# FS_EmptyResources Job - -The FS_EmptyResources job is designed to report on empty resources from targeted file servers. - -## Analysis Tasks for the FS_EmptyResources Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > -**FS_EmptyResources** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_EmptyResources Job](/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Folder Size View – Creates the SA_ENG_FSAA_FolderSizeView view accessible under the job’s - Results node -- 2. Empty Folders – Creates the SA_FS_EmptyResources_EmptyFolders table accessible under the - job’s Results node -- 3. Empty Shares – Creates the SA_FS_EmptyResources_EmptyShares table accessible under the job’s - Results node -- 4. Summarize by Host – Creates the SA_FS_EmptyResources_HostSummary table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_EmptyResources job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------- | ----------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Empty Folders | Identifies empty folders with no subdirectories. | None | This report is comprised of three elements: - Bar Chart – Displays the top five servers by empty folders - Table – Provides details on empty folders - Table – Provides details on the top servers by empty folders | -| Empty Shares | This report identifies empty shares with no subdirectories. | None | This report is comprised of three elements: - Bar Chart – Displays the top 5 servers by empty shares - Table – Provides details on the empty shares - Table – Provides summary of the share | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-largestresources.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-largestresources.md deleted file mode 100644 index 291af06fe5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-largestresources.md +++ /dev/null @@ -1,29 +0,0 @@ -# FS_LargestResources Job - -The FS_LargestResources job is designed to report on the largest resources from targeted file -servers. - -## Analysis Tasks for the FS_LargestResources Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > -**FS_LargestResources** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_LargestResources Job](/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/largestresourcesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Largest Folders Ranked – Creates the SA_FS_LargestResources_Ranked table accessible under the - job’s Results node -- 2. Largest Shares – Creates the SA_FS_LargestResources_SharesRanked table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_LargestResources job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ----------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | -| Largest Folders | This report identifies the largest folders found. | None | This report is comprised of two elements: - Bar Chart – Displays the top 5 largest folders - Table – Provides details on largest folders | -| Largest Shares | This report identifies the largest shares within the environment. | None | This report is comprised of two elements: - Bar Chart – Displays the top 5 largest shares - Table – Provides details on the largest resources | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-smallestresources.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-smallestresources.md deleted file mode 100644 index edbfaf2654..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-smallestresources.md +++ /dev/null @@ -1,28 +0,0 @@ -# FS_SmallestResources Job - -The FS_SmallestResources job is designed to report on the smallest resources from targeted file -servers. - -## Analysis Tasks for the FS_SmallestResources Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > -**FS_SmallestResources** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_SmallestResources Job](/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Smallest Folders Ranked – Creates the SA_FS_SmallestResources_Ranked table accessible under - the job’s Results node -- 2. Smallest Shares – Creates the SA_FS_SmallestResources_SharesRanked table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_SmallestResources job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | ------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------ | -| Smallest Shares | Identifies the smallest shares within the environment. | None | This report is comprised of one element: - Table – Provides details on the smallest shares | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_emptyresources.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_emptyresources.md new file mode 100644 index 0000000000..627d602507 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_emptyresources.md @@ -0,0 +1,32 @@ +# FS_EmptyResources Job + +The FS_EmptyResources job is designed to report on empty resources from targeted file servers. + +## Analysis Tasks for the FS_EmptyResources Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > +**FS_EmptyResources** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_EmptyResources Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Folder Size View – Creates the SA_ENG_FSAA_FolderSizeView view accessible under the job’s + Results node +- 2. Empty Folders – Creates the SA_FS_EmptyResources_EmptyFolders table accessible under the + job’s Results node +- 3. Empty Shares – Creates the SA_FS_EmptyResources_EmptyShares table accessible under the job’s + Results node +- 4. Summarize by Host – Creates the SA_FS_EmptyResources_HostSummary table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_EmptyResources job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------- | ----------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Empty Folders | Identifies empty folders with no subdirectories. | None | This report is comprised of three elements: - Bar Chart – Displays the top five servers by empty folders - Table – Provides details on empty folders - Table – Provides details on the top servers by empty folders | +| Empty Shares | This report identifies empty shares with no subdirectories. | None | This report is comprised of three elements: - Bar Chart – Displays the top 5 servers by empty shares - Table – Provides details on the empty shares - Table – Provides summary of the share | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_largestresources.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_largestresources.md new file mode 100644 index 0000000000..170b4f1b08 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_largestresources.md @@ -0,0 +1,29 @@ +# FS_LargestResources Job + +The FS_LargestResources job is designed to report on the largest resources from targeted file +servers. + +## Analysis Tasks for the FS_LargestResources Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > +**FS_LargestResources** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_LargestResources Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/largestresourcesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Largest Folders Ranked – Creates the SA_FS_LargestResources_Ranked table accessible under the + job’s Results node +- 2. Largest Shares – Creates the SA_FS_LargestResources_SharesRanked table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_LargestResources job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ----------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------- | +| Largest Folders | This report identifies the largest folders found. | None | This report is comprised of two elements: - Bar Chart – Displays the top 5 largest folders - Table – Provides details on largest folders | +| Largest Shares | This report identifies the largest shares within the environment. | None | This report is comprised of two elements: - Bar Chart – Displays the top 5 largest shares - Table – Provides details on the largest resources | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_smallestresources.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_smallestresources.md new file mode 100644 index 0000000000..d5b436f72f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_smallestresources.md @@ -0,0 +1,28 @@ +# FS_SmallestResources Job + +The FS_SmallestResources job is designed to report on the smallest resources from targeted file +servers. + +## Analysis Tasks for the FS_SmallestResources Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Sizing** > +**FS_SmallestResources** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_SmallestResources Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Smallest Folders Ranked – Creates the SA_FS_SmallestResources_Ranked table accessible under + the job’s Results node +- 2. Smallest Shares – Creates the SA_FS_SmallestResources_SharesRanked table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_SmallestResources job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | ------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------ | +| Smallest Shares | Identifies the smallest shares within the environment. | None | This report is comprised of one element: - Table – Provides details on the smallest shares | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/overview.md index 7e517bea5d..f06d351dd1 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/overview.md @@ -2,13 +2,13 @@ The Sizing job group is designed to report on file sizing information from targeted file servers. -![Sizing Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/sizingjobstree.webp) +![Sizing Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/sizingjobstree.webp) The Sizing job group is comprised of: -- [FS_EmptyResources Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-emptyresources.md) – Designed to report on empty resources from +- [FS_EmptyResources Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_emptyresources.md) – Designed to report on empty resources from targeted file servers -- [FS_LargestResources Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-largestresources.md) – Designed to report on the largest resources +- [FS_LargestResources Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_largestresources.md) – Designed to report on the largest resources from targeted file servers -- [FS_SmallestResources Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs-smallestresources.md) – Designed to report on the smallest resources +- [FS_SmallestResources Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/fs_smallestresources.md) – Designed to report on the smallest resources from targeted file servers diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs-aiplabels.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs-aiplabels.md deleted file mode 100644 index acbfc92c82..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs-aiplabels.md +++ /dev/null @@ -1,26 +0,0 @@ -# FS_AIPLabels Job - -The FS_AIPLabels job is designed to report on resources classified by AIP labels from targeted file -servers. - -## Analysis Tasks for the FS_AIPLabels Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Tags** > -**FS_AIPLabels** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_AIPLabels Job](/img/product_docs/accessanalyzer/solutions/filesystem/content/tags/aiplabelsanalysis.webp) - -The following analysis task is selected by default: - -- AIP Label Details – Creates the SA_FS_FileLabel_Details table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis task, the FS_AIPLabels job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| AIP Labels | This report provides details on labels applied to files. This information is rolled up by folder, and summarized at the enterprise level. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise AIP summary - Table– Provides details on label details by folder - Table – Provides details on labels by file count | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs-filetags.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs-filetags.md deleted file mode 100644 index 7455c953f7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs-filetags.md +++ /dev/null @@ -1,26 +0,0 @@ -# FS_FileTags Job - -The FS_FileTags job is designed to report on resources classified with metadata file tags from -targeted file servers. - -## Analysis Tasks for the FS_FileTags Job - -View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Tags** > -**FS_FileTags** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_FileTags Job](/img/product_docs/accessanalyzer/solutions/filesystem/content/tags/filetagsanalysis.webp) - -The following analysis task is selected by default: - -- List file tag details – Creates the SA_FS_FileTags_Details table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis task, the FS_FileTags job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------- | --------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| File Tags | This report provides details on tags applied to files. This information is rolled up by folder, and summarized at the enterprise level. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise tag summary - Table– Provides details on tag details by folder - Table – Provides details on tags by file count | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs_aiplabels.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs_aiplabels.md new file mode 100644 index 0000000000..801587c54e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs_aiplabels.md @@ -0,0 +1,26 @@ +# FS_AIPLabels Job + +The FS_AIPLabels job is designed to report on resources classified by AIP labels from targeted file +servers. + +## Analysis Tasks for the FS_AIPLabels Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Tags** > +**FS_AIPLabels** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_AIPLabels Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/tags/aiplabelsanalysis.webp) + +The following analysis task is selected by default: + +- AIP Label Details – Creates the SA_FS_FileLabel_Details table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis task, the FS_AIPLabels job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| AIP Labels | This report provides details on labels applied to files. This information is rolled up by folder, and summarized at the enterprise level. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise AIP summary - Table– Provides details on label details by folder - Table – Provides details on labels by file count | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs_filetags.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs_filetags.md new file mode 100644 index 0000000000..663cf5f7fd --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs_filetags.md @@ -0,0 +1,26 @@ +# FS_FileTags Job + +The FS_FileTags job is designed to report on resources classified with metadata file tags from +targeted file servers. + +## Analysis Tasks for the FS_FileTags Job + +View the analysis tasks by navigating to the **FileSystem** > **4.Content** > **Tags** > +**FS_FileTags** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_FileTags Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/tags/filetagsanalysis.webp) + +The following analysis task is selected by default: + +- List file tag details – Creates the SA_FS_FileTags_Details table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis task, the FS_FileTags job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------- | --------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| File Tags | This report provides details on tags applied to files. This information is rolled up by folder, and summarized at the enterprise level. | None | This report is comprised of three elements: - Pie Chart – Displays enterprise tag summary - Table– Provides details on tag details by folder - Table – Provides details on tags by file count | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/overview.md index e8edcf1aa7..59e15f2278 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/overview.md @@ -3,11 +3,11 @@ The Tags job group is designed to report on content classification information from targeted file servers. -![Tags Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/content/tags/tagsjobstree.webp) +![Tags Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/tags/tagsjobstree.webp) The Tags job group is comprised of: -- [FS_AIPLabels Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs-aiplabels.md) – Designed to report on resources classified by AIP labels +- [FS_AIPLabels Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs_aiplabels.md) – Designed to report on resources classified by AIP labels from targeted file servers -- [FS_FileTags Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs-filetags.md) – Designed to report on resources classified with metadata file +- [FS_FileTags Job](/docs/accessanalyzer/12.0/solutions/filesystem/content/tags/fs_filetags.md) – Designed to report on resources classified with metadata file tags from targeted file servers diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-domainuseracls.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-domainuseracls.md deleted file mode 100644 index af40864e31..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-domainuseracls.md +++ /dev/null @@ -1,33 +0,0 @@ -# FS_DomainUserACLs Job - -The FS_DomainUserACLs job is designed to report on domain users that have been granted direct -permissions on resources from targeted file servers. - -## Analysis Tasks for the FS_DomainUserACLs Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_DomainUserACLs** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_DomainUserACLs Job](/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp) - -The following analysis tasks are selected by default: - -- 0. Drop tables – Drops tables from previous runs -- 1. Direct User Resource Details – Creates the SA_FS_DomainUserACLs_DirectUserResourceDetails - table accessible under the job’s Results node -- 2. Direct Users: Top 5 Servers – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 3. Direct Users – Creates an interim processing table in the database for use by downstream - analysis and report generation -- 4. Direct Resources – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables and views created by the analysis tasks which displays all direct user -permissions, the FS_DomainUserACLs job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | -------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Domain User ACLs | This report identifies all places where a domain user account has direct rights. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 servers affected by folders - Table – Provides details on domain users - Table – Provides details on resources | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-highriskacls.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-highriskacls.md deleted file mode 100644 index f48e94be22..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-highriskacls.md +++ /dev/null @@ -1,30 +0,0 @@ -# FS_HighRiskACLs Job - -The FS_HighRiskACLs job is designed to report on high risk security principals that have been -granted direct permissions on resources from targeted file servers. - -## Analysis Tasks for the FS_HighRiskACLs Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_HighRiskACLs** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_HighRiskACLs Job](/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/highriskaclsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. High Risk ACL Details – Creates the SA_FS_HighRiskACLs_Details table accessible under the - job’s Results node -- 2. High Risk Permissions Matrix – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 3. Open Manage Rights – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis task, the FS_HighRiskACLs job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| High Risk ACLs | This report shows permissions of Authenticated Users, Anonymous Login, Everyone, or Domain Users. Applying these trustees to permissions may inadvertently open security holes. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Stacked Bar Chart – Displays high risk permission assignments - Table – Provides details on resources by open manage rights | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-localusersandgroups.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-localusersandgroups.md deleted file mode 100644 index 0401d520b2..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-localusersandgroups.md +++ /dev/null @@ -1,31 +0,0 @@ -# FS_LocalUsersAndGroups Job - -The FS_LocalUsersAndGroups job is designed to report on local users and groups that have been -granted direct permissions on resources from targeted file servers. - -## Analysis Tasks for the FS_LocalUsersAndGroups Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_LocalUsersAndGroups** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_LocalUsersAndGroups Job](/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Local Groups Resource Details – Creates the - SA_FS_LocalUsersAndGroups_LocalGroupResourceDetails table accessible under the job’s Results - node -- 2. Local Groups – Creates an interim processing table in the database for use by downstream - analysis and report generation -- 3. Local Group Details – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis task, the FS_LocalUsersAndGroups job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Local Users And Groups | This report identifies at the server level, how many local users and groups have direct ACLs, followed by details at the share level. | None | This report is comprised of two elements: - Bar Chart – Displays top five servers with local users and groups by affected folders - Table – Provides details on local users and groups | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-missingfullcontrol.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-missingfullcontrol.md deleted file mode 100644 index 4f99cada90..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-missingfullcontrol.md +++ /dev/null @@ -1,28 +0,0 @@ -# FS_MissingFullControl Job - -The FS_MissingFullControl job is designed to report on resources from targeted file servers that -have no Full Control rights granted to it. - -## Analysis Tasks for the FS_MissingFullControl Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_MissingFullControl** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_MissingFullControl Job](/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Determine folders which are missing full control – Creates an interim processing table in the - database for use by downstream analysis and report generation -- 2. Summarize folders which are missing full control – Creates an interim processing table in the - database for use by downstream analysis and report generation - -In addition to the tables and views created by the analysis task, the FS_MissingFullControl job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Missing Full Control Rights | This report identifies folders within the environment which currently do not have any trustee with Full Control rights, adding to administrative burden. | None | This report is comprised of three elements: - Bar Chart – Displays shares with missing full control rights - Table – Provides details on folder - Table – Provides details on shares with missing full control rights | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-nestedshares.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-nestedshares.md deleted file mode 100644 index 1408cad0d4..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-nestedshares.md +++ /dev/null @@ -1,38 +0,0 @@ -# FS_NestedShares Job - -The FS_NestedShares job is is designed to report on nested shares that have been granted direct -permissions from targeted file servers. - -## Analysis Tasks for the FS_NestedShares Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_NestedShares** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_NestedShares Job](/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/nestedsharesanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Identify Nested Shares - - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_FS_NestedShares_ShareDetails table accessible under the job’s Results node - -- 2. Create function to compare permissions -- 3. Analyze Permission Details - - - Creates the SA_FS_NestedShares_SharePermissions table accessible under the job’s Results node - - Updates the SA_FS_NestedShares_ShareDetails table accessible under the job’s Results node - -- 4. Host Summary – Creates the SA_FS_NestedShares_HostSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the FS_NestedShares job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | -| Nested Shares | This report identifies where folders are exposed through multiple shares. This may cause issues with unwanted access. | None | This report is comprised of two elements: - Bar Chart – Displays hosts by folder count - Table – Provides details on shares | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-sidhistory.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-sidhistory.md deleted file mode 100644 index a6b2b21d87..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-sidhistory.md +++ /dev/null @@ -1,33 +0,0 @@ -# FS_SIDHistory Job - -The **2.Direct Permissions** > **FS_SIDHistory** job is designed to report on trustees that have a -historical SID that has been granted direct permissions on resources from targeted file servers. - -## Analysis Tasks for the FS_SIDHistory Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_SIDHistory** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_SIDHistory Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/sidhistoryanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Find ACEs Through SID History - - - Creates the SA_FS_SIDHistory_Details table accessible under the job’s Results node - - Creates the SA_FS_SIDHistory_TrusteeDetails table accessible under the job’s Results node - -- 2. Host Rollups – Creates the SA_FS_SIDHistory_HostSummary table accessible under the job’s - Results node -- 3. Expose SID Details View – Makes the SA_FS_SIDHistory_TrusteeDetails table visible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_SIDHistory job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| SID History Overview | This report identifies any applied ACE which utilizes a trustee's SID history. | None | This report is comprised of three elements: - Bar Chart – Displays the top 5 hosts by affected folders - Table – Provides details on permissions - Table – Provides details on trustees | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-unresolvedsids.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-unresolvedsids.md deleted file mode 100644 index 93c7c4dbd3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-unresolvedsids.md +++ /dev/null @@ -1,26 +0,0 @@ -# FS_UnresolvedSIDs Job - -The FS_UnresolvedSIDs job is designed to report on unresolved SIDs that have been granted direct -permissions on resources from targeted file servers. - -## Analysis Tasks for the FS_UnresolvedSIDs Job - -View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > -**FS_UnresolvedSIDs** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the FS_UnresolvedSIDs Job](/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp) - -The following analysis task is selected by default: - -- Unresolved SIDs – Creates the SA_FS_UnresolvedSIDs_SIDsByResourcePath table accessible under the - job's Results node - -In addition to the tables and views created by the analysis task, the FS_UnresolvedSIDs job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------- | -------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Unresolved SIDs | This report identifies where permissions are assigned for users which no longer exist. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by affected folders - Table – Provides details on top unresolved SIDs - Table – Provides details on top servers by affected folders | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_domainuseracls.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_domainuseracls.md new file mode 100644 index 0000000000..4f83a9a026 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_domainuseracls.md @@ -0,0 +1,33 @@ +# FS_DomainUserACLs Job + +The FS_DomainUserACLs job is designed to report on domain users that have been granted direct +permissions on resources from targeted file servers. + +## Analysis Tasks for the FS_DomainUserACLs Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_DomainUserACLs** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_DomainUserACLs Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp) + +The following analysis tasks are selected by default: + +- 0. Drop tables – Drops tables from previous runs +- 1. Direct User Resource Details – Creates the SA_FS_DomainUserACLs_DirectUserResourceDetails + table accessible under the job’s Results node +- 2. Direct Users: Top 5 Servers – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 3. Direct Users – Creates an interim processing table in the database for use by downstream + analysis and report generation +- 4. Direct Resources – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables and views created by the analysis tasks which displays all direct user +permissions, the FS_DomainUserACLs job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | -------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Domain User ACLs | This report identifies all places where a domain user account has direct rights. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 servers affected by folders - Table – Provides details on domain users - Table – Provides details on resources | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_highriskacls.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_highriskacls.md new file mode 100644 index 0000000000..79d255f458 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_highriskacls.md @@ -0,0 +1,30 @@ +# FS_HighRiskACLs Job + +The FS_HighRiskACLs job is designed to report on high risk security principals that have been +granted direct permissions on resources from targeted file servers. + +## Analysis Tasks for the FS_HighRiskACLs Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_HighRiskACLs** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_HighRiskACLs Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/highriskaclsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. High Risk ACL Details – Creates the SA_FS_HighRiskACLs_Details table accessible under the + job’s Results node +- 2. High Risk Permissions Matrix – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 3. Open Manage Rights – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis task, the FS_HighRiskACLs job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| High Risk ACLs | This report shows permissions of Authenticated Users, Anonymous Login, Everyone, or Domain Users. Applying these trustees to permissions may inadvertently open security holes. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Stacked Bar Chart – Displays high risk permission assignments - Table – Provides details on resources by open manage rights | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_localusersandgroups.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_localusersandgroups.md new file mode 100644 index 0000000000..fb37abf1f7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_localusersandgroups.md @@ -0,0 +1,31 @@ +# FS_LocalUsersAndGroups Job + +The FS_LocalUsersAndGroups job is designed to report on local users and groups that have been +granted direct permissions on resources from targeted file servers. + +## Analysis Tasks for the FS_LocalUsersAndGroups Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_LocalUsersAndGroups** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_LocalUsersAndGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Local Groups Resource Details – Creates the + SA_FS_LocalUsersAndGroups_LocalGroupResourceDetails table accessible under the job’s Results + node +- 2. Local Groups – Creates an interim processing table in the database for use by downstream + analysis and report generation +- 3. Local Group Details – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis task, the FS_LocalUsersAndGroups job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Local Users And Groups | This report identifies at the server level, how many local users and groups have direct ACLs, followed by details at the share level. | None | This report is comprised of two elements: - Bar Chart – Displays top five servers with local users and groups by affected folders - Table – Provides details on local users and groups | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_missingfullcontrol.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_missingfullcontrol.md new file mode 100644 index 0000000000..c131652082 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_missingfullcontrol.md @@ -0,0 +1,28 @@ +# FS_MissingFullControl Job + +The FS_MissingFullControl job is designed to report on resources from targeted file servers that +have no Full Control rights granted to it. + +## Analysis Tasks for the FS_MissingFullControl Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_MissingFullControl** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_MissingFullControl Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Determine folders which are missing full control – Creates an interim processing table in the + database for use by downstream analysis and report generation +- 2. Summarize folders which are missing full control – Creates an interim processing table in the + database for use by downstream analysis and report generation + +In addition to the tables and views created by the analysis task, the FS_MissingFullControl job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Missing Full Control Rights | This report identifies folders within the environment which currently do not have any trustee with Full Control rights, adding to administrative burden. | None | This report is comprised of three elements: - Bar Chart – Displays shares with missing full control rights - Table – Provides details on folder - Table – Provides details on shares with missing full control rights | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_nestedshares.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_nestedshares.md new file mode 100644 index 0000000000..43c2aa9cfa --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_nestedshares.md @@ -0,0 +1,38 @@ +# FS_NestedShares Job + +The FS_NestedShares job is is designed to report on nested shares that have been granted direct +permissions from targeted file servers. + +## Analysis Tasks for the FS_NestedShares Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_NestedShares** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_NestedShares Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/nestedsharesanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Identify Nested Shares + + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_FS_NestedShares_ShareDetails table accessible under the job’s Results node + +- 2. Create function to compare permissions +- 3. Analyze Permission Details + + - Creates the SA_FS_NestedShares_SharePermissions table accessible under the job’s Results node + - Updates the SA_FS_NestedShares_ShareDetails table accessible under the job’s Results node + +- 4. Host Summary – Creates the SA_FS_NestedShares_HostSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the FS_NestedShares job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------- | --------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | +| Nested Shares | This report identifies where folders are exposed through multiple shares. This may cause issues with unwanted access. | None | This report is comprised of two elements: - Bar Chart – Displays hosts by folder count - Table – Provides details on shares | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_sidhistory.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_sidhistory.md new file mode 100644 index 0000000000..45ba2c2ba0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_sidhistory.md @@ -0,0 +1,33 @@ +# FS_SIDHistory Job + +The **2.Direct Permissions** > **FS_SIDHistory** job is designed to report on trustees that have a +historical SID that has been granted direct permissions on resources from targeted file servers. + +## Analysis Tasks for the FS_SIDHistory Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_SIDHistory** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_SIDHistory Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/sidhistoryanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Find ACEs Through SID History + + - Creates the SA_FS_SIDHistory_Details table accessible under the job’s Results node + - Creates the SA_FS_SIDHistory_TrusteeDetails table accessible under the job’s Results node + +- 2. Host Rollups – Creates the SA_FS_SIDHistory_HostSummary table accessible under the job’s + Results node +- 3. Expose SID Details View – Makes the SA_FS_SIDHistory_TrusteeDetails table visible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_SIDHistory job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------------ | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| SID History Overview | This report identifies any applied ACE which utilizes a trustee's SID history. | None | This report is comprised of three elements: - Bar Chart – Displays the top 5 hosts by affected folders - Table – Provides details on permissions - Table – Provides details on trustees | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_unresolvedsids.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_unresolvedsids.md new file mode 100644 index 0000000000..f85d13764d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_unresolvedsids.md @@ -0,0 +1,26 @@ +# FS_UnresolvedSIDs Job + +The FS_UnresolvedSIDs job is designed to report on unresolved SIDs that have been granted direct +permissions on resources from targeted file servers. + +## Analysis Tasks for the FS_UnresolvedSIDs Job + +View the analysis tasks by navigating to the **FileSystem** > **2.Direct Permissions** > +**FS_UnresolvedSIDs** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the FS_UnresolvedSIDs Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp) + +The following analysis task is selected by default: + +- Unresolved SIDs – Creates the SA_FS_UnresolvedSIDs_SIDsByResourcePath table accessible under the + job's Results node + +In addition to the tables and views created by the analysis task, the FS_UnresolvedSIDs job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------- | -------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Unresolved SIDs | This report identifies where permissions are assigned for users which no longer exist. | None | This report is comprised of two elements: - Bar Chart – Displays top servers by affected folders - Table – Provides details on top unresolved SIDs - Table – Provides details on top servers by affected folders | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/overview.md index 470a6f216d..f7d15af70a 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/overview.md @@ -3,21 +3,21 @@ The 2.Direct Permissions job group is designed to report on Direct Permissions information from targeted file servers. -![2.Direct Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![2.Direct Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/jobstree.webp) The 2.Direct Permissions job group is comprised of: -- [FS_DomainUserACLs Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-domainuseracls.md) – Reports on domain users that have been granted +- [FS_DomainUserACLs Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_domainuseracls.md) – Reports on domain users that have been granted direct permissions on resources from targeted file servers -- [FS_HighRiskACLs Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-highriskacls.md) – Reports on high risk security principals that have +- [FS_HighRiskACLs Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_highriskacls.md) – Reports on high risk security principals that have been granted direct permissions on resources from targeted file servers -- [FS_LocalUsersAndGroups Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-localusersandgroups.md) – Reports on local users and groups that +- [FS_LocalUsersAndGroups Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_localusersandgroups.md) – Reports on local users and groups that have been granted direct permissions on resources from targeted file servers -- [FS_MissingFullControl Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-missingfullcontrol.md) – Reports on resources from targeted file +- [FS_MissingFullControl Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_missingfullcontrol.md) – Reports on resources from targeted file servers that have no Full Control rights granted to it -- [FS_NestedShares Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-nestedshares.md) – Reports on nested shares that have been granted direct +- [FS_NestedShares Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_nestedshares.md) – Reports on nested shares that have been granted direct permissions from targeted file servers -- [FS_SIDHistory Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-sidhistory.md) – Reports on trustees that have a historical SID that has +- [FS_SIDHistory Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_sidhistory.md) – Reports on trustees that have a historical SID that has been granted direct permissions on resources from targeted file servers -- [FS_UnresolvedSIDs Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-unresolvedsids.md) – Reports on unresolved SIDs that have been granted +- [FS_UnresolvedSIDs Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_unresolvedsids.md) – Reports on unresolved SIDs that have been granted direct permissions on resources from targeted file servers diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverview.md b/docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverview.md index 36665ead26..74d758f9eb 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverview.md @@ -1,12 +1,12 @@ # FileSystemOverview Job The FileSystemOverview job provides insight into all targeted file servers. It is dependent on data -collected by the [File System Access Auditing](/docs/accessanalyzer/12.0/solutions/filesystem/collection/overview.md#file-system-access-auditing) +collected by the [File System Access Auditing](collection/overview.md#file-system-access-auditing) components and the components of the [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/collection/overview.md). It also depends on the running of the sub-job groups within the solution. If only select sub-job groups have been run, there will be blank sections in the overview report. -![FileSystemOverview Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/filesystemoverviewjobstree.webp) +![FileSystemOverview Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverviewjobstree.webp) The FileSystemOverview job is designed to provide an overview of all relevant information from targeted file servers. @@ -19,7 +19,7 @@ node and select **Analysis**. **CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is preconfigured for this job. -![Analysis Tasks for the FileSystemOverview Job](/img/product_docs/accessanalyzer/solutions/filesystem/filesystemoverviewanalysis.webp) +![Analysis Tasks for the FileSystemOverview Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverviewanalysis.webp) The following analysis task is selected by default: diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/fs-brokeninheritance.md b/docs/accessanalyzer/12.0/solutions/filesystem/fs-brokeninheritance.md deleted file mode 100644 index 49de52a47e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/fs-brokeninheritance.md +++ /dev/null @@ -1,84 +0,0 @@ -# 3.Broken Inheritance > FS_BrokenInheritance Job - -The FS_BrokenInheritance job is designed to report on resources with Broken Inheritance from -targeted file servers. - -![3.Broken Inheritance > FS_BrokenInheritance Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritancejobstree.webp) - -The FS_BrokenInheritance job is located in the 3.Broken Inheritance job group. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The FS_BrokenInheritance job has the following configurable parameter: - -- Only analyze folders with changed permissions – Set a value of `1` or `2` to select if only - folders with modified permissions are analyzed: - - - 1 – Only analyze resources with changed permissions from parent - - 2 – Analyze all resources regardless of permission changes between parent and child - -See the -[Analysis Tasks for the FS_BrokenInheritance Job](#analysis-tasks-for-the-fs_brokeninheritance-job) -topic for additional information. - -## Analysis Tasks for the FS_BrokenInheritance Job - -View the analysis tasks by navigating to the **FileSystem** > **3.Broken Inheritance** > -**FS_BrokenInheritance** > **Configure** node and select **Analysis**. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or -deselected. There are some that are deselected by default, as they are for troubleshooting purposes. - -![Analysis Tasks for the FS_BrokenInheritance Job](/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Analyze Broken Inheritance - - - Creates an interim processing table in the database for use by downstream analysis and report - generation - - Creates the SA_FS_BrokenInheritance_UniqueTrustees table accessible under the job’s Results - node - - Creates the SA_FS_BrokenInheritance_UniqueTrusteesPivot table accessible under the job’s - Results node - -- 2. Choose to analyze only folders with modified permissions – Creates an interim processing - table in the database for use by downstream analysis and report generation - - - By default set to only analyze resources with changed permissions from parent - - Can be modified to analyze all resources regardless of permission changes between parent and - child. See the [Parameter Configuration](#parameter-configuration) topic for additional - information. - - Alternatively, this can be set by modifying the `@FILTER_TO_CHANGED_RESOURCES` parameter. See - the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) - topic for additional information. - -- 3. Determine Permission Changes – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 4. Analyze Trustee Differences – Creates an interim processing table in the database for use by - downstream analysis and report generation -- 5. Inheritance Types. Categorizes Permission Changes – Creates an interim processing table in - the database for use by downstream analysis and report generation -- 6. Summarize by Share – Creates an interim processing table in the database for use by - downstream analysis and report generation - -The following analysis tasks are deselected by default: - -- 7. Bring Table to Console - Unique trustees – Restores the - SA_FS_BrokenInheritance_UniqueTrustees table to be visible under the job’s Results node -- 8. Bring Table to Console - Trustees pivot – Restores the - SA_FS_BrokenInheritance_UniqueTrusteesPivot table to be visible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_BrokenInheritance job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Broken Inheritance by Share (Broken Inheritance Details) | Broken inheritance between resources can lead to incorrect access for users, either overprovisioning them, or locking them out of critical data. This report identifies the shares and folders with the most permission changes from the parent resource. | None | This report is comprised of three elements: - Bar Chart – Displays top five shares by permission changes - Table – Provides details on folders - Table – Provides details on shares | -| Unique Trustees | This report identifies permission changes between folders. These trustees have been either removed, added, or had their rights adjusted. | None | This report is comprised of one element: - Table – Provides details on unique trustees | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/fs-dlpresults.md b/docs/accessanalyzer/12.0/solutions/filesystem/fs-dlpresults.md deleted file mode 100644 index 99fdf3b1f5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/fs-dlpresults.md +++ /dev/null @@ -1,48 +0,0 @@ -# 7.Sensitive Data > FS_DLPResults Job - -The FS_DLPResults job is designed to report on resources that have been identified to contain -sensitive data from targeted file servers. It is comprised of analysis and reports which use the -data collected by the **0.Collection** job group to provide information on where sensitive data is -being shared. Best practices often dictate moving files with sensitive data out of open shares. - -![7.Sensitive Data > FS_DLPResults Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) - -The FS_DLPResults job is located in the 7.Sensitive Data job group. - -## Analysis Tasks for the FS_DLPResults Job - -View the analysis tasks by navigating to the **FileSystem** > **7.Sensitive Data** > -**FS_DLPResults** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_DLPResults Job](/img/product_docs/accessanalyzer/solutions/filesystem/dlpresultsanalysis.webp) - -The following analysis tasks are selected by default: - -- Share Details – Creates the SA_FS_DLPResults_ShareDetails table accessible under the job’s Results - node -- Share Summary – Creates the SA_FS_DLPResults_ShareSummary table accessible under the job’s Results - node -- Enterprise Summary – Creates an interim processing table in the database for use by downstream - analysis and report generation -- Sensitive Security Groups – Creates the SA_FS_DLPResults_GroupDetails table accessible under the - job’s Results node -- Identify Probable Owners – Creates the SA_FS_DLPResults_ProbableOwners table accessible under the - job’s Results node -- Activity Details – Creates the SA_FS_DLPResults_ActivityDetails table accessible under the job’s - Results node -- Top Trustees by Activity – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the FS_DLPResults job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Enterprise Summary (Sensitive Content) | This report identifies the type and amount of sensitive content found on scanned machines. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – Displays exceptions by file count - Table – Provides details on exceptions by file count | -| File Ownership (Sensitive Data Ownership) | This report identifies the top 3 potential owners of files which have been found to contain sensitive content. | None | This report is comprised of one element: - Table – Provides details on top owners per file | -| Sensitive Data Access | This report shows who is accessing sensitive data. Emphasis is placed on activity within the last 30 days. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays sensitive data access by top users - last 30 days - Table – Provides details on sensitive data access | -| Sensitive Security Groups | This report identifies groups which are used to provide access to sensitive data. Changes to membership should be closely monitored. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Top groups by access to sensitive files - Table – Provides details on group access to sensitive files | -| Share Details (Shares with Sensitive Content) | This report identifies the location of sensitive data, and flags whether or not this data is accessible through open access. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar chart – Displays top shares by sensitive file count - Table – Provides details on files - Table – Provides details on top shares by sensitive file count | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/fs-openaccess.md b/docs/accessanalyzer/12.0/solutions/filesystem/fs-openaccess.md deleted file mode 100644 index b3d0286271..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/fs-openaccess.md +++ /dev/null @@ -1,52 +0,0 @@ -# 1.Open Access > FS_OpenAccess Job - -The FS_OpenAccess job is designed to report on Open Access information from targeted file servers. -The definition of Open Access is when a security principal, such as Everyone, Authenticated Users, -or Domain Users, have permissions on a resource. - -![1.Open Access > FS_OpenAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/openaccessjobstree.webp) - -The FS_OpenAccess job is located in the 1.Open Access job group. - -## Analysis Tasks for the FS_OpenAccess Job - -View the analysis tasks by navigating to the **FileSystem** > **1.Open Access** > -**FS_OpenAccess** > **Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the FS_OpenAccess Job](/img/product_docs/accessanalyzer/solutions/filesystem/openaccessanalysis.webp) - -The following analysis tasks are selected by default: - -- 1. Find Open Access – Creates the SA_FS_OpenAccess_OpenResources table accessible under the - job’s Results node -- 2. Sum by Host - Summarized Access Sprawl – Creates the SA_FS_OpenAccess_HostsRanked table - accessible under the job’s Results node -- 3. Sum by Share – Creates the SA_FS_OpenAccess_SharesRanked table accessible under the job’s - Results node -- 4. Content Type in Share - Categorizes shared content: - - - Creates an interim processing view in the database for use by downstream analysis and report - generation - - Creates the SA_FS_OpenAccess_ShareContent view accessible under the job’s Results node - -- 5. Content by Host – Updates the SA_FS_OpenAccess_HostsRanked table accessible under the job’s - Results node -- 6. Remediation Tracking - Track Status of Shares Throughout Time – Creates an interim processing - view in the database for use by downstream analysis and report generation -- 7. Track Remediation by Months - Track Status of Shares Throughout Time – Creates an interim - processing view in the database for use by downstream analysis and report generation -- 8. Assign Risk Ratings to Hosts and Shares – Updates the SA_FS_OpenAccess_HostsRanked and the - SA_FS_OpenAccess_SharesRanked tables accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_OpenAccess job produces -the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Folder Details (Open Folder Details) | This report identifies all open folders within the targeted environment. | None | This report is comprised of one element: - Table – Provides details on open folders | -| Hosts with Open Access | This report identifies hosts with the highest number of open folders. | None | This report is comprised of two elements: - Bar Chart – Displays top hosts by open folder count - Table – Provides details on hosts with open folder access | -| Open Shares | This report identifies shares with open resources. The Open Access column shows the highest levels of access given to all users in any one resource inside the share. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays largest open shares by folder count - Table – Provides details on open shares | -| Remediation Status | This report identifies the historical success of the organization's share management effort. | None | This report is comprised of two elements: - Column Chart – Displays the remediation status - Table – Provides details on remediation status | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/fs-probableowner.md b/docs/accessanalyzer/12.0/solutions/filesystem/fs-probableowner.md deleted file mode 100644 index 2fe992531f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/fs-probableowner.md +++ /dev/null @@ -1,48 +0,0 @@ -## 6.Probable Owner > FS_ProbableOwner Job - -The 6.Probable Owner Job Group is designed to report on probable owners of resources from targeted -file servers. - -![probableownerjobstree](/img/product_docs/accessanalyzer/solutions/filesystem/probableownerjobstree.webp) - -The 6.Probable Owner Job Group is comprised of: - -- FS_ProbableOwner Job – Designed to report on probable owners of resources from targeted file - servers - -## Analysis Tasks for the FS_ProbableOwner Job - -View the analysis tasks by navigating to the FileSystem > 6.Probable Owner > FS_ProbableOwner > -Configure node and select Analysis. - -**CAUTION:** Do not modify or deselect the first and third selected analysis tasks. The analysis -tasks are preconfigured for this job. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/filesystem/probableowneranalysis.webp) - -The following analysis tasks are selected by default: - -- Create Functions – Creates functions in tier 1 SQL database that are required to calculate - Probable Owners -- Identify Probable Owners – Creates the SA_FS_ProbableOwner_Details table accessible under the - job’s Results node - - Set to “Start listing ownership at the root share” which is `@minlevel` parameter set to - Value0. - - Set to “List ownership as deep into the folder hierarchy as the root share” which is - `@maxlevel` parameter set to Value0. - - Value0 = root share, Value1 = 1 folder deep, Value2 = 2 folders deep, etc. - - Set the variable #FILTERED_TRUSTEES to a CSV file that contains one row for each SID to be - excluded. When the job is run, SIDs specified in the #FILTERED_TRUSTEES variable are excluded - from the analysis and not reported as probable owners. - - See the - [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) - topic for additional information. -- Identify Folders with no Owner Found – Creates the SA_FS_ProbableOwner_NoOwnerFound table - accessible under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the FS_ProbableOwner Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------- | -| Probable Share Owners (A.K.A. Probable Owners) | This report identifies the number of shares owned by individuals, as determined by a weighted average of ownership of content, management, and level of activity. The top 2 owners per ownership criteria per share are displayed. | None | This report is comprised of one element: - Table – Provides details on probable owners | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/fs-securityassessment.md b/docs/accessanalyzer/12.0/solutions/filesystem/fs-securityassessment.md deleted file mode 100644 index 13325ef85b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/fs-securityassessment.md +++ /dev/null @@ -1,51 +0,0 @@ -# FS_SecurityAssessment Job - -The FS_SecurityAssessment job is designed to provide a security assessment of all relevant -information from targeted file servers. It is dependent upon the following jobs: - -- 2.Direct Permissions Job Group - - - [FS_LocalUsersAndGroups Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-localusersandgroups.md) - - [FS_NestedShares Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-nestedshares.md) - - [FS_SIDHistory Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs-sidhistory.md) - -- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-brokeninheritance.md) -- 5.Activity Job Group - - - [Least Privileged Access > FS_LeastPrivilegedAccess Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/fs-leastprivilegedaccess.md) - - Security > [FS_HighRiskActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs-highriskactivity.md) - -- 7.Sensitive Data Job Group - - - [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-dlpresults.md) - -If only select sub-job groups have been run, there are blank sections in the overview report. - -![FS_SecurityAssessment Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectory/securityassessmentjobstree.webp) - -The FS_SecurityAssessment job is comprised of analysis and reports which use the data collected by -the 0.Collection job group and analyzed by the jobs listed above. - -## Analysis Task for the FS_SecurityAssessment Job - -View the analysis tasks by navigating to the **FileSystem** > **FS_SecurityAssessment** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Task for the FS_SecurityAssessment Job](/img/product_docs/accessanalyzer/solutions/activedirectory/securityassessmentanalysis.webp) - -The following analysis tasks are selected by default: - -- Assess Risk – Creates the SA_FS_SecurityAssessment_Details table accessible under the job’s - Results node -- Summary – Creates the SA_FS_SecurityAssessment_Summary table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis task, the FS_SecurityAssessment job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ---------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Security Assessment | This report identifies common issues and vulnerabilities across your file systems. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of four elements: - Table – Provides details of the scan Scope - Pie Chart – Provides details of findings by risk - Table – Provides details of findings by category - Table – Provides a summary of risk assessment details | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/fs_brokeninheritance.md b/docs/accessanalyzer/12.0/solutions/filesystem/fs_brokeninheritance.md new file mode 100644 index 0000000000..4d2a4f0f19 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/fs_brokeninheritance.md @@ -0,0 +1,84 @@ +# 3.Broken Inheritance > FS_BrokenInheritance Job + +The FS_BrokenInheritance job is designed to report on resources with Broken Inheritance from +targeted file servers. + +![3.Broken Inheritance > FS_BrokenInheritance Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/brokeninheritancejobstree.webp) + +The FS_BrokenInheritance job is located in the 3.Broken Inheritance job group. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The FS_BrokenInheritance job has the following configurable parameter: + +- Only analyze folders with changed permissions – Set a value of `1` or `2` to select if only + folders with modified permissions are analyzed: + + - 1 – Only analyze resources with changed permissions from parent + - 2 – Analyze all resources regardless of permission changes between parent and child + +See the +[Analysis Tasks for the FS_BrokenInheritance Job](#analysis-tasks-for-the-fs_brokeninheritance-job) +topic for additional information. + +## Analysis Tasks for the FS_BrokenInheritance Job + +View the analysis tasks by navigating to the **FileSystem** > **3.Broken Inheritance** > +**FS_BrokenInheritance** > **Configure** node and select **Analysis**. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified and or +deselected. There are some that are deselected by default, as they are for troubleshooting purposes. + +![Analysis Tasks for the FS_BrokenInheritance Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/brokeninheritanceanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Analyze Broken Inheritance + + - Creates an interim processing table in the database for use by downstream analysis and report + generation + - Creates the SA_FS_BrokenInheritance_UniqueTrustees table accessible under the job’s Results + node + - Creates the SA_FS_BrokenInheritance_UniqueTrusteesPivot table accessible under the job’s + Results node + +- 2. Choose to analyze only folders with modified permissions – Creates an interim processing + table in the database for use by downstream analysis and report generation + + - By default set to only analyze resources with changed permissions from parent + - Can be modified to analyze all resources regardless of permission changes between parent and + child. See the [Parameter Configuration](#parameter-configuration) topic for additional + information. + - Alternatively, this can be set by modifying the `@FILTER_TO_CHANGED_RESOURCES` parameter. See + the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information. + +- 3. Determine Permission Changes – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 4. Analyze Trustee Differences – Creates an interim processing table in the database for use by + downstream analysis and report generation +- 5. Inheritance Types. Categorizes Permission Changes – Creates an interim processing table in + the database for use by downstream analysis and report generation +- 6. Summarize by Share – Creates an interim processing table in the database for use by + downstream analysis and report generation + +The following analysis tasks are deselected by default: + +- 7. Bring Table to Console - Unique trustees – Restores the + SA_FS_BrokenInheritance_UniqueTrustees table to be visible under the job’s Results node +- 8. Bring Table to Console - Trustees pivot – Restores the + SA_FS_BrokenInheritance_UniqueTrusteesPivot table to be visible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_BrokenInheritance job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Broken Inheritance by Share (Broken Inheritance Details) | Broken inheritance between resources can lead to incorrect access for users, either overprovisioning them, or locking them out of critical data. This report identifies the shares and folders with the most permission changes from the parent resource. | None | This report is comprised of three elements: - Bar Chart – Displays top five shares by permission changes - Table – Provides details on folders - Table – Provides details on shares | +| Unique Trustees | This report identifies permission changes between folders. These trustees have been either removed, added, or had their rights adjusted. | None | This report is comprised of one element: - Table – Provides details on unique trustees | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/fs_dlpresults.md b/docs/accessanalyzer/12.0/solutions/filesystem/fs_dlpresults.md new file mode 100644 index 0000000000..28eade268c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/fs_dlpresults.md @@ -0,0 +1,48 @@ +# 7.Sensitive Data > FS_DLPResults Job + +The FS_DLPResults job is designed to report on resources that have been identified to contain +sensitive data from targeted file servers. It is comprised of analysis and reports which use the +data collected by the **0.Collection** job group to provide information on where sensitive data is +being shared. Best practices often dictate moving files with sensitive data out of open shares. + +![7.Sensitive Data > FS_DLPResults Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/sensitivedatajobstree.webp) + +The FS_DLPResults job is located in the 7.Sensitive Data job group. + +## Analysis Tasks for the FS_DLPResults Job + +View the analysis tasks by navigating to the **FileSystem** > **7.Sensitive Data** > +**FS_DLPResults** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_DLPResults Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/dlpresultsanalysis.webp) + +The following analysis tasks are selected by default: + +- Share Details – Creates the SA_FS_DLPResults_ShareDetails table accessible under the job’s Results + node +- Share Summary – Creates the SA_FS_DLPResults_ShareSummary table accessible under the job’s Results + node +- Enterprise Summary – Creates an interim processing table in the database for use by downstream + analysis and report generation +- Sensitive Security Groups – Creates the SA_FS_DLPResults_GroupDetails table accessible under the + job’s Results node +- Identify Probable Owners – Creates the SA_FS_DLPResults_ProbableOwners table accessible under the + job’s Results node +- Activity Details – Creates the SA_FS_DLPResults_ActivityDetails table accessible under the job’s + Results node +- Top Trustees by Activity – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the FS_DLPResults job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Enterprise Summary (Sensitive Content) | This report identifies the type and amount of sensitive content found on scanned machines. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Pie Chart – Displays exceptions by file count - Table – Provides details on exceptions by file count | +| File Ownership (Sensitive Data Ownership) | This report identifies the top 3 potential owners of files which have been found to contain sensitive content. | None | This report is comprised of one element: - Table – Provides details on top owners per file | +| Sensitive Data Access | This report shows who is accessing sensitive data. Emphasis is placed on activity within the last 30 days. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays sensitive data access by top users - last 30 days - Table – Provides details on sensitive data access | +| Sensitive Security Groups | This report identifies groups which are used to provide access to sensitive data. Changes to membership should be closely monitored. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Top groups by access to sensitive files - Table – Provides details on group access to sensitive files | +| Share Details (Shares with Sensitive Content) | This report identifies the location of sensitive data, and flags whether or not this data is accessible through open access. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of three elements: - Bar chart – Displays top shares by sensitive file count - Table – Provides details on files - Table – Provides details on top shares by sensitive file count | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/fs_openaccess.md b/docs/accessanalyzer/12.0/solutions/filesystem/fs_openaccess.md new file mode 100644 index 0000000000..c86c03d892 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/fs_openaccess.md @@ -0,0 +1,52 @@ +# 1.Open Access > FS_OpenAccess Job + +The FS_OpenAccess job is designed to report on Open Access information from targeted file servers. +The definition of Open Access is when a security principal, such as Everyone, Authenticated Users, +or Domain Users, have permissions on a resource. + +![1.Open Access > FS_OpenAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/openaccessjobstree.webp) + +The FS_OpenAccess job is located in the 1.Open Access job group. + +## Analysis Tasks for the FS_OpenAccess Job + +View the analysis tasks by navigating to the **FileSystem** > **1.Open Access** > +**FS_OpenAccess** > **Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the FS_OpenAccess Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/openaccessanalysis.webp) + +The following analysis tasks are selected by default: + +- 1. Find Open Access – Creates the SA_FS_OpenAccess_OpenResources table accessible under the + job’s Results node +- 2. Sum by Host - Summarized Access Sprawl – Creates the SA_FS_OpenAccess_HostsRanked table + accessible under the job’s Results node +- 3. Sum by Share – Creates the SA_FS_OpenAccess_SharesRanked table accessible under the job’s + Results node +- 4. Content Type in Share - Categorizes shared content: + + - Creates an interim processing view in the database for use by downstream analysis and report + generation + - Creates the SA_FS_OpenAccess_ShareContent view accessible under the job’s Results node + +- 5. Content by Host – Updates the SA_FS_OpenAccess_HostsRanked table accessible under the job’s + Results node +- 6. Remediation Tracking - Track Status of Shares Throughout Time – Creates an interim processing + view in the database for use by downstream analysis and report generation +- 7. Track Remediation by Months - Track Status of Shares Throughout Time – Creates an interim + processing view in the database for use by downstream analysis and report generation +- 8. Assign Risk Ratings to Hosts and Shares – Updates the SA_FS_OpenAccess_HostsRanked and the + SA_FS_OpenAccess_SharesRanked tables accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_OpenAccess job produces +the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Folder Details (Open Folder Details) | This report identifies all open folders within the targeted environment. | None | This report is comprised of one element: - Table – Provides details on open folders | +| Hosts with Open Access | This report identifies hosts with the highest number of open folders. | None | This report is comprised of two elements: - Bar Chart – Displays top hosts by open folder count - Table – Provides details on hosts with open folder access | +| Open Shares | This report identifies shares with open resources. The Open Access column shows the highest levels of access given to all users in any one resource inside the share. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of two elements: - Bar Chart – Displays largest open shares by folder count - Table – Provides details on open shares | +| Remediation Status | This report identifies the historical success of the organization's share management effort. | None | This report is comprised of two elements: - Column Chart – Displays the remediation status - Table – Provides details on remediation status | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/fs_probableowner.md b/docs/accessanalyzer/12.0/solutions/filesystem/fs_probableowner.md new file mode 100644 index 0000000000..efb81149d0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/fs_probableowner.md @@ -0,0 +1,48 @@ +## 6.Probable Owner > FS_ProbableOwner Job + +The 6.Probable Owner Job Group is designed to report on probable owners of resources from targeted +file servers. + +![probableownerjobstree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/probableownerjobstree.webp) + +The 6.Probable Owner Job Group is comprised of: + +- FS_ProbableOwner Job – Designed to report on probable owners of resources from targeted file + servers + +## Analysis Tasks for the FS_ProbableOwner Job + +View the analysis tasks by navigating to the FileSystem > 6.Probable Owner > FS_ProbableOwner > +Configure node and select Analysis. + +**CAUTION:** Do not modify or deselect the first and third selected analysis tasks. The analysis +tasks are preconfigured for this job. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/probableowneranalysis.webp) + +The following analysis tasks are selected by default: + +- Create Functions – Creates functions in tier 1 SQL database that are required to calculate + Probable Owners +- Identify Probable Owners – Creates the SA_FS_ProbableOwner_Details table accessible under the + job’s Results node + - Set to “Start listing ownership at the root share” which is `@minlevel` parameter set to + Value0. + - Set to “List ownership as deep into the folder hierarchy as the root share” which is + `@maxlevel` parameter set to Value0. + - Value0 = root share, Value1 = 1 folder deep, Value2 = 2 folders deep, etc. + - Set the variable #FILTERED_TRUSTEES to a CSV file that contains one row for each SID to be + excluded. When the job is run, SIDs specified in the #FILTERED_TRUSTEES variable are excluded + from the analysis and not reported as probable owners. + - See the + [Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) + topic for additional information. +- Identify Folders with no Owner Found – Creates the SA_FS_ProbableOwner_NoOwnerFound table + accessible under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the FS_ProbableOwner Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------- | +| Probable Share Owners (A.K.A. Probable Owners) | This report identifies the number of shares owned by individuals, as determined by a weighted average of ownership of content, management, and level of activity. The top 2 owners per ownership criteria per share are displayed. | None | This report is comprised of one element: - Table – Provides details on probable owners | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/fs_securityassessment.md b/docs/accessanalyzer/12.0/solutions/filesystem/fs_securityassessment.md new file mode 100644 index 0000000000..9b694dfafe --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/fs_securityassessment.md @@ -0,0 +1,51 @@ +# FS_SecurityAssessment Job + +The FS_SecurityAssessment job is designed to provide a security assessment of all relevant +information from targeted file servers. It is dependent upon the following jobs: + +- 2.Direct Permissions Job Group + + - [FS_LocalUsersAndGroups Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_localusersandgroups.md) + - [FS_NestedShares Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_nestedshares.md) + - [FS_SIDHistory Job](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/fs_sidhistory.md) + +- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_brokeninheritance.md) +- 5.Activity Job Group + + - [Least Privileged Access > FS_LeastPrivilegedAccess Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/fs_leastprivilegedaccess.md) + - Security > [FS_HighRiskActivity Job](/docs/accessanalyzer/12.0/solutions/filesystem/activity/security/fs_highriskactivity.md) + +- 7.Sensitive Data Job Group + + - [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_dlpresults.md) + +If only select sub-job groups have been run, there are blank sections in the overview report. + +![FS_SecurityAssessment Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/securityassessmentjobstree.webp) + +The FS_SecurityAssessment job is comprised of analysis and reports which use the data collected by +the 0.Collection job group and analyzed by the jobs listed above. + +## Analysis Task for the FS_SecurityAssessment Job + +View the analysis tasks by navigating to the **FileSystem** > **FS_SecurityAssessment** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Task for the FS_SecurityAssessment Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/securityassessmentanalysis.webp) + +The following analysis tasks are selected by default: + +- Assess Risk – Creates the SA_FS_SecurityAssessment_Details table accessible under the job’s + Results node +- Summary – Creates the SA_FS_SecurityAssessment_Summary table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis task, the FS_SecurityAssessment job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ---------------------------------------------------------------------------------- | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Security Assessment | This report identifies common issues and vulnerabilities across your file systems. | GDPR SOX HIPAA PCI-DSS GLBA ITAR FERPA FISMA ISO27001 | This report is comprised of four elements: - Table – Provides details of the scan Scope - Pie Chart – Provides details of findings by risk - Table – Provides details of findings by category - Table – Provides a summary of risk assessment details | diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/overview.md index a6d5198c1d..e56fd9bc0e 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/overview.md @@ -23,17 +23,17 @@ sensitive data, or Sensitive Data Discovery Auditing (SEEK). Supported Platforms -- See the [File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) topic for a +- See the [File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) topic for a full list of supported platforms. Requirements, Permissions, and Ports - Permissions vary based on the Scan Mode Option selected. See the - [File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) topic for additional + [File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) topic for additional information. - Ports vary based on the Scan Mode Option selected. See the - [File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic for + [File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic for additional information. Sensitive Data Discovery Considerations @@ -67,10 +67,10 @@ The File System Solution offers information on multiple aspects of an organizati infrastructure. This solution is comprised of eleven job groups and an overview job which collect, analyze, and report on data as well as run action tasks for environmental remediation. The data collection is conducted by the FileSystemAccess (FSAA) Data Collector. See the -[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/12.0/data-collection/fsaa/standard-tables.md) +[Standard Reference Tables & Views for the FSAA Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/standardtables.md) section for database table information. -![File System Solution](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![File System Solution](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/overviewpage.webp) Each type of auditing depends on specific jobs within the 0.Collection Job Group to collect the data and its corresponding analysis and reporting job groups. The Access Auditing components represent @@ -93,43 +93,43 @@ of the following jobs: - [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/collection/overview.md) – Designed to collect information from targeted file servers. Information collected includes access control information, activity events, and sensitive data. - - This job group is available with the File System license feature. -- [1.Open Access > FS_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-openaccess.md) – Designed to report on Open Access + - This job group is available with the File System license feature. +- [1.Open Access > FS_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_openaccess.md) – Designed to report on Open Access information from targeted file servers - [2.Direct Permissions Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/overview.md) – Designed to report on Direct Permissions information from targeted file servers -- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-brokeninheritance.md) – Designed to report on +- [3.Broken Inheritance > FS_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_brokeninheritance.md) – Designed to report on Broken Inheritance information from targeted file servers - [4.Content Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/content/overview.md) – Designed to report on content information from targeted file servers. Key information reported on in this group is: File Types, File Sizing, Stale Content, and File Tags. - [5.Activity Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/activity/overview.md) – Designed to report on activity event information from targeted file servers - - Requires the Activity Monitor -- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-probableowner.md) – Designed to report on probable + - Requires the Activity Monitor +- [6.Probable Owner > FS_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_probableowner.md) – Designed to report on probable owners of resources from targeted file servers -- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-dlpresults.md) – Designed to report on resources that +- [7.Sensitive Data > FS_DLPResults Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_dlpresults.md) – Designed to report on resources that have been identified to contain sensitive data from targeted file servers - - Requires Sensitive Data Discovery + - Requires Sensitive Data Discovery - [Ad Hoc Audits Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/overview.md) – Designed to report on resources and trustees that have been provided by the user from targeted file servers - - Typically, this is run independently from the rest of the solution + - Typically, this is run independently from the rest of the solution - [Cleanup Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/cleanup/overview.md) – Designed to report on and take action against resources from targeted file servers that can be cleaned up - - Requires the File System Actions license feature to function - - This job group is run independently from the rest of the solution + - Requires the File System Actions license feature to function + - This job group is run independently from the rest of the solution - [Resource Based Groups Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overview.md) – Designed to report on and take action against resources from targeted file servers that can be have their permissions structure transformed to a resource-based group implementation - - Requires the File System Actions and Active Directory Actions license features to function - - This job group is run independently from the rest of the solution + - Requires the File System Actions and Active Directory Actions license features to function + - This job group is run independently from the rest of the solution - [FileSystemOverview Job](/docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverview.md) – Designed to provide an overview of all relevant information from targeted file servers -- [FS_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs-securityassessment.md) – Designed to provide a security assessment +- [FS_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/filesystem/fs_securityassessment.md) – Designed to provide a security assessment of all relevant information from targeted file servers When targeting Nasuni Edge Appliances, it is necessary to add a job from the Instant Job Library (FS_Nasuni Job) which uses the PowerShell Data collector to gather system information, volume data, and share data from the Nasuni environment. This job should be added to the 0.Collection Job Group and should be renamed (0-FS_Nasuni) to run immediately after the 0-Create Schema Job. See the -[0-FS_Nasuni Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fs-nasuni.md) topic for additional information. +[0-FS_Nasuni Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fs_nasuni.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/recommended.md b/docs/accessanalyzer/12.0/solutions/filesystem/recommended.md index 74b09a4b9c..b9e58f403e 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/recommended.md @@ -7,7 +7,7 @@ scheduled. _Remember,_ the credential permissions required for the scan and host lists are affected by the scan mode selected. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic for +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic for additional information. Dependencies @@ -35,7 +35,7 @@ containing all on-premise Nasuni Edge Appliances and cloud filers. If using multiple proxy servers, these should also be configured within a different custom-created host list. Then assign the proxy servers host list on the -[FSAA: Applet Settings](/docs/accessanalyzer/12.0/data-collection/fsaa/applet-settings.md) page of the File System +[FSAA: Applet Settings](/docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.md) page of the File System Access Auditor Data Collector Wizard within the following jobs in the 0.Collection Job Group according to the type of auditing being conducted: @@ -48,7 +48,7 @@ necessary to target the Windows File Server Cluster (name of the cluster) of int scan against a Windows File System Cluster. Within the Access Analyzer Master Host Table, there should be a host entry for the cluster as well as for each node. Additionally, each of these host entries must have the name of the cluster in the WinCluster column in the host inventory data. This -may need to be updated manually. See the [Host Inventory](/docs/accessanalyzer/12.0/administration/settings/host-inventory.md) +may need to be updated manually. See the [Host Inventory](/docs/accessanalyzer/12.0/admin/settings/hostinventory.md) topic for additional information. **NOTE:** The host targeted by the File System scans is only the host entry for the cluster. For @@ -76,8 +76,8 @@ Connection Profile The FSAA Data Collector requires permissions based on the platform being targeted for data collection as well as the scan mode selected. See the -[File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic and the -[File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) topic for necessary +[File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic and the +[File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) topic for necessary permissions for the supported target platforms. See the [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) for the necessary permission for collecting activity data. Then create a custom Connection Profile @@ -94,7 +94,7 @@ Connection Profile containing the **API Access Key** and **Passcode** for each o Edge Appliance and cloud filer in the target environment. Nasuni API key names are case sensitive. When providing them, ensure they are entered in the exact same case as generated. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency @@ -122,10 +122,10 @@ only select sub-job groups are run. **_RECOMMENDED:_** If only conducting one or two types of auditing, scope the solution by disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. It is not recommended to delete any jobs. See the -[Disable or Enable a Job](/docs/accessanalyzer/12.0/administration/job-management/job/disable-enable.md) topic for additional information. +[Disable or Enable a Job](/docs/accessanalyzer/12.0/admin/jobs/job/disableenable.md) topic for additional information. **NOTE:** If targeting Nasuni Edge Appliances, it is necessary to add the -[0-FS_Nasuni Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fs-nasuni.md) to the **0.Collection** Job Group. +[0-FS_Nasuni Job](/docs/accessanalyzer/12.0/solutions/filesystem/collection/0-fs_nasuni.md) to the **0.Collection** Job Group. Query Configuration @@ -133,98 +133,98 @@ This solution can be run with the default query configuration. However, the most customizations include: - Use proxy scanning architecture, see the - [File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/12.0/getting-started/installation/filesystem-proxy/configure-data-collector.md) + [File System Data Collection Configuration for Proxy as a Service](/docs/accessanalyzer/12.0/install/filesystemproxy/configuredatacollector.md) topic for instructions - Default Scoping Options page > File Properties tab, optionally configure the following: - - In the Scan for Probable Owner section, limit the number of probable owners to return per - folder - - In the Scan for File Types section, add comma-separated values to limit the file types - returned - - Opt to collect file Microsoft Office metadata tags and add comma-separated values to limit the - metadata tags collected. - - Set on the following **0.Collection** Job Group jobs: + - In the Scan for Probable Owner section, limit the number of probable owners to return per + folder + - In the Scan for File Types section, add comma-separated values to limit the file types + returned + - Opt to collect file Microsoft Office metadata tags and add comma-separated values to limit the + metadata tags collected. + - Set on the following **0.Collection** Job Group jobs: - - **1-FSAA System Scans** Job for Access Auditing + - **1-FSAA System Scans** Job for Access Auditing - Default Scoping Options page > File Details tab, configure the file detail collection - - By default, file detail scans are disabled - - Select the type of file data to be collected and optionally add filters - - Set on the following **0.Collection** Job Group jobs: + - By default, file detail scans are disabled + - Select the type of file data to be collected and optionally add filters + - Set on the following **0.Collection** Job Group jobs: - - **1-FSAA System Scans** Job for Access Auditing + - **1-FSAA System Scans** Job for Access Auditing - Applet Settings page, optionally configure the applet settings: - - Opt to enable strong proxy affinity (only run scans on last proxy to scan host, unless no - longer in proxy host list) - - Configure the following: + - Opt to enable strong proxy affinity (only run scans on last proxy to scan host, unless no + longer in proxy host list) + - Configure the following: - - Maximum concurrent scans to run on any single applet host - - Maximum waiting time for strong proxy affinity - - Scan cancellation timeout + - Maximum concurrent scans to run on any single applet host + - Maximum waiting time for strong proxy affinity + - Scan cancellation timeout - - Set on the following **0.Collection** Job Group jobs: + - Set on the following **0.Collection** Job Group jobs: - - **1-FSAA System Scans** Job for Access Auditing - - **1-FSAC System Scans** Job for Activity Auditing - - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing + - **1-FSAA System Scans** Job for Access Auditing + - **1-FSAC System Scans** Job for Activity Auditing + - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing - Scan Server Selection page, set the type of mode the scans will run on - - The mode configured must align with the provisioning of the credential and environment. See - the [File System Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/filesystem/scan-options.md) topic - and the [File System Supported Platforms](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/filesystems.md) topic for - additional information. - - Local Mode – All of the data collection processing is conducted by the Access Analyzer Console - server across the network - - Applet Mode – The File System applet is deployed to the target host when the job is executed - to conduct data collection. The data is collected on the Windows target host where the applet - is deployed. The final step in data collection is to compress and transfer the data collected - in the SQLite databases, or Tier 2 databases, back to the Access Analyzer Console server. If - the target host is a NAS device, the File System scans default to local mode for that host. - - Proxy Mode with Applet – The File System applet is deployed to the Windows proxy server when - the job is executed to conduct data collection. The data collection processing is initiated by - the proxy server where the applet is deployed and leverages a local mode-type scan to each of - the target hosts. The final step in data collection is to compress and transfer the data - collected in the SQLite databases, or Tier 2 databases, back to the Access Analyzer Console - server. - - Proxy Mode as a Service – The File System Proxy Service must be installed on the Windows proxy - servers prior to executing the scans. The data collection processing is conducted by the proxy - server where the service is running and leverages a local mode-type scan to each of the target - hosts. The final step in data collection is to compress and transfer the data collected in the - SQLite databases, or Tier 2 databases, back to the Access Analyzer Console server. The - credential granted rights to interact with the service must be included in the assigned - Connection Profile. - - Set on the following **0.Collection** Job Group jobs: - - - **1-FSAA System Scans** Job for Access Auditing - - **1-FSAC System Scans** Job for Activity Auditing - - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing + - The mode configured must align with the provisioning of the credential and environment. See + the [File System Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/filesystem/scanoptions.md) topic + and the [File System Supported Platforms](/docs/accessanalyzer/12.0/requirements/target/filesystems.md) topic for + additional information. + - Local Mode – All of the data collection processing is conducted by the Access Analyzer Console + server across the network + - Applet Mode – The File System applet is deployed to the target host when the job is executed + to conduct data collection. The data is collected on the Windows target host where the applet + is deployed. The final step in data collection is to compress and transfer the data collected + in the SQLite databases, or Tier 2 databases, back to the Access Analyzer Console server. If + the target host is a NAS device, the File System scans default to local mode for that host. + - Proxy Mode with Applet – The File System applet is deployed to the Windows proxy server when + the job is executed to conduct data collection. The data collection processing is initiated by + the proxy server where the applet is deployed and leverages a local mode-type scan to each of + the target hosts. The final step in data collection is to compress and transfer the data + collected in the SQLite databases, or Tier 2 databases, back to the Access Analyzer Console + server. + - Proxy Mode as a Service – The File System Proxy Service must be installed on the Windows proxy + servers prior to executing the scans. The data collection processing is conducted by the proxy + server where the service is running and leverages a local mode-type scan to each of the target + hosts. The final step in data collection is to compress and transfer the data collected in the + SQLite databases, or Tier 2 databases, back to the Access Analyzer Console server. The + credential granted rights to interact with the service must be included in the assigned + Connection Profile. + - Set on the following **0.Collection** Job Group jobs: + + - **1-FSAA System Scans** Job for Access Auditing + - **1-FSAC System Scans** Job for Activity Auditing + - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing - Default Scoping Options page > Scan Settings tab, configuring the subfolder depth - - Recommendation (allows for a proper assessment on runtime for the targeted environment): + - Recommendation (allows for a proper assessment on runtime for the targeted environment): - - For first time execution, recommend setting to 0 - - For second execution, recommend setting to 2 - - Then set to the desired depth. + - For first time execution, recommend setting to 0 + - For second execution, recommend setting to 2 + - Then set to the desired depth. - - Set on the following **0.Collection** Job Group jobs: + - Set on the following **0.Collection** Job Group jobs: - - **1-FSAA System Scans** Job for Access Auditing - - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing + - **1-FSAA System Scans** Job for Access Auditing + - **1-SEEK System Scans** Job for Sensitive Data Discovery Auditing - SDD Criteria Settings page, scope to scan for specific criteria or customizing criteria for Sensitive Data Discovery Auditing - - Set on the **0.Collection** > **1-SEEK System Scans** Job + - Set on the **0.Collection** > **1-SEEK System Scans** Job - Activity Settings page, configure data retention period - - Recommendation to run with default setting of 60 days - - Set on the **0.Collection** > **1-FSAC System Scans** Job for Activity Auditing + - Recommendation to run with default setting of 60 days + - Set on the **0.Collection** > **1-FSAC System Scans** Job for Activity Auditing Analysis Configuration @@ -238,23 +238,23 @@ Though the analysis tasks should not be deselected, the following parameters can and users with large tokens. These parameters can be customized and are applicable to any solution, including File System, which incorporate this analyzed data into further analysis. - - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks + - Customize within **.Active Directory Inventory** > **3-AD_Exceptions** Job analysis tasks - Activity Exception parameters which identify potential security concerns - - Customize within **0.Collection** > **3-FSAC Exceptions** Job analysis tasks + - Customize within **0.Collection** > **3-FSAC Exceptions** Job analysis tasks - Broken inheritance is defined by default to only analyze resources with changed permissions from parent - - Customize within **3.Broken Inheritance** > **FS_BrokenInheritance** Job analysis task + - Customize within **3.Broken Inheritance** > **FS_BrokenInheritance** Job analysis task - Probable owner calculations include folder depth parameters - - Customize within **6.Probable Owner** > **FS_ProbableOwner** Job analysis task + - Customize within **6.Probable Owner** > **FS_ProbableOwner** Job analysis task - **NOTE:** Changes to an exception’s definition will impact all jobs dependent upon that - exception as well as all AIC Active Directory Exceptions reports. + **NOTE:** Changes to an exception’s definition will impact all jobs dependent upon that + exception as well as all AIC Active Directory Exceptions reports. There are also a few Notification analysis tasks which can be configured and then enabled in the following jobs: diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-resourcebasedgroupaicimport.md b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-resourcebasedgroupaicimport.md deleted file mode 100644 index bc303d8e35..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-resourcebasedgroupaicimport.md +++ /dev/null @@ -1,83 +0,0 @@ -# FS_ResourceBasedGroupAICImport Job - -The FS_ResorceBasedGroupsAICImport Job imports resources and access groups from the -FS_ResoureBasedGroup Job into the Netwrix Access Information Center. This job assigns ownership in -the Access Information Center and then assigns resource groups. This step is required if it is -desired to change access through entitlement reviews, self-service, or for publishing resources to -IAM. - -## Recommended Configurations for the FS_ResourceBasedGroupsAICImport Job - -Dependencies - -- The **FS_ResourceBasedGroups** job must be successfully run prior to running this job -- The **.Active Directory Inventory** > **1-AD_Scan** job must be successfully run prior to running - this job -- The **File System** > **0.Collection** > **1-FSAA System Scans** job must be successfully run - prior to running this job -- The **File System** > **0.Collection** > **2-FSAA Bulk Import** job must be successfully run prior - to running this job - -Targeted Hosts - -None - -Schedule Frequency - -This job group can be scheduled to run as desired. Throughout this document reference to executing a -job refers to either manual execution or scheduled execution, according to the needs of the -organization. See the -[Scheduling the Resource Based Groups Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overview.md#scheduling-the-resource-based-groups-job-group) -topic for additional information. - -History Retention - -Not supported - -Workflow - -**Step 1 –** Run the following jobs: - -- FS_ResourceBasedGroups -- .Active Directory Inventory > 1-AD_Scan -- File System > 0.Collection > 1-FSAA System Scans -- File System > 0.Collection > 2-FSAA Bulk Import - -**Step 2 –** Run the FS_ResourceBasedGroupsAICImport job. - -- See the [Run the FS_ResourceBasedGroupsAICImportJob](#run-the-fs_resourcebasedgroupsaicimportjob) - topic for additional information - -**Step 3 –** Review the newly-created resource based groups in the AIC. - -- See the - [Review the New Resource Based Groups in the AIC](#review-the-new-resource-based-groups-in-the-aic) - topic for additional information - -## Run the FS_ResourceBasedGroupsAICImportJob - -Now that the target environment follows a Resource Based Groups model, the new resources can be -imported into the Access Information Center. Follow the steps to import the new resources into the -AIC Ownership Workflow. - -**CAUTION:** It is important to run the .Active Directory Inventory Job Group and **File System** > -**0. Collection** Job Group again so that the AD and permissions changes are captured by Access -Analyzer. - -**Step 1 –** Run the **.Active Directory Inventory** Job Group and **FileSystem** > **0.Collection** -Job Group again. - -**Step 2 –** Right click the **FS_ResourceBasedGroupsAICImport** job and select **Run Job**. - -The newly created resource based groups are imported to the AIC. The Owner and Access Groups have -been assigned to the resources by the import process. The AIC can now be used to manage these -resources through Entitlement Reviews, Ad hoc owner changes, and the Self Service access portal. - -## Review the New Resource Based Groups in the AIC - -Use the Access Information Center **Manage Resource Ownership** to review the imported resources. -These resources with the assigned reviewers will now be in the Manage Owners table on the Resource -Owners interface. The next step is to confirm ownership through the Entitlement Review workflow and -the Self-Service Access Requests workflow. See the Resource Review and Access Requests topics in the -[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) -for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-resourcebasedgroups.md b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-resourcebasedgroups.md deleted file mode 100644 index 170af0cada..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-resourcebasedgroups.md +++ /dev/null @@ -1,314 +0,0 @@ -# FS_ResourceBasedGroups Job - -The FS_ResourceBasedGroups Job is designed to report on and take action against resources from -targeted file servers that can have their permissions structure transformed to a resource-based -group implementation. - -## Workflow - -**Step 1 –** Ensure that there is up-to-date **.Active Directory Inventory** Job Group data. - -**Step 2 –** Ensure that there is up-to-date **FileSystem** > **0.Collection** Job Group data. - -**Step 3 –** (Optional) Configure a Host List for the job at the job level. - -**NOTE:** If a host list is not configured, this job will analyze and commit actions on every File -System server known to Access Analyzer. To scope the actions to target specific servers, configure a -host list at the job level to target only those servers. - -**Step 4 –** Model the intended changes: - -- Configure the Analyze Group Permissions analysis task -- Verify that all actions are disabled - - **CAUTION:** Do not make configuration changes to the analysis tasks after reviewing and - approving the Change Modeling report - -- Execute the analysis tasks to generate the Change Modeling report and review the proposed changes -- See the [Model Intended Changes](#model-intended-changes) topic for additional information - -**Step 5 –** Configure and execute Active Directory actions: - -- Configure and enable the Create Groups action task -- Configure and enable the Update Members action task -- Execute the Active Directory actions -- See the - [Configure & Execute Active Directory Action Tasks](#configure--execute-active-directory-action-tasks) - topic for additional information - -**Step 6 –** Execute File System actions: - -- Allow an appropriate grace period for token refresh prior to executing File System action tasks, - for example one week -- Disable the Active Directory action tasks -- Enable the File System action tasks -- Execute the File System action tasks -- See the [Execute File System Action Tasks](#execute-file-system-action-tasks) topic for additional - information - -**Step 7 –** Analyze and report on action history: - -- Disable all action tasks. -- Generate the Action History report and review it. -- See the [Analyze and Report on Action History](#analyze-and-report-on-action-history) topic for - additional information - -Additional Options - -**Step 8 –** (Optional) Create and apply permissions for traverse groups based on previous resource -based groups. See the [FS_TraverseGroups Job](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-traversegroups.md) topic for additional -information. - -**Step 9 –** (Optional) Import resources and access groups from the FS_ResoureBasedGroup Job into -the Netwrix Access Information Center. See the -[FS_ResourceBasedGroupAICImport Job](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-resourcebasedgroupaicimport.md) topic for additional -information. - -## Model Intended Changes - -Prior to executing the actions to apply changes, the proposed changes can be modeled and reviewed to -determine if the parameters are configured as desired. - -### Configure the Analyze Group Permissions Analysis Task - -The Analyze Group Permissions analysis task in the FS_ResourceBasedGroups Job contains parameters -for group permissions that should be configured and then reviewed in the Change Modeling report. -View the analysis tasks by navigating to the **Jobs** > **FileSystem** > **ResourceBasedGroups** > -**FS_ResourceBasedGroups** > **Configure** node and select **Analysis**. - -![Analyze Group Permissions analysis task in the FS_ResourceBasedGroups Job](/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbganalysis.webp) - -- Analyze Group Permissions – Creates the FS_ResourceBasedGroups_NewACLs table accessible under the - job’s Results node. - - - This analysis task contains configurable parameters: #SA_Job_Hosts, @levels_down, - @naming_convention, @add_admin_groups, #folders, @activity_filter. - -Configure the following parameters. See the -[SQLscripting Analysis Module](/docs/accessanalyzer/12.0/analysis/sql-scripting.md) topic for additional -information. - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------------------- | --------------------------- | ---------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Analyze Group Permissions | #SA_Job_Hosts | | List of hosts that are associated with the job. The job acts against these hosts. Review the host list. If the host list requires updating, update the host list at the job level | -| Analyze Group Permissions | @levels_down | 0 | Number of levels down from share to root to assign permissions | -| Analyze Group Permissions | @naming_convention | FS*[HostName]*[ShareName]_[FolderName]_[Permissions] | Naming convention for resource based groups | -| Analyze Group Permissions | @add_admin_groups | 1 | Add full control admin groups. 1=true. 0=false. | -| Analyze Group Permissions | @admin_groups | | ObjectSIDs of admin groups to add to every share if @add_admin_groups = 1 | -| Analyze Group Permissions | #folders | | List of folders to assign RBG to. Overrides @levels_down. | -| Analyze Group Permissions | @activity_filter | 1000 | Filter out users with last activity older than X days ago. Will filter out users who have not accessed the folder within the specified threshold. If activity records show the user has never accessed the folder, users will still be included in resource based groups. | - -### Execute the Analysis Tasks - -Execute the analysis tasks to generate the Change Modeling report and review the proposed changed -prior to executing the actions to apply the changes. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Change Modeling | This report shows proposed changes of access for the targeted folders. | None | This report is comprised of three elements: - Pie Chart – Displays a proposed access changes summary - Table – Provides details on proposed access changes by share - Table – Provides details on access modification | - -The Change Modeling report should be used to gain acceptance on the following areas before -implementing the changes: - -- Group Naming Conventions -- Cases of Changed Access - -Access changes occur in the following cases: - -- The user is granted full access, but is not a member of the administrator group specified in the - analysis parameters -- The user is granted less access, but is a member of the administrator group specified in the - analysis parameters -- The user has not used access within the timeframe configured in the analysis parameters - -Follow the steps to model the proposed changes. - -**Step 1 –** Make sure all of the analysis tasks are enabled. - -**CAUTION:** Prior to executing the analysis tasks, make sure that all action tasks are disabled. -The purpose at this point is only to model the intended changes. - -**Step 2 –** In the Configure node, select **Actions** and make sure that all of the action tasks -are disabled. - -**Step 3 –** Right click on the **Resource Based Groups** folder and select **Run Group**. This will -generate the Change Modeling report. - -- Wait for the queued jobs to execute. - -**Step 4 –** In the **FS_ResourceBasedGroups** node, navigate to **Results** > **Change Modeling** -to review the proposed changes prior to executing the actions to apply the changes. - -The Change Modeling report has been created for review. Ensure the modeled changes are approved -before continuing with implementing them. - -## Configure & Execute Active Directory Action Tasks - -**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and -approved. The approved modeled changes are implemented through the execution of the action tasks. - -The Active Directory action tasks create and populate resource based groups. The Create Groups and -Update Members action tasks must be updated to specify a Target OU for group creation prior to -enabling and executing the actions. It should also be verified that these action tasks are targeting -the same domain controller. - -View the action tasks by navigating to the **Jobs** > **FileSystem** > **Resourced Based Groups** > -**FS_ResourceBasedGroups** > **Configure** node and select **Actions**. - -![Active Directory Action Tasks](/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp) - -There are the following two Active Directory action tasks: - -- Create Groups – Creates resource based groups -- Update Members – Adds members to the resource based groups based on permissions - -It is recommended to review the tables used by the actions prior to executing the actions. The -actions act upon the data within the following tables: - -- FS_ResourceBasedGroups_GroupsToCreate -- FS_ResourceBasedGroups_NewACLs - -The actions populate the Create Groups and Update Members tables, which can be viewed under the -job’s Results node. The FS_ResourceBasedGroups Job will run analysis tasks against these tables. - -### Configure & Enable the Create Groups Action Task - -Follow the steps to configure the Create Groups action task. - -**Step 1 –** Select the action and click **Action Properties**. - -**Step 2 –** On the Action Properties page, click **Configure Action**. - -**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Create Groups page. - -![AD Action Module Wizard Create Groups page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/creategroups.webp) - -**Step 4 –** In the OU box, select the OU where the groups will be created. - -**Step 5 –** Navigate to the Options page and verify that the domain controller used to create -groups is the same domain controller used in the Update Members action task. It is a best practice -to identify the domain controller that is closest to the file server and use that domain controller. - -**Step 6 –** Navigate to the Summary page and click **Finish**. - -**Step 7 –** On the Action Selection page, select the Create Groups action's checkbox to enable it. - -The Create Groups action is configured. - -### Configure & Enable the Update Members Action Task - -Follow the steps to configure the Create Groups action task. - -**Step 1 –** Select the action task and click **Action Properties**. - -**Step 2 –** On the Action Properties page, click **Configure Action**. - -**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Group Membership page. - -![AD Action Module Wizard Groups Membership page](/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp) - -**Step 4 –** On the Create Groups page, **Target Group by OU** is selected by default. In the OU -box, select the target OU. - -**Step 5 –** Navigate to the Options page and verify that the domain controller used to create -groups is the same domain controller used in the Create Groups action task. It is a best practice to -identify the domain controller that is closest to the file server and use that domain controller. - -**Step 6 –** Navigate to the Summary page and click **Finish**. - -**Step 7 –** On the Action Selection page, select the Update Members action's checkbox to enable it. - -The Update Members action is configured. - -### Execute Active Directory Action Tasks - -Make sure that the File System actions are deselected and execute the Active Directory action tasks. -The Create Groups action creates the resource based groups. The Update Members action populates -those groups. - -Enabled action tasks can be manually executed at the Actions node. Action tasks can be scheduled -only at the job level. - -Follow the steps to execute the AD actions. - -**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and -approved. The approved modeled changes are implemented through the execution of the action tasks. - -**_RECOMMENDED:_** Disable the analysis tasks. It is not necessary to collect the data again. - -**Step 1 –** On the Action Selection page, enable the **Create Groups** and **Update Members** -actions. - -**Step 2 –** Right-click on the **Resource Based Groups** folder and select **Run Group**. - -- Wait for the queued jobs to execute. - -The resource based groups are created and populated. - -## Execute File System Action Tasks - -**CAUTION:** Prior to executing the File System action tasks, allow a grace period, for example one -week. This is important for token refresh to occur as users log off and log on again. - -The File System actions modify folder permissions and break inheritance. The Modify Permissions and -Break Inheritance actions modules do not require any configuration. - -View the action tasks by navigating to the **Jobs** > **FileSystem** > **Resourced Based Groups** > -**FS_ResourceBasedGroups** > **Configure** node and select **Actions**. - -![File System action tasks](/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp) - -There are the following two File System action tasks: - -- Modify Permissions – Modifies folder permissions -- Break Inheritance – Breaks inheritance and remove all previous permissions - -It is recommended to review the tables used by the actions prior to executing the actions. The -actions act upon the data within the following table: - -- FS_ResourceBasedGroups_GroupsToCreate - -The actions populate the Modify Permissions and Break Inheritance tables, which can viewed under the -job’s Results node. The FS_ResourceBasedGroups Job will run analysis tasks against these tables. - -Follow the steps to execute the FS actions. - -**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and -approved. The approved modeled changes are implemented through the execution of the action tasks. - -**Step 1 –** On the Action Selection page, disable the **Create Groups** and **Update Members** -actions. - -**Step 2 –** Enable the **Modify Permissions** and **Break Inheritance** actions. - -**Step 3 –** Right-click on the **Resource Based Groups** folder and select **Run Group**. - -- Wait for the queued jobs to execute. - -The File System action tasks assign all of the newly-created groups to File System resources with -the configured permissions. All other permissions will have been removed from the resources. - -## Analyze and Report on Action History - -The Action History report generated by the job shows all actions taken on each share for audit trail -purposes. - -| Report | Description | Default Tags | Report Elements | -| -------------- | --------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------- | -| Action History | This report shows all actions taken on each share for audit trail purposes. | None | This report is comprised of one element: - Table – This table provides details on the actions taken on each share | - -Follow the steps to analyze and report on action history. - -**CAUTION:** Disable all of the action tasks prior to generating the Action History report. - -**Step 1 –** On the Action Selection page, disable the **Modify Permissions** and **Break -Inheritance** actions. Make sure all of the action tasks are disabled. - -**Step 2 –** On the Analysis Selection page, enable the **Create view for action status** and -**Summarize Access Changes** analysis tasks. - -**Step 3 –** Run the job to generate the Action History report and review the actions taken on each -share. - -The organization of the users and their permissions now follows a least privileged access (resource -based groups) model. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-traversegroups.md b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-traversegroups.md deleted file mode 100644 index 90b53f9ce0..0000000000 --- a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-traversegroups.md +++ /dev/null @@ -1,231 +0,0 @@ -# FS_TraverseGroups Job - -The **FS_TraverseGroups** Job can be used to create and apply permissions for traverse groups based -on previous resource based groups. This job would be used in the case where the folder to which -resource based groups permissions are applied is not the root share folder, or at the root of the -share. This job prevents users from losing the ability to navigate through the directory structure -if the folder is nested. The FS_TraverseGroups Job must be installed from the Instant Job library. -See the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for additional information. - -## Recommended Configurations for the FS_TraverseGroups Job - -Dependencies - -- The **FS_ResourceBasedGroups** job must be successfully run prior to running this job - -Targeted Hosts - -- None – If targeting all file servers known to Access Analyzer -- Scope the actions to a host list – If targeting specific file servers - -Schedule Frequency - -This job can be scheduled to run as desired. Throughout this document reference to executing a job -refers to either manual execution or scheduled execution, according to the needs of the -organization. See the [Scheduling the Resource Based Groups Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overview.md#scheduling-the-resource-based-groups-job-group) topic for additional information. - -History Retention - -Not supported - -Workflow - -**Step 1 –** Run the **FS_ResourceBasedGroups** job. - -**Step 2 –** Configure a Host List for the job at the job level. - -**NOTE:** If a host list is not configured, this job will analyze and commit actions on every File -System server known to Access Analyzer. To scope the actions to target specific servers, configure a -host list at the job level to target only those servers. - -**Step 3 –** Configure and execute analysis tasks. - -- Configure the Create Groups analysis task -- Execute the analysis tasks -- See the [Configure & Execute Analysis Tasks](#configure--execute-analysis-tasks) topic for - additional information - -**Step 4 –** Configure and execute Active Directory action task. - -- Configure & Enable the Create Groups action task -- Execute the Create Groups action task -- See the - [Configure & Execute Active Directory Action Task](#configure--execute-active-directory-action-task) - topic for additional information - -**Step 5 –** Execute File System action task. - -- Allow an appropriate grace period for token refresh prior to executing File System action task, - for example one week -- Disable the Active Directory action task -- Enable the Modify Permissions action task -- Execute the Modify Permissions action task -- See the [Execute File System Action Task](#execute-file-system-action-task) topic for additional - information - -**Step 6 –** Generate and review the List Traverse Group Changes report. - -- See the - [Generate the List Traverse Group Changes Report](#generate-the-list-traverse-group-changes-report) - topic for additional information - -## Configure & Execute Analysis Tasks - -Prior to executing the action tasks, configure and execute the analysis tasks. - -### Configure the Create Groups Analysis Task - -View the analysis tasks by navigating to the place in the Jobs tree where the Traverse Groups job -was installed from the Instant Jobs library. Then go to the **FS_TraverseGroups** > **Configure** -node and select **Analysis**. The Create Groups analysis task contains an analysis parameter that -should be configured to set the naming convention for list groups. - -![FS_TraverseGroups analysis tasks](/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp) - -The job has the following analysis tasks: - -- Create Groups – Creates the FS_ListTraverseGroups_NewGroups table accessible under the job’s - Results node - - - This analysis task contains a configurable parameter: @naming_convention - -- Show Table – Displays the FS_ListTraverseGroups_NewPermissions table accessible under the job’s - Results node -- Show Table – Displays the FS_ListTraverseGroups_NewGroups table accessible under the job’s Results - node - -| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | -| ------------- | --------------------------- | --------------------------------------------- | --------------------------------- | -| Create Groups | @naming_convention | FS*[HostName]*[ShareName]\_[FolderName]\_List | Naming convention for list groups | - -For instructions on configuring analysis parameters, see the -[SQLscripting Analysis Module](/docs/accessanalyzer/12.0/analysis/sql-scripting.md) topic. - -### Execute Analysis Tasks - -Once the Create Groups analysis task has been configured, execute the analysis tasks. The analysis -tasks are selected by default. Follow the steps to execute the analysis tasks. - -**Step 1 –** Make sure all of the analysis tasks are enabled. - -**CAUTION:** Prior to executing the analysis tasks, make sure that all action tasks are disabled. -The purpose at this point is only to create the required traversal tables. - -**Step 2 –** In the Configure node, select **Actions** and make sure that all of the action tasks -are disabled. - -**Step 3 –** Right click on the **FS_TraverseGroups** job and select **Run Job**. This will generate -the Change Modeling report. - -- Wait for the queued jobs to execute. - -The analysis tasks create the required traversal tables accessible under the job’s Results node. - -## Configure & Execute Active Directory Action Task - -The Active Directory action tasks create and populate resource based groups. The Create Groups -action tasks must be updated to specify a Target OU for group creation prior to enabling and -executing the actions. It should also be verified that the action tasks are targeting the same -domain controller. View the actions by navigating to the place in the Jobs tree where the Traverse -Groups job was installed from the Instant Jobs library. Then go to the **FS_TraverseGroups** > -**Configure** node and select **Actions**. The Create Groups action task must be configured to -specify the OU for group creation. - -**_RECOMMENDED:_** It is recommended to execute the actions one at a time and in order as opposed to -running the entire job group with the actions enabled. - -![FS_TraverseGroups action tasks](/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseactions.webp) - -There are the following action tasks: - -- Create Groups – Create groups and add resource based groups -- Modify Permissions – Add list groups - -It is recommended to review the tables used by the actions prior to executing the actions. For -instructions on configuring action tables, see the -[Configure & Enable the Create Groups Action Task](#configure--enable-the-create-groups-action-task) -topic. The actions act upon the data within the following tables: - -- FS_ListTraverseGroups_NewGroups -- FS_ListTraverseGroups_NewPermissions - -These tables can be viewed under the job’s Results node. The FS_TraverseGroups Job will run analysis -tasks against these tables. - -### Configure & Enable the Create Groups Action Task - -Follow the steps to configure the Create Groups action task. - -**Step 1 –** Select the action and click **Action Properties**. - -**Step 2 –** On the Action Properties page, click **Configure Action**. - -**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Create Groups page. - -![AD Action Module Wizard Create Groups page](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/creategroups.webp) - -**Step 4 –** In the OU box, select the OU where the groups will be created. - -**Step 5 –** Navigate to the Options page and verify that the domain controller used to create -groups is the same domain controller used in the Update Members action task. - -**Step 6 –** Navigate to the Summary page and click **Finish**. - -### Execute Active Directory Action Task - -The Create Groups action creates the resource based groups. Enabled action tasks can be manually -executed at the Actions node. Action tasks can be scheduled only at the job level. Follow the steps -to create the resource based groups. - -**Step 1 –** On the Action Selection page, enable the **Create Groups** action task. - -**Step 2 –** Right-click on the **FS_TraverseGroups** job and select **Run Job**. - -- Wait for the queued job to execute - -The resource based groups are created and populated. - -## Execute File System Action Task - -Once the Create Groups action has been executed, the Modify Permissions action can be executed. -Follow the steps to execute the action. - -**CAUTION:** Prior to executing the File System action tasks, allow a grace period, for example one -week. This is important for token refresh to occur as users log off and log on again. - -**Step 1 –** On the Action Selection page, disable the **Create Groups** action task. - -**Step 2 –** Enable the **Modify Permissions** action task. - -**Step 3 –** Right-click on the **FS_TraverseGroups** job and select Run Job. - -- Wait for the queued job to execute. - -The Modify Permissions action task assigns all of the newly-created groups to File System resources -with the configured permissions. All other permissions will have been removed from the resources. - -## Generate the List Traverse Group Changes Report - -The Generate the List Traverse Group Changes report displays a list of changes made in the -environment by the action modules. - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | -| List Traverse Group Changes | This report shows a list of changes made in the environment by the action modules. | None | This report is comprised of one elements: - Table – This table provides details on the changes made to the environment by the action modules | - - Follow the steps to analyze and report on action history. - -**CAUTION:** Disable all of the action tasks prior to generating the List Traverse Group Changes -report. - -**Step 1 –** On the Action Selection page, disable the **Modify Permissions** action task. Make sure -all of the action tasks are disabled. - -**Step 2 –** On the Analysis Selection page, enable the **Create Groups** and both **Show Table** -analysis tasks. - -**Step 3 –** Run the job to generate the Action History report and review the actions taken on each -share. - -The permissions for traverse groups are applied based on the previously created resource based -groups. Users retain access to nested folders. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroupaicimport.md b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroupaicimport.md new file mode 100644 index 0000000000..77ff9cf298 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroupaicimport.md @@ -0,0 +1,83 @@ +# FS_ResourceBasedGroupAICImport Job + +The FS_ResorceBasedGroupsAICImport Job imports resources and access groups from the +FS_ResoureBasedGroup Job into the Netwrix Access Information Center. This job assigns ownership in +the Access Information Center and then assigns resource groups. This step is required if it is +desired to change access through entitlement reviews, self-service, or for publishing resources to +IAM. + +## Recommended Configurations for the FS_ResourceBasedGroupsAICImport Job + +Dependencies + +- The **FS_ResourceBasedGroups** job must be successfully run prior to running this job +- The **.Active Directory Inventory** > **1-AD_Scan** job must be successfully run prior to running + this job +- The **File System** > **0.Collection** > **1-FSAA System Scans** job must be successfully run + prior to running this job +- The **File System** > **0.Collection** > **2-FSAA Bulk Import** job must be successfully run prior + to running this job + +Targeted Hosts + +None + +Schedule Frequency + +This job group can be scheduled to run as desired. Throughout this document reference to executing a +job refers to either manual execution or scheduled execution, according to the needs of the +organization. See the +[Scheduling the Resource Based Groups Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overview#scheduling-the-resource-based-groups-job-group) +topic for additional information. + +History Retention + +Not supported + +Workflow + +**Step 1 –** Run the following jobs: + +- FS_ResourceBasedGroups +- .Active Directory Inventory > 1-AD_Scan +- File System > 0.Collection > 1-FSAA System Scans +- File System > 0.Collection > 2-FSAA Bulk Import + +**Step 2 –** Run the FS_ResourceBasedGroupsAICImport job. + +- See the [Run the FS_ResourceBasedGroupsAICImportJob](#run-the-fs_resourcebasedgroupsaicimportjob) + topic for additional information + +**Step 3 –** Review the newly-created resource based groups in the AIC. + +- See the + [Review the New Resource Based Groups in the AIC](#review-the-new-resource-based-groups-in-the-aic) + topic for additional information + +## Run the FS_ResourceBasedGroupsAICImportJob + +Now that the target environment follows a Resource Based Groups model, the new resources can be +imported into the Access Information Center. Follow the steps to import the new resources into the +AIC Ownership Workflow. + +**CAUTION:** It is important to run the .Active Directory Inventory Job Group and **File System** > +**0. Collection** Job Group again so that the AD and permissions changes are captured by Access +Analyzer. + +**Step 1 –** Run the **.Active Directory Inventory** Job Group and **FileSystem** > **0.Collection** +Job Group again. + +**Step 2 –** Right click the **FS_ResourceBasedGroupsAICImport** job and select **Run Job**. + +The newly created resource based groups are imported to the AIC. The Owner and Access Groups have +been assigned to the resources by the import process. The AIC can now be used to manage these +resources through Entitlement Reviews, Ad hoc owner changes, and the Self Service access portal. + +## Review the New Resource Based Groups in the AIC + +Use the Access Information Center **Manage Resource Ownership** to review the imported resources. +These resources with the assigned reviewers will now be in the Manage Owners table on the Resource +Owners interface. The next step is to confirm ownership through the Entitlement Review workflow and +the Self-Service Access Requests workflow. See the Resource Review and Access Requests topics in the +[Netwrix Access Information Center Documentation](https://helpcenter.netwrix.com/category/accessinformationcenter) +for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroups.md b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroups.md new file mode 100644 index 0000000000..f811e01f2b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroups.md @@ -0,0 +1,314 @@ +# FS_ResourceBasedGroups Job + +The FS_ResourceBasedGroups Job is designed to report on and take action against resources from +targeted file servers that can have their permissions structure transformed to a resource-based +group implementation. + +## Workflow + +**Step 1 –** Ensure that there is up-to-date **.Active Directory Inventory** Job Group data. + +**Step 2 –** Ensure that there is up-to-date **FileSystem** > **0.Collection** Job Group data. + +**Step 3 –** (Optional) Configure a Host List for the job at the job level. + +**NOTE:** If a host list is not configured, this job will analyze and commit actions on every File +System server known to Access Analyzer. To scope the actions to target specific servers, configure a +host list at the job level to target only those servers. + +**Step 4 –** Model the intended changes: + +- Configure the Analyze Group Permissions analysis task +- Verify that all actions are disabled + + **CAUTION:** Do not make configuration changes to the analysis tasks after reviewing and + approving the Change Modeling report + +- Execute the analysis tasks to generate the Change Modeling report and review the proposed changes +- See the [Model Intended Changes](#model-intended-changes) topic for additional information + +**Step 5 –** Configure and execute Active Directory actions: + +- Configure and enable the Create Groups action task +- Configure and enable the Update Members action task +- Execute the Active Directory actions +- See the + [Configure & Execute Active Directory Action Tasks](#configure--execute-active-directory-action-tasks) + topic for additional information + +**Step 6 –** Execute File System actions: + +- Allow an appropriate grace period for token refresh prior to executing File System action tasks, + for example one week +- Disable the Active Directory action tasks +- Enable the File System action tasks +- Execute the File System action tasks +- See the [Execute File System Action Tasks](#execute-file-system-action-tasks) topic for additional + information + +**Step 7 –** Analyze and report on action history: + +- Disable all action tasks. +- Generate the Action History report and review it. +- See the [Analyze and Report on Action History](#analyze-and-report-on-action-history) topic for + additional information + +Additional Options + +**Step 8 –** (Optional) Create and apply permissions for traverse groups based on previous resource +based groups. See the [FS_TraverseGroups Job](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_traversegroups.md) topic for additional +information. + +**Step 9 –** (Optional) Import resources and access groups from the FS_ResoureBasedGroup Job into +the Netwrix Access Information Center. See the +[FS_ResourceBasedGroupAICImport Job](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroupaicimport.md) topic for additional +information. + +## Model Intended Changes + +Prior to executing the actions to apply changes, the proposed changes can be modeled and reviewed to +determine if the parameters are configured as desired. + +### Configure the Analyze Group Permissions Analysis Task + +The Analyze Group Permissions analysis task in the FS_ResourceBasedGroups Job contains parameters +for group permissions that should be configured and then reviewed in the Change Modeling report. +View the analysis tasks by navigating to the **Jobs** > **FileSystem** > **ResourceBasedGroups** > +**FS_ResourceBasedGroups** > **Configure** node and select **Analysis**. + +![Analyze Group Permissions analysis task in the FS_ResourceBasedGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbganalysis.webp) + +- Analyze Group Permissions – Creates the FS_ResourceBasedGroups_NewACLs table accessible under the + job’s Results node. + + - This analysis task contains configurable parameters: #SA_Job_Hosts, @levels_down, + @naming_convention, @add_admin_groups, #folders, @activity_filter. + +Configure the following parameters. See the +[SQLscripting Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/sqlscripting.md) topic for additional +information. + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------------------- | --------------------------- | ---------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Analyze Group Permissions | #SA_Job_Hosts | | List of hosts that are associated with the job. The job acts against these hosts. Review the host list. If the host list requires updating, update the host list at the job level | +| Analyze Group Permissions | @levels_down | 0 | Number of levels down from share to root to assign permissions | +| Analyze Group Permissions | @naming_convention | FS*[HostName]*[ShareName]_[FolderName]_[Permissions] | Naming convention for resource based groups | +| Analyze Group Permissions | @add_admin_groups | 1 | Add full control admin groups. 1=true. 0=false. | +| Analyze Group Permissions | @admin_groups | | ObjectSIDs of admin groups to add to every share if @add_admin_groups = 1 | +| Analyze Group Permissions | #folders | | List of folders to assign RBG to. Overrides @levels_down. | +| Analyze Group Permissions | @activity_filter | 1000 | Filter out users with last activity older than X days ago. Will filter out users who have not accessed the folder within the specified threshold. If activity records show the user has never accessed the folder, users will still be included in resource based groups. | + +### Execute the Analysis Tasks + +Execute the analysis tasks to generate the Change Modeling report and review the proposed changed +prior to executing the actions to apply the changes. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Change Modeling | This report shows proposed changes of access for the targeted folders. | None | This report is comprised of three elements: - Pie Chart – Displays a proposed access changes summary - Table – Provides details on proposed access changes by share - Table – Provides details on access modification | + +The Change Modeling report should be used to gain acceptance on the following areas before +implementing the changes: + +- Group Naming Conventions +- Cases of Changed Access + +Access changes occur in the following cases: + +- The user is granted full access, but is not a member of the administrator group specified in the + analysis parameters +- The user is granted less access, but is a member of the administrator group specified in the + analysis parameters +- The user has not used access within the timeframe configured in the analysis parameters + +Follow the steps to model the proposed changes. + +**Step 1 –** Make sure all of the analysis tasks are enabled. + +**CAUTION:** Prior to executing the analysis tasks, make sure that all action tasks are disabled. +The purpose at this point is only to model the intended changes. + +**Step 2 –** In the Configure node, select **Actions** and make sure that all of the action tasks +are disabled. + +**Step 3 –** Right click on the **Resource Based Groups** folder and select **Run Group**. This will +generate the Change Modeling report. + +- Wait for the queued jobs to execute. + +**Step 4 –** In the **FS_ResourceBasedGroups** node, navigate to **Results** > **Change Modeling** +to review the proposed changes prior to executing the actions to apply the changes. + +The Change Modeling report has been created for review. Ensure the modeled changes are approved +before continuing with implementing them. + +## Configure & Execute Active Directory Action Tasks + +**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and +approved. The approved modeled changes are implemented through the execution of the action tasks. + +The Active Directory action tasks create and populate resource based groups. The Create Groups and +Update Members action tasks must be updated to specify a Target OU for group creation prior to +enabling and executing the actions. It should also be verified that these action tasks are targeting +the same domain controller. + +View the action tasks by navigating to the **Jobs** > **FileSystem** > **Resourced Based Groups** > +**FS_ResourceBasedGroups** > **Configure** node and select **Actions**. + +![Active Directory Action Tasks](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp) + +There are the following two Active Directory action tasks: + +- Create Groups – Creates resource based groups +- Update Members – Adds members to the resource based groups based on permissions + +It is recommended to review the tables used by the actions prior to executing the actions. The +actions act upon the data within the following tables: + +- FS_ResourceBasedGroups_GroupsToCreate +- FS_ResourceBasedGroups_NewACLs + +The actions populate the Create Groups and Update Members tables, which can be viewed under the +job’s Results node. The FS_ResourceBasedGroups Job will run analysis tasks against these tables. + +### Configure & Enable the Create Groups Action Task + +Follow the steps to configure the Create Groups action task. + +**Step 1 –** Select the action and click **Action Properties**. + +**Step 2 –** On the Action Properties page, click **Configure Action**. + +**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Create Groups page. + +![AD Action Module Wizard Create Groups page](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/creategroups.webp) + +**Step 4 –** In the OU box, select the OU where the groups will be created. + +**Step 5 –** Navigate to the Options page and verify that the domain controller used to create +groups is the same domain controller used in the Update Members action task. It is a best practice +to identify the domain controller that is closest to the file server and use that domain controller. + +**Step 6 –** Navigate to the Summary page and click **Finish**. + +**Step 7 –** On the Action Selection page, select the Create Groups action's checkbox to enable it. + +The Create Groups action is configured. + +### Configure & Enable the Update Members Action Task + +Follow the steps to configure the Create Groups action task. + +**Step 1 –** Select the action task and click **Action Properties**. + +**Step 2 –** On the Action Properties page, click **Configure Action**. + +**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Group Membership page. + +![AD Action Module Wizard Groups Membership page](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp) + +**Step 4 –** On the Create Groups page, **Target Group by OU** is selected by default. In the OU +box, select the target OU. + +**Step 5 –** Navigate to the Options page and verify that the domain controller used to create +groups is the same domain controller used in the Create Groups action task. It is a best practice to +identify the domain controller that is closest to the file server and use that domain controller. + +**Step 6 –** Navigate to the Summary page and click **Finish**. + +**Step 7 –** On the Action Selection page, select the Update Members action's checkbox to enable it. + +The Update Members action is configured. + +### Execute Active Directory Action Tasks + +Make sure that the File System actions are deselected and execute the Active Directory action tasks. +The Create Groups action creates the resource based groups. The Update Members action populates +those groups. + +Enabled action tasks can be manually executed at the Actions node. Action tasks can be scheduled +only at the job level. + +Follow the steps to execute the AD actions. + +**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and +approved. The approved modeled changes are implemented through the execution of the action tasks. + +**_RECOMMENDED:_** Disable the analysis tasks. It is not necessary to collect the data again. + +**Step 1 –** On the Action Selection page, enable the **Create Groups** and **Update Members** +actions. + +**Step 2 –** Right-click on the **Resource Based Groups** folder and select **Run Group**. + +- Wait for the queued jobs to execute. + +The resource based groups are created and populated. + +## Execute File System Action Tasks + +**CAUTION:** Prior to executing the File System action tasks, allow a grace period, for example one +week. This is important for token refresh to occur as users log off and log on again. + +The File System actions modify folder permissions and break inheritance. The Modify Permissions and +Break Inheritance actions modules do not require any configuration. + +View the action tasks by navigating to the **Jobs** > **FileSystem** > **Resourced Based Groups** > +**FS_ResourceBasedGroups** > **Configure** node and select **Actions**. + +![File System action tasks](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp) + +There are the following two File System action tasks: + +- Modify Permissions – Modifies folder permissions +- Break Inheritance – Breaks inheritance and remove all previous permissions + +It is recommended to review the tables used by the actions prior to executing the actions. The +actions act upon the data within the following table: + +- FS_ResourceBasedGroups_GroupsToCreate + +The actions populate the Modify Permissions and Break Inheritance tables, which can viewed under the +job’s Results node. The FS_ResourceBasedGroups Job will run analysis tasks against these tables. + +Follow the steps to execute the FS actions. + +**CAUTION:** Do not modify the analysis tasks after the Change Modeling report has been reviewed and +approved. The approved modeled changes are implemented through the execution of the action tasks. + +**Step 1 –** On the Action Selection page, disable the **Create Groups** and **Update Members** +actions. + +**Step 2 –** Enable the **Modify Permissions** and **Break Inheritance** actions. + +**Step 3 –** Right-click on the **Resource Based Groups** folder and select **Run Group**. + +- Wait for the queued jobs to execute. + +The File System action tasks assign all of the newly-created groups to File System resources with +the configured permissions. All other permissions will have been removed from the resources. + +## Analyze and Report on Action History + +The Action History report generated by the job shows all actions taken on each share for audit trail +purposes. + +| Report | Description | Default Tags | Report Elements | +| -------------- | --------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------- | +| Action History | This report shows all actions taken on each share for audit trail purposes. | None | This report is comprised of one element: - Table – This table provides details on the actions taken on each share | + +Follow the steps to analyze and report on action history. + +**CAUTION:** Disable all of the action tasks prior to generating the Action History report. + +**Step 1 –** On the Action Selection page, disable the **Modify Permissions** and **Break +Inheritance** actions. Make sure all of the action tasks are disabled. + +**Step 2 –** On the Analysis Selection page, enable the **Create view for action status** and +**Summarize Access Changes** analysis tasks. + +**Step 3 –** Run the job to generate the Action History report and review the actions taken on each +share. + +The organization of the users and their permissions now follows a least privileged access (resource +based groups) model. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_traversegroups.md b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_traversegroups.md new file mode 100644 index 0000000000..6eee706882 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_traversegroups.md @@ -0,0 +1,234 @@ +# FS_TraverseGroups Job + +The **FS_TraverseGroups** Job can be used to create and apply permissions for traverse groups based +on previous resource based groups. This job would be used in the case where the folder to which +resource based groups permissions are applied is not the root share folder, or at the root of the +share. This job prevents users from losing the ability to navigate through the directory structure +if the folder is nested. The FS_TraverseGroups Job must be installed from the Instant Job library. +See the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview) topic for additional +information. + +## Recommended Configurations for the FS_TraverseGroups Job + +Dependencies + +- The **FS_ResourceBasedGroups** job must be successfully run prior to running this job + +Targeted Hosts + +- None – If targeting all file servers known to Access Analyzer +- Scope the actions to a host list – If targeting specific file servers + +Schedule Frequency + +This job can be scheduled to run as desired. Throughout this document reference to executing a job +refers to either manual execution or scheduled execution, according to the needs of the +organization. See the +[Scheduling the Resource Based Groups Job Group](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overview#scheduling-the-resource-based-groups-job-group) +topic for additional information. + +History Retention + +Not supported + +Workflow + +**Step 1 –** Run the **FS_ResourceBasedGroups** job. + +**Step 2 –** Configure a Host List for the job at the job level. + +**NOTE:** If a host list is not configured, this job will analyze and commit actions on every File +System server known to Access Analyzer. To scope the actions to target specific servers, configure a +host list at the job level to target only those servers. + +**Step 3 –** Configure and execute analysis tasks. + +- Configure the Create Groups analysis task +- Execute the analysis tasks +- See the [Configure & Execute Analysis Tasks](#configure--execute-analysis-tasks) topic for + additional information + +**Step 4 –** Configure and execute Active Directory action task. + +- Configure & Enable the Create Groups action task +- Execute the Create Groups action task +- See the + [Configure & Execute Active Directory Action Task](#configure--execute-active-directory-action-task) + topic for additional information + +**Step 5 –** Execute File System action task. + +- Allow an appropriate grace period for token refresh prior to executing File System action task, + for example one week +- Disable the Active Directory action task +- Enable the Modify Permissions action task +- Execute the Modify Permissions action task +- See the [Execute File System Action Task](#execute-file-system-action-task) topic for additional + information + +**Step 6 –** Generate and review the List Traverse Group Changes report. + +- See the + [Generate the List Traverse Group Changes Report](#generate-the-list-traverse-group-changes-report) + topic for additional information + +## Configure & Execute Analysis Tasks + +Prior to executing the action tasks, configure and execute the analysis tasks. + +### Configure the Create Groups Analysis Task + +View the analysis tasks by navigating to the place in the Jobs tree where the Traverse Groups job +was installed from the Instant Jobs library. Then go to the **FS_TraverseGroups** > **Configure** +node and select **Analysis**. The Create Groups analysis task contains an analysis parameter that +should be configured to set the naming convention for list groups. + +![FS_TraverseGroups analysis tasks](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp) + +The job has the following analysis tasks: + +- Create Groups – Creates the FS_ListTraverseGroups_NewGroups table accessible under the job’s + Results node + + - This analysis task contains a configurable parameter: @naming_convention + +- Show Table – Displays the FS_ListTraverseGroups_NewPermissions table accessible under the job’s + Results node +- Show Table – Displays the FS_ListTraverseGroups_NewGroups table accessible under the job’s Results + node + +| Analysis Task | Customizable Parameter Name | Default Value | Value Indicates | +| ------------- | --------------------------- | --------------------------------------------- | --------------------------------- | +| Create Groups | @naming_convention | FS*[HostName]*[ShareName]\_[FolderName]\_List | Naming convention for list groups | + +For instructions on configuring analysis parameters, see the +[SQLscripting Analysis Module](/docs/accessanalyzer/12.0/admin/analysis/sqlscripting.md) topic. + +### Execute Analysis Tasks + +Once the Create Groups analysis task has been configured, execute the analysis tasks. The analysis +tasks are selected by default. Follow the steps to execute the analysis tasks. + +**Step 1 –** Make sure all of the analysis tasks are enabled. + +**CAUTION:** Prior to executing the analysis tasks, make sure that all action tasks are disabled. +The purpose at this point is only to create the required traversal tables. + +**Step 2 –** In the Configure node, select **Actions** and make sure that all of the action tasks +are disabled. + +**Step 3 –** Right click on the **FS_TraverseGroups** job and select **Run Job**. This will generate +the Change Modeling report. + +- Wait for the queued jobs to execute. + +The analysis tasks create the required traversal tables accessible under the job’s Results node. + +## Configure & Execute Active Directory Action Task + +The Active Directory action tasks create and populate resource based groups. The Create Groups +action tasks must be updated to specify a Target OU for group creation prior to enabling and +executing the actions. It should also be verified that the action tasks are targeting the same +domain controller. View the actions by navigating to the place in the Jobs tree where the Traverse +Groups job was installed from the Instant Jobs library. Then go to the **FS_TraverseGroups** > +**Configure** node and select **Actions**. The Create Groups action task must be configured to +specify the OU for group creation. + +**_RECOMMENDED:_** It is recommended to execute the actions one at a time and in order as opposed to +running the entire job group with the actions enabled. + +![FS_TraverseGroups action tasks](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/traverseactions.webp) + +There are the following action tasks: + +- Create Groups – Create groups and add resource based groups +- Modify Permissions – Add list groups + +It is recommended to review the tables used by the actions prior to executing the actions. For +instructions on configuring action tables, see the +[Configure & Enable the Create Groups Action Task](#configure--enable-the-create-groups-action-task) +topic. The actions act upon the data within the following tables: + +- FS_ListTraverseGroups_NewGroups +- FS_ListTraverseGroups_NewPermissions + +These tables can be viewed under the job’s Results node. The FS_TraverseGroups Job will run analysis +tasks against these tables. + +### Configure & Enable the Create Groups Action Task + +Follow the steps to configure the Create Groups action task. + +**Step 1 –** Select the action and click **Action Properties**. + +**Step 2 –** On the Action Properties page, click **Configure Action**. + +**Step 3 –** In the Active Directory Action Module Wizard, navigate to the Create Groups page. + +![AD Action Module Wizard Create Groups page](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/creategroups.webp) + +**Step 4 –** In the OU box, select the OU where the groups will be created. + +**Step 5 –** Navigate to the Options page and verify that the domain controller used to create +groups is the same domain controller used in the Update Members action task. + +**Step 6 –** Navigate to the Summary page and click **Finish**. + +### Execute Active Directory Action Task + +The Create Groups action creates the resource based groups. Enabled action tasks can be manually +executed at the Actions node. Action tasks can be scheduled only at the job level. Follow the steps +to create the resource based groups. + +**Step 1 –** On the Action Selection page, enable the **Create Groups** action task. + +**Step 2 –** Right-click on the **FS_TraverseGroups** job and select **Run Job**. + +- Wait for the queued job to execute + +The resource based groups are created and populated. + +## Execute File System Action Task + +Once the Create Groups action has been executed, the Modify Permissions action can be executed. +Follow the steps to execute the action. + +**CAUTION:** Prior to executing the File System action tasks, allow a grace period, for example one +week. This is important for token refresh to occur as users log off and log on again. + +**Step 1 –** On the Action Selection page, disable the **Create Groups** action task. + +**Step 2 –** Enable the **Modify Permissions** action task. + +**Step 3 –** Right-click on the **FS_TraverseGroups** job and select Run Job. + +- Wait for the queued job to execute. + +The Modify Permissions action task assigns all of the newly-created groups to File System resources +with the configured permissions. All other permissions will have been removed from the resources. + +## Generate the List Traverse Group Changes Report + +The Generate the List Traverse Group Changes report displays a list of changes made in the +environment by the action modules. + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ---------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------- | +| List Traverse Group Changes | This report shows a list of changes made in the environment by the action modules. | None | This report is comprised of one elements: - Table – This table provides details on the changes made to the environment by the action modules | + + Follow the steps to analyze and report on action history. + +**CAUTION:** Disable all of the action tasks prior to generating the List Traverse Group Changes +report. + +**Step 1 –** On the Action Selection page, disable the **Modify Permissions** action task. Make sure +all of the action tasks are disabled. + +**Step 2 –** On the Analysis Selection page, enable the **Create Groups** and both **Show Table** +analysis tasks. + +**Step 3 –** Run the job to generate the Action History report and review the actions taken on each +share. + +The permissions for traverse groups are applied based on the previously created resource based +groups. Users retain access to nested folders. diff --git a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overview.md b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overview.md index b299acedae..5692110933 100644 --- a/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overview.md +++ b/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overview.md @@ -27,13 +27,13 @@ The **File System** > **Resource Based Groups** Job Group is a separately licens Access Analyzer File System solution set. Typically this job group is added during installation, but it can be installed from the Instant Job Wizard. -![Resource Based Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Resource Based Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/jobstree.webp) Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > **FileSystem** > **Resource Based Groups**. The FS_TraverseGroups Job and the FS_ResourceBasedGroupsAICImport Job must be installed from the -Instant Job library. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic +Instant Job library. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional information. ## Jobs @@ -41,16 +41,16 @@ for additional information. The Resource Based Groups Job Group will transform permissions on specified folders to a resource based groups model. -![Job Group Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![Job Group Overview page](/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overviewpage.webp) The following jobs comprise the Resource Based Groups Job Group: -- [FS_ResourceBasedGroups Job](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-resourcebasedgroups.md) – This job will transform permission on +- [FS_ResourceBasedGroups Job](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroups.md) – This job will transform permission on specified folders to a resource based groups model -- [FS_TraverseGroups Job](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-traversegroups.md) – (Optional) This job can be used to create and +- [FS_TraverseGroups Job](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_traversegroups.md) – (Optional) This job can be used to create and apply permissions for traverse groups based on previous resource based groups. The FS_TraverseGroupsJob must be added from the Instant Job Library in order to be used. -- [FS_ResourceBasedGroupAICImport Job](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs-resourcebasedgroupaicimport.md) – (Optional) This job +- [FS_ResourceBasedGroupAICImport Job](/docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/fs_resourcebasedgroupaicimport.md) – (Optional) This job imports resources and access groups from the FS_ResoureBasedGroup Job into the Netwrix Access Information Center. The FS_ResourceBasedGroupsAICImport Job must be added from the Instant Job Library to be used. @@ -85,7 +85,7 @@ Netwrix recommends that the job be run by a scheduled task with an unlimited tim job will not be aborted when an interactive session is ended due to logoff (a logoff based on inactivity is common in enterprise environments). Netwrix also recommends that the job only be scheduled for discrete one-time runs so that results may be reviewed after each execution. See the -[Schedule Jobs](/docs/accessanalyzer/12.0/administration/job-management/schedule/overview.md#schedule-jobs) topic for additional information. +[Schedule Jobs](/docs/accessanalyzer/12.0/admin/schedule/overview.md#schedule-jobs) topic for additional information. Throughout this document reference to executing a job refers to either manual execution or scheduled execution, according to the needs of the organization. diff --git a/docs/accessanalyzer/12.0/solutions/nisinventory/nis-scan.md b/docs/accessanalyzer/12.0/solutions/nisinventory/nis-scan.md deleted file mode 100644 index 527718deb0..0000000000 --- a/docs/accessanalyzer/12.0/solutions/nisinventory/nis-scan.md +++ /dev/null @@ -1,100 +0,0 @@ -# NIS Scan Job - -The NIS Scan job collects data from the targeted NIS server and then analyzes that data to inventory -users, groups, and group membership. This data can then be used by other built-in Access Analyzer -solutions. - -## Query for the NIS Scan Job - -The NIS Scan Job uses the NIS Data Collector for the following query: - -**CAUTION:** This query must be modified. See the -[Configure the NIS Scan Query](#configure-the-nis-scan-query) topic for additional information. - -![Query for the NIS Scan Job](/img/product_docs/accessanalyzer/solutions/nisinventory/nisscanquery.webp) - -- Inventory Scan – Targets a NIS server to collect inventory data for user and group objects - -### Configure the NIS Scan Query - -The NIS Scan job has been preconfigured to run with the default settings with the category of **Scan -NIS Users and Groups**. However, it is necessary to configure the targeted NIS domain. Follow the -steps to set the target NIS domain and any desired customizations. - -**Step 1 –** Navigate to the **.NIS Inventory** > **NIS Scan** > **Configure** node and select -**Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The NIS Data Collector Wizard -opens. - -**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the -purpose of this job. - -![NIS Settings page](/img/product_docs/activitymonitor/config/dellpowerscale/settings.webp) - -**Step 4 –** On the NIS Settings page, enter the **NIS Domain Name** for the targeted NIS domain. -This step is required prior to running this query. See the -[NIS: NIS Settings](/docs/accessanalyzer/12.0/data-collection/nis/settings.md) topic for additional information. - -- Optional: Test the connection to the domain using the Sample NIS Server section of the page - -![SID Mappings page](/img/product_docs/accessanalyzer/admin/datacollector/nis/sidmappings.webp) - -**Step 5 –** On the SID Mappings page, you can add multiple SID mapping entries. See the -[NIS: SID Mappings](/docs/accessanalyzer/12.0/data-collection/nis/sid-mappings.md) topic for additional information. - -**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or -click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -The NIS Scan Job is now ready to run. - -## Analysis Tasks for the NIS Scan Job - -View the analysis tasks by navigating to the **.NIS Inventory** > **NIS Scan** > **Configure** node -and select **Analysis**. - -**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or -deselected. There is one that is deselected by default, as it is for troubleshooting purposes. - -![Analysis Tasks for the NIS Scan Job](/img/product_docs/accessanalyzer/solutions/nisinventory/nisscananalysis.webp) - -The following analysis tasks are selected by default: - -- Users – Enables the SA_NIS_Users table to be accessible under the job’s Results node -- Groups – Enables the SA_NIS_Groups table to be accessible under the job’s Results node -- Members – Enables the SA_NIS_GroupMembersView to be accessible under the job’s Results node - -The following analysis task only needs to be selected when there is a need to remove the tables from -the database: - -**CAUTION:** This analysis task is for troubleshooting and cleanup only. Data will be deleted from -the database. Do not execute this task with the other analysis tasks, as that results in the -deletion of data that was just collected. - -- Drop NIS Tables – Removes all tables and views created by this job from SQL Server database - - - See the [Remove NIS Tables](#remove-nis-tables) topic for additional information - -### Remove NIS Tables - -Sometimes when troubleshooting a NIS Data Collector issue, it becomes necessary to clear the -standard reference tables. Follow these steps. - -**Step 1 –** Navigate to the **.NIS Inventory** > **NIS Scan** > **Configure** node and select -**Analysis**. - -**Step 2 –** Clear all of the other analysis tasks and select only the **Drop NIS Tables** analysis -task. - -**Step 3 –** Use the right-click menu on the analysis data grid to **Execute Analyses**. - -**Step 4 –** After the analysis task has completed execution, the tables have been cleared from the -SQL database. - -**CAUTION:** Do not forget to clear the Drop NIS Tables analysis task and reselect all of the other -analysis tasks. - -The next time the job is run, the standard reference tables are recreated in the database. diff --git a/docs/accessanalyzer/12.0/solutions/nisinventory/nis_scan.md b/docs/accessanalyzer/12.0/solutions/nisinventory/nis_scan.md new file mode 100644 index 0000000000..3df639f539 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/nisinventory/nis_scan.md @@ -0,0 +1,100 @@ +# NIS Scan Job + +The NIS Scan job collects data from the targeted NIS server and then analyzes that data to inventory +users, groups, and group membership. This data can then be used by other built-in Access Analyzer +solutions. + +## Query for the NIS Scan Job + +The NIS Scan Job uses the NIS Data Collector for the following query: + +**CAUTION:** This query must be modified. See the +[Configure the NIS Scan Query](#configure-the-nis-scan-query) topic for additional information. + +![Query for the NIS Scan Job](/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/nisscanquery.webp) + +- Inventory Scan – Targets a NIS server to collect inventory data for user and group objects + +### Configure the NIS Scan Query + +The NIS Scan job has been preconfigured to run with the default settings with the category of **Scan +NIS Users and Groups**. However, it is necessary to configure the targeted NIS domain. Follow the +steps to set the target NIS domain and any desired customizations. + +**Step 1 –** Navigate to the **.NIS Inventory** > **NIS Scan** > **Configure** node and select +**Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The NIS Data Collector Wizard +opens. + +**CAUTION:** Do not make changes to other wizard pages as they have been pre-configured for the +purpose of this job. + +![NIS Settings page](/img/product_docs/activitymonitor/config/dellpowerscale/settings.webp) + +**Step 4 –** On the NIS Settings page, enter the **NIS Domain Name** for the targeted NIS domain. +This step is required prior to running this query. See the +[NIS: NIS Settings](/docs/accessanalyzer/12.0/admin/datacollector/nis/settings.md) topic for additional information. + +- Optional: Test the connection to the domain using the Sample NIS Server section of the page + +![SID Mappings page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/sidmappings.webp) + +**Step 5 –** On the SID Mappings page, you can add multiple SID mapping entries. See the +[NIS: SID Mappings](/docs/accessanalyzer/12.0/admin/datacollector/nis/sidmappings.md) topic for additional information. + +**Step 6 –** Navigate to the Summary page. Click **Finish** to save any setting modifications or +click **Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +The NIS Scan Job is now ready to run. + +## Analysis Tasks for the NIS Scan Job + +View the analysis tasks by navigating to the **.NIS Inventory** > **NIS Scan** > **Configure** node +and select **Analysis**. + +**CAUTION:** Most of these analysis tasks are preconfigured and should not be modified or +deselected. There is one that is deselected by default, as it is for troubleshooting purposes. + +![Analysis Tasks for the NIS Scan Job](/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/nisscananalysis.webp) + +The following analysis tasks are selected by default: + +- Users – Enables the SA_NIS_Users table to be accessible under the job’s Results node +- Groups – Enables the SA_NIS_Groups table to be accessible under the job’s Results node +- Members – Enables the SA_NIS_GroupMembersView to be accessible under the job’s Results node + +The following analysis task only needs to be selected when there is a need to remove the tables from +the database: + +**CAUTION:** This analysis task is for troubleshooting and cleanup only. Data will be deleted from +the database. Do not execute this task with the other analysis tasks, as that results in the +deletion of data that was just collected. + +- Drop NIS Tables – Removes all tables and views created by this job from SQL Server database + + - See the [Remove NIS Tables](#remove-nis-tables) topic for additional information + +### Remove NIS Tables + +Sometimes when troubleshooting a NIS Data Collector issue, it becomes necessary to clear the +standard reference tables. Follow these steps. + +**Step 1 –** Navigate to the **.NIS Inventory** > **NIS Scan** > **Configure** node and select +**Analysis**. + +**Step 2 –** Clear all of the other analysis tasks and select only the **Drop NIS Tables** analysis +task. + +**Step 3 –** Use the right-click menu on the analysis data grid to **Execute Analyses**. + +**Step 4 –** After the analysis task has completed execution, the tables have been cleared from the +SQL database. + +**CAUTION:** Do not forget to clear the Drop NIS Tables analysis task and reselect all of the other +analysis tasks. + +The next time the job is run, the standard reference tables are recreated in the database. diff --git a/docs/accessanalyzer/12.0/solutions/nisinventory/overview.md b/docs/accessanalyzer/12.0/solutions/nisinventory/overview.md index 0797c2f8fb..a14ef5a541 100644 --- a/docs/accessanalyzer/12.0/solutions/nisinventory/overview.md +++ b/docs/accessanalyzer/12.0/solutions/nisinventory/overview.md @@ -24,7 +24,7 @@ Location The .NIS Inventory Solution is a core component of all Access Analyzer installations. It can be installed from the Access Analyzer Instant Job Wizard.. -![.NIS Inventory Solution in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![.NIS Inventory Solution in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/jobstree.webp) Once it has been installed into the Jobs tree, navigate to the solution: **Jobs** > **.NIS Inventory**. This group has been named in such a way to keep it at the top of the Jobs tree. @@ -34,9 +34,9 @@ Inventory**. This group has been named in such a way to keep it at the top of th The .NIS Inventory Solution contains a single job. This job is configured to use the NIS Data Collector and then runs analysis on the collected data. -![.NIS Inventory Solution Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![.NIS Inventory Solution Overview page](/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/overviewpage.webp) The following job comprises the .NIS Inventory job group: -- [NIS Scan Job](/docs/accessanalyzer/12.0/solutions/nisinventory/nis-scan.md) – Provides essential user and group membership details to built-in +- [NIS Scan Job](/docs/accessanalyzer/12.0/solutions/nisinventory/nis_scan.md) – Provides essential user and group membership details to built-in solution sets diff --git a/docs/accessanalyzer/12.0/solutions/nisinventory/recommended.md b/docs/accessanalyzer/12.0/solutions/nisinventory/recommended.md index 121d5f8072..5aaca035b4 100644 --- a/docs/accessanalyzer/12.0/solutions/nisinventory/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/nisinventory/recommended.md @@ -12,7 +12,7 @@ Targeted Hosts The host list assignment should be assigned under the **.NIS Inventory** > **NIS Scan** > **Hosts** node. Select the custom host list containing the NIS servers or manually add the host in the **Individual hosts** section. See the -[Unix Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/nis/configure-job.md) topic for +[Unix Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/nis/configurejob.md) topic for additional information. Connection Profile @@ -22,7 +22,7 @@ Properties** window on the **Connection** tab. It is set to **Use the Default Pr configured at the global settings level. However, if this is not the Connection Profile with the necessary permissions for targeting the NIS servers, select the **Select one of the following user defined profiles** option and select the appropriate Connection Profile. See the -[Unix Connection Profile & Host List](/docs/accessanalyzer/12.0/data-collection/nis/configure-job.md) topic for +[Unix Connection Profile & Host List](/docs/accessanalyzer/12.0/admin/datacollector/nis/configurejob.md) topic for additional information. Schedule Frequency @@ -39,7 +39,7 @@ Query Configuration The solution requires the NIS domain to be configured in the **Inventory Scan** query. Navigate to the **NIS Settings** page of the NIS Data Collector Wizard. Optionally, modifications can be made -for SID mappings within the **NIS Scan** job. See the [NIS Scan Job](/docs/accessanalyzer/12.0/solutions/nisinventory/nis-scan.md) topic for +for SID mappings within the **NIS Scan** job. See the [NIS Scan Job](/docs/accessanalyzer/12.0/solutions/nisinventory/nis_scan.md) topic for additional information. Analysis Configuration diff --git a/docs/accessanalyzer/12.0/solutions/index.md b/docs/accessanalyzer/12.0/solutions/overview.md similarity index 100% rename from docs/accessanalyzer/12.0/solutions/index.md rename to docs/accessanalyzer/12.0/solutions/overview.md diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/overview.md index ded275d997..aa42b028b3 100644 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/overview.md +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/overview.md @@ -3,13 +3,13 @@ This group will highlight deletions, group membership changes, permission changes, and activity around sensitive data. -![Forensics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/sharepoint/activity/forensics/forensicsjobstree.webp) +![Forensics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/forensicsjobstree.webp) The jobs in the Forensics Job Group are: -- [SP_Deletions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-deletions.md) – Identifies SharePoint deletion events which have occurred +- [SP_Deletions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_deletions.md) – Identifies SharePoint deletion events which have occurred over the past 30 days -- [SP_PermissionChanges Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-permissionchanges.md) – Identifies permission changes which have +- [SP_PermissionChanges Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_permissionchanges.md) – Identifies permission changes which have been performed on all monitored SharePoint sites over the past 30 days -- [SP_SensitiveDataActivity Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-sensitivedataactivity.md) – Highlights user activity involving +- [SP_SensitiveDataActivity Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_sensitivedataactivity.md) – Highlights user activity involving sensitive data and provides details on who is interacting with your environments sensitive content diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-deletions.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-deletions.md deleted file mode 100644 index ba9b230b5c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-deletions.md +++ /dev/null @@ -1,25 +0,0 @@ -# SP_Deletions Job - -This job identifies SharePoint deletion events which have occurred over the past 30 days. - -## Analysis Tasks for the SP_Deletions Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > **SP_Deletions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_Deletions Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/deletionsanalysis.webp) - -The default analysis task is: - -- Analyze SPAC Deletion Events – Creates the SA_SPAC_Deletions_Last30Days table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_Deletions Job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Deletion Details | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Bar Chart – Displays total number of deletions in the past 30 days - Table – Provides details on deletions in the past 30 days | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-permissionchanges.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-permissionchanges.md deleted file mode 100644 index 7519350feb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-permissionchanges.md +++ /dev/null @@ -1,28 +0,0 @@ -# SP_PermissionChanges Job - -This job identifies permission changes which have been performed on all monitored SharePoint sites -over the past 30 days. - -## Analysis Tasks for the SP_PermissionChanges Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > -**SP_PermissionChanges** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_PermissionChanges Job](/img/product_docs/accessanalyzer/solutions/box/activity/forensics/permissionchangesanalysis.webp) - -The default analysis tasks are: - -- Analyze Permission Changes – Creates the SA_SP_PermissionChanges table accessible under the job’s - Results node -- Permission Changes Counts – Creates the SA_SP_PermissionChanges_Counts table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_PermissionChanges Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Permission Changes | This report identifies SharePoint permission changes based on activity events and determines whether or not that permission change is considered a high security risk. | None | This report is comprised of two elements: - Bar Chart – Displays permission change activity in the past seven days - Table – Provides permission change details | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-sensitivedataactivity.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-sensitivedataactivity.md deleted file mode 100644 index 66e084bd2b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp-sensitivedataactivity.md +++ /dev/null @@ -1,29 +0,0 @@ -# SP_SensitiveDataActivity Job - -This job highlights user activity involving sensitive data and provides details on who is -interacting with your environments sensitive content. - -## Analysis Tasks for the SP_SensitiveDataActivity Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > -**SP_SensitiveDataActivity** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_SensitiveDataActivity Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp) - -The default analysis tasks are: - -- Sensitive Data Activity – Creates the SA_SP_SensitiveDataActivity table accessible under the job’s - Results node -- Sensitive Data Activity User Count – Creates an interim processing table in the database for use - by downstream analysis and report generation - -In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | -------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------- | -| Sensitive Data Activity | This Report shows user activity on sensitive data. | None | This report is comprised of two elements: - Bar Chart – Displays sensitive data activity - Table – Provides details on sensitive data activity | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_deletions.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_deletions.md new file mode 100644 index 0000000000..edb928e1bf --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_deletions.md @@ -0,0 +1,25 @@ +# SP_Deletions Job + +This job identifies SharePoint deletion events which have occurred over the past 30 days. + +## Analysis Tasks for the SP_Deletions Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > **SP_Deletions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_Deletions Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/deletionsanalysis.webp) + +The default analysis task is: + +- Analyze SPAC Deletion Events – Creates the SA_SPAC_Deletions_Last30Days table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_Deletions Job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Deletion Details | This report identifies deletion events for the past 30 days. The detailed report shows all resources that were successfully deleted as well as which users performed those events. | None | This report is comprised of two elements: - Bar Chart – Displays total number of deletions in the past 30 days - Table – Provides details on deletions in the past 30 days | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_permissionchanges.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_permissionchanges.md new file mode 100644 index 0000000000..1fd449f5ca --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_permissionchanges.md @@ -0,0 +1,28 @@ +# SP_PermissionChanges Job + +This job identifies permission changes which have been performed on all monitored SharePoint sites +over the past 30 days. + +## Analysis Tasks for the SP_PermissionChanges Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > +**SP_PermissionChanges** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_PermissionChanges Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/permissionchangesanalysis.webp) + +The default analysis tasks are: + +- Analyze Permission Changes – Creates the SA_SP_PermissionChanges table accessible under the job’s + Results node +- Permission Changes Counts – Creates the SA_SP_PermissionChanges_Counts table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_PermissionChanges Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Permission Changes | This report identifies SharePoint permission changes based on activity events and determines whether or not that permission change is considered a high security risk. | None | This report is comprised of two elements: - Bar Chart – Displays permission change activity in the past seven days - Table – Provides permission change details | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_sensitivedataactivity.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_sensitivedataactivity.md new file mode 100644 index 0000000000..8cb6812c75 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sp_sensitivedataactivity.md @@ -0,0 +1,29 @@ +# SP_SensitiveDataActivity Job + +This job highlights user activity involving sensitive data and provides details on who is +interacting with your environments sensitive content. + +## Analysis Tasks for the SP_SensitiveDataActivity Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Forensics** > +**SP_SensitiveDataActivity** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_SensitiveDataActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sensitivedataactivityanalysis.webp) + +The default analysis tasks are: + +- Sensitive Data Activity – Creates the SA_SP_SensitiveDataActivity table accessible under the job’s + Results node +- Sensitive Data Activity User Count – Creates an interim processing table in the database for use + by downstream analysis and report generation + +In addition to the tables and views created by the analysis tasks, the SQL_SensitiveDataActivity Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | -------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------- | +| Sensitive Data Activity | This Report shows user activity on sensitive data. | None | This report is comprised of two elements: - Bar Chart – Displays sensitive data activity - Table – Provides details on sensitive data activity | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/overview.md index 814f5f04e8..28182d1d7c 100644 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/overview.md +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/overview.md @@ -4,7 +4,7 @@ The 7.Activity job group generates summary and detail reports of SharePoint acti specified sites. These reports can be used for identifying file, folder, and user related activity across your SharePoint environment. -![7.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![7.Activity Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/jobstree.webp) The job groups in the 7.Activity Job Group are: diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/overview.md index 02d2eaa51d..3bf53b167a 100644 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/overview.md +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/overview.md @@ -3,14 +3,14 @@ The Usage Statistics job group identifies long term trends of activity across your SharePoint environment highlighting most active sites and users as well as stale sites. -![Usage Statistics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp) +![Usage Statistics Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp) The jobs in the Usage Statistics Job Group are: -- [SP_InactiveSites Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-inactivesites.md) – Highlights your environments least active Sites or +- [SP_InactiveSites Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_inactivesites.md) – Highlights your environments least active Sites or Site Collections -- [SP_MostActiveSites Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-mostactivesites.md) – Identifies the top five most active sites +- [SP_MostActiveSites Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_mostactivesites.md) – Identifies the top five most active sites monitored by Access Analyzer -- [SP_MostActiveUsers Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-mostactiveusers.md) – Identifies the most active users from the last +- [SP_MostActiveUsers Job](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_mostactiveusers.md) – Identifies the most active users from the last 30 days on all monitored SharePoint servers with a view of Reads, Updates, Deletes, and Permission changes performed by a user diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-inactivesites.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-inactivesites.md deleted file mode 100644 index 11e20bca67..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-inactivesites.md +++ /dev/null @@ -1,25 +0,0 @@ -# SP_InactiveSites Job - -This job highlights your environments least active Sites or Site Collections. - -## Analysis Tasks for the SP_InactiveSites Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > -**SP_InactiveSites** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_InactiveSites Job](/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp) - -The default analysis task is: - -- Inactive Sites Last 30 Days – Creates the SA_SP_InactiveSites_Last30Days table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_InactiveSites Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | -| Inactive Sites | This report identifies Sites that have not had activity for at least 30 days. [View], [Delete], [Update], [Delete] fields reflect the number of unique operations of each type that was performed on the inactive site for this time frame. | None | This report is comprised of two elements: - Bar Chart – Displays information on inactive sites - Table – Provides details on inactive sites | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-mostactivesites.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-mostactivesites.md deleted file mode 100644 index f41c577065..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-mostactivesites.md +++ /dev/null @@ -1,25 +0,0 @@ -# SP_MostActiveSites Job - -This job identifies the top five most active monitored sites. - -## Analysis Tasks for the SP_MostActiveSites Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > -**SP_MostActiveSites** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_MostActiveSites Job](/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp) - -The default analysis task is: - -- Most Active Sites Last 30 Days – Creates the SA_SPAC_MostActiveSites_Last30Days table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_MostActiveSites Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active Sites – Last 30 Days | This report identifies the top five most active sites for the past 30 days. [Reads], [Updates], [Deletes], [Permission Changes] fields reflect the number of unique operations of each type that was performed on the site for this time frame. Unique Resources Accessed, number of active user performing operations on the site, as well as whether or not the active site contains sensitive information. | None | This report is comprised of two elements: - Bar Chart – Displays information on most active sites by event count - Table – Provides details on most active sites by event count | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-mostactiveusers.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-mostactiveusers.md deleted file mode 100644 index 967a30fb1b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp-mostactiveusers.md +++ /dev/null @@ -1,26 +0,0 @@ -# SP_MostActiveUsers Job - -This job identifies the most active users from the last 30 days on all monitored SharePoint servers -with a view of Reads, Updates, Deletes, and Permission changes performed by a user. - -## Analysis Tasks for the SP_MostActiveUsers Job - -Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > -**SP_MostActiveUsers** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_MostActiveUsers Job](/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp) - -The default analysis task is: - -- Most Active Users Last 30 Days – SA_SPAC_MostActiveUsers_Last30Days table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the SQL_MostActiveUsers Job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Most Active Users – Last 30 Days | This report identifies the top users for the past 30 days. [View], [Delete], [Update], [Delete] fields reflect the number of unique operations of each type that was performed by the user for this time frame. Unique Resources are the number of distinct resources that have had activity during that time. | None | This report is comprised of two elements: - Bar Chart – Displays information on top users by operation count - Table – Provides details on top users by operation count | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_inactivesites.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_inactivesites.md new file mode 100644 index 0000000000..6c49f4ca88 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_inactivesites.md @@ -0,0 +1,25 @@ +# SP_InactiveSites Job + +This job highlights your environments least active Sites or Site Collections. + +## Analysis Tasks for the SP_InactiveSites Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > +**SP_InactiveSites** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_InactiveSites Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp) + +The default analysis task is: + +- Inactive Sites Last 30 Days – Creates the SA_SP_InactiveSites_Last30Days table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_InactiveSites Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | +| Inactive Sites | This report identifies Sites that have not had activity for at least 30 days. [View], [Delete], [Update], [Delete] fields reflect the number of unique operations of each type that was performed on the inactive site for this time frame. | None | This report is comprised of two elements: - Bar Chart – Displays information on inactive sites - Table – Provides details on inactive sites | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_mostactivesites.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_mostactivesites.md new file mode 100644 index 0000000000..02268aff80 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_mostactivesites.md @@ -0,0 +1,25 @@ +# SP_MostActiveSites Job + +This job identifies the top five most active monitored sites. + +## Analysis Tasks for the SP_MostActiveSites Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > +**SP_MostActiveSites** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_MostActiveSites Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp) + +The default analysis task is: + +- Most Active Sites Last 30 Days – Creates the SA_SPAC_MostActiveSites_Last30Days table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_MostActiveSites Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active Sites – Last 30 Days | This report identifies the top five most active sites for the past 30 days. [Reads], [Updates], [Deletes], [Permission Changes] fields reflect the number of unique operations of each type that was performed on the site for this time frame. Unique Resources Accessed, number of active user performing operations on the site, as well as whether or not the active site contains sensitive information. | None | This report is comprised of two elements: - Bar Chart – Displays information on most active sites by event count - Table – Provides details on most active sites by event count | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_mostactiveusers.md b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_mostactiveusers.md new file mode 100644 index 0000000000..037708da00 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/sp_mostactiveusers.md @@ -0,0 +1,26 @@ +# SP_MostActiveUsers Job + +This job identifies the most active users from the last 30 days on all monitored SharePoint servers +with a view of Reads, Updates, Deletes, and Permission changes performed by a user. + +## Analysis Tasks for the SP_MostActiveUsers Job + +Navigate to the **Jobs** > **SharePoint** > **7.Activity** > **Usage Statistics** > +**SP_MostActiveUsers** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_MostActiveUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/mostactiveusersanalysis.webp) + +The default analysis task is: + +- Most Active Users Last 30 Days – SA_SPAC_MostActiveUsers_Last30Days table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the SQL_MostActiveUsers Job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Most Active Users – Last 30 Days | This report identifies the top users for the past 30 days. [View], [Delete], [Update], [Delete] fields reflect the number of unique operations of each type that was performed by the user for this time frame. Unique Resources are the number of distinct resources that have had activity during that time. | None | This report is comprised of two elements: - Bar Chart – Displays information on top users by operation count - Table – Provides details on top users by operation count | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek-systemscans.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek-systemscans.md deleted file mode 100644 index f11f9f32cb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek-systemscans.md +++ /dev/null @@ -1,91 +0,0 @@ -# 1-SPSEEK_SystemScans Job - -This job is responsible for building the Tier2 SPDLP database repositories, which contain -information regarding sensitive content that exists within SharePoint. - -## Queries for the 1-SPSEEK_SystemScans Job - -The 1-SPSEEK SystemScans Job uses the SharePoint Access Data Collector for the following query: - -![The query for the 1-SPSEEK SystemScans Job](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spseeksystemscansquery.webp) - -The query for the 1-SPSEEK SystemScans Job is: - -- SharePoint Scan – Scans SharePoint for sensitive content - -### Configure the Query for the 1-SPSEEK_SystemScans Job - -The 1-SPSEEK_SystemScans Job has been preconfigured to run with the default settings using the SPAA -Data Collector category of Scan for Sensitive Content, which is not visible within the SharePoint -Access Auditor Data Collector Wizard when opened from within this job. - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > -**1-SPSEEK_SystemScans** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. - -![SharePoint Data Collection Settings](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspseek.webp) - -**Step 4 –** On the -[SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/12.0/data-collection/spaa/settings.md) page, -customize as desired and click **Next**. - -![Scan Scoping Options](/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptions.webp) - -**Step 5 –** On the -[SPAA: Scan Scoping Options](/docs/accessanalyzer/12.0/data-collection/spaa/scan-scoping-options.md) page, no web -applications or site collections have been added. If desired, limit the scope of the scan to -specific web applications or site collections. Click **Next**. - -![Additional Scoping](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/additionalscopingspseek.webp) - -**Step 6 –** On the -[SPAA: Additional Scoping](/docs/accessanalyzer/12.0/data-collection/spaa/additional-scoping.md) page, **Limit -scanned depth to:** is selected with the default set at **2** levels. Customize this setting as -desired and click **Next**. - -![Agent Settings](/img/product_docs/activitymonitor/activitymonitor/install/agent/windowsagent.webp) - -**Step 7 –** On the [SPAA: Agent Settings](/docs/accessanalyzer/12.0/data-collection/spaa/agent-settings.md) page, -use the default settings unless an agent scan mode is desired. Click **Next**. - -![DLP Audit Settings](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/dlpauditsettingsspseek.webp) - -**Step 8 –** On the -[SPAA: DLP Audit Settings](/docs/accessanalyzer/12.0/data-collection/spaa/dlp-audit-settings.md) page, the default -setting is to **Don’t process files larger than: 2 MB** and to **Scan typical documents -(recommended, fastest)**. These settings can be customized to adjust for scan time or database size. -Click **Next**. - -**NOTE:** The typical documents for this setting are files with the following extensions: .doc, -.docx, .msg, .odt, .pages, .rtf, .wpd, .wps, .abw, .bib, .dotx, .eml, .fb2, .fdx, .gdoc, .lit, .sig, -.sty, .wps, .wpt, .yml, .tex, .pdf, .csv, .xlr, .xls, .xlsx, .gsheet, .nb, .numbers, .ods, .qpw, -.sdc, .wks, .xlsb, .xltm, .xltx, .aws, .fods, .ots, .rdf, .sxc, .uos, .xlsm, .txt - -![Select DLP Criteria Page of the SPAA Data Collector Wizard](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp) - -**Step 9 –** On the -[SPAA: Select DLP Criteria](/docs/accessanalyzer/12.0/data-collection/spaa/select-dlp-criteria.md) page, add or -remove criteria as desired by either manually selecting criteria or using the **Select All** and -**Clear All** buttons. Click **Next**. _(Optional)_ To create custom criteria, see the -[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitive-data-discovery/criteria-editor/overview.md) topic -for additional information. - -**CAUTION:** Do not configure the options on the Results page. - -**Step 10 –** On the Results page, all Available Properties are selected by default. Click **Next**. - -**Step 11 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 1-SPSEEK_SystemScans Job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek_systemscans.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek_systemscans.md new file mode 100644 index 0000000000..45cd8eaece --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek_systemscans.md @@ -0,0 +1,91 @@ +# 1-SPSEEK_SystemScans Job + +This job is responsible for building the Tier2 SPDLP database repositories, which contain +information regarding sensitive content that exists within SharePoint. + +## Queries for the 1-SPSEEK_SystemScans Job + +The 1-SPSEEK SystemScans Job uses the SharePoint Access Data Collector for the following query: + +![The query for the 1-SPSEEK SystemScans Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spseeksystemscansquery.webp) + +The query for the 1-SPSEEK SystemScans Job is: + +- SharePoint Scan – Scans SharePoint for sensitive content + +### Configure the Query for the 1-SPSEEK_SystemScans Job + +The 1-SPSEEK_SystemScans Job has been preconfigured to run with the default settings using the SPAA +Data Collector category of Scan for Sensitive Content, which is not visible within the SharePoint +Access Auditor Data Collector Wizard when opened from within this job. + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > +**1-SPSEEK_SystemScans** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. + +![SharePoint Data Collection Settings](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/datacollectionsettingsspseek.webp) + +**Step 4 –** On the +[SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/settings.md) page, +customize as desired and click **Next**. + +![Scan Scoping Options](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/scanscopingoptions.webp) + +**Step 5 –** On the +[SPAA: Scan Scoping Options](/docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptions.md) page, no web +applications or site collections have been added. If desired, limit the scope of the scan to +specific web applications or site collections. Click **Next**. + +![Additional Scoping](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/additionalscopingspseek.webp) + +**Step 6 –** On the +[SPAA: Additional Scoping](/docs/accessanalyzer/12.0/admin/datacollector/spaa/additionalscoping.md) page, **Limit +scanned depth to:** is selected with the default set at **2** levels. Customize this setting as +desired and click **Next**. + +![Agent Settings](/img/product_docs/activitymonitor/activitymonitor/install/agent/windowsagent.webp) + +**Step 7 –** On the [SPAA: Agent Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/agentsettings.md) page, +use the default settings unless an agent scan mode is desired. Click **Next**. + +![DLP Audit Settings](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/dlpauditsettingsspseek.webp) + +**Step 8 –** On the +[SPAA: DLP Audit Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/dlpauditsettings.md) page, the default +setting is to **Don’t process files larger than: 2 MB** and to **Scan typical documents +(recommended, fastest)**. These settings can be customized to adjust for scan time or database size. +Click **Next**. + +**NOTE:** The typical documents for this setting are files with the following extensions: .doc, +.docx, .msg, .odt, .pages, .rtf, .wpd, .wps, .abw, .bib, .dotx, .eml, .fb2, .fdx, .gdoc, .lit, .sig, +.sty, .wps, .wpt, .yml, .tex, .pdf, .csv, .xlr, .xls, .xlsx, .gsheet, .nb, .numbers, .ods, .qpw, +.sdc, .wks, .xlsb, .xltm, .xltx, .aws, .fods, .ots, .rdf, .sxc, .uos, .xlsm, .txt + +![Select DLP Criteria Page of the SPAA Data Collector Wizard](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp) + +**Step 9 –** On the +[SPAA: Select DLP Criteria](/docs/accessanalyzer/12.0/admin/datacollector/spaa/selectdlpcriteria.md) page, add or +remove criteria as desired by either manually selecting criteria or using the **Select All** and +**Clear All** buttons. Click **Next**. _(Optional)_ To create custom criteria, see the +[Sensitive Data Criteria Editor](/docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/overview.md) topic +for additional information. + +**CAUTION:** Do not configure the options on the Results page. + +**Step 10 –** On the Results page, all Available Properties are selected by default. Click **Next**. + +**Step 11 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 1-SPSEEK_SystemScans Job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa-systemscans.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa-systemscans.md deleted file mode 100644 index bccd7797d5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa-systemscans.md +++ /dev/null @@ -1,69 +0,0 @@ -# 2-SPAA_SystemScans Job - -The job collects information on permissions, users, and groups to determine who has access to each -structural level in the SharePoint farm. - -## Queries for the 2-SPAA_SystemScans Job - -The 2-SPAA_SystemScans Job uses the SharePoint Access Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaasystemscansquery.webp) - -The query for the 2-SPAA_SystemScans Job is: - -- Scan SharePoint – Scans SharePoint systems - -### Configure 2-SPAA_SystemScans Job - -The 2-SPAA_SystemScans Job has been preconfigured to run with the default settings using the SPAA -Data Collector category of Scan SharePoint Access, which is not visible within the SharePoint Access -Auditor Data Collector Wizard when opened from within this job. - -**CAUTION:** Users should not change scans in a way that would result in less data being returned on -a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a -shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in -the Tier 2 database and subsequently removed from the Tier 1 database. - -Follow the steps to set any desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **1-SPAA_SystemScans** > -**Configure** node and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. - -![SharePoint Data Collection Settings](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspaa.webp) - -**Step 4 –** On the -[SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/12.0/data-collection/spaa/settings.md) page, -customize as desired and click **Next**. - -![Scan Scoping Options](/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptions.webp) - -**Step 5 –** On the -[SPAA: Scan Scoping Options](/docs/accessanalyzer/12.0/data-collection/spaa/scan-scoping-options.md) page, no web -applications or site collections have been added. If desired, limit the scope of the scan to -specific web applications or site collections. Click **Next**. - -![Additional Scoping](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/additionalscopingspaa.webp) - -**Step 6 –** On the -[SPAA: Additional Scoping](/docs/accessanalyzer/12.0/data-collection/spaa/additional-scoping.md) page, **Limit -scanned depth to:** is selected with the default set at **2** levels. Customize this setting as -desired and click **Next**. - -![Agent Settings](/img/product_docs/activitymonitor/activitymonitor/install/agent/windowsagent.webp) - -**Step 7 –** On the [SPAA: Agent Settings](/docs/accessanalyzer/12.0/data-collection/spaa/agent-settings.md) page, -use the default settings unless an agent scan mode is desired. Click **Next**. - -**CAUTION:** Do not configure the options on the Results page. - -**Step 8 –** On the Results page, all Available Properties are selected by default. Click **Next**. - -**Step 9 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 1-SPAA_SystemScans Job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa_systemscans.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa_systemscans.md new file mode 100644 index 0000000000..e7b625fd52 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa_systemscans.md @@ -0,0 +1,69 @@ +# 2-SPAA_SystemScans Job + +The job collects information on permissions, users, and groups to determine who has access to each +structural level in the SharePoint farm. + +## Queries for the 2-SPAA_SystemScans Job + +The 2-SPAA_SystemScans Job uses the SharePoint Access Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaasystemscansquery.webp) + +The query for the 2-SPAA_SystemScans Job is: + +- Scan SharePoint – Scans SharePoint systems + +### Configure 2-SPAA_SystemScans Job + +The 2-SPAA_SystemScans Job has been preconfigured to run with the default settings using the SPAA +Data Collector category of Scan SharePoint Access, which is not visible within the SharePoint Access +Auditor Data Collector Wizard when opened from within this job. + +**CAUTION:** Users should not change scans in a way that would result in less data being returned on +a subsequent scan (i.e. scanning fewer web applications, scanning fewer site collections, or a +shallower depth scan). Those resources not included in a subsequent scan are marked as deleted in +the Tier 2 database and subsequently removed from the Tier 1 database. + +Follow the steps to set any desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **1-SPAA_SystemScans** > +**Configure** node and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. + +![SharePoint Data Collection Settings](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/datacollectionsettingsspaa.webp) + +**Step 4 –** On the +[SPAA: SharePoint Data Collection Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/settings.md) page, +customize as desired and click **Next**. + +![Scan Scoping Options](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/scanscopingoptions.webp) + +**Step 5 –** On the +[SPAA: Scan Scoping Options](/docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptions.md) page, no web +applications or site collections have been added. If desired, limit the scope of the scan to +specific web applications or site collections. Click **Next**. + +![Additional Scoping](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/additionalscopingspaa.webp) + +**Step 6 –** On the +[SPAA: Additional Scoping](/docs/accessanalyzer/12.0/admin/datacollector/spaa/additionalscoping.md) page, **Limit +scanned depth to:** is selected with the default set at **2** levels. Customize this setting as +desired and click **Next**. + +![Agent Settings](/img/product_docs/activitymonitor/activitymonitor/install/agent/windowsagent.webp) + +**Step 7 –** On the [SPAA: Agent Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/agentsettings.md) page, +use the default settings unless an agent scan mode is desired. Click **Next**. + +**CAUTION:** Do not configure the options on the Results page. + +**Step 8 –** On the Results page, all Available Properties are selected by default. Click **Next**. + +**Step 9 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 1-SPAA_SystemScans Job has now been customized. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac-systemscans.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac-systemscans.md deleted file mode 100644 index e43ab28dea..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac-systemscans.md +++ /dev/null @@ -1,18 +0,0 @@ -# 3-SPAC_SystemScans Job - -The job collects information on activity, users, and groups to determine who has performed activity -in each structural level in the SharePoint farm. - -## Queries for the 3-SPAC_SystemScans Job - -The 3-SPAC_SystemScans Job has been preconfigured to run with the default settings using the SPAA -Data Collector category of Scan SharePoint Activity, which is not visible within the SharePoint -Access Auditor Data Collector Wizard when opened from within this job. - -**CAUTION:** Do not modify the query. The query is preconfigured for this job. - -![Query Selection](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spacsystemscansquery.webp) - -The query for the 3-SPAC_SystemScans Job is: - -- System Scan – Scans for SharePoint activity diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac_systemscans.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac_systemscans.md new file mode 100644 index 0000000000..8a478a8615 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac_systemscans.md @@ -0,0 +1,18 @@ +# 3-SPAC_SystemScans Job + +The job collects information on activity, users, and groups to determine who has performed activity +in each structural level in the SharePoint farm. + +## Queries for the 3-SPAC_SystemScans Job + +The 3-SPAC_SystemScans Job has been preconfigured to run with the default settings using the SPAA +Data Collector category of Scan SharePoint Activity, which is not visible within the SharePoint +Access Auditor Data Collector Wizard when opened from within this job. + +**CAUTION:** Do not modify the query. The query is preconfigured for this job. + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spacsystemscansquery.webp) + +The query for the 3-SPAC_SystemScans Job is: + +- System Scan – Scans for SharePoint activity diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek-bulkimport.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek-bulkimport.md deleted file mode 100644 index 50fb845020..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek-bulkimport.md +++ /dev/null @@ -1,71 +0,0 @@ -# 4-SPSEEK_BulkImport Job - -This job is responsible for retrieving the Tier 2 SPDLP database information and importing it to the -SQL Server where Access Analyzer stores data. - -## Queries for the 4-SPSEEK_BulkImport Job - -The 4-SPSEEK Bulk Import Job uses the SharePoint Access Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportquery.webp) - -The query for the 4-SPSEEK Bulk Import Job is: - -- Bulk Import – Imports scan data into the SQL Server - -### Configure 4-SPSEEK_BulkImport Job - -The 4-SPSEEK_BulkImport Job has been preconfigured to run with the default settings with the SPAA -Data Collector category of **Bulk Import Sensitive Content Scan Results**, which is not visible -within the SharePoint Access Auditor Data Collector Wizard when opened from within this job. Follow -the steps to set any desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > -**4-SPSEEK_BulkImport** > **Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. - -![Bulk Import Settings](/img/product_docs/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp) - -**Step 4 –** On the -[SPAA: Bulk Import Settings](/docs/accessanalyzer/12.0/data-collection/spaa/bulk-import-settings.md) page, the -**Set Host Identifier** is not configured by default. Click **Next**. - -**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host -Identifier** seed. - -**CAUTION:** Do not configure the options on the Results page. - -**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. - -**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 4-SPSEEK_BulkImport Job has now been customized. - -## Analysis Tasks for 4-SPSEEK_BulkImport Job - -Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **4-SPSEEK_BulkImport** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the -selected analysis tasks. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportanalysis.webp) - -The default analysis tasks are: - -- 1. Update data types – Access Analyzer uses custom SQL data types to render data. This analysis - creates updates to those data types. -- 2. Import new functions (for SA Core) – Creates functions used in the SharePoint Solution -- 3. Import new functions (for SA SPAA) – Creates functions used in the SharePoint Solution -- 4. Create exception schema – Creates the SA_SPAA_Exceptions table -- 5. Create DLP views – Creates the SA_SPDLP_MatchesView -- 6. Create exceptions view – Creates the SA_SPAA_ExceptionsView - -The following analysis task is not selected by default, but can be enabled: - -- Display Match Hits – Displays the SA_SPDLP_MatchesHitsView within Access Analyzer. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek_bulkimport.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek_bulkimport.md new file mode 100644 index 0000000000..87cb9ba702 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek_bulkimport.md @@ -0,0 +1,71 @@ +# 4-SPSEEK_BulkImport Job + +This job is responsible for retrieving the Tier 2 SPDLP database information and importing it to the +SQL Server where Access Analyzer stores data. + +## Queries for the 4-SPSEEK_BulkImport Job + +The 4-SPSEEK Bulk Import Job uses the SharePoint Access Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spseekbulkimportquery.webp) + +The query for the 4-SPSEEK Bulk Import Job is: + +- Bulk Import – Imports scan data into the SQL Server + +### Configure 4-SPSEEK_BulkImport Job + +The 4-SPSEEK_BulkImport Job has been preconfigured to run with the default settings with the SPAA +Data Collector category of **Bulk Import Sensitive Content Scan Results**, which is not visible +within the SharePoint Access Auditor Data Collector Wizard when opened from within this job. Follow +the steps to set any desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > +**4-SPSEEK_BulkImport** > **Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. + +![Bulk Import Settings](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/bulkimportsettings.webp) + +**Step 4 –** On the +[SPAA: Bulk Import Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/bulkimportsettings.md) page, the +**Set Host Identifier** is not configured by default. Click **Next**. + +**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host +Identifier** seed. + +**CAUTION:** Do not configure the options on the Results page. + +**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. + +**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 4-SPSEEK_BulkImport Job has now been customized. + +## Analysis Tasks for 4-SPSEEK_BulkImport Job + +Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **4-SPSEEK_BulkImport** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the +selected analysis tasks. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spseekbulkimportanalysis.webp) + +The default analysis tasks are: + +- 1. Update data types – Access Analyzer uses custom SQL data types to render data. This analysis + creates updates to those data types. +- 2. Import new functions (for SA Core) – Creates functions used in the SharePoint Solution +- 3. Import new functions (for SA SPAA) – Creates functions used in the SharePoint Solution +- 4. Create exception schema – Creates the SA_SPAA_Exceptions table +- 5. Create DLP views – Creates the SA_SPDLP_MatchesView +- 6. Create exceptions view – Creates the SA_SPAA_ExceptionsView + +The following analysis task is not selected by default, but can be enabled: + +- Display Match Hits – Displays the SA_SPDLP_MatchesHitsView within Access Analyzer. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa-bulkimport.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa-bulkimport.md deleted file mode 100644 index 1cd8a78267..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa-bulkimport.md +++ /dev/null @@ -1,68 +0,0 @@ -# 5-SPAA_BulkImport Job - -This job is responsible for retrieving the SPAA Tier 2 database information and import it to the -Access Analyzer SQL database. - -## Queries for the 5-SPAA_BulkImport Job - -The 5-SPAA_BulkImport Job uses the SharePoint Access Data Collector for the following query: - -![spaabulkimportquery](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaabulkimportquery.webp) - -The query for the 5-SPAA_BulkImport Job is: - -- Bulk Import – Imports scan data into the SQL Server - -### Configure 5-SPAA_BulkImport Job - -The 5-SPAA_BulkImport Job has been preconfigured to run with the default settings with the SPAA Data -Collector category of Bulk Import Access Scan Results, which is not visible within the SharePoint -Access Auditor Data Collector Wizard when opened from within this job. Follow the steps to set any -desired customizations. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAA_BulkImport** > -**Configure** node and select the **Queries** node. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. - -![Bulk Import Settings](/img/product_docs/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp) - -**Step 4 –** On the -[SPAA: Bulk Import Settings](/docs/accessanalyzer/12.0/data-collection/spaa/bulk-import-settings.md) page, the -**Set Host Identifier** is not configured by default. Click **Next**. - -**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host -Identifier** seed. - -**CAUTION:** Do not configure the options on the Results page. - -**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. - -**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 5-SPAA_BulkImport Job has now been customized. - -## Analysis Tasks for 5-SPAA_BulkImport Job - -Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAA_BulkImport** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the -selected analysis tasks. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaabulkimportanalysis.webp) - -The default analysis tasks are: - -- 0. TryConvert for UniqueIdentifiers – Simulates Try_Convert functionality for SQL Server 2008 - and below -- 1. Update data types – Access Analyzer uses custom SQL data types to render data. This analysis - creates updates to those data types. -- 2. Import new functions (for SA Core) – Creates functions used in the SharePoint Solution -- 3. Import new functions (for SA SPAA) – Creates functions used in the SharePoint Solution -- 4. Create exception schema – Creates the SA_SPAA_Exceptions table -- 5. Create views – Creates views visible through the Results node diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa_bulkimport.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa_bulkimport.md new file mode 100644 index 0000000000..6019ca598f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa_bulkimport.md @@ -0,0 +1,68 @@ +# 5-SPAA_BulkImport Job + +This job is responsible for retrieving the SPAA Tier 2 database information and import it to the +Access Analyzer SQL database. + +## Queries for the 5-SPAA_BulkImport Job + +The 5-SPAA_BulkImport Job uses the SharePoint Access Data Collector for the following query: + +![spaabulkimportquery](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaabulkimportquery.webp) + +The query for the 5-SPAA_BulkImport Job is: + +- Bulk Import – Imports scan data into the SQL Server + +### Configure 5-SPAA_BulkImport Job + +The 5-SPAA_BulkImport Job has been preconfigured to run with the default settings with the SPAA Data +Collector category of Bulk Import Access Scan Results, which is not visible within the SharePoint +Access Auditor Data Collector Wizard when opened from within this job. Follow the steps to set any +desired customizations. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAA_BulkImport** > +**Configure** node and select the **Queries** node. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. + +![Bulk Import Settings](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/bulkimportsettings.webp) + +**Step 4 –** On the +[SPAA: Bulk Import Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/bulkimportsettings.md) page, the +**Set Host Identifier** is not configured by default. Click **Next**. + +**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host +Identifier** seed. + +**CAUTION:** Do not configure the options on the Results page. + +**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. + +**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 5-SPAA_BulkImport Job has now been customized. + +## Analysis Tasks for 5-SPAA_BulkImport Job + +Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAA_BulkImport** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the +selected analysis tasks. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaabulkimportanalysis.webp) + +The default analysis tasks are: + +- 0. TryConvert for UniqueIdentifiers – Simulates Try_Convert functionality for SQL Server 2008 + and below +- 1. Update data types – Access Analyzer uses custom SQL data types to render data. This analysis + creates updates to those data types. +- 2. Import new functions (for SA Core) – Creates functions used in the SharePoint Solution +- 3. Import new functions (for SA SPAA) – Creates functions used in the SharePoint Solution +- 4. Create exception schema – Creates the SA_SPAA_Exceptions table +- 5. Create views – Creates views visible through the Results node diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac-bulkimport.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac-bulkimport.md deleted file mode 100644 index a6844fa3fa..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac-bulkimport.md +++ /dev/null @@ -1,62 +0,0 @@ -# 6-SPAC_BulkImport Job - -This job is responsible for retrieving the SPAC Tier 2 database information and import it to the -Access Analyzer SQL database. - -## Queries for the 6-SPAC_BulkImport Job - -The 6-SPAC_BulkImport Job uses the SharePoint Access Data Collector for the following query: - -![Query Selection](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spacbulkimportquery.webp) - -The query for the 6-SPAC_BulkImport Job is: - -- Bulk Import – Imports scan data into the SQL Server - -### Configure the Query for the 6-SPAC_BulkImport Job - -The 6-SPAC_BulkImport Job has been preconfigured to run with the default settings with the category -of Bulk Import SharePoint Activity Scan Results, which is not visible within the SharePoint Access -Auditor Data Collector Wizard when opened from within this job. Follow the steps to set any desired -customizations. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAC_BulkImport** > -**Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -displays. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. - -![Bulk Import Settings](/img/product_docs/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp) - -**Step 4 –** On the -[SPAA: Bulk Import Settings](/docs/accessanalyzer/12.0/data-collection/spaa/bulk-import-settings.md) page, the -**Set Host Identifier** is not configured by default. Click **Next**. - -**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host -Identifier** seed. - -**CAUTION:** Do not configure the options on the Results page. - -**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. - -**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click -**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. - -If changes were made, the 6-SPAC_BulkImport Job has now been customized. - -## Analysis Tasks for 2-SPAC_BulkImport Job - -Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **6-SPAC_BulkImport** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the -selected analysis tasks. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spacbulkimportanalysis.webp) - -The default analysis tasks are: - -- 1. Create Event Name Table – Creates the SA_SPAC_EventNames table associated with SPAC -- 2. Create Views – Creates the views associated with SPAC diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac_bulkimport.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac_bulkimport.md new file mode 100644 index 0000000000..0bb925f591 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac_bulkimport.md @@ -0,0 +1,62 @@ +# 6-SPAC_BulkImport Job + +This job is responsible for retrieving the SPAC Tier 2 database information and import it to the +Access Analyzer SQL database. + +## Queries for the 6-SPAC_BulkImport Job + +The 6-SPAC_BulkImport Job uses the SharePoint Access Data Collector for the following query: + +![Query Selection](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spacbulkimportquery.webp) + +The query for the 6-SPAC_BulkImport Job is: + +- Bulk Import – Imports scan data into the SQL Server + +### Configure the Query for the 6-SPAC_BulkImport Job + +The 6-SPAC_BulkImport Job has been preconfigured to run with the default settings with the category +of Bulk Import SharePoint Activity Scan Results, which is not visible within the SharePoint Access +Auditor Data Collector Wizard when opened from within this job. Follow the steps to set any desired +customizations. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **2-SPAC_BulkImport** > +**Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +displays. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. + +![Bulk Import Settings](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/bulkimportsettings.webp) + +**Step 4 –** On the +[SPAA: Bulk Import Settings](/docs/accessanalyzer/12.0/admin/datacollector/spaa/bulkimportsettings.md) page, the +**Set Host Identifier** is not configured by default. Click **Next**. + +**NOTE:** Unless SQL Server Replication is used, it should not be necessary to adjust the **Host +Identifier** seed. + +**CAUTION:** Do not configure the options on the Results page. + +**Step 5 –** On the Results page, all Available Properties are selected by default. Click **Next**. + +**Step 6 –** On the Summary page, click **Finish** to save any setting modifications or click +**Cancel** if no changes were made. Then click **OK** to close the Query Properties window. + +If changes were made, the 6-SPAC_BulkImport Job has now been customized. + +## Analysis Tasks for 2-SPAC_BulkImport Job + +Navigate to the **Jobs** > **SharePoint** > **0.Collection** > **6-SPAC_BulkImport** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the +selected analysis tasks. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spacbulkimportanalysis.webp) + +The default analysis tasks are: + +- 1. Create Event Name Table – Creates the SA_SPAC_EventNames table associated with SPAC +- 2. Create Views – Creates the views associated with SPAC diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md deleted file mode 100644 index 07a20160f6..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md +++ /dev/null @@ -1,62 +0,0 @@ -# 7-SPAA_Exceptions Job - -This job searches scanned data for resources that match high risk conditions and retrieving a -summary of SharePoint exceptions per host. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The 7-SPAA_Exceptions page has the following configurable parameters: - -- #opengroups – High-risk groups such as those known to be sensitive or open can be added - - **NOTE:** Groups must be entered exactly as they are listed in SA_SPAA_Trustees. Copy and paste - the Group name as it appears in the Name Column. - -See the -[Customizable Analysis Tasks for the 7-SPAA_Exceptions Job](#customizable-analysis-tasks-for-the-7-spaa_exceptions-job) -for additional information. - -## Analysis Tasks 7-SPAA_Exceptions Job - -The 3-SPAA_Exceptions Job does not use the SPAA Data Collector. Instead it runs analysis on the data -returned by the 2-SPAA_BulkImport Job. View the analysis tasks by navigating to the **Jobs** > -**SharePoint** > **0.Collection** > **3-SPAA_Exceptions** > **Configure** node and select -**Analysis**. - -**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the -selected analysis tasks. - -![Analysis Selection](/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaaexceptionsanalysis.webp) - -The default analysis tasks are: - -- Open resources – Any site collections, sites, libraries, lists, or folders that are openly - accessible. Can be deselected if open resource information is not desired. - - - This analysis task contains a configurable parameter: `#opengroups` - -- Disabled users – Any site collections, sites, libraries, lists, or folders where disabled users - have been granted access. Can be deselected if disabled user information is not desired. -- Stale users – Any site collections, sites, libraries, lists, or folders where stale users have - been granted access. Stale users are user who have not logged in for more than 120 days. Can be - deselected if stale user information is not desired. -- Unresolved SID – Matches SIDs to .Active Directory Inventory Job Group data to resolve for those - users using legacy SIDS or deleted users. -- Show view – Displays views within the Results node of the Access Analyzer Console. - -### Customizable Analysis Tasks for the 7-SPAA_Exceptions Job - -The default values for customizable parameters are: - -| Analysis Task | Customizable Parameter Name | Default Value | Instruction | -| -------------- | --------------------------- | ------------- | -------------------------------------------------------------------------------------------------------------------------------------- | -| Open resources | #opengroups | Empty | Groups must be entered exactly as they are listed in SA_SPAA_Trustees. Copy and paste the Group name as it appears in the Name Column. | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md new file mode 100644 index 0000000000..acfdf9ec70 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md @@ -0,0 +1,62 @@ +# 7-SPAA_Exceptions Job + +This job searches scanned data for resources that match high risk conditions and retrieving a +summary of SharePoint exceptions per host. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The 7-SPAA_Exceptions page has the following configurable parameters: + +- #opengroups – High-risk groups such as those known to be sensitive or open can be added + + **NOTE:** Groups must be entered exactly as they are listed in SA_SPAA_Trustees. Copy and paste + the Group name as it appears in the Name Column. + +See the +[Customizable Analysis Tasks for the 7-SPAA_Exceptions Job](#customizable-analysis-tasks-for-the-7-spaa_exceptions-job) +for additional information. + +## Analysis Tasks 7-SPAA_Exceptions Job + +The 3-SPAA_Exceptions Job does not use the SPAA Data Collector. Instead it runs analysis on the data +returned by the 2-SPAA_BulkImport Job. View the analysis tasks by navigating to the **Jobs** > +**SharePoint** > **0.Collection** > **3-SPAA_Exceptions** > **Configure** node and select +**Analysis**. + +**CAUTION:** The analysis tasks are preconfigured for this job. Never modify or deselect the +selected analysis tasks. + +![Analysis Selection](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaaexceptionsanalysis.webp) + +The default analysis tasks are: + +- Open resources – Any site collections, sites, libraries, lists, or folders that are openly + accessible. Can be deselected if open resource information is not desired. + + - This analysis task contains a configurable parameter: `#opengroups` + +- Disabled users – Any site collections, sites, libraries, lists, or folders where disabled users + have been granted access. Can be deselected if disabled user information is not desired. +- Stale users – Any site collections, sites, libraries, lists, or folders where stale users have + been granted access. Stale users are user who have not logged in for more than 120 days. Can be + deselected if stale user information is not desired. +- Unresolved SID – Matches SIDs to .Active Directory Inventory Job Group data to resolve for those + users using legacy SIDS or deleted users. +- Show view – Displays views within the Results node of the Access Analyzer Console. + +### Customizable Analysis Tasks for the 7-SPAA_Exceptions Job + +The default values for customizable parameters are: + +| Analysis Task | Customizable Parameter Name | Default Value | Instruction | +| -------------- | --------------------------- | ------------- | -------------------------------------------------------------------------------------------------------------------------------------- | +| Open resources | #opengroups | Empty | Groups must be entered exactly as they are listed in SA_SPAA_Trustees. Copy and paste the Group name as it appears in the Name Column. | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md index 498bdac045..23a1a93578 100644 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md @@ -4,24 +4,24 @@ The **SharePoint** > **0.Collection** Job Group is designed to collect informati farms using the SPAA Data Collector. The collected data is then available to other SharePoint Solution sub-job groups and the Access Information Center for analysis. -![0.Collection Job Group](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![0.Collection Job Group](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/jobstree.webp) The jobs in the 0.Collection Job Group are: -- [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek-systemscans.md) – Responsible for building the Tier2 SPDLP +- [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek_systemscans.md) – Responsible for building the Tier2 SPDLP database repositories, which contain information regarding sensitive content that exists within SharePoint -- [2-SPAA_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa-systemscans.md) – Collects information on permissions, users, and +- [2-SPAA_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa_systemscans.md) – Collects information on permissions, users, and groups to determine who has access to each structural level in the SharePoint farm -- [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac-systemscans.md) – Collects information on activity, users, and +- [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac_systemscans.md) – Collects information on activity, users, and groups to determine who has performed activity in each structural level in the SharePoint farm -- [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek-bulkimport.md) – Responsible for retrieving the Tier 2 SPDLP +- [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek_bulkimport.md) – Responsible for retrieving the Tier 2 SPDLP database information and importing it to the SQL Server where Access Analyzer stores data -- [5-SPAA_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa-bulkimport.md) – Responsible for retrieving the SPAA Tier 2 +- [5-SPAA_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa_bulkimport.md) – Responsible for retrieving the SPAA Tier 2 Database information and importing it to the Access Analyzer SQL database -- [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac-bulkimport.md) – Responsible for retrieving the SPAC Tier 2 +- [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac_bulkimport.md) – Responsible for retrieving the SPAC Tier 2 Database information and importing it to the Access Analyzer SQL database -- [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md) – Searches scanned data for resources that match +- [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md) – Searches scanned data for resources that match high risk conditions, retrieving a summary of SharePoint exceptions per host Additionally, the jobs in the 0.Collection Job Group are organized into the following collection @@ -69,28 +69,28 @@ information on permissions, users, and groups to determine who has access to eac in the SharePoint farm, on-premises and online, using the SPAA Data Collector. The jobs, tables, and views specifically incorporated into this component are prefaced with `SPAA`. See the SharePointAccess Data Collector -[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/12.0/data-collection/spaa/standard-tables.md) +[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/spaa/standardtables.md) topic for additional information on the data collected. The 0.Collection jobs that comprise this auditing component are: -- [2-SPAA_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa-systemscans.md) – Collects information on permissions, users, and +- [2-SPAA_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa_systemscans.md) – Collects information on permissions, users, and groups to determine who has access to each structural level in the SharePoint farm -- [5-SPAA_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa-bulkimport.md) – Responsible for retrieving the SPAA tier 2 +- [5-SPAA_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa_bulkimport.md) – Responsible for retrieving the SPAA tier 2 database information and import it to the Access Analyzer SQL database -- [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md) – Searches scanned data for resources that match +- [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md) – Searches scanned data for resources that match high risk conditions, retrieving a summary of SharePoint exceptions per host The following job groups and jobs in the SharePoint Solution depend on data collected by these jobs to generate reports: - [1.Direct Permissions Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/overview.md) -- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-openaccess.md) -- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-brokeninheritance.md) +- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_openaccess.md) +- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_brokeninheritance.md) - [4.Content Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/content/overview.md) - [Effective Access Audits Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/overview.md) -- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-probableowner.md) -- [SP_Overview Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-overview.md) +- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_probableowner.md) +- [SP_Overview Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_overview.md) The SharePoint Sensitive Data Discovery Reports in the Access Information Center are also populated by this data. See the SharePoint Reports topics in the @@ -102,11 +102,11 @@ Runtime Details. Workflow -**Step 1 –** Run [2-SPAA_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa-systemscans.md). +**Step 1 –** Run [2-SPAA_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa_systemscans.md). -**Step 2 –** Run [5-SPAA_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa-bulkimport.md). +**Step 2 –** Run [5-SPAA_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa_bulkimport.md). -**Step 3 –** Run [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md). +**Step 3 –** Run [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md). **Step 4 –** Run desired corresponding analysis and reporting sub-job groups. @@ -116,7 +116,7 @@ before continuing with this workflow. **_RECOMMENDED:_** Scope the 0.Collection Job Group to only include the collection components desired by disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. It is not recommended to delete any jobs. See the -[Disable or Enable a Job](/docs/accessanalyzer/12.0/administration/job-management/job/disable-enable.md) topic for additional +[Disable or Enable a Job](/docs/accessanalyzer/12.0/admin/jobs/job/disableenable.md) topic for additional information. ## SharePoint Activity Auditing @@ -125,7 +125,7 @@ Activity Auditing (SPAC) is the component of the 0.Collection Job Group that col activity, users, and groups to determine who has performed activity in each structural level in the SharePoint on-premises farm, or SharePoint online tenant, using the SPAA Data Collector. The jobs and tables specifically incorporated into this component are prefaced with SPAC. See the -[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/12.0/data-collection/spaa/standard-tables.md) +[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/spaa/standardtables.md) topic for additional information on the data collected. The Access Auditing components must be run in order to create the tables in the database for the @@ -137,12 +137,12 @@ Scan and Bulk Import jobs as needed. The 0.Collection jobs that comprise this auditing component are: -- [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac-systemscans.md) – Collects information on activity, users, and +- [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac_systemscans.md) – Collects information on activity, users, and groups to determine who has perform activity in each structural level in the SharePoint farm -- [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac-bulkimport.md) – Responsible for retrieving the SPAC tier 2 +- [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac_bulkimport.md) – Responsible for retrieving the SPAC tier 2 database information and import it to the Access Analyzer SQL data base -The [SP_Overview Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-overview.md) and [7.Activity Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/overview.md) in the +The [SP_Overview Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_overview.md) and [7.Activity Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/overview.md) in the SharePoint Solution uses the data collected by these jobs to generate reports. The SharePoint Activity Reports in the Access Information Center are also populated by this data. @@ -152,15 +152,15 @@ for additional information. Recommended Workflow 1 (for Access & Activity Auditing) -**Step 1 –** Run [2-SPAA_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa-systemscans.md). +**Step 1 –** Run [2-SPAA_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/2-spaa_systemscans.md). -**Step 2 –** Run [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac-systemscans.md). +**Step 2 –** Run [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac_systemscans.md). -**Step 3 –** Run [5-SPAA_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa-bulkimport.md). +**Step 3 –** Run [5-SPAA_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/5-spaa_bulkimport.md). -**Step 4 –** Run [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac-bulkimport.md). +**Step 4 –** Run [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac_bulkimport.md). -**Step 5 –** Run [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md). +**Step 5 –** Run [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md). **Step 6 –** Run desired corresponding analysis and reporting sub-job groups. @@ -174,15 +174,15 @@ Recommended Workflow 2 (for Access, Sensitive Data Discovery & Activity Auditing 1-SPAA_SystemScan and 2-SPAA_BulkImport jobs and run the 0.Collection Job Group because the remaining jobs are in the wrong order. Renaming the jobs is not an option. -**Step 1 –** Run [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek-systemscans.md). +**Step 1 –** Run [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek_systemscans.md). -**Step 2 –** Run [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac-systemscans.md). +**Step 2 –** Run [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac_systemscans.md). -**Step 3 –** Run [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek-bulkimport.md). +**Step 3 –** Run [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek_bulkimport.md). -**Step 4 –** Run [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac-bulkimport.md). +**Step 4 –** Run [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac_bulkimport.md). -**Step 5 –** Run [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md). +**Step 5 –** Run [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md). **Step 6 –** Run desired corresponding analysis and reporting sub-job groups. @@ -192,9 +192,9 @@ concurrently with the SPAC Scans and the Bulk Import jobs as desired. Optional Workflow (for Activity Auditing Only) -**Step 1 –** Run [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac-systemscans.md). +**Step 1 –** Run [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac_systemscans.md). -**Step 2 –** Run [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac-bulkimport.md). +**Step 2 –** Run [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac_bulkimport.md). **Step 3 –** Run desired corresponding analysis and reporting sub-job groups. @@ -204,7 +204,7 @@ topic before continuing with this workflow. **_RECOMMENDED:_** Scope the 0.Collection Job Group to only include the collection components desired by disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. It is not recommended to delete any jobs. See the -[Disable or Enable a Job](/docs/accessanalyzer/12.0/administration/job-management/job/disable-enable.md) topic for additional +[Disable or Enable a Job](/docs/accessanalyzer/12.0/admin/jobs/job/disableenable.md) topic for additional information. ## SharePoint Sensitive Data Discovery Auditing (SEEK) @@ -214,36 +214,36 @@ searches file content for sensitive data. It also collects information on permis groups to determine who has access to each structural level in the SharePoint farm, on-premises and online, using the SPAA Data Collector. The jobs for this component are prefaced with `SPSEEK`. The tables and views are prefaced with `SPDLP`. See the -[SharePoint Sensitive Data Discovery Auditing Tables & Views](/docs/accessanalyzer/12.0/data-collection/spaa/standard-tables.md) +[SharePoint Sensitive Data Discovery Auditing Tables & Views](/docs/accessanalyzer/12.0/admin/datacollector/spaa/standardtables.md) topic for additional information on the data collected. Customized search criteria can be created with the Criteria Editor accessible through the -[SPAA: Select DLP Criteria](/docs/accessanalyzer/12.0/data-collection/spaa/select-dlp-criteria.md) page of the +[SPAA: Select DLP Criteria](/docs/accessanalyzer/12.0/admin/datacollector/spaa/selectdlpcriteria.md) page of the SharePoint Access Auditor Data Collector Wizard. See the -[Sensitive Data](/docs/accessanalyzer/12.0/administration/settings/sensitive-data/overview.md) topic for additional +[Sensitive Data](/docs/accessanalyzer/12.0/admin/settings/sensitivedata/overview.md) topic for additional information. The 0.Collection jobs that comprise this auditing component are: -- [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek-systemscans.md) – Responsible for building the Tier2 SPDLP +- [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek_systemscans.md) – Responsible for building the Tier2 SPDLP database repositories, which contain information regarding sensitive content that exists within SharePoint -- [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek-bulkimport.md) – Responsible for retrieving the Tier 2 SPDLP +- [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek_bulkimport.md) – Responsible for retrieving the Tier 2 SPDLP database information and importing it to the SQL Server where Access Analyzer stores data -- [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md) – Searches scanned data for resources that match +- [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md) – Searches scanned data for resources that match high risk conditions, retrieving a summary of SharePoint exceptions per host The following job groups and jobs in the SharePoint Solution depend on data collected by these jobs to generate reports: - [1.Direct Permissions Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/overview.md) -- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-openaccess.md) -- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-brokeninheritance.md) +- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_openaccess.md) +- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_brokeninheritance.md) - [4.Content Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/content/overview.md) - [Effective Access Audits Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/overview.md) -- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-probableowner.md) -- [6.Sensitive Data > SP_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-sensitivedata.md) -- [SP_Overview Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-overview.md) +- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_probableowner.md) +- [6.Sensitive Data > SP_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_sensitivedata.md) +- [SP_Overview Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_overview.md) The SharePoint Sensitive Data Discovery Reports in the Access Information Center are also populated by this data. See the @@ -252,11 +252,11 @@ for additional information. Recommended Workflow 1 (for Access & Sensitive Data Discovery Auditing) -**Step 1 –** Run [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek-systemscans.md). +**Step 1 –** Run [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek_systemscans.md). -**Step 2 –** Run [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek-bulkimport.md). +**Step 2 –** Run [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek_bulkimport.md). -**Step 3 –** Run [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md). +**Step 3 –** Run [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md). **Step 4 –** Run desired corresponding analysis and reporting sub-job groups. @@ -266,15 +266,15 @@ Recommended Workflow 2 (for Access, Sensitive Data Discovery & Activity Auditing 2-SPAA_SystemScan and 5-SPAA_BulkImport jobs and run the 0.Collection Job Group because the remaining jobs are in the wrong order. Renaming the jobs is not an option. -**Step 1 –** Run [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek-systemscans.md). +**Step 1 –** Run [1-SPSEEK_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/1-spseek_systemscans.md). -**Step 2 –** Run [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac-systemscans.md). +**Step 2 –** Run [3-SPAC_SystemScans Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/3-spac_systemscans.md). -**Step 3 –** Run [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek-bulkimport.md). +**Step 3 –** Run [4-SPSEEK_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/4-spseek_bulkimport.md). -**Step 4 –** Run [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac-bulkimport.md). +**Step 4 –** Run [6-SPAC_BulkImport Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/6-spac_bulkimport.md). -**Step 5 –** Run [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa-exceptions.md). +**Step 5 –** Run [7-SPAA_Exceptions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/7-spaa_exceptions.md). **Step 6 –** Run desired corresponding analysis and reporting sub-job groups. @@ -288,5 +288,5 @@ topic before continuing with this workflow. **_RECOMMENDED:_** Scope the 0.Collection Job Group to only include the collection components desired by disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. It is not recommended to delete any jobs. See the -[Disable or Enable a Job](/docs/accessanalyzer/12.0/administration/job-management/job/disable-enable.md) topic for additional +[Disable or Enable a Job](/docs/accessanalyzer/12.0/admin/jobs/job/disableenable.md) topic for additional information. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/content/overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/content/overview.md index c695962f62..cba73c21bb 100644 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/content/overview.md +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/content/overview.md @@ -6,15 +6,15 @@ space, the content that has not been accessed for extended periods of time, and describing SharePoint content and the configuration of the repositories such as lists and libraries which store that content. -![4.Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/sharepoint/content/contentjobstree.webp) +![4.Content Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/content/contentjobstree.webp) The 4.Content Job Group is comprised of: -- [SP_LargestFiles Job](/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp-largestfiles.md) – Identifies the largest files across SharePoint farms. +- [SP_LargestFiles Job](/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp_largestfiles.md) – Identifies the largest files across SharePoint farms. Changes to a document or its metadata create new versions that result in added storage. It is therefore important to manage file size and control versioning. Report includes file names, URLs, total file size, versions, and version size, along with file owner and file editor information. -- [SP_StaleFiles Job](/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp-stalefiles.md) – Identifies files that have been modified in at least a +- [SP_StaleFiles Job](/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp_stalefiles.md) – Identifies files that have been modified in at least a year across SharePoint farms. This aids administrators and users in cleaning up or archiving old and unchanged files to help maintain a clean and healthy SharePoint environment. Report includes files, their last modified time, total file size, versions and version size, along with file owner diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp-largestfiles.md b/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp-largestfiles.md deleted file mode 100644 index 1e7c9c699b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp-largestfiles.md +++ /dev/null @@ -1,28 +0,0 @@ -# SP_LargestFiles Job - -The SP_LargestFiles Job identifies the largest files across SharePoint farms. Changes to a document -or its metadata create new versions that result in added storage. It is therefore important to -manage file size and control versioning. Report includes file names, URLs, total file size, -versions, and version size, along with file owner and file editor information. - -## Analysis Tasks for the SP_LargestFiles Job - -Navigate to the **Jobs** > **SharePoint** > **4.Content** > **SP_LargestFiles** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_LargestFiles Job](/img/product_docs/accessanalyzer/solutions/sharepoint/content/largestfilesanalysis.webp) - -The default analysis task is: - -- Identify Large Files – Creates the SA_SP_LargestFiles_Details table accessible under the job’s - Results node - -In addition to the table created by the analysis task which displays the largest file resources, the -SP_LargestFiles Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Largest Files | This report identifies where the largest files, including versions, are stored. | None | This report is comprised of three elements: - Bar Chart – Displays largest files - Table – Provides a summary of the largest sites - Table – Provides details on largest files | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp-stalefiles.md b/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp-stalefiles.md deleted file mode 100644 index 5fd7fa6c26..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp-stalefiles.md +++ /dev/null @@ -1,56 +0,0 @@ -# SP_StaleFiles Job - -The SP_StaleFiles Job identifies files that have not been modified in at least a year across -SharePoint farms. This aids administrators and users in cleaning up or archiving old and unchanged -files to help maintain a clean and healthy SharePoint environment. Report includes files, their last -modified time, total file size, versions and version size, along with file owner and file editor -information. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The SP_StaleFiles page has the following configurable parameters: - -- Days since last modification to be considered stale - -See the -[Customizable Analysis Tasks for the SP_StaleFiles Job](#customizable-analysis-tasks-for-the-sp_stalefiles-job) -for additional information. - -## Analysis Tasks for the SP_StaleFiles Job - -Navigate to the **Jobs** > **SharePoint** > **4.Content** > **SP_StaleFiles** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. Only the `@stale` parameter can be configured for the analysis task. - -![Analysis Tasks for the SP_StaleFiles Job](/img/product_docs/accessanalyzer/solutions/sharepoint/content/stalefilesanalysis.webp) - -The default analysis task is: - -- Stale File Details – Creates the SA_SP_StaleFiles_Details table accessible under the job’s Results - node - - - This analysis task contains a configurable parameter: `@stale`. See the - [Customizable Analysis Tasks for the SP_StaleFiles Job](#customizable-analysis-tasks-for-the-sp_stalefiles-job) - topic for additional information. - -In addition to the table created by the analysis task which displays the stale file resources, the -SP_StaleFiles Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | -------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Files | This report identifies the files which have not been modified in the longest amount of time. | Stale Data | This report is comprised of three elements: - Bar Chart – Provides a comparison of stale vs active content - Bar Chart – Displays top 5 Sites by Stale Data (GB) - Table – Provides details on stale files | - -### Customizable Analysis Tasks for the SP_StaleFiles Job - -The default values for customizable parameters are: - -| Analysis Task | Customizable Parameter Name | Default Value | Instruction | -| ------------------ | --------------------------- | ------------- | ------------------------------------------------------------------------ | -| Stale File Details | @stale | 365 | Determines days since last modification that files are considered stale. | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp_largestfiles.md b/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp_largestfiles.md new file mode 100644 index 0000000000..9d77e4ab78 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp_largestfiles.md @@ -0,0 +1,28 @@ +# SP_LargestFiles Job + +The SP_LargestFiles Job identifies the largest files across SharePoint farms. Changes to a document +or its metadata create new versions that result in added storage. It is therefore important to +manage file size and control versioning. Report includes file names, URLs, total file size, +versions, and version size, along with file owner and file editor information. + +## Analysis Tasks for the SP_LargestFiles Job + +Navigate to the **Jobs** > **SharePoint** > **4.Content** > **SP_LargestFiles** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_LargestFiles Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/content/largestfilesanalysis.webp) + +The default analysis task is: + +- Identify Large Files – Creates the SA_SP_LargestFiles_Details table accessible under the job’s + Results node + +In addition to the table created by the analysis task which displays the largest file resources, the +SP_LargestFiles Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------- | ------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Largest Files | This report identifies where the largest files, including versions, are stored. | None | This report is comprised of three elements: - Bar Chart – Displays largest files - Table – Provides a summary of the largest sites - Table – Provides details on largest files | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp_stalefiles.md b/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp_stalefiles.md new file mode 100644 index 0000000000..7612b8c8fc --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/content/sp_stalefiles.md @@ -0,0 +1,56 @@ +# SP_StaleFiles Job + +The SP_StaleFiles Job identifies files that have not been modified in at least a year across +SharePoint farms. This aids administrators and users in cleaning up or archiving old and unchanged +files to help maintain a clean and healthy SharePoint environment. Report includes files, their last +modified time, total file size, versions and version size, along with file owner and file editor +information. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The SP_StaleFiles page has the following configurable parameters: + +- Days since last modification to be considered stale + +See the +[Customizable Analysis Tasks for the SP_StaleFiles Job](#customizable-analysis-tasks-for-the-sp_stalefiles-job) +for additional information. + +## Analysis Tasks for the SP_StaleFiles Job + +Navigate to the **Jobs** > **SharePoint** > **4.Content** > **SP_StaleFiles** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. Only the `@stale` parameter can be configured for the analysis task. + +![Analysis Tasks for the SP_StaleFiles Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/content/stalefilesanalysis.webp) + +The default analysis task is: + +- Stale File Details – Creates the SA_SP_StaleFiles_Details table accessible under the job’s Results + node + + - This analysis task contains a configurable parameter: `@stale`. See the + [Customizable Analysis Tasks for the SP_StaleFiles Job](#customizable-analysis-tasks-for-the-sp_stalefiles-job) + topic for additional information. + +In addition to the table created by the analysis task which displays the stale file resources, the +SP_StaleFiles Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | -------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Files | This report identifies the files which have not been modified in the longest amount of time. | Stale Data | This report is comprised of three elements: - Bar Chart – Provides a comparison of stale vs active content - Bar Chart – Displays top 5 Sites by Stale Data (GB) - Table – Provides details on stale files | + +### Customizable Analysis Tasks for the SP_StaleFiles Job + +The default values for customizable parameters are: + +| Analysis Task | Customizable Parameter Name | Default Value | Instruction | +| ------------------ | --------------------------- | ------------- | ------------------------------------------------------------------------ | +| Stale File Details | @stale | 365 | Determines days since last modification that files are considered stale. | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/overview.md index 84605c9828..de13b040b9 100644 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/overview.md +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/overview.md @@ -8,25 +8,25 @@ or components of the [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md). The jobs which comprise the 1.Direct Permissions Job Group process analysis tasks and generate reports. -![1.Direct Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![1.Direct Permissions Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/jobstree.webp) The 1.Direct Permissions Job Group is comprised of: -- [SP_DomainUsers Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-domainusers.md) – Identifies locations where there are domain users +- [SP_DomainUsers Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_domainusers.md) – Identifies locations where there are domain users directly applied on permissions. Best practices dictate that groups should be used to provide access to resources. -- [SP_EmptyDomainGroupPerms Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-emptydomaingroupperms.md) – Identifies empty security groups +- [SP_EmptyDomainGroupPerms Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_emptydomaingroupperms.md) – Identifies empty security groups with directly assigned permissions to resources, these groups should be deleted from SharePoint farms, where found. Inadvertent changes to group membership may open up unwanted access. -- [SP_HighRiskPermissions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-highriskpermissions.md) – Identifies where Authenticated Users, +- [SP_HighRiskPermissions Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_highriskpermissions.md) – Identifies where Authenticated Users, Everyone Except External Users, Anonymous Logon, or Domain users have been directly assigned permissions -- [SP_SiteCollectionPerms Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-sitecollectionperms.md) – Most content will inherit the +- [SP_SiteCollectionPerms Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_sitecollectionperms.md) – Most content will inherit the permissions configured at the root of the site collection. Having an understanding of how those permissions are assigned is useful for gaining perspective on the overall SharePoint permission configuration. -- [SP_StaleUsers Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-staleusers.md) – Identifies locations where there are stale users directly +- [SP_StaleUsers Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_staleusers.md) – Identifies locations where there are stale users directly applied on SharePoint resources. These permissions can be safely removed. -- [SP_UnresolvedSIDs Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-unresolvedsids.md) – Identifies Unresolved SIDs that have permissions +- [SP_UnresolvedSIDs Job](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_unresolvedsids.md) – Identifies Unresolved SIDs that have permissions to any SharePoint resources. Unresolved SIDs can be safely cleaned up without affecting user access. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-domainusers.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-domainusers.md deleted file mode 100644 index e7891423ec..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-domainusers.md +++ /dev/null @@ -1,30 +0,0 @@ -# SP_DomainUsers Job - -The SP_DomainUsers Job identifies locations where there are domain users directly applied on -permissions. Best practices dictate that groups should be used to provide access to resources. - -## Analysis Tasks for the SP_DomainUsers Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_DomainUsers** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_DomainUsers Job](/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/domainusersanalysis.webp) - -The default analysis tasks are: - -- 1. Direct Permissions. Shows All Direct User Permissions – Creates the - SA_SP_DomainUsers_DirectPermissions table accessible under the job’s Results node -- 2. Rank Resources by Number of Directly Applied Users – Creates an interim processing table in - the database for use by downstream analysis and report generation -- 3. Rank Domain Users by Number of Direct Assignments – Creates an interim processing table in - the database for use by downstream analysis and report generation - -In addition to the table created by the analysis task which displays all direct user permissions, -the SP_DomainUsers Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Domain User Permissions | This report identifies locations where there are domain users directly applied on permissions. Best practices dictate that groups should be used to provide access to resources. | None | This report is comprised of three elements: - Bar chart – Displays the top 5 resources by directly applied users - Table – Provides details on directly applied users by resource - Table – Provides details on direct permission counts by user | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-emptydomaingroupperms.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-emptydomaingroupperms.md deleted file mode 100644 index 497cb3f3d8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-emptydomaingroupperms.md +++ /dev/null @@ -1,31 +0,0 @@ -# SP_EmptyDomainGroupPerms Job - -The SP_EmptyDomainGroupPerms Job identifies empty security groups with directly assigned permissions -to resources, these groups should be deleted from SharePoint farms, where found. Inadvertent changes -to group membership may open up unwanted access. - -## Analysis Tasks for the SP_EmptyDomainGroupPerms Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > -**SP_EmptyDomainGroupPerms** > **Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_EmptyDomainGroupPerms Job](/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp) - -The default analysis tasks are: - -- 1. Find Empty Group Permission – Creates the SA_SP_EmptyDomainGroupPerms_DirectPermissions table - accessible under the job’s Results node -- 2. Find Affected Resource Count per Group – Creates the - SA_SP_EmptyDomainGroupPerms_ResourceCount table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display direct permissions and -resource counts for empty groups, the SP_EmptyDomainGroupPerms Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Empty Domain Group Permissions | This report identifies empty security groups with directly assigned permissions to resources. These groups add no access, and should be deleted from SharePoint farms, where found. Inadvertent changes to group membership may open up unwanted access. | None | This report is comprised of three elements: - Bar chart – Displays the top 5 groups by affected resources - Table – Provides details on permissions - Table – Provides details on top groups by affected resources | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-highriskpermissions.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-highriskpermissions.md deleted file mode 100644 index 34d43304f5..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-highriskpermissions.md +++ /dev/null @@ -1,34 +0,0 @@ -# SP_HighRiskPermissions Job - -The SP_HighRiskPermissions Job identifies where Authenticated Users, Everyone Except External Users, -Anonymous Logon, or Domain users have been directly assigned permissions - -## Analysis Tasks for the SP_HighRiskPermissions Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_HighRiskPermissions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_HighRiskPermissions Job](/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp) - -The default analysis tasks are: - -- 1. Detailed View – Creates the SA_SP_HighRiskPermissions_Details table accessible under the - job’s Results node -- 2. Permissions Matrix. Resource counts by Permission Level and Trustee – Creates the - SA_SP_HighRiskPermissions_Details table (SP_HighRiskPermissions_Matrix) accessible under the - job’s Results node -- 3.Open Manage Rights – Creates the SA_SP_HighRiskPermissions_ManageRights table accessible under - the job’s Results node -- 4. Pivot Permissions by Resource Type – Creates the - SA_SP_HighRiskPermissions_SiteCollectionSummary table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display information on open resources -from directly applied permissions, the SP_HighRiskPermissions Job produces the following -pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| High Risk Permissions | This report shows permissions of Authenticated Users, Anonymous Logon, or Domain users. Applying these trustees to permissions may inadvertently open security holes. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays Open Resources - Table – Provides details on resource counts by permissions and high risk trustees - Table – Provides details top resources with open manage rights | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-sitecollectionperms.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-sitecollectionperms.md deleted file mode 100644 index daedf85191..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-sitecollectionperms.md +++ /dev/null @@ -1,35 +0,0 @@ -# SP_SiteCollectionPerms Job - -Most content will inherit the permissions configured at the root of the site collection. Having an -understanding of how those permissions are assigned is useful for gaining perspective on the overall -SharePoint permission configuration. - -## Analysis Tasks for the SP_SiteCollectionPerms Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_SiteCollectionPerms** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_SiteCollectionPerms Job](/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp) - -They need to remain in the default order: - -- 1. Site Collection Direct Permissions - - - Creates the SA_SP_SiteCollectionPerms_DirectPerms table accessible under the job’s Results - node - - Creates an interim processing table in the database for use by downstream analysis and report - generation - -- 2. Site Collection Details – Creates the SA_SP_SiteCollectionPerms_Details table accessible - under the job’s Results node - -In addition to the tables created by the analysis tasks which display direct permissions at the root -of the site collections, the SP_SiteCollectionPerms Job produces the following pre-configured -report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Direct Site Collection Permissions | Most content will inherit the permissions configured at the root of the site collection. Having an understanding of how those permissions are assigned is useful for gaining perspective on the overall SharePoint permission configuration. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 site collections by direct permissions - Table – Provides details on site collections by direct permissions breakdown | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-staleusers.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-staleusers.md deleted file mode 100644 index 849d928491..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-staleusers.md +++ /dev/null @@ -1,31 +0,0 @@ -# SP_StaleUsers Job - -A stale user is defined as either currently disabled within Active Directory, or has not logged onto -the domain for over 90 days. This job will identify locations where there are stale users directly -applied on SharePoint resources. These permissions can be safely removed. - -## Analysis Tasks for the SP_StaleUsers Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_StaleUsers** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_StaleUsers Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp) - -The default analysis tasks are: - -- 1. Direct Permissions. Shows all Direct User Permissions – Creates the - SA_SP_StaleUsers_DirectPermissions table accessible under the job’s Results node -- 2. Rank Resources by Number of Stale Users – Creates the SA_SP_StaleUsers_ResourcePermCounts - table accessible under the job’s Results node -- 3. Rank Domain Users by Number of Direct Assignments – Creates the - SA_SP_StaleUsers_UserPermCount table accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display direct permissions for stale -users, the SP_StaleUsers Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale User Permissions | A stale user is defined as either currently disabled within Active Directory, or has not logged onto the domain for over 90 days. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 users by affected resources - Table – Provides details on top resource by stale user permissions - Table – Provides details on top stale users by affected resources | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-unresolvedsids.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-unresolvedsids.md deleted file mode 100644 index 712d84af37..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp-unresolvedsids.md +++ /dev/null @@ -1,32 +0,0 @@ -# SP_UnresolvedSIDs Job - -This job identifies Unresolved SIDs that have permissions to any SharePoint resources. Unresolved -SIDs can be safely cleaned up without affecting user access. - -## Analysis Tasks for the SP_UnresolvedSIDs Job - -Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_UnresolvedSIDs** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_UnresolvedSIDs Job](/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp) - -They need to remain in the default order: - -- 1. Create Function – Creates an interim processing table in the database for use by downstream - analysis and report generation -- 2. Find Unresolved SID ACLs – Creates the SA_SP_UnresolvedSIDs_DirectPermissions table - accessible under the job’s Results node -- 3. Find Affected Resource Count per SID – Creates the SA_SP_UnresolvedSIDs_ResourceCount table - accessible under the job’s Results node -- 4. Rank Resources by SID Count – Creates the SA_SP_UnresolvedSIDs_DirectPermissions table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display direct permissions for -unresolved SIDs, the SP_UnresolvedSIDs Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Unresolved SID Permissions | Unresolved SIDs can be safely cleaned up without affecting user access. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 unresolved SIDs by affected resources - Table – Provides details on resources with unresolved SIDs applied - Table – Provides details on unresolved SIDs by affected resources | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_domainusers.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_domainusers.md new file mode 100644 index 0000000000..b0567a3686 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_domainusers.md @@ -0,0 +1,30 @@ +# SP_DomainUsers Job + +The SP_DomainUsers Job identifies locations where there are domain users directly applied on +permissions. Best practices dictate that groups should be used to provide access to resources. + +## Analysis Tasks for the SP_DomainUsers Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_DomainUsers** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_DomainUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/domainusersanalysis.webp) + +The default analysis tasks are: + +- 1. Direct Permissions. Shows All Direct User Permissions – Creates the + SA_SP_DomainUsers_DirectPermissions table accessible under the job’s Results node +- 2. Rank Resources by Number of Directly Applied Users – Creates an interim processing table in + the database for use by downstream analysis and report generation +- 3. Rank Domain Users by Number of Direct Assignments – Creates an interim processing table in + the database for use by downstream analysis and report generation + +In addition to the table created by the analysis task which displays all direct user permissions, +the SP_DomainUsers Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Domain User Permissions | This report identifies locations where there are domain users directly applied on permissions. Best practices dictate that groups should be used to provide access to resources. | None | This report is comprised of three elements: - Bar chart – Displays the top 5 resources by directly applied users - Table – Provides details on directly applied users by resource - Table – Provides details on direct permission counts by user | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_emptydomaingroupperms.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_emptydomaingroupperms.md new file mode 100644 index 0000000000..d98ba001d1 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_emptydomaingroupperms.md @@ -0,0 +1,31 @@ +# SP_EmptyDomainGroupPerms Job + +The SP_EmptyDomainGroupPerms Job identifies empty security groups with directly assigned permissions +to resources, these groups should be deleted from SharePoint farms, where found. Inadvertent changes +to group membership may open up unwanted access. + +## Analysis Tasks for the SP_EmptyDomainGroupPerms Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > +**SP_EmptyDomainGroupPerms** > **Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_EmptyDomainGroupPerms Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp) + +The default analysis tasks are: + +- 1. Find Empty Group Permission – Creates the SA_SP_EmptyDomainGroupPerms_DirectPermissions table + accessible under the job’s Results node +- 2. Find Affected Resource Count per Group – Creates the + SA_SP_EmptyDomainGroupPerms_ResourceCount table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display direct permissions and +resource counts for empty groups, the SP_EmptyDomainGroupPerms Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Empty Domain Group Permissions | This report identifies empty security groups with directly assigned permissions to resources. These groups add no access, and should be deleted from SharePoint farms, where found. Inadvertent changes to group membership may open up unwanted access. | None | This report is comprised of three elements: - Bar chart – Displays the top 5 groups by affected resources - Table – Provides details on permissions - Table – Provides details on top groups by affected resources | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_highriskpermissions.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_highriskpermissions.md new file mode 100644 index 0000000000..46c2db4734 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_highriskpermissions.md @@ -0,0 +1,34 @@ +# SP_HighRiskPermissions Job + +The SP_HighRiskPermissions Job identifies where Authenticated Users, Everyone Except External Users, +Anonymous Logon, or Domain users have been directly assigned permissions + +## Analysis Tasks for the SP_HighRiskPermissions Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_HighRiskPermissions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_HighRiskPermissions Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp) + +The default analysis tasks are: + +- 1. Detailed View – Creates the SA_SP_HighRiskPermissions_Details table accessible under the + job’s Results node +- 2. Permissions Matrix. Resource counts by Permission Level and Trustee – Creates the + SA_SP_HighRiskPermissions_Details table (SP_HighRiskPermissions_Matrix) accessible under the + job’s Results node +- 3.Open Manage Rights – Creates the SA_SP_HighRiskPermissions_ManageRights table accessible under + the job’s Results node +- 4. Pivot Permissions by Resource Type – Creates the + SA_SP_HighRiskPermissions_SiteCollectionSummary table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display information on open resources +from directly applied permissions, the SP_HighRiskPermissions Job produces the following +pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| High Risk Permissions | This report shows permissions of Authenticated Users, Anonymous Logon, or Domain users. Applying these trustees to permissions may inadvertently open security holes. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays Open Resources - Table – Provides details on resource counts by permissions and high risk trustees - Table – Provides details top resources with open manage rights | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_sitecollectionperms.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_sitecollectionperms.md new file mode 100644 index 0000000000..ca295753e3 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_sitecollectionperms.md @@ -0,0 +1,35 @@ +# SP_SiteCollectionPerms Job + +Most content will inherit the permissions configured at the root of the site collection. Having an +understanding of how those permissions are assigned is useful for gaining perspective on the overall +SharePoint permission configuration. + +## Analysis Tasks for the SP_SiteCollectionPerms Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_SiteCollectionPerms** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_SiteCollectionPerms Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp) + +They need to remain in the default order: + +- 1. Site Collection Direct Permissions + + - Creates the SA_SP_SiteCollectionPerms_DirectPerms table accessible under the job’s Results + node + - Creates an interim processing table in the database for use by downstream analysis and report + generation + +- 2. Site Collection Details – Creates the SA_SP_SiteCollectionPerms_Details table accessible + under the job’s Results node + +In addition to the tables created by the analysis tasks which display direct permissions at the root +of the site collections, the SP_SiteCollectionPerms Job produces the following pre-configured +report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Direct Site Collection Permissions | Most content will inherit the permissions configured at the root of the site collection. Having an understanding of how those permissions are assigned is useful for gaining perspective on the overall SharePoint permission configuration. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 site collections by direct permissions - Table – Provides details on site collections by direct permissions breakdown | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_staleusers.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_staleusers.md new file mode 100644 index 0000000000..e037381087 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_staleusers.md @@ -0,0 +1,31 @@ +# SP_StaleUsers Job + +A stale user is defined as either currently disabled within Active Directory, or has not logged onto +the domain for over 90 days. This job will identify locations where there are stale users directly +applied on SharePoint resources. These permissions can be safely removed. + +## Analysis Tasks for the SP_StaleUsers Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_StaleUsers** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_StaleUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/staleusersanalysis.webp) + +The default analysis tasks are: + +- 1. Direct Permissions. Shows all Direct User Permissions – Creates the + SA_SP_StaleUsers_DirectPermissions table accessible under the job’s Results node +- 2. Rank Resources by Number of Stale Users – Creates the SA_SP_StaleUsers_ResourcePermCounts + table accessible under the job’s Results node +- 3. Rank Domain Users by Number of Direct Assignments – Creates the + SA_SP_StaleUsers_UserPermCount table accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display direct permissions for stale +users, the SP_StaleUsers Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale User Permissions | A stale user is defined as either currently disabled within Active Directory, or has not logged onto the domain for over 90 days. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 users by affected resources - Table – Provides details on top resource by stale user permissions - Table – Provides details on top stale users by affected resources | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_unresolvedsids.md b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_unresolvedsids.md new file mode 100644 index 0000000000..41f5244d94 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sp_unresolvedsids.md @@ -0,0 +1,32 @@ +# SP_UnresolvedSIDs Job + +This job identifies Unresolved SIDs that have permissions to any SharePoint resources. Unresolved +SIDs can be safely cleaned up without affecting user access. + +## Analysis Tasks for the SP_UnresolvedSIDs Job + +Navigate to the **Jobs** > **SharePoint** > **1.Direct Permissions** > **SP_UnresolvedSIDs** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_UnresolvedSIDs Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/unresolvedsidsanalysis.webp) + +They need to remain in the default order: + +- 1. Create Function – Creates an interim processing table in the database for use by downstream + analysis and report generation +- 2. Find Unresolved SID ACLs – Creates the SA_SP_UnresolvedSIDs_DirectPermissions table + accessible under the job’s Results node +- 3. Find Affected Resource Count per SID – Creates the SA_SP_UnresolvedSIDs_ResourceCount table + accessible under the job’s Results node +- 4. Rank Resources by SID Count – Creates the SA_SP_UnresolvedSIDs_DirectPermissions table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display direct permissions for +unresolved SIDs, the SP_UnresolvedSIDs Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Unresolved SID Permissions | Unresolved SIDs can be safely cleaned up without affecting user access. | None | This report is comprised of three elements: - Bar Chart – Displays top 5 unresolved SIDs by affected resources - Table – Provides details on resources with unresolved SIDs applied - Table – Provides details on unresolved SIDs by affected resources | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/overview.md index f141d528aa..1ac89ec331 100644 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/overview.md +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/overview.md @@ -3,15 +3,15 @@ This group returns reports identifying specific trustees’ effective access across the entire SharePoint environment. -![Effective Access Audits Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Effective Access Audits Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/jobstree.webp) The Effective Access Audits Job Group is comprised of: -- [Scoping > SP_TrusteeAccess Job](/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp-trusteeaccess.md) – Scopes a list of users to audit their +- [Scoping > SP_TrusteeAccess Job](/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaccess.md) – Scopes a list of users to audit their access across the SharePoint environment. This can also be accomplished by looking users up in the Access Information Center. However, it is recommended to use this job in scenarios where a report on multiple users’ effective access at once needs to be generated. -- [SP_TrusteeAudit Job](/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp-trusteeaudit.md) – Provides functionality similar to the Access +- [SP_TrusteeAudit Job](/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaudit.md) – Provides functionality similar to the Access Information Center by allowing scoped audits of users’ access across the environment For the SP_TrusteeAccess Job, the host list is set to Local host at the Scoping Job Group level. The diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp-trusteeaccess.md b/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp-trusteeaccess.md deleted file mode 100644 index e44b11619f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp-trusteeaccess.md +++ /dev/null @@ -1,49 +0,0 @@ -# Scoping > SP_TrusteeAccess Job - -The SP_TrusteeAccess job allows you to scope a list of users to audit their access across the -SharePoint environment. You can also accomplish this by looking users up in the Access Information -Center, however you want to utilize this job in scenarios where you want to generate a report on -multiple users’ effective access at once. - -**NOTE:** Trustees can be specified in the `UserScoping.csv` file for the SP_TrusteeAccess Job. See -the -[Configure CSV File for the Query for the SP_TrusteeAccess Job](#configure-csv-file-for-the-query-for-the-sp_trusteeaccess-job) -topic for additional information. - -![Scoping > SP_TrusteeAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp) - -The SP_TrusteeAccess job is located in the Scoping Job Group. - -## Queries for the SP_TrusteeAccess Job - -The SP_TrusteeAccess Job uses the TextSearch Data Collector for the following query: - -![Queries for the SP_TrusteeAccess Job](/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp) - -The default query is: - -- Scoping – Modifies the CSV in the Job Directory. See the - [Configure CSV File for the Query for the SP_TrusteeAccess Job](#configure-csv-file-for-the-query-for-the-sp_trusteeaccess-job) - topic for additional information. - -### Configure CSV File for the Query for the SP_TrusteeAccess Job - -Follow the steps to specify trustees in the `UserScoping.csv` file. - -**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **Effective Access Audits** > **Scoping** > -**SP_TrusteeAccess** Job and right-click on the job. Select **Explore Folder** and the job’s -directory opens. - -![UserScoping.csv in the SP_TrusteeAccess Job folder in File Explorer](/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp) - -**Step 2 –** Open the `UserScoping.csv` file with a text editor, for example Notepad. - -![UserScoping.csv file in Notepad](/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp) - -**Step 3 –** Enter the trustees using a `Domain\UserName` format. Enter one trustee per row. - -**Step 4 –** Save and close the file. - -The SP_TrusteeAccess Job is now ready to import this list of trustees to scope the Effective Access -Audits Job Group. After job execution, the list of specified trustees will populate the Scope table -accessible under the job’s Results node. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp-trusteeaudit.md b/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp-trusteeaudit.md deleted file mode 100644 index 206a48d4ca..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp-trusteeaudit.md +++ /dev/null @@ -1,31 +0,0 @@ -# SP_TrusteeAudit Job - -The SP_TrusteeAudit Job runs analysis tasks and generates a report on effective access of specified -trustees. This job provides functionality similar to the Access Information Center by allowing -scoped audits of user access across the targeted SharePoint environment. - -## Analysis Tasks for the SP_TrusteeAudit Job - -Navigate to the **Jobs** > **SharePoint** > **Effective Access Audits** > **SP_TrusteeAudit** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_TrusteeAudit Job](/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp) - -The default analysis tasks are: - -- 1. Find Effective Access. Returns Only Site Collections – Creates the SA_SP_TrusteeAudit_Results - table accessible under the job’s Results node -- 2. Find Direct Permissions. Unscoped - All Resource Types – Creates the - SA_SP_TrusteeAudit_DirectPermissions table accessible under the job’s Results node -- 3. Summarize Access – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the tables created by the analysis tasks which display effective access for the -specified trustees, the SP_TrusteeAudit Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Site Collection Access | This report shows what site collections a domain user has effective and direct access to. Audited users are scoped in the SP_TrusteeAccess job. | None | This report is comprised of three elements: - Table – Provides user summary details - Table – Provides details on site collections with effective access - Table – Provides details on direct permissions | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaccess.md b/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaccess.md new file mode 100644 index 0000000000..aafe0ee513 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaccess.md @@ -0,0 +1,49 @@ +# Scoping > SP_TrusteeAccess Job + +The SP_TrusteeAccess job allows you to scope a list of users to audit their access across the +SharePoint environment. You can also accomplish this by looking users up in the Access Information +Center, however you want to utilize this job in scenarios where you want to generate a report on +multiple users’ effective access at once. + +**NOTE:** Trustees can be specified in the `UserScoping.csv` file for the SP_TrusteeAccess Job. See +the +[Configure CSV File for the Query for the SP_TrusteeAccess Job](#configure-csv-file-for-the-query-for-the-sp_trusteeaccess-job) +topic for additional information. + +![Scoping > SP_TrusteeAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp) + +The SP_TrusteeAccess job is located in the Scoping Job Group. + +## Queries for the SP_TrusteeAccess Job + +The SP_TrusteeAccess Job uses the TextSearch Data Collector for the following query: + +![Queries for the SP_TrusteeAccess Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp) + +The default query is: + +- Scoping – Modifies the CSV in the Job Directory. See the + [Configure CSV File for the Query for the SP_TrusteeAccess Job](#configure-csv-file-for-the-query-for-the-sp_trusteeaccess-job) + topic for additional information. + +### Configure CSV File for the Query for the SP_TrusteeAccess Job + +Follow the steps to specify trustees in the `UserScoping.csv` file. + +**Step 1 –** Navigate to the **Jobs** > **SharePoint** > **Effective Access Audits** > **Scoping** > +**SP_TrusteeAccess** Job and right-click on the job. Select **Explore Folder** and the job’s +directory opens. + +![UserScoping.csv in the SP_TrusteeAccess Job folder in File Explorer](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp) + +**Step 2 –** Open the `UserScoping.csv` file with a text editor, for example Notepad. + +![UserScoping.csv file in Notepad](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp) + +**Step 3 –** Enter the trustees using a `Domain\UserName` format. Enter one trustee per row. + +**Step 4 –** Save and close the file. + +The SP_TrusteeAccess Job is now ready to import this list of trustees to scope the Effective Access +Audits Job Group. After job execution, the list of specified trustees will populate the Scope table +accessible under the job’s Results node. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaudit.md b/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaudit.md new file mode 100644 index 0000000000..212ca4ee85 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/sp_trusteeaudit.md @@ -0,0 +1,31 @@ +# SP_TrusteeAudit Job + +The SP_TrusteeAudit Job runs analysis tasks and generates a report on effective access of specified +trustees. This job provides functionality similar to the Access Information Center by allowing +scoped audits of user access across the targeted SharePoint environment. + +## Analysis Tasks for the SP_TrusteeAudit Job + +Navigate to the **Jobs** > **SharePoint** > **Effective Access Audits** > **SP_TrusteeAudit** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_TrusteeAudit Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp) + +The default analysis tasks are: + +- 1. Find Effective Access. Returns Only Site Collections – Creates the SA_SP_TrusteeAudit_Results + table accessible under the job’s Results node +- 2. Find Direct Permissions. Unscoped - All Resource Types – Creates the + SA_SP_TrusteeAudit_DirectPermissions table accessible under the job’s Results node +- 3. Summarize Access – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the tables created by the analysis tasks which display effective access for the +specified trustees, the SP_TrusteeAudit Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Site Collection Access | This report shows what site collections a domain user has effective and direct access to. Audited users are scoped in the SP_TrusteeAccess job. | None | This report is comprised of three elements: - Table – Provides user summary details - Table – Provides details on site collections with effective access - Table – Provides details on direct permissions | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/overview.md index e5740c4471..4d9a39bc02 100644 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/overview.md +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/overview.md @@ -4,23 +4,23 @@ The 8.M365 Job Group generates summary and detail reports of SharePoint Activity Teams sites. These reports can be used for identifying file, folder, and user related activity across your SharePoint environment. -![8.M365 Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![8.M365 Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/jobstree.webp) The jobs in the 8.M365 Job Group are: -- [SP_ExternalUsers Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-externalusers.md) – Identifies activity of external users on all +- [SP_ExternalUsers Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_externalusers.md) – Identifies activity of external users on all monitored Sharepoint servers -- [SP_OneDrives Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-onedrives.md) – Collects the activity, sensitive data, summary level +- [SP_OneDrives Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_onedrives.md) – Collects the activity, sensitive data, summary level information across OneDrives -- [SP_SharedLinks Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-sharedlinks.md) – Provides an overview of the shared links configured with +- [SP_SharedLinks Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_sharedlinks.md) – Provides an overview of the shared links configured with Sharpoint Online, with visibility into Anonymous Sharing, External User Sharing, and activity pertaining to Shared Links -- [SP_StaleTeamSites Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-staleteamsites.md) – Identifies Teams that have not had activity for a +- [SP_StaleTeamSites Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_staleteamsites.md) – Identifies Teams that have not had activity for a number of days that can be set in the analysis (Set at 30 Days by Default) -- [SP_Teams](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teams.md) – Identifies activities, sensitive data and a summary of collected data +- [SP_Teams](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teams.md) – Identifies activities, sensitive data and a summary of collected data for SharePoint Teams -- [SP_TeamsExternalUserActivity Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teamsexternaluseractivity.md) – Identifies all activity +- [SP_TeamsExternalUserActivity Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teamsexternaluseractivity.md) – Identifies all activity events performed by external users in Teams, including details on the date/time, resource, and operation -- [SP_TeamsSensitiveData Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teamssensitivedata.md) – Analyzes sensitive data activity within +- [SP_TeamsSensitiveData Job](/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teamssensitivedata.md) – Analyzes sensitive data activity within Teams sites diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-externalusers.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-externalusers.md deleted file mode 100644 index 212903cc56..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-externalusers.md +++ /dev/null @@ -1,30 +0,0 @@ -# SP_ExternalUsers Job - -The SP_TeamsExternalUsers Job identifies activity of external users on all monitored SharePoint -servers. - -## Analysis Tasks for the SP_ExternalUsers Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_OneDrives** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_ExternalUsers Job](/img/product_docs/accessanalyzer/solutions/sharepoint/m365/externalusersanalysis.webp) - -The default analysis task is: - -- Analyze External User Activity – Creates the - SA_SPAC_SharePointOnlineMostActiveExternalUsersSummary table accessible under the job's Results - node -- Summarize External User Activity – Creates the SP_ExternalUsersDetails table accessible under the - job's Results node - -In addition to the tables created by the analysis tasks, the SP_TeamsExternalUsers Job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------- | --------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| External User Activity | This report analyzes activity performed by external users in scanned SharePoint environments. | None | This report is comprised of three elements: - Bar Chart – Provides information on top users by operation count - Table – Provides summary on external users - Table – Provides details on external user activity | -| External User Summary | This report analyzes activity performed by external users in scanned SharePoint environments. | None | This report is comprised of three elements: - Bar Chart – Provides information on top users by operation count - Table – Provides summary on external users - Table – Provides details on external user activity | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-onedrives.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-onedrives.md deleted file mode 100644 index 6bf3a86c6e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-onedrives.md +++ /dev/null @@ -1,38 +0,0 @@ -# SP_OneDrives Job - -The SP_OneDrives Job collects the activity, sensitive data, summary level information across -OneDrives. - -## Analysis Tasks for the OneDrives Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_OneDrives** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the OneDrives Job](/img/product_docs/accessanalyzer/solutions/sharepoint/m365/onedrivesanalysis.webp) - -The default analysis tasks are: - -- OneDrive Details – Creates the SA_SP_OneDriveDetails table accessible under the job's Results node -- OneDrive Summary – Creates the SA_SP_OneDriveSummary table accessible under the job's Results node -- Top OneDrive by GB Summary – Creates the SA_SP_TopOneDrivesGB table accessible under the job's - Results node -- OneDrive Sensitive Data File Details – Creates the SA_SP_OneDriveFileDetails table accessible - under the job's Results node -- OneDrive Sensitive Data Summary – Creates the SA_SP_OneDriveSensitiveDataSummary table accessible - under the job's Results node -- OneDrive Activity Details – Creates the SA_SP_OneDriveActivityDetails table accessible under the - job's Results node -- OneDrive Activity Summary – Creates the SA_SP_OneDriveActivitySummary table accessible under the - job's Results node - -In addition to the tables created by the analysis tasks, the SP_OneDrives Job produces the following -preconfigured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------ | -------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| One Drive Activity | This report displays activity information from OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on top OneDrives by Operation Count - Table – Provides details on OneDriveSummary - Table – Provides details on OneDrive Activity Details | -| One Drive Sensitive Data | This report displays sensitive information from OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on top OneDrives by sensitive files - Table – Provides details on sensitive data summary - Table – Provides details on OneDrive file details | -| One Drive Sensitive Data | This report displays summary level information across all OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on OneDrive summary - Table – Provides details on top OneDrives by GB - Table – Provides details on top OneDrives by GB summary - Table – Provides information on OneDrive details | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-sharedlinks.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-sharedlinks.md deleted file mode 100644 index 999bc3e84e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-sharedlinks.md +++ /dev/null @@ -1,38 +0,0 @@ -# SP_SharedLinks Job - -The SP_SharedLinks Job provides an overview of the shared links configured with SharePoint Online, -with visibility into Anonymous Sharing, External User Sharing, and activity pertaining to Shared -Links. - -## Analysis Tasks for the SharedLinks Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_SharedLinks** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SharedLinks Job](/img/product_docs/accessanalyzer/solutions/sharepoint/m365/sharedlinksanalysis.webp) - -The default analysis tasks are: - -- Calculate anonymous sharing – Creates the SA_SP_AnonynomousSharing_Details table accessible under - the job's Results node -- Summarize anonymous sharing – Creates the SA_SP_AnonynomousSharing_Summary table accessible under - the job's Results node -- Calculate shared links – Creates the SA_SP_SharingLinks_Details table accessible under the job's - Results node -- Summarize shared links – Creates the SA_SP_SharingLinks_SiteCollection and - SA_SP_SharingLinks_Tenant_Summary tables accessible under the job's Results node -- Calculate Shared Links Activity – Creates the SA_SP_SharingLinks_Activity_Details, - SA_SP_SharingLinks_Creation_Detail_Last_7_Days, and - SA_SP_SharingLinks_Creation_Summary_Last_7_Days tables accessible under the job's Results node - -In addition to the tables created by the analysis tasks, the SP_Shared Links Job produces the -following preconfigured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Anonymous Sharing | This report highlights instances where resources are anonymously shared via a shareable link in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart – Provides information on the top site collections and anonymously shared files - Table – Provides details anonymous sharing summary by site collection - Table – Provides details on anonymously sharing details | -| Shared Link Activity | This report highlights instances of activity via shared links in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart – Provides information on the shared link creation for the last 7 days OneDrive summary - Table – Provides details on shared link creation summary for the last 7 days - Table – Provides details on shared link activity | -| Shared Links | This report highlights instances of shared links in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart Table– Provides information on the shared link summary - Bar Chart– Provides details on top site collections by shared files - Table – Provides details on site collection summary - Table – Provides details on shared links | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-staleteamsites.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-staleteamsites.md deleted file mode 100644 index d2c09b4c09..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-staleteamsites.md +++ /dev/null @@ -1,54 +0,0 @@ -# SP_StaleTeamSites Job - -The SP_StaleTeamSites Job identifies Teams that have not had activity for a number of days that can -be set in the analysis (Set as 30 Days by Default). - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The SP_StaleTeamSites page has the following configurable parameters: - -- Desired Number of Days Since Last Activity To Determine Staleness - -See the -[Customizable Analysis Tasks for the SP_StaleTeamSites Job](#customizable-analysis-tasks-for-the-sp_staleteamsites-job) -for additional information. - -## Analysis Tasks for the SP_StaleTeamSites Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_StaleTeamSites** >**Configure** node -and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the SP_StaleTeamSites Job](/img/product_docs/accessanalyzer/solutions/sharepoint/m365/staleteamsitesanalysis.webp) - -The default analysis task is: - -- Find Stale Teams – Creates the SA_SP_StaleTeamSites table accessible under the job’s Results node - - - This task contains a configurable parameter to set the number of days a Team has not had - activity for before it's considered stale. See the - [Customizable Analysis Tasks for the SP_StaleTeamSites Job](#customizable-analysis-tasks-for-the-sp_staleteamsites-job) - topic for additional information. - -In addition to the table created by the analysis task, the SP_StaleTeamSites Job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Stale Teams | This report identifies Teams that have not had activity for a number of days that can be set in the analysis (Set at 30 Days by Default) | None | This report is comprised of two elements: - Bar Chart – Provides information on the top five least active sites - Table – Provides details on stale Teams sites | - -### Customizable Analysis Tasks for the SP_StaleTeamSites Job - -The default values for customizable parameters are: - -| Analysis Task | Customizable Parameter Name | Default Value | Description | -| ---------------- | --------------------------- | ------------- | ------------------------------------------------------------------ | -| Find Stale Teams | @days | 30 | Desired number of days since last activity to determine staleness. | - -See the -[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/administration/job-management/job/configure/analysis-customizable-parameters.md) -topic for instructions on customizing the analysis parameters. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teams.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teams.md deleted file mode 100644 index 6a29bf53ac..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teams.md +++ /dev/null @@ -1,34 +0,0 @@ -# SP_Teams - -The SP_Teams Job identifies activities, sensitive data and a summary of collected data for -SharePoint Teams. - -## Analysis Tasks for the SP_Teams Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_Teams** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_Teams Job](/img/product_docs/accessanalyzer/solutions/sharepoint/m365/teamsanalysis.webp) - -The default analysis task is: - -- Teams Details and Summary – Creates the SA_SP_TeamsSummary table to populate the Teams Activity - and Teams Summary reports -- Teams Activity Details – Creates the SA_SP_TeamsActivityDetails table to populate the Teams - Activity report -- Teams Activity Summary – Creates the SA_SP_TeamsActivitySummary table to populate the Teams - Activity report -- Teams Sensitive Data – Creates the SA_SP_TeamsFileDetailsSensitiveData table to populate the Teams - Sensitive Data report - -In addition to the tables created by the analysis tasks, the SP_Teams Job produces the following -preconfigured reports: - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Teams Activity | This report identifies and analyzes activity in SharePoint Teams. | None | This report is comprised of three elements: - Bar Chart – Provides Operation count of the Top Teams - Table – Provides a summary of Teams activity - Table – Provides details about Teams activity | -| Teams Sensitive Data | This report identifies and analyzes sensitive data in SharePoint Teams. | None | This report is comprised of three elements: - Bar Chart – Provides the top Teams containing sensitive files - Table – Provides a sensitive data summary - Table – Provides additional details about sensitive files in Teams | -| Teams Summary | This report summarizes collected data for SharePoint Teams. | None | This report is comprised of four elements: - Table – Provides a summary of permissions in Teams - Bar Chart – Provides information about Top Teams by size (GB) - Pie Chart – Provides a comparison of stale vs active Teams sites - Table – Provides additional details about Teams sites permissions | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teamsexternaluseractivity.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teamsexternaluseractivity.md deleted file mode 100644 index b2698baf1f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teamsexternaluseractivity.md +++ /dev/null @@ -1,27 +0,0 @@ -# SP_TeamsExternalUserActivity Job - -The SP_TeamsExternalUserActivity Job identifies all activity events performed by external users in -Teams, including details on the date/time, resource, and operation. - -## Analysis Tasks for the SP_TeamsExternalUserActivity Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > -**SP_TeamsExternalUserActivity** >**Configure** node and select **Analysis** to view the analysis -tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_TeamsExternalUserActivity Job](/img/product_docs/accessanalyzer/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp) - -The default analysis task is: - -- Analyze Teams External User Activity – Creates the SA_SPAC_MostActiveTeamsExternalUsers table - accessible under the job's Results node - -In addition to the table created by the analysis task, the SP_TeamsExternalUserActivity Job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Teams External User Activity | This report displays most active external users within Teams, as well as Teams that have the most external users. | None | This report is comprised of three elements: - Bar Chart – Provides information on the most active external team members - Table – Provides details on Teams with the most external users - Table – Provides details on external user activity details | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teamssensitivedata.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teamssensitivedata.md deleted file mode 100644 index 8f21296bbd..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp-teamssensitivedata.md +++ /dev/null @@ -1,25 +0,0 @@ -# SP_TeamsSensitiveData Job - -The SP_TeamsSensitiveData Job analyzes sensitive data activity within Teams Sites. - -## Analysis Tasks for the SP_TeamsSensitiveData Job - -Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_TeamsSensitiveData** >**Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_TeamsSensitiveData Job](/img/product_docs/accessanalyzer/solutions/sharepoint/m365/teamssensitivedataanalysis.webp) - -The default analysis task is: - -- Analyze Teams Sensitive Data – Creates the SA_TeamsSensitiveDataActivityDetails table accessible - under the job's Results node - -In addition to the table created by the analysis task, the SP_TeamsSensitiveData Job produces the -following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Teams Sensitive Data Report | This report analyzes sensitive data activity in Teams sites. | None | This report is comprised of two elements: - Bar Chart – Provides information on the top Teams users by sensitive file interaction count - Table – Provides details on user activity | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_externalusers.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_externalusers.md new file mode 100644 index 0000000000..dad710dbb5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_externalusers.md @@ -0,0 +1,30 @@ +# SP_ExternalUsers Job + +The SP_TeamsExternalUsers Job identifies activity of external users on all monitored SharePoint +servers. + +## Analysis Tasks for the SP_ExternalUsers Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_OneDrives** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_ExternalUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/externalusersanalysis.webp) + +The default analysis task is: + +- Analyze External User Activity – Creates the + SA_SPAC_SharePointOnlineMostActiveExternalUsersSummary table accessible under the job's Results + node +- Summarize External User Activity – Creates the SP_ExternalUsersDetails table accessible under the + job's Results node + +In addition to the tables created by the analysis tasks, the SP_TeamsExternalUsers Job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------- | --------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| External User Activity | This report analyzes activity performed by external users in scanned SharePoint environments. | None | This report is comprised of three elements: - Bar Chart – Provides information on top users by operation count - Table – Provides summary on external users - Table – Provides details on external user activity | +| External User Summary | This report analyzes activity performed by external users in scanned SharePoint environments. | None | This report is comprised of three elements: - Bar Chart – Provides information on top users by operation count - Table – Provides summary on external users - Table – Provides details on external user activity | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_onedrives.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_onedrives.md new file mode 100644 index 0000000000..49b2fefa9e --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_onedrives.md @@ -0,0 +1,38 @@ +# SP_OneDrives Job + +The SP_OneDrives Job collects the activity, sensitive data, summary level information across +OneDrives. + +## Analysis Tasks for the OneDrives Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_OneDrives** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the OneDrives Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/onedrivesanalysis.webp) + +The default analysis tasks are: + +- OneDrive Details – Creates the SA_SP_OneDriveDetails table accessible under the job's Results node +- OneDrive Summary – Creates the SA_SP_OneDriveSummary table accessible under the job's Results node +- Top OneDrive by GB Summary – Creates the SA_SP_TopOneDrivesGB table accessible under the job's + Results node +- OneDrive Sensitive Data File Details – Creates the SA_SP_OneDriveFileDetails table accessible + under the job's Results node +- OneDrive Sensitive Data Summary – Creates the SA_SP_OneDriveSensitiveDataSummary table accessible + under the job's Results node +- OneDrive Activity Details – Creates the SA_SP_OneDriveActivityDetails table accessible under the + job's Results node +- OneDrive Activity Summary – Creates the SA_SP_OneDriveActivitySummary table accessible under the + job's Results node + +In addition to the tables created by the analysis tasks, the SP_OneDrives Job produces the following +preconfigured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------ | -------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| One Drive Activity | This report displays activity information from OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on top OneDrives by Operation Count - Table – Provides details on OneDriveSummary - Table – Provides details on OneDrive Activity Details | +| One Drive Sensitive Data | This report displays sensitive information from OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on top OneDrives by sensitive files - Table – Provides details on sensitive data summary - Table – Provides details on OneDrive file details | +| One Drive Sensitive Data | This report displays summary level information across all OneDrives. | None | This report is comprised of three elements: - Bar Chart – Provides information on OneDrive summary - Table – Provides details on top OneDrives by GB - Table – Provides details on top OneDrives by GB summary - Table – Provides information on OneDrive details | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_sharedlinks.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_sharedlinks.md new file mode 100644 index 0000000000..8556e85b25 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_sharedlinks.md @@ -0,0 +1,38 @@ +# SP_SharedLinks Job + +The SP_SharedLinks Job provides an overview of the shared links configured with SharePoint Online, +with visibility into Anonymous Sharing, External User Sharing, and activity pertaining to Shared +Links. + +## Analysis Tasks for the SharedLinks Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_SharedLinks** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SharedLinks Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/sharedlinksanalysis.webp) + +The default analysis tasks are: + +- Calculate anonymous sharing – Creates the SA_SP_AnonynomousSharing_Details table accessible under + the job's Results node +- Summarize anonymous sharing – Creates the SA_SP_AnonynomousSharing_Summary table accessible under + the job's Results node +- Calculate shared links – Creates the SA_SP_SharingLinks_Details table accessible under the job's + Results node +- Summarize shared links – Creates the SA_SP_SharingLinks_SiteCollection and + SA_SP_SharingLinks_Tenant_Summary tables accessible under the job's Results node +- Calculate Shared Links Activity – Creates the SA_SP_SharingLinks_Activity_Details, + SA_SP_SharingLinks_Creation_Detail_Last_7_Days, and + SA_SP_SharingLinks_Creation_Summary_Last_7_Days tables accessible under the job's Results node + +In addition to the tables created by the analysis tasks, the SP_Shared Links Job produces the +following preconfigured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Anonymous Sharing | This report highlights instances where resources are anonymously shared via a shareable link in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart – Provides information on the top site collections and anonymously shared files - Table – Provides details anonymous sharing summary by site collection - Table – Provides details on anonymously sharing details | +| Shared Link Activity | This report highlights instances of activity via shared links in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart – Provides information on the shared link creation for the last 7 days OneDrive summary - Table – Provides details on shared link creation summary for the last 7 days - Table – Provides details on shared link activity | +| Shared Links | This report highlights instances of shared links in SharePoint Online. | None | This report is comprised of three elements: - Bar Chart Table– Provides information on the shared link summary - Bar Chart– Provides details on top site collections by shared files - Table – Provides details on site collection summary - Table – Provides details on shared links | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_staleteamsites.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_staleteamsites.md new file mode 100644 index 0000000000..c6d455dad7 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_staleteamsites.md @@ -0,0 +1,54 @@ +# SP_StaleTeamSites Job + +The SP_StaleTeamSites Job identifies Teams that have not had activity for a number of days that can +be set in the analysis (Set as 30 Days by Default). + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The SP_StaleTeamSites page has the following configurable parameters: + +- Desired Number of Days Since Last Activity To Determine Staleness + +See the +[Customizable Analysis Tasks for the SP_StaleTeamSites Job](#customizable-analysis-tasks-for-the-sp_staleteamsites-job) +for additional information. + +## Analysis Tasks for the SP_StaleTeamSites Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_StaleTeamSites** >**Configure** node +and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the SP_StaleTeamSites Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/staleteamsitesanalysis.webp) + +The default analysis task is: + +- Find Stale Teams – Creates the SA_SP_StaleTeamSites table accessible under the job’s Results node + + - This task contains a configurable parameter to set the number of days a Team has not had + activity for before it's considered stale. See the + [Customizable Analysis Tasks for the SP_StaleTeamSites Job](#customizable-analysis-tasks-for-the-sp_staleteamsites-job) + topic for additional information. + +In addition to the table created by the analysis task, the SP_StaleTeamSites Job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Stale Teams | This report identifies Teams that have not had activity for a number of days that can be set in the analysis (Set at 30 Days by Default) | None | This report is comprised of two elements: - Bar Chart – Provides information on the top five least active sites - Table – Provides details on stale Teams sites | + +### Customizable Analysis Tasks for the SP_StaleTeamSites Job + +The default values for customizable parameters are: + +| Analysis Task | Customizable Parameter Name | Default Value | Description | +| ---------------- | --------------------------- | ------------- | ------------------------------------------------------------------ | +| Find Stale Teams | @days | 30 | Desired number of days since last activity to determine staleness. | + +See the +[Configure the Customizable Parameters in an Analysis Task](/docs/accessanalyzer/12.0/admin/jobs/job/configure/analysiscustomizableparameters.md) +topic for instructions on customizing the analysis parameters. diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teams.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teams.md new file mode 100644 index 0000000000..8b1e5311b1 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teams.md @@ -0,0 +1,34 @@ +# SP_Teams + +The SP_Teams Job identifies activities, sensitive data and a summary of collected data for +SharePoint Teams. + +## Analysis Tasks for the SP_Teams Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_Teams** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_Teams Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/teamsanalysis.webp) + +The default analysis task is: + +- Teams Details and Summary – Creates the SA_SP_TeamsSummary table to populate the Teams Activity + and Teams Summary reports +- Teams Activity Details – Creates the SA_SP_TeamsActivityDetails table to populate the Teams + Activity report +- Teams Activity Summary – Creates the SA_SP_TeamsActivitySummary table to populate the Teams + Activity report +- Teams Sensitive Data – Creates the SA_SP_TeamsFileDetailsSensitiveData table to populate the Teams + Sensitive Data report + +In addition to the tables created by the analysis tasks, the SP_Teams Job produces the following +preconfigured reports: + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ----------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Teams Activity | This report identifies and analyzes activity in SharePoint Teams. | None | This report is comprised of three elements: - Bar Chart – Provides Operation count of the Top Teams - Table – Provides a summary of Teams activity - Table – Provides details about Teams activity | +| Teams Sensitive Data | This report identifies and analyzes sensitive data in SharePoint Teams. | None | This report is comprised of three elements: - Bar Chart – Provides the top Teams containing sensitive files - Table – Provides a sensitive data summary - Table – Provides additional details about sensitive files in Teams | +| Teams Summary | This report summarizes collected data for SharePoint Teams. | None | This report is comprised of four elements: - Table – Provides a summary of permissions in Teams - Bar Chart – Provides information about Top Teams by size (GB) - Pie Chart – Provides a comparison of stale vs active Teams sites - Table – Provides additional details about Teams sites permissions | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teamsexternaluseractivity.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teamsexternaluseractivity.md new file mode 100644 index 0000000000..eaaad5e880 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teamsexternaluseractivity.md @@ -0,0 +1,27 @@ +# SP_TeamsExternalUserActivity Job + +The SP_TeamsExternalUserActivity Job identifies all activity events performed by external users in +Teams, including details on the date/time, resource, and operation. + +## Analysis Tasks for the SP_TeamsExternalUserActivity Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > +**SP_TeamsExternalUserActivity** >**Configure** node and select **Analysis** to view the analysis +tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_TeamsExternalUserActivity Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp) + +The default analysis task is: + +- Analyze Teams External User Activity – Creates the SA_SPAC_MostActiveTeamsExternalUsers table + accessible under the job's Results node + +In addition to the table created by the analysis task, the SP_TeamsExternalUserActivity Job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Teams External User Activity | This report displays most active external users within Teams, as well as Teams that have the most external users. | None | This report is comprised of three elements: - Bar Chart – Provides information on the most active external team members - Table – Provides details on Teams with the most external users - Table – Provides details on external user activity details | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teamssensitivedata.md b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teamssensitivedata.md new file mode 100644 index 0000000000..c503b43c4c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/m365/sp_teamssensitivedata.md @@ -0,0 +1,25 @@ +# SP_TeamsSensitiveData Job + +The SP_TeamsSensitiveData Job analyzes sensitive data activity within Teams Sites. + +## Analysis Tasks for the SP_TeamsSensitiveData Job + +Navigate to the **Jobs** > **SharePoint** > **8.M365** > **SP_TeamsSensitiveData** >**Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_TeamsSensitiveData Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/teamssensitivedataanalysis.webp) + +The default analysis task is: + +- Analyze Teams Sensitive Data – Creates the SA_TeamsSensitiveDataActivityDetails table accessible + under the job's Results node + +In addition to the table created by the analysis task, the SP_TeamsSensitiveData Job produces the +following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Teams Sensitive Data Report | This report analyzes sensitive data activity in Teams sites. | None | This report is comprised of two elements: - Bar Chart – Provides information on the top Teams users by sensitive file interaction count - Table – Provides details on user activity | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md index 19558e0f9b..35a684b939 100644 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/overview.md @@ -21,16 +21,16 @@ Supported Platforms Requirements, Permissions, and Ports - Permissions vary based on the Scan Mode selected and target environment. See the - [SharePoint Support](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/sharepoint.md) topic for additional information. + [SharePoint Support](/docs/accessanalyzer/12.0/requirements/target/sharepoint.md) topic for additional information. - Ports vary based on the Scan Mode selected and target environment. See the - [SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) topic for + [SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) topic for additional information. **NOTE:** You can use the **SP_RegisterAzureAppAuth** instant job to make the configuration for SharePoint Online easier. This job registers the necessary Microsoft Entra ID application and provisions it with the required permissions. See the -[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/sp-register-azure-app-auth.md) topic for +[SP_RegisterAzureAppAuth Job](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/sp_registerazureappauth.md) topic for additional information. Sensitive Data Discovery Considerations @@ -59,16 +59,16 @@ This SharePoint solution offers information on multiple aspects of an organizati on-premises and SharePoint Online environments. This solution is comprised of 10 sub-job groups and an overview job which collect, analyze, and report on data. The data collection is conducted by the SharePointAccess (SPAA) Data Collector. See the corresponding -[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/12.0/data-collection/spaa/standard-tables.md) +[Standard Reference Tables & Views for the SPAA Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/spaa/standardtables.md) topic for database table information. -![SharePoint Job Group](/img/product_docs/accessanalyzer/solutions/sharepoint/sharepointjobgroup.webp) +![SharePoint Job Group](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/sharepointjobgroup.webp) The following types of auditing can be conducted with the SharePoint Solution: -- [SharePoint Access Auditing](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md#sharepoint-access-auditing) -- [SharePoint Activity Auditing](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md#sharepoint-activity-auditing) -- [SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md#sharepoint-sensitive-data-discovery-auditing-seek) +- [SharePoint Access Auditing](collection/overview.md#sharepoint-access-auditing) +- [SharePoint Activity Auditing](collection/overview.md#sharepoint-activity-auditing) +- [SharePoint Sensitive Data Discovery Auditing (SEEK)](collection/overview.md#sharepoint-sensitive-data-discovery-auditing-seek) Each type of auditing depends on specific jobs within the 0.Collection Job Group to collect the data and its corresponding analysis/reporting job groups. The Access Auditing components represent the @@ -93,18 +93,18 @@ the following job groups and jobs: information from SharePoint servers. This information is used to populate the SMP Reports based around the SharePoint and is a requirement for the Access Information Center – SharePoint reports. - - This job group is available with the SharePoint license feature + - This job group is available with the SharePoint license feature - [1.Direct Permissions Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/overview.md) – Provides insight into how directly applied permissions are configured within the SharePoint environment. The group contains surface-level configuration settings that can quickly assess the SharePoint permission structure. -- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-openaccess.md) – Provides insight into any high-risk +- [2.High Risk Sites > SP_OpenAccess Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_openaccess.md) – Provides insight into any high-risk repositories and high-risk data that may exist within an organization’s SharePoint environment. High risk data is effectively open to the entire organization through modification of SharePoint permissions to apply well known security principles such as NT AUTHORITY\Authenticated Users, Everyone, and Everyone Except External Users. This data must be monitored closely because of its exposure. -- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-brokeninheritance.md) – Keeping track of +- [3.Broken Inheritance > SP_BrokenInheritance Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_brokeninheritance.md) – Keeping track of directly applied permissions at mass is not realistic, this job is responsible for performing data analysis and generating SharePoint broken inheritance reports at the site level. This includes looking at site broken inheritance and the trustees who are assigned to those sites where @@ -115,13 +115,13 @@ the following job groups and jobs: information on the content taking up the most space, the content that has not been accessed for extended periods of time, and additional data describing SharePoint content and the configuration of the repositories such as lists and libraries which store that content. -- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-probableowner.md) – Provides reports about probable +- [5.Probable Owner > SP_ProbableOwner Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_probableowner.md) – Provides reports about probable ownership. The goal of this report is to help you either identify who most likely owns the SharePoint resource or at least someone who can tell you who does. -- [6.Sensitive Data > SP_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-sensitivedata.md) – Highlights sensitive data +- [6.Sensitive Data > SP_SensitiveData Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_sensitivedata.md) – Highlights sensitive data identified across targeted SharePoint farms - - Requires Sensitive Data Discovery + - Requires Sensitive Data Discovery - [7.Activity Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/activity/overview.md)– Generates summary and detail reports of SharePoint activity on the specified sites. These reports can be used for identifying file, folder, and user @@ -132,8 +132,8 @@ the following job groups and jobs: - [Effective Access Audits Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/overview.md) – Returns reports identifying specific trustees’ effective access across the entire SharePoint environment - - Typically, this is run independently from the rest of the solution + - Typically, this is run independently from the rest of the solution -- [SP_Overview Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp-overview.md) – Provides an overview of the SharePoint environment, providing +- [SP_Overview Job](/docs/accessanalyzer/12.0/solutions/sharepoint/sp_overview.md) – Provides an overview of the SharePoint environment, providing a high level view into what makes up your SharePoint environment and the types of security risks and toxic permissions found during scans diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/recommended.md b/docs/accessanalyzer/12.0/solutions/sharepoint/recommended.md index 16ec1e61e5..d917c37406 100644 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/recommended.md @@ -27,13 +27,13 @@ SharePoint environments to be targeted. Select the checkbox for the custom-creat Since SharePoint Online environments can only be targeted for Access Auditing and Sensitive Data Discovery Auditing, it is best practice to set the host list at the job level. -See the [Add Hosts](/docs/accessanalyzer/12.0/host-management/actions/add.md) topic for additional information. +See the [Add Hosts](/docs/accessanalyzer/12.0/admin/hostmanagement/actions/add.md) topic for additional information. Connection Profile The SPAA Data Collector requires a specific set of permissions. See the -[SharePoint Scan Options](/docs/accessanalyzer/12.0/getting-started/system-requirements/solutions/sharepoint/scan-options.md) and -[SharePoint Support](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/sharepoint.md) topics for the necessary permissions +[SharePoint Scan Options](/docs/accessanalyzer/12.0/requirements/solutions/sharepoint/scanoptions.md) and +[SharePoint Support](/docs/accessanalyzer/12.0/requirements/target/sharepoint.md) topics for the necessary permissions for both on-premises and online target environments. Then create a custom Connection Profile containing the appropriate credentials for the targeted environment. If a single Connection Profile contains both on-premises and online credentials, it is necessary for the online credentials to be @@ -51,7 +51,7 @@ rights on the Access Analyzer Console server to access the CSV file saved in the The Connection Profile can be set at either the **Effective Access Audits** > **Settings** > **Connection** node (applies to both jobs) or in the job’s Properties window on the Connection tab. -See the [Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. +See the [Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. Schedule Frequency @@ -74,7 +74,7 @@ and the 2-SPAC Bulk Import Job default analysis tasks. **_RECOMMENDED:_** If only conducting one or two types of auditing, scope the solution by disabling the undesired collection jobs. Disabling them allows the solution to run more efficiently. It is not recommended to delete any jobs. See the -[Disable or Enable a Job](/docs/accessanalyzer/12.0/administration/job-management/job/disable-enable.md) topic for additional information. +[Disable or Enable a Job](/docs/accessanalyzer/12.0/admin/jobs/job/disableenable.md) topic for additional information. Query Configuration @@ -84,58 +84,58 @@ customizations include: - If using agent-based scanning, it is necessary to enable the agent services on the SharePoint Access Auditor Data Collector Wizard pages: - - Agent Settings page, enable agent service scans: + - Agent Settings page, enable agent service scans: - - Set on the **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing - - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery - Auditing + - Set on the **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing + - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery + Auditing - SharePoint Access Auditor Data Collector Wizard pages: - - SharePoint Data Collection Settings page, configure probable owner scanning: + - SharePoint Data Collection Settings page, configure probable owner scanning: - - Enable **Scan for Document Metadata** for probable owners calculations - - Set on the: + - Enable **Scan for Document Metadata** for probable owners calculations + - Set on the: - - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing - - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing + - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing + - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing - - Scan Scoping Options page (optional): + - Scan Scoping Options page (optional): - - Limit scans to specific Web Applications and site collections - - Set on the: + - Limit scans to specific Web Applications and site collections + - Set on the: - - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing - - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing + - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing + - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing - - Additional Scoping page (optional): + - Additional Scoping page (optional): - - Limit scan depth - - Set on the: + - Limit scan depth + - Set on the: - - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing - - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing + - **0.Collection** > **1-SPAA_SystemScans** Job for Access Auditing + - **0.Collection** > **1-SPSEEK_SystemScans** Job for Sensitive Data Discovery Auditing - - DLP Audit Settings page, scope to not scan files larger than a specific size for Sensitive - Data Discovery Auditing: + - DLP Audit Settings page, scope to not scan files larger than a specific size for Sensitive + Data Discovery Auditing: - - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job + - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job - - Select DLP Criteria page, scope to scan for specific criteria or customizing criteria for - Sensitive Data Discovery Auditing: + - Select DLP Criteria page, scope to scan for specific criteria or customizing criteria for + Sensitive Data Discovery Auditing: - - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job + - Set on the **0.Collection** > **1-SPSEEK_SystemScans** Job - - Activity Data Scope page: + - Activity Data Scope page: - - Customize date ranges for activity to be collected - - Set on the **0.Collection** > **1-SPAC_SystemScans** Job for Activity Auditing + - Customize date ranges for activity to be collected + - Set on the **0.Collection** > **1-SPAC_SystemScans** Job for Activity Auditing - - Activity Log Locations page (optional): + - Activity Log Locations page (optional): - - Specify the log locations to avoid requiring remote registry access to locate the activity - event log files - - Set on the **0.Collection** > **1-SPAC_SystemScans** Job for Activity Auditing + - Specify the log locations to avoid requiring remote registry access to locate the activity + event log files + - Set on the **0.Collection** > **1-SPAC_SystemScans** Job for Activity Auditing Analysis Configuration @@ -147,11 +147,11 @@ Though the analysis tasks should not be deselected, the following parameters can - Stale File is defined by default to 365 days - - Customize within the **4.Content** > **SP_StaleFiles** Job + - Customize within the **4.Content** > **SP_StaleFiles** Job - Stale Teams is defined by default to 30 days - - Customize within the **8.M365** > **SP_StaleTeamSites** Job + - Customize within the **8.M365** > **SP_StaleTeamSites** Job The .Active Directory Inventory Solution defines large groups, deeply nested groups, stale users, and users with large tokens. These parameters can be customized and are applicable to any solution, diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/sp-brokeninheritance.md b/docs/accessanalyzer/12.0/solutions/sharepoint/sp-brokeninheritance.md deleted file mode 100644 index febb667cb3..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/sp-brokeninheritance.md +++ /dev/null @@ -1,39 +0,0 @@ -# 3.Broken Inheritance > SP_BrokenInheritance Job - -Keeping track of directly applied permissions at mass is not realistic, the SP_BrokenInheritance job -is responsible for performing data analysis and generating SharePoint broken inheritance reports at -the site level. This includes looking at site broken inheritance and the trustees who are assigned -to those sites where inheritance is broken so that you can remove that access in favor of providing -access via group membership. - -![3.Broken Inheritance > SP_BrokenInheritance Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritancejobstree.webp) - -The SP_BrokenInheritance job is located in the 3.Broken Inheritance Job Group. - -## Analysis Tasks for the SP_BrokenInheritance Job - -Navigate to the **Jobs** > **SharePoint** > **3.Broken Inheritance** > **SP_BrokenInheritance** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_BrokenInheritance Job](/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp) - -They need to remain in the default order: - -- 1. Create Inheritance View – Creates the SA_ENG_SPAA_Inheritance view accessible under the job’s - Results node -- 2. Unique Trustees Table. Identifies where Trustees have been Added/Removed – Creates the - SA_SP_BrokenInheritance_UniqueTrustees table accessible under the job’s Results node -- 3. Pivot Unique Trustees Table – Creates the SA_SP_BrokenInheritance_UniqueTrusteesPivot table - accessible under the job’s Results node -- 4. Summarize by Site Collection – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables created by the analysis tasks which display resources with broken -inheritance, the SP_BrokenInheritance Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Broken Inheritance | This job is responsible for performing data analysis and generating SharePoint direct permission reports at the site level. This includes looking at site broken inheritance and the trustees who are assigned to those sites where inheritance is broken. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 site collections by resources with permission changes - Table – Provides a site collection summary - Table – Provides broken inheritance details | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/sp-openaccess.md b/docs/accessanalyzer/12.0/solutions/sharepoint/sp-openaccess.md deleted file mode 100644 index e7fc02d808..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/sp-openaccess.md +++ /dev/null @@ -1,43 +0,0 @@ -# 2.High Risk Sites > SP_OpenAccess Job - -The 2.High Risk Sites Job Group provides insight into any high risk repositories and high risk data -that may exist within the targeted SharePoint environment. High risk data is effectively open to the -entire organization through modification of SharePoint permissions to apply well known security -principals such as NT AUTHORITY\Authenticated Users. The data must be monitored closely because of -its exposure. - -![2.High Risk Sites > SP_OpenAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/openaccessjobstree.webp) - -The job group is comprised of the SP_OpenAccess Job. Minimizing your attack surface is the goal. -Open site collections can potentially provide access to privileged data, greatly increasing your -vulnerability. The SP_OpenAccess Job will identify places in the environment where data is able to -be accessed by a very large amount of employees. - -It is dependent on data collected by the -[SharePoint Access Auditing](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md#sharepoint-access-auditing) or -[SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md#sharepoint-sensitive-data-discovery-auditing-seek) -components of the [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md). - -## Analysis Tasks for the SP_OpenAccess Job - -Navigate to the **Jobs** > **SharePoint** > **2.High Risk Sites** > **SP_OpenAccess** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_OpenAccess Job](/img/product_docs/accessanalyzer/solutions/filesystem/openaccessanalysis.webp) - -The default analysis tasks are: - -- 1. Determine Access to Resources – Creates the SA_SP_OpenAccess_AccessDetails table accessible - under the job’s Results node -- 2. Summarize by Site Collection – Creates the SA_SP_OpenAccess_SiteCollectionSummary table - accessible under the job’s Results node - -In addition to the tables created by the analysis tasks which display resources with open access, -the SP_OpenAccess Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | ------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Open Access | This report identifies site collections with open resources. | Open Access | This report is comprised of two elements: - Stacked Bar – Displays top site collections with open access - Table – Provides site collection details - Table – Provides access details | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/sp-overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/sp-overview.md deleted file mode 100644 index 39dc299b1c..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/sp-overview.md +++ /dev/null @@ -1,37 +0,0 @@ -# SP_Overview Job - -The SP_Overview job provides an overview of the SharePoint Environment, providing a high level view -into what makes up a SharePoint Environment and the types of security risks and toxic permissions -found during scans. - -![SP_Overview Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/sharepoint/overviewjobstree.webp) - -It is dependent on data collected by the -[SharePoint Access Auditing](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md#sharepoint-access-auditing), -[SharePoint Sensitive Data Discovery Auditing (SEEK)](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md#sharepoint-sensitive-data-discovery-auditing-seek), -and [SharePoint Activity Auditing](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md#sharepoint-activity-auditing) components -of the [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md). It also depends on the running of the -sub-job groups within the solution. If only select sub-job groups have been run, there will be blank -sections of this overview report. - -## Analysis Tasks for the SP_Overview Job - -Navigate to the **Jobs** > **SharePoint** > **SP_Overview** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_Overview Job](/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/overviewanalysis.webp) - -The default analysis tasks is: - -- Generate Overview – Creates an interim processing table in the database for use by downstream - analysis and report generation - -In addition to the table created by the analysis task which displays all direct user permissions, -the SP_Overview Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------- | -| SharePoint Overview | This report provides an overview of the targeted SharePoint environment. | None | This report is comprised of one element: - Table – Provides details on the targeted SharePoint environment | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/sp-probableowner.md b/docs/accessanalyzer/12.0/solutions/sharepoint/sp-probableowner.md deleted file mode 100644 index 3ac6ada60a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/sp-probableowner.md +++ /dev/null @@ -1,32 +0,0 @@ -# 5.Probable Owner > SP_ProbableOwner Job - -The SP_ProbableOwner Job aids in the identification of probable owners for Site Collections and -Sites, which can be used for entitlement reviews. Probably Owner calculation is based on file -ownership, management structure, and file activity. The goal of this report is to help you identify -who most likely owns the SharePoint resource or at least someone who can tell you who does. - -![5.Probable Owner > SP_ProbableOwner Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/filesystem/probableownerjobstree.webp) - -The SP_ProbableOwner Job is located in the 5.Probable Owner Job Group. - -## Analysis Tasks for the SP_ProbableOwner Job - -Navigate to the **Jobs** > **SharePoint** > **5.Probable Owner** > -**SP_ProbableOwner** >**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SP_ProbableOwner Job](/img/product_docs/accessanalyzer/solutions/filesystem/probableowneranalysis.webp) - -The default analysis tasks are: - -- Identify Probable Owners – Creates the SA_SP_SiteProbablyOwners_Details table accessible under the - job’s Results node - -In addition to the table created by the analysis task which displays probable ownership, the -SP_ProbableOwner Job produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------- | --------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------- | -| SharePoint Probable Ownership | This report identifies probable owners based on management structure, file ownership, and activity. | None | This report is comprised of one element: - Table – Provides details on probable owners | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/sp-sensitivedata.md b/docs/accessanalyzer/12.0/solutions/sharepoint/sp-sensitivedata.md deleted file mode 100644 index 5c45ffb733..0000000000 --- a/docs/accessanalyzer/12.0/solutions/sharepoint/sp-sensitivedata.md +++ /dev/null @@ -1,34 +0,0 @@ -# 6.Sensitive Data > SP_SensitiveData Job - -The SP_SensitiveData Job identifies where sensitive data is located inside SharePoint farms. Special -care is paid to access and user activity in these locations. - -![6.Sensitve Data > SP_SensitiveData Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp) - -The SP_SensitiveData Job is located in the 6.Sensitive Data Job Group. - -## Analysis Tasks for the SP_SensitiveData Job - -Navigate to the **Jobs** > **SharePoint** > **6.Sensitive Data** > **SP_SensitiveData** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SP_SensitiveData Job](/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp) - -The default analysis tasks are: - -- Details – Creates the SA_SP_SensitiveData_Details table accessible under the job’s Results node -- Summarize by Site – Creates the SA_SP_SensitiveData_SiteSummary table accessible under the job’s - Results node -- Enterprise Summary – Creates the SA_SP_SensitiveData_Summary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks which display sensitive data, the -SP_SensitiveData Job produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------------------------ | ------------------------------------------------------------------------------------------------------ | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Enterprise Summary (A.K.A. Sensitive Data) | This report summarizes the types and amount of sensitive data discovered on targeted SharePoint farms. | Sensitive Data | This report is comprised of two elements: - Pie Chart – Displays sensitive data discovered on SharePoint farms - Table – Provides details on sensitive data | -| Site Collection Details | This report highlights sites with the largest amount of sensitive data found. | Sensitive Data | This report is comprised of three elements: - Bar Chart – Displays top sites by sensitive files - Table – Provides details on the site collection summary - Table – Provides details the files fetched | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/sp_brokeninheritance.md b/docs/accessanalyzer/12.0/solutions/sharepoint/sp_brokeninheritance.md new file mode 100644 index 0000000000..042850a4a2 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/sp_brokeninheritance.md @@ -0,0 +1,39 @@ +# 3.Broken Inheritance > SP_BrokenInheritance Job + +Keeping track of directly applied permissions at mass is not realistic, the SP_BrokenInheritance job +is responsible for performing data analysis and generating SharePoint broken inheritance reports at +the site level. This includes looking at site broken inheritance and the trustees who are assigned +to those sites where inheritance is broken so that you can remove that access in favor of providing +access via group membership. + +![3.Broken Inheritance > SP_BrokenInheritance Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/brokeninheritancejobstree.webp) + +The SP_BrokenInheritance job is located in the 3.Broken Inheritance Job Group. + +## Analysis Tasks for the SP_BrokenInheritance Job + +Navigate to the **Jobs** > **SharePoint** > **3.Broken Inheritance** > **SP_BrokenInheritance** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_BrokenInheritance Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/brokeninheritanceanalysis.webp) + +They need to remain in the default order: + +- 1. Create Inheritance View – Creates the SA_ENG_SPAA_Inheritance view accessible under the job’s + Results node +- 2. Unique Trustees Table. Identifies where Trustees have been Added/Removed – Creates the + SA_SP_BrokenInheritance_UniqueTrustees table accessible under the job’s Results node +- 3. Pivot Unique Trustees Table – Creates the SA_SP_BrokenInheritance_UniqueTrusteesPivot table + accessible under the job’s Results node +- 4. Summarize by Site Collection – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables created by the analysis tasks which display resources with broken +inheritance, the SP_BrokenInheritance Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Broken Inheritance | This job is responsible for performing data analysis and generating SharePoint direct permission reports at the site level. This includes looking at site broken inheritance and the trustees who are assigned to those sites where inheritance is broken. | None | This report is comprised of two elements: - Bar Chart – Displays top 5 site collections by resources with permission changes - Table – Provides a site collection summary - Table – Provides broken inheritance details | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/sp_openaccess.md b/docs/accessanalyzer/12.0/solutions/sharepoint/sp_openaccess.md new file mode 100644 index 0000000000..7e81652b07 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/sp_openaccess.md @@ -0,0 +1,43 @@ +# 2.High Risk Sites > SP_OpenAccess Job + +The 2.High Risk Sites Job Group provides insight into any high risk repositories and high risk data +that may exist within the targeted SharePoint environment. High risk data is effectively open to the +entire organization through modification of SharePoint permissions to apply well known security +principals such as NT AUTHORITY\Authenticated Users. The data must be monitored closely because of +its exposure. + +![2.High Risk Sites > SP_OpenAccess Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/openaccessjobstree.webp) + +The job group is comprised of the SP_OpenAccess Job. Minimizing your attack surface is the goal. +Open site collections can potentially provide access to privileged data, greatly increasing your +vulnerability. The SP_OpenAccess Job will identify places in the environment where data is able to +be accessed by a very large amount of employees. + +It is dependent on data collected by the +[SharePoint Access Auditing](collection/overview.md#sharepoint-access-auditing) or +[SharePoint Sensitive Data Discovery Auditing (SEEK)](collection/overview.md#sharepoint-sensitive-data-discovery-auditing-seek) +components of the [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md). + +## Analysis Tasks for the SP_OpenAccess Job + +Navigate to the **Jobs** > **SharePoint** > **2.High Risk Sites** > **SP_OpenAccess** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_OpenAccess Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/openaccessanalysis.webp) + +The default analysis tasks are: + +- 1. Determine Access to Resources – Creates the SA_SP_OpenAccess_AccessDetails table accessible + under the job’s Results node +- 2. Summarize by Site Collection – Creates the SA_SP_OpenAccess_SiteCollectionSummary table + accessible under the job’s Results node + +In addition to the tables created by the analysis tasks which display resources with open access, +the SP_OpenAccess Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | ------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Open Access | This report identifies site collections with open resources. | Open Access | This report is comprised of two elements: - Stacked Bar – Displays top site collections with open access - Table – Provides site collection details - Table – Provides access details | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/sp_overview.md b/docs/accessanalyzer/12.0/solutions/sharepoint/sp_overview.md new file mode 100644 index 0000000000..e8cb5d26dd --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/sp_overview.md @@ -0,0 +1,37 @@ +# SP_Overview Job + +The SP_Overview job provides an overview of the SharePoint Environment, providing a high level view +into what makes up a SharePoint Environment and the types of security risks and toxic permissions +found during scans. + +![SP_Overview Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/overviewjobstree.webp) + +It is dependent on data collected by the +[SharePoint Access Auditing](collection/overview.md#sharepoint-access-auditing), +[SharePoint Sensitive Data Discovery Auditing (SEEK)](collection/overview.md#sharepoint-sensitive-data-discovery-auditing-seek), +and [SharePoint Activity Auditing](collection/overview.md#sharepoint-activity-auditing) components +of the [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/sharepoint/collection/overview.md). It also depends on the running of the +sub-job groups within the solution. If only select sub-job groups have been run, there will be blank +sections of this overview report. + +## Analysis Tasks for the SP_Overview Job + +Navigate to the **Jobs** > **SharePoint** > **SP_Overview** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_Overview Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/overviewanalysis.webp) + +The default analysis tasks is: + +- Generate Overview – Creates an interim processing table in the database for use by downstream + analysis and report generation + +In addition to the table created by the analysis task which displays all direct user permissions, +the SP_Overview Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------- | +| SharePoint Overview | This report provides an overview of the targeted SharePoint environment. | None | This report is comprised of one element: - Table – Provides details on the targeted SharePoint environment | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/sp_probableowner.md b/docs/accessanalyzer/12.0/solutions/sharepoint/sp_probableowner.md new file mode 100644 index 0000000000..869001a4c4 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/sp_probableowner.md @@ -0,0 +1,32 @@ +# 5.Probable Owner > SP_ProbableOwner Job + +The SP_ProbableOwner Job aids in the identification of probable owners for Site Collections and +Sites, which can be used for entitlement reviews. Probably Owner calculation is based on file +ownership, management structure, and file activity. The goal of this report is to help you identify +who most likely owns the SharePoint resource or at least someone who can tell you who does. + +![5.Probable Owner > SP_ProbableOwner Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/probableownerjobstree.webp) + +The SP_ProbableOwner Job is located in the 5.Probable Owner Job Group. + +## Analysis Tasks for the SP_ProbableOwner Job + +Navigate to the **Jobs** > **SharePoint** > **5.Probable Owner** > +**SP_ProbableOwner** >**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SP_ProbableOwner Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/probableowneranalysis.webp) + +The default analysis tasks are: + +- Identify Probable Owners – Creates the SA_SP_SiteProbablyOwners_Details table accessible under the + job’s Results node + +In addition to the table created by the analysis task which displays probable ownership, the +SP_ProbableOwner Job produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------- | --------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------- | +| SharePoint Probable Ownership | This report identifies probable owners based on management structure, file ownership, and activity. | None | This report is comprised of one element: - Table – Provides details on probable owners | diff --git a/docs/accessanalyzer/12.0/solutions/sharepoint/sp_sensitivedata.md b/docs/accessanalyzer/12.0/solutions/sharepoint/sp_sensitivedata.md new file mode 100644 index 0000000000..adee623377 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/sharepoint/sp_sensitivedata.md @@ -0,0 +1,34 @@ +# 6.Sensitive Data > SP_SensitiveData Job + +The SP_SensitiveData Job identifies where sensitive data is located inside SharePoint farms. Special +care is paid to access and user activity in these locations. + +![6.Sensitve Data > SP_SensitiveData Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/sensitivedatajobstree.webp) + +The SP_SensitiveData Job is located in the 6.Sensitive Data Job Group. + +## Analysis Tasks for the SP_SensitiveData Job + +Navigate to the **Jobs** > **SharePoint** > **6.Sensitive Data** > **SP_SensitiveData** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SP_SensitiveData Job](/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/sensitivedataanalysis.webp) + +The default analysis tasks are: + +- Details – Creates the SA_SP_SensitiveData_Details table accessible under the job’s Results node +- Summarize by Site – Creates the SA_SP_SensitiveData_SiteSummary table accessible under the job’s + Results node +- Enterprise Summary – Creates the SA_SP_SensitiveData_Summary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks which display sensitive data, the +SP_SensitiveData Job produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------------------------ | ------------------------------------------------------------------------------------------------------ | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Enterprise Summary (A.K.A. Sensitive Data) | This report summarizes the types and amount of sensitive data discovered on targeted SharePoint farms. | Sensitive Data | This report is comprised of two elements: - Pie Chart – Displays sensitive data discovered on SharePoint farms - Table – Provides details on sensitive data | +| Site Collection Details | This report highlights sites with the largest amount of sensitive data found. | Sensitive Data | This report is comprised of three elements: - Bar Chart – Displays top sites by sensitive files - Table – Provides details on the site collection summary - Table – Provides details the files fetched | diff --git a/docs/accessanalyzer/12.0/solutions/unix/overview.md b/docs/accessanalyzer/12.0/solutions/unix/overview.md index 0bd830426f..5cc97e546c 100644 --- a/docs/accessanalyzer/12.0/solutions/unix/overview.md +++ b/docs/accessanalyzer/12.0/solutions/unix/overview.md @@ -16,7 +16,7 @@ Supported Platforms Requirements, Permissions, and Ports -See the [Target Unix Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/unix.md) topic +See the [Target Unix Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/unix.md) topic for additional information. Location @@ -30,7 +30,7 @@ solution: **Jobs** > **Unix**. The Unix solution is a set of audit jobs and reports that provide visibility into important Unix and Linux administration concepts. -![Unix Solution Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![Unix Solution Overview page](/img/product_docs/accessanalyzer/12.0/solutions/unix/overviewpage.webp) The job groups in the Unix Solution are: diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/overview.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/overview.md index aaa74222f1..986745ffe8 100644 --- a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/overview.md +++ b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/overview.md @@ -4,12 +4,12 @@ The 2.Privileged Access job group contains jobs that provide visibility into pri audited Unix and Linux environments by identifying all rights granted via sudoers and the owners of critical files such as passwd, shadow, sudoers, hosts.deny, and more. -![2.Privileged Access Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![2.Privileged Access Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/jobstree.webp) The jobs in the 2.Privileged Access job group are: - [ Sudoers Job Group](/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/overview.md) – The jobs in this job group provide visibility into all rights granted via sudoers within audited Unix and Linux environments -- [UX_CriticalFiles Job](/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/ux-criticalfiles.md) – This job provides visibility into owners of critical +- [UX_CriticalFiles Job](/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/ux_criticalfiles.md) – This job provides visibility into owners of critical files within audited Unix and Linux environments such as passwd, shadow, sudoers, hosts.deny, and more diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/overview.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/overview.md index beedd2c92b..fe695f2c91 100644 --- a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/overview.md @@ -3,11 +3,11 @@ The 0.Collection job group collects details on all rights granted via sudoers within audited Unix and Linux Environments. -![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/collectionjobstree.webp) The jobs in the 0.Collection job group are: -- [UX_MakeDirectory Job](/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux-makedirectory.md) – This job creates a temporary Access Analyzer +- [UX_MakeDirectory Job](/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md) – This job creates a temporary Access Analyzer directory on target Unix and Linux environments to be used by the UX_ParseSudoers job -- [UX_ParseSudeors Job](/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux-parsesudeors.md) – This job parses all rights granted via sudoers in the +- [UX_ParseSudeors Job](/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md) – This job parses all rights granted via sudoers in the audited environment diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux-makedirectory.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux-makedirectory.md deleted file mode 100644 index 57c446e825..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux-makedirectory.md +++ /dev/null @@ -1,14 +0,0 @@ -# UX_MakeDirectory Job - -The UX_MakeDirectory job creates a temporary Access Analyzer directory on the target host to be used -by the UX_ParseSudoers job. - -## Queries for the UX_MakeDirectory Job - -The UX_MakeDirectory job uses the Unix Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the UX_MakeDirectory Job](/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp) - -- MakeDirectory – Makes a directory for the sudoers.pl file on the target host diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux-parsesudeors.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux-parsesudeors.md deleted file mode 100644 index 99671f5468..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux-parsesudeors.md +++ /dev/null @@ -1,15 +0,0 @@ -# UX_ParseSudeors Job - -The UX_ParseSudoers job parses all rights granted via sudoers in the audited environments. - -## Queries for the UX_ParseSudoers Job - -The UX_ParseSudoers job uses the Unix Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the UX_ParseSudoers Job](/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp) - -The query for the UX_ParseSudoers job is: - -- ParseSudoers – Parses the sudoers file on the target host diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md new file mode 100644 index 0000000000..5676d37248 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux_makedirectory.md @@ -0,0 +1,14 @@ +# UX_MakeDirectory Job + +The UX_MakeDirectory job creates a temporary Access Analyzer directory on the target host to be used +by the UX_ParseSudoers job. + +## Queries for the UX_MakeDirectory Job + +The UX_MakeDirectory job uses the Unix Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the UX_MakeDirectory Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp) + +- MakeDirectory – Makes a directory for the sudoers.pl file on the target host diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md new file mode 100644 index 0000000000..2a6e8e5f92 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/ux_parsesudeors.md @@ -0,0 +1,15 @@ +# UX_ParseSudeors Job + +The UX_ParseSudoers job parses all rights granted via sudoers in the audited environments. + +## Queries for the UX_ParseSudoers Job + +The UX_ParseSudoers job uses the Unix Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the UX_ParseSudoers Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp) + +The query for the UX_ParseSudoers job is: + +- ParseSudoers – Parses the sudoers file on the target host diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/overview.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/overview.md index cce9fc0523..5902cd5d7e 100644 --- a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/overview.md +++ b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/overview.md @@ -3,11 +3,11 @@ The Sudoers job group provides visibility into all rights granted via sudoers within audited Unix and Linux environments. -![Sudoers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp) +![Sudoers Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp) The jobs in the Sudoers job group are: - [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/overview.md) – This group collects details on all rights granted via sudoers within audited Unix and Linux environments -- [UX_Sudoers Job](/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/ux-sudoers.md) – This job details all rights granted via sudoers in the audited +- [UX_Sudoers Job](/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md) – This job details all rights granted via sudoers in the audited environment diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/ux-sudoers.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/ux-sudoers.md deleted file mode 100644 index c9eae42399..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/ux-sudoers.md +++ /dev/null @@ -1,30 +0,0 @@ -# UX_Sudoers Job - -The UX_Sudoers job provides visibility into all rights granted via sudoers within audited Unix and -Linux environments. - -## Analysis Tasks for the UX_Sudoers Job - -Navigate to the **Unix** > **2.Privileged Access** > **Sudoers** > **UX_Sudoers** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_Sudoers Job](/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp) - -The default analysis tasks are: - -- Summarize number of provisioned users by host – Creates an interim processing table in the - database for use by downstream analysis and report generation -- Determine highly provisioned users – Creates an interim processing table in the database for use - by downstream analysis and report generation -- List sudoers entries across the environment – Creates the SA_UX_Sudoers_Details table accessible - under the job’s Results node - -In addition to the table and views created by the analysis tasks, the UX_Sudoers job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------------- | --------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sudo Rights by Host | This report details all rights granted via sudoers across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays Hosts With Most Provisioning - Table – Provides details on Provisioning by Host - Table – Provides information on Sudoers Details | diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md new file mode 100644 index 0000000000..0a14d90782 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/ux_sudoers.md @@ -0,0 +1,30 @@ +# UX_Sudoers Job + +The UX_Sudoers job provides visibility into all rights granted via sudoers within audited Unix and +Linux environments. + +## Analysis Tasks for the UX_Sudoers Job + +Navigate to the **Unix** > **2.Privileged Access** > **Sudoers** > **UX_Sudoers** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_Sudoers Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp) + +The default analysis tasks are: + +- Summarize number of provisioned users by host – Creates an interim processing table in the + database for use by downstream analysis and report generation +- Determine highly provisioned users – Creates an interim processing table in the database for use + by downstream analysis and report generation +- List sudoers entries across the environment – Creates the SA_UX_Sudoers_Details table accessible + under the job’s Results node + +In addition to the table and views created by the analysis tasks, the UX_Sudoers job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------------- | --------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sudo Rights by Host | This report details all rights granted via sudoers across the audited environment | None | This report is comprised of three elements: - Bar Chart – Displays Hosts With Most Provisioning - Table – Provides details on Provisioning by Host - Table – Provides information on Sudoers Details | diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/ux-criticalfiles.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/ux-criticalfiles.md deleted file mode 100644 index 22f827709a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/ux-criticalfiles.md +++ /dev/null @@ -1,42 +0,0 @@ -# UX_CriticalFiles Job - -The UX_CriticalFiles job provides visibility into owners of critical files within audited Unix and -Linux environments such as passwd, shadow, sudoers, hosts.deny, and more. - -## Queries for the UX_CriticalFiles Job - -The UX_CriticalFIles job uses the Unix Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the UX_CriticalFiles Job](/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesquery.webp) - -The query for the UX_CriticalFiles job is: - -- Critical File Owners – Finds critical file ownership - -## Analysis Tasks for the UX_CriticalFiles Job - -Navigate to the **Unix** > **2.Privileged Access** > **UX_CriticalFiles** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_CriticalFiles Job](/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesanalysis.webp) - -The default analysis task is: - -- Details critical file ownership, highlights top users - - - Creates SA_UX_PrivilegedAccess_CriticalFileOwnership table accessible under the job’s Results - node - - Creates SA_UX_PrivilegedAccess_CriticalFileOwners table accessible under the job’s Results - node - -In addition to the tables and views created by the analysis task, the UX_CriticalFiles job produces -the following preconfigured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Critical File Ownership | This report lists the ownership of critical files across the audited environment. The top non-root users and groups with critical file ownership are highlighted. | None | This report is comprised of three elements: - Table – Provides details on Top 5 Critical File Owners (Users) - Table – Provides details on Top 5 Critical File Owners (Groups) - Table – Provides information on Critical File Ownership Details | diff --git a/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/ux_criticalfiles.md b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/ux_criticalfiles.md new file mode 100644 index 0000000000..b0d676586c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/ux_criticalfiles.md @@ -0,0 +1,42 @@ +# UX_CriticalFiles Job + +The UX_CriticalFiles job provides visibility into owners of critical files within audited Unix and +Linux environments such as passwd, shadow, sudoers, hosts.deny, and more. + +## Queries for the UX_CriticalFiles Job + +The UX_CriticalFIles job uses the Unix Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the UX_CriticalFiles Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/criticalfilesquery.webp) + +The query for the UX_CriticalFiles job is: + +- Critical File Owners – Finds critical file ownership + +## Analysis Tasks for the UX_CriticalFiles Job + +Navigate to the **Unix** > **2.Privileged Access** > **UX_CriticalFiles** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_CriticalFiles Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/criticalfilesanalysis.webp) + +The default analysis task is: + +- Details critical file ownership, highlights top users + + - Creates SA_UX_PrivilegedAccess_CriticalFileOwnership table accessible under the job’s Results + node + - Creates SA_UX_PrivilegedAccess_CriticalFileOwners table accessible under the job’s Results + node + +In addition to the tables and views created by the analysis task, the UX_CriticalFiles job produces +the following preconfigured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Critical File Ownership | This report lists the ownership of critical files across the audited environment. The top non-root users and groups with critical file ownership are highlighted. | None | This report is comprised of three elements: - Table – Provides details on Top 5 Critical File Owners (Users) - Table – Provides details on Top 5 Critical File Owners (Groups) - Table – Provides information on Critical File Ownership Details | diff --git a/docs/accessanalyzer/12.0/solutions/unix/recommended.md b/docs/accessanalyzer/12.0/solutions/unix/recommended.md index 5210d13596..e72275ba25 100644 --- a/docs/accessanalyzer/12.0/solutions/unix/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/unix/recommended.md @@ -22,7 +22,7 @@ Connection Profile Set a Connection Profile on the Unix job group with root permissions for Unix/Linux. If the Root permission is unavailable, a least privileged model can be used. See the -[Least Privilege Model](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/unix.md#least-privilege-model) topic for +[Least Privilege Model](/docs/accessanalyzer/12.0/requirements/target/unix.md#least-privilege-model) topic for permissions needed to target the supported platforms for data collection. Schedule Frequency diff --git a/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/overview.md b/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/overview.md index 8910b94e52..14c8c1ef29 100644 --- a/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/overview.md @@ -3,13 +3,13 @@ The jobs within this group collect NFS and Samba configuration information which will be further analyzed to identify and categorize risk within audited Unix and Linux environments. -![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) +![0.Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/collectionjobstree.webp) The jobs in the 0.Collection job group are: -- [UX_NFSConfiguration Job](/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux-nfsconfiguration.md) – Collects NFS configuration information which +- [UX_NFSConfiguration Job](/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux_nfsconfiguration.md) – Collects NFS configuration information which will be further analyzed to identify and categorize risk within audited Unix and Linux environments -- [UX_NFSConfiguration Job](/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux-nfsconfiguration.md) – Collects Samba configuration information which +- [UX_NFSConfiguration Job](/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux_nfsconfiguration.md) – Collects Samba configuration information which will be further analyzed to identify and categorize risk within audited Unix and Linux environments diff --git a/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux-nfsconfiguration.md b/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux-nfsconfiguration.md deleted file mode 100644 index bd7d45ae00..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux-nfsconfiguration.md +++ /dev/null @@ -1,32 +0,0 @@ -# UX_NFSConfiguration Job - -The **0.Collection** > **UX_NFSConfiguration** job collects NFS configuration information which will -be further analyzed to identify and categorize risk within audited Unix and Linux environments. - -## Queries for the UX_NFSConfiguration Job - -The UX_NFSConfiguration job uses the Unix Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the UX_NFSConfiguration Job](/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationqueries.webp) - -The queries for the UX_NFSConfiguration job are: - -- NFS Config – NFS Configuration -- Host OS – Gets the operating system of the target hosts - -## Analysis Tasks for the UX_NFSConfiguration Job - -Navigate to the **Unix** > **3.Sharing** > **0.Collection** > **UX_NFSConfiguration** > -**Configure** node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the UX_NFSConfiguration Job](/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp) - -The default analysis task is: - -- Create NFS Options table – Creates the SA_UX_Sharing_NFSOptions table accessible under the job’s - Results node diff --git a/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux-sambaconfiguration.md b/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux-sambaconfiguration.md deleted file mode 100644 index 3b05d67b20..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux-sambaconfiguration.md +++ /dev/null @@ -1,32 +0,0 @@ -# UX_SambaConfiguration Job - -The **0.Collection** > **UX_SambaConfiguration** job collects Samba configuration information which -will be further analyzed to identify and categorize risk within audited Unix and Linux environments. - -## Queries for the UX_SambaConfiguration Job - -The UX_SambaConfiguration job uses the Unix Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the UX_SambaConfiguration Job](/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationqueries.webp) - -The queries for the UX_SambaConfiguration Job are: - -- Samba Configuration – Uses the Unix Data Collector to parse the smb.conf file -- Host OS – Gets the operating system of the target hosts - -## Analysis Tasks for the UX_SambaConfiguration Job - -Navigate to the **Unix** > **3.Sharing** > **0.Collection** > **UX_SambaConfiguration** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the UX_SambaConfiguration Job](/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp) - -The default analysis task is: - -- Creates Samba Parameters table from scan results – Creates the SA_UX_Sharing_SambaParameters table - accessible under the job’s Results node diff --git a/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux_nfsconfiguration.md b/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux_nfsconfiguration.md new file mode 100644 index 0000000000..55cf711edd --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux_nfsconfiguration.md @@ -0,0 +1,32 @@ +# UX_NFSConfiguration Job + +The **0.Collection** > **UX_NFSConfiguration** job collects NFS configuration information which will +be further analyzed to identify and categorize risk within audited Unix and Linux environments. + +## Queries for the UX_NFSConfiguration Job + +The UX_NFSConfiguration job uses the Unix Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the UX_NFSConfiguration Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/nfsconfigurationqueries.webp) + +The queries for the UX_NFSConfiguration job are: + +- NFS Config – NFS Configuration +- Host OS – Gets the operating system of the target hosts + +## Analysis Tasks for the UX_NFSConfiguration Job + +Navigate to the **Unix** > **3.Sharing** > **0.Collection** > **UX_NFSConfiguration** > +**Configure** node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the UX_NFSConfiguration Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp) + +The default analysis task is: + +- Create NFS Options table – Creates the SA_UX_Sharing_NFSOptions table accessible under the job’s + Results node diff --git a/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux_sambaconfiguration.md b/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux_sambaconfiguration.md new file mode 100644 index 0000000000..493fb658f2 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/ux_sambaconfiguration.md @@ -0,0 +1,32 @@ +# UX_SambaConfiguration Job + +The **0.Collection** > **UX_SambaConfiguration** job collects Samba configuration information which +will be further analyzed to identify and categorize risk within audited Unix and Linux environments. + +## Queries for the UX_SambaConfiguration Job + +The UX_SambaConfiguration job uses the Unix Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the UX_SambaConfiguration Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/sambaconfigurationqueries.webp) + +The queries for the UX_SambaConfiguration Job are: + +- Samba Configuration – Uses the Unix Data Collector to parse the smb.conf file +- Host OS – Gets the operating system of the target hosts + +## Analysis Tasks for the UX_SambaConfiguration Job + +Navigate to the **Unix** > **3.Sharing** > **0.Collection** > **UX_SambaConfiguration** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the UX_SambaConfiguration Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp) + +The default analysis task is: + +- Creates Samba Parameters table from scan results – Creates the SA_UX_Sharing_SambaParameters table + accessible under the job’s Results node diff --git a/docs/accessanalyzer/12.0/solutions/unix/sharing/overview.md b/docs/accessanalyzer/12.0/solutions/unix/sharing/overview.md index 5cb8981d0d..3a2f5bc847 100644 --- a/docs/accessanalyzer/12.0/solutions/unix/sharing/overview.md +++ b/docs/accessanalyzer/12.0/solutions/unix/sharing/overview.md @@ -2,15 +2,15 @@ The 3.Sharing job group highlights potentially insecure share configurations on Unix hosts. -![3.Sharing Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![3.Sharing Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/jobstree.webp) The jobs in the 3.Sharing job group are: - [0.Collection Job Group](/docs/accessanalyzer/12.0/solutions/unix/sharing/collection/overview.md) - Collects NFS and Samba configuration information which will be further analyzed to identify and categorize risk within audited Unix and Linux environments -- [UX_NFS Job](/docs/accessanalyzer/12.0/solutions/unix/sharing/ux-nfs.md) – This job identifies potentially insecure NFS share options which are +- [UX_NFS Job](/docs/accessanalyzer/12.0/solutions/unix/sharing/ux_nfs.md) – This job identifies potentially insecure NFS share options which are categorized by their risk level. Separate lists of options are checked based on target operating system. -- [UX_Samba Job](/docs/accessanalyzer/12.0/solutions/unix/sharing/ux-samba.md) – This job identifies potentially insecure Samba share configurations +- [UX_Samba Job](/docs/accessanalyzer/12.0/solutions/unix/sharing/ux_samba.md) – This job identifies potentially insecure Samba share configurations which are categorized by their risk level diff --git a/docs/accessanalyzer/12.0/solutions/unix/sharing/ux-nfs.md b/docs/accessanalyzer/12.0/solutions/unix/sharing/ux-nfs.md deleted file mode 100644 index 4819943166..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/sharing/ux-nfs.md +++ /dev/null @@ -1,28 +0,0 @@ -# UX_NFS Job - -The UX_NFS job identifies potentially insecure NFS share options which are categorized by their risk -level. Separate lists of options are checked based on target operating system. - -## Analysis Tasks for the UX_NFS Job - -Navigate to the **Unix** > **3.Sharing** > **UX_NFS** > **Configure** node and select **Analysis** -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_NFS Job](/img/product_docs/accessanalyzer/solutions/unix/sharing/nfsanalysis.webp) - -The default analysis tasks are: - -- Lists high risk NFS share options – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Highlights hosts with a large number of risky shares – Creates an interim processing table in the - database for use by downstream analysis and report generation - -In addition to the tables and views created by the analysis task, the UX_NFS job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| -------------------------------------------- | ---------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| NFS Shares with Potentially Insecure Options | This report identifies NFS shares with options which may lead to open access | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Potentially Insecure Shares - Table – Provides details on Top Hosts by Potentially Insecure Shares bar chart - Table – Provides details on List of Potentially Insecure Share Options | diff --git a/docs/accessanalyzer/12.0/solutions/unix/sharing/ux-samba.md b/docs/accessanalyzer/12.0/solutions/unix/sharing/ux-samba.md deleted file mode 100644 index 57324a55b8..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/sharing/ux-samba.md +++ /dev/null @@ -1,28 +0,0 @@ -# UX_Samba Job - -The UX_Samba job identifies potentially insecure Samba share configurations which are categorized by -their risk level. - -## Analysis Tasks for the UX_Samba Job - -View the analysis tasks by navigating to the **Unix** > **3.Sharing** > **UX_Samba** > **Configure** -node and select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_Samba Job](/img/product_docs/accessanalyzer/solutions/unix/sharing/sambaanalysis.webp) - -The default analysis tasks are: - -- Lists high risk Samba share configurations – Creates the SA_UX_Samba_HighRiskSambaShares table - accessible under the job’s Results node -- Highlights hosts with a large number of risky shares – Creates an interim processing table in the - database for use by downstream analysis and report generation - -In addition to the tables and views created by the analysis task, the UX_NFS job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------------------------------------------------- | --------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Samba Shares with Potentially Insecure Configurations | This report identifies Samba shares with parameters which may lead to open access | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Potentially Insecure Shares - Table – Provides details on Top Hosts by Potentially Insecure Shares bar chart - Table – Provides details on List of Potentially Insecure Share Configurations | diff --git a/docs/accessanalyzer/12.0/solutions/unix/sharing/ux_nfs.md b/docs/accessanalyzer/12.0/solutions/unix/sharing/ux_nfs.md new file mode 100644 index 0000000000..37bf0bc742 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/sharing/ux_nfs.md @@ -0,0 +1,28 @@ +# UX_NFS Job + +The UX_NFS job identifies potentially insecure NFS share options which are categorized by their risk +level. Separate lists of options are checked based on target operating system. + +## Analysis Tasks for the UX_NFS Job + +Navigate to the **Unix** > **3.Sharing** > **UX_NFS** > **Configure** node and select **Analysis** +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_NFS Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/nfsanalysis.webp) + +The default analysis tasks are: + +- Lists high risk NFS share options – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Highlights hosts with a large number of risky shares – Creates an interim processing table in the + database for use by downstream analysis and report generation + +In addition to the tables and views created by the analysis task, the UX_NFS job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| -------------------------------------------- | ---------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| NFS Shares with Potentially Insecure Options | This report identifies NFS shares with options which may lead to open access | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Potentially Insecure Shares - Table – Provides details on Top Hosts by Potentially Insecure Shares bar chart - Table – Provides details on List of Potentially Insecure Share Options | diff --git a/docs/accessanalyzer/12.0/solutions/unix/sharing/ux_samba.md b/docs/accessanalyzer/12.0/solutions/unix/sharing/ux_samba.md new file mode 100644 index 0000000000..7bc160eaea --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/sharing/ux_samba.md @@ -0,0 +1,28 @@ +# UX_Samba Job + +The UX_Samba job identifies potentially insecure Samba share configurations which are categorized by +their risk level. + +## Analysis Tasks for the UX_Samba Job + +View the analysis tasks by navigating to the **Unix** > **3.Sharing** > **UX_Samba** > **Configure** +node and select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_Samba Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/sambaanalysis.webp) + +The default analysis tasks are: + +- Lists high risk Samba share configurations – Creates the SA_UX_Samba_HighRiskSambaShares table + accessible under the job’s Results node +- Highlights hosts with a large number of risky shares – Creates an interim processing table in the + database for use by downstream analysis and report generation + +In addition to the tables and views created by the analysis task, the UX_NFS job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------------------------------------------------- | --------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Samba Shares with Potentially Insecure Configurations | This report identifies Samba shares with parameters which may lead to open access | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Potentially Insecure Shares - Table – Provides details on Top Hosts by Potentially Insecure Shares bar chart - Table – Provides details on List of Potentially Insecure Share Configurations | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/overview.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/overview.md index 2ea4353063..ee0fb08c0d 100644 --- a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/overview.md +++ b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/overview.md @@ -3,25 +3,25 @@ The jobs within the 1.Users and Groups job group provide visibility into users and groups, helping to pinpoint potential areas of administrative concern. -![1.Users and Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![1.Users and Groups Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/jobstree.webp) The jobs in the 1.Users and Groups job group are: -- [0.Collection > UX_UsersAndGroups Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-usersandgroups.md) – Collects user and group related +- [0.Collection > UX_UsersAndGroups Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_usersandgroups.md) – Collects user and group related information from /etc/shadow and their equivalents in order to provide details on user and group conditions to help pinpoint areas of administrative concerns -- [UX_DuplicateGroups Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-duplicategroups.md) – This job identifies duplicate groups within the +- [UX_DuplicateGroups Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_duplicategroups.md) – This job identifies duplicate groups within the audited Unix or Linux environment. Duplicate groups contain the same group membership as one another and are suitable candidates for cleanup. -- [UX_EmptyGroups Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-emptygroups.md) – This job identifies empty groups found within the +- [UX_EmptyGroups Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_emptygroups.md) – This job identifies empty groups found within the audited Unix or Linux environment. These are suitable candidates for consolidation or cleanup. -- [UX_LargeGroups Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-largegroups.md) – This job identifies groups with large member counts. +- [UX_LargeGroups Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_largegroups.md) – This job identifies groups with large member counts. These types of groups may cause administrative overhead and burden in being able to easily understand who is getting access to resources, or how much access is being granted to resources through these groups. -- [UX_LocalGroups Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-localgroups.md) – This job provides an overview of all local groups within +- [UX_LocalGroups Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_localgroups.md) – This job provides an overview of all local groups within the audited Unix and Linux environments -- [UX_LocalUsers Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-localusers.md) – This job provides an overview of all local users within +- [UX_LocalUsers Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_localusers.md) – This job provides an overview of all local users within the audited Unix and Linux environments -- [UX_PasswordSettings Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-passwordsettings.md) – This job provides visibility into user +- [UX_PasswordSettings Job](/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_passwordsettings.md) – This job provides visibility into user passwords and system password configurations within audited Unix and Linux environments diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-duplicategroups.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-duplicategroups.md deleted file mode 100644 index 46f6151a11..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-duplicategroups.md +++ /dev/null @@ -1,29 +0,0 @@ -# UX_DuplicateGroups Job - -The UX_DuplicateGroups job identifies duplicate groups within the audited Unix or Linux environment. -Duplicate groups contain the same group membership as one another and are suitable candidates for -cleanup. - -## Analysis Tasks for the UX_DuplicateGroups Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_DuplicateGroups** > **Configure** node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_DuplicateGroups Job](/img/product_docs/accessanalyzer/solutions/activedirectory/groups/duplicategroupsanalysis.webp) - -The default analysis tasks are: - -- Finds duplicate groups – Creates the SA_UX_DuplicateGroups_Details table accessible under the - job’s Results node -- Summarizes duplicate groups – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the table and views created by the analysis tasks, the UX_DuplicateGroups job -produces the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | -| Duplicate Groups | This report identifies duplicate groups within the audited domains | None | This report is comprised of two elements: - Bar Chart – Displays Largest Groups with Duplicates - Table – Provides details on Duplicate Group Details | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-emptygroups.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-emptygroups.md deleted file mode 100644 index 7e8717cfac..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-emptygroups.md +++ /dev/null @@ -1,28 +0,0 @@ -# UX_EmptyGroups Job - -The UX_EmptyGroups job identifies empty groups found within the audited Unix or Linux environment. -These are suitable candidates for consolidation or cleanup. - -## Analysis Tasks for the UX_EmptyGroups Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_EmptyGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_EmptyGroups Job](/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp) - -The default analysis tasks are: - -- Finds empty groups – Creates the SA_UX_EmptyGroups_Details table accessible under the job’s - Results node -- Summarizes empty groups – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the table and views created by the analysis tasks, the UX_EmptyGroups job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | -------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Empty Groups | This report identifies empty groups within the audited domains | None | This report is comprised of three elements: - Bar Chart – Displays Empty Groups by Type - Table – Provides details on Empty Groups by Type bar chart - Table – Provides information on Empty Group Details | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-largegroups.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-largegroups.md deleted file mode 100644 index 9889c4577f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-largegroups.md +++ /dev/null @@ -1,43 +0,0 @@ -# UX_LargeGroups Job - -The UX_LargeGroups job identifies groups with large member counts. These types of groups may cause -administrative overhead and burden in being able to easily understand who is getting access to -resources, or how much access is being granted to resources through these groups. - -## Parameter Configuration - -The Configuration section on a Job's overview page allows you to easily modify any customizable -parameters used by analysis tasks in the job. See the -[Parameter Configuration](/docs/accessanalyzer/12.0/administration/job-management/job/overview.md#parameter-configuration) topic for -instructions on how to edit parameters on a job overview page. - -The UX_LargeGroups job has the following customizable parameter: - -- Minimum size for a group to be considered large – Sets the threshold used by the Find large groups - analysis task to determine if a group is considered to be large. The default is 5. - -## Analysis Tasks for the UX_LargeGroups Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_LargeGroups** > **Configure** node and -select Analysis to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the UX_LargeGroups Job](/img/product_docs/accessanalyzer/solutions/unix/usersgroups/largegroupsanalysis.webp) - -The default analysis task is: - -- Finds large groups. The parameter determining the minimum size for a large group can be configured - in the SQL scripting module. – Creates the UX_LargeGroups_Details table accessible under the job’s - Results node - - - The threshold value used to determine if a group is considered large can be customized. See - the [Parameter Configuration](#parameter-configuration) for additional information. - -In addition to the table and views created by the analysis tasks, the UX_LargeGroups job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | -------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | -| Large Groups | This report identifies large groups within the audited domains | None | This report is comprised of two elements: - Bar Chart – Displays Top 5 Large Groups - Table – Provides information on Large Group Details | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-localgroups.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-localgroups.md deleted file mode 100644 index afbe36d929..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-localgroups.md +++ /dev/null @@ -1,28 +0,0 @@ -# UX_LocalGroups Job - -The UX_LocalGroups job provides an overview of all local groups within the audited Unix and Linux -environments. - -## Analysis Tasks for the UX_LocalGroups Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_LocalGroups** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_LocalGroups Job](/img/product_docs/accessanalyzer/solutions/unix/usersgroups/localgroupsanalysis.webp) - -The default analysis tasks are: - -- Creates local groups table – Creates the SA_UX_LocalGroups_Details table accessible under the - job’s Results node -- Creates local groups summary table – Creates an interim processing table in the database for use - by downstream analysis and report generation - -In addition to the table and views created by the analysis tasks, the UX_LocalGroups job produces -the following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------- | -| Local Groups | This report summarizes local groups in the audited environment. Hosts with large numbers of local groups are highlighted, as are local groups with large memberships. | None | This report is comprised of two elements: - Bar Chart – Displays Top Hosts by Local Group Count - Table – Provides details on All Local Groups | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-localusers.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-localusers.md deleted file mode 100644 index 9cd0c18909..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-localusers.md +++ /dev/null @@ -1,28 +0,0 @@ -# UX_LocalUsers Job - -The UX_LocalUsers job provides an overview of all local users within the audited Unix and Linux -environments. - -## Analysis Tasks for the UX_LocalUsers Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_LocalUsers** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_LocalUsers Job](/img/product_docs/accessanalyzer/solutions/unix/usersgroups/localusersanalysis.webp) - -The default analysis tasks are: - -- Creates local users table – Creates the SA_UX_LocalUsers_Details table accessible under the job’s - Results node -- Creates local users summary table – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the table and views created by the analysis tasks, the UX_LocalUsers job produces the -following pre-configured report: - -| Report | Description | Default Tags | Report Elements | -| ----------- | ----------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Local Users | This report summarizes local users in the audited environment. Hosts with large numbers of local users are highlighted. | None | This report is comprised of three elements: - Bar Chart – Displays Top 5 Hosts by Local User Count - Table – Provides details on Top 5 Local User Count bar chart - Table – Provides details on All Local Users | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-passwordsettings.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-passwordsettings.md deleted file mode 100644 index b114b3c5b7..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-passwordsettings.md +++ /dev/null @@ -1,29 +0,0 @@ -# UX_PasswordSettings Job - -The UX_PasswordSettings job provides visibility into user passwords and system password -configurations within audited Unix and Linux environments. - -## Analysis Tasks for the UX_PasswordSettings Job - -Navigate to the **Unix** > **1.Users and Groups** > **UX_PasswordSettings** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_PasswordSettings Job](/img/product_docs/accessanalyzer/solutions/unix/usersgroups/passwordsettingsanalysis.webp) - -The default analysis tasks are: - -- Gives information about local user passwords – Creates SA_UX_PasswordSettings_UserDetails table - accessible under the job’s Results node -- Gives information about system password settings – Creates SA_UX_PasswordSettings_SystemDetails - table accessible under the job’s Results node - -In addition to the table and views created by the analysis tasks, the UX_PasswordSettings job -produces the following pre-configured reports: - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | -------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------- | -| Local User Passwords | This report outlines password information for each local user on each host | None | This report is comprised of one element: - Table – Provides details on User Password Settings | -| Password Security Setting | This report lists password security settings for each audited host | None | This report is comprised of one element: - Table – Provides details on Password Settings | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-usersandgroups.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-usersandgroups.md deleted file mode 100644 index caacc40fb0..0000000000 --- a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux-usersandgroups.md +++ /dev/null @@ -1,49 +0,0 @@ -# 0.Collection > UX_UsersAndGroups Job - -The UX_UsersAndGroups job collects user and group information from /etc/passwd, /etc/shadow, and -their equivalents in order to provide details on user and group conditions to help pinpoint -potential areas of administrative concern. - -![0.Collection > UX_UsersAndGroups Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) - -The UX_UsersAndGroups job is located in the 0.Collection job group. - -## Queries for the UX_UsersAndGroups Job - -The UX_UsersandGroups job uses the Unix Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the UX_UsersAndGroups Job](/img/product_docs/accessanalyzer/solutions/unix/usersgroups/usersandgroupsqueries.webp) - -The queries for the UX_UsersAndGroups job are: - -- UX_LocalUsers – Obtains local user information from /etc/passwd -- UX_LocalGroups – Obtains local group information from /etc/group -- UX_LocalGroupMembers – Obtains local group membership information from /etc/group -- UX_UserPasswords_AIX – Gets shadow file information on AIX hosts -- UX_UserPasswords_Linux – Gets shadow file information on RHEL, CentOS, Debian, SuSE, and Solaris - hosts -- UX_PasswordSettings_AIX – Gets system password settings from /etc/security/user -- UX_PasswordSettings_Linux – Gets system password settings from /etc/login.defs -- UX_PasswordSettings_Solaris – Gets system password settings from /etc/default/passwd -- UX_UserPasswords_AIX_LastUpdate – Gets passwd file information on AIX hosts - -## Analysis Tasks for the UX_UsersAndGroups Job - -Navigate to the **Unix** > **1.Users and Groups** > **0.Collection** > **UX_UsersAndGroups** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the UX_UsersAndGroups Job](/img/product_docs/accessanalyzer/solutions/unix/usersgroups/usersandgroupsanalysis.webp) - -The default analysis tasks are: - -- Creates UX_Users from LDAP_Users, NIS_Users, and UX_LocalUsers – Creates the UX_Users table - accessible under the job’s Results node -- Creates UX_Groups from LDAP_Groups, NIS_Groups, and UX_LocalGroups – Creates the UX_Groups table - accessible under the job’s Results node -- Creates UX_GroupMembers – Creates the UX_GroupMembers table accessible under the job’s Results - node diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_duplicategroups.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_duplicategroups.md new file mode 100644 index 0000000000..f515d7bc83 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_duplicategroups.md @@ -0,0 +1,29 @@ +# UX_DuplicateGroups Job + +The UX_DuplicateGroups job identifies duplicate groups within the audited Unix or Linux environment. +Duplicate groups contain the same group membership as one another and are suitable candidates for +cleanup. + +## Analysis Tasks for the UX_DuplicateGroups Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_DuplicateGroups** > **Configure** node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_DuplicateGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/duplicategroupsanalysis.webp) + +The default analysis tasks are: + +- Finds duplicate groups – Creates the SA_UX_DuplicateGroups_Details table accessible under the + job’s Results node +- Summarizes duplicate groups – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the table and views created by the analysis tasks, the UX_DuplicateGroups job +produces the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------ | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------- | +| Duplicate Groups | This report identifies duplicate groups within the audited domains | None | This report is comprised of two elements: - Bar Chart – Displays Largest Groups with Duplicates - Table – Provides details on Duplicate Group Details | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_emptygroups.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_emptygroups.md new file mode 100644 index 0000000000..6ba31d6a70 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_emptygroups.md @@ -0,0 +1,28 @@ +# UX_EmptyGroups Job + +The UX_EmptyGroups job identifies empty groups found within the audited Unix or Linux environment. +These are suitable candidates for consolidation or cleanup. + +## Analysis Tasks for the UX_EmptyGroups Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_EmptyGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_EmptyGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/emptygroupsanalysis.webp) + +The default analysis tasks are: + +- Finds empty groups – Creates the SA_UX_EmptyGroups_Details table accessible under the job’s + Results node +- Summarizes empty groups – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the table and views created by the analysis tasks, the UX_EmptyGroups job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | -------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Empty Groups | This report identifies empty groups within the audited domains | None | This report is comprised of three elements: - Bar Chart – Displays Empty Groups by Type - Table – Provides details on Empty Groups by Type bar chart - Table – Provides information on Empty Group Details | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_largegroups.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_largegroups.md new file mode 100644 index 0000000000..a31b2ce63a --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_largegroups.md @@ -0,0 +1,43 @@ +# UX_LargeGroups Job + +The UX_LargeGroups job identifies groups with large member counts. These types of groups may cause +administrative overhead and burden in being able to easily understand who is getting access to +resources, or how much access is being granted to resources through these groups. + +## Parameter Configuration + +The Configuration section on a Job's overview page allows you to easily modify any customizable +parameters used by analysis tasks in the job. See the +[Parameter Configuration](/docs/accessanalyzer/12.0/admin/jobs/job/overview.md#parameter-configuration) topic for +instructions on how to edit parameters on a job overview page. + +The UX_LargeGroups job has the following customizable parameter: + +- Minimum size for a group to be considered large – Sets the threshold used by the Find large groups + analysis task to determine if a group is considered to be large. The default is 5. + +## Analysis Tasks for the UX_LargeGroups Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_LargeGroups** > **Configure** node and +select Analysis to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the UX_LargeGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/largegroupsanalysis.webp) + +The default analysis task is: + +- Finds large groups. The parameter determining the minimum size for a large group can be configured + in the SQL scripting module. – Creates the UX_LargeGroups_Details table accessible under the job’s + Results node + + - The threshold value used to determine if a group is considered large can be customized. See + the [Parameter Configuration](#parameter-configuration) for additional information. + +In addition to the table and views created by the analysis tasks, the UX_LargeGroups job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | -------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | +| Large Groups | This report identifies large groups within the audited domains | None | This report is comprised of two elements: - Bar Chart – Displays Top 5 Large Groups - Table – Provides information on Large Group Details | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_localgroups.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_localgroups.md new file mode 100644 index 0000000000..9e14e643bb --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_localgroups.md @@ -0,0 +1,28 @@ +# UX_LocalGroups Job + +The UX_LocalGroups job provides an overview of all local groups within the audited Unix and Linux +environments. + +## Analysis Tasks for the UX_LocalGroups Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_LocalGroups** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_LocalGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/localgroupsanalysis.webp) + +The default analysis tasks are: + +- Creates local groups table – Creates the SA_UX_LocalGroups_Details table accessible under the + job’s Results node +- Creates local groups summary table – Creates an interim processing table in the database for use + by downstream analysis and report generation + +In addition to the table and views created by the analysis tasks, the UX_LocalGroups job produces +the following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------- | +| Local Groups | This report summarizes local groups in the audited environment. Hosts with large numbers of local groups are highlighted, as are local groups with large memberships. | None | This report is comprised of two elements: - Bar Chart – Displays Top Hosts by Local Group Count - Table – Provides details on All Local Groups | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_localusers.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_localusers.md new file mode 100644 index 0000000000..5a7a3e429f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_localusers.md @@ -0,0 +1,28 @@ +# UX_LocalUsers Job + +The UX_LocalUsers job provides an overview of all local users within the audited Unix and Linux +environments. + +## Analysis Tasks for the UX_LocalUsers Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_LocalUsers** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_LocalUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/localusersanalysis.webp) + +The default analysis tasks are: + +- Creates local users table – Creates the SA_UX_LocalUsers_Details table accessible under the job’s + Results node +- Creates local users summary table – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the table and views created by the analysis tasks, the UX_LocalUsers job produces the +following pre-configured report: + +| Report | Description | Default Tags | Report Elements | +| ----------- | ----------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Local Users | This report summarizes local users in the audited environment. Hosts with large numbers of local users are highlighted. | None | This report is comprised of three elements: - Bar Chart – Displays Top 5 Hosts by Local User Count - Table – Provides details on Top 5 Local User Count bar chart - Table – Provides details on All Local Users | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_passwordsettings.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_passwordsettings.md new file mode 100644 index 0000000000..af3cd1de4b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_passwordsettings.md @@ -0,0 +1,29 @@ +# UX_PasswordSettings Job + +The UX_PasswordSettings job provides visibility into user passwords and system password +configurations within audited Unix and Linux environments. + +## Analysis Tasks for the UX_PasswordSettings Job + +Navigate to the **Unix** > **1.Users and Groups** > **UX_PasswordSettings** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_PasswordSettings Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/passwordsettingsanalysis.webp) + +The default analysis tasks are: + +- Gives information about local user passwords – Creates SA_UX_PasswordSettings_UserDetails table + accessible under the job’s Results node +- Gives information about system password settings – Creates SA_UX_PasswordSettings_SystemDetails + table accessible under the job’s Results node + +In addition to the table and views created by the analysis tasks, the UX_PasswordSettings job +produces the following pre-configured reports: + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | -------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------- | +| Local User Passwords | This report outlines password information for each local user on each host | None | This report is comprised of one element: - Table – Provides details on User Password Settings | +| Password Security Setting | This report lists password security settings for each audited host | None | This report is comprised of one element: - Table – Provides details on Password Settings | diff --git a/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_usersandgroups.md b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_usersandgroups.md new file mode 100644 index 0000000000..3a53354472 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/unix/usersgroups/ux_usersandgroups.md @@ -0,0 +1,49 @@ +# 0.Collection > UX_UsersAndGroups Job + +The UX_UsersAndGroups job collects user and group information from /etc/passwd, /etc/shadow, and +their equivalents in order to provide details on user and group conditions to help pinpoint +potential areas of administrative concern. + +![0.Collection > UX_UsersAndGroups Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/collectionjobstree.webp) + +The UX_UsersAndGroups job is located in the 0.Collection job group. + +## Queries for the UX_UsersAndGroups Job + +The UX_UsersandGroups job uses the Unix Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the UX_UsersAndGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/usersandgroupsqueries.webp) + +The queries for the UX_UsersAndGroups job are: + +- UX_LocalUsers – Obtains local user information from /etc/passwd +- UX_LocalGroups – Obtains local group information from /etc/group +- UX_LocalGroupMembers – Obtains local group membership information from /etc/group +- UX_UserPasswords_AIX – Gets shadow file information on AIX hosts +- UX_UserPasswords_Linux – Gets shadow file information on RHEL, CentOS, Debian, SuSE, and Solaris + hosts +- UX_PasswordSettings_AIX – Gets system password settings from /etc/security/user +- UX_PasswordSettings_Linux – Gets system password settings from /etc/login.defs +- UX_PasswordSettings_Solaris – Gets system password settings from /etc/default/passwd +- UX_UserPasswords_AIX_LastUpdate – Gets passwd file information on AIX hosts + +## Analysis Tasks for the UX_UsersAndGroups Job + +Navigate to the **Unix** > **1.Users and Groups** > **0.Collection** > **UX_UsersAndGroups** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the UX_UsersAndGroups Job](/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/usersandgroupsanalysis.webp) + +The default analysis tasks are: + +- Creates UX_Users from LDAP_Users, NIS_Users, and UX_LocalUsers – Creates the UX_Users table + accessible under the job’s Results node +- Creates UX_Groups from LDAP_Groups, NIS_Groups, and UX_LocalGroups – Creates the UX_Groups table + accessible under the job’s Results node +- Creates UX_GroupMembers – Creates the UX_GroupMembers table accessible under the job’s Results + node diff --git a/docs/accessanalyzer/12.0/solutions/windows/applications/overview.md b/docs/accessanalyzer/12.0/solutions/windows/applications/overview.md index d38c3cef2a..aa815adb2d 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/applications/overview.md +++ b/docs/accessanalyzer/12.0/solutions/windows/applications/overview.md @@ -3,14 +3,14 @@ The Applications job group tracks various aspects of installed application management, identifying installed software and utilization, unauthorized programs and rogue systems, and more. -![Applications Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Applications Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/jobstree.webp) The jobs in the Applications job group are: -- [SG_InstalledApplications Job](/docs/accessanalyzer/12.0/solutions/windows/applications/sg-installedapplications.md) – This job identifies installed +- [SG_InstalledApplications Job](/docs/accessanalyzer/12.0/solutions/windows/applications/sg_installedapplications.md) – This job identifies installed applications on all targeted hosts, highlighting the most common applications installed across the audited environment -- [SG_RunAtBoot Job](/docs/accessanalyzer/12.0/solutions/windows/applications/sg-runatboot.md) – This job lists applications which are set to **Run** or +- [SG_RunAtBoot Job](/docs/accessanalyzer/12.0/solutions/windows/applications/sg_runatboot.md) – This job lists applications which are set to **Run** or **Run Once** on all targeted hosts -- [SG_ScheduledTasks Job](/docs/accessanalyzer/12.0/solutions/windows/applications/sg-scheduledtasks.md) – This job lists scheduled task details on all +- [SG_ScheduledTasks Job](/docs/accessanalyzer/12.0/solutions/windows/applications/sg_scheduledtasks.md) – This job lists scheduled task details on all targeted hosts diff --git a/docs/accessanalyzer/12.0/solutions/windows/applications/sg-installedapplications.md b/docs/accessanalyzer/12.0/solutions/windows/applications/sg-installedapplications.md deleted file mode 100644 index 3e4c61fd9a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/applications/sg-installedapplications.md +++ /dev/null @@ -1,43 +0,0 @@ -# SG_InstalledApplications Job - -The SG_InstalledApplications job identifies installed applications on all targeted hosts. - -## Queries for the SG_InstalledApplications Job - -The SG_InstalledApplications job uses the WMICollector Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_InstalledApplications Job](/img/product_docs/accessanalyzer/solutions/windows/applications/installedapplicationsquery.webp) - -The query for the SG_InstalledApplications job are: - -- Installed Applications – Targets all Windows servers known to Access Analyzer to determine - installed applications - -## Analysis Tasks for the SG_InstalledApplications Job - -Navigate to the **Windows** > **Applications** > **SG_InstalledApplications** > **Configure** node -and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_InstalledApplications Job](/img/product_docs/accessanalyzer/solutions/windows/applications/installedapplicationsanalysis.webp) - -The default analysis tasks are: - -- All Installed Applications - Change Tracking – Creates the - SA_SG_InstalledApplications_ChangeTracking table accessible under the job’s Results node -- All Installed Applications - Details – Creates the SA_SG_InstalledApplications_Details table - accessible under the job’s Results node -- MS Applications - Details – Creates the SA_SG_InstalledApplications_MSDetails table accessible - under the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SG_InstalledApplications job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------ | -| All Installed Applications | This report details all installed applications, and highlights the most common installed applications across the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays top installed applications - Table – Provides details on installed applications | -| MS Office Applications | This report provides host-level details on which Microsoft Office applications are installed. | None | This report is comprised of two elements: - Bar Chart – Displays top MS Office applications - Table – Provides details on MS Office applications | diff --git a/docs/accessanalyzer/12.0/solutions/windows/applications/sg-runatboot.md b/docs/accessanalyzer/12.0/solutions/windows/applications/sg-runatboot.md deleted file mode 100644 index 5685d42d6d..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/applications/sg-runatboot.md +++ /dev/null @@ -1,45 +0,0 @@ -# SG_RunAtBoot Job - -The SG_RunAtBoot job lists applications which are set to **Run** or **Run Once** on all targeted -hosts. - -## Queries for the SG_RunAtBoot Job - -The SG_RunAtBoot job uses the Registry Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the SG_RunAtBoot Job](/img/product_docs/accessanalyzer/solutions/windows/applications/runatbootqueries.webp) - -The queries for the SG_RunAtBoot job are: - -- Run – Targets all Windows servers known to Access Analyzer to run at boot applications -- Run Once – Targets all Windows servers known to Access Analyzer to run once at boot applications - -## Analysis Tasks for the SG_RunAtBoot Job - -Navigate to the **Windows** > **Applications** > **SG_RunAtBoot** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_RunAtBoot Job](/img/product_docs/accessanalyzer/solutions/windows/applications/runatbootanalysis.webp) - -The default analysis tasks are: - -- Track Changes – Creates the SA_SG_RunAtBoot_ChangeTracking table accessible under the job’s - Results node -- List application details – Creates the SA_SG_RunAtBoot_Details table accessible under the job’s - Results node -- Summarize details by host – Creates the SA_SG_RunAtBoot_HostSummary table accessible under the - job’s Results node -- Summarize details by application – Creates the SA_SG_RunAtBoot_AppSummary table accessible under - the job’s Results node - -In addition to the tables and views created by the analysis tasks, the SG_RunAtBoot job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ----------- | ------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Run at Boot | This report enumerates applications which are set to run at boot across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Applications Run at Boot - Table – Provides details on Top Hosts by Applications Run at Boot bar chart - Table – Provides details on Run / Run Once Applications | diff --git a/docs/accessanalyzer/12.0/solutions/windows/applications/sg-scheduledtasks.md b/docs/accessanalyzer/12.0/solutions/windows/applications/sg-scheduledtasks.md deleted file mode 100644 index 4b53159d09..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/applications/sg-scheduledtasks.md +++ /dev/null @@ -1,44 +0,0 @@ -# SG_ScheduledTasks Job - -The SG_ScheduledTasks job lists scheduled task details on all targeted hosts. - -## Queries for the SG_ScheduledTasks Job - -The SG_ScheduledTasks job uses the SystemInfo Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_ScheduledTasks Job](/img/product_docs/accessanalyzer/solutions/windows/applications/scheduledtasksquery.webp) - -The query for the SG_ScheduledTasks job is: - -- Scheduled tasks – Targets all Windows servers known to Access Analyzer to determine scheduled - tasks - -## Analysis Tasks for the SG_ScheduledTasks Job - -Navigate to the **Windows** > **Applications** > **SG_ScheduledTasks** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_ScheduledTasks Job](/img/product_docs/accessanalyzer/solutions/windows/applications/scheduledtasksanalysis.webp) - -The default analysis tasks are: - -- Track Changes – Creates the SA_SG_ScheduledTasks_ChangeTracking table accessible under the job’s - Results node -- List scheduled task details – Creates the SA_SG_ScheduledTasks_Details table accessible under the - job’s Results node -- Domain user summary – Creates the SA_SG_ScheduledTasks_DomainUsers table accessible under the - job’s Results node -- Host summary – Creates the SA_SG_ScheduledTasks_HostSummary table accessible under the job’s - Results node - -In addition to the tables and views created by the analysis tasks, the SG_ScheduledTasks job -produces the following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| --------------- | ---------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Scheduled Tasks | This report highlights scheduled tasks across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Hosts with Most Scheduled Tasks - Table – Provides details on Hosts with Most Scheduled Tasks bar chart - Table – Provides details on Scheduled Tasks | diff --git a/docs/accessanalyzer/12.0/solutions/windows/applications/sg_installedapplications.md b/docs/accessanalyzer/12.0/solutions/windows/applications/sg_installedapplications.md new file mode 100644 index 0000000000..1912d8effe --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/applications/sg_installedapplications.md @@ -0,0 +1,43 @@ +# SG_InstalledApplications Job + +The SG_InstalledApplications job identifies installed applications on all targeted hosts. + +## Queries for the SG_InstalledApplications Job + +The SG_InstalledApplications job uses the WMICollector Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_InstalledApplications Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/installedapplicationsquery.webp) + +The query for the SG_InstalledApplications job are: + +- Installed Applications – Targets all Windows servers known to Access Analyzer to determine + installed applications + +## Analysis Tasks for the SG_InstalledApplications Job + +Navigate to the **Windows** > **Applications** > **SG_InstalledApplications** > **Configure** node +and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_InstalledApplications Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/installedapplicationsanalysis.webp) + +The default analysis tasks are: + +- All Installed Applications - Change Tracking – Creates the + SA_SG_InstalledApplications_ChangeTracking table accessible under the job’s Results node +- All Installed Applications - Details – Creates the SA_SG_InstalledApplications_Details table + accessible under the job’s Results node +- MS Applications - Details – Creates the SA_SG_InstalledApplications_MSDetails table accessible + under the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SG_InstalledApplications job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------ | +| All Installed Applications | This report details all installed applications, and highlights the most common installed applications across the audited environment. | None | This report is comprised of two elements: - Bar Chart – Displays top installed applications - Table – Provides details on installed applications | +| MS Office Applications | This report provides host-level details on which Microsoft Office applications are installed. | None | This report is comprised of two elements: - Bar Chart – Displays top MS Office applications - Table – Provides details on MS Office applications | diff --git a/docs/accessanalyzer/12.0/solutions/windows/applications/sg_runatboot.md b/docs/accessanalyzer/12.0/solutions/windows/applications/sg_runatboot.md new file mode 100644 index 0000000000..af071fce43 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/applications/sg_runatboot.md @@ -0,0 +1,45 @@ +# SG_RunAtBoot Job + +The SG_RunAtBoot job lists applications which are set to **Run** or **Run Once** on all targeted +hosts. + +## Queries for the SG_RunAtBoot Job + +The SG_RunAtBoot job uses the Registry Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the SG_RunAtBoot Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/runatbootqueries.webp) + +The queries for the SG_RunAtBoot job are: + +- Run – Targets all Windows servers known to Access Analyzer to run at boot applications +- Run Once – Targets all Windows servers known to Access Analyzer to run once at boot applications + +## Analysis Tasks for the SG_RunAtBoot Job + +Navigate to the **Windows** > **Applications** > **SG_RunAtBoot** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_RunAtBoot Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/runatbootanalysis.webp) + +The default analysis tasks are: + +- Track Changes – Creates the SA_SG_RunAtBoot_ChangeTracking table accessible under the job’s + Results node +- List application details – Creates the SA_SG_RunAtBoot_Details table accessible under the job’s + Results node +- Summarize details by host – Creates the SA_SG_RunAtBoot_HostSummary table accessible under the + job’s Results node +- Summarize details by application – Creates the SA_SG_RunAtBoot_AppSummary table accessible under + the job’s Results node + +In addition to the tables and views created by the analysis tasks, the SG_RunAtBoot job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ----------- | ------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Run at Boot | This report enumerates applications which are set to run at boot across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Top Hosts by Applications Run at Boot - Table – Provides details on Top Hosts by Applications Run at Boot bar chart - Table – Provides details on Run / Run Once Applications | diff --git a/docs/accessanalyzer/12.0/solutions/windows/applications/sg_scheduledtasks.md b/docs/accessanalyzer/12.0/solutions/windows/applications/sg_scheduledtasks.md new file mode 100644 index 0000000000..49698b2e6c --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/applications/sg_scheduledtasks.md @@ -0,0 +1,44 @@ +# SG_ScheduledTasks Job + +The SG_ScheduledTasks job lists scheduled task details on all targeted hosts. + +## Queries for the SG_ScheduledTasks Job + +The SG_ScheduledTasks job uses the SystemInfo Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_ScheduledTasks Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/scheduledtasksquery.webp) + +The query for the SG_ScheduledTasks job is: + +- Scheduled tasks – Targets all Windows servers known to Access Analyzer to determine scheduled + tasks + +## Analysis Tasks for the SG_ScheduledTasks Job + +Navigate to the **Windows** > **Applications** > **SG_ScheduledTasks** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_ScheduledTasks Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/scheduledtasksanalysis.webp) + +The default analysis tasks are: + +- Track Changes – Creates the SA_SG_ScheduledTasks_ChangeTracking table accessible under the job’s + Results node +- List scheduled task details – Creates the SA_SG_ScheduledTasks_Details table accessible under the + job’s Results node +- Domain user summary – Creates the SA_SG_ScheduledTasks_DomainUsers table accessible under the + job’s Results node +- Host summary – Creates the SA_SG_ScheduledTasks_HostSummary table accessible under the job’s + Results node + +In addition to the tables and views created by the analysis tasks, the SG_ScheduledTasks job +produces the following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| --------------- | ---------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Scheduled Tasks | This report highlights scheduled tasks across the audited environment. | None | This report is comprised of three elements: - Bar Chart – Displays Hosts with Most Scheduled Tasks - Table – Provides details on Hosts with Most Scheduled Tasks bar chart - Table – Provides details on Scheduled Tasks | diff --git a/docs/accessanalyzer/12.0/solutions/windows/authentication/overview.md b/docs/accessanalyzer/12.0/solutions/windows/authentication/overview.md index 88a35efdfd..6efe411af0 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/authentication/overview.md +++ b/docs/accessanalyzer/12.0/solutions/windows/authentication/overview.md @@ -3,19 +3,19 @@ The Authentication job group provides information on authentication settings within audited systems to help identify potential security vulnerabilities and reduce risk within the environment. -![Authentication Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Authentication Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/jobstree.webp) The jobs in the Authentication job group are: -- [SG_LSASettings Job](/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-lsasettings.md) – This job lists LSA settings on all targeted hosts. In +- [SG_LSASettings Job](/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_lsasettings.md) – This job lists LSA settings on all targeted hosts. In particular, the RunAsPPL, RestrictAnonymous, and ValidateKdcPacSignature keys are examined. If these keys are not set to 1, a host is vulnerable to mimikatz and other exploitation tools. See the Microsoft - [Configuring Additional LSA Protection]() + [Configuring Additional LSA Protection](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn408187(v=ws.11)) article for additional ininformation. -- [SG_SecuritySupportProviders Job](/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-securitysupportproviders.md) – This job identifies security +- [SG_SecuritySupportProviders Job](/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_securitysupportproviders.md) – This job identifies security support providers on all targeted hosts, highlighting potentially malicious SSPs -- [SG_WDigestSettings Job](/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-wdigestsettings.md) – This job lists WDigest settings on all targeted +- [SG_WDigestSettings Job](/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_wdigestsettings.md) – This job lists WDigest settings on all targeted hosts. In particular, the UseLogonCredentials key is examined. If the KB is not installed, and this key is not set properly for a given host, cleartext passwords will be stored in memory. See the diff --git a/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-lsasettings.md b/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-lsasettings.md deleted file mode 100644 index f941f6af89..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-lsasettings.md +++ /dev/null @@ -1,55 +0,0 @@ -# SG_LSASettings Job - -The SG_LASettings job lists settings on all targeted hosts. In particular, the RunAsPPL, -RestrictAnonymous, and ValidateKdcPacSignature keys are examined. If these keys are not set to 1, a -host is vulnerable to mimikatz and other exploitation tools. See the Microsoft -[Configuring Additional LSA Protection]() -article for additional information. - -## Queries for the SG_LSASettings Job - -The SG_LSASettings job uses the Registry Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the SG_LSASettings Job](/img/product_docs/accessanalyzer/solutions/windows/authentication/lsasettingsqueries.webp) - -The queries for the SG_LSASettings Job are: - -- Check LSA registry keys – Checks LSA registry keys -- PAC Validation – Provides PAC Validation - -## Analysis Tasks for the SG_LSASettings Job - -Navigate to the **Windows** > **Authentication** > **SG_LSASettings** > **Configure** node and -select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_LSASettings Job](/img/product_docs/accessanalyzer/solutions/windows/authentication/lsasettingsanalysis.webp) - -The default analysis tasks are: - -- TrackRunAsPPL changes – Creates the SG_LSASettings_RunAsPPLChangeTracking table accessible under - the job’s Results node -- List RunAsPPL setting details – Creates the SG_LSASettings_RunAsPPLDetails table accessible under - the job’s Results node -- Summarize RunAsPPL settings – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Track RestrictAnonymous changes – Creates the SG_LSASettings_RestrictAnonymousChangeTracking table - accessible under the job’s Results node -- List RestrictAnonymous setting details – Creates the SG_LSASettings_RestrictAnonymousDetails table - accessible under the job’s Results node -- Summarize RestrictAnonymous settings – Creates an interim processing table in the database for use - by downstream analysis and report generation -- PAC – Creates the SG_LSASettings_PACStatus table accessible under the job’s Results node - -In addition to the tables created by the data collector, the SG_LSASettings job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Additional LSA Protection | This report summarizes RunAsPPL registry settings on targeted hosts. This key governs whether or not additional LSA protection is enabled. See the Microsoft [Configuring Additional LSA Protection]() article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays additional LSA protection by host - Table – Provides additional LSA Protection Details | -| PAC Validation | This report indicates whether or not PAC Validation is enabled on all targeted hosts. This is governed by the ValidateKdcPacSignature key. Default behavior in the event of this key's absence depends on the Windows version installed. See the Microsoft [Understanding Microsoft Kerberos PAC Validation](https://learn.microsoft.com/en-gb/archive/blogs/openspecification/understanding-microsoft-kerberos-pac-validation) article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays PAC validation status - Table – Provides PAC validation details | -| Restrict Anonymous Access | This report summarizes RestrictAnonymous registry settings on targeted hosts. This key governs whether or not access over anonymous connections is enabled. See the Microsoft [Restrict Anonymous check]() article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays anonymous access by host - Table – Provides anonymous access details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-securitysupportproviders.md b/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-securitysupportproviders.md deleted file mode 100644 index 88175f2b47..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-securitysupportproviders.md +++ /dev/null @@ -1,50 +0,0 @@ -# SG_SecuritySupportProviders Job - -The SG_SecuritySupportProviders job identifies security support providers on all targeted hosts, -highlighting potentially malicious SSPs. - -## Queries for the SG_SecuritySupportProviders Job - -The SG_SecuritySupportProviders job uses the Registry Data Collector for the following queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the SG_SecuritySupportProviders Job](/img/product_docs/accessanalyzer/solutions/windows/authentication/securitysupportprovidersqueries.webp) - -The queries for the SG_SecuritySupportProviders job are: - -- Security Support Providers LSA – Determines security support providers in the LSA Key -- Security Support Providers OSConfig – Determines security support providers in the OSConfig key - -## Analysis Tasks for the SG_SecuritySupportProviders Job - -Navigate to the **Windows** > **Authentication** > **SG_SecuritySupportProviders** > **Configure** -node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_SecuritySupportProviders Job](/img/product_docs/accessanalyzer/solutions/windows/authentication/securitysupportprovidersanalysis.webp) - -The default analysis tasks are: - -- Track changes – Creates the SG_SecuritySupportProviders_ChangeTracking table accessible under the - job’s Results node -- List security support provider details – Creates the SG_SecuritySupportProviders_Details table - accessible under the job’s Results node -- Summarize security support provider details – Creates an interim processing table in the database - for use by downstream analysis and report generation - -The optional analysis tasks are: - -- Bring changes from last run to console – Creates the SG_SecuritySupportProviders_LastRun table - accessible under the job’s Results node -- Notify on changes – Creates the SG_SecuritySupportProviders_LastRun_NOTIFICATION table accessible - under the job’s Results node - -In addition to the tables created by the data collector, the SG_SecuritySupportProviders job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------------------------- | ------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Security Support Providers | This report lists non-standard security support providers in the audited environment. | None | This report is comprised of two elements: - Pie Chart – Displays malicious security support providers by host - Table – Provides malicious security support providers details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-wdigestsettings.md b/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-wdigestsettings.md deleted file mode 100644 index 45df10741b..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/authentication/sg-wdigestsettings.md +++ /dev/null @@ -1,48 +0,0 @@ -# SG_WDigestSettings Job - -The SG_WDigestSettings job lists WDigest settings on all targeted hosts. In particular, the -UseLogonCredentials key is examined. If this key is not set properly for a given host, cleartext -passwords will be stored in memory. See the -[Microsoft Security Advisory](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) -article for more information. - -## Queries for the SG_WDigestSettings Job - -The SG_WDigestSettings job uses the Registry and WMICollector Data Collectors for the following -queries: - -**CAUTION:** The queries are preconfigured for this job. Never modify the queries. - -![Queries for the SG_WDigestSettings Job](/img/product_docs/accessanalyzer/solutions/windows/authentication/wdigestsettingsqueries.webp) - -The queries for the SG_WDigestSettings job are: - -- Check WDigest registry keys – Checks WDigest registry keys -- Installed Hotfixes – Returns all hotfixes installed -- OS Versions – Returns OS versions - -## Analysis Tasks for the SG_WDigestSettings Job - -Navigate to the **Windows** > **Authentication** > **SG_WDigestSettings** > **Configure** node and -select **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_WDigestSettings Job](/img/product_docs/accessanalyzer/solutions/windows/authentication/wdigestsettingsanalysis.webp) - -The default analysis tasks are: - -- Track changes – Creates the SG_WDigestSettings_ChangeTracking table accessible under the job’s - Results node -- List WDigest setting details – Creates the SG_WDigestSettings_Details table accessible under the - job’s Results node -- Summarize WDigest Settings – Creates an interim processing table in the database for use by - downstream analysis and report generation - -In addition to the tables created by the data collector, the SG_WDigestSettings job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------ | -| WDigest Settings | This report summarizes WDigest registry settings on targeted hosts. See the [Microsoft Security Advisory](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) article for additional details. | None | This report is comprised of two elements: - Pie Chart – Displays WDigest settings by host - Table – Provides WDigest setting details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_lsasettings.md b/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_lsasettings.md new file mode 100644 index 0000000000..9d05f7c3c1 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_lsasettings.md @@ -0,0 +1,55 @@ +# SG_LSASettings Job + +The SG_LASettings job lists settings on all targeted hosts. In particular, the RunAsPPL, +RestrictAnonymous, and ValidateKdcPacSignature keys are examined. If these keys are not set to 1, a +host is vulnerable to mimikatz and other exploitation tools. See the Microsoft +[Configuring Additional LSA Protection](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn408187(v=ws.11)) +article for additional information. + +## Queries for the SG_LSASettings Job + +The SG_LSASettings job uses the Registry Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the SG_LSASettings Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/lsasettingsqueries.webp) + +The queries for the SG_LSASettings Job are: + +- Check LSA registry keys – Checks LSA registry keys +- PAC Validation – Provides PAC Validation + +## Analysis Tasks for the SG_LSASettings Job + +Navigate to the **Windows** > **Authentication** > **SG_LSASettings** > **Configure** node and +select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_LSASettings Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/lsasettingsanalysis.webp) + +The default analysis tasks are: + +- TrackRunAsPPL changes – Creates the SG_LSASettings_RunAsPPLChangeTracking table accessible under + the job’s Results node +- List RunAsPPL setting details – Creates the SG_LSASettings_RunAsPPLDetails table accessible under + the job’s Results node +- Summarize RunAsPPL settings – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Track RestrictAnonymous changes – Creates the SG_LSASettings_RestrictAnonymousChangeTracking table + accessible under the job’s Results node +- List RestrictAnonymous setting details – Creates the SG_LSASettings_RestrictAnonymousDetails table + accessible under the job’s Results node +- Summarize RestrictAnonymous settings – Creates an interim processing table in the database for use + by downstream analysis and report generation +- PAC – Creates the SG_LSASettings_PACStatus table accessible under the job’s Results node + +In addition to the tables created by the data collector, the SG_LSASettings job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Additional LSA Protection | This report summarizes RunAsPPL registry settings on targeted hosts. This key governs whether or not additional LSA protection is enabled. See the Microsoft [Configuring Additional LSA Protection](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn408187(v=ws.11)) article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays additional LSA protection by host - Table – Provides additional LSA Protection Details | +| PAC Validation | This report indicates whether or not PAC Validation is enabled on all targeted hosts. This is governed by the ValidateKdcPacSignature key. Default behavior in the event of this key's absence depends on the Windows version installed. See the Microsoft [Understanding Microsoft Kerberos PAC Validation](https://learn.microsoft.com/en-gb/archive/blogs/openspecification/understanding-microsoft-kerberos-pac-validation) article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays PAC validation status - Table – Provides PAC validation details | +| Restrict Anonymous Access | This report summarizes RestrictAnonymous registry settings on targeted hosts. This key governs whether or not access over anonymous connections is enabled. See the Microsoft [Restrict Anonymous check](https://learn.microsoft.com/en-us/previous-versions/tn-archive/bb418944(v=technet.10)) article for additional information. | None | This report is comprised of two elements: - Pie Chart – Displays anonymous access by host - Table – Provides anonymous access details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_securitysupportproviders.md b/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_securitysupportproviders.md new file mode 100644 index 0000000000..0761c8ffc0 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_securitysupportproviders.md @@ -0,0 +1,50 @@ +# SG_SecuritySupportProviders Job + +The SG_SecuritySupportProviders job identifies security support providers on all targeted hosts, +highlighting potentially malicious SSPs. + +## Queries for the SG_SecuritySupportProviders Job + +The SG_SecuritySupportProviders job uses the Registry Data Collector for the following queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the SG_SecuritySupportProviders Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/securitysupportprovidersqueries.webp) + +The queries for the SG_SecuritySupportProviders job are: + +- Security Support Providers LSA – Determines security support providers in the LSA Key +- Security Support Providers OSConfig – Determines security support providers in the OSConfig key + +## Analysis Tasks for the SG_SecuritySupportProviders Job + +Navigate to the **Windows** > **Authentication** > **SG_SecuritySupportProviders** > **Configure** +node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_SecuritySupportProviders Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/securitysupportprovidersanalysis.webp) + +The default analysis tasks are: + +- Track changes – Creates the SG_SecuritySupportProviders_ChangeTracking table accessible under the + job’s Results node +- List security support provider details – Creates the SG_SecuritySupportProviders_Details table + accessible under the job’s Results node +- Summarize security support provider details – Creates an interim processing table in the database + for use by downstream analysis and report generation + +The optional analysis tasks are: + +- Bring changes from last run to console – Creates the SG_SecuritySupportProviders_LastRun table + accessible under the job’s Results node +- Notify on changes – Creates the SG_SecuritySupportProviders_LastRun_NOTIFICATION table accessible + under the job’s Results node + +In addition to the tables created by the data collector, the SG_SecuritySupportProviders job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------------------------- | ------------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Security Support Providers | This report lists non-standard security support providers in the audited environment. | None | This report is comprised of two elements: - Pie Chart – Displays malicious security support providers by host - Table – Provides malicious security support providers details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_wdigestsettings.md b/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_wdigestsettings.md new file mode 100644 index 0000000000..9e6f97d890 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/authentication/sg_wdigestsettings.md @@ -0,0 +1,48 @@ +# SG_WDigestSettings Job + +The SG_WDigestSettings job lists WDigest settings on all targeted hosts. In particular, the +UseLogonCredentials key is examined. If this key is not set properly for a given host, cleartext +passwords will be stored in memory. See the +[Microsoft Security Advisory](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) +article for more information. + +## Queries for the SG_WDigestSettings Job + +The SG_WDigestSettings job uses the Registry and WMICollector Data Collectors for the following +queries: + +**CAUTION:** The queries are preconfigured for this job. Never modify the queries. + +![Queries for the SG_WDigestSettings Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/wdigestsettingsqueries.webp) + +The queries for the SG_WDigestSettings job are: + +- Check WDigest registry keys – Checks WDigest registry keys +- Installed Hotfixes – Returns all hotfixes installed +- OS Versions – Returns OS versions + +## Analysis Tasks for the SG_WDigestSettings Job + +Navigate to the **Windows** > **Authentication** > **SG_WDigestSettings** > **Configure** node and +select **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_WDigestSettings Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/wdigestsettingsanalysis.webp) + +The default analysis tasks are: + +- Track changes – Creates the SG_WDigestSettings_ChangeTracking table accessible under the job’s + Results node +- List WDigest setting details – Creates the SG_WDigestSettings_Details table accessible under the + job’s Results node +- Summarize WDigest Settings – Creates an interim processing table in the database for use by + downstream analysis and report generation + +In addition to the tables created by the data collector, the SG_WDigestSettings job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ------------------------------------------------------------------------------------------------------------------------------------ | +| WDigest Settings | This report summarizes WDigest registry settings on targeted hosts. See the [Microsoft Security Advisory](https://support.microsoft.com/en-us/help/2871997/microsoft-security-advisory-update-to-improve-credentials-protection-a) article for additional details. | None | This report is comprised of two elements: - Pie Chart – Displays WDigest settings by host - Table – Provides WDigest setting details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/openaccess/overview.md b/docs/accessanalyzer/12.0/solutions/windows/openaccess/overview.md index 8f78997d8a..8156cd3ac5 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/openaccess/overview.md +++ b/docs/accessanalyzer/12.0/solutions/windows/openaccess/overview.md @@ -2,9 +2,9 @@ The Open Access job group identifies instances of open access in the audited environment. -![Open Access Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Open Access Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/jobstree.webp) The job in the Open Access job group is: -- [SG_OpenFolders Job](/docs/accessanalyzer/12.0/solutions/windows/openaccess/sg-openfolders.md) – This job enumerates folders with open access across the +- [SG_OpenFolders Job](/docs/accessanalyzer/12.0/solutions/windows/openaccess/sg_openfolders.md) – This job enumerates folders with open access across the audited environment diff --git a/docs/accessanalyzer/12.0/solutions/windows/openaccess/sg-openfolders.md b/docs/accessanalyzer/12.0/solutions/windows/openaccess/sg-openfolders.md deleted file mode 100644 index dfc629f2ee..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/openaccess/sg-openfolders.md +++ /dev/null @@ -1,71 +0,0 @@ -# SG_OpenFolders Job - -The SG_OpenFolders job enumerates folders with open access across the audited environment. - -## Queries for the SG_OpenFolders Job - -The SG_OpenFolders job uses the SystemInfo Data Collector for the following query: - -![Queries for the SG_OpenFolders Job](/img/product_docs/accessanalyzer/solutions/windows/openaccess/openfoldersquery.webp) - -The query for the SG_OpenFolders job is: - -- OpenAccess – Checks for folders with open access - - - (Optional) By default, the OpenAccess query used in this job has a search depth of 0 and will - return share-level information. If needed, the subfolder depth can be increased in the query - configuration. See the [Configure the OpenAccess Query](#configure-the-openaccess-query) topic - for additional information. - -### Configure the OpenAccess Query - -The OpenAccess query has been preconfigured to run with the default settings. However, the subfolder -depth can optionally be increased on the Options page in the System Info Data Collector Wizard. -Follow the steps to customize the query. See the -[SystemInfo Data Collector](/docs/accessanalyzer/12.0/data-collection/system-info/overview.md) topic for -additional information. - -**Step 1 –** Navigate to the **Jobs** > **Windows** > **Open Access** > **SG_OpenFolders** > -**Configure** node and select **Queries**. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The System Info Data Collector -Wizard opens. - -![System Info Data Collector Wizard Options page](/img/product_docs/accessanalyzer/solutions/windows/openaccess/configuresubfolderdepth.webp) - -**Step 4 –** Navigate to the Options page and select the **Enumerate subfolders within shared -folder** checkbox and then the **Limit returned subfolders depth to** checkbox. - -**Step 5 –** Select the desired subfolders depth level using the arrows. Click **Next**. - -**Step 6 –** On the Summary page, click **Finish** to save the changes. - -The subfolders depth is now saved to the configured level. - -## Analysis Tasks for the SG_OpenFolders Job - -Navigate to the **Windows** > **OpenAccess** > **SG_OpenFolders** > **Configure** node and select -**Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_OpenFolders Job](/img/product_docs/accessanalyzer/solutions/windows/openaccess/openfoldersanalysis.webp) - -The default analysis tasks are: - -- Enumerates open folders across the audited environment – Creates an interim processing table in - the database for use by downstream analysis and report generation -- Enumerates hosts with open folders across the audited environment – Creates interim processing - tables in the database for use by downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the SG_OpenFolders job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ------------------- | ------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | -| Open Access By Host | This report enumerates hosts with openly accessible folders. | None | This report is comprised of two elements: - Line Chart – Displays hosts with open folders - Table – Provides an open folder count by host | -| Open Folders | This report enumerates folders with open access across the audited environment. | None | This report is comprised of two elements: - Line Chart – Displays open folders over time - Table – Provides details on all open folders | diff --git a/docs/accessanalyzer/12.0/solutions/windows/openaccess/sg_openfolders.md b/docs/accessanalyzer/12.0/solutions/windows/openaccess/sg_openfolders.md new file mode 100644 index 0000000000..354ee28e41 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/openaccess/sg_openfolders.md @@ -0,0 +1,71 @@ +# SG_OpenFolders Job + +The SG_OpenFolders job enumerates folders with open access across the audited environment. + +## Queries for the SG_OpenFolders Job + +The SG_OpenFolders job uses the SystemInfo Data Collector for the following query: + +![Queries for the SG_OpenFolders Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/openfoldersquery.webp) + +The query for the SG_OpenFolders job is: + +- OpenAccess – Checks for folders with open access + + - (Optional) By default, the OpenAccess query used in this job has a search depth of 0 and will + return share-level information. If needed, the subfolder depth can be increased in the query + configuration. See the [Configure the OpenAccess Query](#configure-the-openaccess-query) topic + for additional information. + +### Configure the OpenAccess Query + +The OpenAccess query has been preconfigured to run with the default settings. However, the subfolder +depth can optionally be increased on the Options page in the System Info Data Collector Wizard. +Follow the steps to customize the query. See the +[SystemInfo Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/systeminfo/overview.md) topic for +additional information. + +**Step 1 –** Navigate to the **Jobs** > **Windows** > **Open Access** > **SG_OpenFolders** > +**Configure** node and select **Queries**. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The System Info Data Collector +Wizard opens. + +![System Info Data Collector Wizard Options page](/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/configuresubfolderdepth.webp) + +**Step 4 –** Navigate to the Options page and select the **Enumerate subfolders within shared +folder** checkbox and then the **Limit returned subfolders depth to** checkbox. + +**Step 5 –** Select the desired subfolders depth level using the arrows. Click **Next**. + +**Step 6 –** On the Summary page, click **Finish** to save the changes. + +The subfolders depth is now saved to the configured level. + +## Analysis Tasks for the SG_OpenFolders Job + +Navigate to the **Windows** > **OpenAccess** > **SG_OpenFolders** > **Configure** node and select +**Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_OpenFolders Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/openfoldersanalysis.webp) + +The default analysis tasks are: + +- Enumerates open folders across the audited environment – Creates an interim processing table in + the database for use by downstream analysis and report generation +- Enumerates hosts with open folders across the audited environment – Creates interim processing + tables in the database for use by downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the SG_OpenFolders job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ------------------- | ------------------------------------------------------------------------------- | ------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | +| Open Access By Host | This report enumerates hosts with openly accessible folders. | None | This report is comprised of two elements: - Line Chart – Displays hosts with open folders - Table – Provides an open folder count by host | +| Open Folders | This report enumerates folders with open access across the audited environment. | None | This report is comprised of two elements: - Line Chart – Displays open folders over time - Table – Provides details on all open folders | diff --git a/docs/accessanalyzer/12.0/solutions/windows/overview.md b/docs/accessanalyzer/12.0/solutions/windows/overview.md index 25592020d9..7392ea41f7 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/overview.md +++ b/docs/accessanalyzer/12.0/solutions/windows/overview.md @@ -16,17 +16,17 @@ Supported Platforms Requirements, Permissions, and Ports See the -[Target Windows Server and Desktop Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/getting-started/system-requirements/target/windows.md) +[Target Windows Server and Desktop Requirements, Permissions, and Ports](/docs/accessanalyzer/12.0/requirements/target/windows.md) topic for additional information. Location The Windows Solution requires a special Access Analyzer license. It can be installed from the -Instant Job Wizard. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/administration/job-management/instant-jobs/overview.md) topic for +Instant Job Wizard. See the [Instant Job Wizard](/docs/accessanalyzer/12.0/admin/jobs/instantjobs/overview.md) topic for additional information. Once it has been installed in the Jobs tree, navigate to the solution: **Jobs** > **Windows**. -![Windows Solution in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Windows Solution in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/jobstree.webp) Each job group works independently from the other job groups. All of the job groups have their own collections that are used to analyze and report on data specific to the groups function. The @@ -37,7 +37,7 @@ SG_SecurityAssessment job summarizes security related results from the Windows s The Windows Solution provides both high-level and granular views into any sized organization’s infrastructure. -![Windows Solution Overview page](/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp) +![Windows Solution Overview page](/img/product_docs/accessanalyzer/12.0/solutions/windows/overviewpage.webp) The jobs and job groups in the Windows Solution are: @@ -55,7 +55,7 @@ The jobs and job groups in the Windows Solution are: including local administrator membership, users with remote logon rights, and service accounts. - [Security Utilities Job Group](/docs/accessanalyzer/12.0/solutions/windows/securityutilities/overview.md) – This group provides a series of security element checks across the audited environment -- [SG_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/windows/sg-securityassessment.md) – This job performs checks against Windows +- [SG_SecurityAssessment Job](/docs/accessanalyzer/12.0/solutions/windows/sg_securityassessment.md) – This job performs checks against Windows security best practices in order to proactively identify critical security configurations that leave the environment vulnerable to attack. The result is a report which provides a listing of findings by severity and category with corresponding details that can be used to prioritize and diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/overview.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/overview.md index 86fb741fd1..579e7a04c6 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/overview.md +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/overview.md @@ -1,18 +1,18 @@ # Local Administrators Job Group -![Local Administrators Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Local Administrators Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/jobstree.webp) The jobs in the Local Administrators group are: -- [SG_LocalAdmins Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-localadmins.md) – This job identifies the effective membership for all +- [SG_LocalAdmins Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md) – This job identifies the effective membership for all local administrator groups to gain an understanding of what accounts within the environment are privileged and should be monitored closely -- [SG_MicrosoftLAPS Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-microsoftlaps.md) – This job assesses the LAPS (Local Administrator +- [SG_MicrosoftLAPS Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md) – This job assesses the LAPS (Local Administrator Password Solution) local policies on all targeted hosts. This offers insight into LAPS enablement and configuration across an environment. LAPS allows for centralized local administrator password management within Active Directory. See the Microsoft - [Local Administrator Password Solution]() + [Local Administrator Password Solution](https://learn.microsoft.com/en-us/previous-versions/mt227395(v=msdn.10)) article for additional information. -- [SG_Sessions Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-sessions.md) – This job lists sessions and logged on users from all targeted +- [SG_Sessions Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md) – This job lists sessions and logged on users from all targeted hosts. These active sessions and logged on users may have their hashes stored in memory on the target machine, which could be leveraged in a Pass the Hash attack. diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-localadmins.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-localadmins.md deleted file mode 100644 index 6ee04df345..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-localadmins.md +++ /dev/null @@ -1,56 +0,0 @@ -# SG_LocalAdmins Job - -The SG_LocalAdmins job identifies the effective membership for all local administrator groups. The -purpose of this job is to gain an understanding of what accounts within the environment are -privileged and should be monitored closely. - -## Queries for the SG_LocalAdmins Job - -The SG_LocalAdmins job uses the UsersGroups Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_LocalAdmins Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp) - -The query for the SG_LocalAdmins job is: - -- Direct Membership – Returns direct membership from targeted hosts - -## Analysis Tasks for the SG_LocalAdmins Job - -Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > -**SG_LocalAdmins** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_LocalAdmins Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp) - -The default analysis tasks are: - -- Expand Effective Membership – Creates the SA_SG_LocalAdmins_Details table accessible under the - job’s Results node -- Membership Summary – Creates the SA_SG_LocalAdmins_MembershipSummary table accessible under the - job’s Results node -- Privileged Accounts – Creates the SA_SG_LocalAdmins_PrivilegedAccounts table accessible under the - job’s Results node -- Track Changes – Creates the SA_SG_LocalAdmins_Changes table accessible under the job’s Results - node - -In addition to the tables created by the analysis tasks, the SG_LocalAdmins job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| -------------------- | ---------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Local Administrators | This report identifies servers with the largest local administrator groups in the environment. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Chart – Displays largest local administrator groups - Table – Provides membership details - Table – Provides a local administrator groups summary | -| Membership Changes | This report identifies changes in effective membership between two scans of the environment. | None | This report is comprised of one element: - Table – Displays membership changes | -| Privileged Accounts | This report highlights user accounts with a large number of local administrator rights. | None | This report is comprised of two elements: - Stacked Chart – Displays top trustees by administrator rights - Table – Provides details on privileged accounts | - -## Least Privilege Model - -The SG_LocalAdmins job typically uses an account that is a member of the Local Administrators group -on the target host. However if a less-privileged option is required, you can instead use a regular -domain user that has been added to the **Network access: Restrict clients allowed to make remote -calls to SAM** Local Security Policy. - -![User added to the Local Securtiy Policy](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp) diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-microsoftlaps.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-microsoftlaps.md deleted file mode 100644 index 3056bb2456..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-microsoftlaps.md +++ /dev/null @@ -1,42 +0,0 @@ -# SG_MicrosoftLAPS Job - -The SG_MicrosoftLAPS job assesses the Local Administrator Password Solution (LAPS) local policies on -all targeted hosts. This offers insight into LAPS enablement and configuration across an -environment. LAPS allows for centralized local administrator password management within Active -Directory. See the Microsoft -[Local Administrator Password Solution]() -article for additional information. - -## Queries for the SG_MicrosoftLAPS Job - -The SG_MicrosoftLAPS job uses the Registry Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_MicrosoftLAPS Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp) - -The query for the SG_MicrosoftLAPS job is: - -- Registry Check – Checks for LAPS related registry keys - -## Analysis Tasks for the SG_MicrosoftLAPS Job - -Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > -**SG_MicrosoftLAPS** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SG_MicrosoftLAPS Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp) - -The default analysis task is: - -- List LAPS details – Creates the SG_MicrosoftLAPS_Details table accessible under the job’s Results - node - -In addition to the tables created by the analysis tasks, the SG_MicrosoftLAPS job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | -| Microsoft LAPS Overview | This report gives an overview of LAPS policies in the audited environment. LAPS allows for centralized local administrator password management within Active Directory. | None | This report is comprised of two elements: - Pie Chart – Displays LAPS status by host - Table – Provides LAPS policy details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-sessions.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-sessions.md deleted file mode 100644 index 68a7c8301a..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg-sessions.md +++ /dev/null @@ -1,44 +0,0 @@ -# SG_Sessions Job - -The SG_Sessions job lists sessions and logged on users from all targeted hosts. These active -sessions and logged on users may have their hashes stored in memory on the target machine, which -could be leveraged in a Pass the Hash attack. - -## Queries for the SG_Sessions Job - -The SG_Sessions job uses the SystemInfo Data Collector for the following queries: - -**CAUTION:** The queries) are preconfigured for this job. Never modify the queries. - -![Queries for the SG_Sessions Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp) - -The queries for the SG_Sessions job are: - -- Logged on Users – Returns info for logged on users of local and remote machines -- Sessions – Returns info for local and remote sessions - -## Analysis Tasks for the SG_Sessions Job - -Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > **SG_Sessions** > -**Configure** node and select **Analysis** to view the analysis tasks. - -![Analysis Tasks for the SG_Sessions Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp) - -The default analysis tasks are: - -- Active Sessions – Lists all sessions and logged on users for local and remote machines. Creates - the SA_SG_Sessions_Details table accessible under the job’s Results node. -- Active Sessions Summary – Summarizes active sessions by host and user -- Logged on Users – Analyzes and retains logged on user data. Creates the SA_SG_Sessions_UserLogons - table accessible under the job’s Results node. -- Logged on Users Summary – Summarizes user logon activity by host and admins -- LoggonOnUsers and Sessions – Joins LoggedOnUsers and Sessions data. Creates the - SA_SG_Sessions_AdminSessions table accessible under the job’s Results node. -- Sessions Scope – Summarizes the scope of the SG_Sessions job - -In addition to the tables created by the analysis tasks, the SG_Sessions job produces the following -pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| -------- | --------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Sessions | This report identifies domain administrators that may have credentials in memory on member servers. | CCPA, GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of four elements: - Table – Details the scope of the SG_Sessions job - Pie Chart – Displays LAPS status by host - Table – Provides LAPS policy details - Table – Provides details on all sessions | diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md new file mode 100644 index 0000000000..410ffaa66d --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_localadmins.md @@ -0,0 +1,56 @@ +# SG_LocalAdmins Job + +The SG_LocalAdmins job identifies the effective membership for all local administrator groups. The +purpose of this job is to gain an understanding of what accounts within the environment are +privileged and should be monitored closely. + +## Queries for the SG_LocalAdmins Job + +The SG_LocalAdmins job uses the UsersGroups Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_LocalAdmins Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp) + +The query for the SG_LocalAdmins job is: + +- Direct Membership – Returns direct membership from targeted hosts + +## Analysis Tasks for the SG_LocalAdmins Job + +Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > +**SG_LocalAdmins** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_LocalAdmins Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp) + +The default analysis tasks are: + +- Expand Effective Membership – Creates the SA_SG_LocalAdmins_Details table accessible under the + job’s Results node +- Membership Summary – Creates the SA_SG_LocalAdmins_MembershipSummary table accessible under the + job’s Results node +- Privileged Accounts – Creates the SA_SG_LocalAdmins_PrivilegedAccounts table accessible under the + job’s Results node +- Track Changes – Creates the SA_SG_LocalAdmins_Changes table accessible under the job’s Results + node + +In addition to the tables created by the analysis tasks, the SG_LocalAdmins job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| -------------------- | ---------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Local Administrators | This report identifies servers with the largest local administrator groups in the environment. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Chart – Displays largest local administrator groups - Table – Provides membership details - Table – Provides a local administrator groups summary | +| Membership Changes | This report identifies changes in effective membership between two scans of the environment. | None | This report is comprised of one element: - Table – Displays membership changes | +| Privileged Accounts | This report highlights user accounts with a large number of local administrator rights. | None | This report is comprised of two elements: - Stacked Chart – Displays top trustees by administrator rights - Table – Provides details on privileged accounts | + +## Least Privilege Model + +The SG_LocalAdmins job typically uses an account that is a member of the Local Administrators group +on the target host. However if a less-privileged option is required, you can instead use a regular +domain user that has been added to the **Network access: Restrict clients allowed to make remote +calls to SAM** Local Security Policy. + +![User added to the Local Securtiy Policy](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp) diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md new file mode 100644 index 0000000000..4a958e141b --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_microsoftlaps.md @@ -0,0 +1,42 @@ +# SG_MicrosoftLAPS Job + +The SG_MicrosoftLAPS job assesses the Local Administrator Password Solution (LAPS) local policies on +all targeted hosts. This offers insight into LAPS enablement and configuration across an +environment. LAPS allows for centralized local administrator password management within Active +Directory. See the Microsoft +[Local Administrator Password Solution](https://learn.microsoft.com/en-us/previous-versions/mt227395(v=msdn.10)) +article for additional information. + +## Queries for the SG_MicrosoftLAPS Job + +The SG_MicrosoftLAPS job uses the Registry Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_MicrosoftLAPS Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp) + +The query for the SG_MicrosoftLAPS job is: + +- Registry Check – Checks for LAPS related registry keys + +## Analysis Tasks for the SG_MicrosoftLAPS Job + +Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > +**SG_MicrosoftLAPS** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SG_MicrosoftLAPS Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp) + +The default analysis task is: + +- List LAPS details – Creates the SG_MicrosoftLAPS_Details table accessible under the job’s Results + node + +In addition to the tables created by the analysis tasks, the SG_MicrosoftLAPS job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | --------------------------------------------------------------------------------------------------------------------------- | +| Microsoft LAPS Overview | This report gives an overview of LAPS policies in the audited environment. LAPS allows for centralized local administrator password management within Active Directory. | None | This report is comprised of two elements: - Pie Chart – Displays LAPS status by host - Table – Provides LAPS policy details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md new file mode 100644 index 0000000000..d9d9dc0b5f --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sg_sessions.md @@ -0,0 +1,44 @@ +# SG_Sessions Job + +The SG_Sessions job lists sessions and logged on users from all targeted hosts. These active +sessions and logged on users may have their hashes stored in memory on the target machine, which +could be leveraged in a Pass the Hash attack. + +## Queries for the SG_Sessions Job + +The SG_Sessions job uses the SystemInfo Data Collector for the following queries: + +**CAUTION:** The queries) are preconfigured for this job. Never modify the queries. + +![Queries for the SG_Sessions Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp) + +The queries for the SG_Sessions job are: + +- Logged on Users – Returns info for logged on users of local and remote machines +- Sessions – Returns info for local and remote sessions + +## Analysis Tasks for the SG_Sessions Job + +Navigate to the **Windows** > **Privileged Accounts** > **Local Administrators** > **SG_Sessions** > +**Configure** node and select **Analysis** to view the analysis tasks. + +![Analysis Tasks for the SG_Sessions Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp) + +The default analysis tasks are: + +- Active Sessions – Lists all sessions and logged on users for local and remote machines. Creates + the SA_SG_Sessions_Details table accessible under the job’s Results node. +- Active Sessions Summary – Summarizes active sessions by host and user +- Logged on Users – Analyzes and retains logged on user data. Creates the SA_SG_Sessions_UserLogons + table accessible under the job’s Results node. +- Logged on Users Summary – Summarizes user logon activity by host and admins +- LoggonOnUsers and Sessions – Joins LoggedOnUsers and Sessions data. Creates the + SA_SG_Sessions_AdminSessions table accessible under the job’s Results node. +- Sessions Scope – Summarizes the scope of the SG_Sessions job + +In addition to the tables created by the analysis tasks, the SG_Sessions job produces the following +pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| -------- | --------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Sessions | This report identifies domain administrators that may have credentials in memory on member servers. | CCPA, GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of four elements: - Table – Details the scope of the SG_Sessions job - Pie Chart – Displays LAPS status by host - Table – Provides LAPS policy details - Table – Provides details on all sessions | diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/overview.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/overview.md index 2ec0f4165c..bf06585535 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/overview.md +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/overview.md @@ -4,14 +4,14 @@ The Collection job group collects group policy settings, local users, and local information from Windows servers which will be further analyzed to provide insight into privileged users within the environment. -![Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp) +![Collection Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/collectionjobstree.webp) The jobs in the Collection job group are: -- [SG_GroupPolicy Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-grouppolicy.md) – This job collects policy assignments from all targeted +- [SG_GroupPolicy Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md) – This job collects policy assignments from all targeted servers. In particular, **Allow log on locally**, **Log on as a batch job**, **Allow log on through Remote Desktop Services**, and **Log on as a service** are audited. -- [SG_LocalMembership Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-localmembership.md) – This job collects local group membership details +- [SG_LocalMembership Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md) – This job collects local group membership details from all targeted servers -- [SG_LocalUsers Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-localusers.md) – This job collects local user accounts from all targeted +- [SG_LocalUsers Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md) – This job collects local user accounts from all targeted servers diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-grouppolicy.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-grouppolicy.md deleted file mode 100644 index 4c8f3f702e..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-grouppolicy.md +++ /dev/null @@ -1,21 +0,0 @@ -# SG_GroupPolicy Job - -The SG_GroupPolicy job collects policy assignments from all targeted servers. The following policy -assignments are audited: - -- Allow log on locally -- Log on as a batch job -- Allow log on through Remote Desktop Services -- Log on as a service - -## Queries for the SG_GroupPolicy Job - -The SG_GroupPolicy job uses the GroupPolicy Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_GroupPolicy Job](/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyquery.webp) - -The query for the SG_GroupPolicy job is: - -- GroupPolicy – Collects group policy information diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-localmembership.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-localmembership.md deleted file mode 100644 index b5d63b61c6..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-localmembership.md +++ /dev/null @@ -1,30 +0,0 @@ -# SG_LocalMembership Job - -The SG_LocalMembership job collects local group membership from all targeted servers. - -## Queries for the SG_LocalMembership Job - -The SG_LocalMembership job uses the UsersGroups Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_LocalMembership Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp) - -The query for the SG_LocalMembership job is: - -- LocalMembers – Collects local membership information - -## Analysis Tasks for the SG_LocalMembership Job - -Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **Collection** > -**SG_LocalMembership** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SG_LocalMembership Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp) - -The default analysis task is: - -- Update LocalMembers – Creates an interim processing table in the database for use by downstream - analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-localusers.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-localusers.md deleted file mode 100644 index f5132df7fb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg-localusers.md +++ /dev/null @@ -1,30 +0,0 @@ -# SG_LocalUsers Job - -The SG_LocalUsers job audits local user accounts from all targeted hosts. - -## Queries for the SG_LocalUsers Job - -The SG_LocalMembership job uses the UsersGroups Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_LocalUsers Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp) - -The query for the SG_LocalUsers job is: - -- LocalUsers – Collects local user information - -## Analysis Tasks for the SG_LocalUsers Job - -Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **Collection** > -**SG_LocalUsers** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SG_LocalUsers Job](/img/product_docs/accessanalyzer/solutions/unix/usersgroups/localusersanalysis.webp) - -The default analysis tasks is: - -- Update LocalUsers – Creates an interim processing table in the database for use by downstream - analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md new file mode 100644 index 0000000000..37cc5a21bd --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_grouppolicy.md @@ -0,0 +1,21 @@ +# SG_GroupPolicy Job + +The SG_GroupPolicy job collects policy assignments from all targeted servers. The following policy +assignments are audited: + +- Allow log on locally +- Log on as a batch job +- Allow log on through Remote Desktop Services +- Log on as a service + +## Queries for the SG_GroupPolicy Job + +The SG_GroupPolicy job uses the GroupPolicy Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_GroupPolicy Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/grouppolicyquery.webp) + +The query for the SG_GroupPolicy job is: + +- GroupPolicy – Collects group policy information diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md new file mode 100644 index 0000000000..03836c3189 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_localmembership.md @@ -0,0 +1,30 @@ +# SG_LocalMembership Job + +The SG_LocalMembership job collects local group membership from all targeted servers. + +## Queries for the SG_LocalMembership Job + +The SG_LocalMembership job uses the UsersGroups Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_LocalMembership Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp) + +The query for the SG_LocalMembership job is: + +- LocalMembers – Collects local membership information + +## Analysis Tasks for the SG_LocalMembership Job + +Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **Collection** > +**SG_LocalMembership** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SG_LocalMembership Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp) + +The default analysis task is: + +- Update LocalMembers – Creates an interim processing table in the database for use by downstream + analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md new file mode 100644 index 0000000000..e226d921c8 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/sg_localusers.md @@ -0,0 +1,30 @@ +# SG_LocalUsers Job + +The SG_LocalUsers job audits local user accounts from all targeted hosts. + +## Queries for the SG_LocalUsers Job + +The SG_LocalMembership job uses the UsersGroups Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_LocalUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp) + +The query for the SG_LocalUsers job is: + +- LocalUsers – Collects local user information + +## Analysis Tasks for the SG_LocalUsers Job + +Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **Collection** > +**SG_LocalUsers** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SG_LocalUsers Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localusersanalysis.webp) + +The default analysis tasks is: + +- Update LocalUsers – Creates an interim processing table in the database for use by downstream + analysis and report generation diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/overview.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/overview.md index 4c53a9de47..6724d91df3 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/overview.md +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/overview.md @@ -2,14 +2,14 @@ The Logon Rights job group collects local policy information and reports on privileged users. -![Logon Rights Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Logon Rights Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/jobstree.webp) The jobs and job groups in the Logon Rights job group are: - [Collection Job Group](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/overview.md) – The jobs within this group collect group policy settings, local users, and local group membership from Windows servers which will be further analyzed to provide insight into privileged users within the environment -- [SG_AccountPrivileges Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg-accountprivileges.md) – This job highlights account privileges +- [SG_AccountPrivileges Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md) – This job highlights account privileges across the audited environment, filtering out default privileges present on Windows servers -- [SG_LocalPolicies Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg-localpolicies.md) – This job identifies privileged accounts across the +- [SG_LocalPolicies Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md) – This job identifies privileged accounts across the audited environments, based on the number of local security policies assigned diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg-accountprivileges.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg-accountprivileges.md deleted file mode 100644 index 46d1c0d45f..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg-accountprivileges.md +++ /dev/null @@ -1,41 +0,0 @@ -# SG_AccountPrivileges Job - -The SG_AccountPrivileges job identifies accounts privileges on hosts in the targeted environment. - -Targeted Hosts - -All Windows Hosts - -## Queries for the SG_AccountPrivileges Job - -The SG_AccountPrivileges job uses the PowerShell Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_AccountPrivileges Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp) - -The query for the SG_AccountPrivileges job is: - -- Account Privilege Check – Determines account privileges on local hosts - -## Analysis Tasks for the SG_AccountPrivileges Job - -Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > -**SG_AccountPrivileges** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SG_AccountPrivileges Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp) - -The default analysis task is: - -- List all assigned privileges – Creates the SA_SG_AccountPrivileges_Details table accessible under - the job’s Results node - -In addition to the tables created by the analysis tasks, the SG_AccountPrivileges job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------- | -| Account Privilege Details | This report highlights account privileges on hosts in the targeted environment. Default privileges present on all Windows hosts have been filtered. | None | This report is comprised of one element: - Table – Provides account privilege details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg-localpolicies.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg-localpolicies.md deleted file mode 100644 index 1317009d15..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg-localpolicies.md +++ /dev/null @@ -1,35 +0,0 @@ -# SG_LocalPolicies Job - -The SG_LocalPolicies job identifies privileged accounts with high levels of server access. - -## Analysis Tasks for the SG_LocalPolicies Job - -Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **SG_LocalPolicies** > -**Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_LocalPolicies Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp) - -The default analysis tasks are: - -- Local Policies Summary – Creates the SA_SG_LocalPolicies_Details table accessible under the job’s - Results node -- Policy User Rank – Creates the SA_SG_LocalPolicies_PolicyUserRank table accessible under the job’s - Results node. Also creates an interim processing table in the database for use by downstream - analysis and report generation. -- Trustee Rank – Creates the SA_SG_LocalPolicies_TrusteeRank table accessible under the job’s - Results node. Also creates an interim processing table in the database for use by downstream - analysis and report generation. -- Calculate local amount policy details – Creates an interim processing table in the database for - use by downstream analysis and report generation - -In addition to the tables created by the analysis tasks, the SG_LocalPolicies job produces the -following pre-configured reports. - -| Report | Description | Default Tags | Report Elements | -| ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Local Account Network Access | This report highlights whether or not the **Local accounts** and **Local account and member of Administrators group** principals can be used to access a given host across the network. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a local accounts access enterprise summary - Table – Provides local account network access details | -| Local Security Policies | This report identifies effective local security policy assignments. In particular, **Allow log on locally**, **Log on as a batch job**, **Allow log on through Remote Desktop Services**, and **Log on as a service** are considered. Special attention is paid to policies with a large number of trustee assignments. It displays Largest Policies by Number of Domain User Accounts in a graph format, and Trustee Details in a table format. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays largest policies by number of domain user accounts - Table – Provides details largest policies by number of domain user accounts - Table – Provides trustee details | -| Privileged Accounts | This report highlights user accounts with a large number of rights. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top trustees by logon rights - Table – Provides details on all trustees | diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md new file mode 100644 index 0000000000..6903e9c0f5 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg_accountprivileges.md @@ -0,0 +1,41 @@ +# SG_AccountPrivileges Job + +The SG_AccountPrivileges job identifies accounts privileges on hosts in the targeted environment. + +Targeted Hosts + +All Windows Hosts + +## Queries for the SG_AccountPrivileges Job + +The SG_AccountPrivileges job uses the PowerShell Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_AccountPrivileges Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp) + +The query for the SG_AccountPrivileges job is: + +- Account Privilege Check – Determines account privileges on local hosts + +## Analysis Tasks for the SG_AccountPrivileges Job + +Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > +**SG_AccountPrivileges** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SG_AccountPrivileges Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp) + +The default analysis task is: + +- List all assigned privileges – Creates the SA_SG_AccountPrivileges_Details table accessible under + the job’s Results node + +In addition to the tables created by the analysis tasks, the SG_AccountPrivileges job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------- | +| Account Privilege Details | This report highlights account privileges on hosts in the targeted environment. Default privileges present on all Windows hosts have been filtered. | None | This report is comprised of one element: - Table – Provides account privilege details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md new file mode 100644 index 0000000000..1fdd2c4778 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/sg_localpolicies.md @@ -0,0 +1,35 @@ +# SG_LocalPolicies Job + +The SG_LocalPolicies job identifies privileged accounts with high levels of server access. + +## Analysis Tasks for the SG_LocalPolicies Job + +Navigate to the **Windows** > **Privileged Accounts** > **Logon Rights** > **SG_LocalPolicies** > +**Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_LocalPolicies Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp) + +The default analysis tasks are: + +- Local Policies Summary – Creates the SA_SG_LocalPolicies_Details table accessible under the job’s + Results node +- Policy User Rank – Creates the SA_SG_LocalPolicies_PolicyUserRank table accessible under the job’s + Results node. Also creates an interim processing table in the database for use by downstream + analysis and report generation. +- Trustee Rank – Creates the SA_SG_LocalPolicies_TrusteeRank table accessible under the job’s + Results node. Also creates an interim processing table in the database for use by downstream + analysis and report generation. +- Calculate local amount policy details – Creates an interim processing table in the database for + use by downstream analysis and report generation + +In addition to the tables created by the analysis tasks, the SG_LocalPolicies job produces the +following pre-configured reports. + +| Report | Description | Default Tags | Report Elements | +| ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Local Account Network Access | This report highlights whether or not the **Local accounts** and **Local account and member of Administrators group** principals can be used to access a given host across the network. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays a local accounts access enterprise summary - Table – Provides local account network access details | +| Local Security Policies | This report identifies effective local security policy assignments. In particular, **Allow log on locally**, **Log on as a batch job**, **Allow log on through Remote Desktop Services**, and **Log on as a service** are considered. Special attention is paid to policies with a large number of trustee assignments. It displays Largest Policies by Number of Domain User Accounts in a graph format, and Trustee Details in a table format. | GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001 | This report is comprised of three elements: - Stacked Bar Chart – Displays largest policies by number of domain user accounts - Table – Provides details largest policies by number of domain user accounts - Table – Provides trustee details | +| Privileged Accounts | This report highlights user accounts with a large number of rights. | None | This report is comprised of two elements: - Stacked Bar Chart – Displays top trustees by logon rights - Table – Provides details on all trustees | diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md index 878a0579e9..947e0be5b1 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/overview.md @@ -5,7 +5,7 @@ system and how. The Privileged Accounts job group provides the collection and co capabilities needed to unravel complex access assignments, including local administrator membership, users with remote logon rights, and service accounts. -![Privileged Accounts Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Privileged Accounts Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/jobstree.webp) The job groups in the Privileged Accounts job group are: @@ -15,6 +15,6 @@ The job groups in the Privileged Accounts job group are: privileged and how they are being secured - [Logon Rights Job Group](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/overview.md) – The jobs within this group collect local policy information to provide insight into privileged users within the environment -- [Service Accounts > SG_ServiceAccounts Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/sg-serviceaccounts.md) – This job indicates which +- [Service Accounts > SG_ServiceAccounts Job](/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/sg_serviceaccounts.md) – This job indicates which domain accounts are being used to run services on member servers, highlighting password age and settings diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/sg-serviceaccounts.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/sg-serviceaccounts.md deleted file mode 100644 index f21d773691..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/sg-serviceaccounts.md +++ /dev/null @@ -1,47 +0,0 @@ -# Service Accounts > SG_ServiceAccounts Job - -The SG_ServiceAccounts job determines which domain accounts are being used to run services on member -servers, identifying password age and settings. - -![Service Accounts > SG_ServiceAccounts Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp) - -The SG_ServiceAccounts job is located in the Service Account job group. - -## Queries for the SG_ServiceAccounts Job - -The SG_ServiceAccounts job uses the Services Data Collector for the following query: - -**CAUTION:** The query is preconfigured for this job. Never modify the query. - -![Queries for the SG_ServiceAccounts Job](/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsquery.webp) - -The query for the SG_ServiceAccounts job is: - -- Service Accounts – Collects information on service accounts - -See the [Services Data Collector](/docs/accessanalyzer/12.0/data-collection/services/index.md) topic for additional -information. - -## Analysis Tasks for the SG_ServiceAccounts Job - -Navigate to the **Jobs** > **Windows** > **Privileged Accounts** > **Service Accounts** > -**SG_ServiceAccounts** > **Configure** node and select **Analysis** to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_ServiceAccounts Job](/img/product_docs/accessanalyzer/solutions/activedirectory/users/serviceaccountsanalysis.webp) - -The default analysis tasks are: - -- Domain Service Accounts – Creates the SA_SG_ServiceAccounts_Details table accessible under the - job’s Results node -- Domain Summary – Creates the SA_SG_ServiceAccounts_DomainSummary table accessible under the job’s - Results node - -In addition to the tables created by the analysis tasks, the SG_ServiceAccounts job produces the -following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ---------------- | --------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Service Accounts | This report identifies domain accounts being used for services. | None | This report is comprised of three elements: - Bar Chart – Displays domains by service accounts found - Table – Provides domains by service accounts found - Table – Provides service details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/sg_serviceaccounts.md b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/sg_serviceaccounts.md new file mode 100644 index 0000000000..7684f2b802 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/sg_serviceaccounts.md @@ -0,0 +1,47 @@ +# Service Accounts > SG_ServiceAccounts Job + +The SG_ServiceAccounts job determines which domain accounts are being used to run services on member +servers, identifying password age and settings. + +![Service Accounts > SG_ServiceAccounts Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp) + +The SG_ServiceAccounts job is located in the Service Account job group. + +## Queries for the SG_ServiceAccounts Job + +The SG_ServiceAccounts job uses the Services Data Collector for the following query: + +**CAUTION:** The query is preconfigured for this job. Never modify the query. + +![Queries for the SG_ServiceAccounts Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/serviceaccountsquery.webp) + +The query for the SG_ServiceAccounts job is: + +- Service Accounts – Collects information on service accounts + +See the [Services Data Collector](/docs/accessanalyzer/12.0/admin/datacollector/services.md) topic for additional +information. + +## Analysis Tasks for the SG_ServiceAccounts Job + +Navigate to the **Jobs** > **Windows** > **Privileged Accounts** > **Service Accounts** > +**SG_ServiceAccounts** > **Configure** node and select **Analysis** to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_ServiceAccounts Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/serviceaccountsanalysis.webp) + +The default analysis tasks are: + +- Domain Service Accounts – Creates the SA_SG_ServiceAccounts_Details table accessible under the + job’s Results node +- Domain Summary – Creates the SA_SG_ServiceAccounts_DomainSummary table accessible under the job’s + Results node + +In addition to the tables created by the analysis tasks, the SG_ServiceAccounts job produces the +following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ---------------- | --------------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Service Accounts | This report identifies domain accounts being used for services. | None | This report is comprised of three elements: - Bar Chart – Displays domains by service accounts found - Table – Provides domains by service accounts found - Table – Provides service details | diff --git a/docs/accessanalyzer/12.0/solutions/windows/recommended.md b/docs/accessanalyzer/12.0/solutions/windows/recommended.md index 3425d6b3ac..50a8961008 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/recommended.md +++ b/docs/accessanalyzer/12.0/solutions/windows/recommended.md @@ -16,7 +16,7 @@ Connection Profile The Connection Profile used for this job needs to have local administrator privileges. By default, this job group's Connection Profile is set to **Use Default Profile (Inherit from the parent group, if any, or the global Default setting)**. See the -[Connection](/docs/accessanalyzer/12.0/administration/settings/connection/overview.md) topic for additional information. +[Connection](/docs/accessanalyzer/12.0/admin/settings/connection/overview.md) topic for additional information. History Retention diff --git a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/overview.md b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/overview.md index 72b3eb26b5..5d62c1270c 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/overview.md +++ b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/overview.md @@ -4,7 +4,7 @@ The OpenPortScan job group reveals all open ports along with the associated exec targeted systems leveraging the jobs within this group. This is accomplished through remotely executing a netstat command on the target hosts and collecting the results for reporting. -![OpenPortScan Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp) +![OpenPortScan Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp) _Remember,_ both jobs need to be assigned the same host list under the Host List Assignments node in the OpenPortScan job group’s settings. diff --git a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenport.md b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenport.md index a00cf54d4a..890a6d347b 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenport.md +++ b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenport.md @@ -9,7 +9,7 @@ The RemoteOpenPort job uses the Script Data Collector for the following query: **CAUTION:** The query is preconfigured for this job. Never modify the query. -![Queries for the RemoteOpenPort Job](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp) +![Queries for the RemoteOpenPort Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp) The query for the RemoteOpenPort job is: @@ -24,8 +24,8 @@ Navigate to the **Windows** > **Security Utilities** > **OpenPortScan** > **Remo **CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is preconfigured for this job. -![Analysis Tasks for the RemoteOpenPort Job](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp) +![Analysis Tasks for the RemoteOpenPort Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp) The default analysis task is: -- 1. Impose 30 Second Wait Timer – Slows processing down to allow remote command to complete +- 1. Impose 30 Second Wait Timer – Slows processing down to allow remote command to complete diff --git a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/retrievenetstat.md b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/retrievenetstat.md index 549f87bcec..f51f036f67 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/retrievenetstat.md +++ b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/retrievenetstat.md @@ -9,7 +9,7 @@ The RetrieveNetstat job is uses the TextSearch Data Collector for the following **CAUTION:** The query is preconfigured for this job. Never modify the query. -![Queries for the RetrieveNetstat Job](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp) +![Queries for the RetrieveNetstat Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp) The query for the RetrieveNetstat job is: @@ -24,12 +24,12 @@ Navigate to the **Windows** > **Security Utilities** > **OpenPortScan** > **Retr **CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is preconfigured for this job. -![Analysis Tasks for the RetrieveNetstat Job](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp) +![Analysis Tasks for the RetrieveNetstat Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp) The default analysis tasks are: -- 1. NETSTAT Result – Creates the SA_RetrieveNetstat_NETSTAT table accessible under the job’s - Results node +- 1. NETSTAT Result – Creates the SA_RetrieveNetstat_NETSTAT table accessible under the job’s + Results node In addition to the tables and views created by the analysis tasks, the EX_DeliveryTimes job produces the following pre-configured report. diff --git a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/overview.md b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/overview.md index cadd556ea8..f1bc019eab 100644 --- a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/overview.md +++ b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/overview.md @@ -4,7 +4,7 @@ The Security Utilities job group is designed to reveal all open ports along with executable on the targeted systems. The job remotely executes a netstat command on the target hosts and collects the results for reporting. -![Security Utilities Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp) +![Security Utilities Job Group in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/jobstree.webp) The jobs and job groups in the Security Utilities job group are: @@ -12,5 +12,5 @@ The jobs and job groups in the Security Utilities job group are: associated executable on the targeted systems leveraging the jobs within this group. This is accomplished through remotely executing a netstat command on the target hosts and collecting the results for reporting. -- [SG_PowerShellCommands Job](/docs/accessanalyzer/12.0/solutions/windows/securityutilities/sg-powershellcommands.md) – This job highlights instances where +- [SG_PowerShellCommands Job](/docs/accessanalyzer/12.0/solutions/windows/securityutilities/sg_powershellcommands.md) – This job highlights instances where suspicious PowerShell commands have been found in a host’s PowerShell log diff --git a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/sg-powershellcommands.md b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/sg-powershellcommands.md deleted file mode 100644 index a1fdc76239..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/sg-powershellcommands.md +++ /dev/null @@ -1,125 +0,0 @@ -# SG_PowerShellCommands Job - -The SG_PowerShellCommands job lists suspicious PowerShell commands on all targeted hosts. The list -of commands considered can be customized by configuring the Check PowerShell Log query. - -## Queries for the SG_PowerShellCommands Job - -The SG_PowerShellCommands job uses the SmartLog Data Collector for the following queries: - -**CAUTION:** The Check PowerShell Operations log query is preconfigured for this job. Never modify -the query. - -![Queries for the SG_PowerShellCommands Job](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsqueries.webp) - -The queries for the SG_PowerShellCommands job are: - -- Check PowerShell log – Checks the PowerShell log - - - (Optional) This query can be configured. See the - [Configure the Check PowerShell log Query](#configure-the-check-powershell-log-query) topic - for additional information. - -- Check PowerShell Operations log – Checks the PowerShell Operational log - -### Configure the Check PowerShell log Query - -The Check PowerShell log query has been preconfigured to run with the default settings. However, the -new criteria can optionally be added on the Criteria page in the Smart Log Data Collector Wizard. - -**Step 1 –** Navigate to the **Jobs** > **Windows** > **Security Utilities** > -**SG_PowerShellCommands** > **Configure** node and select **Queries**. Select the **Check PowerShell -log** query. - -**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window -opens. - -**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Smart Log Data Collector -Wizard opens. - -**Step 4 –** If the **Criteria** tab is grayed out, click **Next** through the windows until the tab -is accessible. - -![Smart Log Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp) - -**Step 5 –** On the Criteria page, click the **press the button to add a new condition** box. - -**Step 6 –** Enter the desired conditions. - -**Step 7 –** Click **Next** to navigate to the Summary page and click **Finish**. - -The Check PowerShell log query has now been saved with the new conditions. - -## Analysis Tasks for the SG_PowerShellCommands Job - -View the analysis tasks by navigating to the **Windows** > **Security Utilities** > -**SG_PowerShellCommands** > **Configure** node and selecting **Analysis**. - -**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are -preconfigured for this job. - -![Analysis Tasks for the SG_PowerShellCommands Job](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsanalysis.webp) - -The default analysis tasks are: - -- List PowerShell command details – Creates an interim processing table in the database for use by - downstream analysis and report generation -- Summarize PowerShell commands – Creates the SA_PowerShellCommands_HostSummary table accessible - under the job’s Results node - -The optional analysis tasks is: - -- Notify on suspicious commands – Enable this analysis task and the select Analysis Configuration to - open the Notification Data Analysis Module Wizard to configure it to send notifications on - suspicious commands. See the - [Configure the Notify on Suspicious Commands Analysis Task](#configure-the-notify-on-suspicious-commands-analysis-task) - topic for additional information. - -In addition to the tables and views created by the analysis tasks, the EX_DeliveryTimes job produces -the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| ------------------------------ | ----------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Suspicious PowerShell Commands | This report highlights instances where suspicious PowerShell commands have been found in a host's PowerShell log. | None | This report is comprised of three elements: - Bar Chart – Displays suspicious commands by host - Table – Provides details on suspicious commands by host - Table – Provides command details | - -### Configure the Notify on Suspicious Commands Analysis Task - -Follow these steps to configure the notification analysis task. - -**Step 1 –** Navigate to the **Jobs** > **Windows** > **Security Utilities** > -**SG_PowerShellCommands** > **Configure** node and select **Analysis**. - -**Step 2 –** In the Analysis Selection view, select the **Notify on suspicious commands** analysis -task and click **Analysis Configuration**. The Notification Data Analysis Module opens. - -![Notification Data Analysis Module wizard SMTP properties page](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp) - -**Step 3 –** Use the **Next** button to navigate to the SMTP page. Do not make changes to the -preceding pages. - -![Recipients section](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp) - -**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully -qualified address) for those who are to receive this notification. Multiple addresses can be -provided. You can use the following options: - -- Add – Add an email address to the E-mail field -- Remove – Remove an email address from the Recipients list -- Combine multiple messages into single message – Sends one email for all objects in the record set - instead of one email per object to all recipients - -![Message section](/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp) - -**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any -parameters. Then, customize the email content in the textbox to provide an explanation of the -notification to the recipients. - -**Step 6 –** To save these configuration changes, use the **Next** to navigate to the Summary page. -Do not make changes to any other pages. Click **Finish**. The Notification Data Analysis Module -window closes. - -**Step 7 –** This notification analysis task is now configured to send emails. In the Analysis -Selection view, select this task so that notifications can be sent automatically during the -execution of the SG_PowerShellCommands job. - -The Notify on suspicious commands analysis task is now configured to send notifications. diff --git a/docs/accessanalyzer/12.0/solutions/windows/securityutilities/sg_powershellcommands.md b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/sg_powershellcommands.md new file mode 100644 index 0000000000..a2d1b7b476 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/securityutilities/sg_powershellcommands.md @@ -0,0 +1,125 @@ +# SG_PowerShellCommands Job + +The SG_PowerShellCommands job lists suspicious PowerShell commands on all targeted hosts. The list +of commands considered can be customized by configuring the Check PowerShell Log query. + +## Queries for the SG_PowerShellCommands Job + +The SG_PowerShellCommands job uses the SmartLog Data Collector for the following queries: + +**CAUTION:** The Check PowerShell Operations log query is preconfigured for this job. Never modify +the query. + +![Queries for the SG_PowerShellCommands Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsqueries.webp) + +The queries for the SG_PowerShellCommands job are: + +- Check PowerShell log – Checks the PowerShell log + + - (Optional) This query can be configured. See the + [Configure the Check PowerShell log Query](#configure-the-check-powershell-log-query) topic + for additional information. + +- Check PowerShell Operations log – Checks the PowerShell Operational log + +### Configure the Check PowerShell log Query + +The Check PowerShell log query has been preconfigured to run with the default settings. However, the +new criteria can optionally be added on the Criteria page in the Smart Log Data Collector Wizard. + +**Step 1 –** Navigate to the **Jobs** > **Windows** > **Security Utilities** > +**SG_PowerShellCommands** > **Configure** node and select **Queries**. Select the **Check PowerShell +log** query. + +**Step 2 –** In the Query Selection view, click **Query Properties**. The Query Properties window +opens. + +**Step 3 –** Select the **Data Source** tab, and click **Configure**. The Smart Log Data Collector +Wizard opens. + +**Step 4 –** If the **Criteria** tab is grayed out, click **Next** through the windows until the tab +is accessible. + +![Smart Log Data Collector Wizard Criteria page](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp) + +**Step 5 –** On the Criteria page, click the **press the button to add a new condition** box. + +**Step 6 –** Enter the desired conditions. + +**Step 7 –** Click **Next** to navigate to the Summary page and click **Finish**. + +The Check PowerShell log query has now been saved with the new conditions. + +## Analysis Tasks for the SG_PowerShellCommands Job + +View the analysis tasks by navigating to the **Windows** > **Security Utilities** > +**SG_PowerShellCommands** > **Configure** node and selecting **Analysis**. + +**CAUTION:** Do not modify or deselect the selected analysis tasks. The analysis tasks are +preconfigured for this job. + +![Analysis Tasks for the SG_PowerShellCommands Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsanalysis.webp) + +The default analysis tasks are: + +- List PowerShell command details – Creates an interim processing table in the database for use by + downstream analysis and report generation +- Summarize PowerShell commands – Creates the SA_PowerShellCommands_HostSummary table accessible + under the job’s Results node + +The optional analysis tasks is: + +- Notify on suspicious commands – Enable this analysis task and the select Analysis Configuration to + open the Notification Data Analysis Module Wizard to configure it to send notifications on + suspicious commands. See the + [Configure the Notify on Suspicious Commands Analysis Task](#configure-the-notify-on-suspicious-commands-analysis-task) + topic for additional information. + +In addition to the tables and views created by the analysis tasks, the EX_DeliveryTimes job produces +the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| ------------------------------ | ----------------------------------------------------------------------------------------------------------------- | ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Suspicious PowerShell Commands | This report highlights instances where suspicious PowerShell commands have been found in a host's PowerShell log. | None | This report is comprised of three elements: - Bar Chart – Displays suspicious commands by host - Table – Provides details on suspicious commands by host - Table – Provides command details | + +### Configure the Notify on Suspicious Commands Analysis Task + +Follow these steps to configure the notification analysis task. + +**Step 1 –** Navigate to the **Jobs** > **Windows** > **Security Utilities** > +**SG_PowerShellCommands** > **Configure** node and select **Analysis**. + +**Step 2 –** In the Analysis Selection view, select the **Notify on suspicious commands** analysis +task and click **Analysis Configuration**. The Notification Data Analysis Module opens. + +![Notification Data Analysis Module wizard SMTP properties page](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp) + +**Step 3 –** Use the **Next** button to navigate to the SMTP page. Do not make changes to the +preceding pages. + +![Recipients section](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp) + +**Step 4 –** In the Recipients section, provide the email addresses or distribution lists (fully +qualified address) for those who are to receive this notification. Multiple addresses can be +provided. You can use the following options: + +- Add – Add an email address to the E-mail field +- Remove – Remove an email address from the Recipients list +- Combine multiple messages into single message – Sends one email for all objects in the record set + instead of one email per object to all recipients + +![Message section](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp) + +**Step 5 –** In the Message section, edit the **Subject**. It is not recommended to remove any +parameters. Then, customize the email content in the textbox to provide an explanation of the +notification to the recipients. + +**Step 6 –** To save these configuration changes, use the **Next** to navigate to the Summary page. +Do not make changes to any other pages. Click **Finish**. The Notification Data Analysis Module +window closes. + +**Step 7 –** This notification analysis task is now configured to send emails. In the Analysis +Selection view, select this task so that notifications can be sent automatically during the +execution of the SG_PowerShellCommands job. + +The Notify on suspicious commands analysis task is now configured to send notifications. diff --git a/docs/accessanalyzer/12.0/solutions/windows/sg-securityassessment.md b/docs/accessanalyzer/12.0/solutions/windows/sg-securityassessment.md deleted file mode 100644 index 097ac363bb..0000000000 --- a/docs/accessanalyzer/12.0/solutions/windows/sg-securityassessment.md +++ /dev/null @@ -1,75 +0,0 @@ -# SG_SecurityAssessment Job - -The SG_SecurityAssessment job performs checks against Windows security best practices in order to -proactively identify critical security configurations that leave the environment vulnerable to -attack. The result is a report which provides a listing of findings by severity and category with -corresponding details that can be used to prioritize and remediate security issues. - -![SG_SecurityAssessment Job in the Jobs Tree](/img/product_docs/accessanalyzer/solutions/activedirectory/securityassessmentjobstree.webp) - -## Recommended Configurations for the SG_SecurityAssessment Job - -Dependencies - -One or more of the following jobs must be run to generate data for the report: - -- Authentication - - - **SG_LSASettings** - - **SG_SecuritySupportProviders** - - **SG_WDigestSettings** - -- Open Access > **SG_OpenFolders** -- Privileged Accounts - - - Local Administrators - - - **SG_LocalAdmins** - - **SG_MicrosoftLAPS** - - - Logon Rights - - - **SG_AccountPrivileges** - - **SG_LocalPolicies** - - - Service Accounts > **SG_ServiceAccounts** - -- Security Utilities > **SG_PowerShellCommands** - -Targeted Hosts - -None - -Schedule Frequency - -This job can be scheduled to run as desired. - -Workflow - -**Step 1 –** Run one or more of the jobs needed to generate data for this report. - -**Step 2 –** Schedule the SG_SecurityAssessment job to run as desired. - -**Step 3 –** Review the report generated by the job. - -## Analysis Tasks for the SG_SecurityAssessment Job - -Navigate to the **Windows** > **SG_SecurityAssessment** > **Configure** node and select **Analysis** -to view the analysis tasks. - -**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is -preconfigured for this job. - -![Analysis Tasks for the SG_SecurityAssessment Job](/img/product_docs/accessanalyzer/solutions/activedirectory/securityassessmentanalysis.webp) - -The default analysis task is: - -- Summarize Audit Findings – Creates the SG_SecurityAssessment_Results table accessible under the - job’s Results node - -In addition to the tables and views created by the analysis tasks, the SG_SecurityAssessment job -produces the following pre-configured report. - -| Report | Description | Default Tags | Report Elements | -| --------------------------- | ------------------------------------------------------------------------------ | --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Systems Security Assessment | This report summarizes security related results from the Windows solution set. | GDPR, SOX, PCI, HIPAA | This report is comprised of four elements: - Pie Chart – Displays a findings by severity - Table – Provides scope of audit details - Table – Displays details on security assessment results - Table – Provides details on findings by category | diff --git a/docs/accessanalyzer/12.0/solutions/windows/sg_securityassessment.md b/docs/accessanalyzer/12.0/solutions/windows/sg_securityassessment.md new file mode 100644 index 0000000000..0d6cd95d46 --- /dev/null +++ b/docs/accessanalyzer/12.0/solutions/windows/sg_securityassessment.md @@ -0,0 +1,75 @@ +# SG_SecurityAssessment Job + +The SG_SecurityAssessment job performs checks against Windows security best practices in order to +proactively identify critical security configurations that leave the environment vulnerable to +attack. The result is a report which provides a listing of findings by severity and category with +corresponding details that can be used to prioritize and remediate security issues. + +![SG_SecurityAssessment Job in the Jobs Tree](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityassessmentjobstree.webp) + +## Recommended Configurations for the SG_SecurityAssessment Job + +Dependencies + +One or more of the following jobs must be run to generate data for the report: + +- Authentication + + - **SG_LSASettings** + - **SG_SecuritySupportProviders** + - **SG_WDigestSettings** + +- Open Access > **SG_OpenFolders** +- Privileged Accounts + + - Local Administrators + + - **SG_LocalAdmins** + - **SG_MicrosoftLAPS** + + - Logon Rights + + - **SG_AccountPrivileges** + - **SG_LocalPolicies** + + - Service Accounts > **SG_ServiceAccounts** + +- Security Utilities > **SG_PowerShellCommands** + +Targeted Hosts + +None + +Schedule Frequency + +This job can be scheduled to run as desired. + +Workflow + +**Step 1 –** Run one or more of the jobs needed to generate data for this report. + +**Step 2 –** Schedule the SG_SecurityAssessment job to run as desired. + +**Step 3 –** Review the report generated by the job. + +## Analysis Tasks for the SG_SecurityAssessment Job + +Navigate to the **Windows** > **SG_SecurityAssessment** > **Configure** node and select **Analysis** +to view the analysis tasks. + +**CAUTION:** Do not modify or deselect the selected analysis task. The analysis task is +preconfigured for this job. + +![Analysis Tasks for the SG_SecurityAssessment Job](/img/product_docs/accessanalyzer/12.0/solutions/windows/securityassessmentanalysis.webp) + +The default analysis task is: + +- Summarize Audit Findings – Creates the SG_SecurityAssessment_Results table accessible under the + job’s Results node + +In addition to the tables and views created by the analysis tasks, the SG_SecurityAssessment job +produces the following pre-configured report. + +| Report | Description | Default Tags | Report Elements | +| --------------------------- | ------------------------------------------------------------------------------ | --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Systems Security Assessment | This report summarizes security related results from the Windows solution set. | GDPR, SOX, PCI, HIPAA | This report is comprised of four elements: - Pie Chart – Displays a findings by severity - Table – Provides scope of audit details - Table – Displays details on security assessment results - Table – Provides details on findings by category | diff --git a/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/appendix.md b/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/appendix.md deleted file mode 100644 index 23c161c662..0000000000 --- a/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/appendix.md +++ /dev/null @@ -1,46 +0,0 @@ -# Appendix for the StealthAUDIT MAPI CDO Installation Guide - -**CAUTION:** The Access Analyzer MAPI CDO must be installed first before installing the Microsoft -Exchange MAPI CDO. - -Before installing either binary, close the Access Analyzer application and ensure the following -requirements have been met: - -- Exchange System Manager for Exchange 2003 is not installed on the Access Analyzer Console server. -- Microsoft Outlook is not installed on the Access Analyzer Console server. - -These programs will interfere with the Microsoft Exchange MAPI CDO installation and with MAPI -connections if they are installed on the Access Analyzer Console server. - -Follow these steps to install the Microsoft Exchange MAPI CDO. - -**Step 1 –** Download and run the ExchangeMapiCDO application from Microsoft. - -**NOTE:** The steps may be slightly different than the following. See Microsoft’s website for -additional detail. - -![appendix_for_the_stealthaudit](/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp) - -**Step 2 –** Choose the “Directory For Extracted Files” or accept the default location. Click OK. - -![appendix_for_the_stealthaudit_1](/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp) - -**Step 3 –** When the extraction is complete, click OK. - -![appendix_for_the_stealthaudit_2](/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp) - -**Step 4 –** Open the ExchangeMapiCdo folder and run the ExchangeMapiCdo application installer. - -| | | -| ------------------------------------------------------------------------------------------------------------------------------------------------------ | --- | -| ![appendix_for_the_stealthaudit_3](/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp) | - -**Step 5 –** On the Welcome page of the Installation Wizard, click Next. Accept the license -agreement and click Next. - -![appendix_for_the_stealthaudit_5](/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp) - -**Step 6 –** When the installation is complete, click Finish. - -Reopen the Access Analyzer application, and the Settings > Exchange node is enabled for -configuration. diff --git a/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/stealthaudit-mapi-cdo-installation.md b/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/stealthaudit-mapi-cdo-installation.md deleted file mode 100644 index 3c2a5a960b..0000000000 --- a/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/stealthaudit-mapi-cdo-installation.md +++ /dev/null @@ -1,40 +0,0 @@ -# StealthAUDIT MAPI CDO Installation - -Both the Access Analyzer MAPI CDO and the Microsoft® Exchange MAPI CDO must to be installed in -order to enable the Settings > Exchange node. - -![exchangenode](/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp) - -The Microsoft Exchange MAPI CDO is only required to run the MAPI-based data collectors. See the -[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional -information. - -The Access Analyzer MAPI CDO can be downloaded from the -[Product Downloads](https://www.stealthbits.com/product-downloads) page of the Netwrix website. The -Microsoft Exchange MAPI CDO can be downloaded directly from Microsoft. See the -[Appendix for the StealthAUDIT MAPI CDO Installation Guide](/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/appendix.md) for requirements and -installation steps to install the Microsoft Exchange MAPI CDO. - -**CAUTION:** The Access Analyzer MAPI CDO must be installed first before installing the Microsoft -Exchange MAPI CDO. - -Before installing either binary, close the Access Analyzer application and ensure the following -requirements have been met: - -- Exchange System Manager for Exchange 2003 is not installed on the Access Analyzer Console server. -- Microsoft Outlook is not installed on the Access Analyzer Console server. - -These programs interfere with MAPI connections if they are installed on the Access Analyzer Console -server. - -Follow the steps to install the Access Analyzer MAPI CDO. - -**Step 1 –** Run the StealthAuditMapiCDO executable. - -![stealthaudit_mapi_cdo_installation_1](/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp) - -**Step 2 –** Click OK to confirm the path. - -The application will install and the wizard will close automatically when it is finished. See the -[Appendix for the StealthAUDIT MAPI CDO Installation Guide](/docs/accessanalyzer/12.0/stealthaudit/install-guides/mapi-cdo-install/appendix.md) for information on -installing the Microsoft Exchange MAPI CDO. diff --git a/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix.md b/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix.md new file mode 100644 index 0000000000..88132cd2ac --- /dev/null +++ b/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix.md @@ -0,0 +1,46 @@ +# Appendix for the StealthAUDIT MAPI CDO Installation Guide + +**CAUTION:** The Access Analyzer MAPI CDO must be installed first before installing the Microsoft +Exchange MAPI CDO. + +Before installing either binary, close the Access Analyzer application and ensure the following +requirements have been met: + +- Exchange System Manager for Exchange 2003 is not installed on the Access Analyzer Console server. +- Microsoft Outlook is not installed on the Access Analyzer Console server. + +These programs will interfere with the Microsoft Exchange MAPI CDO installation and with MAPI +connections if they are installed on the Access Analyzer Console server. + +Follow these steps to install the Microsoft Exchange MAPI CDO. + +**Step 1 –** Download and run the ExchangeMapiCDO application from Microsoft. + +**NOTE:** The steps may be slightly different than the following. See Microsoft’s website for +additional detail. + +![appendix_for_the_stealthaudit](/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp) + +**Step 2 –** Choose the “Directory For Extracted Files” or accept the default location. Click OK. + +![appendix_for_the_stealthaudit_1](/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp) + +**Step 3 –** When the extraction is complete, click OK. + +![appendix_for_the_stealthaudit_2](/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp) + +**Step 4 –** Open the ExchangeMapiCdo folder and run the ExchangeMapiCdo application installer. + +| | | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ![appendix_for_the_stealthaudit_3](/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp) | + +**Step 5 –** On the Welcome page of the Installation Wizard, click Next. Accept the license +agreement and click Next. + +![appendix_for_the_stealthaudit_5](/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp) + +**Step 6 –** When the installation is complete, click Finish. + +Reopen the Access Analyzer application, and the Settings > Exchange node is enabled for +configuration. diff --git a/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md b/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md new file mode 100644 index 0000000000..682a2f7767 --- /dev/null +++ b/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation.md @@ -0,0 +1,40 @@ +# StealthAUDIT MAPI CDO Installation + +Both the Access Analyzer MAPI CDO and the Microsoft® Exchange MAPI CDO must to be installed in +order to enable the Settings > Exchange node. + +![exchangenode](/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp) + +The Microsoft Exchange MAPI CDO is only required to run the MAPI-based data collectors. See the +[Exchange Solution](/docs/accessanalyzer/12.0/solutions/exchange/overview.md) topic for additional +information. + +The Access Analyzer MAPI CDO can be downloaded from the +[Product Downloads](https://www.stealthbits.com/product-downloads) page of the Netwrix website. The +Microsoft Exchange MAPI CDO can be downloaded directly from Microsoft. See the +[Appendix for the StealthAUDIT MAPI CDO Installation Guide](/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix.md) for requirements and +installation steps to install the Microsoft Exchange MAPI CDO. + +**CAUTION:** The Access Analyzer MAPI CDO must be installed first before installing the Microsoft +Exchange MAPI CDO. + +Before installing either binary, close the Access Analyzer application and ensure the following +requirements have been met: + +- Exchange System Manager for Exchange 2003 is not installed on the Access Analyzer Console server. +- Microsoft Outlook is not installed on the Access Analyzer Console server. + +These programs interfere with MAPI connections if they are installed on the Access Analyzer Console +server. + +Follow the steps to install the Access Analyzer MAPI CDO. + +**Step 1 –** Run the StealthAuditMapiCDO executable. + +![stealthaudit_mapi_cdo_installation_1](/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp) + +**Step 2 –** Click OK to confirm the path. + +The application will install and the wizard will close automatically when it is finished. See the +[Appendix for the StealthAUDIT MAPI CDO Installation Guide](/docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix.md) for information on +installing the Microsoft Exchange MAPI CDO. diff --git a/docs/accessanalyzer/12.0/test_build_final.log b/docs/accessanalyzer/12.0/test_build_final.log deleted file mode 100644 index 63b7593964..0000000000 --- a/docs/accessanalyzer/12.0/test_build_final.log +++ /dev/null @@ -1,2509 +0,0 @@ - -> netwrix-docs@0.1 build:single -> node scripts/build-single.js endpointpolicymanager - -Building single product: endpointpolicymanager -Using plugin ID: endpointpolicymanager -Starting build... -[INFO] [en] Creating an optimized production build... -[WARNING] Docusaurus site warnings: -- Your site is using the SWC js loader. You can safely remove the Babel config file at `babel.config.js`. -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/applyondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/ondemand.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/addons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/selfelevation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/securecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securecopy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/client.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/connectionstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/proxysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/wildcards.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/com_cslidclass.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainou.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/uacpromptsactivex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/activexitems.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/gettingstarted/basic-concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/preferences/clientmachines.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/applicationlaunch.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/javajarfiles.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/groups.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdsoftwarepackage/appxmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/gettingstarted/basic-concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/platform-specific/mac-support/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/devicemanager/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/feature-management/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/software-packages/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/networksecuritymanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/manuals.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/preventusercommands.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/commandline.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/operational.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/install/leastprivilegemanagerrule.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientremote.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/onetime.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/rollback.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/tool.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/digitalsignature.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/gettingstarted/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/customizedtoken.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/executablecombo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdadministrativetemplates/deployinternet.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/standard.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/firstpak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/quickstart/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/centralstore.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgettingstarted/freetraining.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/certificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/entrysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/storage.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/certificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/brandcustomize.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/scriptstriggers/systemprocesses.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/firstlogin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/insouts/advantages.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/childprocesses.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/uacprompts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/windowsuniversalapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/windowsuniversal.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/dontelevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/componentlicense.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/applicationpackage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/packageinstallation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/basicsteps.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremotedesktopprotocol/vdiscenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/scripts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/bypassinternal.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/systemsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/systemsettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdinstall/autoupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cachepreferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cacheengine.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/insertuserinfo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/group-policy/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/usercontext.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/printerdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/drivemappings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/startservice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/passwords.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/gpo-export/delivercertificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/collections/gpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/oemdefaultassociations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/windows.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/windowsservers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/intune.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/install/chromemanual.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/advancedblockingmessage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/forcebrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/securityzone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/suppresspopup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/install/removeagent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/useselectablebrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/browsermode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/shortcuticons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/commandlinearguments.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/edgelegacybrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdscriptstriggers/gettingstarted/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/scenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/deliveryreports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/basis.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/types.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/userlimit.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/compliancereports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/shareacrossteam.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/difference.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/trial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/minimum.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/expire.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/trueup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/tool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/multiyear.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/domainmultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/appxmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/removeapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/blockapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/deployapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/run.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/extrastool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/freetraining.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/sidexporter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/arm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/processmonitor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/gpobackup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/admx.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditordemo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditorsetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/startscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/applicationsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/admintemplatemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/browserrouter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/tour.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/leastprivilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/appmasking.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/profiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/startmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserdefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/broswerright.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserconfiguration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/elevatingapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/browserright.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/startscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/applicationsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/applypreferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/securitygroup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/emailoptout.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/windows11.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/mmcdisplay.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsserver2019.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidgroups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/onpremisecloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/folderredirection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/embedclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/thirdpartyadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/services.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/virtualdesktops.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/windowsendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacpromptsactivex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowsuniversalapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denymessages.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/preventedge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevateuwp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/msi.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/enforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applyondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesfromadmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/winget.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/printeruacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/microsoftrecommendations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denyselfelevate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/license.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/cloudinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/macjointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationpackage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/systemsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/eventscollector.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/collectdiagnostics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/acroreader.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/vdiscenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/enforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/avoidpopups.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/realgposettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/cloudimport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mergetool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/deployinternet.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/screensavers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateprinter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/drivemaps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/shortcuts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/delivergpprefs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/cloudlocaluser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/windows10startmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/demotaskbar.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/linksie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/customicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/startscreentaskbar/revertstartmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdmitemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/onetime.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/rightbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/smb.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/webbasedshares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/masscopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/patching.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/localfilecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/azureblobstorage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/smb.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/gettingstarted/basic-concepts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewtechnical.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modestandalone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modeserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepull.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepush.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/securityenhanced.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/firewallports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/universalwindowsapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/preconfiguredadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloudusage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/adobereader.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mailto.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10modify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helpertool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/firstlogin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helperapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/acroreader.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10questions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/modes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/explorer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/helpertools.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/foldershortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/addlink.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/upgrades.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/legacy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/slowlogins.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/itemleveltargeting/editmanual.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/flatlegacyview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/mmcconsole.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/grouppolicy/remotedesktopconnection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowvendor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmhelpertool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/chocolaty.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/windows10prolockscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/customdefaultfileassociations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/unwantedapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/bitlocker.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/x509certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printersetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/auditpol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/lockunlocksession.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/shutdownscripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/vpnconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/anyconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/virtualizedbrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/evaluateurls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdinstall/autoupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/windows10startmenu.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/realgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/mobileiron.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/workspaceone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/citrixendpointmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/admintemplates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupmembership.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupdetermine.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/domainnames.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/managers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/pak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorecreate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstoreupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/quickrundown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/manualupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/uptodate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllreconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/variables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/proxysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/trustedappsets.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/ieproxyserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/certificatesevil.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/invincea.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxplugins.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevert.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevertfix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/oraclejava.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxabout.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromebookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/paksbig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firstpak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/addelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/foxitprinter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firefox_plugins.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/sealapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xendesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/rds.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/specops.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/vmware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/dedicated.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/localmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinappworkspace.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/appv.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/uev.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/symantec.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/spoonnovell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/applicationsettings/chrome.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/connectionstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/contenttab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/generaltab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/privacytab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/securitytab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/favorites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/clearbrowsing.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/bookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/defaultsearch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/popups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extensions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extratabs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/removeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/miscsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/adobe.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarksmodify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/jre.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/securityslider.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/passwordsecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/teams.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acrobat.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/flashplayer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/irfanview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/office.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/skype.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/rightbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgesupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/blockwebsites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/custombrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chromenondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/firefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chrome.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/browsericon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/cylance.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/onapplyscript.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/scriptlocation.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/powershellscripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows7tls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlannetwork.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlandropbox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/silentbrowserinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/shortcutpublicdesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/updateregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/resetsecurechannel.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/temperatureunit.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/bitlockerdeployment.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows10modifyscript.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/teamsminimized.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/vpnconnection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/eventlogtriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localaccountpassword.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/vpn.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/screensavers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/processesdetails.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/edgefirstlogon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localscheduledtask.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremiseexport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/preferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/features.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/emaillogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/install/leastprivilegemanagerrule.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/fileinfoviewer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/registrationmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/deployment-methods/software-packages/winget.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/componentlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installsequentially.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installuwp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/variables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/printers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/browserrouter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/block.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/oracledeploymentrulesets.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/versionsmultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/xmlsurgery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/helperapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/helperutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/otherpolicydeliverymechanisms.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/browserrouter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/servicenow.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/launchcontrol.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/custombrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/custom.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/itemleveltargeting/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/install/defaultbrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/applymode.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/procmon.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/ports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/ports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/firefox/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/firefox/removeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/convertxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/acllockdown.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/mobileiron.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/mobileiron.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/importpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/stackmsi.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/onpremisecloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/processmonitor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/hangingprocess.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/findfixgpos.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/defined.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/reapplylaunchdisable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/blockwebsites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/block.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/processorderprecedence.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/navigation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgpocompilancereporter/securityenhanced.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/install.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/preferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/storage/central.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/specialtypes.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/gettoknow/usage.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/preconfiguredadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/collections/preconfigured.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/vdisolutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/emaillogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/mapextensions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/computerside.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockapp.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/prompts/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installers.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgrouppolicy/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/restoredetails.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/programs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/someapplications.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/forceinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/gui.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/realgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/productwizard.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/delivercertificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/java/issue.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/masscopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/advanced/standard/recursion.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/expires.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/editpolicytemplate/browsermode.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/embedclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/slowinternet.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/java-enterprise-rules/exportcollections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/cortana.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/extensions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/forceinstallation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/prepareendpoint.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/securitysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/workspaceone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/vmwareworkspaceone.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/enhancedsecurerun.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helperutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdscriptstriggers/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/applicationextension.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/propertiesproject.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/integration/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/configureentraidaccess.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/webbasedshares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/gettingstarted/policiesweb.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/existinggpos.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/gpotouchutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockadmins.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/integration/onpremiseexport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/adduser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/publickeypoliciessettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/demotaskbar.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/taskbar.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/overview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/rulesgenerator/automatic.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/specialnotes.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/together.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/default.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgpocompilancereporter/modepull.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/office365.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/downloads.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/client.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/firefoxinternetexplorer.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/microsoftintune.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientsilent.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/eventcollection/report.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/grouppolicyeditors.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/browsericon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/shortcuticons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdintegration/auditorsetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/chromenondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/limitations.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/install.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdscriptstriggers/gettingstarted/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/windowsremoteassistance.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgpocompilancereporter/modepush.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/leastprivilege/serverbusy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventlogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/clientsideextension/uninstallpassword.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/folderredirection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/customicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/customicons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/troubleshooting/eventcategories.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/reports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/computergroups/workingwith.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/versioncontrol.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/legacy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/reference/index.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/fastest.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mddevice/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mddevice/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/settingsdeliveryreinforcementoptions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/reports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgpocompilancereporter/firewallports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/clientendpoint.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installfonts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/uptodate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/features.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/registrationmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/graceperiod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/policy-management/preferences/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/javaprompts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/overview.md" for version current -[WARNING] Docusaurus found broken links! - -Please check the pages of your site in the list below, and make sure you don't reference any path that does not exist. -Note: it's possible to ignore broken links with the 'onBrokenLinks' Docusaurus configuration, and let the build pass. - -It looks like some of the broken links we found appear in many pages of your site. -Maybe those broken links appear on all pages through your site layout? -We recommend that you check your theme configuration for such links (particularly, theme navbar and footer). -Frequent broken links are linking to: -- /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md - -Exhaustive list of all broken links found: -- Broken link on source page path = /adminstrativetemplates/existinggpos: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/exportgpos.md -- Broken link on source page path = /adminstrativetemplates/export: - -> linking to /docs/endpointpolicymanager/video/index.mdadministrativetemplates/deployinternet.md -- Broken link on source page path = /adminstrativetemplates/gettoknow/computerside: - -> linking to /docs/endpointpolicymanager/video/index.mdadministrativetemplates/switchedpolicies.md -- Broken link on source page path = /adminstrativetemplates/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdadministrativetemplates/collections.md -- Broken link on source page path = /applicationsettings/appsetfiles/findfixgpos: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/appsetfiles/gpotouchutility: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/touchutility.md -- Broken link on source page path = /applicationsettings/appsetfiles/storage/central: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/appsetfiles/versioncontrol: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/centralstore: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/centralstorework.md -- Broken link on source page path = /applicationsettings/designstudio/navigation/tab/propertiesproject: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/itemleveltargeting.md -- Broken link on source page path = /applicationsettings/designstudio/quickstart/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/firstpak.md -- Broken link on source page path = /applicationsettings/designstudio/regimporteruitility: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/designstudio/importregistry.md -- Broken link on source page path = /applicationsettings/modes/acllockdown: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/acllockdown.md -- Broken link on source page path = /applicationsettings/modes/settingsdeliveryreinforcementoptions: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/superpowers.md -- Broken link on source page path = /applicationsettings/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/managers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/pak.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorecreate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstoreupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/quickrundown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/manualupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllorphans.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllreconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/touchutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargetingbypass.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acllockdown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/variables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/proxysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/trustedappsets.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/ieproxyserver.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/certificatesevil.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/invincea.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxplugins.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevert.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevertfix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/oraclejava.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxabout.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromebookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/paksbig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firstpak.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/importregistry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/addelements.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/foxitprinter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firefox_plugins.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/sealapproval.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo2.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xenapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xendesktop.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/rds.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/specops.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/vmware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/dedicated.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/localmode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinappworkspace.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/appv.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/xenapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/uev.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/thinapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/symantec.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/spoonnovell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/applicationsettings/chrome.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/connectionstab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/contenttab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/generaltab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/privacytab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/programstab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/securitytab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/favorites.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/clearbrowsing.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/bookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/defaultsearch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/popups.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extensions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extratabs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/removeelements.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/miscsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/adobe.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/addons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarksmodify.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/lockdown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/jre.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/securityslider.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/passwordsecure.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/teams.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acrobat.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/flashplayer.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/irfanview.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/office.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/skype.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/chrome/certificates: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/certificates.md -- Broken link on source page path = /applicationsettings/preconfigured/chrome/proxysettings: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/connectionstab.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/addons: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/addons.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/addons/forceinstallation: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/extensions.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/javathunderbird: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/preferences: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/firefox/removeelements.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/addons: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/programstab.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/certificates: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/certificates.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/tab/programs: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/programstab.md -- Broken link on source page path = /applicationsettings/preconfigured/itemleveltargeting/bypassinternal: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /applicationsettings/preconfigured/quickstart/specialnotes: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/windowsremoteassistance: - -> linking to /docs/endpointpolicymanager/video/index.mdscriptstriggers/gettingstarted/cloud.md -- Broken link on source page path = /browserrouter/defaultbrowser/defined: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/defaultwindows10.md -- Broken link on source page path = /browserrouter/defaultbrowser/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md -- Broken link on source page path = /browserrouter/editpolicytemplate/browsermode: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/ieedgemode.md -- Broken link on source page path = /browserrouter/internetexplorer/convertxmls: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/iesitelists.md -- Broken link on source page path = /browserrouter/internetexplorer/edgemod: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/internetexplorer/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/iesitelists.md -- Broken link on source page path = /browserrouter/internetexplorer/specialtypes: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/navigation: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/processorderprecedence.md -- Broken link on source page path = /browserrouter/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/citrix.md -- Broken link on source page path = /browserrouter/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/install/chromemanual.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/advancedblockingmessage.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/forcebrowser.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/securityzone.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/suppresspopup.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/install/removeagent.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/useselectablebrowser.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/browsermode.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/shortcuticons.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/editpolicytemplate/commandlinearguments.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/edgelegacybrowser.md -- Broken link on source page path = /browserrouter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgesupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/blockwebsites.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgespecial.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/userselecteddefault.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/citrix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/custombrowsers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chromenondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieforce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/firefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chrome.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edge.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/browsericon.md -- Broken link on source page path = /browserrouter/policy/block: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/blockwebsites.md -- Broken link on source page path = /browserrouter/policy/custom: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/custombrowsers.md -- Broken link on source page path = /browserrouter/ports: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/ports.md -- Broken link on source page path = /browserrouter/shortcuticons: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/browsericon.md -- Broken link on source page path = /browserrouter/useselectablebrowser: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md -- Broken link on source page path = /cloud/adduser: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/add/administrator.md -- Broken link on source page path = /cloud/eventcollection/report: - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- Broken link on source page path = /cloud/groups: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md -- Broken link on source page path = /cloud/interface/companydetails/companyadministrators/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/security/immutablelog.md -- Broken link on source page path = /cloud/interface/companydetails/configureentraidaccess: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/integration/entraid.md -- Broken link on source page path = /cloud/interface/companydetails/customerlog: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/emaillogs.md -- Broken link on source page path = /cloud/interface/companydetails/downloads: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /cloud/interface/companydetails/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/features.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/registrationmode.md -- Broken link on source page path = /cloud/interface/computergroups/workingwith: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /cloud/interface/filebox: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /cloud/interface/reports: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/reports.md -- Broken link on source page path = /cloud/interface/tools: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/mdm.md -- Broken link on source page path = /cloud/interface/xmldatafiles/createpolicy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/preferences.md -- Broken link on source page path = /cloud/interface/xmldatafiles/importpolicies: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/import.md -- Broken link on source page path = /cloud/interface/xmldatafiles/upload: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /cloud/licensing/otherpolicydeliverymechanisms: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/integration/onpremise.md -- Broken link on source page path = /cloud/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.md -- Broken link on source page path = /cloud/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/preferences.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/features.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/emaillogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/add/administrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/install/leastprivilegemanagerrule.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/entraid.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/fileinfoviewer.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/registrationmode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md -- Broken link on source page path = /cloud/security/datasafety: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- Broken link on source page path = /cloud/security/publickeypoliciessettings: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/deploy/grouppolicysettings.md -- Broken link on source page path = /cloud/testlab: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md -- Broken link on source page path = /cloud/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md -- Broken link on source page path = /device/devicemanager/devicemanagerpolicies: - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/serialnumber.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md -- Broken link on source page path = /device/devicemanager/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdrive.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/cloud.md -- Broken link on source page path = /device/devicemanager/rules: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mddevice/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mddevice/enduser.md -- Broken link on source page path = /device/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/serialnumber.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/usbdrive.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/registry.md -- Broken link on source page path = /device/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdrive.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowvendor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/serialnumber.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/enduser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmhelpertool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/mdm.md -- Broken link on source page path = /editions/policies: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/componentlicense.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md -- Broken link on source page path = /editions/solutions: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md -- Broken link on source page path = /feature/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/itemleveltargeting/overview.md -- Broken link on source page path = /feature/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/windows.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/windowsservers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/mdm.md -- Broken link on source page path = /fileassociations/applymode: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/applyonce.md -- Broken link on source page path = /fileassociations/collections/preconfigured: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/preconfiguredadvice.md -- Broken link on source page path = /fileassociations/helperutility: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/helperapplication.md -- Broken link on source page path = /fileassociations/insouts/advantages: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/firstlogin.md -- Broken link on source page path = /fileassociations/itemleveltargeting/exportcollection: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /fileassociations/mapextensions: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/cloud.md -- Broken link on source page path = /fileassociations/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/collections/gpos.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/oemdefaultassociations.md -- Broken link on source page path = /fileassociations/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/universalwindowsapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/wizard.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/preconfiguredadvice.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloudusage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/adobereader.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mailto.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10modify.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helpertool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/firstlogin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helperapplication.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/acroreader.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10questions.md -- Broken link on source page path = /fileassociations/productwizard: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/wizard.md -- Broken link on source page path = /gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /gettingstarted/fastest: - -> linking to /docs/endpointpolicymanager/reference/index.md -- Broken link on source page path = /gettingstarted/history: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md -- Broken link on source page path = /gettingstarted/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/applypreferences.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/securitygroup.md - -> linking to /docs/endpointpolicymanager/troubleshooting/emailoptout.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windows11.md - -> linking to /docs/endpointpolicymanager/troubleshooting/mmcdisplay.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windowsserver2019.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidgroups.md - -> linking to /docs/endpointpolicymanager/troubleshooting/onpremisecloud.md - -> linking to /docs/endpointpolicymanager/troubleshooting/folderredirection.md - -> linking to /docs/endpointpolicymanager/troubleshooting/embedclient.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/entraidsids.md - -> linking to /docs/endpointpolicymanager/troubleshooting/thirdpartyadvice.md - -> linking to /docs/endpointpolicymanager/troubleshooting/services.md - -> linking to /docs/endpointpolicymanager/troubleshooting/eventlogs.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/virtualdesktops.md - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md - -> linking to /docs/endpointpolicymanager/policy-management/item-level-targeting/windowsendpoint.md -- Broken link on source page path = /gettingstarted/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/freetraining.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/sidexporter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/arm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/processmonitor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/gpobackup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/admx.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditordemo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateinstall.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateapplication.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/startscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/applicationsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/admintemplatemanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/browserrouter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/tour.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/leastprivilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/appmasking.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/profiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/startmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserdefault.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/broswerright.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserconfiguration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/elevatingapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/browserright.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/startscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/applicationsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /gettingstarted/prepare: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md -- Broken link on source page path = /gettingstarted/quickstart/cloud: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /gettingstarted/quickstart/grouppolicy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdgrouppolicy/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /gettingstarted/quickstart/mdm: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/testsample.md -- Broken link on source page path = /gettingstarted/quickstart/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdgettingstarted/freetraining.md -- Broken link on source page path = /gettingstarted/quickstart/overviewinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/explained.md -- Broken link on source page path = /gettingstarted/quickstart/prepareendpoint: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/mdm.md -- Broken link on source page path = /gettingstarted/quickstart/preparemanagementstation: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/install.md -- Broken link on source page path = /gettingstarted/quickstart/specificcomponents: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/gettingstarted/overview.md -- Broken link on source page path = /gpoexport/delivercertificates: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/deploy/grouppolicysettings.md -- Broken link on source page path = /gpoexport/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/securitysettings.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/usercontext.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/componentlicense.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/settings.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/printerdeploy.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/drivemappings.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/startservice.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/passwords.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/gpo-export/delivercertificates.md -- Broken link on source page path = /gpoexport/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/realgposettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/cloudimport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/sccm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mergetool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/deployinternet.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/screensavers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateprinter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/drivemaps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateregistry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/shortcuts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/delivergpprefs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/cloudlocaluser.md -- Broken link on source page path = /grouppolicy/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cachepreferences.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/itemleveltargeting/cacheengine.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/insertuserinfo.md - -> linking to /docs/endpointpolicymanager/deployment-methods/group-policy/pdqdeploy.md -- Broken link on source page path = /grouppolicy/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/itemleveltargeting/editmanual.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/flatlegacyview.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/mmcconsole.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/grouppolicy/remotedesktopconnection.md -- Broken link on source page path = /grouppolicycompliancereporter/deliveryreports: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/troubleshooting/onpremisecloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md -- Broken link on source page path = /grouppolicycompliancereporter/domainmultiple: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgpocompilancereporter/modepush.md -- Broken link on source page path = /grouppolicycompliancereporter/install: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/install.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/pull/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/modepull.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/push/install: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/securityenhanced.md -- Broken link on source page path = /grouppolicycompliancereporter/overview: - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/concepts.md -- Broken link on source page path = /grouppolicycompliancereporter/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/scenarios.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/deliveryreports.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/install.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/basis.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/types.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/userlimit.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/compliancereports.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/shareacrossteam.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/difference.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/mode/trial.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/minimum.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/expire.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/trueup.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/tool.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/license/multiyear.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/domainmultiple.md -- Broken link on source page path = /grouppolicycompliancereporter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewtechnical.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modestandalone.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modeserver.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepull.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepush.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/securityenhanced.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/firewallports.md -- Broken link on source page path = /grouppolicycompliancereporter/prepare/licensing: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /install/adminconsole: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/shares.md -- Broken link on source page path = /install/cloud/client: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /install/cloud/clientremote: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/install/leastprivilegemanagerrule.md -- Broken link on source page path = /install/cloud/clientsilent: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md -- Broken link on source page path = /install/cloud/slowinternet: - -> linking to /docs/endpointpolicymanager/troubleshooting/embedclient.md -- Broken link on source page path = /install/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdinstall/autoupdate.md -- Broken link on source page path = /install/rings: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/rings/activedirectory: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/rings/cloud: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /install/upgrade/settings: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/touchutility.md -- Broken link on source page path = /install/upgrade/tips: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/backup.md -- Broken link on source page path = /integration/auditor/mmcsnapin: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdintegration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /integration/auditor/reports: - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- Broken link on source page path = /integration/azurevirutaldesktop: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/client: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/gui: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/together: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecureclient.md -- Broken link on source page path = /integration/privilegesecure/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/servicenow: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/longcodes.md -- Broken link on source page path = /integration/vdisolutions: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md -- Broken link on source page path = /javaenterpriserules/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/prompts/overview.md -- Broken link on source page path = /javaenterpriserules/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/exportcollections.md -- Broken link on source page path = /javaenterpriserules/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/wildcards.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/virtualizedbrowsers.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/evaluateurls.md -- Broken link on source page path = /javaenterpriserules/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/browserrouter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/block.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/oracledeploymentrulesets.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/versionsmultiple.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/sccm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/xmlsurgery.md -- Broken link on source page path = /javaenterpriserules/prompts/firefoxinternetexplorer: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/java/lockdown.md -- Broken link on source page path = /knowledgebase: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /leastprivilege/acltraverse: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md -- Broken link on source page path = /leastprivilege/adminapproval/avoidpopups: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/enforce.md -- Broken link on source page path = /leastprivilege/adminapproval/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/demo.md -- Broken link on source page path = /leastprivilege/adminapproval/useemail: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/adminapproval/email.md -- Broken link on source page path = /leastprivilege/bestpractices/childprocesses: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securitychildprocesses.md -- Broken link on source page path = /leastprivilege/bestpractices/dontelevate: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/opensavedialogs.md -- Broken link on source page path = /leastprivilege/bestpractices/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md -- Broken link on source page path = /leastprivilege/bestpractices/rules/commandline: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/preventusercommands.md -- Broken link on source page path = /leastprivilege/bestpractices/rules/executablecombo: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/securitycomborules.md -- Broken link on source page path = /leastprivilege/brandcustomize: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/branding.md -- Broken link on source page path = /leastprivilege/deny/standard: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/applicationcontrol.md -- Broken link on source page path = /leastprivilege/deny/windowsuniversal: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/windowsuniversalapplications.md -- Broken link on source page path = /leastprivilege/digitalsignature: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/securitycomborules.md -- Broken link on source page path = /leastprivilege/elevate/activexitems: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/uacpromptsactivex.md -- Broken link on source page path = /leastprivilege/elevate/applicationextension: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md -- Broken link on source page path = /leastprivilege/elevate/com_cslidclass: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/comsupport.md -- Broken link on source page path = /leastprivilege/elevate/executables: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/localadminrights.md -- Broken link on source page path = /leastprivilege/elevate/installers: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /leastprivilege/elevate/installfonts: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/installfonts.md -- Broken link on source page path = /leastprivilege/elevate/javajarfiles: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md -- Broken link on source page path = /leastprivilege/elevate/printerdriverinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/elevate/scripts: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md -- Broken link on source page path = /leastprivilege/events/createpolicy/audit: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/globalauditevent.md -- Broken link on source page path = /leastprivilege/events/createpolicy/cloud: - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- Broken link on source page path = /leastprivilege/events/operational: - -> linking to /docs/endpointpolicymanager/troubleshooting/eventcategories.md -- Broken link on source page path = /leastprivilege/events/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/troubleshooting/eventlogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/cloudevents.md -- Broken link on source page path = /leastprivilege/export: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mdm.md -- Broken link on source page path = /leastprivilege/itemleveltargeting: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/userfilter.md -- Broken link on source page path = /leastprivilege/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md -- Broken link on source page path = /leastprivilege/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/userfilter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacpromptsactivex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/scripts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/installfonts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowsuniversalapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securitycomborules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denymessages.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/preventedge.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevateuwp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/msi.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/enforce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/email.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applyondemand.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securecopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesfromadmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/winget.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/printeruacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/microsoftrecommendations.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denyselfelevate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecure.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/license.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/cloudinstall.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/macjointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationpackage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/systemsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/eventscollector.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/adminapproval.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmounpart2.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/finder.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/collectdiagnostics.md -- Broken link on source page path = /leastprivilege/policyeditor/scope: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/pplpmimplementationguide: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/troubleshooting/eventlogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md -- Broken link on source page path = /leastprivilege/preconfiguredxmls: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/preferences: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/removelocaladmin.md -- Broken link on source page path = /leastprivilege/reauthentication: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md -- Broken link on source page path = /leastprivilege/rules/apply/ondemand: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/applyondemand.md -- Broken link on source page path = /leastprivilege/rules/apply/selfelevation: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/selfelevatemode.md -- Broken link on source page path = /leastprivilege/rules/customizedtoken: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/runasadmin: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md -- Broken link on source page path = /leastprivilege/scopefilters/blockadmins: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/appblock.md -- Broken link on source page path = /leastprivilege/scopefilters/blockapp: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/powershellblock.md -- Broken link on source page path = /leastprivilege/scopefilters/elevateserviceaccount: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/scopefilters/enhancedsecurerun: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md -- Broken link on source page path = /leastprivilege/securecopy: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/securecopy.md -- Broken link on source page path = /leastprivilege/securerun/bestpractices: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md -- Broken link on source page path = /leastprivilege/securerun/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md -- Broken link on source page path = /leastprivilege/securerun/setup: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/tool/helper/elevate: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/helperdesktopshortcut.md -- Broken link on source page path = /leastprivilege/tool/helper/uacprompts: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/uacprompts.md -- Broken link on source page path = /leastprivilege/tool/rulesgenerator/automatic: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/wildcards: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/wildcards.md -- Broken link on source page path = /license/activedirectory/domainmultiple: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /license/activedirectory/domainou: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md -- Broken link on source page path = /license/activedirectory/gpoedit: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md -- Broken link on source page path = /license/editpolicies: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /license/mdm/hybrid: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /license/mdm/intune: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/mdm.md -- Broken link on source page path = /license/mdm/setup: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/licenserequestkey.md -- Broken link on source page path = /license/mdm/tool: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/mdm.md -- Broken link on source page path = /license/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/upgrades.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/legacy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/cleanup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/mdm.md -- Broken link on source page path = /license/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /license/trial: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /license/unlicense/componentscloud: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /license/unlicense/fileold: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/cleanup.md -- Broken link on source page path = /license/unlicense/forceddisabled: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /license/whenwhy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md -- Broken link on source page path = /licensing: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md -- Broken link on source page path = /mac/applicationlaunch: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/launchcontrol: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/applicationlaunch.md -- Broken link on source page path = /mac/scenarios/macfinder: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/finder.md -- Broken link on source page path = /mac/scenarios/macprivhelper: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/mountunmount: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/mountunmounpart2.md -- Broken link on source page path = /mac/scenarios/packageinstallation: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/applicationpackage.md -- Broken link on source page path = /mac/scenarios/sudo: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/wildcards.md -- Broken link on source page path = /mac/scenarios/systemsettings: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/systemsettings.md -- Broken link on source page path = /manuals: - -> linking to /docs/endpointpolicymanager/gettingstarted/basic-concepts.md - -> linking to /docs/endpointpolicymanager/platform-specific/mac-support/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/device-manager/devicemanager/overview.md - -> linking to /docs/endpointpolicymanager/application-management/browser-router/overview.md - -> linking to /docs/endpointpolicymanager/application-management/java-enterprise-rules/overview.md - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md - -> linking to /docs/endpointpolicymanager/compliance-and-reporting/group-policy-compliance-reporter/overview.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/feature-management/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/overview.md - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/overview.md - -> linking to /docs/endpointpolicymanager/deployment-methods/software-packages/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/overview.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/remote-desktop-protocol/overview.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/networksecuritymanager.md -- Broken link on source page path = /mdm/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /mdm/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md -- Broken link on source page path = /mdm/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/mobileiron.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/workspaceone.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/citrixendpointmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/admintemplates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraid.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupmembership.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupdetermine.md -- Broken link on source page path = /mdm/service/microsoftintune: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/microsoftintune.md -- Broken link on source page path = /mdm/service/mobileiron: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/mobileiron.md -- Broken link on source page path = /mdm/service/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md -- Broken link on source page path = /mdm/service/vmwareworkspaceone: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/workspaceone.md -- Broken link on source page path = /mdm/stackmsi: - -> linking to /docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md -- Broken link on source page path = /mdm/xmldatafiles/browserrouter: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/overview.md -- Broken link on source page path = /mdm/xmldatafiles/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/exporterutility.md -- Broken link on source page path = /mdm/xmldatafiles/preferences: - -> linking to /docs/endpointpolicymanager/policy-management/preferences/overview.md -- Broken link on source page path = /mdm/xmldatafiles/securitysettings: - -> linking to /docs/endpointpolicymanager/security-and-privilege-management/security-settings/overview.md -- Broken link on source page path = /preferences/componentlicense: - -> linking to /docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md -- Broken link on source page path = /preferences/overview: - -> linking to /docs/endpointpolicymanager/policy-management/preferences/settings.md -- Broken link on source page path = /remotedesktopprotocol/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdremotedesktopprotocol/vdiscenarios.md -- Broken link on source page path = /remoteworkdelivery/advanced/standard/recursion: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/masscopy.md -- Broken link on source page path = /remoteworkdelivery/cloudmdm: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/mdm.md -- Broken link on source page path = /remoteworkdelivery/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /remoteworkdelivery/gettingstarted/policiesweb: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/webbasedshares.md -- Broken link on source page path = /remoteworkdelivery/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/smb.md - -> linking to /docs/endpointpolicymanager/gettingstarted/basic-concepts.md -- Broken link on source page path = /remoteworkdelivery/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installsequentially.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/installuwp.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/updateclientsideextension.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/variables.md - -> linking to /docs/endpointpolicymanager/cloud-and-remote-management/remote-work-delivery/printers.md -- Broken link on source page path = /remoteworkdelivery/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/smb.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/webbasedshares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/masscopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/patching.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/localfilecopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/azureblobstorage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /scriptstriggers/gettoknow/usage: - -> linking to /docs/endpointpolicymanager/video/index.mdscriptstriggers/mapdrivetriggers.md -- Broken link on source page path = /scriptstriggers/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdscriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdscriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /scriptstriggers/networksecuritymanager: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md -- Broken link on source page path = /scriptstriggers/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdscriptstriggers/gettingstarted/onpremise.md -- Broken link on source page path = /scriptstriggers/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/cylance.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/onapplyscript.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/scriptlocation.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/powershellscripts.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows7tls.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlannetwork.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/wlandropbox.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/silentbrowserinstall.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/shortcutpublicdesktop.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/powershell.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/updateregistry.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/resetsecurechannel.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/temperatureunit.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/bitlockerdeployment.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/windows10modifyscript.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/teamsminimized.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/vpnconnection.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/eventlogtriggers.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localaccountpassword.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/mappeddrives/vpn.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/screensavers.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/processesdetails.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/edgefirstlogon.md - -> linking to /docs/endpointpolicymanager/automation-and-scripting/scripts-and-triggers/localscheduledtask.md -- Broken link on source page path = /scriptstriggers/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/chocolaty.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/windows10prolockscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/customdefaultfileassociations.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/unwantedapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/bitlocker.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/x509certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printersetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/auditpol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/lockunlocksession.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/shutdownscripts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/vpnconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/anyconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/pdqdeploy.md -- Broken link on source page path = /softwarepackage/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdsoftwarepackage/appxmanager.md -- Broken link on source page path = /softwarepackage/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/deployment-methods/software-packages/winget.md -- Broken link on source page path = /softwarepackage/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/appxmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/removeapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/blockapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/deployapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/run.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/extrastool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/mdm.md -- Broken link on source page path = /startscreentaskbar/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdstartscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md -- Broken link on source page path = /startscreentaskbar/helpertools: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/toolssetup.md -- Broken link on source page path = /startscreentaskbar/helperutility: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/helperutility.md -- Broken link on source page path = /startscreentaskbar/overview/knowledgebase: - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/modes.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/explorer.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/helpertools.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/foldershortcut.md - -> linking to /docs/endpointpolicymanager/device-and-desktop-management/start-screen-and-taskbar/addlink.md -- Broken link on source page path = /startscreentaskbar/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/helperutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/windows10startmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/demotaskbar.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/linksie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/customicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/startscreentaskbar/revertstartmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdmitemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/citrix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/onetime.md -- Broken link on source page path = /startscreentaskbar/taskbar: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/demotaskbar.md -- Broken link on source page path = /tips/embedclient: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdinstall/autoupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md -- Broken link on source page path = /tips/eventlogs: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdscriptstriggers/cloud.md -- Broken link on source page path = /tips/folderredirection: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md -- Broken link on source page path = /tips/thirdpartyadvice: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/disable: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/someapplications: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/acllockdown.md -- Broken link on source page path = /troubleshooting/applicationsettings/appset/storage: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md -- Broken link on source page path = /troubleshooting/applicationsettings/backup/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md -- Broken link on source page path = /troubleshooting/applicationsettings/basicsteps: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/entrysettings: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/java/issue: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/reapplylaunchdisable: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/chrome/forceinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/default: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md -- Broken link on source page path = /troubleshooting/browserrouter/install/defaultbrowser: - -> linking to /docs/endpointpolicymanager/application-management/file-associations/defaultbrowser.md -- Broken link on source page path = /troubleshooting/browserrouter/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/revertlegacy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /troubleshooting/changemanagementtools: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /troubleshooting/clientsideextension/uninstallpassword: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/cloud/grouppolicyeditors: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/reports.md -- Broken link on source page path = /troubleshooting/error/leastprivilege/serverbusy: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/opensavedialogs.md -- Broken link on source page path = /troubleshooting/fastsupport: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md -- Broken link on source page path = /troubleshooting/fileassociations/cortana: - -> linking to /docs/endpointpolicymanager/application-management/browser-router/defaultbrowser/defined.md -- Broken link on source page path = /troubleshooting/fileassociations/legacy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /troubleshooting/grouppolicycompliancereporter/clientendpoint: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/firewallports.md -- Broken link on source page path = /troubleshooting/hangingprocess: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/processmonitor.md -- Broken link on source page path = /troubleshooting/javaenterpriserules/javaprompts: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/java/lockdown.md -- Broken link on source page path = /troubleshooting/leastprivilege/sage50: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/installapplications.md -- Broken link on source page path = /troubleshooting/license/enterprisefull: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /troubleshooting/license/expires: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/cleanup.md -- Broken link on source page path = /troubleshooting/license/graceperiod: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /troubleshooting/license/legacy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/legacy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /troubleshooting/nondomain/limitations: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/chromenondomainjoined.md -- Broken link on source page path = /troubleshooting/preferences/clientmachines: - -> linking to /docs/endpointpolicymanager/gettingstarted/basic-concepts.md -- Broken link on source page path = /troubleshooting/procmon: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/logs.md -- Broken link on source page path = /troubleshooting/restoredetails: - -> linking to /docs/endpointpolicymanager/video/index.mdgrouppolicy/integration.md -- Broken link on source page path = /troubleshooting/scriptstriggers/systemprocesses: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md -- Broken link on source page path = /troubleshooting/slowlogins: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/import.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/customicons: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/customicons.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/office365: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/helperutility.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/rollback: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/onetime.md -- Broken link on source page path = /video/applicationsettings/trustedappsets: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backupoptions.md -- Broken link on source page path = /video/fileassociations/acroreader: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/windows10.md -- Broken link on source page path = /video/networksecurity/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/domainnames.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md -- Broken link on source page path = /video/remotedesktopprotocol/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/vdiscenarios.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/itemleveltargeting.md -- Broken link on source page path = /video/startscreentaskbar/windows10startmenu: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/windows10.md - -[SUCCESS] Generated static files in "build". -[INFO] Use `npm run serve` command to test your build locally. -Build completed successfully! diff --git a/docs/accessanalyzer/12.0/ultra_final_build.log b/docs/accessanalyzer/12.0/ultra_final_build.log deleted file mode 100644 index 7e11e02243..0000000000 --- a/docs/accessanalyzer/12.0/ultra_final_build.log +++ /dev/null @@ -1,2179 +0,0 @@ - -> netwrix-docs@0.1 build:single -> node scripts/build-single.js endpointpolicymanager - -Building single product: endpointpolicymanager -Using plugin ID: endpointpolicymanager -Starting build... -[INFO] [en] Creating an optimized production build... -[WARNING] Docusaurus site warnings: -- Your site is using the SWC js loader. You can safely remove the Babel config file at `babel.config.js`. -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/leastprivilege/sage50.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/applicationpackage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/packageinstallation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdsoftwarepackage/appxmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdadministrativetemplates/deployinternet.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/createpolicy/audit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/preconfiguredxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/events/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/centralstore.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/childprocesses.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/firstlogin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/insouts/advantages.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overviewinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/certificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/client.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/domainou.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/applyondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/ondemand.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/addons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/scriptstriggers/systemprocesses.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/preferences/componentlicense.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/dontelevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/appset/storage.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/executablecombo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/elevate.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/bypassinternal.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/systemsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/systemsettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/activedirectory/gpoedit.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/com_cslidclass.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/entrysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/wildcards.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/groups.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/uacpromptsactivex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/activexitems.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/apply/selfelevation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/certificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/install/leastprivilegemanagerrule.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientremote.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/editpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/whenwhy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/javajarfiles.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/firstpak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/quickstart/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/itemleveltargeting.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremotedesktopprotocol/vdiscenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remotedesktopprotocol/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/basicsteps.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/sudo.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/useemail.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/acltraverse.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/digitalsignature.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/securecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securecopy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/rules/customizedtoken.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/history.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/applicationlaunch.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/windowsuniversalapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/windowsuniversal.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/export.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/adminconsole.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/deny/standard.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/helper/uacprompts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/brandcustomize.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/connectionstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/chrome/proxysettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgettingstarted/freetraining.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/preventusercommands.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/bestpractices/rules/commandline.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/tool.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/mountunmount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/scripts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/onetime.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/rollback.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/applicationsettings/trustedappsets.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/specificcomponents.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/programs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/executables.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/editpolicytemplate/browsermode.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/adduser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/custombrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/custom.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/universalwindowsapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/preconfiguredadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloudusage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/adobereader.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mailto.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10modify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helpertool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/firstlogin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helperapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/acroreader.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10questions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdinstall/autoupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/policies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/domainnames.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/networksecurity/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremiseexport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/preferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/features.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/emaillogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/add/administrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/install/leastprivilegemanagerrule.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/fileinfoviewer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/registrationmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/rings/activedirectory.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdscriptstriggers/gettingstarted/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/appxmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/removeapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/blockapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/deployapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/run.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/extrastool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/softwarepackage/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/freetraining.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/sidexporter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/arm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/processmonitor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/gpobackup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/admx.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditordemo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditorsetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/startscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/applicationsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/admintemplatemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/browserrouter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/tour.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/leastprivilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/appmasking.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/profiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/startmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserdefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/broswerright.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserconfiguration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/elevatingapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/browserright.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/startscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/applicationsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/userfilter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacpromptsactivex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/scripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowsuniversalapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securitycomborules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denymessages.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/preventedge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevateuwp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/msi.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/enforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/email.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applyondemand.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesfromadmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/winget.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/printeruacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/microsoftrecommendations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denyselfelevate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/license.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/cloudinstall.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/macjointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationpackage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/systemsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/sudosupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/eventscollector.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmountpart1.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmounpart2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/collectdiagnostics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/smb.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/webbasedshares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/masscopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/patching.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/localfilecopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/azureblobstorage.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/managers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/pak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorecreate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstoreupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/quickrundown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/manualupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/uptodate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllreconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/variables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/proxysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/trustedappsets.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/ieproxyserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/certificatesevil.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/invincea.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxplugins.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevert.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevertfix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/oraclejava.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxabout.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromebookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/paksbig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firstpak.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/addelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/foxitprinter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firefox_plugins.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/sealapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo2.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xendesktop.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/rds.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/specops.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/vmware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/dedicated.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/localmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinappworkspace.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/appv.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/xenapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/uev.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/thinapp.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/symantec.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/spoonnovell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/applicationsettings/chrome.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/connectionstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/contenttab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/generaltab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/privacytab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/programstab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/securitytab.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/favorites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/clearbrowsing.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/bookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/defaultsearch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/popups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extensions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarks.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extratabs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/removeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/miscsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/adobe.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/addons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarksmodify.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/jre.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/securityslider.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/passwordsecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/teams.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acrobat.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/flashplayer.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/irfanview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/office.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/skype.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/startscreentaskbar/windows10startmenu.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/itemleveltargeting/editmanual.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/flatlegacyview.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/mmcconsole.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/grouppolicy/remotedesktopconnection.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicy/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/windows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/fileassociations/acroreader.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/vdiscenarios.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/video/remotedesktopprotocol/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/slowlogins.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/enforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/adminapproval/avoidpopups.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewtechnical.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modestandalone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modeserver.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepull.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepush.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/securityenhanced.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/firewallports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/intune.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/windows.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/windowsservers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/feature/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/windows10startmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/demotaskbar.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/linksie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/customicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/startscreentaskbar/revertstartmenu.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdmitemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/onetime.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowvendor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmhelpertool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/browserrouter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/block.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/oracledeploymentrulesets.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/versionsmultiple.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/xmlsurgery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/rightbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgesupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/blockwebsites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/custombrowsers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chromenondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieforce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/firefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chrome.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edge.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/browsericon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/smb.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/realgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/mobileiron.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/workspaceone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/citrixendpointmanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/admintemplates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupmembership.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupdetermine.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/realgposettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/cloudimport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/sccm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mergetool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/deployinternet.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/screensavers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateprinter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/drivemaps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/shortcuts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/delivergpprefs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/cloudlocaluser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/upgrades.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/legacy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/datasafety.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdinstall/autoupdate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/embedclient.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/bestpractices.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/rightbrowser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/citrix.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/chocolaty.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/windows10prolockscreen.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/customdefaultfileassociations.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/unwantedapps.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/bitlocker.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/x509certificates.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printersetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/auditpol.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/lockunlocksession.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/shutdownscripts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/vpnconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/anyconnect.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/overview/videolearningcenter.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/webbasedshares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/gettingstarted/policiesweb.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/defaultwindows10.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/defined.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/procmon.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/specialtypes.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/tool/rulesgenerator/automatic.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/downloads.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgrouppolicy/integration.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/restoredetails.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/existinggpos.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/admxsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/securitysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/preferences.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/createpolicy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/expires.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/helperapplication.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/helperutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/mapextensions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/useselectablebrowser.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helperutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/wizard.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/productwizard.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/extensions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/forceinstallation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/integration/onpremiseexport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/upload.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/tools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdscriptstriggers/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/itemleveltargeting/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdadministrativetemplates/switchedpolicies.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/gettoknow/computerside.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/enhancedsecurerun.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/convertxmls.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/itemleveltargeting/exportcollection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/longcodes.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/servicenow.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/reapplylaunchdisable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/backupoptions.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/tips.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/demotaskbar.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/taskbar.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/javaenterpriserules/prompts/firefoxinternetexplorer.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/stackmsi.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/workspaceone.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/vmwareworkspaceone.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/propertiesproject.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/gui.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/thunderbird.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/javathunderbird.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/firefox/disable.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/firefox/removeelements.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/preferences.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/disable.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/cloud/grouppolicyeditors.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/cloud/clientsilent.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/java/issue.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/mac/applicationlaunch.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/launchcontrol.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdscriptstriggers/mapdrivetriggers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/gettoknow/usage.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/applicationextension.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/realgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/helperutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/office365.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgpocompilancereporter/modepull.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installers.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/emaillogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/customerlog.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/processmonitor.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/hangingprocess.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/designstudio/importregistry.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/designstudio/regimporteruitility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/preconfiguredadvice.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/collections/preconfigured.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/security/publickeypoliciessettings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/defaultbrowser/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/ports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/ports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/browsericon.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/shortcuticons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/xmldatafiles/importpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/acllockdown.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/chrome/forceinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdfileassociations/applyonce.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/fileassociations/applymode.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/security/immutablelog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/quickstart/specialnotes.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/exportcollections.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/findfixgpos.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/prepareendpoint.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/mobileiron.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/mobileiron.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/testlab.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/blockwebsites.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/policy/block.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/deliveryreports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/together.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/xmldatafiles/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/elevateserviceaccount.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/acllockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/applock/someapplications.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/integration/entraid.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/configureentraidaccess.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/licensing/otherpolicydeliverymechanisms.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/gpotouchutility.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gpoexport/delivercertificates.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/knowledgebase.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/service/microsoftintune.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/printerdriverinstall.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockapp.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdremoteworkdelivery/masscopy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/advanced/standard/recursion.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/cleanup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/fileold.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/storage/central.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/scopefilters/blockadmins.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/privilegesecure/gettingstarted/client.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgpocompilancereporter/securityenhanced.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/mode/push/install.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/vdisolutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/trial.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/toolssetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/startscreentaskbar/helpertools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/clientsideextension/uninstallpassword.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fastsupport.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/enterprisefull.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/prepare.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/installfonts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/elevate/installfonts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgpocompilancereporter/firewallports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/clientendpoint.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/ieedgemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/edgespecial.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/edgemod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/windowseventforwarding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdscriptstriggers/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/eventlogs.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/policyeditor/scope.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/computergroups/workingwith.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/reauthentication.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdintegration/auditorsetup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/auditor/mmcsnapin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/preconfigured/firefox/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/thirdpartyadvice.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/updateclientsideextension.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/rings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/reports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/reports.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/editions/solutions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/iesitelists.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/browserrouter/internetexplorer/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/browserrouter/revertlegacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/graceperiod.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/legacy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/license/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/features.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/registrationmode.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/companydetails/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/mdm/hybrid.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/remoteworkdelivery/cloudmdm.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/fileassociations/legacy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/applicationsettings/backup/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/finder.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macfinder.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/forceddisabled.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/transition.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/error/leastprivilege/serverbusy.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgpocompilancereporter/modepush.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/domainmultiple.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/testlab/createdc.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/gettingstarted/quickstart/preparemanagementstation.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/tips/folderredirection.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/integration/azurevirutaldesktop.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/privilege.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/adminapproval.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mac/scenarios/macprivhelper.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdstartscreentaskbar/customicons.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/startscreentaskbar/customicons.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/pplpmimplementationguide.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdscriptstriggers/gettingstarted/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/windowsremoteassistance.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdlicense/unlicense.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/license/unlicense/componentscloud.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/java/lockdown.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/javaenterpriserules/javaprompts.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/superpowers.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/modes/settingsdeliveryreinforcementoptions.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/runasadmin.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/mdm/gettingstarted.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/applicationsettings/appsetfiles/versioncontrol.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/serialnumber.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/devicemanagerpolicies.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/cloud/interface/filebox.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/uptodate.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/touchutility.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/install/upgrade/settings.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mddevice/dmapprovalautorules.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mddevice/enduser.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/rules.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/changemanagementtools.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/securerun/stopransomware.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/autorulesgeneratortool.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/leastprivilege/securerun/setup.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdadministrativetemplates/collections.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/adminstrativetemplates/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdrive.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/cloud.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/device/devicemanager/overview.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/licenserequestkey.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/prepare/licensing.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdgpocompilancereporter/install.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/grouppolicycompliancereporter/install.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdbrowserrouter/chromenondomainjoined.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/troubleshooting/nondomain/limitations.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docs markdown link couldn't be resolved: (/docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md) in source file "/Users/jordan.violet/development/docs/docs/endpointpolicymanager/scriptstriggers/networksecuritymanager.md" for version current -[WARNING] Docusaurus found broken links! - -Please check the pages of your site in the list below, and make sure you don't reference any path that does not exist. -Note: it's possible to ignore broken links with the 'onBrokenLinks' Docusaurus configuration, and let the build pass. - -It looks like some of the broken links we found appear in many pages of your site. -Maybe those broken links appear on all pages through your site layout? -We recommend that you check your theme configuration for such links (particularly, theme navbar and footer). -Frequent broken links are linking to: -- /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md - -Exhaustive list of all broken links found: -- Broken link on source page path = /adminstrativetemplates/existinggpos: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/exportgpos.md -- Broken link on source page path = /adminstrativetemplates/export: - -> linking to /docs/endpointpolicymanager/video/index.mdadministrativetemplates/deployinternet.md -- Broken link on source page path = /adminstrativetemplates/gettoknow/computerside: - -> linking to /docs/endpointpolicymanager/video/index.mdadministrativetemplates/switchedpolicies.md -- Broken link on source page path = /adminstrativetemplates/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdadministrativetemplates/collections.md -- Broken link on source page path = /applicationsettings/appsetfiles/findfixgpos: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/appsetfiles/gpotouchutility: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/touchutility.md -- Broken link on source page path = /applicationsettings/appsetfiles/storage/central: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/appsetfiles/versioncontrol: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/centralstore: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/centralstorework.md -- Broken link on source page path = /applicationsettings/designstudio/navigation/tab/propertiesproject: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/itemleveltargeting.md -- Broken link on source page path = /applicationsettings/designstudio/quickstart/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/designstudio/firstpak.md -- Broken link on source page path = /applicationsettings/designstudio/regimporteruitility: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/designstudio/importregistry.md -- Broken link on source page path = /applicationsettings/modes/acllockdown: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/acllockdown.md -- Broken link on source page path = /applicationsettings/modes/settingsdeliveryreinforcementoptions: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/superpowers.md -- Broken link on source page path = /applicationsettings/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/managers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/pak.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorecreate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstoreupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/quickrundown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/manualupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllorphans.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/dllreconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/touchutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/itemleveltargetingbypass.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acllockdown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/variables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/proxysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/trustedappsets.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/ieproxyserver.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/certificatesevil.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/invincea.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxplugins.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevert.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromerevertfix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/oraclejava.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefoxabout.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chromebookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/paksbig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firstpak.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/importregistry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/addelements.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/foxitprinter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/firefox_plugins.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/sealapproval.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/demo2.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xenapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/xendesktop.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/citrix/rds.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/specops.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/vmware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/dedicated.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/localmode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/vdi/thinappworkspace.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/appv.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/xenapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/uev.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/thinapp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/symantec.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/virtualization/spoonnovell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/applicationsettings/chrome.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/connectionstab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/contenttab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/generaltab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/privacytab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/programstab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/securitytab.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/favorites.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/clearbrowsing.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/chrome/bookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/defaultsearch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/popups.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extensions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarks.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/extratabs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/removeelements.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/miscsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/adobe.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/addons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/firefox/bookmarksmodify.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/lockdown.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/jre.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/java/securityslider.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/passwordsecure.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/teams.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/acrobat.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/flashplayer.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/irfanview.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/office.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/skype.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/chrome/certificates: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/certificates.md -- Broken link on source page path = /applicationsettings/preconfigured/chrome/proxysettings: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/connectionstab.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/addons: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/addons.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/addons/forceinstallation: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/firefox/extensions.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/javathunderbird: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/thunderbird.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/preferences: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/firefox/disable.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/firefox/removeelements.md -- Broken link on source page path = /applicationsettings/preconfigured/firefox/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/shares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/designstudio/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/centralstorework.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/addons: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/programstab.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/certificates: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/certificates.md -- Broken link on source page path = /applicationsettings/preconfigured/internetexplorer/tab/programs: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/internetexplorer/programstab.md -- Broken link on source page path = /applicationsettings/preconfigured/itemleveltargeting/bypassinternal: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /applicationsettings/preconfigured/quickstart/specialnotes: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/dllorphans.md -- Broken link on source page path = /applicationsettings/windowsremoteassistance: - -> linking to /docs/endpointpolicymanager/video/index.mdscriptstriggers/gettingstarted/cloud.md -- Broken link on source page path = /browserrouter/defaultbrowser/defined: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/defaultwindows10.md -- Broken link on source page path = /browserrouter/defaultbrowser/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md -- Broken link on source page path = /browserrouter/editpolicytemplate/browsermode: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/ieedgemode.md -- Broken link on source page path = /browserrouter/internetexplorer/convertxmls: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/iesitelists.md -- Broken link on source page path = /browserrouter/internetexplorer/edgemod: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdbrowserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/internetexplorer/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/iesitelists.md -- Broken link on source page path = /browserrouter/internetexplorer/specialtypes: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/edgespecial.md -- Broken link on source page path = /browserrouter/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdbrowserrouter/citrix.md -- Broken link on source page path = /browserrouter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/rightbrowser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgesupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/blockwebsites.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edgespecial.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/userselecteddefault.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/citrix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/custombrowsers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chromenondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieforce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/firefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/chrome.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/edge.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/iesitelists.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ieedgemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/browsericon.md -- Broken link on source page path = /browserrouter/policy/block: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/blockwebsites.md -- Broken link on source page path = /browserrouter/policy/custom: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/custombrowsers.md -- Broken link on source page path = /browserrouter/ports: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/ports.md -- Broken link on source page path = /browserrouter/shortcuticons: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/browsericon.md -- Broken link on source page path = /browserrouter/useselectablebrowser: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/userselecteddefault.md -- Broken link on source page path = /cloud/adduser: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/add/administrator.md -- Broken link on source page path = /cloud/groups: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md -- Broken link on source page path = /cloud/interface/companydetails/companyadministrators/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/security/immutablelog.md -- Broken link on source page path = /cloud/interface/companydetails/configureentraidaccess: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/integration/entraid.md -- Broken link on source page path = /cloud/interface/companydetails/customerlog: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/emaillogs.md -- Broken link on source page path = /cloud/interface/companydetails/downloads: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /cloud/interface/companydetails/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/security/features.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/registrationmode.md -- Broken link on source page path = /cloud/interface/computergroups/workingwith: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /cloud/interface/filebox: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /cloud/interface/reports: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/reports.md -- Broken link on source page path = /cloud/interface/tools: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/mdm.md -- Broken link on source page path = /cloud/interface/xmldatafiles/createpolicy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/preferences.md -- Broken link on source page path = /cloud/interface/xmldatafiles/importpolicies: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/import.md -- Broken link on source page path = /cloud/interface/xmldatafiles/upload: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /cloud/licensing/otherpolicydeliverymechanisms: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/integration/onpremise.md -- Broken link on source page path = /cloud/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.md -- Broken link on source page path = /cloud/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremiseexport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/securitysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/preferences.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/features.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/immutablelog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/security/emaillogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/add/administrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/install/leastprivilegemanagerrule.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/entraid.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/fileinfoviewer.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/restricted_groups_editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/registrationmode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md -- Broken link on source page path = /cloud/security/datasafety: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/cloudevents.md -- Broken link on source page path = /cloud/security/publickeypoliciessettings: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/deploy/grouppolicysettings.md -- Broken link on source page path = /cloud/testlab: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/onpremise.md -- Broken link on source page path = /cloud/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/import.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/jointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/groups.md -- Broken link on source page path = /device/devicemanager/devicemanagerpolicies: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/serialnumber.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md -- Broken link on source page path = /device/devicemanager/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/usbdrive.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mddevice/cloud.md -- Broken link on source page path = /device/devicemanager/rules: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mddevice/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mddevice/enduser.md -- Broken link on source page path = /device/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdrive.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowuser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/usbdriveallowvendor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/serialnumber.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/bitlockerdrives.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/enduser.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmhelpertool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/dmapprovalautorules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mddevice/mdm.md -- Broken link on source page path = /editions/policies: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /editions/solutions: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md -- Broken link on source page path = /feature/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/windows.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/windowsservers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdfeature/mdm.md -- Broken link on source page path = /fileassociations/applymode: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/applyonce.md -- Broken link on source page path = /fileassociations/collections/preconfigured: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/preconfiguredadvice.md -- Broken link on source page path = /fileassociations/helperutility: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/helperapplication.md -- Broken link on source page path = /fileassociations/insouts/advantages: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/firstlogin.md -- Broken link on source page path = /fileassociations/itemleveltargeting/exportcollection: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /fileassociations/mapextensions: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/cloud.md -- Broken link on source page path = /fileassociations/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/universalwindowsapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/wizard.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/preconfiguredadvice.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/cloudusage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/adobereader.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/mailto.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10modify.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helpertool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/firstlogin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/helperapplication.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/acroreader.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/windows10questions.md -- Broken link on source page path = /fileassociations/productwizard: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/wizard.md -- Broken link on source page path = /gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /gettingstarted/history: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/ie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdbrowserrouter/defaultwindows10.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfileassociations/applyonce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md -- Broken link on source page path = /gettingstarted/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/freetraining.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/sidexporter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/arm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/editor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/processmonitor.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/gpobackup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/powershell.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/admx.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditordemo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdintegration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateinstall.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/elevateapplication.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/startscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/applicationsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/admintemplatemanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/browserrouter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/tour.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdwindowsvirtualdesktops/leastprivilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/appmasking.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/profiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/startmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserdefault.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/broswerright.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/browserconfiguration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdfslogix/elevatingapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/browserright.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/startscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcameyo/applicationsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /gettingstarted/prepare: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md -- Broken link on source page path = /gettingstarted/quickstart/cloud: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/endpointpolicymanagersettings.md -- Broken link on source page path = /gettingstarted/quickstart/grouppolicy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdgrouppolicy/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /gettingstarted/quickstart/mdm: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/testsample.md -- Broken link on source page path = /gettingstarted/quickstart/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdgettingstarted/freetraining.md -- Broken link on source page path = /gettingstarted/quickstart/overviewinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/explained.md -- Broken link on source page path = /gettingstarted/quickstart/prepareendpoint: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/mdm.md -- Broken link on source page path = /gettingstarted/quickstart/preparemanagementstation: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgrouppolicy/install.md -- Broken link on source page path = /gettingstarted/quickstart/specificcomponents: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.md#getting-started -- Broken link on source page path = /gpoexport/delivercertificates: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/deploy/grouppolicysettings.md -- Broken link on source page path = /gpoexport/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/realgposettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/cloudimport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/sccm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpoexport/mergetool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/deployinternet.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/screensavers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateprinter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/drivemaps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/consolidateregistry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/shortcuts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/delivergpprefs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdpreferences/cloudlocaluser.md -- Broken link on source page path = /grouppolicy/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/integration.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/itemleveltargeting/editmanual.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/flatlegacyview.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/mmcconsole.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/grouppolicy/remotedesktopconnection.md -- Broken link on source page path = /grouppolicycompliancereporter/deliveryreports: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/reports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/integration/onpremise.md -- Broken link on source page path = /grouppolicycompliancereporter/domainmultiple: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdgpocompilancereporter/modepush.md -- Broken link on source page path = /grouppolicycompliancereporter/install: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/install.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/pull/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/modepull.md -- Broken link on source page path = /grouppolicycompliancereporter/mode/push/install: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/securityenhanced.md -- Broken link on source page path = /grouppolicycompliancereporter/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/overviewtechnical.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modestandalone.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modeserver.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/install.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepull.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/modepush.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/securityenhanced.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/firewallports.md -- Broken link on source page path = /grouppolicycompliancereporter/prepare/licensing: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /install/adminconsole: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/centralstorework.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/shares.md -- Broken link on source page path = /install/cloud/client: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /install/cloud/clientremote: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/install/leastprivilegemanagerrule.md -- Broken link on source page path = /install/cloud/clientsilent: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md -- Broken link on source page path = /install/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdinstall/autoupdate.md -- Broken link on source page path = /install/rings: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/rings/activedirectory: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /install/upgrade/rings/cloud: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/groups.md -- Broken link on source page path = /install/upgrade/settings: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/uptodate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/touchutility.md -- Broken link on source page path = /install/upgrade/tips: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/backupoptions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdtroubleshooting/backup.md -- Broken link on source page path = /integration/auditor/mmcsnapin: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdintegration/auditorsetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /integration/azurevirutaldesktop: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/jointoken.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/client: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/gui: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/privilegesecure/gettingstarted/together: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecureclient.md -- Broken link on source page path = /integration/privilegesecure/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/integration/privilegesecure.md -- Broken link on source page path = /integration/servicenow: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/longcodes.md -- Broken link on source page path = /integration/vdisolutions: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/jointoken.md -- Broken link on source page path = /javaenterpriserules/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md -- Broken link on source page path = /javaenterpriserules/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdjavaenterpriserules/cloud.md -- Broken link on source page path = /javaenterpriserules/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/gettingstarted.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/browserrouter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/block.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/oracledeploymentrulesets.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/versionsmultiple.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/sccm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdjavaenterpriserules/xmlsurgery.md -- Broken link on source page path = /javaenterpriserules/prompts/firefoxinternetexplorer: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/java/lockdown.md -- Broken link on source page path = /knowledgebase: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /leastprivilege/acltraverse: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md -- Broken link on source page path = /leastprivilege/adminapproval/avoidpopups: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/enforce.md -- Broken link on source page path = /leastprivilege/adminapproval/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/adminapproval/demo.md -- Broken link on source page path = /leastprivilege/adminapproval/useemail: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/adminapproval/email.md -- Broken link on source page path = /leastprivilege/bestpractices/childprocesses: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securitychildprocesses.md -- Broken link on source page path = /leastprivilege/bestpractices/dontelevate: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/opensavedialogs.md -- Broken link on source page path = /leastprivilege/bestpractices/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md -- Broken link on source page path = /leastprivilege/bestpractices/rules/commandline: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/preventusercommands.md -- Broken link on source page path = /leastprivilege/bestpractices/rules/executablecombo: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/securitycomborules.md -- Broken link on source page path = /leastprivilege/brandcustomize: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/branding.md -- Broken link on source page path = /leastprivilege/deny/standard: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/applicationcontrol.md -- Broken link on source page path = /leastprivilege/deny/windowsuniversal: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/windowsuniversalapplications.md -- Broken link on source page path = /leastprivilege/digitalsignature: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/securitycomborules.md -- Broken link on source page path = /leastprivilege/elevate/activexitems: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/uacpromptsactivex.md -- Broken link on source page path = /leastprivilege/elevate/applicationextension: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md -- Broken link on source page path = /leastprivilege/elevate/com_cslidclass: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/comsupport.md -- Broken link on source page path = /leastprivilege/elevate/executables: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/localadminrights.md -- Broken link on source page path = /leastprivilege/elevate/installers: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /leastprivilege/elevate/installfonts: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/installfonts.md -- Broken link on source page path = /leastprivilege/elevate/javajarfiles: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md -- Broken link on source page path = /leastprivilege/elevate/printerdriverinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/elevate/scripts: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/elevate/scripts.md -- Broken link on source page path = /leastprivilege/events/createpolicy/audit: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/globalauditevent.md -- Broken link on source page path = /leastprivilege/events/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/cloudevents.md -- Broken link on source page path = /leastprivilege/export: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mdm.md -- Broken link on source page path = /leastprivilege/itemleveltargeting: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/userfilter.md -- Broken link on source page path = /leastprivilege/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md -- Broken link on source page path = /leastprivilege/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/userfilter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacpromptsactivex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/scripts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/elevate/installfonts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowsuniversalapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securitycomborules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denymessages.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/preventedge.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudrules.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevateuwp.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/msi.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/deleteicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/modifyhosts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/ntfspermissions.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/acltraverse/registry.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/longcodes.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/enforce.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/email.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applyondemand.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securecopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesfromadmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/helperdesktopshortcut.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/winget.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/printeruacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/microsoftrecommendations.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/denyselfelevate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecure.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/license.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/cloudinstall.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/macjointoken.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationpackage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/systemsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/applicationlaunch.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/eventscollector.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/adminapproval.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/mountunmounpart2.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/finder.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mac/collectdiagnostics.md -- Broken link on source page path = /leastprivilege/policyeditor/scope: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/appblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/pplpmimplementationguide: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgettingstarted/solutionmethods.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/start.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/localadminrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/comsupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/elevatinguserbasedinstalls.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/securitychildprocesses.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/opensavedialogs.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/wildcards.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/integration/privilegesecureclient.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/cloudevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/removelocaladmin.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/branding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/explained.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/introduction.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md -- Broken link on source page path = /leastprivilege/preconfiguredxmls: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/installapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/wingui.md -- Broken link on source page path = /leastprivilege/preferences: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/removelocaladmin.md -- Broken link on source page path = /leastprivilege/reauthentication: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/selfelevatemode.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/selfelevatemode/reauthenticate.md -- Broken link on source page path = /leastprivilege/rules/apply/ondemand: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/applyondemand.md -- Broken link on source page path = /leastprivilege/rules/apply/selfelevation: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/selfelevatemode.md -- Broken link on source page path = /leastprivilege/rules/customizedtoken: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/runasadmin: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/ntprintdialog.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdleastprivilege/wingui.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.md -- Broken link on source page path = /leastprivilege/scopefilters/blockadmins: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/appblock.md -- Broken link on source page path = /leastprivilege/scopefilters/blockapp: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/powershellblock.md -- Broken link on source page path = /leastprivilege/scopefilters/elevateserviceaccount: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md -- Broken link on source page path = /leastprivilege/scopefilters/enhancedsecurerun: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md -- Broken link on source page path = /leastprivilege/securecopy: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/securecopy.md -- Broken link on source page path = /leastprivilege/securerun/bestpractices: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/discovery.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/globalauditevent.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/autorulesgeneratortool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/adminapproval/demo.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/selfelevatemode/demo.md -- Broken link on source page path = /leastprivilege/securerun/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/securerun/feature.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/securerun/preventunsigned.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdleastprivilege/integration/pdqdeployblockmalware.md -- Broken link on source page path = /leastprivilege/securerun/setup: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/securerun/stopransomware.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/tool/helper/elevate: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/toolssetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/helperdesktopshortcut.md -- Broken link on source page path = /leastprivilege/tool/helper/uacprompts: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/uacprompts.md -- Broken link on source page path = /leastprivilege/tool/rulesgenerator/automatic: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/autorulesgeneratortool.md -- Broken link on source page path = /leastprivilege/wildcards: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/wildcards.md -- Broken link on source page path = /license/activedirectory/domainmultiple: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /license/activedirectory/domainou: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md -- Broken link on source page path = /license/activedirectory/gpoedit: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md -- Broken link on source page path = /license/editpolicies: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /license/mdm/hybrid: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/quickstart.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/integration/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /license/mdm/intune: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/mdm.md -- Broken link on source page path = /license/mdm/setup: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/licenserequestkey.md -- Broken link on source page path = /license/mdm/tool: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/mdm.md -- Broken link on source page path = /license/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/upgrades.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/legacy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/cleanup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/mdm.md -- Broken link on source page path = /license/transition: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /license/trial: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /license/unlicense/componentscloud: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /license/unlicense/fileold: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/cleanup.md -- Broken link on source page path = /license/unlicense/forceddisabled: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/unlicense.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /license/whenwhy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/grouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/internetexplorer/settings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/applicationcontrol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/serviceaccountrights.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdleastprivilege/bestpractices/powershellblock.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/switchedpolicies.md -- Broken link on source page path = /licensing: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/licenserequestkey.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdcloud/testlab/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdlicense/installuniversal.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md -- Broken link on source page path = /mac/applicationlaunch: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/launchcontrol: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/applicationlaunch.md -- Broken link on source page path = /mac/scenarios/macfinder: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/finder.md -- Broken link on source page path = /mac/scenarios/macprivhelper: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/privilege.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/adminapproval.md -- Broken link on source page path = /mac/scenarios/mountunmount: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/mountunmountpart1.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/mountunmounpart2.md -- Broken link on source page path = /mac/scenarios/packageinstallation: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/applicationpackage.md -- Broken link on source page path = /mac/scenarios/sudo: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/sudosupport.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/mac/wildcards.md -- Broken link on source page path = /mac/scenarios/systemsettings: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/mac/systemsettings.md -- Broken link on source page path = /mdm/gettingstarted: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/sccmsoftwarecenter.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeployfirefox.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdapplicationsettings/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmethods/sccmgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.md -- Broken link on source page path = /mdm/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md -- Broken link on source page path = /mdm/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/testlab/createdc.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/testsample.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/mobileiron.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/workspaceone.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/citrixendpointmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/admintemplates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exporterutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgrouppolicy/renameendpoint.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraid.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupmembership.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/itemleveltargeting/entraidgroupdetermine.md -- Broken link on source page path = /mdm/service/microsoftintune: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/microsoftintune.md -- Broken link on source page path = /mdm/service/mobileiron: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/mobileiron.md -- Broken link on source page path = /mdm/service/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/realgrouppolicy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md -- Broken link on source page path = /mdm/service/vmwareworkspaceone: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/workspaceone.md -- Broken link on source page path = /mdm/stackmsi: - -> linking to /docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md -- Broken link on source page path = /mdm/xmldatafiles/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdmdm/exporterutility.md -- Broken link on source page path = /preferences/componentlicense: - -> linking to /docs/endpointpolicymanager/video/index.mdmethods/exporterutility.md -- Broken link on source page path = /remotedesktopprotocol/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdremotedesktopprotocol/vdiscenarios.md -- Broken link on source page path = /remoteworkdelivery/advanced/standard/recursion: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/masscopy.md -- Broken link on source page path = /remoteworkdelivery/cloudmdm: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/mdm.md -- Broken link on source page path = /remoteworkdelivery/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdremoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /remoteworkdelivery/gettingstarted/policiesweb: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/webbasedshares.md -- Broken link on source page path = /remoteworkdelivery/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdremoteworkdelivery/smb.md -- Broken link on source page path = /remoteworkdelivery/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/smb.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/webbasedshares.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/masscopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/patching.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/localfilecopy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/azureblobstorage.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdremoteworkdelivery/updateclientsideextension.md -- Broken link on source page path = /scriptstriggers/gettoknow/usage: - -> linking to /docs/endpointpolicymanager/video/index.mdscriptstriggers/mapdrivetriggers.md -- Broken link on source page path = /scriptstriggers/itemleveltargeting/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdscriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdscriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdmdm/exporterutility.md -- Broken link on source page path = /scriptstriggers/networksecuritymanager: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md -- Broken link on source page path = /scriptstriggers/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdscriptstriggers/gettingstarted/onpremise.md -- Broken link on source page path = /scriptstriggers/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/onpremise.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/gettingstarted/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/chocolaty.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/windows10prolockscreen.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/customdefaultfileassociations.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/unwantedapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/bitlocker.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/x509certificates.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/printersetup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/auditpol.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/scripttriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mapdrivetriggers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/lockunlocksession.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/shutdownscripts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/vpnconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/anyconnect.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/events.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdscriptstriggers/integration/pdqdeploy.md -- Broken link on source page path = /softwarepackage/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdsoftwarepackage/appxmanager.md -- Broken link on source page path = /softwarepackage/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/appxmanager.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/removeapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/blockapps.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/deployapplications.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/winget/run.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/extrastool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdsoftwarepackage/mdm.md -- Broken link on source page path = /startscreentaskbar/exportcollections: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdstartscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdmdm/testsample.md -- Broken link on source page path = /startscreentaskbar/helpertools: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/uacprompts.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/toolssetup.md -- Broken link on source page path = /startscreentaskbar/helperutility: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/helperutility.md -- Broken link on source page path = /startscreentaskbar/overview/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/helperutility.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/windows10startmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/demotaskbar.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/itemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/linksie.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/customicons.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdtroubleshooting/startscreentaskbar/revertstartmenu.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/nondomainjoined.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/mdmitemleveltargeting.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/citrix.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/integration/pdqdeploy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdstartscreentaskbar/onetime.md -- Broken link on source page path = /startscreentaskbar/taskbar: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/demotaskbar.md -- Broken link on source page path = /tips/embedclient: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdinstall/autoupdate.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/groups.md -- Broken link on source page path = /tips/eventlogs: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdleastprivilege/windowseventforwarding.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdscriptstriggers/cloud.md -- Broken link on source page path = /tips/folderredirection: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/admxfiles.md -- Broken link on source page path = /tips/thirdpartyadvice: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/importstig.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdgpocompilancereporter/existinggpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/reducegpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdadministrativetemplates/collections.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdcloud/deploy/grouppolicysettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/exportgpos.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdindex.mdmdm/microsoftintune.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/disable: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdapplicationsettings/superpowers.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/applicationsettings/applock/someapplications: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/acllockdown.md -- Broken link on source page path = /troubleshooting/applicationsettings/appset/storage: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/shares.md -- Broken link on source page path = /troubleshooting/applicationsettings/backup/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md -- Broken link on source page path = /troubleshooting/applicationsettings/basicsteps: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/entrysettings: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/java/issue: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/itemleveltargetingbypass.md -- Broken link on source page path = /troubleshooting/applicationsettings/reapplylaunchdisable: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/chrome/forceinstall: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/overview: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/browserrouter/revertlegacy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /troubleshooting/changemanagementtools: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/history.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/advancedgrouppolicymanagement.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/gpoadmintool.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/netiq.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/scriptlogicactiveadministrator.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdindex.mdchangemanagementutilities/sdmchangemanager.md -- Broken link on source page path = /troubleshooting/clientsideextension/uninstallpassword: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/admxfiles.md -- Broken link on source page path = /troubleshooting/cloud/grouppolicyeditors: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/reports.md -- Broken link on source page path = /troubleshooting/error/leastprivilege/serverbusy: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/opensavedialogs.md -- Broken link on source page path = /troubleshooting/fastsupport: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdtroubleshooting/logs.md -- Broken link on source page path = /troubleshooting/fileassociations/legacy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/admxfiles.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdcloud/admxfiles.md -- Broken link on source page path = /troubleshooting/grouppolicycompliancereporter/clientendpoint: - -> linking to /docs/endpointpolicymanager/video/index.mdgpocompilancereporter/firewallports.md -- Broken link on source page path = /troubleshooting/hangingprocess: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/processmonitor.md -- Broken link on source page path = /troubleshooting/javaenterpriserules/javaprompts: - -> linking to /docs/endpointpolicymanager/video/index.mdapplicationsettings/java/lockdown.md -- Broken link on source page path = /troubleshooting/leastprivilege/sage50: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/installapplications.md -- Broken link on source page path = /troubleshooting/license/enterprisefull: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /troubleshooting/license/expires: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/cleanup.md -- Broken link on source page path = /troubleshooting/license/graceperiod: - -> linking to /docs/endpointpolicymanager/video/index.mdlicense/installuniversal.md -- Broken link on source page path = /troubleshooting/license/legacy: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/legacy.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdlicense/installuniversal.md -- Broken link on source page path = /troubleshooting/nondomain/limitations: - -> linking to /docs/endpointpolicymanager/video/index.mdbrowserrouter/chromenondomainjoined.md -- Broken link on source page path = /troubleshooting/procmon: - -> linking to /docs/endpointpolicymanager/video/index.mdtroubleshooting/logs.md -- Broken link on source page path = /troubleshooting/restoredetails: - -> linking to /docs/endpointpolicymanager/video/index.mdgrouppolicy/integration.md -- Broken link on source page path = /troubleshooting/scriptstriggers/systemprocesses: - -> linking to /docs/endpointpolicymanager/video/index.mdleastprivilege/bestpractices/securerun/usersystemexecutables.md -- Broken link on source page path = /troubleshooting/slowlogins: - -> linking to /docs/endpointpolicymanager/video/index.mdcloud/import.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/customicons: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/customicons.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/office365: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/helperutility.md -- Broken link on source page path = /troubleshooting/startscreentaskbar/rollback: - -> linking to /docs/endpointpolicymanager/video/index.mdstartscreentaskbar/onetime.md -- Broken link on source page path = /video/applicationsettings/trustedappsets: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backup.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdtroubleshooting/backupoptions.md -- Broken link on source page path = /video/fileassociations/acroreader: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/windows10.md -- Broken link on source page path = /video/networksecurity/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/basics.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/domainnames.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/applicationsports.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/globalsettings.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdindex.mdnetworksecurity/auditingevents.md -- Broken link on source page path = /video/remotedesktopprotocol/videolearningcenter: - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/vdiscenarios.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/cloud.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/mdm.md - -> linking to /docs/endpointpolicymanager/video/index.mdindex.mdindex.mdindex.mdremotedesktopprotocol/itemleveltargeting.md -- Broken link on source page path = /video/startscreentaskbar/windows10startmenu: - -> linking to /docs/endpointpolicymanager/video/index.mdfileassociations/windows10.md - -[WARNING] Docusaurus found broken anchors! - -Please check the pages of your site in the list below, and make sure you don't reference any anchor that does not exist. -Note: it's possible to ignore broken anchors with the 'onBrokenAnchors' Docusaurus configuration, and let the build pass. - -Exhaustive list of all broken anchors found: -- Broken anchor on source page path = /applicationsettings/designstudio/overview: - -> linking to /video/#designstudio-how-to - -[SUCCESS] Generated static files in "build". -[INFO] Use `npm run serve` command to test your build locally. -Build completed successfully! diff --git a/docs/accessanalyzer/12.0/whatsnew.md b/docs/accessanalyzer/12.0/whatsnew.md index 6d51b15f27..bab78ce1c3 100644 --- a/docs/accessanalyzer/12.0/whatsnew.md +++ b/docs/accessanalyzer/12.0/whatsnew.md @@ -1,7 +1,5 @@ -# What's New in Access Analyzer +# What's New -This document contains information about new features and enhancements in Access Analyzer. +## New Netwrix Community! -## Latest Release - -For the latest release information, please visit the [Netwrix website](https://www.netwrix.com) or contact [Netwrix Support](https://www.netwrix.com/support.html). +All Netwrix product announcements have moved to the new Netwrix Community. See announcements for Netwrix Access Analyzer (formerly Enterprise Auditor) in the [Access Analyzer](https://community.netwrix.com/c/94) area of our new community. \ No newline at end of file diff --git a/docs/accessinformationcenter/11.6/access-management/access-requests/manage-requests.md b/docs/accessinformationcenter/11.6/access-management/access-requests/manage-requests.md index 9d79809c11..a05d9b7bb5 100644 --- a/docs/accessinformationcenter/11.6/access-management/access-requests/manage-requests.md +++ b/docs/accessinformationcenter/11.6/access-management/access-requests/manage-requests.md @@ -28,7 +28,7 @@ Select the desired request on the [Request History Tab](/docs/accessinformationcenter/11.6/access-management/access-requests/overview.md#request-history-tab) of the Access Requests interface and click **View Changes**. The Changes window opens. -![Changes window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/changes.webp) +![Changes window](/img/product_docs/accessanalyzer/11.6/install/application/upgrade/changes.webp) The table displays the following information for selected trustee: diff --git a/docs/accessinformationcenter/11.6/access-management/access-requests/request-access.md b/docs/accessinformationcenter/11.6/access-management/access-requests/request-access.md index e043e3f6f2..47fb0f48ad 100644 --- a/docs/accessinformationcenter/11.6/access-management/access-requests/request-access.md +++ b/docs/accessinformationcenter/11.6/access-management/access-requests/request-access.md @@ -83,7 +83,7 @@ resource is in your list, select it and click **Remove**. Click **OK** to close **Step 7 –** Click **Next** and the Access Information Center starts the action. -![Request Access wizard request sent message](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Request Access wizard request sent message](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 8 –** The action status displays on the page. When the action has completed (100%), click **Finish**. The Request Access wizard closes. @@ -125,7 +125,7 @@ click **Cancel**. The Cancel Request wizard opens. be included in the e-mail notification sent to the requester. Click **Next** and the Access Information Center starts the action. -![Cancel Request wizard complete message](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Cancel Request wizard complete message](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 3 –** The action status displays on the page. When the cancellation action has completed (100%), click **Finish**. The Cancel Request wizard closes. diff --git a/docs/accessinformationcenter/11.6/access-management/resource-owners/manage-owners.md b/docs/accessinformationcenter/11.6/access-management/resource-owners/manage-owners.md index b3eabd80be..45954ec674 100644 --- a/docs/accessinformationcenter/11.6/access-management/resource-owners/manage-owners.md +++ b/docs/accessinformationcenter/11.6/access-management/resource-owners/manage-owners.md @@ -69,7 +69,7 @@ the owners: Tool-tips display when hovering over the icons indicating whether the resource ownership has been confirmed, declined, pending response, or that a confirmation has not been requested. -![Add new resource wizard showing 3. Description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/description.webp) +![Add new resource wizard showing 3. Description page](/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/description.webp) **Step 5 –** On the Description page, optionally add a description for the resource in the textbox. Then click **Next**. @@ -98,12 +98,12 @@ topic for additional information. **Step 8 –** Click **Next** to continue. -![Add new resource wizard showing 5. Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Add new resource wizard showing 5. Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) **Step 9 –** On the Summary page, review the settings and click **Next**. The Access Information Center begins to process the ownership configuration. -![Add new resource wizard completed page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Add new resource wizard completed page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 10 –** The action status displays on the page. When the task has completed (100%), click **Close**. The Add new resource wizard closes. @@ -146,7 +146,7 @@ Center begins to send the confirmation email. The table provides the following i Tool-tips display when hovering over the icons indicating whether the resource ownership has been confirmed, declined, pending response, or that a confirmation has not been requested. -![Owners have been notified message](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Owners have been notified message](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 3 –** The action status displays on the page. When the owner confirmation notification has completed (100%), click Close. The Confirm Ownership wizard closes. @@ -232,7 +232,7 @@ exclamation icon. You can not continue with the import if any row contains an in owner. To remove a resource from the table, select the row and click **Remove**. The row is removed from the table. -![Import Owners wizard 2. Options page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp) +![Import Owners wizard 2. Options page](/img/product_docs/accessanalyzer/11.6/install/application/options.webp) **Step 4 –** On the Options page, configure the available options as required. @@ -249,7 +249,7 @@ from the table. **Step 5 –** Click **Next**. The Access Information Center will begin to process the import. -![Import Owners wizard completed import page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Import Owners wizard completed import page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 6 –** The action status displays on the page. When the update has completed (100%), click **Close**. The Import Owners wizard closes. @@ -315,7 +315,7 @@ information on the owners: Tool-tips display when hovering over the icons indicating whether the resource ownership has been confirmed, declined, pending response, or that a confirmation has not been requested. -![Update resource wizard showing 2. Description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/description.webp) +![Update resource wizard showing 2. Description page](/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/description.webp) **Step 3 –** The Description page displays any description that has been provided by either the Ownership Administrator or the assigned owner(s) for the resource. Modify as desired by typing in @@ -340,12 +340,12 @@ desired. See the [Select Group Window](/docs/accessinformationcenter/11.6/access-management/resource-owners/manage-owners.md) topic for additional information. -![Update resource wizard showing 4. Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Update resource wizard showing 4. Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) **Step 5 –** On the Summary page, review the settings and click **Next**. The Access Information Center begins to process the ownership configuration. -![Update resource wizard completed page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Update resource wizard completed page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 6 –** The action status displays on the page. When the update has completed (100%), click **Close**. The Update resource wizard closes. diff --git a/docs/accessinformationcenter/11.6/access-management/resource-owners/owner-portal.md b/docs/accessinformationcenter/11.6/access-management/resource-owners/owner-portal.md index 8ca5ca8284..abcf63ef57 100644 --- a/docs/accessinformationcenter/11.6/access-management/resource-owners/owner-portal.md +++ b/docs/accessinformationcenter/11.6/access-management/resource-owners/owner-portal.md @@ -11,7 +11,7 @@ been assigned a user role beyond owner. - For an owner without an assigned user role, the Access Information Center will open directly to the Owner portal. -![Owner Portal interface with 3 sections identified](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overview.webp) +![Owner Portal interface with 3 sections identified](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overview.webp) The Owner portal has three sections: @@ -172,7 +172,7 @@ Resource Access wizard opens. selected, the **Notify users about their change in access** option will send an email to the users who have been granted access to the resource. Click **Next**. -![Change Resource Access wizard showing 2. Add Access page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/addaccess.webp) +![Change Resource Access wizard showing 2. Add Access page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/addaccess.webp) **Step 3 –** On the Add Access page, indicate the new users. Entering a name or email address in the search field to find and select users from Active Directory, which populate in a drop-down menu as @@ -208,7 +208,7 @@ menu. _Remember,_ Notes are included in the notification sent to the user (if selected) and recorded with the historical record of this change. -![Change Resource Access wizard completed updates message](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Change Resource Access wizard completed updates message](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 8 –** The action status displays on the page. When the update has completed (100%), click **Finish**. The Change Resource Access wizard closes. @@ -268,7 +268,7 @@ process the updates. _Remember,_ Notes are included in the notification sent to the user (if selected) and recorded with the historical record of this change. -![Change Resource Access wizard completed updates message](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Change Resource Access wizard completed updates message](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 7 –** The action status displays on the page. When the update has completed (100%), click **Finish**. The Change Resource Access wizard closes. diff --git a/docs/accessinformationcenter/11.6/access-management/resource-reviews/create-review.md b/docs/accessinformationcenter/11.6/access-management/resource-reviews/create-review.md index abceffe844..db49160270 100644 --- a/docs/accessinformationcenter/11.6/access-management/resource-reviews/create-review.md +++ b/docs/accessinformationcenter/11.6/access-management/resource-reviews/create-review.md @@ -80,7 +80,7 @@ Follow the steps to create a review. **NOTE:** If creating a Sensitive Data review, continue to Step 3. For all other review types, skip to Step 5. -![Create Review wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) +![Create Review wizard Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) **Step 3 –** On the Criteria page, select the types of sensitive criteria to include in the Sensitive Data review from the list on the left and click **Add**. Multiple items can be selected @@ -142,7 +142,7 @@ created. - Once the desired resources have been selected, click **Next**. -![Create Review wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Create Review wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) **Step 6 –** On the Summary page, review the settings and click **Next**. The Access Information Center begins to create the review. @@ -200,7 +200,7 @@ edited. **NOTE:** If creating a Sensitive Data review, continue to Step 3. For all other review types, skip to Step 5. -![Edit Review wizard Criteria page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) +![Edit Review wizard Criteria page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp) **Step 3 –** On the Criteria page, you can modify the selected types of sensitive criteria to include in the Sensitive Data review if no responses have been received. If responses for one or @@ -267,12 +267,12 @@ or removing parent resources from the review also adds or removes their children - Once the desired resources have been selected, click **Next**. -![Edit Review wizard Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Edit Review wizard Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) **Step 6 –** On the Summary page, review the updated settings and click **Next**. The Access Information Center begins to update the review. -![Edit Review wizard update completed message](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Edit Review wizard update completed message](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 7 –** The action status displays on the page. When the review has been updated (100%), click **Close**. The Edit Review wizard closes. diff --git a/docs/accessinformationcenter/11.6/administration/configuration/active-directory.md b/docs/accessinformationcenter/11.6/administration/configuration/active-directory.md index bcea570212..0ecf44c49a 100644 --- a/docs/accessinformationcenter/11.6/administration/configuration/active-directory.md +++ b/docs/accessinformationcenter/11.6/administration/configuration/active-directory.md @@ -13,7 +13,7 @@ connecting to the database. If your Database service account uses: - Windows authentication credentials — The same domain credentials are also used for the Active Directory service account -![Configuration interface showing the Active Directory page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) +![Configuration interface showing the Active Directory page](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/activedirectory.webp) There are two options for the type of Active Directory service account: diff --git a/docs/accessinformationcenter/11.6/administration/configuration/console-access.md b/docs/accessinformationcenter/11.6/administration/configuration/console-access.md index 2b664ab255..a12d99202c 100644 --- a/docs/accessinformationcenter/11.6/administration/configuration/console-access.md +++ b/docs/accessinformationcenter/11.6/administration/configuration/console-access.md @@ -4,7 +4,7 @@ Console access to the is configured through the **Configuration** > **Console Ac users to the Access Information Center requires data to be collected by the Enterprise Auditor .Active Directory Inventory Solution. -![Console Access Configuration page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Console Access Configuration page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccess.webp) There are five levels of access, or Roles, which can be granted to domain users or groups: @@ -49,7 +49,7 @@ their assigned role or lack of role. Follow the steps to grant domain users or groups console access. -![Console Access Configuration page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Console Access Configuration page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccess.webp) **Step 1 –** In the Configuration interface on the Console Access page, click Add. The Console Access wizard opens. diff --git a/docs/accessinformationcenter/11.6/administration/configuration/entra-id-sso.md b/docs/accessinformationcenter/11.6/administration/configuration/entra-id-sso.md index 8719ba5794..272cb99643 100644 --- a/docs/accessinformationcenter/11.6/administration/configuration/entra-id-sso.md +++ b/docs/accessinformationcenter/11.6/administration/configuration/entra-id-sso.md @@ -62,7 +62,7 @@ table, and then click **Save**. Once configured they should show under Additional claims as below: -![Claims configured](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/entraidssoclaims.webp) +![Claims configured](/img/product_docs/accessanalyzer/11.6/install/application/reports/entraidssoclaims.webp) **Step 7 –** In the **Manage** > **Users and groups** section for your application, add any required users or groups to give permission to access the application. diff --git a/docs/accessinformationcenter/11.6/administration/configuration/overview.md b/docs/accessinformationcenter/11.6/administration/configuration/overview.md index 76113652cd..2ac05c63e2 100644 --- a/docs/accessinformationcenter/11.6/administration/configuration/overview.md +++ b/docs/accessinformationcenter/11.6/administration/configuration/overview.md @@ -3,7 +3,7 @@ The Configuration interface is available only to users with the Administrator role. It is opened by the **Configure Console** link on the Home page. -![Configuration interface showing the Console Access page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Configuration interface showing the Console Access page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccess.webp) It has the following pages: diff --git a/docs/accessinformationcenter/11.6/getting-started/overview.md b/docs/accessinformationcenter/11.6/getting-started/overview.md index bc0278b01e..35e7e850db 100644 --- a/docs/accessinformationcenter/11.6/getting-started/overview.md +++ b/docs/accessinformationcenter/11.6/getting-started/overview.md @@ -219,7 +219,7 @@ topic for information on where different types of users are directed after login ## Web Console Login Page -![Web Console Login page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolelogin.webp) +![Web Console Login page](/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolelogin.webp) The Enterprise Auditor Web Console login page displays the Netwrix Enterprise Auditor logo at the top and the browser tab is named Netwrix Enterprise Auditor. In order for a user to log into the Web diff --git a/docs/accessinformationcenter/11.6/installation/install.md b/docs/accessinformationcenter/11.6/installation/install.md index a36a3f7f33..f883bbe3d9 100644 --- a/docs/accessinformationcenter/11.6/installation/install.md +++ b/docs/accessinformationcenter/11.6/installation/install.md @@ -23,7 +23,7 @@ desired, click **Next**. **NOTE:** The default location is `C:\Program Files\STEALTHbits\Access Information Center\`. There are no specific requirements for changing the path. -![AIC Setup Wizard SQL Server Connection page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/sqlserver.webp) +![AIC Setup Wizard SQL Server Connection page](/img/product_docs/accessanalyzer/11.6/install/application/sqlserver.webp) **Step 5 –** On the SQL Server Connection page, provide the required database information. Click Next to test the connection to the SQL Server. If there are no errors, the next wizard page will @@ -52,7 +52,7 @@ installation. See the [Database Page](/docs/accessinformationcenter/11.6/administration/configuration/database.md) topic for additional information. -![AIC Setup Wizard Configure Web Server page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/webserver.webp) +![AIC Setup Wizard Configure Web Server page](/img/product_docs/accessanalyzer/11.6/admin/action/survey/webserver.webp) **Step 6 –** On the Configure Web Server page, you can choose between the default port and a custom port on which the application will be accessible. To change the port, enter a new port number in the @@ -62,7 +62,7 @@ field. When the port is set as desired, click **Next**. **Step 7 –** On the Ready to install page, click Install to begin the process. -![AIC Setup Wizard Completed page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![AIC Setup Wizard Completed page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 8 –** Once the installation has successfully completed, click Finish to exit the wizard. diff --git a/docs/accessinformationcenter/11.6/installation/secure.md b/docs/accessinformationcenter/11.6/installation/secure.md index f641ec08a8..60c4d99fdc 100644 --- a/docs/accessinformationcenter/11.6/installation/secure.md +++ b/docs/accessinformationcenter/11.6/installation/secure.md @@ -166,16 +166,16 @@ Follow the steps to configure local intranet settings. **Step 1 –** Open Windows Internet Properties (**Control Panel** > **Network and Internet** > **Internet Options**). -![ConfigureLocalIntranetSettingsforSSO - 1](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/internetproperties.webp) +![ConfigureLocalIntranetSettingsforSSO - 1](/img/product_docs/accessanalyzer/11.6/install/application/reports/internetproperties.webp) **Step 2 –** Go to the Security tab, and select the **Local Intranet** option. Then, click the **Sites** button. -![localintranet](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localintranet.webp) +![localintranet](/img/product_docs/accessanalyzer/11.6/install/application/reports/localintranet.webp) **Step 3 –** Click the **Advanced** button. -![localintranetadvanced](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localintranetadvanced.webp) +![localintranetadvanced](/img/product_docs/accessanalyzer/11.6/install/application/reports/localintranetadvanced.webp) **Step 4 –** Enter a domain in the **Add this website in the zone** field. Ensure the fully qualified domain name is in the following format: `https://..com` diff --git a/docs/accessinformationcenter/11.6/reference/group-membership.md b/docs/accessinformationcenter/11.6/reference/group-membership.md index eb9b6249fc..3dda51c325 100644 --- a/docs/accessinformationcenter/11.6/reference/group-membership.md +++ b/docs/accessinformationcenter/11.6/reference/group-membership.md @@ -3,7 +3,7 @@ When a group trustee appears in the Trustee Name column of a review, it appears as a blue hyperlink in addition to the group icon displayed in front of the name. -![Resource Reviews page showing the Group Membership window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp) +![Resource Reviews page showing the Group Membership window](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupmembership.webp) Click the hyperlink to open the Group Membership window. The group’s direct membership is listed for review. Click **Close** to return to the review. diff --git a/docs/accessinformationcenter/11.6/resource-audit/active-directory/domain-audit.md b/docs/accessinformationcenter/11.6/resource-audit/active-directory/domain-audit.md index 6a01c7d20f..2fe7027602 100644 --- a/docs/accessinformationcenter/11.6/resource-audit/active-directory/domain-audit.md +++ b/docs/accessinformationcenter/11.6/resource-audit/active-directory/domain-audit.md @@ -153,7 +153,7 @@ The following columns display the combined direct and inherited rights: The Permissions report at the domain object level provides the trustees that have rights on the selected Active Directory object. -![Permissions report at the domain object level](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp) +![Permissions report at the domain object level](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp) This report is comprised of the following columns: diff --git a/docs/accessinformationcenter/11.6/resource-audit/change-modeling/overview.md b/docs/accessinformationcenter/11.6/resource-audit/change-modeling/overview.md index 048ad607e3..234fd8297c 100644 --- a/docs/accessinformationcenter/11.6/resource-audit/change-modeling/overview.md +++ b/docs/accessinformationcenter/11.6/resource-audit/change-modeling/overview.md @@ -5,7 +5,7 @@ membership. This allows Access Information Center users to see what steps must b access or group membership, and see what impact these changes would have on access across the targeted file systems. -![Modeled Access Changes report](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overview.webp) +![Modeled Access Changes report](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overview.webp) The change modeling process is a feature of the Group Membership pane. You should begin by reviewing a trustee's effective access to a File System resource in diff --git a/docs/accessinformationcenter/11.6/resource-audit/custom-imports/flexible-imports.md b/docs/accessinformationcenter/11.6/resource-audit/custom-imports/flexible-imports.md index b894c2c281..cec6fc914c 100644 --- a/docs/accessinformationcenter/11.6/resource-audit/custom-imports/flexible-imports.md +++ b/docs/accessinformationcenter/11.6/resource-audit/custom-imports/flexible-imports.md @@ -65,7 +65,7 @@ for additional information. The Permissions report for imported data shows the permissions for trustees on the resource. -![Permissions report for imported data](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp) +![Permissions report for imported data](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp) This report is comprised of the following columns: diff --git a/docs/accessinformationcenter/11.6/resource-audit/navigation/icons.md b/docs/accessinformationcenter/11.6/resource-audit/navigation/icons.md index 4a38a779b4..539c45ec84 100644 --- a/docs/accessinformationcenter/11.6/resource-audit/navigation/icons.md +++ b/docs/accessinformationcenter/11.6/resource-audit/navigation/icons.md @@ -11,8 +11,8 @@ The following table contains icons for resource types: | ---------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | | ![File System icon](/img/versioned_docs/threatprevention_7.4/threatprevention/admin/policies/eventtype/filesystem.webp) | File System | | ![Windows Server icon](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoredhosts/properties/windows.webp) | Windows Server | -| ![Server icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/server.webp) | Server | -| ![Policies icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policies.webp) | Policies | +| ![Server icon](/img/product_docs/accessanalyzer/11.6/admin/settings/server.webp) | Server | +| ![Policies icon](/img/product_docs/accessanalyzer/11.6/requirements/target/config/policies.webp) | Policies | | ![Shares icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/shares.webp) | Shares | | ![Share icon](/img/versioned_docs/activitymonitor_7.1/config/activedirectory/share.webp) | Share | | ![Folder icon](/img/versioned_docs/threatprevention_7.4/threatprevention/install/reportingmodule/folder.webp) | Folder | @@ -28,7 +28,7 @@ The following table contains icons for resource types: | ![Library icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/library.webp) | Library | | ![List icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/list.webp) | List | | ![Unknown custom node icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/unknowncustom.webp) | Unknown, custom node | -| ![Active Directory icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) | Active Directory | +| ![Active Directory icon](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/activedirectory.webp) | Active Directory | | ![Domain icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/domain.webp) | Domain | | ![Box icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/box.webp) | Box | | ![Google Drive icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/googledrive.webp) | Google Drive | @@ -41,10 +41,10 @@ The following table contains icons for resource types: | ![VMware icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/vmware.webp) | VMware | | ![Hyper-V icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/hyperv.webp) | Hyper-V | | ![Amazon icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/amazon.webp) | Amazon | -| ![Dropbox icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/dropbox.webp) | Dropbox | +| ![Dropbox icon](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/dropbox.webp) | Dropbox | | ![PostgreSQL icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/postgresql.webp) | PostgreSQL | | ![MySQL icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/mysql.webp) | MySQL | -| ![Oracle SQL icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/oracle.webp) | Oracle SQL | +| ![Oracle SQL icon](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/oracle.webp) | Oracle SQL | | ![GitHub icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/github.webp) | GitHub | | ![Snowflake icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/snowflake.webp) | Snowflake | | ![Administrative icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/administrative.webp) | Administrative | @@ -52,7 +52,7 @@ The following table contains icons for resource types: | ![Group icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/groupresource.webp) | Group | | ![Server/Virtual Machine icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/servervm.webp) | Server or Virtual Machine | | ![Instance/Database icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/instancedatabase.webp) | Instance or Database | -| ![Table icon](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/table.webp) | Table | +| ![Table icon](/img/product_docs/accessanalyzer/11.6/admin/report/wizard/table.webp) | Table | | ![Function/Procedure icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/functionprocedure.webp) | Function or Procedure | | ![View icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/view.webp) | View | | ![Index icon](/img/versioned_docs/accessinformationcenter_11.6/access/informationcenter/resourceaudit/navigate/index.webp) | Index | diff --git a/docs/accessinformationcenter/11.6/resource-audit/navigation/overview.md b/docs/accessinformationcenter/11.6/resource-audit/navigation/overview.md index 7c13df4564..0d55e5aa0f 100644 --- a/docs/accessinformationcenter/11.6/resource-audit/navigation/overview.md +++ b/docs/accessinformationcenter/11.6/resource-audit/navigation/overview.md @@ -38,7 +38,7 @@ The report for the selected resource displays in the Results pane. The Results pane displays report data based on the selections in both the Resources pane and the Reports pane. Reports may consist of multiple tables and graphs. -![Results pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/resultspane.webp) +![Results pane](/img/product_docs/accessanalyzer/11.6/admin/navigate/resultspane.webp) Tables and graphs that display at the bottom of the pane vary according to the selected report. See the [Data Grid Features](/docs/accessinformationcenter/11.6/reference/data-grid.md) @@ -92,7 +92,7 @@ For example, if the **Writes** operation is deselected, only the operations of * The Group Membership pane list members for an Active Directory or Entra ID group selected in the Results pane. Groups can also be searched for using the textbox at the top of the pane. -![Group Membership pane](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp) +![Group Membership pane](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupmembership.webp) All group members are listed, including any nested group membership. The **Change Group Membership** button displays any access changes being modeled. This is a primary component of change modeling. diff --git a/docs/accessinformationcenter/11.6/resource-audit/principals/computers.md b/docs/accessinformationcenter/11.6/resource-audit/principals/computers.md index 128b634632..3eb4c67f41 100644 --- a/docs/accessinformationcenter/11.6/resource-audit/principals/computers.md +++ b/docs/accessinformationcenter/11.6/resource-audit/principals/computers.md @@ -334,7 +334,7 @@ the Access Information Center user. See the [Results Pane](/docs/accessinformationcenter/11.6/resource-audit/navigation/overview.md#results-pane) topic for information on filter options. -![Permissions report](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp) +![Permissions report](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp) This report is comprised of the following columns: diff --git a/docs/accessinformationcenter/11.6/resource-audit/principals/groups.md b/docs/accessinformationcenter/11.6/resource-audit/principals/groups.md index 3fa62cfa18..8623fedaa7 100644 --- a/docs/accessinformationcenter/11.6/resource-audit/principals/groups.md +++ b/docs/accessinformationcenter/11.6/resource-audit/principals/groups.md @@ -389,7 +389,7 @@ Information Center user. See the [Results Pane](/docs/accessinformationcenter/11.6/resource-audit/navigation/overview.md#results-pane) topic for information on filter options. -![Permissions report](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp) +![Permissions report](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp) This report is comprised of the following columns: diff --git a/docs/accessinformationcenter/11.6/resource-audit/principals/users.md b/docs/accessinformationcenter/11.6/resource-audit/principals/users.md index bff1ea43ea..2b422d45ef 100644 --- a/docs/accessinformationcenter/11.6/resource-audit/principals/users.md +++ b/docs/accessinformationcenter/11.6/resource-audit/principals/users.md @@ -326,7 +326,7 @@ Information Center user. See the [Results Pane](/docs/accessinformationcenter/11.6/resource-audit/navigation/overview.md#results-pane) topic for information on filter options. -![Permissions report](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp) +![Permissions report](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp) This report is comprised of the following columns: diff --git a/docs/accessinformationcenter/12.0/access-management/access-requests/request-management.md b/docs/accessinformationcenter/12.0/access-management/access-requests/request-management.md index 14c92cd628..5fecd80700 100644 --- a/docs/accessinformationcenter/12.0/access-management/access-requests/request-management.md +++ b/docs/accessinformationcenter/12.0/access-management/access-requests/request-management.md @@ -27,7 +27,7 @@ Canceled, with you as the Reviewer. Select the desired request on the [Request History Tab](/docs/accessinformationcenter/12.0/access-management/access-requests/request-interface.md#request-history-tab) of the Access Requests interface and click **View Changes**. The Changes window opens. -![Changes window](/img/product_docs/accessanalyzer/install/application/upgrade/changes.webp) +![Changes window](/img/product_docs/accessanalyzer/12.0/install/application/upgrade/changes.webp) The table displays the following information for selected trustee: diff --git a/docs/accessinformationcenter/12.0/access-management/data-grid-operations/group-membership.md b/docs/accessinformationcenter/12.0/access-management/data-grid-operations/group-membership.md index 5e35071dfa..53017466d2 100644 --- a/docs/accessinformationcenter/12.0/access-management/data-grid-operations/group-membership.md +++ b/docs/accessinformationcenter/12.0/access-management/data-grid-operations/group-membership.md @@ -3,7 +3,7 @@ When a group trustee appears in the Trustee Name column of a review, it appears as a blue hyperlink in addition to the group icon displayed in front of the name. -![Resource Reviews page showing the Group Membership window](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp) +![Resource Reviews page showing the Group Membership window](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.webp) Click the hyperlink to open the Group Membership window. The group’s direct membership is listed for review. Click **Close** to return to the review. diff --git a/docs/accessinformationcenter/12.0/access-management/resource-owners/managing-owners.md b/docs/accessinformationcenter/12.0/access-management/resource-owners/managing-owners.md index 7aee9f51dd..e40fab17b5 100644 --- a/docs/accessinformationcenter/12.0/access-management/resource-owners/managing-owners.md +++ b/docs/accessinformationcenter/12.0/access-management/resource-owners/managing-owners.md @@ -146,7 +146,7 @@ the owners: Tool-tips display when hovering over the icons indicating whether the resource ownership has been confirmed, declined, pending response, or that a confirmation has not been requested. -![Add new resource wizard showing 3. Description page](/img/product_docs/accessanalyzer/admin/action/servicenow/description.webp) +![Add new resource wizard showing 3. Description page](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/description.webp) **Step 5 –** On the Description page, optionally add a description for the resource in the textbox. Then click **Next**. @@ -174,7 +174,7 @@ group appears in the table. Repeat this step for each access level desired. See **Step 8 –** Click **Next** to continue. -![Add new resource wizard showing 5. Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Add new resource wizard showing 5. Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.webp) **Step 9 –** On the Summary page, review the settings and click **Next**. The Access Information Center begins to process the ownership configuration. @@ -305,7 +305,7 @@ exclamation icon. You can not continue with the import if any row contains an in owner. To remove a resource from the table, select the row and click **Remove**. The row is removed from the table. -![Import Owners wizard 2. Options page](/img/product_docs/accessanalyzer/install/application/options.webp) +![Import Owners wizard 2. Options page](/img/product_docs/accessanalyzer/12.0/install/application/options.webp) **Step 4 –** On the Options page, configure the available options as required. @@ -386,7 +386,7 @@ information on the owners: Tool-tips display when hovering over the icons indicating whether the resource ownership has been confirmed, declined, pending response, or that a confirmation has not been requested. -![Update resource wizard showing 2. Description page](/img/product_docs/accessanalyzer/admin/action/servicenow/description.webp) +![Update resource wizard showing 2. Description page](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/description.webp) **Step 3 –** The Description page displays any description that has been provided by either the Ownership Administrator or the assigned owner(s) for the resource. Modify as desired by typing in @@ -409,7 +409,7 @@ is necessary to set a group for at least one access level. Select the desired ac Group window closes and the group appears in the table. Repeat this step for each access level desired. See the [Select Group Window](/docs/accessinformationcenter/12.0/access-management/resource-owners/managing-owners.md) topic for additional information. -![Update resource wizard showing 4. Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Update resource wizard showing 4. Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.webp) **Step 5 –** On the Summary page, review the settings and click **Next**. The Access Information Center begins to process the ownership configuration. diff --git a/docs/accessinformationcenter/12.0/access-management/resource-owners/owner-portal.md b/docs/accessinformationcenter/12.0/access-management/resource-owners/owner-portal.md index d8ddcf4941..d5bd8804aa 100644 --- a/docs/accessinformationcenter/12.0/access-management/resource-owners/owner-portal.md +++ b/docs/accessinformationcenter/12.0/access-management/resource-owners/owner-portal.md @@ -171,7 +171,7 @@ Resource Access wizard opens. selected, the **Notify users about their change in access** option will send an email to the users who have been granted access to the resource. Click **Next**. -![Change Resource Access wizard showing 2. Add Access page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/addaccess.webp) +![Change Resource Access wizard showing 2. Add Access page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/addaccess.webp) **Step 3 –** On the Add Access page, indicate the new users. Entering a name or email address in the search field to find and select users from Active Directory, which populate in a drop-down menu as diff --git a/docs/accessinformationcenter/12.0/access-management/resource-reviews/creating-reviews.md b/docs/accessinformationcenter/12.0/access-management/resource-reviews/creating-reviews.md index 72e51ba9a4..684bfb0ba4 100644 --- a/docs/accessinformationcenter/12.0/access-management/resource-reviews/creating-reviews.md +++ b/docs/accessinformationcenter/12.0/access-management/resource-reviews/creating-reviews.md @@ -77,7 +77,7 @@ Follow the steps to create a review. **NOTE:** If creating a Sensitive Data review, continue to Step 3. For all other review types, skip to Step 5. -![Create Review wizard Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) +![Create Review wizard Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.webp) **Step 3 –** On the Criteria page, select the types of sensitive criteria to include in the Sensitive Data review from the list on the left and click **Add**. Multiple items can be selected @@ -137,7 +137,7 @@ created. - Once the desired resources have been selected, click **Next**. -![Create Review wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Create Review wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.webp) **Step 6 –** On the Summary page, review the settings and click **Next**. The Access Information Center begins to create the review. @@ -192,7 +192,7 @@ edited. **NOTE:** If creating a Sensitive Data review, continue to Step 3. For all other review types, skip to Step 5. -![Edit Review wizard Criteria page](/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp) +![Edit Review wizard Criteria page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.webp) **Step 3 –** On the Criteria page, you can modify the selected types of sensitive criteria to include in the Sensitive Data review if no responses have been received. If responses for one or @@ -258,7 +258,7 @@ or removing parent resources from the review also adds or removes their children - Once the desired resources have been selected, click **Next**. -![Edit Review wizard Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Edit Review wizard Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.webp) **Step 6 –** On the Summary page, review the updated settings and click **Next**. The Access Information Center begins to update the review. diff --git a/docs/accessinformationcenter/12.0/administration/advanced-configuration/entra-id-sso.md b/docs/accessinformationcenter/12.0/administration/advanced-configuration/entra-id-sso.md index 890b67ae01..1610cecd49 100644 --- a/docs/accessinformationcenter/12.0/administration/advanced-configuration/entra-id-sso.md +++ b/docs/accessinformationcenter/12.0/administration/advanced-configuration/entra-id-sso.md @@ -62,7 +62,7 @@ table, and then click **Save**. Once configured they should show under Additional claims as below: -![Claims configured](/img/product_docs/accessanalyzer/install/application/reports/entraidssoclaims.webp) +![Claims configured](/img/product_docs/accessanalyzer/12.0/install/application/reports/entraidssoclaims.webp) **Step 7 –** In the **Manage** > **Users and groups** section for your application, add any required users or groups to give permission to access the application. diff --git a/docs/accessinformationcenter/12.0/administration/configuration/active-directory.md b/docs/accessinformationcenter/12.0/administration/configuration/active-directory.md index 9f0d45a4ee..f64f95f9e3 100644 --- a/docs/accessinformationcenter/12.0/administration/configuration/active-directory.md +++ b/docs/accessinformationcenter/12.0/administration/configuration/active-directory.md @@ -13,7 +13,7 @@ connecting to the database. If your Database service account uses: - Windows authentication credentials — The same domain credentials are also used for the Active Directory service account -![Configuration interface showing the Active Directory page](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) +![Configuration interface showing the Active Directory page](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/activedirectory.webp) There are two options for the type of Active Directory service account: diff --git a/docs/accessinformationcenter/12.0/administration/configuration/console-access.md b/docs/accessinformationcenter/12.0/administration/configuration/console-access.md index fdfbb83765..4ad5dfcb7f 100644 --- a/docs/accessinformationcenter/12.0/administration/configuration/console-access.md +++ b/docs/accessinformationcenter/12.0/administration/configuration/console-access.md @@ -4,7 +4,7 @@ Console access to the is configured through the **Configuration** > **Console Ac users to the Access Information Center requires data to be collected by the Access Analyzer .Active Directory Inventory Solution. -![Console Access Configuration page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Console Access Configuration page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccess.webp) There are five levels of access, or Roles, which can be granted to domain users or groups: @@ -47,7 +47,7 @@ of role. Follow the steps to grant domain users or groups console access. -![Console Access Configuration page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Console Access Configuration page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccess.webp) **Step 1 –** In the Configuration interface on the Console Access page, click Add. The Console Access wizard opens. diff --git a/docs/accessinformationcenter/12.0/administration/configuration/index.md b/docs/accessinformationcenter/12.0/administration/configuration/index.md index 6d07c887e4..eee5116814 100644 --- a/docs/accessinformationcenter/12.0/administration/configuration/index.md +++ b/docs/accessinformationcenter/12.0/administration/configuration/index.md @@ -3,7 +3,7 @@ The Configuration interface is available only to users with the Administrator role. It is opened by the **Configure Console** link on the Home page. -![Configuration interface showing the Console Access page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Configuration interface showing the Console Access page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccess.webp) It has the following pages: diff --git a/docs/accessinformationcenter/12.0/administration/index.md b/docs/accessinformationcenter/12.0/administration/index.md index 24536c237b..d5bee8db63 100644 --- a/docs/accessinformationcenter/12.0/administration/index.md +++ b/docs/accessinformationcenter/12.0/administration/index.md @@ -77,7 +77,7 @@ for information on where different types of users are directed after login. ## Web Console Login Page -![Web Console Login page](/img/product_docs/accessanalyzer/install/application/reports/webconsolelogin.webp) +![Web Console Login page](/img/product_docs/accessanalyzer/12.0/install/application/reports/webconsolelogin.webp) The Access Analyzer Web Console login page displays the Netwrix Access Analyzer (formerly Enterprise Auditor) logo at the top and the browser tab is named Netwrix Access Analyzer (formerly Enterprise diff --git a/docs/accessinformationcenter/12.0/installation/installation-guide.md b/docs/accessinformationcenter/12.0/installation/installation-guide.md index 78e1ced6ae..685a6e4149 100644 --- a/docs/accessinformationcenter/12.0/installation/installation-guide.md +++ b/docs/accessinformationcenter/12.0/installation/installation-guide.md @@ -27,7 +27,7 @@ set as desired, click **Next**. **NOTE:** The default location is `C:\Program Files\STEALTHbits\Access Information Center\`. There are no specific requirements for changing the path. -![AIC Setup Wizard SQL Server Connection page](/img/product_docs/accessanalyzer/install/application/sqlserver.webp) +![AIC Setup Wizard SQL Server Connection page](/img/product_docs/accessanalyzer/12.0/install/application/sqlserver.webp) **Step 5 –** On the SQL Server Connection page, provide the required database information. Click **Next** to test the connection to the SQL Server. If there are no errors, the next wizard page @@ -56,7 +56,7 @@ Center on the same server as Access Analyzer. The Database settings can be modif installation. See the [Database Page](/docs/accessinformationcenter/12.0/administration/configuration/database.md) topic for additional information. -![AIC Setup Wizard Configure Web Server page](/img/product_docs/accessanalyzer/admin/action/survey/webserver.webp) +![AIC Setup Wizard Configure Web Server page](/img/product_docs/accessanalyzer/12.0/admin/action/survey/webserver.webp) **Step 6 –** On the Configure Web Server page, select the URL protocol and port on which the application will be accessible. diff --git a/docs/accessinformationcenter/12.0/installation/security-hardening.md b/docs/accessinformationcenter/12.0/installation/security-hardening.md index a897831abf..3ffb341ac5 100644 --- a/docs/accessinformationcenter/12.0/installation/security-hardening.md +++ b/docs/accessinformationcenter/12.0/installation/security-hardening.md @@ -168,16 +168,16 @@ Follow the steps to configure local intranet settings. **Step 1 –** Open Windows Internet Properties (**Control Panel** > **Network and Internet** > **Internet Options**). -![ConfigureLocalIntranetSettingsforSSO - 1](/img/product_docs/accessanalyzer/install/application/reports/internetproperties.webp) +![ConfigureLocalIntranetSettingsforSSO - 1](/img/product_docs/accessanalyzer/12.0/install/application/reports/internetproperties.webp) **Step 2 –** Go to the Security tab, and select the **Local Intranet** option. Then, click the **Sites** button. -![localintranet](/img/product_docs/accessanalyzer/install/application/reports/localintranet.webp) +![localintranet](/img/product_docs/accessanalyzer/12.0/install/application/reports/localintranet.webp) **Step 3 –** Click the **Advanced** button. -![localintranetadvanced](/img/product_docs/accessanalyzer/install/application/reports/localintranetadvanced.webp) +![localintranetadvanced](/img/product_docs/accessanalyzer/12.0/install/application/reports/localintranetadvanced.webp) **Step 4 –** Enter a domain in the **Add this website in the zone** field. Ensure the fully qualified domain name is in the following format: `https://..com` diff --git a/docs/accessinformationcenter/12.0/resource-auditing/active-directory/domain-auditing.md b/docs/accessinformationcenter/12.0/resource-auditing/active-directory/domain-auditing.md index 22fdbd09c7..a641d18152 100644 --- a/docs/accessinformationcenter/12.0/resource-auditing/active-directory/domain-auditing.md +++ b/docs/accessinformationcenter/12.0/resource-auditing/active-directory/domain-auditing.md @@ -76,7 +76,7 @@ The following reports are displayed at the Domain Object level: The Access report at the domain object level provides information on the level of access trustees have at the domain object level. This report includes a Permission Source table. -![Access report at the domain object level](/img/product_docs/accessanalyzer/admin/settings/access/access.webp) +![Access report at the domain object level](/img/product_docs/accessanalyzer/12.0/admin/settings/access/access.webp) This report is comprised of the following columns: diff --git a/docs/accessinformationcenter/12.0/resource-auditing/icons-reference.md b/docs/accessinformationcenter/12.0/resource-auditing/icons-reference.md index 9e61aacc60..213bd06940 100644 --- a/docs/accessinformationcenter/12.0/resource-auditing/icons-reference.md +++ b/docs/accessinformationcenter/12.0/resource-auditing/icons-reference.md @@ -11,8 +11,8 @@ The following table contains icons for resource types: | --------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | | ![File System icon](/img/product_docs/threatprevention/threatprevention/admin/policies/eventtype/filesystem.webp) | File System | | ![Windows Server icon](/img/product_docs/activitymonitor/activitymonitor/admin/monitoredhosts/properties/windows.webp) | Windows Server | -| ![Server icon](/img/product_docs/accessanalyzer/admin/settings/server.webp) | Server | -| ![Policies icon](/img/product_docs/accessanalyzer/requirements/target/config/policies.webp) | Policies | +| ![Server icon](/img/product_docs/accessanalyzer/12.0/admin/settings/server.webp) | Server | +| ![Policies icon](/img/product_docs/accessanalyzer/12.0/requirements/target/config/policies.webp) | Policies | | ![Shares icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/shares.webp) | Shares | | ![Share icon](/img/product_docs/activitymonitor/config/activedirectory/share.webp) | Share | | ![Folder icon](/img/product_docs/threatprevention/threatprevention/install/reportingmodule/folder.webp) | Folder | @@ -28,11 +28,11 @@ The following table contains icons for resource types: | ![Library icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/library.webp) | Library | | ![List icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/list.webp) | List | | ![Unknown custom node icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/unknowncustom.webp) | Unknown, custom node | -| ![Active Directory icon](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) | Active Directory | +| ![Active Directory icon](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/activedirectory.webp) | Active Directory | | ![Domain icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/domain.webp) | Domain | | ![Box icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/box.webp) | Box | | ![Google Drive icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/googledrive.webp) | Google Drive | -| ![Exchange icon](/img/product_docs/accessanalyzer/admin/settings/exchange.webp) | Exchange | +| ![Exchange icon](/img/product_docs/accessanalyzer/12.0/admin/settings/exchange.webp) | Exchange | | ![SQL Server/Azure SQL icon](/img/product_docs/activitymonitor/activitymonitor/admin/outputs/sql.webp) | SQL Server or Azure SQL | | ![Microsoft Teams icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/teams.webp) | Microsoft Teams | | ![MongoDB icon](/img/product_docs/changetracker/changetracker/install/mongodb.webp) | MongoDB | @@ -41,10 +41,10 @@ The following table contains icons for resource types: | ![VMware icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/vmware.webp) | VMware | | ![Hyper-V icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/hyperv.webp) | Hyper-V | | ![Amazon icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/amazon.webp) | Amazon | -| ![Dropbox icon](/img/product_docs/accessanalyzer/admin/settings/connection/profile/dropbox.webp) | Dropbox | +| ![Dropbox icon](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/dropbox.webp) | Dropbox | | ![PostgreSQL icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/postgresql.webp) | PostgreSQL | | ![MySQL icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/mysql.webp) | MySQL | -| ![Oracle SQL icon](/img/product_docs/accessanalyzer/admin/settings/connection/profile/oracle.webp) | Oracle SQL | +| ![Oracle SQL icon](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/oracle.webp) | Oracle SQL | | ![GitHub icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/github.webp) | GitHub | | ![Snowflake icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/snowflake.webp) | Snowflake | | ![Administrative icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/administrative.webp) | Administrative | @@ -52,7 +52,7 @@ The following table contains icons for resource types: | ![Group icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/groupresource.webp) | Group | | ![Server/Virtual Machine icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/servervm.webp) | Server or Virtual Machine | | ![Instance/Database icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/instancedatabase.webp) | Instance or Database | -| ![Table icon](/img/product_docs/accessanalyzer/admin/report/wizard/table.webp) | Table | +| ![Table icon](/img/product_docs/accessanalyzer/12.0/admin/report/wizard/table.webp) | Table | | ![Function/Procedure icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/functionprocedure.webp) | Function or Procedure | | ![View icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/view.webp) | View | | ![Index icon](/img/product_docs/accessinformationcenter/access/informationcenter/resourceaudit/navigate/index.webp) | Index | diff --git a/docs/accessinformationcenter/12.0/resource-auditing/navigation-guide.md b/docs/accessinformationcenter/12.0/resource-auditing/navigation-guide.md index 301a8649fd..58f369a89e 100644 --- a/docs/accessinformationcenter/12.0/resource-auditing/navigation-guide.md +++ b/docs/accessinformationcenter/12.0/resource-auditing/navigation-guide.md @@ -37,7 +37,7 @@ The report for the selected resource displays in the Results pane. The Results pane displays report data based on the selections in both the Resources pane and the Reports pane. Reports may consist of multiple tables and graphs. -![Results pane](/img/product_docs/accessanalyzer/admin/navigate/resultspane.webp) +![Results pane](/img/product_docs/accessanalyzer/12.0/admin/navigate/resultspane.webp) Tables and graphs that display at the bottom of the pane vary according to the selected report. See the [Data Grid Features](/docs/accessinformationcenter/12.0/access-management/data-grid-operations/index.md) topic for additional information on table @@ -91,7 +91,7 @@ For example, if the **Writes** operation is deselected, only the operations of * The Group Membership pane list members for an Active Directory or Entra ID group selected in the Results pane. Groups can also be searched for using the textbox at the top of the pane. -![Group Membership pane](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp) +![Group Membership pane](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.webp) All group members are listed, including any nested group membership. The **Change Group Membership** button displays any access changes being modeled. This is a primary component of change modeling. diff --git a/docs/auditor/10.6/features/access-reviews/entitlement-reviews.md b/docs/auditor/10.6/features/access-reviews/entitlement-reviews.md index f341700a0b..427cce476d 100644 --- a/docs/auditor/10.6/features/access-reviews/entitlement-reviews.md +++ b/docs/auditor/10.6/features/access-reviews/entitlement-reviews.md @@ -90,7 +90,7 @@ The user name and a date timestamp will appear at the beginning of each note add When a group trustee appears in the Trustee Name column of a review, it appears as a blue hyperlink in addition to the group icon displayed in front of the name. -![Resource Reviews page showing the Group Membership window](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp) +![Resource Reviews page showing the Group Membership window](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupmembership.webp) Click the hyperlink to open the Group Membership window. The group’s direct membership is listed for review. Click **Close** to return to the review. diff --git a/docs/auditor/10.6/features/access-reviews/resource-owners.md b/docs/auditor/10.6/features/access-reviews/resource-owners.md index f5c160b588..0e72b29ac7 100644 --- a/docs/auditor/10.6/features/access-reviews/resource-owners.md +++ b/docs/auditor/10.6/features/access-reviews/resource-owners.md @@ -338,12 +338,12 @@ the owners: Tool-tips display when hovering over the icons indicating whether the resource ownership has been confirmed, declined, pending response, or that a confirmation has not been requested. -![Add new resource wizard showing 3. Description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/description.webp) +![Add new resource wizard showing 3. Description page](/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/description.webp) **Step 5 –** On the Description page, optionally add a description for the resource in the textbox. Then click **Next**. -![Add new resource wizard showing 4. Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Add new resource wizard showing 4. Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) **Step 6 –** On the Summary page, review the settings and click Finish. The Access Reviews application begins to process the ownership configuration. @@ -443,13 +443,13 @@ information on the owners: Tool-tips display when hovering over the icons indicating whether the resource ownership has been confirmed, declined, pending response, or that a confirmation has not been requested. -![Update resource wizard showing 2. Description page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/description.webp) +![Update resource wizard showing 2. Description page](/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/description.webp) **Step 3 –** The Description page displays any description that has been provided by either the Ownership Administrator or the assigned owner(s) for the resource. Modify as desired by typing in the textbox. Then click **Next** to continue. -![Update resource wizard showing 3. Summary page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Update resource wizard showing 3. Summary page](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) **Step 4 –** On the Summary page, review the settings and click Finish. The Access Reviews application begins to process the ownership changes. diff --git a/docs/auditor/10.6/features/access-reviews/review-administration.md b/docs/auditor/10.6/features/access-reviews/review-administration.md index 6c991563ff..03ff3e9669 100644 --- a/docs/auditor/10.6/features/access-reviews/review-administration.md +++ b/docs/auditor/10.6/features/access-reviews/review-administration.md @@ -122,7 +122,7 @@ connecting to the database. If your Database service account uses: - Windows authentication credentials — The same domain credentials are also used for the Active Directory service account -![Configuration interface showing the Active Directory page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) +![Configuration interface showing the Active Directory page](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/activedirectory.webp) There are two options for the type of Active Directory service account: @@ -158,7 +158,7 @@ The Active Directory service account password has been updated. Console access is configured through the Configuration > Console Access page. Adding users to the Access Reviews Console requires the Active Directory service account to be configured. -![Configuration interface showing the Console Access page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Configuration interface showing the Console Access page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccess.webp) There are two levels of access, or roles, which can be granted to domain users or groups: @@ -186,7 +186,7 @@ of role. Follow the steps to grant domain users or groups console access. -![Console Access Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Console Access Page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccess.webp) **Step 1 –** In the Configuration interface on the Console Access page, click Add. The Console Access wizard opens. @@ -497,7 +497,7 @@ sent. The Configuration interface is available only to users with the Administrator role. It is opened by the **Configuration** tab. -![Configuration interface showing the Console Access page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Configuration interface showing the Console Access page](/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccess.webp) It has the following pages: diff --git a/docs/auditor/10.6/features/health-monitoring/health-dashboard.md b/docs/auditor/10.6/features/health-monitoring/health-dashboard.md index c7c0d2c45a..1fc34cfd53 100644 --- a/docs/auditor/10.6/features/health-monitoring/health-dashboard.md +++ b/docs/auditor/10.6/features/health-monitoring/health-dashboard.md @@ -266,7 +266,7 @@ red means there were some problems that require your attention. The email looks like shown below: -![email](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/email.webp) +![email](/img/product_docs/accessanalyzer/11.6/admin/settings/email.webp) The Monitoring Overview section of the email provides detail information only for the monitoring plans with issues. Successfully completed monitoring plans are not included. diff --git a/docs/auditor/10.6/integrations/ticketing/connectwise.md b/docs/auditor/10.6/integrations/ticketing/connectwise.md index 77313d3e47..d506c6e1fb 100644 --- a/docs/auditor/10.6/integrations/ticketing/connectwise.md +++ b/docs/auditor/10.6/integrations/ticketing/connectwise.md @@ -56,7 +56,7 @@ Manage_. Also, the test ticket will have a sample attachment (_TestAttachment.tx **Step 5 –** Finally, at the **Summary** step, review the location of configuration file with the settings you specified: _C:\Addon\ITSM_CW\ConnectWiseSettings.xml_. -![summary](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![summary](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) If needed, you can edit the configuration file manually. See the [Connection and Ticketing Settings](/docs/auditor/10.6/integrations/ticketing/connectwise.md) diff --git a/docs/auditor/10.7/access-governance/access-reviews/configuration.md b/docs/auditor/10.7/access-governance/access-reviews/configuration.md index 2e79be5d22..912d87284f 100644 --- a/docs/auditor/10.7/access-governance/access-reviews/configuration.md +++ b/docs/auditor/10.7/access-governance/access-reviews/configuration.md @@ -122,7 +122,7 @@ connecting to the database. If your Database service account uses: - Windows authentication credentials — The same domain credentials are also used for the Active Directory service account -![Configuration interface showing the Active Directory page](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) +![Configuration interface showing the Active Directory page](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/activedirectory.webp) There are two options for the type of Active Directory service account: @@ -158,7 +158,7 @@ The Active Directory service account password has been updated. Console access is configured through the Configuration > Console Access page. Adding users to the Access Reviews Console requires the Active Directory service account to be configured. -![Configuration interface showing the Console Access page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Configuration interface showing the Console Access page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccess.webp) There are two levels of access, or roles, which can be granted to domain users or groups: @@ -184,7 +184,7 @@ directed after login based on their assigned role or lack of role. Follow the steps to grant domain users or groups console access. -![Console Access Page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Console Access Page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccess.webp) **Step 1 –** In the Configuration interface on the Console Access page, click Add. The Console Access wizard opens. @@ -492,7 +492,7 @@ sent. The Configuration interface is available only to users with the Administrator role. It is opened by the **Configuration** tab. -![Configuration interface showing the Console Access page](/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp) +![Configuration interface showing the Console Access page](/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccess.webp) It has the following pages: diff --git a/docs/auditor/10.7/access-governance/entitlement-management/group-membership.md b/docs/auditor/10.7/access-governance/entitlement-management/group-membership.md index 5e35071dfa..53017466d2 100644 --- a/docs/auditor/10.7/access-governance/entitlement-management/group-membership.md +++ b/docs/auditor/10.7/access-governance/entitlement-management/group-membership.md @@ -3,7 +3,7 @@ When a group trustee appears in the Trustee Name column of a review, it appears as a blue hyperlink in addition to the group icon displayed in front of the name. -![Resource Reviews page showing the Group Membership window](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp) +![Resource Reviews page showing the Group Membership window](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.webp) Click the hyperlink to open the Group Membership window. The group’s direct membership is listed for review. Click **Close** to return to the review. diff --git a/docs/auditor/10.7/access-governance/resource-owners/owner-management.md b/docs/auditor/10.7/access-governance/resource-owners/owner-management.md index 75df15b9cc..94ddbd3c60 100644 --- a/docs/auditor/10.7/access-governance/resource-owners/owner-management.md +++ b/docs/auditor/10.7/access-governance/resource-owners/owner-management.md @@ -146,12 +146,12 @@ the owners: Tool-tips display when hovering over the icons indicating whether the resource ownership has been confirmed, declined, pending response, or that a confirmation has not been requested. -![Add new resource wizard showing 3. Description page](/img/product_docs/accessanalyzer/admin/action/servicenow/description.webp) +![Add new resource wizard showing 3. Description page](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/description.webp) **Step 5 –** On the Description page, optionally add a description for the resource in the textbox. Then click **Next**. -![Add new resource wizard showing 4. Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Add new resource wizard showing 4. Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.webp) **Step 6 –** On the Summary page, review the settings and click Finish. The Access Reviews application begins to process the ownership configuration. @@ -207,13 +207,13 @@ information on the owners: Tool-tips display when hovering over the icons indicating whether the resource ownership has been confirmed, declined, pending response, or that a confirmation has not been requested. -![Update resource wizard showing 2. Description page](/img/product_docs/accessanalyzer/admin/action/servicenow/description.webp) +![Update resource wizard showing 2. Description page](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/description.webp) **Step 3 –** The Description page displays any description that has been provided by either the Ownership Administrator or the assigned owner(s) for the resource. Modify as desired by typing in the textbox. Then click **Next** to continue. -![Update resource wizard showing 3. Summary page](/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Update resource wizard showing 3. Summary page](/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.webp) **Step 4 –** On the Summary page, review the settings and click Finish. The Access Reviews application begins to process the ownership changes. diff --git a/docs/dataclassification/5.6.2/data-sources/managing-sources.md b/docs/dataclassification/5.6.2/data-sources/managing-sources.md index d778b2069c..f066ab1e50 100644 --- a/docs/dataclassification/5.6.2/data-sources/managing-sources.md +++ b/docs/dataclassification/5.6.2/data-sources/managing-sources.md @@ -314,7 +314,7 @@ possible to filter the list by any field. - Each document has an associated status (shown as the ID). Click the numeric ID to read the status description: -![status](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/status.webp) +![status](/img/product_docs/accessanalyzer/11.6/admin/jobs/status.webp) - Click the "Info" icon for the document/item to view its **Properties**, including summary, classifications (if any), etc.: diff --git a/docs/dataclassification/5.6.2/data-sources/source-groups.md b/docs/dataclassification/5.6.2/data-sources/source-groups.md index 3eb20e56c6..682a85fa56 100644 --- a/docs/dataclassification/5.6.2/data-sources/source-groups.md +++ b/docs/dataclassification/5.6.2/data-sources/source-groups.md @@ -110,7 +110,7 @@ drop-down list provided. [See Dynamic Source Groups for more information.](#dyna Selecting the cog icon on the main sources grid screen for a source group allows you to amend the group settings: -![editgroup](/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/editgroup.webp) +![editgroup](/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/editgroup.webp) Here you can: diff --git a/docs/directorymanager/11.1/configuration/portal-customization.md b/docs/directorymanager/11.1/configuration/portal-customization.md index 7b08f7a1c9..7f91229e3c 100644 --- a/docs/directorymanager/11.1/configuration/portal-customization.md +++ b/docs/directorymanager/11.1/configuration/portal-customization.md @@ -1868,7 +1868,7 @@ on the following pages in the portal: Directory Manager creates a new child group for each unique value of the attribute that users select in the _Group Items By_ field. - ![addattributes](/img/product_docs/accessanalyzer/admin/datacollector/addattributes.webp) + ![addattributes](/img/product_docs/accessanalyzer/12.0/admin/datacollector/addattributes.webp) - The Query Designer for importing members to a group using an external data source. The specified schema attributes would be available on the Filter Criteria tab of the Query Designer for building diff --git a/docs/directorymanager/11.1/installation/requirements.md b/docs/directorymanager/11.1/installation/requirements.md index f36c901981..87d4f8f08d 100644 --- a/docs/directorymanager/11.1/installation/requirements.md +++ b/docs/directorymanager/11.1/installation/requirements.md @@ -229,7 +229,7 @@ To connect to the API, an access key is required. Follow the steps below to gene used. 2. Click **ACCESS KEYS**. - ![Access Keys](/img/product_docs/accessanalyzer/requirements/target/config/accesskeys.webp) + ![Access Keys](/img/product_docs/accessanalyzer/12.0/requirements/target/config/accesskeys.webp) 3. Click **Create Access Key** to generate an access key and provide the following information: diff --git a/docs/directorymanager/11.1/misc/directorymanager/configureentraid/register/apppermissions.md b/docs/directorymanager/11.1/misc/directorymanager/configureentraid/register/apppermissions.md index f1a93e5963..5284e776aa 100644 --- a/docs/directorymanager/11.1/misc/directorymanager/configureentraid/register/apppermissions.md +++ b/docs/directorymanager/11.1/misc/directorymanager/configureentraid/register/apppermissions.md @@ -29,7 +29,7 @@ The following application permissions are required. ## Office 365 Exchange Online Permissions -![Microsoft Entra ID Office 365 Exchange Online Permissions - ExchangeManageAsApp](/img/product_docs/accessanalyzer/admin/settings/exchange.webp) +![Microsoft Entra ID Office 365 Exchange Online Permissions - ExchangeManageAsApp](/img/product_docs/accessanalyzer/12.0/admin/settings/exchange.webp) ## SharePoint Delegated Permissions diff --git a/docs/endpointprotector/5.9.4.2/core-features/content-aware-protection/policies.md b/docs/endpointprotector/5.9.4.2/core-features/content-aware-protection/policies.md index 8e7522fbcf..e3000bd34d 100644 --- a/docs/endpointprotector/5.9.4.2/core-features/content-aware-protection/policies.md +++ b/docs/endpointprotector/5.9.4.2/core-features/content-aware-protection/policies.md @@ -40,7 +40,7 @@ To manage Content Aware Protection policies, you can: - Switch views between Grid or Widget mode using the controls in the top-right corner - Edit policy priority by double-clicking on a policy listed in the Priority column -![Manage the Content Aware Protection policies](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policies.webp) +![Manage the Content Aware Protection policies](/img/product_docs/accessanalyzer/11.6/requirements/target/config/policies.webp) ## Policy Information diff --git a/docs/endpointprotector/5.9.4.2/core-features/device-control/global-settings.md b/docs/endpointprotector/5.9.4.2/core-features/device-control/global-settings.md index bc54f0bf8b..f06437a58b 100644 --- a/docs/endpointprotector/5.9.4.2/core-features/device-control/global-settings.md +++ b/docs/endpointprotector/5.9.4.2/core-features/device-control/global-settings.md @@ -9,7 +9,7 @@ From this section, you can apply settings globally to all Endpoint Protector ent **NOTE:** Several settings from this section also relate to other modules apart from the Device Control module (Content Aware Protection, eDiscovery, etc.). -![Apply settings globally to all Netwrix Endpoint Protector entities](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/globalsettings.webp) +![Apply settings globally to all Netwrix Endpoint Protector entities](/img/product_docs/accessanalyzer/11.6/admin/settings/globalsettings.webp) ## Client Settings diff --git a/docs/endpointprotector/5.9.4.2/deployment-scenarios/cloud-platforms/aws/deployment.md b/docs/endpointprotector/5.9.4.2/deployment-scenarios/cloud-platforms/aws/deployment.md index 6d7c32d816..1b7f02468c 100644 --- a/docs/endpointprotector/5.9.4.2/deployment-scenarios/cloud-platforms/aws/deployment.md +++ b/docs/endpointprotector/5.9.4.2/deployment-scenarios/cloud-platforms/aws/deployment.md @@ -55,7 +55,7 @@ recommend selecting **Proceed without a Key Pair** and then clicking **Launch In **Step 10 –** On the Summary section click **Launch Instance**. -![Summary section ](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Summary section ](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) **Step 11 –** Wait for the instance to start; this might take a few minutes while the Status Checks appear as Initializing. diff --git a/docs/endpointprotector/5.9.4.2/installation/agent-deployment/jamf.md b/docs/endpointprotector/5.9.4.2/installation/agent-deployment/jamf.md index c5ca533f06..bd3cd3e247 100644 --- a/docs/endpointprotector/5.9.4.2/installation/agent-deployment/jamf.md +++ b/docs/endpointprotector/5.9.4.2/installation/agent-deployment/jamf.md @@ -247,7 +247,7 @@ create the new policy, follow these steps: **Step 1 –** In your Jamf account, from the main navigation bar, click **Computer**, from the left sidebar menu, select **Policies**, and then click **+ New**. -![Creating a New Policy](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policies.webp) +![Creating a New Policy](/img/product_docs/accessanalyzer/11.6/requirements/target/config/policies.webp) **Step 2 –** On the default General section, enter the following information: diff --git a/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/hyper-v.md b/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/hyper-v.md index f740e8510d..6b02409678 100644 --- a/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/hyper-v.md +++ b/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/hyper-v.md @@ -43,7 +43,7 @@ unique ID) option**. Click **Next**. machine in a different location**, then specify the desired paths in the three input fields. Click **Next** to proceed. -![ Choosing Folders for Virtual Machine Files ](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/destination.webp) +![ Choosing Folders for Virtual Machine Files ](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/destination.webp) **Step 10 –** On the Choose Folders to Store Virtual Hard Disks section, set the desired path for storing imported virtual hard disk. Click **Next**. diff --git a/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/oracle-vm.md b/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/oracle-vm.md index 0b04b13904..3e9e963903 100644 --- a/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/oracle-vm.md +++ b/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/oracle-vm.md @@ -26,7 +26,7 @@ from the extracted zip. **Step 5 –** Click **Open**. -![Selecting the Virtual Appliance to Import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/fileimport.webp) +![Selecting the Virtual Appliance to Import](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/fileimport.webp) **Step 6 –** Click **Import**. diff --git a/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/vmware.md b/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/vmware.md index 9647c01ebd..c9969c54cf 100644 --- a/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/vmware.md +++ b/docs/endpointprotector/5.9.4.2/installation/virtualization-platforms/vmware.md @@ -51,7 +51,7 @@ Follow the steps to set up your virtual machine. **Step 10 –** Click **Finish** to complete the installation. -![Completing the installation](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/installationcomplete.webp) +![Completing the installation](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/installationcomplete.webp) ### VMware Workstation diff --git a/docs/endpointprotector/5.9.4/agent-deployment/jamf/policy-creation.md b/docs/endpointprotector/5.9.4/agent-deployment/jamf/policy-creation.md index 54b7212759..cc5bd3c099 100644 --- a/docs/endpointprotector/5.9.4/agent-deployment/jamf/policy-creation.md +++ b/docs/endpointprotector/5.9.4/agent-deployment/jamf/policy-creation.md @@ -6,7 +6,7 @@ create the new policy, follow these steps: **Step 1 –** In your Jamf account, from the main navigation bar, click **Computer**, from the left sidebar menu, select **Policies**, and then click **+ New**. -![Creating a New Policy](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policies.webp) +![Creating a New Policy](/img/product_docs/accessanalyzer/11.6/requirements/target/config/policies.webp) **Step 2 –** On the default General section, enter the following information: diff --git a/docs/endpointprotector/5.9.4/features/content-aware-protection/policies.md b/docs/endpointprotector/5.9.4/features/content-aware-protection/policies.md index d85858d68e..db9843b5fe 100644 --- a/docs/endpointprotector/5.9.4/features/content-aware-protection/policies.md +++ b/docs/endpointprotector/5.9.4/features/content-aware-protection/policies.md @@ -40,7 +40,7 @@ To manage Content Aware Protection policies, you can: - Switch views between Grid or Widget mode using the controls in the top-right corner - Edit policy priority by double-clicking on a policy listed in the Priority column -![Manage the Content Aware Protection policies](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policies.webp) +![Manage the Content Aware Protection policies](/img/product_docs/accessanalyzer/11.6/requirements/target/config/policies.webp) ## Policy Information diff --git a/docs/endpointprotector/5.9.4/features/device-control/global-settings.md b/docs/endpointprotector/5.9.4/features/device-control/global-settings.md index 2e9399c422..604ae621af 100644 --- a/docs/endpointprotector/5.9.4/features/device-control/global-settings.md +++ b/docs/endpointprotector/5.9.4/features/device-control/global-settings.md @@ -9,7 +9,7 @@ From this section, you can apply settings globally to all Endpoint Protector ent **NOTE:** Several settings from this section also relate to other modules apart from the Device Control module (Content Aware Protection, eDiscovery, etc.). -![Apply settings globally to all Netwrix Endpoint Protector entities](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/globalsettings.webp) +![Apply settings globally to all Netwrix Endpoint Protector entities](/img/product_docs/accessanalyzer/11.6/admin/settings/globalsettings.webp) ## Client Settings diff --git a/docs/endpointprotector/5.9.4/installation/cloud-deployment/amazon-web-services.md b/docs/endpointprotector/5.9.4/installation/cloud-deployment/amazon-web-services.md index bf117ce19b..46144f4711 100644 --- a/docs/endpointprotector/5.9.4/installation/cloud-deployment/amazon-web-services.md +++ b/docs/endpointprotector/5.9.4/installation/cloud-deployment/amazon-web-services.md @@ -75,7 +75,7 @@ recommend selecting **Proceed without a Key Pair** and then clicking **Launch In **Step 10 –** On the Summary section click **Launch Instance**. -![Summary section ](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp) +![Summary section ](/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp) **Step 11 –** Wait for the instance to start; this might take a few minutes while the Status Checks appear as Initializing. diff --git a/docs/endpointprotector/5.9.4/installation/virtualization-platforms/hyper-v.md b/docs/endpointprotector/5.9.4/installation/virtualization-platforms/hyper-v.md index b6a538c793..f1ca129222 100644 --- a/docs/endpointprotector/5.9.4/installation/virtualization-platforms/hyper-v.md +++ b/docs/endpointprotector/5.9.4/installation/virtualization-platforms/hyper-v.md @@ -43,7 +43,7 @@ unique ID) option**. Click **Next**. machine in a different location**, then specify the desired paths in the three input fields. Click **Next** to proceed. -![ Choosing Folders for Virtual Machine Files ](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/destination.webp) +![ Choosing Folders for Virtual Machine Files ](/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/destination.webp) **Step 10 –** On the Choose Folders to Store Virtual Hard Disks section, set the desired path for storing imported virtual hard disk. Click **Next**. diff --git a/docs/endpointprotector/5.9.4/installation/virtualization-platforms/oracle-vm.md b/docs/endpointprotector/5.9.4/installation/virtualization-platforms/oracle-vm.md index 59084545ac..849c1032b8 100644 --- a/docs/endpointprotector/5.9.4/installation/virtualization-platforms/oracle-vm.md +++ b/docs/endpointprotector/5.9.4/installation/virtualization-platforms/oracle-vm.md @@ -26,7 +26,7 @@ from the extracted zip. **Step 5 –** Click **Open**. -![Selecting the Virtual Appliance to Import](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/fileimport.webp) +![Selecting the Virtual Appliance to Import](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/fileimport.webp) **Step 6 –** Click **Import**. diff --git a/docs/endpointprotector/5.9.4/installation/virtualization-platforms/vmware.md b/docs/endpointprotector/5.9.4/installation/virtualization-platforms/vmware.md index 4fb53e8cf1..b3867a2334 100644 --- a/docs/endpointprotector/5.9.4/installation/virtualization-platforms/vmware.md +++ b/docs/endpointprotector/5.9.4/installation/virtualization-platforms/vmware.md @@ -51,7 +51,7 @@ Follow the steps to set up your virtual machine. **Step 10 –** Click **Finish** to complete the installation. -![Completing the installation](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/installationcomplete.webp) +![Completing the installation](/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/installationcomplete.webp) ### VMware Workstation diff --git a/docs/identitymanager/6.1/installation-setup/server-configuration.md b/docs/identitymanager/6.1/installation-setup/server-configuration.md index a36cf4cb9e..df107a6a4f 100644 --- a/docs/identitymanager/6.1/installation-setup/server-configuration.md +++ b/docs/identitymanager/6.1/installation-setup/server-configuration.md @@ -171,7 +171,7 @@ This guide will show you how to perform these operations using SQL Server Manage - From the **Login** node, right-click and select **New** > **Login**. - ![New Login](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/newlogin.webp) + ![New Login](/img/product_docs/accessanalyzer/11.6/install/application/newlogin.webp) - On the **General** page, enter the service account login name in the down-level logon format, such as `CONTOSO/identitymanagerContosoServer`. If you're not sure about the correct spelling of your diff --git a/docs/identitymanager/6.2/installation/server-installation.md b/docs/identitymanager/6.2/installation/server-installation.md index df23b1a102..e49bf51913 100644 --- a/docs/identitymanager/6.2/installation/server-installation.md +++ b/docs/identitymanager/6.2/installation/server-installation.md @@ -166,7 +166,7 @@ This guide will show you how to perform these operations using SQL Server Manage the Identity Manager Database with an account member of the **sysadmin** or **securityadmin** server-level role. -![New Login](/img/product_docs/accessanalyzer/install/application/newlogin.webp) +![New Login](/img/product_docs/accessanalyzer/12.0/install/application/newlogin.webp) **Step 2 –** Expand the **Security** and **Login** nodes, and look for the Identity Manager service account in the list. diff --git a/docs/identitymanager/saas/installation/production-setup/server.md b/docs/identitymanager/saas/installation/production-setup/server.md index 04373bc73c..8d3015aa8a 100644 --- a/docs/identitymanager/saas/installation/production-setup/server.md +++ b/docs/identitymanager/saas/installation/production-setup/server.md @@ -165,7 +165,7 @@ This guide will show you how to perform these operations using SQL Server Manage the Identity Manager Database with an account member of the **sysadmin** or **securityadmin** server-level role. -![New Login](/img/product_docs/accessanalyzer/install/application/newlogin.webp) +![New Login](/img/product_docs/accessanalyzer/12.0/install/application/newlogin.webp) **Step 2 –** Expand the **Security** and **Login** nodes, and look for the Identity Manager service account in the list. diff --git a/docs/passwordpolicyenforcer/11.0/configuration/messages-and-notifications.md b/docs/passwordpolicyenforcer/11.0/configuration/messages-and-notifications.md index cd22c510e5..aa9f819f2c 100644 --- a/docs/passwordpolicyenforcer/11.0/configuration/messages-and-notifications.md +++ b/docs/passwordpolicyenforcer/11.0/configuration/messages-and-notifications.md @@ -32,7 +32,7 @@ Double click the **PPE Configuration** desktop shortcut. **Step 3 –** Open the **Messages** tab. -![Set up messages](/img/product_docs/accessanalyzer/admin/jobs/messages.webp) +![Set up messages](/img/product_docs/accessanalyzer/12.0/admin/jobs/messages.webp) **Step 4 –** Select the message language from the drop-down list. You can set messages for multiple languages. You do not have to create a Password Policy Enforcer policy for each language. To set diff --git a/docs/passwordsecure/9.1/user-guides/password-management/creating-passwords.md b/docs/passwordsecure/9.1/user-guides/password-management/creating-passwords.md index 78bb295c09..0913a2c3c6 100644 --- a/docs/passwordsecure/9.1/user-guides/password-management/creating-passwords.md +++ b/docs/passwordsecure/9.1/user-guides/password-management/creating-passwords.md @@ -215,7 +215,7 @@ Step 3 – Let`s fill out the website form in this example. - Set a description for your stored password. -![description](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/description.webp) +![description](/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/description.webp) - Enter the username or email address needed for login. @@ -235,7 +235,7 @@ password. - Enter the website URL that leads to the login. -![websiteurl](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/websiteurl.webp) +![websiteurl](/img/product_docs/accessanalyzer/11.6/admin/settings/websiteurl.webp) - Add one or more tags to categorize your password and find it easier (i.e., "HR" or "Internet"). diff --git a/docs/passwordsecure/9.1/user-guides/password-management/organizing-passwords.md b/docs/passwordsecure/9.1/user-guides/password-management/organizing-passwords.md index a1e0215a0f..1682caae7e 100644 --- a/docs/passwordsecure/9.1/user-guides/password-management/organizing-passwords.md +++ b/docs/passwordsecure/9.1/user-guides/password-management/organizing-passwords.md @@ -93,7 +93,7 @@ Step 1 – Click on the **Plus** sign and a form will open. Step 2 – You can now search for a specific organizational unit by clicking on the tree on the left or use the search field to find the unit you need. -![search](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/search.webp) +![search](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/search.webp) Step 3 – Click **OK** to close the form and your new team tab will open automatically. diff --git a/docs/passwordsecure/9.2/end-user-guide/managing-passwords.md b/docs/passwordsecure/9.2/end-user-guide/managing-passwords.md index fe1e0ed152..caf405837f 100644 --- a/docs/passwordsecure/9.2/end-user-guide/managing-passwords.md +++ b/docs/passwordsecure/9.2/end-user-guide/managing-passwords.md @@ -23,7 +23,7 @@ Step 3 – Let`s fill out the website form in this example. - Set a description for your stored password. -![description](/img/product_docs/accessanalyzer/admin/action/servicenow/description.webp) +![description](/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/description.webp) - Enter the username or email address needed for login. @@ -42,7 +42,7 @@ password. - Enter the website URL that leads to the login. -![websiteurl](/img/product_docs/accessanalyzer/admin/settings/websiteurl.webp) +![websiteurl](/img/product_docs/accessanalyzer/12.0/admin/settings/websiteurl.webp) - Add one or more tags to categorize your password and find it easier (i.e., "HR" or "Internet"). diff --git a/docs/privilegesecure/4.1/administration/access-policies/schedule-policies.md b/docs/privilegesecure/4.1/administration/access-policies/schedule-policies.md index d45b3014da..7960d83e12 100644 --- a/docs/privilegesecure/4.1/administration/access-policies/schedule-policies.md +++ b/docs/privilegesecure/4.1/administration/access-policies/schedule-policies.md @@ -96,7 +96,7 @@ The Schedule tab shows the schedule tasks for the resources in the selected prot protection policy schedule is run based on the platform type configuration on the [Platforms Page](/docs/privilegesecure/4.1/administration/resources/platforms/index.md). -![schedule](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/schedule.webp) +![schedule](/img/product_docs/accessanalyzer/11.6/admin/settings/schedule.webp) The Schedule tab has the following features: diff --git a/docs/privilegesecure/4.1/administration/connection-profiles/profile-management.md b/docs/privilegesecure/4.1/administration/connection-profiles/profile-management.md index db39c8f273..13319d451a 100644 --- a/docs/privilegesecure/4.1/administration/connection-profiles/profile-management.md +++ b/docs/privilegesecure/4.1/administration/connection-profiles/profile-management.md @@ -8,7 +8,7 @@ topic for detailed descriptions of the fields. **Step 2 –** In the Connection Profiles list, click the **Plus** icon. -![Add Connection Profile](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/addconnectionprofile.webp) +![Add Connection Profile](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/addconnectionprofile.webp) **Step 3 –** Enter the desired information to configure a new connection profile. diff --git a/docs/privilegesecure/4.1/administration/navigation.md b/docs/privilegesecure/4.1/administration/navigation.md index 0c17a48140..f35c923236 100644 --- a/docs/privilegesecure/4.1/administration/navigation.md +++ b/docs/privilegesecure/4.1/administration/navigation.md @@ -60,7 +60,7 @@ Interface Icons | ![users](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/users.webp) | Users & Groups | | ![resources](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/resources.webp) | Resources | | ![credentials](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/credentials.webp) | Credentials | -| ![activities](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/activities.webp) | Activities | +| ![activities](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/activities.webp) | Activities | | ![configuration](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/configuration.webp) | Configuration | | ![servicenodes](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/servicenodes.webp) | Service Nodes | | ![auditreporting](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/auditreporting.webp) | Audit and Reporting | diff --git a/docs/privilegesecure/4.1/administration/resources/platforms/active-directory.md b/docs/privilegesecure/4.1/administration/resources/platforms/active-directory.md index 5ae34773f1..5a03f77b6c 100644 --- a/docs/privilegesecure/4.1/administration/resources/platforms/active-directory.md +++ b/docs/privilegesecure/4.1/administration/resources/platforms/active-directory.md @@ -2,7 +2,7 @@ The Active Directory menu displays the configuration options for Active Directory platforms. -![Active Directory Platform Configuration](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) +![Active Directory Platform Configuration](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/activedirectory.webp) Details for the selected platform are displayed on the right side of the page. Below are the configuration options for an Active Directory Platform. diff --git a/docs/privilegesecure/4.1/administration/resources/platforms/index.md b/docs/privilegesecure/4.1/administration/resources/platforms/index.md index a1d299efdb..73d4505781 100644 --- a/docs/privilegesecure/4.1/administration/resources/platforms/index.md +++ b/docs/privilegesecure/4.1/administration/resources/platforms/index.md @@ -4,7 +4,7 @@ The Platforms page is accessible from the Navigation pane under Policies. The me displays all the supported platform types and previously configured platforms. This allows administrators to apply default configurations across all resources defined by that platform type. -![Platforms Page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) +![Platforms Page](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/activedirectory.webp) The pane on the left side of the page displays a list of the configured platforms. The pane has the following features: diff --git a/docs/privilegesecure/4.1/administration/resources/platforms/oracle.md b/docs/privilegesecure/4.1/administration/resources/platforms/oracle.md index 0bc54d659f..08e79203cf 100644 --- a/docs/privilegesecure/4.1/administration/resources/platforms/oracle.md +++ b/docs/privilegesecure/4.1/administration/resources/platforms/oracle.md @@ -2,7 +2,7 @@ The Oracle menu displays the configuration options for Oracle platforms. -![Oracle Platform Configuration](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/oracle.webp) +![Oracle Platform Configuration](/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/oracle.webp) Details for the selected platform are displayed on the right side of the page. Below are the configuration options for an Oracle Platform. diff --git a/docs/privilegesecure/4.1/installation/components/proxy-service.md b/docs/privilegesecure/4.1/installation/components/proxy-service.md index ad862983d0..3ca1811a41 100644 --- a/docs/privilegesecure/4.1/installation/components/proxy-service.md +++ b/docs/privilegesecure/4.1/installation/components/proxy-service.md @@ -49,7 +49,7 @@ C:\Program Files\Netwrix\Netwrix Privilege Secure Proxy Service **NOTE:** The installation process begins and the wizard displays the its Progress. This may take a few moments. -![Netwrix Privileged Secure Proxy Service Setup wizard on the Successfully Completed page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Netwrix Privileged Secure Proxy Service Setup wizard on the Successfully Completed page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 6 –** When installation is complete, click Close. diff --git a/docs/privilegesecure/4.1/installation/setup/setup-launcher.md b/docs/privilegesecure/4.1/installation/setup/setup-launcher.md index b333045e99..2989d8bf87 100644 --- a/docs/privilegesecure/4.1/installation/setup/setup-launcher.md +++ b/docs/privilegesecure/4.1/installation/setup/setup-launcher.md @@ -53,7 +53,7 @@ C:\Program Files\Stealthbits\Postgres12 **NOTE:** The installation process begins and the Setup wizard displays the its Progress. This may take a few moments. -![Stealthbits PostgreSQL v12 Setup Wizard on the Completed Successfully page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Stealthbits PostgreSQL v12 Setup Wizard on the Completed Successfully page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 5 –** When installation is complete, click **Exit**. The Stealthbits PostgeSQL v12 Setup wizard closes. @@ -96,7 +96,7 @@ C:\Program Files\Stealthbits\PAM **NOTE:** The installation process begins and the wizard displays the its Progress. This may take a few moments. -![Netwrix Privilege Secure Setup wizard on the Completed Successfully page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Netwrix Privilege Secure Setup wizard on the Completed Successfully page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 5 –** When installation is complete, click **Close**. diff --git a/docs/privilegesecure/4.1/reviewer-guide/navigation.md b/docs/privilegesecure/4.1/reviewer-guide/navigation.md index 8cd202d35f..b4d46168ea 100644 --- a/docs/privilegesecure/4.1/reviewer-guide/navigation.md +++ b/docs/privilegesecure/4.1/reviewer-guide/navigation.md @@ -52,7 +52,7 @@ Interface Icons | ![users](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/users.webp) | Users & Groups | | ![resources](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/resources.webp) | Resources | | ![credentials](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/credentials.webp) | Credentials | -| ![activities](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/activities.webp) | Activities | +| ![activities](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/activities.webp) | Activities | | ![configuration](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/configuration.webp) | Configuration | | ![servicenodes](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/servicenodes.webp) | Service Nodes | | ![auditreporting](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/auditreporting.webp) | Audit and Reporting | diff --git a/docs/privilegesecure/4.1/user-guide/navigation.md b/docs/privilegesecure/4.1/user-guide/navigation.md index 1be2fdc3c0..1c8fc17835 100644 --- a/docs/privilegesecure/4.1/user-guide/navigation.md +++ b/docs/privilegesecure/4.1/user-guide/navigation.md @@ -48,7 +48,7 @@ Interface Icons | ![users](/img/versioned_docs/activitymonitor_7.1/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/users.webp) | Users & Groups | | ![resources](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/resources.webp) | Resources | | ![credentials](/img/versioned_docs/activitymonitor_7.1/activitymonitor/install/agent/credentials.webp) | Credentials | -| ![activities](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/activities.webp) | Activities | +| ![activities](/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/activities.webp) | Activities | | ![configuration](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/configuration.webp) | Configuration | | ![servicenodes](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/servicenodes.webp) | Service Nodes | | ![auditreporting](/img/versioned_docs/privilegesecure_4.1/privilegesecure/accessmanagement/enduser/auditreporting.webp) | Audit and Reporting | diff --git a/docs/privilegesecure/4.2/administration/policies/connection-profiles/add-connection-profile.md b/docs/privilegesecure/4.2/administration/policies/connection-profiles/add-connection-profile.md index 251d2ef185..cb8d522e9e 100644 --- a/docs/privilegesecure/4.2/administration/policies/connection-profiles/add-connection-profile.md +++ b/docs/privilegesecure/4.2/administration/policies/connection-profiles/add-connection-profile.md @@ -8,7 +8,7 @@ fields. **Step 2 –** In the Connection Profiles list, click the **Plus** icon. -![Add Connection Profile](/img/product_docs/accessanalyzer/admin/settings/connection/profile/addconnectionprofile.webp) +![Add Connection Profile](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/addconnectionprofile.webp) **Step 3 –** Enter the desired information to configure a new connection profile. diff --git a/docs/privilegesecure/4.2/administration/resources/platforms/active-directory.md b/docs/privilegesecure/4.2/administration/resources/platforms/active-directory.md index 51bc9bd200..9ba75e469a 100644 --- a/docs/privilegesecure/4.2/administration/resources/platforms/active-directory.md +++ b/docs/privilegesecure/4.2/administration/resources/platforms/active-directory.md @@ -85,7 +85,7 @@ The details page has the following tabs: The Active Directory menu displays the configuration options for Active Directory platforms. -![Active Directory Platform Configuration](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) +![Active Directory Platform Configuration](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/activedirectory.webp) Details for the selected platform are displayed on the right side of the page. Below are the configuration options for an Active Directory Platform. diff --git a/docs/privilegesecure/4.2/administration/resources/platforms/databases/oracle.md b/docs/privilegesecure/4.2/administration/resources/platforms/databases/oracle.md index e7295a9fcc..75d7e32886 100644 --- a/docs/privilegesecure/4.2/administration/resources/platforms/databases/oracle.md +++ b/docs/privilegesecure/4.2/administration/resources/platforms/databases/oracle.md @@ -2,7 +2,7 @@ The Oracle menu displays the configuration options for Oracle platforms. -![Oracle Platform Configuration](/img/product_docs/accessanalyzer/admin/settings/connection/profile/oracle.webp) +![Oracle Platform Configuration](/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/oracle.webp) Details for the selected platform are displayed on the right side of the page. Below are the configuration options for an Oracle Platform. diff --git a/docs/privilegesecure/4.2/administration/resources/platforms/index.md b/docs/privilegesecure/4.2/administration/resources/platforms/index.md index 5988ebd7e2..44dad2390a 100644 --- a/docs/privilegesecure/4.2/administration/resources/platforms/index.md +++ b/docs/privilegesecure/4.2/administration/resources/platforms/index.md @@ -4,7 +4,7 @@ The Platforms page is accessible from the Navigation pane under Policies. The me displays all the supported platform types and previously configured platforms. This allows administrators to apply default configurations across all resources defined by that platform type. -![Platforms Page](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) +![Platforms Page](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/activedirectory.webp) The pane on the left side of the page displays a list of the configured platforms. The pane has the following features: diff --git a/docs/privilegesecure/4.2/user-guide/common-features/navigation.md b/docs/privilegesecure/4.2/user-guide/common-features/navigation.md index 702df59eb1..a3efa891a1 100644 --- a/docs/privilegesecure/4.2/user-guide/common-features/navigation.md +++ b/docs/privilegesecure/4.2/user-guide/common-features/navigation.md @@ -52,7 +52,7 @@ Interface Icons | ![users](/img/product_docs/activitymonitor/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/users.webp) | Users & Groups | | ![resources](/img/product_docs/platgovnetsuiteflashlight/getting_started/resources.webp) | Resources | | ![credentials](/img/product_docs/activitymonitor/activitymonitor/install/agent/credentials.webp) | Credentials | -| ![activities](/img/product_docs/accessanalyzer/admin/hostdiscovery/activities.webp) | Activities | +| ![activities](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/activities.webp) | Activities | | ![configuration](/img/product_docs/privilegesecure/privilegesecure/accessmanagement/enduser/configuration.webp) | Configuration | | ![servicenodes](/img/product_docs/privilegesecure/privilegesecure/accessmanagement/enduser/servicenodes.webp) | Service Nodes | | ![auditreporting](/img/product_docs/privilegesecure/privilegesecure/accessmanagement/enduser/auditreporting.webp) | Audit and Reporting | @@ -157,7 +157,7 @@ Interface Icons | ![users](/img/product_docs/activitymonitor/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/users.webp) | Users & Groups | | ![resources](/img/product_docs/platgovnetsuiteflashlight/getting_started/resources.webp) | Resources | | ![credentials](/img/product_docs/activitymonitor/activitymonitor/install/agent/credentials.webp) | Credentials | -| ![activities](/img/product_docs/accessanalyzer/admin/hostdiscovery/activities.webp) | Activities | +| ![activities](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/activities.webp) | Activities | | ![configuration](/img/product_docs/privilegesecure/privilegesecure/accessmanagement/enduser/configuration.webp) | Configuration | | ![servicenodes](/img/product_docs/privilegesecure/privilegesecure/accessmanagement/enduser/servicenodes.webp) | Service Nodes | | ![auditreporting](/img/product_docs/privilegesecure/privilegesecure/accessmanagement/enduser/auditreporting.webp) | Audit and Reporting | @@ -253,7 +253,7 @@ Interface Icons | ![users](/img/product_docs/activitymonitor/activitymonitor/admin/monitoreddomains/admonitoringconfiguration/users.webp) | Users & Groups | | ![resources](/img/product_docs/platgovnetsuiteflashlight/getting_started/resources.webp) | Resources | | ![credentials](/img/product_docs/activitymonitor/activitymonitor/install/agent/credentials.webp) | Credentials | -| ![activities](/img/product_docs/accessanalyzer/admin/hostdiscovery/activities.webp) | Activities | +| ![activities](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/activities.webp) | Activities | | ![configuration](/img/product_docs/privilegesecure/privilegesecure/accessmanagement/enduser/configuration.webp) | Configuration | | ![servicenodes](/img/product_docs/privilegesecure/privilegesecure/accessmanagement/enduser/servicenodes.webp) | Service Nodes | | ![auditreporting](/img/product_docs/privilegesecure/privilegesecure/accessmanagement/enduser/auditreporting.webp) | Audit and Reporting | diff --git a/docs/recoveryforactivedirectory/2.6/administration/multi-factor-authentication.md b/docs/recoveryforactivedirectory/2.6/administration/multi-factor-authentication.md index c5f36a5f35..1b3f4a1636 100644 --- a/docs/recoveryforactivedirectory/2.6/administration/multi-factor-authentication.md +++ b/docs/recoveryforactivedirectory/2.6/administration/multi-factor-authentication.md @@ -23,7 +23,7 @@ and select **Manage**. The MFA page opens. **Step 2 –** Click the **Add authenticator app** button. The Configure authenticator app page is displayed, showing the instructions for setting up the app. -![Configure authenticator app page](/img/product_docs/accessanalyzer/admin/analysis/configure.webp) +![Configure authenticator app page](/img/product_docs/accessanalyzer/12.0/admin/analysis/configure.webp) **Step 3 –** Open the authenticator app on your phone and scan the QR code with it. A new account is created in the app for the Recovery application and a verification code is displayed under the diff --git a/docs/recoveryforactivedirectory/2.6/configuration/domain-configuration.md b/docs/recoveryforactivedirectory/2.6/configuration/domain-configuration.md index dc1fe189ab..fc2e36e43a 100644 --- a/docs/recoveryforactivedirectory/2.6/configuration/domain-configuration.md +++ b/docs/recoveryforactivedirectory/2.6/configuration/domain-configuration.md @@ -83,7 +83,7 @@ Click **Next**. the backups will run at the desired frequency but will skip from midnight until the selected start time. -![Add Domain Configuration wizard - Options page](/img/product_docs/accessanalyzer/install/application/options.webp) +![Add Domain Configuration wizard - Options page](/img/product_docs/accessanalyzer/12.0/install/application/options.webp) **Step 9 –** (_Optional_) Select the **Collect GPOs** checkbox to enable GPO rollback and recovery. This setting requires Group Policy Management Console (GMPC). If GPO collection is not desired, skip @@ -97,7 +97,7 @@ backup. **Step 11 –** Click **Next**. -![Add Domain Configuration wizard - Notification page](/img/product_docs/accessanalyzer/admin/settings/notification.webp) +![Add Domain Configuration wizard - Notification page](/img/product_docs/accessanalyzer/12.0/admin/settings/notification.webp) **Step 12 –** To set notifications, select the Send email notifications check box and enter the email address of one or more users and/or groups to receive the job start and end notifications. Use @@ -157,7 +157,7 @@ time. **Step 9 –** Click **Next**. -![Edit Domain Configuration wizard - Options page](/img/product_docs/accessanalyzer/install/application/options.webp) +![Edit Domain Configuration wizard - Options page](/img/product_docs/accessanalyzer/12.0/install/application/options.webp) **Step 10 –** (_Optional_) Select or deselect the **Collect GPOs** checkbox to enable or disable GPO rollback and recovery. This setting requires Group Policy Management Console (GMPC). If GPO @@ -172,7 +172,7 @@ backup. **Step 12 –** Click **Next**. -![Edit Domain Configuration wizard - Notification page](/img/product_docs/accessanalyzer/admin/settings/notification.webp) +![Edit Domain Configuration wizard - Notification page](/img/product_docs/accessanalyzer/12.0/admin/settings/notification.webp) **Step 13 –** To set notifications, select the Send email notifications check box and enter the email address of one or more users and/or groups to receive the job start and end notifications. Use diff --git a/docs/recoveryforactivedirectory/2.6/configuration/user-roles.md b/docs/recoveryforactivedirectory/2.6/configuration/user-roles.md index dbec813c0b..375e486e0b 100644 --- a/docs/recoveryforactivedirectory/2.6/configuration/user-roles.md +++ b/docs/recoveryforactivedirectory/2.6/configuration/user-roles.md @@ -9,7 +9,7 @@ The Users and Roles page displays the accounts with access to Recovery for Activ Click **Configuration** in the left pane. Then click the **Users and Roles tab** on the Configuration page to open the Users and Roles page. -![Users and Roles page](/img/product_docs/accessanalyzer/requirements/target/config/roles.webp) +![Users and Roles page](/img/product_docs/accessanalyzer/12.0/requirements/target/config/roles.webp) The table displays the following information: diff --git a/docs/recoveryforactivedirectory/2.6/domain-recovery/index.md b/docs/recoveryforactivedirectory/2.6/domain-recovery/index.md index 10a808cdab..0b97f98736 100644 --- a/docs/recoveryforactivedirectory/2.6/domain-recovery/index.md +++ b/docs/recoveryforactivedirectory/2.6/domain-recovery/index.md @@ -9,7 +9,7 @@ On the Active Directory page, you can access all the domains that you have confi Click **Active Directory** in the left pane to open the Active Directory page. -![Active Directory page](/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp) +![Active Directory page](/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/activedirectory.webp) Select a domain from the drop-down menu and expand it to view the domain tree and container structure, which is exactly the same as you get in Active Directory Users and Computers. Objects in diff --git a/docs/recoveryforactivedirectory/2.6/domain-recovery/rollback-operations.md b/docs/recoveryforactivedirectory/2.6/domain-recovery/rollback-operations.md index 8510ac5bef..346098dca0 100644 --- a/docs/recoveryforactivedirectory/2.6/domain-recovery/rollback-operations.md +++ b/docs/recoveryforactivedirectory/2.6/domain-recovery/rollback-operations.md @@ -26,7 +26,7 @@ The Object Rollback wizard opens. **Step 4 –** In the Backup Date section, select a backup to use for the rollback operation. Then select the checkbox(es) for the attributes you want to roll back. Click **Next**. -![Object Rollback wizard - Options page](/img/product_docs/accessanalyzer/install/application/options.webp) +![Object Rollback wizard - Options page](/img/product_docs/accessanalyzer/12.0/install/application/options.webp) **Step 5 –** Select a domain controller where the rollback changes will get affected. Options are: diff --git a/docs/recoveryforactivedirectory/2.6/forest-recovery/forest-recovery-procedures.md b/docs/recoveryforactivedirectory/2.6/forest-recovery/forest-recovery-procedures.md index 5911e51e49..8b202b3f5f 100644 --- a/docs/recoveryforactivedirectory/2.6/forest-recovery/forest-recovery-procedures.md +++ b/docs/recoveryforactivedirectory/2.6/forest-recovery/forest-recovery-procedures.md @@ -100,7 +100,7 @@ topic for additional information. **Step 5 –** Click **Next**. -![Add to Recovery Playbook wizard - Options page](/img/product_docs/accessanalyzer/install/application/options.webp) +![Add to Recovery Playbook wizard - Options page](/img/product_docs/accessanalyzer/12.0/install/application/options.webp) **Step 6 –** From the **Backup** drop-down menu, select the backup to use for restoring the domain controller. The drop-down menu lists the backups available for the domain controller. diff --git a/docs/recoveryforactivedirectory/2.6/forest-recovery/index.md b/docs/recoveryforactivedirectory/2.6/forest-recovery/index.md index 5f9b335fa4..cce87e59db 100644 --- a/docs/recoveryforactivedirectory/2.6/forest-recovery/index.md +++ b/docs/recoveryforactivedirectory/2.6/forest-recovery/index.md @@ -105,7 +105,7 @@ adjacent pane displays the domain controllers in that domain. **Step 1 –** Enable the Backup toggle button for a domain controller to launch the Server Backup Configuration wizard. -![Server Backup Configuration wizard - Server page](/img/product_docs/accessanalyzer/admin/settings/server.webp) +![Server Backup Configuration wizard - Server page](/img/product_docs/accessanalyzer/12.0/admin/settings/server.webp) **Step 2 –** In the Server field, the domain controller to be backed up is displayed as read-only in the following format: server.domain.com. @@ -134,7 +134,7 @@ default time is 12:00 AM. **Step 7 –** Click **Next**. -![Server Backup Configuration wizard - Options page](/img/product_docs/accessanalyzer/install/application/options.webp) +![Server Backup Configuration wizard - Options page](/img/product_docs/accessanalyzer/12.0/install/application/options.webp) **Step 8 –** In the Specify where you would like to store the backup data field, enter a path to a network share on the domain controller to store the backup data. diff --git a/docs/recoveryforactivedirectory/2.6/troubleshooting/password-updates/backup-account-passwords.md b/docs/recoveryforactivedirectory/2.6/troubleshooting/password-updates/backup-account-passwords.md index e03b360600..050a2cfb44 100644 --- a/docs/recoveryforactivedirectory/2.6/troubleshooting/password-updates/backup-account-passwords.md +++ b/docs/recoveryforactivedirectory/2.6/troubleshooting/password-updates/backup-account-passwords.md @@ -21,7 +21,7 @@ adjacent pane displays the domain controllers in that domain. **Step 3 –** Click the **Edit** button for a domain controller, which is available in the far right of the domain controller row. The Server Backup Configuration wizard opens. -![Server Backup Configuration Wizard - Server page](/img/product_docs/accessanalyzer/admin/settings/server.webp) +![Server Backup Configuration Wizard - Server page](/img/product_docs/accessanalyzer/12.0/admin/settings/server.webp) **Step 4 –** On the Server page, the fields are populated with the information you provided when configuring the domain controller backup. See the @@ -35,7 +35,7 @@ into account the new password. **Step 5 –** Modify the schedule if needed, then click **Next**. -![Server Backup Configuration wizard - Options page](/img/product_docs/accessanalyzer/install/application/options.webp) +![Server Backup Configuration wizard - Options page](/img/product_docs/accessanalyzer/12.0/install/application/options.webp) **Step 6 –** Modify the options if needed, then click **Next**. diff --git a/docs/threatmanager/3.0/operations/investigations/managing-investigations.md b/docs/threatmanager/3.0/operations/investigations/managing-investigations.md index 6486cb12f1..3356dff74b 100644 --- a/docs/threatmanager/3.0/operations/investigations/managing-investigations.md +++ b/docs/threatmanager/3.0/operations/investigations/managing-investigations.md @@ -494,7 +494,7 @@ See the [Investigation Reports](/docs/threatmanager/3.0/operations/investigation Every investigation has the following options at the top of the page: -![Investigation interface showing the options at the top of an investigation](/img/product_docs/accessanalyzer/install/application/options.webp) +![Investigation interface showing the options at the top of an investigation](/img/product_docs/accessanalyzer/12.0/install/application/options.webp) - Edit – The Edit option opens the Save Investigation window in edit mode. You can modify the name, description, and folder of the saved investigation. If you save the investigation to a different diff --git a/docs/threatmanager/3.0/operations/threat-details/object-details.md b/docs/threatmanager/3.0/operations/threat-details/object-details.md index e46f0782bf..e4c7401877 100644 --- a/docs/threatmanager/3.0/operations/threat-details/object-details.md +++ b/docs/threatmanager/3.0/operations/threat-details/object-details.md @@ -88,7 +88,7 @@ information. The Application Details page provides information about an application registered in Microsoft Entra ID. -![Entra ID Application Page](/img/product_docs/accessanalyzer/admin/settings/application/application.webp) +![Entra ID Application Page](/img/product_docs/accessanalyzer/12.0/admin/settings/application/application.webp) The top of the page displays a profile card which may contain the following information about the application: @@ -402,7 +402,7 @@ information. The Role Details page provides information about a role including its description and role membership. -![Roles Page](/img/product_docs/accessanalyzer/requirements/target/config/roles.webp) +![Roles Page](/img/product_docs/accessanalyzer/12.0/requirements/target/config/roles.webp) The top of the page displays a profile card which may contain the following information about the role: @@ -798,7 +798,7 @@ export the current rows displayed on the page into a CSV file. The Group Membership tab displays groups in which the user is a member. -![groupmembership](/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp) +![groupmembership](/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.webp) ![Group Membership Indirect Member of Page](/img/product_docs/threatmanager/threatmanager/administration/threatdetails/groupmembershipindirect.webp) diff --git a/docs/threatprevention/7.4/admin/configuration/databasemaintenance/schedule.md b/docs/threatprevention/7.4/admin/configuration/databasemaintenance/schedule.md index f44b3daefe..466a292f38 100644 --- a/docs/threatprevention/7.4/admin/configuration/databasemaintenance/schedule.md +++ b/docs/threatprevention/7.4/admin/configuration/databasemaintenance/schedule.md @@ -7,7 +7,7 @@ on a regular rotation. Follow the steps to configure a schedule. -![Database Maintenance window - Schedule tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/schedule.webp) +![Database Maintenance window - Schedule tab](/img/product_docs/accessanalyzer/11.6/admin/settings/schedule.webp) **Step 1 –** Click **Configuration** > **Database** > **Maintenance** on the menu. The Database Maintenance window is displayed. diff --git a/docs/threatprevention/7.4/admin/configuration/epesettings.md b/docs/threatprevention/7.4/admin/configuration/epesettings.md index e042fb7385..4fb8dfae77 100644 --- a/docs/threatprevention/7.4/admin/configuration/epesettings.md +++ b/docs/threatprevention/7.4/admin/configuration/epesettings.md @@ -350,7 +350,7 @@ Follow the steps to install the Pwnd Passwords Downloader. dotnet tool install --global haveibeenpwned-downloader ``` -![hibp_installation_0](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_0.webp) +![hibp_installation_0](/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_0.webp) **Step 3 –** Close the command prompt. @@ -366,7 +366,7 @@ Follow the steps to update an installed Pwnd Passwords Downloader. dotnet tool update --global haveibeenpwned-downloader ``` -![hibp_installation_1](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_1.webp) +![hibp_installation_1](/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_1.webp) Download NTML Hashes with the Pwnd Passwords Downloader @@ -383,7 +383,7 @@ Run: haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm ``` -![hibp_installation_3](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_3.webp) +![hibp_installation_3](/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_3.webp) This screenshot shows the completed download. diff --git a/docs/threatprevention/7.4/admin/configuration/systemalerting/eventlog.md b/docs/threatprevention/7.4/admin/configuration/systemalerting/eventlog.md index c05011369b..4684519967 100644 --- a/docs/threatprevention/7.4/admin/configuration/systemalerting/eventlog.md +++ b/docs/threatprevention/7.4/admin/configuration/systemalerting/eventlog.md @@ -3,7 +3,7 @@ Alert notification via Event Log sends event notifications to the Windows Event Log. Follow the steps to enable Event Log alerting. -![System Alerting window – Event Log tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/eventlog.webp) +![System Alerting window – Event Log tab](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/eventlog.webp) **Step 1 –** Click **Configuration** > **Alerts** on the menu. The Netwrix Threat Prevention System Alerting window opens. diff --git a/docs/threatprevention/7.4/admin/investigate/datagrid.md b/docs/threatprevention/7.4/admin/investigate/datagrid.md index e9b1f08141..1551334bfd 100644 --- a/docs/threatprevention/7.4/admin/investigate/datagrid.md +++ b/docs/threatprevention/7.4/admin/investigate/datagrid.md @@ -12,7 +12,7 @@ Follow the steps to view events in the data grid. - Use the arrow between the filter categories and the grid view to collapse the entire filter category section -![Investigate interface - Data Grid](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/datagrid.webp) +![Investigate interface - Data Grid](/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.webp) **Step 3 –** Select the **Production** or **Archive** option button to view events from the respective database. diff --git a/docs/threatprevention/7.4/admin/navigation/datagrid.md b/docs/threatprevention/7.4/admin/navigation/datagrid.md index 0f3ae31050..684a07cb95 100644 --- a/docs/threatprevention/7.4/admin/navigation/datagrid.md +++ b/docs/threatprevention/7.4/admin/navigation/datagrid.md @@ -3,7 +3,7 @@ Result data is displayed using data grids on several interfaces in the Administration Console. These grids employ features for data sorting, filtering, searching, and more. -![Data Grid Functionality pointers](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality.webp) +![Data Grid Functionality pointers](/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality.webp) - The Group by Box [1] ribbon impacts how much data is displayed. - The Refresh [2] button populates the data grid with the current information according to the diff --git a/docs/threatprevention/7.4/admin/policies/dataprotection.md b/docs/threatprevention/7.4/admin/policies/dataprotection.md index 6f8b9e2805..1037024ddd 100644 --- a/docs/threatprevention/7.4/admin/policies/dataprotection.md +++ b/docs/threatprevention/7.4/admin/policies/dataprotection.md @@ -45,7 +45,7 @@ not included in the Permissions list. Follow the steps to protect policies. -![Policy folder - Permissions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp) +![Policy folder - Permissions page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp) **Step 1 –** Select a folder under the Policies node in the Navigation pane. The Policies interface is displayed. @@ -83,7 +83,7 @@ Events tab and the Investigate interface. Follow the steps to protect objects. -![Policy folder - Permissions page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp) +![Policy folder - Permissions page](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp) **Step 6 –** Select a folder under the Policies node in the Navigation pane. The Policies interface is displayed. diff --git a/docs/threatprevention/7.4/admin/policies/eventtype/adreplicationlockdown.md b/docs/threatprevention/7.4/admin/policies/eventtype/adreplicationlockdown.md index aca78bfb5f..690cdec8f1 100644 --- a/docs/threatprevention/7.4/admin/policies/eventtype/adreplicationlockdown.md +++ b/docs/threatprevention/7.4/admin/policies/eventtype/adreplicationlockdown.md @@ -84,7 +84,7 @@ Use the Permissions filter to set the scope of the policy for specific replicati within Active Directory that are used to dump password hashes as a fake domain controller in a DCSync/Replication attack. -![Policy window - Permissions filter](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp) +![Policy window - Permissions filter](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp) The Permissions filter has two sections: diff --git a/docs/threatprevention/7.4/admin/policies/eventtype/adreplicationmonitoring.md b/docs/threatprevention/7.4/admin/policies/eventtype/adreplicationmonitoring.md index 66559b9912..7ae8024cde 100644 --- a/docs/threatprevention/7.4/admin/policies/eventtype/adreplicationmonitoring.md +++ b/docs/threatprevention/7.4/admin/policies/eventtype/adreplicationmonitoring.md @@ -84,7 +84,7 @@ Use the Permissions filter to set the scope of the policy for specific replicati within Active Directory that are used to dump password hashes as a fake domain controller in a DCSync/Replication attack. -![Policy window - Permissions filter](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp) +![Policy window - Permissions filter](/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp) The Permissions filter has two sections: diff --git a/docs/threatprevention/7.4/admin/policies/general.md b/docs/threatprevention/7.4/admin/policies/general.md index ac1819523e..f0562e69cd 100644 --- a/docs/threatprevention/7.4/admin/policies/general.md +++ b/docs/threatprevention/7.4/admin/policies/general.md @@ -34,7 +34,7 @@ Save all changes made to a policy or a template before leaving the configuration History details in the center of the General tab are automatically populated on creation or modification. -![Policy - General tab > History section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/history.webp) +![Policy - General tab > History section](/img/product_docs/accessanalyzer/11.6/admin/settings/history.webp) It contains read-only information on who created the policy (Added by), when the policy was created (Added on), who made the latest modification (Modified by), and when the latest modification @@ -59,7 +59,7 @@ Weekly Calendar The weekly calendar at the bottom of the schedule section is where the schedule is set. -![Schedule section in a policy set to Always Active](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/schedule.webp) +![Schedule section in a policy set to Always Active](/img/product_docs/accessanalyzer/11.6/admin/settings/schedule.webp) When the schedule is set to Always Active, the weekly calendar is grayed-out. diff --git a/docs/threatprevention/7.4/admin/templates/general.md b/docs/threatprevention/7.4/admin/templates/general.md index 68a975c8c4..bf52adb7d5 100644 --- a/docs/threatprevention/7.4/admin/templates/general.md +++ b/docs/threatprevention/7.4/admin/templates/general.md @@ -35,7 +35,7 @@ for additional information. History details in the center of the General tab are automatically populated on creation or modification. -![Policy - General tab > History section](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/history.webp) +![Policy - General tab > History section](/img/product_docs/accessanalyzer/11.6/admin/settings/history.webp) It contains read-only information on who created the template (Added by), when the template was created (Added on), who made the latest modification (Modified by), and when the latest modification @@ -60,7 +60,7 @@ Weekly Calendar The weekly calendar at the bottom of the schedule section is where the schedule is set. -![Schedule section in a policy set to Always Active](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/schedule.webp) +![Schedule section in a policy set to Always Active](/img/product_docs/accessanalyzer/11.6/admin/settings/schedule.webp) When the schedule is set to Always Active, the weekly calendar is grayed-out. diff --git a/docs/threatprevention/7.4/eperestsite/accountmanagement.md b/docs/threatprevention/7.4/eperestsite/accountmanagement.md index 948da23431..2134722c5f 100644 --- a/docs/threatprevention/7.4/eperestsite/accountmanagement.md +++ b/docs/threatprevention/7.4/eperestsite/accountmanagement.md @@ -44,7 +44,7 @@ Required Input Parameters Example -![POST api/account/create](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/create.webp) +![POST api/account/create](/img/product_docs/accessanalyzer/11.6/admin/report/create.webp) ## GET api/account/user/`` diff --git a/docs/threatprevention/7.4/install/reportingmodule/application.md b/docs/threatprevention/7.4/install/reportingmodule/application.md index 7884b1774f..3e3fcce4d0 100644 --- a/docs/threatprevention/7.4/install/reportingmodule/application.md +++ b/docs/threatprevention/7.4/install/reportingmodule/application.md @@ -58,7 +58,7 @@ Next button is enabled. Click **Next**. indicating that the installer will create these. Deselect the checkbox if you do not want the installer to automatically create these rules because you have already created them. Click **Next**. -![Netwrix Threat Mannager Reporting Setup wizard on the Completed page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Netwrix Threat Mannager Reporting Setup wizard on the Completed page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 9 –** The installation process will begin and the Setup wizard will display the progress. Click Exit when the installation completes successfully. The Netwrix Threat Manager Reporting Setup diff --git a/docs/threatprevention/7.4/install/reportingmodule/database.md b/docs/threatprevention/7.4/install/reportingmodule/database.md index dfa02561ad..dd0d3e2b4c 100644 --- a/docs/threatprevention/7.4/install/reportingmodule/database.md +++ b/docs/threatprevention/7.4/install/reportingmodule/database.md @@ -34,7 +34,7 @@ checkbox. Click Next. Optionally, enter a new path or use the **Browse** buttons to modify as desired. Click Next. -![Netwrix PostgreSQL Setup wizard on the Successfully Installed page](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp) +![Netwrix PostgreSQL Setup wizard on the Successfully Installed page](/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp) **Step 5 –** The installation begins and the installer displays a Setup Progress window. Click Exit when the installation is successful. The Netwrix PostgreSQL Setup wizard closes. diff --git a/docs/threatprevention/7.4/reportingmodule/configuration/integrations/authenticationprovider/page.md b/docs/threatprevention/7.4/reportingmodule/configuration/integrations/authenticationprovider/page.md index 488e51fad4..60616c43e2 100644 --- a/docs/threatprevention/7.4/reportingmodule/configuration/integrations/authenticationprovider/page.md +++ b/docs/threatprevention/7.4/reportingmodule/configuration/integrations/authenticationprovider/page.md @@ -39,7 +39,7 @@ authentication provider type, i.e., OpenID, RADIUS, or SAML. On the Integrations interface, select an authentication provider under the Authentication Provider node in the navigation pane or from the table to configure, view, or modify its details. -![Integrations interface displaying the details for an Authentication Provider with the type drop-down menu open](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/type.webp) +![Integrations interface displaying the details for an Authentication Provider with the type drop-down menu open](/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/type.webp) The following authentication provider types are supported; you can configure an authentication provider for any of these: diff --git a/docs/threatprevention/7.4/reportingmodule/configuration/integrations/tagmanagement.md b/docs/threatprevention/7.4/reportingmodule/configuration/integrations/tagmanagement.md index 9a87923976..b393f3c19a 100644 --- a/docs/threatprevention/7.4/reportingmodule/configuration/integrations/tagmanagement.md +++ b/docs/threatprevention/7.4/reportingmodule/configuration/integrations/tagmanagement.md @@ -134,7 +134,7 @@ The tag is applied to the selected objects. Follow the steps to remove tags from objects. -![Tag details page showing search results](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/search.webp) +![Tag details page showing search results](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/search.webp) **Step 1 –** On the Integrations interface, click **Tag Managemetn** in the navigation pane to view a list of tags. diff --git a/docs/threatprevention/7.4/reportingmodule/configuration/systemsettings/systemjobs.md b/docs/threatprevention/7.4/reportingmodule/configuration/systemsettings/systemjobs.md index f3b15ea2e7..87a3db4b87 100644 --- a/docs/threatprevention/7.4/reportingmodule/configuration/systemsettings/systemjobs.md +++ b/docs/threatprevention/7.4/reportingmodule/configuration/systemsettings/systemjobs.md @@ -19,7 +19,7 @@ The table lists the system maintenance jobs: The Report Maintenance job details page has two tabs that provide configuration options and job health details. -![System Settings interface on the System Jobs page showing the Report Maintenance job Settings tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/reportsettings.webp) +![System Settings interface on the System Jobs page showing the Report Maintenance job Settings tab](/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.webp) Settings Tab diff --git a/docs/threatprevention/7.4/reportingmodule/investigations/group.md b/docs/threatprevention/7.4/reportingmodule/investigations/group.md index bdd5d482ed..1360021b3d 100644 --- a/docs/threatprevention/7.4/reportingmodule/investigations/group.md +++ b/docs/threatprevention/7.4/reportingmodule/investigations/group.md @@ -6,7 +6,7 @@ In an investigation report, when you click the Perpetrator (user name) link or T link, you land on the User Details page or the Host Details page. Click a group name here to go to the Group Details page. -![Group Details page - Members tab](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/groupdetails.webp) +![Group Details page - Members tab](/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupdetails.webp) The top of the page displays a group profile card that may contain the following information about the group: diff --git a/docs/threatprevention/7.4/reportingmodule/investigations/overview.md b/docs/threatprevention/7.4/reportingmodule/investigations/overview.md index 12962e49f8..d3a969000d 100644 --- a/docs/threatprevention/7.4/reportingmodule/investigations/overview.md +++ b/docs/threatprevention/7.4/reportingmodule/investigations/overview.md @@ -60,7 +60,7 @@ topic for additional information. The Investigations interface includes a search field in the navigation pane to find saved investigations by name. -![Investigations Search showing matching results](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/search.webp) +![Investigations Search showing matching results](/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/search.webp) Type in the search box. As you type, a drop-down will populate with saved investigations containing matches. The part of the investigation name that matches the search text is in bold. diff --git a/docs/threatprevention/7.4/siemdashboard/qradar/dashboard/overview.md b/docs/threatprevention/7.4/siemdashboard/qradar/dashboard/overview.md index 167fe9bc72..fd8c1d6a5f 100644 --- a/docs/threatprevention/7.4/siemdashboard/qradar/dashboard/overview.md +++ b/docs/threatprevention/7.4/siemdashboard/qradar/dashboard/overview.md @@ -3,7 +3,7 @@ The Active Directory Overview dashboard contains information on monitored Active Directory events within the past three (3) hours. It has the following cards: -![Overview Dashboard](/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overview.webp) +![Overview Dashboard](/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overview.webp) - Authentication Attacks – Number of authentication attacks that started in the specified timeframe, i.e., last three (3) hours. The value for this card is a hyperlink to the diff --git a/scripts/check-image-links.js b/scripts/check-image-links.js new file mode 100644 index 0000000000..30e50cac29 --- /dev/null +++ b/scripts/check-image-links.js @@ -0,0 +1,184 @@ +const fs = require('fs'); +const path = require('path'); + +// Get command line arguments +const args = process.argv.slice(2); +const targetFolder = args[0]; // First argument is the folder to check + +// Configuration +const DOCS_DIR = path.join(__dirname, '..', 'docs'); +const STATIC_DIR = path.join(__dirname, '..', 'static'); +const IMAGE_EXTENSIONS = ['.jpg', '.jpeg', '.png', '.gif', '.webp', '.svg', '.bmp', '.tiff']; + +// Determine the directory to scan +const SCAN_DIR = targetFolder ? path.join(DOCS_DIR, targetFolder) : DOCS_DIR; + +// Function to recursively find all .md files +function findMarkdownFiles(dir) { + const files = []; + + function scanDirectory(currentDir) { + const items = fs.readdirSync(currentDir); + + for (const item of items) { + const fullPath = path.join(currentDir, item); + const stat = fs.statSync(fullPath); + + if (stat.isDirectory()) { + scanDirectory(fullPath); + } else if (path.extname(item).toLowerCase() === '.md') { + files.push(fullPath); + } + } + } + + scanDirectory(dir); + return files; +} + +// Function to extract image links from markdown content +function extractImageLinks(content) { + // Improved regex to avoid capturing malformed links + const imageRegex = /!\[([^\]]*)\]\(([^)]+)\)/g; + const links = []; + let match; + + while ((match = imageRegex.exec(content)) !== null) { + const altText = match[1]; + const imagePath = match[2].trim(); + + // Skip if the path contains obvious malformed characters or is too short + if (imagePath.length < 3 || imagePath.includes('<') || imagePath.includes('>')) { + continue; + } + + // Skip external URLs (http/https) + if (imagePath.startsWith('http://') || imagePath.startsWith('https://')) { + continue; + } + + // Skip data URLs + if (imagePath.startsWith('data:')) { + continue; + } + + links.push({ + altText, + imagePath, + lineNumber: content.substring(0, match.index).split('\n').length + }); + } + + return links; +} + +// Function to check if image exists +function checkImageExists(imagePath) { + // Remove leading slash if present + const cleanPath = imagePath.startsWith('/') ? imagePath.substring(1) : imagePath; + + // Construct full path in static directory + const fullPath = path.join(STATIC_DIR, cleanPath); + + return fs.existsSync(fullPath); +} + +// Function to get relative path from docs directory +function getRelativePath(fullPath) { + return path.relative(DOCS_DIR, fullPath); +} + +// Main function +function checkImageLinks() { + // Validate target folder if specified + if (targetFolder && !fs.existsSync(SCAN_DIR)) { + console.error(`❌ Error: Folder '${targetFolder}' not found in docs directory`); + console.error(` Expected: ${SCAN_DIR}`); + process.exit(1); + } + + const folderDescription = targetFolder ? `folder '${targetFolder}'` : 'entire docs folder'; + console.log(`🔍 Scanning ${folderDescription} for markdown files...`); + + const markdownFiles = findMarkdownFiles(SCAN_DIR); + console.log(`📁 Found ${markdownFiles.length} markdown files\n`); + + let totalBrokenLinks = 0; + let filesWithBrokenLinks = 0; + + for (const filePath of markdownFiles) { + const content = fs.readFileSync(filePath, 'utf8'); + const imageLinks = extractImageLinks(content); + + if (imageLinks.length === 0) continue; + + const brokenLinks = []; + + for (const link of imageLinks) { + if (!checkImageExists(link.imagePath)) { + brokenLinks.push({ + ...link, + expectedPath: path.join(STATIC_DIR, link.imagePath.startsWith('/') ? link.imagePath.substring(1) : link.imagePath) + }); + } + } + + if (brokenLinks.length > 0) { + filesWithBrokenLinks++; + totalBrokenLinks += brokenLinks.length; + + console.log(`❌ ${getRelativePath(filePath)} (${brokenLinks.length} broken links):`); + + for (const brokenLink of brokenLinks) { + console.log(` Line ${brokenLink.lineNumber}: ${brokenLink.imagePath}`); + console.log(` Expected: ${brokenLink.expectedPath}`); + console.log(''); + } + } + } + + // Summary + console.log('='.repeat(60)); + console.log('📊 SUMMARY:'); + console.log(`📁 Total markdown files scanned: ${markdownFiles.length}`); + console.log(`❌ Files with broken links: ${filesWithBrokenLinks}`); + console.log(`🔗 Total broken links: ${totalBrokenLinks}`); + + if (totalBrokenLinks === 0) { + console.log('✅ All image links are valid!'); + } else { + console.log('⚠️ Please fix the broken links above.'); + } +} + +// Show usage if help is requested +function showUsage() { + console.log('Usage: node check-image-links.js [folder]'); + console.log(''); + console.log('Arguments:'); + console.log(' folder Optional: Specific subfolder within docs to check'); + console.log(' (e.g., "accessanalyzer" to check docs/accessanalyzer/)'); + console.log(''); + console.log('Examples:'); + console.log(' node check-image-links.js # Check entire docs folder'); + console.log(' node check-image-links.js accessanalyzer # Check only accessanalyzer folder'); + console.log(' node check-image-links.js 1secure # Check only 1secure folder'); +} + +// Run the script +if (require.main === module) { + try { + // Show help if requested + if (args.includes('--help') || args.includes('-h')) { + showUsage(); + process.exit(0); + } + + checkImageLinks(); + } catch (error) { + console.error('❌ Error:', error.message); + process.exit(1); + } +} + +module.exports = { checkImageLinks, findMarkdownFiles, extractImageLinks, checkImageExists }; \ No newline at end of file diff --git a/scripts/check-md-links.js b/scripts/check-md-links.js new file mode 100644 index 0000000000..7545252972 --- /dev/null +++ b/scripts/check-md-links.js @@ -0,0 +1,290 @@ +const fs = require('fs'); +const path = require('path'); + +// Get command line arguments +const args = process.argv.slice(2); +const targetFolder = args[0]; // First argument is the folder to check + +// Configuration +const DOCS_DIR = path.join(__dirname, '..', 'docs'); +const SCAN_DIR = targetFolder ? path.join(DOCS_DIR, targetFolder) : DOCS_DIR; + +// Function to recursively find all .md files +function findMarkdownFiles(dir) { + const files = []; + + function scanDirectory(currentDir) { + const items = fs.readdirSync(currentDir); + + for (const item of items) { + const fullPath = path.join(currentDir, item); + const stat = fs.statSync(fullPath); + + if (stat.isDirectory()) { + scanDirectory(fullPath); + } else if (path.extname(item).toLowerCase() === '.md') { + files.push(fullPath); + } + } + } + + scanDirectory(dir); + return files; +} + +// Function to extract markdown links from content +function extractMarkdownLinks(content) { + // Regex to match markdown links: [text](url) - but exclude image links + const linkRegex = /\[([^\]]+)\]\(([^)]+)\)/g; + const links = []; + let match; + + while ((match = linkRegex.exec(content)) !== null) { + const linkText = match[1]; + const linkUrl = match[2].trim(); + + // Skip if the URL is too short + if (linkUrl.length < 2) { + continue; + } + + // Skip external URLs (http/https) + if (linkUrl.startsWith('http://') || linkUrl.startsWith('https://')) { + continue; + } + + // Skip mailto links + if (linkUrl.startsWith('mailto:')) { + continue; + } + + // Skip anchor-only links (starting with #) + if (linkUrl.startsWith('#')) { + continue; + } + + // Skip data URLs + if (linkUrl.startsWith('data:')) { + continue; + } + + // Skip image links (check if it's an image file) + const imageExtensions = ['.jpg', '.jpeg', '.png', '.gif', '.webp', '.svg', '.bmp', '.tiff']; + const isImageLink = imageExtensions.some(ext => linkUrl.toLowerCase().includes(ext)); + if (isImageLink) { + continue; + } + + // Skip links with angle brackets (external URLs) + if (linkUrl.includes('<') || linkUrl.includes('>')) { + continue; + } + + links.push({ + linkText, + linkUrl, + lineNumber: content.substring(0, match.index).split('\n').length + }); + } + + return links; +} + +// Function to convert a heading to a Docusaurus/GitHub-style anchor slug +function headingToAnchorSlug(heading) { + return heading + .toLowerCase() + .replace(/[^\w\s-]/g, '') // Remove all non-word, non-space, non-hyphen chars + .replace(/\s+/g, '-') // Replace spaces with hyphens + .replace(/-+/g, '-') // Collapse multiple hyphens + .replace(/^-+|-+$/g, ''); // Trim leading/trailing hyphens +} + +// Function to check if anchor exists in markdown content +function checkHeadingExists(content, anchor) { + if (!anchor) return true; // No anchor to check + const cleanAnchor = anchor.startsWith('#') ? anchor.substring(1) : anchor; + + // Find all markdown headings in the content + const headingRegex = /^#{1,6}\s+(.+)$/gm; + let match; + while ((match = headingRegex.exec(content)) !== null) { + const actualHeading = match[1].trim(); + const slug = headingToAnchorSlug(actualHeading); + if (slug === cleanAnchor.toLowerCase()) { + return true; + } + } + return false; +} + +// Function to resolve markdown file path +function resolveMarkdownPath(sourceFile, linkUrl) { + const sourceDir = path.dirname(sourceFile); + let targetPath; + + // Remove anchor fragment if present + const urlWithoutAnchor = linkUrl.split('#')[0]; + + if (urlWithoutAnchor.startsWith('/docs/')) { + // Remove the /docs/ prefix and resolve from DOCS_DIR + targetPath = path.join(DOCS_DIR, urlWithoutAnchor.substring('/docs/'.length)); + } else if (urlWithoutAnchor.startsWith('/')) { + // Absolute path from docs root - remove the leading slash + targetPath = path.join(DOCS_DIR, urlWithoutAnchor.substring(1)); + } else { + // Relative path + targetPath = path.join(sourceDir, urlWithoutAnchor); + } + + // Normalize the path + targetPath = path.normalize(targetPath); + + // If the target doesn't have .md extension, try adding it + if (!targetPath.endsWith('.md')) { + const withExtension = targetPath + '.md'; + if (fs.existsSync(withExtension)) { + return withExtension; + } + } + + return targetPath; +} + +// Function to check if markdown file exists and heading is valid +function checkMarkdownExists(sourceFile, linkUrl) { + const targetPath = resolveMarkdownPath(sourceFile, linkUrl); + + // Check if the file exists + if (!fs.existsSync(targetPath)) { + return false; + } + + // If it's a directory, check for index.md + if (fs.statSync(targetPath).isDirectory()) { + const indexPath = path.join(targetPath, 'index.md'); + if (fs.existsSync(indexPath)) { + // Check heading in index.md if there's an anchor + const anchor = linkUrl.split('#')[1]; + if (anchor) { + const content = fs.readFileSync(indexPath, 'utf8'); + return checkHeadingExists(content, anchor); + } + return true; + } + return false; + } + + // Check heading in the file if there's an anchor + const anchor = linkUrl.split('#')[1]; + if (anchor) { + const content = fs.readFileSync(targetPath, 'utf8'); + return checkHeadingExists(content, anchor); + } + + return true; +} + +// Function to get relative path from docs directory +function getRelativePath(fullPath) { + return path.relative(DOCS_DIR, fullPath); +} + +// Main function +function checkMarkdownLinks() { + // Validate target folder if specified + if (targetFolder && !fs.existsSync(SCAN_DIR)) { + console.error(`❌ Error: Folder '${targetFolder}' not found in docs directory`); + console.error(` Expected: ${SCAN_DIR}`); + process.exit(1); + } + + const folderDescription = targetFolder ? `folder '${targetFolder}'` : 'entire docs folder'; + console.log(`🔍 Scanning ${folderDescription} for markdown file links...`); + + const markdownFiles = findMarkdownFiles(SCAN_DIR); + console.log(`📁 Found ${markdownFiles.length} markdown files\n`); + + let totalBrokenLinks = 0; + let filesWithBrokenLinks = 0; + + for (const filePath of markdownFiles) { + const content = fs.readFileSync(filePath, 'utf8'); + const markdownLinks = extractMarkdownLinks(content); + + if (markdownLinks.length === 0) continue; + + const brokenLinks = []; + + for (const link of markdownLinks) { + if (!checkMarkdownExists(filePath, link.linkUrl)) { + const targetPath = resolveMarkdownPath(filePath, link.linkUrl); + brokenLinks.push({ + ...link, + targetPath + }); + } + } + + if (brokenLinks.length > 0) { + filesWithBrokenLinks++; + totalBrokenLinks += brokenLinks.length; + + console.log(`❌ ${getRelativePath(filePath)} (${brokenLinks.length} broken links):`); + + for (const brokenLink of brokenLinks) { + console.log(` Line ${brokenLink.lineNumber}: [${brokenLink.linkText}](${brokenLink.linkUrl})`); + console.log(` Expected: ${brokenLink.targetPath}`); + console.log(''); + } + } + } + + // Summary + console.log('='.repeat(60)); + console.log('📊 SUMMARY:'); + console.log(`📁 Total markdown files scanned: ${markdownFiles.length}`); + console.log(`❌ Files with broken links: ${filesWithBrokenLinks}`); + console.log(`🔗 Total broken links: ${totalBrokenLinks}`); + + if (totalBrokenLinks === 0) { + console.log('✅ All markdown links are valid!'); + } else { + console.log('⚠️ Please fix the broken links above.'); + } +} + +// Show usage if help is requested +function showUsage() { + console.log('Usage: node check-md-links.js [folder]'); + console.log(''); + console.log('Arguments:'); + console.log(' folder Optional: Specific subfolder within docs to check'); + console.log(' (e.g., "accessanalyzer" to check docs/accessanalyzer/)'); + console.log(''); + console.log('Examples:'); + console.log(' node check-md-links.js # Check entire docs folder'); + console.log(' node check-md-links.js accessanalyzer # Check only accessanalyzer folder'); + console.log(' node check-md-links.js 1secure # Check only 1secure folder'); + console.log(''); + console.log('Note: This script checks internal markdown file links only.'); + console.log(' External URLs, images, and anchors are ignored.'); +} + +// Run the script +if (require.main === module) { + try { + // Show help if requested + if (args.includes('--help') || args.includes('-h')) { + showUsage(); + process.exit(0); + } + + checkMarkdownLinks(); + } catch (error) { + console.error('❌ Error:', error.message); + process.exit(1); + } +} + +module.exports = { checkMarkdownLinks, findMarkdownFiles, extractMarkdownLinks, checkMarkdownExists }; \ No newline at end of file diff --git a/scripts/fix-images.js b/scripts/fix-images.js new file mode 100644 index 0000000000..2e2fbefe68 --- /dev/null +++ b/scripts/fix-images.js @@ -0,0 +1,318 @@ +#!/usr/bin/env node + +/** + * fix-images.js + * + * Interactive CLI tool to fix both product folder mismatches and path alignment mismatches in image links. + * + * Usage: + * node scripts/fix-images.js [--case=product|path] + * (default: both cases) + */ + +const fs = require('fs'); +const path = require('path'); +const readline = require('readline'); +const { spawn } = require('child_process'); + +// ANSI color codes +const colors = { + reset: '\x1b[0m', + bold: '\x1b[1m', + cyan: '\x1b[36m', + yellow: '\x1b[33m', + green: '\x1b[32m', + gray: '\x1b[90m', + red: '\x1b[31m', +}; + +function walkDir(dir, ext, fileList = []) { + const files = fs.readdirSync(dir); + for (const file of files) { + const fullPath = path.join(dir, file); + const stat = fs.statSync(fullPath); + if (stat.isDirectory()) { + walkDir(fullPath, ext, fileList); + } else if (file.endsWith(ext)) { + fileList.push(fullPath); + } + } + return fileList; +} + +function findImageLinks(mdContent) { + // Matches ![alt](path) or ![](path) + const regex = /!\[[^\]]*\]\(([^)]+)\)/g; + let match; + const results = []; + while ((match = regex.exec(mdContent)) !== null) { + results.push({ + link: match[0], + path: match[1], + index: match.index, + }); + } + return results; +} + +function getContextLines(mdContent, index, numLines = 2) { + const lines = mdContent.split('\n'); + let charCount = 0; + let lineNum = 0; + for (; lineNum < lines.length; lineNum++) { + charCount += lines[lineNum].length + 1; + if (charCount > index) break; + } + const start = Math.max(0, lineNum - numLines); + const end = Math.min(lines.length, lineNum + numLines + 1); + return lines.slice(start, end).join('\n'); +} + +function promptUser(question) { + const rl = readline.createInterface({ input: process.stdin, output: process.stdout }); + return new Promise(resolve => rl.question(question, ans => { rl.close(); resolve(ans); })); +} + +function openImage(filePath) { + const platform = process.platform; + let cmd, args; + if (platform === 'win32') { + cmd = 'cmd'; + args = ['/c', 'start', '""', filePath]; + } else if (platform === 'darwin') { + cmd = 'open'; + args = [filePath]; + } else { + cmd = 'xdg-open'; + args = [filePath]; + } + spawn(cmd, args, { stdio: 'ignore', detached: true }).unref(); +} + +function getProductFolderFromImgPath(imgPath) { + // Extract product folder from /img/product_docs//... + const norm = imgPath.replace(/\\/g, '/'); + const m = norm.match(/(?:^|\/)img\/product_docs\/([^/]+\/[^/]+)\//); + return m ? m[1] : null; +} + +function pathHasProductFolder(imgPath, productFolder) { + // Normalize and check if productFolder is in the path after /img/product_docs/ + const norm = imgPath.replace(/\\/g, '/'); + return norm.includes('/img/product_docs/' + productFolder + '/') || norm.includes('img/product_docs/' + productFolder + '/'); +} + +function getExpectedImagePath(productFolder, mdFile, origImgPath) { + // Support /img/product_docs//, img/product_docs//, or static/img/product_docs// + const normImgPath = origImgPath.replace(/\\/g, '/'); + const prefixes = [ + '/img/product_docs/' + productFolder + '/', + 'img/product_docs/' + productFolder + '/', + 'static/img/product_docs/' + productFolder + '/', + ]; + const prefix = prefixes.find(p => normImgPath.startsWith(p)); + if (!prefix) return null; + // Get the relative path of the md file (excluding filename) + const mdRelPath = path.relative(path.join('docs', productFolder), mdFile).replace(/\\/g, '/'); + const mdRelDir = path.dirname(mdRelPath); + const imgFileName = path.basename(normImgPath); + const expected = prefix + (mdRelDir === '.' ? '' : mdRelDir + '/') + imgFileName; + return expected; +} + +function isProductFolderMismatch(productFolder, imgPath) { + // True if the product folder in the image path does not match the input + const found = getProductFolderFromImgPath(imgPath); + return found && found !== productFolder; +} + +function isPathAlignmentMismatch(productFolder, mdFile, imgPath) { + const normImgPath = imgPath.replace(/\\/g, '/'); + const prefixes = [ + '/img/product_docs/' + productFolder + '/', + 'img/product_docs/' + productFolder + '/', + 'static/img/product_docs/' + productFolder + '/', + ]; + const prefix = prefixes.find(p => normImgPath.startsWith(p)); + if (!prefix) return false; + // Get the subpath after product folder (excluding filename) + const imgSubPath = path.dirname(normImgPath.slice(prefix.length)); + const mdRelPath = path.relative(path.join('docs', productFolder), mdFile).replace(/\\/g, '/'); + const mdRelDir = path.dirname(mdRelPath); + // If subpath does not match mdRelDir, it's a mismatch + return imgSubPath !== mdRelDir; +} + +function getCandidateImagePaths(productFolder, mdFile, origImgPath) { + // Suggest: /// and _1, _2, etc. + const prefixes = [ + '/img/product_docs/', + 'img/product_docs/', + 'static/img/product_docs/', + ]; + const prefix = prefixes.find(p => origImgPath.replace(/\\/g, '/').startsWith(p)); + if (!prefix) return []; + const baseDir = prefix + productFolder; + const mdRelPath = path.relative(path.join('docs', productFolder), mdFile).replace(/\\/g, '/'); + const imgFileName = path.basename(origImgPath); + const prefixName = imgFileName.replace(/(\.[^.]+)$/, ''); + const ext = path.extname(imgFileName); + let currDir = path.dirname(mdRelPath); + while (true) { + const parentDir = baseDir + (currDir === '.' ? '' : '/' + currDir); + const parentDirFs = path.join('static', parentDir.replace(/^\/?img\//, 'img/').replace(/^\/?/, '')); + let found = []; + if (fs.existsSync(parentDirFs)) { + const files = fs.readdirSync(parentDirFs); + // Find all files matching basename and basename_# + files.forEach(f => { + if ( + (f === imgFileName || + (f.startsWith(prefixName + '_') && f.endsWith(ext) && /^_\d+/.test(f.slice(prefixName.length)))) + ) { + found.push((parentDir + '/' + f).replace(/\\/g, '/').replace(/\/\//g, '/')); + } + }); + } + if (found.length > 0) { + // Return all matches at this level only + return [...new Set(found)]; + } + if (currDir === '' || currDir === '.' || currDir === path.sep) break; + currDir = path.dirname(currDir); + } + return []; +} + +async function main() { + const inputFolder = process.argv[2]; + const caseArg = process.argv.find(arg => arg.startsWith('--case=')); + const whichCase = caseArg ? caseArg.split('=')[1] : 'both'; + if (!inputFolder) { + console.error('Usage: node scripts/fix-images.js [--case=product|path]'); + process.exit(1); + } + const docsRoot = path.join('docs', inputFolder); + if (!fs.existsSync(docsRoot)) { + console.error('Folder not found:', docsRoot); + process.exit(1); + } + const mdFiles = walkDir(docsRoot, '.md'); + for (const mdFile of mdFiles) { + const mdContent = fs.readFileSync(mdFile, 'utf8'); + const links = findImageLinks(mdContent); + let newContent = mdContent; + + // Collect all changes first, then apply them in reverse order to avoid index shifting + const changes = []; + + for (const linkObj of links) { + const { link, path: imgPath, index } = linkObj; + let caseType = null; + if ((whichCase === 'both' || whichCase === 'product') && isProductFolderMismatch(inputFolder, imgPath)) { + caseType = 'product'; + } else if ((whichCase === 'both' || whichCase === 'path') && isPathAlignmentMismatch(inputFolder, mdFile, imgPath)) { + caseType = 'path'; + } else { + continue; + } + const context = getContextLines(mdContent, index, 2); + const candidates = getCandidateImagePaths(inputFolder, mdFile, imgPath); + console.log('\n---'); + console.log(`${colors.bold}${colors.cyan}File: ${mdFile}${colors.reset}`); + console.log(`${colors.gray}Context:`); + console.log(context + colors.reset); + console.log(`${colors.yellow}Original image link: ${link}${colors.reset}`); + if (caseType === 'product') { + console.log(`${colors.red}Case: Product folder mismatch${colors.reset}`); + } else if (caseType === 'path') { + console.log(`${colors.red}Case: Path alignment mismatch${colors.reset}`); + } + if (candidates.length === 0) { + console.log(colors.red, 'No suggested images found.', colors.reset); + } else if (candidates.length === 1) { + // Auto-update with the single candidate + const action = candidates[0]; + let imgFsPath = action.replace(/^\//, ''); + if (!imgFsPath.startsWith('static/')) imgFsPath = 'static/' + imgFsPath; + if (fs.existsSync(imgFsPath)) { + // Use root-relative path for markdown + const relImgPath = action.startsWith('/') ? action : '/' + action; + const newLink = link.replace(imgPath, relImgPath); + changes.push({ + originalLink: link, + newLink: newLink, + index: index + }); + console.log(`${colors.green}Automatically updated image link in file with: ${action}${colors.reset}`); + } else { + console.log(colors.red, 'Suggested image does not exist:', imgFsPath, colors.reset); + // Fallback to prompt if file doesn't exist + } + } else { + // Print suggested images if there are multiple candidates + if (candidates.length > 1) { + console.log('Suggested image(s):'); + candidates.forEach((c, i) => { + console.log(` ${colors.green}[${i + 1}] ${c}${colors.reset}`); + }); + } + let action; + while (true) { + let prompt = `\n${colors.bold}Choose an option:${colors.reset}\n`; + if (candidates.length) prompt += ' [1-' + candidates.length + '] Select a suggested image\n'; + prompt += ' [c] Enter custom path\n [s] Skip\n> '; + action = await promptUser(prompt); + if (candidates.length && /^[1-9]\d*$/.test(action) && +action >= 1 && +action <= candidates.length) { + action = candidates[+action - 1]; + } else if (action.toLowerCase() === 'c') { + action = await promptUser('Enter custom image path: '); + } else if (action.toLowerCase() === 's') { + action = null; + break; + } else { + console.log('Invalid input.'); + continue; + } + // Check if file exists (relative to static/ or root) + let imgFsPath = action.replace(/^\//, ''); + if (!imgFsPath.startsWith('static/')) imgFsPath = 'static/' + imgFsPath; + if (!fs.existsSync(imgFsPath)) { + console.log('File does not exist:', imgFsPath); + continue; + } + openImage(imgFsPath); + const confirm = await promptUser('Use this image? [y/N]: '); + if (confirm.toLowerCase() === 'y') { + // Use root-relative path for markdown + const relImgPath = action.startsWith('/') ? action : '/' + action; + const newLink = link.replace(imgPath, relImgPath); + changes.push({ + originalLink: link, + newLink: newLink, + index: index + }); + console.log('Updated image link in file.'); + break; + } else { + console.log('Not updating.'); + } + } + } + } + + // Apply all changes in reverse order to avoid index shifting + changes.sort((a, b) => b.index - a.index); + for (const change of changes) { + newContent = newContent.replace(change.originalLink, change.newLink); + } + + if (newContent !== mdContent) { + fs.writeFileSync(mdFile, newContent, 'utf8'); + console.log('File updated:', mdFile); + } + } + console.log('Done.'); +} + +main(); \ No newline at end of file diff --git a/scripts/move-and-update-links.js b/scripts/move-and-update-links.js new file mode 100644 index 0000000000..b77e269b30 --- /dev/null +++ b/scripts/move-and-update-links.js @@ -0,0 +1,148 @@ +#!/usr/bin/env node +const fs = require('fs'); +const path = require('path'); +const fse = require('fs-extra'); + +// Helper to recursively get all .md files in a directory +function getAllMarkdownFiles(dir, fileList = []) { + const files = fs.readdirSync(dir); + files.forEach(file => { + const filePath = path.join(dir, file); + const stat = fs.statSync(filePath); + if (stat.isDirectory()) { + getAllMarkdownFiles(filePath, fileList); + } else if (file.endsWith('.md')) { + fileList.push(filePath); + } + }); + return fileList; +} + +// Helper to update markdown links in a file +function updateMarkdownLinks(filePath, oldPath, newPath) { + let content = fs.readFileSync(filePath, 'utf8'); + let updated = false; + + // Convert paths to forward slashes for consistent matching + const normalizedOldPath = oldPath.replace(/\\/g, '/'); + const normalizedNewPath = newPath.replace(/\\/g, '/'); + + // Only update files that actually contain links to the old path + // Look for markdown links that contain the old path and end with .md + const escapedOldPath = normalizedOldPath.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'); + + // Match complete markdown links: [text](path/to/old/file.md) + // This regex specifically looks for markdown link syntax with the old path + const regex = new RegExp(`(\\[([^\\]]+)\\]\\()([^)]*${escapedOldPath}[^)]*\\.md)`, 'g'); + + const newContent = content.replace(regex, (match, p1, p2, p3) => { + // Double-check that this is actually a link to the old path + if (p3.includes(normalizedOldPath)) { + updated = true; + // Replace the old path with the new path in the link + const newLinkPath = p3.replace(new RegExp(escapedOldPath, 'g'), normalizedNewPath); + return `${p1}${newLinkPath}`; + } + return match; + }); + + if (updated) { + fs.writeFileSync(filePath, newContent, 'utf8'); + console.log(` Updated links in: ${filePath}`); + } + + return updated; +} + +// Main function +function main() { + // Parse command line arguments + const args = process.argv.slice(2); + let sourcePath = null; + let destPath = null; + + for (let i = 0; i < args.length; i++) { + if (args[i] === '--src' && i + 1 < args.length) { + sourcePath = args[i + 1]; + i++; + } else if (args[i] === '--dest' && i + 1 < args.length) { + destPath = args[i + 1]; + i++; + } + } + + if (!sourcePath || !destPath) { + console.error('Usage: node scripts/move-and-update-links.js --src --dest '); + process.exit(1); + } + + // Resolve paths relative to current directory + const resolvedSourcePath = path.resolve(sourcePath); + const resolvedDestPath = path.resolve(destPath); + + console.log(`Source: ${resolvedSourcePath}`); + console.log(`Destination: ${resolvedDestPath}`); + + // Check if source directory exists + if (!fs.existsSync(resolvedSourcePath)) { + console.error(`Error: Source directory does not exist: ${resolvedSourcePath}`); + process.exit(1); + } + + // Check if source is a directory + const sourceStat = fs.statSync(resolvedSourcePath); + if (!sourceStat.isDirectory()) { + console.error(`Error: Source is not a directory: ${resolvedSourcePath}`); + process.exit(1); + } + + // Safety check: prevent moving a directory into itself or its parent + if (resolvedSourcePath === resolvedDestPath || resolvedDestPath.startsWith(resolvedSourcePath + path.sep)) { + console.error('Error: Cannot move a directory into itself or its parent'); + process.exit(1); + } + + try { + // Move contents from source to destination + const sourceItems = fs.readdirSync(resolvedSourcePath); + console.log(`Found ${sourceItems.length} items to move in source directory`); + + sourceItems.forEach(item => { + const sourceItemPath = path.join(resolvedSourcePath, item); + const destItemPath = path.join(resolvedDestPath, item); + + if (fs.existsSync(destItemPath)) { + console.log(`Warning: ${destItemPath} already exists, will overwrite`); + } + + fse.moveSync(sourceItemPath, destItemPath, { overwrite: true }); + console.log(`Moved ${sourceItemPath} to ${destItemPath}`); + }); + + // Remove the now-empty source directory + fs.rmdirSync(resolvedSourcePath); + console.log(`Removed empty source directory: ${resolvedSourcePath}`); + + // Update markdown links + console.log('Updating markdown links...'); + const docsDir = path.resolve('docs'); + const markdownFiles = getAllMarkdownFiles(docsDir); + console.log(`Found ${markdownFiles.length} markdown files to check`); + + let updatedFilesCount = 0; + markdownFiles.forEach(filePath => { + if (updateMarkdownLinks(filePath, sourcePath, destPath)) { + updatedFilesCount++; + } + }); + + console.log(`Updated markdown links in ${updatedFilesCount} files under docs/.`); + + } catch (error) { + console.error('Error:', error.message); + process.exit(1); + } +} + +// Run the script +main(); \ No newline at end of file diff --git a/scripts/move-images-and-update-links.js b/scripts/move-images-and-update-links.js new file mode 100644 index 0000000000..81aa4e2d4d --- /dev/null +++ b/scripts/move-images-and-update-links.js @@ -0,0 +1,137 @@ +#!/usr/bin/env node +"use strict"; +const fs = require("fs"); +const path = require("path"); + +// --- Argument Parsing --- +const args = process.argv.slice(2); +function getArg(flag, def) { + const idx = args.indexOf(flag); + if (idx !== -1 && args[idx + 1]) return args[idx + 1]; + return def; +} +const SRC_BASE = getArg("--src"); +const DEST_BASE = getArg("--dest"); +const DOCS_BASE = "docs"; // Always use 'docs' as the docs root +if (!SRC_BASE || !DEST_BASE) { + console.error("Usage: node move-images-and-update-links.js --src --dest "); + process.exit(1); +} + +const IMAGE_EXTENSIONS = [".png", ".jpg", ".jpeg", ".gif", ".svg", ".webp", ".bmp", ".tiff", ".ico"]; + +// --- 1. Move Images --- +function walkDir(dir, fileList = [], skipDir = null) { + const files = fs.readdirSync(dir); + for (const file of files) { + const fullPath = path.join(dir, file); + const stat = fs.statSync(fullPath); + if (stat.isDirectory()) { + if (skipDir && path.resolve(fullPath) === path.resolve(skipDir)) continue; + walkDir(fullPath, fileList, skipDir); + } else { + fileList.push(fullPath); + } + } + return fileList; +} +function moveImages() { + const allFiles = walkDir(SRC_BASE); + let moved = 0; + for (const srcFile of allFiles) { + const ext = path.extname(srcFile).toLowerCase(); + if (!IMAGE_EXTENSIONS.includes(ext)) continue; + const relPath = path.relative(SRC_BASE, srcFile); + const destFile = path.join(DEST_BASE, relPath); + fs.mkdirSync(path.dirname(destFile), { recursive: true }); + fs.renameSync(srcFile, destFile); + moved++; + console.log(`Moved: ${srcFile} -> ${destFile}`); + } + console.log(`\n${moved} image(s) moved.\n`); +} + +// --- 2. Delete Empty Folders --- +function deleteEmptyDirs(dir, skipDir = null) { + if (skipDir && path.resolve(dir) === path.resolve(skipDir)) return false; + if (!fs.existsSync(dir)) return false; + if (!fs.statSync(dir).isDirectory()) return false; + const files = fs.readdirSync(dir); + let allGone = true; + for (const file of files) { + const fullPath = path.join(dir, file); + if (fs.statSync(fullPath).isDirectory()) { + const childGone = deleteEmptyDirs(fullPath, skipDir); + if (!childGone) allGone = false; + } else { + allGone = false; + } + } + if (allGone) { + fs.rmdirSync(dir); + console.log(`Deleted empty folder: ${dir}`); + return true; + } + return false; +} +function cleanEmptyFolders() { + let deleted = 0; + for (const file of fs.readdirSync(SRC_BASE)) { + const fullPath = path.join(SRC_BASE, file); + if (path.resolve(fullPath) === path.resolve(DEST_BASE)) continue; + if (fs.statSync(fullPath).isDirectory()) { + if (deleteEmptyDirs(fullPath, DEST_BASE)) deleted++; + } + } + console.log(`\n${deleted} empty folder(s) deleted.\n`); +} + +// --- 3. Update Markdown Links --- +function walkMarkdownFiles(dir, fileList = []) { + const files = fs.readdirSync(dir); + for (const file of files) { + const fullPath = path.join(dir, file); + const stat = fs.statSync(fullPath); + if (stat.isDirectory()) { + walkMarkdownFiles(fullPath, fileList); + } else if (file.endsWith(".md")) { + fileList.push(fullPath); + } + } + return fileList; +} +function updateImageLinks() { + // Always use paths relative to 'static' for markdown links + function stripStaticPrefix(p) { + return p.replace(/^static[\/]/, '').replace(/\\/g, '/'); + } + const relSrc = stripStaticPrefix(SRC_BASE); + const relDest = stripStaticPrefix(DEST_BASE); + // Regex: match links like (/relSrc/...) or (relSrc/...) (with or without leading slash) + const regex = new RegExp(`(\\()/?${relSrc.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}/`, "g"); + const mdFiles = walkMarkdownFiles(DOCS_BASE); + let updatedFiles = 0; + for (const filePath of mdFiles) { + let content = fs.readFileSync(filePath, "utf8"); + let updated = false; + content = content.replace(regex, (match, p1) => { + updated = true; + return `${p1}/${relDest}/`.replace(/\/\//g, '/'); + }); + if (updated) { + fs.writeFileSync(filePath, content, "utf8"); + console.log(`Updated: ${filePath}`); + updatedFiles++; + } + } + console.log(`\n${updatedFiles} markdown file(s) updated.\n`); +} + +// --- Main --- +console.log(`Moving images from ${SRC_BASE} to ${DEST_BASE} ...`); +moveImages(); +console.log(`Cleaning up empty folders in ${SRC_BASE} ...`); +cleanEmptyFolders(); +console.log(`Updating markdown links in ${DOCS_BASE} ...`); +updateImageLinks(); +console.log("\nAll done!"); \ No newline at end of file diff --git a/scripts/update-image-links.js b/scripts/update-image-links.js new file mode 100644 index 0000000000..6409f07cd0 --- /dev/null +++ b/scripts/update-image-links.js @@ -0,0 +1,574 @@ +const fs = require('fs'); +const path = require('path'); +const readline = require('readline'); + +// Get command line arguments +const args = process.argv.slice(2); +const targetFolder = args[0]; // First argument is the folder to check + +// Configuration +const DOCS_DIR = path.join(__dirname, '..', 'docs'); +const STATIC_DIR = path.join(__dirname, '..', 'static'); +const IMAGE_EXTENSIONS = ['.jpg', '.jpeg', '.png', '.gif', '.webp', '.svg', '.bmp', '.tiff']; + +// Validate input +if (!targetFolder) { + console.error('❌ Error: Please provide a folder name as an argument'); + console.log(''); + console.log('Usage: node update-image-links.js '); + console.log(''); + console.log('Examples:'); + console.log(' node update-image-links.js accessanalyzer/12.0'); + console.log(' node update-image-links.js 1secure'); + console.log(' node update-image-links.js activitymonitor/8.0'); + process.exit(1); +} + +// Determine the directory to scan +const SCAN_DIR = path.join(DOCS_DIR, targetFolder); + +// Function to recursively find all .md files +function findMarkdownFiles(dir) { + const files = []; + + function scanDirectory(currentDir) { + const items = fs.readdirSync(currentDir); + + for (const item of items) { + const fullPath = path.join(currentDir, item); + const stat = fs.statSync(fullPath); + + if (stat.isDirectory()) { + scanDirectory(fullPath); + } else if (path.extname(item).toLowerCase() === '.md') { + files.push(fullPath); + } + } + } + + scanDirectory(dir); + return files; +} + +// Function to extract image links from markdown content +function extractImageLinks(content) { + const imageRegex = /!\[([^\]]*)\]\(([^)]+)\)/g; + const links = []; + let match; + + while ((match = imageRegex.exec(content)) !== null) { + const altText = match[1]; + const imagePath = match[2].trim(); + + // Skip if the path contains obvious malformed characters or is too short + if (imagePath.length < 3 || imagePath.includes('<') || imagePath.includes('>')) { + continue; + } + + // Skip external URLs (http/https) + if (imagePath.startsWith('http://') || imagePath.startsWith('https://')) { + continue; + } + + // Skip data URLs + if (imagePath.startsWith('data:')) { + continue; + } + + links.push({ + altText, + imagePath, + lineNumber: content.substring(0, match.index).split('\n').length, + matchIndex: match.index, + fullMatch: match[0] + }); + } + + return links; +} + +// Function to check if image link should be updated +function shouldUpdateImageLink(imagePath, targetFolder) { + // Remove leading slash if present + const cleanPath = imagePath.startsWith('/') ? imagePath.substring(1) : imagePath; + + // Check if it's a product_docs link + if (!cleanPath.startsWith('img/product_docs/')) { + return false; + } + + // Extract the product name from the path + const pathParts = cleanPath.split('/'); + if (pathParts.length < 3) { + return false; + } + + const productName = pathParts[2]; // img/product_docs/[productName]/... + + // Extract the expected product name from target folder + const targetParts = targetFolder.split('/'); + const expectedProductName = targetParts[0]; // accessanalyzer/12.0 -> accessanalyzer + + // Check if the product name doesn't match + return productName !== expectedProductName; +} + +function getAllSubfolderCombinations(folders) { + // Returns all possible order-preserving subfolder combinations (including skipping some) + const results = []; + const n = folders.length; + for (let i = 1; i <= n; i++) { + for (let start = 0; start <= n - i; start++) { + results.push(folders.slice(start, start + i)); + } + } + return results; +} + +function getPossibleImagePaths(imageFilename, product, version, mdSubfolders, imgSubfolders) { + // Try all combinations of mdSubfolders, imgSubfolders, and their concatenations + const combos = []; + // 1. Just mdSubfolders + combos.push(mdSubfolders); + // 2. Just imgSubfolders + combos.push(imgSubfolders); + // 3. mdSubfolders + imgSubfolders + combos.push([...mdSubfolders, ...imgSubfolders]); + // 4. imgSubfolders + mdSubfolders + combos.push([...imgSubfolders, ...mdSubfolders]); + // 5. All sub-combinations of mdSubfolders + combos.push(...getAllSubfolderCombinations(mdSubfolders)); + // 6. All sub-combinations of imgSubfolders + combos.push(...getAllSubfolderCombinations(imgSubfolders)); + // 7. All sub-combinations of md+img + combos.push(...getAllSubfolderCombinations([...mdSubfolders, ...imgSubfolders])); + // 8. All sub-combinations of img+md + combos.push(...getAllSubfolderCombinations([...imgSubfolders, ...mdSubfolders])); + // Remove duplicates + const seen = new Set(); + const uniqueCombos = combos.filter(arr => { + const key = arr.join('/'); + if (seen.has(key)) return false; + seen.add(key); + return true; + }); + // Build possible paths + return uniqueCombos.map(subfolders => { + const parts = ['img', 'product_docs', product]; + if (version) parts.push(version); + parts.push(...subfolders); + parts.push(imageFilename); + return '/' + parts.join('/'); + }); +} + +function getAllInsertPositions(arr, toInsert) { + // Returns all arrays formed by inserting toInsert at every possible position in arr + const results = []; + for (let i = 0; i <= arr.length; i++) { + results.push([...arr.slice(0, i), ...toInsert, ...arr.slice(i)]); + } + return results; +} + +function getAllValidImagePaths(imageFilename, product, version, mdSubfolders, imgSubfolders) { + const candidates = []; + // 1. Just imgSubfolders + candidates.push(imgSubfolders); + // 2. Insert mdSubfolders at every position in imgSubfolders + candidates.push(...getAllInsertPositions(imgSubfolders, mdSubfolders)); + // Remove duplicates + const seen = new Set(); + const uniqueCombos = candidates.filter(arr => { + const key = arr.join('/'); + if (seen.has(key)) return false; + seen.add(key); + return true; + }); + // Build possible paths + return uniqueCombos.map(subfolders => { + const parts = ['img', 'product_docs', product]; + if (version) parts.push(version); + parts.push(...subfolders); + parts.push(imageFilename); + return '/' + parts.join('/'); + }); +} + +function generateCorrectedPath(imagePath, targetFolder, filePath) { + // Remove leading slash if present + const cleanPath = imagePath.startsWith('/') ? imagePath.substring(1) : imagePath; + const pathParts = cleanPath.split('/'); + const targetParts = targetFolder.split('/'); + const correctProductName = targetParts[0]; + const correctVersion = targetParts.length > 1 ? targetParts[1] : null; + // Get the relative path of the markdown file after product/version + const fileRelToProduct = path.relative(path.join(DOCS_DIR, targetFolder), filePath); + const mdSubfolders = fileRelToProduct.split(path.sep).slice(0, -1); // remove filename + const imageFilename = pathParts[pathParts.length - 1]; + // Try all subfolder levels (from most specific to least) + const validPaths = []; + for (let i = mdSubfolders.length; i >= 0; i--) { + const parts = ['img', 'product_docs', correctProductName]; + if (correctVersion) parts.push(correctVersion); + parts.push(...mdSubfolders.slice(0, i)); + parts.push(imageFilename); + const suggestedPath = '/' + parts.join('/'); + if (checkImageExistsInStatic(suggestedPath)) { + validPaths.push(suggestedPath); + } + } + if (validPaths.length > 0) { + return validPaths; + } + // If not found, return null to indicate no valid suggestion + return null; +} + +// Function to check if an image exists at a given path in the static folder +function checkImageExistsInStatic(imagePath) { + // Remove leading slash if present + const cleanPath = imagePath.startsWith('/') ? imagePath.substring(1) : imagePath; + const fullPath = path.join(STATIC_DIR, cleanPath); + return fs.existsSync(fullPath); +} + +// Function to update image links in content +function updateImageLinks(content, targetFolder) { + const imageRegex = /!\[([^\]]*)\]\(([^)]+)\)/g; + let updatedContent = content; + const updates = []; + + // Use replace with a function to handle the replacements properly + updatedContent = updatedContent.replace(imageRegex, (match, altText, imagePath) => { + // Skip if the path contains obvious malformed characters or is too short + if (imagePath.length < 3 || imagePath.includes('<') || imagePath.includes('>')) { + return match; + } + + // Skip external URLs (http/https) + if (imagePath.startsWith('http://') || imagePath.startsWith('https://')) { + return match; + } + + // Skip data URLs + if (imagePath.startsWith('data:')) { + return match; + } + + // Check if this link should be updated + if (shouldUpdateImageLink(imagePath, targetFolder)) { + const correctedPaths = generateCorrectedPath(imagePath, targetFolder, filePath); + // Only update if the image exists at the new location + if (correctedPaths && correctedPaths.length > 0) { + const newMatch = `![${altText}](${correctedPaths[0]})`; + updates.push({ + oldPath: imagePath, + newPath: correctedPaths[0], + updated: true + }); + return newMatch; + } else { + updates.push({ + oldPath: imagePath, + newPath: correctedPaths, + updated: false + }); + return match; // Do not update if image does not exist + } + } + + return match; + }); + + return { updatedContent, updates }; +} + +// Main function +function updateImageLinksInFolder() { + // Validate target folder + if (!fs.existsSync(SCAN_DIR)) { + console.error(`❌ Error: Folder '${targetFolder}' not found in docs directory`); + console.error(` Expected: ${SCAN_DIR}`); + process.exit(1); + } + + console.log(`🔍 Scanning folder '${targetFolder}' for markdown files...`); + + const markdownFiles = findMarkdownFiles(SCAN_DIR); + console.log(`📁 Found ${markdownFiles.length} markdown files\n`); + + let totalFilesUpdated = 0; + let totalLinksUpdated = 0; + + for (const filePath of markdownFiles) { + const content = fs.readFileSync(filePath, 'utf8'); + const { updatedContent, updates } = updateImageLinks(content, targetFolder); + + if (updates.length > 0) { + // Write the updated content back to the file if any links were updated + if (updates.some(u => u.updated)) { + fs.writeFileSync(filePath, updatedContent, 'utf8'); + } + + const relPath = path.relative(DOCS_DIR, filePath); + const updatedCount = updates.filter(u => u.updated).length; + const skippedCount = updates.filter(u => !u.updated).length; + if (updatedCount > 0) { + console.log(`✅ ${relPath} (${updatedCount} links updated):`); + for (const update of updates.filter(u => u.updated)) { + console.log(` Old: ${update.oldPath}`); + console.log(` New: ${update.newPath}`); + console.log(''); + } + } + if (skippedCount > 0) { + console.log(`⚠️ ${relPath} (${skippedCount} links skipped - image not found):`); + for (const update of updates.filter(u => !u.updated)) { + console.log(` Old: ${update.oldPath}`); + console.log(` Intended: ${update.newPath}`); + console.log(''); + } + } + + totalFilesUpdated++; + totalLinksUpdated += updates.length; + } + } + + // Summary + console.log('='.repeat(60)); + console.log('📊 SUMMARY:'); + console.log(`📁 Total markdown files scanned: ${markdownFiles.length}`); + console.log(`✅ Files updated: ${totalFilesUpdated}`); + console.log(`🔗 Total links updated: ${totalLinksUpdated}`); + + if (totalLinksUpdated === 0) { + console.log('✅ All image links are already correct!'); + } else { + console.log('✅ Image links have been updated successfully.'); + } +} + +// Show usage if help is requested +function showUsage() { + console.log('Usage: node update-image-links.js '); + console.log(''); + console.log('Arguments:'); + console.log(' folder Required: Specific subfolder within docs to update'); + console.log(' (e.g., "accessanalyzer/12.0" to update docs/accessanalyzer/12.0/)'); + console.log(''); + console.log('Examples:'); + console.log(' node update-image-links.js accessanalyzer/12.0'); + console.log(' node update-image-links.js 1secure'); + console.log(' node update-image-links.js activitymonitor/8.0'); + console.log(''); + console.log('This script will:'); + console.log(' 1. Scan all markdown files in the specified folder and subfolders'); + console.log(' 2. Find image links that don\'t match the expected product folder structure'); + console.log(' 3. Update them to use the correct product name and version'); + console.log(' 4. Save the changes back to the files'); +} + +// New: Function to scan and report mismatched image links +function reportMismatchedImageLinks(targetFolder) { + const markdownFiles = findMarkdownFiles(path.join(DOCS_DIR, targetFolder)); + const reportLines = []; + const targetParts = targetFolder.split('/'); + const correctProductName = targetParts[0]; + const correctVersion = targetParts.length > 1 ? targetParts[1] : null; + + // Add CSV header + reportLines.push('File,Line,Image Link'); + + for (const filePath of markdownFiles) { + const content = fs.readFileSync(filePath, 'utf8'); + const lines = content.split(/\r?\n/); + lines.forEach((line, idx) => { + // Find all image links in the line + const imageRegex = /!\[[^\]]*\]\(([^)]+)\)/g; + let match; + while ((match = imageRegex.exec(line)) !== null) { + const imagePath = match[1]; + // Only check local (not http/https) links + if (imagePath.startsWith('http://') || imagePath.startsWith('https://')) continue; + // Remove leading slash + const cleanPath = imagePath.startsWith('/') ? imagePath.substring(1) : imagePath; + const pathParts = cleanPath.split('/'); + // Check if path matches expected product/version + if ( + pathParts[0] === 'img' && + pathParts[1] === 'product_docs' && + ( + pathParts[2] !== correctProductName || + (correctVersion && pathParts[3] !== correctVersion) + ) + ) { + // Escape double quotes and commas in fields for CSV + const fileCsv = path.relative(DOCS_DIR, filePath).replace(/"/g, '""'); + const imageCsv = imagePath.replace(/"/g, '""'); + reportLines.push(`"${fileCsv}",${idx + 1},"${imageCsv}"`); + } + } + }); + } + // Write report to CSV file in root of specified folder + const reportPath = path.join(DOCS_DIR, targetFolder, 'image-link-report.csv'); + fs.writeFileSync(reportPath, reportLines.join('\n'), 'utf8'); + console.log(`\n📄 CSV report written to: ${reportPath}`); + console.log(`Total mismatched links found: ${reportLines.length - 1}`); +} + +// Replace main logic with report-only mode +if (require.main === module) { + if (!targetFolder) { + console.error('❌ Error: Please provide a folder name as an argument'); + process.exit(1); + } + reportMismatchedImageLinks(targetFolder); +} + +module.exports = { + updateImageLinksInFolder, + findMarkdownFiles, + extractImageLinks, + shouldUpdateImageLink, + generateCorrectedPath, + updateImageLinks +}; + +async function interactiveFix(targetFolder) { + const mismatches = getMismatchedLinks(targetFolder); + if (mismatches.length === 0) { + console.log('No mismatched image links found.'); + return; + } + const rl = readline.createInterface({ + input: process.stdin, + output: process.stdout + }); + let updated = 0, skipped = 0, custom = 0, quit = false; + for (const mismatch of mismatches) { + if (quit) break; + // Show 2 lines before and after for context + const content = fs.readFileSync(mismatch.filePath, 'utf8'); + const lines = content.split(/\r?\n/); + const start = Math.max(0, mismatch.lineNumber - 3); + const end = Math.min(lines.length, mismatch.lineNumber + 2); + console.log('\nFile:', path.relative(DOCS_DIR, mismatch.filePath)); + console.log('Line:', mismatch.lineNumber); + console.log('Context:'); + for (let i = start; i < end; i++) { + const prefix = (i + 1 === mismatch.lineNumber) ? '> ' : ' '; + console.log(`${prefix}${i + 1}: ${lines[i]}`); + } + console.log('Original image link:', mismatch.imagePath); + let suggestion = mismatch.suggested; + if (!suggestion) { + console.log('No valid suggested image path found.'); + } else { + console.log('Suggested:', suggestion); + } + let resolved = false; + while (!resolved) { + if (!suggestion) { + rl.setPrompt('Enter custom image path, [s]kip, [q]uit: '); + } else { + rl.setPrompt('Action? [a]ccept/[c]ustom/[s]kip/[q]uit: '); + } + await new Promise((resolve) => { + rl.prompt(); + rl.once('line', async (answer) => { + const ans = answer.trim().toLowerCase(); + if (suggestion && (ans === 'a' || ans === 'accept' || ans === '')) { + const suggestionPath = suggestion; + if (suggestionPath && checkImageExistsInStatic(suggestionPath)) { + const content = fs.readFileSync(mismatch.filePath, 'utf8'); + const newContent = content.replace(mismatch.fullMatch, mismatch.fullMatch.replace(mismatch.imagePath, suggestionPath)); + fs.writeFileSync(mismatch.filePath, newContent, 'utf8'); + console.log('✅ Updated to suggested path.'); + updated++; + resolved = true; + } else { + console.log('❌ Suggested image does not exist in static folder. Try again.'); + } + resolve(); + } else if (ans === 'c' || (!suggestion && ans !== 's' && ans !== 'q')) { + rl.question('Enter custom image path: ', (customPath) => { + const finalPath = customPath.trim(); + if (checkImageExistsInStatic(finalPath)) { + const content = fs.readFileSync(mismatch.filePath, 'utf8'); + const newContent = content.replace(mismatch.fullMatch, mismatch.fullMatch.replace(mismatch.imagePath, finalPath)); + fs.writeFileSync(mismatch.filePath, newContent, 'utf8'); + console.log('✅ Updated to custom path.'); + custom++; + resolved = true; + } else { + console.log('❌ Custom image does not exist in static folder. Try again.'); + } + resolve(); + }); + } else if (ans === 's' || ans === 'skip') { + skipped++; + resolved = true; + resolve(); + } else if (ans === 'q' || ans === 'quit') { + quit = true; + resolved = true; + resolve(); + } else { + console.log('Invalid input. Try again.'); + resolve(); + } + }); + }); + } + } + rl.close(); + console.log(`\nSummary: Updated: ${updated}, Custom: ${custom}, Skipped: ${skipped}`); +} + +function getMismatchedLinks(targetFolder) { + const markdownFiles = findMarkdownFiles(path.join(DOCS_DIR, targetFolder)); + const targetParts = targetFolder.split('/'); + const correctProductName = targetParts[0]; + const correctVersion = targetParts.length > 1 ? targetParts[1] : null; + const mismatches = []; + for (const filePath of markdownFiles) { + const content = fs.readFileSync(filePath, 'utf8'); + const lines = content.split(/\r?\n/); + lines.forEach((line, idx) => { + const imageRegex = /!\[[^\]]*\]\(([^)]+)\)/g; + let match; + while ((match = imageRegex.exec(line)) !== null) { + const imagePath = match[1]; + if (imagePath.startsWith('http://') || imagePath.startsWith('https://')) return; + const cleanPath = imagePath.startsWith('/') ? imagePath.substring(1) : imagePath; + const pathParts = cleanPath.split('/'); + if ( + pathParts[0] === 'img' && + pathParts[1] === 'product_docs' && + ( + pathParts[2] !== correctProductName || + (correctVersion && pathParts[3] !== correctVersion) + ) + ) { + mismatches.push({ + filePath, + lineNumber: idx + 1, + line, + imagePath, + matchIndex: match.index, + fullMatch: match[0], + suggested: generateCorrectedPath(imagePath, targetFolder, filePath) + }); + } + } + }); + } + return mismatches; +} + +if (require.main === module) { + interactiveFix(targetFolder); +} \ No newline at end of file diff --git a/sidebars/accessanalyzer/11.6.js b/sidebars/accessanalyzer/11.6.js index 1da1d45bfe..5ab4af3199 100644 --- a/sidebars/accessanalyzer/11.6.js +++ b/sidebars/accessanalyzer/11.6.js @@ -1,411 +1,8 @@ -// @ts-check - -/** @type {import('@docusaurus/plugin-content-docs').SidebarsConfig} */ -const sidebars = { - accessanalyzer116Sidebar: [ +module.exports = { + sidebar: [ { - type: 'doc', - id: 'index', - label: 'Access Analyzer 11.6', - }, - { - type: 'category', - label: 'Getting Started', - collapsed: false, - items: [ - 'getting-started/overview', - 'getting-started/whats-new', - 'getting-started/quick-start', - { - type: 'category', - label: 'Requirements', - items: [ - 'getting-started/requirements/system-requirements', - 'getting-started/requirements/solutions-requirements', - 'getting-started/requirements/target-requirements', - ], - }, - ], - }, - { - type: 'category', - label: 'Installation', - collapsed: true, - items: [ - 'installation/overview', - { - type: 'category', - label: 'Application', - items: [ - 'installation/application/install', - 'installation/application/upgrade', - 'installation/application/database-setup', - 'installation/application/license', - 'installation/application/first-launch', - ], - }, - { - type: 'category', - label: 'Filesystem Proxy', - items: [ - 'installation/filesystem-proxy/install', - 'installation/filesystem-proxy/upgrade', - 'installation/filesystem-proxy/configure', - 'installation/filesystem-proxy/troubleshooting', - ], - }, - { - type: 'category', - label: 'SharePoint Agent', - items: ['installation/sharepoint-agent/install', 'installation/sharepoint-agent/upgrade'], - }, - { - type: 'category', - label: 'Sensitive Data Discovery', - items: [ - 'installation/sensitive-data-discovery/install', - 'installation/sensitive-data-discovery/upgrade', - ], - }, - { - type: 'category', - label: 'Reports Configuration', - items: [ - 'installation/reports-configuration/sso-setup', - 'installation/reports-configuration/authentication', - 'installation/reports-configuration/security', - ], - }, - ], - }, - { - type: 'category', - label: 'Administration', - collapsed: true, - items: [ - 'administration/navigation', - { - type: 'category', - label: 'Settings', - items: [ - 'administration/settings/application', - 'administration/settings/connections', - 'administration/settings/storage', - 'administration/settings/notifications', - 'administration/settings/exchange', - 'administration/settings/reporting', - 'administration/settings/schedule', - 'administration/settings/service-now', - 'administration/settings/sensitive-data-criteria', - ], - }, - { - type: 'category', - label: 'Access Control', - items: [ - 'administration/access-control/role-based-access', - 'administration/access-control/rest-api', - ], - }, - { - type: 'category', - label: 'Jobs and Scheduling', - items: [ - 'administration/jobs-and-scheduling/job-management', - 'administration/jobs-and-scheduling/job-groups', - 'administration/jobs-and-scheduling/scheduling', - 'administration/jobs-and-scheduling/instant-jobs', - 'administration/jobs-and-scheduling/running-instances', - ], - }, - { - type: 'category', - label: 'Host Management', - items: [ - 'administration/host-management/discovery', - 'administration/host-management/management', - ], - }, - { - type: 'category', - label: 'Reporting', - items: [ - 'administration/reporting/create-reports', - 'administration/reporting/edit-reports', - 'administration/reporting/interactive-grids', - 'administration/reporting/tags', - ], - }, - { - type: 'category', - label: 'Maintenance', - items: [ - 'administration/maintenance/best-practices', - 'administration/maintenance/backup-recovery', - 'administration/maintenance/antivirus-exclusions', - 'administration/maintenance/troubleshooting', - 'administration/maintenance/update-passwords', - ], - }, - ], - }, - { - type: 'category', - label: 'Data Collection', - collapsed: true, - items: [ - { - type: 'category', - label: 'Active Directory', - items: ['data-collection/active-directory/configuration'], - }, - { - type: 'category', - label: 'Entra ID', - items: ['data-collection/entra-id/configuration'], - }, - { - type: 'category', - label: 'File Systems', - items: ['data-collection/file-systems/configuration'], - }, - { - type: 'category', - label: 'Exchange', - items: ['data-collection/exchange/configuration'], - }, - { - type: 'category', - label: 'Databases', - items: ['data-collection/databases/sql-server', 'data-collection/databases/mongodb'], - }, - { - type: 'category', - label: 'Cloud Platforms', - items: [ - 'data-collection/cloud-platforms/aws', - 'data-collection/cloud-platforms/box', - 'data-collection/cloud-platforms/dropbox', - ], - }, - { - type: 'category', - label: 'SharePoint', - items: ['data-collection/sharepoint/on-premises'], - }, - { - type: 'category', - label: 'Custom Collectors', - items: [ - 'data-collection/custom-collectors/powershell', - 'data-collection/custom-collectors/command-line', - 'data-collection/custom-collectors/scripting', - 'data-collection/custom-collectors/ldap', - ], - }, - ], - }, - { - type: 'category', - label: 'Analysis and Actions', - collapsed: true, - items: [ - { - type: 'category', - label: 'Analysis', - items: [ - 'analysis-and-actions/analysis/business-rules', - 'analysis-and-actions/analysis/change-detection', - 'analysis-and-actions/analysis/notifications', - 'analysis-and-actions/analysis/sql-views', - 'analysis-and-actions/analysis/scripting', - ], - }, - { - type: 'category', - label: 'Actions', - items: [ - 'analysis-and-actions/actions/active-directory', - 'analysis-and-actions/actions/file-system', - 'analysis-and-actions/actions/mailbox', - 'analysis-and-actions/actions/public-folder', - 'analysis-and-actions/actions/registry', - 'analysis-and-actions/actions/powershell', - 'analysis-and-actions/actions/survey', - 'analysis-and-actions/actions/send-mail', - 'analysis-and-actions/actions/service-now', - 'analysis-and-actions/actions/web-request', - ], - }, - ], - }, - { - type: 'category', - label: 'Solutions', - collapsed: true, - items: [ - { - type: 'category', - label: 'Active Directory', - items: [ - 'solutions/active-directory/security-assessment', - 'solutions/active-directory/inventory-reports', - 'solutions/active-directory/permissions-analysis', - 'solutions/active-directory/cleanup-operations', - 'solutions/active-directory/activity-monitoring', - 'solutions/active-directory/recommended-reports', - ], - }, - { - type: 'category', - label: 'Entra ID', - items: [ - 'solutions/entra-id/inventory-reports', - 'solutions/entra-id/group-analysis', - 'solutions/entra-id/user-analysis', - 'solutions/entra-id/recommended-reports', - ], - }, - { - type: 'category', - label: 'File Systems', - items: [ - 'solutions/file-systems/security-assessment', - 'solutions/file-systems/permissions-analysis', - 'solutions/file-systems/activity-monitoring', - 'solutions/file-systems/content-analysis', - 'solutions/file-systems/cleanup-operations', - 'solutions/file-systems/resource-based-groups', - 'solutions/file-systems/recommended-reports', - ], - }, - { - type: 'category', - label: 'Exchange', - items: [ - 'solutions/exchange/mailbox-analysis', - 'solutions/exchange/public-folder-analysis', - 'solutions/exchange/metrics-analysis', - 'solutions/exchange/distribution-lists', - 'solutions/exchange/sensitive-data', - 'solutions/exchange/recommended-reports', - ], - }, - { - type: 'category', - label: 'SharePoint', - items: [ - 'solutions/sharepoint/permissions-analysis', - 'solutions/sharepoint/activity-monitoring', - 'solutions/sharepoint/content-analysis', - 'solutions/sharepoint/recommended-reports', - ], - }, - { - type: 'category', - label: 'Databases', - items: [ - 'solutions/databases/sql-server-analysis', - 'solutions/databases/oracle-analysis', - 'solutions/databases/mysql-analysis', - 'solutions/databases/postgresql-analysis', - 'solutions/databases/mongodb-analysis', - 'solutions/databases/db2-analysis', - 'solutions/databases/redshift-analysis', - ], - }, - { - type: 'category', - label: 'Cloud Platforms', - items: [ - 'solutions/cloud-platforms/aws-analysis', - 'solutions/cloud-platforms/box-analysis', - 'solutions/cloud-platforms/dropbox-analysis', - ], - }, - { - type: 'category', - label: 'Cross-Platform', - items: [ - 'solutions/cross-platform/anyid-integration', - 'solutions/cross-platform/nis-inventory', - ], - }, - ], - }, - { - type: 'category', - label: 'Configuration Guides', - collapsed: true, - items: [ - { - type: 'category', - label: 'Directory Services', - items: [ - 'configuration-guides/directory-services/active-directory', - 'configuration-guides/directory-services/entra-id', - ], - }, - { - type: 'category', - label: 'Storage Systems', - items: [ - 'configuration-guides/storage-systems/windows-file-systems', - 'configuration-guides/storage-systems/dell-powerscale', - 'configuration-guides/storage-systems/dell-unity', - 'configuration-guides/storage-systems/dell-celerra-vnx', - 'configuration-guides/storage-systems/netapp-7mode', - 'configuration-guides/storage-systems/netapp-cmode', - 'configuration-guides/storage-systems/hitachi', - 'configuration-guides/storage-systems/nasuni', - 'configuration-guides/storage-systems/nutanix', - 'configuration-guides/storage-systems/qumulo', - ], - }, - { - type: 'category', - label: 'Collaboration', - items: [ - 'configuration-guides/collaboration/sharepoint', - 'configuration-guides/collaboration/sharepoint-online', - 'configuration-guides/collaboration/exchange-online', - ], - }, - { - type: 'category', - label: 'StealthAudit', - items: ['configuration-guides/stealthaudit/configuration'], - }, - ], - }, - { - type: 'category', - label: 'Security and Compliance', - collapsed: true, - items: [ - { - type: 'category', - label: 'Sensitive Data Discovery', - items: [ - 'security-and-compliance/sensitive-data-discovery/criteria-editor', - 'security-and-compliance/sensitive-data-discovery/system-criteria', - 'security-and-compliance/sensitive-data-discovery/exempted-extensions', - 'security-and-compliance/sensitive-data-discovery/metadata-tags', - 'security-and-compliance/sensitive-data-discovery/supported-formats', - ], - }, - { - type: 'category', - label: 'Change-Driven Security Assessment', - items: [ - 'security-and-compliance/change-driven-security-assessment/overview', - 'security-and-compliance/change-driven-security-assessment/job-configuration', - 'security-and-compliance/change-driven-security-assessment/presentation', - ], - }, - ], + type: 'autogenerated', + dirName: '.', }, ], -}; - -module.exports = sidebars; +}; \ No newline at end of file diff --git a/sidebars/accessanalyzer/12.0.js b/sidebars/accessanalyzer/12.0.js index c442803d2c..f4e8941a40 100644 --- a/sidebars/accessanalyzer/12.0.js +++ b/sidebars/accessanalyzer/12.0.js @@ -1,260 +1,8 @@ module.exports = { - accessanalyzerSidebar: [ + sidebar: [ { - type: 'doc', - id: 'index', - label: 'Home', - }, - { - type: 'doc', - id: 'overview', - label: 'Overview', - }, - { - type: 'category', - label: 'Getting Started', - items: ['getting-started/index'], - collapsed: false, - }, - { - type: 'category', - label: 'Installation', - items: [ - 'installation/index', - 'installation/overview', - { - type: 'category', - label: 'Application', - items: [ - 'installation/application/overview', - 'installation/application/database', - 'installation/application/first-launch', - 'installation/application/other-languages', - 'installation/application/update-license', - 'installation/application/wizard', - { - type: 'category', - label: 'Reports', - items: [ - 'installation/application/reports/overview', - 'installation/application/reports/adfs', - 'installation/application/reports/disclaimer', - 'installation/application/reports/domains', - 'installation/application/reports/entra-id-sso', - 'installation/application/reports/kerberos-encryption', - 'installation/application/reports/okta', - 'installation/application/reports/secure', - 'installation/application/reports/sso', - 'installation/application/reports/timeout', - ], - }, - { - type: 'category', - label: 'Upgrade', - items: [ - 'installation/application/upgrade/overview', - 'installation/application/upgrade/solution-considerations', - 'installation/application/upgrade/wizard', - ], - }, - ], - }, - { - type: 'category', - label: 'Filesystem Proxy', - items: [ - 'installation/filesystem-proxy/overview', - 'installation/filesystem-proxy/configure-data-collector', - 'installation/filesystem-proxy/silent-install', - 'installation/filesystem-proxy/troubleshooting', - 'installation/filesystem-proxy/uninstall', - 'installation/filesystem-proxy/upgrade', - 'installation/filesystem-proxy/wizard', - ], - }, - { - type: 'category', - label: 'SharePoint Agent', - items: [ - 'installation/sharepoint-agent/overview', - 'installation/sharepoint-agent/upgrade', - 'installation/sharepoint-agent/wizard', - ], - }, - ], - }, - { - type: 'category', - label: 'Configuration', - items: [ - 'configuration/index', - 'configuration/active-directory/overview', - 'configuration/dell-celerra-vnx/overview', - 'configuration/dell-powerscale/overview', - 'configuration/dell-unity/overview', - 'configuration/entra-id/overview', - 'configuration/exchange-online/access', - 'configuration/hitachi/overview', - 'configuration/nasuni/overview', - 'configuration/netapp-7-mode/overview', - 'configuration/netapp-c-mode/overview', - 'configuration/nutanix/overview', - 'configuration/qumulo/overview', - 'configuration/sharepoint/overview', - 'configuration/sharepoint-online/overview', - 'configuration/windows-file/overview', - ], - }, - { - type: 'category', - label: 'Data Collection', - items: [ - 'data-collection/index', - 'data-collection/overview', - { - type: 'autogenerated', - dirName: 'data-collection', - }, - ], - }, - { - type: 'category', - label: 'Actions', - items: [ - 'actions/index', - 'actions/overview', - 'actions/libraries', - { - type: 'autogenerated', - dirName: 'actions', - }, - ], - }, - { - type: 'category', - label: 'Analysis', - items: [ - 'analysis/index', - 'analysis/overview', - 'analysis/auto-action', - 'analysis/sql-scripting', - 'analysis/vb-scripting', - { - type: 'autogenerated', - dirName: 'analysis', - }, - ], - }, - { - type: 'category', - label: 'Reporting', - items: [ - 'reporting/index', - 'reporting/overview', - 'reporting/cleanup', - 'reporting/create', - 'reporting/edit', - 'reporting/tags', - 'reporting/view', - { - type: 'autogenerated', - dirName: 'reporting', - }, - ], - }, - { - type: 'category', - label: 'Job Management', - items: [ - 'job-management/index', - 'job-management/overview', - 'job-management/features', - 'job-management/instantiate', - { - type: 'autogenerated', - dirName: 'job-management', - }, - ], - }, - { - type: 'category', - label: 'Host Management', - items: [ - 'host-management/index', - 'host-management/overview', - 'host-management/data-grid', - 'host-management/lists', - { - type: 'autogenerated', - dirName: 'host-management', - }, - ], - }, - { - type: 'category', - label: 'Administration', - items: [ - 'administration/index', - 'administration/overview', - { - type: 'autogenerated', - dirName: 'administration', - }, - ], - }, - { - type: 'category', - label: 'Sensitive Data Discovery', - items: [ - 'sensitive-data-discovery/index', - 'sensitive-data-discovery/overview', - 'sensitive-data-discovery/exempted-file-extensions', - 'sensitive-data-discovery/metadata-tags', - 'sensitive-data-discovery/supported-formats', - 'sensitive-data-discovery/system-criteria', - { - type: 'autogenerated', - dirName: 'sensitive-data-discovery', - }, - ], - }, - { - type: 'category', - label: 'Solutions', - items: [ - 'solutions/index', - { - type: 'autogenerated', - dirName: 'solutions', - }, - ], - }, - { - type: 'category', - label: 'Requirements', - items: [ - 'requirements/index', - 'requirements/overview', - { - type: 'autogenerated', - dirName: 'requirements', - }, - ], - }, - { - type: 'category', - label: 'CDSA', - items: ['cdsa/overview', 'cdsa/job', 'cdsa/presentation'], - }, - { - type: 'category', - label: 'Topics', - items: [ - { - type: 'autogenerated', - dirName: 'topics', - }, - ], + type: 'autogenerated', + dirName: '.', }, ], }; diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/actionproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/actionproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/actionproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/actionproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/actionselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/actionselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/actionselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/actionselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/attributescomputer.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/attributescomputer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/attributescomputer.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/attributescomputer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/attributesgroup.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/attributesgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/attributesgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/attributesgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/completionpage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/completionpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/completionpage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/completionpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/computerdetails.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/computerdetails.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/computerdetails.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/computerdetails.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/creategroups.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/creategroups.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/creategroups.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/creategroups.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/createusers.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/createusers.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/createusers.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/createusers.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/credentials.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/credentials.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/credentials.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/credentials.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/disableenablecomputers.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenablecomputers.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/disableenablecomputers.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenablecomputers.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/disableenableusers.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenableusers.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/disableenableusers.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/disableenableusers.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/groupdetails.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupdetails.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/groupdetails.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupdetails.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupmembership.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/groupmembership.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/moveobject.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/moveobject.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/moveobject.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/moveobject.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/setresetpassword.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/setresetpassword.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/setresetpassword.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/setresetpassword.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/sidhistory.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/sidhistory.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/sidhistory.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/sidhistory.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/usersdetails.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/usersdetails.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/operations/usersdetails.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/operations/usersdetails.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/target.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/target.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/target.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/target.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/activedirectory/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/activedirectory/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/action.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/action.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/action.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/action.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/appletsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/appletsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/appletsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/appletsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/changeattributes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/changeattributes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/changeattributes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/changeattributes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/destination.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/destination.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/destination.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/destination.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/environment.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/environment.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/environment.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/environment.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/operation.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/operation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/operation.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/operation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/addremovetagsboldonjames.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addremovetagsboldonjames.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/addremovetagsboldonjames.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addremovetagsboldonjames.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/addtags.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addtags.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/addtags.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/addtags.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changeowner.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeowner.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changeowner.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changeowner.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changepermissionsauditing.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissionsauditing.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changepermissionsauditing.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissionsauditing.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changepermissionsinheritance.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissionsinheritance.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changepermissionsinheritance.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changepermissionsinheritance.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changesharepermissions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changesharepermissions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/changesharepermissions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/changesharepermissions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/removefilepermissions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removefilepermissions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/removefilepermissions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removefilepermissions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/removesharepermissions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removesharepermissions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/removesharepermissions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removesharepermissions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/removetags.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removetags.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/parameters/removetags.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/parameters/removetags.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/prioractions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/prioractions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/prioractions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/prioractions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/rollback.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/rollback.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/rollback.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/rollback.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/target.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/target.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/target.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/target.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/filesystem/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/filesystem/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/libraries.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/libraries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/libraries.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/libraries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/librariescustom.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/librariescustom.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/librariescustom.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/librariescustom.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/librariescustompaste.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/librariescustompaste.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/librariescustompaste.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/librariescustompaste.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/affectedmailboxes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/affectedmailboxes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/affectedmailboxes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/affectedmailboxes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/criteriaselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/criteriaselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/criteriaselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/criteriaselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/datarangeselectionwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/datarangeselectionwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/datarangeselectionwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/datarangeselectionwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/delegaterights.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/delegaterights.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/delegaterights.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/delegaterights.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderconditions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderconditions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderconditions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderconditions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderidentification.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderidentification.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderidentification.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderidentification.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderinclusionexclusionwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderinclusionexclusionwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindownew.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderinclusionexclusionwindownew.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindownew.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderinclusionexclusionwindownew.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/foldertypewindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/foldertypewindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/foldertypewindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/foldertypewindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/folderwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/folderwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/identification.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/identification.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/identification.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/identification.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageactions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageactions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageactions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageactions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageclasseswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageclasseswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageclasseswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageclasseswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageclasseswindownew.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageclasseswindownew.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageclasseswindownew.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageclasseswindownew.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageconditions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageconditions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/messageconditions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/messageconditions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/operations.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/operations.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/operations.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/operations.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/optionswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/optionswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/optionswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/optionswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissionwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissionwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/permissionwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/permissionwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/samplinghost.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/samplinghost.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/samplinghost.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/samplinghost.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/searchtermswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/searchtermswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/searchtermswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/searchtermswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/trustedusers.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/trustedusers.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/trustedusers.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/trustedusers.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/userwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/userwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/userwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/userwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/valueswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/valueswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/valueswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/valueswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/mailbox/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/mailbox/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/addeditvariable.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/addeditvariable.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/addeditvariable.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/addeditvariable.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/executionoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/executionoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/executionoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/executionoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/script.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/script.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/script.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/script.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptcolumns.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptcolumns.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptcolumns.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptcolumns.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptinputdata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptinputdata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptinputdata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptinputdata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptparamters.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptparamters.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptparamters.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptparamters.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptrightclickoption.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptrightclickoption.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/scriptrightclickoption.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/scriptrightclickoption.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershell/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/powershell/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershellmodulewizard.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/powershellmodulewizard.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/powershellmodulewizard.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/powershellmodulewizard.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/action.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/action.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/action.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/action.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/changepermissions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/changepermissions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/changepermissions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/changepermissions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/customattributes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/customattributes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/customattributes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/customattributes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/deletefolder.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/deletefolder.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/deletefolder.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/deletefolder.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/folders.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/folders.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/folders.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/folders.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/limits.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/limits.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/limits.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/limits.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/mapisettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/mapisettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/mapisettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/mapisettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/operations.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/operations.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/operations.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/operations.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/prioractions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/prioractions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/prioractions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/prioractions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/renamefolder.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/renamefolder.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/renamefolder.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/renamefolder.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/replicas.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/replicas.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/replicas.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/replicas.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/rollback.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/rollback.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/rollback.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/rollback.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/publicfolder/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/publicfolder/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/advancedselectusersgroups.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/registry/advancedselectusersgroups.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/advancedselectusersgroups.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/registry/advancedselectusersgroups.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/choosecolumns.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/registry/choosecolumns.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/choosecolumns.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/registry/choosecolumns.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/locations.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/registry/locations.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/locations.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/registry/locations.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/objecttypes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/registry/objecttypes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/objecttypes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/registry/objecttypes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/operations.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/registry/operations.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/operations.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/registry/operations.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/registrybrowser.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/registry/registrybrowser.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/registrybrowser.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/registry/registrybrowser.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/selectusersgroups.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/registry/selectusersgroups.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/selectusersgroups.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/registry/selectusersgroups.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/registry/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/registry/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/targethosts.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/registry/targethosts.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/targethosts.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/registry/targethosts.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/registry/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/registry/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/registry/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/message.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/message.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/message.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/message.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/messagespreview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/messagespreview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/messagespreview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/messagespreview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/overview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/overview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/overview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/overview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/properties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/properties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/properties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/properties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusanalysisproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusanalysisproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusanalysisproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusanalysisproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusinputsource.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusinputsource.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusinputsource.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusinputsource.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusjoincolumns.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusjoincolumns.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusjoincolumns.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusjoincolumns.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusresultcolumns.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusresultcolumns.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusresultcolumns.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusresultcolumns.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusresultsample.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusresultsample.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusresultsample.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusresultsample.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusresulttype.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusresulttype.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/sendmail/viewstatusresulttype.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/sendmail/viewstatusresulttype.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/actionmodulexmlfile.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/actionmodulexmlfile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/actionmodulexmlfile.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/actionmodulexmlfile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/authentication.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/authentication.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/authentication.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/authentication.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/description.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/description.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/description.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/description.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/incidentcreation.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/incidentcreation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/incidentcreation.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/incidentcreation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/samplesourcedata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/samplesourcedata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/samplesourcedata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/samplesourcedata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/savetemplate.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/savetemplate.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/savetemplate.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/savetemplate.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/servicenow/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/servicenow/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/htmlstyle.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/htmlstyle.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/htmlstyle.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/htmlstyle.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/introduction.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/introduction.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/introduction.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/introduction.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/mailmessage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/mailmessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/mailmessage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/mailmessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/mailproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/mailproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/mailproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/mailproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/messagespreview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/messagespreview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/messagespreview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/messagespreview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/questions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/questions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/questions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/questions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/savesurveytemplate.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/savesurveytemplate.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/savesurveytemplate.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/savesurveytemplate.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/selectsubjects.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/selectsubjects.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/selectsubjects.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/selectsubjects.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/surveytemplate.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/surveytemplate.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/surveytemplate.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/surveytemplate.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/testsurvey.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/testsurvey.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/testsurvey.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/testsurvey.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/webserver.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/webserver.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/webserver.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/webserver.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/survey/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/survey/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/survey/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/customattributeeditor.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/customattributeeditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/customattributeeditor.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/customattributeeditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/destination.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/destination.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/destination.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/destination.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/header.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/header.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/header.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/header.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/parameters.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/parameters.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/parameters.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/parameters.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/settings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/settings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/settings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/settings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/action/webrequest/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/action/webrequest/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/analysispropertiespage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/analysispropertiespage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/analysispropertiespage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/analysispropertiespage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/analysisselectionpage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/analysisselectionpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/analysisselectionpage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/analysisselectionpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/autoaction.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/autoaction.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/autoaction.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/autoaction.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/appliesto.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/appliesto.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/appliesto.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/appliesto.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/configurescorecardaction.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/configurescorecardaction.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/configurescorecardaction.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/configurescorecardaction.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/editconditionsform.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/editconditionsform.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/editconditionsform.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/editconditionsform.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/jobvariablestsv.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/jobvariablestsv.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/jobvariablestsv.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/jobvariablestsv.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/logic.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/logic.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/logic.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/logic.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/sampledataviewer.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/sampledataviewer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/sampledataviewer.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/sampledataviewer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/sqlextractpreviewwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/sqlextractpreviewwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/sqlextractpreviewwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/sqlextractpreviewwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/sqlsyntaxcheck.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/sqlsyntaxcheck.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/sqlsyntaxcheck.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/sqlsyntaxcheck.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/variables.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/variables.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/businessrules/variables.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/businessrules/variables.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/additionalfields.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/additionalfields.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/additionalfields.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/additionalfields.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/fields.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/fields.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/fields.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/fields.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/input.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/input.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/input.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/input.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/inputscope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/inputscope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/inputscope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/inputscope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/resultsample.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/resultsample.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/resultsample.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/resultsample.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/uniquekey.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/uniquekey.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/uniquekey.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/uniquekey.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/changedetection/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/changedetection/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/configure.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/configure.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/configure.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/configure.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/changetype.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/changetype.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/changetype.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/changetype.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/commandline.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/commandline.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/commandline.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/commandline.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/criteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/criteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/criteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/criteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/eventlog.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/eventlog.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/eventlog.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/eventlog.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/frequency.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/frequency.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/frequency.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/frequency.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/hosts.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/hosts.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/hosts.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/hosts.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/selecttable.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/selecttable.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/selecttable.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/selecttable.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/smtp.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/smtp.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/smtp.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/smtp.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/tabletype.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/tabletype.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/tabletype.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/tabletype.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/timewindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/timewindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/timewindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/timewindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/type.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/type.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/type.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/type.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/notification/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/notification/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlscripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlscripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlscripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlscriptedittablewindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlscriptedittablewindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlscriptedittablewindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlscriptedittablewindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlscriptparameters.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlscriptparameters.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlscriptparameters.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlscriptparameters.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/columns.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/columns.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/columns.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/columns.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/examplefull.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/examplefull.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/examplefull.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/examplefull.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/examplereduced.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/examplereduced.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/examplereduced.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/examplereduced.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/examplereducedwithties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/examplereducedwithties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/examplereducedwithties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/examplereducedwithties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/export.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/export.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/export.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/export.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/filter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/filter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/filter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/filter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/input.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/input.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/input.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/input.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/inputscope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/inputscope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/inputscope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/inputscope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/joincolumns.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/joincolumns.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/joincolumns.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/joincolumns.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/resultconstraints.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultconstraints.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/resultconstraints.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultconstraints.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/resultsample.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultsample.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/resultsample.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resultsample.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/resulttype.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resulttype.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/resulttype.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/resulttype.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/timewindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/timewindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/timewindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/timewindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/sqlviewcreation/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/sqlviewcreation/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/vbscripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/admin/analysis/vbscripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/analysis/vbscripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/analysis/vbscripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/directoryscope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/directoryscope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/directoryscope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/directoryscope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/activedirectory/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/activedirectory/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/categoryremovetables.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/categoryremovetables.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/categoryremovetables.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/categoryremovetables.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/resultsremovetables.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/resultsremovetables.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/resultsremovetables.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/resultsremovetables.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adactivity/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adactivity/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addattributes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addattributes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addattributes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addattributes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adddatetime.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adddatetime.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adddatetime.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adddatetime.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addname.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addname.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addname.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addname.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addpath.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addpath.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addpath.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addpath.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addqueryfromlibrary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addqueryfromlibrary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addqueryfromlibrary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addqueryfromlibrary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addsecurityproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addsecurityproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addsecurityproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addsecurityproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addvalue.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addvalue.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/addvalue.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/addvalue.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/categoryremovetables.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/categoryremovetables.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/categoryremovetables.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/categoryremovetables.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesadd.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesadd.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesadd.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesadd.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesimportattributes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesimportattributes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesimportattributes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesimportattributes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesimportcredentials.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesimportcredentials.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesimportcredentials.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesimportcredentials.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesimportsummary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesimportsummary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/customattributesimportsummary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/customattributesimportsummary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/domains.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/domains.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/domains.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/domains.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/indexupdateoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/indexupdateoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/indexupdateoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/indexupdateoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adinventory/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adinventory/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/customfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/customfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/customfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/customfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/scope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/scope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/scope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/scope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/adpermissions/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/adpermissions/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/criteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/criteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/criteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/criteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/customfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/customfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/customfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/customfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/droptables.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/droptables.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/droptables.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/droptables.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/filters3objects.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/filters3objects.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/filters3objects.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/loginroles.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/loginroles.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/loginroles.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/selectabucket.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/selectabucket.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/selectabucket.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/selectabucket.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/sensitivedata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/sensitivedata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/sensitivedata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/sensitivedata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/aws/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/aws/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizard.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributesimportwizard.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizard.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributesimportwizard.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardschema.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributesimportwizardschema.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardschema.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributesimportwizardschema.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributewindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributewindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/customattributewindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/customattributewindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/azureadinventory/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/azureadinventory/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/activityoperation.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/activityoperation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/activityoperation.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/activityoperation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/activitytimeframe.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/activitytimeframe.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/activitytimeframe.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/activitytimeframe.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/additionalscoping.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/additionalscoping.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/additionalscoping.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/additionalscoping.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/authentication.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/authentication.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/authentication.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/authentication.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/boxlogin.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/boxlogin.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/boxlogin.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/boxlogin.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/exclusions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/exclusions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/exclusions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/exclusions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/scopebyuser.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/scopebyuser.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/scopebyuser.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/scopebyuser.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/box/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/box/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/browser.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/browser.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/browser.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/browser.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/buttonbar.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/buttonbar.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/buttonbar.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/buttonbar.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/buttonbar_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/buttonbar_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/buttonbar_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/buttonbar_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/definefields.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/definefields.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/definefields.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/definefields.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/executionoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/executionoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/executionoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/executionoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/profileparameters.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profileparameters.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/profileparameters.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profileparameters.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/profiletype.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profiletype.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/profiletype.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/profiletype.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/scripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/scripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/scripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/scripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/commandlineutility/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/commandlineutility/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/customfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/customfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/customfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/customfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/delete.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/delete.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/delete.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/delete.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/deleteattributes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/deleteattributes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/deleteattributes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/deleteattributes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/registrybrowser.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/registrybrowser.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/registrybrowser.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/registrybrowser.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/targetdisks.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/targetdisks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/targetdisks.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/targetdisks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/diskinfo/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/diskinfo/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dns/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dns/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dns/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dns/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dns/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dns/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dns/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dns/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dns/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dns/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dns/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dns/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dns/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dns/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dns/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dns/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/completion.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/completion.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/completion.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/completion.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/dlpauditsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/dlpauditsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/dlpauditsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/dlpauditsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scanoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scanoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scoping.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scoping.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/scoping.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/scoping.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/selectdlpcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/selectdlpcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/selectdlpcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/selectdlpcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/dropboxaccess/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/dropboxaccess/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/enumeratevalues.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/enumeratevalues.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/enumeratevalues.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/enumeratevalues.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/eventlogbrowser.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/eventlogbrowser.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/eventlogbrowser.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/eventlogbrowser.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/criteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/scope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/scope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/scopeselect.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scopeselect.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/scopeselect.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/scopeselect.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/sddoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/searchfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/searchfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewsmailbox/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewsmailbox/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/criteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/criteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/criteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/criteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/filter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/filter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/filterpublicfolders.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterpublicfolders.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/filterpublicfolders.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/filterpublicfolders.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/sddoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/sddoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/sddoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/sddoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/searchfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/searchfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/searchfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/searchfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/ewspublicfolder/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/ewspublicfolder/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/mapisettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/mapisettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/mapisettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/mapisettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/scope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/scope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/scope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/scope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchange2k/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchange2k/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/messageclassesfilterswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/messageclassesfilterswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/messageclassesfilterswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/messageclassesfilterswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/properties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/properties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/properties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/properties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/scope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/scope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/scopeselectedtable.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scopeselectedtable.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/scopeselectedtable.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/scopeselectedtable.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/sddcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/sddcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/sddcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/sddcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemailbox/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemailbox/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/collectmode.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/collectmode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/collectmode.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/collectmode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/messageactivityfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messageactivityfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/messageactivityfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messageactivityfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/messagesizes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messagesizes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/messagesizes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/messagesizes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/scope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/scope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/scope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/scope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/timeframes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/timeframes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/timeframes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/timeframes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangemetrics/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangemetrics/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/daterangeselectionwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/daterangeselectionwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/daterangeselectionwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/daterangeselectionwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/errorlogging.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/errorlogging.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/errorlogging.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/filtermessage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/filtermessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/filtermessage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/filtermessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/mailboxlogons.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailboxlogons.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/mailboxlogons.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailboxlogons.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/mailflow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailflow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/mailflow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/mailflow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopedatabases.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopedatabases.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopedatabases.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopedatabases.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopemailboxes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopemailboxes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopemailboxes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopemailboxes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopepublicfolders.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfolders.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopepublicfolders.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfolders.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/wordswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/wordswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangeps/wordswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangeps/wordswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/probableowner.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableowner.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/probableowner.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableowner.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/properties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/properties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/properties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/properties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/scope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/scope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/exchangepublicfolder/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/exchangepublicfolder/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/file/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/file/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/file/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/file/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/file/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/file/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/file/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/file/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/file/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/file/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/file/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/file/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/file/targetfiles.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/file/targetfiles.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/file/targetfiles.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/file/targetfiles.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/file/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/file/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/file/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/file/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/filteroptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/filteroptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/filteroptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/filteroptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/activitysettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/activitysettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/activitysettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/activitysettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettingsappletsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettingsappletsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettingsappletsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettingsappletsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/azuretenantmapping.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/azuretenantmapping.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/azuretenantmapping.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/azuretenantmapping.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/bulkimport.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/bulkimport.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/bulkimport.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/bulkimport.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/droptables.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/droptables.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/droptables.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/droptables.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/droptablesanalysistasks.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/droptablesanalysistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/droptablesanalysistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/droptablesanalysistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/hostmappingquery.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/hostmappingquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/hostmappingquery.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/hostmappingquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maintenancewizardrepair.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maintenancewizardrepair.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maintenancewizardrepair.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maintenancewizardrepair.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maintenancewizardresethosts.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maintenancewizardresethosts.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maintenancewizardresethosts.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maintenancewizardresethosts.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maintenancewizardselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maintenancewizardselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maintenancewizardselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maintenancewizardselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maualsharesquery.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maualsharesquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/maualsharesquery.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/maualsharesquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/queryselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/queryselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/queryselectionremovehostdata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselectionremovehostdata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/queryselectionremovehostdata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselectionremovehostdata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scanserverselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scanserverselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scanserverselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scanserverselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scansettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scansettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scansettings_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scansettings_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettings_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scansettingsnetapp.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettingsnetapp.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scansettingsnetapp.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scansettingsnetapp.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingconfigurationwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingconfigurationwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingconfigurationwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingconfigurationwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingoptionsopenshares.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptionsopenshares.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingoptionsopenshares.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingoptionsopenshares.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingqueries.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingqueriesopenshares.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueriesopenshares.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingqueriesopenshares.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueriesopenshares.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingqueryconfiguration.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueryconfiguration.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/scopingqueryconfiguration.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/scopingqueryconfiguration.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sddcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sddcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sddcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sddcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddelete.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddelete.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddelete.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddelete.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddeleteanalysistasks.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddeleteanalysistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddeleteanalysistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddeleteanalysistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/selecthostlists.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/selecthostlists.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/selecthostlists.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/selecthostlists.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sensitivedata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sensitivedata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/sensitivedata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/sensitivedata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/updateservice.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/updateservice.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/fsaa/updateservice.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/fsaa/updateservice.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/goto.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/goto.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/goto.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/goto.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/policieslist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/policieslist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/policieslist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/policieslist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/target.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/target.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/target.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/target.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/grouppolicy/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/grouppolicy/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/includehostname.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/includehostname.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/includehostname.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/includehostname.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/inifile/properties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/inifile/properties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/inifile/properties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/inifile/properties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/inifile/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/inifile/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/inifile/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/inifile/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/inifile/targetfiles.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/inifile/targetfiles.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/inifile/targetfiles.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/inifile/targetfiles.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/inifile/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/inifile/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/inifile/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/inifile/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/query.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/query.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/query.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/query.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/settings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/settings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/settings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/settings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/sidmappings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/sidmappings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/sidmappings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/sidmappings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nis/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nis/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/criteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/criteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/criteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/criteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/editpattern.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/editpattern.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/editpattern.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/editpattern.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/filter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/filter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/filter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/filter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/manageconnections.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/manageconnections.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/manageconnections.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/manageconnections.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/nosql/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/nosql/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/orgwildcard.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/orgwildcard.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/orgwildcard.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/orgwildcard.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/dictionaries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/dictionaries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_0.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_0.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_0.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_0.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/hibp_installation_3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/hibp_installation_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/passwordsecurity/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/passwordsecurity/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editquery.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editquery.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryinput.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryinput.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryinput.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryinput.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryinputtable.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryinputtable.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryinputtable.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryinputtable.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryparameters.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryparameters.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryparameters.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryparameters.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryvariable.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryvariable.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/editqueryvariable.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/editqueryvariable.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/selectserver.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/selectserver.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/selectserver.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/selectserver.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/powershell/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/powershell/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatafilters.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatafilters.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatafilters.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatafilters.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatafilterswithfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatafilterswithfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatafilterswithfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatafilterswithfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatasourceexisting.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatasourceexisting.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatasourceexisting.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatasourceexisting.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatasourcenew.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatasourcenew.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesdatasourcenew.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesdatasourcenew.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesgeneral.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesgeneral.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/querypropertiesgeneral.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/querypropertiesgeneral.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/queryselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/queryselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/queryselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/queryselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/rawfilteredit.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/rawfilteredit.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/rawfilteredit.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/rawfilteredit.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/removehostname.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/removehostname.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/removehostname.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/removehostname.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/rootpath.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/rootpath.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/rootpath.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/rootpath.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/properties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/properties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/properties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/properties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/querypropertiesexisting.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/querypropertiesexisting.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/querypropertiesexisting.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/querypropertiesexisting.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/querypropertiesstandalone.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/querypropertiesstandalone.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/querypropertiesstandalone.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/querypropertiesstandalone.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/vbscripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/vbscripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/script/vbscripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/script/vbscripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/selectall.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/selectall.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/selectall.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/selectall.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/servicebrowser.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/servicebrowser.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/servicebrowser.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/servicebrowser.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/choosecolumnswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/choosecolumnswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/choosecolumnswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/choosecolumnswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/collectionmethod.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/collectionmethod.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/collectionmethod.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/collectionmethod.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/criteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/criteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/criteriafilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteriafilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/criteriafilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteriafilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/criteriarecordnumber.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteriarecordnumber.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/criteriarecordnumber.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/criteriarecordnumber.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/eventlogoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/eventlogoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/eventlogoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/eventlogoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/logstate.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/logstate.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/logstate.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/logstate.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/logtype.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/logtype.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/logtype.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/logtype.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/samplehost.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/samplehost.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/samplehost.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/samplehost.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/selectcomputerwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/selectcomputerwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/targetlog.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlog.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/targetlog.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlog.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/smartlog/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/smartlog/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/activitydatescope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/activitydatescope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/activitydatescope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/activitydatescope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/activityloglocations.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/activityloglocations.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/activityloglocations.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/activityloglocations.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/additionalscoping.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/additionalscoping.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/additionalscoping.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/additionalscoping.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/agentsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/agentsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/agentsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/agentsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/bulkimportsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/customizeactivityloguncpaths.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/customizeactivityloguncpaths.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/customizeactivityloguncpaths.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/customizeactivityloguncpaths.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/datacollectionsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/datacollectionsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/datacollectionsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/datacollectionsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/dlpauditsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/dlpauditsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/dlpauditsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/dlpauditsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/droptablesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/droptablesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/droptablesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/droptablesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsexample.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptionsexample.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsexample.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptionsexample.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptionswebappurl.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptionswebappurl.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/scanscopingoptionswebappurl.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/scanscopingoptionswebappurl.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/selectdlpcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/selectdlpcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/selectdlpcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/selectdlpcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/summarypage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/summarypage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/summarypage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/summarypage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/testaccess.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccess.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/testaccess.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccess.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/testaccessbadtest.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccessbadtest.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/testaccessbadtest.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccessbadtest.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/testaccessgoodtest.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccessgoodtest.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/testaccessgoodtest.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/testaccessgoodtest.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/virtualhostscsv.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/virtualhostscsv.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/virtualhostscsv.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/virtualhostscsv.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/virtualhostshostlist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/virtualhostshostlist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/virtualhostshostlist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/virtualhostshostlist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/welcomepage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/welcomepage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/spaa/welcomepage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/spaa/welcomepage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/addcustomfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/addcustomfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/addcustomfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/addcustomfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/criteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/criteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/criteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/criteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/customqueryoracle.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/customqueryoracle.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/customqueryoracle.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/customqueryoracle.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/customsqlquery.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/customsqlquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/customsqlquery.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/customsqlquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/filter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/filter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/filter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/filter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/manageconnections.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/manageconnections.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/manageconnections.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/manageconnections.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/optionssensitivedata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/optionssensitivedata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/optionssensitivedata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/optionssensitivedata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/optionsserveraudits.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/optionsserveraudits.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/optionsserveraudits.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/optionsserveraudits.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/rowkey.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/rowkey.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/rowkey.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/rowkey.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/settings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/settings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/settings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/settings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sql/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sql/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sublevels.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sublevels.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/sublevels.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/sublevels.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/category.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/category.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/category.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/category.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/customweights.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/customweights.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/customweights.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/customweights.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/excludeusers.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/excludeusers.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/excludeusers.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/excludeusers.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/filetypes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/filetypes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/filetypes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/filetypes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/jobscope.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/jobscope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/jobscope.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/jobscope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/optionsfileshares.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/optionsfileshares.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/optionsfileshares.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/optionsfileshares.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/optionsnic.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/optionsnic.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/optionsnic.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/optionsnic.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/probableowner.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/probableowner.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/probableowner.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/probableowner.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/shareslist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/shareslist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/shareslist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/shareslist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/vipmembership.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/vipmembership.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/vipmembership.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/vipmembership.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/systeminfo/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/systeminfo/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/templateform.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/templateform.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/templateform.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/templateform.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/advancedcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/advancedcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/filterbuilder.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/filterbuilder.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/filterbuilder.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/filterbuilder.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/remotefolderexplorer.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/remotefolderexplorer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/remotefolderexplorer.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/remotefolderexplorer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/searchcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/searchcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/searchcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/searchcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/sourcefiles.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/sourcefiles.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/sourcefiles.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/sourcefiles.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/textsearch/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/textsearch/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/editscript.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/editscript.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/editscript.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/editscript.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/input.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/input.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/input.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/input.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/parsing.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/parsing.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/parsing.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/parsing.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/settings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/settings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unix/settings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unix/settings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unwildcard.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unwildcard.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/unwildcard.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/unwildcard.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/findagroup.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/findagroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/findagroup.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/findagroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/groups.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/groups.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/groups.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/groups.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/security.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/security.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/security.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/security.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/users.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/users.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/category/users.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/category/users.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/usersgroups/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/usersgroups/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wildcard.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wildcard.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wildcard.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wildcard.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/classes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/classes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/classes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/classes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/properties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/properties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/properties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/properties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/samplehost.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/samplehost.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/samplehost.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/samplehost.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/datacollector/wmicollector/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/datacollector/wmicollector/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/activities.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/activities.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/activities.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/activities.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/discoverylog.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/discoverylog.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/discoverylog.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/discoverylog.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queries.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queries.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queriesaddhiddencolumn.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queriesaddhiddencolumn.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queriesaddhiddencolumn.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queriesaddhiddencolumn.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queriescustomizationwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queriescustomizationwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queriescustomizationwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queriescustomizationwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queriesfieldchooser.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queriesfieldchooser.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/queriesfieldchooser.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/queriesfieldchooser.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/querieshiddencolumnadded.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/querieshiddencolumnadded.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/querieshiddencolumnadded.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/querieshiddencolumnadded.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/activedirectory.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/activedirectory.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/createqueryhighlighted.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/createqueryhighlighted.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/createqueryhighlighted.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/createqueryhighlighted.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/databaseimport.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/databaseimport.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/databaseimport.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/databaseimport.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/datalinkproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/datalinkproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/datalinkproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/datalinkproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/domainssites.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/domainssites.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/domainssites.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/domainssites.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/exchangeserver.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/exchangeserver.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/exchangeserver.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/exchangeserver.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/fileimport.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/fileimport.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/fileimport.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/fileimport.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/hostdiscoverywizard.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/hostdiscoverywizard.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/hostdiscoverywizard.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/hostdiscoverywizard.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory_2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory_2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory_3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory_3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory_4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory_4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory_4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory_4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory_5.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory_5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/inventory_5.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/inventory_5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/ipsweep.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/ipsweep.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/ipsweep.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/ipsweep.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options_2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options_2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options_3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options_3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options_4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options_4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options_4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options_4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options_5.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options_5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/options_5.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/options_5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query_2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query_2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query_3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query_3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query_4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query_4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query_4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query_4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query_5.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query_5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/query_5.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/query_5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source_2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source_2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source_3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source_3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source_4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source_4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source_4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source_4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source_5.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source_5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/source_5.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/source_5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary_2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary_2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary_3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary_3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary_4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary_4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary_4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary_4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary_5.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary_5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/summary_5.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/summary_5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/wizardconfirmdialog.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostdiscovery/wizard/wizardconfirmdialog.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/activitieshostmanagement.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/activitieshostmanagement.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/activitieshostmanagement.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/activitieshostmanagement.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/activitiesindividualhost.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/activitiesindividualhost.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/activitiesindividualhost.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/activitiesindividualhost.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/addhosts.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/addhosts.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/addhosts.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/addhosts.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletehost.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletehost.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletehost.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletehost.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletehostmaster.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletehostmaster.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletehostmaster.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletehostmaster.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletelist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletelist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletelist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletelist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletelistmaster.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletelistmaster.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/confirmdeletelistmaster.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/confirmdeletelistmaster.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/editlist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/editlist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/editlist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/editlist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/editquery.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/editquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/editquery.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/editquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/export.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/export.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/export.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/export.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportexamplecsv.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportexamplecsv.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportexamplecsv.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportexamplecsv.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportexamplehtml.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportexamplehtml.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportexamplehtml.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportexamplehtml.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportexamplexml.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportexamplexml.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportexamplexml.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportexamplexml.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportsaveas.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportsaveas.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/exportsaveas.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/exportsaveas.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostdetailsview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostdetailsview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostdetailsview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostdetailsview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistname.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistname.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistname.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistname.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistwizardhostentry.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistwizardhostentry.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistwizardhostentry.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistwizardhostentry.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistwizardimport.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistwizardimport.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistwizardimport.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistwizardimport.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistwizardproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistwizardproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/hostlistwizardproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/hostlistwizardproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhosts.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhosts.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhosts.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhosts.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhostscomplete.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhostscomplete.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhostscomplete.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhostscomplete.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhostscsv.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhostscsv.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhostscsv.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhostscsv.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhostsdatabase.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhostsdatabase.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importhostsdatabase.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importhostsdatabase.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocation.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocation.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocationcomplete.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocationcomplete.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocationcomplete.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocationcomplete.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocationcsv.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocationcsv.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocationcsv.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocationcsv.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocationwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocationwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/importlocationwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/importlocationwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/refreshhosts.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/refreshhosts.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/refreshhosts.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/refreshhosts.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/refreshhostsconfirm.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/refreshhostsconfirm.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/refreshhostsconfirm.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/refreshhostsconfirm.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/resumehostinventory.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/resumehostinventory.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/resumehostinventory.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/resumehostinventory.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/savecurrentview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/savecurrentview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/savecurrentview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/savecurrentview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/savetolist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/savetolist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/savetolist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/savetolist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/schedule.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedule.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/schedule.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedule.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/schedulewizardhostmanagement.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedulewizardhostmanagement.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/schedulewizardhostmanagement.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/schedulewizardhostmanagement.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/suspendhostinventory.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/suspendhostinventory.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/suspendhostinventory.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/suspendhostinventory.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/viewedithost.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewedithost.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/viewedithost.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewedithost.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/viewquery.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/actions/viewquery.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/actions/viewquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/datagrid.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/datagrid.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/datagrid.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/discoveryquerylist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/discoveryquerylist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/discoveryquerylist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/discoveryquerylist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/dynamichostlist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/dynamichostlist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/dynamichostlist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/dynamichostlist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/inventoryidle.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/inventoryidle.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/inventoryidle.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/inventoryidle.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/inventoryinprogress.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/inventoryinprogress.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/inventoryinprogress.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/inventoryinprogress.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/inventoryinqueue.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/inventoryinqueue.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/inventoryinqueue.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/inventoryinqueue.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/rightclickhostmanagement.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/rightclickhostmanagement.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/rightclickhostmanagement.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/rightclickhostmanagement.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/rightclickindividualhost.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/rightclickindividualhost.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/rightclickindividualhost.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/rightclickindividualhost.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/rightclickquerycreated.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/rightclickquerycreated.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/rightclickquerycreated.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/rightclickquerycreated.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/statichostlist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/statichostlist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/hostmanagement/statichostlist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/hostmanagement/statichostlist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/changeswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/changeswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/changeswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/changeswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/changeswindowlocked.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/changeswindowlocked.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/changeswindowlocked.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/changeswindowlocked.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/changeswindowmerge.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/changeswindowmerge.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/changeswindowmerge.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/changeswindowmerge.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/connectstatus.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/connectstatus.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/connectstatus.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/connectstatus.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/explorefolder.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/explorefolder.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/explorefolder.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/explorefolder.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/explorefolderfileexplorer.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/explorefolderfileexplorer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/explorefolderfileexplorer.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/explorefolderfileexplorer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/export.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/export.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/export.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/export.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/exportgrouptoziparchive.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/exportgrouptoziparchive.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/exportgrouptoziparchive.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/exportgrouptoziparchive.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/connection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/connection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/connection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/connection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpagenewgroup.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpagenewgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpagenewgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpagenewgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpageoverview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpageoverview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/descriptionpageoverview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/descriptionpageoverview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/history.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/history.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/history.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/history.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/hostlistassignment.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/hostlistassignment.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/hostlistassignment.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/hostlistassignment.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/jobgroupstructure.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/jobgroupstructure.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/jobgroupstructure.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/jobgroupstructure.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/reporting.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/reporting.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/reporting.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/reporting.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/settings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/settings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/settings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/settings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/showinheritedsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/showinheritedsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/showinheritedsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/showinheritedsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/storage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/storage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/group/storage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/group/storage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantiateextract.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantiateextract.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantiateextract.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantiateextract.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantiatefileexplorer.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantiatefileexplorer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantiatefileexplorer.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantiatefileexplorer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantiatejobstree.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantiatejobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantiatejobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantiatejobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/actiontasks.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/actiontasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/actiontasks.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/actiontasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/actiontasks_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/actiontasks_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/actiontasks_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/actiontasks_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/actionwizardmessage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/actionwizardmessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/actionwizardmessage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/actionwizardmessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/addinstantjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/addinstantjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/addinstantjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/addinstantjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks_2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks_2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks_3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistasks_3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistasks_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/customizeanalysistask.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/customizeanalysistask.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/customizeanalysistask.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/customizeanalysistask.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/hostassignment.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/hostassignment.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/hostassignment.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/hostassignment.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/hostlists.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/hostlists.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/hostlists.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/hostlists.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/individualhosts.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/individualhosts.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/individualhosts.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/individualhosts.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/installationcomplete.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/installationcomplete.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/installationcomplete.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/installationcomplete.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/instantjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/instantjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/instantjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/instantjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/jobstree_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/jobstree_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/jobstree_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/jobstree_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/jobstree_2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/jobstree_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/jobstree_2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/jobstree_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/jobstree_3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/jobstree_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/jobstree_3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/jobstree_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/jobstree_4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/jobstree_4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/jobstree_4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/jobstree_4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/selectinstantjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/selectinstantjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/selectinstantjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/selectinstantjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/smtpproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/smtpproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/smtpproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/smtpproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/smtppropertiesmessage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/smtppropertiesmessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/smtppropertiesmessage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/smtppropertiesmessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/smtppropertiesrecipients.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/smtppropertiesrecipients.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/smtppropertiesrecipients.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/smtppropertiesrecipients.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/summary.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/summary.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/summary.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/summary.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/instantjobs/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/instantjobs/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionselectionoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionselectionoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionselectionoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionselectionoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionselectiontablebuttons.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionselectiontablebuttons.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionselectiontablebuttons.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionselectiontablebuttons.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionsrightclickmenu.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionsrightclickmenu.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/actionsrightclickmenu.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/actionsrightclickmenu.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisbuttonsbottom.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisbuttonsbottom.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisbuttonsbottom.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisbuttonsbottom.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisbuttonstop.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisbuttonstop.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisbuttonstop.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisbuttonstop.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisrightclickmenu.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisrightclickmenu.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisrightclickmenu.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisrightclickmenu.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/analysisselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/analysisselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/configurelinkjobpage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/configurelinkjobpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/configurelinkjobpage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/configurelinkjobpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/configurenode.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/configurenode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/configurenode.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/configurenode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/configurepage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/configurepage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/configurepage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/configurepage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/customizableparameters.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/customizableparameters.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/customizableparameters.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/customizableparameters.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/hostselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/hostselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/hostselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/hostselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/hostselectionindividualhosts.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/hostselectionindividualhosts.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/hostselectionindividualhosts.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/hostselectionindividualhosts.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/hostsnode.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/hostsnode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/hostsnode.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/hostsnode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryrightclickmenu.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryrightclickmenu.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryrightclickmenu.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryrightclickmenu.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryselectionqueries.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryselectionqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryselectionqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryselectionqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryselectiontables.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryselectiontables.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/queryselectiontables.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/queryselectiontables.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/reports.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/reports.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/reports.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/reports.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/reportstableheaderoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/reportstableheaderoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/reportstableheaderoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/reportstableheaderoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/reportstablerowoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/reportstablerowoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/configure/reportstablerowoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/configure/reportstablerowoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/createjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/createjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/createjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/createjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpageconfigurationsection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpageconfigurationsection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpageconfigurationsection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpageconfigurationsection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpagenewjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpagenewjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpagenewjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpagenewjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpageoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpageoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpageoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpageoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpageoverview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpageoverview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpageoverview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpageoverview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpagepreconfigured.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpagepreconfigured.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/descriptionpagepreconfigured.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/descriptionpagepreconfigured.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/disabledjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/disabledjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/disabledjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/disabledjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/disabledjob2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/disabledjob2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/disabledjob2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/disabledjob2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/disablejob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/disablejob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/disablejob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/disablejob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/enablejob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/enablejob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/enablejob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/enablejob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/inheritedsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/inheritedsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/inheritedsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/inheritedsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/jobnode.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/jobnode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/jobnode.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/jobnode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/jobrunning.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/jobrunning.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/jobrunning.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/jobrunning.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/newjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/newjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/newjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/newjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/parameterconfigurationwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/parameterconfigurationwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/parameterconfigurationwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/parameterconfigurationwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/autoretry.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/autoretry.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/autoretry.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/autoretry.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/general.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/general.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/general.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/general.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/generalloglevel.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/generalloglevel.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/generalloglevel.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/generalloglevel.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/history.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/history.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/history.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/history.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/notification.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/notification.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/notification.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/notification.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/performance.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/performance.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/performance.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/performance.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/reportroles.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/reportroles.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/reportroles.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/reportroles.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/reportsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/reportsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/reportsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/storage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/storage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/storage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/storage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/viewxml.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxml.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/viewxml.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxml.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/viewxmlbutton.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxmlbutton.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/properties/viewxmlbutton.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/properties/viewxmlbutton.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/resultsnode.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/resultsnode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/resultsnode.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/resultsnode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/statusnode.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/statusnode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/job/statusnode.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/job/statusnode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/jobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/jobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobsdata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/jobsdata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobsdata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/jobsdata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobsreport.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/jobsreport.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobsreport.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/jobsreport.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobstatus.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/jobstatus.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobstatus.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/jobstatus.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobstreeoverview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/jobstreeoverview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/jobstreeoverview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/jobstreeoverview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/lockedjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/lockedjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/lockedjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/lockedjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/messages.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/messages.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/messages.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/messages.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/modifiedjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/modifiedjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/modifiedjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/modifiedjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/modifiedjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/modifiedjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/modifiedjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/modifiedjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/publishreportsactiontype.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/publishreportsactiontype.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/publishreportsactiontype.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/publishreportsactiontype.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/publishreportsreporttree.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/publishreportsreporttree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/publishreportsreporttree.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/publishreportsreporttree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/refreshtree.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/refreshtree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/refreshtree.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/refreshtree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/results.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/results.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/results.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/results.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/settings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/settings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/settings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/settings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/status.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/status.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/status.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/status.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/supportemail.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/supportemail.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/supportemail.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/supportemail.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/taskstatus.webp b/static/img/product_docs/accessanalyzer/11.6/admin/jobs/taskstatus.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/jobs/taskstatus.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/jobs/taskstatus.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/maintenance/maintenance_3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/maintenance/maintenance_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/maintenance/maintenance_3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/maintenance/maintenance_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/maintenance/maintenance_4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/maintenance/maintenance_4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/maintenance/maintenance_4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/maintenance/maintenance_4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/maintenance/maintenance_5.webp b/static/img/product_docs/accessanalyzer/11.6/admin/maintenance/maintenance_5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/maintenance/maintenance_5.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/maintenance/maintenance_5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/activitiespane.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/activitiespane.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/activitiespane.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/activitiespane.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/addquery.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/addquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/addquery.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/addquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/addreport.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/addreport.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/addreport.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/addreport.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/buttonbar.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/buttonbar.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/buttonbar.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/buttonbar.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/copy.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/copy.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/copy.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/copy.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/cut.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/cut.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/cut.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/cut.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality10.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality10.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality10.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality10.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality11.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality11.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality11.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality11.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality12.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality12.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality12.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality12.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality13.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality13.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality13.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality13.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality14.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality14.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality14.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality14.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality15.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality15.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality15.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality15.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality16.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality16.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality16.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality16.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality17.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality17.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality17.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality17.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality5.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality5.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality6.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality6.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality6.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality6.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality7.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality7.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality7.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality7.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality8.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality8.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality8.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality8.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality9.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality9.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/datagridfunctionality9.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/datagridfunctionality9.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/delete.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/delete.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/delete.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/delete.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/menubar.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/menubar.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/menubar.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/menubar.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationmenu.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationmenu.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationmenu.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationmenu.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationoverview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationoverview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationoverview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationoverview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane10.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane10.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane10.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane10.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane11.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane11.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane11.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane11.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane12.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane12.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane12.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane12.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane13.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane13.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane13.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane13.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane14.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane14.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane14.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane14.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane15.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane15.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane15.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane15.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane16.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane16.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane16.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane16.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane17.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane17.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane17.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane17.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane18.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane18.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane18.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane18.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane5.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane5.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane6.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane6.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane6.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane6.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane7.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane7.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane7.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane7.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane8.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane8.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane8.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane8.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane9.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane9.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/navigationpane9.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/navigationpane9.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/newgroup.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/newgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/newgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/newgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/newjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/newjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/newjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/newjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/newquery.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/newquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/newquery.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/newquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/paste.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/paste.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/paste.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/paste.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/resultspane.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/resultspane.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/resultspane.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/resultspane.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/selectinstantjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/navigate/selectinstantjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/navigate/selectinstantjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/navigate/selectinstantjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/configure.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/configure.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/configure.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/configure.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/copy.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/copy.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/copy.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/copy.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/create.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/create.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/create.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/create.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/deletegroup.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/deletegroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/deletegroup.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/deletegroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/generate.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/generate.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/generate.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/generate.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/addremovecolumns.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/addremovecolumns.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/addremovecolumns.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/addremovecolumns.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/copycell.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/copycell.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/copycell.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/copycell.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/datefilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/datefilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/datefilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/datefilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/enumerated.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/enumerated.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/enumerated.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/enumerated.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/groupby.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/groupby.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/groupby.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/groupby.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/groupbyloadingdata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/groupbyloadingdata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/groupbyloadingdata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/groupbyloadingdata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/interactivegridoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/interactivegridoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/interactivegridoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/interactivegridoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/paging.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/paging.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/paging.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/paging.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/search.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/search.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/interactivegrids/search.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/interactivegrids/search.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/jobgroupview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/jobgroupview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/jobgroupview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/jobgroupview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/paste.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/paste.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/paste.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/paste.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/privilegedaccountstag.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/privilegedaccountstag.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/privilegedaccountstag.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/privilegedaccountstag.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/progress.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/progress.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/progress.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/progress.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reportfrompreviousdeletion.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/reportfrompreviousdeletion.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reportfrompreviousdeletion.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/reportfrompreviousdeletion.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reportheader.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/reportheader.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reportheader.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/reportheader.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reports.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/reports.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reports.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/reports.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reporttree.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/reporttree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/reporttree.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/reporttree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/tagstab.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/tagstab.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/tagstab.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/tagstab.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/viewconfigure.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/viewconfigure.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/viewconfigure.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/viewconfigure.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/viewresultsnode.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/viewresultsnode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/viewresultsnode.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/viewresultsnode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/webconsolehome.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/webconsolehome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/webconsolehome.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/webconsolehome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/webconsolesolutioninventory.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/webconsolesolutioninventory.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/webconsolesolutioninventory.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/webconsolesolutioninventory.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/addreportviewer.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/addreportviewer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/addreportviewer.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/addreportviewer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/advancedtexteditor.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/advancedtexteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/advancedtexteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/advancedtexteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/authoring.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/authoring.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/authoring.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/authoring.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/basictexteditor.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/basictexteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/basictexteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/basictexteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/bold.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/bold.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/bold.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/bold.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/bullets.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/bullets.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/bullets.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/bullets.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/cut.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/cut.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/cut.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/cut.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/decreaseindent.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/decreaseindent.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/decreaseindent.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/decreaseindent.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/elementdowngradeeditor.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/elementdowngradeeditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/elementdowngradeeditor.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/elementdowngradeeditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/email.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/email.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/email.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/email.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/emailconfigured.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/emailconfigured.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/emailconfigured.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/emailconfigured.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/find.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/find.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/find.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/find.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/font.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/font.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/font.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/font.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/fontsize.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/fontsize.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/fontsize.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/fontsize.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/header.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/header.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/header.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/header.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/hyperlink.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/hyperlink.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/hyperlink.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/hyperlink.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/increaseindent.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/increaseindent.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/increaseindent.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/increaseindent.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/italic.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/italic.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/italic.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/italic.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/layout.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/layout.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/layout.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/layout.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/multilevel.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/multilevel.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/multilevel.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/multilevel.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/name.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/name.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/name.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/name.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/numbering.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/numbering.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/numbering.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/numbering.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/paste.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/paste.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/paste.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/paste.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/pastespecial.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/pastespecial.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/pastespecial.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/pastespecial.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/publishsecurity.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/publishsecurity.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/publishsecurity.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/publishsecurity.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/redo.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/redo.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/redo.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/redo.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/reportviewer.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/reportviewer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/reportviewer.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/reportviewer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/table.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/table.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/table.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/table.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/tageditor.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/tageditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/tageditor.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/tageditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/texteditorselection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/texteditorselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/texteditorselection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/texteditorselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/undo.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/undo.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/undo.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/undo.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchart.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchart.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchart.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchart.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartdata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartdata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartdata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartdata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartlink.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartlink.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartlink.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartlink.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartpreview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartpreview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartpreview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartpreview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetchartproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetchartproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgrid.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgrid.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgrid.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgrid.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgriddata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgriddata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgriddata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgriddata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgridoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgridoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgridoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgridoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgridtableproperties.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgridtableproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetgridtableproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetgridtableproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgets.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgets.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgets.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgets.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetsconfigure.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetsconfigure.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetsconfigure.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetsconfigure.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetsconfigured.webp b/static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetsconfigured.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/report/wizard/widgetsconfigured.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/report/wizard/widgetsconfigured.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetails.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetails.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetails.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetails.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailscurrent.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailscurrent.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailscurrent.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailscurrent.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailshistory.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailshistory.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailshistory.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailshistory.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailshistorycustomfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailshistorycustomfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailshistorycustomfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailshistorycustomfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailsqueuedjobs.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailsqueuedjobs.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/jobdetailsqueuedjobs.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/jobdetailsqueuedjobs.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/logfile.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/logfile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/logfile.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/logfile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overview.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overview.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewbottombar.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewbottombar.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewbottombar.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewbottombar.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/processid.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/processid.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/processid.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/processid.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/schedulewizard.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/schedulewizard.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/schedulewizard.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/schedulewizard.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/stop.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/stop.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/stop.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/stop.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewdetails.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewdetails.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewdetails.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewdetails.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewhost.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewhost.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewhost.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewhost.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewhostlist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewhostlist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewhostlist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewhostlist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewlog.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewlog.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewlog.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewlog.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewschedule.webp b/static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewschedule.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/runninginstances/viewschedule.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/runninginstances/viewschedule.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/connection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/schedule/connection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/connection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/schedule/connection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/hostlist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/schedule/hostlist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/hostlist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/schedule/hostlist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/jobtree.webp b/static/img/product_docs/accessanalyzer/11.6/admin/schedule/jobtree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/jobtree.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/schedule/jobtree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/options.webp b/static/img/product_docs/accessanalyzer/11.6/admin/schedule/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/options.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/schedule/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/runas.webp b/static/img/product_docs/accessanalyzer/11.6/admin/schedule/runas.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/runas.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/schedule/runas.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/schedule.webp b/static/img/product_docs/accessanalyzer/11.6/admin/schedule/schedule.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/schedule.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/schedule/schedule.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/triggerwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/schedule/triggerwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/triggerwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/schedule/triggerwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/triggerwindowadvancedsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/schedule/triggerwindowadvancedsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/schedule/triggerwindowadvancedsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/schedule/triggerwindowadvancedsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/access.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/access.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/access.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/access.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/accesstypeapplication.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/accesstypeapplication.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/accesstypeapplication.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/accesstypeapplication.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/applicationaccess.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/applicationaccess.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/applicationaccess.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/applicationaccess.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/applicationdetails.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/applicationdetails.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/applicationdetails.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/applicationdetails.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/selectdatabaseobjects.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/selectdatabaseobjects.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/restapi/selectdatabaseobjects.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/restapi/selectdatabaseobjects.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/accesstypeuser.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/accesstypeuser.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/accesstypeuser.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/accesstypeuser.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/addaccess.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/addaccess.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/addaccess.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/addaccess.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccess.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccess.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccessedit.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccessedit.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccessedit.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccessedit.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccessfinish.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccessfinish.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/consoleaccessfinish.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/consoleaccessfinish.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/deleterolemember.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/deleterolemember.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/deleterolemember.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/deleterolemember.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/editmemberrole.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/editmemberrole.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/editmemberrole.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/editmemberrole.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/lockjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/lockjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/lockjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/lockjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/noadminerror.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/noadminerror.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/noadminerror.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/noadminerror.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/permissionsfolder.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/permissionsfolder.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/permissionsfolder.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/permissionsfolder.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/permissionssubfolderfiles.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/permissionssubfolderfiles.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/permissionssubfolderfiles.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/permissionssubfolderfiles.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportviewerjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportviewerjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportviewerjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportviewerjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportviewerjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportviewerjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportviewerjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportviewerjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportviewerreport.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportviewerreport.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/reportviewerreport.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/reportviewerreport.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqlcreateroles.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqlcreateroles.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqlcreateroles.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqlcreateroles.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqldatabaseroles.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqldatabaseroles.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqldatabaseroles.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqldatabaseroles.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqlusers.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqlusers.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqlusers.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqlusers.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqlusersnewuser.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqlusersnewuser.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqlusersnewuser.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqlusersnewuser.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqluserwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqluserwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/sqluserwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/sqluserwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/unlockjob.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/unlockjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/access/rolebased/unlockjob.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/access/rolebased/unlockjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/ad.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/ad.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/ad.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/ad.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/addusercredential.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/addusercredential.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/addusercredential.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/addusercredential.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/allwindowshosts.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/allwindowshosts.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/allwindowshosts.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/allwindowshosts.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/application.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/application/application.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/application.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/application/application.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/applicationexitoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/application/applicationexitoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/applicationexitoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/application/applicationexitoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/applicationlog.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/application/applicationlog.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/applicationlog.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/application/applicationlog.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/cleanup.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/application/cleanup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/cleanup.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/application/cleanup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/confirmexitwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/application/confirmexitwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/confirmexitwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/application/confirmexitwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/gridviewparameters.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/application/gridviewparameters.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/gridviewparameters.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/application/gridviewparameters.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/hosttargetoptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/application/hosttargetoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/hosttargetoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/application/hosttargetoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/profilesecurity.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/application/profilesecurity.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/profilesecurity.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/application/profilesecurity.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/usagestatistics.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/application/usagestatistics.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/usagestatistics.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/application/usagestatistics.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/vaultrbaerror.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/application/vaultrbaerror.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/application/vaultrbaerror.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/application/vaultrbaerror.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/allowedmachines.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/allowedmachines.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/allowedmachines.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/allowedmachines.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/applicationidhash.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/applicationidhash.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/applicationidhash.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/applicationidhash.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/cancelsavebuttons.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/cancelsavebuttons.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/cancelsavebuttons.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/cancelsavebuttons.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/connectionpage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/connectionpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/connectionpage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/connectionpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/globaloptions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/globaloptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/globaloptions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/globaloptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/activedirectoryaccount.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/activedirectoryaccount.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/activedirectoryaccount.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/activedirectoryaccount.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/addconnectionprofile.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/addconnectionprofile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/addconnectionprofile.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/addconnectionprofile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/addusercredential.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/addusercredential.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/addusercredential.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/addusercredential.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/connectionaws.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/connectionaws.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/connectionaws.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/connectionaws.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/connectionprofilename.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/connectionprofilename.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/connectionprofilename.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/connectionprofilename.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/defaultconnectionprofile.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/defaultconnectionprofile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/defaultconnectionprofile.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/defaultconnectionprofile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofile.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteconnectionprofile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofile.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteconnectionprofile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteusercredentials.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteusercredentials.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteusercredentials.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteusercredentials.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteusercredentialsconfirm.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteusercredentialsconfirm.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/deleteusercredentialsconfirm.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/deleteusercredentialsconfirm.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/dropbox.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/dropbox.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/dropbox.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/dropbox.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/editusercredentials.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/editusercredentials.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/editusercredentials.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/editusercredentials.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/entraid.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/entraid.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/entraid.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/entraid.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/exchangemodernauthentication.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/exchangemodernauthentication.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/exchangemodernauthentication.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/exchangemodernauthentication.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/localwindowsaccount.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/localwindowsaccount.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/localwindowsaccount.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/localwindowsaccount.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/moveupdown.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/moveupdown.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/moveupdown.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/moveupdown.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/oracle.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/oracle.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/oracle.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/oracle.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/passworddifferserror.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/passworddifferserror.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/passworddifferserror.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/passworddifferserror.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/selectaccounttype.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/selectaccounttype.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/selectaccounttype.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/selectaccounttype.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/setasdefaultconnectionprofile.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/setasdefaultconnectionprofile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/setasdefaultconnectionprofile.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/setasdefaultconnectionprofile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/sqlauthentication.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/sqlauthentication.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/sqlauthentication.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/sqlauthentication.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/taskdomain.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/taskdomain.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/taskdomain.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/taskdomain.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/tasklocal.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/tasklocal.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/tasklocal.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/tasklocal.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/unixaccount.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/unixaccount.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/unixaccount.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/unixaccount.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/usercredentialslist.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/usercredentialslist.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/usercredentialslist.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/usercredentialslist.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/usewindowsaccountoption.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/usewindowsaccountoption.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/usewindowsaccountoption.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/usewindowsaccountoption.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/webservicesjwt.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/webservicesjwt.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/profile/webservicesjwt.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/profile/webservicesjwt.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/settingssavedmessage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/settingssavedmessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/settingssavedmessage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/settingssavedmessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/usercredentials.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/usercredentials.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/usercredentials.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/usercredentials.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/usercredentialsad.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/usercredentialsad.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/usercredentialsad.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/usercredentialsad.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/usercredentialslocal.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/usercredentialslocal.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/usercredentialslocal.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/usercredentialslocal.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/vaultownerswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/vaultownerswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/connection/vaultownerswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/connection/vaultownerswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/delete.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/delete.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/delete.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/delete.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/deletecredentials.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/deletecredentials.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/deletecredentials.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/deletecredentials.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/dg.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/dg.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/dg.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/dg.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/edit.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/edit.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/edit.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/edit.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/email.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/email.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/email.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/email.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/emailcontent.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/emailcontent.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/emailcontent.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/emailcontent.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_1.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_1.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_2.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_2.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_3.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_3.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_4.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_4.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_6.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_6.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/exchange_6.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/exchange_6.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/globalsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/globalsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/globalsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/globalsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/gponetworksecurity.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/gponetworksecurity.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/gponetworksecurity.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/gponetworksecurity.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/history.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/history.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/history.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/history.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/historyjoblogs.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/historyjoblogs.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/historyjoblogs.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/historyjoblogs.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostdiscovery.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/hostdiscovery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostdiscovery.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/hostdiscovery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostdiscoverylog.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/hostdiscoverylog.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostdiscoverylog.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/hostdiscoverylog.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostdiscoveryloglevels.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/hostdiscoveryloglevels.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostdiscoveryloglevels.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/hostdiscoveryloglevels.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostinventory.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/hostinventory.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/hostinventory.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/hostinventory.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/incorrectlogondetails.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/incorrectlogondetails.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/incorrectlogondetails.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/incorrectlogondetails.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/insufficientrights.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/insufficientrights.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/insufficientrights.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/insufficientrights.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/javascriptsettings.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/javascriptsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/javascriptsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/javascriptsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/javascriptsitepermissions.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/javascriptsitepermissions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/javascriptsitepermissions.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/javascriptsitepermissions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/notification.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/notification.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/notification.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/notification.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/passwordsdontmatch.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/passwordsdontmatch.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/passwordsdontmatch.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/passwordsdontmatch.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/publish.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/publish.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/publish.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/publish.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/reporting.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/reporting.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/reporting.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/reporting.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/schedule.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/schedule.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/schedule.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/schedule.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/senderinformation.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/senderinformation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/senderinformation.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/senderinformation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/addcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/addcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/addcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/addcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/criteriatab.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/criteriatab.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/criteriatab.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/criteriatab.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/addfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/addfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/addfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/addfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/deletefilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/deletefilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/deletefilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/deletefilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/editfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/editfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/editfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/editfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/exportfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/exportfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/falsepositivestab.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/falsepositivestab.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/falsepositivestab.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/falsepositivestab.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/importfileexplorer.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/importfileexplorer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/importfileexplorer.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/importfileexplorer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/importfilter.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/importfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/exclusions/importfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/exclusions/importfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/selectcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/selectcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/selectcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/selectcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/sensitivedata.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/sensitivedata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sensitivedata/sensitivedata.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sensitivedata/sensitivedata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/server.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/server.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/server.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/server.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/serviceaccounttypes.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/serviceaccounttypes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/serviceaccounttypes.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/serviceaccounttypes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/servicenow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/servicenow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/servicenow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/servicenow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sqlservers.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/sqlservers.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/sqlservers.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/sqlservers.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofile.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofile.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofileauthentication.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofileauthentication.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofileauthentication.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofileauthentication.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofilebadconnection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofilebadconnection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofilebadconnection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofilebadconnection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofiledatabase.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofiledatabase.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofiledatabase.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofiledatabase.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofilegoodconnection.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofilegoodconnection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofilegoodconnection.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofilegoodconnection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofilename.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofilename.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofilename.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofilename.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofileservername.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofileservername.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofileservername.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofileservername.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofiletimeout.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofiletimeout.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/addprofiletimeout.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/addprofiletimeout.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/changestorageprofile.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/changestorageprofile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/changestorageprofile.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/changestorageprofile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/changestorageprofilefinish.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/changestorageprofilefinish.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/changestorageprofilefinish.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/changestorageprofilefinish.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/connectionreport.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/connectionreport.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/connectionreport.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/connectionreport.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/default.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/default.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/default.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/default.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/defaultsave.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/defaultsave.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/defaultsave.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/defaultsave.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/delete.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/delete.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/delete.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/delete.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/deleteconfirm.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/deleteconfirm.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/deleteconfirm.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/deleteconfirm.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/storage.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/storage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/storage.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/storage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/storageoperations.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/storageoperations.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/storageoperations.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/storageoperations.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/updateauth.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/updateauth.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/storage/updateauth.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/storage/updateauth.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/test.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/test.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/test.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/test.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/testemail.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/testemail.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/testemail.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/testemail.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/testerror.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/testerror.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/testerror.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/testerror.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/testsuccess.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/testsuccess.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/testsuccess.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/testsuccess.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/usercredentialswindow.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/usercredentialswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/usercredentialswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/usercredentialswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/websiteurl.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/websiteurl.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/websiteurl.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/websiteurl.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/windowsserver.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/windowsserver.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/windowsserver.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/windowsserver.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/workstation.webp b/static/img/product_docs/accessanalyzer/11.6/admin/settings/workstation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/admin/settings/workstation.webp rename to static/img/product_docs/accessanalyzer/11.6/admin/settings/workstation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/editgroup.webp b/static/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/editgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/editgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/editgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/groupstab.webp b/static/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/groupstab.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/groupstab.webp rename to static/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/groupstab.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/rolestab.webp b/static/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/rolestab.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/rolestab.webp rename to static/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/rolestab.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/viewroledetails.webp b/static/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/viewroledetails.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/config/dellpowerscale/viewroledetails.webp rename to static/img/product_docs/accessanalyzer/11.6/config/dellpowerscale/viewroledetails.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/config/netappcmode/accesscifsmethod2.webp b/static/img/product_docs/accessanalyzer/11.6/config/netappcmode/accesscifsmethod2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/config/netappcmode/accesscifsmethod2.webp rename to static/img/product_docs/accessanalyzer/11.6/config/netappcmode/accesscifsmethod2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/config/netappcmode/validatefpolciyeventcreation.webp b/static/img/product_docs/accessanalyzer/11.6/config/netappcmode/validatefpolciyeventcreation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/config/netappcmode/validatefpolciyeventcreation.webp rename to static/img/product_docs/accessanalyzer/11.6/config/netappcmode/validatefpolciyeventcreation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/config/nutanix/nutanixbackupadminrole.webp b/static/img/product_docs/accessanalyzer/11.6/config/nutanix/nutanixbackupadminrole.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/config/nutanix/nutanixbackupadminrole.webp rename to static/img/product_docs/accessanalyzer/11.6/config/nutanix/nutanixbackupadminrole.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/change.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/change.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/change.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/change.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/changestorageprofile.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/changestorageprofile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/changestorageprofile.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/changestorageprofile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/completed.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/completed.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/completed.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/completed.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/completed_1.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/completed_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/completed_1.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/completed_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/connectionreport.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/connectionreport.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/connectionreport.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/connectionreport.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/controlpaneluninstall.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/controlpaneluninstall.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/controlpaneluninstall.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/controlpaneluninstall.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/createnewdatabase.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/createnewdatabase.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/createnewdatabase.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/createnewdatabase.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/databasepropertiescollation.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/databasepropertiescollation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/databasepropertiescollation.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/databasepropertiescollation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/destination.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/destination.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/destination.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/destination.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/eula.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/eula.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/eula.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/eula.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/license.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/license.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/license.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/license.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/licensefeatures.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/licensefeatures.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/licensefeatures.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/licensefeatures.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/licensemapped.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/licensemapped.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/licensemapped.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/licensemapped.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/loginsql.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/loginsql.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/loginsql.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/loginsql.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/loginusermapping.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/loginusermapping.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/loginusermapping.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/loginusermapping.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/loginwindows.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/loginwindows.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/loginwindows.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/loginwindows.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/newdatabase.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/newdatabase.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/newdatabase.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/newdatabase.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/newlogin.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/newlogin.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/newlogin.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/newlogin.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/options.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/ready.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/ready.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/ready.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/ready.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/ready_1.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/ready_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/ready_1.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/ready_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/activedirectoryusersandcomputerswindows.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/activedirectoryusersandcomputerswindows.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/activedirectoryusersandcomputerswindows.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/activedirectoryusersandcomputerswindows.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/addanendpointwindow.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/addanendpointwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/addanendpointwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/addanendpointwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/addcertificateconsole.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/addcertificateconsole.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/addcertificateconsole.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/addcertificateconsole.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateaddsnapin.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateaddsnapin.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateaddsnapin.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateaddsnapin.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateconnectionnotprivate.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateconnectionnotprivate.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateconnectionnotprivate.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateconnectionnotprivate.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateimportwizard.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateimportwizard.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateimportwizard.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateimportwizard.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificatenotsecureerror.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificatenotsecureerror.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificatenotsecureerror.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificatenotsecureerror.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateselectcomputer.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateselectcomputer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateselectcomputer.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateselectcomputer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificatesnapins.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificatesnapins.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificatesnapins.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificatesnapins.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateviewer.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateviewer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificateviewer.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificateviewer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificatewindow.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificatewindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/certificatewindow.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/certificatewindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/claimrulenameadfsconfig.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/claimrulenameadfsconfig.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/claimrulenameadfsconfig.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/claimrulenameadfsconfig.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/claimrulenamesidproperties.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/claimrulenamesidproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/claimrulenamesidproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/claimrulenamesidproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/configurelocalsecuritysettingwindow.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/configurelocalsecuritysettingwindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/configurelocalsecuritysettingwindow.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/configurelocalsecuritysettingwindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/disclaimertxt.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/disclaimertxt.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/disclaimertxt.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/disclaimertxt.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/entraidssoclaims.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/entraidssoclaims.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/entraidssoclaims.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/entraidssoclaims.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/internetproperties.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/internetproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/internetproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/internetproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/kerberoserrormessage.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/kerberoserrormessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/kerberoserrormessage.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/kerberoserrormessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localgrouppolicywindow.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/localgrouppolicywindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localgrouppolicywindow.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/localgrouppolicywindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localintranet.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/localintranet.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localintranet.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/localintranet.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localintranetadvanced.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/localintranetadvanced.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localintranetadvanced.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/localintranetadvanced.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localsecuritypolicywindow.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/localsecuritypolicywindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/localsecuritypolicywindow.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/localsecuritypolicywindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaaddattribute.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaaddattribute.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaaddattribute.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaaddattribute.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaaddattributewindow.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaaddattributewindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaaddattributewindow.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaaddattributewindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaattributemappingsforcesync.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaattributemappingsforcesync.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaattributemappingsforcesync.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaattributemappingsforcesync.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktacopylinkaddress.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktacopylinkaddress.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktacopylinkaddress.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktacopylinkaddress.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktadirectoryprovisioningtookta.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktadirectoryprovisioningtookta.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktadirectoryprovisioningtookta.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktadirectoryprovisioningtookta.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktamfaappsignonrule.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktamfaappsignonrule.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktamfaappsignonrule.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktamfaappsignonrule.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktamfaappsignonruleaccess.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktamfaappsignonruleaccess.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktamfaappsignonruleaccess.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktamfaappsignonruleaccess.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaprofileeditor.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaprofileeditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaprofileeditor.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaprofileeditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktashowunmappedattributes.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktashowunmappedattributes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktashowunmappedattributes.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktashowunmappedattributes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaunmappedattributeconfigscreen.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaunmappedattributeconfigscreen.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktaunmappedattributeconfigscreen.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktaunmappedattributeconfigscreen.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktawsfedtemplate.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktawsfedtemplate.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/oktawsfedtemplate.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/oktawsfedtemplate.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/publishedreportsproperties.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/publishedreportsproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/publishedreportsproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/publishedreportsproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/relyingpartytrustwizardidentifier.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/relyingpartytrustwizardidentifier.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/relyingpartytrustwizardidentifier.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/relyingpartytrustwizardidentifier.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/userproperteswindow.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/userproperteswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/userproperteswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/userproperteswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolehome.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolehome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolehome.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolehome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolelogin.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolelogin.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolelogin.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolelogin.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolelogindisclaimer.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolelogindisclaimer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webconsolelogindisclaimer.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webconsolelogindisclaimer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfig.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfig.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfig.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfig.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigadfs.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigadfs.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigadfs.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigadfs.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigdisclaimer.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigdisclaimer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigdisclaimer.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigdisclaimer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigfile.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigfile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigfile.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigfile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigfileentrasso.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigfileentrasso.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigfileentrasso.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigfileentrasso.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigmultipledomains.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigmultipledomains.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigmultipledomains.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigmultipledomains.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigokta.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigokta.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigokta.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigokta.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigsso.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigsso.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigsso.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigsso.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigtimeout.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigtimeout.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/webserverexeconfigtimeout.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/webserverexeconfigtimeout.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/websiteurlreporting.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/websiteurlreporting.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/websiteurlreporting.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/websiteurlreporting.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/wsfederationrealmurl.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/wsfederationrealmurl.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/wsfederationrealmurl.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/wsfederationrealmurl.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/wsfederationreplyurl.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/reports/wsfederationreplyurl.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/reports/wsfederationreplyurl.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/reports/wsfederationreplyurl.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/scheduleaccount.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/scheduleaccount.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/scheduleaccount.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/scheduleaccount.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/settingsnode.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/settingsnode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/settingsnode.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/settingsnode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/shortcut.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/shortcut.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/shortcut.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/shortcut.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/sqlserver.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/sqlserver.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/sqlserver.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/sqlserver.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/sqlserverconfigurationmanager.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/sqlserverconfigurationmanager.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/sqlserverconfigurationmanager.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/sqlserverconfigurationmanager.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/storageprofile.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/storageprofile.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/storageprofile.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/storageprofile.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/changes.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/changes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/changes.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/changes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/options.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/options.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/options.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/options.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/progress.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/progress.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/progress.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/progress.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/selectcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/selectcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/selectcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/selectcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/sensitivedata.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/sensitivedata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/sensitivedata.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/sensitivedata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/solutionsetfiles.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/solutionsetfiles.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/solutionsetfiles.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/solutionsetfiles.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/upgrade/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/upgrade/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/versionselection.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/versionselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/versionselection.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/versionselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/welcome_1.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/welcome_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/welcome_1.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/welcome_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/welcome_2.webp b/static/img/product_docs/accessanalyzer/11.6/install/application/welcome_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/application/welcome_2.webp rename to static/img/product_docs/accessanalyzer/11.6/install/application/welcome_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/changedestination.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/changedestination.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/changedestination.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/changedestination.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/complete.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/complete.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/complete.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/complete.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/configureservice.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/configureservice.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/configureservice.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/configureservice.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/dcwizardportnumber.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/dcwizardportnumber.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/dcwizardportnumber.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/dcwizardportnumber.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/destination.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/destination.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/destination.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/destination.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/eula.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/eula.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/eula.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/eula.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/fsaaproxyarchitecture.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/fsaaproxyarchitecture.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/fsaaproxyarchitecture.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/fsaaproxyarchitecture.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/proxymodewithapplet.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/proxymodewithapplet.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/proxymodewithapplet.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/proxymodewithapplet.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/ready.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/ready.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/ready.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/ready.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/regedit.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/regedit.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/regedit.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/regedit.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/service.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/service.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/service.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/service.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/uninstall.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/uninstall.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/uninstall.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/uninstall.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/updateproxyinstantjob.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/updateproxyinstantjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/updateproxyinstantjob.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/updateproxyinstantjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/filesystemproxy/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/install/filesystemproxy/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp b/static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/completed.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/completed.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/eula.webp b/static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/eula.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/eula.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/eula.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/license.webp b/static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/license.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/license.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/license.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/ready.webp b/static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/ready.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/ready.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/ready.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/uninstall.webp b/static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/uninstall.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/uninstall.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/uninstall.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sensitivedatadiscovery/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sensitivedatadiscovery/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/completed.webp b/static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/completed.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/completed.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/completed.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/configureservice.webp b/static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/configureservice.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/configureservice.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/configureservice.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/destination.webp b/static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/destination.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/destination.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/destination.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/eula.webp b/static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/eula.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/eula.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/eula.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/ready.webp b/static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/ready.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/ready.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/ready.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/uninstall.webp b/static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/uninstall.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/uninstall.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/uninstall.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/welcome.webp b/static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/welcome.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/install/sharepointagent/welcome.webp rename to static/img/product_docs/accessanalyzer/11.6/install/sharepointagent/welcome.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/exchange/iismanager.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/solutions/exchange/iismanager.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/exchange/iismanager.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/solutions/exchange/iismanager.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/exchange/iismanagerauth.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/solutions/exchange/iismanagerauth.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/exchange/iismanagerauth.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/solutions/exchange/iismanagerauth.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/exchange/rolegroup.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/solutions/exchange/rolegroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/exchange/rolegroup.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/solutions/exchange/rolegroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/filesystem/appletmode.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/filesystem/appletmode.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/solutions/filesystem/appletmode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/filesystem/localmode.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/solutions/filesystem/localmode.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/solutions/filesystem/localmode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/administratorcommandprompt.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/administratorcommandprompt.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/administratorcommandprompt.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/administratorcommandprompt.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_1.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_1.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_11z.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_11z.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_11z.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_11z.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_13z.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_13z.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_13z.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_13z.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_14z.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_14z.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_14z.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_14z.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_16z.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_16z.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_16z.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_16z.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_2.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_2.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_3.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_3.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_4.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_4.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_5.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_5.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_6.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_6.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_6.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_6.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_8.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_8.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_8.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/azuresqlperm_customrolecreation_8.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/createrole.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/createrole.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/createrole.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/createrole.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/jsontabaccount.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/jsontabaccount.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/jsontabaccount.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/jsontabaccount.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/jsontabpolicies.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/jsontabpolicies.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/jsontabpolicies.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/jsontabpolicies.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policies.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/policies.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policies.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/policies.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policiesadd.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/policiesadd.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/policiesadd.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/policiesadd.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/reviewpolicy.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/reviewpolicy.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/reviewpolicy.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/reviewpolicy.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/reviewpolicyaccount.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/reviewpolicyaccount.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/reviewpolicyaccount.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/reviewpolicyaccount.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/reviewrole.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/reviewrole.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/reviewrole.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/reviewrole.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/roles.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/roles.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/roles.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/roles.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/securitycredentials.webp b/static/img/product_docs/accessanalyzer/11.6/requirements/target/config/securitycredentials.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/requirements/target/config/securitycredentials.webp rename to static/img/product_docs/accessanalyzer/11.6/requirements/target/config/securitycredentials.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp b/static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp rename to static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp b/static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp rename to static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatester.webp b/static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatester.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatester.webp rename to static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatester.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp b/static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp rename to static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp b/static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp b/static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp rename to static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp b/static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp rename to static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/navigationpane.webp b/static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/navigationpane.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/navigationpane.webp rename to static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/navigationpane.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp b/static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp rename to static/img/product_docs/accessanalyzer/11.6/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/analysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/analysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/analysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/analysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/groupusage/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/groupusage/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/jobstree_1.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/jobstree_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/jobstree_1.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/jobstree_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapqueriesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapqueriesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapsqlscripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapsqlscripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/ldapsqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/ldapsqlscripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/lockoutsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/lockoutsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/lockoutsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/lockoutsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/lockoutsjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/lockoutsjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/lockoutsjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/lockoutsjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/dctrafficanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/dctrafficanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/dctrafficanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/dctrafficanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/machineownersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/machineownersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/operations/machineownersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/operations/machineownersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/overviewconfiguration.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/overviewconfiguration.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/overviewconfiguration.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/overviewconfiguration.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/queries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/queries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/activity/queries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/activity/queries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/adsolutionjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/adsolutionjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/adsolutionjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/adsolutionjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/computersjobtree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/computersjobtree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/computersjobtree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/computersjobtree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/groupsjobtree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/groupsjobtree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/groupsjobtree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/groupsjobtree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/usersjobtree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/usersjobtree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/cleanup/users/usersjobtree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/cleanup/users/usersjobtree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/computers/computerdelegationanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/computers/computerdelegationanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/computers/computerdelegationanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/computers/computerdelegationanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/computers/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/computers/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/computers/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/computers/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/computers/stalecomputersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/computers/stalecomputersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/computers/stalecomputersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/computers/stalecomputersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/domaincontrollersquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/domaincontrollersquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/domaincontrollersquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/domaincontrollersquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/dsrmquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/dsrmquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/dsrmquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/dsrmquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplate.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ldaptemplate.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplate.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ldaptemplate.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/timesyncquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/timesyncquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/collection/timesyncquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/collection/timesyncquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/dcsummaryanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/dcsummaryanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/dcsummaryanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/dcsummaryanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/domaininfoanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/domaininfoanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/domaininfoanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/domaininfoanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/domaininfoquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/domaininfoquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/domaininfoquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/domaininfoquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/dsrmsettingsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/dsrmsettingsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/dsrmsettingsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/dsrmsettingsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/domains/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/domains/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/cpasswordquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/cpasswordquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/cpasswordquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/cpasswordquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/grouppolicyquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/grouppolicyquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/circularnestinganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/circularnestinganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/circularnestinganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/circularnestinganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/dclogongroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/dclogongroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/dclogongroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/dclogongroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/duplicategroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/duplicategroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/duplicategroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/duplicategroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/emptygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/emptygroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/emptygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/emptygroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/groupprobableownersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/groupprobableownersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/groupprobableownersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/groupprobableownersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/largestgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/largestgroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/largestgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/largestgroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/nestedgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/nestedgroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/nestedgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/nestedgroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/stalegroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/stalegroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/groups/stalegroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/groups/stalegroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/securityassessmentanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/securityassessmentanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/securityassessmentanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/securityassessmentanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/securityassessmentjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/securityassessmentjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/securityassessmentjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/securityassessmentjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/solutionoverview.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/solutionoverview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/solutionoverview.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/solutionoverview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/dictionariesweakpassword.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/dictionariesweakpassword.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/dictionariesweakpassword.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/dictionariesweakpassword.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/directmembershipanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/directmembershipanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/directmembershipanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/directmembershipanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/duplicateusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/duplicateusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/duplicateusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/duplicateusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/optionsweakpassword.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/optionsweakpassword.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/optionsweakpassword.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/optionsweakpassword.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/orphanedusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/orphanedusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/orphanedusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/orphanedusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/passwordstatusanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/passwordstatusanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/passwordstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/passwordstatusanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/serviceaccountsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/serviceaccountsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/serviceaccountsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/serviceaccountsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/sidhistoryanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/sidhistoryanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/sidhistoryanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/sidhistoryanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/staleusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/staleusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/userattributecompletionanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/userattributecompletionanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/userattributecompletionanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/userattributecompletionanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/userdelegationanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/userdelegationanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/userdelegationanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/userdelegationanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/usertokenanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/usertokenanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/usertokenanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/usertokenanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/weakpasswordsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/weakpasswordsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/weakpasswordsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/weakpasswordsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/weakpasswordsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/weakpasswordsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectory/users/weakpasswordsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectory/users/weakpasswordsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/changesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/changesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/changesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/changesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/changesanalysisnotification.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/changesanalysisnotification.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/changesanalysisnotification.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/changesanalysisnotification.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/exceptionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/exceptionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/exceptionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/exceptionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtp.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/notificationanalysissmtp.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtp.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/notificationanalysissmtp.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/overview.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/overview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/overview.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/overview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scananalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scananalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scananalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scananalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scanqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scanqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectoryinventory/scanqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectoryinventory/scanqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/brokeninheritanceanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/brokeninheritanceanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/brokeninheritanceanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/brokeninheritanceanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/brokeninheritancejobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/brokeninheritancejobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/brokeninheritancejobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/brokeninheritancejobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/containers/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/domains/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/groups/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/openaccessanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/openaccessanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/openaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/openaccessanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/openaccessjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/openaccessjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/openaccessjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/openaccessjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/overview.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/overview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/overview.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/overview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvanalyses.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvanalyses.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvanalyses.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvanalyses.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvjoblocation.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvjoblocation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvjoblocation.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvjoblocation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvoverviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvoverviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvoverviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvoverviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvqueryeditquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvqueryeditquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/csvqueryeditquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/csvqueryeditquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityanalyses.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityanalyses.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityanalyses.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityanalyses.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityjoblocation.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityjoblocation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityjoblocation.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityjoblocation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityqueryeditquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityqueryeditquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/epicclarityqueryeditquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/epicclarityqueryeditquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomanalyses.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomanalyses.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomanalyses.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomanalyses.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomjoblocation.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomjoblocation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomjoblocation.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomjoblocation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomqueryeditquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomqueryeditquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/paycomqueryeditquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/paycomqueryeditquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforceanalyses.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforceanalyses.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforceanalyses.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforceanalyses.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforcejoblocation.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforcejoblocation.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforcejoblocation.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforcejoblocation.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforcequeries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforcequeries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforcequeries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforcequeries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforcequeryeditquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforcequeryeditquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/anyid/salesforcequeryeditquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/anyid/salesforcequeryeditquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/iamscananalysistasks.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/iamscananalysistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/iamscananalysistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/iamscananalysistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/iamscanqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/iamscanqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/iamscanqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/iamscanqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/orgscanqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/orgscanqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/orgscanqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/orgscanqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3scananaylsistasks.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3scananaylsistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3scananaylsistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3scananaylsistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3scanqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3scanqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3scanqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3scanqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3sddscananaylsistasks.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3sddscananaylsistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3sddscananaylsistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3sddscananaylsistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3sddscanqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3sddscanqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3sddscanqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3sddscanqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3sddsensitivedata.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3sddsensitivedata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/collection/s3sddsensitivedata.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/collection/s3sddsensitivedata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/groups/groupmembersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/groups/groupmembersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/groups/groupmembersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/groups/groupmembersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/groups/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/groups/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/groups/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/groups/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/groups/nopolicygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/groups/nopolicygroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/groups/nopolicygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/groups/nopolicygroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/groups/stalegroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/groups/stalegroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/groups/stalegroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/groups/stalegroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/organizations/accountsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/organizations/accountsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/organizations/accountsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/organizations/accountsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/organizations/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/organizations/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/organizations/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/organizations/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/organizations/memberaccountusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/organizations/memberaccountusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/organizations/memberaccountusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/organizations/memberaccountusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/custommanagedpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/custommanagedpoliciesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/custommanagedpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/custommanagedpoliciesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/inlinepoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/inlinepoliciesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/inlinepoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/inlinepoliciesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/managedpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/managedpoliciesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/managedpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/managedpoliciesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/sensitivepoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/sensitivepoliciesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/sensitivepoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/sensitivepoliciesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/userpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/userpoliciesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/policies/userpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/policies/userpoliciesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/roles/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/roles/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/roles/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/roles/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/roles/rolesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/roles/rolesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/roles/rolesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/roles/rolesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/roles/stalerolesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/roles/stalerolesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/roles/stalerolesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/roles/stalerolesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3content/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3content/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3content/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3content/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3content/s3bucketsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3content/s3bucketsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3content/s3bucketsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3content/s3bucketsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3content/s3buckettagsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3content/s3buckettagsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3content/s3buckettagsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3content/s3buckettagsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3permissions/brokeninheritanceanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3permissions/brokeninheritanceanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3permissions/brokeninheritanceanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3permissions/brokeninheritanceanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3permissions/effectivepermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3permissions/effectivepermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3permissions/effectivepermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3permissions/effectivepermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3permissions/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3permissions/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3permissions/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3permissions/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3permissions/openbucketsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3permissions/openbucketsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/s3permissions/openbucketsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/s3permissions/openbucketsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/sensitivedata/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/sensitivedata/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/sensitivedata/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/sensitivedata/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/sensitivedata/sensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/sensitivedata/sensitivedataanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/sensitivedata/sensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/sensitivedata/sensitivedataanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/sensitivedata/sensitivedatapermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/sensitivedata/sensitivedatapermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/sensitivedata/sensitivedatapermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/sensitivedata/sensitivedatapermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/accesskeysanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/users/accesskeysanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/accesskeysanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/users/accesskeysanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/users/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/users/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/mfastatusanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/users/mfastatusanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/mfastatusanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/users/mfastatusanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/rootaccountsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/users/rootaccountsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/rootaccountsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/users/rootaccountsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/staleusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/aws/users/staleusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/aws/users/staleusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/aws/users/staleusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/accessanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/accessanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/accessanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/accessanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/deletionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/deletionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/deletionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/deletionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/downloadsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/downloadsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/downloadsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/downloadsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/externaluseractivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/externaluseractivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/externaluseractivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/externaluseractivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/permissionchangesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/permissionchangesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/permissionchangesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/permissionchangesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/sharinganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/sharinganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/forensics/sharinganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/forensics/sharinganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessadditionalscoping.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessadditionalscoping.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessadditionalscoping.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessadditionalscoping.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessauthenticate.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessauthenticate.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessauthenticate.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessauthenticate.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessexclusions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessexclusions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessexclusions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessexclusions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessuserscope.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessuserscope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/accessuserscope.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/accessuserscope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityadditionalscoping.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityadditionalscoping.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityadditionalscoping.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityadditionalscoping.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityauthenticate.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityauthenticate.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityauthenticate.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityauthenticate.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityexclusions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityexclusions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityexclusions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityexclusions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityoperationscope.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityoperationscope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityoperationscope.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityoperationscope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activitytimespanscope.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activitytimespanscope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activitytimespanscope.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activitytimespanscope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityuserscope.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityuserscope.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/activityuserscope.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/activityuserscope.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/importqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/importqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/importqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/importqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/collection/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/content/filemetricsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/content/filemetricsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/content/filemetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/content/filemetricsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/content/foldermetricsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/content/foldermetricsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/content/foldermetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/content/foldermetricsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/content/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/content/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/content/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/content/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/groupmembershipanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/groupmembershipanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/groupmembershipanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/groupmembershipanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/box/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/box/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/box/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/activityscanjob.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/activityscanjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/activityscanjob.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/activityscanjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/activityscanjobanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/activityscanjobanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/activityscanjobanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/activityscanjobanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/collectionjobmenu.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/collectionjobmenu.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/collectionjobmenu.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/collectionjobmenu.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/instancediscanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/instancediscanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/instancediscanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/instancediscanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/instancediscquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/instancediscquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/instancediscquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/instancediscquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/jobanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/jobanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/jobanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/jobanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/managedconnections.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/managedconnections.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/managedconnections.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/managedconnections.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/permissionjob.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/permissionjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/permissionjob.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/permissionjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascanjob.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/sensitivedatascanjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascanjob.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/sensitivedatascanjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/serversettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/serversettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/serversettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/serversettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/serversettingsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/serversettingsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/azuresql/collection/serversettingsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/azuresql/collection/serversettingsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/configurationquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/configurationquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/configurationquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/configurationquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/permissionsscananalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/permissionsscananalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/permissionsscananalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/permissionsscananalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/permissionsscanquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/permissionsscanquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/permissionsscanquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/permissionsscanquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatacategory.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatacategory.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatacategory.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatacategory.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedataconnection.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedataconnection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedataconnection.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedataconnection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatacriteria.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatacriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatacriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatacriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatafilter.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatafilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatafilter.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatafilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatajoboptions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatajoboptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatajoboptions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatajoboptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatascananalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatascananalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatascananalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatascananalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatascanquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatascanquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/collection/sensitivedatascanquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/collection/sensitivedatascanquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/configurationjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/configurationjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/configurationjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/configurationjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/databasesizinganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/databasesizinganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/databasesizinganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/databasesizinganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/overview.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/overview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/overview.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/overview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/permissions/directpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/permissions/directpermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/permissions/directpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/permissions/directpermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/permissions/permissionsjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/permissions/permissionsjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/permissions/permissionsjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/permissions/permissionsjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedataanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedataanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/analysissensitivedatascan.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/analysissensitivedatascan.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/analysissensitivedatascan.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/analysissensitivedatascan.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/configurationjob.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/configurationjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/configurationjob.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/configurationjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/sensitivedatascan_job.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/sensitivedatascan_job.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/collection/sensitivedatascan_job.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/collection/sensitivedatascan_job.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/databasesizingjobanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/databasesizingjobanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/databasesizingjobanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/databasesizingjobanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/mongdbjobgroupoverview.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/mongdbjobgroupoverview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/mongdbjobgroupoverview.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/mongdbjobgroupoverview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/sensitivedatajobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/sensitivedatajobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mongodb/sensitivedatajobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mongodb/sensitivedatajobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/analysismysqldatabasesizing.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/analysismysqldatabasesizing.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/analysismysqldatabasesizing.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/analysismysqldatabasesizing.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/0.collectionjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/0.collectionjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/0.collectionjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/0.collectionjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/analysistableprivileges.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/analysistableprivileges.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/analysistableprivileges.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/analysistableprivileges.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/configurationjob.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/configurationjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/configurationjob.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/configurationjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/manageconnectionsmysql.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/manageconnectionsmysql.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/manageconnectionsmysql.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/manageconnectionsmysql.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/querytableprivileges.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/querytableprivileges.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/querytableprivileges.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/querytableprivileges.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatascan.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatascan.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatascan.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatascan.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/configurationjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/configurationjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/configurationjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/configurationjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/mysqljobgroupoverview.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/mysqljobgroupoverview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/mysqljobgroupoverview.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/mysqljobgroupoverview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/sensitivedata/sensitivedatajobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/sensitivedatajobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/mysql/sensitivedata/sensitivedatajobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/mysql/sensitivedata/sensitivedatajobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup25.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup25.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup25.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup25.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup26.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup26.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup26.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup26.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup27.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup27.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup27.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup27.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup28.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup28.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup28.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup28.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup29.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup29.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup29.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup29.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup30.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup30.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup30.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup30.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup31.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup31.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup31.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup31.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup32.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup32.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/activity/jobgroup32.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/activity/jobgroup32.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/0collection.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/0collection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/0collection.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/0collection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/criteriapage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/criteriapage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/criteriapage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/criteriapage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup13.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup13.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup13.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup13.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup14.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup14.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup14.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup14.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup16.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup16.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup16.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup16.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup17.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup17.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup17.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup17.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup3.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup3.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup4.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup4.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup6.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup6.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup6.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup6.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup8.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup8.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup8.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup8.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup9.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup9.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/jobgroup9.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/jobgroup9.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/optionspage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/optionspage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/collection/optionspage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/collection/optionspage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisdblinks.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisdblinks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisdblinks.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisdblinks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisdbsizing.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisdbsizing.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisdbsizing.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisdbsizing.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisddprotection.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisddprotection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisddprotection.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisddprotection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisinstancenameissues.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisinstancenameissues.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisinstancenameissues.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisinstancenameissues.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisremoteosauth.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisremoteosauth.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/analysisremoteosauth.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/analysisremoteosauth.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/configoverview.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/configoverview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/configuration/configoverview.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/configuration/configoverview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/jobgroup46.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/jobgroup46.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/jobgroup46.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/jobgroup46.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/jobgroup47.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/jobgroup47.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/jobgroup47.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/jobgroup47.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/oraclejobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/oraclejobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/oraclejobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/oraclejobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup33.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup33.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup33.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup33.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup34.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup34.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup34.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup34.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup35.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup35.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup35.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup35.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup36.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup36.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup36.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup36.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup37.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup37.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup37.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup37.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup38.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup38.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/permissions/jobgroup38.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/permissions/jobgroup38.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup43.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/jobgroup43.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup43.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/jobgroup43.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup44.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/jobgroup44.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup44.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/jobgroup44.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup45.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/jobgroup45.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup45.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/sensitivedata/jobgroup45.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup19.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup19.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup19.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup19.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup20.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup20.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup20.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup20.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup21.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup21.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup21.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup21.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup22.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup22.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup22.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup22.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup23.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup23.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup23.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup23.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup24.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup24.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup24.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/oracle/usersroles/jobgroup24.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/0.collectionjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/0.collectionjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/0.collectionjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/0.collectionjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/configurationquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/configurationquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/configurationquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/configurationquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/datascanjobsettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/datascanjobsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/datascanjobsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/datascanjobsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/manageconnectionspgsql.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/manageconnectionspgsql.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/manageconnectionspgsql.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/manageconnectionspgsql.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedataanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedataanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedataquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedataquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_analysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/tableprivileges_analysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_analysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/tableprivileges_analysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_query.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/tableprivileges_query.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_query.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/collection/tableprivileges_query.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/configurationjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/configurationjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/postgresqljobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/postgresqljobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/postgresqljobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/postgresqljobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/analysisredshiftconfigurationjob.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/analysisredshiftconfigurationjob.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/analysisredshiftconfigurationjob.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/analysisredshiftconfigurationjob.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/0.collection.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/0.collection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/0.collection.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/0.collection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/0.collectionconfiguration.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/0.collectionconfiguration.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/0.collectionconfiguration.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/0.collectionconfiguration.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedataquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/collectionsensitivedataquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/tableprivilegesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/tableprivilegesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/tableprivilegesquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/collection/tableprivilegesquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/configurationjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/configurationjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/configurationjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/configurationjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/redshiftjobgrpoverview.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/redshiftjobgrpoverview.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/redshiftjobgrpoverview.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/redshiftjobgrpoverview.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/sensitive_data/sensitivedatajobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/sensitivedatajobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/redshift/sensitive_data/sensitivedatajobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/redshift/sensitive_data/sensitivedatajobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup30.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup30.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup30.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup30.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup31.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup31.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup31.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup31.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup32.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup32.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup32.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup32.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup33.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup33.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup33.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup33.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup34.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup34.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup34.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup34.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup35.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup35.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/activity/sqljobgroup35.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/activity/sqljobgroup35.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/instancedisc_analysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/instancedisc_analysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/instancedisc_analysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/instancedisc_analysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/instancedisc_query.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/instancedisc_query.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/instancedisc_query.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/instancedisc_query.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup1.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup1.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup13.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup13.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup13.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup13.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup14.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup14.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup14.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup14.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup17.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup17.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup17.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup17.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup18.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup18.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup18.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup18.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup19.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup19.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup19.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup19.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup6.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup6.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup6.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup6.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup8.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup8.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup8.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup8.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup9.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup9.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/collection/sqljobgroup9.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/collection/sqljobgroup9.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/analysistask.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/analysistask.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/analysistask.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/analysistask.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/analysistasks.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/analysistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/analysistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/analysistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/configurationjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/configurationjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/configurationjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/configurationjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup43.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sqljobgroup43.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup43.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sqljobgroup43.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup44.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sqljobgroup44.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup44.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sqljobgroup44.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup45.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sqljobgroup45.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup45.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/configuration/sqljobgroup45.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup36.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup36.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup36.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup36.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup37.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup37.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup37.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup37.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup38.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup38.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup38.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup38.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup39.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup39.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup39.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup39.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup40.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup40.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup40.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup40.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup41.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup41.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup41.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/permissions/sqljobgroup41.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup46.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sqljobgroup46.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup46.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sqljobgroup46.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup47.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sqljobgroup47.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup47.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sqljobgroup47.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup48.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sqljobgroup48.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup48.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sensitivedata/sqljobgroup48.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sqljobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sqljobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sqljobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sqljobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sqljobgroup49.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sqljobgroup49.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sqljobgroup49.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sqljobgroup49.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sqljobgroup50.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sqljobgroup50.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/sqljobgroup50.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/sqljobgroup50.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup22.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup22.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup22.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup22.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup23.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup23.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup23.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup23.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup24.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup24.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup24.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup24.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup26.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup26.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup26.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup26.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup27.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup27.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup27.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup27.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup28.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup28.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup28.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup28.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup29.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup29.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup29.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqljobgroup29.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/accessanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/accessanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/accessanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/accessanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/accessjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/accessjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/accessjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/accessjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsbulkimportquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsbulkimportquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsbulkimportquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsscanoptionspage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsscanoptionspage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsscanoptionspage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsscanoptionspage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsscanquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsscanquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsscanquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsscanquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsscopingpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsscopingpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/permissionsscopingpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/permissionsscopingpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddbulkimportquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddbulkimportquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddbulkimportquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sdddlpsettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sdddlpsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sdddlpsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sdddlpsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddscanquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddscanquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddscanquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddscanquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddscopingpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddscopingpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddscopingpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddscopingpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddselectdlpcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddselectdlpcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/collection/sddselectdlpcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/collection/sddselectdlpcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/contentanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/contentanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/contentanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/contentanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/contentjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/contentjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/contentjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/contentjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/groupmembershipanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/groupmembershipanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/groupmembershipanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/groupmembershipanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/groupmembershipjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/groupmembershipjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/groupmembershipjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/groupmembershipjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/sensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/sensitivedataanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/sensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/sensitivedataanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/sensitivedatajobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/sensitivedatajobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/sensitivedatajobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/sensitivedatajobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/sharinganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/sharinganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/sharinganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/sharinganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/sharingjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/sharingjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/dropbox/sharingjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/dropbox/sharingjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/circularnestinganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/circularnestinganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/circularnestinganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/circularnestinganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/duplicategroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/duplicategroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/duplicategroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/duplicategroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/emptygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/emptygroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/emptygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/emptygroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/groupdirsyncanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/groupdirsyncanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/groupdirsyncanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/groupdirsyncanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/largestgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/largestgroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/largestgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/largestgroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/nestedgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/nestedgroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/nestedgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/nestedgroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/probableownersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/probableownersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/probableownersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/probableownersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/stalegroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/stalegroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/groups/stalegroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/groups/stalegroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/directmembershipanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/directmembershipanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/directmembershipanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/directmembershipanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/disabledusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/disabledusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/disabledusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/disabledusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/staleusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/staleusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/staleusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/staleusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/userattributecompletionanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/userattributecompletionanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/userattributecompletionanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/userattributecompletionanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/userdirsyncanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/userdirsyncanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraid/users/userdirsyncanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraid/users/userdirsyncanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/exceptionsanalysisconfiguration.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/exceptionsanalysisconfiguration.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/exceptionsanalysisconfiguration.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/exceptionsanalysisconfiguration.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/exceptionsanalysistasks.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/exceptionsanalysistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/exceptionsanalysistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/exceptionsanalysistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/exceptionssqlscripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/exceptionssqlscripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/exceptionssqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/exceptionssqlscripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scananalysistasks.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scananalysistasks.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scananalysistasks.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scananalysistasks.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scandcwizardcustomattributes.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scandcwizardcustomattributes.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scandcwizardcustomattributes.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scandcwizardcustomattributes.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scandcwizardoptions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scandcwizardoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scandcwizardoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scandcwizardoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scanqueryproperties.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scanqueryproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scanqueryproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scanqueryproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scanqueryselection.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scanqueryselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scanqueryselection.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scanqueryselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scanqueryselectionproperties.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scanqueryselectionproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/entraidinventory/scanqueryselectionproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/entraidinventory/scanqueryselectionproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/activesyncanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/activesyncanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/activesyncanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/activesyncanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/activesyncjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/activesyncjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/activesyncjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/activesyncjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/aspoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/aspoliciesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/aspoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/aspoliciesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/aspoliciesquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/aspoliciesquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/aspoliciesquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/aspoliciesquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/iislogsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/iislogsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/iislogsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/iislogsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/outlookanywherejobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/outlookanywherejobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/outlookanywherejobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/outlookanywherejobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/owatrafficanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/owatrafficanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/owatrafficanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/owatrafficanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/rpctrafficanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/rpctrafficanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/rpctrafficanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/rpctrafficanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/smartlogdctargetlog.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/smartlogdctargetlog.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/casmetrics/smartlogdctargetlog.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/casmetrics/smartlogdctargetlog.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/dbinfoquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/dbinfoquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/dbinfoquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/dbinfoquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/localjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/localjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/localjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/localjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/pfinfoquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/pfinfoquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/pfinfoquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/pfinfoquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/pfjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/pfjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/collection/pfjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/collection/pfjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/dbsizinganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/dbsizinganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/dbsizinganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/dbsizinganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/dbtrendinganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/dbtrendinganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/dbtrendinganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/dbtrendinganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/databases/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/databases/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/dlcleanupanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/dlcleanupanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/dlcleanupanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/dlcleanupanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/effectivemembershipjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/effectivemembershipjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/effectivemembershipjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/effectivemembershipjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/groupexpansionanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/groupexpansionanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/groupexpansionanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/groupexpansionanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/exchangepscas.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/exchangepscas.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/exchangepscas.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/exchangepscas.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/deliverytimesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/deliverytimesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/deliverytimesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/deliverytimesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/dlmetricsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/dlmetricsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/dlmetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/dlmetricsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/domainmetricsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/domainmetricsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/domainmetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/domainmetricsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/messagesizeanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/messagesizeanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/messagesizeanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/messagesizeanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/servermetricsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/servermetricsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/servermetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/servermetricsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/usermetricsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/usermetricsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/hubmetrics/usermetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/hubmetrics/usermetricsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/featuresjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/featuresjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/featuresjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/featuresjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/featuresquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/featuresquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/featuresquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/featuresquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/logons/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/logons/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/logons/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/logons/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/permsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/permsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/permsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/permsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/mbsizequery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/mbsizequery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/mbsizequery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/mbsizequery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailflowuseroverviewanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailflowuseroverviewanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailflowuseroverviewanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailflowuseroverviewanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailflowuseroverviewjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailflowuseroverviewjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/mailflowuseroverviewjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/mailflowuseroverviewjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowdlanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowdlanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowdlanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowdlanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/online/mailflow/mailflowqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/online/mailflow/mailflowqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/contentanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/contentanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/contentanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/contentanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/contentscansanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/contentscansanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/contentscansanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/contentscansanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/contentscansquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/contentscansquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/contentscansquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/contentscansquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/content/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/content/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/folderscansquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/folderscansquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/growthsize/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/growthsize/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/overviewanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/overviewanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/overviewanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/overviewanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/folderownershipquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/folderownershipquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/ownersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/ownersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/ownership/ownersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/ownership/ownersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/publicfolders/permissions/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/publicfolders/permissions/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxresults.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxresults.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxresults.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxresults.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderresults.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/publicfolderresults.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderresults.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/publicfolderresults.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/sddresultsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/sddresultsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/exchange/sensitivedata/sddresultsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/exchange/sensitivedata/sddresultsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/deletionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/deletionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/deletionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/deletionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtp.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/notificationsmtp.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtp.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/notificationsmtp.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/permissionchangesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/permissionchangesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/forensics/permissionchangesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/forensics/permissionchangesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/adminactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/adminactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/adminactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/adminactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/highriskactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/highriskactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/highriskactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/highriskactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/localuseractivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/localuseractivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/security/localuseractivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/security/localuseractivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/weekendactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/weekendactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/weekendactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/suspiciousactivity/weekendactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/adhocaudits/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/adhocaudits/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/adhocaudits/shareauditanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/shareauditanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/adhocaudits/shareauditanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/shareauditanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritanceanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritanceanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritancejobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritancejobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/brokeninheritancejobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/brokeninheritancejobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/cleanupprogressanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/cleanupprogressanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/cleanupprogressanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/cleanupprogressanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesaction.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/deletefilesaction.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesaction.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/deletefilesaction.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/delete/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/delete/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/includemetadatatagoptions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/includemetadatatagoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/includemetadatatagoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/includemetadatatagoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/jobstree_1.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/jobstree_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/jobstree_1.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/jobstree_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersaction.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/notifyownersaction.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersaction.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/notifyownersaction.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/createschemaanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/createschemaanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/createschemaanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/createschemaanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaabulkimportanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaabulkimportanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaabulkimportanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaabulkimportanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaabulkimportquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaabulkimportquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaabulkimportquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaabulkimportquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaadefaultscopingoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaadefaultscopingoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaexceptionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaexceptionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaexceptionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaexceptionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekappletsettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekappletsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekappletsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekappletsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscansettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscansettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscansettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscansettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingoptions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscopingoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscopingoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscopingqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekscopingqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekserverselection.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekserverselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaaseekserverselection.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaaseekserverselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaasystemscansanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaasystemscansanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaasystemscansanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaasystemscansanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaasystemscansquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaasystemscansquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsaasystemscansquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsaasystemscansquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacactivitysettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacactivitysettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacactivitysettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacactivitysettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacappletsettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacappletsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacappletsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacappletsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacbulkimportquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacbulkimportquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacbulkimportquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacexceptionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacexceptionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacexceptionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacexceptionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacscanserverselection.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacscanserverselection.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacscanserverselection.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacscanserverselection.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacsystemscansquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacsystemscansquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsacsystemscansquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsacsystemscansquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsdfssystemscansanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsdfssystemscansanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsdfssystemscansquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsdfssystemscansquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsnasuniquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsnasuniquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/fsnasuniquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/fsnasuniquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seekbulkimportquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seekbulkimportquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seekbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seekbulkimportquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seekdefaultscopingoptions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seekdefaultscopingoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seekdefaultscopingoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seekdefaultscopingoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seeksddcriteriasettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seeksddcriteriasettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seeksddcriteriasettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seeksddcriteriasettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seeksystemscansquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seeksystemscansquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seeksystemscansquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seeksystemscansquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/filetypesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/filetypesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/filetypesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/filetypesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/filetypesjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/filetypesjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/filetypesjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/filetypesjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/largestresourcesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/largestresourcesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/largestresourcesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/largestresourcesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/sizingjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/sizingjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/sizingjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/sizingjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/stalecontentanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/stalecontentanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/stalecontentanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/stalecontentanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/stalejobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/stalejobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/stalejobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/stalejobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/tags/aiplabelsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/tags/aiplabelsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/tags/aiplabelsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/tags/aiplabelsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/tags/filetagsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/tags/filetagsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/tags/filetagsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/tags/filetagsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/tags/tagsjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/tags/tagsjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/content/tags/tagsjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/content/tags/tagsjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/highriskaclsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/highriskaclsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/highriskaclsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/highriskaclsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/nestedsharesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/nestedsharesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/nestedsharesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/nestedsharesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/sidhistoryanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/sidhistoryanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/sidhistoryanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/sidhistoryanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/dlpresultsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/dlpresultsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/dlpresultsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/dlpresultsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/filesystemoverviewanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverviewanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/filesystemoverviewanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverviewanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/filesystemoverviewjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverviewjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/filesystemoverviewjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/filesystemoverviewjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/openaccessanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/openaccessanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/openaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/openaccessanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/openaccessjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/openaccessjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/openaccessjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/openaccessjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/probableowneranalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/probableowneranalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/probableowneranalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/probableowneranalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/probableownerjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/probableownerjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/probableownerjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/probableownerjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/creategroups.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/creategroups.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/creategroups.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/creategroups.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbganalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbganalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbganalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbganalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseactions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/traverseactions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseactions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/traverseactions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/securityassessmentanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/securityassessmentanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/securityassessmentanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/securityassessmentanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/securityassessmentjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/securityassessmentjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/securityassessmentjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/securityassessmentjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/sensitivedatajobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/sensitivedatajobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/filesystem/sensitivedatajobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/filesystem/sensitivedatajobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/nisinventory/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/nisinventory/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/nisinventory/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/nisinventory/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/nisinventory/nisscananalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/nisinventory/nisscananalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/nisinventory/nisscananalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/nisinventory/nisscananalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/nisinventory/nisscanquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/nisinventory/nisscanquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/nisinventory/nisscanquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/nisinventory/nisscanquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/nisinventory/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/nisinventory/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/nisinventory/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/nisinventory/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/forensics/deletionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/deletionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/forensics/deletionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/deletionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/forensics/forensicsjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/forensicsjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/forensics/forensicsjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/forensicsjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/forensics/permissionchangesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/permissionchangesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/forensics/permissionchangesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/permissionchangesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/forensics/sensitivedataactivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sensitivedataactivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/forensics/sensitivedataactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/forensics/sensitivedataactivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/mostactiveusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/mostactiveusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/mostactiveusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/mostactiveusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/brokeninheritanceanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/brokeninheritanceanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/brokeninheritanceanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/brokeninheritanceanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/brokeninheritancejobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/brokeninheritancejobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/brokeninheritancejobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/brokeninheritancejobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/additionalscopingspaa.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/additionalscopingspaa.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/additionalscopingspaa.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/additionalscopingspaa.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/additionalscopingspseek.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/additionalscopingspseek.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/additionalscopingspseek.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/additionalscopingspseek.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/agentsettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/agentsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/agentsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/agentsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/bulkimportsettings.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/bulkimportsettings.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/bulkimportsettings.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/bulkimportsettings.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspaa.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/datacollectionsettingsspaa.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspaa.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/datacollectionsettingsspaa.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspseek.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/datacollectionsettingsspseek.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspseek.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/datacollectionsettingsspseek.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/dlpauditsettingsspseek.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/dlpauditsettingsspseek.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/dlpauditsettingsspseek.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/dlpauditsettingsspseek.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/scanscopingoptions.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/scanscopingoptions.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/scanscopingoptions.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/scanscopingoptions.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaabulkimportanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaabulkimportanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaabulkimportanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaabulkimportanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaabulkimportquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaabulkimportquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaabulkimportquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaabulkimportquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaaexceptionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaaexceptionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaaexceptionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaaexceptionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaasystemscansquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaasystemscansquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spaasystemscansquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spaasystemscansquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spacbulkimportanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spacbulkimportanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spacbulkimportanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spacbulkimportanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spacbulkimportquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spacbulkimportquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spacbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spacbulkimportquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spacsystemscansquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spacsystemscansquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spacsystemscansquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spacsystemscansquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spseekbulkimportanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spseekbulkimportanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spseekbulkimportquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spseekbulkimportquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spseeksystemscansquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spseeksystemscansquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/collection/spseeksystemscansquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/collection/spseeksystemscansquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/content/contentjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/content/contentjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/content/contentjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/content/contentjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/content/largestfilesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/content/largestfilesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/content/largestfilesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/content/largestfilesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/content/stalefilesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/content/stalefilesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/content/stalefilesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/content/stalefilesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/domainusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/domainusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/domainusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/domainusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/staleusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/staleusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/staleusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/staleusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/unresolvedsidsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/unresolvedsidsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/directpermissions/unresolvedsidsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/directpermissions/unresolvedsidsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/externalusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/externalusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/externalusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/externalusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/onedrivesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/onedrivesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/onedrivesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/onedrivesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/sharedlinksanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/sharedlinksanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/sharedlinksanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/sharedlinksanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/staleteamsitesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/staleteamsitesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/staleteamsitesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/staleteamsitesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/teamsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/teamsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/teamsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/teamsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/teamssensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/teamssensitivedataanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/m365/teamssensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/m365/teamssensitivedataanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/openaccessanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/openaccessanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/openaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/openaccessanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/openaccessjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/openaccessjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/openaccessjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/openaccessjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/overviewanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/overviewanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/overviewanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/overviewanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/overviewjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/overviewjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/overviewjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/overviewjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/probableowneranalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/probableowneranalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/probableowneranalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/probableowneranalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/probableownerjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/probableownerjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/probableownerjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/probableownerjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/sensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/sensitivedataanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/sensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/sensitivedataanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/sensitivedatajobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/sensitivedatajobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/sensitivedatajobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/sensitivedatajobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/sharepointjobgroup.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/sharepointjobgroup.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/sharepoint/sharepointjobgroup.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/sharepoint/sharepointjobgroup.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/criticalfilesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/criticalfilesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/criticalfilesquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/criticalfilesquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/nfsconfigurationqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/nfsconfigurationqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/sambaconfigurationqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/collection/sambaconfigurationqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/nfsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/nfsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/nfsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/nfsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/sambaanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/sambaanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/sharing/sambaanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/sharing/sambaanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/duplicategroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/duplicategroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/duplicategroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/duplicategroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/emptygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/emptygroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/emptygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/emptygroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/largegroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/largegroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/largegroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/largegroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/localgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/localgroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/localgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/localgroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/localusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/localusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/localusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/localusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/passwordsettingsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/passwordsettingsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/passwordsettingsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/passwordsettingsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/usersandgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/usersandgroupsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/usersandgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/usersandgroupsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/usersandgroupsqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/usersandgroupsqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/unix/usersgroups/usersandgroupsqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/unix/usersgroups/usersandgroupsqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/installedapplicationsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/installedapplicationsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/installedapplicationsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/installedapplicationsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/installedapplicationsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/installedapplicationsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/installedapplicationsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/installedapplicationsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/runatbootanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/runatbootanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/runatbootanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/runatbootanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/runatbootqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/runatbootqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/runatbootqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/runatbootqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/scheduledtasksanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/scheduledtasksanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/scheduledtasksanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/scheduledtasksanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/scheduledtasksquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/scheduledtasksquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/applications/scheduledtasksquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/applications/scheduledtasksquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/lsasettingsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/lsasettingsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/lsasettingsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/lsasettingsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/lsasettingsqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/lsasettingsqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/lsasettingsqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/lsasettingsqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/securitysupportprovidersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/securitysupportprovidersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/securitysupportprovidersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/securitysupportprovidersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/securitysupportprovidersqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/securitysupportprovidersqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/securitysupportprovidersqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/securitysupportprovidersqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/wdigestsettingsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/wdigestsettingsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/wdigestsettingsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/wdigestsettingsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/wdigestsettingsqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/wdigestsettingsqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/authentication/wdigestsettingsqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/authentication/wdigestsettingsqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/configuresubfolderdepth.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/configuresubfolderdepth.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/configuresubfolderdepth.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/configuresubfolderdepth.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/openfoldersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/openfoldersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/openfoldersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/openfoldersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/openfoldersquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/openfoldersquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/openaccess/openfoldersquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/openaccess/openfoldersquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/overviewpage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/overviewpage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/overviewpage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/overviewpage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/collectionjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/collectionjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/grouppolicyquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/grouppolicyquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/grouppolicyquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/grouppolicyquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localusersanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localusersanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localusersanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localusersanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/serviceaccountsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/serviceaccountsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/serviceaccountsquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/privilegedaccounts/serviceaccountsquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityassessmentanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityassessmentanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityassessmentanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityassessmentanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityassessmentjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityassessmentjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityassessmentjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityassessmentjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/jobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/jobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/jobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/jobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsanalysis.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsanalysis.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsanalysis.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsanalysis.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsqueries.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsqueries.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/powershellcommandsqueries.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/powershellcommandsqueries.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp b/static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/accessanalyzer/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp rename to static/img/product_docs/accessanalyzer/11.6/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp b/static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp rename to static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp b/static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp rename to static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp b/static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp rename to static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_3.webp b/static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_3.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_3.webp rename to static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_3.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp b/static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp rename to static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp b/static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp rename to static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp b/static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp rename to static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp diff --git a/static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp b/static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp similarity index 100% rename from static/img/versioned_docs/accessanalyzer_11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp rename to static/img/product_docs/accessanalyzer/11.6/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/actionproperties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/actionproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/actionproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/actionproperties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/actionselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/actionselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/actionselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/actionselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/attributescomputer.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/attributescomputer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/attributescomputer.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/attributescomputer.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/attributesgroup.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/attributesgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/attributesgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/attributesgroup.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/completionpage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/completionpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/completionpage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/completionpage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/computerdetails.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/computerdetails.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/computerdetails.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/computerdetails.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/creategroups.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/creategroups.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/creategroups.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/creategroups.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/createusers.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/createusers.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/createusers.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/createusers.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/credentials.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/credentials.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/credentials.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/credentials.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/disableenablecomputers.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenablecomputers.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/disableenablecomputers.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenablecomputers.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/disableenableusers.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenableusers.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/disableenableusers.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/disableenableusers.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/groupdetails.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupdetails.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/groupdetails.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupdetails.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/groupmembership.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/groupmembership.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/moveobject.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/moveobject.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/moveobject.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/moveobject.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/setresetpassword.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/setresetpassword.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/setresetpassword.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/setresetpassword.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/sidhistory.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/sidhistory.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/sidhistory.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/sidhistory.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/usersdetails.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/usersdetails.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/operations/usersdetails.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/operations/usersdetails.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/target.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/target.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/target.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/target.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/activedirectory/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/activedirectory/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/activedirectory/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/action.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/action.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/action.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/action.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/appletsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/appletsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/appletsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/appletsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/changeattributes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/changeattributes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/changeattributes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/changeattributes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/destination.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/destination.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/destination.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/destination.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/environment.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/environment.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/environment.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/environment.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/operation.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/operation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/operation.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/operation.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/addremovetagsboldonjames.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addremovetagsboldonjames.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/addremovetagsboldonjames.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addremovetagsboldonjames.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/addtags.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addtags.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/addtags.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/addtags.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changeowner.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeowner.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changeowner.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changeowner.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changepermissionsauditing.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissionsauditing.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changepermissionsauditing.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissionsauditing.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changepermissionsinheritance.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissionsinheritance.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changepermissionsinheritance.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changepermissionsinheritance.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changesharepermissions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changesharepermissions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/changesharepermissions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/changesharepermissions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/removefilepermissions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removefilepermissions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/removefilepermissions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removefilepermissions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/removesharepermissions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removesharepermissions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/removesharepermissions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removesharepermissions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/removetags.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removetags.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/parameters/removetags.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/parameters/removetags.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/prioractions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/prioractions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/prioractions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/prioractions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/rollback.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/rollback.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/rollback.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/rollback.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/target.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/target.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/target.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/target.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/filesystem/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/filesystem/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/filesystem/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/libraries.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/libraries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/libraries.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/libraries.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/librariescustom.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/librariescustom.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/librariescustom.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/librariescustom.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/librariescustompaste.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/librariescustompaste.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/librariescustompaste.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/librariescustompaste.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/affectedmailboxes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/affectedmailboxes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/affectedmailboxes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/affectedmailboxes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/criteriaselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/criteriaselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/criteriaselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/criteriaselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/datarangeselectionwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/datarangeselectionwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/datarangeselectionwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/datarangeselectionwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/delegaterights.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/delegaterights.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/delegaterights.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/delegaterights.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/folderconditions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderconditions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/folderconditions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderconditions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/folderidentification.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderidentification.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/folderidentification.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderidentification.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderinclusionexclusionwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderinclusionexclusionwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindownew.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderinclusionexclusionwindownew.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/folderinclusionexclusionwindownew.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderinclusionexclusionwindownew.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/foldertypewindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/foldertypewindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/foldertypewindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/foldertypewindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/folderwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/folderwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/folderwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/identification.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/identification.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/identification.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/identification.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/messageactions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageactions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/messageactions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageactions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/messageclasseswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageclasseswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/messageclasseswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageclasseswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/messageclasseswindownew.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageclasseswindownew.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/messageclasseswindownew.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageclasseswindownew.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/messageconditions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageconditions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/messageconditions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/messageconditions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/operations.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/operations.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/operations.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/operations.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/optionswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/optionswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/optionswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/optionswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/permissions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/permissions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/permissions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/permissions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/permissionwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/permissionwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/permissionwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/permissionwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/samplinghost.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/samplinghost.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/samplinghost.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/samplinghost.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/searchtermswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/searchtermswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/searchtermswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/searchtermswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/trustedusers.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/trustedusers.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/trustedusers.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/trustedusers.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/userwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/userwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/userwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/userwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/valueswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/valueswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/valueswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/valueswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/mailbox/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/mailbox/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/mailbox/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/powershell/addeditvariable.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/addeditvariable.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/powershell/addeditvariable.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/addeditvariable.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/powershell/executionoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/executionoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/powershell/executionoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/executionoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/powershell/script.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/script.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/powershell/script.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/script.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/powershell/scriptcolumns.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptcolumns.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/powershell/scriptcolumns.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptcolumns.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/powershell/scriptinputdata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptinputdata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/powershell/scriptinputdata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptinputdata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/powershell/scriptparamters.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptparamters.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/powershell/scriptparamters.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptparamters.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/powershell/scriptrightclickoption.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptrightclickoption.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/powershell/scriptrightclickoption.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/scriptrightclickoption.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/powershell/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/powershell/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/powershell/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/powershell/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/powershell/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/powershellmodulewizard.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/powershellmodulewizard.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/powershellmodulewizard.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/powershellmodulewizard.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/action.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/action.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/action.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/action.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/changepermissions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/changepermissions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/changepermissions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/changepermissions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/customattributes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/customattributes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/customattributes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/customattributes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/deletefolder.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/deletefolder.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/deletefolder.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/deletefolder.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/folders.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/folders.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/folders.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/folders.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/limits.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/limits.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/limits.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/limits.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/mapisettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/mapisettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/mapisettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/mapisettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/operations.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/operations.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/operations.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/operations.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/prioractions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/prioractions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/prioractions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/prioractions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/renamefolder.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/renamefolder.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/renamefolder.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/renamefolder.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/replicas.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/replicas.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/replicas.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/replicas.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/rollback.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/rollback.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/rollback.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/rollback.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/publicfolder/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/publicfolder/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/publicfolder/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/registry/advancedselectusersgroups.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/registry/advancedselectusersgroups.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/registry/advancedselectusersgroups.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/registry/advancedselectusersgroups.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/registry/choosecolumns.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/registry/choosecolumns.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/registry/choosecolumns.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/registry/choosecolumns.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/registry/locations.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/registry/locations.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/registry/locations.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/registry/locations.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/registry/objecttypes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/registry/objecttypes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/registry/objecttypes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/registry/objecttypes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/registry/operations.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/registry/operations.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/registry/operations.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/registry/operations.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/registry/registrybrowser.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/registry/registrybrowser.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/registry/registrybrowser.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/registry/registrybrowser.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/registry/selectusersgroups.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/registry/selectusersgroups.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/registry/selectusersgroups.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/registry/selectusersgroups.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/registry/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/registry/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/registry/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/registry/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/registry/targethosts.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/registry/targethosts.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/registry/targethosts.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/registry/targethosts.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/registry/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/registry/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/registry/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/registry/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/message.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/message.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/message.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/message.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/messagespreview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/messagespreview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/messagespreview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/messagespreview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/overview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/overview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/overview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/overview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/properties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/properties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/properties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/properties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusanalysisproperties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusanalysisproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusanalysisproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusanalysisproperties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusinputsource.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusinputsource.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusinputsource.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusinputsource.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusjoincolumns.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusjoincolumns.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusjoincolumns.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusjoincolumns.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusresultcolumns.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusresultcolumns.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusresultcolumns.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusresultcolumns.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusresultsample.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusresultsample.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusresultsample.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusresultsample.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusresulttype.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusresulttype.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/sendmail/viewstatusresulttype.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/sendmail/viewstatusresulttype.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/servicenow/actionmodulexmlfile.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/actionmodulexmlfile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/servicenow/actionmodulexmlfile.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/actionmodulexmlfile.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/servicenow/authentication.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/authentication.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/servicenow/authentication.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/authentication.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/servicenow/description.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/description.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/servicenow/description.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/description.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/servicenow/incidentcreation.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/incidentcreation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/servicenow/incidentcreation.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/incidentcreation.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/servicenow/samplesourcedata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/samplesourcedata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/servicenow/samplesourcedata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/samplesourcedata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/servicenow/savetemplate.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/savetemplate.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/servicenow/savetemplate.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/savetemplate.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/servicenow/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/servicenow/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/servicenow/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/servicenow/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/servicenow/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/htmlstyle.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/htmlstyle.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/htmlstyle.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/htmlstyle.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/introduction.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/introduction.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/introduction.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/introduction.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/mailmessage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/mailmessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/mailmessage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/mailmessage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/mailproperties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/mailproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/mailproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/mailproperties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/messagespreview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/messagespreview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/messagespreview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/messagespreview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/questions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/questions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/questions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/questions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/savesurveytemplate.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/savesurveytemplate.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/savesurveytemplate.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/savesurveytemplate.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/selectsubjects.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/selectsubjects.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/selectsubjects.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/selectsubjects.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/surveytemplate.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/surveytemplate.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/surveytemplate.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/surveytemplate.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/testsurvey.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/testsurvey.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/testsurvey.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/testsurvey.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/webserver.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/webserver.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/webserver.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/webserver.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/survey/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/survey/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/survey/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/survey/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/webrequest/customattributeeditor.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/customattributeeditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/webrequest/customattributeeditor.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/customattributeeditor.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/webrequest/destination.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/destination.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/webrequest/destination.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/destination.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/webrequest/header.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/header.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/webrequest/header.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/header.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/webrequest/parameters.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/parameters.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/webrequest/parameters.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/parameters.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/webrequest/settings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/settings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/webrequest/settings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/settings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/webrequest/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/webrequest/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/action/webrequest/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/action/webrequest/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/action/webrequest/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/analysispropertiespage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/analysispropertiespage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/analysispropertiespage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/analysispropertiespage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/analysisselectionpage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/analysisselectionpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/analysisselectionpage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/analysisselectionpage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/autoaction.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/autoaction.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/autoaction.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/autoaction.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/businessrules/appliesto.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/appliesto.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/businessrules/appliesto.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/appliesto.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/businessrules/configurescorecardaction.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/configurescorecardaction.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/businessrules/configurescorecardaction.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/configurescorecardaction.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/businessrules/editconditionsform.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/editconditionsform.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/businessrules/editconditionsform.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/editconditionsform.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/businessrules/jobvariablestsv.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/jobvariablestsv.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/businessrules/jobvariablestsv.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/jobvariablestsv.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/businessrules/logic.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/logic.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/businessrules/logic.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/logic.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/businessrules/sampledataviewer.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/sampledataviewer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/businessrules/sampledataviewer.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/sampledataviewer.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/businessrules/sqlextractpreviewwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/sqlextractpreviewwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/businessrules/sqlextractpreviewwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/sqlextractpreviewwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/businessrules/sqlsyntaxcheck.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/sqlsyntaxcheck.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/businessrules/sqlsyntaxcheck.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/sqlsyntaxcheck.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/businessrules/variables.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/variables.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/businessrules/variables.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/businessrules/variables.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/changedetection/additionalfields.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/additionalfields.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/changedetection/additionalfields.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/additionalfields.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/changedetection/fields.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/fields.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/changedetection/fields.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/fields.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/changedetection/input.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/input.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/changedetection/input.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/input.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/changedetection/inputscope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/inputscope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/changedetection/inputscope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/inputscope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/changedetection/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/changedetection/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/changedetection/resultsample.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/resultsample.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/changedetection/resultsample.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/resultsample.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/changedetection/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/changedetection/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/changedetection/uniquekey.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/uniquekey.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/changedetection/uniquekey.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/uniquekey.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/changedetection/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/changedetection/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/changedetection/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/configure.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/configure.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/configure.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/configure.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/changetype.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/changetype.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/changetype.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/changetype.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/commandline.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/commandline.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/commandline.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/commandline.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/criteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/criteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/criteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/criteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/eventlog.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/eventlog.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/eventlog.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/eventlog.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/frequency.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/frequency.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/frequency.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/frequency.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/hosts.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/hosts.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/hosts.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/hosts.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/selecttable.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/selecttable.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/selecttable.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/selecttable.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/smtp.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/smtp.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/smtp.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/smtp.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/tabletype.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/tabletype.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/tabletype.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/tabletype.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/timewindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/timewindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/timewindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/timewindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/type.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/type.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/type.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/type.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/notification/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/notification/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/notification/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlscripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlscripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlscripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlscriptedittablewindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlscriptedittablewindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlscriptedittablewindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlscriptedittablewindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlscriptparameters.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlscriptparameters.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlscriptparameters.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlscriptparameters.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/columns.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/columns.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/columns.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/columns.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/examplefull.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/examplefull.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/examplefull.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/examplefull.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/examplereduced.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/examplereduced.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/examplereduced.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/examplereduced.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/examplereducedwithties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/examplereducedwithties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/examplereducedwithties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/examplereducedwithties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/export.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/export.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/export.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/export.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/filter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/filter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/filter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/filter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/input.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/input.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/input.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/input.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/inputscope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/inputscope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/inputscope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/inputscope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/joincolumns.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/joincolumns.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/joincolumns.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/joincolumns.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/resultconstraints.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultconstraints.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/resultconstraints.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultconstraints.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/resultsample.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultsample.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/resultsample.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resultsample.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/resulttype.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resulttype.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/resulttype.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/resulttype.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/timewindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/timewindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/timewindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/timewindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/sqlviewcreation/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/sqlviewcreation/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/analysis/vbscripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/admin/analysis/vbscripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/analysis/vbscripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/analysis/vbscripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/directoryscope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/directoryscope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/directoryscope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/directoryscope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/activedirectory/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/activedirectory/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adactivity/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adactivity/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adactivity/categoryremovetables.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/categoryremovetables.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adactivity/categoryremovetables.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/categoryremovetables.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adactivity/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adactivity/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adactivity/resultsremovetables.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/resultsremovetables.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adactivity/resultsremovetables.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/resultsremovetables.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adactivity/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adactivity/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adactivity/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/addattributes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addattributes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/addattributes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addattributes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adddatetime.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adddatetime.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adddatetime.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adddatetime.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/addname.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addname.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/addname.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addname.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/addpath.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addpath.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/addpath.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addpath.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/addproperties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/addproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addproperties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/addqueryfromlibrary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addqueryfromlibrary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/addqueryfromlibrary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addqueryfromlibrary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/addsecurityproperties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addsecurityproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/addsecurityproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addsecurityproperties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/addvalue.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addvalue.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/addvalue.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/addvalue.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/categoryremovetables.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/categoryremovetables.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/categoryremovetables.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/categoryremovetables.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesadd.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesadd.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesadd.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesadd.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesimportattributes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesimportattributes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesimportattributes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesimportattributes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesimportcredentials.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesimportcredentials.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesimportcredentials.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesimportcredentials.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesimportsummary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesimportsummary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/customattributesimportsummary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/customattributesimportsummary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/domains.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/domains.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/domains.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/domains.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/indexupdateoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/indexupdateoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/indexupdateoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/indexupdateoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adinventory/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adinventory/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/customfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/customfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/customfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/customfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/scope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/scope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/scope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/scope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/adpermissions/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/adpermissions/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/aws/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/aws/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/aws/criteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/criteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/aws/criteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/criteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/aws/customfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/customfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/aws/customfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/customfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/aws/droptables.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/droptables.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/aws/droptables.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/droptables.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/aws/filters3objects.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/aws/filters3objects.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/filters3objects.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/aws/loginroles.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/aws/loginroles.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/loginroles.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/aws/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/aws/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/aws/selectabucket.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/selectabucket.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/aws/selectabucket.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/selectabucket.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/aws/sensitivedata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/sensitivedata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/aws/sensitivedata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/sensitivedata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/aws/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/aws/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/aws/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizard.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributesimportwizard.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizard.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributesimportwizard.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributesimportwizardapplication.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardschema.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributesimportwizardschema.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributesimportwizardschema.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributesimportwizardschema.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributewindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributewindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/customattributewindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/customattributewindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/azureadinventory/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/azureadinventory/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/activityoperation.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/activityoperation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/activityoperation.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/activityoperation.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/activitytimeframe.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/activitytimeframe.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/activitytimeframe.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/activitytimeframe.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/additionalscoping.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/additionalscoping.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/additionalscoping.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/additionalscoping.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/authentication.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/authentication.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/authentication.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/authentication.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/boxlogin.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/boxlogin.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/boxlogin.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/boxlogin.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/exclusions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/exclusions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/exclusions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/exclusions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/scopebyuser.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/scopebyuser.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/scopebyuser.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/scopebyuser.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/box/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/box/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/box/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/browser.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/browser.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/browser.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/browser.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/buttonbar.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/buttonbar.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/buttonbar.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/buttonbar.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/buttonbar_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/buttonbar_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/buttonbar_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/buttonbar_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/definefields.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/definefields.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/definefields.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/definefields.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/executionoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/executionoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/executionoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/executionoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/profileparameters.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profileparameters.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/profileparameters.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profileparameters.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/profiletype.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profiletype.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/profiletype.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/profiletype.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/scripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/scripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/scripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/scripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/commandlineutility/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/commandlineutility/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/customfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/customfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/customfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/customfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/delete.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/delete.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/delete.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/delete.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/deleteattributes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/deleteattributes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/deleteattributes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/deleteattributes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/registrybrowser.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/registrybrowser.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/registrybrowser.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/registrybrowser.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/targetdisks.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/targetdisks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/targetdisks.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/targetdisks.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/diskinfo/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/diskinfo/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dns/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dns/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dns/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dns/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dns/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dns/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dns/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dns/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dns/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/completion.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/completion.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/completion.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/completion.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/dlpauditsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/dlpauditsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/dlpauditsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/dlpauditsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scanoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scanoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptionsaccesstoken.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scanoptionsdropboxlogin.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scoping.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scoping.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/scoping.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/scoping.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/selectdlpcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/selectdlpcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/selectdlpcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/selectdlpcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/dropboxaccess/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/dropboxaccess/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/entra/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/entra/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/entra/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/entra/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/entra/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/entra/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/entra/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/entra/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/entra/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/entra/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/entra/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/entra/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/enumeratevalues.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/enumeratevalues.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/enumeratevalues.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/enumeratevalues.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/eventlogbrowser.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/eventlogbrowser.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/eventlogbrowser.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/eventlogbrowser.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/criteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/criteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/bodyoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionmessage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/daterangeselectionsearchfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/folderconditions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/foldertypewindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageclassesmessage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageclassessearchfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/messageconditions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/savefilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/filterwizard/searchtermswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/scope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/scope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/scopeselect.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scopeselect.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/scopeselect.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/scopeselect.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/sddoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/sddoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/sddoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/searchfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/searchfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/searchfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewsmailbox/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewsmailbox/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/criteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/criteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/criteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/criteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/filter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/filter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/filterpublicfolders.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterpublicfolders.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/filterpublicfolders.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/filterpublicfolders.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/sddoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/sddoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/sddoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/sddoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/searchfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/searchfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/searchfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/searchfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/ewspublicfolder/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/ewspublicfolder/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/mapisettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/mapisettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/mapisettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/mapisettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/scope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/scope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/scope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/scope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchange2k/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchange2k/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/messageclassesfilterswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/messageclassesfilterswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/messageclassesfilterswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/messageclassesfilterswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/properties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/properties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/properties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/properties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/scope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/scope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scopeselectedmailboxes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/scopeselectedtable.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scopeselectedtable.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/scopeselectedtable.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/scopeselectedtable.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/sddcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/sddcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/sddcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/sddcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemailbox/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemailbox/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/collectmode.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/collectmode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/collectmode.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/collectmode.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/messageactivityfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messageactivityfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/messageactivityfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messageactivityfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/messagesizes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messagesizes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/messagesizes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/messagesizes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/scope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/scope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/scope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/scope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/timeframes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/timeframes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/timeframes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/timeframes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangemetrics/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangemetrics/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/daterangeselectionwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/daterangeselectionwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/daterangeselectionwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/daterangeselectionwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/errorlogging.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/errorlogging.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/errorlogging.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/filtermessage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/filtermessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/filtermessage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/filtermessage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/mailboxlogons.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailboxlogons.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/mailboxlogons.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailboxlogons.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/mailflow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailflow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/mailflow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/mailflow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopedatabases.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopedatabases.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopedatabases.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopedatabases.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopemailboxes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopemailboxes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopemailboxes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopemailboxes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopepublicfolders.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfolders.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopepublicfolders.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfolders.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/scopepublicfoldersselectedtable.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/wordswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/wordswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangeps/wordswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangeps/wordswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/messageclassesfilterswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/probableowner.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableowner.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/probableowner.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableowner.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/probableownersettingswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/properties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/properties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/properties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/properties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/scope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/scope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scopeselectedpublicfolders.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/scopeselectedtable.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/exchangepublicfolder/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/exchangepublicfolder/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/file/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/file/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/file/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/file/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/file/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/file/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/file/targetfiles.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/targetfiles.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/file/targetfiles.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/targetfiles.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/file/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/file/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/file/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/filteroptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/filteroptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/filteroptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/filteroptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/activitysettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/activitysettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/activitysettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/activitysettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/advancedscopingoptionsqueryconfiguration.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettingsappletsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettingsappletsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettingsappletsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettingsappletsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/appletsettingscertificateexchangeoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/azuretenantmapping.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/azuretenantmapping.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/azuretenantmapping.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/azuretenantmapping.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/bulkimport.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/bulkimport.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/bulkimport.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/bulkimport.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsnfsexports.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario5.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/commonscopingoptionsscenario6.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/actionchangedlat.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/actionlatpreservationfailure.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/filedetails.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/defaultscopingoptions/fileproperties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/droptables.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/droptables.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/droptables.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/droptables.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/droptablesanalysistasks.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/droptablesanalysistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/droptablesanalysistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/droptablesanalysistasks.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/hostmappingquery.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/hostmappingquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/hostmappingquery.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/hostmappingquery.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/hostmappingsinglehostmultipleagent.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/hostmappingsinglehostsingleagent.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maintenancewizardrepair.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maintenancewizardrepair.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maintenancewizardrepair.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maintenancewizardrepair.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maintenancewizardresethosts.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maintenancewizardresethosts.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maintenancewizardresethosts.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maintenancewizardresethosts.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maintenancewizardselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maintenancewizardselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maintenancewizardselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maintenancewizardselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maualsharesquery.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maualsharesquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/maualsharesquery.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/maualsharesquery.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/queryselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/queryselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/queryselectionremovehostdata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselectionremovehostdata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/queryselectionremovehostdata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselectionremovehostdata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/queryselectionremovescanexecutablesdata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scanserverselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scanserverselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scanserverselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scanserverselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scansettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scansettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scansettings_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scansettings_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettings_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scansettingsnetapp.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettingsnetapp.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scansettingsnetapp.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scansettingsnetapp.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingconfigurationwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingconfigurationwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingconfigurationwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingconfigurationwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingoptionsopenshares.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptionsopenshares.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingoptionsopenshares.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingoptionsopenshares.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingqueries.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueries.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingqueriesopenshares.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueriesopenshares.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingqueriesopenshares.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueriesopenshares.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingqueryconfiguration.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueryconfiguration.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/scopingqueryconfiguration.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/scopingqueryconfiguration.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sddcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sddcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sddcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sddcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddelete.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddelete.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddelete.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddelete.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddeleteanalysistasks.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddeleteanalysistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddeleteanalysistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddeleteanalysistasks.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddeletesqlscripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sdddeletesqlscripteditoredittable.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/selecthostlists.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/selecthostlists.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/selecthostlists.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/selecthostlists.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sensitivedata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sensitivedata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/sensitivedata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/sensitivedata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/updateservice.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/updateservice.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/fsaa/updateservice.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/fsaa/updateservice.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/goto.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/goto.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/goto.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/goto.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/policieslist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/policieslist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/policieslist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/policieslist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/target.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/target.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/target.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/target.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/grouppolicy/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/grouppolicy/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/includehostname.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/includehostname.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/includehostname.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/includehostname.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/inifile/properties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/properties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/inifile/properties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/properties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/inifile/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/inifile/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/inifile/targetfiles.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/targetfiles.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/inifile/targetfiles.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/targetfiles.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/inifile/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/inifile/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/inifile/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nis/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nis/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nis/query.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/query.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nis/query.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/query.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nis/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nis/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nis/settings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/settings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nis/settings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/settings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nis/sidmappings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/sidmappings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nis/sidmappings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/sidmappings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nis/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nis/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nis/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nis/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nis/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nosql/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nosql/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nosql/criteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/criteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nosql/criteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/criteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nosql/editpattern.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/editpattern.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nosql/editpattern.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/editpattern.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nosql/filter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/filter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nosql/filter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/filter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nosql/manageconnections.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/manageconnections.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nosql/manageconnections.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/manageconnections.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nosql/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nosql/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nosql/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nosql/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/nosql/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/nosql/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/nosql/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/orgwildcard.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/orgwildcard.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/orgwildcard.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/orgwildcard.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/dictionaries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/dictionaries.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/dictionaries.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/passwordsecurity/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/passwordsecurity/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/powershell/editquery.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/powershell/editquery.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editquery.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryinput.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryinput.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryinput.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryinput.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryinputtable.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryinputtable.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryinputtable.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryinputtable.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryparameters.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryparameters.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryparameters.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryparameters.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryvariable.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryvariable.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/powershell/editqueryvariable.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/editqueryvariable.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/powershell/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/powershell/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/powershell/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/powershell/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/powershell/selectserver.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/selectserver.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/powershell/selectserver.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/selectserver.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/powershell/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/powershell/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/powershell/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/powershell/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/powershell/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesdatafilters.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesdatafilters.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesdatafilters.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesdatafilters.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesdatafilterswithfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesdatafilterswithfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesdatafilterswithfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesdatafilterswithfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesdatasourceexisting.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesdatasourceexisting.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesdatasourceexisting.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesdatasourceexisting.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesdatasourcenew.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesdatasourcenew.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesdatasourcenew.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesdatasourcenew.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesgeneral.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesgeneral.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/querypropertiesgeneral.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/querypropertiesgeneral.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/queryselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/queryselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/queryselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/queryselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/rawfilteredit.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/rawfilteredit.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/rawfilteredit.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/rawfilteredit.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/removehostname.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/removehostname.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/removehostname.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/removehostname.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/rootpath.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/rootpath.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/rootpath.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/rootpath.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/script/properties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/properties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/script/properties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/properties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/script/querypropertiesexisting.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/querypropertiesexisting.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/script/querypropertiesexisting.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/querypropertiesexisting.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/script/querypropertiesstandalone.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/querypropertiesstandalone.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/script/querypropertiesstandalone.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/querypropertiesstandalone.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/script/vbscripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/vbscripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/script/vbscripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/script/vbscripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/selectall.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/selectall.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/selectall.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/selectall.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/servicebrowser.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/servicebrowser.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/servicebrowser.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/servicebrowser.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/choosecolumnswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/choosecolumnswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/choosecolumnswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/choosecolumnswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/collectionmethod.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/collectionmethod.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/collectionmethod.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/collectionmethod.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/criteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/criteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/criteriafilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteriafilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/criteriafilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteriafilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/criteriarecordnumber.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteriarecordnumber.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/criteriarecordnumber.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/criteriarecordnumber.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/eventlogoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/eventlogoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/eventlogoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/eventlogoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/logstate.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/logstate.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/logstate.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/logstate.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/logtype.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/logtype.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/logtype.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/logtype.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/samplehost.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/samplehost.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/samplehost.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/samplehost.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/selectcomputerwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/selectcomputerwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/selectcomputerwindowadvanced.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/targetlog.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlog.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/targetlog.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlog.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/targetlogfiledetection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/targetlogtype/targetlogwindowsevent.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/smartlog/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/smartlog/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/activitydatescope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/activitydatescope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/activitydatescope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/activitydatescope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/activityloglocations.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/activityloglocations.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/activityloglocations.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/activityloglocations.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/additionalscoping.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/additionalscoping.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/additionalscoping.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/additionalscoping.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/agentsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/agentsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/agentsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/agentsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/bulkimportsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/bulkimportsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/bulkimportsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/customizeactivityloguncpaths.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/customizeactivityloguncpaths.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/customizeactivityloguncpaths.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/customizeactivityloguncpaths.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/datacollectionsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/datacollectionsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/datacollectionsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/datacollectionsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/dlpauditsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/dlpauditsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/dlpauditsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/dlpauditsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/droptablesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/droptablesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/droptablesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/droptablesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsexample.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptionsexample.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsexample.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptionsexample.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptionsvirtualhosts.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptionswebappurl.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptionswebappurl.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/scanscopingoptionswebappurl.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/scanscopingoptionswebappurl.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/selectdlpcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/selectdlpcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/selectdlpcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/selectdlpcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/summarypage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/summarypage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/summarypage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/summarypage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/testaccess.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccess.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/testaccess.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccess.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/testaccessbadtest.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccessbadtest.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/testaccessbadtest.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccessbadtest.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/testaccessgoodtest.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccessgoodtest.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/testaccessgoodtest.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/testaccessgoodtest.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/virtualhostscsv.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/virtualhostscsv.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/virtualhostscsv.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/virtualhostscsv.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/virtualhostshostlist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/virtualhostshostlist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/virtualhostshostlist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/virtualhostshostlist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/spaa/welcomepage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/welcomepage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/spaa/welcomepage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/spaa/welcomepage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/addcustomfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/addcustomfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/addcustomfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/addcustomfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/criteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/criteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/criteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/customqueryoracle.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/customqueryoracle.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/customqueryoracle.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/customqueryoracle.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/customsqlquery.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/customsqlquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/customsqlquery.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/customsqlquery.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/filter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/filter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/filter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/filter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/manageconnections.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/manageconnections.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/manageconnections.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/manageconnections.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/optionssensitivedata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/optionssensitivedata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/optionssensitivedata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/optionssensitivedata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/optionsserveraudits.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/optionsserveraudits.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/optionsserveraudits.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/optionsserveraudits.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/rowkey.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/rowkey.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/rowkey.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/rowkey.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/settings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/settings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/settings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/settings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sql/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sql/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sql/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/sublevels.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sublevels.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/sublevels.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/sublevels.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/category.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/category.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/category.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/category.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/customweights.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/customweights.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/customweights.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/customweights.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/excludeusers.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/excludeusers.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/excludeusers.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/excludeusers.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/filetypes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/filetypes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/filetypes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/filetypes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/jobscope.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/jobscope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/jobscope.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/jobscope.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/optionsfileshares.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/optionsfileshares.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/optionsfileshares.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/optionsfileshares.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/optionsnic.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/optionsnic.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/optionsnic.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/optionsnic.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/probableowner.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/probableowner.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/probableowner.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/probableowner.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/shareslist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/shareslist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/shareslist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/shareslist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/vipmembership.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/vipmembership.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/vipmembership.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/vipmembership.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/systeminfo/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/systeminfo/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/templateform.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/templateform.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/templateform.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/templateform.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/advancedcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/advancedcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/advancedcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/filterbuilder.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/filterbuilder.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/filterbuilder.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/filterbuilder.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/remotefolderexplorer.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/remotefolderexplorer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/remotefolderexplorer.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/remotefolderexplorer.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/searchcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/searchcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/searchcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/searchcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/sourcefiles.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/sourcefiles.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/sourcefiles.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/sourcefiles.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/textsearch/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/textsearch/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/unix/editscript.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/editscript.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/unix/editscript.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/editscript.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/unix/input.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/input.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/unix/input.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/input.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/unix/parsing.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/parsing.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/unix/parsing.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/parsing.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/unix/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/unix/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/unix/settings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/settings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/unix/settings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unix/settings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/unwildcard.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unwildcard.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/unwildcard.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/unwildcard.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/findagroup.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/findagroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/findagroup.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/findagroup.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/groups.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/groups.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/groups.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/groups.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/security.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/security.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/security.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/security.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/users.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/users.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/category/users.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/category/users.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/usersgroups/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/usersgroups/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/wildcard.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wildcard.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/wildcard.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wildcard.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/classes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/classes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/classes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/classes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/properties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/properties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/properties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/properties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/samplehost.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/samplehost.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/samplehost.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/samplehost.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/datacollector/wmicollector/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/datacollector/wmicollector/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/activities.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/activities.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/activities.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/activities.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/discoverylog.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/discoverylog.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/discoverylog.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/discoverylog.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/queries.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/queries.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queries.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/queriesaddhiddencolumn.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queriesaddhiddencolumn.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/queriesaddhiddencolumn.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queriesaddhiddencolumn.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/queriescustomizationwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queriescustomizationwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/queriescustomizationwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queriescustomizationwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/queriesfieldchooser.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queriesfieldchooser.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/queriesfieldchooser.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/queriesfieldchooser.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/querieshiddencolumnadded.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/querieshiddencolumnadded.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/querieshiddencolumnadded.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/querieshiddencolumnadded.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/activedirectory.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/activedirectory.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/activedirectory.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/createqueryhighlighted.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/createqueryhighlighted.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/createqueryhighlighted.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/createqueryhighlighted.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/databaseimport.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/databaseimport.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/databaseimport.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/databaseimport.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/datalinkproperties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/datalinkproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/datalinkproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/datalinkproperties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/datalinkpropertiestestconnection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/domainssites.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/domainssites.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/domainssites.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/domainssites.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/exchangeserver.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/exchangeserver.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/exchangeserver.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/exchangeserver.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/fileimport.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/fileimport.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/fileimport.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/fileimport.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/hostdiscoverywizard.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/hostdiscoverywizard.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/hostdiscoverywizard.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/hostdiscoverywizard.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory_2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory_2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory_2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory_2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory_3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory_3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory_3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory_4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory_4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory_4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory_4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory_5.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory_5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/inventory_5.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/inventory_5.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/ipsweep.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/ipsweep.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/ipsweep.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/ipsweep.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options_2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options_2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options_3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options_3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options_4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options_4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options_5.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/options_5.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/options_5.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query_2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query_2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query_3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query_3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query_4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query_4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query_5.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/query_5.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/query_5.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source_2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source_2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source_2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source_2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source_3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source_3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source_3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source_4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source_4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source_4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source_4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source_5.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source_5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/source_5.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/source_5.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary_2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary_2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary_3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary_3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary_4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary_4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary_5.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/summary_5.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/summary_5.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/wizardconfirmdialog.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostdiscovery/wizard/wizardconfirmdialog.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostdiscovery/wizard/wizardconfirmdialog.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/activitieshostmanagement.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/activitieshostmanagement.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/activitieshostmanagement.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/activitieshostmanagement.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/activitiesindividualhost.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/activitiesindividualhost.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/activitiesindividualhost.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/activitiesindividualhost.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/addhosts.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/addhosts.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/addhosts.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/addhosts.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletehost.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletehost.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletehost.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletehost.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletehostmaster.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletehostmaster.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletehostmaster.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletehostmaster.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletelist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletelist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletelist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletelist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletelistmaster.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletelistmaster.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/confirmdeletelistmaster.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/confirmdeletelistmaster.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/editlist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/editlist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/editlist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/editlist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/editquery.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/editquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/editquery.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/editquery.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/export.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/export.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/export.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/export.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportexamplecsv.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportexamplecsv.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportexamplecsv.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportexamplecsv.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportexamplehtml.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportexamplehtml.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportexamplehtml.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportexamplehtml.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportexamplexml.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportexamplexml.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportexamplexml.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportexamplexml.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportsaveas.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportsaveas.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/exportsaveas.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/exportsaveas.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostdetailsview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostdetailsview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostdetailsview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostdetailsview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistname.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistname.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistname.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistname.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistwizardhostentry.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistwizardhostentry.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistwizardhostentry.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistwizardhostentry.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistwizardimport.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistwizardimport.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistwizardimport.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistwizardimport.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistwizardproperties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistwizardproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/hostlistwizardproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/hostlistwizardproperties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhosts.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhosts.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhosts.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhosts.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhostscomplete.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhostscomplete.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhostscomplete.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhostscomplete.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhostscsv.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhostscsv.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhostscsv.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhostscsv.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhostsdatabase.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhostsdatabase.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importhostsdatabase.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importhostsdatabase.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocation.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocation.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocation.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocationcomplete.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocationcomplete.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocationcomplete.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocationcomplete.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocationcsv.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocationcsv.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocationcsv.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocationcsv.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocationwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocationwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/importlocationwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/importlocationwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/refreshhosts.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/refreshhosts.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/refreshhosts.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/refreshhosts.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/refreshhostsconfirm.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/refreshhostsconfirm.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/refreshhostsconfirm.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/refreshhostsconfirm.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/resumehostinventory.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/resumehostinventory.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/resumehostinventory.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/resumehostinventory.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/savecurrentview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/savecurrentview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/savecurrentview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/savecurrentview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/savetolist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/savetolist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/savetolist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/savetolist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/schedule.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedule.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/schedule.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedule.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/schedulewizardhostmanagement.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedulewizardhostmanagement.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/schedulewizardhostmanagement.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/schedulewizardhostmanagement.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/suspendhostinventory.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/suspendhostinventory.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/suspendhostinventory.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/suspendhostinventory.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/viewedithost.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewedithost.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/viewedithost.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewedithost.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/viewquery.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/actions/viewquery.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/actions/viewquery.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/datagrid.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/datagrid.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/datagrid.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/discoveryquerylist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/discoveryquerylist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/discoveryquerylist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/discoveryquerylist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/dynamichostlist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/dynamichostlist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/dynamichostlist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/dynamichostlist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/inventoryidle.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/inventoryidle.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/inventoryidle.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/inventoryidle.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/inventoryinprogress.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/inventoryinprogress.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/inventoryinprogress.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/inventoryinprogress.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/inventoryinqueue.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/inventoryinqueue.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/inventoryinqueue.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/inventoryinqueue.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/rightclickhostmanagement.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/rightclickhostmanagement.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/rightclickhostmanagement.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/rightclickhostmanagement.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/rightclickindividualhost.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/rightclickindividualhost.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/rightclickindividualhost.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/rightclickindividualhost.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/rightclickquerycreated.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/rightclickquerycreated.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/rightclickquerycreated.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/rightclickquerycreated.webp diff --git a/static/img/product_docs/accessanalyzer/admin/hostmanagement/statichostlist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/statichostlist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/hostmanagement/statichostlist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/hostmanagement/statichostlist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/changeswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/changeswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/changeswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/changeswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/changeswindowlocked.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/changeswindowlocked.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/changeswindowlocked.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/changeswindowlocked.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/changeswindowmerge.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/changeswindowmerge.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/changeswindowmerge.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/changeswindowmerge.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/connectstatus.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/connectstatus.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/connectstatus.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/connectstatus.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/explorefolder.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/explorefolder.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/explorefolder.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/explorefolder.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/explorefolderfileexplorer.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/explorefolderfileexplorer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/explorefolderfileexplorer.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/explorefolderfileexplorer.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/export.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/export.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/export.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/export.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/exportgrouptoziparchive.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/exportgrouptoziparchive.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/exportgrouptoziparchive.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/exportgrouptoziparchive.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/connection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/connection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/connection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/connection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/descriptionpage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/descriptionpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/descriptionpage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/descriptionpage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/descriptionpagenewgroup.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/descriptionpagenewgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/descriptionpagenewgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/descriptionpagenewgroup.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/descriptionpageoverview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/descriptionpageoverview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/descriptionpageoverview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/descriptionpageoverview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/history.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/history.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/history.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/history.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/hostlistassignment.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/hostlistassignment.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/hostlistassignment.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/hostlistassignment.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/jobgroupstructure.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/jobgroupstructure.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/jobgroupstructure.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/jobgroupstructure.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/reporting.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/reporting.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/reporting.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/reporting.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/settings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/settings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/settings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/settings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/showinheritedsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/showinheritedsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/showinheritedsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/showinheritedsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/group/storage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/storage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/group/storage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/group/storage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantiateextract.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantiateextract.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantiateextract.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantiateextract.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantiatefileexplorer.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantiatefileexplorer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantiatefileexplorer.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantiatefileexplorer.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantiatejobstree.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantiatejobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantiatejobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantiatejobstree.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/actiontasks.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/actiontasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/actiontasks.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/actiontasks.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/actiontasks_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/actiontasks_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/actiontasks_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/actiontasks_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/actionwizardmessage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/actionwizardmessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/actionwizardmessage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/actionwizardmessage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/addinstantjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/addinstantjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/addinstantjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/addinstantjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks_2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks_2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks_2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks_2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks_3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistasks_3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistasks_3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/analysistaskshelpdesknotification.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/customizeanalysistask.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/customizeanalysistask.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/customizeanalysistask.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/customizeanalysistask.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/hostassignment.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/hostassignment.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/hostassignment.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/hostassignment.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/hostlists.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/hostlists.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/hostlists.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/hostlists.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/individualhosts.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/individualhosts.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/individualhosts.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/individualhosts.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/installationcomplete.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/installationcomplete.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/installationcomplete.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/installationcomplete.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/instantjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/instantjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/instantjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/instantjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/jobstree_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/jobstree_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/jobstree_2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/jobstree_2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/jobstree_3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/jobstree_3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/jobstree_4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/jobstree_4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/jobstree_4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/selectinstantjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/selectinstantjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/selectinstantjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/selectinstantjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/smtpproperties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/smtpproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/smtpproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/smtpproperties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/smtppropertiesmessage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/smtppropertiesmessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/smtppropertiesmessage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/smtppropertiesmessage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/smtppropertiesrecipients.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/smtppropertiesrecipients.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/smtppropertiesrecipients.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/smtppropertiesrecipients.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/summary.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/summary.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/summary.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/summary.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/instantjobs/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/instantjobs/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionselectionoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionselectionoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionselectionoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionselectionoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionselectiontablebuttons.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionselectiontablebuttons.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionselectiontablebuttons.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionselectiontablebuttons.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionsrightclickmenu.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionsrightclickmenu.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/actionsrightclickmenu.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/actionsrightclickmenu.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisbuttonsbottom.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisbuttonsbottom.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisbuttonsbottom.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisbuttonsbottom.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisbuttonstop.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisbuttonstop.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisbuttonstop.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisbuttonstop.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisrightclickmenu.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisrightclickmenu.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisrightclickmenu.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisrightclickmenu.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/analysisselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/analysisselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/configurelinkjobpage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/configurelinkjobpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/configurelinkjobpage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/configurelinkjobpage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/configurenode.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/configurenode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/configurenode.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/configurenode.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/configurepage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/configurepage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/configurepage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/configurepage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/customizableparameters.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/customizableparameters.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/customizableparameters.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/customizableparameters.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/hostselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/hostselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/hostselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/hostselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/hostselectionindividualhosts.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/hostselectionindividualhosts.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/hostselectionindividualhosts.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/hostselectionindividualhosts.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/hostsnode.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/hostsnode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/hostsnode.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/hostsnode.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryrightclickmenu.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryrightclickmenu.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryrightclickmenu.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryrightclickmenu.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryselectionqueries.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryselectionqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryselectionqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryselectionqueries.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryselectiontables.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryselectiontables.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/queryselectiontables.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/queryselectiontables.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/reports.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/reports.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/reports.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/reports.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/reportstableheaderoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/reportstableheaderoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/reportstableheaderoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/reportstableheaderoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/configure/reportstablerowoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/reportstablerowoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/configure/reportstablerowoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/configure/reportstablerowoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/createjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/createjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/createjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/createjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpageconfigurationsection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpageconfigurationsection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpageconfigurationsection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpageconfigurationsection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpagenewjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpagenewjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpagenewjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpagenewjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpageoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpageoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpageoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpageoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpageoverview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpageoverview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpageoverview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpageoverview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpagepreconfigured.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpagepreconfigured.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/descriptionpagepreconfigured.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/descriptionpagepreconfigured.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/disabledjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/disabledjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/disabledjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/disabledjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/disabledjob2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/disabledjob2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/disabledjob2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/disabledjob2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/disablejob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/disablejob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/disablejob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/disablejob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/enablejob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/enablejob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/enablejob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/enablejob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/inheritedsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/inheritedsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/inheritedsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/inheritedsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/jobnode.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/jobnode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/jobnode.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/jobnode.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/jobrunning.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/jobrunning.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/jobrunning.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/jobrunning.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/newjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/newjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/newjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/newjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/parameterconfigurationwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/parameterconfigurationwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/parameterconfigurationwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/parameterconfigurationwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/autoretry.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/autoretry.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/autoretry.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/autoretry.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/general.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/general.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/general.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/general.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/generalloglevel.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/generalloglevel.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/generalloglevel.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/generalloglevel.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/history.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/history.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/history.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/history.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/notification.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/notification.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/notification.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/notification.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/performance.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/performance.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/performance.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/performance.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/reportroles.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/reportroles.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/reportroles.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/reportroles.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/reportsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/reportsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/reportsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/reportsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/storage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/storage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/storage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/storage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/viewxml.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxml.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/viewxml.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxml.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/properties/viewxmlbutton.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxmlbutton.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/properties/viewxmlbutton.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/properties/viewxmlbutton.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/resultsnode.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/resultsnode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/resultsnode.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/resultsnode.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/job/statusnode.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/statusnode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/job/statusnode.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/job/statusnode.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/jobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/jobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/jobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/jobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/jobsdata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/jobsdata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/jobsdata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/jobsdata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/jobsreport.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/jobsreport.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/jobsreport.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/jobsreport.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/jobstatus.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/jobstatus.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/jobstatus.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/jobstatus.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/jobstreeoverview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/jobstreeoverview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/jobstreeoverview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/jobstreeoverview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/lockedjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/lockedjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/lockedjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/lockedjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/messages.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/messages.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/messages.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/messages.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/modifiedjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/modifiedjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/modifiedjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/modifiedjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/modifiedjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/modifiedjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/modifiedjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/modifiedjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/publishreportsactiontype.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/publishreportsactiontype.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/publishreportsactiontype.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/publishreportsactiontype.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/publishreportsreporttree.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/publishreportsreporttree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/publishreportsreporttree.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/publishreportsreporttree.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/refreshtree.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/refreshtree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/refreshtree.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/refreshtree.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/results.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/results.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/results.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/results.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/settings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/settings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/settings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/settings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/status.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/status.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/status.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/status.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/supportemail.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/supportemail.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/supportemail.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/supportemail.webp diff --git a/static/img/product_docs/accessanalyzer/admin/jobs/taskstatus.webp b/static/img/product_docs/accessanalyzer/12.0/admin/jobs/taskstatus.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/jobs/taskstatus.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/jobs/taskstatus.webp diff --git a/static/img/product_docs/accessanalyzer/admin/maintenance/maintenance_3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/maintenance/maintenance_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/maintenance/maintenance_3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/maintenance/maintenance_3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/maintenance/maintenance_4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/maintenance/maintenance_4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/maintenance/maintenance_4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/maintenance/maintenance_4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/maintenance/maintenance_5.webp b/static/img/product_docs/accessanalyzer/12.0/admin/maintenance/maintenance_5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/maintenance/maintenance_5.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/maintenance/maintenance_5.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/activitiespane.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/activitiespane.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/activitiespane.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/activitiespane.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/addquery.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/addquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/addquery.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/addquery.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/addreport.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/addreport.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/addreport.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/addreport.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/buttonbar.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/buttonbar.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/buttonbar.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/buttonbar.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/copy.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/copy.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/copy.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/copy.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/cut.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/cut.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/cut.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/cut.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality10.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality10.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality10.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality10.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality11.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality11.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality11.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality11.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality12.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality12.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality12.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality12.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality13.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality13.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality13.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality13.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality14.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality14.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality14.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality14.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality15.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality15.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality15.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality15.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality16.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality16.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality16.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality16.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality17.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality17.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality17.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality17.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality5.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality5.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality5.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality6.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality6.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality6.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality6.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality7.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality7.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality7.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality7.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality8.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality8.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality8.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality8.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality9.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality9.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/datagridfunctionality9.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/datagridfunctionality9.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/delete.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/delete.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/delete.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/delete.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/menubar.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/menubar.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/menubar.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/menubar.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationmenu.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationmenu.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationmenu.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationmenu.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationoverview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationoverview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationoverview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationoverview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane10.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane10.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane10.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane10.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane11.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane11.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane11.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane11.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane12.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane12.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane12.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane12.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane13.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane13.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane13.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane13.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane14.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane14.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane14.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane14.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane15.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane15.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane15.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane15.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane16.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane16.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane16.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane16.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane17.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane17.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane17.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane17.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane18.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane18.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane18.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane18.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane2.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane2.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane2.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane5.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane5.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane5.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane6.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane6.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane6.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane6.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane7.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane7.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane7.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane7.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane8.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane8.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane8.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane8.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/navigationpane9.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane9.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/navigationpane9.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/navigationpane9.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/newgroup.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/newgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/newgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/newgroup.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/newjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/newjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/newjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/newjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/newquery.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/newquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/newquery.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/newquery.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/paste.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/paste.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/paste.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/paste.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/resultspane.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/resultspane.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/resultspane.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/resultspane.webp diff --git a/static/img/product_docs/accessanalyzer/admin/navigate/selectinstantjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/navigate/selectinstantjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/navigate/selectinstantjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/navigate/selectinstantjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/chartwizard/addnewseries.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/addnewseries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/chartwizard/addnewseries.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/addnewseries.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/chartwizard/chartformat.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/chartformat.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/chartwizard/chartformat.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/chartformat.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/chartwizard/configure.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/configure.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/chartwizard/configure.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/configure.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/chartwizard/configurechartpreview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/configurechartpreview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/chartwizard/configurechartpreview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/configurechartpreview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/chartwizard/configuredatapreview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/configuredatapreview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/chartwizard/configuredatapreview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/configuredatapreview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/chartwizard/datasource.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/datasource.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/chartwizard/datasource.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/chartwizard/datasource.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/configure.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/configure.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/configure.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/configure.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/copy.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/copy.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/copy.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/copy.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/create.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/create.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/create.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/create.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/deletegroup.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/deletegroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/deletegroup.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/deletegroup.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/generate.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/generate.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/generate.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/generate.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/interactivegrids/addremovecolumns.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/addremovecolumns.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/interactivegrids/addremovecolumns.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/addremovecolumns.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/interactivegrids/copycell.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/copycell.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/interactivegrids/copycell.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/copycell.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/interactivegrids/datefilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/datefilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/interactivegrids/datefilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/datefilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/interactivegrids/enumerated.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/enumerated.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/interactivegrids/enumerated.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/enumerated.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/interactivegrids/groupby.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/groupby.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/interactivegrids/groupby.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/groupby.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/interactivegrids/groupbyloadingdata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/groupbyloadingdata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/interactivegrids/groupbyloadingdata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/groupbyloadingdata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/interactivegrids/interactivegridoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/interactivegridoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/interactivegrids/interactivegridoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/interactivegridoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/interactivegrids/paging.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/paging.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/interactivegrids/paging.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/paging.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/interactivegrids/search.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/search.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/interactivegrids/search.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/interactivegrids/search.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/jobgroupview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/jobgroupview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/jobgroupview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/jobgroupview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/paste.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/paste.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/paste.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/paste.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/privilegedaccountstag.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/privilegedaccountstag.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/privilegedaccountstag.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/privilegedaccountstag.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/progress.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/progress.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/progress.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/progress.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/reportfrompreviousdeletion.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/reportfrompreviousdeletion.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/reportfrompreviousdeletion.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/reportfrompreviousdeletion.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/reportheader.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/reportheader.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/reportheader.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/reportheader.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/reports.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/reports.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/reports.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/reports.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/reporttree.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/reporttree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/reporttree.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/reporttree.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/tagstab.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/tagstab.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/tagstab.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/tagstab.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/viewconfigure.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/viewconfigure.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/viewconfigure.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/viewconfigure.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/viewresultsnode.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/viewresultsnode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/viewresultsnode.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/viewresultsnode.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/webconsolehome.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/webconsolehome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/webconsolehome.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/webconsolehome.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/webconsolesolutioninventory.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/webconsolesolutioninventory.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/webconsolesolutioninventory.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/webconsolesolutioninventory.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/addreportviewer.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/addreportviewer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/addreportviewer.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/addreportviewer.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/advancedtexteditor.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/advancedtexteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/advancedtexteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/advancedtexteditor.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/authoring.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/authoring.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/authoring.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/authoring.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/basictexteditor.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/basictexteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/basictexteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/basictexteditor.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/bold.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/bold.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/bold.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/bold.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/bullets.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/bullets.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/bullets.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/bullets.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/cut.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/cut.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/cut.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/cut.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/decreaseindent.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/decreaseindent.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/decreaseindent.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/decreaseindent.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/elementdowngradeeditor.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/elementdowngradeeditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/elementdowngradeeditor.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/elementdowngradeeditor.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/email.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/email.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/email.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/email.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/emailconfigured.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/emailconfigured.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/emailconfigured.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/emailconfigured.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/find.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/find.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/find.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/find.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/font.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/font.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/font.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/font.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/fontsize.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/fontsize.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/fontsize.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/fontsize.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/header.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/header.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/header.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/header.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/hyperlink.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/hyperlink.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/hyperlink.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/hyperlink.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/increaseindent.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/increaseindent.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/increaseindent.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/increaseindent.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/italic.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/italic.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/italic.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/italic.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/layout.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/layout.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/layout.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/layout.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/multilevel.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/multilevel.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/multilevel.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/multilevel.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/name.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/name.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/name.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/name.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/numbering.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/numbering.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/numbering.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/numbering.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/paste.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/paste.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/paste.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/paste.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/pastespecial.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/pastespecial.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/pastespecial.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/pastespecial.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/publishsecurity.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/publishsecurity.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/publishsecurity.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/publishsecurity.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/redo.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/redo.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/redo.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/redo.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/reportviewer.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/reportviewer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/reportviewer.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/reportviewer.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/table.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/table.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/table.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/table.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/tageditor.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/tageditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/tageditor.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/tageditor.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/texteditorselection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/texteditorselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/texteditorselection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/texteditorselection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/undo.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/undo.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/undo.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/undo.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/widgetgrid.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgrid.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/widgetgrid.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgrid.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/widgetgriddata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgriddata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/widgetgriddata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgriddata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/widgetgridoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgridoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/widgetgridoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgridoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/widgetgridtableproperties.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgridtableproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/widgetgridtableproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetgridtableproperties.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/widgets.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgets.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/widgets.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgets.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/widgetsconfigure.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetsconfigure.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/widgetsconfigure.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetsconfigure.webp diff --git a/static/img/product_docs/accessanalyzer/admin/report/wizard/widgetsconfigured.webp b/static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetsconfigured.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/report/wizard/widgetsconfigured.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/report/wizard/widgetsconfigured.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/jobdetails.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetails.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/jobdetails.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetails.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailscurrent.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailscurrent.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailscurrent.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailscurrent.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailshistory.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailshistory.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailshistory.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailshistory.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailshistorycustomfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailshistorycustomfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailshistorycustomfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailshistorycustomfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailsqueuedjobs.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailsqueuedjobs.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/jobdetailsqueuedjobs.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/jobdetailsqueuedjobs.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/logfile.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/logfile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/logfile.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/logfile.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/overview.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/overview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/overview.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/overview.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/overviewbottombar.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/overviewbottombar.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/overviewbottombar.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/overviewbottombar.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/processid.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/processid.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/processid.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/processid.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/schedulewizard.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/schedulewizard.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/schedulewizard.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/schedulewizard.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/stop.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/stop.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/stop.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/stop.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/viewdetails.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewdetails.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/viewdetails.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewdetails.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/viewhost.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewhost.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/viewhost.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewhost.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/viewhostlist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewhostlist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/viewhostlist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewhostlist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/viewlog.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewlog.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/viewlog.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewlog.webp diff --git a/static/img/product_docs/accessanalyzer/admin/runninginstances/viewschedule.webp b/static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewschedule.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/runninginstances/viewschedule.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/runninginstances/viewschedule.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/connection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/connection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/connection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/connection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/hostlist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/hostlist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/hostlist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/hostlist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/jobtree.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/jobtree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/jobtree.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/jobtree.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/options.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/options.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/options.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/progress.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/progress.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/progress.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/progress.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/runas.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/runas.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/runas.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/runas.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/schedule.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/schedule.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/schedule.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/schedule.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/schedulecustomcredentials.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/schedulecustomcredentials.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/schedulecustomcredentials.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/schedulecustomcredentials.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/setaccount.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/setaccount.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/setaccount.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/setaccount.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/tasks.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/tasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/tasks.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/tasks.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/taskssubgroups.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/taskssubgroups.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/taskssubgroups.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/taskssubgroups.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/tasksupdated.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/tasksupdated.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/tasksupdated.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/tasksupdated.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/triggerwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/triggerwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/triggerwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/triggerwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/schedule/triggerwindowadvancedsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/schedule/triggerwindowadvancedsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/schedule/triggerwindowadvancedsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/schedule/triggerwindowadvancedsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/access.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/access.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/access.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/access.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/restapi/accesstypeapplication.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/accesstypeapplication.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/restapi/accesstypeapplication.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/accesstypeapplication.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/restapi/applicationaccess.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/applicationaccess.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/restapi/applicationaccess.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/applicationaccess.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/restapi/applicationdetails.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/applicationdetails.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/restapi/applicationdetails.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/applicationdetails.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/restapi/selectdatabaseobjects.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/selectdatabaseobjects.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/restapi/selectdatabaseobjects.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/restapi/selectdatabaseobjects.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/accesstypeuser.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/accesstypeuser.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/accesstypeuser.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/accesstypeuser.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/addaccess.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/addaccess.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/addaccess.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/addaccess.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccess.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccess.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccess.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccessedit.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccessedit.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccessedit.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccessedit.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccessfinish.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccessfinish.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/consoleaccessfinish.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/consoleaccessfinish.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/deleterolemember.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/deleterolemember.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/deleterolemember.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/deleterolemember.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/editmemberrole.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/editmemberrole.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/editmemberrole.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/editmemberrole.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/lockjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/lockjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/lockjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/lockjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/neausersgroup.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/neausersgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/neausersgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/neausersgroup.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/noadminerror.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/noadminerror.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/noadminerror.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/noadminerror.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/reportjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/reportjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/reportjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/reportjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/reportviewerjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/reportviewerjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/reportviewerjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/reportviewerjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/reportviewerjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/reportviewerjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/reportviewerjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/reportviewerjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/reportviewerreport.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/reportviewerreport.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/reportviewerreport.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/reportviewerreport.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqlcreateroles.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqlcreateroles.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqlcreateroles.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqlcreateroles.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqldatabaseroles.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqldatabaseroles.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqldatabaseroles.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqldatabaseroles.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqlusers.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqlusers.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqlusers.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqlusers.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqlusersnewuser.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqlusersnewuser.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqlusersnewuser.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqlusersnewuser.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqluserwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqluserwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/sqluserwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/sqluserwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/unlockjob.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/unlockjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/access/rolebased/unlockjob.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/access/rolebased/unlockjob.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/ad.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/ad.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/ad.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/ad.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/addusercredential.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/addusercredential.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/addusercredential.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/addusercredential.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/allwindowshosts.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/allwindowshosts.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/allwindowshosts.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/allwindowshosts.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/application/application.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/application/application.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/application/application.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/application/application.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/application/applicationexitoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/application/applicationexitoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/application/applicationexitoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/application/applicationexitoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/application/applicationlog.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/application/applicationlog.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/application/applicationlog.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/application/applicationlog.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/application/cleanup.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/application/cleanup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/application/cleanup.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/application/cleanup.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/application/confirmexitwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/application/confirmexitwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/application/confirmexitwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/application/confirmexitwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/application/gridviewparameters.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/application/gridviewparameters.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/application/gridviewparameters.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/application/gridviewparameters.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/application/hosttargetoptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/application/hosttargetoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/application/hosttargetoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/application/hosttargetoptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/application/profilesecurity.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/application/profilesecurity.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/application/profilesecurity.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/application/profilesecurity.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/application/usagestatistics.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/application/usagestatistics.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/application/usagestatistics.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/application/usagestatistics.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/application/vaultrbaerror.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/application/vaultrbaerror.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/application/vaultrbaerror.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/application/vaultrbaerror.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/allowedmachines.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/allowedmachines.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/allowedmachines.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/allowedmachines.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/applicationidhash.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/applicationidhash.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/applicationidhash.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/applicationidhash.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/cancelsavebuttons.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/cancelsavebuttons.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/cancelsavebuttons.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/cancelsavebuttons.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/connectionpage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/connectionpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/connectionpage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/connectionpage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/globaloptions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/globaloptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/globaloptions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/globaloptions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/activedirectoryaccount.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/activedirectoryaccount.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/activedirectoryaccount.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/activedirectoryaccount.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/addconnectionprofile.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/addconnectionprofile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/addconnectionprofile.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/addconnectionprofile.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/addusercredential.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/addusercredential.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/addusercredential.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/addusercredential.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/connectionaws.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/connectionaws.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/connectionaws.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/connectionaws.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/connectionprofilename.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/connectionprofilename.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/connectionprofilename.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/connectionprofilename.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/defaultconnectionprofile.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/defaultconnectionprofile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/defaultconnectionprofile.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/defaultconnectionprofile.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofile.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteconnectionprofile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofile.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteconnectionprofile.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteconnectionprofileconfirm.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteusercredentials.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteusercredentials.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteusercredentials.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteusercredentials.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteusercredentialsconfirm.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteusercredentialsconfirm.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/deleteusercredentialsconfirm.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/deleteusercredentialsconfirm.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/dropbox.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/dropbox.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/dropbox.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/dropbox.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/editusercredentials.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/editusercredentials.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/editusercredentials.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/editusercredentials.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/entraid.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/entraid.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/entraid.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/entraid.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/exchangemodernauthentication.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/exchangemodernauthentication.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/exchangemodernauthentication.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/exchangemodernauthentication.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/localwindowsaccount.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/localwindowsaccount.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/localwindowsaccount.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/localwindowsaccount.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/moveupdown.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/moveupdown.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/moveupdown.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/moveupdown.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/oracle.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/oracle.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/oracle.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/oracle.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/passworddifferserror.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/passworddifferserror.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/passworddifferserror.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/passworddifferserror.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/selectaccounttype.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/selectaccounttype.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/selectaccounttype.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/selectaccounttype.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/setasdefaultconnectionprofile.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/setasdefaultconnectionprofile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/setasdefaultconnectionprofile.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/setasdefaultconnectionprofile.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/sqlauthentication.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/sqlauthentication.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/sqlauthentication.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/sqlauthentication.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/taskdomain.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/taskdomain.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/taskdomain.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/taskdomain.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/tasklocal.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/tasklocal.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/tasklocal.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/tasklocal.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/unixaccount.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/unixaccount.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/unixaccount.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/unixaccount.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/usercredentialslist.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/usercredentialslist.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/usercredentialslist.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/usercredentialslist.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/usewindowsaccountoption.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/usewindowsaccountoption.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/usewindowsaccountoption.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/usewindowsaccountoption.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/profile/webservicesjwt.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/webservicesjwt.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/profile/webservicesjwt.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/profile/webservicesjwt.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/settingssavedmessage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/settingssavedmessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/settingssavedmessage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/settingssavedmessage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/usercredentials.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/usercredentials.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/usercredentials.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/usercredentials.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/usercredentialsad.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/usercredentialsad.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/usercredentialsad.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/usercredentialsad.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/usercredentialslocal.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/usercredentialslocal.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/usercredentialslocal.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/usercredentialslocal.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/connection/vaultownerswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/vaultownerswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/connection/vaultownerswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/connection/vaultownerswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/delete.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/delete.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/delete.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/delete.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/deletecredentials.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/deletecredentials.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/deletecredentials.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/deletecredentials.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/dg.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/dg.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/dg.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/dg.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/edit.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/edit.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/edit.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/edit.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/email.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/email.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/email.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/email.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/emailcontent.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/emailcontent.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/emailcontent.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/emailcontent.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/exchange.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/exchange.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/exchange.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/exchange.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/exchange_1.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/exchange_1.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_1.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/exchange_3.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/exchange_3.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_3.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/exchange_4.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/exchange_4.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_4.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/exchange_6.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_6.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/exchange_6.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/exchange_6.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/globalsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/globalsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/globalsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/globalsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/gponetworksecurity.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/gponetworksecurity.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/gponetworksecurity.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/gponetworksecurity.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/history.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/history.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/history.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/history.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/historyjoblogs.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/historyjoblogs.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/historyjoblogs.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/historyjoblogs.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/hostdiscovery.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/hostdiscovery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/hostdiscovery.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/hostdiscovery.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/hostdiscoverylog.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/hostdiscoverylog.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/hostdiscoverylog.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/hostdiscoverylog.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/hostdiscoveryloglevels.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/hostdiscoveryloglevels.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/hostdiscoveryloglevels.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/hostdiscoveryloglevels.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/hostinventory.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/hostinventory.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/hostinventory.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/hostinventory.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/incorrectlogondetails.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/incorrectlogondetails.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/incorrectlogondetails.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/incorrectlogondetails.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/insufficientrights.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/insufficientrights.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/insufficientrights.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/insufficientrights.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/javascriptsettings.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/javascriptsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/javascriptsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/javascriptsettings.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/javascriptsitepermissions.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/javascriptsitepermissions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/javascriptsitepermissions.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/javascriptsitepermissions.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/notification.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/notification.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/notification.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/notification.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/passwordsdontmatch.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/passwordsdontmatch.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/passwordsdontmatch.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/passwordsdontmatch.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/publish.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/publish.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/publish.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/publish.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/reporting.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/reporting.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/reporting.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/reporting.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/schedule.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/schedule.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/schedule.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/schedule.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/senderinformation.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/senderinformation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/senderinformation.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/senderinformation.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/addcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/addcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/addcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/addcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/criteriatab.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/criteriatab.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/criteriatab.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/criteriatab.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/addexclusionfilterwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/addfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/addfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/addfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/addfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/configureexclusionfilterwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/deletefilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/deletefilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/deletefilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/deletefilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/editexclusionfilterwindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/editfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/editfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/editfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/editfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/exportfileexplorer.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/exportfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/exportfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/exportfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/falsepositivestab.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/falsepositivestab.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/falsepositivestab.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/falsepositivestab.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/importfileexplorer.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/importfileexplorer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/importfileexplorer.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/importfileexplorer.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/importfilter.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/importfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/exclusions/importfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/exclusions/importfilter.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/selectcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/selectcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/selectcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/selectcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/sensitivedata.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/sensitivedata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sensitivedata/sensitivedata.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sensitivedata/sensitivedata.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/server.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/server.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/server.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/server.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/serviceaccounttypes.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/serviceaccounttypes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/serviceaccounttypes.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/serviceaccounttypes.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/servicenow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/servicenow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/servicenow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/servicenow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/sqlservers.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/sqlservers.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/sqlservers.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/sqlservers.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/addprofile.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/addprofile.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofile.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/addprofileauthentication.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofileauthentication.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/addprofileauthentication.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofileauthentication.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/addprofilebadconnection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofilebadconnection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/addprofilebadconnection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofilebadconnection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/addprofiledatabase.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofiledatabase.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/addprofiledatabase.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofiledatabase.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/addprofilegoodconnection.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofilegoodconnection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/addprofilegoodconnection.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofilegoodconnection.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/addprofilename.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofilename.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/addprofilename.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofilename.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/addprofileservername.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofileservername.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/addprofileservername.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofileservername.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/addprofiletimeout.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofiletimeout.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/addprofiletimeout.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/addprofiletimeout.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/changestorageprofile.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/changestorageprofile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/changestorageprofile.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/changestorageprofile.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/changestorageprofilefinish.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/changestorageprofilefinish.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/changestorageprofilefinish.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/changestorageprofilefinish.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/connectionreport.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/connectionreport.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/connectionreport.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/connectionreport.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/default.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/default.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/default.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/default.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/defaultsave.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/defaultsave.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/defaultsave.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/defaultsave.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/delete.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/delete.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/delete.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/delete.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/deleteconfirm.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/deleteconfirm.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/deleteconfirm.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/deleteconfirm.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/storage.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/storage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/storage.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/storage.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/storageoperations.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/storageoperations.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/storageoperations.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/storageoperations.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/storage/updateauth.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/updateauth.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/storage/updateauth.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/storage/updateauth.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/test.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/test.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/test.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/test.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/testemail.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/testemail.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/testemail.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/testemail.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/testerror.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/testerror.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/testerror.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/testerror.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/testsuccess.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/testsuccess.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/testsuccess.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/testsuccess.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/usercredentialswindow.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/usercredentialswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/usercredentialswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/usercredentialswindow.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/websiteurl.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/websiteurl.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/websiteurl.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/websiteurl.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/windowsserver.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/windowsserver.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/windowsserver.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/windowsserver.webp diff --git a/static/img/product_docs/accessanalyzer/admin/settings/workstation.webp b/static/img/product_docs/accessanalyzer/12.0/admin/settings/workstation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/admin/settings/workstation.webp rename to static/img/product_docs/accessanalyzer/12.0/admin/settings/workstation.webp diff --git a/static/img/product_docs/accessanalyzer/config/dellpowerscale/editgroup.webp b/static/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/editgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/dellpowerscale/editgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/editgroup.webp diff --git a/static/img/product_docs/accessanalyzer/config/dellpowerscale/groupstab.webp b/static/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/groupstab.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/dellpowerscale/groupstab.webp rename to static/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/groupstab.webp diff --git a/static/img/product_docs/accessanalyzer/config/dellpowerscale/rolestab.webp b/static/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/rolestab.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/dellpowerscale/rolestab.webp rename to static/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/rolestab.webp diff --git a/static/img/product_docs/accessanalyzer/config/dellpowerscale/viewroledetails.webp b/static/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/viewroledetails.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/dellpowerscale/viewroledetails.webp rename to static/img/product_docs/accessanalyzer/12.0/config/dellpowerscale/viewroledetails.webp diff --git a/static/img/product_docs/accessanalyzer/config/netappcmode/accesscifsmethod2.webp b/static/img/product_docs/accessanalyzer/12.0/config/netappcmode/accesscifsmethod2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/netappcmode/accesscifsmethod2.webp rename to static/img/product_docs/accessanalyzer/12.0/config/netappcmode/accesscifsmethod2.webp diff --git a/static/img/product_docs/accessanalyzer/config/netappcmode/validateexternalenginecreation.webp b/static/img/product_docs/accessanalyzer/12.0/config/netappcmode/validateexternalenginecreation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/netappcmode/validateexternalenginecreation.webp rename to static/img/product_docs/accessanalyzer/12.0/config/netappcmode/validateexternalenginecreation.webp diff --git a/static/img/product_docs/accessanalyzer/config/netappcmode/validatefpolciyeventcreation.webp b/static/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolciyeventcreation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/netappcmode/validatefpolciyeventcreation.webp rename to static/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolciyeventcreation.webp diff --git a/static/img/product_docs/accessanalyzer/config/netappcmode/validatefpolicyenabled.webp b/static/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolicyenabled.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/netappcmode/validatefpolicyenabled.webp rename to static/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolicyenabled.webp diff --git a/static/img/product_docs/accessanalyzer/config/netappcmode/validatefpolicypolicycreation.webp b/static/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolicypolicycreation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/netappcmode/validatefpolicypolicycreation.webp rename to static/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolicypolicycreation.webp diff --git a/static/img/product_docs/accessanalyzer/config/netappcmode/validatefpolicyscopecreation.webp b/static/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolicyscopecreation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/netappcmode/validatefpolicyscopecreation.webp rename to static/img/product_docs/accessanalyzer/12.0/config/netappcmode/validatefpolicyscopecreation.webp diff --git a/static/img/product_docs/accessanalyzer/config/nutanix/nutanixbackupadminrole.webp b/static/img/product_docs/accessanalyzer/12.0/config/nutanix/nutanixbackupadminrole.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/config/nutanix/nutanixbackupadminrole.webp rename to static/img/product_docs/accessanalyzer/12.0/config/nutanix/nutanixbackupadminrole.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/change.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/change.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/change.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/change.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/changestorageprofile.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/changestorageprofile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/changestorageprofile.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/changestorageprofile.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/completed.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/completed.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/completed.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/completed.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/completed_1.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/completed_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/completed_1.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/completed_1.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/connectionreport.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/connectionreport.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/connectionreport.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/connectionreport.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/controlpaneluninstall.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/controlpaneluninstall.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/controlpaneluninstall.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/controlpaneluninstall.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/createnewdatabase.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/createnewdatabase.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/createnewdatabase.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/createnewdatabase.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/databasepropertiescollation.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/databasepropertiescollation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/databasepropertiescollation.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/databasepropertiescollation.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/destination.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/destination.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/destination.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/destination.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/eula.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/eula.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/eula.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/eula.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/license.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/license.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/license.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/license.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/licensefeatures.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/licensefeatures.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/licensefeatures.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/licensefeatures.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/licensemapped.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/licensemapped.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/licensemapped.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/licensemapped.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/loginsql.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/loginsql.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/loginsql.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/loginsql.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/loginusermapping.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/loginusermapping.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/loginusermapping.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/loginusermapping.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/loginwindows.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/loginwindows.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/loginwindows.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/loginwindows.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/newdatabase.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/newdatabase.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/newdatabase.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/newdatabase.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/newlogin.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/newlogin.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/newlogin.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/newlogin.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/options.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/options.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/options.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/ready.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/ready.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/ready.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/ready.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/ready_1.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/ready_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/ready_1.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/ready_1.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/activedirectoryusersandcomputerswindows.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/activedirectoryusersandcomputerswindows.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/activedirectoryusersandcomputerswindows.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/activedirectoryusersandcomputerswindows.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/addanendpointwindow.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/addanendpointwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/addanendpointwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/addanendpointwindow.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/addcertificateconsole.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/addcertificateconsole.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/addcertificateconsole.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/addcertificateconsole.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/certificateaddsnapin.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateaddsnapin.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/certificateaddsnapin.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateaddsnapin.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/certificateconnectionnotprivate.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateconnectionnotprivate.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/certificateconnectionnotprivate.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateconnectionnotprivate.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/certificateimportwizard.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateimportwizard.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/certificateimportwizard.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateimportwizard.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/certificatenotsecureerror.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificatenotsecureerror.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/certificatenotsecureerror.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificatenotsecureerror.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/certificateselectcomputer.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateselectcomputer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/certificateselectcomputer.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateselectcomputer.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/certificatesnapins.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificatesnapins.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/certificatesnapins.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificatesnapins.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/certificateviewer.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateviewer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/certificateviewer.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificateviewer.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/certificatewindow.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificatewindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/certificatewindow.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/certificatewindow.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/claimrulenameadfsconfig.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/claimrulenameadfsconfig.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/claimrulenameadfsconfig.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/claimrulenameadfsconfig.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/claimrulenamesidproperties.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/claimrulenamesidproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/claimrulenamesidproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/claimrulenamesidproperties.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/configurelocalsecuritysettingwindow.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/configurelocalsecuritysettingwindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/configurelocalsecuritysettingwindow.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/configurelocalsecuritysettingwindow.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/disclaimertxt.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/disclaimertxt.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/disclaimertxt.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/disclaimertxt.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/entraidssoclaims.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/entraidssoclaims.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/entraidssoclaims.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/entraidssoclaims.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/internetproperties.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/internetproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/internetproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/internetproperties.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/kerberoserrormessage.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/kerberoserrormessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/kerberoserrormessage.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/kerberoserrormessage.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/localgrouppolicywindow.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/localgrouppolicywindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/localgrouppolicywindow.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/localgrouppolicywindow.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/localintranet.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/localintranet.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/localintranet.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/localintranet.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/localintranetadvanced.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/localintranetadvanced.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/localintranetadvanced.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/localintranetadvanced.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/localsecuritypolicywindow.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/localsecuritypolicywindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/localsecuritypolicywindow.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/localsecuritypolicywindow.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktaaddattribute.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaaddattribute.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktaaddattribute.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaaddattribute.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktaaddattributewindow.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaaddattributewindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktaaddattributewindow.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaaddattributewindow.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktaattributemappingsforcesync.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaattributemappingsforcesync.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktaattributemappingsforcesync.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaattributemappingsforcesync.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktacopylinkaddress.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktacopylinkaddress.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktacopylinkaddress.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktacopylinkaddress.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktadirectoryprovisioningtookta.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktadirectoryprovisioningtookta.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktadirectoryprovisioningtookta.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktadirectoryprovisioningtookta.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktamfaappsignonrule.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktamfaappsignonrule.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktamfaappsignonrule.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktamfaappsignonrule.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktamfaappsignonruleaccess.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktamfaappsignonruleaccess.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktamfaappsignonruleaccess.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktamfaappsignonruleaccess.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktaprofileeditor.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaprofileeditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktaprofileeditor.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaprofileeditor.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktashowunmappedattributes.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktashowunmappedattributes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktashowunmappedattributes.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktashowunmappedattributes.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktaunmappedattributeconfigscreen.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaunmappedattributeconfigscreen.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktaunmappedattributeconfigscreen.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktaunmappedattributeconfigscreen.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/oktawsfedtemplate.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktawsfedtemplate.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/oktawsfedtemplate.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/oktawsfedtemplate.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/publishedreportsproperties.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/publishedreportsproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/publishedreportsproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/publishedreportsproperties.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/relyingpartytrustwizardidentifier.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/relyingpartytrustwizardidentifier.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/relyingpartytrustwizardidentifier.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/relyingpartytrustwizardidentifier.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/userproperteswindow.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/userproperteswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/userproperteswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/userproperteswindow.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webconsolehome.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webconsolehome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webconsolehome.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webconsolehome.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webconsolelogin.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webconsolelogin.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webconsolelogin.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webconsolelogin.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webconsolelogindisclaimer.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webconsolelogindisclaimer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webconsolelogindisclaimer.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webconsolelogindisclaimer.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfig.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfig.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfig.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfig.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigadfs.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigadfs.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigadfs.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigadfs.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigdisclaimer.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigdisclaimer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigdisclaimer.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigdisclaimer.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigfile.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigfile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigfile.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigfile.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigfileentrasso.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigfileentrasso.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigfileentrasso.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigfileentrasso.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigmultipledomains.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigmultipledomains.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigmultipledomains.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigmultipledomains.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigokta.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigokta.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigokta.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigokta.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigsso.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigsso.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigsso.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigsso.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigtimeout.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigtimeout.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/webserverexeconfigtimeout.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/webserverexeconfigtimeout.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/websiteurlreporting.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/websiteurlreporting.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/websiteurlreporting.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/websiteurlreporting.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/wsfederationrealmurl.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/wsfederationrealmurl.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/wsfederationrealmurl.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/wsfederationrealmurl.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/reports/wsfederationreplyurl.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/reports/wsfederationreplyurl.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/reports/wsfederationreplyurl.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/reports/wsfederationreplyurl.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/scheduleaccount.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/scheduleaccount.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/scheduleaccount.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/scheduleaccount.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/settingsnode.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/settingsnode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/settingsnode.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/settingsnode.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/shortcut.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/shortcut.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/shortcut.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/shortcut.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/sqlserver.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/sqlserver.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/sqlserver.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/sqlserver.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/sqlserverconfigurationmanager.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/sqlserverconfigurationmanager.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/sqlserverconfigurationmanager.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/sqlserverconfigurationmanager.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/storageprofile.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/storageprofile.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/storageprofile.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/storageprofile.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/upgrade/changes.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/changes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/upgrade/changes.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/changes.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/upgrade/options.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/options.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/upgrade/options.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/options.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/upgrade/progress.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/progress.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/upgrade/progress.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/progress.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/upgrade/selectcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/selectcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/upgrade/selectcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/selectcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/upgrade/sensitivedata.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/sensitivedata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/upgrade/sensitivedata.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/sensitivedata.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/upgrade/solutionsetfiles.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/solutionsetfiles.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/upgrade/solutionsetfiles.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/solutionsetfiles.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/upgrade/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/upgrade/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/upgrade/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/versionselection.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/versionselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/versionselection.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/versionselection.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/welcome_1.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/welcome_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/welcome_1.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/welcome_1.webp diff --git a/static/img/product_docs/accessanalyzer/install/application/welcome_2.webp b/static/img/product_docs/accessanalyzer/12.0/install/application/welcome_2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/application/welcome_2.webp rename to static/img/product_docs/accessanalyzer/12.0/install/application/welcome_2.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/changedestination.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/changedestination.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/changedestination.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/changedestination.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/complete.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/complete.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/complete.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/complete.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/configureservice.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/configureservice.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/configureservice.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/configureservice.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/dcwizardportnumber.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/dcwizardportnumber.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/dcwizardportnumber.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/dcwizardportnumber.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/destination.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/destination.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/destination.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/destination.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/eula.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/eula.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/eula.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/eula.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/fsaaproxyarchitecture.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/fsaaproxyarchitecture.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/fsaaproxyarchitecture.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/fsaaproxyarchitecture.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/proxymodeasservicewithsecurerpc.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/proxymodewithapplet.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/proxymodewithapplet.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/proxymodewithapplet.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/proxymodewithapplet.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/ready.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/ready.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/ready.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/ready.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/regedit.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/regedit.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/regedit.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/regedit.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/service.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/service.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/service.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/service.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/uninstall.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/uninstall.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/uninstall.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/uninstall.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/updateproxyinstantjob.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/updateproxyinstantjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/updateproxyinstantjob.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/updateproxyinstantjob.webp diff --git a/static/img/product_docs/accessanalyzer/install/filesystemproxy/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/filesystemproxy/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/install/filesystemproxy/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/install/sharepointagent/completed.webp b/static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/completed.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/sharepointagent/completed.webp rename to static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/completed.webp diff --git a/static/img/product_docs/accessanalyzer/install/sharepointagent/configureservice.webp b/static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/configureservice.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/sharepointagent/configureservice.webp rename to static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/configureservice.webp diff --git a/static/img/product_docs/accessanalyzer/install/sharepointagent/destination.webp b/static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/destination.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/sharepointagent/destination.webp rename to static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/destination.webp diff --git a/static/img/product_docs/accessanalyzer/install/sharepointagent/eula.webp b/static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/eula.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/sharepointagent/eula.webp rename to static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/eula.webp diff --git a/static/img/product_docs/accessanalyzer/install/sharepointagent/ready.webp b/static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/ready.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/sharepointagent/ready.webp rename to static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/ready.webp diff --git a/static/img/product_docs/accessanalyzer/install/sharepointagent/uninstall.webp b/static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/uninstall.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/sharepointagent/uninstall.webp rename to static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/uninstall.webp diff --git a/static/img/product_docs/accessanalyzer/install/sharepointagent/welcome.webp b/static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/welcome.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/install/sharepointagent/welcome.webp rename to static/img/product_docs/accessanalyzer/12.0/install/sharepointagent/welcome.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/solutions/exchange/iismanager.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/solutions/exchange/iismanager.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/solutions/exchange/iismanager.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/solutions/exchange/iismanager.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/solutions/exchange/iismanagerauth.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/solutions/exchange/iismanagerauth.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/solutions/exchange/iismanagerauth.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/solutions/exchange/iismanagerauth.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/solutions/exchange/rolegroup.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/solutions/exchange/rolegroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/solutions/exchange/rolegroup.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/solutions/exchange/rolegroup.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/solutions/filesystem/appletmode.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/solutions/filesystem/appletmode.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/solutions/filesystem/appletmode.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/solutions/filesystem/localmode.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/solutions/filesystem/localmode.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/solutions/filesystem/localmode.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/accesskeys.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/accesskeys.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/accesskeys.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/accesskeys.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/administratorcommandprompt.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/administratorcommandprompt.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/administratorcommandprompt.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/administratorcommandprompt.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_1.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_1.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_1.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_11z.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_11z.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_11z.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_11z.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_13z.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_13z.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_13z.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_13z.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_14z.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_14z.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_14z.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_14z.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_16z.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_16z.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_16z.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_16z.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_2.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_2.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_2.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_3.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_3.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_3.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_4.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_4.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_4.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_5.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_5.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_5.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_6.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_6.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_6.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_6.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_8.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_8.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/azuresqlperm_customrolecreation_8.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/azuresqlperm_customrolecreation_8.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/createrole.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/createrole.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/createrole.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/createrole.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/jsontabaccount.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/jsontabaccount.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/jsontabaccount.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/jsontabaccount.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/jsontabpolicies.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/jsontabpolicies.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/jsontabpolicies.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/jsontabpolicies.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/latpreservationoption.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/latpreservationoption.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/latpreservationoption.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/latpreservationoption.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/policies.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/policies.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/policies.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/policies.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/policiesadd.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/policiesadd.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/policiesadd.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/policiesadd.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/reviewpolicy.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/reviewpolicy.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/reviewpolicy.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/reviewpolicy.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/reviewpolicyaccount.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/reviewpolicyaccount.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/reviewpolicyaccount.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/reviewpolicyaccount.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/reviewrole.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/reviewrole.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/reviewrole.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/reviewrole.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/roles.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/roles.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/roles.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/roles.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/securitycredentials.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/securitycredentials.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/securitycredentials.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/securitycredentials.webp diff --git a/static/img/product_docs/accessanalyzer/requirements/target/config/skiphostsoption.webp b/static/img/product_docs/accessanalyzer/12.0/requirements/target/config/skiphostsoption.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/requirements/target/config/skiphostsoption.webp rename to static/img/product_docs/accessanalyzer/12.0/requirements/target/config/skiphostsoption.webp diff --git a/static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp b/static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp rename to static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configurationpanebottom.webp diff --git a/static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configurationpanesystemcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp b/static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp rename to static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/configurationpanetop.webp diff --git a/static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatester.webp b/static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatester.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatester.webp rename to static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatester.webp diff --git a/static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp b/static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp rename to static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/keywordswindow.webp diff --git a/static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp b/static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/newsummarycriteria.webp diff --git a/static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp b/static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp rename to static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/regularexpression.webp diff --git a/static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp b/static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp rename to static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/criteriatype/summarycriteriaconfiguration.webp diff --git a/static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/navigationpane.webp b/static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/navigationpane.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/navigationpane.webp rename to static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/navigationpane.webp diff --git a/static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp b/static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp rename to static/img/product_docs/accessanalyzer/12.0/sensitivedatadiscovery/criteriaeditor/sensitivdatacriteriaeditor.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/analysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/analysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/analysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/analysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/computermodificationsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/groupmodificationsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/changes/usermodificationsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/accesschangesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/grouphostsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/groupmemberactivityanalysisconfiguration.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/groupmemberactivitysqlscripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/groupusage/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/groupusage/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/jobstree_1.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/jobstree_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/jobstree_1.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/jobstree_1.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapqueriesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapqueriesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapqueriesanalysisconfiguration.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapsqlscripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapsqlscripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/ldapsqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/ldapsqlscripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/lockoutsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/lockoutsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/lockoutsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/lockoutsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/lockoutsjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/lockoutsjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/lockoutsjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/lockoutsjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/authenticationprotocolanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/dctrafficanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/dctrafficanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/dctrafficanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/dctrafficanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/hardcodeddcsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/loadbalancinganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/machineownersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/machineownersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/operations/machineownersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/operations/machineownersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/overviewconfiguration.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/overviewconfiguration.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/overviewconfiguration.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/overviewconfiguration.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/adminaccountsanalysisconfiguration.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/adminaccountssqlscripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/privilegedaccounts/serviceaccountauthanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/queries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/queries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/activity/queries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/activity/queries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/adsolutionjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/adsolutionjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/adsolutionjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/adsolutionjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/cacollectionanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/cacollectionanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/cacollectionanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/cacollectionanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/cacollectionqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/cacollectionqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/cacollectionqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/cacollectionqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/certificateauditanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/certificateauditanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/certificateauditanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/certificateauditanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/certificaterequestsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/certificaterequestsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/certificaterequestsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/certificaterequestsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/certificateauthority/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/certificateauthority/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/cleanupprogressanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/cleanupprogressjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/computersjobtree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/computersjobtree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/computersjobtree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/computersjobtree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/deprovisioncomputersaction.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/deprovisioncomputersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/computers/deprovisioncomputersstatusanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetouactionmodulewizard.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/configuretargetouactionproperties.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsaction.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/deprovisiongroupsstatusanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/deprovision/groupsdeprovisionjobtree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/groupsjobtree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/groupsjobtree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/groupsjobtree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/groupsjobtree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupcleanuppermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupsstampingjobtree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupstampingaction.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/groups/stamping/groupstampinganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/deprovisionusersaction.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/deprovisionusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/deprovisionusersstatusanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/usersjobtree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/usersjobtree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/cleanup/users/usersjobtree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/cleanup/users/usersjobtree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/computers/computerdelegationanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/computers/computerdelegationanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/computers/computerdelegationanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/computers/computerdelegationanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/computers/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/computers/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/computers/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/computers/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/computers/stalecomputersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/computers/stalecomputersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/computers/stalecomputersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/computers/stalecomputersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/domaincontrollersquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/domaincontrollersquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/domaincontrollersquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/domaincontrollersquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/dsrmquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/dsrmquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/dsrmquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/dsrmquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplate.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ldaptemplate.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplate.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ldaptemplate.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/ldaptemplateoptions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/timesyncquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/timesyncquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/collection/timesyncquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/collection/timesyncquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/dcsummaryanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/dcsummaryanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/dcsummaryanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/dcsummaryanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/domaininfoanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/domaininfoanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/domaininfoanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/domaininfoanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/domaininfoquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/domaininfoquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/domaininfoquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/domaininfoquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/dsrmsettingsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/dsrmsettingsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/dsrmsettingsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/dsrmsettingsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/kerberoastingriskanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/kerberoastingriskanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/domains/kerberoastingriskanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/domains/kerberoastingriskanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/cpasswordquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/cpasswordquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/cpasswordquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/cpasswordquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/grouppolicyanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/grouppolicyquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/grouppolicyquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/grouppolicyquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/overlappinggposanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/passwordpoliciesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/grouppolicy/passwordpoliciesquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/circularnestinganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/circularnestinganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/circularnestinganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/circularnestinganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/dclogongroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/dclogongroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/dclogongroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/dclogongroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/duplicategroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/duplicategroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/duplicategroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/duplicategroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/emptygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/emptygroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/emptygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/emptygroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/groupprobableownersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/groupprobableownersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/groupprobableownersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/groupprobableownersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/largestgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/largestgroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/largestgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/largestgroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/mailsecuritygroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/nestedgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/nestedgroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/nestedgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/nestedgroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/sensitivesecuritygroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/stalegroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/stalegroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/groups/stalegroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/groups/stalegroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/securityassessmentanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/securityassessmentanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/securityassessmentanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/securityassessmentanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/securityassessmentjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/securityassessmentjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/securityassessmentjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/securityassessmentjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/solutionoverview.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/solutionoverview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/solutionoverview.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/solutionoverview.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/dictionariesweakpassword.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/dictionariesweakpassword.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/dictionariesweakpassword.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/dictionariesweakpassword.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/directmembershipanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/directmembershipanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/directmembershipanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/directmembershipanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/duplicateusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/duplicateusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/duplicateusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/duplicateusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/optionsweakpassword.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/optionsweakpassword.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/optionsweakpassword.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/optionsweakpassword.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/orphanedusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/orphanedusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/orphanedusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/orphanedusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/passwordstatusanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/passwordstatusanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/passwordstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/passwordstatusanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/serviceaccountsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/serviceaccountsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/serviceaccountsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/serviceaccountsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/sidhistoryanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/sidhistoryanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/sidhistoryanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/sidhistoryanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/staleusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/staleusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/staleusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/userattributecompletionanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/userattributecompletionanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/userattributecompletionanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/userattributecompletionanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/userdelegationanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/userdelegationanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/userdelegationanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/userdelegationanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/usertokenanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/usertokenanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/usertokenanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/usertokenanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/weakpasswordsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/weakpasswordsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/weakpasswordsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/weakpasswordsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectory/users/weakpasswordsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/weakpasswordsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectory/users/weakpasswordsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectory/users/weakpasswordsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/changesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/changesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/changesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/changesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/changesanalysisnotification.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/changesanalysisnotification.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/changesanalysisnotification.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/changesanalysisnotification.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/exceptionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/exceptionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/exceptionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/exceptionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtp.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/notificationanalysissmtp.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtp.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/notificationanalysissmtp.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/notificationanalysissmtpmessage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/notificationanalysissmtprecipients.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/overview.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/overview.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/overview.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scananalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scananalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scananalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scananalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardcustomattributes.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardcustomattributesnfs.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardoptions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scandcwizardoptionsnfs.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scanqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scanqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectoryinventory/scanqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectoryinventory/scanqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/brokeninheritanceanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/brokeninheritanceanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/brokeninheritanceanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/brokeninheritanceanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/brokeninheritancejobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/brokeninheritancejobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/brokeninheritancejobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/brokeninheritancejobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/certificaterightsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/computerrightsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/computerrightsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/containerrightsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/containerrightsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/domainrightsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/domainrightsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/grouprightsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/grouprightsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ourightsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/ourightsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/siterightsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/userrightsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/collection/userrightsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/computerpermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/computers/lapspermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/adminsdholderquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/containerpermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/containers/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/containers/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/certificateauthorityrightsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/certificateauthorityrightsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/certificateauthorityrightsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/certificateauthorityrightsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/certificatetemplatesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/certificatetemplatesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/certificatetemplatesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/certificatetemplatesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/certificatevulnerabilitiesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/certificatevulnerabilitiesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/certificatevulnerabilitiesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/certificatevulnerabilitiesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/domainpermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/domainreplicationanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/domains/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/domains/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/groupmembershippermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/grouppermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/groups/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/groups/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/openaccessanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/openaccessanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/openaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/openaccessanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/openaccessjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/openaccessjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/openaccessjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/openaccessjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/oupermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/ousjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/overview.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/overview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/overview.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/overview.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessanalysisconfigure.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport1.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport2.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport3.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreport4.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccessreports.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/shadowaccesssqlscripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/dcshadowpermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/sites/sitepermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/resetpasswordpermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/activedirectorypermissionsanalyzer/users/userpermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/csvanalyses.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvanalyses.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/csvanalyses.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvanalyses.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/csvjoblocation.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvjoblocation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/csvjoblocation.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvjoblocation.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/csvoverviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvoverviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/csvoverviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvoverviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/csvqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/csvqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/csvqueryeditquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvqueryeditquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/csvqueryeditquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/csvqueryeditquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/epicclarityanalyses.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityanalyses.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/epicclarityanalyses.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityanalyses.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/epicclarityjoblocation.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityjoblocation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/epicclarityjoblocation.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityjoblocation.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/epicclarityqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/epicclarityqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/epicclarityqueryeditquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityqueryeditquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/epicclarityqueryeditquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/epicclarityqueryeditquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/paycomanalyses.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomanalyses.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/paycomanalyses.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomanalyses.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/paycomjoblocation.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomjoblocation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/paycomjoblocation.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomjoblocation.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/paycomqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/paycomqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/paycomqueryeditquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomqueryeditquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/paycomqueryeditquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/paycomqueryeditquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/salesforceanalyses.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforceanalyses.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/salesforceanalyses.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforceanalyses.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/salesforcejoblocation.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforcejoblocation.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/salesforcejoblocation.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforcejoblocation.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/salesforcequeries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforcequeries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/salesforcequeries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforcequeries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/anyid/salesforcequeryeditquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforcequeryeditquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/anyid/salesforcequeryeditquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/anyid/salesforcequeryeditquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/collection/iamscananalysistasks.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/iamscananalysistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/collection/iamscananalysistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/iamscananalysistasks.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/collection/iamscanqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/iamscanqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/collection/iamscanqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/iamscanqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/collection/orgscanqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/orgscanqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/collection/orgscanqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/orgscanqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/collection/s3scananaylsistasks.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3scananaylsistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/collection/s3scananaylsistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3scananaylsistasks.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/collection/s3scanqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3scanqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/collection/s3scanqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3scanqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/collection/s3sddscananaylsistasks.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3sddscananaylsistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/collection/s3sddscananaylsistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3sddscananaylsistasks.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/collection/s3sddscanqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3sddscanqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/collection/s3sddscanqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3sddscanqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/collection/s3sddsensitivedata.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3sddsensitivedata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/collection/s3sddsensitivedata.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/collection/s3sddsensitivedata.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/groups/groupmembersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/groupmembersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/groups/groupmembersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/groupmembersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/groups/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/groups/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/groups/nopolicygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/nopolicygroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/groups/nopolicygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/nopolicygroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/groups/stalegroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/stalegroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/groups/stalegroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/groups/stalegroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/organizations/accountsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/organizations/accountsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/organizations/accountsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/organizations/accountsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/organizations/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/organizations/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/organizations/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/organizations/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/organizations/memberaccountusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/organizations/memberaccountusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/organizations/memberaccountusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/organizations/memberaccountusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/policies/custommanagedpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/custommanagedpoliciesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/policies/custommanagedpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/custommanagedpoliciesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/policies/inlinepoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/inlinepoliciesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/policies/inlinepoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/inlinepoliciesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/policies/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/policies/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/policies/managedpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/managedpoliciesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/policies/managedpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/managedpoliciesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/policies/sensitivepoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/sensitivepoliciesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/policies/sensitivepoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/sensitivepoliciesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/unusedmanagedpoliciesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/policies/userpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/userpoliciesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/policies/userpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/policies/userpoliciesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/roles/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/roles/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/roles/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/roles/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/roles/rolesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/roles/rolesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/roles/rolesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/roles/rolesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/roles/stalerolesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/roles/stalerolesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/roles/stalerolesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/roles/stalerolesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/s3content/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3content/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/s3content/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3content/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/s3content/s3bucketsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3content/s3bucketsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/s3content/s3bucketsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3content/s3bucketsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/s3content/s3buckettagsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3content/s3buckettagsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/s3content/s3buckettagsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3content/s3buckettagsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/s3permissions/brokeninheritanceanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/brokeninheritanceanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/s3permissions/brokeninheritanceanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/brokeninheritanceanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/s3permissions/effectivepermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/effectivepermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/s3permissions/effectivepermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/effectivepermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/s3permissions/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/s3permissions/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/s3permissions/openbucketsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/openbucketsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/s3permissions/openbucketsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/s3permissions/openbucketsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/sensitivedata/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/sensitivedata/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/sensitivedata/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/sensitivedata/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/sensitivedata/sensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/sensitivedata/sensitivedataanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/sensitivedata/sensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/sensitivedata/sensitivedataanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/sensitivedata/sensitivedatapermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/sensitivedata/sensitivedatapermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/sensitivedata/sensitivedatapermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/sensitivedata/sensitivedatapermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/users/accesskeysanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/users/accesskeysanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/users/accesskeysanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/users/accesskeysanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/users/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/users/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/users/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/users/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/users/mfastatusanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/users/mfastatusanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/users/mfastatusanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/users/mfastatusanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/users/rootaccountsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/users/rootaccountsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/users/rootaccountsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/users/rootaccountsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/aws/users/staleusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/aws/users/staleusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/aws/users/staleusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/aws/users/staleusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/accessanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/accessanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/accessanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/accessanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/deletionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/deletionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/deletionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/deletionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/downloadsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/downloadsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/downloadsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/downloadsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/externaluseractivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/externaluseractivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/externaluseractivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/externaluseractivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/externalusercollaborationsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/permissionchangesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/permissionchangesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/permissionchangesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/permissionchangesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/sharinganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/sharinganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/forensics/sharinganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/forensics/sharinganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/failedloginsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/firsttimefolderaccessanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/unusualdownloadactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/unusualuseractivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/suspiciousactivity/weekendactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/foldersmostactiveanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/foldersstaleanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/activity/usagestatistics/usersmostactiveanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/accessadditionalscoping.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessadditionalscoping.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/accessadditionalscoping.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessadditionalscoping.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/accessauthenticate.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessauthenticate.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/accessauthenticate.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessauthenticate.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/accessexclusions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessexclusions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/accessexclusions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessexclusions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/accessqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/accessqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/accessuserscope.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessuserscope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/accessuserscope.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/accessuserscope.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/activityadditionalscoping.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityadditionalscoping.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/activityadditionalscoping.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityadditionalscoping.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/activityauthenticate.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityauthenticate.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/activityauthenticate.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityauthenticate.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/activityexclusions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityexclusions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/activityexclusions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityexclusions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/activityoperationscope.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityoperationscope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/activityoperationscope.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityoperationscope.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/activityqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/activityqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/activitytimespanscope.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activitytimespanscope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/activitytimespanscope.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activitytimespanscope.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/activityuserscope.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityuserscope.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/activityuserscope.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/activityuserscope.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/importqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/importqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/importqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/importqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/collection/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/content/filemetricsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/content/filemetricsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/content/filemetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/content/filemetricsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/content/foldermetricsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/content/foldermetricsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/content/foldermetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/content/foldermetricsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/content/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/content/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/content/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/content/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/groupmembershipanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/groupmembershipanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/groupmembershipanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/groupmembershipanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/box/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/box/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/box/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/box/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/1sqlpermissionscanfilterpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/activityscanjob.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/activityscanjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/activityscanjob.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/activityscanjob.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/activityscanjobanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/activityscanjobanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/activityscanjobanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/activityscanjobanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/collectionjobmenu.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/collectionjobmenu.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/collectionjobmenu.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/collectionjobmenu.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/instancediscanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/instancediscanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/instancediscanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/instancediscanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/instancediscquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/instancediscquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/instancediscquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/instancediscquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/jobanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/jobanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/jobanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/jobanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/managedconnections.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/managedconnections.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/managedconnections.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/managedconnections.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/permissionjob.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/permissionjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/permissionjob.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/permissionjob.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/sensitivedatascananalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascanjob.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/sensitivedatascanjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/sensitivedatascanjob.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/sensitivedatascanjob.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/serversettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/serversettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/serversettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/serversettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/serversettingsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/serversettingsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/azuresql/collection/serversettingsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/azuresql/collection/serversettingsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/configurationquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/configurationquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/configurationquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/configurationquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/permissionsscananalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/permissionsscananalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/permissionsscananalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/permissionsscananalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/permissionsscanquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/permissionsscanquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/permissionsscanquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/permissionsscanquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatacategory.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatacategory.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatacategory.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatacategory.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedataconnection.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedataconnection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedataconnection.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedataconnection.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatacriteria.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatacriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatacriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatacriteria.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatafilter.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatafilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatafilter.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatafilter.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatajoboptions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatajoboptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatajoboptions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatajoboptions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatascananalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatascananalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatascananalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatascananalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatascanquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatascanquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/collection/sensitivedatascanquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/collection/sensitivedatascanquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/configurationjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/configurationjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/configurationjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/configurationjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/databasesizinganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/databasesizinganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/databasesizinganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/databasesizinganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/overview.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/overview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/overview.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/overview.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/permissions/directpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/permissions/directpermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/permissions/directpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/permissions/directpermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/permissions/effectivepermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/permissions/permissionsjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/permissions/permissionsjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/permissions/permissionsjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/permissions/permissionsjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/sensitivedataanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/sensitivedataanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/sensitivedatajobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/db2/sensitivedata/sensitivedatapermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/analysismongodbsensitivedatajob.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/0.collecitonjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/analysissensitivedatascan.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/analysissensitivedatascan.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/analysissensitivedatascan.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/analysissensitivedatascan.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/configurationjob.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/configurationjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/configurationjob.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/configurationjob.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/sensitivedatascan_job.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/sensitivedatascan_job.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mongodb/collection/sensitivedatascan_job.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/collection/sensitivedatascan_job.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mongodb/databasesizingjobanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/databasesizingjobanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mongodb/databasesizingjobanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/databasesizingjobanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mongodb/mongdbjobgroupoverview.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/mongdbjobgroupoverview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mongodb/mongdbjobgroupoverview.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/mongdbjobgroupoverview.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mongodb/sensitivedatajobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/sensitivedatajobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mongodb/sensitivedatajobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mongodb/sensitivedatajobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/analysismysqldatabasesizing.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/analysismysqldatabasesizing.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/analysismysqldatabasesizing.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/analysismysqldatabasesizing.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/0.collectionjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/0.collectionjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/0.collectionjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/0.collectionjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/analysismysqlsensitivedatascan.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/analysistableprivileges.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/analysistableprivileges.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/analysistableprivileges.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/analysistableprivileges.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/configurationjob.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/configurationjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/configurationjob.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/configurationjob.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/manageconnectionsmysql.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/manageconnectionsmysql.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/manageconnectionsmysql.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/manageconnectionsmysql.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/querytableprivileges.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/querytableprivileges.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/querytableprivileges.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/querytableprivileges.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatascan.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatascan.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatascan.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatascan.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatscan_criteriapage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatscan_filterspage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/collection/sensitivedatscan_optionspage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/configurationjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/configurationjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/configurationjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/configurationjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/mysqljobgroupoverview.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/mysqljobgroupoverview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/mysqljobgroupoverview.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/mysqljobgroupoverview.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedata.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/analysismysqlsensitivedatapermission.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/mysql/sensitivedata/sensitivedatajobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/sensitivedatajobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/mysql/sensitivedata/sensitivedatajobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/mysql/sensitivedata/sensitivedatajobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup25.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup25.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup25.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup25.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup26.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup26.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup26.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup26.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup27.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup27.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup27.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup27.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup28.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup28.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup28.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup28.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup29.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup29.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup29.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup29.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup30.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup30.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup30.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup30.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup31.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup31.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup31.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup31.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup32.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup32.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/activity/jobgroup32.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/activity/jobgroup32.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/0collection.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0collection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/0collection.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/0collection.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/1oraclepermissionscanjobqueryfilter.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/2oraclesensitivedatascanfilterpgae.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/3oracleactivityscanfilterpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/4oracledefaultpasswordsfilterpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5oracleconfigjobqueryfilterpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/5oracleconfigurationqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/criteriapage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/criteriapage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/criteriapage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/criteriapage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup13.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup13.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup13.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup13.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup14.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup14.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup14.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup14.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup16.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup16.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup16.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup16.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup17.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup17.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup17.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup17.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup3.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup3.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup3.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup4.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup4.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup4.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup6.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup6.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup6.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup6.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup8.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup8.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup8.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup8.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup9.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup9.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/jobgroup9.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/jobgroup9.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/optionspage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/optionspage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/collection/optionspage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/collection/optionspage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisdblinks.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisdblinks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisdblinks.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisdblinks.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisdbsizing.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisdbsizing.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisdbsizing.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisdbsizing.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisddprotection.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisddprotection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisddprotection.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisddprotection.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisinstancenameissues.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisinstancenameissues.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisinstancenameissues.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisinstancenameissues.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisremoteosauth.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisremoteosauth.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/analysisremoteosauth.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/analysisremoteosauth.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/configoverview.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/configoverview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/configuration/configoverview.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/configuration/configoverview.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/jobgroup46.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/jobgroup46.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/jobgroup46.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/jobgroup46.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/jobgroup47.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/jobgroup47.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/jobgroup47.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/jobgroup47.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/oraclejobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/oraclejobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/oraclejobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/oraclejobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup33.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup33.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup33.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup33.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup34.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup34.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup34.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup34.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup35.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup35.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup35.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup35.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup36.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup36.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup36.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup36.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup37.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup37.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup37.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup37.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup38.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup38.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/permissions/jobgroup38.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/permissions/jobgroup38.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup43.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/jobgroup43.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup43.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/jobgroup43.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup44.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/jobgroup44.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup44.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/jobgroup44.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup45.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/jobgroup45.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/sensitivedata/jobgroup45.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/sensitivedata/jobgroup45.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup19.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup19.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup19.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup19.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup20.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup20.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup20.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup20.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup21.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup21.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup21.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup21.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup22.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup22.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup22.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup22.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup23.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup23.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup23.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup23.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup24.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup24.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/oracle/usersroles/jobgroup24.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/oracle/usersroles/jobgroup24.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/0.collectionjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/0.collectionjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/0.collectionjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/0.collectionjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/configurationquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/configurationquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/configurationquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/configurationquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/datascanjobsettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/datascanjobsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/datascanjobsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/datascanjobsettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/manageconnectionspgsql.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/manageconnectionspgsql.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/manageconnectionspgsql.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/manageconnectionspgsql.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedataanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedataanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedataquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedataquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedataquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedatascancriteria.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/sensitivedatascanfilter.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_analysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/tableprivileges_analysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_analysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/tableprivileges_analysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_query.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/tableprivileges_query.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/collection/tableprivileges_query.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/collection/tableprivileges_query.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/configurationjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/configurationjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/configurationjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/postgresqljobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/postgresqljobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/postgresqljobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/postgresqljobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/pssqldatabasesizinganalysistasks.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/pgsqlsensitivedataanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/sensitivedatajobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/postgresql/sensitivedata/sensitivedatapermission.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/analysisredshiftconfigurationjob.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/analysisredshiftconfigurationjob.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/analysisredshiftconfigurationjob.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/analysisredshiftconfigurationjob.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/0.collection.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/0.collection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/0.collection.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/0.collection.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/0.collectionconfiguration.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/0.collectionconfiguration.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/0.collectionconfiguration.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/0.collectionconfiguration.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/analysiscollectionsensitivedatascan.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatacategory.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedataconnection.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatacriteria.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatafilter.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedatajoboptions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedataquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/collectionsensitivedataquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/collectionsensitivedataquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/tableprivilegesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/tableprivilegesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/tableprivilegesquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/collection/tableprivilegesquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/collection/tableprivilegesquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/configurationjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/configurationjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/configurationjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/configurationjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/redshiftjobgrpoverview.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/redshiftjobgrpoverview.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/redshiftjobgrpoverview.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/redshiftjobgrpoverview.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/analysissensitivedata.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/redshift/sensitive_data/sensitivedatajobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/sensitivedatajobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/redshift/sensitive_data/sensitivedatajobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/redshift/sensitive_data/sensitivedatajobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup30.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup30.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup30.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup30.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup31.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup31.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup31.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup31.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup32.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup32.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup32.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup32.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup33.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup33.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup33.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup33.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup34.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup34.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup34.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup34.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup35.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup35.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/activity/sqljobgroup35.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/activity/sqljobgroup35.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/2sqlsensitivedatascanfilterpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/2sqlsensitivedatascanoptionspage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/2sqlsensitivedatascanquerycriteriapage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/3sqlactivityscanfilterpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/3sqlactivityscanoptionspage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/5sqlserversettingsfilterpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/instancedisc_analysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/instancedisc_analysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/instancedisc_analysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/instancedisc_analysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/instancedisc_query.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/instancedisc_query.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/instancedisc_query.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/instancedisc_query.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup1.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup1.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup1.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup13.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup13.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup13.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup13.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup14.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup14.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup14.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup14.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup17.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup17.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup17.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup17.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup18.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup18.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup18.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup18.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup19.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup19.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup19.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup19.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup6.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup6.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup6.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup6.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup8.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup8.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup8.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup8.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup9.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup9.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/collection/sqljobgroup9.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/collection/sqljobgroup9.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/analysistask.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/analysistask.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/analysistask.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/analysistask.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/analysistasks.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/analysistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/analysistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/analysistasks.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/configurationjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/configurationjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/configurationjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/configurationjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup43.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sqljobgroup43.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup43.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sqljobgroup43.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup44.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sqljobgroup44.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup44.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sqljobgroup44.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup45.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sqljobgroup45.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/configuration/sqljobgroup45.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/configuration/sqljobgroup45.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup36.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup36.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup36.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup36.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup37.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup37.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup37.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup37.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup38.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup38.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup38.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup38.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup39.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup39.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup39.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup39.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup40.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup40.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup40.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup40.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup41.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup41.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/permissions/sqljobgroup41.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/permissions/sqljobgroup41.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup46.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sqljobgroup46.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup46.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sqljobgroup46.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup47.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sqljobgroup47.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup47.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sqljobgroup47.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup48.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sqljobgroup48.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/sensitivedata/sqljobgroup48.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sensitivedata/sqljobgroup48.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/sqljobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sqljobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/sqljobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sqljobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/sqljobgroup49.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sqljobgroup49.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/sqljobgroup49.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sqljobgroup49.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/sqljobgroup50.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sqljobgroup50.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/sqljobgroup50.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/sqljobgroup50.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup22.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup22.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup22.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup22.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup23.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup23.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup23.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup23.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup24.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup24.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup24.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup24.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup26.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup26.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup26.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup26.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup27.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup27.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup27.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup27.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup28.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup28.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup28.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup28.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup29.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup29.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqljobgroup29.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqljobgroup29.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/databases/sql/usersroles/sqlpasswordissuesanalysistasks.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/accessanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/accessanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/accessanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/accessanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/accessjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/accessjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/accessjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/accessjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsbulkimportquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsbulkimportquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsbulkimportquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsscanoptionspage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsscanoptionspage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsscanoptionspage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsscanoptionspage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsscanquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsscanquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsscanquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsscanquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsscopingpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsscopingpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/collection/permissionsscopingpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/permissionsscopingpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddbulkimportquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddbulkimportquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddbulkimportquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/collection/sdddlpsettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sdddlpsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/collection/sdddlpsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sdddlpsettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddscanquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddscanquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddscanquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddscanquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddscopingpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddscopingpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddscopingpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddscopingpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddselectdlpcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddselectdlpcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/collection/sddselectdlpcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/collection/sddselectdlpcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/contentanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/contentanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/contentanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/contentanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/contentjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/contentjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/contentjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/contentjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/groupmembershipanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/groupmembershipanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/groupmembershipanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/groupmembershipanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/groupmembershipjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/groupmembershipjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/groupmembershipjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/groupmembershipjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/sensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sensitivedataanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/sensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sensitivedataanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/sensitivedatajobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sensitivedatajobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/sensitivedatajobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sensitivedatajobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/sharinganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sharinganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/sharinganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sharinganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/dropbox/sharingjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sharingjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/dropbox/sharingjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/dropbox/sharingjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/groups/circularnestinganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/circularnestinganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/groups/circularnestinganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/circularnestinganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/groups/duplicategroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/duplicategroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/groups/duplicategroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/duplicategroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/groups/emptygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/emptygroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/groups/emptygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/emptygroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/groups/groupdirsyncanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/groupdirsyncanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/groups/groupdirsyncanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/groupdirsyncanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/groups/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/groups/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/groups/largestgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/largestgroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/groups/largestgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/largestgroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/groups/nestedgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/nestedgroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/groups/nestedgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/nestedgroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/groups/probableownersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/probableownersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/groups/probableownersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/probableownersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/groups/stalegroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/stalegroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/groups/stalegroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/groups/stalegroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/users/directmembershipanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/directmembershipanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/users/directmembershipanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/directmembershipanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/users/disabledusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/disabledusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/users/disabledusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/disabledusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/users/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/users/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/users/staleusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/staleusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/users/staleusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/staleusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/users/userattributecompletionanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/userattributecompletionanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/users/userattributecompletionanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/userattributecompletionanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraid/users/userdirsyncanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/userdirsyncanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraid/users/userdirsyncanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraid/users/userdirsyncanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraidinventory/exceptionsanalysisconfiguration.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/exceptionsanalysisconfiguration.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraidinventory/exceptionsanalysisconfiguration.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/exceptionsanalysisconfiguration.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraidinventory/exceptionsanalysistasks.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/exceptionsanalysistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraidinventory/exceptionsanalysistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/exceptionsanalysistasks.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraidinventory/exceptionssqlscripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/exceptionssqlscripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraidinventory/exceptionssqlscripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/exceptionssqlscripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraidinventory/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraidinventory/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraidinventory/scananalysistasks.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scananalysistasks.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraidinventory/scananalysistasks.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scananalysistasks.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraidinventory/scandcwizardcustomattributes.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scandcwizardcustomattributes.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraidinventory/scandcwizardcustomattributes.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scandcwizardcustomattributes.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraidinventory/scandcwizardoptions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scandcwizardoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraidinventory/scandcwizardoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scandcwizardoptions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraidinventory/scanqueryproperties.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scanqueryproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraidinventory/scanqueryproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scanqueryproperties.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraidinventory/scanqueryselection.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scanqueryselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraidinventory/scanqueryselection.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scanqueryselection.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/entraidinventory/scanqueryselectionproperties.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scanqueryselectionproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/entraidinventory/scanqueryselectionproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/entraidinventory/scanqueryselectionproperties.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/activesyncanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/activesyncanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/activesyncanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/activesyncanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/activesyncjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/activesyncjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/activesyncjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/activesyncjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/aspoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/aspoliciesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/aspoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/aspoliciesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/aspoliciesquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/aspoliciesquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/aspoliciesquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/aspoliciesquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/iislogsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/iislogsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/iislogsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/iislogsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/outlookanywherejobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/outlookanywherejobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/outlookanywherejobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/outlookanywherejobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/outlookwebaccessjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/owatrafficanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/owatrafficanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/owatrafficanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/owatrafficanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/rpctrafficanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/rpctrafficanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/rpctrafficanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/rpctrafficanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/smartlogdctargetlog.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/smartlogdctargetlog.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/casmetrics/smartlogdctargetlog.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/casmetrics/smartlogdctargetlog.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/dbinfoquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/dbinfoquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/dbinfoquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/dbinfoquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/localjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/localjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/localjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/localjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/pfinfoquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/pfinfoquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/pfinfoquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/pfinfoquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/pfjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/pfjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/databases/collection/pfjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/collection/pfjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/databases/dbsizinganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/dbsizinganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/databases/dbsizinganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/dbsizinganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/databases/dbtrendinganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/dbtrendinganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/databases/dbtrendinganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/dbtrendinganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/databases/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/databases/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/databases/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/dlcleanupanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/dlcleanupanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/dlcleanupanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/dlcleanupanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/effectivemembershipjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/effectivemembershipjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/effectivemembershipjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/effectivemembershipjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/groupexpansionanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/groupexpansionanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/groupexpansionanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/groupexpansionanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/circularnestinganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/emptygroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/largestgroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/membershipanalysisjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/nestedgroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/distributionlists/membershipanalysis/stalegroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/exchangepscas.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/exchangepscas.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/exchangepscas.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/exchangepscas.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/appletstatuscheckquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/exchangemetricsmessageactivityfilter.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricscollectionanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricscollectionqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricsdetailsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/metricsdetailsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/sethistoryretentionscripteditor.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/sethistoryretentiontask.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/collection/troubleshootingtaskselection.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/deliverytimesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/deliverytimesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/deliverytimesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/deliverytimesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/dlmetricsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/dlmetricsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/dlmetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/dlmetricsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/domainmetricsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/domainmetricsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/domainmetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/domainmetricsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/hourlymetricsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/messagesizeanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/messagesizeanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/messagesizeanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/messagesizeanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/servermetricsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/servermetricsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/servermetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/servermetricsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/usermetricsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/usermetricsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/hubmetrics/usermetricsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/hubmetrics/usermetricsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/featuresjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/featuresjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/featuresjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/featuresjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/featuresquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/featuresquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/featuresquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/featuresquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/logons/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/logons/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/logons/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/logons/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/mailboxactivityquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/logons/mailboxlogonsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/admingroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/delegatesquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/mbrightsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/permsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/permsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/permsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/permsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/sendasanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/collection/sendasquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/permissions/mailboxaccessanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/mailboxsizesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/mbsizequery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/mbsizequery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/mbsizequery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/mbsizequery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/stalemailboxesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailboxes/sizing/storesizesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailflowuseroverviewanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailflowuseroverviewanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailflowuseroverviewanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailflowuseroverviewanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/mailflowuseroverviewjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailflowuseroverviewjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/mailflowuseroverviewjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/mailflowuseroverviewjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/online/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/online/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowdlanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowdlanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowdlanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowdlanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowdomainanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowmailboxanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowmetricsdcwizard.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailfloworgoverviewanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/online/mailflow/mailflowqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/online/mailflow/mailflowqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/contentanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/contentanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/contentanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/contentanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/contentscansanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/contentscansanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/contentscansanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/contentscansanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/contentscansquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/contentscansquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/contentscansquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/contentscansquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/content/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/content/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/folderscansanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/folderscansquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/folderscansquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/folderscansquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/foldersizeanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/growthsize/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/growthsize/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/overviewanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/overviewanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/overviewanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/overviewanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/dcwizardprobableownersettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/folderownershipanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/folderownershipquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/folderownershipquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/folderownershipquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/ownersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/ownersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/ownership/ownersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/ownership/ownersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/entitlementsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/entitlementscansanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/entitlementscansquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/publicfolders/permissions/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/publicfolders/permissions/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxfiltersettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxresults.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxresults.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxresults.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxresults.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxscopeselect.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxscopesettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxsddanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/mailboxsddquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/publicfolderfiltersettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderresults.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/publicfolderresults.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfolderresults.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/publicfolderresults.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/collection/publicfoldersddquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/sddresultsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/sddresultsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/exchange/sensitivedata/sddresultsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/exchange/sensitivedata/sddresultsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/deletionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/deletionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/deletionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/deletionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtp.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/notificationsmtp.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtp.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/notificationsmtp.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/notificationsmtpmessage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/notificationsmtprecipients.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/permissionchangesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/permissionchangesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/forensics/permissionchangesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/forensics/permissionchangesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/leastprivilegedaccessanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/leastprivilegedaccessjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/adminactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/adminactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/adminactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/adminactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/highriskactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/highriskactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/highriskactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/highriskactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/localuseractivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/localuseractivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/security/localuseractivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/security/localuseractivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/deniedactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/highesthourlyactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/hourlyshareactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/modifiedbinariesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/peergroupactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/ransomewareanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/sensitivedataactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/stalefileactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/usershareactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/weekendactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/weekendactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/suspiciousactivity/weekendactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/suspiciousactivity/weekendactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/groupusageanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/mostactiveserversanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/mostactiveusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/activity/usagestatistics/stalesharesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/adhocaudits/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/adhocaudits/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/adhocaudits/shareauditanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/shareauditanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/adhocaudits/shareauditanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/shareauditanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/adhocaudits/trusteepermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/brokeninheritanceanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritanceanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/brokeninheritanceanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritancejobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/brokeninheritancejobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/brokeninheritancejobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/brokeninheritancejobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/cleanupassessmentanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/cleanupprogressanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/cleanupprogressanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/cleanupprogressanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/cleanupprogressanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesaction.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/deletefilesaction.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesaction.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/deletefilesaction.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/deletefilesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/deletefilesstatusanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/delete/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/delete/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/includemetadatatagoptions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/includemetadatatagoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/includemetadatatagoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/includemetadatatagoptions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/jobstree_1.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/jobstree_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/jobstree_1.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/jobstree_1.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersaction.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/notifyownersaction.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersaction.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/notifyownersaction.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/notifyownersstatusanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/sendmailwizardmessage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/notify/sendmailwizardproperties.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/quarantinedataactions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/quarantinedatastatusanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/restoreinheritanceaction.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/restoreinheritanceanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/cleanup/quarantine/restoreinheritancestatusanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/azuretenantscanquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/azuretenantscanquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/azuretenantscanquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/azuretenantscanquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/azuretenantscanusercredentials.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/azuretenantscanusercredentials.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/azuretenantscanusercredentials.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/azuretenantscanusercredentials.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/createschemaanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/createschemaanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/createschemaanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/createschemaanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaabulkimportanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaabulkimportanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaabulkimportanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaabulkimportanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaabulkimportquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaabulkimportquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaabulkimportquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaabulkimportquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaadefaultscopingoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaadefaultscopingoptions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaadefaultscopingoptionsfiledetails.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaadefaultscopingoptionsfileproperties.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaexceptionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaexceptionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaexceptionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaexceptionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekappletsettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekappletsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekappletsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekappletsettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekazuretenantmapping.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscansettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscansettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscansettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscansettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingoptions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscopingoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscopingoptions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscopingqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekscopingqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekscopingqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekserverselection.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekserverselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaaseekserverselection.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaaseekserverselection.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaasystemscansanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaasystemscansanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaasystemscansanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaasystemscansanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaasystemscansquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaasystemscansquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsaasystemscansquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsaasystemscansquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacactivitysettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacactivitysettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacactivitysettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacactivitysettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacappletsettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacappletsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacappletsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacappletsettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacbulkimportquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacbulkimportquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacbulkimportquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacexceptionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacexceptionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacexceptionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacexceptionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacscanserverselection.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacscanserverselection.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacscanserverselection.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacscanserverselection.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacsystemscansquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacsystemscansquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsacsystemscansquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsacsystemscansquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsdfssystemscansanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsdfssystemscansanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsdfssystemscansquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsdfssystemscansquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsdfssystemscansquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsnasuniquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsnasuniquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/fsnasuniquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/fsnasuniquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/seekbulkimportquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seekbulkimportquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/seekbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seekbulkimportquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/seekdefaultscopingoptions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seekdefaultscopingoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/seekdefaultscopingoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seekdefaultscopingoptions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/seeksddcriteriasettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seeksddcriteriasettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/seeksddcriteriasettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seeksddcriteriasettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/seeksystemscansquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seeksystemscansquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/seeksystemscansquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seeksystemscansquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/collection/seeksystemscanssensitivedatasettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/filetypesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/filetypesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/filetypesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/filetypesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/filetypesjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/filetypesjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/filetypesjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/filetypesjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/emptyresourcesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/largestresourcesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/largestresourcesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/largestresourcesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/largestresourcesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/sizingjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/sizingjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/sizingjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/sizingjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/sizing/smallestresourcesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/stalecontentanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/stalecontentanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/stalecontentanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/stalecontentanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/stalejobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/stalejobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/stalejobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/stalejobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/tags/aiplabelsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/tags/aiplabelsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/tags/aiplabelsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/tags/aiplabelsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/tags/filetagsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/tags/filetagsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/tags/filetagsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/tags/filetagsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/content/tags/tagsjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/tags/tagsjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/content/tags/tagsjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/content/tags/tagsjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/domainuseraclsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/highriskaclsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/highriskaclsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/highriskaclsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/highriskaclsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/localusersandgroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/missingfullcontrolanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/nestedsharesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/nestedsharesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/nestedsharesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/nestedsharesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/sidhistoryanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/sidhistoryanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/sidhistoryanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/sidhistoryanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/directpermissions/unresolvedsidsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/dlpresultsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/dlpresultsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/dlpresultsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/dlpresultsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/filesystemoverviewanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverviewanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/filesystemoverviewanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverviewanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/filesystemoverviewjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverviewjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/filesystemoverviewjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/filesystemoverviewjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/openaccessanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/openaccessanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/openaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/openaccessanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/openaccessjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/openaccessjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/openaccessjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/openaccessjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/probableowneranalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/probableowneranalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/probableowneranalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/probableowneranalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/probableownerjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/probableownerjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/probableownerjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/probableownerjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/creategroups.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/creategroups.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/creategroups.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/creategroups.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbgactivedirectoryactions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbganalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbganalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbganalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbganalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbgfilesystemactions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/rbggroupsmembership.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseactions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/traverseactions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseactions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/traverseactions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/resourcebasedgroups/traverseanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/securityassessmentanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/securityassessmentanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/securityassessmentanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/securityassessmentanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/securityassessmentjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/securityassessmentjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/securityassessmentjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/securityassessmentjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/filesystem/sensitivedatajobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/sensitivedatajobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/filesystem/sensitivedatajobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/filesystem/sensitivedatajobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/nisinventory/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/nisinventory/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/nisinventory/nisscananalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/nisscananalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/nisinventory/nisscananalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/nisscananalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/nisinventory/nisscanquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/nisscanquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/nisinventory/nisscanquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/nisscanquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/nisinventory/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/nisinventory/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/nisinventory/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/forensics/deletionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/deletionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/forensics/deletionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/deletionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/forensics/forensicsjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/forensicsjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/forensics/forensicsjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/forensicsjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/forensics/permissionchangesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/permissionchangesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/forensics/permissionchangesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/permissionchangesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/forensics/sensitivedataactivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sensitivedataactivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/forensics/sensitivedataactivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/forensics/sensitivedataactivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/inactivesitesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/mostactivesitesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/mostactiveusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/mostactiveusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/mostactiveusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/mostactiveusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/activity/usagestatistics/usagestatisticsjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/brokeninheritanceanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/brokeninheritanceanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/brokeninheritanceanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/brokeninheritanceanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/brokeninheritancejobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/brokeninheritancejobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/brokeninheritancejobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/brokeninheritancejobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/additionalscopingspaa.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/additionalscopingspaa.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/additionalscopingspaa.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/additionalscopingspaa.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/additionalscopingspseek.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/additionalscopingspseek.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/additionalscopingspseek.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/additionalscopingspseek.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/agentsettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/agentsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/agentsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/agentsettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/bulkimportsettings.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/bulkimportsettings.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/bulkimportsettings.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/bulkimportsettings.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspaa.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/datacollectionsettingsspaa.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspaa.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/datacollectionsettingsspaa.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspseek.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/datacollectionsettingsspseek.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/datacollectionsettingsspseek.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/datacollectionsettingsspseek.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/dlpauditsettingsspseek.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/dlpauditsettingsspseek.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/dlpauditsettingsspseek.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/dlpauditsettingsspseek.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/scanscopingoptions.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/scanscopingoptions.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/scanscopingoptions.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/scanscopingoptions.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/selectdlpcriteriaspseek.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaabulkimportanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaabulkimportanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaabulkimportanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaabulkimportanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaabulkimportquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaabulkimportquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaabulkimportquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaabulkimportquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaaexceptionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaaexceptionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaaexceptionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaaexceptionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaasystemscansquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaasystemscansquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spaasystemscansquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spaasystemscansquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spacbulkimportanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spacbulkimportanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spacbulkimportanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spacbulkimportanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spacbulkimportquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spacbulkimportquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spacbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spacbulkimportquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spacsystemscansquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spacsystemscansquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spacsystemscansquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spacsystemscansquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spseekbulkimportanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spseekbulkimportanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spseekbulkimportquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spseekbulkimportquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spseekbulkimportquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spseeksystemscansquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spseeksystemscansquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/collection/spseeksystemscansquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/collection/spseeksystemscansquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/content/contentjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/content/contentjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/content/contentjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/content/contentjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/content/largestfilesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/content/largestfilesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/content/largestfilesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/content/largestfilesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/content/stalefilesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/content/stalefilesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/content/stalefilesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/content/stalefilesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/domainusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/domainusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/domainusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/domainusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/emptydomaingrouppermsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/highriskpermissionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/sitecollectionpermsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/staleusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/staleusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/staleusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/staleusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/unresolvedsidsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/unresolvedsidsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/directpermissions/unresolvedsidsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/directpermissions/unresolvedsidsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/scopingjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/trusteeaccessquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/trusteeauditanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/userscopingfileexplorer.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/effectiveaccessaudits/userscopingnotepad.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/externalusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/externalusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/externalusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/externalusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/onedrivesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/onedrivesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/onedrivesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/onedrivesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/sharedlinksanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/sharedlinksanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/sharedlinksanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/sharedlinksanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/staleteamsitesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/staleteamsitesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/staleteamsitesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/staleteamsitesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/teamsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/teamsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/teamsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/teamsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/teamsexternaluseractivityanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/teamssensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/teamssensitivedataanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/m365/teamssensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/m365/teamssensitivedataanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/openaccessanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/openaccessanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/openaccessanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/openaccessanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/openaccessjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/openaccessjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/openaccessjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/openaccessjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/overviewanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/overviewanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/overviewanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/overviewanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/overviewjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/overviewjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/overviewjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/overviewjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/probableowneranalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/probableowneranalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/probableowneranalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/probableowneranalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/probableownerjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/probableownerjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/probableownerjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/probableownerjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/sensitivedataanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/sensitivedataanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/sensitivedataanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/sensitivedataanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/sensitivedatajobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/sensitivedatajobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/sensitivedatajobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/sensitivedatajobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/sharepoint/sharepointjobgroup.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/sharepointjobgroup.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/sharepoint/sharepointjobgroup.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/sharepoint/sharepointjobgroup.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/criticalfilesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/criticalfilesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/criticalfilesquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/criticalfilesquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/criticalfilesquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/makedirectoryquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/collection/parsesudoersquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/sudoersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/privilegedaccess/sudoers/sudoersjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/nfsconfigurationanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/nfsconfigurationqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/nfsconfigurationqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/nfsconfigurationqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/sambaconfigurationanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/sambaconfigurationqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/sharing/collection/sambaconfigurationqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/collection/sambaconfigurationqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/sharing/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/sharing/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/sharing/nfsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/nfsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/sharing/nfsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/nfsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/sharing/sambaanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/sambaanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/sharing/sambaanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/sharing/sambaanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/duplicategroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/duplicategroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/duplicategroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/duplicategroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/emptygroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/emptygroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/emptygroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/emptygroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/largegroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/largegroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/largegroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/largegroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/localgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/localgroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/localgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/localgroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/localusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/localusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/localusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/localusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/passwordsettingsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/passwordsettingsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/passwordsettingsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/passwordsettingsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/usersandgroupsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/usersandgroupsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/usersandgroupsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/usersandgroupsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/usersandgroupsqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/usersandgroupsqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/unix/usersgroups/usersandgroupsqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/unix/usersgroups/usersandgroupsqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/applications/installedapplicationsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/installedapplicationsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/applications/installedapplicationsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/installedapplicationsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/applications/installedapplicationsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/installedapplicationsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/applications/installedapplicationsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/installedapplicationsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/applications/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/applications/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/applications/runatbootanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/runatbootanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/applications/runatbootanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/runatbootanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/applications/runatbootqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/runatbootqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/applications/runatbootqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/runatbootqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/applications/scheduledtasksanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/scheduledtasksanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/applications/scheduledtasksanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/scheduledtasksanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/applications/scheduledtasksquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/scheduledtasksquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/applications/scheduledtasksquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/applications/scheduledtasksquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/authentication/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/authentication/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/authentication/lsasettingsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/lsasettingsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/authentication/lsasettingsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/lsasettingsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/authentication/lsasettingsqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/lsasettingsqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/authentication/lsasettingsqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/lsasettingsqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/authentication/securitysupportprovidersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/securitysupportprovidersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/authentication/securitysupportprovidersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/securitysupportprovidersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/authentication/securitysupportprovidersqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/securitysupportprovidersqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/authentication/securitysupportprovidersqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/securitysupportprovidersqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/authentication/wdigestsettingsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/wdigestsettingsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/authentication/wdigestsettingsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/wdigestsettingsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/authentication/wdigestsettingsqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/wdigestsettingsqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/authentication/wdigestsettingsqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/authentication/wdigestsettingsqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/openaccess/configuresubfolderdepth.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/configuresubfolderdepth.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/openaccess/configuresubfolderdepth.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/configuresubfolderdepth.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/openaccess/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/openaccess/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/openaccess/openfoldersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/openfoldersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/openaccess/openfoldersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/openfoldersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/openaccess/openfoldersquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/openfoldersquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/openaccess/openfoldersquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/openaccess/openfoldersquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/overviewpage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/overviewpage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/overviewpage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/overviewpage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/leastprivilegemodel.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/localadminsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/localadminsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/microsoftlapsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sessionsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/localadministrators/sessionsqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/accountprivilegesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/accountprivilegesquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/collectionjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/collectionjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/collectionjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/collectionjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/grouppolicyquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/grouppolicyquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/grouppolicyquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/grouppolicyquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localmembershipquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localusersanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localusersanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localusersanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localusersanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/collection/localusersquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/logonrights/localpoliciesanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/serviceaccountsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/serviceaccountsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/serviceaccountsjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/serviceaccountsquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/privilegedaccounts/serviceaccountsquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/privilegedaccounts/serviceaccountsquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityassessmentanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityassessmentanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityassessmentanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityassessmentanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityassessmentjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityassessmentjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityassessmentjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityassessmentjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/jobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/jobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/jobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/jobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/openportscanjobstree.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenportanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/remoteopenportquery.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/openportscan/retrievenetstatanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsanalysis.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsanalysis.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsanalysis.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsanalysis.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsnotifymessage.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsnotifyrecipients.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsnotifysmtp.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsqueries.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsqueries.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/powershellcommandsqueries.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/powershellcommandsqueries.webp diff --git a/static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp b/static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp rename to static/img/product_docs/accessanalyzer/12.0/solutions/windows/securityutilities/smartlogdcwizardcriteria.webp diff --git a/static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp b/static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp rename to static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit.webp diff --git a/static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp b/static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp rename to static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_1.webp diff --git a/static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp b/static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp rename to static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_2.webp diff --git a/static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_3.webp b/static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_3.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_3.webp rename to static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_3.webp diff --git a/static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp b/static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp rename to static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_4.webp diff --git a/static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp b/static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp rename to static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/appendix_for_the_stealthaudit_5.webp diff --git a/static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp b/static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp rename to static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/exchangenode.webp diff --git a/static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp b/static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp similarity index 100% rename from static/img/product_docs/accessanalyzer/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp rename to static/img/product_docs/accessanalyzer/12.0/stealthaudit/install_guides/mapi_cdo_install/stealthaudit_mapi_cdo_installation_1.webp